Shiji Yang [Sun, 19 Feb 2023 01:06:32 +0000 (09:06 +0800)]
ramips: add alternative device name for Wiflyer WF3526-P
Wiflyer WF3526-P and Zbtlink ZBT-WE1326 have the same circuit design.
Installing the misunderstading firmware of ZBT-WE3526 will cause Wi-Fi
not work due to allocate the wrong pcie port. Add alternative name to
help users easily build or download the correct firmware.
Shiji Yang [Sun, 19 Feb 2023 01:06:32 +0000 (09:06 +0800)]
ramips: correct the PCIe port number for Zbtlink ZBT-WE1326
MT7621 gets a new PCIe driver in the 5.15+ kernel. Allocating wrong PCIe
port will cause the PCIe NIC to not work properly. This commit fixes
the wrong port numbers on Zbtlink ZBT-WE1326.
According to the bootlog, MT7612E (5 GHz) is connected to pcie1, and
MT7603E (2 GHz) is connected to pcie2:
[4.197658] mt7621-pci 1e140000.pcie: pcie0 no card, disable it (RST & CLK)
[4.204609] mt7621-pci 1e140000.pcie: PCIE1 enabled
[4.209476] mt7621-pci 1e140000.pcie: PCIE2 enabled
...
[4.307988] pci 0000:01:00.0: [14c3:7662] type 00 class 0x028000
[4.367206] pci 0000:02:00.0: [14c3:7603] type 00 class 0x028000
Yuan Tao [Mon, 14 Sep 2020 09:19:49 +0000 (17:19 +0800)]
base-files: sysfixtime: Fix time on the fake RTC
On some devices the chip has RTC but no battery save time.
This leads back to getting the wrong time
and skipping the check of the last file modification date.
This commit ensures that the file time is checked even
if the RTC exists.
which would ordinarily return an approbiate
system time used for e.g. certificate generation.
The name of squashfs is confusing since in reality it's a really old
version using an old lzma library. This tools is used for old ath79
netgear target and to produde a fake squasfs3 image needed for some
specific bootloader from some OEM (AVM for example)
Rename squashfs tool to squasfs3-lzma to better describe it.
Rename the installed bin from mksquashfs-lzma to mksquashfs3-lzma.
Use tar transform to migrate the root directory in tar to the new
naming.
Drop redundant PKG_CAT variable not needed anymore.
Also update any user of this tool.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Brian Norris [Sun, 5 Feb 2023 00:35:35 +0000 (16:35 -0800)]
ipq40xx: chromium: Enable kmod-ramoops by default
Chromium devices (like Google WiFi) have ramoops memory reserved by the
bootloader. Let's enable the ramoops kernel module by default, so we get
better crash logging.
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Brian Norris [Sun, 5 Feb 2023 00:35:34 +0000 (16:35 -0800)]
ipq806x: chromium: Enable kmod-ramoops by default
Chromium devices (like OnHub) have ramoops memory reserved by the
bootloader. Let's enable the ramoops kernel module by default, so we get
better crash logging.
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Brian Norris [Sun, 5 Feb 2023 00:35:33 +0000 (16:35 -0800)]
kernel: kmod-ramoops: Include pstore console support
Pstore ramoops support is useful even when there isn't an explicit
panic/crash. We can log all kernel messages via a "console", and then
retrieve them in the event of some non-kernel-panic reset (e.g.,
watchdog).
Since the buffer memory is already reserved, there isn't much overhead
to doing this.
The new console files will show up as:
/sys/fs/pstore/console-ramoops-N
Cc: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Brian Norris <computersforpeace@gmail.com>
Michael Pratt [Mon, 19 Apr 2021 19:45:32 +0000 (15:45 -0400)]
ramips: add support for Senao Engenius EPG600
FCC ID: A8J-EPG600
Engenius EPG600 is an indoor wireless router with
1 Gb ethernet switch, dual-band wireless,
internal antenna plates, USB, and phone lines (not supported)
this board is a Senao device:
the hardware is equivalent to EnGenius ESR600 (except for phone lines)
the software is Senao SDK which is based on openwrt and uboot
which uses the legacy Senao header with Vendor / Product IDs
to verify the firmware upgrade image.
(if you cannot access the APs webpage)
factory reset with the reset button
connect ethernet to a computer
OEM webpage at 192.168.0.1
username and password 'admin'
Navigate to gear icon, "Device Management", "Tools"
select the factory.dlf image
Upload and verify checksum
Method 2: Serial to upload initramfs:
Follow directions for TFTP recovery
upload and boot initramfs and do a sysupgrade
**TFTP recovery:**
Requires UART serial console, reset button does nothing
rename initramfs-kernel.bin to 'uImageEPG600'
make available on TFTP server at 192.168.99.8
power board, interrupt boot with "4"
execute `tftpboot` and `bootm` (with the load address)
**Return to OEM:**
Images from OEM are provided, but not compatible
with openwrt sysupgrade. So it must be modified.
Alternatively, back up all mtd partitions before flashing
**Note on switch registers:**
The necessary registers needed for the QCA8337 switch
can be read from interrupted boot (tftpboot, bootm)
by using the following lines in the switch driver ar8327.c
in the function 'ar8327_hw_config_of'
where 'qca,ar8327-initvals' is parsed from DTS
before the new register values are written:
Michael Pratt [Thu, 17 Mar 2022 03:02:42 +0000 (23:02 -0400)]
ramips: mt7620: split gsw hw_init to mac_init, ephy_init
in order for the option ephy-disable to work
without also needing ephy-base option,
we have to skip all the lines that write to mdio addresses that
assume those addresses do not have an external switch.
Otherwise, ephy ports will be disabled in hardware,
but register writes still happen as if they are enabled.
Split the functions so that other things are done first,
and ephy port setup can be skipped with a simple "return".
Tested on Engenius EPG600 (MT7620A ver:2 eco:3)
with QCA8337 external switch
Ref: cc6fd6fbb505 ("ramips: mt7620: add ephy-disable option to switch driver") Signed-off-by: Michael Pratt <mcpratt@pm.me>
Yuu Toriyama [Tue, 14 Feb 2023 05:44:11 +0000 (14:44 +0900)]
wireless-regdb: update to 2023.02.13
Changes: 7f7a9f7 wireless-regdb: update regulatory database based on preceding changes 660a1ae wireless-regdb: Update regulatory info for Russia (RU) on 5GHz fe05cc9 wireless-regdb: Update regulatory rules for Japan (JP) on 6GHz d8584dc wireless-regdb: Update regulatory rules for Japan (JP) on 5GHz c04fd9b wireless-regdb: update regulatory rules for Switzerland (CH) f29772a wireless-regdb: Update regulatory rules for Brazil (BR)
Karol Przybylski [Tue, 14 Feb 2023 22:32:56 +0000 (23:32 +0100)]
ipq807x: Add bluetooth driver to zyxel nbg7815
Zyxel NBG7815 supports bluetooth with blsp1_uart3.
Configuration are already added to dts file, device needs only module to working bluetooth properly.
Tested at below posts:
https://forum.openwrt.org/t/openwrt-support-for-armor-g5-nbg7815/98598/259?u=itork
Reviewed-by: Robert Marko <robimarko@gmail.com> Signed-off-by: Karol Przybylski <karol.przybylski@esm-technology.pl>
Installation:
* Flash the factory image through the stock web interface, or TFTP to
the bootloader. NMRP can be used to TFTP without opening the case.
* U-Boot allows booting an initramfs image via TFTP as follows:
setenv ipaddr 192.168.1.1
setenv serverip 192.168.1.100
tftpboot openwrt-mediatek-mt7622-netgear_wax206-initramfs-recovery.itb
bootm
Known Limitations:
* The 2.5G WAN port labeled 'wan' only works for speeds up to 1G at the
moment. If connected to a multi-gig port the speed has to be manually
set to 1G/full either for the switch port or in OpenWrt. For example
add the following to /etc/rc.local to set it on boot:
/usr/sbin/ethtool -s wan speed 1000 duplex full
Revert to stock firmware:
* Flash the stock firmware to the bootloader using TFTP/NMRP.
References to WAX206 GPL source:
https://www.downloads.netgear.com/files/GPL/WAX206_V1.0.4.0_Source.rar
* openwrt/target/linux/mediatek/dts/mt7622-netgear-wax206.dts
DTS file for this device.
* openwrt/target/linux/mediatek/image/mt7622.mk
Image creation code for this device
Signed-off-by: Marcel Ziswiler <marcel@ziswiler.com>
[fix WAN port (1G only), adjust partition layout, adjust image creation] Signed-off-by: Thomas Kupper <thomas.kupper@gmail.com>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Some devices like ZBT WE1326 and ZBT WF3526-P and some Netgear models need
to delay phy port initialization after calling the mt7621_pcie_init_port()
driver function to get into reliable boots for both warm and hard resets.
ipq806x: fix Linksys EAX500 family devices dead Ethernet switch
With 5.15 kernel version Linksys EAX500 family devices suffered from a
big regression where the Ethernet switch became silent and started to
malfunction.
It was discovered later that the cause was not really the kernel upgrade
itself but a hackish implementation of the hw implementation of these
special routers.
In the original Linksys source code, GPIO 63 was handled in a special way
and was reset on reboot.
Normally GPIO 63 is used for pcie2 reset but in every device we support,
pcie2 is actually never used as nothing is attached to it.
Linksys rerouted GPIO 63 to the switch reset pin and deviates from
common hw implementation.
Till now it was used an hack to handle this case... It was set pcie3 as
working (while actually nothing was connected), set it to output low
(for assert-deassert from the pcie init code) and be done with it.
The result was that the GPIO was reset for enough time in early boot and
everything worked correctly.
This hack implementation was born to fail from the very start and in
kernel 5.15 finally problem arised.
In 5.15 pcie code changed and now the GPIO reset pin is not asserted as
probe won't fail if nothing is connected to the line (the old behaviour)
This result in the switch hold the reset pin and the Ethernet switch
dead.
On top of that with 5.15 code got optimized and simply attaching the
GPIO reset to the mdio wasn't enough as the switch require at least 10ms
to be correctly reset.
So implement finally a correct solution where:
- pcie2 is correctly disabled (nothing attached, unused)
- drop the wrong output-low for pcie2 reset pin
- define GPIO 63 as switch reset
- Add the reset-gpios to the mdio0 node
- Set the reset-post-delay-us to 12ms to correctly give time the switch
to reset
Fixes: #10983 Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
I tested kernel 5.15 on my device for several times without any problems.
In my tests, 5.15 kernel has performance improvements such MGLRU.
Finally, initial kernel 6.1 support is imminent. All ramips subtargets have
5.15 as testing kernel. So, it's time to change.
Tested on my Archer C6 v3.2 (mt7621)
Signed-off-by: Rodrigo B. de Sousa Martins <rodrigo.sousa.577@gmail.com>
[reformat commit subject and message] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Stijn Tintel [Wed, 7 Dec 2022 17:04:12 +0000 (19:04 +0200)]
build: add option to use preinit IP as LAN IP
We currently have build options to customize the IP address used in the
preinit phase of the boot process, but not to set the default LAN IP.
Introduce a boolean build option that, when enabled, results in the IP
address configured for the preinit phase, to be also used as the default
LAN IP address.
Robert Marko [Wed, 15 Feb 2023 16:05:30 +0000 (17:05 +0100)]
ipq807x: move AQR driver from built-in to kmod
ipq807x does not compile-in hwmon core, and this is leading to the hwmon
code in AQR driver not being compiled due to IS_REACHABLE(CONFIG_HWMON)
evaluating to false as hwmon is being built as a module.
So, lets not compile-in Aquantia PHY driver so it can be included as kmod
instead to have functioning hwmon.
This allows using the thermal sensors in AQR-s as thermal zones for
cooling devices like fans.
Robert Marko [Wed, 15 Feb 2023 15:58:41 +0000 (16:58 +0100)]
kernel: modules: package Aquantia PHY driver
Package the Aquantia AQR PHY driver as kmod.
This enables using the Aquantia driver with hwmon support on targets where
hwmon is not compiled-in.
Currently, in case when AQR driver is compiled-in but hwmon core is not
hwmon code in AQR driver will not get compiled because of macro
IS_REACHABLE(CONFIG_HWMON) evaluating to false.
Rafał Miłecki [Wed, 15 Feb 2023 18:40:38 +0000 (19:40 +0100)]
bcm4908: refactor packet steering init
Replace a standalone init.d script with a platform implementation as
supported by netifd. This avoids a race between netifd and target
specific setups.
Package kmod-ipt-raw enables CONFIG_IP_NF_RAW and packages
iptable_raw.ko
According to kernel's net/netfilter/Kconfig there are only 3 kernel
symbols that depend on the IP_NF_RAW:
1. NETFILTER_XT_TARGET_CT (xt_CT.ko)
2. NETFILTER_XT_TARGET_NOTRACK (unused symbol?!)
3. NETFILTER_XT_TARGET_TRACE (xt_TRACE.ko)
Now: iptables-mod-conntrack-extra selects kmod-ipt-conntrack-extra which
provides: xt_helper.ko nf_conncount.ko xt_connlimit.ko xt_connmark.ko
xt_recent.ko and xt_connbytes.ko (none of them seems to require
iptable_raw.ko).
It seems there is no explicit reason for iptables-mod-conntrack-extra to
require kmod-ipt-raw (iptables_raw.ko).
Rafał Miłecki [Mon, 13 Feb 2023 09:32:45 +0000 (10:32 +0100)]
bcm53xx: refactor packet steering init
Replace a standalone init.d script with a platform implementation as
supported by netifd. This avoids a race between netifd and target
specific setups.
Daniel Golle [Tue, 14 Feb 2023 23:25:19 +0000 (23:25 +0000)]
kernel: import accepted MediaTek Ethernet patches
Import some accepted and pending upstream patches for mtk_eth_soc,
replacing some semantically equivalent local patches and fixing issues
when operating the PCS in 1G SGMII mode.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Wed, 15 Feb 2023 03:06:05 +0000 (03:06 +0000)]
treewide: replace /sys/devices/virtual/ubi by /sys/class/ubi
Starting from Linux Kernel version 6.3 UBI devices will no longer be
considered virtual, but rather have an MTD device parent. Hence they
will no longer be listed under /sys/devices/virtual/ubi which is
used in multiple places in OpenWrt. Prepare for future kernels by
using /sys/class/ubi instead of /sys/devuces/virtual/ubi.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
1. Prepare TFTP server with IP address 192.168.11.10
2. Rename OpenWrt initramfs image to "WXR-5950AX12-initramfs.uImage and
place it to TFTP directory
3. Hold AOSS (WPS) button and power on WXR-5950AX12
4. WXR-5950AX12 downloads initramfs image from TFTP server and boots
with it automatically
5. Upload sysupgrade image to WXR-5950AX12 and perform sysupgrade
6. Wait ~120 seconds to complete flashing
- WXR-5950AX12 has 2x OS images on NAND flash. The 1st image is for
normal operation and the 2nd one is for recoverying or firmware
upgrading on stock.
- Stock U-Boot checks MD5 hashes in "fw_hash" volume in each "root*"
partition when booting. This is just a comparation of hash strings.
Behaviors:
- both "fw_hash" volumes exist, hashes are rootfs == rootfs_recover
---> boot from rootfs
- both "fw_hash" volumes exist, hashes are rootfs != rootfs_recover
---> boot from rootfs_recover
Note: this behavior is used for firmware upgrading on stock
- "fw_hash" volume in rootfs is missing
---> boot from rootfs_recover
- "fw_hash" volume in rootfs_recover is missing
---> boot from rootfs
- "fw_hash" volumes in both root* partition are missing
---> boot from rootfs_recover
Reverting to stock firmware:
1. Decrypt official image by buffalo-enc and remove header
1. Boot ApresiaLightGS120GT-SS normally
2. Login to WebUI and open firmware page ("ファームウェア")
3. If the device is booted from image1, set active image for next
booting ("起動イメージ選択") to image2("イメージ2"), press apply
("適用") button and reboot the device to make booting from image2
4. On the WebUI, set active image to image1
5. Select the OpenWrt factory image and press update button ("更新")
6. Open reboot page ("再起動") and press reboot button ("再起動実行")
Notes:
- "ApresiaLightGS120GT-SS" is a model name and "APLGS120GTSS" is a model
number
- this device has 3x GPIO-controlled LEDs on PCB, but 1x LED
("green:unused") has no hole on the case
INAGAKI Hiroshi [Sat, 8 Oct 2022 12:46:51 +0000 (21:46 +0900)]
realtek: add common definition of cameo based firmware
The cameo-related recipes can also be used for APRESIA ApresiaLightGS
series devices. So create common definition for the devices manufactured
by Cameo.
And also, the model name of ApresiaLightGS120GT-SS is too long for cameo
header (max: 20 bytes), so use additional variable "CAMEO_BOARD_MODEL"
in Build/cameo-headers instead of DEVICE_MODEL to use the custom name.
(default of CAMEO_BOARD_MODEL: DEVICE_MODEL)
INAGAKI Hiroshi [Fri, 7 Oct 2022 16:07:17 +0000 (01:07 +0900)]
realtek: rename cameo specific names in "Build/*" definitions
This patch renames some Cameo specific definitions for image generation.
The same format is also used on APRESIA ApresiaLightGS series devices, not
D-Link specific.
Jan Hoffmann [Wed, 8 Feb 2023 21:53:32 +0000 (22:53 +0100)]
realtek: fix memory leak in netevent handler
The net_event_work struct is allocated, but only freed in a single case.
Move the allocation to the branch where it is actually needed, and free
it after the work has been done.
Fixes: 03e1d93e0779 ("realtek: add driver support for routing offload") Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Felix Fietkau [Sat, 10 Dec 2022 13:55:33 +0000 (14:55 +0100)]
mac80211: add fixes for receiving A-MSDU packets on mesh interfaces
The standard defines the A-MSDU header length field differently for mesh
compared to other modes. Deal with this accordingly and work around broken
implementations (e.g. ath10k, ath11k).
Karl Chan [Sun, 29 Jan 2023 05:37:28 +0000 (13:37 +0800)]
ramips: add support for ASUS RT-AX54
Specifications:
- Device: ASUS RT-AX54 (AX1800S/HP,AX54HP)
- SoC: MT7621AT
- Flash: 128MB
- RAM: 256MB
- Switch: 1 WAN, 4 LAN (10/100/1000 Mbps)
- WiFi: MT7905 2x2 2.4G + MT7975 2x2 5G
- LEDs: 1x POWER (blue, configurable)
1x LAN (blue, configurable)
1x WAN (blue, configurable)
1x 2.4G (blue, not configurable)
1x 5G (blue, not configurable)
Flash by U-Boot TFTP method:
- Configure your PC with IP 192.168.1.2
- Set up TFTP server and put the factory.bin image on your PC
- Connect serial port(rate:115200) and turn on AP, then interrupt "U-Boot Boot Menu" by hitting any key
Select "2. Upgrade firmware"
Press enter when show "Run firmware after upgrading? (Y/n):"
Select 0 for TFTP method
Input U-Boot's IP address: 192.168.1.1
Input TFTP server's IP address: 192.168.1.2
Input IP netmask: 255.255.255.0
Input file name: openwrt-ramips-mt7621-asus_rt-ax1800hp-squashfs-factory.bin
- Restart AP aftre see the log "Firmware upgrade completed!"
Michael Pratt [Tue, 31 Jan 2023 18:58:38 +0000 (13:58 -0500)]
ath79: add eth0 mac and initvals for Engenius EPG5000
Although VLANs are used, the "eth0" device by itself
does not have a valid MAC, so fix that with preinit script.
More initvals added by editing the driver to print switch registers,
after the bootloader sets them but before openwrt changes them.
The register bits needed for the QCA8337 switch
can be read from interrupted boot (tftpboot, bootm)
by adding print lines in the switch driver ar8327.c
before 'qca,ar8327-initvals' is parsed from DTS and written
for example:
Base MAC address labeled as "MAC ADDRESS"
MAC "wanaddr" is not similar to "ethaddr"
eth0 *:c8 MAC u-boot-env ethaddr
phy0 *:c8 MAC u-boot-env ethaddr
phy1 *:c9 --- u-boot-env ethaddr +1
WAN *:66:44 u-boot-env wanaddr
**Serial Access:**
RX on the board for UART is shorted to ground by resistor R176
therefore it must be removed to use the console
but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin
**Installation:**
Method 1: Firmware upgrade page
OEM webpage at 192.168.0.1
username and password "admin"
Navigate to Settings (gear icon) --> Tools --> Firmware
select the factory.bin image
confirm and wait 3 minutes
Method 2: TFTP recovery
Follow TFTP instructions using initramfs.bin
use sysupgrade.bin to flash using openwrt web interface
**Return to OEM:**
MTD partitions should be backed up before flashing
using TFTP to boot openwrt without overwriting flash
Alternatively, it is possible to edit OEM firmware images
to flash MTD partitions in openwrt to restore OEM firmware
by removing the OEM header and writing the rest to "firmware"
**TFTP recovery:**
Requires serial console, reset button does nothing at boot
rename initramfs.bin to 'uImageESR1200'
make available on TFTP server at 192.168.99.8
power board, interrupt boot by pressing '4' rapidly
execute tftpboot and bootm
**Note on ETH switch registers**
Registers must be written to the ethernet switch
in order to set up the switch's MAC interface.
U-boot can write the registers on it's own
which is needed, for example, in a TFTP transfer.
The register bits from OEM for the QCA8337 switch
can be read from interrupted boot (tftpboot, bootm)
by adding print lines in the switch driver ar8327.c
before 'qca,ar8327-initvals' is parsed from DTS and written.
for example:
Base MAC address labeled as "MAC ADDRESS"
MAC "wanaddr" is similar to "ethaddr"
eth0 *:58 MAC u-boot-env ethaddr
phy0 *:58 MAC u-boot-env ethaddr
phy1 *:59 --- u-boot-env ethaddr +1
WAN *:10:58 u-boot-env wanaddr
**Serial Access:**
RX on the board for UART is shorted to ground by resistor R176
therefore it must be removed to use the console
but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin
**Installation:**
Method 1: Firmware upgrade page
NOTE: ESR1750 might require the factory.bin
for ESR1200 instead, OEM provides 1 image for both.
OEM webpage at 192.168.0.1
username and password "admin"
Navigate to Settings (gear icon) --> Tools --> Firmware
select the factory.bin image
confirm and wait 3 minutes
Method 2: TFTP recovery
Follow TFTP instructions using initramfs.bin
use sysupgrade.bin to flash using openwrt web interface
**Return to OEM:**
MTD partitions should be backed up before flashing
using TFTP to boot openwrt without overwriting flash
Alternatively, it is possible to edit OEM firmware images
to flash MTD partitions in openwrt to restore OEM firmware
by removing the OEM header and writing the rest to "firmware"
**TFTP recovery:**
Requires serial console, reset button does nothing at boot
rename initramfs.bin to 'uImageESR1200'
make available on TFTP server at 192.168.99.8
power board, interrupt boot by pressing '4' rapidly
execute tftpboot and bootm
**Note on ETH switch registers**
Registers must be written to the ethernet switch
in order to set up the switch's MAC interface.
U-boot can write the registers on it's own
which is needed, for example, in a TFTP transfer.
The register bits from OEM for the QCA8337 switch
can be read from interrupted boot (tftpboot, bootm)
by adding print lines in the switch driver ar8327.c
before 'qca,ar8327-initvals' is parsed from DTS and written.
for example:
Base MAC address labeled as "MAC ADDRESS"
MAC "wanaddr" is not similar to "ethaddr"
eth0 *:06 MAC u-boot-env ethaddr
phy0 *:06 MAC u-boot-env ethaddr
phy1 *:07 --- u-boot-env ethaddr +1
WAN *:6E:81 u-boot-env wanaddr
**Serial Access:**
RX on the board for UART is shorted to ground by resistor R176
therefore it must be removed to use the console
but it is not necessary to remove to view boot log
optionally, R175 can be replaced with a solder bridge short
the resistors R175 and R176 are next to the UART RX pin
**Installation:**
Method 1: Firmware upgrade page
OEM webpage at 192.168.0.1
username and password "admin"
Navigate to Settings (gear icon) --> Tools --> Firmware
select the factory.bin image
confirm and wait 3 minutes
Method 2: TFTP recovery
Follow TFTP instructions using initramfs.bin
use sysupgrade.bin to flash using openwrt web interface
**Return to OEM:**
MTD partitions should be backed up before flashing
using TFTP to boot openwrt without overwriting flash
Alternatively, it is possible to edit OEM firmware images
to flash MTD partitions in openwrt to restore OEM firmware
by removing the OEM header and writing the rest to "firmware"
**TFTP recovery:**
Requires serial console, reset button does nothing at boot
rename initramfs.bin to 'uImageESR900'
make available on TFTP server at 192.168.99.8
power board, interrupt boot by pressing '4' rapidly
execute tftpboot and bootm
**Note on ETH switch registers**
Registers must be written to the ethernet switch
in order to set up the switch's MAC interface.
U-boot can write the registers on it's own
which is needed, for example, in a TFTP transfer.
The register bits from OEM for the AR8327 switch
can be read from interrupted boot (tftpboot, bootm)
by adding print lines in the switch driver ar8327.c
before 'qca,ar8327-initvals' is parsed from DTS and written.
for example:
62c1740676 changed the location of the script from $(TOOLCHAIN_DIR)/usr
to $(TOOLCHAIN_DIR), but the TOOLCHAIN_SYSROOT used in wrapper.sh was
still expecting to find the script under usr/bin.
Fixes: 62c1740676 toolchain: fix the sysroot mess by getting... Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Fakeroot 1.30.1 broke building on certain hosts (32-bit archs).
As of 2023-01-10, this was apparently fixed in source code,
however, the version is still 1.30.1 (patch release),
so the old binaries are removed from the repository and replaced,
but the source provided by the repository remains the same.
Furthermore, there are some complicated issues blocking
the "testing" release from being bumped to a 1.30.x version.
Considering all of this, it would likely be better for this package
to follow the "testing" release instead of the "unstable" release,
which is still 1.29-1, so revert to that.
John Audia [Tue, 7 Feb 2023 19:56:52 +0000 (14:56 -0500)]
openssl: bump to 1.1.1t
Removed upstreamed patch: 010-padlock.patch
Changes between 1.1.1s and 1.1.1t [7 Feb 2023]
*) Fixed X.400 address type confusion in X.509 GeneralName.
There is a type confusion vulnerability relating to X.400 address processing
inside an X.509 GeneralName. X.400 addresses were parsed as an ASN1_STRING
but subsequently interpreted by GENERAL_NAME_cmp as an ASN1_TYPE. This
vulnerability may allow an attacker who can provide a certificate chain and
CRL (neither of which need have a valid signature) to pass arbitrary
pointers to a memcmp call, creating a possible read primitive, subject to
some constraints. Refer to the advisory for more information. Thanks to
David Benjamin for discovering this issue. (CVE-2023-0286)
This issue has been fixed by changing the public header file definition of
GENERAL_NAME so that x400Address reflects the implementation. It was not
possible for any existing application to successfully use the existing
definition; however, if any application references the x400Address field
(e.g. in dead code), note that the type of this field has changed. There is
no ABI change.
[Hugo Landau]
*) Fixed Use-after-free following BIO_new_NDEF.
The public API function BIO_new_NDEF is a helper function used for
streaming ASN.1 data via a BIO. It is primarily used internally to OpenSSL
to support the SMIME, CMS and PKCS7 streaming capabilities, but may also
be called directly by end user applications.
The function receives a BIO from the caller, prepends a new BIO_f_asn1
filter BIO onto the front of it to form a BIO chain, and then returns
the new head of the BIO chain to the caller. Under certain conditions,
for example if a CMS recipient public key is invalid, the new filter BIO
is freed and the function returns a NULL result indicating a failure.
However, in this case, the BIO chain is not properly cleaned up and the
BIO passed by the caller still retains internal pointers to the previously
freed filter BIO. If the caller then goes on to call BIO_pop() on the BIO
then a use-after-free will occur. This will most likely result in a crash.
(CVE-2023-0215)
[Viktor Dukhovni, Matt Caswell]
*) Fixed Double free after calling PEM_read_bio_ex.
The function PEM_read_bio_ex() reads a PEM file from a BIO and parses and
decodes the "name" (e.g. "CERTIFICATE"), any header data and the payload
data. If the function succeeds then the "name_out", "header" and "data"
arguments are populated with pointers to buffers containing the relevant
decoded data. The caller is responsible for freeing those buffers. It is
possible to construct a PEM file that results in 0 bytes of payload data.
In this case PEM_read_bio_ex() will return a failure code but will populate
the header argument with a pointer to a buffer that has already been freed.
If the caller also frees this buffer then a double free will occur. This
will most likely lead to a crash.
The functions PEM_read_bio() and PEM_read() are simple wrappers around
PEM_read_bio_ex() and therefore these functions are also directly affected.
These functions are also called indirectly by a number of other OpenSSL
functions including PEM_X509_INFO_read_bio_ex() and
SSL_CTX_use_serverinfo_file() which are also vulnerable. Some OpenSSL
internal uses of these functions are not vulnerable because the caller does
not free the header argument if PEM_read_bio_ex() returns a failure code.
(CVE-2022-4450)
[Kurt Roeckx, Matt Caswell]
*) Fixed Timing Oracle in RSA Decryption.
A timing based side channel exists in the OpenSSL RSA Decryption
implementation which could be sufficient to recover a plaintext across
a network in a Bleichenbacher style attack. To achieve a successful
decryption an attacker would have to be able to send a very large number
of trial messages for decryption. The vulnerability affects all RSA padding
modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.
(CVE-2022-4304)
[Dmitry Belyavsky, Hubert Kario]
Signed-off-by: John Audia <therealgraysky@proton.me>
Oleg S [Mon, 17 Oct 2022 07:41:51 +0000 (10:41 +0300)]
mediatek: mt7622: fix rootfs/ubi detection for Xiaomi AX6S
By specifying the flag "denx,fit" for partition "kernel", the kernel
try to find rootfs in the same partition during boot. Reality is that
the placement of rootfs is precisely determined by the name of another
partition -"ubi".
It was also found that on some device (for example devices with NAND
chips), the "Denx search engine" manages to find roots at the end of
partition "kernel", but such partition doesn't exist and is empty
there.
Fix this by removing the "denx,fit" flag from partition "kernel". With
this change the original behavior of searchif rootfs in partition "ubi"
is restored.
Andre Heider [Tue, 31 Jan 2023 08:30:18 +0000 (09:30 +0100)]
toolchain/gcc: clean up CFLAGS
Instead of having two different ways to pass flags to the gcc build
process, add them as configure args, which is a reliable way to let
gcc pass them around to its various pieces.
Also add CXXFLAGS, since gcc started to use c++ for itself recently
(~10 years ago now).
Robert Marko [Wed, 8 Feb 2023 11:30:42 +0000 (12:30 +0100)]
kernel: set default values for ARM low level debugging symbols
Set default values for KERNEL_DEBUG_LL and KERNEL_DEBUG_LL_UART_NONE again
as both of these symbols are non visible if KERNEL_EARLY_PRINTK is not
selected and KConfig wont write their value to .config.
This usually is the intended behaviour, but in OpenWrt we are relying on
the KConfig to set these and disable the debug console settings that
multiple targets like mvebu have set in their kernel config.
This was the behaviour before removing all of the "default n" settings
as KConfig by default considers symbols disabled but they are not visible
anymore and thus their value is not set in .config and build system then
later does not override the values from target kernel config.
So, to restore the behaviour to the previous one lets a default value for
KERNEL_DEBUG_LL and KERNEL_DEBUG_LL_UART_NONE.
Fixes: 8bc72ea7be39 ("treewide: strip useless default n Kconfig lines") Tested-by: Georgi Valkov <gvalkov@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com>
Enables use of NVMe storage devices with appropriate adapter in miniPCIe slots (including for boot)
in Turris 1.x routers and possibly NXP P2020RDB boards
(these are the only currently supported p2020 devices according to docs[^1]).
Proper detection, mountability and readability was proved to be working
on Turris 1.1, OpenWrt 21.02 with similar configuration.
Increases gzip compressed kernel size by approximately 37 KiB (from 3 703 KiB to 3 740 KiB).
Should boot from those devices be possible the driver needs to be built in.
Inclusion as a module would prevent this functionality.
CONFIG_BLK_DEV_NVME=y
Includes NVMe driver in the kernel.[^2]
CONFIG_NVME_CORE=y
Selected by CONFIG_BLK_DEV_NVME.[^3] Not necessarily needed to be enabled explicitly,
but included to match the form of similar functionality implementations
for mvebu, x86_64 and rockchip_armv8 targets.
CONFIG_NVME_MULTIPATH disabled explicitly to prevent using more space than necessary.
Leon M. George [Sun, 8 May 2022 21:29:06 +0000 (23:29 +0200)]
dnsmasq: refuse to add empty DHCP range
Use ipcalc's return value to react to invalid range specifications.
By simply ignoring the range instead of aborting with an error code,
dnsmasq should still start when there's an error (best effort).
Aborting the config generation or working with invalid range specs leaves
dnsmasq crash-looping which is the right thing to do concerning that
particular interface but it also hinders DHCP service on other interfaces
and DNS on the router itself.
Signed-off-by: Leon M. George <leon@georgemail.eu>
Leon M. George [Thu, 5 May 2022 22:02:52 +0000 (00:02 +0200)]
base-files: ipcalc.sh: fail when network is too small
It's possible to move range boundaries in a way that the start address
lies behind the end address.
Detect this condition and exit with an error message.
Signed-off-by: Leon M. George <leon@georgemail.eu>
projects / thirdparty / openwrt.git / log
