Commit graph

2173 commits

Author SHA1 Message Date
Mathias Kresin
8e0d7d6574 build: move lzma2eva build step to image-commands.mk
Move it to image-commands.mk so that it can used by other targets with
eva based boards as well.

Signed-off-by: Mathias Kresin <dev@kresin.me>
2017-06-24 22:36:38 +02:00
Hauke Mehrtens
3ce60ba0a1 build: Fix not altering KERNELRELEASE for external kernel
When an external kernel tree is used the version should not get
modified by the LEDE build scripts. This was added by Florian some time
ago.
The commit 0aed054bec ("build: add KERNEL_MAKE and
KERNEL_MAKE_FLAGS variables and move to kernel.mk") breaks this feature
introduced in b6746a6ffb ("include: Do not alter KERNELRELEASE for
external/git kernels").

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-06-19 20:39:33 +02:00
Alexander Couzens
e5fc15bf9a build: move definition of KBUILD_BUILD_TIMESTAMP to include/kernel.mk
Fixes: 0aed054bec (build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS
variables and move to kernel.mk)

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-17 15:09:57 +02:00
Alexander Couzens
acc5ab6b92
include/toplevel: set env GIT_ASKPASS=/bin/true
When git-https request a service (e.g. github) which ask for credentials
git will pass this request to the user resulting download.pl to wait for
user input. Set GIT_ASKPASS to stop asking.

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2017-06-08 17:20:55 +02:00
Felix Fietkau
737b063cc2 build: ensure that flock is available for make download
It ensures that make download can parallelize downloads, even when some
packages download the same files (e.g. gcc/initial, gcc/final)

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-08 11:43:15 +02:00
Jo-Philipp Wich
55623a9c83 kernel: update kernel 4.9 to 4.9.31
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.31

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-08 01:03:39 +02:00
Hauke Mehrtens
b9600b8542 kernel: really select kernel 4.4.71
The previous commit f4a4f324cb ("kernel: update kernel 4.4 to
4.4.71") missed the line which changes the kernel version, add it now.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-06-07 23:01:35 +02:00
Jo-Philipp Wich
f4a4f324cb kernel: update kernel 4.4 to 4.4.71
Fixes the following security vulnerabilities:

CVE-2017-8890
The inet_csk_clone_lock function in net/ipv4/inet_connection_sock.c in the
Linux kernel through 4.10.15 allows attackers to cause a denial of service
(double free) or possibly have unspecified other impact by leveraging use
of the accept system call.

CVE-2017-9074
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1
does not consider that the nexthdr field may be associated with an invalid
option, which allows local users to cause a denial of service (out-of-bounds
read and BUG) or possibly have unspecified other impact via crafted socket
and send system calls.

CVE-2017-9075
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9076
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux
kernel through 4.11.1 mishandles inheritance, which allows local users to
cause a denial of service or possibly have unspecified other impact via
crafted system calls, a related issue to CVE-2017-8890.

CVE-2017-9077
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel
through 4.11.1 mishandles inheritance, which allows local users to cause a
denial of service or possibly have unspecified other impact via crafted
system calls, a related issue to CVE-2017-8890.

CVE-2017-9242
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel
through 4.11.3 is too late in checking whether an overwrite of an skb data
structure may occur, which allows local users to cause a denial of service
(system crash) via crafted system calls.

Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8890
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9074
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9075
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9076
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9077
Ref: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9242
Ref: https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.71

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-06-07 21:40:42 +02:00
Felix Fietkau
fec38ebf0d kernel: fix segmentation fault in mconf on linux
Commit 86c966a8ae caused HOST_LOADLIBES to
include -lncurses. This was added for fixing build issues on macOS.
This introduces issues on Linux when wide-character ncurses is being
used for compiling, but the non-wide-character version is linked in.

Fix this by adding the extra override for HOST_LOADLIBES only on macOS.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-07 18:31:10 +02:00
Felix Fietkau
0aed054bec build: add KERNEL_MAKE and KERNEL_MAKE_FLAGS variables and move to kernel.mk
This allows packages to use kernel make options without the forced
-C $(LINUX_DIR). It also makes it more clear that it to be called from
kernel module packages directly.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-06-07 18:31:10 +02:00
Jonas Gorski
2ab0963971 build: fix kernel refresh failure on first run
Override {HOST_}QUILT before making decisions based on it, else it will
cause target/linux/refresh to fail on first run.

Fixes: 36ba6237d6 ("build: fix quilt for mixed package/host builds")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2017-06-04 10:36:48 +02:00
Felix Fietkau
1a341e89a7 build: fix kmod package build on non-GNU systems
BSD paste requires a filename argument, and it accepts - to use stdin as
intended.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-29 14:27:08 +02:00
Yousong Zhou
546e20e836 build: fix possible issue with kmod package having multiple AutoLoad's
This commit contains the following changes

 - Use local shell var where appliable
 - The $(sort $$$$$$$$mods) call will have no expected effect
 - Avoid EEXIST when creating symlinks in /etc/modules-boot.d/
 - Avoid duplicate arguments for insert_modules() in postinst-pkg

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-27 11:21:55 +08:00
Hauke Mehrtens
7142cb45b4 kernel: update kernel 4.4 to 4.4.70
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-05-27 00:48:37 +02:00
Hauke Mehrtens
0b17375931 kernel: update kernel 4.9 to 4.9.30
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-05-27 00:48:37 +02:00
Felix Fietkau
4b8a7c9b48 build: fix QUILT related overrides
They need to be defined before including quilt.mk

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 20:42:45 +02:00
Felix Fietkau
36ba6237d6 build: fix quilt for mixed package/host builds
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Felix Fietkau
221f323782 build: set QUILT=1 automatically when calling package host build refresh
Makes behavor consistent with package builds and regular host builds

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Felix Fietkau
f62f4b3c5c build: stop overriding STAGING_DIR_HOST for toolchain build
This causes various issues in other places that assume that host
binaries are staged in STAGING_DIR_HOST.
Since all the right places use HOST_BUILD_PREFIX, override that instead.
This fixes some issues with quilt on toolchain dirs

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-25 19:01:07 +02:00
Florian Fainelli
8e0e0e7d8b include: Determine MODULES_DIR correctly for external/git kernels
When using external or git cloned kernels, any kind of modifications
will alter KERNELRELEASE. LEDE still tries to stage modules in
lib/modules/$(LINUX_UNAME_VERSION) and LINUX_UNAME_VERSION is based on
KERNEL_PATCHVER (indirectly) so this does not work, and we lose all
kinds of automatic modules loading.

To remedy that, just cat $(LINUX_DIR)/include/config/kernel.release
which is late enough the kernel has prepared this file, and is correctly
tracking changes done throughout the kernel.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-25 09:22:43 +02:00
Florian Fainelli
b6746a6ffb include: Do not alter KERNELRELEASE for external/git kernels
In case we use external and/or git cloned kernels, let the kernel
determine the appropriate KERNELRELEASE. We cannot used
LINUX_UNAME_VERSION because that one gets determined at a later time,
when the kernel is already built proper.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-25 09:22:43 +02:00
Florian Fainelli
d0a6340717 Revert "kernel: prevent addition of scm marker to localversion"
This reverts commit 0df2c6563a since it
gets in the way of identifying properly which kernel we are running.
This is particularly important if LEDE is using external kernels/git
cloned kernels. We want to make sure we only load modules from that
specific kernel.

Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
2017-05-25 09:22:43 +02:00
Koen Vandeputte
e842e16f45 kernel: update kernel 4.9 to 4.9.29
- Refresh all patches
- Removed upstreamed
- Adapted 1

Compile tested on: bcm53xx, cns3xxx, imx6, lantiq
Run tested on: cns3xxx & imx6

Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
[update from 4.9.28 to 4.9.29]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-05-21 21:51:22 +02:00
Kevin Darbyshire-Bryant
088e28772c kernel: update kernel 4.4 to version 4.4.69
Refresh patches. A number of patches have landed upstream & hence are no
longer required locally:

062-[1-6]-MIPS-* series
042-0004-mtd-bcm47xxpart-fix-parsing-first-block

Reintroduced lantiq/patches-4.4/0050-MIPS-Lantiq-Fix-cascaded-IRQ-setup
as it was incorrectly included upstream thus dropped from LEDE.
As it has now been reverted upstream it needs to be included again for
LEDE.

Run tested ar71xx Archer C7 v2 and lantiq.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
[update from 4.4.68 to 4.4.69]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-05-21 21:48:16 +02:00
Michal Sojka
aa8e91a1e4 image.mk: Generate cpiogz with root-owned files
Some files (e.g. /etc/dropbear) need to be owned by root. Add cpio
option to ensure that.

Other image types (at least targz and squashfs) already have this.

Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
2017-05-14 21:43:17 +02:00
Sergey Ryazanov
e06d8f0f6f build: new fixes for symlinked .config handling
When running "make {config|defconfig|oldconfig}" with symlinked .config
(e.g. to env/.config) it renames symlink to .config.old, creates new
.config file, and writes the updated configuration into it.

This breaks the desired workflow when changes in the configuration can
be checked using "scripts/env diff" and commited using "scripts/env
save". Since the env/.config file is not updated.

The things become even worse when working with feeds, since feeds script
quite often silently invokes "make {oldconfig|defconfig}" and breaks the
symlink.

Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces
mconf to overwrite the .config content, instead of renaming it and
creating a new file. This variable is set only if .config is a symlink,
otherwise the variable is not exported and the old behaviour is
preserved.

This change uses the same behaviour as "make menucofig", which has
already been fixed in commit 5bf98b1acc.

Also make a tiny cosmetic update to the "make menuconfig" target code
layout to make it look like other config handling targets.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2017-05-11 00:53:05 +02:00
Felix Fietkau
ddbb036bbb build: allow val.% targets to bypass the prepare steps
Significantly reduces time spent processing those targets and should
also silence some log clutter which could confuse buildbot

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-05-05 13:14:00 +02:00
Yousong Zhou
7842ccecc0 build: reset ALTERNATIVES field in Package/Default
Otherwise ipkg packages may wrongly take on alternatives specs of
another package sharing the same package Makefile

Fixes FS#753

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-03 17:40:46 +08:00
Yousong Zhou
73bc636aba build: ipkg: new field Alternatives
It's a list of specs of the following form seprated by commas to
describe alternatives provided by this package

    <prio>:<path>:<altpath>

<path> will be a symbolic link to <altpath> of the highest <prio>

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:10:51 +08:00
Yousong Zhou
dac629f710 build: cleanup tmp/ dir of target rootfs
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-05-02 22:10:50 +08:00
Daniel Engberg
edda8ecd79 include/packages-defaults.mk: Remove LARGEFILE option
Remove LARGEFILE option, support was removed back in 2011 (OpenWrt rev 25208).

Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
2017-04-26 13:39:11 +02:00
Sergey Ryazanov
5bf98b1acc build: fix symlinked .config handling
When running "make menuconfig" with symlinked .config (e.g. to
env/.config) it renames symlink to .config.old, creates new .config file
and writes updated configuration here.

This breaks the desired workflow when changes in the configuration could
be checked using "scripts/env diff" and commited with
"scripts/env save". Since the env/.config file is not updated.

Fix this issue by exporting KCONFIG_OVERWRITECONFIG=1, which forces
mconf to overwrite the .config content, instead of renaming it and
creating a new file. This variable is set only if .config is a symlink,
otherwise the variable is not exported and the old behaviour is
preserved.

Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
2017-04-26 11:34:41 +02:00
John Crispin
003e15221a include/image.mk: allow passing a compat string to the NAND image template
Signed-off-by: John Crispin <john@phrozen.org>
2017-04-24 11:11:52 +02:00
Yousong Zhou
b889d1e3cf build: fix aarch64 default cpu selection
Not sure since when the issue emerged, but according to the current doc of gcc
and as, armv8-a is intended as argument of -march

The change will affect at the moment arm64 and layerscape/64b

Below is the relevant error messages when building toolchain

    Assembler messages:
    Error: unknown cpu `armv8-a'
    Error: unrecognized option -mcpu=armv8-a
    /home/yousong/git-repo/lede-project/lede/build_dir/toolchain-aarch64_armv8-a_gcc-5.4.0_musl/gcc-5.4.0/libgcc/libgcc2.c:1:0: error: unknown value 'armv8-a' for -mcpu

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2017-04-23 09:19:33 +08:00
Jo-Philipp Wich
aefa195749 kernel: update kernel 4.4 to 4.4.61
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2017-04-15 18:26:41 +02:00
Felix Fietkau
b044bd5921 build: remove package makefile overlay functionality
Recent attempts to use it have shown that it does not work properly
except for a few undocumented cases. It's better to remove this now to
avoid having more people fall into the same trap

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-12 09:53:06 +02:00
Rafał Miłecki
f6433eede7 kernel: move initramfs's init script out of base-files
Keeping it in base-files was resulting in adding it to the base-files
package. This file is meant to be included manually for initramfs
images only.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2017-04-04 14:06:40 +02:00
Felix Fietkau
68139cc0e8 u-boot.mk: pass HOSTCC and HOST_CFLAGS into the build
Cuts build time on Mac OS X in half by avoiding repeated $(shell) calls
from the build system

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-04 12:34:23 +02:00
Philip Prindeville
d3bc11857a target.mk: check that CPU_TYPE has known CPU_CFLAGS mapping
If someone creates a target and indicates a CPU_TYPE, but there's
no corresponding support for that CPU_TYPE's flags in include/target.mk
then that should probably be indicated rather than silently ignored.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
2017-04-04 12:34:13 +02:00
Felix Fietkau
6411a12de2 build: move PKG_CONFIG_DEPENDS from feeds.mk to opkg
Normal packages don't rely on the feed configuration variables for the
build step

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-04-03 08:51:33 +02:00
Hauke Mehrtens
c3778f2647 kernel: update kernel 4.4 to 4.4.59
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-04-02 12:48:00 +02:00
Hauke Mehrtens
b26e34214c kernel: update kernel 4.9 to 4.9.20
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-04-02 12:47:55 +02:00
Hauke Mehrtens
fb7ea71c15 kernel: update kernel 4.9 to 4.9.17
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-03-26 12:23:19 +02:00
Hauke Mehrtens
88b125e9a4 kernel: update kernel 4.4 to 4.4.56
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2017-03-26 12:23:12 +02:00
Felix Fietkau
89118da865 build: fix STAMP_PREPARED with quilt
quilt.mk needs to be included first, to ensure that STAMP_PREPARED does
not include the hash if quilt is used.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-22 20:17:20 +01:00
Felix Fietkau
370d740647 kernel: do not try to copy vmlinux out of arch/$(ARCH)/boot
Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-22 11:43:22 +01:00
John Crispin
eb3ac8281b include: add KERNEL_LOAD_ADDR to TARGET_VARS
This will allow us to override the variable from within a Device template.

Signed-off-by: John Crispin <john@phrozen.org>
2017-03-22 09:45:18 +01:00
Hauke Mehrtens
7c7ea09004 include: Add nomips16 CPU_SUBTYPE
This can be used to indicate that a target does not support the optional mips16
extension even when it is a mips32r2 or later CPU.

This will generate a separate toolchain and a separate package folder,
e.g. mips_24kc_nomips16

Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
2017-03-20 22:04:45 +01:00
Felix Fietkau
aab0b0704a build: fix high cpu usage / hang in prereq-build.mk
host-build.mk should not be included for prereq

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-18 21:50:46 +01:00
Felix Fietkau
1f12a3daaa kernel: speed up build system by getting rid of redundant work
KERNELRELEASE contains a $(shell) call which is evaluated over and over
again.
The call to checksyscalls.sh is unnecessary for LEDE and also takes a
few seconds to complete.

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2017-03-16 19:14:09 +01:00