Export SOURCE_DATE_EPOCH to environment so filesystem and image
creation tools will make use of it.
Fixes reproducibility of images generated with the ImageBuilder.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 5cf5dce05a)
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.
Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit dffad93d3e)
ARM Trusted Firmware builds do not depend on any target libraries as
they are bare-metal builds. However, the compiler aborts due to
-Werror=missing-include-dirs if the include dir doesn't exists and this
can happen when building with parallelisation as that makes it likely
for arm-trusted-firmware-* to be build very early before any of the
libraries which would implicitely create the directory.
Fix this by making sure the include dir exists before building.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 738d44f5ea)
RT-AC2200 is the same device with a different name. The OEM firmwares have the same MD5.
Signed-off-by: Ray Wang <raywang777@foxmail.com>
(cherry picked from commit 3204906569)
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.
Note for users sysupgrading from the previous ath79-generic snapshot
images:
The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.
To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".
If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:
* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot
Signed-off-by: Joe Mullally <jwmullally@gmail.com>
Tested-by: Robert Högberg <robert.hogberg@gmail.com>
(cherry picked from commit 44e1e5d153)
Changes:
Duncan Roe (5):
nlmsg: Fix a missing doxygen section trailer
build: doc: "make" builds & installs a full set of man pages
build: doc: get rid of the need for manual updating of Makefile
build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
src: doc: Fix messed-up Netlink message batch diagram
Fernando Fernandez Mancera (1):
src: fix doxygen function documentation
Florian Westphal (1):
libmnl: zero attribute padding
Guillaume Nault (1):
callback: mark cb_ctl_array 'const' in mnl_cb_run2()
Kylie McClain (1):
examples: nfct-daemon: Fix test building on musl libc
Laura Garcia Liebana (4):
examples: add arp cache dump example
examples: fix neigh max attributes
examples: fix print line format
examples: reduce LOCs during neigh attributes validation
Pablo Neira Ayuso (3):
doxygen: remove EXPORT_SYMBOL from the output
include: add MNL_SOCKET_DUMP_SIZE definition
build: libmnl 1.0.5 release
Petr Vorel (1):
examples: Add rtnl-addr-add.c
Stephen Hemminger (1):
examples: rtnl-addr-dump: fix typo
igo95862 (1):
doxygen: Fixed link to the git source tree on the website.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit c3b7389339)
Changes:
c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings
Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit aecf088b37)
bh_event_add_var can be called by multiple threads concurrently,
so it shall not use a static char buffer
Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
(cherry picked from commit 1e991e09b7)
Override python to use the one in host instead of hostpkg. There's no
need to use the latter.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 19f3fcc884)
The host-build of libselinux requires libsepol/host.
Add the libsepol/host to HOST_BUILD_DEPENDS to allow build on hosts
which don't have libsepol installed.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 0d3850dc5a)
Problem exist when dnsmasq is exclusively bind to particular interface.
After reconfiguring or restarting this interface, its index changes, but
dnsmasq uses the old one. When this problem occurs, dnsmasq does not
listen on the correct interface so DHCP does not work, and clients do not
get an IP address. Procd netdev param can be added to restart dnsmasq when
the interface index is changed.
Signed-off-by: Valentyn Datsko <valikk.d@gmail.com>
[combined into a single &&-connected statement]
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 76f55e3c3f)
Fixes compilation under musl based distros like Alpine Linux.
Also add pcre/host as a build dependency as it's needed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit abb2683de3)
The sama7 sub target does not have USB support, the feature should not
be activated there. OpenWrt can automatically detect if the target
supports USB by using the scripts/target-metadata.pl script. With the
automatic detection USB support will only get activated on subtargest
which actually support USB like sam9x and sama5.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit f6d566301e)
Bluetooth should be activated as an optional kmod package instead of
compiling it into the kernel.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 3296881a1d)
Use the ext4 driver for ext2 and ext3 too. This feature is activated in
the OpenWrt generic configuration.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6709b67265)
This was probably activated by mac80211 which was activated before.
mac80211 is build from backports in OpenWrt.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit ac2bc4b893)
cgroups and namespaces should be configured by the generic OpenWrt
configuration and not for a specific target.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit a2f1db99f6)
Remove the configuration options which are building modules for the sub
target configuration.
These kernel modules are not packaged. Kernel options should only be
build as a module when they are selected by a kmod package and not by
setting them to =m in the target kernel configuration.
Tested-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Reviewed-by: Claudiu Beznea <claudiu.beznea@microchip.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 5a84a8764d)
Set LC_ALL=C environment variable when calling 'sort' as the sort
order otherwise depends on the locale set.
Fixes: 56ce110b73 ("scripts: make sure conffiles are sorted")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 1d77dca3b3)
Make sure the timestamp of the root directory of the initramfs is set
to SOURCE_DATE_EPOCH as well.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 54bcf586b0)
Introduce `sha256_unsigned` which is a checksum of the image _before_ a
signature is attached. This is helpful to compare image reproducibility.
Since the `.sha256sum` file is located in the $(KDIR) folder, switch
$(BIN_DIR) with $(KDIR) to simplify the code. The value of $(BIN_DIR)
itself is not stored inside the resulting JSON file, so it can be
replaced.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 8822a8d850)
Make sure xz uses at least 2 threads so compression always runs in
multi-threaded mode as the resulting file in single-threaded mode
differs.
Fixes: 29d7461d11 ("kernel: set options to make external initramfs reproducible")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit fc6a83e63b)
Drop the -processors argument from the mksquashfs4 call, so it will use
all available processors. This dramatically reduces the time to create
squashfs filesystems.
The times below are observed when building an image for my main router,
the WatchGuard Firebox M300 (qoriq target):
Before:
real 4m45,973s
After:
real 0m23,497s
With this commit `mksquashfs` may use more cores than defined via `-j`.
This is the same behaviour as for archive creation of ImageBuilder, SDK
or toolchain. There is no trivial way to limit `mksquashfs` CPU core
usage to the amount of "free" make jobs since two running `mksquashfs`
instances would each run with the total allowed number (-j) of threads.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
[extended reasoning in commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit df2ae8826c)
It may happen that conffiles are in different order on different builds.
Make sure they have the same order by sorting them.
FIX: #9612
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 56ce110b73)
A Python script containing an unreproducible path is copied by default.
Remove it before generating the package.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 950bd40a27)
The PKG_LICENSE field was missing.
While at it, normalize the Makefile a bit.
Signed-off-by: Paul Spooren <mail@aparcar.org>
(cherry picked from commit 839b1ff1fc)
The WatchGuard Firebox M200 and M300 use a Marvell 88e1543 PHY for the
first 3 ethernet ports. This PHY is supported by the Marvell Alaska PHY
driver, so enable it.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit d7eba8059b)
Previously commit openwrt/packages@3abb7cb ("lvm2: Added script and updated Makefile[...]")
couldn't actually work and allow rootfs_data to be stored on a LVM2 as
the necessary kernel modules had not been loaded at this point.
Fix this by loading device-mapper modules early at boot.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 82f9ad6ab2)
The first argument for snprintf is the buffer and the 2. one is the
size. Fix the order. This broke the lock application.
Fixes: 9d2b26d5a7 ("busybox: fix busybox lock applet pidstr buffer overflow")
Reported-by: Hartmut Birr <e9hack@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d80336e1a9)
Kernel setting `/proc/sys/kernel/pid_max` can be set up to 4194304 (7
digits) which will cause buffer overflow in busbox lock patch, this
often happens when running in a rootfs container environment.
This commit enlarges `pidstr` to 12 bytes to ensure a sufficient buffer
for pid number and an additional char '\n'.
Signed-off-by: Qichao Zhang <njuzhangqichao@gmail.com>
(cherry picked from commit 34567750db)
the cache directory should be autom4te.cache in all $(PKG_AUTOMAKE_PATHS)
rather than $(PKG_BUILD_DIR)/autom4te.cache only
Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
(cherry picked from commit 044ca149f3)
Getting rid of shared libraries for hostpkg avoids having to use rpath
hacks to find the library. It also fixes compilation with host glib2
binaries.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit f8571749a7)
Avoids having to add rpath to the various packages using it. Also add
PIC to fix compilation as static libraries do not use PIC by default.
Fixes: 1fb099341e ("musl-fts: add host build")
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 8a75ed4ba0)
# CONFIG_PSTORE_COMPRESS_DEFAULT="deflate"
this can lead to confusion. Thankfully, in the KConfig
world this setting is still interpreted as disabled.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit de4879c1ae)
This model, also know as "1&1 HomeServer", shares the same features as 7530.
The vendor firmware has artificial software limitations: only 2 of the 4
LAN-Ports are GBit, and the USB-Host is only v2.0.
With OpenWrt, USB is already working at v3.0.
Signed-off-by: Andre Heider <a.heider@gmail.com>
(updated commit message to reflect current state)
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
(cherry picked from commit cb6f4be137)
Some configure scripts look for msgfmt and gmsgfmt. As we don't install
the latter, configure might pick up one from staging_dir/hostpkg, and
the other from the host:
checking for msgfmt... /home/stijn/Development/OpenWrt/openwrt/staging_dir/hostpkg/bin/msgfmt
checking for gmsgfmt... /usr/bin/gmsgfmt
This could potentially lead to hard to debug undefined behaviour.
Install a symlink in the host install phase to avoid this.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 636cb00ecc)
v2022.01 has a regression that broke eMMC usage on most if not all Armada
SoC-s, thus breaking boards like uDPU which use eMMC for storage.
Fix it by backporting a recent upstream patch.
Fixes: 782d4c8306 ("uboot-mvebu: update to version 2022.01")
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
(cherry picked from commit a703830806)
The memory leak is fixed by the kernel patches backported in the
previous commit.
This reverts commit 1fa8780056.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit f6cda9f06b)
Backport a fix for the massive memory leak observed in Octeon after
switching to kernel 5.10.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 9283359bd5)
There is a hard to reproduce, even harder to track down memory leak in
Octeon since kernel 5.10. Mark octeon source-only until it is plugged.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
(cherry picked from commit 1fa8780056)
When upgrading a TP-Link Archer C5 v1 from ar71xx to ath79,
the 5ghz radio stops working because the device path changed.
Same has been done for the Archer C7 before:
commit e19506f206 ("ath79: migrate Archer C7 5GHz radio device paths")
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
(cherry picked from commit c6eb63d48f)
The label has the MAC address of eth0, not the WLAN PHY address. We can
merge the definition back into ar7241_ubnt_unifi.dtsi, as both DTS
derived from it use the same interface for their label MAC addresses
after all.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit aee9ccf5c1)
The tc package does not exits any more, it was split into tc-tiny,
tc-full and tc-bpf. Include tc-bpf by default into realtek images.
This increases the compressed image size by about 232KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 34fb36e165)
The realtek target is not a router, but basic device, see DEVICE_TYPE.
The basic device type does not come with firewall by default, see
include/target.mk for details. The realtek target extended
DEFAULT_PACKAGES manually with firewall.
This changes the defaults to take firewall4 and nftables instead of
firewall and iptables. This also adds the additional package
kmod-nft-offload.
The only difference to the router type is the missing ppp,
ppp-mod-pppoe, dnsmasq and odhcpd-ipv6only package.
This increases the compressed image size by about 422KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 469030659c)
Do not include the dnsmasq and odhcpd-ipv6only package by default any
more. These services are not needed on a switch. If someone needs this
it is still possible to use opkg or image builder to add them.
This decreases the compressed image size by about 165KBytes.
Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 2acebbdcaa)