cloud_discovery: Track and persist discovery method

Adds support for recording the method used to discover the cloud controller (e.g. DHCP, FLASH, OpenLAN). The selected method records the current date and time along with the discovery method into "/etc/ucentral/discovery.state.json". The date is stored in epoch format. Fixed: WIFI-14966 Signed-off-by: Marek Kwaczynski <marek@shasta.cloud>
wireless-regdb: disable channel 14 in JP
2025-10-29 09:32:34 +00:00 · 2025-08-08 18:57:08 +02:00 · 2025-08-07 14:51:33 +02:00 · 2025-08-06 16:23:57 +02:00 · 2025-08-06 11:03:59 +02:00 · 2025-08-06 10:54:55 +02:00
9 changed files with 154 additions and 13 deletions
--- a/feeds/ipq807x_v5.4/ipq50xx/base-files/lib/upgrade/platform.sh
+++ b/feeds/ipq807x_v5.4/ipq50xx/base-files/lib/upgrade/platform.sh
@@ -107,29 +107,42 @@ platform_do_upgrade() {

 	board=$(board_name)
 	case $board in
-	glinet,b3000|\
 	edgecore,oap101|\
 	edgecore,oap101-6e|\
 	edgecore,oap101e|\
 	edgecore,oap101e-6e|\
 	edgecore,eap104)
+		if [ "$(find_mtd_chardev rootfs)" ]; then
+			CI_UBIPART="rootfs"
+		else
+			if grep -q rootfs1 /proc/cmdline; then
+				CI_UBIPART="rootfs2"
+				CI_FWSETENV="active 2"
+			else
+				CI_UBIPART="rootfs1"
+				CI_FWSETENV="active 1"
+			fi
+		fi
+		nand_upgrade_tar "$1"
+		;;
+	glinet,b3000)
 		CI_UBIPART="rootfs1"
 		[ "$(find_mtd_chardev rootfs)" ] && CI_UBIPART="rootfs"
 		nand_upgrade_tar "$1"
 		;;
-        hfcl,ion4x_w|\
+	hfcl,ion4x_w|\
 	hfcl,ion4xi_w)
-                wp_part=$(fw_printenv primary | cut  -d = -f2)
-                echo "Current Primary is $wp_part"
-                if [[ $wp_part == 1 ]]; then
-                        CI_UBIPART="rootfs"
-                        CI_FWSETENV="primary 0"
-                else
-                        CI_UBIPART="rootfs_1"
-                        CI_FWSETENV="primary 1"
-                fi
-                nand_upgrade_tar "$1"
-                ;;
+		wp_part=$(fw_printenv primary | cut  -d = -f2)
+		echo "Current Primary is $wp_part"
+		if [[ $wp_part == 1 ]]; then
+				CI_UBIPART="rootfs"
+				CI_FWSETENV="primary 0"
+		else
+				CI_UBIPART="rootfs_1"
+				CI_FWSETENV="primary 1"
+		fi
+		nand_upgrade_tar "$1"
+		;;
 	cig,wf186w|\
 	cig,wf186h|\
 	emplus,wap385c|\
--- a/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap7110c-341x.dts
+++ b/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap7110c-341x.dts
@@ -31,6 +31,20 @@
 		stdout-path = "serial0";
 	};

+	reserved-memory {
+		#address-cells = <2>;
+		#size-cells = <2>;
+		ranges;
+
+		ramoops@49c00000 {
+			compatible = "ramoops";
+			reg = <0x0 0x49c00000 0x0 0x100000>;
+			record-size = <0x20000>;
+			console-size = <0x20000>;
+			pmsg-size = <0x20000>;
+		};
+	};
+
 	soc@0 {
 		mdio:mdio@90000 {
 			pinctrl-0 = <&mdio1_pins>;
--- a/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap750e-h.dts
+++ b/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap750e-h.dts
@@ -190,6 +190,14 @@
 		/delete-node/ wcnss@4a900000;
 		/delete-node/ q6_caldb_region@4ce00000;

+		ramoops@49c00000 {
+			compatible = "ramoops";
+			reg = <0x0 0x49c00000 0x0 0x100000>;
+			record-size = <0x20000>;
+			console-size = <0x20000>;
+			pmsg-size = <0x20000>;
+		};
+
 		q6_mem_regions: q6_mem_regions@4A900000  {
 		        no-map;
 		        reg = <0x0 0x4A900000 0x0 0x5100000>;
--- a/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap750e-s.dts
+++ b/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap750e-s.dts
@@ -190,6 +190,14 @@
 		/delete-node/ wcnss@4a900000;
 		/delete-node/ q6_caldb_region@4ce00000;

+		ramoops@49c00000 {
+			compatible = "ramoops";
+			reg = <0x0 0x49c00000 0x0 0x100000>;
+			record-size = <0x20000>;
+			console-size = <0x20000>;
+			pmsg-size = <0x20000>;
+		};
+
 		q6_mem_regions: q6_mem_regions@4A900000  {
 		        no-map;
 		        reg = <0x0 0x4A900000 0x0 0x5100000>;
--- a/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap750w-311a.dts
+++ b/feeds/qca-wifi-7/ipq53xx/dts/ipq5332-sonicfi-rap750w-311a.dts
@@ -190,6 +190,14 @@
 		/delete-node/ wcnss@4a900000;
 		/delete-node/ q6_caldb_region@4ce00000;

+		ramoops@49c00000 {
+			compatible = "ramoops";
+			reg = <0x0 0x49c00000 0x0 0x100000>;
+			record-size = <0x20000>;
+			console-size = <0x20000>;
+			pmsg-size = <0x20000>;
+		};
+
 		q6_mem_regions: q6_mem_regions@4A900000  {
 		        no-map;
 		        reg = <0x0 0x4A900000 0x0 0x5100000>;
--- a/feeds/tip/cloud_discovery/files/etc/init.d/cloud_discover
+++ b/feeds/tip/cloud_discovery/files/etc/init.d/cloud_discover
@@ -22,6 +22,19 @@ start_service() {
 	[ "$valid" == "true" ] || 
 		/usr/share/ucentral/ucentral.uc /etc/ucentral/ucentral.cfg.0000000001 > /dev/null

+	est_client check
+	[ $? -eq 1 ] && {
+		logger ERROR
+		logger ERROR
+		logger ERROR
+		logger The certificate used has a CN that does not match the serial of the device
+		echo The certificate used has a CN that does not match the serial of the device
+		logger ERROR
+		logger ERROR
+		logger ERROR
+		return
+	}
+
 	procd_open_instance
 	procd_set_param command "$PROG"
 	procd_set_param respawn
--- a/feeds/tip/cloud_discovery/files/usr/bin/cloud_discovery
+++ b/feeds/tip/cloud_discovery/files/usr/bin/cloud_discovery
@@ -15,9 +15,14 @@ const ONLINE = 2;
 const OFFLINE = 3;
 const ORPHAN = 4;

+const DISCOVER_DHCP = "DHCP";
+const DISCOVER_FLASH = "FLASH";
+const DISCOVER_LOOKUP = "OpenLAN";
+
 let ubus = libubus.connect();
 let uci = libuci.cursor();
 let state = DISCOVER;
+let discovery_method = "";
 let validate_time;
 let offline_time;
 let orphan_time;
@@ -78,6 +83,14 @@ function gateway_load() {
 	return readjsonfile('/etc/ucentral/gateway.json');
 }

+function discovery_state_write() {
+	let discovery_state = {
+		"type": discovery_method,
+		"updated": time()
+	};
+	fs.writefile('/etc/ucentral/discovery.state.json', discovery_state);
+}
+
 function gateway_write(data) {
 	let gateway = gateway_load();
 	gateway ??= {};
@@ -130,6 +143,7 @@ function set_state(set) {
 		if (prev == VALIDATING) {
 			ulog(LOG_INFO, 'Setting cloud controller to validated\n');
 			gateway_write({ valid: true });
+			discovery_state_write();
 		}
 		break;

@@ -227,15 +241,18 @@ function interval_handler() {
 		if (!time_is_valid())
 			return;

+		discovery_method = DISCOVER_DHCP;
 		if (discover_dhcp())
 			return;

 		if (system('/usr/bin/est_client enroll'))
 			return;

+		discovery_method = DISCOVER_FLASH;
 		if (!discover_flash())
 			return;

+		discovery_method = DISCOVER_LOOKUP;
 		redirector_lookup();
 		break;

--- a/feeds/tip/cloud_discovery/files/usr/bin/est_client
+++ b/feeds/tip/cloud_discovery/files/usr/bin/est_client
@@ -4,6 +4,7 @@

 import { ulog_open, ulog, ULOG_SYSLOG, ULOG_STDIO, LOG_DAEMON, LOG_INFO } from 'log';
 import * as fs from 'fs';
+import * as libuci from 'uci';

 let store_operational_pem = false;
 let store_operational_ca = false;
@@ -139,6 +140,9 @@ function load_operational_ca() {
 }

 function fwtool() {
+	if (!fs.stat('/etc/ucentral/cert.pem'))
+		return 0;
+
 	let pipe = fs.popen(`openssl x509 -in /etc/ucentral/cert.pem -noout -issuer`);
 	let issuer = pipe.read("all");
 	pipe.close();
@@ -163,6 +167,20 @@ function fwtool() {
 	return 0;
 }

+function check_cert() {
+	if (!fs.stat('/etc/ucentral/cert.pem'))
+		return 0;
+	let pipe = fs.popen("openssl x509 -in /etc/ucentral/cert.pem  -noout -subject -nameopt multiline | grep commonName | awk '{ print $3 }'");
+	let cn = pipe.read("all");
+	pipe.close();
+	if (!cn)
+		return 0;
+	cn = lc(trim(cn));
+	let uci = libuci.cursor();
+	let serial = uci.get('ucentral', 'config', 'serial');
+	return cn != serial;
+}
+
 switch(ARGV[0]) {
 case 'enroll':
 	let ret = simpleenroll();
@@ -184,4 +202,7 @@ case 'reenroll':

 case 'fwtool':
 	exit(fwtool());
+
+case 'check':
+	exit(check_cert());
 }
--- a/patches/0099-wireless-regdb-fix-channel-14-in-JP.patch
+++ b/patches/0099-wireless-regdb-fix-channel-14-in-JP.patch
@@ -0,0 +1,39 @@
+From d0a0f0304f292a40f2fcdd20b320089627b0f05f Mon Sep 17 00:00:00 2001
+From: John Crispin <john@phrozen.org>
+Date: Thu, 7 Aug 2025 14:50:51 +0200
+Subject: [PATCH] wireless-regdb: fix channel 14 in JP
+
+Signed-off-by: John Crispin <john@phrozen.org>
+---
+ .../patches/200-jp-no-channel-14.patch        | 19 +++++++++++++++++++
+ 1 file changed, 19 insertions(+)
+ create mode 100644 package/firmware/wireless-regdb/patches/200-jp-no-channel-14.patch
+
+diff --git a/package/firmware/wireless-regdb/patches/200-jp-no-channel-14.patch b/package/firmware/wireless-regdb/patches/200-jp-no-channel-14.patch
+new file mode 100644
+index 0000000000..ea1411cfdd
+--- /dev/null
+++ b/package/firmware/wireless-regdb/patches/200-jp-no-channel-14.patch
+@@ -0,0 +1,19 @@
+--- a/db.txt
++++ b/db.txt
+@@ -16,8 +16,6 @@ country 00:
+ 	(2402 - 2472 @ 40), (20)
+ 	# Channel 12 - 13.
+ 	(2457 - 2482 @ 20), (20), NO-IR, AUTO-BW
+-	# Channel 14. Only JP enables this and for 802.11b only
+-	(2474 - 2494 @ 20), (20), NO-IR, NO-OFDM
+ 	# Channel 36 - 48
+ 	(5170 - 5250 @ 80), (20), AUTO-BW
+ 	# Channel 52 - 64
+@@ -945,7 +943,6 @@ country JO: DFS-JP
+ # https://www.soumu.go.jp/main_content/000833682.pdf
+ country JP: DFS-JP
+ 	(2402 - 2482 @ 40), (20)
+-	(2474 - 2494 @ 20), (20), NO-OFDM
+ 	(4910 - 4990 @ 40), (23)
+ 	(5170 - 5250 @ 80), (20), AUTO-BW
+ 	(5250 - 5330 @ 80), (20), DFS, AUTO-BW
+-- 
+2.34.1
+
Author	SHA1	Message	Date
Marek Kwaczynski	ff398c7b28	cloud_discovery: Track and persist discovery method Adds support for recording the method used to discover the cloud controller (e.g. DHCP, FLASH, OpenLAN). The selected method records the current date and time along with the discovery method into "/etc/ucentral/discovery.state.json". The date is stored in epoch format. Fixed: WIFI-14966 Signed-off-by: Marek Kwaczynski <marek@shasta.cloud>	2025-08-08 18:57:08 +02:00
John Crispin	68dfd58303	wireless-regdb: disable channel 14 in JP Fixes: WIFI-14962 Signed-off-by: John Crispin <john@phrozen.org>	2025-08-07 14:51:33 +02:00
John Crispin	6ba26cba2b	est_client: add a function to validate that the CN is correct cloud_discovery will not start if the CN does not match the devices serial. an error will be written to syslog --- Wed Aug 6 14:23:23 2025 user.notice root: ERROR Wed Aug 6 14:23:23 2025 user.notice root: ERROR Wed Aug 6 14:23:23 2025 user.notice root: ERROR Wed Aug 6 14:23:23 2025 user.notice root: The certificate used has a CN that does not match the serial of the device Wed Aug 6 14:23:23 2025 user.notice root: ERROR Wed Aug 6 14:23:23 2025 user.notice root: ERROR Wed Aug 6 14:23:23 2025 user.notice root: ERROR --- Signed-off-by: John Crispin <john@phrozen.org>	2025-08-06 16:23:57 +02:00
John Crispin	b5b276bfcc	est_client: check if a cert is present inside the fwtool helper This was causing devices without a birt cert being present from doing a sysupgrade. Signed-off-by: John Crispin <john@phrozen.org>	2025-08-06 11:03:59 +02:00
Tanya Singh	de7dc7e01a	ipq50xx: Fix bootbank switching when firmware upgrade is triggered for Edgecore EAP104 and OAP101 series Fixes: WIFI-14957 Signed-off-by: Tanya Singh <tanya_singh@accton.com>	2025-08-06 10:54:55 +02:00
jackcybertan	a967d67af3	qca-wifi-7: Added ramoops support for SonicFi IPQ5332 devices Fixes: WIFI-14869 Signed-off-by: jackcybertan <jack.tsai@cybertan.com.tw>	2025-08-06 10:53:52 +02:00