MACsec/IEEE 802.1AE is useful to secure communication to and
from endpoints at Layer 2.
Starting with 4.6, the linux kernel provides a universal
macsec driver for authentication and encryption of traffic
in a LAN, typically with GCM-AES-128, and optional replay
protection.
http://standards.ieee.org/getieee802/download/802.1AE-2006.pdf
Note:
LEDE can utilize MACsec with a static connectivity association
key (static PSK) with the ip-full package installed.
<http://man7.org/linux/man-pages/man8/ip-macsec.8.html>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
It is unclear why so many packages are selected for ClearFog Base compared
to its big brother, and there is no reason to not append metadata for Base.
Tidy this up as the only hardware difference between Base/Pro is the
presence of a switch and a different board name / device tree.
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
Remove redundancy for platform_do_upgrade_clearfog
Fix platform_copy_config_clearfog to reflect -base/-pro split
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
This patch adds the help tool wpan-ping to test the 6LoWPAN
network to help the user debug network problem.
Signed-off-by: Yunhui Fu <yhfudev@gmail.com>
This is the final bugfix release in the gcc-5 series.
Compile and run tested on macOS 10.13 (Xcode 9), mvebu/ar71xx.
Removed redundant patch for macOS (backported upstream by yours truly)
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
This module from Laird includes the following:
- CPU Atmel SoC SAMA5D31
- Wifi QCA6004
- Bluetooth CSR8811
- RAM 64MB LPDDR
- FLASH 128MB
The flash is a dual image layout, kernel a/b, rootfs a/b, and a user
partition.
Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
This module from Laird includes the following:
- CPU Atmel SoC ARM926EJS
- Wifi AR6003
- Bluetooth CSR8510
- RAM 64MB LPDDR
- FLASH 128MB
The flash is a dual image layout, kernel a/b, rootfs a/b, and a user
partition.
Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Instead of applying global defaults based on selected board, transition
to using a per board setting for UBIFS and UBINIZE.
Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
The platform generates squashfs images in a UBI block but misses the
kernel module to be able to mount the block.
DMA is also enabled to allow systems which include them in the DTS to
use it.
Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Specifications:
- SoC: Qualcomm QCA9531 (650MHz)
- RAM: 64MB
- Storage: 16MB NOR SPI flash
- Ethernet: 5x100M (1 PoE in, 4 PoE out)
- Outdoor use ready
This ethernet router is based on the same platform as the hEX PoE lite.
Installation
1. login to the Mikrotik WebUI to backup your licence keys
2. setup a DHCP/BOOTP Server with:
* DHCP-Option 66 (TFTP server name) pointing to a local TFTP
Server within the same subnet of the DHCP range
* DHCP-Option 67 (Bootfile-Name) matching the initramfs filename
of the to be booted image
3. connect the port labled internet to your local network
4. keep the reset button pushed down and power on the board
The board should load and start the initramfs image from the TFTP
Server. Login as root/without password to the started LEDE via ssh
listing on IPv4 address 192.168.1.1. Use sysupgrade to install LEDE.
Revert to RouterOS
Use the "rbcfg" package on in LEDE:
* rbcfg set boot_protocol bootp
* rbcfg set boot_device ethnand
* rbcfg apply
Open Netinstall and reboot routerboard. Now netinstall sees routerboard
and you can install RouterOS. If NetInstall gets stuck on Sending offer
just wait for it to timeout and then close and open Netinstall again.
Click on install again.
In order for RouterOS to function properly, you need to restore license
for the device. You can do that by including license in NetInstall
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kimax U-25AWF-H1 is is a 2,5" HDD Enclosure with Wi-Fi/Eth conection
and battery, based on MediaTek MT7620A.
Patch rewritten from: https://forum.openwrt.org/viewtopic.php?pid=305643
Specification:
- MT7620A CPU
- 64 MB of RAM
- 16 MB of FLASH
- 802.11bgn WiFi
- 1x 10/100 Mbps Ethernet
- USB 2.0 Host
- UART for serial console
Flash instruction:
1. Download lede-ramips-mt7620-u25awf-h1-squashfs-sysupgrade.bin
2. Open webinterface a upgrade
3. After boot connect via ethernet to ip 192.168.1.1
Signed-off-by: Daniel Kucera <daniel.kucera@gmail.com>
[fix reset button gpio, don't add a lan/wan vlan config for single
port board, add -H1 suffix do make sure that this revision of the
board is supported/tested]
Signed-off-by: Mathias Kresin <dev@kresin.me>
The following adds the Aerohive HiveAP-330 Access Point to LEDE under
the mpc85xx/p1020 subtarget.
Hardware:
- SoC: Freescale P1020NSE2DFB
- NAND: Intel JS28F512M29EWH 64MB
- Memory: 2x ProMOS V59C1G01168QBJ3 128MB (Total of 256MB)
- 2.4GHz WiFi: Atheros AR9390-AL1A
- 5.0GHz WiFi: Atheros AR9390-AL1A
- Eth1: Atheros AR8035-A PoE
- Eth2: Atheros AR8035-A
- TPM: Atmel AT97SC3204
- LED Driver: TI LP5521
Flashing:
1. Hook into UART (9600 baud) and enter U-Boot. You may need to enter a
password of administrator or AhNf?d@ta06 if prompted.
2. Once in U-Boot, tftp boot the initramfs image:
dhcp;
tftpboot 0x1000000 192.168.1.101:lede-
mpc85xx-p1020-hiveap-330-initramfs.zImage;
tftpboot 0x6000000 192.168.1.101:lede-mpc85xx-p1020-hiveap-330.fdt;
bootm 0x1000000 - 0x6000000;
3. Once booted, scp over the sysupgrade file and sysupgrade the device
to flash LEDE to the NAND.
sysupgrade /tmp/lede-mpc85xx-p1020-hiveap-330-sysupgrade.img
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
This patch adds a new kernel option called CONFIG_CMDLINE_OVERRIDE. This
setting is for devices with locked down u-boot environments, where users
are unable to change the default bootargs. When set, the fdt driver will
propagate the cmdline for the kernel from chosen/bootargs-override
instead of chosen/bootargs as long as it exists within the DTB.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
The following patch enables building of initramfs images by default for
the P1020 subtarget in mpc85xx.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
Add ext4 filesystem for creating sdcard image with ext4 rootfs and
removing ext2 as it superset of ext4.
Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
Enabled SDHCI for sama5 in kernel default config and this is needed
to mount sdcard rootfs partition during boot.
Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
removed copying of binaries to BIN_DIR during install and using
default/install to install binaries to BIN_DIR folder.
Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
Added sama5 to BUILD_SUBTARGET variable.This will populate at91bootstrap
menu options in bootloader menu only when SAMA5 devices are selected as
SUBTARGET and to avoid showing up this menu when legacy device is
selected as SUBTARGET and fixed typo mistake: sama5d3 -> sama5d2.
Signed-off-by: Sandeep Sheriker Mallikarjun <sandeepsheriker.mallikarjun@microchip.com>
This fixes the following problems:
* Add BUILD_DEVICES for legacy subtarget
* Use features from u-boot.mk for sama5 subtarget This is mainly done
by changing the prefix from uboot to U-Boot. This makes them depend
on the sama5 subtarget and not selectable for the legacy subtarget
any more
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Revert an accidental change that was introduced by having an old version
of the patch in my git tree, which was merged in 609208597b
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This patch adds a parser for the uci representation of
dnsmasq's "-a | --listen-address" option.
In summary, this option forces dnsmasq to listen on the
given IP address(es). Both interface and listen-address
options may be given, in which case the set of both
interfaces and addresses is used.
Note that if no interface option is given, but listen_address is,
dnsmasq will not automatically listen on the loopback interface.
To achieve this, the loopback IP addresses, 127.0.0.1 and/or ::1
must be explicitly added.
This option is useful for ujailed dnsmasq instances, that would
otherwise fail to work properly, because listening to the
"This host on this network" address (aka 0.0.0.0 see rfc1700 page 4)
may not be allowed.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (PKG_RELEASE increase)
This PHY requires some extra programming to work reliably with all
devices. Backport upstream fix for it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
e781569 update to latest mac80211/cfg80211 API changes
37654d7 mt76x2: fix tx status ampdu length corner case
Signed-off-by: Felix Fietkau <nbd@nbd.name>
This backports a patch from kernel 4.14 to the ath10k-ct version based
on kernel 4.13.
Some devices are using a user space script to load the calibration data
from the flash and this was not trigged any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This should help ath10k work on systems with little or no IOMMU
memory. apu2 can boot two 9888 NICs now, for instance. From
upstream patch by Adrian Chadd.
And, start building the 4.13 based CT ath10k driver.
Signed-off-by: Ben Greear <greearb@candelatech.com>
Changes since last LEDE release include:
* Fix key-setting bug that broke sending the EAPOL 2/4 in some cases. This was a
bug I introduced some time back while trying to fix .11r and simplify the key
handling logic. (Patch to wpa_supplicant fixed the race with sending the 4/4
and setting the key...un-patched supplicant will still have this race and the 4-way
auth will not work as reliably.)
* Increase amount of active-tids that can be scheduled. This fixes a tx-stall
seen with many station vdevs.
* Fix bug in upstream code that would cause the maximum peer to never be scheduled
for tx.
Signed-off-by: Ben Greear <greearb@candelatech.com>
This is no requirement and plan to support 32-bit for ls1088ardb
and ls2088ardb. Current 32-bit firmware for them couldn't work,
so only keep 64-bit support for these two boards in menuconfig.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
When build firmware for layerscape target with CONFIG_ALL_NONSHARED=y,
there would be a compile issue of usb ehci-fsl driver. Actually this
driver was for PPC platforms initially and was not ready for non-PPC
now, but a kernel kconfig patch removed PPC dependency for it. So that
kernel patch should be reverted.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
This add support for kernel 4.9 to the ar71xx target.
It was compile tested with the generic, NAND and mikrotik subtarget.
Multiple members of the community tested it on their boards and did not
report any major problem so far.
Especially the NAND part received some changes to adapt to the new
kernel APIs. The serial driver hack used for the Arduino Yun was not
ported because the kernel changed there a lot.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
By default we are reusing the stack provided by CFE, like it is intended
by CFE. On my WRT54GS it is located at 0x8043BF30, so a big kernel image
could overwrite it. Relocate it to a different memory region which is
still under the 8MB RAM, but in the higher area. We only need this
memory region for the stack of the loader, Linux will set up this
for its own.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The boot process on a WRT54GL works the following way:
1. CFE gets loaded by the boot rom from flash
2. CFE loads the loader from the flash and gzip uncompresses it
3. CFE starts the loader
4. The loader stores the FW arguments and relocates itself to
BZ_TEXT_START (now 0x80600000)
5. The loader reads the Linux image from flash
6. The loader lzma decompresses the Linux image to LOADADDR (0x80001000)
7. The loader executes the uncompress Linux image at LOADADDR
The BZ_TEXT_START was set to 0x80400000 before. When the kernel gets
uncompressed and is bigger than BZ_TEXT_START - LOADADDR it overwrote
the loader which was currently uncompressing it and made the board
crash. Increase the BZ_TEXT_START my 2 MB to have more space for the
kernel. Even on 16MB RAM devices the memory goes till 0x80FFFFFF so this
should not be a problem.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The tplink 841n v13 requires an tplink v2 image header in
front of an initramfs image.
To boot an initramfs image:
- break the uboot by holding the '4' key
- setup your tftp server 192.168.0.255
- tftp 81000000 lede-ramips-mt76x8-tl-wr841n-v13-initramfs-kernel.bin
- bootm
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
If you unplug a QMI device, the /dev/cdc-wdmX device
disappears but uqmi will continue to poll it endlessly.
Then, when you plug it back, you have 2 uqmi processes,
and that's bad, because 2 processes talking QMI to the
same device [and the same time] doesn't seem to work well.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>