[WIP][RFT] generic: platform/mikrotik: add wlan lz77 decompress #5
Conversation
target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig_lz77.h
Outdated
Show resolved
Hide resolved
| */ | ||
| #define LZ77_MK_MAX_COUNT_BIT_LEN 27 | ||
|
|
||
| #ifdef CONFIG_CPU_LITTLE_ENDIAN |
There was a problem hiding this comment.
| #ifdef CONFIG_CPU_LITTLE_ENDIAN | |
| #if defined (CONFIG_CPU_LITTLE_ENDIAN) || defined(CONFIG_ARCH_IPQ40XX) |
ipq40xx does not set CONFIG_CPU_LITTLE_ENDIAN
There was a problem hiding this comment.
I think it does in the final kernel config
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
4 times, most recently
from
d9ac436
to
4ad1fd7
Compare
|
The latest push is tested on Mikrotik Chateau-12LTE (ipq4019). Both radios are working, driver does load the firmware with BDF/CAL properly, WLAN MACs are also correct. Test is conducted on Routerboot_v7 with the required additional patches. Dmesg is completely fine, no errors or weird messages.
If you want you can use my "tested by" tag: |
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
4 times, most recently
from
c0fc59e
to
8a8e313
Compare
|
Hopefully no functional changes with push, only fixing tidy messages, and fix some checkpatch and sparse warnings |
I can recheck it early next week. |
|
I tested it on ipq4019 (chateau 12) and it still works fine. |
|
@john-tho found a device out of the many that fails at LZ77 decompress: And this is the MTD2 (hard config) dump of the same device: [deleted] |
Okay, thanks, I pulled a copy. In my standalone decompressor, looks like the final group (non-match) bits have some set bits. You could try removing the We should look to see how the Mikrotik binary handles this last group & payload. |
Emulated binary decompressed payload was |
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
from
8a8e313
to
0100a75
Compare
|
@john-tho just to be sure: this does not looks like a potential flash/data corruption to you? I used your patch on about 80 devices from multiple batches of Chateau LTE12 and there was a single one so far which produced this fault. |
Does not look like corrupted flash. If it was, this lz77 decompress would fail very differently. Just extra set bits after the last (non) match group. |
Tested your latest modifications on the affected device, and now it works without any errors. |
|
How little endian is this decompression code? I have two ath79 based device (921GS-5HPacD-19s - one of their newer sectors) and one boots fine while the other doesn't load the firmware. I was thinking this compression scheme might be the problem there also? However this device is big endian so I wondered how portable it was? [Edit] [Edit 2] |
Ha! Colour me surprised. I was not expecting to see this used on MIPS. Many thanks for the new data and testing Tim. I guess, because the compressed data is read one bit at a time, that should have been the only place where endian-ness mattered. If you could, I would appreciate you detailing the backup RouterBOOT version so we might be able to piece together some idea of when this started: Okay, I will adjust the Cheers. |
|
The output from that cat command: |
|
@john-tho just checked the LZ77 and routeros-v7 patches on the new 6.1.55 kernel for IPQ4019 and it seems to work correctly. |
|
The patch works for me with a MikroTik hAP ac3. |
ipq40xx/mikrotik: adds wlan/WiFi lz77 decompress Fixes the no wireless issue for the MikroTik RouterBOARD hAP ac3 with lz77 compression Applies the patch from john-tho to which works fine on my hAP ac3 (RBD53iG-5HacD2HnD). john-tho#5 https://forum.openwrt.org/t/no-wireless-mikrotik-rbd53ig-5hacd2hnd/157763 https://forum.openwrt.org/t/lz77-in-mikrotik/91696 modified: target/linux/generic/files/drivers/platform/mikrotik/Makefile modified: target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig.c new file: target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig_lz77.c new file: target/linux/generic/files/drivers/platform/mikrotik/rb_hardconfig_lz77.h modified: target/linux/generic/files/drivers/platform/mikrotik/routerboot.h
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
12 times, most recently
from
80a8302
to
27d8dd2
Compare
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
2 times, most recently
from
bdb2027
to
32f0702
Compare
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
4 times, most recently
from
04849db
to
ef6d0e9
Compare
|
Hi @aanon4,
I am gradually getting this together for upstream OpenWrt (openwrt#15774), and have made a few small changes to the code. I would be interested to see if you could try out this updated code, and/or email me a copy of
There are a number of Mikrotik ath79 devices with ath10k pcie cards, and I have not noticed any other OpenWrt forum or issue reports of no 5GHz Wi-Fi on them (but for some time they have had more modern replacements). My guess now is that this may occur (for ath79) if calibration data is updated (guessing in RouterOS update) for US devices to enable U-NII 2 frequency ranges, or recent factory flashes. |
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
2 times, most recently
from
b69f8ed
to
6ef2e0a
Compare
@john-tho Unfortunately this is tricky. I work on the AREDN project which is built on top of OpenWRT. As such the radio in question is currently at the top of a tower at the top of a mountain. I can't really run test code on it because ... well ... getting to it if fails is a massive pain. |
Haha, yes, no worries, kind of expected this. I too have not-so-easily-accessible devices. Lab test devices are boring, field tests (or deploys) are much more interesting. |
john-tho
force-pushed
the
mikrotik_wlan_lz77
branch
4 times, most recently
from
79bc65f
to
9132270
Compare
A number of new (or with recently updated caldata)
Mikrotik devices are using LZ77 magic for wlan tag hard_config data.
New devices include the Chateau LTE12 [1], and ax devices [2]
Newly factory flashed devices may include the hap ac3 [3]
This can be seen in decoded OEM supout [4] dmesg:
"radio data lz77 decompressed from"…
Investigating an arm RouterOS flash.ko module, and supplied example
hard_config dumps, the format was guessed via decompilation and live
debugging [5]. This decoder was then built from the guessed format
specification.
debug prints can be enabled in a DYNAMIC_DEBUG kernel build via the
kernel cmdline:
chosen {
- bootargs = "console=ttyS0,115200";
+ bootargs = "console=ttyS0,115200 dyndbg=\"file drivers/platform/mikrotik/* +p\"";
};
[1]: https://forum.openwrt.org/t/no-wireless-mikrotik-rbd53ig-5hacd2hnd/157763/4
[2]: https://forum.openwrt.org/t/mikrotik-routeros-v7-x-and-openwrt-sysupgrade/148072/17
[3]: https://forum.openwrt.org/t/adding-support-for-mikrotik-hap-ax2/133715/47
[4]: https://github.com/farseeker/go-mikrotik-rif
[5]: https://github.com/john-tho/routeros-wlan-lz77-decode
Signed-off-by: John Thomson <[email protected]>
Link: openwrt#15774
Signed-off-by: Robert Marko <[email protected]>
robimarko
force-pushed
the
mikrotik_wlan_lz77
branch
from
9132270
to
7d33aed
Compare
usual disclaimer: expect your device to halt and catch fire…
very rough attempt to decode lz77; rough, excessively verbose, and entirely unoptimised.
A number of new (or newly factory flashed) Mikrotik devices are using LZ77 magic for wlan tag hard_config data.
New devices include the Chateau LTE12 1, and ax devices 2 Newly factory flashed devices may include the hap ac3 3
This can be seen in decoded OEM supout 4 dmesg:
"radio data lz77 decompressed from"…
Investigating an arm RouterOS flash.ko module, and supplied example hard_config dumps, the format was determined via 5.