Rafał Miłecki [Thu, 1 Apr 2021 15:06:47 +0000 (17:06 +0200)]
firmware-utils: bcm4908img: convert into a package
bcm4908img is a tool managing BCM4908 platform images. It's used for
creating them as well as checking, modifying and extracting data from.
It's required by both: host (for building firmware images) and target
(for sysupgrade purposes). Make it a host/target package.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
9b4fc4cae9fa0cd0cd9060e1c9d33320c3249ced)
Rafał Miłecki [Thu, 8 Apr 2021 07:10:20 +0000 (09:10 +0200)]
firmware-utils: bcm4908img: fix uninitialized var usage
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
5a2086d230063b2f83a436ed37b0f6a92706bcb9)
Rafał Miłecki [Wed, 7 Apr 2021 12:38:45 +0000 (14:38 +0200)]
bcm4908: fix Netgear R8000P image
Use vendor format to allow flashing using Negear UI.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f2c8c62d98f2137d8af896e56d5e29759cf48715)
Rafał Miłecki [Wed, 7 Apr 2021 12:14:57 +0000 (14:14 +0200)]
bcm4908: add sysupgrade support
It supports flashing OpenWrt images (bootfs & UBI upgrade) as well as
vendor images (whole MTD partition write).
Upgrading cferom is unsupported. It requires copying device specific
data (like MAC) to target image before flashing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
a6a0b252baa6c19dfc62611ea910b56527ce4fa5)
Rafał Miłecki [Wed, 7 Apr 2021 07:30:30 +0000 (09:30 +0200)]
bcm4908: pad firmware image bootfs JFFS2 partition to 8 MiB
This way MTD "bootfs" partition will be always 8+ MiB. This should be
enough for any custom / future firmware to fit its bootfs (e.g. big
kernel) without having to repertition whole flash. That way we can
preserve UBI and its erase counters during sysupgrade.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ca9b1f15c424d68af0f372c37c8eee81b36ee7e1)
Rafał Miłecki [Wed, 7 Apr 2021 05:59:57 +0000 (07:59 +0200)]
firmware-utils: bcm4908img: extract bootfs without padding
JFFS2 bootfs partition in a BCM4908 image usually includes some padding.
For flashing it individually (writing to designed MTD partition) we want
just JFFS2 data.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ed7edf88e20c9dd0026e5c5629d8a6500d3e3f80)
Rafał Miłecki [Tue, 6 Apr 2021 22:17:40 +0000 (00:17 +0200)]
firmware-utils: bcm4908img: fix extracting cferom
Fix offset to extract proper data when image contains vendor header.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
dcbde11af181055f2d1c77ebc19f50c29bbab96e)
Rafał Miłecki [Mon, 5 Apr 2021 17:30:06 +0000 (19:30 +0200)]
firmware-utils: bcm4908img: support extracting bootfs & rootfs
It's required for upgrading firmware using single partitions instead of
just blindly writing whole image.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
e33957c241abf8f0dbf5f3713058d126fb4599b4)
Rafał Miłecki [Mon, 5 Apr 2021 23:06:52 +0000 (01:06 +0200)]
firmware-utils: bcm4908img: replace size with offset
It's much easier to operate on BCM4908 image data with absolute offset
of each section stored. It doesn't require summing sizes over and over.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
5314cab729b743d3b8b08db4e01c3095017f4e68)
Rafał Miłecki [Mon, 5 Apr 2021 22:03:31 +0000 (00:03 +0200)]
bcm4908: rename bootfs dummy file to the 1-openwrt
The purpose of that dummy file is to make CFE work properly with OpenWrt
bootfs. CFE for some reason ignores JFFS2 files with ino 0.
Rename it to 1-openwrt so:
1. It's consistent with bcm63xx
2. It's OpenWrt specific so sysupgrade can distinguish it from vendor
images
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
880c8b44223c9cbce3dd14da78c33676c6f1a8a6)
Rafał Miłecki [Mon, 5 Apr 2021 08:44:46 +0000 (10:44 +0200)]
bcm4908: enable JFFS2 support
It's needed for accessing JFFS2 bootfs partition.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
180c4635265b4907221a62b3068ac89447cd83d7)
Rafał Miłecki [Fri, 2 Apr 2021 15:28:21 +0000 (17:28 +0200)]
firmware-utils: bcm4908img: add bootfs support
This adds support for accessing bootfs JFFS2 partition in the BCM4908
image. Support includes:
1. Listing files
2. Renaming file (requires unchanged name length)
Above commands are useful for flashing BCM4908 images which by defualt
come with cferom.000 file and require renaming it.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ed847ef5f340dcae1556cbc6dfaa6657a5179be6)
Rafał Miłecki [Fri, 2 Apr 2021 14:31:43 +0000 (16:31 +0200)]
firmware-utils: bcm4908img: support extracting image data
It's useful for upgrading cferom, firmware, etc.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
9c039d56a154bb416492bf5657093576d50cc220)
Rafał Miłecki [Fri, 2 Apr 2021 13:04:46 +0000 (15:04 +0200)]
firmware-utils: bcm4908img: find cferom size
It's important for modifying / extracting firmware content. cferom is
optional image content at the file beginning.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
6af45b842bd22633fa3ccd57edaf073a759525bb)
Rafał Miłecki [Fri, 2 Apr 2021 12:12:58 +0000 (14:12 +0200)]
firmware-utils: bcm4908img: use "info" command displaying file info
BCM4908 image format contains some info that may be useful for info /
debugging purposes.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
9b9184f1782489163eb204f3b238de778ae1214b)
Rafał Miłecki [Sun, 4 Apr 2021 12:53:00 +0000 (14:53 +0200)]
firmware-utils: bcm4908img: support reading from stdin
1. Don't allow pipe stdin as we need to fseek()
2. Don't alow TTY as it doesn't make sense for binary input
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
d533b27bc09eb5323a05ed44589235a86edcda0d)
Rafał Miłecki [Fri, 2 Apr 2021 11:59:02 +0000 (13:59 +0200)]
firmware-utils: bcm4908img: detect Netgear vendor firmware
Netgear uses CHK header which needs to be skipped when validating
BCM4908 image. Detect it directly in the bcm4908img tool. Dealing with
binary structs and endianess is way simpler in C.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
a39f85d8b66125f07c4bcbea46b296946de60dc7)
Rafał Miłecki [Fri, 2 Apr 2021 11:02:51 +0000 (13:02 +0200)]
firmware-utils: bcm4908img: extract parsing code
Move code parsing existing firmware file to separated function. This
cleans up existing code and allows reusing parsing code for other
commands.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
7d5f7439428d2b4c6952af47b36acc010b846372)
Rafał Miłecki [Wed, 31 Mar 2021 21:14:24 +0000 (23:14 +0200)]
bcm4908: backport DT patch adding Ethernet MAC address
This tells OS (Linux) where from MAC should be read (bootloader MTD
partition).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
1cc5eb45d5192b41d97d5da58c34353f4c3240f9)
Rafał Miłecki [Wed, 24 Mar 2021 21:44:14 +0000 (22:44 +0100)]
firmware-utils: bcm4908kernel: name struct fields
Less magic names / values.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
a3611432a6c3490fb2b6fdbc1ce664cf70900668)
Rafał Miłecki [Wed, 24 Mar 2021 17:20:13 +0000 (18:20 +0100)]
kernel: create bootfs partition when parsing on BCM4908
It's helpful for accessing booting data (DTS, kernel, etc.). It has to
be used carefully as CFE's JFFS2 support is quite dumb. It doesn't
recognize deleted files and has problems handling 0 inode.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
6dd727ac24fa36ac3f23e9a5cf6781a7d1c6b797)
Rafał Miłecki [Wed, 24 Mar 2021 16:29:30 +0000 (17:29 +0100)]
firmware-utils: bcm4908img: name fields & values
Less magic numbers
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
1ff7569387f69550e8a9356a109a875e4fdb4412)
Rafał Miłecki [Mon, 22 Mar 2021 07:09:53 +0000 (08:09 +0100)]
bcm4908: backport the latest bcm_sf2 commits
1. CFP support for BCM4908
2. Upstream RGMII regs fix
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
a49fd9db0a2bfad8ea9a09f32fadbd3cc7e46205)
Rafał Miłecki [Mon, 22 Mar 2021 06:40:38 +0000 (07:40 +0100)]
bcm4908: backport DTS patch with Ethernet TX IRQ
It allows bcm4908_enet Linux driver to work more efficiently.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
13d9904acdd24e002aab3d6c3dd7879826b54008)
Vivek Unune [Fri, 13 Nov 2020 13:43:00 +0000 (08:43 -0500)]
bcm53xx: enhance support for Linksys EA9500
1. Add leds and configs
2. Add network configs
3. Add script to clear partial boot flag
4. Hack to use port 5 as cpu port as port 8 connected to eth2
wont pass any frames
5. Enable EA9500 image generation
Hardware Info:
- Processor - Broadcom BCM4709C0KFEBG dual-core @ 1.4 GHz
- Switch - BCM53012 in BCM4709C0KFEBG & external BCM53125
- DDR3 RAM - 256 MB
- Flash - 128 MB (Toshiba TC58BVG0S3HTA00)
- 2.4GHz - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - Skyworks SE2623L 2.4 GHz power amp (x4)
- 5GHz x 2 - BCM4366 4×4 2.4/5G single chip 802.11ac SoC
- Power Amp - PLX Technology PEX8603 3-lane, 3-port PCIe switch
- Ports - 8 Ports, 1 WAN Ports
- Antennas - 8 Antennas
- Serial Port - @j6 [GND,TX,RX] (VCC NC) 115200 8n1
Flashing Instructions:
1. Connect a USB-TTL table to J6 on the router as well as a
ethernet cable to a lan port and your PC.
2. Power-on the router.
3. Use putty or a serial port program to view the terminal.
Hit Ctrl+C and interrupt the CFE terminal terminal.
4. Setup a TFTP server on your local machine at setup you
local IP to 192.168.1.2
5. Start the TFTP Server
6. Run following commands at the CFE terminal
flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx
flash -noheader 192.168.1.2:/openwrt.trx nflash0.trx2
nvram set bootpartition=0 && nvram set partialboots=0 && nvram commit
7. Reboot router to be presented by OpenWrt
Note: Only installation method via serial cable is supported at the moment.
The trx firmware has to be flashed to both the partitions using following
commands from CFE prompt. This will cover US and Non-US variants.
Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
209c5918b511d9e406a094ba246a985b640e519f)
Rafał Miłecki [Thu, 1 Apr 2021 05:00:06 +0000 (07:00 +0200)]
bcm53xx: use upstream Linksys EA9500 fixes
One fix was accepted, one was added.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
22369ad7887e98bdb9d1999f221dfcd5fbb2f389)
Rafał Miłecki [Mon, 29 Mar 2021 07:28:47 +0000 (09:28 +0200)]
bcm53xx: fix Linksys EA9500 partitions
Use proper DT binding.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
f8669c174ee17bbb8d59f901d639f57449dcf751)
Vivek Unune [Fri, 13 Nov 2020 13:39:43 +0000 (08:39 -0500)]
bcm53xx: backport Linksys Panamera (EA9500) patches
These patches have been already accepted.
302-ARM-dts-BCM5301X-Update-Northstar-pinctrl-binding.patch had to
be updated.
[rmilecki: use actual upstream accepted patches
replace v5.10 with v5.11 to match actual upstream kernel
recover dropped part of the pinctrl compatible patch
update filenames
refresh patches]
Signed-off-by: Vivek Unune <npcomplete13@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
39ed2265dde1bc8817f9dc6ba053268bb6939ae6)
Rafał Miłecki [Mon, 29 Mar 2021 06:16:17 +0000 (08:16 +0200)]
kernel: backport 5.13 mtd partitioning changes
1. Use upstream accepted NVMEM patches
2. Minor fix for BCM4908 partitioning
3. Support for Linksys firmware partitions on Northstar
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
3fd0a4222b6efbfbdb560c5b13e899ecda627494)
Felix Fietkau [Sun, 28 Mar 2021 10:15:42 +0000 (12:15 +0200)]
mac80211: merge a few pending tx related fixes
Improve performance and fix potential mgmt tx hangs/warnings
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
571aedbc6cbb7a9bfc96bcad543a39d158925cbc)
Felix Fietkau [Sun, 14 Mar 2021 23:05:42 +0000 (00:05 +0100)]
mac80211: backport upstream patches for driver disconnect
Needed for an mt76 update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
5dc501507222b38d731b89c3311d8253b73dd0e7)
Felix Fietkau [Thu, 18 Mar 2021 06:22:11 +0000 (07:22 +0100)]
build: use -nostdinc and -isystem in NOSTDINC_FLAGS for out-of-tree kernel modules
This resolves issues uncovered by musl updates
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry-picked from commit
9ac47ee46918c45b91f4e4d1fa76b1e26b9d57fe)
David Bauer [Mon, 22 Feb 2021 01:00:02 +0000 (02:00 +0100)]
generic: add missing symbols
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit
55ed4bf6d7bf80b705d015c3b73f772db485ba9c)
INAGAKI Hiroshi [Wed, 24 Mar 2021 15:15:57 +0000 (00:15 +0900)]
ath79: fix label_mac for NEC Aterm WG1200CR
On NEC Aterm WG1200CR, the MAC address for WAN is printed in the label
on the case, not LAN.
This patch fixes this issue.
Fixes: 50fdc0374b ("ath79: provide label MAC address")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit
e2331fb5491e52e3e21ab18b58d064b344e093e5)
Shiji Yang [Sun, 21 Mar 2021 09:01:49 +0000 (17:01 +0800)]
ramips: correct switch config of Youku yk1
There are only two lan ports and one wan port on Youku yk1
Fixes: e9baf8265bb8 ("ramips: add support for Youku YK1")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
b88d2850c66d7dc937e570661a047c647c588af5)
Donald Hoskins [Sun, 14 Feb 2021 20:35:45 +0000 (15:35 -0500)]
libunwind: Add MIPS64 dep check
libunwind dependency check does not allow for MIPS64 arch. Add MIPS64 awareness.
libunwind seems to support MIPS64 without issues, it was limited by the dep arch
check in the Makefile.
Used to compile Suricata6/Rust locally without issue.
Signed-off-by: Donald Hoskins <grommish@gmail.com>
(cherry picked from commit
ea6d4bdde20a3fecbfc44b99f53373e1d0666e34)
Robert Marko [Thu, 4 Mar 2021 11:38:31 +0000 (12:38 +0100)]
ipq40xx: net: phy: qca807x: fix GPIO driver
While rebasing into setting bits instead of magic values,
I accidentally forgot to actually set the force bit.
Without it using the pins as GPIO-s did not actually work.
Fixes: b5c93ed ("ipq40xx: add Qualcomm QCA807x driver")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit
7f2d9ccd09a1d3034aaf9c943747fc1631da5cac)
Tony Ambardar [Mon, 1 Mar 2021 09:07:45 +0000 (01:07 -0800)]
bpftools: fix libbpf pkgconfig file
The pkgconfig file hardcodes a host library directory which cannot be
overridden by OpenWrt during builds. Use SED to fix this and potential
include directory problems, as is done with several other packages.
This fixes a strange issue intermittently seen building iproute2 on the
oxnas target:
iptables modules directory: /usr/lib/iptables
libc has setns: yes
SELinux support: no
libbpf support: no
libbpf version 0.3.0 is too low, please update it to at least 0.1.0
LIBBPF_FORCE=on set, but couldn't find a usable libbpf
Fixes: 2f0d672088c3 ("bpftools: add utility and library packages
supporting eBPF usage")
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit
9e64e4ce26719ea81637b0e3d9754bd5190f0c21)
Álvaro Fernández Rojas [Mon, 8 Mar 2021 09:46:06 +0000 (10:46 +0100)]
gitignore: add .vscode for VS Code users
For Visual Studio Code users, .vscode is created inside the workspace.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit
12dbad1a86ebdbb4c9bd71b14eec245bc6373844)
Daniel Golle [Wed, 17 Mar 2021 03:39:51 +0000 (03:39 +0000)]
ath79: fix RS-485 on Teltonika RUT-955
DTR GPIO isn't actually needed and triggers boot warning.
TX pin was off by one (GPIO 19 instead of GPIO 18).
Reported-by: @tophirsch
Fixes: d1130ad265 ("ath79: add support for Teltonika RUT955")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
53a7d5d614050a38a4e78f5a9e153e7612d587f0)
Aleksander Jan Bajkowski [Wed, 3 Mar 2021 21:46:50 +0000 (22:46 +0100)]
lantiq: set maximum kernel size for ARV7519RW22
Some users report that current snapshot producies non-bootable images.
Stock uboot can boot images if the kernel is smaller than 2MB.
Set maximum kernel size and disable image building for this board.
Ref: https://forum.openwrt.org/t/astoria-arv7519rw22-bootloops-after-upgrade/89843
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
(cherry picked from commit
c027dbac5a5222e6be4706a7a6a0effefce8ae76)
Eike Ritter [Sun, 14 Mar 2021 18:50:21 +0000 (18:50 +0000)]
ppp: compile fix: unset FILTER variable in Makefile
If the environment variable FILTER is set before compilation,
compilation of the ppp-package will fail with the error message
Package ppp is missing dependencies for the following libraries:
libpcap.so.1
The reason is that the OpenWrt-patch for the Makefile only comments
out the line FILTER=y. Hence the pcap-library will be dynamically
linked if the environment variable FILTER is set elsewhere, which
causes compilation to fail. The fix consists on explicitly unsetting
the variable FILTER instead.
Signed-off-by: Eike Ritter <git@rittere.co.uk>
(cherry picked from commit
46cd0765d0c585dc0b48c8c0a3f116ef83cd580f)
Russell Senior [Tue, 16 Mar 2021 08:24:18 +0000 (01:24 -0700)]
busybox: udhcpc, allow zero length dhcp options
This patch skips zero length DHCP options instead of failing.
Signed-off-by: Russell Senior <russell@personaltelco.net>
(cherry picked from commit
1c0436507156dc136d9e2668507817395434109e)
Sven Eckelmann [Thu, 25 Mar 2021 12:26:15 +0000 (13:26 +0100)]
mvebu: Fix mac addresses for GL.iNet GL-MV1000
The original GL.iNet firmware has two different mac addresses in the
factory/art partition. The first one is for the WAN interface only and the
second one is for both lan0 and lan1.
But the original submission for OpenWrt didn't initialize the mac
addresses of the LAN ports for the DSA device at all. The ethernet mac
address was then used for all DSA ports.
Fixes: 050c24f05c85 ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
c20ac84803242e5a6451184009dabc36ba83b96e)
Sven Eckelmann [Thu, 25 Mar 2021 12:26:15 +0000 (13:26 +0100)]
mvebu: Add button support for GL.iNet GL-MV1000
The original patch to support this device advertised support for the reset
button and the "switch" in the commit message. But neither were actually
integrated in the device tree or documented anywere.
The button itself is now used to trigger a reset (as described in the
official GL.iNet documentation). The switch itself is registered as BTN_0
like other devices from GL.iNet in ath79.
Fixes: 050c24f05c85 ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
(cherry picked from commit
01b911a9381426314762822f97e3a7e658295f50)
Tad Davanzo [Tue, 9 Feb 2021 22:42:54 +0000 (17:42 -0500)]
mvebu: enable WRT1900AC v1 and WRT32X for buildbots
Kernel size limits have been dealt with.
Effective revert of
a1eb2c46 and
ac9730c4.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit
b4f76d9f0d61779b5e04228d1eb3f2ba412ffd26)
Tad Davanzo [Sat, 6 Feb 2021 03:42:47 +0000 (22:42 -0500)]
mvebu: venom resize kernel to 6MB
venom has a 3MB kernel partition as specified by the DTS.
3MB is not sufficient for building with many kernel modules or newer
kernel versions.
venom uboot however as set from factory will load up to 6MB.
This can be observed by looking a uboot log:
NAND read: device 0 offset 0x900000, size 0x600000
6291456 bytes read: OK
and from uboot environment variables:
$ fw_printenv | grep "priKernSize";
priKernSize=0x0600000
Resize the root partitions from 120MB to 117MB to let kernel expand
into it another 3MB.
And set kernel target size to 6MB.
Lastly set the kernel-size-migration compatibility version on venom to
prevent sysupgrading without first reinstalling from a factory image.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit
15309f5133d55e92bec3ed91dfb3ac9d124f6a96)
Tad Davanzo [Sat, 6 Feb 2021 03:38:03 +0000 (22:38 -0500)]
mvebu: mamba resize kernel to 4MB
mamba has a 3MB kernel partition as specified by the DTS.
3MB is not sufficient for building with many kernel modules or newer
kernel versions.
mamba uboot however as set from factory will load up to 4MB.
This can be observed by looking a uboot log:
NAND read: device 0 offset 0xa00000, size 0x400000
4194304 bytes read: OK
and from uboot environment variables:
$ fw_printenv | grep "pri_kern_size";
pri_kern_size=0x400000
Resize the root partitions from 37MB to 36MB to let kernel expand
into it another 1MB.
And set kernel target size to 4MB.
Lastly add a compatibility version message: kernel-size-migration.
And set it on mamba to prevent sysupgrading without first reinstalling from
a factory image.
Signed-off-by: Tad Davanzo <tad@spotco.us>
(cherry picked from commit
10415d5e7016b69dc71c5f1b03e8e17b586f8edd)
Tony Ambardar [Fri, 26 Mar 2021 05:47:36 +0000 (22:47 -0700)]
firewall3: update to latest git HEAD
This includes several improvements and fixes:
61db17e rules: fix device and chain usage for DSCP/MARK targets
7b844f4 zone: avoid duplicates in devices list
c2c72c6 firewall3: remove last remaining sprintf()
12f6f14 iptables: fix serializing multiple weekdays
00f27ab firewall3: fix duplicate defaults section detection
e8f2d8f ipsets: allow blank/commented lines with loadfile
8c2f9fa fw3: zones: limit zone names to 11 bytes
78d52a2 options: fix parsing of boolean attributes
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit
0d75aa27d4093625c85f2d2233dd5392a7e2aa32)
Ilya Lipnitskiy [Tue, 16 Mar 2021 05:29:55 +0000 (22:29 -0700)]
kernel: backports: mt7530: fix TRGMII mode after reset
Backport upstream patch that fixes TRGMII mode now that mt7530 is
actually resetting the switch on ramips devices.
Patches apply to both Linux 5.4 and 5.10, since TRGMII is broken on both.
Fixes: 69551a244292 ("ramips: manage low reset lines")
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
(cherry picked from commit
680f91d0e5444d58815af03bf41c12592438f9d8)
Hauke Mehrtens [Thu, 25 Mar 2021 10:27:31 +0000 (11:27 +0100)]
kernel: Deactivate CONFIG_VFIO in generic kernel config
Instead of deactivating this in every target config, deactivate it once
in the generic kernel config. I was asked for this config option in a
x86 64 build in OpenWrt 21.02.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
7d6553c72edada262ada8dbe871243c35400573d)
Hauke Mehrtens [Wed, 24 Mar 2021 20:47:36 +0000 (21:47 +0100)]
kernel: bump 5.4 to 5.4.108
Refreshed all patches.
Compile-tested on: x86_64, ath79, lantiq
Runtime-tested on: x86_64, ath79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Mauri Sandberg [Mon, 7 Sep 2020 19:04:26 +0000 (22:04 +0300)]
ath79: Add support for Buffalo WZR-HP-G300NH
This device is a wireless router working on 2.4GHz band based on
Qualcom/Atheros AR9132 rev 2 SoC and is accompanied by Atheros AR9103
wireless chip and Realtek RTL8366RB/S switches. Due to two different
switches being used also two different devices are provided.
Specification:
- 400 MHz CPU
- 64 MB of RAM
- 32 MB of FLASH (NOR)
- 3x3:2 2.4 GHz 802.11bgn
- 5x 10/100/1000 Mbps Ethernet
- 4x LED, 3x button, On/Off slider, Auto/On/Off slider
- 1x USB 2.0
- bare UART header place on PCB
Flash instruction:
- NOTE: Pay attention to the switch variant and choose the image to
flash accordingly. (dmesg / kernel logs can tell it)
- Methods for flashing
- Apply factory image in OEM firmware web-gui.
- Sysupgrade on top of existing OpenWRT image
- U-Boot TFPT recovery for both stock or OpenWRT images:
The device U-boot contains a TFTP server that by default has
an address 192.168.11.1 (MAC 02:AA:BB:CC:DD:1A). During the boot
there is a time window, during which the device allows an image to
be uploaded from a client with address 192.168.11.2. The image will
be written on flash automatically.
1) Have a computer with static IP address 192.168.11.2 and the
router device switched off.
2) Connect the LAN port next to the WAN port in the device and the
computer using a network switch.
3) Assign IP 192.168.11.1 the MAC address 02:AA:BB:CC:DD:1A
arp -s 192.168.11.1 02:AA:BB:CC:DD:1A
4) Initiate an upload using TFTP image variant
curl -T <imagename> tftp://192.168.11.1
5) Switch on the device. The image will be uploaded subsequently.
You can keep an eye on the diag light on the device, it should
keep on blinking for a while indicating the writing of the image.
General notes:
- In the stock firmware the MAC address is the same among all
interfaces so it is left here that way too.
Recovery:
- TFTP method
- U-boot serial console
Differences to ar71xx platform
- This device is split in two different targets now due to hardware
being a bit different under the hood. Dynamic solution within the same
image is left for later time.
- GPIOs for a sliding On/Off switch, marked 'Movie engine' on the device
cover, were the wrong way around and were renamed qos_on -> movie_off,
qos_off -> movie_on. Associated key codes remained the same they were.
The device tree source code is mostly based on musashino's work
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
(cherry picked from commit
bc356de2850f14629cb1301be719772fa1212e72)
Mauri Sandberg [Mon, 14 Sep 2020 19:45:15 +0000 (22:45 +0300)]
ath79: cfi: cmdset_0002: amd chip 0x2201 - write words
Generally, in upstream CFI flash memory driver uses buffers for write
operations. That does not work with AMD chip with id 0x2201 and we must
resort to writing word sized chunks only. That is, to not apply general
buffer write functionality for this given chip.
Without the patch kernel logs will be flooded with entries like below:
MTD do_erase_oneblock(): ERASE 0x01fa0000
MTD do_write_buffer(): WRITE 0x01fa0000(0x00001985)
MTD do_erase_oneblock(): ERASE 0x01f80000
MTD do_write_buffer(): WRITE 0x01f80000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f8000a.
jffs2: Write clean marker to block at 0x01a60000 failed: -5
MTD do_erase_oneblock(): ERASE 0x01f60000
MTD do_write_buffer(): WRITE 0x01f60000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f6000a.
jffs2: Write clean marker to block at 0x01a40000 failed: -5
References: http://patchwork.ozlabs.org/project/linux-mtd/patch/
20210309174859.362060-1-sandberg@mailfence.com/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to usptream fix submission]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
8cc0fa8faceadac85353bb1a96e074518ef124e2)
Mauri Sandberg [Thu, 21 May 2020 06:59:52 +0000 (09:59 +0300)]
packages: kernel: add gpio-nxp-74hc153
NXP 74HC153 is a GPIO expander. Its original source cide sits in ar71xx
architecture tree. It has been slightly modified to get GPIO pin
configuration from the device tree rather than a MACH file.
Changes to the source file:
- Remove struct nxp_74hc153_config
- in nxp_74hc153_probe(), fetch GPIO configuration from device tree
- allow GPIO framework decide the base number by passing -1 to it
- remove support for kernel versions below 4.5.0
- add OF device compatibility string
Create a package for inclusion in image.
References: https://lore.kernel.org/linux-gpio/
545111184.50061.
1615922388276@ichabod.co-bxl/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to driver usptreaming work in progress]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit
6a6f9e73dd65f9201bee911d2fae8595f86c093b)
Eneas U de Queiroz [Fri, 26 Mar 2021 17:46:29 +0000 (14:46 -0300)]
openssl: bump to 1.1.1k
This version fixes 2 security vulnerabilities, among other changes:
- CVE-2021-3450: problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag.
- CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit
0bd0de7d43b3846ad0d7006294e1daaadfa7b532)
Paul Spooren [Fri, 26 Mar 2021 08:53:28 +0000 (22:53 -1000)]
build,json: backport default_packages fixes
Remove duplicate packages by running in `target/linux/` rather than
`target/linux/<target>/<subtarget>` and sort packages alphabetically.
Squash commit of:
7880a64848 build,json: 3rd fixup of default_packages
b36068d35d build,json: fixup fixup of arch_packages
1bf2b3fe90 build,json: fixup missing arch_packages
Signed-off-by: Paul Spooren <mail@aparcar.org>
Daniel Golle [Wed, 24 Mar 2021 09:47:12 +0000 (09:47 +0000)]
mwlwifi: add PKG_FLAGS:=nonshared
This should fix the problem of mwlwifi-firmware-* not being found
when using the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit
9b3aaf1cdb873cc2a7b2f2ef4e72ddb716afba38)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Paul Spooren [Sun, 21 Mar 2021 09:23:34 +0000 (23:23 -1000)]
build,json: fix duplicates in default_packages
Calling without the DUMP=1 argument causes the target specific Makefile
to be "included" again which adds the target specific packages twice,
once on the actual run and once included from `include/target.mk`.
This led to duplicate package entries, causing confusion in downstream
projects using the generated JSON files.
While at it, apply `black` style to Python script.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
7f4c2b1a4f9216218dced64794318f2197565c85)
Florian Eckert [Mon, 1 Feb 2021 09:58:09 +0000 (10:58 +0100)]
base-files: add logging for configuration import
Make sysupgrade backup import more verbose.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit
fdbdbe8eaaa6aa3acacdcb3ae1308b2a2055fc39)
INAGAKI Hiroshi [Wed, 17 Mar 2021 09:35:34 +0000 (18:35 +0900)]
ramips: add support for ELECOM WRC-1750GST2
ELECOM WRC-1750GST2 is a 2.4/5 GHz band 11ac (Wi-Fi 5) router, based on
MT7621A.
Specification:
- SoC : MediaTek MT7621A
- RAM : DDR3 256 MiB (NT5CC128M16JR-EK)
- Flash : SPI-NOR 32 MiB (MX25L25645GMI-08G)
- WLAN : 2.4/5 GHz 3T3R (2x MediaTek MT7615)
- Ethernet : 10/100/1000 Mbps x5
- Switch : MediaTek MT7530 (SoC)
- LEDs/Keys : 4x/6x (2x buttons, 1x slide-switch)
- UART : through-hole on PCB
- J4: 3.3V, GND, TX, RX, from ethernet port side
- 57600n8
- Power : 12 VDC, 1.5 A
Flash instruction using factory image:
1. Boot WRC-1750GST2 normally with "Router" mode
2. Access to "http://192.168.2.1/" and open firmware update page
("ファームウェア更新")
3. Select the OpenWrt factory image and click apply ("適用") button
4. Wait ~120 seconds to complete flashing
MAC addresses:
LAN : 04:AB:18:xx:xx:23 (Factory, 0xE000 (hex))
WAN : 04:AB:18:xx:xx:24 (Factory, 0xE006 (hex))
2.4GHz : 04:AB:18:xx:xx:25 (Factory, 0x4 (hex))
5GHz : 04:AB:18:xx:xx:26 (Factory, 0x8004 (hex))
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
(cherry picked from commit
b3ca1f30efd7bb96a22f72b766d302e552265276)
Walter Sonius [Sun, 21 Mar 2021 19:06:33 +0000 (20:06 +0100)]
ath79: fix lan port display order for sitecom wlr-7100
Physical port order watched from the back of the device is:
4 / 3 / 2 / 1 / WAN which also matches corresponding leds.
This patch corrects LuCI switch webpage LAN port order.
Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[improve commit title, fix sorting in 02_network]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
46c0634b508f731df487a7909c439b2794445e26)
Jeff Collins [Thu, 25 Feb 2021 16:11:58 +0000 (11:11 -0500)]
mvebu: add LED support for GL.iNet GL-MV1000
This patch enables LED support for the GL.iNet GL-MV1000
Signed-off-by: Jeff Collins <jeffcollins9292@gmail.com>
[add SPDX identifier on new file, add aliases, minor cosmetic issues]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
(cherry picked from commit
6e0c780eb3b4ba1e52216c1d671897749dd81829)
Álvaro Fernández Rojas [Sun, 21 Mar 2021 11:39:47 +0000 (12:39 +0100)]
bcm27xx: bcm2711: correctly disable HW_RANDOM_BCM2835
It was removed in
bac74aff5e36, but it should have been disabled.
More info: https://forum.openwrt.org/t/make-image-stops-at-random-number-generator-bcm27xx/91429/7
Fixes: bac74aff5e36 ("bcm27xx: bcm2711: disable HW_RANDOM_BCM2835")
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit
f93b544f01)
Hauke Mehrtens [Sun, 21 Mar 2021 21:34:13 +0000 (22:34 +0100)]
uhttpd: update to git HEAD
15346de client: Always close connection with request body in case of error
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
1170655f8b792b34f899350cb0272ad94bb2d3e2)
Hauke Mehrtens [Sat, 20 Mar 2021 12:26:20 +0000 (13:26 +0100)]
uhttpd: Execute uci commit and reload_config once
Instead of doing uci commit and reload_config for each setting do it
only once when one of these options was changed. This should make it a
little faster when both conditions are taken.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
501221af542b5154fbf8788f8426bc7f5443764a)
Hauke Mehrtens [Sat, 20 Mar 2021 12:19:22 +0000 (13:19 +0100)]
uhttpd: Reload config after uhttpd-mod-ubus was added
Without this change the config is only committed, but the uhttpd daemon
is not reloaded. This reload is needed to apply the config. Without the
reload of uhttpd, the ubus server is not available over http and returns
a Error 404.
This caused problems when installing luci on the snapshots and
accessing it without reloading uhttpd.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
d25d281fd6686bda67636f6c1df918145b6cb738)
Magnus Kroken [Sun, 14 Mar 2021 18:42:33 +0000 (19:42 +0100)]
mbedtls: update to 2.16.10
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues.
Security fixes:
* Fix a buffer overflow in mbedtls_mpi_sub_abs()
* Fix an errorneous estimation for an internal buffer in
mbedtls_pk_write_key_pem()
* Fix a stack buffer overflow with mbedtls_net_poll() and
mbedtls_net_recv_timeout()
* Guard against strong local side channel attack against base64 tables
by making access aceess to them use constant flow code
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.10
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
(cherry picked from commit
dbde2bcf60b5d5f54501a4b440f25fe7d02fbe5d)
Hans Dedecker [Sat, 20 Mar 2021 20:00:05 +0000 (21:00 +0100)]
glibc: update to latest 2.33 commit
db32fc27e7 test-container: Always copy test-specific support files [BZ #27537]
79c6be6a0a nptl: Remove private futex optimization [BZ #27304]
f90d6b0484 pthread_once hangs when init routine throws an exception [BZ #18435]
dd8023c2ac elf: ld.so --help calls _dl_init_paths without a main map [BZ #27577]
ea5a537e87 elf: Always set l in _dl_init_paths (bug 23462)
64f6c287ad x86: Handle _SC_LEVEL1_ICACHE_LINESIZE [BZ #27444]
32b9280f1d io: Return EBAFD for negative file descriptor on fstat (BZ #27559)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
956490ad6abead94c8b06e55b687074fa2fd5c62)
Hauke Mehrtens [Fri, 19 Mar 2021 16:59:12 +0000 (17:59 +0100)]
archs38: Add CONFIG_HZ=100
This kernel config option was missing and resulted in a question when
building.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit
047b7621bb3ac266d193cf110a468e42f844be4f)
Hans Dedecker [Wed, 10 Mar 2021 19:48:02 +0000 (20:48 +0100)]
glibc: update to latest 2.33 commit (BZ #27462, BZ #27318, BZ #27389)
a151f2e05a nscd: Fix double free in netgroupcache [BZ #27462]
ee9f98d9ca x86: Set minimum x86-64 level marker [BZ #27318]
3e880d7337 nss: Re-enable NSS module loading after chroot [BZ #27389]
71b2463f61 x86: Add CPU-specific diagnostics to ld.so --list-diagnostics
a1eb3915e7 x86: Automate generation of PREFERRED_FEATURE_INDEX_1 bitfield
33dc1dd602 ld.so: Implement the --list-diagnostics option
8d4241b897 string: Work around GCC PR 98512 in rawmemchr
6efa2d44c8 S390: Add new hwcap values.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
(cherry picked from commit
0ef3c58ac83397dcc81ad739ffe09702bc7f58ff)
Rafał Miłecki [Sun, 14 Mar 2021 18:10:18 +0000 (19:10 +0100)]
bcm53xx: backport first 5.13 DTS changes
This adds NVMEM bindings that are needed for proper booting on Linksys
devices.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
98d456a14e00e24acec36247fb5bd379da90f84e)
Rafał Miłecki [Fri, 12 Mar 2021 20:08:24 +0000 (21:08 +0100)]
bcm47xx: make WGT634U NVRAM patch apply again
Fixes: 1c48eee5b2bc ("kernel: backport Broadcom NVRAM driver cleanups")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
9530b9bb78845910de711d425f1e4b1c7d539b13)
Rafał Miłecki [Fri, 12 Mar 2021 17:10:09 +0000 (18:10 +0100)]
bcm53xx: initialize NVRAM from NVMEM driver
NVRAM access may be needed early in boot process. Reading it using mtd
happens quite late in the init process. Add NVRAM initialization to the
NVMEM driver which comes up early and depends on IO mapping only.
This is required by Linksys devices which use NVRAM content for proper
partitioning (detecting current firmware partition).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
baf04eed028a838518c65be48cbaabe0892343aa)
Rafał Miłecki [Fri, 12 Mar 2021 17:07:57 +0000 (18:07 +0100)]
kernel: backport Broadcom NVRAM driver cleanups
Refactoring of bcm47xx_nvram driver. It's used by bcm47xx and bcm53xx.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
1c48eee5b2bcfaf9815cc9a6f6664392d17164cb)
Rafał Miłecki [Wed, 10 Mar 2021 22:22:18 +0000 (23:22 +0100)]
bcm53xx: backport NVMEM NVRAM driver
It supports NVRAM access described using DT binding. Right now NVRAM
data is exposed using /sys/bus/nvmem/ only.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
01b1b375281b77233d65eb0ebda8e4e3a1bd2407)
Rafał Miłecki [Thu, 25 Feb 2021 19:45:02 +0000 (20:45 +0100)]
bcm53xx: backport more upstream dts stuff from kernel 5.11
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
8078d89a5357d13dc3f2e2055fd9d663c4f1bd04)
Rafał Miłecki [Thu, 25 Feb 2021 18:34:21 +0000 (19:34 +0100)]
bcm53xx: group dts backports by upstream kernel version
It's a simple renaming thing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
d0ee398c36983ccb2ee514e71f10d3c274546f17)
Rafał Miłecki [Wed, 17 Mar 2021 06:40:49 +0000 (07:40 +0100)]
bcm4908: backport recent bcm_sf2 changes
One 5.12 link fix and 5.13 crossbar support.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
e1b4fd52a8efe1dfcad4f4fbe59f1c35a09be0bd)
Rafał Miłecki [Tue, 16 Mar 2021 22:35:45 +0000 (23:35 +0100)]
bcm4908: backport recent bcm4908_enet changes
This includes 5.12 fix and 5.13 improvements.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
7091e312307f4563d4a7afb5946140120cfa87fa)
Rafał Miłecki [Mon, 15 Mar 2021 19:30:21 +0000 (20:30 +0100)]
bcm4908: backport first PHY 5.13 patches
1. Upstream accepted version of Kconfig change
2. Documentation binding fix
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
d7c8ca4d0b5c18c08e645f010fd0012f54c1c102)
Rafał Miłecki [Sun, 14 Mar 2021 18:22:18 +0000 (19:22 +0100)]
bcm4908: use accepted 5.13 DTS patches
Some patches were slightly cleaned up. One things worth mentioning is
that adding:
phy-mode = "rgmii"
broke SF2 driver. It made it access random register breaking switch
setup.
That's why this commit also adds a quick sf2 fix.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
05dbfe616d551bce1a19d3846c8949c047325624)
Rafał Miłecki [Fri, 12 Mar 2021 17:30:01 +0000 (18:30 +0100)]
kernel: add pending mtd patches adding NVMEM support
It's meant to provide upstream support for mtd & NVMEM. It's required
e.g. for reading MAC address from mtd partition content. It seems to be
in a final shape so it's worth testing.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
e90e75b12c818c49704755b9e530491aee2d554c)
Rafał Miłecki [Fri, 12 Mar 2021 16:37:59 +0000 (17:37 +0100)]
kernel: move mtd ofpart accepted patch
Move upstream patch to the backport directory.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
deceb039931cd8eb011a0eb65731f335662070d0)
Rafał Miłecki [Fri, 5 Mar 2021 13:38:41 +0000 (14:38 +0100)]
bcm4908: prepare to support TP-Link Archer C2300 V1
It's a BCM4906 based device (2 CPU cores). It has 512 MiB of RAM, 4 LAN
ports, 1 WAN port, 2 USB ports, NAND flash. WiFi unknown at this point.
Flashing is possible using CFE only, proper image will be worked on
later.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
8d24da14702b8da820bf2e3952d5691f77136018)
Rafał Miłecki [Fri, 5 Mar 2021 13:37:01 +0000 (14:37 +0100)]
bcm63xx-cfe: update to the latest master
d035016 tp-link: rename to tplink to match DT vendor prefix
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
4d961436c490800237fdca177b782a82aa300c32)
Rafał Miłecki [Fri, 5 Mar 2021 09:14:28 +0000 (10:14 +0100)]
bcm63xx-cfe: update to the latest master
3fb6f1c tp-link: c2300-v1: add cferam file
79f9578 sercomm: vox-2.5: add cferam file
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ac39c4bd6000aa435905f4e97a241f582a50c0f8)
Rafał Miłecki [Mon, 1 Mar 2021 17:12:48 +0000 (18:12 +0100)]
kernel: add the latest mtd patch extending ofpart parser
This adds the latest version of ofpart commit. It hopefully
1. Doesn't break compilation
2. Doesn't break partitioning
(this time).
It's required to implement fixed partitioning with some quirks. It's
required by bcm53xx, bcm4908, kirkwood, lantiq and mvebu.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
7a7b2fd809809fbd7045bd3dad4fc896a6fef06f)
Rafał Miłecki [Mon, 1 Mar 2021 07:14:49 +0000 (08:14 +0100)]
bcm4908: backport Ethernet driver fixes from the 5.12
The most noticeable one is fix for RX stopping on high traffic.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
acbea54bc29a22d8fb171bc9da0f1b16fb0ec233)
Rafał Miłecki [Mon, 15 Feb 2021 23:21:28 +0000 (00:21 +0100)]
bcm4908: add bcm_sf2 fixes for the 5th GPHY
This allows using the last integrated PHY (and so e.g. WAN port on the
ASUS GT-AC5300).
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
(cherry picked from commit
ad8b759fd17bd31fdb7a026f247fd6ec81b372d3)
Paul Spooren [Tue, 16 Mar 2021 01:59:26 +0000 (15:59 -1000)]
build,ib: add STRIP_ABI option for manifest
The ImageBuilder `make manifest` prints all installed packages. This
function can be used to create a list of package and corresponding
package versions before attempting image creation.
When called with `--strip-abi` OPKG can automatically strip attached
ABIVersions from package names. Make this function accessible for the
ImageBuilder by adding a `STRIP_ABI` variable.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
0f7cd97f812adaf4b2c2048227610d150aec72cc)
Hauke Mehrtens [Sun, 14 Mar 2021 14:51:56 +0000 (15:51 +0100)]
kernel: bump 5.4 to 5.4.105
Refreshed all patches.
The following patches were applied upstream:
* 755-v5.8-net-dsa-add-GRO-support-via-gro_cells.patch
* 831-v5.9-usbip-tools-fix-build-error-for-multiple-definition.patch
Compile-tested on: x86_64, ipq40xx, ath79
Runtime-tested on: x86_64, ipq40xx, ath79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Daniel Golle [Thu, 11 Mar 2021 00:23:11 +0000 (00:23 +0000)]
rpcd: update to git HEAD
d3f2041 uci: manually clear uci_ptr flags after uci_delete() operations
ccb7517 sys: packagelist: drop ABI version from package name
(cherry picked from commit
da339a6d3f78f86bb653f29dd1d1aea8351bfdad)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Thu, 11 Mar 2021 00:22:12 +0000 (00:22 +0000)]
opkg: update to git HEAD
d71856a pkg: pass-through ABIVersion to status file
d3a63b3 libopkg: add option to strip ABI versions from listed names
5936c4f libopkg: pkg_hash: prefer original packages to satisfy dependencies
(cherry squashed from commit
6a7a1f1c64cb307aef561b66956d32867b119a24,
commit
988ed0080284903d1fe4851c5ae8f1238bc61da2 and
commit
b5f6d20560b71025d376cb3052f1d1c2e92b409d)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Paul Spooren [Mon, 8 Mar 2021 04:09:32 +0000 (18:09 -1000)]
include: store ABIVersion in Packages index
With the existence of ABI versions there is no clean way to determine
the package name without an attached ABI version. The Packages index is
stored on device to know what packages are installed.
The ABIVersion was recently removed in
c921650382 "build: drop ABI
version from metadata", while ABI versions still exists. This becomes a
problem if a user tries to export installed packages via `ubus call
rpcd-sys packagelist` which would return package names including the ABI
version. Trying to find these packages in a later release with changes
ABI version is impossible.
This commits adds the `ABIVersion` field again. Knowing both the
combined (SourceName + ABIVersion) and the `ABIVersion` it is possible
to calculate the package `SourceName` without storing it in the
on-device package list.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit
fc5b101c06928884d2b0c42b11bf917d29538971)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Sun, 28 Feb 2021 18:00:33 +0000 (18:00 +0000)]
selinux-policy: update to version v0.8
a857b45 resolv/locale: eventually this should be more efficient
11ed281 some more optimization
764a475 add redundant calls to file.search_conffile_dirs()
7d4558e fs: treat devtmpfs that same as tmpfs
81b677e adds irqbalance skeleton
5506244 irqbalance rules
cc96cd8 adds usbutil and gtpfdisk skels
01e2a55 some fsck, gptfdisk, mkfs and usbutil rules
d6d1e7d usbutil: output to terminal
da576fa fsck, gptfdisk and usbutil rules
09b39e9 unbound
241a029 hotplugcall: allow dac_read_search (is a subset of dac_override)
af0fe90 adds label for tcsh
160f79e adds tcpdump
6d02b96 adds coreutil execfile for busybox alternatives
ac54884 coreutilexecfile: these are known to require privileges, so exclude
8cb3b66 adds chrootexecfile
6d329d3 this saves 9KiB and its a bit more robust
88e2425 move addpart/delpart/partx to gptfdisk.cil
261012d ntphotplug: reads ubox data files
0473ace various
740e820 work through to genfs_seclabel_symlinks loose ends (Linux 5.10)
bef21f5 TODO adds a note about how I dont need to upgrade to polver 33 from 31
cb2e5a3 ubus uses ntpdhotplug fd, and some genfs_seclabel_symlink changes
07df9b9 luci, rpcd and wpad (mainly genfs_selabel related but not all)
8d86cab genfs_seclabel loose ends for blockmount, hotplugcall, irqbalance, zram-swap
b8156cd adds a note about how i forgot to target blockd
6e82ab8 adds blockd and related
254ff43 Makefile: exclude blockd from mintesttgt
4dc6bc2 pppd update related and unbound-odhcp rules
3d7da7a igmpproxy tidy some loose ends
c84ba0f rcigmpproxy: add entries to /etc when creating /etc/igmpproxy.conf
5a18967 adds igmpproxy skeleton
7e6a218 logread: support resolving dns names
e39ca8b netifd: add support for /etc/udhcpc.user
7952bd0 odhcp6c: support /etc/odhcp6c.user
ba0eb4e swconfig, fwenv, agent
4556b8a pppd cosmetic
9324d9d pppd: sends AT commands to model using /dev/ttyUSBN
417b14a ttydev: add some more ttyUSB
ed739dc example: dont depend on policycoreutils
97613f9 dropbear: using dropbear as scp: dns name resolving
12c193b dropbear tcp connect ssh ports for scp
c050077 rcdnsmasq: remove redundant rule and make rcsysntpd optional
8c5de35 this is a bug
8d5c463 uhttpd rcboot rcdnsmasq
094266e hostapd and wpa_supplicant
aef0bd7 mountroot: maintains /tmp/sysupgrade.tar
24f0406 dropbear: allow it to read tmp.fs files
2901433 firstboot mkfsf2fs rcboot
2c4afb7 blockmount mmc
465ca98 adds industrial i/o (iio) nodedev
82f686e mtd stordev: back that ubiblock0_4p1 up with a filecon
7df78bd ubus: "support" older ubusd versions that run as root
4458bce swconfig: allow using terminal (to print output)
e8d606d sslcert: openssl linked: this shaves off 200 bytes
93afffb jshn ntpdhotplug
0b847f0 wpad: reads /etc/ssl/openssl.cnf
f14ee34 indent fix
a0c7cad mtd, uhttpd, ubus and ntpdhotplug
d74f98f adds a not about checkreqprot requirement in some scenarios
affacce example: add policycoreutils-setfiles for make check
4f944dc kmodloader and fwenv:
efe36a3 netifd: adds a comment/reminder
581b087 more fw_printenv loose ends
30177a4 fw_setenv: needs mtd write access to set and delete env
da28f4c fw_printenv: some minor clean ups
a062053 fw_printenv missing rules
244ba5f blockmount: extroot and /rwm
0745a6a squid: allow squid to run sslcrtd with domain transition
b851df6 squid fix
8c55acd squid: adds certfile and allow connect http but...
b7c1f6d Makefile: exclude tinyproxy from mintesttgt (using squid)
5ff39bd squid: forgot about luci
5366c97 squid/rcsquid some basic fill in
8743da6 squid skeleton
687a43b adds squid 3128 port to httpproxy port
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry squashed from commit
3ffc30f05aef1a72bc16af8665032164b152fc15
and commit
41a8f093fb26f372fc94e0016cf544ac65718b0b)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Dominick Grift [Sat, 6 Mar 2021 20:02:41 +0000 (21:02 +0100)]
checkpolicy: update to version 3.2
521e6a2f libsepol/cil: fix signed overflow caused by using (1 << 31) - 1
42ae834a libsepol,checkpolicy: optimize storage of filename transitions
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit
49edc4d17f241bca2a566dfdee0a64538b046cd7)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Dominick Grift [Sat, 6 Mar 2021 20:02:40 +0000 (21:02 +0100)]
secilc: update to version 3.2
49ff851c secilc: fixes cil_role_statements.md example
03881703 secilc/docs: add custom color theme
4c8d6094 secilc/docs: add syntax highlighting for secil
057d72af secilc/docs: use fenced code blocks for cil examples
e8bcdb84 cil_network_labeling_statements: fixes nodecon examples
eefa5511 cil_access_vector_rules: allowx, auditallowx and dontauditx fixes
9e9b8103 secilc/docs: document expandtypeattribute
fbe1e526 Update the cil docs to match the current behaviour.
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit
0b58ebcfe215c2456b752042e80268fe1ec6173a)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Dominick Grift [Sat, 6 Mar 2021 20:02:39 +0000 (21:02 +0100)]
policycoreutils: update to version 3.2
d464187c policycoreutils: sestatus belongs to bin not sbin
d59932a7 policycoreutils: Resolve path in restorecon_xattr
5682c0d5 policycoreutils/fixfiles.8: add missing file systems and merge check and verify
57dd1f65 policycoreutils/setfiles: Drop unused nerr variable
be7f54cb setfiles: drop ABORT_ON_ERRORS and related code
9207823c setfiles: Do not abort on labeling error
c064d214 selinux_config(5): add a note that runtime disable is deprecated
8bc865e1 newrole: support cross-compilation with PAM and audit
ba2d6c10 fixfiles: correctly restore context of mountpoints
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit
68934a5704be61e952c6ce04573bb54577b26680)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Dominick Grift [Sat, 6 Mar 2021 20:02:38 +0000 (21:02 +0100)]
libsemanage: update to version 3.2
c35919a7 libsemanage: sync filesystem with sandbox
5b05e829 Revert "libsemanage/genhomedircon: check usepasswd"
edae9275 libsemanage: Free contents of modkey in semanage_direct_remove
ce46daab libsemanage/genhomedircon: check usepasswd
6ebb35d2 libsemanage: Bump libsemanage.so version
c08b73d7 libsemanage: Drop deprecated functions
b46406de libsemanage: Remove legacy and duplicate symbols
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
(cherry picked from commit
4670492ad72e54e0608ef5f92d7066c1c7fa8f45)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>