This includes several improvements and fixes:
61db17e rules: fix device and chain usage for DSCP/MARK targets
7b844f4 zone: avoid duplicates in devices list
c2c72c6 firewall3: remove last remaining sprintf()
12f6f14 iptables: fix serializing multiple weekdays
00f27ab firewall3: fix duplicate defaults section detection
e8f2d8f ipsets: allow blank/commented lines with loadfile
8c2f9fa fw3: zones: limit zone names to 11 bytes
78d52a2 options: fix parsing of boolean attributes
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
The original GL.iNet firmware has two different mac addresses in the
factory/art partition. The first one is for the WAN interface only and the
second one is for both lan0 and lan1.
But the original submission for OpenWrt didn't initialize the mac
addresses of the LAN ports for the DSA device at all. The ethernet mac
address was then used for all DSA ports.
Fixes: 050c24f05c ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
There are only two lan ports and one wan port on Youku yk1
Fixes: e9baf8265b ("ramips: add support for Youku YK1")
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
On NEC Aterm WG1200CR, the MAC address for WAN is printed in the label
on the case, not LAN.
This patch fixes this issue.
Fixes: 50fdc0374b ("ath79: provide label MAC address")
Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
The original patch to support this device advertised support for the reset
button and the "switch" in the commit message. But neither were actually
integrated in the device tree or documented anywere.
The button itself is now used to trigger a reset (as described in the
official GL.iNet documentation). The switch itself is registered as BTN_0
like other devices from GL.iNet in ath79.
Fixes: 050c24f05c ("mvebu: add support for GL.iNet GL-MV1000")
Signed-off-by: Sven Eckelmann <sven@narfation.org>
The CONFIG_USERIO option is unset in multiple target configurations. On
the sunxi target it is activated. Move the kernel configuration option
to the generic kernel configuration.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Instead of deactivating this in every target config, deactivate it once
in the generic kernel config. I was asked for this config option in a
x86 64 build in OpenWrt 21.02.
Fixes: 87046e87e2 ("kernel: add missing kernel config symbol")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Bump to 5.10.26 reversed dependencies on IOMMU for CONFIG_VFIO thus
malta (at least) prompted for this new symbol.
Set it to 'false' in the default config. rockchip & X86 enable it in
target specific configs.
Thanks to Tony Ambardar for falling over this one
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
This adds detection of the Sophos SG-105 and Sophos XG-105 models
and assignment of ethernet ports these models have to LAN/WAN.
Signed-off-by: Stan Grishin <stangri@melmac.net>
This version fixes 2 security vulnerabilities, among other changes:
- CVE-2021-3450: problem with verifying a certificate chain when using
the X509_V_FLAG_X509_STRICT flag.
- CVE-2021-3449: OpenSSL TLS server may crash if sent a maliciously
crafted renegotiation ClientHello message from a client.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
In commit 8c8496435a ("build: add GNU install to prerequisites") new
dependency was added, but addition to README was omitted.
Fixes: 8c8496435a ("build: add GNU install to prerequisites")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Building with MIPS16 was disabled in 2013 due to an issue with GCC TLS:
https://dev.archive.openwrt.org/ticket/13572. But after the problematic
GCC version was retired, this change wasn't revisited.
Re-enable MIPS16 builds to reduce average elfutils library sizes ~10%.
This was compile-tested on malta/mips32be and malta/mips32le, and linked
with iproute2 for run-testing. Package sizes follow:
Library MIPS16:=0 MIPS16:=1
------- --------- ---------
libelf1 43217 37492
libasm1 12481 11658
libdw1 229723 205793
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
This became a bit of a tragedy, caused by a corner cases which wasn't
put into account during testing. DEFAULT_PACKAGES are defined in
target/linux/<target>/Makefile but also in
target/linux/<target>/<subtarget>/target.mk.
The latter was no longer imported when using DUMP=1, however not using
DUMP=1 while running the Makefile in target/linux/<target>/ caused duplicate
packages in the list.
As a solution, which should have been used from day 0, `make` runs in
target/linux/ without DUMP=1, resulting in no duplicate packages and all
inclusions from include/target.mk, linux/target/<target>/{Makefile,
<subtarget>/target.mk}
While at it, sort the list of default packages.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The commit "1bf2b3fe90 build,json: fixup missing arch_packages" fixes
the missing package architecture locally but runs $(TOPDIR)/Makefile
rather than a target specific one. While this works on local builds just
fine, it causes the buildbots to add garbage to the `arch_packages`
variable:
cd \"/builder/shared-workdir/build\"; git log --format=%h -1
toolchain > /builder/shared-workdir/build/tmp/.ver_check\ncmp -s
/builder/shared-workdir/build/tmp/.ver_check
/builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl/stamp/.ver_check
|| { \\\n\trm -rf
/builder/shared-workdir/build/build_dir/target-x86_64_musl
/builder/shared-workdir/build/staging_dir/target-x86_64_musl
/builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl
/builder/shared-workdir/build/build_dir/toolchain-x86_64_gcc-8.4.0_musl;
\\\n\tmkdir -p
/builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl/stamp;
\\\n\tmv /builder/shared-workdir/build/tmp/.ver_check
/builder/shared-workdir/build/staging_dir/toolchain-x86_64_gcc-8.4.0_musl/stamp/.ver_check;
\\\n}\nx86_64
Only the last line contains the desired string.
Future investigation should check why the build system prints this to
stdout rather than stderr.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The recent removal of usbutils from core and replacement by hwdata in
packages has exposed hwdata's requirement for certain GNU options on
'install' (-T) Other packages (sqm-scripts) have openwrt specific
makefile sections to avoid GNU options but I suspect this is going to
get harder in the future.
Add GNU install as a prerequisite and link into
$STAGING_DIR/host/etc/bin as per similar GNU utils
This resolves an issue building under MacOS which would otherwise use a
non-GNU options aware version of 'install'
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Fixes issue openwrt/packages#14921, whereby inline ASM wasn't getting
built as PIC; look at gmp-6.2.1/mpn/x86/pentium/popcount.asm for
example:
ifdef(`PIC',`
...
for a routine that exists in both PIC and non-PIC versions.
Make sure that wherever $(FPIC) gets passed as a variable expansion
that it gets quoted where necessary (such as setting environment
variables in shell commands).
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Fix 7f4c2b1 "build,json: fix duplicates in default_packages" which
removed duplicate default packages but also removed the package
architecture from the profiles.json.
If DUMP=1 is set, the `ARCH_PACKAGES` is no longer exported and
therefore empty. Fix this by running make twice, once with DUMP=1 and
once without.
Signed-off-by: Paul Spooren <mail@aparcar.org>
In case CONFIG_TARGET_MULTI_PROFILE is set, IMG_PREFIX cannot be
expanded. Use DEVICE_IMG_PREFIX instead and make sure it's defined.
Fixes: 8f89b1ab0f ("image: add 'append-image' build command")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
It's helpful for accessing booting data (DTS, kernel, etc.). It has to
be used carefully as CFE's JFFS2 support is quite dumb. It doesn't
recognize deleted files and has problems handling 0 inode.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Populate the recovery and production partitions of the generated sdcard
image for the Bananapi BPi-R64.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Commit 7ce1d9ce09 ("build: artifacts add dependency for built images")
now makes sure that sysupgrade and initramfs images are available at
the stage that artifacts are created.
Allow making use of that with a new build command 'append-image' to
be used in artifacts.
See the next commit for an example.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add possibility to use images and initramfs in artifacts.
Signed-off-by: Oskari Lemmela <oskari@lemmela.net>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
After backporting upstream ehci overcurrent patches we need to use spurious-oc
instead of ignore-oc.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
This patch really annoys me, either it needs to go upstream or be
dropped, so it's going to be dropped here.
Checking drivers/platform/x86/pcengines-apuv2.c it also appears to be
incomplete since it mentions different dmi board names depending on bios
version.
/* APU2 w/ legacy BIOS < 4.0.8 */ is 'APU2'
/* APU2 w/ legacy BIOS >= 4.0.8 */ is 'apu2'
/* APU2 w/ mainline BIOS */ is 'PC Engines apu2'
So the patch, if applicable at all, only 'works' for legacy BIOS >=
4.0.8
My APU2 on mainline BIOS reboots fine without this patch. So let's see
if anyone screams and when they do question why legacy bios. If patch
DOES need to be re-introduced then it needs to go upstream first.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Straightforward refresh of patches using update_kernel.
Removed (reverse-applicable):
bmips/patches-5.10/010-v5.11-net-dsa-implement-a-central-TX-reallocation-procedur.patch
Run tested: x86_64 (apu2)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Straightforward refresh of patches using update_kernel.
Run tested: x86_64 (apu2)
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
These PCI drivers are a bit hacky and definitely not suitable for upstreaming,
but hopefully we can use them as a base for developing proper upstream PCI
drivers.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
Otherwise, the last defined value will be set for all devices.
Fixes: c6c8d597e1 ("realtek: Add generic zyxel_gs1900 image definition")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Youku YK-L1 has a huge storage space up to 32 MB. It is better to
use a higher spi clock to read or write serial nor flash chips.
Youku YK-L1 has Winbond w25q256fvfg on board that can support
104 MHz spi clock so 48 MHz is safe enough.
The real frequency can only be sysclk(580MHz ) /3 /(2^n) so 80 MHz
defined in dts file will set only 48 MHz in spi bus.
Signed-off-by: Shiji Yang <yangshiji66@qq.com>
Add the same patch to 5.10 too. The patch is in process of being
upstreamed.
Fixes: 8cc0fa8fac ("ath79: cfi: cmdset_0002: amd chip
0x2201 - write words")
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[add Fixes:]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This device is a wireless router working on 2.4GHz band based on
Qualcom/Atheros AR9132 rev 2 SoC and is accompanied by Atheros AR9103
wireless chip and Realtek RTL8366RB/S switches. Due to two different
switches being used also two different devices are provided.
Specification:
- 400 MHz CPU
- 64 MB of RAM
- 32 MB of FLASH (NOR)
- 3x3:2 2.4 GHz 802.11bgn
- 5x 10/100/1000 Mbps Ethernet
- 4x LED, 3x button, On/Off slider, Auto/On/Off slider
- 1x USB 2.0
- bare UART header place on PCB
Flash instruction:
- NOTE: Pay attention to the switch variant and choose the image to
flash accordingly. (dmesg / kernel logs can tell it)
- Methods for flashing
- Apply factory image in OEM firmware web-gui.
- Sysupgrade on top of existing OpenWRT image
- U-Boot TFPT recovery for both stock or OpenWRT images:
The device U-boot contains a TFTP server that by default has
an address 192.168.11.1 (MAC 02:AA:BB:CC:DD:1A). During the boot
there is a time window, during which the device allows an image to
be uploaded from a client with address 192.168.11.2. The image will
be written on flash automatically.
1) Have a computer with static IP address 192.168.11.2 and the
router device switched off.
2) Connect the LAN port next to the WAN port in the device and the
computer using a network switch.
3) Assign IP 192.168.11.1 the MAC address 02:AA:BB:CC:DD:1A
arp -s 192.168.11.1 02:AA:BB:CC:DD:1A
4) Initiate an upload using TFTP image variant
curl -T <imagename> tftp://192.168.11.1
5) Switch on the device. The image will be uploaded subsequently.
You can keep an eye on the diag light on the device, it should
keep on blinking for a while indicating the writing of the image.
General notes:
- In the stock firmware the MAC address is the same among all
interfaces so it is left here that way too.
Recovery:
- TFTP method
- U-boot serial console
Differences to ar71xx platform
- This device is split in two different targets now due to hardware
being a bit different under the hood. Dynamic solution within the same
image is left for later time.
- GPIOs for a sliding On/Off switch, marked 'Movie engine' on the device
cover, were the wrong way around and were renamed qos_on -> movie_off,
qos_off -> movie_on. Associated key codes remained the same they were.
The device tree source code is mostly based on musashino's work
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
Generally, in upstream CFI flash memory driver uses buffers for write
operations. That does not work with AMD chip with id 0x2201 and we must
resort to writing word sized chunks only. That is, to not apply general
buffer write functionality for this given chip.
Without the patch kernel logs will be flooded with entries like below:
MTD do_erase_oneblock(): ERASE 0x01fa0000
MTD do_write_buffer(): WRITE 0x01fa0000(0x00001985)
MTD do_erase_oneblock(): ERASE 0x01f80000
MTD do_write_buffer(): WRITE 0x01f80000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f8000a.
jffs2: Write clean marker to block at 0x01a60000 failed: -5
MTD do_erase_oneblock(): ERASE 0x01f60000
MTD do_write_buffer(): WRITE 0x01f60000(0x00001985)
MTD do_write_buffer_wait(): software timeout, address:0x01f6000a.
jffs2: Write clean marker to block at 0x01a40000 failed: -5
References: http://patchwork.ozlabs.org/project/linux-mtd/patch/20210309174859.362060-1-sandberg@mailfence.com/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to usptream fix submission]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
NXP 74HC153 is a GPIO expander. Its original source cide sits in ar71xx
architecture tree. It has been slightly modified to get GPIO pin
configuration from the device tree rather than a MACH file.
Changes to the source file:
- Remove struct nxp_74hc153_config
- in nxp_74hc153_probe(), fetch GPIO configuration from device tree
- allow GPIO framework decide the base number by passing -1 to it
- remove support for kernel versions below 4.5.0
- add OF device compatibility string
Create a package for inclusion in image.
References: https://lore.kernel.org/linux-gpio/545111184.50061.1615922388276@ichabod.co-bxl/
Signed-off-by: Mauri Sandberg <sandberg@mailfence.com>
[added link to driver usptreaming work in progress]
Signed-off-by: Petr Štetiar <ynezz@true.cz>