From 35f6d795134e9b089c4e763a7f58cba7d4e15e42 Mon Sep 17 00:00:00 2001 From: David Bauer Date: Sat, 18 Feb 2023 02:06:54 +0100 Subject: [PATCH] mpc85xx: add support for Watchguard Firebox T10 Hardware -------- SoC: Freescale P1010 RAM: 512MB FLASH: 1 MB SPI-NOR 512 MB NAND ETH: 3x Gigabite Ethernet (Atheros AR8033) SERIAL: Cisco RJ-45 (115200 8N1) RTC: Battery-Backed RTC (I2C) Installation ------------ 1. Patch U-Boot by dumping the content of the SPI-Flash using a SPI programmer. The SHA1 hash for the U-Boot password is currently unknown. A tool for patching U-Boot is available at https://github.com/blocktrron/t10-uboot-patcher/ You can also patch the unknown password yourself. The SHA1 hash is E597301A1D89FF3F6D318DBF4DBA0A5ABC5ECBEA 2. Interrupt the bootmenu by pressing CTRL+C. A password prompt appears. The patched password is '1234' (without quotation marks) 3. Download the OpenWrt initramfs image. Copy it to a TFTP server reachable at 10.0.1.13/24 and rename it to uImage. 4. Connect the TFTP server to ethernet port 0 of the Watchguard T10. 5. Download and boot the initramfs image by entering "tftpboot; bootm;" in U-Boot. 6. After OpenWrt booted, create a UBI volume on the old data partition. The "ubi" mtd partition should be mtd7, check this using $ cat /proc/mtd Create a UBI partition by executing $ ubiformat /dev/mtd7 -y 7. Increase the loadable kernel-size of U-Boot by executing $ fw_setenv SysAKernSize 800000 8. Transfer the OpenWrt sysupgrade image to the Watchguard T10 using scp. Install the image by using sysupgrade: $ sysupgrade -n Note: The LAN ports of the T10 are 1 & 2 while 0 is WAN. You might have to change the ethernet-port. 9. OpenWrt should now boot from the internal NAND. Enjoy. Signed-off-by: David Bauer --- package/boot/uboot-envtools/files/mpc85xx | 3 + .../mpc85xx/base-files/etc/board.d/02_network | 3 + .../base-files/lib/preinit/10_fix_eth_mac.sh | 5 + .../base-files/lib/upgrade/platform.sh | 3 +- target/linux/mpc85xx/config-5.10 | 1 + target/linux/mpc85xx/config-5.15 | 1 + .../arch/powerpc/boot/dts/firebox-t10.dts | 268 ++++++++++++++++++ .../arch/powerpc/platforms/85xx/firebox_t10.c | 87 ++++++ target/linux/mpc85xx/image/p1010.mk | 10 + target/linux/mpc85xx/p1010/config-default | 2 + ...werpc-85xx-firebox-t10-support.patch.patch | 29 ++ ...werpc-85xx-firebox-t10-support.patch.patch | 29 ++ 12 files changed, 440 insertions(+), 1 deletion(-) create mode 100644 target/linux/mpc85xx/files/arch/powerpc/boot/dts/firebox-t10.dts create mode 100644 target/linux/mpc85xx/files/arch/powerpc/platforms/85xx/firebox_t10.c create mode 100644 target/linux/mpc85xx/patches-5.10/108-powerpc-85xx-firebox-t10-support.patch.patch create mode 100644 target/linux/mpc85xx/patches-5.15/108-powerpc-85xx-firebox-t10-support.patch.patch diff --git a/package/boot/uboot-envtools/files/mpc85xx b/package/boot/uboot-envtools/files/mpc85xx index 36d9f753a1..6d389c5b57 100644 --- a/package/boot/uboot-envtools/files/mpc85xx +++ b/package/boot/uboot-envtools/files/mpc85xx @@ -16,6 +16,9 @@ ocedo,panda) ubootenv_add_uci_config "/dev/mtd1" "0x0" "0x20000" "0x20000" ubootenv_add_uci_config "/dev/mtd2" "0x0" "0x20000" "0x20000" ;; +watchguard,firebox-t10) + ubootenv_add_uci_config "$(find_mtd_part 'u-boot-env')" "0x0" "0x2000" "0x10000" + ;; aerohive,hiveap-330) ubootenv_add_uci_config "$(find_mtd_part 'u-boot-env')" "0x0" "0x20000" "0x10000" ;; diff --git a/target/linux/mpc85xx/base-files/etc/board.d/02_network b/target/linux/mpc85xx/base-files/etc/board.d/02_network index 7a677ee96f..77e208c7fa 100644 --- a/target/linux/mpc85xx/base-files/etc/board.d/02_network +++ b/target/linux/mpc85xx/base-files/etc/board.d/02_network @@ -21,6 +21,9 @@ tplink,tl-wdr4900-v1) ucidef_set_interfaces_lan_wan "lan1 lan2 lan3 lan4" "wan" ucidef_set_interface_macaddr "wan" "$(macaddr_add $(mtd_get_mac_binary u-boot 0x4fc00) 1)" ;; +watchguard,firebox-t10) + ucidef_set_interfaces_lan_wan "eth1 eth2" "eth0" + ;; *) ucidef_set_interfaces_lan_wan "eth0" "eth1" ;; diff --git a/target/linux/mpc85xx/base-files/lib/preinit/10_fix_eth_mac.sh b/target/linux/mpc85xx/base-files/lib/preinit/10_fix_eth_mac.sh index d94eba688c..d84ab5f186 100644 --- a/target/linux/mpc85xx/base-files/lib/preinit/10_fix_eth_mac.sh +++ b/target/linux/mpc85xx/base-files/lib/preinit/10_fix_eth_mac.sh @@ -6,6 +6,11 @@ preinit_set_mac_address() { ip link set dev eth0 address $(mtd_get_mac_ascii cfg1 ethaddr) ip link set dev eth1 address $(mtd_get_mac_ascii cfg1 eth1addr) ;; + watchguard,firebox-t10) + ip link set dev eth0 address "$(mtd_get_mac_text "device_id" 0x1830)" + ip link set dev eth1 address "$(mtd_get_mac_text "device_id" 0x1844)" + ip link set dev eth2 address "$(mtd_get_mac_text "device_id" 0x1858)" + ;; esac } diff --git a/target/linux/mpc85xx/base-files/lib/upgrade/platform.sh b/target/linux/mpc85xx/base-files/lib/upgrade/platform.sh index 064eeb35bc..226b40a906 100755 --- a/target/linux/mpc85xx/base-files/lib/upgrade/platform.sh +++ b/target/linux/mpc85xx/base-files/lib/upgrade/platform.sh @@ -14,7 +14,8 @@ platform_do_upgrade() { case "$board" in ocedo,panda|\ - sophos,red-15w-rev1) + sophos,red-15w-rev1|\ + watchguard,firebox-t10) nand_do_upgrade "$1" ;; *) diff --git a/target/linux/mpc85xx/config-5.10 b/target/linux/mpc85xx/config-5.10 index 909cd53092..1885a961fe 100644 --- a/target/linux/mpc85xx/config-5.10 +++ b/target/linux/mpc85xx/config-5.10 @@ -247,6 +247,7 @@ CONFIG_THREAD_SHIFT=13 CONFIG_TICK_CPU_ACCOUNTING=y CONFIG_TINY_SRCU=y # CONFIG_TL_WDR4900_V1 is not set +# CONFIG_FIREBOX_T10 is not set # CONFIG_TOOLCHAIN_DEFAULT_CPU is not set # CONFIG_TQM8540 is not set # CONFIG_TQM8541 is not set diff --git a/target/linux/mpc85xx/config-5.15 b/target/linux/mpc85xx/config-5.15 index 5700a247de..ab2eef94cd 100644 --- a/target/linux/mpc85xx/config-5.15 +++ b/target/linux/mpc85xx/config-5.15 @@ -266,3 +266,4 @@ CONFIG_WATCHDOG_CORE=y # CONFIG_XES_MPC85xx is not set CONFIG_XZ_DEC_BCJ=y CONFIG_XZ_DEC_POWERPC=y +# CONFIG_FIREBOX_T10 is not set diff --git a/target/linux/mpc85xx/files/arch/powerpc/boot/dts/firebox-t10.dts b/target/linux/mpc85xx/files/arch/powerpc/boot/dts/firebox-t10.dts new file mode 100644 index 0000000000..607706a2d4 --- /dev/null +++ b/target/linux/mpc85xx/files/arch/powerpc/boot/dts/firebox-t10.dts @@ -0,0 +1,268 @@ +// SPDX-License-Identifier: GPL-2.0-or-later or MIT + +#include +#include + +/include/ "fsl/p1010si-pre.dtsi" + +/ { + model = "Watchguard Firebox T10"; + compatible = "watchguard,firebox-t10"; + + chosen { + bootargs = "console=ttyS0,115200"; + bootargs-override = "console=ttyS0,115200"; + }; + + aliases { + spi0 = &spi0; + led-boot = &led_mode; + led-failsafe = &led_failover; + led-running = &led_mode; + led-upgrade = &led_attention; + }; + + memory { + device_type = "memory"; + }; + + leds { + compatible = "gpio-leds"; + + led_attention: attention_orange { + gpios = <&gpio0 2 GPIO_ACTIVE_LOW>; + label = "orange:attention"; + }; + + status_red { + gpios = <&gpio0 3 GPIO_ACTIVE_LOW>; + label = "red:status"; + }; + + led_mode: mode_green { + gpios = <&gpio0 4 GPIO_ACTIVE_LOW>; + label = "green:mode"; + }; + + led_failover: failover_green { + gpios = <&gpio0 5 GPIO_ACTIVE_LOW>; + label = "green:failover"; + }; + }; + + buttons { + compatible = "gpio-keys"; + + reset { + label = "Reset button"; + gpios = <&gpio0 10 GPIO_ACTIVE_LOW>; + linux,code = ; + }; + }; + + + soc: soc@ffe00000 { + ranges = <0x0 0x0 0xffe00000 0x100000>; + + i2c@3000 { + rtc@30 { + compatible = "sii,s35390a"; + reg = <0x30>; + }; + }; + + spi0: spi@7000 { + flash@0 { + compatible = "jedec,spi-nor"; + reg = <0>; + spi-max-frequency = <25000000>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + uboot: partition@0 { + reg = <0x0 0x90000>; + label = "u-boot"; + read-only; + }; + + partition@90000 { + reg = <0x90000 0x10000>; + label = "u-boot-env"; + }; + + partition@a0000 { + reg = <0xa0000 0x20000>; + label = "cfgxxx"; + read-only; + }; + + partition@c0000 { + reg = <0xc0000 0x40000>; + label = "device_id"; + read-only; + }; + }; + }; + }; + + gpio0: gpio-controller@fc00 { + }; + + usb@22000 { + phy_type = "utmi"; + dr_mode = "host"; + }; + + mdio@24000 { + phy1: ethernet-phy@1 { + reg = <0x1>; + }; + + phy2: ethernet-phy@2 { + reg = <0x2>; + }; + + phy3: ethernet-phy@3 { + reg = <0x3>; + }; + }; + + mdio@25000 { + tbi_phy1: tbi-phy@11 { + reg = <0x11>; + device_type = "tbi-phy"; + }; + }; + + mdio@26000 { + tbi_phy2: tbi-phy@11 { + reg = <0x11>; + device_type = "tbi-phy"; + }; + }; + + enet0: ethernet@b0000 { + phy-handle = <&phy1>; + phy-connection-type = "rgmii-id"; + }; + + enet1: ethernet@b1000 { + tbi-handle = <&tbi_phy1>; + phy-handle = <&phy2>; + phy-connection-type = "sgmii"; + }; + + enet2: ethernet@b2000 { + tbi-handle = <&tbi_phy2>; + phy-handle = <&phy3>; + phy-connection-type = "sgmii"; + }; + + sdhc@2e000 { + status = "disabled"; + }; + + serial1: serial@4600 { + status = "disabled"; + }; + + can0: can@1c000 { + status = "disabled"; + }; + + can1: can@1d000 { + status = "disabled"; + }; + }; + + pci0: pcie@ffe09000 { + status = "disabled"; + }; + + pci1: pcie@ffe0a000 { + status = "disabled"; + }; + + ifc: ifc@ffe1e000 { + reg = <0x0 0xffe1e000 0 0x2000>; + + /* NOR, NAND Flashes and CPLD on board */ + ranges = <0x0 0x0 0x0 0xee000000 0x02000000 + 0x1 0x0 0x0 0xff800000 0x00010000 + 0x3 0x0 0x0 0xffb00000 0x00000020>; + + nand@1,0 { + compatible = "fsl,ifc-nand"; + reg = <0x1 0x0 0x10000>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + /* + * Original partition layout: + * 0x000000000000-0x000000020000 : "NAND (RW) WG DTB Image" + * 0x000000020000-0x000000520000 : "NAND (RW) WG SYSA Kernel" + * 0x000000520000-0x000007f00000 : "NAND (RW) WG SYSA_CODE" + * 0x000007f00000-0x000008400000 : "NAND (RW) WG SYSB Kernel" + * 0x000008400000-0x000009c00000 : "NAND (RW) WG SYSB_CODE" + * 0x000009c00000-0x00000a100000 : "NAND (RW) WG SYSA2 Kernel" + * 0x00000a100000-0x000011ae0000 : "NAND (RW) WG SYSA_CODE2" + * 0x000011ae0000-0x000020000000 : "NAND (RW) WG SYSA_DATA" + */ + + partition@0 { + reg = <0x0 0x20000>; + label = "wg-dtb"; + read-only; + }; + + partition@20000 { + reg = <0x20000 0x500000>; + label = "kernel"; + }; + + partition@520000 { + reg = <0x520000 0x79e0000>; + label = "wg-sysa-rootfs"; + read-only; + }; + + partition@7f00000 { + reg = <0x7f00000 0x500000>; + label = "wg-sysb-kernel"; + read-only; + }; + + partition@8400000 { + reg = <0x8400000 0x1800000>; + label = "wg-sysb-rootfs"; + read-only; + }; + + partition@9c00000 { + reg = <0x9c00000 0x500000>; + label = "wg-sysa2-kernel"; + read-only; + }; + + partition@a100000 { + reg = <0xa100000 0x79e0000>; + label = "wg-sysa2-rootfs"; + read-only; + }; + + partition@11ae0000 { + reg = <0x11ae0000 0xe520000>; + label = "ubi"; + }; + }; + }; + }; +}; + +/include/ "fsl/p1010si-post.dtsi" diff --git a/target/linux/mpc85xx/files/arch/powerpc/platforms/85xx/firebox_t10.c b/target/linux/mpc85xx/files/arch/powerpc/platforms/85xx/firebox_t10.c new file mode 100644 index 0000000000..422bde6903 --- /dev/null +++ b/target/linux/mpc85xx/files/arch/powerpc/platforms/85xx/firebox_t10.c @@ -0,0 +1,87 @@ +// SPDX-License-Identifier: GPL-2.0-or-later + +/* + * Watchguard Firebox T10 Board Setup + * + * Copyright (C) 2023 David Bauer + * + * Based on: + * p1010rdb.c: + * P1010 RDB Board Setup + * Copyright 2011 Freescale Semiconductor Inc. + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the + * Free Software Foundation; either version 2 of the License, or (at your + * option) any later version. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include +#include + +#include "mpc85xx.h" + +void __init firebox_t10_pic_init(void) +{ + struct mpic *mpic; + + mpic = mpic_alloc(NULL, 0, + MPIC_BIG_ENDIAN | MPIC_SINGLE_DEST_CPU, + 0, 256, " OpenPIC "); + + BUG_ON(mpic == NULL); + mpic_init(mpic); +} + +/* + * Setup the architecture + */ +static void __init firebox_t10_setup_arch(void) +{ + if (ppc_md.progress) + ppc_md.progress("firebox_t10_setup_arch()", 0); + + fsl_pci_assign_primary(); + + pr_info("Firebox T10 from Watchguard\n"); +} + +machine_arch_initcall(firebox_t10, mpc85xx_common_publish_devices); + +/* + * Called very early, device-tree isn't unflattened + */ +static int __init firebox_t10_probe(void) +{ + if (of_machine_is_compatible("watchguard,firebox-t10")) + return 1; + return 0; +} + +define_machine(firebox_t10) { + .name = "P1010 RDB", + .probe = firebox_t10_probe, + .setup_arch = firebox_t10_setup_arch, + .init_IRQ = firebox_t10_pic_init, +#ifdef CONFIG_PCI + .pcibios_fixup_bus = fsl_pcibios_fixup_bus, + .pcibios_fixup_phb = fsl_pcibios_fixup_phb, +#endif + .get_irq = mpic_get_irq, + .calibrate_decr = generic_calibrate_decr, + .progress = udbg_progress, +}; diff --git a/target/linux/mpc85xx/image/p1010.mk b/target/linux/mpc85xx/image/p1010.mk index 92cad3d035..90ef46d709 100644 --- a/target/linux/mpc85xx/image/p1010.mk +++ b/target/linux/mpc85xx/image/p1010.mk @@ -40,6 +40,16 @@ define Device/tplink_tl-wdr4900-v1 endef TARGET_DEVICES += tplink_tl-wdr4900-v1 +define Device/watchguard_firebox-t10 + DEVICE_VENDOR := Watchguard + DEVICE_MODEL := Firebox T10 + DEVICE_PACKAGES := kmod-rtc-s35390a kmod-eeprom-at24 + KERNEL = kernel-bin | gzip | fit gzip $(KDIR)/image-$$(DEVICE_DTS).dtb + IMAGES := sysupgrade.bin + IMAGE/sysupgrade.bin := sysupgrade-tar | append-metadata +endef +TARGET_DEVICES += watchguard_firebox-t10 + define Device/sophos_red-15w-rev1 DEVICE_VENDOR := Sophos DEVICE_MODEL := RED 15w diff --git a/target/linux/mpc85xx/p1010/config-default b/target/linux/mpc85xx/p1010/config-default index 5ca65812d7..53e077b6c2 100644 --- a/target/linux/mpc85xx/p1010/config-default +++ b/target/linux/mpc85xx/p1010/config-default @@ -1,4 +1,5 @@ CONFIG_AT803X_PHY=y +CONFIG_CMDLINE_OVERRIDE=y # CONFIG_FSL_CORENET_CF is not set CONFIG_MTD_NAND_FSL_IFC=y CONFIG_MTD_SPLIT_FIRMWARE=y @@ -19,3 +20,4 @@ CONFIG_REGMAP=y CONFIG_REGULATOR=y CONFIG_TL_WDR4900_V1=y CONFIG_UBIFS_FS=y +CONFIG_FIREBOX_T10=y \ No newline at end of file diff --git a/target/linux/mpc85xx/patches-5.10/108-powerpc-85xx-firebox-t10-support.patch.patch b/target/linux/mpc85xx/patches-5.10/108-powerpc-85xx-firebox-t10-support.patch.patch new file mode 100644 index 0000000000..b074113eaa --- /dev/null +++ b/target/linux/mpc85xx/patches-5.10/108-powerpc-85xx-firebox-t10-support.patch.patch @@ -0,0 +1,29 @@ +--- a/arch/powerpc/platforms/85xx/Kconfig ++++ b/arch/powerpc/platforms/85xx/Kconfig +@@ -92,6 +92,16 @@ config WS_AP3825I + This board is a Concurrent Dual-Band wireless access point with a + Freescale P1020 SoC. + ++config FIREBOX_T10 ++ bool "Watchguard Firebox T10" ++ select DEFAULT_UIMAGE ++ select ARCH_REQUIRE_GPIOLIB ++ select GPIO_MPC8XXX ++ help ++ This option enables support for the Watchguard Firebox T10 board. ++ This board is a VPN Gateway-Router with a ++ Freescale P1010 SoC. ++ + config MPC8540_ADS + bool "Freescale MPC8540 ADS" + select DEFAULT_UIMAGE +--- a/arch/powerpc/platforms/85xx/Makefile ++++ b/arch/powerpc/platforms/85xx/Makefile +@@ -28,6 +28,7 @@ obj-$(CONFIG_PANDA) += panda.o + obj-$(CONFIG_TWR_P102x) += twr_p102x.o + obj-$(CONFIG_WS_AP3710I) += ws-ap3710i.o + obj-$(CONFIG_WS_AP3825I) += ws-ap3825i.o ++obj-$(CONFIG_FIREBOX_T10) += firebox_t10.o + obj-$(CONFIG_CORENET_GENERIC) += corenet_generic.o + obj-$(CONFIG_FB_FSL_DIU) += t1042rdb_diu.o + obj-$(CONFIG_RED_15W_REV1) += red15w_rev1.o diff --git a/target/linux/mpc85xx/patches-5.15/108-powerpc-85xx-firebox-t10-support.patch.patch b/target/linux/mpc85xx/patches-5.15/108-powerpc-85xx-firebox-t10-support.patch.patch new file mode 100644 index 0000000000..b074113eaa --- /dev/null +++ b/target/linux/mpc85xx/patches-5.15/108-powerpc-85xx-firebox-t10-support.patch.patch @@ -0,0 +1,29 @@ +--- a/arch/powerpc/platforms/85xx/Kconfig ++++ b/arch/powerpc/platforms/85xx/Kconfig +@@ -92,6 +92,16 @@ config WS_AP3825I + This board is a Concurrent Dual-Band wireless access point with a + Freescale P1020 SoC. + ++config FIREBOX_T10 ++ bool "Watchguard Firebox T10" ++ select DEFAULT_UIMAGE ++ select ARCH_REQUIRE_GPIOLIB ++ select GPIO_MPC8XXX ++ help ++ This option enables support for the Watchguard Firebox T10 board. ++ This board is a VPN Gateway-Router with a ++ Freescale P1010 SoC. ++ + config MPC8540_ADS + bool "Freescale MPC8540 ADS" + select DEFAULT_UIMAGE +--- a/arch/powerpc/platforms/85xx/Makefile ++++ b/arch/powerpc/platforms/85xx/Makefile +@@ -28,6 +28,7 @@ obj-$(CONFIG_PANDA) += panda.o + obj-$(CONFIG_TWR_P102x) += twr_p102x.o + obj-$(CONFIG_WS_AP3710I) += ws-ap3710i.o + obj-$(CONFIG_WS_AP3825I) += ws-ap3825i.o ++obj-$(CONFIG_FIREBOX_T10) += firebox_t10.o + obj-$(CONFIG_CORENET_GENERIC) += corenet_generic.o + obj-$(CONFIG_FB_FSL_DIU) += t1042rdb_diu.o + obj-$(CONFIG_RED_15W_REV1) += red15w_rev1.o -- 2.30.2