Daniel Golle [Thu, 14 Apr 2022 23:46:28 +0000 (00:46 +0100)]
scripts/gen_image_generic.sh: fix order of files in EFI bootfs
mtools recursive copy (mcopy -s ...) is using READDIR(3) to iterate
over the directory entries, hence they end up in the FAT filesystem in
traversal order which breaks reproducibility (rather than being added
to the FAT filesystem in a reproducible order). Implement recursive
copy in gen_image_generic.sh in Shell code instead, as in that way we
can force files to be copied in reproducible order.
Fixes: aece8f5ae8 ("scripts/gen_image_generic.sh: generate reproducible EFI filesystem")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
4d289ae7e63893f90957b77962c6b60574d35441)
Daniel Golle [Wed, 13 Apr 2022 15:51:58 +0000 (16:51 +0100)]
netifd: relax check in dhcp proto handler
Checking whether /sbin/udhcpc is a symbolic link breaks using the
DHCP proto handler inside procd-ujail where bind-mounts are used for
the resolved link. Check whether /sbin/udhcpc is executable instead
to allow using the proto handler for DHCP-provisioned containers.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
c5f113c43f43c20555298c8500bf91bffbe1f58b)
Daniel Golle [Wed, 13 Apr 2022 15:47:07 +0000 (16:47 +0100)]
procd: update to git HEAD
6343c3a procd: completely remove tmp-on-zram support
5c5e63f uxc: fix potential NULL-pointer dereference
eb03f03 jail: include necessary files for per-netns netifd instance
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
2c8873033e3c0b5a5e8f6080ea3a73fde6a55f39)
Daniel Golle [Wed, 13 Apr 2022 13:51:34 +0000 (14:51 +0100)]
base-files: more robust sysupgrade on NAND
Make sure sysupgrade on NAND also works in case of UBI volumes having
index >9. While at it, also make sure UBI device is detected and abort
in case it isn't. Use Shell built-in shorthand ':' instead of 'true'.
Fixes #9708
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
0dbca1b2baf9c26514b517a1e5860f6a5b04d5ae)
Daniel Golle [Mon, 11 Apr 2022 14:25:27 +0000 (15:25 +0100)]
scripts/gen_image_generic.sh: generate reproducible EFI filesystem
Generate FAT filesystem for EFI boot in a reproducible way:
* use '--invariant' option of mkfs.fat
* set timestamps of all files to SOURCE_DATE_EPOCH
* make sure files are ordered locale-independent
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
aece8f5ae8d15e5e79b8e34a176895209709afb6)
Daniel Golle [Mon, 28 Mar 2022 17:13:45 +0000 (18:13 +0100)]
scripts/gen_image_generic.sh: make ext4 bootfs reproducible
Set fixed timestamp for kernel other files in /boot filesystem.
This should help making x86 *combined* images reproducible.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
068ea2cde04e2666fb05731cea941bccfaeddc25)
Eneas U de Queiroz [Thu, 31 Mar 2022 13:30:11 +0000 (10:30 -0300)]
mediatek/mt7622: enable accelerated crypto drivers
Use ARMv8 Crypto Extensions for AES, ghash and sha256.
This results in a 16 times speed gain in speed for aes-128-ctr, 17x in
aes-128-gcm, and 9 times in sha256.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
c9c2b01b8441195807e8b492c7d3e385e6c6afdc)
Thibaut VARÈNE [Thu, 14 Apr 2022 10:39:05 +0000 (12:39 +0200)]
ath79: add support for Yuncore A930
Specification:
- QCA9533 (650 MHz), 64 or 128MB RAM, 16MB SPI NOR
- 2x 10/100 Mbps Ethernet, with 802.3at PoE support (WAN)
- 2T2R 802.11b/g/n 2.4GHz
Flash instructions:
If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):
fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin
In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
seconds, recovery mode should start downloading image from server
(unfortunately, there is no visible indication that recovery got
enabled - in case of problems check TFTP server logs)
Signed-off-by: Clemens Hopfer <openwrt@wireloss.net>
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit
a05dcb07241aa83a4416b56201e31b4af8518981)
Thibaut VARÈNE [Thu, 14 Apr 2022 10:39:03 +0000 (12:39 +0200)]
ath79: add support for Yuncore XD3200
Specification:
- QCA9563 (775MHz), 128MB RAM, 16MB SPI NOR
- 2T2R 802.11b/g/n 2.4GHz
- 2T2R 802.11n/ac 5GHz
- 2x 10/100/1000 Mbps Ethernet, with 802.3at PoE support (WAN port)
LED for 5 GHz WLAN is currently not supported as it is connected directly
to the QCA9882 radio chip.
Flash instructions:
If your device comes with generic QSDK based firmware, you can login
over telnet (login: root, empty password, default IP: 192.168.188.253),
issue first (important!) 'fw_setenv' command and then perform regular
upgrade, using 'sysupgrade -n -F ...' (you can use 'wget' to download
image to the device, SSH server is not available):
fw_setenv bootcmd "bootm 0x9f050000 || bootm 0x9fe80000"
sysupgrade -n -F openwrt-...-yuncore_...-squashfs-sysupgrade.bin
In case your device runs firmware with YunCore custom GUI, you can use
U-Boot recovery mode:
1. Set a static IP 192.168.0.141/24 on PC and start TFTP server with
'tftp' image renamed to 'upgrade.bin'
2. Power the device with reset button pressed and release it after 5-7
seconds, recovery mode should start downloading image from server
(unfortunately, there is no visible indication that recovery got
enabled - in case of problems check TFTP server logs)
Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
(cherry picked from commit
c91df224f54fdd44c9c0487a8c91876f5d273164)
Hauke Mehrtens [Sun, 10 Apr 2022 22:11:51 +0000 (00:11 +0200)]
toolchain: musl: Update to version 1.2.3
Changes:
new features:
- qsort_r function (POSIX-future)
- pthread_getname_np extension function
- hard float on SPE FPU for powerpc-sf
- SEEK_DATA and SEEK_HOLE exposed in unistd.h (Linux extensions)
compatibility:
- free now preserves errno (POSIX-future requirement)
- setjmp is declared explicitly with returns_twice for non-GCC compilers
- macro version of isascii is no longer defined for C++
- dynamic linker now tolerates zero-length LOAD segments
- epoll_[p]wait is now a cancellation point
- pwd/grp functions no longer fail on systems without AF_UNIX support
- POSIX TZ parsing is stricter to allow more names to fallback to files
- NULL is now defined as nullptr when used in C++11 or later
- gettext now accepts null pointer as argument
bugs fixed:
- old regression in wcwidth of Hangul combining (vowel/final) letters
- duplocale used wrong malloc when malloc was replaced (1.2.2 regression)
- fmaf rounded wrong on archs without FE_TOWARDZERO (all softfloat archs)
- popen didn't honor requirement not to leak other popen pipe fds to child
- aligned_alloc and variants crashed on allocation failure
- dl_iterate_phdr reported incorrect module TLS pointers
- mishandling of some inputs in acoshf and expm1f and functions using them
- potentially wrong-sign zero in cproj functions at infinity
- multiple bugs in legacy function cuserid
- minor posix_spawn file actions API conformance issues
- pthread_setname_np fd leak
- out-of-bound read in zoneinfo handling with distant-past times
- out-of-tree builds lacked generated debug cfi for x86 asm
arch-specific bugs fixed:
- powerpc (32-bit) struct shmid_ds layout was wrong for some fields
- time64 struct layout was wrong in sound ioctl fallback (32-bit archs)
In addition it contains the following improvements:
* protect stack canary from leak via read-as-string by zeroing second byte
* fix excessively slow TLS performance on some mips models
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit
685ae2687bd1b199dc83ee1e16d47c05afca6102)
Felix Fietkau [Tue, 12 Apr 2022 07:32:34 +0000 (09:32 +0200)]
mac80211: backport minstrel_ht fix for legacy rates
Fixes OFDM rates on 5 GHz
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
5d5afd51772c9a992cb6bb9e0a9dce6feaa3fdef)
Rosen Penev [Fri, 24 Sep 2021 06:44:57 +0000 (23:44 -0700)]
musl-fts: add host build
This will be used for libselinux.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
1fb099341e5879a8c5247020e5056676ba2f0745)
Felix Matouschek [Fri, 8 Apr 2022 16:27:05 +0000 (18:27 +0200)]
kernel: Fix oob layout of XTX XT26G0xA
The correct oob layout is:
ECC:
region->offset = 48;
region->length = 16;
Free:
/* Reserve 1 byte for the BBM. */
region->offset = 1;
region->length = 47;
Signed-off-by: Felix Matouschek <felix@matouschek.org>
(cherry picked from commit
a5de91a88a8a33ced147bb5340fd45599f652d4d)
Felix Matouschek [Fri, 8 Apr 2022 16:33:10 +0000 (18:33 +0200)]
kernel: Fix readid method of XTX XT26G0xA
The correct readid method is SPINAND_READID_METHOD_OPCODE_ADDR.
Signed-off-by: Felix Matouschek <felix@matouschek.org>
(cherry picked from commit
3711aee56d864fab066d76afadc9d04e1c18102e)
Eneas U de Queiroz [Thu, 7 Apr 2022 20:47:38 +0000 (17:47 -0300)]
nftables: add CONFLICT between versions
Have nftables-json conflict with nftables-nojson.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
1135b75d1fd26049a0644b304b7199e4a73c6a08)
Hauke Mehrtens [Tue, 5 Apr 2022 22:29:44 +0000 (00:29 +0200)]
mac80211: Update to version 5.15.33-1
This updates mac80211 to version 5.15.33-1 which is based on kernel
5.15.33.
The removed patches were applied upstream.
This new release contains many fixes which were merged into the upstream
Linux kernel.
This also contains the following new drivers which are needed for ath11k:
* net/qrtr/
* drivers/bus/mhi/
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
3aa96efa24c13c6e0aafa5ad826f3f95a3bd74f9)
Eneas U de Queiroz [Fri, 8 Apr 2022 13:27:25 +0000 (10:27 -0300)]
wolfssl: bump to 5.2.0
Fixes two high-severity vulnerabilities:
- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
can be bypassed. If a malicious client does not send the
certificate_verify message a client can connect without presenting a
certificate even if the server requires one.
- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
v1.3 server can have its certificate heck bypassed. If the sig_algo in
the certificate_verify message is different than the certificate
message checking may be bypassed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
e89f3e85eb1c1d81294e5d430a91b0ba625e2ec0)
Daniel Golle [Sat, 9 Apr 2022 23:55:21 +0000 (00:55 +0100)]
imagebuilder: export SOURCE_DATE_EPOCH to environment
Export SOURCE_DATE_EPOCH to environment so filesystem and image
creation tools will make use of it.
Fixes reproducibility of images generated with the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
5cf5dce05ae829ec848ad63a6da300c4fddcd510)
Daniel Golle [Sat, 9 Apr 2022 21:04:58 +0000 (22:04 +0100)]
arm-trusted-firmware-mediatek: remove no longer needed Configure step
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.
Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
dffad93d3e34275b87d97724e64447d8bde537ff)
Daniel Golle [Sat, 9 Apr 2022 21:00:50 +0000 (22:00 +0100)]
trusted-firmware-a.mk: make sure include directory exists
ARM Trusted Firmware builds do not depend on any target libraries as
they are bare-metal builds. However, the compiler aborts due to
-Werror=missing-include-dirs if the include dir doesn't exists and this
can happen when building with parallelisation as that makes it likely
for arm-trusted-firmware-* to be build very early before any of the
libraries which would implicitely create the directory.
Fix this by making sure the include dir exists before building.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
738d44f5ea6f6450c2c8a29cf5836e22b479340b)
John Audia [Fri, 8 Apr 2022 16:35:54 +0000 (12:35 -0400)]
kernel: bump 5.10 to 5.10.110
Removed upstreamed:
generic/backport-5.10/350-v5.18-MIPS-pgalloc-fix-memory-leak-caused-by-pgd_free.patch
generic/pending-5.10/850-0014-PCI-aardvark-Fix-reading-PCI_EXP_RTSTA_PME-bit-on-em.patch
ipq40xx/patches-5.10/105-ipq40xx-fix-sleep-clock.patch
All patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Compile-/run-tested: ath79/generic (Archer C7 v2).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[rebased in 22.03 tree]
Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit
b92ec82235b996ece32bc84af177adf1a4dcb90e)
Ray Wang [Mon, 4 Apr 2022 02:29:18 +0000 (10:29 +0800)]
ipq40xx: add RT-AC2200 alternative name to RT-AC42U/RT-ACRH17
RT-AC2200 is the same device with a different name. The OEM firmwares have the same MD5.
Signed-off-by: Ray Wang <raywang777@foxmail.com>
(cherry picked from commit
3204906569768cabcbedb5eaa3a11e2fcb18cd48)
Joe Mullally [Mon, 30 Aug 2021 21:35:05 +0000 (22:35 +0100)]
ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.
Note for users sysupgrading from the previous ath79-generic snapshot
images:
The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.
To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".
If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:
* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot
Signed-off-by: Joe Mullally <jwmullally@gmail.com>
Tested-by: Robert Högberg <robert.hogberg@gmail.com>
(cherry picked from commit
44e1e5d153d00915a7e516c9af3f440cbd84cf78)
Konstantin Demin [Thu, 7 Apr 2022 08:33:08 +0000 (11:33 +0300)]
dropbear: bump to 2022.82
- update dropbear to latest stable 2022.82;
for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- use $(AUTORELEASE) in PKG_RELEASE
- use https for all uris
- refresh all patches
- rewrite patches:
- 100-pubkey_path.patch
- 130-ssh_ignore_x_args.patch
binary/pkg size changes:
- ath79/generic, mips:
- binary: 215112 -> 219228 (+4116)
- pkg: 111914 -> 113404 (+1490)
- ath79/tiny, mips:
- binary: 172501 -> 172485 (-16)
- pkg: 89871 -> 90904 (+1033)
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit
65256aee23a5104eb0c78411fdc73640c0b757ea)
Nick Hainke [Tue, 5 Apr 2022 13:01:43 +0000 (15:01 +0200)]
libmnl: update to 1.0.5
Changes:
Duncan Roe (5):
nlmsg: Fix a missing doxygen section trailer
build: doc: "make" builds & installs a full set of man pages
build: doc: get rid of the need for manual updating of Makefile
build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
src: doc: Fix messed-up Netlink message batch diagram
Fernando Fernandez Mancera (1):
src: fix doxygen function documentation
Florian Westphal (1):
libmnl: zero attribute padding
Guillaume Nault (1):
callback: mark cb_ctl_array 'const' in mnl_cb_run2()
Kylie McClain (1):
examples: nfct-daemon: Fix test building on musl libc
Laura Garcia Liebana (4):
examples: add arp cache dump example
examples: fix neigh max attributes
examples: fix print line format
examples: reduce LOCs during neigh attributes validation
Pablo Neira Ayuso (3):
doxygen: remove EXPORT_SYMBOL from the output
include: add MNL_SOCKET_DUMP_SIZE definition
build: libmnl 1.0.5 release
Petr Vorel (1):
examples: Add rtnl-addr-add.c
Stephen Hemminger (1):
examples: rtnl-addr-dump: fix typo
igo95862 (1):
doxygen: Fixed link to the git source tree on the website.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
c3b738933981de601389794152534628b04555dc)
Nick Hainke [Tue, 5 Apr 2022 13:26:24 +0000 (15:26 +0200)]
libnfnetlink: update to 1.0.2
Changes:
c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings
Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit
aecf088b3792d556c717510304729fa542ceb770)
Andrey Erokhin [Wed, 6 Apr 2022 09:36:15 +0000 (12:36 +0300)]
gpio-button-hotplug: fix data race
bh_event_add_var can be called by multiple threads concurrently,
so it shall not use a static char buffer
Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
(cherry picked from commit
1e991e09b73c309321d21b9cb706bd5139d952d2)
Rosen Penev [Wed, 16 Mar 2022 23:18:07 +0000 (16:18 -0700)]
tools/meson: update to 0.61.4
Override python to use the one in host instead of hostpkg. There's no
need to use the latter.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
19f3fcc884cab348cfba823f1175baf7aa4de15f)
leo chung [Thu, 31 Mar 2022 02:58:29 +0000 (10:58 +0800)]
tools/cmake: fix download url
fix the cmake.org download url
Signed-off-by: leo chung <gewalalb@gmail.com>
(cherry picked from commit
56f091d4677feb693d37959a3fa4af845dcce82e)
Daniel Golle [Wed, 6 Apr 2022 18:59:52 +0000 (19:59 +0100)]
libselinux: add missing host-build dependency on libsepol/host
The host-build of libselinux requires libsepol/host.
Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts
which don't have libsepol installed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
0d3850dc5af4896ab3679dc4d8ef9a664e5e705f)
Valentyn Datsko [Wed, 6 Apr 2022 13:13:13 +0000 (16:13 +0300)]
dnsmasq: add procd interface index tracking
Problem exist when dnsmasq is exclusively bind to particular interface.
After reconfiguring or restarting this interface, its index changes, but
dnsmasq uses the old one. When this problem occurs, dnsmasq does not
listen on the correct interface so DHCP does not work, and clients do not
get an IP address. Procd netdev param can be added to restart dnsmasq when
the interface index is changed.
Signed-off-by: Valentyn Datsko <valikk.d@gmail.com>
[combined into a single &&-connected statement]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
76f55e3c3f32dea63a385e9b3c8eaed1322089c7)
Rosen Penev [Fri, 24 Sep 2021 06:47:31 +0000 (23:47 -0700)]
libselinux: use musl-fts for host builds
Fixes compilation under musl based distros like Alpine Linux.
Also add pcre/host as a build dependency as it's needed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
abb2683de36ffe7b29a1b6ea5a8d7edf73719152)
Hauke Mehrtens [Wed, 6 Apr 2022 22:36:25 +0000 (00:36 +0200)]
at91: Automatically detect USB feature
The sama7 sub target does not have USB support, the feature should not
be activated there. OpenWrt can automatically detect if the target
supports USB by using the scripts/target-metadata.pl script. With the
automatic detection USB support will only get activated on subtargest
which actually support USB like sam9x and sama5.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
f6d566301ee3dc12fd41e131f89dfc4777b002f3)
Hauke Mehrtens [Tue, 5 Apr 2022 20:28:30 +0000 (22:28 +0200)]
at91/sama7: Do not build in Bluetooth
Bluetooth should be activated as an optional kmod package instead of
compiling it into the kernel.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
3296881a1d631bc6db38fe72ab73adaa27af6f8c)
Hauke Mehrtens [Tue, 5 Apr 2022 20:27:41 +0000 (22:27 +0200)]
at91/sama7: Use ext4 driver for ext2 and ext3
Use the ext4 driver for ext2 and ext3 too. This feature is activated in
the OpenWrt generic configuration.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
6709b67265d04ee82b1e79e2a6c8eaeca9d5dfe4)
Hauke Mehrtens [Tue, 5 Apr 2022 20:24:00 +0000 (22:24 +0200)]
at91/sama7: Deactivate certification and key system
This was probably activated by mac80211 which was activated before.
mac80211 is build from backports in OpenWrt.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
ac2bc4b893999709776bc93c46e907147aef3a44)
Hauke Mehrtens [Tue, 5 Apr 2022 20:22:04 +0000 (22:22 +0200)]
at91/sama7: Do not activate cgroups and namespaces
cgroups and namespaces should be configured by the generic OpenWrt
configuration and not for a specific target.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
a2f1db99f62554699b30de5d379f5b16c1138f41)
Hauke Mehrtens [Tue, 5 Apr 2022 20:14:16 +0000 (22:14 +0200)]
at91/sama7: Remove config options build as module
Remove the configuration options which are building modules for the sub
target configuration.
These kernel modules are not packaged. Kernel options should only be
build as a module when they are selected by a kmod package and not by
setting them to =m in the target kernel configuration.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
5a84a8764d9f6e753eb6f11f214b0a3e5cb5ff80)
Hauke Mehrtens [Wed, 6 Apr 2022 22:51:50 +0000 (22:51 +0000)]
kernel: bump 5.10 to 5.10.109
Patches automatically rebased.
Compile-tested: lantiq/xrx200
Run-tested: lantiq/xrx200
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Daniel Golle [Wed, 6 Apr 2022 16:25:16 +0000 (17:25 +0100)]
scripts: make sure sort-order is independent from locale
Set LC_ALL=C environment variable when calling 'sort' as the sort
order otherwise depends on the locale set.
Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
1d77dca3b32dd883bcc2213675cf21111ac1beca)
Daniel Golle [Wed, 6 Apr 2022 11:19:31 +0000 (12:19 +0100)]
kernel: set SOURCE_DATE_EPOCH for initramfs root dir
Make sure the timestamp of the root directory of the initramfs is set
to SOURCE_DATE_EPOCH as well.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
54bcf586b0beb510345fdbac731ce1c04b6fa56b)
Paul Spooren [Mon, 28 Mar 2022 02:29:09 +0000 (03:29 +0100)]
build: store sha256_unsigned in JSON
Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.
Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
8822a8d850ba2df69b81289758959bb90643a696)
Daniel Golle [Tue, 29 Mar 2022 12:54:14 +0000 (13:54 +0100)]
kernel: fix initramfs reproducibility
Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
fc6a83e63b187ecfd0e427c062ae09e3c104e291)
Stijn Tintel [Sat, 19 Feb 2022 15:54:22 +0000 (17:54 +0200)]
image: let mksquashfs4 use all processors
Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.
The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):
Before:
real 4m45,973s
After:
real 0m23,497s
With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
df2ae8826ced4f374bcb693b44d8a113ad150d70)
Paul Spooren [Thu, 31 Mar 2022 21:51:29 +0000 (22:51 +0100)]
scripts: make sure conffiles are sorted
It may happen that conffiles are in different order on different builds.
Make sure they have the same order by sorting them.
FIX: #9612
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
56ce110b73970bcd65d309440baada84c8e1504b)
Paul Spooren [Thu, 31 Mar 2022 16:13:37 +0000 (17:13 +0100)]
toolchain: reproducible libstdcpp
A Python script containing an unreproducible path is copied by default.
Remove it before generating the package.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
950bd40a275d1a834c95d8f9830e1bfed4737a82)
Paul Spooren [Mon, 4 Apr 2022 11:17:25 +0000 (13:17 +0200)]
grub2: add missing license
The PKG_LICENSE field was missing.
While at it, normalize the Makefile a bit.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
839b1ff1fc0d6bcd74131a78fb9286df7f3b7b97)
Stijn Tintel [Sun, 3 Apr 2022 18:31:19 +0000 (21:31 +0300)]
qoriq: enable support for Marvell Alaska PHYs
The WatchGuard Firebox M200 and M300 use a Marvell
88e1543 PHY for the
first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY
driver, so enable it.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
d7eba8059b3bfe89f90f1d18f1f0d23cbbb42423)
Daniel Golle [Sun, 3 Apr 2022 15:19:31 +0000 (16:19 +0100)]
kernel: load device-mapper early on boot
Previously commit openwrt/packages@
3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
82f9ad6ab21ca4925278429a3e1b31d26c306d9f)
Piotr Dymacz [Fri, 11 Mar 2022 17:58:36 +0000 (18:58 +0100)]
kernel: modules: drop 'AddDepends/bluetooth' calls
Function 'AddDepends/bluetooth' doesn't exist in our codebase.
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit
173198e35a898ff7ec97749247f75cd82fa3c3ab)
Hauke Mehrtens [Thu, 31 Mar 2022 16:43:09 +0000 (18:43 +0200)]
busybox: Fix snprintf arguments in lock
The first argument for snprintf is the buffer and the 2. one is the
size. Fix the order. This broke the lock application.
Fixes: 9d2b26d5a705 ("busybox: fix busybox lock applet pidstr buffer overflow")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
d80336e1a970b088c235dcf2773052537e6f5d72)
Qichao Zhang [Sun, 20 Mar 2022 01:43:22 +0000 (09:43 +0800)]
busybox: fix busybox lock applet pidstr buffer overflow
Kernel setting `/proc/sys/kernel/pid_max` can be set up to
4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.
Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com>
(cherry picked from commit
34567750db2c3a84fc9f971189c223e2eefd93b0)
Huangbin Zhan [Sat, 30 Oct 2021 07:28:28 +0000 (15:28 +0800)]
build: autotools: fix cache path
the cache directory should be autom4te.cache in all $(PKG_AUTOMAKE_PATHS)
rather than $(PKG_BUILD_DIR)/autom4te.cache only
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit
044ca149f36a08f56fe827a20aa113837c58cb40)
Rosen Penev [Sat, 19 Mar 2022 23:18:49 +0000 (16:18 -0700)]
pcre: disable shared libraries for host builds
Getting rid of shared libraries for hostpkg avoids having to use rpath
hacks to find the library. It also fixes compilation with host glib2
binaries.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
f8571749a77ea23b418c84692220083858c1df79)
Rosen Penev [Fri, 24 Sep 2021 06:44:57 +0000 (23:44 -0700)]
musl-fts: remove shared libraries from host
Avoids having to add rpath to the various packages using it. Also add
PIC to fix compilation as static libraries do not use PIC by default.
Fixes: 1fb099341e58 ("musl-fts: add host build")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
8a75ed4ba07b9d64ae547ce36873e51ba54f0eaf)
Christian Lamparter [Fri, 25 Mar 2022 22:57:29 +0000 (23:57 +0100)]
kernel: mark CONFIG_PSTORE_COMPRESS_DEFAULT as "is not set"
# CONFIG_PSTORE_COMPRESS_DEFAULT="deflate"
this can lead to confusion. Thankfully, in the KConfig
world this setting is still interpreted as disabled.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
de4879c1ae92bf625a91ff3f07a65ec0e4bb8ed1)
Andre Heider [Sun, 5 Dec 2021 11:14:45 +0000 (12:14 +0100)]
ipq40xx: add support for FRITZ!Box 7520
This model, also know as "1&1 HomeServer", shares the same features as 7530.
The vendor firmware has artificial software limitations: only 2 of the 4
LAN-Ports are GBit, and the USB-Host is only v2.0.
With OpenWrt, USB is already working at v3.0.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(updated commit message to reflect current state)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
cb6f4be13703f0224fc462caaeac14e725c72986)
Stijn Tintel [Fri, 25 Mar 2022 13:03:53 +0000 (15:03 +0200)]
gettext-full: add gmsgfmt symlink in host install
Some configure scripts look for msgfmt and gmsgfmt. As we don't install
the latter, configure might pick up one from staging_dir/hostpkg, and
the other from the host:
checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt
checking for gmsgfmt... /usr/bin/gmsgfmt
This could potentially lead to hard to debug undefined behaviour.
Install a symlink in the host install phase to avoid this.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
636cb00ecc8d693c36e48952f6d154f91e0e569e)
Robert Marko [Mon, 21 Mar 2022 11:39:54 +0000 (12:39 +0100)]
uboot-mvebu: backport patch to fix eMMC
v2022.01 has a regression that broke eMMC usage on most if not all Armada
SoC-s, thus breaking boards like uDPU which use eMMC for storage.
Fix it by backporting a recent upstream patch.
Fixes: 782d4c8306c8 ("uboot-mvebu: update to version 2022.01")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit
a70383080694f26d13db8341a83261f6b1c45f12)
Stijn Tintel [Sun, 3 Apr 2022 02:24:17 +0000 (05:24 +0300)]
Revert "octeon: mark source-only"
The memory leak is fixed by the kernel patches backported in the
previous commit.
This reverts commit
1fa8780056a8c7a2e26c8b4d5e6979232f117349.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
f6cda9f06b09c94457e838a28ef300b2f3c6be77)
Stijn Tintel [Sun, 3 Apr 2022 02:14:06 +0000 (05:14 +0300)]
kernel: backport pgalloc memory leak fix
Backport a fix for the massive memory leak observed in Octeon after
switching to kernel 5.10.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
9283359bd53a889a270da4a7d5bbe3eaaa771e70)
Stijn Tintel [Fri, 1 Apr 2022 10:05:10 +0000 (13:05 +0300)]
octeon: mark source-only
There is a hard to reproduce, even harder to track down memory leak in
Octeon since kernel 5.10. Mark octeon source-only until it is plugged.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit
1fa8780056a8c7a2e26c8b4d5e6979232f117349)
Jan-Niklas Burfeind [Mon, 28 Mar 2022 16:07:59 +0000 (18:07 +0200)]
ath79: migrate Archer C5 5GHz radio device paths
When upgrading a TP-Link Archer C5 v1 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.
Same has been done for the Archer C7 before:
commit
e19506f20618 ("ath79: migrate Archer C7 5GHz radio device paths")
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit
c6eb63d48f942f1e54737ed182776cf9a08de542)
Matthias Schiffer [Tue, 29 Mar 2022 22:20:39 +0000 (00:20 +0200)]
ath79: fix label MAC address for Ubiquiti UniFi AP Outdoor+
The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
aee9ccf5c1b536189ebee8c232273657334da843)
Hauke Mehrtens [Mon, 28 Feb 2022 21:32:08 +0000 (22:32 +0100)]
realtek: Fix tc default package
The tc package does not exits any more, it was split into tc-tiny,
tc-full and tc-bpf. Include tc-bpf by default into realtek images.
This increases the compressed image size by about 232KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
34fb36e165d5b6e6e37d33b4b0da789a8f1430bb)
Hauke Mehrtens [Mon, 28 Feb 2022 20:57:55 +0000 (21:57 +0100)]
realtek: Use firewall4
The realtek target is not a router, but basic device, see DEVICE_TYPE.
The basic device type does not come with firewall by default, see
include/target.mk for details. The realtek target extended
DEFAULT_PACKAGES manually with firewall.
This changes the defaults to take firewall4 and nftables instead of
firewall and iptables. This also adds the additional package
kmod-nft-offload.
The only difference to the router type is the missing ppp,
ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.
This increases the compressed image size by about 422KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
469030659c5cb140bdbff1b3d8fc9691f98f984b)
Hauke Mehrtens [Fri, 25 Mar 2022 12:57:40 +0000 (13:57 +0100)]
realtek: Remove dnsmasq and odhcpd-ipv6only from default
Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.
This decreases the compressed image size by about 165KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
2acebbdcaafbdfd3f677052c28bc0af04c6b5ab8)
Christian Lamparter [Mon, 21 Feb 2022 19:13:53 +0000 (20:13 +0100)]
ipq40xx: WAC510: device-tree overhauling
removes usb-port remains as neither the WAC510 nor the WAC505
come with a USB port. Update the LED properties to phase out
labels and introduce generic node-names as well as adding
the color, function and function-enumerator properties.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
026fda10a5c45d56fd856628b6e9e69b95fd5e58)
Aleksander Jan Bajkowski [Tue, 8 Mar 2022 20:20:37 +0000 (21:20 +0100)]
lantiq: xrx200: replace patch with upstream version
This commit replaces patch number 0703 with the upstream accepted
version. This patch requires backporting an additional patch to
avoid conflicts.
The only significant change is the lower maximum MTU. Packets with
lengths over 2400 may be dropped.
Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
(cherry picked from commit
b4970dab6b0c3e13715f4b13de42d72a74c1c9e9)
Daniel Golle [Thu, 24 Mar 2022 18:40:14 +0000 (18:40 +0000)]
uqmi: fix acquiring PIN status
Evaluating the return value of 'json_load' didn't work in the
intended way resulting in PIN status no longer being read on modems
where --get-pin-status doesn't fail.
Fix this by trying --get-pin-status first and checking if pin1_status
field exists in JSON, and if it doesn't try again with
--uim-get-sim-state.
Fixes: #9501
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
ee7cb5e885118b78fb5f692d8ed6c93bb7e35853)
Rui Salvaterra [Wed, 23 Mar 2022 09:47:19 +0000 (09:47 +0000)]
kernel: bump 5.10 to 5.10.108
Patches automatically rebased.
Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Tested-by: John Audia <graysky@archlinux.us>
Build-tested: ath79/generic, ramips/mt76{20,21,x8}, ipq40xx, mvebu, realtek/rtl{838,930}x, x86/64
Run-tested: ramips/mt7621, mvebu
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
(cherry picked from commit
2c26eb4e484fe6d7a8159a22f97b6db7ca6e9221)
Raylynn Knight [Mon, 21 Mar 2022 03:53:38 +0000 (23:53 -0400)]
x86: Add support for Sophos XG 85 and XG 86 devices
This commit builds on previous efforts to add support
for Sophos devices.
* Add support for Sophos XG 85 with/without wireless
* Add support for Sophos XG 86 with/without wireless
Tested on Sophos XG 85w rev1 and XG 86 rev 1
Signed-off-by: Raylynn Knight <rayknight@me.com>
(cherry picked from commit
c7bcbcd49280a79b287cc072cd0ca7de777a7ac4)
Felix Fietkau [Fri, 25 Mar 2022 20:09:14 +0000 (21:09 +0100)]
mac80211: backport patch that allows receiving packets with non-standard VHT MCS10-11 rates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit
56ae4eb90864373dd4663f579851290be74430aa)
Daniel Golle [Wed, 23 Mar 2022 19:34:06 +0000 (19:34 +0000)]
scripts/mkits.sh: replace forgotten '-' with ${REFERENCE_CHAR}
Cosmetical change to improve style in mkits.sh.
Fixes: fd679086473 ("scripts: mkits.sh: Allow legacy @ mode for dts creation")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
e89c85249e311e9a376d07cda33c9dc39b12a906)
Daniel Golle [Thu, 24 Mar 2022 03:25:28 +0000 (03:25 +0000)]
kernel: set options to make external initramfs reproducible
Run cpio as well as compressors in such ways that they are generating
reproducible output.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
29d7461d1135b91905120a44dc028b786693ecc4)
Daniel Golle [Sat, 26 Mar 2022 22:51:21 +0000 (22:51 +0000)]
generic: sync mtd rootfs hack with part_bits
In commit
ab143647ef ("kernel: generic: improve FIT partition parser")
part_bits was bumped to 2 in order to allow up to 3 additional FIT
sub-images mapped into sub-partitions.
This change has to be reflected also in our local patch
420-mtd-set-rootfs-to-be-root-dev.patch
which still assumed part_bits==1 for mtdblock devices in case of
CONFIG_FIT_PARTITION=y.
Fixes: #9557
Fixes: ab143647ef ("kernel: generic: improve FIT partition parser")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
13960fb0e0babcd99530fcb234073af0c0a5e2f5)
Daniel Golle [Thu, 24 Mar 2022 02:56:01 +0000 (02:56 +0000)]
kernel: generic: fix warning in FIT partition parser
Use 'const char *' where necessary to make gcc get quiet.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
d3a4607fc61f890d5d4bedef6e542046038294d9)
Daniel Golle [Wed, 23 Mar 2022 19:29:07 +0000 (19:29 +0000)]
kernel: generic: improve FIT partition parser
* only map filesystems configured in 'loadables'
* allow mapping more than one filesystem (e.g. customization/branding
or localization in addition to rootfs)
* small cleaning here and there
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
ab143647efef2a13bcce2f28a2797899fbc83946)
Daniel Golle [Mon, 21 Mar 2022 23:31:38 +0000 (23:31 +0000)]
kernel: generic: use chosen bootconf in FIT partition parser
If the selected boot configuration is stored by U-Boot in '/chosen'
node as 'bootconf' attribute, use that configuration to resolve the
block device used as rootfs. Fall back to use the default configuration
in case 'bootconf' is not present.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
503f3b9f0e9693bb983a0f259aa4ba106a690140)
Daniel Golle [Mon, 21 Mar 2022 23:30:10 +0000 (23:30 +0000)]
uboot-mediatek: add patch to allow accessing bootconf from Linux
Store selected boot configuration in '/chosen' node in device tree, so
it can be accessed by Linux (and used for fine-tuning the FIT partition
parser).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
dfc3ea6810904f4f498d4a1304443c1a4c9f1e3c)
Daniel Golle [Mon, 21 Mar 2022 20:14:48 +0000 (20:14 +0000)]
uboot-envtools: oxnas: fix wrong eraseblock size for shuttle,kd20
Shuttle KD20 has NAND flash with 0x20000 (128KiB) erase blocks.
Correctly set that in uboot-envtools as well to allow writing to the
bootloader environment using fw_setenv.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
fa676395136b17d753fd90137e58f02a4fcdb09e)
Petr Štetiar [Sun, 27 Mar 2022 09:48:31 +0000 (11:48 +0200)]
openwrt-keyring: fix broken install step
In commit
2d03f27f0f07 ("openwrt-keyring: make opkg use 22.03 usign
key") I've accidentally removed the `endef` keyword, so fix it by adding
it back.
Fixes: 2d03f27f0f07 ("openwrt-keyring: make opkg use 22.03 usign key")
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Petr Štetiar [Sun, 27 Mar 2022 09:06:40 +0000 (11:06 +0200)]
openwrt-keyring: make opkg use 22.03 usign key
In order to make opkg usable with artifacts produced by project's
buildbot:
Downloading https://downloads.openwrt.org/releases/22.03-SNAPSHOT/packages/x86_64/luci/Packages.sig
Signature check failed.
Remove wrong Signature file.
References: https://gitlab.com/openwrt/docker/-/jobs/
2255191689
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Christian Lamparter [Fri, 25 Mar 2022 20:28:56 +0000 (21:28 +0100)]
kernel: add (disabled) ASYMMETRIC_TPM_KEY_SUBTYPE symbol
at91/sama7 fails to build due to:
| Asymmetric (public-key cryptographic) key type (ASYMMETRIC_KEY_TYPE) [Y/?] y
| Asymmetric public-key crypto algorithm subtype (ASYMMETRIC_PUBLIC_KEY_SUBTYPE) [Y/?] y
| Asymmetric TPM backed private key subtype (ASYMMETRIC_TPM_KEY_SUBTYPE) [N/m/?] (NEW)
|Error in reading or end of file.
please note that asym_tpm (module) has been removed in 5.17:
<https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=
d3cff4a9>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
638771509383cf36617c49b9cc1e0c4a9aedaa0d)
张 鹏 [Fri, 25 Mar 2022 09:39:07 +0000 (17:39 +0800)]
ipq40xx: update
E2600AC c1/c2 board
Modified the radio frequency hardware part of
e2600ac c1/c2,
need to cooperate with the modified board.bin file, the device
can work normally.
Signed-off-by: 张 鹏 <sd20@qxwlan.com>
(cherry picked from commit
bdc786e82c13547b01bd8f699d00598a974c14f6)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Pascal Coudurier [Sat, 19 Mar 2022 17:39:04 +0000 (18:39 +0100)]
kernel: backport two intel igc patches from 5.15
to allow proper initialization of device
- igc: Remove _I_PHY_ID checking
- igc: Remove phy->type checking
Signed-off-by: Pascal Coudurier <coudu@wanadoo.fr>
(refreshed)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
dd45cc2123b75abb0b41eb90c21d8d3506f2a3c2)
Josef Schlehofer [Sun, 20 Mar 2022 22:28:41 +0000 (23:28 +0100)]
cypress-firmware: drop several packages
1. Drop package: cypress-firmware-4359-pcie
This binary is no longer provided and there are not many details what
happened.
2. Drop package: cypress-firmware-4359-sdio
This binary is no longer provided, but in this case, to compare it with
PCIe package mention as first, there was added
support in Linux-firmware [1], but no sign of firmware file.
4. Drop package: cypress-firmware-89459-pcie [2]
According to Infineon: "CYW89459 is an automotive Wi-Fi chip which is not
supported in the broad market community."
[1] https://patchwork.kernel.org/project/linux-wireless/patch/
20191211235253.2539-6-smoch@web.de/
[2] https://community.infineon.com/t5/Wi-Fi-Bluetooth-for-Linux/the-wifi-driver-for-CYW89459-in-linux4-14-98-2-3-00/m-p/138971
Fixes: 7ca7e0b22de6 ("cypress-firmware: update it to version 5.4.18-2021_0812")
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
51dee3f4f7bac26cae8a6355f5a9adb4823f63a5)
Christian Lamparter [Thu, 24 Mar 2022 20:05:11 +0000 (21:05 +0100)]
apm821xx: fix crash/panic related to SATA/SSD choice
Ticerex on the OpenWrt Forum reported a gnarly crash when
he was using Samsung 840 and 850 EVOs with his MyBook Live:
| BUG: Kernel NULL pointer dereference at 0x00000000
| Faulting instruction address: 0xc03ed4b8
| Oops: Kernel access of bad area, sig: 11 [#1]
| BE PAGE_SIZE=4K PowerPC 44x Platform
| CPU: 0 PID: 362 Comm: scsi_eh_1 Not tainted 5.4.163 #0
| NIP:
c03ed4b8 LR:
c03d27e8 CTR:
c03ed36c
| REGS:
cfa59950 TRAP: 0300 Not tainted (5.4.163)
| MSR:
00021000 <CE,ME> CR:
42000222 XER:
00000000
| DEAR:
00000000 ESR:
00000000
| GPR00:
c03d27e8 cfa59a08 cfa55fe0 00000000 0fa46bc0 [...]
| [..]
| NIP [
c03ed4b8] sata_dwc_qc_issue+0x14c/0x254
| LR [
c03d27e8] ata_qc_issue+0x1c8/0x2dc
| Call Trace:
| [
cfa59a08] [
c003f4e0] __cancel_work_timer+0x124/0x194 (unreliable)
| [
cfa59a78] [
c03d27e8] ata_qc_issue+0x1c8/0x2dc
| [
cfa59a98] [
c03d2b3c] ata_exec_internal_sg+0x240/0x524
| [
cfa59b08] [
c03d2e98] ata_exec_internal+0x78/0xe0
| [
cfa59b58] [
c03d30fc] ata_read_log_page.part.38+0x1dc/0x204
| [
cfa59bc8] [
c03d324c] ata_identify_page_supported+0x68/0x130
| [...]
This turned out this is an issue with upstream changing
ATA_TAG_INTERNAL's value from 31 to 32 during 4.18 release.
Update "SATA_DWC_QCMD_MAX" to account for that.
Link: https://forum.openwrt.org/t/my-book-live-duo-reboot-loop/122464
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
e95dec811661f60ae931e09e320249187922bd67)
Christian Lamparter [Thu, 24 Mar 2022 19:34:16 +0000 (20:34 +0100)]
ipq40xx: disable non-building tel(co Electronics) x1pro
Tel(co Electronics) X1 Pro is preventing ipq40xx generic
from building due to the KERNEL_SIZE.
Whenever bigger kernels are possible, if lzma is supported
is unknown.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
4ce52de450922dc671f08fb4551c066cfcf55bf4)
David Bauer [Fri, 25 Mar 2022 21:58:34 +0000 (22:58 +0100)]
ath79: fix link for long cables with OCEDO Raccoon
The OCEDO Raccoon had significant packet-loss with cables longer than 50
meter. Disabling EEE restores normal operation.
Also change the ethernet config to reduce loss on sub-1G links.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
4551bfd91f31be5987727c77e58333fa06ba3acd)
Matthias Schiffer [Fri, 25 Mar 2022 16:32:24 +0000 (17:32 +0100)]
ath79: fix TPLINK_HWREV field for TL-WR1043ND v4
Required to allow sysupgrades from OpenWrt 19.07.
Closes #7071
Fixes: 98fbf2edc021 ("ath79: move TPLINK_HWID/_HWREV to parent for tplink-safeloader")
Tested-by: J. Burfeind <git@aiyionpri.me>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
8ba71f1f6f2359f9cf54201e9fc037df33f123c0)
Petr Štetiar [Thu, 24 Mar 2022 05:52:37 +0000 (06:52 +0100)]
imagebuilder: fix broken image generation with external targets
When using external targets there is a symlink being created for the
target under target/linux which then becomes dangling under Image
Builder. Fix it by dereferencing the possible symlink.
Tested on IB with external target, ipq40xx and mvebu.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
621f39d1f438bf95dbae667c575926fa16a6d797)
Petr Štetiar [Fri, 25 Mar 2022 13:26:52 +0000 (14:26 +0100)]
openwrt-keyring: add OpenWrt 22.03 GPG/usign keys
62471e693b4f usign: add 22.03 release build public key
70817cffc905 gpg: add OpenWrt 22.03 signing key
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
759886345d900139f38bd9200a32ce12868d3343)
Matthias Schiffer [Thu, 24 Mar 2022 08:26:01 +0000 (09:26 +0100)]
ath79: change Ubiquiti UniFi AP model name to include "AP"
While it hasn't always been clear whether the "AP" is part of the model
name on the Ubiquiti website, we include it for all other pre-AC
variants (AP Pro and the AP Outdoor+). Add it to the original UniFi AP
as well for consistency.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
dc23df8a8ca728871d84f0a140f4b52c36b03f1d)
Matthias Schiffer [Wed, 23 Mar 2022 21:06:50 +0000 (22:06 +0100)]
ath79: fix label MAC address for Ubiquiti UniFi
The label has the MAC address of eth0, not the WLAN PHY address.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit
2a02b7049966dc77ae9519ca165f29b75e0dbf0e)
Robert Marko [Mon, 21 Mar 2022 10:47:27 +0000 (11:47 +0100)]
mvebu: udpu: fix initramfs booting
uDPU provides a FIT based initramfs, but currently gets stuck after U-boot
starts the kernel at "Starting kernel..".
It is due to the load address being too low, so increase it in order to get
the initramfs booting again.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit
80f21e53360d52d493c51a4a263d9b7607b7494e)
Robert Marko [Mon, 21 Mar 2022 10:47:28 +0000 (11:47 +0100)]
mvebu: udpu: include LM75 kmod by default
uDPU has 2 LM75 compatible temperature sensors, so include the driver for
them by default in order to utilize them.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit
a8b2d3590329386d0ae6873460b2d5126f63ddaa)
Marek Behún [Mon, 21 Mar 2022 16:35:27 +0000 (17:35 +0100)]
kernel: Fix patch header
Remove "a" character from the first line of patch
738-v5.14-01-net-dsa-qca8k-fix-an-endian-bug-in-qca8k-get-ethtool.patch
Otherwise `git am` fails to apply this patch which is annoying when
trying to do some development / rebasing.
Signed-off-by: Marek Behún <kabel@kernel.org>
(cherry picked from commit
f811c33b197138d8e9ab7bc9fbdc3836e95827b8)
Petr Štetiar [Tue, 8 Mar 2022 09:41:24 +0000 (10:41 +0100)]
sunxi: cortexa7: fix ethernet link detection on a20-olinuxino-lime2
a20-olinuxino-lime2 is currently having hard time with link detection of
certain 1000Mbit partners due to usage of generic PHY driver, probably
due to following missing workaround introduced in upstream in commit
3aed3e2a143c ("net: phy: micrel: add Asym Pause workaround"):
The Micrel KSZ9031 PHY may fail to establish a link when the Asymmetric
Pause capability is set. This issue is described in a Silicon Errata
(DS80000691D or DS80000692D), which advises to always disable the
capability. This patch implements the workaround by defining a KSZ9031
specific get_feature callback to force the Asymmetric Pause capability
bit to be cleared.
This fixes issues where the link would not come up at boot time, or when
the Asym Pause bit was set later on.
As a20-olinuxino-lime2 has Micrel KSZ9031RNXCC-TR Gigabit PHY since
revision H, so we need to use Micrel PHY driver on those devices.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
ffa1088f63267f817a3adf34c84b8e8089b1a938)
Petr Štetiar [Thu, 24 Mar 2022 05:45:04 +0000 (06:45 +0100)]
zlib: backport security fix for a reproducible crash in compressor
Tavis has just reported, that he was recently trying to track down a
reproducible crash in a compressor. Believe it or not, it really was a
bug in zlib-1.2.11 when compressing (not decompressing!) certain inputs.
Tavis has reported it upstream, but it turns out the issue has been
public since 2018, but the patch never made it into a release. As far as
he knows, nobody ever assigned it a CVE.
Suggested-by: Tavis Ormandy <taviso@gmail.com>
References: https://www.openwall.com/lists/oss-security/2022/03/24/1
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
b3aa2909a79aeff20d594160b207a89dc807c033)