Hauke Mehrtens [Tue, 1 Nov 2022 14:23:17 +0000 (15:23 +0100)]
busybox: awk: fix use after free (CVE-2022-30065)
This backports a commit which fixes a use after free bug in awk.
CVE-2022-30065 description:
A use-after-free in Busybox 1.35-x's awk applet leads to denial of
service and possibly code execution when processing a crafted awk
pattern in the copyvar function.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
8b383ee2a0d21144258346ad39006fc499d04b4f)
Hauke Mehrtens [Tue, 1 Nov 2022 14:38:14 +0000 (15:38 +0100)]
util-linux: Update to version 2.37.4
This update contains only a security fix for an issue in chsh and chfn,
but OpenWrt is not packaging these applications so OpenWrt is not
affected. In OpenWrt master this was already fixed by the update to
util-linux 2.38.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rafał Miłecki [Thu, 27 Oct 2022 20:33:14 +0000 (22:33 +0200)]
bcm4908: backport upstream BQL support for bcm4908_enet
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ae57770c956888337249688b9a16c25dd4fd63fb)
(cherry picked from commit
6198eb3e6448e9a43a32d3f46b7d0543424f455b)
John Audia [Sun, 30 Oct 2022 12:32:36 +0000 (08:32 -0400)]
kernel: bump 5.10 to 5.10.152
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
[Add CONFIG_ARM64_ERRATUM_1742098 to config]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
52400e167d83bd0bfc40394f9383529212b545ad)
John Audia [Fri, 28 Oct 2022 12:03:27 +0000 (08:03 -0400)]
kernel: bump 5.10 to 5.10.151
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
7a27ac605c7e55b7350c0bea76ca5d6eb218c5ea)
John Audia [Thu, 27 Oct 2022 10:26:25 +0000 (06:26 -0400)]
kernel: bump 5.10 to 5.10.150
Manually rebased:
bcm53xx/patches-5.10/180-usb-xhci-add-support-for-performing-fake-doorbell.patch
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
[Move gro_skip in 680-NET-skip-GRO-for-foreign-MAC-addresses.patch to old position]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
aa2fa2eb76f13e48cd39d844dca34627da00cb5d)
David Bentham [Mon, 24 Oct 2022 08:05:59 +0000 (09:05 +0100)]
ramips: Correct Unielec 01 and 06 dts wan macaddr byte location
Recent backport patch
b5cb5f352d3133ac8384275be7d47264ad135e74 had missed changing the macaddr_factory address location.
This patch corrects the address location.
Fixes: b5cb5f352d31 ("ramips: fix WAN mac address allocation for Unielec 01 and 06 models")
Signed-off-by: David Bentham <db260179@gmail.com>
[Fix dts node name too]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rafał Miłecki [Thu, 27 Oct 2022 19:05:20 +0000 (21:05 +0200)]
bcm4908: backport bcm4908_enet fix for NULL dereference
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
31e4e566545e53594bafe846c170a5d2fa6821e3)
Rafał Miłecki [Thu, 27 Oct 2022 16:57:39 +0000 (18:57 +0200)]
bcm4908: optimize Ethernet driver by using build_skb()
This should slightly improve performance thanks to the better cache
usage.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
6a02205a4d94a7b6a888ec55d1aecd60ebb20d77)
Rafał Miłecki [Tue, 18 Oct 2022 20:37:46 +0000 (22:37 +0200)]
kernel: mtd: backport SafeLoader parser
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
711f1a8bcbdde1ee9e2934d707fb1765fc644268)
Rafał Miłecki [Tue, 18 Oct 2022 20:12:27 +0000 (22:12 +0200)]
kernel: mtd: backport extended dynamic partitions support
This gets rid of "nvmem-cells" limitation. Dynamic partitions can be
defined for any (sub)partitions layout.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
4eda414b09c790344e47c1cebe78e5433b4dc10d)
Hauke Mehrtens [Sat, 15 Oct 2022 09:31:42 +0000 (11:31 +0200)]
mac80211: Update to version 5.15.74-1
This updates mac80211 to version 5.15.74-1 which is based on kernel
5.15.74.
The removed patches were applied upstream.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
58b65525f3165792a998fdb24fda11aa4097a7be)
Pavel Kamaev [Sun, 16 Oct 2022 18:27:47 +0000 (21:27 +0300)]
ath79: fix reference clock for RouterBoard 912UAG
This fixes reference clock frequency of RB912. 25 MHz frequency leads
to system clock running too fast, uptime incrementing too fast and
delays (like `sleep 10`) returning too early.
Board has quartz with NSK 3KHAA Z 40 000 marking.
Signed-off-by: Pavel Kamaev <pavel@kamaev.me>
(cherry picked from commit
a716ac55649707e8279de6f2ea66c7f6060c982c)
David Bentham [Mon, 17 Oct 2022 14:43:29 +0000 (15:43 +0100)]
ramips: fix WAN mac address allocation for Unielec 01 and 06 models
Manufacturer has predetermined mac address values for lan and wan ports.
This change keeps inline with other mt7621 devices mac address allocation
from factory mtd partition.
Example from hexdump output:
0xe000 0x6 (lan) - 0xe006 0x6 (wan)
0000e000 70 b3 d5 10 02 96 70 b3 d5 10 02 95 ff ff ff ff
Previous change had created an overlapping mac address situation as it
would increment by one based on the lan mac address location found in the
factory partition, which would sometimes increment to the same as the
mt7603 wifi chip.
Tested on Unielec u7621-01 model
Signed-off-by: David Bentham <db260179@gmail.com>
(cherry picked from commit
67660d36674c8c1504cbf3cd199409d0b209f802)
Robert Senderek [Mon, 17 Oct 2022 19:15:35 +0000 (21:15 +0200)]
ramips: rt3883: enable lzma-loader for Belkin F9K1109v1
Fixes boot loader LZMA decompression issues
Fixes: #10968
Signed-off-by: Robert Senderek <robert.senderek@10g.pl>
(cherry picked from commit
ac296f621058119501ccd54e7cb2a243af5dc5a0)
Alex Khodin [Fri, 21 Oct 2022 17:47:38 +0000 (17:47 +0000)]
ramips: mt7621: enable lzma-loader for Asus RT-N56U-B1
Fixes boot loader LZMA decompression issues.
Without this change the board end up in a boot loop.
Signed-off-by: Alex Khodin <mxktz1@gmail.com>
(cherry picked from commit
f6099d797460b23e06fb0c391606346993b4593e)
Arınç ÜNAL [Tue, 18 Oct 2022 08:54:20 +0000 (11:54 +0300)]
bcm53xx: enable Broadcom 4366b1 firmware for Asus RT-AC88U
On some of the hardware revisions of Asus RT-AC88U, brcmfmac detects the
4366b1 wireless chip and tries to load the firmware file which doesn't
exist because it's not included in the image.
Therefore, include firmware for 4366b1 along with 4366c0. This way, all
hardware revisions of the router will be supported by having brcmfmac use
the firmware file for the wireless chip it detects.
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
(cherry picked from commit
2b9bb5b187022f8b64c84781c071d6c2b0ce3e45)
Petr Štetiar [Wed, 19 Oct 2022 19:38:08 +0000 (21:38 +0200)]
wireless-tools: add package CPE ID
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
Suggested-by: Steffen Pfendtner <s.pfendtner@ads-tec.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
a80e198cd383593da7f41857a6122f28ed6354a1)
Petr Štetiar [Wed, 19 Oct 2022 19:38:08 +0000 (21:38 +0200)]
ncurses: add package CPE ID
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
Suggested-by: Steffen Pfendtner <s.pfendtner@ads-tec.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
3826e72b8e100f1f1df742cce6e5567b98c080e4)
Petr Štetiar [Wed, 19 Oct 2022 19:38:08 +0000 (21:38 +0200)]
arm-trusted-firmware-sunxi: add package CPE ID
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
Suggested-by: Steffen Pfendtner <s.pfendtner@ads-tec.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
0671e78a65d3540b1c922433f842cbb42f74950d)
Petr Štetiar [Wed, 19 Oct 2022 19:38:08 +0000 (21:38 +0200)]
libnftnl: add package CPE ID
Common Platform Enumeration (CPE) is a structured naming scheme for
information technology systems, software, and packages.
Suggested-by: Steffen Pfendtner <s.pfendtner@ads-tec.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
efb4324c36a024ae6340d85352fb6c766a27a821)
Nick Hainke [Sun, 11 Sep 2022 11:52:31 +0000 (13:52 +0200)]
octeon: fix imagebuilder generation by introducing generic target
The generic imagebuilder does not have a generic in the name, although
this is the default naming scheme. Use bcm53xx as template for this fix.
Before the fix:
openwrt-imagebuilder-octeon.Linux-x86_64.tar.xz
After:
openwrt-imagebuilder-octeon-generic.Linux-x86_64.tar.xz
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
a67f484e67b1d0930cb4b10b9e3787ecf7e71579)
Lech Perczak [Tue, 14 Jun 2022 20:49:40 +0000 (22:49 +0200)]
ath79: support Ruckus ZoneFlex 7321
Ruckus ZoneFlex 7321 is a dual-band, single radio 802.11n 2x2 MIMO enterprise
access point. It is very similar to its bigger brother, ZoneFlex 7372.
Hardware highligts:
- CPU: Atheros AR9342 SoC at 533 MHz
- RAM: 64MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi: AR9342 built-in dual-band 2x2 MIMO radio
- Ethernet: single Gigabit Ethernet port through AR8035 gigabit PHY
- PoE: input through Gigabit port
- Standalone 12V/1A power input
- USB: optional single USB 2.0 host port on the 7321-U variant.
Serial console: 115200-8-N-1 on internal H1 header.
Pinout:
H1 ----------
|1|x3|4|5|
----------
Pin 1 is near the "H1" marking.
1 - RX
x - no pin
3 - VCC (3.3V)
4 - GND
5 - TX
JTAG: Connector H5, unpopulated, similar to MIPS eJTAG, standard,
but without the key in pin 12 and not every pin routed:
------- H5
|1 |2 |
-------
|3 |4 |
-------
|5 |6 |
-------
|7 |8 |
-------
|9 |10|
-------
|11|12|
-------
|13|14|
-------
3 - TDI
5 - TDO
7 - TMS
9 - TCK
2,4,6,8,10 - GND
14 - Vref
1,11,12,13 - Not connected
Installation:
There are two methods of installation:
- Using serial console [1] - requires some disassembly, 3.3V USB-Serial
adapter, TFTP server, and removing a single T10 screw,
but with much less manual steps, and is generally recommended, being
safer.
- Using stock firmware root shell exploit, SSH and TFTP [2]. Does not
work on some rare versions of stock firmware. A more involved, and
requires installing `mkenvimage` from u-boot-tools package if you
choose to rebuild your own environment, but can be used without
disassembly or removal from installation point, if you have the
credentials.
If for some reason, size of your sysupgrade image exceeds 13312kB,
proceed with method [1]. For official images this is not likely to
happen ever.
[1] Using serial console:
0. Connect serial console to H1 header. Ensure the serial converter
does not back-power the board, otherwise it will fail to boot.
1. Power-on the board. Then quickly connect serial converter to PC and
hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
you'll enter U-boot shell. Then skip to point 3.
Connection parameters are 115200-8-N-1.
2. Allow the board to boot. Press the reset button, so the board
reboots into U-boot again and go back to point 1.
3. Set the "bootcmd" variable to disable the dual-boot feature of the
system and ensure that uImage is loaded. This is critical step, and
needs to be done only on initial installation.
> setenv bootcmd "bootm 0x9f040000"
> saveenv
4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed:
> setenv serverip 192.168.1.2
> setenv ipaddr 192.168.1.1
> tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7321-initramfs-kernel.bin
> bootm 0x81000000
5. Optional, but highly recommended: back up contents of "firmware" partition:
$ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7321_fw1_backup.bin
$ ssh root@192.168.1.1 cat /dev/mtd5 > ruckus_zf7321_fw2_backup.bin
6. Copy over sysupgrade image, and perform actual installation. OpenWrt
shall boot from flash afterwards:
$ ssh root@192.168.1.1
# sysupgrade -n openwrt-ath79-generic-ruckus_zf7321-squashfs-sysupgrade.bin
[2] Using stock root shell:
0. Reset the device to factory defaullts. Power-on the device and after
it boots, hold the reset button near Ethernet connectors for 5
seconds.
1. Connect the device to the network. It will acquire address over DHCP,
so either find its address using list of DHCP leases by looking for
label MAC address, or try finding it by scanning for SSH port:
$ nmap 10.42.0.0/24 -p22
From now on, we assume your computer has address 10.42.0.1 and the device
has address 10.42.0.254.
2. Set up a TFTP server on your computer. We assume that TFTP server
root is at /srv/tftp.
3. Obtain root shell. Connect to the device over SSH. The SSHD ond the
frmware is pretty ancient and requires enabling HMAC-MD5.
$ ssh 10.42.0.254 \
-o UserKnownHostsFile=/dev/null \
-o StrictHostKeyCheking=no \
-o MACs=hmac-md5
Login. User is "super", password is "sp-admin".
Now execute a hidden command:
Ruckus
It is case-sensitive. Copy and paste the following string,
including quotes. There will be no output on the console for that.
";/bin/sh;"
Hit "enter". The AP will respond with:
grrrr
OK
Now execute another hidden command:
!v54!
At "What's your chow?" prompt just hit "enter".
Congratulations, you should now be dropped to Busybox shell with root
permissions.
4. Optional, but highly recommended: backup the flash contents before
installation. At your PC ensure the device can write the firmware
over TFTP:
$ sudo touch /srv/tftp/ruckus_zf7321_firmware{1,2}.bin
$ sudo chmod 666 /srv/tftp/ruckus_zf7321_firmware{1,2}.bin
Locate partitions for primary and secondary firmware image.
NEVER blindly copy over MTD nodes, because MTD indices change
depending on the currently active firmware, and all partitions are
writable!
# grep rcks_wlan /proc/mtd
Copy over both images using TFTP, this will be useful in case you'd
like to return to stock FW in future. Make sure to backup both, as
OpenWrt uses bot firmwre partitions for storage!
# tftp -l /dev/<rcks_wlan.main_mtd> -r ruckus_zf7321_firmware1.bin -p 10.42.0.1
# tftp -l /dev/<rcks_wlan.bkup_mtd> -r ruckus_zf7321_firmware2.bin -p 10.42.0.1
When the command finishes, copy over the dump to a safe place for
storage.
$ cp /srv/tftp/ruckus_zf7321_firmware{1,2}.bin ~/
5. Ensure the system is running from the BACKUP image, i.e. from
rcks_wlan.bkup partition or "image 2". Otherwise the installation
WILL fail, and you will need to access mtd0 device to write image
which risks overwriting the bootloader, and so is not covered here
and not supported.
Switching to backup firmware can be achieved by executing a few
consecutive reboots of the device, or by updating the stock firmware. The
system will boot from the image it was not running from previously.
Stock firmware available to update was conveniently dumped in point 4 :-)
6. Prepare U-boot environment image.
Install u-boot-tools package. Alternatively, if you build your own
images, OpenWrt provides mkenvimage in host staging directory as well.
It is recommended to extract environment from the device, and modify
it, rather then relying on defaults:
$ sudo touch /srv/tftp/u-boot-env.bin
$ sudo chmod 666 /srv/tftp/u-boot-env.bin
On the device, find the MTD partition on which environment resides.
Beware, it may change depending on currently active firmware image!
# grep u-boot-env /proc/mtd
Now, copy over the partition
# tftp -l /dev/mtd<N> -r u-boot-env.bin -p 10.42.0.1
Store the stock environment in a safe place:
$ cp /srv/tftp/u-boot-env.bin ~/
Extract the values from the dump:
$ strings u-boot-env.bin | tee u-boot-env.txt
Now clean up the debris at the end of output, you should end up with
each variable defined once. After that, set the bootcmd variable like
this:
bootcmd=bootm 0x9f040000
You should end up with something like this:
bootcmd=bootm 0x9f040000
bootargs=console=ttyS0,115200 rootfstype=squashfs init=/sbin/init
baudrate=115200
ethaddr=0x00:0xaa:0xbb:0xcc:0xdd:0xee
mtdparts=mtdparts=ar7100-nor0:256k(u-boot),13312k(rcks_wlan.main),2048k(datafs),256k(u-boot-env),512k(Board Data),13312k(rcks_wlan.bkup)
mtdids=nor0=ar7100-nor0
bootdelay=2
ethact=eth0
filesize=78a000
fileaddr=
81000000
partition=nor0,0
mtddevnum=0
mtddevname=u-boot
ipaddr=10.0.0.1
serverip=10.0.0.5
stdin=serial
stdout=serial
stderr=serial
These are the defaults, you can use most likely just this as input to
mkenvimage.
Now, create environment image and copy it over to TFTP root:
$ mkenvimage -s 0x40000 -b -o u-boot-env.bin u-boot-env.txt
$ sudo cp u-boot-env.bin /srv/tftp
This is the same image, gzipped and base64-encoded:
H4sIAAAAAAAAA+3QQW7TQBQAUF8EKRtQI6XtJDS0VJoN4gYcAE3iCbWS2MF2Sss1ORDYqVq6YMEB3rP0
Z/7Yf+aP3/56827VNP16X8Zx3E/Cw8dNuAqDYlxI7bcurpu6a3Y59v3jlzCbz5eLECbt8HbT9Y+HHLvv
x9TdbbpJVVd9vOxWVX05TotVOpZt6nN8qilyf5fKso3hIYTb8JDSEFarIazXQyjLIeRc7PvykNq+iy+T
1F7PQzivmzbcLpYftmfH87G56Wz+/v18sT1r19vu649dqi/2qaqns0W4utmelalPm27I/lac5/p+OluO
NZ+a1JaTz8M3/9hmtT0epmMjVdnF8djXLZx+TJl36TEuTlda93EYQrGpdrmrfuZ4fZPGHzjmp/vezMNJ
MV6n6qumPm06C+MRZb6vj/v4Mk/7HJ+6LarDqXweLsZnXnS5vc9tdXheWRbd0GIdh/Uq7cakOfavsty2
z1nxGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAD+1x9eTkHLAAAEAA==
7. Perform actual installation. Copy over OpenWrt sysupgrade image to
TFTP root:
$ sudo cp openwrt-ath79-generic-ruckus_zf7321-squashfs-sysupgrade.bin /srv/tftp
Now load both to the device over TFTP:
# tftp -l /tmp/u-boot-env.bin -r u-boot-env.bin -g 10.42.0.1
# tftp -l /tmp/openwrt.bin -r openwrt-ath79-generic-ruckus_zf7321-squashfs-sysupgrade.bin -g 10.42.0.1
Vverify checksums of both images to ensure the transfer over TFTP
was completed:
# sha256sum /tmp/u-boot-env.bin /tmp/openwrt.bin
And compare it against source images:
$ sha256sum /srv/tftp/u-boot-env.bin /srv/tftp/openwrt-ath79-generic-ruckus_zf7321-squashfs-sysupgrade.bin
Locate MTD partition of the primary image:
# grep rcks_wlan.main /proc/mtd
Now, write the images in place. Write U-boot environment last, so
unit still can boot from backup image, should power failure occur during
this. Replace MTD placeholders with real MTD nodes:
# flashcp /tmp/openwrt.bin /dev/<rcks_wlan.main_mtd>
# flashcp /tmp/u-boot-env.bin /dev/<u-boot-env_mtd>
Finally, reboot the device. The device should directly boot into
OpenWrt. Look for the characteristic power LED blinking pattern.
# reboot -f
After unit boots, it should be available at the usual 192.168.1.1/24.
Return to factory firmware:
1. Boot into OpenWrt initramfs as for initial installation. To do that
without disassembly, you can write an initramfs image to the device
using 'sysupgrade -F' first.
2. Unset the "bootcmd" variable:
fw_setenv bootcmd ""
3. Write factory images downloaded from manufacturer website into
fwconcat0 and fwconcat1 MTD partitions, or restore backup you took
before installation:
mtd write ruckus_zf7321_fw1_backup.bin /dev/mtd1
mtd write ruckus_zf7321_fw2_backup.bin /dev/mtd5
4. Reboot the system, it should load into factory firmware again.
Quirks and known issues:
- Flash layout is changed from the factory, to use both firmware image
partitions for storage using mtd-concat, and uImage format is used to
actually boot the system, which rules out the dual-boot capability.
- The 5GHz radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
OpenWrt by choice.
It is controlled by data in the top 64kB of RAM which is unmapped,
to avoid the interference in the boot process and accidental
switch to the inactive image, although boot script presence in
form of "bootcmd" variable should prevent this entirely.
- U-boot disables JTAG when starting. To re-enable it, you need to
execute the following command before booting:
mw.l
1804006c 40
And also you need to disable the reset button in device tree if you
intend to debug Linux, because reset button on GPIO0 shares the TCK
pin.
- On some versions of stock firmware, it is possible to obtain root shell,
however not much is available in terms of debugging facitilies.
1. Login to the rkscli
2. Execute hidden command "Ruckus"
3. Copy and paste ";/bin/sh;" including quotes. This is required only
once, the payload will be stored in writable filesystem.
4. Execute hidden command "!v54!". Press Enter leaving empty reply for
"What's your chow?" prompt.
5. Busybox shell shall open.
Source: https://alephsecurity.com/vulns/aleph-
2019014
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit
f1d112ee5a43e8c4a22db05b94bbcd0677a34486)
Lech Perczak [Sun, 22 May 2022 15:46:28 +0000 (17:46 +0200)]
ath79: support Ruckus ZoneFlex 7372
Ruckus ZoneFlex 7372 is a dual-band, dual-radio 802.11n 2x2 MIMO enterprise
access point.
Ruckus ZoneFlex 7352 is also supported, lacking the 5GHz radio part.
Hardware highligts:
- CPU: Atheros AR9344 SoC at 560 MHz
- RAM: 128MB DDR2
- Flash: 32MB SPI-NOR
- Wi-Fi 2.4GHz: AR9344 built-in 2x2 MIMO radio
- Wi-Fi 5Ghz: AR9582 2x2 MIMO radio (Only in ZF7372)
- Antennas:
- Separate internal active antennas with beamforming support on both
bands with 7 elements per band, each controlled by 74LV164 GPIO
expanders, attached to GPIOs of each radio.
- Two dual-band external RP-SMA antenna connections on "7372-E"
variant.
- Ethernet 1: single Gigabit Ethernet port through AR8035 gigabit PHY
- Ethernet 2: single Fast Ethernet port through AR9344 built-in switch
- PoE: input through Gigabit port
- Standalone 12V/1A power input
- USB: optional single USB 2.0 host port on "-U" variants.
The same image should support:
- ZoneFlex 7372E (variant with external antennas, without beamforming
capability)
- ZoneFlex 7352 (single-band, 2.4GHz-only variant).
which are based on same baseboard (codename St. Bernard),
with different populated components.
Serial console: 115200-8-N-1 on internal H1 header.
Pinout:
H1
---
|5|
---
|4|
---
|3|
---
|x|
---
|1|
---
Pin 5 is near the "H1" marking.
1 - RX
x - no pin
3 - VCC (3.3V)
4 - GND
5 - TX
JTAG: Connector H2, similar to MIPS eJTAG, standard,
but without the key in pin 12 and not every pin routed:
------- H2
|1 |2 |
-------
|3 |4 |
-------
|5 |6 |
-------
|7 |8 |
-------
|9 |10|
-------
|11|12|
-------
|13|14|
-------
3 - TDI
5 - TDO
7 - TMS
9 - TCK
2,4,6,8,10 - GND
14 - Vref
1,11,12,13 - Not connected
Installation:
There are two methods of installation:
- Using serial console [1] - requires some disassembly, 3.3V USB-Serial
adapter, TFTP server, and removing a single T10 screw,
but with much less manual steps, and is generally recommended, being
safer.
- Using stock firmware root shell exploit, SSH and TFTP [2]. Does not
work on some rare versions of stock firmware. A more involved, and
requires installing `mkenvimage` from u-boot-tools package if you
choose to rebuild your own environment, but can be used without
disassembly or removal from installation point, if you have the
credentials.
If for some reason, size of your sysupgrade image exceeds 13312kB,
proceed with method [1]. For official images this is not likely to
happen ever.
[1] Using serial console:
0. Connect serial console to H1 header. Ensure the serial converter
does not back-power the board, otherwise it will fail to boot.
1. Power-on the board. Then quickly connect serial converter to PC and
hit Ctrl+C in the terminal to break boot sequence. If you're lucky,
you'll enter U-boot shell. Then skip to point 3.
Connection parameters are 115200-8-N-1.
2. Allow the board to boot. Press the reset button, so the board
reboots into U-boot again and go back to point 1.
3. Set the "bootcmd" variable to disable the dual-boot feature of the
system and ensure that uImage is loaded. This is critical step, and
needs to be done only on initial installation.
> setenv bootcmd "bootm 0x9f040000"
> saveenv
4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed:
> setenv serverip 192.168.1.2
> setenv ipaddr 192.168.1.1
> tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7372-initramfs-kernel.bin
> bootm 0x81000000
5. Optional, but highly recommended: back up contents of "firmware" partition:
$ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7372_fw1_backup.bin
$ ssh root@192.168.1.1 cat /dev/mtd5 > ruckus_zf7372_fw2_backup.bin
6. Copy over sysupgrade image, and perform actual installation. OpenWrt
shall boot from flash afterwards:
$ ssh root@192.168.1.1
# sysupgrade -n openwrt-ath79-generic-ruckus_zf7372-squashfs-sysupgrade.bin
[2] Using stock root shell:
0. Reset the device to factory defaullts. Power-on the device and after
it boots, hold the reset button near Ethernet connectors for 5
seconds.
1. Connect the device to the network. It will acquire address over DHCP,
so either find its address using list of DHCP leases by looking for
label MAC address, or try finding it by scanning for SSH port:
$ nmap 10.42.0.0/24 -p22
From now on, we assume your computer has address 10.42.0.1 and the device
has address 10.42.0.254.
2. Set up a TFTP server on your computer. We assume that TFTP server
root is at /srv/tftp.
3. Obtain root shell. Connect to the device over SSH. The SSHD ond the
frmware is pretty ancient and requires enabling HMAC-MD5.
$ ssh 10.42.0.254 \
-o UserKnownHostsFile=/dev/null \
-o StrictHostKeyCheking=no \
-o MACs=hmac-md5
Login. User is "super", password is "sp-admin".
Now execute a hidden command:
Ruckus
It is case-sensitive. Copy and paste the following string,
including quotes. There will be no output on the console for that.
";/bin/sh;"
Hit "enter". The AP will respond with:
grrrr
OK
Now execute another hidden command:
!v54!
At "What's your chow?" prompt just hit "enter".
Congratulations, you should now be dropped to Busybox shell with root
permissions.
4. Optional, but highly recommended: backup the flash contents before
installation. At your PC ensure the device can write the firmware
over TFTP:
$ sudo touch /srv/tftp/ruckus_zf7372_firmware{1,2}.bin
$ sudo chmod 666 /srv/tftp/ruckus_zf7372_firmware{1,2}.bin
Locate partitions for primary and secondary firmware image.
NEVER blindly copy over MTD nodes, because MTD indices change
depending on the currently active firmware, and all partitions are
writable!
# grep rcks_wlan /proc/mtd
Copy over both images using TFTP, this will be useful in case you'd
like to return to stock FW in future. Make sure to backup both, as
OpenWrt uses bot firmwre partitions for storage!
# tftp -l /dev/<rcks_wlan.main_mtd> -r ruckus_zf7372_firmware1.bin -p 10.42.0.1
# tftp -l /dev/<rcks_wlan.bkup_mtd> -r ruckus_zf7372_firmware2.bin -p 10.42.0.1
When the command finishes, copy over the dump to a safe place for
storage.
$ cp /srv/tftp/ruckus_zf7372_firmware{1,2}.bin ~/
5. Ensure the system is running from the BACKUP image, i.e. from
rcks_wlan.bkup partition or "image 2". Otherwise the installation
WILL fail, and you will need to access mtd0 device to write image
which risks overwriting the bootloader, and so is not covered here
and not supported.
Switching to backup firmware can be achieved by executing a few
consecutive reboots of the device, or by updating the stock firmware. The
system will boot from the image it was not running from previously.
Stock firmware available to update was conveniently dumped in point 4 :-)
6. Prepare U-boot environment image.
Install u-boot-tools package. Alternatively, if you build your own
images, OpenWrt provides mkenvimage in host staging directory as well.
It is recommended to extract environment from the device, and modify
it, rather then relying on defaults:
$ sudo touch /srv/tftp/u-boot-env.bin
$ sudo chmod 666 /srv/tftp/u-boot-env.bin
On the device, find the MTD partition on which environment resides.
Beware, it may change depending on currently active firmware image!
# grep u-boot-env /proc/mtd
Now, copy over the partition
# tftp -l /dev/mtd<N> -r u-boot-env.bin -p 10.42.0.1
Store the stock environment in a safe place:
$ cp /srv/tftp/u-boot-env.bin ~/
Extract the values from the dump:
$ strings u-boot-env.bin | tee u-boot-env.txt
Now clean up the debris at the end of output, you should end up with
each variable defined once. After that, set the bootcmd variable like
this:
bootcmd=bootm 0x9f040000
You should end up with something like this:
bootcmd=bootm 0x9f040000
bootargs=console=ttyS0,115200 rootfstype=squashfs init=/sbin/init
baudrate=115200
ethaddr=0x00:0xaa:0xbb:0xcc:0xdd:0xee
bootdelay=2
mtdids=nor0=ar7100-nor0
mtdparts=mtdparts=ar7100-nor0:256k(u-boot),13312k(rcks_wlan.main),2048k(datafs),256k(u-boot-env),512k(Board Data),13312k(rcks_wlan.bkup)
ethact=eth0
filesize=
1000000
fileaddr=
81000000
ipaddr=192.168.0.7
serverip=192.168.0.51
partition=nor0,0
mtddevnum=0
mtddevname=u-boot
stdin=serial
stdout=serial
stderr=serial
These are the defaults, you can use most likely just this as input to
mkenvimage.
Now, create environment image and copy it over to TFTP root:
$ mkenvimage -s 0x40000 -b -o u-boot-env.bin u-boot-env.txt
$ sudo cp u-boot-env.bin /srv/tftp
This is the same image, gzipped and base64-encoded:
H4sIAAAAAAAAA+3QTW7TQBQAYB+AQ2TZSGk6Tpv+SbNBrNhyADSJHWolsYPtlJaDcAWOCXaqQhdIXOD7
Fm/ee+MZ+/nHu58fV03Tr/dFHNf9JDzdbcJVGGRjI7Vfurhu6q7ZlbHvnz+FWZ4vFyFM2mF30/XPhzJ2
X4+pe9h0k6qu+njRrar6YkyzVToWberL+HImK/uHVBRtDE8h3IenlIawWg1hvR5CUQyhLE/vLcpdeo6L
bN8XVdHFumlDTO1NHsL5mI/9Q2r7Lv5J3uzeL5bX27Pj+XjRdJZfXuaL7Vm73nafv+1SPd+nqp7OFuHq
dntWpD5tuqH6e+K8rB+ns+V45n2T2mLyYXjmH9estsfD9DTSuo/DErJNtSu76vswbjg5NU4D3752qsOp
zu8W8/z6dh7mN1lXto9lWx3eNJd5Ng5V9VVTn2afnSYuysf6uI9/8rQv48s3Z93wn+o4XFWl3Vg0x/5N
Vbbta5X9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAID/+Q2Z/
B7cAAAEAA==
7. Perform actual installation. Copy over OpenWrt sysupgrade image to
TFTP root:
$ sudo cp openwrt-ath79-generic-ruckus_zf7372-squashfs-sysupgrade.bin /srv/tftp
Now load both to the device over TFTP:
# tftp -l /tmp/u-boot-env.bin -r u-boot-env.bin -g 10.42.0.1
# tftp -l /tmp/openwrt.bin -r openwrt-ath79-generic-ruckus_zf7372-squashfs-sysupgrade.bin -g 10.42.0.1
Verify checksums of both images to ensure the transfer over TFTP
was completed:
# sha256sum /tmp/u-boot-env.bin /tmp/openwrt.bin
And compare it against source images:
$ sha256sum /srv/tftp/u-boot-env.bin /srv/tftp/openwrt-ath79-generic-ruckus_zf7372-squashfs-sysupgrade.bin
Locate MTD partition of the primary image:
# grep rcks_wlan.main /proc/mtd
Now, write the images in place. Write U-boot environment last, so
unit still can boot from backup image, should power failure occur during
this. Replace MTD placeholders with real MTD nodes:
# flashcp /tmp/openwrt.bin /dev/<rcks_wlan.main_mtd>
# flashcp /tmp/u-boot-env.bin /dev/<u-boot-env_mtd>
Finally, reboot the device. The device should directly boot into
OpenWrt. Look for the characteristic power LED blinking pattern.
# reboot -f
After unit boots, it should be available at the usual 192.168.1.1/24.
Return to factory firmware:
1. Boot into OpenWrt initramfs as for initial installation. To do that
without disassembly, you can write an initramfs image to the device
using 'sysupgrade -F' first.
2. Unset the "bootcmd" variable:
fw_setenv bootcmd ""
3. Write factory images downloaded from manufacturer website into
fwconcat0 and fwconcat1 MTD partitions, or restore backup you took
before installation:
mtd write ruckus_zf7372_fw1_backup.bin /dev/mtd1
mtd write ruckus_zf7372_fw2_backup.bin /dev/mtd5
4. Reboot the system, it should load into factory firmware again.
Quirks and known issues:
- This is first device in ath79 target to support link state reporting
on FE port attached trough the built-in switch.
- Flash layout is changed from the factory, to use both firmware image
partitions for storage using mtd-concat, and uImage format is used to
actually boot the system, which rules out the dual-boot capability.
The 5GHz radio has its own EEPROM on board, not connected to CPU.
- The stock firmware has dual-boot capability, which is not supported in
OpenWrt by choice.
It is controlled by data in the top 64kB of RAM which is unmapped,
to avoid the interference in the boot process and accidental
switch to the inactive image, although boot script presence in
form of "bootcmd" variable should prevent this entirely.
- U-boot disables JTAG when starting. To re-enable it, you need to
execute the following command before booting:
mw.l
1804006c 40
And also you need to disable the reset button in device tree if you
intend to debug Linux, because reset button on GPIO0 shares the TCK
pin.
- On some versions of stock firmware, it is possible to obtain root shell,
however not much is available in terms of debugging facitilies.
1. Login to the rkscli
2. Execute hidden command "Ruckus"
3. Copy and paste ";/bin/sh;" including quotes. This is required only
once, the payload will be stored in writable filesystem.
4. Execute hidden command "!v54!". Press Enter leaving empty reply for
"What's your chow?" prompt.
5. Busybox shell shall open.
Source: https://alephsecurity.com/vulns/aleph-
2019014
- Stock firmware has beamforming functionality, known as BeamFlex,
using active multi-segment antennas on both bands - controlled by
RF analog switches, driven by a pair of 74LV164 shift registers.
Shift registers used for each radio are connected to GPIO14 (clock)
and GPIO15 of the respective chip.
They are mapped as generic GPIOs in OpenWrt - in stock firmware,
they were most likely handled directly by radio firmware,
given the real-time nature of their control.
Lack of this support in OpenWrt causes the antennas to behave as
ordinary omnidirectional antennas, and does not affect throughput in
normal conditions, but GPIOs are available to tinker with nonetheless.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit
59cb4dc91d500edc2e6b462e223e367806557cc5)
Daniel Golle [Tue, 26 Jul 2022 08:17:07 +0000 (10:17 +0200)]
kernel: add kmod-nvme package
Add driver for NVM Express block devices, ie. PCIe connected SSDs.
Targets which allow booting from NVMe (x86, maybe some mvebu boards come
to mind) should have it built-in, so rootfs can be mounted from there.
For targets without NVMe support in bootloader or BIOS/firmware it's
sufficient to provide the kernel module package.
On targets having the NVMe driver built-in the resulting kmod package
is an empty dummy. In any case, depending on or installing kmod-nvme
results in driver support being available (either because it was already
built-in or because the relevant kernel modules are added and loaded).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
dbe53352e38d20bb5245158b19d4ff810c209548)
Rafał Miłecki [Tue, 18 Oct 2022 19:25:15 +0000 (21:25 +0200)]
kernel: mtd: fix unbalanced of_node_put() in dynamic partitions code
Fixes: cae4d089bc1d3 ("kernel: backport mtd dynamic partition patch")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
76a470d5df971bd4c7309480a585d7fbaef63621)
John Audia [Mon, 17 Oct 2022 18:34:40 +0000 (14:34 -0400)]
kernel: bump 5.10 to 5.10.149
No patches required modification.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
25fba4c375f081d175bf94079d5d713b6bc4bbc0)
John Audia [Sat, 15 Oct 2022 10:31:21 +0000 (06:31 -0400)]
kernel: bump 5.10 to 5.10.148
No patches required modification.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
59b5d59edf4479197099e3bf6b034f085067b8e5)
John Audia [Wed, 5 Oct 2022 11:58:32 +0000 (07:58 -0400)]
kernel: bump 5.10 to 5.10.147
Removed upstreamed:
bcm53xx/patches-5.10/083-v6.0-clk-iproc-Do-not-rely-on-node-name-for-correct-PLL-s.patch[1]
All other patches automatically rebased.
1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.147&id=
a8e6cde5062fb2aff81f86cc0770591714bee545
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
e2da6a0a59a81a4fc0fdffde31abf22ee121e9f5)
Petr Štetiar [Tue, 18 Oct 2022 06:55:46 +0000 (08:55 +0200)]
mt7621: hiwifi_hc5962: fix reboot loop by using LZMA loader
This fixes a well known "LZMA ERROR 1" error, reported previously on
numerous of similar devices.
References: https://github.com/openwrt/openwrt/issues/10645#issuecomment-
1282607274
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
b63d6d4730fd0dc30ce6707338c398e8b9d61d86)
Jo-Philipp Wich [Tue, 18 Oct 2022 09:06:31 +0000 (11:06 +0200)]
ucode: update to latest Git HEAD
00af065 fs: expose `getdelim()` functionality through `fd.read()`
21ace5e lexer: fixes for regex literal parsing
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
1b90c7441b81aee7b1212e8918e3ec7144375d96)
Jo-Philipp Wich [Tue, 18 Oct 2022 07:44:42 +0000 (09:44 +0200)]
firewall4: update to latest Git HEAD
7ae5e14 fw4: gracefully handle `null` return values from `fd.read("line")`
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
5e2e048c0e7c16d7967ec7a0cd8a9c01aa0f12b1)
Petr Štetiar [Tue, 18 Oct 2022 06:55:46 +0000 (08:55 +0200)]
mt7621: netgear_ex6150: fix reboot loop by using LZMA loader
This fixes a well known "LZMA ERROR 1" error, reported previously on
numerous of similar devices.
Fixes: #10645
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
7dd1cab1c16f374716b1ee7a5bf99f849b74c1dc)
Hauke Mehrtens [Sat, 15 Oct 2022 12:46:15 +0000 (14:46 +0200)]
OpenWrt v22.03.2: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sat, 15 Oct 2022 12:45:57 +0000 (14:45 +0200)]
OpenWrt v22.03.2: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jo-Philipp Wich [Fri, 14 Oct 2022 15:32:28 +0000 (17:32 +0200)]
firewall4: update to latest Git HEAD
4fbf6d7 ruleset.uc: log forwarded traffic not matched by zone policies
c7201a3 main.uc: reintroduce set reload restriction
756f1e2 ruleset: fix emitting set_mark/set_xmark rules with masks
3db4741 ruleset: properly handle zone names starting with a digit
43d8ef5 fw4: fix formatting of default log prefix
592ba45 main.uc: remove uneeded/wrong set reload restrictions
b0a6bff tests: fix testcases
145e159 fw4: recognize `option log` and `option counter` in `config nat` sections
ce050a8 fw4: fall back to device if l3_device is not available in ifstatus
Fixes: #10639, #10965
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
fdfa9d8f7469626d2dc8e4b46a6ad56a3b27c16b)
Jo-Philipp Wich [Mon, 5 Sep 2022 08:50:39 +0000 (10:50 +0200)]
ucode: update to latest Git HEAD
4ae7072 fs: use `getline()` for line wise read operations
21ace5e lexer: fixes for regex literal parsing
00965fa lib: implement slice() function
76d396d main: implement print mode
7bbba78 compiler: optimize function return opcode generation
a45f2a3 lexer: improve regex literal handling
d64d5d6 vm: maintain export symbol tables per program
f4b4ded uloop: task: gracefully handle absent output callback
a58fe47 ubus: hold reference to underlying connection until deferred is concluded
e23b58a lib: uc_system(): retry waitpid() on EINTR
cc4eb79 ubus: support obtaining numeric error code
01c412c ubus: add toplevel constants for ubus status codes
8e240fa ubus: allow object method call handlers to return a numeric status code
5cdddd3 lib: add limit support to split() and replace()
0ba9c3e fs: add optional third permission argument to fs.open()
c1f7b3b lib: remove fixed capture group limit in match() and regex replace()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commits
639754e36d849553e288f8e34f51f793761c07db
and
5110dcb1fa44fc1aac737c63b31474daa471de89)
Jo-Philipp Wich [Mon, 12 Sep 2022 11:48:40 +0000 (13:48 +0200)]
rpcd: update to latest Git HEAD
8c852b6 ucode: write ucode runtime exceptions to stderr
e80d0b2 ucode: pass-through `ubus_rpc_session` argument
0d02243 ucode: initialize module search path early
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commits
94129cbefb6027cdfe2b7801a6e27a36d4ec58b8
and
db17c7527107c1dae190608a1313a3977fe4f23f)
Matthias Schiffer [Sun, 27 Mar 2022 21:15:48 +0000 (23:15 +0200)]
image: always rebuild kernel loaders
Kernel loaders like the lzma-loader currently don't track changes to
their sources. This can lead to an old version of a loader to be used
when a build tree is not clean between builds.
As the loaders are tiny and the build times are insignificant, simply
force rebuilding them on every build to avoid this problem.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
a01d23e755ba46f41e667d558d82d4871d7f5450)
Matthias Schiffer [Sun, 27 Mar 2022 19:00:30 +0000 (21:00 +0200)]
mpc85xx: p1010: make TP-Link WDR4900 v1 build again
Add the spi-loader as a pre-kernel stage, so we can lift the kernel size
limit.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
2fa53c9214b7b93fd82ad1ff885145b9e1c1f71b)
Matthias Schiffer [Sun, 27 Mar 2022 18:57:01 +0000 (20:57 +0200)]
mpc85xx: add SPI kernel loader for TP-Link TL-WDR4900 v1
Similar to the lzma-loader on our MIPS targets, the spi-loader acts as
a second-stage loader that will then load and start the actual kernel.
As the TL-WDR4900 uses SPI-NOR and the P1010 family does not have support
for memory mapping of this type of flash, this loader needs to contain a
basic driver for the FSL ESPI controller.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
a296055b82fbb20457273492069ce9d62009e2a1)
David Bauer [Thu, 18 Aug 2022 16:02:48 +0000 (18:02 +0200)]
ramips: fix ZyXEL NWA55AXE model name
The model name was missing a letter.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
9c8605dee238cdf52e88b6a1aa64d5b7bf5dd846)
David Bauer [Fri, 27 May 2022 15:48:06 +0000 (17:48 +0200)]
ramips: add support for ZyXEL NWA50AX / NWA55AXE
Hardware
--------
CPU: Mediatek MT7621
RAM: 256M DDR3
FLASH: 128M NAND
ETH: 1x Gigabit Ethernet
WiFi: Mediatek MT7915 (2.4/5GHz 802.11ax 2x2 DBDC)
BTN: 1x Reset (NWA50AX only)
LED: 1x Multi-Color (NWA50AX only)
UART Console
------------
NWA50AX:
Available below the rubber cover next to the ethernet port.
NWA55AXE:
Available on the board when disassembling the device.
Settings: 115200 8N1
Layout:
<12V> <LAN> GND-RX-TX-VCC
Logic-Level is 3V3. Don't connect VCC to your UART adapter!
Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.
As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.
If the currently installed image is started from Slot A, the device will
flash OpenWrt to Slot B. OpenWrt will panic upon first boot in this case
and the device will return to the ZyXEL firmware upon next boot.
If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.
Installation TFTP
-----------------
This installation routine is especially useful in case
* unknown device password (NWA55AXE lacks reset button)
* bricked device
Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.
The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.
Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to owrt.bin
$ atnf owrt.bin
$ atna 192.168.1.88
$ atns "192.168.1.66; tftpboot; bootm"
Upon booting, set the booted image to the correct slot:
$ zyxel-bootconfig /dev/mtd10 get-status
$ zyxel-bootconfig /dev/mtd10 set-image-status 0 valid
$ zyxel-bootconfig /dev/mtd10 set-active-image 0
Copy the OpenWrt ramboot-factory image to the device using scp.
Write the factory image to NAND and reboot the device.
$ mtd write ramboot-factory.bin firmware
$ reboot
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
a0b7fef0ffe4cd9cca39a652a37e4f3ce8f0a681)
Uwe Kleine-König [Fri, 14 Oct 2022 10:23:07 +0000 (12:23 +0200)]
busybox: nslookup: ensure unique transaction IDs for the DNS queries
On machines with a coarse monotonic clock (here: TP-Link RE200 powered
by a MediaTek MT7620A) it can happen that the two DNS requests (for A
and AAAA) share the same transaction ID. If this happens the second
reply is wrongly dropped and nslookup reports "No answer".
Fix this by ensuring that the transaction IDs are unique.
Signed-off-by: Uwe Kleine-König <uwe@kleine-koenig.org>
(cherry picked from commit
63e5ba8e69f03a584b707520db0a0821eda3024f)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Felix Fietkau [Thu, 13 Oct 2022 12:29:53 +0000 (14:29 +0200)]
mac80211: backport security fixes
This mainly affects scanning and beacon parsing, especially with MBSSID enabled
Fixes: CVE-2022-41674
Fixes: CVE-2022-42719
Fixes: CVE-2022-42720
Fixes: CVE-2022-42721
Fixes: CVE-2022-42722
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
26f400210d6b3780fcc0deb89b9741837df9c8b8)
Koen Vandeputte [Mon, 22 Aug 2022 09:18:35 +0000 (11:18 +0200)]
mac80211: merge upstream fixes
fetched from upstream kernel v5.15.67
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry-picked from commit
aa9be386d40f3a5e559c0f2183c772175a45cf0d)
Felix Fietkau [Thu, 10 Mar 2022 14:20:29 +0000 (15:20 +0100)]
ramips: skip bbt scan on mt7621
reduces unnecessary flash reads and speeds up boot time
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
55e8d52157f191bf578cf716983764e64c6f94e4)
Felix Fietkau [Thu, 10 Mar 2022 10:45:00 +0000 (11:45 +0100)]
ramips: enable support for mtk_bmt in the nand flash driver
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
4947623d6c801365a60f383217c187e3d9dae953)
Felix Fietkau [Wed, 9 Mar 2022 19:46:21 +0000 (20:46 +0100)]
ramips: mt7621_nand: initialize ECC_FDMADDR
This is needed for the ECC controller to access FDM data
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
73b2a4ca033bbd84d3e0373d4fd21c559ddc090b)
Stijn Tintel [Wed, 19 Jan 2022 15:59:51 +0000 (17:59 +0200)]
ramips: mt7621_nand: reduce log verbosity
Avoid flooding the log with the message below by increasing the log
level to debug:
mt7621-nand
1e003000.nand: Using programmed access timing:
31c07388
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry-picked from commit
89c195925109d2b59f284bfdd23a3d853c67e27b)
Stijn Tintel [Wed, 19 Jan 2022 13:44:58 +0000 (15:44 +0200)]
ramips: move mt7621_nand driver to files
The patch was rejected by upstream. The mtk_nand driver should be
modified to support the mt7621 flash controller instead. As there is no
newer version to backport, or no upstream version to fix bugs, let's
move the driver to the files dir under the ramips target. This makes it
easier to make changes to the driver while waiting for mt7621 support to
land in mtk_nand.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry-picked from commit
2f2e81a4ea110328c5434054d1412b4d1d8fde81)
Felix Fietkau [Thu, 10 Mar 2022 16:32:20 +0000 (17:32 +0100)]
kernel: mtdsplit: support UBI after FIT images
Change the partition name accordingly. Same behavior as mtdsplit_uimage
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
62fd9f97090d05637a283d594f2d02958fd36a80)
Chuanhong Guo [Thu, 7 Apr 2022 01:56:02 +0000 (09:56 +0800)]
kernel: mtk_bmt: skip bitflip check if threshold isn't set
kernel spi-nand driver leaves this field empty and let mtd set it later.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry-picked from commit
6fa50e26e7c1221085d8e71cde7e9148c540c752)
Felix Fietkau [Thu, 10 Mar 2022 15:23:25 +0000 (16:23 +0100)]
kernel: mtk_bmt: add debugfs file to attempt repair of remapped sectors
This can be used for sectors that are not physically damaged
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
2a8a333ee96fb0c8d9875abf9fcd5c412f4b19ae)
Felix Fietkau [Thu, 10 Mar 2022 14:31:25 +0000 (15:31 +0100)]
kernel: add support for mediatek NMBM flash mapping support
This NAND flash remapping method is used on newer MediaTek devices with NAND
flash.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
06382d1af7b2c5afcde605db436522326fbf5467)
Felix Fietkau [Wed, 9 Mar 2022 15:14:12 +0000 (16:14 +0100)]
kernel: mtk_bmt: on error, do not attempt to remap out-of-range blocks
Pass errors to caller instead
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
be1f2b4d9d01594c2fd20f37b8e63e7cb7a81572)
Felix Fietkau [Wed, 9 Mar 2022 15:04:39 +0000 (16:04 +0100)]
kernel: mtk_bmt: fix block copying on remap with bmt v2
Copy from the previously mapped block (in case it was remapped already)
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
7d1e2be1605eda85e1a607a3d3ddefed1b961d3d)
Felix Fietkau [Wed, 9 Mar 2022 14:54:52 +0000 (15:54 +0100)]
kernel: mtk_bmt: allow get_mapping_block to return an error
Used by the mapping implementation to indicate that no backing block is
available
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
b4c7f8c5f7a2dab76fe90849e112c6bd8f80ab19)
Felix Fietkau [Wed, 9 Mar 2022 10:30:58 +0000 (11:30 +0100)]
kernel: split up mtk_bmt driver code
Keep a separate source file per variant
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
601c7b4adb0f91005a8755bf9575c68ac623cc33)
Hauke Mehrtens [Sun, 9 Oct 2022 17:32:23 +0000 (19:32 +0200)]
OpenWrt v22.03.1: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 9 Oct 2022 17:32:19 +0000 (19:32 +0200)]
OpenWrt v22.03.1: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Tom Herbers [Fri, 7 Oct 2022 22:08:52 +0000 (00:08 +0200)]
ath79: fix model name of Extreme Networks WS-AP3805i
Everywhere else the device is referred to as WS-AP3805i,
only the model name wrongly only said AP3805i.
Signed-off-by: Tom Herbers <mail@tomherbers.de>
(cherry picked from commit
7d6032f310058d7e9b96d7e1dc4d49c8232beff7)
Nick Hainke [Fri, 19 Aug 2022 16:59:36 +0000 (18:59 +0200)]
ath79: add low_mem to tiny image
Devices with SMALL_FLASH enabled have "SQUASHFS_BLOCK_SIZE=1024" in
their config. This significantly increases the cache memory required by
squashfs [0]. This commit enables low_mem leading to a much better
performance because the SQUASHFS_BLOCK_SIZE is reduced to 256.
Example Nanostation M5 (XM):
The image size increases by 128 KiB. However, the memory statisitcs look
much better:
Default tiny build:
------
MemTotal: 26020 kB
MemFree: 5648 kB
MemAvailable: 6112 kB
Buffers: 0 kB
Cached: 3044 kB
low_mem enabled:
-----
MemTotal: 26976 kB
MemFree: 6748 kB
MemAvailable: 11504 kB
Buffers: 0 kB
Cached: 7204 kB
[0] - https://github.com/freifunk-gluon/gluon/commit/
7e8af99cf504ca1dc389f282a0c94f4a911571be
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
f54ac98f8cec676761e5144ae06640b8007b4b04)
Nick Hainke [Sat, 25 Dec 2021 08:19:52 +0000 (09:19 +0100)]
ath79: move ubnt-xm to tiny
ath79 has was bumped to 5.10. With this, as with every kernel change,
the kernel has become larger. However, although the kernel gets bigger,
there are still enough flash resources. But the RAM reaches its capacity
limits. The tiny image comes with fewer kernel flags enabled and
fewer daemons.
Improves:
15aa53d7ee65 ("ath79: switch to Kernel 5.10")
Tested-by: Robert Foss <me@robertfoss.se>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
f4415f7635164ec07ddc22f56df93555804b5767)
Rafał Miłecki [Tue, 4 Oct 2022 10:04:37 +0000 (12:04 +0200)]
kernel: fix possible mtd NULL pointer dereference
Fixes: cae4d089bc1d3 ("kernel: backport mtd dynamic partition patch")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
a5265497a4f6da158e95d6a450cb2cb6dc085cab)
Petr Štetiar [Thu, 29 Sep 2022 16:45:40 +0000 (18:45 +0200)]
treewide: fix security issues by bumping all packages using libwolfssl
As wolfSSL is having hard time maintaining ABI compatibility between
releases, we need to manually force rebuild of packages depending on
libwolfssl and thus force their upgrade. Otherwise due to the ABI
handling we would endup with possibly two libwolfssl libraries in the
system, including the patched libwolfssl-5.5.1, but still have
vulnerable services running using the vulnerable libwolfssl-5.4.0.
So in order to propagate update of libwolfssl to latest stable release
done in commit
ec8fb542ec3e4 ("wolfssl: fix TLSv1.3 RCE in uhttpd by
using 5.5.1-stable (CVE-2022-39173)") which fixes several remotely
exploitable vulnerabilities, we need to bump PKG_RELEASE of all
packages using wolfSSL library.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
f1b7e1434f66a3cb09cb9e70b40add354a22e458)
Petr Štetiar [Wed, 28 Sep 2022 09:28:06 +0000 (11:28 +0200)]
wolfssl: fix TLSv1.3 RCE in uhttpd by using 5.5.1-stable (CVE-2022-39173)
Fixes denial of service attack and buffer overflow against TLS 1.3
servers using session ticket resumption. When built with
--enable-session-ticket and making use of TLS 1.3 server code in
wolfSSL, there is the possibility of a malicious client to craft a
malformed second ClientHello packet that causes the server to crash.
This issue is limited to when using both --enable-session-ticket and TLS
1.3 on the server side. Users with TLS 1.3 servers, and having
--enable-session-ticket, should update to the latest version of wolfSSL.
Thanks to Max at Trail of Bits for the report and "LORIA, INRIA, France"
for research on tlspuffin.
Complete release notes https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.1-stable
Fixes: CVE-2022-39173
Fixes: https://github.com/openwrt/luci/issues/5962
References: https://github.com/wolfSSL/wolfssl/issues/5629
Tested-by: Kien Truong <duckientruong@gmail.com>
Reported-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
ec8fb542ec3e4f584444a97de5ac05dbc2a9cde5)
Petr Štetiar [Wed, 28 Sep 2022 09:58:22 +0000 (11:58 +0200)]
wolfssl: refresh patches
So they're tidy and apply cleanly.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
8ad9a72cbed07643c7a8e4febbea71c7122b29a4)
Ivan Pavlov [Wed, 31 Aug 2022 05:04:42 +0000 (08:04 +0300)]
wolfssl: bump to 5.5.0
Remove upstreamed: 101-update-sp_rand_prime-s-preprocessor-gating-to-match.patch
Some low severity vulnerabilities fixed
OpenVPN compatibility fixed (broken in 5.4.0)
Other fixes && improvements
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit
3d88f26d74f7771b808082cef541ed8286c40491)
John Audia [Wed, 28 Sep 2022 20:05:00 +0000 (16:05 -0400)]
kernel: bump 5.10 to 5.10.146
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
eed0a31b90e4feeb65f3b54853bd4db1f5bcd524)
John Audia [Fri, 23 Sep 2022 20:58:05 +0000 (16:58 -0400)]
kernel: bump 5.10 to 5.10.145
Manually rebased:
hack-5.10/780-usb-net-MeigLink_modem_support.patch
Removed upstreamed:
patches-5.10/110-gpio-mpc8xxx-Fix-support-for-IRQ_TYPE_LEVEL_LOW-flow.patch[1]
All other patches automatically rebased.
1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.145&id=
24196210b198e8e39296e277bb93b362aa207775
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
8fe67fae1d619467b2b3300178d4309f17cfdb54)
John Audia [Wed, 21 Sep 2022 11:52:34 +0000 (07:52 -0400)]
kernel: bump 5.10 to 5.10.144
All patches automatically rebased.
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
eff4f8b2f0a2900c945c21c8183d1faa0ac35ec1)
Matthias Schiffer [Mon, 3 Oct 2022 11:23:41 +0000 (13:23 +0200)]
ramips: fix switch setup for ASUS RT-AX53U
The device has only 1 WAN + 3 LAN ports. Remove "lan4" interface
corresponding to the non-existing port.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
149fc3a269b435483b31df03d6fd9679286cf9e7)
Josef Schlehofer [Wed, 14 Sep 2022 13:23:45 +0000 (15:23 +0200)]
uboot-mvebu: backport LibreSSL patches for older version of LibreSSL
If you would like to compile the newest version of U-boot together with the stable
OpenWrt version, which does not have LibreSSL >= 3.5, which was updated
in the master branch by commit
5451b03b7ceb2315445c683fe174e28bbdd49c2f
("tools/libressl: bump to v3.5.3"), then you need these two patches to
fix it. They are backported from U-boot repository.
This should be backported to stable OpenWrt versions.
Reported-by: Michal Vasilek <michal.vasilek@nic.cz>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
185541f50ff59c0a5e0663ad612f0f5eb31926cf)
Josef Schlehofer [Wed, 14 Sep 2022 13:19:56 +0000 (15:19 +0200)]
uboot-mvebu: backport patch to fix compilation on non glibc system
This issue was reported by @paper42, who is using Void Linux with musl
to compile OpenWrt and its packages and found out it is not possible to
compile U-boot for Turris Omnia (neither any other).
It fixes following output:
```
HOSTCC tools/kwboot
tools/kwboot.c: In function 'kwboot_tty_change_baudrate':
tools/kwboot.c:662:6: error: 'struct termios' has no member named 'c_ospeed'
662 | tio.c_ospeed = tio.c_ispeed = baudrate;
| ^
tools/kwboot.c:662:21: error: 'struct termios' has no member named 'c_ispeed'
662 | tio.c_ospeed = tio.c_ispeed = baudrate;
| ^
tools/kwboot.c:690:31: error: 'struct termios' has no member named 'c_ospeed'
690 | if (!_is_within_tolerance(tio.c_ospeed, baudrate, 3))
| ^
tools/kwboot.c:693:31: error: 'struct termios' has no member named 'c_ispeed'
693 | if (!_is_within_tolerance(tio.c_ispeed, baudrate, 3))
|
```
Tested-by: Michal Vasilek <michal.vasilek@nic.cz>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
9c7472950b01c5b3a461f4e29b3b62bac9e35b46)
Mark King [Sun, 25 Sep 2022 20:53:52 +0000 (21:53 +0100)]
ramips: enable LZMA loader to fix Linksys RE6500 boot
At some point after 21.02.3 and before 22.03.0, the size limits of the
Linksys RE6500 were reached and prevent booting from the 22.03.0 release
or builds of current SNAPSHOT. This patch allows builds of master to boot
again and has been tested on my device.
Fixes: #8577
Signed-off-by: Mark King <mark@vemek.co>
(cherry picked from commit
bf5b1a53d4ff3f1d742f9ece1ab16555280417ec)
Rosen Penev [Thu, 22 Sep 2022 22:41:28 +0000 (15:41 -0700)]
tools/meson: backport WSL2 fix
For some reason, Microsoft's Plan9 driver returns IOError on missing
file.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
875e17774bafb132a93d66f1d7b2c6a2deec2030)
Christian Lamparter [Mon, 22 Aug 2022 08:35:28 +0000 (10:35 +0200)]
firmware: intel-microcode: update to
20220809
Debian's changelog by Henrique de Moraes Holschuh <hmh@debian.org>:
* New upstream microcode datafile
20220809
* Fixes INTEL-SA-00657, CVE-2022-21233
Stale data from APIC leaks SGX memory (AEPIC leak)
* Fixes unspecified errata (functional issues) on Xeon Scalable
* Updated Microcodes:
sig 0x00050653, pf_mask 0x97, 2022-03-14, rev 0x100015e, size 34816
sig 0x00050654, pf_mask 0xb7, 2022-03-08, rev 0x2006e05, size 44032
sig 0x000606a6, pf_mask 0x87, 2022-04-07, rev 0xd000375, size 293888
sig 0x000706a1, pf_mask 0x01, 2022-03-23, rev 0x003c, size 75776
sig 0x000706a8, pf_mask 0x01, 2022-03-23, rev 0x0020, size 75776
sig 0x000706e5, pf_mask 0x80, 2022-03-17, rev 0x00b2, size 112640
sig 0x000806c2, pf_mask 0xc2, 2022-03-19, rev 0x0028, size 97280
sig 0x000806d1, pf_mask 0xc2, 2022-03-28, rev 0x0040, size 102400
sig 0x00090672, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
sig 0x00090675, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
sig 0x000906a3, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
sig 0x000906a4, pf_mask 0x80, 2022-06-15, rev 0x0421, size 216064
sig 0x000a0671, pf_mask 0x02, 2022-03-17, rev 0x0054, size 103424
sig 0x000b06f2, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
sig 0x000b06f5, pf_mask 0x03, 2022-06-07, rev 0x0022, size 216064
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
bb73828b89def128f26ae1cdff0d08569d261f1b)
Hauke Mehrtens [Sun, 11 Sep 2022 22:31:43 +0000 (00:31 +0200)]
toolchain: Include ./include/fortify for external musl toolchain
When building with an external toolcahin with musl also include
./include/fortify by default. This is also done when we build with the
internal toolchain using musl libc.
Without this extra include the fortify source feature is not working
when using an external musl toolchain. All binaries were compiled
without fortify source when an external musl toolchain was used. All
binaries release done by the OpenWrt project use the internal toolcahin
where fortify source is working.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
b21ddbfa18cd1e437e31dc0fa29408721a186c2a)
Hauke Mehrtens [Sun, 11 Sep 2022 22:29:00 +0000 (00:29 +0200)]
toolchain: Select USE_SSTRIP with external musl toolchain
When we use the internal toolchain USE_SSTRIP will be selected by
default for musl libc and USE_STRIP when glibc is used. Do the same when
an external toolchain is used. USE_GLIBC will also be set for external
toolchain builds based on the EXTERNAL_TOOLCHAIN_LIBC_USE_GLIBC setting.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
9403810c020cca136149973a3929bf77a1f501aa)
Christian Marangi [Sun, 17 Jul 2022 15:56:59 +0000 (17:56 +0200)]
scripts: ext-toolchain: add support for musl
Openwrt now supports only glibc and musl. Add support for musl and
rework the libc check to handle the new config flags and correctly
compile package basend on that.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
7be01fe13b4517e5edb8a4818f437d60144cdcb4)
Christian Marangi [Sun, 17 Jul 2022 15:56:36 +0000 (17:56 +0200)]
scripts: ext-toolchain: add support for info.mk in probe_cc
Openwrt generate info.mk that contains the libc type. For probe_cc check
if the file exist and parse directly it for LIBC type.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
75311977f5ff64b491cb57ac713d75e0e410d786)
Christian Marangi [Sun, 17 Jul 2022 15:53:58 +0000 (17:53 +0200)]
scripts: ext-toolchain: actually probe libc type on config generation
Currently we never call probe_cc before config generation, this cause
the script to never actually detect the correct libc type.
Call probe_cc before config generation to correctl set the .config file.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
ddeabc75ebe3151ff7da302cb1aae702b3ad7eba)
Christian Marangi [Mon, 4 Jul 2022 16:22:18 +0000 (18:22 +0200)]
scripts: ext-toolchain: add option to overwrite config
It can be useful to overwrite an already generated config.
Option are simply added at the end of the config and make defconfig
will overwrite the relevant option with the new one.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
f4dd18ca39c42a324e34633c8ee553717531bc3b)
Christian Marangi [Sun, 3 Jul 2022 00:20:11 +0000 (02:20 +0200)]
scripts: ext-toolchain: fix wrong prefix in print_config generation
The parsed prefix in print_config is wrong and this produce broken
generated .config that won't work with any external toolchain.
Currently the prefix from a CC of
'arm-openwrt-linux-muslgnueabi-gcc-12.1.0'
produce a prefix
'arm-openwrt-linux-muslgnueabi-gcc-'
This is wrong as the real prefix should be
'arm-openwrt-linux-muslgnueabi-'
This is probably caused by a change in how the toolchain is now handled
that now append also the gcc version. Probably in ancient days the
version wasn't part of the name and the prefix generation stripped the
'-gcc' instead of the gcc version.
Fix this and correctly strip the gcc version and the gcc suffix to
correctly call toolchain bins.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
53c293262fce844c8291ab82e6726a8489d3c57b)
Christian Marangi [Sun, 3 Jul 2022 00:06:21 +0000 (02:06 +0200)]
rules_mk: don't include wrapped bin with external toolchains
Don't add wrapped bin to the TARGET_PATH as it does cause compilation
error.
cmake.mk will use the "command -v" and will use the wrapped bin instead
of the external toolchain bin as they have the same name and command
will select the first result.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
a90eabf60255773231ed0259e5da5eb6a36fe9ce)
Vincent Wiemann [Mon, 28 Dec 2020 15:00:13 +0000 (16:00 +0100)]
rules_mk: use gcc versions for external toolchain
When using the OpenWrt toolchain as an external toolchain the build
failed due to missing LTO support. By choosing the GCC wrappers of
the tools this commit makes sure that the LTO-enabled executables
are being used.
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[ wrap the commit description to 72 char ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit
2555ffb4536e2727465e9a0d426ad3c4f1ef003a)
Rafał Miłecki [Thu, 29 Sep 2022 03:51:25 +0000 (05:51 +0200)]
bcm53xx: backport clk driver fix for DT nodes names
It allows dropping downstream patch renaming DT nodes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
77d9cce604d32005ddb90e91c6cc9b9cf35068d7)
Santiago Piccinini [Fri, 30 Sep 2022 13:44:04 +0000 (10:44 -0300)]
ath79: fix LibreRouter-v1 watchdog and poe_pass
Watchdog and poe_passthrough gpios require the jtag disabled.
Signed-off-by: Santiago Piccinini <spiccinini@altermundi.net>
(cherry picked from commit
2ad949b11dbaa4c634868d55a4452d5a558776bd)
Chris Osgood [Thu, 15 Sep 2022 12:09:38 +0000 (08:09 -0400)]
build: fix warnings from grep
Fixes build warnings when using newer versions of grep.
Signed-off-by: Chris Osgood <chris_github@functionalfuture.com>
Tested-by: Georgi Valkov <gvalkov@gmail.com>
(cherry picked from commit
c5e167e0d6075c46ca92c30b425c4dcb05fec5ed)
[ fix conflict error ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Nick Hainke [Sun, 11 Sep 2022 06:15:52 +0000 (08:15 +0200)]
Makefile: fix stray \ warnings with grep-3.8
We simply grep for "/usr". So no need for "-E" or "\/". Furthermore, in
the new grep versions this creates warnings.
As written in the grep-3.8 announcement:
Regular expressions with stray backslashes now cause warnings, as
their unspecified behavior can lead to unexpected results.
For example, '\a' and 'a' are not always equivalent
<https://bugs.gnu.org/39678>.
Fixes warnings in the form of:
grep: warning: stray \ before /
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
a29d3bc48c40c6a2a93ae1806bea2ac26455cdbb)
[ fix conflict error ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Felix Fietkau [Tue, 27 Sep 2022 11:39:12 +0000 (13:39 +0200)]
build: fix issues with targets installed via feeds
- fix including modules.mk when a target is being replaced
- fix calling make targets from target/linux
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
3a8825ad6acbf18b2b472ace56be58868af78be7)
Felix Fietkau [Sun, 18 Sep 2022 04:27:09 +0000 (06:27 +0200)]
build: fix including modules.mk for targets pulled in from feeds
Fixes: ebc36ebb2349 ("scripts/feeds: install targets to target/linux/feeds and support overriding")
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
00094efec33f07c9dc16cce23be492430c40b3cc)
Josef Schlehofer [Tue, 6 Sep 2022 11:17:02 +0000 (13:17 +0200)]
mpc85xx: add patch to fix gpio mpc8xxx
Backports Linux kernel patch [1] for kernel 5.10 where it applies cleanly.
This was tested on CZ.NIC Turris 1.1 router running OpenWrt 22.03
release.
Before:
- In /var/log/messages:
```
[ 16.392988] lm90 0-004c: cannot request IRQ 48
[ 16.398280] lm90: probe of 0-004c failed with error -22
```
- Sensors does not work:
```
root@turris:~# sensors
No sensors found!
Make sure you loaded all the kernel drivers you need.
Try sensors-detect to find out which these are.
```
After:
```
root@turris:/# sensors
sa56004-i2c-0-4c
Adapter: MPC adapter (i2c@3000)
temp1: +44.0°C (low = +0.0°C, high = +70.0°C)
(crit = +85.0°C, hyst = +75.0°C)
temp2: +73.8°C (low = +0.0°C, high = +70.0°C) ALARM (HIGH)
(crit = +85.0°C, hyst = +75.0°C)
```
[1] https://lore.kernel.org/linux-gpio/
20220906105431.30911-1-pali@kernel.org/
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
2f496c34b6dfbedbfbff8d2ade5d629f096e40bd)
(c&p commit ID from openwrt's master)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Wenli Looi [Mon, 1 Aug 2022 03:23:22 +0000 (03:23 +0000)]
ramips: fix fw_setsys
This change was included in the original pull request but later omitted
for some reason:
https://github.com/openwrt/openwrt/pull/4936
Signed-off-by: Wenli Looi <wlooi@ucalgary.ca>
(cherry picked from commit
4cccea02a60aee0dd77c4db35672c92e2fe384a1)
Stijn Tintel [Sat, 2 Apr 2022 20:41:27 +0000 (23:41 +0300)]
kernel: add missing symbol
Enabling KERNEL_KPROBES exposes KERNEL_BPF_KPROBE_OVERRIDE. Add a build
option for it to fix build failures with KERNEL_KPROBES enabled.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
500c37c56ff60b46c30bb0ea7c92676bea23331a)
Rafał Miłecki [Wed, 21 Sep 2022 07:24:47 +0000 (09:24 +0200)]
bcm4908: fix -EPROBE_DEFER support in bcm4908_enet
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
1722e23ffcf9038114142a2129c29eb3cdec8ff9)
Rafał Miłecki [Wed, 21 Sep 2022 07:24:45 +0000 (09:24 +0200)]
kernel: update U-Boot NVMEM driver
1. Fix casting
2. Support DT-defined variables
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
5652f378c6c607f99a15e6472cdca46c9c4b6162)
Rafał Miłecki [Wed, 21 Sep 2022 07:24:41 +0000 (09:24 +0200)]
bcm4908: backport mtd parser for Broadcom's U-Boot partition
Broadcom's U-Boot contains environment data blocks. They need to be
found (offsets aren't predefined) to access env variables.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
137149847d0f374515f38952ce0986b03a97f2e4)
Stijn Tintel [Tue, 20 Sep 2022 16:27:34 +0000 (19:27 +0300)]
mediatek: fix Unifi 6LR network config
When the v1 and v2 variants of the U6LR were introduced, the board
network config was not adapted to the new device names. Due to this, the
wrong network config is applied during initial boot. The resulting
config has lan, wan and a switch, while this device only has a single
ethernet interface without a switch.
Fix this by using a wildcard that matches all the variants.
Fixes: 15a02471bb85 ("mediatek: new target mt7622-ubnt-unifi-6-lr-v1")
Fixes: 5c8d3893a78f ("mediatek: new target ubnt_unifi-6-lr-v1-ubootmod")
Fixes: 31d86a1a1192 ("mediatek: add Ubiquiti UniFi 6 LR v2 targets")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
117f41ee95ec445dce5ab9332bc27a6311747c0d)