Commit Graph

53903 Commits

Author SHA1 Message Date
Linus Walleij 81da8a295b gemini: Bump kernel to v5.15
It's working well on all tested targets, so let's move
Gemini forward to v5.15. imx is already bumped so why not.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2022-04-14 10:12:34 +02:00
Linus Walleij bc19ce078d gemini: Create patches and config for kernel v5.15
This creates a v5.15 baseline for the Gemini platform.
The main new attraction is the new crypto driver from
Corentin Labbe that we activate in the new config.
Config was refreshed.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2022-04-14 10:12:34 +02:00
Linus Walleij 30d2fcffeb generic: backport 5.16 RTL8366RB improvements
The prerequisite DSA changes for the nice RTL8366RB improvements
are already backported so bring back these changes as well.

Signed-off-by: Linus Walleij <linus.walleij@linaro.org>
2022-04-14 10:12:34 +02:00
Jason A. Donenfeld a001630a1a urandom-seed: go back to seeding with shell script temporarily
This reverts commit 2edc017a6e.

We shouldn't be using a shell script here, but the SeedRNG integration
into OpenWRT requires a bit more thought. Etienne raised some important
points immediately after this was merged and planned to send some follow
up commits, but became busy with other things. The points he raised are
important enough that we should actually back this out until it's ready
to go, and then merge it as a cohesive unit. So let's revert this for
now, and come back to it later on.

Cc: Etienne Champetier <champetier.etienne@gmail.com>
Cc: Petr Štetiar <ynezz@true.cz>
Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
2022-04-14 10:12:34 +02:00
Daniel Golle 9a22943eb2
mediatek: 5.15: re-enable arch timer on MT7623 as well
Re-enable arch timer also on MT7623, yet another time.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-14 07:34:50 +01:00
Chuanhong Guo e30424112e mediatek: 5.15: enable arm arch timer for mt7629
otherwise the system delay is completely broken.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2022-04-14 13:35:12 +08:00
Chuanhong Guo 10068a2e89 kernel: 5.15: add support for ESMT F50x1G41LB
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2022-04-14 12:48:39 +08:00
Daniel Golle c5f113c43f
netifd: relax check in dhcp proto handler
Checking whether /sbin/udhcpc is a symbolic link breaks using the
DHCP proto handler inside procd-ujail where bind-mounts are used for
the resolved link. Check whether /sbin/udhcpc is executable instead
to allow using the proto handler for DHCP-provisioned containers.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-13 19:51:00 +01:00
Daniel Golle 2c8873033e
procd: update to git HEAD
6343c3a procd: completely remove tmp-on-zram support
 5c5e63f uxc: fix potential NULL-pointer dereference
 eb03f03 jail: include necessary files for per-netns netifd instance

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-13 19:50:55 +01:00
Daniel Golle acf701a070
malta: add config-5.15
Adding the kernel configuration has accidentally been omitted when
enabling testing kernel 5.15. Add it now.

Fixes: 09f6200198 ("malta: enable testing kernel 5.15")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-13 19:50:50 +01:00
Daniel Golle 0dbca1b2ba
base-files: more robust sysupgrade on NAND
Make sure sysupgrade on NAND also works in case of UBI volumes having
index >9. While at it, also make sure UBI device is detected and abort
in case it isn't. Use Shell built-in shorthand ':' instead of 'true'.

Fixes #9708
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-13 19:50:45 +01:00
Rui Salvaterra 435d7a052b firewall3: bump to latest git HEAD
4cd7d4f Revert "firewall3: support table load on access on Linux 5.15+"
50979cc firewall3: remove unnecessary fw3_has_table

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-04-13 17:08:17 +01:00
Koen Vandeputte f3fa68e515 ath79: nand: add 5.15 support for nand subtarget
Tested on GL.iNet E750

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2022-04-13 12:00:22 +02:00
Koen Vandeputte 4bfdb12deb kernel: add missing symbols for 5.15
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2022-04-13 12:00:22 +02:00
Jo-Philipp Wich bea01fa57f netfilter: move nf-log modules into separate packages
Both legacy iptables and nftables require nf-log modules for rule logging,
so move them into a separate package both firewall implementations can
depend on.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2022-04-12 14:02:16 +02:00
Felix Fietkau 5d5afd5177 mac80211: backport minstrel_ht fix for legacy rates
Fixes OFDM rates on 5 GHz

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-04-12 09:33:22 +02:00
Hauke Mehrtens 685ae2687b toolchain: musl: Update to version 1.2.3
Changes:
new features:
- qsort_r function (POSIX-future)
- pthread_getname_np extension function
- hard float on SPE FPU for powerpc-sf
- SEEK_DATA and SEEK_HOLE exposed in unistd.h (Linux extensions)

compatibility:
- free now preserves errno (POSIX-future requirement)
- setjmp is declared explicitly with returns_twice for non-GCC compilers
- macro version of isascii is no longer defined for C++
- dynamic linker now tolerates zero-length LOAD segments
- epoll_[p]wait is now a cancellation point
- pwd/grp functions no longer fail on systems without AF_UNIX support
- POSIX TZ parsing is stricter to allow more names to fallback to files
- NULL is now defined as nullptr when used in C++11 or later
- gettext now accepts null pointer as argument

bugs fixed:
- old regression in wcwidth of Hangul combining (vowel/final) letters
- duplocale used wrong malloc when malloc was replaced (1.2.2 regression)
- fmaf rounded wrong on archs without FE_TOWARDZERO (all softfloat archs)
- popen didn't honor requirement not to leak other popen pipe fds to child
- aligned_alloc and variants crashed on allocation failure
- dl_iterate_phdr reported incorrect module TLS pointers
- mishandling of some inputs in acoshf and expm1f and functions using them
- potentially wrong-sign zero in cproj functions at infinity
- multiple bugs in legacy function cuserid
- minor posix_spawn file actions API conformance issues
- pthread_setname_np fd leak
- out-of-bound read in zoneinfo handling with distant-past times
- out-of-tree builds lacked generated debug cfi for x86 asm

arch-specific bugs fixed:
- powerpc (32-bit) struct shmid_ds layout was wrong for some fields
- time64 struct layout was wrong in sound ioctl fallback (32-bit archs)

In addition it contains the following improvements:
* protect stack canary from leak via read-as-string by zeroing second byte
* fix excessively slow TLS performance on some mips models

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Acked-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Rui Salvaterra <rsalvaterra@gmail.com>
Tested-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
2022-04-11 21:41:03 +02:00
Eneas U de Queiroz 1135b75d1f nftables: add CONFLICT between versions
Have nftables-json conflict with nftables-nojson.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-04-11 21:41:03 +02:00
Eneas U de Queiroz e89f3e85eb wolfssl: bump to 5.2.0
Fixes two high-severity vulnerabilities:

- CVE-2022-25640: A TLS v1.3 server who requires mutual authentication
  can be bypassed.  If a malicious client does not send the
  certificate_verify message a client can connect without presenting a
  certificate even if the server requires one.

- CVE-2022-25638: A TLS v1.3 client attempting to authenticate a TLS
  v1.3 server can have its certificate heck bypassed. If the sig_algo in
  the certificate_verify message is different than the certificate
  message checking may be bypassed.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-04-11 21:41:03 +02:00
Eneas U de Queiroz c9c2b01b84 mediatek/mt7622: enable accelerated crypto drivers
Use ARMv8 Crypto Extensions for AES, ghash and sha256.

This results in a 16 times speed gain in speed for aes-128-ctr, 17x in
aes-128-gcm, and 9 times in sha256.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2022-04-11 20:25:34 +01:00
Daniel Golle aece8f5ae8
scripts/gen_image_generic.sh: generate reproducible EFI filesystem
Generate FAT filesystem for EFI boot in a reproducible way:
 * use '--invariant' option of mkfs.fat
 * set timestamps of all files to SOURCE_DATE_EPOCH
 * make sure files are ordered locale-independent

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-11 15:29:33 +01:00
Hauke Mehrtens 3aa96efa24 mac80211: Update to version 5.15.33-1
This updates mac80211 to version 5.15.33-1 which is based on kernel
5.15.33.
The removed patches were applied upstream.

This new release contains many fixes which were merged into the upstream
Linux kernel.
This also contains the following new drivers which are needed for ath11k:
* net/qrtr/
* drivers/bus/mhi/

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-04-10 23:12:36 +02:00
Daniel Golle 5cf5dce05a
imagebuilder: export SOURCE_DATE_EPOCH to environment
Export SOURCE_DATE_EPOCH to environment so filesystem and image
creation tools will make use of it.
Fixes reproducibility of images generated with the ImageBuilder.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-10 00:56:38 +01:00
Daniel Golle dffad93d3e
arm-trusted-firmware-mediatek: remove no longer needed Configure step
As anyway only the default is called now we can as well also just remove
the override for Build/Configure.

Fixes: e2cffbb805 ("arm-trusted-firmware-mediatek: update to 2021-03-10")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-09 22:24:42 +01:00
Daniel Golle 738d44f5ea
trusted-firmware-a.mk: make sure include directory exists
ARM Trusted Firmware builds do not depend on any target libraries as
they are bare-metal builds. However, the compiler aborts due to
-Werror=missing-include-dirs if the include dir doesn't exists and this
can happen when building with parallelisation as that makes it likely
for arm-trusted-firmware-* to be build very early before any of the
libraries which would implicitely create the directory.
Fix this by making sure the include dir exists before building.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2022-04-09 22:24:36 +01:00
John Audia b92ec82235 kernel: bump 5.10 to 5.10.110
Removed upstreamed:
  generic/backport-5.10/350-v5.18-MIPS-pgalloc-fix-memory-leak-caused-by-pgd_free.patch
  generic/pending-5.10/850-0014-PCI-aardvark-Fix-reading-PCI_EXP_RTSTA_PME-bit-on-em.patch
  ipq40xx/patches-5.10/105-ipq40xx-fix-sleep-clock.patch

All patches automatically rebased.

Build system: x86_64
Build-tested: bcm2711/RPi4B, mt7622/RT3200
Run-tested: bcm2711/RPi4B, mt7622/RT3200
Compile-/run-tested: ath79/generic (Archer C7 v2).

Signed-off-by: John Audia <graysky@archlinux.us>
2022-04-09 19:31:46 +02:00
Rui Salvaterra be381a7ac7 kernel: bump 5.15 to 5.15.33
Deleted (upstreamed):
generic/backport-5.15/350-v5.18-MIPS-pgalloc-fix-memory-leak-caused-by-pgd_free.patch [1]
generic/backport-5.15/730-v5.16-hv-utils-add-PTP_1588_CLOCK-to-Kconfig-to-fix-build.patch [2]
generic/pending-5.15/850-0014-PCI-aardvark-Fix-reading-PCI_EXP_RTSTA_PME-bit-on-em.patch [3]
generic/pending-5.15/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch [4]

Manually rebased:
generic/pending-5.15/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch
ramips/patches-5.15/710-at803x.patch

[1] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=d29cda15cab086d82d692de016f7249545d4b6b4
[2] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=d5aad7d63b1b5c1f3c4b69e12c05e7c7d196fae8
[3] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=ed750e22e44366e264bcdf7b1cf0713f08f7980a
[4] https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?h=v5.15.33&id=0fe94b84c43cfea867e1721606185e8686d7d32f

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[Refresh patches again]
[Remove generic/pending-5.15/850-0002-PCI-aardvark-Fix-reading-MSI-interrupt-number.patch]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2022-04-09 19:31:46 +02:00
Rui Salvaterra 5a09eb17c2 kernel: bump 5.15 to 5.15.32
Patches automatically rebased.

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2022-04-09 19:31:46 +02:00
Aleksander Jan Bajkowski a98ded6c5c kernel: move some symbols to generic config
This commit add some enabled symbols to generic config.
LTO is only supported by clang compiler and therefore should
be disabled in the generic config instead of duplicating this
symbol in each target. CONFIG_LTO_NONE do this job.

The second group of symbols is enabled by the options available
in the generic config and is therefore added here:
* CONFIG_AF_UNIX_OOB is selected by CONFIG_NET && CONFIG_UNIX,
* CONFIG_BINARY_PRINTF is selected by CONFIG_BPF_SYSCALL,
* CONFIG_NET_SOCK_MSG is selected by CONFIG_BPF_SYSCALL && CONFIG_NET.

The other symbols are disabled and should be in the generic config.

This commit also removes these symbols from subtargets.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-04-09 19:31:46 +02:00
Ansuel Smith 5b3a75e7a6 generic: 5.15: fix aardvak pci pending patch
Fix aardvak pci controller pending patch. Use generic_handle_domain_irq
and fix rebase error.

Fixes: 483503603c ("generic: 5.15: rework pending patch")
Signed-off-by: Ansuel Smith <ansuelsmth@gmail.com>
2022-04-09 19:31:46 +02:00
Aleksander Jan Bajkowski 848f112c91 armvirt: add 5.15 as testing kernel
Add 5.15 as testing kernel.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-04-09 19:31:46 +02:00
Aleksander Jan Bajkowski 03befa257e armvirt: move common symbols from subtarget to target config
These new symbols are common for all subtargets and
can be moved into target config.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-04-09 19:31:46 +02:00
Aleksander Jan Bajkowski f551f49424 armvirt: refresh 5.15 config
This was done by executing these commands:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
$ make kernel_oldconfig CONFIG_TARGET=subtarget_platform

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-04-09 19:31:46 +02:00
Aleksander Jan Bajkowski 5064ea8025 armvirt: copy config files from 5.10
Copy config files from 5.10.

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-04-09 19:31:46 +02:00
Aleksander Jan Bajkowski fcb68aa425 armvirt: refresh 5.10 config
This was done by executing these commands:
$ make kernel_oldconfig CONFIG_TARGET=subtarget
$ make kernel_oldconfig CONFIG_TARGET=subtarget_platform

Signed-off-by: Aleksander Jan Bajkowski <olek2@wp.pl>
2022-04-09 19:31:46 +02:00
Ray Wang 3204906569 ipq40xx: add RT-AC2200 alternative name to RT-AC42U/RT-ACRH17
RT-AC2200 is the same device with a different name. The OEM firmwares have the same MD5.

Signed-off-by: Ray Wang <raywang777@foxmail.com>
2022-04-09 19:31:46 +02:00
Joe Mullally 44e1e5d153 ath79: Move TPLink WPA8630Pv2 to ath79-tiny target
These devices only have 6MiB available for firmware, which is not
enough for recent release images, so move these to the tiny target.

Note for users sysupgrading from the previous ath79-generic snapshot
images:

The tiny target kernel has a 4Kb flash erase block size instead
of the generic target's 64kb. This means the JFFS2 overlay partition
containing settings must be reformatted with the new block size or else
there will be data corruption.

To do this, backup your settings before upgrading, then during the
sysupgrade, de-select "Keep Settings". On the CLI, use "sysupgrade -n".

If you forget to do this and your system becomes unstable after
upgrading, you can do this to format the partition and recover:

* Reboot
* Press RESET when Power LED blinks during boot to enter Failsafe mode
* SSH to 192.168.1.1
* Run "firstboot" and reboot

Signed-off-by: Joe Mullally <jwmullally@gmail.com>
Tested-by: Robert Högberg <robert.hogberg@gmail.com>
2022-04-09 19:31:46 +02:00
Robert Marko 6461384c1e mwlwifi: fix 5.15 kernel support
Fix compilation and usage under kernel 5.15 for the mwlwifi driver.

For detailed description of changes, check individual patches.

Signed-off-by: Robert Marko <robert.marko@sartura.hr>
2022-04-09 19:31:46 +02:00
Konstantin Demin 65256aee23 dropbear: bump to 2022.82
- update dropbear to latest stable 2022.82;
  for the changes see https://matt.ucc.asn.au/dropbear/CHANGES
- use $(AUTORELEASE) in PKG_RELEASE
- use https for all uris
- refresh all patches
- rewrite patches:
  - 100-pubkey_path.patch
  - 130-ssh_ignore_x_args.patch

binary/pkg size changes:
- ath79/generic, mips:
  - binary: 215112 -> 219228 (+4116)
  - pkg: 111914 -> 113404 (+1490)
- ath79/tiny, mips:
  - binary: 172501 -> 172485 (-16)
  - pkg: 89871 -> 90904 (+1033)

Tested-by: Stijn Segers <foss@volatilesystems.org>
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
2022-04-09 19:31:31 +02:00
Nick Hainke c3b7389339 libmnl: update to 1.0.5
Changes:

Duncan Roe (5):
      nlmsg: Fix a missing doxygen section trailer
      build: doc: "make" builds & installs a full set of man pages
      build: doc: get rid of the need for manual updating of Makefile
      build: If doxygen is not available, be sure to report "doxygen: no" to ./configure
      src: doc: Fix messed-up Netlink message batch diagram

Fernando Fernandez Mancera (1):
      src: fix doxygen function documentation

Florian Westphal (1):
      libmnl: zero attribute padding

Guillaume Nault (1):
      callback: mark cb_ctl_array 'const' in mnl_cb_run2()

Kylie McClain (1):
      examples: nfct-daemon: Fix test building on musl libc

Laura Garcia Liebana (4):
      examples: add arp cache dump example
      examples: fix neigh max attributes
      examples: fix print line format
      examples: reduce LOCs during neigh attributes validation

Pablo Neira Ayuso (3):
      doxygen: remove EXPORT_SYMBOL from the output
      include: add MNL_SOCKET_DUMP_SIZE definition
      build: libmnl 1.0.5 release

Petr Vorel (1):
      examples: Add rtnl-addr-add.c

Stephen Hemminger (1):
      examples: rtnl-addr-dump: fix typo

igo95862 (1):
      doxygen: Fixed link to the git source tree on the website.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-04-09 18:34:04 +02:00
Nick Hainke aecf088b37 libnfnetlink: update to 1.0.2
Changes:

c63f193 bump version to 1.0.2
3cffa84 libnfnetlink: Check getsockname() return code
90ba679 include: Silence gcc warning in linux_list.h
bb4f6c8 Make it clear that this library is deprecated
e46569c Minimally resurrect doxygen documentation
5087de4 libnfnetlink: hide private symbols
62ca426 autogen: don't convert __u16 to u_int16_t
efa1d8e src: Use stdint types everywhere
7a1a07c include: Sync with kernel headers
7633f0c libnfnetlink: initialize attribute padding to resolve valgrind warnings
94b68f3 configure: uclinux is also linux
617fe82 src: get source code license header in sync with current licensing terms
97a3960 build: resolve automake-1.12 warnings

Removed the patch 100-missing_include.patch, libnfnetlink compiles fine
with musl without this patch.

Signed-off-by: Nick Hainke <vincent@systemli.org>
2022-04-09 18:33:24 +02:00
Andrey Erokhin 1e991e09b7 gpio-button-hotplug: fix data race
bh_event_add_var can be called by multiple threads concurrently,
so it shall not use a static char buffer

Signed-off-by: Andrey Erokhin <a.erokhin@inango-systems.com>
2022-04-09 15:56:04 +02:00
Rosen Penev 19f3fcc884 tools/meson: update to 0.61.4
Override python to use the one in host instead of hostpkg. There's no
need to use the latter.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2022-04-09 15:56:04 +02:00
leo chung 56f091d467 tools/cmake: fix download url
fix the cmake.org download url

Signed-off-by: leo chung <gewalalb@gmail.com>
2022-04-09 15:56:04 +02:00
Felix Matouschek a5de91a88a kernel: Fix oob layout of XTX XT26G0xA
The correct oob layout is:

ECC:
region->offset = 48;
region->length = 16;

Free:
/* Reserve 1 byte for the BBM. */
region->offset = 1;
region->length = 47;

Signed-off-by: Felix Matouschek <felix@matouschek.org>
2022-04-09 21:08:26 +08:00
Felix Matouschek 3711aee56d kernel: Fix readid method of XTX XT26G0xA
The correct readid method is SPINAND_READID_METHOD_OPCODE_ADDR.

Signed-off-by: Felix Matouschek <felix@matouschek.org>
2022-04-09 21:08:26 +08:00
Chuanhong Guo 6fa50e26e7 kernel: mtk_bmt: skip bitflip check if threshold isn't set
kernel spi-nand driver leaves this field empty and let mtd set it later.

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2022-04-09 21:08:26 +08:00
Chuanhong Guo 55be011a71 kernel: v5.10: backport GigaDevice SPI-NAND supports
This backports GD SPI NAND support from nand/next to v5.10

Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2022-04-09 21:08:19 +08:00
Chuanhong Guo 42186888f5 kernel: v5.15: backport GigaDevice SPI-NAND supports
Signed-off-by: Chuanhong Guo <gch981213@gmail.com>
2022-04-09 21:04:40 +08:00
Felix Fietkau 0392644083 qosify: update to the latest version
92f5e18675bf interface: fix ifname present check in interface status
ef82defaae26 ubus: add active devices to bridger blacklist

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2022-04-08 13:07:47 +02:00