Commit Graph

53911 Commits

Author SHA1 Message Date
Daniel Golle
50cb1cb2ef imagebuilder: export SOURCE_DATE_EPOCH to environment
Export SOURCE_DATE_EPOCH to environment so filesystem and image
creation tools will make use of it.
Fixes reproducibility of images generated with the ImageBuilder.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 5cf5dce05a)
2022-04-10 16:32:20 +01:00
Daniel Golle
1a2689a460 arm-trusted-firmware-mediatek: remove no longer needed Configure step
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.

Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dffad93d3e)
2022-04-10 16:32:20 +01:00
Daniel Golle
725a7619de trusted-firmware-a.mk: make sure include directory exists
ARM Trusted Firmware builds do not depend on any target libraries as
they are bare-metal builds. However, the compiler aborts due to
-Werror=missing-include-dirs if the include dir doesn't exists and this
can happen when building with parallelisation as that makes it likely
for arm-trusted-firmware-* to be build very early before any of the
libraries which would implicitely create the directory.
Fix this by making sure the include dir exists before building.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 738d44f5ea)
2022-04-10 16:32:20 +01:00
John Audia
662d1f9f8d kernel: bump 5.10 to 5.10.110
Removed upstreamed:
  generic/backport-5.10/350-v5.18-MIPS-pgalloc-fix-memory-leak-caused-by-pgd_free.patch
  generic/pending-5.10/850-0014-PCI-aardvark-Fix-reading-PCI_EXP_RTSTA_PME-bit-on-em.patch
  ipq40xx/patches-5.10/105-ipq40xx-fix-sleep-clock.patch

All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Compile-/run-tested: ath79/generic (Archer C7 v2).

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[rebased in 22.03 tree]
Signed-off-by: John Audia <graysky@archlinux.us>
(cherry picked from commit b92ec82235)
2022-04-10 16:31:42 +01:00
Ray Wang
40566daa9a ipq40xx: add RT-AC2200 alternative name to RT-AC42U/RT-ACRH17
RT-AC2200 is the same device with a different name. The OEM firmwares have the same MD5.

Signed-off-by: Ray Wang <raywang777@foxmail.com>
(cherry picked from commit 3204906569)
2022-04-10 16:26:01 +01:00
Joe Mullally
85d581a64b ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.

Note for users sysupgrading from the previous ath79-generic snapshot
images:

The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.

To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".

If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:

* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot

Signed-off-by: Joe Mullally <jwmullally@gmail.com>
Tested-by: Robert Högberg <robert.hogberg@gmail.com>
(cherry picked from commit 44e1e5d153)
2022-04-10 16:26:01 +01:00
Konstantin Demin
d118e57b35 dropbear: bump to 2022.82
- update dropbear to latest stable 2022.82;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- use $(AUTORELEASE) in PKG_RELEASE
- use https for all uris
- refresh all patches
- rewrite patches:
  - 100-pubkey_path.patch
  - 130-ssh_ignore_x_args.patch

binary/pkg size changes:
- ath79/generic, mips:
  - binary: 215112 -> 219228 (+4116)
  - pkg: 111914 -> 113404 (+1490)
- ath79/tiny, mips:
  - binary: 172501 -> 172485 (-16)
  - pkg: 89871 -> 90904 (+1033)

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit 65256aee23)
2022-04-10 16:26:01 +01:00
Nick Hainke
53c2874e07 libmnl: update to 1.0.5
Changes:

Duncan Roe (5):
      nlmsg: Fix a missing doxygen section trailer
      build: doc: "make" builds & installs a full set of man pages
      build: doc: get rid of the need for manual updating of Makefile
      build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
      src: doc: Fix messed-up Netlink message batch diagram

Fernando Fernandez Mancera (1):
      src: fix doxygen function documentation

Florian Westphal (1):
      libmnl: zero attribute padding

Guillaume Nault (1):
      callback: mark cb_ctl_array 'const' in mnl_cb_run2()

Kylie McClain (1):
      examples: nfct-daemon: Fix test building on musl libc

Laura Garcia Liebana (4):
      examples: add arp cache dump example
      examples: fix neigh max attributes
      examples: fix print line format
      examples: reduce LOCs during neigh attributes validation

Pablo Neira Ayuso (3):
      doxygen: remove EXPORT_SYMBOL from the output
      include: add MNL_SOCKET_DUMP_SIZE definition
      build: libmnl 1.0.5 release

Petr Vorel (1):
      examples: Add rtnl-addr-add.c

Stephen Hemminger (1):
      examples: rtnl-addr-dump: fix typo

igo95862 (1):
      doxygen: Fixed link to the git source tree on the website.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit c3b7389339)
2022-04-10 16:26:01 +01:00
Nick Hainke
8215bba00e libnfnetlink: update to 1.0.2
Changes:

c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings

Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit aecf088b37)
2022-04-10 16:26:01 +01:00
Andrey Erokhin
8f4124c252 gpio-button-hotplug: fix data race
bh_event_add_var can be called by multiple threads concurrently,
so it shall not use a static char buffer

Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
(cherry picked from commit 1e991e09b7)
2022-04-10 16:26:01 +01:00
Rosen Penev
0db5044f51 tools/meson: update to 0.61.4
Override python to use the one in host instead of hostpkg. There's no
need to use the latter.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 19f3fcc884)
2022-04-10 16:26:01 +01:00
leo chung
a650f4abfb tools/cmake: fix download url
fix the cmake.org download url

Signed-off-by: leo chung <gewalalb@gmail.com>
(cherry picked from commit 56f091d467)
2022-04-10 16:26:01 +01:00
Daniel Golle
dbec41685b libselinux: add missing host-build dependency on libsepol/host
The host-build of libselinux requires libsepol/host.
Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts
which don't have libsepol installed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 0d3850dc5a)
2022-04-10 16:26:01 +01:00
Valentyn Datsko
660923cd74 dnsmasq: add procd interface index tracking
Problem exist when dnsmasq is exclusively bind to particular interface.
After reconfiguring or restarting this interface, its index changes, but
dnsmasq uses the old one. When this problem occurs, dnsmasq does not
listen on the correct interface so DHCP does not work, and clients do not
get an IP address. Procd netdev param can be added to restart dnsmasq when
the interface index is changed.

Signed-off-by: Valentyn Datsko <valikk.d@gmail.com>
[combined into a single &&-connected statement]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 76f55e3c3f)
2022-04-10 16:26:01 +01:00
Rosen Penev
ce7ee54c55 libselinux: use musl-fts for host builds
Fixes compilation under musl based distros like Alpine Linux.

Also add pcre/host as a build dependency as it's needed.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit abb2683de3)
2022-04-10 16:26:01 +01:00
Hauke Mehrtens
d0965dc174 at91: Automatically detect USB feature
The sama7 sub target does not have USB support, the feature should not
be activated there. OpenWrt can automatically detect if the target
supports USB by using the scripts/target-metadata.pl script. With the
automatic detection USB support will only get activated on subtargest
which actually support USB like sam9x and sama5.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f6d566301e)
2022-04-07 21:08:10 +02:00
Hauke Mehrtens
f66521e71f at91/sama7: Do not build in Bluetooth
Bluetooth should be activated as an optional kmod package instead of
compiling it into the kernel.

Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3296881a1d)
2022-04-07 21:08:09 +02:00
Hauke Mehrtens
ad639134d9 at91/sama7: Use ext4 driver for ext2 and ext3
Use the ext4 driver for ext2 and ext3 too. This feature is activated in
the OpenWrt generic configuration.

Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6709b67265)
2022-04-07 21:08:07 +02:00
Hauke Mehrtens
47ca26866d at91/sama7: Deactivate certification and key system
This was probably activated by mac80211 which was activated before.
mac80211 is build from backports in OpenWrt.

Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ac2bc4b893)
2022-04-07 21:08:05 +02:00
Hauke Mehrtens
9f36a0a8e1 at91/sama7: Do not activate cgroups and namespaces
cgroups and namespaces should be configured by the generic OpenWrt
configuration and not for a specific target.

Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a2f1db99f6)
2022-04-07 21:08:04 +02:00
Hauke Mehrtens
b07143adaa at91/sama7: Remove config options build as module
Remove the configuration options which are building modules for the sub
target configuration.

These kernel modules are not packaged. Kernel options should only be
build as a module when they are selected by a kmod package and not by
setting them to =m in the target kernel configuration.

Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5a84a8764d)
2022-04-07 21:08:02 +02:00
Hauke Mehrtens
3826e21465 kernel: bump 5.10 to 5.10.109
Patches automatically rebased.

Compile-tested: lantiq/xrx200
Run-tested: lantiq/xrx200

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-04-07 20:46:57 +02:00
Daniel Golle
0877953235
scripts: make sure sort-order is independent from locale
Set LC_ALL=C environment variable when calling 'sort' as the sort
order otherwise depends on the locale set.

Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1d77dca3b3)
2022-04-06 17:35:49 +01:00
Daniel Golle
bb8300069b kernel: set SOURCE_DATE_EPOCH for initramfs root dir
Make sure the timestamp of the root directory of the initramfs is set
to SOURCE_DATE_EPOCH as well.

Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 54bcf586b0)
2022-04-06 14:03:58 +01:00
Paul Spooren
a5cf20d197 build: store sha256_unsigned in JSON
Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.

Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 8822a8d850)
2022-04-06 14:03:58 +01:00
Daniel Golle
ca83af21cc kernel: fix initramfs reproducibility
Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.

Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fc6a83e63b)
2022-04-06 14:03:58 +01:00
Stijn Tintel
82e1f041f9 image: let mksquashfs4 use all processors
Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.

The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):

Before:
real    4m45,973s

After:
real    0m23,497s

With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit df2ae8826c)
2022-04-06 14:03:58 +01:00
Paul Spooren
ec2bc81c78 scripts: make sure conffiles are sorted
It may happen that conffiles are in different order on different builds.
Make sure they have the same order by sorting them.

FIX: #9612

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56ce110b73)
2022-04-06 13:59:44 +01:00
Paul Spooren
f56ddb0f58 toolchain: reproducible libstdcpp
A Python script containing an unreproducible path is copied by default.
Remove it before generating the package.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 950bd40a27)
2022-04-06 13:59:44 +01:00
Paul Spooren
fd81c052f7 grub2: add missing license
The PKG_LICENSE field was missing.
While at it, normalize the Makefile a bit.

Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 839b1ff1fc)
2022-04-05 23:33:35 +02:00
Stijn Tintel
59aa37b19b qoriq: enable support for Marvell Alaska PHYs
The WatchGuard Firebox M200 and M300 use a Marvell 88e1543 PHY for the
first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY
driver, so enable it.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit d7eba8059b)
2022-04-05 23:33:35 +02:00
Daniel Golle
2dafc04b4d kernel: load device-mapper early on boot
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 82f9ad6ab2)
2022-04-05 23:33:35 +02:00
Piotr Dymacz
66c075c5d2 kernel: modules: drop 'AddDepends/bluetooth' calls
Function 'AddDepends/bluetooth' doesn't exist in our codebase.

Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
(cherry picked from commit 173198e35a)
2022-04-05 23:33:35 +02:00
Hauke Mehrtens
d18e365b17 busybox: Fix snprintf arguments in lock
The first argument for snprintf is the buffer and the 2. one is the
size. Fix the order. This broke the lock application.

Fixes: 9d2b26d5a7 ("busybox: fix busybox lock applet pidstr buffer overflow")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d80336e1a9)
2022-04-05 23:33:16 +02:00
Qichao Zhang
9d2b26d5a7 busybox: fix busybox lock applet pidstr buffer overflow
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.

Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com>
(cherry picked from commit 34567750db)
2022-04-05 00:20:24 +02:00
Huangbin Zhan
1b59515456 build: autotools: fix cache path
the cache directory should be autom4te.cache in all $(PKG_AUTOMAKE_PATHS)
rather than $(PKG_BUILD_DIR)/autom4te.cache only

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit 044ca149f3)
2022-04-05 00:20:24 +02:00
Rosen Penev
56463b0221 pcre: disable shared libraries for host builds
Getting rid of shared libraries for hostpkg avoids having to use rpath
hacks to find the library. It also fixes compilation with host glib2
binaries.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f8571749a7)
2022-04-05 00:20:24 +02:00
Rosen Penev
308adb76d2 musl-fts: remove shared libraries from host
Avoids having to add rpath to the various packages using it. Also add
PIC to fix compilation as static libraries do not use PIC by default.

Fixes: 1fb099341e ("musl-fts: add host build")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8a75ed4ba0)
2022-04-05 00:20:24 +02:00
Christian Lamparter
55740b1ba4 kernel: mark CONFIG_PSTORE_COMPRESS_DEFAULT as "is not set"
# CONFIG_PSTORE_COMPRESS_DEFAULT="deflate"
this can lead to confusion. Thankfully, in the KConfig
world this setting is still interpreted as disabled.

Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit de4879c1ae)
2022-04-05 00:20:24 +02:00
Andre Heider
ba1ef69603 ipq40xx: add support for FRITZ!Box 7520
This model, also know as "1&1 HomeServer", shares the same features as 7530.

The vendor firmware has artificial software limitations: only 2 of the 4
LAN-Ports are GBit, and the USB-Host is only v2.0.

With OpenWrt, USB is already working at v3.0.

Signed-off-by: Andre Heider <a.heider@gmail.com>
(updated commit message to reflect current state)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cb6f4be137)
2022-04-05 00:20:24 +02:00
Stijn Tintel
3a3fdd6239 gettext-full: add gmsgfmt symlink in host install
Some configure scripts look for msgfmt and gmsgfmt. As we don't install
the latter, configure might pick up one from staging_dir/hostpkg, and
the other from the host:

checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt
checking for gmsgfmt... /usr/bin/gmsgfmt

This could potentially lead to hard to debug undefined behaviour.
Install a symlink in the host install phase to avoid this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 636cb00ecc)
2022-04-05 00:20:24 +02:00
Robert Marko
9ae93c14fb uboot-mvebu: backport patch to fix eMMC
v2022.01 has a regression that broke eMMC usage on most if not all Armada
SoC-s, thus breaking boards like uDPU which use eMMC for storage.

Fix it by backporting a recent upstream patch.

Fixes: 782d4c8306 ("uboot-mvebu: update to version 2022.01")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit a703830806)
2022-04-05 00:20:24 +02:00
Stijn Tintel
30614c6cfa Revert "octeon: mark source-only"
The memory leak is fixed by the kernel patches backported in the
previous commit.

This reverts commit 1fa8780056.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit f6cda9f06b)
2022-04-03 19:30:09 +03:00
Stijn Tintel
9ab337dfbc kernel: backport pgalloc memory leak fix
Backport a fix for the massive memory leak observed in Octeon after
switching to kernel 5.10.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 9283359bd5)
2022-04-03 19:30:00 +03:00
Stijn Tintel
6e7bf6ad95 octeon: mark source-only
There is a hard to reproduce, even harder to track down memory leak in
Octeon since kernel 5.10. Mark octeon source-only until it is plugged.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 1fa8780056)
2022-04-01 11:14:01 +01:00
Jan-Niklas Burfeind
c9358c387b
ath79: migrate Archer C5 5GHz radio device paths
When upgrading a TP-Link Archer C5 v1 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.

Same has been done for the Archer C7 before:

commit e19506f206 ("ath79: migrate Archer C7 5GHz radio device paths")

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit c6eb63d48f)
2022-03-31 18:07:53 +02:00
Matthias Schiffer
dfba6e95af
ath79: fix label MAC address for Ubiquiti UniFi AP Outdoor+
The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit aee9ccf5c1)
2022-03-30 17:49:06 +02:00
Hauke Mehrtens
b664bb617d realtek: Fix tc default package
The tc package does not exits any more, it was split into tc-tiny,
tc-full and tc-bpf. Include tc-bpf by default into realtek images.

This increases the compressed image size by about 232KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 34fb36e165)
2022-03-29 14:28:21 +02:00
Hauke Mehrtens
27fbae4c5a realtek: Use firewall4
The realtek target is not a router, but basic device, see DEVICE_TYPE.
The basic device type does not come with firewall by default, see
include/target.mk for details. The realtek target extended
DEFAULT_PACKAGES manually with firewall.

This changes the defaults to take firewall4 and nftables instead of
firewall and iptables. This also adds the additional package
kmod-nft-offload.

The only difference to the router type is the missing ppp,
ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.

This increases the compressed image size by about 422KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 469030659c)
2022-03-29 14:28:19 +02:00
Hauke Mehrtens
916f21c63e realtek: Remove dnsmasq and odhcpd-ipv6only from default
Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.

This decreases the compressed image size by about 165KBytes.

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2acebbdcaa)
2022-03-29 14:28:17 +02:00