Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
For APK installation we don't have /usr/lib/opkg/info and user fixup are
handled dirrectly. Skip the script in such case.
Also remove this uci-defaults if we have CONFIG_USE_APK enabled.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Don't install /usr/lib/opkg/info in package install as it doesn't make
sense and conflicts with APK installations.
Fixes: a377aa9ab5 ("add dropkey ssh keys and config files to the conffiles section (#2014)")
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
For non-overlay configuration we need checksum for config file that
weren't modified by the user. For OPKG in sysupgrade we check the status
file for the Conffiles: entry of every package. this entry contains
checksum for every static file that the package contains.
Provide the same info for APK by creating a conffiles_static file and
parse this file on sysupgrade for non-overlay configurations.
This is also used by the sysupgrade -u option to exclude non-changed
files from the final backup.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Implement some logic to invalidate targetinfo files in tmp with the
changing of some config.
Some config might affect DEFAULT_PACKAGES list but DEFAULT_PACKAGES is
only evaluated once. This cause the interesting scenario where someone
install feeds packages, targetinfo is evaluated in tmp and then add some
config like CONFIG_USE_APK. Using make defconfig will still select OPKG
as default package as DEFAULT_PACKAGES in targetinfo has been already
evaluated in the feeds install and is never updated.
To handle this add some logic in toplevel.mk to cache the current state
of these special config and wipe targetinfo when these change.
This cause the targetinfo to be reevaluated and handle this REALLY
corner case.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
There is currently a problem with how some option that modify default
package configuration are parsed.
When the DEFAULT_PACKAGES list is composed, DUMP is used. Using DUMP
disable the loading of .config to remove and modification done by the
user to prevent any kind of conflict or strange thing one creating all
the info for each target. Because of this, .config is never parsed and
any check to CONFIG doesn't work (for the first creation of .config).
Later image build will check what is set in .config and the default
package list won't be parsed anymore.
This is problematic for some config that are OK to parse, for example
SELINUX or USE_APK.
To better handle them add some logic when DUMP is used to selectively
parse these option if present in a to-be-init .config so that option are
correctly parsed and DEFAULT_PACKAGES is correctly set.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
since the split of APK in mbedtls and openssl version, installing `apk`
as default package doesn't do the trick anymore. Instead specify
`apk-mbedtls` directly.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
In experimenting with --delete for APK handling, it was discovered that
--delete is broken and corrupts the TAR in some case.
This is fixed in version 1.35 but 1.35 introduce some problem with MacOS
making it difficult to bump. Backport the 2 required patches to fix this
problem so --delete is usable again.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Currently the build with USE_APK=y fails in package/libs/toolchain:
staging_dir/host/bin/fakeroot: line 182: staging_dir/host/bin/apk: No such file or directory
make[2]: *** [Makefile:758: bin/targets/mediatek/filogic/packages/libgcc1-13.2.0-r4.apk] Error 127
as commit d788ab376f ("build: add APK package build capabilities") added
dependency on apk in packaging step, but there is no host build
dependency defined, thus apk binary is missing when libgcc1 apk package is being
created. So lets fix it by adding explicit apk/host dependency to all
targets in the subdirectories.
Fixes: d788ab376f ("build: add APK package build capabilities")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[ rework logic to be more self contained ]
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Add special handling for CONTROL conffiles. Some packages (base-files)
manually append stuff to the CONTROL directory.
The CONTROL directory is something for OPKG that is added in the root of
the ipkg directory and usually contains postinst, list, and conffiles
file. For APK the implementation is different, to keep compatibility
with this and maybe other packages, apply manual fixup and check for
these corner case.
Also check if the CONTROL directory is present and is empty to make sure
we don't drop other special file while removing any pending CONTROL
directory in the ipkg directory.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
As done for OPKG, correctly remove APK files before building package to
make sure we don't work on dirty files.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Rework handling of post-install scripts for APK. As we do with OPKG,
lets just iterate between each post-install package so we can actually
check if something fail in applying them.
To do this we first extract each .post-install script in APK
scripts.tar.
Also remove these files from final image as they are needed only for the
first installation of the packages.
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Since musl 1.2.5 update yafut would throw a warning about implicit
declaration of basename() but would still somehow compile.
However, trying to use it on a device will cause it to instantly
Segmentation fault.
So, to fix this lets update to the current upstream repository version
that has removed the use of basename() completely.
Link: https://github.com/openwrt/openwrt/pull/15685
Signed-off-by: Robert Marko <robimarko@gmail.com>
Select DRIVER_11AX_SUPPORT and KERNEL_RELAY also for kmod-mt7996 to
prevent build failure if only this driver is selected during build and
end up with (most) required hostap features (IEEE 802.11be rates are not
yet supported).
Reported-by: Arınç ÜNAL <arinc.unal@arinc9.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The WLR-1240 (ZX-5434) is an AC1200 Wave 2 outdoor repeater
with omnidirectional antennas for wall or pole mounting.
The device is manufactured by Todaair and meant to be used with
a tuya-based app, there is no webinterface for configuration.
Specifications:
- MT7628AN, 8 MiB SPI NOR flash, 64 MiB RAM, 2x2 802.11n
- MT7613 2x2 802.11ac Wave 2
- 802.3af PoE or 12V 1A 5.5x2.1 power supply (included)
- top RGB LED ring
TFTP installation:
- rename sysupgrade to `firmware_auto.bin`
- provide at 192.168.1.10 during boot
HTTP installation:
- keep reset button pressed for 5 seconds during power on (light blue
LED flashes slowly, then quickly to confirm, then remains steady on)
- recovery web interface is at 192.168.1.1, upload sysupgrade
Opening the device
- use suction cup to remove top cap within LED ring
- two screws are located in holes underneath silicone sealant
- two further screws are located at the bottom
initramfs boot
- open device, connect serial console (pins are labelled)
- keep pressing `4` during second tftp attempt to enter uboot shell
- run `tftpboot 82000000` to avoid memory overlap, then `bootm`
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
The WLR-1230 (ZX-5207) is an AC1200 Wave 2 outdoor repeater
with sector antennas for wall or pole mounting.
The device is manufactured by Todaair and meant to be used with
a tuya-based app, there is no webinterface for configuration.
Specifications:
- MT7628AN, 8 MiB SPI NOR flash, 64 MiB RAM, 2x2 802.11n
- MT7613 2x2 802.11ac Wave 2
- 802.3af PoE or 12V 1A 5.5x2.1 power supply (included)
- 3 LEDs WLAN, LAN, RES; PWR LED is not software-controllable
TFTP installation:
- rename sysupgrade to `firmware_auto.bin`
- provide at 192.168.1.10 during boot
HTTP installation:
- keep reset button pressed for 5 seconds during power on (LEDs
flash slowly, then quickly to confirm, then remain steady on)
- recovery web interface is at 192.168.1.1, upload sysupgrade
Opening the device
- two screws are located in the bottom left and right corners
underneath the label, inner tray slides out easily
initramfs boot
- open device, connect serial console (pins are labelled)
- keep pressing `4` during second tftp attempt to enter uboot shell
- run `tftpboot 82000000` to avoid memory overlap, then `bootm`
Signed-off-by: Sebastian Schaper <openwrt@sebastianschaper.net>
The 'kmod-stmmac-core' package is referenced by the following packages:
* kmod-dwmac-intel
* kmod-dwmac-imx
* kmod-dwmac-sun8i
The problem is that 'kmod-of-mdio' is not selectable for 'TARGET_x86'.
That means the package 'kmod-dwmac-intel' is not available on this
architecture and so the package 'kmod-dwmac-intel' could not be enabled.
To fix this remove the dependencies 'kmod-of-mdio' from 'kmod-stmmac-core'.
This is not needed on this level, because the modules 'kmod-of-mdio' is
already selected by the packages 'kmod-dwmac-imx' and 'kmod-dwmac-sun8i'.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Add the kmod-mt7915e wifi driver to the default packages for the Ruijie
RG-X60 Pro. kmod-mt7915e has to be added recently and was not done
before merging the support for Ruijie RG-X60 Pro.
Fixes: 3de3c2bdfa ("mediatek: add support for Ruijie RG-X60 Pro")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Cudy assigns hardware versions to its devices on its website, and
the Cudy TR1200 router is now Cudy TR1200 v1.
OpenWrt currently uses both variants, and this commit removes
inconsistencies using only the new name.
Signed-off-by: Luis Mita <luis@luismita.com>
Switch to new nvmem binding.
Also fixes a issue that the MAC address assigned to lan/wan was reversed.
Tested-by: Yangyu Chen <cyy@cyyself.name>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Hardware
--------
- SOC: MediaTek MT7981
- ram: 256MB DDR3
- FLASH: 16MB SPI-NOR
- Ethernet: 2x1Gb Lan 1x1Gb Wan
- WIFI: MediaTek MT7981 2x2 DBDC 802.11ax 2T2R (2.4/5)
- LEDs: 2xLan 1x Wan 1x WIFI 1xSTATUS
MAC table, same as stock firmware:
LAN: 80:3F:5D:xx:xx:x1 partition "hw" at 0x44e (ASCII)
WAN: 80:3F:5D:xx:xx:x2 partition "hw" at 0x460 (ASCII)
2G: 80:3F:5D:xx:xx:x3 partition "factory" at 0x4 (binary), on label
5G: 80:3F:5D:xx:xx:x3 Same as 2G
Installation Method 1: ssh
--------------------------
1. Connect PC to the lan port. Set the PC IP to 192.168.10.100 if
required.
2. Navigate to http://192.168.10.1/
3. Log into the Wavlink WebGUI. Default username/password is
admin/admin.
4. Use WebGUI to upgrade the firmware to
WAVLINK_WN586X3-A_M86X3A_V240113_WO-GDBYFM-modified.bin
downloaded from
https://github.com/themaverickdm/firmware-misc/tree/main/wavlink/wl-wn586x3
Warning: All settings will be lost!
5. Wait about 5 minutes, and after flashing is completed, log into
the router using (with admin123 as password):
ssh root@192.168.10.1
6. scp the openwrt image file onto the router, usually under /tmp
somewhere.
openwrt-mediatek-filogic-wavlink_wl-wn586x3-squashfs-sysupgrade.bin
7. Flash openwrt image file like so:
mtd write \
openwrt-mediatek-filogic-wavlink_wl-wn586x3-squashfs-sysupgrade.bin \
firmware
Warning: Previous firmware will be overwritten!
8. Wait about 5 minutes, and after the flashing is completed, set
the PC IP to 192.168.1.100 if required and log into the router
like so:
ssh root@192.168.1.1
Installation Method 2: u-boot
-----------------------------
1. Connect UART: TX-> 586X3 RX, RX-> 586X3 TX, GND-> 586 GND.
2. Connect PC to the wan (not lan!) port.
3. Setup the tftp server on PC, set IP to 192.168.10.100,
4. Power on the device. Select '2' to upgrade firmware in Uboot.
5. Input the image name and start to upgrade.
Uboot console log:
CPU: MediaTek MT7981
Model: mt7981-rfb
DRAM: 256 MiB
Core: 34 devices, 13 uclasses, devicetree: embed
Loading Environment from nowhere... OK
In: serial@11002000
Out: serial@11002000
Err: serial@11002000
Net:
Warning: ethernet@15100000 (eth0) using random MAC address -
02:47:fb:b2:53:2d
eth0: ethernet@15100000
UBOOT WN586X3A
gpio: pin 9 (gpio 9) value is 0
gpio: pin 10 (gpio 10) value is 0
gpio: pin 5 (gpio 5) value is 0
gpio: pin 12 (gpio 12) value is 0
gpio: pin 13 (gpio 13) value is 0
*** U-Boot Boot Menu ***
1. Startup system (Default)
2. Upgrade firmware
3. Upgrade ATF BL2
4. Upgrade ATF FIP
5. Upgrade single image
6. Load image
0. U-Boot console
Co-authored-by: R Maru <deviantmaru@gmail.com>
Signed-off-by: R Maru <deviantmaru@gmail.com>
Signed-off-by: Sijia Huang <engineer31@win-star.com>
Before the nvmem rework, this was already handled in dts with
mtd-cal-data instead of qca,no-eeprom. No need to duplicate. Also, the
800 size value seems nonsensical. 440 is the standard.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Userspace handling is deprecated.
Also fix a bug with userspace handling where the wrong calibration data
was being used for the PCI card. The dts was correct but userspace was
not.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
These symbols have already been removed from the upstream Linux source
code. They are automatically compared and removed by a kernel config
scanning script[1].
[1] https://github.com/openwrt/openwrt/pull/15324
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Major changes between OpenSSL 3.0.13 and OpenSSL 3.0.14 [04-Jun-2024]
* Fixed potential use after free after SSL_free_buffers() is called.
[CVE-2024-4741]
* Fixed checking excessively long DSA keys or parameters may be very slow.
[CVE-2024-4603]
* Fixed an issue where some non-default TLS server configurations can cause
unbounded memory growth when processing TLSv1.3 sessions. An attacker may
exploit certain server configurations to trigger unbounded memory growth that
would lead to a Denial of Service. [CVE-2024-2511]
* New atexit configuration switch, which controls whether the OPENSSL_cleanup
is registered when libcrypto is unloaded. This can be used on platforms
where using atexit() from shared libraries causes crashes on exit
Signed-off-by: John Audia <therealgraysky@proton.me>
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
This adds some compile fixes for linux 6.6 compatibility.
class_create now require only the name instead of the module ownership
reference.
Also the kernel enabled checks for enum.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This adds some compile fixes for linux 6.6 compatibility.
class_create now require only the name instead of the module ownership
reference.
Also the kernel enabled checks for enum.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
struct u128 and u128_xor() was removed by upstream commit f413e724818c
("cyrpto/b128ops: Remove struct u128").
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This fixes some compile warnings for linux 6.6.
Flushing system-wide workqueues is dangerous and will be forbidden.
Replace system_wq with local vectoring_wq.
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This is an automatically generated commit which aids following Kernel patch
history, as git will see the move and copy as a rename thus defeating the
purpose.
For the original discussion see:
https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Make the OF-compatible zImage per-board selectable. This allows the
image to only be built with the wrapper if the target actually uses it.
This fixes build-failures for the mpc85xx-p2020 subtarget.
Fixes: 557c094f0579 ("mpc85xx: only build zImage on required targets")
Signed-off-by: David Bauer <mail@david-bauer.net>
Set the appropriate cpu_port value based on the use of realtek,extif0 to extif2
instead of the additional cpu_port parameter.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15033
Signed-off-by: Robert Marko <robimarko@gmail.com>
Set the appropriate cpu_port value based on the use of realtek,extif0 or realtek,extif1 parameter.
Signed-off-by: Mieczyslaw Nalewaj <namiltd@yahoo.com>
Link: https://github.com/openwrt/openwrt/pull/15033
Signed-off-by: Robert Marko <robimarko@gmail.com>
Update to the latest upstream release to include recent improvements and
bugfixes, and simplify use of PKG_SOURCE_VERSION.
Link: https://github.com/libbpf/libbpf/releases/tag/v1.4.3
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add two patches to fix compile errors being repeatedly seen on OpenWrt CI.
The first is an upstream backport to fix this i386-related error:
x86_64-openwrt-linux-musl-gcc -mcmodel=large -I./purgatory/include
-I./purgatory/arch/x86_64/include -I./util_lib/include -I./include -Iinclude
-I/builder/shared-workdir/build/sdk/staging_dir/toolchain-x86_64_gcc-13.3.0_musl/lib/gcc/x86_64-openwrt-linux-musl/13.3.0/include
-c -MD -o purgatory/arch/i386/entry32-16.o purgatory/arch/i386/entry32-16.S
purgatory/arch/i386/entry32-16.S: Assembler messages:
purgatory/arch/i386/entry32-16.S:23: Error: 64bit mode not supported on `i386'.
The second addresses an error using basename() on musl libc:
kexec/arch/i386/x86-linux-setup.c: In function 'add_edd_entry':
kexec/arch/i386/x86-linux-setup.c:332:20: warning: implicit declaration of function 'basename' [-Wimplicit-function-declaration]
332 | if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
| ^~~~~~~~
kexec/arch/i386/x86-linux-setup.c:332:20: warning: passing argument 1 of 'sscanf' makes pointer from integer without a cast [-Wint-conversion]
332 | if (sscanf(basename(sysfs_name), "int13_dev%hhx", &devnum) != 1) {
| ^~~~~~~~~~~~~~~~~~~~
| |
| int
...
Fixes: #14621
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This reverts commit 17d8c5825e.
This commit is breaking init somehow, even the hostname is not set,
so until its fixed, revert it.
Signed-off-by: Robert Marko <robimarko@gmail.com>
All NETGEAR EX6150v2 validate the rootfs for which OpenWrt places a
fakeheader at the position, where the bootloader expects it.
Some EX6150v2 bootloaders do however make a broken assumption about
where the rootfs starts. This is due to them calculating the rootfs
start not based upon the kernel-length but the string-offset of the
FIT-image.
We have to be compatible with both this broken as well as the valid
calculation. So we do relocate the FDT string section to a
block-boundary and enlarge the FIT image to end at this boundary +
BLOCKSIZE / 2. This way, both the broken as well as correct calculations
do expect the rootfs-header at the same position.
It is worth noting, that this is a rare edge-case in which only happens
if the image-length as well as the start of the string-section are not
placed in the same erase-block. This is an edge-case which happens very
rarely (thus it was not spotted prior).
Affected:
- U-Boot 2012.07 (Jun 16 2016 - 11:59:37)
Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit 8f9546f7b0a14f3afa813e39ed45c968ece24464)