Currently, the build option to enable/disable engine support isn't
reflected in the final '/etc/ssl/openssl.cnf' config. It assumes `engines`
is always enabled, producing an error whenever running any
commands in openssl util or programs that explicitly use settings
from '/etc/ssl/openssl.cnf'.
```
➤ openssl version
FATAL: Startup failure (dev note: apps_startup()) for openssl
307D1EA97F000000:error:12800067:lib(37):dlfcn_load:reason(103):crypto/dso/dso_dlfcn.c:118:filename(libengines.so):
Error loading shared library libengines.so: No such file or directory
307D1EA97F000000:error:12800067:lib(37):DSO_load:reason(103):crypto/dso/dso_lib.c:152:
307D1EA97F000000:error:0700006E:lib(14):module_load_dso:reason(110):crypto/conf/conf_mod.c:321:module=engines, path=engines
307D1EA97F000000:error:07000071:lib(14):module_run:reason(113):crypto/conf/conf_mod.c:266:module=engines
```
Build should check for the `CONFIG_OPENSSL_ENGINE` option, and comment out `engines`
if not explicitly enabled.
Example:
```
[openssl_init]
providers = provider_sect
```
After this change, openssl util works correctly.
```
➤ openssl version
OpenSSL 3.0.14 4 Jun 2024 (Library: OpenSSL 3.0.14 4 Jun 2024)
```
Signed-off-by: Sean Khan <datapronix@protonmail.com>
Link: https://github.com/openwrt/openwrt/pull/15661
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add a set of upstream patches for the imx8m{m,n,p} based Venice
boards.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Link: https://github.com/openwrt/openwrt/pull/15736
Signed-off-by: Robert Marko <robimarko@gmail.com>
The GW74xx's first RJ45 is eth0 which should be the WAN adapter, not
eth1 which is the CPU uplink port to the switch.
Signed-off-by: Tim Harvey <tharvey@gateworks.com>
Link: https://github.com/openwrt/openwrt/pull/15736
Signed-off-by: Robert Marko <robimarko@gmail.com>
qoriq has had kernel 6.1 as testing for 2 months now, so lets default to
it and drop 5.15 support.
Link: https://github.com/openwrt/openwrt/pull/15767
Signed-off-by: Robert Marko <robimarko@gmail.com>
224d497dd94f srec2bin: drop unused "dum" variable
6777b2d51961 uimage_sgehdr: use "char" type for header struct strings
81db3025aac5 uimage_sgehdr: drop unused "ltmp" variable
bd7fcc74b43e pc1crypt: make decrypt/encrypt functions take void * as argument
6ac44974185a linksys: add magic header generation tool for e8350 v1
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
224d497dd94f srec2bin: drop unused "dum" variable
6777b2d51961 uimage_sgehdr: use "char" type for header struct strings
81db3025aac5 uimage_sgehdr: drop unused "ltmp" variable
bd7fcc74b43e pc1crypt: make decrypt/encrypt functions take void * as argument
6ac44974185a linksys: add magic header generation tool for e8350 v1
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Currently, information from MikroTik hard_config is only available via
sysfs, meaning that we have to rely on userspace to for example setup MACs.
So, lets provide a basic NVMEM layout based driver to expose the same cells
as sysfs driver exposes.
Do note that the we dont extract the WLAN caldata and BDF-s at this point.
Reviewed-by: Thibaut VARÈNE <hacks@slashdirt.org>
Link: https://github.com/openwrt/openwrt/pull/15665
Signed-off-by: Robert Marko <robimarko@gmail.com>
Move the hard config tag ID-s to a separate header so they can be reused
by the NVMEM driver as well.
Link: https://github.com/openwrt/openwrt/pull/15665
Signed-off-by: Robert Marko <robimarko@gmail.com>
This driver has already been packed as a software package. There is
no need to build it into the kernel.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
This patch was causing buildbot issues when copying arm64 DT files since
bcm283x-rpi-csi1-2lane.dtsi and bcm283x-rpi-lan7515.dtsi were linked to
"../../../../arm/boot/dts/" instead of "../../../../arm/boot/dts/broadcom".
These files aren't needed, so let's remove them instead of fixing them.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Link: https://github.com/openwrt/openwrt/pull/15762
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This reverts commit 25bbefcdd9.
Only the Config-build.in change needed to be merged and this contains
leftover from previous revision of the feature.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Currently, of_get_ethdev_address() return is checked for any return error
code which means that trying to get the MAC from NVMEM cells that is backed
by MTD will fail if it was not probed before ag71xx.
So, lets check the return error code for EPROBE_DEFER and defer the ag71xx
probe in that case until the underlying NVMEM device is live.
Link: https://github.com/openwrt/openwrt/pull/15752
Signed-off-by: Robert Marko <robimarko@gmail.com>
Since the introduction of out-of-band tagging, writing the outbound tag
had been completely broken: First, in place of a port mask containing
the port number, just the port number itself was set in the register
value. Just after that, the full port mask 0x3e (all 5 external ports)
was set unconditionally.
This remained unnoticed because the switch would then use the FDB to
decide where to send unicast packets; broadcast and multicast packets
were however sent to every port.
Fix the port tag computation and only use the full port mask as a
fallback for non-DSA mode, as it was done in the older driver patches
used on Linux 5.15.
Fixes: cd9c721124 ("ipq40xx: 6.1: use latest DSA and ethernet patches")
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Robert Marko <robimarko@gmail.com>
In my previous attempt to solve the PCI problems for the lantiq targets,
I did not pay attention to the fact that the original accesses to the
GPIO took place in RAW mode. As a result, the polarity defined in the
device trees (apart from the initial value) was irrelevant.
In addition, the expected name of the GPIO in the dts has changed due to
the upstream change and therefore no RESET is currently performed.
As discussed in [1] on the linux-mips mailing list, we will now adapt
the dts files accordingly instead of patching the driver:
- dts property will be renamed to "reset-gpios"
- Polarity is set to "GPIO_ACTIVE_LOW".
I have verified this with a TP-Link TD-W8980. The PCI device is now
recognized by the system.
[1] https://patchwork.kernel.org/project/linux-mips/patch/20240607090400.1816612-1-ms@dev.tdt.de/
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
Tested-by: Aleksander Jan Bajkowski <olek2@wp.pl> # Tested on AVM 7330 (ar9)
Link: https://github.com/openwrt/openwrt/pull/15731
Signed-off-by: Robert Marko <robimarko@gmail.com>
Backport upstream patch for tim->virtual_map flex array warning for
invalid write.
This has been notice with the bump of ath10k-ct to version 6.7.
Link: https://github.com/openwrt/openwrt/pull/15760
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
At some point RPi LEDs were renamed from led0/led1 to PWR/ACT.
This patch fixes this and also automatically detects the status_led without
relying on board_name.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Handling default packages selection is really problematic and error
prone. In all the changes, the SECCOMP config is enabled by default if
supported by the target.
This is problematic for the scenario of the first .config creation where
this option will be enabled by default but the package default are
already being parsed.
This cause the reparsing of the default package on the next command and
the "outdated config" error. To better handle this special case, add
additiona logic to match the dependency in the config and check if
CONFIG_SECCOMP should be enabled by default in the scenario where a
.config needs to be init and doesn't exist.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Fix broken link generation for KERNEL projects.
Using $1 in projectsmirrors sub was still referencing the caller $1
instead of the remaining args of projectsmirrors sub.
Use shift and put the second arg of projectsmirrors sub in $append to
correctly handle the sub args.
Fixes: 465cf35888 ("scripts/download.pl: detach mirror URLs from script file")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Old "interface" sections for bridges were mixing layer 2 and layer 3.
That syntax got deprecated and UCI section "device" is used for bridge
configuration now.
Backward compatibility may be dropped from netifd soon now so migrate
old configs using uci-defaults script.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Currently, trying to upgrade on a MikroTik NAND device will force you to
use sysupgrade -n due to:
upgrade: The device is supported, but the config is incompatible to the new image (1.0->1.1). Please upgrade without keeping config (sysupgrade -n).
upgrade: NAND images switched to yafut. If running older image, reinstall from initramfs.
So instead of having users manually set the new compat version lets do
what other targets do and set it for all NAND devices after good boot.
Link: https://github.com/openwrt/openwrt/pull/15754
Signed-off-by: Robert Marko <robimarko@gmail.com>
As a side-effect to adding a gnulib module for posix_fallocate(),
there are changes to the input file for fcntl.h which
are not handled here since autoreconf is not ran.
Skip updating the fcntl.h header from gnulib
and use the version shipped with the release.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
In order for linking the static libraries from elfutils to work,
other libraries need to be included to handle the references
to functions made in the library's objects that are not included
as they would already be if the library was a shared object instead.
A shared object library stores this list of libraries when it was made,
so that the dynamic linker can refer to that list at runtime,
but a static library has no such functionality so the list of libraries
for missing functions must be included at link time.
This information was already added to the pc file for libelf
using the definitions in src/Makefile.am,
so extend this to the rest of the pc files in the project.
For situations where the libraries may be used
without pkg-config setting the flags and library list,
this patch and the pc files can serve as a quick reference.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
Clang has support for weak aliases
despite no support for strong aliases,
but it only works with the #pragma directive.
Implementing weak aliases instead of none
is likely a more upstream-friendly solution
for supporting building on other platforms.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
The addition of LT_INIT as well as the adjustment of
the BUILD_STATIC and addition of the BUILD_SHARED conditionals
and their usage to block building of shared objects
and adjust the variables for building static libraries
is potentially upstream-friendly.
The use of a manifest file to keep a list
of the objects in each library instead of calling ar
is also potentially upstream-friendly.
Separate these changes from the macOS-specific hacks.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add a potentially upstream-friendly conditional
using the libtool configure variable "enable_shared"
in order to block building and installing of shared objects
and adjust the build of static libraries
instead of directly patching lines in or out.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
The use of ar to list the archive members in a library
in order to include them in another library is not portable.
On BSD and macOS, ar will also list
the special archive member "__.SYMDEF"
which is not a compiled object, rather it is
part of the metadata prepended to the library by ranlib.
Fix this by writing the list of unique objects used
to create the library into a separate "manifest" file
when the library is created, which will be read later
when the Makefiles of other subdirectories are ran.
Extend this to all other libraries whether or not they are linked
to another library for a shared object that is installed
so that it is possible for any of the libraries
to be statically built with more objects.
The use of the wildcard function to ignore the
special archive members which are only metadata
is no longer needed to prevent build errors.
Not using the wildcard function is preferred,
since errors should be caught during the build
instead of when linking something else or at runtime.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
Importing gnulib in order to have a local portable library
to link against for missing functions currently requires
using libtool to produce the libgnu.la library.
Ideally, linking would be simple if the rest of the libraries
built by elfutils were also built using libtool, as linking
them together would not require any manipulations of library paths.
However, upstream elfutils does not support building the libraries
statically with libtool, so using libtool comes at the cost
of creating a huge patch to introduce that functionality.
For building on macOS, it turns out that libgnu.la is only needed
for building the binaries, and that just one or two objects from libgnu
are needed to build the libraries, so in this case, it would be simple
to add the specific non-libtool-wrapped library and objects
to the link paths as needed, rather than use libtool to link
the libtool wrappers, which greatly reduces the need to patch.
Not using libtool also makes the original Makefile definitions for LIBADD
once again be the right ones to use. However, to be portable,
for libdw the wildcard function needs to be used in order to exclude
special archive members like "__.SYMDEF" which are not compiled objects
because some BSD-like versions of ar include that metadata in the list,
or because the library included may have objects from another subdirectory.
Also, the rest of the subdirectories have custom "LDLIBS" variables
meant for building shared objects only, so define the LIBADD variables
with objects from those existing definitions so that when building only
the static versions of the libraries, those objects can still be included.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
The version of posix_fallocate() patched into elfutils
for macOS using code from Mozilla is now patched into gnulib.
Import the fallocate-posix module and always link
the corresponding object to libraries whenever it is built.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add a module to gnulib to support posix_fallocate()
for macOS and other systems that are missing it.
Apple-specific code is sourced from Mozilla,
and the rest from glibc, both licensed under LGPL.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
Several changes to the elfutils source files
made during the process of figuring out how to
successfully build elfutils on macOS
turn out to not be necessary to do so,
and were most likely leftover bits during testing.
Remove the line changes that are not needed
and add some line changes to adapt to sources as is:
- Remove now unnecessary bump to autoconf version prereq
- AC_CONFIG_MACRO_DIRS is not necessary to define
as ACLOCAL_AMFLAGS is already defined in Makefiles
- let libtool "enable_static" variable also decide the value
of the local conditional BUILD_STATIC
- override configure variables instead of removing
checks for libraries or additions to LDFLAGS
- only exclude "hidden" attribute for macOS instead of deleting
- preserve original list of sources to build for libelf
- use openwrt Makefile to add gnulib headers
- use openwrt Makefile to add LIBADD variables
- remove deletion of variables and rules for shared objects
- prefer recursively expanded variables over muliple renames
each time that a word is added to its value
- remove changes to subdirectories that are not built
and remove changes to target files of those subdirectories
- prefer basic text rename over variables in cases where
there would be no line number difference
- give LT_INIT forced default values that match upstream
- move gl_EARLY and gl_INIT down relative to compiler checks
- reorganize some line changes to save some lines
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>
The gnulib-tool script is written to have a fatal error
whenever the minimum required version of autoconf
for the project that gnulib is being imported into
as defined in configure.ac was less than
the minimum required version required by gnulib.
However, none of this matters if the version of autoconf
that we use is newer than both requirements.
Instead, use functions from the bootstrap script
to check for the version of autoconf being used
and print a warning whenever this case occurs.
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Link: https://github.com/openwrt/openwrt/pull/15690
Signed-off-by: Robert Marko <robimarko@gmail.com>