Commit Graph

322 Commits

Author SHA1 Message Date
Adrian Schmutzler
0fb5962e62 sunxi: remove unneeded shebang for preinit files
preinit files are sourced and they have no execute bit set, so remove
their shebang.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-05-05 13:09:19 +02:00
Adrian Schmutzler
755790808c sunxi: tidy up cases in base-files
This removes unnecessary quotes in cases and applies alphabetic
order to members.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-05-05 13:06:26 +02:00
Petr Štetiar
5ecc0cfd6f kernel: bump 5.4 to 5.4.28
Changelog since 5.4.24 mentions CVE-2019-19769, CVE-2020-8648,
CVE-2020-8649 and CVE-2020-8647.

Removed upstreamed:

 generic: 507-v5.6-iio-chemical-sps30-fix-missing-triggered-buffer-depe.patch
 generic: 600-ipv6-addrconf-call-ipv6_mc_up-for-non-Ethernet-inter.patch
 bcm27xx: 950-0435-ASoC-pcm512x-Fix-unbalanced-regulator-enable-call-in.patch
 ipq806x: 701-stmmac-fix-notifier-registration.patch
 lantiq: 002-pinctrl-falcon-fix-syntax-error.patch
 octeontx: 0002-net-thunderx-workaround-BGX-TX-Underflow-issue.patch

Run tested: apu2, qemu-x86-64, apalis, a64-olinuxino, nbg6617
Build tested: sunxi/a53, imx6, x86/64, ipq40xx

Tested-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> [apu2]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
c3178110b5 sunxi: switch to 5.4 kernel
Seems to be working fine on my a64-olinuxino, it's 99.9% upstream stuff
anyway. Lets start wider userbase testing.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
153a6b8c34 sunxi: a53: fix ethernet on a64-olinuxino
a64-olinuxino board has Micrel KSZ9031 Gigabit PHY so add support for
this PHY into kernel.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
8ac614fe96 sunxi: 5.4: dts: a64: olinuxino: add bank supply regulators
This is backport of v5.6 patch.

Allwinner A64 SoC has separate supplies for PC, PD, PE, PG and PL. This
patch adds regulators for them to the pinctrl node.

Exception is PL which is used by the RSB bus. To avoid circular
dependencies, VCC-PL is omitted.

On boards with eMMC, VCC-PC is supplied by ELDO1, instead of DCDC1.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
8743a9c9b9 sunxi: 5.4: a64-olinuxino: use red LED for status signalization
There is a red LED marked as `GPIO_LED1` on the silkscreen and connected
to PE17, so use this LED for status signalization.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
0784d07c11 sunxi: a53: add support for Olimex A64-Olinuxino eMMC
Specifications:

 SoC: Allwinner A64 (1.2 GHz Quad-Core ARM Cortex-A53 64-bit)
 RAM: 1GB or 2GB RAM DDR3L @ 672Mhz
 Flash: 0/4/16GB eMMC flash memory for storage and boot
 MicroSD card connector for cards up to 32GB
 Debug: serial UART debug header with 0.1" pins
 Wired connectivity: 10/100/1000Mbps GbE Ethernet
 Wireless connectivity: on-board RTL8723BS 1T1R 802.11bgn WiFi and
                        Bluetooth 4.0 module with built-in antenna
                        (only available in the A64-OLinuXino-1G4GW)

Flashing instructions:

 Standard sunxi SD card installation procedure - copy eMMC image to SD
 card, insert in into SD card slot on the device and boot. You should see
 something like following if the eMMC is detected correctly:

  mmcblk2: mmc2:0001 P1XXXX 3.60 GiB
  mmcblk2boot0: mmc2:0001 P1XXXX partition 1 16.0 MiB
  mmcblk2boot1: mmc2:0001 P1XXXX partition 2 16.0 MiB

 Then flash SD card eMMC image straight into the mmcblk2 device:

  dd if=/mnt/openwrt...a64-olinuxino-emmc-squashfs-sdcard.img of=/dev/mmcblk2

 It also possible to boot from boot0 partition[1]:

  1. Compile U-Boot with CONFIG_SYS_MMCSD_RAW_MODE_U_BOOT_SECTOR=0x40
     otherwise the U-Boot will get stuck in bootloop
  2. Configure eMMC to boot from boot0 partition inside U-Boot:

     mmc bootbus 1 1 0 0; mmc partconf 1 1 1 0

  3. echo 0 > /sys/block/mmcblk2boot0/force_ro
  4. Write U-Boot from offset 0 (not offset 8k as with SD card) into
     boot0 partition

     dd if=u-boot-sunxi-with-spl.bin of=/dev/mmcblk2boot0

Known issues:

 Wireless doesn't work properly via netifd.

1. https://linux-sunxi.org/index.php?title=Bootable_eMMC

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
c31954f1cf sunxi: a53: add support for Olimex A64-Olinuxino
Specifications:

 SoC: Allwinner A64 (1.2 GHz Quad-Core ARM Cortex-A53 64-bit)
 RAM: 1GB or 2GB RAM DDR3L @ 672Mhz
 Flash: 0/4/16GB eMMC flash memory for storage and boot
 MicroSD card connector for cards up to 32GB
 Debug: serial UART debug header with 0.1" pins
 Wired connectivity: 10/100/1000Mbps GbE Ethernet
 Wireless connectivity: on-board RTL8723BS 1T1R 802.11bgn WiFi and
                        Bluetooth 4.0 module with built-in antenna
                        (only available in the A64-OLinuXino-1G4GW)

Flashing instructions:

 Standard sunxi SD card installation procedure - copy image to SD card,
 insert in into SD card slot on the device and boot.

Known issues:

 Wireless doesn't work properly via netifd.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Petr Štetiar
5217aa78f1 sunxi: a53: image: make it DRY
Replace same copy&pasted lines with the appropriate reusable bits.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-03-28 13:03:02 +01:00
Sungbo Eo
5b392c7119 treewide: gather DEVICE_VARS into one place
Place DEVICE_VARS assignments at the top of the file or above Device/Default
to make them easier to find.

For ramips, remove redundant values already present in parent file.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[do not touch ar71xx, extend commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-03-21 19:55:12 +01:00
Petr Štetiar
9ba09653ad treewide: remove maintainer variable from targets
There is no such role as target maintainer anymore, one should always
send corresponding changes for the review and anyone from the commiters
is allowed to merge them or eventually use the hand break and NACK them.

Lets make it clear, that it is solely a community doing the maintenance
tasks.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Piotr Dymacz <pepe2k@gmail.com>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
cf74e2d4fd sunxi: add testing 5.4 kernel
Add 5.4 as testing kernel.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
7b7e8093cf sunxi: move common options from subtargets into target kconfig
These new options are common for all subtargets and can be moved into target kconfig.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
87a0c7c8ca sunxi: refresh config for all subtargets
This was done by executing these command for all subtargets:

$ time make -j9 kernel_oldconfig CONFIG_TARGET=subtarget

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
3d6d2e0ac9 sunxi: remove old symbols from 5.4 kconfig
These options only exist earlier kernel versions.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
4fbac1ebc5 sunxi: remove options that are already in generic kconfig
These options are already definied in generic 5.4 kconfig.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
af408b9798 kernel: move disabled symbols into generic kconfig
Move some disabled kconfig options found in sunxi kconfig into generic.

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
9883d5d084 sunxi: make patches apply cleanly on 5.4
These patches are already in mainline 5.4 kernel:
* 010-v5.3-drivers-ata-ahci_sunxi-Increased-SATA-AHCI-DMA-TX-RX.patch
* 101-arm64-dts-allwinner-a64-Enable-A64-timer-workaround.patch

Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Aleksander Jan Bajkowski
f9bdacc5f6 sunxi: copy config and patches from 4.19 to 5.4
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
2020-03-16 22:21:45 +01:00
Hauke Mehrtens
1a24aecd15 sunxi: Remove kernel 4.14 support
This target was switched to kernel 4.19 more than 6 months ago in commit
f342ffd300 ("treewide: kernel: bump some targets to 4.19") and now
with kernel 5.4 support being added it gets harder to support kernel
4.14 in addition to kernel 4.19 and 5.4.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2020-03-12 09:28:27 +01:00
Sungbo Eo
228bb84744 kernel: make kmod-ata-core selected by dependent modules
Currently kmod-ata-* will not get into images unless kmod-ata-core is added to
DEVICE_PACKAGES as well. By changing the dependencies from "depends on" to
"select", we do not have the issue anymore.

Furthermore, we can remove most occurrences of the package from DEVICE_PACKAGES
and similar variables, as it is now pulled by dependent modules such as:
- kmod-ata-ahci
- kmod-ata-ahci-mtk
- kmod-ata-sunxi

While at it, use AddDepends/ata for kmod-ata-pdc202xx-old.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-03-11 19:40:03 +01:00
Sungbo Eo
aaa7950731 sunxi: remove SUNXI_UBOOT from DEVICE_VARS
All SUNXI_UBOOT usages were removed in e018c4d7ab ("uboot-sunxi: clean up,
switch to u-boot.mk"). Now drop the variable completely.

Signed-off-by: Sungbo Eo <mans0n@gorani.run>
2020-03-11 19:22:31 +01:00
Aleksander Jan Bajkowski
5499b24dc0 sunxi: backport increased SATA/AHCI DMA TX/RX FIFOs
This backports SATA performance boost from 5.3 kernel:

 Increasing the SATA/AHCI DMA TX/RX FIFOs (P0DMACR.TXTS and .RXTS, ie.
 TX_TRANSACTION_SIZE and RX_TRANSACTION_SIZE) from default 0x0 each to
 0x3 each, gives a write performance boost of 120 MiB/s to 132 MiB/s from
 lame 36 MiB/s to 45 MiB/s previously.  Read performance is above 200
 MiB/s. [tested on SSD using dd bs=4K/8K/12K/16K/20K/24K/32K: peak-perf
 at 12K]

 dd bs  Before MB/s  After MB/s  Increase
 4k            14.4        16.5       15%
 64k           34.5        74.4      116%
 1M            40.5        93.2      130%

Ref: https://forum.openwrt.org/t/sunxi-sata-write-speed-patch/54555/5
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
[commit subject & description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2020-02-13 17:45:46 +01:00
Koen Vandeputte
1b310cff0f kernel: bump 4.14 to 4.14.169
Refreshed all patches.

Fixes:
- CVE-2019-14896
- CVE-2019-14897

Remove upstreamed:
- 023-0007-crypto-crypto4xx-Fix-wrong-ppc4xx_trng_probe-ppc4xx_.patch
- 001-4.22-01-MIPS-BCM63XX-drop-unused-and-broken-DSP-platform-dev.patch

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-02-04 18:10:13 +01:00
Adrian Schmutzler
d0d8584b41 sunxi: tidy up and sort alphabetically in image Makefiles
This tidies up the image Makefiles for the sunxi target by:
- Move the if-condition for the subtarget to the parent Makefile
- Remove lots of unnecessary empty lines
- Sort device definitions alphabetically
- Harmonize line wrapping for DEVICE_PACKAGES

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2020-01-23 14:21:19 +01:00
Koen Vandeputte
b5480de4d1 kernel: bump 4.14 to 4.14.164
Refreshed all patches.

Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2020-01-20 13:41:49 +01:00
Florian Fainelli
32e4eaef1b sunxi: Turn on CONFIG_PINCTRL_SUN4I_A10 for A20
CONFIG_PINCTRL_SUN4I_A10 controls both the A10 and the A20 enablong of
the pinctrl driver, this is necessary since upstream commit
5d8d349618a9464714c07414c5888bfd9416638f ("pinctrl: sunxi: add A20
support to A10 driver") which has been included in v4.13 and onwards.

Fixes: ad2b3bf310 ("sunxi: Add support for kernel 4.14")
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2020-01-03 15:05:36 -08:00
Rosen Penev
0713afd298 sunxi: gen_sunxi_sdcard_img.sh: switch to /bin/sh
This has nothing that needs bash.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[add prefix to commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-31 01:15:25 +01:00
Adrian Schmutzler
b085e0586f sunxi: rename SUNXI_SOC to SOC
This replaces SUNXI_SOC by the newly introduced common SOC device
variable.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-20 01:18:44 +01:00
Roman Bazalevsky
69fff339e9 sunxi: add support for FriendlyARM Nano PI NEO Air dev board
Hardware:

  Allwinner H3 upto 1.2GHz
  512MB DDR3 RAM
  8GB on-board eMMC - mountable, can be used as boot with custom boot.scr
  microSD-card slot
  WiFi 802.11n (AP6212A) - working
  Bluetooth (AP6212A) - not working for now
  Micro-USB OTG + 2*USB headers
  UART 3.3V - working
  GPIO/I2C/SPI 2.54mm headers

Standard sunxi SD-card installation procedure - copy image to SD card,
insert in into slot and boot. First time you will need UART adapter to
enable on-board wireless (or just build custom image with enabled WiFi).

To boot from eMMC:

  - boot from SD
  - copy SD image to emmc (dd bs=... if=.... of=/dev/mmcblk2)
  - mount eMMC boot partition and replace boot script on it
  - unmount, reboot

To use i2c, spi and more uarts - replace dtb on boot partition with
fixed one (use dtc or fdt-tools).

Signed-off-by: Roman Bazalevsky <rvb@rvb.name>
[rebase onto device name consolidation patches]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-13 12:20:09 +01:00
Adrian Schmutzler
3a4ad758f5 sunxi: construct DTS name from device node name and SOC
The device part in the SUNXI_DTS variable always corresponds to
device node name. This is another redundancy that can be removed
by calculating the DTS name from a newly introduced SUNXI_SOC
variable and the node name.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-13 12:19:51 +01:00
Adrian Schmutzler
a4cdb537b1 sunxi: use vendor_device scheme for device definitions
This changes device definition to resemble the vendor_device scheme
already present for the majority of device compatible strings.

By doing this, we achieve several advantages at once:
- Image names and node names are more consistent with other targets.
- SUPPORTED_DEVICES can be set automatically for all but two cases.
- Image names and node names are in line with DEVICE_TITLEs.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2019-12-13 12:19:44 +01:00
Daniel Golle
2105354968 sunxi: remove CONFIG_LEGACY_PTY from kernel config
Having legacy PTYs enabled causes problems with procd-hotplug.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2019-12-09 20:15:36 +01:00
Petr Štetiar
3bbcffa0b6 treewide: kernel config: remove runtime options
Remove CC_HAS_ASM_GOTO, CC_IS_GCC and GCC_VERSION kernel config options
which are set at runtime and which should be ignored now.

Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-11-24 14:19:43 +01:00
Andre Heider
3b874c2c81 sunxi: update kernel config
This is just a `make kernel_oldconfig` run without further changes.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2019-10-06 21:28:49 +02:00
Adrian Schmutzler
c5b4fa20fa treewide: replace backticks by $(...) in gen_*_img.sh scripts
This replaces deprecated backticks by more versatile $(...) syntax.

Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
[decapitalized patch subject at submitter's request]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2019-09-29 00:46:13 +02:00
Hal Martin
3819c1638a sunxi: Add support for Banana Pi M2 Ultra
CPU: Allwinner R40 Quad-Core Cortex-A7 @ 1.2GHz
GPU: Mali 400 MP2
Memory: 2GB DDR3 onboard (shared with GPU)
Onboard: Storage microSD card slot
Onboard: Storage 8GB eMMC
Onboard: Network 10/100/1000M Ethernet RJ45
Onboard: Network WiFi 802.11b/g/n 1x1 (AMPAK AP6212; brcmfmac)
Onboard header: SPI, I2C, GPIO, UART
USB: Two USB 2.0 Host, One USB 2.0 OTG

Known issues:
- WiFi doesn't work
- eMMC not supported

Signed-off-by: Hal Martin <hal.martin@gmail.com>
2019-09-21 01:12:35 +02:00
Rafał Miłecki
641f6b6c26 treewide: use new procd sysupgrade $UPGRADE_BACKUP variable
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.

This change requires the most recent procd with the commit 0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 23:33:19 +02:00
Rafał Miłecki
62dbe361a1 treewide: when copying a backup file always specify dest name
$CONF_TAR shouldn't be assumed to always point to the sysupgrade.tgz.
This change makes code more generic and allows refactoring $CONF_TAR.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 14:33:20 +02:00
Rafał Miłecki
bf39047872 treewide: don't hardcode "sysupgrade.tgz" file name
1) Add BACKUP_FILE and use it when copying an archive to be restored
   after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-09-05 14:33:19 +02:00
Rafał Miłecki
b6f4cd57e1 treewide: sysupgrade: pass "save_partitions" option to the "sysupgrade" method
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-08-22 13:47:51 +02:00
Luis Araneda
472dbaba81 sunxi: convert to multi-variable device title
Use data from the linux-sunxi community wiki to
fill-in missing device information

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2019-07-10 17:01:13 +02:00
Petr Štetiar
f342ffd300 treewide: kernel: bump some targets to 4.19
Lets bump kernel to 4.19 on targets which were run tested or got ACKed
so we've enough time to make it ready for next release:

 armvirt/32 (runtested in qemu)
 armvirt/64 (runtested in qemu)
 ath79/generic (runtested on Carambola2)
 gemini/generic (runtested on DIR-685, DNS-313, SQ201, SL93512R)
 imx6/generic (runtested on Apalis)
 ipq40xx/generic (runtested on nbg6617)
 malta/be64 (runtested in qemu)
 malta/be (runtested in qemu)
 malta/le (runtested in qemu)
 malta/le64 (runtested in qemu)
 mpc85xx/generic (runtested on TL-WDR4900)
 mpc85xx/p2020 (runtested on P2020RDB)
 mvebu/cortexa53
 mvebu/cortexa72
 mvebu/cortexa10
 octeon/generic (runtested on EdgeRouter Lite)
 sunxi/cortexa53 (build tested only)
 sunxi/cortexa7 (runtested on Lime2-K)
 sunxi/cortexa8 (build tested only)
 tegra/generic
 x86/64 (runtested in qemu)

Acked-by: Zoltan HERPAI <wigyori@uid0.hu> [sunxi]
Tested-by: Linus Walleij <linus.walleij@linaro.org> [gemini]
Tested-by: Tomasz Maciej Nowak <tomek_n@o2.pl> [mvebu, tegra]
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net> [octeon]
Tested-by: Pawel Dembicki <paweldembicki@gmail.com> [mpc85xx/generic mpc85xx/p2020]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2019-06-18 16:08:55 +02:00
Koen Vandeputte
f442b306f9 kernel: bump 4.14 to 4.14.120
Refreshed all patches.

Remove upstreamed:
- 103-MIPS-perf-ath79-Fix-perfcount-IRQ-assignment.patch
- 060-fix-oxnas-rps-dt-match.patch

Altered patches:
- 0067-generic-Mangle-bootloader-s-kernel-arguments.patch
- 006-mvebu-Mangle-bootloader-s-kernel-arguments.patch
- 996-generic-Mangle-bootloader-s-kernel-arguments.patch

Compile-tested on: ar71xx, cns3xxx, imx6, mvebu, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2019-05-21 09:45:15 +02:00
Hauke Mehrtens
75eb8a146d kernel: Deactivate CONFIG_BINFMT_MISC
CONFIG_BINFMT_MISC allows it to add support for new executable formats
to the kernel from user space, the kernel will then detect for example a
java binary and call the java execution program automatically. I am not
aware that this feature is used in OpenWrt and this could be used to
exploit something. Deactivate it for all targets for now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
46af22de16 kernel: Remove CONFIG_COMPAT
This removes support for executing old 32 bit applications on 64 bit ARM
and MIPS kernels.
On OpenWrt we normally compile all the user space applications on our
own and do not support third party binary only modules especial not 32
bit applications on 64 bit CPUs.

This reduces the attack surface on such systems and should also save
some memory.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
32eb66881c kernel: Activate CONFIG_ARM64_SW_TTBR0_PAN
This activates "Emulate Privileged Access Never using TTBR0_EL1
switching" on ARM64.

This should prevent the kernel from reading code from user space in
kernel context.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Klaus Kudielka
ad62247800 base-files: improve lib/upgrade/common.sh
Recently, upgrade device autodetection has been added to the mvebu target.
This exposes some shortcomings of the generic export_bootdevice function,
e.g. on the Turris Omnia: export_bootdevice silently reports the root
partition to be the boot device. This makes the sysupgrade process fail at
several places.

Fix this by clearly distinguishing between /proc/cmdline arguments which
specify the boot disk, and those which specify the root partition. Only in
the latter case, strip off the partition, and do it consistently.
root=PARTUUID=<pseudo PARTUUID for MBR> (any partition) and root=/dev/*
(any partition) are accepted.

The root of the problem is that the *existing* export_bootdevice in
/lib/upgrade/common.sh behaves differently, if the kernel is booted with
root=/dev/..., or if it is booted with root=PARTUUID=...

In the former case, it reports back major/minor of the root partition,
in the latter case it reports back major/minor of the complete boot disk.

Targets, which boot with root=/dev/... *and* use export_bootdevice /
export_partdevice, have added workarounds to this behaviour, by specifying
*negative* increments to the export_partdevice function.

Consequently, those targets have to be adapted to use positive increments,
otherwise they are broken by the change to export_bootdevice.

Fixes: 4e8345ff68 ("mvebu: base-files: autodetect upgrade device")
Signed-off-by: Klaus Kudielka <klaus.kudielka@gmail.com>
Tested-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
2019-05-11 16:37:11 +02:00
Felix Fietkau
85017c40f4 build: add a config option for enabling a testing version of the target kernel
If the target supports a newer kernel version that is not used by default
yet, it can be enabled with this option

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-05-11 11:37:10 +02:00