- Common:
- RJ45 RS232 port on front panel
- 32 MiB NOR Flash
- 128 MiB DDR3 DRAM
- PT7A7514 watchdog
Booting initramfs image:
------------------------
- Prepare a FTP or TFTP server serving the OpenWrt initramfs image and
connect the server to a switch port.
- Connect to the console port of the device and enter the extended
boot menu by typing Ctrl+B when prompted.
- Choose the menu option "<3> Enter Ethernet SubMenu".
- Set network parameters via the option "<5> Modify Ethernet Parameter".
Enter the FTP/TFTP filename as "Load File Name" ("Target File Name"
can be left blank, it is not required for booting from RAM). Note that
the configuration is saved on flash, so it only needs to be done once.
- Select "<1> Download Application Program To SDRAM And Run".
Initial installation:
---------------------
- Boot an initramfs image as described above, then use sysupgrade to
install OpenWrt permanently. After initial installation, the
bootloader needs to be configured to load the correct image file
- Enter the extended boot menu again and choose "<4> File Control",
then select "<2> Set Application File type".
- Enter the number of the file "openwrt-kernel.bin" (should be 1), and
use the option "<1> +Main" to select it as boot image.
- Choose "<0> Exit To Main Menu" and then "<1> Boot System".
NOTE: The bootloader on these devices can only boot from the VFS
filesystem which normally spans most of the flash. With OpenWrt, only
the first part of the firmware partition contains a valid filesystem,
the rest is used for rootfs. As the bootloader does not know about this,
you must not do any file operations in the bootloader, as this may
corrupt the OpenWrt installation (selecting the boot image is an
exception, as it only stores a flag in the bootloader data, but doesn't
write to the filesystem).
Jan Hoffmann [Sat, 23 Jul 2022 20:53:18 +0000 (22:53 +0200)]
tools: add 7z host package
Add the 7zr command line tool, which is a version of the 7z application
that only supports 7z archives.
7z is one of the two compression formats supported in H3C firmware
images (the alternative would be ARJ).
(Alternatively, the 7zr command line tool could also be built from a
current version of the public-domain LZMA SDK. That would require
repackaging the source package, as it is only provided in 7z format.)
Jan Hoffmann [Sat, 23 Jul 2022 20:53:17 +0000 (22:53 +0200)]
kernel: mtdsplit: add support for H3C VFS filesystem
The bootloader on some H3C devices (for example HPE 1920 switches) only
supports booting from flash by reading an image from an "VFS" filesystem
which spans most of the available flash. The filesystem size is hard-
coded in the bootloader. However, as long as no write operations are
performed in the bootloader menu, it is sufficient if the start of the
partition contains a valid filesystem with the kernel image.
This mtdsplit parser reads the size and location of the kernel image and
finds the location of the rootfs stored after it. It assumes that the
filesystem image matches the layout of one generated by mkh3cvfs, with
a filename of "openwrt-kernel.bin" for the kernel image.
Jan Hoffmann [Sat, 23 Jul 2022 20:53:16 +0000 (22:53 +0200)]
realtek: clean up rtl838x MDIO busy wait loop
Don't use udelay to allow other kernel tasks to execute if the kernel
has been built without preemption. Also determine the timeout based on
jiffies instead of loop iterations.
This is especially important on devices containing a watchdog with a
short timeout. Without this change, the watchdog is not serviced during
PHY patching which can take multiple seconds.
Tested-by: Birger Koblitz <mail@birger-koblitz.de> Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:15 +0000 (22:53 +0200)]
realtek: add SFP support for RTL8214FC PHY
Probe the SFP module during PHY initialization and implement
insertion/removal handlers to automatically configure the media type
of the respective port.
Jan Hoffmann [Sat, 23 Jul 2022 20:53:14 +0000 (22:53 +0200)]
realtek: rtl83xx-phy: decouple RTL8214FC media change and power config
Move RTL8214FC power configuration to newly created suspend and resume
methods. A media change now only results in power configuration if the
PHY is not suspended, to avoid powering up a port when the interface is
currently not up.
While at it, remove the rtl8380 prefix from function names, as this is
actually not SoC-specific.
Tested-by: Birger Koblitz <mail@birger-koblitz.de> Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Jan Hoffmann [Sat, 23 Jul 2022 20:53:13 +0000 (22:53 +0200)]
realtek: rtl83xx-phy: fix RTL8214FC media change
Toggle power on the individual PHY instead of the package. Otherwise
a media change always toggles power on the first port, and not the one
that is being configured.
realtek: make DGS-1210 u-boot-env partition writeable
We are close to provide enduser friendly OpenWrt images for DGS-1210
switches that do not need serial console. Nevertheless a small bit is
missing. We cannot switch back to the vendor partition or initiate a
download of a vendor firmware image. To issue this from inside OpenWrt
we need write access to U-Boot environment.
Case 1: Switch back to secondary (vendor) image
> fw_setenv bootcmd run addargs\; bootm 0xb4e80000
> fw_setenv image /dev/mtdblock7
> reboot
Case 2: Issue D-Link Network Assistant based download on next reboot.
This is a combination of some vendor specific protocol (DDP) and a
TFTP download afterwards.
> fw_setenv bootstop on
> reboot
Allow these commands by opening up u-boot-env for write access.
Tested on DGS-1210-20.
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
In theory we could have just 1 bootfs image for all devices as each
device has its own entry in the "configurations" node. It doesn't work
well with default configuration though.
If something goes wrong U-Boot SPL can be interrupted (by pressing A) to
enter its minimalistic menu. It allows ignoring boardid. In such case
bootfs default configuration is used.
For above reason each SoC family (BCM4908, BCM4912) should have its own
bootfs built. It allows each of them to have working default
configuration.
Openwrt now supports only glibc and musl. Add support for musl and
rework the libc check to handle the new config flags and correctly
compile package basend on that.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
scripts: ext-toolchain: actually probe libc type on config generation
Currently we never call probe_cc before config generation, this cause
the script to never actually detect the correct libc type.
Call probe_cc before config generation to correctl set the .config file.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
scripts: ext-toolchain: add option to overwrite config
It can be useful to overwrite an already generated config.
Option are simply added at the end of the config and make defconfig
will overwrite the relevant option with the new one.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
scripts: ext-toolchain: fix wrong prefix in print_config generation
The parsed prefix in print_config is wrong and this produce broken
generated .config that won't work with any external toolchain.
Currently the prefix from a CC of
'arm-openwrt-linux-muslgnueabi-gcc-12.1.0'
produce a prefix
'arm-openwrt-linux-muslgnueabi-gcc-'
This is wrong as the real prefix should be
'arm-openwrt-linux-muslgnueabi-'
This is probably caused by a change in how the toolchain is now handled
that now append also the gcc version. Probably in ancient days the
version wasn't part of the name and the prefix generation stripped the
'-gcc' instead of the gcc version.
Fix this and correctly strip the gcc version and the gcc suffix to
correctly call toolchain bins.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
rules_mk: don't include wrapped bin with external toolchains
Don't add wrapped bin to the TARGET_PATH as it does cause compilation
error.
cmake.mk will use the "command -v" and will use the wrapped bin instead
of the external toolchain bin as they have the same name and command
will select the first result.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Vincent Wiemann [Mon, 28 Dec 2020 15:00:13 +0000 (16:00 +0100)]
rules_mk: use gcc versions for external toolchain
When using the OpenWrt toolchain as an external toolchain the build
failed due to missing LTO support. By choosing the GCC wrappers of
the tools this commit makes sure that the LTO-enabled executables
are being used.
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[ wrap the commit description to 72 char ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the archive.
Fixes: e879cccaa215 ("uboot-layerscape: update PKG_HASH") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The interrupt controller in the internal GPIO peripheral will sometimes
generate spurious interrupts. If these are not properly acknowledged, the
system will be held busy until reboot. These spurious interrupts are identified
by the fact that there is no system IRQ number associated, since the interrupt
line was never allocated. Although most prevalent on RTL839x, RTL838x SoCs have
also displayed this behaviour.
UART Console
------------
NWA50AX:
Available below the rubber cover next to the ethernet port.
NWA55AXE:
Available on the board when disassembling the device.
Settings: 115200 8N1
Layout:
<12V> <LAN> GND-RX-TX-VCC
Logic-Level is 3V3. Don't connect VCC to your UART adapter!
Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.
As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.
If the currently installed image is started from Slot A, the device will
flash OpenWrt to Slot B. OpenWrt will panic upon first boot in this case
and the device will return to the ZyXEL firmware upon next boot.
If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.
Installation TFTP
-----------------
This installation routine is especially useful in case
* unknown device password (NWA55AXE lacks reset button)
* bricked device
Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.
The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.
Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to owrt.bin
wolfssl: Do not activate HW acceleration on armvirt by default
The armvirt target is also used to run OpenWrt in lxc on other targets
like a Raspberry Pi. If we set WOLFSSL_HAS_CPU_CRYPTO by default the
wolfssl binray is only working when the CPU supports the hardware crypto
extension.
Some targets like the Raspberry Pi do not support the ARM CPU crypto
extension, compile wolfssl without it by default. It is still possible
to activate it in custom builds.
This adds a simple AES-128-CBC encryption/decryption program using
either wolfSSL or OpenSSL as backend to decrypt Arcadyan WG4xx223
configuration partitions. The ipk size is 3,355 bytes.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Installation:
* Flash the factory image through the stock web interface, or TFTP to
the bootloader. NMRP can be used to TFTP without opening the case.
* Note that the bootloader accepts both encrypted and unencrypted
images, while the stock web interface only accepts encrypted ones.
Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.
References in WAX202 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar
* openwrt/target/linux/ramips/dts/mt7621-ax-nand-wax202.dts
DTS file for this device.
Netgear encrypted image is used in various devices including WAX202,
WAX206, and EX6400v3. This image format also requires a dummy squashfs4
image which is added here as well.
References in WAX202 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX202_V1.0.5.1_Source.rar
* openwrt/bootloader/u-boot-mt7621-2018.09-gitb178829-20200526/board/ralink/common/dual_image.c
Bootloader code that verifies the presence of a squashfs4 image, thus
a dummy image is added here.
* openwrt/tools/imgencoder/src/gj_enc.c
Contains code that generates the encrypted image. There is support for
adding an RSA signature, but it does not look like the signature is
verified by the stock firmware or bootloader.
* openwrt/tools/imgencoder/src/imagekey.h
Contains the encryption key and IV. It appears the same key/IV is used
for other Netgear devices including WAX206 and EX6400v3.
Oleg S [Tue, 19 Jul 2022 12:06:50 +0000 (15:06 +0300)]
ramips: Add support command fw_setsys for Xiaomi routers
The system parameters are contained in the Bdata partition.
To use the fw_setsys command, you need to create a file
fw_sys.config.
This file is created after calling the functions
ubootenv_add_uci_sys_config and ubootenv_add_app_config.
Signed-off-by: Oleg S <remittor@gmail.com>
[ wrapped commit description to 72 char ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Mark Mentovai [Mon, 4 Oct 2021 14:48:29 +0000 (10:48 -0400)]
ipq40xx: add MikroTik wAP ac (RBwAPG-5HacD2HnD) support
The MikroTik wAP ac (RBwAPG-5HacD2HnD) is a dual-band dual-radio
802.11ac wireless access point with integrated antenna and two Ethernet
ports in a weatherproof enclosure. See
https://mikrotik.com/product/wap_ac for more information.
Important: this is the new ipq40xx-based wAP ac, not the older
ath79-based wAP ac (RBwAPG-5HacT2HnD), already supported in OpenWrt.
Installation:
Boot the initramfs image via TFTP, then flash the sysupgrade image using
sysupgrade. Details at https://openwrt.org/toh/mikrotik/common.
Notes:
This preserves the MAC addresses of the physical Ethernet ports:
- eth0 corresponds to the physical port labeled ETH1 and has the base
MAC address. This port can be used to power the device.
- eth1 corresponds to the physical port labeled ETH2 and has a MAC
address one greater than the base.
MAC addresses are set from /lib/preinit/05_set_iface_mac_ipq40xx.sh
rather than /etc/board.d/02_network so that they are in effect for
preinit. This should likely be done for other MikroTik devices and
possibly other non-MikroTik devices as well.
As this device has 2 physical ports, they are each connected to their
respective PHYs, allowing the link status to be visible to software.
Since they are not marked on the case with any role (such as LAN or
WAN), both are bridged to the lan network by default, although this can
easily be changed if needed.
sdk: add spidev-test to the bundle of userspace sources
moves and extends the current facilities, which have been
added some time ago for the the usbip utility, to support
more utilites that are shipped with the Linux kernel tree
to the SDK.
this allows to drop all the hand-waving and code for
failed previous attempts to mitigate the SDK build failures.
Fixes: bdaaf66e28bd ("utils/spidev_test: build package directly from Linux") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Catalin Toda [Fri, 15 Jul 2022 17:18:23 +0000 (10:18 -0700)]
kernel: netconsole: add network console logging support
Accessing the console on many devices is difficult.
netconsole eases debugging on devices that crash
after the network is up.
Reference to the netconsole documentation in upstream Linux:
<https://www.kernel.org/doc/html/latest/networking/netconsole.html>
|
|netconsole=[+][src-port]@[src-ip]/[<dev>],[tgt-port]@<tgt-ip>/[tgt-macaddr]
|
| where
| + if present, enable extended console support
| src-port source for UDP packets (defaults to 6665)
| src-ip source IP to use (interface address)
| dev network interface (eth0)
| tgt-port port for logging agent (6666)
| tgt-ip IP address for logging agent
| tgt-macaddr ethernet MAC address for logging agent (broadcast)
OpenWrt specific notes:
OpenWrt's device userspace scripts are attaching the network
interface (i.e. eth0) to a (virtual) bridge (br-lan) device.
This will cause netconsole to report:
|network logging stopped on interface eth0 as it is joining a master device
(and unfortunately the traffic/logs to stop at this point)
As a workaround, the netconsole module can be manually loaded
again after the bridge has been setup with:
One way of catching errors before the handoff, try to
append the /etc/modules.conf file with the following extra line:
options netconsole netconsole=@/eth0,@192.168.1.x/MA:C...
and install the kmod-netconsole (=y) into the base image.
Signed-off-by: Catalin Toda <catalinii@yahoo.com>
(Added commit message from PR, added links to documentation) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The change of the PKG_VERSION caused the hash of the package to
change. This is because the PKG_VERSION is present in the
internal directory structure of the uboot-layerscape-21.08.tar.xz
archive.
without this update, the uboot-layerscape-21.08 package would
always try to download (from git), repacked the archive and
reupload to sources.openwrt.org (~14 MiB saved).
Fixes: 038d5bdab117 ("layerscape: use semantic versions for LSDK") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
the tacked on @TARGET_bcm53xx causes warnings:
tmp/.config-package.in:14027:warning: ignoring unsupported character '@'
tmp/.config-package.in:26028:warning: ignoring unsupported character '@'
this was wrong.
Fixes: be1761fa1488 ("nu801: add MR26 to the table") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Sander Vanheule [Sun, 19 Jun 2022 08:29:35 +0000 (10:29 +0200)]
realtek: correct egress frame port verification
Destination switch ports for outgoing frame can range from 0 to
CPU_PORT-1.
Refactor the code to only generate egress frame CPU headers when a valid
destination port number is available, and make the code a bit more
consistent between different switch generations. Change the dest_port
argument's type to 'unsigned int', since only positive values are valid.
This fixes the issue where egress frames on switch port 0 did not
receive a VLAN tag, because they are sent out without a CPU header.
Also fixes a potential issue with invalid (negative) egress port numbers
on RTL93xx switches.
Sander Vanheule [Sun, 19 Jun 2022 10:38:49 +0000 (12:38 +0200)]
realtek: correct egress frame priority assignment
Priority values passed to the egress (TX) frame header initialiser are
invalid when smaller than 0, and should not be assigned to the frame.
Queue assignment is then left to the switch core logic.
Current code for RTL83xx forces the passed priority value to be
positive, by always masking it to the lower bits, resulting in the
priority always being set and enabled. RTL93xx code doesn't even check
the value and unconditionally assigns the (32 bit) value to the (5 bit)
QID field without masking.
Fix priority assignment by only setting the AS_QID/AS_PRI flag when a
valid value is passed, and properly mask the value to not overflow the
QID/PRI field.
For RTL839x, also assign the priority to the right part of the frame
header. Counting from the leftmost bit, AS_PRI and PRI are in bits 36
and 37-39. The means they should be assigned to the third 16 bit value,
containing bits 32-47.
Sander Vanheule [Tue, 28 Jun 2022 19:15:00 +0000 (21:15 +0200)]
realtek: fix egress L2 learning on rtl839x
The flag to enable L2 address learning on egress frames is in CPU header
bit 40, with bit 0 being the leftmost bit of the header. This
corresponds to BIT(7) in the third 16-bit value of the header.
Correctly set L2LEARNING by fixing the off-by-one error.
Sander Vanheule [Tue, 28 Jun 2022 19:14:03 +0000 (21:14 +0200)]
realtek: fix egress port mask on rtl839x
The flag to enable the outgoing port mask is in CPU header bit 43, with
bit 0 being the leftmost bit of the header. This corresponds to BIT(4)
in the third 16-bit value of the header.
Correctly set AS_DPM by fixing the off-by-one error.
This version fixes two vulnerabilities:
-CVE-2022-34293[high]: Potential for DTLS DoS attack
-[medium]: Ciphertext side channel attack on ECC and DH operations.
The patch fixing x86 aesni build has been merged upstream.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Meraki MR26 is an EOL wireless access point featuring a
PoE ethernet port and two dual-band 3x3 MIMO 802.11n
radios and 1x1 dual-band WIFI dedicated to scanning.
SERIAL:
WARNING: The serial port needs a TTL/RS-232 3V3 level converter!
The Serial setting is 115200-8-N-1. The board has a populated
right angle 1x4 0.1" pinheader.
The pinout is: VCC (next to J3, has little white arrow), RX, TX, GND.
A guide how to open up the device is available on the wiki:
<https://openwrt.org/toh/meraki/mr26>
Notes:
- The WIFI do work to a degree. Limited to 802.11bg in the 2.4GHz band.
- the WIFI macs are made up.
0. Create a separate Ethernet LAN which can't have access to the internet.
Ideally use 192.168.1.2 for your PC. The new OpenWrt firmware will setup
the network via DHCP Discovery, so make sure your PC is running
a DHCP-Server (i.e.: dnsmasq)
'# dnsmasq -i eth# -F 192.168.1.5,192.168.1.50
Download the openwrt-meraki-mr26 initramfs file from openwrt.org and
rename it to something simple like mr26.bin. Then put it into the tftp's
server directory.
1. Disassemble the MR26 device by removing all screws (4 screws are located
under the 4 rubber feets!) and prying open the plastic covers without
breaking the plastic retention clips. Once inside, remove the plastic
back casing. Be careful, there some "hidden" retention clips on both
sides of the LAN port, you need a light to see those. Next, you want to
remove all the screws on the outer metal shielding to get to the PCB.
It's not necessary to remove the antennas!
2. Connect the serial cable to the serial header and Ethernet patch cable
to the device.
4. Before connecting the power, get ready flood the serial console program
with the magic: xyzzy . This is necessary in order to get into the
u-boot prompt. Once Ready: connect power cable.
5. If you don't get the "u-boot>" prompt within the first few seconds,
you have to disconnect and reconnect the power cable and try again.
7. Once it booted use sysupgrade to permanently install OpenWrt.
To do this: Download the latest sysupgrade.bin file and move
it to the device. Then use sysupgrade *sysupgrade.bin to install it.
WARNING: DO NOT DELETE the "storage" ubi volume!
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The spidev_test is build in phase2 even though it should be disabled.
My best guess is that we hit the same issue that I had with nu801.
The build-system thinks it's a tool that is necessary for
building the kernel.
In this case, the same fix (adding a dependency on the presence of
the module) could work in this case as well?
Fixes: bdaaf66e28bd ("utils/spidev_test: build package directly from Linux") Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
intel: ac640f0 linux-firmware: Update firmware file for Intel Bluetooth 9462 38dd3f2 linux-firmware: Update firmware file for Intel Bluetooth 9462 72e1216 linux-firmware: Update firmware file for Intel Bluetooth 9560 94c49b4 linux-firmware: Update firmware file for Intel Bluetooth 9560 e4971d1 linux-firmware: Update firmware file for Intel Bluetooth AX201 78c3731 linux-firmware: Update firmware file for Intel Bluetooth AX201 12564a2 linux-firmware: Update firmware file for Intel Bluetooth AX211 edc709e linux-firmware: Update firmware file for Intel Bluetooth AX211 9546d55 linux-firmware: Update firmware file for Intel Bluetooth AX210 111bd14 linux-firmware: Update firmware file for Intel Bluetooth AX200 ac67ec3 linux-firmware: Update firmware file for Intel Bluetooth AX201 99cb4b0 iwlwifi: add new FWs from core70-87 release 7073b8a iwlwifi: update 9000-family firmwares to core70-87 f9e0b9f iwlwifi: remove old unsupported 3160/7260/7265/8000/8265 firmware 7d118ce linux-firmware: Update firmware file for Intel Bluetooth 9462 30dcf82 linux-firmware: Update firmware file for Intel Bluetooth 9462 7d141a6 linux-firmware: Update firmware file for Intel Bluetooth 9560 741fee8 linux-firmware: Update firmware file for Intel Bluetooth 9560 e7214a2 linux-firmware: Update firmware file for Intel Bluetooth AX201 0e3e49a linux-firmware: Update firmware file for Intel Bluetooth AX201 46cfae6 linux-firmware: Update firmware file for Intel Bluetooth AX211 16c926e linux-firmware: Update firmware file for Intel Bluetooth AX211 f293900 linux-firmware: Update firmware file for Intel Bluetooth AX210 41386cc linux-firmware: Update firmware file for Intel Bluetooth AX200 62235c9 linux-firmware: Update firmware file for Intel Bluetooth AX201
realtek: 7eef50f rtw88: 8822c: Update normal firmware to v9.9.13 23b5428 rtw88: 8822c: Update normal firmware to v9.9.12
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
gettext (libintl-stub) was removed in commit [1], so the libintl-stub
lib and include directories aren't existing anymore. This commit cleans
up the INTL flags for the BUILD_NLS=n case.
ipq40xx: R619AC: replace space with - separator in variant string
Kalle:
"I see that variant has a space in it, does that work it correctly? My
original idea was that spaces would not be allowed, but didn't realise
to add a check for that."
Is this an easy change? Because the original author (Tim Davis) noted:
"You may substitute the & and space with something else saner if they
prove to be problematic."
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Manuel Giganto [Mon, 12 Oct 2020 09:44:09 +0000 (09:44 +0000)]
hostapd: add ppsk option (private psk)
This PR allows a user to enable a private psk, where each station
may have it's own psk or use a common psk if it is not defined.
The private psk is defined using the sta's mac and a radius server
is required.
ppsk option should be enabled in the wireless configuration along with
radius server details. When using PPSK, the key is ignored, it will be
retrieved from radius server. SAE is not yet supported (private sae) in
hostapd.
If you want to use dynamic VLAN on PPSK also include:
option dynamic_vlan '2'
option vlan_tagged_interface 'eth0'
option vlan_bridge 'br-vlan'
option vlan_naming '0'
It works enabling mac address verification on radius server and
requiring the tunnel-password (the private psk) from radius server.
In the radius server we need to configure the users. In case of
freeradius: /etc/freeradius3/mods-config/files/authorize
The user and Cleartext-Password should be the mac lower case using the
format "aabbccddeeff"
If we want to have a default or shared psk, used when the mac is not
found in the list, we need to add the following at the end of the radius
authorize file:
And if using VLANs, for example VLAN6 for default users:
DEFAULT Auth-Type := Accept
Tunnel-Type = VLAN,
Tunnel-Medium-Type = IEEE-802,
Tunnel-Private-Group-ID = 6,
Tunnel-Password = SharedPw
Signed-off-by: Manuel Giganto <mgigantoregistros@gmail.com>
automake: always use correct path for aclocal.real
Before this commit, it was assumed that aclocal.real is in the PATH. While
this was fine for the normal build workflow, this led to some issues if
make TOPDIR="$(pwd)" -C "$pkgdir" compile
was called manually. The command failed with:
/home/.../openwrt/staging_dir/host/bin/aclocal: line 2: aclocal.real: command not found
autoreconf: /home/.../openwrt/staging_dir/host/bin/aclocal failed with exit status: 127
After the commit, the package is built sucessfully.
ath79: fix Tx cleanup when NAPI poll budget is zero
NAPI poll() function may be passed a budget value of zero, i.e. during
netpoll, which isn't NAPI context.
Therefore, napi_consume_skb() must be given budget value instead of
!flush to truly discern netpoll-like scenarios.
generic: fix warning orphan section from module exports in aarch64
kernel linux now have 2 different export.h include, one from
linux/export.h and one from asm-generic/export.h
While most of our target user linux/export.h, aarch64 based target use
asm-generic/export.h that is not patched with the changes of
221-module_exports.
Patch also this additional header to fix multiple
aarch64-openwrt-linux-musl-ld: warning: orphan section `__ksymtab_strings' from `arch/arm64/kernel/head.o' being placed in section `__ksymtab_strings'
warning during kernel compilation.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Felix Fietkau [Wed, 13 Jul 2022 15:48:31 +0000 (17:48 +0200)]
tools/coreutils: enable ginstall utility
For some reason, current coreutils version installed on x86 macOS via homebrew
have a bug, where at least the cc1 binary from gcc gets corrupted during install
to the staging dir.
Using the install utility from tools/coreutils fixes this
Daniel Golle [Wed, 13 Jul 2022 10:28:07 +0000 (11:28 +0100)]
uboot-mediatek: unbreak build with binman
swig has been installed on the buildbots a while a ago and
Petr Štetiar got a fix for the pylibfdt error. Use that and re-enable
the builds for mt7620 and mt7621.
Refresh patches while at it.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Buidbots are throwing the following compile error:
In file included from tools/aisimage.c:9:
include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
^~~~~~~~~~~~~~~
compilation terminated.
Fix it by passing `UBOOT_MAKE_FLAGS` variable to make.
Suggested-by: Petr Štetiar <ynezz@true.cz> Fixes: 6d5611af2813 ("uboot-at91: update to linux4sam-2022.04") Signed-off-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Daniel Golle [Tue, 12 Jul 2022 18:55:38 +0000 (19:55 +0100)]
uboot-mediatek: mark MT7621 variants as @BROKEN
Building U-Boot for the MT7621 SoC requires binman, a Python-based
host tool to generate images. For now, binman cannot work inside the
OpenWrt build system because it requires swig, so mark the MT7621
boards as borken to fix the ramips/mt7621 build until someone with
knowledge about Python and swig fixes the underlaying issue.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Petr Štetiar [Tue, 12 Jul 2022 07:22:15 +0000 (09:22 +0200)]
uboot-imx: pico-pi-imx7d: fix wrong make flags overriding
Buidbots are currently choking on the following compile error:
In file included from tools/aisimage.c:9:
include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
# include <openssl/evp.h>
^~~~~~~~~~~~~~~
compilation terminated.
This is caused by a complete overriding of make flags which are provided
correctly in `UBOOT_MAKE_FLAGS` variable, but currently overriden
instead of extended. This then leads to the usage of build host include
dirs, which are not available.
Fix it by extending `UBOOT_MAKE_FLAGS` variable like it was done in
commit 481339a04266 ("uboot-imx: fix wrong make flags overriding").
Fixes: 7094e6550336 ("uboot-imx: add support for TechNexion PICO-PI-IMX7D") Signed-off-by: Petr Štetiar <ynezz@true.cz>
ath79: tplink-archer-c6-v2-us: fix inverted LED colors
The amber and green wan led color was inverted in dts file, which ends
up leaving the wan led amber when the connection is established, so,
switch gpio led number (7 and 8) in qca9563_tplink_archer-c6-v2-us.dts.
Tip: the /etc/config/system file needs to be regenerated.
Signed-off-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz> [commit subject]
Daniel Golle [Mon, 11 Jul 2022 22:29:30 +0000 (23:29 +0100)]
bcm27xx: update patch to fix build
Linux stable v5.15.51 brought commit 7a3a4683562e
("ARM: dts: bcm2711-rpi-400: Fix GPIO line names") which was already
part of a local patch which then failed to apply. Remove the already
applied and now failing hunk from the patch to fix the build.
Fixes: 552d76f2be ("kernel: bump 5.15 to 5.15.51") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 11 Jul 2022 20:15:32 +0000 (21:15 +0100)]
uboot-ramips: add support for MT7621, merge into uboot-mediatek
* Merge uboot-ramips into uboot-mediatek.
* Port support for the RAVPower RP WD009 to U-Boot 2022.07.
* Add support for MT7621 and add builds for the reference boards.
* Add builds for MT7620 and MT7628 reference boards.
This should help to make development of U-Boot-level board support for
all MediaTek targets much easier.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
imx: cortexa7: add support for TechNexion PICO-PI-IMX7D
TechNexion PICO-PI-IMX7D is a NXP i.MX 7Dual based development board in
the well-known "Raspberry Pi" form factor, comprising of PICO-IMX7 SoM
and the PICO-PI-IMX7D carrier board.
Usually bundled with a 5" 800x480 LVDS display with I2C touchscreen and
an Omnivision OV5645 camera on a MIPI CSI bus, on a daughterboard. The
board was previously used primarily with "Android Things" ecosystem, but
the project was killed by Google.
This would not be possible, if not for the great tutorial of setting up
Debian on this board, by Robert C. Nelson [1].
Hardware highlights:
CPU: NXP i.MX 7Dual SoC, dual-core Cortex-A7 at 1000 MHz
RAM: 512 MiB DDR3 SDRAM
Storage: 4 GB eMMC
Networking:
- built-in Gigabit Ethernet with Atheros AR8035 PHY,
- Broadcom BCM4339 1x1 802.11ac Wi-Fi (over SDIO) + Bluetooth 4.1
(over SDIO + UART + IS2) combo, with Hirose u.FL connector on the
board,
- dual CAN interfaces on the 40-pin connector,
Interfaces:
- USB-C power input plus USB 2.0 OTG host/device port,
- single USB-A host port,
- serial console over built-in FT232BL USB-UART converter with
micro-USB connector (configuration: 115200-8-N-1),
- analog audio interface with TRRS connector in CTIA standard,
- SPI, I2C and UART interfaces available on the 40-pin,
- mikroBUS connector,
- I2C connector for the optional touch panel,
- parallel LCD output for the optional display,
- MIPI CSI connector for the optional camera
Installation:
1. Connect the serial console to debug USB connector and the terminal of
choice in another window, at 115200-8-N-1. Ensure you can switch to
it quickly after next step.
2. Power-on the board from your PC. Ensure your PC can supply required
current, the board can take more than 1 A in the peak load during
booting and brownout will result in power-on reset loop. Preferably,
use charging-capable USB port or connect through self-powered USB
hub. If U-Boot is present already on the eMMC, interrupt the booting
sequence by pressing any key and skip to point 7.
3. Ensure the boot mode jumpers J1 and J2 are in correct position for
USB recovery:
If they are not, power-off the board, restore them and power-on the
board again. Otherwise, if jumpers are set, just reset the board from
U-Boot CLI:
=> reset
14. The installation is now complete and board should boot successfully.
Upgrading: just use sysupgrade image, as usual in OpenWrt.
Known issues/current limitations:
- OV5645 camera - not described in upstream device tree as of kernel
5.15. There are staging drivers present in upstream Linux tree for
i.MX 7 CSI, MIPI-CSI and video mux, and the configuration is there in
imx7s.dtsi - so this is expected to get supported eventually,
- on-chip ADCs are disabled in upstream device tree, so the kernel
driver remains disabled as well.
Ensure, that kernel update is performed atomically on filesystem, to
reduce likelihood of failure if power-cut occurs during sysupgrade. If
kernel update fails for whatever reason, skip updating rootfs as well.
projects / thirdparty / openwrt.git / log
