Commit Graph

53531 Commits

Author SHA1 Message Date
Aleksander Jan Bajkowski
c46621b3f3 lantiq: xrx200: fix use after free bug
The skb->len field is read after the packet is sent to the network
stack. In the meantime, skb can be freed. This patch fixes this bug.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-03-08 18:33:42 +01:00
INAGAKI Hiroshi
98113220fa uboot-envtools: add support for I-O DATA BSH-G24MB
This patch adds the device-specific configuration to u-boot-envtools for
I-O DATA BSH-G24MB switch.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-07 21:44:53 +01:00
INAGAKI Hiroshi
7b19770525 realtek: add support for I-O DATA BSH-G24MB
I-O DATA BSH-G24MB is a 24 port gigabit switch, based on RTL8382M.

Specification:

- SoC		: Realtek RTL8382M
- RAM		: DDR2 128 MiB (Nanya NT5TU128M8HE-AC)
- Flash		: SPI-NOR 16 MiB (Macronix MX25L12835FM2I-10G)
- Ethernet	: 10/100/1000 Mbps x24
  - port 1-8	: RTL8218B
  - port 9-16	: RTL8218B (SoC)
  - port 17-24	: RTL8218B
- LEDs/Keys	: 2x, 1x
- UART		: pin header on PCB
  - JP2: 3.3V, TX, RX, GND from rear side
  - 115200n8
- Power		: 100 VAC, 50/60 Hz
  - Plug	: IEC 60320-C13

Flash instruction using sysupgrade image:

1. Boot BSH-G24MB normally
2. Connect BSH-G24MB to the DHCP enabled network
3. Find the device's IP address and open the WebUI and login
   Note: by default, the device obtains IP address from DHCP server of
         the network
4. Open firmware update page ("ファームウェア アップデート")
5. Rename the OpenWrt sysupgrade image to "bsh-g24mb_v100.image" and
   select it
6. Press apply ("適用") button to perform update
7. Wait ~150 seconds to complete flashing

Note:

- BSH-G24MB has a power-related LED ("電源"), but it's not connected to
  the GPIO of the SoC or RTL8231 and cannot be controlled. Instead of
  it, use system status LED on other than running-state.

- "sys_loop" LED indicates system status and loop-detection status in
  stock firmware.

- BSH-G24MB has 2x os-image partitions named as "RUNTIME"/"RUNTIME2" in
  16 MiB SPI-NOR flash and the size of image per partition is only
  6848 KiB. The secondary image is never used on stock firmware, so also
  use it on OpenWrt to get more space.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-07 21:44:53 +01:00
Josef Schlehofer
d71928c1e3 nftables: update to version 1.0.2
Changelog:
https://lwn.net/ml/netdev/YhO5Pn+6+dgAgSd9@salvia/

Patches:

removed:
- 001-parser-allow-quoted-string-in-flowtable_expr_member:
it is now part of upstream release [1]

added:
- 001-examples-compile-with-make-check.patch:
backported from [2], it fixes:

nft-json-file.c:3:10: fatal error: nftables/libnftables.h: No such file or directory
    3 | #include <nftables/libnftables.h>
      |          ^~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.

[1] https://git.netfilter.org/nftables/commit/?h=v1.0.2&id=07af4429241c9832a613cb8620331ac54257d9df
[2] https://git.netfilter.org/nftables/commit/?id=18a08fb7f0443f8bde83393bd6f69e23a04246b3

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-07 21:44:53 +01:00
Hauke Mehrtens
baea8255e0 linux-firmware: Update to version 20220209
This switches the iwlwifi-firmware-ax200 file to API version 66, this is
the most recent version supported by our driver.

The following files used in OpenWrt changed:
 amdgpu-firmware/lib/firmware/amdgpu/yellow_carp_dmcub.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_010a.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_010b.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_0303.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_gf.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_gf_010a.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_gf_010b.bin
 ar3k-firmware/lib/firmware/qca/nvm_usb_00130201_gf_0303.bin
 ar3k-firmware/lib/firmware/qca/rampatch_usb_00130200.bin
 ar3k-firmware/lib/firmware/qca/rampatch_usb_00130201.bin
 iwlwifi-firmware-ax200/lib/firmware/iwlwifi-cc-a0-66.ucode
 iwlwifi-firmware-ax210/lib/firmware/iwlwifi-ty-a0-gf-a0-66.ucode
 iwlwifi-firmware-ax210/lib/firmware/iwlwifi-ty-a0-gf-a0.pnvm
 iwlwifi-firmware-iwl9000/lib/firmware/iwlwifi-9000-pu-b0-jf-b0-46.ucode
 iwlwifi-firmware-iwl9260/lib/firmware/iwlwifi-9260-th-b0-jf-b0-46.ucode
 rtl8822ce-firmware/lib/firmware/rtw88/rtw8822c_fw.bin

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-03-07 18:07:29 +01:00
Rafał Miłecki
c45b5abf6f bcm4908: fix init on CFE devices
exit in preinit script was stopping whole process

Fixes: 93259e8ca2 ("bcm4908: support "rootfs_data" on U-Boot devices")
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-07 11:14:29 +01:00
Felix Fietkau
1b46333895 bpf-headers: ship a modified version of stdarg.h from musl to fix ebpf build on glibc
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-07 10:38:41 +01:00
Felix Fietkau
b3b0a25ee8 toolchain/binutils: remove old versions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-07 10:38:41 +01:00
Felix Fietkau
759149977e qosify: update to the latest version
3276aed81c73 move run_cmd() to main.c
558eabc13c64 map: move dns host based lookup code to a separate function
6ff06d66c36c dns: add code for snooping dns packets
a78bd43c4a54 ubus: remove dnsmasq subscriber
9773ffa70f1f map: process dns patterns in the order in which they were defined
f13b67c9a786 dns: allow limiting dns entry matching to cname name

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-06 23:01:24 +01:00
Bjørn Mork
0890fb2df4 realtek: net: dsa: configure better brport flags when ports leave the bridge
Ensures that the DSA driver sets exactly the same default flags as the
bridge when a port joins or leaves.  Without this we end up with a
confusing flag mismatch, where DSA and bridge ports use different sets
of flags.

This is critical as the "learning" mismatch will be harmful to the
network, causing all traffic to be flooded on all ports.

The original commit was buggy, trying to set the flags one-by-one in a
loop.  This was not supported by the API and the end result was that
all but the last flag were cleared.  This bug was implicitly fixed
upstream by commit e18f4c18ab5b ("net: switchdev: pass flags and mask
to both {PRE_,}BRIDGE_FLAGS attributes").

This is a minimum temporary stop measure fix for the critical lack of
"learning" only.  The major API change associated with a full v5.12+
backport is neither required nor wanted. A simpler fix, moving the
call to dsa_port_bridge_flags() out of the loop,  has therefore been
merged into this modified backport.

Fixes: afa3ab54c0 ("realtek: Backport bridge configuration for DSA")
Signed-off-by: Bjørn Mork <bjorn@mork.no>
Acked-by: Daniel Golle <daniel@makrotopia.org>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
[fix typos in commit message]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-03-06 22:01:04 +02:00
INAGAKI Hiroshi
f7f9e6bd20 ramips: use parser_trx for Buffalo WCR-1166DS
Buffalo WCR-1166DS uses trx-fomatted firmware and the custom magic
number (0x5C436F74, "\Cot") is required for OpenWrt installation from
OEM WebUI.
But the current mtdsplit_trx doesn't support the custom magic number and
fail to parse and split to kernel and rootfs when the factory image is
flashed. Then, the kernel fails to mount rootfs automatically and panics.

Before the commit fddc78bc11, mtdsplit_trx
was patched in ramips target and the device-specific magic number was
supported only for WCR-1166DS[1].
But the patch was not inherited to the later version of the kernel and
deleted by the above commit, then, the custom magic number support was
broken.

[1]: 05d6e92594/target/linux/ramips/patches-4.4/0400-mtd-mtdsplit-add-support-for-custom-trx-magic-for-Buffalo-WCR-1166DS.patch (L27)

log (factory image):

[    1.165312] spi-mt7621 10000b00.spi: sys_freq: 193333333
[    1.195782] spi-nor spi0.0: w25q128 (16384 Kbytes)
[    1.205353] 7 fixed-partitions partitions found on MTD device spi0.0
[    1.217938] Creating 7 MTD partitions on "spi0.0":
[    1.227436] 0x000000000000-0x000000030000 : "u-boot"
[    1.238427] 0x000000030000-0x000000040000 : "u-boot-env"
[    1.250123] 0x000000040000-0x000000050000 : "factory"
[    1.261306] 0x000000050000-0x000000810000 : "firmware"
[    1.282051] 0x000000810000-0x000000fd0000 : "firmware2"
[    1.293594] 0x000000fd0000-0x000000fe0000 : "glbcfg"
[    1.304719] 0x000000fe0000-0x000000ff0000 : "board_data"
...
[    1.452424] /dev/root: Can't open blockdev
[    1.460619] VFS: Cannot open root device "(null)" or unknown-block(0,0): error -6
[    1.475434] Please append a correct "root=" boot option; here are the available partitions:
[    1.491986] 1f00             192 mtdblock0
[    1.491989]  (driver?)
[    1.504938] 1f01              64 mtdblock1
[    1.504941]  (driver?)
[    1.517885] 1f02              64 mtdblock2
[    1.517888]  (driver?)
[    1.530831] 1f03            7936 mtdblock3
[    1.530834]  (driver?)
[    1.543777] 1f04            7936 mtdblock4
[    1.543781]  (driver?)
[    1.556724] 1f05              64 mtdblock5
[    1.556727]  (driver?)
[    1.569672] 1f06              64 mtdblock6
[    1.569675]  (driver?)
[    1.582617] Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
[    1.598976] Rebooting in 1 seconds..

This patch fixes this issue by using parser_trx with specifying custom
magic number in dts instead of mtdsplit_trx.

log (fixed factory image):

[    1.202044] spi-mt7621 10000b00.spi: sys_freq: 193333333
[    1.225369] spi-nor spi0.0: w25q128 (16384 Kbytes)
[    1.235015] 7 fixed-partitions partitions found on MTD device spi0.0
[    1.247603] Creating 7 MTD partitions on "spi0.0":
[    1.257106] 0x000000000000-0x000000030000 : "u-boot"
[    1.269447] 0x000000030000-0x000000040000 : "u-boot-env"
[    1.281192] 0x000000040000-0x000000050000 : "factory"
[    1.294208] 0x000000050000-0x000000810000 : "firmware"
[    1.305774] 2 trx partitions found on MTD device firmware
[    1.316540] Creating 2 MTD partitions on "firmware":
[    1.326399] 0x00000000001c-0x000000214754 : "linux"
[    1.336063] mtd: partition "linux" doesn't start on an erase/write block boundary -- force read-only
[    1.357070] 0x000000214754-0x0000007c0000 : "rootfs"
[    1.366994] mtd: partition "rootfs" doesn't start on an erase/write block boundary -- force read-only
[    1.386368] mtd: device 5 (rootfs) set to be root filesystem
[    1.398700] 1 squashfs-split partitions found on MTD device rootfs
[    1.411027] 0x000000520000-0x0000007c0000 : "rootfs_data"
[    1.422841] 0x000000810000-0x000000fd0000 : "firmware2"
[    1.436282] 0x000000fd0000-0x000000fe0000 : "glbcfg"
[    1.447408] 0x000000fe0000-0x000000ff0000 : "board_data"
...
[    1.611216] VFS: Mounted root (squashfs filesystem) readonly on device 31:5.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-06 20:40:35 +01:00
INAGAKI Hiroshi
5403defbec ramips: switch parser of trx for mt76x8 subtarget
This patch enable parser_trx and disable mtdsplit_trx for mt76x8
subtarget.
The trx format is used only on Buffalo WCR-1166DS in mt76x8 subtarget
and the parser need to be switched to parser_trx to use the custom magic
number in the header for WCR-1166DS.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-06 20:40:35 +01:00
INAGAKI Hiroshi
d339de2e21 kernel: backport patch to allow using parser_trx from ramips
This patch adds a patch to allow using parser_trx from ramips target,
mainly for Buffalo devices.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-06 20:40:35 +01:00
INAGAKI Hiroshi
cc49abc06b kernel: move parser_trx patches of custom magic to generic
This patch moves the patches of parser_trx in mediatek target to
generic/backport-5.10 to use the changes from ramips target and
backport the additional patch of the parser.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-06 20:40:07 +01:00
INAGAKI Hiroshi
770cfe9bff ramips: update MAC address configuration for Buffalo WCR-1166DS
This patch converts MAC address configuration of Buffalo WCR-1166DS in
02_network to use the generic function of OpenWrt. And also, add
label_mac.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-06 20:05:45 +01:00
INAGAKI Hiroshi
621d88d741 ramips: increase spi frequency for Buffalo WCR-1166DS
Use higher frequency than current and up the speed to access to the
flash on WCR-1166DS.

Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com>
2022-03-06 20:05:45 +01:00
Joe Mullally
6c743c3006 ramips: Add support for TP-Link TL-WPA8631P v3
AV1300 Gigabit Passthrough Powerline ac Wi-Fi Extender

Specifications
--------------
* SoC: MediaTek MT7621AT
* CPU: 880 MHz MIPS 1004KEc dual-core CPU
* RAM: 64 MiB DDR2 (Zentel A3R12E40DBF-8E)
* Flash: 8 MiB SPI NOR (GigaDevice GD25Q64CSIG)
* Ethernet: SoC built-in Switch 5x 1GbE
  * Port 0: PLC (connected through AR8035-A)
  * Port 1-3: LAN
* WLAN: 2x2 2.4GHz 300 Mbps + 2x2 5GHz 867 Mbps (MT7603EN + MT7613BEN)
* PLC: HomePlug AV2 (Qualcomm QCA7500)
* PLC Flash: 2MiB SPI NOR (GigaDevice GD25Q16CSIG)
* Buttons: Reset, LED, Pair, Wi-Fi
* LEDs: Power (green), PLC (green/amber), LAN (green), 2.4G (green),
  5G (green)
* UART: J1 (57600 baud)
  * Pinout: (3V3) (GND) (RX) (TX)
  * Visually identify GND from connection to PCB ground plane

Installation
------------
Installation is possible from the OEM web interface. Make sure to install
the latest OEM firmware first, so that the PLC firmware is at the latest
version. However, please first check the OpenWRT Wiki page for
confirmation that your OEM firmware version is supported.

Signed-off-by: Joe Mullally <jwmullally@gmail.com>
2022-03-06 18:57:33 +01:00
Hauke Mehrtens
921392e216 iproute2: Remove libxtables from some tc variants
This adds the new tc-bpf variant and removes libxtables dependency from
the tc-tiny variant. The tc-full variant stays like before and contains
everything.

This allows to use tc without libxtables.

The variants have the following sizes:
root@OpenWrt:/# ls -al /usr/libexec/tc-*
-rwxr-xr-x    1 root     root        282453 Mar  1 21:55 /usr/libexec/tc-bpf
-rwxr-xr-x    1 root     root        282533 Mar  1 21:55 /usr/libexec/tc-full
-rwxr-xr-x    1 root     root        266037 Mar  1 21:55 /usr/libexec/tc-tiny

They are linking the following shared libraries:
root@OpenWrt:/# ldd /usr/libexec/tc-tiny
        /lib/ld-musl-mips-sf.so.1 (0x77d6e000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d4a000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77d6e000)
root@OpenWrt:/# ldd /usr/libexec/tc-bpf
        /lib/ld-musl-mips-sf.so.1 (0x77da6000)
        libbpf.so.0 => /usr/lib/libbpf.so.0 (0x77d60000)
        libelf.so.1 => /usr/lib/libelf.so.1 (0x77d3e000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d1a000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77da6000)
        libz.so.1 => /usr/lib/libz.so.1 (0x77cf6000)
root@OpenWrt:/# ldd /usr/libexec/tc-full
        /lib/ld-musl-mips-sf.so.1 (0x77de8000)
        libbpf.so.0 => /usr/lib/libbpf.so.0 (0x77da2000)
        libelf.so.1 => /usr/lib/libelf.so.1 (0x77d80000)
        libxtables.so.12 => /usr/lib/libxtables.so.12 (0x77d66000)
        libgcc_s.so.1 => /lib/libgcc_s.so.1 (0x77d42000)
        libc.so => /lib/ld-musl-mips-sf.so.1 (0x77de8000)
        libz.so.1 => /usr/lib/libz.so.1 (0x77d1e000)

This is based on a patch from Tiago Gaspar.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-03-05 21:06:35 +01:00
Langhua Ye
d15f9b9043 uboot-envtools: mt7622: add support for Ruijie RG-EW3200GX PRO
Add U-Boot environment settings for Ruijie RG-EW3200GX PRO to allow
users to access the bootloader environment using fw_printenv/fw_setenv
while running OpenWrt.

Signed-off-by: Langhua Ye <y1248289414@outlook.com>
2022-03-05 21:06:35 +01:00
Langhua Ye
ce8a33b021 mediatek: add support for Ruijie RG-EW3200GX PRO
X32 Pro is another product  name for it in the Chinese market.

Specifications:
- SoC: MT7622B
- RAM: 256MB
- Flash: XMC XM25QH128C or Winbond WQ25Q128JVSQ 16MB SPI NOR
- Ethernet: 5x1GbE
- Switch: MT7531BE
- WiFi: 2.4G: MT7622 5G: MT7915AN+MT7975AN
- 3LEDs: System LED(blue) + Mesh LED(green) + Mesh LED(red)
- 2Keys: Mesh button + Reset button
- UART: Marked J19 on board. 3.3v, 115200n1
- Power: 12V 2.5A

MAC addresses as verified by OEM firmware:
use   address    source
WAN   *:F4       ethaddr@product_info
LAN   *:F5
5g    *:F6
2g    *:F7

Flash instruction:
1. Serve the initramfs.img using a TFTP server with address 10.10.10.3.
2. Interrupt the uboot startup process via UART.
3. Select "System Load Linux to SDRAM via TFTP" item.
4. (important) Back up firmware(mtd7) partitions with:
        dd if=/dev/mtd7 of=/tmp/firmware.bin
   and then download the firmware.bin image via SCP.
5. Flash the OpenWrt sysupgrade firmware.

Recovery stock firmware:
1. Transfer the firmware.bin image to the device.
2. Flash the image with:
        mtd write firmware.bin firmware

Signed-off-by: Langhua Ye <y1248289414@outlook.com>
2022-03-05 21:06:35 +01:00
Langhua Ye
df1383f796 kernel: add support for XMC XM25QH128C
The XMC XM25QH128C is a 16MB SPI NOR chip. The patch is verified on Ruijie RG-EW3200GX PRO.
Datasheet available at https://www.xmcwh.com/uploads/435/XM25QH128C.pdf

Signed-off-by: Langhua Ye <y1248289414@outlook.com>
2022-03-05 21:06:35 +01:00
Ansuel Smith
4393d8c090 libnetfilter-conntrack: backport patch fixing compilation with 5.15
Backport patch fixing compilation with 5.15 and musl provided by Robert Marko

Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2022-03-05 21:05:45 +01:00
Rui Salvaterra
05ed7dc50d kernel: bump 5.10 to 5.10.103
Patches automatically rebased.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-03-05 21:05:45 +01:00
Oskari Rauta
ef4bf8b403 util-linux: add lsns
lsns lists system namespaces

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2022-03-05 21:05:45 +01:00
Josef Schlehofer
0f432fa3a9 uboot-mvebu: backport patch to fix nvme detail crash
Steps to reproduce:
1. Insert NVMe disk with a reduction to Turris Omnia
2. Go to U-boot
3. Run these two commands:
a) ``nvme scan``
b) ``nvme detail``
4. Wait for crash

This is backported from U-boot upstream repository.
It should be included in the upcoming release - 2022.04 [1].

It was tested on Turris Omnia, mvebu, cortex-a9, OpenWrt master.

[1] https://patchwork.ozlabs.org/project/uboot/patch/20211209100639.21530-1-pali@kernel.org/

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[Export the patch from U-Boot git]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-03-05 21:05:24 +01:00
Georgi Valkov
1324403eb6 mkhash: fix build errors on FreeBSD 13.0
be64enc, be16dec, and be32dec are declared on FreeBSD 13.0, in
/usr/include/sys/endian.h so we should not declare them.

Fixes the following error during feeds update:
staging_dir/host/bin/mkhash: No such file or directory

gcc scripts/mkhash.c
scripts/mkhash.c:111:1: error: redefinition of 'be64enc'
  111 | be64enc(void *buf, uint64_t u)

Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
2022-03-05 18:01:04 +01:00
Felix Fietkau
545cabee9e tools/fakeroot: restore macos bugfix that was dropped during the last update
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-03-05 16:58:58 +01:00
Stijn Tintel
c2d7896a65 qosify: bump to git HEAD
interface: disable autorate-ingress by default

Also change the example config to reflect this.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2022-03-04 20:37:05 +02:00
Stijn Tintel
1848b25cdd qosify: add PKG_RELEASE
Without PKG_RELEASE, it's impossible to trigger package updates when
changing files included in the package that are not in the qosify git
repository.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Felix Fietkau <nbd@nbd.name>
2022-03-04 20:25:05 +02:00
Rafał Miłecki
93259e8ca2 bcm4908: support "rootfs_data" on U-Boot devices
1. Create "rootfs_data" dynamicaly

U-Boot firmware images can contain only 2 UBI volumes: bootfs (container
with U-Boot + kernel + DTBs) and rootfs (e.g. squashfs). There is no way
to include "rootfs_data" UBI volume or make firmware file tell U-Boot to
create one.

For that reason "rootfs_data" needs to be created dynamically. Use
preinit script to handle that. Fire it right before "mount_root" one.

2. Relate "rootfs_data" to flashed firmware

As already explained flashing new firmware with U-Boot will do nothing
to the "rootfs_data". It could result in new firmware reusing old
"rootfs_data" overlay UBI volume and its file. Users expect a clean
state after flashing firmware (even if flashing the same one).

Solve that by reading flash counter of running firmware and storing it
in "rootfs_data" UBI volume. Every mismatch will result in wiping old
data.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2022-03-04 16:14:59 +01:00
Rui Salvaterra
247eaa4416 procd: remove support for mounting /tmp in zram
The /tmp directory is mounted as tmpfs. The tmpfs filesystem is backed by
anonymous memory, which means it can be swapped out at any time, if there is
memory pressure [1]. For this reason, a zram swap device is a much better
choice than mounting /tmp on zram, since it's able to compress all anonymous
memory, and not just the memory assigned to /tmp. We already have the zram-swap
package for this specific purpose, which means procd's tmp-on-zram is both
redundant and more limited.

A follow-up patch will remove support for mounting /tmp in zram from procd
itself.

[1] https://www.kernel.org/doc/Documentation/filesystems/tmpfs.txt

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-03-03 20:22:25 +00:00
Rui Salvaterra
8235723c78 kernel: 5.10: remove CONFIG_DEVTMPFS{,_MOUNT} from kconfigs
They are required for container support, but are handled in Config-kernel.in.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-03-01 22:57:40 +00:00
Rui Salvaterra
72d2c54ccb kernel: 5.10: allocate last level PTEs in high memory
Enable support for allocating user space page table entries in high memory [1],
for the targets which support this feature. This saves precious low memory
(permanently mapped, the only type of memory directly accessible by the kernel).

[1] https://www.kernel.org/doc/html/latest/vm/highmem.html

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-03-01 22:57:34 +00:00
John Audia
0989b7ad3a kernel: bump 5.10 to 5.10.102
Removed upstreamed:
	bcm4908/patches-5.10/180-i2c-brcmstb-fix-support-for-DSL-and-CM-variants.patch[1]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.102&id=f333c1916fd6b55900029bf8f918cc00009e2111

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2022-03-01 21:38:36 +01:00
John Audia
a2d4b5711a kernel: bump 5.10 to 5.10.101
Removed upstreamed:
  pending-5.10/841-USB-serial-option-add-ZTE-MF286D-modem.patch[1]
  bcm27xx/950-0592-drm-vc4-Allow-DBLCLK-modes-even-if-horz-timing-is-od.patch[2]

All other patches automatically rebased.

1. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.101&id=7113440a36c741efd7c76e3d70b3634100120cdb
2. https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.10.101&id=21c890ca8eaecea06cabb92be2a53a6f26f56383

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200

Signed-off-by: John Audia <graysky@archlinux.us>
2022-03-01 21:38:36 +01:00
Catalin Toda
02e42f0650 kernel: kmod-tcp-scalable: add scalable tcp congestion algorithm
Signed-off-by: Catalin Toda <catalinii@gmail.com>
2022-03-01 21:25:47 +01:00
Florian Eckert
ba6a48366f ipset: update to 7.15
Update to the latest upstream version. In this version there is a new
tool with which you can convert ipsets into nftables sets. Since we are
now using nftables as default firewall, this could be a useful tool for
porting ipsets to nftables sets.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
2022-03-01 21:17:30 +01:00
Josef Schlehofer
495c4f4e19 tools/libressl: update to version 3.4.2
Release notes:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.4.2-relnotes.txt

```
It includes the following security fix

  * In some situations the X.509 verifier would discard an error on an
    unverified certificate chain, resulting in an authentication bypass.
    Thanks to Ilya Shipitsin and Timo Steinlein for reporting.
```

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-03-01 00:08:08 +01:00
Huangbin Zhan
4a19cf3bc7 tools/mkimage: update to 2022.01
- enable dot config
- enable openwrt verbose
- add bison as dependency to avoid failure
```
  bison -oscripts/kconfig/zconf.tab.c -t -l scripts/kconfig/zconf.y
bison: /builder/shared-workdir/build/staging_dir/host/share/bison/m4sugar/m4sugar.m4: cannot open: No such file or directory
```

Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
40f91f6a2f tools/fakeroot: update to 1.27
Remove macOS stuff. Upstream has fixed it in the same way.

Add SOL_TCP define. Taken from elsewhere in the code.

Refreshed patches.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
4e13229dd1 tools/expat: update to 2.4.6
Switched to CMake for faster compilation and greater parallel
friendliness.

Added CMake options from the packages feed.

This release fixes various CVEs.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
c8fdca4f6f tools/findutils: update to 4.9.0
Add compilation fix for Ubuntu 20.04. Provided by upstream maintainer:

https://github.com/openwrt/packages/issues/17912#issuecomment-1046726426

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
94dd68ff73 tools/zstd: update to 1.5.2
Switched to building with meson as it's faster and does not need a
dependency on cmake, which takes a long time to build.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
2d5f03205a tools/ccache: add cmake dependency
This will be needed for the next commit as ccache's cmake dependency is
satisfied by zstd currenly.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
03f55708cb tools/cmake: update to 3.22.2
Mostly random Python 3.10 fixes.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
63e530a519 tools/mtools: update to 4.0.37
No changelog is available.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Rosen Penev
c8b7065f61 tools/mklibs: update to 0.1.45
Refresh 2to3 patch. Upstream partially did this against some older
python version. This is still needed.

Refreshed other patches to be python3 safe.

Remove uClibc patches as only musl is present now.

Refresh others.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-03-01 00:08:08 +01:00
Paul Spooren
038d5bdab1 layerscape: use semantic versions for LSDK
PKG_VERSION should not contain the package name but the version only.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-03-01 00:01:18 +01:00
Josef Schlehofer
d6aa9d9e07 u-boot.mk: add LOCALVERSION (explicitly specify OpenWrt build)
For debugging purposes, we need to know if users are using modified
U-boot versions or not. Currently, the U-boot version is somehow
stripped. This is a little bit problematic when there are
backported/wip/to-upstream patches.

To make it more confusing, there was (before this commit) two U-boot
versioning. U-boot compiled by OpenWrt build bots are missing ``Build:``
This is also the case when the U-boot is compiled locally.

Example:
```
U-Boot SPL 2022.01 (Jan 27 2022 - 00:24:34 +0000)
U-Boot 2022.01 (Jan 27 2022 - 00:24:34 +0000)
```

On the other hand, if you run full build, you can at least see, where it
was compiled. Notice added ``Build:``.

Example:
```
U-Boot 2022.01 (Jan 27 2022 - 00:24:34 +0000), Build: jenkins-turris-os-packages-burstlab-omnia-216
```

In both cases, it is not clear to U-boot developers if it is an unmodified
build. This is also caused that there is a missing ``.git`` file from
U-boot folder, and so there is no history. It leads to that it can not
contain suffix ``-dirty`` (uncommitted modifications) or even something
else like number of commits, etc. [1]

When U-boot is compiled as it should be, the version should look like
this: ``U-Boot 2022.04-rc1-01173-g278195ea1f (Feb 11 2022 - 14:46:50 +0100)``
The date is not changed daily when there are new OpenWrt builds.

This commit adds OpenWrt specific version, which could be verified by
using strings.

```
$ strings bin/targets/mvebu/cortexa9/u-boot-omnia/u-boot-spl.kwb | grep -E "OpenWrt*"
U-Boot SPL 2022.01-OpenWrt-r18942+54-cbfce92367 (Feb 21 2022 - 13:17:34 +0000)
arm-openwrt-linux-muslgnueabi-gcc (OpenWrt GCC 11.2.0 r18942+54-cbfce92367) 11.2.0
2022.01-OpenWrt-r18942+54-cbfce92367
U-Boot 2022.01-OpenWrt-r18942+54-cbfce92367 (Feb 21 2022 - 13:17:34 +0000)
```

[1] https://u-boot.readthedocs.io/en/latest/develop/version.html

Reported-by: Pali Rohár <pali@kernel.org>
Suggested-by: Karel Kočí <karel.koci@nic.cz>
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
2022-02-28 23:54:52 +01:00
Paul Spooren
a9478490d8 image-commands.mk: Use ERROR_MESSAGE for imagesize fails
If a image is bigger than the device can handle, an error message is
printed. This is usually silenced and silently ignored, making it harder
to debug. While it's possible to run the build in verbose mode (via
`make V=s`) and grep for *is too big*, it's more intuitive to print the
error message directly. For that use the newly unlocked `$(call
ERROR_MESSAGE,...)` definition which now also print in non-verbose mode.

Fixes: FS#50 (aka #7604)

Signed-off-by: Paul Spooren <mail@aparcar.org>
2022-02-28 23:52:13 +01:00