xback has quit [Remote host closed the connection]
xback has joined #openwrt-devel
ahf has quit [Ping timeout: 480 seconds]
micw has joined #openwrt-devel
<micw>
hello
<micw>
I have a bunch of cheap china lte/4g routers. Chipset is m7628dan. From what I have extraced from the firmware image, it is already OpenWRT based but much stripped down. What would be a good way to get root access to check the device or to build a custom openwrt for it?
<micw>
the squashfs image extracted from the firmware does not contain a passwd or shadow file. I have no idea how the root pw is set or the "admin" user is created. I grepped for relevant strings through the filesystem with on success
<micw>
It's maybe somewhere in the xz encoded data blob where binwalk was unable to find anything usefull
mirko_ has joined #openwrt-devel
<mirko_>
hello, is there anywhere structure of openwrt explained to detail
<mirko_>
i cant find such info and would like to start contributing to the git, but cant seem to understand what openwrt consists of
<mirko_>
is it just a linux kernel or is there a c code which defines routing etc
micw has quit [Remote host closed the connection]
micw has joined #openwrt-devel
micw has quit [Remote host closed the connection]
micw has joined #openwrt-devel
<micw>
I was able to flash the firmware from http://www.tuoshi.net/download.asp?pid=22 (LT16S/LT21B). Seems to be identical except that is has a 5g Wifi menu entry which my firmware does not have
Guest6410 has quit [Quit: WeeChat 3.5]
Daanct12 has joined #openwrt-devel
<micw>
Unfortunately I was not able to modify the firmware to gain root access: Image1 is borken[SIC!]. Copy Image2 to Image1
<ukleinek>
micw: if you have bootloader access (typically via UART) boot with init=/bin/sh
<micw>
i do have access to uboot
<micw>
but no idea how to set the kernel command line
<micw>
U-Boot 1.1.3 (Apr 2 2021 - 10:40:12)
<micw>
MT7628 # ?
<micw>
? - alias for 'help'
<micw>
cp - memory copy
<micw>
bootm - boot application image from memory
<micw>
erase - erase SPI FLASH memory
<micw>
go - start application at address 'addr'
<micw>
help - print online help
<micw>
loadb - load binary file over serial line (kermit mode)
<micw>
md - memory display
<micw>
mdio - Ralink PHY register R/W command !!
<micw>
mm - memory modify (auto-incrementing)
<micw>
nm - memory modify (constant address)
<micw>
printenv- print environment variables
<micw>
reset - Perform RESET of the CPU
<micw>
rf - read/write rf register
<micw>
saveenv - save environment variables to persistent storage
<micw>
setenv - set environment variables
<micw>
spi - spi command
<micw>
tftpboot- boot image via network using TFTP protocol
<micw>
version - print monitor version
<micw>
that's all commands I have
<micw>
the crc check seems to be part of the image itself
<micw>
i can use tftpboot to load the image to ram and "bootm 0x82000000" to start it. Then I get the message that CRC is wrong
mirko_ has quit [Quit: Page closed]
<ukleinek>
micw: printenv bootargs
<ukleinek>
micw: to see the current value, and then you can do setenv bootargs "the old value init=/bin/sh"
<ukleinek>
micw: (unless this doesn't work because the bootcmd resets bootargs)
<micw>
it looks like the image itself contains some code that checks the image and then boots the kernel with args
enyc has quit [Remote host closed the connection]
robimarko has joined #openwrt-devel
f00b4r0 has joined #openwrt-devel
<xback>
nbd: Apologies for bugging you again. I noticed this patch from 2013 from you: https://git.openwrt.org/?p=openwrt/openwrt.git;a=blob;f=package/network/services/hostapd/patches/310-rescan_immediately.patch;h=043f07c6271d78d310df585594257ff67892cea7;hb=1d75f7506df7518d59b9d3c5297feb93f0828917
<xback>
nbd: what is the exact rationale for this one? is it still required?
aveng3r has quit [Remote host closed the connection]
lynxis has joined #openwrt-devel
hitech95 has joined #openwrt-devel
<f00b4r0>
ynezz: ping?
goliath has joined #openwrt-devel
<paintenzero>
Does anyone know how eeprom file is selected for MT7915? I have a devkit Hilink RM60. It just needs a file /lib/firmware/mediatek/mt7915_rom_patch.bin. And now we made our board with the same MT7621a and MT7915 crystals. On the exact same OpenWRT 22.03 I get an error that file mt7915_eeprom_dbdc.bin is missing.
<PaulFertser>
paintenzero: the filename comes from mt76 kernel driver
<PaulFertser>
paintenzero: dbdc stands for dual band dual concurrent so it looks like your "eeprom" data on new board tells it that DBDC chip/configuration is used.
<PaulFertser>
paintenzero: (dbdc flag) see mt7915_band_config() how it's determined on this hardware
<paintenzero>
PaulFertser: I see. Thank you. Do you know where I can get correct mt7915_eeprom_dbdc.bin? I tried to use the one from my PC but I got "eeprom load fail, use default bin". Wlan interfaces appeared in the system but there is no signal from AP. Also scan results return either nothing or very weak signal from AP that sits in 10cm from MT7915.
<PaulFertser>
paintenzero: huh, you need some proper calibration equipment to create a new board using just the chip.
<PaulFertser>
And mediatek tools
<paintenzero>
PaulFertser: they are needed to create a proper eeprom with calibrated data?
<PaulFertser>
paintenzero: assuming you designed a new PCB with new RF part, yes. If you just soldered a module, no, the module vendor does the job.
<PaulFertser>
And every single board that was manufactured is supposed to be individually calibrated.
<PaulFertser>
When you buy a module it's supposed to have a literal EEPROM (or flash) that stores calibration data produced at the factory.
xback has quit [Remote host closed the connection]
<paintenzero>
PaulFertser: I see. Thank you!
xback has joined #openwrt-devel
<paintenzero>
PaulFertser: Do you know what equipment is used for that?
<PaulFertser>
paintenzero: guess you need to ask Mediatek engineers for that, surely you have contract with them if you buy bare chips?
<paintenzero>
PaulFertser: I guess our partner in China has the contact. I will try to ask him.
<PaulFertser>
paintenzero: good luck. And please share how it goes and any and all details that you're allowed to share :))
<paintenzero>
PaulFertser: ok :) I hope we will find the calibration tool...
<hitech95>
Guys I have a dumb question if a bluetooth (HCI) device just work with hci attach without any DTS is there a file I have to adit to add support to? (like a HCI service or something?)
<hitech95>
I just have to run: hciattach -s <baud_rate> /dev/serialX any <baud_rate> flow to have it working
<rsalvaterra>
nbd: Just a quick question (haven't been paying a lot of attention to netifd development). Does this commit mean it's now possible to set the flow control for each interface? https://git.openwrt.org/?p=project/netifd.git;a=commitdiff;h=f429bd94f99e55548bf4fa8156c165017ce3c41c
<hitech95>
KanjiMonster, thounght that too, but the driver is lacking dts bindings as it seems to be working with the h4. its an ESP32 with the HCI firmware
Daanct12 has quit [Quit: WeeChat 4.1.1]
<KanjiMonster>
hitech95: does it use a kernel driver then, or is this something done in userspace? (I'm not versed enough in bluetooth to know)
<hitech95>
KanjiMonster, it seems to use the s
<hitech95>
it seems to use userspace tool but **should** be compatible with the uart H4, but that tdriver is not compatible with DTS entries. I'll have to figure it out.
<KanjiMonster>
hitech95: I guess this is a bit more complicated than adding a compatible somewhere. Surely like a fun project, but maybe not a requirement for adding the board
<hitech95>
KanjiMonster, yea for sure but since the board has/could have IOT functions (BLE and Zigbee) it is quite interensting to have them supported at least on the OS level.
<hitech95>
And I would love to have them so I can have a FOSS hub instead of OEM junks
<KanjiMonster>
AFACT you would likely need to extend hci_uart.c with a serdev driver or add a hci_esp32 serdev driver to move the setup into the kernel
<hitech95>
Yea that might be the way to go :D
ahf has joined #openwrt-devel
micw has quit [Remote host closed the connection]
minimal has joined #openwrt-devel
<Ansuel>
nbd there is the handy maintainer tool script to update git base packages ( ./update_git_source_package.sh PACKAGE NAME )
<nbd>
btw. i'm making good progress on udebug. publishing and polling ring buffers works now, and i have code for writing pcaps. now it's time to write the ucode module
<nbd>
log messages and blobmsg data will automatically be converted to dbus wire protocol packets when writing to pcap
<Ansuel>
really curious what will be the final thing
<nbd>
the idea is to hook ring buffers with internal log/debug data into any service on openwrt with a simple api
<nbd>
and when something happens, you can use the cli to snapshot them and put the result in a single .pcap file
<nbd>
with all the data sorted by time
<nbd>
e.g. you can get hostapd debug messages, netlink messages, 802.11 management frames, etc. in a single capture
<nbd>
to figure out what was going ton
<nbd>
all decoded properly by wireshark
<nbd>
or even stream the data from the device to the host in real time