openssl sets additional cflags in its configuration script. We need to
make it aware of our custom cflags to avoid adding conflicting cflags.
Fixes: #12866
Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
(cherry picked from commit 51f57e7c2d)
Some Broadcom MIPS devices require JFFS2 cleanmarkers to be present on the
kernel partition or the bootloader will identify the partition as corrupt and
won't boot the kernel.
Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
(cherry picked from commit 434df8df54)
Add new package for building bootloader for the SiFive U-series boards. Supported
boards at this stage are the HiFive Unleashed and HiFive Unmatched.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit 91406797f9)
Add "linux-riscv64-openwrt" into openssl configurations to enable building
on riscv64.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit a0840ecd53)
OpenSBI is a form of a first-stage bootloader, which initializes
certain parts of an SoC and then passes on control to the second
stage bootloader i.e. an u-boot image.
We're introducing the package with release v1.2, which provides
SBI v0.3 and the SBI SRST extensions which helps to gracefully
reboot/shutdown various HiFive-U SoCs.
Tested on SiFive Unleashed and Unmatched boards.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
(cherry picked from commit 944b13b3ee)
armvirt target has been renamed to armsr (Arm SystemReady).
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 203deef82c)
The armvirt target has been renamed to armsr (Arm SystemReady),
so the GRUB configuration also needs to change.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 4ce7d6c888)
The Amazon ENA network devices are also used on the
AWS Arm (Graviton) instance types, so move it from
the x86-only module file to the top level netdevices.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 3a7c8fd15e)
This adds a separate package for EFI on Arm SystemReady
compatible machines. 32-bit Arm UEFI is supported as well.
It is very similar to x86-64 EFI setup, without the
need for BIOS backward compatibility and slightly
different default modules.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 8f29b1573d)
Contains following updates:
* ipq8074: update RegDB in new submitted BDF
* Revert "ipq8074: update RegDB in new submitted BDF"
* qcn9074: update RegDB in new submitted BDF
* ipq8074: update RegDB in new submitted BDF
* qca-wireless: ipq40xx: add BDFs for ZTE MF287+
* Add BDFs for prpl Foundation Haze board
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit c2bb9f055b)
Currently kernel crashes when of_phy_connect has issues:
Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000000000000308
...
pc : phy_attached_print+0x28/0x1b0
lr : phy_attached_info+0x14/0x20
...
Call trace:
phy_attached_print+0x28/0x1b0
phy_attached_info+0x14/0x20
nss_dp_adjust_link+0x544/0x6c4 [qca_nss_dp]
of_phy_connect returns either pointer or NULL, so can't be checked with
IS_ERR macro.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit 38c7cf0e69)
b09b316aeaf6 blobmsg: add blobmsg_parse_attr function
eac92a4d5d82 blobmsg: add blobmsg_parse_array_attr
ef5e8e38bd38 usock: fix poll return code check
6fc29d1c4292 jshn.sh: Add pretty-printing to json_dump
5893cf78da40 blobmsg: Don't do at run-time what can be done at compile-time
362951a2d96e uloop: fix uloop_run_timeout
75a3b870cace uloop: add support for integrating with a different event loop
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit b6e0a24c49)
412d03012f13 network: prevent adding endpoint routes for addresses on the network
faaf9cee6ef4 utils: fix ipv4 checksum issue
0e1c2fad3540 pex-msg: fix memory leak on fread fail in pex_msg_update_request_init
51be0ed659d0 host: fix crash parsing gateway when no endpoint is specified
ca17601dc24e wg-linux: add support for splitting netlink messages for allowed ips
7d3986b7a5a2 wg-linux: increase default messages size
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 7b1e898336)
Synchronize the ath11k backports with the current ath-next tree.
This introduces support for MBSSID and EMA, adds factory test mode and
some new HTT stats.
Tested-by: Francisco G Luna <frangonlun@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit acde5271a6)
Backport EMA beacon support from kernel 6.4.
It is required for MBSSID/EMA suport in ath11k that will follow.
Tested-by: Francisco G Luna <frangonlun@gmail.com>
Signed-off-by: Robert Marko <robimarko@gmail.com>
(cherry picked from commit 84b5735b4c)
The MDIO bus multiplexing framework is used by some drivers
such as dwmac-sun8i.
As this is a per-driver requirement, set it to be hidden in the menu.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
(cherry picked from commit 2dbeb60725)
source.codeaurora.org project has been shut down and the nxp
repositories has been moved to github. Update the repository
link to the new location.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 0a1ee53235)
source.codeaurora.org project has been shut down and the nxp
repositories has been moved to github. Update the repository
link to the new location.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit 52fd8d8ba3)
Update bootloader environment for BPi-R3 and BPi-R64 to adapt to new
device tree overlay mechanism now that support for multiple device
tree overlays has been added.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit ec50d2d366)
CVE-2023-2650 fix
Remove upstreamed patches
Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023]
* Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650)
* Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255)
* Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466)
* Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465)
* Limited the number of nodes created in a policy tree (CVE-2023-0464)
Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
(cherry picked from commit 6348850f10)
Release Notes:
https://valgrind.org/docs/manual/dist.news.html
This improves support for the memory allocator used in musl libc 1.2.2
and later which is currently used by OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit d85013460d)
Build and package kernel self-tests used for BPF testing, program and JIT
development. This package, together with the existing 'kmod-bpf-test', was
extensively used for past upstream Linux JIT submissions [1].
Currently this includes only 'test_verifier'; building 'test_progs' will
fail due to known endian limitations with bpftool skeletons.
[1]:https://lore.kernel.org/bpf/cover.1633392335.git.Tony.Ambardar@gmail.com
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit 3886ea9b87)
Set net.core.bpf_jit_kallsyms=1 in /etc/sysctl.d/10-default.conf.
For privileged users, this exports addresses of JIT-compiled programs to
appear in /proc/kallsyms when present, allowing their use for debugging
and in traces.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit b3aaede2a7)
Add support for the Xunlong Orange Pi R1 Plus LTS.
Manually generated of-platdata files to avoid swig dependency.
Tested-by: Volkan Yetik <no3iverson@gmail.com>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 37fed89166)
Add support for the Xunlong Orange Pi R1 Plus.
Manually generated of-platdata files to avoid swig dependency.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 043f8a4f5e)
Built-in engine configs are added in libopenssl-conf/install stage
already, postinst/add_engine_config is just duplicating them, and
due to the lack of `config` header it results a broken uci config:
> uci: Parse error (invalid command) at line 3, byte 0
```
config engine 'devcrypto'
option enabled '1'
engine 'devcrypto'
option enabled '1'
option builtin '1'
```
Add `builtin` option in libopenssl-conf/install stage and remove
duplicate engine configuration in postinst/add_engine_config to
fix this issue.
Fixes: 0b70d55a64 ("openssl: make UCI config aware of built-in engines")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit a0d7193425)
It's only used on devices in mt7621 and mt7622 subtargets, so no reason
to compile it for others.
Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com>
(cherry picked from commit e81298463e)
Fix the PKG_MIRROR_HASH value for netifd.
Fixes: d2ecaaca34 ("netifd: update to version 2023-05-31")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 21f713d5ab)
Contains following changes:
* bridge: bridge_dump_info: add dumping of bridge attributes
* bridge: make it more clear why the config was applied
* cmake: fix build by reordering the cflags definitions
* treewide: fix multiple compiler warnings
Signed-off-by: Petr Štetiar <ynezz@true.cz>
(cherry picked from commit d2ecaaca34)
Add kmod-nft-dup-inet package to allow packet duplication in ip/ip6/inet nftables family
Signed-off-by: Michał Kwiatek <michal@kwiatek.it>
(cherry picked from commit a7e9445975)
At this moment loadaddr in most layerscape boards are configured to
0x81000000. 5.15 kernel on some boards is bigger than 5.10 and it cause error:
Loading kernel from FIT Image at 81000000 ...
Using 'config-1' configuration
Trying 'kernel-1' kernel subimage
Description: ARM64 OpenWrt Linux-5.15.112
Created: 2023-05-21 17:39:35 UTC
Type: Kernel Image
Compression: gzip compressed
Data Start: 0x810000ec
Data Size: 7513944 Bytes = 7.2 MiB
Architecture: AArch64
OS: Linux
Load Address: 0x80000000
Entry Point: 0x80000000
Hash algo: crc32
Hash value: 6fd69550
Hash algo: sha1
Hash value: ee34c753ffb615e199a428762824ad4a0aaef90a
Verifying Hash Integrity ... crc32+ sha1+ OK
Loading fdt from FIT Image at 81000000 ...
Using 'config-1' configuration
Trying 'fdt-1' fdt subimage
Description: ARM64 OpenWrt fsl_ls1088a-rdb-sdboot device tree blob
Created: 2023-05-21 17:39:35 UTC
Type: Flat Device Tree
Compression: uncompressed
Data Start: 0x8172a98c
Data Size: 19794 Bytes = 19.3 KiB
Architecture: AArch64
Hash algo: crc32
Hash value: 59792ba3
Hash algo: sha1
Hash value: 135585a49f86cd85acea559b78b0098ae99d5e12
Verifying Hash Integrity ... crc32+ sha1+ OK
Booting using the fdt blob at 0x8172a98c
Uncompressing Kernel Image
ERROR: new format image overwritten - must RESET the board to recover
resetting ...
This patch changes loadaddr to 0x88000000 (like LS1012A-FRDM board) to
avoid overlapping for bigger images (like initramfs) too.
Tested-by: Alexandra Alth <alexandra@alth.de> [LS1088ARDB]
Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com>
(cherry picked from commit 0822040671)
The vendor uboot will verify firmware at boot.
So add a custom uboot build for this device.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit c51eb17730)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add new build option BOARD_QFN/BOARD_BGA.
This option is only useful for MT7981 device.
MT7981A/B: BOARD_BGA, MT7981C: BOARD_QFN.
Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn>
(cherry picked from commit 602cb4f325)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add reserved memory for pstore/ramoops to device tree used by Linux
as well as U-Boot.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit 3eb354f999)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
My original bpftools package made "variant" builds of bpftool and libbpf
as a convenience, since both used the same local kernel sources with the
same versioning. This is no longer the case, since the commit below
switched to using an out-of-tree build mirror hosting repos for each.
Replace bpftools with separate bpftool and libbpf packages, each simplified
and correctly versioned. Also fix the broken libbpf ABI introduced in the
same commit. Existing build .config files are not impacted.
Fixes: 00cbf6f6ab ("bpftools: update to standalone bpftools + libbpf, use the latest version")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
(cherry picked from commit afe1bf11f2)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Release Notes:
http://lists.busybox.net/pipermail/busybox-cvs/2023-May/041510.html
Refresh commands, run after busybox is first built once (nothing changed
compared to 1.36.0):
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1
cd ..
./convert_defaults.pl ../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1/.config > Config-defaults.in
Manual edits needed afterward:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to
BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
* Config-defaults.in: correct the default ports that get reset
BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT 80
BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT 23
* config/editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in: change at "Options common to all shells" the conditional symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit a few Config.in files by adding quotes to sourced items in
config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Tested-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3b76f6eee4)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
