Commit Graph

17 Commits

Author SHA1 Message Date
Hauke Mehrtens
87ac3e801d gemini: Make kernel text and rodata read-only
This is activate for all other targets except gemini, also activate it
there.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
75eb8a146d kernel: Deactivate CONFIG_BINFMT_MISC
CONFIG_BINFMT_MISC allows it to add support for new executable formats
to the kernel from user space, the kernel will then detect for example a
java binary and call the java execution program automatically. I am not
aware that this feature is used in OpenWrt and this could be used to
exploit something. Deactivate it for all targets for now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Hauke Mehrtens
57ec21ef3d kernel: Activate CONFIG_SYN_COOKIES for all targets
Some targets deactivated CONFIG_SYN_COOKIES, for unknown reasons, use
the default setting from the generic configuration which activates
CONFIG_SYN_COOKIES.

This should prevent SYN flooding.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2019-05-11 17:15:41 +02:00
Linus Walleij
ac5f431ad1 gemini: Generate padded kernel+rootfs images for DIR-685
We currently generate a kernel that boots from the harddrive
in the DIR-685. That's not how we usually do things, so
let's augment it to boot from flash and mount the rootfs
using squashfs and JFFS2 like everyone else.

Partition splitting only work when the partitions are
inside of a "partitions" node which is why we have a patch
like this (submitted upstream).

Another patch drops the rootfs arguments and renames the
firmware partition while adding the compatible "wrg"
to it so the WRGG parser will kick in.

Factory image was tested by bravely reflashing the DIR-685
from stock firmware using the web UI and the serial console
boot loader.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2019-03-13 16:25:36 +01:00
Hauke Mehrtens
89f8a8be7f kernel: Deactivate CONFIG_COMPAT_BRK
CONFIG_COMPAT_BRK disables the heap randomization which is only needed
for very old and ancient user space applications, I am not aware that we
run any of these, just deactivate this option for these targets to allow
heap randomization.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-26 17:32:48 +01:00
Hauke Mehrtens
3c04d10483 gemini: Activate USB support again
This activates the CONFIG_USB_SUPPORT option in the in the gemini kernel
again which will provide the core USB support and makes it possible to
compile the rest of the USB parts into modules. Without this change USB
will not be available in the gemini target and some modules fail to
compile because the feature list indicates USB support.

Fixes: 10ec966f7b ("gemini: Break out USB to packages")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2018-12-16 14:59:59 +01:00
Linus Walleij
10ec966f7b gemini: Break out USB to packages
This creates a new kernel package for the fotg210 host
controller and uses that with the gemini to shrink the
kernel. The SQ201 needs the USB2 PCI package as well.

The build system required me to make kernel_oldconfig
beofore it would build without errors so some minor
unrelated Kconfig entries are changed.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2018-10-20 16:13:39 +02:00
Luis Araneda
8f60c3d571 kernel: remove DEVMEM and DEVKMEM from target's config
These options are handled by generic configuration

Targets that need these options should select KERNEL_DEVMEM
and/or KERNEL_DEVKMEM options on OpenWRT's config

Signed-off-by: Luis Araneda <luaraneda@gmail.com>
2018-07-07 18:19:39 +02:00
Sergey Ryazanov
67a3cdcbb0 kernel: enable THIN_ARCHIVES by default
THIN_ARCHIVES option is enabled by default in the kernel configuration
and no one target config disables it. So enable it by default and remove
this symbol from target specific configs to keep them light.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2018-05-22 07:55:20 +02:00
Sergey Ryazanov
bdc2b58c4b kernel: enable FUTEX_PI by default
New FUTEX_PI configuration symbol enabled if FUTEX and RT_MUTEX symbols
are enabled. Both of these symbols are enabled by default in the
generic config, so enable FUTEX_PI by default too to keep platform
specific configs minimal.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2018-05-22 07:55:12 +02:00
Sergey Ryazanov
a08b0d0c31 kernel: enable EXPORTFS by default
OVERLAY_FS config symbol selects EXPORTFS since 4.12 kernel, we have
OVERLAY_FS enabled by default, so enable EXPORTFS in the generic config
of 4.14 and remove this option from platform specific configs.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2018-05-22 07:55:05 +02:00
Sergey Ryazanov
978543a246 kernel: disable DRM_LIB_RANDOM by default
DRM_LIB_RANDOM config symbol selected only by DRM_DEBUG_MM_SELFTEST
which is disable by default, so disable DRM_LIB_RANDOM by default too.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2018-05-22 07:54:57 +02:00
Sergey Ryazanov
ead26e9db6 kernel: disable DMA_{NOOP|VIRT}_OPS by default
These options do not used by any supported arch, so disable them by
default to make arch configs a bit more clean.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2018-05-22 07:54:49 +02:00
Sergey Ryazanov
f928c338ad kernel: disable ARCH_WANTS_THP_SWAP by default
Only one arch (x86_64) enables this option. So disable
ARCH_WANTS_THP_SWAP by default and remove referencies to it from all
configs (except x86_64) to make them clean.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2018-05-22 07:54:42 +02:00
Roman Yeryomin
ce93b05bf1 gemini: fix hard disk boot on D-Link devices
Since the D-Link devices boot from hard disk we need to
add the following changes to Gemini:

- Supply a bootarg in the device tree so we can boot from
  the right partition (/dev/sda4 on DNS-313)
- Disable forced command line in config so the kernel picks
  up the right bootargs from the device tree
- Enable EXT4 in the config as this is used for rootfs else
  we get nowhere, we cannot load this as a module because,
  well, it is supposed to be loaded from the root partition
  (chicken and egg problem).
- Enable jbd2 and mbcache (needed by ext4)

Also clean out the premature attempts to dynamically
modify the command line in the Image makefile: we should
pass this with the device tree bootargs instead, it works
much better.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Roman Yeryomin <roman@advem.lv>
2018-05-05 06:57:00 +02:00
Roman Yeryomin
af069fbd24 gemini: cleanup kernel config
Disable video and input drivers - they are needed only for one
board and can be enabled via modules if/when UI will be available.
Use LED drivers from packages.
Cleanup other things unnecessarily overriding defaults.

Signed-off-by: Roman Yeryomin <roman@advem.lv>
2018-05-05 06:57:00 +02:00
Roman Yeryomin
4f74957584 gemini: add 4.14 support
This adds the patches to get fairly complete Gemini support
using kernel v4.14. It is mainly a backport of patches from
kernel v4.16 with omissions of things like graphics that require
substantial changes and will be better handled once we move
to the v4.16 kernel proper.
On top of this are some WIP patches for USB support.

Tested on Raidsonic NAS4220B and D-link DNS-313.

ChangeLog v4->v5:
- Fix ethernet single gmac usecase
- Fix USB reset (patch from Hans)
- Fix Raidsonic ethernet skew delay
- Fix kernel config (bridge, squashfs, jffs2, usb)
- Disable second usb port on Raidsonic board until fotg210_hcd is fixed

ChangeLog v3->v4:
- Make sure to use tabs rather than spaces in base-files.
- Use the dns313 image tool from the firmware-utils.
- Break out the addition of the v4.14 patches and the removal
  of the v4.4 patches to separate (big) patches.

ChangeLog v2->v3:
- Update the kernel config as indicated by Hauke Martens:
- Regenerate again after rebasing using kernel_oldconfig
  dropping a few optimization settings that are now generic
- Drop CFG80211 stuff (module)
- Drop CIFS stuff (module)
- Drop MAC80211 (module)
- Drop wireless drivers (module)
- Enabled OverlayFS
- Added proper DNS-313 boot image generation with the special
  file header tool.
- Disable CMA in the kernel
- Enable LZMA compression of the kernel
- Consequently name the nas4220b images nas4220b
- Update preinit MAC detection script to handle also DNS-313
- Add board.d/03_hdparm to set the disk to spin down after
  1 minute by default, if we have the hdparm tool installed

ChangeLog v1->v2:
- Processed config through kernel_oldconfig
- Processed patches through make target/linux/{clean,refresh} V=99

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
Signed-off-by: Roman Yeryomin <roman@advem.lv>
2018-05-05 06:57:00 +02:00