There are various reports on Github and in the forum that this commit
causes multiple problems.
This reverts commit ee6ba216d8.
Fixes: #9420
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
octeon/patches-5.10 -> octeon/patches-5.15
Removed 140-octeon_e300_support.patch as E300 support appears to be upstreamed.
Reworked 130-add_itus_support.patch to compensate for the upstreaming of E300
octeon/config-5.15
The following Kernel Symbols were ADDED:
Line 5: +CONFIG_AF_UNIX_OOB=y
Line 6: +CONFIG_AHCI_OCTEON=y
Line 9: +CONFIG_ARCH_KEEP_MEMBLOCK=y
Line 16: +CONFIG_ATA=y
Line 17: +CONFIG_BINARY_PRINTF=y
Line 29: +CONFIG_CPU_R4K_FPU=y
Line 45: +CONFIG_FWNODE_MDIO=y
Line 51: +CONFIG_GENERIC_FIND_FIRST_BIT=y
Line 59: +CONFIG_GLOB=y
Line 61: +CONFIG_GPIO_CDEV=y
Line 77: +CONFIG_LTO_NONE=y
Line 85: +CONFIG_MIPS_FP_SUPPORT=y
Line 93: +CONFIG_NET_SELFTESTS=y
Line 94: +CONFIG_NET_SOCK_MSG=y
Line 105: +CONFIG_PATA_OCTEON_CF=y
Line 106: +CONFIG_PATA_TIMINGS=y
Line 114: +CONFIG_PTP_1588_CLOCK_OPTIONAL=y
Line 121: +CONFIG_SATA_AHCI_PLATFORM=y
Line 122: +CONFIG_SATA_HOST=y
Line 124: +CONFIG_SCSI_COMMON=y
Line 132: +CONFIG_SOCK_RX_QUEUE_MAPPING=y
Line 157: +CONFIG_USB_XHCI_HCD=y
Line 158: +CONFIG_USB_XHCI_PLATFORM=y
The following kernel symbols were REMOVED:
Line 21: -CONFIG_BLK_SCSI_REQUEST=y
Line 37: -CONFIG_ENABLE_MUST_CHECK=y
Line 69: -CONFIG_HOLES_IN_ZONE=y
Line 102: -CONFIG_OF_NET=y
Line 140: -CONFIG_SYS_SUPPORTS_HUGETLBFS=y
Compiled for Itus Shield, Boots successfully, continuing to test
for existing 5.10 memory leak.
Signed-off-by: Donald Hoskins <grommish@gmail.com>
[refresh patches]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The memory leak is fixed by the kernel patches backported in the
previous commit.
This reverts commit 1fa8780056.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Enabling KERNEL_KPROBES exposes KERNEL_BPF_KPROBE_OVERRIDE. Add a build
option for it to fix build failures with KERNEL_KPROBES enabled.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Use the kernel's built-in formula for computing this value.
The value applied by OpenWRT's sysctl configuration file does not scale
with the available memory, under-using hardware capabilities.
Also, that formula also influences net.netfilter.nf_conntrack_buckets,
which should improve conntrack performance in average (fewer connections
per hashtable bucket).
Backport upstream commit for its effect on the number of connections per
hashtable bucket.
Apply a hack patch to set the RAM size divisor to a more reasonable value (2048,
down from 16384) for our use case, a typical router handling several thousands
of connections.
Signed-off-by: Vincent Pelletier <plr.vincent@gmail.com>
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
It may happen that conffiles are in different order on different builds.
Make sure they have the same order by sorting them.
FIX: #9612
Signed-off-by: Paul Spooren <mail@aparcar.org>
A Python script containing an unreproducible path is copied by default.
Remove it before generating the package.
Signed-off-by: Paul Spooren <mail@aparcar.org>
There is a hard to reproduce, even harder to track down memory leak in
Octeon since kernel 5.10. Mark octeon source-only until it is plugged.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This reverts commit 35d2bbc29b as we
believe we found that it is indeed an openssl issue, where openssl is
trying to use getrandom(2), but fails because this particular builder
has an ancient kernel without that syscall. We didn't get to the bottom
of why openssl doesn't fall back to something like /dev/random.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The first argument for snprintf is the buffer and the 2. one is the
size. Fix the order. This broke the lock application.
Fixes: 34567750db ("busybox: fix busybox lock applet pidstr buffer overflow")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When upgrading a TP-Link Archer C5 v1 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.
Same has been done for the Archer C7 before:
commit e19506f206 ("ath79: migrate Archer C7 5GHz radio device paths")
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
Config option `ARM_ARCH_TIMER` has been removed during rebasing onto
5.15 kernel in commit 2b395c2982 ("imx: update config for 5.15").
Anyway, as stated in commit 8cdc356f8c ("mediatek: mt7623: Re-enable
ARM arch timer") config option `ARM_ARCH_TIMER` cannot be enabled in the
config directly; it is only selected by `HAVE_ARM_ARCH_TIMER`. We need
to enable the latter in our config.
Fixes: 2b395c2982 ("imx: update config for 5.15")
Reported-by: Piotr Dymacz <pepe2k@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Fixes following issue:
Package kmod-drm-imx-ldb is missing dependencies for the following libraries:
drm_dp_aux_bus.ko
Introduced upstream in commit aeb33699fc2c ("drm: Introduce the DP AUX
bus") in kernel version 5.15.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
In imx target we're sharing single, version agnostic kernel
`config-default` file, which doesn't work very well with current 5.10
and upcoming 5.15 kernel symbols as recent rebase onto 5.15 kernel
introduced in commit 2b395c2982 ("imx: update config for 5.15) has
introduced following regression with 5.10 kernel:
Marvell 88E6xxx Ethernet switch fabric support (NET_DSA_MV88E6XXX) [Y/n/m/?] y
Switch Global 2 Registers support (NET_DSA_MV88E6XXX_GLOBAL2) [Y/n/?] (NEW)
That NET_DSA_MV88E6XXX_GLOBAL2 kernel config symbol has been removed in
upstream commit 63368a7416df ("net: dsa: mv88e6xxx: Make global2 support
mandatory") in kernel version 5.12.
This issue could be probably fixed by introduction of separate kernel
config files for each currently used kernel versions and subtarget, but
it is not worth the hassle and resources as imx target is running mostly
upstream kernel, so lets fix it by switching to 5.15 version instead.
Fixes: 2b395c2982 ("imx: update config for 5.15")
Acked-by: Piotr Dymacz <pepe2k@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Backport upstream patch to have reproducible FAT signatures.
This should enable reproducibility for x86 EFI images.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Fixes following issue:
Package kmod-drm is missing dependencies for the following libraries:
fb.ko
Introduced upstream in commit f611b1e7624c ("drm: Avoid circular
dependencies for CONFIG_FB") in 5.14.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.
Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com>
The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Add Kernel 5.15 patches + config. This is currently only available for
the generic subtarget, as it was exclusively tested with this target.
Tested-on: Siemens WS-AP3610, Enterasys WS-AP3705i
Signed-off-by: David Bauer <mail@david-bauer.net>
Specify the switch ports in the DTS file.
Re-enable it after it was disabled by commit e9672b1a8f ("bcm53xx: switch to the
upstream DSA-based b53 driver").
Signed-off-by: SHIMAMOTO Takayoshi <takayoshi.shimamoto.360@gmail.com>
[rmilecki: reword commit & drop unneeded whitespace change]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.
Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.
Signed-off-by: Paul Spooren <mail@aparcar.org>
platform_nand_pre_upgrade() is gone since commit 790692dde2
("base-files: drop support for the platform_nand_pre_upgrade()").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Asus RT-AC88U is an AC3100 router featuring 9 Ethernet ports over the
integrated Broadcom and the external Realtek switch.
Hardware info:
* Processor: Broadcom BCM4709C0KFEBG dual-core @ 1.4 GHz
* Switch: BCM53012 in BCM4709C0KFEBG & external RTL8365MB
* DDR3 RAM: 512 MB
* Flash: 128 MB (ESMT F59L1G81LA-25T)
* 2.4GHz: BCM4366 4×4 2.4/5G single chip 802.11ac SoC
* 5GHz: BCM4366 4×4 2.4/5G single chip 802.11ac SoC
* Ports: 8 Ports, 1 WAN Ports
Flashing instructions:
* Boot to CFE Recovery Mode by holding the reset button while power-on.
* Connect to the router with an ethernet cable.
* Set IPv4 address of the computer to 192.168.1.2 subnet 255.255.255.0.
* Head to http://192.168.1.1.
* Reset NVRAM.
* Upload the OpenWrt image.
CFE bootloader may reject flashing the image due to image integrity check.
In that case, follow the instructions below.
* Rename the OpenWrt image as firmware.trx.
* Run a TFTP server and make it serve the firmware.trx file.
* Run the URL below on a browser or curl.
http://192.168.1.1/do.htm?cmd=flash+-noheader+192.168.1.2:firmware.trx+flash0.trx
Signed-off-by: Arınç ÜNAL <arinc.unal@arinc9.com>
[rmilecki: mark BROKEN until we sort out nvram & CFE recovery]
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.
The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):
Before:
real 4m45,973s
After:
real 0m23,497s
With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
The tc package does not exits any more, it was split into tc-tiny,
tc-full and tc-bpf. Include tc-bpf by default into realtek images.
This increases the compressed image size by about 232KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The realtek target is not a router, but basic device, see DEVICE_TYPE.
The basic device type does not come with firewall by default, see
include/target.mk for details. The realtek target extended
DEFAULT_PACKAGES manually with firewall.
This changes the defaults to take firewall4 and nftables instead of
firewall and iptables. This also adds the additional package
kmod-nft-offload.
The only difference to the router type is the missing ppp,
ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.
This increases the compressed image size by about 422KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.
This decreases the compressed image size by about 165KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>