aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* brcm47xx: use DMZ LED as status indicatorMirko Parthey2017-07-021-15/+7
| | | | | | | | | | | | | On the Linksys WRT54GSv1, the Power LED flickers in the "off" state. Indicate status using the DMZ LED if available, since it has solid "on" and "off" states. This change was tested on the WRT54GSv1, but may also affect other brcm47xx devices. Fixes FS#793. Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
* brcm47xx: resolve GPIO conflict for WRT54GSv1Mirko Parthey2017-07-023-14/+7
| | | | | | | | | | | | | | | On the Linksys WRT54GSv1, the adm6996 switch driver and the gpio_button_hotplug module both claim GPIO 6, which is connected to the Reset button. When the switch driver's request wins, the Reset button cannot work. This makes it impossible to enter failsafe mode without a serial console. Stop requesting the "adm_rc" GPIO in the switch driver, since it is not used anywhere. Fixes FS#792. Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
* firmware-utils: mktplinkfw2: fix support for -w optionRafał Miłecki2017-07-021-1/+1
| | | | | | | This fixes copy & paste typo when reading -w argument. Fixes: 4b35e174caa5b ("firmware-utils: mktplinkfw2: support additional hardware version") Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: add missing symbol to genericJonas Gorski2017-06-301-0/+1
| | | | Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* brcm63xx: refresh smp configJonas Gorski2017-06-301-3/+8
| | | | Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* brcm63xx: enable KEXEC for SMP againJonas Gorski2017-06-301-1/+0
| | | | | | It seems it compiles again, so there is no reason to keep it disabled. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* brcm63xx: disable commandline parts parserJonas Gorski2017-06-301-1/+0
| | | | | | We don't use it, so no need to have it enabled. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* brcm63xx: add support for the Actiontec R1000H gatewayAnthony Sepa2017-06-308-0/+170
| | | | | | | | | | | | | | | | | | | | | | | SOC: Broadcom BCM6368 (2 * Broadcom BMIPS4350 V3.1 / 400 MHz) Flash size: 32MB (split 16/16 dual boot) RAM size: 64MB Wireless: BCM432x 802.11a/b/g/n(pci) Ethernet: Broadcom BCM53115 USB: 1 x USB 2.0 Known issues: - Unable to detect 53115 switch attached to MDIO. Not supported - No support for the cable port More info on the device and the research can be found at: http://www.actiontec.com/212.html Same FCC ID as: https://wikidevi.com/wiki/Actiontec_V1000H_(Telus) Signed-off-by: Anthony Sepa <anthonysepa@yahoo.ca> [jonas.gorski: fix commit subject/message] Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* brcm63xx: fix bcm6328 pinmux other registerJonas Gorski2017-06-301-1/+1
| | | | | | | The pinmux register is at relative offset 0x8, not 0xc. Fixes hang when trying to modify pins >= 32. Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
* ar71xx: fix typo in network defaultsJo-Philipp Wich2017-06-291-1/+1
| | | | | | | | Commit 9fec39a (ar71xx: add support for TP-Link TL-WA855RE v1) introduced a typo in 02_network, fix it by removing the stray paren. Reported-by: Henryk Heisig <hyniu@o2.pl> Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ar71xx: image: specify TPLINK_HWID for TP-Link RE450Piotr Dymacz2017-06-291-0/+1
| | | | | | | | | | TPLINK_HWID hasn't been specified for TP-Link RE450 since the begin. As we don't want to break sysupgrade (all existing LEDE release images for this board have TPLINK_HWID set to 0x0), set it explicitly to 0x0. Fixes FS#852 Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ramips: add support for TP-Link TL-WR840N v4 and TL-WR841N v13Piotr Dymacz2017-06-2912-1/+287
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TP-Link TL-WR840N v4 and TL-WR841N v13 are simple N300 routers with 5-port FE switch and non-detachable antennas. Both are very similar and are based on MediaTek MT7628NN (aka MT7628N) WiSoC. The difference between these two models is in number of available LEDs, buttons and power input switch. This work is partially based on GitHub PR#974. Specification: - MT7628N/N (580 MHz) - 64 MB of RAM (DDR2) - 8 MB of FLASH - 2T2R 2.4 GHz - 5x 10/100 Mbps Ethernet - 2x external, non-detachable antennas - UART (J1) header on PCB (115200 8n1) - TL-WR840N v4: 5x LED (GPIO-controlled), 1x button - TL-WR841N v13: 8x LED (GPIO-controlled*), 2x button, power input switch * WAN LED in TL-WR841N v13 is a dual-color, dual-leads type which isn't (fully) supported by gpio-leds driver. This type of LED requires both GPIOs state change at the same time to select color or turn it off. For now, we support/use only the green part of the LED. Factory image notes: These devices use version 3 of TP-Link header, fortunately without RSA signature (at least in case of devices sold in Europe). The difference lays in the requirement for a non-zero value in "Additional Hardware Version" field. Ideally, it should match the value stored in vendor firmware header on device ("0x4"/"0x13" for these devices) but it seems that anything other than "0" is correct. We are able to prepare factory firwmare file which is accepted and (almost) correctly flashed from the vendor GUI. As it turned out, it accepts files without U-Boot image with second header at the beginning but due to some kind of bug in upgrade routine, flashed image gets corrupted before it's written to flash. Tests showed that the GUI upgrade routine copies value of "Additional Hardware Version" from existing firmware into offset "0x2023c" in provided file, _before_ storing it in flash. In case of vendor firmware upgrade files (which all include U-Boot image and two headers), this offset points to the matching field in kernel+rootfs firmware part header. Unfortunately, in case of LEDE factory image file which contains only one header, it points to the offset "0x2023c" in kernel image. This leads to a corrupted kernel and ends up with a "soft-bricked" device. The good news is that U-Boot in these devices contains well known tftp recovery mode, which can be triggered with "reset" button. What's more, in comparison to some of older MediaTek based TP-Link devices, this recovery mode doesn't write whole file at offset "0x0" in flash, without verifying provided file in advance. In case of recovery mode in these devices, first "0x20000" bytes are always skipped and "0x7a0000" bytes from rest of the file are stored in flash at offset "0x20000". Flash instruction: Until (if at all) TP-Link fixes described problem, the only way to flash LEDE image in these devices is to use tftp recovery mode in U-Boot: 1. Configure PC with static IP 192.168.0.66/24 and tftp server. 2. Rename "lede-ramips-mt7628-tl-wr84...-squashfs-tftp-recovery.bin" to "tp_recovery.bin" and place it in tftp server directory. 3. Connect PC with one of LAN ports, press the reset button, power up the router and keep button pressed for around 6-7 seconds, until device starts downloading the file. 4. Router will download file from server, write it to flash and reboot. To access U-Boot CLI, keep pressed "4" key during boot. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ramips: image: simplify TP-Link Archer devices definitionsPiotr Dymacz2017-06-291-11/+10
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* build: move mktplinkfw2 related commands to image-commands.mkPiotr Dymacz2017-06-293-29/+34
| | | | | | | | | There are already two targets (lantiq, ramips) which use mktplinkfw2 tool for creating images. This de-duplicates code, introduces two new build commands: tplink-v2-header, tplink-v2-image and makes use of them in place of old, (sub)target specific ones. Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* build: rename TPLINK_BOARD_NAME to TPLINK_BOARD_IDPiotr Dymacz2017-06-293-17/+17
| | | | Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* firmware-utils: mktplinkfw2: support additional hardware versionPiotr Dymacz2017-06-291-6/+20
| | | | | | | | | | | | | | | | | | As it turned out, some of new MediaTek based TP-Link devices use value from field at 0x3c offset in version 3 of TP-Link header to specify "Additional Hardware Version". Value from this field is validated during regular (GUI) firmware upgrade on devices like TL-WR840N v4 or TL-WR841N v13. If it's zero (based on some tests, it seems that firmware will accept anything != 0), errors like below are printed on console and upgrade fails: [ rsl_sys_updateFirmware ] 2137: Firmware Additional HardwareVersion check failed [ rdp_updateFirmware ] 345: perror:4506 Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ar71xx: fix switch port mapping for TP-Link TL-WR74xN/D seriesPiotr Dymacz2017-06-291-1/+1
| | | | | | Fixes FS#843 Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* ar71xx: add support for TP-Link Archer C58 v1Henryk Heisig2017-06-2916-7/+155
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TP-Link Archer C58 v1 is a dual-band AC1350 router, based on Qualcomm QCA9561 + QCA9886. It looks like Archer C59 v1 without USB port. Specification: - 775/650/258 MHz (CPU/DDR/AHB) - 64 MB of RAM (DDR2) - 8 MB of FLASH (SPI NOR) - 3T3R 2.4 GHz - 2T2R 5 GHz - 5x 10/100 Mbps Ethernet - 6x LED, 3x button - UART header on PCB, RX, TX at TP4+5 (backside) QCA9886 wlan needs pre_cal_data file and enable ieee80211 phy hotplug to patch macaddress. Flash instruction: Use "factory" image directly in vendor GUI. Recovery method: 1. Set PC to fixed ip address 192.168.0.66/24. 2. Download "lede-ar71xx-generic-archer-c58-v1-squashfs-factory.bin" and rename it to "tp_recovery.bin". 3. Start a tftp server with the file "tp_recovery.bin" in its root directory. 4. Turn off the router. 5. Press and hold Reset button. 6. Turn on router with the reset button pressed and wait ~15 seconds. 7. Release the reset button and after a short time the firmware should be transferred from the tftp server. 8. Wait ~30 second to complete recovery. Flash instruction under U-Boot, using UART: tftp 0x81000000 lede-ar71xx-...-sysupgrade.bin erase 0x9f020000 +$filesize cp.b $fileaddr 0x9f020000 $filesize reset This commit is based on GitHub PR#1112 Signed-off-by: Henryk Heisig <hyniu@o2.pl>
* firmware-utils: tplink-safeloader: add support for Archer C5 v2 JP/USJean-Pierre St-Yves2017-06-291-3/+3
| | | | | | Add support for Japan and US versions of TP-Link Archer C5 v2 Signed-off-by: Jean-Pierre St-Yves <jpstyves@gmail.com>
* firmware-utils: tplink-safeloader: add support for Archer C59/C60 RUHenryk Heisig2017-06-291-0/+3
| | | | | | Add support for Russian version of TP-Link Archer C59/C60 v1 Signed-off-by: Henryk Heisig <hyniu@o2.pl>
* ar71xx: add support for TP-Link TL-WA855RE v1Federico Cappon2017-06-2913-6/+114
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | TP-Link TL-WA855RE v1 is a wall-plug N300 Wi-Fi range extender, based on Qualcomm/Atheros QCA9533 v2. Short specification: - 550/397/198 MHz (CPU/DDR/AHB) - 1x 10/100 Mbps Ethernet - 32 MB of RAM (DDR1) - 4 MB of FLASH - 2T2R 2.4 GHz - 2x external antennas - 2x LED (green and orange in the same package), 2x button - UART: TP5(TX) and TP4(RX) test points on PCB Flash instruction: use "factory" image directly in vendor GUI. Warning: this device does not include any kind of recovery mechanism in the bootloader and disassembling process is not trivial. You can access vendor firmware over serial line using: - login: root - password: sohoadmin Image was tested only in EU version of the device, but should work also with the same device version sold in other countries. Signed-off-by: Federico Cappon <dududede371@gmail.com>
* ar71xx: fix EnGenius ENS202EXT mtd definitionPiotr Dymacz2017-06-291-4/+4
| | | | | | | | | | | | | | Use statically defined sizes for kernel and rootfs mtd partitions. Vendor upgrade script writes both firmware parts independently which ends up in a gap between kernel and rootfs images. This results in incorrectly calculated rootfs_data start offset. Also, fix IMAGE_SIZE, DEVICE_PACKAGES and drop redundant KERNEL definition. Fixes FS#835 Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
* uboot-envtools: add Arduino Yun supportCamille Bilodeau2017-06-291-0/+1
| | | | Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
* ar71xx: move Arduino Yun to generic building codeCamille Bilodeau2017-06-293-8/+10
| | | | | | | | | | | | | | | | | | Migrate Arduino Yun from legacy to generic building code. Note: the mtd partitioning is changed to adopt the LEDE default partitioning. It allows to have a kernel bigger than 1280k. It is necessary as kernel > 4.4 with default LEDE configuration grows bigger. To use the new partitioning, you need to update your U-Boot env in advance: setenv mtdparts "spi0.0:256k(u-boot)ro,64k(u-boot-env),15936k(firmware),64k(nvram),64k(art)ro" setenv bootcmd "run addboard; run addtty; run addparts; run addrootfs; bootm 0x9f050000 || bootm 0x9fea0000" saveenv Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
* ar71xx: remove Arduino Yun 8 MiB prototypeCamille Bilodeau2017-06-292-8/+0
| | | | | | | | | The Arduino Yun has 16 MiB flash. Early prototype boards with 8 MiB were not available for sell: https://blog.arduino.cc/2013/08/21/updating-about-arduino-yun-and-arduino-robot/ Signed-off-by: Camille Bilodeau <camille.bilodeau@protonmail.com>
* ar71xx: wpj344: set MAC on wanLeon M. George2017-06-291-0/+3
| | | | Signed-off-by: Leon M. George <leon@georgemail.eu>
* ar71xx: wpj344: remove unused eth1 deviceLeon M. George2017-06-291-8/+0
| | | | Signed-off-by: Leon M. George <leon@georgemail.eu>
* ar71xx: wpj344: read MAC addresses from u-boot mtdLeon M. George2017-06-291-4/+5
| | | | | | | This way, the assigned addresses match those on the barcode labels. Otherwise, the addresses appear to vary on boot. Signed-off-by: Leon M. George <leon@georgemail.eu>
* dhcpv6: add missing dollar sign in dhcpv6 script (FS#874)Hans Dedecker2017-06-292-2/+2
| | | | Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* kernel: cleanup CONFIG_SCHED_HRTICKStijn Tintel2017-06-2946-46/+0
| | | | | | | Remove CONFIG_SCHED_HRTICK from target configs, as it was added to the generic config in b47fd7656336162360ebf66147326763ddae3f8d. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* armvirt: rename config-default to config-4.9Stijn Tintel2017-06-291-0/+0
| | | | | | | | The kernel configs for all targets should have the version in the filename, for clearness and consistency across all targets. It is also expected by the update_kernel.sh script. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* dnsmasq: backport patch fixing DNS failover (FS#841)Hans Dedecker2017-06-281-0/+31
| | | | | | | Backport upstream dnsmasq patch fixing DNS failover when first servers returns REFUSED in strict mode; fixes issue FS#841. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* kernel: backport usbport LED trigger driver support for DTRafał Miłecki2017-06-282-0/+212
| | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* dropbear: add option to set max auth triesStijn Tintel2017-06-282-2/+4
| | | | | | | Add a uci option to set the new max auth tries paramater in dropbear. Set the default to 3, as 10 seems excessive. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* dropbear: server support option '-T' max auth triesKevin Darbyshire-Bryant2017-06-282-2/+132
| | | | | | | | | | | | Add support for '-T n' for a run-time specification for maximum number of authentication attempts where 'n' is between 1 and compile time option MAX_AUTH_TRIES. A default number of tries can be specified at compile time using 'DEFAULT_AUTH_TRIES' which itself defaults to MAX_AUTH_TRIES for backwards compatibility. Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
* hostapd: configure NAS ID regardless of encryptionYury Shvedov2017-06-281-3/+3
| | | | | | | | | | | RADIUS protocol could be used not only for authentication but for accounting too. Accounting could be configured for any type of networks. However there is no way to configure NAS Identifier for non-WPA networks without this patch. Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com> [cleanup commit message] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* hostapd: add acct_interval optionYury Shvedov2017-06-281-2/+5
| | | | | | | | Make an ability to configure Accounting-Interim-Interval via UCI Signed-off-by: Yury Shvedov <yshvedov@wimarksystems.com> [add hostapd prefix, cleanup commit message] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* mxs: drop 4.4 supportMichael Heimpold2017-06-276-1231/+0
| | | | Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* mxs: add support for 4.9 and switch overMichael Heimpold2017-06-273-1/+348
| | | | | | | | | | | | | | | | | | | | I did not port the regulator and power patches from Stefan Wahren because I talked to him and he told me that work on this is currently stalled. And since AFAIK nothing depends on these patches, leaving them out seems reasonable. I build minimum default configurations and run-tested them on both I2SE Duckbill devices and Olimex Olinuxino Maxi boards successfully [1]. [1] Tested: - debug uart is working - boot without any obvious kernel problem - network is coming up and data transfer is possible - Olinuxino: USB detects a plugged-in pen drive Signed-off-by: Michael Heimpold <mhei@heimpold.de> [refreshed config and patches] Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: disable various symbols for v4.9Michael Heimpold2017-06-271-0/+4
| | | | | | | In preparation for bumping mxs target to 4.9, disable a bunch of configuration symbols that provoked config prompts. Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* ath10k-firmware: add qca9888 firmwareJohn Crispin2017-06-271-0/+19
| | | | | | | | | ath10k-firmware: add qca9888 firmware the firmware files for qca9888 were previously not packaged. add the meta information for doing so. Signed-off-by: John Crispin <john@phrozen.org>
* kernel: update kernel 4.4 to 4.4.74Stijn Tintel2017-06-2722-54/+54
| | | | | | | | Refresh patches. Compile-tested on ar71xx. Runtime-tested on ar71xx. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: update kernel 4.9 to 4.9.34Koen Vandeputte2017-06-2722-42/+42
| | | | | | | | | | | | - Refreshed all patches - Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch) Compile tested on: brcm2708, cns3xxx, imx6 Run tested on: brcm2708, cns3xxx, imx6 Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com> [Compile and run tested on brcm2708] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: use .patch extension for all patchesStijn Tintel2017-06-272-0/+0
| | | | Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* firmware-utils: fix dgn3500sum compiler warningsMathias Kresin2017-06-262-4/+3
| | | | | | | | | | | The sum variable need to be initialised, otherwise it will points to random stack memory and a bogus image checksum might be calculated. While at it, fix the segfault in case the product region code isn't specified and enable compiler warnings which had revealed all the code issues. Signed-off-by: Mathias Kresin <dev@kresin.me>
* dnsmasq: backport tweak ICMP ping logic for DHCPv4Hans Dedecker2017-06-262-1/+26
| | | | | | | | | | Don't start ping-check of address in DHCP discover if there already exists a lease for the address. It has been reported under some circumstances android and netbooted windows devices can reply to ICMP pings if they have a lease and thus block the allocation of the IP address the device already has during boot. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* procd: support term_timeout parameterJo-Philipp Wich2017-06-262-2/+2
| | | | | | | | | Expose "term_timeout" parameter in procd.sh to allow init scripts to request a longer termination timeout. This is required to fix FS#859 in a later commit. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* procd: assign /dev/tty* nodes to "tty" groupJo-Philipp Wich2017-06-262-1/+5
| | | | | | | | Adjust default permissions and ownership of /dev/tty* nodes from 0600/root:root to 0660/root:tty in order to support granting unprivileged user access when needed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* base-files: add "tty" user groupJo-Philipp Wich2017-06-261-0/+1
| | | | | | | | This is needed for an upcoming change to the hotplug default rules which will cause /dev/tty* nodes to get assigned to the "tty" group in order to support unprivileged user access when needed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* openvpn: update to 2.4.3Magnus Kroken2017-06-265-13/+14
| | | | | | | | | | | | | | | | | | | | Fixes for security and other issues. See security announcement for more details: https://community.openvpn.net/openvpn/wiki/VulnerabilitiesFixedInOpenVPN243 * Remotely-triggerable ASSERT() on malformed IPv6 packet (CVE-2017-7508) * Pre-authentication remote crash/information disclosure for clients (CVE-2017-7520) * Potential double-free in --x509-alt-username (CVE-2017-7521) * Remote-triggerable memory leaks (CVE-2017-7512) * Post-authentication remote DoS when using the --x509-track option (CVE-2017-7522) * Null-pointer dereference in establish_http_proxy_passthru() * Restrict --x509-alt-username extension types * Fix potential 1-byte overread in TCP option parsing * Fix mbedtls fingerprint calculation * openssl: fix overflow check for long --tls-cipher option * Ensure option array p[] is always NULL-terminated * Pass correct buffer size to GetModuleFileNameW() (Quarkslabs finding 5.6) Signed-off-by: Magnus Kroken <mkroken@gmail.com>