Without this change, when a user disables seccomp support in .config,
procd does not get recompiled unless the package is cleaned manually.
It is because when -D option is missing from cmake command line, cmake
uses cached value from the previous run where seccomp was enabled.
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
AP-DK01.1-C1 is QCA dev board with:
- ipq4018 quad core ARM @716.8MHz, 2x2 dual (11n+11ac) radio
- 256MB RAM
- 32MB SPI flash
- QCA8075 multiport ethernet phy (WAN port, 4x LAN ports)
First installation via u-boot:
sf probe
sf erase 0x180000 0x1a00000
tftpboot 0x84000000 lede-ipq806x-AP-DK01.1-C1-squashfs-sysupgrade.bin
sf write 0x84000000 0x180000 $filesize
Further upgrades via sysupgrade.
Changes:
- add partitions
- set memory size to 256MB
- add reserved memory mapping
- add correct compatible string
- add image generation
- extract pre-cal data from ART partition
Compile and run tested.
Wirespeed NAT can be achieved with spreading rx interrupts over different
cores. Wifi speed is ~550Mbps @5GHz in open air.
Note:
AP-DK01.1-C1 is fully compatible with AP-DK01.2-C1, which has
ipq4028 instead of ipq4018 on board.
Changes since v2:
- based on dts(i) rework/cleanup submitted:
http://lists.infradead.org/pipermail/lede-dev/2017-October/009596.html
- precise reserved memory mapping
- more precise description
- compatible string
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Supported frequencies of all ipq40xx chips are 48, 200, 500 and 716.8 MHz.
Previous 666MHz setting was most likely related to instability of early
chips/boards made before mass production.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
If we enable -fstack-protector while building libunwind, function
__stack_chk_fail_local will be referred to for i386 and powerpc32
arches. This will cause link failure because the default gcc build
specs says no link_ssp if -nostdlib is given.
The error message:
OpenWrt-libtool: link: ccache_cc -shared -fPIC -DPIC .libs/os-linux.o mi/.libs/init.o mi/.libs/flush_cache.o mi/.libs/mempool.o mi/.libs/strerror.o x86/.libs/is_fpreg.o x86/.libs/regname.o x86/.libs/Los-linux.o mi/.libs/backtrace.o mi/.libs/dyn-cancel.o mi/.libs/dyn-info-list.o mi/.libs/dyn-register.o mi/.libs/Ldyn-extract.o mi/.libs/Lfind_dynamic_proc_info.o mi/.libs/Lget_accessors.o mi/.libs/Lget_proc_info_by_ip.o mi/.libs/Lget_proc_name.o mi/.libs/Lput_dynamic_unwind_info.o mi/.libs/Ldestroy_addr_space.o mi/.libs/Lget_reg.o mi/.libs/Lset_reg.o mi/.libs/Lget_fpreg.o mi/.libs/Lset_fpreg.o mi/.libs/Lset_caching_policy.o x86/.libs/Lcreate_addr_space.o x86/.libs/Lget_save_loc.o x86/.libs/Lglobal.o x86/.libs/Linit.o x86/.libs/Linit_local.o x86/.libs/Linit_remote.o x86/.libs/Lget_proc_info.o x86/.libs/Lregs.o x86/.libs/Lresume.o x86/.libs/Lstep.o x86/.libs/getcontext-linux.o -Wl,--whole-archive ./.libs/libunwind-dwarf-local.a ./.libs/libunwind-elf32.a -Wl,--no-whole-archive -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/target-i386_i486_musl-1.1.16/usr/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/target-i386_i486_musl-1.1.16/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/toolchain-i386_i486_gcc-5.4.0_musl-1.1.16/usr/lib -L/var/lib/bbmnt/buildbot/slaves/dave-builder/i386_i486/build/sdk/staging_dir/toolchain-i386_i486_gcc-5.4.0_musl-1.1.16/lib -lc -lgcc -Os -march=i486 -fstack-protector -Wl,-z -Wl,now -Wl,-z -Wl,relro -nostartfiles -nostdlib -Wl,-soname -Wl,libunwind.so.8 -o .libs/libunwind.so.8.0.1
.libs/os-linux.o: In function `_Ux86_get_elf_image':
os-linux.c:(.text+0x588): undefined reference to `__stack_chk_fail_local'
x86/.libs/Lregs.o: In function `_ULx86_access_fpreg':
Lregs.c:(.text+0x25b): undefined reference to `__stack_chk_fail_local'
x86/.libs/Lresume.o: In function `_ULx86_resume':
Lresume.c:(.text+0xdc): undefined reference to `__stack_chk_fail_local'
collect2: error: ld returned 1 exit status
Makefile:2249: recipe for target 'libunwind.la' failed
The snippet from gcc -dumpspecs
%{!nostdlib:%{!nodefaultlibs:%(link_ssp) %(link_gcc_c_sequence)}}
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Update wireguard to latest snapshot:
9fc5daf version: bump snapshot
748ca6b compat: unbreak unloading on kernels 4.6 through 4.9
7be9894 timers: switch to kees' new timer_list functions
6be9a66 wg-quick: save all hooks on save
752e7af version: bump snapshot
2cd9642 wg-quick: fsync the temporary file before renaming
b139499 wg-quick: allow for saving existing interface
582c201 contrib: add reresolve-dns
8e04be1 tools: correct type for CTRL_ATTR_FAMILY_ID
c138276 wg-quick: allow for the hatchet, but not by default
d03f2a0 global: use fewer BUG_ONs
6d681ce timers: guard entire setting in block
4bf32ca curve25519: only enable int128 if compiler support is sound
86e06a3 device: expand scope of destruct lock
e3661ab global: get rid of useless forward declarations
bedc77a device: only take reference if netns is different
7c07e22 wg-quick: remember to rewind DNS settings on failure
2352ec0 wg-quick: allow specifiying multiple hooks
573cb19 qemu: test using four cores
e09ec4d global: style nits
4d3deae qemu: work around ccache bugs
7491cd4 global: infuriating kernel iterator style
78e079c peer: store total number of peers instead of iterating
d4e2752 peer: get rid of peer_for_each magic
6cf12d1 compat: be sure to include header before testing
3ea08d8 qemu: allow for cross compilation
d467551 crypto/avx: make sure we can actually use ymm registers
c786c46 blake2: include headers for macros
328e386 global: accept decent check_patch.pl suggestions
a473592 compat: fix up stat calculation for udp tunnel
9d930f5 stats: more robust accounting
311ca62 selftest: initialize mutex in routingtable selftest
8a9a6d3 netns: use time-based test instead of quantity-based
e480068 netns: use read built-in instead of ncat hack for dmesg
Compile-tested-for: ar71xx
Run-tested-on: ar71xx Archer C7 v2
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Unset the default LED gpio pin if the same gpio pin is used by a button
defined via platform button. It prevents the change of the GPIO value
on wireless up/down or wireless traffic.
Fixes: FS#1129
Signed-off-by: Mathias Kresin <dev@kresin.me>
This fixes the LED configuration for the D-Link DIR-869 A1. In order to
support the device I probed around using an initramfs image for the
UniFi AC. Pulling GPIO 15 to low enabled the LEDs while high disabled them.
GPIO 16 set to low meant that the color was white while pulling it to high
made the color change to orange. The past code was written based upon these
findings.
However, running a flashed image I now discovered that GPIO 15 controls the
orange LEDs while GPIO 16 controls the white ones and that both are active
when low. This means that the GPIOs were inverted and one active_low was set
wrong which this patch fixes.
Behavior of the LED front after this patch is applied:
cat /sys/devices/platform/leds-gpio/leds/d-link:white:status/brightness
0 -> white LEDs are OFF
255 -> white LEDs are ON
cat /sys/devices/platform/leds-gpio/leds/d-link🍊status/brightness
0 -> orange LEDs are OFF
255 -> orange LEDs are ON
If the brightness of both is set to 255 the LED front will be white.
If the brightness of both is set to 0 the LED front will be off.
Signed-off-by: Florian Beier <beier.florian@gmail.com>
The GPIOs are used for defined LEDs and therefore are ignored/unset in
the ath9k driver since 192f0a3db8. The wireless led led trigger is
added in userspace since e20965811d, which makes the
ap9x_pci_setup_wmac_led_pin() superfluous.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Upgrade uboot-kirkwood to upstream release 2017.09
Catch up with upstream and move configuration options from
simple defines to Kconfig, as otherwise dependencies would
not be resolved and code would not compile.
Tested-by: Alberto Bursi <alberto.bursi@outlook.it>
Signed-off-by: Paul Wassi <p.wassi@gmx.at>
The platform data was missing the num_registers element which is now
mandatory in linux 4.9
Without this patch, the gpio probing would fail with:
gpio gpiochip1: (74x164): tried to insert a GPIO chip with zero lines
Fixes: #1106
Tested-by: Robert Marko <robimarko@gmail.com>
Signed-off-by: Thibaut VARENE <hacks@slashdirt.org>
The ZyXEL NBG6817 calculates all MAC addresses based on the ethaddr
value stored in the U-Boot environment (0:APPSBLENV). No MAC addresses
are stored in the ART partition and the generated MAC addresses for the
wlan interfaces alternate randomly between 12:34:56:78:90:12 and
00:03:7f:12:34:56.
interface new/ OEM MAC old MAC
wlan-2.4g (phy1): ethaddr undefined
wlan-5g (phy0): ethaddr + 1 undefined
lan : ethaddr + 2 ethaddr
wan : ethaddr + 3 ethaddr + 1
This patch defines stable MAC addresses for the wlan interfaces for
the first time instead of generating them at random. The previously
defined values for lan/ wan are changed to follow the settings of the
OEM firmware.
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
The ZyXEL NBG6817 uses an eMMC flash for the rootfs, which is split
into the readonly squashfs and ext4 for the overlay. This adds the
required package to the device packages to allow mounting the overlay
by default.
/dev/root on /rom type squashfs (ro,relatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,noatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,noatime)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noatime)
/dev/loop0 on /overlay type ext4 (rw,noatime,data=ordered)
overlayfs:/overlay on / type overlay (rw,noatime,lowerdir=/,upperdir=/overlay/upper,workdir=/overlay/work)
tmpfs on /dev type tmpfs (rw,nosuid,relatime,size=512k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
debugfs on /sys/kernel/debug type debugfs (rw,noatime)
mountd(pid1040) on /tmp/run/blockd type autofs (rw,relatime,fd=7,pgrp=1,timeout=30,minproto=5,maxproto=5,indirect)
Before this commit, the ext4 based overlayfs could not be mounted,
which left only the tmpfs based/ volatile emergency overlay in place.
Fixes: https://forum.lede-project.org/t/zyxel-nbg6817-flashing-from-oem/768
Signed-off-by: Stefan Lippers-Hollmann <s.l-h@gmx.de>
Commit 2e496876c6 fixed the generation of the depends line for external
kernel modules which makes it possible for the build system to
automatically detect this missing dependency.
This fixes the packaging of kmod-ltq-atm for the ar9, xway and
xway-legacy subtarget.
Fixes: FS#1124
Signed-off-by: Mathias Kresin <dev@kresin.me>
Unmodified dns and domain variables could be needed in user script (/etc/udhcpc.user).
Signed-off-by: Tero Jänkä <tero.janka@gmail.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> (cleanup)
mpc85xx uses this for firmware image files, since the dtb data is not
directly part of the kernel image. This causes build failures in the
image builder.
Fix this by adding a separate build step that runs this call earlier,
reusing the generated file for any calls from kernel or image build
commands.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add xconfig target to include/toplevel.mk, so that ``make xconfig`` can
be invoked from $TOPDIR to use Qt based configuration tool to prepare
.config file.
The qconf related sources are taken from linux 4.9.13 archive.
Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
This commit adds qconf related files to .gitignore.
The files to be tracked are qconf.cc, qconf.h, and images.c.
The files to be ignored are qconf*.o, qconf*, qconf.moc, and
.tmp_qtcheck.
Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
qconf is kconfig UI utilizing QT toolkit. This makes it possible to use
graphical interface interaction to configure LEDE build target.
This commit adds qconf target to ./script/config/Makefile to be used by
toplevel ``make xconfig`` later.
Signed-off-by: Alif M. Ahmad <alive4ever@live.com>
On some devices the flash chip needs to be in 3-byte addressing mode during
reboot, otherwise the boot loader will fail to start.
This mode however does not allow regular reads/writes onto the upper 16M
half. W25Q256 has separate read commands for reading from >16M, however
it does not have any separate write commands.
This patch changes the code to leave the chip in 3-byte mode most of the
time and only switch during erase/write cycles that go to >16M
addresses.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Switch from git to xz release tarball as there's no good reason to keep
using git when release tarballs are provided.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
OpenSSL is built with the generic linux settings for most targets,
including aarch64. These generic settings are designed for 32-bit CPU and
provide no assembler optmization: this is widely suboptimal for aarch64.
This patch simply switches to the aarch64 settings that are already
available in OpenSSL.
Here is the output of "openssl speed" before the optimization, with
"(...)" representing build flags that didn't change:
OpenSSL 1.0.2l 25 May 2017
options:bn(64,32) rc4(ptr,char) des(idx,cisc,2,int) aes(partial) blowfish(ptr)
compiler: aarch64-openwrt-linux-musl-gcc (...)
And after this patch, OpenSSL uses 64 bit mode and assembler optimizations:
OpenSSL 1.0.2l 25 May 2017
options:bn(64,64) rc4(ptr,char) des(idx,cisc,2,int) aes(partial) blowfish(ptr)
compiler: aarch64-openwrt-linux-musl-gcc (...) -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM
Here are some benchmarks on a pine64+ running latest LEDE master r5142-20d363aed3:
before# openssl speed sha aes blowfish
The 'numbers' are in 1000s of bytes per second processed.
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 3918.89k 9982.43k 19148.03k 24933.03k 27325.78k
sha256 4604.51k 10240.64k 17472.51k 21355.18k 22801.07k
sha512 3662.19k 14539.41k 21443.16k 29544.11k 33177.60k
blowfish cbc 16266.63k 16940.86k 17176.92k 17237.33k 17252.35k
aes-128 cbc 19712.95k 21447.40k 22091.09k 22258.35k 22304.09k
aes-192 cbc 17680.12k 19064.47k 19572.14k 19703.13k 19737.26k
aes-256 cbc 15986.67k 17132.48k 17537.28k 17657.17k 17689.26k
after# openssl speed sha aes blowfish
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 6770.87k 26172.80k 86878.38k 205649.58k 345978.20k
sha256 20913.93k 74663.85k 184658.18k 290891.09k 351032.66k
sha512 7633.10k 30110.14k 50083.24k 71883.43k 82485.25k
blowfish cbc 16224.93k 16933.55k 17173.76k 17234.94k 17252.35k
aes-128 cbc 19425.74k 21193.31k 22065.74k 22304.77k 22380.54k
aes-192 cbc 17452.29k 18883.84k 19536.90k 19741.70k 19800.06k
aes-256 cbc 15815.89k 17003.01k 17530.03k 17695.40k 17746.60k
For some reason AES and blowfish do not benefit, but SHA performance
improves between 1.7x and 15x. SHA256 clearly benefits the most from the
optimization (4.5x on small blocks, 15x on large blocks!).
When using EVP (with "openssl speed -evp <algo>"):
# Before, EVP mode
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 3824.46k 10049.66k 19170.56k 24947.03k 27325.78k
sha256 3368.33k 8511.15k 16061.44k 20772.52k 22721.88k
sha512 2845.23k 11381.57k 19467.69k 28512.26k 33008.30k
bf-cbc 15146.74k 16623.83k 17092.01k 17211.39k 17249.62k
aes-128-cbc 17873.03k 20870.61k 21933.65k 22216.36k 22301.35k
aes-192-cbc 16184.18k 18607.15k 19447.13k 19670.02k 19737.26k
aes-256-cbc 14774.06k 16757.25k 17457.58k 17639.42k 17686.53k
# After, EVP mode
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
sha1 7056.97k 27142.10k 89515.86k 209155.41k 347419.99k
sha256 7745.70k 29750.06k 95341.48k 211001.69k 332376.75k
sha512 4550.47k 18086.06k 39997.10k 65880.75k 81431.21k
bf-cbc 15129.20k 16619.03k 17090.56k 17212.76k 17246.89k
aes-128-cbc 99619.74k 269032.34k 450214.23k 567353.00k 613933.06k
aes-192-cbc 93180.74k 231017.79k 361766.66k 433671.51k 461731.16k
aes-256-cbc 89343.23k 209858.58k 310160.04k 362234.88k 380878.85k
Blowfish does not seem to have assembler optimization at all, and SHA
still benefits (between 1.6x and 14.5x) but is generally slower than in
non-EVP mode.
However, AES performance is improved between 5.5x and 27.5x, which is
really impressive! For aes-128-cbc on large blocks, a core i7-6600U
@2.60GHz is only twice as fast...
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Serial output was broken since 3.16 for shared uarts between
kernel and login. Fix this by adding a fix sent upstream.
While at it, drop a useless patch that adds duplicate code.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Newer kernels treat differing signatures an error, not just a warning,
so fix the signatures to match.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Minimum supported kernel is 3.18, so we don't need to test for anything
older. In addition, the API hasn't changed since then, so we don't need
to check for any kernel version at all. This helps to keeps the amount
of changes more managable.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Refresh patches
Remove 320-curl-confopts.m4-fix-disable-threaded-resolver.patch as
integrated upstream
See https://curl.haxx.se/changes.html for the bugfixes in 7.56.0 and
7.56.1
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Changes in v1.27.0 :
build: Fixed accidental compiler flags concatenation for MSVC (Patch from LazyHamster) (GH-1029)
build: Reduce libxml2 version requirement to 2.6.26 (Patch from Mike Lothian) (GH-1020)
asio: Support for Windows / MinGW (Patch from Daniel Evers) (GH-1027)
h2load: Print out h2 header fields with --verbose option (GH-1015)
nghttpx: Send non-final response to HTTP/1.1 or HTTP/2 client only (GH-1016)
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>