Luci shows switch ports in inverted order on that device.
This patch fixes switch port numbering and matches them to the device
silkscreen.
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
The VoCore2 features 128MB of RAM, therefore set
memory in DTS to 128*1024*1024 = 0x8000000
The board's LED is connected to GND, set it to
ACTIVE_HIGH here.
Make serial console working again on kernel 4.9 by
change of pinmux configuration.
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
The TP-Link RE350 is a wall-wart AC1200 range extender/access point with
a single gigabit ethernet port and two non-detachable antennas, based on
the MT7621A SoC with MT7603E and MT7612E radios.
Firmware wise it is very similar to the QCA based RE450.
SoC: MediaTek MT7621A (880MHz)
Flash: 8MiB (Winbond W25Q64)
RAM: 64MiB (DDR2)
Ethernet: 1x 1Gbit
Wireless: 2T2R 2.4Ghz (MT7603E) and 5GHz (MT7612E)
LEDs: Power, 2.4G, 5G (blue), WPS (red and blue), ethernet link/act
(green)
Buttons: On/off, LED, reset, WPS
Serial header at J1, 57600 8n1:
Pin 1 TX
Pin 2 RX
Pin 3 GND
Pin 4 3.3V
Factory image can be uploaded directly through the stock UI.
Signed-off-by: Alex Maclean <monkeh@monkeh.net>
It uses one MT7615D radio chip with DBDC mode enabled. This mode allows
this single chip act as an 2x2 11n radio and an 2x2 11ac radio at the
same time. However mt76 doesn't support it currently so there is no
wireless available.
Specification:
- SoC: MediaTek MT7621AT
- Flash: 16 MB
- RAM: 128 MB
- Ethernet: 1 x WAN (10/100/1000Mbps) and 4 x LAN (10/100/1000 Mbps)
- Wireless radio: MT7615D on PCIE0
- UART: 1 x UART on PCB - 57600 8N1
Issue:
- Wireless radio doesn't work due to the lack of driver.
Flash instruction:
Using UART:
1. Configure PC with a static IP address and setup an TFTP server.
2. Put the firmware into the tftp directory.
3. Connect the UART line as described on the PCB.
4. Power up the device and press 2,then follow the instruction to
set device and tftp server IP address and input the firmware
file name.U-boot will then load the firmware and write it into
the flash.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
For targets using the generic board detection and board specific
settings in diag.sh, the board name is still unset at the time the
set_state() provided by diag.sh is called by 10_indicate_preinit.
Change the execution order to ensure the boardname is populated before
required the first time. Do the target specific board detection as
early as possible, directly followed by the generic one to allow a
seamless switch to the generic function for populating /tmp/sysinfo/.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Correct MAC address lookup to appropriate offset based on vendor
source.
Override the WAN MAC to use the same address as LAN. The switch driver
increments the base MAC address for the WAN vlan but the stock firmware
uses the same MAC address for all interfaces.
Based on vendor source commit
https://github.com/domino-team/lede-1701/commit/efb0518
Signed-off-by: John Marrett <johnf@zioncluster.ca>
- Refreshed all patches
- Removed upstreamed
- Adapted 4 patches:
473-fix-marvell-phy-initialization-issues.patch
-----------------------------------------------
Removed hunk 5 which got upstreamed
403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch
404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch
--------------------------------------------------------------
Adapted these 2 RFC patches, merging the delta's from an upstream commit
(see below) which made it before these 2.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-
stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0
180-usb-xhci-add-support-for-performing-fake-doorbell.patch
-----------------------------------------------------------
- Moved fake_doorbell bitmask due to new item
Compile tested on: cns3xxx, imx6
Run tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
With kernel 4.8 common used code was moved to a shared kmod. Add the
missing dependency to the shared snd-soc-simple-card-utils.ko.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Most of the ubnt-erx definition can be reused; the package removals in
DEVICE_PACKAGES have become redundant after d17cb4a68a "ramips: purge
default packages on MT7621".
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
TP-Link TL-WR840N v4 and TL-WR841N v13 are simple N300 routers with
5-port FE switch and non-detachable antennas. Both are very similar
and are based on MediaTek MT7628NN (aka MT7628N) WiSoC.
The difference between these two models is in number of available
LEDs, buttons and power input switch.
This work is partially based on GitHub PR#974.
Specification:
- MT7628N/N (580 MHz)
- 64 MB of RAM (DDR2)
- 8 MB of FLASH
- 2T2R 2.4 GHz
- 5x 10/100 Mbps Ethernet
- 2x external, non-detachable antennas
- UART (J1) header on PCB (115200 8n1)
- TL-WR840N v4: 5x LED (GPIO-controlled), 1x button
- TL-WR841N v13: 8x LED (GPIO-controlled*), 2x button, power input
switch
* WAN LED in TL-WR841N v13 is a dual-color, dual-leads type which isn't
(fully) supported by gpio-leds driver. This type of LED requires both
GPIOs state change at the same time to select color or turn it off.
For now, we support/use only the green part of the LED.
Factory image notes:
These devices use version 3 of TP-Link header, fortunately without RSA
signature (at least in case of devices sold in Europe). The difference
lays in the requirement for a non-zero value in "Additional Hardware
Version" field. Ideally, it should match the value stored in vendor
firmware header on device ("0x4"/"0x13" for these devices) but it seems
that anything other than "0" is correct.
We are able to prepare factory firwmare file which is accepted and
(almost) correctly flashed from the vendor GUI. As it turned out, it
accepts files without U-Boot image with second header at the beginning
but due to some kind of bug in upgrade routine, flashed image gets
corrupted before it's written to flash.
Tests showed that the GUI upgrade routine copies value of "Additional
Hardware Version" from existing firmware into offset "0x2023c" in
provided file, _before_ storing it in flash. In case of vendor firmware
upgrade files (which all include U-Boot image and two headers), this
offset points to the matching field in kernel+rootfs firmware part
header. Unfortunately, in case of LEDE factory image file which contains
only one header, it points to the offset "0x2023c" in kernel image. This
leads to a corrupted kernel and ends up with a "soft-bricked" device.
The good news is that U-Boot in these devices contains well known tftp
recovery mode, which can be triggered with "reset" button. What's more,
in comparison to some of older MediaTek based TP-Link devices, this
recovery mode doesn't write whole file at offset "0x0" in flash, without
verifying provided file in advance. In case of recovery mode in these
devices, first "0x20000" bytes are always skipped and "0x7a0000" bytes
from rest of the file are stored in flash at offset "0x20000".
Flash instruction:
Until (if at all) TP-Link fixes described problem, the only way to flash
LEDE image in these devices is to use tftp recovery mode in U-Boot:
1. Configure PC with static IP 192.168.0.66/24 and tftp server.
2. Rename "lede-ramips-mt7628-tl-wr84...-squashfs-tftp-recovery.bin"
to "tp_recovery.bin" and place it in tftp server directory.
3. Connect PC with one of LAN ports, press the reset button, power up
the router and keep button pressed for around 6-7 seconds, until
device starts downloading the file.
4. Router will download file from server, write it to flash and reboot.
To access U-Boot CLI, keep pressed "4" key during boot.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
There are already two targets (lantiq, ramips) which use mktplinkfw2
tool for creating images. This de-duplicates code, introduces two new
build commands: tplink-v2-header, tplink-v2-image and makes use of
them in place of old, (sub)target specific ones.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
CONFIG_SG_POOL symbol is selected only by CONFIG_SCSI, since the last
one is disabled by default then disable CONFIG_SG_POOL by default too.
And explicitly enable it only for platforms that use CONFIG_SCSI.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
This patch adds support for the Ubiquiti EdgeRouter X-SFP and
improves support for the EdgeRouter X (PoE-passthrough).
Specification:
- SoC: MediaTek MT7621AT
- Flash: 256 MiB
- RAM: 265 MiB
- Ethernet: 5 x LAN (1000 Mbps)
- UART: 1 x UART on PCB (3.3V, RX, TX, GND) - 57600 8N1
- EdgeRouter X:
- 1 x PoE-Passtrough (Eth4)
- powered by Wallwart or passive PoE
- EdgeRouter X-SFP:
- 5 x PoE-Out (24V, passive)
- 1 x SFP (unknown status)
- powered by Wallwart (24V)
Doesn't work:
* SoC has crypto engine but no open driver.
* SoC has nat acceleration, but no open driver.
* This router has 2MB spi flash soldered in but MT
nand/spi drivers do not support pin sharing,
so it is not accessable and disabled. Stock
firmware could read it and it was empty.
Installation
via vendor firmware:
- build an Initrd-image (> 3MiB) and upload the factory-image
- initrd can have luci-mod-failsafe
- flash final firmware via LuCI / sysupgrade on rebooted system
via TFTP:
- stop uboot into tftp-load into option "1"
- upload factory.bin image
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
The "reserved" partition should probably be read-only, just in case. Even
not knowing it's content, other devices have marked it as such, so it
seems a good idea to do so also for this device.
Signed-off-by: Enrico Mioso <mrkiko.rs@gmail.com>
CC: Mathias Kresin <dev@kresin.me>
CC: Hanqing Wong <hquu@outlook.com>
All targets with NAND support should gradually move their nand_do_upgrade
calls from platform_pre_upgrade to platform_do_upgrade.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Neither the AsiaRF AWM002 or AWM003 actually has an LED on the module
board. The ld1 and ld2 do not represent actual LEDs. These pins might
connect to LEDS on an eval board or other carrier board, but that is
outside the scope of this device tree file.
Signed-off-by: Russell Senior <russell@personaltelco.net>
This patch adds supports for the GL-inet GL-MT300N-V2.
Specification:
- SoC: MediaTek MT7628AN
- Flash: 16 MiB (W25Q128FVSG)
- RAM: 128 MiB DDR
- Ethernet: 1 x WAN (100 Mbps) and 1 x LAN (100 Mbps)
- USB: 1 x USB 2.0 port
- Button: 1 x switch button, 1 x reset button
- LED: 3 x LEDS (system power led is not GPIO controller)
- UART: 1 x UART on PCB (JP1: 3.3V, RX, TX, GND)
Installation through Luci:
- The original firmware is LEDE, so both LuCI or sysupgrade can be used.
- Do not keep settings, for sysupgrade please use the -n option.
Installation through bootloader webserver:
- Plug power and hold reset button until red LED blink to bright.
- Install sysupgrade image using web interface on 192.168.1.1.
Signed-off-by: Kyson Lok <kysonlok@gmail.com>
[match maximum image size with firmware partition]
Signed-off-by: Mathias Kresin <dev@kresin.me>
This PR allow the 3G modem embedded in the DWR-512 to be managed
by the wwan-ncm scripts. The modem will use the usb-option and
usb-cdc-ether drivers.
The DWR-512 DT is updated accordingly.
Signed-off-by: Giuseppe Lippolis <giu.lippolis@gmail.com>
Refresh patches. A number of patches have landed upstream & hence are no
longer required locally:
062-[1-6]-MIPS-* series
042-0004-mtd-bcm47xxpart-fix-parsing-first-block
Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup
as it was incorrectly included upstream thus dropped from LEDE.
As it has now been reverted upstream it needs to be included again for
LEDE.
Run tested ar71xx Archer C7 v2 and lantiq.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[update from 4.4.68 to 4.4.69]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add missing include of ramips.sh in order to import the missing
ramips_board_name() procedure.
Fixes FS#774.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Specification:
- SoC: MediaTek MT7620A (580 MHz)
- RAM: 64 MiB (Winbond W9751G6JB-25)
- Flash: 16 MiB (Spansion S25FL128SAIF00)
- LAN: x4 100M
- WAN: x1 100M
- Others: USB 2.0, reset button, wps button and 9 LEDs
Issues:
- 5 GHz band is not functional (missing driver support)
Installation:
Asus windows recovery tool:
- install the Asus firmware restoration utility
- unplug the router, hold the reset button while powering it on
- release when the power LED flashes slowly
- specify a static IP on your computer:
IP address: 192.168.1.75;
Subnet mask 255.255.255.0
- Start the Asus firmware restoration utility, specify the sysupgrade
image, and press upload
TFTP Recovery method:
- set computer to a static ip, 192.168.1.75
- connect computer to the LAN 1 port of the router
- hold the reset button while powering on the router for a few seconds
- send firmware image using a tftp client; i.e from linux:
$ tftp
tftp> binary
tftp> connect 192.168.1.1
tftp> put lede-ramips-mt7620-rt-ac51u-squashfs-sysupgrade.bin
tftp> quit
Signed-off-by: Ørjan Malde <foxyred333@gmail.com>
This device exactly same as NBG-419N but with USB port and USB Led.
Specification:
- SoC: Ralink RT3052 (MIPS24Kc) @384MHz
- RAM: 32 MiB
- Flash: 8 MiB
- WLAN: WiSoC 2T2R/300Mbps (2.4GHz)
- LAN: 4x100M
- WAN: 1x100M
- USB: 1x2.0
Installation via serial console (57600 8N1) from TFTP server
- rename the firmware to something shorter, for example
"sysupgrade.bin" (max. 32 chars)
- copy firmware TFTP server's directory
- when you power on device, and see U-Boot log, immediatly push "2"
once.
- You will see this message:
2: System Load Linux Kernel then write to Flash via TFTP.
Warning!! Erase Linux in Flash then burn new one. Are you sure?
- Push "y", and enter: device IP, then TFTP server's IP, and then
image firmware file name.
The firmware will be downloaded within ~30 seconds and flashed to the
device (It will take about 2 minutes).
Signed-off-by: Alexey Belyaev <spider@spider.vc>
[squash commits, compact commit message, fix compatible string, remove
superfluous pinmuxes]
Signed-off-by: Mathias Kresin <dev@kresin.me>
In order to have a smaller initramfs image remove all packages not
needed on all devices and add them explicitely for those actually
needing them. Also remove wpad-mini from ramips default package set
and add it to all sub-targets except for MT7621.
While at it reorder packages alphabetically and replace kmod-mt76 with
kmod-mt7603 and/or kmod-mt76x2 depending on the chip actually used on
a specific board.
Hopefully fixes FS#758
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add the changes suggested by FS#716 to fix the switch driver initialization
on the ZTE Q7.
Also remove the `pinctrl-names` field obsoleted by the changes.
Reported-by: Harry Lau <harrylwc@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix a copy/paste error and include the ZBT-WE826 dtsi instead of the
ZBT-WG3526 one.
Fix the syntax error in the ZBT-WE826 dtsi to prevent an compile error.
Signed-off-by: Mathias Kresin <dev@kresin.me>