Kernel size limits have been dealt with.
Effective revert of a1eb2c46 and ac9730c4.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit b4f76d9f0d61779b5e04228d1eb3f2ba412ffd26)
venom has a 3MB kernel partition as specified by the DTS.
3MB is not sufficient for building with many kernel modules or newer
kernel versions.
venom uboot however as set from factory will load up to 6MB.
This can be observed by looking a uboot log:
NAND read: device 0 offset 0x900000, size 0x600000
6291456 bytes read: OK
and from uboot environment variables:
$ fw_printenv | grep "priKernSize";
priKernSize=0x0600000
Resize the root partitions from 120MB to 117MB to let kernel expand
into it another 3MB.
And set kernel target size to 6MB.
Lastly set the kernel-size-migration compatibility version on venom to
prevent sysupgrading without first reinstalling from a factory image.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit 15309f5133d55e92bec3ed91dfb3ac9d124f6a96)
mamba has a 3MB kernel partition as specified by the DTS.
3MB is not sufficient for building with many kernel modules or newer
kernel versions.
mamba uboot however as set from factory will load up to 4MB.
This can be observed by looking a uboot log:
NAND read: device 0 offset 0xa00000, size 0x400000
4194304 bytes read: OK
and from uboot environment variables:
$ fw_printenv | grep "pri_kern_size";
pri_kern_size=0x400000
Resize the root partitions from 37MB to 36MB to let kernel expand
into it another 1MB.
And set kernel target size to 4MB.
Lastly add a compatibility version message: kernel-size-migration.
And set it on mamba to prevent sysupgrading without first reinstalling from
a factory image.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit 10415d5e7016b69dc71c5f1b03e8e17b586f8edd)
This includes several improvements and fixes:
61db17e rules: fix device and chain usage for DSCP/MARK targets
7b844f4 zone: avoid duplicates in devices list
c2c72c6 firewall3: remove last remaining sprintf()
12f6f14 iptables: fix serializing multiple weekdays
00f27ab firewall3: fix duplicate defaults section detection
e8f2d8f ipsets: allow blank/commented lines with loadfile
8c2f9fa fw3: zones: limit zone names to 11 bytes
78d52a2 options: fix parsing of boolean attributes
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 0d75aa27d4093625c85f2d2233dd5392a7e2aa32)
Backport upstream patch that fixes TRGMII mode now that mt7530 is
actually resetting the switch on ramips devices.
Patches apply to both Linux 5.4 and 5.10, since TRGMII is broken on both.
Fixes: 69551a244292 ("ramips: manage low reset lines")
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit 680f91d0e5444d58815af03bf41c12592438f9d8)
Instead of deactivating this in every target config, deactivate it once
in the generic kernel config. I was asked for this config option in a
x86 64 build in OpenWrt 21.02.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 7d6553c72edada262ada8dbe871243c35400573d)
This device is a wireless router working on 2.4GHz band based on
Qualcom/Atheros AR9132 rev 2 SoC and is accompanied by Atheros AR9103
wireless chip and Realtek RTL8366RB/S switches. Due to two different
switches being used also two different devices are provided.
Specification:
- 400 MHz CPU
- 64 MB of RAM
- 32 MB of FLASH (NOR)
- 3x3:2 2.4 GHz 802.11bgn
- 5x 10/100/1000 Mbps Ethernet
- 4x LED, 3x button, On/Off slider, Auto/On/Off slider
- 1x USB 2.0
- bare UART header place on PCB
Flash instruction:
- NOTE: Pay attention to the switch variant and choose the image to
flash accordingly. (dmesg / kernel logs can tell it)
- Methods for flashing
- Apply factory image in OEM firmware web-gui.
- Sysupgrade on top of existing OpenWRT image
- U-Boot TFPT recovery for both stock or OpenWRT images:
The device U-boot contains a TFTP server that by default has
an address 192.168.11.1 (MAC 02:AA:BB:CC:DD:1A). During the boot
there is a time window, during which the device allows an image to
be uploaded from a client with address 192.168.11.2. The image will
be written on flash automatically.
1) Have a computer with static IP address 192.168.11.2 and the
router device switched off.
2) Connect the LAN port next to the WAN port in the device and the
computer using a network switch.
3) Assign IP 192.168.11.1 the MAC address 02:AA:BB:CC:DD:1A
arp -s 192.168.11.1 02:AA:BB:CC:DD:1A
4) Initiate an upload using TFTP image variant
curl -T <imagename> tftp://192.168.11.1
5) Switch on the device. The image will be uploaded subsequently.
You can keep an eye on the diag light on the device, it should
keep on blinking for a while indicating the writing of the image.
General notes:
- In the stock firmware the MAC address is the same among all
interfaces so it is left here that way too.
Recovery:
- TFTP method
- U-boot serial console
Differences to ar71xx platform
- This device is split in two different targets now due to hardware
being a bit different under the hood. Dynamic solution within the same
image is left for later time.
- GPIOs for a sliding On/Off switch, marked 'Movie engine' on the device
cover, were the wrong way around and were renamed qos_on -> movie_off,
qos_off -> movie_on. Associated key codes remained the same they were.
The device tree source code is mostly based on musashino's work
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
(cherry picked from commit bc356de2850f14629cb1301be719772fa1212e72)
Generally, in upstream CFI flash memory driver uses buffers for write
operations. That does not work with AMD chip with id 0x2201 and we must
resort to writing word sized chunks only. That is, to not apply general
buffer write functionality for this given chip.
Without the patch kernel logs will be flooded with entries like below:
MTD do_erase_oneblock(): ERASE 0x01fa0000
MTD do_write_buffer(): WRITE 0x01fa0000(0x00001985)
MTD do_erase_oneblock(): ERASE 0x01f80000
MTD do_write_buffer(): WRITE 0x01f80000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f8000a.
jffs2: Write clean marker to block at 0x01a60000 failed: -5
MTD do_erase_oneblock(): ERASE 0x01f60000
MTD do_write_buffer(): WRITE 0x01f60000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f6000a.
jffs2: Write clean marker to block at 0x01a40000 failed: -5
References: http://patchwork.ozlabs.org/project/linux-mtd/patch/20210309174859.362060-1-sandberg@mailfence.com/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to usptream fix submission]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 8cc0fa8faceadac85353bb1a96e074518ef124e2)
NXP 74HC153 is a GPIO expander. Its original source cide sits in ar71xx
architecture tree. It has been slightly modified to get GPIO pin
configuration from the device tree rather than a MACH file.
Changes to the source file:
- Remove struct nxp_74hc153_config
- in nxp_74hc153_probe(), fetch GPIO configuration from device tree
- allow GPIO framework decide the base number by passing -1 to it
- remove support for kernel versions below 4.5.0
- add OF device compatibility string
Create a package for inclusion in image.
References: https://lore.kernel.org/linux-gpio/545111184.50061.1615922388276@ichabod.co-bxl/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to driver usptreaming work in progress]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 6a6f9e73dd65f9201bee911d2fae8595f86c093b)
This version fixes 2 security vulnerabilities, among other changes:
- CVE-2021-3450: problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag.
- CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 0bd0de7d43b3846ad0d7006294e1daaadfa7b532)
Remove duplicate packages by running in `target/linux/` rather than
`target/linux/<target>/<subtarget>` and sort packages alphabetically.
Squash commit of:
7880a64848 build,json: 3rd fixup of default_packages
b36068d35d build,json: fixup fixup of arch_packages
1bf2b3fe90 build,json: fixup missing arch_packages
Signed-off-by: Paul Spooren <mail@aparcar.org>
This should fix the problem of mwlwifi-firmware-* not being found
when using the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 9b3aaf1cdb873cc2a7b2f2ef4e72ddb716afba38)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Calling without the DUMP=1 argument causes the target specific Makefile
to be "included" again which adds the target specific packages twice,
once on the actual run and once included from `include/target.mk`.
This led to duplicate package entries, causing confusion in downstream
projects using the generated JSON files.
While at it, apply `black` style to Python script.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 7f4c2b1a4f9216218dced64794318f2197565c85)
Make sysupgrade backup import more verbose.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit fdbdbe8eaaa6aa3acacdcb3ae1308b2a2055fc39)
Physical port order watched from the back of the device is:
4 / 3 / 2 / 1 / WAN which also matches corresponding leds.
This patch corrects LuCI switch webpage LAN port order.
Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[improve commit title, fix sorting in 02_network]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 46c0634b508f731df487a7909c439b2794445e26)
This patch enables LED support for the GL.iNet GL-MV1000
Signed-off-by: Jeff Collins <jeffcollins9292@gmail.com>
[add SPDX identifier on new file, add aliases, minor cosmetic issues]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit 6e0c780eb3b4ba1e52216c1d671897749dd81829)
15346de client: Always close connection with request body in case of error
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 1170655f8b792b34f899350cb0272ad94bb2d3e2)
Instead of doing uci commit and reload_config for each setting do it
only once when one of these options was changed. This should make it a
little faster when both conditions are taken.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 501221af542b5154fbf8788f8426bc7f5443764a)
Without this change the config is only committed, but the uhttpd daemon
is not reloaded. This reload is needed to apply the config. Without the
reload of uhttpd, the ubus server is not available over http and returns
a Error 404.
This caused problems when installing luci on the snapshots and
accessing it without reloading uhttpd.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d25d281fd6686bda67636f6c1df918145b6cb738)
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Security fixes:
* Fix a buffer overflow in mbedtls_mpi_sub_abs()
* Fix an errorneous estimation for an internal buffer in
mbedtls_pk_write_key_pem()
* Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout()
* Guard against strong local side channel attack against base64 tables
by making access aceess to them use constant flow code
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit dbde2bcf60b5d5f54501a4b440f25fe7d02fbe5d)
This kernel config option was missing and resulted in a question when
building.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 047b7621bb3ac266d193cf110a468e42f844be4f)
This adds NVMEM bindings that are needed for proper booting on Linksys
devices.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 98d456a14e00e24acec36247fb5bd379da90f84e)
NVRAM access may be needed early in boot process. Reading it using mtd
happens quite late in the init process. Add NVRAM initialization to the
NVMEM driver which comes up early and depends on IO mapping only.
This is required by Linksys devices which use NVRAM content for proper
partitioning (detecting current firmware partition).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit baf04eed028a838518c65be48cbaabe0892343aa)
Refactoring of bcm47xx_nvram driver. It's used by bcm47xx and bcm53xx.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 1c48eee5b2bcfaf9815cc9a6f6664392d17164cb)
It supports NVRAM access described using DT binding. Right now NVRAM
data is exposed using /sys/bus/nvmem/ only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 01b1b375281b77233d65eb0ebda8e4e3a1bd2407)
One 5.12 link fix and 5.13 crossbar support.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e1b4fd52a8efe1dfcad4f4fbe59f1c35a09be0bd)
This includes 5.12 fix and 5.13 improvements.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7091e312307f4563d4a7afb5946140120cfa87fa)
Some patches were slightly cleaned up. One things worth mentioning is
that adding:
phy-mode = "rgmii"
broke SF2 driver. It made it access random register breaking switch
setup.
That's why this commit also adds a quick sf2 fix.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 05dbfe616d551bce1a19d3846c8949c047325624)
It's meant to provide upstream support for mtd & NVMEM. It's required
e.g. for reading MAC address from mtd partition content. It seems to be
in a final shape so it's worth testing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit e90e75b12c818c49704755b9e530491aee2d554c)
It's a BCM4906 based device (2 CPU cores). It has 512 MiB of RAM, 4 LAN
ports, 1 WAN port, 2 USB ports, NAND flash. WiFi unknown at this point.
Flashing is possible using CFE only, proper image will be worked on
later.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 8d24da14702b8da820bf2e3952d5691f77136018)
d035016 tp-link: rename to tplink to match DT vendor prefix
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 4d961436c490800237fdca177b782a82aa300c32)
This adds the latest version of ofpart commit. It hopefully
1. Doesn't break compilation
2. Doesn't break partitioning
(this time).
It's required to implement fixed partitioning with some quirks. It's
required by bcm53xx, bcm4908, kirkwood, lantiq and mvebu.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit 7a7b2fd809809fbd7045bd3dad4fc896a6fef06f)
The most noticeable one is fix for RX stopping on high traffic.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit acbea54bc29a22d8fb171bc9da0f1b16fb0ec233)
This allows using the last integrated PHY (and so e.g. WAN port on the
ASUS GT-AC5300).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit ad8b759fd17bd31fdb7a026f247fd6ec81b372d3)
The ImageBuilder `make manifest` prints all installed packages. This
function can be used to create a list of package and corresponding
package versions before attempting image creation.
When called with `--strip-abi` OPKG can automatically strip attached
ABIVersions from package names. Make this function accessible for the
ImageBuilder by adding a `STRIP_ABI` variable.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 0f7cd97f812adaf4b2c2048227610d150aec72cc)
Refreshed all patches.
The following patches were applied upstream:
* 755-v5.8-net-dsa-add-GRO-support-via-gro_cells.patch
* 831-v5.9-usbip-tools-fix-build-error-for-multiple-definition.patch
Compile-tested on: x86_64, ipq40xx, ath79
Runtime-tested on: x86_64, ipq40xx, ath79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
d3f2041 uci: manually clear uci_ptr flags after uci_delete() operations
ccb7517 sys: packagelist: drop ABI version from package name
(cherry picked from commit da339a6d3f78f86bb653f29dd1d1aea8351bfdad)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
d71856a pkg: pass-through ABIVersion to status file
d3a63b3 libopkg: add option to strip ABI versions from listed names
5936c4f libopkg: pkg_hash: prefer original packages to satisfy dependencies
(cherry squashed from commit 6a7a1f1c64cb307aef561b66956d32867b119a24,
commit 988ed0080284903d1fe4851c5ae8f1238bc61da2 and
commit b5f6d20560b71025d376cb3052f1d1c2e92b409d)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
With the existence of ABI versions there is no clean way to determine
the package name without an attached ABI version. The Packages index is
stored on device to know what packages are installed.
The ABIVersion was recently removed in c921650382 "build: drop ABI
version from metadata", while ABI versions still exists. This becomes a
problem if a user tries to export installed packages via `ubus call
rpcd-sys packagelist` which would return package names including the ABI
version. Trying to find these packages in a later release with changes
ABI version is impossible.
This commits adds the `ABIVersion` field again. Knowing both the
combined (SourceName + ABIVersion) and the `ABIVersion` it is possible
to calculate the package `SourceName` without storing it in the
on-device package list.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit fc5b101c06928884d2b0c42b11bf917d29538971)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
