aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* scripts: ipkg-build: simplify uid/gid resolvingJo-Philipp Wich2020-09-141-36/+29
| | | | | | | | | | | Use the prepared .packageusergroup file to lookup user and group names when processing the passed file mode. Also replace the various subshell/cut invocations with a sequence of standard variable interpolations which fixes paths with embedded colons as a side-effect. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* build: dump effective user/group id mapping to fileJo-Philipp Wich2020-09-141-0/+1
| | | | | | | This file can be subsequently used to resolve symbolic user or group names to their numeric IDs when packing ipk archives. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* build: add user/group ID resolve functionPaul Spooren2020-09-141-2/+40
| | | | | | | | With the introduction of `./tmp/userids` the `ipkg-build` script can now resolve values of "PKG_FILE_MODES", allowing users to set names rather than numeric values. Signed-off-by: Paul Spooren <mail@aparcar.org>
* build: create tmp/userids filePaul Spooren2020-09-141-0/+1
| | | | | | | | | | | | | | | | | | | Multiple packages contain a USERID variable defining required user and group for the package to run. With the recent addition of "PKG_FILE_MODES" it is possible to define user and group of specific files, replacing (possibly insecure) post-inst scripts. These modes are set during build time and put directly into the packages. To allow user and group names rather than the numeric values, a mapping like `/etc/passwd` is required by the `ipkg-build` script, mapping names defined in "PKG_FILE_MODES" to a numeric value, as the build system does not create any users during build. This commit adds a single line to the `prepare-tmpinfo` target, so that everytime the feeds are updated the *passwd like* content of `./tmp/userids` is updated. Signed-off-by: Paul Spooren <mail@aparcar.org>
* rtl838x: add new architectureBirger Koblitz2020-09-1439-0/+8828
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for the RTL838x Architecture. SoCs of this type are used in managed and un-managed Switches and Routers with 8-28 ports. Drivers are provided for SoC initialization, GPIOs, Flash, Ethernet including a DSA switch driver and internal and external PHYs used with these switches. Supported SoCs: RTL8380M RTL8381M RTL8382M The kernel will also boot on the following RTL839x SoCs, however driver support apart from spi-nor is missing: RTL8390 RTL8391 RTL8393 The following PHYs are supported: RTL8214FC (Quad QSGMII multiplexing GMAC and SFP port) RTL8218B internal: internal PHY of the RTL838x chips RTL8318b external (QSGMII 8-port GMAC phy) RTL8382M SerDes for 2 SFP ports Initialization sequences for the PHYs are provided in the form of firmware files. Flash driver supports 3 / 4 byte access DSA switch driver supports VLANs, port isolation, STP and port mirroring. The ALLNET ALL-SG8208M is supported as Proof of Concept: RTL8382M SoC 1 MIPS 4KEc core @ 500MHz 8 Internal PHYs (RTL8218B) 128MB DRAM (Nanya NT5TU128MB) 16MB NOR Flash (MXIC 25L128) 8 GBEthernet ports with one green status LED each (SoC controlled) 1 Power LED (not configurable) 1 SYS LED (configurable) 1 On-Off switch (not configurable) 1 Reset button at the right behind right air-vent (not configurable) 1 Reset button on front panel (configurable) 12V 1A barrel connector 1 serial header with populated standard pin connector and with markings GND TX RX Vcc(3.3V), connection properties: 115200 8N1 To install, upload the sysupgrade image to the OEM webpage. Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
* kernel: add support for ALLNET devices in mtdsplitBirger Koblitz2020-09-141-0/+50
| | | | | | | Add support for uimage headers from ALLNET and provide support for the SG8208M and SG8310PM devices' magic bytes. Signed-off-by: Birger Koblitz <git@birger-koblitz.de>
* cns3xxx: drop targetAdrian Schmutzler2020-09-1446-5947/+1
| | | | | | | | | | | | | | | | | | | | | | | | This target has not been updated to 5.4 yet, and the only person trying it (Koen) decided to retreat based on the following reasons: - The target is not DT-aware at all - The huge amount of effort required - The SoC itself reached EoL at Cavium for some time now - Upstream removed some important parts as it's also slowly getting EoL over there - The commercial product that used this will fade out shortly - The amount of download for this binary suggest that the target is not that popular Since nobody has picked up the work since then, and this is the last remaining 4.19-only target, finally drop it now. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* uboot-envtools: mvebu: update uci defaults for Turris OmniaKlaus Kudielka2020-09-132-2/+6
| | | | | | | | | | | | On the Turris Omnia 2019, u-boot environment is located at 0xF0000, instead of 0xC0000. The switch happened with u-boot-omnia package version 2019-04-2 (May 10, 2019). Check the installed u-boot release, and set the default accordingly. Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com> [bump PKG_RELEASE, use lower case for hex offset] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: mt7621: pbr-m1: fix firmware sizeChuanhong Guo2020-09-132-2/+2
| | | | | | | This board is equipped with Winbond W25Q256FV 32M SPI-NOR. Fix partition size for that. Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
* ramips: mt7621: pbr-m1: increase SPI clock to 50MHzChuanhong Guo2020-09-131-1/+2
| | | | Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
* ramips: mt7621: pbr-m1: add pcie reset for asm1061Chuanhong Guo2020-09-131-0/+12
| | | | | | | | this board has a pcie to sata bridge connected to pcie2 with a separated pcie reset on gpio7. add reset-gpios and corresponding pinctrl nodes into dts. Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
* ramips/mediatek: improve GRO performance, fix PPE packet parsingFelix Fietkau2020-09-1311-59/+223
| | | | | | | | Backport upstream changes to initialize GDM settings and reset PPE Allow GMAC to recognize the special tag to fix PPE packet parsing Improve GRO performance by passing PPE L4 hash as skb hash Signed-off-by: Felix Fietkau <nbd@nbd.name>
* kernel: bump 5.4 to 5.4.65John Audia2020-09-125-15/+15
| | | | | | | | | | | All modifications made by update_kernel.sh/no manual intervention needed Build-tested: x86_64 Run-tested: ipq806x (R7800) No dmesg regressions, everything functional Signed-off-by: John Audia <graysky@archlinux.us>
* netifd: update to latest git HEADHans Dedecker2020-09-121-3/+3
| | | | | | | | | 55a7b6b netifd: vxlan: add aging and maxaddress options 11223f5 netifd: vxlan: add most missing boolean options 226566b netifd: vxlan: refactor mapping of boolean attrs a3c033e netifd: vxlan: handle srcport range Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* ath79: support for TP-Link EAP225-Wall v2Sander Vanheule2020-09-125-1/+197
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TP-Link EAP225-Wall v2 is an AC1200 (802.11ac Wave-2) wall plate access point. UART access and debricking require fine soldering. The device was kindly provided for porting by Stijn Segers. Device specifications: * SoC: QCA9561 @ 775MHz * RAM: 128MiB DDR2 * Flash: 16MiB SPI-NOR (GD25Q127CSIG) * Wireless 2.4GHz (SoC): b/g/n, 2x2 * Wireless 5Ghz (QCA9886): a/n/ac, 2x2 MU-MIMO * Ethernet (SoC): 4× 100Mbps * Eth0 (back): 802.3af/at PoE in * Eth1, Eth2 (bottom) * Eth3 (bottom): PoE out (can be toggled by GPIO) * One status LED * Two buttons (both work as failsafe) * LED button, implemented as KEY_BRIGHTNESS_TOGGLE * Reset button Flashing instructions, requires recent firmware (tested on 1.20.0): * ssh into target device and run `cliclientd stopcs` * Upgrade with factory image via web interface Debricking: * Serial port can be soldered on PCB J4 (1: TXD, 2: RXD, 3: GND, 4: VCC) * Bridge unpopulated resistors R162 (TXD) and R165 (RXD) Do NOT bridge R164 * Use 3.3V, 115200 baud, 8n1 * Interrupt bootloader by holding CTRL+B during boot * tftp initramfs to flash via sysupgrade or LuCI web interface MAC addresses: MAC address (as on device label) is stored in device info partition at an offset of 8 bytes. ath9k device has same address as ethernet, ath10k uses address incremented by 1. From OEM ifconfig: br0 Link encap:Ethernet HWaddr 50:...:04 eth0 Link encap:Ethernet HWaddr 50:...:04 wifi0 Link encap:UNSPEC HWaddr 50-...-04-... wifi1 Link encap:UNSPEC HWaddr 50-...-05-... Signed-off-by: Sander Vanheule <sander@svanheule.net> [fix IMAGE_SIZE] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ath79: add support for Mercury MW4530R v1Zhong Jianxin2020-09-125-25/+50
| | | | | | | | | | | | | | | | | | | | | Mercury MW4530R is a TP-Link TL-WDR4310 clone. Specification: * SOC: Atheros AR9344 (560 MHz) * RAM: 128 MiB * Flash: 8192 KiB * Ethernet: 5 x 10/100/1000 (4 x LAN, 1 x WAN) (AR8327) * Wireless: - 2.4 GHz b/g/n (internal) - 5 GHz a/n (AR9580) * USB: yes, 1 x USB 2.0 Installation: Flash factory image via OEM web interface. Signed-off-by: Zhong Jianxin <azuwis@gmail.com>
* kernel: bump 5.4 to 5.4.64John Audia2020-09-1217-96/+45
| | | | | | | | | | | | | | | | | | | | | | Remove upstreamed patches: generic-backport 701-v5.5-net-core-use-listified-Rx-for-GRO_NORMAL-in-napi_gro.patch Manually merged: mediatek/patches-5.4 0603-net-dsa-mt7530-Extend-device-data-ready-for-adding-a.patch All other modifications made by update_kernel.sh Build-tested: ipq806x, lantiq/xrx200, mvebu, x86/64 Run-tested: ipq806x (R7800), mvebu (mamba, rango), lantiq/xrx200 (Easybox 904 xDSL), x86/64 No dmesg regressions, everything functional Signed-off-by: John Audia <graysky@archlinux.us> [add community build/run tests to commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: create common DTSI for Sunvalley Filehub devicesAdrian Schmutzler2020-09-123-258/+138
| | | | | | | | | | HooToo HT-TM05 and RAVPower RP-WD03 have almost identical hardware (except for RAM size) and are from the same vendor (SunValley). Create a common DTSI file for them. Suggested-by: Russell Morris <rmorris@rkmorris.us> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: fix baud rate for RAVPower RP-WD03Adrian Schmutzler2020-09-121-4/+0
| | | | | | | | | | | | The baud rate for the RAVPower RP-WD03 is 57600, not 115200. Since this is the default from mt7620n.dtsi, the chosen node can simply be removed from the device DTS. Fixes: 5ef79af4f80f ("ramips: add support for Ravpower WD03") Suggested-by: Russell Morris <rmorris@rkmorris.us> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: assign LEDs for RAVPower RP-WD03Adrian Schmutzler2020-09-122-2/+9
| | | | | | | | | | | | | | | According to the User Manual, there is a "Wi-Fi LED" with blue and green colors, doing the following by default: Flashing Blue: System loading Solid Blue: System loaded Flashing Green: Connecting to the Internet Solid Green: Connected to the Internet According to this vendor behavior, we keep refer to the LED as "wifi" but implement the according default behavior as in OEM firmware. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: fix MAC address assignment for RAVPower RP-WD03Adrian Schmutzler2020-09-121-1/+5
| | | | | | | | | | | | | | | | | MAC assignment based on vendor firmware: 2.4 GHz *:b4 (factory 0x04) LAN/label *:b4 (factory 0x28) WAN *:b5 (factory 0x2e) The previously used location 0x4000 for ethernet is actually empty. Therefore, fix the ethernet MAC address and set it as label-mac-address. Fixes: 5ef79af4f80f ("ramips: add support for Ravpower WD03") Suggested-by: Russell Morris <rmorris@rkmorris.us> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: fix partitions and boot for RAVPower RP-WD03Adrian Schmutzler2020-09-115-14/+68
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The RAVPower RP-WD03 is a battery powered router, with an Ethernet and USB port. Due due a limitation in the vendor supplied U-Boot bootloader, we cannot exceed a 1.5 MB kernel size, as is the case with recent builds (i.e. post v19.07). This breaks both factory and sysupgrade images. To address this, use the lzma loader (loader-okli) to work around this limitation. The improvements here also address the "misplaced" U-Boot environment partition, which is located between the kernel and rootfs in the stock image / implementation. This is addressed by making use of mtd-concat, maximizing space available in the booted image. This will make sysupgrade from earlier versions impossible. Changes are based on the recently supported HooToo HT-TM05, as the hardware is almost identical (except for RAM size) and is from the same vendor (SunValley). While at it, also change the SPI frequency accordingly. Installation: - Download the needed OpenWrt install files, place them in the root of a clean TFTP server running on your computer. Rename the files as, - openwrt-ramips-mt7620-ravpower_rp-wd03-squashfs-kernel.bin => kernel - openwrt-ramips-mt7620-ravpower_rp-wd03-squashfs-rootfs.bin => rootfs - Plug the router into your computer via Ethernet - Set your computer to use 10.10.10.254 as its IP address - With your router shut down, hold down the power button until the first white LED lights up. - Push and hold the reset button and release the power button. Continue holding the reset button for 30 seconds or until it begins searching for files on your TFTP server, whichever comes first. - The router (10.10.10.128) will look for your computer at 10.10.10.254 and install the two files. Once it has finished installation, it will automatically reboot and start up OpenWrt. - Set your computer to use DHCP for its IP address Notes: - U-Boot environment can be modified, u-boot-env is preserved on initial install or sysupgrade - mtd-concat functionality is included, to leave a "hole" for u-boot-env, combining the OEM kernel and rootfs partitions Most of the changes in this commit are the work of Russell Morris (as credited below), I only wrapped them up and added compat-version. Thanks to @mpratt14 and @xabolcs for their help getting the lzma loader to work! Fixes: 5ef79af4f80f ("ramips: add support for Ravpower WD03") Suggested-by: Russell Morris <rmorris@rkmorris.us> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: use proper name for RAVPower RP-WD03Adrian Schmutzler2020-09-114-9/+13
| | | | | | | | The proper model name is RP-WD03 (i.e. with the RP- prefix). Adjust all names to that. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: use proper upstream inclusion version for patchAdrian Schmutzler2020-09-112-0/+0
| | | | | | The patch is only included in kernel 5.5. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ramips: move ravpower-wd009-factory recipe to mt76x8.mkAdrian Schmutzler2020-09-112-6/+8
| | | | | | | The recipe is only used for a single device, so put it in the subtarget file. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ipq40xx: essedma: enable VLAN tag offload for single-portDavid Bauer2020-09-111-8/+4
| | | | | | | | | | | | | | | | | Enable the VLAN tag offloading mechanism for RGMII single-port devices. This allows those devices to use 802.1Q VLANs on the ethernet port. Previously, RX frames were double tagged, as the RX TAG removal flag was not enabled and an additional 802.1Q header was inserted elsewhere in the code. On the TX side, tagging was completely not present for single-port devices. Enable tagging if an 802.1Q frame should be transmitted and disable the default tagging mechanism for single-port devices. Tested on Aruba AP-303 Signed-off-by: David Bauer <mail@david-bauer.net>
* hostapd: add support for per-BSS airtime configurationDavid Bauer2020-09-113-4/+14
| | | | | | | | | | | | Add support for per-BSS airtime weight configuration. This allows to set a airtime weight per BSS as well as a ratio limit based on the weight. Support for this feature is only enabled in the full flavors of hostapd. Consult the hostapd.conf documentation (Airtime policy configuration) for more information on the inner workings of the exposed settings. Signed-off-by: David Bauer <mail@david-bauer.net>
* scripts: download.pl: fix indentationDavid Bauer2020-09-111-3/+2
| | | | Signed-off-by: David Bauer <mail@david-bauer.net>
* base-files: disable LEDs if default state is undefinedDavid Bauer2020-09-112-2/+2
| | | | | | | | | | | | | | | Set the default state for LEDs to off. When a trigger is set, the trigger will turn the LED automatically on. Currently LEDs might stay on, e.g. when the LED trigger is set to a netdev trigger and the interface is never activated or the 'none' trigger is selected without setting the 'default' option to 0 and it's set for the LED indicating the system running state. Using off as a default value is also consistent with the documentation in the OpenWrt wiki. Signed-off-by: David Bauer <mail@david-bauer.net>
* kernel: improve the description of fs-nfs-v4Bob Cai2020-09-101-1/+1
| | | | | | | | | | | TITLE is "NFS4 filesystem client support" (Line 428) but the description is "Kernel module for NFS v4 support" (Line 438). Use "Kernel module for NFS v4 client support" on line 438. Signed-off-by: Bob Cai <1119283622@qq.com> [commit title/message facelift] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* ath25: fix preinit Ethernet port configurationSergey Ryazanov2020-09-101-7/+2
| | | | | | | | | | | | | | | | | vconfig is no more installed by default to a firmware image. So, replace vconfig calls for VLAN subinterface configuration by coresponding ip-link commands. Also drop few useless comments from the preinit hook script, while we are at it. I have no chance to test this fix since I have no board with a subject switch IC, but this is still better then call an utility that is unavailable in the firmware for years. Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com> [use documented syntax for ip link add] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* scripts: bundle-libraries.sh: retain preloaded librariesJo-Philipp Wich2020-09-101-1/+1
| | | | | | | | | | | | | | | | Since the introduction of fakeroot support, wrapped SDK executables might be invoked from a shell that has libfakeroot.so preloaded. Since we're using preloading as well in order to mangle argv[0] when invoking the shipped ELF interpreter directly, we must take care of preloading the already preloaded libraries as well, to avoid invoked programs losing their fakeroot capabilities. Extend the bundle-libraries.sh script to take any existing $LD_PRELOAD into account when invoking the target ELF executable with a preloaded runas.so library. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* rpcd: update to the latest masterRafał Miłecki2020-09-101-3/+3
| | | | | | rc: new ubus object for handling /etc/init.d/ scripts Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* rssileds: update maintainer email addressDaniel Golle2020-09-101-1/+1
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: add recently introduced CONFIG_MTD_SPLIT_ELF_FWAdrian Schmutzler2020-09-092-0/+2
| | | | | | | | | | | | The config symbol was introduced in drivers, but not added to generic kernel config files. This will halt build asking for the value. Fix it by adding the value (setting it to disabled). Fixes: 3f7047db7aaf ("kernel: mtdsplit: support ELF loader splitting") Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* wireguard-tools: bump to 1.0.20200827Jason A. Donenfeld2020-09-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | * ipc: split into separate files per-platform This is in preparation for FreeBSD support, which I had hoped to have this release, but we're still waiting on some tooling fixes, so hopefully next wg(8) will support that. Either way, the code base is now a lot more amenable to adding more kernel platform support. * man: wg-quick: use syncconf instead of addconf for strip example Simple documentation fix. * pubkey: isblank is a subset of isspace * ctype: use non-locale-specific ctype.h In addition to ensuring that isalpha() and such isn't locale-specific, we also make these constant time, even though we're never distinguishing between bits of a secret using them. From that perspective, though, this is markedly better than the locale-specific table lookups in glibc, even though base64 characters span two cache lines and valid private keys must hit both. This may be useful for other projects too: https://git.zx2c4.com/wireguard-tools/tree/src/ctype.h Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* ath79: add support for TP-Link EAP245-v3Sander Vanheule2020-09-095-0/+226
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TP-Link EAP245 v3 is an AC1750 (802.11ac Wave-2) ceiling mount access point. UART access (for debricking) requires non-trivial soldering. Specifications: * SoC: QCA9563 (CPU/DDR/AHB @ 775/650/258 MHz) * RAM: 128MiB * Flash: 16MiB SPI-NOR * Wireless 2.4GHz (SoC): b/g/n 3x3 * Wireless 5GHz (QCA9982): a/n/ac 3x3 with MU-MIMO * Ethernet (QCA8337N switch): 2× 1GbE, ETH1 (802.3at PoE) and ETH2 * Green and amber status LEDs * Reset switch (GPIO, available for failsafe) Flashing instructions: All recent firmware versions (latest is 2.20.0), can disable firmware signature verification and use a padded firmware file to flash OpenWrt: * ssh into target device and run `cliclientd stopcs` * upload factory image via web interface The stopcs-method is supported from firmware version 2.3.0. Earlier versions need to be upgraded to a newer stock version before flashing OpenWrt. Factory images for these devices are RSA signed by TP-Link. While the signature verification can be disabled, the factory image still needs to have a (fake) 1024 bit signature added to pass file checks. Debricking instructions: You can recover using u-boot via the serial port: * Serial port is available from J3 (1:TX, 2:RX, 3:GND, 4:3.3V) * Bridge R237 to connect RX, located next to J3 * Bridge R225 to connect TX, located inside can on back-side of board * Serial port is 115200 baud, 8n1, interrupt u-boot by holding ctrl+B * Upload initramfs with tftp and upgrade via OpenWrt Device mac addresses: Stock firmware has the same mac address for 2.4GHz wireless and ethernet, 5GHz is incremented by one. The base mac address is stored in the 'default-mac' partition (offset 0x90000) at an offset of 8 bytes. ART blobs contain no mac addresses. From OEM ifconfig: ath0 Link encap:Ethernet HWaddr 74:..:E2 ath10 Link encap:Ethernet HWaddr 74:..:E3 br0 Link encap:Ethernet HWaddr 74:..:E2 eth0 Link encap:Ethernet HWaddr 74:..:E2 Signed-off-by: Sander Vanheule <sander@svanheule.net> Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
* firmware-utils/tplink-safeloader: add compat levelSander Vanheule2020-09-091-5/+14
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TP-Link has introduced a compatibility level to prevent certain downgrades. This information is stored in the soft-version partition, changing the data length from 0xc to 0x10. The compatibility level doesn't change frequently. For example, it has the following values for the EAP245v3 (released 2018-Q4): * FW v2.2.0 (2019-05-30): compat_level=0 * FW v2.3.0 (2019-07-31): compat_level=0 * FW v2.3.1 (2019-10-29): compat_level=1 * FW v2.20.0 (2020-04-23): compat_level=1 Empty flash values (0xffffffff) are interpreted as compat_level=0. If a firmware upgrade file has a soft-version block without compatibility level (data length < 0x10), this is also interpreted as compat_level=0. By including a high enough compatibility level in factory images, stock firmware can be convinced to accept the image. A compatibility level aware firmware will keep the original value. Example upgrade log of TP-Link EAP245v3 FWv2.3.0 to FWv2.20.0: [NM_Debug](nm_fwup_verifyFwupFile) 02073: curSoftVer:2.3.0 Build 20190731 Rel. 51932,newSoftVer:2.20.0 Build 20200423 Rel. 36779 ... AddiHardwareVer check: NEW(0x1) >= CUR(0x0), Success. ... [NM_NOTICE](updateDataToNvram) 00575: Restore old additionalHardVer: 0x0.(new 0x1) [NM_NOTICE](updateDataToNvram) 00607: PTN 07: name = soft-version, base = 0x00092000, size = 0x00000100 Bytes, upDataType = 1, upDataStart = 7690604b, upDataLen = 00000018 [NM_Debug](updateDataToNvram) 00738: PTN 07: write bytes = 000002eb Other firmware upgrades have been observed to modify the compabitility stored level (e.g. TP-Link EAP225-Outdoor FWv1.4.1 to FWv1.7.0). Therefore, it seems to be the safest option to set the OpenWrt compatibility level to the highest known value instead of the highest possible value (0xfffffffe), to ensure users do not get unexpectedly refused firmware upgrades when using a device reverted back to stock. To remain compatible with existing devices and not produce different images, the image builder doesn't store a compatibility level if it is zero. Signed-off-by: Sander Vanheule <sander@svanheule.net>
* firmware-utils/tplink-safeloader: soft-version magic is data lengthSander Vanheule2020-09-091-2/+3
| | | | | | | | | | | | | | | The soft-version partition actually contains a header and trailing data: * header: {data length, [zero]} * data: {version, bcd encoded date, revision} The data length is currently treated as a magic number, but should contain the length of the partition data. This header is also present the following partitions (non-exhaustive): * string-based soft-version * support-list Signed-off-by: Sander Vanheule <sander@svanheule.net>
* ath79: enable elf mtd splitterSander Vanheule2020-09-092-0/+2
| | | | | | | Enabled the ELF firmware partition splitter 4.19 and 5.4 in preparation for the TP-Link EAP245v3 device support. Signed-off-by: Sander Vanheule <sander@svanheule.net>
* kernel: mtdsplit: support ELF loader splittingSander Vanheule2020-09-093-0/+293
| | | | | | | | | | | | | | | | | | | | | | | | | To parse the ELF kernel loader, a small ELF parser is used that can handle both ELF32 or ELF64 class loaders. The splitter assumes that the kernel is always located before the rootfs, whether it is embedded in the loader or not. If the kernel is located after the rootfs on the firmware partition, then the rootfs splitter will include it in the dynamically created rootfs_data partition and the kernel will be corrupted. The kernel image is preferably embedded inside the ELF loader, so the end of the loader equals the end of the kernel partition. This is due to the way mtd_find_rootfs_from searches for the the rootfs: - if the kernel image is embedded in the loader, the appended rootfs may follow the loader immediately, within the same erase block. - if the kernel image is not embedded in the loader, but placed at some offset behind the loader (OKLI-style loader), the rootfs must be aligned to an erase-block after the loader and kernel image. In case section header table is empty, determine the elf loader size by finding the end of the last segment, as defined by the program header table. Signed-off-by: Sander Vanheule <sander@svanheule.net>
* build: allow file modes per binary packageSebastian Kemper2020-09-092-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently the global variable PKG_FILE_MODES is used for all ipkg creations. This works for Makefiles which output a single package, or variants of a single package. But if a Makefile outputs multiple packages that each contain different files, setting PKG_FILE_MODES causes build failure when any of the files in the variable do not exist in the folder that is currently being packaged. Example: /openwrt/staging_dir/host/bin/fakeroot -l /openwrt/staging_dir/host/lib/libfakeroot.so -f /openwrt/staging_dir/host/bin/faked /openwrt/scripts/ipkg-build -m "/usr/lib/mariadb/plugin/auth_pam_tool_dir:root:376:0750" /openwrt/build_dir/target-mips_24kc_musl/mariadb-10.4.13/ipkg-mips_24kc/mariadb-server-plugin-disks /openwrt/bin/packages/mips_24kc/packages +chown: cannot access '/openwrt/build_dir/target-mips_24kc_musl/mariadb-10.4.13/ipkg-mips_24kc/mariadb-server-plugin-disks//usr/lib/mariadb/plugin/auth_pam_tool_dir': No such file or directory This commit changes the file mode handling a bit. The file mode can now be set either globally via PKG_FILE_MODES (no behavior change) or on a per-package basis via FILE_MODES. This way specific file modes can be used for any particular package. This behavior is already used for other OpenWrt variables, hence it is familiar: PKG_MAINTAINER vs MAINTAINER PKG_SOURCE_SUBDIR vs SUBDIR PKG_LICENSE vs LICENSE ... Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
* ramips: disable default build for Ravpower RP-WD03Adrian Schmutzler2020-09-091-0/+1
| | | | | | | | | | This device has a 1.5M kernel size limit during boot and is unbootable since February 2019 [1]. [1] https://forum.openwrt.org/t/ravpower-wd03-does-not-start-with-openwrt-master/49792 Reported-by: Szabolcs Hubai <szab.hu@gmail.com> Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* openvpn: fix shell compare operator in openvpn.initMartin Schiller2020-09-092-2/+2
| | | | | | | | Don't use bash syntax, because /bin/sh is used here. Signed-off-by: Martin Schiller <ms@dev.tdt.de> [bump PKG_RELEASE] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* tools: fakeroot: use TCP as IPC transportJo-Philipp Wich2020-09-091-0/+3
| | | | | | | | | | Some environments, e.g. first gen WSL, do not support SysV IPC. Enforce the use of TCP transport instead which should be universally available. Fixes: FS#3317 Ref: https://github.com/microsoft/WSL/issues/4067 Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* mediatek/ramips: remove an ethernet optimization patch that was reported to ↵Felix Fietkau2020-09-096-52/+18
| | | | | | | | cause a regression In some tests, crashes were observed Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: update encap offload patches to the latest versionFelix Fietkau2020-09-0917-149/+1199
| | | | | | | Minor cleanup and code reorganization, along with a change to not disable offload anymore when a tkip or sw crypto key is added Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mediatek: backport the latest version of the mt7531 support patchesFelix Fietkau2020-09-0911-1952/+2573
| | | | | | Fixes unknown unicast flooding issue Signed-off-by: Felix Fietkau <nbd@nbd.name>
* wireguard: bump to 1.0.20200908Jason A. Donenfeld2020-09-091-2/+2
| | | | | | | | | | | | | | | * compat: backport kfree_sensitive and switch to it * netlink: consistently use NLA_POLICY_EXACT_LEN() * netlink: consistently use NLA_POLICY_MIN_LEN() * compat: backport NLA policy macros Backports from upstream changes. * peerlookup: take lock before checking hash in replace operation A fix for a race condition caught by syzkaller. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* hostapd: add UCI support for Hotspot 2.0Daniel Golle2020-09-083-3/+107
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>