aboutsummaryrefslogtreecommitdiffstats
path: root/tools
Commit message (Collapse)AuthorAgeFilesLines
* tools/libressl: update to version 3.4.3Josef Schlehofer2022-07-151-2/+2
| | | | | | | | | | | | | | | | Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.3-relnotes.txt ``` It includes the following security fix: * A malicious certificate can cause an infinite loop. Reported by and fix from Tavis Ormandy and David Benjamin, Google. (CVE-2022–0778) ``` Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (cherry picked from commit 25534d5cc20a807ff776fdb18847344167ce081d)
* zlib: backport security fix for a reproducible crash in compressorPetr Štetiar2022-03-242-1/+344
| | | | | | | | | | | | | | | | Tavis has just reported, that he was recently trying to track down a reproducible crash in a compressor. Believe it or not, it really was a bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs. Tavis has reported it upstream, but it turns out the issue has been public since 2018, but the patch never made it into a release. As far as he knows, nobody ever assigned it a CVE. Suggested-by: Tavis Ormandy <taviso@gmail.com> References: https://www.openwall.com/lists/oss-security/2022/03/24/1 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit b3aa2909a79aeff20d594160b207a89dc807c033) (cherry picked from commit 3965dda0fa70dc9408f1a2e55a3ddefde78bd50e)
* tools: xxd: use more convenient source tarballDaniel Golle2022-03-151-20/+6
| | | | | | | | Don't download all of vim just to build xxd. Use a tight tarball containing only xxd sources instead. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 2b94aac7a128c9d9f4343af2265b362e8b5d5013)
* tools: add xxd (from vim)Daniel Golle2022-03-152-1/+34
| | | | | | | | | | | U-Boot requires xxd to create the default environment from an external file as done in uboot-mediatek. Build xxd (only, not the rest of vim) as part of tools to make sure it is present on the buildhost. Reported-by: David Bauer <mail@david-bauer.net> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit c4dd2441e7875c9550820f8380b3e41ca619ef27)
* tools/libressl: update to version 3.4.2Josef Schlehofer2022-03-061-2/+2
| | | | | | | | | | | | | | | | Release notes: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt ``` It includes the following security fix * In some situations the X.509 verifier would discard an error on an unverified certificate chain, resulting in an authentication bypass. Thanks to Ilya Shipitsin and Timo Steinlein for reporting. ``` Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> (cherry picked from commit 495c4f4e197166a6fa997d4620ca6c241e3abd45)
* tools/libressl: update to 3.4.1Rosen Penev2022-03-061-2/+2
| | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit 03bb3412a2b8bf8ac69e062ea9fd88e2c6c6fb57)
* tools/libressl: update to 3.3.4Rosen Penev2022-03-061-2/+2
| | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit f78ad901e1ce07c42a9f5e670c39dbdcea15eb87)
* tools/libressl: update to 3.3.3Rosen Penev2022-03-061-3/+3
| | | | | | | Fix wrong FPIC variable usage. Fixes compilation under sparc64 host. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit bf4dbbb55e2b8e23f186e1334f1e9ce6a3a8ddfe)
* tools/mtools: update to 4.0.35Rosen Penev2022-02-161-2/+2
| | | | | Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry-picked from commit aae4bf7c622688281c500c7e193e44bab67713e4)
* tools/fakeroot: fix unresolved symbols on arm64 macOSFelix Fietkau2022-02-161-10/+43
| | | | | | | | The $INODE64 symbol variants are not present, since the base system always uses 64-bit file offsets Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 53ebacacf93278c6e71052eb5b3708c599129e55)
* tools/fakeroot: fix build on MacOS arm64Sergey V. Lobanov2022-02-161-0/+86
| | | | | | | | | | Added patch for MacOS without 32 bit inodes support (__DARWIN_ONLY_64_BIT_INO_T is true) This patch based on discussion https://github.com/archmac/bootstrap/issues/4 Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in> (cherry-picked from commit 8fedc17d01806c8a4bf4ed9e83a9523677d37bbd)
* tools/fakeroot: explicitly pass CPP variableFelix Fietkau2022-02-161-1/+2
| | | | | | | | | | For some reason, the generated configure script fails to properly set up the internal preprocessor command variable, causing the host OS check for Darwin to fail after the last update. Explicitly setting CPP fixes this issue Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry-picked from commit 48e209e5c5a76dd0ce4a2a8b014416dc988269a3)
* firmware-utils: tplink-safeloader: fix Archer A7v5 factory flashing from ↵Matthias Schiffer2022-01-141-1/+1
| | | | | | | | | | | | | vendor fw > v1.1.x Apply the same fix that was previously done for the Archer C7v5 to the A7v5 as well to make the web UI accept our images again. This is a backport of firmware-utils commit 84dbf8ee49f522d3a4528763c9473cf3dd7c8c52. Tested-by: Luflosi <luflosi@luflosi.de> Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
* ccache: update to 4.2.1DENG Qingfang2021-12-292-3/+3
| | | | | | | | | | | | | | | | | | | | | | Update ccache to 4.2.1 While compiling on Gentoo, the ccache can not be compiled due to this error: /openwrt/build_dir/host/ccache-4.1/unittest/../src/third_party/doctest.h:4084:47: error: size of array 'altStackMem' is not an integral constant-expression 4084 | static char altStackMem[4 * SIGSTKSZ]; | ^ This was fixed in ccache version 4.2.1 [1] by upgrading doctest [2]. [1] https://github.com/ccache/ccache/issues/825 [2] https://github.com/doctest/doctest/issues/473 Signed-off-by: DENG Qingfang <dqfext@gmail.com> Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [refresh patch] (cherry picked from commit 3ebfd0078d6aa4848ee8f72640266bd0390f790a) Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com> [improved commit message]
* tools/isl: update the download URLRui Salvaterra2021-10-211-1/+1
| | | | | | | | | | isl.gforge.inria.fr has been dead since early this month [1]. Switch to libisl.sourceforge.io for the time being. [1] https://groups.google.com/g/isl-development/c/JGaMo2VUu_8 Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com> (cherry picked from commit dd0ad9b661b604163d1736fcfe18714ff47c3728)
* tools/m4: update to 1.4.19Rosen Penev2021-10-203-145/+2
| | | | | | | Remove upstreamed patches. Signed-off-by: Rosen Penev <rosenp@gmail.com> (cherry picked from commit fc9682ed3961e098ace708ca1ca41c2239a4e2ee)
* ath79: use dynamic partitioning for TP-Link CPE seriesMichael Pratt2021-06-181-22/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | CPExxx and WBSxxx boards with AR9344 SOC use the OKLI lzma kernel loader with the offset of 3 blocks of length 4k (0x3000) in order to have a fake "kernel" that cannot grow larger than how it is defined in the now static OEM partition table. Before recent changes to the mtdsplit driver, the uImage parser for OKLI only supported images that started exactly on an eraseblock boundary. The mtdsplit parser for uImage now supports identifying images with any magic number value and at any offset from the eraseblock boundary using DTS properties to define those values. So, it is no longer necessary to use fixed sizes for kernel and rootfs Tested-by: Andrew Cameron <apcameron@softhome.net> [CPE510 v2] Tested-by: Bernhard Geier <freifunk@geierb.de> [WBS210 v2] Tested-by: Petrov <d7c48mWsPKx67w2@gmail.com> [CPE210 v1] Signed-off-by: Michael Pratt <mcpratt@pm.me> (cherry picked from commit 7b9a0c264cb9dc2c5a946a0aa9a290427a5e559c)
* ramips: add support for TP-Link Archer C6U v1 (EU)Georgi Vlaev2021-06-101-0/+35
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch adds support for TP-Link Archer C6U v1 (EU). The device is also known in some market as Archer C6 v3. This patch supports only Archer C6U v1 (EU). Specifications: -------------- * SoC: Mediatek MT7621AT 2C2T, 880MHz * RAM: 128MB DDR3 * Flash: 16MB SPI NOR flash (Winbond 25Q128) * WiFi 5GHz: Mediatek MT7613BEN (2x2:2) * WiFi 2.4GHz: Mediatek MT7603EN (2x2:2) * Ethernet: MT7630, 5x 1000Base-T. * LED: Power, WAN, LAN, WiFi 2GHz and 5GHz, USB * Buttons: Reset, WPS. * UART: Serial console (115200 8n1), J1(GND:3) * USB: One USB2 port. Installation: ------------ Install the OpenWrt factory image for C6U is from the TP-Link web interface. 1) Go to "Advanced/System Tools/Firmware Update". 2) Click "Browse" and upload the OpenWrt factory image: openwrt-ramips-mt7621-tplink_archer-c6u-v1-squashfs-factory.bin. 3) Click the "Upgrade" button, and select "Yes" when prompted. Recovery to stock firmware: -------------------------- The C6U bootloader has a failsafe mode that provides a web interface (running at 192.168.0.1) for reverting back to the stock TP-Link firmware. The failsafe interface is triggered from the serial console or on failed kernel boot. Unfortunately, there's no key combination that enables the failsafe mode. This gives us two options for recovery: 1) Recover using the serial console (J1 header). The recovery interface can be selected by hitting 'x' when prompted on boot. 2) Trigger the bootloader failsafe mode. A more dangerous option is force the bootloader into recovery mode by erasing the OpenWrt partition from the OpenWrt's shell - e.g "mtd erase firmware". Please be careful, since erasing the wrong partition can brick your device. MAC addresses: ------------- OEM firmware configuration: D8:07:B6:xx:xx:83 : 5G D8:07:B6:xx:xx:84 : LAN (label) D8:07:B6:xx:xx:84 : 2.4G D8:07:B6:xx:xx:85 : WAN Signed-off-by: Georgi Vlaev <georgi.vlaev@konsulko.com> (cherry picked from commit a46ad596a3e076599f38a4132b5d6dfee8a3102a)
* ramips: add support for TP-Link Archer A6 v3Vinay Patil2021-06-101-1/+39
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The patch adds support for the TP-Link Archer A6 v3 The router is sold in US and India with FCC ID TE7A6V3 Specification ------------- MediaTek MT7621 SOC RAM: 128MB DDR3 SPI Flash: W25Q128 (16MB) Ethernet: MT7530 5x 1000Base-T WiFi 5GHz: Mediatek MT7613BE WiFi 2.4GHz: Mediatek MT7603E UART/Serial: 115200 8n1 Device Configuration & Serial Port Pins --------------------------------------- ETH Ports: LAN4 LAN3 LAN2 LAN1 WAN _______________________ | | Serial Pins: | VCC GND TXD RXD | |_____________________| LEDs: Power Wifi2G Wifi5G LAN WAN Build Output ------------ The build will generate following set of files [1] openwrt-ramips-mt7621-tplink_archer-a6-v3-initramfs-kernel.bin [2] openwrt-ramips-mt7621-tplink_archer-a6-v3-squashfs-factory.bin [3] openwrt-ramips-mt7621-tplink_archer-a6-v3-squashfs-sysupgrade.bin How to Use - Flashing from TP-Link Web Interface ------------------------------------------------ * Go to "Advanced/System Tools/Firmware Update". * Click "Browse" and upload the OpenWrt factory image: factory.bin[2] * Click the "Upgrade" button, and select "Yes" when prompted. TFTP Booting ------------ Setup a TFTP boot server with address 192.168.0.5. While starting U-boot press '4' key to stop autoboot. Copy the initramfs-kernel.bin[1] to TFTP server folder, rename as test.bin From u-boot command prompt run tftpboot followed by bootm. Recovery -------- Archer A6 V3 has recovery page activated if SPI booting from flash fails. Recovery page can be activated from serial console only. Press 'x' while u-boot is starting Note: TFTP boot can be activated only from u-boot serial console. Device recovery address: 192.168.0.1 Thanks to: Frankis for Randmon MAC address fix. Signed-off-by: Vinay Patil <post2vinay@gmail.com> [remove superfluous factory image definition, whitespacing] Signed-off-by: David Bauer <mail@david-bauer.net> (cherry picked from commit f8f8935adb2be1ebce46a8d7058c76a8d3a9bd89)
* firmware-utils: fix coverity zytrx.c resource leakKevin Darbyshire-Bryant2021-06-101-1/+3
| | | | | | | | | | | | | | | | fix coverity resource leak warning: *len = stat.st_size; mapped = mmap(NULL, stat.st_size, PROT_READ, MAP_SHARED, fd, 0); if (close(fd) < 0) CID 1484880: Resource leaks (RESOURCE_LEAK) Variable "mapped" going out of scope leaks the storage it points to. return NULL; return mapped; } Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit baf2a50ef3cf34574e12d2ab1b23578310f0d527)
* firmware-utils: zytrx: Add util for ZyXEL specific headerBjørn Mork2021-06-102-0/+227
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The ZyXEL NR7101 prepend an additional header to U-Boot images. This header use the TRX magic 0x30524448 (HDR0), but is incompatible with TRX images. This code is reverse-engineered based on matching 32 bit numbers found in the header with lengths and different checksum calculations of the vendor images found on the device. The result was matched against the validation output produced by the bootloader to name the associated header fields. Example bootloader validation output: Zyxel TRX Image 1 --> Found! Header Checksum OK ============ZyXEL header information================== chipId : MT7621A boardId : NR7101 modelId : 07 01 00 01 kernel_len : (14177560) kernelChksum : (0x8DD31F69) swVersionInt : 1.00(ABUV.0)D1 swVersionExt : 1.00(ABUV.0)D1 Zyxel TRX Image 2 --> Found! Header Checksum OK ============ZyXEL header information================== chipId : MT7621A boardId : NR7101 modelId : 07 01 00 01 kernel_len : (14176660) kernelChksum : (0x951A7637) swVersionInt : 1.00(ABUV.0)D0 swVersionExt : 1.00(ABUV.0)D0 ================================================= Check image validation: Image1 Header Magic Number --> OK Image2 Header Magic Number --> OK Image1 Header Checksum --> OK Image2 Header Checksum --> OK Image1 Data Checksum --> OK Image2 Data Checksum --> OK Image1 Stable Flag --> Stable Image1 Try Counter --> 0 Image1: OK Image2: OK The coverage and algorithm for the kernelChksum field is unknown. This field is not validated by the bootloader or the OEM firmware upgrade tool. It is therefore set to a static value for now. The swVersion fields contain free form string values. The OEM firmware use ZyXEL structured version numbers as shown above. The strings are not interpreted or validated on boot, so they can be repurposed for anything we want the bootloader to display to the user. But the OEM web GUI fails to flash images with freeform strings. The purpose of the other strings in the header is not known. The values appear to be static. We assume they are fixed for now, until we have other examples. One of these strings is the platform name, which is taken as an input parameter for support other members of the device family. Signed-off-by: Bjørn Mork <bjorn@mork.no> Tested-by: Bjørn Mork <bjorn@mork.no> (cherry picked from commit 48cad07a55246317d66fee4ced25cb62a2bae3d3)
* fakeroot: Alpine linux libc.musl build error fixRuslan Isaev2021-05-231-0/+34
| | | | | | | | | Prevent build error on Alpine Linux host: libfakeroot.c error: conflicting types for 'id_t' Error relocating openwrt/staging_dir/host/lib/libfakeroot.so: SEND_GET_XATTR: symbol not found Signed-off-by: Ruslan Isaev <legale.legale@gmail.com> (cherry picked from commit 7a70f78fb7da4dc3e8c58e7662f4dc623274a78b)
* ccache: Build with ENABLE_DOCUMENTATION=OFFDavid Adair2021-05-231-0/+3
| | | | | | | | | | | | | | This adjusts the Makefile to use the new option to turn off the doc builds. It will not cause any problems except a warning about unused options if combined with a ccache source missing the upstream patch. Since a config setting is required to re-enable the doc build this is equivalent to unconditionally disabling the docs if the config setting is not created. Signed-off-by: David Adair <djabhead@aol.com> (cherry picked from commit 2d1546832357a3a8bd18680bd31dd92050e739b2)
* tplink-safeloader: fix product_name of TP-Link AD7200Alex Henrie2021-05-061-1/+1
| | | | | | | | | | | | | | | The stock firmware does not accept firmware with "Talon" in the name. Tested on firmware version 1.0.10 Build 20160902 rel. 57400 which came preinstalled, as well as latest firmware version 2.0.1 Build 20170103 rel.71053 flashed from AD7200v1-up-ver2-0-1-P1[20170103-rel71053]_2017-01-04_10.08.28.bin. Fixes: 1a775a4fd033 ("ipq806x: add support for TP-Link Talon AD7200") Signed-off-by: Alex Henrie <alexhenrie24@gmail.com> [added details about vendor firmware] Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit dfef88b6cacceec151ca4ce4bb3dc50c1c5cf1d2)
* tplink-safeloader: fix C7v5 factory flashing from vendor fw > v1.1.xPetr Štetiar2021-04-131-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Currently it's not possible to flash factory images on devices shipped with vendor firmware versions 1.1.0 Build 20201120 rel. 50406 (published 2020-12-22): (curFw_ver, newFw_ver) == (1.1, 1.0) [NM_Error](nm_checkSoftVer) 00848: Firmwave not supports, check failed. [NM_Error](nm_checkUpdateContent) 01084: software version dismatched [NM_Error](nm_buildUpgradeStruct) 01188: checkUpdateContent failed. They've even following note in release notes: Note: You will be unable to downgrade to the previous firmware version after updating this firmware. This version check in vendor firmware is implemented in /usr/bin/nvrammanager binary likely as following C code[1]: sscanf(buf, "%d.%d.%*s",&upd_fw_major, &upd_fw_minor); ... if (((int)upd_fw_major < (int)cur_fw_major) || ((ret = 1, cur_fw_major == upd_fw_major && (upd_fw_minor < (int)cur_fw_minor)))) { ret = 0; printf("[NM_Error](%s) %05d: Firmwave not supports, check failed.\r\n\r\n","nm_checkSoftVer" ,0x350); } ... return ret; So in order to fix this and make it future proof it should be enough to ship our factory firmware images with major version 7 (lucky number). Tested on latest firmware version 1.1.2 Build 20210125 rel.37999: Firmwave supports, check OK. (curFw_ver, newFw_ver) == (1.1, 7.0) check firmware ok! Flashing back to vendor firmware c7v5_us-up-ver1-1-2-P1[20210125-rel37999]_2021-01-25_10.33.55.bin works as well: U-Boot 1.1.4-gbec22107-dirty (Nov 18 2020 - 18:19:12) ... Firmware downloaded... filesize = 0xeeae77 fileaddr = 0x80060000. Firmware Recovery file length : 15642231 Firmware process id 2. handle_fw_cloud 146 Image verify OK! Firmware file Verify ok! product-info:product_name:Archer C7 product_ver:5.0.0 special_id:55530000 [Error]sysmgr_cfg_checkSupportList(): 1023 @ specialId 45550000 NOT Match. Firmware supports, check OK. Firmware Recovery check ok! 1. https://gist.github.com/ynezz/2e0583647d863386a66c3d231541b6d1 Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit e6d66375cbbb54e0e82a67030e385a5486273766)
* firmware-utils: bcm4908img: convert into a packageRafał Miłecki2021-04-082-998/+0
| | | | | | | | | | | bcm4908img is a tool managing BCM4908 platform images. It's used for creating them as well as checking, modifying and extracting data from. It's required by both: host (for building firmware images) and target (for sysupgrade purposes). Make it a host/target package. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 9b4fc4cae9fa0cd0cd9060e1c9d33320c3249ced)
* firmware-utils: bcm4908img: fix uninitialized var usageRafał Miłecki2021-04-081-3/+7
| | | | | Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 5a2086d230063b2f83a436ed37b0f6a92706bcb9)
* firmware-utils: bcm4908img: extract bootfs without paddingRafał Miłecki2021-04-081-6/+27
| | | | | | | | | JFFS2 bootfs partition in a BCM4908 image usually includes some padding. For flashing it individually (writing to designed MTD partition) we want just JFFS2 data. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit ed7edf88e20c9dd0026e5c5629d8a6500d3e3f80)
* firmware-utils: bcm4908img: fix extracting cferomRafał Miłecki2021-04-081-1/+1
| | | | | | | Fix offset to extract proper data when image contains vendor header. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit dcbde11af181055f2d1c77ebc19f50c29bbab96e)
* firmware-utils: bcm4908img: support extracting bootfs & rootfsRafał Miłecki2021-04-081-0/+35
| | | | | | | | It's required for upgrading firmware using single partitions instead of just blindly writing whole image. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit e33957c241abf8f0dbf5f3713058d126fb4599b4)
* firmware-utils: bcm4908img: replace size with offsetRafał Miłecki2021-04-081-20/+35
| | | | | | | | It's much easier to operate on BCM4908 image data with absolute offset of each section stored. It doesn't require summing sizes over and over. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 5314cab729b743d3b8b08db4e01c3095017f4e68)
* firmware-utils: bcm4908img: add bootfs supportRafał Miłecki2021-04-081-3/+337
| | | | | | | | | | | | | This adds support for accessing bootfs JFFS2 partition in the BCM4908 image. Support includes: 1. Listing files 2. Renaming file (requires unchanged name length) Above commands are useful for flashing BCM4908 images which by defualt come with cferom.000 file and require renaming it. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit ed847ef5f340dcae1556cbc6dfaa6657a5179be6)
* firmware-utils: bcm4908img: support extracting image dataRafał Miłecki2021-04-081-0/+87
| | | | | | | It's useful for upgrading cferom, firmware, etc. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 9c039d56a154bb416492bf5657093576d50cc220)
* firmware-utils: bcm4908img: find cferom sizeRafał Miłecki2021-04-081-0/+31
| | | | | | | | It's important for modifying / extracting firmware content. cferom is optional image content at the file beginning. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 6af45b842bd22633fa3ccd57edaf073a759525bb)
* firmware-utils: bcm4908img: use "info" command displaying file infoRafał Miłecki2021-04-081-11/+20
| | | | | | | | BCM4908 image format contains some info that may be useful for info / debugging purposes. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 9b9184f1782489163eb204f3b238de778ae1214b)
* firmware-utils: bcm4908img: support reading from stdinRafał Miłecki2021-04-081-8/+38
| | | | | | | | 1. Don't allow pipe stdin as we need to fseek() 2. Don't alow TTY as it doesn't make sense for binary input Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit d533b27bc09eb5323a05ed44589235a86edcda0d)
* firmware-utils: bcm4908img: detect Netgear vendor firmwareRafał Miłecki2021-04-081-25/+33
| | | | | | | | | Netgear uses CHK header which needs to be skipped when validating BCM4908 image. Detect it directly in the bcm4908img tool. Dealing with binary structs and endianess is way simpler in C. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit a39f85d8b66125f07c4bcbea46b296946de60dc7)
* firmware-utils: bcm4908img: extract parsing codeRafał Miłecki2021-04-081-37/+67
| | | | | | | | | Move code parsing existing firmware file to separated function. This cleans up existing code and allows reusing parsing code for other commands. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 7d5f7439428d2b4c6952af47b36acc010b846372)
* firmware-utils: bcm4908kernel: name struct fieldsRafał Miłecki2021-04-081-8/+8
| | | | | | | Less magic names / values. Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit a3611432a6c3490fb2b6fdbc1ce664cf70900668)
* firmware-utils: bcm4908img: name fields & valuesRafał Miłecki2021-04-081-8/+22
| | | | | | | Less magic numbers Signed-off-by: Rafał Miłecki <rafal@milecki.pl> (cherry picked from commit 1ff7569387f69550e8a9356a109a875e4fdb4412)
* ramips: mt7621: add TP-Link EAP235-Wall supportSander Vanheule2021-02-191-0/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The TP-Link EAP235-Wall is a wall-mounted, PoE-powered AC1200 access point with four gigabit ethernet ports. When connecting to the device's serial port, it is strongly advised to use an isolated UART adapter. This prevents linking different power domains created by the PoE power supply, which may damage your devices. The device's U-Boot supports saving modified environments with `saveenv`. However, there is no u-boot-env partition, and saving modifications will cause the partition table to be overwritten. This is not an issue for running OpenWrt, but will prevent the vendor FW from functioning properly. Device specifications: * SoC: MT7621DAT * RAM: 128MiB * Flash: 16MiB SPI-NOR * Wireless 2.4GHz (MT7603EN): b/g/n, 2x2 * Wireless 5GHz (MT7613BEN): a/n/ac, 2x2 * Ethernet: 4× GbE * Back side: ETH0, PoE PD port * Bottom side: ETH1, ETH2, ETH3 * Single white device LED * LED button, reset button (available for failsafe) * PoE pass-through on port ETH3 (enabled with GPIO) Datasheet of the flash chip specifies a maximum frequency of 33MHz, but that didn't work. 20MHz gives no errors with reading (flash dump) or writing (sysupgrade). Device mac addresses: Stock firmware uses the same MAC address for ethernet (on device label) and 2.4GHz wireless. The 5GHz wireless address is incremented by one. This address is stored in the 'info' ('default-mac') partition at an offset of 8 bytes. From OEM ifconfig: eth a4:2b:b0:...:88 ra0 a4:2b:b0:...:88 rai0 a4:2b:b0:...:89 Flashing instructions: * Enable SSH in the web interface, and SSH into the target device * run `cliclientd stopcs`, this should return "success" * upload the factory image via the web interface Debricking: U-boot can be interrupted during boot, serial console is 57600 baud, 8n1 This allows installing a sysupgrade image, or fixing the device in another way. * Access serial header from the side of the board, close to ETH3, pin-out is (1:TX, 2:RX, 3:GND, 4:3.3V), with pin 1 closest to ETH3. * Interrupt bootloader by holding '4' during boot, which drops the bootloader into its shell * Change default 'serverip' and 'ipaddr' variables (optional) * Download initramfs with `tftpboot`, and boot image with `bootm` # tftpboot 84000000 openwrt-initramfs.bin # bootm Revert to stock: Using the tplink-safeloader utility from the firmware-utils package, TP-Link's firmware image can be converted to an OpenWrt-compatible sysupgrade image: $ ./staging_dir/host/bin/tplink-safeloader -B EAP235-WALL-V1 \ -z EAP235-WALLv1_XXX_up_signed.bin -o eap235-sysupgrade.bin This can then be flashed using the OpenWrt sysupgrade interface. The image will appear to be incompatible and must be force flashed, without keeping the current configuration. Known issues: - DFS support is incomplete (known issue with MT7613) - MT7613 radio may stop responding when idling, reboot required. This was an issue with the ddc75ff704 version of mt76, but appears to have improved/disappeared with bc3963764d. Error notice example: [ 7099.554067] mt7615e 0000:02:00.0: Message 73 (seq 1) timeout Hardware was kindly provided for porting by Stijn Segers. Tested-by: Stijn Segers <foss@volatilesystems.org> Signed-off-by: Sander Vanheule <sander@svanheule.net> (cherry picked from commit 1e75909a35a2b361cdfdfcf18a26ad61271b174e)
* tools/fakeroot: fix build regression on macOSFelix Fietkau2021-02-151-0/+42
| | | | Signed-off-by: Felix Fietkau <nbd@nbd.name>
* fakeroot: fix to work with glibc 2.33Ilya Lipnitskiy2021-02-151-0/+145
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The following commit removed _STAT_VER definitions from glibc: https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8ed005daf0ab03e142500324a34087ce179ae78e That subsequently broke fakeroot: https://bugs.archlinux.org/task/69572 https://bugzilla.redhat.com/show_bug.cgi?id=1889862#c13 https://forum.openwrt.org/t/unable-to-build-toolchain-fakeroot-fails-perhaps-others-after-it/87966 Make the patch based on Jan Pazdziora's suggestion from here: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/SMQ3RYXEYTVZH6PLQMKNB3NM4XLPMNZO/ Add wrappers for newly exported symbols in glibc. Apply patch from Debian to fix warnings in fts_read and fts_children: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676428 https://sources.debian.org/patches/fakeroot/1.25.3-1.1/eglibc-fts-without-LFS/ Fix __xmknod{,at} dev pointer argument. Switch default to assume * and not the absence of *. On glibc 2.33+, there is no definition for these functions in header files, so the compile test doesn't work. But, we can default to using the pointer (as is the case with newer glibc), and use the header file on older platforms to fail the test and use no pointer. Tested on my x86_64 Arch Linux machine, fakeroot unit tests pass. Also tested by building various .ipks and examining the tar contents, to ensure that the owner uid/gid was 0/0. Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
* tools/patchelf: bump to use latest masterIlya Lipnitskiy2021-02-151-4/+5
| | | | | | | | | | | | | | | | | | | Recent ABI_VERSION commits make use of patchelf. It was discovered that with patchelf 0.10(and even 0.12) various big endian targets fail to link against libubox SO that was processed through patchelf. Using latest master patchelf fixes those link errors. Potential commits affecting big-endian processing https://github.com/NixOS/patchelf/commit/884eccc4f061a3dbdbe63a4c73f1cc9bbf77fa7d https://github.com/NixOS/patchelf/commit/d148bae6c1291b93d660a156a1756670069cd8cc Recent builds with failures: http://buildbot.openwrt.org/master/images/builders/lantiq%2Fxrx200/builds/682 http://buildbot.openwrt.org/master/images/builders/ath79%2Fmikrotik/builds/449 Cc: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com> Signed-off-by: Felix Fietkau <nbd@nbd.name>
* tools: mkimage: Update U-Boot to version 2021.01Hauke Mehrtens2021-02-086-60/+13
| | | | | | | | | | | | * The fit image is now created with 0666 permission in upstream U-Boot remove our patch switch creates it with 0744 * The generated/autoconf.h file is created now as an empty file, it is not needed to remove this include any more. * Upstream lib/rsa/rsa-sign.c now includes stdlib.h instead of malloc.h * ALIGN_MASK was moved to imagetool.h, own patch should not be needed any more. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* treewide: unify OpenWrt hosted source via @OPENWRTPaul Spooren2021-02-052-2/+2
| | | | | | | | | | | Multiple sources are hosted on OpenWrts source server only. The source URLs to point to the server vary based on different epochs in OpenWrts history. Replace all by @OPENWRT which is an "empty" mirror, therefore using the fallback servers sources.cdn.openwrt.org and sources.openwrt.org. Signed-off-by: Paul Spooren <mail@aparcar.org>
* tplink-safeloader: add support for TP-Link Archer A7 v5 (RU)Alexey Kunitskiy2021-02-051-1/+2
| | | | | | | | | | | | | | | | | | | Although provided in separate zip archives, the firmwares for EU and RU version are byte-identical. This adds the missing ID compared to the support-list in the vendor firmware. Note (since I checked it anyway): Partitions and support list are unchanged for all three existing firmware versions: * 20200721-rel40773 * 20201029-rel43238 * 20201120-rel50399 Signed-off-by: Alexey Kunitskiy <alexey.kv@gmail.com> [rewrite commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* tools/zstd: compile with cmakeRosen Penev2021-01-302-3/+9
| | | | | | | | It's faster and more reliable. Removed ccache cmake build dependency as it's now implicit. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* tools/zstd: update to 1.4.8Rosen Penev2021-01-302-65/+3
| | | | | | | Switch to the normal tarball instead of the codeload generated one. The latter has the potential to change hashes based on changes in the repo. Signed-off-by: Rosen Penev <rosenp@gmail.com>
* firmware-utils: bcm4908asus: tool inserting Asus tail into BCM4908 imageRafał Miłecki2021-01-222-0/+445
| | | | | | | | | | | Asus looks for an extra data at the end of BCM4908 image, right before the BCM4908 tail. It needs to be properly filled to make Asus accept firmware image. This tool constructs such a tail, writes it and updates CRC32 in BCM4908 tail accordingly. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>