Nick Hainke [Tue, 5 Apr 2022 13:01:43 +0000 (15:01 +0200)]
libmnl: update to 1.0.5
Changes:
Duncan Roe (5):
nlmsg: Fix a missing doxygen section trailer
build: doc: "make" builds & installs a full set of man pages
build: doc: get rid of the need for manual updating of Makefile
build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
src: doc: Fix messed-up Netlink message batch diagram
Fernando Fernandez Mancera (1):
src: fix doxygen function documentation
Florian Westphal (1):
libmnl: zero attribute padding
Guillaume Nault (1):
callback: mark cb_ctl_array 'const' in mnl_cb_run2()
Kylie McClain (1):
examples: nfct-daemon: Fix test building on musl libc
Laura Garcia Liebana (4):
examples: add arp cache dump example
examples: fix neigh max attributes
examples: fix print line format
examples: reduce LOCs during neigh attributes validation
Pablo Neira Ayuso (3):
doxygen: remove EXPORT_SYMBOL from the output
include: add MNL_SOCKET_DUMP_SIZE definition
build: libmnl 1.0.5 release
Petr Vorel (1):
examples: Add rtnl-addr-add.c
Stephen Hemminger (1):
examples: rtnl-addr-dump: fix typo
igo95862 (1):
doxygen: Fixed link to the git source tree on the website.
Nick Hainke [Tue, 5 Apr 2022 13:26:24 +0000 (15:26 +0200)]
libnfnetlink: update to 1.0.2
Changes:
c63f193 bump version to 1.0.2 3cffa84 libnfnetlink: Check getsockname() return code 90ba679 include: Silence gcc warning in linux_list.h bb4f6c8 Make it clear that this library is deprecated e46569c Minimally resurrect doxygen documentation 5087de4 libnfnetlink: hide private symbols 62ca426 autogen: don't convert __u16 to u_int16_t efa1d8e src: Use stdint types everywhere 7a1a07c include: Sync with kernel headers 7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings 94b68f3 configure: uclinux is also linux 617fe82 src: get source code license header in sync with current licensing terms 97a3960 build: resolve automake-1.12 warnings
Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.
Daniel Golle [Wed, 6 Apr 2022 18:59:52 +0000 (19:59 +0100)]
libselinux: add missing host-build dependency on libsepol/host
The host-build of libselinux requires libsepol/host.
Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts
which don't have libsepol installed.
Problem exist when dnsmasq is exclusively bind to particular interface.
After reconfiguring or restarting this interface, its index changes, but
dnsmasq uses the old one. When this problem occurs, dnsmasq does not
listen on the correct interface so DHCP does not work, and clients do not
get an IP address. Procd netdev param can be added to restart dnsmasq when
the interface index is changed.
Signed-off-by: Valentyn Datsko <valikk.d@gmail.com>
[combined into a single &&-connected statement] Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 76f55e3c3f32dea63a385e9b3c8eaed1322089c7)
The sama7 sub target does not have USB support, the feature should not
be activated there. OpenWrt can automatically detect if the target
supports USB by using the scripts/target-metadata.pl script. With the
automatic detection USB support will only get activated on subtargest
which actually support USB like sam9x and sama5.
Remove the configuration options which are building modules for the sub
target configuration.
These kernel modules are not packaged. Kernel options should only be
build as a module when they are selected by a kmod package and not by
setting them to =m in the target kernel configuration.
Daniel Golle [Wed, 6 Apr 2022 16:25:16 +0000 (17:25 +0100)]
scripts: make sure sort-order is independent from locale
Set LC_ALL=C environment variable when calling 'sort' as the sort
order otherwise depends on the locale set.
Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1d77dca3b32dd883bcc2213675cf21111ac1beca)
Daniel Golle [Wed, 6 Apr 2022 11:19:31 +0000 (12:19 +0100)]
kernel: set SOURCE_DATE_EPOCH for initramfs root dir
Make sure the timestamp of the root directory of the initramfs is set
to SOURCE_DATE_EPOCH as well.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 54bcf586b0beb510345fdbac731ce1c04b6fa56b)
Paul Spooren [Mon, 28 Mar 2022 02:29:09 +0000 (03:29 +0100)]
build: store sha256_unsigned in JSON
Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.
Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.
Daniel Golle [Tue, 29 Mar 2022 12:54:14 +0000 (13:54 +0100)]
kernel: fix initramfs reproducibility
Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fc6a83e63b187ecfd0e427c062ae09e3c104e291)
Stijn Tintel [Sat, 19 Feb 2022 15:54:22 +0000 (17:54 +0200)]
image: let mksquashfs4 use all processors
Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.
The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):
Before:
real 4m45,973s
After:
real 0m23,497s
With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message] Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit df2ae8826ced4f374bcb693b44d8a113ad150d70)
The WatchGuard Firebox M200 and M300 use a Marvell 88e1543 PHY for the
first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY
driver, so enable it.
Daniel Golle [Sun, 3 Apr 2022 15:19:31 +0000 (16:19 +0100)]
kernel: load device-mapper early on boot
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.
Andre Heider [Sun, 5 Dec 2021 11:14:45 +0000 (12:14 +0100)]
ipq40xx: add support for FRITZ!Box 7520
This model, also know as "1&1 HomeServer", shares the same features as 7530.
The vendor firmware has artificial software limitations: only 2 of the 4
LAN-Ports are GBit, and the USB-Host is only v2.0.
With OpenWrt, USB is already working at v3.0.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(updated commit message to reflect current state) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cb6f4be13703f0224fc462caaeac14e725c72986)
Stijn Tintel [Fri, 25 Mar 2022 13:03:53 +0000 (15:03 +0200)]
gettext-full: add gmsgfmt symlink in host install
Some configure scripts look for msgfmt and gmsgfmt. As we don't install
the latter, configure might pick up one from staging_dir/hostpkg, and
the other from the host:
checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt
checking for gmsgfmt... /usr/bin/gmsgfmt
This could potentially lead to hard to debug undefined behaviour.
Install a symlink in the host install phase to avoid this.
Robert Marko [Mon, 21 Mar 2022 11:39:54 +0000 (12:39 +0100)]
uboot-mvebu: backport patch to fix eMMC
v2022.01 has a regression that broke eMMC usage on most if not all Armada
SoC-s, thus breaking boards like uDPU which use eMMC for storage.
Fix it by backporting a recent upstream patch.
Fixes: 782d4c8306c8 ("uboot-mvebu: update to version 2022.01") Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit a70383080694f26d13db8341a83261f6b1c45f12)
ath79: fix label MAC address for Ubiquiti UniFi AP Outdoor+
The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.
Hauke Mehrtens [Mon, 28 Feb 2022 20:57:55 +0000 (21:57 +0100)]
realtek: Use firewall4
The realtek target is not a router, but basic device, see DEVICE_TYPE.
The basic device type does not come with firewall by default, see
include/target.mk for details. The realtek target extended
DEFAULT_PACKAGES manually with firewall.
This changes the defaults to take firewall4 and nftables instead of
firewall and iptables. This also adds the additional package
kmod-nft-offload.
The only difference to the router type is the missing ppp,
ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.
This increases the compressed image size by about 422KBytes.
Hauke Mehrtens [Fri, 25 Mar 2022 12:57:40 +0000 (13:57 +0100)]
realtek: Remove dnsmasq and odhcpd-ipv6only from default
Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.
This decreases the compressed image size by about 165KBytes.
removes usb-port remains as neither the WAC510 nor the WAC505
come with a USB port. Update the LED properties to phase out
labels and introduce generic node-names as well as adding
the color, function and function-enumerator properties.
Daniel Golle [Thu, 24 Mar 2022 18:40:14 +0000 (18:40 +0000)]
uqmi: fix acquiring PIN status
Evaluating the return value of 'json_load' didn't work in the
intended way resulting in PIN status no longer being read on modems
where --get-pin-status doesn't fail.
Fix this by trying --get-pin-status first and checking if pin1_status
field exists in JSON, and if it doesn't try again with
--uim-get-sim-state.
Daniel Golle [Sat, 26 Mar 2022 22:51:21 +0000 (22:51 +0000)]
generic: sync mtd rootfs hack with part_bits
In commit ab143647ef ("kernel: generic: improve FIT partition parser")
part_bits was bumped to 2 in order to allow up to 3 additional FIT
sub-images mapped into sub-partitions.
This change has to be reflected also in our local patch
420-mtd-set-rootfs-to-be-root-dev.patch
which still assumed part_bits==1 for mtdblock devices in case of
CONFIG_FIT_PARTITION=y.
Fixes: #9557 Fixes: ab143647ef ("kernel: generic: improve FIT partition parser") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 13960fb0e0babcd99530fcb234073af0c0a5e2f5)
Daniel Golle [Wed, 23 Mar 2022 19:29:07 +0000 (19:29 +0000)]
kernel: generic: improve FIT partition parser
* only map filesystems configured in 'loadables'
* allow mapping more than one filesystem (e.g. customization/branding
or localization in addition to rootfs)
* small cleaning here and there
Daniel Golle [Mon, 21 Mar 2022 23:31:38 +0000 (23:31 +0000)]
kernel: generic: use chosen bootconf in FIT partition parser
If the selected boot configuration is stored by U-Boot in '/chosen'
node as 'bootconf' attribute, use that configuration to resolve the
block device used as rootfs. Fall back to use the default configuration
in case 'bootconf' is not present.
Daniel Golle [Mon, 21 Mar 2022 23:30:10 +0000 (23:30 +0000)]
uboot-mediatek: add patch to allow accessing bootconf from Linux
Store selected boot configuration in '/chosen' node in device tree, so
it can be accessed by Linux (and used for fine-tuning the FIT partition
parser).
Daniel Golle [Mon, 21 Mar 2022 20:14:48 +0000 (20:14 +0000)]
uboot-envtools: oxnas: fix wrong eraseblock size for shuttle,kd20
Shuttle KD20 has NAND flash with 0x20000 (128KiB) erase blocks.
Correctly set that in uboot-envtools as well to allow writing to the
bootloader environment using fw_setenv.
Petr Štetiar [Sun, 27 Mar 2022 09:48:31 +0000 (11:48 +0200)]
openwrt-keyring: fix broken install step
In commit 2d03f27f0f07 ("openwrt-keyring: make opkg use 22.03 usign
key") I've accidentally removed the `endef` keyword, so fix it by adding
it back.
Fixes: 2d03f27f0f07 ("openwrt-keyring: make opkg use 22.03 usign key") Reported-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Petr Štetiar <ynezz@true.cz>
kernel: add (disabled) ASYMMETRIC_TPM_KEY_SUBTYPE symbol
at91/sama7 fails to build due to:
| Asymmetric (public-key cryptographic) key type (ASYMMETRIC_KEY_TYPE) [Y/?] y
| Asymmetric public-key crypto algorithm subtype (ASYMMETRIC_PUBLIC_KEY_SUBTYPE) [Y/?] y
| Asymmetric TPM backed private key subtype (ASYMMETRIC_TPM_KEY_SUBTYPE) [N/m/?] (NEW)
|Error in reading or end of file.
please note that asym_tpm (module) has been removed in 5.17:
<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d3cff4a9>
Josef Schlehofer [Sun, 20 Mar 2022 22:28:41 +0000 (23:28 +0100)]
cypress-firmware: drop several packages
1. Drop package: cypress-firmware-4359-pcie
This binary is no longer provided and there are not many details what
happened.
2. Drop package: cypress-firmware-4359-sdio
This binary is no longer provided, but in this case, to compare it with
PCIe package mention as first, there was added
support in Linux-firmware [1], but no sign of firmware file.
4. Drop package: cypress-firmware-89459-pcie [2]
According to Infineon: "CYW89459 is an automotive Wi-Fi chip which is not
supported in the broad market community."
Fixes: 7ca7e0b22de6 ("cypress-firmware: update it to version 5.4.18-2021_0812") Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 51dee3f4f7bac26cae8a6355f5a9adb4823f63a5)
This turned out this is an issue with upstream changing
ATA_TAG_INTERNAL's value from 31 to 32 during 4.18 release.
Update "SATA_DWC_QCMD_MAX" to account for that.
Petr Štetiar [Thu, 24 Mar 2022 05:52:37 +0000 (06:52 +0100)]
imagebuilder: fix broken image generation with external targets
When using external targets there is a symlink being created for the
target under target/linux which then becomes dangling under Image
Builder. Fix it by dereferencing the possible symlink.
Tested on IB with external target, ipq40xx and mvebu.
ath79: change Ubiquiti UniFi AP model name to include "AP"
While it hasn't always been clear whether the "AP" is part of the model
name on the Ubiquiti website, we include it for all other pre-AC
variants (AP Pro and the AP Outdoor+). Add it to the original UniFi AP
as well for consistency.
Petr Štetiar [Tue, 8 Mar 2022 09:41:24 +0000 (10:41 +0100)]
sunxi: cortexa7: fix ethernet link detection on a20-olinuxino-lime2
a20-olinuxino-lime2 is currently having hard time with link detection of
certain 1000Mbit partners due to usage of generic PHY driver, probably
due to following missing workaround introduced in upstream in commit 3aed3e2a143c ("net: phy: micrel: add Asym Pause workaround"):
The Micrel KSZ9031 PHY may fail to establish a link when the Asymmetric
Pause capability is set. This issue is described in a Silicon Errata
(DS80000691D or DS80000692D), which advises to always disable the
capability. This patch implements the workaround by defining a KSZ9031
specific get_feature callback to force the Asymmetric Pause capability
bit to be cleared.
This fixes issues where the link would not come up at boot time, or when
the Asym Pause bit was set later on.
As a20-olinuxino-lime2 has Micrel KSZ9031RNXCC-TR Gigabit PHY since
revision H, so we need to use Micrel PHY driver on those devices.
Petr Štetiar [Thu, 24 Mar 2022 05:45:04 +0000 (06:45 +0100)]
zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.
Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.
Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1 Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033)
Felix Fietkau [Mon, 21 Mar 2022 19:26:56 +0000 (20:26 +0100)]
qosify: update to the latest version
391a9fbd5ace dns: fix parsing vlan encapsulated protocol 6aeeddbc91ad interface: extend dns filters to cover vlan tagged traffic as well 1ab53d4ca601 bpf: return TC_ACT_UNSPEC to allow other filters to proceed ca21e729af23 interface: switch to using clsact for filters 5d158f6b3c15 interface: run ingress bpf filter on main device ingress instead of ifb egress bdfcb11847ce interface: fix duplicated dns filter line b97405aa632a Revert "ubus: remove dnsmasq subscriber" 8fbaf39dbc95 interface: rework adding/removing filters, do not delete clsact d7ba5804eae4 interface: replace open-coded ifb-dns string with QOSIFY_DNS_IFNAME 91cf440db9e2 loader: fix use of deprecated functions 57c7817f91c2 qosify: fix dscp values of ubus-added dns host entries
Rui Salvaterra [Wed, 9 Dec 2020 16:11:40 +0000 (16:11 +0000)]
kmod-lzo: include the lzo-rle kmod in the package
Albeit a separate crypto module, lzo-rle uses the same kernel library as lzo.
Crypto API users (zram, for example) expect both lzo and lzo-rle to be
available, so let's include lzo-rle (about 5.5 kiB) in the lib-lzo package.
Based on e9hack's original patch: https://patchwork.ozlabs.org/project/openwrt/patch/541cbfbd-76f2-59b3-a867-47b6f0fc7da9@gmail.com/
Daniel Golle [Mon, 21 Mar 2022 01:16:48 +0000 (01:16 +0000)]
kernel: delete Linux 5.4 config and patches
As the upcoming release will be based on Linux 5.10 only, remove all
kernel configuration as well as patches for Linux 5.4.
There were no targets still actively using Linux 5.4.
Notes:
U-Boot passes through the ethaddr from uboot-env partition,
but also has been known to reset it to a generic mac address
hardcoded in the bootloader.
However, bdata is also populated with the ethernet mac addresses,
but is also typically never written to. Thus this is used instead.
2. Calculate telnet password from serial number and login
3. Execute commands to prepare device
nvram set ssh_en=1
nvram set uart_en=1
nvram set boot_wait=on
nvram set flag_boot_success=1
nvram set flag_try_sys1_failed=0
nvram set flag_try_sys2_failed=0
nvram commit
4. Download and flash image
On computer:
python -m http.server
On router:
cd /tmp
wget http://<IP>:8000/factory.bin
mtd -r write factory.bin firmware
Device should reboot at this point.
Reverting to stock:
Stock Xiaomi recovery tftp that accepts their signed images,
with default ips of 192.168.31.1 + 192.168.31.100.
Stock image should be renamed to tftp server ip in hex (Eg. C0A81F64.img)
Triggered by holding reset pin on powerup.
A simple implementation of this would be via dnsmasq's
dhcp-boot option or using the vendor's (Windows only)
recovery tool available on their website.
Paul Spooren [Sun, 20 Mar 2022 13:34:22 +0000 (13:34 +0000)]
build: switch VERSION_REPO again to HTTPS
The maintainer-tools.git script still defaults to `http` while
eveyrthing moved over to `https`. This commit switches VERSION_REPO
again back to encrypted connections.
Nicholas Smith [Fri, 11 Mar 2022 03:54:07 +0000 (13:54 +1000)]
ipq40xx: add support for Telco X1 Pro
Telco X1 Pro is a Cat12 LTE-A Pro modem router.
Vendor firmware is based on a recent version of OpenWrt.
Flashing is possible via CLI using sysupgrade -F -n
The serial headers allow bootloader and console access
Serial setting: 115200 8N1
Brief Specifications:
IPQ4019 SoC
32MB flash
512MB RAM
4x gigabit LAN
1x gigabit WAN
Dual-band Wave-2 wifi
2x SMA LTE antenna connectors
2x RP-SMA wifi antennas
1x USB 2.0 port
1x Reset button
Serial headers installed
1x Nano SIM tray
1x Quectel EM-12G LTE-A Pro modem
1x M.2 slot attached to USB 3.0
1x internal micro SD card slot
Signed-off-by: Nicholas Smith <nicholas@nbembedded.com>
The R1 revision is identical to the A1 revision except
- No Config2 Parition, therefore
- factory partition resized to 64k from 128K
- Firmware partition offset is 0x50000 not 0x60000
- Firmware partitions size increased by 64K
- Firmware partition type is "denx,uimage", not "sge,uimage"
- Padding of image creation "uimage-padhdr 96" removed
Installation:
Update to the last D-Link firmware through web-ui before OpenWRT
installation then follow the instructions to patch your device using
D-Link FailsafeUI.
- D-Link FailsafeUI:
Power down the router, press and hold the reset button, then
re-plug it. Keep the reset button pressed until the internet LED stops
flashing, then jack into any lan port and manually assign a static IP
address in 192.168.0.0/24 other than 192.168.0.1 (e.g. 192.168.0.2)
and go to http://192.168.0.1
Flash with the factory image.
Signed-off-by: Igor Nazarov <tigron.dev@gmail.com>
Installation
------------
1. Place *factory.trx on any web server (192.168.1.2 in this example)
2. Connect to the router using telnet shell (no password required)
3. Save MAC adresses to U-Boot environment:
uboot_env --set --name eth2macaddr --value $(ifconfig | grep eth2 | \
awk '{print $5}')
uboot_env --set --name eth3macaddr --value $(ifconfig | grep eth3 | \
awk '{print $5}')
uboot_env --set --name ra0macaddr --value $(ifconfig | grep ra0 | \
awk '{print $5}')
uboot_env --set --name rax0macaddr --value $(ifconfig | grep rax0 | \
awk '{print $5}')
4. Ensure that MACs were saved correctly:
uboot_env --get --name eth2macaddr
uboot_env --get --name eth3macaddr
uboot_env --get --name ra0macaddr
uboot_env --get --name rax0macaddr
5. Download and write the OpenWrt images:
cd /tmp
wget http://192.168.1.2/factory.trx
mtd_write erase /dev/mtd4
mtd_write write factory.trx /dev/mtd4
6. Set 1st boot partition and reboot:
uboot_env --set --name bootpartition --value 0
reboot
Back to Stock
-------------
1. Run in the OpenWrt shell:
fw_setenv bootpartition 1
reboot
2. Optional step. Upgrade the stock firmware with any version to
overwrite the OpenWrt in Slot 1.
MAC addresses
-------------
+-----------+-------------------+----------------+
| Interface | MAC | Source |
+-----------+-------------------+----------------+
| label | 30:xx:xx:51:xx:09 | No MACs was |
| LAN | 30:xx:xx:51:xx:09 | found on Flash |
| WAN | 30:xx:xx:51:xx:06 | [1] |
| WLAN_2g | 30:xx:xx:51:xx:07 | |
| WLAN_5g | 32:xx:xx:41:xx:07 | |
+-----------+-------------------+----------------+
[1]:
a. Label wasb't found neither in factory nor in other places.
b. MAC addresses are stored in encrypted partition "glbcfg". Encryption
key hasn't known yet. To ensure the correct MACs in OpenWrt, a hack
with saving of the MACs to u-boot-env during the installation was
applied.
c. Default Ralink ethernet MAC address (00:0C:43:28:80:36) was found in
"Factory" 0xfff0. It's the same for all Smartbox Flash devices. OEM
firmware also uses this MAC when initialazes ethernet driver. In
OpenWrt we use it only as internal GMAC (eth0), all other MACs are
unique. Therefore, there is no any barriers to the operation of several
Smartbox Flash devices even within the same broadcast domain.
Stock firmware image format
---------------------------
+--------------+---------------+----------------------------------------+
| Offset | 1.0.15 | Description |
+==============+===============+========================================+
| 0x0 | 5d 43 6f 74 | TRX magic "]Cot" |
+--------------+---------------+----------------------------------------+
| 0x4 | 00 70 ff 00 | Length (reverse) |
+--------------+---------------+----------------------------------------+
| | | htonl(~crc) from 0xc ("flag_version") |
| 0x8 | 72 b3 93 16 | to "Length" |
+--------------+---------------+----------------------------------------+
| 0xc | 00 00 01 00 | Flags |
+--------------+---------------+----------------------------------------+
| | | Offset (reverse) of Kernel partition |
| 0x10 | 1c 00 00 00 | from the start of the header |
+--------------+---------------+----------------------------------------+
| | | Offset (reverse) of RootFS partition |
| 0x14 | 00 00 42 00 | from the start of the header |
+--------------+---------------+----------------------------------------+
| 0x18 | 00 00 00 00 | Zeroes |
+--------------+---------------+----------------------------------------+
| 0x1c | 27 05 19 56 … | Kernel data + zero padding |
+--------------+---------------+----------------------------------------+
| | | RootFS data (starting with "hsqs") + |
| 0x420000 | 68 73 71 73 … | zero padding to "Length" |
+--------------+---------------+----------------------------------------+
| | | Some signature data (format is |
| | | unknown). Necessary for the fw |
| "Lenght" | 00 00 00 00 … | update via oem fw web interface. |
+--------------+---------------+----------------------------------------+
| "Lenght" + | | TRX magic "HDR0". U-Boot is |
| 0x10c | 48 44 52 30 | checking it at every boot. |
+--------------+---------------+----------------------------------------+
| | | 1.00: |
| | | Zero padding to ("Lenght" + 0x23000) |
| | | 1.0.12: |
| | | Zero padding to ("Lenght" + 0x2a000) |
| "Lenght" + | | 1.0.13, 1.0.15, 1.0.16: |
| 0x110 | 00 00 00 00 | Zero padding to ("Lenght" + 0x10000) |
+--------------+---------------+----------------------------------------+
Florian Eckert [Wed, 22 Dec 2021 07:59:43 +0000 (08:59 +0100)]
base-files: add wrapper for procd service list command
A service managed by procd does have a json object with usefull information.
This information could by dumped with the following command.
ubus call service list "{ 'verbose':true, 'name': '<service-name>)'". }"
This line is long and complicated to enter. This commit adds a wrapper
call to the procd service section tool to simplify the input and get the
output faster.
We could now enter the command /etc/initd/<service> info to get the info
faster.
Florian Eckert [Tue, 30 Nov 2021 15:01:14 +0000 (16:01 +0100)]
procd: move service command to procd
The service command belongs to the procd and does not belong in the
shinit. In the course of the move, the script was also checked with
shellcheck and cleaned up.
Josef Schlehofer [Wed, 16 Mar 2022 12:14:57 +0000 (13:14 +0100)]
cypress-firmware: update it to version 5.4.18-2021_0812
- Binary files were renamed to cyfmac from brcmfmac, but the files needs
to be on the router with the previous naming
[ 6.656165] brcmfmac: brcmf_fw_alloc_request: using brcm/brcmfmac43455-sdio for chip BCM4345/6
[ 6.665182] brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43455-sdio.bin failed with error -2
[ 6.674928] brcmfmac mmc1:0001:1: Falling back to sysfs fallback for: brcm/brcmfmac43455-sdio.bin
- Cypress were acquired by Infineon Technologies
Thus change the project URL and switch to download files from their
GitHub repository. This is much better than the previous solution, which
requires finding new threads on their community forum about new driver
updates, and it will be necessary to change the URL each time.
Unfortunately, it seems that there is not published changelog, but
according to this forum thread [1], be careful by opening the link from
solution since it contains ending bracket ), it brings fixes for various
security vulnerabilities, which were fixed in 7_45_234.
Fixes:
- FragAttacks
- Kr00k
Also add LICENSE file
Run tested on Seeedstudio router powered by Raspberry Pi 4 CM with
package cypress-firmware-43455-sdio.
projects / thirdparty / openwrt.git / log
