aboutsummaryrefslogtreecommitdiffstats
path: root/package
Commit message (Collapse)AuthorAgeFilesLines
* openssl: passing cflags to configureJitao Lu2023-06-171-1/+2
| | | | | | | | | openssl sets additional cflags in its configuration script. We need to make it aware of our custom cflags to avoid adding conflicting cflags. Fixes: #12866 Signed-off-by: Jitao Lu <dianlujitao@gmail.com> (cherry picked from commit 51f57e7c2dd2799e34036ec74b3436bf490fade0)
* base-files: upgrade: nand: add JFFS2 cleanmarkers supportÁlvaro Fernández Rojas2023-06-151-2/+10
| | | | | | | | | Some Broadcom MIPS devices require JFFS2 cleanmarkers to be present on the kernel partition or the bootloader will identify the partition as corrupt and won't boot the kernel. Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com> (cherry picked from commit 434df8df549a4d709be9eb19c0d2bd8abb4d4881)
* uboot-sifiveu: add bootloader package for SiFive Ux40 boardsZoltan HERPAI2023-06-1412-0/+566
| | | | | | | | Add new package for building bootloader for the SiFive U-series boards. Supported boards at this stage are the HiFive Unleashed and HiFive Unmatched. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu> (cherry picked from commit 91406797f9d06c0008f0a8c2c8455abfb37bf28c)
* openssl: add linux-riscv64 into the targets listZoltan HERPAI2023-06-141-1/+5
| | | | | | | | Add "linux-riscv64-openwrt" into openssl configurations to enable building on riscv64. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu> (cherry picked from commit a0840ecd5309921b62fcf5f563180ef8f955509e)
* opensbi: add package for RISC-VZoltan HERPAI2023-06-141-0/+63
| | | | | | | | | | | | | | | OpenSBI is a form of a first-stage bootloader, which initializes certain parts of an SoC and then passes on control to the second stage bootloader i.e. an u-boot image. We're introducing the package with release v1.2, which provides SBI v0.3 and the SBI SRST extensions which helps to gracefully reboot/shutdown various HiFive-U SoCs. Tested on SiFive Unleashed and Unmatched boards. Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu> (cherry picked from commit 944b13b3ee1d89e11a0121fbeeaa465ab1e25c3c)
* uboot-armsr: add support for QEMU armv7/armv8Petr Štetiar2023-06-132-0/+98
| | | | | | | | | | | | Add new package so we can use self-compiled bootloader during QEMU based testing and development. Backported fix[1] is needed for EFI boot from virtio devices. 1. https://patchwork.ozlabs.org/project/uboot/patch/20230424134946.v10.7.Ia5f5e39c882ac22b5f71c4d576941b34e868eeba@changeid/ Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit b8e3fa2d1205213c71bc356744e9bed6cd8e69f9)
* wolfssl: change armvirt reference to armsrMathew McBride2023-06-131-2/+2
| | | | | | | armvirt target has been renamed to armsr (Arm SystemReady). Signed-off-by: Mathew McBride <matt@traverse.com.au> (cherry picked from commit 203deef82cdcb2c4deb01e2a4cee62a600723320)
* kernel: netdevices: change armvirt references to armsrMathew McBride2023-06-131-4/+4
| | | | | | | armvirt target has been renamed to armsr (Arm SystemReady) Signed-off-by: Mathew McBride <matt@traverse.com.au> (cherry picked from commit c0bcfde58e751d674adfac51944df9e20ab978e4)
* grub2: change armvirt reference to armsrMathew McBride2023-06-131-1/+1
| | | | | | | | The armvirt target has been renamed to armsr (Arm SystemReady), so the GRUB configuration also needs to change. Signed-off-by: Mathew McBride <matt@traverse.com.au> (cherry picked from commit 4ce7d6c8885a0e1873011f8f48b67e2ecd18e43d)
* kernel: kmod-amazon-ena: move to top level netdevicesMathew McBride2023-06-131-1/+15
| | | | | | | | | The Amazon ENA network devices are also used on the AWS Arm (Graviton) instance types, so move it from the x86-only module file to the top level netdevices. Signed-off-by: Mathew McBride <matt@traverse.com.au> (cherry picked from commit 3a7c8fd15e89237c8c9db62393d057f3a47429d2)
* kernel: modules: fix mdio-bus-mux descriptionLuiz Angelo Daros de Luca2023-06-131-1/+1
| | | | | | | | Simple error during copy/paste Fixes: 2dbeb607251b ("kernel: add mdio-bus-mux support") Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com> (cherry picked from commit 1e4bc13eaa3fdba897ca1721b2bfe9f2dbb30770)
* grub2: enable EFI for armvirtMathew McBride2023-06-132-6/+36
| | | | | | | | | | | | This adds a separate package for EFI on Arm SystemReady compatible machines. 32-bit Arm UEFI is supported as well. It is very similar to x86-64 EFI setup, without the need for BIOS backward compatibility and slightly different default modules. Signed-off-by: Mathew McBride <matt@traverse.com.au> (cherry picked from commit 8f29b1573ddf3b7ed7c53bee1a7d55e574806205)
* ipq807x: add initial support for prpl Foundation Haze boardPetr Štetiar2023-06-121-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Haze is prpl Foundation's reference board (WNC LVRP). Board info: - IPQ8072A SoC - 2 GiB RAM - 4 GiB eMMC - 8MiB SPI NOR (MX25U6435F) - 3x 1GigE ports (QCA8075) - 1x 10GigE port (AQR113C) - 1x SFP cage - WiFi 6GHz 160MHz (QCN9074) - WiFi 5GHz 80+80MHz (QCN5054) - WiFi 2.4G (QCN5024) - ARM Standard 20-pin 2.54mm/0.1" JTAG (1V8 !!!) - Bluetooth v5.0 + EDR with integrated Class 1 PA (CYW20704) - 1x M.2 B-key socket with PCIe 3.0 - 1x USB 3.0 port - UART marked J6 is 4-pin 2.54mm/0.1" connector 3V3(arrow),RX,TX,GND (115200 8N1) - Reset and WPS buttons Flashing instructions: 1. From U-Boot boot OpenWrt using initramfs image: IPQ807x# tftpboot openwrt-ipq807x-generic-prpl_haze-initramfs-uImage.itb && bootm 2. In OpenWrt running from initramfs execute sysupgrade: root@OpenWrt:/# sysupgrade -n /tmp/openwrt-ipq807x-generic-prpl_haze-squashfs-sysupgrade.bin Work in progress/known issues: * SFP feature not implemented/tested * M.2 feature not implemented/tested * Bluetooth feature not implemented/tested * 6GHz wireless should be working, but not tested * MAC address assigments for LAN interfaces Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 2e910039dd7170fd28641e7686c376dba6f0d8a5)
* ipq-wifi: update to version 2023-06-03Petr Štetiar2023-06-121-3/+5
| | | | | | | | | | | | | | Contains following updates: * ipq8074: update RegDB in new submitted BDF * Revert "ipq8074: update RegDB in new submitted BDF" * qcn9074: update RegDB in new submitted BDF * ipq8074: update RegDB in new submitted BDF * qca-wireless: ipq40xx: add BDFs for ZTE MF287+ * Add BDFs for prpl Foundation Haze board Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit c2bb9f055b252f167d58540bddb9e5e9586fa986)
* ipq-wifi: bump to latest git HEADAntti Nykänen2023-06-121-3/+5
| | | | | | | | | | | 0f73d32 ipq8074: update RegDB in new submitted BDF a4cd21f ipq8074: add Compex WPQ873 BDF c888dd0 qca-wireless: ipq40xx: Add BDFs for Eero Cento 6388ba9 ipq8074: update regdb for Netgear SXK80 BDF 77775d2 ipq8074: add Netgear SXK80 Signed-off-by: Antti Nykänen <antti.nykanen@nokia.com> (cherry picked from commit 86e7614e0deb5e97083103600b045833c6517c6b)
* qca-nss-dp: fix oops in nss_dp_probePetr Štetiar2023-06-121-2/+3
| | | | | | | | | | | | | | | | | | | | Currently kernel crashes when of_phy_connect has issues: Unable to handle kernel access to user memory outside uaccess routines at virtual address 0000000000000308 ... pc : phy_attached_print+0x28/0x1b0 lr : phy_attached_info+0x14/0x20 ... Call trace: phy_attached_print+0x28/0x1b0 phy_attached_info+0x14/0x20 nss_dp_adjust_link+0x544/0x6c4 [qca_nss_dp] of_phy_connect returns either pointer or NULL, so can't be checked with IS_ERR macro. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 38c7cf0e69aeefdec44d513307732e4daf7d9794)
* libubox: update to the latest versionFelix Fietkau2023-06-121-3/+3
| | | | | | | | | | | | | b09b316aeaf6 blobmsg: add blobmsg_parse_attr function eac92a4d5d82 blobmsg: add blobmsg_parse_array_attr ef5e8e38bd38 usock: fix poll return code check 6fc29d1c4292 jshn.sh: Add pretty-printing to json_dump 5893cf78da40 blobmsg: Don't do at run-time what can be done at compile-time 362951a2d96e uloop: fix uloop_run_timeout 75a3b870cace uloop: add support for integrating with a different event loop Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit b6e0a24c492537e5bbfa015e2a3638ccc53c164b)
* unetd: update to the latest versionFelix Fietkau2023-06-121-3/+3
| | | | | | | | | | | | 412d03012f13 network: prevent adding endpoint routes for addresses on the network faaf9cee6ef4 utils: fix ipv4 checksum issue 0e1c2fad3540 pex-msg: fix memory leak on fread fail in pex_msg_update_request_init 51be0ed659d0 host: fix crash parsing gateway when no endpoint is specified ca17601dc24e wg-linux: add support for splitting netlink messages for allowed ips 7d3986b7a5a2 wg-linux: increase default messages size Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 7b1e8983365746876034534ef22004d423c390e0)
* mac80211: ath11k: sync with ath-nextRobert Marko2023-06-1218-8/+2691
| | | | | | | | | | | Synchronize the ath11k backports with the current ath-next tree. This introduces support for MBSSID and EMA, adds factory test mode and some new HTT stats. Tested-by: Francisco G Luna <frangonlun@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit acde5271a68835f51185aae1b11343439a9d4cab)
* mac80211: backport EMA beacon supportRobert Marko2023-06-122-2/+374
| | | | | | | | | Backport EMA beacon support from kernel 6.4. It is required for MBSSID/EMA suport in ath11k that will follow. Tested-by: Francisco G Luna <frangonlun@gmail.com> Signed-off-by: Robert Marko <robimarko@gmail.com> (cherry picked from commit 84b5735b4c59c8fcb3db647430a4ffd574fb10a3)
* kernel: add mdio-bus-mux supportMathew McBride2023-06-121-0/+15
| | | | | | | | | | The MDIO bus multiplexing framework is used by some drivers such as dwmac-sun8i. As this is a per-driver requirement, set it to be hidden in the menu. Signed-off-by: Mathew McBride <matt@traverse.com.au> (cherry picked from commit 2dbeb607251b75b506dcc8f1294cd9ed0bac9694)
* restool: update source.codeaurora.org repository linkChristian Marangi2023-06-111-1/+1
| | | | | | | | | source.codeaurora.org project has been shut down and the nxp repositories has been moved to github. Update the repository link to the new location. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 0a1ee5323549bfce30b4d42be2dcc461f694881c)
* ls-dpl: update source.codeaurora.org repository linkChristian Marangi2023-06-111-1/+1
| | | | | | | | | source.codeaurora.org project has been shut down and the nxp repositories has been moved to github. Update the repository link to the new location. Signed-off-by: Christian Marangi <ansuelsmth@gmail.com> (cherry picked from commit 52fd8d8ba3ed4d34ed1dbc9d14fc7754960a576d)
* uboot-mediatek: adapt BPi-R3 and BPi-R64 to new device tree overlayDaniel Golle2023-06-092-20/+40
| | | | | | | | | Update bootloader environment for BPi-R3 and BPi-R64 to adapt to new device tree overlay mechanism now that support for multiple device tree overlays has been added. Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit ec50d2d366fecb6f4bac2ae9d5cfa4aba9cf7bbc)
* openssl: update to 3.0.9Ivan Pavlov2023-06-095-294/+4
| | | | | | | | | | | | | | | CVE-2023-2650 fix Remove upstreamed patches Major changes between OpenSSL 3.0.8 and OpenSSL 3.0.9 [30 May 2023] * Mitigate for very slow OBJ_obj2txt() performance with gigantic OBJECT IDENTIFIER sub-identities. (CVE-2023-2650) * Fixed buffer overread in AES-XTS decryption on ARM 64 bit platforms (CVE-2023-1255) * Fixed documentation of X509_VERIFY_PARAM_add0_policy() (CVE-2023-0466) * Fixed handling of invalid certificate policies in leaf certificates (CVE-2023-0465) * Limited the number of nodes created in a policy tree (CVE-2023-0464) Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com> (cherry picked from commit 6348850f10545aac70db94d3a9555a4f2eb84281)
* valgrind: update to 3.21.0Hauke Mehrtens2023-06-094-13/+25
| | | | | | | | | | | Release Notes: https://valgrind.org/docs/manual/dist.news.html This improves support for the memory allocator used in musl libc 1.2.2 and later which is currently used by OpenWrt. Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit d85013460d47b538389b08506fda49e96a1968b5)
* kselftests-bpf: add kernel BPF testsTony Ambardar2023-06-091-0/+63
| | | | | | | | | | | | | | Build and package kernel self-tests used for BPF testing, program and JIT development. This package, together with the existing 'kmod-bpf-test', was extensively used for past upstream Linux JIT submissions [1]. Currently this includes only 'test_verifier'; building 'test_progs' will fail due to known endian limitations with bpftool skeletons. [1]:https://lore.kernel.org/bpf/cover.1633392335.git.Tony.Ambardar@gmail.com Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit 3886ea9b87c416c080078603fedea95bcc144442)
* base-files: enable BPF JIT kallsyms by defaultTony Ambardar2023-06-091-0/+1
| | | | | | | | | | | Set net.core.bpf_jit_kallsyms=1 in /etc/sysctl.d/10-default.conf. For privileged users, this exports addresses of JIT-compiled programs to appear in /proc/kallsyms when present, allowing their use for debugging and in traces. Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit b3aaede2a7b14f2be850db8ae0c826e2782a60e8)
* uboot-rockchip: add Orange Pi R1 Plus LTS supportTianling Shen2023-06-095-0/+499
| | | | | | | | | Add support for the Xunlong Orange Pi R1 Plus LTS. Manually generated of-platdata files to avoid swig dependency. Tested-by: Volkan Yetik <no3iverson@gmail.com> Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org> (cherry picked from commit 37fed89166e6e21c20ef92b36106f7184a0476c6)
* uboot-rockchip: add Orange Pi R1 Plus supportTianling Shen2023-06-095-0/+821
| | | | | | | | Add support for the Xunlong Orange Pi R1 Plus. Manually generated of-platdata files to avoid swig dependency. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org> (cherry picked from commit 043f8a4f5ecf00e8a62b5a5d48baba48e620ea6a)
* openssl: fix uci config for built-in enginesTianling Shen2023-06-081-10/+3
| | | | | | | | | | | | | | | | | | | | | | | | Built-in engine configs are added in libopenssl-conf/install stage already, postinst/add_engine_config is just duplicating them, and due to the lack of `config` header it results a broken uci config: > uci: Parse error (invalid command) at line 3, byte 0 ``` config engine 'devcrypto' option enabled '1' engine 'devcrypto' option enabled '1' option builtin '1' ``` Add `builtin` option in libopenssl-conf/install stage and remove duplicate engine configuration in postinst/add_engine_config to fix this issue. Fixes: 0b70d55a64c39d ("openssl: make UCI config aware of built-in engines") Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org> (cherry picked from commit a0d71934253f599f4ac651b1b3a429901049e802)
* netfilter: fix typo in kmod-nft-dup-inetKevin Darbyshire-Bryant2023-06-081-1/+1
| | | | | | | Fix typo of 'family' in a7e9445975 Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk> (cherry picked from commit 191742eb8ddc4353eedf71a327fb17a11c5a3a99)
* ubnt-ledbar: depend on mediatek and ramips subtargetsTomasz Maciej Nowak2023-06-081-1/+1
| | | | | | | | It's only used on devices in mt7621 and mt7622 subtargets, so no reason to compile it for others. Signed-off-by: Tomasz Maciej Nowak <tmn505@gmail.com> (cherry picked from commit e81298463ed45cd03d45837c12f4c0a4b85f6cd4)
* netifd: update to the latest versionFelix Fietkau2023-06-071-3/+3
| | | | | | | ec9dba721245 system-linux: fix memory leak in system_bridge_vlan_check Signed-off-by: Felix Fietkau <nbd@nbd.name> (cherry picked from commit 20ce21866e482c132df7085061f28dfdafc8a48a)
* netifd: Fix PKG_MIRROR_HASHHauke Mehrtens2023-06-071-1/+1
| | | | | | | | Fix the PKG_MIRROR_HASH value for netifd. Fixes: d2ecaaca3404 ("netifd: update to version 2023-05-31") Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de> (cherry picked from commit 21f713d5abf86fc5639b41d7f4e7535a5538d63a)
* netifd: update to version 2023-05-31Petr Štetiar2023-06-071-3/+3
| | | | | | | | | | | | Contains following changes: * bridge: bridge_dump_info: add dumping of bridge attributes * bridge: make it more clear why the config was applied * cmake: fix build by reordering the cflags definitions * treewide: fix multiple compiler warnings Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit d2ecaaca3404a05ba65bb6756bc5fbd05389ed2f)
* OpenWrt v23.05.0-rc1: revert to branch defaultsHauke Mehrtens2023-06-071-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* OpenWrt v23.05.0-rc1: adjust config defaultsv23.05.0-rc1Hauke Mehrtens2023-06-071-2/+2
| | | | Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* selinux-policy: update to 1.2.5Linhui Liu2023-05-312-3/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | 30d503a uci jsonfilter: pipe and leak e13cb64 rpcd leds 144781f jsonfilter, luci, ubus 1210762 rpcd and all agents get fd's leaked ab9227c rpcd 2f99e0e luci rpcd b43aaf3 rpcd (enable/disable services) luci peeraddr f20f03e rpcd 7bc74f6 rpcd reads all subj state and luci-bwc leaks 9634b17 adds inotify perms to anon_inode 3d3c17c adds bare anon_inode (linux 5.15) 7104b20 dnsmasq and luci 0de2c66 luci,rpcd, ucode, wpad 14f5cf9 luci and ucode e3ce84c rpcd, ucode and cgiio loose ends 96a2401 misc updates 9fe0490 initscript: remove redundant rules 71bd77e allow all init scripts to log to logd f697331 sandbox: make ttydev handling more robust a471877 simplify pty tty console access f738984 sandbox: also remove TIOSCTI from all ttydevs Signed-off-by: Linhui Liu <liulinhui36@gmail.com> (cherry picked from commit 4c5a9da8699a7982b8f03b28561f955d9d1313f1)
* ca-certificates: Update to version 20230311Tianling Shen2023-05-312-13/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the ca-certificates and ca-bundle package from version 20211016 to version 20230311. Use TAR_OPTIONS instead of hacking Build/Prepare, refresh patches. Debian change-log entry [1]: |[...] |[ Đoàn Trần Công Danh ] |* ca-certificates: compat with non-GNU mktemp (closes: #1000847) | |[ Ilya Lipnitskiy ] |* certdata2pem.py: use UTC time when checking cert validity | |[ Julien Cristau ] |* Update Mozilla certificate authority bundle to version 2.60 | The following certificate authorities were added (+): | + "Autoridad de Certificacion Firmaprofesional CIF A62634068" | + "Certainly Root E1" | + "Certainly Root R1" | + "D-TRUST BR Root CA 1 2020" | + "D-TRUST EV Root CA 1 2020" | + "DigiCert TLS ECC P384 Root G5" | + "DigiCert TLS RSA4096 Root G5" | + "E-Tugra Global Root CA ECC v3" | + "E-Tugra Global Root CA RSA v3" | + "HARICA TLS ECC Root CA 2021" | + "HARICA TLS RSA Root CA 2021" | + "HiPKI Root CA - G1" | + "ISRG Root X2" | + "Security Communication ECC RootCA1" | + "Security Communication RootCA3" | + "Telia Root CA v2" | + "TunTrust Root CA" | + "vTrus ECC Root CA" | + "vTrus Root CA" | The following certificate authorities were removed (-): | - "Cybertrust Global Root" (expired) | - "EC-ACC" | - "GlobalSign Root CA - R2" (expired) | - "Hellenic Academic and Research Institutions RootCA 2011" | - "Network Solutions Certificate Authority" | - "Staat der Nederlanden EV Root CA" (expired) |* Drop trailing space from debconf template causing misformatting | (closes: #980821) | |[ Wataru Ashihara ] |* Make certdata2pem.py compatible with cryptography >= 35 (closes: #1008244) |[...] [1]: https://metadata.ftp-master.debian.org/changelogs/main/c/ca-certificates/ca-certificates_20230311_changelog Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org> (cherry picked from commit 7c83b6ac8656f9a3b005554d25857e8ed5faf3f6)
* pcre2: fix host compilation of libselinux by enabling PICPetr Štetiar2023-05-311-1/+2
| | | | | | | | | | | | | | | libselinux-3.5 fails to compile in Fedora 38 container due to the following: cc -O2 -I/openwrt/staging_dir/host/include -I/openwrt/staging_dir/hostpkg/include -I/openwrt/staging_dir/target-x86_64_musl/host/include -I../include -D_GNU_SOURCE -DNO_ANDROID_BACKEND -DUSE_PCRE2 -DPCRE2_CODE_UNIT_WIDTH=8 -I/openwrt/staging_dir/hostpkg/include -L/openwrt/staging_dir/host/lib -L/openwrt/staging_dir/hostpkg/lib -L/openwrt/staging_dir/target-x86_64_musl/host/lib -Wl,-rpath=/openwrt/staging_dir/hostpkg/lib -shared -o libselinux.so.1 avc.lo avc_internal.lo avc_sidtab.lo booleans.lo callbacks.lo canonicalize_context.lo checkAccess.lo check_context.lo checkreqprot.lo compute_av.lo compute_create.lo compute_member.lo compute_relabel.lo compute_user.lo context.lo deny_unknown.lo disable.lo enabled.lo fgetfilecon.lo freecon.lo freeconary.lo fsetfilecon.lo get_context_list.lo get_default_type.lo get_initial_context.lo getenforce.lo getfilecon.lo getpeercon.lo init.lo is_customizable_type.lo label.lo label_db.lo label_file.lo label_media.lo label_support.lo label_x.lo lgetfilecon.lo load_policy.lo lsetfilecon.lo mapping.lo matchmediacon.lo matchpathcon.lo policyvers.lo procattr.lo query_user_context.lo regex.lo reject_unknown.lo selinux_check_securetty_context.lo selinux_config.lo selinux_internal.lo selinux_restorecon.lo sestatus.lo setenforce.lo setexecfilecon.lo setfilecon.lo setrans_client.lo seusers.lo sha1.lo stringrep.lo validatetrans.lo -L/openwrt/staging_dir/hostpkg/lib -lpcre2-8 -lfts -ldl -Wl,-soname,libselinux.so.1,--version-script=libselinux.map,-z,defs,-z,relro /usr/bin/ld: /openwrt/staging_dir/hostpkg/lib/libpcre2-8.a(pcre2_compile.c.o): relocation R_X86_64_32S against symbol `_pcre2_ucd_stage1_8' can not be used when making a shared object; recompile with -fPIC /usr/bin/ld: failed to set dynamic section sizes: bad value So lets fix it by enabling build of host static library with the position independent code option enabled. Signed-off-by: Petr Štetiar <ynezz@true.cz> (cherry picked from commit 12494f5b8a7bb48cbf7b2fba7d17a53981173120)
* netfilter: add kmod-nft-dup-inetMichał Kwiatek2023-05-311-1/+21
| | | | | | | Add kmod-nft-dup-inet package to allow packet duplication in ip/ip6/inet nftables family Signed-off-by: Michał Kwiatek <michal@kwiatek.it> (cherry picked from commit a7e9445975f832db887e6044d7e84220d2a68cf1)
* package: layerscape: change loadaddr addressPawel Dembicki2023-05-2916-16/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | At this moment loadaddr in most layerscape boards are configured to 0x81000000. 5.15 kernel on some boards is bigger than 5.10 and it cause error: Loading kernel from FIT Image at 81000000 ... Using 'config-1' configuration Trying 'kernel-1' kernel subimage Description: ARM64 OpenWrt Linux-5.15.112 Created: 2023-05-21 17:39:35 UTC Type: Kernel Image Compression: gzip compressed Data Start: 0x810000ec Data Size: 7513944 Bytes = 7.2 MiB Architecture: AArch64 OS: Linux Load Address: 0x80000000 Entry Point: 0x80000000 Hash algo: crc32 Hash value: 6fd69550 Hash algo: sha1 Hash value: ee34c753ffb615e199a428762824ad4a0aaef90a Verifying Hash Integrity ... crc32+ sha1+ OK Loading fdt from FIT Image at 81000000 ... Using 'config-1' configuration Trying 'fdt-1' fdt subimage Description: ARM64 OpenWrt fsl_ls1088a-rdb-sdboot device tree blob Created: 2023-05-21 17:39:35 UTC Type: Flat Device Tree Compression: uncompressed Data Start: 0x8172a98c Data Size: 19794 Bytes = 19.3 KiB Architecture: AArch64 Hash algo: crc32 Hash value: 59792ba3 Hash algo: sha1 Hash value: 135585a49f86cd85acea559b78b0098ae99d5e12 Verifying Hash Integrity ... crc32+ sha1+ OK Booting using the fdt blob at 0x8172a98c Uncompressing Kernel Image ERROR: new format image overwritten - must RESET the board to recover resetting ... This patch changes loadaddr to 0x88000000 (like LS1012A-FRDM board) to avoid overlapping for bigger images (like initramfs) too. Tested-by: Alexandra Alth <alexandra@alth.de> [LS1088ARDB] Signed-off-by: Pawel Dembicki <paweldembicki@gmail.com> (cherry picked from commit 0822040671e6177020892e0ddbdfafd4bb3690e0)
* uboot-mediatek: add Qihoo 360T7 supportChukun Pan2023-05-294-0/+477
| | | | | | | | | The vendor uboot will verify firmware at boot. So add a custom uboot build for this device. Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> (cherry picked from commit c51eb177308835f811ae43b17dde0ea962ed1df1) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* arm-trusted-firmware-mediatek: add build for MT7981 DDR3Chukun Pan2023-05-291-0/+47
| | | | | | | | | | Add new build option BOARD_QFN/BOARD_BGA. This option is only useful for MT7981 device. MT7981A/B: BOARD_BGA, MT7981C: BOARD_QFN. Signed-off-by: Chukun Pan <amadeus@jmu.edu.cn> (cherry picked from commit 602cb4f3259cb676fcf6fa6c459d598df643653b) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mediatek: mt7981: add reserved memory to support pstoreAlexander Couzens2023-05-291-0/+38
| | | | | | | | | | Add reserved memory for pstore/ramoops to device tree used by Linux as well as U-Boot. Signed-off-by: Alexander Couzens <lynxis@fe80.eu> Signed-off-by: Daniel Golle <daniel@makrotopia.org> (cherry picked from commit 3eb354f999a3687f9ae547899b0f5ec2b10185ab) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* bpftools: update, split off bpftool and libbpf packagesTony Ambardar2023-05-255-57/+92
| | | | | | | | | | | | | | | | My original bpftools package made "variant" builds of bpftool and libbpf as a convenience, since both used the same local kernel sources with the same versioning. This is no longer the case, since the commit below switched to using an out-of-tree build mirror hosting repos for each. Replace bpftools with separate bpftool and libbpf packages, each simplified and correctly versioned. Also fix the broken libbpf ABI introduced in the same commit. Existing build .config files are not impacted. Fixes: 00cbf6f6ab1d ("bpftools: update to standalone bpftools + libbpf, use the latest version") Signed-off-by: Tony Ambardar <itugrok@yahoo.com> (cherry picked from commit afe1bf11f2539f75e30ab3206891dbe6f8c43bd5) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* busybox: update to 1.36.1Nick Hainke2023-05-241-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Release Notes: http://lists.busybox.net/pipermail/busybox-cvs/2023-May/041510.html Refresh commands, run after busybox is first built once (nothing changed compared to 1.36.0): cd package/utils/busybox/config/ ../convert_menuconfig.pl ../../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1 cd .. ./convert_defaults.pl ../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1/.config > Config-defaults.in Manual edits needed afterward: * Config-defaults.in: OpenWrt config symbol IPV6 logic applied to BUSYBOX_DEFAULT_FEATURE_IPV6 * Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec) * Config-defaults.in: OpenWrt logic applied to BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917) * Config-defaults.in: correct the default ports that get reset BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT 80 BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT 23 * config/editors/Config.in: Add USE_GLIBC dependency to BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090) * config/shell/Config.in: change at "Options common to all shells" the conditional symbol SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html Apparently our script does not see the hidden option while prepending config options with "BUSYBOX_CONFIG_" which leads to a missed dependency when the options are later evaluated.) * Edit a few Config.in files by adding quotes to sourced items in config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f) Tested-by: Hannu Nyman <hannu.nyman@iki.fi> Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 3b76f6eee430a107a0970583c1aa215b35f7e3e4) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libxml2: update to 2.11.4Nick Hainke2023-05-241-2/+2
| | | | | | | | | Release Notes: https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.11.4 Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit c520d682f02890afb38e43b862ca856e2b933507) Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* libcap: update to 2.69Nick Hainke2023-05-241-2/+2
| | | | | | | | | | Release Notes: https://sites.google.com/site/fullycapable/release-notes-for-libcap#h.iuvg7sbjg8pe Fixes: CVE-2023-2602 CVE-2023-2603 Signed-off-by: Nick Hainke <vincent@systemli.org> (cherry picked from commit 78c45c1e591ce5aeff9fb7eeae049662c4ac4ef2) Signed-off-by: Daniel Golle <daniel@makrotopia.org>