Re: [OpenWrt-Devel] lantiq v3.18
On Sat, 14 Feb 2015 19:55:03 +0100, John Crispin wrote: ok, i think the spi clock is just really slow m25p80@0 { #address-cells = 1; #size-cells = 1; compatible = s25fl129p0; reg = 0 0; linux,modalias = m25p80, mx25l3205d; spi-max-frequency = 100; try increasing it to 10 or 20 mhz. running the flash at 1 Mhz explains why it takes a week to boot and do anything useful. even with the bus being bitbanged it should be possible to go beyond 1mhz 1) I'm not sure what tests to run to see what frequency is safe. 2) That's the flash, though. I don't think it explains why the DSL interface in particular takes forever and a day to acknowledge anything. Does it? ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] AsiaRF AWM002 (ramips) broken at r44349
(with r44364 cherry-picked so that openssl builds) still broken at r44439. [0.00] Linux version 3.14.32 (openwrt@iris) (gcc version 4.8.3 (OpenWrt/Linaro GCC 4.8-2014.04 r44364) ) #1 Fri Feb 13 21:49:18 PST 2015 [0.00] SoC Type: Ralink RT5350 id:1 rev:3 [0.00] bootconsole [early0] enabled [0.00] CPU0 revision is: 0001964c (MIPS 24KEc) [0.00] MIPS: machine is AsiaRF AWM002 EVB [0.00] Determined physical RAM map: [0.00] memory: 0200 @ (usable) [0.00] Initrd not found or empty - disabling initrd [0.00] Zone ranges: [0.00] Normal [mem 0x-0x01ff] [0.00] Movable zone start for each node [0.00] Early memory node ranges [0.00] node 0: [mem 0x-0x01ff] [0.00] Primary instruction cache 32kB, VIPT, 4-way, linesize 32 bytes. [0.00] Primary data cache 16kB, 4-way, VIPT, no aliases, linesize 32 bytes [0.00] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 8128 [0.00] Kernel command line: console=ttyS0,57600 rootfstype=squashfs,jffs2 [0.00] PID hash table entries: 128 (order: -3, 512 bytes) [0.00] Dentry cache hash table entries: 4096 (order: 2, 16384 bytes) [0.00] Inode-cache hash table entries: 2048 (order: 1, 8192 bytes) [0.00] Writing ErrCtl register=000280f0 [0.00] Readback ErrCtl register=000280f0 [0.00] Memory: 29216K/32768K available (2293K kernel code, 115K rwdata, 456K rodata, 132K init, 180K bss, 3552K reserved) [0.00] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 [0.00] NR_IRQS:256 [0.00] CPU Clock: 360MHz [0.00] systick: running - mult: 214748, shift: 32 [0.00] genirq: Flags mismatch irq 7. 00014600 (timer) vs. 00014600 (systick) [0.01] Calibrating delay loop... 479.23 BogoMIPS (lpj=2396160) [0.07] pid_max: default: 32768 minimum: 301 [0.07] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes) [0.08] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes) [0.09] pinctrl core: initialized pinctrl subsystem [0.09] NET: Registered protocol family 16 [0.12] bio: create slab bio-0 at 0 [0.12] rt2880_gpio 1600.gpio: registering 22 gpios [0.13] rt2880_gpio 1600.gpio: registering 22 irq handlers [0.14] Switched to clocksource systick [0.14] NET: Registered protocol family 2 [0.16] TCP established hash table entries: 1024 (order: 0, 4096 bytes) [0.18] TCP bind hash table entries: 1024 (order: 0, 4096 bytes) [0.18] TCP: Hash tables configured (established 1024 bind 1024) [0.20] TCP: reno registered [0.21] UDP hash table entries: 256 (order: 0, 4096 bytes) [0.21] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes) [0.23] NET: Registered protocol family 1 [0.24] rt-timer 1100.timer: maximum frequency is 7324Hz [0.26] futex hash table entries: 256 (order: -1, 3072 bytes) [0.30] squashfs: version 4.0 (2009/01/31) Phillip Lougher [0.33] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc. [0.35] msgmni has been set to 57 [0.35] io scheduler noop registered [0.37] io scheduler deadline registered (default) [0.37] Serial: 8250/16550 driver, 2 ports, IRQ sharing disabled [0.39] 1c00.uartlite: ttyS0 at MMIO 0x1c00 (irq = 20, base_baud = 250) is a 16550A [0.42] console [ttyS0] enabled [0.42] console [ttyS0] enabled [0.42] bootconsole [early0] disabled [0.42] bootconsole [early0] disabled [0.45] ralink_soc_eth 1010.ethernet eth0: ralink at 0xb010, irq 5 [0.48] rt3xxx-usbphy usbphy.3: loaded [0.48] rt2880_wdt 1120.watchdog: Initialized [0.50] TCP: cubic registered [0.51] NET: Registered protocol family 17 [0.51] 8021q: 802.1Q VLAN Support v1.8 [0.53] VFS: Cannot open root device (null) or unknown-block(0,0): error -6 [0.55] Please append a correct root= boot option; here are the available partitions: [0.55] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0) [ 108.21] random: nonblocking pool is initialized -- Russell Senior, President russ...@personaltelco.net ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] enabling seccomp by default in kernel
Hello, I've added libseccomp into packages. That library allows programs to easily restrict the system calls they are allowed to use. In turn that uses the kernel's seccomp filter. That's one of the most reliable ways to restrict/sandbox processes into specific tasks which cannot be overriden even in the event of code injection. I've also enabled the ocserv package to use seccomp if configured to, but in order for that protection to become meaningful for other programs to use as well, it would also need the default kernel option to enable seccomp filter. regards, Nikos ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
On Fri, 13 Feb 2015 19:18:44 +0100 phaidros phaid...@subsignal.org wrote: if someone could me provide with any of those: r...@wiki.openwrt.org hostmas...@wiki.openwrt.org postmas...@wiki.openwrt.org ad...@wiki.openwrt.org webmas...@wiki.openwrt.org I'd be able to do the CACert.org procedure by myself to get a cert with the correct CN even. I'd suggest to use StatSSL as a CA, which is trusted by major browser vendors. If someone can forward me an e-mail for postmas...@openwrt.org I can do it. -- Alessandro Di Federico ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
On 02/14/2015 04:42 PM, Alessandro Di Federico wrote: On Fri, 13 Feb 2015 19:18:44 +0100 phaidros phaid...@subsignal.org wrote: if someone could me provide with any of those: r...@wiki.openwrt.org hostmas...@wiki.openwrt.org postmas...@wiki.openwrt.org ad...@wiki.openwrt.org webmas...@wiki.openwrt.org I'd be able to do the CACert.org procedure by myself to get a cert with the correct CN even. I'd suggest to use StatSSL as a CA, which is trusted by major browser vendors. If someone can forward me an e-mail for postmas...@openwrt.org I can do it. Nope, I would vote against StartSSL. I know it is free, but the procedure sucks, and honestly: there is *one* company on the planet givin out *free* SSL Certs .. if that doesn't ring bells, I dunno what could :) And yes, I used to use Startcom Certs, but the longer I think about it, the lesser I wanna do that again! my 2 cents, .k 0xB8B85894.asc Description: application/pgp-keys signature.asc Description: OpenPGP digital signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] lantiq: disable buffered writes on Intel command set flash
Some Lantiq SoCs are not able to use buffered writes properly with Intel command set flash due to the way NOR addresses on EBU are manipulated. This patch disables buffered writes on those devices. The only device affected at the moment is ARV4510PW, others use AMD/Fujitsu command set. Signed-off-by: Matti Laakso malaa...@elisanet.fi --- .../0300-MTD-cfi-cmdset-0001-disable-buffered-writes.patch| 11 +++ 1 file changed, 11 insertions(+) create mode 100644 target/linux/lantiq/patches-3.14/0300-MTD-cfi-cmdset-0001-disable-buffered-writes.patch diff --git a/target/linux/lantiq/patches-3.14/0300-MTD-cfi-cmdset-0001-disable-buffered-writes.patch b/target/linux/lantiq/patches-3.14/0300-MTD-cfi-cmdset-0001-disable-buffered-writes.patch new file mode 100644 index 000..fdd065d --- /dev/null +++ b/target/linux/lantiq/patches-3.14/0300-MTD-cfi-cmdset-0001-disable-buffered-writes.patch @@ -0,0 +1,11 @@ +--- a/drivers/mtd/chips/cfi_cmdset_0001.c b/drivers/mtd/chips/cfi_cmdset_0001.c +@@ -40,7 +40,7 @@ + /* #define CMDSET0001_DISABLE_WRITE_SUSPEND */ + + // debugging, turns off buffer write mode if set to 1 +-#define FORCE_WORD_WRITE 0 ++#define FORCE_WORD_WRITE 1 + + /* Intel chips */ + #define I82802AB 0x00ad -- 2.1.0 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] mvebu: fix WRT1900AC ubinized images
The VID header offset must be specified explicitly. Signed-off-by: Claudio Leite lei...@staticky.com --- target/linux/mvebu/image/Makefile | 7 --- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/target/linux/mvebu/image/Makefile b/target/linux/mvebu/image/Makefile index 3512c6a..da7d217 100644 --- a/target/linux/mvebu/image/Makefile +++ b/target/linux/mvebu/image/Makefile @@ -31,6 +31,7 @@ endef # $(3): Erase Block Size # $(4): Page Size # $(5): Sub-Page Size (optional) +# $(6): VID offset (optional) define NANDProfile define Image/BuildKernel/Profile/$(1) $(call Image/Build/DTB,$(2)) @@ -48,7 +49,7 @@ define NANDProfile endef define Image/Build/Profile/$(1)/squashfs - $(call Image/Build/UbinizeImage,$(2),,squashfs, -p $(3) -m $(4) $(if $(5),-s $(5))) + $(call Image/Build/UbinizeImage,$(2),,squashfs, -p $(3) -m $(4) $(if $(5),-s $(5)) $(if $(6),-O $(6))) # The next line will be dropped, migrate your board to use a single firmware file cp $(KDIR)/$$(IMG_PREFIX)-$(2)-squashfs-ubinized.bin $(BIN_DIR) endef @@ -136,7 +137,7 @@ $(eval $(call NANDProfile,XP-DB,armada-xp-db,512KiB,4096)) $(eval $(call NANDProfile,XP-GP,armada-xp-gp,512KiB,4096)) # Boards with NAND, with subpages -$(eval $(call NANDProfile,Mamba,armada-xp-mamba,128KiB,2048,512)) +$(eval $(call NANDProfile,Mamba,armada-xp-mamba,128KiB,2048,512,2048)) # Boards with large NOR, where we want to use UBI $(eval $(call UBINORProfile,OpenBlocks-AX-3-4,armada-xp-openblocks-ax3-4,128KiB)) @@ -145,7 +146,7 @@ $(eval $(call UBINORProfile,OpenBlocks-AX-3-4,armada-xp-openblocks-ax3-4,128KiB) $(eval $(call NORProfile,385-RD,armada-385-rd,256KiB)) define Image/Build/Profile/Mamba/squashfs - $(call Image/Build/UbinizeImage,armada-xp-mamba,,squashfs, -p 128KiB -m 2048 -s 512) + $(call Image/Build/UbinizeImage,armada-xp-mamba,,squashfs, -p 128KiB -m 2048 -s 512 -O 2048) ( \ dd if=$(KDIR)/uImage-armada-xp-mamba bs=3072k conv=sync; \ dd if=$(KDIR)/$(IMG_PREFIX)-armada-xp-mamba-squashfs-ubinized.bin \ -- 2.3.0.rc1.30.g76afe74 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] enabling seccomp by default in kernel
On Sat, 2015-02-14 at 14:54 +0100, Etienne Champetier wrote: Hi Nikos, Can you send size with/without seccomp option I compiled openwrt on lantiq (3.18.7) and the size with seccomp filter is: 1481440 Feb 14 19:12 openwrt-lantiq-xway-WBMR-uImage 3695419 Feb 14 19:12 openwrt-lantiq-xway-WBMR-uImage-initramfs while the uImage without is: 1479763 Feb 14 19:18 openwrt-lantiq-xway-WBMR-uImage 3693891 Feb 14 19:18 openwrt-lantiq-xway-WBMR-uImage-initramfs regards, Nikos ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
On Sat, 14 Feb 2015 18:21:41 +0100 phaidros phaid...@subsignal.org wrote: Nope, I would vote against StartSSL. I know it is free, but the procedure sucks, and honestly: there is *one* company on the planet givin out *free* SSL Certs .. if that doesn't ring bells, I dunno what could :) They just say you're who you say you are, they don't have your private key. In any case, if you don't trust them, it doesn't matter, because they're part of the trusted set of the PKI, so everyone trusts them (and can be fooled by them). We could start talking about certificate pinning, but I don't think it's a priority right now. On Sat, 14 Feb 2015 09:35:29 -0800 Constantine A. Murenin muren...@gmail.com wrote: No, WoSign also does. https://www.wosign.com/english/price.htm In fact, WoSign gives out free certificates valid for 2-years, and they also even let you have multiple CNs in the same cert (although wildcast for free is not supported). Never tried them. StartSSL certificates last one year and are valid for one second level domain (e.g. openwrt.org) and a third level domain(e.g. wiki.openwrt.org), but you can have as many of them as you want (e.g. one for openwrt.org+wiki.openwrt.org and one for openwrt.org+www.openwrt.org). If the admins are interested in *my* help I'd go for StartSSL, for the simple reason that it takes 30 seconds to generate a new certificate, since I'm already using it. In the future, we'll all use Let's encrypt and be happy [1]. In any case, I'd avoid CACert [2]. -- Alessandro Di Federico [1] https://letsencrypt.org/ [2] https://bugzilla.mozilla.org/show_bug.cgi?id=215243 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 2/3] brcm2708: add board detection and LED support
Signed-off-by: Álvaro Fernández Rojas nolt...@gmail.com --- target/linux/brcm2708/base-files/etc/diag.sh | 25 +++ .../brcm2708/base-files/etc/uci-defaults/01_leds | 11 +++ target/linux/brcm2708/base-files/lib/brcm2708.sh | 36 ++ .../lib/preinit/03_preinit_do_brcm2708.sh | 9 ++ target/linux/brcm2708/config-3.18 | 2 -- 5 files changed, 81 insertions(+), 2 deletions(-) create mode 100644 target/linux/brcm2708/base-files/etc/diag.sh create mode 100644 target/linux/brcm2708/base-files/etc/uci-defaults/01_leds create mode 100755 target/linux/brcm2708/base-files/lib/brcm2708.sh create mode 100644 target/linux/brcm2708/base-files/lib/preinit/03_preinit_do_brcm2708.sh diff --git a/target/linux/brcm2708/base-files/etc/diag.sh b/target/linux/brcm2708/base-files/etc/diag.sh new file mode 100644 index 000..55e68b1 --- /dev/null +++ b/target/linux/brcm2708/base-files/etc/diag.sh @@ -0,0 +1,25 @@ +#!/bin/sh +# +# Copyright (C) 2015 OpenWrt.org +# + +. /lib/functions/leds.sh + +set_state() { + status_led=led0 + + case $1 in + preinit) + status_led_blink_preinit + ;; + failsafe) + status_led_blink_failsafe + ;; + preinit_regular) + status_led_blink_preinit_regular + ;; + done) + status_led_on + ;; + esac +} diff --git a/target/linux/brcm2708/base-files/etc/uci-defaults/01_leds b/target/linux/brcm2708/base-files/etc/uci-defaults/01_leds new file mode 100644 index 000..ad52c68 --- /dev/null +++ b/target/linux/brcm2708/base-files/etc/uci-defaults/01_leds @@ -0,0 +1,11 @@ +#!/bin/sh +# +# Copyright (C) 2015 OpenWrt.org +# + +. /lib/functions/uci-defaults.sh + +ucidef_set_led_mmc mmc MMC led0 mmc0 +ucidef_commit_leds + +exit 0 diff --git a/target/linux/brcm2708/base-files/lib/brcm2708.sh b/target/linux/brcm2708/base-files/lib/brcm2708.sh new file mode 100755 index 000..76870c6 --- /dev/null +++ b/target/linux/brcm2708/base-files/lib/brcm2708.sh @@ -0,0 +1,36 @@ +#!/bin/sh +# +# Copyright (C) 2015 OpenWrt.org +# + +brcm2708_board_detect() { + local machine + local name + + machine=$(awk 'BEGIN{FS=[ \t]+:[ \t]} /Hardware/ {print $2}' /proc/cpuinfo) + + case $machine in + BCM2708) + name=Raspberry Pi + ;; + BCM2709) + name=Raspberry Pi 2 + ;; + esac + + [ -z $name ] name=unknown + + [ -e /tmp/sysinfo/ ] || mkdir -p /tmp/sysinfo/ + + echo $machine /tmp/sysinfo/board_name + echo $name /tmp/sysinfo/model +} + +brcm2708_board_name() { + local name + + [ -f /tmp/sysinfo/board_name ] name=$(cat /tmp/sysinfo/board_name) + [ -z $name ] name=unknown + + echo $name +} diff --git a/target/linux/brcm2708/base-files/lib/preinit/03_preinit_do_brcm2708.sh b/target/linux/brcm2708/base-files/lib/preinit/03_preinit_do_brcm2708.sh new file mode 100644 index 000..e3cf56d --- /dev/null +++ b/target/linux/brcm2708/base-files/lib/preinit/03_preinit_do_brcm2708.sh @@ -0,0 +1,9 @@ +#!/bin/sh + +do_brcm2708() { + . /lib/brcm2708.sh + + brcm2708_board_detect +} + +boot_hook_add preinit_main do_brcm2708 diff --git a/target/linux/brcm2708/config-3.18 b/target/linux/brcm2708/config-3.18 index e75fb22..908e74d 100644 --- a/target/linux/brcm2708/config-3.18 +++ b/target/linux/brcm2708/config-3.18 @@ -175,9 +175,7 @@ CONFIG_KTIME_SCALAR=y # CONFIG_LCD_TDO24M is not set # CONFIG_LCD_VGG2432A4 is not set CONFIG_LEDS_GPIO=y -# CONFIG_LEDS_TRIGGER_DEFAULT_ON is not set # CONFIG_LEDS_TRIGGER_INPUT is not set -# CONFIG_LEDS_TRIGGER_TIMER is not set CONFIG_LOGO=y CONFIG_LOGO_LINUX_CLUT224=y # CONFIG_LOGO_LINUX_MONO is not set -- 1.9.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 1/3] uci-defaults: add ucidef_set_led_mmc
Signed-off-by: Álvaro Fernández Rojas nolt...@gmail.com --- package/base-files/files/lib/functions/uci-defaults.sh | 17 + 1 file changed, 17 insertions(+) diff --git a/package/base-files/files/lib/functions/uci-defaults.sh b/package/base-files/files/lib/functions/uci-defaults.sh index eb5b240..5a8809d 100644 --- a/package/base-files/files/lib/functions/uci-defaults.sh +++ b/package/base-files/files/lib/functions/uci-defaults.sh @@ -140,6 +140,23 @@ EOF UCIDEF_LEDS_CHANGED=1 } +ucidef_set_led_mmc() { + local cfg=led_$1 + local name=$2 + local sysfs=$3 + local trigger=$4 + + uci -q get system.$cfg return 0 + + uci batch EOF +set system.$cfg='led' +set system.$cfg.name='$name' +set system.$cfg.sysfs='$sysfs' +set system.$cfg.trigger='$trigger' +EOF + UCIDEF_LEDS_CHANGED=1 +} + ucidef_set_rssimon() { local dev=$1 local refresh=$2 -- 1.9.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH 3/3] brcm2708: force uart as the default console for procd and remove nonexistent console
procd gets last console from cmdline, so swapping tty1 (framebuffer) and ttyAMA0 (uart) is enough to force procd output via uart Signed-off-by: Álvaro Fernández Rojas nolt...@gmail.com --- target/linux/brcm2708/base-files/etc/inittab | 1 - target/linux/brcm2708/image/cmdline.txt | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/target/linux/brcm2708/base-files/etc/inittab b/target/linux/brcm2708/base-files/etc/inittab index d9d571e..c05c555 100644 --- a/target/linux/brcm2708/base-files/etc/inittab +++ b/target/linux/brcm2708/base-files/etc/inittab @@ -1,5 +1,4 @@ ::sysinit:/etc/init.d/rcS S boot ::shutdown:/etc/init.d/rcS K shutdown -tts/0::askfirst:/bin/ash --login ttyAMA0::askfirst:/bin/ash --login tty1::askfirst:/bin/ash --login diff --git a/target/linux/brcm2708/image/cmdline.txt b/target/linux/brcm2708/image/cmdline.txt index 516f270..95848bb 100644 --- a/target/linux/brcm2708/image/cmdline.txt +++ b/target/linux/brcm2708/image/cmdline.txt @@ -1 +1 @@ -dwc_otg.lpm_enable=0 rpitestmode=1 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 console=tty1 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait +dwc_otg.lpm_enable=0 rpitestmode=1 console=tty1 console=ttyAMA0,115200 kgdboc=ttyAMA0,115200 root=/dev/mmcblk0p2 rootfstype=ext4 rootwait -- 1.9.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] lantiq v3.18
ok, i think the spi clock is just really slow m25p80@0 { #address-cells = 1; #size-cells = 1; compatible = s25fl129p0; reg = 0 0; linux,modalias = m25p80, mx25l3205d; spi-max-frequency = 100; try increasing it to 10 or 20 mhz. running the flash at 1 Mhz explains why it takes a week to boot and do anything useful. even with the bus being bitbanged it should be possible to go beyond 1mhz On 13/02/2015 20:45, Daniel Gimpelevich wrote: On Fri, 13 Feb 2015 19:43:32 +0100, John Crispin wrote: look at /proc/cpuinfo please and tell us how many bogomips are reported system type : AR9 rev 1.2 machine : DGN3500 - Netgear DGN3500 processor : 0 cpu model : MIPS 34Kc V4.12 BogoMIPS: 221.18 wait instruction: yes microsecond timers : yes tlb_entries : 16 extra interrupt vector : yes hardware watchpoint : yes, count: 4, address/irw mask: [0x0ffc, 0x0ffc, 0x0ffb, 0x0ffb] isa : mips1 mips2 mips32r1 mips32r2 ASEs implemented: mips16 dsp mt shadow register sets: 1 kscratch registers : 0 package : 0 core: 0 VCED exceptions : not available VCEI exceptions : not available ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] lantiq: Fix flash for targets with NO_XIP
For targets with NO_XIP ltq_mtd-map[i].phys equals -1 and devm_ioremap fails. Fix this by using pdev-resource[i].start instead. Signed-off-by: Matti Laakso malaa...@elisanet.fi --- target/linux/lantiq/patches-3.14/0160-owrt-lantiq-multiple-flash.patch | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/linux/lantiq/patches-3.14/0160-owrt-lantiq-multiple-flash.patch b/target/linux/lantiq/patches-3.14/0160-owrt-lantiq-multiple-flash.patch index ac644ab..1848247 100644 --- a/target/linux/lantiq/patches-3.14/0160-owrt-lantiq-multiple-flash.patch +++ b/target/linux/lantiq/patches-3.14/0160-owrt-lantiq-multiple-flash.patch @@ -98,7 +98,7 @@ + else + ltq_mtd-map[i].phys = pdev-resource[i].start; + ltq_mtd-map[i].size = resource_size(pdev-resource[i]); -+ ltq_mtd-map[i].virt = devm_ioremap(pdev-dev, ltq_mtd-map[i].phys, ++ ltq_mtd-map[i].virt = devm_ioremap(pdev-dev, pdev-resource[i].start, + ltq_mtd-map[i].size); + if (IS_ERR(ltq_mtd-map[i].virt)) + return PTR_ERR(ltq_mtd-map[i].virt); -- 2.1.0 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
On 14 February 2015 at 09:21, phaidros phaid...@subsignal.org wrote: On 02/14/2015 04:42 PM, Alessandro Di Federico wrote: On Fri, 13 Feb 2015 19:18:44 +0100 phaidros phaid...@subsignal.org wrote: if someone could me provide with any of those: r...@wiki.openwrt.org hostmas...@wiki.openwrt.org postmas...@wiki.openwrt.org ad...@wiki.openwrt.org webmas...@wiki.openwrt.org I'd be able to do the CACert.org procedure by myself to get a cert with the correct CN even. I'd suggest to use StatSSL as a CA, which is trusted by major browser vendors. If someone can forward me an e-mail for postmas...@openwrt.org I can do it. Nope, I would vote against StartSSL. I know it is free, but the procedure sucks, and honestly: there is *one* company on the planet givin out *free* SSL Certs .. if that doesn't ring bells, I dunno what could :) And yes, I used to use Startcom Certs, but the longer I think about it, the lesser I wanna do that again! No, WoSign also does. https://www.wosign.com/english/price.htm In fact, WoSign gives out free certificates valid for 2-years, and they also even let you have multiple CNs in the same cert (although wildcast for free is not supported). C. ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
I think the business model of StartSSL and others, is that they give certificates for free, but you have to pay a lot in case you need to revoke a certificate. my 2 cents Saverio 2015-02-14 19:31 GMT+01:00 Alessandro Di Federico ale+o...@clearmind.me: On Sat, 14 Feb 2015 18:21:41 +0100 phaidros phaid...@subsignal.org wrote: Nope, I would vote against StartSSL. I know it is free, but the procedure sucks, and honestly: there is *one* company on the planet givin out *free* SSL Certs .. if that doesn't ring bells, I dunno what could :) They just say you're who you say you are, they don't have your private key. In any case, if you don't trust them, it doesn't matter, because they're part of the trusted set of the PKI, so everyone trusts them (and can be fooled by them). We could start talking about certificate pinning, but I don't think it's a priority right now. On Sat, 14 Feb 2015 09:35:29 -0800 Constantine A. Murenin muren...@gmail.com wrote: No, WoSign also does. https://www.wosign.com/english/price.htm In fact, WoSign gives out free certificates valid for 2-years, and they also even let you have multiple CNs in the same cert (although wildcast for free is not supported). Never tried them. StartSSL certificates last one year and are valid for one second level domain (e.g. openwrt.org) and a third level domain(e.g. wiki.openwrt.org), but you can have as many of them as you want (e.g. one for openwrt.org+wiki.openwrt.org and one for openwrt.org+www.openwrt.org). If the admins are interested in *my* help I'd go for StartSSL, for the simple reason that it takes 30 seconds to generate a new certificate, since I'm already using it. In the future, we'll all use Let's encrypt and be happy [1]. In any case, I'd avoid CACert [2]. -- Alessandro Di Federico [1] https://letsencrypt.org/ [2] https://bugzilla.mozilla.org/show_bug.cgi?id=215243 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] [PATCH] scripts: fix getver git dir check
Git internals are referenced by .git which isn't necessarily a directory. It may also be a file that references the actual .git directory using the gitdir directive. If .git is assumed to be a directory the build will not be able to get the correct version when openwrt is included as a git submodule because when used as a submodule .git will actually be a file referencing to a subdirectory in the parent's git dir. When the correct version is not detected some image generation tools will fail because the OpenWrt string will be 'OpenWrtunknown' which is too long for some header formats. Signed-off-by: Felix Kaechele hef...@fedoraproject.org --- scripts/getver.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/getver.sh b/scripts/getver.sh index 8bb384b..4643ca6 100755 --- a/scripts/getver.sh +++ b/scripts/getver.sh @@ -17,7 +17,7 @@ try_svn() { } try_git() { - [ -d .git ] || return 1 + [ -e .git ] || return 1 REV=$(git log | grep -m 1 git-svn-id | awk '{ gsub(/.*@/, , $0); print $1 }') REV=${REV:+r$REV} [ -n $REV ] -- 2.1.0 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] ramips: add back missing M25P80 flash driver
On 14/02/2015 17:26, Russell Senior wrote: fixes bug introduced by r44349 which prevents, e.g. AsiaRF AWM002 from booting. oops my bad, the config files currently used are the ones for 3.18 i will push a different patch that adds the old files in a sec Signed-off-by: Russell Senior russ...@personaltelco.net --- target/linux/ramips/rt305x/config-default | 1 + 1 file changed, 1 insertion(+) diff --git a/target/linux/ramips/rt305x/config-default b/target/linux/ramips/rt305x/config-default index 8478b6d..5ae0b1f 100644 --- a/target/linux/ramips/rt305x/config-default +++ b/target/linux/ramips/rt305x/config-default @@ -109,6 +109,7 @@ CONFIG_MIPS_L1_CACHE_SHIFT=5 CONFIG_MODULES_USE_ELF_REL=y # CONFIG_MTD_CFI_INTELEXT is not set CONFIG_MTD_CMDLINE_PARTS=y +CONFIG_MTD_M25P80=y CONFIG_MTD_PHYSMAP=y CONFIG_MTD_SPLIT_FIRMWARE=y CONFIG_MTD_SPLIT_SUPPORT=y ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
On Sat, 14 Feb 2015 20:36:19 +0100 Saverio Proto ziopr...@gmail.com wrote: I think the business model of StartSSL and others, is that they give certificates for free, but you have to pay a lot in case you need to revoke a certificate. Well, 25 bucks [1] is not a crazily high price for a one-time fee. :) -- Alessandro Di Federico [1] https://www.startssl.com/?app=37 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Ubiquiti Rocket M5 build
I think the one for the NanoStation should work as well: http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/openwrt-ar71xx-generic-ubnt-nano-m-xw-squashfs-factory.bin I never tested, but ubnt devices are all similar. Saverio 2015-02-12 21:27 GMT+01:00 Ken Buska kbu...@gmail.com: Is there anyone that is able to help create a build for the Rocket M5 XW build? -- Thank you, Ken Buska ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] Ubiquiti Rocket M5 build
On Saturday, February 14, 2015 08:40:59 PM Saverio Proto wrote: I think the one for the NanoStation should work as well: http://downloads.openwrt.org/barrier_breaker/14.07/ar71xx/generic/openwrt-ar 71xx-generic-ubnt-nano-m-xw-squashfs-factory.bin I never tested, but ubnt devices are all similar. The draw back of nanostation image is that it suppose there is two ethernet device onboard, i didn't test it neither you should test it and see if it cause some problem in your setup ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] enabling seccomp by default in kernel
On Sat, 14 Feb 2015, Nikos Mavrogiannopoulos wrote: Hello, I've added libseccomp into packages. That library allows programs to easily restrict the system calls they are allowed to use. In turn that uses the kernel's seccomp filter. That's one of the most reliable ways to restrict/sandbox processes into specific tasks which cannot be overriden even in the event of code injection. I've also enabled the ocserv package to use seccomp if configured to, but in order for that protection to become meaningful for other programs to use as well, it would also need the default kernel option to enable seccomp filter. It needs the kernel support to use the seccomp filter, but why is this so critical that it must be enabled by default? David Lang ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] enabling seccomp by default in kernel
On 15/02/2015 00:31, David Lang wrote: On Sat, 14 Feb 2015, Nikos Mavrogiannopoulos wrote: Hello, I've added libseccomp into packages. That library allows programs to easily restrict the system calls they are allowed to use. In turn that uses the kernel's seccomp filter. That's one of the most reliable ways to restrict/sandbox processes into specific tasks which cannot be overriden even in the event of code injection. I've also enabled the ocserv package to use seccomp if configured to, but in order for that protection to become meaningful for other programs to use as well, it would also need the default kernel option to enable seccomp filter. It needs the kernel support to use the seccomp filter, but why is this so critical that it must be enabled by default? David Lang the snapshots will now have libseccomp but the kernels built wont have the feature enabled. this means the lib is useless without building your own kernel. i guess nikos is trying to solve this problem. John ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] [PATCH] mvebu: fix WRT1900AC ubinized images
On Sat, 14 Feb 2015 18:18:56 +0100, Claudio Leite lei...@staticky.com wrote: The VID header offset must be specified explicitly. Signed-off-by: Claudio Leite lei...@staticky.com Added with some more explanation in the commit log as r44455. Thanks, Imre ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
Re: [OpenWrt-Devel] wiki.openwrt.org uses an invalid security certificate / expired on 12.2.2015 17:18
On Sat, Feb 14, 2015 at 09:23:50PM +0100, Alessandro Di Federico wrote: I think the business model of StartSSL and others, is that they give certificates for free, but you have to pay a lot in case you need to revoke a certificate. Well, 25 bucks [1] is not a crazily high price for a one-time fee. :) Well, their site states Service Unavailable We apologize for the inconvenience! The service will be back real soon... Anyway, I was also under the impression that out of all companies in the SSL business, StartCom is still quite reasonable. The fees seem justified, at least there is sort of a corellation between effort (i.e. cost on their side) and the fee they charge. That stands in contrast to most other players in the field who just charge as much as they can when ever they can. [1] https://www.startssl.com/?app=37 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel
[OpenWrt-Devel] Alternatives do TDMA
Hi guys, What is the best alternative to TDMA when using OpenWRT and Outdoor / PtMP access ? Any specific configuration to be done in OpenWRT in order to deal with multiple clients in different ranges ? Thanks Fernando ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/cgi-bin/mailman/listinfo/openwrt-devel