Zoltan HERPAI [Sun, 25 Aug 2019 20:40:37 +0000 (22:40 +0200)]
sunxi: enable NAND on pcDuino3
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Fri, 24 Apr 2020 13:47:52 +0000 (15:47 +0200)]
sunxi: enable NAND support on 5.4
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Thu, 5 Mar 2020 20:54:53 +0000 (21:54 +0100)]
sunxi: add support for Banana Pi M3
CPU: Allwinner A83t Octa-core Cortex A7 @ 1.8GHz
Memory: 2GB DDR3
Storage: SDcard, SATA (via USB), 8GB eMMC
Network: 10/100/1000M ethernet, Ampak AP6212 wifi + BT
USB: 2x USB 2.0
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Fri, 24 Apr 2020 07:58:53 +0000 (09:58 +0200)]
sunxi: add support for H6 boards and OrangePiOnePlus
Specifications:
SoC Allwinner H6 @ 1.8 Ghz
DRAM 1GiB LPDDR3
Power DC 5V @ 3A
Video HDMI (Type 2.0A - full)
Audio HDMI, on-board microphone
Network 10/100/1000Mbps Ethernet (Realtek RTL8211)
Storage microSD
USB 1 USB2.0 Host, 1 USB2.0 OTG
Debug Serial UART
Flashing instructions:
Standard sunxi SD card installation procedure - copy image to SD card,
insert in into SD card slot on the device and boot.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Wed, 29 Apr 2020 09:07:59 +0000 (11:07 +0200)]
arm-trusted-firmware-sunxi: bump to 2.3-1 and start using H6 blobs
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Wed, 29 Apr 2020 09:04:00 +0000 (11:04 +0200)]
arm-trusted-firmware-sunxi: update install path for A64 blobs
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Wed, 29 Apr 2020 09:02:27 +0000 (11:02 +0200)]
uboot-sunxi: add ATF variable for specifying which flavour to use
In preparation for H6 support (which requires a separate ATF blob), add
an envvar to the A64 boards specifying which ATF blob to use.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Petr Štetiar [Mon, 20 Apr 2020 08:55:38 +0000 (10:55 +0200)]
arm-trusted-firmware-sunxi: bump to v2.3 and use atf-builds binaries
Update ATF to latest v2.3 release and use reproducible bl31 binaries
from atf-builds project.
atf-builds project started recently offering reproducible ATF binaries
which is more convenient then building very tiny ATF artifacts from
scratch during each build, thus saving considerable build resources. It
has reduced build from scratch time on my CI builder for sunxi/cortexa53
target from 57min down to 29min.
Run tested on a64-olinuxino-emmc.
U-Boot SPL 2020.04 (Apr 20 2020 - 08:28:05 +0000)
DRAM: 1024 MiB
Trying to boot from MMC1
NOTICE: BL31: v2.2():v2.3-rc1
NOTICE: BL31: Built : 19:20:57, Apr 15 2020
NOTICE: BL31: Detected Allwinner A64/H64/R18 SoC (1689)
NOTICE: BL31: Found U-Boot DTB at 0x4090dc0, model: Olimex A64-Olinuxino-eMMC
Cc: Zoltan HERPAI <wigyori@uid0.hu>
Cc: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Petr Å tetiar <ynezz@true.cz>
Zoltan HERPAI [Wed, 29 Jul 2020 17:07:04 +0000 (19:07 +0200)]
firmware: intel-microcode: bump to
20200616
+ SECURITY UPDATE
* For most processors: SRBDS and/or VRDS, L1DCES mitigations depending
on the processor model
* For Skylake HEDT and Skylake Xeons with signature 0x50654: VRDS and
L1DCES mitigations, plus mitigations described earlier
* Expect some performance impact, the mitigations are enabled by
default. A Linux kernel update will be issued that allows one to
selectively disable the mitigations.
+ CRITICAL ERRATA FIXES
* Implements mitigation for CVE-2020-0543 Special Register Buffer Data
Sampling (SRBDS), INTEL-SA-00320, CROSSTalk
* Implements mitigation for CVE-2020-0548 Vector Register Data Sampling
(VRDS), INTEL-SA-00329
* Implements mitigation for CVE-2020-0549 L1D Cache Eviction Sampling
(L1DCES), INTEL-SA-00329
* Known to fix the regression introduced in release 2019-11-12 (sig
0x50564, rev. 0x2000065), which would cause several systems with
Skylake Xeon, Skylake HEDT processors to hang while rebooting
* Works around hangs on boot on Skylake-U/Y and Skylake Xeon E3
+ Updated Microcodes:
sig 0x000206d6, pf_mask 0x6d, 2020-03-04, rev 0x0621, size 18432
sig 0x000206d7, pf_mask 0x6d, 2020-03-24, rev 0x071a, size 19456
sig 0x000306c3, pf_mask 0x32, 2019-11-12, rev 0x0028, size 23552
sig 0x000306d4, pf_mask 0xc0, 2019-11-12, rev 0x002f, size 19456
sig 0x00040651, pf_mask 0x72, 2019-11-12, rev 0x0026, size 22528
sig 0x00040661, pf_mask 0x32, 2019-11-12, rev 0x001c, size 25600
sig 0x00040671, pf_mask 0x22, 2019-11-12, rev 0x0022, size 14336
sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
sig 0x00050653, pf_mask 0x97, 2020-04-24, rev 0x1000157, size 32768
sig 0x00050654, pf_mask 0xb7, 2020-04-24, rev 0x2006906, size 34816
sig 0x00050656, pf_mask 0xbf, 2020-04-23, rev 0x4002f01, size 52224
sig 0x00050657, pf_mask 0xbf, 2020-04-23, rev 0x5002f01, size 52224
sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
sig 0x000706e5, pf_mask 0x80, 2020-03-12, rev 0x0078, size 107520
sig 0x000806e9, pf_mask 0x10, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806e9, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806ea, pf_mask 0xc0, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806eb, pf_mask 0xd0, 2020-04-27, rev 0x00d6, size 103424
sig 0x000806ec, pf_mask 0x94, 2020-04-23, rev 0x00d6, size 103424
sig 0x000906e9, pf_mask 0x2a, 2020-04-23, rev 0x00d6, size 103424
sig 0x000906ea, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
sig 0x000906eb, pf_mask 0x02, 2020-04-23, rev 0x00d6, size 103424
sig 0x000906ec, pf_mask 0x22, 2020-04-27, rev 0x00d6, size 102400
sig 0x000906ed, pf_mask 0x22, 2020-04-23, rev 0x00d6, size 103424
* Likely fixes several critical errata on IceLake-U/Y causing system
hangs
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Thu, 7 May 2020 10:12:02 +0000 (12:12 +0200)]
firmware: intel-microcode: bump to
20191115
+ SECURITY UPDATE
- Implements MDS mitigation (TSX TAA), INTEL-SA-00270, CVE-2019-11135
- Implements TA Indirect Sharing mitigation, and improves the
MDS mitigation (VERW)
- Fixes FIVR (Xeon Voltage Modulation) vulnerability, INTEL-SA-00271,
CVE-2019-11139
- Fixes SGX vulnerabilities and errata (including CVE-2019-0117)
- Adds microcode update for CFL-S (Coffe Lake Desktop)
INTEL-SA-00270, CVE-2019-11135, CVE-2019-0117
+ CRITICAL ERRATA FIXES
- Fixes Jcc conditional jump macro-fusion erratum (Skylake+, except
Ice Lake), causes a 0-3% typical perforance hit (can be as bad
as 10%). But ensures the processor will actually jump where it
should, so don't even *dream* of not applying this fix.
- Fixes AVX SHUF* instruction implementation flaw erratum
+ New Microcodes:
sig 0x000406d8, pf_mask 0x01, 2019-09-16, rev 0x012d, size 84992
sig 0x00050656, pf_mask 0xbf, 2019-09-05, rev 0x400002c, size 51200
sig 0x00060663, pf_mask 0x80, 2018-04-17, rev 0x002a, size 87040
sig 0x000706a8, pf_mask 0x01, 2019-08-29, rev 0x0016, size 74752
sig 0x000706e5, pf_mask 0x80, 2019-09-05, rev 0x0046, size 102400
sig 0x000a0660, pf_mask 0x80, 2019-08-27, rev 0x00c6, size 91136
+ Updated Microcodes:
sig 0x000406e3, pf_mask 0xc0, 2019-10-03, rev 0x00d6, size 101376
sig 0x00050653, pf_mask 0x97, 2019-09-09, rev 0x1000151, size 32768
sig 0x00050657, pf_mask 0xbf, 2019-09-05, rev 0x500002c, size 51200
sig 0x000506e3, pf_mask 0x36, 2019-10-03, rev 0x00d6, size 101376
sig 0x000706a1, pf_mask 0x01, 2019-08-28, rev 0x0032, size 73728
sig 0x000806e9, pf_mask 0x10, 2019-10-15, rev 0x00ca, size 100352
sig 0x000806e9, pf_mask 0xc0, 2019-09-26, rev 0x00ca, size 100352
sig 0x000806ea, pf_mask 0xc0, 2019-08-14, rev 0x00c6, size 99328
sig 0x000806eb, pf_mask 0xd0, 2019-10-03, rev 0x00ca, size 100352
sig 0x000806ec, pf_mask 0x94, 2019-10-03, rev 0x00ca, size 100352
sig 0x000906e9, pf_mask 0x2a, 2019-10-03, rev 0x00ca, size 100352
sig 0x000906ea, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
sig 0x000906eb, pf_mask 0x02, 2019-10-03, rev 0x00ca, size 100352
sig 0x000906ec, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 99328
sig 0x000906ed, pf_mask 0x22, 2019-10-03, rev 0x00ca, size 100352
sig 0x000a0660, pf_mask 0x80, 2019-10-03, rev 0x00ca, size 91136
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Thu, 7 May 2020 10:10:35 +0000 (12:10 +0200)]
firmware: amd64-microcode: update to
20191218
* New microcode update packages from AMD upstream:
+ Updated Microcodes:
sig 0x00800f12, patch id 0x08001250, 2019-04-16
sig 0x00800f82, patch id 0x0800820d, 2019-04-16
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Wed, 13 Mar 2019 23:24:50 +0000 (00:24 +0100)]
suniv: add new target
This is Allwinner's ARM926EJ-S core, which is one of its early
products, reappearing in recent compact designs. The SoC includes
32Mb memory integrated, and has display and USB interfaces,
allowing for small footprint boards.
The target consists of basic 5.4 support, without u-boot.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Mon, 26 Aug 2019 15:04:33 +0000 (17:04 +0200)]
shmin: add new SH3-target
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Zoltan HERPAI [Mon, 26 Aug 2019 14:37:31 +0000 (16:37 +0200)]
sh775x: add new SH4 target
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
Paul Spooren [Tue, 1 Sep 2020 19:13:28 +0000 (09:13 -1000)]
dropbear: Enable
Ed25519 for normal devices
The
Ed25519 key pairs are much shorter than RSA pairs and are supported
by default in OpenSSH. Looking at websites explaining how to create new
SSH keys, many suggest using
Ed25519 rather than RSA, however consider
the former as not yet widely established. OpenWrt likely has a positive
influence on that development.
As enabling
Ed25519 is a compile time option, it is currently not
possible to install the feature via `opkg` nor select that option in an
ImageBuilder.
Due to the size impact of **12kB** the option should only be enabled for
devices with `!SMALL_FLASH`.
This approach seems cleaner than splitting `dropbear` into two packages
like `dropbear` and `dropbear-
ed25519`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Rosen Penev [Tue, 1 Sep 2020 22:37:03 +0000 (15:37 -0700)]
util-linux: Fix build when libmagic is present
When the libmagic from the file package in the packages feed was also
compiled and provided its libmagic.so file, util-linux tried to link
against it. Avoid this by explicitly disable libmagic support.
This fixes the following build error:
Package more is missing dependencies for the following libraries:
libmagic.so.1
Fixes: 36d9ed360a34 ("util-linux: update to 2.36")
Acked-by: Sebastian Kemper <sebastian_ml@gmx.net>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[Add commit description]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 1 Sep 2020 12:50:52 +0000 (14:50 +0200)]
wolfssl: Activate link time optimization (LTO)
The ipk sizes for mips_24Kc change like this:
old:
libwolfssl24_4.5.0-stable-1_mips_24kc.ipk 391.545
new:
libwolfssl24_4.5.0-stable-2_mips_24kc.ipk 387.439
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 1 Sep 2020 12:23:44 +0000 (14:23 +0200)]
iw: Update to version 5.8
The ipk sizes for mips_24Kc change like this:
old:
iw_5.4-1_mips_24kc.ipk 35.767
iw-full_5.4-1_mips_24kc.ipk 68.423
new:
iw_5.8-1_mips_24kc.ipk 36.883
iw-full_5.8-1_mips_24kc.ipk 71.992
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 1 Sep 2020 12:05:12 +0000 (14:05 +0200)]
nftables: Activate link time optimization (LTO)
The ipk sizes for mips_24Kc change like this:
old:
nftables-json_0.9.6-1_mips_24kc.ipk 231.968
nftables-nojson_0.9.6-1_mips_24kc.ipk 204.731
new:
nftables-json_0.9.6-2_mips_24kc.ipk 221.894
nftables-nojson_0.9.6-2_mips_24kc.ipk 193.932
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 1 Sep 2020 12:04:22 +0000 (14:04 +0200)]
libnftnl: Activate link time optimization (LTO)
The ipk sizes for mips_24Kc change like this:
old:
libnftnl12_1.1.7-1_mips_24kc.ipk 47.459
new:
libnftnl12_1.1.7-2_mips_24kc.ipk 45.742
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 1 Sep 2020 12:02:47 +0000 (14:02 +0200)]
jansson: Activate link time optimization (LTO)
The ipk sizes for mips_24Kc change like this:
old:
jansson4_2.13.1-1_mips_24kc.ipk 19.171
new:
jansson4_2.13.1-2_mips_24kc.ipk 18.936
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Mon, 24 Aug 2020 10:04:58 +0000 (12:04 +0200)]
nftables: Update to version 0.9.6
The ipk sizes for mips_24Kc change like this:
old:
nftables-json_0.9.3-1_mips_24kc.ipk 220.262
nftables-nojson_0.9.3-1_mips_24kc.ipk 192.937
new:
nftables-json_0.9.6-1_mips_24kc.ipk 231.968
nftables-nojson_0.9.6-1_mips_24kc.ipk 204.731
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Mon, 24 Aug 2020 10:04:38 +0000 (12:04 +0200)]
libnftnl: Update to version 1.1.7
The ipk sizes for mips_24Kc change like this:
old:
libnftnl12_1.1.5-1_mips_24kc.ipk 46.252
new:
libnftnl12_1.1.7-1_mips_24kc.ipk 47.459
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Mon, 24 Aug 2020 10:04:15 +0000 (12:04 +0200)]
jansson: Update to version 2.13.1
This also sets the ABI_VERSION as this is a versioned shared library.
The ipk sizes for mips_24Kc change like this:
old:
jansson_2.12-1_mips_24kc.ipk 18.692
new:
jansson4_2.13.1-1_mips_24kc.ipk 19.171
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
John Audia [Sat, 5 Sep 2020 17:43:41 +0000 (13:43 -0400)]
kernel: bump 5.4 to 5.4.63
Manually merged:
hack-5.4
230-openwrt_lzma_options.patch
bcm27xx
950-0283-hid-usb-Add-device-quirks-for-Freeway-Airmouse-T3-an.patch
x86
011-tune_lzma_options.patch
Remove upstreamed patches in collaboration with Ansuel Smith:
ipq806x
093-1-v5.8-ipq806x-PCI-qcom-Add-missing-ipq806x-clocks-in-PCIe-driver.patch
093-2-v5.8-ipq806x-PCI-qcom-Change-duplicate-PCI-reset-to-phy-reset.patch
093-3-v5.8-ipq806x-PCI-qcom-Add-missing-reset-for-ipq806x.patch
All other modifications made by update_kernel.sh
Build-tested: bcm27xx/bcm2708, ipq806x, x86/64
Run-tested: ipq806x (R7800), x86/64
No dmesg regressions, everything functional
Signed-off-by: John Audia <graysky@archlinux.us>
[update commit message/tested]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Sun, 6 Sep 2020 17:50:36 +0000 (19:50 +0200)]
ath25: disable devices with 4M flash
Devices with 4M flash are not built be default for 20.xx anymore.
Building them with buildbot settings does not work anymore anyway.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Sun, 6 Sep 2020 15:24:36 +0000 (17:24 +0200)]
ath25: apply vendor_model scheme
This applies the vendor_model scheme for this target as well, so
naming is consistent throughout supported targets.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Sergey Ryazanov [Fri, 4 Sep 2020 23:51:31 +0000 (02:51 +0300)]
ath25: eth: fix crash on skb DMA (un-)map
AR2315 Ethernet driver pass NULL instead of a real device pointer to DMA
(un-)map calls. With kernel version 5.4 such behaviour causes a kernel
panic. Fix this issue by preserving device pointer during the probe
procedure and pass it to each skb data DMA (un-)map call.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Sergey Ryazanov [Sun, 6 Sep 2020 15:00:08 +0000 (17:00 +0200)]
ath25: fix ethernet supported link modes for ar2313
Rework ethernet supported link modes to linkmode bitmask.
This is needed to suppress compilation errors:
drivers/net/ethernet/atheros/ar231x/ar231x.c:1153:20: ...
error: assignment to expression with array type
phydev->supported &= (SUPPORTED_10baseT_Half
^~
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
[cut out of bigger patch, adjust commit title/message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Mon, 13 Apr 2020 17:11:22 +0000 (19:11 +0200)]
ath25: fix compilation for AR2315 MTD driver
Kernel commit
e7bfb3fdbde3 ("mtd: Stop updating erase_info->state
and calling mtd_erase_callback()") removed erase_info->state
updates and calls of mtd_erase_callback().
Drop these erase callback invocations from AR2315 MTD driver as well.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Sun, 6 Sep 2020 12:08:43 +0000 (14:08 +0200)]
ath25: update config for kernel 5.4
Update config with make kernel_oldconfig.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Mon, 13 Apr 2020 17:11:20 +0000 (19:11 +0200)]
ath25: refresh patches for kernel 5.4
Refresh patches to make them apply to kernel 5.4.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Sun, 6 Sep 2020 11:57:27 +0000 (13:57 +0200)]
ath25: add back target support
Discussion on the mailing list reveals that this target has active
users. As we are finally able to upgrade this target to kernel 5.4,
add it back to master.
This reverts commit
7d29a5571403 ("ath25: drop target") and
immediately moves the relevant files to 5.4, without touching
the content.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Wed, 2 Sep 2020 11:19:59 +0000 (13:19 +0200)]
ath79: drop Build/loader-kernel-cmdline
This is the same as loader-kernel since the KERNEL_CMDLINE
parameter has been removed in [1] and not used at all anyway.
Remove it.
[1]
f77db1a59036 ("ath79: cleanup image build code")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Acked-by: Paul Spooren <mail@aparcar.org>
Josh Bendavid [Tue, 14 Jul 2020 15:39:21 +0000 (17:39 +0200)]
ramips: add support for D-Link DIR-2660 A1
This patch adds support for D-Link DIR-2660 A1.
Specifications:
* Board: AP-MTKH7-0002
* SoC: MediaTek MT7621AT
* RAM: 256 MB (DDR3)
* Flash: 128 MB (NAND)
* WiFi: MediaTek MT7615N (x2)
* Switch: 1 WAN, 4 LAN (Gigabit)
* Ports: 1 USB 2.0, 1 USB 3.0
* Buttons: Reset, WPS
* LEDs: Power (white/orange), Internet (white/orange), WiFi 2.4G (white),
WiFi 5G (white), USB 3.0 (white), USB 2.0 (white)
Notes:
* WiFi 2.4G and WiFi 5G LEDs are wired directly to the wireless chips
Installation:
* D-Link Recovery GUI: power down the router, press and hold the reset
button, then re-plug it. Keep the reset button pressed until the power
LED starts flashing orange, manually assign a static IP address under
the 192.168.0.xxx subnet (e.g. 192.168.0.2) and go to http://192.168.0.1
* Some modern browsers may have problems flashing via the Recovery GUI,
if that occurs consider uploading the firmware through cURL:
curl -v -i -F "firmware=@file.bin" 192.168.0.1
MAC addresses:
lan factory 0xe000 *:a7 (label)
wan factory 0xe006 *:aa
2.4 factory 0xe000 +1 *:a8
5.0 factory 0xe000 +2 *:a9
Seems like vendor didn't replace the dummy entries in the calibration data.
Signed-off-by: Josh Bendavid <joshbendavid@gmail.com>
[rebase onto already merged DIR-1960 A1, add MAC addresses to commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Felix Fietkau [Sun, 6 Sep 2020 11:29:48 +0000 (13:29 +0200)]
kernel: backport GRO improvements
Improves network performance
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sun, 6 Sep 2020 11:28:59 +0000 (13:28 +0200)]
kernel: backport improved checksum function for ARM64
Improves network performance in some cases when checksum offload is not
available
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sun, 6 Sep 2020 10:19:32 +0000 (12:19 +0200)]
mediatek/mt7622: adjust kernel cpu features to match the hardware
Disable unnecessary errata/features
Enable potentially needed ones
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Christian Lamparter [Thu, 3 Sep 2020 19:24:16 +0000 (21:24 +0200)]
apm821xx: provide legacy interrupts for PCIe in DT
Devices with PCIe-Switches like the WNDR4700, MR24 and WNDAP660
need to have the interrupts property specified in the device-tree
for the legacy pci interrupt signaling method to work.
If the proper interrupt value is not specified, the default INTA
IRQ 12 is taken for all devices. This is especially bad, if the
device is setup to use INTC, because these interrupts will not
be serviced.
Russell Senior reported his experience on the MR24:
"The symptom is client devices can't see the beacons.
Wifi ifaces appear, can scan and hear other networks,
but clients can't see the MR24's SSIDs."
(The interrupts-property on the WNDAP620 was optional since it
uses INTA by default. Likewise the MX60W is in the same category)
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Christian Lamparter [Sun, 30 Aug 2020 02:42:54 +0000 (04:42 +0200)]
base-files: support label-property-less in get_dt_leds
The LED's "label" property has been deprecated in upstream by:
|commit
c5d18dd6b64e09dd6984bda9bdd55160af537a8c
|Author: Jacek Anaszewski <jacek.anaszewski@gmail.com>
|Date: Sun Jun 9 20:19:04 2019 +0200
|
| dt-bindings: leds: Add properties for LED name construction
|
| Introduce dedicated properties for conveying information about
| LED function and color. Mark old "label" property as deprecated.
|
| Additionally function-enumerator property is being provided
| for the cases when neither function nor color can be used
| for LED differentiation.
in order to be somewhat prepared, this patch adds a fallback
as a last resort to make the current led code work by falling
back to the node-name as the "label".
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Hans Dedecker [Sat, 5 Sep 2020 17:12:28 +0000 (19:12 +0200)]
ppp: update to latest git HEAD
af30be0 Fix setting prefix for IPv6 link-local addresss
0314df4 Disable asking password again when prompt program returns 128
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
David Bauer [Sat, 5 Sep 2020 10:58:07 +0000 (12:58 +0200)]
firewall: bump to latest HEAD
8c2f9fa fw3: zones: limit zone names to 11 bytes
78d52a2 options: fix parsing of boolean attributes
Signed-off-by: David Bauer <mail@david-bauer.net>
Felix Fietkau [Sat, 5 Sep 2020 09:19:11 +0000 (11:19 +0200)]
build: fix extreme build system slowdown caused by SOURCE_DATE_EPOCH changes
Adding inline shell invocations in per-target variables causes them to be
executed over and over again, which causes a significant slowdown.
Fix this by evaluating it only once per package directory
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 4 Sep 2020 17:41:46 +0000 (19:41 +0200)]
mediatek: enable coherent DMA for ethernet and PCI
Improves performance by eliminating the need for extra cache flushes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 4 Sep 2020 17:41:33 +0000 (19:41 +0200)]
mediatek: fix an irq handling issue
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 4 Sep 2020 16:30:07 +0000 (18:30 +0200)]
mediatek/ramips: add patch to avoid unnecessary rearming of interrupts
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Tue, 25 Aug 2020 08:18:52 +0000 (10:18 +0200)]
mediatek: disable packet steering by default
mt76 now spreads the load over multiple CPUs more smoothly, processing
ethernet packets should be faster running on one core
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Wed, 26 Aug 2020 10:30:12 +0000 (12:30 +0200)]
mac80211: add preliminary support for enabling 802.11ax in config
No advanced features are configurable yet, just basic enabling of HE modes
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Fri, 4 Sep 2020 10:31:17 +0000 (12:31 +0200)]
mediatek: enable kernel PCIe ASPM support, refresh kernel config
Improves performance on PCIe devices
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Daniel Golle [Fri, 4 Sep 2020 01:49:23 +0000 (02:49 +0100)]
libselinux: package executables into -utils
Add new package libselinux-utils containing the executable
utilities included with libselinux.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Yangbo Lu [Thu, 20 Aug 2020 12:30:38 +0000 (20:30 +0800)]
layerscape: fix linux headers install issue
The linux upstream commit had treated config leak as error.
5967577 scripts: headers_install: Exit with error on config leak
It is causing below build issue. Provide a kernel patch to fix
it by replacing CONFIG_COMPAT kernel option with FM_COMPAT instead.
HDRINST usr/include/linux/fmd/integrations/integration_ioctls.h
HDRINST usr/include/linux/fmd/Peripherals/fm_port_ioctls.h
error: include/uapi/linux/fmd/Peripherals/fm_port_ioctls.h: leak
CONFIG_COMPAT to user-space
scripts/Makefile.headersinst:63: recipe for target
'usr/include/linux/fmd/Peripherals/fm_port_ioctls.h' failed
make[5]: *** [usr/include/linux/fmd/Peripherals/fm_port_ioctls.h] Error 1
Makefile:1198: recipe for target 'headers' failed
make[4]: *** [headers] Error 2
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Paul Spooren [Wed, 2 Sep 2020 00:32:45 +0000 (14:32 -1000)]
config: add KERNEL_LSM symbol
The LSM (Linux security mechanism) list is the successor of the now
legacy *major LSM*. Instead of defining a single security mechanism the
LSM symbol is a comma separated list of mechanisms to load.
Until recently OpenWrt would only support DAC (Unix discretionary access
controls) which don't require an additional entry in the LSM list. With
the newly introduced SELinux support the LSM needs to be extended else
only a manual modified Kernel cmdline (`security=selinux`) would
activate SELinux.
As the default OpenWrt Kernel config sets DAC as default security
mechanism, SELinux is stripped from the LSM list, even if
`KERNEL_DEFAULT_SECURITY_SELINUX` is activated. To allow SELinux without
a modified cmdline this commit sets a specific LSM list if
`KERNEL_SECURITY_SELINUX` is enabled.
The upstream Kconfig adds even more mechanisms
(smack,selinux,tomoyo,apparmor), but until they're ported to OpenWrt,
these can be ignored.
To compile SELinux Kernel support but disable it from loading, the
already present options `KERNEL_SECURITY_SELINUX_DISABLE` or
`KERNEL_SECURITY_SELINUX_BOOTPARAM` (with custom cmdline `selinux=0`)
can be used. Further it's possible to edit `/etc/selinux/config`.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Russell Morris [Wed, 25 Dec 2019 00:38:36 +0000 (18:38 -0600)]
ramips: add support for HooToo HT-TM05
The HooToo HT-TM05 is a battery powered router, with an Ethernet and USB port.
Vendor U-Boot limited to 1.5 MB kernel size, so use lzma loader (loader-okli).
Specifications:
SOC: MediaTek MT7620N
BATTERY: 10400mAh
WLAN: 802.11bgn
LAN: 1x 10/100 Mbps Ethernet
USB: 1x USB 2.0 (Type-A)
RAM: 64 MB
FLASH: GigaDevice GD25Q64, Serial 8 MB Flash, clocked at 50 MHz
Flash itself specified to 80 MHz, but speed limited by mt7620 SPI
fast-read enabled (m25p)
LED: Status LED (blue after boot, green with WiFi traffic
4 leds to indicate power level of the battery (unable to control)
INPUT: Power, reset button
MAC assignment based on vendor firmware:
2.4 GHz *:b4 (factory 0x04)
LAN/label *:b4 (factory 0x28)
WAN *:b5 (factory 0x2e)
Tested and working:
- Ethernet
- 2.4 GHz WiFi (Correct MAC-address)
- Installation from TFTP (recovery)
- OpenWRT sysupgrade (Preserving and non-preserving), through the usual
ways: command line and LuCI
- LEDs (except as noted above)
- Button (reset)
- I2C, which is needed for reading battery charge status and level
- U-Boot environment / variables (from U-Boot, and OpenWrt)
Installation:
- Download the needed OpenWrt install files, place them in the root
of a clean TFTP server running on your computer. Rename the files as,
- ramips-mt7620-hootoo_tm05-squashfs-kernel.bin => kernel
- ramips-mt7620-hootoo_tm05-squashfs-rootfs.bin => rootfs
- Plug the router into your computer via Ethernet
- Set your computer to use 10.10.10.254 as its IP address
- With your router shut down, hold down the power button until the first
white LED lights up.
- Push and hold the reset button and release the power button. Continue
holding the reset button for 30 seconds or until it begins searching
for files on your TFTP server, whichever comes first.
- The router (10.10.10.128) will look for your computer at 10.10.10.254
and install the two files. Once it has finished installation, it will
automatically reboot and start up OpenWrt.
- Set your computer to use DHCP for its IP address
Notes:
- U-Boot environment can be modified, u-boot-env is preserved on initial
install or sysupgrade
- mtd-concat functionality is included, to leave a "hole" for u-boot-env,
combining the OEM kernel and rootfs partitions
I would like to thank @mpratt14 and @xabolcs for their help getting the
lzma loader to work!
Signed-off-by: Russell Morris <rmorris@rkmorris.us>
[drop changes in image/Makefile, fix indent and PKG_RELEASE in
uboot-envtools, fix LOADER_FLASH_OFFS, minor commit message facelift,
add COMPILE to Device/Default]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Chuanhong Guo [Wed, 2 Sep 2020 06:22:30 +0000 (14:22 +0800)]
ramips: image: add recipe for OKLI loader
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Chuanhong Guo [Wed, 2 Sep 2020 06:22:29 +0000 (14:22 +0800)]
ramips: lzma-loader: make FLASH_START configurable
FLASH_START is supposed to point at the memory area where NOR flash are
mapped. We currently have an incorrect FLASH_START copied from ar71xx
back then and the loader doesn't work under OKLI mode.
On ramips, mt7621 has it's flash mapped to 0x1fc00000 and other SoCs
uses 0x1c000000. This commit makes FLASH_START a configurable value to
handle both cases.
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
Rosen Penev [Wed, 2 Sep 2020 21:25:19 +0000 (14:25 -0700)]
policycoreutils: add nls.mk
Fixes compilation under uClibc-ng.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Adrian Schmutzler [Fri, 7 Aug 2020 12:21:10 +0000 (14:21 +0200)]
kernel: remove obsolete kernel version switches for 4.14
This removes switches dependent on kernel version 4.14 as well as
several packages/modules selected only for that version.
This also removes sched-cake-virtual, which is not required anymore
now that we have only one variant of cake.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Fri, 7 Aug 2020 12:29:11 +0000 (14:29 +0200)]
kernel: remove support for kernel 4.14
No target uses kernel 4.14 anymore.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Fri, 7 Aug 2020 14:35:05 +0000 (16:35 +0200)]
ramips: drop support for kernel 4.14
The target seems to be working on 5.4, so drop 4.14 support in
preparation for removing it from master entirely.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Thu, 20 Aug 2020 12:26:27 +0000 (14:26 +0200)]
pistachio: drop support for kernel 4.14
The target seems to be working on 5.4, so drop 4.14 support in
preparation for removing it from master entirely.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Fri, 7 Aug 2020 14:34:09 +0000 (16:34 +0200)]
arc770: drop support for kernel 4.14
The target seems to be working on 5.4, so drop 4.14 support in
preparation for removing it from master entirely.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Fri, 7 Aug 2020 14:11:39 +0000 (16:11 +0200)]
samsung: drop target
This target is still on kernel 4.14, and no attempt has been made to
update it to a newer kernel. Since we already are two LTS versions ahead
of that the target is dropped, as the chance of somebody bumping it will
only decrease with time.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Fri, 7 Aug 2020 14:08:28 +0000 (16:08 +0200)]
rb532: drop target
This target is still on kernel 4.14, and recent attempts to move it to
kernel 5.4 have not led to success. The device tester reported that it
wouldn't boot with the following messages:
From sysupgrade:
Press any key within 4 seconds to enter setup....
loading kernel from nand... OK
setting up elf image... OK
jumping to kernel code
At this point the system hangs.
From CompactFlash:
Press any key within 4 seconds to enter setup....
Booting CF
Loading kernel... done
setting up elf image... kernel out of range kernel loading failed
The tester reported that the same was observed with current master
(kernel 4.14) as well. This looks like some kernel size restriction.
Since this target is quite old and only supports one device, and since
nobody else seemed interested in working on this for quite some time,
I decided to not put further work into analyzing the problem and drop
this together with the other 4.14-only targets.
Patchwork series:
https://patchwork.ozlabs.org/project/openwrt/list/?series=197066&state=*
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Fri, 7 Aug 2020 13:58:52 +0000 (15:58 +0200)]
ath25: drop target
This target still only works with kernel 4.14, and not so recent
attempts of getting newer kernel versions supported did not lead
to success. Therefore, drop the target, as we are already two
LTS kernel versions ahead and it does not seem like anybody will
pick up the work.
Patchwork series:
https://patchwork.ozlabs.org/project/openwrt/list/?series=169991&state=*
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Mon, 31 Aug 2020 11:27:57 +0000 (13:27 +0200)]
tools: sort alphabetically
This sorts the added tools and builddir dependencies alphabetically
to make it easier to find something in the Makefile.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Adrian Schmutzler [Mon, 31 Aug 2020 11:17:54 +0000 (13:17 +0200)]
tools: drop unused upslug2 and wrt350nv2-builder
These tools have been used by the orion target which has been
removed in Jan 2020 [1].
Both were specifically meant for the WRT350Nv2, which is not
supported anymore.
So, let's remove them as well.
[1]
89f2deb372b7 ("orion: remove unmaintained target")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Magnus Kroken [Tue, 1 Sep 2020 20:28:25 +0000 (22:28 +0200)]
mbedtls: update to 2.16.8
This release of Mbed TLS provides bug fixes and minor enhancements. This
release includes fixes for security issues and the most notable of them
are described in more detail in the security advisories.
* Local side channel attack on RSA and static Diffie-Hellman
* Local side channel attack on classical CBC decryption in (D)TLS
* When checking X.509 CRLs, a certificate was only considered as revoked
if its revocationDate was in the past according to the local clock if
available.
Full release announcement:
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8
Signed-off-by: Magnus Kroken <mkroken@gmail.com>
Walter Sonius [Tue, 1 Sep 2020 21:49:54 +0000 (23:49 +0200)]
base-files: fix comment typo in lib/functions/network.sh
Fix typo in comment.
Signed-off-by: Walter Sonius <walterav1984@gmail.com>
[commit title/message facelift]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Daniel Golle [Tue, 1 Sep 2020 20:31:20 +0000 (21:31 +0100)]
hostapd: add hs20 variant
Add hostapd variant compiled with support for Hotspot 2.0 AP features.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Felix Fietkau [Tue, 1 Sep 2020 13:37:14 +0000 (15:37 +0200)]
tools/squashfskit4: fix build on non-linux systems
The xattr related function calls are linux specific
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Sat, 29 Aug 2020 05:50:07 +0000 (07:50 +0200)]
mac80211: remove an obsolete patch that is no longer doing anything useful
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 27 Aug 2020 11:02:42 +0000 (13:02 +0200)]
mac80211: add more AQL fixes/improvements
Fix aggregation length estimation, add HE and VHT160 support
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Thu, 27 Aug 2020 04:39:48 +0000 (06:39 +0200)]
mediatek/ramips: unify ethernet driver fixes and add performance optimizations
Increase DMA burst size and tx ring size and optimize tx processing
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Felix Fietkau [Tue, 1 Sep 2020 15:00:45 +0000 (17:00 +0200)]
build: fix path to libfakeroot on macOS
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Daniel Golle [Tue, 1 Sep 2020 13:34:15 +0000 (14:34 +0100)]
refpolicy: skip building docs
Building docs requires xmllint and other bulky things being present on
the host. Skip that.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 1 Sep 2020 13:23:07 +0000 (14:23 +0100)]
libaudit: add host-build required by policycoreutils/host
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 1 Sep 2020 11:29:51 +0000 (12:29 +0100)]
libsemanage: host-build depends on renamed libaudit package
Fixes: efdf619f21 ("audit: build only libaudit")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Tue, 1 Sep 2020 11:04:23 +0000 (13:04 +0200)]
ugps: update to the latest version
511a5b3 ugps: fix 64-bit time_t
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Hauke Mehrtens [Tue, 1 Sep 2020 11:00:52 +0000 (13:00 +0200)]
fstools: update to the latest version
5345343 fstoools: add define for GLOB_ONLYDIR
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
John Crispin [Tue, 1 Sep 2020 07:09:13 +0000 (09:09 +0200)]
mediatek: pull in some fixes fromt he latest SDK
Signed-off-by: John Crispin <john@phrozen.org>
John Crispin [Tue, 1 Sep 2020 07:08:52 +0000 (09:08 +0200)]
uboot-mediatek: update to latest version
Signed-off-by: John Crispin <john@phrozen.org>
Daniel Golle [Tue, 1 Sep 2020 03:08:47 +0000 (04:08 +0100)]
build: unbreak fakeroot in SDK
Using fakeroot without passing the paths to libfakeroot.sh and faked
causes havoc. Use the $(FAKEROOT) Make variable which includes them.
Fixes: 353ce2e521 ("build: ipkg-build use fakeroot with PKG_FILE_MODES")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Tue, 1 Sep 2020 03:07:11 +0000 (04:07 +0100)]
tools: fakeroot: pass paths of libfakeroot.so and faked
Fixes: 9e7ef46065 ("tools: add fakeroot")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 31 Aug 2020 23:31:22 +0000 (00:31 +0100)]
libaudit: drop unused file
Drop init script from libaudit package. It will be added to the
'audit' package in the packages feed.
Fixes: efdf619f21 ("audit: build only libaudit")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Paul Spooren [Wed, 26 Aug 2020 00:55:27 +0000 (14:55 -1000)]
build: opkg-key variable key folder
The key folder is used by `opkg` and `usign` to store and retrieve
trusted public keys. Using `opkg-key` outside a running device is
unfeasible as the key folder is hard coded to `/etc/opkg/keys`.
This commit adds a variable OPKG_KEYS which defaults to `/etc/opkg/keys`
if unset, however allows set arbitrary key folder locations.
Arbitrary key folder locations are useful to add signature verification
to the ImageBuilders.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Paul Spooren [Mon, 31 Aug 2020 20:55:04 +0000 (10:55 -1000)]
px5g-wolfssl: cleanup Makefile and SPDX license
Minor cosmetic cleanups of the Makefile and add a SPDX compatible
license headers.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Daniel Golle [Mon, 31 Aug 2020 21:01:46 +0000 (22:01 +0100)]
libsemanage: add missing package metadata
License and CPE-ID were missing, add them.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 31 Aug 2020 20:49:36 +0000 (21:49 +0100)]
audit: build only libaudit
Turns out auditd depends on libev. Lets have that in packages.git.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Hauke Mehrtens [Mon, 24 Aug 2020 09:47:52 +0000 (11:47 +0200)]
strace: Update to version 5.8
Deactivate multiple personalities support, because this causes compile
problems at least on the x86/64 target. As OpenWrt compiles all
binaries itself all binaries will use the native personality which is
also used by strace. This change will make it impossible to debug i386
binaries on x86_64 OpenWrt targets for example.
Just deactivate it for ARM64 too.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Rosen Penev [Fri, 7 Aug 2020 21:23:39 +0000 (14:23 -0700)]
util-linux: update to 2.36
hwclock was fixed to work with musl.
Unfortunately, the fix breaks under musl 1.2.x. Backported patch to fix
that.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sat, 29 Aug 2020 03:17:39 +0000 (20:17 -0700)]
libcxx: update to 10.0.0
Switched to upstream tarballs.
Switched to libcxxabi as using libsupc++ is quite wonky.
Fixed description.
Removed patches. The fixes are cosmetic.
Added ssp patch. This one is needed for i386 and powerpc under musl.
Compile tested every C++ package in the tree with the exception of
several boost packages. There's something broken with boost.
Ran tested with gerbera.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Rosen Penev [Sat, 29 Aug 2020 03:17:38 +0000 (20:17 -0700)]
libcxxabi: add
This will be used for libcxx.
libcxxabi is needed as libsupc++ is not good enough for libcxx. It uses
GCC specific stuff which causes failed compilation for some packages.
There are also runtime issues, most notably with cxxopts where the
program just crashes.
Reference: https://github.com/gerbera/gerbera/issues/795
Added patch to fix ARM compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
DENG Qingfang [Tue, 25 Aug 2020 04:03:28 +0000 (12:03 +0800)]
toolchain: Update GCC 10 to version 10.2.0
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
DENG Qingfang [Tue, 25 Aug 2020 03:55:05 +0000 (11:55 +0800)]
toolchain/binutils: add binutils 2.35
Add binutils version 2.35
Signed-off-by: DENG Qingfang <dengqf6@mail2.sysu.edu.cn>
Daniel Golle [Mon, 31 Aug 2020 19:41:21 +0000 (20:41 +0100)]
checkpolicy: build-depend on libselinux
Static libraries and headers of libselinux and libsepol are required
for checkpolicy to build.
Fixes error:
policy_parse.y:45:10: fatal error: sepol/policydb/expand.h: No such file or directory
#include <sepol/policydb/expand.h>
^~~~~~~~~~~~~~~~~~~~~~~~~
compilation terminated.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Daniel Golle [Mon, 31 Aug 2020 19:36:32 +0000 (20:36 +0100)]
policycoreutils: fix i18n depends
Fixes build error:
load_policy.c:11:10: fatal error: libintl.h: No such file or directory
#include <libintl.h> /* for gettext() */
^~~~~~~~~~~
compilation terminated.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Michael Pratt [Mon, 17 Aug 2020 19:35:20 +0000 (15:35 -0400)]
ath79: add support for Senao Engenius ENH202 v1
FCC ID: U2M-ENH200
Engenius ENH202 is an outdoor wireless access point with 2 10/100 ports,
built-in ethernet switch, internal antenna plates and proprietery PoE.
Specification:
- Qualcomm/Atheros AR7240 rev 2
- 40 MHz reference clock
- 8 MB FLASH ST25P64V6P (aka ST M25P64)
- 32 MB RAM
- UART at J3 (populated)
- 2x 10/100 Mbps Ethernet (built-in switch at gmac1)
- 2.4 GHz, 2x2, 29dBm (Atheros AR9280 rev 2)
- internal antenna plates (10 dbi, semi-directional)
- 5 LEDs, 1 button (LAN, WAN, RSSI) (Reset)
Known Issues:
- Sysupgrade from ar71xx no longer possible
- Power LED not controllable, or unknown gpio
MAC addresses:
eth0/eth1 *:11 art 0x0/0x6
wlan *:10 art 0x120c
The device label lists both addresses, WLAN MAC and ETH MAC,
in that order.
Since 0x0 and 0x6 have the same content, it cannot be
determined which is eth0 and eth1, so we chose 0x0 for both.
Installation:
2 ways to flash factory.bin from OEM:
- Connect ethernet directly to board (the non POE port)
this is LAN for all images
- if you get Failsafe Mode from failed flash:
only use it to flash Original firmware from Engenius
or risk kernel loop or halt which requires serial cable
Method 1: Firmware upgrade page:
OEM webpage at 192.168.1.1
username and password "admin"
In upper right select Reset
"Restore to factory default settings"
Wait for reboot and login again
Navigate to "Firmware Upgrade" page from left pane
Click Browse and select the factory.bin image
Upload and verify checksum
Click Continue to confirm and wait 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting...
Interrupt boot with any key pressed rapidly
execute `run failsafe_boot` OR `bootm 0x9f670000`
wait a minute
connect to ethernet and navigate to
"192.168.1.1/index.htm"
Select the factory.bin image and upload
wait about 3 minutes
Return to OEM:
If you have a serial cable, see Serial Failsafe instructions
*DISCLAIMER*
The Failsafe image is unique to Engenius boards.
If the failsafe image is missing or damaged this will not work
DO NOT downgrade to ar71xx this way, can cause kernel loop or halt
The easiest way to return to the OEM software is the Failsafe image
If you dont have a serial cable, you can ssh into openwrt and run
`mtd -r erase fakeroot`
Wait 3 minutes
connect to ethernet and navigate to 192.168.1.1/index.htm
select OEM firmware image from Engenius and click upgrade
Format of OEM firmware image:
The OEM software of ENH202 is a heavily modified version
of Openwrt Kamikaze bleeding-edge. One of the many modifications
is to the sysupgrade program. Image verification is performed
simply by the successful ungzip and untar of the supplied file
and name check and header verification of the resulting contents.
To form a factory.bin that is accepted by OEM Openwrt build,
the kernel and rootfs must have specific names...
openwrt-senao-enh202-uImage-lzma.bin
openwrt-senao-enh202-root.squashfs
and begin with the respective headers (uImage, squashfs).
Then the files must be tarballed and gzipped.
The resulting binary is actually a tar.gz file in disguise.
This can be verified by using binwalk on the OEM firmware images,
ungzipping then untaring, and by swapping headers to see
what the OEM upgrade utility accepts and rejects.
OKLI kernel loader is required because the OEM firmware
expects the kernel to be no greater than 1024k
and the factory.bin upgrade procedure would otherwise
overwrite part of the kernel when writing rootfs.
Note on built-in switch:
ENH202 is originally configured to be an access point,
but with two ethernet ports, both WAN and LAN is possible.
the POE port is gmac0 which is preferred to be
the port for WAN because it gives link status
where swconfig does not.
Signed-off-by: Michael Pratt <mpratt51@gmail.com>
[assign label_mac in 02_network, use ucidef_set_interface_wan,
use common device definition, some reordering]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Michael Pratt [Mon, 11 May 2020 20:58:02 +0000 (16:58 -0400)]
ath79: add support for Senao Engenius ENS202EXT v1
Engenius ENS202EXT v1 is an outdoor wireless access point with 2 10/100 ports,
with built-in ethernet switch, detachable antennas and proprietery PoE.
FCC ID: A8J-ENS202
Specification:
- Qualcomm/Atheros AR9341 v1
- 535/400/200/40 MHz (CPU/DDR/AHB/REF)
- 64 MB of RAM
- 16 MB of FLASH MX25L12835F(MI-10G)
- UART (J1) header on PCB (unpopulated)
- 2x 10/100 Mbps Ethernet (built-in switch Atheros AR8229)
- 2.4 GHz, up to 27dBm (Atheros AR9340)
- 2x external, detachable antennas
- 7x LED (5 programmable in ath79), 1x GPIO button (Reset)
Known Issues:
- Sysupgrade from ar71xx no longer possible
- Ethernet LEDs stay on solid when connected, not programmable
MAC addresses:
eth0/eth1 *:7b art 0x0/0x6
wlan *:7a art 0x1002
The device label lists both addresses, WLAN MAC and ETH MAC,
in that order.
Since 0x0 and 0x6 have the same content, it cannot be
determined which is eth0 and eth1, so we chose 0x0 for both.
Installation:
2 ways to flash factory.bin from OEM:
- Connect ethernet directly to board (the non POE port)
this is LAN for all images
- if you get Failsafe Mode from failed flash:
only use it to flash Original firmware from Engenius
or risk kernel loop which requires serial cable
Method 1: Firmware upgrade page:
OEM webpage at 192.168.1.1
username and password "admin"
In upper right select Reset
"Restore to factory default settings"
Wait for reboot and login again
Navigate to "Firmware Upgrade" page from left pane
Click Browse and select the factory.bin image
Upload and verify checksum
Click Continue to confirm and wait 3 minutes
Method 2: Serial to load Failsafe webpage:
After connecting to serial console and rebooting...
Interrupt boot with any key pressed rapidly
execute `run failsafe_boot` OR `bootm 0x9fdf0000`
wait a minute
connect to ethernet and navigate to
"192.168.1.1/index.htm"
Select the factory.bin image and upload
wait about 3 minutes
*If you are unable to get network/LuCI after flashing*
You must perform another factory reset:
After waiting 3 minutes or when Power LED stop blinking:
Hold Reset button for 15 seconds while powered on
or until Power LED blinks very fast
release and wait 2 minutes
Return to OEM:
If you have a serial cable, see Serial Failsafe instructions
*DISCLAIMER*
The Failsafe image is unique to this model.
The following directions are unique to this model.
DO NOT downgrade to ar71xx this way, can cause kernel loop
The easiest way to return to the OEM software is the Failsafe image
If you dont have a serial cable, you can ssh into openwrt and run
`mtd -r erase fakeroot`
Wait 3 minutes
connect to ethernet and navigate to 192.168.1.1/index.htm
select OEM firmware image from Engenius and click upgrade
TFTP Recovery:
For some reason, TFTP is not reliable on this board.
Takes many attempts, many timeouts before it fully transfers.
Starting with an initramfs.bin:
Connect to ethernet
set IP address and TFTP server to 192.168.1.101
set up infinite ping to 192.168.1.1
rename the initramfs.bin to "vmlinux-art-ramdisk" and host on TFTP server
disconnect power to the board
hold reset button while powering on board for 8 seconds
Wait a minute, power LED should blink eventually if successful
and a minute after that the pings should get replies
You have now loaded a temporary Openwrt with default settings temporarily.
You can use that image to sysupgrade another image to overwrite flash.
Format of OEM firmware image:
The OEM software of ENS202EXT is a heavily modified version
of Openwrt Kamikaze bleeding-edge. One of the many modifications
is to the sysupgrade program. Image verification is performed
simply by the successful ungzip and untar of the supplied file
and name check and header verification of the resulting contents.
To form a factory.bin that is accepted by OEM Openwrt build,
the kernel and rootfs must have specific names...
openwrt-senao-ens202ext-uImage-lzma.bin
openwrt-senao-ens202ext-root.squashfs
and begin with the respective headers (uImage, squashfs).
Then the files must be tarballed and gzipped.
The resulting binary is actually a tar.gz file in disguise.
This can be verified by using binwalk on the OEM firmware images,
ungzipping then untaring, and by swapping headers to see
what the OEM upgrade utility accepts and rejects.
Note on the factory.bin:
The newest kernel is too large to be in the kernel partition
the new ath79 kernel is beyond 1592k
Even ath79-tiny is 1580k
Checksum fails at boot because the bootloader (modified uboot)
expects kernel to be 1536k. If the kernel is larger, it gets
overwritten when rootfs is flashed, causing a broken image.
The mtdparts variable is part of the build and saving a new
uboot environment will not persist after flashing.
OEM version might interact with uboot or with the custom
OEM partition at 0x9f050000.
Failed checksums at boot cause failsafe image to launch,
allowing any image to be flashed again.
HOWEVER: one should not install older Openwrt from failsafe
because it can cause rootfs to be unmountable,
causing kernel loop after successful checksum.
The only way to rescue after that is with a serial cable.
For these reasons, a fake kernel (OKLI kernel loader)
and fake squashfs rootfs is implemented to take care of
the OEM firmware image verification and checksums at boot.
The OEM only verifies the checksum of the first image
of each partition respectively, which is the loader
and the fake squashfs. This completely frees
the "firmware" partition from all checks.
virtual_flash is implemented to make use of the wasted space.
this leaves only 2 erase blocks actually wasted.
The loader and fakeroot partitions must remain intact, otherwise
the next boot will fail, redirecting to the Failsafe image.
Because the partition table required is so different
than the OEM partition table and ar71xx partition table,
sysupgrades are not possible until one switches to ath79 kernel.
Note on sysupgrade.tgz:
To make things even more complicated, another change is needed to
fix an issue where network does not work after flashing from either
OEM software or Failsafe image, which implants the OEM (Openwrt Kamikaze)
configuration into the jffs2 /overlay when writing rootfs from factory.bin.
The upgrade script has this:
mtd -j "/tmp/_sys/sysupgrade.tgz" write "${rootfs}" "rootfs"
However, it also accepts scripts before and after:
before_local="/etc/before-upgradelocal.sh"
after_local="/etc/after-upgradelocal.sh"
before="before-upgrade.sh"
after="after-upgrade.sh"
Thus, we can solve the issue by making the .tgz an empty file
by making a before-upgrade.sh in the factory.bin
Note on built-in switch:
There is two ports on the board, POE through the power supply brick,
the other is on the board. For whatever reason, in the ar71xx target,
both ports were on the built-in switch on eth1. In order to make use
of a port for WAN or a different LAN, one has to set up VLANs.
In ath79, eth0 and eth1 is defined in the DTS so that the
built-in switch is seen as eth0, but only for 1 port
the other port is on eth1 without a built-in switch.
eth0: switch0
CPU is port 0
board port is port 1
eth1: POE port on the power brick
Since there is two physical ports,
it can be configured as a full router,
with LAN for both wired and wireless.
According to the Datasheet, the port that is not on the switch
is connected to gmac0. It is preferred that gmac0 is chosen as WAN
over a port on an internal switch, so that link status can pass
to the kernel immediately which is more important for WAN connections.
Signed-off-by: Michael Pratt <mpratt51@gmail.com>
[apply sorting in 01_leds, make factory recipe more generic, create common
device node, move label-mac to 02_network, add MAC addresses to commit
message, remove kmod-leds-gpio, use gzip directly]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Roger Pueyo Centelles [Fri, 28 Aug 2020 11:51:48 +0000 (13:51 +0200)]
ath79: mikrotik: fix network setup for lhg-hb platform
This network setup for MikroTik devices based on the LHG-HB platform
avoids using the integrated switch and connects the single Ethernet
port directly. This way, link speed (10/100 Mbps) is properly repor-
ted by eth0.
Fixes: FS#3309
Signed-off-by: Roger Pueyo Centelles <roger.pueyo@guifi.net>
Sven Wegener [Fri, 17 Apr 2020 22:19:51 +0000 (00:19 +0200)]
ath79: use correct MAC address for TP-Link TL-WPA8630 v2
The base address is used for the LAN and 2G WLAN interfaces.
5G WLAN interface is +1 and the PLC interface uses +2.
Signed-off-by: Sven Wegener <sven.wegener@stealer.net>
[improve commit title, fix assignment in 11-ath10k-caldata]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>