So the upcoming changes needed for 5.15 can be reviewed easily.
Removing following patches backported from 5.15:
* 101-v5.15-mfd-lpc_ich-Enable-GPIO-driver-for-DH89xxCC.patch
* 102-v5.15-platform-x86-add-meraki-mx100-platform-driver.patch
Removed upstreamed patch `300-pcengines_apu1_led.patch` in commit
1b40faf7e4ab ("leds: apu: extend support for PC Engines APU1 with newer
firmware")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The inclusion of the kmod-leds-uleds into the userspace
nu801 package causes a circular dependency inside the
buildsystem... which causes it to be picked regardless
of other DEPENDS values.
In case of the mx100, this could be solved by moving the
kmod-leds-uled dependency to the kmod-meraki-mx100.
Bonus: drop @!LINUX_5_4 from kmod-meraki-mx100
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This commit builds on previous efforts to add support
for Sophos devices.
* Add support for Sophos XG 85 with/without wireless
* Add support for Sophos XG 86 with/without wireless
Tested on Sophos XG 85w rev1 and XG 86 rev 1
Signed-off-by: Raylynn Knight <rayknight@me.com>
This reverts commit 80b7a8a7f5.
Now that 5.10 is the default kernel for all platforms, we can
bring back the NU801 userspace driver for platforms that rely
on it. Currently it's used on the MX100 x86_64 target, but
other Meraki platforms use this controller.
Note that we also now change how we load nu801. The way we did
this previously with procd worked, but it meant it didn't load
until everything was up and working.
To fix this, let's call nu801 from boot and re-trigger the
preinit blink sequence. Since nu801 runs as a daemon this is
now something we can do.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
(removed empty line, currently only MX100 uses it so: @TARGET_x86)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This driver is needed to boot from CompactFlash on the Siemens Futro S400.
The device has an AMD NX1500 CPU, which seems to be unsupported by the
geode subtarget, so it must use legacy.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Enable support for allocating user space page table entries in high memory [1],
for the targets which support this feature. This saves precious low memory
(permanently mapped, the only type of memory directly accessible by the kernel).
[1] https://www.kernel.org/doc/html/latest/vm/highmem.html
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
Previously, grub2 was hardcoded to always look on "hd0" for the
kernel.
This works well when the system only had a single disk.
But if there was a second disk/stick present, it may have look
on the wrong drive because of enumeration races.
This patch utilizes grub2 search function to look for a filesystem
with the label "kernel". This works thanks to existing setup in
scripts/gen_image_generic.sh. Which sets the "kernel" label on
both the fat and ext4 filesystem variants.
Signed-off-by: Jax Jiang <jax.jiang.007@gmail.com>
Suggested-by: Alberto Bursi <bobafetthotmail@gmail.com> (MX100 WA)
(word wrapped, slightly rewritten commit message, removed MX100 WA)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Correct typo that caused network interfaces for Sophos
SG/XG wireless devices to not be configured properly.
Tested on Sophos SG 135wr2, Sophos XG 125wr2 and
Sophos SG 105wr1
Signed-off-by: Raylynn Knight <rayknight@me.com>
Module kmod-crypto-hw-geode provides accelerated cbc(aes) and ecb(aes)
but the software implementation is also needed when AES key size isn't
128 so that the operation can fall back. Add the kmod so that it would
all work as expected out of the box.
Tested-by: timur_davletshin
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
Fall back to using board_vendor and board_name, if known dummy values
are used for sys_vendor and product_name.
Examples:
To be filled by O.E.M.:To be filled by O.E.M.
--> INTEL Corporation:ChiefRiver
System manufacturer:System Product Name
--> ASUSTeK COMPUTER INC.:P8H77-M PRO
To Be Filled By O.E.M.:To Be Filled By O.E.M.
--> ASRock:Q1900DC-ITX
Gigabyte Technology Co., Ltd.:To be filled by O.E.M.
--> Gigabyte Technology Co., Ltd.:H77M-D3H
empty:empty
--> TYAN Computer Corporation:TYAN Toledo i3210W/i3200R S5211
To Be Filled By O.E.M.:To Be Filled By O.E.M.
--> ASRock:H77 Pro4-M
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
* Add support for Sophos SG/XG-115 r1, r2 with/without wireless
* Add support for Sophos SG/XG-125 r1, r2 with/without wireless
* Add wireless support for SG/XG-105
Signed-off-by: Raylynn Knight <rayknight@me.com>
Each of
- CRYPTO_AEAD2
- CRYPTO_AEAD
- CRYPTO_GF128MUL
- CRYPTO_GHASH
- CRYPTO_HASH2
- CRYPTO_HASH
- CRYPTO_MANAGER2
- CRYPTO_MANAGER
- CRYPTO_NULL2
either directly required for mac80211 crypto support, or directly
selected by such options. Support for the mac80211 crypto was enabled in
the generic config since c7182123b9 ("kernel: make cryptoapi support
needed by mac80211 built-in"). So move the above options from the target
configs to the generic config to make it clear why do we need them.
CC: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Both CLANG_VERSION and LLD_VERISON are autogenerated runtime
configuration options, so add them to the kernel configuration filter
and remove from generic and per-target configs to keep configs clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Chen Minqiang reported in his GitHub PR #4733 that:
With CONFIG_TARGET_INITRAMFS_COMPRESSION_LZMA=y option set,
the popular x86/amd64 target's initramfs-kernel failed to boot.
The cause for this boot failure is that the LZMA compression
uses a the first bytes to encode the compression parameters.
It does not have a fixed magic. Yes, this only works if the
the existing lzma options in the upstream are not changed.
This patch does away with OpenWrt special LZMA options tuning
since it is rather unlikely that upstream will improve the
compression algorithm detection after all this time. Even
though, the tuning produced a smaller initramfs (~1.1% in a
spot check).
Link: <https://github.com/openwrt/openwrt/pull/4733>
Reported-by: Chen Minqiang <ptpt52@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
* Better product ID for Sophos SG/XG-105 models
* Add support for Sophos SG/XG-135 r1, r2 with/without wireless
Signed-off-by: Stan Grishin <stangri@melmac.ca>
[Changed subject to x86 - probably eaten somewhere, the PR had it]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Added support to generate dynamic-sized VHDX images for Hyper-V.
Compile-tested on x86 and run-tested on Windows 10 21H2 (Hyper-V).
Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
sorting alphabetically default packages
and placing them on their own line.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[fixed whitespaces before tab, double whitespaces]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Gigabit ethernet adapters using BCM5719/5720 chipset
are common on servers and as easy/cheap to get as
Intel based ones.
Usually found in 2-port and 4-port cards.
Also some devices recently added to x86_64 target
like the Meraki MX100 use this chipset for 8 of
their 12 integrated ports.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
This Kernel option allows to run OpenWrt witin a `firecracker` micro VM.
Firecracker is a KVM-based tool for superfast booting VMs on x86_64 and
aarch64. It makes rootfs available to the guest as a virtio-mmio device
and passes its address via the kernel cmdline. A kernel without
CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES will not recognize the rootfs
virtio-mmio device.
Suggested-by: Packet Please <pktpls@systemli.org>
Signed-off-by: Paul Spooren <mail@aparcar.org>
This reverts commit f536f5ebdd.
As Hauke commented, this causes builder failures on 5.4 kernels.
This revert includes changes to the mx100 kernel modules
dependency as well as the uci led definitions.
Tested-by: Chris Blake <chrisrblake93@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This commit will add support for the Meraki MX100 in OpenWRT.
Specs:
* CPU: Intel Xeon E3-1200 Series 1.5GHz 2C/4T
* Memory: 4GB DDR3 1600 ECC
* Storage: 1GB USB NAND, 1TB SATA HDD
* Wireless: None
* Wired: 10x 1Gb RJ45, 2x 1Gb SFP
UART:
The UART header is named CONN11 and is found in the
center of the mainboard. The pinout from Pin 1 (marked
with a black triangle) to pin 4 is below:
Pin 1: VCC
Pin 2: TX
Pin 3: RX
Pin 4: GND
Note that VCC is not required for UART on this device.
Booting:
1. Flash/burn one of the images from this repo to a
flash drive.
2. Take the top off the MX100, and unplug the SATA
cable from the HDD.
3. Hook up UART to the MX100, plug in the USB drive,
and then power up the device.
4. At the BIOS prompt, quickly press F7 and then
scroll to the Save & Exit tab.
5. Scroll down to Boot Override, and select the
UEFI entry for your jumpdrive.
Note: UEFI booting will fail if the SATA cable for
the HDD is plugged in.
The issue is explained under the Flashing instructions.
Flashing:
1. Ensure the MX100 is powered down, and not plugged
into power.
2. Take the top off the MX100, and unplug the SATA
cable from the HDD.
3. Using the Mini USB female port found by the SATA
port on the motherboard,
flash one of the images to the system. Example:
`dd if=image of=/dev/sdb conv=fdatasync` where sdb
is the USB device for the MX100's NAND.
4. Unplug the Mini USB, hook up UART to the MX100,
and then power up the device.
5. At the BIOS prompt, quickly press F7 and then
scroll to the Boot tab.
6. Change the boot order and set UEFI: USB DISK 2.0
as first, and USB DISK 2.0 as second.
Disable the other boot options.
7. Go to Save & Exit, and then select Save Changes and
Reset
Note that OpenWRT will fail to boot in UEFI mode when
the SATA hard drive is plugged in. To fix this, boot
with the SATA disk unplugged and then run the following
command:
`sed -i "s|hd0,gpt1|hd1,gpt1|g" boot/grub/grub.cfg`
Once the above is ran, OpenWRT will boot when the HDD
is plugged into SATA. The reason this happens is the
UEFI implementation for the MX100 will always set
anything on SATA to HD0 instead of the onboard USB
storage, so we have to accomidate it since OpenWRT's
GRUB does not support detecting a boot disk via UUID.
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
Remove use of DEVICE_TITLE in favor of the
DEVICE_VENDOR and DEVICE_MODEL as used by
all other targets.
Signed-off-by: Moritz Warning <moritzwarning@web.de>
CONFIG_RCU_{NEED_SEGCBLIST,STALL_COMMON} are set basically everywhere. Move them
to the generic kconfigs. And resort the generic kconfigs while at it.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
As x86/64 and x86/generic may be using UEFI, mounting the FAT-32 /boot
is necessary in order not to loose configuration files accross
sysupgrades. Include kmod-fs-vfat by default to make sure /boot can
always be mounted.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
NR_CPUS limits the number of CPUs supported to 8. This makes total sense
on hardware-restircted platforms, but not on x86_64, where CPUs with
more than 8 cores can be easily acquired and with less physical limitaions.
see also: https://forum.openwrt.org/t/x86-64-8-cpu-limitation-on-vanilla-release/100946
Signed-off-by: Edgar Su <sjs333@outlook.com>
Similar to how this is done in the diag.sh found in the base-files
package, we should blink our status LED (if we have one) during the
upgrade process. This follows the same blink pattern as seen at
./package/base-files/files/etc/diag.sh#L36
Signed-off-by: Chris Blake <chrisrblake93@gmail.com>
eth0 -> single NIC (i211at)
eth1 -> single NIC (i211at) -> 4-port unmanaged switch (BCM53125U)
Notes
UART is exposed on J4 connector, pinout starting from pin marked 1:
1. GND, 2. NC?, 3. NC?, 4. RX, 5. TX, 6. NC?
baud: 115200, parity: none, flow control: none
The board is setup by coreboot with UEFI. To enter setup screen hold
ESC key on boot.
The 5-LED multicolor matrix is attached on first I2C device named
"Synopsys DesignWare I2C adapter" at address 0x60. Controlling values
are stored in /opt/roqos/etc/rcLED.conf of original firmware.
Remember to backup the original firmware, there are no downloadable
copies.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
Compile in MPT SAS driver required to mount rootfs on some VMWare
systems (e.g. required for 1&1 IONOS).
Signed-off-by: Mark Carroll <git@markcarroll.net>
Some targets select HZ=100, others HZ=250. There's no reason to select a higher
timer frequency (and 100 Hz are available in every architecture), so change all
targets to 100 Hz.
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
fix the following build error when building with test kernel:
Package kmod-amd-xgbe is missing dependencies for the following libraries:
mdio_devres.ko
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
This feature is already supported in kernel. Add definition
and configuration in Makefile of OpenWRT.
It is tested on board Dibbler with processor V1605B.
Dmesg is as below.
--------------------------------------------
[ 0.317122] smpboot: CPU0: AMD Ryzen Embedded V1605B with Radeon
Vega Gfx (family: 0x17, model: 0x11, stepping: 0x0)
[ 8.227270] libphy: amd-xgbe-mii: probed
[ 8.228189] amd-xgbe 0000:02:00.1 eth0: net device enabled
[ 8.228999] libphy: amd-xgbe-mii: probed
[ 8.229921] amd-xgbe 0000:02:00.2 eth1: net device enabled
.....
[ 11.760869] br-lan: port 1(eth0) entered blocking state
[ 11.761365] br-lan: port 1(eth0) entered disabled state
[ 11.762019] device eth0 entered promiscuous mode
[ 11.785285] 8021q: adding VLAN 0 to HW filter on device eth1
[ 16.881431] amd-xgbe 0000:02:00.1 eth0: Link is Up - 1Gbps/Full -
flow control off
[ 16.882108] br-lan: port 1(eth0) entered blocking state
[ 16.882583] br-lan: port 1(eth0) entered forwarding state
[ 16.883249] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready
-----------------------------------------------
Signed-off-by: Zheng Bao <fishbaozi@gmail.com>
The CONFIG_USERIO option is unset in multiple target configurations. On
the sunxi target it is activated. Move the kernel configuration option
to the generic kernel configuration.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This adds detection of the Sophos SG-105 and Sophos XG-105 models
and assignment of ethernet ports these models have to LAN/WAN.
Signed-off-by: Stan Grishin <stangri@melmac.net>
This patch really annoys me, either it needs to go upstream or be
dropped, so it's going to be dropped here.
Checking drivers/platform/x86/pcengines-apuv2.c it also appears to be
incomplete since it mentions different dmi board names depending on bios
version.
/* APU2 w/ legacy BIOS < 4.0.8 */ is 'APU2'
/* APU2 w/ legacy BIOS >= 4.0.8 */ is 'apu2'
/* APU2 w/ mainline BIOS */ is 'PC Engines apu2'
So the patch, if applicable at all, only 'works' for legacy BIOS >=
4.0.8
My APU2 on mainline BIOS reboots fine without this patch. So let's see
if anyone screams and when they do question why legacy bios. If patch
DOES need to be re-introduced then it needs to go upstream first.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Straightforward refresh of patches using update_kernel.
Run tested: x86_64 (apu2)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Update 5.10 generic config to add missing options prompting during builds,
when setting CONFIG_ALL_KMODS. Refresh the x86 subtargets to drop symbols
added to the generic config.
Also fix a typo in 5.4/5.10 generic configs: "CONFIG_CONFIG_KVM_AMD_SEV".
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
The 5.10 target config defined a baseline i686 CPU aligned to the 32-bit
generic subtarget. However, the legacy subtarget arch wasn't set to the
older 586MMX, defaulting instead to the i686.
Explicitly set the subtarget arch and refresh the subtarget config, as done
already with the old geode subtarget.
Fixes: 8391781389 ("x86: support kernel 5.10")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Add linux 5.10 as testing kernel, copy generic/subtarget configs and target
patches from 5.4.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
x86: update target patches for kernel 5.10
Refresh all patches while also dropping:
800-hwmon-w83627ehf-dont-claim-nct677x.patch
which is now upstreamed as:
3207408ab4cb ("hwmon: (w83627ehf) remove nct6775 and nct6776 support")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
x86: refresh 5.10 target config
Refresh config using "make kernel_oldconfig".
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
x86: refresh and test all subtarget configs
Refresh configs using "make kernel_oldconfig CONFIG_TARGET=subtarget".
Build and run-tested using QEMU: x86/64, x86/legacy, x86/generic.
Build-tested only: x86/geode.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
[squashed commits]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
So far, board.d files were having execute bit set and contained a
shebang. However, they are just sourced in board_detect, with an
apparantly unnecessary check for execute permission beforehand.
Replace this check by one for existance and make the board.d files
"normal" files, as would be expected in /etc anyway.
Note:
This removes an apparantly unused '#!/bin/sh /etc/rc.common' in
target/linux/bcm47xx/base-files/etc/board.d/01_network
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Amazon AWS T3 cloud instances require kernel support
for the Elastic Fabric Adapter to access storage
and for Elastic Network Adapter to use network
interfaces.
Since the Fabric Adapter is needed to access
root filesystem, enable in x86_64 kernel.
Elastic Network Adapter goes in a module,
and add this module to default list in x86_64.
The module is set to AutoLoad because AutoProbe does
not seem to load it.
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
This driver adds the LED support for the PC Engines APU1.
This integrates the Linux kernel driver and includes a patch to support
newer firmware versions. Also the default LED configuration is updated
to use the correct devices.
Signed-off-by: Andreas Eberlein <foodeas@aeberlein.de>
x86 uses append-metadata, but only for signing and not for the
metadata itself.
Since recently SUPPORTED_DEVICES was assigned with a global value
and is not empty anymore, append-metadata will now actually put
metadata into x86 images. This breaks sysupgrade on x86.
To fix it for the moment, let's just empty SUPPORTED_DEVICES for
this target again.
In the long term, one should either not add metadata to the images
if it is not desired, and/or remove the unintended fwtool check.
Fixes: f52081bcf9 ("treewide: provide global default for SUPPORTED_DEVICES")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The following four led triggers are enabled in generic config.
* kmod-ledtrig-default-on
* kmod-ledtrig-heartbeat
* kmod-ledtrig-netdev
* kmod-ledtrig-timer
Drop the packages and remove them from DEVICE_PACKAGES.
There's no other package depending on them in this repo.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Some x86_64 single board computer (including Atomic Pi)
has onboard emmc, but requires CONFIG_MMC_SDHCI_ACPI driver
to use or boot from it.
Here is boot message for the mmc device
[ 2.838008] mmc0: SDHCI controller on ACPI [80860F14:00] using ADMA
[ 2.857536] mmc1: SDHCI controller on ACPI [80860F14:01] using ADMA
[ 2.950019] mmc0: new HS200 MMC card at address 0001
[ 3.158271] mmcblk0: mmc0:0001 M52516 14.6 GiB
[ 3.170290] mmcblk0boot0: mmc0:0001 M52516 partition 1 4.00 MiB
[ 3.177191] mmcblk0boot1: mmc0:0001 M52516 partition 2 4.00 MiB
[ 3.183963] mmcblk0rpmb: mmc0:0001 M52516 partition 3 4.00 MiB, \
chardev (248:0)
Other lines changed in this config file are introduced by menuconfig.
Signed-off-by: Mengyang Li <mayli.he@gmail.com>
CONFIG_EFI_VARS has been disabled in
64bit x86 target in 2018 by the following commit
b0a51dab8c
the same reasons apply to Generic target, so
now it's disabled here too.
Leaving it enabled is also blocking compile as
a new symbol was added
EFI_CUSTOM_SSDT_OVERLAYS
that depends from CONFIG_EFI_VARS
and the build system stops and waits for
user input on what to do about it.
The Legacy and Geode targets never
had any EFI_xxx configs enabled so they
don't have this issue
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
The comment content can be useful for readers of both the log and code
Previously when dd command "records in/out" messages are not filtered
like now with get_image_dd, it's not clear that these messages are for
extracting boot sectors. E.g.
Before
== upgrade: Reading partition table from bootdisk...
37+26 records in
37+26 records out
== upgrade: Reading partition table from image...
After
== upgrade: Reading partition table from bootdisk...
== upgrade: Extract boot sector from the image
37+26 records in
37+26 records out
== upgrade: Reading partition table from image...
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The mount point is "/tmp/boot", the path in the boot partition is
"/boot/grub/upgraded".
Origin of this mark b9c1cf16 ("x86: add preinit hook for bootloader
upgrade")
Fixes 32f675ca ("x86: fix grub-bios-setup fail during sysupgrade")
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=3140
Reported-by: Philip Prindeville <philipp@redfish-solutions.com>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
We use 5.4 on all targets by default, and 4.19 has never been released
in a stable version. There is no reason to keep it.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Similar to how it was already done for other filesystems' *_FS_XATTR
kernel config symbols, also move CONFIG_F2FS_FS_XATTR=y and
CONFIG_F2FS_STAT_FS=y to target/linux/generic.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Extended attributes are required for overlayfs and have hence been long
ago enabled for jffs2, but should be enabled unconditionally for all
other filesystems which may potentially serve as overlayfs' upper
directory. Previously it was inconsistently added in multiple targets.
Add symbols to generic kernel config and remove all *_XATTR symbols
from target configs.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[keep things as they are for squashfs, improve commit message]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Manually merged:
hack-5.4
230-openwrt_lzma_options.patch
bcm27xx
950-0283-hid-usb-Add-device-quirks-for-Freeway-Airmouse-T3-an.patch
x86
011-tune_lzma_options.patch
Remove upstreamed patches in collaboration with Ansuel Smith:
ipq806x
093-1-v5.8-ipq806x-PCI-qcom-Add-missing-ipq806x-clocks-in-PCIe-driver.patch
093-2-v5.8-ipq806x-PCI-qcom-Change-duplicate-PCI-reset-to-phy-reset.patch
093-3-v5.8-ipq806x-PCI-qcom-Add-missing-reset-for-ipq806x.patch
All other modifications made by update_kernel.sh
Build-tested: bcm27xx/bcm2708, ipq806x, x86/64
Run-tested: ipq806x (R7800), x86/64
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
[update commit message/tested]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
For many target we have added CONFIG_WATCHDOG_CORE=y to the target
config due to the following error:
Package kmod-hwmon-sch5627 is missing dependencies for the following
libraries:
watchdog.ko
However, actually the proper way appears to be setting the
dependency for the kmod-hwmon-sch5627 package, as the error message
demands.
Do this in this patch and remove the target config entries added
due to this issue.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
It is deactivated everywhere, just set this in the generic config.
Acked-by: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
47a9f0d service: add method to query available container features
afbaba9 initd: attempt to mount cgroup2
ead60fe jail: use pidns semantics also for timens
759e9f8 jail: make use of BLOBMSG_CAST_INT64 for OCI rlimits
83053b6 instance: add instances into unified cgroup hierarchy
16159bb jail: parse OCI cgroups resources
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Upstream commit 3d00da1de3 ("platform/x86: pcengines-apuv2: detect apuv4
board")
On 5.4, this module fails on APUv4 due to non-matching DMI data. With this
patch, the module will match DMI data for the APUv4.
Signed-off-by: Matthew Gyurgyik <matthew@gyurgyik.io>
[include upstream patch description]
Signed-off-by: David Bauer <mail@david-bauer.net>
Fixes:
- CVE-2020-10757
The "mtd: rawnand: Pass a nand_chip object to nand_release()" commit was
backported which needed some adaptations to other code.
Run tested: ath79
Build tested: ath79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Support Intel 10 Gigabit Ethernet Cards in x86/64 images by default.
This ensures that systems with cards such as the Intel x520 will work properly.
Signed-off-by: Gregory L. Dietsche <Gregory.Dietsche@cuw.edu>
Add a module description for the new pcengnies-apu2 device driver.
This driver supports the front button and LEDs on the PC Engines
APUv2/APUv3 boards.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Upstream in commit f9f8f0c24203 ("crypto: ccp -- don't "select"
CONFIG_DMADEVICES") removed dependency on CONFIG_DMADEVICES symbol which
leads to build breakage of ccp crypto module, so fix this by adding that
symbol back in the kernel config.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This drops the shebang from all target files for /lib and
/etc/uci-defaults folders, as these are sourced and the shebang
is useless.
While at it, fix the executable flag on a few of these files.
This does not touch ar71xx, as this target is just used for
backporting now and applying cosmetic changes would just complicate
things.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Many target use a repetitive if-include scheme for their subtarget
image files, though their names are consistent with the subtarget
names.
This patch removes these redundant conditions and just uses the
variable for the include where the target setup allows it.
For sunxi, this includes a trivial rename of the subtarget image
Makefiles.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Since commit 910df3f06c we have build in
on all X86/64 platforms the gpio-it87 driver.
Since this change I am getting the following error message on boot.
> kern.err kernel: [ 1.009416] gpio_it87: no device
I do not have this device on my system. To prevent the nonsensical
message and the loading of the module I have added this as a package, so
that it can be installed later or during image building.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
The last kernel update done with commit 500a02bc29 ("x86: Update
configuration") placed most of the updated config only in the x86_64
target.
Move the options needed by the other targets too in the x86 base config,
and add an additional option needed by those targets.
Fixes: 500a02bc29 ("x86: Update configuration")
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
[commit subject/description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
It was reported, that after image generation rework
x86-64-generic-squashfs-rootfs.img image won't boot on XenServer x86_64
anymore:
F2FS-fs (xvda): Magic Mismatch, valid(0xf2f52010) - read(0x84289960)
F2FS-fs (xvda): Can't find valid F2FS filesystem in 1th superblock
F2FS-fs (xvda): Magic Mismatch, valid(0xf2f52010) - read(0x4e8ee223)
F2FS-fs (xvda): Can't find valid F2FS filesystem in 2th superblock
List of all partitions:
ca00 4207 xvda
driver: vbd
No filesystem could mount root, tried:
ext3
ext2
ext4
squashfs
iso9660
f2fs
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(202,0)
So lets fix this by adding back padding which was introduced in commit
a17d9482f5 ("x86: image: fix small disk space in squashfs overlay").
Ref: FS#3036
Fixes: 258f070d1a ("x86: fix missing squashfs and ext4 rootfs images")
Fixes: cb007a7bf6 ("x86: switch image generation to new code")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This commit really removes packages in geode profiles already enabled
in kernel config.
Fixes: 9c23ecee57 ("x86: move packages selection to profiles")
Reported-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This can be rather confusing for contributors, since there are three
layers in which they can be added. As for now there are none profiles
other than generic (exception: geos) let's move them to these profiles.
Being here this commit also removes packages in geode profiles already
enabled in kernel config.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
There's no such package as forcedeth, threfore the driver is never
selected. Fix it by properly specifying package name.
Fixes: 35f208d ("x86: add nforce eth to default packages")
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Now that the x86 target uses the new image generation code we can also
attach metadata to the created images.
As currently the `SUPPORTED_DEVICES` list is empty, no JSON metadata is
attached, however the signing happens in the same step.
This results in signature verification for x86 images.
Signed-off-by: Paul Spooren <mail@aparcar.org>
forcedeth is necessary to use the integrated
ethernet controller of Nvidia nForce chipset.
There are PC motherboards with this chipset
from 2001 that run 32bit Athlon XP CPUs and
more modern ones up to 2009 that can run Intel
and AMD 64bit processors, so add this to
all non-geode x86 targets.
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
Some system not have mkisofs, but have genisoimage or
xorrisofs. They have compatable options for mkisofs,
so let them as alternatives to mkisofs.
Signed-off-by: 李国 <uxgood.org@gmail.com>
grub-bios-setup requires two images (boot.img and core.img),
but they are missing. This make an error during sysupgrade:
Upgrading bootloader on /dev/sda...
grub-bios-setup: error: cannot open `/tmp/boot/boot/grub/boot.img': No
such file or directory.
Signed-off-by: 李国 <uxgood.org@gmail.com>
The iso image need cdrom and iso9660 drivers to boot, otherwise it will
hang when mounting the root file system
Signed-off-by: 李国 <uxgood.org@gmail.com>
Add EFI platform bootable images for x86 platforms. These images can
also boot from legacy BIOS platform.
EFI System Partition need to be fat12/fat16/fat32 (not need to load
filesystem drivers), so the first partition of EFI images are not ext4
filesystem any more.
GPT partition table has an alternate partition table, we did not
generate it. This may cause problems when use these images as qemu disk
(kernel can not find rootfs), we pad enough sectors will be ok.
Signed-off-by: 李国 <uxgood.org@gmail.com>
[part_magic_* refactoring, removed genisoimage checks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The previous rework of x86 image creation done in commit cb007a7bf6
("x86: switch image generation to new code") removed images of separate
squashfs and ext4 filesystems which are handy for example in testing
under QEMU.
So this patch adds back creation of those missing rootfs images for ext4
and squashfs based filesystems.
Fixes: cb007a7bf6 ("x86: switch image generation to new code")
Signed-off-by: Paul Spooren <mail@aparcar.org>
[commit subject and description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The previous rework of x86 image creation done in commit cb007a7bf6
("x86: switch image generation to new code") broke the padding in
images.
sda: p2 size 212992 extends beyond EOD, enabling native capacity
sda: p2 size 212992 extends beyond EOD, truncated
sd 0:0:0:0: [sda] Attached SCSI disk
SQUASHFS error: squashfs_read_data failed to read block 0x2cc556
unable to read id index table
VFS: Cannot open root device "PARTUUID=ac5c9cd8-02" or unknown-block(8,2): error -5
Please append a correct "root=" boot option; here are the available partitions:
0800 19761 sda
driver: sd
0801 16384 sda1 ac5c9cd8-01
0802 2865 sda2 ac5c9cd8-02
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,2)
Tested with x86/64 with Docker (squashfs), qemustart (ext4/squashfs) and
virtualbox (ext4/squashfs).
Ref: FS#2935
Fixes: cb007a7bf6 ("x86: switch image generation to new code")
Suggested-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[commit subject and description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
In the geode subtarget all default x86 features were overwritten via :=
instead of extending them via +=.
This patch fixes the inheritance and thereby the compilation of
x86/geode target.
Compile tested x86/geode.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The x86 image generation was refacted via cb007a7bf6 and accidently not
included `geode.mk` when selected as subtarget.
Now the file is included and image compilation for x86/geode works
again.
Thanks to Russell Senior <russell@personaltelco.net> for reporting the
problem and suggesting a patch!
Signed-off-by: Paul Spooren <mail@aparcar.org>
This patch follows the other patches that added the watchdog
core to various (armvirt, malta, ath79, ...) targets that
have been hit by the following build error:
Package kmod-hwmon-sch5627 is missing dependencies for the following libraries:
watchdog.ko
In theory, we could have just added the CONFIG_WATCHDOG_CORE=y
to the Kconfig variable of kmod-hwmon-sch5627's package definition.
This would have forced the watchdog core to be builtin and less
architectures would need to be updated. But we might as well follow
through here.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The previous image generation code would always gzipped images.
This patch changes the behaviour and only compresses images when
selected in menuconfig.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Rely on device profiles instead for packages selection.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebase, adjusted commit title]
Signed-off-by: Paul Spooren <mail@aparcar.org>
This commit introduces few related changes which need to be done in
single commit to keep images buildable between git revisions. In result
it retains all previous image creation possibilities with slight name
change of generated images. Brief summary of the commit:
* Split up image generation recipe to smaller chunks to make it more
generic and reusable.
* Make iso images x86 specific and drop their definition as root
filesystem.
* Convert image creation process to generic code specified in image.mk.
* Make geode subtarget inherit features from the main target instead of
redefining them.
* For subtargets create device definitions with basic packages set.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebased]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Let the grub2 package take care of creating installable grub2 images,
this will allow creating grub2 images without first calling x86 image
generation recipe. Also as side effect, since those images are now
shared, it'll reduce the number of calling grub-mkimage.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebase, adjusted commit title]
Signed-off-by: Paul Spooren <mail@aparcar.org>
This new symbol popped up in few places. Disable it in generic config.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[fixed merge conflict in generic/config-5.4]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
There is no such role as target maintainer anymore, one should always
send corresponding changes for the review and anyone from the commiters
is allowed to merge them or eventually use the hand break and NACK them.
Lets make it clear, that it is solely a community doing the maintenance
tasks.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Piotr Dymacz <pepe2k@gmail.com>
Seems to be working fine on apu2 and QEMU, it's 99.9% upstream stuff
anyway. Lets start wider userbase testing.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This target was switched to kernel 4.19 more than 6 months ago in commit
f342ffd300 ("treewide: kernel: bump some targets to 4.19") and now
with kernel 5.4 support being added it gets harder to support kernel
4.14 in addition to kernel 4.19 and 5.4.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit fills the void for current OpenWrt installations which will
be still on old bootloader version even after "x86: add bootloader
upgrade on sysupgrade", since it performs bootloader upgrade only on
sysupgrade. To keep all OpenWrt deploynents on the same GRUB version,
add preinit hook, which will perform upgrade of the bootloader on first
boot after sysupgrade.
It's temporary solution and should be deleted, when the first release
including this hook will no longer be supported by OpenWrt team.
We can assume that all installations should be on current bootolader
version and from there sysupgrade routine will be sufficient.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Currently bootloader always stays on the same version as when first
written to boot medium (not true if partition layout changed, which will
trigger sysupgrade process to write full disk image). That creates
inconveniences as it always stays with same features or/and bugs. Users
wishing to add support to additional modules or new version, would need
to write the whole image, potentially destroying previous system
configuration. To fix these, this commit adds additional routine to
sysupgrade which upgrades unconditionally the bootloader to the latest
state provided by OpenWrt.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
There can be some leftovers from other image recipes, if the same
directory names are used and multiply image types are selected.
Therefore remove directories used in the recipe, before contents for the
image are prepared.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
The configuration was refreshed and KERNEL_TESTING_PATCHVER was set to
make it easy to compile for kernel 5.4.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The calgary IOMMU was only used on high-end IBM systems in the early
x86_64 age. This is an unlikely OpenWrt target and in fact upstream
are looking to drop the driver entirely with the bonus that we no
longer see:
[ 0.000000] Calgary: detecting Calgary via BIOS EBDA area
[ 0.000000] Calgary: Unable to locate Rio Grande table in EBDA - bailing!
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
As 07e1d88d7b ("kernel: avoid underscore in *6lowpan package names") shows,
underscores might cause build failures. Replace underscore with dash.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
This option has now a different dependency and can be activated, set a
default value.
Fixes: 20b5a4ca01 ("kernel: bump 4.19 to 4.19.101")
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Tested-by: Alexandru Ardelean <ardeleanalex@gmail.com>
VMWare ESXI 6.5 and above is not compatible with
subformat=monolithicSparse (The default qemu-img convert -O VMDK option).
Monolithic Sparse vmdk can be imported, but issues occur when running
sysupgrade with new images and other tasks that modify the file system
(issues like Kernel panics, reboot loops, sometimes crashing the Host ESXI
box).
This change creates an additional VMDK output file for ESXI that sets the
subformat to monlithicFlat, and the adapter_type to the SCSI lsilogic
controller.
This change existed back on:
25e36d379e
But it looks like the change was removed when refactoring occurred with:
5f6a2732f892b6229473576d89cc963ae9c97d5d
Signed-off-by: John Sommerville <jsommerville@untangle.com>
These targets are currently using more or less same SIGNATURE variable
which provides unique partition ID/signature, so it makes sense to
refactor it out into common IMG_PART_SIGNATURE variable which could be
reused by all targets.
This is another step in the direction of reproducible OpenWrt images.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[split into separate commit, renamed to IMG_PART_SIGNATURE]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
When changing profile titles for this target, an empty Makefile
has been added by accident.
Fixes: 14d17306bc ("x86: make profile titles more verbose")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
So far (nearly) all x86 profiles are called "Generic" which makes
it hard to distinguish them in special cases, like searching for a
specific profile (without pre-selecting target/subtarget).
To make this change locally working, remove the tmp/ folder to
force reload of menuconfig.
As these files are infrequently touched, the Copyright was updated
as well.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[changed commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
It's a variable set by procd that should replace hardcoded
/tmp/sysupgrade.tgz.
This change requires the most recent procd with the commit 0f3c136
("sysupgrade: set UPGRADE_BACKUP env variable").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
$CONF_TAR shouldn't be assumed to always point to the sysupgrade.tgz.
This change makes code more generic and allows refactoring $CONF_TAR.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
1) Add BACKUP_FILE and use it when copying an archive to be restored
after sysupgrade (on the next preinit).
2) Use CONF_TAR for copying backup prepared by the /sbin/sysupgrade
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Refreshed all patches.
Also add a missing symbol for x86 which got used now in this bump.
- ISCSI_IBFT
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Refreshed all patches.
Also add a missing symbol for x86 which got used now in this bump.
- ISCSI_IBFT
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
This explicitly lets stage2 know if partitions should be preserved. No
more "touch /tmp/sysupgrade.always.overwrite.bootdisk.partmap" hack.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
The host tool package qemu is build for the target x86. The installed tool
qemu-img is needed to build vdi or vmdk images. In the image Makefile we
use however the host installed qemu-img command and not the tool from the
buildsystem. This commit force to use the already build qemu-img command
from the openwrt toolchain.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Many Atom-based embedded/industrial x86 boards can't run 64bit operating
systems due to either processor or board firmware limitations, but they
have modern interfaces (PCIe) or have modern Intel gigabit controllers
onboard. With the current default package selection for x86 Generic
target their network won't work.
Add the modern gigabit network modules needed or most likely going to be
used as add-in cards, similar to what is the list on x86_64 target.
Signed-off-by: Alberto Bursi <alberto.bursi@outlook.it>
[fixed whitespace issue]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Newer motherboards support NVMe U.2 connectors but also NVMe storage can
be used on add-on pcie adapters.
Enable kernel driver on x86 for now so the NVMe flash storage can be used
Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
Current squashfs snapshot images are improperly padded by just 128k,
which doesn't correspond with TARGET_ROOTFS_PARTSIZE=128 default config
option, leading to following:
Filesystem Size Used Available Use% Mounted on
/dev/root 2.5M 2.5M 0 100% /rom
/dev/loop0 85.0K 9.0K 71.0K 11% /overlay
overlayfs:/overlay 85.0K 9.0K 71.0K 11% /
Signed-off-by: Petr Štetiar <ynezz@true.cz>
In `build: image: Add IMG_ROOTFS and IMG_COMBINED variables` we've added
this new variables so switch to them now.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Currently we're producing unusable x86 combined squashfs images
(18.06.1, 18.06.2 and snapshots) as we don't enable TARGET_IMAGES_PAD,
thus providing very small space for the overlay filesystem, leading to
the following with OpenWrt 18.06.1 r7258-5eb055306f images on x86 QEMU:
root@(none):/# mount | egrep 'root|overlay'
/dev/root on /rom type squashfs
/dev/loop0 on /overlay type ext4
overlayfs:/overlay on / type overlay
root@(none):/# df -h | egrep 'root|overlay|Size'
Filesystem Size Used Available Use% Mounted on
/dev/root 2.5M 2.5M 0 100% /rom
/dev/loop0 113.0K 8.0K 97.0K 8% /overlay
overlayfs:/overlay 113.0K 8.0K 97.0K 8% /
We should rather ensure proper image padding in image generation code
and we shouldn't rely on config options in order to generate usable
images.
So this patch removes TARGET_IMAGES_PAD config option and enforces
padding on combined images.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
bnx2x driver support for the x86 architecture. Includes module and
firmware for Broadcom QLogic 5771x/578xx 10/20-Gigabit ethernet
adapters.
Signed-off-by: Petko Bordjukov <bordjukov@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
[added +kmod-lib-zlib-inflate as well]
Lets bump kernel to 4.19 on targets which were run tested or got ACKed
so we've enough time to make it ready for next release:
armvirt/32 (runtested in qemu)
armvirt/64 (runtested in qemu)
ath79/generic (runtested on Carambola2)
gemini/generic (runtested on DIR-685, DNS-313, SQ201, SL93512R)
imx6/generic (runtested on Apalis)
ipq40xx/generic (runtested on nbg6617)
malta/be64 (runtested in qemu)
malta/be (runtested in qemu)
malta/le (runtested in qemu)
malta/le64 (runtested in qemu)
mpc85xx/generic (runtested on TL-WDR4900)
mpc85xx/p2020 (runtested on P2020RDB)
mvebu/cortexa53
mvebu/cortexa72
mvebu/cortexa10
octeon/generic (runtested on EdgeRouter Lite)
sunxi/cortexa53 (build tested only)
sunxi/cortexa7 (runtested on Lime2-K)
sunxi/cortexa8 (build tested only)
tegra/generic
x86/64 (runtested in qemu)
Acked-by: Zoltan HERPAI <wigyori@uid0.hu> [sunxi]
Tested-by: Linus Walleij <linus.walleij@linaro.org> [gemini]
Tested-by: Tomasz Maciej Nowak <tomek_n@o2.pl> [mvebu, tegra]
Tested-by: Daniel Engberg <daniel.engberg.lists@pyret.net> [octeon]
Tested-by: Pawel Dembicki <paweldembicki@gmail.com> [mpc85xx/generic mpc85xx/p2020]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
When running OpenWrt inside an LXC container no shell is opend as LXC
defaults to a virtual /dev/console.
This patch allows to enter a shell after starting the container via
`lxc-start`, without it is only posible to access a shell on tty1 via
`lxc-console`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This activates "Supervisor Mode Access Prevention". modern CPUs will
prevent the kernel code from accessing any data from the userspace
without the usage of copy_to_user() or copy_from_user()
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
CONFIG_BINFMT_MISC allows it to add support for new executable formats
to the kernel from user space, the kernel will then detect for example a
java binary and call the java execution program automatically. I am not
aware that this feature is used in OpenWrt and this could be used to
exploit something. Deactivate it for all targets for now.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>