David Bauer [Sun, 24 Apr 2022 23:00:49 +0000 (01:00 +0200)]
mpc85xx: set WS-AP3825i mac-address in preinit
The bootloader does seem to not correctly patch in the MAC address for
eth0 / eth1 in some cases. While the root cause is not known, manually
applying the MAC-Address in preinit does not hurt.
Reported-by: Tom Herbers <freifunk@tomherbers.de> Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit c6d52515e009d96e0afbe77310bf172f113d0eef)
David Bauer [Sun, 24 Apr 2022 21:48:42 +0000 (23:48 +0200)]
mpc85xx: define reset-delay for WS-AP3825i eth PHY
The WS-AP3825i uses Atheros PHYs which according to the datasheet
require the reset to be asserted for at least 1 ms.
This fixes broken eth1 upon soft-reboot. eth0 is no affected, as the
ifup / ifdown cycle in preinit prevents this issue from happening when
the system is ready.
Reported-by: Tom Herbers <freifunk@tomherbers.de> Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 8b3c313515c1ae37be9d61a4e92c4bf4b43f605f)
Jo-Philipp Wich [Tue, 22 Mar 2022 19:26:59 +0000 (20:26 +0100)]
ucode: update to latest Git HEAD
e14b099 syntax: implement support for ES6 template literals 111cf06 vm: stop executing bytecode on return of nested calls 33f1e0b treewide: move json-c compat shims into internal header file e0e9431 vm: move unhandled exception reporting out of `uc_vm_execute_chunk()` 2b59140 vm: fix callframe double free on unhanded exceptions 7d7e950 main: abort when failing to load a preload library 1032a67 lib: let `json()` accept input objects implementing `read()` method 5ee68d5 fs: implement `fs.readfile()` and `fs.writefile()` df6b861 ci: debian: change path before attempting to invoke Git operations dfaf05a ci: debian: automatically update changelog from Git tag 34f3c45 ci: fix YAML syntax of Debian workflow e956bcf fs: fix off-by-one in fs.dirname() function 6fc4b6c .gitignore: fix overmatching patterns, blacklist cram .venv 7c2e082 build: remove legacy json-c check 77942af build: add polyfills for older libjson-c versions 0b4aaa3 CI: build Debian package f404285 debian: Add package definition a37f654 types: fix escape sequence encoding of high byte values in JSON strings aae5312 Update README.md 8134e25 build: fix symlink install target 87c7296 treewide: replace some leftover "utpl" occurrences, update .gitignore 7d27ad5 build: only stage ucc symlink if compile support is enabled 171402f lib: add date and time related functions 8b5dc60 lib: provide API function to obtain stdlib function implementations eb0d2f1 main: turn ucode into multicall executable 28ee7e1 uloop: add support for tasks 753dea9 CI: build on macOS 668c5c0 lib: add argument position support (`%m$`) to `sprintf()` and `printf()` ab46fdf treewide: remove legacy json-c include directives b8f49b1 tests: 21_regex_literals: generalize syntax error test case fd2e5e7 tests: 16_sort: fix logic flaw exposed on OS X 2c71bf2 tests: run_tests.sh: pass dummy value to `-T` flag 55c4a90 lib: disallow zero padding for %s formats 0d05cb5 tests: run_tests.sh: use greadlink if available 271e520 resolv: make OS X compatible d13c320 fs: avoid Linux specific sys/sysmacros.h include on OS X 33397a3 uloop: use execvp() on OS X bafdc8f lib: add naive sigtimedwait() stub for OS X ada1585 build: consolidate CMakeLists.txt and cover OS X deviations befbb69 include: add OS X compatible endian.h header 49838a8 include: rename include guards to avoid clashes with system headers 91f65de nl80211: add missing attributes and correct some attribute flags b4a1fd5 lib: adjust require(), render() and include() raw mode semantics 4618807 main: rework CLI frontend 73dcd78 lib: fix potential integer underflow on empty render output c402551 vm: fix crash on object literals with non-string computed properties efe8a02 syntax: support add new operators 078d686 ubus: add event support 6c66c83 ubus: refactor error and argument handling 1cb04f9 ubus: add object publishing, notify and subscribe support 0e85974 uloop: clear errno before integer conversion attempts 05bd7ed types: treat resource type prototypes as GC roots a2a26ca lib: introduce uloop binding 6b6d01f vm: release this context on exception in managed method call 1af23a9 tests: fix proto() testcase 4ce69a8 fs: implement access(), mkstemp(), file.flush() and proc.flush()
Daniel Golle [Tue, 19 Apr 2022 15:27:22 +0000 (16:27 +0100)]
uboot-mediatek: remove '0x' prefix from pstore node
Remove '0x' prefix from pstore node in dts, just like it was done
for the device tree used by Linux on MT7622.
This change is done in preparation to update U-Boot to 2022.04.
Daniel Golle [Tue, 19 Apr 2022 15:23:08 +0000 (16:23 +0100)]
mediatek: mt7622: remove '0x' prefix from pstore address in dts
Adresses of device tree nodes are typically noted without the '0x'
prefix. While having the '0x' prefix doesn't hurt when using Linux,
more recent versions of U-Boot will add a duplicate ramoops node as a
simple string compare is used to check if the node is already present.
Remove the '0x' prefix to avoid the kernel warning resulting from
U-Boot adding a dupplicate pstore/ramoops node.
See also https://lists.denx.de/pipermail/u-boot/2022-April/481810.html
Felix Fietkau [Tue, 19 Apr 2022 19:14:42 +0000 (21:14 +0200)]
kernel: add missing config symbols
MPLS feature symbols are normally only set when kmod-mpls is enabled, but the
CONFIG_MPLS symbol they depend on could also have been selected by openvswitch
instead
netfilter: move nf-log modules into separate packages
Both legacy iptables and nftables require nf-log modules for rule logging,
so move them into a separate package both firewall implementations can
depend on.
Ray Wang [Sat, 12 Mar 2022 14:57:12 +0000 (22:57 +0800)]
ramips: add support for OrayBox X3A
OrayBox X3A is a 2.4/5GHz dual band AC router, based on MediaTek MT7621.
Specification:
* SoC: MT7621
* RAM: DDR3 128 MiB
* Flash: 16 MiB NOR (XM25Q128)
* Wi-Fi: (single chip hosting both 2.4G and 5G)
* 2.4GHz: MT7615
* 5GHz: MT7615
* Ethernet: 3x 1000Mbps
* Switch: MT7530
* LED:
* Ethernet LEDs: On the back of the router, hardware-controlled.
* Status LEDs: One "pixel-like" RGB LED in the front of the router,
which is actually made up of 3 individual LEDs (with
dedicated GPIO pins) with the color of Red, Green,
and Blue.
The OEM firmware only lights up one color at a time to
indicate status, but that's very boring, and the colors
actually look great when combined, so I've improvised a
little and made them indicate netdev activities.
My test results:
GPIO 13/14/15
000 white (actually more like bright green or cyan
because the brightness of the green LED is
higher than red and blue)
001 bright purple
010 bright green
011 red
100 bright cyan
101 blue
110 green
111 off
Flash Layout:
0x0000000-0x0030000 : "u-boot"
0x0030000-0x0040000 : "u-boot-env"
0x0040000-0x0050000 : "factory"
0x0050000-0x0f50000 : "firmware"
/*0x0f50000 to 0x0fe0000 is undefined, same as OEM firmware*/
0x0fe0000-0x0ff0000 : "bdinfo"
0x0ff0000-0x1000000 : "reserve"
Installation via SSH (does not void your warranty):
1. -----UNLOCK SSH-----
1.1 Set computer IP to DHCP mode, load 'http://10.168.1.1/cgi-bin/luci' in
your browser. Password is 'admin'.
1.2 Click the "备份且导出" (backup and export) button, and download the
config file.
1.3 Open the downloaded file with 7zip, navigate to '/etc/config/'.
1.4 Edit the file './system'. Change the '0' into '1' under
"config sys 'ssh'".
1.5 Save the file.
1.6 Upload the file by clicking the "导入且恢复" (import and recover)
button. The router will automatically reboot.
2. -----FLASH THE OPENWRT FIRMWARE-----
2.1 Use any scp tool to upload the 'sysupgrade' firmware to the '/tmp/'
folder to your router. It should be root@10.168.1.1 and the password
is 'admin'.
2.2 SSH into the router, also root@10.168.1.1 and the password is 'admin'.
2.3 **IMPORTANT** Type command 'dd if=/dev/mtd3 of=/tmp/firmware.bin', to
backup the stock firmware. Since the OEM does not provide firmware
download on their website, this is the only way to get it.
2.3 **ALSO IMPORTANT** Use any scp tool to download your backed-up stock
firmware from '/tmp/' to your local drive. Then you'd better use a hex
reading tool to have a rough look at it to make sure nothing is
corrupt. Or u can just back up again and cross check the MD5.
2.4 Type command 'mtd write /tmp/XXX.bin firmware', and it should flash
the firmware.
2.5 Verify that nothing went wrong. If you're confident, type 'reboot' and
reboot the router.
Revert to stock firmware:
1. load stock firmware using mtd (make sure u have a backup).
* If "Active Image" has the first option selected, OpenWrt will need to be
flashed to the "Active" partition. If the second option is selected,
OpenWrt will need to be flashed to the "Backup" partition.
* Navigate to Maintenance > Firmware > Upload
* Upload the openwrt-realtek-rtl838x-zyxel_gs1900-24hp-v1-initramfs-kernel.bin
file by your preferred method to the previously determined partition.
When prompted, select to boot from the newly flashed image, and reboot
the switch.
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs
image.
* Connect serial, power up the switch, interrupt U-boot by hitting the
space bar, and enable the network:
> rtk network on
* Since the GS1900-24HP v1 is a dual-partition device, you want to keep the
OEM firmware on the backup partition for the time being. OpenWrt can
only be installed in the first partition anyway (hardcoded in the
DTS). To ensure we are set to boot from the first partition, issue the
following commands:
> setsys bootpartition 0
> savesys
* Download the image onto the device and boot from it:
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
[Add info on PoE hardware to commit message] Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit a5ac8ad0ba9df50bdd0dda1dc26cf36f83006893)
The Sophos AP100, AP100C, AP55, and AP55C are dual-band 802.11ac access
points based on the Qualcomm QCA9558 SoC. They share PCB designs with
several devices that already have partial or full support, most notably the
Devolo DVL1750i/e.
The AP100 and AP100C are hardware-identical to the AP55 and AP55C, however
the 55 models' ART does not contain calibration data for their third chain
despite it being present on the PCB.
Specifications common to all models:
- Qualcomm QCA9558 SoC @ 720 MHz (MIPS 74Kc Big-endian processor)
- 128 MB RAM
- 16 MB SPI flash
- 1x 10/100/1000 Mbps Ethernet port, 802.3af PoE-in
- Green and Red status LEDs sharing a single external light-pipe
- Reset button on PCB[1]
- Piezo beeper on PCB[2]
- Serial UART header on PCB
- Alternate power supply via 5.5x2.1mm DC jack @ 12 VDC
Unique to AP100 and AP100C:
- 3T3R 2.4GHz 802.11b/g/n via SoC WMAC
- 3T3R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express)
AP55 and AP55C:
- 2T2R 2.4GHz 802.11b/g/n via SoC WMAC
- 2T2R 5.8GHz 802.11a/n/ac via QCA9880 (PCI Express)
AP100 and AP55:
- External RJ45 serial console port[3]
- USB 2.0 Type A port, power controlled via GPIO 11
Flashing instructions:
This firmware can be flashed either via a compatible Sophos SG or XG
firewall appliance, which does not require disassembling the device, or via
the U-Boot console available on the internal UART header.
To flash via XG appliance:
- Register on Sophos' website for a no-cost Home Use XG firewall license
- Download and install the XG software on a compatible PC or virtual
machine, complete initial appliance setup, and enable SSH console access
- Connect the target AP device to the XG appliance's LAN interface
- Approve the AP from the XG Web UI and wait until it shows as Active
(this can take 3-5 minutes)
- Connect to the XG appliance over SSH and access the Advanced Console
(Menu option 5, then menu option 3)
- Run `sudo awetool` and select the menu option to connect to an AP via
SSH. When prompted to enable SSH on the target AP, select Yes.
- Wait 2-3 minutes, then select the AP from the awetool menu again. This
will connect you to a root shell on the target AP.
- Copy the firmware to /tmp/openwrt.bin on the target AP via SCP/TFTP/etc
- Run `mtd -r write /tmp/openwrt.bin astaro_image`
- When complete, the access point will reboot to OpenWRT.
To flash via U-Boot serial console:
- Configure a TFTP server on your PC, and set IP address 192.168.99.8 with
netmask 255.255.255.0
- Copy the firmware .bin to the TFTP server and rename to 'uImage_AP100C'
- Open the target AP's enclosure and locate the 4-pin 3.3V UART header [4]
- Connect the AP ethernet to your PC's ethernet port
- Connect a terminal to the UART at 115200 8/N/1 as usual
- Power on the AP and press a key to cancel autoboot when prompted
- Run the following commands at the U-Boot console:
- `tftpboot`
- `cp.b $fileaddr 0x9f070000 $filesize`
- `boot`
- The access point will boot to OpenWRT.
MAC addresses as verified by OEM firmware:
use address source
LAN label config 0x201a (label)
2g label + 1 art 0x1002 (also found at config 0x2004)
5g label + 9 art 0x5006
Increments confirmed across three AP55C, two AP55, and one AP100C.
These changes have been tested to function on both current master and
21.02.0 without any obvious issues.
[1] Button is present but does not alter state of any GPIO on SoC
[2] Buzzer and driver circuitry is present on PCB but is not connected to
any GPIO. Shorting an unpopulated resistor next to the driver circuitry
should connect the buzzer to GPIO 4, but this is unconfirmed.
[3] This external RJ45 serial port is disabled in the OEM firmware, but
works in OpenWRT without additional configuration, at least on my
three test units.
[4] On AP100/AP55 models the UART header is accessible after removing
the device's top cover. On AP100C/AP55C models, the PCB must be removed
for access; three screws secure it to the case.
Pin 1 is marked on the silkscreen. Pins from 1-4 are 3.3V, GND, TX, RX
MAC addresses as verified by OEM firmware:
use address source
Lan/Wan/2G *:60 factory 0x4 (label)
5G *:64 factory 0x8000
Serial console: 57600,8n1
Installation:
Asus windows recovery tool:
install the Asus firmware restoration utility
unplug the router, hold the reset button while powering it on
release when the power LED flashes slowly
specify a static IP on your computer:
IP address: 192.168.1.75
Subnet mask 255.255.255.0
start the Asus firmware restoration utility, specify the factory image
and press upload
do NOT power off the device after OpenWrt has booted until the LED flashing
after flashing OpenWrt, there will be first no 5GHz Wifi available probably,
wait until blinking finishes and do a reboot
TFTP Recovery method:
set computer to a static ip, 192.168.1.75
connect computer to the LAN 1 port of the router
hold the reset button while powering on the router for a few seconds
send firmware image using a tftp client; i.e from linux:
$ tftp
tftp> binary
tftp> connect 192.168.1.1
tftp> put factory.bin
tftp> quit
do NOT power off the device after OpenWrt has booted until the LED flashing
after flashing OpenWrt, there will be first no 5GHz Wifi available probably,
wait until blinking finishes and do a reboot
Abdul Aziz Amar [Mon, 14 Mar 2022 09:26:23 +0000 (05:26 -0400)]
ramips: add support for BOLT! Arion
This device is from now-defunct BOLT! ISP in Indonesia.
The original firmware is based on mediatek SDK running linux 2.6 or 3.x in later revision.
Specifications:
- SoC: MediaTek MT7621
- Flash: 32 MiB NOR SPI
- RAM: 128 MiB DDR3
- Ethernet: 2x 10/100/1000 Mbps (switched, LAN + WAN)
- WIFI0: MT7603E 2.4GHz 802.11b/g/n
- WIFI1: MT7612E 5GHz 802.11ac
- Antennas: 2x internal, non-detachable
- LEDs: Programmable LEDs: 5 blue LEDs (wlan, tel, sig1-3) and 2 red LEDs (wlan and sig1)
Non-programmable "Power" LED
- Buttons: Reset and WPS
Instalation:
Install from TFTP
Set your PC IP to 10.10.10.3 and gateway to 10.10.10.123
Press "1" when turning on the router, and type the initramfs file name
You also need to solder pin header or cable to J4 or neighboring test points (T19-T21)
Pinouts from top to bottom: GND, TX, RX, VCC (3.3v)
Baudrate: 57600n8
There's also an additional gigabit transformer and RTL8211FD managed by the LTE module on the backside of the PCB.
The Wavlink WL-WN531A3 is an AC1200 router with 5 fast ethernet ports
and one USB 2.0 port.
It's also known as Wavlink QUANTUM D4.
Hardware
--------
SoC: Mediatek MT7628AN
RAM: 64MB
FLASH: 8MB NOR (GigaDevice GD25Q64CSIG3)
ETH:
- 5x 10/100 Mbps Ethernet (4x LAN + 1x WAN)
WIFI:
- 2.4GHz: 1x (integrated in SOC) (2x2:2)
- 5GHz: 1x MT7612E (2x2:2)
- 4 external antennas
BTN:
- 1x Reset button
- 1x WPS button
- 1x Turbo button
- 1x Touchlink button
- 1x ON/OFF switch
LEDS:
- 1x Red led (system status)
- 1x Blue led (system status)
- 7x Blue leds (wifi led + 5 ethernet ports + power)
USB:
- 1x USB 2.0 port
UART:
- 57600-8-N-1
J1
O VCC +3,3V (near lan ports)
o RX
o TX
o GND
Everything works correctly.
Currently there is no firmware update available. Because of this, in
order to restore the OEM firmware, you must firstly dump the OEM
firmware from your router before you flash the OpenWrt image.
Backup the OEM Firmware
-----------------------
The following steps are to be intended for users having little to none
experience in linux. Obviously there are many ways to backup the OEM
firmware, but probably this is the easiest way for this router.
Procedure tested on M31A3.V4300.200420 firmware version.
1) Go to http://192.168.10.1/webcmd.shtml
2) Type the following line in the "Command" input box and then press enter:
mkdir /etc_ro/lighttpd/www/dev; cp /dev/mtd0ro /etc_ro/lighttpd/www/dev/mtd0ro; ls -la /etc_ro/lighttpd/www/dev/mtd0ro
3) After few seconds in the textarea should appear this output:
-rw-r--r-- 1 0 0 8388608 /etc_ro/lighttpd/www/dev/mtd0ro
If your output doesn't match mine, stop reading and ask for
help in the forum.
4) Open in another tab http://192.168.10.1/dev/mtd0ro to download the
content of the whole NOR. If the file size is 0 byte, stop reading
and ask for help in the forum.
5) Come back to the http://192.168.10.1/webcmd.shtml webpage and type:
rm /etc_ro/lighttpd/www/dev/mtd0ro; for i in 1 2 3 4 ; do cp /dev/mtd${i}ro /etc_ro/lighttpd/www/dev/mtd${i}ro; done; ls -la /etc_ro/lighttpd/www/dev/
6) After few seconds, in the textarea should appear this output:
-rw-r--r-- 1 0 0 196608 mtd1ro
-rw-r--r-- 1 0 0 65536 mtd2ro
-rw-r--r-- 1 0 0 65536 mtd3ro
-rw-r--r-- 1 0 0 8060928 mtd4ro
drwxr-xr-x 7 0 0 0 ..
drwxr-xr-x 2 0 0 0 .
If your output doesn't match mine, stop reading and ask for
help in the forum.
7) Open the following links to download the partitions of the OEM FW:
http://192.168.10.1/dev/mtd1ro
http://192.168.10.1/dev/mtd2ro
http://192.168.10.1/dev/mtd3ro
http://192.168.10.1/dev/mtd4ro
If one (or more) of these files are 0 byte, stop reading and ask
for help in the forum.
8) Store these downloaded files in a safe place.
9) Reboot your router to remove any temporary file in ram.
Installation
------------
Flash the initramfs image in the OEM firmware interface
(http://192.168.10.1/update.shtml).
When Openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.
Restore OEM Firmware
--------------------
Flash the "mtd4ro" file you previously backed-up directly from LUCI.
Warning: Remember to not keep settings!
Warning2: Remember to force the flash.
Notes
-----
1) Router mac addresses:
LAN XX:XX:XX:XX:XX:9B (factory @ 0x28)
WAN XX:XX:XX:XX:XX:9C (factory @ 0x2e)
WIFI 2G XX:XX:XX:XX:XX:9D (factory @ 0x04)
WIFI 5G XX:XX:XX:XX:XX:9E (factory @ 0x8004)
LABEL XX:XX:XX:XX:XX:9D
2) There is just one wifi led for both wifi interfaces.
It currently shows only the 2.4 GHz wifi activity.
See https://mikrotik.com/product/RBwAP2nD for more info.
Flashing:
TFTP boot initramfs image and then perform sysupgrade. Follow common
MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.
Note: following 781d4bfb397cdd12ee0151eb66c577f470e3377d
The network setup avoids using the integrated switch and connects the
single Ethernet port directly. This way, link speed (10/100 Mbps) is
properly reported by eth0.
This patch fixes an invalid TX PA DC bias level on QCA9561, which
results in a very low output power and very low throughput as devices
are further away from the AP (compared to other 2.4GHz APs),
following a suggestion from nbd[1].
lantiq: fritz736x: Move GPIO resets to the inidvidual board.dts files
FRITZ!Box 7360 V2 and FRITZ!Box 7360 SL both use GPIOs 37 (for &phy0)
and GPIO 44 (for &phy1) to control the PHY's reset lines. FRITZ!Box 7362
SL however uses GPIO 45 (for &phy0) and GPIO 44 (for &phy1). Move the
GPIO reset definitions to each individual board .dts and while at it,
fix the GPIOs for the FRITZ!Box 7362 SL.
The modem is based on Marvell PXA1826 and uses ACM+RNDIS interface to
establish connection with custom commands specific to ZTE modems.
Two variants of modems were discovered, some identifying themselves
as "ZTE", and others as plain "Marvell", the chipset manufacturer.
The modem itself runs a fork of OpenWrt inside, which root shell can be
accessed via ADB interface.
Lech Perczak [Thu, 31 Mar 2022 19:16:34 +0000 (21:16 +0200)]
comgt: ncm: try to detect interface for ttyACM ports
Some modems expose ttyACM as their control ports, which have the
"device" symlink pointing one level down in sysfs tree. Try to find
network interfaces for them as well, this is commonly used for modems
exposing ACM + RNDIS or ACM + ECM interface combinations.
Lech Perczak [Thu, 31 Mar 2022 19:16:22 +0000 (21:16 +0200)]
comgt: ncm: select first available network interface for device
Some modems expose multiple network interfaces on the same USB device,
causing the connection setup script to fail, because glob matching in
the detection phase causes 'ls' to output more than one interface name
plus their base directories in sysfs. Avoid that by listing the
directories explicitly and then selecting first available interface.
This is the case for some variants of ZTE MF286R built-in modem, which
exposes both RNDIS and CDC-ECM network interfaces, causing the
connection setup to fail.
Lech Perczak [Thu, 31 Mar 2022 19:16:01 +0000 (21:16 +0200)]
comgt: ncm: allow specification of interface name
Add ifname property to UCI, which can be used to override the
autodetected interface name in case the detection fails due to having
none or more than one interface exposed by the modem, which is not
explicitly linked to TTY port. This is needed on certain variants of ZTE
MF286R built-in modem, which exposes both RNDIS and CDC-ECM interfaces
on the modem, on which the automatic detection may select the wrong
network interface.
This is required to support built-in modem of ZTE MF286R, in addition to
other external modems, such as MF831, MF910, MF920, which refuse to
reconfigure their remote MAC address, even if "locally administered" bit
is set, leading to dropped traffic towards the host. Add a workaround
for that issue already present in cdc_ether to rndis_host driver as
well.
Ansuel Smith [Mon, 28 Mar 2022 00:47:12 +0000 (02:47 +0200)]
ipq806x: fix wrong CPU OPP for ipq8062
Fix wrong CPU OPP for ipq8062. Revision of the SoC added an
extra 25mV for every pvs. Also fix the voltage min/max value
that were wrong.
Reviewed-by: Robert Marko robimarko@gmail.com Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
(cherry picked from commit 3f0d87fd69b13f7d1fa06bdcc951a2896a0a9360)
The existing device tree has incorrect definitions for usb3_0 and usb3_1
and the blocks they depend upon: their addresses and interrupts are
swapped. However, their clocks and resets are not. The result is that
the USB blocks are non-functional if only one of them is enabled.
This fix backports the definitions from mainline Linux 5.15 to
OpenWrt's 5.10 dtsi additions. See the relevant mainline code here:
https://github.com/torvalds/linux/blob/v5.17/arch/arm/boot/dts/qcom-ipq8064.dtsi#L1062-L1148
This fix does not break existing ports. But some ports may have enabled
both USB blocks even thought their board only implements one, because
enabling a single USB block would not have worked before this fix.
This means that revisiting all ports of ipq806x devices that implement
a single USB port is advised. This work must be done by maintainers that
can determine which USB block corresponds to the implemented port on
their hardware.
Note that this fix swaps the names of the hardware ports. This is
unfortunate, but will happen anyway when switching to kernel 5.15. Thus,
it is best to do this ASAP, before users get to depend on port names.
It is strongly recommended that this fix is backported to 22.03 before
its release. This will minimize the number of users affected by the port
name swap.
David Bauer [Tue, 29 Mar 2022 22:31:26 +0000 (00:31 +0200)]
hostapd: add ubus method for requesting link measurements
Add a ubus method to request link-measurements from connected STAs.
In addition to the STAs address, the used and maximum transmit power can
be provided by the external process for the link-measurement. If they
are not provided, 0 is used as the default value.
Daniel Golle [Fri, 15 Apr 2022 12:25:41 +0000 (13:25 +0100)]
image: strip metadata from images when used in other artifacts
Image metadata and signature is of no use for images which are included
inside other artifacts (like an SD-card image). Strip them off before
using images in artifacts or stashing them for the ImageBuilder as the
contained signature breaks reproducibility.
Daniel Golle [Fri, 15 Apr 2022 00:15:26 +0000 (01:15 +0100)]
mtools: update to version 4.0.39
Improvements since the 4.0.38 release are:
- Rename strtoi to strosi (string to signed int). The strtoi
function on BSD does something else (returns an intmax, not
an int)
Daniel Golle [Thu, 14 Apr 2022 23:46:28 +0000 (00:46 +0100)]
scripts/gen_image_generic.sh: fix order of files in EFI bootfs
mtools recursive copy (mcopy -s ...) is using READDIR(3) to iterate
over the directory entries, hence they end up in the FAT filesystem in
traversal order which breaks reproducibility (rather than being added
to the FAT filesystem in a reproducible order). Implement recursive
copy in gen_image_generic.sh in Shell code instead, as in that way we
can force files to be copied in reproducible order.
Fixes: aece8f5ae8 ("scripts/gen_image_generic.sh: generate reproducible EFI filesystem") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 4d289ae7e63893f90957b77962c6b60574d35441)
Daniel Golle [Wed, 13 Apr 2022 15:51:58 +0000 (16:51 +0100)]
netifd: relax check in dhcp proto handler
Checking whether /sbin/udhcpc is a symbolic link breaks using the
DHCP proto handler inside procd-ujail where bind-mounts are used for
the resolved link. Check whether /sbin/udhcpc is executable instead
to allow using the proto handler for DHCP-provisioned containers.
Daniel Golle [Wed, 13 Apr 2022 13:51:34 +0000 (14:51 +0100)]
base-files: more robust sysupgrade on NAND
Make sure sysupgrade on NAND also works in case of UBI volumes having
index >9. While at it, also make sure UBI device is detected and abort
in case it isn't. Use Shell built-in shorthand ':' instead of 'true'.
Generate FAT filesystem for EFI boot in a reproducible way:
* use '--invariant' option of mkfs.fat
* set timestamps of all files to SOURCE_DATE_EPOCH
* make sure files are ordered locale-independent
- QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR
- 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN)
- 2T2R 802.11b/g/n 2.4GHz
Flash instructions:
If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):
In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
seconds, recovery mode should start downloading image from server
(unfortunately, there is no visible indication that recovery got
enabled - in case of problems check TFTP server logs)
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net> Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit a05dcb07241aa83a4416b56201e31b4af8518981)
- QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR
- 2T2R 802.11b/g/n 2.4GHz
- 2T2R 802.11n/ac 5GHz
- 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port)
LED for 5 GHz WLAN is currently not supported as it is connected directly
to the QCA9882 radio chip.
Flash instructions:
If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):
In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
seconds, recovery mode should start downloading image from server
(unfortunately, there is no visible indication that recovery got
enabled - in case of problems check TFTP server logs)
Changes:
new features:
- qsort_r function (POSIX-future)
- pthread_getname_np extension function
- hard float on SPE FPU for powerpc-sf
- SEEK_DATA and SEEK_HOLE exposed in unistd.h (Linux extensions)
compatibility:
- free now preserves errno (POSIX-future requirement)
- setjmp is declared explicitly with returns_twice for non-GCC compilers
- macro version of isascii is no longer defined for C++
- dynamic linker now tolerates zero-length LOAD segments
- epoll_[p]wait is now a cancellation point
- pwd/grp functions no longer fail on systems without AF_UNIX support
- POSIX TZ parsing is stricter to allow more names to fallback to files
- NULL is now defined as nullptr when used in C++11 or later
- gettext now accepts null pointer as argument
bugs fixed:
- old regression in wcwidth of Hangul combining (vowel/final) letters
- duplocale used wrong malloc when malloc was replaced (1.2.2 regression)
- fmaf rounded wrong on archs without FE_TOWARDZERO (all softfloat archs)
- popen didn't honor requirement not to leak other popen pipe fds to child
- aligned_alloc and variants crashed on allocation failure
- dl_iterate_phdr reported incorrect module TLS pointers
- mishandling of some inputs in acoshf and expm1f and functions using them
- potentially wrong-sign zero in cproj functions at infinity
- multiple bugs in legacy function cuserid
- minor posix_spawn file actions API conformance issues
- pthread_setname_np fd leak
- out-of-bound read in zoneinfo handling with distant-past times
- out-of-tree builds lacked generated debug cfi for x86 asm
arch-specific bugs fixed:
- powerpc (32-bit) struct shmid_ds layout was wrong for some fields
- time64 struct layout was wrong in sound ioctl fallback (32-bit archs)
In addition it contains the following improvements:
* protect stack canary from leak via read-as-string by zeroing second byte
* fix excessively slow TLS performance on some mips models
This updates mac80211 to version 5.15.33-1 which is based on kernel
5.15.33.
The removed patches were applied upstream.
This new release contains many fixes which were merged into the upstream
Linux kernel.
This also contains the following new drivers which are needed for ath11k:
* net/qrtr/
* drivers/bus/mhi/
- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
can be bypassed. If a malicious client does not send the
certificate_verify message a client can connect without presenting a
certificate even if the server requires one.
- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
v1.3 server can have its certificate heck bypassed. If the sig_algo in
the certificate_verify message is different than the certificate
message checking may be bypassed.
Daniel Golle [Sat, 9 Apr 2022 23:55:21 +0000 (00:55 +0100)]
imagebuilder: export SOURCE_DATE_EPOCH to environment
Export SOURCE_DATE_EPOCH to environment so filesystem and image
creation tools will make use of it.
Fixes reproducibility of images generated with the ImageBuilder.
Daniel Golle [Sat, 9 Apr 2022 21:04:58 +0000 (22:04 +0100)]
arm-trusted-firmware-mediatek: remove no longer needed Configure step
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.
Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dffad93d3e34275b87d97724e64447d8bde537ff)
Daniel Golle [Sat, 9 Apr 2022 21:00:50 +0000 (22:00 +0100)]
trusted-firmware-a.mk: make sure include directory exists
ARM Trusted Firmware builds do not depend on any target libraries as
they are bare-metal builds. However, the compiler aborts due to
-Werror=missing-include-dirs if the include dir doesn't exists and this
can happen when building with parallelisation as that makes it likely
for arm-trusted-firmware-* to be build very early before any of the
libraries which would implicitely create the directory.
Fix this by making sure the include dir exists before building.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[rebased in 22.03 tree] Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit b92ec82235b996ece32bc84af177adf1a4dcb90e)
Joe Mullally [Mon, 30 Aug 2021 21:35:05 +0000 (22:35 +0100)]
ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.
Note for users sysupgrading from the previous ath79-generic snapshot
images:
The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.
To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".
If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:
* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot
Signed-off-by: Joe Mullally <jwmullally@gmail.com> Tested-by: Robert Högberg <robert.hogberg@gmail.com>
(cherry picked from commit 44e1e5d153d00915a7e516c9af3f440cbd84cf78)
- update dropbear to latest stable 2022.82;
for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- use $(AUTORELEASE) in PKG_RELEASE
- use https for all uris
- refresh all patches
- rewrite patches:
- 100-pubkey_path.patch
- 130-ssh_ignore_x_args.patch
Nick Hainke [Tue, 5 Apr 2022 13:01:43 +0000 (15:01 +0200)]
libmnl: update to 1.0.5
Changes:
Duncan Roe (5):
nlmsg: Fix a missing doxygen section trailer
build: doc: "make" builds & installs a full set of man pages
build: doc: get rid of the need for manual updating of Makefile
build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
src: doc: Fix messed-up Netlink message batch diagram
Fernando Fernandez Mancera (1):
src: fix doxygen function documentation
Florian Westphal (1):
libmnl: zero attribute padding
Guillaume Nault (1):
callback: mark cb_ctl_array 'const' in mnl_cb_run2()
Kylie McClain (1):
examples: nfct-daemon: Fix test building on musl libc
Laura Garcia Liebana (4):
examples: add arp cache dump example
examples: fix neigh max attributes
examples: fix print line format
examples: reduce LOCs during neigh attributes validation
Pablo Neira Ayuso (3):
doxygen: remove EXPORT_SYMBOL from the output
include: add MNL_SOCKET_DUMP_SIZE definition
build: libmnl 1.0.5 release
Petr Vorel (1):
examples: Add rtnl-addr-add.c
Stephen Hemminger (1):
examples: rtnl-addr-dump: fix typo
igo95862 (1):
doxygen: Fixed link to the git source tree on the website.
Nick Hainke [Tue, 5 Apr 2022 13:26:24 +0000 (15:26 +0200)]
libnfnetlink: update to 1.0.2
Changes:
c63f193 bump version to 1.0.2 3cffa84 libnfnetlink: Check getsockname() return code 90ba679 include: Silence gcc warning in linux_list.h bb4f6c8 Make it clear that this library is deprecated e46569c Minimally resurrect doxygen documentation 5087de4 libnfnetlink: hide private symbols 62ca426 autogen: don't convert __u16 to u_int16_t efa1d8e src: Use stdint types everywhere 7a1a07c include: Sync with kernel headers 7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings 94b68f3 configure: uclinux is also linux 617fe82 src: get source code license header in sync with current licensing terms 97a3960 build: resolve automake-1.12 warnings
Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.
Daniel Golle [Wed, 6 Apr 2022 18:59:52 +0000 (19:59 +0100)]
libselinux: add missing host-build dependency on libsepol/host
The host-build of libselinux requires libsepol/host.
Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts
which don't have libsepol installed.
Problem exist when dnsmasq is exclusively bind to particular interface.
After reconfiguring or restarting this interface, its index changes, but
dnsmasq uses the old one. When this problem occurs, dnsmasq does not
listen on the correct interface so DHCP does not work, and clients do not
get an IP address. Procd netdev param can be added to restart dnsmasq when
the interface index is changed.
Signed-off-by: Valentyn Datsko <valikk.d@gmail.com>
[combined into a single &&-connected statement] Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 76f55e3c3f32dea63a385e9b3c8eaed1322089c7)
The sama7 sub target does not have USB support, the feature should not
be activated there. OpenWrt can automatically detect if the target
supports USB by using the scripts/target-metadata.pl script. With the
automatic detection USB support will only get activated on subtargest
which actually support USB like sam9x and sama5.
Remove the configuration options which are building modules for the sub
target configuration.
These kernel modules are not packaged. Kernel options should only be
build as a module when they are selected by a kmod package and not by
setting them to =m in the target kernel configuration.
Daniel Golle [Wed, 6 Apr 2022 16:25:16 +0000 (17:25 +0100)]
scripts: make sure sort-order is independent from locale
Set LC_ALL=C environment variable when calling 'sort' as the sort
order otherwise depends on the locale set.
Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1d77dca3b32dd883bcc2213675cf21111ac1beca)
Daniel Golle [Wed, 6 Apr 2022 11:19:31 +0000 (12:19 +0100)]
kernel: set SOURCE_DATE_EPOCH for initramfs root dir
Make sure the timestamp of the root directory of the initramfs is set
to SOURCE_DATE_EPOCH as well.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 54bcf586b0beb510345fdbac731ce1c04b6fa56b)
Paul Spooren [Mon, 28 Mar 2022 02:29:09 +0000 (03:29 +0100)]
build: store sha256_unsigned in JSON
Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.
Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.
Daniel Golle [Tue, 29 Mar 2022 12:54:14 +0000 (13:54 +0100)]
kernel: fix initramfs reproducibility
Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fc6a83e63b187ecfd0e427c062ae09e3c104e291)
Stijn Tintel [Sat, 19 Feb 2022 15:54:22 +0000 (17:54 +0200)]
image: let mksquashfs4 use all processors
Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.
The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):
Before:
real 4m45,973s
After:
real 0m23,497s
With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message] Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit df2ae8826ced4f374bcb693b44d8a113ad150d70)
The WatchGuard Firebox M200 and M300 use a Marvell 88e1543 PHY for the
first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY
driver, so enable it.
Daniel Golle [Sun, 3 Apr 2022 15:19:31 +0000 (16:19 +0100)]
kernel: load device-mapper early on boot
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.
projects / thirdparty / openwrt.git / log
