diff --git a/config/Config-kernel.in b/config/Config-kernel.in index a21dfc35bd..6ff47a416f 100644 --- a/config/Config-kernel.in +++ b/config/Config-kernel.in @@ -596,8 +596,8 @@ if KERNEL_CGROUPS config KERNEL_CGROUP_HUGETLB bool "HugeTLB controller" - default y if KERNEL_HUGETLB_PAGE - depends on KERNEL_HUGETLB_PAGE + default n + select KERNEL_HUGETLB_PAGE config KERNEL_CGROUP_PIDS bool "PIDs cgroup subsystem" diff --git a/package/kernel/nat46/Makefile b/package/kernel/nat46/Makefile index f37ee6e395..dd9d606d27 100644 --- a/package/kernel/nat46/Makefile +++ b/package/kernel/nat46/Makefile @@ -5,9 +5,9 @@ PKG_NAME:=nat46 PKG_MIRROR_HASH:=d0bc80038cadeb7e857118e8d6bae242670ab27377af49f74bad494e0e5da598 PKG_SOURCE_URL:=https://github.com/ayourtch/nat46.git -PKG_SOURCE_DATE:=2020-08-06 +PKG_SOURCE_DATE:=2020-08-17 PKG_SOURCE_PROTO:=git -PKG_SOURCE_VERSION:=71e9f0941a666c7010bb6d31d45bb795439038fa +PKG_SOURCE_VERSION:=362640b41ae52b732d9e9729e61ac555492442a3 PKG_MAINTAINER:=Hans Dedecker PKG_LICENSE:=GPL-2.0 diff --git a/package/utils/busybox/Config.in b/package/utils/busybox/Config.in index 4d87e18278..dcd027e7ee 100644 --- a/package/utils/busybox/Config.in +++ b/package/utils/busybox/Config.in @@ -1,4 +1,4 @@ -if PACKAGE_busybox +if PACKAGE_busybox || PACKAGE_busybox-selinux config BUSYBOX_CUSTOM bool "Customize busybox options" diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile index baf375eb13..0b56e0b9fd 100644 --- a/package/utils/busybox/Makefile +++ b/package/utils/busybox/Makefile @@ -1,5 +1,5 @@ # -# Copyright (C) 2006-2016 OpenWrt.org +# Copyright (C) 2006-2020 OpenWrt.org # # This is free software, licensed under the GNU General Public License v2. # See /LICENSE for more information. @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=busybox PKG_VERSION:=1.31.1 -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_FLAGS:=essential PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 @@ -39,14 +39,27 @@ BUSYBOX_IF_ENABLED=$(if $(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_$(1)),$(2)) # All files provided by busybox will serve as fallback alternatives by opkg. # There should be no need to enumerate ALTERNATIVES entries here -define Package/busybox +define Package/busybox/Default SECTION:=base CATEGORY:=Base system MAINTAINER:=Felix Fietkau TITLE:=Core utilities for embedded Linux URL:=http://busybox.net/ DEPENDS:=+BUSYBOX_CONFIG_PAM:libpam +BUSYBOX_CONFIG_NTPD:jsonfilter - MENU:=1 +endef + +define Package/busybox + $(call Package/busybox/Default) + CONFLICTS:=busybox-selinux + VARIANT:=default +endef + +define Package/busybox-selinux + $(call Package/busybox/Default) + TITLE += with SELinux support + DEPENDS += +libselinux + VARIANT:=selinux + PROVIDES:=busybox endef define Package/busybox/description @@ -62,6 +75,8 @@ ifdef CONFIG_BUSYBOX_CONFIG_FEATURE_SYSLOG define Package/busybox/conffiles /etc/syslog.conf endef + +Package/busybox-selinux/conffiles = $(Package/busybox/conffiles) endif # don't create a version string containing the actual timestamp @@ -77,6 +92,10 @@ ifeq ($(CONFIG_USE_GLIBC),y) LDLIBS += $(call BUSYBOX_IF_ENABLED,NSLOOKUP_OPENWRT,resolv) endif +ifeq ($(BUILD_VARIANT),selinux) + LDLIBS += selinux sepol +endif + TARGET_CFLAGS += -flto TARGET_LDFLAGS += -flto=jobserver -fuse-linker-plugin @@ -96,6 +115,9 @@ define Build/Configure touch $(PKG_BUILD_DIR)/.config ifeq ($(DEVICE_TYPE),nas) echo "CONFIG_HDPARM=y" >> $(PKG_BUILD_DIR)/.config +endif +ifeq ($(BUILD_VARIANT),selinux) + cat $(TOPDIR)/$(SOURCE)/selinux.config >> $(PKG_BUILD_DIR)/.config endif grep 'CONFIG_BUSYBOX_$(BUSYBOX_SYM)' $(TOPDIR)/.config | sed -e "s,\\(# \)\\?CONFIG_BUSYBOX_$(BUSYBOX_SYM)_\\(.*\\),\\1CONFIG_\\2,g" >> $(PKG_BUILD_DIR)/.config yes 'n' | $(MAKE) -C $(PKG_BUILD_DIR) $(MAKE_FLAGS) oldconfig @@ -125,4 +147,7 @@ endif -rm -rf $(1)/lib64 endef +Package/busybox-selinux/install = $(Package/busybox/install) + $(eval $(call BuildPackage,busybox)) +$(eval $(call BuildPackage,busybox-selinux)) diff --git a/package/utils/busybox/selinux.config b/package/utils/busybox/selinux.config new file mode 100644 index 0000000000..ef20155814 --- /dev/null +++ b/package/utils/busybox/selinux.config @@ -0,0 +1,15 @@ +CONFIG_SELINUX=y +CONFIG_FEATURE_TAR_SELINUX=y +CONFIG_CHCON=y +CONFIG_GETENFORCE=y +CONFIG_GETSEBOOL=y +CONFIG_LOAD_POLICY=y +CONFIG_MATCHPATHCON=y +CONFIG_RUNCON=y +CONFIG_SELINUXENABLED=y +CONFIG_SESTATUS=y +CONFIG_SETFILES=y +CONFIG_FEATURE_SETFILES_CHECK_OPTION=y +CONFIG_RESTORECON=y +CONFIG_SETSEBOOL=y +CONFIG_SETENFORCE=y diff --git a/package/utils/f2fs-tools/Makefile b/package/utils/f2fs-tools/Makefile index 8c7d958c7e..1decfd7ae7 100644 --- a/package/utils/f2fs-tools/Makefile +++ b/package/utils/f2fs-tools/Makefile @@ -31,22 +31,51 @@ define Package/f2fs-tools/Default SUBMENU:=Filesystem DEPENDS:=+libf2fs URL:=http://git.kernel.org/cgit/linux/kernel/git/jaegeuk/f2fs-tools.git + VARIANT:=default +endef + +define Package/f2fs-tools/SELinux + SECTION:=utils + CATEGORY:=Utilities + SUBMENU:=Filesystem + DEPENDS:=+libf2fs-selinux +libselinux + URL:=http://git.kernel.org/cgit/linux/kernel/git/jaegeuk/f2fs-tools.git + VARIANT:=selinux endef define Package/mkf2fs $(Package/f2fs-tools/Default) TITLE:=Utility for creating a Flash-Friendly File System (F2FS) + CONFLICTS:=mkf2fs-selinux +endef + +define Package/mkf2fs-selinux + $(Package/f2fs-tools/SELinux) + TITLE:=Utility for creating a Flash-Friendly File System (F2FS) with SELinux support endef define Package/f2fsck $(Package/f2fs-tools/Default) TITLE:=Utility for checking/repairing a Flash-Friendly File System (F2FS) + CONFLICTS:=f2fsck-selinux +endef + +define Package/f2fsck-selinux + $(Package/f2fs-tools/SELinux) + TITLE:=Utility for checking/repairing a Flash-Friendly File System (F2FS) with SELinux support endef define Package/f2fs-tools $(Package/f2fs-tools/Default) TITLE:=Tools for Flash-Friendly File System (F2FS) DEPENDS += +mkf2fs +f2fsck + CONFLICTS:=f2fs-tools-selinux +endef + +define Package/f2fs-tools-selinux + $(Package/f2fs-tools/SELinux) + TITLE:=Tools for Flash-Friendly File System (F2FS) with SELinux support + DEPENDS += +mkf2fs-selinux +f2fsck-selinux endef define Package/libf2fs @@ -55,13 +84,25 @@ define Package/libf2fs TITLE:=Library for Flash-Friendly File System (F2FS) tools DEPENDS:=+libuuid ABI_VERSION:=6 + CONFLICTS:=libf2fs-selinux +endef + +define Package/libf2fs-selinux + SECTION:=libs + CATEGORY:=Libraries + TITLE:=Library for Flash-Friendly File System (F2FS) tools with SELinux support + DEPENDS:=+libuuid +libselinux + ABI_VERSION:=6 endef CONFIGURE_ARGS += \ --disable-static \ - --without-selinux \ --without-blkid +ifneq ($(BUILD_VARIANT),selinux) + CONFIGURE_ARGS += --without-selinux +endif + CONFIGURE_VARS += \ ac_cv_file__git=no @@ -71,11 +112,15 @@ define Package/libf2fs/install $(PKG_INSTALL_DIR)/usr/lib/libf2fs.so.* $(1)/usr/lib/ endef +Package/libf2fs-selinux/install = $(Package/libf2fs/install) + define Package/mkf2fs/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/mkfs.f2fs $(1)/usr/sbin endef +Package/mkf2fs-selinux/install = $(Package/mkf2fs/install) + define Package/f2fsck/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/fsck.f2fs $(1)/usr/sbin @@ -85,6 +130,8 @@ define Package/f2fsck/install ln -s /usr/sbin/fsck.f2fs $(1)/usr/sbin/resize.f2fs endef +Package/f2fsck-selinux/install = $(Package/f2fsck/install) + define Package/f2fs-tools/install $(INSTALL_DIR) $(1)/usr/sbin $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/f2fstat $(1)/usr/sbin @@ -92,7 +139,13 @@ define Package/f2fs-tools/install $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/parse.f2fs $(1)/usr/sbin endef +Package/f2fs-tools-selinux/install = $(Package/f2fs-tools/install) + $(eval $(call BuildPackage,libf2fs)) +$(eval $(call BuildPackage,libf2fs-selinux)) $(eval $(call BuildPackage,mkf2fs)) +$(eval $(call BuildPackage,mkf2fs-selinux)) $(eval $(call BuildPackage,f2fsck)) +$(eval $(call BuildPackage,f2fsck-selinux)) $(eval $(call BuildPackage,f2fs-tools)) +$(eval $(call BuildPackage,f2fs-tools-selinux)) diff --git a/target/imagebuilder/Makefile b/target/imagebuilder/Makefile index b463feb456..ad19ab2b53 100644 --- a/target/imagebuilder/Makefile +++ b/target/imagebuilder/Makefile @@ -86,7 +86,10 @@ endif (cd $(PKG_BUILD_DIR); find staging_dir/host/bin/ $(IB_LDIR)/scripts/dtc/ -type f | \ $(XARGS) $(SCRIPT_DIR)/bundle-libraries.sh $(PKG_BUILD_DIR)/staging_dir/host) STRIP=sstrip $(SCRIPT_DIR)/rstrip.sh $(PKG_BUILD_DIR)/staging_dir/host/bin/ - $(TAR) -cf - -C $(BUILD_DIR) $(IB_NAME) | xz -T$(if $(filter 1,$(NPROC)),2,0) -zc -7e > $@ + (cd $(BUILD_DIR); \ + tar -I '$(STAGING_DIR_HOST)/bin/xz -7e -T$(if $(filter 1,$(NPROC)),2,0)' -cf $@ $(IB_NAME) \ + --mtime="$(shell date --date=@$(SOURCE_DATE_EPOCH))"; \ + ) download: prepare: diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk index e1ff9b61a7..14e180be04 100644 --- a/target/linux/ramips/image/mt7621.mk +++ b/target/linux/ramips/image/mt7621.mk @@ -1283,6 +1283,7 @@ TARGET_DEVICES += zbtlink_zbt-wg2626 define Device/zbtlink_zbt-wg3526-16m $(Device/dsa-migration) + $(Device/uimage-lzma-loader) IMAGE_SIZE := 16064k DEVICE_VENDOR := Zbtlink DEVICE_MODEL := ZBT-WG3526 @@ -1295,6 +1296,7 @@ TARGET_DEVICES += zbtlink_zbt-wg3526-16m define Device/zbtlink_zbt-wg3526-32m $(Device/dsa-migration) + $(Device/uimage-lzma-loader) IMAGE_SIZE := 32448k DEVICE_VENDOR := Zbtlink DEVICE_MODEL := ZBT-WG3526 diff --git a/target/sdk/Makefile b/target/sdk/Makefile index 2eaeef77aa..022a791ebf 100644 --- a/target/sdk/Makefile +++ b/target/sdk/Makefile @@ -152,7 +152,8 @@ $(BIN_DIR)/$(SDK_NAME).tar.xz: clean find $(SDK_BUILD_DIR) -name CVS | $(XARGS) rm -rf -make -C $(SDK_BUILD_DIR)/scripts/config clean (cd $(BUILD_DIR); \ - tar -I 'xz -T0 -7e' -cf $@ $(SDK_NAME); \ + tar -I '$(STAGING_DIR_HOST)/bin/xz -7e -T$(if $(filter 1,$(NPROC)),2,0)' -cf $@ $(SDK_NAME) \ + --mtime="$(shell date --date=@$(SOURCE_DATE_EPOCH))"; \ ) download: diff --git a/tools/ccache/Makefile b/tools/ccache/Makefile index bf81f2d388..6e55001fd5 100644 --- a/tools/ccache/Makefile +++ b/tools/ccache/Makefile @@ -8,11 +8,11 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/target.mk PKG_NAME:=ccache -PKG_VERSION:=3.7.9 +PKG_VERSION:=3.7.11 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://github.com/ccache/ccache/releases/download/v$(PKG_VERSION) -PKG_HASH:=f893da7543bfb9172bd55e603fcbdfcd83e6def176a28689c13235695b4cf44b +PKG_HASH:=8d450208099a4d202bd7df87caaec81baee20ce9dd62da91e9ea7b95a9072f68 include $(INCLUDE_DIR)/host-build.mk diff --git a/tools/ccache/patches/100-honour-copts.patch b/tools/ccache/patches/100-honour-copts.patch index 31f70090e4..ccfa1c0247 100644 --- a/tools/ccache/patches/100-honour-copts.patch +++ b/tools/ccache/patches/100-honour-copts.patch @@ -1,6 +1,6 @@ --- a/src/ccache.c +++ b/src/ccache.c -@@ -2227,6 +2227,7 @@ calculate_object_hash(struct args *args, +@@ -2277,6 +2277,7 @@ calculate_object_hash(struct args *args, "CPLUS_INCLUDE_PATH", "OBJC_INCLUDE_PATH", "OBJCPLUS_INCLUDE_PATH", // clang diff --git a/tools/cmake/Makefile b/tools/cmake/Makefile index fd066da326..7839d7b00a 100644 --- a/tools/cmake/Makefile +++ b/tools/cmake/Makefile @@ -7,14 +7,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=cmake -PKG_VERSION:=3.17.0 -PKG_RELEASE:=2 +PKG_VERSION:=3.18.2 +PKG_RELEASE:=1 PKG_CPE_ID:=cpe:/a:kitware:cmake PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://github.com/Kitware/CMake/releases/download/v$(PKG_VERSION)/ \ - https://cmake.org/files/v3.17/ -PKG_HASH:=b74c05b55115eacc4fa2b77a814981dbda05cdc95a53e279fe16b7b272f00847 + https://cmake.org/files/v3.18/ +PKG_HASH:=5d4e40fc775d3d828c72e5c45906b4d9b59003c9433ff1b36a1cb552bbd51d7e HOST_BUILD_PARALLEL:=1 HOST_CONFIGURE_PARALLEL:=1 diff --git a/tools/cmake/patches/100-no-testing.patch b/tools/cmake/patches/100-no-testing.patch index 501302b835..44452ce39e 100644 --- a/tools/cmake/patches/100-no-testing.patch +++ b/tools/cmake/patches/100-no-testing.patch @@ -1,6 +1,6 @@ --- a/Modules/CTest.cmake +++ b/Modules/CTest.cmake -@@ -47,7 +47,7 @@ the :variable:`CTEST_USE_LAUNCHERS` variable:: +@@ -47,7 +47,7 @@ the :variable:`CTEST_USE_LAUNCHERS` vari in the ``CTestConfig.cmake`` file. #]=======================================================================] @@ -11,7 +11,7 @@ # like vs9 or vs10 --- a/Modules/Dart.cmake +++ b/Modules/Dart.cmake -@@ -33,7 +33,7 @@ whether testing support should be enabled. The default is ON. +@@ -33,7 +33,7 @@ whether testing support should be enable # # @@ -22,12 +22,12 @@ find_package(Dart QUIET) --- a/Tests/Contracts/VTK/Dashboard.cmake.in +++ b/Tests/Contracts/VTK/Dashboard.cmake.in -@@ -25,7 +25,7 @@ ctest_empty_binary_directory(${CTEST_BINARY_DIRECTORY}) +@@ -25,7 +25,7 @@ ctest_empty_binary_directory(${CTEST_BIN file(WRITE "${CTEST_BINARY_DIRECTORY}/CMakeCache.txt" " - BUILD_EXAMPLES:BOOL=ON -- BUILD_TESTING:BOOL=ON -+ BUILD_TESTING:BOOL=OFF + VTK_BUILD_EXAMPLES:BOOL=ON +- VTK_BUILD_TESTING:STRING=WANT ++ VTK_BUILD_TESTING:STRING=OFF VTK_WRAP_PYTHON:BOOL=ON ExternalData_OBJECT_STORES:FILEPATH=@base_dir@/ExternalData ") diff --git a/tools/cmake/patches/120-curl-fix-libressl-linking.patch b/tools/cmake/patches/120-curl-fix-libressl-linking.patch index 66e3f81c6f..4fb541f3e4 100644 --- a/tools/cmake/patches/120-curl-fix-libressl-linking.patch +++ b/tools/cmake/patches/120-curl-fix-libressl-linking.patch @@ -20,10 +20,10 @@ Signed-off-by: Jo-Philipp Wich --- --- a/Utilities/cmcurl/CMakeLists.txt +++ b/Utilities/cmcurl/CMakeLists.txt -@@ -459,6 +459,14 @@ if(CMAKE_USE_OPENSSL) +@@ -488,6 +488,14 @@ if(CMAKE_USE_OPENSSL) + endif() + set(SSL_ENABLED ON) set(USE_OPENSSL ON) - set(HAVE_LIBCRYPTO ON) - set(HAVE_LIBSSL ON) + check_library_exists("rt" clock_gettime "" HAVE_LIBRT) + if(HAVE_LIBRT) + list(APPEND OPENSSL_LIBRARIES rt) diff --git a/tools/cmake/patches/130-bootstrap_parallel_make_flag.patch b/tools/cmake/patches/130-bootstrap_parallel_make_flag.patch index 45ad885953..4d5ed266c4 100644 --- a/tools/cmake/patches/130-bootstrap_parallel_make_flag.patch +++ b/tools/cmake/patches/130-bootstrap_parallel_make_flag.patch @@ -1,9 +1,9 @@ --- a/bootstrap +++ b/bootstrap -@@ -1283,7 +1283,10 @@ int main(){ printf("1%c", (char)0x0a); r +@@ -1296,7 +1296,10 @@ int main(){ printf("1%c", (char)0x0a); r ' > "test.c" cmake_original_make_flags="${cmake_make_flags}" - if [ "x${cmake_parallel_make}" != "x" ]; then + if test "x${cmake_parallel_make}" != "x"; then - cmake_make_flags="${cmake_make_flags} -j ${cmake_parallel_make}" + case "$cmake_parallel_make" in + [0-9]*) cmake_parallel_make="-j ${cmake_parallel_make}";; @@ -11,4 +11,4 @@ + cmake_make_flags="${cmake_make_flags} ${cmake_parallel_make}" fi for a in ${cmake_make_processors}; do - if [ -z "${cmake_make_processor}" ] && cmake_try_make "${a}" "${cmake_make_flags}" >> ../cmake_bootstrap.log 2>&1; then + if test -z "${cmake_make_processor}" && cmake_try_make "${a}" "${cmake_make_flags}" >> ../cmake_bootstrap.log 2>&1; then diff --git a/tools/mpfr/Makefile b/tools/mpfr/Makefile index fdb316efb9..65e6f8959f 100644 --- a/tools/mpfr/Makefile +++ b/tools/mpfr/Makefile @@ -7,12 +7,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=mpfr -PKG_VERSION:=4.0.2 +PKG_VERSION:=4.1.0 PKG_CPE_ID:=cpe:/a:mpfr:gnu_mpfr PKG_SOURCE_URL:=@GNU/mpfr http://www.mpfr.org/mpfr-$(PKG_VERSION) PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_HASH:=1d3be708604eae0e42d578ba93b390c2a145f17743a744d8f3f8c2ad5855a38a +PKG_HASH:=0c98a3f1732ff6ca4ea690552079da9c597872d30e96ec28414ee23c95558a7f HOST_BUILD_PARALLEL:=1 HOST_FIXUP:=autoreconf diff --git a/tools/mpfr/patches/001-only_src.patch b/tools/mpfr/patches/001-only_src.patch index 019928741a..dbc7d32343 100644 --- a/tools/mpfr/patches/001-only_src.patch +++ b/tools/mpfr/patches/001-only_src.patch @@ -1,6 +1,6 @@ --- a/Makefile.am +++ b/Makefile.am -@@ -18,7 +18,7 @@ AUTOMAKE_OPTIONS = gnu +@@ -24,7 +24,7 @@ AUTOMAKE_OPTIONS = gnu # old Automake version. ACLOCAL_AMFLAGS = -I m4 @@ -11,7 +11,7 @@ pkgconfig_DATA = mpfr.pc --- a/Makefile.in +++ b/Makefile.in -@@ -383,7 +383,7 @@ AUTOMAKE_OPTIONS = gnu +@@ -384,7 +384,7 @@ AUTOMAKE_OPTIONS = gnu # libtoolize and in case some developer needs to switch back to an # old Automake version. ACLOCAL_AMFLAGS = -I m4