realtek: Add phylink configuration routines for RTL93xx
This adds RTL93xx-specific MAC configuration routines that allow also configuration of 10GBit links for phylink. There is support for the Realtek-specific HISGMI protocol.
Configure a sane L2 learning configuration upon DSA driver load so that the switch can start learning L2 addresses. Also configure the correct flood masks for broadcast and unknown unicast traffice.
realtek: Fix bug in VLAN ingress and egress filtering
The ingress filter registers use 2 bits for each port to define the filtering state, whereas the egress filter uses 1 bit. So for for the ingress filter the register offset for a given port is: (port >> 4) << 4: since there are 16 entries in a register of 32 bits and for the egress filter: (port >> 5) << 4: since there are 32 entries in a register of 32 bits
Add generic support for listening to FIB and Event notifier updates and use this information to hook into the L3 hardware capabilities of the RTL SoCs.
Adds SoC specific routing offload implementations for RTL8380/90 and RTL9300. RTL83xx supports merely nexthop routing, RTL9300 full host and prefix routes.
realtek: Fix bug when accessing external PHYs on SoCs older than Revision C
RTL8393 SoCs older than Revision C hang on accesses to PHYs with PHY address larger or equal to the CPU-port (52). This will make scanning the MDIO bus hang forever. Since the RTL8390 platform does not support more than 52 PHYs, return -EIO for phy addresses >= 52. Note that the RTL8390 family of SoCs has a fixed mapping between port number and PHY-address.
mediatek: enable configfs for DT overlay on mt7622 and mt7623
Enable kernel options to allow loading device tree overlay via configfs at runtime. This is useful for devboards like the BPi-R2 and BPi-R64 which got RasbPi-compatible 40-pin GPIO header which allow all sorts of extensions.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 401d7eb)
Now that we have fully switched to nvmem interface we can drop the use of mtd-mac-address patches as it's not used anymore and the new nvmem implementation should be used for any new device.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 5ae2e78)
Kernel has added the different variants of the Rock Pi 4 in commit b5edb0467370 ("arm64: dts: rockchip: Mark rock-pi-4 as rock-pi-4a dts"). The former Rock Pi 4 is now Rock Pi 4A.
For compatibility with kernel 5.4, this rename has been held back so far. Having switched to kernel 5.10 now, we can finally apply it in our tree as well.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: 91eed5d)
build: prereq detect Python 3.10 for `python3` binary
While the binary `python3.10` is correctly detected by the build system the default `python3` binary is currently not detected if pointing to a Python 3.10 installation.
Fix this by extending the grep regex.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 56ea2bf)
apm821xx: move CONFIG_DMA* to the generic apm821xx config
Both NAND and SATA targets need the DMA engine in one way or another.
Due to a kernel config refresh various existing symbols got removed from the apm821xx main config file as well. (That being said, they are still included because the built-in crpyto4xx depends on these.)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 2a6cab0)
apm821xx: WNDAP620 + WNDAP660: reorganize partitions for 5.10
Due to 5.10 increased kernel size, the current 4MiB-ish kernel partition got too small. Luckily, netgear's uboot environment is setup to read 0x60000 bytes from the kernel partition location.
... While at it: also do some cleanups in the DTS in there.
The original (re-)installation described in commit d82d84694e60 ("apm821xx: add support for the Netgear WNDAP620 and WNDAP660") seemed to be still working for now. What I noticed though is that the bigger initramfs images needed to use a different destination address (1000000) to prevent it overwriting itself during decompression. i.e: # tftp 1000000 openwrt-...-wndap620-initramfs-kernel.bin # bootm
However, in case of the WNDAP620+660 the factory.img image can be written directly to the flash through uboot.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 7a6a349)
The D-Link DIR-685 has a small screen with a framebuffer console, so if we have this, when we start, display the banner on this framebuffer console so the user know they are running OpenWRT as root filesystem.
try to reduce the kernel size by disabling and moving options from the common kernel configuration to the SATA target that doesn't have the constraints.
For NAND this has become necessary because as with 5.10 some devices outgrew their kernels. Though, in my tests this didn't help much: just a smidgen over 100kib was saved on the uncompressed kernel.
... running make kernel_oldconfig also removed some other config symbols, mostly those that already set from elsewhere or became obsolete in the meantime.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: e166ee4)
This adds a userspace interpretation of the nu801 driver used by Meraki hardware. Previously this was a driver that was added per target, but as multiple targets now have this driver, we should move to something that can be shared by all targets since no driver exists upstream.
Co-developed-by: Christian Lamparter <chunkeey@gmail.com> Signed-off-by: Chris Blake <chrisrblake93@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: f536f5e)
UART: The UART header is named CONN11 and is found in the center of the mainboard. The pinout from Pin 1 (marked with a black triangle) to pin 4 is below: Pin 1: VCC Pin 2: TX Pin 3: RX Pin 4: GND Note that VCC is not required for UART on this device.
Booting: 1. Flash/burn one of the images from this repo to a flash drive. 2. Take the top off the MX100, and unplug the SATA cable from the HDD. 3. Hook up UART to the MX100, plug in the USB drive, and then power up the device. 4. At the BIOS prompt, quickly press F7 and then scroll to the Save & Exit tab. 5. Scroll down to Boot Override, and select the UEFI entry for your jumpdrive.
Note: UEFI booting will fail if the SATA cable for the HDD is plugged in. The issue is explained under the Flashing instructions.
Flashing: 1. Ensure the MX100 is powered down, and not plugged into power. 2. Take the top off the MX100, and unplug the SATA cable from the HDD. 3. Using the Mini USB female port found by the SATA port on the motherboard, flash one of the images to the system. Example: `dd if=image of=/dev/sdb conv=fdatasync` where sdb is the USB device for the MX100's NAND. 4. Unplug the Mini USB, hook up UART to the MX100, and then power up the device. 5. At the BIOS prompt, quickly press F7 and then scroll to the Boot tab. 6. Change the boot order and set UEFI: USB DISK 2.0 as first, and USB DISK 2.0 as second. Disable the other boot options. 7. Go to Save & Exit, and then select Save Changes and Reset
Note that OpenWRT will fail to boot in UEFI mode when the SATA hard drive is plugged in. To fix this, boot with the SATA disk unplugged and then run the following command: `sed -i "s|hd0,gpt1|hd1,gpt1|g" boot/grub/grub.cfg` Once the above is ran, OpenWRT will boot when the HDD is plugged into SATA. The reason this happens is the UEFI implementation for the MX100 will always set anything on SATA to HD0 instead of the onboard USB storage, so we have to accomidate it since OpenWRT's GRUB does not support detecting a boot disk via UUID.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com> (commit: fe9e5fb)
ipq40xx: use zImage for GL.iNet GL-B1300, GL-S1300 to shrink below 4096k
In the "ipq40xx: switch to Kernel 5.10" discussion at GitHub, Adrian noted [0] that these GL.iNet Conexa series devices, GL-B1300 and GL-S1300 failed their image generation [1] as their gzipped uImage kernel went above 4096k.
While notifying the vendor about this problem [2], I tested all U-Boot releases from GL.iNet: - they really fail to boot kernel above 4096k - they don't support lzma: "Unimplemented compression type 3" - but they boot zImage
Using zImage (xz compression) the kernel is 2909k which is more than a megabyte away from the KERNEL_SIZE := 4096k limit.
The gzip compressed version would be 4116k.
[0]: https://github.com/openwrt/openwrt/pull/4620#issuecomment-932765776 [1]: commit 7b1fa276f5a2 ("ipq40xx: add testing support for kernel 5.10") [2]: https://forum.gl-inet.com/t/ipq40xx-kernel-size-and-u-boot-v5-10-is-too-big-for-4-mb/17619
This reverts commit f536f5ebddd9c532a08ac4a9be3ef0c02f7bfeb8.
As Hauke commented, this causes builder failures on 5.4 kernels. This revert includes changes to the mx100 kernel modules dependency as well as the uci led definitions.
Tested-by: Chris Blake <chrisrblake93@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 80b7a8a)
97bcdcf uxc: fix segfault caused by use-after-free 6398e05 uxc: don't free the stack 324ebd0 jail: fs: add support for asymmetric mount bind c44ab7f jail: netifd: generate netifd uci config and mount it 82dd390 jail: make use of per-container netifd via ubus
The new per-jail netifd is now configured by filtering the host network configuration. As libuci is used for that, procd-ujail now depends on libuci.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 213ce1d)
armvirt: enable MMIO_CMDLINE_DEVICES for firecracker support
This Kernel option allows to run OpenWrt witin a `firecracker` micro VM.
Firecracker is a KVM-based tool for superfast booting VMs on x86_64 and aarch64. It makes rootfs available to the guest as a virtio-mmio device and passes its address via the kernel cmdline. A kernel without CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES will not recognize the rootfs virtio-mmio device.
Suggested-by: Packet Please <pktpls@systemli.org> Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 4056a40)
x86/64: enable MMIO_CMDLINE_DEVICES for firecracker support
This Kernel option allows to run OpenWrt witin a `firecracker` micro VM.
Firecracker is a KVM-based tool for superfast booting VMs on x86_64 and aarch64. It makes rootfs available to the guest as a virtio-mmio device and passes its address via the kernel cmdline. A kernel without CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES will not recognize the rootfs virtio-mmio device.
Suggested-by: Packet Please <pktpls@systemli.org> Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: e07cc46)
For some reason, the generated configure script fails to properly set up the internal preprocessor command variable, causing the host OS check for Darwin to fail after the last update. Explicitly setting CPP fixes this issue
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 48e209e)
hostapd: ubus: add notification for BSS transition response
To allow steering daemons to be aware of the STA-decided transition target, publish WNM transition responses to ubus. This way, steerings daemons can learn about STA-chosen targets and send a better selection of transition candidates.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: a3de42e)
The existing wnm_disassoc_imminent ubus method only supports issuing a bss transition request with the disassoc imminent flag set. For use-cases, where the client is requested to roam to another BSS without a pending disassoc, this existing method is not suitable.
Add a new bss_transition_request ubus method, which provides a more universal way to dispatch a transition request. It takes the following arguments:
Required: addr: String - MAC-address of the STA to send the request to (colon-seperated)
Optional: abridged - Bool - Indicates if the abridged flag is set disassociation_imminent: Bool - Whether or not the disassoc_imminent flag is set disassociation_timer: I32 - number of TBTTs after which the client will be disassociated validity_period: I32 - number of TBTTs after which the beacon candidate list (if included) will be invalid neighbors: blob-array - Array of strings containing neighbor reports as hex-string
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 0eed96c)
EEPROM data extracted from vendor image found at http://forum.banana-pi.org/t/bpi-r64-mt7622-mac80211-wifi-driver/10246/77 http://forum.banana-pi.org/uploads/short-url/jworbyBYpvrw9VQ2sx92B9z6DWS.bin
MAC address in the EEPROM has been zero'd which results in random address on boot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 3a93704)
ramips: remove kmod-mt7663-firmware-sta from device packages
This firmware should only be used for mobile devices (e.g. laptops), where AP mode functionality is typically not used. This firmware supports a lot of power saving offload functionality at the expense of AP mode support.
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: a1ac872)
"Alternate certification chains, as oppossed to requiring full chain validataion. Certificate validation behavior is relaxed, similar to openssl and browsers. Only the peer certificate must validate to a trusted certificate. Without this, all certificates sent by a peer must be used in the trust chain or the connection will be rejected."
This fixes e.g. uclient-fetch and curl connecting to servers using a Let's Encrypt certificate which are cross-signed by the now expired DST Root CA X3, see [0].
This is the recommended solution from upstream [1].
The binary size increases by ~12.3kb: 1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f 1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
wolfssl: always build with --enable-reproducible-build
This gates out anything that might introduce semantically frivolous jitter, maximizing chance of identical object files.
The binary size shrinks by 8kb: 1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f 1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
Signed-off-by: Andre Heider <a.heider@gmail.com> (commit: c763007)
wireguard-tools: add uci option to disable wireguard peers
Right now when I want to temporarily disable wg peer I need to delete the entire peer section. This is not such a good solution because I loose the previous configuration of the peer.
This patch adds `disabled` option to peer config which causes that the config section is ignored.
When a ubus event handler denies a association with a non-zero return value, the code jumps to preceeding code, creating an endless loop until the event handler accepts the assc request.
Move the ubus handler further up the code to avoid creating such a loop.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 43c64ff)
They're preferred terminal descriptions for tmux, with additional support to some special characters and italic fonts. More info can be found at: https://github.com/tmux/tmux/wiki/FAQ
Fixes: FS#3404
Signed-off-by: Jitao Lu <dianlujitao@gmail.com> (commit: 917126f)
hostapd: fix a race condition on adding AP mode wds sta interfaces
Both hostapd and netifd attempt to add a VLAN device to a bridge. Depending on which one wins the race, bridge vlan settings might be incomplete, or hostapd might run into an error and refuse to service the client. Fix this by preventing hostapd from adding interfaces to the bridge and instead rely entirely on netifd handling this properly
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: da4be02)
This patch removes CONFIG_MTD_SPI_NOR_USE_4K_SECTORS from the default symbols for the ath79/mikrotik target.
MikroTik devices hold some of their user-configurable settings in the soft_config partition, which is typically sized 4 KiB, of the SPI NOR flash memory. Previously, in the ar71xx target, it was possible to use 64 KiB erase sectors but also smaller 4 KiB ones when needed. This is no longer the case in ath79 with newer kernels so, to be able to write to these 4 KiB small partitions without erasing 60 KiB around, the CONFIG_MTD_SPI_NOR_USE_4K_SECTORS symbol was added to the defaults. However, this ended up making sysupgrade images which were built with 64 KiB size blocks not to keep settings (e.g., the files under /etc/config/) over the flashing process.
Using 4 KiB erase sector size on the sysupgrade images (by setting BLOCKSIZE = 4k) allows keeping settings over a flashing process, but renders the process terribly slow, possibly causing a user to mistakenly force a manual device reboot while the process is still on- going. Instead, ditching the 4 KiB erase sectors for the default 64 KiB erase size provides normal SPI write speed and sysupgrade times, at the expense of not being able to modify the soft_config partition (which is rarely a required thing).
An OpenWrt patch for MTD_SPI_NOR_USE_4K_SECTORS_LIMIT may once have allowed to use different per-partition erase sector sizes. Due to changes on recent kernels it now only works on a per-device basis. Also, partial eraseblock write can be performed in ath79 with kernels 5.4 and lower, by copying the blocks from the 64 KiB, erasing the whole sector and restoring those blocks not meant to be modified. A kernel bump had that patch broken for a long time, but got fixed in bf2870c.
Note: the settings in the soft_config partition can be reset to their defaults by holding the reset button for 5 seconds (and less than 10 seconds) at device boot.
apm821xx: MBL: HDD regulators overhaul for MBL DUO
Takimata reported on the OpenWrt forum in thread [0], that his MyBook Live Duo wasn't booting OpenWrt 21.02 after upgrading from the previous OpenWrt 19.07.
The last logged entries on his console
|[ 0.531599] sata1-regulator GPIO handle specifies active low - ignored |[ 0.538391] sata0-regulator GPIO handle specifies active low - ignored |[ 0.759791] ata2: SATA link down (SStatus 0 SControl 300) |[ 0.765251] ata1: SATA link up 3.0 Gbps (SStatus 123 SControl 300) |[ 5.909555] ata1.00: qc timeout (cmd 0xec) |[ 5.913656] ata1.00: failed to IDENTIFY (I/O error, err_mask=0x4) |[ 6.231757] ata1: SATA link down (SStatus 0 SControl 300)
This extract clearly showed that the HDD on which OpenWrt is installed, simply disappeared after the SATA power regulators had been initialized.
The reason why this worked with OpenWrt 19.07 was because the kernel config symbol CONFIG_REGULATOR=y was not set in the target's config-4.14.
(This shows that the MBL Single does differ from the DUO in that it does not have programmable power regulators for the HDDs.)
The MX60's kernel is limited to 0x3EFC00 by the values in mkmerakifw.c. Since the initramfs method of loading the kernel seems to be working, this patch does away with the use of the mkmerakifw tool for the MX60(W).
But this will go along with a change in u-boot as well. So before you upgrade, please attach the serial cable and perform:
| setenv owrt510_boot run meraki_ubi owrt_bootargs\; run owrt_load1 owrt_bootkernel\; run owrt_load2 owrt_bootkernel | setenv bootcmd run owrt510_boot | saveenv
Note: You won't be able to use older OpenWrt releases without switching the bootcmd back to owrt_boot!
Note2: We are no longer compatible with older OpenWrt MX60 installs. the legacy BOARD_NAME and SUPPORTED_DEVICES can be dropped. This is because upgrades from older images are not possible without uboot env changes anymore. Also the bogus BLOCKSIZE value (which was set to 63k back then, in order to get the kernel properly aligned after the fdt + meraki header) can be set to the NANDs real value. The FDT size (which was needed for alignment) can now be slimmed down as well.
Co-developed-by: Martin Kennedy <hurricos@gmail.com> Signed-off-by: Martin Kennedy <hurricos@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 8a04245)
Back in the AR71XX days, the lzma-loader code could be customized based on the $BOARD variable. These would be passed as a compile-time -DCONFIG_BOARD_$DEVICE_MODEL flag to the compiler. Hence, the lzma-loader would be able to include device-specific fixups.
Note: There's still a fixup for the TpLink TL-WR1043ND V1 found in the lzma-loader's board.c code. But since the days of AR71XX I couldn't find a forum post or bug reported. So, I left it as is to not break anything by enabling it.
=> If you have a TL-WR1043ND V1 and you have problem with the ethernet: let me know. Because otherwise, the fixup might simply no longer needed with ath79 and it can be removed.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: e9335c2)
This patch updates all current APM82181 devices over to that "new LED naming scheme". This includes many updates to the device-tree: - dropped the deprecated, but beloved "label" property. - rename all DT leds node names to led-#. - add function and color properties. - utilized panic-indicator property. - dropped led- aliases (see below).
migration scripts for all devices are included.
For more information. See: <https://www.kernel.org/doc/html/latest/leds/leds-class.html>
For the future: It looks like the color+function properties won over the dt-alias / label. This will need to be wired up into openwrt eventually. For APM821xx the situation is that all devices have a dedicated power and fault indicator.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 8b0c053)
Add the reg and color property to each channel node. This update is to accommodate the multicolor framework.
Refer to: <https://lore.kernel.org/all/20200622185919.2131-9-dmurphy@ti.com> <https://lore.kernel.org/all/20210818070209.1540451-1-michal.vokac@ysoft.com>
Signed-off-by: Tan Zien <nabsdh9@gmail.com> [replaced links to lore, wrote something of a commit message] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 85a42fa)
This allows to specify and control switch LEDs on devices using mt7530 (typically mediatek and ramips targets).
Normally these LED GPIOs are 0, 3, 6, 9, and 12. wan/lan assignment is per device. GPIO 9 is normally inverted. so GPIO_ACTIVE_HIGH instead of GPIO_ACTIVE_LOW.
ath79: ag71xx: Disable napi related interrupts during probe
ag71xx_probe is registering ag71xx_interrupt as handler for the gmac0/gmac1 interrupts. The handler is trying to use napi_schedule to handle the processing of packets. But the netif_napi_add for this device is called a lot later in ag71xx_probe.
It can therefore happen that a still running gmac0/gmac1 is triggering the interrupt handler with a bit from AG71XX_INT_POLL set in AG71XX_REG_INT_STATUS. The handler will then call napi_schedule and the napi code will crash the system because the ag->napi is not yet initialized:
The gmcc0/gmac1 must be brought in a state in which it doesn't signal a AG71XX_INT_POLL related status bits as interrupt before registering the interrupt handler. ag71xx_hw_start will take care of re-initializing the AG71XX_REG_INT_ENABLE.
Fixes: f529a3742043 ("surprise :p") Signed-off-by: Sven Eckelmann <sven@narfation.org> (commit: ac4a211)
Per FHS 3.0, /var/lock is the location for lock files [1]. However its current permissions (755) are too restrictive for use by unprivileged processes. Debian and Ubuntu set them to 1777, and now so do we.
Signed-off-by: Deomid Ryabkov <rojer@rojer.me> [fixed typo in commit message, had to remove "rojer" due to git hooks] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 430f691)
e983a25 Update regulatory rules for Ecuador (EC) a0bcb88 wireless-regdb: Update regulatory rules for Norway (NO) on 6 and 60 GHz cdf854d wireless-regdb: Update regulatory rules for Germany (DE) on 6GHz 86cba52 wireless-regdb: reduce bandwidth for 5730-5850 and 5850-5895 MHz in US 6fa2384 wireless-regdb: remove PTMP-ONLY from 5850-5895 MHz for US 9839e1e wireless-regdb: recent FCC report and order allows 5850-5895 immediately 42dfaf4 wireless-regdb: update 5725-5850 MHz rule for GB
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: dbb4c47)
The removed patches were applied upstream. This backports version 5.11.22 and later does not support kernel versions < 4.4, this allows us to remove some patches too.
kernel: 5.10: silence bogus "Missing #address-cells in interrupt provider" warnings
Rosen reported strange dtc warnings that had their origin in an upstream patch to 5.8-rc1. Upon further digging this revealed an ongoing thread [0] discussing the topic:
> [...]I don't think we need a bunch of warning fix patches to add > these everywhere. Also, the need for #address-cells pretty much makes > no sense on any modern system. It is a relic from days when the bus > (address) topology and interrupt topology were related.
and later on: > So really, we only need to be checking for #address-cells in nodes > with interrupt-map.
This patch backports just the patch which removed the warning message (this is from the upstream dtc project [1] - but not the kernel). the patch does not add the checking of the #address-cells in nodes with interrupt-map.
This is a backport of Ansuel Smith's "Multiple improvement to qca8k stability" series. The QCA8337 switch is available on multiple platforms including ipq806x, ath79 and bcm53xx.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: e3c47ff)
kernel: 5.10: backport at803x internal QCA8327 PHY support
Add support for qca8327 internal phy needed for correct init of the switch port. It does use the same qca8337 function and reg just with a different id.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: 3cee66c)
kernel: 5.10: backport at803x QCA83xx phy support improvements
This commit add accepted upstream patches that improve & tidy qca83xx support. 1 - Split qca8327 to A & B variants, identifiable by phy_id 2 - Add suspend/resume support to qca8xx phys 3 - Tidy spacing and phy naming.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: dee8192)
Backport workaround for QCA8327 PHY resume, which does not properly support genphy_suspend/resume. Also add DAC amplitude fix for the QCA8327 PHY, set port to preferred master and add proper names to debug regs.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: d888ef5)
Backport Ansuel Smith's various qca8k feature additions: - mac-power-sel support - SGMII PLL explicit enable - tx/rx clock phase to falling edge - power-on-sel and LED open drain mode - cpu port 6 - qca8328 support - sgmii internal delay - move port config to dedicated struct - convert to yaml schema
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: f97cafd)
Host libraries are only build static, so let's pass --static to pkg-config globally and remove the then unnecessary patches doing exactly that individually.
Signed-off-by: Andre Heider <a.heider@gmail.com> (commit: 09465d8)
Bump at91 targets to kernel v5.10. With this patches and files for wb45n and wb50n were removed as they are now included in upstream kernel. Along with: - this the kernel config for sama5d2 and sam9x targets has been refreshed (with make kernel_menuconfig + save); - CONFIG_ARCH_AT91 and specific sam9x SoCs (AT91RM9200, AT91SAM9, SAM9X60) has been enabled such that sam9x SoCs to be able to boot.
Hardware: - SoC: SAMA5D27 - RAM: 512 MB DDR3L - MMC: One stanard SD card interface - USB: One USB host switch 4 ports with power switch, One USB device type Micro-AB - CAN: 2 interfaces - Ethernet: One Gigabit Ethernet PHY through HSIC, One ETH switchport, One EtherCAT interface - WiFi/BT: Footprint for IEEE 802.11 b/g/n Wi-Fi plus Bluetooth module (Wi-Fi/BT), suitable for Microchip WILC3000-MR110CA or WILC3000-MR110UA - Debug port: One J-Link-OB/J-Link-CDC, one JTAG interface - Leds: one RGB LED - Buttons: reset, wakeup, 2 user buttons - Expansion: one PIOBU/PIO connector, 3 mikrobus sockets - Power mangament: PMIC (MCP16502), one power consumption device (PAC1934)
Not working in Linux: - EtherCAT interface: there is no Linux support integrated - PAC1934: driver available at [1] but not integrated in Linux
Hardware: - SIP: SAMA5D27C-LD2G-CU including SAMA5D27 MPU and 2Gbit LPDDR2-SDRAM - MMC: one standard SD card interface - Flash: 64 Mb serial quad I/O flash memory (SST26VF064BEUIT-104I/MF) with embedded EUI-48 and EUI-64 MAC addresses - USB: one USB device, one USB host one HSIC interface - Ethernet: 1x10/100Mbps port - WiFi/BT: IEEE 802.11 b/g/n Wi-Fi plus Bluetooth (Wi-Fi/BT) module (ATWILC3000-MR110UA) - Crypto: one ATECC608B-TNGTLS secure element - Video: one LCD RGB 18-bit interface, one ISC 12-bit camera interface - Debug port: one JTAG interface, one UART interface, one WILC UART interface - Leds: one RGB LED - Buttons: start, reset, wakeup, user buttons - Expansion: one tamper connector, one mikrobus interface, 2 XPRO PTC connector - Power managament: PMIC (MCP16502)
Hardware: - SoC: SAM9X60 - RAM: Winbond W972GG6KB-25 (2Gbit DDR2) - NAND Flash: Micron MT29F4G08ABAEA - QSPI Flash: Microchip SST26VF064B - EEPROM: Microchip 24AA02E48 - SDMMC: One standard 4-bit SD card interface - USB: two stacked Type-A connectors with power switches, one micro-B USB device - CAN: 2 interfaces (Microchip MCP2542) - Ethernet: one 10/100Mbps - WiFi/BT: one optional WiFi/Bluetooth interface - Audio: one ClassD port - Display: one 24-bit LCD interface - Camera: one 12-bit image sensor interface - IO: one IO expander (Microchip MCP23008) - Debug ports: one J-Link-OB + CDC, one JTAG interface - Leds: one RGB LED - Buttons: 4 push button switches - Expansion: one PIO connector, one mikrobus connector - Power management: two power regulators, two power consumption measurement devices
Allow RAM size to be passed thru U-Boot. There are 128MB and 64MB versions of Minew G1-C. This is also in line with the behaviour of most other RAMIPS boards.
Signed-off-by: Bruno Randolf <br1@einfach.org> (commit: 2c3e8be)
ipq806x: add support for Netgear Nighthawk Pro Gaming XR500
This adds support for the Netgear Nighthawk Pro Gaming XR500. It is the successor to the Netgear Nighthawk R7800 and shares almost identical hardware to that device. The stock firmware is a heavily modified version of OpenWRT.
WAN: *:50 art 0x6 LAN: *:4f art 0x0 (label) 2G: *:4f art 0x0 5G: *:51 art 0xc
Installation: Install via Web Interface (preferred): Utilize openwrt-ipq806x-netgear_xr500-squashfs-factory.img
Install via TFTP recovery: 1.Turn off the power, push and hold the reset button (in a hole on backside) with a pin 2.Turn on the power and wait till power led starts flashing white (after it first flashes orange for a while) 3.Release the reset button and tftp the factory img in binary mode. The power led will stop flashing if you succeeded in transferring the image, and the router reboots rather quickly with the new firmware. 4.Try to ping the router (ping 192.168.1.1). If does not respond, then tftp will not work either.
Uploading the firmware image with a TFTP client $ tftp 192.168.1.1 bin put openwrt-ipq806x-netgear_xr500-squashfs-factory.img
Note:
The end of the last partition is at 0xee00000. This was chosen by the initial author, but nobody was able to tell why this particular arbitrary size was chosen. Since it's not leaving too much empty space and it's the only issue left, let's just keep it for now.
Based on work by Adam Hnat <adamhnat@gmail.com> ref: https://github.com/openwrt/openwrt/pull/3215
Signed-off-by: Peter Geis <pgwipeout@gmail.com> [squash commits, move common LEDs to DTSI, remove SPDX on old files, minor whitespace cleanup, commit message facelift, add MAC address overview, add Notes, fix MAC addresses, use generic name for partition nodes in DTS] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: 70c12d2)
base-files, metadata: support additional group membership
Some packages may require additional group membership for the system user added by that package. Allow defining additional groups as third member of the ':'-separated tuple, allowing to specify multiple ','-separated groups with optional GID.
mediatek: make sure MMC is not busy before commencing sysupgrade
In case of the block device still being in use, re-reading the partition table fails. In that case, abort sysupgrade to avoid corrupting the just-written image because of wrong offsets caused by failure to re-read the partition table.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 4ae4035)
Update VERSIONs to 3.3 for release. libsepol/cil: Fix potential undefined shifts libsepol: Fix potential undefined shifts Update VERSIONs to 3.3-rc3 for release. libsepol/cil: Do not skip macros when resolving until later passes libsepol/cil: Limit the amount of reporting for bounds failures libsepol/cil: silence clang void-pointer-to-enum-cast warning libsepol: resolve GCC warning about null-dereference libsepol: use correct cast libsepol: ebitmap: mark nodes of const ebitmaps const Update VERSIONs to 3.3-rc2 for release. libsepol/cil: Handle operations in a class mapping when verifying libsepol/cil: Do not use original type and typeattribute datums libsepol: free memory after policy validation libsepol: avoid implicit conversions libsepol: fix typo libsepol/cil: Free duplicate datums in original calling function libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) Update VERSIONs and Python bindings version to 3.3-rc1 for release libsepol/cil: Limit the number of active line marks libsepol/cil: Add function to get number of items in a stack libsepol: Fix detected RESOURCE_LEAKs libsepol/cil: Fix syntax checking in __cil_verify_syntax() libsepol/cil: Use size_t for len in __cil_verify_syntax() libsepol/cil: Remove redundant syntax checking libsepol/cil: Improve in-statement to allow use after inheritance libsepol/cil: Simplify cil_tree_children_destroy() libsepol/cil: Refactor the function __cil_build_ast_node_helper() libsepol/cil: Don't destroy optionals whose parent will be destroyed libsepol/cil: Properly check for parameter when inserting name libsepol/cil: Reset expandtypeattribute rules when resetting AST libsepol/cil: Properly check parse tree when printing error messages libsepol/cil: Allow some duplicate macro and block declarations libsepol/cil: When writing AST use line marks for src_info nodes libsepol/cil: Report correct high-level language line numbers libsepol/cil: Add line mark kind and line number to src info libsepol/cil: Create common string-to-unsigned-integer functions libsepol/cil: Push line mark state first when processing a line mark libsepol/cil: Check for valid line mark type immediately libsepol/cil: Check the token type after getting the next token libsepol/cil: Check syntax of src_info statement libsepol/cil: move the fuzz target and build script to the selinux repository libsepol: replace strerror by %m libsepol/cil: remove obsolete comment libsepol/cil: do not allow \0 in quoted strings libsepol/cil: Fix handling category sets in an expression libsepol: assure string NUL-termination of ibdev_name libsepol: avoid implicit conversions libsepol: ignore UBSAN false-positives libsepol: avoid unsigned integer overflow libsepol/cil: Improve checking for bad inheritance patterns libsepol: silence -Wextra-semi-stmt warning libsepol/cil: do not override previous results of __cil_verify_classperms libsepol/cil: Provide option to allow qualified names in declarations libsepol/cil: make array cil_sym_sizes const libsepol/cil: Only reset AST if optional has a declaration libsepol/cil: Add function to determine if a subtree has a declaration libsepol/cil: Improve degenerate inheritance check libsepol/cil: Reduce the initial symtab sizes for blocks libsepol/cil: Check for empty list when marking neverallow attributes libsepol/cil: Fix syntax checking of defaultrange rule libsepol/cil: Properly check for loops in sets libsepol/cil: Allow duplicate optional blocks in most cases libsepol: declare read-only arrays const libsepol: declare file local variable static libsepol: drop unnecessary casts libsepol: drop repeated semicolons libsepol/cil: avoid using maybe uninitialized variables libsepol/cil: drop unnecessary casts libsepol/cil: drop dead store libsepol/cil: drop extra semicolon libsepol/cil: silence cast warning libsepol: remove dead stores libsepol: do not allocate memory of size 0 libsepol: mark read-only parameters of type_set_ interfaces const libsepol: mark read-only parameters of ebitmap interfaces const libsepol: remove dead stores libsepol/cil: follow declaration-after-statement libsepol: follow declaration-after-statement libsepol: avoid unsigned integer overflow libsepol: remove unused functions libsepol: resolve missing prototypes libsepol: fix typos libsepol: Quote paths when generating policy.conf from binary policy libsepol/cil: Account for anonymous category sets in an expression libsepol/cil: Fix anonymous IP address call arguments libsepol: quote paths in CIL conversion libsepol/cil: Resolve anonymous levels only once libsepol/cil: Pointers to datums should be set to NULL when resetting libsepol/cil: Resolve anonymous class permission sets only once libsepol/cil: Limit the number of open parenthesis allowed libsepol/cil: Destroy the permission nodes when exiting with an error libsepol/cil: Handle disabled optional blocks in earlier passes libsepol/cil: Do not resolve arguments to declarations in the call libsepo/cil: Refactor macro call resolution libsepol/cil: Do not add NULL node when inserting key into symtab libsepol/cil: Make name resolution in macros work as documented libsepol/cil: Fix name resolution involving inherited blocks libsepol/cil: Check for self-referential loops in sets libsepol/cil: Return an error if a call argument fails to resolve libsepol/cil: Check datum in ordered list for expected flavor libsepol/cil: Detect degenerate inheritance and exit with an error libsepol/cil: Fix instances where an error returns SEPOL_OK libsepol/cil: Properly reset an anonymous classperm set libsepol: use checked arithmetic builtin to perform safe addition libsepol/cil: Add functions to make use of cil_write_ast() libsepol/cil: Create functions to write the CIL AST libsepol/cil: Use CIL_ERR for error messages in cil_compile() libsepol/cil: Make invalid statement error messages consistent libsepol/cil: Do not allow tunable declarations in in-statements libsepol/cil: Sync checks for invalid rules in macros libsepol/cil: Check for statements not allowed in optional blocks libsepol/cil: Sync checks for invalid rules in booleanifs libsepol/cil: Reorder checks for invalid rules when resolving AST libsepol/cil: Use AST to track blocks and optionals when resolving libsepol/cil: Create new first child helper function for building AST libsepol/cil: Cleanup build AST helper functions libsepol/cil: Reorder checks for invalid rules when building AST libsepol/cil: Move check for the shadowing of macro parameters libsepol/cil: Create function cil_add_decl_to_symtab() and refactor libsepol/cil: Refactor helper function for cil_gen_node() libsepol/cil: Allow permission expressions when using map classes libsepol/cil: Exit with an error if declaration name is a reserved word libsepol/cil: More strict verification of constraint leaf expressions libsepol/cil: Set class field to NULL when resetting struct cil_classperms libsepol/cil: cil_reset_classperms_set() should not reset classpermission libsepol/cil: Destroy classperm list when resetting map perms libsepol/cil: Destroy classperms list when resetting classpermission libsepol/cil: Fix out-of-bound read of file context pattern ending with "\" libsepol/cil: Check for duplicate blocks, optionals, and macros libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression libsepol: Enclose identifier lists in CIL constraint expressions libsepol/cil: Allow lists in constraint expressions libsepol: Enclose identifier lists in constraint expressions libsepol: Write "NO_IDENTIFIER" for empty constraint expression libsepol: make num_* unsigned int in module_to_cil libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs libsepol/cil: fix NULL pointer dereference in __cil_insert_name libsepol/cil: replace printf with proper cil_tree_log libsepol/cil: remove stray printf libsepol/cil: make cil_post_fc_fill_data static libsepol: Check kernel to CIL and Conf functions for supported versions libsepol: Remove unnecessary copying of declarations from link.c libsepol: Properly handle types associated to role attributes libsepol: Expand role attributes in constraint expressions
Update VERSIONs to 3.3 for release. libselinux: Fix potential undefined shifts Update VERSIONs to 3.3-rc3 for release. Update VERSIONs to 3.3-rc2 for release. libselinux/utils: drop requirement to combine compiling and linking Update VERSIONs and Python bindings version to 3.3-rc1 for release Improve error message for label file validation libselinux: replace strerror by %m libselinux: silence -Wextra-semi-stmt warning libselinux/utils/getseuser.c: fix build with gcc 4.8 selinux.8: document how mount flag nosuid affects SELinux libselinux: fix typo libselinux: improve getcon(3) man page libselinux: selinux_status_open: return 1 in fallback mode libselinux: do not use status page fallback mode internally libselinux: make selinux_status_open(3) reentrant libselinux: avc_destroy(3) closes status page libselinux: label_file.c: fix indent libselinux: regex: unify parameter names libselinux: sidtab_sid_stats(): unify parameter name libselinux: drop redundant casts to the same type libselinux: label_db::db_init(): open file with CLOEXEC mode libselinux: matchpathcon: free memory on realloc failure libselinux: label_file::init(): do not pass NULL to strdup libselinux: init_selinux_config(): free resources on error libselinux: matchmediacon(): close file on error libselinux: store_stem(): do not free possible non-heap object libselinux: getdefaultcon: free memory on multiple same arguments libselinux: setexecfilecon(): drop dead assignment libselinux: label_media::init(): drop dead assignment libselinux: label_x::init(): drop dead assignment libselinux: context_new(): drop dead assignment libselinux: exclude_non_seclabel_mounts(): drop unused variable libselinux: getconlist: free memory on multiple level arguments libselinux: selabel_get_digests_all_partial_matches: free memory after FTS_D block libselinux: selinux_restorecon: mark local variable static libselinux: avcstat: use standard length modifier for unsigned long long libselinux: sefcontext_compile: mark local variable static libselinux: Sha1Finalise(): do not discard const qualifier libselinux: label_common(): do not discard const qualifier libselinux: selinux_file_context_cmp(): do not discard const qualifier libselinux: sidtab_hash(): do not discard const qualifier libselinux: silence -Wstringop-overflow warning from gcc 10.3.1 libselinux: selinux_check_passwd_access_internal(): respect deny_unknown libselinux: do not duplicate make target when going into subdirectory
Update VERSIONs to 3.3 for release. Update VERSIONs to 3.3-rc3 for release. Update VERSIONs to 3.3-rc2 for release. Update VERSIONs and Python bindings version to 3.3-rc1 for release libsemanage: Fix USE_AFTER_FREE (CWE-672) in semanage_direct_write_langext() libsemanage: silence -Wextra-semi-stmt warning libsemanage: fix use-after-free in parse_module_store()
Update VERSIONs to 3.3 for release. checkpolicy: Fix potential undefined shifts Update VERSIONs to 3.3-rc3 for release. checkpolicy: delay down-cast to avoid align warning checkpolicy: drop incorrect cast checkpolicy: update documentation checkpolicy: print reason of fopen failure checkpolicy: policy_define: cleanup declarations Update VERSIONs to 3.3-rc2 for release. checkpolicy: free extended permission memory checkpolicy: print warning on source line overflow checkpolicy: error out on parsing too big integers checkpolicy: avoid implicit conversion checkpolicy: resolve dismod memory leaks checkpolicy: add missing function declarations checkpolicy: mark file local functions in policy_define static checkpolicy: mark read-only parameters in module compiler const checkpolicy: misc checkpolicy tweaks checkpolicy: misc checkmodule tweaks checkpolicy: enclose macro argument in parentheses Update VERSIONs and Python bindings version to 3.3-rc1 for release checkpolicy: mark read-only parameters in policy define const checkpolicy/test: mark file local functions static checkpolicy: parse_util drop unused declaration checkpolicy: drop redundant cast to the same type checkpolicy: avoid potential use of uninitialized variable checkpolicy: check before potential NULL dereference checkpolicy: remove dead assignments checkpolicy: follow declaration-after-statement checkpolicy: use correct format specifier for unsigned checkpolicy: drop dead condition checkpolicy: simplify assignment checkpolicy: drop -pipe compile option checkpolicy: pass CFLAGS at link stage checkpolicy: silence -Wextra-semi-stmt warning checkpolicy: Do not automatically upgrade when using "-b" flag libsepol/checkpolicy: Set user roles using role value instead of dominance
Update VERSIONs to 3.3 for release. Update VERSIONs to 3.3-rc3 for release. libselinux/semodule: Improve extracting message Correct some typos Update VERSIONs to 3.3-rc2 for release. Update VERSIONs and Python bindings version to 3.3-rc1 for release policycoreutils: free memory of allocated context in newrole policycoreutils: free memory of allocated context in run_init policycoreutils: free memory on lstat failure in sestatus policycoreutils: silence -Wextra-semi-stmt warning fixfiles: do not exclude /dev and /run in -C mode policycoreutils/setfiles: do not create useless setfiles.8.man file
Update VERSIONs to 3.3 for release. Update VERSIONs to 3.3-rc3 for release. Correct some typos Update VERSIONs to 3.3-rc2 for release. Update VERSIONs and Python bindings version to 3.3-rc1 for release libsepol/secilc/docs: Update the CIL documentation secilc: fix memory leaks in secilc2conf secilc: fix memory leaks in secilc libsepol/cil: Add support for using qualified names to secil2conf libsepol/cil: Add support for using qualified names to secil2tree secilc: Add support for using qualified names to secilc secilc/test: Add test for anonymous args secilc/docs: Relocate and reword macro call name resolution order secilc/docs: Document the order that inherited rules are resolved in secilc: Create the new program called secil2tree to write out CIL AST secilc/docs: Update the CIL documentation for various blocks secilc.c: Don't fail if input file is empty cil_conditional_statements.md: fix expr definition secilc/docs: Lists are now allowed in constraint expressions
wifi: writes to terminal hotplugcall and sqm read class sysfile symlinks unbound and sqm related loose ends support/example: policycoreutils host-compile is required TODO: this was wrong and it is actually needed linguist detectable does not work this way linguist-detectable updates README adds workflows adds a note about persistent /var option
project moved to https://github.com/DefenSec/selinux-policy
This reverts commit de8a800ca9bda1171bfe17ee7653532465a8b596. Host build uses host includes instead of staging/hostpkg. This breaks the build in case of selinux host libs being older than version 3.3. Revert for now until better fix is found.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: ae4069c)
This reverts commit 2da891e7357c83c54a30075fcddbb63eeca0af99. secilc 3.3 requires libsepol to be version 3.3 as well and doesn't build otherwise. Revert for now.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 19c5277)
Deselect CONFIG_VIDEO_SUN6I_CSI Kconfig symbol for now. If anyone wants to use CSI (camera interface) they should package the kernel module. After this change, sunxi targets build again.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: f5d071a)
During review of the MR32, Florian Fainelli pointed out that the SoC has a real I2C-controller. Furthermore, the connected pins (SDA and SCL) would line up perfectly for use. This patch swaps out the the bitbanged i2c-gpio with the real deal.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 6102f88)
The current rule produces empty trailers, causing the OEM firmware update application to reject our images.
The double expansion of a makefile variable does not work inside shell code. The second round is interpreted as a shell expansion, attempting to run the command ZYXEL_VERS instead of expanding the $(ZYXEL_VERS) makefile variable.
Fix by removing one level of variable indirection.
Commit 03e1d93e0779 ("realtek: add driver support for routing offload") added routing offload for IPv4, but broke IPv6 routing completely. The routing table is empty and cannot be updated:
root@gs1900-10hp:~# ip -6 route root@gs1900-10hp:~# ip -6 route add unreachable default RTNETLINK answers: Invalid argument
As a side effect, this breaks opkg on IPv4 only systems too, since uclient-fetch fails when there are no IPv6 routes:
root@gs1900-10hp:~# uclient-fetch http://192.168.99.1 Downloading 'http://192.168.99.1' Failed to send request: Operation not permitted
Fix by returning NOTIFY_DONE when offloading is unsupported, falling back to default behaviour.
Fixes: 03e1d93e0779 ("realtek: add driver support for routing offload") Signed-off-by: Bjørn Mork <bjorn@mork.no> (commit: d990f80)
dropbear: add config options for agent-forwarding support
* SSH agent forwarding might cause security issues, locally and on the jump machine (https://defn.io/2019/04/12/ssh-forwarding/). So allow to completely disabling it. * separate options for client and server * keep it enabled by default
Signed-off-by: Sven Roederer <devel-sven@geroedel.de> (commit: 5287def)
OpenWrt maintains two special out-of-tree DT properties: "qca,disable-5ghz" and "qca,disable-2ghz". These are implemented in a mac80211 ath9k patch "550-ath9k-disable-bands-via-dt.patch".
With the things being what they are, now might be a good point to switch the devices to the generic and upstream "ieee80211-freq-limit" property. This property is much broader and works differently. Instead of disabling the drivers logic which would add the affected band and channels. It now disables all channels which are not within the specified frequency range.
Reviewed-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com> # HH5A Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 4c8dd97)
ipq40xx: detangle ath10k-board-qca4019 from ath10k-firmware-qca4019*
Back in the day, the board-2.bin came with ath10k-firmware-qca4019. This changed with commit c3b2efaf24b5 ("linux-firmware: ath10k: add board firmware packages") which placed the board-2.bin into a separate package: ath10k-board-qca4019. This was great, because it addressed one of the caveat of the original ipq-wifi package: commit fa03d441e96e ("firmware: add custom IPQ wifi board definitions")
| 2. updating ath10k-firmware-qca4019 will also replace | the board-2.bin. For this cases the user needs to | manually reinstall the wifi-board package once the | ath10k-firmware-qca4019 is updated.
This could be extended further so that ipq-wifi packages no longer use "install-override" and the various QCA4019 variants list the ath10k-board-qca4019 as a CONFLICT package.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: fd717f5)
Remove 6rd tunnel delete workaround in as the real issue is now solved in netifd (https://git.openwrt.org/?p=project/netifd.git;a=commit;h=8f82742ca4f47f459284f3a07323d04da72ea5f6)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (commit: c4d2929)
Remove 6in4 tunnel delete workaround as the real issue is now solved in netifd (https://git.openwrt.org/?p=project/netifd.git;a=commit;h=8f82742ca4f47f459284f3a07323d04da72ea5f6)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (commit: 2d2c7c4)
ath10k: backport fix for module load regression with iram-recovery
Backport upstream fix for module load regression caused by IRAM recovery. Without this patch devices using mainline ath10k driver could lost wireless function because ath10k module failed to load.
Signed-off-by: Zhijun You <hujy652@gmail.com> (commit: e6a486f)
Specification: CPU: Allwinner H5, Quad-core Cortex-A53 DDR3 RAM: 512MB Network: 10/100/1000M Ethernet x 2 USB Host: Type-A x 1 MicroSD Slot x 1 MicroUSB: for power input Debug Serial Port: 3Pin pin-header LED: WAN, LAN, SYS KEY: Reset Power Supply: DC 5V/2A
Installation: Write the image to SD Card with dd.
Note: 1. OpenWrt currently does not support LED_FUNCTION, change back to the previous practice (Consistent with NanoPi R1). 2. Since the upstream commit https://github.com/torvalds/linux/bbc4d71 ("net: phy: realtek: fix rtl8211e rx/tx delay config"), we need to change the phy-mode from rgmii to rgmii-id. So set phy-mode for 5.4 and 5.10 respectively.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> (commit: fde68cb)
build: move elecom-wrc-gs-factory to image-commands.mk
ELECOM WRC-X3200GST3 uses the same header/footer as WRC-GS/GST devices in ramips/mt7621 subtarget, so move "Build/elecom-wrc-gs-factory" to image-commands.mk to use from mediatek/mt7622 subtarget.
The only and important difference between v1 & v3 is in flash memory layout, so pls don't interchange these 2 builds!
Installation through web-ui (on OEM factory firmware): 1. Visit http://tplinkrepeater.net or the configured IP address of your RE305 v3 (default 192.168.0.254). 2. Log in with the password you've set during initial setup of the RE305 (there is no default password). 3. Go to Settings -> System Tools -> Firmware upgrade 4. Click Browse and select the OpenWRT image with factory.bin suffix (not sysupgrade.bin) 5. A window with a progress bar will appear. Wait until it completes. 6. The RE305 will reboot into OpenWRT and serve DHCP requests on the ethernet port. 7. Connect an RJ45 cable from the RE305 to your computer and access LuCI at http://192.168.1.1/ to configure (or use ssh).
Disassembly: Just unscrew 4 screws in the corners & take off the back cover. Serial is exposed to the right side of the main board (in the middle) and marked with TX/RX/3V3/GND, but the holes are filled with solder.
Installation through serial: 1. connect trough serial (1n8, baudrate=57600) 2. setup the TFTP server and connect it via ethernet (ipaddr=192.168.0.254 of device, serverip=192.168.0.184 - your pc) 3. boot from a initramfs image first (choose 1 in the bootloader options) 4. test it a bit with that, then proceed to run sysupgrade build
MAC addresses as verified by OEM firmware:
use OpenWrt address reference LAN eth0 *:d2 label 2g wlan0 *:d1 label - 1 5g wlan1 *:d0 label - 2
The label MAC address can be found in config 0x2008.
Signed-off-by: Michal Kozuch <servitkar@gmail.com> [redistribute WLAN node properties between DTS/DTSI, remove compatible on DTSI, fix indent/wrapping, split out firmware-utils change] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: c12ef2f)
Use nvmem framework for supported mac-address stored in nvmem cells and drop mac patch function for hotplug script for supported devices.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> [rebase, move to correct node for d7800, include xr500] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: f44e933)
ipq806x: remove transition workarounds for qcom-smem partitions
The out-of-tree qcom-smem patches traditionally displayed mtd partition names in upper case, starting with the new mainline qcom-smem support in kernel v5.10, it switched to normalizing the partition names to lower case.
While both 5.4 and 5.10 were supported in the target, we carried a workaround to support both of them. Since the target has dropped 5.4 recently, those can be removed now.
Update VERSIONs to 3.3 for release. libsepol/cil: Fix potential undefined shifts libsepol: Fix potential undefined shifts Update VERSIONs to 3.3-rc3 for release. libsepol/cil: Do not skip macros when resolving until later passes libsepol/cil: Limit the amount of reporting for bounds failures libsepol/cil: silence clang void-pointer-to-enum-cast warning libsepol: resolve GCC warning about null-dereference libsepol: use correct cast libsepol: ebitmap: mark nodes of const ebitmaps const Update VERSIONs to 3.3-rc2 for release. libsepol/cil: Handle operations in a class mapping when verifying libsepol/cil: Do not use original type and typeattribute datums libsepol: free memory after policy validation libsepol: avoid implicit conversions libsepol: fix typo libsepol/cil: Free duplicate datums in original calling function libsepol/cil: Fix detected RESOURCE_LEAK (CWE-772) Update VERSIONs and Python bindings version to 3.3-rc1 for release libsepol/cil: Limit the number of active line marks libsepol/cil: Add function to get number of items in a stack libsepol: Fix detected RESOURCE_LEAKs libsepol/cil: Fix syntax checking in __cil_verify_syntax() libsepol/cil: Use size_t for len in __cil_verify_syntax() libsepol/cil: Remove redundant syntax checking libsepol/cil: Improve in-statement to allow use after inheritance libsepol/cil: Simplify cil_tree_children_destroy() libsepol/cil: Refactor the function __cil_build_ast_node_helper() libsepol/cil: Don't destroy optionals whose parent will be destroyed libsepol/cil: Properly check for parameter when inserting name libsepol/cil: Reset expandtypeattribute rules when resetting AST libsepol/cil: Properly check parse tree when printing error messages libsepol/cil: Allow some duplicate macro and block declarations libsepol/cil: When writing AST use line marks for src_info nodes libsepol/cil: Report correct high-level language line numbers libsepol/cil: Add line mark kind and line number to src info libsepol/cil: Create common string-to-unsigned-integer functions libsepol/cil: Push line mark state first when processing a line mark libsepol/cil: Check for valid line mark type immediately libsepol/cil: Check the token type after getting the next token libsepol/cil: Check syntax of src_info statement libsepol/cil: move the fuzz target and build script to the selinux repository libsepol: replace strerror by %m libsepol/cil: remove obsolete comment libsepol/cil: do not allow \0 in quoted strings libsepol/cil: Fix handling category sets in an expression libsepol: assure string NUL-termination of ibdev_name libsepol: avoid implicit conversions libsepol: ignore UBSAN false-positives libsepol: avoid unsigned integer overflow libsepol/cil: Improve checking for bad inheritance patterns libsepol: silence -Wextra-semi-stmt warning libsepol/cil: do not override previous results of __cil_verify_classperms libsepol/cil: Provide option to allow qualified names in declarations libsepol/cil: make array cil_sym_sizes const libsepol/cil: Only reset AST if optional has a declaration libsepol/cil: Add function to determine if a subtree has a declaration libsepol/cil: Improve degenerate inheritance check libsepol/cil: Reduce the initial symtab sizes for blocks libsepol/cil: Check for empty list when marking neverallow attributes libsepol/cil: Fix syntax checking of defaultrange rule libsepol/cil: Properly check for loops in sets libsepol/cil: Allow duplicate optional blocks in most cases libsepol: declare read-only arrays const libsepol: declare file local variable static libsepol: drop unnecessary casts libsepol: drop repeated semicolons libsepol/cil: avoid using maybe uninitialized variables libsepol/cil: drop unnecessary casts libsepol/cil: drop dead store libsepol/cil: drop extra semicolon libsepol/cil: silence cast warning libsepol: remove dead stores libsepol: do not allocate memory of size 0 libsepol: mark read-only parameters of type_set_ interfaces const libsepol: mark read-only parameters of ebitmap interfaces const libsepol: remove dead stores libsepol/cil: follow declaration-after-statement libsepol: follow declaration-after-statement libsepol: avoid unsigned integer overflow libsepol: remove unused functions libsepol: resolve missing prototypes libsepol: fix typos libsepol: Quote paths when generating policy.conf from binary policy libsepol/cil: Account for anonymous category sets in an expression libsepol/cil: Fix anonymous IP address call arguments libsepol: quote paths in CIL conversion libsepol/cil: Resolve anonymous levels only once libsepol/cil: Pointers to datums should be set to NULL when resetting libsepol/cil: Resolve anonymous class permission sets only once libsepol/cil: Limit the number of open parenthesis allowed libsepol/cil: Destroy the permission nodes when exiting with an error libsepol/cil: Handle disabled optional blocks in earlier passes libsepol/cil: Do not resolve arguments to declarations in the call libsepo/cil: Refactor macro call resolution libsepol/cil: Do not add NULL node when inserting key into symtab libsepol/cil: Make name resolution in macros work as documented libsepol/cil: Fix name resolution involving inherited blocks libsepol/cil: Check for self-referential loops in sets libsepol/cil: Return an error if a call argument fails to resolve libsepol/cil: Check datum in ordered list for expected flavor libsepol/cil: Detect degenerate inheritance and exit with an error libsepol/cil: Fix instances where an error returns SEPOL_OK libsepol/cil: Properly reset an anonymous classperm set libsepol: use checked arithmetic builtin to perform safe addition libsepol/cil: Add functions to make use of cil_write_ast() libsepol/cil: Create functions to write the CIL AST libsepol/cil: Use CIL_ERR for error messages in cil_compile() libsepol/cil: Make invalid statement error messages consistent libsepol/cil: Do not allow tunable declarations in in-statements libsepol/cil: Sync checks for invalid rules in macros libsepol/cil: Check for statements not allowed in optional blocks libsepol/cil: Sync checks for invalid rules in booleanifs libsepol/cil: Reorder checks for invalid rules when resolving AST libsepol/cil: Use AST to track blocks and optionals when resolving libsepol/cil: Create new first child helper function for building AST libsepol/cil: Cleanup build AST helper functions libsepol/cil: Reorder checks for invalid rules when building AST libsepol/cil: Move check for the shadowing of macro parameters libsepol/cil: Create function cil_add_decl_to_symtab() and refactor libsepol/cil: Refactor helper function for cil_gen_node() libsepol/cil: Allow permission expressions when using map classes libsepol/cil: Exit with an error if declaration name is a reserved word libsepol/cil: More strict verification of constraint leaf expressions libsepol/cil: Set class field to NULL when resetting struct cil_classperms libsepol/cil: cil_reset_classperms_set() should not reset classpermission libsepol/cil: Destroy classperm list when resetting map perms libsepol/cil: Destroy classperms list when resetting classpermission libsepol/cil: Fix out-of-bound read of file context pattern ending with "\" libsepol/cil: Check for duplicate blocks, optionals, and macros libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression libsepol: Enclose identifier lists in CIL constraint expressions libsepol/cil: Allow lists in constraint expressions libsepol: Enclose identifier lists in constraint expressions libsepol: Write "NO_IDENTIFIER" for empty constraint expression libsepol: make num_* unsigned int in module_to_cil libsepol/cil: do not leak avrulex_ioctl_table memory when an error occurs libsepol/cil: fix NULL pointer dereference in __cil_insert_name libsepol/cil: replace printf with proper cil_tree_log libsepol/cil: remove stray printf libsepol/cil: make cil_post_fc_fill_data static libsepol: Check kernel to CIL and Conf functions for supported versions libsepol: Remove unnecessary copying of declarations from link.c libsepol: Properly handle types associated to role attributes libsepol: Expand role attributes in constraint expressions
Signed-off-by: Daniel Golle <daniel@makrotopia.org> [re-apply now that buildbot phase1 has caught up] Signed-off-by: Dominick Grift <dominick.grift@defensec.nl> (commit: 25e15f5)
Update VERSIONs to 3.3 for release. Update VERSIONs to 3.3-rc3 for release. Correct some typos Update VERSIONs to 3.3-rc2 for release. Update VERSIONs and Python bindings version to 3.3-rc1 for release libsepol/secilc/docs: Update the CIL documentation secilc: fix memory leaks in secilc2conf secilc: fix memory leaks in secilc libsepol/cil: Add support for using qualified names to secil2conf libsepol/cil: Add support for using qualified names to secil2tree secilc: Add support for using qualified names to secilc secilc/test: Add test for anonymous args secilc/docs: Relocate and reword macro call name resolution order secilc/docs: Document the order that inherited rules are resolved in secilc: Create the new program called secil2tree to write out CIL AST secilc/docs: Update the CIL documentation for various blocks secilc.c: Don't fail if input file is empty cil_conditional_statements.md: fix expr definition secilc/docs: Lists are now allowed in constraint expressions
Signed-off-by: Daniel Golle <daniel@makrotopia.org> [re-apply now that libsepol is up-to-date as well] Signed-off-by: Dominick Grift <dominick.grift@defensec.nl> (commit: 61a36ce)
This commit adds support for Xiaomi MiWiFi 3C device.
Xiaomi MiWifi 3C has almost the same system architecture as the Xiaomi Mi WiFi Nano, which is already officially supported by OpenWrt.
The differences are:
- Numbers of antennas (4 instead of 2). The antenna management is done via the µC. There is no configuration needed in the software code. - LAN port assignments are different. LAN1 and WAN are interchanged.
OpenWrt developers forum page: https://forum.openwrt.org/t/support-for-xiaomi-mi-3c
Specifications:
- CPU: MediaTek MT7628AN (575MHz) - Flash: 16MB - RAM: 64MB DDR2 - 2.4 GHz: IEEE 802.11b/g/n with Integrated LNA and PA - Antennas: 4x external single band antennas - WAN: 1x 10/100M - LAN: 2x 10/100M - LED: 1x amber/blue/red. Programmable - Button: Reset
MAC addresses as verified by OEM firmware:
use address source LAN *:92 factory 0x28 WAN *:92 factory 0x28 2g *:93 factory 0x4
OEM firmware uses VLAN's to create the network interface for WAN and LAN.
Bootloader info: The stock bootloader uses a "Dual ROM Partition System". OS1 is a deep copy of OS2. The bootloader start OS2 by default. To force start OS1 it is needed to set "flag_try_sys2_failed=1".
How to install: 1- Use OpenWRTInvasion to gain telnet, ssh and ftp access. https://github.com/acecilia/OpenWRTInvasion (IP: 192.168.31.1 - Username: root - Password: root) 2- Connect to router using telnet or ssh. 3- Backup all partitions. Use command "dd if=/dev/mtd0 of=/tmp/mtd0". Copy /tmp/mtd0 to computer using ftp. 4- Copy openwrt-ramips-mt76x8-xiaomi_miwifi-3c-squashfs-sysupgrade.bin to /tmp in router using ftp. 5- Enable UART access and change start image for OS1. ``` nvram set uart_en=1 nvram set flag_last_success=1 nvram set boot_wait=on nvram set flag_try_sys2_failed=1 nvram commit ``` 6- Installing Openwrt on OS1 and free OS2. ``` mtd erase OS1 mtd erase OS2 mtd -r write /tmp/openwrt-ramips-mt76x8-xiaomi_miwifi-3c-squashfs-sysupgrade.bin OS1 ```
Limitations: For the first install the image size needs to be less than 7733248 bits.
Thanks for all community and especially for this device: minax007, earth08, S.Farid
Signed-off-by: Eduardo Santos <edu.2000.kill@gmail.com> [wrap lines, remove whitespace errors, add mediatek,mtd-eeprom to &wmac, convert to nvmem] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: 3c97fb4)
ramips: add support for HiLink HLK-7621A evaluation board
Specifications: - SoC: MediaTek MT7621AT - RAM: 256 MB (DDR3) - Flash: 32 MB SPI NOR 44MHz - Switch: 1 WAN, 4 LAN (Gigabit) - LEDs: 1 WAN, 4 LAN (controlled by PHY) - USB Ports: 1 x USB2, 1 x USB3 - WLAN: 1 x 2.4, 5 GHz 866Mbps (MT7612E) - Button: 1 button (reset) - UART Serial: UART1 as console : 57600 baud - Power: 12VDC, 1A
Installation: Update openWRT firmware using internal GNUBEE uboot: https://github.com/gnubee-git/GnuBee-MT7621-uboot
By HTTP: Initial uboot address is http://10.10.10.123, your address needs to be 10.10.10.x, and mask 255.255.255.0. By TFTP: Uboot is in client mode, the address of the firmware must be tftp://10.10.10.3/uboot.bin
Recovery: Manufacturer provides MTK OpenWrt 14.07 source code, compile then flash it by uboot. HLK-7621A is a stamp hole package module for embedded development, users have to design IO boards to use it.
MAC addresses: - u-boot-env contains a placeholder address: > mtd_get_mac_ascii u-boot-env ethaddr 03:17:73:ab:cd:ef - phy0 gets a valid-looking address: > cat /sys/class/ieee80211/phy0/macaddress f8:62:aa:**:**:a8 - Calibration data for &pcie2 contains a valid address, however the zeros in the right half look like it's not real: 8c:88:2b:00:00:1b - Since it's an evaluation board and there is no solid information about the MAC address assignment, the ethernet MAC address is left random.
Signed-off-by: Chen Yijun <cyjason@bupt.edu.cn> [add keys and pcie nodes to properly support evaluation board] Signed-off-by: Sergio Paracuellos <sergio.paracuellos@gmail.com> [remove ethernet address, wrap lines properly] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: eb00fb8)
ath79: fix parallel image generation for Zyxel NBG6716
This changes the image generation to use a unique directory. With parallel building it may occur that two concurrent jobs try to create an image which leds to errors. It also removes a needless subdirecory.
Signed-off-by: André Valentin <avalentin@marcant.net> (commit: 766d1d6)
It looks like this is a leftover before there was a proper MDIO driver. Since both PHY-s are connected to the HW MDIO bus there is no reason for this to exist anymore, especially since it uses the same pins as the HW controller and has the pinmux for the set to "MDIO" so this worked by pure luck as GPIO MDIO would probe first and override the HW driver.
Move the GMAC3 to simply use the same MDIO bus phandle.
Signed-off-by: Robert Marko <robert.marko@sartura.hr> (commit: fa3646c)
ECW5410 has 2 QCA9984 cards, one per PCI controller. They are located at PCI adresses 0001:01:00.0 and 0002:01:00.0.
Currently, pre-cal is not provided for 0001:01:00.0 at all,but for 0000:01:00.0 which is incorrect and causes the ath10k driver to not be able to fetch the BMI ID and use that to fetch the proper BDF but rather fail with: [ 12.029708] ath10k 5.10 driver, optimized for CT firmware, probing pci device: 0x46. [ 12.031816] ath10k_pci 0001:01:00.0: enabling device (0140 -> 0142) [ 12.037660] ath10k_pci 0001:01:00.0: pci irq msi oper_irq_mode 2 irq_mode 0 reset_mode 0 [ 13.173898] ath10k_pci 0001:01:00.0: qca9984/qca9994 hw1.0 target 0x01000000 chip_id 0x00000000 sub 168c:cafe [ 13.174015] ath10k_pci 0001:01:00.0: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0 [ 13.189304] ath10k_pci 0001:01:00.0: firmware ver 10.4b-ct-9984-fW-13-5ae337bb1 api 5 features mfp,peer-flow-ctrl,txstatus-noack,wmi-10.x-CT,ratemask-CT,regdump-CT,txrate-CT,flush-all-CT,pingpong-CT,ch-regs-CT,nop-CT,set-special-CT,tx-rc-CT,cust-stats-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT,wmi-bcn-rc-CT crc35 [ 15.492322] ath10k_pci 0001:01:00.0: failed to fetch board data for bus=pci,vendor=168c,device=0046,subsystem-vendor=168c,subsystem-device=cafe,variant=Edgecore-ECW541 from ath10k/QCA9984/hw1.0/board-2.bin [ 15.543883] ath10k_pci 0001:01:00.0: failed to fetch board-2.bin or board.bin from ath10k/QCA9984/hw1.0 [ 15.543920] ath10k_pci 0001:01:00.0: failed to fetch board file: -12 [ 15.552281] ath10k_pci 0001:01:00.0: could not probe fw (-12)
So, provide the pre-cal for the actual PCI card and not the non-existent one.
Currently, we are overriding the bootloader provided MAC-s as the ethernet aliases are reversed so MAC-s were fixed up in userspace. There is no need to do that as we can just fix the aliases instead and get rid of MAC setting via userspace helper.
This only affects typos in comments or user-facing output.
Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> [only picks changes to scripts, drop "commandline" replacement, fix case for "arbitrary", improve commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de> (commit: 08622de)
1. Connect a serial interface to UART header and interrupt the autostart of kernel. 2. Transfer the factory image via TFTP and write it to the NAND flash. 3. Update U-Boot environment variable. > tftpboot 0x81000000 <your image>-factory.img > nand erase 0x1000000 > nand write 0x81000000 0x1000000 ${filesize} > setenv bootpart 2 > saveenv
Credit goes to the @manatails who first developed how to port OpenWRT to this device and had a significant impact on this patch.
And thanks to @adschm and @mans0n for guiding me to revise the code in many ways.
Signed-off-by: Jihoon Han <rapid_renard@renard.ga> Reviewed-by: Sungbo Eo <mans0n@gorani.run> Tested-by: Sungbo Eo <mans0n@gorani.run> (commit: 8445117)
Mac address: label C8:0E:77:xx:xx:68 art@0x0 lan C8:0E:77:xx:xx:62 art@0x6 wan C8:0E:77:xx:xx:68 art@0x0 (same as the label) wlan C8:0E:77:xx:xx:B2 art@0x1002 (load automatically)
TFTP installation: * Set local IP to 192.168.67.100 and open tftpd64, link lan port to computer. Rename "xxxx-factory.bin" to "openwrt-ar71xx-generic-ap147-16M-rootfs-squashfs.bin". * Make sure firmware file is in the tftpd's directory, push reset button and plug in, hold it for 5 seconds, and then it will download firmware from tftp server automatically.
More information: * This device boot from flash@0xe80000 so we need a okli loader to deal with small kernel partition issue. In order to make full use of the storage space, connect a part of the previous kernel partition to the firmware.
kernel/modules: prevent bonding driver to create default bond0 interface
When loading the bonding driver, bonding interface are automatically created on bonding module load.
> ip a s bond0 > 14: bond0: <BROADCAST,MULTICAST,MASTER> mtu 1500 qdisc noop state DOWN > group default qlen 1000 > link/ether a6:f2:20:64:c1:b9 brd ff:ff:ff:ff:ff:ff
This is not necessary in openwrt as we do not use this created interface. The netifd creates a bonding interface based on its network configuration name and configures this over the netifd bonding proto handler.
In order to keep the overview of the interfaces clear, bonding interfaces should not be created automatically when loading this module, because they are not used anyway.
Backport the patch queued upstream for 5.16. The patch differs slightly from the upstream patch due to an upstream change that added a convenience function.
ipq40xx: enable CONFIG_CMDLINE_PARTITION and CONFIG_LEDS_TLC591XX
CONFIG_CMDLINE_PARTITION: Some devices with mmc like the Netgear Orbi Pro SRS60 or Netgear Orbi RBR50 needs to hardcode the partitions layout in the cmdline boot correctly
CONFIG_LEDS_TLC591XX: This is needed for the led driver found in the Netgear Orbi Pro SRS60
Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Shang Jia <jiash416@gmail.com> [added 5.10 config] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 24efb49)
- find_mmc_part: Look for a given partition name. Returns the coresponding partition path - caldata_extract_mmc: Look for a given partition name and then extracts the calibration data - mmc_get_mac_binary: Returns the mac address from a given partition name and offset
Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> [replace dd with caldata_dd, moved sysupgrade mmc to orbi] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 6e13794)
ipq40xx: add support for Netgear SRR60/SRS60 and RBR50/RBS50
The Netgear SRS60 and SRR60 (sold together as SRK60) are two almost identical AC3000 routers. The SRR60 has one port labeled as wan while the SRS60 not. The RBR50 and RBS50 (sold together as RBK50) have a different external shape but they have an USB 2.0 port on the back.
This patch has been tested only on SRS60 and RBR50, but should work on SRR60 and RBS50.
Hardware -------- SoC: Qualcomm IPQ4019 (717 MHz, 4 cores 4 threads) RAM: 512MB DDR3 FLASH: 4GB EMMC ETH: - 3x 10/100/1000 Mbps Ethernet - 1x 10/100/1000 Mbps Ethernet (WAN) WIFI: - 2.4GHz: 1x IPQ4019 (2x2:2) - 5GHz: 1x IPQ4019 (2x2:2) - 5GHz: 1x QCA9984 (4x4:4) - 6 internal antennas BTN: - 1x Reset button - 1x Sync button - 1x ON/OFF button LEDS: - 8 leds controlled by TLC59208F (they can be switched on/off independendently but the color can by changed by GPIOs) - 1x Red led (Power) - 1x Green led (Power) UART: - 115200-8-N-1
Everything works correctly.
Installation ------------ These routers have a dual partition system. However this firmware works only on boot partition 1 and the OEM web interface will always flash on the partition currently not booted.
The following steps will use the SRS60 firmware, but you have to chose the right firmware for your router.
There are 2 ways to install Openwrt the first time:
1) Using NMRPflash 1. Download nmrpflash (https://github.com/jclehner/nmrpflash) 2. Put the openwrt-ipq40xx-generic-netgear_srs60-squashfs-factory.img file in the same folder of the nmrpflash executable 3. Connect your pc to the router using the port near the power button. 4. Run "nmrpflash -i XXX -f openwrt-ipq40xx-generic-netgear_srs60-squashfs-factory.img". Replace XXX with your network interface (can be identified by running "nmrpflash -L") 5. Power on the router and wait for the flash to complete. After about a minute the router should boot directly to Openwrt. If nothing happens try to reboot the router. If you have problems flashing try to set "10.164.183.253" as your computer IP address
2) Without NMRPflash The OEM web interface will always flash on the partition currently not booted, so to flash OpenWrt for the first time you have to switch to boot partition 2 and then flash the factory image directly from the OEM web interface.
To switch on partition 2 you have to enable telnet first: 1. Go to http://192.168.1.250/debug.htm and check "Enable Telnet". 2. Connect through telent ("telnet 192.168.1.250") and login using admin/password.
To read the current boot_part: artmtd -r boot_part
To write the new boot_part: artmtd -w boot_part 02
Then reboot the router and then check again the current booted partition
Now that you are on boot partition 2 you can flash the factory Openwrt image directly from the OEM web interface.
Restore OEM Firmware -------------------- 1. Download the stock firmware from official netgear support. 2. Follow the nmrpflash procedure like above, using the official Netgear firmware (for example SRS60-V2.2.1.210.img)
nmrpflash -i XXX -f SRS60-V2.2.1.210.img
Notes ----- 1) You can check and edit the boot partition in the Uboot shell using the UART connection. "boot_partition_show" shows the current boot partition "boot_partition_set 1" sets the current boot partition to 1
2) Router mac addresses:
LAN XX:XX:XX:XX:XX:69 WAN XX:XX:XX:XX:XX:6a WIFI 2G XX:XX:XX:XX:XX:69 WIFI 5G XX:XX:XX:XX:XX:6b WIFI 5G (2nd) XX:XX:XX:XX:XX:6c
LABEL XX:XX:XX:XX:XX:69
Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> [added 5.10 changes for 901-arm-boot-add-dts-files.patch, moved sysupgrade mmc.sh to here and renamed it, various dtsi changes] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 2cb24b3)
b743a331421d ubusd: log ACL init errors 2099bb3ad997 libubus: use list_empty/list_first_entry in ubus_process_pending_msg ef038488edc3 libubus: process pending messages in data handler if stack depth is 0 a72457b61df0 libubus: increase stack depth for processing obj msgs
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: d7843fd)
bpf-headers: add a package with kernel headers for ebpf
In order to genererate suitable kernel headers, a 5.10 kernel tree is prepared with a default config for mips. The arch is forced to mips in order to avoid issues with inline asm on various architectures in a way that doesn't involve relying on the host toolchain/headers. It also has the advantage of supporting both endian types
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: a537d06)
qosify: add package for simple qos based on ebpf+cake
qosify is simple daemon for setting up and managing CAKE along with a custom eBPF based classifier that sets DSCP fields of packets.
It is configured via UCI and it supports the following features: - simple TCP/UDP port based mapping - IP address based mapping - priority boosting based on average packet size - bulk flow detection based on number of packets per second - dynamically add IP entries with timeout
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: f3a28b6)
base-files: allow specifiying rootdev for find_mmc_part
Some devices got more than one mmc device. Allow specifying the root device as 2nd parameter of find_mmc_part so scripts can avoid matching irrelevant partitions on wrong mmc device.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 9f223a2)
Don't patch the kernel to expose the partition name in sysfs as it is already exposed via 'uevent'. All previous users have been converted to use 'uevent', so we can safely drop the custom patch.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: b82a23e)
4e19cbc5533: [download: handle possibly invalid local tarballs] added a FORCE rule to downloaded files, so that they will be always checked by download.pl.
As a side-effect, check-compile will fail, forcing unnecessary package rebuilds. The check-compile.txt log shows (for libxml2 for example): Considering target file '.../dl/libxml2-2.9.12.tar.gz'. ... prerequisite 'FORCE' of target '.../dl/libxml2-2.9.12.tar.gz' does not exist. Must remake target '.../dl/libxml2-2.9.12.tar.gz'. ... Giving up on target file '...libxml2-2.9.12/.prepared_...'. Giving up on target file '...libxml2-2.9.12/.configured_...'. Giving up on target file '...libxml2-2.9.12/.built'. Giving up on target file '...stamp/.libxml2_installed'. Giving up on target file '.compile'.
Then the package is rebuilt even if it is not otherwise needed.
To fix this, instead of always forcing the download target to be remade, check its hash first: if it matches, then the FORCE is not added.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 8cf4d4d)
The $(LINUX_DIR)/.config timesptamp changes between runs of make target/compile and make target/install (which builds the image).
Kernel-dependent packages and out of tree modules are built in between those runs, and they check the .config timestamp to decide if they need to be rebuilt.
Save the target/compile .config to use its timestamp if the file does not change between runs. That way the subsequent kernel packages are not unnecessarily rebuilt when you run 'make' back to back.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 6b8b5e7)
If a Makefile defines some packages with VARIANT set, and others without it, the latter will be built once for every different VARIANT set, each build trumping the previous one.
Avoid rebuilds by only building unnamed variant packages when the first variant is built.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 19aae94)
Package hostapd-common is a dependency of every other package defined in hostpad Makefile. It is currently built next to the bottom of that Makefile's package list.
If you run make back to back, then check-compile will compare the hostapd-common timestamp to the variant being compiled, to decide if the varint needs to be rebuilt or not. Since the hostapd-conf package is built towards the end of the list, it will be newer than most of the variants, causing unnecessary package rebuilds.
Move it to the top, so that its timestamp will be older than dependent packages, avoiding unnecessary rebuild of every selected variant.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 67f9245)
Build the tc-mod-iptables before the tc-tiny and tc-full packages.
This avoids unnecessary package rebuild when calling make back to back. Before this change, tc-mod-iptables will be built after the main tc binary packages.
Both tc-tiny and tc-full depend on tc-mod-ipables. If make is called after the packages are already built, it will check the timestamps of both packages, and will rebuild the main binaries, since the module package will be newer than the tc package.
Calling BuildPackage,mod-iptables first ensures that its variant gets built before the other packages' variants.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 4ea0cfe)
This step drops support host build systems other than x86/64 to allow two Kernel configuration in parallel. With this commit the setup follow the config style of all other targets.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 02c23d0)
The UML target been outdated for a long time. Instead of just carrying unmaintained code we should build it again and allow people and CIs to use it for testing.
This commit removes the `source-only` feature which disables building.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 106c8ad)
ar8216 switches have a hardware bug, which renders normal 802.1q support unusable. Packet mangling is required to fix up the vlan for incoming packets.
The patch was ommited at the time kernel 5.10 support was added but is still required for ar8216 switches.
kernel: 5.10: simplify logic in packet mangling patch
I had quite a hard time to understand what the change to net/core/dev.c is supposed to do.
Simplify the change by returning NETDEV_TX_OK in case a eth_mangle_tx callback was set but returned NULL instead of setting the return value in the else branch.
It relies on a custom ax_code_coverage.m4 file included with strace. Unfortunately, this conflicts with the one included with autoconf-macros. Instead of creating a huge patch to fix it, just remove the variable as code coverage is not used here.
The pistachio U-Boot expects a default configuration with the name config@1 in the FIT image. The default was changed in OpenWrt some months ago. This makes the board boot again.
Fixes: 9f714398e060 ("build: use config-1 instead of config@1 as default") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (commit: 6e5ab1b)
The boot arguments are copied into the device tree by the boot loader and taken from the device tree by the kernel. The code which takes the boot arguments from the different sources was reworked with kernel 5.5.
We have to activate CONFIG_MIPS_CMDLINE_DTB_EXTEND to take the boot arguments from the device tree.
Netgear R6100 is a dual-band Wi-Fi 5 (AC1200) router based on Qualcomm Atheros (AR9344 + QCA9882) platform. Support for this device was first introduced in 15f6f67d18 (ar71xx). FCC ID: PY312400225.
Specifications:
- Atheros AR9344 (560 MHz) - 128 MB of RAM (DDR2) - 128 MB of flash (parallel NAND) - 2T2R 2.4 GHz Wi-Fi (AR9344) - 2T2R 5 GHz Wi-Fi (QCA9882) - 5x 10/100 Mbps Ethernet (AR9344) - 4x internal antenna - 1x USB 2.0 (GPIO-controlled power) - 6x LED, 3x button (reset, Wi-Fi, WPS) - UART (4-pin, 2.54 mm pitch) header on PCB - 1x mechanical power switch - DC jack for main power input (12 V)
WARNING: sysupgrade from older stable releases is not possible, fresh installation (via vendor's GUI or TFTP based recovery) is required. Reason for that is increased kernel partition size.
Installation:
Use the 'factory' image under vendor's GUI or via TFTP U-Boot recovery. You can use the 'nmrpflash' tool at a boot time, before kernel is loaded or start it manually by pressing the 'reset' button for ~20 seconds from powering up the device (U-Boot will start TFTP server on 192.168.1.1, use TFTP client to send the image).
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com> Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu> Signed-off-by: Michael Pratt <mcpratt@pm.me> Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: 5dfa89b)
U-Boot for the Gateworks Ventana includes filename of the boot script in the default/embedded environment (see 'include/configs/gw_ventana.h' in the U-Boot sources).
This restores the old boot script filename ('6x_bootscript-ventana'), making Ventana boards boot again.
Fixes: 8dba71dd33 ("imx6: image: drop BOOT_SCRIPT and fix DEVICE_NAME") Reported-by: Koen Vandeputte <koen.vandeputte@ncentric.com> Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: 5ec4b18)
This is a minor extension of the commit 26ae69fd03 ("imx6: refresh kernel config with 5.10 symbols"), with correct and full disable of the Arm Cortex-A7 based i.MX 6UL and 6UL{L,Z} families support and re-enable of the Cortex-A9 based i.MX 6L{S,X}.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: 7abde50)
This is first step in migrating to a generic i.MX target which in the next steps will also get divided into arch-specific subtargets.
In the result, this will make it possible to support, within a single target, also other modern NXP i.MX families, like the i.MX 7, i.MX 8 or recently introduced i.MX 9.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: d1c66ea)
Modern NXP i.MX series includes several different families, based on single- or multi-core Arm Cortex-A CPUs. To be able to support more families within a single target, we split the 'imx' in arch-specific subtargets, starting with 'cortexa9' for the Cortex-A9 based i.MX 6, already supported by the original 'imx6' target.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: d2fb495)
Subtarget-specific files under 'uboot-envtools' package are supported since 6f3a05ebb0 ("uboot-envtools: support uci-default config also per subtargets").
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: ddfebaf)
This adds some essential files required by new 'cortexa7' subtarget, dedicated for Cortex-A7 based NXP i.MX series. For now, the kernel config-default focuses only on the i.MX 6UL family, as the following changeset will introduce support for i.MX 6ULL based device. Support for more platforms (e.g. i.MX 7) might be enabled later, while adding more devices.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com> (commit: b35cd4d)
This implements the mapping recommendations from RFC8325, with an update from RFC8622. This ensures that DSCP marked packets are properly sorted into WMM classes. The map can be disabled by setting iw_qos_map_set to something invalid like 'none'
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: a5e3def)
gdb now mandatory depends on gmp, tell configure where to find it explicitly. We already build gmp in the tools directory for gcc. Also make it use mpfr and mpc as we also build both of them.
This version has some improvements for musl. This version works fine for me on MIPS 32 BE without MIPS16 even on musl.
The additional patch is needed to make valgrind use the correct syscall numbers for new syscalls like clock_gettime64. The MIPS architecture uses special syscall ranges which are different from most other systems. The patch is pending upstream: https://bugs.kde.org/show_bug.cgi?id=444781
This can be used for adding the toolchain to an existing tree without having to build it from scratch. Enable building the toolchain + tarball by default on buildbot
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 2a832b3)
build: add support for using prebuilt LLVM toolchain
When the prebuilt llvm toolchain is unpacked into the source dir, it is automatically picked up and used by the build system, and eBPF based packages can be selected
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 9f90a89)
This commit fixes commit "2999f810ff: build,IB: include kmods only in local builds" which cause the local packages/ folder only to be added for local builds but no longer for ImageBuilder created by the Buildbot.
The commits intention was to use remote kmods repositories rather than storing them locally. Accidentally the entire handling of the local `packages/` was removed.
Re-add the folder and include a README describing what it can be used for.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 15e55a2)
With "getting WIFI MAC from NVMEM" working on ath79 on 5.10, the next logical step I think is to utilize nvmem subsystem to also get the calibration data from there.
This will tremendously speed up the wifi bring-up, since we no longer need the userspace helper for the simple devices that can just load them from there.
included with this patch is a package/mac80211/refresh.
Tested on: WNDR3700v2, TP-Link Archer C7v2
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: d913186)
ramips: mt7621-dts: make use of 'IRQ_TYPE_LEVEL_HIGH' instead of magic numbers
Nodes 'gdma' and 'hsdma' are using magic number '4' in interrupts property. Use 'IRQ_TYPE_LEVEL_HIGH' instead to align with the rest of the nodes in the file.
ramips: mt7621-dts: properly define 'cpc' and 'mc' nodes
'cpc' and 'mc' nodes correspond with the MIPS 'Cluster Power Controller' and 'MIPS Common Device Memory Map' which are present in some MIPS related boards. There is already bindings documentation for these two located in: - Documentation/devicetree/bindings/power/mti,mips-cpc.yaml - Documentation/devicetree/bindings/bus/mti,mips-cdmm.yaml
Hence, properly update compatible strings and align nodes with already mainlined bindings documentation. Also, move their definition to a proper place since both of them are not related with the palmbus at all.
DT 'ethsys' node is being configured as a syscon to get access to reset and other registers in the 'mediateķ,mt7621-eth' driver. Since the 'sysc' is also a syscon, provides the clock and also is virtually mapped from the same physical address 0x1e000000 we can just use 'sysc' as the phandle for the syscon in the ethernet node. Compatible string 'mediatek,mt7621-ethsys' of the node is not being used anywhere inside the kernel so, this node can be safely removed.
Device tree pcie node for this SoC is using different styles in its different properties. Hence properly unify them to be able to write a a proper yaml schema documentation.
Gigabit ethernet adapters using BCM5719/5720 chipset are common on servers and as easy/cheap to get as Intel based ones. Usually found in 2-port and 4-port cards.
Also some devices recently added to x86_64 target like the Meraki MX100 use this chipset for 8 of their 12 integrated ports.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it> (commit: 1f188d8)
This is needed because the HLK-7621 EvB has 32MB of flash, so it will have to use 4B addressing and the broken-flash-reset hack has to be used to be able to reboot.
Signed-off-by: Wout Bertrums <wout@wbnet.eu> [copied github message into commit message] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 9a7e3d1)
Enabling KERNEL_KASAN exposes several missing symbols. As KASAN_SW_TAGS is only implemented for arm64 CPUs and requires clang, it doesn't make sense to make this a build option so just default to KASAN_GENERIC and disable KASAN_SW_TAGS.
While at it, disable TEST_KASAN_MODULE in the generic 5.10 config.
Enabling KERNEL_UBSAN exposes several missing symbols. Add new kernel build options for UBSAN_BOUNDS and UBSAN_TRAP, disable CONFIG_TEST_UBSAN in the generic kernel configs and enable CONFIG_UBSAN_MISC in generic 5.10 config. The latter symbol was removed in later kernels, as it was causing some issues, so just disable it in 5.10 instead of adding a build option for it.
Enabling KERNEL_KASAN exposes yet another missing symbol. This did not appear on bcm27xx but is appearing now on x86/64. Add a new kernel build option for KASAN_VMALLOC to fix build on x86/64 with KERNEL_KASAN enabled.
2ca7352543da map: make a helper function for freeing entries 411432ec853b map: add support for adding dns regex patterns 14803cb559d8 ubus: remove unused enum a0740172eda6 ubus: add api for providing dns lookup results for dns regex rules 406fbf478e87 ubus: add support for dynamically adding dns based rules 5fc91183d60a README: mention dns regex entries 3ed8c3eb1a3b README: document mapping file syntax 91ce2e77d302 map: introduce low effort codepoint from RFC8622 5ff14acca0e7 interface: enable NAT on interfaces by default e70f70e496d7 README: fix typo f25ded617478 README: fix another typo 675238bc2ce5 loader: always reinitialize programs 010eea0d98c3 map: improve timeout handling of IP entries 7ef54a7f04a0 map: add DF codepoint 6f7fbe698555 map: increase active timeout to 300 60e06a579a13 qosify-bpf: inline check_flow() to ensure that it is jited f5ae89e8d869 ubus: subscribe to dnsmasq.dns for dns lookup results
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: afb9c24)
When installing additional rpcd modules, a restart of rpcd is required. This often confuses users as even after installing rpcd-mod-rpcsys the relevant ubus objects are still missing until rpcd has been reloaded (or the system has been rebooted, obviously). Let rpcd-mod-* reload rpcd as post-install action.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 32ba52e)
bcm4908: start work on images for devices using U-Boot
New BCM4908 family based routers will use U-Boot bootloader. That will require using a totally different firmware format. Kernel has to be put in a FIT image.
OpenWrt has some helpers for generating .its files but they don't fit BCM4908 requirements and there is no simple way of extending any of them. The best solution seems to be storing an .its template.
BCM4908 bootfs may: 1. contain extra binaries (other than kernel & DTB) 2. include multiple DTB files 3. store device specific U-Boot configurations with custom properties
Such setups are too complex to generate using shell script. Raw .its file on the other hand seems quire clean & reasonable.
layerscape: mkits-multiple-config: fail on invalid arguments
Fail if arguments couldn't be parsed and print unrecognized part. It's important when running it from script with dynamic values. Missing value could result in skipping argument and silent failures (unexpected its).
bcm53xx: drop downstream patch for Buffalo WZR-1750DHP button
This patch never received a proper description and was never sent upstream as supposed. It was meant to be handled in 2015-2018 so it should be safe to assume noone really understands it or care.
Cc: Felix Fietkau <nbd@nbd.name> Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (commit: 406c500)
737970946bc0 map: default to fnmatch matching for dns patterns. support regex via leading / b56b112e62e2 ubus: fix crash caused by missing static keyword 3a420e272c18 qosify: support wildcards in classifier filenames
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 0e4ef0e)
1fdf2a3 Fix kernel panic due to device deletion (#29) e7b48d1 add the mutex lock for create/delete/config/insert nat46 devices to fix nat46 module crash issues. (#28)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (commit: a564e1d)
When __ieee80211_select_queue is called, skb->cb has not been cleared yet, which means that info->control.flags can contain garbage. In some cases this leads to IEEE80211_TX_CTRL_DONT_REORDER being set, causing packets marked for other queues to randomly end up in BE instead.
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 49f6150)
mediatek: mt7623: re-write sysupgrade uImage.FIT on MMC
Re-reading the partition table doesn't work reliably, it fails if anything on the device is still in use and it's not trivial to prevent every possible case of a block device still being in use somehow.
Therefore, instead of relying on the in-kernel partition parser to know where to write the configuration backup, use OpenWrt's format-agnostic fwtool to strip off all metadata from the image and count its blocks while writing. In that way we can know where to write the config backup without needing the kernel to parse the MBR and FIT structures.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: c3c67fe)
Similar to mt7623, also no longer use 'blockdev' and stop relying on in-kernel partition parsers. Instead, strip off all metadata using 'fwtool' while writing the firmware image and scrape the number of blocks written from 'dd', then use that block offset to stash the configuration backup.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 8fd0268)
0750f2b4d329 README: dnsmasq integration is complete 8e48d0b0cbba bpf: add initial support for splitting map dscp value into ingress and egress bfc2cafe2a8c map: add support for defining aliases
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 50d33fc)
from https://git.kernel.org/pub/scm/network/iproute2/iproute2.git
changes since 5.14.0:
ad3a118f rdma: Fix SRQ resource tracking information json 7a235a10 man: devlink-port: fix pfnum for devlink port add 229eaba5 uapi: pickup fix for xfrm ABI breakage a500c5ac lib/bpf: fix map-in-map creation without prepopulation 7c032cac man: devlink-port: remove extra .br 04ee8e6f man: devlink-port: fix style 14802d84 man: devlink-port: fix the devlink port add synopsis 897772a7 cmd: use spaces instead of tabs for usage indentation e7a98a96 mptcp: unbreak JSON endpoint list 2f5825cb lib: bpf_legacy: fix bpffs mount when /sys/fs/bpf exists d756c08a tc/f_flower: fix port range parsing 92e32f77 uapi: updates from 5.15-rc1 e7e0e2ce iptuntap: fix multi-queue flag display deef844b man: ip-link: remove double of a3272b93 configure: restore backward compatibility ceba5930 tree-wide: fix some typos found by Lintian 7a705242 ip: remove leftovers from IPX and DECnet 8ab1834e uapi: update headers from 5.15 merge 6d0d35ba ip/bond: add lacp active support 926ad641 Update kernel headers c730bd0b ip/tunnel: always print all known attributes df8912ed ipioam6: use print_nl instead of print_null 7e7270bb tc/skbmod: Introduce SKBMOD_F_ECN option 86c596ed IOAM man8 2d83c710 New IOAM6 encap type for routes f0b3808a Add, show, link, remove IOAM namespaces and schemas acbdef93 Import ioam6 uapi headers 2d6fa30b Update kernel headers 508ad89c ipneigh: add support to print brief output of neigh cache in tabular format
* update patch 170-ip_tiny.patch to accomodate ioam.
Signed-off-by: Russell Senior <russell@personaltelco.net> (commit: fa7356d)
The nl80211_set_wiphy() function was changed between kernel 5.11 and 5.12 to take the rdev->wiphy lock which should be freed at the end again. The 500-mac80211_configure_antenna_gain.patch added some code which just returned in some cases without unlocking. This resulted in a deadlock with brcmfmac. This patch fixes this by also jumping to the out label in case we want to leave the function. This fixes a hanging system when brcmfmac is in use. I do not know why we do not see this with other driver.
The kernel returns very useful debug details when setting these OpenWrt configuration options: CONFIG_KERNEL_DETECT_HUNG_TASK=y CONFIG_KERNEL_PROVE_LOCKING=y
Fixes: FS#4122 Fixes: b96c2569ac76 ("mac80211: Update to version 5.12.19-1") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (commit: c90e10b)
Simply reading /proc/*/stat as a space-separated string will not work as the process name may itself contain spaces. Hence we must match on the '(' and ')' characters around the process name and can then handle the remaining string as space-separated values. This fixes shell error messages which have been popping up the console due to spaces in process names being interpreted as field separators.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 4d3303b)
scripts/env: fix env for git conf init.defaultBranch not set to "master"
Since version 2.28, git has a config option init.defaultBranch to set the name of the first branch created with git init. The env script expects this name to be "master". This commit sets the initial branch name to "master" instead of using the git configured one.
Signed-off-by: Arne Zachlod <arne@nerdkeller.org> (commit: b5ab6d0)
ipq40xx: add support for P&W R619AC (aka G-DOCK 2.0)
P&W R619AC is a IPQ4019 Dual-Band AC1200 router. It is made by P&W (p2w-tech.com) known as P&W R619AC but marketed and sold more popularly as G-DOCK 2.0.
Specification:
* SOC: Qualcomm Atheros IPQ4019 (717 MHz) * RAM: 512 MiB * Flash: 16 MiB (NOR) + 128 MiB (NAND) * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) * Wireless: - 2.4 GHz b/g/n Qualcomm Atheros IPQ4019 - 5 GHz a/n/ac Qualcomm Atheros IPQ4019 * USB: 1 x USB 3.0 * LED: 4 x LAN, 1 x WAN, 2 x WiFi, 1 x Power (All Blue LED) * Input: 1 x reset * 1 x MicroSD card slot * Serial console: 115200bps, pinheader J2 on PCB * Power: DC 12V 2A * 1 x Unpopulated mPCIe Slot (see below how to connect it) * 1 x Unpopulated Sim Card Slot
Installation: 1. Access to tty console via UART serial 2. Enter failsafe mode and mount rootfs <https://openwrt.org/docs/guide-user/troubleshooting/failsafe_and_factory_reset> 3. Edit inittab to enable shell on tty console `sed -i 's/#ttyM/ttyM/' /etc/inittab` 4. Reboot and upload `-nand-factory.bin` to the router (using wget) 5. Use `sysupgrade` command to install
Another installation method is to hijack the upgrade server domain of stock firmware, because it's using insecure http.
This commit is based on @LGA1150(at GitHub)'s work <https://github.com/LGA1150/openwrt/commit/a4932c8d5a275d1fb4297bd20ec03f9270a45d1c> With some changes: 1. Added `qpic_bam` node in dts. I don't know much about this, but I observed other dtses have this node. 2. Removed `ldo` node under `sd_0_pinmux`, because `ldo` cause SD card not working. This fix is from <https://github.com/coolsnowwolf/lede/commit/51143b4c7571f717afe071db60bbb4db1532cbf2> 3. Removed the 32MB NOR variant. 4. Removed `cd-gpios` in `sdhci` node, because it's reported that it makes wlan2g led light up. 5. Added ethphy led config in dts. 6. Changed nand partition label from `rootfs` to `ubi`.
About the 128MiB variant: The stock bootloader sets size of nand to 64MiB. But most of this devices have 128MiB nand. If you want to use all 128MiB, you need to modify the `MIBIB` data of bootloader. More details can be found on github: <https://github.com/openwrt/openwrt/pull/3691#issuecomment-818770060> For instructions on how to flash the MIBIB partition from u-boot console: <https://github.com/openwrt/openwrt/pull/3691#issuecomment-819138232>
About the Mini PCIe slot: (from "ygleg") "The REFCLK signals on the Mini PCIe slot is not connected on this board out of the box. If you want to use the Mini PCIe slot on the board, you need to (preferably) solder two 0402 resistors: R436 (REFCLK+) and R444 (REFCLK-)..." This and much more information is provoided in the github comment: <https://github.com/openwrt/openwrt/pull/3691#issuecomment-968054670>
Signed-off-by: Richard Yu <yurichard3839@gmail.com> Signed-off-by: DENG Qingfang <dqfext@gmail.com> [Added comment about MIBIB+128 MiB variant. Added commit message section about pcie slot. Renamed gpio-leds' subnodes and added color, function+enum properties.] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 12d33d3)
The Zyxel NBG6617 already uses lzma to compress the kernel. A local build with every module enabled (either as =Y or =M) ended produced a 3058 KiB kernel (the kernel partition is 4MiB). It booted just fine, let's reenable the device.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: cb18b62)
At least since gcc 7.3.0 (OpenWrt 18.06) lwr/lwl are used in the assembly of LzmaProps_Decode. While the decission made by the compiler looks perfect fine, it triggers some obscure hang on lantiq danube-s v1.5 with MX29LV640EB NOR flash chips.
Only if the offset 1 is used, the hang can be observed. Using any other offset works fine:
With gcc10 the variables are placed more tightly to each other, which uncovers a long existing bug in the lantiq DMA code. It can be observed when using tftpboot with the filename parameter, which gets reset during the tftpboot execution.
NetRxPackets[] points to cache line size aligned addresses. In ltq_eth_rx_packet_align() the address NetRxPackets[] points to is increased by LTQ_ETH_IP_ALIGN and the resulting not cache aligned address is used further on. While doing so, the length/size is never updated.
The "not cache aligned address" + len/size for a cache aligned address is passed to invalidate_dcache_range(). Hence, invalidate_dcache_range() invalidates the next 32 bit as well, which flashes the BootFile variable as well.
variable BootFile is at address: 0x83ffe12c NetRxPackets[] points to 0x83ffdb20 (len is 0x600) data points to: 0x83ffdb22 (len is 0x600)
ltq_dma_dcache_inv: 0x83ffdb22 (for len 0x600) invalidate_dcache_range: 0x83ffdb20 to 0x83ffe120 (size: 32) invalidate_dcache_range: 0x83ffdb20 to 0x83ffdb40 (Bootfile: a.bin) ... invalidate_dcache_range: 0x83ffe100 to 0x83ffe120 (Bootfile: a.bin) invalidate_dcache_range: 0x83ffe120 to 0x83ffe140 (Bootfile: )
In ltq_dma_tx_map() and ltq_dma_rx_map() the start address passed to ltq_dma_dcache_wb_inv() is incorrect. By considering the offset, the start address passed to flush_dcache_range() is always aligned to 32, 64 or 128 bytes dependent on configured DMA burst size.
On danube we only have 0x6800 bytes of usable SRAM. Everything behind can't be written to and a SPL u-boot locks up during boot.
Since it's a hard to debug issue and took me more than two years to fix it, I consider it worth to include fix albeit SPL u-boots are not build in OpenWrt.
I faced the issue while trying to shrink the u-boot to 64K since some boards only have an u-boot partition of that size from the days ifx-uboot was used.
Signed-off-by: Mathias Kresin <dev@kresin.me> Reviewed-by: Daniel Schwierzeck <daniel.schwierzeck@gmail.com> (commit: e6f8cf6)
On lantiq a lot of stuff expects to be loaded to and executed at 0x80002000, including our own second stage bootloader.
For all build u-boots, the initial stack pointer is at 0x80008000. After loading data to 0x80002000, every further stack operation corrupts the loaded code.
Set the initial stack pointer to 0x80002000, to not overwrite code loaded in memory. A stack of 0x2000 bytes has been proven as enough in all done tests.
Backport of Ansuel Smith's "net: dsa: qca8k: make sure PAD0 MAC06 exchange is disabled", to ensure mac06 is disabled even if enabled by the bootloader.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: c953652)
This allows a package to be rebuilt for all different VARIANTs. To do so, set VARIANT=*.
The wpa-cli package is not getting built after changes made by 19aae94 [build: avoid rebuilds of unset VARIANT packages], because wpa-cli is only built when compiling a variant that includes supplicant support, and the first selected variant may not build it.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 91a5d69)
19aae94 [build: avoid rebuilds of unset VARIANT packages] builds packages defined without a VARIANT only once, using the first VARIANT defined in the Makefile.
This caused problems with wpa-cli, as it is only built for variants that include supplicant support, and the first VARIANT defined may not build it.
The same happens to hostapd-utils, which is not built for supplicant-only variants.
To circumvent this, set VARIANT=* for both packages so that they get built for every defined variant. This should not cause spurious rebuilds, since tey are not a dependency of any other package defined in this Makefile.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: 5720ac8)
This commit contains a series of fixes for DMA. The burst length patch significantly improves Ethernet performance. Patches were tested on the xRX200 and xRX330.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl> (commit: 0e561a2)
toolchain: add a version that can be bumped to force toolchain/target rebuild
This can be used to ensure that the compiled code is up to date, when something important changes in the toolchain. A recent example of this is the gcc 11 fix for a code miscompilation issue
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: db34b93)
Since sqm-scripts and qos-scripts packages are in the same category as qosify, the firsts being in the Base System category, I find it understandable to move the latter to Base System instead of network section.
Signed-off-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com> (commit: 537df46)
68961a555e42 ubus: drop dnsmasq check for dns_result method 1ca3e26b8169 bpf: refactor code to support explicit opt-in for bulk+prio detection 3f0acf039f41 bpf: move flow prio/bulk detection config into a separate data structure bc54c97e3333 map, bpf: create a separate map for configured dscp classes 46cf3eae2d99 bpf: fix bulk flow detaction 88f1db7dd611 bpf: fix priority flow detection b5dec7874373 bpf: remove access to skb->gso_size e728a319a9a5 interface: unify status, always include ifname, ingress, egress
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 0351a5f)
ath79: mikrotik: enable USB module on RouterBoard wAPR-2nD
The MikroTik RouterBOARD wAPR-2nD (wAP R) router features a miniPCI-e slot with USB lines connected, which are used by some USB cards with miniPCI-e form factor, like the R11e-LR8. Enabling USB support is required for such cards to work.
Tested on a MikroTik wAP LR8 kit (RB wAPR-2nD + R11e-LR8).
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net> (commit: c29f71e)
this pwrseq need rtc clock, or kernel won't find this device. but now rtc-sunxi.c only support A10/A20. Orangepi Lite 2 use H6 ,from rtc-sun6i.c show compatible is { .compatible = "allwinner,sun6i-a31-rtc" }, { .compatible = "allwinner,sun8i-a23-rtc" }, { .compatible = "allwinner,sun8i-h3-rtc" }, { .compatible = "allwinner,sun8i-r40-rtc" }, { .compatible = "allwinner,sun8i-v3-rtc" }, { .compatible = "allwinner,sun50i-h5-rtc" }, { .compatible = "allwinner,sun50i-h6-rtc" }, So it need this to let kernel find this mmc wifi device.
The MikroTik LHG 5 series (product codes RBLHG-5nD, RBLHG-5HPnD and RBLHG-5HPnD-XL) devices are an outdoor 5GHz CPE with a 24.5dBi or 27dBi integrated antenna built around the Atheros AR9344 SoC. It is very similar to the SXT Lite5 series which this patch is based upon.
ath79: move cal-data extraction to dts for DAP-2695
This device can be merged with the existing dtsi, which declares the location of ath9k cal-data via devicetree, correcting the 2.4G mac address in `10_fix_wifi_mac` rather than `10-ath9k-eeprom`.
To make these changes more visible, apply before merging with dtsi.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net> (commit: be88f41)
tools/llvm-bpf: make sure llvm-bpf.tar.gz is created
The llvm-bpf-$version.tar.xz might be absent. For example `make clean` executed, CONFIG_TARGET changed. This commit can only guarantee that the target file can be built when tools/compile is explicitly called rather than $(tools/stamp-compile).
sun6i-rtc cannot be built as a module and the hardware is only present in some of the sunxi SoCs, see driver source: { .compatible = "allwinner,sun6i-a31-rtc" }, { .compatible = "allwinner,sun8i-a23-rtc" }, { .compatible = "allwinner,sun8i-h3-rtc" }, { .compatible = "allwinner,sun8i-r40-rtc" }, { .compatible = "allwinner,sun8i-v3-rtc" }, { .compatible = "allwinner,sun50i-h5-rtc" }, { .compatible = "allwinner,sun50i-h6-rtc" },
Set CONFIG_RTC_DRV_SUN6I=y in kernel config file for cortexa7 and cortexa53 subtargets which covers all of the above.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: d6c5bb6)
5dd32475c859 mt76: mt7915: get rid of mt7915_mcu_set_fixed_rate routine f5cfaaff3dd1 mt76: mt7921: drop offload_flags overwritten f5ad840ca5c0 mt76: mt7615: fix possible deadlock while mt7615_register_ext_phy() 29a8a08827b1 mt76: mt7921: fix MT7921E reset failure f44685f2faee mt76: mt7915: fix return condition in mt7915_tm_reg_backup_restore() ae8e02ddd2b0 mt76: mt7915: fix SMPS operation fail e814e15716b0 mt76: reverse the first fragmented frame to 802.11 c9bca3ed9566 mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode dd054b7e16e7 mt76: only set rx radiotap flag from within decoder functions f1520c9bb332 mt76: mt7915: add default calibrated data support 0c489ea2865a mt76: testmode: add support to set MAC 91c5da3d0a7c mt76: mt7921: add support for PCIe ID 0x0608/0x0616 ca39b4bbc227 mt76: debugfs: fix queue reporting for mt76-usb 00b6f497e2e8 mt76: mt7921: introduce 160 MHz channel bandwidth support c1574466c733 mt76: fix possible OOB issue in mt76_calculate_default_rate 9680a17b0aed mt76: mt7921: fix possible NULL pointer dereference in mt7921_mac_write_txwi 78fc0dcdcef0 mt76: connac: fix a theoretical NULL pointer dereference in mt76_connac_get_phy_mode 05953e7d6fe7 mt76: mt7615: remove dead code in get_omac_idx 39f6c37127c1 mt76: connac: remove PHY_MODE_AX_6G configuration in mt76_connac_get_phy_mode 526591b203f3 mt76: do not pass the received frame with decryption error 256789bb400f mt76: fix the wiphy's available antennas to the correct value fa187f5cf068 mt76: fix timestamp check in tx_status 11ebf11a3587 mt76: mt7915: fix the wrong SMPS mode 8c69b815ee7f mt76: mt7921: honor mt76_connac_mcu_set_rate_txpower return value in mt7921_config bc6798f729f9 mt76: move sar utilities to mt76-core module b1d0ad2e74fe mt76: mt76x02: introduce SAR support
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 24bb494)
This fixes: [ 10.440495] bcm_ns_usb2 1800c000.usb2-phy: can't request region for resource [mem 0x1800c000-0x1800cfff] [ 10.450039] bcm_ns_usb2 1800c000.usb2-phy: Failed to map DMU regs [ 10.456183] bcm_ns_usb2: probe of 1800c000.usb2-phy failed with error -16 caused by conflict in allocating resources.
Fixes: f55f1dbaad33 ("bcm53xx: switch to the kernel 5.10") Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (commit: 1d7c1a4)
8de12de system: add diskfree infos to ubus bf3fe0e service: move jail parsing to end of instance parser 87b5836 procd: add full service shutdown prior to sysupgrade 01ac2c4 procd: service_stop_all: also kill inittab actions
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 507f50d)
procd: setup /dev/stdin, /dev/stdout and /dev/stderr symlinks
Extend the hotplug.json ruleset to setup the common /dev/std{in,out,err} symbolic links which are needed by some applications, e.g. nftables when applying rulesets from stdin.
hostapd: allow hostapd under ujail to communicate with hostapd_cli
When procd-ujail is available, 1f785383875a runs hostapd as user "network", with only limited additional capabilities (CAP_NET_ADMIN and CAP_NET_RAW).
hostapd_cli (CONFIG_PACKAGE_hostapd-utils) communicates with hostapd over a named UNIX-domain socket. hostapd_cli is responsible for creating this socket at /tmp/wpa_ctrl_$pid_$counter. Since it typically runs as root, this endpoint is normally created with uid root, gid root, mode 0755. As a result, hostapd running as uid network is able to receive control messages sent through this interface, but is not able to respond to them. If debug-level logging is enabled (CONFIG_WPA_MSG_MIN_PRIORITY <= 2 at build, and log_level <= 2 in /etc/config/wireless wifi-device), this message will appear from hostapd:
CTRL: sendto failed: Permission denied
As a fix, hostapd_cli should create the socket node in the filesystem with uid network, gid network, mode 0770. This borrows the presently Android-only strategy already in hostapd intended to solve the same problem on Android.
If procd-ujail is not available and hostapd falls back to running as root, it will still be able to read from and write to the socket even if the node in the filesystem has been restricted to the network user and group. This matches the logic in package/network/services/hostapd/files/wpad.init, which sets the uid and gid of /var/run/hostapd to network regardless of whether procd-ujail is available.
As it appears that the "network" user and group are statically allocated uid 101 and gid 101, respectively, per package/base-files/files/etc/passwd and USERID in package/network/services/hostapd/Makefile, this patch also uses a constant 101 for the uid and gid.
Signed-off-by: Mark Mentovai <mark@moxienet.com> [refreshed patch] Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 398cbb7)
mac80211: fix regression in SSN handling of addba tx
Some drivers that do their own sequence number allocation (e.g. ath9k, mwlwifi) rely on being able to modify params->ssn on starting tx ampdu sessions. This was broken by a change that modified it to use sta->tid_seq[tid] instead.
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: ddd977f)
hostapd: add a patch that allows processing auth requests for peers in blocked state
If authentication fails repeatedly e.g. because of a weak signal, the link can end up in blocked state. If one of the nodes tries to establish a link again before it is unblocked on the other side, it will block the link to that other side. The same happens on the other side when it unblocks the link. In that scenario, the link never recovers on its own.
To fix this, allow restarting authentication even if the link is in blocked state, but don't initiate the attempt until the blocked period is over.
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: f84053a)
Recent versions of Realtek's SDK reset both the ethernet NIC and queues (SW_NIC_RST and SW_Q_RST bits) when initialising the hardware.
Furthermore, when issuing a CPU reset on the Zyxel GS1900-8 (not supported by any current driver), the networking part of the SoC is not reset. This leads to unresponsive network after the restart. By resetting both the ethernet NIC and queues, networking always comes up reliably.
The CPU peripherals on RTL83xx/RTL930x are connected to the CPU via the Lexra bus. This bus can provide a clock signal to these peripherals, but no clock driver is currently available. Instead, use a fixed-clock to provide the clock frequency, and update the dependent peripherals.
Add patch submitted upstream to linux-watchdog and replace the MIPS architecture symbols. Requires one extra patch for the DIV_ROUND_* macros, which have moved to a different header since 5.10.
Add and enable the Realtek Otto WDT peripheral found on these SoCs.
Default all devices to use standard (cold) reboot and "soc" resets.
Devices that require the PLL value fixup before restarting, should pick the "cpu" or "software" reset mode. These devices also need to provide a custom reboot mode, by adding the reboot argument to the kernel command line:
WDT reset mode | kernel reboot mode ----------------+--------------------------------------- soc | reboot=cold (default if not specified) cpu | reboot=warm software | reboot=software
Preferrably, these devices should use an alternative restart method like gpio-restart to provide reliable restarts.
Note that watchdog restarts are not yet exposed, since the _machine_restart override is still present.
realtek: Remove _machine_restart and _machine_halt
By dropping _machine_restart, users can provide more reliable or device-specific restart modes.
_machine_halt was already removed in commit f4b687d1f053 ("realtek: use kernel defined halt"), but quietly reintroduced in commit 8faffa00cb6b ("realtek: add support for the RTL9300 timer"). Let's remove it again.
We switched to mac80211 5.15 backport version. Also switch ath10k-ct to 5.15 and drop the mac address patch that got merged upstream. Compile and tested on ipq806x Netgear R7800. Also update the ath10k-ct to latest version to fix a typo for the new version in the kernel log.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 553a3ac)
arm-trusted-firmware-mvebu: fix commit ids to for mv-ddr-marvell
without this patch a3700-utils/tim/ddr/ddr_tool.verstr contains the OpenWrt commit ID. this patch fix the mv_ddr version commit ID by using the global variable MV_DDR_COMMIT_ID.
Upon boot it now prints "mv_ddr-devel-g02e23dbc-d DDR4 16b 1GB 1CS".
Cc: Andre Heider <a.heider@gmail.com> Signed-off-by: Kerma Gérald <gandalf@gk2.net> (commit: 35b0dc3)
Based on the Build Instructions for Trusted-Firmware-A [1], there is a required cryptopp [2].
In the past, it used 'tbb_linux' image tool binary, which seems to be buggy, deprecated and removed from A3700-utils-marvell and it should not be used anymore. That's why I removed 001-imagetool.patch, which is no longer necessary.
The board has a fixed size kernel partition but do not limit the kernel size during image building.
Disable image building for both boards as well, since the kernel of the last release as well as master are to big to fit into the 2 MByte kernel partition.
these flags have been creeping in from the QSDK. All needed clocks should be accounted for, and if a device is broken due to this. It should be looked into.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: a5b80dd)
mpc85xx: backport "fix oops when CONFIG_FSL_PMC=n"
Martin Kennedy reported: |Presently, I get this kernel panic on mpc85xx (Aerohive HiveAP 370) |on OpenWrt 'master' which occurs right as the second processor is |initialized: | |[ 0.478804] rcu: Hierarchical SRCU implementation. |[ 0.535569] dyndbg: Ignore empty _ddebug table in a CONFIG_DYNAMIC_DEBUG_CORE build |[ 0.627233] smp: Bringing up secondary CPUs ... |[ 0.681659] kernel tried to execute user page (0) - exploit attempt? (uid: 0) |[ 0.766618] BUG: Unable to handle kernel instruction fetch (NULL pointer?) |[ 0.848899] Faulting instruction address: 0x00000000 |[ 0.908273] Oops: Kernel access of bad area, sig: 11 [#1] |[ 0.972851] BE PAGE_SIZE=4K SMP NR_CPUS=2 P1020 RDB |[ 1.031179] Modules linked in: |[ 1.067640] CPU: 0 PID: 1 Comm: swapper/0 Not tainted 5.10.80 #0 |[ 1.139507] NIP: 00000000 LR: c0021d2c CTR: 00000000 |[ 1.199921] REGS: c1051cf0 TRAP: 0400 Not tainted (5.10.80) |[...] |[ 1.758220] NIP [00000000] 0x0 |[ 1.794688] LR [c0021d2c] smp_85xx_kick_cpu+0xe8/0x568 |[ 1.856126] Call Trace: |[ 1.885295] [c1051da8] [c0021cb8] smp_85xx_kick_cpu+0x74/0x568 (unreliable) |[ 1.968633] [c1051de8] [c0011460] __cpu_up+0xc0/0x228 |[ 2.029038] [c1051e18] [c0031bbc] bringup_cpu+0x30/0x224 |[ 2.092572] [c1051e48] [c0031f3c] cpu_up.constprop.0+0x180/0x33c |[..] |[ 2.727952] ---[ end trace 9b796a4bafb6bc14 ]--- |[ 3.800879] Kernel panic - not syncing: Fatal exception |[ 3.862353] Rebooting in 1 seconds.. |[ 5.905097] System Halted, OK to turn off power | |I bisected this down to commit 3ae5da5adce9 ("kernel: bump 5.10 to 5.10.80"); |that is, I don't get the panic right before this commit, but I do after.
He reported the issue upstream and Xiaoming Ni from huawei came up with the patch (that is on it's way to upstream). While the AP370 is not in Openwrt, this will likely affect other SMP P1020 devices OpenWrt ships with: like the AP330, Enterasys WS-AP3710i, etc.
Reported-by: Martin Kennedy <hurricos@gmail.com> Tested-by: Martin Kennedy <hurricos@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: dd7d470)
ath79: convert TP-Link Archer C7v1/2 Wifis to nvmem-cells
For v2, both ath9k (2.4GHz Wifi) and ath10k (5 GHz) driver now pull the (pre-)calibration data from the nvmem subsystem. v1 is slightly different as only the ath9k Wifi is supported.
This allows us to move the userspace caldata extraction and mac-address patching for the 5GHZ ath10k supported wifi into the device-tree definition of the device.
ath9k's nodes are also changed over to use nvmem-cells over OpenWrt's custom mtd-cal-data property.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 297bcee)
Steven Maddox reported in the OpenWrt bugzilla, that his RaidSonic IB-NAS4220-B was no longer booting with the new OpenWrt 21.02 (uses linux 5.10's device-tree). However, it was working with the previous OpenWrt 19.07 series (uses 4.14).
(This is still under investigation.)
Bugzilla: https://bugs.openwrt.org/index.php?do=details&task_id=4137 Reported-by: Steven Maddox <s.maddox@lantizia.me.uk> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: a662d85)
Update ath10k-ct to get the upstream fix for DFS support for VHT160 in the 5.15 based ath10k-ct. (Switch from 5.10 to 5.15 surfaced the upstream regression.)
* refresh one patch
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> (commit: 26a7a38)
Currently ubinize-image script always expects the rootfs image to be passed and a volume for it created.
So, to allow only ubinizing a kernel for example which the MikroTik hAP ac3 and other new NAND devices from MikroTik require make rootfs an optional parameter like kernel.
Signed-off-by: Robert Marko <robimarko@gmail.com> (commit: 5a305e4)
Currently nand_upgrade_tar() will pass the kernel length to nand_upgrade_prepare_ubi() in all cases except for when the kernel is to be installed in a separate partition as a binary with the MTD tool.
While this is fine for almost all cases newer MikroTik NAND devices like hAP ac3 require the kernel to be installed as a UBIFS packed UBI volume in its own partition.
So, since we have a custom recipe to use ubiformat to flash the kernel in its partition it makes no sense for sysupgrade to also install the kernel as a UBI volume in the "ubi" partition as it only wastes space and will never be used.
So, simply check whether CI_KERNPART is set to "none" and if so unset the "has_kernel" variable which will in turn prevent the kernel length from being passed on and then the kernel UBI volume wont be created for no usefull purpose.
The ath79 MikroTik NAND target has been setting CI_KERNPART to "none" for a while now altough that was not preventing the kernel to be installed as UBI volume as well.
Signed-off-by: Robert Marko <robimarko@gmail.com> (commit: f2c4064)
This adds support for the MikroTik RouterBOARD RBD53iG-5HacD2HnD (hAP ac³), a indoor dual band, dual-radio 802.11ac wireless AP with external omnidirectional antennae, USB port, five 10/100/1000 Mbps Ethernet ports and PoE passthrough.
See https://mikrotik.com/product/hap_ac3 for more info.
Specifications: - SoC: Qualcomm Atheros IPQ4019 - RAM: 256 MB - Storage: 16 MB NOR + 128 MB NAND - Wireless: · Built-in IPQ4019 (SoC) 802.11b/g/n 2x2:2, 3 dBi antennae · Built-in IPQ4019 (SoC) 802.11a/n/ac 2x2:2, 5.5 dBi antennae - Ethernet: Built-in IPQ4019 (SoC, QCA8075) , 5x 1000/100/10 port, passive PoE in, PoE passtrough on port 5 - 1x USB Type A port
Installation: 1. Boot the initramfs image via TFTP 2. Run "cat /proc/mtd" and look for "ubi" partition mtd device number, ex. "mtd1" 3. Use ubiformat to remove MikroTik specific UBI volumes * Detach the UBI partition by running: "ubidetach -d 0" * Format the partition by running: "ubiformat /dev/mtdN -y" Replace mtdN with the correct mtd index from step 2. 3. Flash the sysupgrade image using "sysupgrade -n"
Signed-off-by: Robert Marko <robimarko@gmail.com> Tested-by: Mark Birss <markbirss@gmail.com> Tested-by: Michael Büchler <michael.buechler@posteo.net> Tested-by: Alex Tomkins <tomkins@darkzone.net> (commit: 3ad229d)
Add back support for the TLC591xx series LEDs which are used in the ipq806x-based Meraki Cryptid series devices.
This module previously existed for the mvebu platform but was removed at commit f849c2c83247340d623fdb549e2b75f4c1feea62 due to being enabled in that platform's kernel config.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: 529eac5)
Rather than having separate patches for each GSBI node added, this patch consolidates the existing GSBI1 patch into 083-ipq8064-dtsi-additions.patch. In addition, GSBI6 and GSBI7 I2C nodes, required for the MR42 and MR52 respectively, are added.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: cef420e)
Add backports of the following patches: "net: stmmac: explicitly deassert GMAC_AHB_RESET" and "ARM: dts: qcom: add ahb reset to ipq806x-gmac" Required for Meraki MR42/MR52.
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: 771691e)
If you can successfully complete step 1 then you can continue to install via this method without having to open the device. Otherwise please use the standard UART method. Please note that when booting via TFTP, some Ethernet devices, in particular those on laptops, will not connect in time, resulting in TFTP boot not succeeding. In this instance it is advised to connect via a switch.
1. Hold down reset at power on and keep holding, after around 10 seconds if the orange LED changes behaviour to begin flashing, proceed to release reset, then press reset two times. Ensure that the LED has turned blue. Note that flashing will occur on some devices, but it will not be possible to change the LED colour using the reset button. In this case it will still be possible to continue with this install method.
2. Set your IP to 192.168.1.250. Set up a TFTP server serving mr42_u-boot.mbn and openwrt-ipq806x-generic-meraki_mr42-initramfs-fit-uImage.itb, obtained from [1].
3. Use telnet and connect to 192.168.1.1. Run the following commands to install u-boot. Note that all these commands are critical, an error will likely render the device unusable.
Option 3.1: If you are sure you have set up the TFTP server correctly you can run this script on the device. This will download and flash the u-boot image immediately:
Important: You must observe the output of the `nandwrite` command. Look for the following to verify writing is occurring:
`Writing data to block 0 at offset 0x0 Writing data to block 1 at offset 0x20000 Writing data to block 2 at offset 0x40000`
If you do not see this then do not power off the device. Check your previous commands and that mr42_u-boot.mbn was downloaded correctly. Once you are sure the image has been written you can proceed to power off the device.
4. Hold the reset button and power on the device. This will immediately begin downloading the appropriate initramfs image and boot into it.
Note: If the device does not download the initramfs, this is likely due to the interface not being brought up in time. Changing Ethernet source to a router or switch will likely resolve this. You can also try manually setting the link speed to 10Mb/s Half-Duplex.
5. Once a solid white LED is displayed on the device, continue to the UART installation method, step 6.
Standard installation via UART - MR42 & MR52
1. Disassemble the device and connect a UART header. The header pinout is as follows:
1 - 3.3v 2 - TXD 3 - RXD 4 - GND
Important: You should only connect TXD, RXD and GND. Connecting 3.3v may damage the device.
2. Set your IP to 192.168.1.250. Set up a TFTP server serving openwrt-ipq806x-generic-meraki_(mr42|mr52)-initramfs-fit-uImage.itb. Separately obtain the respective sysupgrade image.
3. Run the following commands, preferably from a Linux host. The mentioned files, including ubootwrite.py and u-boot images, can be obtained from [1].
The default for "--serial" option is /dev/ttyUSB0.
4. Power on the device. The ubootwrite script will upload the image to the device and launch it. The second stage u-boot will in turn load the initramfs image by TFTP, provided the TFTP server is running correctly. This process will take about 13 minutes. Once a solid white LED is displayed, the image has successfully finished loading. Note: If the image does not load via TFTP, try again with the Ethernet link to 10Mb/s Half-Duplex.
5. (MR42 only) Do not connect over the network. Instead connect over the UART using minicom or similar tool. To replace u-boot with the network enabled version, please run the following commands. Note that in the provided initramfs images, the u-boot.mbn file is located in /root:
If you have not used the provided initramfs, you must ensure you are using an image with "boot_layout" ECC configuration enabled in the Kernel. This will be version 5.10 or higher. If you do not do this correctly the device will be bricked.
After running nandwrite, ensure you observe the following output:
`Writing data to block 0 at offset 0x0 Writing data to block 1 at offset 0x20000 Writing data to block 2 at offset 0x40000`
6. (Optional) If you have no further use for the Meraki OS, you can remove all other UBI volumes on ubi0 (mtd11), including diagnostic1, part.old, storage and part.safe. You must not remove the ubi1 ART partition (mtd12).
`for i in diagnostic1 part.old storage part.safe ; do ubirmvol /dev/ubi0 -N $i done`
7. Proceed to flash the sysupgrade image via luci, or else download or scp the image to /tmp and use the sysupgrade command.
[1] The mentioned images and ubootwrite.py script can be found in this repo: https://github.com/clayface/openwrt-cryptid
[2] The modified u-boot sources for the MR42 and MR52 are available: https://github.com/clayface/U-boot-MR52-20200629
Signed-off-by: Matthew Hagan <mnhagan88@gmail.com> (commit: 67f5201)
This patch adds support for the Teltonika RUTX10. This device is an industrial DIN-rail router with 4 ethernet ports, 2.4G/5G dualband WiFi, Bluetooth, a USB 2.0 port and two GPIOs.
The RUTX series devices are very similiar so common parts of the DTS are kept in a DTSI file. They are based on the QCA AP-DK01.1-C1 dev board.
See https://teltonika-networks.com/product/rutx10 for more info.
MACs Details verified with the stock firmware: eth0: Partition 0:CONFIG Offset: 0x0 eth1: = eth0 + 1 radio0 (2.4 GHz): = eth0 + 2 radio1 (5.0 GHz): = eth0 + 3 Label MAC address is from eth0.
The LED/GPIO controller needs a separate kernel driver to function. The driver was extracted from the Teltonika GPL sources and can be found at following feed: https://github.com/0xFelix/teltonika-rutx-openwrt
USB detection of the bluetooth interface is sometimes a bit flaky. When not detected power cycle the device. When the bluetooth interface was detected properly it can be used with bluez / bluetoothctl.
Flash instructions via stock web interface (sysupgrade based): 1. Set PC to fixed ip address 192.168.1.100 2. Push reset button and power on the device 3. Open u-boot HTTP recovery at http://192.168.1.1 4. Upload latest stock firmware and wait until the device is rebooted 5. Open stock web interface at http://192.168.1.1 6. Set some password so the web interface is happy 7. Go to firmware upgrade settings 8. Choose openwrt-ipq40xx-generic-teltonika_rutx10-squashfs-nand-factory.ubi 9. Set 'Keep settings' to off 10. Click update, when warned that it is not a signed image proceed
Return to stock firmware: 1. Set PC to fixed ip address 192.168.1.100 2. Push reset button and power on the device 3. Open u-boot HTTP recovery at http://192.168.1.1 4. Upload latest stock firmware and wait until the device is rebooted
Note: The DTS expects OpenWrt to be running from the second rootfs partition. u-boot on these devices hot-patches the DTS so running from the first rootfs partition should also be possible. If you want to be save follow the instructions above. u-boot HTTP recovery restores the device so that when flashing OpenWrt from stock firmware it is flashed to the second rootfs partition and the DTS matches.
Signed-off-by: Felix Matouschek <felix@matouschek.org> (commit: 1cc3b95)
CONFIG_EXTERNAL_CPIO is a string variable, hence testing for 'y' doesn't make much sense here.
Fixes: 330bd380e8 ("image: allow building FIT and uImage with ramdisk") Reported-by: Huangbin Zhan <zhanhb88@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 0a4f5d0)
The configs/omap3_overo_defconfig file was removed from upstream U-Boot in commit ed3294d6d1f9 ("arm: Remove overo board"). Remove it in OpenWrt too. If someone needs this please add it also to upstream U-Boot.
realtek: revert to "standard" management configuration
The default management interface should be easy to find for users doing "blind" installations without console access. There are already multiple examples in the forum of advanced early adopters having problems locating the management interface after installing OpenWrt.
Requiring tagged VLAN configration to access the initial management interface creates unnecessary hassle at best. Errors on the other end are close to impossible to debug without console access, even for advanced users. Less advanced users might have problems with the concept of VLAN tagging.
Limiting management access to a single arbitrary port among up to 52 possible LAN ports makes this even more difficult, for no reason at all. Users might have reasons to use a different port for management. And they might even have difficulties using the OpenWrt selected one. The port might be the wrong type for their management link (e.g copper instead of fibre). Or they might depend on PoE power from a device which they can't reconfigure.
User expectations will be based on - OpenWrt defaults for other devices - stock firmware default for the device in question - common default behaviour of similar devices
All 3 cases point to a static IP address accessible on the native VLAN of any LAN port. A switch does not have any WAN port. All ports are LAN ports.
This changes the default network configuration in line with these expectations.
Some devices are assigned globally unique MAC addresses for all ports. These are stored by U-Boot in the second U-Boot enviroment ("sysinfo") as a range of start and end address.
The internal GPIO controller on RTL838x is also an IRQ controller, which requires the 'interrupt-controller' and '#interrupts-cells' properties to be present in the device tree.
Add the gpio-restart driver to the realtek build. This way devices, which cannot reliably perform resets using the SoC's internal reset logic, can use a GPIO line to drive the SoC's hard reset input.
The Netgear GS110TPP v1 switch cannot reliably perform cold reboots using the system's internal reset controller.
On this device, and the other supported Netgear switches, internal GPIO line 13 is connected to the system's hard reset logic. Expose this GPIO on all systems to ensure restarts work properly.
If spectral scan support is enabled then ath10k-ct will cause a NULL pointer due to relay_open() being called with a const callback struct which is only supported in kernel 5.11 and later.
So, simply check the kernel version and if 5.11 and newer use the const callback struct, otherwise use the regular struct.
Fixes: 553a3ac ("ath10k-ct: use 5.15 version") Signed-off-by: Robert Marko <robimarko@gmail.com> (commit: 040c024)
mac80211: fixed missing cfg80211 dependency on kmod-rfkill
When compiling with CONFIG_USE_RFKILL=y, the build fails and mentions that dependency on kmod-rfkill is missing, which is correct [1]. Add this dependency to the Makefile.
Depend on +USE_RFKILL and not PACKAGE_kmod-rfkill, because it forces selection of kmod-rfkill package. Other combinations in DEPENDS like USE_RFKILL:kmod-rfkill or (+)PACKAGE_kmod-rfkill:kmod-rfkill do not force selection of kmod-rfkill package.
The kmod-rfkill package itself depends on USE_RFKILL, so with +USE_RFKILL in kmod-cfg80211 package it is not possible to select wrong combination of packages.
The rtc-sunxi module only supports allwinner a10 and a20 SoCs, other SoCs in the cortexa7 and cortexa53 subtarget using the CONFIG_RTC_DRV_SUN6I driver which is compiled into the kernel binary, so remove this package for these unsupported devices.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> (commit: 001bdd5)
kernel: Deactivate B53 symbols in generic configuration
Deactivate all the symbols of the B53 DSA driver in the generic kernel configuration. Multiple targets are now using this drivers and they only need some of the options. This fixes the bcm4908 build which didn't deactivate all of the options.
This target does not activate CONFIG_PCI kernel configuration option, do not activate the PCI feature. This will deactivate some PCI drivers which are not building without PCI support in the kernel.
If PCI_SUPPORT or PCIE_SUPPORT are activated in the kernel configuration the feature flag will be automatically set by the build system again.
We actually need to enclose the whole section of partitions in a `partitions { ... }` to assign it a `compatible = "fixed-partitions"; otherwise the partition referred to by `hwinfo` won't be registered when bringing up MTD partitions, for example as per:
The xway_legacy subtarget only supports 5 devices. Most compiled switch drivers are unused by any of these devices. The same drivers are compiled into the xway subtarget. They were probably copied from there when creating this subtarget.
Switches used by devices: Arcadyan ARV4518PWR01 Realtek RTL8306SD Arcadyan ARV4518PWR01A Realtek RTL8306SD Arcadyan ARV4520PW Infineon ADM6996I Arcadyan ARV4525PW only PHY(IC+ IP101A) Arcadyan ARV452CQW Realtek RTL8306
The CONFIG_ETHERNET_PACKET_MANGLE symbol has also been disabled, as it is only needed by the driver for AR8216.
Reduces kernel size by 19.9 kB.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl> (commit: 56246f2)
ca-certificates: fix python3-cryptography woes in certdata2pem.py
This patch is a revert of the upstream patch to Debian's ca-certificate commit 033d52259172 ("mozilla/certdata2pem.py: print a warning for expired certificates.")
The reason is, that this change broke builds with the popular Ubuntu 20.04 LTS (focal) releases which are shipping with an older version of the python3-cryptography package that is not compatible.
...or if the python3-cryptography was missing all together: |Traceback (most recent call last): | File "/certdata2pem.py", line 31, in <module> | from cryptography import x509 |ModuleNotFoundError: No module named 'cryptography'
More concerns were raised by Jo-Philipp Wich: "We don't want the build to depend on the local system time anyway. Right now it seems to be just a warning but I could imagine that eventually certs are simply omitted of found to be expired at build time which would break reproducibility."
bcm53xx: sysupgrade: refactor handling different firmware formats
List of supported formats grew over time and implementation got a bit messy. There are multiple functions with format-specific parameters and commands.
Refactor it by making platform_identify() setup all required info right after detecting firmware format. This simplifies formats handling in platform_other_check_image() and platform_do_upgrade() a lot.
This has been tested on: 1. SmartRG SR400ac (TRX): non-NAND sysupgrade 2. Netgear R8000 (CHK): NAND aware and standard sysupgrade-s 3. D-Link DIR-885L (Seama): NAND aware and standard sysupgrade-s 4. Luxul XWR-3150 (LXL): NAND aware and standard sysupgrade-s
sunxi: update nanopi neo air that use brcmfmac43430a0
Update wifi firmware used for nanopi neo air, with cypress-firmware-43430-sdio there is no wifi detected, as brcmfmac-firmware-43430a0-sdio allow to acces to wifi.
Signed-off-by: Michel Promonet <michel.promonet@free.fr> (commit: fd311a5)
a6451fea5a3d mt76: mt7615: improve wmm index allocation 1911486414dc mt76: mt7915: improve wmm index allocation 7998a41d1321 mt76: clear sta powersave flag after notifying driver 664475574438 mt76: mt7603: introduce SAR support 5c0da39c940b mt76: mt7915: introduce SAR support 77fc6c439a32 mt76: mt7603: improve reliability of tx powersave filtering 094b3d800835 firmware: update mt7663 rebb firmware to 20200904171623 25237b19bcc1 mt76: eeprom: tolerate corrected bit-flips 1463cb4c6ac2 mt76: mt7921: fix boolreturn.cocci warning 586bad6020f7 mt76: mt7921: use correct iftype data on 6GHz cap init 8ec95c910425 mt76: mt7921s: fix bus hang with wrong privilege 688e30c7d854 firmware: update mt7921 firmware to version 20211014 6fad970893dd mt76: fix key pointer overwrite in mt7921s_write_txwi/mt7663_usb_sdio_write_txwi 95acf972750c mt76: fix 802.3 RX fail by hdr_trans 3f402b0cf6c0 mt76: mt7921s: fix possible kernel crash due to invalid Rx count 929a03a8d65d mt76: connac: fix last_chan configuration in mt76_connac_mcu_rate_txpower_band
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 7e15390)
- Qualcomm IPQ4019 (717 MHz) - 256 MB of RAM (DDR3L) - 16 MB (SPI NOR) of flash - 1x Gbit ethernet, 802.3af/at POE IN connected through AR8035. - WLAN: wil6210 802.11ad PCI card - No USB or SD card ports - UART disabled - 8x LEDs
Biggest news is the wil6210 PCI card. Integration for its configuration and detection has already been taken care of when adding support for TP-Link Talon AD7200. However, signal quality is much lower than with stock firmware, so probably additional board-specific data has to be provided to the driver and is still missing at the moment.
Signed-off-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Alexander Couzens <lynxis@fe80.eu> Signed-off-by: Daniel Golle <daniel@makrotopia.org> [Fix Ethernet Interface] Signed-off-by: Nick Hainke <vincent@systemli.org> (commit: 8d62304)
Adds generic support for sysupgrading on eMMC-based devices.
Provide function emmc_do_upgrade and emmc_copy_config to be used in /lib/upgrade/platform.sh instead of redundantly implementing the same logic over and over again. Similar to generic sysupgrade on NAND, use environment variables CI_KERNPART, CI_ROOTPART and newly introduce CI_DATAPART to indicate GPT partition names to be used. On devices with more than one MMC block device, CI_ROOTDEV can be used to specify the MMC device for partition name lookups.
Also allow to select block devices directly using EMMC_KERN_DEV, EMMC_ROOT_DEV and EMMC_DATA_DEV, as using GPT partition names is not always an option (e.g. when forced to use MBR).
To easily handle writing kernel and rootfs make use of sysupgrade.tar format convention which is also already used for generic NAND support.
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> CC: Li Zhang <li.zhang@gl-inet.com> CC: TruongSinh Tran-Nguyen <i@truongsinh.pro> (commit: 57c1f3f)
Specifications: - SOC: Qualcomm IPQ4019 ARM Quad-Core - RAM: 512 MiB - Flash: 16 MiB NOR - SPI0 - EMMC: 8GB EMMC - ETH: Qualcomm QCA8075 - WLAN1: Qualcomm Atheros QCA4019 2.4GHz 802.11b/g/n 2x2 - WLAN2: Qualcomm Atheros QCA4019 5GHz 802.11n/ac W2 2x2 - WLAN3: Qualcomm Atheros QCA9886 5GHz 802.11n/ac W2 2x2 - INPUT: Reset, WPS - LED: Power, Internet - UART1: On board pin header near to LED (3.3V, TX, RX, GND), 3.3V without pin - 115200 8N1 - UART2: On board with BLE module - SPI1: On board socket for Zigbee module
Update firmware instructions: Please update the firmware via U-Boot web UI (by default at 192.168.1.1, following instructions found at https://docs.gl-inet.com/en/3/troubleshooting/debrick/). Normal sysupgrade, either via CLI or LuCI, is not possible from stock firmware. Please do use the *gl-b2200-squashfs-emmc.img file, gunzipping the produced *gl-b2200-squashfs-emmc.img.gz one first.
What's working: - WiFi 2G, 5G - WPA2/WPA3
Not tested: - Bluetooth LE/Zigbee
Credits goes to the original authors of this patch.
V1->V2: - updates *arm-boot-add-dts-files.patch correctly (sorry, my mistake) - add uboot-envtools support V2->V3: - Li Zhang updated official patch to fix wrong MAC address on wlan0 (PCI) interface V3->V4: - wire up sysupgrade
Signed-off-by: Li Zhang <li.zhang@gl-inet.com> [fix tab and trailing space, document what's working and what's not] Signed-off-by: TruongSinh Tran-Nguyen <i@truongsinh.pro> [rebase on top of master, address remaining comments] Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com> [remove redundant check in platform.sh] Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: febc2b8)
71e08471ab56 mt76: eeprom: fix return code on corrected bit-flips 9a8fc6636d83 mt76: move sar_capa configuration in common code 7cdbea1dc82a mt76: only access ieee80211_hdr after mt76_insert_ccmp_hdr 678071ef7029 mt76: mt7615: clear mcu error interrupt status on mt7663
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: fc4398f)
mvebu: sysupgrade: drop unnecessary UBI to UBI logic
The recent changes to the maximum kernel size for Mamba and Venom highlighted the fact that the old Mamba kernel size has been hardcoded in linksys_get_root_magic() even for devices with a different kernel/rootfs split.
The purpose of this code seems to be to avoid issues caused by partially overwriting an existing UBI partition, where some of the erase counters would be reset but not the unmodified ones. This problem has been solved in a more generic way by the UBI EOF marker. This ensures that any old PEBs after the marker are properly initialized. It is therefore unnecessary to erase the whole partition before flashing a new OpenWrt factory image.
kirkwood: sysupgrade: drop unnecessary UBI to UBI logic
The purpose of this code seems to be to avoid issues caused by partially overwriting an existing UBI partition, where some of the erase counters would be reset but not the unmodified ones. This problem has been solved in a more generic way by the UBI EOF marker. This ensures that any old PEBs after the marker are properly initialized. It is therefore unnecessary to erase the whole partition before flashing a new OpenWrt factory image.
ipq806x: sysupgrade: drop unnecessary UBI to UBI logic
The purpose of this code seems to be to avoid issues caused by partially overwriting an existing UBI partition, where some of the erase counters would be reset but not the unmodified ones. This problem has been solved in a more generic way by the UBI EOF marker. This ensures that any old PEBs after the marker are properly initialized. It is therefore unnecessary to erase the whole partition before flashing a new OpenWrt factory image.
ipq40xx: sysupgrade: drop disabled UBI to UBI logic
The commented out code is not required, as the comment indicates.
The purpose of this code seems to be to avoid issues caused by partially overwriting an existing UBI partition, where some of the erase counters would be reset but not the unmodified ones. This problem has been solved in a more generic way by the UBI EOF marker. This ensures that any old PEBs after the marker are properly initialized. It is therefore unnecessary to erase the whole partition before flashing a new OpenWrt factory image.
Add the Embedded Wireless "Balin" platform, it is in ar71xx too SoC: QCA AR9344 or AR9350 RAM: DDR2-RAM 64MBytes Flash: SPI-NOR 16MBytes WLAN: 2 x 2 MIMO 2.4 & 5 GHz IEEE802.11 a/b/g/n Ethernet: 3 x 10/100 Mb/s USB: 1 x USB2.0 Host/Device bootstrap-pin at power-up PCIe: MiniPCIe - 1 x lane PCIe 1.2 Button: 1 x Reset-Button UART: 1 x Normal, 1 x High-Speed JTAG: 1 x EJTAG LED: 1 x Green Power/Status LED GPIO: 10 x Input/Output multiplexed
The module comes already with the current vanilla OpenWrt firmware. To update, use "sysupgrade -n --force <image>" image directly in vendor firmware. This resets the existing configurations back to default!
Signed-off-by: Catrinel Catrinescu <cc@80211.de> [indent, led function+color properties, fix partition unit-address, re-enable pcie port, mention button+led in commit message] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 24d455d)
* Correct INTEL-SA-00442 CVE id to CVE-2020-24489 in changelog and debian/changelog (3.20210608.1).
intel-microcode (3.20210608.1)
* New upstream microcode datafile 20210608 (closes: #989615) * Implements mitigations for CVE-2020-24511 CVE-2020-24512 (INTEL-SA-00464), information leakage through shared resources, and timing discrepancy sidechannels * Implements mitigations for CVE-2020-24513 (INTEL-SA-00465), Domain-bypass transient execution vulnerability in some Intel Atom Processors, affects Intel SGX. * Implements mitigations for CVE-2020-24489 (INTEL-SA-00442), Intel VT-d privilege escalation * Fixes critical errata on several processors * New Microcodes: sig 0x00050655, pf_mask 0xb7, 2018-11-16, rev 0x3000010, size 47104 sig 0x000606a5, pf_mask 0x87, 2021-03-08, rev 0xc0002f0, size 283648 sig 0x000606a6, pf_mask 0x87, 2021-04-25, rev 0xd0002a0, size 283648 sig 0x00080664, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x00080665, pf_mask 0x01, 2021-02-17, rev 0xb00000f, size 130048 sig 0x000806c1, pf_mask 0x80, 2021-03-31, rev 0x0088, size 109568 sig 0x000806c2, pf_mask 0xc2, 2021-04-07, rev 0x0016, size 94208 sig 0x000806d1, pf_mask 0xc2, 2021-04-23, rev 0x002c, size 99328 sig 0x00090661, pf_mask 0x01, 2021-02-04, rev 0x0011, size 19456 sig 0x000906c0, pf_mask 0x01, 2021-03-23, rev 0x001d, size 19456 sig 0x000a0671, pf_mask 0x02, 2021-04-11, rev 0x0040, size 100352 * Updated Microcodes: sig 0x000306f2, pf_mask 0x6f, 2021-01-27, rev 0x0046, size 34816 sig 0x000306f4, pf_mask 0x80, 2021-02-05, rev 0x0019, size 19456 sig 0x000406e3, pf_mask 0xc0, 2021-01-25, rev 0x00ea, size 105472 sig 0x000406f1, pf_mask 0xef, 2021-02-06, rev 0xb00003e, size 31744 sig 0x00050653, pf_mask 0x97, 2021-03-08, rev 0x100015b, size 34816 sig 0x00050654, pf_mask 0xb7, 2021-03-08, rev 0x2006b06, size 36864 sig 0x00050656, pf_mask 0xbf, 2021-03-08, rev 0x4003102, size 30720 sig 0x00050657, pf_mask 0xbf, 2021-03-08, rev 0x5003102, size 30720 sig 0x0005065b, pf_mask 0xbf, 2021-04-23, rev 0x7002302, size 27648 sig 0x00050663, pf_mask 0x10, 2021-02-04, rev 0x700001b, size 24576 sig 0x00050664, pf_mask 0x10, 2021-02-04, rev 0xf000019, size 24576 sig 0x00050665, pf_mask 0x10, 2021-02-04, rev 0xe000012, size 19456 sig 0x000506c9, pf_mask 0x03, 2020-10-23, rev 0x0044, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-10-23, rev 0x0020, size 15360 sig 0x000506e3, pf_mask 0x36, 2021-01-25, rev 0x00ea, size 105472 sig 0x000506f1, pf_mask 0x01, 2020-10-23, rev 0x0034, size 11264 sig 0x000706a1, pf_mask 0x01, 2020-10-23, rev 0x0036, size 74752 sig 0x000706a8, pf_mask 0x01, 2020-10-23, rev 0x001a, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-11-01, rev 0x00a6, size 110592 sig 0x000806a1, pf_mask 0x10, 2020-11-06, rev 0x002a, size 32768 sig 0x000806e9, pf_mask 0x10, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806e9, pf_mask 0xc0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ea, pf_mask 0xc0, 2021-01-06, rev 0x00ea, size 103424 sig 0x000806eb, pf_mask 0xd0, 2021-01-05, rev 0x00ea, size 104448 sig 0x000806ec, pf_mask 0x94, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906e9, pf_mask 0x2a, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ea, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 102400 sig 0x000906eb, pf_mask 0x02, 2021-01-05, rev 0x00ea, size 104448 sig 0x000906ec, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000906ed, pf_mask 0x22, 2021-01-05, rev 0x00ea, size 103424 sig 0x000a0652, pf_mask 0x20, 2021-02-07, rev 0x00ea, size 93184 sig 0x000a0653, pf_mask 0x22, 2021-03-08, rev 0x00ea, size 94208 sig 0x000a0655, pf_mask 0x22, 2021-03-08, rev 0x00ec, size 94208 sig 0x000a0660, pf_mask 0x80, 2020-12-08, rev 0x00e8, size 94208 sig 0x000a0661, pf_mask 0x80, 2021-02-07, rev 0x00ea, size 93184 * source: update symlinks to reflect id of the latest release, 20210608
intel-microcode (3.20210216.1)
* New upstream microcode datafile 20210216 * Mitigates an issue on Skylake Server (H0/M0/U0), Xeon-D 21xx, and Cascade Lake Server (B0/B1) when using an active JTAG agent like In Target Probe (ITP), Direct Connect Interface (DCI) or a Baseboard Management Controller (BMC) to take the CPU JTAG/TAP out of reset and then returning it to reset. * This issue is related to the INTEL-SA-00381 mitigation. * Updated Microcodes: sig 0x00050654, pf_mask 0xb7, 2020-12-31, rev 0x2006a0a, size 36864 sig 0x00050656, pf_mask 0xbf, 2020-12-31, rev 0x4003006, size 53248 sig 0x00050657, pf_mask 0xbf, 2020-12-31, rev 0x5003006, size 53248 * source: update symlinks to reflect id of the latest release, 20210216
intel-microcode (3.20201118.1)
* New upstream microcode datafile 20201118 * Removes a faulty microcode update from release 2020-11-10 for Tiger Lake processors. Note that Debian already had removed this specific falty microcode update on the 3.20201110.1 release * Add a microcode update for the Pentium Silver N/J5xxx and Celeron N/J4xxx which didn't make it to release 20201110, fixing security issues (INTEL-SA-00381, INTEL-SA-00389) * Updated Microcodes: sig 0x000706a1, pf_mask 0x01, 2020-06-09, rev 0x0034, size 74752 * Removed Microcodes: sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520
intel-microcode (3.20201110.1)
* New upstream microcode datafile 20201110 (closes: #974533) * Implements mitigation for CVE-2020-8696 and CVE-2020-8698, aka INTEL-SA-00381: AVX register information leakage; Fast-Forward store predictor information leakage * Implements mitigation for CVE-2020-8695, Intel SGX information disclosure via RAPL, aka INTEL-SA-00389 * Fixes critical errata on several processor models * Reintroduces SRBDS mitigations(CVE-2020-0543, INTEL-SA-00320) for Skylake-U/Y, Skylake Xeon E3 * New Microcodes sig 0x0005065b, pf_mask 0xbf, 2020-08-20, rev 0x700001e, size 27648 sig 0x000806a1, pf_mask 0x10, 2020-06-26, rev 0x0028, size 32768 sig 0x000806c1, pf_mask 0x80, 2020-10-02, rev 0x0068, size 107520 sig 0x000a0652, pf_mask 0x20, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0653, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 94208 sig 0x000a0655, pf_mask 0x22, 2020-07-08, rev 0x00e0, size 93184 sig 0x000a0661, pf_mask 0x80, 2020-07-02, rev 0x00e0, size 93184 * Updated Microcodes sig 0x000306f2, pf_mask 0x6f, 2020-05-27, rev 0x0044, size 34816 sig 0x000406e3, pf_mask 0xc0, 2020-07-14, rev 0x00e2, size 105472 sig 0x00050653, pf_mask 0x97, 2020-06-18, rev 0x1000159, size 33792 sig 0x00050654, pf_mask 0xb7, 2020-06-16, rev 0x2006a08, size 35840 sig 0x00050656, pf_mask 0xbf, 2020-06-18, rev 0x4003003, size 52224 sig 0x00050657, pf_mask 0xbf, 2020-06-18, rev 0x5003003, size 52224 sig 0x000506c9, pf_mask 0x03, 2020-02-27, rev 0x0040, size 17408 sig 0x000506ca, pf_mask 0x03, 2020-02-27, rev 0x001e, size 15360 sig 0x000506e3, pf_mask 0x36, 2020-07-14, rev 0x00e2, size 105472 sig 0x000706a8, pf_mask 0x01, 2020-06-09, rev 0x0018, size 75776 sig 0x000706e5, pf_mask 0x80, 2020-07-30, rev 0x00a0, size 109568 sig 0x000806e9, pf_mask 0x10, 2020-05-27, rev 0x00de, size 104448 sig 0x000806e9, pf_mask 0xc0, 2020-05-27, rev 0x00de, size 104448 sig 0x000806ea, pf_mask 0xc0, 2020-06-17, rev 0x00e0, size 104448 sig 0x000806eb, pf_mask 0xd0, 2020-06-03, rev 0x00de, size 104448 sig 0x000806ec, pf_mask 0x94, 2020-05-18, rev 0x00de, size 104448 sig 0x000906e9, pf_mask 0x2a, 2020-05-26, rev 0x00de, size 104448 sig 0x000906ea, pf_mask 0x22, 2020-05-25, rev 0x00de, size 103424 sig 0x000906eb, pf_mask 0x02, 2020-05-25, rev 0x00de, size 104448 sig 0x000906ec, pf_mask 0x22, 2020-06-03, rev 0x00de, size 103424 sig 0x000906ed, pf_mask 0x22, 2020-05-24, rev 0x00de, size 103424 sig 0x000a0660, pf_mask 0x80, 2020-07-08, rev 0x00e0, size 94208 * 0x806c1: remove the new Tiger Lake update: causes hang on cold/warm boot https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/issues/44 INTEL-SA-00381 AND INTEL-SA-00389 MITIGATIONS ARE THEREFORE NOT INSTALLED FOR 0x806c1 TIGER LAKE PROCESSORS by this package update. Contact your system vendor for a firmware update, or wait fo a possible fix in a future Intel microcode release. * source: update symlinks to reflect id of the latest release, 20201110 * source: ship new upstream documentation (security.md, releasenote.md)
Signed-off-by: Tan Zien <nabsdh9@gmail.com> [used different .tar.xz source, but with the same content] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 1add2c0)
gemini: only provide squashfs image for storlink-derivates
The itian sq201, raidsonic ib-4220-b and storlink sl93512r can't boot from ext4. This is because the rootfstype in the device-tree bootargs is set to "squashfs,jffs2". (And ext4 was not designed for raw NOR flash chips).
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: eb20a1b)
with current images, the device is no longer booting. It gets stuck in the bootloader with "Config not available" and drops to the uboot shell.
|flash_type: 0 |Hit any key to stop autoboot: 0 |SF: Detected MX25L12805D with page size 4 KiB, total 16 MiB |Config not availabale |(IPQ40xx) #
This is because the default bootcmd "bootipq" will only read the first four MiB of the kernel image. With 5.10 the gzip'd kernel is slightly larger. So the part of the FIT image which had the configuration is cut off. Hence it can't find it.
To update the bootcmd, you have to attach the serial console again and enter the following commands into the boot prompt:
# setenv bootcmd "sf probe; sf read 84000000 180000 600000; bootm" # saveenv # run bootcmd
This will allow booting kernels with up to six MiB. This also allows us to drop the DEVICE_DTS_CONFIG hack we had to use.
Note: uboot doesn't support LZMA. It fails with: "Unimplemented compression type 3"
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 45eb57f)
introduce nvmem pre-cal + mac-address cells for both Wifis and ethernet on the EZVIZ CS-W3-WD1200G EUP. This is one of the few devices in which the correct mac adress is already at the right place for Wifi, so no separate nvmem cell is needed.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: d641a60)
In 20b09a2125f5 Lava LR-25G001 router have problem with two inactive ethernet ports. JBOOT bootloader didn't configure ethernet devices by default. The same situation was there. It is required to enable all phy ports. This is fragment of stock bootlog:
This patch adds proper registers configuration ar8337 initvals. 0x2b0 value causes force flow control configuration, 0x1200 was used instead (flow control config auto-neg with phy). [1]
When switch is now ok, let's fix port numeration too.
Fixes: 20b09a2125f5 ("ramips: add support for Lava LR-25G001")
Known issues: - Buzzer is unused due lack of proper driver
Installation: - Apply factory initramfs image via stock web-gui. - Do sysupgrade to make installation complete.
Back to stock: - OpenWrt rootfs partition use unused space after stock firmware. - Full revert is possible. - Login via ssh and run: ctera_c200-v1_back_to_factory
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com> Reviewed-by: Sungbo Eo <mans0n@gorani.run> [apply sorting to device recipe] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 3843c64)
Installation via web interface: - 1. Flash Initramfs image using OEM Firmware's web GUI - 2. Boot into OpenWrt and perform Sysupgrade with sysupgrade image.
Revert to stock firmware: - 1. Boot into OpenWrt and perform Sysupgrade with OEM Stock Firmware image.
Signed-off-by: Yuchan Seo <hexagonwin@disroot.org> Reviewed-by: Sungbo Eo <mans0n@gorani.run> (commit: c33eb03)
The following command checks if a instance of a service is running. /etc/init.d/<service> running <instance>
In the variable `$@`, which is passed to the function `service_running`, the first argument is always the `instance` which should be checked. Because all other variables where removed from `$@` with `shift`.
Before this change the first argument of `$@` was set to the `$service` Variable. So the function does not work as expected. The `$service` variable was always the instance which should be checked. This is not what we want.
Signed-off-by: Florian Eckert <fe@dev.tdt.de> Reviewed-by: Sungbo Eo <mans0n@gorani.run> (commit: dd68183)
Revert the SDC "CLK_SET_RATE_GATE" changes to the SDC clock regulator structures.
See https://elinux.org/images/b/b8/Elc2013_Clement.pdf > if ((clk->flags & CLK_SET_RATE_GATE) && clk->prepare_count) { > > For this particular clock, setting its rate is possible only if the > clock is ungated (not yet prepared)
This fixes the MMC failing to initialize on newer ZyXEL NBG6817 hardware revisions with Kingston MMC. Older revisions should hopefully be unaffected.
Check MMC hardware details with: cd /sys/block/mmcblk0/device/ && \ tail -v cid date name manfid fwrev hwrev oemid rev
Known problematic MMC names (broken before this commit): * M62704 (dated 12/2018) via myself * M62704 (dated 11/2018) via Drake Stefani
Known unaffected MMC names (already working without this commit): * S10004 (dated 12/2015) via slh
Without enabling dynamic debugging, this error manifests in the kernel hardware serial console as the following:
[ 2.746605] mmc0: error -110 whilst initialising MMC card […trimmed other messages…] [ 2.877832] Waiting for root device /dev/mmcblk0p5...
Enabling Linux dynamic kernel debugging provides additional messages. For guidance, see the Linux kernel documentation: https://www.kernel.org/doc/html/latest/admin-guide/dynamic-debug-howto.html
First, enable dynamic debugging in OpenWRT's configuration:
1. Run "make menuconfig"
2. Select "Global build settings --->"
3. Select "Kernel build options --->"
4. Enable "Compile the kernel with dynamic printk" via spacebar
5. Save and exit (arrow key to "Exit" until prompted to save, save)
Alternatively, set "CONFIG_KERNEL_DYNAMIC_DEBUG=y" in your .config.
Then, turn on dynamic debugging at boot:
Modify bootargs in target/linux/ipq806x/files/arch/arm/boot/dts/qcom-ipq8065-nbg6817.dts to add…
Then, compile and flash the resulting build. If you are testing before this commit on newer MMC hardware, be prepared to recover!
NOTE: If you have hardware serial console access, you don't need to use TFTP recovery to change the active boot partition.
Reboot to working alternative partition via serial console:
1. Connect to hardware serial console * See https://openwrt.org/toh/zyxel/nbg6817#serial
2. Interrupt boot at "Hit any key to stop autoboot:"
3. Run "ATSE NBG6817"
4. Copy the result (e.g. "001976FE4B04") * Changes with **every boot** - can't reuse this
5. On your local system, run "./zyxel-uboot-password-tool.sh <copied value here>" * Example: "./zyxel-uboot-password-tool.sh 001976FE4B04"
6. Run the command provided by the password tool * Example: "ATEN 1,910F129B" * Changes with **every boot** - can't reuse this
7. Run "ATGU" * You now have full u-boot shell until next boot - unlocking is not remembered
8. Run either "run boot_mmc" (for booting partition set "FF") or "run boot_mmc_1" (for booting partition set "01") * These commands are not affected by dual-boot partition flags
NOTE: This will NOT set the dual-boot partition flag. You'll need to fix that manually. The "nbg6817-dualboot" script may help: https://github.com/pkgadd/nbg6817/blob/master/nbg6817-dualboot
zyxel-uboot-password-tool.sh - sourced from commit 459c8c9ef816156107e297964d088ddee2b4eef5:
Now, the MMC properly initializes and later switches to high speed.
Thanks to: * Ansuel for maintaining/help with the IPQ806x platform, kernel code * slh for additional debugging and suggestions * dwfreed for confirming newer MMC details, clock frequency * robimarko for device driver debug printing help, clock debugging * Drake for testing and confirmation with their own newer NBG6817 ...and anyone else I missed!
By default CONFIG_BTRFS_FS_POSIX_ACL is disabled, it should be enabled only when you enable CONFIG_FS_POSIX_ACL.
Right now, when you enable CONFIG_FS_POSIX_ACL it will enable CONFIG_BTRFS_FS_POSIX_ACL, but it will be disabled once you install kmod-btrfs. This should prevent it.
Btrfs has enabled by default ACL for mount option.
More details: https://cateee.net/lkddb/web-lkddb/BTRFS_FS_POSIX_ACL.html https://btrfs.wiki.kernel.org/index.php/Manpage/btrfs(5)
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz> (commit: fcb82e4)
change meson binary to use py extension. Fixes issue with meson's symbolextractor using the host python instead of the system one.
We intentionally use a .py extension here so that meson launches additional python scripts with the same build host python interpreter as itself is running under (and not the host package one once it becomes available)
Mac adresses are assigned in the order given by the port list. The interfaces are also brought up in this order. This target supports devices with up to 52 ports. Sorting these alphabetically is very confusing, and assigning mac addresses in alphabetic order does not match stock firmware behaviour.
Flashing instructions: * Ensure the device is upgraded to firmware v1.4.0 * Exploit the user management page in the web interface to start telnetd by changing the username to `;/usr/sbin/telnetd -l/bin/sh&`. * Immediately change the malformed username back to something valid (e.g. 'admin') to make ssh work again. * Use the root shell via telnet to make /tmp world writeable (chmod 777) * Extract /usr/bin/uclited from the device via ssh and apply the binary patch listed below. The patch is required to prevent `uclited -u` in the last step from crashing. * Copy the patched uclited binary back to the device at /tmp/uclited (via ssh) * Upload the factory image to /tmp/upgrade.bin (via ssh) * Run `chmod +x /tmp/uclited && /tmp/uclited -u` to install OpenWrt.
To make sure the correct file is patched, the following MD5 checksums should match the unpatched and patched files: 4bd74183c23859c897ed77e8566b84de uclited 4107104024a2e0aeaf6395ed30adccae uclited-patched
Debricking: * Serial port can be soldered on unpopulated 4-pin header (1: TXD, 2: RXD, 3: GND, 4: VCC) * Bridge unpopulated resistors running from pins 1 (TXD) and 2 (RXD). Do NOT bridge the pull-down for pin 2, running parallel to the header. * Use 3.3V, 115200 baud, 8n1 * Interrupt bootloader by holding CTRL+B during boot * tftp initramfs to flash via the LuCI web interface setenv ipaddr 192.168.1.1 # default, change as required setenv serverip 192.168.1.10 # default, change as required tftp 0x80800000 initramfs.bin bootelf $fileaddr
Zbtlink ZBT-WG1602 is a Wi-Fi router intendent to use with WWAN (UMTS/LTE/3G/4G) modems. The router board offsers a couple of miniPCIe slots with USB and SIM only and another one pure miniPCIe slot as well as five Gigabit Ethernet ports (4xLAN + WAN).
Specification:
* SoC: MT7621A * RAM: 256/512 MiB * Flash: 16/32 MiB (SPI NOR) * external watchdog (looks like Torexsemi XC6131B) * Eth: 10/100/1000 Mbps Ethernet x5 ports (4xLAN + WAN) * WLAN 2GHz: MT7603EN (.11n, MIMO 2x2) * WLAN 5GHz: MT7612EN (.11ac, MIMO 2x2) * WLAN Ants: detachable x2, shared by 2GHz & 5GHz radios * miniPCIe: 2x slots with USB&SIM + 1x slot with regular PCIe bus * WWAN Ants: detachable x4 * External storage: microSD (SDXC) slot * USB: 2.0 Type-A port * LED: 11 (5 per Eth phy, 3 SoC controlled, 2 WLAN 2/5 controlled, 1 power indicator) * Button: 1 (reset) * UART: console (115200 baud) * Power: DC jack (12 V / 2.5 A)
Additional HW information:
* SoC USB port #1 is shared by internal miniPCIe slot and external Type-A USB port, USB D+/D- lines are toggled between ports using a GPIO controlled DPDT switch. * Power of the USB enabled miniPCIe slots can be individually controlled using dedicated GPIO lines. * Vendor firmware feeds the external watchdog with 1s pulses. GPIO watchdog driver is able to either generate a 1us pulses or toggle the output line. 1us is not enough for the external watchod timer, so the line toggling driver mode is utilized.
Installation:
Vendor's firmware is OpenWrt (LEDE) based, so the sysupgrade image can be directly used to install OpenWrt. Firmware must be upgraded using the 'force' and 'do not save configuration' command line options (or correspondig web interface checkboxes) since the vendor firmware is from the pre-DSA era.
netifd: on dhcp interfaces, store the dhcp server in interface data
Among other things, this can be used to auto-configure the DHCP server address for wireless APs using FILS, if the bridged interface is configured to DHCP
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: baba2fd)
hostapd: add support for specifying the FILS DHCP server
The 'fils_dhcp' option can be set to '*' in order to autodetect the DHCP server For proto=dhcp networks, the discovered dhcp server will be used For all other networks, udhcpc is called to discover the address
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: ea49690)
Marvell 88E6xxx Ethernet switch fabric support (NET_DSA_MV88E6XXX) [N/m/y/?] n Ocelot / Felix Ethernet switch support (NET_DSA_MSCC_FELIX) [N/m/y/?] (NEW) Error in reading or end of file.
x86: add/improve support for Sophos SG/XG products
* Better product ID for Sophos SG/XG-105 models * Add support for Sophos SG/XG-135 r1, r2 with/without wireless
Signed-off-by: Stan Grishin <stangri@melmac.ca> [Changed subject to x86 - probably eaten somewhere, the PR had it] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: ffab23d)
Chen Minqiang reported in his GitHub PR #4733 that: With CONFIG_TARGET_INITRAMFS_COMPRESSION_LZMA=y option set, the popular x86/amd64 target's initramfs-kernel failed to boot.
The cause for this boot failure is that the LZMA compression uses a the first bytes to encode the compression parameters. It does not have a fixed magic. Yes, this only works if the the existing lzma options in the upstream are not changed.
This patch does away with OpenWrt special LZMA options tuning since it is rather unlikely that upstream will improve the compression algorithm detection after all this time. Even though, the tuning produced a smaller initramfs (~1.1% in a spot check).
The jjPlus JWAP230 is an access point board built around the QCA9558, with built-in 2.4GHz 3x3 N WiFi (28dBm). It can be expanded with 2 mini-PCIe boards, and has an USB2 root port.
Notes: The device used to be supported in the ar71xx target. For upgrades: Please use "sysupgrade --force -n <image>". This will restore the device back to OpenWrt defaults!
MAC address assignment: use source LAN art 0x0 WAN art 0x6 WLAN art 0x1002 (as part of the calibration data)
Signed-off-by: Olivier Valentin <valentio@free.fr> [Added DT-Leds (based on ar71xx), Added more notes about sysupgrade, fixed "qca9550" to match SoC in commit and dts file name] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 7853453)
5x Fast ethernet via SoC switch (green LEDs) 1x USB 2.0 4x front LEDs from SoC GPIO 1x front WPS button from SoC GPIO 1x bottom reset button from SoC GPIO
Flash factory image via "emergency room" recovery: - Configure your computer with a static IP 192.168.1.123/24 - Connect to LAN port on the N600 switch - Hold reset putton - Power on, holding reset until the power LED blinks slowly - Visit http://192.168.1.1/ and upload OpenWrt factory image - Wait at least 5 minutes for flashing, reboot and key generation - Visit http://192.168.1.1/ (OpenWrt LuCI) and upload OpenWrt sysupgrade image
Signed-off-by: Ryan Mounce <ryan@mounce.com.au> [dt leds preparations] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 35aecc9)
update rtl8812au-ct driver to be ready for 5.15 Linux.
Signed-off-by: Janpieter Sollie <janpieter.sollie@edpnet.be> [added commit message from PR with changes, added tag to subject] Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 03c0049)
ar9344_openmesh_mr600-v1.dts:40.10-44.5: Warning (gpios_property): /leds-ath9k/wifi2g: Missing property '#gpio-cells' in node /ahb/pcie-controller@180c0000/wifi@0,0 or bad phandle => added gpio-controller + #gpio-cells
qca955x_zyxel_nbg6x16.dtsi:121.3-13: Warning (reg_format): /ahb/usb@1b000000/port@1:reg: property has invalid length (4 bytes) (#address-cells == 2, #size-cells == 1) ../dts/qca955x_zyxel_nbg6x16.dtsi:131.3-13: Warning (reg_format): /ahb/usb@1b400000/port@1:reg: property has invalid length (4 bytes) (#address-cells == 2, #size-cells == 1) qca955x_zyxel_nbg6x16.dtsi:120.20-123.4: Warning (avoid_default_addr_size): /ahb/usb@1b000000/port@1: Relying on default #address-cells value => ath79's usb-nodes are missing the address- and size-cells properties. These are needed for usb led trigger support.
ar7242_ubnt_sw.dtsi:54.4-14: Warning (reg_format): /gpio_spi/gpio_spi@0:reg: property has invalid length (4 bytes) (#address-cells == 1, #size-cells == 1) => the #address-cells and #size-cells had to be nudged.
qca9531_dlink_dch-g020-a1.dts:19.6-39.4: Warning (i2c_bus_bridge): /i2c: incorrect #size-cells for I2C bus => #size-cells = <0>;
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: b2aca5a)
Installation via web interface: - Flash **factory** image through the stock web interface.
Recovery procedure: 1. Connect ethernet cable between Router **LAN** port and PC Ethernet port. 2. Set your computer to a static IP **192.168.1.1** 3. Turn the device off and wait a few seconds. Hold the WPS button on front of device and insert power. 4. Send a firmware image to **192.168.1.6** using TFTP. You can use any TFTP client. (tftp, curl, Tftpd64...) - It can accept both images which is HUMAX stock firmware dump (0x70000-0x1000000) image and OpenWRT **sysupgrade** image.
Signed-off-by: Kyoungkyu Park <choryu.park@choryu.space> [remove trailing whitespace] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 9a1b9a4)
dtc: import package for dtc & fdt from packages feed
fdt* utils are needed by targets that use U-Boot FIT images for sysupgrade. It includes all recent BCM4908 SoC routers as Broadcom switched from CFE to U-Boot.
fdtget is required for extracting images (bootfs & rootfs) from Broadcom's ITB. Extracted images can be then flashed to UBI volumes.
sysupgrade is core functionality so it needs dtc as part of base code base.
BCM4908 devices with U-Boot use pkgtb firmware format. It's based on U-Boot's FIT: DTB with configurations, images & embedded data.
This format contains bootfs, rootfs and optionally a first stage U-Boot loader. Contained images need to be extracted & flashed.
Broadcom used two sets of firmwares: main & backup. It uses UBI volumes "metadata1" & "metadata2" for storing U-Boot env variables with info about flashed images.
layerscape: armv8_64b: fix KERNEL_LOADADDR for linux >= 5.8
In kernel versions newer than 5.8 the arm64 TEXT_OFFSET (0x80000) has been set to 0x0 (and later removed). This will break Uimages with kernel load addresses that aren't 2MiB aligned any longer. Resulting in the kernel silently fail to boot. For layerscape armv8_64b targets this needs to be changed to 0x80000000 (start of RAM).
Signed-off-by: Martin Schiller <ms@dev.tdt.de> (commit: 82ce460)
The following patches were backported from upstream before and are not needed any more: package/kernel/mac80211/patches/ath10k/081-ath10k-fix-module-load-regression-with-iram-recovery-feature.patch package/kernel/mac80211/patches/ath10k/980-ath10k-fix-max-antenna-gain-unit.patch package/kernel/mac80211/patches/build/010-headers-Add-devm_platform_get_and_ioremap_resource.patch package/kernel/mac80211/patches/subsys/300-mac80211-drop-check-for-DONT_REORDER-in-__ieee80211_.patch package/kernel/mac80211/patches/subsys/307-mac80211-do-not-access-the-IV-when-it-was-stripped.patch package/kernel/mac80211/patches/subsys/308-mac80211-fix-radiotap-header-generation.patch
Revert a commit to allow providing CFLAGS and LIBS from OpenWrt package Makefile.
This downgrades the nl80211.h to kernel 5.15 and removes FILS_CRYPTO_OFFLOAD. This is needed to make it compatible with our patched mac80211 from kernel 5.15
This patch has been upstream since GCC 10. Dragan Mladjenovic (2): Emit .note.GNU-stack for soft-float linux targets. Emit .note.GNU-stack for hard-float linux targets.
Both CLANG_VERSION and LLD_VERISON are autogenerated runtime configuration options, so add them to the kernel configuration filter and remove from generic and per-target configs to keep configs clean.
Each of - CRYPTO_AEAD2 - CRYPTO_AEAD - CRYPTO_GF128MUL - CRYPTO_GHASH - CRYPTO_HASH2 - CRYPTO_HASH - CRYPTO_MANAGER2 - CRYPTO_MANAGER - CRYPTO_NULL2
either directly required for mac80211 crypto support, or directly selected by such options. Support for the mac80211 crypto was enabled in the generic config since c7182123b9 ("kernel: make cryptoapi support needed by mac80211 built-in"). So move the above options from the target configs to the generic config to make it clear why do we need them.
CC: Felix Fietkau <nbd@nbd.name> Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com> (commit: fa3690f)
39b584b Revert "dhcpv6: add a minimum valid lifetime for IA_PD updates" c9578e1 dhcpv6: add support for null IA_PD valid lifetime ca43ea3 dhcpv6: add a minimum valid lifetime for IA_PD updates
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (commit: df9a62a)
ramips: work around duplicate MAC address on U6 Lite
The UniFi 6 Lite has two MAC addresses for the 2.4 and 5GHz radio in it's EEPROM partition.
On my unit these are
F4 92 BF A0 BB 6F F6 92 BF A0 BB 6F
The problem with these is that mac80211 increases the first octet by 2, which leads to conflicting MAC addresses between radios.
Work around this problem for now by increasing the last octet by 1 on the 5 GHz radio.
Ubiquiti increases the last octet by 2 for each subsequent VAP created per radio. Ideally we should do the same, however this functionality is currently lacking from mac80211.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: b1d483b)
mvebu: puzzle-m902: add driver for MCU driving LEDs, fan and buzzer
Backport MFD driver for communicating with the on-board MCU found on IEI World Puzzle appliances. Improve the driver to support multiple LEDs, apply a default state and let MCU take care of blinking if timing is within supported range. Wire up LEDs and fan for Puzzle M902 in device tree.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: f0c0b18)
At configuration time, gcc assumes that ppc64be targets use the ELFv1 ABI, and ppc64le targets use the ELFv2 ABI. However, musl libc does not support the ELFv1 ABI on ppc64 at all, regardless of the endianness.
Therefore, when building for a ppc64 arch and with musl libc, instruct gcc to use the ELFv2 ABI.
See https://gcc.gnu.org/bugzilla/show_bug.cgi?id=93157 for more info.
Backport an upstream patch that adds support for ELFv2 ABI on big endian ppc64. As musl only supports ELFv2 ABI on ppc64 regardless of endianness, this is required to be able to build OpenSSL for ppc64be.
Modify our targets patch to add linux-powerpc64-openwrt, which will use the linux64v2 perlasm scheme. This will probably break the combination ppc64 with glibc, but as we really only want to support musl, this shouldn't be a problem.
Add a new target named "qoriq", that will support boards using PowerPC processors from NXP's QorIQ brand.
This doesn't actually add support for any board yet, so that installation instructions can go in the commit message of the commit that adds actual support for a board.
Using CONFIG_E6500_CPU here due to the kernel using -mcpu=powerpc64 rather than -mcpu=e5500 when selecting CONFIG_E5500_CPU. The only difference between e5500 and e6500 is AltiVec support, and the kernel checks for it at runtime. Musl will only check at runtime if AltiVec support is disabled at compile-time, so we need to use e5500 in CPU_TYPE to avoid SIGILL.
Math emulation (CONFIG_MATH_EMULATION_HW_UNIMPLEMENTED) is required, as neither e5500 nor e6500 implement fsqrt nor fsqrts, and musl hardcodes sqrt and sqrtf to use these ASM instructions on PowerPC64.
This device is based on NXP's QorIQ T2081QDS board, with a quad-core dual-threaded 1.5 GHz ppc64 CPU and 4GB ECC RAM. The board has 5 ethernet interfaces, of which 3 are connected to the ethernet ports on the front panel. The other 2 are internally connected to a Marvell 88E6171 switch; the other 5 ports of this switch are also connected to the ethernet ports on the front panel.
Installation: write the sdcard image to an SD card. Stock U-Boot will not boot, wait for it to fail then run these commands:
Kernel 5.10 is used by many people since quite a while. With other targets already moved to 5.10, let ath79 follow suit.
Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ath79/tl-wdr3600; ath79/tl-wdr4300] Tested-by: Aleksander Jan Bajkowski <olek2@wp.pl> [ath79/tl-wdr4300] Signed-off-by: Paul Spooren <mail@aparcar.org> Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 15aa53d)
kernel: import patch enabling AQR112 and AQR412 PHY
Copy and refresh patch enabling AQR112 and AQR412 Ethernet PHY from layerscape (5.4) target to generic (5.10) as AQR112 can also be found on other targets as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 6563a6a)
Fix default network configuration of the Puzzle-M902 so all LAN ports are included in the LAN bridge. Setup network LED to indicate WAN port link status, like vendor firmware does as well.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: f9782f5)
kernel: ath10k: provide a build variant for small RAM devices
Based on: 1ac627024de9 ("kernel: ath10k-ct: provide a build variant for small RAM devices")
Like described in the ath10k-ct-smallbuffers version, oom-killer gets triggered frequently by devices with small RAM.
That change is necessary for many community mesh networks which use ath10k based devices with too little RAM. The -ct driver has been proven unstable if used with 11s meshing and only wave2 chipsets are supporting 11s. Freifunk Berlin is nowadays assembling its firmware-based completely of vanilla OpenWRT with some package additions which are made through the imagebuilder. Therefore we cannot take the approach other freifunk communities have taken to maintain that patch downstream [1]. Other communities consider these devices as broken and that change would pretty much give those devices a second life [2]. [1] - https://git.freifunk-franken.de/mirror/openwrt/commit/450b306e540bc0f2c8a8841bbe4d9612f2b8cdea [2] - https://github.com/freifunk-gluon/gluon/issues/1988#issuecomment-619532909
Signed-off-by: Simon Polack <spolack+git@mailbox.org> Signed-off-by: Nick Hainke <vincent@systemli.org> (commit: 694757a)
This change enables proper Ethernet link status and speed reporting on the Ubiquiti UniFi 6 LR access point:
mtk_soc_eth 1b100000.ethernet eth0: PHY [mdio-bus:08] driver [Aquantia AQR112C] (irq=POLL) mtk_soc_eth 1b100000.ethernet eth0: configuring for phy/2500base-x link mode mtk_soc_eth 1b100000.ethernet eth0: Link is Up - 1Gbps/Full - flow control rx/tx
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 8b6d6f2)
The UBNT_REVISION was already added for the ubnt-xw target because:
U-boot bootloader on M-XW devices expects factory image revision version in specific format. On airOS v6.1.7 with `U-Boot 1.1.4-s1039 (May 24 2017 - 15:58:18)` bootloader checks if the revision major(?) number is actually a number, but in currently generated images there's OpenWrt text and so the check fails
...
By placing arbitrary correct number first in major version, we make the bootloader happy and we can flash factory images over TFTP again.
Fixes errors in the form of (tftp flashing): sent DATA <block=8577, 412 bytes> received ERROR <code=2, msg=Firmware check failed> Error code 2: Firmware check failed
The missing UBNT_REVISION was not noticed before, since the UBNT_REVISION field for the ubnt-xm target was also set to: "42.OpenWrt-..." Probably, UBNT_REVISION for the ubnt-xm target was set by the ubnt-xw and was never overridden somewhere else. However, it is missing and should be part of the ubnt-xm device.
Signed-off-by: Nick Hainke <vincent@systemli.org> (commit: cfa670b)
toolchain: musl: disable crypt size hack by default
Enable this option and thus re-include crypt() support for the SHA256, SHA512 and Blowfish ciphers on all devices. According to commit 9365745f8e7b ("musl: add a hack to remove unused crypt() algorithms, saves ~14k after lzma") it should add about ~14k to the resulting image, which seems to be a reasonable size increase for consistent crypt() support.
Decided to not remove this hack completely as it might be still useful for people trying to fit custom images onto smaller devices and the patch is rather simple so we can afford to keep it for now.
References: https://github.com/openwrt/openwrt/pull/1331 Signed-off-by: Petr Štetiar <ynezz@true.cz> (commit: 6676875)
kernel: mtd: parsers: add nvmem support to cmdlinepart
Assuming cmdlinepart is only one level deep partition scheme and that static partition are also defined in DTS, we can assign an of_node for partition declared from bootargs.
The cmdlinepart parser is the first parser checked and if it does find some partition declared in the bootargs, every other parser is ignored. This means that the fixed-partition parser is ignored and an of_node for the mtd is never assigned. Fix this by searching a defined of_node using a similar fixed_partition parsing logig, check if a partition is present with the same label, check that it has the same offset and size and finally assign an of_node to the mtd. The NVMEM can now find the of_node for the mtd and correctly works.
Fixes: abc17bf306ac ("ath79: convert mtd-mac-address to nvmem implementation") Tested-by: Sven Eckelmann <sven@narfation.org> Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 5761aa4)
Since the move to 5.10, there are now two GPIO drivers. The gpio0 node refers to the internal GPIOs, so the indirect-access-bus-id is no longer relevant for that node.
Set indirect-access-bus-id to the correct value (31) on the correct node (gpio1) and enable the device.
PIN2 is used only to restrict changing of fixed dialling feature, does not affect network registration. Therefore explicitly check for PIN1 state during connection setup, which is required for network registration.
- upstream now needs OpenSSL in order to be able to sign FITs. See: commit cb9faa6f98ae ("tools: Use a single target-independent config to enable OpenSSL")
- removes upstream patches.
Link: https://github.com/u-boot/u-boot/commit/cb9faa6f98ae56d70d59505dad290dd3d381cb7b Tested-by: Sergey V. Lobanov <sergey@lobanov.in> Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: b6385a3)
this patch consolidates the amd64-microcode (moved to linux-firmware.git, previously this was an extra debian source package download), amdgpu and radeon firmwares into a shared "amd" makefile.
With the upcoming 20211216 linux-firmware bump, this will include a microcode update for ZEN 3 CPUs.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: cf8ee49)
where to begin? the USB regulator settings were just a part of the issue. With them changed, according to the forum it still failed when a USB device was connected to the port with:
dwc2 4bff80000.usbotg: dwc2_restore_global_registers: no global registers to restore dwc2 4bff80000.usbotg: dwc2_exit_partial_power_down: failed to restore registers dwc2 4bff80000.usbotg: exit partial_power_down failed dwc2 4bff80000.usbotg: HC died; cleaning up
One clue was found upstream in commit cc10ce0c51b1 ("usb: dwc2: disable power_down on Amlogic devices")
|Disable power_down by setting the parameter to |DWC2_POWER_DOWN_PARAM_NONE. This fixes a problem on various Amlogic |Meson SoCs where USB devices are only recognized when plugged in before |booting Linux. A hot-plugged USB device was not detected even though the |device got power (my USB thumb drive for example has an LED which lit |up). |[...]
the same method proposed there worked with APM821xx's USB IP-Core.
Link: https://forum.openwrt.org/t/wd-my-book-duo-usb/111926/2 Reported-by: thwe and takimata (openwrt forum) Fixes: b70d3557e05 ("apm821xx: clean up gpio-hogs") Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 832b9cb)
Apart from the dtb partition, these were all "read-only;" they serve no purpose other than being a copy of what netgear had defined in their original firmware.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 4e6ebdd)
ath25 requires a 88E6060 driver to support boards such as Fonera 2.0g (FON2202). The swconfig based mvswitch driver has not yet been ported to the 5.10 kernel as the only user is the ath25 target while all other targets have been switched to the upstream DSA implementation.
Switching ath25 to the DSA implementation is a complex task, since we need either per-board platform data or DTS support. ath25 lacks both of them and builds only a single generic image. So we need to keep the swconfig driver implementation to easly and quickly port ath25 to the 5.10 kernel.
Since porting the mvswitch driver to 5.10 as a generic driver is not an option, and since the ath25 is its only user, make mvswitch a target specific driver to be able to port it to the 5.10 kernel as part of the kernel version update of the target. This will allow us quickly migrate to the next kernel version and not delay the next firmware release.
Suggested-by: Felix Fietkau <nbd@nbd.name> Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com> (commit: 0b2c1d8)
The target config require some refresh due to the just introduced filtering of the "run-time" options, MIPS eBPF JIT backporting, and so on.
The configuration is easily updated using make kernel_oldconfig. So let's update it now in preparation for v5.10 support to reduce the new kernel configuration diff.
Copy and refresh patches and config from 5.4 to 5.10. Most patches require no more then automatic refresh. The only exception is the Ethernet driver patch, which requires some more work: * drop eth_change_mtu() usage since it was removed from the kernel, it anyway useless for drivers that utilizes alloc_etherdev(); * add the txqueue number argument to the .ndo_tx_timeout callback function; * replace ioremap_nocache() which was finally removed from the kernel by the ioremap() with the same behaviour.
Switch target to the new kernel version.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> [use KERNEL_TESTING_PATCHVER for now] Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com> (commit: 5deb399)
mediatek: replace patch with version sent upstream
Replace recently added patch 701-net-ethernet-mtk_eth_soc-add-support-for-clause-45-mdio.patch with version sent upstream 701-net-ethernet-mtk_eth_soc-implement-Clause-45-MDIO-access.patch
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: c555c34)
Up to now the WPS script triggered WPS on the stations only if it could not trigger it successfully on any hostapd instance.
In a Multi-AP context, there can be a need (to establish a new wireless backhaul link) to trigger WPS on the stations, regardless of whether there is already a hostapd instance configured or not. The current script makes it impossible, as if hostapd is running and configured, WPS would always be triggered on hostapd only.
To allow both possibilities, the following changes are made:
- Change the "pressed" action to "release", so that we can make use of the "$SEEN" variables (to know for how long the button was pressed).
- If the button is pressed for less than 3 seconds, keep the original behavior.
- If the button is pressed for 3 seconds or more, trigger WPS on the stations, regardless of the status of any running hostapd instance.
- Add comments explaining both behaviors.
- While at it, replace the usage of '-a' with a '[] && []' construct (see [1]).
This gives users a "fallback" mechanism to onboard a device to a Multi-AP network, even if the device already has a configured hostapd instance running.
mediatek: yet again, replace patch with updated pending patch
Upon comment of Russell King ('Oh no, not this "-1 disease" again.') clean up mdio read and write return type and value in mtk_eth_soc driver and also use appropriate return values for bus-busy-timeout- errors in newly added Clause 45 access code.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 92820cc)
The build of the manpages needs the pandoc tool, this is not in the minimal requirements of OpenWrt, just remove the build of the restool manpage. This fixes the build on systems without pandoc like the OpenWrt build bots.
tfa-layerscape: fix build on systems without openssl headers
The build fails when the openssl/sha.h header file is not installed on the host system. Fix this by setting the HOSTCCFLAGS variable to the OpenWrt HOST_CFLAGS variable, without setting this the include paths and other modifications in the host flags done by OpenWrt will be ignored by the build.
This fixes the following build problem: gcc -c -D_GNU_SOURCE -D_XOPEN_SOURCE=700 -Wall -Werror -pedantic -std=c99 -O2 -I../../include/tools_share fiptool.c -o fiptool.o In file included from fiptool.h:16, from fiptool.c:19: fiptool_platform.h:19:11: fatal error: openssl/sha.h: No such file or directory 19 | # include <openssl/sha.h> | ^~~~~~~~~~~~~~~
The GPIO expander is connected via I2C, thus the can_sleep flag has to be set to true. This should fix spurious "scheduling while atomic" bugs in the kernel ringbuffer.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 00b1948)
Linkstation poweroff driver was added to mvebu target, but is required for kirkwood target too. This commit make two changes: - move linkstation-poweroff support patch from mvebu to generic and replace upstream accepted version - backport small linkstation-poweroff fix from 5.12
NETGEAR ReadyNAS Duo v2 is a NAS based on Marvell kirkwood SoC.
Specification: - Processor Marvell 88F6282 (1.6 GHz) - 256MB RAM - 128MB NAND - 1x GBE LAN port (PHY: Marvell 88E1318) - 1x USB 2.0 - 2x USB 3.0 - 2x SATA - 3x button - 5x leds - serial on J5 connector accessible from rear panel (115200 8N1) (VCC,TX,RX,GND) (3V3 LOGIC!)
Installation by USB + serial: - Copy initramfs image to fat32 usb drive - Connect pendrive to USB 2.0 front socket - Connect serial console - Stop booting in u-boot - Do: usb reset setenv bootargs 'console=ttyS0,115200n8 earlyprintk' setenv bootcmd 'nand read.e 0x1200000 0x200000 0x600000;bootm 0x1200000' saveenv fatload usb 0:1 0x1200000 openwrt-kirkwood-netgear_readynas-duo-v2-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade
Installation by TFTP + serial: - Setup TFTP server and copy initramfs image - Connect serial console - Stop booting in u-boot - Do: setenv bootargs 'console=ttyS0,115200n8 earlyprintk' setenv bootcmd 'nand read.e 0x1200000 0x200000 0x600000;bootm 0x1200000' saveenv setenv serverip 192.168.1.1 setenv ipaddr 192.168.1.2 tftpboot 0x1200000 openwrt-kirkwood-netgear_readynas-duo-v2-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade
Known issues: - Power button and PHY INTn pin are connected to the same GPIO. It causes that every network restart button is pressed in system. As workaround, button is used as regular BTN_1.
For more info please look at file: RND_5.3.13_WW.src/u-boot/board/mv_feroceon/mv_hal/usibootup/usibootup.c from Netgear GPL sources.
They are Endian 4i Edge 200 and his clone Endian UTM Mini.
Hardware: - SoC: Marvell 88F6281-A1 ARMv5TE Processor 1.2GHz - Ram: 512MB (4x Nanya NT5TU128M8GE-AC) - NAND Flash: 512MB (Micron 29F4G08AAC) - Lan 1-4: 4x GBE (Marvell 88E6171R-TFJ2) - Lan 5: 1x GBE (Marvell 88E1116R-NNC1) - Storage: MicroSD Slot - WLAN: MiniPCIe Slot present, and fitted with SparkLan WPEA-110N/E (Atheros AR9280 chipset) (ONLY Endian UTM Mini WLAN) - USB: 1x USB 2.0 port - Console: RJ-45 port - LEDs: 3x GPIO controlled
Notes: - WLAN led (Endian UTM Mini) is drived by MPCIE card
Installation by TFTP + serial: - Setup TFTP server and copy initramfs image - Connect serial console - Stop booting in u-boot - Do: setenv bootargs 'console=ttyS0,115200n8 earlyprintk' saveenv setenv serverip 192.168.1.1 setenv ipaddr 192.168.1.2 tftpboot 0x1200000 openwrt-kirkwood-endian_4i-edge-200-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade
Installation by USB + serial: - Copy initramfs image to fat32 usb drive - Connect pendrive to USB 2.0 front socket - Connect serial console - Stop booting in u-boot - Do: setenv bootargs 'console=ttyS0,115200n8 earlyprintk' saveenv usb reset fatload usb 0:1 0x1200000 openwrt-kirkwood-endian_4i-edge-200-initramfs-uImage bootm 0x1200000 - copy sysupgrade image via ssh. - run sysupgrade
bcm27xx: add AMP2 to HifiBerry DAC+ / DAC+ Pro package
According to the vendor [1] these HATs share the same DT overlay: hifiberry-dacplus. The PCM512x-compatible control unit is attached to I2C, so the additional snd-soc-pcm512x-i2c kernel module is required. Also explicitly note the Amp2 support to reduce confusion for those users.
WeVO AIR DUO is a 1-bay NAS & 802.11ac (Wi-Fi 5) router, based on MediaTek MT7620A.
Specifications: * SoC: MT7620A * RAM: 64 MiB * Flash: SPI NOR 16 MiB * USB & SATA bridge controller: JMicron JMS567 * SATA 6Gb/s: 2.5" drive slot * USB 3.0: Micro-B * USB 2.0: connected to SoC * Wi-Fi: * 2.4 GHz: SoC built-in * 5 GHz: MT7612EN * Ethernet: 5x 1GbE * Switch: MT7530WU * UART: 4-pin 1.27 mm pitch through-hole (57600 baud) * Pinout: (3V3)|(RXD) (TXD) (GND)
Notes: * The drive is accessible through the external USB port only when the router is turned off.
Installation via web interface: 1. Flash **initramfs** image through the stock web interface. The image filename should have ".upload" extension. 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware: 1. Perform sysupgrade with stock image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 482a7e2)
Installation via web interface: 1. Flash initramfs image using OEM's Recovery mode 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware: - Flash stock firmware via OEM's Recovery mode
How to use OEM's Recovery mode: 1. Power up with holding down the reset key until CPU LED stop blinking. 2. Set fixed ip with `192.168.0.2` with subnet mask `255.255.255.0` 3. Flash image via tftp to `192.168.0.1`
Additional Notes: This router shares one MT7915E chip for both 2.4Ghz/5Ghz. radio0 will not working on 5Ghz as it's not connected to the antenna.
Signed-off-by: WonJung Kim <git@won-jung.kim> (added led dt-bindings) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 2dde241)
utils/px5g-wolfssl: make selfsigned certicates compatible with chromium
Chromium based web-browsers (version >58) checks x509v3 extended attributes. If this check fails then chromium does not allow to click "Proceed to ... (unsafe)" link. This patch add three x509v3 extended attributes to self-signed certificate: 1. SAN (Subject Alternative Name) (DNS Name) = CN (common name) 2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment 3. Extended Key Usage = TLS Web Server Authentication
SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in> (commit: 6bfc8bb)
Macronix MX25L6405D supports locking with four block-protection bits. Currently, the driver only sets three bits. If the bootloader does not sustain the flash chip in an unlocked state, the flash might be non-writeable. Add the corresponding flag to enable locking support with four bits in the status register.
mtd: spi-nor: disable 16-bit-sr for macronix
Macronix flash chips seem to consist of only one status register. These chips will not work with the "16-bit Write Status (01h) Command". Disable SNOR_F_HAS_16BIT_SR for all Macronix chips.
ath79: add usb-phy-analog to reset list in qca953x.dtsi
On startup the USB of QCA9531 board can't be initialized successfully.
lsusb result as below: root@OpenWrt:~# lsusb unable to initialize libusb: -99
This is because usb-phy-analog is not added to reset list.
Signed-off-by: Jinfan Lei <153869379@qq.com> (added linebreaks and small little changes to the commit message) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 3928f6a)
x86: add/improve support for Sophos SG/XG products
* Add support for Sophos SG/XG-115 r1, r2 with/without wireless * Add support for Sophos SG/XG-125 r1, r2 with/without wireless * Add wireless support for SG/XG-105
Installation via web interface: 1. Flash **initramfs** image through the stock web interface. 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware via recovery mode: 1. Press reset button, power up the device, wait >15s for CPU LED to stop blinking. 2. Upload stock image to TFTP server at 192.168.0.1.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: a1deab0)
RT-AC57U and RT-AC1200GU are the same models sold in different countries. The purpose of this commit is to allow users to easily find the corresponding firmware through the model number on the device label.
More specifications: 14e0e4f138e3 ("ramips: add support for ASUS RT-AC57U")
Signed-off-by: Shiji Yang <yangshiji66@qq.com> [reword commit title/message] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 86d019d)
*) Avoid loading of a dynamic engine twice. *) Fixed building on Debian with kfreebsd kernels *) Prioritise DANE TLSA issuer certs over peer certs *) Fixed random API for MacOS prior to 10.12
Patches were refreshed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com> (commit: def9565)
Arch Linux users have encountered problems with packages that have a dependency on binutils. This error happens when libtool is doing: libtool: relink: ... So change PKG_FIXUP to "patch-libtool".
Fixes error in the form of: libtool: install: error: relink `libctf.la' with the above command before installing it
Properly declare that the g10 is booting from NAND and define its correct (larger than on other devices-) boot_pages_size, to prevent the kernel from constantly falling over missing OOB error correction for the bootloader.
This patch prevents a constant slew of (bogus) read errors reported by the kernel and keeping the CPU busy and fixes:
blk_update_request: I/O error, dev mtdblock0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 8 op 0x0:(READ) flags 0x80700 phys_seg 3 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 16 op 0x0:(READ) flags 0x80700 phys_seg 2 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 24 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 Buffer I/O error on dev mtdblock0, logical block 0, async page read blk_update_request: I/O error, dev mtdblock0, sector 32 op 0x0:(READ) flags 0x80700 phys_seg 8 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 40 op 0x0:(READ) flags 0x80700 phys_seg 7 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 48 op 0x0:(READ) flags 0x80700 phys_seg 6 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 56 op 0x0:(READ) flags 0x80700 phys_seg 5 prio class 0 blk_update_request: I/O error, dev mtdblock0, sector 64 op 0x0:(READ) flags 0x80700 phys_seg 4 prio class 0 Buffer I/O error on dev mtdblock0, logical block 1, async page read Buffer I/O error on dev mtdblock1, logical block 0, async page read Buffer I/O error on dev mtdblock1, logical block 1, async page read Buffer I/O error on dev mtdblock2, logical block 0, async page read Buffer I/O error on dev mtdblock2, logical block 1, async page read Buffer I/O error on dev mtdblock3, logical block 0, async page read Buffer I/O error on dev mtdblock3, logical block 0, async page read Buffer I/O error on dev mtdblock4, logical block 0, async page read Buffer I/O error on dev mtdblock4, logical block 1, async page read
Suggested-by: Ansuel Smith <ansuelsmth@gmail.com> Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> (commit: d9c2b0c)
Backport 3 additional fixes for qca8k. - Fix MTU calculation - Fix a bug with config set to the wrong PAD when secondary cpu port is defined. - Fix redundant check in parse_port_config
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 5cf198f)
Backport qca8k new feature: - Ageing configuration support - Add 2 missing counter on qca8337 - Convert to regmap - Standardize define and code with GENMASK AND BITFILED macro - Add mdb add/del support
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 1e4469b)
The target is in an incomplete state and will not receive Kernel 5.10 support, ego it should be dropped before the next release.
People are working on ipq807x with Kernel 5.15 which is only relevant for the second next release. Once a working patchset exists the target can be added again.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 4a2cca7)
kernel: improve driver support for gen-3 Aquantia Ethernet PHYs
* correctly set system side interface, the original patch was errornous and there is a follow-up fix for it * enable phy statistics for AQR112(+R/C) and ARQ412 (ethtool --phy-statistics ethX)
Tested, including phy-statistics, on - IEI Puzzle M901 (AQR112, AQR112C, AQR112R) - IEI Puzzle M902 (AQR113, AQR112R) - Ubiquiti UniFi 6 LR (AQR112C)
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 6c312d9)
mediatek: let mtk_eth_soc MAC announce 2500Base-T mode
To allows Ethernet phys supporting 2500Base-T mode to announce that speed, enable the corresponding bit in mtk_eth_soc driver. This should hopefully unlock 2500Base-T speed on the UniFi 6 LR.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: ef1a64c)
ltq-deu: init des/aes before registering crpyto algorithms
The crypto algorithms are registered and available to the system before the chip is actually powered on and the generic parameter for the DEU behaviour set.
The issue can mainly be observed if the crypto manager tests are enabled in the kernel config. The crypto manager test run directly after an algorithm is registered.
Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 11d2c71)
When handling non-aligned remaining data (not padded to 16 byte [AES_BLOCK_SIZE]), a full 16 byte block is read from the input buffer and written to the output buffer after en-/decryption.
While code already assumes that an input buffer could have less than 16 byte remaining, as it can be seen by the code zeroing the remaining bytes till AES_BLOCK_SIZE, the full AES_BLOCK_SIZE is read.
An output buffer size of a multiple of AES_BLOCK_SIZE is expected but never validated.
To get rid of the read/write behind buffer, use a temporary buffer when dealing with not padded data and only write as much bytes to the output as we read.
Do not memcpy directly to the register, to make used of the endian swap macro and to trigger the crypto start operator via the ID0R to trigger the register. Since we might need an endian swap for the output in future, use a temporary buffer for the output as well.
The issue could not be observed so far, since all caller of ifx_deu_aes will ignore the padded (remaining) data. Considering that the minimum blocksize for the algorithm is set to AES_BLOCK_SIZE, the behaviour could be called expected.
Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: ab270c6)
Even if the minimum blocksize is set to 16 (AES_BLOCK_SIZE), the crypto manager tests pass 499 bytes of data to the aes-ctr encryption, from which only 496 bytes are actually encrypted.
Reading the comment regarding the minimum blocksize, it only states that it's the "smallest possible unit which can be transformed with this algorithm". Which doesn't necessarily mean, the data have to be a multiple of the minimal blocksize.
All kernel hardware crypto driver enforce a minimum blocksize of 1, which perfect fine works for the lantiq data encryption unit as well.
Lower the blocksize limit to 1, to process not padded data as well. In AES for processing the remaining bytes, uninitialized pointers were used. This patch fixes using uninitialized pointers and wrong offsets.
Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 17656f2)
OpenSSL with cryptdev support uses the data encryption unit (DEU) driver for hard accelerated processing of ciphers/digests, if the flag CRYPTO_ALG_KERN_DRIVER_ONLY is set.
Signed-off-by: Mathias Kresin <dev@kresin.me> [fix commit title prefix] Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 8dafa98)
Some devices initialize AES during boot and AES works out of the box and the correct endianess is set. NDC means (No Danube Compatibility Mode) and the endianess setting has no effect if its set to 0. NDC 0: OFF ENDI bit cannot be written as in Danube To make it work for other devices, the NDC control register needs to be set to 1.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: c8967d6)
Convert blkcipher to skcipher for the synchronous versions of AES, DES and ARC4. The Block Cipher API was depracated for a while and was removed with Linux 5.5. So switch this driver to the skcipher API.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 737bd4f)
ltq-deu: convert SHA1 after library impl of SHA1 was removed
The <linux/cryptohash.h> was removed with Linux 5.8, because it only contained the library implementation of SHA1, which was folded into <crypto/sha.h>. So switch this driver away from using <linux/cryptohash.h>.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: e84c4b5)
When running cryptomgr tests against the driver, there are several occurences of different errors for setkey of des and des3-ede algorithms. Those key checks are already implemented in the kernels des implementation, so this is added as dependency and the kernel methods are called. It also required adding the kernels des/des3 context definitions to the des_ctx internal structure to be able to call the kernel methods. Fixed ifxdeu-des... setkey unexpectedly succeeded on test vector x; expected_error=-22. Fixed ifxdeu-des... setkey failed on test vector x; expected_error=0, actual_error=-22. Renamed des_ctx internal structure and des_encrypt/des_decrypt methods because they are already defined in the kernel module. Fixed wrong DES_xxx constant definitions in crypto_alg definition for ifxdeu_des3_ede_alg. Fixed method comment errors.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 19cb3c9)
When running cryptomgr tests against the driver, there are several occurences of different errors for even and uneven splitted data in the underlying scatterlists for the ctr and ctr_rfc3686 algorithms which are now fixed. Fixed error in ctr_rfc3686_aes_decrypt function which was introduced with the previous commit by using CRYPTO_DIR_ENCRYPT in the decrypt function.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: cd01d41)
The functions ifx_deu_aes_cfg and ifx_deu_aes_ofb have been part of the driver ever since. But the functions and definitions to make the algorithms actually usable were missing. This patch adds the neccessary code for aes_ofb and aes_cfb algorithms.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 536dc6f)
ltq-deu: make deu hash lock global and remove md5_hmac_ exports
All hash algorithms use the same base IFX_HASH_CON to access the hash unit. Parallel threads should not be able to call different hash algorithms and therefor a global lock is required. Fixed linker warning, that md5_hmac_init, md5_hmac_update and md5_hmac_final are static export symbols. The export symbols are not required, because the functions are exposed using shash_alg structure.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 87a19c9)
ltq-deu: changes for hash multithread callers and md5 endianess
The algorithms sha1, sha1_hmac and md5_hmac all use ENDI=1. The md5 algorithm uses ENDI=0 and the endian_swap methods to reverse the endianess switch by using user CPU time, which is unnecessary overhead. Danube and AR9 devices do not set endianess for SHA1, so is done for MD5. Furthermore the patch replaces endian_swap with le32_to_cpu for md5 and md5 hmac algorithms and removes endian_swap for them. The init functions initialize the algorithm in the hardware. The lock is not used to write to the control register. If another thread calls another hash algo before update or final, the result will be wrong. Therefore move the algorithm init to the lock protected sections in the transform or final methods. Setting the hw key for the hmac algorithms is now done from within the lock protected sections in their final methods. The lock protecting is removed from the _hmac_setkey_hw functions. In final for md5 and sha1 the lock section is removed, because all the work was already done in transform (which is called from final). As such only copying the hash to the output is required. MD5 and MD5_HMAC produce 16 byte hashes (4 DWORDS) only, therefor writing register D5R to the hash output is removed for MD5_HMAC.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 34a3eaf)
ltq-deu: fix ifxdeu-ctr-rfc3686(aes) not matching generic impl
Error ifxdeu-ctr-rfc3686(aes) (16) doesn't match generic impl (20) occurs when running the cryptomgr extra tests that compare against the linux kernels generic implementation.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 9cb1875)
ltq-deu: fix setkey errors and static shared temp for hmac algos
The hmac algorithms state, that keys larger than the key size should be hashed with the underlying hash algorithms and then those hashes are to be used as keys. This patch implements this. In order to avoid allocating a descriptor during setkey, a shash_desc pointer is added to the context. Another issue for multithreaded callers is the shared temp array. The temp array is static and as such would be shared among multithreaded callers, which obviously would neither work nor produce correct results. The temp array (4k size) is moved to the context and since the size of the context is limited, it can only be defined as pointer otherwise the initialisation of the hash algorithm fails. The allocations and freeing of both the temp and the desc pointer in the context are done by implementing cra_init and cra_exit functions for the hmac algorithms. Also improved indentation in some areas.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 85383b3)
Exceeding the temp array size was not checked and instead storage not allocated by the driver was used/overwritten which in most cases resulted in reboots. This patch implements processing the input to the hash algorithm in tempsize chunks. The _hmac_final methods were changed to _hmac_final_impl adding a parameter that indicates intermediate or final processing. The started variable was added to the context to indicate, if there is an intermediate result in the context. For sha1_hmac the variable to store the intermediate hash was added to the context too. In order to avoid md5_hmac_final_impl being recursively called if the padding of the input and the resulting last transform during the hmac algorighms final processing causes the temp array to overflow and to make sure that there is at least one block in the temp array when the _hmac_final for final processing is called, the check for exceeding the temp array in _hmac_transform was moved before copying the block and incrementing dbn. dbn needs to be at least 1 at final processing time to let the hash engine apply the opad operation. To make the hash engine not apply the hmac algorithms final opad operation, for intermediate processing the dbn in the control register is set to a higher value than number of dbns are actually processed.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 0470b05)
ltq-deu: remove compiler warning and shorten locked sections
Removing hash pointer in _hmac_setkey since its not needed and causes a compiler warning. Make the spinlock control sections shorter and move initializations out of the control sections to free the spinlock faster for allowing other threads to use the hash engine. Minor improvements for indentation and removal of blanks and blank lines in some areas.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 6ade9d1)
ltq-deu: update initialisations for hmac algorithms
The processing in the hmac algorithms depends on the status fields: count, dbn and started. Not all were initialised in the init method and after finishing the final method. Added missing fields to init method and call init method after finishing final. The memsets have the wrong size in the original driver and did not clear everything and are not necessary. Since no memset is done in the kernels generic implementation, memsets were removed.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 006fee0)
The lantiq AES hardware does not support the xts algorithm. Apart from the cipher text stealing (XTS), the AES XTS implementation is just an XOR with the IV, followed by AES ECB, followed by another XOR with the IV and as such can be also implemented by using the lantiq hardware's CBC AES implemention plus one additional XOR with the IV in the driver. The output IV by CBC AES is also not usable and the gfmul operation not supported by lantiq hardware. Both need to be done in the driver too in addition to the IV treatment which is the initial encryption by the other half of the input key and to set the IV to the IV registers for every block. In the generic kernel implementation, the block size for XTS is set to 16 bytes, although the algorithm is designed to process any size of input larger than 16 bytes. But since there is no way to indicate a minimum input length, the block size is used. This leads to certain issues when the skcipher walk functions are used, e.g. processing less than block size bytes is not supported by calling skcipher_walk_done. The walksize is 2 AES blocks because otherwise for splitted input or output data, less than blocksize is to be returned in some cases, which cannot be processed. Another issue was that depending on possible split of input/output data, just 16 bytes are returned while less than 16 bytes were remaining, while cipher text stealing requires 17 bytes or more for processing. For example, if the input is 60 bytes and the walk is 48, then processing 48 bytes leads to a return code of -EINVAL for skcipher_walk_done. Therefor the processed counter is used to figure out, when the actual cipher text stealing for the remaining bytes less than blocksize needs to be applied. Measured with cryptsetup benchmark, this XTS AES implementation is about 19% faster than the kernels XTS implementation that uses the hardware ECB AES (ca. 18.6 MiB/s vs. 15.8 MiB/s decryption 256b key). The implementation was tested with the kernels crypto testmgr against the kernels generic XTS AES implementation including extended tests.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 43422de)
ltq-deu: add shash cbcmac-aes algorithm to the driver
Since commit 53b6783 hostapd is using the kernel api which includes the cbcmac-aes shash algorithm. The kernels implementation is a wrapper around the aes encryption algorithm, which encrypts block (16 bytes) by block. When the ltq-deu driver is present, it uses hardware aes, but every 16 byte encrypt requires setting the key. This is very inefficient and is a huge overhead. Since the cbcmac-aes is simply a hash that uses the cbc aes algorithm starting with an iv set to x'00' with an optional ecb aes encryption of a possible last incomplete block that is padded with the positional bytes of the last cbc encrypted block, this algorithm is now added to the driver. Most of the code is derived from md5-hmac and tailored for aes. Tested with the kernels crypto testmgr including extra tests against the kernels generic ccm module implementation. This patch also fixes the overallocation in the aes_ctx that is caused by using u32 instead of u8 for the aes keys.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: 79efaa7)
ltq-deu: remove redundant code for setting the key in aes
After adding xts and cbcmac the aes algorithm source had three sections for setting the aes key to the hardware which are identical. Method aes_set_key_hw was created which is now called from within the spinlock secured control sections in methods ifx_deu_aes, ifx_deu_aes_xts and aes_cbcmac_final_impl and reduces the size of ifxmips_aes.c.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: a0d6b09)
The lantiq AES hardware does not support the gcm algorithm. But it can be implemented in the driver as a combination of the aes_ctr algorithm and the xor plus gfmul operations for the hashing. Due to the wrapping of the several algorithms and the inefficient 16 byte block by 16 byte block invokation in the kernel implementations, this driver is about 3 times faster for the larger block sizes.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de> (commit: fc4d88c)
4ead2a6 treewide: move executables to /sbin 9ebc2f4 fw4.uc: filter duplicates in fw4.set 85b74f3 treewide: support flow offloading be3b4e6 treewide: support hardware flow offloading 38889b7 treewide: support set timeout 31c7550 fw4.uc: do not skip defaults with invalid option 334a127 fw4.uc: introduce DEPRECATED flag 7a0d38f fw4.uc: add _name as deprecated option 5e7ad3b fw4.uc: don't fail on unknown options be5f4e3 fw4.uc: allow use of cidr in ipsets
Provide uci-firewall via PROVIDES in both firewall and firewall4. This will allow us to change the dependency of luci-app-firewall to uci-firewall, making it possible to use it with either implementation.
Move CONFLICTS from firewall4 to firewall, to solve this recursive dependency problem:
tmp/.config-package.in:307:error: recursive dependency detected! tmp/.config-package.in:307: symbol PACKAGE_firewall is selected by PACKAGE_firewall4 tmp/.config-package.in:328: symbol PACKAGE_firewall4 depends on PACKAGE_firewall
glibc version 2.34 does not provide versioned shared libraries any more, it only provides shared libraries using the ABI version. Do not try to copy them any more.
The functions from libpthread and librt were integrated into the main binary, the libpthread.so and librt.so are only used for backwards compatibility any more.
toolchain: glibc: Increase minimum kernel version to 5.4
Increase the minimum kernel version needed by the glibc compiled for OpenWrt to version 5.4. With this setting the glibc build will remove all code needed to support older kernel versions.
Certain utilities, such as smcroute [1], require additional multicast routing options to be enabled, otherwise they will not function correctly. Enable these relevant dependancies when IPv4 and/or IPv6 multicast routing are enabled.
use address source LAN *:83 factory 0xe000 2g *:85 factory 0x4 5g *:86 factory 0x8004
How to install: 1- Setup a TFTP server on a machine with IP address 192.168.1.10/24 2- Name the image as `firmware_auto.bin` and place it on the root of the TFTP server 3- Connect the device via Ethernet, it should pick and flash the image
RAISECOM MSG1500 X.00 is a 2.4/5 GHz band 11ac (Wi-Fi 5) router. Apart from the general model, there are two ISP customized models: China Mobile and China Telecom.
Specifications:
- SoC: Mediatek MT7621AT - RAM: 256MiB DDR3 - Flash: 128MiB NAND - Ethernet: 5 * 10/100/1000Mbps: 4 * LAN + 1 * WAN - Switch: MediaTek MT7530 (SoC) - WLAN: 1 * MT7615DN Dual-Band 2.4GHz 2T2R (400Mbps) 5GHz 2T2R (867Mbps) - USB: 1 * USB 2.0 port - Button: 1 * RESET button, 1 * WPS button, 1 * WIFI button - LED: blue color: POWER, WAN, WPS, 2.4G, 5G, LAN1, LAN2, LAN3, LAN4, USB - UART: 1 * serial port header (4-pin) - Power: DC 12V, 1A - Switch: 1 * POWER switch
MAC addresses as verified by vendor firmware:
use address source LAN C8:XX:XX:3A:XX:E7 Config "protest_lan_mac" ascii (label) WAN C8:XX:XX:3A:XX:EA Config "protest_wan_mac" ascii 5G C8:XX:XX:3A:XX:E8 Factory "0x4" hex 2.4G CA:XX:XX:4A:XX:E8 [not on flash]
The increment of the 4th byte for the 2.4g address appears to vary. Reported cases:
Since increment is inconsistent and there is no obvious pattern in swapping bytes, and the 2.4g address has local bit set anyway, it seems safer to use the LAN address with flipped byte here in order to prevent collisions between OpenWrt devices and OEM devices for this interface. This way we at least use an address as base that is definitely owned by the device at hand.
Notes:
1. The vendor firmware allows you to connect to the router by telnet. (known version 1.0.0 can open telnet.) There is no official binary firmware available. Backup the important partitions data: "Bootloader", "Config", "Factory", and "firmware". Note that with the vendor firmware the memory is detected only 128MiB and the last 512KiB in NAND flash is not used.
2. The POWER LED is default on after press POWER switch. The WAN and LAN1 - 4 LEDs are wired to ethernet switch. The WPS LED is controlled by MT7615DN's GPIO. Currently there is no proper way to configure it.
3. At the time of adding support the wireless config needs to be set up by editing the wireless config file:
* Setting the country code is mandatory, otherwise the router loses connectivity at the next reboot. This is mandatory and can be done from luci. After setting the country code the router boots correctly. A reset with the reset button will fix the issue and the user has to reconfigure.
* This is minor since the 5g interface does not come up online although it is not set as disabled. 2 options here:
1- Either run the "wifi" command. Can be added from LuCI in system - startup - local startup and just add wifi above "exit 0".
2- Or add the serialize option in the wireless config file as shown below. This one would work and bring both interfaces automatically at every boot:
config wifi-device 'radio0' option serialize '1'
config wifi-device 'radio1' option serialize '1'
Flash instructions using initramfs image:
1. Press POWER switch to power down if the router is running.
2. Connect PC to one of LAN ports, and set static IP address to "10.10.10.2", netmask to "255.255.255.0", and gateway to "10.10.10.1" manually on the PC.
3. Push and hold the WIFI button, and then power up the router. After about 10s (or you can call the recovery page, see "4" below) you can release the WIFI button. There is no clear indication when the router is entering or has entered into "RAISECOM Router Recovery Mode".
4. Call the recovery page for the router at "http://10.10.10.1". Keep an eye on the "WARNING!! tip" of the recovery page. Click "Choose File" to select initramfs image, then click "Upload".
5. If image is uploaded successfully, you will see the page display "Device is upgrading the firmware... %". Keep an eye on the "WARNING!! tip" of the recovery page. When the page display "Upgrade Successfully", you can set IP address as "automatically obtain".
6. After the rebooting (PC should automatically obtain an IP address), open the SSH connection, then download the sysupgrade image to the router and perform sysupgrade with it.
Flash back to vendor firmware:
See "Flash instructions 1 - 5" above. The only difference is that in step 4 you should select the vendor firmware which you backup.
Signed-off-by: Liangkuan Yang <ylk951207@gmail.com> (commit: bc7d36b)
This is another MT7621 device, very similar to other Linksys EA7300 series devices.
Installation:
Upload the generated factory.bin image via the stock web firmware updater.
Reverting to factory firmware:
Like other EA7300 devices, this device has an A/B router configuration to prevent bricking. Hard-resetting this device three (3) times will put the device in failsafe (default) mode. At this point, flash the OEM image to itself and reboot. This puts the router back into the 'B' image and allows for a firmware upgrade.
Troubleshooting:
If the firmware will not boot, first restore the factory as described above. This will then allow the factory.bin update to be applied properly.
Signed-off-by: Nick McKinney <nick@ndmckinney.net> (commit: e0a574d)
Refresh commands, run after busybox is first built once:
cd package/utils/busybox/config/ ../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0 cd .. ./convert_defaults.pl ../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0/.config > Config-defaults.in
Manual edits needed after config refresh:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
* config/editors/Config.in: Add USE_GLIBC dependency to BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in : change at "Options common to all shells" the symbol SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html Apparently our script does not see the hidden option while prepending config options with "BUSYBOX_CONFIG_" which leads to a missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi> (commit: a54b406)
Signed-off-by: Jan Hoffmann <jan@3e8.eu> [fix warnings, switch to tag tarball, update patches] Signed-off-by: Andre Heider <a.heider@gmail.com> (commit: 9d878d8)
Linux upstream commit https://github.com/torvalds/linux/commit/9370f2d05a2a150b0aa719a3070b26d478180df3 add load firmware file through request_firmware,this affect the nanopi r2s and some USB adapters in kernel 5.10 with this error: 'r8152 4-1:1.0: unable to load firmware patch rtl_nic/rtl8153b-2.fw' This patch split the USB NIC firmware files from r8169 firmware, and adds r8152-firmware to r8152 driver. Add kmod-usb-net-cdc-ncm to support RTL8156A and RTL8156B 2.5G ethernet adapters supported since v5.13-rc1. https://github.com/torvalds/linux/commit/195aae321c829dd1945900d75561e6aa79cce208
Signed-off-by: Marty Jones <mj8263788@gmail.com> (commit: 3fe253c)
toolchain/binutils: v2.37 Close the file descriptor if there is no archive fd
This fixes the following build error: /home/build/openwrt/staging_dir/toolchain-aarch64_cortex-a53_gcc-11.2.0_musl/lib/gcc/aarch64-openwrt-linux-musl/11.2.0/../../../../aarch64-openwrt-linux-musl/bin/ld: /home/sergey/openwrt2/build_dir/target-aarch64_cortex-a53_musl/node-v14.18.2/out/Release/obj.target/tools/v8_gypfiles/libv8_base_without_compiler.a: error adding symbols: malformed archive collect2: error: ld returned 1 exit status
It's a bad error handling related to -EMFILE (too many open files). nodejs is probably just very close to open file limit.
Almost all targets have the fixed-phy feature built into the kernel. One big exception is x86. This caused a problem with the upcoming LAN78xx usb driver. Hence this patch breaks out the fixed-phy from of_mdio (which didn't include the .ko) and puts into a separate module.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 3fabca8)
Link: <https://github.com/openwrt/openwrt/pull/4893> Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (added kmod-phy-microchip and kmod-fixed-phy dependencies, rpi3 needs lan78xx but has it built-in) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 31647d8)
This commit moves the device profiles within the ipq806x/generic subtarget into their own includable .mk file, to support eventually having subtargets other than generic.
Signed-off-by: Alex Lewontin <alex.c.lewontin@gmail.com> (commit: 479acf0)
The lowest frequency should be 300MHz, since that is the label assigned to the OPP in the mt7622.dtsi device tree, while there is one missing zero in the actual value.
To be clear, the lowest frequency should be 300MHz instead of 30MHz.
As mentioned @dangowrt on the OpenWrt forum there is no benefit in leaving 30MHz as the lowest frequency.
Signed-off-by: Jip de Beer <gpk6x3591g0l@opayq.com> Signed-off-by: Fritz D. Ansel <fdansel@yandex.ru> (commit: 6939584)
9a509d4 ruleset.uc: consolidate ip and ip6 offload 21f311d ruleset.uc: don't trim newline before comment sign f121383 tests: enable flow offloading in tests 550df40 tests: add test for unknown defaults option 47c5a5b tests: add test for deprecated rule option 69a89d6 tests: add test for unknown rule option 07579df fw4.uc: handle interface zone option
MAC addresses as verified by OEM firmware: use address source Lan/Wan *:24 art 0x1002 (label) 2G *:24 art 0x1002 5G *:26 art 0x5006
Installation:
Asus windows recovery tool: - install the Asus firmware restoration utility - unplug the router, hold the reset button while powering it on - release when the power LED flashes slowly - specify a static IP on your computer: IP address: 192.168.1.75 Subnet mask 255.255.255.0 - Start the Asus firmware restoration utility, specify the factory image and press upload - Do not power off the device after OpenWrt has booted until the LED flashing.
TFTP Recovery method: - set computer to a static ip, 192.168.1.75 - connect computer to the LAN 1 port of the router - hold the reset button while powering on the router for a few seconds - send firmware image using a tftp client; i.e from linux: $ tftp tftp> binary tftp> connect 192.168.1.1 tftp> put factory.bin tftp> quit
* Qualcomm/Atheros AR9344 rev 2 * 560/450/225 MHz (CPU/DDR/AHB) * 64 MB of RAM * 16 MB of SPI NOR flash - 2x 7 MB available; but one of the 7 MB regions is the recovery image * 1T1R 2.4 GHz Wi-Fi * 2T2R 5 GHz Wi-Fi * 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power) * 1x GPIO-button (reset) * external h/w watchdog (enabled by default) * TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX) * TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring * 2x ethernet - eth0 + AR8035 ethernet PHY + 10/100/1000 Mbps Ethernet + 802.3af POE + used as LAN interface - eth1 + 10/100 Mbps Ethernet + builtin switch port 1 + 18-24V passive POE (mode B) + used as WAN interface * 12-24V 1A DC * internal antennas
Flashing instructions: ======================
Various methods can be used to install the actual image on the flash. Two easy ones are:
ap51-flash ----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP -------------------
The serial console must be used to access the u-boot shell during bootup. It can then be used to first boot up the initramfs image from a TFTP server (here with the IP 192.168.1.21):
* Qualcomm/Atheros QCA9558 ver 1 rev 0 * 720/600/240 MHz (CPU/DDR/AHB) * 128 MB of RAM * 16 MB of SPI NOR flash - 2x 7 MB available; but one of the 7 MB regions is the recovery image * 2T2R 2.4 GHz Wi-Fi (11n) * 2T2R 5 GHz Wi-Fi (11ac) * 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power) * external h/w watchdog (enabled by default)) * TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX) * TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring * 2x ethernet - eth0 + AR8035 ethernet PHY (RGMII) + 10/100/1000 Mbps Ethernet + 802.3af POE + used as LAN interface - eth1 + AR8035 ethernet PHY (SGMII) + 10/100/1000 Mbps Ethernet + 18-24V passive POE (mode B) + used as WAN interface * 12-24V 1A DC * internal antennas
Flashing instructions: ======================
Various methods can be used to install the actual image on the flash. Two easy ones are:
ap51-flash ----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP -------------------
The serial console must be used to access the u-boot shell during bootup. It can then be used to first boot up the initramfs image from a TFTP server (here with the IP 192.168.1.21):
0f16ea5 options.c: add DSCP code LE Least Effort 24ba465 firewall3: remove redundant syn check df1306a firewall3: fix locking issue 3624c37 firewall3: support table load on access on Linux 5.15+
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (commit: e955a08)
mediatek: mt7623: Disable power button reset for U7623-02 board
The Unielec U7623 doesn't have a physical power button; I think it's hard wired so that it turns on automatically when power is applied (unlike the Banana Pi R2 which is a pain).
So the 'reset on long press of power button' behaviour that we get when we enable the PMIC keyboard driver is kind of unhelpful. Disable it.
Signed-off-by: David Woodhouse <dwmw2@infradead.org> Fixes: 0d3f3323a2 ("mediatek: mt7623: enable more hardware features") (commit: 4648a60)
CONFIG_ARM_ARCH_TIMER cannot be enabled in the config directly; it is only selected by CONFIG_HAVE_ARM_ARCH_TIMER. We need to enable the latter in our config.
ca6c35c uxc: usage message cosmetics e083dd4 uxc: fix two minor issues reported by Coverity 35dfbff procd: jail/cgroups: correctly enable "rdma" when requested 3b3ac64 procd: mount /dev with noexec ac2b8b3 procd: clean up /dev/pts mounts
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 8c31f6b)
It was reported that some rb912 boards (ar934x) have issues with some ethernet speeds. Investigation shows that the board failed to adapt the ethernet pll values as shown here:
[ 5.284359] ag71xx 19000000.eth: failed to read pll-handle property
added custom prints in code and triggering a link switch:
[ 62.821446] Atheros AG71xx: fast reset [ 62.826442] Atheros AG71xx: update pll 2 [ 62.830494] Atheros AG71xx: no pll regmap!
Comparison with another very similar board (rb922 - QCA955x) showed a missing reference clock frequency in dts, which seems to cause a pll init issue. Unfortunately, no errors are printed when this occurs.
Adding the frequency property fixes the pll init as it can be parsed now by the ethernet driver.
If the SPI probe is sufficiently delayed, the routerboot driver may fail to init as the routerboot partitions are not yet available.
Register an MTD user notifier instead of doing straight init so that the init subroutines are only executed when the target MTD partitions are present.
Because the init/exit routines can now be called outside of the kernel normal init/exit calls, they cannot be jettisoned and must always be available: the __init and __exit qualifiers are thus removed.
kernel: mtk_bmt: add support for limiting range of remapping
This can be used to support ubi on top of mtk_bmt without reflashing the boot loader. The boot loader + factory + kernel area is covered, while the rest is passed through as-is
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: b86452f)
Limit bmt remapping range to cover everything up to and including the kernel image, use the rest of the flash area for ubi. Fix partition table and sysupgrade support
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 76b27f6)
kernel: mtk_bmt: add support for the bbt format used on mt7621
This does not have spare blocks for remapping, and it is also not suitable for random write access. It only skips over bad blocks on linear writes of an image to a partition. As such, it is really only suitable for the kernel partition, or other partitions with mostly static data
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: e2aa04d)
OpenWrt plans to move over to firewall4 which uses nftables under the hood. To allow a smooth migration the package `iptables-nft` offer a transparent wrapper to apply iptables rules to nftables.
Without the config option for nftables the package isn't installed and therefore can't be tested. This commit enabled it and therefore provides the wrapper.
The size of the iptables package increases from 25436 to 26500 Bytes.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 0637093)
Move the kernel versions and hash to dedicated files. This makes kernel bump quicker and fix some annoying problem with rebasing when multiple kernel bump are proposed.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> [Rebased on top of current master] Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> (commit: 0765466)
It was reported the AVM FritzBox 7430 has different offsets for the caldata depending on the device.
Whether this is due to custom bad-block handling or up to the installed bootloader-version is unknown.
Try both known caldata offsets like it is already done for the ipq40xx NAND based models. Use the same approach for the FritzBox 7412. While it is currently unknown, whether it is affected, applying the same logic has no downsides.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 7f77059)
Installation and Recovery via TFTP: 1. Connect ethernet cable between Router port and PC Ethernet port. 2. Set your computer to a static IP **192.168.1.1** 3. Turn the device off and wait a few seconds. Hold the WPS button on front of device and insert power. 4. Send a firmware image to **192.168.1.6** using TFTP. You can use any TFTP client. (tftp, curl, Tftpd64...) 5. Wait until Power LED stop flashing. **DO NOT TURN OFF DEVICE!** The device will be automatically rebooted.
Signed-off-by: Kyoungkyu Park <choryu.park@choryu.space> (commit: 6041c69)
Installation via web interface: 1. Flash initramfs image using OEM's Firmware Update page. 2. Connect to OpenWrt with an SSH connection to `192.168.1.1`. 3. Perform sysupgrade with sysupgrade image.
Revert to stock firmware: 1. Flash stock firmware via OEM's Recovery mode
How to use OEM's Recovery mode: 1. Power on the device and connect the shell through UART. 2. Connect to the shell and press the `t` key on the keyboard. 3. Set fixed IP with `192.168.0.2` with subnet mask `255.255.255.0` 4. Flash image via TFTP to `192.168.0.1`
Additional Notes: 1. The higher the 5Ghz Frequency, the lower the stability. It is recommended to use less than 5.775Ghz. 2. If the 5Ghz frequency is too high, 5Ghz may not work. 3. A6ns-M use shared dtsi file of A6004NS-M. (reference: /mt7621_iptime_a6004ns-m.dtsi).
Signed-off-by: SeongUk Moon <antegral@antegral.net> [convert CRLF to LF] Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 9c8ccdc)
The file can't be part of base files or the base-files and firewall packages collide. Two packages must not provide the same config files without having a defined CONFLICT since it would result in an undeterministic config state depending on what package is installed last.
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: daae59b)
The following devices have a Winbond W25Q256FV flash chip, which does not have the RESET pin enabled by default, and otherwise would require setting a bit in a status register.
Before moving to Linux 5.4, we had the patch: 0053-mtd-spi-nor-add-w25q256-3b-mode-switch.patch which kept specific flash chips with explicit 3-byte and 4-byte address modes to stay in 3-byte address mode while idle (after an erase or write) by using a custom flag SPI_NOR_4B_READ_OP that was part of the patch.
this was obsoleted by the patch: 481-mtd-spi-nor-rework-broken-flash-reset-support.patch which uses the newer upstream flag SNOR_F_BROKEN_RESET for devices with a flash chip that cannot be hardware reset with RESET pin and therefore must be left in 3-byte address mode when idle.
The new patch requires that the DTS of affected devices have the property "broken-flash-reset", which was not yet added for most of them.
This commit adds the property for remaining affected devices in ramips target, specifically because of the flash chip model.
However, it is possible that there are other devices where the flash chip uses an explicit 4-byte address mode and the RESET pin is not connected to the SOC on the board, and those DTS would also need this property.
Ref: 22d982ea0033 ("ramips: add support for switching between 3-byte and 4-byte addressing") Ref: dfa521f12953 ("generic: spi-nor: rework broken-flash-reset") Signed-off-by: Michael Pratt <mcpratt@pm.me> (commit: 74516f4)
This board is very similar to the RT-ACRH13/RT-AC58U. It must be flashed with an intermediary initramfs image, the jffs2 ubi volume deleted, and then finally a sysupgrade with the final image performed.
ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data
moves extraction entries out of 11-ath10k-caldata and into the individual board's device-tree.
Some notes: - mmc could work as well (not tested) - devices that pass the partitions via mtdparts bootargs are kept as is - gl-b2200 has a weird pcie wifi device (vendor claims 9886 wave 2. But firmware-extraction was for a wave 1 device?!)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: cfc13c4)
CONFIG_BLK_DEV_NVME [1]: - This is a kernel driver for SSD connected to PCI or PCIe bus [1]. By default, it is enabled for targets "ipq807x", "rockchip/armv8" and "x86/64".
With miniPCIe adapter, there is a possibility to connect NVMe disk to Turris Omnia (cortex-a9), Turris MOX (cortex-a53).
It allows to boot system from NVMe disk, because of that it can not be kmod package as you can not access the disk to be able to boot from it.
CONFIG_NVME_CORE [2]: - This is selected by CONFIG_BLK_DEV_NVME It does not need to be explicitly enabled, but it is done for "ipq807", "x64_64" and rockchip/armv8", which has also enabled the previous config option as well.
kernel: 5.10: Backport pci-aardvark driver changes from 5.17
Backport Aardvark PCIe controller driver changes that will appear in 5.17 kernel. They are currently accessible on LKML [1], in linux-next repository [2], or in Bjorn Helgaas' repository [3].
These changes mainly enhance driver removal method.
kernel: 5.10: Backport pending pci-aardvark changes fixing MSI support
Backport Aardvark PCIe controller driver changes that fix MSI support, that were recently sent to the linux-pci mailing list [1].
These changes fix MSI and MSI-X support for this PCIe controller, which, among other things, make it possible to use NVMe drives with this PCIe controllers.
kernel: 5.10: Backport pending Armada 3720 comphy patches
Backport 5 pending patches [1] for Armada 3720 comphy driver and one patch for device tree, applied to mvebu-dt64, but pending to appear in Linus' tree [2].
These patches makes the driver work correctly even with older, buggy versions of TF-A firmware.
Enabling Armada 37xx rWTM driver. This gives the kernel access to random number generator, if provided by the rWTM firmware.
Note that the driver is called turris-mox-rwtm because it was initially written for Turris MOX, but will also work on other Armada 37xx platforms, if they use rWTM firmware from CZ.NIC [1].
It makes sense to have this driver built-in, so that kernel has access to random number generator without needing to load any drivers.
[1] https://gitlab.nic.cz/turris/mox-boot-builder
Signed-off-by: Marek Behún <kabel@kernel.org> Reviewed-by: Andre Heider <a.heider@gmail.com> (commit: 43659a7)
This option includes support for watchdog timer on Marvell Armada 37xx SoCs. [1] It is useful e.g. for Turris MOX, Marvell ESPRESSObin
Enable armada-37xx-watchdog driver as built in for mvebu cortex-a53, so that kernel can start serving as soon as the driver is probed, until userspace takes over it.
This commit add package with hwmon-nct7802 module.
This driver implements support for the Nuvoton NCT7802Y hardware monitoring chip. NCT7802Y supports 6 temperature sensors, 5 voltage sensors, and 3 fan speed sensors.
Known issues: - Buzzer is unused due lack of proper driver - USB1/2 usbport ledtrigger won't work (through DT) - Renesas uPD720202 requires firmware file. It's possible to find non-free binary. Please look for 'UPDATE.mem' file and put in into '/lib/firmware/renesas_usb_fw.mem' file.
Installation: - Apply factory initramfs image via stock web-gui. - Do sysupgrade to make installation complete.
Back to stock: - OpenWrt rootfs partition use unused space after stock firmware. - Full revert is possible. - Login via ssh and run:
## ctera_c200-v2_back_to_factory start ## . /lib/functions.sh part=$(find_mtd_part "active_bank") active_bank=$(strings "$part" | grep bank) if [ "$active_bank" = "bank1" ]; then echo "bank2" > /tmp/change_bank else echo "bank1" > /tmp/change_bank fi mtd write /tmp/change_bank active_bank reboot ## ctera_c200-v2_back_to_factory end ##
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com> (put back-to-stock script into commit message, removed dup. SUBPAGESIZE var, added 01_leds for non-working dt-usb-port trigger) Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 9149ed4)
kernel: add missing kmod+regmap-i2c dependency for NCT7802Y module
x86, mt7623 and others buildbot failed due to: |Package kmod-hwmon-nct7802 is missing dependencies for the following libraries: |regmap-core.ko |regmap-i2c.ko
Fixes: 1ed50b92d157 ("package: kernel: add driver module for NCT7802Y") Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 0a08d4f)
ipq40xx: AP-365: fix non-existent node or label "macaddr_mfginfo_1d"
Chen Minqiang reported on github: | DTC arch/arm/boot/dts/qcom-ipq4029-ap-365.dtb |qcom-ipq4019.dtsi:520.23-560.5: ERROR (phandle_references): /soc/wifi@a000000: |Reference to non-existent node or label "macaddr_mfginfo_1d" | | also defined at qcom-ipq4029-aruba-glenmorangie.dtsi:243.8-248.3 |qcom-ipq4019.dtsi:562.23-602.5: ERROR (phandle_references): /soc/wifi@a800000: |Reference to non-existent node or label "macaddr_mfginfo_1d" | | also defined at qcom-ipq4029-aruba-glenmorangie.dtsi:250.8-256.3 |ERROR: Input tree has errors, aborting (use -f to force output) |scripts/Makefile.lib:326: recipe for target 'qcom-ipq4029-ap-365.dtb' failed
Fixes: cfc13c44595d ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data") Reported-by: Chen Minqiang <ptpt52@gmail.com> Signed-off-by: Christian Lamparter <chunkeey@gmail.com> (commit: 0a852d8)
Features: - ubiscan debugging and statistics utility
Fixes: - Some mtd-tests erroneously using sub-pages instead of the full page size - Buffer overrun in fectest - Missing jffs2 kernel header in the last release, leading to build failures on some systems.
Changes from 2.1.2 to 2.1.3:
Features: flashcp: Add new function that copy only different blocks flash_erase: Add flash erase chip Add flash_otp_erase Add an ubifs mount helper Add nandflipbits tool
Fixes: mkfs.ubifs: Fix runtime assertions when running without crypto mtd-utils: Use AC_SYS_LARGEFILE Fix test binary installation libmtd: avoid divide by zero ubihealthd: fix UBIFS build dependency mkfs.ubifs: remove OPENSSL_no_config() misc-utils: Add fectest to build system mkfs.ubifs: Fix build with SELinux Fix typos found by Debian's lintian tool Fix jffs2 build if zlib or lzo headers are not in default paths
Signed-off-by: Nick Hainke <vincent@systemli.org> (commit: 607f06f)
xrx200 max MTU is reduced so that it works correctly when set to the max, and the max MTU of the switch is increased to match.
In 5.10, the switch driver now enables non-standard MTUs on a per-port basis, with the overall frame size set based on the cpu port. When the MTU is not used, this should have no effect. The maximum packet size is limited as large packets cause the switch to lock up.
0702-net-lantiq-add-support-for-jumbo-frames.patch comes from net-next commit 998ac358019e491217e752bc6dcbb3afb2a6fa3e.
In 5.4, all switch ports are configured to accept the max MTU, as 5.4 does not have port_max_mtu/port_change_mtu callbacks.
Signed-off-by: Thomas Nixon <tom@tomn.co.uk> (commit: 255268c)
This patch includes a series of performance improvements. All patches were accepted and should land in 5.17. NAT Performance results on BT Home Hub 5A (kernel 5.10.89, mtu 1500):
Down Up Before 539 Mbps 599 Mbps After 624 Mbps 695 Mbps
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl> (commit: 7e484b9)
* Qualcomm/Atheros QCA9558 ver 1 rev 0 * 720/600/200 MHz (CPU/DDR/AHB) * 128 MB of RAM * 16 MB of SPI NOR flash - 2x 7 MB available; but one of the 7 MB regions is the recovery image * 2T2R 2.4 GHz Wi-Fi (11n) * 2T2R 5 GHz Wi-Fi (11ac) * 4x GPIO-LEDs (3x wifi, 1x power) * 1x GPIO-button (reset) * external h/w watchdog (enabled by default)) * TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX) * TI tmp423 (package kmod-hwmon-tmp421) for temperature monitoring * 2x ethernet - eth0 + AR8035 ethernet PHY (RGMII) + 10/100/1000 Mbps Ethernet + 802.3af POE + used as LAN interface - eth1 + AR8031 ethernet PHY (RGMII) + 10/100/1000 Mbps Ethernet + 18-24V passive POE (mode B) + used as WAN interface * 12-24V 1A DC * internal antennas
This device support is based on the partially working stub from commit 53c474abbdfe ("ath79: add new OF only target for QCA MIPS silicon").
Flashing instructions: ======================
Various methods can be used to install the actual image on the flash. Two easy ones are:
ap51-flash ----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP -------------------
The serial console must be used to access the u-boot shell during bootup. It can then be used to first boot up the initramfs image from a TFTP server (here with the IP 192.168.1.21):
ath79: Allow to set spi-nor mtd name via devicetree
On ar71xx, it was possible to overwrite the name of the spi-nor mtd device identifier using the flash_platform_data which each mach-*.c could adjust for its devices. A similar feature was introduced for mtd-physmap in devicetree's. The property linux,mtd-name can be used to set the name and provide a stable identifier for mtdpart from the bootloader.
But this feature is not yet available upstream for spi-nor devices which also might receive their partition layout from the bootloader. But the OpenWrt pistachio support for this property can simply be imported into ath79 to gain this support.
Signed-off-by: Sven Eckelmann <sven@narfation.org> (commit: 7f074fe)
* Qualcomm/Atheros AR7240 rev 2 * 350/350/175 MHz (CPU/DDR/AHB) * 32 MB of RAM * 16 MB of SPI NOR flash - 2x 7 MB available; but one of the 7 MB regions is the recovery image * 2x 10/100 Mbps Ethernet * 1T1R 2.4 GHz Wi-Fi * 6x GPIO-LEDs (3x wifi, 2x ethernet, 1x power) * 1x GPIO-button (reset) * external h/w watchdog (enabled by default) * TTL pins are on board (arrow points to VCC, then follows: GND, TX, RX) * 2x fast ethernet - eth0 + 18-24V passive POE (mode B) + used as WAN interface - eth1 + builtin switch port 4 + used as LAN interface * 12-24V 1A DC * external antenna
The device itself requires the mtdparts from the uboot arguments to properly boot the flashed image and to support dual-boot (primary + recovery image). Unfortunately, the name of the mtd device in mtdparts is still using the legacy name "ar7240-nor0" which must be supplied using the Linux-specfic DT parameter linux,mtd-name to overwrite the generic name "spi0.0".
Flashing instructions: ======================
Various methods can be used to install the actual image on the flash. Two easy ones are:
ap51-flash ----------
The tool ap51-flash (https://github.com/ap51-flash/ap51-flash) should be used to transfer the image to the u-boot when the device boots up.
initramfs from TFTP -------------------
The serial console must be used to access the u-boot shell during bootup. It can then be used to first boot up the initramfs image from a TFTP server (here with the IP 192.168.1.21):
Since gzip-compressed kernel image stopped fitting on 4MB kernel partition on the device, use lzma-loader wrapping LZMA-compressed kernel. This yields bootable device once again, and saves a very substantial amount of space, the kernel size decreasing from about 4.4MB to about 2.5MB for 5.10 kernel. This avoids changing of the flash layout for the device.
While at that, reactivate the build for the device.
Fixes: 5d8ea6d34f9 ("ath79: Deactivate ZyXEL NBG6716 by default") Cc: André Valentin <avalentin@marcant.net> Cc: Hauke Mehrtens <hauke@hauke-m.de> Tested-by: Alex Henrie <alexhenrie24@gmail.com> Signed-off-by: Lech Perczak <lech.perczak@gmail.com> (commit: ebf639d)
omap: add support for the TRNG Hardware Accelerator
According to TI docs (Processor SDK Linux Getting Started Guide) the Random Number Generator hardware is found on OMAP16xx, OMAP2/3/4/5, AM33xx/AM43xx boards. It already defined in device tree files. Let's enable it.
Some tests:
root@RTS1_OI:~# rngtest -c 1000 </dev/hwrng rngtest 6.10 Copyright (c) 2004 by Henrique de Moraes Holschuh This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
rngtest: starting FIPS tests... rngtest: bits received from input: 20000032 rngtest: FIPS 140-2 successes: 999 rngtest: FIPS 140-2 failures: 1 rngtest: FIPS 140-2(2001-10-10) Monobit: 0 rngtest: FIPS 140-2(2001-10-10) Poker: 0 rngtest: FIPS 140-2(2001-10-10) Runs: 1 rngtest: FIPS 140-2(2001-10-10) Long run: 0 rngtest: FIPS 140-2(2001-10-10) Continuous run: 0 rngtest: input channel speed: (min=198.710; avg=1265.501; max=2976.417)Kibits/s rngtest: FIPS tests speed: (min=1.780; avg=37.085; max=39.736)Mibits/s rngtest: Program run time: 15961329 microseconds
Ubuntu started to flag which as deprecated and it seems which is not really standard and may vary across Distro. Drop the use of which and use the standard 'command -v' for this simple task. Which is still present in the prereq if some package/script still use which. A utility script called command_all.sh is implemented that will just mimic the output of which -a.
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com> (commit: 88204bf)
ath79: add support for reset key on MikroTik RB912UAG-2HPnD
On MikroTik RB91x board series a reset key shares SoC gpio line #15 with NAND ALE and NAND IO7. So we need a custom gpio driver to manage this non-trivial connection schema. Also rb91x-nand needs to have an ability to disable a polling of the key while it works with NAND.
While we've been integrating rb91x-key into a firmware, we've figured out that: * In the gpio-latch driver we need to add a "cansleep" suffix to several gpiolib calls, * When gpio-latch and rb91x-nand fail to get a gpio and an error is -EPROBE_DEFER, they shouldn't report about this, since this actually is not an error and occurs when the gpio-latch probe function is called before the rb91x-key probe. We fix these related things here too.
This removes -static compile option. The -static option tells GCC to link this statically with the libc, which we do not want in OpenWrt. We want to link everything dynamically to the libc. This fixes a compile problem with glibc.
ramips: update Tenbay T-MB5EU wireless MAC address
The current MAC address assignment is still incorrect.
Use the same MAC address as seen on the stock firmware for both wireless interfaces.
The 5GHz MAC address OUI is +2 in the first EUI octet. We currently don't do this in OpenWrt. Ignore this offset for now. With the current assignment, recurring MAC addresses between radios is already taken care of.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: b0c04a3)
When Joowin WR758AC V1 and V2 devices were added, they should have been added with the primary manufacturer name which is COMFAST, since Joowin is just an alternate vendor name on some coutries or stores.
Fix this by changing the the vendor name on the respective files and set Joowin as ALT0 variants while ensuring compatibility for early users. Also adjust the model names to better follow the naming rules.
As a side effect, fix mt76x8 network script which was left incorrectly unsorted on the case block conditions.
Fixes: 766733e172 ("ramips: add support for Joowin WR758AC V1 and V2") Signed-off-by: Rodrigo Araujo <araujo.rm@gmail.com> (commit: 7c8ade1)
The GL.iNet GL-XE300 is a 4G LTE Wireless router, based on QCA9531 SoC.
Specifications:
- SoC: QCA9531 (650MHz) - RAM: DDR2 128M - Flash: SPI NOR 16M + SPI NAND 128M - WiFi: 2.4GHz with 2 antennas - Ethernet: - 1x LAN (10/100M) - 1x WAN (10/100M) - LTE: - USB: 1x USB 2.0 port - UART: - 3.3V, TX, RX, GND / 115200 8N1
MAC addresses as verified by OEM firmware:
use address source LAN *:c5 art 0x0 (label) WAN *:c6 label + 1 WLAN *:c7 art 0x1002
Installation via U-Boot rescue:
1. Press and hold reset and power buttons simultaneously 2. Wait for the LAN led to blink 5 times 3. Release reset and power buttons 4. The rescue page is accessible via http://192.168.1.1 5. Select the OpenWrt factory image and start upgrade 6. Wait for the router to flash new firmware and reboot
Revert to stock firmware:
i. Download the stock firmware from GL.Inet website ii. Use the same method explained above to flash the stock firmware
ucode: add temporary fix for integer formatting on 32bit systems
The ucode VM always passes 64bit integer values to sprintf implementation while the `%d` format expects 32bit integers on 32bit platforms, leading to incorrect formatting results.
Temporarily solve the issue by casting the numeric argument to int until a more thorough fix arrives with the next update.
mediatek: mt7623: rework images for U7623-02 board
Users of older OpenWrt versions need sysupgrade using the *emmc.img.gz file once which will upgrade U-Boot and switch to the new image layout. Users of the vendor firmware need to first flash the legacy image to then sunsequently carry out a full-flash upgrade.
Alternatively the board can also be flashed using MediaTek's proprietary SP Flash Tool.
Configuration as well as persistent MAC address will be lost once at this point and you will have to redo (or restore) all configuration manually. To restore the previous persistent MAC address users may set it manually using
fw_setenv ethaddr 00:11:22:33:44:55
For future upgrades once running OpenWrt past this commit, the usual *sysupgrade.itb file can be used.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 1ee75dd)
On recent macOS, /usr/bin/python3 is a wrapper that finds the right python executable It checks argv[0] to determine if python2 or python3 should be called. Always execute it as python3 to ensure it calls the right version
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: f8bc8fa)
The legacy image for the UniElec U7623-02 until now included kmod-ata-ahci-mtk. The MT7623 chip doesn't have that IP and that board uses a PCIe-connected AHCI controller for the SATA port and mSATA-pins of the mPCIe socket. Hence include kmod-ata-ahci instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: f586545)
The NanoPi R4S leaves the SD card in 1.8V signalling when rebooting while U-Boot requires the card to be in 3.3V mode.
Remove UHS support from the SD controller so the card remains in 3.3V mode. This reduces transfer speeds but ensures a reboot whether from userspace or following a kernel panic is always working.
Signed-off-by: David Bauer <mail@david-bauer.net> (commit: 2b583ab)
nf-nathelper-extra and nf-conntrack-netlink had iptables related dependencies, yet, when looking for the respective kernel symbols and checking it's dependencies it was confirmed that iptables wasn't required and that these were either it's own moodule or tool independent (nftables or iptables).
Correct these and make sure no unneeded extras are pulled in.
tools: build bash on macOS and use it for ipkg-build
On macOS, system binaries silently drop the environment variables for injecting extra shared libraries (used by fakeroot). This is done for security reasons. Work around this by building bash from source, so that it gets an ad-hoc signature and does not have these restrictions
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 3869ccb)
perf: Depend on libbfd and libopcodes when enabled
bpftool will enabled libbfd and libopcodes which gets picked up by perf as libraries to link against. Add those missing dependencies when either of these packages are enabled.
Flash accessing instruction templates are determined during probe since v5.6 for spimem-dirmap support in spi-nor driver in upstream commit: df5c21002cf4 ("mtd: spi-nor: use spi-mem dirmap API") As a result, changing bus_width on the fly doesn't work anymore and this patch will cause executing spi-mem ops with 3-byte address on 16-32M flash area. We can't easily revert that behavioral change upstream so drop the patch to prevent u-boot and eeprom from being erased.
Fixes: b10d604459("kernel: add linux 5.10 support") Reported-by: Frank Di Matteo <dimatto@foxmail.com> Signed-off-by: Chuanhong Guo <gch981213@gmail.com> (commit: c064824)
This fixes the following compile warning: CC init/do_mounts.o init/do_mounts.c:478:19: warning: 'mount_ubi_rootfs' defined but not used [-Wunused-function] 478 | static int __init mount_ubi_rootfs(void) | ^~~~~~~~~~~~~~~~
This moves bootargs-append support patch from ipq40xx and ipq806x to generic. This way we can append additional boot arguments from DTS instead of only being able to overwrite them.
This is a preparation for kirkwood support of ipTIME NAS1.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 81a561b)
Notes: * There are several variants of the model name: "NAS-I", "NASI", "NAS1". Here "NAS1" is adopted for consistent naming scheme. * The reset button is also a USB copy button in stock FW, but in this patch the former is the only default behavior.
Installation via web interface: 1. Flash sysupgrade image through the stock web interface.
Revert to stock firmware: 1. Perform sysupgrade with stock image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 957f9ad)
Installation via web interface: 1. Flash **initramfs** image through the stock web interface. 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
Revert to stock firmware: 1. Perform sysupgrade with stock image.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 6ff970b)
Installation via **recovery** mode: 1. Press reset button, power up the device, wait >10s for CPU LED to stop blinking. 2. Upload recovery image through the recovery web page at 192.168.0.1.
Revert to stock firmware: 1. Install stock image via recovery mode.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: f4a7914)
The formal checks verify the following things: - Commits does not contain any merge commits - Signed by a real name - Commit titles starts with an `<area>:` - Author name matches signed of name - Commit message is not empty
Signed-off-by: Paul Spooren <mail@aparcar.org> (commit: 3dc3882)
The Wavlink WL-WN535K1 is a "mesh" router with 2 gigabit ethernet ports and one fast ethernet port. Mine is branded as Talius TAL-WMESH1. It can be found in kits of 2 or 3 (WL-WN535K2 or WL-WN535K3). The motherboard is labelled as WS-WN535G3-B-V1.2 so this image could potentially work for WL-WN535G3R and WS-WN535G3R with little to none effort, but it's untested.
Hardware -------- SoC: Mediatek MT7620A RAM: 64MB FLASH: 8MB NOR (GigaDevice GD25Q64CS) ETH: - 2x 10/100/1000 Mbps Ethernet (RTL8211F) - 1x 10/100 Mbps Ethernet (integrated in SOC) WIFI: - 2.4GHz: 1x (integrated in SOC) (2x2:2) - 5GHz: 1x MT7612E (2x2:2) - 4 internal antennas BTN: - 1x Reset button - 1x Touchlink button (set to WPS) - 1x ON/OFF switch LEDS: - 1x Red led (system status) - 1x Blue led (system status) - 3x Green leds (ethernet port status/act) UART: - 57600-8-N-1
Everything works correctly.
Currently there is no firmware update available. Because of this, in order to restore the OEM firmware, you must firstly dump the OEM firmware from your router before you flash the OpenWrt image.
Backup the OEM Firmware ----------------------- The following steps are to be intended for users having little to none experience in linux. Obviously there are many ways to backup the OEM firmware, but probably this is the easiest way for this router. Procedure tested on WN535K1_V1510_200916 firmware version.
1) Go to http://192.168.10.1/webcmd.shtml
2) Type the following line in the "Command" input box and then press enter: mkdir /etc_ro/lighttpd/www/dev; dd if=/dev/mtd0ro of=/etc_ro/lighttpd/www/dev/mtd0ro
3) After few seconds in the textarea should appear this output: 16384+0 records in 16384+0 records out
If your output doesn't match mine, stop reading and ask for help in the forum.
4) Open in another tab http://192.168.10.1/dev/mtd0ro to download the content of the whole NOR. If the file size is 0 byte, stop reading and ask for help in the forum.
5) Come back to the http://192.168.10.1/webcmd.shtml webpage and type: rm /etc_ro/lighttpd/www/dev/mtd0ro;for i in 1 2 3 4 5; do dd if=/dev/mtd${i}ro of=/etc_ro/lighttpd/www/dev/mtd${i}ro; done
6) After few seconds, in the textarea should appear this output: 384+0 records in 384+0 records out 128+0 records in 128+0 records out 128+0 records in 128+0 records out 14720+0 records in 14720+0 records out 1024+0 records in 1024+0 records out
If your output doesn't match mine, stop reading and ask for help in the forum.
7) Open the following links to download the partitions of the OEM FW: http://192.168.10.1/dev/mtd1ro http://192.168.10.1/dev/mtd2ro http://192.168.10.1/dev/mtd3ro http://192.168.10.1/dev/mtd4ro http://192.168.10.1/dev/mtd5ro
If one (or more) of these files are 0 byte, stop reading and ask for help in the forum.
8) Store these downloaded files in a safe place.
9) Reboot your router to remove any temporary file in ram.
Installation ------------ Flash the initramfs image in the OEM firmware interface (http://192.168.10.1/update_mesh.shtml). When Openwrt boots, flash the sysupgrade image otherwise you won't be able to keep configuration between reboots.
Restore OEM Firmware -------------------- Flash the "mtd4ro" file you previously backed-up directly from LUCI. Warning: Remember to not keep settings! Warning2: Remember to force the flash.
Notes ----- 1) Router mac addresses: LAN XX:XX:XX:XX:XX:E2 (factory @ 0x28) WAN XX:XX:XX:XX:XX:E3 (factory @ 0x2e) WIFI 2G XX:XX:XX:XX:XX:E4 (factory @ 0x04) WIFI 5G XX:XX:XX:XX:XX:E5 (factory @ 0x8004)
LABEL XX:XX:XX:XX:XX:E5
2) The OEM firmware upgrade page accepts only files containing the string "WN535K1" in the filename.
3) Additional notes 1,2,3 in the WS-WN583A6 commit are still valid (https://github.com/openwrt/openwrt/commit/92780d80ab6f5f03fac2407c06eb267dd83914a1)
procd: support generic mount triggers and clean up
Allow init scripts to trigger free-form actions by exposing procd_add_action_mount_trigger. Clean up mount trigger wrappers while at it to reduce code duplication.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 6d76ec3)
ubox: only start log to file when filesystem has been mounted
If log_file is on an filesystem mounted using /etc/config/fstab we have to wait for that to happen before starting the logread process. Inhibit the start of the file-writer process and use a mount trigger to fire it up once the filesystem actually becomes available.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 88baf6c)
72123e1b56 NEWS: Add a bug entry for BZ #28755 08beb3a3f4 x86: Fix __wcsncmp_evex in strcmp-evex.S [BZ# 28755] b50d5b746c x86: Fix __wcsncmp_avx2 in strcmp-avx2.S [BZ# 28755] 1b9cd6a721 NEWS: add bug entry for BZ #28769 and BZ #28770 3438bbca90 Linux: Detect user namespace support in io/tst-getcwd-smallbuff d084965adc realpath: Avoid overwriting preexisting error (CVE-2021-3998) 472e799a5f getcwd: Set errno to ERANGE for size == 1 (CVE-2021-3999) 8c8a71c85f tst-realpath-toolong: Fix hurd build f7a79879c0 realpath: Set errno to ENAMETOOLONG for result larger than PATH_MAX [BZ #28770] 73c362840c stdlib: Fix formatting of tests list in Makefile 269eb9d930 stdlib: Sort tests in Makefile 062ff490c1 support: Add helpers to create paths longer than PATH_MAX 82b1acd9de powerpc: Fix unrecognized instruction errors with recent binutils 1d401d1fcc x86: use default cache size if it cannot be determined [BZ #28784] 6890b8a3ae CVE-2022-23218: Buffer overflow in sunrpc svcunix_create (bug 28768) 1081f1d3dd sunrpc: Test case for clnt_create "unix" buffer overflow (bug 22542) 7b5d433fd0 CVE-2022-23219: Buffer overflow in sunrpc clnt_create for "unix" (bug 22542) 5575daae50 socket: Add the __sockaddr_un_set function 03e6e02e6a Disable debuginfod in printer tests [BZ #28757] 705f1e4606 Update syscall lists for Linux 5.16 2fe2af88ab i386: Remove broken CAN_USE_REGISTER_ASM_EBP (bug 28771) 73558ffe84 Update syscall lists for Linux 5.15 e64235ff42 powerpc: Fix unrecognized instruction errors with recent GCC
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (commit: 3572c5a)
mediatek: u7623-02: enable early console also in legacy image
Append 'earlycon=uart8250,mmio32,0x11004000' to the boot arguments embedded in device-tree in order to enable early console on the UniElec U7623 board when using the vendor/stock bootloader.
Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 5e6867f)
procd: seccomp/jail: Fix build error on arm with glibc
From: Peter Lundkvist <peter.lundkvist@gmail.com>
This fixes the make_syscall_h.sh script to recognize both __NR_Linux, used by mips, and __NR_SYSCALL_BASE and __ARM_NR_BASE used by arm.
Run-tested on arm (ipq806x) and mips (ath79), both with glibc. Compile-tested and checked resulting syscall_names.h file wuth glibc: aarch64, powerpc, x86_64, i486 musl: arm, mips
Fixes: FS#4194, FS#4195
Signed-off-by: Peter Lundkvist <peter.lundkvist@gmail.com> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: 5d110c0)
Just use 'start' action which will have the desired effect instead of trying to introduce a 'start_file' action which didn't work that way because procd jshn magic would have to wrap around it.
Fixes: 88baf6ce2c ("ubox: only start log to file when filesystem has been mounted") Signed-off-by: Daniel Golle <daniel@makrotopia.org> (commit: b6a2cee)
Add the most recent supported firmware file for Intel Wi-Fi 6E AX210 wireless chip. The API version 67 is not yet supported by the driver. Additional PNVM file is required since API version 62.
Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: 0c635cf)
Commit d284e6ef0f06 ("treewide: convert mtd-mac-address-increment* to generic implementation") renamed "mtd-mac-address-increment" property to "mac-address-increment". Convert remaining usages that have been added after that.
Fixes: f44e933458b1 ("ipq806x: provide WiFI mac-addresses from dts") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: f16f419)
Commit d284e6ef0f06 ("treewide: convert mtd-mac-address-increment* to generic implementation") renamed "mtd-mac-address-increment" property to "mac-address-increment". Convert remaining usages that have been added after that.
Fixes: af8a059bb41d ("ath79: add support for GL.iNet GL-XE300") Signed-off-by: Sungbo Eo <mans0n@gorani.run> (commit: ad5bf16)
Commit f4a79148f8cb ("ramips: add support for ipTIME AX2004M") seems to leak KERNEL_LOADADDR 0x82000000 to other devices, causing the to no longer boot. The leak is visible in u-boot:
Using 'config-1' configuration Trying 'kernel-1' kernel subimage Description: MIPS OpenWrt Linux-5.10.92 Type: Kernel Image Compression: lzma compressed Data Start: 0x840000e4 Data Size: 10750165 Bytes = 10.3 MiB Architecture: MIPS OS: Linux Load Address: 0x82000000 Entry Point: 0x82000000
Normally, it should look like this:
Using 'config-1' configuration Trying 'kernel-1' kernel subimage Description: MIPS OpenWrt Linux-5.10.92 Type: Kernel Image Compression: lzma compressed Data Start: 0xbfca00e4 Data Size: 2652547 Bytes = 2.5 MiB Architecture: MIPS OS: Linux Load Address: 0x80001000 Entry Point: 0x80001000
Revert the commit to avoid more people soft-bricking their devices.
This reverts commit f4a79148f8cbb7dfbcddfb0c1128caec45a01596.
This is a minor corrective release over GDB 11.1, fixing the following issues: * PR sim/28302 (gdb fails to build with glibc 2.34) * PR build/28318 (std::thread support configure check does not use CXX_DIALECT) * PR gdb/28405 (arm-none-eabi: internal-error: ptid_t remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*): Assertion `first_resumed_thread != nullptr' failed) * PR tui/28483 ([gdb/tui] breakpoint creation not displayed) * PR build/28555 (uclibc compile failure since commit 4655f8509fd44e6efabefa373650d9982ff37fd6) * PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF) * PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR (.relr.dyn) section) * PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)
This is a minor corrective release over GDB 11.1, fixing the following issues: * PR sim/28302 (gdb fails to build with glibc 2.34) * PR build/28318 (std::thread support configure check does not use CXX_DIALECT) * PR gdb/28405 (arm-none-eabi: internal-error: ptid_t remote_target::select_thread_for_ambiguous_stop_reply(const target_waitstatus*): Assertion `first_resumed_thread != nullptr' failed) * PR tui/28483 ([gdb/tui] breakpoint creation not displayed) * PR build/28555 (uclibc compile failure since commit 4655f8509fd44e6efabefa373650d9982ff37fd6) * PR rust/28637 (Rust characters will be encoded using DW_ATE_UTF) * PR gdb/28758 (GDB 11 doesn't work correctly on binaries with a SHT_RELR (.relr.dyn) section) * PR gdb/28785 (Support SHT_RELR (.relr.dyn) section)
The sizes of the ipk changed on mips 24Kc like this: 2285775 gdb_11.1-3_mips_24kc.ipk 2287441 gdb_11.2-4_mips_24kc.ipk 191828 gdbserver_11.1-3_mips_24kc.ipk 191811 gdbserver_11.2-4_mips_24kc.ipk
This fixes the following security problems: * Zeroize several intermediate variables used to calculate the expected value when verifying a MAC or AEAD tag. This hardens the library in case the value leaks through a memory disclosure vulnerability. For example, a memory disclosure vulnerability could have allowed a man-in-the-middle to inject fake ciphertext into a DTLS connection. * Fix a double-free that happened after mbedtls_ssl_set_session() or mbedtls_ssl_get_session() failed with MBEDTLS_ERR_SSL_ALLOC_FAILED (out of memory). After that, calling mbedtls_ssl_session_free() and mbedtls_ssl_free() would cause an internal session buffer to be free()'d twice. CVE-2021-44732
The sizes of the ipk changed on MIPS 24Kc like this: 182454 libmbedtls12_2.16.11-2_mips_24kc.ipk 182742 libmbedtls12_2.16.12-1_mips_24kc.ipk
795f420 cmis: Rename CMIS parsing functions 369b43a cmis: Initialize CMIS memory map da16288 cmis: Use memory map during parsing 6acaeb9 cmis: Consolidate code between IOCTL and netlink paths d7d15f7 sff-8636: Rename SFF-8636 parsing functions 4230597 sff-8636: Initialize SFF-8636 memory map b74c040 sff-8636: Use memory map during parsing 799572f sff-8636: Consolidate code between IOCTL and netlink paths 9fdf45c sff-8079: Split SFF-8079 parsing function 2ccda25 netlink: eeprom: Export a function to request an EEPROM page 86792db cmis: Request specific pages for parsing in netlink path 6e2b32a sff-8636: Request specific pages for parsing in netlink path c2170d4 sff-8079: Request specific pages for parsing in netlink path 9538f38 netlink: eeprom: Defer page requests to individual parsers 664586e Merge branch 'review/next/module-mem-map' into master 50fdaec ethtool: Set mask correctly for dumping advertised FEC modes c5e7133 cable-test: Fix premature process termination 73091cd sff-8636: Use an SFF-8636 specific define for maximum number of channels 837c166 sff-common: Move OFFSET_TO_U16_PTR() to common header file 8658852 cmis: Initialize Page 02h in memory map 27b42a9 cmis: Initialize Banked Page 11h in memory map 340d88e cmis: Parse and print diagnostic information eae6a99 cmis: Print Module State and Fault Cause 82012f2 cmis: Print Module-Level Controls d7b1007 sff-8636: Print Power set and Power override bits 429f2fc Merge branch 'review/cmis-diag' into master 32457a9 monitor: do not show duplicate options in help text c01963e Release version 5.16.
The sizes of the ipk changed on MIPS 24Kc like this: 34317 ethtool_5.15-1_mips_24kc.ipk 34311 ethtool_5.16-1_mips_24kc.ipk
The man page of the raw tool does not build because the disk-utils/raw.8 file is missing. It looks like it should be in the tar.xz file we download, but it is missing.
We do not package the raw tool, so this is not a problem.
This fixes the following build error: No rule to make target 'disk-utils/raw.8', needed by 'all-am'. Stop.
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996 Improper UID check in libmount allows an unprivileged user to unmount FUSE filesystems of users with similar UID.
CVE-2021-3995 This issue is related to parsing the /proc/self/mountinfo file allows an unprivileged user to unmount other user's filesystems that are either world-writable themselves or mounted in a world-writable directory.
Add option to compile kmod-vrf, support for Virtual Routing and Forwarding (Lite).
This module depends on NET_L3_MASTER_DEV, which is a boolean kernel option, so we need to create a configuration option also for this, and make kmod-vrf depend on it.
Signed-off-by: Marek Behún <kabel@kernel.org> (commit: 45d541b)
CFLAG -DWOLFSSL_ALT_CERT_CHAINS replaced to --enable-altcertchains configure option
The size of the ipk changed on aarch64 like this: 491341 libwolfssl4.8.1.31258522_4.8.1-stable-7_aarch64_cortex-a53.ipk 520322 libwolfssl5.1.1.31258522_5.1.1-stable-1_aarch64_cortex-a53.ipk
Tested-by: Alozxy <alozxy@users.noreply.github.com> Acked-by: Eneas U de Queiroz <cotequeiroz@gmail.com> Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in> (commit: 93d9119)
This adds support for the MikroTik RouterBOARD RBcAPGi-5acD2nD (cAP ac), a indoor dual band, dual-radio 802.11ac wireless AP, two 10/100/1000 Mbps Ethernet ports.
See https://mikrotik.com/product/cap_ac for more info.
according to iptables-nft man page, "These tools use the libxtables framework extensions and hook to the nf_tables kernel subsystem using the nft_compat module."
This means that to work, iptables-nft needs the same modules as iptables legacy except the ip(6)table-{filter,mangle,nat,raw} ip_tables, ip6tables. When those modules are loaded iptables-nft-save output contains "# Warning: iptables-legacy tables present, use iptables-legacy-save to see them" But as long as it's empty it should not be a problem.
To have nft properly display the rules created by ip(6)tables-nft we need all iptables targets and matches to be built as extension and not built-in (/usr/lib/iptables/libip(6)t_*.so)
When switching a package to iptables-nft, you need to keep the iptables-mod-* dependencies
This patch does minimal changes: - remove the direct iptables-nft -> iptables dependency - and more important add nft-compat dependency
The rule iptables-nft -A OUTPUT -d 8.8.8.8 -m comment --comment "aaa" -j REJECT becomes table ip filter { chain OUTPUT { type filter hook output priority filter; policy accept; ip daddr 8.8.8.8 # xt_comment counter packets 0 bytes 0 # xt_REJECT } }
ramips: Switch Teltonika RUT5xx to kernel GPIO-line watchdog driver
The commit 04e91631e050 ("om-watchdog: add support for Teltonika RUT5xx (ramips)") used the deprecated om-watchdog daemon to handle the GPIO-line connected watchdog on the Teltonika RUT5xx.
But this daemon has massive problems since commit 30f61a34b4cf ("base-files: always use staged sysupgrade"). The process will always be stopped on sysupgrades. If the sysupgrade takes slightly longer, the watchdog is not triggered at the correct time and thus the sysupgrade will interrupted hard by the watchdog sysupgrade. And this hard interrupt can easily brick the device when there is no fallback (dual-boot, ...).
Signed-off-by: Sven Eckelmann <sven@narfation.org> (commit: 7c3efd5)
backend_startup_project Add a man page backend to refman extract_objects() supports generated sources Python 3.6 support will be dropped in the next release Warning if check kwarg of run_command is missing meson rewrite can modify extra_files meson rewrite target <target> info outputs target's extra_files Visual Studio 2022 backend Support for CMake <3.14 is now deprecated for CMake subprojects Added support for sccache install_symlink function
The SDK does not ship the generic platform files. Use relative path for GENERIC_PLATFORM_DIR to make it work. This points it at the files from the feed directory instead of the base SDK path
Signed-off-by: Felix Fietkau <nbd@nbd.name> (commit: 8c1d512)
![[Jenkins]](/jenkins/static/c72b925d/images/svgs/logo.svg){kind=logo}
