Felix Fietkau [Sat, 26 Mar 2022 23:05:49 +0000 (00:05 +0100)]
mac80211: add a bug fix for a rare crash
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
9a93b62f315ad4c9f021c414ed80ba337ab4a01e)
Petr Štetiar [Sat, 28 May 2022 12:18:06 +0000 (14:18 +0200)]
uboot-imx: fix wrong make flags overriding
Buidbots are currently choking on the following compile error:
In file included from tools/aisimage.c:9:
include/image.h:1133:12: fatal error: openssl/evp.h: No such file or directory
# include <openssl/evp.h>
^~~~~~~~~~~~~~~
compilation terminated.
This is caused by a complete overriding of make flags which are provided
correctly in `UBOOT_MAKE_FLAGS` variable, but currently overriden
instead of extended. This then leads to the usage of build host include
dirs, which are not available.
Fix it by extending `UBOOT_MAKE_FLAGS` variable in all device recipes.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
481339a0426698adaa0254b479807efde0428de9)
Ritaro Takenaka [Tue, 24 May 2022 17:51:19 +0000 (02:51 +0900)]
kernel: backport flow offload fixes
Some dst in IPv6 flow offload table become invalid after the table is created.
So check_dst is needed in packet path.
Signed-off-by: Ritaro Takenaka <ritarot634@gmail.com>
[Add patch for kernel 5.15 too and rename file]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
efff48529b5cdb4046b923bebee483c7c68755a7)
Álvaro Fernández Rojas [Mon, 23 May 2022 19:05:59 +0000 (21:05 +0200)]
bmips: dgnd3700v2: fix network config
ucidef_set_bridge_device is needed for DGND3700v2 network config since VLAN 1
must be used for the switch to be correctly configured.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit
90e4c8c6e6fe060d849a5b96bc7595345ce3d6ea)
Felix Fietkau [Sun, 15 May 2022 13:19:49 +0000 (15:19 +0200)]
libubox: update to the latest version
f2d6752901f2 blob: clear buf->head when freeing a buffer
45210ce14136 list.h: add container_of_safe macro
cfa372ff8aed blobmsg: implicitly reserve space for 0-terminator in string buf alloc
d2223ef9da71 blobmsg: work around false positive gcc -Warray-bounds warnings
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
3e300e724b674b299d055d172a268c8cfa8489d2)
Jan Hoffmann [Wed, 27 Apr 2022 17:40:50 +0000 (19:40 +0200)]
ltq-vdsl-app: disconnect when service is stopped
Stop the connection when the control daemon is terminated. The code is
a modified version of the termination routine in version 4.23.1 of the
daemon (which doesn't support VR9 modems anymore).
This could also be implemented by calling the acos and acs commands via
dsl_cpe_pipe.sh in the init script. However, doing it in the daemon
itself has the advantage of also working if it is terminated in another
way (for example during sysupgrade).
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(cherry picked from commit
1daaef31b35201a9c15a2084e25dac41b48c1867)
Jan Hoffmann [Mon, 25 Apr 2022 19:52:39 +0000 (21:52 +0200)]
ltq-vdsl/ltq-adsl: fix elapsed time calculation
The driver maintains elapsed times by repeatedly accumulating the time
since the previous update in a loop. For the elapsed showtime time, the
time difference is truncated to seconds before adding it, leading to a
sizable error over time.
Move the truncation to before calculation of the time difference in
order to remove this error. Also maintain the total elapsed time in the
same way in full seconds, to prevent the unsigned 32-bit counter from
wrapping around after about 50 days.
Testing on a VR9 device shows that the reported line uptime now matches
the actual elapsed wall time. The ADSL variant is only compile-tested,
but it should also work as the relevant code is identical.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(cherry picked from commit
db4bf4b968c0da035d98e7771fc993af9d6f742b)
Jan Hoffmann [Mon, 25 Apr 2022 19:43:50 +0000 (21:43 +0200)]
ltq-atm/ltq-ptm: avoid unnecessary build dependencies
Right now, both ltq-adsl-mei and ltq-vdsl-mei are always built, even
when they aren't necessary for the selected variant. This can cause the
build to fail, for example ltq-vdsl-mei doesn't build successfully here
on xway target due to the vectoring callback.
Make these dependencies conditional on the specific package variants,
so they are only built when actually needed.
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(cherry picked from commit
2f484aeff5fe5ba3a832f98ca409adde3257e832)
Jan Hoffmann [Sun, 13 Mar 2022 21:14:38 +0000 (22:14 +0100)]
ltq-vdsl-mei: add locking to interrupt handler
Some users noticed repeated resyncs at random intervals, which go away
when the MEI driver is configured to use polling instead of interrupts.
Debugging shows that this seems to be caused by concurrent calls to
MEI_ReadMailbox (in the interrupt handler) and MEI_WriteMailbox. This
appears to be mostly triggered when there is an interrupt for vectoring
error reports.
In polling mode, calls to MEI_ReadMailbox are protected by the same
semaphore as is used in MEI_WriteMailbox. When interrupts are used,
MEI_WriteMailbox appears to rely on MEI_DisableDeviceInt and
MEI_EnableDeviceInt to provide mutual exclusion with the interrupt
handler. These functions mask/unmask interrupts, and there is an
additional check of the mask in the interrupt handler itself. However,
this is not sufficient on systems with SMP, as the interrupt handler
may be running in parallel, and could already be past the interrupt
mask check at this point.
This adds a lock to the interrupt handler, and also acquires this lock
in MEI_DisableDeviceInt. This should make sure that after a call to
MEI_DisableDeviceInt the interrupt is masked, and the interrupt handler
is either not running, has alread finished its work, or is still before
the interrupt mask check, and is thus going to detect the change.
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
17004245534731ab03c9a8683208e84d9c399979)
Jan Hoffmann [Sun, 13 Mar 2022 21:14:37 +0000 (22:14 +0100)]
ltq-vdsl-app: set MAC address for vectoring error reports
This tells the modem about the WAN MAC address, which is used as source
address for vectoring error reports that are generated by the firmware.
It needs to be set early, as the MEI driver only actually writes the
value to the modem when is in reset state (i.e. the firmware has been
loaded, but connection has not started yet).
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
b35d33c8b8a7b96f06179982b5d944cde7234004)
Jan Hoffmann [Sun, 13 Mar 2022 21:14:36 +0000 (22:14 +0100)]
ltq-vdsl-mei: enable vectoring error sample callback
This re-enables the vectoring error sample callback and adds a
dependency to the corresponding driver.
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
93f0e1f922ec1351d429259db942f10147e624ff)
Jan Hoffmann [Sun, 13 Mar 2022 21:14:35 +0000 (22:14 +0100)]
ltq-vectoring: add driver
In order to calculate the required pre-distortion for downstream
vectoring, the vectoring control entity (VCE) at the carrier office
needs error samples from the modem. On Lantiq VR9 modems, error reports
are generated by the firmware, but need to be multiplexed into the data
stream by the driver on the main processor when L2 encapsulation is
selected by the VCE.
This driver provides the necessary callback function, which is called by
the MEI driver after receiving an error report from the firmware.
Originally, it is part of the Lantiq PPA driver, but after a few changes
it also works with the PTM driver used in OpenWrt. The direct call to
ndo_start_xmit needs to be replaced, as the PTM driver relies on locks
from the kernel. Instead dev_queue_xmit is used, which is called from a
work queue, as it is not safe to call from an interrupt handler.
Additional changes include fixes to support recent kernel versions and
a change of the used interface from ptm0 to dsl0.
Tested-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
(cherry picked from commit
f872b966092ece5c0e2192e0d979a9eb69283f17)
Luiz Angelo Daros de Luca [Wed, 1 Jun 2022 22:20:22 +0000 (19:20 -0300)]
realtek: add gpio-restart for D-Link DGS-1210-28
A GPIO assert is required to reset the system. Otherwise, the system
will hang on reboot.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit
a2817ce96f17db3a5af77837ae5733b47182ae0d)
Luiz Angelo Daros de Luca [Wed, 1 Jun 2022 20:20:08 +0000 (17:20 -0300)]
realtek: add reset button for D-Link DGS-1210-28
Tested in a DGS-1210-28 F3, both triggering failsafe and reboot.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit
b85f59b726442621efb95153ff60b8767723feca)
Arınç ÜNAL [Wed, 4 May 2022 08:34:29 +0000 (11:34 +0300)]
packages: nvram: add NVRAM quirks for bcm53xx target
Add NVRAM quirks script for the bcm53xx target. Split NVRAM quirks for the
bcm47xx and bcm53xx targets. Move clear partialboot NVRAM quirk for Linksys
EA9500 here. Add set wireless LED behaviour quirk for Asus RT-AC88U.
Use boot() instead of start() as nvram commands are meant to be executed
only once, at boot.
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
(cherry picked from commit
f4e219fd5e6cfa33d234dad134fb105cc1620f54)
Arınç ÜNAL [Fri, 12 Nov 2021 10:56:15 +0000 (18:56 +0800)]
bcm53xx: add support for Asus RT-AC88U
Asus RT-AC88U is an AC3100 router featuring 9 Ethernet ports over the
integrated Broadcom and the external Realtek switch.
Hardware info:
* Processor: Broadcom BCM4709C0KFEBG dual-core @ 1.4 GHz
* Switch: BCM53012 in BCM4709C0KFEBG & external RTL8365MB
* DDR3 RAM: 512 MB
* Flash: 128 MB (ESMT F59L1G81LA-25T)
* 2.4GHz: BCM4366 4×4 2.4/5G single chip 802.11ac SoC
* 5GHz: BCM4366 4×4 2.4/5G single chip 802.11ac SoC
* Ports: 8 Ports, 1 WAN Ports
Flashing instructions:
* Boot to CFE Recovery Mode by holding the reset button while power-on.
* Connect to the router with an ethernet cable.
* Set IPv4 address of the computer to 192.168.1.2 subnet 255.255.255.0.
* Head to http://192.168.1.1.
* Reset NVRAM.
* Upload the OpenWrt image.
CFE bootloader may reject flashing the image due to image integrity check.
In that case, follow the instructions below.
* Rename the OpenWrt image as firmware.trx.
* Run a TFTP server and make it serve the firmware.trx file.
* Run the URL below on a browser or curl.
http://192.168.1.1/do.htm?cmd=flash+-noheader+192.168.1.2:firmware.trx+flash0.trx
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
[rmilecki: mark BROKEN until we sort out nvram & CFE recovery]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
72b9b721d707b7f70109eb70b2a9f22449ceba08)
Raylynn Knight [Tue, 17 May 2022 03:15:54 +0000 (23:15 -0400)]
realtek: add support for ZyXEL GS1900-24E
The ZyXEL GS1900-24E is a 24 port gigabit switch similar to other GS1900
switches.
Specifications
--------------
* Device: ZyXEL GS1900-24E
* SoC: Realtek RTL8382M 500 MHz MIPS 4KEc
* Flash: 16 MiB Macronix MX25L12835F
* RAM: 128 MiB DDR2 SDRAM Nanya NT5TU128M8GE
* Ethernet: 24x 10/100/1000 Mbps
* LEDs: 1 PWR LED (green, not configurable)
1 SYS LED (green, configurable)
24 ethernet port link/activity LEDs (green, SoC controlled)
* Buttons: 1 "RESET" button on front panel
* Switch: 1 Power switch on rear of device
* Power 120-240V AC C13
* UART: 1 serial header (JP2) with populated standard pin connector on
the left side of the PCB.
Pinout (front to back):
+ Pin 1 - VCC marked with white dot
+ Pin 2 - RX
+ Pin 3 - TX
+ PIn 4 - GND
Serial connection parameters: 115200 8N1.
Installation
------------
OEM upgrade method:
* Log in to OEM management web interface
* Navigate to Maintenance > Firmware
* Select the HTTP radio button
* Select the Active radio button
* Use the browse button to locate the
realtek-rtl838x-zyxel_gs1900-24e-initramfs-kernel.bin
file and select open so File Path is updated with filename.
* Select the Apply button. Screen will display "Prepare
for firmware upgrade ...".
*Wait until screen shows "Do you really want to reboot?"
then select the OK button
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
> sysupgrade -n /tmp/realtek-rtl838x-zyxel_gs1900-24e-squashfs-sysupgrade.bin
it may be necessary to restart the network (/etc/init.d/network restart) on
the running initramfs image.
U-Boot TFTP method:
* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs image.
* Connect serial, power up the switch, interrupt U-boot by hitting the
space bar, and enable the network:
> rtk network on
* Since the GS1900-24E is a dual-partition device, you want to keep the OEM
firmware on the backup partition for the time being. OpenWrt can only boot
from the first partition anyway (hardcoded in the DTS). To make sure we are
manipulating the first partition, issue the following commands:
> setsys bootpartition 0
> savesys
* Download the image onto the device and boot from it:
> tftpboot 0x84f00000 192.168.1.10:openwrt-realtek-rtl838x-zyxel_gs1900-24e-initramfs-kernel.bin
> bootm
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
> sysupgrade -n /tmp/openwrt-realtek-rtl838x-zyxel_gs1900-24e-squashfs-sysupgrade.bin
it may be necessary to restart the network (/etc/init.d/network restart) on
the running initramfs image.
Signed-off-by: Raylynn Knight <rayknight@me.com>
(cherry picked from commit
b515ad10a6e1bd5c5da0ea95366fb19c92a75dea)
Stijn Tintel [Tue, 17 May 2022 14:57:07 +0000 (17:57 +0300)]
ramips: use hotplug script for EAP615-Wall MACs
Using nvmem-cells to set the MAC address for a DBDC device results in
both PHY devices using the same MAC address. This in turn will result in
multiple BSSes using the same BSSID, which can cause various problems.
Use the hotplug script for the EAP615-Wall instead to avoid this.
Fixes: a1b8a4d7b3ff ("ramips: support TP-Link EAP615-Wall")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Stijn Segers <foss@volatilesystems.org>
Tested-By: Andrew Powers-Holmes <aholmes@omnom.net>
(cherry picked from commit
ce90ba1f3168e3f4581fd8581e2c0cd31efa14cf)
Daniel Golle [Sun, 5 Jun 2022 10:28:11 +0000 (11:28 +0100)]
tools/mkimage: increase tmpfile name length limit
mkimage limits the length of the file paths in can deal with to 256
characters. Turns out that in automated builds by asu we break this
limit, so increase it to 1024 characters.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
3fbf9689b652e230e21bbc7ab2a9b8c936bd6e80)
Daniel Golle [Thu, 2 Jun 2022 07:00:44 +0000 (08:00 +0100)]
fstools: update to git HEAD
93369be Revert "fstools: remove SELinux restorecon hack"
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
b641dadc1386146c4213ff6c5c443bad053a85d6)
Daniel Golle [Wed, 1 Jun 2022 21:31:01 +0000 (22:31 +0100)]
ubus: update to git HEAD
2f793a4 lua: add optional path filter to objects() method
2bebf93 ubusd: handle invoke on event object without data
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
1521d5f453683ca1aae87d025d2892901369ce0c)
Daniel Golle [Wed, 1 Jun 2022 19:47:37 +0000 (20:47 +0100)]
netifd: update to git HEAD
2e1fcf4 netifd: fix hwmode for 60g band
39ef9fe interface-ip: fix memory corruption bug when using jail network namespaces
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
7eb83b20159aadeeb5ca4679bdb428bd3052f19c)
Daniel Golle [Wed, 1 Jun 2022 19:44:04 +0000 (20:44 +0100)]
procd: update to git HEAD
557c98e init: selinux: don't relabel virtual filesystems
7a00968 init: only relabel rootfs if started from initramfs
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
4cbc26b212836973b22ae2a426de43325f893ee3)
Felix Fietkau [Mon, 23 May 2022 12:12:28 +0000 (14:12 +0200)]
netifd: update to the latest version
4b4849cf5e5a interface-ip: unify host and proto route handling
507c0513d176 interface-ip: add support for excluding interfaces in host route lookup
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
24cc341fdc917460721e7c09708f5676c1361c91)
Daniel Golle [Wed, 4 May 2022 00:32:17 +0000 (01:32 +0100)]
uqmi: update to git HEAD
56cb2d4 nas: add decoding of cell_id
9a9019a uqmi: wms - added storage to read text messages
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
51c442c265a8661427441193e7dc585b1539a915)
David Bauer [Wed, 25 May 2022 20:07:10 +0000 (22:07 +0200)]
ipq40xx: add Aruba AP-365 specific BDF
Aruba deploys a BDF in the root filesystem, however this matches the one
used for the DK04 reference board.
The board-specific BDFs are built into the kernel. The AP-365 shows
sinificant degraded performance with increased range when used with the
reference BDF.
Replace the BDF with the one extracted from Arubas kernel.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
b21b98627dcd6c1868d13964f6d84e8d43ae9ef7)
Hauke Mehrtens [Sat, 28 May 2022 12:32:08 +0000 (14:32 +0200)]
malta: use default OpenWrt network configuration
Currently malta configures the first Ethernet device as WAN interface.
If it finds a second one it will configure it as LAN.
This commit reverses it to match armvirt and x86. If there is only one
network device it will be configured as LAN device now. If we find two
network devices the 2. one will be WAN.
If no board.d network configuration is given it will be configured in
package/base-files/files/etc/board.d/99-default_network
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[minor typos]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
fb1ba922026a4b7d04ef5c8058f7890ed7b790e6)
Jo-Philipp Wich [Tue, 31 May 2022 08:43:53 +0000 (10:43 +0200)]
firewall4: update to latest Git HEAD
210991d fw4: prefer /dev/stdin if available
4e5e322 fw4: make `fw4 restart` behavior more robust
221040e ruleset: emit time ranges when both start and stop times are specified
30a7d47 fw4: fix datetime parsing
fb9a6b2 ruleset: correct mangle_output chain type
6dd2617 fw4: fix logic flaw in testing hw flow offloading support
c7c9c84 fw4: ensure that negative bitcounts are properly translated
c4a78ed fw4: fix typo in emitted set types
Fixes: #9764, #9923, #9927, #9935, #9955
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
a7ddef6ef122a935d6bdf38d7ead686b12738007)
Jo-Philipp Wich [Tue, 31 May 2022 08:59:47 +0000 (10:59 +0200)]
ucode: update to latest Git HEAD
d996047 syntax: adjust number literal parsing and string to number conversion
9efbe18 lib: refactor `uc_int()`
da3f089 lib: rework uc_index() implementation
559029e ci: make jobs faster during pull request testing
Fixes: #9923
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(backported from commits
251e70c88725fb33960ca60202dd55a84ae6b4d7 and
7f998088f01baf0da24a9fd20de5d5389023361a)
Sebastian Schaper [Fri, 27 May 2022 15:22:52 +0000 (17:22 +0200)]
ath79: fix label MAC address for D-Link DIR-825B1
The label MAC address for DIR-825 Rev. B1 is the WAN address located
at 0xffb4 in `caldata`, which equals LAN MAC at 0xffa0 incremented by 1.
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
(cherry picked from commit
4bed263af7a13cb4b9401f7ae04f788cfcc234f7)
Hauke Mehrtens [Fri, 27 May 2022 10:09:52 +0000 (12:09 +0200)]
OpenWrt v22.03.0-rc3: revert to branch defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Fri, 27 May 2022 10:09:29 +0000 (12:09 +0200)]
OpenWrt v22.03.0-rc3: adjust config defaults
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jan-Niklas Burfeind [Sat, 21 May 2022 15:17:34 +0000 (17:17 +0200)]
ath79: NanoBeam M5 fix target_devices
Update the name of for the Ubiquiti NanoBeam M5 to match the
auto-generated one at runtime. Otherwise sysupgrade complains about
mismatching device names.
This also required renaming the DTS.
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit
21a3ce97d571ef28a25754549503bab61a79faf2)
Jan-Niklas Burfeind [Sat, 23 Apr 2022 15:49:34 +0000 (17:49 +0200)]
ath79: add support for Ubiquiti NanoBeam M5
Ubiquiti NanoBeam M5 devices are CPE equipment for customer locations
with one Ethernet port and a 5 GHz 300Mbps wireless interface.
Specificatons:
- Atheros AR9342
- 535 MHz CPU
- 64 MB RAM
- 8 MB Flash
- 1x 10/100 Mbps Ethernet with passive PoE input (24 V)
- 6 LEDs of which four are rssi
- 1 reset button
- UART (4-pin) header on PCB
Notes:
The device was supported by OpenWrt in ar71xx.
Flash instructions (web/ssh/tftp):
Loading the image via ssh vias a stock firmware prior "AirOS 5.6".
Downgrading stock is possible.
* Flashing is possible via AirOS software update page:
The "factory" ROM image is recognized as non-native and then installed correctly.
AirOS warns to better be familiar with the recovery procedure.
* Flashing can be done via ssh, which is becoming difficult due to legacy
keyexchange methods.
This is an exempary ssh-config:
KexAlgorithms +diffie-hellman-group1-sha1
HostKeyAlgorithms ssh-rsa
PubkeyAcceptedKeyTypes ssh-rsa
User ubnt
The password is ubnt.
Connecting via IPv6 link local worked best for me.
1. scp the factory image to /tmp
2. fwupdate.real -m /tmp/firmware_image_file.bin -d
* Alternatively tftp is possible:
1. Configure PC with static IP 192.168.1.2/24.
2. Enter the rescue mode. Power off the device, push the reset button on
the device (or the PoE) and keep it pressed.
Power on the device, while still pushing the reset button.
3. When all the leds blink at the same time, release the reset button.
4. Upload the firmware image file via TFTP:
tftp 192.168.1.20
tftp> bin
tftp> trace
Packet tracing on.
tftp> put firmware_image.bin
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit
4cd3ff8a79738fa503150e52162c7df6d9bd3534)
Paul Spooren [Sat, 21 May 2022 16:36:24 +0000 (18:36 +0200)]
OpenWrt v22.03.0-rc2: revert to branch defaults
Signed-off-by: Paul Spooren <mail@aparcar.org>
Paul Spooren [Sat, 21 May 2022 16:36:24 +0000 (18:36 +0200)]
OpenWrt v22.03.0-rc2: adjust config defaults
Signed-off-by: Paul Spooren <mail@aparcar.org>
Maciej Krüger [Thu, 19 May 2022 18:00:53 +0000 (20:00 +0200)]
ath79: add support for MikroTik hAP (RB951Ui-2nD)
The MikroTik hAP (product code RB951Ui-2nD) is
an indoor 2.4Ghz AP with a 2 dBi integrated antenna built around the
Atheros QCA9531 SoC.
Specifications:
- SoC: Atheros QCA9531
- RAM: 64 MB
- Storage: 16 MB NOR - Winbond 25Q128FVSG
- Wireless: Atheros QCA9530 (SoC) 802.11b/g/n 2x2
- Ethernet: Atheros AR934X switch, 5x 10/100 ports,
10-28 V passive PoE in port 1, 500 mA PoE out on port 5
- 8 user-controllable LEDs:
· 1x power (green)
· 1x user (green)
· 4x LAN status (green)
· 1x WAN status (green)
· 1x PoE power status (red)
See https://mikrotik.com/product/RB951Ui-2nD for more details.
Notes:
The device was already supported in the ar71xx target.
Flashing:
TFTP boot initramfs image and then perform sysupgrade. Follow common
MikroTik procedure as in https://openwrt.org/toh/mikrotik/common.
Signed-off-by: Maciej Krüger <mkg20001@gmail.com>
(cherry picked from commit
5ce64e0646fcd5c4f374b4de898b591560c32e18)
Thibaut VARÈNE [Mon, 2 May 2022 15:07:45 +0000 (17:07 +0200)]
ath79: add support for MikroTik RouterBOARD hAP ac lite
The MikroTik RB952Ui-5ac2nD (sold as hAP ac lite) is an indoor 2.4Ghz
and 5GHz AP/router with a 2 dBi integrated antenna.
See https://mikrotik.com/product/RB952Ui-5ac2nD for more details.
Specifications:
- SoC: QCA9533
- RAM: 64MB
- Storage: 16MB NOR
- Wireless: QCA9533 802.11b/g/n 2x2 / QCA9887 802.11a/n/ac 2x2
- Ethernet: AR934X switch, 5x 10/100 ports,
10-28 V passive PoE in port 1, 500 mA PoE out on port 5
- 6 user-controllable LEDs:
- 1x user (green)
- 5x port status (green)
Flashing:
TFTP boot initramfs image and then perform sysupgrade. The "Internet"
port (port number 1) must be used to upload the TFTP image, then
connect to any other port to access the OpenWRT system.
Follow common MikroTik procedure as in
https://openwrt.org/toh/mikrotik/common.
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit
2bd33e8626bd04fd7115ee1a42aaf03aae2fffb8)
Jo-Philipp Wich [Tue, 17 May 2022 19:01:46 +0000 (21:01 +0200)]
firewall4: update to latest Git HEAD
c22eeef fw4: support negative CIDR bit notation
628d791 hotplug: reliably handle interfaces with ubus zone hints
d005293 fw4: store zone associations from ubus in statefile as well
b268225 fw4: filter non hw-offload capable devices when resolving lower devices
57984e0 fw4: always resolve lower flowtable devices
7782017 tests: fix mocked `fd.read("line")` api
72b196d config: remove restictions on DHCPv6 allow rule
f0cc317 fw4: refactor family selection for forwarding rules
b0b8122 treewide: use modern syntax
05995f1 fw4: fix emitting device jump rules for family restricted zones
b479815 fw4: fix family auto-selection for config nat rules
2816a82 ruleset: ensure that family-agnostic ICMP rules cover ICMPv6 as well
2379c3d tests: add test coverage for zone family selection logic
Fixes: #5066, #9611, #9765, #9854
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
2df17604a4f891447beb66988e3d83e23ab3a3b0)
Jo-Philipp Wich [Fri, 20 May 2022 17:51:02 +0000 (19:51 +0200)]
ucode: update to latest Git HEAD
081871e compiler: fix segmentation fault on compiling unexpected unary expressions
090b426 fs: avoid input buffering with small limits in fs.readfile()
8da140f lib: introduce hexenc() and hexdec()
9a72423 Update README.md
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
e2ce2a8d3cd3c885eb61a8b577abf9508ffad7d2)
Hauke Mehrtens [Tue, 10 May 2022 18:32:52 +0000 (18:32 +0000)]
kernel: bump 5.10 to 5.10.116
Removed upstreamed:
generic/backport-5.10/900-regulator-consumer-Add-missing-stubs-to-regulator-co.patch
All other patches automatically rebased.
Compile-tested: lantiq/xrx200, armvirt/64
Run-tested: lantiq/xrx200, armvirt/64
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Oskari Lemmela [Wed, 26 Jan 2022 06:38:43 +0000 (08:38 +0200)]
ath79: fix ar934x spi driver delays
Backport spi driver delay fixes from the 5.17-rc1 kernel.
Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
[port also to kernel 5.15]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit
f8e65fecee1a60a5cde827d4f5df751a02916156)
Eneas U de Queiroz [Tue, 10 May 2022 23:34:57 +0000 (20:34 -0300)]
openssl: bump to 1.1.1o
This release comes with a security fix related to c_rehash. OpenWrt
does not ship or use it, so it was not affected by the bug.
There is a fix for a possible crash in ERR_load_strings() when
configured with no-err, which OpenWrt does by default.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
7a5ddc0d06895bde7538d78c8dad2c863d70f946)
Eneas U de Queiroz [Tue, 10 May 2022 19:39:11 +0000 (16:39 -0300)]
wolfssl: bump to v5.3.0-stable
This is mostly a bug fix release, including two that were already
patched here:
- 300-fix-SSL_get_verify_result-regression.patch
- 400-wolfcrypt-src-port-devcrypto-devcrypto_aes.c-remove-.patch
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
73c1fe2890baa5c0bfa46f53c5387f5e47de1acb)
Rodrigo Balerdi [Thu, 7 Apr 2022 06:18:59 +0000 (03:18 -0300)]
ipq806x: add support for Arris TR4400 v2 / RAC2V1A
Hardware specs:
SoC: Qualcomm IPQ8065 (dual core Cortex-A15)
RAM: 512 MB DDR3
Flash: 256 MB NAND, 32 MB NOR
WiFi: QCA9983 2.4 GHz, QCA9984 5 GHz
Switch: QCA8337
Ethernet: 5x 10/100/1000 Mbit/s
USB: 1x USB 3.0 Type-A
Buttons: WPS, Reset
Power: 12 VDC, 2.5 A
Ethernet ports:
1x WAN: connected to eth2
4x LAN: connected via the switch to eth0 and eth1
(eth0 is disabled in OEM firmware)
MAC addresses (OEM and OpenWrt):
fw_env @ 0x00 d4:ab:82:??:??:?a LAN (eth1)
fw_env @ 0x06 d4:ab:82:??:??:?b WAN (eth2)
fw_env @ 0x0c d4:ab:82:??:??:?c WLAN 2.4 GHz (ath1)
fw_env @ 0x12 d4:ab:82:??:??:?d WLAN 5 GHz (ath0)
fw_env @ 0x18 d4:ab:82:??:??:?e OEM usage unknown (eth0 in OpenWrt)
OID d4:ab:82 is registered to:
ARRIS Group, Inc., 6450 Sequence Drive, San Diego CA 92121, US
More info:
https://openwrt.org/inbox/toh/arris/tr4400_v2
IMPORTANT:
This port requires moving the 'fw_env' partition prior to first boot to
consolidate 70% of the usable space in flash into a contiguous partition.
'fw_env' contains factory-programmed MAC addresses, SSIDs, and passwords.
Its contents must be copied to 'rootfs_1' prior to booting via initramfs.
Note that the stock 'fw_env' partition will be wiped during sysupgrade.
A writable 'stock_fw_env' partition pointing to the old, stock location
is included in the port to help rolling back this change if desired.
Installation:
- Requires serial access and a TFTP server.
- Fully boot stock, press ENTER, type in:
mtd erase /dev/mtd21
dd if=/dev/mtd22 bs=128K count=1 | mtd write - /dev/mtd21
umount /config && ubidetach -m 23 && mtd erase /dev/mtd23
- Reboot and interrupt U-Boot by pressing a key, type in:
set mtdids 'nand0=nand0'
set mtdparts 'mtdparts=nand0:155M@0x6500000(mtd_ubi)'
set bootcmd 'ubi part mtd_ubi && ubi read 0x44000000 kernel && bootm'
env save
- Setup TFTP server serving initramfs image as 'recovery.bin', type in:
set ipaddr 192.168.1.1
set serverip 192.168.1.2
tftpboot recovery.bin && bootm
- Use sysupgrade to install squashfs image.
This port is based on work done by AmadeusGhost <amadeus@jmu.edu.cn>.
Signed-off-by: Rodrigo Balerdi <lanchon@gmail.com>
[add 5.15 changes for 0069-arm-boot-add-dts-files.patch]
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
(cherry picked from commit
f8b0010dfb548469686049f85076fd6a3a6bca2e)
Raylynn Knight [Sun, 10 Apr 2022 07:26:59 +0000 (03:26 -0400)]
realtek: add support for ZyXEL GS1900-16
The ZyXEL GS1900-16 is a 16 port gigabit switch similar to other GS1900 switches.
Specifications
--------------
* Device: ZyXEL GS1900-16
* SoC: Realtek RTL8382M 500 MHz MIPS 4KEc
* Flash: 16 MiB Macronix MX25L12835F
* RAM: 128 MiB DDR2 SDRAM Nanya NT5TU128M8HE
* Ethernet: 16x 10/100/1000 Mbps
* LEDs: 1 PWR LED (green, not configurable)
1 SYS LED (green, configurable)
16 ethernet port link/activity LEDs (green, SoC controlled)
* Buttons: 1 "RESET" button on front panel
* Power 120-240V AC C13
* UART: 1 serial header (J12) with populated standard pin connector on
the right back of the PCB.
Pinout (front to back):
+ Pin 1 - VCC marked with white dot
+ Pin 2 - RX
+ Pin 3 - TX
+ PIn 4 - GND
Serial connection parameters: 115200 8N1.
Installation
------------
OEM upgrade method:
* Log in to OEM management web interface
* Navigate to Maintenance > Firmware
* Select the HTTP radio button
* Select the Active radio button
* Use the browse button to locate the
realtek-generic-zyxel_gs1900-16-initramfs-kernel.bin
file amd select open so File Path is update with filename.
* Select the Apply button. Screen will display "Prepare
for firmware upgrade ...".
*Wait until screen shows "Do you really want to reboot?"
then select the OK button
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
> sysupgrade -n /tmp/realtek-generic-zyxel_gs1900-16-squashfs-sysupgrade.bin
it may be necessary to restart the network (/etc/init.d/network restart) on
the running initramfs image.
U-Boot TFTP method:
* Configure your client with a static 192.168.1.x IP (e.g. 192.168.1.10).
* Set up a TFTP server on your client and make it serve the initramfs image.
* Connect serial, power up the switch, interrupt U-boot by hitting the
space bar, and enable the network:
> rtk network on
* Since the GS1900-16 is a dual-partition device, you want to keep the OEM
firmware on the backup partition for the time being. OpenWrt can only boot
from the first partition anyway (hardcoded in the DTS). To make sure we are
manipulating the first partition, issue the following commands:
> setsys bootpartition 0
> savesys
* Download the image onto the device and boot from it:
> tftpboot 0x84f00000 192.168.1.10:openwrt-realtek-generic-zyxel_gs1900-16-initramfs-kernel.bin
> bootm
* Once OpenWrt has booted, scp the sysupgrade image to /tmp and flash it:
> sysupgrade -n /tmp/openwrt-realtek-generic-zyxel_gs1900-16-squashfs-sysupgrade.bin
it may be necessary to restart the network (/etc/init.d/network restart) on
the running initramfs image.
Signed-off-by: Raylynn Knight <rayknight@me.com>
[removed duplicate patch title, align RAM specification]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit
580723e86ae53f14273ff8c3a0ebf5d15b4ce1f1)
Nick Hainke [Sun, 20 Mar 2022 16:57:22 +0000 (17:57 +0100)]
ath79: add Netgear WNDAP360
SoC: Atheros AR7161
RAM: DDR 128 MiB (hynix h5dU5162ETR-E3C)
Flash: SPI-NOR 8 MiB (mx25l6406em2i-12g)
WLAN: 2.4/5 GHz
2.4 GHz: Atheros AR9220
5 GHz: Atheros AR9223
Ethernet: 4x 10/100/1000 Mbps (Atheros AR8021)
LEDs/Keys: 2/2 (Internet + System LED, Mesh button + Reset pin)
UART: RJ45 9600,8N1
Power: 12 VDC, 1.0 A
Installation instruction:
0. Make sure you have latest original firmware (3.7.11.4)
1. Connect to the Serial Port with a Serial Cable RJ45 to DB9/RS232
(9600,8N1)
screen /dev/ttyUSB0 9600,cs8,-parenb,-cstopb,-hupcl,-crtscts,clocal
2. Configure your IP-Address to 192.168.1.42
3. When device boots hit spacebar
3. Configure the device for tftpboot
setenv ipaddr 192.168.1.1
setenv serverip 192.168.1.42
saveenv
4. Reset the device
reset
5. Hit again the spacebar
6. Now load the image via tftp:
tftpboot 0x81000000 INITRAMFS.bin
7. Boot the image:
bootm 0x81000000
8. Copy the squashfs-image to the device.
9. Do a sysupgrade.
https://openwrt.org/toh/netgear/wndap360
The device should be converted from kmod-owl-loader to nvmem-cells in the
future. Nvmem cells were not working. Maybe ATH9K_PCI_NO_EEPROM is missing.
That is why this commit is still using kmod-owl-loader. In the future
the device tree may look like this:
&ath9k0 {
nvmem-cells = <&macaddr_art_120c>, <&cal_art_1000>;
nvmem-cell-names = "mac-address", "calibration";
};
&ath9k1 {
nvmem-cells = <&macaddr_art_520c>, <&cal_art_5000>;
nvmem-cell-names = "mac-address", "calibration";
};
&art {
...
cal_art_1000: cal@1000 {
reg = <0x1000 0xeb8>;
};
cal_art_5000: cal@5000 {
reg = <0x5000 0xeb8>;
};
};
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
88527294cda0a46d927b3bca6dbaab507fa1cb96)
Foica David [Thu, 21 Apr 2022 01:20:57 +0000 (04:20 +0300)]
ath79: add support for TP-Link Deco M4R v1 and v2
This commit adds support for the TP-Link Deco M4R (it can also be M4,
TP-Link uses both names) v1 and v2. It is similar hardware-wise to the
Archer C6 v2. Software-wise it is very different. V2 has a bit different
layout from V1 but the chips are the same and the OEM firmware is the same
for both versions.
Specifications:
SoC: QCA9563-AL3A
RAM: Zentel A3R1GE40JBF
Wireless 2.4GHz: QCA9563-AL3A (main SoC)
Wireless 5GHz: QCA9886
Ethernet Switch: QCA8337N-AL3C
Flash: 16 MB SPI NOR
Flashing:
The device's bootloader only accepts images that are signed using
TP-Link's RSA key, therefore this way of flashing is not possible. The
device has a web GUI that should be accessible after setting up the device
using the app (it requires the app to set it up first because the web GUI
asks for the TP-Link account password) but for unknown reasons, the web
GUI also refuses custom images.
There is a debug firmware image that has been shared on the device's
OpenWrt forum thread that has telnet unlocked, which the bootloader will
accept because it is signed. It can be used to transfer an OpenWrt image
file over to the device and then be used with mtd to flash the device.
Pre-requisites:
- Debug firmware.
- A way of transferring the file to the router, you can use an FTP server
as an example.
- Set a static IP of 192.168.0.2/255.255.255.0 on your computer.
- OpenWrt image.
Installation:
- Unplug your router and turn it upside down. Using a long and thin object
like a SIM unlock tool, press and hold the reset button on the router and
replug it. Keep holding it until the LED flashes yellow.
- Open 192.168.0.1. You should see the bootloader recovery's webpage.
Choose the debug firmware that you downloaded and flash it. Wait until the
router reboots (at this stage you can remove the static IP).
- Open a terminal window and connect to the router via telnet (the primary
router should have a 192.168.0.1 IP address, secondary routers are
different).
- Transfer the file over to the router, you can use curl to download it
from the internet (use the insecure flag and make sure your source accepts
insecure downloads) or from an FTP server.
- The router's default mtd partition scheme has kernel and rootfs
separated. We can use dd to split the OpenWrt image file and flash it with
mtd:
dd if=openwrt.bin of=kernel.bin skip=0 count=8192 bs=256
dd if=openwrt.bin of=rootfs.bin skip=8192 bs=256
- Once the images are ready, you have to flash the device using mtd
(make sure to flash the correct partitions or you may be left with a
hard bricked router):
mtd write kernel.bin kernel
mtd write rootfs.bin rootfs
- Flashing is done, reboot the device now.
Signed-off-by: Foica David <superh552@gmail.com>
(cherry picked from commit
063e9047cc8b247ea4b04ee3248b99f3212a42f8)
Tamas Balogh [Sun, 1 May 2022 07:45:19 +0000 (09:45 +0200)]
ramips: add led_source for Asus RT-AC1200 devices
this adds the mediatek,led_source dts binding for
Asus RT-AC1200 devices' dtsi, for correct switch LED
behavior.
The dts-binding is introduced in commit:
65dc9e0980255b15402c45b840f239b85be59b3d
Without this, we only have constantly very fast
blinking LEDs, which don't react on any traffic or
LAN events at all.
Signed-off-by: Tamas Balogh <tamasbalogh@hotmail.com>
(cherry picked from commit
771ea6f2e3868b208b5261ae676160d5ef6544e8)
Alessio Prescenzo [Wed, 22 Sep 2021 14:45:19 +0000 (16:45 +0200)]
ramips: add support for Cudy X6
Specifications:
SoC: MediaTek MT7621
RAM: 256 MB
Flash: 32 MB
WiFi: MediaTek MT7915E
Switch: 1 WAN, 4 LAN (Gigabit)
Ports: 1 USB 3.0
Buttons: Reset, WPS
LEDs: Power, System, Wan, Lan 1-4, WiFi 2.4G, WiFi 5G, WPS, USB
Power: DC 12V 1A tip positive
Installation:
Download and flash the manufacturer's built OpenWRT image available at
http://www.cudytech.com/openwrt_software_download
Install the new OpenWRT image via luci (System -> Backup/Flash firmware)
Be sure to NOT keep settings. The force upgrade may need to be checked
due to differences in router naming conventions.
Recovery:
Loads only signed manufacture firmware due to bootloader RSA verification
serve tftp-recovery image as /recovery.bin on 192.168.1.88/24
connect to any lan ethernet port
power on the device while holding the reset button
wait at least 8 seconds before releasing reset button for image to
download
Signed-off-by: Alessio Prescenzo <alessioprescenzo@gmail.com>
[ensure unique wireless MAC, fix GPIO pingroup]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
4a8eaa5c7c9235212c4af022c18b2dfbadfe557f)
Andreas Böhler [Mon, 22 Mar 2021 00:01:44 +0000 (01:01 +0100)]
ramips: Add support for SERCOMM NA502S
The SERCOMM NA502s is a smart home gateway manufactured by SERCOMM and sold
under different brands (among others, A1 Telekom Austria SmartHome Premium
Gateway). It has multi-protocol radio support in addition to LAN and WiFi.
Note: BLE and audio are currently unsupported.
Specifications
--------------
- MT7621ST 880MHz, Single-Core, Dual-Thread
- MT7603EN 2.4GHz WiFi
- MT7662EN 5GHz WiFi + BLE
- 128MiB NAND
- 256MiB DDR3 RAM
- SD3503 ZWave Controller
- EM357 Zigbee Coordinator
- Telit UMTS module
- Rechargeable battery
- speaker and microphone
MAC address assignment
----------------------
LAN MAC is read from the config partition, WiFi 2.4GHz is LAN+2 and matches
the OEM firmware. WiFi 5GHz with LAN+1 is an educated guess since the
OEM firmware does not enable 5GHz WiFi.
Installation
------------
Attach serial console, then boot the initramfs image via TFTP.
Once inside OpenWrt, run sysupgrade -n with the sysupgrade file.
Attention: The device has a dual-firmware design. We overwrite kernel2,
since kernel1 contains an automatic recovery image.
If you get NAND ECC errors and are stuck with bad eraseblocks, try to
erase the mtd partition first with
mtd unlock ubi
mtd erase ubi
This should only be needed once.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit
9ee6ac00c43cc253ac554495edb6214563ab1f31)
Davide Fioravanti [Mon, 18 Apr 2022 15:35:33 +0000 (17:35 +0200)]
ramips: add support for Wavlink WL-WN533A8
The Wavlink WL-WN533A8 is an AC3000 router with 5 gigabit ethernet ports
and one USB 3.0 port.
It's also known as Wavlink QUANTUM T8.
Hardware
--------
SoC: Mediatek MT7621A
RAM: 128MB (Nanya NT5CB64M16GP-EK)
FLASH: 16MB NOR (GigaDevice GD25Q127CSIG3)
ETH:
- 5x 10/100/1000 Mbps Ethernet (4x LAN + 1x WAN)
WIFI:
- 1x MT7615DN (2x 2x2:2) 2.4GHz and 5GHz DBDC
- 1x MT7615NE (4x4:4) 5GHz
- 8 external antennas
BTN:
- 1x Reset button
- 1x WPS button
- 1x Turbo button
- 1x Touchlink button
- 1x ON/OFF switch
LEDS:
- 1x Red led (system status)
- 1x Blue led (system status)
- 7x Blue leds (wifi led + 5 ethernet ports + power)
USB:
- 1x USB 3.0 port
UART:
- 57600-8-N-1
J4
Everything works correctly.
Installation
------------
Flash the initramfs image in the OEM firmware interface
(http://192.168.10.1/update.shtml).
When Openwrt boots, flash the sysupgrade image otherwise you won't be
able to keep configuration between reboots.
(Procedure tested on fw M33A8.V5030.190716 and M33A8.V5030.201204)
Restore OEM Firmware
--------------------
Flash the firmware update available online directly from LUCI.
You can download it from:
https://www.wavlink.com/en_us/firmware/details/
f2d247ecba.html
Warning: Remember to not keep settings!
Warning2: Remember to force the flash.
Notes
-----
1) Router mac addresses:
LAN XX:XX:XX:XX:XX:63 (factory @ 0xe006)
WAN XX:XX:XX:XX:XX:64 (factory @ 0xe000)
WIFI 2G/5G XX:XX:XX:XX:XX:65 (factory @ 0x04)
WIFI 5G XX:XX:XX:XX:XX:66 (factory @ 0x8004)
LABEL XX:XX:XX:XX:XX:65
In OEM firmware the DBDC wifi interfaces have these mac addresses:
2G) 82:XX:XX:XX:XX:65
5G) 80:XX:XX:XX:XX:65
While in OpenWrt the addresses are:
2G) 80:XX:XX:XX:XX:65
5G) 02:XX:XX:XX:XX:65
2) radio0 will show as 2G/5G interface but only 2G is really usable.
3) There is just one wifi led for all wifi interfaces.
It currently shows only the radio0 GHz wifi activity.
4) My unit was shipped with M33A8.V5030.190716 firmware which contains
the http://192.168.10.1/webcmd.shtml page. Entering "telnetd" in
the input box it will start the telnet daemon. Now you can access
the telnet console on port 2323 with these credentials:
username: admin2860
password: admin
5) The M33A8.V5030.201204 firmware version, doesn't contain anymore the
webcmd.shtml page. If your router is shipped with a previous firmware
version and you want to back it up, you can follow the back up
procedure of the WS-WN583A6.
Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
(cherry picked from commit
32e6942d72b6426d65eaa4dc7f2ba949b3c32985)
Davide Fioravanti [Mon, 18 Apr 2022 14:54:40 +0000 (16:54 +0200)]
ramips: create shared DTSI for Wavlink WN53XAX devices
Most of the definitions for WN531A6 will be shared with WN533A8 in a
future commit, so put them in a shared DTSI.
Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
(cherry picked from commit
57b6dcd826b13eab2101f9c8e96d43ab251e8dc1)
Marcin Gordziejewski [Thu, 7 Apr 2022 22:29:20 +0000 (00:29 +0200)]
ramips: add support for TP-Link RE650 v2
TP-Link RE650 v2 is largely similar to v1 that
is already supported by OpenWrt. Notable differences
is differnt SPI Flash - 8 MB instead of 16 MB
(from cFeon instead of Winbond) and a different
configuration of PCIE connections to wifi chips.
Otherwise it's largely the same product as v1
Hardware specification:
- SoC 880 MHz - MediaTek MT7621AT
- 128 MB of DDR3 RAM
- 8 MB - cFeon QH64A-104HIP
- 4T4R 2.4 GHz - MediaTek MT7615E
- 4T4R 5 GHz - MediaTek MT7615E
- 1x 1 Gbps Ethernet - MT7621AT integrated
- 7x LEDs (Power, 2G, 5G, WPS(x2), Lan(x2))
- 4x buttons (Reset, Power, WPS, LED)
- UART pinout - GND, RX, TX, labeled in the middle of the PCB,
requires soldering because they're not through holes.
Serial console @ 57600,8n1
Flash instructions:
Upload
openwrt-ramips-mt7621-tplink_re650-v2-squashfs-factory.bin
from the RE650 web interface.
TFTP recovery to stock firmware:
I didn't try recovering back to the stock firmware, however,
if there is such process for other RExxx devices, it seems like
it could be similar here.
Signed-off-by: Marcin Gordziejewski <openwrt@flicksfix.com>
(cherry picked from commit
39799974a372fb4333d21f077c670b8a56b9d696)
Clemens Hopfer [Thu, 22 Jul 2021 15:54:15 +0000 (17:54 +0200)]
ramips: add support for YunCore AX820/HWAP-AX820
There are two versions which are identical apart from the enclosure:
YunCore AX820: indoor ceiling mount AP with integrated antennas
YunCore HWAP-AX820: outdoor enclosure with external (N) connectors
Hardware specs:
SoC: MediaTek MT7621DAT
Flash: 16 MiB SPI NOR
RAM: 128MiB (DDR3, integrated)
WiFi: MT7905DAN+MT7975DN 2.4/5GHz 2T2R 802.11ax
Ethernet: 10/100/1000 Mbps x2 (WAN/PoE+LAN)
LED: Status (green)
Button: Reset
Power: 802.11af/at PoE; DC 12V,1A
Antennas: AX820(indoor): 4dBi internal; HWAP-AX820(outdoor): external
Flash instructions:
The "OpenWRT support" version of the AX820 comes with a LEDE-based
firmware with proprietary MTK drivers and a luci webinterface and
ssh accessible under 192.168.1.1 on LAN; user root, no password.
The sysupgrade.bin can be flashed using luci or sysupgrade via ssh,
you will have to force the upgrade due to a different factory name.
Remember: Do *not* preserve factory configuration!
MAC addresses as used by OEM firmware:
use address source
2g 44:D1:FA:*:0b Factory 0x0004 (label)
5g 46:D1:FA:*:0b LAA of 2g
lan 44:D1:FA:*:0c Factory 0xe000
wan 44:D1:FA:*:0d Factory 0xe000 + 1
The wan MAC can also be found in 0xe006 but is not used by OEM dtb.
Due to different MAC handling in mt76 the LAA derived from lan is used
for 2g to prevent duplicate MACs when creating multiple interfaces.
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
(cherry picked from commit
4891b865380e2b7f32acf0893df9c1ca9db8d4ea)
Sander Vanheule [Wed, 27 Apr 2022 15:27:28 +0000 (17:27 +0200)]
firmware-utils: bump to git HEAD
Includes image support for new TP-Link devices:
ddc3e00e314d tplink-safeloader: add TP-Link EAP265 HD support
ceea1a7fe56e tplink-safeloader: add TP-Link Deco M4R v1 and v2 support
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit
0f207ade12fdfffae3554c6a7214aa670a8d6854)
Hauke Mehrtens [Sat, 23 Apr 2022 19:57:09 +0000 (21:57 +0200)]
firmware-utils: bump to git HEAD
05fd700 tplink-safeloader: TP-Link RE650 v2 support
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
36790ca6940b84dede450c54df9f75500454b92b)
Hauke Mehrtens [Mon, 16 May 2022 22:57:04 +0000 (00:57 +0200)]
kernel: Add missing devm_regulator_get_exclusive()
This backports a patch from Linux 5.10.116 to fix a compile problem
introduced in 5.10.114.
drivers/usb/phy/phy-generic.c could not find
devm_regulator_get_exclusive().
Fixes: 8592df67f40b ("kernel: bump 5.10 to 5.10.114")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
7400adae8d86dde3c60752bf66d487aa1b138bc1)
John Audia [Thu, 12 May 2022 17:04:51 +0000 (13:04 -0400)]
kernel: bump 5.10 to 5.10.115
Removed upstreamed:
backport-5.10/850-v5.17-0004-PCI-aardvark-Clear-all-MSIs-at-setup.patch
pending-5.10/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch
All other patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
b754b0c721131005efa7127151088e9c23dc9053)
John Audia [Mon, 9 May 2022 08:07:21 +0000 (04:07 -0400)]
kernel: bump 5.10 to 5.10.114
All patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B
Run-tested: bcm2711/RPi4B
Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit
8592df67f40b3afdee68e36dc3820187ec0f98fc)
Andreas Böhler [Sun, 15 May 2022 08:50:31 +0000 (10:50 +0200)]
IPQ4019: AVM FRITZ!Box 7530: Remove NAND ECC restrictions from DTS
Some revisions of the FRITZ!7530 use a Toshiba NAND with 8 bit ECC in
contrast to the Macronix NAND with 4 bit ECC. This removes the hardcoded
ECC strength and step size as set in qcom-ipq4019.dtsi, thus relying on the
kernel NAND detection routines to correclty set up the ECC parameters.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit
f167f4a9a42e6d1e186487883500299cc82b1b9f)
Andreas Böhler [Tue, 12 Apr 2022 09:01:25 +0000 (11:01 +0200)]
kernel: add support for Toshiba TC58NVG0S3HTA00 NAND flash
The Toshiba TC58NVG0S3HTA00 is detected with 64 byte OOB while the flash
has 128 byte OOB. This adds a static NAND ID entry to correct this.
Signed-off-by: Andreas Böhler <dev@aboehler.at>
(cherry picked from commit
0bc794a66845738eef7eeb7e13877ffb8aec17f7)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Fri, 13 May 2022 19:44:30 +0000 (21:44 +0200)]
uboot-fritz4040: Add support for Toshiba NAND
From Andreas Böhler:
"Some revisions of the FRITZ!7530 use a Toshiba NAND with 8 bit ECC
in contrast to the Macronix NAND with 4 bit ECC.".
Uboot needs to know this in order to have a chance to load from
the NAND.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
057bac2e1fc796fb4b2440a896be43bca138be84)
Lech Perczak [Sat, 14 May 2022 12:50:02 +0000 (14:50 +0200)]
ath79: ZTE MF286[A,R]: add "Power button blocker" GPIO switch
ZTE MF286A and MF286R feature a "power switch override" GPIO in stock
firmware as means to prevent power interruption during firmware update,
especially when used with internal battery.
To ensure that this GPIO is
properly driven as in stock firmware, configure it with userspace GPIO
switch.
It was observed that on some units, the modem would not be
restarted together with the board itself on reboot, this should help
with that as well.
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit
1fabeeb799abca1d4fb5ba541410ba847cdc20d9)
Pawel Dembicki [Wed, 11 May 2022 15:29:21 +0000 (17:29 +0200)]
ipq40xx: revert Cell-C RTL30VW to legacy caldata extraction
This partially reverts
commit
cfc13c44595d ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data").
After switching to nvmem RTL30VW, wifi was broken:
[ 19.118319] ath10k_ahb
a000000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
[ 19.118377] ath10k_ahb
a000000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
[ 19.130285] ath10k_ahb
a000000.wifi: firmware ver 10.4b-ct-4019-fW-13-
5ae337bb1 api 5 features mfp,peer-flow-ctrl,txstatus-noack,wmi-10.x-CT,ratemask-CT,regdump-CT,txrate-CT,flush-all-CT,pingpong-CT,ch-regs-CT,nop-CT,set-special-CT,tx-rc-CT,cust-stats-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT,wmi-bcn-rc-CT crc32
6b2b5c5b
[ 19.159092] ath10k_ahb
a000000.wifi: failed to fetch board data for bus=ahb,vendor=0000,device=0000,subsystem-vendor=0000,subsystem-device=0000,variant=cellc,rtl30vw from ath10k/QCA4019/hw1.0/board-2.bin
[ 19.238764] ath10k_ahb
a000000.wifi: failed to fetch board-2.bin or board.bin from ath10k/QCA4019/hw1.0
[ 19.238847] ath10k_ahb
a000000.wifi: failed to fetch board file: -12
[ 19.247362] ath10k_ahb
a000000.wifi: could not probe fw (-12)
[ 20.190797] ath10k_ahb
a800000.wifi: qca4019 hw1.0 target 0x01000000 chip_id 0x003b00ff sub 0000:0000
[ 20.190853] ath10k_ahb
a800000.wifi: kconfig debug 0 debugfs 1 tracing 0 dfs 1 testmode 0
[ 20.202893] ath10k_ahb
a800000.wifi: firmware ver 10.4b-ct-4019-fW-13-
5ae337bb1 api 5 features mfp,peer-flow-ctrl,txstatus-noack,wmi-10.x-CT,ratemask-CT,regdump-CT,txrate-CT,flush-all-CT,pingpong-CT,ch-regs-CT,nop-CT,set-special-CT,tx-rc-CT,cust-stats-CT,txrate2-CT,beacon-cb-CT,wmi-block-ack-CT,wmi-bcn-rc-CT crc32
6b2b5c5b
[ 20.231357] ath10k_ahb
a800000.wifi: failed to fetch board data for bus=ahb,vendor=0000,device=0000,subsystem-vendor=0000,subsystem-device=0000,variant=cellc,rtl30vw from ath10k/QCA4019/hw1.0/board-2.bin
[ 20.317318] ath10k_ahb
a800000.wifi: failed to fetch board-2.bin or board.bin from ath10k/QCA4019/hw1.0
[ 20.317399] ath10k_ahb
a800000.wifi: failed to fetch board file: -12
[ 20.326098] ath10k_ahb
a800000.wifi: could not probe fw (-12)
Bootloader mangles in NAND partitions and removes precal@X nodes in
working system:
root@OpenWrt:~# echo $(cat /sys/firmware/devicetree/base/soc/spi@
78b5000/flash@0/partitions/partition@170000/label)
0:ART
root@OpenWrt:~# ls /sys/firmware/devicetree/base/soc/spi@
78b5000/flash@0/partitions/partition@170000/
label name reg
Revert to legacy method fixed the problem.
Fixes: cfc13c44595d ("ipq40xx: utilize nvmem-cells for macs & (pre-)calibration data")
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit
af425e42212d476dd95ec31f18d85b19004c9268)
Ptilopsis Leucotis [Wed, 11 May 2022 16:55:05 +0000 (19:55 +0300)]
ath79: fix I2C on GL-AR300M devices
On GL-AR300M Series GPIO17 described as I2C SDA in Device Tree.
Because of GPIO_OUT_FUNCTION4 register was not initialized on start,
GPIO17 was uncontrollable, it always in high state. According to QCA9531
documentation, default setting of GPIO17 is SYS_RST_L. In order to make
GPIO17 controllable, it should write value 0x00 on bits [15:8] of
GPIO_OUT_FUNCTION4 register, located at 0x1804003C address.
Signed-off-by: Ptilopsis Leucotis <PtilopsisLeucotis@yandex.com>
(cherry picked from commit
57efdd6a2d815d2491c5b7f22ffaeb6a845bfd0a)
Christian Lamparter [Sat, 7 May 2022 17:41:55 +0000 (19:41 +0200)]
ipq40xx: Lyra: update RGB LED-Controller node for 5.10+
Add the reg and color property to each channel node. This
update is to accommodate the multicolor framework.
Refer to:
<https://lore.kernel.org/all/
20200622185919.2131-9-dmurphy@ti.com>
<https://lore.kernel.org/all/
20210818070209.
1540451-1-michal.vokac@ysoft.com>
Note:
There is only a single extremely bright RGB-LED.
The RGB-color channels (i.e.: blue-0, blue-1 and blue-2)
are running in parallel to increase the current delivery
beyond what a single PWM-output on the LED controller
could do.
BugLink: https://github.com/openwrt/openwrt/issues/9851
Reported-By: Thomas Bøge <thomas@boegenielsen.dk>
Tested-By: Thomas Bøge <thomas@boegenielsen.dk>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
834c9b3f055e5ea719f6adfb3fa979e32f2adbd0)
Aleksander Jan Bajkowski [Tue, 21 Dec 2021 21:57:27 +0000 (22:57 +0100)]
lantiq: xway: disable unused switch drivers
None of the devices supported by target xway are using Realtek
RTL8366S, RTL8367A and RTL8367B switches. The switches mentioned
earlier were enabled when bumping the kernel version to 3.7 in
commit
3a948770cf46 ("add linux-v3.7").
Switches used by individual devices are listed below.
Device Switch PHY
Arcadyan ARV4510PW Infineon ADM6996I int. switch
Arcadyan ARV4519PW Atheros AR8216 int. switch
Arcadyan ARV7506PW11 Realtek RTL8306G int. switch
Arcadyan ARV7510PW22 Atheros AR8216 int. switch
Arcadyan ARV7518PW Atheros AR8216 int. switch
Arcadyan ARV7519PW Atheros RTL8306G int. switch
Arcadyan ARV7525PW N/A IC+ IP101A
Arcadyan ARV752DPW Realtek RTL8306G int. switch
Arcadyan ARV752DPW22 Atheros AR8216 int. switch
Arcadyan ARV8539PW22 Atheros AR8216 int. switch
AVM Fritzbox 7312 int. SoC Atheros AR8030-A
AVM Fritzbox 7320 int. SOC Lantiq PEF7071V
AudioCodes MediaPack MP-252 Infineon ADM6996I int. switch
BT Home Hub 2B Infineon ADM6996I int. switch
BT Home Hub 3A Infineon PSB6972 Lantiq PEF7071V
Buffalo WBMR-HP-G300H-A Atheros AR8316 int. switch
Buffalo WBMR-HP-G300H-B Atheros AR8316 int. switch
Lantiq EASY50712 Infinein ADM6996I int. switch
Netgear DGN3500 Realtek RTL8366RB int. switch
Netgear DGN3500B Realtek RTL8366RB int. switch
Siemens Gigaset sx76x Infineon ADM6996I int. switch
ZTE H201L Realtek RTL8306G int. switch
ZyXEL P-2601HN-F1 Realtek RTL8306E int. switch
ZyXEL P-2601HN-F3 Realtek RTL8306E int. switch
Reduces uncompressed kernel size by 36 kB.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
Acked-by: Martin Blumenstingl <martin.blumenstingl@googlemail.com>
(checkpatch.pl fixes)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
8b5d2a73255298b916259ccbc609e4667a335844)
Birger Koblitz [Sun, 24 Apr 2022 20:01:31 +0000 (22:01 +0200)]
realtek: do not reset SerDes on link change
Do not reset the RTL930x SerDes on link changes, instead set up
the SDS with internal PHYs for the SFP+ ports only.
This fixes the 8 1GBit ports on the Zyxel XGS1250 which
do not work without this patch.
A complete SerDes reset was performed on all SerDes links. For copper
1Gbit ports, this is commonly a single XGMII link to an RTL8218D. There
is however no support for setting up the XGMII link on RTL9300/RTL9310,
thereby wiping the (RX/TX) setup done by u-boot and breaking the 1GBit
ports. No SerDes reset should be done for these links.
The handling of SGMII/HiSGMII, 1000BX or 10GR links is actually entirely
different. All these modes need to be suitably RX calibrated and the
pre- main and post- amplifiers set up properly for TX.
The 10GBit SFP+ fiber links are recalibrated instead of reset, which
e.g. is necessary when someone pulls a module out and puts another in.
This makes swapping out 10GBit fiber modules possible. 1GBit modules are
not yet supported, nor any modules with an internal phy.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
[rewrite commit message based on discussion]
Link: http://lists.infradead.org/pipermail/openwrt-devel/2022-May/038623.html
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit
d1b824650f1ee694ec2dbdd2f4f9ec64e650cf86)
Birger Koblitz [Sun, 24 Apr 2022 18:37:33 +0000 (20:37 +0200)]
realtek: Trap all frames with switch as destination to CPU-port
This fixes a bug where frames sent to the switch itself were
flooded to all ports unless the MAC address of the CPU-port
was learned otherwise.
Tested-by: Wenli Looi <wlooi@ucalgary.ca>
Tested-by: Bjørn Mork <bjorn@mork.no>
Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
[fix code formatting]
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit
98bb26f9f762408e42bd8a906f0eb01c41ada10a)
Piotr Dymacz [Fri, 13 May 2022 11:35:59 +0000 (13:35 +0200)]
ramips: fix booting on Samknows SK-WB8
This fixes a well known "LZMA ERROR 1" error, reported previously on
numerous of similar devices.
Fixes: #9824
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit
064e7e57b483e6879de0facef4f1fce86ec4ad47)
Piotr Dymacz [Wed, 6 Apr 2022 21:07:55 +0000 (23:07 +0200)]
bcm27xx: include 'rtc' in target's 'FEATURES'
There are many ways to add external RTC to Raspberry Pi boards. Let's
include support for this for the whole target and while at it, sort
features alphabetically.
Fixes: #9594
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit
ff09905a468b4cc44f039a76568e8fe6cbaea8d9)
Felix Fietkau [Fri, 6 May 2022 19:54:48 +0000 (21:54 +0200)]
kernel: fix corrupted padding on small packets with mt753x dsa
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
203ffc4ca75d43ac32b164c5a474e3ce36999809)
Felix Fietkau [Fri, 6 May 2022 13:49:58 +0000 (15:49 +0200)]
kernel: fix flow offload issues with pppoe
sync xt_FLOWOFFLOAD code with latest version of nft_flow_offload
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
726ef8ba2dbe4d4a693c4d9300bc69e234e6d67d)
Felix Fietkau [Tue, 30 Nov 2021 10:55:24 +0000 (11:55 +0100)]
mediatek: add patches for MT7622 WED (wireless ethernet dispatch)
This series also contains other improvement for hardware flow offload support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
0f029b3d2b505b40aca9a24a002838ed1060f83d)
Tiago Gaspar [Wed, 4 May 2022 09:36:07 +0000 (10:36 +0100)]
firewall: config: remove restictions on DHCPv6 allow rule
Remove restrictions on source and destination addresses, which aren't
specified on RFC8415, and for some reason in openwrt are configured
to allow both link-local and ULA addresses.
As cleared out in issue #5066 there are some ISPs that use Gloabal
Unicast addresses, so fix this rule to allow them.
Fixes: #5066
Signed-off-by: Tiago Gaspar <tiagogaspar8@gmail.com>
[rebase onto firewall3, clarify subject, bump PKG_RELEASE]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
65258f5d6093809c541050256646795bc0a460a9)
Daniel Golle [Tue, 3 May 2022 01:10:37 +0000 (02:10 +0100)]
fstools: update to git HEAD
9e11b37 fstools: remove SELinux restorecon hack
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
4509b790f09183b2ac757371f6d79052f232e4cd)
Daniel Golle [Tue, 3 May 2022 01:07:40 +0000 (02:07 +0100)]
procd: update to git HEAD
652e6df init: restore SELinux labels after policy is loaded
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
fb011118664756ee33bf16a39bf6e73d02cc2d3f)
Daniel Golle [Mon, 2 May 2022 20:07:16 +0000 (21:07 +0100)]
base-files: simplify restorecon logic
Remove forgotten redundant selinuxenabled call and skip the whole
thing in case $IPKG_INSTROOT is set as labels are anyway applied only
later on in fakeroot when squashfs is created.
Fixes: 6d7272852e ("base-files: add missing $IPKG_INSTROOT to restorecon call")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
7b07c3cff57f057d6780d34adeb23c06123732db)
Dominick Grift [Sat, 16 Apr 2022 13:10:39 +0000 (15:10 +0200)]
selinux-policy: update to version 1.1
try to clean up some labeling inconsistencies
iwinfo loose ends
ucode loose ends
Makefile: adjust mintesttgt (adds blockmount/blockd)
nftables: reads inherited netifd pipe
ucode: reads inherited netifd pipes
mountroot: fowner
sandbox: writes inherited dropbear pipes
unbound related to /tmp/etc/ssl
unbound loose ends
adds a sslconftmpfile for /tmp/etc/ssl
README: maintain a wish list in the README
iwinfo: netifd forgot write
gptfdisk loose ends
iwinfo: netifd wpad reads/writes inherited netifd fifo files
netifd (mac80211.sh) executes iwinfo
luci: executes wireguard
luci-cgi: audits xtables execute access
rcuhttpd: lists ssl certfile dirs
iwinfo, wifi,nftables usage of ttyd pty if available
urandomseed: seedrng needs cap_sys_admin
iwinfo iwinfo, nftables and some chronyd rules related to ntp nts server
nftables, wifi and adds iwinfo skel
nftables, rpcd, ucode
nftables, ucode and seedrng ucode, fw3/nftables, luci
adds ucode skel and some fw3/nftables related
urandomseed: some seedrng rules
fw3 adds some support for fw4
urandomseed: /etc/seedrng is for seed.credit
hotplugcal: runs ucode which is interpreter like
adds a nftables skeleton and makes xtables optional
agent: allow all agents to write inherited dropbear pipes
urandomseed: this seems to be replaced by seedrng
kmodloader: label /etc/modules.conf kmodloader.conffile
Revert "shelexecfile: remove auditallow rule"
Makefile: sort the modules to process by secilc
Moves back to git.defensec.nl
unbound odhcpd (ip) reads net proc
tcp dump
shelexecfile: remove auditallow rule
rrd.cil: fixes indent
Target rddtool from cgi-io instead of runnit it without transition
rrd.cil related
rrd, rpcd, cgiio clean ups related to luci-app-statistics
Rules for rrd files and luci-statistics
unboundcontrol ordering
Several missing permissions
blockmount, dnsmasq, hotplugcall, rpcd, unbound
adds mctp_socket (linux 5.15)
ip: forgot tc-tiny type transition to go along with the fc spec
ip: adds a fc spec for tc-tiny (called by sqm)
adds ttyACM fc spec and various assorted loose ends
.gitattributes: do not export the github workflows
workflow use selinux 3.3
project moved back to https://git.defensec.nl/selinux-policy.git
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit
43794570986e33770d9039399d16a665f6c7c495)
Daniel Golle [Mon, 2 May 2022 18:58:56 +0000 (19:58 +0100)]
base-files: add missing $IPKG_INSTROOT to restorecon call
Update to overlooked v2 version of Dominick Grift's patch.
Fixes: 5109bd164c ("base-files: address sed in-place without SELinux awareness")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
6d7272852e0b2634b2fa93a131ea8659ec87f079)
Dominick Grift [Sun, 1 May 2022 17:54:04 +0000 (19:54 +0200)]
base-files: address sed in-place without SELinux awareness
sed(1) in busybox does not support this functionality:
https://git.savannah.gnu.org/cgit/sed.git/tree/sed/execute.c#n598
This causes /etc/group to become mislabeled when a package requests
that a uid/gid be added on OpenWrt with SELinux
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[move restorecon inside lock]
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit
5109bd164c8f2273329483f990188fb36cf3ad68)
Daniel Golle [Sun, 1 May 2022 16:00:47 +0000 (17:00 +0100)]
fstools: update to git HEAD
f0fc66a libfstools: check for overlay mounting errors
128ecaf Update / fix extroot comments
8a0ba3b libfstools: get rid of "extroot_prefix" global variable
649cd3f libfstools: use variable for overlay mount-point
922f1b3 libfstools: avoid segfault in find_mount_point
ce5eacb libfstools: mtd: improve error handling
898b328 blockd: restore device_move semantics
0917d22 block: don't probe mtdblock on NAND (with legacy exceptions)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
4e8d095013fb822eaa4fd6b4512a434fc17ac901)
Enrico Mioso [Thu, 28 Apr 2022 06:57:24 +0000 (08:57 +0200)]
ipq40xx: fix BDF file for pcie wifi chip on the GL.Inet GL-B2200
After the switch to pre-calibration, ath10k would fail to initialize
the PCIE Wi-Fi on the GL-B200 as follows:
ath10k_pci 0000:01:00.0: enabling device (0140 -> 0142)
ath10k_pci 0000:01:00.0: qca9888 hw2.0 target 0x01000000 chip_id 0x00000000 sub 0000:0000
[...]
ath10k_pci 0000:01:00.0: failed to fetch board data for bus=pci,bmi-chip-id=0,bmi-board-id=16,variant=GL-B2200 from ath10k/QCA9888/hw2.0/board-2.bin
ath10k_pci 0000:01:00.0: failed to fetch board-2.bin or board.bin from ath10k/QCA9888/hw2.0
ath10k_pci 0000:01:00.0: failed to fetch board file: -12
ath10k_pci 0000:01:00.0: could not probe fw (-12)
Repackage the BDF file after renaming relevant fields and files to
allow for the Wi-Fi interface to start again.
Fixes: 80d34d9d593 ("ipq40xx: document pcie wifi chip on the GL.Inet GL-B2200")
CC: Christian Lamparter <chunkeey@gmail.com>
CC: Robert Marko <robimarko@gmail.com>
Reviewed-by: Robert Marko <robert.marko@sartura.hr>
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
(cherry picked from commit
e3f9af4fb6e4ba8bf54cb4240f318ad32260a6fa)
John Audia [Wed, 27 Apr 2022 18:14:45 +0000 (14:14 -0400)]
kernel: bump 5.10 to 5.10.113
All patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit
e08942e76a162962892020a0f7e52ef751ec68e4)
John Audia [Wed, 20 Apr 2022 10:44:30 +0000 (06:44 -0400)]
kernel: bump 5.10 to 5.10.112
Manually rebased:
ath79/patches-5.10/901-phy-mdio-bitbang-prevent-rescheduling-during-command.patch
All other patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit
cab20be008591f89dd89c4e444cdf022fa7f57eb)
Kerma Gérald [Thu, 28 Apr 2022 22:08:09 +0000 (00:08 +0200)]
f2fs-tools: fix resize.f2fs (#9800)
resolve issue
- https://github.com/openwrt/openwrt/issues/9800
add the upstream patch:
- f2fs-tools.git/patch/?id=
f056fbeff08d30a6d9acdb9e06704461ceee3500
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit
1aac1b36d3cf44c8bfa8d4a6d8df6e815fc06529)
PtilopsisLeucotis [Sat, 16 Apr 2022 10:21:58 +0000 (13:21 +0300)]
ath79: add USB power control for GL-AR300M series
Add USB power control in DTS for GL.iNet models:
- AR300M;
- AR300M-Ext;
- AR300M16;
- AR300M16-Ext.
Signed-off-by: PtilopsisLeucotis <PtilopsisLeucotis@yandex.com>
(cherry picked from commit
6e9c814022e41a7cfa4db3b1a41e257fd1515bea)
Martin Kennedy [Tue, 26 Apr 2022 21:04:06 +0000 (17:04 -0400)]
mpc85xx: Fix output location of padded dtb
In commit
7e614820a892 ("mpc85xx: add support for Extreme Networks
WS-AP3825i"), we borrowed a recipe convention from apm821xx for device
tree blob padding. Unfortunately, in the apm821xx target, the image
recipes name the device tree blob differently, meaning that in
mpc85xx, the padded dtb is never consumed.
Change the definition of `Build/dtb` so that it outputs the padded dtb
to the correct location for it to be consumed.
Also, rename the recipe to `Build/pad-dtb`, so it is clear we
are building and padding the device tree blob.
This change fixes Github issue #9779 [1].
[1]: https://github.com/openwrt/openwrt/issues/9779
Fixes: 7e614820a892 ("mpc85xx: add support for Extreme Networks WS-AP3825i")
Signed-off-by: Martin Kennedy <hurricos@gmail.com>
(cherry picked from commit
1d06277407d3e294589ecde46328303a9f3803fd)
Huangbin Zhan [Sun, 24 Apr 2022 01:58:25 +0000 (09:58 +0800)]
build: don't remove BUILD_LOG_DIR in _clean
targetclean should not remove BUILD_LOG
Fixes: db34b93331e9 (add a version that can be bumped to force toolchain/target rebuild)
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit
aeaa816cd2bd22de165c71a41d8d198a9235e971)
Daniel Golle [Mon, 25 Apr 2022 17:56:52 +0000 (18:56 +0100)]
dnsmasq: add logfacility file to jail mounts
If logfacility is a path to a file it needs to be r/w mounted in the
sandbox as well for dnsmasq to work.
Reported-by: @iointerrupt
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
2b5fa44f60165d66d74131778df0b64b706887e2)
Martin Weinelt [Sun, 17 Apr 2022 13:56:53 +0000 (15:56 +0200)]
ath79: ubnt: drop swconfig on ac-{lite,lr,mesh}
These don't have switches that could be configured using swconfig.
Signed-off-by: Martin Weinelt <hexa@darmstadt.ccc.de>
(cherry picked from commit
089eb02abcd7512c6d182953560eb2453ef144ca)
Huangbin Zhan [Wed, 20 Apr 2022 21:40:40 +0000 (05:40 +0800)]
bcm63xx: fix description fix name case
The `Description` should be capital.
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit
b8ed98b10004d5de25c1b4b2d2b59b15fc04f794)
Lech Perczak [Sat, 23 Apr 2022 09:22:50 +0000 (11:22 +0200)]
ath79: ZTE MF286R: add comgt-ncm to DEVICE_PACKAGES
When adding support to the router's built-in modem, this required
package was omitted, because it was already enabled in the image
configuration in use for testing, and this went unnoticed.
In result, the modem still isn't fully supported in official images.
As it is the primary WAN interface, add the missing package.
Fixes: e02fb42c53ba ("comgt: support ZTE MF286R modem")
Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
(cherry picked from commit
8a1003c5986514d7a78f78b3ee94003837d82582)
Alban Bedel [Sat, 30 Apr 2022 08:42:33 +0000 (10:42 +0200)]
ramips: zbt-wg2626: Add the reset gpio for PCIe port 1
The 2.4GHz interface doesn't come up properly with the log showing:
mt7621-pci
1e140000.pcie: pcie1 no card, disable it (RST & CLK)
As seen on other MT7621 boards this is caused by a missing reset GPIO.
The MT7621 dtsi set GPIO 19 as PCIe reset GPIO, which on this board
reset the 5GHz interface on port 0. Add GPIO 8 to the PCIe reset GPIO
list to also reset the 2.4GHz interface on port 1.
Signed-off-by: Alban Bedel <albeu@free.fr>
(cherry picked from commit
f953a1a4bfba2fa70c12bb80938aa66481a673b6)
Nick Hainke [Mon, 18 Apr 2022 13:04:25 +0000 (15:04 +0200)]
ipq40xx: 5.10: fix ar40xx driver
This commit is completely based on the work of adron-s:
https://github.com/openwrt/openwrt/pull/4721#issuecomment-
1101108651
The commit fixes the data corruption on TX packets. Packets are
transmitted, but their contents are replaced with zeros. This error is
caused by the lack of guard (50 ms) intervals between calibration phases.
This error is treated by adding mdelay(50) to the calibration function
code. In the original qca-ssda code [0], these mdelays were existing, but
in the ar41xx.c they are gone.
Tested on:
- Fritz!Box 4040
- Fritz!Box 7530
- Mikrotik SXTsq 5AC
- ZyXEL NBG6617
- [0] https://git.codelinaro.org/clo/qsdk/oss/lklm/qca-ssdk/-/blob/NHSS.QSDK.11.4/src/init/ssdk_init.c#L2072
Suggested-by: Serhii Serhieiev <adron@mstnt.com>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
ab7e53e5cce703c7a62efbe1d41fb94c2228a178)
Jo-Philipp Wich [Thu, 28 Apr 2022 08:28:20 +0000 (10:28 +0200)]
ucode: reorder BuildPackage calls
Ensure that the libucode recipe is processed before the ucode one in
order to reliably encode the ABI version into ucode's libucode dependency.
Fixes: #9788
Ref: https://forum.openwrt.org/t/fw4-wont-start-after-upgrade/126308
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
573ce80ca612b0f642b7cbd5d9d33d89b7e96670)
David Bauer [Tue, 26 Apr 2022 22:53:11 +0000 (00:53 +0200)]
iwinfo: update to latest HEAD
dc6847e iwinfo: nl80211: omit A-hwmode on non-5GHz hardware
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
f757a8a09885e3c8bb76371e037b8c0731111980)
David Bauer [Sun, 24 Apr 2022 22:04:09 +0000 (00:04 +0200)]
uboot-envtools: add WS-AP3825i config
Add configuration to use uboot-envtools with the Extreme Networks
WS-AP3825i.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
fb7ff6b027d1c69e97e6d39e688a969c164065c8)
David Bauer [Sun, 24 Apr 2022 23:00:49 +0000 (01:00 +0200)]
mpc85xx: set WS-AP3825i mac-address in preinit
The bootloader does seem to not correctly patch in the MAC address for
eth0 / eth1 in some cases. While the root cause is not known, manually
applying the MAC-Address in preinit does not hurt.
Reported-by: Tom Herbers <freifunk@tomherbers.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
c6d52515e009d96e0afbe77310bf172f113d0eef)