47a9f0d service: add method to query available container features
afbaba9 initd: attempt to mount cgroup2
ead60fe jail: use pidns semantics also for timens
759e9f8 jail: make use of BLOBMSG_CAST_INT64 for OCI rlimits
83053b6 instance: add instances into unified cgroup hierarchy
16159bb jail: parse OCI cgroups resources
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Upstream commit 3d00da1de3 ("platform/x86: pcengines-apuv2: detect apuv4
board")
On 5.4, this module fails on APUv4 due to non-matching DMI data. With this
patch, the module will match DMI data for the APUv4.
Signed-off-by: Matthew Gyurgyik <matthew@gyurgyik.io>
[include upstream patch description]
Signed-off-by: David Bauer <mail@david-bauer.net>
Fixes:
- CVE-2020-10757
The "mtd: rawnand: Pass a nand_chip object to nand_release()" commit was
backported which needed some adaptations to other code.
Run tested: ath79
Build tested: ath79
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Support Intel 10 Gigabit Ethernet Cards in x86/64 images by default.
This ensures that systems with cards such as the Intel x520 will work properly.
Signed-off-by: Gregory L. Dietsche <Gregory.Dietsche@cuw.edu>
Add a module description for the new pcengnies-apu2 device driver.
This driver supports the front button and LEDs on the PC Engines
APUv2/APUv3 boards.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Upstream in commit f9f8f0c24203 ("crypto: ccp -- don't "select"
CONFIG_DMADEVICES") removed dependency on CONFIG_DMADEVICES symbol which
leads to build breakage of ccp crypto module, so fix this by adding that
symbol back in the kernel config.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This drops the shebang from all target files for /lib and
/etc/uci-defaults folders, as these are sourced and the shebang
is useless.
While at it, fix the executable flag on a few of these files.
This does not touch ar71xx, as this target is just used for
backporting now and applying cosmetic changes would just complicate
things.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Many target use a repetitive if-include scheme for their subtarget
image files, though their names are consistent with the subtarget
names.
This patch removes these redundant conditions and just uses the
variable for the include where the target setup allows it.
For sunxi, this includes a trivial rename of the subtarget image
Makefiles.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Since commit 910df3f06c we have build in
on all X86/64 platforms the gpio-it87 driver.
Since this change I am getting the following error message on boot.
> kern.err kernel: [ 1.009416] gpio_it87: no device
I do not have this device on my system. To prevent the nonsensical
message and the loading of the module I have added this as a package, so
that it can be installed later or during image building.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
The last kernel update done with commit 500a02bc29 ("x86: Update
configuration") placed most of the updated config only in the x86_64
target.
Move the options needed by the other targets too in the x86 base config,
and add an additional option needed by those targets.
Fixes: 500a02bc29 ("x86: Update configuration")
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
[commit subject/description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
It was reported, that after image generation rework
x86-64-generic-squashfs-rootfs.img image won't boot on XenServer x86_64
anymore:
F2FS-fs (xvda): Magic Mismatch, valid(0xf2f52010) - read(0x84289960)
F2FS-fs (xvda): Can't find valid F2FS filesystem in 1th superblock
F2FS-fs (xvda): Magic Mismatch, valid(0xf2f52010) - read(0x4e8ee223)
F2FS-fs (xvda): Can't find valid F2FS filesystem in 2th superblock
List of all partitions:
ca00 4207 xvda
driver: vbd
No filesystem could mount root, tried:
ext3
ext2
ext4
squashfs
iso9660
f2fs
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(202,0)
So lets fix this by adding back padding which was introduced in commit
a17d9482f5 ("x86: image: fix small disk space in squashfs overlay").
Ref: FS#3036
Fixes: 258f070d1a ("x86: fix missing squashfs and ext4 rootfs images")
Fixes: cb007a7bf6 ("x86: switch image generation to new code")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This commit really removes packages in geode profiles already enabled
in kernel config.
Fixes: 9c23ecee57 ("x86: move packages selection to profiles")
Reported-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This can be rather confusing for contributors, since there are three
layers in which they can be added. As for now there are none profiles
other than generic (exception: geos) let's move them to these profiles.
Being here this commit also removes packages in geode profiles already
enabled in kernel config.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
There's no such package as forcedeth, threfore the driver is never
selected. Fix it by properly specifying package name.
Fixes: 35f208d ("x86: add nforce eth to default packages")
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Now that the x86 target uses the new image generation code we can also
attach metadata to the created images.
As currently the `SUPPORTED_DEVICES` list is empty, no JSON metadata is
attached, however the signing happens in the same step.
This results in signature verification for x86 images.
Signed-off-by: Paul Spooren <mail@aparcar.org>
forcedeth is necessary to use the integrated
ethernet controller of Nvidia nForce chipset.
There are PC motherboards with this chipset
from 2001 that run 32bit Athlon XP CPUs and
more modern ones up to 2009 that can run Intel
and AMD 64bit processors, so add this to
all non-geode x86 targets.
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
Some system not have mkisofs, but have genisoimage or
xorrisofs. They have compatable options for mkisofs,
so let them as alternatives to mkisofs.
Signed-off-by: 李国 <uxgood.org@gmail.com>
grub-bios-setup requires two images (boot.img and core.img),
but they are missing. This make an error during sysupgrade:
Upgrading bootloader on /dev/sda...
grub-bios-setup: error: cannot open `/tmp/boot/boot/grub/boot.img': No
such file or directory.
Signed-off-by: 李国 <uxgood.org@gmail.com>
The iso image need cdrom and iso9660 drivers to boot, otherwise it will
hang when mounting the root file system
Signed-off-by: 李国 <uxgood.org@gmail.com>
Add EFI platform bootable images for x86 platforms. These images can
also boot from legacy BIOS platform.
EFI System Partition need to be fat12/fat16/fat32 (not need to load
filesystem drivers), so the first partition of EFI images are not ext4
filesystem any more.
GPT partition table has an alternate partition table, we did not
generate it. This may cause problems when use these images as qemu disk
(kernel can not find rootfs), we pad enough sectors will be ok.
Signed-off-by: 李国 <uxgood.org@gmail.com>
[part_magic_* refactoring, removed genisoimage checks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The previous rework of x86 image creation done in commit cb007a7bf6
("x86: switch image generation to new code") removed images of separate
squashfs and ext4 filesystems which are handy for example in testing
under QEMU.
So this patch adds back creation of those missing rootfs images for ext4
and squashfs based filesystems.
Fixes: cb007a7bf6 ("x86: switch image generation to new code")
Signed-off-by: Paul Spooren <mail@aparcar.org>
[commit subject and description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
The previous rework of x86 image creation done in commit cb007a7bf6
("x86: switch image generation to new code") broke the padding in
images.
sda: p2 size 212992 extends beyond EOD, enabling native capacity
sda: p2 size 212992 extends beyond EOD, truncated
sd 0:0:0:0: [sda] Attached SCSI disk
SQUASHFS error: squashfs_read_data failed to read block 0x2cc556
unable to read id index table
VFS: Cannot open root device "PARTUUID=ac5c9cd8-02" or unknown-block(8,2): error -5
Please append a correct "root=" boot option; here are the available partitions:
0800 19761 sda
driver: sd
0801 16384 sda1 ac5c9cd8-01
0802 2865 sda2 ac5c9cd8-02
Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(8,2)
Tested with x86/64 with Docker (squashfs), qemustart (ext4/squashfs) and
virtualbox (ext4/squashfs).
Ref: FS#2935
Fixes: cb007a7bf6 ("x86: switch image generation to new code")
Suggested-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Paul Spooren <mail@aparcar.org>
[commit subject and description tweaks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
In the geode subtarget all default x86 features were overwritten via :=
instead of extending them via +=.
This patch fixes the inheritance and thereby the compilation of
x86/geode target.
Compile tested x86/geode.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The x86 image generation was refacted via cb007a7bf6 and accidently not
included `geode.mk` when selected as subtarget.
Now the file is included and image compilation for x86/geode works
again.
Thanks to Russell Senior <russell@personaltelco.net> for reporting the
problem and suggesting a patch!
Signed-off-by: Paul Spooren <mail@aparcar.org>
This patch follows the other patches that added the watchdog
core to various (armvirt, malta, ath79, ...) targets that
have been hit by the following build error:
Package kmod-hwmon-sch5627 is missing dependencies for the following libraries:
watchdog.ko
In theory, we could have just added the CONFIG_WATCHDOG_CORE=y
to the Kconfig variable of kmod-hwmon-sch5627's package definition.
This would have forced the watchdog core to be builtin and less
architectures would need to be updated. But we might as well follow
through here.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
The previous image generation code would always gzipped images.
This patch changes the behaviour and only compresses images when
selected in menuconfig.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Rely on device profiles instead for packages selection.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebase, adjusted commit title]
Signed-off-by: Paul Spooren <mail@aparcar.org>
This commit introduces few related changes which need to be done in
single commit to keep images buildable between git revisions. In result
it retains all previous image creation possibilities with slight name
change of generated images. Brief summary of the commit:
* Split up image generation recipe to smaller chunks to make it more
generic and reusable.
* Make iso images x86 specific and drop their definition as root
filesystem.
* Convert image creation process to generic code specified in image.mk.
* Make geode subtarget inherit features from the main target instead of
redefining them.
* For subtargets create device definitions with basic packages set.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebased]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Let the grub2 package take care of creating installable grub2 images,
this will allow creating grub2 images without first calling x86 image
generation recipe. Also as side effect, since those images are now
shared, it'll reduce the number of calling grub-mkimage.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebase, adjusted commit title]
Signed-off-by: Paul Spooren <mail@aparcar.org>
This new symbol popped up in few places. Disable it in generic config.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[fixed merge conflict in generic/config-5.4]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
There is no such role as target maintainer anymore, one should always
send corresponding changes for the review and anyone from the commiters
is allowed to merge them or eventually use the hand break and NACK them.
Lets make it clear, that it is solely a community doing the maintenance
tasks.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Piotr Dymacz <pepe2k@gmail.com>
Seems to be working fine on apu2 and QEMU, it's 99.9% upstream stuff
anyway. Lets start wider userbase testing.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This target was switched to kernel 4.19 more than 6 months ago in commit
f342ffd300 ("treewide: kernel: bump some targets to 4.19") and now
with kernel 5.4 support being added it gets harder to support kernel
4.14 in addition to kernel 4.19 and 5.4.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This commit fills the void for current OpenWrt installations which will
be still on old bootloader version even after "x86: add bootloader
upgrade on sysupgrade", since it performs bootloader upgrade only on
sysupgrade. To keep all OpenWrt deploynents on the same GRUB version,
add preinit hook, which will perform upgrade of the bootloader on first
boot after sysupgrade.
It's temporary solution and should be deleted, when the first release
including this hook will no longer be supported by OpenWrt team.
We can assume that all installations should be on current bootolader
version and from there sysupgrade routine will be sufficient.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Currently bootloader always stays on the same version as when first
written to boot medium (not true if partition layout changed, which will
trigger sysupgrade process to write full disk image). That creates
inconveniences as it always stays with same features or/and bugs. Users
wishing to add support to additional modules or new version, would need
to write the whole image, potentially destroying previous system
configuration. To fix these, this commit adds additional routine to
sysupgrade which upgrades unconditionally the bootloader to the latest
state provided by OpenWrt.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
There can be some leftovers from other image recipes, if the same
directory names are used and multiply image types are selected.
Therefore remove directories used in the recipe, before contents for the
image are prepared.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
The configuration was refreshed and KERNEL_TESTING_PATCHVER was set to
make it easy to compile for kernel 5.4.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>