Hi.
I went on aliexpress and got a print server that sucks, how ever i open it up and sow 16mb winboard flash
64mb ram and mt7688an processor that in the boot log appears as a mt7628.
I downloaded the original firmware and try to unpack it, and fount that this is made using openwrt v14.07
DISTRIB_ID="OpenWrt"
DISTRIB_RELEASE="Barrier Breaker"
DISTRIB_REVISION="r2116"
DISTRIB_CODENAME="barrier_breaker"
DISTRIB_TARGET="ramips/generic"
DISTRIB_DESCRIPTION="OpenWrt Barrier Breaker 14.07"
DISTRIB_TAINTS="no-all busybox"
[00][00][00][03060D09][03060D0B]
DDR Calibration DQS reg = 00008887
U-Boot 1.1.3 (May 29 2019 - 14:47:14)
Board: Ralink APSoC DRAM: 64 MB
mtk gpio init : BTN_RST pin 38.
relocate_code Pointer at: 83f98000
flash manufacture id: ef, device id 40 18
find flash: W25Q128BV
*** Warning - bad CRC, using default environment
============================================
Ralink UBoot Version: 5.0.3.0-148
--------------------------------------------
ASIC 7628_MP (Port5<->None)
DRAM component: 512 Mbits DDR, width 16
DRAM bus: 16 bit
Total memory: 64 MBytes
Flash component: SPI Flash
Date:May 29 2019 Time:14:47:14
============================================
icache: sets:512, ways:4, linesz:32 ,total:65536
dcache: sets:256, ways:4, linesz:32 ,total:32768
##### The CPU freq = 575 MHZ ####
estimate memory size =64 Mbytes
RESET MT7628 PHY!!!!!!
Press press RST button for more than 2 seconds to run web failsafe mode
RST button is pressed for: 0 second(s)
Catution: RST button wasn't pressed or not long enough!
Continuing normal boot...
Waitting for network init complete : 0
regValue=[0x83808301]
Port0 Link UP!
Trying Eth0 (10/100-M)
Waitting for RX_DMA_BUSY status Start... done
ETH_STATE_ACTIVE!!
checksum bad
checksum bad
checksum bad
checksum bad
checksum bad
checksum bad
checksum bad
checksum bad
checksum bad
Please choose the operation:
1: Load system code to SDRAM via TFTP.
2: Load system code then write to Flash via TFTP.
3: Boot system code via Flash (default).
4: Entr boot command line interface.
6: Load Flash code then burn to Flash via TFTP.
7: Load Boot Loader code then write to Flash via Serial.
9: Load Boot Loader code then write to Flash via TFTP.
default:
0
3: System Boot system code via Flash.
## Booting image at bc050000 ...
Image Name: C8B560RP-2116
Image Type: MIPS Linux Kernel Image (lzma compressed)
Data Size: 1361230 Bytes = 1.3 MB
Load Address: 80000000
Entry Point: 80000000
Verifying Checksum ... OK
Uncompressing Kernel Image ... OK
No initrd
## Transferring control to Linux (at address 80000000) ...
## Giving linux memsize in MB, 64
Starting kernel ...
LINUX started...
THIS IS ASIC
SDK 5.0.S.0
[ 0.000000] Linux version 3.10.14 (release@carystudio) (gcc version 4.8.3 (OpenWrt/Linaro GCC 4.8-2014.04 r2105) ) #1 Thu Oct 10 15:00:10 CST 2019
[ 0.000000]
[ 0.000000] The CPU feqenuce set to 575 MHz
[ 0.000000] CPU0 revision is: 00019655 (MIPS 24KEc)
[ 0.000000] Software DMA cache coherency
[ 0.000000] Determined physical RAM map:
[ 0.000000] memory: 04000000 @ 00000000 (usable)
[ 0.000000] Initrd not found or empty - disabling initrd
[ 0.000000] Zone ranges:
[ 0.000000] Normal [mem 0x00000000-0x03ffffff]
[ 0.000000] Movable zone start for each node
[ 0.000000] Early memory node ranges
[ 0.000000] node 0: [mem 0x00000000-0x03ffffff]
[ 0.000000] Primary instruction cache 64kB, 4-way, VIPT, linesize 32 bytes.
[ 0.000000] Primary data cache 32kB, 4-way, PIPT, no aliases, linesize 32 bytes
[ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pages: 16256
[ 0.000000] Kernel command line: console=ttyS1,57600n8 root=/dev/mtdblock5 rootfstype=squashfs,jffs2
[ 0.000000] PID hash table entries: 256 (order: -2, 1024 bytes)
[ 0.000000] Dentry cache hash table entries: 8192 (order: 3, 32768 bytes)
[ 0.000000] Inode-cache hash table entries: 4096 (order: 2, 16384 bytes)
[ 0.000000] Writing ErrCtl register=0007abef
[ 0.000000] Readback ErrCtl register=0007abef
[ 0.000000] Memory: 60828k/65536k available (2992k kernel code, 4708k reserved, 702k data, 208k init, 0k highmem)
[ 0.000000] NR_IRQS:128
[ 0.000000] console [ttyS1] enabled
[ 0.096000] Calibrating delay loop... 382.46 BogoMIPS (lpj=764928)
[ 0.128000] pid_max: default: 32768 minimum: 301
[ 0.132000] Mount-cache hash table entries: 512
[ 0.136000] NET: Registered protocol family 16
[ 0.140000] RALINK_GPIOMODE = 55054484
[ 0.144000] RALINK_GPIOMODE = 55044484
[ 0.244000] ***** Xtal 25MHz *****
[ 0.248000] start PCIe register access
[ 0.748000] RALINK_RSTCTRL = 2400000
[ 0.752000] RALINK_CLKCFG1 = fdbfffc0
[ 0.756000]
[ 0.756000] *************** MT7628 PCIe RC mode *************
[ 1.256000] PCIE0 no card, disable it(RST&CLK)
[ 1.284000] bio: create slab <bio-0> at 0
[ 1.288000] usbcore: registered new interface driver usbfs
[ 1.292000] usbcore: registered new interface driver hub
[ 1.296000] usbcore: registered new device driver usb
[ 1.300000] Switching to clocksource MIPS
[ 1.304000] NET: Registered protocol family 2
[ 1.316000] TCP established hash table entries: 512 (order: 0, 4096 bytes)
[ 1.328000] TCP bind hash table entries: 512 (order: -1, 2048 bytes)
[ 1.340000] TCP: Hash tables configured (established 512 bind 512)
[ 1.352000] TCP: reno registered
[ 1.360000] UDP hash table entries: 256 (order: 0, 4096 bytes)
[ 1.372000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes)
[ 1.384000] NET: Registered protocol family 1
[ 1.392000] MTK/Ralink EHCI/OHCI init.
[ 1.404000] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[ 1.416000] ufsd: driver (8.6, Oct 10 2019 14:59:32, LBD=OFF, delalloc, ioctl, bdi) loaded at (null)
[ 1.416000] NTFS (with native replay) support included
[ 1.416000] optimized: speed
[ 1.416000] Built_for__Asus_n65u_2012-03-29
[ 1.416000]
[ 1.460000] jffs2: version 2.2. (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORITY) (c) 2001-2006 Red Hat, Inc.
[ 1.480000] msgmni has been set to 118
[ 1.488000] io scheduler noop registered (default)
[ 1.508000] Serial: 8250/16550 driver, 2 ports, IRQ sharing disabled
[ 1.520000] serial8250: ttyS0 at MMIO 0x10000d00 (irq = 21) is a 16550A
[ 1.532000] serial8250: ttyS1 at MMIO 0x10000c00 (irq = 20) is a 16550A
[ 1.548000] Ralink gpio driver initialized
[ 1.556000] flash manufacture id: ef, device id 40 18
[ 1.568000] W25Q128BV(ef 40180000) (16384 Kbytes)
[ 1.576000] mtd .name = raspi, .size = 0x01000000 (16M) .erasesize = 0x00010000 (64K) .numeraseregions = 0
[ 1.596000] Creating 6 MTD partitions on "raspi":
[ 1.604000] 0x000000000000-0x000001000000 : "ALL"
[ 1.616000] 0x000000000000-0x000000030000 : "Bootloader"
[ 1.628000] 0x000000030000-0x000000040000 : "Config"
[ 1.640000] 0x000000040000-0x000000050000 : "Factory"
[ 1.652000] 0x000000050000-0x000000f00000 : "firmware"
[ 1.664000] 0x00000019c58e-0x000000f00000 : "rootfs"
[ 1.672000] mtd: partition "rootfs" must either start or end on erase block boundary or be smaller than an erase block -- forcing read-only
[ 1.700000] mtd: partition "rootfs_data" created automatically, ofs=0xad0000, len=0x430000
[ 1.716000] 0x000000ad0000-0x000000f00000 : "rootfs_data"
[ 1.728000] 0x000000f00000-0x000001000000 : "user-data"
[ 1.740000] GMAC1_MAC_ADRH -- : 0x0000144d
[ 1.748000] GMAC1_MAC_ADRL -- : 0x6779bd20
[ 1.756000] Ralink APSoC Ethernet Driver Initilization. v3.1 512 rx/tx descriptors allocated, mtu = 1500!
[ 1.776000] GMAC1_MAC_ADRH -- : 0x0000144d
[ 1.784000] GMAC1_MAC_ADRL -- : 0x6779bd20
[ 1.792000] PROC INIT OK!
[ 1.796000] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[ 1.812000] ehci-pci: EHCI PCI platform driver
[ 1.820000] ehci-platform: EHCI generic platform driver
[ 1.848000] ******MT7628 mtk phy
[ 1.856000] *****run project phy.
[ 1.872000] FM_OUT value: u4FmOut = 0(0x00000000)
[ 1.888000] FM_OUT value: u4FmOut = 126(0x0000007E)
[ 1.896000] FM detection done! loop = 1
[ 1.912000] SR calibration value u1SrCalVal = 7
[ 1.920000] *********Execute mt7628_phy_init!!
[ 1.928000] ehci-platform ehci-platform: EHCI Host Controller
[ 1.940000] ehci-platform ehci-platform: new USB bus registered, assigned bus number 1
[ 1.956000] ehci-platform ehci-platform: irq 18, io mem 0x101c0000
[ 1.980000] ehci-platform ehci-platform: USB 2.0 started, EHCI 1.00
[ 1.992000] hub 1-0:1.0: USB hub found
[ 2.000000] hub 1-0:1.0: 1 port detected
[ 2.008000] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[ 2.040000] *********Execute mt7628_phy_init!!
[ 2.048000] ohci-platform ohci-platform: Generic Platform OHCI Controller
[ 2.060000] ohci-platform ohci-platform: new USB bus registered, assigned bus number 2
[ 2.076000] ohci-platform ohci-platform: irq 18, io mem 0x101c1000
[ 2.148000] hub 2-0:1.0: USB hub found
[ 2.156000] hub 2-0:1.0: 1 port detected
[ 2.164000] gre: GRE over IPv4 demultiplexor driver
[ 2.172000] TCP: cubic registered
[ 2.180000] NET: Registered protocol family 10
[ 2.188000] NET: Registered protocol family 17
[ 2.200000] 8021q: 802.1Q VLAN Support v1.8
[ 2.208000] registered taskstats version 1
[ 2.220000] VFS: Mounted root (squashfs filesystem) readonly on device 31:5.
[ 2.236000] Freeing unused kernel memory: 208K (8039c000 - 803d0000)
procd: Console is alive
[ 3.804000] SCSI subsystem initialized
[ 3.820000] uhci_hcd: USB Universal Host Controller Interface driver
procd: - preinit -
[ 4.756000] 14:4D:67:79:FFFFFFBD:20
[ 4.760000] Raeth v3.1 (Tasklet,SkbRecycle)
[ 4.772000]
[ 4.772000] phy_tx_ring = 0x03454000, tx_ring = 0xa3454000
[ 4.784000]
[ 4.784000] phy_rx_ring0 = 0x03456000, rx_ring0 = 0xa3456000
[ 4.816000] GMAC1_MAC_ADRH -- : 0x0000144d
[ 4.824000] GMAC1_MAC_ADRL -- : 0x6779bd20
[ 4.832000] RT305x_ESW: Link Status Changed
Press the [f] key and hit [enter] to enter failsafe mode
Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level
[ 7.920000] RT305x_ESW: Link Status Changed
jffs2 is ready
No jffs2 marker was found
[ 8.192000] jffs2: notice: (247) jffs2_build_xattr_subsystem: complete building xattr subsystem, 3 of xdatum (0 unchecked, 2 orphan) and 66 of xref (0 dead, 57 orphan) found.
switching to overlay
check jffs2 magic: 85190320
[ 8.252000] ra2880stop()...Done
[ 8.260000] Free TX/RX Ring Memory!
procd: - early -
procd: - ubus -
procd: - init -
Please press Enter to activate this console.
[ 10.408000] nf_conntrack version 0.5.0 (953 buckets, 3812 max)
[ 10.424000] ip6_tables: (C) 2000-2006 Netfilter Core Team
[ 10.444000] ip_tables: (C) 2000-2006 Netfilter Core Team
[ 10.456000] Type=Linux
[ 10.472000] Ralink APSoC Hardware Watchdog Timer
[ 10.484000] rdm_major = 253
[ 10.492000] usbcore: registered new interface driver usblp
[ 10.520000] xt_time: kernel timezone is -0000
[ 10.536000] PPP generic driver version 2.4.2
[ 10.548000] NET: Registered protocol family 24
[ 12.248000] led=46, on=1, off=4000, blinks,=1, reset=1, time=4000
[ 15.428000] jffs2: notice: (744) jffs2_build_xattr_subsystem: complete building xattr subsystem, 0 of xdatum (0 unchecked, 0 orphan) and 0 of xref (0 dead, 0 orphan) found.
[ 17.824000] 14:4D:67:79:FFFFFFBD:20
[ 17.832000] Raeth v3.1 (Tasklet,SkbRecycle)
[ 17.840000]
[ 17.840000] phy_tx_ring = 0x035f4000, tx_ring = 0xa35f4000
[ 17.856000]
[ 17.856000] phy_rx_ring0 = 0x035f6000, rx_ring0 = 0xa35f6000
[ 17.884000] GMAC1_MAC_ADRH -- : 0x0000144d
[ 17.892000] GMAC1_MAC_ADRL -- : 0x6779bd20
[ 17.900000] RT305x_ESW: Link Status Changed
[ 17.912000] device eth0.1 entered promiscuous mode
[ 17.924000] device eth0 entered promiscuous mode
[ 17.980000] br-lan: port 1(eth0.1) entered forwarding state
[ 17.988000] br-lan: port 1(eth0.1) entered forwarding state
[ 18.132000] device eth0.2 entered promiscuous mode
[ 18.140000] br-lan: port 2(eth0.2) entered forwarding state
[ 18.152000] br-lan: port 2(eth0.2) entered forwarding state
sysntpd.
[ 18.820000] led=46, on=1, off=4000, blinks,=1, reset=1, time=4000
[ 19.992000] br-lan: port 1(eth0.1) entered forwarding state
[ 20.156000] br-lan: port 2(eth0.2) entered forwarding state
[ 20.712000]
[ 20.712000]
[ 20.712000] === pAd = c0711000, size = 1483432 ===
[ 20.712000]
[ 20.728000] <-- RTMPAllocTxRxRingMemory, Status=0, ErrorValue=0x
[ 20.744000] <-- RTMPAllocAdapterBlock, Status=0
[ 20.752000] RtmpChipOpsHook(492): Not support for HIF_MT yet!
[ 20.764000] mt7628_init()-->
[ 20.768000] mt7628_init(FW(8a00), HW(8a01), CHIPID(7628))
[ 20.780000] e2.bin mt7628_init(1117)::(2), pChipCap->fw_len(63056)
[ 20.792000] mt_bcn_buf_init(218): Not support for HIF_MT yet!
[ 20.804000] <--mt7628_init()
[ 20.836000] TX_BCN DESC a2873000 size = 320
[ 20.848000] RX[0] DESC a2877000 size = 2048
[ 20.856000] RX[1] DESC a287a000 size = 1024
[ 20.876000] RT305x_ESW: Link Status Changed
[ 20.908000] E2pAccessMode=1
[ 20.916000] cfg_mode=9
[ 20.920000] cfg_mode=9
[ 20.924000] wmode_band_equal(): Band Equal!
[ 20.936000] APSDCapable[0]=1
[ 20.944000] APSDCapable[1]=1
[ 20.948000] APSDCapable[2]=1
[ 20.956000] APSDCapable[3]=1
[ 20.960000] APSDCapable[4]=1
[ 20.968000] APSDCapable[5]=1
[ 20.972000] APSDCapable[6]=1
[ 20.976000] APSDCapable[7]=1
[ 20.984000] APSDCapable[8]=1
[ 20.988000] APSDCapable[9]=1
[ 20.996000] APSDCapable[10]=1
[ 21.000000] APSDCapable[11]=1
[ 21.008000] APSDCapable[12]=1
[ 21.012000] APSDCapable[13]=1
[ 21.020000] APSDCapable[14]=1
[ 21.024000] APSDCapable[15]=1
[ 21.028000] default ApCliAPSDCapable[0]=1
[ 21.036000] default ApCliAPSDCapable[1]=1
[ 21.248000] Key1Str is Invalid key length(0) or Type(0)
[ 21.256000] Key1Str is Invalid key length(0) or Type(0)
[ 21.268000] Key2Str is Invalid key length(0) or Type(0)
[ 21.280000] Key2Str is Invalid key length(0) or Type(0)
[ 21.288000] Key3Str is Invalid key length(0) or Type(0)
[ 21.300000] Key3Str is Invalid key length(0) or Type(0)
[ 21.312000] Key4Str is Invalid key length(0) or Type(0)
[ 21.320000] Key4Str is Invalid key length(0) or Type(0)
[ 21.388000] RTMPSetDefaultChannel() : default channel to 1
[ 21.400000] load fw image from fw_header_image
[ 21.408000] AndesMTLoadFwMethod1(2174)::pChipCap->fw_len(63056)
[ 21.420000] FW Version:_e2_mp[00][00][00][00]
[ 21.428000] FW Build Date:20150211175503[00]
[ 21.436000] CmdAddressLenReq:(ret = 0)
[ 21.444000] CmdFwStartReq: override = 1, address = 1048576
[ 21.456000] CmdStartDLRsp: WiFI FW Download Success
[ 21.464000] MtAsicDMASchedulerInit(): DMA Scheduler Mode=0(LMAC)
[ 21.476000] efuse_probe: efuse = 10000012
[ 21.484000] RtmpChipOpsEepromHook::e2p_type=1, inf_Type=4
[ 21.496000] RtmpEepromGetDefault::e2p_dafault=2
[ 21.504000] RtmpChipOpsEepromHook: E2P type(2), E2pAccessMode = 1, E2P default = 2
[ 21.520000] NVM is FLASH mode
[ 21.528000] 1. Phy Mode = 14
[ 21.700000] Country Region from e2p = ffff
[ 21.708000] tssi_1_target_pwr_g_band = 35
[ 21.716000] 2. Phy Mode = 14
[ 21.724000] 3. Phy Mode = 14
[ 21.728000] NICInitPwrPinCfg(11): Not support for HIF_MT yet!
[ 21.740000] NICInitializeAsic(651): Not support rtmp_mac_sys_reset () for HIF_MT yet!
[ 21.756000] mt_mac_init()-->
[ 21.760000] MtAsicInitMac()-->
[ 21.768000] mt7628_init_mac_cr()-->
[ 21.776000] MtAsicSetMacMaxLen(1241): Set the Max RxPktLen=1024!
[ 21.788000] <--mt_mac_init()
[ 21.792000] WTBL Segment 1 info:
[ 21.800000] MemBaseAddr/FID:0x28000/0
[ 21.808000] EntrySize/Cnt:32/128
[ 21.812000] WTBL Segment 2 info:
[ 21.820000] MemBaseAddr/FID:0x40000/0
[ 21.828000] EntrySize/Cnt:64/128
[ 21.836000] WTBL Segment 3 info:
[ 21.840000] MemBaseAddr/FID:0x42000/64
[ 21.848000] EntrySize/Cnt:64/128
[ 21.856000] WTBL Segment 4 info:
[ 21.864000] MemBaseAddr/FID:0x44000/128
[ 21.872000] EntrySize/Cnt:32/128
[ 21.876000] AntCfgInit(2876): Not support for HIF_MT yet!
[ 21.888000] MCS Set = ff 00 00 00 01
[ 21.896000] MtAsicSetChBusyStat(826): Not support for HIF_MT yet!
[ 22.328000] CmdSlotTimeSet:(ret = 0)
yunupg_check.
[ 25.656000] SYNC - BBP R4 to 20MHz.l
[ 26.824000] SYNC - BBP R4 to 20MHz.l
[ 28.496000] SYNC - BBP R4 to 20MHz.l
[ 29.476000] SYNC - BBP R4 to 20MHz.l
procd: - init complete -
[ 29.968000] SYNC - BBP R4 to 20MHz.l
[ 30.284000] SYNC - BBP R4 to 20MHz.l
[ 30.600000] SYNC - BBP R4 to 20MHz.l
[ 30.916000] SYNC - BBP R4 to 20MHz.l
[ 31.224000] [PMF]ap_pmf_init:: apidx=0, MFPC=0, MFPR=0, SHA256=0
[ 31.236000] [PMF]ap_pmf_init:: apidx=1, MFPC=0, MFPR=0, SHA256=0
[ 31.248000] [PMF]RTMPMakeRsnIeCap: RSNIE Capability MFPC=0, MFPR=0
[ 31.260000] MtAsicSetRalinkBurstMode(2928): Not support for HIF_MT yet!
[ 31.272000] MtAsicSetPiggyBack(763): Not support for HIF_MT yet!
[ 31.308000] MtAsicSetTxPreamble(2907): Not support for HIF_MT yet!
[ 31.324000] MtAsicAddSharedKeyEntry(1308): Not support for HIF_MT yet!
[ 31.336000] MtAsicSetPreTbtt(): bss_idx=0, PreTBTT timeout = 0xf0
[ 31.348000] Main bssid = 14:4d:67:79:bd:20
[ 31.356000] <==== rt28xx_init, Status=0
[ 31.380000] mt7628_set_ed_cca: TURN OFF EDCCA mac 0x10618 = 0xd7083f0f
[ 31.392000] WiFi Startup Cost (ra0): 10.556s
[ 31.428000] AddTxSType: already registered TxSType (PID = 32, Format = 0
[ 31.440000] ##### mbss_cr_enable, BssId = 1
[ 31.600000] device ra0 entered promiscuous mode
[ 31.608000] br-lan: port 3(ra0) entered forwarding state
[ 31.620000] br-lan: port 3(ra0) entered forwarding state
[ 31.656000] device ra1 entered promiscuous mode
[ 31.704000] br-r1: port 1(ra1) entered listening state
[ 31.712000] br-r1: port 1(ra1) entered listening state
[ 31.724000] IPv6: ADDRCONF(NETDEV_UP): br-r1: link is not ready
[ 31.752000] led=46, on=4000, off=1, blinks,=1, reset=1, time=4000
[ 33.624000] br-lan: port 3(ra0) entered forwarding state
[ 33.716000] br-r1: port 1(ra1) entered learning state
[ 34.260000] device apcli0 entered promiscuous mode
[ 34.616000] led=46, on=4000, off=1, blinks,=1, reset=1, time=4000
[ 34.636000] AddTxSType: already registered TxSType (PID = 33, Format = 0
[ 34.652000] br-lan: port 3(ra0) entered disabled state
[ 35.720000] br-r1: topology change detected, propagating
[ 35.728000] br-r1: port 1(ra1) entered forwarding state
[ 35.740000] IPv6: ADDRCONF(NETDEV_CHANGE): br-r1: link becomes ready
yunupg_check.
[ 37.924000] RT305x_ESW: Link Status Changed
[ 39.584000] RT305x_ESW: Link Status Changed
yunupg_check.
