Sebastian Kinne [Tue, 13 Feb 2018 02:26:33 +0000 (13:26 +1100)]
ar71xx: add support for AR9331 based Hak5 devices
This adds support for AR9331 based Hak5 penetration testing tools:
- WiFi Pineapple NANO
- LAN Turtle
- Packet Squirrel
WiFi Pineapple NANO specifications:
- SoC: Atheros AR9331 (400 MHz)
- RAM: 64 MB (DDR2)
- FLASH: 16 MB
- WiFi: 1T1R AR9331 (built-in), 1T1R AR9271 (built-in via USB bus)
- Ethernet: 1x FE over USB (ASIX AX88772A)
- Ports: 2x RP-SMA for antennas, 1x USB 2.0 (host), 1x micro SD
- Power: USB 5 V, 1.5 A
- Other: status LED, reset button
LAN Turtle specifications:
- SoC: Atheros AR9331 (400 MHz)
- RAM: 64 MB (DDR2)
- FLASH: 16 MB
- WiFi: none
- Ethernet: 1x FE (AR9331), 1x FE over USB (Realtek RTL8152B)
- Ports: 1x RJ45, version dependent: micro SD or 3G SIM slot
- Power: USB 5 V, 0.5 A
- Other: status LED, reset button (inside, on PCB)
Packet Squirrel specifications:
- SoC: Atheros AR9331 (400 MHz)
- RAM: 64 MB (DDR2)
- FLASH: 16 MB
- WiFi: none
- Ethernet: 2x FE (AR9331)
- Ports: 2x RJ45, 1x USB 2.0
- Power: USB 5 V, 0.12 A
- Other: status LED, reset button, 4-way switch
Flash instructions for all 3 devices:
Original firmware is based on OpenWrt.
Use sysupgrade via SSH to flash.
Signed-off-by: Sebastian Kinne <contact@sebkinne.com>
[squashed commits, combined and reworked mach files, aligned board
naming with general convention, fixed minor issues, tested on real
hardware, reworded commit subject and description] Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Matti Laakso [Sun, 14 Jan 2018 15:39:53 +0000 (17:39 +0200)]
ar71xx: fix 5 GHz Wi-Fi on NBG6716
Some NBG6716 do not have ath10k calibration data in flash, only in chip
OTP. To determine if flash has a valid calibration data, the first two
bytes telling the length of the calibration data are checked against the
requested length. If the lengths match, calibration data is valid and
read from flash.
Signed-off-by: Matti Laakso <matti.laakso@outlook.com>
Piotr Dymacz [Fri, 16 Feb 2018 19:30:38 +0000 (20:30 +0100)]
ar71xx: add support for YunCore T830
YunCore T830 is a simple N300 router with 5-port FE switch, detachable
antennas and USB 2.0 port.
Specification:
- 650/597/216 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 5x 10/100 Mbps Ethernet
- 2T2R 2.4 GHz (QCA9531), with ext. PA (SKY65174-21) and LNA
- two external, detachable antennas (RP-SMA)
- 1x USB 2.0
- 8x LED (7 driven by GPIO)
- 1x button (reset)
- DC jack for main power input (12 V)
- UART and JTAG headers on PCB
Flash instruction:
1. First, gain root access to the device, following below steps:
- Login into web gui (default password/IP: admin/192.168.188.253).
- Go to "Advanced" -> "Management" -> "System" and download backup of
configuration (bakfile.bin).
- Open the file as tar.gz archive, edit/update "shadow" file and change
hash of root password to something known.
- Repack the archive, rename it back to "bakfile.bin" and use to
restore configuration of the device.
- After that, device will reboot and can be accessed over SSH.
2. Then, install OpenWrt:
- Login over SSH and issue command:
fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
- Upload "sysupgrade" image and install it (only if previous command
succeeded) with command: "sysupgrade -n -F openwrt-...".
Piotr Dymacz [Thu, 8 Feb 2018 21:28:07 +0000 (22:28 +0100)]
ar71xx: add support for Samsung WAM250
Samsung WAM250 is a dual-band (selectable, not simultaneous) wireless
hub, dedicated for Samsung Shape Wireless Audio System. The device is
based on Atheros AR9344. FCC ID: A3LWAM250.
Specification:
- 560/450/225 MHz (CPU/DDR/AHB)
- 64 MB of RAM (DDR2)
- 16 MB of FLASH (SPI NOR)
- 2x 10/100 Mbps Ethernet
- 2T2R 2.4/5 GHz (AR9344), with ext. PA (SE2598L, SE5003L) and LNA
- 1x USB 2.0
- 4x LED (all are driven by GPIO)
- 2x button (reset, wps/speaker add)
- DC jack for main power input (14 V)
- UART header on PCB (J4, RX: 3, TX: 5)
Flash instruction:
This device uses dual-image (switched between upgrades) with a common
jffs2 config partition. Fortunately, there is a way to disable this mode
so that more flash space can be used by OpenWrt image.
You can easily access this device over telnet, using root/root
credentials (the same also work for serial console access).
1. Make sure that your device uses second (bootpart=2) image using
command: "fw_printenv bootpart".
2. If your device uses first image (bootpart=1), perform upgrade to the
latest vendor firmware (after the update, device should boot from
second partition) using web gui (default login: admin/1234567890).
3. Rename "sysupgrade" image to "firmware.bin", download it (you can use
wget, tftp or ftpget) to "/tmp" and issue below commands:
Piotr Dymacz [Mon, 5 Feb 2018 20:31:07 +0000 (21:31 +0100)]
ar71xx: rename COMFAST CF-E355AC to CF-E355AC v1
There are now supported two versions of the CF-E355AC board which differ
in 802.11ac radio chip. Include version number in board, model, image
filename, etc., also for the v1.
Sven Eckelmann [Fri, 19 Jan 2018 13:02:09 +0000 (14:02 +0100)]
ar71xx: disable 40Mhz refclk for QCA953x
The "QCA9531 v2.0 802.11n 2x2 2.4 GHz Premium SOC for WLAN Platforms"
datasheet (80-Y7991-1 Rev. C - October 2014) doesn't specify support for a
40 Mhz reference clock. The register description for "Bootstrap Options"
(page 31) defines following states for the bit 4 (REF_CLK):
* 0 - CLK25 (default)
* 1 - (reserved)
Devices like the TP-Link CPE210 v2 has this bit set to 1 but is using a 25
Mhz reference clock. OpenWrt is still interpreted this bit as 40 Mhz and
then break the bootup of the system due to this incorrect interpretation.
Signed-off-by: Sven Eckelmann <sven@narfation.org>
[refreshed patches] Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Peng Zhang [Fri, 5 Jan 2018 09:38:05 +0000 (17:38 +0800)]
ar71xx: add support for WHQX E1700AC/E600G/E600GAC v2
WHQX E1700AC v2 is based on Qualcomm QCA9563 + QCA9880 + QCA8334.
Specification:
- 750/400/250 MHz (CPU/DDR/AHB)
- 128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 3T3R 2.4 GHz (QCA9563) with external FEM (SKY85309-11)
- 3T3R 5 GHz (QCA9880) with external FEM (SKY85728-11)
- 2x 10/100/1000 Mbps Ethernet (one port with PoE support)
- 1x miniPCIe slot (USB 2.0 bus only)
- 1x microSIM slot
- 1x USB 2.0
- 5x LED (4 driven by GPIO)
- 1x button (reset)
- 1x 2-pos switch
- 1x DC jack for main power input (9-48 V)
- UART (J5) and LEDs (J13) headers on PCB
WHQX E600G is based on Qualcomm QCA9531.
Specification:
- 650/391/216 MHz (CPU/DDR/AHB)
- 64/128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 2.4 GHz (QCA9531) with external PA (LXK-6601)
- 2x 10/100 Mbps Ethernet (one port with PoE support)
- 1x miniPCIe slot (with PCIe and USB 2.0 buses)
- 1x microSIM slot
- 5x LED (4 driven by GPIO)
- 1x button (reset)
- 1x DC jack for main power input (9-48 V)
- UART (J100), SIM (J34), JTAG (J5) and LEDs (J7) headers on PCB
WHQX E600GAC is based on Qualcomm QCA9531 + QCA9887.
Specification:
- 650/391/216 MHz (CPU/DDR/AHB)
- 64/128 MB of RAM (DDR2)
- 8/16 MB of FLASH (SPI NOR)
- 2T2R 2.4 GHz (QCA9531)
- 1T1R 5 GHz (QCA9887) with external FEM (SKY85703-11)
- 2x 10/100 Mbps Ethernet
- 6x LED (1x RGB, 5 driven by GPIO)
- 1x button (reset)
- 1x DC jack for main power input (9-12 V)
- UART (J100), USB (J102), JTAG (J5) and LEDs (J7) header on PCB
Important notice:
First version of these boards are using different mtd layout, with ART
data at the end. You should not use v2 images on v1 board because it
will result in lost of ART data!
Flash instruction (using U-Boot CLI and tftp server):
1. Configure PC with static IP 192.168.1.10 and tftp server.
2. Rename "sysupgrade" filename to "firmware.bin" and place it in tftp
server directory.
3. Connect PC with one of RJ45 ports, power up the board and press
"enter" key to access U-Boot CLI.
4. Use the following command to update the device to OpenWrt: "run lfw".
1. Configure PC with static IP 192.168.1.xxx(2-254)/24.
2. Connect PC with one of RJ45 ports, press the reset button, power up
the board and keep button pressed for around 6-7 seconds, until LEDs
start flashing.
3. Open your browser and enter 192.168.1.1, select "sysupgrade" image
and click the upgrade button.
Signed-off-by: Peng Zhang <sd20@qxwlan.com>
[reworked: image generation code, mach-* files, commit description,
fixed minor code style issues, rebased on master] Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Felix Fietkau [Tue, 20 Feb 2018 14:58:42 +0000 (15:58 +0100)]
netfilter: add a xt_FLOWOFFLOAD target for NAT/routing offload support
This makes it possible to add an iptables rule that offloads routing/NAT
packet processing to a software fast path. This fast path is much
quicker than running packets through the regular tables/chains.
Felix Fietkau [Mon, 5 Feb 2018 12:35:24 +0000 (13:35 +0100)]
kernel: backport netfilter NAT offload support to 4.14
This only works with nftables for now, iptables support will be added
later. Includes a number of related upstream nftables improvements to
simplify backporting follow-up changes
Signed-off-by: John Crispin <john@phrozen.org> Signed-off-by: Felix Fietkau <nbd@nbd.name>
Nick Hainke [Sun, 14 Jan 2018 00:26:13 +0000 (01:26 +0100)]
hostapd: return with 80211 codes in handle event function
If the auth or assoc request was denied the reason
was always WLAN_STATUS_UNSPECIFIED_FAILURE.
That's why for example the wpa supplicant was always
trying to reconnect to the AP.
Now it's possible to give reasoncodes why the auth
or assoc was denied.
Felix Fietkau [Wed, 21 Feb 2018 13:45:48 +0000 (14:45 +0100)]
ramips: fix MT7621 switch driver IRQ storm on init with linux 4.14
The hardware emits some interrupts while initializing and handling them
can mess up the state or cause infinite loops.
Fix this by disabling IRQs during init and re-enabling them afterwards
Flash instruction using sysupgrade image:
1. Connect micro-USB cable for power supply into W06 and turn on the
router
2. Connect to wifi with SSID "tama-*" with password. Complete SSID and
password are listed on the back of the router
3. Access to 192.168.1.1 and login with user name "admin" and password
empty
4. In firmware update(ファームウェア更新) page, click "参照" button
and click "ブラウザー" button to open file browser, select the
sysupgrade image and press OK button
5. Wait ~150 seconds to complete flashing
Mathias Kresin [Sat, 17 Feb 2018 08:54:57 +0000 (09:54 +0100)]
ramips: improve GnuBee Personal Cloud Two support
Use the generic board detection for the GnuBee Personal Cloud Two
instead of the target specific one as all recent additions are doing.
Fixup the pinmux to set all pins used as GPIO to the function GPIO.
Request pins where used.
Drop the i2c from the dts. There is nothing connected. While at it fix an
indentation issue and use references instead of duplicating the whole
node path.
Use the same switch config as for the GB-PC1 and drop the led trigger for
the not supported IP1001 phy connected to second rgmii.
Fixes: c60a21532bc9 ("ramips: Add support for the GnuBee Personal Cloud Two") Signed-off-by: Mathias Kresin <dev@kresin.me>
Use our custom xrx200 ethernet phy compatible to support boards, which
have switched the vr9 revision during lifetime, with a single devicetree
source file.
By switching to the dwc2 driver + usb phy framework, we don't need to used
our custom gpio power patch and can use a fixed regulator instead.
Add a custom xrx200 ethernet phy compatible to load the firmware matching
the vr9 revision without specifing an expected revision.
We have quite a few boards in the tree were later produced ones are using
a more recent vr9. It is impossible to distinguish which revision of the
vr9 is used without opening the case and removing a heatsink for some of
them.
Mathias Kresin [Mon, 8 Jan 2018 22:04:57 +0000 (23:04 +0100)]
lantiq: kernel 4.14: don't use CPU interrupt controller IPI IRQ domain support
This reverts kernel commit 1eed40043579 ("MIPS: smp-mt: Use CPU interrupt
controller IPI IRQ domain support"). With the patch applied, the kernel
hangs during boot if SMP is active.
The Lantiq IRQ controller gets registered first and it directly handles
the MIPS native SW1/2 and HW0 - HW5 IRQs. It looks like this controller
already registers IRQ 0 - 7 and the generic driver only gets the following
IRQs starting later.
The upstream discussion can be found at
https://www.linux-mips.org/archives/linux-mips/2017-05/msg00059.html.
Mathias Kresin [Tue, 2 Jan 2018 00:01:33 +0000 (01:01 +0100)]
ppp: fix build with kernel 4.14.9+
With a9772285a724 ("linux/compiler.h: Split into compiler.h and
compiler_types.h") compiler.h was refactored and most its content was
moved to compiler_types.h. Both files are required to build ppp-mod-pppoa.
Stijn Tintel [Mon, 19 Feb 2018 22:03:00 +0000 (23:03 +0100)]
build: add --force option to gzip in Build/gzip
When using pigz, a parallel gzip implementation, the gzip step in the
image build for some targets fails, because the image filename already
has the .gz extension. This results in an emtpy image file. Fix this by
adding the --force option to gzip in the Build/gzip macro.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Tested-by: Martin Schleier <drahemmaps@gmx.net>
GNU gzip does not fail when the image filename already contains the .gz
extension, this is a problem specific to pigz. Revert the commit, as we
now gzip the image twice.
Reported-by: Martin Schleier <drahemmaps@gmx.net> Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
1721453 Remove special handling of A-for-A queries. 499d8dd Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262 6f1cbfd Fix debian/readme typo. 55ecde7 Inotify: Ignore backup files created by editors 6b54d69 Make failure to chown() pidfile a warning. 246a31c Change ownership of pid file, to keep systemd happy. 83e4b73 Remove confusion between --user and --script-user. 6340ca7 Tweak heuristic for initial DNSSEC memory allocation. baf553d Default min-port to 1024 to avoid reserved ports. 486bcd5 Simplify and correct bindtodevice(). be9a74d Close Debian bug for CVE-2017-15107. ffcbc0f Example config typo fixes. a969ba6 Special case NSEC processing for root DS record, to avoid spurious BOGUS. f178172 Add homepage to Debian control file. cd7df61 Fix DNSSEC validation errors introduced in 4fe6744a220eddd3f1749b40cac3dfc510787de6 c1a4e25 Try to be a little more clever at falling back to smaller DNS packet sizes. 4fe6744 DNSSEC fix for wildcard NSEC records. CVE-2017-15107 applies. 3bd4c47 Remove limit on length of command-line options. 98196c4 Typo fix. 22cd860 Allow more than one --bridge-interface option to refer to an interface. 3c973ad Use SIGINT (instead of overloading SIGHUP) to turn on DNSSEC time validation. faaf306 Spelling fixes. c7e6aea Change references to gPXE to iPXE. Development of EtherBoot gPXE was always development of iPXE core developer Michael Brown. e541245 Handle duplicate RRs in DNSSEC validation. 84a01be Bump year in Debian copyright notice. d1ced3a Update copyrights to 2018. a6cee69 Fix exit code from dhcp_release6. 0039920 Severely fix code formating of contrib/lease-tools/dhcp_release6.c 39d8550 Run Debian startup regex in "C" locale. ef3d137 Fix infinite retries in strict-order mode. 8c707e1 Make 373e91738929a3d416e6292e65824184ba8428a6 compile without DNSSEC. 373e917 Fix a6004d7f17687ac2455f724d0b57098c413f128d to cope with >256 RRs in answer section. 74f0f9a Commment language tweaks. ed6bdb0 Man page typos. c88af04 Modify doc.html to mention git-over-http is now available. ae0187d Fix trust-anchor regexp in Debian init script. 0c50e3d Bump version in Debian package. 075366a Open inotify socket only when used. 8e8b2d6 Release notes update. 087eb76 Always return a SERVFAIL response to DNS queries with RD=0. ebedcba Typo in printf format string added in 22dee512f3738f87539a79aeb52b9e670b3bd104 0954a97 Remove RSA/MD5 DNSSEC algorithm. b77efc1 Tidy DNSSEC algorithm table use. 3b0cb34 Fix manpage which said ZSK but meant KSK. aa6f832 Add a few DNS RRs to the table. ad9c6f0 Add support for Ed25519 DNSSEC signature algorithm. a6004d7 Fix caching logic for validated answers. c366717 Tidy up add_resource_record() buffer size checks. 22dee51 Log DNS server max packet size reduction. 6fd5d79 Fix logic on EDNS0 headers. 9d6918d Use IP[V6]_UNICAST_IF socket option instead of SO_BINDTODEVICE for DNS. a49c5c2 Fix search_servers() segfault with DNSSEC. 30858e3 Spaces in CNAME options break parsing.
projects / thirdparty / openwrt.git / log
