aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* netifd: update to the latest versionFelix Fietkau2018-07-111-3/+3
| | | | | | | | | c1f6a82 system-linux: add autoneg and link-partner output e9eff34 system-linux: extend link mode speed definitions d1251e1 system-linux: adjust bridge isolate mode for upstream attribute naming 03785fb system-linux: fix build error on older kernels Signed-off-by: Felix Fietkau <nbd@nbd.name>
* procd: update to the latest version, fixes gcc 8 build errorFelix Fietkau2018-07-111-3/+3
| | | | | | a0372ac procd: increase watchdog fd_buf storage size to fix gcc8 build error Signed-off-by: Felix Fietkau <nbd@nbd.name>
* mac80211: Expose support for ath9k DynackKoen Vandeputte2018-07-111-1/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Enables support for Dynack feature. When a remote station is far away, we need to compensate for the distance by allowing more time for an ACK to arrive back before issueing a retransmission. Currently, it needs to be set fixed to indicate the maximum distance the remote station will ever be. While this mostly works for static antennae, it introduces 2 issues: - If the actual distance is less, speed is reduced due to a lot of wates wait-time - If the distance becomes greater, retries start to occur and comms can get lost. Allowing to set it dynamically using dynack ensures the best possible tradeoff between speed vs distance. This feature is currently only supported in ath9k. it is also disabled by default. Enabling it can be done in 2 ways: - issue cmd: iw phy0 set distance auto - sending the NL80211_ATTR_WIPHY_DYN_ACK flag to mac80211 driver using netlink Disabling it can be done by providing a valid fixed value. To give an idea of a practical example: In my usecase, we have mesh wifi device installed on ships/platforms. Currently, the coverage class is set at 12000m fixed. When a vessel moved closer (ex. 1500m), the measured link capacity was a lot lower compared to setting the coverage class fixed to 1500m Dynack completely solved this, nearly providing double the bandwidth at closer range compared to the fixed setting of 12000m being used. Also when a vessel sailed to a distance greater than the fixed setting, communication was lost as the ACK's never arrived within the max allowed timeframe. Actual distance: 6010m iperf 60s run avg Fixed 12150m: 31 Mbit/s Dynack: 58 Mbit/s Fixed 6300m: 51 Mbit/s Dynack: 59 Mbit/s Fixed 3000m: 13 Mbit/s (lots of retries) Dynack: 58 Mbit/s Actual distance: 1504m iperf 60s run avg Fixed 12150m: 31 Mbit/s Dynack: 86 Mbit/s Fixed 6300m: 55 Mbit/s Dynack: 87 Mbit/s Fixed 3000m: 67 Mbit/s Dynack: 87 Mbit/s Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
* qos-scripts: fix indentationMoritz Warning2018-07-113-15/+16
| | | | Signed-off-by: Moritz Warning <moritzwarning@web.de>
* wireguard: bump to 0.0.20180708Jason A. Donenfeld2018-07-111-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | * device: print daddr not saddr in missing peer error * receive: style Debug messages now make sense again. * wg-quick: android: support excluding applications Android now supports excluding certain apps (uids) from the tunnel. * selftest: ratelimiter: improve chance of success via retry * qemu: bump default kernel version * qemu: decide debug kernel based on KERNEL_VERSION Some improvements to our testing infrastructure. * receive: use NAPI on the receive path This is a big change that should both improve preemption latency (by not disabling it unconditionally) and vastly improve rx performance on most systems by using NAPI. The main purpose of this snapshot is to test out this technique. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* iproute2: update to 4.17.0Hans Dedecker2018-07-1014-310/+48
| | | | | | | | | | | | Update to the latest version of iproute2; see https://lwn.net/Articles/756991/ for a full overview of the changes in 4.17. Remove upstream patch 002-json_print-fix-hidden-64-bit-type-promotion. Backport upstream patch 001-rdma-sync-some-IP-headers-with-glibc fixing rdma compile issue. At the same time re-organize patch numbering so the OpenWRT specific patches start at 100. Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* hostapd: build with LTO enabled (using jobserver for parallel build)Felix Fietkau2018-07-102-3/+54
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* odhcpd: update to latest git HEADHans Dedecker2018-07-091-4/+4
| | | | | | | 345bba0 dhcpv4: improve error checking in handle_dhcpv4() c0f6390 odhcpd: Check if open the ioctl socket failed Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* basefiles: Reword sysupgrade messageKevin Darbyshire-Bryant2018-07-081-1/+1
| | | | | | sysupgrade 'upgrade' message more verbose than needs be. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* libnl: bump to 3.4.0Konstantin Demin2018-07-074-31/+15
| | | | | | refresh patches Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
* uboot-imx: bump to 2018.03 which fixes the build issues with fdt64_t ↵Vladimir Vid2018-07-079-1636/+26
| | | | | | | | | | | redefinitions * change mx6qsabresd to mx6qsabres to match defconfig name * merge wanboard profiles since there is only one defconfig for the target device * move wanboard options from wandboard.h to defconfig * remove legacy patches Signed-off-by: Vladimir Vid <vladimir.vid@sartura.hr>
* mac80211: initialize sinfo in cfg80211_get_stationSven Eckelmann2018-07-071-0/+42
| | | | | | | | | | | | | | | | | | | Most of the implementations behind cfg80211_get_station will not initialize sinfo to zero before manipulating it. For example, the member "filled", which indicates the filled in parts of this struct, is often only modified by enabling certain bits in the bitfield while keeping the remaining bits in their original state. A caller without a preinitialized sinfo.filled can then no longer decide which parts of sinfo were filled in by cfg80211_get_station (or actually the underlying implementations). cfg80211_get_station must therefore take care that sinfo is initialized to zero. Otherwise, the caller may tries to read information which was not filled in and which must therefore also be considered uninitialized. In batadv_v_elp_get_throughput's case, an invalid "random" expected throughput may be stored for this neighbor and thus the B.A.T.M.A.N V algorithm may switch to non-optimal neighbors for certain destinations. Signed-off-by: Sven Eckelmann <sven.eckelmann@openmesh.com>
* ath10k-ct: search DT for BDF variant infoSven Eckelmann2018-07-073-1/+363
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Board Data File (BDF) is loaded upon driver boot-up procedure. The right board data file is identified on QCA4019 using bus, bmi-chip-id and bmi-board-id. The problem, however, can occur when the (default) board data file cannot fulfill the vendor requirements and it is necessary to use a different board data file. This problem was solved for SMBIOS by adding a special SMBIOS type 0xF8. Something similar has to be provided for systems without SMBIOS but with device trees. No solution was specified by QCA and therefore a new one has to be found for ath10k. The device tree requires addition strings to define the variant name wifi@a000000 { status = "okay"; qcom,ath10k-calibration-variant = "RT-AC58U"; }; wifi@a800000 { status = "okay"; qcom,ath10k-calibration-variant = "RT-AC58U"; }; This would create the boarddata identifiers for the board-2.bin search * bus=ahb,bmi-chip-id=0,bmi-board-id=16,variant=RT-AC58U * bus=ahb,bmi-chip-id=0,bmi-board-id=17,variant=RT-AC58U Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
* mbedtls: Activate deterministic ECDSAHauke Mehrtens2018-07-071-18/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | With deterministic ECDSA the value k needed for the ECDSA signature is not randomly generated any more, but generated from a hash over the private key and the message to sign. If the value k used in a ECDSA signature or the relationship between the two values k used in two different ECDSA signatures over the same content is know to an attacker he can derive the private key pretty easily. Using deterministic ECDSA as defined in the RFC6979 removes this problem by deriving the value k deterministically from the private key and the content which gets signed. The resulting signature is still compatible to signatures generated not deterministic. This increases the size of the ipk on mips 24Kc by about 2 KByte. old: 166.240 libmbedtls_2.11.0-1_mips_24kc.ipk new: 167.811 libmbedtls_2.11.0-1_mips_24kc.ipk This does not change the ECDSA performance in a measurable way. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mbedtls: Disable MBEDTLS_SHA256_SMALLER implementationDaniel Engberg2018-07-071-9/+0
| | | | | | | | | | | | | | | | | | | | | | | | Disable MBEDTLS_SHA256_SMALLER implementation, not enabled by default in upstream and reduces performance by quite a bit. Source: include/mbedtls/config.h Enable an implementation of SHA-256 that has lower ROM footprint but also lower performance. The default implementation is meant to be a reasonnable compromise between performance and size. This version optimizes more aggressively for size at the expense of performance. Eg on Cortex-M4 it reduces the size of mbedtls_sha256_process() from ~2KB to ~0.5KB for a performance hit of about 30%. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 164.382 Bytes ipkg for mips_24kc after: 166.240 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: Update to 2.11.0Daniel Engberg2018-07-076-32/+58
| | | | | | | | | | | | | | | | Update mbed TLS to 2.11.0 Disable OFB block mode and XTS block cipher mode, added in 2.11.0. The soVersion of mbedtls changed, bump PKG_RELEASE for packages that use mbedTLS This is to avoid having a mismatch between packages when upgrading. The size of mbedtls increased a little bit: ipkg for mips_24kc before: 163.846 Bytes ipkg for mips_24kc after: 164.382 Bytes Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* mbedtls: cleanup config patchDaniel Engberg2018-07-071-35/+28
| | | | | | | Clean up patch, use "//" consistently. Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* libconfig: update to version 1.7.2Enrico Mioso2018-07-071-4/+4
| | | | | | | | | The previous link did not work here. Compile-tested on: bcm47xx Runtime-tested on: bcm47xx Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
* ca-certificates: ca-bundle: add symlink for openssl default settingYousong Zhou2018-07-071-0/+2
| | | | | | | | | | OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is needed for wget-ssl and possibly others to work seamlessly with fresh ca-bundle installation Fixes openwrt/packages#6152 Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
* linux: update license tag to use correct SPDX tagFlorian Eckert2018-07-071-1/+1
| | | | | | Use SPDX tag. Signed-off-by: Florian Eckert <fe@dev.tdt.de>
* perf: remove linux 4.4 workaroundsFelix Fietkau2018-07-074-75/+0
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libubox: update to the latest versionFelix Fietkau2018-07-071-3/+3
| | | | | | 3c1b33b utils: add const_* byteswapping functions Signed-off-by: Felix Fietkau <nbd@nbd.name>
* firmware: amd64-microcode: update to 20180524Zoltan HERPAI2018-07-071-2/+2
| | | | | | | | | | | | | * New microcode update packages from AMD upstream: + New Microcodes: sig 0x00800f12, patch id 0x08001227, 2018-02-09 + Updated Microcodes: sig 0x00600f12, patch id 0x0600063e, 2018-02-07 sig 0x00600f20, patch id 0x06000852, 2018-02-06 * Adds Spectre v2 (CVE-2017-5715) microcode-based mitigation support, plus other unspecified fixes/updates. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
* kmod-sched-cake: bump to latest 20180706Kevin Darbyshire-Bryant2018-07-071-3/+3
| | | | | | | Fixes a potential infinite loop bug when in unlimited (ie not using built in shaper) mode. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* elfutils: bump to 0.173Luiz Angelo Daros de Luca2018-07-047-351/+149
| | | | | | | | | - Removed hacks to use standalone argp as upstream now detects it nicely. - As we are already installing files, use files from PKG_INSTALL_DIR and not PKG_BUILD_DIR - Only changes Makefile.am as PKG_FIXUP:=autoreconf is in use Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
* dnsmasq: bump to latest patches on 2.80rc2Kevin Darbyshire-Bryant2018-07-0319-11/+406
| | | | | | | | | | | | | | | Refresh patches and backport upstream to current HEAD: a997ca0 Fix sometimes missing DNSSEC RRs when DNSSEC validation not enabled. 51e4eee Fix address-dependent domains for IPv6. 05ff659 Fix stupid infinite loop introduced by preceding commit. db0f488 Handle some corner cases in RA contructed interfaces with addresses changing interface. 7dcca6c Warn about the impact of cache-size on performance. 090856c Allow zone transfer in authoritative mode whenever auth-peer is specified. cc5cc8f Sane error message when pcap file header is wrong. c488b68 Handle standard and contructed dhcp-ranges on the same interface. Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* kmod-sched-cake: bump to latest cakeKevin Darbyshire-Bryant2018-07-031-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This bumps to the latest & possibly greatest cake, sadly it's still inedible but from an SQM point of view quite tasty :-) Main tweaks since previous bump, improved ack_filter, some extra stats, support for 64bit netlink parameters (higher rates/byte counters) 0520a6c Fix NAT option handling 8da93e1 Make sure we always call qdisc_watchdog_init() in cake_init() f65daf6 Fix mismatched parenthesis 51d4ab3 Change flag handling to be safe even when mixing with non-eligible ACKs f2ea091 ack_filter: protect DCTCP with stricter filtering of ECE marks 28b4560 ACK filter: Handle wrapping sequence numbers and DSACKs 73f62d9 Use the right PAD attribute for options 5969c14 Use 32 for tin backlog e289f31 Move all the u64 netlink attributes together 36180a0 Check ACK seqno before parsing SACKs 91bbc01 Merge branch 'mine' into cobalt 58c55ec Rework SACK check to compare the ranges of two SACKs 9a5d593 ack_filter: Add proper handling of SACKs eca95d4 ack_filter: short-circuit TCP flag check d50a246 compat: backport some ktime functions 7b7ad11 compat: define tcpopt_fastopen for pre-4.1 kernels ca54cdb Fix ktime compare 9d7dcc0 ack filter: Parse TCP options and only drop safe ones b119882 Return EOPNOTSUPP on NAT option if conntrack is not available 842d7f0 Don't try to pad stats with tin_stats padding bd46dc2 Use 64-bit divide helper 8e41bf0 Make sure we never drop SACKs when filtering ACKs 66e5d60 Avoid comparing ktime_t to scalar values 7fab017 Actually commit the ktime_t changes fca6d13 Switch to ktime_t and get rid of cobalt.h 6f7e5af Can't use do_div with 64-bit divisors Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* iproute2: tc: update support for cakeKevin Darbyshire-Bryant2018-07-031-28/+83
| | | | | | | | | Bump iproute2/tc support of cake. Add support for cake's change to u64 attribute passing for certain attributes (rate & byte counts) Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* uhttpd: update to latest Git headJo-Philipp Wich2018-07-031-3/+3
| | | | | | | | | | db86175 lua: honour size argument in recv() function d3b9560 utils: add uh_htmlescape() helper 8109b95 file: escape strings in HTML output 393b59e proc: expose HTTP Origin header in process environment 796d42b client: flush buffered SSL output when tearing down client ustream Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ebtables: update to latest git 2018-06-27Hans Dedecker2018-07-023-5/+5
| | | | | | | 48cff25 build: drop install -o/-g root 53d7e7a extensions: ebt_string: take action if snprintf discards data Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* fw3: update to latest git HEADJohn Crispin2018-07-021-3/+3
| | | | | | 72684e5 firewall3: Fix GCC8 warnings by replacing sprintf with snprintf Signed-off-by: John Crispin <john@phrozen.org>
* samba36: Disable external libtdb and libteventRosen Penev2018-07-021-1/+3
| | | | | | | This was causing issues recently as samba36 is not API compatible with the libtdb in the packages repo. It shouldn't be using it anyway. Nor tevent. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* usbutils: Switch to Fedora usbutilsRosen Penev2018-07-021-5/+5
| | | | | | | The Gentoo GitHub mirror went down. One benefit of Fedora's usb.ids file is that it's versioned. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* swconfig: swlib_map_settings(): change return type to voidAlexander Couzens2018-06-291-1/+1
| | | | | | | | The return value of the function isn't used anywhere. Fixes missing return value, CID 1329717. Found-by: Coverity Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* swconfig: fix un-initialized return valueAlexander Couzens2018-06-291-2/+3
| | | | | | | Fix CID 1330844 Found-by: Coverity Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
* qos-scripts: fix uci callback handlingTony Ambardar2018-06-283-29/+29
| | | | | | | | | | | | | | | | | The previous callback code was fragile, dependent on some UCI callback bugs and side-effects now fixed in master commit 73d8a6ab. Update scripts to use callbacks where appropriate and necessary, while using normal UCI config parsing for all else. This results in smaller, simpler, more robust code. Use callbacks in generate.sh to only process 'interface' defaults and the varying entries for 'reclassify', 'default' and 'classify' sections. Also switch qos-stat to use non-callback UCI handling. The current changes work independently of 73d8a6ab (i.e. both before and after), and are consistent with UCI config parsing documentation. Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* uboot-kirkwood: fix malformed boot configurationAlberto Bursi2018-06-278-8/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With current uboot default configuration the bootloader will fail to start the OpenWrt firmware with the following error: ----- unexpected character 'b' at the end of partition Error initializing mtdparts! incorrect device type in ubi Partition ubi not found! Error, no UBI device/partition selected! Wrong Image Format for bootm command Error occured, error code = 112 ----- If the uboot configuration is examined with printenv I can see that mdtparts line (on a nsa310) is wrong: ----- mtdparts=mtdparts=orion_nand:0x0c0000(uboot), 0x80000(uboot_env),0x7ec0000(ubi)bootargs_root= ---- The "bootargs_root=" that was appended to it should not be there. Fix the issue by adding a \0 line terminator at the end of affected lines, mimicking what is also done by uboot upstream. This issue was detected and confirmed on a nsa310, nsa325 and a pogoplug v4, but it's not hardware-specific, so apply the same fix to other devices as well. Note that the issue is with the uboot's integrated boot configuration, which is not used unless the uboot configuration in flash is unavailable (erased or corrupted), which happens only on first time installation, or if the user deletes the uboot configuration when upgrading uboot. People just upgrading from an older uboot without erasing their previous uboot configuration stored in flash would not have noticed this issue. Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* uboot-kirkwood: fix whitespacesAlberto Bursi2018-06-278-29/+29
| | | | | | remove whitespaces from the patches Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
* base-files: add menuconfig option for HOME_URLMathias Kresin2018-06-272-1/+7
| | | | | | | | | | Add a menuconfig option to set the HOME_URL exposed in /usr/lib/os-release independent from the LEDE_DEVICE_MANUFACTURER_URL. Fixes: FS#1123 Signed-off-by: Mathias Kresin <dev@kresin.me>
* wireguard: bump to 0.0.20180625Kevin Darbyshire-Bryant2018-06-261-2/+2
| | | | | | | | | | | | | | | | | | | | dfd9827 version: bump snapshot 88729f0 wg-quick: android: prevent outgoing handshake packets from being dropped 1bb9daf compat: more robust ktime backport 68441fb global: use fast boottime instead of normal boottime d0bd6dc global: use ktime boottime instead of jiffies 18822b8 tools: fix misspelling of strchrnul in comment 0f8718b manpages: eliminate whitespace at the end of the line 590c410 global: fix a few typos bb76804 simd: add missing header 7e88174 poly1305: give linker the correct constant data section size fd8dfd3 main: test poly1305 before chacha20poly1305 c754c59 receive: don't toggle bh Compile-tested-for: ath79 Archer C7 v2 Run-tested-on: ath79 Archer C7 v2 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
* mac80211: make rtl8xxxu buils againJohn Crispin2018-06-261-0/+38
| | | | | | we only wanted to drop rtl8xxxue support Signed-off-by: John Crispin <john@phrozen.org>
* mac80211: rtl8xxxu: drop support patchesJohn Crispin2018-06-2658-3569/+0
| | | | | | | | | After a very enlightening but unfortunately far too short exchange with Jes we mutually agreed to drop the patches. They are unfortunately not ready yet. Acked-by: Rafał Miłecki <rafal@milecki.pl> Signed-off-by: John Crispin <john@phrozen.org>
* odhcpd: update to latest git HEADHans Dedecker2018-06-261-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | 81a281e dhcpv6-ia: fix border assignment size setting a2ffc59 dhcpv6-ia: fix status code for not on link IAs 5b087a6 dhcpv6-ia: improve error checking in assign_pd() c9114a1 config: fix wrong assignment bb8470f dhcpv4: delay forced renew transaction start 62a1b09 dhcpv4: fix DHCP address space logic d5726ff dhcpv4: improve logging when sending DHCP messages 9484351 odhcpd: call handle_error when socket error can be retrieved c45e2eb dhcpv6: fix out of bounds write in handle_nested_message() c2ff5af dhcpv6-ia: log renew messages as well 676eb38 router: fix possible segfault in send_router_advert() 392701f odhcpd: fix passing possible negative parameter 029123b treewide: switch to C-code style comments 6b79748 router: improve error checking 12e21bc netlink: fix incorrect sizeof argument d7aa414 dhcpv6: improve error checking in dhcpv6_setup_interface() 373495a ubus: fix invalid ipv6-prefix json 79d5e6f ndp: improve error checking d834ae3 dhcpv4: fix error checking in dhcpv4_setup_interface() f2aa383 dhcpv4: fix out of bound access in dhcpv4_put 4591b36 dhcpv4: improve error checking in dhcpv4_setup_interface() 4983ee5 odhcpd: fix strncpy bounds Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
* package/utils/e2fsprogs: Update to 1.44.2Daniel Engberg2018-06-261-2/+2
| | | | | | Update e2fsprogs to 1.44.2 Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
* ipq40xx: add support for the ZyXEL NBG6617Christian Lamparter2018-06-263-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds support for ZyXEL NBG6617 Hardware highlights: SOC: IPQ4018 / QCA Dakota CPU: Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7 DRAM: 256 MiB DDR3L-1600/1866 Nanya NT5CC128M16IP-DI @ 537 MHz NOR: 32 MiB Macronix MX25L25635F ETH: Qualcomm Atheros QCA8075 Gigabit Switch (4 x LAN, 1 x WAN) USB: 1 x 3.0 (via Synopsys DesignWare DWC3 controller in the SoC) WLAN1: Qualcomm Atheros QCA4018 2.4GHz 802.11bgn 2:2x2 WLAN2: Qualcomm Atheros QCA4018 5GHz 802.11a/n/ac 2:2x2 INPUT: RESET Button, WIFI/Rfkill Togglebutton, WPS Button LEDS: Power, WAN, LAN 1-4, WLAN 2.4GHz, WLAN 5GHz, USB, WPS Serial: WARNING: The serial port needs a TTL/RS-232 3.3v level converter! The Serial setting is 115200-8-N-1. The 1x4 .1" header comes pre-soldered. Pinout: 1. 3v3 (Label printed on the PCB), 2. RX, 3. GND, 4. TX first install / debricking / restore stock: 0. Have a PC running a tftp-server @ 192.168.1.99/24 1. connect the PC to any LAN-Ports 2. put the openwrt...-factory.bin (or V1.00(ABCT.X).bin for stock) file into the tftp-server root directory and rename it to just "ras.bin". 3. power-cycle the router and hold down the the WPS button (for 30sek) 4. Wait (for a long time - the serial console provides some progress reports. The u-boot says it best: "Please be patient". 5. Once the power LED starts to flashes slowly and the USB + WPS LEDs flashes fast at the same time. You have to reboot the device and it should then come right up. Installation via Web-UI: 0. Connect a PC to the powered-on router. It will assign your PC a IP-address via DHCP 1. Access the Web-UI at 192.168.1.1 (Default Passwort: 1234) 2. Go to the "Expert Mode" 3. Under "Maintenance", select "Firmware-Upgrade" 4. Upload the OpenWRT factory image 5. Wait for the Device to finish. It will reboot into OpenWRT without any additional actions needed. To open the ZyXEL NBG6617: 0. remove the four rubber feet glued on the backside 1. remove the four philips screws and pry open the top cover (by applying force between the plastic top housing from the backside/lan-port side) Access the real u-boot shell: ZyXEL uses a proprietary loader/shell on top of u-boot: "ZyXEL zloader v2.02" When the device is starting up, the user can enter the the loader shell by simply pressing a key within the 3 seconds once the following string appears on the serial console: | Hit any key to stop autoboot: 3 The user is then dropped to a locked shell. |NBG6617> HELP |ATEN x[,y] set BootExtension Debug Flag (y=password) |ATSE x show the seed of password generator |ATSH dump manufacturer related data in ROM |ATRT [x,y,z,u] RAM read/write test (x=level, y=start addr, z=end addr, u=iterations) |ATGO boot up whole system |ATUR x upgrade RAS image (filename) |NBG6617> In order to escape/unlock a password challenge has to be passed. Note: the value is dynamic! you have to calculate your own! First use ATSE $MODELNAME (MODELNAME is the hostname in u-boot env) to get the challange value/seed. |NBG6617> ATSE NBG6617 |012345678901 This seed/value can be converted to the password with the help of this bash script (Thanks to http://www.adslayuda.com/Zyxel650-9.html authors): - tool.sh - ror32() { echo $(( ($1 >> $2) | (($1 << (32 - $2) & (2**32-1)) ) )) } v="0x$1" a="0x${v:2:6}" b=$(( $a + 0x10F0A563)) c=$(( 0x${v:12:14} & 7 )) p=$(( $(ror32 $b $c) ^ $a )) printf "ATEN 1,%X\n" $p - end of tool.sh - |# bash ./tool.sh 012345678901 | |ATEN 1,879C711 copy and paste the result into the shell to unlock zloader. |NBG6617> ATEN 1,0046B0017430 If the entered code was correct the shell will change to use the ATGU command to enter the real u-boot shell. |NBG6617> ATGU |NBG6617# Co-authored-by: David Bauer <mail@david-bauer.net> Signed-off-by: Christian Lamparter <chunkeey@googlemail.com> Signed-off-by: David Bauer <mail@david-bauer.net>
* iperf3: update to 3.6Philip Prindeville2018-06-261-3/+3
| | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* netfilter: add bpf match supportAlin Nastac2018-06-262-0/+2
| | | | | | | | | Add xt_bpf modules to {kmod-ipt,iptables-mod}-filter. Match using Linux Socket Filter. Expects a BPF program in decimal format. This is the format generated by the nfbpf_compile utility. Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
* mac80211: enable ath10k LED support by defaultStijn Tintel2018-06-251-0/+7
| | | | | | | | | | | | | | | | | | | | | | | | | Commit 61d57a2f88b90ba951012e66c7c6fae9234c97b4 adds ath10k LED support, but doesn't add an option to actually enable it. After enabling this option, a LED named ath10k-phy0 appears in sysfs, and a trigger can be assigned to it. Since 60deb3cdef4a the default set trigger is the tpt one. Enable it by default, as most devices using ath10k chips shouldn't be severely space-constrained. There are likely many devices that can benefit from having it enabled, like my testing device. Before: text data bss dec hex filename 245311 8899 16 254226 3e112 ath10k_core.ko After: text data bss dec hex filename 245979 8899 16 254894 3e3ae ath10k_core.ko Tested on a D-Link DAP-2695-A1 (ar71xx). Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* mac80211: ath10k: use tpt LED trigger by defaultMathias Kresin2018-06-251-0/+53
| | | | | | | | Use the tpt LED trigger for each created phy led. Ths way LEDs attached to the ath10k GPIO pins are indicating the phy status and blink on traffic. Signed-off-by: Mathias Kresin <dev@kresin.me>
* dropbear: let opkg manage symlinks of ssh, scpYousong Zhou2018-06-251-3/+5
| | | | Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>