Allow forced flashing of a factory firmware image, after checking for the
correct FIT magic header and Linksys board-specific footer. Details of the
footer are already described in scripts/linksys-image.sh.
This is convenient as it avoids using a TFTP server or OEM GUI, and allows
restoring OEM firmware or installing a "breaking" OpenWrt update (e.g DSA
migration and kernel repartition) directly from the command line.
Devices supported at this time include EA6350v3, EA8300, MR8300 and WHW01.
Reviewed-by: Robert Marko <robimarko@gmail.com> Tested-by: Wyatt Martin <wawowl@gmail.com> # WHW01 Tested-by: Tony Ambardar <itugrok@yahoo.com> # EA6350v3 Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Tony Ambardar [Tue, 6 Dec 2022 03:38:45 +0000 (19:38 -0800)]
ipq40xx: migrate Linksys WHW01 to DSA and re-enable
Convert Linksys WHW01 network configuration to DSA and re-enable builds.
Reviewed-by: Robert Marko <robimarko@gmail.com> Tested-by: Wyatt Martin <wawowl@gmail.com> Signed-off-by: Wyatt Martin <wawowl@gmail.com> Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Tony Ambardar [Tue, 6 Dec 2022 03:44:32 +0000 (19:44 -0800)]
ipq40xx: fix up Linksys WHW01 board name, device definition
Update the board name defined in DTS to match online documentation and the
name encoded into factory firmware. This helps supports flashing firmware
factory images using 'sysupgrade'.
Original WHW01 device definition assumes the rootfs IMAGE_SIZE is 33 MB
instead of the correct 74 MB, and defines factory images which include
extra adjustments/padding that do not match OEM factory images and may
cause problems flashing. Update image size and build recipe to fix these.
Suggested-by: Wyatt Martin <wawowl@gmail.com> Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Raise the kernel size from 3 MB to 5 MB for EA6350v3, EA8300 and MR8300,
and correspondingly reduce the rootfs size by 2 MB:
* modify partition definitions in related .dts files
* modify device kernel/image sizes in generic.mk
Update to compat-version 2.0 to force factory image usage on sysupgrade,
noting the current version 1.1 is an unreleased update for DSA migration.
Also update the compat-version message, explaining the need to run one of
the following console commands to update U-Boot's kernel-size variable
before flashing the OpenWrt factory image.
setenv kernsize 500000 ; saveenv # (U-Boot serial console)
Finally, re-enable the 3 devices.
Reviewed-by: Robert Marko <robimarko@gmail.com> Tested-by: Nicolas TORMO <badulesia.granieri@gmail.com> # MR8300 Tested-by: Tony Ambardar <itugrok@yahoo.com> # EA6350v3 Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Hauke Mehrtens [Thu, 29 Dec 2022 20:26:28 +0000 (21:26 +0100)]
mbedtls: update to version 2.28.2
Changelog: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Fixes the following CVEs:
* CVE-2022-46393: Fix potential heap buffer overread and overwrite in
DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
* CVE-2022-46392: An adversary with access to precise enough information
about memory accesses (typically, an untrusted operating system
attacking a secure enclave) could recover an RSA private key after
observing the victim performing a single private-key operation if the
window size used for the exponentiation was 3 or smaller.
Felix Fietkau [Fri, 30 Dec 2022 15:42:03 +0000 (16:42 +0100)]
netifd: update to the latest version
2cffe0c44e62 treewide: correctly apply IFNAMSIZ limit 96bcbb2e4eb6 wireless: allow set_retry ubus notify command to trigger a wdev restart a2e8cd75dbf6 wireless: add support for disabling multicast-to-unicast per virtual interface e9f44189ade7 system: move netdev types to system-linux.c where they are used a3fab0119ef1 utils: include utils.h last 7ce73fc16765 vlandev: propagate topology changes 81c1fbcba2f2 device: fix vlan device issues with disappearing lower devices
Hauke Mehrtens [Thu, 29 Dec 2022 16:40:02 +0000 (17:40 +0100)]
CI: labeler: Add target label to target packages
This adds the target label also to changes in packages which are target
specific like the boot loader of a target or some drivers which are only
use on one target.
Chuanhong Guo [Fri, 30 Dec 2022 07:55:56 +0000 (15:55 +0800)]
mediatek: drop redmi-ax6000 variant with modified env
This variant uses xiaomi factory u-boot and modified u-boot-env &
bootcmd.
By modifying uboot-env, the xiaomi firmware recovery provided in
the vendor u-boot doesn't work anymore. It's possible to put
u-boot into a state where it refuese to take any serial input.
If the u-boot is in this state, users can't restore their
firmware without taking the flash off the board.
We now have a -stock variant where the vendor u-boot is used in
a way that xiaomi firmware recovery still works, and a -ubootmod
variant where we get rid of all xiaomi components, have more
usable space and no uart console lock. These two should cover all
use cases and we don't need this variant anymore.
Drop this redmi-ax6000 variant. Existing users of this variant
should perform a u-boot mod or restore to the -stock layout.
Hauke Mehrtens [Sun, 18 Dec 2022 16:32:46 +0000 (17:32 +0100)]
tree-wide: Do not use package librt and libpthread
The libraries libpthread, libdl, libutil, libanl have been integrated
into the libc library in version 2.34. it is not needed to explicitly
link them any more.
Most of the functions have been moved from the librt.so into libc.so
some time ago already.
Šimon Bořek [Wed, 15 Jun 2022 15:38:38 +0000 (17:38 +0200)]
mpc85xx: change CPU_TYPE from 8540 to 8548
All subtargets as p1010, p1020, p2020 uses e500v2 cores [1] [2] [3] [4],
so let's force cpu type to 8545 for all mpc85xx target even though
there might exist device with e500v1, but there is no such router supported in OpenWrt
and because of that it does not make sense to to set CPU_TYPE for each subtarget.
All MPC85xx SoC can be found here:
https://www.nxp.com/products/processors-and-microcontrollers/legacy-mpu-mcus/powerquicc-processors:POWERQUICC_HOME#powerquicc-iii-mpc85xx
Šimon Bořek [Wed, 15 Jun 2022 15:31:39 +0000 (17:31 +0200)]
mpc85xx: add support for cpu type 8548
8540 cpu type corresponds to e500v1 core while
8548 cpu type corresponds to e500v2 core
See https://www.nxp.com/products/processors-and-microcontrollers/legacy-mpu-mcus/powerquicc-processors:POWERQUICC_HOME#powerquicc-iii-mpc85xx
and https://www.nxp.com/docs/en/application-note/AN2807.pdf .
Robert Marko [Wed, 28 Dec 2022 21:57:49 +0000 (22:57 +0100)]
linux-firmware: disable stripping
It has been brought to my attention that recently added WCN6855 firmware
is broken as it is getting stripped during building due to being 2 ELF
binaries.
I am sure WCN6750 and any other ELF binaries are having the same issue,
so since stripping firmware binaries is clearly unwanted disable it.
Fixes: b4d3694f81f4 ("linux-firmware: package ath11k consumer cards firmware") Signed-off-by: Robert Marko <robimarko@gmail.com>
5. Load kmod-mtd-rw to temporarily make the bootloader partions writable.
The kmod-mtd-rw is from the feeds, it is not packed in initramfs-factory
by default.
To install kmod-mtd-rw via opkg:
opkg update && opkg install kmod-mtd-rw
Or, download kmod-mtd-rw.ipk from OpenWrt server and install it manually
e.g:
https://downloads.openwrt.org/snapshots/targets/mediatek/filogic/kmods/
Select your OpenWrt release version and kernel version accordingly.
8. This is optional. Skip this if you do not want to have NAND recovery
boot feature offered by OpenWrt U-Boot. Don't worry, you always have
automatic tftp recovery feature enabled.
Sander Vanheule [Wed, 28 Dec 2022 20:39:46 +0000 (21:39 +0100)]
realtek: deduplicate GS1900 recipes
ZyXEL GS1900 devices with SoCs from both the RTL838x and RTL839x
families share the same image structure and size of the firmware
partition. Additionally, the GS1900-48 recipe provided a parameter for
the zyxel-vers command, but this parameter is not used. Deduplicate the
recipes by moving it to target/linux/realtek/image/common.mk.
Sander Vanheule [Wed, 28 Dec 2022 11:26:21 +0000 (12:26 +0100)]
realtek: fix GS1900-48 firwmare partition
The listed partition size doesn't match the original partition size, and
actually overlaps with the following partition. The partition node name
for the "firmware" partition also has an extra 'b' compared to the
partition offset.
Fixes: 47f5a0a3eed5 ("realtek: Add support for ZyXEL GS1900-48 Switch") Signed-off-by: Sander Vanheule <sander@svanheule.net>
Sander Vanheule [Tue, 27 Dec 2022 13:27:44 +0000 (14:27 +0100)]
realtek: fix ZYXELS_VERS for GS1900-48
The GS1900-48 firmware image is identified by the 'AAHN' ID, while the
GS1900-48HP is identified by 'AAHO' [1]. The latter was used, resulting
in the following error message when upgrading via the stock web UI:
Device only can support firmware from V1.00(AAHN.0) and later version
Sander Vanheule [Wed, 28 Dec 2022 20:46:48 +0000 (21:46 +0100)]
realtek: fix default image generation
While cleaning up the makefiles for the realtek target, the order of the
default image generating commands was accidentally changed. This caused
the image signature to end up somewhere in the middle, misaligning the
rootfs. As a result, sysupgrade couldn't verify upgrade images anymore,
and devices end up in a boot loop due to the unaligned (and not found)
rootfs.
Nick Hainke [Tue, 20 Dec 2022 15:12:48 +0000 (16:12 +0100)]
ath79: fix calibration-art for some boards
"0x1000" looks suspicious. By looking at data provided
by @DragonBluep I was able to identify the correct size for
AR9380, AR9287 WiFis. Furthermore, PowerCloud Systems CAP324
has a AR9344 WiFi.
Felix Baumann [Mon, 26 Dec 2022 20:40:43 +0000 (21:40 +0100)]
ramips: add support for read/write uboot env to Asus RX-AX53U
Add support for read/writing uboot env by renaming the second partition
to its stock label "nvram" and remove the deemed unnecessary
"read-only". Split the first partition "u-boot" in two, in order
to allow `fw_setenv` safe write-access to the uboot environment
variables.
This implements hauke's request from [1].
Based on the patch provided by Shiji Yang.
Co-Authored-By: Shiji Yang <yangshiji66@qq.com> Signed-off-by: Felix Baumann <felix.bau@gmx.de>
[ improve commit title and description, fix some whitespace problem ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Birger Koblitz [Thu, 12 May 2022 18:40:45 +0000 (20:40 +0200)]
realtek: Fix reset register access
The reset register on RTL93xx not merely have bits to execute
a reset of a hardware component, but also configuration bits for
reset procedures. Keep them during executing a reset.
Revert backported upstream commits 421f8663b3a7 and 8d820bc9d12b, which have
introduced a regression in BCMGENET kconfig that disabled the network driver
for the Raspberry Pi.
Fixes: 0c405bceba11 ("kernel: bump 5.15 to 5.15.85") Fixes: e9008223268c ("kernel: bump 5.15 to 5.15.84") Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Olliver Schinagl [Thu, 22 Dec 2022 10:53:30 +0000 (11:53 +0100)]
realtek: Reduce variable scopes
Linus prefers to have loop initializers nice and tightly scoped. In
OpenWRT this has been possible since 41a1a652fbd4 ("kernel: backport
gnu11 upgrade").
This patch cleans up variable scope while trying to do the above for
'simple for loops'.
This cleans up and simplifies some functions and code, and pulls in
variables to a smaller scope.
Jan Hoffmann [Sat, 17 Dec 2022 20:45:43 +0000 (21:45 +0100)]
realtek: add cond_resched to loops accessing the FDB table
A full loop accessing all FDB entries can take several milliseconds
(on RTL839x about 20 ms), so give other kernel tasks a chance to run.
This is especially important for rtl83xx_port_fdb_dump which is itself
called in a loop for all ports by the kernel.
Jan Hoffmann [Sat, 17 Dec 2022 20:45:42 +0000 (21:45 +0100)]
realtek: restructure rtl_table_read/write
These two functions are identical apart from writing different values to
the read/write bit. Create a new function rtl_table_exec to reduce code
duplication.
Also replace the unbounded busy-waiting loop. The new implementation may
sleep, but as the hardware typically responds before the first poll, any
callers doing many table accesses still need to make sure not to block
other kernel tasks themselves.
So far, polling timeout errors are only handled by logging an error, but
a return value is added to allow proper handling in the future.
Jan Hoffmann [Sat, 17 Dec 2022 20:45:41 +0000 (21:45 +0100)]
realtek: simplify log messages in rtl83xx_mdio_probe
This function currently prints three messages for every switch port at
KERN_INFO level. This takes a considerable amount of time during bootup
and can even trigger an external watchdog.
Replace these log messages by a single one at KERN_DEBUG level.
Jan Hoffmann [Sat, 17 Dec 2022 20:39:40 +0000 (21:39 +0100)]
realtek: don't set L2LEARNING flag in rtl83xx TX header
As learning for the CPU port is now disabled globally, the bit in the
TX header doesn't have any effect anymore. Remove it to make the header
consistent with the global configuration.
Originally, this change was intended to be applied before commit eb456aedfe24 ("realtek: use assisted learning on CPU port"), which is
why the commit message incorrectly mentions that the TX header already
disables learning.
The reason for disabling learning on the CPU port in the first place is
that it doesn't work correctly when packets are trapped to the CPU and
then forwarded by the CPU to other ports. In that case, the switch would
incorrectly learn the CPU port as source. An example that triggered this
issue are Multicast Listener Reports and IGMP membership reports.
rules: drop -Wno-error additional flags from default TARGET_CFLAGS
We currently enable -Wno-error=unused-but-set-variable and
-Wno-error=unused-result by default on every compile package.
While this is (relatively) unharmful, we should follow other project
direction and starts enforcing good code quality. For example the linux
kernel recently started to enforce Wall by default and clean code is
mandatory for inclusion.
Drop for good these flags and and make it mandatory to correctly handle
return values at least with a warning log if they are not strictly error
condition.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Xuefer H [Sat, 24 Dec 2022 12:16:11 +0000 (20:16 +0800)]
libbsd: fix libpath to not use host path
libpath.so uses host path in ld script causing other packages fail to
cross compile, e.g. perl:
"ld: cannot find /usr/lib/libbsd.so.0.11.6: No such file or directory"
Fixes: openwrt/packages#19390 Signed-off-by: Xuefer H <xuefer@gmail.com>
Ensure the MAC address for all NanoPi R1 boards is assigned uniquely for
each board.
The vendor ships the device in two variants; one with and one without
eMMC; but both without static mac-addresses.
In order to assign both board types unique MAC addresses, fall back on
the same method used for the NanoPi R2S and R4S in case the EEPROM
chip is not present by generating the board MAC from the SD card CID.
Hauke Mehrtens [Sat, 24 Dec 2022 13:39:17 +0000 (14:39 +0100)]
mac80211: Do not build brcmsmac on bcm47xx_legacy
brcmsmac needs bcma. bcma is build into the kernel for the other bcm47xx
subtargets, but not for the legacy target because it only uses ssb. We
could build bcma as a module for bcm47xx_legacy, but none of these old
devices uses a wifi card supported by brcsmac.
Josef Schlehofer [Thu, 22 Dec 2022 18:37:36 +0000 (19:37 +0100)]
mpc85xx: drop empty patch as it backported to LTS kernel 5.15.70
This patch is part of Linux kernel 5.15.70, the content was removed, but
the empty file is still being carried over the repository, so remove it
once for all
Fixes: e1b009c ("kernel: bump 5.15 to 5.15.70") Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Olliver Schinagl [Wed, 14 Dec 2022 10:33:01 +0000 (11:33 +0100)]
tools: Improve diffability/maintainability
There's no purpose to squish multiple tools into a single line (and
spread those out over multiple lines). It might look 'nice' in certain
conditions, but it's annoying to maintain.
For example, but not limited to:
* adding/removing tools, causes hard to read diffs
* Duplicates are harder to spot
* Sorting can not be (easily?) automated
With this proposed change, the above annoyances go away. Inserting a new
tool can be done with a single line-change-diff, sorting can be done by
any editor (in vi, select, :sort for example) and dupes are much easier
to spot.
Several sunxi devices come with multiple mmc devices. On such devices,
the mmc device order is unpredictable, so using /dev/mmcblk0p2 as root
device doesn't always work, which results in unbootable devices.
For the Banana Pi BPI-R3 in the mediatek target, this has been solved by
defining aliases for the mmc devices in the DTS. Ideally we would do the
same here, but for sunxi-a64 we already use UUID probing, so let's start
with that (5f2ff607e286 ("uboot-sunxi: a64: allow booting directly from
eMMC")).
Since we're building and including u-boot in each supported device
image, and this method has been proven to work fine for a64, let's just
change the default u-boot env file to do the same.
Fixes: #10080 Fixes: e6d9f6fdff ("sunxi: add support for FriendlyARM NanoPi R1") Co-authored-by: Karl Palsson <karlp@etactica.com> Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
[use UUID in default u-boot env, rewrite commit message] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Stijn Tintel [Mon, 19 Dec 2022 17:56:55 +0000 (19:56 +0200)]
github: add issue template
Add an issue template with required fields, instructions how to easily
get some of that required data from the device. Aside from that, also
add some links to the OpenWrt contact page, and for feature requests,
link to the forum.
Hauke Mehrtens [Sat, 6 Aug 2022 22:36:17 +0000 (00:36 +0200)]
toolchain: gcc: backport patches to fix build with glibc 2.36
glibc 2.36 changed the definition of enum fsconfig_command, it now
collides with the same definition from sys/mount.h. Remove the include
of linux/fs.h This still compiled with musl too.
This backports a patch which is already in the stable branch of GCC 11
and GCC 12.
Stijn Tintel [Tue, 20 Dec 2022 18:04:53 +0000 (20:04 +0200)]
trusted-firmware-a.mk: use correct CPE ID
There are 2 different CPE IDs on the NVD website:
cpe:/a:arm:trusted_firmware-a
cpe:/o:arm:arm_trusted_firmware
The ID as currently used in trusted-firmware-a.mk does not exist. The
CPE ID using the arm_trusted_firmware product name only lists a few
records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the
trusted_firmware-a product name lists many more records, and actually
has a CVE linked to it. Therefore, use the CPE ID using the
trusted_firmware-a product name.
Daniel Golle [Mon, 19 Dec 2022 18:58:42 +0000 (18:58 +0000)]
xdp-tools: update to version 1.2.9
Changes since v1.2.8: 32aaf32 libxdp: Fix incorrect rx_ring_setup_done 6049671 headers: add bpf_endian.h for parsing_helpers.h 2682c1c export-man: Ignore errors when executing git shell command 8afda7a xdp-loader/README: Mention lack of support for HW mode in most cards dc69919 libxdp: fix prog_fd checks for fd >= 0 3d7c22a libxdp: Allow falling back to single-program attachment for loaded programs af00429 libxdp: Fix check in xdp_program__attach_single() 41703d2 libxdp: Make sure to set the the program autoload when loading a program b1fd2e5 test-xdpdump: Only run tshark attribute test on newer versions of tshark 5dfe342 libxdp: Convert xdp-dispatcher to use strict section names 929a22e configure: Try to auto-detect versioned clang binaries 074fcfb libxdp: Check program name when determining if a program is a dispatcher e13a191 Bump TOOLS_VERSION to 1.2.9
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Petr Štetiar [Mon, 19 Dec 2022 10:14:41 +0000 (11:14 +0100)]
Revert "Revert "mvebu: switch default kernel to 5.15""
This reverts commit 97c77fff28cf001399f33c7bc1ec6687ba18450b as commit 8be6350f6646 ("generic: 5.15: allow MV88E6xxx built-in when PTP support
disabled") contains the fix, so lets enable kernel 5.15 on mvebu again.
ath79: image: don't depend on other COMPILE targets
A device COMPILE target should not depend on another COMPILE.
Otherwise race condition may happen.
The loader is very small. Compiling it twice shouldn't
have a huge impact.
Michael Pratt [Tue, 22 Nov 2022 00:37:39 +0000 (00:37 +0000)]
image: fix device profile specific COMPILE targets
Commit a01d23e75 ("image: always rebuild kernel loaders")
is a step in the right direction, but exposed some issues
and regressions in the makefile.
Some of the files made by device specific COMPILE targets
start with an "append" command (i.e. >> instead of > redirection)
and if the file already exists, the target file is the
input to itself before the first recipe-specified input.
Robert Marko [Sun, 6 Feb 2022 14:50:24 +0000 (15:50 +0100)]
mac80211: add ath11k PCI support
ath11k is the upstream driver for Qualcomm 802.11ax radios, both for the
internal AHB and PCI based cards.
This commit does however only provide PCI support while AHB will follow
but its SoC specific so it will require an OpenWrt target first.
It differs a bit from ath10k as it requires stuff like QRTR, MHI and QMI
helpers.
PCI variant requires qrtr-mhi and mhi-bus which backports do provide,
however we are dropping those in a patch as they will conflict with
support for the AHB variant as that one requires qrtr-smd which in turn
requires RPMSG and GLINK and its not feasable to provide those in
backports as they are really SoC specific.
QRTR and MHI in kernel 5.10 are not usable and backporting the changes
is not easy as they have changed drastically from 5.10 to 5.15 ath11k will
only be available on targets that use kernel 5.15.
Robert Marko [Tue, 21 Dec 2021 12:47:03 +0000 (13:47 +0100)]
kernel: package QRTR support
QRTR is Qualcomm IPC router protocol and ath11k requires it for both
AHB and PCI support, so package it as a kernel module so it can be
added as a dependency to the ath11k module.
Only kernel 5.15 is currently supported due to various things missing in
5.10 whose backporting is out of scope for this patch.
SMD, TUN and MHI variants are packaged.
SMD variant depends on the ipq807x
target as it has dependency on the RPMSG drivers which are Qualcomm
and SoC specific anyway.
Julien Dusser [Sun, 20 Mar 2022 09:11:15 +0000 (10:11 +0100)]
ramips: add support for Linksys E5400 and clones
Linksys E5400 is a 2.4/5GHz dual band AC router, based on MediaTek
MT7628AN. This device is also sold as Linksys E2500v4, E5300 and E5350
with the same hardware, but software speed limitations in vendor
firmwares.
MAC address:
LAN: factory 0x28
WAN: LAN + 1
2.4G: LAN + 2
5G: LAN + 3
Installation:
1. Connect to UART, use LF as EOL (not CRLF)
2. Set IP address
- Press 4 during boot
- setenv serverip <TFTPSERVER_IP>
- setenv ipaddr <DEVICE_IP>
- setenv bootfile openwrt-ramips-mt76x8-linksys_e5400-initramfs-kernel.bin
- saveenv
- reset
3. Load Openwrt Kernel image from TFTP:
- Press 1 during boot
- IP and filename should be already set
4. Boot into OpenWrt and perform sysupgrade with sysupgrade image.
projects / thirdparty / openwrt.git / log
