aboutsummaryrefslogtreecommitdiffstats
path: root/config
Commit message (Collapse)AuthorAgeFilesLines
* scripts/download.pl: make the download tool configurableChristian Marangi2022-10-201-0/+14
| | | | | | | | | | | | | | | | | | | | | | Introduce a new option in the "Advanced configuration options" to configure a custom download tool. By declaring a string in "Use custom download tool" an user can force what command to use to download package. With the string empty the default tool used is curl, with wget as a fallback if not available. download.pl supports 3 tools officially aria2c, curl and wget. If one of the tool is used in this config, download.pl will use the default args to make use of them. If the provided string is different than aria2c, curl or wget, the command is used as is and the download url will be appended at the end of such command. While at it also tweak the tool selection logic and chose the tool only once when the script is called and move aria2c specific variables in the relevant section. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* tools: add option BUILD_ALL_HOST_TOOLS to compile all host toolsChristian Marangi2022-09-301-0/+7
| | | | | | | | Add option to compile all host tools even if not needed. This can be useful to prepare a universal precompiled host tools archive to use in another buildroot and speedup compilation. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* kernel: disable wireless extensions only when neededFelix Fietkau2022-09-221-0/+16
| | | | | | They are only needed by a few very old drivers Signed-off-by: Felix Fietkau <nbd@nbd.name>
* toolchain: Select USE_SSTRIP with external musl toolchainHauke Mehrtens2022-09-121-1/+0
| | | | | | | | | When we use the internal toolchain USE_SSTRIP will be selected by default for musl libc and USE_STRIP when glibc is used. Do the same when an external toolchain is used. USE_GLIBC will also be set for external toolchain builds based on the EXTERNAL_TOOLCHAIN_LIBC_USE_GLIBC setting. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* scripts: always check certificatesJosh Roys2022-09-101-0/+4
| | | | | | | | | | | | | | | Remove flags from wget and curl instructing them to ignore bad server certificates. Although other mechanisms can protect against malicious modifications of downloads, other vectors of attack may be available to an adversary. TLS certificate verification can be disabled by turning oof the "Enable TLS certificate verification during package download" option enabled by default in the "Global build settings" in "make menuconfig" Signed-off-by: Josh Roys <roysjosh@gmail.com> [ add additional info on how to disable this option ] Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* build: always set CONFIG_IPV6Thibaut VARÈNE2022-08-201-5/+1
| | | | | | | | | | | | | | | Disabling this build tunable breaks build and seems unrealistically likely to be fixed. This patch sets the related CONFIG to always true and removes the config prompt, keeping the change minimal, and, should !CONFIG_IPV6 ever be fixed, easy to revert. Signed-off-by: Thibaut VARÈNE <hacks@slashdirt.org> Acked-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Paul Spooren <mail@aparcar.org> Acked-by: Josef.Schlehofer <pepe.schlehofer@gmail.com> Acked-by: Jo-Philipp Wich <jo@mein.io>
* kernel: add KERNEL_DEBUG_VIRTUALFlorian Fainelli2022-07-071-0/+8
| | | | | | | | This option allows turning on CONFIG_DEBUG_VIRTUAL which is useful to debug incorrect uses of the virtual to physical and physical to virtual translations functions. Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
* bcm53xx: use -falign-functions=32 for kernel compilationRafał Miłecki2022-07-031-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | Northstar SoCs have pretty small CPU caches and their performance is heavily affected by cache hits & misses. It means that all kind of random code changes can affect performance as they often reorganize (change alignment & possibly reorder) kernel symbols. It was discussed in ARM / net mailinglists: 1. ARM router NAT performance affected by random/unrelated commits [1] [2] 2. Optimizing kernel compilation / alignments for network performance [3] [4] It seems that -falign-functions can be used as a partial workaround. It doesn't solve all cases (e.g. documented watchdog one [5]) but it surely helps with many of them. A complete long term solution may be PGO (profile-guided optimization) but it isn't available at this point. [1] https://lkml.org/lkml/2019/5/21/349 [2] https://www.spinics.net/lists/linux-block/msg40624.html [3] https://lore.kernel.org/linux-arm-kernel/066fc320-dc04-11a4-476e-b0d11f3b17e6@gmail.com/T/ [4] https://www.spinics.net/lists/netdev/msg816103.html [5] http://lists.openwrt.org/pipermail/openwrt-devel/2022-July/038989.html Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: support setting extra CFLAGS for kernel compilationRafał Miłecki2022-06-201-0/+4
| | | | | | They may be used e.g. to optimize kernel size or performance. Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
* kernel: add KERNEL_BPF_EVENTS config optionStijn Tintel2022-05-181-1/+11
| | | | | | | | This is required to use BPF maps of type BPF_MAP_TYPE_PERF_EVENT_ARRAY for sending data from BPF programs to user-space for post-processing or logging. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* build: add option KERNEL_DEBUG_INFO_BTFTony Ambardar2022-05-181-0/+14
| | | | | | | | | | | | | | | | | | | | Generate BTF (BPF Type Format) information from DWARF debug info. This is embedded in the kernel and exported via sysfs as /sys/kernel/btf/vmlinux. BTF data enhances kernel portability and introspection for BPF programs. Selecting this also enables the dwarves host package which provides the pahole tool used for BTF encoding. Test using: "bpftool btf dump file /sys/kernel/btf/vmlinux format c" This needs to depend on KERNEL_DEBUG_INFO_REDUCED not being set, otherwise we can enable both KERNEL_DEBUG_INFO_BTF and KERNEL_DEBUG_INFO_REDUCED, which will result in undefined behaviour. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> Signed-off-by: Felix Fietkau <nbd@nbd.name> [split DEBUG_INFO_REDUCED into separate commit, add dependency] Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add DEBUG_INFO_REDUCED config optionStijn Tintel2022-05-181-0/+14
| | | | | | | | Add DEBUG_INFO_REDUCED as a kernel config option and remove it from the kernel configs. This is in preparation of the upcoming option to enable BTF typeinfo, which is incompatible with DEBUG_INFO_REDUCED. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add missing dependency to KERNEL_RPI_AXIPERFStijn Tintel2022-05-181-1/+1
| | | | | | | | This symbol is added by the bcm27xx target patches so it should depend on that target. Fixes: efd9463dcfe2 ("kernel: add missing symbol for bcm27xx") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add missing symbol for bcm27xxStijn Tintel2022-05-171-0/+5
| | | | | | | | | When KERNEL_PERF_EVENTS is enabled in OpenWrt, the RPI_AXIPERF symbol is exposed. Add a build option for it to fix build failures with KERNEL_PERF_EVENTS enabled. Fixes: 20ea6adbf199 ("bcm27xx: add support for linux v5.15") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add missing symbolStijn Tintel2022-04-021-0/+5
| | | | | | | Enabling KERNEL_KPROBES exposes KERNEL_BPF_KPROBE_OVERRIDE. Add a build option for it to fix build failures with KERNEL_KPROBES enabled. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* config: build: cleanup whitespace issuePetr Štetiar2022-02-191-1/+1
| | | | | | In order to have it tidy. Signed-off-by: Petr Štetiar <ynezz@true.cz>
* kernel: add kmod-vrfMarek Behún2022-02-011-0/+10
| | | | | | | | | | | Add option to compile kmod-vrf, support for Virtual Routing and Forwarding (Lite). This module depends on NET_L3_MASTER_DEV, which is a boolean kernel option, so we need to create a configuration option also for this, and make kmod-vrf depend on it. Signed-off-by: Marek Behún <kabel@kernel.org>
* uml: make use of 'rootfs-part' featureDaniel Golle2022-01-231-1/+1
| | | | | | | Use 'rootfs-part' feature instead of referencing the TARGET_uml in Config-images.in. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* sunxi: make use of 'rootfs-part' featureDaniel Golle2022-01-231-1/+1
| | | | | | | Use 'rootfs-part' feature instead of referencing the TARGET_sunxi in Config-images.in. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* omap: make use of 'rootfs-part' featureDaniel Golle2022-01-231-1/+1
| | | | | | | Use 'rootfs-part' feature instead of referencing the TARGET_omap in Config-images.in. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* kernel: enhance multicast routing supportMatthew Hagan2022-01-081-2/+22
| | | | | | | | | | | | | | Certain utilities, such as smcroute [1], require additional multicast routing options to be enabled, otherwise they will not function correctly. Enable these relevant dependancies when IPv4 and/or IPv6 multicast routing are enabled. [1] https://github.com/troglobit/smcroute/blob/master/README.md#linux-requirements This increases the uncompressed kernel size on MIPS 24kc by 8KBytes and the compressed kernel size by 1.8KBytes. Signed-off-by: Matthew Hagan <mnhagan88@gmail.com>
* x86: added support to generate VHDX imagesOldřich Jedlička2021-12-051-0/+6
| | | | | | | Added support to generate dynamic-sized VHDX images for Hyper-V. Compile-tested on x86 and run-tested on Windows 10 21H2 (Hyper-V). Signed-off-by: Oldřich Jedlička <oldium.pro@gmail.com>
* kernel: remove non-existent config symbolsJianhui Zhao2021-11-201-5/+0
| | | | | | | The crashlog patch as not ported to kernel 5.4. Fixes: 4e0c54bc5bc8 ("kernel: add support for kernel 5.4") Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
* kernel: add missing symbolStijn Tintel2021-11-151-0/+13
| | | | | | | Enabling KERNEL_FTRACE exposes the HIST_TRIGGERS triggers symbol. Add a build option for it to fix build failures with KERNEL_FTRACE enabled. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: fix KERNEL_KASAN_VMALLOC build optionStijn Tintel2021-11-071-1/+1
| | | | | | | It should be config, not CONFIG. Fixes: cbeab2cd9919 ("kernel: add another missing KASAN symbol") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add missing keyword to KERNEL_KASAN_VMALLOCStijn Tintel2021-11-071-0/+1
| | | | | | | | The help keyword is missing, which breaks menuconfig etc. Fixes: cbeab2cd9919 ("kernel: add another missing KASAN symbol") Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* kernel: add another missing KASAN symbolStijn Tintel2021-11-071-0/+16
| | | | | | | | | | Enabling KERNEL_KASAN exposes yet another missing symbol. This did not appear on bcm27xx but is appearing now on x86/64. Add a new kernel build option for KASAN_VMALLOC to fix build on x86/64 with KERNEL_KASAN enabled. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: add missing UBSAN config symbolsStijn Tintel2021-11-071-0/+23
| | | | | | | | | | | | | | Enabling KERNEL_UBSAN exposes several missing symbols. Add new kernel build options for UBSAN_BOUNDS and UBSAN_TRAP, disable CONFIG_TEST_UBSAN in the generic kernel configs and enable CONFIG_UBSAN_MISC in generic 5.10 config. The latter symbol was removed in later kernels, as it was causing some issues, so just disable it in 5.10 instead of adding a build option for it. Fixes build failures with KERNEL_UBSAN enabled. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* kernel: add missing KASAN config symbolsStijn Tintel2021-11-071-0/+7
| | | | | | | | | | | | | | Enabling KERNEL_KASAN exposes several missing symbols. As KASAN_SW_TAGS is only implemented for arm64 CPUs and requires clang, it doesn't make sense to make this a build option so just default to KASAN_GENERIC and disable KASAN_SW_TAGS. While at it, disable TEST_KASAN_MODULE in the generic 5.10 config. Fixes build failures with KERNEL_KASAN enabled. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be> Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* config: Activate SECCOMP also on MIPS 64Hauke Mehrtens2021-11-031-1/+1
| | | | | | | | This activates SECCOMP also on mips64 and mips64el. This was working fine in a basic test in qemu. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* build: add HOST_OS_LINUX and HOST_OS_MACOS config symbolsFelix Fietkau2021-11-011-0/+1
| | | | | | This can be used to simplify host os tests in various places Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: fix various typosJosh Soref2021-10-312-2/+2
| | | | | | | | Fix typos in comment and user-facing help text. Signed-off-by: Josh Soref <jsoref@users.noreply.github.com> [split out config changes, adjust commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* uclibc++: removeRosen Penev2021-10-241-14/+0
| | | | | | | | | | | | | | | No package here depends on it. Furthermore, uClibc++ is a fairly buggy C++ library and seems to be relatively inactive upstream. It also lacks proper support for modern C++11 features. The main benefit of it is size: 66.6 KB vs 287.3 KB on mips24kc. Static linking and LTO can help bring the size down of packages that need it. Added warning message to uclibc++.mk Signed-off-by: Rosen Penev <rosenp@gmail.com> Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* buildsystem: add CONFIG_SECCOMPFlorian Eckert2021-10-161-0/+12
| | | | | | | | | | | | | | | | | | | | | Until now, this feature was switched on via the kernel configuration option KERNEL_SECCOMP. The follwing change a7f794cd2aa104fdbd4c6e38f9b76373bf9b96e1 now requires that the package procd-seccomp must also enabled for buildinmg. However, this is not the case we have no dependency and the imagebuilder cannot build the image, because of the implicit package selection. This change adds a new configuration option CONFIG_SECCOMP. The new option has the same behaviour as the configuration option CONFIG_SELINUX. If the CONFIG_SECCOMP is selected then the package procd-seccomp and KERNEL_SECCOMP is enabled for this build. Signed-off-by: Florian Eckert <fe@dev.tdt.de> Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* build: Replace KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTORHauke Mehrtens2021-09-131-16/+4
| | | | | | | | | | | | | The LOCKUP_DETECTOR configuration option split into the SOFTLOCKUP_DETECTOR and HARDLOCKUP_DETECTOR configuration option some time ago. The HARDLOCKUP_DETECTOR option is only working on some architectures, but SOFTLOCKUP_DETECTOR should work everywhere. Replace KERNEL_LOCKUP_DETECTOR with KERNEL_SOFTLOCKUP_DETECTOR. LOCKUP_DETECTOR will be selected by SOFTLOCKUP_DETECTOR automatically. Fixes: b951f53fbae3 ("build: Add additional kernel debug options") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* base-files: add option to make /var persistentStijn Tintel2021-08-221-0/+8
| | | | | | | | | | | | | | | | In OpenWrt, /var is symlinked to /tmp by default. This is done to reduce the amount of writes to the flash chip, which often have not the greatest durability. As a result, things like DHCP or UPnP lease files, are not persistent across reboots. Since OpenWrt can run on devices with more durable storage, it makes sense to have an option for a persistent /var. Add an option to make /var persistent. When enabled, /var will no longer be symlinked to /tmp, but /var/run will be symlink to /tmp/run, as it should contains only files that should not be kept during reboot. The option is off by default, to maintain the current behaviour. Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* build: create profiles.json per defaultPaul Spooren2021-06-211-1/+1
| | | | | | | | | | | | | The file is a info file just like config.buildinfo, feeds.buildinfo and version.buildinfo. It bundles these and more information in a machine readable way. This commit enables the creation of profiles.json by default and not only for buildbots. By doing so it follow the behaviour of the ImageBuilder which always creates the file, lastly this increases the files visibility for downstream projects. Signed-off-by: Paul Spooren <mail@aparcar.org>
* grub2: make grub2-bios-setup as a separate package李国2021-06-201-0/+2
| | | | | | | | | | The grub2 and grub2-efi packages should only contain boot-related code. grub-bios-setup is the same as grub-editenv, they are both grub2 tools and should be placed in a separate package. Signed-off-by: 李国 <uxgood.org@gmail.com> [use AUTORELEASE and update to SPDX] Signed-off-by: Paul Spooren <mail@aparcar.org>
* build: Config-images: fix unit of partition sizesPaul Fertser2021-06-201-2/+2
| | | | | | | | | The code interprets these config values as Mebibytes rather than Megabytes so modify the description accordingly. Signed-off-by: Paul Fertser <fercerpav@gmail.com> [fix commit title prefix] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* treewide: fix spelling 'seperate' -> 'separate'Daniel Golle2021-02-281-8/+8
| | | | | | | This popular spelling mistake was also introduced by myself lately. Fix it everywhere. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* image: improve Kconfig for seperate ramdisk optionDaniel Golle2021-02-251-1/+2
| | | | | | | * show only if target supports it (ie. seperate_ramdisk feature set) * select XZ compression by default of ramdisk is seperate Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* image: allow building FIT and uImage with ramdiskDaniel Golle2021-02-241-5/+16
| | | | | | | | | | | | | Instead of embedding the initrd cpio archive into the kernel, allow for having an external ramdisk added to the FIT or uImage. This is useful to overcome kernel size limitations present in many stock bootloaders, as the ramdisk is then loaded seperately and doesn't add to the kernel size. Hence we can have larger ramdisks to host ie. installers with all binaries to flash included (or a web-based firmware selector). In terms of performance and total size the differences are neglectible. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* build: make zstd initramfs selectableFelix Fietkau2021-02-161-0/+4
| | | | | | fix typo in kernel initramfs zstd compression option Signed-off-by: Felix Fietkau <nbd@nbd.name>
* build: use SPDX license tagsPaul Spooren2021-02-054-16/+8
| | | | | | | | | The license folder is a core part of OpenWrt and all GPL-2.0 licensed. Use SPDX license tags to allow machines to check licenses. Signed-off-by: Paul Spooren <mail@aparcar.org> [rebase, keep some Copyright lines, sharpen commit message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: add defaults for new SELinux optionsDaniel Golle2021-02-051-0/+10
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* config: drop CONFIG_KPROBE_EVENT unused since kernel 4.9Tony Ambardar2021-01-251-4/+0
| | | | | | | The config setting was renamed to CONFIG_KPROBE_EVENTS. Fixes: 97d3f800a8 ("config: kernel: Add KPROBE_EVENTS config option) Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
* kernel: make lwtunnel support optionalRui Salvaterra2021-01-141-2/+3
| | | | | | | | | | Not everyone will want to bloat their kernel by 24 kiB for such a niche feature. Fixes: a1a7f3274e0ed27511d45f62ee20281d8d57c7af "kernel: enable SRv6 support by enabling lwtunnel" Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* kernel: drop unneeded kernel version dependencyAndy Walsh2021-01-141-1/+0
| | | | | | | | | | | The current master only supports kernel 5.4, and there is no reason to remove KERNEL_IO_URING for future kernels. Drop the unneeded dependency. Signed-off-by: Andy Walsh <andy.walsh44+github@gmail.com> [improve commit title/message] Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* kernel: enable SRv6 support by enabling lwtunnelNick Hainke2021-01-111-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | Enable the ability to use segment routing based on IPv6. It allows the packet to specify a path that the packet should take through the network. Lwtunnel allow an easy encapsulation of a package. You can just install ip-full package and use it: ip -6 route add 2003::/64 dev eth0 encap seg6 mode encap \ segs 2001::1,2002::2 An IPv6 package looks like this: [IPv6 HDR][IPv6 RH][IPv6 HDR][Data...] Netifd support: https://git.openwrt.org/?p=project/netifd.git; a=commit;h=458b1a7e9473c150a40cae5d8be174f4bb03bd39 Increases imagesize by 24.125 KiB. Therefore, only enable for devices with enough flash. Signed-off-by: Nick Hainke <vincent@systemli.org>
* kernel: only strip proc for small flash devicesNick Hainke2020-12-221-1/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | Currently, you are not able to get statistics about IPv4 and IPv6 usage. This information can be collected via the snmp and snmp6. However, in the current state this interface is disabled as you can read in the "902-debloat_proc.patch": "Strip non-essential /proc functionality to reduce code size" Tools like netstat use the snmp/6 interface to collect interface statistics. Some prometheus exporters also mention this: - prometheus-collectors/netstat.lua - prometheus-collectors/snmp6 (still a PR) - collectd/snmp6 (still a PR) PRs: - https://github.com/collectd/collectd/pull/3789 - https://github.com/openwrt/packages/pull/14158 Instead of enabling it as default for all devices we condition it default y if SMALL_FLASH A test shows it needs around 16 kiB. Signed-off-by: Nick Hainke <vincent@systemli.org> [fixed whitespace issue] Signed-off-by: Petr Štetiar <ynezz@true.cz>