| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
| |
It's related to the upstream kernel commit adf82accc5f5 ("netfilter:
x_tables: merge ip and ipv6 masquerade modules").
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
|
|
|
|
|
|
|
|
|
|
| |
The luci and freifunk feed having a common Makefile included by the
individual packages. Currently a change to this file will be ignored
when running "scripts/feeds update".
When we are updating for a feed, add a dependency for all .mk files
in the root of it.
Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
|
|
|
|
|
|
|
|
| |
This reverts commit 4a45e69d190f72ed94878487b271ed7651dd9efa.
This broke the buildbots
Signed-off-by: John Crispin <john@phrozen.org>
|
|
|
|
|
|
|
| |
Uninstall targets may depend on build artefacts, like `make uninstall`
or `ninja uninstall`.
Signed-off-by: Andre Heider <a.heider@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This separates the options for signature creation and verification
* SIGNED_PACKAGES create Packages.sig
* SIGNED_IMAGES add ucert signature to created images
* CHECK_SIGNATURE add verification capabilities to images
* INSTALL_LOCAL_KEY add local key-build to /etc/opkg/keys
Right now the buildbot.git contains some hacks to create images that
have signature verification capabilities while not storing private keys
on buildbot slaves. This commit allows to disable these steps for the
buildbots and only perform signing on the master.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
|
|
|
|
|
|
|
| |
'append-uImage-fakehdr' can now accept magic number as a second, optional
parameter (passed directly to 'mkimage' command with '-M' option). This
enables construction of proper Netgear-specific fake rootfs images
(required for flashing WNDR4300 for example).
Signed-off-by: Michal Cieslakiewicz <michal.cieslakiewicz@wp.pl>
|
|
|
|
|
|
|
|
|
|
| |
Problem found on alpine linux when trying to `./scripts/feeds update -a`,
which results in `Build dependency: Missing seq command`.
Ref: https://github.com/openwrt/openwrt/pull/1926
Suggested-by: imShara <shara@protonmail.com>
[reworded commit and turned faulty Sob into Suggested-by]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed (superseded):
- 950-0726-can-mcp251x-Allow-more-time-after-a-reset.patch
Compile-tested on: brcm2708, cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 820-sec-support-layerscape.patch
Compile-tested on: cns3xxx, layerscape
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
| |
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some kmods (gpio-hotplug, wireguard) store the build path in the
compiled files and therefore make it harder to rebuild the official
binaries. As the same "iremap" function is used as for other binaries,
the change is compatible with gcc7 and 8.
Tested with both gcc7 and gcc8 resulting in build path independent
reproducible builds.
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 110-ARM-zynq-Use-memcpy_toio-instead-of-memcpy.patch
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch (ar71xx)
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch (ath79)
Compile-tested on: cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 403-mtd_fix_cfi_cmdset_0002_status_check.patch
Compile-tested on: ath79, cns3xxx, imx6
Runtime-tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
| |
This is a follow up of 8cb13f4e6d which sets the right timestamp for the
/init file in initramfs. The previous patch doesn't cover it as the
files appear to come from a later step during compilation.
CC: Alexander Couzens <lynxis@fe80.eu>
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
|
|
|
|
|
|
|
|
|
| |
The check for libelf in the kernel build is not enough, because the code that
uses libelf for stack validation is completely non-portable, as it tries to
include asm/types.h and relies on kernel types in user space.
Until this is fixed properly, the only solution is to disable this on any non
Linux build host
Signed-off-by: Felix Fietkau <nbd@nbd.name>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The JSON info files contain details about the created firmware images
per device and are stored next to the created images.
The JSON files are stored as "$(IMAGE_PREFIX).json" and contain some
device/image meta data as well as a list of created firmware images.
An example of openwrt-ramips-rt305x-aztech_hw550-3g.json
{
"id": "aztech_hw550-3g",
"image_prefix": "openwrt-ramips-rt305x-aztech_hw550-3g",
"images": [
{
"name": "openwrt-ramips-rt305x-aztech_hw550-3g-squashfs-sysupgrade.bin",
"sha256": "db2b34b0ec4a83d9bf612cf66fab0dc3722b191cb9bedf111e5627a4298baf20",
"type": "sysupgrade"
}
],
"metadata_version": 1,
"supported_devices": [
"aztech,hw550-3g",
"hw550-3g"
],
"target": "ramips/rt305x",
"titles": [
{
"model": "HW550-3G",
"vendor": "Aztech"
},
{
"model": "ALL0239-3G",
"vendor": "Allnet"
}
],
"version_commit": "r10920+123-0cc87b3bac",
"version_number": "SNAPSHOT"
}
Signed-off-by: Paul Spooren <mail@aparcar.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On a recent Gentoo Linux installation, invoking `make menuconfig`, `make
kernel_menuconfig` or `make kernel_nconfig` in the build system fails,
whereas for example `make menuconfig` in the kernel tree alone works as
expected.
This is happening because STAGING_PREFIX is not defined when kernel's
{menu,n}config target calls pkg-config from the toolchain/host and thus
pkg-config returns an empty value, and the fallback values in the kernel
config script are applied but those are off and the linking fails.
Solution is to use system's pkg-config for all ncurses based menu config
targets in order to provide proper compiler/linker flags.
Ref: FS#2423
Cc: Thomas Albers <thomas.gameiro@gmail.com>
Tested-by: Stijn Tintel <stijn@linux-ipv6.be>
Tested-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes:
- CVE-2019-14814
- CVE-2019-14815
- CVE-2019-14816
- CVE-2019-14821
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes:
- CVE-2019-14814
- CVE-2019-14815
- CVE-2019-14816
- CVE-2019-14821
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes:
- CVE-2019-14814
- CVE-2019-14815
- CVE-2019-14816
- CVE-2019-14821
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
| |
Some tools doesn't support SOURCE_DATE_EPOCH (e.g. initramfs images).
Ensure all files of a root filesystem are set to SOURCE_DATE_EPOCH.
Make initramfs builds reproducible (for ramips).
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes:
- CVE-2019-15504
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 840-media-i2c-tda1997x-select-V4L2_FWNODE.patch
- 079-v4.20-ARM-dts-qcom-ipq4019-fix-PCI-range.patch
- 083-ARM-dts-qcom-ipq4019-enlarge-PCIe-BAR-range.patch
- 084-ARM-dts-qcom-ipq4019-Fix-MSI-IRQ-type.patch
Fixes:
- CVE-2019-15030
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Altered patches:
- 816-pcie-support-layerscape.patch
Fixes:
-CVE-2019-15030
Compile-tested on: cns3xxx, layerscape
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes:
- CVE-2019-15030
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch removes scons host build tool, as commit 7087efd72a8d
("scons: move host build tool to a proper place") in the packages feed
has moved scons into the new home.
There are currently no packages in the master tree which would need
scons, yet scons is build always as part of host tools, just in order to
satisfy host build dependency of few packages in the packages feeds.
Ref: https://github.com/openwrt/packages/pull/9584
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently for at91 target, Build/install-dtb can be triggered concurrently for
multiple different TARGET_FILESYSTEMS, cp command can fail when the
target file is already open exclusively by other cp process
[ -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/at91sam9263ek-uImage -a -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/root.ubifs+fs=-m_2048_-e_126KiB_-c_2048+pkg=68b329da ]
[ -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/at91sam9263ek-uImage -a -f /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/root.ext4+pkg=68b329da ]
cp -fpR /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/linux-4.14.141/arch/arm/boot/dts/at91sam9263ek.dtb /builder/shared-workdir/build/bin/targets/at91/sam9x/openwrt-at91-sam9x-at91sam9263ek.dtb;
cp -fpR /builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/linux-4.14.141/arch/arm/boot/dts/at91sam9263ek.dtb /builder/shared-workdir/build/bin/targets/at91/sam9x/openwrt-at91-sam9x-at91sam9263ek.dtb;
cp: cannot create regular file '/builder/shared-workdir/build/bin/targets/at91/sam9x/openwrt-at91-sam9x-at91sam9263ek.dtb': File exists
Makefile:87: recipe for target '/builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/tmp/openwrt-at91-sam9x-at91sam9263ek-ubifs-dtb' failed
make[4]: *** [/builder/shared-workdir/build/build_dir/target-arm_arm926ej-s_musl_eabi/linux-at91_sam9x/tmp/openwrt-at91-sam9x-at91sam9263ek-ubifs-dtb] Error 1
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 390-v5.3-net-sched-fix-action-ipt-crash.patch
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 390-v5.3-net-sched-fix-action-ipt-crash.patch
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 950-0774-watchdog-bcm2835_wdt-Fix-module-autoload.patch
- 0017-usb-host-fotg2-restart-hcd-after-port-reset.patch
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 0032-usb-host-fotg2-restart-hcd-after-port-reset.patch
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 1c0290c5cc6258c48b8ba46b4f9c85a21de4f875.
Dropping the nopad can make the padding overflow into the next erase
block on devices using a non-aligned rootfs start. This breaks the jffs2
overlay partition with the following messages:
[ 30.343877] jffs2_scan_eraseblock(): End of filesystem marker found at 0x10000
[ 30.376512] jffs2: Cowardly refusing to erase blocks on filesystem with no valid JFFS2 nodes
[ 30.385253] jffs2: empty_blocks 196, bad_blocks 0, c->nr_blocks 197
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Pass suitable pkg-config overrides to the kernel build process in
order to let our pkg-config wrapper discover libraries provided
by tools/.
This mainly affects the use of libelf which is required for the
CONFIG_STACK_VALIDATION features. So far, the build system either
silently used host system libraries or kbuild simply disabled the
feature due to the lack of a suitable libelf.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
While the -nopad option prevents mksquashfs from padding the
image to an arbitrary 4k. It does not take into consideration
that squashfs is programmed to have this 4k padding when it's
being used on on a block device... which is its main "use-case".
Now, after a week long discussion on the ML that included a
back-and-forth between some of the possible options.
But this is likely the best KISS patch to deal with the issue
right away given the limited resources.
From squashfs code point of view, be warned. The 4k padding is
not enough when dealing with devices that have a PAGE_SIZE
bigger than 4k.
if it turns out to be affecting you, then please look-up either:
"FS#2460 - kernel panic reading squashfs from ubi volume" bug
Or the discussion on the OpenWrt-Devel ML in
"amp821xx: use newly added pad-squashfs for Meraki MR24" and
"Squashfs breakage lottery with UBI..."
before making an educated guess.
Note: This will not affect the "tiny"/small flash devices as
much as it seems at first. This is because the the rootfs_data
partition that follows uses jffs2. And it requires to be aligned
to the flash block-size in order to work at all.
So either the involved FSes will meet in the middle as before,
or not at all. But in that latter case the image was already
hoping for the "undefined behaviour" gamble to turn out in its
favour and this is probably why this was unnoticed for so long.
Fixes: FS#2460
Reported-by: Russell Senior <russell@personaltelco.net>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Remove upstreamed:
- 950-0307-Revert-pwm-Set-class-for-exported-channels-in-sysfs.patch
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Fixes:
- CVE-2019-3900
Compile-tested on: none
Runtime-tested on: none
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Also add a missing symbol for x86 which got used now in this bump.
- ISCSI_IBFT
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Refreshed all patches.
Also add a missing symbol for x86 which got used now in this bump.
- ISCSI_IBFT
Compile-tested on: cns3xxx
Runtime-tested on: cns3xxx
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
|