Commit Graph

249 Commits

Author SHA1 Message Date
Christian Marangi
ebabdff401
tools: add option BUILD_ALL_HOST_TOOLS to compile all host tools
Add option to compile all host tools even if not needed.
This can be useful to prepare a universal precompiled host tools
archive to use in another buildroot and speedup compilation.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-30 22:26:54 +02:00
Felix Fietkau
6eeb5d4564 kernel: disable wireless extensions only when needed
They are only needed by a few very old drivers

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-09-22 15:26:58 +02:00
Hauke Mehrtens
9403810c02 toolchain: Select USE_SSTRIP with external musl toolchain
When we use the internal toolchain USE_SSTRIP will be selected by
default for musl libc and USE_STRIP when glibc is used. Do the same when
an external toolchain is used. USE_GLIBC will also be set for external
toolchain builds based on the EXTERNAL_TOOLCHAIN_LIBC_USE_GLIBC setting.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-09-12 23:16:22 +02:00
Josh Roys
90c6e3aedf
scripts: always check certificates
Remove flags from wget and curl instructing them to ignore bad server
certificates. Although other mechanisms can protect against malicious
modifications of downloads, other vectors of attack may be available
to an adversary.

TLS certificate verification can be disabled by turning oof the
"Enable TLS certificate verification during package download" option
enabled by default in the "Global build settings" in "make menuconfig"

Signed-off-by: Josh Roys <roysjosh@gmail.com>
[ add additional info on how to disable this option ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2022-09-10 15:24:22 +02:00
Thibaut VARÈNE
832e7b8172 build: always set CONFIG_IPV6
Disabling this build tunable breaks build and seems unrealistically
likely to be fixed.

This patch sets the related CONFIG to always true and removes the
config prompt, keeping the change minimal, and, should !CONFIG_IPV6 ever
be fixed, easy to revert.

Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org>
Acked-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Paul Spooren <mail@aparcar.org>
Acked-by: Josef.Schlehofer <pepe.schlehofer@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2022-08-20 21:41:03 +03:00
Florian Fainelli
e7ec2d7399 kernel: add KERNEL_DEBUG_VIRTUAL
This option allows turning on CONFIG_DEBUG_VIRTUAL which is useful to
debug incorrect uses of the virtual to physical and physical to virtual
translations functions.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2022-07-07 15:07:16 -07:00
Rafał Miłecki
abc5b28db1 bcm53xx: use -falign-functions=32 for kernel compilation
Northstar SoCs have pretty small CPU caches and their performance is
heavily affected by cache hits & misses. It means that all kind of
random code changes can affect performance as they often reorganize
(change alignment & possibly reorder) kernel symbols.

It was discussed in ARM / net mailinglists:
1. ARM router NAT performance affected by random/unrelated commits [1] [2]
2. Optimizing kernel compilation / alignments for network performance [3] [4]

It seems that -falign-functions can be used as a partial workaround. It
doesn't solve all cases (e.g. documented watchdog one [5]) but it surely
helps with many of them.

A complete long term solution may be PGO (profile-guided optimization)
but it isn't available at this point.

[1] https://lkml.org/lkml/2019/5/21/349
[2] https://www.spinics.net/lists/linux-block/msg40624.html
[3] https://lore.kernel.org/linux-arm-kernel/066fc320-dc04-11a4-476e-b0d11f3b17e6@gmail.com/T/
[4] https://www.spinics.net/lists/netdev/msg816103.html
[5] http://lists.openwrt.org/pipermail/openwrt-devel/2022-July/038989.html

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-07-03 13:59:12 +02:00
Rafał Miłecki
907d7d7472 kernel: support setting extra CFLAGS for kernel compilation
They may be used e.g. to optimize kernel size or performance.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-06-20 22:17:38 +02:00
Stijn Tintel
8f5c9a7d94 kernel: add KERNEL_BPF_EVENTS config option
This is required to use BPF maps of type BPF_MAP_TYPE_PERF_EVENT_ARRAY
for sending data from BPF programs to user-space for post-processing
or logging.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 13:32:06 +03:00
Tony Ambardar
531e0399cd build: add option KERNEL_DEBUG_INFO_BTF
Generate BTF (BPF Type Format) information from DWARF debug info. This is
embedded in the kernel and exported via sysfs as /sys/kernel/btf/vmlinux.
BTF data enhances kernel portability and introspection for BPF programs.

Selecting this also enables the dwarves host package which provides the
pahole tool used for BTF encoding.

Test using: "bpftool btf dump file /sys/kernel/btf/vmlinux format c"

This needs to depend on KERNEL_DEBUG_INFO_REDUCED not being set,
otherwise we can enable both KERNEL_DEBUG_INFO_BTF and
KERNEL_DEBUG_INFO_REDUCED, which will result in undefined behaviour.

Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
[split DEBUG_INFO_REDUCED into separate commit, add dependency]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 13:32:06 +03:00
Stijn Tintel
44bcad24b6 kernel: add DEBUG_INFO_REDUCED config option
Add DEBUG_INFO_REDUCED as a kernel config option and remove it from the
kernel configs. This is in preparation of the upcoming option to enable
BTF typeinfo, which is incompatible with DEBUG_INFO_REDUCED.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 13:32:06 +03:00
Stijn Tintel
d5dc6cdc53 kernel: add missing dependency to KERNEL_RPI_AXIPERF
This symbol is added by the bcm27xx target patches so it should depend
on that target.

Fixes: efd9463dcf ("kernel: add missing symbol for bcm27xx")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-18 13:31:05 +03:00
Stijn Tintel
efd9463dcf kernel: add missing symbol for bcm27xx
When KERNEL_PERF_EVENTS is enabled in OpenWrt, the RPI_AXIPERF symbol is
exposed. Add a build option for it to fix build failures with
KERNEL_PERF_EVENTS enabled.

Fixes: 20ea6adbf1 ("bcm27xx: add support for linux v5.15")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-05-17 20:54:25 +03:00
Stijn Tintel
500c37c56f kernel: add missing symbol
Enabling KERNEL_KPROBES exposes KERNEL_BPF_KPROBE_OVERRIDE. Add a build
option for it to fix build failures with KERNEL_KPROBES enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-04-02 23:41:27 +03:00
Petr Štetiar
ce7264a6e0 config: build: cleanup whitespace issue
In order to have it tidy.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2022-02-19 13:10:01 +01:00
Marek Behún
45d541bb40 kernel: add kmod-vrf
Add option to compile kmod-vrf, support for Virtual Routing and
Forwarding (Lite).

This module depends on NET_L3_MASTER_DEV, which is a boolean kernel
option, so we need to create a configuration option also for this, and
make kmod-vrf depend on it.

Signed-off-by: Marek Behún <kabel@kernel.org>
2022-02-01 22:59:09 +01:00
Daniel Golle
8a324fb759
uml: make use of 'rootfs-part' feature
Use 'rootfs-part' feature instead of referencing the TARGET_uml in
Config-images.in.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-23 19:48:31 +00:00
Daniel Golle
d05ac928f6
sunxi: make use of 'rootfs-part' feature
Use 'rootfs-part' feature instead of referencing the TARGET_sunxi in
Config-images.in.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-23 19:48:25 +00:00
Daniel Golle
3a69b4bbb9
omap: make use of 'rootfs-part' feature
Use 'rootfs-part' feature instead of referencing the TARGET_omap in
Config-images.in.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-01-23 19:48:20 +00:00
Matthew Hagan
033b6cef94 kernel: enhance multicast routing support
Certain utilities, such as smcroute [1], require additional multicast
routing options to be enabled, otherwise they will not function
correctly. Enable these relevant dependancies when IPv4 and/or IPv6
multicast routing are enabled.

[1] https://github.com/troglobit/smcroute/blob/master/README.md#linux-requirements

This increases the uncompressed kernel size on MIPS 24kc by 8KBytes
and the compressed kernel size by 1.8KBytes.

Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
2022-01-08 00:48:39 +01:00
Oldřich Jedlička
fd4ad6cae8 x86: added support to generate VHDX images
Added support to generate dynamic-sized VHDX images for Hyper-V.
Compile-tested on x86 and run-tested on Windows 10 21H2 (Hyper-V).

Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
2021-12-05 18:49:14 +01:00
Jianhui Zhao
43b498f669 kernel: remove non-existent config symbols
The crashlog patch as not ported to kernel 5.4.

Fixes: 4e0c54bc5b ("kernel: add support for kernel 5.4")
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
2021-11-20 18:53:14 +01:00
Stijn Tintel
38106a484c kernel: add missing symbol
Enabling KERNEL_FTRACE exposes the HIST_TRIGGERS triggers symbol. Add a
build option for it to fix build failures with KERNEL_FTRACE enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-11-15 03:13:43 +02:00
Stijn Tintel
786cbf0fa4 kernel: fix KERNEL_KASAN_VMALLOC build option
It should be config, not CONFIG.

Fixes: cbeab2cd99 ("kernel: add another missing KASAN symbol")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-11-07 18:57:12 +02:00
Stijn Tintel
0ccbcb0223 kernel: add missing keyword to KERNEL_KASAN_VMALLOC
The help keyword is missing, which breaks menuconfig etc.

Fixes: cbeab2cd99 ("kernel: add another missing KASAN symbol")

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-11-07 18:55:17 +02:00
Stijn Tintel
cbeab2cd99 kernel: add another missing KASAN symbol
Enabling KERNEL_KASAN exposes yet another missing symbol. This did not
appear on bcm27xx but is appearing now on x86/64. Add a new kernel build
option for KASAN_VMALLOC to fix build on x86/64 with KERNEL_KASAN
enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-07 18:38:16 +02:00
Stijn Tintel
c5fa7ec2a6 kernel: add missing UBSAN config symbols
Enabling KERNEL_UBSAN exposes several missing symbols. Add new kernel
build options for UBSAN_BOUNDS and UBSAN_TRAP, disable CONFIG_TEST_UBSAN
in the generic kernel configs and enable CONFIG_UBSAN_MISC in generic
5.10 config. The latter symbol was removed in later kernels, as it was
causing some issues, so just disable it in 5.10 instead of adding a
build option for it.

Fixes build failures with KERNEL_UBSAN enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-07 17:38:01 +02:00
Stijn Tintel
ec68c75c62 kernel: add missing KASAN config symbols
Enabling KERNEL_KASAN exposes several missing symbols. As KASAN_SW_TAGS
is only implemented for arm64 CPUs and requires clang, it doesn't make
sense to make this a build option so just default to KASAN_GENERIC and
disable KASAN_SW_TAGS.

While at it, disable TEST_KASAN_MODULE in the generic 5.10 config.

Fixes build failures with KERNEL_KASAN enabled.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-07 17:26:47 +02:00
Hauke Mehrtens
bdc2194cbb config: Activate SECCOMP also on MIPS 64
This activates SECCOMP also on mips64 and mips64el.

This was working fine in a basic test in qemu.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-11-03 23:52:08 +01:00
Felix Fietkau
2d5b83197a build: add HOST_OS_LINUX and HOST_OS_MACOS config symbols
This can be used to simplify host os tests in various places

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-11-01 16:37:52 +01:00
Josh Soref
323bd7b0f5 build: fix various typos
Fix typos in comment and user-facing help text.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
[split out config changes, adjust commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-10-31 21:24:47 +01:00
Rosen Penev
6b2ed6101e uclibc++: remove
No package here depends on it. Furthermore, uClibc++ is a fairly buggy
C++ library and seems to be relatively inactive upstream.

It also lacks proper support for modern C++11 features.

The main benefit of it is size: 66.6 KB	vs 287.3 KB on mips24kc. Static
linking and LTO can help bring the size down of packages that need it.

Added warning message to uclibc++.mk

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-10-24 18:20:50 +02:00
Florian Eckert
b118efa0d2
buildsystem: add CONFIG_SECCOMP
Until now, this feature was switched on via the kernel configuration
option KERNEL_SECCOMP.

The follwing change a7f794cd2a now requires that
the package procd-seccomp must also enabled for buildinmg.

However, this is not the case we have no dependency and the imagebuilder
cannot build the image, because of the implicit package selection.

This change adds a new configuration option CONFIG_SECCOMP.
The new option  has the same behaviour as the configuration
option CONFIG_SELINUX.

If the CONFIG_SECCOMP is selected then the package procd-seccomp and
KERNEL_SECCOMP is enabled for this build.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-10-16 02:00:47 +01:00
Hauke Mehrtens
d27f6e2c5d build: Replace KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR
The LOCKUP_DETECTOR configuration option split into the
SOFTLOCKUP_DETECTOR and HARDLOCKUP_DETECTOR configuration option some
time ago. The HARDLOCKUP_DETECTOR option is only working on some
architectures, but SOFTLOCKUP_DETECTOR should work everywhere. Replace
KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR.

LOCKUP_DETECTOR will be selected by SOFTLOCKUP_DETECTOR automatically.

Fixes: b951f53fba ("build: Add additional kernel debug options")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-09-13 13:04:21 +02:00
Stijn Tintel
57807f50de base-files: add option to make /var persistent
In OpenWrt, /var is symlinked to /tmp by default. This is done to reduce
the amount of writes to the flash chip, which often have not the
greatest durability. As a result, things like DHCP or UPnP lease files,
are not persistent across reboots.

Since OpenWrt can run on devices with more durable storage, it makes
sense to have an option for a persistent /var. Add an option to make
/var persistent. When enabled, /var will no longer be symlinked to /tmp,
but /var/run will be symlink to /tmp/run, as it should contains only
files that should not be kept during reboot. The option is off by
default, to maintain the current behaviour.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2021-08-22 18:07:51 +03:00
Paul Spooren
181054bf79 build: create profiles.json per default
The file is a info file just like config.buildinfo, feeds.buildinfo and
version.buildinfo. It bundles these and more information in a machine
readable way.

This commit enables the creation of profiles.json by default and not
only for buildbots. By doing so it follow the behaviour of the
ImageBuilder which always creates the file, lastly this increases the
files visibility for downstream projects.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-21 08:12:21 -10:00
李国
5876d6a62f grub2: make grub2-bios-setup as a separate package
The grub2 and grub2-efi packages should only contain boot-related code.
grub-bios-setup is the same as grub-editenv, they are both grub2 tools
and should be placed in a separate package.

Signed-off-by: 李国 <uxgood.org@gmail.com>
[use AUTORELEASE and update to SPDX]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-06-20 13:23:42 -10:00
Paul Fertser
04589cb549 build: Config-images: fix unit of partition sizes
The code interprets these config values as Mebibytes rather than
Megabytes so modify the description accordingly.

Signed-off-by: Paul Fertser <fercerpav@gmail.com>
[fix commit title prefix]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-06-20 00:49:06 +02:00
Daniel Golle
ebcb4f1d0a
treewide: fix spelling 'seperate' -> 'separate'
This popular spelling mistake was also introduced by myself lately.
Fix it everywhere.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-28 23:59:21 +00:00
Daniel Golle
dc68af4a13 image: improve Kconfig for seperate ramdisk option
* show only if target supports it (ie. seperate_ramdisk feature set)
* select XZ compression by default of ramdisk is seperate

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-25 16:39:55 +00:00
Daniel Golle
330bd380e8 image: allow building FIT and uImage with ramdisk
Instead of embedding the initrd cpio archive into the kernel, allow
for having an external ramdisk added to the FIT or uImage.
This is useful to overcome kernel size limitations present in many
stock bootloaders, as the ramdisk is then loaded seperately and doesn't
add to the kernel size. Hence we can have larger ramdisks to host ie.
installers with all binaries to flash included (or a web-based
firmware selector).
In terms of performance and total size the differences are neglectible.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-24 01:35:20 +00:00
Felix Fietkau
299b855418 build: make zstd initramfs selectable
fix typo in kernel initramfs zstd compression option

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-02-16 20:02:09 +01:00
Paul Spooren
a17b8eaa2e build: use SPDX license tags
The license folder is a core part of OpenWrt and all GPL-2.0 licensed.
Use SPDX license tags to allow machines to check licenses.

Signed-off-by: Paul Spooren <mail@aparcar.org>
[rebase, keep some Copyright lines, sharpen commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-02-05 14:54:47 +01:00
Daniel Golle
a21be2a703 kernel: add defaults for new SELinux options
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2021-02-05 13:17:49 +00:00
Tony Ambardar
af20332dec config: drop CONFIG_KPROBE_EVENT unused since kernel 4.9
The config setting was renamed to CONFIG_KPROBE_EVENTS.

Fixes: 97d3f800a8 ("config: kernel: Add KPROBE_EVENTS config option)
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
2021-01-25 14:37:41 +01:00
Rui Salvaterra
412dc26c99 kernel: make lwtunnel support optional
Not everyone will want to bloat their kernel by 24 kiB for such a niche
feature.

Fixes: a1a7f3274e "kernel: enable SRv6 support by
enabling lwtunnel"

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2021-01-14 22:38:39 -10:00
Andy Walsh
9afbf33b60 kernel: drop unneeded kernel version dependency
The current master only supports kernel 5.4, and there is no reason
to remove KERNEL_IO_URING for future kernels.

Drop the unneeded dependency.

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
[improve commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-01-14 01:23:16 +01:00
Nick Hainke
a1a7f3274e kernel: enable SRv6 support by enabling lwtunnel
Enable the ability to use segment routing based on IPv6. It allows the
packet to specify a path that the packet should take through the
network.

Lwtunnel allow an easy encapsulation of a package. You can just install
ip-full package and use it:

  ip -6 route add  2003::/64 dev eth0 encap seg6 mode encap \
    segs 2001::1,2002::2

An IPv6 package looks like this:
  [IPv6 HDR][IPv6 RH][IPv6 HDR][Data...]

Netifd support:
  https://git.openwrt.org/?p=project/netifd.git;
     a=commit;h=458b1a7e9473c150a40cae5d8be174f4bb03bd39

Increases imagesize by 24.125 KiB. Therefore, only enable for devices
with enough flash.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2021-01-11 11:09:05 -10:00
Nick Hainke
4943bc5cff kernel: only strip proc for small flash devices
Currently, you are not able to get statistics about IPv4 and IPv6
usage. This information can be collected via the snmp and snmp6.
However, in the current state this interface is disabled as you can
read in the "902-debloat_proc.patch":
 "Strip non-essential /proc functionality to reduce code size"

Tools like netstat use the snmp/6 interface to collect interface
statistics. Some prometheus exporters also mention this:
- prometheus-collectors/netstat.lua
- prometheus-collectors/snmp6 (still a PR)
- collectd/snmp6 (still a PR)

PRs:
- https://github.com/collectd/collectd/pull/3789
- https://github.com/openwrt/packages/pull/14158

Instead of enabling it as default for all devices we condition it
 default y if SMALL_FLASH

A test shows it needs around 16 kiB.

Signed-off-by: Nick Hainke <vincent@systemli.org>
[fixed whitespace issue]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-12-22 19:11:50 +01:00
Andy Walsh
9361964a3a kernel: add KERNEL_IO_URING option
* add KERNEL_IO_URING option

NOTES:
Adds configurable support for the io_uring interface (CONFIG_IO_URING) via KERNEL_IO_URING option.

The kernel only zImage grows by about 5-9KB ?

I would like to enable this by default for all 5.4 kernels, so i can use the new io_uring samba-4.12.x vfs module by default.

The associated liburing was already submitted and merged.
The kernel + liburing was tested on ARM/mvebu via samba4 vfs_io_uring module and i have no issues so far.

Some extra reads on it and why we should enable it by default, since i expect more packages to use this in the future.
https://wiki.samba.org/index.php/Samba_4.12_Features_added/changed#.27io_uring.27_vfs_module
https://lwn.net/Articles/810414/
https://kernel.dk/io_uring.pdf
https://www.phoronix.com/scan.php?page=news_item&px=Linux-5.6-IO-uring-Tests

Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com>
2020-12-22 19:11:50 +01:00