Koen Vandeputte [Wed, 11 Sep 2019 09:22:19 +0000 (11:22 +0200)]
kernel: bump 4.14 to 4.14.143
Refreshed all patches.
Remove upstreamed:
- 390-v5.3-net-sched-fix-action-ipt-crash.patch
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Rafał Miłecki [Thu, 5 Sep 2019 11:08:13 +0000 (13:08 +0200)]
base-files: validate firmware for compatibility with backup
This allows platform code to check if firmware image can be used with
preserving a backup. It may be used e.g. when installing vendor
firmwares that won't restore appended backup archive.
Suggested-by: Luis Araneda <luaraneda@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
1c510fe2980cd787602786e82f44602549d607d4)
Rafał Miłecki [Fri, 6 Sep 2019 10:44:49 +0000 (12:44 +0200)]
bcm53xx: extend firmware validation
This provides TRX validation result to the validation JSON. It also
prevents users from installing broken firmware files.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
c19b9f9a2623c110222210d04f75ace0e594c7e9)
Rafał Miłecki [Wed, 4 Sep 2019 04:35:31 +0000 (06:35 +0200)]
brcm47xx: extend firmware validation
This provides TRX validation result, so final JSON may look like:
{
"tests": {
"fwtool_signature": true,
"fwtool_device_match": true,
"trx_valid": true
},
"valid": true,
"forceable": true
}
It also prevents users from installing broken firmware files, e.g.:
root@OpenWrt:/# sysupgrade -F -n /tmp/TZ
Image metadata not found
Invalid image type. Please use firmware specific for this device.
Image check failed but --force given - will update anyway!
Commencing upgrade. Closing all shell sessions.
Firmware image is broken and cannot be installed
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
e68c1cebd1d87ce60f0646688e437e83081e2322)
Rafał Miłecki [Thu, 5 Sep 2019 21:33:19 +0000 (23:33 +0200)]
treewide: use new procd sysupgrade $UPGRADE_BACKUP variable
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.
This change requires the most recent procd with the commit
0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
641f6b6c26cb9ab5e1198810015e5f4b2b5b34ad)
Rafał Miłecki [Wed, 4 Sep 2019 14:57:40 +0000 (16:57 +0200)]
treewide: when copying a backup file always specify dest name
$CONF_TAR shouldn't be assumed to always point to the sysupgrade.tgz.
This change makes code more generic and allows refactoring $CONF_TAR.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
62dbe361a1b1ed1506bc0387bff55eddcb619e49)
Rafał Miłecki [Wed, 4 Sep 2019 14:57:39 +0000 (16:57 +0200)]
treewide: don't hardcode "sysupgrade.tgz" file name
1) Add BACKUP_FILE and use it when copying an archive to be restored
after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
bf390478727ac5f4f9d6fb684de48b8150bcec67)
Yousong Zhou [Wed, 11 Sep 2019 13:25:17 +0000 (13:25 +0000)]
tools: mkimage: fix __u64 typedef conflict with new glibc
Including "sys/stat.h" from newer glibc will cause __u64 from linux uapi
header to be included, causing compilation failure for u-boot tools
USE_HOSTCC
Remove typedef for __u64 in include/compiler.h to fix the issue. It should be
safe because as of u-boot-2018.03, no ref to __u64 is found under u-boot tools/
directory
Error message snippet follows
HOSTCC tools/mkenvimage.o
In file included from /usr/include/asm-generic/types.h:7,
from /usr/include/asm/types.h:5,
from /usr/include/linux/types.h:5,
from /usr/include/linux/stat.h:5,
from /usr/include/bits/statx.h:30,
from /usr/include/sys/stat.h:446,
from tools/mkenvimage.c:21:
/usr/include/asm-generic/int-ll64.h:31:42: error: conflicting types for '__u64'
31 | __extension__ typedef unsigned long long __u64;
| ^~~~~
In file included from <command-line>:
././include/compiler.h:69:18: note: previous declaration of '__u64' was here
69 | typedef uint64_t __u64;
| ^~~~~
make[5]: *** [scripts/Makefile.host:116: tools/mkenvimage.o] Error 1
Ref: https://forum.openwrt.org/t/compile-error-19-07/44423
Ref: https://bugzilla.redhat.com/show_bug.cgi?id=
1699194
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Koen Vandeputte [Wed, 11 Sep 2019 21:40:42 +0000 (23:40 +0200)]
Revert "ar71xx: use platform code for qca955x usb0 init"
This reverts commit
af91a370de2b94a37b8a87a9f95503e96dfcb744.
As Piotr Dymacz pointed out:
In QCA MIPS based WiSOCs, for first USB interface,
device/host mode can be selected _only_ in hardware
see description of
57c641ba6e
QCA955x and QCA9563, second USB can be switched to device
mode in software (tested and confirmed on real hardware).
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Tomislav Požega [Tue, 3 Sep 2019 22:48:37 +0000 (00:48 +0200)]
ar71xx: qca955x pci init/reset fixes
Current ar724x code does the reset only on single pci bus, and
in case of qca9558 writes the wrong register (0x10 vs 0x0c).
This change allows the reset of second pci bus, commonly used in
Archer C7 devices, in case host controller is stuck in reset.
If the resetting controller on boot can solve any other issue it
can be enabled unconditionally by removing reset check before
ar724x_pci_hw_init is called.
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
[refreshed to apply cleanly]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit
76d870871cb12fc0c170e5fd23bce568adfaae6d)
Tomislav Požega [Tue, 3 Sep 2019 15:10:31 +0000 (17:10 +0200)]
ar71xx: enable ddr wb flush on qca955x
Enable flushing of write buffers on qca955x. GPL code has 0x88 reg
defined for PCI flush which is likely an error since the device
freezes on boot. So use DS default value 0xA8 for PCI flush.
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
(cherry picked from commit
fe9e702dc94ece2a004f6db68d6fb9a94d9437cb)
Tomislav Požega [Tue, 3 Sep 2019 15:04:17 +0000 (17:04 +0200)]
ar71xx: use platform code for qca955x usb0 init
Switch from ci_usb_setup to generic platform initialization of
usb0 port.
Signed-off-by: Tomislav Požega <pozega.tomislav@gmail.com>
(cherry picked from commit
36a0cfd24be1cb79f221964ed2bfe12b98befff3)
Koen Vandeputte [Mon, 9 Sep 2019 10:42:26 +0000 (12:42 +0200)]
kernel: bump 4.14 to 4.4.142
Refreshed all patches.
Remove upstreamed:
- 0032-usb-host-fotg2-restart-hcd-after-port-reset.patch
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Hauke Mehrtens [Sun, 8 Sep 2019 21:53:18 +0000 (23:53 +0200)]
hostapd: SAE/EAP-pwd side-channel attack update
Fixes this security problem:
* SAE/EAP-pwd side-channel attack update
https://w1.fi/security/2019-6/sae-eap-pwd-side-channel-attack-update.txt
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
7bed9bf10fc8d05df34c7efc66e8b4ade37a1a0c)
Hauke Mehrtens [Sun, 8 Sep 2019 21:27:04 +0000 (23:27 +0200)]
hostapd: Fix security problem in EAP-pwd
This fixes:
CVE-2019-11555 "EAP-pwd message reassembly issue with unexpected fragment"
https://w1.fi/security/2019-5/eap-pwd-message-reassembly-issue-with-unexpected-fragment.txt
This should not affect OpenWrt in the default settings as we do not use
EAP-pwd.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
9f34bf51d60a237696b1d4cc9b5f4835b95e7ea2)
Adrian Schmutzler [Sat, 7 Sep 2019 15:05:35 +0000 (17:05 +0200)]
ramips: fix ethernet MAC address of ASUS RT-AC57U
This backports the only non-cosmetic fix from
6640e1c3681b
("ramips: clean and improve MAC address setup in 02_network").
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Sat, 7 Sep 2019 15:05:34 +0000 (17:05 +0200)]
ramips: fix duplicate network setup for dlink, dir-615-h1
In
555ca422d1cb ("ramips: fix D-Link DIR-615 H1 switch port
mapping"), port setup for dir-615-h1 was changed without removing
the old one. This was working as the new one was triggered earlier
than the old one.
(In the meantine, changed sorting during ramips rename patches
actually inversed that order.)
Anyway, just remove the wrong case now.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
e35e4a996e26f17b69d200505ecea78af96a2704)
Adrian Schmutzler [Sat, 7 Sep 2019 15:05:33 +0000 (17:05 +0200)]
ramips: remove duplicate case for MAC setup of freestation5
ARC FreeStation5 is present twice in MAC address setup.
>From older commits/changes, it is not possible to reconstruct
the correct choice only by reading the annotations.
Thus, remove the second case and keep the first one, so behavior
stays the same (as nobody seems to have complained about it).
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
ad4eb2241b33b05b0942a3fa7ed2e53fb6e84386)
Rafał Miłecki [Mon, 9 Sep 2019 07:37:53 +0000 (09:37 +0200)]
mac80211: brcmfmac: backport more kernel 5.4 changes
Patch getting RAM info got upstreamed. A debugging fs entry for testing
reset feature was added.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
681acdcc54d2e59135bb706c38bed942f74ccf74)
Hauke Mehrtens [Sun, 8 Sep 2019 19:08:22 +0000 (21:08 +0200)]
mt7620: disable image generation for Nexx WT3020 (4MB)
Image generation is currently failing on builbots due to the following
error:
WARNING: Image file openwrt-19.07-snapshot-r10495-
db5164d3d0-ramips-mt7620-wt3020-4M-squashfs-factory.bin is too big
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Sun, 8 Sep 2019 17:43:50 +0000 (19:43 +0200)]
apm821xx: Make patches apply again
This patch was applied to the upstream kernel in version 4.14.135,
remove it from our patches directory.
Fixes: 40379b0ec64d ("apm821xx: fix bogus key-presses on boot")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Jonas Gorski [Fri, 6 Sep 2019 12:55:36 +0000 (14:55 +0200)]
Revert "build: remove harmful -nopad option from mksquashfs"
This reverts commit
1c0290c5cc6258c48b8ba46b4f9c85a21de4f875.
Dropping the nopad can make the padding overflow into the next erase
block on devices using a non-aligned rootfs start. This breaks the jffs2
overlay partition with the following messages:
[ 30.343877] jffs2_scan_eraseblock(): End of filesystem marker found at 0x10000
[ 30.376512] jffs2: Cowardly refusing to erase blocks on filesystem with no valid JFFS2 nodes
[ 30.385253] jffs2: empty_blocks 196, bad_blocks 0, c->nr_blocks 197
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit
f11d90a76b719106336b94d85b166b4ebf19dbb0)
David Bauer [Mon, 12 Aug 2019 23:44:03 +0000 (01:44 +0200)]
ipq40xx: fix AVM NAND caldata extraction
The AVM Fritz!Box 7530 (and probably other AVM IPQ4019 NAND devices)
has it's caldata not stored consistently, but instead at currently
3 known possible offsets.
As we get a non-zero exit code from fritz_cal_extract, simply try all
three possible offsets on both bootloader partitions, until a matching
caldata for each radio is found.
Reported-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
a6f85b81b7efd3fa3265d70e5406275b2dc03f5f)
Cong Wang [Sun, 25 Aug 2019 12:35:06 +0000 (05:35 -0700)]
kernel: net_sched: fix a NULL pointer deref in ipt action
The net pointer in struct xt_tgdtor_param is not explicitly
initialized therefore is still NULL when dereferencing it.
So we have to find a way to pass the correct net pointer to
ipt_destroy_target().
The best way I find is just saving the net pointer inside the per
netns struct tcf_idrinfo, which could make this patch smaller.
Fixes: 0c66dc1ea3f0 ("netfilter: conntrack: register hooks in netns when needed by ruleset")
Reported-and-tested-by: Tony Ambardar <itugrok@xxxxxxxxx>
Cc: Jamal Hadi Salim <jhs@xxxxxxxxxxxx>
Cc: Jiri Pirko <jiri@xxxxxxxxxxx>
Signed-off-by: Cong Wang <xiyou.wangcong@gmail.com>
[Backport for kernel v4.19 and v4.14]
Link: https://bugzilla.kernel.org/show_bug.cgi?id=204681]
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit
7735cce0c5c306bd9eea20ca2805e4a492c02be9)
Rafał Miłecki [Sun, 14 Jul 2019 16:59:59 +0000 (18:59 +0200)]
mvebu: sysupgrade: don't use $ARGV in platform_check_image()
sysupgrade passes image path to platform_check_image() as an argument so
it can be simply accessed using $1
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
76e43c82b55518b794ac24f9acfb3888c638f99b)
[rmilecki: dropping ARGV without this change broke sysupgrade]
Fixes: 6ac62c4b6cae ("base-files: don't set ARGV and ARGC")
Rafał Miłecki [Sun, 14 Jul 2019 17:03:19 +0000 (19:03 +0200)]
treewide: sysupgrade: don't use $ARGV in platform_do_upgrade()
stage2 passes image path to platform_do_upgrade() as an argument so it
can be simply accessed using $1
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
8b4bc7abe073489a3595eeb2d81818852319c148)
[rmilecki: dropping ARGV without this change broke sysupgrade]
Fixes: 6ac62c4b6cae ("base-files: don't set ARGV and ARGC")
Hans Dedecker [Sat, 7 Sep 2019 11:08:27 +0000 (13:08 +0200)]
odhcp6c: update to latest git HEAD
e199804 dhcpv6: sanitize oro options
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
1855c237948e211849d79765ca749cdea6a79987)
David Bauer [Sat, 31 Aug 2019 14:47:31 +0000 (16:47 +0200)]
ath79: correct OCEDO Ursus phy-mode property
This fixes the previously incorrect phy-mode for the OCEDO Ursus GMAC0.
See
62abbd587dc9 ("ath79: correct various phy-mode properties")
for more details.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
7b137e9df920926dbd92f12450d9955c2759c92b)
David Bauer [Fri, 30 Aug 2019 20:41:18 +0000 (22:41 +0200)]
ramips: fix network setup for various NETGEAR boards
There are currently the following issues present for the Netgear R6220,
R6350 and WNDR3700 v5:
- LAN and WAN MAC-addresses are inverted
- WAN MAC-address is off. It are +2 compared to the LAN MAC-address
(R6350 only)
- Switchport order is inverted in LuCi
This commit fixes both these issues by assigning correct MAC-addresses
to LAN and WAN interfaces and defining the switchports with the correct
labels.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
13937a16d40693df67d3d39faa3a80644bdb7abf)
David Bauer [Fri, 30 Aug 2019 18:11:45 +0000 (20:11 +0200)]
ramips: use phy trigger for various Netgear boards
This commit switches the default trigger for the WiFi LED from a netdev
trigger on "wlan0" to a wireless-phy based trigger. THis allows the LED
to work, even when the wireless interface is not named "wlan0" without
modifiying the LED settings.
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
fa46c9b208fe3833f085e9f6ddf7c492b16f6c34)
David Bauer [Wed, 28 Aug 2019 21:40:51 +0000 (23:40 +0200)]
ramips: disable badblock shifting for MT7621 NAND
The MediaTek MT7621 NAND driver currently intransparently shifts NAND
pages when a block is marked as bad. Because of this, offsets for e.g.
caldata and MAC-addresses seem to be off.
This is, howeer, not a task for the mtd NAND driver, as the flash
translation layer is tasked with this.
This patch disables this badblock shifting. This fix was originally
proposed by Jo-Philipp Wich at
https://bugs.openwrt.org/index.php?do=details&task_id=1926
Fixes FS#1926 ("MTD partition offset not correctly mapped when bad
eraseblocks present")
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
527832e54bf3bc4d699a145ae66f34230246f0a9)
Rafał Miłecki [Thu, 5 Sep 2019 06:53:44 +0000 (08:53 +0200)]
treewide: fix invalid UPGRADE_OPT_SAVE_CONFIG spellings
That was a result of accidentally running "sed" twice on some files.
Fixes: 9b9412d55cca ("treewide: replace remaining (not working now) $SAVE_CONFIG uses")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
1078de96e315f3cc2675b2c5935009e8c6159ad4)
Rafał Miłecki [Thu, 5 Sep 2019 06:40:29 +0000 (08:40 +0200)]
treewide: replace remaining (not working now) $SAVE_CONFIG uses
This var has been replaced by the $UPGRADE_OPT_UPGRADE_OPT_SAVE_CONFIG
Fixes: f25d164aca80 ("base-files: pass "save_config" option to the "sysupgrade" method")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
5797fe84a3b508483f7d82e177157c1bf2f342d9)
Rafał Miłecki [Thu, 5 Sep 2019 21:16:17 +0000 (23:16 +0200)]
procd: update to the latest git HEAD
0f3c136 sysupgrade: set UPGRADE_BACKUP env variable
0bcbbbf system: fix uninitialized variables in firmware validation code
This update includes a fix for uninitialized variable usage.
Fixes: db5164d3d056 ("procd: update to the latest git HEAD")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
e8dcbbc865cb6acef1cfbafe77f30c1f003c3dc3)
Rafał Miłecki [Wed, 4 Sep 2019 09:12:44 +0000 (11:12 +0200)]
procd: update to the latest git HEAD
34ac88c system: reject sysupgrade of invalid firmware images by default
f55c235 system: reject sysupgrade of broken firmware images
e990e21 system: add "validate_firmware_image" ubus method
This update changes "sysupgrade" ubus method API. It's now required to
pass "force" attribute whenever invalid firmware is meant to be
installed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
7290963d0992b9aa412e0066dcf721857fbd40f7)
Rafał Miłecki [Tue, 3 Sep 2019 12:44:40 +0000 (14:44 +0200)]
base-files: pass "force" parameter to the "sysupgrade" call
This makes sysupgrade work with the most recent procd that validates
firmware before proceeding.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
b71962da16c2e2b93d633d7bde1436b3da2bf740)
Rosen Penev [Thu, 8 Aug 2019 22:57:56 +0000 (15:57 -0700)]
upslug2: Update to git repository
This has two improvements over the current version. An autotools fix and
application of the wrt350v2 patch.
Cleaned up Makefile as a result of makefiles being fixed.
Note that this package is not really used as it depends on orion, which is
classified as broken.
This is the last package that uses svn in the tree.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
ac31ec0f62af31cdbc348911503bae8c152f8516)
Jo-Philipp Wich [Fri, 30 Aug 2019 13:45:06 +0000 (15:45 +0200)]
sdk: use bundle-libraries.sh to ship kernel objtool tools
Ensure that the kernel objtool utilities are processed by the library
bundler in order to ensure that they're usable on foreign systems with
different libc versions.
Fixes: a9f6fceb42 ("sdk: fix building external modules when CONFIG_STACK_VALIDATION=y")
Acked-by: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
efaaadb49e90b51ba3a6adc6fafc330c23b8f764)
Jo-Philipp Wich [Fri, 30 Aug 2019 13:24:45 +0000 (15:24 +0200)]
include: kernel-build: pass pkg-config overrides to kernel build
Pass suitable pkg-config overrides to the kernel build process in
order to let our pkg-config wrapper discover libraries provided
by tools/.
This mainly affects the use of libelf which is required for the
CONFIG_STACK_VALIDATION features. So far, the build system either
silently used host system libraries or kbuild simply disabled the
feature due to the lack of a suitable libelf.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
fe43969336201f2cc7d103b68fd6e65989bee184)
Jo-Philipp Wich [Fri, 30 Aug 2019 13:22:01 +0000 (15:22 +0200)]
tools: libelf: fix headers to trigger -Wundef warnings
When libelf from tools/ is used for building the kernel, compilation
aborts due to access to undefined defines since Kbuild adds -Wundef
to the compiler flags.
Patch the header files to use `#if defined(...)` instead of `#if ...`
to prevent such issues.
Ref: https://github.com/NixOS/nixpkgs/issues/59929
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
f3ab336d7ceda929dc8dc4a8b09a9552dc6be0b1)
Jo-Philipp Wich [Fri, 30 Aug 2019 13:28:27 +0000 (15:28 +0200)]
tools: libelf: install pkg-config file
Install the pkg-config definition for libelf in order to allow the
kernel build process discover it later on.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
d3f86c9cc3e465fbca51aaadbb274856831ba56c)
Bjørn Mork [Mon, 2 Sep 2019 11:49:21 +0000 (13:49 +0200)]
scripts/feeds: fix 'src-include' directive
Commit
775b70f8d5df renamed parse_file() parameters without
updating the recursive call. This broke parsing of any feeds.conf
using 'src-include'.
$ scripts/feeds update -a
Can't use string ("defaults") as a HASH ref while "strict refs" in use at scripts/feeds line 63, <$fh> line 1.
Fixes: 775b70f8d5df ("scripts/feeds: allow adding parameters to feeds")
Signed-off-by: Bjørn Mork <bjorn@mork.no>
(cherry picked from commit
a21b70be31a9d8adda0ae65cc38d1b3b4b6680d4)
Hauke Mehrtens [Sun, 1 Sep 2019 17:52:41 +0000 (19:52 +0200)]
uci: update to latest Git HEAD
415f9e4 uci/file: replace mktemp() with mkstemp()
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
6aa962a62288952aec08c1f67fb0735f420f720e)
Hauke Mehrtens [Sun, 1 Sep 2019 17:47:50 +0000 (19:47 +0200)]
iwinfo: update to latest Git HEAD
f599a8d iwinfo: Fix rate buffer size
71ec9be iwinfo: Fix buffer size
f8ef450 iwinfo: Add support for WPA3
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
6658447534152b72a3341b369f1eb545618fa7cf)
Thomas Langer [Thu, 22 Aug 2019 12:21:14 +0000 (12:21 +0000)]
Fix handling of BUILD_SUFFIX in remote-gdb script
When CONFIG_BUILD_SUFFIX is enabled, the target-* folders in build_dir
and staging_dir have this suffix in the name, but not the
toolchain directories. When detecting the names for "arch" and "libc",
also accept the suffix and do not use it for the toolchain path.
Signed-off-by: Thomas Langer <thomas.langer@intel.com>
(cherry picked from commit
035906fd05b2e5543cedd9471731043945fdcf13)
Daniel Engberg [Sat, 16 Mar 2019 21:09:22 +0000 (21:09 +0000)]
tools/cmake: Update to 3.15.1
Update CMake to 3.15.1
Refresh patches
Remove inofficial fossies.org and replace with GitHub (link on official site)
Remove 150-C-feature-checks-Match-warnings-more-strictly.patch as it's
a no longer needed backport from upstream.
Disable ccache if GCC is 4.8, 4.9 or 5.X to avoid build failures.
Reference: https://github.com/openwrt/openwrt/pull/1929
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
413c68d120043cd8ff1f4aa057d33c140bfc6bfa)
Konstantin Demin [Wed, 21 Aug 2019 06:25:06 +0000 (09:25 +0300)]
nftables: bump to version 0.9.2
- exclude Python-related stuff from build
- drop patches:
* 010-uclibc-ng.patch, applied upstream
ipkg size decrease by 2.8%:
old:
194.851 nftables_0.9.0-2_arm_cortex-a7_neon-vfpv4.ipk
new:
189.581 nftables_0.9.2-1_arm_cortex-a7_neon-vfpv4.ipk
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit
b74f1f335a792a15feb0fd839a69486050d3531f)
Konstantin Demin [Wed, 21 Aug 2019 06:41:07 +0000 (09:41 +0300)]
libnftnl: bump to version 1.1.4
ABI version is same.
The ipkg size increase by about 2.2%:
old:
47.909 libnftnl11_1.1.3-1_arm_cortex-a7_neon-vfpv4.ipk
new:
48.985 libnftnl11_1.1.4-1_arm_cortex-a7_neon-vfpv4.ipk
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit
699955a684eb8f6eb39123632ec7e193fa132753)
Jo-Philipp Wich [Sun, 1 Sep 2019 16:33:03 +0000 (18:33 +0200)]
rpcd: update to latest Git HEAD
821045f file: add path based read/write/exec ACL checks
fb337e5 file: add stat() information to directory listings
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
02169bd3f8ccfa3076bb4d46e979d2fdcc7d413e)
Eneas U de Queiroz [Mon, 5 Aug 2019 18:34:39 +0000 (15:34 -0300)]
uhttpd: add support to generate EC keys
This adds the key_type and ec_curve options to enable the generation of
EC keys during initialization, using openssl or the new options added to
px5g.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
7f2b230b3b9d0a7fb758db3a9b1958845506a5a3)
Eneas U de Queiroz [Mon, 5 Aug 2019 18:34:38 +0000 (15:34 -0300)]
px5g: support EC keys
This adds an 'eckey' command to generate an EC key, with an optional
curve name argument, with P-256 as default.
For the 'selfsigned' command, it adds an 'ec' algorithm argument to the
'-newkey' option, and a '-pkeyopt ec_paramgen_curve:<curvename>' option,
mirroring the way openssl specifies the curve name.
Notice that curve names are not necessarily the same in mbedtls and
openssl. In particular, secp256r1 works for mbedtls, but openssl uses
prime256v1 instead. px5g uses mbedtls, but short NIST curve names P-256
and P-384 are specifically supported.
Package size increased by about 900 bytes (arm).
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
a552ababd4ff8e91d3f03f7496f12d080a71ba28)
Eneas U de Queiroz [Mon, 5 Aug 2019 18:34:37 +0000 (15:34 -0300)]
openssl: always build with EC support
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
f40262697f5aebed25313a1b2eb8f68d37c97e60)
Rosen Penev [Tue, 27 Aug 2019 22:49:22 +0000 (15:49 -0700)]
libnfnetlink: Avoid passing both -fPIC and -fpic
Instead, instruct the configure script to use $(FPIC) only.
Mixing -fPIC and -fpic can cause issues on some platforms like PPC.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
926157c2ccb02aa06b343662ecbd2571faf6eddd)
Rosen Penev [Tue, 27 Aug 2019 22:49:21 +0000 (15:49 -0700)]
ncurses: Do not pass both -fPIC and -fpic
The configure scripts matches Linux with -fPIC, which is not exactly what
is desired. Since we are already passing $(FPIC), added a CONFIGURE_VAR to
avoid passing -fPIC.
Removed PKG_BUILD_DIR as it is already the default value.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
e2ecf39e8e49e43b4d358853f9da51e3897d042c)
Christian Lamparter [Fri, 30 Aug 2019 14:52:25 +0000 (16:52 +0200)]
build: remove harmful -nopad option from mksquashfs
While the -nopad option prevents mksquashfs from padding the
image to an arbitrary 4k. It does not take into consideration
that squashfs is programmed to have this 4k padding when it's
being used on on a block device... which is its main "use-case".
Now, after a week long discussion on the ML that included a
back-and-forth between some of the possible options.
But this is likely the best KISS patch to deal with the issue
right away given the limited resources.
From squashfs code point of view, be warned. The 4k padding is
not enough when dealing with devices that have a PAGE_SIZE
bigger than 4k.
if it turns out to be affecting you, then please look-up either:
"FS#2460 - kernel panic reading squashfs from ubi volume" bug
Or the discussion on the OpenWrt-Devel ML in
"amp821xx: use newly added pad-squashfs for Meraki MR24" and
"Squashfs breakage lottery with UBI..."
before making an educated guess.
Note: This will not affect the "tiny"/small flash devices as
much as it seems at first. This is because the the rootfs_data
partition that follows uses jffs2. And it requires to be aligned
to the flash block-size in order to work at all.
So either the involved FSes will meet in the middle as before,
or not at all. But in that latter case the image was already
hoping for the "undefined behaviour" gamble to turn out in its
favour and this is probably why this was unnoticed for so long.
Fixes: FS#2460
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
1c0290c5cc6258c48b8ba46b4f9c85a21de4f875)
Rafał Miłecki [Fri, 23 Aug 2019 06:15:23 +0000 (08:15 +0200)]
base-files: use JSON for storing firmware validation info
So far firmware validation result was binary limited: it was either
successful or not. That meant various limitations, e.g.:
1) Lack of proper feedback on validation problems
2) No way of marking firmware as totally broken (impossible to install)
This change introduces JSON for storing detailed validation info. It
provides a list of performed validation tests and their results. It
allows marking firmware as non-forceable (broken image that can't be
even forced to install).
Example:
{
"tests": {
"fwtool_signature": true,
"fwtool_device_match": true
},
"valid": true,
"forceable": true
}
Implementation is based on *internal* check_image bash script that:
1) Uses existing validation functions
2) Provides helpers for setting extra validation info
This allows e.g. platform_check_image() to call notify_check_broken()
when needed & prevent user from bricking a device.
Right now the new JSON info is used by /sbin/sysupgrade only. It still
doesn't make use of "forceable" as that is planned for later
development.
Further plans for this feature are:
1) Expose firmware validation using some new ubus method
2) Move validation step from /sbin/sysupgrade into "sysupgrade" ubus
method so:
a) It's possible to safely sysupgrade using ubus only
b) /sbin/sysupgrade can be more like just a CLI
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f522047958f99ab7b506ec550f796c0460af1a85)
Jo-Philipp Wich [Wed, 28 Aug 2019 13:21:35 +0000 (15:21 +0200)]
scripts/feeds: allow adding parameters to feeds
this allows adding "--" prefixed parameters inside feeds.conf between the
target and name. The first parameter is --force which has the same effect
as using -f when installing any of the packages. This allows creating
feeds that will override base packages by default.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit
775b70f8d5dfe9830aaf3b79fc8fb38c8148ee1f)
Hans Dedecker [Wed, 28 Aug 2019 13:28:57 +0000 (15:28 +0200)]
procd: fix compile issue with glibc (FS#2469)
0430252 sysupgrade: add missing _GNU_SOURCE define (FS#2469)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
6e45ba4699eb8424951648cfeddc0a8633f8891e)
Christian Lamparter [Sat, 24 Aug 2019 09:23:55 +0000 (11:23 +0200)]
openssl: refresh patches
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
5ef3fe614c1e8c350ca0083f61577a89c002bc53)
Rafał Miłecki [Fri, 16 Aug 2019 15:02:58 +0000 (17:02 +0200)]
treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" method
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
b6f4cd57e19a8cfcd9ff52582b65164ce6213c3d)
Rafał Miłecki [Fri, 16 Aug 2019 14:54:38 +0000 (16:54 +0200)]
base-files: pass "save_config" option to the "sysupgrade" method
This explicitly lets stage2 know if config should be preserved.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
b534ba96110012d2697d19d71b7dcd60bd4cd375)
Rafał Miłecki [Thu, 22 Aug 2019 11:45:45 +0000 (13:45 +0200)]
procd: update to latest git HEAD
9558031 system: support passing "options" to the "sysupgrade" ubus method
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
2b1a6d263cc84ac6189447fe971b52d8b34cea51)
Kevin Darbyshire-Bryant [Tue, 20 Aug 2019 11:29:47 +0000 (12:29 +0100)]
firewall: update to latest git HEAD
bf29c1e firewall3: ipset: Handle reload_set properly
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
bd01346bb463d371627739fad539310ef5bd4146)
Luiz Angelo Daros de Luca [Mon, 19 Aug 2019 03:09:05 +0000 (00:09 -0300)]
elfutils: bump to 0.177
200-uclibc-ng-compat.patch is upstream now.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit
0851ce4ff97260a0fab2a507ee8370e60f78370d)
Christian Lamparter [Sun, 18 Aug 2019 00:31:01 +0000 (02:31 +0200)]
iftop: update to HEAD of 2018-10-03 - 77901c
Update iftop to commit
77901c8c53e01359d83b8090aacfe62214658183
git log --pretty=oneline --abbrev-commit
949ed0f7..
77901c8c
77901c8 Support scales beyond 1Gbps
Created with the help of the make-package-update-commit.sh script.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit
cfd0748497c5c27c6d0f80b0ad3698ffe4428352)
Hans Dedecker [Sun, 18 Aug 2019 16:54:47 +0000 (18:54 +0200)]
nghttp2: bump to 1.39.2
957abacf Bump up version number to 1.39.2, LT revision to 32:0:18
83d362c6 Don't read too greedily
a76d0723 Add nghttp2_option_set_max_outbound_ack
db2f612a nghttpx: Fix request stall
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
58f929077f8687adbf75338504f319d054a96153)
Yousong Zhou [Sun, 18 Aug 2019 15:21:23 +0000 (15:21 +0000)]
ltq-ifxos: refer to https://bugs.openwrt.org
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
f0f5cb26cb7ced03c70063d08c90d211f80b7a31)
Yousong Zhou [Sun, 18 Aug 2019 15:19:57 +0000 (15:19 +0000)]
ct-bugcheck: report to https://openwrt.org by default
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
26615ededcdc7c6d30c72d77c3a890be1f777b32)
Yousong Zhou [Sun, 18 Aug 2019 15:18:10 +0000 (15:18 +0000)]
download.pl: use https://source.openwrt.org
https://sources.lede-openwrt.org now redirects to there
https://downloads.openwrt.org/sources returns 404, so remove it here
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
(cherry picked from commit
0f3667864d5391c2d9ace63ccfc83ab270405cc9)
Luis Araneda [Sun, 18 Aug 2019 14:59:11 +0000 (10:59 -0400)]
u-boot.mk: use openwrt url instead of lede project
The LEDE URL is automatically redirected to the OpenWRT one,
returning an HTTP 301 code (Moved Permanently).
Also, use https, as indicated by the redirect.
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
(cherry picked from commit
b39ded4ab7e02cedd50810a206dadd71e1ea7fb7)
Hauke Mehrtens [Sat, 17 Aug 2019 15:09:42 +0000 (17:09 +0200)]
ustream-ssl: update to latest git HEAD
e8f9c22 Revise supported ciphersuites
7e9e269 wolfssl, openssl: use TLS 1.3, set ciphersuites
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
ced2b7bb988426aaece07a78c17d5a7c268e54c4)
Daniel Engberg [Sat, 15 Jun 2019 09:47:21 +0000 (09:47 +0000)]
tools/e2fsprogs: Update to 1.45.3
Update e2fsprogs to 1.45.3
Remove OpenBSD patch
Remove Darwin patch, neither macports or brew patches these files
Add patch to avoid crond detection on host OS
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
234f7a9e5dccfaa449d75a120ef90080d0715436)
Adrian Schmutzler [Fri, 9 Aug 2019 11:55:43 +0000 (13:55 +0200)]
build: fix indent in image-commands.mk
Convert leading spaces to tab to match rest of the file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
7e5a0da6426b3b14bde8798524826b64e16cf219)
Hauke Mehrtens [Wed, 7 Aug 2019 19:37:25 +0000 (21:37 +0200)]
hostapd: Allow CONFIG_IEEE80211W for all but mini variant
This commit will activate CONFIG_IEEE80211W for all, but the mini
variant when at least one driver supports it. This will add ieee80211w
support for the mesh variant for example.
Fixes: FS#2397
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
1d4df52c215874a5238ddef7bccf0139f7758c24)
Hauke Mehrtens [Sat, 4 May 2019 12:16:52 +0000 (14:16 +0200)]
hostapd: Remove ROBO switch support
The driver was removed from OpenWrt a long time ago.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
f34e8258340f5994a2506bd087fc6e6d4a3d5d5e)
Kevin Darbyshire-Bryant [Fri, 16 Aug 2019 09:05:12 +0000 (10:05 +0100)]
firewall: improve ipset support
Bump to latest git HEAD
509e673 firewall3: Improve ipset support
The enabled option did not work properly for ipsets, as it was not
checked on create/destroy of a set. After this commit, sets are only
created/destroyed if enabled is set to true.
Add support for reloading, or recreating, ipsets on firewall reload. By
setting "reload_set" to true, the set will be destroyed and then
re-created when the firewall is reloaded.
Add support for the counters and comment extensions. By setting
"counters" or "comment" to true, then counters or comments are added to
the set.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
51ffce069424f86e894369cee5cd327dd503db5f)
Jonas Gorski [Tue, 13 Aug 2019 10:33:47 +0000 (12:33 +0200)]
build: allow overriding default selection state for devices
Allow overriding the default selection state for Devices, similar to
setting a default for packages.
E.g. by setting DEFAULT to n, they won't be selected by default anymore
when enabling all device in the multi device profile.
This allows preventing images being built by the default config for
known broken devices, devices without enough RAM/flash, or devices not
working with a certain kernel versions.
This does not prevent the devices from being manually selected or images
being built by the ImageBuilder. These devices often still have worth
with a reduced package-set, or as a device for regression testing, when
no better device is available.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
(cherry picked from commit
7546be60074e452751ba2a48eddbc13910bec708)
Paul Spooren [Thu, 13 Jun 2019 00:24:04 +0000 (02:24 +0200)]
build: add buildinfo files for reproducibility
generate feeds.buildinfo and version.buildinfo in build dir after
containing the feed revisions (via ./scripts/feeds list -sf) as well as
the current revision of buildroot (via ./scripts/getver.sh).
With this information it should be possible to reproduce any build,
especially the release builds.
Usage would be to move feeds.buildinfo to feeds.conf and git checkout the
revision hash of version.buildinfo.
Content of feeds.buildinfo would look similar to this:
src-git routing https://git.openwrt.org/feed/routing.git^
bf475d6
src-git telephony https://git.openwrt.org/feed/telephony.git^
470eb8e
...
Content of version.buildinfo would look similar to this:
r10203+1-
c12bd3a21b
Without the exact feed revision it is not possible to determine
installed package versions.
Also rename config.seed to config.buildinfo to follow the recommended
style of https://reproducible-builds.org/docs/recording/
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
454021581f630d5d04afeb8ff6581c1bda295c87)
Petr Štetiar [Thu, 8 Aug 2019 19:16:02 +0000 (21:16 +0200)]
sdk: fix GCC and Python dangling symlinks
Force prereq again in SDK in order to fix GCC and Python dangling
symlinks:
staging_dir/host/bin/g++ -> /builder/ath79_generic/ccache_cxx.sh
staging_dir/host/bin/gcc -> /builder/ath79_generic/ccache_cc.sh
staging_dir/host/bin/python -> /usr/bin/python3.5
staging_dir/host/bin/python3 -> /usr/bin/python3.5
Ref: FS#2424
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
200f2666fb1c8d9d128824dc5586e0e66386971f)
Hans Dedecker [Fri, 9 Aug 2019 19:25:37 +0000 (21:25 +0200)]
dnsmasq: use nettle ecc_curve access functions
Fixes compile issues with nettle 3.5.1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
63ced140484e072dddbba39bb729adc98d94d522)
Daniel Engberg [Sat, 3 Aug 2019 20:27:36 +0000 (22:27 +0200)]
nettle: Update to 3.5.1
Update (lib)nettle to 3.5.1
Bump ABI_VERSION
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
9e489b41b596a768b04b796a9b375d7d005b6ec7)
Vincent Wiemann [Sun, 4 Aug 2019 23:42:45 +0000 (01:42 +0200)]
comgt-ncm: add driver dependencies again
In the commit
623716dd4318 ("comgt-ncm: Fix NCM protocol")
the dependencies to vendor NCM drivers were removed, because:
> comgt-ncm should not depend on the USB-serial-related kernel modules,
> as the cdc-wdm control device works without them. There is also no need
> to depend on kmod-huawei-cdc-ncm, since other manufacturers (like
> Ericsson and Samsung) which use other kernel modules should also be
> supported.
From a user-perspective this does not make sense, as installing comgt-ncm
(or luci-proto-ncm) should install all needed dependencies for using such
a device.
Furthermore depending on kmod-huawei-cdc-ncm does not mean that Ericsson
and Samsung devices can't be supported. By the way it seems that Ericsson
and Samsung devices never used NCM, but act as serial modems.
Thus this commit adds the dependencies again.
Signed-off-by: Vincent Wiemann <vincent.wiemann@ironai.com>
[fixed title capitalization, formatted commit message,
renamed Sony-Ericsson to Ericsson]
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
ccb4b96b8a4990178512c7a785f998a5e6f74cc3)
Chuanhong Guo [Sun, 4 Aug 2019 08:29:39 +0000 (16:29 +0800)]
gpio-button-hotplug: add volume button handling
This is used by PISEN WMB001N.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
(cherry picked from commit
11182349e1f31f873ebddd69d6b87dec638eaabf)
Hans Dedecker [Wed, 7 Aug 2019 11:52:00 +0000 (13:52 +0200)]
procd: update to latest git HEAD (FS#2425)
8323690 state: fix shutdown when running in a container (FS#2425)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
d9364c1cbc6a13f1dc2ea8432c98962ed157991f)
Hans Dedecker [Wed, 7 Aug 2019 11:37:00 +0000 (13:37 +0200)]
netifd: update to latest git HEAD
5e02f94 system-linux: fix resource leak
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
d70a35c365ae607671f8698fee10f29fd9023161)
Daniel Engberg [Sat, 3 Aug 2019 20:30:36 +0000 (22:30 +0200)]
expat: Update to 2.2.7
Update (lib)expat to 2.2.7
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
(cherry picked from commit
7270fdb62ff86f7b85c6dfbc0ea4ff0ba5ff9b9e)
Rosen Penev [Thu, 18 Jul 2019 01:37:17 +0000 (18:37 -0700)]
linux-atm: Add missing headers
This fixes compilation with -Werror=implicit-function-declaration.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit
1b1c47577bac99bdd8ab9ecde928ab0398f78799)
Hauke Mehrtens [Tue, 23 Jul 2019 14:53:51 +0000 (16:53 +0200)]
toolchain: fix gcc depends on kernel headers
GCC needs the kernel headers to compile.
Some GCC file includes asm/unistd.h which is provided by the kernel headers.
Normally the kernel headers build is very fast and ready before the gcc uses
it, but if it clones the kernel from a slow git repository it takes longer
and then it could be that the gcc already wants to use the kernel headers
before they are available. This patch fixes this problem by adding the
missing dependency.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
(cherry picked from commit
b20156ba704ed8e03d030b2f294d8d19bebd2f71)
Jeffery To [Sat, 3 Aug 2019 20:45:06 +0000 (04:45 +0800)]
build: include BUILD_VARIANT in PKG_BUILD_DIR
This changes the default PKG_BUILD_DIR to take BUILD_VARIANT into
account (if set), so that packages do not need to manually override
PKG_BUILD_DIR just to handle variants.
This also updates most base packages with variants to use the updated
default PKG_BUILD_DIR.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
e545fac8d968864a965edb9e50c6f90940b0a6c9)
Hans Dedecker [Mon, 5 Aug 2019 18:59:38 +0000 (20:59 +0200)]
ethtool: bump to 5.2
379c096 Release version 5.2.
2bce6d9 ethtool: Add 100BaseT1 and 1000BaseT1 link modes
67ffbf5 ethtool: sync ethtool-copy.h with linux-next from 30/05/2019
687152b ethtool.spec: Use standard file location macros
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
018395392c2608698201042bbaa180b82eb7120f)
Hans Dedecker [Mon, 5 Aug 2019 12:16:14 +0000 (14:16 +0200)]
firewall: update to latest git HEAD
de94097 utils: coverity resource leak warning
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
efb7b7a12af55758458cdb945a0833af411289f7)
DENG Qingfang [Wed, 31 Jul 2019 00:26:57 +0000 (08:26 +0800)]
ipset: update to 7.3
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit
edd9b39fab46a7231b8662697ba8c10de42d5a66)
Jeffery To [Fri, 2 Aug 2019 19:03:14 +0000 (03:03 +0800)]
sdk: Fix cryptodev-linux build when CONFIG_ARM64_MODULE_PLTS=y
When CONFIG_ARM64_MODULE_PLTS=y, arch/arm64/kernel/module.lds is
required to build cryptodev-linux. This updates the sdk to include this
file.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit
6e300f6a0c94812d0f4d8f67df6604c763f7552f)
DENG Qingfang [Wed, 31 Jul 2019 00:23:12 +0000 (08:23 +0800)]
ccache: update to 3.7.2
Update ccache to 3.7.2
Release notes:
https://ccache.dev/releasenotes.html#_ccache_3_7_2
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
(cherry picked from commit
2caf747116337645420653ec003799a8eef69229)
Kevin Darbyshire-Bryant [Fri, 26 Jul 2019 13:19:22 +0000 (14:19 +0100)]
toolchain/fortify-headers: Update to 1.1
Update fortify-headers to 1.1
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
cbe08e6b563438054c1efcb0daa0b965ec902052)
Petr Štetiar [Tue, 4 Dec 2018 13:47:23 +0000 (14:47 +0100)]
autotools.mk: autoreconf: fix missing install-sh
I'm trying to create a package for libgpiod, which uses
AC_CONFIG_AUX_DIR macro, which is probably leading to the following
configure error:
autoreconf: running: /openwrt.git/staging_dir/host/bin/libtoolize --force
OpenWrt-libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `autostuff'.
OpenWrt-libtoolize: linking file `autostuff/ltmain.sh'
OpenWrt-libtoolize: putting macros in `m4'.
...
configure: error: cannot find install-sh, install.sh, or shtool in autostuff "."/autostuff
>From the build output it's clear, that libtoolize isn't installing
install-sh symlink, because libtoolize would install install-sh only if
it's being run with --install parameter. Corresponding part in
libtoolize:
if $opt_install; then
func_config_update config.guess \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
func_config_update config.sub \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
func_install_update install-sh \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
fi
func_ltmain_update ltmain.sh \
"$pkgdatadir/config" "$auxdir" pkgconfig_header
Adding --install parameter to libtoolize fixes this build issue:
autoreconf: running: /openwrt.git/staging_dir/host/bin/libtoolize --install --force
OpenWrt-libtoolize: putting auxiliary files in AC_CONFIG_AUX_DIR, `autostuff'.
OpenWrt-libtoolize: linking file `autostuff/config.guess'
OpenWrt-libtoolize: linking file `autostuff/config.sub'
OpenWrt-libtoolize: linking file `autostuff/install-sh'
OpenWrt-libtoolize: linking file `autostuff/ltmain.sh'
OpenWrt-libtoolize: putting macros in `m4'.
Cc: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
5cf897779eacf63cdbcdebd1af68c109096665c6)
Hans Dedecker [Tue, 23 Jul 2019 12:47:56 +0000 (14:47 +0200)]
tools: libressl: fix compilation for non-glibc clib (FS#2400)
Fixes compilaton issue for non glibc clibs :
libtool: compile: gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" "-DPACKAGE_STRING=\"libressl 2.9.2\"" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_SYSLOG=1 -DHAVE_ACCEPT4=1 -DHAVE_PIPE2=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_EXPLICIT_BZERO=1 -DHAVE_GETAUXVAL=1 -DHAVE_GETAUXVAL=1 -DHAVE_DL_ITERATE_PHDR=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAS_GNU_WARNING_LONG=1 -DSIZEOF_TIME_T=8 -I. -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I../crypto/asn1 -I../crypto/bn -I../crypto/ec -I../crypto/ecdsa -I../crypto/evp -I../crypto/modes -I../crypto -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -D_DEFAULT_SOURCE -D_BSD_SOURCE -D_POSIX_SOURCE -D_GNU_SOURCE -D__STRICT_ALIGNMENT -O2 -I/builds/pantacor/pv-platforms/openwrt-base/openwrt/staging_dir/host/include -fpic -Wall -std=gnu99 -fno-strict-aliasing -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong -DHAVE_GNU_STACK -Wno-pointer-sign -MT compat/getprogname_linux.lo -MD -MP -MF compat/.deps/getprogname_linux.Tpo -c compat/getprogname_linux.c -o compat/getprogname_linux.o
compat/getprogname_linux.c: In function 'getprogname':
compat/getprogname_linux.c:32:2: error: #error "Cannot emulate getprogname"
#error "Cannot emulate getprogname"
^~~~~
Reported-by: Anibal Portero <anibal.portero@pantacor.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
1282a630272c59dfd105262772a2ca136084db03)
Hans Dedecker [Mon, 22 Jul 2019 19:46:31 +0000 (21:46 +0200)]
netifd: update to latest git HEAD
899f168 system-linux: Coverity fixes
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
11617bcb3be6778d5427723a09922aae50956a8c)
Kevin Darbyshire-Bryant [Mon, 22 Jul 2019 13:38:54 +0000 (14:38 +0100)]
tools: libressl: fix build on MacOS
Making all in tests
depbase=`echo handshake_table.o | sed 's|[^/]*$|.deps/&|;s|\.o$||'`;\
gcc -DPACKAGE_NAME=\"libressl\" -DPACKAGE_TARNAME=\"libressl\" -DPACKAGE_VERSION=\"2.9.2\" -DPACKAGE_STRING=\"libressl\ 2.9.2\" -DPACKAGE_BUGREPORT=\"\" -DPACKAGE_URL=\"\" -DPACKAGE=\"libressl\" -DVERSION=\"2.9.2\" -DSTDC_HEADERS=1 -DHAVE_SYS_TYPES_H=1 -DHAVE_SYS_STAT_H=1 -DHAVE_STDLIB_H=1 -DHAVE_STRING_H=1 -DHAVE_MEMORY_H=1 -DHAVE_STRINGS_H=1 -DHAVE_INTTYPES_H=1 -DHAVE_STDINT_H=1 -DHAVE_UNISTD_H=1 -DHAVE_DLFCN_H=1 -DLT_OBJDIR=\".libs/\" -DHAVE_SYMLINK=1 -DHAVE_ERR_H=1 -DHAVE_READPASSPHRASE_H=1 -DHAVE_ASPRINTF=1 -DHAVE_MEMMEM=1 -DHAVE_READPASSPHRASE=1 -DHAVE_STRLCAT=1 -DHAVE_STRLCPY=1 -DHAVE_STRNDUP=1 -DHAVE_STRNLEN=1 -DHAVE_STRSEP=1 -DHAVE_TIMEGM=1 -DHAVE_GETPROGNAME=1 -DHAVE_SYSLOG=1 -DHAVE_POLL=1 -DHAVE_SOCKETPAIR=1 -DHAVE_ARC4RANDOM=1 -DHAVE_ARC4RANDOM_BUF=1 -DHAVE_ARC4RANDOM_UNIFORM=1 -DHAVE_TIMINGSAFE_BCMP=1 -DHAVE_CLOCK_GETTIME=1 -DHAVE_VA_COPY=1 -DHAVE___VA_COPY=1 -DSIZEOF_TIME_T=8 -I. -I../include -I../include/compat -DLIBRESSL_INTERNAL -D__BEGIN_HIDDEN_DECLS= -D__END_HIDDEN_DECLS= -I ../crypto/modes -I ../crypto/asn1 -I ../ssl -I ../tls -I ../apps/openssl -I ../apps/openssl/compat -D_PATH_SSL_CA_FILE=\"../apps/openssl/cert.pem\" -I/Users/kevin/wrt/staging_dir/host/include -D__STRICT_ALIGNMENT -O2 -I/Users/kevin/wrt/staging_dir/host/include -fpic -Wall -std=gnu99 -fno-strict-aliasing -fno-strict-overflow -D_FORTIFY_SOURCE=2 -fstack-protector-strong -Qunused-arguments -Wno-pointer-sign -MT handshake_table.o -MD -MP -MF $depbase.Tpo -c -o handshake_table.o handshake_table.c &&\
mv -f $depbase.Tpo $depbase.Po
make[4]: *** No rule to make target `/Users/kevin/wrt/build_dir/host/libressl-2.9.2/crypto/.libs/libcrypto_la-cpuid-macosx-x86_64.o', needed by `handshake_table'. Stop.
make[3]: *** [all-recursive] Error 1
A similar error & clues from
https://gitlab.com/ymorin/buildroot/commit/
e783d60473944f8b39f1def45d8d6b483a062158
"
LibreSSL 2.9.1 now has a test that requires libtls.a, however, when building a
shared library only build, the --disable-static flag is passed to libressl,
which prevents the building of libtls.a.
With libtls.a not being built, the following error occurs:
libressl-2.9.1/tls/.libs/libtls.a', needed by 'handshake_table'. Stop.
There are three options to fix this:
1) Stick with autotools, and provide a patch that removes building anything in
the tests folder.
2) Pass --enable-static to LIBRESSL_CONF_OPTS
3) Change the package type to cmake, as a cmake build does not have this issue."
It appears we cannot change to cmake because cmake has a dependency on
an ssl library.
Take option 1 and do not build the tests.
Also take the opportunity to remove man page building as well.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
(cherry picked from commit
8d6d227bb653b7cce7092a5a9d55180c3e022848)
Hans Dedecker [Sun, 21 Jul 2019 21:25:15 +0000 (23:25 +0200)]
curl: update to 7.65.3
For changes in 7.65.3; see https://curl.haxx.se/changes.html#7_65_3
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
fc2df4f7050adae3ca6284a499fa914e07cba70b)