Commit Graph

47207 Commits

Author SHA1 Message Date
Petr Štetiar
2c3c83e40b ppp: activate PIE ASLR by default
This activates PIE ASLR support by default when the regular option is
selected.

Size increase on imx6:

 112681 ppp_2.4.8-2_arm_cortex-a9_neon.ipk
 121879 ppp_2.4.8-2_arm_cortex-a9_neon.ipk
 = 9198 diff

Acked-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-01 21:35:59 +01:00
Stijn Tintel
8ce359d6bb libpcap: activate PIE ASLR by default
This activates PIE ASLR support by default when the regular option is
selected. This is required to enable PIE ASLR support by default in ppp,
as it fails to build without it, on x86/64.

The .so file size stays identical.

Suggested-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2020-03-01 21:35:59 +01:00
David Bauer
1d4f2ca610 ar71xx: correct AVM FRITZ Repeater 450E WPS button flag
The AVM FRITZ!WLAN Repeater 450E's WPS button is not active low.

Correct the active low flag to avoid unintenional activation of
failsafe mode on boot.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-03-01 18:40:31 +01:00
Álvaro Fernández Rojas
854114800c linux-5.4: backport ARM symbol export fix
Fixes the following warning for ARM targets:
  WARNING: "return_address" [vmlinux] is a static EXPORT_SYMBOL_GPL

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-03-01 16:02:49 +01:00
Álvaro Fernández Rojas
6f9bc70dd5 linux-5.4: backport modpost upstream patches
Fixes modpost Segmentation Fault with bcm2708 and bcm2709:
  MODPOST vmlinux.o
  Segmentation fault
  make[6]: *** [scripts/Makefile.modpost:66: __modpost] Error 139

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-03-01 15:52:36 +01:00
Álvaro Fernández Rojas
4bde37a2dd bcm27xx: bcm2708: refresh linux 5.4 config
I missed this when adding linux 5.4 support

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-03-01 13:43:29 +01:00
David Bauer
ab27c72deb mpc85xx: disable kernel uImage generation
The previous workaround for the unsupported mkimage xz compression
leads to the TP-Link TL-WDR4900s simpleImage bootwrapper being gzip
compressed, which does not fit the kernel partition.

Removing the uImage gerneration works around this problem.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-03-01 00:51:23 +01:00
David Bauer
0d727f231f treewide: move commonly disabled symbols to generic config
Move new commonly disabled kernel 5.4 symbols to the generic kernel
configuration.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-03-01 00:51:23 +01:00
David Bauer
085b445b42 mpc85xx: add missing kernel symbols
These symbols were previously not set. Define their state to avoid
potentially breaking builds.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-03-01 00:51:23 +01:00
Kevin Darbyshire-Bryant
4d87963381 build: add xargs as prerequisite
Build system needs an 'xargs' that supports '-r' which darwin doesn't.
Homebrew installs a 'gxargs' with the findutils package so look for
'gxargs' as well as 'xargs'

This is a bit of a 'fun' corner case anyway. xargs is only required by
the build if 'CONFIG_AUTOREMOVE' is set and after the build system has
built 'tools/findutils' we have a fully working xargs for host anyway.
Until that time we have to rely on the host's xargs implementation.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-02-29 20:55:37 +00:00
Christian Lamparter
1c880f2324 apm821xx: remove gpio-interrupt cruft
This hunk became obsolete the moment when our
gpio-button-hotplug learned how to deal with
interrupt-supported gpio buttons. The gpio driver
never supported interrupt handling, so these
properties never served any use (outside of a
enhanced ppc4xx-gpio driver that was dropped).

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-29 14:14:08 +01:00
Christian Lamparter
632a7b2997 mvebu: fix build regression due to neon-asm ghash module
This patch fixes the regression caused by adding the NEON
variant of the ghash as the default ghash package package:

> ERROR: module '[...]/arch/arm/crypto/ghash-arm-ce.ko' is missing.
> modules/crypto.mk:286: recipe for target
>  '[...]/kmod-crypto-ghash_4.19.106-1_aarch64_cortex-a53.ipk' failed

This patch limits the scope to the ARM32/cortexa9 target of mvebu.

Fixes: 285df63efc ("kernel: build neon-asm version of ghash module")
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-29 14:14:08 +01:00
Álvaro Fernández Rojas
a1383655cf bcm27xx: add linux 5.4 support
Tested on bcm2710 (Raspberry Pi 3B).

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-02-29 12:50:51 +01:00
Álvaro Fernández Rojas
a8aa974a9d bcm27xx: update kernel configs
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-02-29 11:51:58 +01:00
Álvaro Fernández Rojas
c56ae22db0 bcm27xx: update to latest patches from RPi foundation
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-02-29 08:28:42 +01:00
Álvaro Fernández Rojas
8f5d714a7f bcm27xx-gpu-fw: update to latest version
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-02-29 08:24:57 +01:00
David Bauer
71f3179fc8 spi: ath79: remove spi-master setup and cleanup assignment
This removes the assignment of setup and cleanup functions for the ath79
target. Assigning the setup-method will lead to 'setup_transfer' not
being assigned in spi_bitbang_init.

Also drop the redundant cleanup assignment, as this also happens in
spi_bitbang_init.

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-02-29 00:54:41 +01:00
David Bauer
fc161063f5 mpc85xx: move NAND symbol to target config
All mpc85xx subtargets utilize NAND, thus enable NAND support
target-wide.

Fixes: 1287bb48dc ("mpc85xx: fix build with kernel 5.4")

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-02-29 00:13:30 +01:00
David Bauer
1287bb48dc mpc85xx: fix build with kernel 5.4
This fixes some outstanding issues with the Kernel 5.4 build:

 * Adds missing support patch for the Enterasys WS-AP3710i
 * Fixes incorrect NAND symbols
 * Adds patch for broken image wrapping

Signed-off-by: David Bauer <mail@david-bauer.net>
2020-02-28 23:32:37 +01:00
Christian Lamparter
a2ae9a07d2 apm821xx: 5.4: add important NAND symbols
This patch adds important NAND config symbols.
These are necessary as otherwise the devices
won't find the rootfs on the NAND chips.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:47:04 +01:00
Christian Lamparter
91a7c9c27d ipq40xx: 5.4: refresh patches and config
This patch just refreshes the 5.4 patches. It seems as if
070-v4.20-soc-qcom-spm-add-SCM-probe-dependency.patch is
already applied, so drop it. It also does a quick
make kernel_oldconfig to get rid of unneeded symbols.

[Looks like USB and Ethernet need some more work].

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:46:27 +01:00
Christian Lamparter
e48465bdd8 kernel: 5.4: add unconfigured symbols
This patch adds a few more symbols that I found that
need disabling in order to not break the automatic build.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:46:09 +01:00
Eneas U de Queiroz
e889489bed kernel: build arm/neon-optimized sha1/512 modules
This builds the regular arm and arm-neon asm optmized modules for sha1
and sha512, for targets that set CONFIG_ARM_CRYPTO.

On ip40xx, the arm-asm version of sha1 improves performance by 5% over
the generic C implementation; sha1-neon is 25% faster than generic,
and sha512-neon, 259%.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-02-28 22:46:09 +01:00
Eneas U de Queiroz
285df63efc kernel: build neon-asm version of ghash module
This alone improves AES-GCM performance by up to 50% on ipq40xx.  This
is enabled for targets that support neon and set CONFIG_ARM_CRYPTO:
imx6, ipq40xx, and mvebu.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2020-02-28 22:46:09 +01:00
Eneas U de Queiroz
13b8404b1e ipq40xx: qce - add fixes for AES ciphers
This backports commits from master that fix AES ciphers when using the
qce driver:

 - A couple of simple fixes for CTR and XTS modes used with AES:
   * 041-crypto-qce-fix-ctr-aes-qce-block-chunk-sizes.patch
   * 042-crypto-qce-fix-xts-aes-qce-key-sizes.patch

 - A fix for a bug that affected cases when there were more entries in
   the input sg list than necessary to actually encrypt, resulting in
   failure in gcm, where the authentication tag is present after the
   encryption data:
   * 043-crypto-qce-save-a-sg-table-slot-for-result-buf.patch

 - A fix to update the IV buffer passed to the driver from the kernel:
   * 044-crypto-qce-update-the-skcipher-IV.patch

 - A patch that reduces memory footprint and driver initialization by
   only initializing the fallback mechanism where it is actually used:
   * 046-crypto-qce-initialize-fallback-only-for-AES.patch

 - Three patches that make gcm and xts modes work with the qce driver,
   and improve performance with small blocks:
   * 047-crypto-qce-use-cryptlen-when-adding-extra-sgl.patch
   * 048-crypto-qce-use-AES-fallback-for-small-requests.patch
   * 049-crypto-qce-handle-AES-XTS-cases-that-qce-fails.patch

 - A patch that allows the hashes/ciphers to be built individually.
   * 051-crypto-qce-allow-building-only-hashes-ciphers.patch

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[renumbered patches, added patches from dropped commit, refreshed, 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:46:09 +01:00
Eneas U de Queiroz
ee4a0afdcd ipq40xx: use neon crypto drivers
This adds the neon based implementations of AES & SHA256.

For AES, according to the kernel config help:

Use a faster and more secure NEON based implementation of AES in CBC,
CTR and XTS modes.
Bit sliced AES gives around 45% speedup on Cortex-A15 for CTR mode
and for XTS mode encryption, CBC and XTS mode decryption speedup is
around 25%. (CBC encryption speed is not affected by this driver.)
This implementation does not rely on any lookup tables so it is
believed to be invulnerable to cache timing attacks.
...
The observed speedups on ipq40xx are more modest: speedup is around 20%
for CTR mode and for XTS mode encryption, CBC and XTS mode decryption
speedup is around 10%. Measurements were made using tcrypt, with
1024-bytes blocks for CTR & CBC, and 4096-bytes for XTS.
The aes-neon-bs driver uses a fallback for CBC encryption; that fallback
could be either the generic driver written in C, or the scalar arm-asm
one.  Even though aes-arm is 1.9% slower, it is more resilient to timing
attacks (the reason for being slower), so it is being included here.

The neon sha256 module increases performance over the generic module by
33%.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[Enable only ciphers for now, reorder patch in series to help bisect
as new symbols could lead to build failures, 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:46:09 +01:00
Eneas U de Queiroz
26681de412 ipq40xx: qce - switch to skcipher API
This backports a commit updating the API of the QCE crypto engine to
what is used in current kerenl, easing future upstream backports.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
[renumber patches, refreshed, added 5.4 patches]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:46:01 +01:00
Christian Lamparter
ce691b2abc kernel: 4.19,5.4: disable ARM CE & NEON
This patch disables the CRYPTO KERNEL SYMBOLs that are touched
by the upcoming ipq40xx patch "ipq40xx: use neon crypto drivers"
from "Eneas U de Queiroz" and more so for his follow up patches
for the  other ARM targets in this series. This should help to
prevent at least a few potential build errors on other archs.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:29:10 +01:00
Steven Lin
a736d912e2 ipq40xx: add support for EnGenius EAP2200
SOC:    IPQ4019 / QCA Dakota
CPU:    Quad-Core ARMv7 Processor rev 5 (v7l) Cortex-A7
DRAM:   256 MiB
FLASH:  NOR 4 MiB + NAND 128 MiB
ETH:    Qualcomm Atheros QCA8072
WLAN1:  Qualcomm Atheros QCA4019 2.4GHz 802.11bgn 2:2x2
WLAN2:  Qualcomm Atheros QCA4019 5GHz 802.11a/n/ac 2:2x2
WLAN2:  Qualcomm Atheros QCA9888 5GHz 802.11a/n/ac 2:2x2
INPUT:  WPS Button
LEDS:   Power, LAN1, LAN2, WLAN 2.4GHz, WLAN 5GHz-1, WLAN 5GHz-2, OPMODE

1. Load Ramdisk via U-Boot

To set up the flash memory environment, do the following:
a. As a preliminary step, ensure that the board console port is connected to the PC using these RS232 parameters:
   * 115200bps
   * 8N1
b. Confirm that the PC is connected to the board using one of the Ethernet ports.
c. Set a static ip 192.168.99.8 for Ethernet that connects to board.
d. The PC must have a TFTP server launched and listening on the interface to which the board is connected.
e. At this stage power up the board and, after a few seconds, press 4 and then any key during the countdown.

U-BOOT> set serverip 192.168.99.9 && tftpboot 0x84000000 192.168.99.8:openwrt.itb && bootm

Signed-off-by: Steven Lin <steven.lin@senao.com>
[copied 4.19 dts to 5.4]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 22:29:10 +01:00
Adrian Schmutzler
977c7f12de ipq807x: fix indent in image/Makefile
Convert space indent to tab like the rest of the file.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-02-28 20:00:10 +01:00
Álvaro Fernández Rojas
49737c359c bcm27xx-userland: update to latest version
Remove upstream cmake fix.

Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
2020-02-28 19:30:16 +01:00
Kevin Darbyshire-Bryant
0b7ad6f7f0 kernel: 5.4 fix build on darwin
Fix typedef clash on darwin.

HOSTCC  scripts/mod/file2alias.o
scripts/mod/file2alias.c:47:3: error: typedef redefinition with different types ('struct uuid_t' vs '__darwin_uuid_t' (aka 'unsigned char [16]'))
} uuid_t;
  ^
/Applications/Xcode.app/Contents/Developer/Platforms/MacOSX.platform/Developer/SDKs/MacOSX.sdk/usr/include/sys/_types/_uuid_t.h:31:25: note: previous definition is here
typedef __darwin_uuid_t uuid_t;
                        ^
scripts/mod/file2alias.c:1305:42: error: array initializer must be an initializer list or string literal
        DEF_FIELD(symval, tee_client_device_id, uuid);
                                                ^
2 errors generated.

Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2020-02-28 17:47:58 +00:00
John Crispin
29c6ddd99e ipq807x: add very basic target support
This is still missing a lot of love but people want to start working on it
so lets give them a common baseline.

Signed-off-by: John Crispin <john@phrozen.org>
2020-02-28 17:50:46 +01:00
John Crispin
272e0a702a ipq40xx: add v5.4 support
Signed-off-by: John Crispin <john@phrozen.org>
2020-02-28 17:50:46 +01:00
Mark-MC Lee (李明昌)
25d9df670b mediatek: add v5.4 support
Signed-off-by: Mark-MC Lee (李明昌) <Mark-MC.Lee@mediatek.com>
2020-02-28 17:50:46 +01:00
John Crispin
50c6938b95 bcm53xx: add v5.4 support
Signed-off-by: John Crispin <john@phrozen.org>
2020-02-28 17:50:46 +01:00
Koen Vandeputte
6d5291ff72 imx6: add support for kernel 5.4
Refreshed all patches.
Refreshed kernel config.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-28 17:50:46 +01:00
David Bauer
13b1db795f mpc85xx: add support for kernel 5.4
Signed-off-by: David Bauer <mail@david-bauer.net>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
1e95f9b3ea ath79: Make upstream ag71xx driver work
* Fix some bugs in the driver
* Add missing clock and reset references in dts
* Rename mdio-bus to mdio so the driver find it

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
David Bauer
53ab9865c2 ath79: add support for kernel 5.4
Signed-off-by: David Bauer <mail@david-bauer.net>
[refreshed]
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>

* Sync the patches with the changes done for kernel 4.19
* Use KERNEL_TESTING_PATCHVER
* Refresh the configuration
* Fix multiple compile bugs in the patches
* Only add own ag71xx files for kernel 4.19 and use upstream version for
  5.4.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Christian Lamparter
e1e6ff6648 apm821xx: add linux kernel 5.4 testing support
This patch adds support for the linux kernel version 5.4
as an optional testing kernel.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
69d179ec81 kernel: Use new symbol to deactivate MIPS FPU support
With kernel 5.4 the upstream kernel supports deactivating the FPU
support on MIPS. Use this new upstream feature instead of our older
patch which was removed when porting the kernel patches to kernel 5.4.

This way both options are set which should work for older kernel
versions and also new ones.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
34fcdcd7c2 kernel: Remove nvmem hack patch from 5.4
The nvmem framework is now used in net/ethernet/eth.c and the nvmem
sysfs is split into a separate Kconfig option. More work would be needed
to adapt this patch for the broader use. The current patch compiles fine
on ath79, but it breaks the x86 target.

nvmem is also compiled into the kernel for most of our targets for
example ath79 anyway, so patching the kernel to remove it is now harder
and not the case on multiple targets anyway. Instead of making this work
on kernel 5.4 just remove this hack patch.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
f1ff9410f6 kernel: Remove chash.ko from kmod-drm-amdgpu
This module was added with kernel 4.15, but is was removed again with
kernel version 5.3. OpenWrt does not support specifying a kernel version
range so just break it with kernel 4.14 and only support recent kernel
versions.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
a847e0ddd2 kernel: Add snd-intel-nhlt.ko to kmod-sound-hda-intel
With kernel 5.4 kmod-sound-hda-intel also needs snd-intel-nhlt.ko, but
this kernel module is only build on x86, make the OpenWrt kmod depend on
TARGET_x86.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
59f2814c09 kernel: Make kmod-ixgbe depend on kmod-libphy
With kernel 5.4 kmod-ixgbe is depending on kmod-libphy, add this
missing dependency.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
21adbfd81f kernel: Make LIB_ARC4 selectable
This makes it possible to select CONFIG_CRYPTO_LIB_ARC4 directly. We
need this to be able to compile this into the kernel and make use of it
from mac80211 backports.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
c9ef72aa13 nat46: Fix compile with kernel 5.4
nf_reset() was renamed to nf_reset_ct() in upstream Linux commit
895b5c9f206e ("netfilter: drop bridge nf reset from nf_reset)"

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00
Koen Vandeputte
cc34b55b77 kernel: Make kmod-rtc-pcf2123 depend on kmod-regmap-spi
In kernel 5.4 kmod-rtc-pcf2123 depends on kmod-regmap-spi, add this missing
dependency.

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-28 17:50:46 +01:00
Hauke Mehrtens
19b1739bbe kernel: Make kmod-nft-core depend on kmod-nf-nat
In kernel 5.4 kmod-nf-core depends on kmod-nf-nat, add this missing
dependency.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-02-28 17:50:46 +01:00