Commit Graph

7765 Commits

Author SHA1 Message Date
Eneas U de Queiroz
a09443deb9 f2fstools: set each library package VARIANT
Set the different libf2fs packages's VARIANT, so that the right settings
will be used by each different variant, if they are both being built.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2021-11-16 13:17:31 +08:00
Eneas U de Queiroz
87fb61cd89 hostapd: avoid unnecessary package rebuilds
Package hostapd-common is a dependency of every other package defined in
hostpad Makefile.  It is currently built next to the bottom of that
Makefile's package list.

If you run make back to back, then check-compile will compare the
hostapd-common timestamp to the variant being compiled, to decide if the
varint needs to be rebuilt or not.  Since the hostapd-conf package is
built towards the end of the list, it will be newer than most of the
variants, causing unnecessary package rebuilds.

Move it to the top, so that its timestamp will be older than dependent
packages, avoiding unnecessary rebuild of every selected variant.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2021-11-16 13:16:44 +08:00
Eneas U de Queiroz
3c3cbd9214 build: kernel: avoid unnecessary package rebuilds
The $(LINUX_DIR)/.config timesptamp changes between runs of
make target/compile and make target/install (which builds the image).

Kernel-dependent packages and out of tree modules are built in between
those runs, and they check the .config timestamp to decide if they need
to be rebuilt.

Save the target/compile .config to use its timestamp if the file does
not change between runs.  That way the subsequent kernel packages are
not unnecessarily rebuilt when you run 'make' back to back.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2021-11-16 13:15:41 +08:00
Eneas U de Queiroz
7162cbb4b5 download: improve handling of invalid local files
4e19cbc553: [download: handle possibly invalid local tarballs] added a
FORCE rule to downloaded files, so that they will be always checked by
download.pl.

As a side-effect, check-compile will fail, forcing unnecessary package
rebuilds.
The check-compile.txt log shows (for libxml2 for example):
  Considering target file '.../dl/libxml2-2.9.12.tar.gz'.
    ...
    prerequisite 'FORCE' of target '.../dl/libxml2-2.9.12.tar.gz' does
    not exist.
    Must remake target '.../dl/libxml2-2.9.12.tar.gz'.
    ...
   Giving up on target file '...libxml2-2.9.12/.prepared_...'.
   Giving up on target file '...libxml2-2.9.12/.configured_...'.
   Giving up on target file '...libxml2-2.9.12/.built'.
   Giving up on target file '...stamp/.libxml2_installed'.
  Giving up on target file '.compile'.

Then the package is rebuilt even if it is not otherwise needed.

To fix this, instead of always forcing the download target to be remade,
check its hash first: if it matches, then the FORCE is not added.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2021-11-16 13:12:54 +08:00
Felix Fietkau
d0eae20238
build: add SUBDIR_MAKE_DEBUG variable to make it easier to debug package makefiles
Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 94b0849c19)
2021-11-12 14:20:06 +08:00
Eneas U de Queiroz
8ae4d1d901
build: avoid rebuilds of unset VARIANT packages
If a Makefile defines some packages with VARIANT set, and others without
it, the latter will be built once for every different VARIANT set, each
build trumping the previous one.

Avoid rebuilds by only building unnamed variant packages when the first
variant is built.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 19aae949c6)
2021-11-12 14:19:51 +08:00
AmadeusGhost
b3527703b2 fstools: update to 2020-07-11
Remove upstreamed patch.
2021-11-11 23:58:42 +08:00
AmadeusGhost
b613d40f8d gargoyle: cleanup build warning and makefile 2021-11-11 15:46:50 +08:00
AmadeusGhost
418beef4bc libiptbwctl: fixes build error
Fixes: #505
2021-11-11 15:43:37 +08:00
Tianling Shen
661f8b7cb6
autocore: fix read temp for x86 device
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-11-10 19:50:47 +08:00
Daniel Golle
aa58b28e47
base-files, metadata: support additional group membership
Some packages may require additional group membership for the system
user added by that package. Allow defining additional groups as third
member of the ':'-separated tuple, allowing to specify multiple
','-separated groups with optional GID.

Example:
USERID:=foouser=1000:foogroup=1000:addg1=1001,addg2=1002,addg3

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
(cherry picked from commit b2aca61360)
2021-11-10 15:42:57 +08:00
Alan Swanson
58dbe18beb
uboot-lantiq: fix sha1.h header clash when system libmd installed
Backport of u-boot commit "includes: move openssl headers to include/u-boot"
2b9912e6a7

Fixes: FS#3955
Signed-off-by: Alan Swanson <reiver@improbability.net>
(cherry picked from commit 8db6410492)
2021-11-09 21:24:33 +08:00
Koen Vandeputte
2463ef37d3
ar71xx: mikrotik: rb91x: fix 10M ethernet link speed
Extensive testing on the board showed that ethernet does
not work when forced to 10Mbps.

Trial-and-error revealed that the correct PLL value
should be altered to 0x00001313 (iso 0x00001616)

The change is done for this specific board only as I do not have
other boards using this specific SoC.

The board now works correctly in 1000, 100 and 10 Mode

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
(cherry picked from commit 5e8b9624f1791d193e8d5e007ce4c873454f014a)
2021-11-09 21:23:30 +08:00
Tianling Shen
87911b01c2
default-settings: set lang to zh_CN for Chinese builds explicitly
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-11-06 23:30:52 +08:00
Dominick Grift
80196ba2a5 selinux-policy: update to version 1.0
wifi: writes to terminal
hotplugcall and sqm read class sysfile symlinks
unbound and sqm related loose ends
support/example: policycoreutils host-compile is required
TODO: this was wrong and it is actually needed
linguist detectable does not work this way
linguist-detectable
updates README
adds workflows
adds a note about persistent /var option

project moved to https://github.com/DefenSec/selinux-policy

Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:37:38 +08:00
Dominick Grift
94d29affa1 secilc: update to version 3.3
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:36:57 +08:00
Dominick Grift
522c0a0862 policycoreutils: update to version 3.3
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:35:55 +08:00
Dominick Grift
eb00300beb checkpolicy: update to version 3.3
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:35:26 +08:00
Dominick Grift
4ac1ede70c libsemanage: update to version 3.3
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:34:56 +08:00
Dominick Grift
d6a422da00 libselinux: update to version 3.3
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:34:13 +08:00
Dominick Grift
872fd34642 libsepol: update to version 3.3
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
2021-11-06 00:34:06 +08:00
Tianling Shen
ea4e37d662
autocore: fix read temp for x86 devices
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-11-05 14:56:57 +08:00
Lucian Cristian
fa10ceb558 elfutils: enable host build
frr 8.0 needs host libelf dev
add option for host build
tested on x86, ramips, kirkwood

Signed-off-by: Lucian Cristian <lucian.cristian@gmail.com>
[changed commit author's email]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-11-02 23:58:21 +08:00
Josh Soref
6bf810b1e1 build: fix various typos
Fix typos in comment and user-facing help text.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
[split out config changes, adjust commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-11-02 23:57:22 +08:00
Josh Soref
e72185a4a1 scripts: fix various typos
This only affects typos in comments or user-facing output.

Signed-off-by: Josh Soref <jsoref@users.noreply.github.com>
[only picks changes to scripts, drop "commandline" replacement,
 fix case for "arbitrary", improve commit message]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
2021-11-02 23:49:21 +08:00
Sven Roederer
8c4e41d26f dropbear: add config options for agent-forwarding support
* SSH agent forwarding might cause security issues, locally and on the jump
  machine (https://defn.io/2019/04/12/ssh-forwarding/). So allow to
  completely disabling it.
* separate options for client and server
* keep it enabled by default

Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
2021-11-02 23:46:38 +08:00
Jan-Niklas Burfeind
cffc1cd77b scripts: eva_ramboot.py: remove unused import
concludes:
commit e7bc8984d9 ("scripts: make eva_ramboot.py offset configurable")

Signed-off-by: Jan-Niklas Burfeind <git@aiyionpri.me>
2021-11-02 23:46:05 +08:00
Tianling Shen
339106c5ba
autocore: fix assigning eth_info variable
Local variable cannot be assigned in `if` function.

Fixes: c9b60a8780 ("autocore: refactor luci")

Reported-by: Hakurei Kyaru <hakureiyuyuko@kyarucloud.moe>
Tested-by: Hakurei Kyaru <hakureiyuyuko@kyarucloud.moe>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-31 00:45:11 +08:00
Tianling Shen
a5e682d1f2
autocore: fix read tempinfo for AMD CPUs
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-30 23:49:57 +08:00
Tianling Shen
c106eab4a3
autocore: cleanup err output
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-29 15:44:29 +08:00
Jo-Philipp Wich
2cdaf80c83 ucode: update to latest Git HEAD
0f022aa lib: increase refcount when returning cached module instance
c9e68bb lib: introduce resolver library
9041e24 lib: fix uninitialized memory access on handling %J string formats
4ee06d8 syntax: introduce optional chaining operators
ce4a7d9 vm: reset callframes before invoking unhandled exception handler
218e822 vm: clear exception information before calling managed code functions
5b908bd ubus: properly handle signed 64bit values too
e43b751 ubus: fix handling signed 16bit and 32bit integers
137428f nl80211: fix issues spotted by static code analyzer
b9d4f61 nl80211: treat signal attr values as signed integers
9a7c355 nl80211: expose sta_info attributes
bb358d9 lib: introduce Linux 802.11 netlink binding
914f54c types: fix invalid memory access on setting non-contiguous array indexes
631f00d main: fix leaking module name when processing -m flag
e55188b compiler: properly handle jumps to offset 0
98c4147 tests: support specifying cmdline args in testcase files
64e4f68 types: fix formatting escape sequences for 8 bit chars
dd86e1d rtnl: automatically derive message family from certain address attrs
74fdb97 rtnl: expose IPv4 and IPv6 devconfig information
7fa1008 rtnl: allow reply nla payloads to be smaller than headsize
cbae3cb lib: introduce Linux route netlink binding
e6dd389 ci: adjust build prereqs for GitHub as well
07ae165 ci: add libnl-tiny to prereqs

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2021-10-29 00:25:17 +08:00
Hans Dedecker
567bcf4e34 ethtool: update to v5.14
Update to newly released version 5.14

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2021-10-29 00:24:33 +08:00
Tianling Shen
2352d1bfa9
kernel: bump to 4.9.288, 4.14.253, 4.19.214
Refreshed all patches.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-28 11:15:06 +08:00
Rosen Penev
6df9589d31 uclibc++: remove
No package here depends on it. Furthermore, uClibc++ is a fairly buggy
C++ library and seems to be relatively inactive upstream.

It also lacks proper support for modern C++11 features.

The main benefit of it is size: 66.6 KB	vs 287.3 KB on mips24kc. Static
linking and LTO can help bring the size down of packages that need it.

Added warning message to uclibc++.mk

Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
2021-10-26 23:50:42 +08:00
Deomid Ryabkov
a743a50d5b base-files: chmod 1777 /var/lock
Per FHS 3.0, /var/lock is the location for lock files [1].
However its current permissions (755) are too restrictive
for use by unprivileged processes.
Debian and Ubuntu set them to 1777, and now so do we.

[1] <https://refspecs.linuxfoundation.org/FHS_3.0/fhs-3.0.html#varlockLockFiles>

Signed-off-by: Deomid Ryabkov <rojer@rojer.me>
[fixed typo in commit message, had to remove "rojer" due to git hooks]
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
2021-10-26 23:45:08 +08:00
Stepan Henek
f42f3c8e9c wireguard-tools: add uci option to disable wireguard peers
Right now when I want to temporarily disable wg peer I need to delete
the entire peer section. This is not such a good solution because I
loose the previous configuration of the peer.

This patch adds `disabled` option to peer config which causes that
the config section is ignored.

Signed-off-by: Stepan Henek <stepan.henek@nic.cz>
[use $(AUTORELEASE)]
Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-10-26 23:43:14 +08:00
Jitao Lu
54cb4d89a1 ncurses: add tmux terminfo
They're preferred terminal descriptions for tmux, with additional support to
some special characters and italic fonts. More info can be found at:
https://github.com/tmux/tmux/wiki/FAQ

Fixes: FS#3404

Signed-off-by: Jitao Lu <dianlujitao@gmail.com>
2021-10-26 23:41:40 +08:00
Stijn Tintel
2f00250a81 nftables: bump to 1.0.0
This introduces support for hardware flow offloading, which was added in
in nftables 0.9.9.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Jo-Philipp Wich <jo@mein.io>
2021-10-26 23:41:15 +08:00
Stan Grishin
018cc6c1ce wolfssl: enable ECC Curve 25519 by default
Signed-off-by: Stan Grishin <stangri@melmac.net>
2021-10-25 23:53:13 +08:00
Ivan Pavlov
946dffd98b wolfssl: fix compile when enable-devcrypto is set
fixing linking error when --enable-devcrypto=yes
fixes: 7d92bb0509 wolfssl: update to 4.8.1-stable

Signed-off-by: Ivan Pavlov <AuthorReflex@gmail.com>
2021-10-25 23:41:37 +08:00
Andre Heider
1cf24f8199 wolfssl: remove --enable-sha512 configure switch
It's the default anyway and this just looks confusing, as if it wasn't.

Switch to AUTORELEASE while at it.

The binary size is unchanged.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-10-25 23:41:18 +08:00
Andre Heider
83f4fd5d06 wolfssl: always build with --enable-reproducible-build
This gates out anything that might introduce semantically frivolous jitter,
maximizing chance of identical object files.

The binary size shrinks by 8kb:
1244352 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f

Signed-off-by: Andre Heider <a.heider@gmail.com>
2021-10-25 23:41:09 +08:00
Andre Heider
daa1fd8667 wolfssl: build with WOLFSSL_ALT_CERT_CHAINS
"Alternate certification chains, as oppossed to requiring full chain
validataion. Certificate validation behavior is relaxed, similar to
openssl and browsers. Only the peer certificate must validate to a trusted
certificate. Without this, all certificates sent by a peer must be
used in the trust chain or the connection will be rejected."

This fixes e.g. uclient-fetch and curl connecting to servers using a Let's
Encrypt certificate which are cross-signed by the now expired
DST Root CA X3, see [0].

This is the recommended solution from upstream [1].

The binary size increases by ~12.3kb:
1236160 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f
1248704 staging_dir/target-mipsel_24kc_musl/usr/lib/libwolfssl.so.4.8.1.39c36f2f

[0] https://github.com/openwrt/packages/issues/16674
[1] https://github.com/wolfSSL/wolfssl/issues/4443#issuecomment-934926793

Signed-off-by: Andre Heider <a.heider@gmail.com>
[bump PKG_RELEASE]
Signed-off-by: David Bauer <mail@david-bauer.net>
2021-10-25 23:41:00 +08:00
Rui Salvaterra
ef4a2c9509 tools/isl: update the download URL
isl.gforge.inria.fr has been dead since early this month [1]. Switch to
libisl.sourceforge.io for the time being.

[1] https://groups.google.com/g/isl-development/c/JGaMo2VUu_8

Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
2021-10-24 00:16:22 +08:00
Paul Spooren
dcef86629c toolchain: switch packaged toolchain to tar.xz
Currently the tar.bz2 while ImageBuilder and SDK switched to tar.xz.
Unify it for faster compression since it will make use of
multi-threading.

Signed-off-by: Paul Spooren <mail@aparcar.org>
2021-10-24 00:16:09 +08:00
Felix Fietkau
14f3dbb8b0 tools/llvm-bpf: add llvm+clang build suitable for compiling code to eBPF
Preparation for building packages that ship eBPF code

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-10-24 00:08:23 +08:00
Felix Fietkau
573f489f8b include/cmake.mk: fix host builds with CMAKE_BINARY_SUBDIR
Use it in the same way as for target builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2021-10-24 00:08:12 +08:00
Tianling Shen
3e7380388d
feeds/routing: switch to ImmortalWrt's openwrt-18.06 branch
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-22 22:26:07 +08:00
Tianling Shen
3714e3aedc
Revert "mac80211: backport netif_rx_any_context support for batman-adv"
We need do tons of backports in this way...

This reverts commit fa0e4c1663.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-22 20:51:25 +08:00
Tianling Shen
fa0e4c1663
mac80211: backport netif_rx_any_context support for batman-adv
Fixes: #494

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2021-10-22 20:05:10 +08:00