From 4745969ad7c0cb65f55c8de1f05eba786ca27f71 Mon Sep 17 00:00:00 2001 From: Mantas Pucka Date: Thu, 16 Apr 2020 09:40:49 +0300 Subject: [PATCH 01/20] generic: spi-nor: fix 4-byte opcode support for w25q256 There are 2 different chips (w25q256fv and w25q256jv) that share the same JEDEC ID. Only w25q256jv fully supports 4-byte opcodes. Use SFDP header version to differentiate between them. Fixes broken reboot on 8devices Habanero since f0f35fdac Signed-off-by: Mantas Pucka --- ...ix-4-byte-opcode-support-for-w25q256.patch | 60 +++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch diff --git a/target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch b/target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch new file mode 100644 index 0000000000..d63aa76319 --- /dev/null +++ b/target/linux/generic/pending-5.4/482-mtd-spi-nor-fix-4-byte-opcode-support-for-w25q256.patch @@ -0,0 +1,60 @@ +From: Mantas Pucka +To: linux-mtd@lists.infradead.org +Subject: [PATCH] mtd: spi-nor: fix 4-byte opcode support for w25q256 +Date: Wed, 15 Apr 2020 16:48:30 +0300 +Message-ID: <1586958510-24012-1-git-send-email-mantas@8devices.com> + +There are 2 different chips (w25q256fv and w25q256jv) that share +the same JEDEC ID. Only w25q256jv fully supports 4-byte opcodes. +Use SFDP header version to differentiate between them. + +for OpenWRT only: rebased to linux-v5.4 + +Signed-off-by: Mantas Pucka +--- + +--- a/drivers/mtd/spi-nor/spi-nor.c ++++ b/drivers/mtd/spi-nor/spi-nor.c +@@ -2170,6 +2170,32 @@ static struct spi_nor_fixups gd25q256_fi + .default_init = gd25q256_default_init, + }; + ++static int ++w25q256_post_bfpt_fixups(struct spi_nor *nor, ++ const struct sfdp_parameter_header *bfpt_header, ++ const struct sfdp_bfpt *bfpt, ++ struct spi_nor_flash_parameter *params) ++{ ++ /* ++ * W25Q256JV supports 4B opcodes but W25Q256FV does not. ++ * Unfortunately, Winbond has re-used the same JEDEC ID for both ++ * variants which prevents us from defining a new entry in the parts ++ * table. ++ * To differentiate between W25Q256JV and W25Q256FV check SFDP header ++ * version: only JV has JESD216A compliant structure (version 5) ++ */ ++ ++ if (bfpt_header->major == SFDP_JESD216_MAJOR && ++ bfpt_header->minor == SFDP_JESD216A_MINOR) ++ nor->flags |= SNOR_F_4B_OPCODES; ++ ++ return 0; ++} ++ ++static struct spi_nor_fixups w25q256_fixups = { ++ .post_bfpt = w25q256_post_bfpt_fixups, ++}; ++ + /* NOTE: double check command sets and memory organization when you add + * more nor chips. This current list focusses on newer chips, which + * have been converging on command sets which including JEDEC ID. +@@ -2508,7 +2534,8 @@ static const struct flash_info spi_nor_i + { "w25q80", INFO(0xef5014, 0, 64 * 1024, 16, SECT_4K) }, + { "w25q80bl", INFO(0xef4014, 0, 64 * 1024, 16, SECT_4K) }, + { "w25q128", INFO(0xef4018, 0, 64 * 1024, 256, SECT_4K) }, +- { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) }, ++ { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) ++ .fixups = &w25q256_fixups }, + { "w25q256jvm", INFO(0xef7019, 0, 64 * 1024, 512, + SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) }, + { "w25m512jv", INFO(0xef7119, 0, 64 * 1024, 1024, From 7dc82528a2751b672098faa13b58c6f214eb3b23 Mon Sep 17 00:00:00 2001 From: DENG Qingfang Date: Mon, 6 Apr 2020 13:17:43 +0800 Subject: [PATCH 02/20] ramips: increase HiWiFi HC5962 kernel partition to 4M Increase kernel partition because 2M is insufficient for 5.4 Because the partition changes, previous version of OpenWrt cannot upgrade to this version, and requires a new installation Recovery to stock instruction: 1. Download stock firmware at http://ur.ikcd.net/HC5962-sysupgrade-20171221-b00a04d1.bin 2. Power off the router 3. Press and hold the reset button for 4~6 sec while power it back on 4. Connect a PC to router's LAN 5. Visit http://192.168.2.1 and upload the firmware Then repeat the instruction in edae3479e64e to install OpenWrt Signed-off-by: DENG Qingfang --- target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts | 6 +++--- target/linux/ramips/image/mt7621.mk | 5 +---- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts b/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts index 9d60d509ab..ec76b35840 100644 --- a/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts +++ b/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts @@ -74,12 +74,12 @@ partition@140000 { label = "kernel"; - reg = <0x140000 0x200000>; + reg = <0x140000 0x400000>; }; - partition@340000 { + partition@540000 { label = "ubi"; - reg = <0x340000 0x1E00000>; + reg = <0x540000 0x1c00000>; }; partition@2140000 { diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk index 6e64fb8bf1..a72f758c96 100644 --- a/target/linux/ramips/image/mt7621.mk +++ b/target/linux/ramips/image/mt7621.mk @@ -339,7 +339,7 @@ TARGET_DEVICES += gnubee_gb-pc2 define Device/hiwifi_hc5962 BLOCKSIZE := 128k PAGESIZE := 2048 - KERNEL_SIZE := 2097152 + KERNEL_SIZE := 4096k UBINIZE_OPTS := -E 5 IMAGE_SIZE := 32768k IMAGES += factory.bin @@ -349,9 +349,6 @@ define Device/hiwifi_hc5962 DEVICE_VENDOR := HiWiFi DEVICE_MODEL := HC5962 DEVICE_PACKAGES := kmod-mt7603 kmod-mt76x2 kmod-usb3 wpad-basic - SUPPORTED_DEVICES += hc5962 - # Kernel partition too small - DEFAULT := n endef TARGET_DEVICES += hiwifi_hc5962 From d74fb0088c5bc89ba080816921699a980966d015 Mon Sep 17 00:00:00 2001 From: DENG Qingfang Date: Mon, 6 Apr 2020 13:17:47 +0800 Subject: [PATCH 03/20] ramips: use all reserved space for HiWiFi HC5962 These stock partitons: "backup", "hw_panic", "overly", firmware_backup", "opt" do not contain any device-specific data and can be used for /overlay, resulting in 121M space Signed-off-by: DENG Qingfang --- .../linux/ramips/dts/mt7621_hiwifi_hc5962.dts | 55 ++++++++----------- target/linux/ramips/mt7621/config-5.4 | 1 + 2 files changed, 23 insertions(+), 33 deletions(-) diff --git a/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts b/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts index ec76b35840..1bbfc157ae 100644 --- a/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts +++ b/target/linux/ramips/dts/mt7621_hiwifi_hc5962.dts @@ -44,6 +44,22 @@ linux,code = ; }; }; + + ubi-concat { + compatible = "mtd-concat"; + devices = <&ubipart0 &ubipart1>; + + partitions { + compatible = "fixed-partitions"; + #address-cells = <1>; + #size-cells = <1>; + + ubi@0 { + label = "ubi"; + reg = <0x0 0x79c0000>; + }; + }; + }; }; &nand { @@ -77,15 +93,9 @@ reg = <0x140000 0x400000>; }; - partition@540000 { - label = "ubi"; - reg = <0x540000 0x1c00000>; - }; - - partition@2140000 { - label = "hw_panic"; - reg = <0x2140000 0x80000>; - read-only; + ubipart0: partition@540000 { + label = "ubipart0"; + reg = <0x540000 0x1c80000>; }; partition@21c0000 { @@ -94,30 +104,9 @@ read-only; }; - partition@2240000 { - label = "backup"; - reg = <0x2240000 0x80000>; - read-only; - }; - - partition@22c0000 { - label = "overly"; - reg = <0x22c0000 0x1000000>; - }; - - partition@32c0000 { - label = "firmware_backup"; - reg = <0x32c0000 0x2000000>; - }; - - partition@52c0000 { - label = "oem"; - reg = <0x52c0000 0x200000>; - }; - - partition@54c0000 { - label = "opt"; - reg = <0x54c0000 0x2ac0000>; + ubipart1: partition@2240000 { + label = "ubipart1"; + reg = <0x2240000 0x5d40000>; }; }; }; diff --git a/target/linux/ramips/mt7621/config-5.4 b/target/linux/ramips/mt7621/config-5.4 index 2d887d776b..e91003d8d2 100644 --- a/target/linux/ramips/mt7621/config-5.4 +++ b/target/linux/ramips/mt7621/config-5.4 @@ -217,6 +217,7 @@ CONFIG_MTD_UBI_BLOCK=y # CONFIG_MTD_UBI_FASTMAP is not set # CONFIG_MTD_UBI_GLUEBI is not set CONFIG_MTD_UBI_WL_THRESHOLD=4096 +CONFIG_MTD_VIRT_CONCAT=y # CONFIG_MTK_HSDMA is not set CONFIG_NEED_DMA_MAP_STATE=y CONFIG_NET_DEVLINK=y From 2fac1322f73f8a808494380c46a242a16bf9afc7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20van=20Dorst?= Date: Thu, 9 Apr 2020 14:03:13 +0200 Subject: [PATCH 04/20] ramips: mt7621: Ubiquiti ER-X: fix gpio number for POE enable gpio MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit With v5.4 kernel a new gpio driver is used. GPIO numbering has changed so update 03_gpio_switches too. Signed-off-by: René van Dorst --- .../linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches b/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches index 91a9459d8c..a8162c10f7 100755 --- a/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches +++ b/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches @@ -14,7 +14,7 @@ telco-electronics,x1) ucidef_add_gpio_switch "modem_reset" "Modem Reset" "16" ;; ubnt,edgerouter-x) - ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "0" + ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "480" ;; ubnt,edgerouter-x-sfp) ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "496" From d682dcc939dc65dc7603083e27775e4dee577647 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ren=C3=A9=20van=20Dorst?= Date: Tue, 7 Apr 2020 22:00:20 +0200 Subject: [PATCH 05/20] ramips: mt7621: Ubiquiti ER-X-SFP: fix gpio numbers for POE enable gpios MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit With v5.4 kernel a new gpio driver is used. GPIO numbering has changed so update 03_gpio_switches too. Signed-off-by: René van Dorst --- .../mt7621/base-files/etc/board.d/03_gpio_switches | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches b/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches index a8162c10f7..24bfcb2051 100755 --- a/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches +++ b/target/linux/ramips/mt7621/base-files/etc/board.d/03_gpio_switches @@ -17,11 +17,11 @@ ubnt,edgerouter-x) ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "480" ;; ubnt,edgerouter-x-sfp) - ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "496" - ucidef_add_gpio_switch "poe_power_port1" "PoE Power Port1" "497" - ucidef_add_gpio_switch "poe_power_port2" "PoE Power Port2" "498" - ucidef_add_gpio_switch "poe_power_port3" "PoE Power Port3" "499" - ucidef_add_gpio_switch "poe_power_port4" "PoE Power Port4" "500" + ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "400" + ucidef_add_gpio_switch "poe_power_port1" "PoE Power Port1" "401" + ucidef_add_gpio_switch "poe_power_port2" "PoE Power Port2" "402" + ucidef_add_gpio_switch "poe_power_port3" "PoE Power Port3" "403" + ucidef_add_gpio_switch "poe_power_port4" "PoE Power Port4" "404" ;; esac From 9169482f640ca840ff478ddd03ee2cb275d21c23 Mon Sep 17 00:00:00 2001 From: Sungbo Eo Date: Fri, 27 Sep 2019 00:21:25 +0900 Subject: [PATCH 06/20] ramips: add support for ipTIME A1004ns ipTIME A1004ns is a 2.4/5GHz band AC750 router, based on MediaTek MT7620A. Specifications: - SoC: MT7620A - RAM: DDR2 128MB - Flash: SPI NOR 16MB - WiFi: - 2.4GHz: SoC internal - 5GHz: MT7610EN - Ethernet: 5x 10/100/1000Mbps - Switch: MT7530BU - USB: 1x 2.0 - UART: - J2: 3.3V, TX, RX, GND (3.3V is the square pad) / 57600 8N1 Installation via web interface: 1. Flash **initramfs** image through the stock web interface. 2. Boot into OpenWrt and perform sysupgrade with sysupgrade image. Revert to stock firmware: 1. Perform sysupgrade with stock image. Signed-off-by: Sungbo Eo --- .../ramips/dts/mt7620a_iptime_a1004ns.dts | 104 ++++++++++++++++++ target/linux/ramips/image/mt7620.mk | 11 ++ .../mt7620/base-files/etc/board.d/02_network | 6 +- 3 files changed, 120 insertions(+), 1 deletion(-) create mode 100644 target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts diff --git a/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts b/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts new file mode 100644 index 0000000000..02b674963b --- /dev/null +++ b/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts @@ -0,0 +1,104 @@ +// SPDX-License-Identifier: GPL-2.0-or-later OR MIT +/dts-v1/; + +#include "mt7620a_iptime.dtsi" + +/ { + compatible = "iptime,a1004ns", "ralink,mt7620a-soc"; + model = "ipTIME A1004ns"; + + aliases { + led-boot = &led_cpu; + led-failsafe = &led_cpu; + led-running = &led_cpu; + led-upgrade = &led_cpu; + }; + + leds { + compatible = "gpio-leds"; + + led_cpu: cpu { + label = "a1004ns:blue:cpu"; + gpios = <&gpio0 11 GPIO_ACTIVE_LOW>; + }; + + usb { + label = "a1004ns:blue:usb"; + gpios = <&gpio1 15 GPIO_ACTIVE_LOW>; + trigger-sources = <&ohci_port1>, <&ehci_port1>; + linux,default-trigger = "usbport"; + }; + }; + + keys { + compatible = "gpio-keys"; + + reset { + label = "reset"; + gpios = <&gpio0 1 GPIO_ACTIVE_LOW>; + linux,code = ; + }; + + wps { + label = "wps"; + gpios = <&gpio0 2 GPIO_ACTIVE_LOW>; + linux,code = ; + }; + }; +}; + +&firmware { + reg = <0x30000 0xfd0000>; +}; + +&state_default { + gpio { + ralink,group = "i2c", "uartf", "spi refclk"; + ralink,function = "gpio"; + }; +}; + +ðernet { + pinctrl-names = "default"; + pinctrl-0 = <&rgmii1_pins &mdio_pins>; + + port@5 { + status = "okay"; + mediatek,fixed-link = <1000 1 1 1>; + phy-mode = "rgmii"; + }; + + mdio-bus { + status = "okay"; + + ethernet-phy@0 { + reg = <0>; + phy-mode = "rgmii"; + }; + + ethernet-phy@1 { + reg = <1>; + phy-mode = "rgmii"; + }; + + ethernet-phy@2 { + reg = <2>; + phy-mode = "rgmii"; + }; + + ethernet-phy@3 { + reg = <3>; + phy-mode = "rgmii"; + }; + + ethernet-phy@4 { + reg = <4>; + phy-mode = "rgmii"; + }; + + ethernet-phy@1f { + reg = <0x1f>; + phy-mode = "rgmii"; + }; + }; +}; diff --git a/target/linux/ramips/image/mt7620.mk b/target/linux/ramips/image/mt7620.mk index 818fd12de7..69b9b7d7fd 100644 --- a/target/linux/ramips/image/mt7620.mk +++ b/target/linux/ramips/image/mt7620.mk @@ -503,6 +503,17 @@ define Device/iodata_wn-ac733gr3 endef TARGET_DEVICES += iodata_wn-ac733gr3 +define Device/iptime_a1004ns + SOC := mt7620a + IMAGE_SIZE := 16192k + UIMAGE_NAME := a1004ns + DEVICE_VENDOR := ipTIME + DEVICE_MODEL := A1004ns + DEVICE_PACKAGES := kmod-mt76x0e kmod-usb2 kmod-usb-ohci \ + kmod-usb-ledtrig-usbport +endef +TARGET_DEVICES += iptime_a1004ns + define Device/iptime_a104ns SOC := mt7620a IMAGE_SIZE := 8000k diff --git a/target/linux/ramips/mt7620/base-files/etc/board.d/02_network b/target/linux/ramips/mt7620/base-files/etc/board.d/02_network index 44a9db6ece..8ae50b3df5 100755 --- a/target/linux/ramips/mt7620/base-files/etc/board.d/02_network +++ b/target/linux/ramips/mt7620/base-files/etc/board.d/02_network @@ -143,7 +143,8 @@ ramips_setup_interfaces() "0:lan" "1:lan" "5:wan" "6@eth0" ;; iodata,wn-ac1167gr|\ - iodata,wn-ac733gr3) + iodata,wn-ac733gr3|\ + iptime,a1004ns) ucidef_add_switch "switch0" ucidef_add_switch_attr "switch0" "enable" "false" ucidef_add_switch "switch1" \ @@ -312,6 +313,9 @@ ramips_setup_macs() iodata,wn-ac733gr3) wan_mac=$(mtd_get_mac_ascii u-boot-env wanaddr) ;; + iptime,a1004ns) + wan_mac=$(mtd_get_mac_binary u-boot 0x1fc40) + ;; iptime,a104ns) wan_mac=$(macaddr_add "$(mtd_get_mac_binary u-boot 0x1fc20)" 2) ;; From 13a185bf8acb67da4a68873e560876c0e60b1a87 Mon Sep 17 00:00:00 2001 From: Sungbo Eo Date: Sun, 5 Apr 2020 14:11:34 +0900 Subject: [PATCH 07/20] ramips: increase spi-max-frequency for ipTIME mt7620 devices This commit increases the hardware SPI frequency from 24.2MHz to 48.3MHz. [ 5.314163] m25p80 spi0.0: speed: 24166666/40000000, rate: 8, prescal: 2, loops: 226 [ 5.076323] m25p80 spi0.0: speed: 48333333/50000000, rate: 4, prescal: 1, loops: 162 `time cat /dev/mtd2 >/dev/null` is reduced from 5.64s to 4.36s on A104ns, and from 11.39s to 8.81s on A1004ns. Signed-off-by: Sungbo Eo --- target/linux/ramips/dts/mt7620a_iptime.dtsi | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/linux/ramips/dts/mt7620a_iptime.dtsi b/target/linux/ramips/dts/mt7620a_iptime.dtsi index 5a6fdacb52..c7c90ca722 100644 --- a/target/linux/ramips/dts/mt7620a_iptime.dtsi +++ b/target/linux/ramips/dts/mt7620a_iptime.dtsi @@ -21,7 +21,7 @@ flash@0 { compatible = "jedec,spi-nor"; reg = <0>; - spi-max-frequency = <40000000>; + spi-max-frequency = <50000000>; partitions { compatible = "fixed-partitions"; From 51c6b14092761588a87d24330a3e37700e4be1b7 Mon Sep 17 00:00:00 2001 From: Chuanhong Guo Date: Sat, 18 Apr 2020 12:51:03 +0800 Subject: [PATCH 08/20] ramips: mt7621: backport more pcie driver fixes Signed-off-by: Chuanhong Guo --- target/linux/ramips/dts/mt7621.dtsi | 9 +- ...ci-properly-power-off-dual-ported-pc.patch | 65 ++++++++ ...t7621-pci-fix-PCIe-interrupt-mapping.patch | 157 ++++++++++++++++++ 3 files changed, 226 insertions(+), 5 deletions(-) create mode 100644 target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch create mode 100644 target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch diff --git a/target/linux/ramips/dts/mt7621.dtsi b/target/linux/ramips/dts/mt7621.dtsi index 63befa1fdc..78979dc420 100644 --- a/target/linux/ramips/dts/mt7621.dtsi +++ b/target/linux/ramips/dts/mt7621.dtsi @@ -568,11 +568,10 @@ 0x01000000 0 0x00000000 0x1e160000 0 0x00010000 /* io space */ >; - #interrupt-cells = <1>; - interrupt-map-mask = <0xF0000 0 0 1>; - interrupt-map = <0x10000 0 0 1 &gic GIC_SHARED 4 IRQ_TYPE_LEVEL_HIGH>, - <0x20000 0 0 1 &gic GIC_SHARED 24 IRQ_TYPE_LEVEL_HIGH>, - <0x30000 0 0 1 &gic GIC_SHARED 25 IRQ_TYPE_LEVEL_HIGH>; + interrupt-parent = <&gic>; + interrupts = ; status = "disabled"; diff --git a/target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch b/target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch new file mode 100644 index 0000000000..9efcb8011a --- /dev/null +++ b/target/linux/ramips/patches-5.4/0120-staging-mt7621-pci-properly-power-off-dual-ported-pc.patch @@ -0,0 +1,65 @@ +From 5fcded5e857cf66c9592e4be28c4dab4520c9177 Mon Sep 17 00:00:00 2001 +From: Sergio Paracuellos +Date: Thu, 9 Apr 2020 13:16:52 +0200 +Subject: [PATCH] staging: mt7621-pci: properly power off dual-ported pcie phy + +Pcie phy for pcie0 and pcie1 is shared using a dual ported +one. Current code was assuming that if nothing is connected +in pcie0 it won't be also nothing connected in pcie1. This +assumtion is wrong for some devices such us 'Mikrotik rbm33g' +and 'ZyXEL LTE3301-PLUS' where only connecting a card to the +second bus on the phy is possible. For such devices kernel +hangs in the same point because of the wrong poweroff of the +phy getting the following trace: + +mt7621-pci-phy 1e149000.pcie-phy: PHY for 0xbe149000 (dual port = 1) +mt7621-pci-phy 1e14a000.pcie-phy: PHY for 0xbe14a000 (dual port = 0) +mt7621-pci-phy 1e149000.pcie-phy: Xtal is 40MHz +mt7621-pci-phy 1e14a000.pcie-phy: Xtal is 40MHz +mt7621-pci 1e140000.pcie: pcie0 no card, disable it (RST & CLK) +[hangs] + +The wrong assumption is located in the 'mt7621_pcie_init_ports' +function where we are just making a power off of the phy for +slots 0 and 2 if nothing is connected in them. Hence, only +poweroff the phy if nothing is connected in both slot 0 and +slot 1 avoiding the kernel to hang. + +Fixes: 5737cfe87a9c ("staging: mt7621-pci: avoid to poweroff the phy for slot one") +Signed-off-by: Sergio Paracuellos +Link: https://lore.kernel.org/r/20200409111652.30964-1-sergio.paracuellos@gmail.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/staging/mt7621-pci/pci-mt7621.c | 12 ++++++++++-- + 1 file changed, 10 insertions(+), 2 deletions(-) + +--- a/drivers/staging/mt7621-pci/pci-mt7621.c ++++ b/drivers/staging/mt7621-pci/pci-mt7621.c +@@ -502,17 +502,25 @@ static void mt7621_pcie_init_ports(struc + + mt7621_pcie_reset_ep_deassert(pcie); + ++ tmp = NULL; + list_for_each_entry(port, &pcie->ports, list) { + u32 slot = port->slot; + + if (!mt7621_pcie_port_is_linkup(port)) { + dev_err(dev, "pcie%d no card, disable it (RST & CLK)\n", + slot); +- if (slot != 1) +- phy_power_off(port->phy); + mt7621_control_assert(port); + mt7621_pcie_port_clk_disable(port); + port->enabled = false; ++ ++ if (slot == 0) { ++ tmp = port; ++ continue; ++ } ++ ++ if (slot == 1 && tmp && !tmp->enabled) ++ phy_power_off(tmp->phy); ++ + } + } + } diff --git a/target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch b/target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch new file mode 100644 index 0000000000..68de6df2db --- /dev/null +++ b/target/linux/ramips/patches-5.4/0121-staging-mt7621-pci-fix-PCIe-interrupt-mapping.patch @@ -0,0 +1,157 @@ +From fab6710e4c51f4eb622f95a08322ab5fdbe3f295 Mon Sep 17 00:00:00 2001 +From: Sergio Paracuellos +Date: Mon, 13 Apr 2020 07:59:42 +0200 +Subject: [PATCH] staging: mt7621-pci: fix PCIe interrupt mapping + +MT7621 has three assigned interrupts for the pcie. This +interrupts should properly being mapped taking into account +which devices are finally connected in which bus according +to link status. So the irq mappings should be as follows +according to link status (three bits indicating which devices +are link up): + +* For PCIe Bus 1 slot 0: + - status = 0x2 || status = 0x6 => IRQ = pcie1_irq (24). + - status = 0x4 => IRQ = pcie2_irq (25). + - default => IRQ = pcie0_irq (23). +* For PCIe Bus 2 slot 0: + - status = 0x5 || status = 0x6 => IRQ = pcie2_irq (25). + - default => IRQ = pcie1_irq (24). +* For PCIe Bus 2 slot 1: + - status = 0x5 || status = 0x6 => IRQ = pcie2_irq (25). + - default => IRQ = pcie1_irq (24). +* For PCIe Bus 3 any slot: + - default => IRQ = pcie2_irq (25). + +Because of this, the function 'of_irq_parse_and_map_pci' cannot +be used and we need to change device tree information from using +the 'interrupt-map' and 'interrupt-map-mask' properties into an +'interrupts' property to be able to get irq information from the +ports using the 'platform_get_irq' and storing an 'irq-map' into +the pcie driver data node to properly map correct irq using a +new 'mt7621_map_irq' function where this map will be read and the +correct irq returned. + +Fixes: 46d093124df4 ("staging: mt7621-pci: improve interrupt mapping") +Signed-off-by: Sergio Paracuellos +Link: https://lore.kernel.org/r/20200413055942.2714-1-sergio.paracuellos@gmail.com +Signed-off-by: Greg Kroah-Hartman +--- + drivers/staging/mt7621-dts/mt7621.dtsi | 9 +++---- + drivers/staging/mt7621-pci/pci-mt7621.c | 36 +++++++++++++++++++++++-- + 2 files changed, 38 insertions(+), 7 deletions(-) + +--- a/drivers/staging/mt7621-pci/pci-mt7621.c ++++ b/drivers/staging/mt7621-pci/pci-mt7621.c +@@ -97,6 +97,7 @@ + * @pcie_rst: pointer to port reset control + * @gpio_rst: gpio reset + * @slot: port slot ++ * @irq: GIC irq + * @enabled: indicates if port is enabled + */ + struct mt7621_pcie_port { +@@ -107,6 +108,7 @@ struct mt7621_pcie_port { + struct reset_control *pcie_rst; + struct gpio_desc *gpio_rst; + u32 slot; ++ int irq; + bool enabled; + }; + +@@ -120,6 +122,7 @@ struct mt7621_pcie_port { + * @dev: Pointer to PCIe device + * @io_map_base: virtual memory base address for io + * @ports: pointer to PCIe port information ++ * @irq_map: irq mapping info according pcie link status + * @resets_inverted: depends on chip revision + * reset lines are inverted. + */ +@@ -135,6 +138,7 @@ struct mt7621_pcie { + } offset; + unsigned long io_map_base; + struct list_head ports; ++ int irq_map[PCIE_P2P_MAX]; + bool resets_inverted; + }; + +@@ -279,6 +283,16 @@ static void setup_cm_memory_region(struc + } + } + ++static int mt7621_map_irq(const struct pci_dev *pdev, u8 slot, u8 pin) ++{ ++ struct mt7621_pcie *pcie = pdev->bus->sysdata; ++ struct device *dev = pcie->dev; ++ int irq = pcie->irq_map[slot]; ++ ++ dev_info(dev, "bus=%d slot=%d irq=%d\n", pdev->bus->number, slot, irq); ++ return irq; ++} ++ + static int mt7621_pci_parse_request_of_pci_ranges(struct mt7621_pcie *pcie) + { + struct device *dev = pcie->dev; +@@ -330,6 +344,7 @@ static int mt7621_pcie_parse_port(struct + { + struct mt7621_pcie_port *port; + struct device *dev = pcie->dev; ++ struct platform_device *pdev = to_platform_device(dev); + struct device_node *pnode = dev->of_node; + struct resource regs; + char name[10]; +@@ -371,6 +386,12 @@ static int mt7621_pcie_parse_port(struct + port->slot = slot; + port->pcie = pcie; + ++ port->irq = platform_get_irq(pdev, slot); ++ if (port->irq < 0) { ++ dev_err(dev, "Failed to get IRQ for PCIe%d\n", slot); ++ return -ENXIO; ++ } ++ + INIT_LIST_HEAD(&port->list); + list_add_tail(&port->list, &pcie->ports); + +@@ -585,13 +606,15 @@ static int mt7621_pcie_init_virtual_brid + { + u32 pcie_link_status = 0; + u32 n; +- int i; ++ int i = 0; + u32 p2p_br_devnum[PCIE_P2P_MAX]; ++ int irqs[PCIE_P2P_MAX]; + struct mt7621_pcie_port *port; + + list_for_each_entry(port, &pcie->ports, list) { + u32 slot = port->slot; + ++ irqs[i++] = port->irq; + if (port->enabled) + pcie_link_status |= BIT(slot); + } +@@ -614,6 +637,15 @@ static int mt7621_pcie_init_virtual_brid + (p2p_br_devnum[1] << PCIE_P2P_BR_DEVNUM1_SHIFT) | + (p2p_br_devnum[2] << PCIE_P2P_BR_DEVNUM2_SHIFT)); + ++ /* Assign IRQs */ ++ n = 0; ++ for (i = 0; i < PCIE_P2P_MAX; i++) ++ if (pcie_link_status & BIT(i)) ++ pcie->irq_map[n++] = irqs[i]; ++ ++ for (i = n; i < PCIE_P2P_MAX; i++) ++ pcie->irq_map[i] = -1; ++ + return 0; + } + +@@ -638,7 +670,7 @@ static int mt7621_pcie_register_host(str + host->busnr = pcie->busn.start; + host->dev.parent = pcie->dev; + host->ops = &mt7621_pci_ops; +- host->map_irq = of_irq_parse_and_map_pci; ++ host->map_irq = mt7621_map_irq; + host->swizzle_irq = pci_common_swizzle; + host->sysdata = pcie; + From 1e5d014ba237cf47092c41cf3657ec64d3b99b41 Mon Sep 17 00:00:00 2001 From: Chuanhong Guo Date: Sat, 18 Apr 2020 13:40:31 +0800 Subject: [PATCH 09/20] ramips: don't reuse KERNEL_DTB for lzma-loader mt7621 overrides KERNEL_DTB to limit dictionary size, which isn't needed for our lzma loader. This saves 15KB on mt7621 devices using uimage-lzma-loader. Signed-off-by: Chuanhong Guo --- target/linux/ramips/image/Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/linux/ramips/image/Makefile b/target/linux/ramips/image/Makefile index a966ba4349..f93ea8ab2a 100644 --- a/target/linux/ramips/image/Makefile +++ b/target/linux/ramips/image/Makefile @@ -39,7 +39,7 @@ endef define Device/uimage-lzma-loader LOADER_TYPE := bin - KERNEL := $(KERNEL_DTB) | loader-kernel | uImage none + KERNEL := kernel-bin | append-dtb | lzma | loader-kernel | uImage none endef define Device/seama From 19d9db5a96d61780af6f9ca542db9593abd78526 Mon Sep 17 00:00:00 2001 From: Chuanhong Guo Date: Sat, 18 Apr 2020 14:19:38 +0800 Subject: [PATCH 10/20] ramips: mt7621: use lzma-loader for newifi d1/d2/thunder timecloud These devices failed to properly extract kernel. enable lzma loader for them. Signed-off-by: Chuanhong Guo --- target/linux/ramips/image/mt7621.mk | 3 +++ 1 file changed, 3 insertions(+) diff --git a/target/linux/ramips/image/mt7621.mk b/target/linux/ramips/image/mt7621.mk index a72f758c96..aa6836d50a 100644 --- a/target/linux/ramips/image/mt7621.mk +++ b/target/linux/ramips/image/mt7621.mk @@ -229,6 +229,7 @@ endef TARGET_DEVICES += dlink_dir-860l-b1 define Device/d-team_newifi-d2 + $(Device/uimage-lzma-loader) IMAGE_SIZE := 32448k DEVICE_VENDOR := Newifi DEVICE_MODEL := D2 @@ -460,6 +461,7 @@ endef TARGET_DEVICES += jcg_jhr-ac876m define Device/lenovo_newifi-d1 + $(Device/uimage-lzma-loader) IMAGE_SIZE := 32448k DEVICE_VENDOR := Newifi DEVICE_MODEL := D1 @@ -746,6 +748,7 @@ endef TARGET_DEVICES += telco-electronics_x1 define Device/thunder_timecloud + $(Device/uimage-lzma-loader) IMAGE_SIZE := 16064k DEVICE_VENDOR := Thunder DEVICE_MODEL := Timecloud From 5f126c541a743e2ff5d8f406128d477ab5a509b4 Mon Sep 17 00:00:00 2001 From: Hans Dedecker Date: Sat, 18 Apr 2020 10:34:10 +0200 Subject: [PATCH 11/20] binutils: add ALTERNATIVES for strings (FS#3001) Don't move strings anymore to /bin/strings to avoid clash with busybox /usr/bin/strings but move it to /usr/bin/binutils-strings. Use ALTERNATIVES support to install it as /usr/bin/strings Signed-off-by: Hans Dedecker --- package/devel/binutils/Makefile | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/package/devel/binutils/Makefile b/package/devel/binutils/Makefile index 291f45205a..e04611f5d3 100644 --- a/package/devel/binutils/Makefile +++ b/package/devel/binutils/Makefile @@ -49,6 +49,7 @@ define Package/binutils CATEGORY:=Development TITLE:=binutils DEPENDS:=+objdump +ar + ALTERNATIVES:=200:/usr/bin/strings:/usr/bin/binutils-strings endef define Package/objdump @@ -114,7 +115,7 @@ endef define Package/binutils/install $(INSTALL_DIR) $(1)/usr $(1)/bin $(CP) $(PKG_INSTALL_DIR)/usr/bin/ $(1)/usr/ - mv $(1)/usr/bin/strings $(1)/bin/strings + mv $(1)/usr/bin/strings $(1)/usr/bin/binutils-strings rm -f $(1)/usr/bin/objdump rm -f $(1)/usr/bin/ar endef From d7e98bd7c5316f95cc11635371a39c6c0e18b9a7 Mon Sep 17 00:00:00 2001 From: Magnus Kroken Date: Fri, 17 Apr 2020 17:34:42 +0200 Subject: [PATCH 12/20] openvpn: update to 2.4.9 This is primarily a maintenance release with bugfixes and improvements. This release also fixes a security issue (CVE-2020-11810) which allows disrupting service of a freshly connected client that has not yet negotiated session keys. The vulnerability cannot be used to inject or steal VPN traffic. Release announcement: https://openvpn.net/community-downloads/#heading-13812 Full list of changes: https://community.openvpn.net/openvpn/wiki/ChangesInOpenvpn24#OpenVPN2.4.9 Signed-off-by: Magnus Kroken --- package/network/services/openvpn/Makefile | 4 ++-- .../patches/100-mbedtls-disable-runtime-version-check.patch | 2 +- .../110-openssl-dont-use-deprecated-ssleay-symbols.patch | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/package/network/services/openvpn/Makefile b/package/network/services/openvpn/Makefile index baa8c1d07e..5f102d967d 100644 --- a/package/network/services/openvpn/Makefile +++ b/package/network/services/openvpn/Makefile @@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=openvpn -PKG_VERSION:=2.4.8 +PKG_VERSION:=2.4.9 PKG_RELEASE:=1 PKG_SOURCE_URL:=\ https://build.openvpn.net/downloads/releases/ \ https://swupdate.openvpn.net/community/releases/ PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz -PKG_HASH:=fb8ca66bb7807fff595fbdf2a0afd085c02a6aa47715c9aa3171002f9f1a3f91 +PKG_HASH:=641f3add8694b2ccc39fd4fd92554e4f089ad16a8db6d2b473ec284839a5ebe2 PKG_MAINTAINER:=Felix Fietkau diff --git a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch index 7fc0089000..cb16a906fe 100644 --- a/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch +++ b/package/network/services/openvpn/patches/100-mbedtls-disable-runtime-version-check.patch @@ -1,6 +1,6 @@ --- a/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c -@@ -1406,7 +1406,7 @@ const char * +@@ -1415,7 +1415,7 @@ const char * get_ssl_library_version(void) { static char mbedtls_version[30]; diff --git a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch index 7e9931f0f3..c7faf7c0c0 100644 --- a/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch +++ b/package/network/services/openvpn/patches/110-openssl-dont-use-deprecated-ssleay-symbols.patch @@ -47,7 +47,7 @@ Signed-off-by: Gert Doering #endif --- a/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c -@@ -1977,7 +1977,7 @@ get_highest_preference_tls_cipher(char * +@@ -2008,7 +2008,7 @@ get_highest_preference_tls_cipher(char * const char * get_ssl_library_version(void) { From d27e2c67ed6359b43cc9fa161dfd97fa20b0b693 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lvaro=20Fern=C3=A1ndez=20Rojas?= Date: Sat, 18 Apr 2020 20:52:56 +0200 Subject: [PATCH 13/20] bcm63xx: switch to 5.4 kernel MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Seems stable after 6 days of testing on some of my devices. Let's switch to 5.4 in order to get more feedback. Signed-off-by: Álvaro Fernández Rojas --- target/linux/bcm63xx/Makefile | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/target/linux/bcm63xx/Makefile b/target/linux/bcm63xx/Makefile index 9e7e2b052e..d87918f0f5 100644 --- a/target/linux/bcm63xx/Makefile +++ b/target/linux/bcm63xx/Makefile @@ -12,8 +12,7 @@ BOARD:=bcm63xx BOARDNAME:=Broadcom BCM63xx SUBTARGETS:=generic smp FEATURES:=squashfs usb atm pci pcmcia usbgadget -KERNEL_PATCHVER:=4.14 -KERNEL_TESTING_PATCHVER:=5.4 +KERNEL_PATCHVER:=5.4 define Target/Description Build firmware images for Broadcom based xDSL/routers From 7637b84fde99153691d02b7b15c993bc89a0dd02 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Mon, 23 Mar 2020 23:22:04 +0100 Subject: [PATCH 14/20] busybox: backport Remove stime() function calls glibc 2.31 does not provide stime() any more, backport a fix from current busybox master to avoid using this function. Signed-off-by: Hauke Mehrtens --- .../001-remove-stime-function-calls.patch | 84 +++++++++++++++++++ 1 file changed, 84 insertions(+) create mode 100644 package/utils/busybox/patches/001-remove-stime-function-calls.patch diff --git a/package/utils/busybox/patches/001-remove-stime-function-calls.patch b/package/utils/busybox/patches/001-remove-stime-function-calls.patch new file mode 100644 index 0000000000..ccf9bef356 --- /dev/null +++ b/package/utils/busybox/patches/001-remove-stime-function-calls.patch @@ -0,0 +1,84 @@ +From d3539be8f27b8cbfdfee460fe08299158f08bcd9 Mon Sep 17 00:00:00 2001 +From: Alistair Francis +Date: Tue, 19 Nov 2019 13:06:40 +0100 +Subject: Remove stime() function calls + +stime() has been deprecated in glibc 2.31 and replaced with +clock_settime(). Let's replace the stime() function calls with +clock_settime() in preperation. + +function old new delta +rdate_main 197 224 +27 +clock_settime - 27 +27 +date_main 926 941 +15 +stime 37 - -37 +------------------------------------------------------------------------------ +(add/remove: 2/2 grow/shrink: 2/0 up/down: 69/-37) Total: 32 bytes + +Signed-off-by: Alistair Francis +Signed-off-by: Denys Vlasenko +--- + coreutils/date.c | 6 +++++- + libbb/missing_syscalls.c | 8 -------- + util-linux/rdate.c | 8 ++++++-- + 3 files changed, 11 insertions(+), 11 deletions(-) + +--- a/coreutils/date.c ++++ b/coreutils/date.c +@@ -279,6 +279,9 @@ int date_main(int argc UNUSED_PARAM, cha + time(&ts.tv_sec); + #endif + } ++#if !ENABLE_FEATURE_DATE_NANO ++ ts.tv_nsec = 0; ++#endif + localtime_r(&ts.tv_sec, &tm_time); + + /* If date string is given, update tm_time, and maybe set date */ +@@ -301,9 +304,10 @@ int date_main(int argc UNUSED_PARAM, cha + if (date_str[0] != '@') + tm_time.tm_isdst = -1; + ts.tv_sec = validate_tm_time(date_str, &tm_time); ++ ts.tv_nsec = 0; + + /* if setting time, set it */ +- if ((opt & OPT_SET) && stime(&ts.tv_sec) < 0) { ++ if ((opt & OPT_SET) && clock_settime(CLOCK_REALTIME, &ts) < 0) { + bb_perror_msg("can't set date"); + } + } +--- a/libbb/missing_syscalls.c ++++ b/libbb/missing_syscalls.c +@@ -15,14 +15,6 @@ pid_t getsid(pid_t pid) + return syscall(__NR_getsid, pid); + } + +-int stime(const time_t *t) +-{ +- struct timeval tv; +- tv.tv_sec = *t; +- tv.tv_usec = 0; +- return settimeofday(&tv, NULL); +-} +- + int sethostname(const char *name, size_t len) + { + return syscall(__NR_sethostname, name, len); +--- a/util-linux/rdate.c ++++ b/util-linux/rdate.c +@@ -95,9 +95,13 @@ int rdate_main(int argc UNUSED_PARAM, ch + if (!(flags & 2)) { /* no -p (-s may be present) */ + if (time(NULL) == remote_time) + bb_error_msg("current time matches remote time"); +- else +- if (stime(&remote_time) < 0) ++ else { ++ struct timespec ts; ++ ts.tv_sec = remote_time; ++ ts.tv_nsec = 0; ++ if (clock_settime(CLOCK_REALTIME, &ts) < 0) + bb_perror_msg_and_die("can't set time of day"); ++ } + } + + if (flags != 1) /* not lone -s */ From 70a962ca6f13e82d8d67f5c8ee65064a41f66a9c Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 18 Apr 2020 17:42:02 +0200 Subject: [PATCH 15/20] upgs: Remove extra _DEFAULT_SOURCE definition This extra _DEFAULT_SOURCE definition results in a double definition which is a compile error. This fixes the following compile error with glibc: ---------------------------------------------------------------------- ugps-2019-06-25-cd7eabcd/nmea.c:19: error: "_DEFAULT_SOURCE" redefined [-Werror] #define _DEFAULT_SOURCE : note: this is the location of the previous definition cc1: all warnings being treated as errors Signed-off-by: Hauke Mehrtens --- package/utils/ugps/Makefile | 4 ---- 1 file changed, 4 deletions(-) diff --git a/package/utils/ugps/Makefile b/package/utils/ugps/Makefile index 6eae5afbcf..85c64533d1 100644 --- a/package/utils/ugps/Makefile +++ b/package/utils/ugps/Makefile @@ -31,10 +31,6 @@ endef TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include -ifneq ($(CONFIG_USE_GLIBC),) - TARGET_CFLAGS += -D_DEFAULT_SOURCE -endif - define Package/ugps/conffiles /etc/config/gps endef From 14c59a147cae2db25d3b9bfa54892f34a60231e2 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 18 Apr 2020 17:44:13 +0200 Subject: [PATCH 16/20] rbcfg: Add missing mode to open call When open() is called with O_CREAT a 3. parameter has to be given with the file system permissions of the new file. Not giving this is an error, which results in a compile error with glibc. This fixes the following compile error with glibc: ---------------------------------------------------------------------- In file included from /include/fcntl.h:329, from main.c:18: In function 'open', inlined from 'rbcfg_update' at main.c:501:7: /include/bits/fcntl2.h:50:4: error: call to '__open_missing_mode' declared with attribute error: open with O_CREAT or O_TMPFILE in second argument needs 3 arguments __open_missing_mode (); ^~~~~~~~~~~~~~~~~~~~~~ Signed-off-by: Hauke Mehrtens --- package/boot/rbcfg/Makefile | 2 +- package/boot/rbcfg/src/main.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/package/boot/rbcfg/Makefile b/package/boot/rbcfg/Makefile index 55e0ea7490..874ef06924 100644 --- a/package/boot/rbcfg/Makefile +++ b/package/boot/rbcfg/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=rbcfg -PKG_RELEASE:=2 +PKG_RELEASE:=3 PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) diff --git a/package/boot/rbcfg/src/main.c b/package/boot/rbcfg/src/main.c index 2acbfbd8cb..7da46f90a5 100644 --- a/package/boot/rbcfg/src/main.c +++ b/package/boot/rbcfg/src/main.c @@ -498,7 +498,7 @@ rbcfg_update(int tmp) put_u32(ctx->buf + 4, crc); name = (tmp) ? ctx->tmp_file : ctx->mtd_device; - fd = open(name, O_WRONLY | O_CREAT); + fd = open(name, O_WRONLY | O_CREAT, 0640); if (fd < 0) { fprintf(stderr, "unable to open %s for writing\n", name); err = RB_ERR_IO; From ce1798e915181e6c1f3ba735b254b37b84261303 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 18 Apr 2020 17:50:03 +0200 Subject: [PATCH 17/20] dante: Fix compile with glibc When compiled with glibc the config_scan.c wants to use the cpupolicy2numeric() function which is only available when HAVE_SCHED_SETSCHEDULER is set. It looks like the wrong define was used here. This fixes a build problem with glibc in combination with the force ac_cv_func_sched_setscheduler=no in the OpenWrt CONFIGURE_VARS. This fixes the following compile error with glibc: ---------------------------------------------------------------------- /bin/ld: config_scan.o: in function `socks_yylex': dante-1.4.1/sockd/config_scan.l:461: undefined reference to `cpupolicy2numeric' collect2: error: ld returned 1 exit status make[5]: *** [Makefile:522: sockd] Error 1 Fixes: aaf46a8fe23e ("dante: disable sched_getscheduler() - not implemented in musl") Signed-off-by: Hauke Mehrtens --- package/network/utils/dante/Makefile | 2 +- .../210-deactivate-sched_setscheduler.patch | 53 +++++++++++++++++++ 2 files changed, 54 insertions(+), 1 deletion(-) create mode 100644 package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch diff --git a/package/network/utils/dante/Makefile b/package/network/utils/dante/Makefile index 4f5d08724c..15bd6d2afc 100644 --- a/package/network/utils/dante/Makefile +++ b/package/network/utils/dante/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=dante PKG_VERSION:=1.4.1 -PKG_RELEASE:=3 +PKG_RELEASE:=4 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=http://www.inet.no/dante/files/ diff --git a/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch b/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch new file mode 100644 index 0000000000..e711189c59 --- /dev/null +++ b/package/network/utils/dante/patches/210-deactivate-sched_setscheduler.patch @@ -0,0 +1,53 @@ +When compiled with glibc the config_scan.c wants to use the +cpupolicy2numeric() function which is only available when +HAVE_SCHED_SETSCHEDULER is set. It looks like the wrong define was used here. + +This fixes a build problem with glibc in combination with the force +ac_cv_func_sched_setscheduler=no in the OpenWrt CONFIGURE_VARS. + +--- a/lib/config_scan.c ++++ b/lib/config_scan.c +@@ -3891,7 +3891,7 @@ YY_RULE_SETUP + SERRX(0); + + #else /* !SOCKS_CLIENT */ +-#if HAVE_SCHED_SETAFFINITY ++#if HAVE_SCHED_SETSCHEDULER + + BEGIN(0); + +@@ -3899,9 +3899,9 @@ YY_RULE_SETUP + yyerrorx("unknown scheduling policy \"%s\"", yytext); + + return SCHEDULEPOLICY; +-#else /* !HAVE_SCHED_SETAFFINITY */ ++#else /* !HAVE_SCHED_SETSCHEDULER */ + yyerrorx("setting cpu scheduling policy is not supported on this platform"); +-#endif /* !HAVE_SCHED_SETAFFINITY */ ++#endif /* !HAVE_SCHED_SETSCHEDULER */ + + #endif /* SOCKS_CLIENT */ + } +--- a/lib/config_scan.l ++++ b/lib/config_scan.l +@@ -456,7 +456,7 @@ cpu { + SERRX(0); + + #else /* !SOCKS_CLIENT */ +-#if HAVE_SCHED_SETAFFINITY ++#if HAVE_SCHED_SETSCHEDULER + + BEGIN(0); + +@@ -464,9 +464,9 @@ cpu { + yyerrorx("unknown scheduling policy \"%s\"", yytext); + + return SCHEDULEPOLICY; +-#else /* !HAVE_SCHED_SETAFFINITY */ ++#else /* !HAVE_SCHED_SETSCHEDULER */ + yyerrorx("setting cpu scheduling policy is not supported on this platform"); +-#endif /* !HAVE_SCHED_SETAFFINITY */ ++#endif /* !HAVE_SCHED_SETSCHEDULER */ + + #endif /* SOCKS_CLIENT */ + } From 02c5019a35655560ad1e50dbcb0b02ecae9df3b0 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Mon, 16 Mar 2020 15:28:13 +0100 Subject: [PATCH 18/20] toolchain: glibc: Update glibc to version 2.31 This updates glibc to the most recent version 2.31. 001-regex-read-overrun.patch was a backport from a more recent version and is integrated in glibc 2.31. 050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch is needed to add the DES crypto functions back again. They were removed in glibc 2.28, but we still use them in ppp. musl lib also provides these DES crypto functions. Without them we would have to link ppp against openssl or an other crypto library. Signed-off-by: Hauke Mehrtens --- toolchain/glibc/common.mk | 6 +- .../patches/001-regex-read-overrun.patch | 26 - ...use-of-DES-encryption-functions-in-n.patch | 686 ++++++++++++++++++ .../patches/200-add-dl-search-paths.patch | 2 +- 4 files changed, 690 insertions(+), 30 deletions(-) delete mode 100644 toolchain/glibc/patches/001-regex-read-overrun.patch create mode 100644 toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index 41ee989b14..99be398d3f 100644 --- a/toolchain/glibc/common.mk +++ b/toolchain/glibc/common.mk @@ -7,12 +7,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=glibc -PKG_VERSION:=2.27 +PKG_VERSION:=2.31 PKG_SOURCE_PROTO:=git PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) -PKG_SOURCE_VERSION:=bef0b1cb31bed76a355776154af9191ed1758222 -PKG_MIRROR_HASH:=24a137758acdc0d8c5254891204ba38d759838123bab09a64ec0bdb94289aafd +PKG_SOURCE_VERSION:=54ba2541b3a76441a9cbe5dd14c963bf874fd5e9 +PKG_MIRROR_HASH:=333bff38151f333e93a239aa91e0de28a1e7d24863aafe569caf05b9bdb01461 PKG_SOURCE_URL:=https://sourceware.org/git/glibc.git PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz diff --git a/toolchain/glibc/patches/001-regex-read-overrun.patch b/toolchain/glibc/patches/001-regex-read-overrun.patch deleted file mode 100644 index c4e4307aa6..0000000000 --- a/toolchain/glibc/patches/001-regex-read-overrun.patch +++ /dev/null @@ -1,26 +0,0 @@ -commit 583dd860d5b833037175247230a328f0050dbfe9 -Author: Paul Eggert -Date: Mon Jan 21 11:08:13 2019 -0800 - - regex: fix read overrun [BZ #24114] - - Problem found by AddressSanitizer, reported by Hongxu Chen in: - https://debbugs.gnu.org/34140 - * posix/regexec.c (proceed_next_node): - Do not read past end of input buffer. - ---- a/posix/regexec.c -+++ b/posix/regexec.c -@@ -1293,8 +1293,10 @@ proceed_next_node (const re_match_context_t *mctx, Idx nregs, regmatch_t *regs, - else if (naccepted) - { - char *buf = (char *) re_string_get_buffer (&mctx->input); -- if (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, -- naccepted) != 0) -+ if (mctx->input.valid_len - *pidx < naccepted -+ || (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx, -+ naccepted) -+ != 0)) - return -1; - } - } diff --git a/toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch b/toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch new file mode 100644 index 0000000000..4e3e2eebb2 --- /dev/null +++ b/toolchain/glibc/patches/050-Revert-Disallow-use-of-DES-encryption-functions-in-n.patch @@ -0,0 +1,686 @@ +From cfc93329e00cd23c226f34b3ffd5552a93c35bd7 Mon Sep 17 00:00:00 2001 +From: Hauke Mehrtens +Date: Mon, 23 Mar 2020 22:33:46 +0100 +Subject: Revert "Disallow use of DES encryption functions in new programs." + +This reverts commit b10a0accee709a5efff2fadf0b0bbb79ff0ad759. + +ppp still uses the encrypt functions from the libc. musl libc also +provides them. +--- + conform/data/stdlib.h-data | 3 + + conform/data/unistd.h-data | 6 ++ + crypt/cert.c | 26 ----- + crypt/crypt-entry.c | 15 ++- + crypt/crypt.h | 16 +++ + crypt/crypt_util.c | 9 -- + manual/conf.texi | 2 - + manual/crypt.texi | 201 +++++++++++++++++++++++++++++++++++++ + manual/string.texi | 82 +++++++-------- + posix/unistd.h | 22 ++-- + stdlib/stdlib.h | 6 ++ + sunrpc/Makefile | 2 +- + sunrpc/des_crypt.c | 7 +- + sunrpc/des_soft.c | 2 +- + 14 files changed, 303 insertions(+), 96 deletions(-) + +--- a/conform/data/stdlib.h-data ++++ b/conform/data/stdlib.h-data +@@ -149,6 +149,9 @@ function {unsigned short int*} seed48 (u + #if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined XPG4 && !defined XPG42 && !defined UNIX98 + function int setenv (const char*, const char*, int) + #endif ++#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined POSIX2008 ++function void setkey (const char*) ++#endif + #if !defined ISO && !defined ISO99 && !defined ISO11 && !defined XPG4 && !defined POSIX && !defined POSIX2008 + function {char*} setstate (char*) + #endif +--- a/conform/data/unistd.h-data ++++ b/conform/data/unistd.h-data +@@ -437,6 +437,9 @@ function int chroot (const char*) + function int chown (const char*, uid_t, gid_t) + function int close (int) + function size_t confstr (int, char*, size_t) ++#if !defined POSIX && !defined POSIX2008 ++function {char*} crypt (const char*, const char*) ++#endif + #if defined XPG4 || defined XPG42 || defined UNIX98 + function {char*} ctermid (char*) + function {char*} cuserid (char*) +@@ -446,6 +449,9 @@ allow cuserid + #endif + function int dup (int) + function int dup2 (int, int) ++#if !defined POSIX && !defined POSIX2008 ++function void encrypt (char[64], int) ++#endif + function int execl (const char*, const char*, ...) + function int execle (const char*, const char*, ...) + function int execlp (const char*, const char*, ...) +--- a/crypt/cert.c ++++ b/crypt/cert.c +@@ -10,22 +10,6 @@ + #include + #include "crypt.h" + +-/* This file tests the deprecated setkey/encrypt interface. */ +-#include +-#if TEST_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) +- +-#define libcrypt_version_reference(symbol, version) \ +- _libcrypt_version_reference (symbol, VERSION_libcrypt_##version) +-#define _libcrypt_version_reference(symbol, version) \ +- __libcrypt_version_reference (symbol, version) +-#define __libcrypt_version_reference(symbol, version) \ +- __asm__ (".symver " #symbol ", " #symbol "@" #version) +- +-extern void setkey (const char *); +-extern void encrypt (const char *, int); +-libcrypt_version_reference (setkey, GLIBC_2_0); +-libcrypt_version_reference (encrypt, GLIBC_2_0); +- + int totfails = 0; + + int main (int argc, char *argv[]); +@@ -120,13 +104,3 @@ put8 (char *cp) + printf("%02x", t); + } + } +- +-#else /* encrypt and setkey are not available. */ +- +-int +-main (void) +-{ +- return 77; /* UNSUPPORTED */ +-} +- +-#endif +--- a/crypt/crypt-entry.c ++++ b/crypt/crypt-entry.c +@@ -35,7 +35,6 @@ + #endif + + #include "crypt-private.h" +-#include + + /* Prototypes for local functions. */ + #ifndef __GNU_LIBRARY__ +@@ -177,7 +176,17 @@ crypt (const char *key, const char *salt + return __crypt_r (key, salt, &_ufc_foobar); + } + +-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) ++ ++/* ++ * To make fcrypt users happy. ++ * They don't need to call init_des. ++ */ ++#ifdef _LIBC + weak_alias (crypt, fcrypt) +-compat_symbol (libcrypt, fcrypt, fcrypt, GLIBC_2_0); ++#else ++char * ++__fcrypt (const char *key, const char *salt) ++{ ++ return crypt (key, salt); ++} + #endif +--- a/crypt/crypt.h ++++ b/crypt/crypt.h +@@ -36,6 +36,14 @@ __BEGIN_DECLS + extern char *crypt (const char *__phrase, const char *__salt) + __THROW __nonnull ((1, 2)); + ++/* Setup DES tables according KEY. */ ++extern void setkey (const char *__key) __THROW __nonnull ((1)); ++ ++/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt ++ block in place. */ ++extern void encrypt (char *__glibc_block, int __edflag) ++ __THROW __nonnull ((1)); ++ + #ifdef __USE_GNU + + /* This structure provides scratch and output buffers for 'crypt_r'. +@@ -63,6 +71,14 @@ struct crypt_data + extern char *crypt_r (const char *__phrase, const char *__salt, + struct crypt_data * __restrict __data) + __THROW __nonnull ((1, 2, 3)); ++ ++extern void setkey_r (const char *__key, ++ struct crypt_data * __restrict __data) ++ __THROW __nonnull ((1, 2)); ++ ++extern void encrypt_r (char *__glibc_block, int __edflag, ++ struct crypt_data * __restrict __data) ++ __THROW __nonnull ((1, 3)); + #endif + + __END_DECLS +--- a/crypt/crypt_util.c ++++ b/crypt/crypt_util.c +@@ -34,7 +34,6 @@ + #endif + + #include "crypt-private.h" +-#include + + /* Prototypes for local functions. */ + #ifndef __GNU_LIBRARY__ +@@ -151,7 +150,6 @@ static const int sbox[8][4][16]= { + } + }; + +-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) + /* + * This is the initial + * permutation matrix +@@ -162,7 +160,6 @@ static const int initial_perm[64] = { + 57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3, + 61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7 + }; +-#endif + + /* + * This is the final +@@ -788,7 +785,6 @@ _ufc_output_conversion_r (ufc_long v1, u + __data->crypt_3_buf[13] = 0; + } + +-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) + + /* + * UNIX encrypt function. Takes a bitvector +@@ -889,14 +885,12 @@ __encrypt_r (char *__block, int __edflag + } + } + weak_alias (__encrypt_r, encrypt_r) +-compat_symbol (libcrypt, encrypt_r, encrypt_r, GLIBC_2_0); + + void + encrypt (char *__block, int __edflag) + { + __encrypt_r(__block, __edflag, &_ufc_foobar); + } +-compat_symbol (libcrypt, encrypt, encrypt, GLIBC_2_0); + + + /* +@@ -921,15 +915,12 @@ __setkey_r (const char *__key, struct cr + _ufc_mk_keytab_r((char *) ktab, __data); + } + weak_alias (__setkey_r, setkey_r) +-compat_symbol (libcrypt, setkey_r, setkey_r, GLIBC_2_0); + + void + setkey (const char *__key) + { + __setkey_r(__key, &_ufc_foobar); + } +-compat_symbol (libcrypt, setkey, setkey, GLIBC_2_0); +-#endif /* SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) */ + + void + __b64_from_24bit (char **cp, int *buflen, +--- a/manual/conf.texi ++++ b/manual/conf.texi +@@ -780,8 +780,6 @@ Inquire about the parameter correspondin + @item _SC_XOPEN_CRYPT + @standards{X/Open, unistd.h} + Inquire about the parameter corresponding to @code{_XOPEN_CRYPT}. +-@Theglibc no longer implements the @code{_XOPEN_CRYPT} extensions, +-so @samp{sysconf (_SC_XOPEN_CRYPT)} always returns @code{-1}. + + @item _SC_XOPEN_ENH_I18N + @standards{X/Open, unistd.h} +--- a/manual/crypt.texi ++++ b/manual/crypt.texi +@@ -16,8 +16,19 @@ subject to them, even if you do not use + yourself. The restrictions vary from place to place and are changed + often, so we cannot give any more specific advice than this warning. + ++@vindex AUTH_DES ++@cindex FIPS 140-2 ++It also provides support for Secure RPC, and some library functions that ++can be used to perform normal DES encryption. The @code{AUTH_DES} ++authentication flavor in Secure RPC, as provided by @theglibc{}, ++uses DES and does not comply with FIPS 140-2 nor does any other use of DES ++within @theglibc{}. It is recommended that Secure RPC should not be used ++for systems that need to comply with FIPS 140-2 since all flavors of ++encrypted authentication use normal DES. ++ + @menu + * Passphrase Storage:: One-way hashing for passphrases. ++* DES Encryption:: Routines for DES encryption. + * Unpredictable Bytes:: Randomness for cryptographic purposes. + @end menu + +@@ -200,6 +211,196 @@ hashes for the same passphrase. + @include testpass.c.texi + @end smallexample + ++@node DES Encryption ++@section DES Encryption ++ ++@cindex FIPS 46-3 ++The Data Encryption Standard is described in the US Government Federal ++Information Processing Standards (FIPS) 46-3 published by the National ++Institute of Standards and Technology. The DES has been very thoroughly ++analyzed since it was developed in the late 1970s, and no new ++significant flaws have been found. ++ ++However, the DES uses only a 56-bit key (plus 8 parity bits), and a ++machine has been built in 1998 which can search through all possible ++keys in about 6 days, which cost about US$200000; faster searches would ++be possible with more money. This makes simple DES insecure for most ++purposes, and NIST no longer permits new US government systems ++to use simple DES. ++ ++For serious encryption functionality, it is recommended that one of the ++many free encryption libraries be used instead of these routines. ++ ++The DES is a reversible operation which takes a 64-bit block and a ++64-bit key, and produces another 64-bit block. Usually the bits are ++numbered so that the most-significant bit, the first bit, of each block ++is numbered 1. ++ ++Under that numbering, every 8th bit of the key (the 8th, 16th, and so ++on) is not used by the encryption algorithm itself. But the key must ++have odd parity; that is, out of bits 1 through 8, and 9 through 16, and ++so on, there must be an odd number of `1' bits, and this completely ++specifies the unused bits. ++ ++@deftypefun void setkey (const char *@var{key}) ++@standards{BSD, crypt.h} ++@standards{SVID, crypt.h} ++@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++@c The static buffer stores the key, making it fundamentally ++@c thread-unsafe. The locking issues are only in the initialization ++@c path; cancelling the initialization will leave the lock held, it ++@c would otherwise repeat the initialization on the next call. ++ ++The @code{setkey} function sets an internal data structure to be an ++expanded form of @var{key}. @var{key} is specified as an array of 64 ++bits each stored in a @code{char}, the first bit is @code{key[0]} and ++the 64th bit is @code{key[63]}. The @var{key} should have the correct ++parity. ++@end deftypefun ++ ++@deftypefun void encrypt (char *@var{block}, int @var{edflag}) ++@standards{BSD, crypt.h} ++@standards{SVID, crypt.h} ++@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++@c Same issues as setkey. ++ ++The @code{encrypt} function encrypts @var{block} if ++@var{edflag} is 0, otherwise it decrypts @var{block}, using a key ++previously set by @code{setkey}. The result is ++placed in @var{block}. ++ ++Like @code{setkey}, @var{block} is specified as an array of 64 bits each ++stored in a @code{char}, but there are no parity bits in @var{block}. ++@end deftypefun ++ ++@deftypefun void setkey_r (const char *@var{key}, {struct crypt_data *} @var{data}) ++@deftypefunx void encrypt_r (char *@var{block}, int @var{edflag}, {struct crypt_data *} @var{data}) ++@standards{GNU, crypt.h} ++@c setkey_r: @safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++@safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}} ++ ++These are reentrant versions of @code{setkey} and @code{encrypt}. The ++only difference is the extra parameter, which stores the expanded ++version of @var{key}. Before calling @code{setkey_r} the first time, ++@code{data->initialized} must be cleared to zero. ++@end deftypefun ++ ++The @code{setkey_r} and @code{encrypt_r} functions are GNU extensions. ++@code{setkey}, @code{encrypt}, @code{setkey_r}, and @code{encrypt_r} are ++defined in @file{crypt.h}. ++ ++@deftypefun int ecb_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++ ++The function @code{ecb_crypt} encrypts or decrypts one or more blocks ++using DES. Each block is encrypted independently. ++ ++The @var{blocks} and the @var{key} are stored packed in 8-bit bytes, so ++that the first bit of the key is the most-significant bit of ++@code{key[0]} and the 63rd bit of the key is stored as the ++least-significant bit of @code{key[7]}. The @var{key} should have the ++correct parity. ++ ++@var{len} is the number of bytes in @var{blocks}. It should be a ++multiple of 8 (so that there are a whole number of blocks to encrypt). ++@var{len} is limited to a maximum of @code{DES_MAXDATA} bytes. ++ ++The result of the encryption replaces the input in @var{blocks}. ++ ++The @var{mode} parameter is the bitwise OR of two of the following: ++ ++@vtable @code ++@item DES_ENCRYPT ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, specifies that ++@var{blocks} is to be encrypted. ++ ++@item DES_DECRYPT ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, specifies that ++@var{blocks} is to be decrypted. ++ ++@item DES_HW ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, asks to use a hardware ++device. If no hardware device is available, encryption happens anyway, ++but in software. ++ ++@item DES_SW ++@standards{SUNRPC, rpc/des_crypt.h} ++This constant, used in the @var{mode} parameter, specifies that no ++hardware device is to be used. ++@end vtable ++ ++The result of the function will be one of these values: ++ ++@vtable @code ++@item DESERR_NONE ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption succeeded. ++ ++@item DESERR_NOHWDEVICE ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption succeeded, but there was no hardware device available. ++ ++@item DESERR_HWERROR ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption failed because of a hardware problem. ++ ++@item DESERR_BADPARAM ++@standards{SUNRPC, rpc/des_crypt.h} ++The encryption failed because of a bad parameter, for instance @var{len} ++is not a multiple of 8 or @var{len} is larger than @code{DES_MAXDATA}. ++@end vtable ++@end deftypefun ++ ++@deftypefun int DES_FAILED (int @var{err}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++This macro returns 1 if @var{err} is a `success' result code from ++@code{ecb_crypt} or @code{cbc_crypt}, and 0 otherwise. ++@end deftypefun ++ ++@deftypefun int cbc_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode}, char *@var{ivec}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++ ++The function @code{cbc_crypt} encrypts or decrypts one or more blocks ++using DES in Cipher Block Chaining mode. ++ ++For encryption in CBC mode, each block is exclusive-ored with @var{ivec} ++before being encrypted, then @var{ivec} is replaced with the result of ++the encryption, then the next block is processed. Decryption is the ++reverse of this process. ++ ++This has the advantage that blocks which are the same before being ++encrypted are very unlikely to be the same after being encrypted, making ++it much harder to detect patterns in the data. ++ ++Usually, @var{ivec} is set to 8 random bytes before encryption starts. ++Then the 8 random bytes are transmitted along with the encrypted data ++(without themselves being encrypted), and passed back in as @var{ivec} ++for decryption. Another possibility is to set @var{ivec} to 8 zeroes ++initially, and have the first block encrypted consist of 8 random ++bytes. ++ ++Otherwise, all the parameters are similar to those for @code{ecb_crypt}. ++@end deftypefun ++ ++@deftypefun void des_setparity (char *@var{key}) ++@standards{SUNRPC, rpc/des_crypt.h} ++@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} ++ ++The function @code{des_setparity} changes the 64-bit @var{key}, stored ++packed in 8-bit bytes, to have odd parity by altering the low bits of ++each byte. ++@end deftypefun ++ ++The @code{ecb_crypt}, @code{cbc_crypt}, and @code{des_setparity} ++functions and their accompanying macros are all defined in the header ++@file{rpc/des_crypt.h}. ++ + @node Unpredictable Bytes + @section Generating Unpredictable Bytes + @cindex randomness source +--- a/manual/string.texi ++++ b/manual/string.texi +@@ -36,8 +36,8 @@ too. + for delimiters. + * Erasing Sensitive Data:: Clearing memory which contains sensitive + data, after it's no longer needed. +-* Shuffling Bytes:: Or how to flash-cook a string. +-* Obfuscating Data:: Reversibly obscuring data from casual view. ++* strfry:: Function for flash-cooking a string. ++* Trivial Encryption:: Obscuring data. + * Encode Binary Data:: Encoding and Decoding of Binary Data. + * Argz and Envz Vectors:: Null-separated string vectors. + @end menu +@@ -2426,73 +2426,73 @@ functionality under a different name, su + systems it may be in @file{strings.h} instead. + @end deftypefun + +- +-@node Shuffling Bytes +-@section Shuffling Bytes ++@node strfry ++@section strfry + + The function below addresses the perennial programming quandary: ``How do + I take good data in string form and painlessly turn it into garbage?'' +-This is not a difficult thing to code for oneself, but the authors of +-@theglibc{} wish to make it as convenient as possible. ++This is actually a fairly simple task for C programmers who do not use ++@theglibc{} string functions, but for programs based on @theglibc{}, ++the @code{strfry} function is the preferred method for ++destroying string data. + +-To @emph{erase} data, use @code{explicit_bzero} (@pxref{Erasing +-Sensitive Data}); to obfuscate it reversibly, use @code{memfrob} +-(@pxref{Obfuscating Data}). ++The prototype for this function is in @file{string.h}. + + @deftypefun {char *} strfry (char *@var{string}) + @standards{GNU, string.h} + @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} + @c Calls initstate_r, time, getpid, strlen, and random_r. + +-@code{strfry} performs an in-place shuffle on @var{string}. Each +-character is swapped to a position selected at random, within the +-portion of the string starting with the character's original position. +-(This is the Fisher-Yates algorithm for unbiased shuffling.) +- +-Calling @code{strfry} will not disturb any of the random number +-generators that have global state (@pxref{Pseudo-Random Numbers}). ++@code{strfry} creates a pseudorandom anagram of a string, replacing the ++input with the anagram in place. For each position in the string, ++@code{strfry} swaps it with a position in the string selected at random ++(from a uniform distribution). The two positions may be the same. + + The return value of @code{strfry} is always @var{string}. + + @strong{Portability Note:} This function is unique to @theglibc{}. +-It is declared in @file{string.h}. ++ + @end deftypefun + + +-@node Obfuscating Data +-@section Obfuscating Data ++@node Trivial Encryption ++@section Trivial Encryption ++@cindex encryption ++ ++ ++The @code{memfrob} function converts an array of data to something ++unrecognizable and back again. It is not encryption in its usual sense ++since it is easy for someone to convert the encrypted data back to clear ++text. The transformation is analogous to Usenet's ``Rot13'' encryption ++method for obscuring offensive jokes from sensitive eyes and such. ++Unlike Rot13, @code{memfrob} works on arbitrary binary data, not just ++text. + @cindex Rot13 + +-The @code{memfrob} function reversibly obfuscates an array of binary +-data. This is not true encryption; the obfuscated data still bears a +-clear relationship to the original, and no secret key is required to +-undo the obfuscation. It is analogous to the ``Rot13'' cipher used on +-Usenet for obscuring offensive jokes, spoilers for works of fiction, +-and so on, but it can be applied to arbitrary binary data. +- +-Programs that need true encryption---a transformation that completely +-obscures the original and cannot be reversed without knowledge of a +-secret key---should use a dedicated cryptography library, such as +-@uref{https://www.gnu.org/software/libgcrypt/,,libgcrypt}. +- +-Programs that need to @emph{destroy} data should use +-@code{explicit_bzero} (@pxref{Erasing Sensitive Data}), or possibly +-@code{strfry} (@pxref{Shuffling Bytes}). ++For true encryption, @xref{Cryptographic Functions}. ++ ++This function is declared in @file{string.h}. ++@pindex string.h + + @deftypefun {void *} memfrob (void *@var{mem}, size_t @var{length}) + @standards{GNU, string.h} + @safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} + +-The function @code{memfrob} obfuscates @var{length} bytes of data +-beginning at @var{mem}, in place. Each byte is bitwise xor-ed with +-the binary pattern 00101010 (hexadecimal 0x2A). The return value is +-always @var{mem}. +- +-@code{memfrob} a second time on the same data returns it to +-its original state. ++@code{memfrob} transforms (frobnicates) each byte of the data structure ++at @var{mem}, which is @var{length} bytes long, by bitwise exclusive ++oring it with binary 00101010. It does the transformation in place and ++its return value is always @var{mem}. ++ ++Note that @code{memfrob} a second time on the same data structure ++returns it to its original state. ++ ++This is a good function for hiding information from someone who doesn't ++want to see it or doesn't want to see it very much. To really prevent ++people from retrieving the information, use stronger encryption such as ++that described in @xref{Cryptographic Functions}. + + @strong{Portability Note:} This function is unique to @theglibc{}. +-It is declared in @file{string.h}. ++ + @end deftypefun + + @node Encode Binary Data +--- a/posix/unistd.h ++++ b/posix/unistd.h +@@ -107,6 +107,9 @@ __BEGIN_DECLS + /* The X/Open Unix extensions are available. */ + #define _XOPEN_UNIX 1 + ++/* Encryption is present. */ ++#define _XOPEN_CRYPT 1 ++ + /* The enhanced internationalization capabilities according to XPG4.2 + are present. */ + #define _XOPEN_ENH_I18N 1 +@@ -1115,17 +1118,20 @@ ssize_t copy_file_range (int __infd, __o + extern int fdatasync (int __fildes); + #endif /* Use POSIX199309 */ + +-#ifdef __USE_MISC +-/* One-way hash PHRASE, returning a string suitable for storage in the +- user database. SALT selects the one-way function to use, and +- ensures that no two users' hashes are the same, even if they use +- the same passphrase. The return value points to static storage +- which will be overwritten by the next call to crypt. */ ++ ++/* XPG4.2 specifies that prototypes for the encryption functions must ++ be defined here. */ ++#ifdef __USE_XOPEN ++/* Encrypt at most 8 characters from KEY using salt to perturb DES. */ + extern char *crypt (const char *__key, const char *__salt) + __THROW __nonnull ((1, 2)); +-#endif + +-#ifdef __USE_XOPEN ++/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt ++ block in place. */ ++extern void encrypt (char *__glibc_block, int __edflag) ++ __THROW __nonnull ((1)); ++ ++ + /* Swab pairs bytes in the first N bytes of the area pointed to by + FROM and copy the result to TO. The value of TO must not be in the + range [FROM - N + 1, FROM - 1]. If N is odd the first byte in FROM +--- a/stdlib/stdlib.h ++++ b/stdlib/stdlib.h +@@ -961,6 +961,12 @@ extern int getsubopt (char **__restrict + #endif + + ++#ifdef __USE_XOPEN ++/* Setup DES tables according KEY. */ ++extern void setkey (const char *__key) __THROW __nonnull ((1)); ++#endif ++ ++ + /* X/Open pseudo terminal handling. */ + + #ifdef __USE_XOPEN2KXSI +--- a/sunrpc/Makefile ++++ b/sunrpc/Makefile +@@ -51,7 +51,7 @@ rpcsvc = bootparam_prot.x nlm_prot.x rst + headers-sunrpc = $(addprefix rpc/,auth.h auth_unix.h clnt.h pmap_clnt.h \ + pmap_prot.h pmap_rmt.h rpc.h rpc_msg.h \ + svc.h svc_auth.h types.h xdr.h auth_des.h \ +- key_prot.h) \ ++ des_crypt.h key_prot.h rpc_des.h) \ + $(rpcsvc:%=rpcsvc/%) rpcsvc/bootparam.h + headers = rpc/netdb.h + install-others = $(inst_sysconfdir)/rpc +--- a/sunrpc/des_crypt.c ++++ b/sunrpc/des_crypt.c +@@ -86,9 +86,6 @@ common_crypt (char *key, char *buf, regi + return desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE; + } + +-/* Note: these cannot be excluded from the build yet, because they are +- still used internally. */ +- + /* + * CBC mode encryption + */ +@@ -105,7 +102,7 @@ cbc_crypt (char *key, char *buf, unsigne + COPY8 (dp.des_ivec, ivec); + return err; + } +-hidden_nolink (cbc_crypt, libc, GLIBC_2_1) ++libc_hidden_nolink_sunrpc (cbc_crypt, GLIBC_2_1) + + /* + * ECB mode encryption +@@ -118,4 +115,4 @@ ecb_crypt (char *key, char *buf, unsigne + dp.des_mode = ECB; + return common_crypt (key, buf, len, mode, &dp); + } +-hidden_nolink (ecb_crypt, libc, GLIBC_2_1) ++libc_hidden_nolink_sunrpc (ecb_crypt, GLIBC_2_1) +--- a/sunrpc/des_soft.c ++++ b/sunrpc/des_soft.c +@@ -71,4 +71,4 @@ des_setparity (char *p) + p++; + } + } +-hidden_nolink (des_setparity, libc, GLIBC_2_1) ++libc_hidden_nolink_sunrpc (des_setparity, GLIBC_2_1) diff --git a/toolchain/glibc/patches/200-add-dl-search-paths.patch b/toolchain/glibc/patches/200-add-dl-search-paths.patch index 5585ee1f0e..18d751dd1a 100644 --- a/toolchain/glibc/patches/200-add-dl-search-paths.patch +++ b/toolchain/glibc/patches/200-add-dl-search-paths.patch @@ -2,7 +2,7 @@ add /usr/lib to default search path for the dynamic linker --- a/Makeconfig +++ b/Makeconfig -@@ -589,6 +589,9 @@ else +@@ -601,6 +601,9 @@ else default-rpath = $(libdir) endif From a2cf87a7b1fa1566e2f8f6e2916b098339c19f71 Mon Sep 17 00:00:00 2001 From: Hauke Mehrtens Date: Sat, 18 Apr 2020 20:00:35 +0200 Subject: [PATCH 19/20] toolchain: glibc: Define minimum support kernel version as 4.14 This will compile glibc in a way that it will only support kernel 4.14 and later. Compatibility code for older kernel versions will be removed. Signed-off-by: Hauke Mehrtens --- toolchain/glibc/common.mk | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/toolchain/glibc/common.mk b/toolchain/glibc/common.mk index 99be398d3f..060fb2849e 100644 --- a/toolchain/glibc/common.mk +++ b/toolchain/glibc/common.mk @@ -60,7 +60,8 @@ GLIBC_CONFIGURE:= \ --without-gd \ --without-cvs \ --enable-add-ons \ - --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp + --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \ + --enable-kernel=4.14.0 export libc_cv_ssp=no export libc_cv_ssp_strong=no From 45e2b7763f2a846bf1a40f5fa79b4cfe4678557a Mon Sep 17 00:00:00 2001 From: Sungbo Eo Date: Sat, 18 Apr 2020 22:47:34 +0900 Subject: [PATCH 20/20] ramips: replace pinctrl property names for ipTIME A1004ns The pinctrl driver had been replaced with the upstream one in b756ea2a909a ("ramips: replace pinctrl property names"), but the initial A1004ns support patch did not reflect the changes. This commit updates its pinctrl property names. Fixes: 9169482f640c ("ramips: add support for ipTIME A1004ns") Signed-off-by: Sungbo Eo --- target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts b/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts index 02b674963b..e1e9050406 100644 --- a/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts +++ b/target/linux/ramips/dts/mt7620a_iptime_a1004ns.dts @@ -53,8 +53,8 @@ &state_default { gpio { - ralink,group = "i2c", "uartf", "spi refclk"; - ralink,function = "gpio"; + groups = "i2c", "uartf", "spi refclk"; + function = "gpio"; }; };