Gain SSH access:
1. Login into web interface, and download the configuration.
2. Enter fakeroot, decompress the configuration:
tar -zxf cfg_export_config_file.conf
3. Edit 'etc/config/dropbear', set 'enable' to '1'.
4. Edit 'etc/shadow', update (remove) root password:
'root::19523:0:99999:7:::'
5. Repack 'etc' directory:
tar -zcf cfg_export_config_file.conf etc/
* If you find an error about 'etc/wireless/mediatek/DBDC_card0.dat',
just ignore it.
6. Upload new configuration via web interface, now you can SSH to RAX3000M.
Check stroage type:
Check the label on the back of the device:
"CH EC CMIIT ID: xxxx" is eMMC version
"CH CMIIT ID: xxxx" is NAND version
eMMC Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'factory' part.
('data' partition can be ignored, it's useless.)
2. Write new GPT table:
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
echo 0 > /sys/block/mmcblk0boot0/force_ro
dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-emmc-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
IP 192.168.1.254, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
dd if=openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync
NAND Flash instructions:
1. SSH to RAX3000M, and backup everything, especially 'Factory' part.
2. Erase and write new BL2:
mtd erase BL2
mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-preloader.bin BL2
3. Erase and write new FIP:
mtd erase FIP
mtd write openwrt-mediatek-filogic-cmcc_rax3000m-nand-bl31-uboot.fip FIP
4. Set static IP on your PC:
IP 192.168.1.254, GW 192.168.1.1
5. Serve OpenWrt initramfs image using TFTP server.
6. Cut off the power and re-engage, wait for TFTP recovery to complete.
7. After OpenWrt has booted, erase UBI volumes:
ubidetach -p /dev/mtd0
ubiformat -y /dev/mtd0
ubiattach -p /dev/mtd0
8. Create new ubootenv volumes:
ubimkvol /dev/ubi0 -n 0 -N ubootenv -s 128KiB
ubimkvol /dev/ubi0 -n 1 -N ubootenv2 -s 128KiB
9. Additionally, if you want to have NAND recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
ubimkvol /dev/ubi0 -n 2 -N recovery -s 20MiB
ubiupdatevol /dev/ubi0_2 openwrt-mediatek-filogic-cmcc_rax3000m-initramfs-recovery.itb
10. Perform sysupgrade.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 423186d7d8b4f23aee91fca4f1774a195eba00d8)
[rebased to 23.05] Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Hauke Mehrtens [Sun, 5 Nov 2023 22:05:24 +0000 (23:05 +0100)]
mbedtls: Activate secp521r1 curve by default
Activate the secp521r1 ecliptic curve by default. This curve is allowed
by the CA/Browser forum, see
https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-v2.0.1-redlined.pdf#page=110
This increases the size of libmbedtls12_2.28.5-1_aarch64_generic.ipk by
about 400 bytes:
Without:
252,696 libmbedtls12_2.28.5-1_aarch64_generic.ipk
With:
253,088 libmbedtls12_2.28.5-2_aarch64_generic.ipk
Some packages (like wavemon >= 0.9.4) depend on libnl-cli. Add support
for this part of the lib. libnl-cli itself depends on libnl-genl and
libnl-nf. On MIPS, this component adds 81kB.
Signed-off-by: Koen Vandeputte <koen.vandeputte@citymesh.com>
(punctuation correction and reorganisation of commit message) Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 4bdd1c1a135b5c816a01055f3cc9fc158bbc840a)
Nicolò Veronese [Mon, 2 Oct 2023 20:17:09 +0000 (22:17 +0200)]
uboot-mediatek: fix global pll clock override on mtk_spim
With patch 101-03-spi-mtk_spim-get-spi-clk-rate-only-once.patch
a new system to calculate the SPI clocks has been added.
Unfortunately, the do_div macro overrides the global
priv->pll_clk_rate field. This will cause to have a reduced
clock rate on each subsequent SPI call.
Petr Štetiar [Thu, 19 Oct 2023 04:09:25 +0000 (04:09 +0000)]
ci: add workflow for automated GitHub release
Implement a GitHub Actions workflow for automated project releases.
The workflow triggers on Git tags, ensuring that a GitHub release is
created whenever a new tag is pushed.
That new release is going to be created in draft and pre-release mode
and needs to be manually promoted to the proper release, once its
decided, that its good enough and prepared.
This is a start of a streamlined and consistent release process for
GitHub, reducing manual intervention.
Acked-by: Christian Marangi <ansuelsmth@gmail.com> Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 280d9dd75874ef4c4e2407366eda987cda8efd25)
Petr Štetiar [Fri, 27 Oct 2023 07:37:52 +0000 (07:37 +0000)]
hostapd: fix broken WPS on broadcom-wl and ath11k
Upgrading wpa_supplicant from 2.9 to 2.10 breaks broadcom-wl/ath11k
based adapters. The reason for it is hostapd tries to install additional
IEs for scanning while the driver does not support this.
The kernel indicates the maximum number of bytes for additional scan IEs
using the NL80211_ATTR_MAX_SCAN_IE_LEN attribute. Save this value and
only add additional scan IEs in case the driver can accommodate these
additional IEs.
Petr Štetiar [Tue, 24 Oct 2023 08:27:13 +0000 (08:27 +0000)]
build: add CycloneDX SBOM JSON support
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.
So lets add support for CycloneDX SBOM for packages and images
manifests.
Petr Štetiar [Thu, 26 Oct 2023 16:11:47 +0000 (16:11 +0000)]
package-dumpinfo,metadata: add ABI version information to package index
There is no standard for ABI versioning, so its not possible to find out
from `libext2fs2`, `libiwinfo20230701` or `libss2` package names if
thats just package name or package name with ABI version included. To
help with the decision, lets make ABI version aviable in package index.
Daniel Golle [Tue, 12 Sep 2023 23:57:49 +0000 (00:57 +0100)]
mediatek: add build for MT7981 RFB
Add build for the MTK3943 reference board for MT7981B+MT7976C.
**Hardware specification:**
- SoC: MediaTek MT7981B 2x A53
- Flash: various options
- RAM: 256MB DDR3
- Ethernet: 4 x 10/100/1000 Mbps via MT7531AE switch
EITHER 1 x 10/100/1000 Mbps built-in PHY
OR 1 x 10/100/1000/2500 Mbps MaxLinear GPY211C
- Switch: MediaTek MT7531AE
- WiFi: MediaTek MT7976C
- Button: RST, WPS
**Flash instructions for SPIM-NAND:**
- write *mt7981-rfb-spim-nand-preloader.bin to 'BL2' partition
- write *mt7981-rfb-spim-nand-bl31-uboot.fip to 'FIP' partition
- erase 'ubi' partition
- reset board
- create ubootenv and ubootenv2 UBI volumes in U-Boot
- edit environment and set bootcmd, e.g.
setenv bootconf 'config-1#mt7981-rfb-spim-nand#mt7981-rfb-mxl-2p5g-phy-eth1'
setenv bootcmd 'ubi read $loadaddr fit; bootm $loadaddr#$bootconf'
- load initramfs image via TFTP:
setenv serverip 192.168.1.254
setenv ipaddr 192.168.1.1
setenv bootfile openwrt-mediatek-filogic-mediatek_mt7981-rfb-initramfs.itb
saveenv ; saveenv
tftpboot
bootm $loadaddr#$bootconf
- Now use sysupgrade to write OpenWrt firmware to flash.
SNFI-NAND, SPIM-NOR and eMMC all work very similar, a bootable SD card image
is also being generated. However, as the board I've been provided only comes
with SPIM-NAND all other boot media are untested.
Daniel Golle [Mon, 18 Sep 2023 15:40:30 +0000 (16:40 +0100)]
arm-trusted-firmware-mediatek: fix copy&paste error in Makefile
When adding builds for MT7981 the related Makefile sections for MT7986
have apparently been copied, but in one instance the rename from 7986 to
7981 has been omitted. Fix that now.
Fixes: 602cb4f325 ("arm-trusted-firmware-mediatek: add build for MT7981 DDR3") Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit be6e257fe6a248425fd390e9a2037a8432e644ea)
Daniel Golle [Mon, 11 Sep 2023 21:49:59 +0000 (22:49 +0100)]
kernel: serial: 8250_mtk: track busclk state to avoid bus error
UARTs not used as boot console are currently broken on some MediaTek
targets due to register access depending on the bus clock being enabled.
Add patch to make sure this dependency is always met.
David Bauer [Tue, 24 Oct 2023 01:07:48 +0000 (03:07 +0200)]
hostapd: fix OWE association with mbedtls
The code for hostapd-mbedtls did not work when used for OWE association.
When handling association requests, the buffer offsets and length
assumptions were incorrect, leading to never calculating the y point,
thus denying association.
Also when crafting the association response, the buffer contained the
trailing key-type.
Fix up both issues to adhere to the specification and make
hostapd-mbedtls work with the OWE security type.
Shiji Yang [Fri, 14 Jul 2023 15:09:55 +0000 (23:09 +0800)]
ath79: increase the rfkill debounce interval for TP-Link Archer C7 v2
Due to circuit issue or silicon defect, sometimes the WiFi switch button
of the Archer C7 v2 can be accidentally triggered multiple times in one
second. This will cause WiFi to be unexpectedly shut down and trigger
'irq 23: nobody cared'[1] warning. Increasing the key debounce interval
to 1000 ms can fix this issue. This patch also add the missing rfkill
key label.
Shiji Yang [Tue, 26 Sep 2023 12:12:45 +0000 (20:12 +0800)]
ramips: fix Gigabit Ethernet port of the HiWiFi HC5861
HiWiFi HC5861 has a GbE port which connected to the RTL8211E PHY
chip. This patch adds the missing Realtek PHY driver package and
sets the correct external PHYs base address to make it work again.
Anari Jalakas [Sat, 14 Oct 2023 12:18:34 +0000 (15:18 +0300)]
iptables: opt-out of lto usage
This fixes building with USE_LTO enabled.
<artificial>:(.text+0xc22): relocation R_MIPS16_26 against `libxt_DNAT_init' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol printf
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Anari Jalakas [Sat, 7 Oct 2023 12:16:47 +0000 (15:16 +0300)]
lua: opt-out of lto usage
This fixes building with USE_LTO enabled.
<artificial>:(.text+0xcc8): relocation R_MIPS16_26 against `luaL_argerror' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Anari Jalakas [Sat, 7 Oct 2023 13:13:21 +0000 (16:13 +0300)]
libsepol: opt-out of lto usage
This fixes building with USE_LTO enabled.
<artificial>:(.text+0x4194): relocation R_MIPS16_26 against `cil_printf.lto_priv.0' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol memcmp
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Anari Jalakas [Sat, 7 Oct 2023 13:43:09 +0000 (16:43 +0300)]
libselinux: opt-out of lto usage
This fixes building with USE_LTO enabled:
<artificial>:(.text.exit+0x6e): relocation R_MIPS16_26 against `pthread_key_delete' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol stpcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Anari Jalakas [Sat, 7 Oct 2023 12:10:50 +0000 (15:10 +0300)]
iwinfo: opt-out of lto usage
This fixes building with USE_LTO enabled.
<artificial>:(.text+0x400c): relocation R_MIPS16_26 against `iwinfo_close' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status
Rani Hod [Sun, 8 Oct 2023 15:18:13 +0000 (18:18 +0300)]
build: hide kmod-zram config unless enabled
Currently the zram default compressor choice is displayed whether or not
zram is activated. Since the default choice is lzo-rle, this adds a
false dependency on kmod-lib-lzo.
With this patch, the choice options appear only when activating zram.
Furong Xu [Fri, 27 Oct 2023 15:22:49 +0000 (23:22 +0800)]
uboot-mediatek: Sync phy-mode for Xiaomi Redmi Router AX6000
Commit 572ea6807053 ("uboot-mediatek: add patches for MT7988 and
builds for RFB") renamed HSGMII to 2500basex, but forgot to update
the dts of Redmi Router AX6000, makes the network unusable.
This patch makes the network usable again.
Fixes: #13724 Fixes: 572ea6807053 ("uboot-mediatek: add patches for MT7988 and builds for RFB") Signed-off-by: Furong Xu <xfr@outlook.com>
(cherry picked from commit 03987d2d11c4954e3e8afa3d44ba6213e774c742)
Chukun Pan [Sun, 15 Oct 2023 15:18:27 +0000 (23:18 +0800)]
sunxi: fixes led for nanopi boards
Kernel 5.15 already supports the NanoPi R1 and NanoPi R1S H5,
and they use new LED bindings that do not match the existing
settings in 01_leds. Update led settings to fixes that.
List the led node on NanoPi R1S H5:
root@OpenWrt:~# ls /sys/class/leds/
green:lan green:wan red:status
Signed-off-by: John Audia <therealgraysky@proton.me>
[Refreshed on top of OpenWrt 23.05] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 75aeb7ed627ba5ea6f10f365b232bed21e40b502)
Signed-off-by: John Audia <therealgraysky@proton.me>
[Refreshed on top of OpenWrt 23.05] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 096bb8ed82cebeb8926a5b64466afec649385159)
Matt Merhar [Sun, 29 Oct 2023 01:15:46 +0000 (21:15 -0400)]
kernel: fix jffs2 compilation with GCC_PLUGIN_RANDSTRUCT enabled
Designated initializers are required when using the randstruct GCC
plugin, otherwise an error like the following is seen:
./include/linux/lzma.h:60:31: error: positional initialization of field in 'struct' declared with 'designated_init' attribute [-Werror=designated-init]
Felix Fietkau [Thu, 19 Oct 2023 17:15:11 +0000 (19:15 +0200)]
umdns: update to the latest version
479c7f8676d9 cache: make record/hostname lookup case-insensitive 26c97a5a50bf ubus: add a browse flag for suppressing cached ip addresses c286c51a9bd9 Fix AVL tree traversal in cache_record_find and cache_host_is_known 4035fe42df58 interface: use a global socket instead of per-interface ones c63d465698c7 cache: dump hostname target from srv records b42b22152d73 use hostname from SRV record to look up IP addresses d45c443aa1e6 ubus: add array flag support for the hosts method
David Bauer [Fri, 20 Oct 2023 13:14:15 +0000 (15:14 +0200)]
uqmi: update to latest HEAD
c8c9f10 uim: fix help formatting aac0776 uqmi: add APN profile commands ffc5eea uim: support SIM card power-up/down d6c963d uim: add application state to SIM status
Jonas Gorski [Wed, 23 Aug 2023 07:47:57 +0000 (09:47 +0200)]
prereq: merge common cases in SetupHostCommand
Now that most cases do the same thing in SetupHostCommand, merge them
together into one. To allow moving the generic symlink check, invert the
check and let it check for relative links by matching on link targets
that do not start with a slash.
This then allows us to also drop the absolute link case, shortening the
case statement further.
This reorders the check to
* if it is not a symlink, do not change it
* if it is a symlink and it points to the found command, do not change it
* if it is a symlink with a relative path, do not change it
* else, update/replace it
Jonas Gorski [Wed, 16 Aug 2023 09:22:30 +0000 (11:22 +0200)]
prereq: make existing binary check work for sdk as well
To avoid replacing host built binaries with symlinks again, a check for
an appropriate stamp was added in 729909c07f ("prereq-build: do not
replace binaries with symlinks"). Unfortunately the stamp directory does
not exist in the SDK, so the fix was ineffective there.
This caused the packages builders to e.g. use the host tar again, which
in turn made the tarballs created different since it may lack
reproducibility fixes, or implement these differently, causing spurious
hash failures on source repository based packages.
Fix this by dropping the stamp dir check, and just check that the file
is usable.
Fixes: 729909c07f ("prereq-build: do not replace binaries with symlinks") Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit c1ef10c8d873254ce7c1f3019d821c4a87227474)
So far every build of a single bcm53xx Target Profile (it means: when
NOT using CONFIG_TARGET_MULTI_PROFILE) resulted in all target devices
images being built. Now it only builds the one matching selected
profile.
Fixes: #13572 Suggested-by: Jonas Gorski <jonas.gorski@gmail.com> Signed-off-by: Rani Hod <rani.hod@gmail.com>
[rmilecki: update commit subject + body & move PROFILES line] Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 802a5f5cb4a7b42d25e82b787d7ab1323a20183f)
Arınç ÜNAL [Thu, 10 Aug 2023 12:23:09 +0000 (15:23 +0300)]
bcm53xx: add support for ASUS RT-AC3100
ASUS RT-AC3100 is ASUS RT-AC88U without the external switch.
OpenWrt forum users effortless and ktmakwana have confirmed that there are
revisions with either 4366b1 or 4366c0 wireless chips.
Therefore, include firmware for 4366b1 along with 4366c0. This way, all
hardware revisions of the router will be supported by having brcmfmac use
the firmware file for the wireless chip it detects.
bcm53xx: add Wavlink Quantum DAX/WL-WN538A8 as alt name
As already documented in the wiki (https://openwrt.org/toh/wavlink/quantum_dax_wn538a8),
this router is based on the Phicomm K3. Just the flashing method is different
Hauke Mehrtens [Tue, 24 Oct 2023 20:42:19 +0000 (22:42 +0200)]
openssl: update to 3.0.12
Major changes between OpenSSL 3.0.11 and OpenSSL 3.0.12 [24 Oct 2023]
* Mitigate incorrect resize handling for symmetric cipher keys and IVs. (CVE-2023-5363)
Rani Hod [Fri, 20 Oct 2023 13:15:38 +0000 (16:15 +0300)]
ramips: TP-link archer A6/C6 device tree updates
Set correct GPIO (10) for the WPS button. This matches GPIO settings in
vendor GPL sources. Note that GPL sources also mention a USB indicator
LED (GPIO 13) but the device has neither an external USB port nor a USB LED.
In addition, prefixes (button-, led-) are added to relevant DT entries,
as well as color and function specifications for LEDs.
Closes: #13736 Reported-by: Waldemar Czabaj <kaball@wp.pl> Signed-off-by: Rani Hod <rani.hod@gmail.com>
(added led mitigations for wifi leds) Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit fe5e4987776ef66c6788f70251dcbc0ca80a1c5f)
CI: migrate each workflow to use reusable workflow from dedicated repo
Migrate each workflow to use reusable workflow from dedicated repo to
skip pushing CI related commits to openwrt and better track versioning
of CI workflow.
CI: label-kernel: support compile testing kernel version and all target
Add support to label-kernel for compiling testing kernel version and
check patches. To trigger this special build appent :testing to the
normal label.
Example:
- ci:kernel:ipq806x:generic:testing
Test will fail if the requested target doesn't have a defined kernel
testing version.
Also add support for testing all target and subtarget. To trigger this
some special pattern are added:
- ci:kernel:all:all
Trigger test for all target and subtarget
- ci:kernel:all:first
Trigger test for all target and the first subtarget in alphabetical
order for the target.
With these special case :testing can also be used and every target and
subtarget that supports kernel testing version will be selected:
- ci:kernel:all:all:testing
Trigger test for all target and subtarget that have a kernel testing
version defined.
- ci:kernel:all:first:testing
Trigger test for all target and the first subtarget in alphabetical
order for the target that, if they have a kernel testing version
defined.
Petr Štetiar [Fri, 26 May 2023 09:41:18 +0000 (11:41 +0200)]
ci: build: verify downloaded toolchain tarball
CDNs are known to ship outdated or corrupted files, if it unpacks
correctly, it necessarily doesn't mean, that we're using the desired
content. So lets fix it by checking the tarball as well.
I'm adding GPG checking explicitly, its not needed, but just double
checking, that everything is working as expected on build
infrastructure.
Add support for getting ccache cache from S3.
ccache is archieved in a tar and downloaded from S3 Cloud Storage.
For push events, ccache is then uplodaed back to S3 to refresh and have
a ccache cache always fresh.
An additional workflow is added to upload files to an S3 Cloud Storage
from artifacts uplodaed to github. The minio tool is used to upload
files to S3.
If the ccache can't be downloaded from s3, we fallback to github cache
system.
Also limit s3 upload to the openwrt repository since external fork won't
have (obviously) the required secrtes to upload data to the S3 Cloud
Storage.
CI: build: limit cache save/delete only on push events
Limit ccache cache save/delete only on push events. Saving ccache
cache for pull request will result in bloat and refreshing ccache is not
possible due to security measure on enforcing read permission on
pull_request events.
CCache cache is currently broken due to a funny bug in ccache compiler
type detection. It seems ccache compiler type detection is very fragile
and with the use of external toolchain doesn't correctly detect the
type.
The type detected is set to other instead of gcc resulting in ccache
complaining for unsupported compiler options.
To handle this problem, force the compiler type to gcc to make ccache
correctly work and speedup compilation.
CI: build: add option to define custom ccache cache type
Add new input to define custom ccache cache type. This is useful to use
a different ccache cache for some special workflow that may do more test
than simple kernel compilation.
Add option to disable use of ccache. This can be useful for some
sensible test that should not use ccache as they can cause side effects
of any sort. (example Coverity Scan)
CI: build: add job to remove previous ccache cache if already exist
Github Actions cache doesn't permit to overwrite cache if it does
already exist. As a trick to refresh and have fresh ccache pool,
delete the ccache cache if it does exist with the help of Github REST
API. An additional permission is needed to access this API. Add this
permittion to each user of the build workflow.
CI: build: split cache ccache in separate restore and save jobs
Split caching ccache in separate restore and save jobs to always refresh
the ccache across different runs. Currently if a key is restored, cache
is not saved resulting in a less useful ccache that benefits from
multiple runs.
Due to problem with migrating from master to main as the default branch
and downstream project still requiring the master branch to be present,
we currently have for push events double CI runs, one for main and one
for master. To solve this ignore any push event to the master branch for
every workflow that react on push events.
CI: build: drop redundant generate ccache hash job
Drop redundant generare ccache hash job as that can be done by
integrated github expressions to generate an hash.
The only change is that the integrated way generate a sha256 hash
instead of an md5 sum.
There are still some problems with the GSWIP, but it is not leaking
packets to the wrong bridge in normal operations.
It shows some error messages at configuration like these:
[ 54.308861] gswip 1e108000.switch: port 5 failed to add ce:9d:84:d1:81:f0 vid 1 to fdb: -22
[ 54.325633] gswip 1e108000.switch: port 5 failed to add e8:de:27:95:c1:b4 vid 0 to fdb: -22
[ 54.351242] gswip 1e108000.switch: port 5 failed to add e8:de:27:95:c1:b4 vid 1 to fdb: -22
[ 54.358311] gswip 1e108000.switch: port 5 failed to delete ce:9d:84:d1:81:f0 vid 1 from fdb: -2
The problems are described in this pull request:
https://github.com/openwrt/openwrt/pull/13200
prepend-dtb got extended to handle the Meraki devices too,
the problem here was that the Netgear WNDR4700 expects an
u-boot header in front of the DTB, whereas Meraki devices
don't.
Since the header was dropped, the WNDR4700's uboot started
to complain:
Bad Magic Number,it is forbidden to be written to flash!!
when flashing the factory.img since it expects an u-boot
header there.
Fixes: 5dece2d9355a ("apm821xx: switch over from DTB_SIZE to DEVICE_DTC_FLAGS") Fixes: #13716 Reported-by: @kisgezenguz Reported-by: Tamas Szabo Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit d6a11833ad67c33ad10dadf396f6c30bb44ef30f)
ipq40xx: wpj428: switch to zimage to fit kernel partition
Like with some other ipq40xx devices, the kernel image size for the WPJ428
is limited in stock u-boot. For that reason, the current release doesn't
include an image for the board.
By switching to the zImage format, the kernel image size is reduced which
re-enables the build process. The image boots and behaved normally through
a few days of testing.
Before the switch to kernel version 6.1, it was possible to reduce the
image size by enough when disabling UBIFS and its otherwise unneeded
dependencies.
ipq40xx: switch to performance governor by default
Doing a simple ping to my device shows this:
64 bytes from 10.0.253.101: icmp_seq=1 ttl=64 time=2.00 ms
64 bytes from 10.0.253.101: icmp_seq=2 ttl=64 time=2.02 ms
64 bytes from 10.0.253.101: icmp_seq=3 ttl=64 time=1.68 ms
64 bytes from 10.0.253.101: icmp_seq=4 ttl=64 time=1.91 ms
64 bytes from 10.0.253.101: icmp_seq=5 ttl=64 time=1.92 ms
64 bytes from 10.0.253.101: icmp_seq=6 ttl=64 time=2.04 ms
Some users even report higher values on older kernels:
64 bytes from 192.168.1.10: seq=0 ttl=64 time=0.612 ms
64 bytes from 192.168.1.10: seq=1 ttl=64 time=2.852 ms
64 bytes from 192.168.1.10: seq=2 ttl=64 time=2.719 ms
64 bytes from 192.168.1.10: seq=3 ttl=64 time=2.741 ms
64 bytes from 192.168.1.10: seq=4 ttl=64 time=2.808 ms
The problem is that the governor is set to Ondemand, which causes
the CPU to clock all the way down to 48MHz in some cases.
Switching to performance governor:
64 bytes from 10.0.253.101: icmp_seq=1 ttl=64 time=0.528 ms
64 bytes from 10.0.253.101: icmp_seq=2 ttl=64 time=0.561 ms
64 bytes from 10.0.253.101: icmp_seq=3 ttl=64 time=0.633 ms
64 bytes from 10.0.253.101: icmp_seq=4 ttl=64 time=0.526 ms
In theory, using the Performance governor should increase power draw,
but it looks like it really does not matter for this soc.
Using a calibrated precision DC power supply (cpu idle):
The ucidef_set_network_device_* functions in uci-defaults.sh disagree
on whether to use "network-device" or "network_device" in board.json.
With the additional caveat that jshn will translate hyphens (-) into
underscores (_). This casues problems in netifd which expected
"network_device" causing boards which depend on assigning MACs in
board.json via uci-defaults.sh (or jshn in general) to fail.
This commit addresses the issue by using network_device in
uci-defaults.sh.
The bug was uncovered in the forums here:
https://forum.openwrt.org/t/support-for-rtl838x-based-managed-switches/57875/2596
This was exposed by commit 4ebba8a05d09 ("realtek: add support for HPE
1920-8g-poe+") where the board_config_load call from 03_gpio introduced
the key normalization by jshn.
Fixes: 9290539ca9c7 ("base-files: allow setting device and bridge macs") Tested-by: Stijn Segers <foss@volatilesystems.org> Signed-off-by: Michael 'ASAP' Weinrich <michael@a5ap.net>
[ improve commit title, description and fix wrong Tested-by tag ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 12bc79d6d521581e37a8b067ce8a562429aeefbd)
Copy configuration to boot partition (partition 1) instead of root
partition (partition 2) because the root partition is not writable if
it's a suqashfs image.
Move configuration back to root during preinit.
Fixes: https://github.com/openwrt/openwrt/issues/13695 Signed-off-by: Christian Buschau <cbuschau@d00t.de>
(cherry picked from commit 67ce60c5f961c4248fa108cd0f949e2bade4536e)
Bjørn Mork [Sun, 15 Oct 2023 17:28:51 +0000 (19:28 +0200)]
ramips: fix ZyXEL NR7101 bricking typo
A typo snuck in with the addition of Cudy M1800, changing
"nr7101" to "nt7101". The result is a default network config
for NR7101 without the only ethernet interface on the NR7101,
thereby soft bricking it.
Fixes: f6d394e9f2fd ("ramips: add support for Cudy M1800") Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 2e57028424d0e914490a80178cd729adb17ba09b)
projects / thirdparty / openwrt.git / log
