diff --git a/package/boot/rbcfg/Makefile b/package/boot/rbcfg/Makefile index 55e0ea7490..874ef06924 100644 --- a/package/boot/rbcfg/Makefile +++ b/package/boot/rbcfg/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=rbcfg -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) diff --git a/package/boot/rbcfg/src/main.c b/package/boot/rbcfg/src/main.c index 2acbfbd8cb..7da46f90a5 100644 --- a/package/boot/rbcfg/src/main.c +++ b/package/boot/rbcfg/src/main.c @@ -498,7 +498,7 @@ rbcfg_update(int tmp) put_u32(ctx->buf + 4, crc); name = (tmp) ? ctx->tmp_file : ctx->mtd_device; - fd = open(name, O_WRONLY | O_CREAT); + fd = open(name, O_WRONLY | O_CREAT, 0640); if (fd < 0) { fprintf(stderr, "unable to open %s for writing\n", name); err = RB_ERR_IO; diff --git a/package/devel/binutils/Makefile b/package/devel/binutils/Makefile index 291f45205a..e04611f5d3 100644 --- a/package/devel/binutils/Makefile +++ b/package/devel/binutils/Makefile @@ -49,6 +49,7 @@ define Package/binutils CATEGORY:=Development TITLE:=binutils DEPENDS:=+objdump +ar + ALTERNATIVES:=200:/usr/bin/strings:/usr/bin/binutils-strings endef define Package/objdump @@ -114,7 +115,7 @@ endef define Package/binutils/install $(INSTALL_DIR) $(1)/usr $(1)/bin $(CP) $(PKG_INSTALL_DIR)/usr/bin/ $(1)/usr/ - mv $(1)/usr/bin/strings $(1)/bin/strings + mv $(1)/usr/bin/strings $(1)/usr/bin/binutils-strings rm -f $(1)/usr/bin/objdump rm -f $(1)/usr/bin/ar endef diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index baa8c1d07e..5f102d967d 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn -PKG_VERSION:=2.4.8 +PKG_VERSION:=2.4.9 PKG_RELEASE:=1 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ https://swupdate.openvpn.net/community/releases/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_HASH:=fb8ca66bb7807fff595fbdf2a0afd085c02a6aa47715c9aa3171002f9f1a3f91 +PKG_HASH:=641f3add8694b2ccc39fd4fd92554e4f089ad16a8db6d2b473ec284839a5ebe2 PKG_MAINTAINER:=Felix Fietkau diff --git a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch index 7fc0089000..cb16a906fe 100644 --- a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch +++ b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch @@ -1,6 +1,6 @@ --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c -@@ -1406,7 +1406,7 @@ const char * +@@ -1415,7 +1415,7 @@ const char * get_ssl_library_version(void) { static char mbedtls_version[30]; diff --git a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch index 7e9931f0f3..c7faf7c0c0 100644 --- a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch +++ b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch @@ -47,7 +47,7 @@ Signed-off-by: Gert Doering #endif --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c -@@ -1977,7 +1977,7 @@ get_highest_preference_tls_cipher(char * +@@ -2008,7 +2008,7 @@ get_highest_preference_tls_cipher(char * const char * get_ssl_library_version(void) { diff --git a/package/network/utils/dante/Makefile b/package/network/utils/dante/Makefile index 4f5d08724c..15bd6d2afc 100644 --- a/package/network/utils/dante/Makefile +++ b/package/network/utils/dante/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dante PKG_VERSION:=1.4.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.inet.no/dante/files/ diff --git a/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch b/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch new file mode 100644 index 0000000000..e711189c59 --- /dev/null +++ b/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch @@ -0,0 +1,53 @@ +When compiled with glibc the config_scan.c wants to use the +cpupolicy2numeric() function which is only available when +HAVE_SCHED_SETSCHEDULER is set. It looks like the wrong define was used here. + +This fixes a build problem with glibc in combination with the force +ac_cv_func_sched_setscheduler=no in the OpenWrt CONFIGURE_VARS. + +--- a/lib/config_scan.c ++++ b/lib/config_scan.c +@@ -3891,7 +3891,7 @@ YY_RULE_SETUP + SERRX(0); + + #else /* !SOCKS_CLIENT */ +-#if HAVE_SCHED_SETAFFINITY ++#if HAVE_SCHED_SETSCHEDULER + + BEGIN(0); + +@@ -3899,9 +3899,9 @@ YY_RULE_SETUP + yyerrorx("unknown scheduling policy \"%s\"", yytext); + + return SCHEDULEPOLICY; +-#else /* !HAVE_SCHED_SETAFFINITY */ ++#else /* !HAVE_SCHED_SETSCHEDULER */ + yyerrorx("setting cpu scheduling policy is not supported on this platform"); +-#endif /* !HAVE_SCHED_SETAFFINITY */ ++#endif /* !HAVE_SCHED_SETSCHEDULER */ + + #endif /* SOCKS_CLIENT */ + } +--- a/lib/config_scan.l ++++ b/lib/config_scan.l +@@ -456,7 +456,7 @@ cpu { + SERRX(0); + + #else /* !SOCKS_CLIENT */ +-#if HAVE_SCHED_SETAFFINITY ++#if HAVE_SCHED_SETSCHEDULER + + BEGIN(0); + +@@ -464,9 +464,9 @@ cpu { + yyerrorx("unknown scheduling policy \"%s\"", yytext); + + return SCHEDULEPOLICY; +-#else /* !HAVE_SCHED_SETAFFINITY */ ++#else /* !HAVE_SCHED_SETSCHEDULER */ + yyerrorx("setting cpu scheduling policy is not supported on this platform"); +-#endif /* !HAVE_SCHED_SETAFFINITY */ ++#endif /* !HAVE_SCHED_SETSCHEDULER */ + + #endif /* SOCKS_CLIENT */ + } diff --git a/package/utils/busybox/patches/001-remove-stime-function-calls.patch b/package/utils/busybox/patches/001-remove-stime-function-calls.patch new file mode 100644 index 0000000000..ccf9bef356 --- /dev/null +++ b/package/utils/busybox/patches/001-remove-stime-function-calls.patch @@ -0,0 +1,84 @@ +From d3539be8f27b8cbfdfee460fe08299158f08bcd9 Mon Sep 17 00:00:00 2001 +From: Alistair Francis +Date: Tue, 19 Nov 2019 13:06:40 +0100 +Subject: Remove stime() function calls + +stime() has been deprecated in glibc 2.31 and replaced with +clock_settime(). Let's replace the stime() function calls with +clock_settime() in preperation. + +function old new delta +rdate_main 197 224 +27 +clock_settime - 27 +27 +date_main 926 941 +15 +stime 37 - -37 +------------------------------------------------------------------------------ +(add/remove: 2/2 grow/shrink: 2/0 up/down: 69/-37) Total: 32 bytes + +Signed-off-by: Alistair Francis +Signed-off-by: Denys Vlasenko +--- + coreutils/date.c | 6 +++++- + libbb/missing_syscalls.c | 8 -------- + util-linux/rdate.c | 8 ++++++-- + 3 files changed, 11 insertions(+), 11 deletions(-) + +--- a/coreutils/date.c ++++ b/coreutils/date.c +@@ -279,6 +279,9 @@ int date_main(int argc UNUSED_PARAM, cha + time(&ts.tv_sec); + #endif + } ++#if !ENABLE_FEATURE_DATE_NANO ++ ts.tv_nsec = 0; ++#endif + localtime_r(&ts.tv_sec, &tm_time); + + /* If date string is given, update tm_time, and maybe set date */ +@@ -301,9 +304,10 @@ int date_main(int argc UNUSED_PARAM, cha + if (date_str[0] != '@') + tm_time.tm_isdst = -1; + ts.tv_sec = validate_tm_time(date_str, &tm_time); ++ ts.tv_nsec = 0; + + /* if setting time, set it */ +- if ((opt & OPT_SET) && stime(&ts.tv_sec) < 0) { ++ if ((opt & OPT_SET) && clock_settime(CLOCK_REALTIME, &ts) < 0) { + bb_perror_msg("can't set date"); + } + } +--- a/libbb/missing_syscalls.c ++++ b/libbb/missing_syscalls.c +@@ -15,14 +15,6 @@ pid_t getsid(pid_t pid) + return syscall(__NR_getsid, pid); + } + +-int stime(const time_t *t) +-{ +- struct timeval tv; +- tv.tv_sec = *t; +- tv.tv_usec = 0; +- return settimeofday(&tv, NULL); +-} +- + int sethostname(const char *name, size_t len) + { + return syscall(__NR_sethostname, name, len); +--- a/util-linux/rdate.c ++++ b/util-linux/rdate.c +@@ -95,9 +95,13 @@ int rdate_main(int argc UNUSED_PARAM, ch + if (!(flags & 2)) { /* no -p (-s may be present) */ + if (time(NULL) == remote_time) + bb_error_msg("current time matches remote time"); +- else +- if (stime(&remote_time) < 0) ++ else { ++ struct timespec ts; ++ ts.tv_sec = remote_time; ++ ts.tv_nsec = 0; ++ if (clock_settime(CLOCK_REALTIME, &ts) < 0) + bb_perror_msg_and_die("can't set time of day"); ++ } + } + + if (flags != 1) /* not lone -s */ diff --git a/package/utils/ugps/Makefile b/package/utils/ugps/Makefile index 6eae5afbcf..85c64533d1 100644 --- a/package/utils/ugps/Makefile +++ b/package/utils/ugps/Makefile @@ -31,10 +31,6 @@ endef TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include -ifneq ($(CONFIG_USE_GLIBC),) - TARGET_CFLAGS += -D_DEFAULT_SOURCE -endif - define Package/ugps/conffiles /etc/config/gps endef diff --git a/target/linux/bcm63xx/Makefile b/target/linux/bcm63xx/Makefile index 9e7e2b052e..d87918f0f5 100644 --- a/target/linux/bcm63xx/Makefile +++ b/target/linux/bcm63xx/Makefile @@ -12,8 +12,7 @@ BOARD:=bcm63xx BOARDNAME:=Broadcom BCM63xx SUBTARGETS:=generic smp FEATURES:=squashfs usb atm pci pcmcia usbgadget -KERNEL_PATCHVER:=4.14 -KERNEL_TESTING_PATCHVER:=5.4 +KERNEL_PATCHVER:=5.4 define Target/Description Build firmware images for Broadcom based xDSL/routers diff --git a/target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch b/target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch new file mode 100644 index 0000000000..d63aa76319 --- /dev/null +++ b/target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch @@ -0,0 +1,60 @@ +From: Mantas Pucka +To: linux-mtd@lists.infradead.org +Subject: [PATCH] mtd: spi-nor: fix 4-byte opcode support for w25q256 +Date: Wed, 15 Apr 2020 16:48:30 +0300 +Message-ID: <1586958510-24012-1-git-send-email-mantas@8devices.com> + +There are 2 different chips (w25q256fv and w25q256jv) that share +the same JEDEC ID. Only w25q256jv fully supports 4-byte opcodes. +Use SFDP header version to differentiate between them. + +for OpenWRT only: rebased to linux-v5.4 + +Signed-off-by: Mantas Pucka +--- + +--- a/drivers/mtd/spi-nor/spi-nor.c ++++ b/drivers/mtd/spi-nor/spi-nor.c +@@ -2170,6 +2170,32 @@ static struct spi_nor_fixups gd25q256_fi + .default_init = gd25q256_default_init, + }; + ++static int ++w25q256_post_bfpt_fixups(struct spi_nor *nor, ++ const struct sfdp_parameter_header *bfpt_header, ++ const struct sfdp_bfpt *bfpt, ++ struct spi_nor_flash_parameter *params) ++{ ++ /* ++ * W25Q256JV supports 4B opcodes but W25Q256FV does not. ++ * Unfortunately, Winbond has re-used the same JEDEC ID for both ++ * variants which prevents us from defining a new entry in the parts ++ * table. ++ * To differentiate between W25Q256JV and W25Q256FV check SFDP header ++ * version: only JV has JESD216A compliant structure (version 5) ++ */ ++ ++ if (bfpt_header->major == SFDP_JESD216_MAJOR && ++ bfpt_header->minor == SFDP_JESD216A_MINOR) ++ nor->flags |= SNOR_F_4B_OPCODES; ++ ++ return 0; ++} ++ ++static struct spi_nor_fixups w25q256_fixups = { ++ .post_bfpt = w25q256_post_bfpt_fixups, ++}; ++ + /* NOTE: double check command sets and memory organization when you add + * more nor chips. This current list focusses on newer chips, which + * have been converging on command sets which including JEDEC ID. +@@ -2508,7 +2534,8 @@ static const struct flash_info spi_nor_i + { "w25q80", INFO(0xef5014, 0, 64 * 1024, 16, SECT_4K) }, + { "w25q80bl", INFO(0xef4014, 0, 64 * 1024, 16, SECT_4K) }, + { "w25q128", INFO(0xef4018, 0, 64 * 1024, 256, SECT_4K) }, +- { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) }, ++ { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) ++ .fixups = &w25q256_fixups }, + { "w25q256jvm", INFO(0xef7019, 0, 64 * 1024, 512, + SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) }, + { "w25m512jv", INFO(0xef7119, 0, 64 * 1024, 1024, diff --git a/target/linux/ramips/dts/mt7620a_iptime.dtsi b/target/linux/ramips/dts/mt7620a_iptime.dtsi index 5a6fdacb52..c7c90ca722 100644 --- a/target/linux/ramips/dts/mt7620a_iptime.dtsi +++ b/target/linux/ramips/dts/mt7620a_iptime.dtsi @@ -21,7 +21,7 @@ flash@0 { compatible = "jedec,spi-nor"; reg = <0>; - spi-max-frequency = <40000000>; + spi-max-frequency = <50000000>; partitions { compatible = "fixed-partitions"; diff --git a/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts b/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts new file mode 100644 index 0000000000..e1e9050406 --- /dev/null +++ b/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts @@ -0,0 +1,104 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "mt7620a_iptime.dtsi" + +/ { + compatible = "iptime,a1004ns", "ralink,mt7620a-soc"; + model = "ipTIME A1004ns"; + + aliases { + led-boot = &led_cpu; + led-failsafe = &led_cpu; + led-running = &led_cpu; + led-upgrade = &led_cpu; + }; + + leds { + compatible = "gpio-leds"; + + led_cpu: cpu { + label = "a1004ns:blue:cpu"; + gpios = <&gpio0 11 GPIO_ACTIVE_LOW>; + }; + + usb { + label = "a1004ns:blue:usb"; + gpios = <&gpio1 15 GPIO_ACTIVE_LOW>; + trigger-sources = <&ohci_port1>, <&ehci_port1>; + linux,default-trigger = "usbport"; + }; + }; + + keys { + compatible = "gpio-keys"; + + reset { + label = "reset"; + gpios = <&gpio0 1 GPIO_ACTIVE_LOW>; + linux,code = ; + }; + + wps { + label = "wps"; + gpios = <&gpio0 2 GPIO_ACTIVE_LOW>; + linux,code = ; + }; + }; +}; + +&firmware { + reg = <0x30000 0xfd0000>; +}; + +&state_default { + gpio { + groups = "i2c", "uartf", "spi refclk"; + function = "gpio"; + }; +}; + +ðernet { + pinctrl-names = "default"; + pinctrl-0 = <&rgmii1_pins &mdio_pins>; + + port@5 { + status = "okay"; + mediatek,fixed-link = <1000 1 1 1>; + phy-mode = "rgmii"; + }; + + mdio-bus { + status = "okay"; + + ethernet-phy@0 { + reg = <0>; + phy-mode = "rgmii"; + }; + + ethernet-phy@1 { + reg = <1>; + phy-mode = "rgmii"; + }; + + ethernet-phy@2 { + reg = <2>; + phy-mode = "rgmii"; + }; + + ethernet-phy@3 { + reg = <3>; + phy-mode = "rgmii"; + }; + + ethernet-phy@4 { + reg = <4>; + phy-mode = "rgmii"; + }; + + ethernet-phy@1f { + reg = <0x1f>; + phy-mode = "rgmii"; + }; + }; +}; diff --git a/target/linux/ramips/dts/mt7621.dtsi b/target/linux/ramips/dts/mt7621.dtsi index 63befa1fdc..78979dc420 100644 --- a/target/linux/ramips/dts/mt7621.dtsi +++ b/target/linux/ramips/dts/mt7621.dtsi @@ -568,11 +568,10 @@ 0x01000000 0 0x00000000 0x1e160000 0 0x00010000 /* io space */ >; - #interrupt-cells = <1>; - interrupt-map-mask = <0xF0000 0 0 1>; - interrupt-map = <0x10000 0 0 1 &gic GIC_SHARED 4 IRQ_TYPE_LEVEL_HIGH>, - <0x20000 0 0 1 &gic GIC_SHARED 24 IRQ_TYPE_LEVEL_HIGH>, - <0x30000 0 0 1 &gic GIC_SHARED 25 IRQ_TYPE_LEVEL_HIGH>; + interrupt-parent = <&gic>; + interrupts = ; status = "disabled"; diff --git a/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts b/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts index 9d60d509ab..1bbfc157ae 100644 --- a/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts +++ b/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts @@ -44,6 +44,22 @@ linux,code = ; }; }; + + ubi-concat { + compatible = "mtd-concat"; + devices = <&ubipart0 &ubipart1>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + ubi@0 { + label = "ubi"; + reg = <0x0 0x79c0000>; + }; + }; + }; }; &nand { @@ -74,18 +90,12 @@ partition@140000 { label = "kernel"; - reg = <0x140000 0x200000>; + reg = <0x140000 0x400000>; }; - partition@340000 { - label = "ubi"; - reg = <0x340000 0x1E00000>; - }; - - partition@2140000 { - label = "hw_panic"; - reg = <0x2140000 0x80000>; - read-only; + ubipart0: partition@540000 { + label = "ubipart0"; + reg = <0x540000 0x1c80000>; }; partition@21c0000 { @@ -94,30 +104,9 @@ read-only; }; - partition@2240000 { - label = "backup"; - reg = <0x2240000 0x80000>; - read-only; - }; - - partition@22c0000 { - label = "overly"; - reg = <0x22c0000 0x1000000>; - }; - - partition@32c0000 { - label = "firmware_backup"; - reg = <0x32c0000 0x2000000>; - }; - - partition@52c0000 { - label = "oem"; - reg = <0x52c0000 0x200000>; - }; - - partition@54c0000 { - label = "opt"; - reg = <0x54c0000 0x2ac0000>; + ubipart1: partition@2240000 { + label = "ubipart1"; + reg = <0x2240000 0x5d40000>; }; }; }; diff --git a/target/linux/ramips/image/Makefile b/target/linux/ramips/image/Makefile index a966ba4349..f93ea8ab2a 100644 --- a/target/linux/ramips/image/Makefile +++ b/target/linux/ramips/image/Makefile @@ -39,7 +39,7 @@ endef define Device/uimage-lzma-loader LOADER_TYPE := bin - KERNEL := $(KERNEL_DTB) | loader-kernel | uImage none + KERNEL := kernel-bin | append-dtb | lzma | loader-kernel | uImage none endef define Device/seama diff --git a/target/linux/ramips/image/mt7620.mk b/target/linux/ramips/image/mt7620.mk index 818fd12de7..69b9b7d7fd 100644 --- a/target/linux/ramips/image/mt7620.mk +++ b/target/linux/ramips/image/mt7620.mk @@ -503,6 +503,17 @@ define Device/iodata_wn-ac733gr3 endef TARGET_DEVICES += iodata_wn-ac733gr3 +define Device/iptime_a1004ns + SOC := mt7620a + IMAGE_SIZE := 16192k + UIMAGE_NAME := a1004ns + DEVICE_VENDOR := ipTIME + DEVICE_MODEL := A1004ns + DEVICE_PACKAGES := kmod-mt76x0e kmod-usb2 kmod-usb-ohci \ + kmod-usb-ledtrig-usbport +endef +TARGET_DEVICES += iptime_a1004ns + define Device/iptime_a104ns SOC := mt7620a IMAGE_SIZE := 8000k diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk index 79e6d8d368..d3a71ef238 100644 --- a/target/linux/ramips/image/mt7621.mk +++ b/target/linux/ramips/image/mt7621.mk @@ -229,6 +229,7 @@ endef TARGET_DEVICES += dlink_dir-860l-b1 define Device/d-team_newifi-d2 + $(Device/uimage-lzma-loader) IMAGE_SIZE := 32448k DEVICE_VENDOR := Newifi DEVICE_MODEL := D2 @@ -339,7 +340,7 @@ TARGET_DEVICES += gnubee_gb-pc2 define Device/hiwifi_hc5962 BLOCKSIZE := 128k PAGESIZE := 2048 - KERNEL_SIZE := 2097152 + KERNEL_SIZE := 4096k UBINIZE_OPTS := -E 5 IMAGE_SIZE := 32768k IMAGES += factory.bin @@ -349,9 +350,6 @@ define Device/hiwifi_hc5962 DEVICE_VENDOR := HiWiFi DEVICE_MODEL := HC5962 DEVICE_PACKAGES := kmod-mt7603 kmod-mt76x2 kmod-usb3 wpad-basic - SUPPORTED_DEVICES += hc5962 - # Kernel partition too small - DEFAULT := n endef TARGET_DEVICES += hiwifi_hc5962 @@ -463,6 +461,7 @@ endef TARGET_DEVICES += jcg_jhr-ac876m define Device/lenovo_newifi-d1 + $(Device/uimage-lzma-loader) IMAGE_SIZE := 32448k DEVICE_VENDOR := Newifi DEVICE_MODEL := D1 @@ -747,6 +746,7 @@ endef TARGET_DEVICES += telco-electronics_x1 define Device/thunder_timecloud + $(Device/uimage-lzma-loader) IMAGE_SIZE := 16064k DEVICE_VENDOR := Thunder DEVICE_MODEL := Timecloud diff --git a/target/linux/ramips/mt7620/base-files/etc/board.d/02_network b/target/linux/ramips/mt7620/base-files/etc/board.d/02_network index 44a9db6ece..8ae50b3df5 100755 --- a/target/linux/ramips/mt7620/base-files/etc/board.d/02_network +++ b/target/linux/ramips/mt7620/base-files/etc/board.d/02_network @@ -143,7 +143,8 @@ ramips_setup_interfaces() "0:lan" "1:lan" "5:wan" "6@eth0" ;; iodata,wn-ac1167gr|\ - iodata,wn-ac733gr3) + iodata,wn-ac733gr3|\ + iptime,a1004ns) ucidef_add_switch "switch0" ucidef_add_switch_attr "switch0" "enable" "false" ucidef_add_switch "switch1" \ @@ -312,6 +313,9 @@ ramips_setup_macs() iodata,wn-ac733gr3) wan_mac=$(mtd_get_mac_ascii u-boot-env wanaddr) ;; + iptime,a1004ns) + wan_mac=$(mtd_get_mac_binary u-boot 0x1fc40) + ;; iptime,a104ns) wan_mac=$(macaddr_add "$(mtd_get_mac_binary u-boot 0x1fc20)" 2) ;; diff --git a/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches b/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches index 91a9459d8c..24bfcb2051 100755 --- a/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches +++ b/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches @@ -14,14 +14,14 @@ telco-electronics,x1) ucidef_add_gpio_switch "modem_reset" "Modem Reset" "16" ;; ubnt,edgerouter-x) - ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "0" + ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "480" ;; ubnt,edgerouter-x-sfp) - ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "496" - ucidef_add_gpio_switch "poe_power_port1" "PoE Power Port1" "497" - ucidef_add_gpio_switch "poe_power_port2" "PoE Power Port2" "498" - ucidef_add_gpio_switch "poe_power_port3" "PoE Power Port3" "499" - ucidef_add_gpio_switch "poe_power_port4" "PoE Power Port4" "500" + ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "400" + ucidef_add_gpio_switch "poe_power_port1" "PoE Power Port1" "401" + ucidef_add_gpio_switch "poe_power_port2" "PoE Power Port2" "402" + ucidef_add_gpio_switch "poe_power_port3" "PoE Power Port3" "403" + ucidef_add_gpio_switch "poe_power_port4" "PoE Power Port4" "404" ;; esac diff --git a/target/linux/ramips/mt7621/config-5.4 b/target/linux/ramips/mt7621/config-5.4 index 2d887d776b..e91003d8d2 100644 --- a/target/linux/ramips/mt7621/config-5.4 +++ b/target/linux/ramips/mt7621/config-5.4 @@ -217,6 +217,7 @@ CONFIG_MTD_UBI_BLOCK=y # CONFIG_MTD_UBI_FASTMAP is not set # CONFIG_MTD_UBI_GLUEBI is not set CONFIG_MTD_UBI_WL_THRESHOLD=4096 +CONFIG_MTD_VIRT_CONCAT=y # CONFIG_MTK_HSDMA is not set CONFIG_NEED_DMA_MAP_STATE=y CONFIG_NET_DEVLINK=y diff --git a/target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch b/target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch new file mode 100644 index 0000000000..9efcb8011a --- /dev/null +++ b/target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch @@ -0,0 +1,65 @@ +From 5fcded5e857cf66c9592e4be28c4dab4520c9177 Mon Sep 17 00:00:00 2001 +From: Sergio Paracuellos +Date: Thu, 9 Apr 2020 13:16:52 +0200 +Subject: [PATCH] staging: mt7621-pci: properly power off dual-ported pcie phy + +Pcie phy for pcie0 and pcie1 is shared using a dual ported +one. Current code was assuming that if nothing is connected +in pcie0 it won't be also nothing connected in pcie1. This +assumtion is wrong for some devices such us 'Mikrotik rbm33g' +and 'ZyXEL LTE3301-PLUS' where only connecting a card to the +second bus on the phy is possible. For such devices kernel +hangs in the same point because of the wrong poweroff of the +phy getting the following trace: + +mt7621-pci-phy 1e149000.pcie-phy: PHY for 0xbe149000 (dual port = 1) +mt7621-pci-phy 1e14a000.pcie-phy: PHY for 0xbe14a000 (dual port = 0) +mt7621-pci-phy 1e149000.pcie-phy: Xtal is 40MHz +mt7621-pci-phy 1e14a000.pcie-phy: Xtal is 40MHz +mt7621-pci 1e140000.pcie: pcie0 no card, disable it (RST & CLK) +[hangs] + +The wrong assumption is located in the 'mt7621_pcie_init_ports' +function where we are just making a power off of the phy for +slots 0 and 2 if nothing is connected in them. Hence, only +poweroff the phy if nothing is connected in both slot 0 and +slot 1 avoiding the kernel to hang. + +Fixes: 5737cfe87a9c ("staging: mt7621-pci: avoid to poweroff the phy for slot one") +Signed-off-by: Sergio Paracuellos +Link: https://lore.kernel.org/r/20200409111652.30964-1-sergio.paracuellos@gmail.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/staging/mt7621-pci/pci-mt7621.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +--- a/drivers/staging/mt7621-pci/pci-mt7621.c ++++ b/drivers/staging/mt7621-pci/pci-mt7621.c +@@ -502,17 +502,25 @@ static void mt7621_pcie_init_ports(struc + + mt7621_pcie_reset_ep_deassert(pcie); + ++ tmp = NULL; + list_for_each_entry(port, &pcie->ports, list) { + u32 slot = port->slot; + + if (!mt7621_pcie_port_is_linkup(port)) { + dev_err(dev, "pcie%d no card, disable it (RST & CLK)\n", + slot); +- if (slot != 1) +- phy_power_off(port->phy); + mt7621_control_assert(port); + mt7621_pcie_port_clk_disable(port); + port->enabled = false; ++ ++ if (slot == 0) { ++ tmp = port; ++ continue; ++ } ++ ++ if (slot == 1 && tmp && !tmp->enabled) ++ phy_power_off(tmp->phy); ++ + } + } + } diff --git a/target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch b/target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch new file mode 100644 index 0000000000..68de6df2db --- /dev/null +++ b/target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch @@ -0,0 +1,157 @@ +From fab6710e4c51f4eb622f95a08322ab5fdbe3f295 Mon Sep 17 00:00:00 2001 +From: Sergio Paracuellos +Date: Mon, 13 Apr 2020 07:59:42 +0200 +Subject: [PATCH] staging: mt7621-pci: fix PCIe interrupt mapping + +MT7621 has three assigned interrupts for the pcie. This +interrupts should properly being mapped taking into account +which devices are finally connected in which bus according +to link status. So the irq mappings should be as follows +according to link status (three bits indicating which devices +are link up): + +* For PCIe Bus 1 slot 0: + - status = 0x2 || status = 0x6 => IRQ = pcie1_irq (24). + - status = 0x4 => IRQ = pcie2_irq (25). + - default => IRQ = pcie0_irq (23). +* For PCIe Bus 2 slot 0: + - status = 0x5 || status = 0x6 => IRQ = pcie2_irq (25). + - default => IRQ = pcie1_irq (24). +* For PCIe Bus 2 slot 1: + - status = 0x5 || status = 0x6 => IRQ = pcie2_irq (25). + - default => IRQ = pcie1_irq (24). +* For PCIe Bus 3 any slot: + - default => IRQ = pcie2_irq (25). + +Because of this, the function 'of_irq_parse_and_map_pci' cannot +be used and we need to change device tree information from using +the 'interrupt-map' and 'interrupt-map-mask' properties into an +'interrupts' property to be able to get irq information from the +ports using the 'platform_get_irq' and storing an 'irq-map' into +the pcie driver data node to properly map correct irq using a +new 'mt7621_map_irq' function where this map will be read and the +correct irq returned. + +Fixes: 46d093124df4 ("staging: mt7621-pci: improve interrupt mapping") +Signed-off-by: Sergio Paracuellos +Link: https://lore.kernel.org/r/20200413055942.2714-1-sergio.paracuellos@gmail.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/staging/mt7621-dts/mt7621.dtsi | 9 +++---- + drivers/staging/mt7621-pci/pci-mt7621.c | 36 +++++++++++++++++++++++-- + 2 files changed, 38 insertions(+), 7 deletions(-) + +--- a/drivers/staging/mt7621-pci/pci-mt7621.c ++++ b/drivers/staging/mt7621-pci/pci-mt7621.c +@@ -97,6 +97,7 @@ + * @pcie_rst: pointer to port reset control + * @gpio_rst: gpio reset + * @slot: port slot ++ * @irq: GIC irq + * @enabled: indicates if port is enabled + */ + struct mt7621_pcie_port { +@@ -107,6 +108,7 @@ struct mt7621_pcie_port { + struct reset_control *pcie_rst; + struct gpio_desc *gpio_rst; + u32 slot; ++ int irq; + bool enabled; + }; + +@@ -120,6 +122,7 @@ struct mt7621_pcie_port { + * @dev: Pointer to PCIe device + * @io_map_base: virtual memory base address for io + * @ports: pointer to PCIe port information ++ * @irq_map: irq mapping info according pcie link status + * @resets_inverted: depends on chip revision + * reset lines are inverted. + */ +@@ -135,6 +138,7 @@ struct mt7621_pcie { + } offset; + unsigned long io_map_base; + struct list_head ports; ++ int irq_map[PCIE_P2P_MAX]; + bool resets_inverted; + }; + +@@ -279,6 +283,16 @@ static void setup_cm_memory_region(struc + } + } + ++static int mt7621_map_irq(const struct pci_dev *pdev, u8 slot, u8 pin) ++{ ++ struct mt7621_pcie *pcie = pdev->bus->sysdata; ++ struct device *dev = pcie->dev; ++ int irq = pcie->irq_map[slot]; ++ ++ dev_info(dev, "bus=%d slot=%d irq=%d\n", pdev->bus->number, slot, irq); ++ return irq; ++} ++ + static int mt7621_pci_parse_request_of_pci_ranges(struct mt7621_pcie *pcie) + { + struct device *dev = pcie->dev; +@@ -330,6 +344,7 @@ static int mt7621_pcie_parse_port(struct + { + struct mt7621_pcie_port *port; + struct device *dev = pcie->dev; ++ struct platform_device *pdev = to_platform_device(dev); + struct device_node *pnode = dev->of_node; + struct resource regs; + char name[10]; +@@ -371,6 +386,12 @@ static int mt7621_pcie_parse_port(struct + port->slot = slot; + port->pcie = pcie; + ++ port->irq = platform_get_irq(pdev, slot); ++ if (port->irq < 0) { ++ dev_err(dev, "Failed to get IRQ for PCIe%d\n", slot); ++ return -ENXIO; ++ } ++ + INIT_LIST_HEAD(&port->list); + list_add_tail(&port->list, &pcie->ports); + +@@ -585,13 +606,15 @@ static int mt7621_pcie_init_virtual_brid + { + u32 pcie_link_status = 0; + u32 n; +- int i; ++ int i = 0; + u32 p2p_br_devnum[PCIE_P2P_MAX]; ++ int irqs[PCIE_P2P_MAX]; + struct mt7621_pcie_port *port; + + list_for_each_entry(port, &pcie->ports, list) { + u32 slot = port->slot; + ++ irqs[i++] = port->irq; + if (port->enabled) + pcie_link_status |= BIT(slot); + } +@@ -614,6 +637,15 @@ static int mt7621_pcie_init_virtual_brid + (p2p_br_devnum[1] << PCIE_P2P_BR_DEVNUM1_SHIFT) | + (p2p_br_devnum[2] << PCIE_P2P_BR_DEVNUM2_SHIFT)); + ++ /* Assign IRQs */ ++ n = 0; ++ for (i = 0; i < PCIE_P2P_MAX; i++) ++ if (pcie_link_status & BIT(i)) ++ pcie->irq_map[n++] = irqs[i]; ++ ++ for (i = n; i < PCIE_P2P_MAX; i++) ++ pcie->irq_map[i] = -1; ++ + return 0; + } + +@@ -638,7 +670,7 @@ static int mt7621_pcie_register_host(str + host->busnr = pcie->busn.start; + host->dev.parent = pcie->dev; + host->ops = &mt7621_pci_ops; +- host->map_irq = of_irq_parse_and_map_pci; ++ host->map_irq = mt7621_map_irq; + host->swizzle_irq = pci_common_swizzle; + host->sysdata = pcie; + diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index 41ee989b14..060fb2849e 100644 --- a/toolchain/glibc/common.mk +++ b/toolchain/glibc/common.mk @@ -7,12 +7,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=glibc -PKG_VERSION:=2.27 +PKG_VERSION:=2.31 PKG_SOURCE_PROTO:=git PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=bef0b1cb31bed76a355776154af9191ed1758222 -PKG_MIRROR_HASH:=24a137758acdc0d8c5254891204ba38d759838123bab09a64ec0bdb94289aafd +PKG_SOURCE_VERSION:=54ba2541b3a76441a9cbe5dd14c963bf874fd5e9 +PKG_MIRROR_HASH:=333bff38151f333e93a239aa91e0de28a1e7d24863aafe569caf05b9bdb01461 PKG_SOURCE_URL:=https://sourceware.org/git/glibc.git PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz @@ -60,7 +60,8 @@ GLIBC_CONFIGURE:= \ --without-gd \ --without-cvs \ --enable-add-ons \ - --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp + --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \ + --enable-kernel=4.14.0 export libc_cv_ssp=no export libc_cv_ssp_strong=no diff --git a/toolchain/glibc/patches/001-regex-read-overrun.patch b/toolchain/glibc/patches/001-regex-read-overrun.patch deleted file mode 100644 index c4e4307aa6..0000000000 --- a/toolchain/glibc/patches/001-regex-read-overrun.patch +++ /dev/null @@ -1,26 +0,0 @@ -commit 583dd860d5b833037175247230a328f0050dbfe9 -Author: Paul Eggert -Date: Mon Jan 21 11:08:13 2019 -0800 - - regex: fix read overrun [BZ #24114] - - Problem found by AddressSanitizer, reported by Hongxu Chen in: - https://debbugs.gnu.org/34140 - * posix/regexec.c (proceed_next_node): - Do not read past end of input buffer. - ---- a/posix/regexec.c -+++ b/posix/regexec.c -@@ -1293,8 +1293,10 @@ proceed_next_node (const re_match_context_t *mctx, Idx nregs, regmatch_t *regs, - else if (naccepted) - { - char *buf = (char *) re_string_get_buffer (&mctx->input); -- if (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, -- naccepted) != 0) -+ if (mctx->input.valid_len - *pidx < naccepted -+ || (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, -+ naccepted) -+ != 0)) - return -1; - } - } diff --git a/toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch b/toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch new file mode 100644 index 0000000000..4e3e2eebb2 --- /dev/null +++ b/toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch @@ -0,0 +1,686 @@ +From cfc93329e00cd23c226f34b3ffd5552a93c35bd7 Mon Sep 17 00:00:00 2001 +From: Hauke Mehrtens +Date: Mon, 23 Mar 2020 22:33:46 +0100 +Subject: Revert "Disallow use of DES encryption functions in new programs." + +This reverts commit b10a0accee709a5efff2fadf0b0bbb79ff0ad759. + +ppp still uses the encrypt functions from the libc. musl libc also +provides them. +--- + conform/data/stdlib.h-data | 3 + + conform/data/unistd.h-data | 6 ++ + crypt/cert.c | 26 ----- + crypt/crypt-entry.c | 15 ++- + crypt/crypt.h | 16 +++ + crypt/crypt_util.c | 9 -- + manual/conf.texi | 2 - + manual/crypt.texi | 201 +++++++++++++++++++++++++++++++++++++ + manual/string.texi | 82 +++++++-------- + posix/unistd.h | 22 ++-- + stdlib/stdlib.h | 6 ++ + sunrpc/Makefile | 2 +- + sunrpc/des_crypt.c | 7 +- + sunrpc/des_soft.c | 2 +- + 14 files changed, 303 insertions(+), 96 deletions(-) + +--- a/conform/data/stdlib.h-data ++++ b/conform/data/stdlib.h-data +@@ -149,6 +149,9 @@ function {unsigned short int*} seed48 (u + #if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined XPG4 && !defined XPG42 && !defined UNIX98 + function int setenv (const char*, const char*, int) + #endif ++#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined POSIX2008 ++function void setkey (const char*) ++#endif + #if !defined ISO && !defined ISO99 && !defined ISO11 && !defined XPG4 && !defined POSIX && !defined POSIX2008 + function {char*} setstate (char*) + #endif +--- a/conform/data/unistd.h-data ++++ b/conform/data/unistd.h-data +@@ -437,6 +437,9 @@ function int chroot (const char*) + function int chown (const char*, uid_t, gid_t) + function int close (int) + function size_t confstr (int, char*, size_t) ++#if !defined POSIX && !defined POSIX2008 ++function {char*} crypt (const char*, const char*) ++#endif + #if defined XPG4 || defined XPG42 || defined UNIX98 + function {char*} ctermid (char*) + function {char*} cuserid (char*) +@@ -446,6 +449,9 @@ allow cuserid + #endif + function int dup (int) + function int dup2 (int, int) ++#if !defined POSIX && !defined POSIX2008 ++function void encrypt (char[64], int) ++#endif + function int execl (const char*, const char*, ...) + function int execle (const char*, const char*, ...) + function int execlp (const char*, const char*, ...) +--- a/crypt/cert.c ++++ b/crypt/cert.c +@@ -10,22 +10,6 @@ + #include + #include "crypt.h" + +-/* This file tests the deprecated setkey/encrypt interface. */ +-#include +-#if TEST_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) +- +-#define libcrypt_version_reference(symbol, version) \ +- _libcrypt_version_reference (symbol, VERSION_libcrypt_##version) +-#define _libcrypt_version_reference(symbol, version) \ +- __libcrypt_version_reference (symbol, version) +-#define __libcrypt_version_reference(symbol, version) \ +- __asm__ (".symver " #symbol ", " #symbol "@" #version) +- +-extern void setkey (const char *); +-extern void encrypt (const char *, int); +-libcrypt_version_reference (setkey, GLIBC_2_0); +-libcrypt_version_reference (encrypt, GLIBC_2_0); +- + int totfails = 0; + + int main (int argc, char *argv[]); +@@ -120,13 +104,3 @@ put8 (char *cp) + printf("%02x", t); + } + } +- +-#else /* encrypt and setkey are not available. */ +- +-int +-main (void) +-{ +- return 77; /* UNSUPPORTED */ +-} +- +-#endif +--- a/crypt/crypt-entry.c ++++ b/crypt/crypt-entry.c +@@ -35,7 +35,6 @@ + #endif + + #include "crypt-private.h" +-#include + + /* Prototypes for local functions. */ + #ifndef __GNU_LIBRARY__ +@@ -177,7 +176,17 @@ crypt (const char *key, const char *salt + return __crypt_r (key, salt, &_ufc_foobar); + } + +-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) ++ ++/* ++ * To make fcrypt users happy. ++ * They don't need to call init_des. ++ */ ++#ifdef _LIBC + weak_alias (crypt, fcrypt) +-compat_symbol (libcrypt, fcrypt, fcrypt, GLIBC_2_0); ++#else ++char * ++__fcrypt (const char *key, const char *salt) ++{ ++ return crypt (key, salt); ++} + #endif +--- a/crypt/crypt.h ++++ b/crypt/crypt.h +@@ -36,6 +36,14 @@ __BEGIN_DECLS + extern char *crypt (const char *__phrase, const char *__salt) + __THROW __nonnull ((1, 2)); + ++/* Setup DES tables according KEY. */ ++extern void setkey (const char *__key) __THROW __nonnull ((1)); ++ ++/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt ++ block in place. */ ++extern void encrypt (char *__glibc_block, int __edflag) ++ __THROW __nonnull ((1)); ++ + #ifdef __USE_GNU + + /* This structure provides scratch and output buffers for 'crypt_r'. +@@ -63,6 +71,14 @@ struct crypt_data + extern char *crypt_r (const char *__phrase, const char *__salt, + struct crypt_data * __restrict __data) + __THROW __nonnull ((1, 2, 3)); ++ ++extern void setkey_r (const char *__key, ++ struct crypt_data * __restrict __data) ++ __THROW __nonnull ((1, 2)); ++ ++extern void encrypt_r (char *__glibc_block, int __edflag, ++ struct crypt_data * __restrict __data) ++ __THROW __nonnull ((1, 3)); + #endif + + __END_DECLS +--- a/crypt/crypt_util.c ++++ b/crypt/crypt_util.c +@@ -34,7 +34,6 @@ + #endif + + #include "crypt-private.h" +-#include + + /* Prototypes for local functions. */ + #ifndef __GNU_LIBRARY__ +@@ -151,7 +150,6 @@ static const int sbox[8][4][16]= { + } + }; + +-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) + /* + * This is the initial + * permutation matrix +@@ -162,7 +160,6 @@ static const int initial_perm[64] = { + 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, + 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 + }; +-#endif + + /* + * This is the final +@@ -788,7 +785,6 @@ _ufc_output_conversion_r (ufc_long v1, u + __data->crypt_3_buf[13] = 0; + } + +-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) + + /* + * UNIX encrypt function. Takes a bitvector +@@ -889,14 +885,12 @@ __encrypt_r (char *__block, int __edflag + } + } + weak_alias (__encrypt_r, encrypt_r) +-compat_symbol (libcrypt, encrypt_r, encrypt_r, GLIBC_2_0); + + void + encrypt (char *__block, int __edflag) + { + __encrypt_r(__block, __edflag, &_ufc_foobar); + } +-compat_symbol (libcrypt, encrypt, encrypt, GLIBC_2_0); + + + /* +@@ -921,15 +915,12 @@ __setkey_r (const char *__key, struct cr + _ufc_mk_keytab_r((char *) ktab, __data); + } + weak_alias (__setkey_r, setkey_r) +-compat_symbol (libcrypt, setkey_r, setkey_r, GLIBC_2_0); + + void + setkey (const char *__key) + { + __setkey_r(__key, &_ufc_foobar); + } +-compat_symbol (libcrypt, setkey, setkey, GLIBC_2_0); +-#endif /* SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) */ + + void + __b64_from_24bit (char **cp, int *buflen, +--- a/manual/conf.texi ++++ b/manual/conf.texi +@@ -780,8 +780,6 @@ Inquire about the parameter correspondin + @item _SC_XOPEN_CRYPT + @standards{X/Open, unistd.h} + Inquire about the parameter corresponding to @code{_XOPEN_CRYPT}. +-@Theglibc no longer implements the @code{_XOPEN_CRYPT} extensions, +-so @samp{sysconf (_SC_XOPEN_CRYPT)} always returns @code{-1}. + + @item _SC_XOPEN_ENH_I18N + @standards{X/Open, unistd.h} +--- a/manual/crypt.texi ++++ b/manual/crypt.texi +@@ -16,8 +16,19 @@ subject to them, even if you do not use + yourself. The restrictions vary from place to place and are changed + often, so we cannot give any more specific advice than this warning. + ++@vindex AUTH_DES ++@cindex FIPS 140-2 ++It also provides support for Secure RPC, and some library functions that ++can be used to perform normal DES encryption. The @code{AUTH_DES} ++authentication flavor in Secure RPC, as provided by @theglibc{}, ++uses DES and does not comply with FIPS 140-2 nor does any other use of DES ++within @theglibc{}. It is recommended that Secure RPC should not be used ++for systems that need to comply with FIPS 140-2 since all flavors of ++encrypted authentication use normal DES. ++ + @menu + * Passphrase Storage:: One-way hashing for passphrases. ++* DES Encryption:: Routines for DES encryption. + * Unpredictable Bytes:: Randomness for cryptographic purposes. + @end menu + +@@ -200,6 +211,196 @@ hashes for the same passphrase. + @include testpass.c.texi + @end smallexample + ++@node DES Encryption ++@section DES Encryption ++ ++@cindex FIPS 46-3 ++The Data Encryption Standard is described in the US Government Federal ++Information Processing Standards (FIPS) 46-3 published by the National ++Institute of Standards and Technology. The DES has been very thoroughly ++analyzed since it was developed in the late 1970s, and no new ++significant flaws have been found. ++ ++However, the DES uses only a 56-bit key (plus 8 parity bits), and a ++machine has been built in 1998 which can search through all possible ++keys in about 6 days, which cost about US$200000; faster searches would ++be possible with more money. This makes simple DES insecure for most ++purposes, and NIST no longer permits new US government systems ++to use simple DES. ++ ++For serious encryption functionality, it is recommended that one of the ++many free encryption libraries be used instead of these routines. ++ ++The DES is a reversible operation which takes a 64-bit block and a ++64-bit key, and produces another 64-bit block. Usually the bits are ++numbered so that the most-significant bit, the first bit, of each block ++is numbered 1. ++ ++Under that numbering, every 8th bit of the key (the 8th, 16th, and so ++on) is not used by the encryption algorithm itself. But the key must ++have odd parity; that is, out of bits 1 through 8, and 9 through 16, and ++so on, there must be an odd number of `1' bits, and this completely ++specifies the unused bits. ++ ++@deftypefun void setkey (const char *@var{key}) ++@standards{BSD, crypt.h} ++@standards{SVID, crypt.h} ++@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++@c The static buffer stores the key, making it fundamentally ++@c thread-unsafe. The locking issues are only in the initialization ++@c path; cancelling the initialization will leave the lock held, it ++@c would otherwise repeat the initialization on the next call. ++ ++The @code{setkey} function sets an internal data structure to be an ++expanded form of @var{key}. @var{key} is specified as an array of 64 ++bits each stored in a @code{char}, the first bit is @code{key[0]} and ++the 64th bit is @code{key[63]}. The @var{key} should have the correct ++parity. ++@end deftypefun ++ ++@deftypefun void encrypt (char *@var{block}, int @var{edflag}) ++@standards{BSD, crypt.h} ++@standards{SVID, crypt.h} ++@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++@c Same issues as setkey. ++ ++The @code{encrypt} function encrypts @var{block} if ++@var{edflag} is 0, otherwise it decrypts @var{block}, using a key ++previously set by @code{setkey}. The result is ++placed in @var{block}. ++ ++Like @code{setkey}, @var{block} is specified as an array of 64 bits each ++stored in a @code{char}, but there are no parity bits in @var{block}. ++@end deftypefun ++ ++@deftypefun void setkey_r (const char *@var{key}, {struct crypt_data *} @var{data}) ++@deftypefunx void encrypt_r (char *@var{block}, int @var{edflag}, {struct crypt_data *} @var{data}) ++@standards{GNU, crypt.h} ++@c setkey_r: @safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++@safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++ ++These are reentrant versions of @code{setkey} and @code{encrypt}. The ++only difference is the extra parameter, which stores the expanded ++version of @var{key}. Before calling @code{setkey_r} the first time, ++@code{data->initialized} must be cleared to zero. ++@end deftypefun ++ ++The @code{setkey_r} and @code{encrypt_r} functions are GNU extensions. ++@code{setkey}, @code{encrypt}, @code{setkey_r}, and @code{encrypt_r} are ++defined in @file{crypt.h}. ++ ++@deftypefun int ecb_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++ ++The function @code{ecb_crypt} encrypts or decrypts one or more blocks ++using DES. Each block is encrypted independently. ++ ++The @var{blocks} and the @var{key} are stored packed in 8-bit bytes, so ++that the first bit of the key is the most-significant bit of ++@code{key[0]} and the 63rd bit of the key is stored as the ++least-significant bit of @code{key[7]}. The @var{key} should have the ++correct parity. ++ ++@var{len} is the number of bytes in @var{blocks}. It should be a ++multiple of 8 (so that there are a whole number of blocks to encrypt). ++@var{len} is limited to a maximum of @code{DES_MAXDATA} bytes. ++ ++The result of the encryption replaces the input in @var{blocks}. ++ ++The @var{mode} parameter is the bitwise OR of two of the following: ++ ++@vtable @code ++@item DES_ENCRYPT ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, specifies that ++@var{blocks} is to be encrypted. ++ ++@item DES_DECRYPT ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, specifies that ++@var{blocks} is to be decrypted. ++ ++@item DES_HW ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, asks to use a hardware ++device. If no hardware device is available, encryption happens anyway, ++but in software. ++ ++@item DES_SW ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, specifies that no ++hardware device is to be used. ++@end vtable ++ ++The result of the function will be one of these values: ++ ++@vtable @code ++@item DESERR_NONE ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption succeeded. ++ ++@item DESERR_NOHWDEVICE ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption succeeded, but there was no hardware device available. ++ ++@item DESERR_HWERROR ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption failed because of a hardware problem. ++ ++@item DESERR_BADPARAM ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption failed because of a bad parameter, for instance @var{len} ++is not a multiple of 8 or @var{len} is larger than @code{DES_MAXDATA}. ++@end vtable ++@end deftypefun ++ ++@deftypefun int DES_FAILED (int @var{err}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++This macro returns 1 if @var{err} is a `success' result code from ++@code{ecb_crypt} or @code{cbc_crypt}, and 0 otherwise. ++@end deftypefun ++ ++@deftypefun int cbc_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode}, char *@var{ivec}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++ ++The function @code{cbc_crypt} encrypts or decrypts one or more blocks ++using DES in Cipher Block Chaining mode. ++ ++For encryption in CBC mode, each block is exclusive-ored with @var{ivec} ++before being encrypted, then @var{ivec} is replaced with the result of ++the encryption, then the next block is processed. Decryption is the ++reverse of this process. ++ ++This has the advantage that blocks which are the same before being ++encrypted are very unlikely to be the same after being encrypted, making ++it much harder to detect patterns in the data. ++ ++Usually, @var{ivec} is set to 8 random bytes before encryption starts. ++Then the 8 random bytes are transmitted along with the encrypted data ++(without themselves being encrypted), and passed back in as @var{ivec} ++for decryption. Another possibility is to set @var{ivec} to 8 zeroes ++initially, and have the first block encrypted consist of 8 random ++bytes. ++ ++Otherwise, all the parameters are similar to those for @code{ecb_crypt}. ++@end deftypefun ++ ++@deftypefun void des_setparity (char *@var{key}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++ ++The function @code{des_setparity} changes the 64-bit @var{key}, stored ++packed in 8-bit bytes, to have odd parity by altering the low bits of ++each byte. ++@end deftypefun ++ ++The @code{ecb_crypt}, @code{cbc_crypt}, and @code{des_setparity} ++functions and their accompanying macros are all defined in the header ++@file{rpc/des_crypt.h}. ++ + @node Unpredictable Bytes + @section Generating Unpredictable Bytes + @cindex randomness source +--- a/manual/string.texi ++++ b/manual/string.texi +@@ -36,8 +36,8 @@ too. + for delimiters. + * Erasing Sensitive Data:: Clearing memory which contains sensitive + data, after it's no longer needed. +-* Shuffling Bytes:: Or how to flash-cook a string. +-* Obfuscating Data:: Reversibly obscuring data from casual view. ++* strfry:: Function for flash-cooking a string. ++* Trivial Encryption:: Obscuring data. + * Encode Binary Data:: Encoding and Decoding of Binary Data. + * Argz and Envz Vectors:: Null-separated string vectors. + @end menu +@@ -2426,73 +2426,73 @@ functionality under a different name, su + systems it may be in @file{strings.h} instead. + @end deftypefun + +- +-@node Shuffling Bytes +-@section Shuffling Bytes ++@node strfry ++@section strfry + + The function below addresses the perennial programming quandary: ``How do + I take good data in string form and painlessly turn it into garbage?'' +-This is not a difficult thing to code for oneself, but the authors of +-@theglibc{} wish to make it as convenient as possible. ++This is actually a fairly simple task for C programmers who do not use ++@theglibc{} string functions, but for programs based on @theglibc{}, ++the @code{strfry} function is the preferred method for ++destroying string data. + +-To @emph{erase} data, use @code{explicit_bzero} (@pxref{Erasing +-Sensitive Data}); to obfuscate it reversibly, use @code{memfrob} +-(@pxref{Obfuscating Data}). ++The prototype for this function is in @file{string.h}. + + @deftypefun {char *} strfry (char *@var{string}) + @standards{GNU, string.h} + @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} + @c Calls initstate_r, time, getpid, strlen, and random_r. + +-@code{strfry} performs an in-place shuffle on @var{string}. Each +-character is swapped to a position selected at random, within the +-portion of the string starting with the character's original position. +-(This is the Fisher-Yates algorithm for unbiased shuffling.) +- +-Calling @code{strfry} will not disturb any of the random number +-generators that have global state (@pxref{Pseudo-Random Numbers}). ++@code{strfry} creates a pseudorandom anagram of a string, replacing the ++input with the anagram in place. For each position in the string, ++@code{strfry} swaps it with a position in the string selected at random ++(from a uniform distribution). The two positions may be the same. + + The return value of @code{strfry} is always @var{string}. + + @strong{Portability Note:} This function is unique to @theglibc{}. +-It is declared in @file{string.h}. ++ + @end deftypefun + + +-@node Obfuscating Data +-@section Obfuscating Data ++@node Trivial Encryption ++@section Trivial Encryption ++@cindex encryption ++ ++ ++The @code{memfrob} function converts an array of data to something ++unrecognizable and back again. It is not encryption in its usual sense ++since it is easy for someone to convert the encrypted data back to clear ++text. The transformation is analogous to Usenet's ``Rot13'' encryption ++method for obscuring offensive jokes from sensitive eyes and such. ++Unlike Rot13, @code{memfrob} works on arbitrary binary data, not just ++text. + @cindex Rot13 + +-The @code{memfrob} function reversibly obfuscates an array of binary +-data. This is not true encryption; the obfuscated data still bears a +-clear relationship to the original, and no secret key is required to +-undo the obfuscation. It is analogous to the ``Rot13'' cipher used on +-Usenet for obscuring offensive jokes, spoilers for works of fiction, +-and so on, but it can be applied to arbitrary binary data. +- +-Programs that need true encryption---a transformation that completely +-obscures the original and cannot be reversed without knowledge of a +-secret key---should use a dedicated cryptography library, such as +-@uref{https://www.gnu.org/software/libgcrypt/,,libgcrypt}. +- +-Programs that need to @emph{destroy} data should use +-@code{explicit_bzero} (@pxref{Erasing Sensitive Data}), or possibly +-@code{strfry} (@pxref{Shuffling Bytes}). ++For true encryption, @xref{Cryptographic Functions}. ++ ++This function is declared in @file{string.h}. ++@pindex string.h + + @deftypefun {void *} memfrob (void *@var{mem}, size_t @var{length}) + @standards{GNU, string.h} + @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} + +-The function @code{memfrob} obfuscates @var{length} bytes of data +-beginning at @var{mem}, in place. Each byte is bitwise xor-ed with +-the binary pattern 00101010 (hexadecimal 0x2A). The return value is +-always @var{mem}. +- +-@code{memfrob} a second time on the same data returns it to +-its original state. ++@code{memfrob} transforms (frobnicates) each byte of the data structure ++at @var{mem}, which is @var{length} bytes long, by bitwise exclusive ++oring it with binary 00101010. It does the transformation in place and ++its return value is always @var{mem}. ++ ++Note that @code{memfrob} a second time on the same data structure ++returns it to its original state. ++ ++This is a good function for hiding information from someone who doesn't ++want to see it or doesn't want to see it very much. To really prevent ++people from retrieving the information, use stronger encryption such as ++that described in @xref{Cryptographic Functions}. + + @strong{Portability Note:} This function is unique to @theglibc{}. +-It is declared in @file{string.h}. ++ + @end deftypefun + + @node Encode Binary Data +--- a/posix/unistd.h ++++ b/posix/unistd.h +@@ -107,6 +107,9 @@ __BEGIN_DECLS + /* The X/Open Unix extensions are available. */ + #define _XOPEN_UNIX 1 + ++/* Encryption is present. */ ++#define _XOPEN_CRYPT 1 ++ + /* The enhanced internationalization capabilities according to XPG4.2 + are present. */ + #define _XOPEN_ENH_I18N 1 +@@ -1115,17 +1118,20 @@ ssize_t copy_file_range (int __infd, __o + extern int fdatasync (int __fildes); + #endif /* Use POSIX199309 */ + +-#ifdef __USE_MISC +-/* One-way hash PHRASE, returning a string suitable for storage in the +- user database. SALT selects the one-way function to use, and +- ensures that no two users' hashes are the same, even if they use +- the same passphrase. The return value points to static storage +- which will be overwritten by the next call to crypt. */ ++ ++/* XPG4.2 specifies that prototypes for the encryption functions must ++ be defined here. */ ++#ifdef __USE_XOPEN ++/* Encrypt at most 8 characters from KEY using salt to perturb DES. */ + extern char *crypt (const char *__key, const char *__salt) + __THROW __nonnull ((1, 2)); +-#endif + +-#ifdef __USE_XOPEN ++/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt ++ block in place. */ ++extern void encrypt (char *__glibc_block, int __edflag) ++ __THROW __nonnull ((1)); ++ ++ + /* Swab pairs bytes in the first N bytes of the area pointed to by + FROM and copy the result to TO. The value of TO must not be in the + range [FROM - N + 1, FROM - 1]. If N is odd the first byte in FROM +--- a/stdlib/stdlib.h ++++ b/stdlib/stdlib.h +@@ -961,6 +961,12 @@ extern int getsubopt (char **__restrict + #endif + + ++#ifdef __USE_XOPEN ++/* Setup DES tables according KEY. */ ++extern void setkey (const char *__key) __THROW __nonnull ((1)); ++#endif ++ ++ + /* X/Open pseudo terminal handling. */ + + #ifdef __USE_XOPEN2KXSI +--- a/sunrpc/Makefile ++++ b/sunrpc/Makefile +@@ -51,7 +51,7 @@ rpcsvc = bootparam_prot.x nlm_prot.x rst + headers-sunrpc = $(addprefix rpc/,auth.h auth_unix.h clnt.h pmap_clnt.h \ + pmap_prot.h pmap_rmt.h rpc.h rpc_msg.h \ + svc.h svc_auth.h types.h xdr.h auth_des.h \ +- key_prot.h) \ ++ des_crypt.h key_prot.h rpc_des.h) \ + $(rpcsvc:%=rpcsvc/%) rpcsvc/bootparam.h + headers = rpc/netdb.h + install-others = $(inst_sysconfdir)/rpc +--- a/sunrpc/des_crypt.c ++++ b/sunrpc/des_crypt.c +@@ -86,9 +86,6 @@ common_crypt (char *key, char *buf, regi + return desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE; + } + +-/* Note: these cannot be excluded from the build yet, because they are +- still used internally. */ +- + /* + * CBC mode encryption + */ +@@ -105,7 +102,7 @@ cbc_crypt (char *key, char *buf, unsigne + COPY8 (dp.des_ivec, ivec); + return err; + } +-hidden_nolink (cbc_crypt, libc, GLIBC_2_1) ++libc_hidden_nolink_sunrpc (cbc_crypt, GLIBC_2_1) + + /* + * ECB mode encryption +@@ -118,4 +115,4 @@ ecb_crypt (char *key, char *buf, unsigne + dp.des_mode = ECB; + return common_crypt (key, buf, len, mode, &dp); + } +-hidden_nolink (ecb_crypt, libc, GLIBC_2_1) ++libc_hidden_nolink_sunrpc (ecb_crypt, GLIBC_2_1) +--- a/sunrpc/des_soft.c ++++ b/sunrpc/des_soft.c +@@ -71,4 +71,4 @@ des_setparity (char *p) + p++; + } + } +-hidden_nolink (des_setparity, libc, GLIBC_2_1) ++libc_hidden_nolink_sunrpc (des_setparity, GLIBC_2_1) diff --git a/toolchain/glibc/patches/200-add-dl-search-paths.patch b/toolchain/glibc/patches/200-add-dl-search-paths.patch index 5585ee1f0e..18d751dd1a 100644 --- a/toolchain/glibc/patches/200-add-dl-search-paths.patch +++ b/toolchain/glibc/patches/200-add-dl-search-paths.patch @@ -2,7 +2,7 @@ add /usr/lib to default search path for the dynamic linker --- a/Makeconfig +++ b/Makeconfig -@@ -589,6 +589,9 @@ else +@@ -601,6 +601,9 @@ else default-rpath = $(libdir) endif