From ef9cee49807a360c99abfc2bbf0ab873619d6f11 Mon Sep 17 00:00:00 2001 From: Adrian Schmutzler Date: Wed, 17 Jun 2020 14:23:51 +0200 Subject: [PATCH 01/11] lantiq: drop "CONFIG_HZ_100 is not set" CONFIG_HZ_100 is not set to "y" in generic config anymore since 3a761c90afc0 ("treewide: Don't diverge from upstream default HZ settings on 4.19"), so we don't need to disable it anymore either. This was the only remaining case in the entire tree. Signed-off-by: Adrian Schmutzler --- target/linux/lantiq/config-4.19 | 1 - target/linux/lantiq/config-5.4 | 1 - 2 files changed, 2 deletions(-) diff --git a/target/linux/lantiq/config-4.19 b/target/linux/lantiq/config-4.19 index 560e8474dc..3d603dbd68 100644 --- a/target/linux/lantiq/config-4.19 +++ b/target/linux/lantiq/config-4.19 @@ -110,7 +110,6 @@ CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HW_HAS_PCI=y CONFIG_HW_RANDOM=y CONFIG_HZ=250 -# CONFIG_HZ_100 is not set CONFIG_HZ_250=y CONFIG_HZ_PERIODIC=y CONFIG_INITRAMFS_SOURCE="" diff --git a/target/linux/lantiq/config-5.4 b/target/linux/lantiq/config-5.4 index 8d84f1cdac..6f3b193cc7 100644 --- a/target/linux/lantiq/config-5.4 +++ b/target/linux/lantiq/config-5.4 @@ -119,7 +119,6 @@ CONFIG_HAVE_SYSCALL_TRACEPOINTS=y CONFIG_HAVE_VIRT_CPU_ACCOUNTING_GEN=y CONFIG_HW_RANDOM=y CONFIG_HZ=250 -# CONFIG_HZ_100 is not set CONFIG_HZ_250=y CONFIG_HZ_PERIODIC=y CONFIG_INITRAMFS_SOURCE="" From 8e98613f4da82628cdb490c8202b56dc989e088b Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Wed, 17 Jun 2020 16:37:19 +0100 Subject: [PATCH 02/11] uclient: uclient-fetch: add option to read POST data from file c660986 uclient-fetch: add option to read POST data from file Signed-off-by: Daniel Golle --- package/libs/uclient/Makefile | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/package/libs/uclient/Makefile b/package/libs/uclient/Makefile index 92c1e1d1e0..9edb5a6ea0 100644 --- a/package/libs/uclient/Makefile +++ b/package/libs/uclient/Makefile @@ -5,9 +5,9 @@ PKG_RELEASE=1 PKG_SOURCE_PROTO:=git PKG_SOURCE_URL=$(PROJECT_GIT)/project/uclient.git -PKG_MIRROR_HASH:=8b71b02feb721ec0ed9cd7fe6761aa6a40216563a294d04243779ebe98891355 -PKG_SOURCE_DATE:=2020-02-15 -PKG_SOURCE_VERSION:=af585dbd1d444faafa370a73c1db43aece731f85 +PKG_MIRROR_HASH:=05962d4edbe7b856e017d974c3d7e34dfa5f905821ab7a3534acc5886af4e5c7 +PKG_SOURCE_DATE:=2020-06-17 +PKG_SOURCE_VERSION:=c66098611f16806a936a3a3f92113a16382fc4d9 CMAKE_INSTALL:=1 PKG_BUILD_DEPENDS:=ustream-ssl From 9c16c46e58b9758a91ba68d8acea052a5375546f Mon Sep 17 00:00:00 2001 From: Hannu Nyman Date: Wed, 17 Jun 2020 20:11:06 +0300 Subject: [PATCH 03/11] ath79: define CONFIG_MFD_RB4XX_CPLD to fix build breakage Define the kernel config symbol CONFIG_MFD_RB4XX_CPLD=n to fix build breakage on non-mikrotik targets. The driver was added for all ath79, but the symbol was only defined for mikrotik subtarget. Fixes: fa70b3a4bbc6 ("ath79: add Mikrotik rb4xx series drivers") Signed-off-by: Hannu Nyman [rearrange commit message] Signed-off-by: Adrian Schmutzler --- target/linux/ath79/config-4.19 | 1 + target/linux/ath79/config-5.4 | 1 + 2 files changed, 2 insertions(+) diff --git a/target/linux/ath79/config-4.19 b/target/linux/ath79/config-4.19 index 81fd017aba..92af6ba970 100644 --- a/target/linux/ath79/config-4.19 +++ b/target/linux/ath79/config-4.19 @@ -139,6 +139,7 @@ CONFIG_MDIO_BUS=y CONFIG_MDIO_DEVICE=y CONFIG_MDIO_GPIO=y CONFIG_MEMFD_CREATE=y +# CONFIG_MFD_RB4XX_CPLD is not set CONFIG_MFD_SYSCON=y CONFIG_MIGRATION=y CONFIG_MIPS=y diff --git a/target/linux/ath79/config-5.4 b/target/linux/ath79/config-5.4 index b458edce1e..449f42bba7 100644 --- a/target/linux/ath79/config-5.4 +++ b/target/linux/ath79/config-5.4 @@ -148,6 +148,7 @@ CONFIG_MDIO_BUS=y CONFIG_MDIO_DEVICE=y CONFIG_MDIO_GPIO=y CONFIG_MEMFD_CREATE=y +# CONFIG_MFD_RB4XX_CPLD is not set CONFIG_MFD_SYSCON=y CONFIG_MIGRATION=y CONFIG_MIPS=y From 8fe9940db66517679f09fa1d2f6f79229b6a8361 Mon Sep 17 00:00:00 2001 From: Florian Eckert Date: Fri, 30 Nov 2018 14:03:50 +0100 Subject: [PATCH 04/11] openvpn: add generic hotplug mechanism Pass a default --up and --down executable to each started OpenVPN instance which triggers /etc/hotplug.d/openvpn/ scripts whenever an instance goes up or down. User-configured up and down scripts are invoked by the default shipped 01-user hotplug handler to ensure that existing setups continue to work as before. As a consequence of this change, the up, down and script_security OpenVPN options are removed from the option file, since we're always passing them via the command line, they do not need to get included into the generated configuration. Signed-off-by: Florian Eckert [reword commit message, move hotplug executable to /usr/libexec] Signed-off-by: Jo-Philipp Wich --- package/network/services/openvpn/Makefile | 20 ++++++++++-- .../files/etc/hotplug.d/openvpn/01-user | 32 +++++++++++++++++++ .../services/openvpn/files/etc/openvpn.user | 11 +++++++ .../services/openvpn/files/openvpn.init | 13 ++++++-- .../services/openvpn/files/openvpn.options | 3 -- .../openvpn/files/usr/libexec/openvpn-hotplug | 10 ++++++ 6 files changed, 81 insertions(+), 8 deletions(-) create mode 100644 package/network/services/openvpn/files/etc/hotplug.d/openvpn/01-user create mode 100644 package/network/services/openvpn/files/etc/openvpn.user create mode 100644 package/network/services/openvpn/files/usr/libexec/openvpn-hotplug diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index 5f102d967d..f1170bbd37 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -10,7 +10,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn PKG_VERSION:=2.4.9 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ @@ -102,6 +102,7 @@ endef define Package/openvpn-$(BUILD_VARIANT)/conffiles /etc/config/openvpn +/etc/openvpn.user endef define Package/openvpn-$(BUILD_VARIANT)/install @@ -111,7 +112,9 @@ define Package/openvpn-$(BUILD_VARIANT)/install $(1)/etc/init.d \ $(1)/etc/config \ $(1)/etc/openvpn \ - $(1)/lib/upgrade/keep.d + $(1)/lib/upgrade/keep.d \ + $(1)/usr/libexec \ + $(1)/etc/hotplug.d/openvpn $(INSTALL_BIN) \ $(PKG_INSTALL_DIR)/usr/sbin/openvpn \ @@ -120,6 +123,19 @@ define Package/openvpn-$(BUILD_VARIANT)/install $(INSTALL_BIN) \ files/openvpn.init \ $(1)/etc/init.d/openvpn + + $(INSTALL_BIN) \ + files/usr/libexec/openvpn-hotplug \ + $(1)/usr/libexec/openvpn-hotplug + + $(INSTALL_DATA) \ + files/etc/hotplug.d/openvpn/01-user \ + $(1)/etc/hotplug.d/openvpn/01-user + + $(INSTALL_DATA) \ + files/etc/openvpn.user \ + $(1)/etc/openvpn.user + $(INSTALL_DATA) \ files/openvpn.options \ $(1)/usr/share/openvpn/openvpn.options diff --git a/package/network/services/openvpn/files/etc/hotplug.d/openvpn/01-user b/package/network/services/openvpn/files/etc/hotplug.d/openvpn/01-user new file mode 100644 index 0000000000..6d45f0b7c6 --- /dev/null +++ b/package/network/services/openvpn/files/etc/hotplug.d/openvpn/01-user @@ -0,0 +1,32 @@ +#!/bin/sh + +get_option() { + local variable="$1" + local option="$2" + + local value="$(sed -rne 's/^[ \t]*'"$option"'[ \t]+(([^ \t\\]|\\.)+)[ \t]*$/\1/p' "$config" | tail -n1 | sed -re 's/\\(.)/\1/g')" + [ -n "$value" ] || value="$(sed -rne 's/^[ \t]*'"$option"'[ \t]+'"'([^']+)'"'[ \t]*$/\1/p' "$config" | tail -n1)" + [ -n "$value" ] || value="$(sed -rne 's/^[ \t]*'"$option"'[ \t]+"(([^"\\]|\\.)+)"[ \t]*$/\1/p' "$config" | tail -n1 | sed -re 's/\\(.)/\1/g')" + [ -n "$value" ] || return 1 + + export -n "$variable=$value" + return 0 +} + +[ -e "/etc/openvpn.user" ] && { + env -i ACTION="$ACTION" INSTANCE="$INSTANCE" \ + /bin/sh \ + /etc/openvpn.user \ + $* +} + +# Wrap user defined scripts on up/down events +case "$ACTION" in + up|down) + if get_option command "$ACTION"; then + exec /bin/sh -c "$command $ACTION $INSTANCE $*" + fi + ;; +esac + +exit 0 diff --git a/package/network/services/openvpn/files/etc/openvpn.user b/package/network/services/openvpn/files/etc/openvpn.user new file mode 100644 index 0000000000..a77566556a --- /dev/null +++ b/package/network/services/openvpn/files/etc/openvpn.user @@ -0,0 +1,11 @@ +#!/bin/sh +# +# This file is interpreted as shell script. +# Put your custom openvpn action here, they will +# be executed with each opevnp event. +# +# $ACTION +# down action is generated after the TUN/TAP device is closed +# up action is generated after the TUN/TAP device is opened +# $INSTANCE Name of the openvpn instance which went up or down + diff --git a/package/network/services/openvpn/files/openvpn.init b/package/network/services/openvpn/files/openvpn.init index a7d35d1a98..a560b89ff2 100644 --- a/package/network/services/openvpn/files/openvpn.init +++ b/package/network/services/openvpn/files/openvpn.init @@ -73,13 +73,17 @@ openvpn_add_instance() { local name="$1" local dir="$2" local conf="$3" + local security="$4" procd_open_instance "$name" procd_set_param command "$PROG" \ --syslog "openvpn($name)" \ --status "/var/run/openvpn.$name.status" \ --cd "$dir" \ - --config "$conf" + --config "$conf" \ + --up "/usr/libexec/openvpn-hotplug up $name" \ + --down "/usr/libexec/openvpn-hotplug down $name" \ + --script-security "${security:-2}" procd_set_param file "$dir/$conf" procd_set_param term_timeout 15 procd_set_param respawn @@ -100,11 +104,14 @@ start_instance() { return 1 } + local script_security + config_get script_security "$s" script_security + [ ! -d "/var/run" ] && mkdir -p "/var/run" if [ ! -z "$config" ]; then append UCI_STARTED "$config" "$LIST_SEP" - openvpn_add_instance "$s" "${config%/*}" "$config" + openvpn_add_instance "$s" "${config%/*}" "$config" "$script_security" return fi @@ -115,7 +122,7 @@ start_instance() { append_params "$s" $OPENVPN_PARAMS append_list "$s" $OPENVPN_LIST - openvpn_add_instance "$s" "/var/etc" "openvpn-$s.conf" + openvpn_add_instance "$s" "/var/etc" "openvpn-$s.conf" "$script_security" } start_service() { diff --git a/package/network/services/openvpn/files/openvpn.options b/package/network/services/openvpn/files/openvpn.options index 2da563968c..5d7a387cd3 100644 --- a/package/network/services/openvpn/files/openvpn.options +++ b/package/network/services/openvpn/files/openvpn.options @@ -25,7 +25,6 @@ dev dev_node dev_type dh -down ecdh_curve echo engine @@ -103,7 +102,6 @@ route_metric route_pre_down route_up rport -script_security secret server server_bridge @@ -127,7 +125,6 @@ tran_window tun_mtu tun_mtu_extra txqueuelen -up user verb verify_client_cert diff --git a/package/network/services/openvpn/files/usr/libexec/openvpn-hotplug b/package/network/services/openvpn/files/usr/libexec/openvpn-hotplug new file mode 100644 index 0000000000..9235fbacfe --- /dev/null +++ b/package/network/services/openvpn/files/usr/libexec/openvpn-hotplug @@ -0,0 +1,10 @@ +#!/bin/sh + +ACTION=$1 +shift +INSTANCE=$1 +shift + +export ACTION=$ACTION +export INSTANCE=$INSTANCE +exec /sbin/hotplug-call openvpn "$@" From ba7ddae9a9d0aae9aaf00cfb2438286c2ee21098 Mon Sep 17 00:00:00 2001 From: Rozhuk Ivan Date: Sat, 24 Aug 2019 19:41:01 +0300 Subject: [PATCH 05/11] comgt-ncm: do not attempt to connect if the control device is invalid After a hardware reconnect, the control device might be unavailable and attempting to interact with it will lead to hanging gcom calls, leaving the protocol setup in an unrecoverable state. Change the protocol handler to bail out early and notify netifd if the control device is not defined or if the underlying device node does not exist. Also ensure that the "disconnect", "connect" and "setmode" commands are actually defined before trying to invoke them. Finally attempt to re-query the device manufacturer if it is unset in the interface state in order to prevent UNUPPORTED_MODEM errors after a modem hardware reconnect. Signed-off-by: Rozhuk Ivan [reword subject and commit message] Ref: https://github.com/openwrt/openwrt/pull/2352 Signed-off-by: Jo-Philipp Wich --- package/network/utils/comgt/files/ncm.sh | 62 ++++++++++++++++++------ 1 file changed, 46 insertions(+), 16 deletions(-) diff --git a/package/network/utils/comgt/files/ncm.sh b/package/network/utils/comgt/files/ncm.sh index f5bed7d5e1..6545091c82 100644 --- a/package/network/utils/comgt/files/ncm.sh +++ b/package/network/utils/comgt/files/ncm.sh @@ -74,7 +74,7 @@ proto_ncm_setup() { [ -n "$delay" ] && sleep "$delay" manufacturer=$(gcom -d "$device" -s /etc/gcom/getcardinfo.gcom | awk 'NF && $0 !~ /AT\+CGMI/ { sub(/\+CGMI: /,""); print tolower($1); exit; }') - [ $? -ne 0 ] && { + [ $? -ne 0 -o -z "$manufacturer" ] && { echo "Failed to get modem information" proto_notify_error "$interface" GETINFO_FAILED return 1 @@ -88,6 +88,7 @@ proto_ncm_setup() { proto_set_available "$interface" 0 return 1 } + json_get_values initialize initialize for i in $initialize; do eval COMMAND="$i" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { @@ -119,22 +120,26 @@ proto_ncm_setup() { [ -n "$mode" ] && { json_select modes json_get_var setmode "$mode" - echo "Setting mode" - eval COMMAND="$setmode" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { - echo "Failed to set operating mode" - proto_notify_error "$interface" SETMODE_FAILED - return 1 + [ -n "$setmode" ] && { + echo "Setting mode" + eval COMMAND="$setmode" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { + echo "Failed to set operating mode" + proto_notify_error "$interface" SETMODE_FAILED + return 1 + } } json_select .. } echo "Starting network $interface" json_get_vars connect - echo "Connecting modem" - eval COMMAND="$connect" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { - echo "Failed to connect" - proto_notify_error "$interface" CONNECT_FAILED - return 1 + [ -n "$connect" ] && { + echo "Connecting modem" + eval COMMAND="$connect" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { + echo "Failed to connect" + proto_notify_error "$interface" CONNECT_FAILED + return 1 + } } json_get_vars finalize @@ -182,7 +187,6 @@ proto_ncm_setup() { return 1 } } - } proto_ncm_teardown() { @@ -195,6 +199,20 @@ proto_ncm_teardown() { [ -n "$ctl_device" ] && device=$ctl_device + [ -n "$device" ] || { + echo "No control device specified" + proto_notify_error "$interface" NO_DEVICE + proto_set_available "$interface" 0 + return 1 + } + + device="$(readlink -f $device)" + [ -e "$device" ] || { + echo "Control device not valid" + proto_set_available "$interface" 0 + return 1 + } + [ -n "$profile" ] || profile=1 echo "Stopping network $interface" @@ -202,6 +220,16 @@ proto_ncm_teardown() { json_load "$(ubus call network.interface.$interface status)" json_select data json_get_vars manufacturer + [ $? -ne 0 -o -z "$manufacturer" ] && { + # Fallback to direct detect, for proper handle device replug. + manufacturer=$(gcom -d "$device" -s /etc/gcom/getcardinfo.gcom | awk 'NF && $0 !~ /AT\+CGMI/ { sub(/\+CGMI: /,""); print tolower($1); exit; }') + [ $? -ne 0 -o -z "$manufacturer" ] && { + echo "Failed to get modem information" + proto_notify_error "$interface" GETINFO_FAILED + return 1 + } + json_add_string "manufacturer" "$manufacturer" + } json_load "$(cat /etc/gcom/ncm.json)" json_select "$manufacturer" || { @@ -211,10 +239,12 @@ proto_ncm_teardown() { } json_get_vars disconnect - eval COMMAND="$disconnect" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { - echo "Failed to disconnect" - proto_notify_error "$interface" DISCONNECT_FAILED - return 1 + [ -n "$disconnect" ] && { + eval COMMAND="$disconnect" gcom -d "$device" -s /etc/gcom/runcommand.gcom || { + echo "Failed to disconnect" + proto_notify_error "$interface" DISCONNECT_FAILED + return 1 + } } proto_init_update "*" 0 From b933f9cf0cb254e368027cad6d5799e45b237df5 Mon Sep 17 00:00:00 2001 From: Ian Cooper Date: Mon, 15 Jun 2020 22:14:04 +0100 Subject: [PATCH 06/11] toolchain: remove gcc libssp and use libc variant Removes the standalone implementation of stack smashing protection in gcc's libssp in favour of the native implementation available in glibc and uclibc. Musl libc already uses its native ssp, so this patch does not affect musl-based toolchains. Stack smashing protection configuration options are now uniform across all supported libc variants. This also makes kernel-level stack smashing protection available for x86_64 and i386 builds using non-musl libc. Signed-off-by: Ian Cooper --- config/Config-build.in | 4 ---- include/package-defaults.mk | 2 +- package/libs/toolchain/Makefile | 41 --------------------------------- toolchain/Config.in | 2 +- toolchain/gcc/Config.in | 8 ------- toolchain/gcc/common.mk | 9 +------- toolchain/glibc/common.mk | 3 ++- 7 files changed, 5 insertions(+), 64 deletions(-) diff --git a/config/Config-build.in b/config/Config-build.in index 61a9265ad7..ac1e05d2ff 100644 --- a/config/Config-build.in +++ b/config/Config-build.in @@ -249,7 +249,6 @@ menu "Global build settings" choice prompt "User space Stack-Smashing Protection" - depends on USE_MUSL default PKG_CC_STACKPROTECTOR_REGULAR help Enable GCC Stack Smashing Protection (SSP) for userspace applications @@ -257,18 +256,15 @@ menu "Global build settings" bool "None" config PKG_CC_STACKPROTECTOR_REGULAR bool "Regular" - select GCC_LIBSSP if !USE_MUSL depends on KERNEL_CC_STACKPROTECTOR_REGULAR config PKG_CC_STACKPROTECTOR_STRONG bool "Strong" - select GCC_LIBSSP if !USE_MUSL depends on KERNEL_CC_STACKPROTECTOR_STRONG endchoice choice prompt "Kernel space Stack-Smashing Protection" default KERNEL_CC_STACKPROTECTOR_REGULAR - depends on USE_MUSL || !(x86_64 || i386) help Enable GCC Stack-Smashing Protection (SSP) for the kernel config KERNEL_CC_STACKPROTECTOR_NONE diff --git a/include/package-defaults.mk b/include/package-defaults.mk index 31e331b2d5..2fed72b1a4 100644 --- a/include/package-defaults.mk +++ b/include/package-defaults.mk @@ -5,7 +5,7 @@ # See /LICENSE for more information. # -PKG_DEFAULT_DEPENDS = +libc +GCC_LIBSSP:libssp +USE_GLIBC:librt +USE_GLIBC:libpthread +PKG_DEFAULT_DEPENDS = +libc +USE_GLIBC:librt +USE_GLIBC:libpthread ifneq ($(PKG_NAME),toolchain) PKG_FIXUP_DEPENDS = $(if $(filter kmod-%,$(1)),$(2),$(PKG_DEFAULT_DEPENDS) $(filter-out $(PKG_DEFAULT_DEPENDS),$(2))) diff --git a/package/libs/toolchain/Makefile b/package/libs/toolchain/Makefile index c13e9e4928..f92a1779da 100644 --- a/package/libs/toolchain/Makefile +++ b/package/libs/toolchain/Makefile @@ -83,33 +83,6 @@ define Package/libatomic/config endmenu endef -define Package/libssp -$(call Package/gcc/Default) - DEPENDS+=@GCC_LIBSSP - TITLE:=GCC support library -endef - -define Package/libssp/config - menu "Configuration" - depends on EXTERNAL_TOOLCHAIN && PACKAGE_libssp - - config LIBSSP_ROOT_DIR - string - prompt "libssp shared library base directory" - depends on EXTERNAL_TOOLCHAIN && PACKAGE_libssp - default TOOLCHAIN_ROOT if !NATIVE_TOOLCHAIN - default "/" if NATIVE_TOOLCHAIN - - config LIBSSP_FILE_SPEC - string - prompt "libssp shared library files (use wildcards)" - depends on EXTERNAL_TOOLCHAIN && PACKAGE_libssp - default "./lib/libssp.so.*" - - endmenu -endef - - define Package/libstdcpp $(call Package/gcc/Default) NAME:=libstdc++ @@ -519,11 +492,6 @@ ifeq ($(CONFIG_EXTERNAL_TOOLCHAIN),) $(CP) $(TOOLCHAIN_DIR)/lib/libgfortran.so.* $(1)/usr/lib/ endef - define Package/libssp/install - $(INSTALL_DIR) $(1)/lib - $(CP) $(TOOLCHAIN_DIR)/lib/libssp.so.* $(1)/lib/ - endef - define Package/libstdcpp/install $(INSTALL_DIR) $(1)/usr/lib $(CP) $(TOOLCHAIN_DIR)/lib/libstdc++.so.* $(1)/usr/lib/ @@ -670,14 +638,6 @@ else done endef - define Package/libssp/install - for file in $(call qstrip,$(CONFIG_LIBSSP_FILE_SPEC)); do \ - $(INSTALL_DIR) $(1)/lib ; \ - $(CP) $(call qstrip,$(CONFIG_LIBSSP_ROOT_DIR))/$$$$file $(1)/lib/ ; \ - done ; \ - exit 0 - endef - define Package/libstdcpp/install for file in $(call qstrip,$(CONFIG_LIBSTDCPP_FILE_SPEC)); do \ $(INSTALL_DIR) $(1)/lib ; \ @@ -789,7 +749,6 @@ endif $(eval $(call BuildPackage,libc)) $(eval $(call BuildPackage,libgcc)) $(eval $(call BuildPackage,libatomic)) -$(eval $(call BuildPackage,libssp)) $(eval $(call BuildPackage,libstdcpp)) $(eval $(call BuildPackage,libasan)) $(eval $(call BuildPackage,libtsan)) diff --git a/toolchain/Config.in b/toolchain/Config.in index 762f4e10d7..cb557d4ad3 100644 --- a/toolchain/Config.in +++ b/toolchain/Config.in @@ -284,7 +284,7 @@ config USE_MUSL bool config SSP_SUPPORT - default y if USE_MUSL || GCC_LIBSSP + default y if !PKG_CC_STACKPROTECTOR_NONE bool config USE_EXTERNAL_LIBC diff --git a/toolchain/gcc/Config.in b/toolchain/gcc/Config.in index 7d7f34210a..4b2ba7aaae 100644 --- a/toolchain/gcc/Config.in +++ b/toolchain/gcc/Config.in @@ -47,14 +47,6 @@ config GCC_DEFAULT_SSP help Use gcc configure option --enable-default-ssp to turn on -fstack-protector-strong by default. -config GCC_LIBSSP - bool - prompt "Build gcc libssp" if TOOLCHAINOPTS - depends on !USE_MUSL - default y if !USE_MUSL - help - Enable Stack-Smashing Protection support - config SJLJ_EXCEPTIONS bool prompt "Use setjump()/longjump() exceptions" if TOOLCHAINOPTS diff --git a/toolchain/gcc/common.mk b/toolchain/gcc/common.mk index 7fb30285aa..ec3ea8fff1 100644 --- a/toolchain/gcc/common.mk +++ b/toolchain/gcc/common.mk @@ -104,6 +104,7 @@ GCC_CONFIGURE:= \ --disable-multilib \ --disable-libmpx \ --disable-nls \ + --disable-libssp \ $(GRAPHITE_CONFIGURE) \ --with-host-libstdcxx=-lstdc++ \ $(SOFT_FLOAT_CONFIG_OPTION) \ @@ -131,14 +132,6 @@ ifneq ($(CONFIG_GCC_DEFAULT_SSP),) --enable-default-ssp endif -ifneq ($(CONFIG_GCC_LIBSSP),) - GCC_CONFIGURE+= \ - --enable-libssp -else - GCC_CONFIGURE+= \ - --disable-libssp -endif - ifneq ($(CONFIG_EXTRA_TARGET_ARCH),) GCC_CONFIGURE+= \ --enable-biarch \ diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index db4f0fcc0e..f0b95d3cc7 100644 --- a/toolchain/glibc/common.mk +++ b/toolchain/glibc/common.mk @@ -39,7 +39,6 @@ ifeq ($(ARCH),mips64) endif endif - # -Os miscompiles w. 2.24 gcc5/gcc6 # only -O2 tested by upstream changeset # "Optimize i386 syscall inlining for GCC 5" @@ -61,6 +60,8 @@ GLIBC_CONFIGURE:= \ --without-cvs \ --enable-add-ons \ --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \ + $(if $(CONFIG_PKG_CC_STACKPROTECTOR_REGULAR),--enable-stack-protector=yes) \ + $(if $(CONFIG_PKG_CC_STACKPROTECTOR_STRONG),--enable-stack-protector=strong) \ --enable-kernel=4.14.0 export libc_cv_ssp=no From a4248577a00cb2f21bc19ff06492e36b0ae714e6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Karel=20Ko=C4=8D=C3=AD?= Date: Tue, 16 Jun 2020 17:07:46 +0200 Subject: [PATCH 07/11] hostapd: fix compilation of wpa_supplicant MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Ubus patch as it seems have been broken by some rebase in the past as the location of line that adds ubus object file was in condition for CONFIG_MACSEC. That condition was adding object files that are not touched by ubus patch. This means ubus.o does not have to be included in that case. When it has to be and when build fails is when CONFIG_AP is set. All files included in wpa_supplicant that are touched by this patch are in this condition. This means that this is for sure the original place for it. Signed-off-by: Karel Kočí --- .../services/hostapd/patches/600-ubus_support.patch | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/package/network/services/hostapd/patches/600-ubus_support.patch b/package/network/services/hostapd/patches/600-ubus_support.patch index d2d45ac971..f0a637e4b6 100644 --- a/package/network/services/hostapd/patches/600-ubus_support.patch +++ b/package/network/services/hostapd/patches/600-ubus_support.patch @@ -284,16 +284,16 @@ ifdef CONFIG_CODE_COVERAGE CFLAGS += -O0 -fprofile-arcs -ftest-coverage LIBS += -lgcov -@@ -887,6 +893,9 @@ OBJS += ../src/pae/ieee802_1x_secy_ops.o - ifdef CONFIG_AP - OBJS += ../src/ap/wpa_auth_kay.o +@@ -956,6 +962,9 @@ ifdef CONFIG_CTRL_IFACE_MIB + CFLAGS += -DCONFIG_CTRL_IFACE_MIB endif + OBJS += ../src/ap/ctrl_iface_ap.o +ifdef CONFIG_UBUS +OBJS += ../src/ap/ubus.o +endif endif - ifdef CONFIG_IEEE8021X_EAPOL + CFLAGS += -DEAP_SERVER -DEAP_SERVER_IDENTITY --- a/wpa_supplicant/wpa_supplicant.c +++ b/wpa_supplicant/wpa_supplicant.c @@ -6797,6 +6797,8 @@ struct wpa_supplicant * wpa_supplicant_a From a4c0767fbc50ea50f1f0c5adfa35d1c8d347462b Mon Sep 17 00:00:00 2001 From: Alan Swanson Date: Sat, 7 Mar 2020 15:42:54 +0000 Subject: [PATCH 08/11] mac80211: ath9k: enable adding wireless noise to kernel entropy pool This option allows adding the ath9k ADC register output as a source of randomness into the Linux entropy pool at sufficient quality random data (at least 10 bits and up to 22 bits of min-entropy for a 32-bit value). Fixes FS#1444 Signed-off-by: Alan Swanson --- package/kernel/mac80211/ath.mk | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/package/kernel/mac80211/ath.mk b/package/kernel/mac80211/ath.mk index 788131b751..352d192fa1 100644 --- a/package/kernel/mac80211/ath.mk +++ b/package/kernel/mac80211/ath.mk @@ -7,6 +7,7 @@ PKG_CONFIG_DEPENDS += \ CONFIG_PACKAGE_ATH_DFS \ CONFIG_PACKAGE_ATH_SPECTRAL \ CONFIG_PACKAGE_ATH_DYNACK \ + CONFIG_ATH9K_HWRNG \ CONFIG_ATH9K_SUPPORT_PCOEM \ CONFIG_ATH9K_TX99 \ CONFIG_ATH10K_LEDS \ @@ -44,6 +45,7 @@ config-$(CONFIG_TARGET_ath79) += ATH9K_AHB config-$(CONFIG_TARGET_ipq40xx) += ATH10K_AHB config-$(CONFIG_PCI) += ATH9K_PCI config-$(CONFIG_ATH_USER_REGD) += ATH_USER_REGD +config-$(CONFIG_ATH9K_HWRNG) += ATH9K_HWRNG config-$(CONFIG_ATH9K_SUPPORT_PCOEM) += ATH9K_PCOEM config-$(CONFIG_ATH9K_TX99) += ATH9K_TX99 config-$(CONFIG_ATH9K_UBNTHSR) += ATH9K_UBNTHSR @@ -207,6 +209,12 @@ endef define KernelPackage/ath9k/config + config ATH9K_HWRNG + bool "Add wireless noise as source of randomness to kernel entropy pool" + depends on PACKAGE_kmod-ath9k + select PACKAGE_kmod-random-core + default n + config ATH9K_SUPPORT_PCOEM bool "Support chips used in PC OEM cards" depends on PACKAGE_kmod-ath9k From c5bf9a8ced6567c6bd9da63c6ff4c4f2f87207fd Mon Sep 17 00:00:00 2001 From: Kuan-Yi Li Date: Sun, 11 Aug 2019 03:23:28 +0800 Subject: [PATCH 09/11] base-files: gpio switch: add named GPIO support Previously, gpio_switch only accepts GPIO pin number as input. Once a GPIO pin is exported and named by device tree, its pin state cannot be configured and saved across reboots by UCI. This patch adds support for named GPIO pins. Thus GPIO pin can be exported by device tree with active high/low correctly configured, having human-readable name in /sys/class/gpio/ is also now possible. More importantly, GPIO pins which are referenced by name will be immune from pin mapping breakage while unintentional pin number changes are introduced by kernel or driver updates. Signed-off-by: Kuan-Yi Li --- package/base-files/Makefile | 2 +- .../base-files/files/etc/init.d/gpio_switch | 42 +++++++++++++------ .../files/lib/functions/uci-defaults.sh | 2 +- 3 files changed, 32 insertions(+), 14 deletions(-) diff --git a/package/base-files/Makefile b/package/base-files/Makefile index 5bf783d0e8..84fbcacdfc 100644 --- a/package/base-files/Makefile +++ b/package/base-files/Makefile @@ -12,7 +12,7 @@ include $(INCLUDE_DIR)/version.mk include $(INCLUDE_DIR)/feeds.mk PKG_NAME:=base-files -PKG_RELEASE:=222 +PKG_RELEASE:=223 PKG_FLAGS:=nonshared PKG_FILE_DEPENDS:=$(PLATFORM_DIR)/ $(GENERIC_PLATFORM_DIR)/base-files/ diff --git a/package/base-files/files/etc/init.d/gpio_switch b/package/base-files/files/etc/init.d/gpio_switch index 6b2dcdce41..24d790b065 100755 --- a/package/base-files/files/etc/init.d/gpio_switch +++ b/package/base-files/files/etc/init.d/gpio_switch @@ -16,21 +16,39 @@ load_gpio_switch() config_get name "$1" name config_get value "$1" value 0 - local gpio_path="/sys/class/gpio/gpio${gpio_pin}" - # export GPIO pin for access - [ -d "$gpio_path" ] || { - echo "$gpio_pin" >/sys/class/gpio/export - # we need to wait a bit until the GPIO appears - [ -d "$gpio_path" ] || sleep 1 + [ -z "$gpio_pin" ] && { + echo >&2 "Skipping gpio_switch '$name' due to missing gpio_pin" + return 1 } - # direction attribute only exists if the kernel supports changing the - # direction of a GPIO - if [ -e "${gpio_path}/direction" ]; then - # set the pin to output with high or low pin value - { [ "$value" = "0" ] && echo "low" || echo "high"; } >"$gpio_path/direction" + local gpio_path + if [ -n "$(echo "$gpio_pin" | grep -E "^[0-9]+$")" ]; then + gpio_path="/sys/class/gpio/gpio${gpio_pin}" + + # export GPIO pin for access + [ -d "$gpio_path" ] || { + echo "$gpio_pin" >/sys/class/gpio/export + # we need to wait a bit until the GPIO appears + [ -d "$gpio_path" ] || sleep 1 + } + + # direction attribute only exists if the kernel supports changing the + # direction of a GPIO + if [ -e "${gpio_path}/direction" ]; then + # set the pin to output with high or low pin value + { [ "$value" = "0" ] && echo "low" || echo "high"; } \ + >"$gpio_path/direction" + else + { [ "$value" = "0" ] && echo "0" || echo "1"; } \ + >"$gpio_path/value" + fi else - { [ "$value" = "0" ] && echo "0" || echo "1"; } >"$gpio_path/value" + gpio_path="/sys/class/gpio/${gpio_pin}" + + [ -d "$gpio_path" ] && { + { [ "$value" = "0" ] && echo "0" || echo "1"; } \ + >"$gpio_path/value" + } fi } diff --git a/package/base-files/files/lib/functions/uci-defaults.sh b/package/base-files/files/lib/functions/uci-defaults.sh index e551e8fd57..12b900031d 100755 --- a/package/base-files/files/lib/functions/uci-defaults.sh +++ b/package/base-files/files/lib/functions/uci-defaults.sh @@ -573,7 +573,7 @@ ucidef_add_gpio_switch() { json_select_object gpioswitch json_select_object "$cfg" json_add_string name "$name" - json_add_int pin "$pin" + json_add_string pin "$pin" json_add_int default "$default" json_select .. json_select .. From a57fb86d6a28c5292ca2ee50f2b5ec8e49c844ec Mon Sep 17 00:00:00 2001 From: Chen Minqiang Date: Wed, 17 Apr 2019 20:00:49 +0800 Subject: [PATCH 10/11] toolchain: glibc ldd env path fixup This replace the shell script header of ldd when it install to `/usr/bin/ldd` where `#! /..../staging_dir/host/bin/bash` should be `#!/bin/sh` Signed-off-by: Chen Minqiang --- package/libs/toolchain/Makefile | 1 + 1 file changed, 1 insertion(+) diff --git a/package/libs/toolchain/Makefile b/package/libs/toolchain/Makefile index f92a1779da..9851a5f1cd 100644 --- a/package/libs/toolchain/Makefile +++ b/package/libs/toolchain/Makefile @@ -614,6 +614,7 @@ ifeq ($(CONFIG_EXTERNAL_TOOLCHAIN),) define Package/ldd/install $(INSTALL_DIR) $(1)/usr/bin/ $(CP) $(TOOLCHAIN_DIR)/bin/ldd $(1)/usr/bin/ + sed -i 's,^#!.*,#!/bin/sh,' $(1)/usr/bin/ldd endef define Package/ldconfig/install From be56b297072e158ae20b78c8c5c6ba4991706bf6 Mon Sep 17 00:00:00 2001 From: Adrian Schmutzler Date: Thu, 18 Jun 2020 22:31:11 +0200 Subject: [PATCH 11/11] ath79: set ð1 status for TP-Link CPE devices in parent DTSI The status is set to "okay" for all devices on ar9344, so just move this to the parent DTSI. Signed-off-by: Adrian Schmutzler --- target/linux/ath79/dts/ar9344_tplink_cpe.dtsi | 4 ++++ target/linux/ath79/dts/ar9344_tplink_cpe610-v1.dts | 2 -- target/linux/ath79/dts/ar9344_tplink_cpe_1port.dtsi | 2 -- target/linux/ath79/dts/ar9344_tplink_cpe_2port.dtsi | 2 -- 4 files changed, 4 insertions(+), 6 deletions(-) diff --git a/target/linux/ath79/dts/ar9344_tplink_cpe.dtsi b/target/linux/ath79/dts/ar9344_tplink_cpe.dtsi index 27a8d0aa13..9a6f0ea5ab 100644 --- a/target/linux/ath79/dts/ar9344_tplink_cpe.dtsi +++ b/target/linux/ath79/dts/ar9344_tplink_cpe.dtsi @@ -110,3 +110,7 @@ mtd-mac-address = <&info 0x8>; }; + +ð1 { + status = "okay"; +}; diff --git a/target/linux/ath79/dts/ar9344_tplink_cpe610-v1.dts b/target/linux/ath79/dts/ar9344_tplink_cpe610-v1.dts index 54ea399b74..de41397072 100644 --- a/target/linux/ath79/dts/ar9344_tplink_cpe610-v1.dts +++ b/target/linux/ath79/dts/ar9344_tplink_cpe610-v1.dts @@ -30,7 +30,5 @@ }; ð1 { - status = "okay"; - compatible = "syscon", "simple-mfd"; }; diff --git a/target/linux/ath79/dts/ar9344_tplink_cpe_1port.dtsi b/target/linux/ath79/dts/ar9344_tplink_cpe_1port.dtsi index 057ba4572f..be29d944b2 100644 --- a/target/linux/ath79/dts/ar9344_tplink_cpe_1port.dtsi +++ b/target/linux/ath79/dts/ar9344_tplink_cpe_1port.dtsi @@ -41,7 +41,5 @@ }; ð1 { - status = "okay"; - compatible = "syscon", "simple-mfd"; }; diff --git a/target/linux/ath79/dts/ar9344_tplink_cpe_2port.dtsi b/target/linux/ath79/dts/ar9344_tplink_cpe_2port.dtsi index 8a1332c9c5..089114f21b 100644 --- a/target/linux/ath79/dts/ar9344_tplink_cpe_2port.dtsi +++ b/target/linux/ath79/dts/ar9344_tplink_cpe_2port.dtsi @@ -61,8 +61,6 @@ }; ð1 { - status = "okay"; - mtd-mac-address = <&info 0x8>; gmac-config {