| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
It shouldn't be needed anymore as we've now `scripts/xxdi.pl`, which
should be self contained and fully compatible `xxd -i` replacement.
Fixes: #10555
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 88c9056a70901577489ecdc7a25207a9b7576d6e)
|
|
|
|
|
|
|
| |
Prevents ./configure "checking build system" test fail on Alpine linux.
Signed-off-by: Isaev Ruslan <legale.legale@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [commit description]
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt
```
It includes the following security fix:
* A malicious certificate can cause an infinite loop.
Reported by and fix from Tavis Ormandy and David Benjamin, Google.
(CVE-2022–0778)
```
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 25534d5cc20a807ff776fdb18847344167ce081d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.
Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.
Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033)
(cherry picked from commit 3965dda0fa70dc9408f1a2e55a3ddefde78bd50e)
|
|
|
|
|
|
|
|
| |
Don't download all of vim just to build xxd. Use a tight tarball
containing only xxd sources instead.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 2b94aac7a128c9d9f4343af2265b362e8b5d5013)
|
|
|
|
|
|
|
|
|
|
|
| |
U-Boot requires xxd to create the default environment from an external
file as done in uboot-mediatek.
Build xxd (only, not the rest of vim) as part of tools to make sure it
is present on the buildhost.
Reported-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit c4dd2441e7875c9550820f8380b3e41ca619ef27)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt
```
It includes the following security fix
* In some situations the X.509 verifier would discard an error on an
unverified certificate chain, resulting in an authentication bypass.
Thanks to Ilya Shipitsin and Timo Steinlein for reporting.
```
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 495c4f4e197166a6fa997d4620ca6c241e3abd45)
|
|
|
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 03bb3412a2b8bf8ac69e062ea9fd88e2c6c6fb57)
|
|
|
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f78ad901e1ce07c42a9f5e670c39dbdcea15eb87)
|
|
|
|
|
|
|
| |
Fix wrong FPIC variable usage. Fixes compilation under sparc64 host.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit bf4dbbb55e2b8e23f186e1334f1e9ce6a3a8ddfe)
|
|
|
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from commit aae4bf7c622688281c500c7e193e44bab67713e4)
|
|
|
|
|
|
|
|
| |
The $INODE64 symbol variants are not present, since the base system
always uses 64-bit file offsets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 53ebacacf93278c6e71052eb5b3708c599129e55)
|
|
|
|
|
|
|
|
|
|
| |
Added patch for MacOS without 32 bit inodes support
(__DARWIN_ONLY_64_BIT_INO_T is true)
This patch based on discussion https://github.com/archmac/bootstrap/issues/4
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
(cherry-picked from commit 8fedc17d01806c8a4bf4ed9e83a9523677d37bbd)
|
|
|
|
|
|
|
|
|
|
| |
For some reason, the generated configure script fails to properly set up
the internal preprocessor command variable, causing the host OS check for
Darwin to fail after the last update.
Explicitly setting CPP fixes this issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit 48e209e5c5a76dd0ce4a2a8b014416dc988269a3)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
vendor fw > v1.1.x
Apply the same fix that was previously done for the Archer C7v5 to the
A7v5 as well to make the web UI accept our images again.
This is a backport of firmware-utils
commit 84dbf8ee49f522d3a4528763c9473cf3dd7c8c52.
Tested-by: Luflosi <luflosi@luflosi.de>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update ccache to 4.2.1
While compiling on Gentoo, the ccache can not be compiled due to this
error:
/openwrt/build_dir/host/ccache-4.1/unittest/../src/third_party/doctest.h:4084:47: error: size of array 'altStackMem' is not an integral constant-expression
4084 | static char altStackMem[4 * SIGSTKSZ];
| ^
This was fixed in ccache version 4.2.1 [1] by upgrading doctest [2].
[1] https://github.com/ccache/ccache/issues/825
[2] https://github.com/doctest/doctest/issues/473
Signed-off-by: DENG Qingfang <dqfext@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patch]
(cherry picked from commit 3ebfd0078d6aa4848ee8f72640266bd0390f790a)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[improved commit message]
|
|
|
|
|
|
|
|
|
|
| |
isl.gforge.inria.fr has been dead since early this month [1]. Switch to
libisl.sourceforge.io for the time being.
[1] https://groups.google.com/g/isl-development/c/JGaMo2VUu_8
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit dd0ad9b661b604163d1736fcfe18714ff47c3728)
|
|
|
|
|
|
|
| |
Remove upstreamed patches.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fc9682ed3961e098ace708ca1ca41c2239a4e2ee)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CPExxx and WBSxxx boards with AR9344 SOC
use the OKLI lzma kernel loader
with the offset of 3 blocks of length 4k (0x3000)
in order to have a fake "kernel" that cannot grow larger
than how it is defined in the now static OEM partition table.
Before recent changes to the mtdsplit driver,
the uImage parser for OKLI only supported images
that started exactly on an eraseblock boundary.
The mtdsplit parser for uImage now supports identifying images
with any magic number value
and at any offset from the eraseblock boundary
using DTS properties to define those values.
So, it is no longer necessary to use fixed sizes
for kernel and rootfs
Tested-by: Andrew Cameron <apcameron@softhome.net> [CPE510 v2]
Tested-by: Bernhard Geier <freifunk@geierb.de> [WBS210 v2]
Tested-by: Petrov <d7c48mWsPKx67w2@gmail.com> [CPE210 v1]
Signed-off-by: Michael Pratt <mcpratt@pm.me>
(cherry picked from commit 7b9a0c264cb9dc2c5a946a0aa9a290427a5e559c)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch adds support for TP-Link Archer C6U v1 (EU).
The device is also known in some market as Archer C6 v3.
This patch supports only Archer C6U v1 (EU).
Specifications:
--------------
* SoC: Mediatek MT7621AT 2C2T, 880MHz
* RAM: 128MB DDR3
* Flash: 16MB SPI NOR flash (Winbond 25Q128)
* WiFi 5GHz: Mediatek MT7613BEN (2x2:2)
* WiFi 2.4GHz: Mediatek MT7603EN (2x2:2)
* Ethernet: MT7630, 5x 1000Base-T.
* LED: Power, WAN, LAN, WiFi 2GHz and 5GHz, USB
* Buttons: Reset, WPS.
* UART: Serial console (115200 8n1), J1(GND:3)
* USB: One USB2 port.
Installation:
------------
Install the OpenWrt factory image for C6U is from the
TP-Link web interface.
1) Go to "Advanced/System Tools/Firmware Update".
2) Click "Browse" and upload the OpenWrt factory image:
openwrt-ramips-mt7621-tplink_archer-c6u-v1-squashfs-factory.bin.
3) Click the "Upgrade" button, and select "Yes" when prompted.
Recovery to stock firmware:
--------------------------
The C6U bootloader has a failsafe mode that provides a web
interface (running at 192.168.0.1) for reverting back to the
stock TP-Link firmware. The failsafe interface is triggered
from the serial console or on failed kernel boot. Unfortunately,
there's no key combination that enables the failsafe mode. This
gives us two options for recovery:
1) Recover using the serial console (J1 header).
The recovery interface can be selected by hitting 'x' when
prompted on boot.
2) Trigger the bootloader failsafe mode.
A more dangerous option is force the bootloader into
recovery mode by erasing the OpenWrt partition from the
OpenWrt's shell - e.g "mtd erase firmware". Please be
careful, since erasing the wrong partition can brick
your device.
MAC addresses:
-------------
OEM firmware configuration:
D8:07:B6:xx:xx:83 : 5G
D8:07:B6:xx:xx:84 : LAN (label)
D8:07:B6:xx:xx:84 : 2.4G
D8:07:B6:xx:xx:85 : WAN
Signed-off-by: Georgi Vlaev <georgi.vlaev@konsulko.com>
(cherry picked from commit a46ad596a3e076599f38a4132b5d6dfee8a3102a)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The patch adds support for the TP-Link Archer A6 v3
The router is sold in US and India with FCC ID TE7A6V3
Specification
-------------
MediaTek MT7621 SOC
RAM: 128MB DDR3
SPI Flash: W25Q128 (16MB)
Ethernet: MT7530 5x 1000Base-T
WiFi 5GHz: Mediatek MT7613BE
WiFi 2.4GHz: Mediatek MT7603E
UART/Serial: 115200 8n1
Device Configuration & Serial Port Pins
---------------------------------------
ETH Ports: LAN4 LAN3 LAN2 LAN1 WAN
_______________________
| |
Serial Pins: | VCC GND TXD RXD |
|_____________________|
LEDs: Power Wifi2G Wifi5G LAN WAN
Build Output
------------
The build will generate following set of files
[1] openwrt-ramips-mt7621-tplink_archer-a6-v3-initramfs-kernel.bin
[2] openwrt-ramips-mt7621-tplink_archer-a6-v3-squashfs-factory.bin
[3] openwrt-ramips-mt7621-tplink_archer-a6-v3-squashfs-sysupgrade.bin
How to Use - Flashing from TP-Link Web Interface
------------------------------------------------
* Go to "Advanced/System Tools/Firmware Update".
* Click "Browse" and upload the OpenWrt factory image: factory.bin[2]
* Click the "Upgrade" button, and select "Yes" when prompted.
TFTP Booting
------------
Setup a TFTP boot server with address 192.168.0.5.
While starting U-boot press '4' key to stop autoboot.
Copy the initramfs-kernel.bin[1] to TFTP server folder, rename as test.bin
From u-boot command prompt run tftpboot followed by bootm.
Recovery
--------
Archer A6 V3 has recovery page activated if SPI booting from flash fails.
Recovery page can be activated from serial console only.
Press 'x' while u-boot is starting
Note: TFTP boot can be activated only from u-boot serial console.
Device recovery address: 192.168.0.1
Thanks to: Frankis for Randmon MAC address fix.
Signed-off-by: Vinay Patil <post2vinay@gmail.com>
[remove superfluous factory image definition, whitespacing]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f8f8935adb2be1ebce46a8d7058c76a8d3a9bd89)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix coverity resource leak warning:
*len = stat.st_size;
mapped = mmap(NULL, stat.st_size, PROT_READ, MAP_SHARED, fd, 0);
if (close(fd) < 0)
CID 1484880: Resource leaks (RESOURCE_LEAK)
Variable "mapped" going out of scope leaks the storage it points to.
return NULL;
return mapped;
}
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit baf2a50ef3cf34574e12d2ab1b23578310f0d527)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The ZyXEL NR7101 prepend an additional header to U-Boot images. This
header use the TRX magic 0x30524448 (HDR0), but is incompatible with
TRX images.
This code is reverse-engineered based on matching 32 bit numbers
found in the header with lengths and different checksum
calculations of the vendor images found on the device. The result
was matched against the validation output produced by the
bootloader to name the associated header fields.
Example bootloader validation output:
Zyxel TRX Image 1 --> Found! Header Checksum OK
============ZyXEL header information==================
chipId : MT7621A
boardId : NR7101
modelId : 07 01 00 01
kernel_len : (14177560)
kernelChksum : (0x8DD31F69)
swVersionInt : 1.00(ABUV.0)D1
swVersionExt : 1.00(ABUV.0)D1
Zyxel TRX Image 2 --> Found! Header Checksum OK
============ZyXEL header information==================
chipId : MT7621A
boardId : NR7101
modelId : 07 01 00 01
kernel_len : (14176660)
kernelChksum : (0x951A7637)
swVersionInt : 1.00(ABUV.0)D0
swVersionExt : 1.00(ABUV.0)D0
=================================================
Check image validation:
Image1 Header Magic Number --> OK
Image2 Header Magic Number --> OK
Image1 Header Checksum --> OK
Image2 Header Checksum --> OK
Image1 Data Checksum --> OK
Image2 Data Checksum --> OK
Image1 Stable Flag --> Stable
Image1 Try Counter --> 0
Image1: OK
Image2: OK
The coverage and algorithm for the kernelChksum field is unknown.
This field is not validated by the bootloader or the OEM firmware
upgrade tool. It is therefore set to a static value for now.
The swVersion fields contain free form string values. The OEM firmware
use ZyXEL structured version numbers as shown above. The strings are
not interpreted or validated on boot, so they can be repurposed for
anything we want the bootloader to display to the user. But the OEM
web GUI fails to flash images with freeform strings.
The purpose of the other strings in the header is not known. The
values appear to be static. We assume they are fixed for now, until
we have other examples. One of these strings is the platform name,
which is taken as an input parameter for support other members of
the device family.
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Tested-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit 48cad07a55246317d66fee4ced25cb62a2bae3d3)
|
|
|
|
|
|
|
|
|
| |
Prevent build error on Alpine Linux host:
libfakeroot.c error: conflicting types for 'id_t'
Error relocating openwrt/staging_dir/host/lib/libfakeroot.so: SEND_GET_XATTR: symbol not found
Signed-off-by: Ruslan Isaev <legale.legale@gmail.com>
(cherry picked from commit 7a70f78fb7da4dc3e8c58e7662f4dc623274a78b)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adjusts the Makefile to use the new option to turn off the
doc builds. It will not cause any problems except a warning
about unused options if combined with a ccache source missing
the upstream patch.
Since a config setting is required to re-enable the doc build this
is equivalent to unconditionally disabling the docs if the config
setting is not created.
Signed-off-by: David Adair <djabhead@aol.com>
(cherry picked from commit 2d1546832357a3a8bd18680bd31dd92050e739b2)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The stock firmware does not accept firmware with "Talon" in the name.
Tested on firmware version 1.0.10 Build 20160902 rel. 57400 which came
preinstalled, as well as latest firmware version 2.0.1 Build 20170103
rel.71053 flashed from
AD7200v1-up-ver2-0-1-P1[20170103-rel71053]_2017-01-04_10.08.28.bin.
Fixes: 1a775a4fd033 ("ipq806x: add support for TP-Link Talon AD7200")
Signed-off-by: Alex Henrie <alexhenrie24@gmail.com>
[added details about vendor firmware]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit dfef88b6cacceec151ca4ce4bb3dc50c1c5cf1d2)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently it's not possible to flash factory images on devices shipped
with vendor firmware versions 1.1.0 Build 20201120 rel. 50406 (published
2020-12-22):
(curFw_ver, newFw_ver) == (1.1, 1.0) [NM_Error](nm_checkSoftVer) 00848: Firmwave not supports, check failed.
[NM_Error](nm_checkUpdateContent) 01084: software version dismatched
[NM_Error](nm_buildUpgradeStruct) 01188: checkUpdateContent failed.
They've even following note in release notes:
Note: You will be unable to downgrade to the previous firmware version
after updating this firmware.
This version check in vendor firmware is implemented in
/usr/bin/nvrammanager binary likely as following C code[1]:
sscanf(buf, "%d.%d.%*s",&upd_fw_major, &upd_fw_minor);
...
if (((int)upd_fw_major < (int)cur_fw_major) ||
((ret = 1, cur_fw_major == upd_fw_major && (upd_fw_minor < (int)cur_fw_minor)))) {
ret = 0;
printf("[NM_Error](%s) %05d: Firmwave not supports, check failed.\r\n\r\n","nm_checkSoftVer" ,0x350);
}
...
return ret;
So in order to fix this and make it future proof it should be enough to
ship our factory firmware images with major version 7 (lucky number).
Tested on latest firmware version 1.1.2 Build 20210125 rel.37999:
Firmwave supports, check OK.
(curFw_ver, newFw_ver) == (1.1, 7.0) check firmware ok!
Flashing back to vendor firmware
c7v5_us-up-ver1-1-2-P1[20210125-rel37999]_2021-01-25_10.33.55.bin works
as well:
U-Boot 1.1.4-gbec22107-dirty (Nov 18 2020 - 18:19:12)
...
Firmware downloaded... filesize = 0xeeae77 fileaddr = 0x80060000.
Firmware Recovery file length : 15642231
Firmware process id 2.
handle_fw_cloud 146
Image verify OK!
Firmware file Verify ok!
product-info:product_name:Archer C7
product_ver:5.0.0
special_id:55530000
[Error]sysmgr_cfg_checkSupportList(): 1023 @ specialId 45550000 NOT Match.
Firmware supports, check OK.
Firmware Recovery check ok!
1. https://gist.github.com/ynezz/2e0583647d863386a66c3d231541b6d1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit e6d66375cbbb54e0e82a67030e385a5486273766)
|
|
|
|
|
|
|
|
|
|
|
| |
bcm4908img is a tool managing BCM4908 platform images. It's used for
creating them as well as checking, modifying and extracting data from.
It's required by both: host (for building firmware images) and target
(for sysupgrade purposes). Make it a host/target package.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b4fc4cae9fa0cd0cd9060e1c9d33320c3249ced)
|
|
|
|
|
| |
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5a2086d230063b2f83a436ed37b0f6a92706bcb9)
|
|
|
|
|
|
|
|
|
| |
JFFS2 bootfs partition in a BCM4908 image usually includes some padding.
For flashing it individually (writing to designed MTD partition) we want
just JFFS2 data.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ed7edf88e20c9dd0026e5c5629d8a6500d3e3f80)
|
|
|
|
|
|
|
| |
Fix offset to extract proper data when image contains vendor header.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit dcbde11af181055f2d1c77ebc19f50c29bbab96e)
|
|
|
|
|
|
|
|
| |
It's required for upgrading firmware using single partitions instead of
just blindly writing whole image.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e33957c241abf8f0dbf5f3713058d126fb4599b4)
|
|
|
|
|
|
|
|
| |
It's much easier to operate on BCM4908 image data with absolute offset
of each section stored. It doesn't require summing sizes over and over.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 5314cab729b743d3b8b08db4e01c3095017f4e68)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for accessing bootfs JFFS2 partition in the BCM4908
image. Support includes:
1. Listing files
2. Renaming file (requires unchanged name length)
Above commands are useful for flashing BCM4908 images which by defualt
come with cferom.000 file and require renaming it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ed847ef5f340dcae1556cbc6dfaa6657a5179be6)
|
|
|
|
|
|
|
| |
It's useful for upgrading cferom, firmware, etc.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9c039d56a154bb416492bf5657093576d50cc220)
|
|
|
|
|
|
|
|
| |
It's important for modifying / extracting firmware content. cferom is
optional image content at the file beginning.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 6af45b842bd22633fa3ccd57edaf073a759525bb)
|
|
|
|
|
|
|
|
| |
BCM4908 image format contains some info that may be useful for info /
debugging purposes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 9b9184f1782489163eb204f3b238de778ae1214b)
|
|
|
|
|
|
|
|
| |
1. Don't allow pipe stdin as we need to fseek()
2. Don't alow TTY as it doesn't make sense for binary input
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit d533b27bc09eb5323a05ed44589235a86edcda0d)
|
|
|
|
|
|
|
|
|
| |
Netgear uses CHK header which needs to be skipped when validating
BCM4908 image. Detect it directly in the bcm4908img tool. Dealing with
binary structs and endianess is way simpler in C.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a39f85d8b66125f07c4bcbea46b296946de60dc7)
|
|
|
|
|
|
|
|
|
| |
Move code parsing existing firmware file to separated function. This
cleans up existing code and allows reusing parsing code for other
commands.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7d5f7439428d2b4c6952af47b36acc010b846372)
|
|
|
|
|
|
|
| |
Less magic names / values.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit a3611432a6c3490fb2b6fdbc1ce664cf70900668)
|
|
|
|
|
|
|
| |
Less magic numbers
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1ff7569387f69550e8a9356a109a875e4fdb4412)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The TP-Link EAP235-Wall is a wall-mounted, PoE-powered AC1200 access
point with four gigabit ethernet ports.
When connecting to the device's serial port, it is strongly advised to
use an isolated UART adapter. This prevents linking different power
domains created by the PoE power supply, which may damage your devices.
The device's U-Boot supports saving modified environments with
`saveenv`. However, there is no u-boot-env partition, and saving
modifications will cause the partition table to be overwritten. This is
not an issue for running OpenWrt, but will prevent the vendor FW from
functioning properly.
Device specifications:
* SoC: MT7621DAT
* RAM: 128MiB
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (MT7603EN): b/g/n, 2x2
* Wireless 5GHz (MT7613BEN): a/n/ac, 2x2
* Ethernet: 4× GbE
* Back side: ETH0, PoE PD port
* Bottom side: ETH1, ETH2, ETH3
* Single white device LED
* LED button, reset button (available for failsafe)
* PoE pass-through on port ETH3 (enabled with GPIO)
Datasheet of the flash chip specifies a maximum frequency of 33MHz, but
that didn't work. 20MHz gives no errors with reading (flash dump) or
writing (sysupgrade).
Device mac addresses:
Stock firmware uses the same MAC address for ethernet (on device label)
and 2.4GHz wireless. The 5GHz wireless address is incremented by one.
This address is stored in the 'info' ('default-mac') partition at an
offset of 8 bytes.
From OEM ifconfig:
eth a4:2b:b0:...:88
ra0 a4:2b:b0:...:88
rai0 a4:2b:b0:...:89
Flashing instructions:
* Enable SSH in the web interface, and SSH into the target device
* run `cliclientd stopcs`, this should return "success"
* upload the factory image via the web interface
Debricking:
U-boot can be interrupted during boot, serial console is 57600 baud, 8n1
This allows installing a sysupgrade image, or fixing the device in
another way.
* Access serial header from the side of the board, close to ETH3,
pin-out is (1:TX, 2:RX, 3:GND, 4:3.3V), with pin 1 closest to ETH3.
* Interrupt bootloader by holding '4' during boot, which drops the
bootloader into its shell
* Change default 'serverip' and 'ipaddr' variables (optional)
* Download initramfs with `tftpboot`, and boot image with `bootm`
# tftpboot 84000000 openwrt-initramfs.bin
# bootm
Revert to stock:
Using the tplink-safeloader utility from the firmware-utils package,
TP-Link's firmware image can be converted to an OpenWrt-compatible
sysupgrade image:
$ ./staging_dir/host/bin/tplink-safeloader -B EAP235-WALL-V1 \
-z EAP235-WALLv1_XXX_up_signed.bin -o eap235-sysupgrade.bin
This can then be flashed using the OpenWrt sysupgrade interface. The
image will appear to be incompatible and must be force flashed, without
keeping the current configuration.
Known issues:
- DFS support is incomplete (known issue with MT7613)
- MT7613 radio may stop responding when idling, reboot required.
This was an issue with the ddc75ff704 version of mt76, but appears to
have improved/disappeared with bc3963764d.
Error notice example:
[ 7099.554067] mt7615e 0000:02:00.0: Message 73 (seq 1) timeout
Hardware was kindly provided for porting by Stijn Segers.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
(cherry picked from commit 1e75909a35a2b361cdfdfcf18a26ad61271b174e)
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The following commit removed _STAT_VER definitions from glibc:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8ed005daf0ab03e142500324a34087ce179ae78e
That subsequently broke fakeroot:
https://bugs.archlinux.org/task/69572
https://bugzilla.redhat.com/show_bug.cgi?id=1889862#c13
https://forum.openwrt.org/t/unable-to-build-toolchain-fakeroot-fails-perhaps-others-after-it/87966
Make the patch based on Jan Pazdziora's suggestion from here:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/SMQ3RYXEYTVZH6PLQMKNB3NM4XLPMNZO/
Add wrappers for newly exported symbols in glibc.
Apply patch from Debian to fix warnings in fts_read and fts_children:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676428
https://sources.debian.org/patches/fakeroot/1.25.3-1.1/eglibc-fts-without-LFS/
Fix __xmknod{,at} dev pointer argument. Switch default to assume * and
not the absence of *. On glibc 2.33+, there is no definition for these
functions in header files, so the compile test doesn't work. But, we
can default to using the pointer (as is the case with newer glibc), and
use the header file on older platforms to fail the test and use no pointer.
Tested on my x86_64 Arch Linux machine, fakeroot unit tests pass.
Also tested by building various .ipks and examining the tar contents, to
ensure that the owner uid/gid was 0/0.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Recent ABI_VERSION commits make use of patchelf. It was discovered that
with patchelf 0.10(and even 0.12) various big endian targets fail to
link against libubox SO that was processed through patchelf. Using
latest master patchelf fixes those link errors.
Potential commits affecting big-endian processing
https://github.com/NixOS/patchelf/commit/884eccc4f061a3dbdbe63a4c73f1cc9bbf77fa7d
https://github.com/NixOS/patchelf/commit/d148bae6c1291b93d660a156a1756670069cd8cc
Recent builds with failures:
http://buildbot.openwrt.org/master/images/builders/lantiq%2Fxrx200/builds/682
http://buildbot.openwrt.org/master/images/builders/ath79%2Fmikrotik/builds/449
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
| |
* The fit image is now created with 0666 permission in upstream U-Boot
remove our patch switch creates it with 0744
* The generated/autoconf.h file is created now as an empty file, it is
not needed to remove this include any more.
* Upstream lib/rsa/rsa-sign.c now includes stdlib.h instead of malloc.h
* ALIGN_MASK was moved to imagetool.h, own patch should not be needed
any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
|
|
|
|
|
|
|
|
|
|
|
| |
Multiple sources are hosted on OpenWrts source server only. The source
URLs to point to the server vary based on different epochs in OpenWrts
history.
Replace all by @OPENWRT which is an "empty" mirror, therefore using the
fallback servers sources.cdn.openwrt.org and sources.openwrt.org.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Although provided in separate zip archives, the firmwares for EU
and RU version are byte-identical. This adds the missing ID compared
to the support-list in the vendor firmware.
Note (since I checked it anyway):
Partitions and support list are unchanged for all three existing
firmware versions:
* 20200721-rel40773
* 20201029-rel43238
* 20201120-rel50399
Signed-off-by: Alexey Kunitskiy <alexey.kv@gmail.com>
[rewrite commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
|
|
|
|
|
|
|
|
| |
It's faster and more reliable.
Removed ccache cmake build dependency as it's now implicit.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|