Removed because they are upstream:
mediatek/patches-5.15/702-v5.17-net-mdio-add-helpers-to-extract-clause-45-regad-and-.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=a03c3a34692f8400a85ec1cc2b058c6880bb7e7b
Jordan Woyak [Tue, 26 Mar 2024 01:56:06 +0000 (20:56 -0500)]
config: Enable ext4 journaling by default.
Not having a journal by default is a major "gotcha".
Because openwrt does not fsck on boot, a power loss without journaling
can result in a dirty filesystem that openwrt will mount as read-only
which requires intervention to restore the router to working order.
This contains a fix for:
CVE-2024-28960: An issue was discovered in Mbed TLS 2.18.0 through 2.28.x
before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto
API mishandles shared memory.
Thomas Winkler [Fri, 10 Nov 2023 21:48:59 +0000 (22:48 +0100)]
base-files: fix uid/gid auto-enumeration to avoid 16-bit limit
uid/gid range should be limited to 16bit unsigned integer range to
avoid "wraparound" issues with permissions where jffs2
is employed for storage and chown 65536 (first auto-created user)
becomes equivalent to chown 0
Hauke Mehrtens [Fri, 31 May 2024 12:39:51 +0000 (14:39 +0200)]
tegra: Activate CONFIG_SND_DRIVERS
The option CONFIG_SND_DRIVERS is activated by default in the generic
configuration, do not deactivate it for tegra. This fixes the build of
the kmod-sound-dummy package on tegra.
Daniel Golle [Mon, 10 Jun 2024 22:39:36 +0000 (23:39 +0100)]
mt76: mt7996: select required kernel and hostap options
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).
* New upstream microcode datafile 20240514
* Mitigations for INTEL-SA-01051 (CVE-2023-45733)
Hardware logic contains race conditions in some Intel Processors may
allow an authenticated user to potentially enable partial information
disclosure via local access.
* Mitigations for INTEL-SA-01052 (CVE-2023-46103)
Sequence of processor instructions leads to unexpected behavior in
Intel Core Ultra Processors may allow an authenticated user to
potentially enable denial of service via local access.
* Mitigations for INTEL-SA-01036 (CVE-2023-45745, CVE-2023-47855)
Improper input validation in some Intel TDX module software before
version 1.5.05.46.698 may allow a privileged user to potentially enable
escalation of privilege via local access.
* Fix for unspecified functional issues on 4th gen and 5th gen Xeon
Scalable, 12th, 13th and 14th gen Intel Core processors, as well as for
Core i3 N-series processors.
* Updated microcodes:
sig 0x000806f8, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0, size 581632
sig 0x000806f7, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f6, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f5, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f4, pf_mask 0x87, 2024-02-05, rev 0x2b0005c0
sig 0x000806f8, pf_mask 0x10, 2024-02-05, rev 0x2c000390, size 614400
sig 0x000806f6, pf_mask 0x10, 2024-02-05, rev 0x2c000390
sig 0x000806f5, pf_mask 0x10, 2024-02-05, rev 0x2c000390
sig 0x000806f4, pf_mask 0x10, 2024-02-05, rev 0x2c000390
sig 0x00090672, pf_mask 0x07, 2023-12-05, rev 0x0035, size 224256
sig 0x00090675, pf_mask 0x07, 2023-12-05, rev 0x0035
sig 0x000b06f2, pf_mask 0x07, 2023-12-05, rev 0x0035
sig 0x000b06f5, pf_mask 0x07, 2023-12-05, rev 0x0035
sig 0x000906a3, pf_mask 0x80, 2023-12-05, rev 0x0433, size 222208
sig 0x000906a4, pf_mask 0x80, 2023-12-05, rev 0x0433
sig 0x000906a4, pf_mask 0x40, 2023-12-07, rev 0x0007, size 119808
sig 0x000b0671, pf_mask 0x32, 2024-01-25, rev 0x0123, size 215040
sig 0x000b06e0, pf_mask 0x11, 2023-12-07, rev 0x0017, size 138240
sig 0x000c06f2, pf_mask 0x87, 2024-02-05, rev 0x21000230, size 552960
sig 0x000c06f1, pf_mask 0x87, 2024-02-05, rev 0x21000230
* source: update symlinks to reflect id of the latest release, 20240514
-- Henrique de Moraes Holschuh <hmh@debian.org> Thu, 16 May 2024 21:40:52 -0300
Hauke Mehrtens [Sat, 29 Jun 2024 15:54:49 +0000 (17:54 +0200)]
kernel: Fix kmod-lib-lz4 packaging
The kernel provides two variants of the lz4 compression a normal version
and a high compression mode version. The old kmod-lib-lz4 package
contained the normal version plus one part of the lz4hc version. There
was already code which selected the kmod-lib-lz4hc package which did
not exists.
I split this into 3 packages. kmod-lib-lz4 and kmod-lib-lz4hc for the
normal the and high compression algorithm which contain the specific
code and the kmod-lib-lz4-decompress which contains the common
decompressor.
Hauke Mehrtens [Sat, 29 Jun 2024 15:24:09 +0000 (17:24 +0200)]
kernel: Extract kmod-nf-dup-inet
The nf_dup_ipv4.ko and nf_dup_ipv6.ko kernel module were packaged by
kmod-ipt-tee and kmod-nft-dup-inet at the same time. Extract them into a
separate package used by both.
This fixes WARN_ONs when using AP_VLANs after station removal. The flush
call passed AP_VLAN vif to driver, but because these vifs are virtual and
not registered with drivers, we need to translate to the correct AP vif
first.
Flash instructions:
1. Connect to the router using ssh or telnet,
username: useradmin, password is the web
login password of the router.
2. Use scp to upload bl31-uboot.fip and flash:
"mtd write xxx-preloader.bin spi0.0"
"mtd write xxx-bl31-uboot.fip FIP"
"mtd erase ubi"
3. Connect to the router via the Lan port,
set a static ip of your PC.
(ip 192.168.1.254, gateway 192.168.1.1)
4. Download initramfs image, reboot router,
waiting for tftp recovery to complete.
5. After openwrt boots up, perform sysupgrade.
Note:
1. Back up all mtd partitions before flashing.
Flash instructions:
1. Download and flash the vendor migration firmware via webUI:
https://firmware.download.immortalwrt.eu.org/cnsztl/mediatek/filogic/openwrt-mediatek-mt7986-jdcloud_re-cp-03-vendor-migration.bin
(Default address is 192.168.68.1, user root, no password)
2. After device has booted up, write new GPT table:
dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-gpt.bin of=/dev/mmcblk0 bs=512 seek=0 count=34 conv=fsync
3. Erase and write new BL2:
echo 0 > /sys/block/mmcblk0boot0/force_ro
dd if=/dev/zero of=/dev/mmcblk0boot0 bs=512 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-preloader.bin of=/dev/mmcblk0boot0 bs=512 conv=fsync
4. Erase and write new FIP:
dd if=/dev/zero of=/dev/mmcblk0 bs=512 seek=13312 count=8192 conv=fsync
dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-bl31-uboot.fip of=/dev/mmcblk0 bs=512 seek=13312 conv=fsync
5. Set static IP on your PC:
IP 192.168.1.254/24, GW 192.168.1.1
6. Serve OpenWrt initramfs image using TFTP server.
7. Cut off the power and re-engage, wait for TFTP recovery to complete.
8. After OpenWrt has booted, perform sysupgrade.
9. Additionally, if you want to have eMMC recovery boot feature:
(Don't worry! You will always have TFTP recovery boot feature.)
dd if=openwrt-mediatek-filogic-jdcloud_re-cp-03-initramfs-recovery.itb of=/dev/mmcblk0p4 bs=512 conv=fsync
Luis Mita [Thu, 6 Jun 2024 20:43:19 +0000 (16:43 -0400)]
ramips: mt76x8: sync Cudy TR1200 v1 naming
Cudy assigns hardware versions to its devices on its website, and
the Cudy TR1200 router is now Cudy TR1200 v1.
OpenWrt currently uses both variants, and this commit removes
inconsistencies using only the new name.
Installation:
The installation must be done via TFTP by disassembling the router.
On other occasions Cudy has distributed intermediate firmware to make
installation easier, and so I recommend checking the Wiki for this
device if there is a more convenient solution than the one below.
To install using TFTP:
1. Upgrade to a beta firmware (signed by Cudy) that can be downloaded
from the wiki. This is required in order to use an unlocked u-boot.
2. Connect to UART.
3. While the router is turning on, press 1.
4. Connect to LAN and set your IP to 192.168.1.88/24. Configure a TFTP
server and an OpenWrt initramfs-kernel.bin firmware file as recovery.bin.
5. Press Enter three times. Verify the filename.
6. If you can reach LuCI or SSH now, just use the sysupgrade image with
the 'Keep settings' option turned off.
If you don't want to use the beta firmware nor the unlocked u-boot, you
can install the firmware writing the sysupgrade image on the firmware
partition of the SPI flash.
Hauke Mehrtens [Thu, 27 Jun 2024 23:32:46 +0000 (01:32 +0200)]
mac80211: Update to version 6.1.97-1
This updates mac80211 to version 6.1.97-1. This code is based on Linux
6.1.97 and contains all fixes included in the upstream wireless
subsystem from that kernel version. This includes many bugfixes and also
some security fixes.
The removed patches are already integrated in upstream Linux 6.1.97 or
in backports.
The following patches were integrated in upstream Linux:
ath11k/0013-wifi-ath11k-synchronize-ath11k_mac_he_gi_to_nl80211_.patch
ath11k/0035-wifi-ath11k-Use-platform_get_irq-to-get-the-interrup.patch
ath11k/0036-wifi-ath11k-fix-SAC-bug-on-peer-addition-with-sta-ba.patch
ath11k/0047-wifi-ath11k-fix-deinitialization-of-firmware-resourc.patch
ath11k/0053-wifi-ath11k-fix-writing-to-unintended-memory-region.patch
ath11k/0060-wifi-ath11k-Ignore-frags-from-uninitialized-peer-in-.patch
ath11k/0065-wifi-ath11k-fix-tx-status-reporting-in-encap-offload.patch
ath11k/0067-wifi-ath11k-Fix-SKB-corruption-in-REO-destination-ri.patch
ath11k/0069-wifi-ath11k-fix-registration-of-6Ghz-only-phy-withou.patch
ath11k/0080-wifi-ath11k-add-support-default-regdb-while-searchin.patch
ath11k/0085-wifi-ath11k-fix-memory-leak-in-WMI-firmware-stats.patch
ath11k/0086-wifi-ath11k-Add-missing-check-for-ioremap.patch
ath11k/0096-wifi-ath11k-fix-boot-failure-with-one-MSI-vector.patch
subsys/337-wifi-mac80211-fix-race-condition-on-enabling-fast-xm.patch
The following patches were integrated in upstream backports:
ath11k/901-wifi-ath11k-pci-fix-compilation-in-5.16-and-older.patch
build/080-resv_start_op.patch
build/110-backport_napi_build_skb.patch
The following files are missing in backports, we do not have to remove
them any more. Some were already missing before some were removed in
this update:
include/linux/cordic.h
include/linux/crc8.h
include/linux/eeprom_93cx6.h
include/linux/wl12xx.h
include/net/ieee80211.h
backport-include/linux/bcm47xx_nvram.h
include/linux/ath9k_platform.h
include/net/bluetooth/
backports ships a dummy Mediatek wed header for older kernel versions.
We backported the feature in our kernel, remove the dummy header:
backport-include/linux/soc/mediatek/mtk_wed.h
Remove header files for subsystems used form the mainline kernel:
include/trace/events/qrtr.h
include/net/rsi_91x.h
backport-include/linux/platform_data/brcmnand.h
Update the nl80211.h file in iw with the version from backports.
The files were out of sync already before the mac80211 update. If iw set
the NL80211_ATTR_WIPHY_ANTENNA_GAIN attribute the kernel assumed it set
the NL80211_ATTR_PUNCT_BITMAP attribute because the id was the same.
Lu jicong [Tue, 2 Jul 2024 13:01:49 +0000 (21:01 +0800)]
target.mk: fix arm architecture level detection
Now kernel configs of armv6k CPUs don't include CONFIG_CPU_V6.
So armv6k CPUs cannot be detected as arm_v6.
Fix this by adding detection for CONFIG_CPU_V6K.
Mathew McBride [Tue, 28 May 2024 23:09:17 +0000 (09:09 +1000)]
armsr: add realtek and smsc ethernet phy drivers to the default image
This adds two more common PHY brands to the image.
Realtek is used on the Google Coral "Phanbell" board (i.MX8MQ).
SMSC has been used on various Raspberry Pi boards.
armsr: armv8: enable serial console for Renesas platforms
Support for Renesas Arm families was added in commit 1ff4f4df2301
("armsr: armv8: enable CONFIG_ARCH_RENESAS"), but this did not
enable the console/tty hardware for these SoCs, which is derived
from the SuperH family (CONFIG_SERIAL_SH_SCI).
Roland Reinl [Sun, 12 Nov 2023 18:04:32 +0000 (19:04 +0100)]
mediatek: Add support for D-Link EAGLE PRO AI R32
R32 is like the M32 part of the EAGLE PRO AI series from D-Link.
Specification:
- MT7622BV SoC with 2.4GHz wifi
- MT7975AN + MT7915AN for 5GHz
- MT7531BE Switch
- 512MB RAM
- 128 MB flash
- 2 LEDs (Status and Internet, both can be either orange or white)
- 2 buttons (WPS and Reset)
Compared to M32, the R32 has the following differences:
- 4 LAN ports instead of 2
- The recory image starts with DLK6E6015001 instaed of DLK6E6010001
- Individual LEDs for power and internet
- MAC address is stored at another offset in the ODM partition
MAC addresses:
- WAN MAC is stored in partition "Odm" at offset 0x81
- LAN (as printed on the device) is WAN MAC + 1
- WLAN MAC (2.4 GHz) is WAN MAC + 2
- WLAN MAC (5GHz) is WAN MAC + 3
Flashing via Recovery Web Interface:
- Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
- Press the reset button while powering on the deivce
- Keep the reset button pressed until the internet LED blinks fast
- Open a Chromium based and goto http://192.168.0.1
- Download openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-recovery.bin
Flashing via uBoot:
- Open the case, connect to the UART console
- Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-initramfs-kernel.bin.
- You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
- Power on the device and select "1. System Load Linux to SDRAM via TFTP." in the boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to RAM will start. After a few seconds OpenWrt initramfs should start
- The initramfs is accessible via 192.168.1.1, change your IP address accordingly (or use multiple IP addresses on your interface)
- Create a backup of the Kernel1 partition, this file is required if a revert to stock should be done later
- Perform a sysupgrade using openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-squashfs-sysupgrade.bin
- Reboot the device. OpenWrt should start from flash now
Revert back to stock using the Recovery Web Interface:
- Set your IP address to 192.168.0.10, subnetmask 255.255.255.0
- Press the reset button while powering on the deivce
- Keep the reset button pressed until the internet LED blinks fast
- Open a Chromium based and goto http://192.168.0.1
- Flash a decrypted firmware image from D-Link. Decrypting an firmware image is described below.
Decrypting a D-Link firmware image:
- Download https://github.com/RolandoMagico/firmware-utils/blob/M32/src/m32-firmware-util.c
- Compile a binary from the downloaded file, e.g. gcc m32-firmware-util.c -lcrypto -o m32-firmware-util
- Run ./m32-firmware-util R32 --DecryptFactoryImage <OriginalFirmware> <OutputFile>
- Example for firmware R32A1_FW103B01: ./m32-firmware-util R32 --DecryptFactoryImage R32A1_FW103B01.bin R32A1_FW103B01.decrypted.bin
Revert back to stock using uBoot:
- Open the case, connect to the UART console
- Set your IP address to 10.10.10.3, subnet mask 255.255.255.0. Connect to one of the LAN interfaces of the router
- Run a tftp server which provides the previously created backup of the Kernel1 partition.
- You can rename the file to iverson_uImage (no extension), then you don't have to enter the whole file name in uboot later.
- Power on the device and select "2. System Load Linux Kernel then write to Flash via TFTP." in the boot menu
- Enter image file, tftp server IP and device IP (if they differ from the default).
- TFTP download to FLASH will start. After a few seconds the stock firmware should start again
There is also an image openwrt-mediatek-mt7622-dlink_eagle-pro-ai-r32-a1-squashfs-tftp.bin which can directly be flashed via U-Boot and TFTP.
It can be used if no backup of the Kernel1 partition is reuqired.
Flahsing via OEM web interface is currently not possible, the OEM images are encrypted. Creating images is only possible manually at the moment.
The support for the M32/R32 already includes support for flashing from the OEM web interface:
- The device tree contains both partitions (Kernel1 and Kernel2) with conditions to select the correct one based on the kernel command line
- The U-Boot variable "boot_part" is set accordingly during startup to finish the partition swap after flashing from the OEM web interface
- OpenWrt sysupgrade flashing always uses the partition where it was initially flashed to (no partition swap)
cpe:/a:selinuxproject:secilc is not a correct CPE ID for secilc:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:selinuxproject:secilc
cpe:/a:dropbear_ssh_project:dropbear_ssh is the correct CPE ID for dropbear:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:dropbear_ssh_project:dropbear_ssh
cpe:/a:nasm:netwide_assembler is the correct CPE ID for nasm:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:nasm:netwide_assembler
Sean Khan [Sun, 9 Jun 2024 01:02:30 +0000 (21:02 -0400)]
openssl: conditionally disable engine section
Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.
```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl 307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory 307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152: 307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines 307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```
Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.
John Audia [Wed, 5 Jun 2024 19:55:29 +0000 (15:55 -0400)]
openssl: update to 3.0.14
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]
* Fixed potential use after free after SSL_free_buffers() is called.
[CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
[CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
unbounded memory growth when processing TLSv1.3 sessions. An attacker may
exploit certain server configurations to trigger unbounded memory growth that
would lead to a Denial of Service. [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
is registered when libcrypto is unloaded. This can be used on platforms
where using atexit() from shared libraries causes crashes on exit
Signed-off-by: John Audia <therealgraysky@proton.me>
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
This fixes multiple security problems:
* [High] CVE-2024-0901 Potential denial of service and out of bounds
read. Affects TLS 1.3 on the server side when accepting a connection
from a malicious TLS 1.3 client. If using TLS 1.3 on the server side
it is recommended to update the version of wolfSSL used.
* [Med] CVE-2024-1545 Fault Injection vulnerability in
RsaPrivateDecryption function that potentially allows an attacker
that has access to the same system with a victims process to perform
a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin
Zhang, Qingni Shen for the report (Peking University, The University
of Western Australia)."
* [Med] Fault injection attack with EdDSA signature operations. This
affects ed25519 sign operations where the system could be susceptible
to Rowhammer attacks. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang,
Qingni Shen for the report (Peking University, The University of
Western Australia).
Gain SSH access:
1. Login into web interface (http://apipaddress/computer/login.html),
and download the
configuration(http://apipaddress/computer/config.html).
2. Rename downloaded backup config - 'backup.file to backup.tar.gz',
Enter 'fakeroot' command then decompress the configuration:
tar -zxf backup.tar.gz
3. Edit 'etc/shadow', update (remove) root password:
With password =
'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
'root:$1$xf7D0Hfg$5gkjmvgQe4qJbe1fi/VLy1:19362:0:99999:7:::'
to
Without password =
'root::0:99999:7:::'
'root::0:99999:7:::'
4. Repack 'etc' directory back to a new backup file:
tar -zcf backup-ssh.tar.gz etc/
5. Rename new config tar.gz file to 'backup-ssh.file'
Exit fakeroot - 'exit'
6. Upload new configuration via web interface, now you
can SSH with the following:
I was able to SSH into the stock firmware of my device.
1. Attach the router to the network
2. Use scp (-O) to copy the sysupgrade image
3. Connect using SSH and run `sysupgrade -n`
Option #2 - U-Boot
One way to use the bootloader for flashing is using TFTP:
1. Connect to the router using an ethernet cable
2 Spin up a TFTP server serving the sysupgrade file
3. Open the case and attach a UART
4. Attach power to the router and interrupt the countdown by pressing
any key
5. Select option #2 (Upgrade firmware)
6. Enter IP address information and image name
7. Wait patiently
Co-Authored-By: Enrique Rodríguez Valencia <enrique.rodriguez@galgus.net> Co-Authored-By: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
(cherry picked from commit b4086f44cd8a739458a0fd12cfaf684515507614)
Daniel Golle [Fri, 17 Nov 2023 02:25:09 +0000 (02:25 +0000)]
mediatek: add support for Adtran SmartRG Bonanza Peak series
The Bonanza Peak series are a couple of MT7986-powered 2.5 GBit/s
Wi-Fi 6 residential gateway, access point and mesh router products.
All of them come with an eMMC to boot from, are powered via USB-C and
got a USB 3.0 type-A port. All of them got a Dialog (Renesas) DA14531
Bluetooth module connected via UART. If the device was previously
running stock firmware, the BT chip's internal flash has been loaded
with firmware and it can be attached using hciattach when using
OpenWrt.
* SDG-8612 - Dual-band RJ-45 gateway
2x 2.5G MaxLinear PHY for WAN port
3x 1GE LAN ports via MT7531 switch
* SDG-8614 - Dual-band SFP gateway
1x SFP cage with up to 2.5G speed
1x 2.5G MaxLinear PHY for LAN port
3x 1GE LAN ports via MT7531 switch
* SDG-8622 - Tri-band mesh router
2x 2.5G MaxLinear PHY
The MT7986 2G and 5G are used as 2G and 5G high band.
There’s a MT7915 PCIe card for 5G low band.
* SDG-8632 - Tri-band mesh router with 6 GHz
2x 2.5G MaxLinear PHY
The MT7986 serves the 2G and 6G bands.
There’s a MT7915 PCIe card for 5G.
Installation via U-Boot serial console:
0. setup TFTP server with IP 192.168.1.10/24, place initramfs image
renamed to openwrt.XXX where XXX is the internal product number:
SDG-8612: XXX = 412
SDG-8614: XXX = 414
SDG-8622: XXX = 422
SDG-8632: XXX = 432
1. connect to the serial console and power on the device.
Interrupt the bootloader by pressing 'st'
2. setenv boot_mode openwrt ; saveenv
3. run boot1
Load firmware via TFTP and write to flash
4. run boot2
Now OpenWrt initramfs should boot
5. upload sysupgrade.bin via scp to /tmp
6. sysupgrade
No. of Antennas: 6
Note: Upon opening the router, only 5 antennas were connected
to the mainboard.
Led Layout:
Power-Mesh-5gwifi-WAN-LAN3-LAN2-LAN1-2gWiFi
Buttons:
Reset-Mesh
Installation:
A. Through OpenWrt Dashboard:
If your router comes with OpenWrt preinstalled (modified by the seller),
you can easily upgrade by going to the dashboard (192.168.1.1) and then
navigate to System -> Backup/Flash firmware, then flash the firmware
B. Through TFTP
Standard installation via UART:
1. Connect USB Serial Adapter to the UART, (NOTE: Don't connect the VCC pin).
2. Power on the router. Make sure that you can access your router via UART.
3. Restart the router then repeatedly press ctrl + c to skip default boot.
4. Type > bootmenu
5. Press '2' to select upgrade firmware
6. Press 'Y' on 'Run image after upgrading?'
7. Press '0' and hit 'enter' to select TFTP client (default)
8. Fill the U-Boot's IP address and TFTP server's IP address.
9. Finally, enter the 'firmware' filename.
Daniel Golle [Fri, 17 Nov 2023 00:02:05 +0000 (00:02 +0000)]
base-files: add mmc_get_mac_ascii function
Similar to the *_get_mac_binary function, also split the common parts
off mtd_get_mac_ascii into new get_mac_ascii function and introduce
mmc_get_mac_ascii which uses it.
Hauke Mehrtens [Sun, 26 May 2024 11:47:33 +0000 (13:47 +0200)]
kernel: bump 5.15 to 5.15.159
Removed because they are upstream:
generic/pending-5.15/778-net-l2tp-drop-flow-hash-on-forward.patch
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=linux-5.15.y&id=e97e0051056b6dbcc43ae1862dcfcb05d06517c3
The EnGenius EAP1300 and EAP1300EXT use identical boards and firmware
(as flashed) from the vendor.
As with the EAP1300, the EAP1300EXT requires a specific firmware version
to flash OpenWRT. Unfortunately, the required firmware is truncated on
the vendor's website.
David Bauer [Thu, 27 Jun 2024 20:58:56 +0000 (22:58 +0200)]
hostapd: don't ignore probe-requests with invalid DSSS params
Don't ignore probe requests which contain an invalid DS parameter for the
current operating channel.
As the comment outlines, the drop shall only apply if
dot11RadioMeasurementActivated is set to 1.
However, it was observed Linux clients (Debian 12 / NixOS 23.11)
with an Intel 8265 NIC may generate a probe request frame with
dot11RadioMeasurementActivated set to false and an invalid DSSS
parameter.
These were also dropped even though they should not have been. They
however should not have contained this parameter in the first place.
Don't drop Probe Requests which contain such an invalid field. This may
lead to more probe responses being sent, however it does fix very
frequent connection issues for these clients on 2.4 GHz.
Daniel Golle [Tue, 25 Jun 2024 19:40:59 +0000 (20:40 +0100)]
ramips: yuncore_g720: fix buttons
Turns out the device got two buttons, while the currently listed on is
actually WPS, and the other (will hidden) button is intended as RESET.
Update DT accordingly.
Roman Azarenko [Tue, 4 Jun 2024 16:00:03 +0000 (18:00 +0200)]
build: add explicit timezone in CycloneDX SBOM
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Per the CycloneDX 1.4 spec, the `metadata.timestamp` field contains
the date/time when the BOM was created [1].
Before the change, the value generated by the package-metadata.pl
script would look like this:
2024-06-03T15:51:10
CycloneDX 1.4 relies on the JSON Schema specification version draft-07,
which defines the `date-time` format [2] as derived from RFC 3339,
section 5.6 [3]. In this format, the `time-offset` component is required,
however in the original version of package-metadata.pl it is omitted.
This is causing problems with OWASP Dependency-Track version 4.11.0 or
newer, where it now validates submitted SBOMs against the JSON schema
by default [4]. SBOMs with incorrect timestamp values are rejected with
the following error:
{
"detail": "Schema validation failed",
"errors": [
"$.metadata.timestamp: 2024-06-03T15:51:10 is an invalid date-time"
],
"status": 400,
"title": "The uploaded BOM is invalid"
}
Add explicit `Z` (UTC) timezone offset in the `timestamp` field
to satisfy the CycloneDX schema.
Felix Fietkau [Thu, 16 May 2024 20:15:08 +0000 (22:15 +0200)]
mt76: update to Git HEAD (2024-03-18)
a903d3169193 wifi: mt76: mt7921: fix a potential association failure upon resuming eb0d0ce344f3 wifi: mt76: mt7921: fix suspend issue on MediaTek COB platform 841bf82e9958 wifi: mt76: fix the issue of missing txpwr settings from ch153 to ch177 ce7ccc540168 wifi: mt76: Remove redundant assignment to variable tidno a238df940d6f wifi: mt76: mt7915: initialize rssi on adding stations 46c7d1849dbd wifi: mt76: replace skb_put with skb_put_zero b5640b3153c7 wifi: mt76: fix tx packet loss when scanning on DBDC 7b054e5cb3af wifi: mt76: mt7915: fix mcu command format for mt7915 tx stats 3f27a64a8010 wifi: mt76: mt7915: fix bogus Tx/Rx airtime duration values 4f681a8fbc91 wifi: mt76: mt7915: fix HE PHY capabilities IE for station mode 8ede229eb8b5 wifi: mt76: mt7915: only set MT76_MCU_RESET for the main phy 2330781b8c5f wifi: mt76: mt7996: only set MT76_MCU_RESET for the main phy e5fb6995e7eb wifi: mt76: mt7915: add support for disabling in-band discovery b4a917417c85 wifi: mt76: mt7915: add mt7986, mt7916 and mt7981 pre-calibration 2135e201e7a9 mt76: mt7915: add fallback in case of missing precal data
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 85ad6b9569683d6cc5808d1797af7de0e781aa1d) Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
David Bauer [Sun, 9 Jun 2024 17:34:46 +0000 (19:34 +0200)]
mpc85xx: fix WS-AP3710i boot
On master, the bootwrapper link-address for all simpleImage targets was
relocated to 0x15000000 due to growing kernel size.
This was not done on OpenWrt 23.05, as the decompressed kernel still
fits. However, with the wrapper for the WS-AP3710i, the bootloader
attempts execute in-place with the uImage load-address of 0x1000000. As
the image is compiled without the uImage header in mind, this naturally
fails.
In order to fix this, link the WS-AP3715i simpleImage at 0x15000000 as
done in master. This will force the bootloader to relocate the code to
the proper address and skip XIP.
David Bauer [Fri, 7 Jun 2024 17:23:56 +0000 (19:23 +0200)]
ipq40xx: fix broken image generation for EX6150v2
All NETGEAR EX6150v2 validate the rootfs for which OpenWrt places a
fakeheader at the position, where the bootloader expects it.
Some EX6150v2 bootloaders do however make a broken assumption about
where the rootfs starts. This is due to them calculating the rootfs
start not based upon the kernel-length but the string-offset of the
FIT-image.
We have to be compatible with both this broken as well as the valid
calculation. So we do relocate the FDT string section to a
block-boundary and enlarge the FIT image to end at this boundary +
BLOCKSIZE / 2. This way, both the broken as well as correct calculations
do expect the rootfs-header at the same position.
It is worth noting, that this is a rare edge-case in which only happens
if the image-length as well as the start of the string-section are not
placed in the same erase-block. This is an edge-case which happens very
rarely (thus it was not spotted prior).
You can download the required U-Boot from this repository:
https://github.com/blocktrron/u-boot-msm/releases
Preparation
===========
Prepare a TFTP server serving two files:
- U-Boot NAND image as `msm460-uboot.bin`.
- OpenWrt factory image as `msm460-factory.bin`
- Command-file names `commands.tftp`
You can start a TFTP server in the current directory using dnsmasq:
```bash
sudo dnsmasq --no-daemon --listen-address=0.0.0.0 \
--port=0 --enable-tftp=enxd0 --tftp-root="$(pwd)" \
--user=root --group=root
```
Replace `enxd0` with the name of your network interface.
Procedure
=========
1. Assign yourself the IP-Address 192.168.1.66/24.
3. Connect the Router to the PC while keeping the reset button
pressed.
4. The LEDs will eventually begin to flash.
They will start to flash faster after around 15 seconds.
5. Release the reset button.
6. Start a new shell
7. Make sure you are currently in the directory where the tftp server
is located.
8. Run the following command:
```bash
tftp 192.168.1.1 -m binary -c put commands.tftp nflashd.cccc9999
```
You get the message "Transfer timed out."
To find out if you have been successful, please check the
blinking LED Pattern.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit af329ec38980e2f706411a11b9f344a62eb0dd8f) Signed-off-by: David Bauer <mail@david-bauer.net>
Rodrigo Balerdi [Fri, 10 May 2024 06:35:43 +0000 (03:35 -0300)]
ipq806x: rt4230w-rev6: fix status reporting via the LEDs
There is a custom LED controller between the 3 SoC GPIO outputs and
the red and blue LEDs of the device. It implements a strange mapping
that includes fixed, flashing, and breathing modes.
The current DTS configuration causes OpenWrt to flash the LEDs over
the controller's own flashing, resulting in chaotic output in boot,
failsafe, and upgrade modes.
This change fixes the LEDs in the best way possible as long as each
OpenWrt running state is limited to be signaled by a single led.
MAC addresses:
+---------+-------------------+-----------+
| | MAC | Algorithm |
+---------+-------------------+-----------+
| WAN | 80:af:ca:xx:xx:x1 | label+1 |
| LAN | 80:af:ca:xx:xx:x0 | label |
| WLAN 2g | 80:af:ca:xx:xx:x0 | label |
| WLAN 5g | 82:af:ca:xx:xx:x0 | |
+---------+-------------------+-----------+
Installation:
The installation must be done via TFTP by disassembling the router. On other occasions Cudy has distributed intermediate firmware to make installation easier, and so I recommend checking the Wiki for this device if there is a more convenient solution than the one below.
To install using TFTP:
1. Connect to UART.
2. With the router off, press the RESET button. While the router is turning on, the button should continue to be pressed for at least 5 seconds.
3. A u-boot shell will automatically open.
4. Connect to LAN and set your IP to 192.168.1.88/24. Configure a TFTP server and an OpenWrt initramfs-kernel.bin firmware file.
5. Run these steps in u-boot using the name of your file.
1. Get ssh access. Supported stock firmware **1.0.47**
```
curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Anvram%20set%20ssh_en%3D1%0A"
curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Anvram%20commit%0A"
curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0Ased%20-i%20's%2Fchannel%3D.*%2Fchannel%3D%22debug%22%2Fg'%20%2Fetc%2Finit.d%2Fdropbear%0A"
curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=*******/api/misystem/arn_switch" -d "open=1&model=1&level=%0A%2Fetc%2Finit.d%2Fdropbear%20start%0A"
curl -X POST "http://192.168.31.1/cgi-bin/luci/;stok=********/api/misystem/arn_switch" -d "open=1&model=1&level=%0Apasswd%20-d%20root%0A
```
2. Backup stock partitions
```
nanddump -f /tmp/BL2.bin /dev/mtd1
nanddump -f /tmp/Nvram.bin /dev/mtd2
nanddump -f /tmp/Bdata.bin /dev/mtd3
nanddump -f /tmp/Factory.bin /dev/mtd4
nanddump -f /tmp/FIP.bin /dev/mtd5
nanddump -f /tmp/ubi.bin /dev/mtd8
nanddump -f /tmp/KF.bin /dev/mtd12
```
Then transfer them to your computer in a safe place.
3. Get firmware information `cat /proc/cmdline`
4. Copy openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi to **/tmp** and flash
If **firmware=0**
```
ubiformat /dev/mtd9 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi
nvram set boot_wait=on
nvram set uart_en=1
nvram set flag_boot_rootfs=1
nvram set flag_last_success=1
nvram set flag_boot_success=1
nvram set flag_try_sys1_failed=0
nvram set flag_try_sys2_failed=0
nvram commit
reboot
```
If **firmware=1**
```
ubiformat /dev/mtd8 -y -f /tmp/openwrt-mediatek-filogic-xiaomi_mi-router-ax3000t-initramfs-factory.ubi
nvram set boot_wait=on
nvram set uart_en=1
nvram set flag_boot_rootfs=0
nvram set flag_last_success=0
nvram set flag_boot_success=1
nvram set flag_try_sys1_failed=0
nvram set flag_try_sys2_failed=0
nvram commit
reboot
```
Then reboot your router, it should boot to the OpenWrt initramfs system now.
4. Flash stock images from backup
```
mtd write /tmp/BL2.bin BL2
mtd write /tmp/FIP.bin FIP
mtd write /tmp/ubi.bin ubi
```
Then reboot your router, waiting it finished rollback in minutes.
`ubiformat /dev/mtd7 -y -f /tmp/ubi.bin`
Then reboot your router, waiting it finished rollback in minutes.
wifi-scripts: fix creation of IBSS in legacy (non-HT) mode
When an IBBS interface is configured for IBSS legacy mode, wdev.htmode
is empty. This is empty string results in an empty positional argument
to the "ibbs join" command, for example:
This empty argument is interpreted as an invalid HT mode by 'iw',
causing the entire command to fail and print a "usage" message:
daemon.notice netifd: radio0 (4527): Usage: iw [options] \
dev <devname> ibss join <SSID> <freq in MHz> ...
Although nobody will ever need more than 640K of IBSS, explicitly use
"NOHT" if an HT mode is not given. This fixes the problem.
Fixes: e56c5f7b276a ("hostapd: add ucode support, use ucode for the main ubus object") Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [extend to cover more cases]
(cherry picked from commit cee9fcdb7350911f474544189817d25fd4070111)
Rany Hany [Sun, 5 May 2024 22:39:58 +0000 (01:39 +0300)]
mediatek: fix broken PCIe caused by update to 5.15.158
The patch "710-pci-pcie-mediatek-add-support-for-coherent-DMA.patch"
makes use of "syscon_regmap_lookup_by_phandle" which requires that
"syscon" be in the compatible list.
Without this patch, PCIe probe will fail with the following error:
We exit 1 after saying that there are no patches because later in the
function quilt pop fails to execute.
Having no patches for a package and calling refresh should not be
a critical error and the function should just do nothing.
To handle this improve quilt.mk with the following addition.
- If we don't have any patch for the package, we print a warning and we
create an empty series. This is useful to trick quilt and make it do
nothing.
We also create a status file .quilt_no_patch to detect in the other
function that we don't have patches to handle.
- In refresh makefile target, we check if .quilt_no_patch exist and
we skip quilt cleanup if this exist.
- In RefreshDir function we change the logic and now we delete the
patches directory and not only the content. This is done as a cleanup
to clean case with empty patches directory.
- In RefreshDir we check if .quilt_no_patch exist and we skip creating
the patches directory and copying the refreshed patches.
- In RefreshDir we delete at the end any trace of .quilt_no_patch if
present.
This is needed to support run like package/refresh that will run the
refresh process on any package present in the buildroot.
quilt.mk: use CURDIR instead of ./ for PATCH_DIR and FILES_DIR
To better reference them for diagnostic use, reference the PATCH_DIR and
FILES_DIR with the absolute path instead of using ./ and reference by
the relative location.
projects / thirdparty / openwrt.git / log
