Installing OpenWRT on Watchguard T40W

othermully · April 14, 2025, 7:26pm

Hello, I am attempting to install OpenWRT onto a second hand watchguard t40w I have. I am new to building firmware and flashing embedded devices, so this project is over my head and I need some guidance/tips.

Specs:
Board: LS1043A QDS
Storage: mSATA 16GB
Bootloader: Custom U-Boot for Watchguard

I currently have a TFTP server and an active serial connection to the device. I have tried multiple different file types using openWRTs 'make menuconfig'. From the looks of it in the current u-boot environment, its booting the Watchguard kernel file which is a .itb file.

I'm assuming that since the bootloader is customized for the watchguard there might be some sort of mechanism that prevents loading other types of images or even prevents from booting anything that isn't watchguard specific. The main error messages I receive when attempting to boot the images (.bin, .itb, .uimage) is that it cannot get the kernel image from the boot file.

I have attempted creating a .bin image which the LS1043A target selected in the menuconfig for OpenWRT as well as creating an .itb image from the image builder.

My main question is, would it be worth the effort to re-flash U-Boot so I have a fresh U-Boot configuration, or has anyone worked with a LS1043A QDS board before with success?

Wallbanger · April 15, 2025, 1:32pm

Show serial bootlog, pls, in Code-Tags...
And maybe https://wikidevi.wi-cat.ru/WatchGuard_Firebox_T40-W_(FS4AE5W) is helpful...

othermully · April 15, 2025, 7:17pm

Here it is, don't mind the boot error, I don't have the mSATA installed at the moment

U-Boot 2018.09 (Dec 05 2019 - 10:13:47 -0800)

SoC:  LS1043AE Rev1.1 (0x87920011)
Clock Configuration:
       CPU0(A53):1000 MHz  CPU1(A53):1000 MHz  CPU2(A53):1000 MHz  
       CPU3(A53):1000 MHz  
       Bus:      300  MHz  DDR:      1600 MT/s  FMAN:     500  MHz
Reset Configuration Word (RCW):
       00000000: 0610000a 0a000000 00000000 00000000
       00000010: 45580002 00000012 40044000 c1002000
       00000020: 00000000 00000000 00000000 0003fffe
       00000030: 20004504 0418320a 00000096 00000001
Model: LS1043A QDS Board - T40/T20
Board: LS1043AQDS, boot from vBank: 0
I2C:   ready
DRAM:  Initializing DDR...
Detected UDIMM Fixed DDR4 on board
3.9 GiB (DDR4, 32-bit, CL=11, ECC off)
Using SERDES1 Protocol: 17752 (0x4558)
SEC Firmware: Bad firmware image (not a FIT image)
Waking secondary cores to start from fbd35000
All (4) cores are up.
MMC:   FSL_SDHC: 0
Loading Environment from SPI Flash... SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
OK
In:    serial
Out:   serial
Err:   serial
Net:   SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
Fman1: Uploading microcode version 108.4.9
PCIe0: pcie@3400000 Root Complex: no link
PCIe1: pcie@3500000 Root Complex: x1 gen1
PCIe2: pcie@3600000 disabled
FM1@DTSEC1 [PRIME], FM1@DTSEC2, FM1@DTSEC3, FM1@DTSEC5, FM1@DTSEC6
### main_loop entered: bootdelay=3

### main_loop: bootcmd="run wgBoot SysA"
WatchGuard U-Boot 2018.09 - Dec 05 2019 10:13:47--------------------------------------------------------------------------||||||||||||||||||||||||-------------------------------------------------------------------------++++Use the ^ and v keys to select which entry is highlighted.Press enter to boot the selected OS.WatchGuard (SYSA)                                                     WatchGuard (SYSB Recovery/Diagnostic Mode)                       Booting SYSA key to stop autoboot:  3 
scanning bus for devices...
SATA link 0 timeout.
AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc apst 
Wrong Image Format for bootm command
ERROR: can't get kernel image!

Wallbanger · April 16, 2025, 8:30am

Hardware specs are here https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Hardware-Guides/firebox-t40-hardware-guide.html?cshid=10001
But nothing about the SoC. First move would be to find out, whether the SoC is supported by linux.

Request Support for Meraki MX67C is the only thread I found with LSA1043A. You have to wait what the Pros say, sorry...

tmn505 · April 16, 2025, 10:38am

The issue is You don't post what are those error messages and go for the solution which is the one most difficult to achieve. There's no need to change bootloader if You can interrupt it and boot unsigned system/kernel from other medium. The usual customization are specified in U-Boot environment and likely it's possible to alter it from U-Boot console. But before You'll think about doing that, You need kernel with dtb adapted to the board. As 1st step try to tftpboot initramfs (select ramdisk image in menuconfig) for fsl_ls1043a-rdb board just to test if the kernel loads and boots. The vendor kernel is probably new enough to use dtb, so the next step is to use binwalk to extract it and decompile it to dts (or upload the file with .itb extension somewhere). Please post that dts here. That dts is a hardware description which could be used unmodified or will need slight modification to run with mainline kernel.

Anyway, You might want to ask @neg2led for more, as he did experiment with https://github.com/neggles/openwrt/commits/firebox-t20 but I don't know how far did he go with it.

Shine · April 22, 2025, 8:00am

The problem with these Watchguard devices is that their U-Boot is passworded, and the passwords are unknown as of yet. Some models drop to a passwordless U-Boot CLI if you remove their OS device (SD-Card, mSATA), some don't. For ones with soldered-in OS device (NAND, eMMC) you'll either have to patch or replace U-Boot in order to be able to get a CLI. Patching U-Boot is what @neg2led apparently did for his T20, judging from old IRC logs that Google found. But I didn't find any more details about that, let alone an actual patch. So as long as @neg2led is MIA, the reverse-engineering of Watchguard's U-Boot has to be redone.

T40, on the other hand, with its removable/replacable mSATA should be able to boot any compatible and correctly formatted FIT image from a correctly partitioned replacement mSATA device. Watchguard is not using Secure Boot on these devices, at least from what @neg2led appears to have found out.

But yes, exactly the information required to support, is being held back by the OP. There's no point in pasting a boot log failing due to removed mSATA, for example. Instead a working boot log with stock FW is required. He's not pasting a boot log failing with his first firmware build tries either. How would we be able to guess what he did wrong? And so on.

I think the OP thinks he can just throw any LS1043A-RDB firmware at his device and it'll magically work.

If you can't find a way to get a U-Boot CLI, you likely won't be able to TFTP boot, since Watchguard by default boots its recovery firmware from a separate partition on the OS device, not via TFTP. So first is to find out the correct mSATA partition layout and boot image format. Once you can successfully boot "something", you can get to the real work. E.g. extract the DTB from a stock firmware and start building an OpenWrt-compatible DTS off that. This way, you'll slowly get to a point where you can first boot a (likely not-yet-working) kernel, and from there, gradually get to a working firmware.

@neg2led's work should indeed be a good starting point for any further efforts

othermully · April 27, 2025, 5:47pm

Thank you for your help, by extracting the .dtb from the original firmware I was able to build a .dts file and boot a kernel.

Eventually il write up some documentation to help others getting OpenWRT running on the Firebox T40s

hmartin · September 7, 2025, 8:42am

Do you have those anywhere and can you post them here?

You can get a U-Boot shell by removing the mSATA SSD (though obviously not on the T20 with soldered EMMC). Networking is functional in U-Boot and you can tftpboot an ITB image. The device tree for the stock firmware (Linux 4.14) is pretty much the stock ls1043a-rdb. I can post the stock device tree a bit later.

WatchGuard T20 stock bootlog:

U-Boot 2018.09 (Dec 05 2019 - 10:12:58 -0800)

SoC:  LS1023AE Rev1.1 (0x87920811)
Clock Configuration:
       CPU0(A53):1000 MHz  CPU1(A53):1000 MHz  
       Bus:      300  MHz  DDR:      1600 MT/s  FMAN:     500  MHz
Reset Configuration Word (RCW):
       00000000: 0610000a 0a000000 00000000 00000000
       00000010: 45580002 00000012 40044000 c1002000
       00000020: 00000000 00000000 00000000 0003effe
       00000030: 20004504 0418320a 00000096 00000001
Model: LS1043A QDS Board - T40/T20
Board: LS1043AQDS, boot from vBank: 0
I2C:   ready
DRAM:  Initializing DDR...
Detected UDIMM Fixed DDR4 on board
1.9 GiB (DDR4, 32-bit, CL=11, ECC off)
Using SERDES1 Protocol: 17752 (0x4558)
SEC Firmware: Bad firmware image (not a FIT image)
Waking secondary cores to start from fbd35000
All (2) cores are up.
MMC:   FSL_SDHC: 0
Loading Environment from SPI Flash... SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
*** Warning - bad CRC, using default environment

## Error: flags type check failure for "ipaddr" <= "10.0.1.1;" (type: i)
himport_r: can't insert "ipaddr=10.0.1.1;" into hash table
## Error: flags type check failure for "netmask" <= "255.255.255.0;" (type: i)
himport_r: can't insert "netmask=255.255.255.0;" into hash table
In:    serial
Out:   serial
Err:   serial
Net:   SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
Fman1: Uploading microcode version 108.4.9
PCIe0: pcie@3400000 Root Complex: no link
PCIe1: pcie@3500000 Root Complex: x1 gen1
PCIe2: pcie@3600000 disabled
FM1@DTSEC1 [PRIME], FM1@DTSEC2, FM1@DTSEC3, FM1@DTSEC5, FM1@DTSEC6
### main_loop entered: bootdelay=3

### main_loop: bootcmd="run wgBootSysA"
WatchGuard U-Boot 2018.09 - Dec 05 2019 10:12:58--------------------------------------------------------------------------||||||||||||||||||||||||-------------------------------------------------------------------------++++Use the ^ and v keys to select which entry is highlighted.Press enter to boot the selected OS.WatchGuard (SYSA)                                                     WatchGuard (SYSB Recovery/Diagnostic Mode)                            Hit any key to stop autoboot:  3  2  1  0 Booting SYSA
Device: FSL_SDHC
Manufacturer ID: 70
OEM: 100
Name: M6270 
Bus Speed: 52000000
Mode : MMC High Speed (52MHz)
Rd Block Len: 512
MMC version 5.0
High Capacity: Yes
Capacity: 3.6 GiB
Bus Width: 4-bit
Erase Group Size: 512 KiB
HC WP Group Size: 4 MiB
User Capacity: 3.6 GiB WRREL
Boot Capacity: 2 MiB ENH
RPMB Capacity: 512 KiB ENH
6512892 bytes read in 400 ms (15.5 MiB/s)
## Loading kernel from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'kernel@1' kernel subimage
     Description:  WatchGuard Kernel
     Created:      2020-05-21  18:03:31 UTC
     Type:         Kernel Image
     Compression:  gzip compressed
     Data Start:   0x820000cc
     Data Size:    6478903 Bytes = 6.2 MiB
     Architecture: AArch64
     OS:           Linux
     Load Address: 0x80080000
     Entry Point:  0x80080000
     Hash algo:    crc32
     Hash value:   1b94f0b8
     Hash algo:    sha1
     Hash value:   2c8bd819599f9e28fa22d29e098c4ee550eb6c9e
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Loading fdt from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'fdt@1' fdt subimage
     Description:  Flattened Device Tree blob
     Created:      2020-05-21  18:03:31 UTC
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x8262de30
     Data Size:    32642 Bytes = 31.9 KiB
     Architecture: AArch64
     Load Address: 0x90000000
     Hash algo:    crc32
     Hash value:   8ac87d7b
     Hash algo:    sha1
     Hash value:   01635f39bd4bb64375dce2d6e03b2bda97f89275
   Verifying Hash Integrity ... crc32+ sha1+ OK
   Loading fdt from 0x8262de30 to 0x90000000
   Booting using the fdt blob at 0x90000000
   Uncompressing Kernel Image ... OK
   Using Device Tree in place at 0000000090000000, end 000000009001af81
WARNING: SEC firmware not running, no kaslr-seed
WARNING failed to get smmu node: FDT_ERR_NOTFOUND
WARNING failed to get smmu node: FDT_ERR_NOTFOUND

Starting kernel ...

[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 4.14.83 (release@cmrb05) (gcc version 6.5.0 (crosstool-NG 1.23.0.580-eb72b4e)) #1 SMP PREEMPT Thu May 21 11:00:16 PDT 2020
[    0.000000] Boot CPU: AArch64 Processor [410fd034]
[    0.000000] Machine model: LS1043A RDB Board - T40
[    0.000000] earlycon: uart8250 at MMIO 0x00000000021c0500 (options '')
[    0.000000] bootconsole [uart8250] enabled
[    0.000000] efi: Getting EFI parameters from FDT:
[    0.000000] efi: UEFI not found.
[    0.000000] crashkernel reserved: 0x00000000f8600000 - 0x00000000fbe00000 (56 MB)
[    0.000000] OF: reserved mem: initialized node qman-fqd, compatible id fsl,qman-fqd
[    0.000000] OF: reserved mem: initialized node qman-pfdr, compatible id fsl,qman-pfdr
[    0.000000] OF: reserved mem: initialized node bman-fbpr, compatible id fsl,bman-fbpr
[    0.000000] cma: Reserved 16 MiB at 0x00000000f4000000
[    0.000000] NUMA: No NUMA configuration found
[    0.000000] NUMA: Faking a node at [mem 0x0000000000000000-0x00000000fbdfffff]
[    0.000000] NUMA: NODE_DATA [mem 0xf85a72c0-0xf85a8a7f]
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000080000000-0x00000000fbdfffff]
[    0.000000]   Normal   empty
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000080000000-0x00000000f4ffffff]
[    0.000000]   node   0: [mem 0x00000000f8400000-0x00000000fbdfffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000080000000-0x00000000fbdfffff]
[    0.000000] percpu: Embedded 23 pages/cpu @ffff800078572000 s54104 r8192 d31912 u94208
[    0.000000] Detected VIPT I-cache on CPU0
[    0.000000] CPU features: enabling workaround for ARM erratum 845719
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 486152
[    0.000000] Policy zone: DMA
[    0.000000] Kernel command line: root=/dev/mmcblk0p3 rw rootdelay=2 console=ttyS0,115200 earlycon=uart8250,mmio,0x21c0500
[    0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
[    0.000000] Memory: 1854200K/1976320K available (9340K kernel code, 676K rwdata, 3296K rodata, 704K init, 882K bss, 105736K reserved, 16384K cma-reserved)
[    0.000000] Virtual kernel memory layout:
[    0.000000]     modules : 0xffff000000000000 - 0xffff000008000000   (   128 MB)
[    0.000000]     vmalloc : 0xffff000008000000 - 0xffff7dffbfff0000   (129022 GB)
[    0.000000]       .text : 0xffff000008080000 - 0xffff0000089a0000   (  9344 KB)
[    0.000000]     .rodata : 0xffff0000089a0000 - 0xffff000008ce0000   (  3328 KB)
[    0.000000]       .init : 0xffff000008ce0000 - 0xffff000008d90000   (   704 KB)
[    0.000000]       .data : 0xffff000008d90000 - 0xffff000008e39200   (   677 KB)
[    0.000000]        .bss : 0xffff000008e39200 - 0xffff000008f15cb8   (   883 KB)
[    0.000000]     fixed   : 0xffff7dfffe7fb000 - 0xffff7dfffec00000   (  4116 KB)
[    0.000000]     PCI I/O : 0xffff7dfffee00000 - 0xffff7dffffe00000   (    16 MB)
[    0.000000]     vmemmap : 0xffff7e0000000000 - 0xffff800000000000   (  2048 GB maximum)
[    0.000000]               0xffff7e0000000000 - 0xffff7e0001ef8000   (    30 MB actual)
[    0.000000]     memory  : 0xffff800000000000 - 0xffff80007be00000   (  1982 MB)
[    0.000000] Preemptible hierarchical RCU implementation.
[    0.000000] 	RCU event tracing is enabled.
[    0.000000] 	RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=2.
[    0.000000] 	Tasks RCU enabled.
[    0.000000] RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=2
[    0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
[    0.000000] GIC: Adjusting CPU interface base to 0x000000000142f000
[    0.000000] GIC: Using split EOI/Deactivate mode
[    0.000000] arch_timer: Enabling global workaround for Freescale erratum a005858
[    0.000000] arch_timer: CPU0: Trapping CNTVCT access
[    0.000000] arch_timer: cp15 timer(s) running at 25.00MHz (phys).
[    0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x5c40939b5, max_idle_ns: 440795202646 ns
[    0.000003] sched_clock: 56 bits at 25MHz, resolution 40ns, wraps every 4398046511100ns
[    0.008693] Console: colour dummy device 80x25
[    0.013215] Calibrating delay loop (skipped), value calculated using timer frequency.. 50.00 BogoMIPS (lpj=100000)
[    0.023644] pid_max: default: 32768 minimum: 301
[    0.028389] Security Framework initialized
[    0.033315] Dentry cache hash table entries: 262144 (order: 9, 2097152 bytes)
[    0.040896] Inode-cache hash table entries: 131072 (order: 8, 1048576 bytes)
[    0.048017] Mount-cache hash table entries: 4096 (order: 3, 32768 bytes)
[    0.054779] Mountpoint-cache hash table entries: 4096 (order: 3, 32768 bytes)
[    0.078023] ASID allocator initialised with 32768 entries
[    0.091483] Hierarchical SRCU implementation.
[    0.103910]  WG CPU Model 1043 Count 4
[    0.107677]  WG CRASH MIN RESERVE   56 MB
[    0.111715] 
[    0.111715] wg_kernel_init: Built May 21 2020 10:50:12
[    0.118711] EFI services will not be available.
[    0.131295] smp: Bringing up secondary CPUs ...
[    0.163987] Detected VIPT I-cache on CPU1
[    0.164019] arch_timer: CPU1: Trapping CNTVCT access
[    0.164024] CPU1: Booted secondary processor [410fd034]
[    0.164091] smp: Brought up 1 node, 2 CPUs
[    0.182526] SMP: Total of 2 processors activated.
[    0.187266] CPU features: detected feature: 32-bit EL0 Support
[    0.193150] CPU features: detected feature: Kernel page table isolation (KPTI)
[    0.209613] CPU: All CPU(s) started at EL2
[    0.213747] alternatives: patching kernel code
[    0.218455] wg_check_smp_cpus: CPUs offline, found 2, expected 4.
[    0.218460] wg_check_smp_cpus: CPUs offline, found 2, expected 4.
[    0.236651] random: get_random_u32 called from bucket_table_alloc+0xf8/0x280 with crng_init=0
[    0.245504] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[    0.255333] futex hash table entries: 512 (order: 3, 32768 bytes)
[    0.262064] alloc_chrdev_region: 254:0   gpiochip
[    0.267370] DMI not present or invalid.
[    0.271449] NET: Registered protocol family 16
[    0.276304] alloc_chrdev_region: 253:0   fsl_mc_bus
[    0.282016] cpuidle: using governor menu
[    0.286422] Bman ver:0a02,02,01
[    0.291979] qman-fqd addr 0x00000000f8000000 size 0x400000
[    0.297507] qman-pfdr addr 0x00000000f6000000 size 0x2000000
[    0.303217] Qman ver:0a01,03,02,00
[    0.306780] vdso: 2 pages (1 code @ ffff0000089a7000, 1 data @ ffff000008d95000)
[    0.314254] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
[    0.321952] DMA: preallocated 256 KiB pool for atomic allocations
[    0.328207] Serial: AMBA PL011 UART driver
[    0.333388] Machine: LS1043A RDB Board - T40
[    0.337694] SoC family: QorIQ LS1043A
[    0.341374] SoC ID: svr:0x87920811, Revision: 1.1
[    0.376321] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[    0.384206] ACPI: Interpreter disabled.
[    0.390859] alloc_chrdev_region: 252:0   tpm
[    0.395982] misc_register: 10,  63 vga_arbiter
[    0.400525] vgaarb: loaded
[    0.403488] SCSI subsystem initialized
[    0.407595] usbcore: registered new interface driver usbfs
[    0.413169] usbcore: registered new interface driver hub
[    0.418627] usbcore: registered new device driver usb
[    0.423800] alloc_chrdev_region: 251:0   rtc
[    0.428843] i2c i2c-0: IMX I2C adapter registered
[    0.433632] i2c i2c-0: using dma0chan16 (tx) and dma0chan17 (rx) for DMA transfers
[    0.441493] alloc_chrdev_region: 250:0   pps
[    0.445799] pps_core: LinuxPPS API ver. 1 registered
[    0.450799] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    0.460017] alloc_chrdev_region: 249:0   ptp
[    0.464317] PTP clock support registered
[    0.468362] dmi: Firmware registration failed.
[    0.472885] bman-fbpr addr 0x00000000f5000000 size 0x1000000
[    0.478621] Bman err interrupt handler present
[    0.483730] Bman portal initialised, cpu 0
[    0.487956] Bman portal initialised, cpu 1
[    0.492082] Bman portals initialised
[    0.496845] Qman err interrupt handler present
[    0.501574] QMan: Allocated lookup table at ffff00000a225000, entry count 65537
[    0.509541] Qman portal initialised, cpu 0
[    0.513753] Qman portal initialised, cpu 1
[    0.517882] Qman portals initialised
[    0.521588] Bman: BPID allocator includes range 32:32
[    0.526758] Qman: FQID allocator includes range 256:256
[    0.532025] Qman: FQID allocator includes range 32768:32768
[    0.537714] Qman: CGRID allocator includes range 0:256
[    0.543094] Qman: pool channel allocator includes range 1025:15
[    0.549188] No USDPAA memory, no 'fsl,usdpaa-mem' in device-tree
[    0.555283] fsl-ifc 1530000.ifc: Freescale Integrated Flash Controller
[    0.561870] fsl-ifc 1530000.ifc: IFC version 1.4, 8 banks
[    0.567533] alloc_chrdev_region: 248:0   iio
[    0.571921] Advanced Linux Sound Architecture Driver Initialized.
[    0.578544] alloc_chrdev_region: 247:0   watchdog
[    0.583426] clocksource: Switched to clocksource arch_sys_counter
[    0.589786] pnp: PnP ACPI: disabled
[    0.598076] NET: Registered protocol family 2
[    0.602951] TCP established hash table entries: 16384 (order: 5, 131072 bytes)
[    0.610391] TCP bind hash table entries: 16384 (order: 6, 262144 bytes)
[    0.617318] TCP: Hash tables configured (established 16384 bind 16384)
[    0.623973] UDP hash table entries: 1024 (order: 3, 32768 bytes)
[    0.630079] UDP-Lite hash table entries: 1024 (order: 3, 32768 bytes)
[    0.636721] NET: Registered protocol family 1
[    0.641592] hw perfevents: failed to parse interrupt-affinity[2] for pmu
[    0.648350] hw perfevents: /pmu: failed to register PMU devices!
[    0.654420] armv8-pmu: probe of pmu failed with error -22
[    0.660356] kvm [1]: 8-bit VMID
[    0.664230] kvm [1]: vgic interrupt IRQ1
[    0.668240] kvm [1]: Hyp mode initialized successfully
[    0.673458] misc_register: 10, 232 kvm
[    0.678757] misc_register: 10, 231 snapshot
[    0.683687] audit: initializing netlink subsys (disabled)
[    0.689205] audit: type=2000 audit(0.588:1): state=initialized audit_enabled=0 res=1
[    0.689405] workingset: timestamp_bits=44 max_order=19 bucket_order=0
[    0.703924] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    0.709835] 9p: Installing v9fs 9p2000 file system support
[    0.715430] ceph: loaded (mds proto 32)
[    0.722054] async_tx: api initialized (async)
[    0.726485] alloc_chrdev_region: 246:0   bsg
[    0.730794] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 246)
[    0.738314] io scheduler noop registered
[    0.742297] io scheduler cfq registered (default)
[    0.747112] io scheduler mq-deadline registered
[    0.751681] io scheduler kyber registered
[    0.758101] OF: PCI: host bridge /soc/pcie@3400000 ranges:
[    0.763648] OF: PCI:    IO 0x4000010000..0x400001ffff -> 0x00000000
[    0.769988] OF: PCI:   MEM 0x4040000000..0x407fffffff -> 0x40000000
[    0.776484] layerscape-pcie 3400000.pcie: PCI host bridge to bus 0000:00
[    0.783245] pci_bus 0000:00: root bus resource [bus 00-ff]
[    0.788778] pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
[    0.795008] pci_bus 0000:00: root bus resource [mem 0x4040000000-0x407fffffff] (bus address [0x40000000-0x7fffffff])
[    0.805962] pci 0000:00:00.0: BAR 6: assigned [mem 0x4040000000-0x40400007ff pref]
[    0.813595] pci 0000:00:00.0: PCI bridge to [bus 01-ff]
[    0.819078] pcieport 0000:00:00.0: Signaling PME with IRQ 70
[    0.824892] pcieport 0000:00:00.0: AER enabled with IRQ 71
[    0.830564] OF: PCI: host bridge /soc/pcie@3500000 ranges:
[    0.836102] OF: PCI:    IO 0x4800010000..0x480001ffff -> 0x00000000
[    0.842425] OF: PCI:   MEM 0x4840000000..0x487fffffff -> 0x40000000
[    0.848872] layerscape-pcie 3500000.pcie: PCI host bridge to bus 0001:00
[    0.855631] pci_bus 0001:00: root bus resource [bus 00-ff]
[    0.861161] pci_bus 0001:00: root bus resource [io  0x10000-0x1ffff] (bus address [0x0000-0xffff])
[    0.870193] pci_bus 0001:00: root bus resource [mem 0x4840000000-0x487fffffff] (bus address [0x40000000-0x7fffffff])
[    0.891508] pci 0001:00:00.0: BAR 14: assigned [mem 0x4840000000-0x48402fffff]
[    0.898794] pci 0001:00:00.0: BAR 6: assigned [mem 0x4840300000-0x48403007ff pref]
[    0.906427] pci 0001:01:00.0: BAR 0: assigned [mem 0x4840000000-0x48401fffff 64bit]
[    0.914192] pci 0001:01:00.0: BAR 6: assigned [mem 0x4840200000-0x484020ffff pref]
[    0.921819] pci 0001:00:00.0: PCI bridge to [bus 01-ff]
[    0.927090] pci 0001:00:00.0:   bridge window [mem 0x4840000000-0x48402fffff]
[    0.934461] pcieport 0001:00:00.0: Signaling PME with IRQ 72
[    0.940281] pcieport 0001:00:00.0: AER enabled with IRQ 73
[    0.951976] Freescale LS2 console driver
[    0.955937] misc_register: 10,  62 fsl_mc_console
[    0.960741] fsl-ls2-console: device fsl_mc_console registered
[    0.966536] misc_register: 10,  61 fsl_aiop_console
[    0.971498] fsl-ls2-console: device fsl_aiop_console registered
[    0.980444] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[    0.988161] console [ttyS0] disabled
[    0.991809] 21c0500.serial: ttyS0 at MMIO 0x21c0500 (irq = 39, base_baud = 18750000) is a 16550A
[    1.000691] console [ttyS0] enabled
[    1.000691] console [ttyS0] enabled
[    1.007693] bootconsole [uart8250] disabled
[    1.007693] bootconsole [uart8250] disabled
[    1.016377] 21c0600.serial: ttyS1 at MMIO 0x21c0600 (irq = 39, base_baud = 18750000) is a 16550A
[    1.025448] 21d0500.serial: ttyS2 at MMIO 0x21d0500 (irq = 40, base_baud = 18750000) is a 16550A
[    1.034516] 21d0600.serial: ttyS3 at MMIO 0x21d0600 (irq = 40, base_baud = 18750000) is a 16550A
[    1.043835] alloc_chrdev_region: 245:0   ttyPS
[    1.048527] alloc_chrdev_region: 244:0   ttyLP
[    1.053284] misc_register: 10, 183 hw_random
[    1.063859] brd: module loaded
[    1.066919] misc_register: 10, 237 loop-control
[    1.075945] loop: module loaded
[    1.106412] ahci-qoriq 3200000.sata: AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl platform mode
[    1.115400] ahci-qoriq 3200000.sata: flags: 64bit ncq sntf pm clo only pmp fbs pio slum part ccc sds apst 
[    1.125698] scsi host0: ahci-qoriq
[    1.129267] ata1: SATA max UDMA/133 mmio [mem 0x03200000-0x0320ffff] port 0x100 irq 52
[    1.138312] fsl-quadspi 1550000.quadspi: mx25u3235f (4096 Kbytes)
[    1.144508] 11 ofpart partitions found on MTD device 1550000.quadspi
[    1.150879] Creating 11 MTD partitions on "1550000.quadspi":
[    1.156554] 0x000000000000-0x000000200000 : "NOR (RO) RCW + E-Hole + U-boot Image"
[    1.164744] 0x000000200000-0x000000210000 : "NOR (RW) U-Boot ENV"
[    1.171406] 0x000000210000-0x000000220000 : "NOR (RO) EMPTY Hole 1"
[    1.178235] 0x000000220000-0x000000240000 : "NOR (RW) FMAN UCODE"
[    1.184894] 0x000000240000-0x000000280000 : "NOR (RW) E-HOLE 2 or PPA"
[    1.191981] 0x000000280000-0x0000002a0000 : "NOR (RW) WG CFG0"
[    1.198363] 0x0000002a0000-0x0000002c0000 : "NOR (RW) WG CFG1"
[    1.204743] 0x0000002c0000-0x0000002e0000 : "NOR (RW) WG MFG"
[    1.211048] 0x0000002e0000-0x000000300000 : "NOR (RW) E-HOLE 3"
[    1.217533] 0x000000300000-0x000000320000 : "NOR (RW) FMAN UCODE Old"
[    1.224523] 0x000000320000-0x000000400000 : "NOR (RW) WG bootOpt Data & reserved"
[    1.233744] m25p80 spi0.0: unrecognized JEDEC id bytes: ff, ff, ff
[    1.241008] libphy: Fixed MDIO Bus: probed
[    1.246304] libphy: Freescale XGMAC MDIO Bus: probed
[    1.252945] libphy: Freescale XGMAC MDIO Bus: probed
[    1.258382] libphy: Freescale XGMAC MDIO Bus: probed
[    1.263768] libphy: Freescale XGMAC MDIO Bus: probed
[    1.269073] libphy: Freescale XGMAC MDIO Bus: probed
[    1.274389] libphy: Freescale XGMAC MDIO Bus: probed
[    1.279734] libphy: Freescale XGMAC MDIO Bus: probed
[    1.285032] libphy: Freescale XGMAC MDIO Bus: probed
[    1.290331] libphy: Freescale XGMAC MDIO Bus: probed
[    1.311149] Freescale FM module, FMD API version 21.1.0
[    1.320026] Freescale FM Ports module
[    1.323699] fsl_mac: fsl_mac: FSL FMan MAC API based driver
[    1.329611] fman_memac_init: IF_MODE    2
[    1.333886] fsl_mac 1ae0000.ethernet: FMan MEMAC
[    1.338522] fsl_mac 1ae0000.ethernet: FMan MAC address: 00:0b:6b:01:01:01
[    1.345477] fman_memac_init: IF_MODE    2
[    1.349752] fsl_mac 1ae2000.ethernet: FMan MEMAC
[    1.354383] fsl_mac 1ae2000.ethernet: FMan MAC address: 00:0b:6b:01:01:02
[    1.361346] fman_memac_init: IF_MODE 8006
[    1.365369] fsl_mac 1ae4000.ethernet: FMan MEMAC
[    1.370002] fsl_mac 1ae4000.ethernet: FMan MAC address: 00:0b:6b:01:01:03
[    1.376975] fman_memac_init: IF_MODE    2
[    1.381250] fsl_mac 1ae8000.ethernet: FMan MEMAC
[    1.385879] fsl_mac 1ae8000.ethernet: FMan MAC address: 00:0b:6b:01:01:05
[    1.392845] fman_memac_init: IF_MODE    2
[    1.397114] fsl_mac 1aea000.ethernet: FMan MEMAC
[    1.401747] fsl_mac 1aea000.ethernet: FMan MAC address: 00:0b:6b:01:01:06
[    1.408619] fsl_dpa: FSL DPAA Ethernet driver
[    1.414063] fsl_dpa soc:fsl,dpaa:ethernet@0: Skip RX PCD High Priority FQs initialization
[    1.426730] fsl_dpa: fsl_dpa: Probed interface eth0
[    1.433595] fsl_dpa soc:fsl,dpaa:ethernet@1: Skip RX PCD High Priority FQs initialization
[    1.446569] fsl_dpa: fsl_dpa: Probed interface eth1
[    1.452491] ata1: SATA link down (SStatus 0 SControl 300)
[    1.453686] fsl_dpa soc:fsl,dpaa:ethernet@2: Skip RX PCD High Priority FQs initialization
[    1.458736] fsl_dpa: fsl_dpa: Probed interface eth2
[    1.458889] fsl_dpa soc:fsl,dpaa:ethernet@3: of_find_device_by_node(/soc/fman@1a00000/ethernet@e6000) failed
[    1.458906] fsl_dpa: probe of soc:fsl,dpaa:ethernet@3 failed with error -22
[    1.460024] fsl_dpa soc:fsl,dpaa:ethernet@4: Skip RX PCD High Priority FQs initialization
[    1.465511] fsl_dpa: fsl_dpa: Probed interface eth3
[    1.466863] fsl_dpa soc:fsl,dpaa:ethernet@5: Skip RX PCD High Priority FQs initialization
[    1.472742] fsl_dpa: fsl_dpa: Probed interface eth4
[    1.472859] fsl_dpa soc:fsl,dpaa:ethernet@8: of_find_device_by_node(/soc/fman@1a00000/ethernet@f0000) failed
[    1.472873] fsl_dpa: probe of soc:fsl,dpaa:ethernet@8 failed with error -22
[    1.472904] fsl_advanced: FSL DPAA Advanced drivers:
[    1.472906] fsl_proxy: FSL DPAA Proxy initialization driver
[    1.473109] fsl_oh: FSL FMan Offline Parsing port driver
[    1.473288] alloc_chrdev_region: 241:0   uio
[    1.473675] misc_register: 10, 196 vfio
[    1.473744] alloc_chrdev_region: 240:0   vfio
[    1.473747] VFIO - User Level meta-driver version: 0.3
[    1.570906] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[    1.577485] ehci-pci: EHCI PCI platform driver
[    1.581979] ehci-platform: EHCI generic platform driver
[    1.587495] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[    1.594005] ohci-pci: OHCI PCI platform driver
[    1.598502] ohci-platform: OHCI generic platform driver
[    1.604537] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.610058] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 1
[    1.618259] xhci-hcd xhci-hcd.0.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x22010810
[    1.627014] xhci-hcd xhci-hcd.0.auto: irq 49, io mem 0x02f00000
[    1.633358] hub 1-0:1.0: USB hub found
[    1.637138] hub 1-0:1.0: 1 port detected
[    1.641320] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.646827] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 2
[    1.654503] xhci-hcd xhci-hcd.0.auto: Host supports USB 3.0  SuperSpeed
[    1.661501] hub 2-0:1.0: USB hub found
[    1.665275] hub 2-0:1.0: 1 port detected
[    1.669572] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    1.675080] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 3
[    1.683138] xhci-hcd xhci-hcd.1.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x22010810
[    1.691880] xhci-hcd xhci-hcd.1.auto: irq 50, io mem 0x03000000
[    1.698159] hub 3-0:1.0: USB hub found
[    1.701933] hub 3-0:1.0: 1 port detected
[    1.706092] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    1.711596] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 4
[    1.719275] xhci-hcd xhci-hcd.1.auto: Host supports USB 3.0  SuperSpeed
[    1.726274] hub 4-0:1.0: USB hub found
[    1.730053] hub 4-0:1.0: 1 port detected
[    1.734314] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    1.739827] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 5
[    1.747961] xhci-hcd xhci-hcd.2.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x22010810
[    1.756703] xhci-hcd xhci-hcd.2.auto: irq 51, io mem 0x03100000
[    1.762973] hub 5-0:1.0: USB hub found
[    1.766751] hub 5-0:1.0: 1 port detected
[    1.770912] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    1.776482] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 6
[    1.784158] xhci-hcd xhci-hcd.2.auto: Host supports USB 3.0  SuperSpeed
[    1.791144] hub 6-0:1.0: USB hub found
[    1.794917] hub 6-0:1.0: 1 port detected
[    1.799200] usbcore: registered new interface driver usbserial
[    1.805076] usbcore: registered new interface driver usbserial_generic
[    1.811693] usbserial: USB Serial support registered for generic
[    1.817745] usbcore: registered new interface driver pl2303
[    1.823357] usbserial: USB Serial support registered for pl2303
[    1.831520] misc_register: 10,   1 psaux
[    1.835575] mousedev: PS/2 mouse device common for all mice
[    1.848975] rtc-s35390a 0-0030: rtc core: registered rtc-s35390a as rtc0
[    1.855862] i2c /dev entries driver
[    1.859955] IR NEC protocol handler initialized
[    1.864512] IR RC5(x/sz) protocol handler initialized
[    1.869605] IR RC6 protocol handler initialized
[    1.874207] IR JVC protocol handler initialized
[    1.878745] IR Sony protocol handler initialized
[    1.883371] IR SANYO protocol handler initialized
[    1.888092] IR Sharp protocol handler initialized
[    1.892805] IR MCE Keyboard/mouse protocol handler initialized
[    1.898645] IR XMP protocol handler initialized
[    1.903416] ptp_qoriq: device tree node missing required elements, try automatic configuration
[    1.912287] pps pps0: new PPS source ptp0
[    1.917684] misc_register: 10, 130 watchdog
[    1.922005] imx2-wdt 2ad0000.wdog: timeout 60 sec (nowayout=0)
[    1.928033] CPUidle arm: CPU 0 failed to init idle CPU ops
[    1.933837] sdhci: Secure Digital Host Controller Interface driver
[    1.940029] sdhci: Copyright(c) Pierre Ossman
[    1.944508] Synopsys Designware Multimedia Card Interface Driver
[    1.951180] sdhci-pltfm: SDHCI platform and OF driver helper
[    1.995464] mmc0: SDHCI controller on 1560000.esdhc [1560000.esdhc] using ADMA 64-bit
[    2.007399] ledtrig-cpu: registered to indicate activity on CPUs
[    2.015197] platform caam_qi: Linux CAAM Queue I/F driver initialised
[    2.021771] caam-dma caam-dma: Defer probing after JR driver probing
[    2.028226] caam 1700000.crypto: Entropy delay = 3200
[    2.034352] caam 1700000.crypto: Instantiated RNG4 SH0
[    2.061088] caam 1700000.crypto: Instantiated RNG4 SH1
[    2.066266] caam 1700000.crypto: device ID = 0x0a12060000000000 (Era 8)
[    2.072901] caam 1700000.crypto: job rings = 3, qi = 1
[    2.080363] usbcore: registered new interface driver usbhid
[    2.086020] usbhid: USB HID core driver
[    2.089945] mmc0: new high speed MMC card at address 0001
[    2.092769] Freescale USDPAA process driver
[    2.092770] fsl-usdpaa: no region found
[    2.092773] Freescale USDPAA process IRQ driver
[    2.092777] misc_register: 10,  60 fsl-usdpaa-irq
[    2.094528] Initializing XFRM netlink socket
[    2.094644] NET: Registered protocol family 10
[    2.099961] Segment Routing with IPv6
[    2.100014] ip6_tables: (C) 2000-2006 Netfilter Core Team
[    2.100017] NET: Registered protocol family 17
[    2.100031] NET: Registered protocol family 15
[    2.100053] 9pnet: Installing 9P2000 support
[    2.100095] Key type ceph registered
[    2.104263] libceph: loaded (mon/osd proto 15/24)
[    2.104392] misc_register: 10,  59 cpu_dma_latency
[    2.104462] misc_register: 10,  58 network_latency
[    2.104513] misc_register: 10,  57 network_throughput
[    2.104566] misc_register: 10,  56 memory_bandwidth
[    2.104636] registered taskstats version 1
[    2.105778] caam-dma caam-dma: caam dma support with 3 job rings
[    2.151962] rtc-s35390a 0-0030: setting system clock to 2025-05-02 22:53:20 UTC (1746226400)
[    2.152204] ALSA device list:
[    2.152206]   No soundcards found.
[    2.196634] Waiting 2 sec before mounting root device...
[    2.196753] mmcblk0: mmc0:0001 M62704 3.56 GiB 
[    2.197045] mmcblk0boot0: mmc0:0001 M62704 partition 1 2.00 MiB
[    2.197222] mmcblk0boot1: mmc0:0001 M62704 partition 2 2.00 MiB
[    2.197397] mmcblk0rpmb: mmc0:0001 M62704 partition 3 512 KiB
[    2.199314]  mmcblk0: p1 p2 p3 p4 < p5 p6 p7 >
[    4.264240] EXT4-fs (mmcblk0p3): warning: mounting unchecked fs, running e2fsck is recommended
[    4.426590] EXT4-fs (mmcblk0p3): mounted filesystem without journal. Opts: (null)
[    4.434108] VFS: Mounted root (ext4 filesystem) on device 179:3.
[    4.440437] Freeing unused kernel memory: 704K
[    4.482930] random: fast init done
(...snip for OpenWrt forum character limit)
[   36.485864] Setting default cfg Access Point
[   37.308233] Config ok
[   37.335561] ok
[   37.429293] ok
[   37.434949] ok
[   37.435581] Done.

WatchGuard-XTM login:

DM me if you want the full bootlog, I cannot post it here due to character limits.

hmartin · September 7, 2025, 8:44am

WatchGuard T40 stock bootlog:

U-Boot 2018.09 (Dec 05 2019 - 10:13:47 -0800)

SoC:  LS1043AE Rev1.1 (0x87920011)
Clock Configuration:
       CPU0(A53):1000 MHz  CPU1(A53):1000 MHz  CPU2(A53):1000 MHz  
       CPU3(A53):1000 MHz  
       Bus:      300  MHz  DDR:      1600 MT/s  FMAN:     500  MHz
Reset Configuration Word (RCW):
       00000000: 0610000a 0a000000 00000000 00000000
       00000010: 45580002 00000012 40044000 c1002000
       00000020: 00000000 00000000 00000000 0003fffe
       00000030: 20004504 0418320a 00000096 00000001
Model: LS1043A QDS Board - T40/T20
Board: LS1043AQDS, boot from vBank: 0
I2C:   ready
DRAM:  Initializing DDR...
Detected UDIMM Fixed DDR4 on board
3.9 GiB (DDR4, 32-bit, CL=11, ECC off)
Using SERDES1 Protocol: 17752 (0x4558)
SEC Firmware: Bad firmware image (not a FIT image)
Waking secondary cores to start from fbd35000
All (4) cores are up.
MMC:   FSL_SDHC: 0
Loading Environment from SPI Flash... SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
*** Warning - bad CRC, using default environment

## Error: flags type check failure for "ipaddr" <= "10.0.1.1;" (type: i)
himport_r: can't insert "ipaddr=10.0.1.1;" into hash table
## Error: flags type check failure for "netmask" <= "255.255.255.0;" (type: i)
himport_r: can't insert "netmask=255.255.255.0;" into hash table
In:    serial
Out:   serial
Err:   serial
Net:   SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
Fman1: Uploading microcode version 108.4.9
PCIe0: pcie@3400000 Root Complex: no link
PCIe1: pcie@3500000 Root Complex: no link
PCIe2: pcie@3600000 disabled
FM1@DTSEC1 [PRIME], FM1@DTSEC2, FM1@DTSEC3, FM1@DTSEC5, FM1@DTSEC6
### main_loop entered: bootdelay=3

### main_loop: bootcmd="run wgBootSysA"
WatchGuard U-Boot 2018.09 - Dec 05 2019 10:13:47--------------------------------------------------------------------------||||||||||||||||||||||||-------------------------------------------------------------------------++++Use the ^ and v keys to select which entry is highlighted.Press enter to boot the selected OS.WatchGuard (SYSA)                                                     WatchGuard (SYSB Recovery/Diagnostic Mode)                            Hit any key to stop autoboot:  3  2  1  0 Booting SYSA
scanning bus for devices...
Target spinup took 0 ms.
AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc apst 
  Device 0: (0:0) Vendor: ATA Prod.:  Rev: 
            Type: Hard Disk
            Capacity: not available
8645824 bytes read in 179 ms (46.1 MiB/s)
## Loading kernel from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'kernel@1' kernel subimage
     Description:  WatchGuard Kernel
     Created:      2023-04-28   1:47:54 UTC
     Type:         Kernel Image
     Compression:  gzip compressed
     Data Start:   0x820000cc
     Data Size:    8610978 Bytes = 8.2 MiB
     Architecture: AArch64
     OS:           Linux
     Load Address: 0x80080000
     Entry Point:  0x80080000
     Hash algo:    crc32
     Hash value:   82133987
     Hash algo:    sha1
     Hash value:   35902aef8b493e978bc39137953079846ceabf78
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Loading fdt from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'fdt@1' fdt subimage
     Description:  Flattened Device Tree blob
     Created:      2023-04-28   1:47:54 UTC
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x8283669c
     Data Size:    33500 Bytes = 32.7 KiB
     Architecture: AArch64
     Load Address: 0x90000000
     Hash algo:    crc32
     Hash value:   65d95e13
     Hash algo:    sha1
     Hash value:   6e04f11bad98c248ce904b62bec10fe4ff5ef770
   Verifying Hash Integrity ... crc32+ sha1+ OK
   Loading fdt from 0x8283669c to 0x90000000
   Booting using the fdt blob at 0x90000000
   Uncompressing Kernel Image ... OK
   Using Device Tree in place at 0000000090000000, end 000000009001b2db
WARNING: SEC firmware not running, no kaslr-seed
WARNING failed to get smmu node: FDT_ERR_NOTFOUND
WARNING failed to get smmu node: FDT_ERR_NOTFOUND

Starting kernel ...

[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 4.14.140 (release@cmrb08) (gcc version 6.5.0 (crosstool-NG 1.23.0.580-eb72b4e)) #1 SMP PREEMPT Thu Apr 27 18:37:59 PDT 2023
[    0.000000] Boot CPU: AArch64 Processor [410fd034]
[    0.000000] Machine model: LS1043A RDB Board - T40
[    0.000000] earlycon: uart8250 at MMIO 0x00000000021c0500 (options '')
[    0.000000] bootconsole [uart8250] enabled
[    0.000000] efi: Getting EFI parameters from FDT:
[    0.000000] efi: UEFI not found.
[    0.000000] crashkernel reserved: 0x00000008fc800000 - 0x0000000900000000 (56 MB)
[    0.000000] OF: reserved mem: initialized node qman-fqd, compatible id fsl,qman-fqd
[    0.000000] OF: reserved mem: initialized node qman-pfdr, compatible id fsl,qman-pfdr
[    0.000000] OF: reserved mem: initialized node bman-fbpr, compatible id fsl,bman-fbpr
[    0.000000] cma: Reserved 16 MiB at 0x00000000fac00000
[    0.000000] NUMA: No NUMA configuration found
[    0.000000] NUMA: Faking a node at [mem 0x0000000000000000-0x00000008ffffffff]
[    0.000000] NUMA: NODE_DATA [mem 0x8fc3a3240-0x8fc3a49ff]
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000080000000-0x00000000ffffffff]
[    0.000000]   Normal   [mem 0x0000000100000000-0x00000008ffffffff]
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000080000000-0x00000000fbdfffff]
[    0.000000]   node   0: [mem 0x0000000880000000-0x00000008f8ffffff]
[    0.000000]   node   0: [mem 0x00000008fc000000-0x00000008fc3fffff]
[    0.000000]   node   0: [mem 0x00000008fc800000-0x00000008ffffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000080000000-0x00000008ffffffff]
[    0.000000] percpu: Embedded 22 pages/cpu s53080 r8192 d28840 u90112
[    0.000000] Detected VIPT I-cache on CPU0
[    0.000000] CPU features: enabling workaround for ARM erratum 845719
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 1002192
[    0.000000] Policy zone: Normal
[    0.000000] Kernel command line: root=/dev/sda3 rw console=ttyS0,115200 earlycon=uart8250,mmio,0x21c0500
[    0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
[    0.000000] software IO TLB: mapped [mem 0xf6c00000-0xfac00000] (64MB)
[    0.000000] Memory: 3850188K/4073472K available (9340K kernel code, 750K rwdata, 3432K rodata, 2752K init, 883K bss, 206900K reserved, 16384K cma-reserved)
[    0.000000] Virtual kernel memory layout:
[    0.000000]     modules : 0xffff000000000000 - 0xffff000008000000   (   128 MB)
[    0.000000]     vmalloc : 0xffff000008000000 - 0xffff7dffbfff0000   (129022 GB)
[    0.000000]       .text : 0xffff000008080000 - 0xffff0000089a0000   (  9344 KB)
[    0.000000]     .rodata : 0xffff0000089a0000 - 0xffff000008d00000   (  3456 KB)
[    0.000000]       .init : 0xffff000008d00000 - 0xffff000008fb0000   (  2752 KB)
[    0.000000]       .data : 0xffff000008fb0000 - 0xffff00000906ba00   (   751 KB)
[    0.000000]        .bss : 0xffff00000906ba00 - 0xffff000009148980   (   884 KB)
[    0.000000]     fixed   : 0xffff7dfffe7fb000 - 0xffff7dfffec00000   (  4116 KB)
[    0.000000]     PCI I/O : 0xffff7dfffee00000 - 0xffff7dffffe00000   (    16 MB)
[    0.000000]     vmemmap : 0xffff7e0000000000 - 0xffff800000000000   (  2048 GB maximum)
[    0.000000]               0xffff7e0000000000 - 0xffff7e0022000000   (   544 MB actual)
[    0.000000]     memory  : 0xffff800000000000 - 0xffff800880000000   ( 34816 MB)
[    0.000000] Preemptible hierarchical RCU implementation.
[    0.000000] 	RCU event tracing is enabled.
[    0.000000] 	RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=4.
[    0.000000] 	Tasks RCU enabled.
[    0.000000] RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4
[    0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
[    0.000000] GIC: Adjusting CPU interface base to 0x000000000142f000
[    0.000000] GIC: Using split EOI/Deactivate mode
[    0.000000] arch_timer: Enabling global workaround for Freescale erratum a005858
[    0.000000] arch_timer: CPU0: Trapping CNTVCT access
[    0.000000] arch_timer: cp15 timer(s) running at 25.00MHz (phys).
[    0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x5c40939b5, max_idle_ns: 440795202646 ns
[    0.000004] sched_clock: 56 bits at 25MHz, resolution 40ns, wraps every 4398046511100ns
[    0.008716] Console: colour dummy device 80x25
[    0.013245] Calibrating delay loop (skipped), value calculated using timer frequency.. 50.00 BogoMIPS (lpj=100000)
[    0.023673] pid_max: default: 32768 minimum: 301
[    0.028427] Security Framework initialized
[    0.034157] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes)
[    0.042219] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes)
[    0.049355] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes)
[    0.056129] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes)
[    0.079374] ASID allocator initialised with 32768 entries
[    0.092836] Hierarchical SRCU implementation.
[    0.105262]  WG CPU Model 1043 Count 4
[    0.109030]  WG CRASH MIN RESERVE   56 MB
[    0.113068] 
[    0.113068] wg_kernel_init: Built Apr 27 2023 18:15:14
[    0.120075] EFI services will not be available.
[    0.132659] smp: Bringing up secondary CPUs ...
[    0.165352] Detected VIPT I-cache on CPU1
[    0.165386] arch_timer: CPU1: Trapping CNTVCT access
[    0.165392] CPU1: Booted secondary processor [410fd034]
[    0.193391] Detected VIPT I-cache on CPU2
[    0.193411] arch_timer: CPU2: Trapping CNTVCT access
[    0.193416] CPU2: Booted secondary processor [410fd034]
[    0.221445] Detected VIPT I-cache on CPU3
[    0.221466] arch_timer: CPU3: Trapping CNTVCT access
[    0.221471] CPU3: Booted secondary processor [410fd034]
[    0.221527] smp: Brought up 1 node, 4 CPUs
[    0.268532] SMP: Total of 4 processors activated.
[    0.273272] CPU features: detected feature: 32-bit EL0 Support
[    0.279156] CPU features: detected feature: Kernel page table isolation (KPTI)
[    0.296484] CPU: All CPU(s) started at EL2
[    0.300622] alternatives: patching kernel code
[    0.311445] random: get_random_u32 called from bucket_table_alloc+0xf8/0x280 with crng_init=0
[    0.320296] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[    0.330134] futex hash table entries: 1024 (order: 4, 65536 bytes)
[    0.337055] alloc_chrdev_region: 254:0   gpiochip
[    0.342410] DMI not present or invalid.
[    0.346499] NET: Registered protocol family 16
[    0.351374] alloc_chrdev_region: 253:0   fsl_mc_bus
[    0.356984] cpuidle: using governor menu
[    0.361019] Bman ver:0a02,02,01
[    0.366565] qman-fqd addr 0x00000008fc400000 size 0x400000
[    0.372126] qman-pfdr addr 0x00000008fa000000 size 0x2000000
[    0.377835] Qman ver:0a01,03,02,00
[    0.381381] vdso: 2 pages (1 code @ ffff0000089a7000, 1 data @ ffff000008fb5000)
[    0.388856] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
[    0.396556] DMA: preallocated 256 KiB pool for atomic allocations
[    0.402821] Serial: AMBA PL011 UART driver
[    0.408002] Machine: LS1043A RDB Board - T40
[    0.412307] SoC family: QorIQ LS1043A
[    0.415986] SoC ID: svr:0x87920011, Revision: 1.1
[    0.444284] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[    0.452261] ACPI: Interpreter disabled.
[    0.458963] alloc_chrdev_region: 252:0   tpm
[    0.463661] misc_register: 10,  63 vga_arbiter
[    0.468214] vgaarb: loaded
[    0.471203] SCSI subsystem initialized
[    0.475353] usbcore: registered new interface driver usbfs
[    0.480946] usbcore: registered new interface driver hub
[    0.486355] usbcore: registered new device driver usb
[    0.491559] alloc_chrdev_region: 251:0   rtc
[    0.496694] i2c i2c-0: using dma0chan16 (tx) and dma0chan17 (rx) for DMA transfers
[    0.504324] i2c i2c-0: IMX I2C adapter registered
[    0.509331] alloc_chrdev_region: 250:0   pps
[    0.513632] pps_core: LinuxPPS API ver. 1 registered
[    0.518635] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    0.527851] alloc_chrdev_region: 249:0   ptp
[    0.532154] PTP clock support registered
[    0.536211] dmi: Firmware registration failed.
[    0.540740] bman-fbpr addr 0x00000008f9000000 size 0x1000000
[    0.546476] Bman err interrupt handler present
[    0.551620] Bman portal initialised, cpu 0
[    0.555839] Bman portal initialised, cpu 1
[    0.560057] Bman portal initialised, cpu 2
[    0.564275] Bman portal initialised, cpu 3
[    0.568405] Bman portals initialised
[    0.573199] Qman err interrupt handler present
[    0.577947] QMan: Allocated lookup table at ffff00000a885000, entry count 65537
[    0.585920] Qman portal initialised, cpu 0
[    0.590133] Qman portal initialised, cpu 1
[    0.594338] Qman portal initialised, cpu 2
[    0.598551] Qman portal initialised, cpu 3
[    0.602677] Qman portals initialised
[    0.606385] Bman: BPID allocator includes range 32:32
[    0.611559] Qman: FQID allocator includes range 256:256
[    0.616823] Qman: FQID allocator includes range 32768:32768
[    0.622517] Qman: CGRID allocator includes range 0:256
[    0.627895] Qman: pool channel allocator includes range 1025:15
[    0.633994] No USDPAA memory, no 'fsl,usdpaa-mem' in device-tree
[    0.640085] fsl-ifc 1530000.ifc: Freescale Integrated Flash Controller
[    0.646677] fsl-ifc 1530000.ifc: IFC version 1.4, 8 banks
[    0.652364] alloc_chrdev_region: 248:0   iio
[    0.656751] Advanced Linux Sound Architecture Driver Initialized.
[    0.663207] @@ sa_size: 4, cpu_idxb: 2, tun_cpu_start: 2
[    0.668738] alloc_chrdev_region: 247:0   watchdog
[    0.673608] clocksource: Switched to clocksource arch_sys_counter
[    0.679985] pnp: PnP ACPI: disabled
[    0.688110] NET: Registered protocol family 2
[    0.693022] TCP established hash table entries: 32768 (order: 6, 262144 bytes)
[    0.700624] TCP bind hash table entries: 32768 (order: 7, 524288 bytes)
[    0.707800] TCP: Hash tables configured (established 32768 bind 32768)
[    0.714484] UDP hash table entries: 2048 (order: 4, 65536 bytes)
[    0.720634] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes)
[    0.727329] NET: Registered protocol family 1
[    0.814803] hw perfevents: enabled with armv8_pmuv3 PMU driver, 7 counters available
[    0.828639] misc_register: 10, 231 snapshot
[    0.833687] audit: initializing netlink subsys (disabled)
[    0.839221] audit: type=2000 audit(0.760:1): state=initialized audit_enabled=0 res=1
[    0.839578] workingset: timestamp_bits=44 max_order=20 bucket_order=0
[    0.854111] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    0.860007] 9p: Installing v9fs 9p2000 file system support
[    0.865587] ceph: loaded (mds proto 32)
[    1.046895] async_tx: api initialized (async)
[    1.051345] alloc_chrdev_region: 246:0   bsg
[    1.055651] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 246)
[    1.063188] io scheduler noop registered
[    1.067200] io scheduler cfq registered (default)
[    1.071945] io scheduler mq-deadline registered
[    1.076513] io scheduler kyber registered
[    1.083216] OF: PCI: host bridge /soc/pcie@3400000 ranges:
[    1.088760] OF: PCI:    IO 0x4000010000..0x400001ffff -> 0x00000000
[    1.095085] OF: PCI:   MEM 0x4040000000..0x407fffffff -> 0x40000000
[    1.101584] layerscape-pcie 3400000.pcie: PCI host bridge to bus 0000:00
[    1.108346] pci_bus 0000:00: root bus resource [bus 00-ff]
[    1.113875] pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
[    1.120108] pci_bus 0000:00: root bus resource [mem 0x4040000000-0x407fffffff] (bus address [0x40000000-0x7fffffff])
[    1.131056] pci 0000:00:00.0: BAR 6: assigned [mem 0x4040000000-0x40400007ff pref]
[    1.138694] pci 0000:00:00.0: PCI bridge to [bus 01-ff]
[    1.144169] pcieport 0000:00:00.0: Signaling PME with IRQ 69
[    1.149985] pcieport 0000:00:00.0: AER enabled with IRQ 70
[    1.155655] OF: PCI: host bridge /soc/pcie@3500000 ranges:
[    1.161198] OF: PCI:    IO 0x4800010000..0x480001ffff -> 0x00000000
[    1.167518] OF: PCI:   MEM 0x4840000000..0x487fffffff -> 0x40000000
[    1.173980] layerscape-pcie 3500000.pcie: PCI host bridge to bus 0001:00
[    1.180737] pci_bus 0001:00: root bus resource [bus 00-ff]
[    1.186270] pci_bus 0001:00: root bus resource [io  0x10000-0x1ffff] (bus address [0x0000-0xffff])
[    1.195300] pci_bus 0001:00: root bus resource [mem 0x4840000000-0x487fffffff] (bus address [0x40000000-0x7fffffff])
[    1.206211] pci 0001:00:00.0: BAR 6: assigned [mem 0x4840000000-0x48400007ff pref]
[    1.213842] pci 0001:00:00.0: PCI bridge to [bus 01-ff]
[    1.219285] pcieport 0001:00:00.0: Signaling PME with IRQ 71
[    1.225093] pcieport 0001:00:00.0: AER enabled with IRQ 72
[    1.233128] Freescale LS2 console driver
[    1.237095] misc_register: 10,  62 fsl_mc_console
[    1.241892] fsl-ls2-console: device fsl_mc_console registered
[    1.247682] misc_register: 10,  61 fsl_aiop_console
[    1.252644] fsl-ls2-console: device fsl_aiop_console registered
[    1.261172] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[    1.268817] console [ttyS0] disabled
[    1.272462] 21c0500.serial: ttyS0 at MMIO 0x21c0500 (irq = 39, base_baud = 18750000) is a 16550A
[    1.281348] console [ttyS0] enabled
[    1.281348] console [ttyS0] enabled
[    1.288343] bootconsole [uart8250] disabled
[    1.288343] bootconsole [uart8250] disabled
[    1.297038] 21c0600.serial: ttyS1 at MMIO 0x21c0600 (irq = 39, base_baud = 18750000) is a 16550A
[    1.306115] 21d0500.serial: ttyS2 at MMIO 0x21d0500 (irq = 40, base_baud = 18750000) is a 16550A
[    1.315194] 21d0600.serial: ttyS3 at MMIO 0x21d0600 (irq = 40, base_baud = 18750000) is a 16550A
[    1.324514] alloc_chrdev_region: 245:0   ttyPS
[    1.329218] alloc_chrdev_region: 244:0   ttyLP
[    1.333992] misc_register: 10, 183 hw_random
[    1.344607] brd: module loaded
[    1.347680] misc_register: 10, 237 loop-control
[    1.357205] loop: module loaded
[    1.391267] ahci-qoriq 3200000.sata: AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl platform mode
[    1.400253] ahci-qoriq 3200000.sata: flags: 64bit ncq sntf pm clo only pmp fbs pio slum part ccc sds apst 
[    1.410624] scsi host0: ahci-qoriq
[    1.414188] ata1: SATA max UDMA/133 mmio [mem 0x03200000-0x0320ffff] port 0x100 irq 51
[    1.423297] fsl-quadspi 1550000.quadspi: mx25u3235f (4096 Kbytes)
[    1.429460] 11 ofpart partitions found on MTD device 1550000.quadspi
[    1.435829] Creating 11 MTD partitions on "1550000.quadspi":
[    1.441502] 0x000000000000-0x000000200000 : "NOR (RO) RCW + E-Hole + U-boot Image"
[    1.449718] 0x000000200000-0x000000210000 : "NOR (RW) U-Boot ENV"
[    1.456355] 0x000000210000-0x000000220000 : "NOR (RO) EMPTY Hole 1"
[    1.463180] 0x000000220000-0x000000240000 : "NOR (RW) FMAN UCODE"
[    1.469862] 0x000000240000-0x000000280000 : "NOR (RW) E-HOLE 2 or PPA"
[    1.476950] 0x000000280000-0x0000002a0000 : "NOR (RW) WG CFG0"
[    1.483339] 0x0000002a0000-0x0000002c0000 : "NOR (RW) WG CFG1"
[    1.489736] 0x0000002c0000-0x0000002e0000 : "NOR (RW) WG MFG"
[    1.496039] 0x0000002e0000-0x000000300000 : "NOR (RW) E-HOLE 3"
[    1.502525] 0x000000300000-0x000000320000 : "NOR (RW) FMAN UCODE Old"
[    1.509522] 0x000000320000-0x000000400000 : "NOR (RW) WG bootOpt Data & reserved"
[    1.518923] m25p80 spi0.0: unrecognized JEDEC id bytes: ff, ff, ff
[    1.526274] libphy: Fixed MDIO Bus: probed
[    1.531976] libphy: Freescale XGMAC MDIO Bus: probed
[    1.538471] libphy: Freescale XGMAC MDIO Bus: probed
[    1.544045] libphy: Freescale XGMAC MDIO Bus: probed
[    1.549347] libphy: Freescale XGMAC MDIO Bus: probed
[    1.554652] libphy: Freescale XGMAC MDIO Bus: probed
[    1.559945] libphy: Freescale XGMAC MDIO Bus: probed
[    1.565260] libphy: Freescale XGMAC MDIO Bus: probed
[    1.570565] libphy: Freescale XGMAC MDIO Bus: probed
[    1.575865] libphy: Freescale XGMAC MDIO Bus: probed
[    1.596703] Freescale FM module, FMD API version 21.1.0
[    1.605629] Freescale FM Ports module
[    1.609296] fsl_mac: fsl_mac: FSL FMan MAC API based driver
[    1.615252] fman_memac_init: IF_MODE    2
[    1.619535] fsl_mac 1ae0000.ethernet: FMan MEMAC
[    1.624167] fsl_mac 1ae0000.ethernet: FMan MAC address: 00:0b:6b:01:01:01
[    1.631129] fman_memac_init: IF_MODE    2
[    1.635400] fsl_mac 1ae2000.ethernet: FMan MEMAC
[    1.640029] fsl_mac 1ae2000.ethernet: FMan MAC address: 00:0b:6b:01:01:02
[    1.646991] fman_memac_init: IF_MODE 8006
[    1.651019] fsl_mac 1ae4000.ethernet: FMan MEMAC
[    1.655648] fsl_mac 1ae4000.ethernet: FMan MAC address: 00:0b:6b:01:01:03
[    1.662628] fman_memac_init: IF_MODE    2
[    1.666899] fsl_mac 1ae8000.ethernet: FMan MEMAC
[    1.671532] fsl_mac 1ae8000.ethernet: FMan MAC address: 00:0b:6b:01:01:05
[    1.678500] fman_memac_init: IF_MODE    2
[    1.682776] fsl_mac 1aea000.ethernet: FMan MEMAC
[    1.687406] fsl_mac 1aea000.ethernet: FMan MAC address: 00:0b:6b:01:01:06
[    1.694289] fsl_dpa: FSL DPAA Ethernet driver
[    1.704386] fsl_dpa soc:fsl,dpaa:ethernet@0: Skip RX PCD High Priority FQs initialization
[    1.717972] fsl_dpa: fsl_dpa: Probed interface eth0
[    1.723852] fsl_dpa soc:fsl,dpaa:ethernet@1: Skip RX PCD High Priority FQs initialization
[    1.737758] fsl_dpa: fsl_dpa: Probed interface eth1
[    1.743840] fsl_dpa soc:fsl,dpaa:ethernet@2: Skip RX PCD High Priority FQs initialization
[    1.758496] fsl_dpa: fsl_dpa: Probed interface eth2
[    1.763632] fsl_dpa soc:fsl,dpaa:ethernet@3: of_find_device_by_node(/soc/fman@1a00000/ethernet@e6000) failed
[    1.773512] fsl_dpa: probe of soc:fsl,dpaa:ethernet@3 failed with error -22
[    1.781733] fsl_dpa soc:fsl,dpaa:ethernet@4: Skip RX PCD High Priority FQs initialization
[    1.796278] fsl_dpa: fsl_dpa: Probed interface eth3
[    1.802726] fsl_dpa soc:fsl,dpaa:ethernet@5: Skip RX PCD High Priority FQs initialization
[    1.817728] fsl_dpa: fsl_dpa: Probed interface eth4
[    1.822876] fsl_dpa soc:fsl,dpaa:ethernet@8: of_find_device_by_node(/soc/fman@1a00000/ethernet@f0000) failed
[    1.832736] fsl_dpa: probe of soc:fsl,dpaa:ethernet@8 failed with error -22
[    1.839751] fsl_advanced: FSL DPAA Advanced drivers:
[    1.844723] fsl_proxy: FSL DPAA Proxy initialization driver
[    1.850593] fsl_oh: FSL FMan Offline Parsing port driver
[    1.856115] alloc_chrdev_region: 241:0   uio
[    1.863462] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[    1.870012] ehci-pci: EHCI PCI platform driver
[    1.874500] ehci-platform: EHCI generic platform driver
[    1.879965] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[    1.886167] ohci-pci: OHCI PCI platform driver
[    1.890656] ohci-platform: OHCI generic platform driver
[    1.896584] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.897637] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300)
[    1.902144] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 1
[    1.915971] ata1.00: ATA-10: M.2 (S42) 3ME4, L20420, max UDMA/133
[    1.916375] xhci-hcd xhci-hcd.0.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x0000000022010810
[    1.922098] ata1.00: 31277232 sectors, multi 1: LBA48 NCQ (depth 31/32)
[    1.931517] xhci-hcd xhci-hcd.0.auto: irq 48, io mem 0x02f00000
[    1.944448] hub 1-0:1.0: USB hub found
[    1.948233] ata1.00: configured for UDMA/133
[    1.948239] hub 1-0:1.0: 1 port detected
[    1.952876] scsi 0:0:0:0: Direct-Access     ATA      M.2 (S42) 3ME4   20   PQ: 0 ANSI: 5
[    1.956689] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.965098] sd 0:0:0:0: [sda] 31277232 512-byte logical blocks: (16.0 GB/14.9 GiB)
[    1.970051] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 2
[    1.977653] sd 0:0:0:0: [sda] Write Protect is off
[    1.985292] xhci-hcd xhci-hcd.0.auto: Host supports USB 3.0  SuperSpeed
[    1.990136] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    1.997091] hub 2-0:1.0: USB hub found
[    2.005849] sd 0:0:0:0: [sda] non-USB storage device detected
[    2.009532] hub 2-0:1.0: 1 port detected
[    2.015744] sd 0:0:0:0: [sda] non-USB storage device detected
[    2.019510] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    2.030479] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 3
[    2.038552]  sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 >
[    2.038677] xhci-hcd xhci-hcd.1.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x0000000022010810
[    2.044951] sd 0:0:0:0: [sda] non-USB storage device detected
[    2.053326] xhci-hcd xhci-hcd.1.auto: irq 49, io mem 0x03000000
[    2.059045] sd 0:0:0:0: [sda] Attached SCSI disk
[    2.069990] hub 3-0:1.0: USB hub found
[    2.073766] hub 3-0:1.0: 1 port detected
[    2.077929] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    2.083432] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 4
[    2.091106] xhci-hcd xhci-hcd.1.auto: Host supports USB 3.0  SuperSpeed
[    2.098103] hub 4-0:1.0: USB hub found
[    2.101877] hub 4-0:1.0: 1 port detected
[    2.106107] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    2.111615] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 5
[    2.119710] xhci-hcd xhci-hcd.2.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x0000000022010810
[    2.129146] xhci-hcd xhci-hcd.2.auto: irq 50, io mem 0x03100000
[    2.135419] hub 5-0:1.0: USB hub found
[    2.139194] hub 5-0:1.0: 1 port detected
[    2.143355] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    2.148859] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 6
[    2.156536] xhci-hcd xhci-hcd.2.auto: Host supports USB 3.0  SuperSpeed
[    2.163524] hub 6-0:1.0: USB hub found
[    2.167302] hub 6-0:1.0: 1 port detected
(snip for OpenWrt forum character limit)
[   27.579177] Done.

WatchGuard-XTM login:

DM me if you want the full bootlog, I cannot post it here due to character limits.

hmartin · September 7, 2025, 8:45am

WatchGuard T45 stock bootlog:

U-Boot 2018.09 (Jul 20 2022 - 02:38:54 -0700)

SoC:  LS1043AE Rev1.1 (0x87920011)
Clock Configuration:
       CPU0(A53):1600 MHz  CPU1(A53):1600 MHz  CPU2(A53):1600 MHz  
       CPU3(A53):1600 MHz  
       Bus:      300  MHz  DDR:      1600 MT/s  FMAN:     500  MHz
Reset Configuration Word (RCW):
       00000000: 06100010 0a000000 00000000 00000000
       00000010: 45580002 00000012 40044000 c1002000
       00000020: 00000000 00000000 00000000 00036ffd
       00000030: 20044104 04183208 00000096 00000001
Model: LS1043A QDS Board - T40/T20
Board: LS1043AQDS, boot from vBank: 0
I2C:   ready
DRAM:  Initializing DDR...(ddr_raw_timing.tckmax_ps = 1500, ddr_raw_timing.tccdl_ps = 6250)
Detected UDIMM Fixed DDR4 on board
3.9 GiB (DDR4, 32-bit, CL=11, ECC off)
Using SERDES1 Protocol: 17752 (0x4558)
SEC Firmware: Bad firmware image (not a FIT image)
AW-XM458MA-PUR: Reset AW-XM458MA-PUR to fix wifi crash when soft reboot
SF: Detected mx25u3232f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
device 0 offset 0x280018, size 0xd
SF: 13 bytes @ 0x280018 Read: OK
Waking secondary cores to start from fbd36000
All (4) cores are up.
MMC:   FSL_SDHC: 0
Loading Environment from SPI Flash... OK
In:    serial
Out:   serial
Err:   serial
Net:   SF: Detected mx25u3232f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
Fman1: Uploading microcode version 108.4.9
PCIe0: pcie@3400000 Root Complex: no link
PCIe1: pcie@3500000 Root Complex: no link
PCIe2: pcie@3600000 disabled
FM1@DTSEC1 [PRIME], FM1@DTSEC2, FM1@DTSEC3, FM1@DTSEC5, FM1@DTSEC6
### main_loop entered: bootdelay=3

### main_loop: bootcmd="run wgBootSysA"
WatchGuard U-Boot 2018.09 - Jul 20 2022 02:38:54--------------------------------------------------------------------------||||||||||||||||||||||||-------------------------------------------------------------------------++++Use the ^ and v keys to select which entry is highlighted.Press enter to boot the selected OS.WatchGuard (SYSA)                                                     WatchGuard (SYSB Recovery/Diagnostic Mode)                            Hit any key to stop autoboot:  3  2  1  0 Booting SYSA
scanning bus for devices...
Target spinup took 0 ms.
AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc apst 
  Device 0: (0:0) Vendor: ATA Prod.: SQF-SM4V1-16GCBK Rev: SBFM
            Type: Hard Disk
            Capacity: 15272.0 MB = 14.9 GB (31277232 x 512)
8567880 bytes read in 184 ms (44.4 MiB/s)
## Loading kernel from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'kernel@1' kernel subimage
     Description:  WatchGuard Kernel
     Created:      2023-09-06  20:24:32 UTC
     Type:         Kernel Image
     Compression:  gzip compressed
     Data Start:   0x820000cc
     Data Size:    8532540 Bytes = 8.1 MiB
     Architecture: AArch64
     OS:           Linux
     Load Address: 0x80080000
     Entry Point:  0x80080000
     Hash algo:    crc32
     Hash value:   4b21aeeb
     Hash algo:    sha1
     Hash value:   2f1e230dcfd51ca606e7bfd1a875ec684581b49c
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Loading fdt from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'fdt@1' fdt subimage
     Description:  Flattened Device Tree blob
     Created:      2023-09-06  20:24:32 UTC
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x82823434
     Data Size:    33994 Bytes = 33.2 KiB
     Architecture: AArch64
     Load Address: 0x90000000
     Hash algo:    crc32
     Hash value:   947f12b0
     Hash algo:    sha1
     Hash value:   4ab707448875b9f6013a14b7e49c6c4f559468d3
   Verifying Hash Integrity ... crc32+ sha1+ OK
   Loading fdt from 0x82823434 to 0x90000000
   Booting using the fdt blob at 0x90000000
   Uncompressing Kernel Image ... OK
   Using Device Tree in place at 0000000090000000, end 000000009001b4c9
WARNING: SEC firmware not running, no kaslr-seed
WARNING failed to get smmu node: FDT_ERR_NOTFOUND
WARNING failed to get smmu node: FDT_ERR_NOTFOUND

Starting kernel ...

[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 4.14.140 (release@cmrb05) (gcc version 6.5.0 (crosstool-NG 1.23.0.580-eb72b4e)) #1 SMP PREEMPT Wed Sep 6 13:14:31 PDT 2023
[    0.000000] Boot CPU: AArch64 Processor [410fd034]
[    0.000000] Machine model: LS1043A RDB Board - T40
[    0.000000] earlycon: uart8250 at MMIO 0x00000000021c0500 (options '')
[    0.000000] bootconsole [uart8250] enabled
[    0.000000] efi: Getting EFI parameters from FDT:
[    0.000000] efi: UEFI not found.
[    0.000000] crashkernel reserved: 0x00000008fc800000 - 0x0000000900000000 (56 MB)
[    0.000000] OF: reserved mem: initialized node qman-fqd, compatible id fsl,qman-fqd
[    0.000000] OF: reserved mem: initialized node qman-pfdr, compatible id fsl,qman-pfdr
[    0.000000] OF: reserved mem: initialized node bman-fbpr, compatible id fsl,bman-fbpr
[    0.000000] cma: Reserved 16 MiB at 0x00000000fac00000
[    0.000000] NUMA: No NUMA configuration found
[    0.000000] NUMA: Faking a node at [mem 0x0000000000000000-0x00000008ffffffff]
[    0.000000] NUMA: NODE_DATA [mem 0x8fc3a2d00-0x8fc3a44bf]
[    0.000000] Zone ranges:
[    0.000000]   DMA      [mem 0x0000000080000000-0x00000000ffffffff]
[    0.000000]   Normal   [mem 0x0000000100000000-0x00000008ffffffff]
[    0.000000] Movable zone start for each node
[    0.000000] Early memory node ranges
[    0.000000]   node   0: [mem 0x0000000080000000-0x00000000fbdfffff]
[    0.000000]   node   0: [mem 0x0000000880000000-0x00000008f8ffffff]
[    0.000000]   node   0: [mem 0x00000008fc000000-0x00000008fc3fffff]
[    0.000000]   node   0: [mem 0x00000008fc800000-0x00000008ffffffff]
[    0.000000] Initmem setup node 0 [mem 0x0000000080000000-0x00000008ffffffff]
[    0.000000] percpu: Embedded 22 pages/cpu s50008 r8192 d31912 u90112
[    0.000000] Detected VIPT I-cache on CPU0
[    0.000000] CPU features: enabling workaround for ARM erratum 845719
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 1002192
[    0.000000] Policy zone: Normal
[    0.000000] Kernel command line: root=/dev/sda3 rw console=ttyS0,115200 earlycon=uart8250,mmio,0x21c0500
[    0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
[    0.000000] software IO TLB: mapped [mem 0xf6c00000-0xfac00000] (64MB)
[    0.000000] Memory: 3850456K/4073472K available (9148K kernel code, 670K rwdata, 3408K rodata, 2752K init, 883K bss, 206632K reserved, 16384K cma-reserved)
[    0.000000] Virtual kernel memory layout:
[    0.000000]     modules : 0xffff000000000000 - 0xffff000008000000   (   128 MB)
[    0.000000]     vmalloc : 0xffff000008000000 - 0xffff7dffbfff0000   (129022 GB)
[    0.000000]       .text : 0xffff000008080000 - 0xffff000008970000   (  9152 KB)
[    0.000000]     .rodata : 0xffff000008970000 - 0xffff000008cd0000   (  3456 KB)
[    0.000000]       .init : 0xffff000008cd0000 - 0xffff000008f80000   (  2752 KB)
[    0.000000]       .data : 0xffff000008f80000 - 0xffff000009027a00   (   671 KB)
[    0.000000]        .bss : 0xffff000009027a00 - 0xffff0000091047c0   (   884 KB)
[    0.000000]     fixed   : 0xffff7dfffe7fb000 - 0xffff7dfffec00000   (  4116 KB)
[    0.000000]     PCI I/O : 0xffff7dfffee00000 - 0xffff7dffffe00000   (    16 MB)
[    0.000000]     vmemmap : 0xffff7e0000000000 - 0xffff800000000000   (  2048 GB maximum)
[    0.000000]               0xffff7e0000000000 - 0xffff7e0022000000   (   544 MB actual)
[    0.000000]     memory  : 0xffff800000000000 - 0xffff800880000000   ( 34816 MB)
[    0.000000] Preemptible hierarchical RCU implementation.
[    0.000000] 	RCU event tracing is enabled.
[    0.000000] 	RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=4.
[    0.000000] 	Tasks RCU enabled.
[    0.000000] RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4
[    0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
[    0.000000] GIC: Adjusting CPU interface base to 0x000000000142f000
[    0.000000] GIC: Using split EOI/Deactivate mode
[    0.000000] arch_timer: Enabling global workaround for Freescale erratum a005858
[    0.000000] arch_timer: CPU0: Trapping CNTVCT access
[    0.000000] arch_timer: cp15 timer(s) running at 25.00MHz (phys).
[    0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x5c40939b5, max_idle_ns: 440795202646 ns
[    0.000003] sched_clock: 56 bits at 25MHz, resolution 40ns, wraps every 4398046511100ns
[    0.008500] Console: colour dummy device 80x25
[    0.013012] Calibrating delay loop (skipped), value calculated using timer frequency.. 50.00 BogoMIPS (lpj=100000)
[    0.023435] pid_max: default: 32768 minimum: 301
[    0.028156] Security Framework initialized
[    0.033612] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes)
[    0.041546] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes)
[    0.048666] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes)
[    0.055434] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes)
[    0.078657] ASID allocator initialised with 32768 entries
[    0.092107] Hierarchical SRCU implementation.
[    0.104516]  WG CPU Model 1043 Count 4
[    0.108282]  WG CRASH MIN RESERVE   56 MB
[    0.112314] 
[    0.112314] wg_kernel_init: Built Sep  6 2023 12:50:36
[    0.119198] EFI services will not be available.
[    0.131770] smp: Bringing up secondary CPUs ...
[    0.164416] Detected VIPT I-cache on CPU1
[    0.164443] arch_timer: CPU1: Trapping CNTVCT access
[    0.164447] CPU1: Booted secondary processor [410fd034]
[    0.192436] Detected VIPT I-cache on CPU2
[    0.192450] arch_timer: CPU2: Trapping CNTVCT access
[    0.192453] CPU2: Booted secondary processor [410fd034]
[    0.220470] Detected VIPT I-cache on CPU3
[    0.220484] arch_timer: CPU3: Trapping CNTVCT access
[    0.220487] CPU3: Booted secondary processor [410fd034]
[    0.220524] smp: Brought up 1 node, 4 CPUs
[    0.267485] SMP: Total of 4 processors activated.
[    0.272219] CPU features: detected feature: 32-bit EL0 Support
[    0.278094] CPU features: detected feature: Kernel page table isolation (KPTI)
[    0.294093] CPU: All CPU(s) started at EL2
[    0.298221] alternatives: patching kernel code
[    0.307172] random: get_random_u32 called from bucket_table_alloc+0xf8/0x280 with crng_init=0
[    0.315950] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[    0.325774] futex hash table entries: 1024 (order: 4, 65536 bytes)
[    0.332484] alloc_chrdev_region: 254:0   gpiochip
[    0.337673] DMI not present or invalid.
[    0.341703] NET: Registered protocol family 16
[    0.346449] alloc_chrdev_region: 253:0   fsl_mc_bus
[    0.351923] cpuidle: using governor menu
[    0.355954] Bman ver:0a02,02,01
[    0.360834] qman-fqd addr 0x00000008fc400000 size 0x400000
[    0.366374] qman-pfdr addr 0x00000008fa000000 size 0x2000000
[    0.372076] Qman ver:0a01,03,02,00
[    0.375578] vdso: 2 pages (1 code @ ffff000008977000, 1 data @ ffff000008f85000)
[    0.383050] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
[    0.390478] DMA: preallocated 256 KiB pool for atomic allocations
[    0.396701] Serial: AMBA PL011 UART driver
[    0.401541] Machine: LS1043A RDB Board - T40
[    0.405842] SoC family: QorIQ LS1043A
[    0.409519] SoC ID: svr:0x87920011, Revision: 1.1
[    0.430813] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[    0.438436] ACPI: Interpreter disabled.
[    0.444139] alloc_chrdev_region: 252:0   tpm
[    0.448951] misc_register: 10,  63 vga_arbiter
[    0.453585] vgaarb: loaded
[    0.456500] SCSI subsystem initialized
[    0.460593] usbcore: registered new interface driver usbfs
[    0.466145] usbcore: registered new interface driver hub
[    0.471578] usbcore: registered new device driver usb
[    0.476735] alloc_chrdev_region: 251:0   rtc
[    0.481645] i2c i2c-0: IMX I2C adapter registered
[    0.486564] alloc_chrdev_region: 250:0   pps
[    0.490860] pps_core: LinuxPPS API ver. 1 registered
[    0.495869] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    0.505077] alloc_chrdev_region: 249:0   ptp
[    0.509374] PTP clock support registered
[    0.513393] dmi: Firmware registration failed.
[    0.517911] bman-fbpr addr 0x00000008f9000000 size 0x1000000
[    0.523633] Bman err interrupt handler present
[    0.528561] Bman portal initialised, cpu 0
[    0.532747] Bman portal initialised, cpu 1
[    0.536936] Bman portal initialised, cpu 2
[    0.541126] Bman portal initialised, cpu 3
[    0.545248] Bman portals initialised
[    0.550023] Qman err interrupt handler present
[    0.554707] QMan: Allocated lookup table at ffff00000a855000, entry count 65537
[    0.562461] Qman portal initialised, cpu 0
[    0.566642] Qman portal initialised, cpu 1
[    0.570821] Qman portal initialised, cpu 2
[    0.574999] Qman portal initialised, cpu 3
[    0.579119] Qman portals initialised
[    0.582782] Bman: BPID allocator includes range 32:32
[    0.587920] Qman: FQID allocator includes range 256:256
[    0.593179] Qman: FQID allocator includes range 32768:32768
[    0.598838] Qman: CGRID allocator includes range 0:256
[    0.604163] Qman: pool channel allocator includes range 1025:15
[    0.610209] No USDPAA memory, no 'fsl,usdpaa-mem' in device-tree
[    0.616285] fsl-ifc 1530000.ifc: Freescale Integrated Flash Controller
[    0.622866] fsl-ifc 1530000.ifc: IFC version 1.4, 8 banks
[    0.628483] alloc_chrdev_region: 248:0   iio
[    0.632844] Advanced Linux Sound Architecture Driver Initialized.
[    0.639224] @@ sa_size: 4, cpu_idxb: 2, tun_cpu_start: 2
[    0.644705] alloc_chrdev_region: 247:0   watchdog
[    0.649538] clocksource: Switched to clocksource arch_sys_counter
[    0.655856] pnp: PnP ACPI: disabled
[    0.662613] NET: Registered protocol family 2
[    0.667387] TCP established hash table entries: 32768 (order: 6, 262144 bytes)
[    0.674866] TCP bind hash table entries: 32768 (order: 7, 524288 bytes)
[    0.681918] TCP: Hash tables configured (established 32768 bind 32768)
[    0.688576] UDP hash table entries: 2048 (order: 4, 65536 bytes)
[    0.694685] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes)
[    0.701309] NET: Registered protocol family 1
[    0.758225] hw perfevents: enabled with armv8_pmuv3 PMU driver, 7 counters available
[    0.770128] misc_register: 10, 231 snapshot
[    0.774966] audit: initializing netlink subsys (disabled)
[    0.780470] audit: type=2000 audit(0.704:1): state=initialized audit_enabled=0 res=1
[    0.780722] workingset: timestamp_bits=44 max_order=20 bucket_order=0
[    0.795122] squashfs: version 4.0 (2009/01/31) Phillip Lougher
[    0.801042] 9p: Installing v9fs 9p2000 file system support
[    0.806604] ceph: loaded (mds proto 32)
[    0.921967] alloc_chrdev_region: 246:0   bsg
[    0.926272] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 246)
[    0.933792] io scheduler noop registered
[    0.937765] io scheduler cfq registered (default)
[    0.942503] io scheduler mq-deadline registered
[    0.947064] io scheduler kyber registered
[    0.953229] OF: PCI: host bridge /soc/pcie@3400000 ranges:
[    0.958768] OF: PCI:    IO 0x4000010000..0x400001ffff -> 0x00000000
[    0.965082] OF: PCI:   MEM 0x4040000000..0x407fffffff -> 0x40000000
[    0.971523] layerscape-pcie 3400000.pcie: PCI host bridge to bus 0000:00
[    0.978274] pci_bus 0000:00: root bus resource [bus 00-ff]
[    0.983799] pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
[    0.990022] pci_bus 0000:00: root bus resource [mem 0x4040000000-0x407fffffff] (bus address [0x40000000-0x7fffffff])
[    1.000874] pci 0000:00:00.0: BAR 6: assigned [mem 0x4040000000-0x40400007ff pref]
[    1.008500] pci 0000:00:00.0: PCI bridge to [bus 01-ff]
[    1.013913] pcieport 0000:00:00.0: Signaling PME with IRQ 69
[    1.019689] pcieport 0000:00:00.0: AER enabled with IRQ 70
[    1.025311] OF: PCI: host bridge /soc/pcie@3500000 ranges:
[    1.030839] OF: PCI:    IO 0x4800010000..0x480001ffff -> 0x00000000
[    1.037154] OF: PCI:   MEM 0x4840000000..0x487fffffff -> 0x40000000
[    1.043558] layerscape-pcie 3500000.pcie: PCI host bridge to bus 0001:00
[    1.050310] pci_bus 0001:00: root bus resource [bus 00-ff]
[    1.055833] pci_bus 0001:00: root bus resource [io  0x10000-0x1ffff] (bus address [0x0000-0xffff])
[    1.064857] pci_bus 0001:00: root bus resource [mem 0x4840000000-0x487fffffff] (bus address [0x40000000-0x7fffffff])
[    1.075671] pci 0001:00:00.0: BAR 6: assigned [mem 0x4840000000-0x48400007ff pref]
[    1.083300] pci 0001:00:00.0: PCI bridge to [bus 01-ff]
[    1.088679] pcieport 0001:00:00.0: Signaling PME with IRQ 71
[    1.094453] pcieport 0001:00:00.0: AER enabled with IRQ 72
[    1.101619] Freescale LS2 console driver
[    1.105570] misc_register: 10,  62 fsl_mc_console
[    1.110349] fsl-ls2-console: device fsl_mc_console registered
[    1.116133] misc_register: 10,  61 fsl_aiop_console
[    1.121076] fsl-ls2-console: device fsl_aiop_console registered
[    1.128811] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[    1.136092] console [ttyS0] disabled
[    1.139723] 21c0500.serial: ttyS0 at MMIO 0x21c0500 (irq = 39, base_baud = 18750000) is a 16550A
[    1.148594] console [ttyS0] enabled
[    1.148594] console [ttyS0] enabled
[    1.155584] bootconsole [uart8250] disabled
[    1.155584] bootconsole [uart8250] disabled
[    1.164177] 21c0600.serial: ttyS1 at MMIO 0x21c0600 (irq = 39, base_baud = 18750000) is a 16550A
[    1.173152] 21d0500.serial: ttyS2 at MMIO 0x21d0500 (irq = 40, base_baud = 18750000) is a 16550A
[    1.182132] 21d0600.serial: ttyS3 at MMIO 0x21d0600 (irq = 40, base_baud = 18750000) is a 16550A
[    1.191272] alloc_chrdev_region: 245:0   ttyPS
[    1.195889] alloc_chrdev_region: 244:0   ttyLP
[    1.200550] misc_register: 10, 183 hw_random
[    1.209345] brd: module loaded
[    1.212411] misc_register: 10, 237 loop-control
[    1.220603] loop: module loaded
[    1.254232] ahci-qoriq 3200000.sata: AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl platform mode
[    1.263208] ahci-qoriq 3200000.sata: flags: 64bit ncq sntf pm clo only pmp fbs pio slum part ccc sds apst 
[    1.273394] scsi host0: ahci-qoriq
[    1.276934] ata1: SATA max UDMA/133 mmio [mem 0x03200000-0x0320ffff] port 0x100 irq 51
[    1.285662] fsl-quadspi 1550000.quadspi: mx25u3235f (4096 Kbytes)
[    1.291789] 11 ofpart partitions found on MTD device 1550000.quadspi
[    1.298150] Creating 11 MTD partitions on "1550000.quadspi":
[    1.303819] 0x000000000000-0x000000200000 : "NOR (RO) RCW + E-Hole + U-boot Image"
[    1.311839] 0x000000200000-0x000000210000 : "NOR (RW) U-Boot ENV"
[    1.318314] 0x000000210000-0x000000220000 : "NOR (RO) EMPTY Hole 1"
[    1.324961] 0x000000220000-0x000000240000 : "NOR (RW) FMAN UCODE"
[    1.331447] 0x000000240000-0x000000280000 : "NOR (RW) E-HOLE 2 or PPA"
[    1.338349] 0x000000280000-0x0000002a0000 : "NOR (RW) WG CFG0"
[    1.344561] 0x0000002a0000-0x0000002c0000 : "NOR (RW) WG CFG1"
[    1.350764] 0x0000002c0000-0x0000002e0000 : "NOR (RW) WG MFG"
[    1.356889] 0x0000002e0000-0x000000300000 : "NOR (RW) E-HOLE 3"
[    1.363186] 0x000000300000-0x000000320000 : "NOR (RW) FMAN UCODE Old"
[    1.370005] 0x000000320000-0x000000400000 : "NOR (RW) WG bootOpt Data & reserved"
[    1.378901] m25p80 spi0.0: unrecognized JEDEC id bytes: ff, ff, ff
[    1.385902] libphy: Fixed MDIO Bus: probed
[    1.391153] libphy: Freescale XGMAC MDIO Bus: probed
[    1.396798] libphy: Freescale XGMAC MDIO Bus: probed
[    1.401995] libphy: Freescale XGMAC MDIO Bus: probed
[    1.407191] libphy: Freescale XGMAC MDIO Bus: probed
[    1.412473] libphy: Freescale XGMAC MDIO Bus: probed
[    1.417688] libphy: Freescale XGMAC MDIO Bus: probed
[    1.422889] libphy: Freescale XGMAC MDIO Bus: probed
[    1.428082] libphy: Freescale XGMAC MDIO Bus: probed
[    1.433280] libphy: Freescale XGMAC MDIO Bus: probed
[    1.453639] Freescale FM module, FMD API version 21.1.0
[    1.461421] Freescale FM Ports module
[    1.465092] fsl_mac: fsl_mac: FSL FMan MAC API based driver
[    1.470941] fman_memac_init: IF_MODE    2
[    1.475218] fsl_mac 1ae0000.ethernet: FMan MEMAC
[    1.479844] fsl_mac 1ae0000.ethernet: FMan MAC address: 00:0b:6b:01:01:01
[    1.486743] fman_memac_init: IF_MODE    2
[    1.491020] fsl_mac 1ae2000.ethernet: FMan MEMAC
[    1.495649] fsl_mac 1ae2000.ethernet: FMan MAC address: 00:0b:6b:01:01:02
[    1.502554] fman_memac_init: IF_MODE 8006
[    1.506569] fsl_mac 1ae4000.ethernet: FMan MEMAC
[    1.511191] fsl_mac 1ae4000.ethernet: FMan MAC address: 00:0b:6b:01:01:03
[    1.518102] fman_memac_init: IF_MODE    2
[    1.522381] fsl_mac 1ae8000.ethernet: FMan MEMAC
[    1.527004] fsl_mac 1ae8000.ethernet: FMan MAC address: 00:0b:6b:01:01:05
[    1.533911] fman_memac_init: IF_MODE    2
[    1.538187] fsl_mac 1aea000.ethernet: FMan MEMAC
[    1.542810] fsl_mac 1aea000.ethernet: FMan MAC address: 00:0b:6b:01:01:06
[    1.549661] fsl_dpa: FSL DPAA Ethernet driver
[    1.558185] fsl_dpa soc:fsl,dpaa:ethernet@0: Skip RX PCD High Priority FQs initialization
[    1.570383] fsl_dpa: fsl_dpa: Probed interface eth0
[    1.576029] fsl_dpa soc:fsl,dpaa:ethernet@1: Skip RX PCD High Priority FQs initialization
[    1.588219] fsl_dpa: fsl_dpa: Probed interface eth1
[    1.594005] fsl_dpa soc:fsl,dpaa:ethernet@2: Skip RX PCD High Priority FQs initialization
[    1.606719] fsl_dpa: fsl_dpa: Probed interface eth2
[    1.611826] fsl_dpa soc:fsl,dpaa:ethernet@3: of_find_device_by_node(/soc/fman@1a00000/ethernet@e6000) failed
[    1.621715] fsl_dpa: probe of soc:fsl,dpaa:ethernet@3 failed with error -22
[    1.629583] fsl_dpa soc:fsl,dpaa:ethernet@4: Skip RX PCD High Priority FQs initialization
[    1.642460] fsl_dpa: fsl_dpa: Probed interface eth3
[    1.648499] fsl_dpa soc:fsl,dpaa:ethernet@5: Skip RX PCD High Priority FQs initialization
[    1.661528] fsl_dpa: fsl_dpa: Probed interface eth4
[    1.666645] fsl_dpa soc:fsl,dpaa:ethernet@8: of_find_device_by_node(/soc/fman@1a00000/ethernet@f0000) failed
[    1.676528] fsl_dpa: probe of soc:fsl,dpaa:ethernet@8 failed with error -22
[    1.683527] fsl_advanced: FSL DPAA Advanced drivers:
[    1.688497] fsl_proxy: FSL DPAA Proxy initialization driver
[    1.694343] fsl_oh: FSL FMan Offline Parsing port driver
[    1.699786] alloc_chrdev_region: 241:0   uio
[    1.706258] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[    1.712803] ehci-pci: EHCI PCI platform driver
[    1.717272] ehci-platform: EHCI generic platform driver
[    1.722647] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[    1.728838] ohci-pci: OHCI PCI platform driver
[    1.733308] ohci-platform: OHCI generic platform driver
[    1.738991] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.744494] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 1
[    1.752450] xhci-hcd xhci-hcd.0.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x0000000022010810
[    1.761887] xhci-hcd xhci-hcd.0.auto: irq 48, io mem 0x02f00000
[    1.768103] hub 1-0:1.0: USB hub found
[    1.769559] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300)
[    1.771869] hub 1-0:1.0: 1 port detected
[    1.778299] ata1.00: ATA-11: SQF-SM4V1-16GCBKG, SBFMK613, max UDMA/133
[    1.782135] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.788485] ata1.00: 31277232 sectors, multi 16: LBA48 NCQ (depth 31/32)
[    1.788578] ata1.00: configured for UDMA/133
[    1.793979] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 2
[    1.793988] xhci-hcd xhci-hcd.0.auto: Host supports USB 3.0  SuperSpeed
[    1.794248] hub 2-0:1.0: USB hub found
[    1.800973] scsi 0:0:0:0: Direct-Access     ATA      SQF-SM4V1-16GCBK K613 PQ: 0 ANSI: 5
[    1.804979] hub 2-0:1.0: 1 port detected
[    1.813018] sd 0:0:0:0: [sda] 31277232 512-byte logical blocks: (16.0 GB/14.9 GiB)
[    1.819470] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    1.823022] sd 0:0:0:0: [sda] Write Protect is off
[    1.831110] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 3
[    1.842887] xhci-hcd xhci-hcd.1.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x0000000022010810
[    1.848116] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    1.852906] xhci-hcd xhci-hcd.1.auto: irq 49, io mem 0x03000000
[    1.860604] sd 0:0:0:0: [sda] non-USB storage device detected
[    1.870170] hub 3-0:1.0: USB hub found
[    1.879313] sd 0:0:0:0: [sda] non-USB storage device detected
[    1.884929] hub 3-0:1.0: 1 port detected
[    1.891798]  sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 >
[    1.894662] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    1.900996] sd 0:0:0:0: [sda] non-USB storage device detected
[    1.904106] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 4
[    1.909418] sd 0:0:0:0: [sda] Attached SCSI disk
[    1.914909] xhci-hcd xhci-hcd.1.auto: Host supports USB 3.0  SuperSpeed
[    1.939834] hub 4-0:1.0: USB hub found
[    1.943598] hub 4-0:1.0: 1 port detected
[    1.947737] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    1.953234] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 5
[    1.961217] xhci-hcd xhci-hcd.2.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x0000000022010810
[    1.970655] xhci-hcd xhci-hcd.2.auto: irq 50, io mem 0x03100000
[    1.976805] hub 5-0:1.0: USB hub found
[    1.980571] hub 5-0:1.0: 1 port detected
[    1.984645] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    1.990142] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 6
[    1.997808] xhci-hcd xhci-hcd.2.auto: Host supports USB 3.0  SuperSpeed
[    2.004677] hub 6-0:1.0: USB hub found
[    2.008439] hub 6-0:1.0: 1 port detected
[    2.012631] usbcore: registered new interface driver usbserial
[    2.018489] usbcore: registered new interface driver usbserial_generic
[    2.025040] usbserial: USB Serial support registered for generic
[    2.031072] usbcore: registered new interface driver pl2303
[    2.036668] usbserial: USB Serial support registered for pl2303
[    2.044177] misc_register: 10,   1 psaux
[    2.048141] mousedev: PS/2 mouse device common for all mice
[    2.054281] ftm-alarm 29d0000.timer: registered as rtc1
[    2.066760] rtc-s35390a 0-0030: rtc core: registered rtc-s35390a as rtc0
[    2.073602] i2c /dev entries driver
[    2.077499] IR NEC protocol handler initialized
[    2.082048] IR RC5(x/sz) protocol handler initialized
[    2.087153] IR RC6 protocol handler initialized
[    2.091686] IR JVC protocol handler initialized
[    2.096220] IR Sony protocol handler initialized
[    2.100838] IR SANYO protocol handler initialized
[    2.105543] IR Sharp protocol handler initialized
[    2.110247] IR MCE Keyboard/mouse protocol handler initialized
[    2.116116] IR XMP protocol handler initialized
[    2.120805] ptp_qoriq: device tree node missing required elements, try automatic configuration
[    2.129560] pps pps0: new PPS source ptp0
[    2.134507] misc_register: 10, 130 watchdog
[    2.138784] imx2-wdt 2ad0000.wdog: timeout 60 sec (nowayout=0)
[    2.144705] CPUidle arm: CPU 0 failed to init idle CPU ops
[    2.150398] sdhci: Secure Digital Host Controller Interface driver
[    2.156584] sdhci: Copyright(c) Pierre Ossman
[    2.161069] Synopsys Designware Multimedia Card Interface Driver
[    2.167516] sdhci-pltfm: SDHCI platform and OF driver helper
[    2.213569] mmc0: SDHCI controller on 1560000.esdhc [1560000.esdhc] using ADMA 64-bit
[    2.222859] ledtrig-cpu: registered to indicate activity on CPUs
[    2.229199] usbcore: registered new interface driver usbhid
[    2.234779] usbhid: USB HID core driver
[    2.238643] DPAA2-ETH: debugfs created
[    2.243041] Freescale USDPAA process driver
[    2.247228] fsl-usdpaa: no region found
[    2.251065] Freescale USDPAA process IRQ driver
[    2.255598] misc_register: 10,  60 fsl-usdpaa-irq
[    2.261214] Initializing XFRM netlink socket
[    2.265577] NET: Registered protocol family 10
[    2.270665] Segment Routing with IPv6
[    2.274368] ip6_tables: (C) 2000-2006 Netfilter Core Team
[    2.279770] NET: Registered protocol family 17
[    2.284222] NET: Registered protocol family 15
[    2.288679] 9pnet: Installing 9P2000 support
[    2.292987] Key type ceph registered
[    2.296629] libceph: loaded (mon/osd proto 15/24)
[    2.301417] misc_register: 10,  59 cpu_dma_latency
[    2.306263] misc_register: 10,  58 network_latency
[    2.311095] misc_register: 10,  57 network_throughput
[    2.316190] misc_register: 10,  56 memory_bandwidth
[    2.321132] registered taskstats version 1
[    2.327592] rtc-s35390a 0-0030: setting system clock to 2025-06-12 19:10:30 UTC (1749755430)
(snip for OpenWrt forum character limit)
[   23.089083] Done.

DM me if you want the full bootlog, I cannot post it here due to character limits.

I have tried modifying the OpenWrt layerscape target and building an .itb based on the ls1043a-rdb device tree, but unfortunately there is no output from the kernel after U-Boot jumps to it:

WARNING: SEC firmware not running, no kaslr-seed
WARNING failed to get smmu node: FDT_ERR_NOTFOUND
WARNING failed to get smmu node: FDT_ERR_NOTFOUND

Starting kernel ...

There are other devices that have the ls1043a (as mentioned previously, the Meraki MX67 is one) that also boot from a FIT image, so having support in OpenWrt for this will be necessary eventually.

Have you made any progress on this? It doesn’t matter if they’re polished or not. I have the devices and can clean things up if needed.

Also, I have the U-Boot source code from WatchGuard, I’ll throw it up on GitHub when I have a moment.

Shine · September 7, 2025, 9:36am

I found them with Google, I’m not hanging around in the IRC channel myself. So no link, unfortunately, but you should be able to have success with a few Google searches.

I have a T20 and T40, too, by now (not a T45, though), but they’re just lying around gathering dust, I haven’t had time yet to play around with them.

My next Watchguard project was supposed to be reverse engineering the stock firmware format. Since most (all?) T10/T15/T20/T40 have been shipped with a quite old recovery firmware that doesn’t reject unsigned upgrade images, it should be possible to create an OpenWrt factory image. Then it won’t be necessary to mess with the hardware to get OpenWrt installed, which is, I reckon, a blocking point for most potential users. The project is currently stalled (again), though, due to lack of time.

If you are progressing with your efforts of getting OpenWrt to run on T20/T40, I can offer testing, though. I also have the ability to dump/overwrite the NOR, if need be.

P.S. Regarding the kernel not starting, on the T10/T15 I experienced the same, and I could work around it by using a gzip-compressed FIT image (ie. had to double-compress it, since the kernel already needed to be compressed in the first place due to max. load size constraints in these devices’ U-Boot). But T10/T15 is PPC architecture, so that might not apply here - just for completeness’ sake. See issue report #16725 and PR#16776

hmartin · September 7, 2025, 12:43pm

I wasn’t able to find any IRC logs from “neg2led” talking about the T20, but I’ll spend more time looking.

Stock device tree for the T20/T40 from the WatchGuard firmware is here: https://drive.google.com/file/d/1XCjCHpfurd_Em1xg37oywW6GXrFDw7H7/view?usp=sharing

As far as I can tell, it is pretty much the stock ls1043a-rdbdevice tree from upstream: https://github.com/torvalds/linux/blob/master/arch/arm64/boot/dts/freescale/fsl-ls1043a-rdb.dts

But I haven’t tried the QDS device tree yet, maybe that’s worth a shot. (edit: nope)

As you can see from the bootlog above, the T45 is just a T40 with a higher clocked LS1043A (T45: 1.6GHz, T40: 1.0GHz). The Ethernet PHY on the T45 is the RTL8128E, which might be different than the T40, the PHY is under a heatsink that I haven’t yet dared to pry off.

Just a word of caution (maybe you already know), the NOR flash on the T20/T40/T45 is 1.8V, not 3.3V.

I don’t think that’s the issue here. The FIT image from WatchGuard’s firmware is uncompressed:

Created:         Fri Apr 28 03:47:54 2023
 Image 0 (kernel@1)
  Description:  WatchGuard Kernel
  Created:      Fri Apr 28 03:47:54 2023
  Type:         Kernel Image
  Compression:  gzip compressed
  Data Size:    8610978 Bytes = 8409.16 KiB = 8.21 MiB
  Architecture: AArch64
  OS:           Linux
  Load Address: 0x80080000
  Entry Point:  0x80080000
  Hash algo:    crc32
  Hash value:   82133987
  Hash algo:    sha1
  Hash value:   35902aef8b493e978bc39137953079846ceabf78
 Image 1 (fdt@1)
  Description:  Flattened Device Tree blob
  Created:      Fri Apr 28 03:47:54 2023
  Type:         Flat Device Tree
  Compression:  uncompressed
  Data Size:    33500 Bytes = 32.71 KiB = 0.03 MiB
  Architecture: AArch64
  Load Address: 0x90000000
  Hash algo:    crc32
  Hash value:   65d95e13
  Hash algo:    sha1
  Hash value:   6e04f11bad98c248ce904b62bec10fe4ff5ef770
 Default Configuration: 'conf@1'
 Configuration 0 (conf@1)
  Description:  Boot Linux kernel with FDT blob
  Kernel:       kernel@1
  FDT:          fdt@1

Here is what I’m trying to boot from OpenWrt:

FIT description: ARM64 OpenWrt FIT (Flattened Image Tree)
Created:         Tue Sep  2 00:51:43 2025
 Image 0 (kernel-1)
  Description:  ARM64 OpenWrt Linux-6.6.103
  Created:      Tue Sep  2 00:51:43 2025
  Type:         Kernel Image
  Compression:  gzip compressed
  Data Size:    8168025 Bytes = 7976.59 KiB = 7.79 MiB
  Architecture: AArch64
  OS:           Linux
  Load Address: 0x80080000
  Entry Point:  0x80080000
  Hash algo:    crc32
  Hash value:   c1325169
  Hash algo:    sha1
  Hash value:   ea829cc6ef509cbcb33f1d3e6cfe5573175fb304
 Image 1 (fdt-1)
  Description:  ARM64 OpenWrt watchguard-ls1043a device tree blob
  Created:      Tue Sep  2 00:51:43 2025
  Type:         Flat Device Tree
  Compression:  uncompressed
  Data Size:    31251 Bytes = 30.52 KiB = 0.03 MiB
  Architecture: AArch64
  Hash algo:    crc32
  Hash value:   56b92ba6
  Hash algo:    sha1
  Hash value:   3040112de9e40e5a538651accc3c943996755ad7
 Default Configuration: 'config-1'
 Configuration 0 (config-1)
  Description:  OpenWrt watchguard-ls1043a
  Kernel:       kernel-1
  FDT:          fdt-1

Bonus: I acquired a T40-X (PCB silk screen T40X-W-WW-0.10), which doesn’t appear in any official documentation and appears to be a prototype or DVT device based on the T40-W with an integrated cellular modem. It says “T40-X” on the front and lacks one USB3 port on the back. 12VDC powered (no POE output). There was not anything special about the firmware though.

U-Boot 2018.09 (May 14 2020 - 15:42:08 -0700)

SoC:  LS1043AE Rev1.1 (0x87920011)
Clock Configuration:
       CPU0(A53):1000 MHz  CPU1(A53):1000 MHz  CPU2(A53):1000 MHz  
       CPU3(A53):1000 MHz  
       Bus:      300  MHz  DDR:      1600 MT/s  FMAN:     500  MHz
Reset Configuration Word (RCW):
       00000000: 0610000a 0a000000 00000000 00000000
       00000010: 45580002 00000012 40044000 c1002000
       00000020: 00000000 00000000 00000000 0003fffe
       00000030: 20004504 0418320a 00000096 00000001
Model: LS1043A QDS Board - T40/T20
Board: LS1043AQDS, boot from vBank: 0
I2C:   ready
DRAM:  Initializing DDR...
Detected UDIMM Fixed DDR4 on board
3.9 GiB (DDR4, 32-bit, CL=11, ECC off)
Using SERDES1 Protocol: 17752 (0x4558)
SEC Firmware: Bad firmware image (not a FIT image)
SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
device 0 offset 0x280018, size 0xd
SF: 13 bytes @ 0x280018 Read: OK
Waking secondary cores to start from fbd35000
All (4) cores are up.
MMC:   FSL_SDHC: 0
Loading Environment from SPI Flash... *** Warning - bad CRC, using default environment

## Error: flags type check failure for "ipaddr" <= "10.0.1.1;" (type: i)
himport_r: can't insert "ipaddr=10.0.1.1;" into hash table
## Error: flags type check failure for "netmask" <= "255.255.255.0;" (type: i)
himport_r: can't insert "netmask=255.255.255.0;" into hash table
In:    serial
Out:   serial
Err:   serial
Net:   SF: Detected mx25u3235f with page size 256 Bytes, erase size 64 KiB, total 4 MiB
Fman1: Uploading microcode version 108.4.9
PCIe0: pcie@3400000 Root Complex: no link
PCIe1: pcie@3500000 Root Complex: x1 gen1
PCIe2: pcie@3600000 disabled
FM1@DTSEC1 [PRIME], FM1@DTSEC2, FM1@DTSEC3, FM1@DTSEC5, FM1@DTSEC6
### main_loop entered: bootdelay=3

### main_loop: bootcmd="run wgBootSysA"
WatchGuard U-Boot 2018.09 - May 14 2020 15:42:08--------------------------------------------------------------------------||||||||||||||||||||||||-------------------------------------------------------------------------++++Use the ^ and v keys to select which entry is highlighted.Press enter to boot the selected OS.WatchGuard (SYSA)                                                     WatchGuard (SYSB Recovery/Diagnostic Mode)                            Hit any key to stop autoboot:  3  2  1  0 Booting SYSA
scanning bus for devices...
Target spinup took 0 ms.
AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl SATA mode
flags: 64bit ncq pm clo only pmp fbss pio slum part ccc apst 
  Device 0: (0:0) Vendor: ATA Prod.:  Rev: 
            Type: Hard Disk
            Capacity: not available
10420940 bytes read in 217 ms (45.8 MiB/s)
## Loading kernel from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'kernel@1' kernel subimage
     Description:  WatchGuard Kernel
     Created:      2022-01--8   1:26:08 UTC
     Type:         Kernel Image
     Compression:  gzip compressed
     Data Start:   0x820000cc
     Data Size:    10386949 Bytes = 9.9 MiB
     Architecture: AArch64
     OS:           Linux
     Load Address: 0x80080000
     Entry Point:  0x80080000
     Hash algo:    crc32
     Hash value:   9b4fb984
     Hash algo:    sha1
     Hash value:   fc46e7e04922b05ce0863c4c05ae2f62b964d1d8
   Verifying Hash Integrity ... crc32+ sha1+ OK
## Loading fdt from FIT Image at 82000000 ...
   Using 'conf@1' configuration
   Trying 'fdt@1' fdt subimage
     Description:  Flattened Device Tree blob
     Created:      2022-01--8   1:26:08 UTC
     Type:         Flat Device Tree
     Compression:  uncompressed
     Data Start:   0x829e8000
     Data Size:    32642 Bytes = 31.9 KiB
     Architecture: AArch64
     Load Address: 0x90000000
     Hash algo:    crc32
     Hash value:   8ac87d7b
     Hash algo:    sha1
     Hash value:   01635f39bd4bb64375dce2d6e03b2bda97f89275
   Verifying Hash Integrity ... crc32+ sha1+ OK
   Loading fdt from 0x829e8000 to 0x90000000
   Booting using the fdt blob at 0x90000000
   Uncompressing Kernel Image ... OK
   Using Device Tree in place at 0000000090000000, end 000000009001af81
WARNING: SEC firmware not running, no kaslr-seed
WARNING failed to get smmu node: FDT_ERR_NOTFOUND
WARNING failed to get smmu node: FDT_ERR_NOTFOUND

Starting kernel ...

[    0.000000] Booting Linux on physical CPU 0x0
[    0.000000] Linux version 4.14.83 (release@cmrb06) (gcc version 6.5.0 (crosstool-NG 1.23.0.580-eb72b4e)) #1 SMP PREEMPT Wed Dec 22 17:22:15 PST 2021
[    0.000000] Boot CPU: AArch64 Processor [410fd034]
[    0.000000] Machine model: LS1043A RDB Board - T40
[    0.000000] earlycon: uart8250 at MMIO 0x00000000021c0500 (options '')
[    0.000000] bootconsole [uart8250] enabled
[    0.000000] efi: Getting EFI parameters from FDT:
[    0.000000] efi: UEFI not found.
[    0.000000] crashkernel reserved: 0x00000008fc800000 - 0x0000000900000000 (56 MB)
[    0.000000] OF: reserved mem: initialized node qman-fqd, compatible id fsl,qman-fqd
[    0.000000] OF: reserved mem: initialized node qman-pfdr, compatible id fsl,qman-pfdr
[    0.000000] OF: reserved mem: initialized node bman-fbpr, compatible id fsl,bman-fbpr
[    0.000000] cma: Reserved 16 MiB at 0x00000000fac00000
[    0.000000] percpu: Embedded 22 pages/cpu @ffff80087c34a000 s50904 r8192 d31016 u90112
[    0.000000] Detected VIPT I-cache on CPU0
[    0.000000] CPU features: enabling workaround for ARM erratum 845719
[    0.000000] Built 1 zonelists, mobility grouping on.  Total pages: 1004214
[    0.000000] Kernel command line: root=/dev/sda3 rw console=ttyS0,115200 earlycon=uart8250,mmio,0x21c0500
[    0.000000] PID hash table entries: 4096 (order: 3, 32768 bytes)
[    0.000000] Dentry cache hash table entries: 524288 (order: 10, 4194304 bytes)
[    0.000000] Inode-cache hash table entries: 262144 (order: 9, 2097152 bytes)
[    0.000000] software IO TLB [mem 0xf6c00000-0xfac00000] (64MB) mapped at [ffff800076c00000-ffff80007abfffff]
[    0.000000] Memory: 3851684K/4073472K available (7996K kernel code, 518K rwdata, 2944K rodata, 5376K init, 849K bss, 205404K reserved, 16384K cma-reserved)
[    0.000000] Virtual kernel memory layout:
[    0.000000]     modules : 0xffff000000000000 - 0xffff000008000000   (   128 MB)
[    0.000000]     vmalloc : 0xffff000008000000 - 0xffff7dffbfff0000   (129022 GB)
[    0.000000]       .text : 0xffff000008080000 - 0xffff000008850000   (  8000 KB)
[    0.000000]     .rodata : 0xffff000008850000 - 0xffff000008b40000   (  3008 KB)
[    0.000000]       .init : 0xffff000008b40000 - 0xffff000009080000   (  5376 KB)
[    0.000000]       .data : 0xffff000009080000 - 0xffff000009101a00   (   519 KB)
[    0.000000]        .bss : 0xffff000009101a00 - 0xffff0000091d6108   (   850 KB)
[    0.000000]     fixed   : 0xffff7dfffe7fb000 - 0xffff7dfffec00000   (  4116 KB)
[    0.000000]     PCI I/O : 0xffff7dfffee00000 - 0xffff7dffffe00000   (    16 MB)
[    0.000000]     vmemmap : 0xffff7e0000000000 - 0xffff800000000000   (  2048 GB maximum)
[    0.000000]               0xffff7e0000000000 - 0xffff7e001dc00000   (   476 MB actual)
[    0.000000]     memory  : 0xffff800000000000 - 0xffff800880000000   ( 34816 MB)
[    0.000000] Preemptible hierarchical RCU implementation.
[    0.000000] 	RCU event tracing is enabled.
[    0.000000] 	RCU restricting CPUs from NR_CPUS=64 to nr_cpu_ids=4.
[    0.000000] 	Tasks RCU enabled.
[    0.000000] RCU: Adjusting geometry for rcu_fanout_leaf=16, nr_cpu_ids=4
[    0.000000] NR_IRQS: 64, nr_irqs: 64, preallocated irqs: 0
[    0.000000] GIC: Adjusting CPU interface base to 0x000000000142f000
[    0.000000] GIC: Using split EOI/Deactivate mode
[    0.000000] arch_timer: Enabling global workaround for Freescale erratum a005858
[    0.000000] arch_timer: CPU0: Trapping CNTVCT access
[    0.000000] arch_timer: cp15 timer(s) running at 25.00MHz (phys).
[    0.000000] clocksource: arch_sys_counter: mask: 0xffffffffffffff max_cycles: 0x5c40939b5, max_idle_ns: 440795202646 ns
[    0.000003] sched_clock: 56 bits at 25MHz, resolution 40ns, wraps every 4398046511100ns
[    0.008647] Console: colour dummy device 80x25
[    0.013140] Calibrating delay loop (skipped), value calculated using timer frequency.. 50.00 BogoMIPS (lpj=100000)
[    0.023568] pid_max: default: 32768 minimum: 301
[    0.028287] Security Framework initialized
[    0.032465] Mount-cache hash table entries: 8192 (order: 4, 65536 bytes)
[    0.039232] Mountpoint-cache hash table entries: 8192 (order: 4, 65536 bytes)
[    0.062473] ASID allocator initialised with 32768 entries
[    0.075932] Hierarchical SRCU implementation.
[    0.088356]  WG CPU Model 1043 Count 4
[    0.092123]  WG CRASH MIN RESERVE   56 MB
[    0.096160] 
[    0.096160] wg_kernel_init: Built Dec 22 2021 17:11:46
[    0.103186] EFI services will not be available.
[    0.115769] smp: Bringing up secondary CPUs ...
[    0.148446] Detected VIPT I-cache on CPU1
[    0.148479] arch_timer: CPU1: Trapping CNTVCT access
[    0.148485] CPU1: Booted secondary processor [410fd034]
[    0.176487] Detected VIPT I-cache on CPU2
[    0.176507] arch_timer: CPU2: Trapping CNTVCT access
[    0.176512] CPU2: Booted secondary processor [410fd034]
[    0.204538] Detected VIPT I-cache on CPU3
[    0.204558] arch_timer: CPU3: Trapping CNTVCT access
[    0.204563] CPU3: Booted secondary processor [410fd034]
[    0.204616] smp: Brought up 1 node, 4 CPUs
[    0.251619] SMP: Total of 4 processors activated.
[    0.256359] CPU features: detected feature: 32-bit EL0 Support
[    0.262241] CPU features: detected feature: Kernel page table isolation (KPTI)
[    0.278617] CPU: All CPU(s) started at EL2
[    0.282753] alternatives: patching kernel code
[    0.292547] random: get_random_u32 called from bucket_table_alloc+0xf8/0x280 with crng_init=0
[    0.301361] clocksource: jiffies: mask: 0xffffffff max_cycles: 0xffffffff, max_idle_ns: 7645041785100000 ns
[    0.311181] futex hash table entries: 1024 (order: 4, 65536 bytes)
[    0.318056] alloc_chrdev_region: 254:0   gpiochip
[    0.322883] DMI not present or invalid.
[    0.326937] NET: Registered protocol family 16
[    0.331784] alloc_chrdev_region: 253:0   fsl_mc_bus
[    0.337325] cpuidle: using governor menu
[    0.341811] Bman ver:0a02,02,01
[    0.347361] qman-fqd addr 0x00000008fc400000 size 0x400000
[    0.352890] qman-pfdr addr 0x00000008fa000000 size 0x2000000
[    0.358617] Qman ver:0a01,03,02,00
[    0.362154] vdso: 2 pages (1 code @ ffff000008857000, 1 data @ ffff000009084000)
[    0.369616] hw-breakpoint: found 6 breakpoint and 4 watchpoint registers.
[    0.377329] DMA: preallocated 256 KiB pool for atomic allocations
[    0.383559] Serial: AMBA PL011 UART driver
[    0.388674] Machine: LS1043A RDB Board - T40
[    0.392979] SoC family: QorIQ LS1043A
[    0.396659] SoC ID: svr:0x87920011, Revision: 1.1
[    0.422394] HugeTLB registered 2.00 MiB page size, pre-allocated 0 pages
[    0.430128] ACPI: Interpreter disabled.
[    0.436228] alloc_chrdev_region: 252:0   tpm
[    0.440541] misc_register: 10,  63 vga_arbiter
[    0.445507] vgaarb: loaded
[    0.448409] SCSI subsystem initialized
[    0.452571] usbcore: registered new interface driver usbfs
[    0.458135] usbcore: registered new interface driver hub
[    0.463545] usbcore: registered new device driver usb
[    0.468714] alloc_chrdev_region: 251:0   rtc
[    0.473637] i2c i2c-0: IMX I2C adapter registered
[    0.478426] i2c i2c-0: using dma0chan16 (tx) and dma0chan17 (rx) for DMA transfers
[    0.486347] alloc_chrdev_region: 250:0   pps
[    0.490652] pps_core: LinuxPPS API ver. 1 registered
[    0.495651] pps_core: Software ver. 5.3.6 - Copyright 2005-2007 Rodolfo Giometti <giometti@linux.it>
[    0.504867] alloc_chrdev_region: 249:0   ptp
[    0.509166] PTP clock support registered
[    0.513225] dmi: Firmware registration failed.
[    0.517755] bman-fbpr addr 0x00000008f9000000 size 0x1000000
[    0.523484] Bman err interrupt handler present
[    0.528612] Bman portal initialised, cpu 0
[    0.532820] Bman portal initialised, cpu 1
[    0.537025] Bman portal initialised, cpu 2
[    0.541234] Bman portal initialised, cpu 3
[    0.545364] Bman portals initialised
[    0.550160] Qman err interrupt handler present
[    0.554890] QMan: Allocated lookup table at ffff00000a18d000, entry count 65537
[    0.562859] Qman portal initialised, cpu 0
[    0.567057] Qman portal initialised, cpu 1
[    0.571254] Qman portal initialised, cpu 2
[    0.575452] Qman portal initialised, cpu 3
[    0.579578] Qman portals initialised
[    0.583295] Bman: BPID allocator includes range 32:32
[    0.588478] Qman: FQID allocator includes range 256:256
[    0.593742] Qman: FQID allocator includes range 32768:32768
[    0.599443] Qman: CGRID allocator includes range 0:256
[    0.604829] Qman: pool channel allocator includes range 1025:15
[    0.610937] No USDPAA memory, no 'fsl,usdpaa-mem' in device-tree
[    0.617031] fsl-ifc 1530000.ifc: Freescale Integrated Flash Controller
[    0.623621] fsl-ifc 1530000.ifc: IFC version 1.4, 8 banks
[    0.629335] alloc_chrdev_region: 248:0   iio
[    0.634121] alloc_chrdev_region: 247:0   watchdog
[    0.638973] clocksource: Switched to clocksource arch_sys_counter
[    0.645287] pnp: PnP ACPI: disabled
[    0.652889] NET: Registered protocol family 2
[    0.657689] TCP established hash table entries: 32768 (order: 6, 262144 bytes)
[    0.665214] TCP bind hash table entries: 32768 (order: 7, 524288 bytes)
[    0.672387] TCP: Hash tables configured (established 32768 bind 32768)
[    0.679054] UDP hash table entries: 2048 (order: 4, 65536 bytes)
[    0.685192] UDP-Lite hash table entries: 2048 (order: 4, 65536 bytes)
[    0.691876] NET: Registered protocol family 1
[    0.910846] hw perfevents: enabled with armv8_pmuv3 PMU driver, 7 counters available
[    0.924933] audit: initializing netlink subsys (disabled)
[    0.930470] audit: type=2000 audit(0.860:1): state=initialized audit_enabled=0 res=1
[    0.930794] workingset: timestamp_bits=62 max_order=20 bucket_order=0
[    1.122301] async_tx: api initialized (async)
[    1.126746] alloc_chrdev_region: 246:0   bsg
[    1.131057] Block layer SCSI generic (bsg) driver version 0.4 loaded (major 246)
[    1.138512] io scheduler noop registered
[    1.142485] io scheduler cfq registered (default)
[    1.147227] io scheduler mq-deadline registered
[    1.151791] io scheduler kyber registered
[    1.158329] OF: PCI: host bridge /soc/pcie@3400000 ranges:
[    1.163875] OF: PCI:    IO 0x4000010000..0x400001ffff -> 0x00000000
[    1.170199] OF: PCI:   MEM 0x4040000000..0x407fffffff -> 0x40000000
[    1.176680] layerscape-pcie 3400000.pcie: PCI host bridge to bus 0000:00
[    1.183441] pci_bus 0000:00: root bus resource [bus 00-ff]
[    1.188968] pci_bus 0000:00: root bus resource [io  0x0000-0xffff]
[    1.195200] pci_bus 0000:00: root bus resource [mem 0x4040000000-0x407fffffff] (bus address [0x40000000-0x7fffffff])
[    1.206131] pci 0000:00:00.0: BAR 6: assigned [mem 0x4040000000-0x40400007ff pref]
[    1.213767] pci 0000:00:00.0: PCI bridge to [bus 01-ff]
[    1.219232] pcieport 0000:00:00.0: Signaling PME with IRQ 70
[    1.225038] pcieport 0000:00:00.0: AER enabled with IRQ 71
[    1.230697] OF: PCI: host bridge /soc/pcie@3500000 ranges:
[    1.236238] OF: PCI:    IO 0x4800010000..0x480001ffff -> 0x00000000
[    1.242556] OF: PCI:   MEM 0x4840000000..0x487fffffff -> 0x40000000
[    1.248993] layerscape-pcie 3500000.pcie: PCI host bridge to bus 0001:00
[    1.255748] pci_bus 0001:00: root bus resource [bus 00-ff]
[    1.261281] pci_bus 0001:00: root bus resource [io  0x10000-0x1ffff] (bus address [0x0000-0xffff])
[    1.270309] pci_bus 0001:00: root bus resource [mem 0x4840000000-0x487fffffff] (bus address [0x40000000-0x7fffffff])
[    1.291053] pci 0001:00:00.0: BAR 14: assigned [mem 0x4840000000-0x48402fffff]
[    1.298338] pci 0001:00:00.0: BAR 6: assigned [mem 0x4840300000-0x48403007ff pref]
[    1.305971] pci 0001:01:00.0: BAR 0: assigned [mem 0x4840000000-0x48401fffff 64bit]
[    1.313734] pci 0001:01:00.0: BAR 6: assigned [mem 0x4840200000-0x484020ffff pref]
[    1.321361] pci 0001:00:00.0: PCI bridge to [bus 01-ff]
[    1.326630] pci 0001:00:00.0:   bridge window [mem 0x4840000000-0x48402fffff]
[    1.333988] pcieport 0001:00:00.0: Signaling PME with IRQ 72
[    1.339796] pcieport 0001:00:00.0: AER enabled with IRQ 73
[    1.347531] Freescale LS2 console driver
[    1.351487] misc_register: 10,  62 fsl_mc_console
[    1.356276] fsl-ls2-console: device fsl_mc_console registered
[    1.362066] misc_register: 10,  61 fsl_aiop_console
[    1.367023] fsl-ls2-console: device fsl_aiop_console registered
[    1.375083] Serial: 8250/16550 driver, 4 ports, IRQ sharing enabled
[    1.382680] console [ttyS0] disabled
[    1.386323] 21c0500.serial: ttyS0 at MMIO 0x21c0500 (irq = 39, base_baud = 18750000) is a 16550A
[    1.395202] console [ttyS0] enabled
[    1.395202] console [ttyS0] enabled
[    1.402207] bootconsole [uart8250] disabled
[    1.402207] bootconsole [uart8250] disabled
[    1.410875] 21c0600.serial: ttyS1 at MMIO 0x21c0600 (irq = 39, base_baud = 18750000) is a 16550A
[    1.419935] 21d0500.serial: ttyS2 at MMIO 0x21d0500 (irq = 40, base_baud = 18750000) is a 16550A
[    1.428989] 21d0600.serial: ttyS3 at MMIO 0x21d0600 (irq = 40, base_baud = 18750000) is a 16550A
[    1.438348] alloc_chrdev_region: 245:0   ttyLP
[    1.443058] misc_register: 10, 183 hw_random
[    1.453224] brd: module loaded
[    1.456296] misc_register: 10, 237 loop-control
[    1.465141] loop: module loaded
[    1.497082] ahci-qoriq 3200000.sata: AHCI 0001.0301 32 slots 1 ports 6 Gbps 0x1 impl platform mode
[    1.506067] ahci-qoriq 3200000.sata: flags: 64bit ncq sntf pm clo only pmp fbs pio slum part ccc sds apst 
[    1.516328] scsi host0: ahci-qoriq
[    1.519879] ata1: SATA max UDMA/133 mmio [mem 0x03200000-0x0320ffff] port 0x100 irq 52
[    1.528961] fsl-quadspi 1550000.quadspi: mx25u3235f (4096 Kbytes)
[    1.535103] 11 ofpart partitions found on MTD device 1550000.quadspi
[    1.541470] Creating 11 MTD partitions on "1550000.quadspi":
[    1.547141] 0x000000000000-0x000000200000 : "NOR (RO) RCW + E-Hole + U-boot Image"
[    1.555214] 0x000000200000-0x000000210000 : "NOR (RW) U-Boot ENV"
[    1.561753] 0x000000210000-0x000000220000 : "NOR (RO) EMPTY Hole 1"
[    1.568440] 0x000000220000-0x000000240000 : "NOR (RW) FMAN UCODE"
[    1.574981] 0x000000240000-0x000000280000 : "NOR (RW) E-HOLE 2 or PPA"
[    1.581955] 0x000000280000-0x0000002a0000 : "NOR (RW) WG CFG0"
[    1.588214] 0x0000002a0000-0x0000002c0000 : "NOR (RW) WG CFG1"
[    1.594482] 0x0000002c0000-0x0000002e0000 : "NOR (RW) WG MFG"
[    1.600658] 0x0000002e0000-0x000000300000 : "NOR (RW) E-HOLE 3"
[    1.607023] 0x000000300000-0x000000320000 : "NOR (RW) FMAN UCODE Old"
[    1.613905] 0x000000320000-0x000000400000 : "NOR (RW) WG bootOpt Data & reserved"
[    1.622998] m25p80 spi0.0: unrecognized JEDEC id bytes: ff, ff, ff
[    1.630328] libphy: Fixed MDIO Bus: probed
[    1.636045] libphy: Freescale XGMAC MDIO Bus: probed
[    1.642540] libphy: Freescale XGMAC MDIO Bus: probed
[    1.647986] libphy: Freescale XGMAC MDIO Bus: probed
[    1.653264] libphy: Freescale XGMAC MDIO Bus: probed
[    1.658548] libphy: Freescale XGMAC MDIO Bus: probed
[    1.663827] libphy: Freescale XGMAC MDIO Bus: probed
[    1.669144] libphy: Freescale XGMAC MDIO Bus: probed
[    1.674420] libphy: Freescale XGMAC MDIO Bus: probed
[    1.679697] libphy: Freescale XGMAC MDIO Bus: probed
[    1.700482] Freescale FM module, FMD API version 21.1.0
[    1.709219] Freescale FM Ports module
[    1.712895] fsl_mac: fsl_mac: FSL FMan MAC API based driver
[    1.718831] fman_memac_init: IF_MODE    2
[    1.723107] fsl_mac 1ae0000.ethernet: FMan MEMAC
[    1.727741] fsl_mac 1ae0000.ethernet: FMan MAC address: 00:0b:6b:01:01:01
[    1.734695] fman_memac_init: IF_MODE    2
[    1.738974] fsl_mac 1ae2000.ethernet: FMan MEMAC
[    1.743603] fsl_mac 1ae2000.ethernet: FMan MAC address: 00:0b:6b:01:01:02
[    1.750561] fman_memac_init: IF_MODE 8006
[    1.754584] fsl_mac 1ae4000.ethernet: FMan MEMAC
[    1.759215] fsl_mac 1ae4000.ethernet: FMan MAC address: 00:0b:6b:01:01:03
[    1.766185] fman_memac_init: IF_MODE    2
[    1.770452] fsl_mac 1ae8000.ethernet: FMan MEMAC
[    1.775083] fsl_mac 1ae8000.ethernet: FMan MAC address: 00:0b:6b:01:01:05
[    1.782052] fman_memac_init: IF_MODE    2
[    1.786322] fsl_mac 1aea000.ethernet: FMan MEMAC
[    1.790952] fsl_mac 1aea000.ethernet: FMan MAC address: 00:0b:6b:01:01:06
[    1.797829] fsl_dpa: FSL DPAA Ethernet driver
[    1.803564] fsl_dpa soc:fsl,dpaa:ethernet@0: Skip RX PCD High Priority FQs initialization
[    1.816890] fsl_dpa: fsl_dpa: Probed interface eth0
[    1.822769] fsl_dpa soc:fsl,dpaa:ethernet@1: Skip RX PCD High Priority FQs initialization
[    1.836566] fsl_dpa: fsl_dpa: Probed interface eth1
[    1.842660] fsl_dpa soc:fsl,dpaa:ethernet@2: Skip RX PCD High Priority FQs initialization
[    1.856804] fsl_dpa: fsl_dpa: Probed interface eth2
[    1.861989] fsl_dpa soc:fsl,dpaa:ethernet@3: of_find_device_by_node(/soc/fman@1a00000/ethernet@e6000) failed
[    1.871887] fsl_dpa: probe of soc:fsl,dpaa:ethernet@3 failed with error -22
[    1.880137] fsl_dpa soc:fsl,dpaa:ethernet@4: Skip RX PCD High Priority FQs initialization
[    1.894660] fsl_dpa: fsl_dpa: Probed interface eth3
[    1.901180] fsl_dpa soc:fsl,dpaa:ethernet@5: Skip RX PCD High Priority FQs initialization
[    1.916143] fsl_dpa: fsl_dpa: Probed interface eth4
[    1.921286] fsl_dpa soc:fsl,dpaa:ethernet@8: of_find_device_by_node(/soc/fman@1a00000/ethernet@f0000) failed
[    1.931190] fsl_dpa: probe of soc:fsl,dpaa:ethernet@8 failed with error -22
[    1.938208] fsl_advanced: FSL DPAA Advanced drivers:
[    1.943187] fsl_proxy: FSL DPAA Proxy initialization driver
[    1.949052] fsl_oh: FSL FMan Offline Parsing port driver
[    1.957014] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver
[    1.963566] ehci-pci: EHCI PCI platform driver
[    1.968052] ehci-platform: EHCI generic platform driver
[    1.973537] ohci_hcd: USB 1.1 'Open' Host Controller (OHCI) Driver
[    1.979735] ohci-pci: OHCI PCI platform driver
[    1.984216] ohci-platform: OHCI generic platform driver
[    1.990215] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    1.995727] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 1
[    2.003811] xhci-hcd xhci-hcd.0.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x22010810
[    2.012563] xhci-hcd xhci-hcd.0.auto: irq 49, io mem 0x02f00000
[    2.018859] hub 1-0:1.0: USB hub found
[    2.018996] ata1: SATA link up 6.0 Gbps (SStatus 133 SControl 300)
[    2.019120] ata1.00: ATA-10: M.2 (S42) 3ME4, L17606, max UDMA/133
[    2.019124] ata1.00: 31277232 sectors, multi 1: LBA48 NCQ (depth 31/32)
[    2.024453] ata1.00: configured for UDMA/133
[    2.024706] scsi 0:0:0:0: Direct-Access     ATA      M.2 (S42) 3ME4   06   PQ: 0 ANSI: 5
[    2.025251] sd 0:0:0:0: [sda] 31277232 512-byte logical blocks: (16.0 GB/14.9 GiB)
[    2.025289] sd 0:0:0:0: [sda] Write Protect is off
[    2.025358] sd 0:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[    2.026821]  sda: sda1 sda2 sda3 sda4 < sda5 sda6 sda7 >
[    2.027967] sd 0:0:0:0: [sda] Attached SCSI disk
[    2.085304] hub 1-0:1.0: 1 port detected
[    2.089483] xhci-hcd xhci-hcd.0.auto: xHCI Host Controller
[    2.094989] xhci-hcd xhci-hcd.0.auto: new USB bus registered, assigned bus number 2
[    2.102672] xhci-hcd xhci-hcd.0.auto: Host supports USB 3.0  SuperSpeed
[    2.109661] hub 2-0:1.0: USB hub found
[    2.113437] hub 2-0:1.0: 1 port detected
[    2.117655] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    2.123166] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 3
[    2.131294] xhci-hcd xhci-hcd.1.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x22010810
[    2.140045] xhci-hcd xhci-hcd.1.auto: irq 50, io mem 0x03000000
[    2.146289] hub 3-0:1.0: USB hub found
[    2.150063] hub 3-0:1.0: 1 port detected
[    2.154200] xhci-hcd xhci-hcd.1.auto: xHCI Host Controller
[    2.159708] xhci-hcd xhci-hcd.1.auto: new USB bus registered, assigned bus number 4
[    2.167386] xhci-hcd xhci-hcd.1.auto: Host supports USB 3.0  SuperSpeed
[    2.174340] hub 4-0:1.0: USB hub found
[    2.178113] hub 4-0:1.0: 1 port detected
[    2.182304] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    2.187812] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 5
[    2.195946] xhci-hcd xhci-hcd.2.auto: hcc params 0x0220f66d hci version 0x100 quirks 0x22010810
[    2.204689] xhci-hcd xhci-hcd.2.auto: irq 51, io mem 0x03100000
[    2.210934] hub 5-0:1.0: USB hub found
[    2.214705] hub 5-0:1.0: 1 port detected
[    2.218839] xhci-hcd xhci-hcd.2.auto: xHCI Host Controller
[    2.224403] xhci-hcd xhci-hcd.2.auto: new USB bus registered, assigned bus number 6
[    2.232084] xhci-hcd xhci-hcd.2.auto: Host supports USB 3.0  SuperSpeed
[    2.239049] hub 6-0:1.0: USB hub found
[    2.242810] hub 6-0:1.0: 1 port detected
[    2.247089] usbcore: registered new interface driver usbserial
[    2.252960] usbcore: registered new interface driver usbserial_generic
[    2.259575] usbserial: USB Serial support registered for generic
[    2.265627] usbcore: registered new interface driver pl2303
[    2.271235] usbserial: USB Serial support registered for pl2303
[    2.286949] rtc-s35390a 0-0030: rtc core: registered rtc-s35390a as rtc0
[    2.293723] i2c /dev entries driver
[    2.297577] ptp_qoriq: device tree node missing required elements, try automatic configuration
[    2.306424] pps pps0: new PPS source ptp0
[    2.311830] misc_register: 10, 130 watchdog
[    2.316136] imx2-wdt 2ad0000.wdog: timeout 60 sec (nowayout=0)
[    2.322102] CPUidle arm: CPU 0 failed to init idle CPU ops
[    2.327918] sdhci: Secure Digital Host Controller Interface driver
[    2.334111] sdhci: Copyright(c) Pierre Ossman
[    2.338578] sdhci-pltfm: SDHCI platform and OF driver helper
(snipped for forum character limit)
[   18.470553] usbcore: registered new interface driver option
[   18.476351] usbserial: USB Serial support registered for GSM modem (1-port)
[   18.487937] usbcore: registered new interface driver wg_sierra
[   18.493973] usbserial: USB Serial support registered for Sierra USB modem
[   18.505573] usbcore: registered new interface driver cdc_acm
[   18.511302] cdc_acm: USB Abstract Control Model driver for USB modems and ISDN adapters
[   18.524177] usbcore: registered new interface driver GobiSerial
[   18.530255] usbserial: USB Serial support registered for GobiSerial
[   18.536660] GobiSerial: 2013-10-08/NTGR_2.12:GobiSerial
[   18.558224] usbcore: registered new interface driver cdc_ether
[   18.569026] usbcore: registered new interface driver rndis_host
[   18.579339] usbcore: registered new interface driver sierra_net
[   18.590487] GobiNet: 2013-10-08/NTGR_2.21
[   18.594744] usbcore: registered new interface driver GobiNet
[   18.604967] usbcore: registered new interface driver cdc_wdm
[   18.616256] usbcore: registered new interface driver qmi_wwan
[   18.627186] usbcore: registered new interface driver cdc_ncm
[   18.636564] usbcore: registered new interface driver huawei_cdc_ncm
Done.
(snipped for forum character limit)

This appliance has debug package installed
WatchGuard-XTM login:

Shine · September 7, 2025, 3:05pm

Here you go: https://oftc.catirclogs.org/openwrt-devel/2022-04-26#30875010;

He doesn’t give the offset where he patched, or any further hint, so it’s up to us disassemble the U-Boot dump ourselves. But from what he writes, I assume there isn’t any obfuscation or the like in the code that’d make it hard to find.

Shine · September 7, 2025, 3:08pm

Should be a T40-CW then.

Edit: Or not, since I found photos of the -CW with 54V PSU like the other T40 models. Perhaps you really sourced a prototype or something…

othermully · September 7, 2025, 8:57pm

I only have a working ramdisk image, never got to flashing it though, hope this is somewhat useful:

Extract the .dtb from the stock firmware, convert it to a .dts file:

dtc -I dtb -O firebox-t40.dts firebox-t40.dtb

Make sure the .dts file is in the target/linux/layerscape/files/arch/arm64/boot/dts/freescale directory

Create a custom profile for the firebox by adding this to the Makefile:

define Device/firebox-t40
  DEVICE_VENDOR := WatchGuard
  DEVICE_MODEL := Firebox T40
  DEVICE_DTS := firebox-t40
  SOC := ls1043a
  DEVICE_PACKAGES := kmod-fs-ext4 kmod-sata-ahci kmod-usb3 block-mount kmod-scsi-core kmod-lib-ahci \
                     kmod-libata kmod-nvme kmod-leds-gpio kmod-hwmon-core kmod-rtc-ds1307
  SUPPORTED_DEVICES := firebox-t40
  IMAGE_NAME := $$(DEVICE_IMG_PREFIX)-ext4
#	IMAGES += initramfs
#  IMAGE/initramfs := gzip
endef

TARGET_DEVICES += firebox-t40

OpenWRT doesn’t automatically build the .dtb so you can manually copy it:

define Build/copy-dtb
	mkdir -p $(LINUX_DIR)/arch/arm64/boot/dts/freescale
	cp $(LINUX_DIR)/image-$(PROFILE).dtb $(LINUX_DIR)/arch/arm64/boot/dts/freescale/$(PROFILE).dtb
endef

After building, create an .its file and include the .dtb and initramfs paths:

/dts-v1/;

/ {
    description = "OpenWrt for Firebox T40";

    images {
        kernel@1 {
            description = "ARM64 OpenWrt Kernel with Initramfs";
            data = /incbin/("build_dir/target-aarch64_generic_musl/linux-layerscape_armv8_64b/Image.gz-initramfs");
            type = "kernel";
            arch = "arm64";
            os = "linux";
            compression = "gzip";
            load = <0x82000000>; 
            entry = <0x82000000>;
        };

        fdt@1 {
            description = "firebox-t40 Device Tree Blob";
            data = /incbin/("build_dir/target-aarch64_generic_musl/linux-layerscape_armv8_64b/image-firebox-t40.dtb");
            type = "flat_dt";
            arch = "arm64";
            compression = "none";
        };
    };

    configurations {
        default = "config@1";
        config@1 {
            kernel = "kernel@1";
            fdt = "fdt@1";
        };
    };
};

Then build the .itb

mkimage -f openwrt-t40.its openwrt-t40.itb

That produces a working openwrt ramdisk image for the Firebox T40.

This is bits and pieces from my docs, since they’re quite messy. Let me know if you have any questions

Edit: Also had to enable EFI_STUB and EFI_RUNTIME, this should fix kernel crashes on startup

hmartin · October 2, 2025, 8:03pm

I compiled OpenWrt for LS1043 with these changes to the kernel config (and using the FIT settings mentioned above) and didn't get any serial output after U-Boot jumped to the kernel.

I also compiled the WatchGuard U-Boot from source and tried chain loading it in a FIT image, same behaviour: no UART output.

I guess I'll try cross compiling their actual 4.x kernel with the 1:1 .config and see if I can get UART output or if I’m just doing something obviously stupid and wrong in my attempts.

othermully · October 6, 2025, 10:12pm

Are you building a ramdisk image for your tests, or just using the kernel and rootfs directly? Also, are you working from the Firebox-specific .dts, or just the stock ls1043a one from upstream? I’m wondering if there’s any subtle difference that could explain the missing UART output after U-Boot hands off.

could you post your .its file? I’d like to compare how you’re wrapping the kernel, ramdisk, and FDT in your FIT image, I’ve only gotten mine booting as a ramdisk so far.

Definitely curious to hear what happens when you try the 4.x kernel; maybe it’ll shed light on whether the issue’s in the device tree or U-Boot handoff

hmartin · October 8, 2025, 5:55am

Neither, I’m just using the kernel and device tree. I know this won’t boot (it will kernel panic with no rootfs) but I’d just like to even get that far. Actually, this might have the ramdisk in the kernel image.

$ dumpimage -T flat_dt -l ./build_dir/target-aarch64_generic_musl/linux-layerscape_armv8_64b/watchguard-ls1043a-kernel.itb
Image contains unit addresses @, this will break signing
FIT description: U-Boot fitImage for 6.6.103 kernel
Created:         Tue Sep  2 00:51:43 2025
 Image 0 (kernel@0)
  Description:  Linux Kernel
  Created:      Tue Sep  2 00:51:43 2025
  Type:         Kernel Image
  Compression:  gzip compressed
  Data Size:    8220204 Bytes = 8027.54 KiB = 7.84 MiB
  Architecture: AArch64
  OS:           Linux
  Load Address: 0x82000000
  Entry Point:  0x82000000
  Hash algo:    sha1
  Hash value:   34234ec5e15fffeeebd2d20ffa3526dcffd4aade
 Image 1 (fdt@0)
  Description:  Flattened Device Tree blob LS1043RDB
  Created:      Tue Sep  2 00:51:43 2025
  Type:         Flat Device Tree
  Compression:  uncompressed
  Data Size:    28687 Bytes = 28.01 KiB = 0.03 MiB
  Architecture: AArch64
  Load Address: 0x90000000
  Hash algo:    sha1
  Hash value:   38a5798e96060ebf88e88351e8a8c16865821858
 Configuration 0 (ls1043rdb)
  Description:  Boot Linux kernel with FDT blob
  Kernel:       kernel@0
  FDT:          fdt@0
  Hash algo:    sha1
  Hash value:   unavailable

Upstream. Most of the differences from the upstream ls1043-rdb device tree seem cosmetic or just moving things around since OpenWrt is using a newer upstream kernel. The diff exceeds the character limit for the OpenWrt forum, so you can find it here: https://gist.github.com/halmartin/cd3b59e8dc2063bf61bee8da54538276

For OpenWrt, modifications are here: https://github.com/halmartin/openwrt/commit/fac00d5f10cdaf43783646e190169616e234147f

There is no separate .its, I am using OpenWrt to build the FIT image.

For chain loading U-Boot, here is the .its:

/dts-v1/;

/ {
        description = "WatchGuard ls1043a U-boot FIT Image";
        #address-cells = <1>;

        images {
                kernel-1 {
                        description = "Kernel";
                        data = /incbin/("u-boot-2018.09/u-boot.bin.gz");
                        type = "kernel";
                        arch = "arm64";
                        os = "linux";
                        compression = "gzip";
                        // from configs/ls1043aqds_wg_t40_qspi_defconfig
                        // CONFIG_SYS_TEXT_BASE=0x40100000
                        load = <0x80000000>; // CONFIG_SYS_TEXT_BASE is linked to 0x60000000 for booting
                        entry = <0x80000000>;
                        hash {
                                algo = "sha1";
                        };
                };
                fdt-1 {
                        description = "Device tree blob";
                        data = /incbin/("u-boot-2018.09/u-boot.dtb");
                        type = "flat_dt";
                        load = <0x90000000>;
                        arch = "arm64";
                        compression = "none";

                        hash {
                                algo = "sha1";
                        };
                };
        };

        configurations {
                default = "config_1";
                config_1 {
                        description = "WatchGuard ls1043a U-Boot";
                        kernel = "kernel-1";
                        fdt = "fdt-1";
                        hash {
                                algo = "sha1";
                        };
                };
        };

};

shadow578 · October 9, 2025, 4:06pm

Hi there,
i've been looking into the T40 and T45 hardware (and their differences) in the past few days.
any chance someone with access to a T40 (and T45) could provide a dump of both RCW/PBI sections (first 256 bytes of SPI flash)?

this can be done from u-boot shell using these commands:

sf read 0x80080000 0x0 0xff
md 0x80080000 0xff

including the initial u-boot output (up to where it prints "main_loop entered") would also be helpful.

additionally, if anyone with a T45 could post the output of mdio list, that'd be nice too.

Thanks in advance

othermully · October 9, 2025, 10:17pm

This is my ramdisk image:

$ dumpimage -T flat_dt -l /srv/tftp/openwrt-t40-new.itb
Image contains unit addresses @, this will break signing
FIT description: OpenWrt for Firebox T40 (Image.gz-initramfs)
Created:         Sun Apr 27 14:45:43 2025
 Image 0 (kernel@1)
  Description:  ARM64 OpenWrt Kernel with Initramfs
  Created:      Sun Apr 27 14:45:43 2025
  Type:         Kernel Image
  Compression:  gzip compressed
  Data Size:    12467299 Bytes = 12175.10 KiB = 11.89 MiB
  Architecture: AArch64
  OS:           Linux
  Load Address: 0x83000000
  Entry Point:  0x83000000
 Image 1 (fdt@1)
  Description:  firebox-t40 Device Tree Blob
  Created:      Sun Apr 27 14:45:43 2025
  Type:         Flat Device Tree
  Compression:  uncompressed
  Data Size:    32642 Bytes = 31.88 KiB = 0.03 MiB
  Architecture: AArch64
 Default Configuration: 'config@1'
 Configuration 0 (config@1)
  Description:  unavailable
  Kernel:       kernel@1
  FDT:          fdt@1

I noticed my initial post of the .its file had

load = <0x82000000>;

entry = <0x82000000>;

I must’ve adjusted it to 0x83000000 for some reason..