Commit Graph

1613 Commits

Author SHA1 Message Date
Daniel Golle
00a326a736
firmware-utils/ptgen: remove unused variable assignment
Discovered by coverty:

 CID 1473630:  Code maintainability issues  (UNUSED_VALUE)

 Assigning value from "type_to_guid_and_name(type, &name)" to
 "part_guid" here, but that stored value is overwritten before it can
 be used.

Remove the now redundant assignment of part_guid which is also set
conditionally later on.

Fixes: 4a078bd135 ("firmware-utils/ptgen: fix partition guid and name")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-03-14 21:59:58 +00:00
Tony Ambardar
bf4aa0c6a2 tools/libelf: remove unneeded host library
This old ELF library dating to 2009 used to be necessary on MacOS but
is not required for building the kernel or tools since [1]. On Linux
systems, libelf is already an OpenWRT build-system prerequisite [2].

Presence of the older library can mask or conflict with the system libelf
and lead to build errors, as seen compiling Linux kernels since v5.8 or
host tools such as dwarves (e.g. pahole).

Remove the unnecessary tools/libelf library and avoid the related issues.

[1] 5f8e587240 ("build: force disable stack validation during kernel build
                 on non-linux systems")
[2] https://openwrt.org/docs/guide-developer/build-system/install-buildsystem#prerequisites

Tested-by: Rosen Penev <rosenp@gmail.com> (Linux)
Tested-by: Georgi Valkov <gvalkov@abv.bg> (MacOS)
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2021-03-13 22:20:02 +00:00
Daniel Golle
ce19e8fa43
tools: mkimage: add patches for 64-bit MediaTek BootROM
Add patches for mkimage to allow using it instead of the binary-only
'bromimage' tool to generate bl2 for MT7622.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-03-11 16:24:20 +00:00
Oskari Lemmela
87406bbc09 firmware-utils/ptgen: change GPT to LBA addressing
Do not align partitions with sectors. Only kb align
for GPT is supported.

Use 254 heads and 63 sectors for PMBR.

Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
2021-03-03 01:00:23 +00:00
Oskari Lemmela
460dd2fe28 firmware-utils/ptgen: add support for hybrid MBR
Adding -H option copies partition to MBR after pmbr entry.
Max 3 partitions can be copied to MBR.

Hybrid MBR is needed only in special cases.
For example mt7622 SD card boot needs MBR entry with boot
flag enabled.

Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
2021-03-03 01:00:23 +00:00
Oskari Lemmela
4a078bd135 firmware-utils/ptgen: fix partition guid and name
guid and name function should be called before storing
partition info.

Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
2021-03-03 01:00:23 +00:00
Oskari Lemmela
46c411e0b3 firmware-utils/ptgen: fix compile warnings
remove extra arguments from printf message

Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
2021-03-03 01:00:23 +00:00
Daniel Golle
c58005a943 tools/xxd: fix source URL
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-03-01 16:39:17 +00:00
Daniel Golle
2b94aac7a1
tools: xxd: use more convenient source tarball
Don't download all of vim just to build xxd. Use a tight tarball
containing only xxd sources instead.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-03-01 14:06:33 +00:00
Daniel Golle
c4dd2441e7
tools: add xxd (from vim)
U-Boot requires xxd to create the default environment from an external
file as done in uboot-mediatek.
Build xxd (only, not the rest of vim) as part of tools to make sure it
is present on the buildhost.

Reported-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-28 19:27:47 +00:00
Daniel Golle
049ac36b2f firmware-utils/ptgen: set GPT partition attributes and name
Allow setting GPT partition names as used by TF-A bl2 to identify the
FIP volume to load from eMMC and SD-card.
While at it, also allow setting 'required' attribute as it should be
used for volumes which are essential for the system to boot.
Also properly handle setting the LEGACY_BOOT flag on the partition
selected as 'active', as this is how it is specified in the spec.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-28 01:23:48 +00:00
David Bauer
ad54e32651 tools: add cpio
mediatek-mt7622 as well as mediatek-mt7623 require CPIO to create their
initramfs images. So build CPIO as part of the host toolchain.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-28 00:09:09 +00:00
David Bauer
9a9cf40dd9 download: add mirror alias for Debian
Add an alias for Debian packages and download them from the Debian
mirror redirector.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-02-26 20:41:00 +01:00
Sander Vanheule
1e75909a35 ramips: mt7621: add TP-Link EAP235-Wall support
The TP-Link EAP235-Wall is a wall-mounted, PoE-powered AC1200 access
point with four gigabit ethernet ports.

When connecting to the device's serial port, it is strongly advised to
use an isolated UART adapter. This prevents linking different power
domains created by the PoE power supply, which may damage your devices.

The device's U-Boot supports saving modified environments with
`saveenv`. However, there is no u-boot-env partition, and saving
modifications will cause the partition table to be overwritten. This is
not an issue for running OpenWrt, but will prevent the vendor FW from
functioning properly.

Device specifications:
* SoC: MT7621DAT
* RAM: 128MiB
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (MT7603EN): b/g/n, 2x2
* Wireless 5GHz (MT7613BEN): a/n/ac, 2x2
* Ethernet: 4× GbE
  * Back side: ETH0, PoE PD port
  * Bottom side: ETH1, ETH2, ETH3
* Single white device LED
* LED button, reset button (available for failsafe)
* PoE pass-through on port ETH3 (enabled with GPIO)

Datasheet of the flash chip specifies a maximum frequency of 33MHz, but
that didn't work. 20MHz gives no errors with reading (flash dump) or
writing (sysupgrade).

Device mac addresses:
Stock firmware uses the same MAC address for ethernet (on device label)
and 2.4GHz wireless. The 5GHz wireless address is incremented by one.
This address is stored in the 'info' ('default-mac') partition at an
offset of 8 bytes.
From OEM ifconfig:
    eth     a4:2b:b0:...:88
    ra0     a4:2b:b0:...:88
    rai0    a4:2b:b0:...:89

Flashing instructions:
* Enable SSH in the web interface, and SSH into the target device
* run `cliclientd stopcs`, this should return "success"
* upload the factory image via the web interface

Debricking:
U-boot can be interrupted during boot, serial console is 57600 baud, 8n1
This allows installing a sysupgrade image, or fixing the device in
another way.
* Access serial header from the side of the board, close to ETH3,
  pin-out is (1:TX, 2:RX, 3:GND, 4:3.3V), with pin 1 closest to ETH3.
* Interrupt bootloader by holding '4' during boot, which drops the
  bootloader into its shell
* Change default 'serverip' and 'ipaddr' variables (optional)
* Download initramfs with `tftpboot`, and boot image with `bootm`
    # tftpboot 84000000 openwrt-initramfs.bin
    # bootm

Revert to stock:
Using the tplink-safeloader utility from the firmware-utils package,
TP-Link's firmware image can be converted to an OpenWrt-compatible
sysupgrade image:
  $ ./staging_dir/host/bin/tplink-safeloader -B EAP235-WALL-V1 \
      -z EAP235-WALLv1_XXX_up_signed.bin -o eap235-sysupgrade.bin

This can then be flashed using the OpenWrt sysupgrade interface. The
image will appear to be incompatible and must be force flashed, without
keeping the current configuration.

Known issues:
- DFS support is incomplete (known issue with MT7613)
- MT7613 radio may stop responding when idling, reboot required.
  This was an issue with the ddc75ff704 version of mt76, but appears to
  have improved/disappeared with bc3963764d.
  Error notice example:
  [ 7099.554067] mt7615e 0000:02:00.0: Message 73 (seq 1) timeout

Hardware was kindly provided for porting by Stijn Segers.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Sander Vanheule <sander@svanheule.net>
2021-02-19 14:00:08 +01:00
Felix Fietkau
1da945b760 tools/fakeroot: fix build regression on macOS
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-15 19:58:54 +01:00
Ilya Lipnitskiy
43dc26af63 fakeroot: fix to work with glibc 2.33
The following commit removed _STAT_VER definitions from glibc:
https://sourceware.org/git/?p=glibc.git;a=commitdiff;h=8ed005daf0ab03e142500324a34087ce179ae78e

That subsequently broke fakeroot:
https://bugs.archlinux.org/task/69572
https://bugzilla.redhat.com/show_bug.cgi?id=1889862#c13
https://forum.openwrt.org/t/unable-to-build-toolchain-fakeroot-fails-perhaps-others-after-it/87966

Make the patch based on Jan Pazdziora's suggestion from here:
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/SMQ3RYXEYTVZH6PLQMKNB3NM4XLPMNZO/

Add wrappers for newly exported symbols in glibc.

Apply patch from Debian to fix warnings in fts_read and fts_children:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=676428
https://sources.debian.org/patches/fakeroot/1.25.3-1.1/eglibc-fts-without-LFS/

Fix __xmknod{,at} dev pointer argument. Switch default to assume * and
not the absence of *. On glibc 2.33+, there is no definition for these
functions in header files, so the compile test doesn't work. But, we
can default to using the pointer (as is the case with newer glibc), and
use the header file on older platforms to fail the test and use no pointer.

Tested on my x86_64 Arch Linux machine, fakeroot unit tests pass.
Also tested by building various .ipks and examining the tar contents, to
ensure that the owner uid/gid was 0/0.

Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
2021-02-15 07:39:43 +01:00
Ilya Lipnitskiy
0052daae60 tools/patchelf: bump to use latest master
Recent ABI_VERSION commits make use of patchelf. It was discovered that
with patchelf 0.10(and even 0.12) various big endian targets fail to
link against libubox SO that was processed through patchelf. Using
latest master patchelf fixes those link errors.

Potential commits affecting big-endian processing
884eccc4f0
d148bae6c1

Recent builds with failures:
http://buildbot.openwrt.org/master/images/builders/lantiq%2Fxrx200/builds/682
http://buildbot.openwrt.org/master/images/builders/ath79%2Fmikrotik/builds/449

Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-15 07:12:51 +01:00
Hauke Mehrtens
e6ccb40ba5 tools: mkimage: Update U-Boot to version 2021.01
* The fit image is now created with 0666 permission in upstream U-Boot
  remove our patch switch creates it with 0744
* The generated/autoconf.h file is created now as an empty file, it is
  not needed to remove this include any more.
* Upstream lib/rsa/rsa-sign.c now includes stdlib.h instead of malloc.h
* ALIGN_MASK was moved to imagetool.h, own patch should not be needed
  any more.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-02-08 22:46:27 +01:00
Paul Spooren
8286f3a3d3 treewide: unify OpenWrt hosted source via @OPENWRT
Multiple sources are hosted on OpenWrts source server only. The source
URLs to point to the server vary based on different epochs in OpenWrts
history.

Replace all by @OPENWRT which is an "empty" mirror, therefore using the
fallback servers sources.cdn.openwrt.org and sources.openwrt.org.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-02-05 12:00:24 -10:00
Alexey Kunitskiy
8d4afab0ab tplink-safeloader: add support for TP-Link Archer A7 v5 (RU)
Although provided in separate zip archives, the firmwares for EU
and RU version are byte-identical. This adds the missing ID compared
to the support-list in the vendor firmware.

Note (since I checked it anyway):

Partitions and support list are unchanged for all three existing
firmware versions:

  * 20200721-rel40773
  * 20201029-rel43238
  * 20201120-rel50399

Signed-off-by: Alexey Kunitskiy <alexey.kv@gmail.com>
[rewrite commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 21:57:20 +01:00
Rosen Penev
ec0c6c1143 tools/zstd: compile with cmake
It's faster and more reliable.

Removed ccache cmake build dependency as it's now implicit.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-30 18:14:50 -10:00
Rosen Penev
7534c8a2e1 tools/zstd: update to 1.4.8
Switch to the normal tarball instead of the codeload generated one. The
latter has the potential to change hashes based on changes in the repo.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2021-01-30 18:14:50 -10:00
Rafał Miłecki
c31f797527 firmware-utils: bcm4908asus: tool inserting Asus tail into BCM4908 image
Asus looks for an extra data at the end of BCM4908 image, right before
the BCM4908 tail. It needs to be properly filled to make Asus accept
firmware image.

This tool constructs such a tail, writes it and updates CRC32 in BCM4908
tail accordingly.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-01-22 20:10:38 +01:00
Rafał Miłecki
eaca08ab58 firmware-utils: bcm4908img: tool adding BCM4908 image tail
Flashing image with BCM4908 CFE bootloader requires specific firmware
format. It needs 20 extra bytes with magic numbers and CRC32 appended.

This tools allows appending such a tail to the specified image and also
verifying CRC32 of existing BCM4908 image.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-01-18 07:39:09 +01:00
Rafał Miłecki
6e7ca70449 firmware-utils: bcm4908kernel: tool adding BCM4908 kernel header
BCM4908 CFE bootloader requires kernel to be prepended with a custom
header. This simple tool implements support for such headers.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2021-01-15 07:44:46 +01:00
Felix Fietkau
3fd070e089 tools/fakeroot: fix build regression on macOS
AT_EMPTY_PATH and AT_NO_AUTOMOUNT does not exist there

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-01-14 14:01:57 +01:00
David Bauer
af49ae7d23 zstd: fix package source
It looks like GitHub changed the URL path for release tarballs, thus the
download for the zstd package was always falling back to the OpenWrt
sources mirror.

Fix the GitHub URL for one which works. The file hash remains unchanged.

Signed-off-by: David Bauer <mail@david-bauer.net>
2021-01-14 01:05:48 +01:00
Thomas Nixon
c625c821d1 tools/ccache: find libzstd using rpath
Previously, ccache would end up using the system libzstd, which is not
supposed to be a build requirement.

Signed-off-by: Thomas Nixon <tom@tomn.co.uk>
2021-01-10 21:40:23 -10:00
Paul Spooren
5876ba6460 qemu: remove obsolete package
Instead of using an ancient qemu version in-tree the building machine
should just have qemu-utils installed.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-01-10 12:29:23 -10:00
Sven Wegener
936220186d tools/cmake: always use non-ccache CC and CXX variables
cmake is a dependency of ccache, which means it is build before ccache
is available and hence must be build with non-ccache CC and CXX. It
currently works, because the cmake build system splits the compiler
variable and treats them as multiple compilers to check.

For "ccache gcc" it first tests for "ccache", which always fails,
because ccache is not a compiler by itself, even if it is available, and
then ends up calling "gcc" alone, effectively never using ccache.

Let's make this explicit by forcing the use of non-ccache CC and CXX.

Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
2021-01-06 21:44:56 -10:00
Syrone Wong
f34f4a6665 tools/fakeroot: update to 1.25.3
use PKG_FIXUP:=autoreconf to generate configure
200-hide-dlsym-error.patch deleted due to fixed upstream in another way
other patches refreshed to reflect latest changes

Signed-off-by: Syrone Wong <wong.syrone@gmail.com>
2021-01-05 08:59:31 -10:00
Gary Cooper
1a775a4fd0 ipq806x: add support for TP-Link Talon AD7200
Device hardware: https://deviwiki.com/wiki/TP-LINK_AD7200_(Talon)

The Talon AD7200 is basically an Archer C2600 with a third PCIe lane
and an 802.11ad radio. It looks like the Archers C2600/5400 but the
housing is slightly larger.

Specifications
--------------

  - IPQ8064 dual-core 1400MHz
  - QCA9988 2.4GHz WiFi
  - QCA9990 5GHz WiFi
  - QCA9500 60GHz WiFi
  - 32MB SPI Flash
  - 512MiB RAM
  - 5 GBit Ports (QCA8337)

Installation
------------

Installation is possible from the OEM web interface.
Sysupgrade is possible.
TFTP recovery is possible.
  - Image: AD7200_1.0_tp_recovery.bin

Notes
  - This will be the first 802.11ad device supported by mainline.

Signed-off-by: Gary Cooper <gaco@bitmessage.de>
2021-01-05 02:16:24 +00:00
Sven Wegener
c5d033a34d tools/fakeroot: remove undefined symbol messages
glibc started to return errors from dlerror() for dlsym() lookup failures which
results in a lot of messages from fakeroot like

dlsym(acl_get_fd): staging_dir/host/lib/libfakeroot.so: undefined symbol: acl_get_fd
dlsym(acl_get_file): staging_dir/host/lib/libfakeroot.so: undefined symbol: acl_get_file
dlsym(acl_set_fd): staging_dir/host/lib/libfakeroot.so: undefined symbol: acl_set_fd

when building OpenWrt using a recent glibc. Use the patch from the upstream
Debian package to silence these messages.

Link: https://bugs.debian.org/830912
Fixes: FS#3393
Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
2020-12-31 12:09:09 -10:00
Rosen Penev
31554e50d2 ccache: update to 4.1
Upstream switched to building with CMake. Adjust accordingly.

Reapplied patch as upstream changed the file format.

Added HOST_BUILD_PARALLEL for faster compilation.

Added cmake tool dependency and removed circular dependencies as a
result.

Adjusted dependent tools to use NOCACHE as they are needed to build
ccache.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-31 10:03:21 +01:00
Petr Štetiar
67790f5695 Revert "ccache: update to 4.1"
This reverts commit b1952dc259 as it's
causing issues on the buildbot which uses some kind of ccache wrapper
and so the breakage needs to be investigated further:

 bash: cmake: command not found
 time: tools/ccache/compile#0.05#0.03#0.15
     ERROR: tools/ccache failed to build.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-22 20:55:40 +01:00
Andrew Pikler
40437b18f4 firmware: add tool for signing d-link ru router factory firmware images
Some Russian d-link routers require that their firmware be signed with a
salted md5 checksum followed by the bytes 0x00 0xc0 0xff 0xee. This tool
signs factory images the OEM's firmware accepts them.

Signed-off-by: Andrew Pikler <andrew.pikler@gmail.com>
2020-12-22 19:11:50 +01:00
Roman Kuzmitskii
491ae3357e ath79: add support for Ubiquiti airCube AC
The Ubiquiti Network airCube AC is a cube shaped device supporting
2.4 GHz and 5 GHz with internal 2x2 MIMO antennas.
It can be powered with either one of:
 - 24v power supply with 3.0mm x 1.0mm barrel plug
 - 24v passive PoE on first LAN port
There are four 10/100/1000 Mbps ports (1 * WAN + 3 * LAN).
First LAN port have optional PoE passthrough to the WAN port.

SoC:       Qualcomm / Atheros AR9342
RAM:       64 MB DDR2
Flash:     16 MB SPI NOR
Ethernet:  4x 10/100/1000 Mbps (1 WAN + 3 LAN)
LEDS:      1x via a SPI controller (not yet supported)
Buttons:   1x Reset
Serial:    1x (only RX and TX); 115200 baud, 8N1

Missing features:
 - LED control is not supported

Physical to internal switch port mapping:
 - physical port #1 (poe in) = switchport 2
 - physical port #2 = switchport 3
 - physical port #3 = switchport 5
 - physical port #4 (wan/poe out) = switchport 4

Factory update is tested and is the same as for Ubiquiti AirCube ISP
hence the shared configuration between that devices.

Signed-off-by: Roman Kuzmitskii <damex.pp@icloud.com>
2020-12-22 19:11:50 +01:00
Rosen Penev
c0e6b785f0 tools/pkgconf: update to 1.7.3
Remove upstreamed patch.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-22 18:59:10 +01:00
Rosen Penev
b1952dc259 ccache: update to 4.1
Upstream switched to building with CMake. Adjust accordingly.

Reapplied patch as upstream changed the file format.

Added HOST_BUILD_PARALLEL for faster compilation.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-22 18:59:10 +01:00
Rosen Penev
5950397e14 tools/libressl: update to 3.3.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
2020-12-18 20:44:43 +01:00
Hannu Nyman
bfc433efd4 tools/cmake: update to 3.19.1
Update cmake to version 3.19.1

Release notes: https://cmake.org/cmake/help/v3.19/release/3.19.html

Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
2020-12-15 20:35:00 +01:00
Gioacchino Mazzurco
33ad097606 tplink-safeloader: add support for TP-Link CPE510 v3.20
This adds new strings for the v3.20 to the support list of the
already supported TP-Link CPE510 v3.

The underlying hardware appears to be the same, similar to the
situation with CPE210 v3.20 in 4a2380a1e7 ("tplink-safeloader:
expand support list for TP-Link CPE210 v3")

Signed-off-by: Gioacchino Mazzurco <gio@altermundi.net>
[extended commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-12-14 15:19:39 +01:00
Sander Vanheule
cb38170f4c
firmware-utils: tplink-safeloader: refactor meta-partition padding
Because some padding values in the TP-Link safeloader image generation
were hardcoded, different values were sometimes used throughout a
factory image. TP-Link's upgrade images use the same value everywhere,
so let's do the same here.

Although a lot of TP-Link's safeloader images have padded partition
payloads, images for the EAP-series of AC devices don't. This padding is
therefore also made optional.

By replacing the type of the padding value byte with a wider datatype,
new values outside of the previously valid range become available. Use
these new values to denote that padding should not be performed.
Because char might be signed, also replace the char literals by a
numeric literal. Otherwise '\xff' might be sign extended to 0xffff.

This results in factory images differing by 1 byte for:
* C2600
* ARCHER-C5-V2
* ARCHERC9
* TLWA850REV2
* TLWA855REV1
* TL-WPA8630P-V2-EU
* TL-WPA8630P-V2-INT
* TL-WPA8630P-V2.1-EU
* TLWR1043NDV4
* TL-WR902AC-V1
* TLWR942NV1
* RE200-V2
* RE200-V3
* RE220-V2
* RE305-V1
* RE350-V1
* RE350K-V1
* RE355
* RE450
* RE450-V2
* RE450-V3
* RE500-V1
* RE650-V1

The following factory images no longer have padding, shrinking the
factory images by a few bytes for:
* EAP225-OUTDOOR-V1
* EAP225-V3
* EAP225-WALL-V2
* EAP245-V1
* EAP245-V3

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-12-07 01:57:19 +01:00
Sander Vanheule
1a211af2cb firmware-utils: tplink-safeloader: refactor meta-partition generation
TP-Link safeloader firmware images contain a number of (small)
partitions with information about the device. These consist of:
* The data length as a 32-bit integer
* A 32-bit zero padding
* The partition data, with its length set in the first field

The OpenWrt factory image partitions that follow this structure are
soft-version, support-list, and extra-para. Refactor the code to put all
common logic into one allocation call, and let the rest of the data be
filled in by the original functions.

Due to the extra-para changes, this patch results in factory images that
change by 2 bytes (not counting the checksum) for three devices:
* ARCHER-A7-V5
* ARCHER-C7-V4
* ARCHER-C7-V5

These were the devices where the extra-para blob didn't match the common
format. The hardcoded data also didn't correspond to TP-Link's (recent)
upgrade images, which actually matches the meta-partition format.

A padding byte is also added to the extra-para partition for EAP245-V3.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-12-07 01:55:28 +01:00
Andre Heider
b0cb305236 tools: always create $STAGING_DIR/usr/{include,lib}
rules.mk always passes these as -I/-L to the toolchain.

Fixes rare errors like:
cc1: error: staging_dir/target-aarch64_cortex-a53_musl/usr/include: No such file or directory [-Werror=missing-include-dirs]

Signed-off-by: Andre Heider <a.heider@gmail.com>
Acked-by: Paul Spooren <mail@aparcar.org>
Acked-by: Rosen Penev <rosenp@gmail.com>
2020-11-27 14:46:13 +01:00
Rui Salvaterra
3f567d8452 tools/sstrip: update to latest version
Drop our local sstrip copy and use the current ELFKickers upstream
version.

Patch the original makefile in order to avoid building elftoc, since it
fails with musl's elf.h. This is fine, since we only need sstrip anyway.

Finally, add the possibility to pass additional arguments to sstrip and
pass -z (remove trailing zeros) by default, which matches the behaviour
of the previous version.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[shorten long commit msg lines]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2020-11-26 12:44:25 -10:00
Tomasz Maciej Nowak
bc64b9c32e treewide: update email address of Tomasz Maciej Nowak
Replace my o2.pl email address.

I'm still available at the old address.

Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rephrase commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-11-24 15:39:07 +01:00
Sander Vanheule
b0ecae504b ath79: support for TP-Link EAP225 v3
TP-Link EAP225 v3 is an AC1350 (802.11ac Wave-2) ceiling mount access
point. Serial port access for debricking requires fine soldering.

Device specifications:
* SoC: QCA9563 @ 775MHz
* RAM: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n, 3x3
* Wireless 5Ghz (QCA9886): a/n/ac, 2x2 MU-MINO
* Ethernet (AR8033): 1× 1GbE, 802.3at PoE

Flashing instructions:
* ssh into target device and run `cliclientd stopcs`
* Upgrade with factory image via web interface

Debricking:
* Serial port can be soldered on PCB J3 (1: TXD, 2: RXD, 3: GND, 4: VCC)
    * Bridge unpopulated resistors R225 (TXD) and R237 (RXD).
      Do NOT bridge R230.
    * Use 3.3V, 115200 baud, 8n1
* Interrupt bootloader by holding CTRL+B during boot
* tftp initramfs to flash via LuCI web interface
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

MAC addresses:
MAC address (as on device label) is stored in device info partition at
an offset of 8 bytes. ath9k device has same address as ethernet, ath10k
uses address incremented by 1.
From OEM boot log:

    Using interface ath0 with hwaddr b0:...:3e and ssid "..."
    Using interface ath10 with hwaddr b0:...:3f and ssid "..."

Tested by forum user blinkstar88

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Sander Vanheule
4f86edf477 ath79: support for TP-Link EAP225-Outdoor v1
TP-Link EAP225-Outdoor v1 is an AC1200 (802.11ac Wave-2) pole or wall
mount access point. Debricking requires access to the serial port, which
is non-trivial.

Device specifications:
* SoC: QCA9563 @ 775MHz
* Memory: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n 2x2
* Wireless 5GHz (QCA9886): a/n/ac 2x2 MU-MIMO
* Ethernet (AR8033): 1× 1GbE, PoE

Flashing instructions:
* ssh into target device with recent (>= v1.6.0) firmware
* run `cliclientd stopcs` on target device
* upload factory image via web interface

Debricking:
To recover the device, you need access to the serial port. This requires
fine soldering to test points, or the use of probe pins.
* Open the case and solder wires to the test points: RXD, TXD and TPGND4
  * Use a 3.3V UART, 115200 baud, 8n1
* Interrupt bootloader by holding ctrl+B during boot
* upload initramfs via built-in tftp client and perform sysupgrade
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

MAC addresses:
MAC address (as on device label) is stored in device info partition at
an offset of 8 bytes. ath9k device has same address as ethernet, ath10k
uses address incremented by 1.
From stock ifconfig:

    ath0      Link encap:Ethernet  HWaddr D8:...:2E
    ath10     Link encap:Ethernet  HWaddr D8:...:2F
    br0       Link encap:Ethernet  HWaddr D8:...:2E
    eth0      Link encap:Ethernet  HWaddr D8:...:2E

Tested by forum user PolynomialDivision on firmware v1.7.0.
UART access tested by forum user arinc9.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00
Sander Vanheule
b11ad48764 ath79: support for TP-Link EAP245 v1
TP-Link EAP245 v1 is an AC1750 (802.11ac Wave-1) ceiling mount access point.

Device specifications:
* SoC: QCA9563 @ 775MHz
* RAM: 128MiB DDR2
* Flash: 16MiB SPI-NOR
* Wireless 2.4GHz (SoC): b/g/n, 3x3
* Wireless 5Ghz (QCA9880): a/n/ac, 3x3
* Ethernet (AR8033): 1× 1GbE, 802.3at PoE

Flashing instructions:
* Upgrade the device to firmware v1.4.0 if necessary
* Exploit the user management page in the web interface to start telnetd
  by changing the username to `;/usr/sbin/telnetd -l/bin/sh&`.
* Immediately change the malformed username back to something valid
  (e.g. 'admin') to make ssh work again.
* Use the root shell via telnet to make /tmp world writeable (chmod 777)
* Extract /usr/bin/uclited from the device via ssh and apply the binary
  patch listed below. The patch is required to prevent `uclited -u` in
  the last step from crashing.
* Copy the patched uclited programme back to the device at /tmp/uclited
  (via ssh)
* Upload the factory image to /tmp/upgrade.bin (via ssh)
* Run `chmod +x /tmp/uclited && /tmp/uclited -u` to install OpenWrt.

    --- xxd uclited
    +++ xxd uclited-patched
    @@ -53796,7 +53796,7 @@
     000d2240: 8c44 0000 0320 f809 0000 0000 8fbc 0010  .D... ..........
     000d2250: 8fa6 0a4c 02c0 2821 8f82 87b8 0000 0000  ...L..(!........
    -000d2260: 8c44 0000 0c13 45e0 27a7 0018 8fbc 0010  .D....E.'.......
    +000d2260: 8c44 0000 2402 0000 0000 0000 8fbc 0010  .D..$...........
     000d2270: 1040 001d 0000 1821 8f99 8374 3c04 0058  .@.....!...t<..X
     000d2280: 3c05 0056 2484 a898 24a5 9a30 0320 f809  <..V$...$..0. ..

Debricking:
* Serial port can be soldered on PCB J3 (1: TXD, 2: RXD, 3: GND, 4: VCC)
    * Bridge unpopulated resistors R225 (TXD) and R237 (RXD).
      Do NOT bridge R230.
    * Use 3.3V, 115200 baud, 8n1
* Interrupt bootloader by holding CTRL+B during boot
* tftp initramfs to flash via the LuCI web interface
    setenv ipaddr 192.168.1.1 # default, change as required
    setenv serverip 192.168.1.10 # default, change as required
    tftp 0x80800000 initramfs.bin
    bootelf $fileaddr

Tested on the EAP245 v1 running the latest firmware (v1.4.0). The binary
patch might not apply to uclited from other firmware versions.

EAP245 v1 device support was originally developed and maintained by
Julien Dusser out-of-tree. This patch and "ath79: prepare for 1-port
TP-Link EAP2x5 devices" are based on that work.

Signed-off-by: Sander Vanheule <sander@svanheule.net>
2020-11-23 22:53:15 +01:00