Rename unwinder config symbols to match upstream changes.
Refresh patches.
Update patch that no longer applies: 202-reduce_module_size.patch
Also enable CONFIG_PAGE_TABLE_ISOLATION. This feature was backported
from 4.15 to the 4.14 stable series. It is enabled by default, so enable
it in OpenWrt as well.
Compile-tested on x86/64.
Runtime-tested on x86/64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
While bumping 4.14, the kernel build failed due to missing CONFIG_KASAN
symbol. Move it to generic config instead of defining it for all arm64
and x86/64 targets.
It was only added in 4.0, so not needed in config-3.18.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
When using the uci.sh wrapper, allow parameters to match those supported
by the uci binary i.e. "uci rename <config>.<section>[.<option>]=<name>".
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Some packages such as Python/Python3 (host pip/pip3) needs this
to compile.
More detailed explanation provided by Alexandru:
"i need the zlib/host for Python/Python3 ; because, it seems the
host pip/pip3 needs this to work ; i suspect in older versions
this worked, because some of the host's build env would be used
in the build, and then the zlib-dev from the host distro would
be used ; now, the host-build does not seem to have any
-I/usr/include stuff, which is good
and it also seems that Python/Python3 does not like it if the
zlib-dev package is too old, so using this zlib/host would be
good for this as well"
Source:
https://github.com/lede-project/source/pull/1329#issuecomment-351055861
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Add option to use O3 optimization as not all devices have
space constraints. This option is default using GCC in upstream
but isn't in the CMake makefile for some reason.
Source: https://github.com/madler/zlib/blob/master/configure#L170
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Usage documentation for 'procd_send_signal' states "The signal is SIGHUP
by default, and must be specified by NAME." Make actual behaviour match
the stated documented behaviour.
https://wiki.openwrt.org/inbox/procd-init-scripts
Suggested-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
a5954cf procd: Add %m to several functions that return errno.
810d7a5 procd: Remove redundant errno variable in several printf functions.
fa5ce1c procd: Replace strerror(errno) with %m.
Signed-off-by: John Crispin <john@phrozen.org>
Add the uas(p) module to the modules loaded early on the boot process.
The uas(p) is an modern alternative, which is used by the modern USB3
storage cases, compared to the bot protocol. To be able to use uas(p)
storage cases for extroot, the kernel module has to be loaded before the
search for extroot has been called. This patch changes the load order to
support uas(p) storage cases for extroot.
Signed-off-by: Daniel Albers <daniel.albers@public-files.de>
11efbf3 overlay: fix race condition when switching to jffs2
bdeb95a libblkid-tiny: add support for NTFS superblock
ef2cc03 fstools: Replace strerror(errno) with %m format.
98fd5b4 libblkid-tiny: add support for UBI superblock
Signed-off-by: John Crispin <john@phrozen.org>
Use flock to protect init script from concurrent execution
(of the same script).
Important for services which generate native config files.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
This is needed for procd init script protection to work.
flock adds 4248 bytes to stripped busybox binary.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
The CPU sub type was set to a CPU version with FPU, but the FPU feature
was not activated before, so a soft float toolchain was created.
Activate also the FPU feature to create the correct toolchain.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates neon and VFPv4 support for this target. The CPU support
these feature so also use them.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.
Fixes: FS#1181 - CVE-2017-16544:
Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8https://nvd.nist.gov/vuln/detail/CVE-2017-16544
Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
In current state, if there is START but no STOP, enbale()
will return 1 (failure), which is wrong.
Moreover there is no need to check for START/STOP twice.
Instead, add err variable to save success state and
and return it's value.
Also eliminate the need to disable() by using 'ln -sf',
which will first delete the old symlink if one exists.
Changes from v1:
- fixed description
Signed-off-by: Roman Yeryomin <roman@advem.lv>
5beb95d lua: additionally return name when looking up sections
ff33bb2 lua: support extended section notation
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix overhead accounting error introduced by f33c4d6 refactor
cake_advance_shaper and ack_filter
Symptoms were links running under rate.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Since BusyBox 1.25.0 dd command supports iflag=skip_bytes which allows
skipping requested amount of bytes without reducing blocksize. Thanks to
this we can leave default blocksize and let dd work more efficiently.
On Netgear R6250 "dd skip=58 iflag=skip_bytes" can be 5 times faster
than "dd bs=58 skip=1" when extracting TRX out of CHK.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It's a device based on BCM5365P (0x5365 package 0x00). This SoC has
USB 1.1 controller but device has two USB 2.0 parts. They are handled by
PCI-based controllers: 1106:3038 UHCI and 1106:3104 EHCI.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This was broken in 7bab49fd ("lantiq: add compatible strings to dts
files"), causing for the dm200 garbled serial output during boot, and
likely other issues.
Signed-off-by: Thomas Nixon <tom@tomn.co.uk>
[fix the compat string of the P2601HNFX as well]
Signed-off-by: Mathias Kresin <dev@kresin.me>
Enabling IPTABLES_NFTABLES resulted in an error during build:#
*** No rule to make target '../extensions/libext.a',
needed by 'xtables-compat-multi'."
Comments from Alexander Lochmann and Fedor Konstantinov in FS#711
provided fixes for this build error, allowing iptables to compile.
https://bugs.lede-project.org/index.php?do=details&task_id=711.
This commit updates the Makefile.am xtables_compat_multi_LDFLAGS
and _LDADD, moving linking of extensions to LDFLAGS.
Signed-off-by: rektide de la faye <rektide@voodoowarez.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: 8170f280c4 ("base-files: set FAILSAFE in /etc/profile when
/tmp/.failsafe exists")
That patch fixes handling SPI messages with two writing transfers. It's
important when using e.g. by m25p80 driver which uses one transfer for
opcode and another one for data.
Thanks to that fix we can now drop m25p80 workaround patch. It means one
less hack and also a better flash writing performance as there is no
more data buf copying.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Since dropbear clears the environment, FAILSAFE was not set as intended in
failsafe mode. This also broke sysupgrade from failsafe mode over SSH.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and
TARGET_LDFLAGS (passed only in certain non-default configuration before the
Makefile streamlining). Without these flags, hardening options
(PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox.
The addition of these flags increases the size of the stripped busybox
binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro")
with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Use default Build/Install steps where possible. No binary change in default
configuration, so PKG_RELEASE is not incremented.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Some packages, e.g. busybox, explicitly remove old .configured stamps
before attempting configuration, rather than after the actual configuration
step. This seems like a good idea, as there will be no stamp left if
configuration fails. Change generic rules to work like this, so package-
specific rules can be dropped.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Send a SIGHUP signal via procd to the dnsmasq service so the instance(s)
re-read(s) the /tmp/hosts/dhcp config.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If the hostname in /etc/config/system is modified the dnsmasq should also
get triggered to rewrite/reload the config.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
A lot of 1U x86_64 servers have NVMe support, which is lower-power
and higher speed than SSD or CFast drives, etc. The drivers
required to make this work are trivial.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>