Rani Hod [Sat, 15 Jun 2024 14:27:42 +0000 (17:27 +0300)]
ramips: mt7621: add support for Wodesys WD-R1802U
This commit adds support for a dual-band AX1800 wall plug manufactured
by Shenzhen Century Xinyang Tech Co., Ltd.
CPU: Mediatek MT7621A (2 cores, 4 threads)
RAM: 256i MiB DDR3 (Samsung K4B2G1646F-BCNB)
ROM: 16 MiB SPI NOR (Winbond W25Q128JVPQ)
Wired: one gigabit RJ45 port (with green/yellow non-GPIO LEDs)
WiFi: Mediatek MT7905DAN + MT7975DN (DBDC 2x 2T2R)
Ant.: four 2 dBi external antennas (two 2.4GHz, two 5 GHz)
GPIO: tri-color status LED (GPIO 13, 14, 16);
reset button (GPIO 18)
Power: 12V 2-pin JST-XH on main PCB
110/220V AC to 12V1A DC on auxiliary PCB
UART: 115200 8n1, SMD pads available on the PCB as J4
pinout is [3v3] (Rx) (Tx) (Gnd)
MAC: 1C:BF:CE:xx:xx:xx (2.4 GHz, label)
1C:BF:CE:xx:xx:xx + 1 (ethernet [1])
1C:BF:CE:xx:xx:xx + 2 (5 GHz)
Original firmware is LEDE Reboot 17.01-SNAPSHOT (kernel 4.4.198)
with a few custom packages and a non-LuCI web interface.
Telnet and SSH are enabled, requiring an unknown root password [2].
Root password is also needed to access the router via UART console,
but passwordless telnet can be enabled via a trivial web exploit [3]
and then the root password can be removed by editing `/etc/shadow`.
Installation: First upload `sysupgrade` binary via web interface at
`http://192.168.188.1/settings.shtml` and wait until getting back to
the home screen (select network to extend). The installation fails
since the original firmware uses `swconfig` and recent versions of
OpenWrt use DSA. However, the sysupgrade file is uploaded correctly
and stored at `/tmp/upgrade.bin`, so it can be written to flash via
the web exploit [4] (both `mtd -r write` and `sysupgrade -Fn` work
fine). Passwordless telnet/ssh is not needed for installation.
Alternatively, use u-boot menu to load image via TFTP.
Notes:
- Device model in LEDE is "MediaTek MT7621 RFB (802.11ax,SNOR)".
- It is sold under several names, among them are Wodesys WD-R1802U,
Fenvi F-AX1802U, and EDUP EP-2971; the Wodesys brand was selected
since it is referenced in `/etc/banner` and `/etc/hosts`, and the
PCB is marked "WD518A V1.0".
- Instead of a standard ethernet transformer, the PCB has a few tiny
SMD coils.
[1] Original firmware sets ethernet MAC to 1C:BF:CE:E7:62:1D based on
offset `0x3fff4` in the Factory partition; since this is the same
MAC for all units, whereas WiFi MACs stored at offsets 0x6 and 0xc
are unique, it was decided to use <label MAC + 1> for ethernet.
[2] root:$1$7rmMiPJj$91iv9LWhfkZE/t7aCBdo.0:18388:0:99999:7:::
[3] curl -X POST http://192.168.188.1/cgi-bin/adm.cgi \
-d page=Lang -d langType="en;killall telnetd;telnetd -l /bin/sh"
[4] curl -X POST http://192.168.188.1/cgi-bin/adm.cgi \
-d page=Lang -d langType="en;mtd -r write /tmp/upgrade.bin firmware"
Josef Schlehofer [Tue, 30 Aug 2022 07:06:04 +0000 (09:06 +0200)]
mpc85xx: enable inside secure driver for PowerPC platforms
Freescale procesor has Securite Engine driver called Talitos. [1]
This driver is already packaged for OpenWrt since commit bf57f33f0229564828f576b2dfb897aa0b57e85c ("kernel: Allow talitos crypto
hw module selection"), but many users don't know about it.
Let's include this kernel module package to default packages as it was
recently done for MediaTek in commit 06c4fc6d5e1eea00e6a3ea208102407408590af8
("kernel: enable inside secure driver for MediaTek platforms")
The file contains the the /usr/lib path from the toolchain directory and
not from the target directory. The /usr/lib directory for the toolchain
is empty and the shared library is not in the specified paths. On RISCV
the linker of util-linux was finding the libncursesw.so in my host
system, tried to link against it and failed. Fix the .pc file.
Fixes: #15942 Co-authored-by: Thomas Weißschuh <thomas@t-8ch.de> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> Link: https://github.com/openwrt/openwrt/pull/16018 Signed-off-by: Robert Marko <robimarko@gmail.com>
mwlwifi: fix mac80211 broken after update to 6.9.9
Port of kernel commit: https://github.com/torvalds/linux/commit/0a44dfc Fixes: https://github.com/openwrt/openwrt/issues/15975 Fixes: 1bfcc1e ("mac80211: update to version 6.9.9") Signed-off-by: Aleksey Vasilenko <aleksey.vasilenko@gmail.com> Link: https://github.com/openwrt/openwrt/pull/16016 Signed-off-by: Robert Marko <robimarko@gmail.com>
NEC Aterm WG600HP is a 2.4/5 GHz band 11n (Wi-Fi 4) router, based on
AR9344.
Specification:
- SoC : Atheros AR9344
- RAM : DDR2 128 MiB (2x Hynix H5PS5162GFR-S6C)
- Flash : SPI-NOR 8 MiB (Macronix MX25L6406EMI-12G)
- WLAN : 2.4/5 GHz 2T2R
- 2.4 GHz : Atheros AR9344 (SoC)
- 5 GHz : Atheros AR9382
- Ethernet : 5x 10/100/1000 Mbps
- switch : Atheros AR8327
- LEDs/Keys (GPIO): 10x/4x
- note : all LEDs are controlled by ath9k chip (AR9382)
- UART : through-hole on PCB
- assignment : 3.3V, GND, NC, TX, RX from tri-angle marking
- settings : 9600n8
- USB : 1x USB 2.0 Type-A
- hub (internal): NEC uPD720114
- Power : 12 VDC, 1.5 A (Max. 16 W)
- Stock OS : NetBSD based
Flash instruction using initramfs-factory.bin image (StockFW WebUI):
1. Boot WG600HP with router mode normally
2. Access to the WebUI ("http://aterm.me/" or "http://192.168.0.1/") on
the device and open firmware update page ("ファームウェア更新")
3. Select the OpenWrt initramfs-factory.bin image and click update
("更新") button
4. After updating, the device will be rebooted and booted with OpenWrt
initramfs image
5. On the initramfs image, upload (or download) uboot.bin and
sysupgrade.bin image to the device
6. Replace the bootloader with a uboot.bin image
mtd write <uboot.bin image> bootloader
7. Perform sysupgrade with a sysupgrade.bin image
sysupgrade <sysupgrade image>
8. Wait ~120 seconds to complete flashing
Flash instruction using initramfs-factory.bin image (bootloader CLI):
1. Connect and open serial console
2. Power on WG600HP and interrupt bootloader by ESC key
3. Login to the bootloader CLI with a password "chiron"
4. Start TFTP server by "tftpd" command
5. Upload initramfs-factory.bin via tftp from your computer
example (Windows): tftp -i 192.168.0.1 PUT initramfs-factory.bin
6. Boot initramfs image by "boot" command
7. On the initramfs image, back up the stock bootloader and firmware if
needed
8. Upload (or download) uboot.bin and sysupgrade.bin image to the device
9. Replace the bootloader with a uboot.bin image
10. Perform sysupgrade with a sysupgrade.bin image
11. Wait ~120 seconds to complete flashing
Notes:
- All LEDs are connected to the GPIO controller on the ath9k chip
(AR9382) and controlled by it. Those LEDs are probed after probing of
ath9k chip, so they cannot be handled as status LEDs of OpenWrt while
booting.
- A reset pin of the internal USB hub is connected to the GPIO
controller of the ath9k chip, like LEDs above. That hub will be
detected after probing of the ath9k chip.
- The stock bootloader requires an unknown filesystem on firmware area
in the flash. Booting of OpenWrt from that filesystem cannot be
handled, so the bootloader needs to be replaced to mainline U-Boot
before OpenWrt installation.
NEC Aterm WR9500N is a 2.4/5 GHz band 11n (Wi-Fi 4) router, based on
AR9344.
Specification:
- SoC : Atheros AR9344
- RAM : DDR2 128 MiB (2x Nanya NT5TU32M16DG-AC)
- Flash : SPI-NOR 16 MiB (Macronix MX25L12845EMI-10G)
- WLAN : 2.4/5 GHz
- 2.4 GHz : 2T2R, Atheros AR9344 (SoC)
- 5 GHz : 3T3R, Atheros AR9380
- Ethernet : 5x 10/100/1000 Mbps
- switch : Atheros AR8327
- LEDs/Keys (GPIO): 12x/4x
- note : all LEDs are controlled by ath9k chip (AR9380)
- UART : pad on PCB (near shielded ath9k chip, white circle)
- assignment : 3.3V, GND, TX, RX from AR8327 side
- settings : 9600n8
- USB : 1x USB 2.0 Type-A
- hub (internal): NEC uPD720114
- Power : 12 VDC, 1.5 A (Max. 17 W)
- Stock OS : NetBSD based
Flash instruction using initramfs-factory.bin image (StockFW WebUI):
1. Boot WR9500N with router mode normally
2. Access to the WebUI ("http://aterm.me/" or "http://192.168.0.1/") on
the device and open firmware update page ("ファームウェア更新")
3. Select the OpenWrt initramfs-factory.bin image and click update
("更新") button
4. After updating, the device will be rebooted and booted with OpenWrt
initramfs image
5. On the initramfs image, upload (or download) uboot.bin and
sysupgrade.bin image to the device
6. Replace the bootloader with a uboot.bin image
mtd write <uboot.bin image> bootloader
7. Perform sysupgrade with a sysupgrade.bin image
sysupgrade <sysupgrade image>
8. Wait ~120 seconds to complete flashing
Flash instruction using initramfs-factory.bin image (bootloader CLI):
1. Connect and open serial console
2. Power on WR9500N and interrupt bootloader by ESC key
3. Login to the bootloader CLI with a password "chiron"
4. Start TFTP server by "tftpd" command
5. Upload initramfs-factory.bin via tftp from your computer
example (Windows): tftp -i 192.168.0.1 PUT initramfs-factory.bin
6. Boot initramfs image by "boot" command
7. On the initramfs image, back up the stock bootloader and firmware if
needed
8. Upload (or download) uboot.bin and sysupgrade.bin image to the device
9. Replace the bootloader with a uboot.bin image
10. Perform sysupgrade with a sysupgrade.bin image
11. Wait ~120 seconds to complete flashing
Notes:
- All LEDs are connected to the GPIO controller on the ath9k chip
(AR9380) and controlled by it. Those LEDs are probed after probing of
ath9k chip, so they cannot be handled as status LEDs of OpenWrt while
booting.
- A reset pin of the internal USB hub is connected to the GPIO
controller of the ath9k chip, like LEDs above. That hub will be
detected after probing of the ath9k chip.
- The stock bootloader requires an unknown filesystem on firmware area
in the flash. Booting of OpenWrt from that filesystem cannot be
handled, so the bootloader needs to be replaced to mainline U-Boot
before OpenWrt installation.
NEC Aterm WR8750N is a 2.4/5 GHz band 11n (Wi-Fi 4) router, based on
AR9344.
Specification:
- SoC : Atheros AR9344
- RAM : DDR2 128 MiB (2x Hynix H5PS5162GFR-S6C)
- Flash : SPI-NOR 8 MiB (Macronix MX25L6406EMI-12G)
- WLAN : 2.4/5 GHz 2T2R
- 2.4 GHz : Atheros AR9344 (SoC)
- 5 GHz : Atheros AR9382
- Ethernet : 5x 10/100/1000 Mbps
- switch : Atheros AR8327
- LEDs/Keys (GPIO): 10x/4x
- note : all LEDs are controlled by ath9k chip (AR9382)
- UART : through-hole on PCB
- assignment : 3.3V, GND, NC, TX, RX from tri-angle marking
- settings : 9600n8
- USB : 1x USB 2.0 Type-A
- hub (internal): NEC uPD720114
- Power : 12 VDC, 1.5 A (Max. 16 W)
- Stock OS : NetBSD based
Flash instruction using initramfs-factory.bin image (StockFW WebUI):
1. Boot WR8750N with router mode normally
2. Access to the WebUI ("http://aterm.me/" or "http://192.168.0.1/") on
the device and open firmware update page ("ファームウェア更新")
3. Select the OpenWrt initramfs-factory.bin image and click update
("更新") button
4. After updating, the device will be rebooted and booted with OpenWrt
initramfs image
5. On the initramfs image, upload (or download) uboot.bin and
sysupgrade.bin image to the device
6. Replace the bootloader with a uboot.bin image
mtd write <uboot.bin image> bootloader
7. Perform sysupgrade with a sysupgrade.bin image
sysupgrade <sysupgrade image>
8. Wait ~120 seconds to complete flashing
Flash instruction using initramfs-factory.bin image (bootloader CLI):
1. Connect and open serial console
2. Power on WR8750N and interrupt bootloader by ESC key
3. Login to the bootloader CLI with a password "chiron"
4. Start TFTP server by "tftpd" command
5. Upload initramfs-factory.bin via tftp from your computer
example (Windows): tftp -i 192.168.0.1 PUT initramfs-factory.bin
6. Boot initramfs image by "boot" command
7. On the initramfs image, back up the stock bootloader and firmware if
needed
8. Upload (or download) uboot.bin and sysupgrade.bin image to the device
9. Replace the bootloader with a uboot.bin image
10. Perform sysupgrade with a sysupgrade.bin image
11. Wait ~120 seconds to complete flashing
Notes:
- All LEDs are connected to the GPIO controller on the ath9k chip
(AR9382) and controlled by it. Those LEDs are probed after probing of
ath9k chip, so they cannot be handled as status LEDs of OpenWrt while
booting.
- A reset pin of the internal USB hub is connected to the GPIO
controller of the ath9k chip, like LEDs above. That hub will be
detected after probing of the ath9k chip.
- The stock bootloader requires an unknown filesystem on firmware area
in the flash. Booting of OpenWrt from that filesystem cannot be
handled, so the bootloader needs to be replaced to mainline U-Boot
before OpenWrt installation.
uboot-ath79: add support for NEC Aterm series based on AR9344
Add support for NEC Aterm series devices based on Atheros AR9344.
The following devices have almost the same hardware, so the same U-Boot
binary can be used for them.
- NEC Aterm WR8750N
- NEC Aterm WR9500N
- NEC Aterm WG600HP
By the way, on NetBSD-based NEC Aterm devices, only 0x20000 (128KiB) is
available for a bootloader on the flash chip and that limitation is too
small for mainline U-Boot with the default options. So many
features/commands not required for booting OpenWrt and recoverying are
disabled on that devices, like the followings.
- networking support
- FIT support
- all decompression methods support
This is an automatically generated commit which aids following Kernel patch
history, as git will see the move and copy as a rename thus defeating the
purpose.
For the original discussion see:
https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
Michael Pratt [Thu, 11 Jul 2024 10:33:55 +0000 (06:33 -0400)]
tools/7z: update to 24.05
Update to a more recent stable release.
Most notably, this version includes
some fixes for building on an OS like Alpine.
This allows for the removal of hacks
that fixed building on Alpine,
but broke building on ARM archs.
Michael Pratt [Thu, 11 Jul 2024 06:36:18 +0000 (02:36 -0400)]
build: add support for host building in a subdirectory
Add HOST_MAKE_PATH and use it in order to execute Make
in a subdirectory of the build directory
and in a similar way that MAKE_PATH is used for target building.
base-files: upgrade: nand: allow custom fw extraction in nand_do_upgrade()
By default nand_do_upgrade() can only deal with raw and gzipped firmware
files. Vendors often use custom firmware containers. Allow passing
custom extraction command to allow using nand_do_upgrade() with vendor
firmwares.
Flash instructions:
1. Execute the following operation to open nc shell:
https://openwrt.org/inbox/toh/tp-link/xdr-6086#rooting
2. Replace the stock bootloader to OpenWrt's:
dd bs=131072 conv=sync of=/dev/mtdblock9 if=/tmp/xxx-preloader.bin
dd bs=131072 conv=sync of=/dev/mtdblock9 seek=28 if=/tmp/xxx-bl31-uboot.fip
3. Connect to your PC via the Gigabit port of the router,
set a static ip on the ethernet interface of your PC.
4. Download the initramfs image, and restart the router,
waiting for tftp recovery to complete.
5. After openwrt boots up, perform sysupgrade.
Ubiquiti has a set of UniFi 802.11ax (Wi-Fi 6) AP devices. All models
include "U6" in their names and also have code names with no special
characters (including spaces).
Use proper full names for those devices. Names in OpenWrt/DTS code may
need updating too but it can be handled later.
Cc: Elbert Mai <code@elbertmai.com> Cc: Daniel Golle <daniel@makrotopia.org> Cc: Henrik Riomar <henrik.riomar@gmail.com> Cc: David Bauer <mail@david-bauer.net> Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license] Signed-off-by: Andre Heider <a.heider@gmail.com> Link: https://github.com/openwrt/openwrt/pull/15550 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Martin Schiller [Wed, 21 Aug 2019 06:32:09 +0000 (08:32 +0200)]
firmware: add Intel/Lantiq VRX518 PPE firmware package
This firmware is used by the vrx518 tc driver.
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license] Signed-off-by: Andre Heider <a.heider@gmail.com> Link: https://github.com/openwrt/openwrt/pull/15550 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Martin Schiller <ms.3headeddevs@gmail.com>
[update for new license] Signed-off-by: Andre Heider <a.heider@gmail.com> Link: https://github.com/openwrt/openwrt/pull/15550 Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Notes:
- The device supports dual boot mode
- The firmware partitions were concatinated into one
Flash instruction:
The only way to flash OpenWrt image is to use tftp recovery mode in U-Boot:
1. Configure PC with static IP 192.168.1.2/24 and tftp server.
2. Rename "openwrt-ramips-mt7621-keenetic_kn-3510-squashfs-factory.bin"
to "KN-3510_recovery.bin" and place it in tftp server directory.
3. Connect PC with one of LAN ports, press the reset button, power up
the router and keep button pressed until power led start blinking.
4. Router will download file from server, write it to flash and reboot
Eros Brigmann [Thu, 4 Jul 2024 18:10:25 +0000 (20:10 +0200)]
ramips: add support for Wavlink WL-WN531G3-A2
This device is exactly the same as WL-WN531G3 but with different partition layout and different MAC layout. Labeled as Quantum D4G Rev.: A2.
Hardware
--------
SoC: Mediatek MT7620A
RAM: 64MB
FLASH: 8MB NOR (GigaDevice GD25Q64CS)
ETH:
- 2x 10/100/1000 Mbps Ethernet (RTL8211F)
- 3x 10/100 Mbps Ethernet (integrated in SOC)
WIFI:
- 2.4GHz: 1x (integrated in SOC) (2x2:2)
- 5GHz: 1x MT7612E (2x2:2)
- 4 external antennas
BTN:
- 1x Reset button
- 1x Touchlink button
- 1x Turbo button
- 1x Wps button
- 1x ON/OFF switch
LEDS:
- 1x Red led (system status)
- 1x Blue led (system status)
- 5x Blue leds (ethernet ports)
- 1x Power led
- 1x Wifi led
UART:
- 57600-8-N-1
Everything works correctly.
Installation
------------
Flash the initramfs image in the OEM firmware interface
When Openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.
Notes
-----
1) Router mac addresses:
LAN XX:XX:XX:XX:XX:0F (factory @ 0x28)
WAN XX:XX:XX:XX:XX:10 (factory @ 0x2e)
WIFI 2G XX:XX:XX:XX:XX:11 (factory @ 0x04)
WIFI 5G XX:XX:XX:XX:XX:12 (factory @ 0x8004)
In make menuconfig the name is [Amplifi Router HD], and
is missing Ubiquiti. Lets fix that by adding
DEVICE_VENDOR := Ubiquiti to generic-ubnt.mk so the name is:
[Ubiquiti Amplifi Router HD].
base-files: ipcalc.sh handle start and range being empty strings
If we're being paranoid and quote all the arguments to ipcalc.sh,
it's possible to pass in empty start and range arguments. This
should be handled the same as their being absent.
Huawei AP6010DN is a dual-band, dual-radio 802.11a/b/g/n 2x2 MIMO
enterprise access point with one Gigabit Ethernet port and PoE
support.
Hardware highlights:
- CPU: AR9344 SoC at 480MHz
- RAM: 128MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: AR9344-internal radio
- Wi-Fi 5GHz: AR9580 PCIe WLAN SoC
- Ethernet: 10/100/1000 Mbps Ethernet through Atheros AR8035 PHY
- PoE: yes
- Standalone 12V/2A power input
- Serial console externally available through RJ45 port
- External watchdog: CAT706SVI (1.6s timeout)
Serial console:
9600n8 (9600 baud, no stop bits, no parity, 8 data bits)
MAC addresses:
Each device has 32 consecutive MAC addresses allocated by
the vendor, which don't overlap between devices.
This was confirmed with multiple devices with consecutive
serial numbers.
The MAC address range starts with the address on the label.
To be able to distinguish between the interfaces,
the following MAC address scheme is used:
- eth0 = label MAC
- radio0 (Wi-Fi 2.4GHz) = label MAC + 1
- radio1 (Wi-Fi 5GHz) = label MAC + 2
Installation:
0. Connect some sort of RJ45-to-USB adapter to "Console" port of the AP
1. Power up the AP
2. At prompt "Press f or F to stop Auto-Boot in 3 seconds",
do what they say.
Log in with default admin password "admin@huawei.com".
3. Boot the OpenWrt initramfs from TFTP using the hidden script "run ramboot".
Replace IP address as needed:
4. Optional but recommended as the factory firmware cannot be downloaded publicly:
Back up contents of "firmware" partition using the web interface or ssh:
5. Run sysupgrade using sysupgrade image. OpenWrt
shall boot from flash afterwards.
Return to factory firmware (using firmware upgrade package downloaded from non-public Huawei website):
1. Start a TFTP server in the directory where
the firmware upgrade package is located
2. Boot to u-boot as described above
3. Install firmware upgrade package and format the config partitions:
> update system FatAP6X10XN_SOMEVERSION.bin
> format_fs
Return to factory firmware (from previously created backup):
1. Copy over the firmware partition backup to /tmp,
for example using scp
2. Use sysupgrade with force to restore the backup:
sysupgrade -F huawei_ap6010dn_fw_backup.bin
3. Boot AP to U-Boot as described above
Quirks and known issues:
- The stock firmware has a semi dual boot concept where the primary
kernel uses a squashfs as root partition and the secondary kernel uses
an initramfs. This dual boot concept is circumvented on purpose to gain
more flash space and since the stock firmware's flash layout isn't
compatible with mtdsplit.
- The external watchdog's timeout of 1.6s is very hard to satisfy
during bootup. This is why the GPIO15 pin connected to the watchdog input
is configured directly in the LZMA loader to output the AHB_CLK/2 signal
which keeps the watchdog happy until the wdt-gpio kernel driver takes
over. Because it would also take too long to read the whole kernel image
from flash, the uImage header only includes the loader which then reads
the kernel image from flash after GPIO15 is configured.
Gain telnet access:
1. Login into web interface, and download the configuration.
2. Decode and uncompress the configuration:
* Enter fakeroot if you are not login as root.
base64 -d e-xxxxxxxxxxxx-cfg.tar.gz | tar -zx
3. Edit 'etc/passwd', remove root password: 'root::1:0:99999:7:::'.
4. Edit 'etc/rc.local', insert telnetd command before 'exit 0':
( sleep 3s; /usr/sbin/telnetd; ) &
5. Repack the configuration:
tar -zc etc/ | base64 > e-xxxxxxxxxxxx-cfg.tar.gz
6. Upload new configuration via web interface, now you can connect to
ASR3000 via telnet.
Flash instructions:
1. Connect to ASR3000, backup everything, especially 'Factory' part.
2. Write new BL2:
mtd write openwrt-mediatek-filogic-abt_asr3000-preloader.bin BL2
3. Write new FIP:
mtd write openwrt-mediatek-filogic-abt_asr3000-bl31-uboot.fip FIP
4. Set static IP on your PC:
IP 192.168.1.254/24, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, perform sysupgrade.
lantiq: properly release descriptors in etop driver detach
This patch fixes two issues in the driver detach:
* double free of the same descriptor (upstream bug, backported in 66177c081f1b05e4eb7f6c23d97954e8172c4336),
* releasing tx descriptor instead of rx (downstream bug).
The driver is compiled into the kernel that is why the error
is not visible in normal use.
Sean Khan [Sat, 13 Jul 2024 20:40:30 +0000 (16:40 -0400)]
mac80211: fix kconf build warnings
This patch cleans up the following warnings during build:
"warning: format not a string literal"
```
conf.c: In function 'conf_askvalue':
conf.c:89:17: warning: format not a string literal and no format arguments [-Wformat-security]
89 | printf(_("(NEW) "));
| ^~~~~~
conf.c: In function 'conf_choice':
conf.c:285:33: warning: format not a string literal and no format arguments [-Wformat-security]
285 | printf(_(" (NEW)"));
| ^~~~~~
conf.c: In function 'check_conf':
conf.c:440:41: warning: format not a string literal and no format arguments [-Wformat-security]
440 | printf(_("*\n* Restart config...\n*\n"));
| ^~~~~~
conf.c: In function 'main':
conf.c:617:41: warning: format not a string literal and no format arguments [-Wformat-security]
617 | _("\n*** The configuration requires explicit update.\n\n"));
| ^
conf.c:669:25: warning: format not a string literal and no format arguments [-Wformat-security]
669 | fprintf(stderr, _("\n*** Error during writing of the configuration.\n\n"));
| ^~~~~~~
conf.c:673:25: warning: format not a string literal and no format arguments [-Wformat-security]
673 | fprintf(stderr, _("\n*** Error during update of the configuration.\n\n"));
| ^~~~~~~
conf.c:684:25: warning: format not a string literal and no format arguments [-Wformat-security]
684 | fprintf(stderr, _("\n*** Error during writing of the configuration.\n\n"));
| ^~~~~~~
```
And POSIX Yacc warnings
```
lex -ozconf.lex.c -L zconf.l
yacc -ozconf.tab.c -t -l zconf.y
zconf.y:34.1-7: warning: POSIX Yacc does not support %expect [-Wyacc]
34 | %expect 32
| ^~~~~~~
zconf.y:97.1-11: warning: POSIX Yacc does not support %destructor [-Wyacc]
97 | %destructor {
| ^~~~~~~~~~~
gcc -Wall -Wmissing-prototypes -Wstrict-prototypes -O2 -fomit-frame-pointer -DKBUILD_NO_NLS -c -o zconf.tab.o zconf.tab.c
gcc conf.o zconf.tab.o -o conf
```
base-files: upgrade: nand: use "cmd" argument for extracting command
NAND code uses either "cat" or "zcat" for getting firmware image
content. Code was full of duplicated ${gz}cat calls. Use "cmd" variable
that is determined by a caller and passed to lower level functions. This
avoids code duplication and allows adding support for more formats.
Martin Schiller [Thu, 18 Jul 2024 11:53:37 +0000 (13:53 +0200)]
target.mk: init default configs if they are missing in the .config
The config options that are enabled by default and where other default
packages depends on should not only be set if there is no .config file,
but also if the .config exists but the config option (e.g.
CONFIG_SECCOMP) is missing in the file.
This is relevant, for example, if you are working with .config templates
and then want to complete the configuration using make defconfig.
Martin Schiller [Wed, 17 Jul 2024 11:00:38 +0000 (13:00 +0200)]
target.mk: further improve handling of default enabled SECCOMP
The fix in commit 847fad476f3d ("target.mk: improve handling of default
enabled SECCOMP") unfortunately does not work for targets where the ARCH
variable is set in ./$(SUBTARGET)/target.mk.
To get this working, the ./$(SUBTARGET)/target.mk must be included
before the check.
Fixes: 847fad476f3d ("target.mk: improve handling of default enabled SECCOMP") Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Daniel Golle [Wed, 17 Jul 2024 15:25:59 +0000 (16:25 +0100)]
base-files: remove fitblk_get_bootdev() from /lib/upgrade/common.sh
The function was moved to /lib/upgrade/fit.sh which is part of the fitblk
package. Remove it from /lib/upgrade/common.sh to safe space on boards
not using unified uImage.FIT images.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Wed, 17 Jul 2024 15:25:05 +0000 (16:25 +0100)]
uboot-envtools: use /lib/upgrade/fit.sh
Use export_fitblk_bootdev() in /lib/upgrade/fit.sh instead of now
deprecated fitblk_get_bootdev() function. Include /lib/upgrade/fit.sh
instead of /lib/upgrade/common.sh to allow removing the function there.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Wed, 17 Jul 2024 15:22:10 +0000 (16:22 +0100)]
fitblk: move shell functions to common file
Move shell functions used for sysupgrade into /lib/upgrade/fit.sh.
Introduce improved fitblk boot device detection function which
works also in case ubiblock devices have not yet been created or
even UBI itself not yet being attached.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Initramfs images are not supported by imagebuilder. With recent changes
to support Per Device Rootfs, we now generate an image and a vmlinux for
each Rootfs and these additional files are all shipped in the
imagebuilder tar.
Drop these new file and any vmlinux-initramfs as they are not used and
increase the final size of the imagebuilder archive.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This fixes multiple security problems:
* [Medium] CVE-2024-1544
Potential ECDSA nonce side channel attack in versions of wolfSSL before 5.6.6 with wc_ecc_sign_hash calls.
* [Medium] CVE-2024-5288
A private key blinding operation, enabled by defining the macro WOLFSSL_BLIND_PRIVATE_KEY, was added to mitigate a potential row hammer attack on ECC operations.
* [Low] When parsing a provided maliciously crafted certificate directly using wolfSSL API, outside of a TLS connection, a certificate with an excessively large number of extensions could lead to a potential DoS.
* [Low] CVE-2024-5991
In the function MatchDomainName(), input param str is treated as a NULL terminated string despite being user provided and unchecked.
* [Medium] CVE-2024-5814
A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection.
* [Medium] OCSP stapling version 2 response verification bypass issue when a crafted response of length 0 is received.
* [Medium] OCSP stapling version 2 revocation bypass with a retry of a TLS connection attempt.
Unset DISABLE_NLS to prevent setting the unsupported configuration
option --disable-nls which breaks the build now.
Chad Monroe [Mon, 15 Jul 2024 17:37:55 +0000 (10:37 -0700)]
mediatek: filogic: disable eMMC HS400 mode for Mount Stuart series
The eMMC chip used in a small batch of these devices has issues operating
in HS400 mode. Reducing to HS200 mode works around the problem and does
not cause any noticeable performance penalties as smaller chips are not fast
enough to saturate the bus. Root cause analysis is pending.
Shiji Yang [Fri, 5 Jul 2024 05:52:06 +0000 (13:52 +0800)]
uboot-mediatek: update to U-Boot release v2024.07
1. Rename function _do_env_set() to env_do_env_set().
2. Replace kwbimage hack with UBOOT_CUSTOMIZE_CONFIG:
"--disable TOOLS_KWBIMAGE" and "--disable TOOLS_LIBCRYPTO".
3. Disable CONFIG_CMD_BOOTEFI_BOOTMGR for all supported devices
because the newly added UEFI bootmenu entries doesn't work.
4. Enable CONFIG_VERSION_VARIABLE for the OpenWrt One.
Signed-off-by: Shiji Yang <yangshiji66@qq.com> Co-authored-by: Daniel Golle <daniel@makrotopia.org>
Shiji Yang [Sat, 13 Jul 2024 08:50:59 +0000 (16:50 +0800)]
rtl8812au-ct: fix build with mac80211 6.9.9 backport
The change_beacon() API has been updated since the 6.7 kernel. Ref:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.9.9&id=66f85d57b7109baf8a7d5ee04049ac9412611d35
Shiji Yang [Sat, 13 Jul 2024 03:47:21 +0000 (11:47 +0800)]
mac80211: rt2x00: remove upstreamed patch
This BBP register fix patch has already been upstreamed. Ref:
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v6.9.9&id=50da74e1e8b682853d1e07fc8bbe3a0774ae5e09
Fixes: 1bfcc1ea8a78 ("mac80211: update to version 6.9.9") Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Felix Fietkau [Thu, 11 Jul 2024 13:03:13 +0000 (15:03 +0200)]
ucode: update to Git HEAD (2024-07-11)
73644a036f5a nl80211: move access to tb array out of uc_nl_convert_attr and below 6e3cf83a77a7 nl80211: add support for multi-attribute arrays 6ff24d5488a9 nl80211: update nl80211.h to latest wireless-next abc2aef28641 nl80211: add wiphy multi-radio support
Felix Fietkau [Wed, 19 Jun 2024 11:51:47 +0000 (13:51 +0200)]
mac80211: update to version 6.9.9
Brings lots of driver updates and API changes needed for mt76 updates.
Disable iwlwifi and ath11k on 5.15, since backport is too difficult,
and the only remaining targets won't need those drivers.
Robert Marko [Thu, 11 Jul 2024 13:02:28 +0000 (15:02 +0200)]
mvebu: rb5009: fix QCA8081 LED polarity
Currently, QCA8081 LED is never configured and the default configuration
has the LED polarity inverted so it will be lit when there is nothing
connected to the PHY.
So lets define the LED as active-low and configure the trigger via 01_leds.
projects / thirdparty / openwrt.git / log
