Kconfig symbols CONFIG_ARM64_CNP and CONFIG_ARM64_EPAN got exposed
by enabling CONFIG_ARM64_PAN. Enable them as well, as just like for
PAN, also EPAN and CNP will be detected at runtime at no cost.
Fixes: a2662309aa ("kernel: Enable CONFIG_ARM64_PAN to restrict kernel access to user space memory")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Enable the CONFIG_ARM64_PAN kernel security option, which leverages the
ARMv8.1 Privileged Access Never (PAN) extension to prevent the kernel
from directly accessing user space memory.
Instead, copy_to_user and similar functions must be used for data
transfer between kernel and user space. This feature is automatically
disabled at runtime on CPUs without PAN support, making it a no-op in
those cases.
Link: https://github.com/openwrt/openwrt/pull/16189
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Now we have rk3588 support :)
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Link: https://github.com/openwrt/openwrt/pull/16149
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
We need to configure the led and network config for this board on
start as per the others
Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add patches for the nanopi r6s board, backporting from 6.9 where
basic support is landing.
Signed-off-by: Ben Whitten <ben.whitten@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15607
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Radxa ROCK Pi E v3.0 is a compact networking SBC[1] using the Rockchip
RK3328 SoC.
Hardware
--------
- Rockchip RK3328 SoC
- Quad A53 CPU
- 512MB/1GB/2GB DDR4 RAM
- 4/8/16/32GB eMMC
- Micro SD Card slot
- WiFi 4 and BT 4, or WiFi 5 and BT 5 (not supported yet)
- 1x 1000M Ethernet with PoE support (additional PoE HAT required)
- 1x 100M Ethernet
- 1x USB 3.0 Type-A port (Host)
- 1x 4-ring 3.5mm headphone jack
- 40 Pin GPIO header
[1] https://radxa.com/products/rockpi/pie
Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
Signed-off-by: FUKAUMI Naoki <naoki@radxa.com>
Link: https://github.com/openwrt/openwrt/pull/15984
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is an automatically generated commit which aids following Kernel patch history,
as git will see the move and copy as a rename thus defeating the purpose.
See: https://lists.openwrt.org/pipermail/openwrt-devel/2023-October/041673.html
for the original discussion.
Signed-off-by: Antonio Flores <antflores627@gmail.com>
This is an automatically generated commit.
When doing `git bisect`, consider `git bisect --skip`.
Signed-off-by: Antonio Flores <antflores627@gmail.com>
Hardware spec:
- Rockchip RK3568 Quad-core ARM Cortex-A55 CPU 2GHz
- GPU Mali-G52 1-Core-2EE OpenGL ES3.2 Vu1kn 1.1 OpenCL 2.0
- Memory2G DDR3 SDRAM (option 4G)
- Storage Onboard 16GB eMMC Flash, Micro SD-Card slot, SATA 3.0 Port,SPI flash
- Network 5 x 10/100/1000 Mbit/s Ethernet MT7531
- Display 1 HDMI port, 2 DSI interface(1 DSI can change to LVDS by software)
- Camera 1 CSI camera interface
- Audio Output HDMI & I2S & Speaker & Headphone
- USB port USB 3.0 PORT (x2), micro USB OTG (x1)
- PCIE 1 mini pcie interface & 1 M.2 key-e interface
- Remote IR Receiver (x1)
- GPIO 40 Pin Header : GPIO (x28) and Power (+5V, +3.3V and GND).
- Switches Reset button, Power button, U-boot button
- LED Power Status
- Power Source 12 volt 2A via DC Power
Installation:
Uncompress the OpenWrt sysupgrade and write image to the SD card using dd (dd if=*.img of=/*)
Boot from the SD card
1-hold down the MaskRom button
2-Connect DC power
3-Wait 5 seconds, release the button.
eMMC Installation:
1-Uncompress the OpenWrt sysupgrade image
2-fash to eMMC
dd if=openwrt-rockchip-armv8-sinovoip_bpi-r2-pro-squashfs-sysupgrade.img of=/dev/mmcblk1
sync
3-remove SD card
reboot
Signed-off-by: Antonio Flores <antflores627@gmail.com>
Rockchip SoCs used to have a random number generator as part of their
crypto device, and support for it has to be added to the corresponding
driver.
Newer Rockchip SoCs like the RK3568 have an independent True Random
Number Generator device. Import pending patchset which adds a driver for
it, include it in Kconfig and enable it in the device tree.
Doing so significantly reduces the time needed to boot devices based on
those SoCs, from about 27 seconds until Ethernet is up and running to
less than 13 seconds with a minimal snapshot image.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Radxa E25 is a network application carrier board for the Radxa CM3
Industrial (CM3I) SoM, which is based on the Rockchip RK3568 SoC.
It has the following features:
- MicroSD card socket, on board eMMC flash
- 2x 2.5GbE Realtek RTL8125B Ethernet transceiver
- 1x USB Type-C port (Power and Serial console)
- 1x USB 3.0 OTG port
- mini PCIe socket (USB or PCIe)
- ngff PCIe socket (USB or SATA)
- 1x User LED and 16x RGB LEDs
- 26-pin expansion header
Installation:
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
Now we support parsing the color and function properties.
Ref: e814acc599 ("base-files: support parse DT LED color and function")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Hardware
--------
RockChip RK3566 ARM64 (4 cores)
- up to 8GB LPDDR4X
- 1x HDMI,
- 2x MIPI DSI
- 2x MIPI CSI2
- 1x eDP
- 1x PCIe card
- 2x SATA
- 2x USB 2.0 Host
- 1x USB 3.0
- 1x USB 2.0 OTG
- 10/100/1000 Base-T
- microSD slot
- 40-pin GPIO expansion header
- 12V DC
Radxa CM3 needs to mount on top of this IO board in order to create
complete Radxa CM3 IO board platform.
Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
Reviewed-by: Tianling Shen <cnsztl@immortalwrt.org>
Signed-off-by: Marius Durbaca <mariusd84@gmail.com>
FriendlyElec renamed the NanoPi R4S board with EEPROM (mac address)
to "enterprise" edition, and it was added as a "new" board in upstream
kernel.
This patch switched to use that upstreamed dts and removed local
EEPROM patch.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
The NanoPi R2C Plus is a small variant of NanoPi R2C with a on-board
eMMC flash (8G) included.
Installation
------------
Uncompress the OpenWrt sysupgrade and write it to a micro SD card or
internal eMMC using dd.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
XHCI bus numbers are assigned dynamically, it may varies among boards,
match the device irq name with regexp, drop the hardcoded name.
Signed-off-by: Furong Xu <xfr@outlook.com>
All devices in the rockchip target have appended image-metadata. Enforce
the presence of this metadata to avoid flashing incomplete images.
This is the de-facto standard for almost all OpenWrt targets.
Signed-off-by: David Bauer <mail@david-bauer.net>
Enable all necessary drivers for the rk356x SoCs, including PHY,
SCMI, SPI etc. Also backport 2 upstream patches for sdhci fixes.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
From the symbol help message:
> SLUB has extensive debug support features. Disabling these can result
> in significant savings in code size.
There seems to be no need to enable those debugging features for
standard use.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Without it the WAN port won't be initialized properly.
Fixes: 8f578c15b3 ("rockchip: add NanoPi R2C support")
Reviewed-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
This set the CONFIG_FRAME_WARN option depending on some target settings.
It will use the default from the upstream kernel and not the hard coded
value of 1024 now.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The OrangePi R1 Plus LTS is a minor variant of OrangePi R1 Plus with
the on-board NIC chip changed from rtl8211e to yt8531c, and otherwise
identical to OrangePi R1 Plus.
Tested-by: Volkan Yetik <no3iverson@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Orange Pi R1 Plus is a Rockchip RK3328 based SBC by Xunlong.
This device is similar to the NanoPi R2S, and has a 16MB
SPI NOR (mx25l12805d). The reset button is changed to
directly reset the power supply, another detail is that
both network ports have independent MAC addresses.
Note: booting from SPI is currently unsupported, you have to install
the image on a SD card.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
This allows loading modules with large memory requirements, recently needed
while testing on armvirt/32. Past forum discussions [1] and bug reports [2]
also raised this and the ipq806x target already set it in response [3].
Given this increases kernel image size by only ~1KB, is generally useful on
multi-platform kernels, and enabled by default on upstream arm32 Linux, add
it to the generic config.
The setting has similar utility on arm64, is a requirement for KASLR, and
already enabled on most OpenWrt aarch64 targets, so pull this into the
top-level generic config.
[1]: https://forum.openwrt.org/t/vmap-allocation-for-size-442368-failed-use-vmalloc-size-to-increase-size/34545/7
[2]: https://github.com/openwrt/openwrt/issues/8282
[3]: f81e148eb6 ("ipq806x: update 4.19 kernel config").
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
The NanoPi R2C is a minor variant of NanoPi R2S with the on-board NIC
chip changed from rtl8211e to yt8521s, and otherwise identical to R2S.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
All targets are bumped to 5.15. Remove the old 5.10 patches, configs
and files using:
find target/linux -iname '*-5.10' -exec rm -r {} \;
Further, remove the 5.10 include.
Signed-off-by: Nick Hainke <vincent@systemli.org>
Kernel setting CONFIG_IO_URING supports high-performance I/O for file
access and servers, generally for more performant platforms, and adds
~45 KB to kernel sizes. The need for this on less "beefy" devices is
questionable, as is the size cost considering many platforms have kernel
size limits which require tricky repartitioning if outgrown. The size
cost is also large relative to the ~180 KB bump expected between major
OpenWRT kernel releases.
No OpenWrt packages have hard dependencies on this; samba4 and mariadb
can take advantage if available (+KERNEL_IO_URING:liburing) but
otherwise build and work fine.
Since CONFIG_IO_URING is already managed via the KERNEL_IO_URING setting
in Config-kernel.in (default Y), remove it from those target configs
which unconditionally enable it, and update the defaults to enable it
conditionally only on more powerful 64-bit x86 and arm devices. It may
still be manually enabled as needed for high-performance custom builds.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This deactivates the CONFIG_COMPAT kernel option.
With CONFIG_COMPAT the kernel will provide syscall interfaces for arm32
binaries in addition to the interfaces needed for arm64 binaries.
In OpenWrt the complete userspace is compiled for this specific
architecture and support for 32 bit ARM applications is not needed.
This reduces the size and the attack surface for the systems.
On all other targets CONFIG_COMPAT is already deactivated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The legacy (BSD) PTY support could open security problems in a system,
We do not need them in OpenWrt, deactivate this option in all targets.
Debian also deactivates this option.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates the CONFIG_ARM64_SW_TTBR0_PAN option for all arm64
kernels by default.
The CONFIG_ARM64_SW_TTBR0_PAN option prevents the kernel form accessing
user space memory directly. This makes it harder to exploit the kernel.
This is activated by default and was already activate on all other arm64
targets before.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates CONFIG_HARDENED_USERCOPY for the remaining targets. This
adds additional checks in the copy_from_user() and copy_to_user()
functions.
This was not activated for ARCHS38 before because of a bug in the Linux
kernel 5.4 till 5.14, which as fixed and is described here:
https://github.com/foss-for-synopsys-dwc-arc-processors/linux/issues/15
I do not know why this was deactivated for mt7629 and rockchip.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Ensure the MAC address for all NanoPi R1 boards is assigned uniquely for
each board.
The vendor ships the device in two variants; one with and one without
eMMC; but both without static mac-addresses.
In order to assign both board types unique MAC addresses, fall back on
the same method used for the NanoPi R2S and R4S in case the EEPROM
chip is not present by generating the board MAC from the SD card CID.
[0] https://wiki.friendlyelec.com/wiki/index.php/NanoPi_R1#Hardware_Spec
Similar too and based on:
commit b5675f500d ("rockchip: ensure NanoPi R4S has unique MAC address")
Co-authored-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>