These targets are currently using more or less same SIGNATURE variable
which provides unique partition ID/signature, so it makes sense to
refactor it out into common IMG_PART_SIGNATURE variable which could be
reused by all targets.
This is another step in the direction of reproducible OpenWrt images.
Signed-off-by: Paul Spooren <mail@aparcar.org>
[split into separate commit, renamed to IMG_PART_SIGNATURE]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
x86, mvebu and tegra targets are currently using more or less same
SIGNATURE variable which provides unique partition ID/signature, so it
makes sense to refactor it out into common variable which could be
reused by all targets. While at it, make the content of the variable
reproducible.
Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-March/016148.html
Signed-off-by: Paul Spooren <mail@aparcar.org>
Suggested-by: Jo-Philipp Wich <jo@mein.io>
[renamed to IMG_PARTSIGNATURE, reworked with epoch+vermagic hash]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
As started in 19724e28c8 ("ramips: split base-files into
subtargets"), this moves some smaller left-over files to the
appropriate base-files folder of their subtarget:
- /etc/init.d/bootcount
- /etc/uci-defaults/04_led_migration
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
When Nanostation M was renamed from ubnt,nano-m to ubnt,nanostation-m
in commit f1396ac753 ("ath79: align naming of Ubiquiti Nanostation M"),
the caldata extraction in 10-ath9k-eeprom was overlooked.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This adjusts the GPIO state flag to ACTIVE_LOW as FCC pictures indicate
the base board is identical to the one of the R6220.
Fixes commit 3459013257 ("ramips: correct R6220 button flag")
Signed-off-by: David Bauer <mail@david-bauer.net>
Instead of depending on kmod-usb2 make it depend on the normal USB
dependencies. This should hopefully fix some problems seen in the build
bot builds for powerpc_8540.
In addition also activate DRIVER_11N_SUPPORT support.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
All buttons on the Netgear R6220 are active-low while they are flagged
as active-high.
The GPIO status reads the following for no buttons pressed:
root@64367-r6220:~# cat /sys/kernel/debug/gpio
gpio-7 ( |wps ) in hi
gpio-8 ( |wifi ) in hi
gpio-14 ( |reset ) in hi
Signed-off-by: David Bauer <mail@david-bauer.net>
lib and includedir point to the host, not staging_dir.
Note that prefix and exec_prefix is overriden to point to staging_dir.
As CMAKE_INSTTALL is passed, switched InstallDev to use cmake.mk's rule.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
includedir and libdir are set to /usr/include and /usr/lib . This breaks
compilation with packages such as tmux that use pkgconfig to find libevent
Also added PKG_LICENSE_FILES.
Simplified the InstallDev section by using cmake.mk's default rule.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Forward the OpenWrt TARGET_LDFLAGS to the linker of the fw_printenv tool.
In addition also use the more standard make invocation script.
With this change the fw_printenv tool is built with PIE and Full RELRO
support when activated globally in OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Update busybox to 1.31.1
Small bug fix release. Fixes for dc, ash (PS1 expansion fix),
hush, dpkg-deb, telnet and wget.
No need to refresh patches or config.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
The I2SE Duckbill devices are pen-drive like and thus the usage
of the USB gadget subsystem is highly indicated.
Spawning a console if a serial gadget is configured saves
us from connecting a physical debug uart.
On Olimex OLinuXino Maxi/Mini boards, this does not hurt.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Now that 'start-console' procd command has reached the main repo,
we can add a rule to start consoles on serial devices which are
created when USB gadget driver reports creation with hotplugging.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Also remove kernel 4.14 support and the meanwhile obsolete patch.
This was run-tested on I2SE Duckbill device and
Olimex OLinuXino Maxi board.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Tested-by: Zoltan HERPAI <wigyori@uid0.hu>
Also update the U-Boot BSP patch for I2SE Duckbill devices.
Run tested on I2SE Duckbill and Olimex OLinuXino Maxi boards.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This decreases the size of the usign application by 16% on MIPS BE.
old:
24,597 /usr/bin/usign
new:
20,501 /usr/bin/usign
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the size of the swconfig application by 25% on MIPS BE.
old:
16,916 /sbin/swconfig
new:
12,565 /sbin/swconfig
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the size of the mtd application by 25% on MIPS BE.
old:
20,597 /sbin/mtd
new:
16,421 /sbin/mtd
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This decreases the binary size when PIE ASLR is activated by 8% on MIPS BE.
old:
202,020 /usr/sbin/dnsmasq
new:
185,676 /usr/sbin/dnsmasq
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This moves shared code of the named devices into a common DTSI.
Remove setting status="okay" for &gpio0 as it's not disabled in
mt7620a.dtsi.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Based on Macronix MX25L3205DM2I datasheet this is maximum
supported speed.
Signed-off-by: Frederik Noe-Sdun <Frederik.Sdun@googlemail.com>
[rebased, improved commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Specifications:
* SoC: MT7620A
* RAM: 64 MB DDR
* Flash: 8MB NOR SPI flash
* WiFi: MT7612E (5Ghz) and builtin MT7620A (2.4GHz)
* LAN: 1x100M
The -factory images can be flashed from the
device's web interface or via nmrpflash.
The device seems to use base PCB as EX3700/EX3800,
but supporting AC1200 using MT7612E.
MAC adresses:
5.0 GHz 0x8004 *:9a
2.4 GHz 0x4 *:9b
lan 0x28 *:9b
wan 0x2e *:9c
Since this is a one-port device, although wan MAC address is
set in flash, it is not used in OpenWrt setup.
Signed-off-by: Frederik Noe-Sdun <Frederik.Sdun@googlemail.com>
[rebased, extended commit message, tiny DTS style fixes]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Fix the error that tl-wdr3320-v2 can't upgrade firmware via web
interface by using magic_ver="0200" for this device.
Signed-off-by: 南浦月 <nanpuyue@gmail.com>
[commit message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Commit 881ed09ee6 ("build: create JSON files containing image info")
has removed the crucial empty new line from the image copy step
resulting in the following errors during make function expansion:
GZ_SUFFIX :=
bash: GZ_SUFFIX: command not found
Makefile:86: recipe for target 'openwrt-ath79-generic-tplink_archer-c7-v5-squashfs-sysupgrade.bin' failed
Fixes: 881ed09ee6 ("build: create JSON files containing image info")
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Use reset-gpio instead of the custom phy-reset-gpio property to do phy
reset on the U4019. phy-reset-gpio was incorrectly introduced when we
added support for the U4019, and will be deprecated.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
The old GPIO based phy reset (phy-reset-gpio) will be removed form
the ipq40xx mdio driver in the future.
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Commit 6f6c00cfc9 ("ipq40xx: Add support for Unielec U4019") has
introduced support for `phy-reset-gpio` DT property, which isn't needed
as the MDIO already supports `reset-gpios`[1] which could be used instead.
1. https://elixir.bootlin.com/linux/v4.19.81/source/Documentation/devicetree/bindings/net/mdio.txt
Ref: PR#2511
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
[commit title and description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Commit ad7c6102f2 ("busybox: fix missing install with suid bit set if
FEATURE_SUID=y") actually fixes BUSYBOX_CONFIG_FEATURE_SUID option and
thus would install busybox setuid root by default which would result in
possibly unwanted change of current behaviour, so let's disable this
option by default in order to preserve the current status-quo.
For the record: disabling FEATURE_SUID to preserve the status-quo does
*not* imply the current status-quo is "safer", or for that matter, in
any way desireable. That is a discussion to be had on the mailing
lists.
Switching the FEATURE_SUID default to "n" is simply a compromise to
facilitate the merge of the changes that unbreak FEATURE_SUID.
Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
With FEATURE_SUID=y one can install busybox binary belonging to root
with the suid bit set, enabling some applets to perform root-level
operations even when run by ordinary users. Busybox then drops
privileges for applets that don't need root access, before entering
their main() function.
Currently we don't install busybox binary with suid bit set, rendering
this feature unusable.
Note that we can't just "chmod u+s /bin/busybox" at runtime as a
"cheaper" solution: it would waste approximately 200KiB of FLASH (the
whole /bin/busybox binary gets copied into the overlay).
Ref: PR#2502
Signed-off-by: Henrique de Moraes Holschuh <henrique@nic.br>
[commit title/description facelift, use INSTALL_SUID variable]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This reverts commit 6170c46b47.
There has been demand for further evaluation of the impact of a
changed hostname, so this is reverted for now. The default hostname
will be "OpenWrt" again after this commit.
The macaddr_geteui() function is not removed by this revert.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
If a label MAC address is provided for device, system
will rename the hostname with OpenWrt_{eui mac address}.
This helps to distinguish between different devices.
Since it's no good idea to nest json_* functions, this code does
not use get_mac_label directly, but only get_mac_label_dt as
external resource.
Signed-off-by: Rosy Song <rosysong@rosinson.com>
[merged with commit introducing macaddr_geteui, rebased on updated
label MAC address storage, extended commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
If set, label MAC address is available from one of two sources,
device tree or board.json. So far, the function get_mac_label
was meant for retrieving the address, while an option in uci
system config was specified only for case 2 (board.json).
The uci config option has several drawbacks:
- it is only used for a fraction of devices (those not in DT)
- label MAC address is a device property, while config implies
user interaction
- label_macaddr option will only be set if /etc/config/system
does not exist (i.e. only for new installations)
Thus, this patch changes the behavior of get_mac_label:
Instead of writing the value in board.json to uci system config
and reading from this location afterwards, get_mac_label now
extracts data from board.json directly. The uci config option
won't be used anymore.
In addition, two utility functions for extraction only from DT
or from board.json are introduced.
Since this is only changing the access to the label MAC address, it
won't interfere with the addresses stored in the code base so far.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
For some devices, the keys node is named "button". Change name to
match the rest of the target.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
In several DTS files, button nodes are just named buttonX or
xxx_button. This replaces the names with more specific names matching
the majority of key definitions.
While at it, fix name of keys node in one case.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
This fixes the netdev LED trigger for interfaces, which are renamed
during initialization (e.g. ppp interfaces).
Fixes: FS#2193
Fixes: FS#2239
Signed-off-by: Martin Schiller <ms@dev.tdt.de>
This is needed to export crypto information to netfilter, allowing
the alt. afalg openssl engine to obtain information about the drivers
being used.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Many bugs were fixed--2 patches removed here.
This release of wolfSSL includes fixes for 5 security vulnerabilities,
including two CVEs with high/critical base scores:
- potential invalid read with TLS 1.3 PSK, including session tickets
- potential hang with ocspstaping2 (always enabled in openwrt)
- CVE-2019-15651: 1-byte overread when decoding certificate extensions
- CVE-2019-16748: 1-byte overread when checking certificate signatures
- DSA attack to recover DSA private keys
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
The elecom-header renames the firmware image to v_0.0.0.bin, stores its
MD5 sum as v_0.0.0.md5 and tars both files again.
Both v_0.0.0 files are created as the build user making it harder to
reproduce.
This commit sets the owner/group of both files to root by adding extra
options to the final tar command.
Before:
0 buildbot (101) buildbot (102) 3932164 2019-11-05 14:43:22.000000 v_0.0.0.bin
0 buildbot (101) buildbot (102) 33 2019-11-05 14:43:22.000000 v_0.0.0.md5
After:
0 root (0) root (0) 3932164 2019-11-05 23:43:08.000000 v_0.0.0.bin
0 root (0) root (0) 33 2019-11-05 23:43:08.000000 v_0.0.0.md5
Signed-off-by: Paul Spooren <mail@aparcar.org>