Refreshed all patches.
Fixes:
- CVE-2019-11479
- CVE-2019-11478
- CVE-2019-11477
Also fix a malformed patch issue caught during refresh.
It was caused by removing a whitespace without altering
the index values in a patch which alters a patch.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Fixes: cf65262492 ("kernel: bump 4.19 to 4.19.51")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Refreshed all patches.
Altered patches:
- 370-netfilter-nf_flow_table-fix-offloaded-connection-tim.patch
- 220-optimize_inlining.patch
- 640-netfilter-nf_flow_table-add-hardware-offload-support.patch
This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (78ee6b1a40)
It was wrongfully backported upstream initially and got reverted now.
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Refreshed all patches.
Altered patches:
- 220-optimize_inlining.patch
- 816-pcie-support-layerscape.patch
This patch also restores the initial implementation
of the ath79 perfcount IRQ issue. (78ee6b1a40)
It was wrongfully backported upstream initially and got reverted now.
Compile-tested on: ar71xx, cns3xxx, imx6, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Refreshed all patches.
This bump contains upstream commits which seem to avoid (not properly fix)
the errors as seen in FS#2305 and FS#2297
Altered patches:
- 403-net-mvneta-convert-to-phylink.patch
- 410-sfp-hack-allow-marvell-10G-phy-support-to-use-SFP.patch
Compile-tested on: ar71xx, cns3xxx, imx6, mvebu, x86_64
Runtime-tested on: ar71xx, cns3xxx, imx6, x86_64
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
urandom-seed content was split from base-files into separate package so
in order to preserve the current functionality and to provide some
fallback mechanism in case jent-rng initialization fails in urngd we
need to add it back.
urngd is OpenWrt's micro non-physical true random number generator based
on timing jitter.
Tested-by: Lucian Cristian <lucian.cristian@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Only the repo should not use https. Otherwise the build would need
a wget/uclient_fetch with tls support.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
e26ffb31df fixed only embedded modules
symbol collection. If we are building external modules, like broadcom-wl
or lantiq dsl stuff then modules which do EXPORT_SYMBOL have unresolved
paths in Module.symvers and external module which depend on other
external modules will have empty dependencies, leading to broken
module loading.
This was discussed on IRC with Jonas some time ago.
Fix this by handling both resolved and unresolved paths.
Fixes: e26ffb31df ("build: fix module symbol collection if build_dir is a symlink")
Signed-off-by: Roman Yeryomin <roman@advem.lv>
[jonas.gorski@gmail.com: add appropriate fixes tag]
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Adds support to && operand in DEPENDS. Also, fixes generation of ||
dependencies by scripts/package-metadata.pl.
The precedence order from higher to lower is && then ||. Use of
parentheses to change the order is not supported. As before, they are
silently ignored. Use them for readability only.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [DMARC removal]
The helper shared Build/append-uboot in include/image-commands.mk
uses it, so include this variable in DEFAULT_DEVICE_VARS.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Adds a new variable DISABLED_SERVICES to ImageBuilder Makefile, which
defines a list of services (installed as /etc/init.d/*) to be disabled
during the build of a custom image (normally all are enabled).
It comes handy when a particular service should not be run under normal
circumstances, but should be ready in the image for situations when it
might be needed.
Signed-off-by: Richard Musil <risa2000x@gmail.com>
If the target supports a newer kernel version that is not used by default
yet, it can be enabled with this option
Signed-off-by: Felix Fietkau <nbd@nbd.name>
No target is using kernel 3.18 anymore, remove all the generic
support for kernel 3.18.
The removed packages are depending on kernel 3.18 only and are not used on
any recent kernel.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Refreshed all patches.
New symbols:
- CONFIG_LDISC_AUTOLOAD
- CONFIG_PPC_BARRIER_NOSPEC
Compile-tested on: ar7
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This patch doesn't seem to have any more users.
The only one used to be target in
`target/linux/etrax/image/e100boot/Makefile`.
That target has since been removed via commit
1080f68b2b .
There doesn't seem to be any reason left for this workaround.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Otherwise tar will keep the sgid bit when running
from a sgid-set directory, resulting in a different
file being generated.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[reworked commit message, removed DMARC]
It was reported to me on IRC today, that my change causes issues with
kernel versions between 4.14 and 4.19.
It's because I've wrongly used `git describe` in order to get kernel
version where we should disable noisy DTC checks, but I should've used
`git tag --contains` instead.
Fixes: cbbef976e2 ("build: dtc: Disable noisy warnings by default")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Set the toolchain's ARM CPU and FPU architectures by utilizing' gcc's
--with-cpu / --with-fpu configure options that: "Specify which cpu
variant the compiler should generate code for by default. cpu will
be used as the default value of the -mcpu= switch."
This will resolve the following kernel compilation failures under
gcc 8.x on ARM because the kernel wants to set (possibly conflicting)
optimization flags.
.../ccyVnmrs.s:204: Error: selected processor does not support `dmb ish' in ARM mode
.../ccyVnmrs.s:215: Error: architectural extension `mp' is not allowed for the current base architecture
.../ccyVnmrs.s:216: Error: selected processor does not support `pldw [r4]' in ARM mode
Because this is a big change, the .config and toolchain need to be
refreshed (as in removed and regenerated).
Reported-by: Ansuel Smith <ansuelsmth@gmail.com>
Reported-by: Daniel Engberg <daniel.engberg.lists@pyret.net> [#1203]
Signed-off-by: Boris Krasnovskiy <borkra@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com> [extended commit message,
removed now-deprecated CPU_CFLAGS, changed author to gmail address]
If no feed.conf or feeds.conf.default is found on image generation with
the imagebuilder we always get the following message "Unable to open
feeds configuration at <dir>/scripts/feeds line 48." on std error.
To get rid off this needless warning on image generation with the
imagebuilder supress the output in feeds.mk.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Having image metadata (and signature) appended is a condition for
semi-automated sysupgrade, hence IB needs to be able to tell which
images will end up with metadata.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
allow downstream projects to see the current version of the metadata,
usefull if eventually more variables change
Signed-off-by: Paul Spooren <mail@aparcar.org>
currently the "board" parameter contains $(BOARD) which actually results
to `<target>` (like ramips, ar71xx) without subtarget. However, one
actually excepts (not?) to contain BOARD_NAME or DEVICE_NAME.
Signed-off-by: Paul Spooren <mail@aparcar.org>
When autoloading more than one modules per packages,
/etc/modules.d/$module depends on the file system ordering.
To test this: use disorderfs on the build_dir and build kmod-sched.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
squashfskit is a fork of the squashfs-tools.
squashfskit creates reproducible filesystems and includes
many of the distro patches.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Tested-by: Paul Spooren <mail@aparcar.org>
Use 'dtc' from kernel sources instead of relying on host tool.
Fixes: bf4630e5ad ("build: add helpers for generating QSDK sysupgrade compatible images")
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
Qualcomm SDK (QSDK) sysupgrade compatible images for IPQ40xx, IPQ806x
and IPQ807x use FIT format together with 'dumpimage' tool from U-Boot
for verifying and extracting them. Based on 'images' sections names,
corresponding mtd partitions are flashed. For example, in case of
NOR-only boards, below mapping is used (section name -> mtd name):
hlos* -> 0:HLOS
rootfs* -> rootfs
And for boards with NAND (kernel inside UBI):
ubi* -> rootfs
Above mappings come from unmodified QSDK sources and might be wrong for
boards running custom or modified QSDK-based firmware. Some of vendors
adjust them to meet their modified mtd layout or features like recovery
or dual-image support.
This adds simple script 'mkits-qsdk-ipq-image.sh' (based on 'mkits.sh')
for generating FIT images tree source files, compatible with the QSDK
sysupgrade format. Resulting images can be used for initial (factory ->
OpenWrt) installation and would work both in CLI and GUI.
The script is universal in a way it allows to include as many sections
as needed. To make use of it, two generic/basic build recipes for NOR
and NAND based boards are also included in 'image-commands.mk':
Build/qsdk-ipq-factory-nand
Build/qsdk-ipq-factory-nor
Example usage for board with UBI in NAND:
IMAGE/nand-factory.bin := append-ubi | qsdk-ipq-factory-nand
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
The original patch removed the printing completely, just remove the
color.
Fixes: eabc1ddc45 ("build: Honour NO_COLOR in include/scan.mk")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
BIN_DIR can be set to overwrite the output path for new images. This is an
advertised feature for the imagebuilder and is used by systems like
LibreMesh's chef.
The legacy images are build using a new sub-make which doesn't receive the
variable overwrites of the parent make process. As result, the BIN_DIR is
automatically defined to the default value from rules.mk. The images will
therefore not be placed in the output path which was selected by the user.
Providing BIN_DIR as an explicit variable override to the sub-make works
around this problem.
Fixes: 26c771452c ("image.mk: add LegacyDevice wrapper to allow legacy image building code to be used for device profiles")
Reported-by: Paul Spooren <mail@aparcar.org>
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Hi all:
This is my first OpenWrt patch. I am a clean, pure newbie! 8-)
Honour NO_COLOR in Makefile function 'progress' in include/scan.mk, in the same way that include/verbose.mk does.
Signed-off-by: R. Diez <rdiezmail-openwrt@yahoo.com>
The KERNEL_ENTRY was missing from the DEFAULT_DEVICE_VARS.
This bug was discovered while preparing alternative images
for the mpc85xx's TP-Link WDR4900-V1, which all failed to
boot due to this:
|## Booting kernel from Legacy Image at 02000000 ...
| Image Name: POWERPC OpenWrt Linux-4.14.96
| Image Type: PowerPC Linux Kernel Image (uncompressed)
| Data Size: 2056568 Bytes = 2 MiB
| Load Address: 01000000
| Entry Point: 00000000
| Verifying Checksum ... OK
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>