Unify boot.scr generation so Makefile for device image generation won't
grow without a reason. Also make boot-scr step optional.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
Previously the partition signature was assigned from provided type. Now
both are corrected wherein signature is always generated from
SOURCE_DATE_EPOCH. With that the root file system can be identified
by PARTUUID string, without relying on static declaration of device node.
This commit also does some cosmetics, removing trailing whitespace and
replacing spaces with tab.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
The IMAGE_NAME redefinition causes overwriting of generated SD card
image when multiple root file system types are selected. In result only
single SD card image is generated. This commit fixes this behaviour.
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
U-Boot already knows where it found the boot.scr, and
figuring out the partition UUID becomes trivial at this point.
This change allows booting OpenWrt from whatever storage it has been
flashed to: SD card, eMMC, USB disk or SATA disk.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
[replace lede with openwrt, redact commit message]
Signed-off-by: Tomasz Maciej Nowak <tomek_n@o2.pl>
The Armada XP uses a Marvell PJ4Bv7 Processor for which already one
workaround for an errata is activated.
The Armada 285 uses a Cortex A9 r4p1 for which the Linux kernel provides
a workaround for ERRATA_764369, activate this.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
As each mvebu device only uses one of the firmwares provided by mwlwifi
package, it makes sense to put them in separate packages and only install
the one that is needed.
Current mwlwifi version's firmware sizes and usages by devices:
88W8864.bin 118776 caiman, mamba, cobra, shelby
88W8897.bin 489932 (none)
88W8964.bin 449420 rango
Changes by this commit:
* indicate in title that mwlwifi also is driver for 88W8897 and 88W8964
* remove mwlwifi package's firmware installation rules
* add 3 new individual firmware packages (all depends on kmod-mwlwifi):
- mwlwifi-firmware-88w8864
- mwlwifi-firmware-88w8897
- mwlwifi-firmware-88w8964
* add firmware package to mvebu devices' DEVICE_PACKAGES accordingly
Signed-off-by: Johnny S. Lee <_@jsl.io>
[Add the used FW files to the PACKAGES of default image]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add the patch for reprobing phys also for 4.14, as it is still needed.
Fixes: 4ccad92229 ("mvebu: Add support for kernel 4.14")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
When SFP support was accepted upstream, the expected GPIO names were
slightly changed, breaking SFP insert detection. Update the DTS file to
the expected name to make SFP work again.
Fixes: 4ccad92229 ("mvebu: Add support for kernel 4.14")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
The watchdog kill command was meant for busybox watchdog. Busybox watchdog
was replaced by the procd watchdog mid 2013 with commit df7ce9301a
("busybox: disable the watchdog utility by default"), which makes the kill
command obsolete since quite some time.
Signed-off-by: Mathias Kresin <dev@kresin.me>
The name of the PCIe controller node in device tree changed between
kernel 4.9 and kernel 4.14. Migrate the configuration when an update
from kernel 4.9 to 4.14 or back is done to the new name to make
the existing wifi configuration compatible with the new names.
This replaces the "pcie-controller" part with "pcie" on all nodes if the
file exists in sys fs.
This is not done in the uci-defualts, because they are getting executed
to late in the boot process. The kernel module gets loaded before the
uci-defaults scripts are executed. When the mwlwifi driver gets loaded
it will trigger an event via hotplug to detect new devices and as the
paths are not in the uci configuration they will be added again.
When the migration is done before the script will detect that they are
already there.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Add support for kernel 4.14 to the mvebu target.
This also replaces the old sfp and phylink patches with new versions
from Russell's clearfog-4.13 branch
http://git.arm.linux.org.uk/cgit/linux-arm.git/log/?h=clearfog-4.13
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This is needed to prevent copying it into kernel 4.14.
These device tree files are already integrated into kernel 4.14 and we
would like to use the upstream versions only.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
When clearfog was renamed to clearfog pro, it broke sysupgrade from
17.04 as the new images now get rejected as incompatible. Fix this by
adding the legacy boardname to the compatible devices.
Fixes: ec4a8c6dee ("mvebu: ClearFog renamed upstream to ClearFog Pro")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
This will avoid some conflicts when doing a git rebase or merge,
specially when adding support to a new device.
Signed-off-by: Luis Araneda <luaraneda@gmail.com>
[drop brcm47xx changes which rename the images]
Signed-off-by: Mathias Kresin <dev@kresin.me>
The IRQ controller can only set the affinity to a single CPU. Update the
mask in the controller data.
Suggested-by: Sebastian Gottschall <s.gottschall@dd-wrt.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It is unclear why so many packages are selected for ClearFog Base compared
to its big brother, and there is no reason to not append metadata for Base.
Tidy this up as the only hardware difference between Base/Pro is the
presence of a switch and a different board name / device tree.
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
Remove redundancy for platform_do_upgrade_clearfog
Fix platform_copy_config_clearfog to reflect -base/-pro split
Signed-off-by: Ryan Mounce <ryan@mounce.com.au>
The lantiq patch 0028-NET-lantiq-various-etop-fixes.patch and sunxi
patch 0051-stmmac-form-4-11.patch no longer applied after applying the
the "generalize napi_complete_done()" patch.
Update them so they apply, and refresh patches while at it.
Fixes: 9aeb7ce8dc ("generic: net: generalize napi_complete_done")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Refresh patches.
Compile-tested on octeon and x86/64.
Runtime-tested on octeon and x86/64.
Fixes the following CVEs:
- CVE-2017-14106
- CVE-2017-14497
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Refresh patches.
Adapt 704-phy-no-genphy-soft-reset.patch.
Remove brcm2708/950-0005-mm-Remove-the-PFN-busy-warning.patch.
Compile-tested on brcm2708/bcm2708 and x86/64.
Runtime-tested on brcm2708/bcm2708 and x86/64.
Fixes the following vulnerabilities:
- CVE-2017-7533
- CVE-2017-1000111
- CVE-2017-1000112
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
- Refreshed all patches
- Removed upstreamed
- Adapted 4 patches:
473-fix-marvell-phy-initialization-issues.patch
-----------------------------------------------
Removed hunk 5 which got upstreamed
403-net-phy-avoid-setting-unsupported-EEE-advertisments.patch
404-net-phy-restart-phy-autonegotiation-after-EEE-advert.patch
--------------------------------------------------------------
Adapted these 2 RFC patches, merging the delta's from an upstream commit
(see below) which made it before these 2.
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-
stable.git/commit/?h=v4.9.36&id=97ace183074d306942b903a148aebd5d061758f0
180-usb-xhci-add-support-for-performing-fake-doorbell.patch
-----------------------------------------------------------
- Moved fake_doorbell bitmask due to new item
Compile tested on: cns3xxx, imx6
Run tested on: cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Depending on busybox applet selection, paths of basic utiilties may differ,
and may not work as symlinks to busybox. Simply using whatever binary is
found in PATH and detecting symlinks automatically is more robust and
easier to maintain.
The list of binaries is also slightly cleaned up and duplicates are
removed.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
- Refreshed all patches
- Adapted 1 (0031-mtd-add-SMEM-parser-for-QCOM-platforms.patch)
Compile tested on: brcm2708, cns3xxx, imx6
Run tested on: brcm2708, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[Compile and run tested on brcm2708]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fixes the following security vulnerabilities:
CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.
CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.
CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.
CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.
CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
CONFIG_SG_POOL symbol is selected only by CONFIG_SCSI, since the last
one is disabled by default then disable CONFIG_SG_POOL by default too.
And explicitly enable it only for platforms that use CONFIG_SCSI.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Add block device sd to kernel config otherwise AHCI/eSATA devices won't get enumerated in /dev
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
mvebu was modifying RAMFS_COPY_BIN and RAMFS_COPY_DATA from a
sysupgrade_pre_upgrade hook. As the ramfs is created from stage2, this
did not have an effect anymore after the staged sysupgrade changes.
As it doesn't really hurt to copy fw_printenv and fw_setenv
unconditionally, simply add them in /lib/upgrade/platform.sh, so stage2
will see them.
Config copying is moved to a function called by platform_copy_config, where
it belongs.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: FS#821
Fixes: 30f61a34b4 "base-files: always use staged sysupgrade"