xt_MASQUERADE.ko is picked up by both kmod-ipt-nat and kmod-ipt-nat6, causing
conflict
As kmod-ipt-nat6 already depends on kmod-ipt-nat, remove xt_MASQUERADE from it
Fixes: FS#2924
Fixes: 0fad8af851 ("kernel: Include xt_MASQUERADE for kernel 5.2 and later")
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
This reverts commit 3204430e38.
Reverting this commit in preparation for reverting
dcf3e63a35 ("build: scripts/config - update to kconfig-v5.6") which
introduces various unaddressed build breakages.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This addes the option to treat recursive dependencies as warnings
instead of errors, by running make with WARN_RECURSIVE_DEP=1.
Note that the script/config targets will not get rebuilt when you add or
remove WARN_RECURSIVE_DEP while running make. One must run
'make config-clean' before building config with a different setting.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Instead of passing pkg-config location through a variable when building
qconf (make xconfig), prepend its parent directory to the PATH, as it is
being done for other conf targets.
Use a Makefile pattern rule to group all 'scripts/config/%onf'
(currently conf, mconf, qconf) targets in a single rule. Add -O2 to
CFLAGS when building them as well.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The symvers files of older kernel versions are incompatible with the ones
from 5.4, so changing the kernel version without running make clean was
causing build failures in kernel module packages.
Fix this by moving the directory, ensuring that symvers files get thrown
away with a kernel version change
Signed-off-by: Felix Fietkau <nbd@nbd.name>
JSON info files contain machine readable information of built profiles
and resulting images. These files were added in commit 881ed09ee6
("build: create JSON files containing image info").
They are useful for firmware wizards and script checking for
reproducibility.
Currently all JSON files are stored next to the built images, resulting
in up to 168 individual files for the ath79/generic target.
This patch refactors the JSON creation to store individual per image
(not per profile) files in $(BUILD_DIR)/json_info_files and create an
single overview file called `profiles.json` in the target directory.
Storing per image files and not per profile solves the problem of
parallel file writes. If a profiles sysupgrade and factory image are
finished at the same time both processes would write to the same JSON
file, resulting in randomly broken outputs.
Some target like x86/64 do not use the image code yet, resulting in
missing JSON files. If no JSON info files were created, no
`profiles.json` files is created as it would be empty anyway.
As before, this creation is enabled by default only if `BUILDBOT` is set.
Tested via buildroot & ImageBuilder on ath79/generic, imx6 and x86/64.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[json_info_files dir handling in Make, if case refactoring]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Add EFI platform bootable images for x86 platforms. These images can
also boot from legacy BIOS platform.
EFI System Partition need to be fat12/fat16/fat32 (not need to load
filesystem drivers), so the first partition of EFI images are not ext4
filesystem any more.
GPT partition table has an alternate partition table, we did not
generate it. This may cause problems when use these images as qemu disk
(kernel can not find rootfs), we pad enough sectors will be ok.
Signed-off-by: 李国 <uxgood.org@gmail.com>
[part_magic_* refactoring, removed genisoimage checks]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
There is a restriction in the number of parameters(10) that may be passed to
the SetupHostCommand macro so continually adding explicit gcc'n' version
checks ends up breaking the compiler check for the later versions and
oddballs like Darwin as was done in 835d1c68a0 which added gcc10.
Drop all the explicitly specified gcc version checks. If a suitable gcc
compiler is not found, it may be specified at the dependency checking
stage after which that version will be symlinked into the build staging
host directory.
eg. 'CC=gccfoo CXX=g++foo make prereq'
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Lets add GCC 10 detection to the build system as distributions like Fedora 32 have started shipping with it.
Some tools like mtd-utils need work to compile under GCC10, but that will be next step.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
In most cases check-size is used with IMAGE_SIZE and vice versa. Let check-size
use IMAGE_SIZE by default.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
This commit introduces few related changes which need to be done in
single commit to keep images buildable between git revisions. In result
it retains all previous image creation possibilities with slight name
change of generated images. Brief summary of the commit:
* Split up image generation recipe to smaller chunks to make it more
generic and reusable.
* Make iso images x86 specific and drop their definition as root
filesystem.
* Convert image creation process to generic code specified in image.mk.
* Make geode subtarget inherit features from the main target instead of
redefining them.
* For subtargets create device definitions with basic packages set.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
[rebased]
Signed-off-by: Paul Spooren <mail@aparcar.org>
IMAGE_SIZE is widely used in many targets. Declare it in the default template to
clean up redundant code. This also prevents deriving IMAGE_SIZE unintentionally
from the previously defined device.
While at it, remove duplicate KERNEL_SIZE declaration.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
getopt is the only command where /usr/local/bin is specified explicitly.
All other commands are assumed to exist in the PATH in one form or
another. Remove this exception and require gnugetopt/getopt to be in
the user's PATH.
In the case of macos Homebrew, getopt is 'keg only' hence not linked
into /usr/local/bin whilst other commands are linked and likely found by
virtue of /usr/local/bin being in PATH.
Since 2019 Homebrew is very reluctant to install links that have
potential to override default OS behaviour, eg: following instructions
on our current 'how to build on macos' wiki page:
$ brew ln gnu-getopt --force
Warning: Refusing to link macOS-provided software: gnu-getopt
If you need to have gnu-getopt first in your PATH run:
echo 'export PATH="/usr/local/opt/gnu-getopt/bin:$PATH"' >> ~/.zshrc
A better option for macos is to link getopt as 'gnugetopt' in
/usr/local/bin, thus the build system will find 'gnugetopt' but other
applications looking for just 'getopt' will find the original macos
binary.
Ultimately it makes sense that 'GNU' dependencies are placed in
/usr/local/bin and /usr/local/bin is included in the user's PATH.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Build/InstallDev no longer places a file list in
$(STAGING_DIR_HOST)/packages; this change removes the creation of
$(STAGING_DIR_HOST)/packages and the attempted removal of a
STAGING_DIR_HOST file list during package clean.
This also changes the host directory passed to Build/UninstallDev from
$(STAGING_DIR_HOST) to $(STAGING_DIR)/host, to match the directory
passed to Build/InstallDev.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Build system needs an 'xargs' that supports '-r' which darwin doesn't.
Homebrew installs a 'gxargs' with the findutils package so look for
'gxargs' as well as 'xargs'
This is a bit of a 'fun' corner case anyway. xargs is only required by
the build if 'CONFIG_AUTOREMOVE' is set and after the build system has
built 'tools/findutils' we have a fully working xargs for host anyway.
Until that time we have to rely on the host's xargs implementation.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
The following patches were removed because they are integrated in the upstream kernel 5.4:
* backport-5.4/047-v4.21-mtd-keep-original-flags-for-every-struct-mtd_info.patch
* backport-5.4/048-v4.21-mtd-improve-calculating-partition-boundaries-when-ch.patch
* backport-5.4/080-v5.1-0001-bcma-keep-a-direct-pointer-to-the-struct-device.patch
* backport-5.4/080-v5.1-0002-bcma-use-dev_-printing-functions.patch
* backport-5.4/095-Allow-class-e-address-assignment-via-ifconfig-ioctl.patch
* backport-5.4/101-arm-cns3xxx-use-actual-size-reads-for-PCIe.patch
* backport-5.4/200-v5.2-usb-dwc2-Set-lpm-mode-parameters-depend-on-HW-configuration.patch
* backport-5.4/210-arm64-sve-Disentangle-uapi-asm-ptrace.h-from-uapi-as.patch
* backport-5.4/380-v5.3-net-sched-Introduce-act_ctinfo-action.patch
* backport-5.4/450-v5.0-mtd-spinand-winbond-Add-support-for-W25N01GV.patch
* backport-5.4/451-v5.0-mtd-spinand-Add-initial-support-for-Toshiba-TC58CVG2.patch
* backport-5.4/452-v5.0-mtd-spinand-add-support-for-GigaDevice-GD5FxGQ4xA.patch
* backport-5.4/455-v5.1-mtd-spinand-Add-support-for-all-Toshiba-Memory-produ.patch
* backport-5.4/456-v5.1-mtd-spinand-Add-support-for-GigaDevice-GD5F1GQ4UExxG.patch
* backport-5.4/460-v5.0-mtd-spi-nor-Add-support-for-mx25u12835f.patch
* backport-5.4/460-v5.3-mtd-spinand-Define-macros-for-page-read-ops-with-thr.patch
* backport-5.4/461-v5.3-mtd-spinand-Add-support-for-two-byte-device-IDs.patch
* backport-5.4/462-v5.3-mtd-spinand-Add-support-for-GigaDevice-GD5F1GQ4UFxxG.patch
* backport-5.4/463-v5.3-mtd-spinand-Add-initial-support-for-Paragon-PN26G0xA.patch
* backport-5.4/700-v5.1-net-phylink-only-call-mac_config-during-resolve-when.patch
* backport-5.4/701-v5.2-net-phylink-ensure-inband-AN-works-correctly.patch
* backport-5.4/702-v4.20-net-ethernet-Add-helper-for-MACs-which-support-asym-.patch
* backport-5.4/703-v4.20-net-ethernet-Add-helper-for-set_pauseparam-for-Asym-.patch
* backport-5.4/704-v4.20-net-phy-Stop-with-excessive-soft-reset.patch
* backport-5.4/705-v5.1-net-phy-provide-full-set-of-accessor-functions-to-MM.patch
* backport-5.4/706-v5.1-net-phy-add-register-modifying-helpers-returning-1-o.patch
* backport-5.4/707-v5.1-net-phy-add-genphy_c45_check_and_restart_aneg.patch
* backport-5.4/708-v5.3-net-phylink-remove-netdev-from-phylink-mii-ioctl-emu.patch
* backport-5.4/709-v5.3-net-phylink-support-for-link-gpio-interrupt.patch
* backport-5.4/710-v5.3-net-phy-allow-Clause-45-access-via-mii-ioctl.patch
* backport-5.4/711-v5.3-net-sfp-add-mandatory-attach-detach-methods-for-sfp-.patch
* backport-5.4/712-v5.3-net-sfp-remove-sfp-bus-use-of-netdevs.patch
* backport-5.4/713-v5.2-net-phylink-avoid-reducing-support-mask.patch
* backport-5.4/714-v5.3-net-sfp-Stop-SFP-polling-and-interrupt-handling-duri.patch
* backport-5.4/715-v5.3-net-phylink-don-t-start-and-stop-SGMII-PHYs-in-SFP-m.patch
* backport-5.4/740-v5.5-net-phy-avoid-matching-all-ones-clause-45-PHY-IDs.patch
* backport-5.4/741-v5.5-net-phylink-fix-link-mode-modification-in-PHY-mode.patch
* pending-5.4/103-MIPS-perf-ath79-Fix-perfcount-IRQ-assignment.patch
* pending-5.4/131-spi-use-gpio_set_value_cansleep-for-setting-chipsele.patch
* pending-5.4/132-spi-spi-gpio-fix-crash-when-num-chipselects-is-0.patch
* pending-5.4/220-optimize_inlining.patch
* pending-5.4/341-MIPS-mm-remove-no-op-dma_map_ops-where-possible.patch
* pending-5.4/475-mtd-spi-nor-Add-Winbond-w25q128jv-support.patch
* pending-5.4/477-mtd-add-spi-nor-add-mx25u3235f.patch
* pending-5.4/479-mtd-spi-nor-add-eon-en25qh64.patch
Some bigger changes were done to this feature and we did not port this patch yet:
* hack-5.4/207-disable-modorder.patch
This depends on BOOTMEM which was removed from the kernel, this needs some bigger changes:
* hack-5.4/930-crashlog.patch
A different version of the FPU disable patch was merged upstream, OpenWrt needs some adaptations.
* pending-5.4/304-mips_disable_fpu.patch
- no crashlog support yet as a required file got deleted upstream
- Removed patch below, which is now seen as a recursive dependency [1]
- Removed patch below due to build error [2]
- fix still required to avoid identical function def [3]
- Fixes included from Blocktrron
- Fixes included from Chunkeey
- Fix included from nbd regarding "dst leak in Flow Offload"
[1] target/linux/generic/hack-5.4/260-crypto_test_dependencies.patch
[2] target/linux/generic/hack-5.4/207-disable-modorder.patch
[3] target/linux/generic/pending-5.4/613-netfilter_optional_tcp_window_check.patch
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Signed-off-by: David Bauer <mail@david-bauer.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Some targets like kirkwood or omap don't use a subtarget which results
in a malformed JSON info file.
Instead of having a valid value like `"target": "ath79/tiny"` for these
targets the value is `"target": "kirkwood/"`.
This patch uses the same if condition to use `generic` if the subtarget
is empty.
Tested for the kirkwood target.
Signed-off-by: Paul Spooren <mail@aparcar.org>
In Linux kernel commit 8377bd2b9ee1 ("kbuild: Rename HOST_LOADLIBES to
KBUILD_HOSTLDLIBS") HOST_LOADLIBES was renamed to KBUILD_HOSTLDLIBS.
This patch adapts the OpenWrt kernel build to this new variable. Without
this change the kernel host tools would not link against the libraries
found in the staging directory.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Most of the kernel version switches below 4.14 were removed in commit
97940f8766 ("kernel: remove obsolete kernel version switches"),
but some of them still remained. Remove them now.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
Certain boards have limitations on U-Boot that prevent flashing
of images where the kernel size exceeds a threshold, yet
sysupgrade can sucessfully manage larger kernels. The current
check-size will remove the target artifact if its total size
exceeds the threshold. If applied after append-kernel,
it will remove the kernel, but the remaining image-assembly
steps will continue, resulting in an image without a kernel
that is likely unbootable.
By defining check-kernel-size, it is now possible to prevent release
of such unbootable images through a construct similar to:
IMAGE/factory.img := append-kernel | pad-to $$$$(GL_UBOOT_UBI_OFFSET) | \
append-ubi | check-kernel-size $$$$(GL_UBOOT_UBI_OFFSET)
Cc: Chuanhong Guo <gch981213@gmail.com>
Signed-off-by: Jeff Kletsky <git-commits@allycomm.com>
Setting CONFIG_IPK_FILES_CHECKSUMS=y causes sha256 checksum files to be
included with the packages to check for corruption. This commit fixes two
issues:
- /sbin/pkg_check was being removed incorrectly if IPK_FILES_CHECKSUMS=y
- checksums were being saved in the wrong file
Signed-off-by: Xu Wang <xwang1498@gmx.com>
Package new kmods "nf_tables_set" and "nft_objref" which got introduced
with kernel 4.18 and restrict the old "nft_set_rbtree" and "nft_set_hash"
modules to sub-4.18 versions.
Also reorder the nftables related netfilter.mk entries alphabetically
while touching this code section.
Fixes: FS#2699
Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2699#comment7450
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This tristate choose allows to select to build only some applications
with PIE enabled. On MIPS binaries are getting about 30% bigger when PIE
is activated for the, which is a huge increase.
Network exposed applications like dnsmasq should then be build with PIE
enabled, but some applications which are normally not parsing data from
the network do not have it activated. The regular option should give a
good trade off between extra flash and RAM memory usage and security.
This changes the default from building no applications with PIE to build
some specifically marked applications with PIE enabled. This option is
only activated for targets with bigger flash and RAM to not consume
extra memory on the very small targets. On SDK builds the Regular option
should always be selected, because some tiny targets share the
applications with big targets and only the images for the tiny targets
should contain the none PIE applications, but the images for the normal
targets should use PIE. The shared packages should always use PIE when
it should be normally activated.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Petr Štetiar <ynezz@true.cz>
nft_hash hash falsely removed in commit 97940f8766
("kernel: remove obsolete kernel version switches").
Add the module back, as otherwise the build fails.
Fixes: 97940f8766 ("kernel: remove obsolete kernel version switches")
Signed-off-by: David Bauer <mail@david-bauer.net>