aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* sunxi: fix 253-sunxi-h5-add-support-for-nanopi-r1s-h5 patch offsetChristian Lamparter2022-12-121-1/+1
| | | | | | | This showed up in the log: |Hunk #1 succeeded at 555 (offset -83 lines). Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* kernel: modules/lib-lz4: add lz4hc_compressTony Butler2022-12-112-1/+7
| | | | | | | | | enable option `CONFIG_CRYPTO_LZ4HC` to match default kernel config this only adds the `lz4hc_compress` module, and has no effect on the `lz4_decompress` module which already supports any flavor Signed-off-by: Tony Butler <spudz76@gmail.com>
* rtl8812au-ct: fix build with newer backports cfg80211 apiFelix Fietkau2022-12-111-0/+56
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* wolfssl: fix build with /dev/cryptoChukun Pan2022-12-111-0/+33
| | | | | | | | | | Backport upstream patch to fix build error when /dev/crypto enabled. https://github.com/wolfSSL/wolfssl/commit/dc9f46a3be00b5e82684a158605189d1278e324c Fixes: #10944 Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
* umbim: Allow roaming and partner connectionsJulio Gonzalez Gil2022-12-111-6/+25
| | | | | | | | | | Allow registration if the SIM is roaming or partner mode, by adding two new options to the protocol. Until now, such registration failed because umbim returns exit codes 4 and 5 for such situations. Signed-off-by: Julio Gonzalez Gil <git@juliogonzalez.es>
* libtracefs: update to 1.6.2Nick Hainke2022-12-111-2/+2
| | | | | | | | 378a9dd libtracefs: version 1.6.2 e6daa60 libtracefs: Add unit test to test mounting of tracefs_{tracing,debug}_dir() 32acbbf libtracefs: Have tracefs_{tracing,debug}_dir() mount {tracefs,debugfs} if not mounted Signed-off-by: Nick Hainke <vincent@systemli.org>
* mt76: update to the latest versionFelix Fietkau2022-12-102-1611/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ec46d7486ab9 sync with upstream 2575de3aea33 wifi: mt76: mt7921: introduce chanctx support 473cebb3c3e1 wifi: mt76: fix bandwidth 80MHz link fail in 6GHz band de3e77227f62 wifi: mt76: mt7996: add driver for MediaTek Wi-Fi 7 (802.11be) devices f0c191a9f6cd wifi: mt76: mt7996: add missing argument in mt7996_queue_rx_skb() d3838a52df62 wifi: mt76: mt7996: enable use_cts_prot support 98492dff3bec wifi: mt76: mt7996: enable ack signal support 2a41e7a82f86 wifi: mt76: mt7996: add support to configure spatial reuse parameter set 194cb3392829 mt76: mt7915: add missing of_node_put() f91d6f3b73ac wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host 1ce4970d799f wifi: mt76: mt7915: fix mt7915_rate_txpower_get() resource leaks 379f3fc0fc43 wifi: mt76: mt7996: fix insecure data handling of mt7996_mcu_ie_countdown() 233c272f0f86 wifi: mt76: mt7996: fix insecure data handling of mt7996_mcu_rx_radar_detected() 5616c4cc1d5d wifi: mt76: mt7996: fix integer handling issue of mt7996_rf_regval_set() f9598e6d4c2c wifi: mt76: mt7915: split mcu chan_mib array up b252d94bd763 wifi: mt76: mt7915: check return value before accessing free_block_num f1cc3696d725 wifi: mt76: mt7996: check return value before accessing free_block_num b94ba58fa698 wifi: mt76: mt7915: check the correctness of event data 35843a1670c0 wifi: mt76: mt7915: drop always true condition of __mt7915_reg_addr() 01a256c1dc41 wifi: mt76: mt7996: drop always true condition of __mt7996_reg_addr() 5185bbab8953 wifi: mt76: mt7996: fix endianness warning in mt7996_mcu_sta_he_tlv eeb6949c4d06 wifi: mt76: mt76x0: fix oob access in mt76x0_phy_get_target_power 063823aba978 wifi: mt76: mt7921: add support to update fw capability with MTFG table a44109267e4e wifi: mt76: mt7996: fix unintended sign extension of mt7996_hw_queue_read() be5dbb781068 wifi: mt76: mt7915: fix unintended sign extension of mt7915_hw_queue_read() adf9042b6f63 wifi: mt76: fix coverity uninit_use_in_call in mt76_connac2_reverse_frag0_hdr_trans() 551201379efe wifi: mt76: move leds field in leds struct 14fbb6d6e85e wifi: mt76: move leds struct in mt76_phy 81edc468fc62 wifi: mt76: mt7915: enable per-phy led support bbad827e447f wifi: mt76: mt7615: enable per-phy led support 8e7e7e52fc09 wifi: mt76: dma: do not increment queue head if mt76_dma_add_buf fails 95c66d651133 wifi: mt76: handle possible mt76_rx_token_consume failures 52d04463a66e wifi: mt76: dma: rely on queue page_frag_cache for wed rx queues 7fae1de12ae7 wifi: mt76: mt7921: resource leaks at mt7921_check_offload_capability() Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: update to linux 6.1-rc8Felix Fietkau2022-12-10127-10176/+4391
| | | | | | This should help stay in sync with upstream development Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mt76: update to version 2022-12-01Felix Fietkau2022-12-101-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3deafbad7061 wifi: mt76: mt7915: fix uninitialized irq_mask 6ca31dc64da4 wifi: mt76: mt7921: introduce remain_on_channel support 7962005b0734 wifi: mt76: connac: rework macros for unified command 3b2882ca704e wifi: mt76: connac: update struct sta_rec_phy c4d46cb1dd45 wifi: mt76: connac: rework fields for larger bandwidth support in sta_rec_bf 532c322fd72f wifi: mt76: connac: add more unified command IDs 4c43e060726b wifi: mt76: connac: introduce unified event table 4c423058920d wifi: mt76: connac: add more bss info command tags 143d7ab8ef92 wifi: mt76: connac: add more starec command tags 733ef9887b2c wifi: mt76: connac: introduce helper for mt7996 chipset 8e309b5560e1 wifi: mt76: mt7921: fix wrong power after multiple SAR set d791ed1f5877 wifi: mt76: mt7915: add missing MODULE_PARM_DESC 3b8eed9c3866 wifi: mt76: mt7915: add support to configure spatial reuse parameter set 417cca39bab2 wifi: mt76: introduce rxwi and rx token utility routines 629f8631f54f wifi: mt76: add WED RX support to mt76_dma_{add,get}_buf 13c2dc8993b6 wifi: mt76: add WED RX support to mt76_dma_rx_fill 86e94f4162b7 wifi: mt76: add WED RX support to dma queue alloc 1361519851f3 wifi: mt76: add info parameter to rx_skb signature a2e5e0667553 wifi: mt76: connac: introduce mt76_connac_mcu_sta_wed_update utility routine f38faf294310 wifi: mt76: mt7915: enable WED RX support a887a5feb3d1 wifi: mt76: mt7915: enable WED RX stats 4c23061ebcfc wifi: mt76: mt7915: add basedband Txpower info into debugfs a9c88ded5cac wifi: mt76: mt7915: enable .sta_set_txpwr support 2c172bb6cd9f wifi: mt76: mt7915: fix band_idx usage 1b88dd07f153 linux-firmware: update firmware for MT7915 6196f6080506 linux-firmware: update firmware for MT7916 daae6ca5d81f linux-firmware: update firmware for MT7986 e7a9f7a0440c wifi: mt76: mt7915: fix unused-but-set warning 340f3be65397 wifi: mt76: fix coverity overrun-call in mt76_get_txpower() aa7132da0326 wifi: mt76: mt7915: fix endianness of mt7915_mcu_set_obss_spr_pd() a36017d09324 wifi: mt76: mt7921: Add missing __packed annotation of struct mt7921_clc 66dc48bea883 wifi: mt76: do not send firmware FW_FEATURE_NON_DL region fa79eeeadc2d mt76: mt7915: Fix PCI device refcount leak in mt7915_pci_init_hif2() ff94604b2edd wifi: mt76: mt7915: introduce mt7915_get_power_bound() 5082a58f8082 wifi: mt76: mt7915: enable per bandwidth power limit support a7b915302147 wifi: mt76: mt7915: fix scene detection flow of spatial reuse 525592c28d6b wifi: mt76: mt7915: rely on band_idx of mt76_phy cdd7229e769b wifi: mt76: mt7915: mmio: fix naming convention Signed-off-by: Felix Fietkau <nbd@nbd.name>
* hostapd: use wpa_supplicant for unencrypted mesh connectionsFelix Fietkau2022-12-103-3/+7
| | | | | | It's more reliable than using iw Signed-off-by: Felix Fietkau <nbd@nbd.name>
* uboot-bcm4908: update to the latest genericRafał Miłecki2022-12-081-3/+3
| | | | | | 4435700d18 Remove redundant YYLOC global declaration Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* ustream-ssl: update to Git version 2022-12-07Hauke Mehrtens2022-12-081-4/+4
| | | | | | | | | 9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier 2ce1d48 ci: fix building with i.MX6 SDK 584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds aa8c48e cmake: add a possibility to set library version Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* comgt-ncm: add support for quectel modem EC200T-EUJan-Niklas Burfeind2022-12-072-0/+22
| | | | | | | | | context_type is an integer mapping of pdptype: 1: IPV4 2: IPV6 3: IPV4V6 Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
* fritz-tools: fritz_tffs_nand: cache already read sector idsAndre Heider2022-12-071-1/+17
| | | | | | | This speeds up the tool significantly, especially when using the "-a" argument. Signed-off-by: Andre Heider <a.heider@gmail.com>
* fritz-tools: fritz_tffs_nand: get rid of struct tffs_sectorsAndre Heider2022-12-071-12/+8
| | | | | | This doesn't help and "[0]" gets in the way of bounds checks. Signed-off-by: Andre Heider <a.heider@gmail.com>
* fritz-tools: fritz_tffs_nand: exclude oob code when disabledAndre Heider2022-12-071-6/+9
| | | | | | Skip unnecessary stuff if checking the oob data is disabled. Signed-off-by: Andre Heider <a.heider@gmail.com>
* firewall4: add missing PKG_MIRROR_HASHJo-Philipp Wich2022-12-071-1/+1
| | | | | Fixes: 84183f0d98 ("firewall4: update to latest Git HEAD") Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* e2fsprogs: Fix CVE-2022-1304Hauke Mehrtens2022-12-062-1/+51
| | | | | | | | | This fixes CVE-2022-1304: An out-of-bounds read/write vulnerability was found in e2fsprogs 1.46.5. This issue leads to a segmentation fault and possibly arbitrary code execution via a specially crafted filesystem. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* firewall4: update to latest Git HEADJo-Philipp Wich2022-12-061-3/+3
| | | | | | | | 700a925 fw4: prevent null access when no ipsets are defined 6443ec7 config: drop input traffic by default 119ee1a ruleset: drop ctstate invalid traffic for masq-enabled zones Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ucode: update to latest Git HEADJo-Philipp Wich2022-12-061-3/+3
| | | | | | | | | | | | | | | | | 46d93c9 tests: fixup testcases 4c654df types: adjust double printing format eac2add compiler: fix bytecode for logical assignments of properties 3903b18 fs: add `realpath()` function 8366102 math: add isnan() function eef83d3 tests: relax sleep() test 394e901 lib: uc_json(): accept trailing whitespace when parsing strings 1867c8b uloop: terminate parent uloop in task child processes d2cc003 uci: auto-load package in `ctx.foreach()` and `ctx.get_first()` 6c5ee53 compiler: ensure that arrow functions with block bodies return no value fdc9b6a compiler: fix `??=`, `||=` and `&&=` logical assignment semantics 88dcca7 add cmake to install requires for debian Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* iucode-tool: fix compile error with musl libc and USE_CPUID_DEVICEChristian Marangi2022-12-041-0/+29
| | | | | | | | | | | Add patch to fix compilation error with USE_CPUID_DEVICE enabled and musl used as libc. Musl doesn't add limits.h header by default and this is required if USE_CPUID_DEVICE is used. The package currently compile because fortify headers include limits.h by default. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* mac80211: Update to version 5.15.81Hauke Mehrtens2022-12-0328-359/+56
| | | | | | The removed patches were applied upstream. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* uboot-mediatek: bpi-r3: raise CONFIG_LMB_MAX_REGIONS to 64Daniel Golle2022-11-291-6/+8
| | | | | | | | Raise CONFIG_LMB_MAX_REGIONS to 64 as there are going to be more than 8 (the default value) reserved regions to allow supporting offloading Wireless-to-Ethernet traffic on MT7986. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* dnsmasq: add option to expose additional paths to jailDaniel Golle2022-11-272-1/+8
| | | | | | | | | | Add new UCI list 'addn_mount' allowing the expose additional filesystem paths to the jailed dnsmasq process. This is useful e.g. in case of manually configured includes to the configuration file or symlinks pointing outside of the exposed paths as used by e.g. the safe-search package in the packages feed. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* layerscape: Switch LS1012A-FRDM initramfs to gzipPawel Dembicki2022-11-271-1/+1
| | | | | | | | | | At this moment LS1012A-FRDM have uncompressed initramfs image. Error was caused, because gzip extract area overlap image. Let's change loadaddr and enable gzip initramfs images again. Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
* ath79: add support for Senao Engenius EAP1750HMichael Pratt2022-11-271-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | FCC ID: A8J-EAP1750H Engenius EAP1750H is an indoor wireless access point with 1 Gb ethernet port, dual-band wireless, internal antenna plates, and 802.3at PoE+ **Specification:** - QCA9558 SOC - QCA9880 WLAN PCI card, 5 GHz, 3x3, 26dBm - AR8035-A PHY RGMII GbE with PoE+ IN - 40 MHz clock - 16 MB FLASH MX25L12845EMI-10G - 2x 64 MB RAM NT5TU32M16FG - UART at J10 populated - 4 internal antenna plates (5 dbi, omni-directional) - 5 LEDs, 1 button (power, eth0, 2G, 5G, WPS) (reset) **MAC addresses:** MAC addresses are labeled as ETH, 2.4G, and 5GHz Only one Vendor MAC address in flash eth0 ETH *:fb art 0x0 phy1 2.4G *:fc --- phy0 5GHz *:fd --- **Serial Access:** the RX line on the board for UART is shorted to ground by resistor R176 therefore it must be removed to use the console but it is not necessary to remove to view boot log optionally, R175 can be replaced with a solder bridge short the resistors R175 and R176 are next to the UART RX pin at J10 **Installation:** 2 ways to flash factory.bin from OEM: Method 1: Firmware upgrade page: OEM webpage at 192.168.1.1 username and password "admin" Navigate to "Firmware Upgrade" page from left pane Click Browse and select the factory.bin image Upload and verify checksum Click Continue to confirm and wait 3 minutes Method 2: Serial to load Failsafe webpage: After connecting to serial console and rebooting... Interrupt uboot with any key pressed rapidly execute `run failsafe_boot` OR `bootm 0x9fd70000` wait a minute connect to ethernet and navigate to "192.168.1.1/index.htm" Select the factory.bin image and upload wait about 3 minutes **Return to OEM:** If you have a serial cable, see Serial Failsafe instructions otherwise, uboot-env can be used to make uboot load the failsafe image ssh into openwrt and run `fw_setenv rootfs_checksum 0` reboot, wait 3 minutes connect to ethernet and navigate to 192.168.1.1/index.htm select OEM firmware image from Engenius and click upgrade **TFTP recovery:** Requires serial console, reset button does nothing rename initramfs to 'vmlinux-art-ramdisk' make available on TFTP server at 192.168.1.101 power board, interrupt boot execute tftpboot and bootm 0x81000000 NOTE: TFTP is not reliable due to bugged bootloader set MTU to 600 and try many times if your TFTP server supports setting block size higher block size is better. **Format of OEM firmware image:** The OEM software of EAP1750H is a heavily modified version of Openwrt Kamikaze. One of the many modifications is to the sysupgrade program. Image verification is performed simply by the successful ungzip and untar of the supplied file and name check and header verification of the resulting contents. To form a factory.bin that is accepted by OEM Openwrt build, the kernel and rootfs must have specific names... openwrt-ar71xx-generic-eap1750h-uImage-lzma.bin openwrt-ar71xx-generic-eap1750h-root.squashfs and begin with the respective headers (uImage, squashfs). Then the files must be tarballed and gzipped. The resulting binary is actually a tar.gz file in disguise. This can be verified by using binwalk on the OEM firmware images, ungzipping then untaring. Newer EnGenius software requires more checks but their script includes a way to skip them, otherwise the tar must include a text file with the version and md5sums in a deprecated format. The OEM upgrade script is at /etc/fwupgrade.sh. OKLI kernel loader is required because the OEM software expects the kernel to be no greater than 1536k and the factory.bin upgrade procedure would otherwise overwrite part of the kernel when writing rootfs. Note on PLL-data cells: The default PLL register values will not work because of the external AR8035 switch between the SOC and the ethernet port. For QCA955x series, the PLL registers for eth0 and eth1 can be see in the DTSI as 0x28 and 0x48 respectively. Therefore the PLL registers can be read from uboot for each link speed after attempting tftpboot or another network action using that link speed with `md 0x18050028 1` and `md 0x18050048 1`. The clock delay required for RGMII can be applied at the PHY side, using the at803x driver `phy-mode`. Therefore the PLL registers for GMAC0 do not need the bits for delay on the MAC side. This is possible due to fixes in at803x driver since Linux 5.1 and 5.3 Signed-off-by: Michael Pratt <mcpratt@pm.me>
* mac80211: subsys: complete patch files for use with git amNick Hainke2022-11-275-4/+47
| | | | | | | Adding proper fields to patch files allowing for `git am` to properly function. Signed-off-by: Nick Hainke <vincent@systemli.org>
* wolfssl: fix Config.in typoTony Butler2022-11-271-1/+1
| | | | | | Fix simple typo `/crytpo/crypto/` in a description string Signed-off-by: Tony Butler <spudz76@gmail.com>
* wolfssl: update to v5.5.3Nick Hainke2022-11-273-53/+3
| | | | | | | | | | | | | | Remove "200-ecc-rng.patch" because it was upstramed by: https://github.com/wolfSSL/wolfssl/commit/e2566bab2122949a6a0bb2276d0a52598794d7d0 Refreshed "100-disable-hardening-check.patch". Fixes CVE 2022-42905. Release Notes: - https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable - https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.3-stable Signed-off-by: Nick Hainke <vincent@systemli.org>
* ipset: update to 7.16Nick Hainke2022-11-273-96/+3
| | | | | | | | | | | | | Release Notes: https://lore.kernel.org/netfilter-devel/d65fe5d8-d5ea-ef7-102d-aa1d15bb4d69@netfilter.org/T/#u Patch "0001-lib-ipset-fix-printf-warning.patch" replaced upstream by: http://git.netfilter.org/ipset/commit/?id=e39e3466d2d38cdfe83447f391b550e607bc3ce8 Remove upstreamed: - 0002-Fix-IPv6-sets-nftables-translation.patch Signed-off-by: Nick Hainke <vincent@systemli.org>
* kernel/module/iio: add TI am335x ADC driverAlexander Couzens2022-11-241-0/+14
| | | | | | | Add the iio driver for the embedded ADC in the TI Sitara am335x SoCs. Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* lantiq: ltq-tapi: add customer pulse digit timeJonas Albrecht2022-11-182-1/+53
| | | | | | | | | | | | | | | | | | | | | With this patch you can change the pulse digit time by loading the Lantiq FXS driver kernel module called ltq-tapi. This is relevant for old rotaryphones that uses pulsedialing. The default values are: 30-80ms for the low pulse 30-80ms for the high pulse 300ms for minimum Interdigit time this is OK but on some Phones it can be usefull to customize the values If you want to change the values to high and low pulse to 40-90ms and minimum interdigit time to 400ms than change /etc/modules.d/20-ltq-tapi to (without linebrakes): drv_tapi min_digit_low=40 min_digit_high=90 max_digit_low=40 \ max_digit_high=90 min_interdigit=400 Signed-off-by: Jonas Albrecht <plonkbong100@protonmail.com>
* libtracefs: update to 1.6.1Nick Hainke2022-11-181-2/+2
| | | | | | Update to latest version. Signed-off-by: Nick Hainke <vincent@systemli.org>
* lldpd: update to 1.0.16Nick Hainke2022-11-181-2/+2
| | | | | | | Release Notes: https://github.com/lldpd/lldpd/releases/tag/1.0.16 Signed-off-by: Nick Hainke <vincent@systemli.org>
* cypress-firmware: update to v5.10.9-2022_0909Álvaro Fernández Rojas2022-11-171-3/+147
| | | | | | | | | | | | | | | | | | | | | | | | | The following firmwares have been updated: - cyfmac43012-sdio (v13.10.271.266 -> v13.10.271.289) - cyfmac43430-sdio (v7.45.98.118 -> v7.45.98.125) - cyfmac43455-sdio (v7.45.234 -> v7.45.250) - cyfmac4354-sdio (v7.35.349.104 -> v7.35.349.117) - cyfmac4356-pcie (v7.35.180.208 -> v7.35.180.212) - cyfmac4356-sdio (v7.35.349.104 -> v7.35.349.115) - cyfmac4373-sdio (v13.10.246.253 -> v13.10.246.289) - cyfmac4373-usb (v13.10.246.253 -> v13.10.246.289) - cyfmac54591-pcie (v13.35.225 -> v13.35.284) The following firmwares have been added: - cyfmac43439-sdio (v7.95.55) - cyfmac4373-pcie (v13.35.205.66) - cyfmac54591-sdio (v13.35.284) - cyfmac55560-pcie (v18.53.53.4) - cyfmac55572-pcie (v18.53.117.2) - cyfmac55572-sdio (v18.53.117.2) More info: https://github.com/Infineon/ifx-linux-firmware/compare/release-v5.4.18-2021_0812...release-v5.10.9-2022_0909 Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* cypress-firmware: fix cyfmac4356-pcie symbolic linksÁlvaro Fernández Rojas2022-11-171-9/+4
| | | | | | | The symbolic link introduced in 22e9d8bc896b is wrong. Fixes: 22e9d8bc896b ("cypress-firmware: use symlink to provide firmware in brcm") Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* uboot-mediatek: optimize MMC eraseDaniel Golle2022-11-174-7/+7
| | | | | | | | | Fix mmc_write_vol hush script used by many boards to avoid timeouts on slow SD cards: Instead of erasing a complete partition, only erase blocks for the to-be-written image when writing to MMC. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* cypress-nvram: consolidate NVRAM packagesKuan-Yi Li2022-11-161-20/+6
| | | | | | | NVRAM packages for the same wireless chip are consolidated into one as they contain only small text files and symlinks. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* linux-firmware: broadcom: consolidate NVRAM packagesKuan-Yi Li2022-11-163-31/+79
| | | | | | | NVRAM packages for the same wireless chip are consolidated into one as they contain only small text files and symlinks. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* cypress-nvram: disassociate from external source repoKuan-Yi Li2022-11-162-101/+18
| | | | | | | | | | | | Since all NVRAM files in external repo are now upstreamed and to lower future maintenance cost, disassociate the package from external source repo. All upstream pending NVRAM files shall be stored locally from now on. Signed-off-by: Kuan-Yi Li <kyli@abysm.org> [Remove outdated URL, add SPDX-License-Identifier] Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* libmbedtls: use defaults if no build opts selectedGlenn Strauss2022-11-161-2/+3
| | | | | | | use defaults if no build opts selected (allows build with defaults when mbedtls not selected and configured) Signed-off-by: Glenn Strauss <gstrauss@gluelogic.com>
* linux-firmware: offer two versions of firmware for CYW4339Kuan-Yi Li2022-11-154-10/+36
| | | | | | | | | | | | | | | | | | | | | According to commit 6f6c2fb321, AP6335 module used in PICO-PI-IMX7D works only with firmware from `linux-firmware`. However, firmware from `cypress-firmware` suite is directly from the chip company (Infineon) and is actually newer. Instead of dropping the firmware from Infineon, create a package named `brcmfmac-firmware-4339-sdio`, and keep the Infineon version of `cypress-firmware-4339-sdio` around. This gives us devs the option to choose. Also, it means that - packages `brcmfmac-firmware-*` uniformly come from `linux-firmware` - packages `cypress-firmware-*` uniformly come from `cypress-firmware` so hopefully brings more clarity. Tested-by: Lech Perczak <lech.perczak@gmail.com> Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* linux-firmware: broadcom: use symlink to provide NVRAM for some RPisKuan-Yi Li2022-11-152-4/+13
| | | | | | | | | | This is to align the implementation with upstream `linux-firmware`. Some Raspberry Pi boards do not have dedicated NVRAM in `linux-firmware` source repository, their NVRAM is provided through a symbolic link to NVRAM of another board with an identical wireless design. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* cypress-firmware: use symlink to provide firmware in brcmKuan-Yi Li2022-11-151-23/+101
| | | | | | | | | | | | | This is to align the implementation with upstream `linux-firmware`. Instead of moving these firmware files to `brcm` subdirectory and changing their names, leave them in `cypress` subdirectory, keep their names intact and use symbolic links to provide compatibility with Broadcom FullMAC driver. This gives more context to where the firmware comes from. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* cypress-nvram: use symlink to provide NVRAM for some RPisKuan-Yi Li2022-11-151-11/+25
| | | | | | | | | | This is to align the implementation with upstream `linux-firmware`. Some Raspberry Pi boards do not have dedicated NVRAM in `linux-firmware` source repository, their NVRAM is provided through a symbolic link to NVRAM of another board with an identical wireless design. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* cypress-nvram: remove PROVIDES in NVRAM packagesKuan-Yi Li2022-11-151-6/+1
| | | | | | | | | | | | | | | | | | | | PROVIDES for these packages will cause ambiguity and circular dependency in planned changes. For example, if there is a package `brcmfmac-firmware-43455-sdio-rpi-cm4` that depends on `brcmfmac-firmware-43455-sdio-rpi-4b`, there is no way to tell which one of below packages the system will go for. - package named `brcmfmac-firmware-43455-sdio-rpi-4b` - package named `cypress-nvram-43455-sdio-rpi-4b` that PROVIDES `brcmfmac-firmware-43455-sdio-rpi-4b` When ambiguity is unacceptable, PROVIDES (aliases) shall be removed and packages shall only be used through their exact name. So remove PROVIDES and keep only CONFLICTS. Signed-off-by: Kuan-Yi Li <kyli@abysm.org>
* kernel: modules: package Marvell gigE PHY driverDaniel Golle2022-11-151-0/+34
| | | | | | | | | | | | | | | | | | | Some copper SFP modules come with Marvell's 88E1xxx PHY and need this module to function. Package it, so users can easily install this PHY driver and use e.g. FINISAR CORP. FCLF-8521-3-HC SFP. Without marvell PHY driver: sfp sfp2: module FINISAR CORP. FCLF-8521-3-HC rev A sn XXXXXXX dc XXXXXX mt7530 mdio-bus:1f sfp2: validation with support 0000000,00000000,00000000 failed: -22 sfp sfp2: sfp_add_phy failed: -22 With marvell PHY driver: sfp sfp2: module FINISAR CORP. FCLF-8521-3-HC rev A sn XXXXXXX dc XXXXXX mt7530 mdio-bus:1f sfp2: switched to inband/sgmii link mode mt7530 mdio-bus:1f sfp2: PHY [i2c:sfp2:16] driver [Marvell 88E1111] (irq=POLL) mt7530 mdio-bus:1f sfp2: Link is Up - 1Gbps/Full - flow control rx/tx Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ath79: support Ruckus ZoneFlex 7025Lech Perczak2022-11-131-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Ruckus ZoneFlex 7025 is a single 2.4GHz radio 802.11n 1x1 enterprise access point with built-in Ethernet switch, in an electrical outlet form factor. Hardware highligts: - CPU: Atheros AR7240 SoC at 400 MHz - RAM: 64MB DDR2 - Flash: 16MB SPI-NOR - Wi-Fi: AR9285 built-in 2.4GHz 1x1 radio - Ethernet: single Fast Ethernet port inside the electrical enclosure, coupled with internal LSA connector for direct wiring, four external Fast Ethernet ports on the lower side of the device. - PoE: 802.3af PD input inside the electrical box. 802.3af PSE output on the LAN4 port, capable of sourcing class 0 or class 2 devices, depending on power supply capacity. - External 8P8C pass-through connectors on the back and right side of the device - Standalone 48V power input on the side, through 2/1mm micro DC barrel jack Serial console: 115200-8-N-1 on internal JP1 header. Pinout: ---------- JP1 |5|4|3|2|1| ---------- Pin 1 is near the "H1" marking. 1 - RX 2 - n/c 3 - VCC (3.3V) 4 - GND 5 - TX Installation: There are two methods of installation: - Using serial console [1] - requires some disassembly, 3.3V USB-Serial adapter, TFTP server, and removing a single T10 screw, but with much less manual steps, and is generally recommended, being safer. - Using stock firmware root shell exploit, SSH and TFTP [2]. Does not work on some rare versions of stock firmware. A more involved, and requires installing `mkenvimage` from u-boot-tools package if you choose to rebuild your own environment, but can be used without disassembly or removal from installation point, if you have the credentials. If for some reason, size of your sysupgrade image exceeds 13312kB, proceed with method [1]. For official images this is not likely to happen ever. [1] Using serial console: 0. Connect serial console to H1 header. Ensure the serial converter does not back-power the board, otherwise it will fail to boot. 1. Power-on the board. Then quickly connect serial converter to PC and hit Ctrl+C in the terminal to break boot sequence. If you're lucky, you'll enter U-boot shell. Then skip to point 3. Connection parameters are 115200-8-N-1. 2. Allow the board to boot. Press the reset button, so the board reboots into U-boot again and go back to point 1. 3. Set the "bootcmd" variable to disable the dual-boot feature of the system and ensure that uImage is loaded. This is critical step, and needs to be done only on initial installation. > setenv bootcmd "bootm 0x9f040000" > saveenv 4. Boot the OpenWrt initramfs using TFTP. Replace IP addresses as needed: > setenv serverip 192.168.1.2 > setenv ipaddr 192.168.1.1 > tftpboot 0x81000000 openwrt-ath79-generic-ruckus_zf7025-initramfs-kernel.bin > bootm 0x81000000 5. Optional, but highly recommended: back up contents of "firmware" partition: $ ssh root@192.168.1.1 cat /dev/mtd1 > ruckus_zf7025_fw1_backup.bin 6. Copy over sysupgrade image, and perform actual installation. OpenWrt shall boot from flash afterwards: $ ssh root@192.168.1.1 # sysupgrade -n openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin [2] Using stock root shell: 0. Reset the device to factory defaullts. Power-on the device and after it boots, hold the reset button near Ethernet connectors for 5 seconds. 1. Connect the device to the network. It will acquire address over DHCP, so either find its address using list of DHCP leases by looking for label MAC address, or try finding it by scanning for SSH port: $ nmap 10.42.0.0/24 -p22 From now on, we assume your computer has address 10.42.0.1 and the device has address 10.42.0.254. 2. Set up a TFTP server on your computer. We assume that TFTP server root is at /srv/tftp. 3. Obtain root shell. Connect to the device over SSH. The SSHD ond the frmware is pretty ancient and requires enabling HMAC-MD5. $ ssh 10.42.0.254 \ -o UserKnownHostsFile=/dev/null \ -o StrictHostKeyCheking=no \ -o MACs=hmac-md5 Login. User is "super", password is "sp-admin". Now execute a hidden command: Ruckus It is case-sensitive. Copy and paste the following string, including quotes. There will be no output on the console for that. ";/bin/sh;" Hit "enter". The AP will respond with: grrrr OK Now execute another hidden command: !v54! At "What's your chow?" prompt just hit "enter". Congratulations, you should now be dropped to Busybox shell with root permissions. 4. Optional, but highly recommended: backup the flash contents before installation. At your PC ensure the device can write the firmware over TFTP: $ sudo touch /srv/tftp/ruckus_zf7025_firmware{1,2}.bin $ sudo chmod 666 /srv/tftp/ruckus_zf7025_firmware{1,2}.bin Locate partitions for primary and secondary firmware image. NEVER blindly copy over MTD nodes, because MTD indices change depending on the currently active firmware, and all partitions are writable! # grep rcks_wlan /proc/mtd Copy over both images using TFTP, this will be useful in case you'd like to return to stock FW in future. Make sure to backup both, as OpenWrt uses bot firmwre partitions for storage! # tftp -l /dev/<rcks_wlan.main_mtd> -r ruckus_zf7025_firmware1.bin -p 10.42.0.1 # tftp -l /dev/<rcks_wlan.bkup_mtd> -r ruckus_zf7025_firmware2.bin -p 10.42.0.1 When the command finishes, copy over the dump to a safe place for storage. $ cp /srv/tftp/ruckus_zf7025_firmware{1,2}.bin ~/ 5. Ensure the system is running from the BACKUP image, i.e. from rcks_wlan.bkup partition or "image 2". Otherwise the installation WILL fail, and you will need to access mtd0 device to write image which risks overwriting the bootloader, and so is not covered here and not supported. Switching to backup firmware can be achieved by executing a few consecutive reboots of the device, or by updating the stock firmware. The system will boot from the image it was not running from previously. Stock firmware available to update was conveniently dumped in point 4 :-) 6. Prepare U-boot environment image. Install u-boot-tools package. Alternatively, if you build your own images, OpenWrt provides mkenvimage in host staging directory as well. It is recommended to extract environment from the device, and modify it, rather then relying on defaults: $ sudo touch /srv/tftp/u-boot-env.bin $ sudo chmod 666 /srv/tftp/u-boot-env.bin On the device, find the MTD partition on which environment resides. Beware, it may change depending on currently active firmware image! # grep u-boot-env /proc/mtd Now, copy over the partition # tftp -l /dev/mtd<N> -r u-boot-env.bin -p 10.42.0.1 Store the stock environment in a safe place: $ cp /srv/tftp/u-boot-env.bin ~/ Extract the values from the dump: $ strings u-boot-env.bin | tee u-boot-env.txt Now clean up the debris at the end of output, you should end up with each variable defined once. After that, set the bootcmd variable like this: bootcmd=bootm 0x9f040000 You should end up with something like this: bootcmd=bootm 0x9f040000 bootargs=console=ttyS0,115200 rootfstype=squashfs init=/sbin/init baudrate=115200 ethaddr=0x00:0xaa:0xbb:0xcc:0xdd:0xee mtdparts=mtdparts=ar7100-nor0:256k(u-boot),7168k(rcks_wlan.main),7168k(rcks_wlan.bkup),1280k(datafs),256k(u-boot-env) mtdids=nor0=ar7100-nor0 bootdelay=2 filesize=52e000 fileaddr=81000000 ethact=eth0 stdin=serial stdout=serial stderr=serial partition=nor0,0 mtddevnum=0 mtddevname=u-boot ipaddr=192.168.0.1 serverip=192.168.0.2 stderr=serial ethact=eth0 These are the defaults, you can use most likely just this as input to mkenvimage. Now, create environment image and copy it over to TFTP root: $ mkenvimage -s 0x40000 -b -o u-boot-env.bin u-boot-env.txt $ sudo cp u-boot-env.bin /srv/tftp This is the same image, gzipped and base64-encoded: H4sICOLMEGMAA3UtYm9vdC1lbnYtbmV3LmJpbgDt0E1u00AUAGDfgm2XDUrTsUV/pTkFSxZoEk+o lcQJtlNaLsURwU4FikDiBN+3eDNvLL/3Zt5/+vFuud8Pq10dp3V3EV4e1uFDGBXTQeq+9HG1b/v9 NsdheP0Y5mV5U4Vw0Y1f1/3wesix/3pM/dO6v2jaZojX/bJpr6dtsUzHuktDjm//FHl4SnXdxfAS wmN4SWkMy+UYVqsx1PUYci52Q31I3dDHP5vU3ZUhXLX7LjxWN7eby+PVNNxsflfe3m8uu9Wm//xt m9rFLjXtv6fLzfEwm5fVfdhc1mlI6342Pytzldvn2dS1qfs49Tjvd3qFOm/Ta6yKdbPNffM9x5sq Ty805acL3Zfh5HTD1RDHJRT9WLGNfe6atJ2S/XE4y3LX/c6mSzZDs29P3edhmqXOz+1xF//s0y7H t3GL5nDqWT5Ui/Gii7Aoi7HQ81jrcHZY/dXkfLLiJwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8 xy8jb4zOAAAEAA== 7. Perform actual installation. Copy over OpenWrt sysupgrade image to TFTP root: $ sudo cp openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin /srv/tftp Now load both to the device over TFTP: # tftp -l /tmp/u-boot-env.bin -r u-boot-env.bin -g 10.42.0.1 # tftp -l /tmp/openwrt.bin -r openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin -g 10.42.0.1 Verify checksums of both images to ensure the transfer over TFTP was completed: # sha256sum /tmp/u-boot-env.bin /tmp/openwrt.bin And compare it against source images: $ sha256sum /srv/tftp/u-boot-env.bin /srv/tftp/openwrt-ath79-generic-ruckus_zf7025-squashfs-sysupgrade.bin Locate MTD partition of the primary image: # grep rcks_wlan.main /proc/mtd Now, write the images in place. Write U-boot environment last, so unit still can boot from backup image, should power failure occur during this. Replace MTD placeholders with real MTD nodes: # flashcp /tmp/openwrt.bin /dev/<rcks_wlan.main_mtd> # flashcp /tmp/u-boot-env.bin /dev/<u-boot-env_mtd> Finally, reboot the device. The device should directly boot into OpenWrt. Look for the characteristic power LED blinking pattern. # reboot -f After unit boots, it should be available at the usual 192.168.1.1/24. Return to factory firmware: 1. Boot into OpenWrt initramfs as for initial installation. To do that without disassembly, you can write an initramfs image to the device using 'sysupgrade -F' first. 2. Unset the "bootcmd" variable: fw_setenv bootcmd "" 3. Concatenate the firmware backups, if you took them during installation using method 2: $ cat ruckus_zf7025_fw1_backup.bin ruckus_zf7025_fw2_backup.bin > ruckus_zf7025_backup.bin 3. Write factory images downloaded from manufacturer website into fwconcat0 and fwconcat1 MTD partitions, or restore backup you took before installation: # mtd write ruckus_zf7025_backup.bin /dev/mtd1 4. Reboot the system, it should load into factory firmware again. Quirks and known issues: - Flash layout is changed from the factory, to use both firmware image partitions for storage using mtd-concat, and uImage format is used to actually boot the system, which rules out the dual-boot capability. - The 2.4 GHz radio has its own EEPROM on board, not connected to CPU. - The stock firmware has dual-boot capability, which is not supported in OpenWrt by choice. It is controlled by data in the top 64kB of RAM which is unmapped, to avoid the interference in the boot process and accidental switch to the inactive image, although boot script presence in form of "bootcmd" variable should prevent this entirely. - On some versions of stock firmware, it is possible to obtain root shell, however not much is available in terms of debugging facitilies. 1. Login to the rkscli 2. Execute hidden command "Ruckus" 3. Copy and paste ";/bin/sh;" including quotes. This is required only once, the payload will be stored in writable filesystem. 4. Execute hidden command "!v54!". Press Enter leaving empty reply for "What's your chow?" prompt. 5. Busybox shell shall open. Source: https://alephsecurity.com/vulns/aleph-2019014 Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
* uboot-envtools: ath79: add support for Ubiquiti XM devicesLech Perczak2022-11-131-0/+8
| | | | | | | | | | | | | Inspired by commit 9565c5726a34da7c9c953d2293b70fdbfef0e0be, and by facts that all Ubiquiti XM devices share flash layout, and images are mostly compatible between all of them - enable uboot-envtools support for whole XM line. Build tested on: Ubiquiti Airrouter, Bullet-M (7240,7241), Nanobridge-M, Nanostation-M (+ Loco), Picostation-M, Powerbridge-M, Rocket-M. Runtime tested on: Ubiquiti Nanobridge M5 (XM). Signed-off-by: Lech Perczak <lech.perczak@gmail.com>
* ramips: add support for Rostelecom RT-SF-1Mikhail Zhilkin2022-11-131-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Rostelecom RT-SF-1 is a wireless WiFi 5 router manufactured by Sercomm company. Device specification -------------------- SoC Type: MediaTek MT7621AT RAM: 256 MiB Flash: 256 MiB, Micron MT29F2G08ABAGA3W Wireless 2.4 GHz (MT7603EN): b/g/n, 2x2 Wireless 5 GHz (MT7615E): a/n/ac, 4x4 Ethernet: 5xGbE (WAN, LAN1, LAN2, LAN3, LAN4) USB ports: 1xUSB3.0 ZigBee: 3.0, EFR32 MG1B232GG Button: 2 buttons (Reset & WPS) LEDs: - 1x Status (RGB) - 1x 2.4G (blue, hardware, mt76-phy0) - 1x 5G (blue, hardware, mt76-phy1) Power: 12 VDC, 1.5 A Connector type: barrel Bootloader: U-Boot Installation ----------------- 1. Remove dots from the OpenWrt factory image filename 2. Login to the router web interface 3. Update firmware using web interface with the OpenWrt factory image 4. If OpenWrt is booted, then no further steps are required. Enjoy! Otherwise (Stock firmware has booted again) proceed to the next step. 5. Update firmware using web interface with any version of the Stock firmware 6. Update firmware using web interface with the OpenWrt factory image Revert to stock --------------- Change bootflag to Sercomm1 in OpenWrt CLI and then reboot: printf 1 | dd bs=1 seek=7 count=1 of=/dev/mtdblock3 Recovery -------- Use sercomm-recovery tool. Link: https://github.com/danitool/sercomm-recovery MAC Addresses ------------- +-----+------------+------------+ | use | address | example | +-----+------------+------------+ | LAN | label | *:72, *:d2 | | WAN | label + 11 | *:7d, *:dd | | 2g | label + 2 | *:74, *:d4 | | 5g | label + 3 | *:75, *:d5 | +-----+------------+------------+ The label MAC address was found in Factory 0x21000 Signed-off-by: Mikhail Zhilkin <csharper2005@gmail.com>