Merge Official Source

This commit is contained in:
CN_SZTL 2020-04-19 19:53:26 +08:00
commit 44f43c4ad3
No known key found for this signature in database
GPG Key ID: 6850B6345C862176
28 changed files with 1281 additions and 97 deletions

View File

@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=rbcfg PKG_NAME:=rbcfg
PKG_RELEASE:=2 PKG_RELEASE:=3
PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME) PKG_BUILD_DIR := $(BUILD_DIR)/$(PKG_NAME)

View File

@ -498,7 +498,7 @@ rbcfg_update(int tmp)
put_u32(ctx->buf + 4, crc); put_u32(ctx->buf + 4, crc);
name = (tmp) ? ctx->tmp_file : ctx->mtd_device; name = (tmp) ? ctx->tmp_file : ctx->mtd_device;
fd = open(name, O_WRONLY | O_CREAT); fd = open(name, O_WRONLY | O_CREAT, 0640);
if (fd < 0) { if (fd < 0) {
fprintf(stderr, "unable to open %s for writing\n", name); fprintf(stderr, "unable to open %s for writing\n", name);
err = RB_ERR_IO; err = RB_ERR_IO;

View File

@ -49,6 +49,7 @@ define Package/binutils
CATEGORY:=Development CATEGORY:=Development
TITLE:=binutils TITLE:=binutils
DEPENDS:=+objdump +ar DEPENDS:=+objdump +ar
ALTERNATIVES:=200:/usr/bin/strings:/usr/bin/binutils-strings
endef endef
define Package/objdump define Package/objdump
@ -114,7 +115,7 @@ endef
define Package/binutils/install define Package/binutils/install
$(INSTALL_DIR) $(1)/usr $(1)/bin $(INSTALL_DIR) $(1)/usr $(1)/bin
$(CP) $(PKG_INSTALL_DIR)/usr/bin/ $(1)/usr/ $(CP) $(PKG_INSTALL_DIR)/usr/bin/ $(1)/usr/
mv $(1)/usr/bin/strings $(1)/bin/strings mv $(1)/usr/bin/strings $(1)/usr/bin/binutils-strings
rm -f $(1)/usr/bin/objdump rm -f $(1)/usr/bin/objdump
rm -f $(1)/usr/bin/ar rm -f $(1)/usr/bin/ar
endef endef

View File

@ -9,14 +9,14 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=openvpn PKG_NAME:=openvpn
PKG_VERSION:=2.4.8 PKG_VERSION:=2.4.9
PKG_RELEASE:=1 PKG_RELEASE:=1
PKG_SOURCE_URL:=\ PKG_SOURCE_URL:=\
https://build.openvpn.net/downloads/releases/ \ https://build.openvpn.net/downloads/releases/ \
https://swupdate.openvpn.net/community/releases/ https://swupdate.openvpn.net/community/releases/
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz
PKG_HASH:=fb8ca66bb7807fff595fbdf2a0afd085c02a6aa47715c9aa3171002f9f1a3f91 PKG_HASH:=641f3add8694b2ccc39fd4fd92554e4f089ad16a8db6d2b473ec284839a5ebe2
PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name> PKG_MAINTAINER:=Felix Fietkau <nbd@nbd.name>

View File

@ -1,6 +1,6 @@
--- a/src/openvpn/ssl_mbedtls.c --- a/src/openvpn/ssl_mbedtls.c
+++ b/src/openvpn/ssl_mbedtls.c +++ b/src/openvpn/ssl_mbedtls.c
@@ -1406,7 +1406,7 @@ const char * @@ -1415,7 +1415,7 @@ const char *
get_ssl_library_version(void) get_ssl_library_version(void)
{ {
static char mbedtls_version[30]; static char mbedtls_version[30];

View File

@ -47,7 +47,7 @@ Signed-off-by: Gert Doering <gert@greenie.muc.de>
#endif #endif
--- a/src/openvpn/ssl_openssl.c --- a/src/openvpn/ssl_openssl.c
+++ b/src/openvpn/ssl_openssl.c +++ b/src/openvpn/ssl_openssl.c
@@ -1977,7 +1977,7 @@ get_highest_preference_tls_cipher(char * @@ -2008,7 +2008,7 @@ get_highest_preference_tls_cipher(char *
const char * const char *
get_ssl_library_version(void) get_ssl_library_version(void)
{ {

View File

@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
PKG_NAME:=dante PKG_NAME:=dante
PKG_VERSION:=1.4.1 PKG_VERSION:=1.4.1
PKG_RELEASE:=3 PKG_RELEASE:=4
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://www.inet.no/dante/files/ PKG_SOURCE_URL:=http://www.inet.no/dante/files/

View File

@ -0,0 +1,53 @@
When compiled with glibc the config_scan.c wants to use the
cpupolicy2numeric() function which is only available when
HAVE_SCHED_SETSCHEDULER is set. It looks like the wrong define was used here.
This fixes a build problem with glibc in combination with the force
ac_cv_func_sched_setscheduler=no in the OpenWrt CONFIGURE_VARS.
--- a/lib/config_scan.c
+++ b/lib/config_scan.c
@@ -3891,7 +3891,7 @@ YY_RULE_SETUP
SERRX(0);
#else /* !SOCKS_CLIENT */
-#if HAVE_SCHED_SETAFFINITY
+#if HAVE_SCHED_SETSCHEDULER
BEGIN(0);
@@ -3899,9 +3899,9 @@ YY_RULE_SETUP
yyerrorx("unknown scheduling policy \"%s\"", yytext);
return SCHEDULEPOLICY;
-#else /* !HAVE_SCHED_SETAFFINITY */
+#else /* !HAVE_SCHED_SETSCHEDULER */
yyerrorx("setting cpu scheduling policy is not supported on this platform");
-#endif /* !HAVE_SCHED_SETAFFINITY */
+#endif /* !HAVE_SCHED_SETSCHEDULER */
#endif /* SOCKS_CLIENT */
}
--- a/lib/config_scan.l
+++ b/lib/config_scan.l
@@ -456,7 +456,7 @@ cpu {
SERRX(0);
#else /* !SOCKS_CLIENT */
-#if HAVE_SCHED_SETAFFINITY
+#if HAVE_SCHED_SETSCHEDULER
BEGIN(0);
@@ -464,9 +464,9 @@ cpu {
yyerrorx("unknown scheduling policy \"%s\"", yytext);
return SCHEDULEPOLICY;
-#else /* !HAVE_SCHED_SETAFFINITY */
+#else /* !HAVE_SCHED_SETSCHEDULER */
yyerrorx("setting cpu scheduling policy is not supported on this platform");
-#endif /* !HAVE_SCHED_SETAFFINITY */
+#endif /* !HAVE_SCHED_SETSCHEDULER */
#endif /* SOCKS_CLIENT */
}

View File

@ -0,0 +1,84 @@
From d3539be8f27b8cbfdfee460fe08299158f08bcd9 Mon Sep 17 00:00:00 2001
From: Alistair Francis <alistair.francis@wdc.com>
Date: Tue, 19 Nov 2019 13:06:40 +0100
Subject: Remove stime() function calls
stime() has been deprecated in glibc 2.31 and replaced with
clock_settime(). Let's replace the stime() function calls with
clock_settime() in preperation.
function old new delta
rdate_main 197 224 +27
clock_settime - 27 +27
date_main 926 941 +15
stime 37 - -37
------------------------------------------------------------------------------
(add/remove: 2/2 grow/shrink: 2/0 up/down: 69/-37) Total: 32 bytes
Signed-off-by: Alistair Francis <alistair.francis@wdc.com>
Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
---
coreutils/date.c | 6 +++++-
libbb/missing_syscalls.c | 8 --------
util-linux/rdate.c | 8 ++++++--
3 files changed, 11 insertions(+), 11 deletions(-)
--- a/coreutils/date.c
+++ b/coreutils/date.c
@@ -279,6 +279,9 @@ int date_main(int argc UNUSED_PARAM, cha
time(&ts.tv_sec);
#endif
}
+#if !ENABLE_FEATURE_DATE_NANO
+ ts.tv_nsec = 0;
+#endif
localtime_r(&ts.tv_sec, &tm_time);
/* If date string is given, update tm_time, and maybe set date */
@@ -301,9 +304,10 @@ int date_main(int argc UNUSED_PARAM, cha
if (date_str[0] != '@')
tm_time.tm_isdst = -1;
ts.tv_sec = validate_tm_time(date_str, &tm_time);
+ ts.tv_nsec = 0;
/* if setting time, set it */
- if ((opt & OPT_SET) && stime(&ts.tv_sec) < 0) {
+ if ((opt & OPT_SET) && clock_settime(CLOCK_REALTIME, &ts) < 0) {
bb_perror_msg("can't set date");
}
}
--- a/libbb/missing_syscalls.c
+++ b/libbb/missing_syscalls.c
@@ -15,14 +15,6 @@ pid_t getsid(pid_t pid)
return syscall(__NR_getsid, pid);
}
-int stime(const time_t *t)
-{
- struct timeval tv;
- tv.tv_sec = *t;
- tv.tv_usec = 0;
- return settimeofday(&tv, NULL);
-}
-
int sethostname(const char *name, size_t len)
{
return syscall(__NR_sethostname, name, len);
--- a/util-linux/rdate.c
+++ b/util-linux/rdate.c
@@ -95,9 +95,13 @@ int rdate_main(int argc UNUSED_PARAM, ch
if (!(flags & 2)) { /* no -p (-s may be present) */
if (time(NULL) == remote_time)
bb_error_msg("current time matches remote time");
- else
- if (stime(&remote_time) < 0)
+ else {
+ struct timespec ts;
+ ts.tv_sec = remote_time;
+ ts.tv_nsec = 0;
+ if (clock_settime(CLOCK_REALTIME, &ts) < 0)
bb_perror_msg_and_die("can't set time of day");
+ }
}
if (flags != 1) /* not lone -s */

View File

@ -31,10 +31,6 @@ endef
TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include TARGET_CFLAGS += -I$(STAGING_DIR)/usr/include
ifneq ($(CONFIG_USE_GLIBC),)
TARGET_CFLAGS += -D_DEFAULT_SOURCE
endif
define Package/ugps/conffiles define Package/ugps/conffiles
/etc/config/gps /etc/config/gps
endef endef

View File

@ -12,8 +12,7 @@ BOARD:=bcm63xx
BOARDNAME:=Broadcom BCM63xx BOARDNAME:=Broadcom BCM63xx
SUBTARGETS:=generic smp SUBTARGETS:=generic smp
FEATURES:=squashfs usb atm pci pcmcia usbgadget FEATURES:=squashfs usb atm pci pcmcia usbgadget
KERNEL_PATCHVER:=4.14 KERNEL_PATCHVER:=5.4
KERNEL_TESTING_PATCHVER:=5.4
define Target/Description define Target/Description
Build firmware images for Broadcom based xDSL/routers Build firmware images for Broadcom based xDSL/routers

View File

@ -0,0 +1,60 @@
From: Mantas Pucka <mantas@8devices.com>
To: linux-mtd@lists.infradead.org
Subject: [PATCH] mtd: spi-nor: fix 4-byte opcode support for w25q256
Date: Wed, 15 Apr 2020 16:48:30 +0300
Message-ID: <1586958510-24012-1-git-send-email-mantas@8devices.com>
There are 2 different chips (w25q256fv and w25q256jv) that share
the same JEDEC ID. Only w25q256jv fully supports 4-byte opcodes.
Use SFDP header version to differentiate between them.
for OpenWRT only: rebased to linux-v5.4
Signed-off-by: Mantas Pucka <mantas@8devices.com>
---
--- a/drivers/mtd/spi-nor/spi-nor.c
+++ b/drivers/mtd/spi-nor/spi-nor.c
@@ -2170,6 +2170,32 @@ static struct spi_nor_fixups gd25q256_fi
.default_init = gd25q256_default_init,
};
+static int
+w25q256_post_bfpt_fixups(struct spi_nor *nor,
+ const struct sfdp_parameter_header *bfpt_header,
+ const struct sfdp_bfpt *bfpt,
+ struct spi_nor_flash_parameter *params)
+{
+ /*
+ * W25Q256JV supports 4B opcodes but W25Q256FV does not.
+ * Unfortunately, Winbond has re-used the same JEDEC ID for both
+ * variants which prevents us from defining a new entry in the parts
+ * table.
+ * To differentiate between W25Q256JV and W25Q256FV check SFDP header
+ * version: only JV has JESD216A compliant structure (version 5)
+ */
+
+ if (bfpt_header->major == SFDP_JESD216_MAJOR &&
+ bfpt_header->minor == SFDP_JESD216A_MINOR)
+ nor->flags |= SNOR_F_4B_OPCODES;
+
+ return 0;
+}
+
+static struct spi_nor_fixups w25q256_fixups = {
+ .post_bfpt = w25q256_post_bfpt_fixups,
+};
+
/* NOTE: double check command sets and memory organization when you add
* more nor chips. This current list focusses on newer chips, which
* have been converging on command sets which including JEDEC ID.
@@ -2508,7 +2534,8 @@ static const struct flash_info spi_nor_i
{ "w25q80", INFO(0xef5014, 0, 64 * 1024, 16, SECT_4K) },
{ "w25q80bl", INFO(0xef4014, 0, 64 * 1024, 16, SECT_4K) },
{ "w25q128", INFO(0xef4018, 0, 64 * 1024, 256, SECT_4K) },
- { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) },
+ { "w25q256", INFO(0xef4019, 0, 64 * 1024, 512, SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ)
+ .fixups = &w25q256_fixups },
{ "w25q256jvm", INFO(0xef7019, 0, 64 * 1024, 512,
SECT_4K | SPI_NOR_DUAL_READ | SPI_NOR_QUAD_READ) },
{ "w25m512jv", INFO(0xef7119, 0, 64 * 1024, 1024,

View File

@ -21,7 +21,7 @@
flash@0 { flash@0 {
compatible = "jedec,spi-nor"; compatible = "jedec,spi-nor";
reg = <0>; reg = <0>;
spi-max-frequency = <40000000>; spi-max-frequency = <50000000>;
partitions { partitions {
compatible = "fixed-partitions"; compatible = "fixed-partitions";

View File

@ -0,0 +1,104 @@
// SPDX-License-Identifier: GPL-2.0-or-later OR MIT
/dts-v1/;
#include "mt7620a_iptime.dtsi"
/ {
compatible = "iptime,a1004ns", "ralink,mt7620a-soc";
model = "ipTIME A1004ns";
aliases {
led-boot = &led_cpu;
led-failsafe = &led_cpu;
led-running = &led_cpu;
led-upgrade = &led_cpu;
};
leds {
compatible = "gpio-leds";
led_cpu: cpu {
label = "a1004ns:blue:cpu";
gpios = <&gpio0 11 GPIO_ACTIVE_LOW>;
};
usb {
label = "a1004ns:blue:usb";
gpios = <&gpio1 15 GPIO_ACTIVE_LOW>;
trigger-sources = <&ohci_port1>, <&ehci_port1>;
linux,default-trigger = "usbport";
};
};
keys {
compatible = "gpio-keys";
reset {
label = "reset";
gpios = <&gpio0 1 GPIO_ACTIVE_LOW>;
linux,code = <KEY_RESTART>;
};
wps {
label = "wps";
gpios = <&gpio0 2 GPIO_ACTIVE_LOW>;
linux,code = <KEY_WPS_BUTTON>;
};
};
};
&firmware {
reg = <0x30000 0xfd0000>;
};
&state_default {
gpio {
groups = "i2c", "uartf", "spi refclk";
function = "gpio";
};
};
&ethernet {
pinctrl-names = "default";
pinctrl-0 = <&rgmii1_pins &mdio_pins>;
port@5 {
status = "okay";
mediatek,fixed-link = <1000 1 1 1>;
phy-mode = "rgmii";
};
mdio-bus {
status = "okay";
ethernet-phy@0 {
reg = <0>;
phy-mode = "rgmii";
};
ethernet-phy@1 {
reg = <1>;
phy-mode = "rgmii";
};
ethernet-phy@2 {
reg = <2>;
phy-mode = "rgmii";
};
ethernet-phy@3 {
reg = <3>;
phy-mode = "rgmii";
};
ethernet-phy@4 {
reg = <4>;
phy-mode = "rgmii";
};
ethernet-phy@1f {
reg = <0x1f>;
phy-mode = "rgmii";
};
};
};

View File

@ -568,11 +568,10 @@
0x01000000 0 0x00000000 0x1e160000 0 0x00010000 /* io space */ 0x01000000 0 0x00000000 0x1e160000 0 0x00010000 /* io space */
>; >;
#interrupt-cells = <1>; interrupt-parent = <&gic>;
interrupt-map-mask = <0xF0000 0 0 1>; interrupts = <GIC_SHARED 4 IRQ_TYPE_LEVEL_HIGH
interrupt-map = <0x10000 0 0 1 &gic GIC_SHARED 4 IRQ_TYPE_LEVEL_HIGH>, GIC_SHARED 24 IRQ_TYPE_LEVEL_HIGH
<0x20000 0 0 1 &gic GIC_SHARED 24 IRQ_TYPE_LEVEL_HIGH>, GIC_SHARED 25 IRQ_TYPE_LEVEL_HIGH>;
<0x30000 0 0 1 &gic GIC_SHARED 25 IRQ_TYPE_LEVEL_HIGH>;
status = "disabled"; status = "disabled";

View File

@ -44,6 +44,22 @@
linux,code = <KEY_RESTART>; linux,code = <KEY_RESTART>;
}; };
}; };
ubi-concat {
compatible = "mtd-concat";
devices = <&ubipart0 &ubipart1>;
partitions {
compatible = "fixed-partitions";
#address-cells = <1>;
#size-cells = <1>;
ubi@0 {
label = "ubi";
reg = <0x0 0x79c0000>;
};
};
};
}; };
&nand { &nand {
@ -74,18 +90,12 @@
partition@140000 { partition@140000 {
label = "kernel"; label = "kernel";
reg = <0x140000 0x200000>; reg = <0x140000 0x400000>;
}; };
partition@340000 { ubipart0: partition@540000 {
label = "ubi"; label = "ubipart0";
reg = <0x340000 0x1E00000>; reg = <0x540000 0x1c80000>;
};
partition@2140000 {
label = "hw_panic";
reg = <0x2140000 0x80000>;
read-only;
}; };
partition@21c0000 { partition@21c0000 {
@ -94,30 +104,9 @@
read-only; read-only;
}; };
partition@2240000 { ubipart1: partition@2240000 {
label = "backup"; label = "ubipart1";
reg = <0x2240000 0x80000>; reg = <0x2240000 0x5d40000>;
read-only;
};
partition@22c0000 {
label = "overly";
reg = <0x22c0000 0x1000000>;
};
partition@32c0000 {
label = "firmware_backup";
reg = <0x32c0000 0x2000000>;
};
partition@52c0000 {
label = "oem";
reg = <0x52c0000 0x200000>;
};
partition@54c0000 {
label = "opt";
reg = <0x54c0000 0x2ac0000>;
}; };
}; };
}; };

View File

@ -39,7 +39,7 @@ endef
define Device/uimage-lzma-loader define Device/uimage-lzma-loader
LOADER_TYPE := bin LOADER_TYPE := bin
KERNEL := $(KERNEL_DTB) | loader-kernel | uImage none KERNEL := kernel-bin | append-dtb | lzma | loader-kernel | uImage none
endef endef
define Device/seama define Device/seama

View File

@ -503,6 +503,17 @@ define Device/iodata_wn-ac733gr3
endef endef
TARGET_DEVICES += iodata_wn-ac733gr3 TARGET_DEVICES += iodata_wn-ac733gr3
define Device/iptime_a1004ns
SOC := mt7620a
IMAGE_SIZE := 16192k
UIMAGE_NAME := a1004ns
DEVICE_VENDOR := ipTIME
DEVICE_MODEL := A1004ns
DEVICE_PACKAGES := kmod-mt76x0e kmod-usb2 kmod-usb-ohci \
kmod-usb-ledtrig-usbport
endef
TARGET_DEVICES += iptime_a1004ns
define Device/iptime_a104ns define Device/iptime_a104ns
SOC := mt7620a SOC := mt7620a
IMAGE_SIZE := 8000k IMAGE_SIZE := 8000k

View File

@ -229,6 +229,7 @@ endef
TARGET_DEVICES += dlink_dir-860l-b1 TARGET_DEVICES += dlink_dir-860l-b1
define Device/d-team_newifi-d2 define Device/d-team_newifi-d2
$(Device/uimage-lzma-loader)
IMAGE_SIZE := 32448k IMAGE_SIZE := 32448k
DEVICE_VENDOR := Newifi DEVICE_VENDOR := Newifi
DEVICE_MODEL := D2 DEVICE_MODEL := D2
@ -339,7 +340,7 @@ TARGET_DEVICES += gnubee_gb-pc2
define Device/hiwifi_hc5962 define Device/hiwifi_hc5962
BLOCKSIZE := 128k BLOCKSIZE := 128k
PAGESIZE := 2048 PAGESIZE := 2048
KERNEL_SIZE := 2097152 KERNEL_SIZE := 4096k
UBINIZE_OPTS := -E 5 UBINIZE_OPTS := -E 5
IMAGE_SIZE := 32768k IMAGE_SIZE := 32768k
IMAGES += factory.bin IMAGES += factory.bin
@ -349,9 +350,6 @@ define Device/hiwifi_hc5962
DEVICE_VENDOR := HiWiFi DEVICE_VENDOR := HiWiFi
DEVICE_MODEL := HC5962 DEVICE_MODEL := HC5962
DEVICE_PACKAGES := kmod-mt7603 kmod-mt76x2 kmod-usb3 wpad-basic DEVICE_PACKAGES := kmod-mt7603 kmod-mt76x2 kmod-usb3 wpad-basic
SUPPORTED_DEVICES += hc5962
# Kernel partition too small
DEFAULT := n
endef endef
TARGET_DEVICES += hiwifi_hc5962 TARGET_DEVICES += hiwifi_hc5962
@ -463,6 +461,7 @@ endef
TARGET_DEVICES += jcg_jhr-ac876m TARGET_DEVICES += jcg_jhr-ac876m
define Device/lenovo_newifi-d1 define Device/lenovo_newifi-d1
$(Device/uimage-lzma-loader)
IMAGE_SIZE := 32448k IMAGE_SIZE := 32448k
DEVICE_VENDOR := Newifi DEVICE_VENDOR := Newifi
DEVICE_MODEL := D1 DEVICE_MODEL := D1
@ -747,6 +746,7 @@ endef
TARGET_DEVICES += telco-electronics_x1 TARGET_DEVICES += telco-electronics_x1
define Device/thunder_timecloud define Device/thunder_timecloud
$(Device/uimage-lzma-loader)
IMAGE_SIZE := 16064k IMAGE_SIZE := 16064k
DEVICE_VENDOR := Thunder DEVICE_VENDOR := Thunder
DEVICE_MODEL := Timecloud DEVICE_MODEL := Timecloud

View File

@ -143,7 +143,8 @@ ramips_setup_interfaces()
"0:lan" "1:lan" "5:wan" "6@eth0" "0:lan" "1:lan" "5:wan" "6@eth0"
;; ;;
iodata,wn-ac1167gr|\ iodata,wn-ac1167gr|\
iodata,wn-ac733gr3) iodata,wn-ac733gr3|\
iptime,a1004ns)
ucidef_add_switch "switch0" ucidef_add_switch "switch0"
ucidef_add_switch_attr "switch0" "enable" "false" ucidef_add_switch_attr "switch0" "enable" "false"
ucidef_add_switch "switch1" \ ucidef_add_switch "switch1" \
@ -312,6 +313,9 @@ ramips_setup_macs()
iodata,wn-ac733gr3) iodata,wn-ac733gr3)
wan_mac=$(mtd_get_mac_ascii u-boot-env wanaddr) wan_mac=$(mtd_get_mac_ascii u-boot-env wanaddr)
;; ;;
iptime,a1004ns)
wan_mac=$(mtd_get_mac_binary u-boot 0x1fc40)
;;
iptime,a104ns) iptime,a104ns)
wan_mac=$(macaddr_add "$(mtd_get_mac_binary u-boot 0x1fc20)" 2) wan_mac=$(macaddr_add "$(mtd_get_mac_binary u-boot 0x1fc20)" 2)
;; ;;

View File

@ -14,14 +14,14 @@ telco-electronics,x1)
ucidef_add_gpio_switch "modem_reset" "Modem Reset" "16" ucidef_add_gpio_switch "modem_reset" "Modem Reset" "16"
;; ;;
ubnt,edgerouter-x) ubnt,edgerouter-x)
ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "0" ucidef_add_gpio_switch "poe_passthrough" "PoE Passthrough" "480"
;; ;;
ubnt,edgerouter-x-sfp) ubnt,edgerouter-x-sfp)
ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "496" ucidef_add_gpio_switch "poe_power_port0" "PoE Power Port0" "400"
ucidef_add_gpio_switch "poe_power_port1" "PoE Power Port1" "497" ucidef_add_gpio_switch "poe_power_port1" "PoE Power Port1" "401"
ucidef_add_gpio_switch "poe_power_port2" "PoE Power Port2" "498" ucidef_add_gpio_switch "poe_power_port2" "PoE Power Port2" "402"
ucidef_add_gpio_switch "poe_power_port3" "PoE Power Port3" "499" ucidef_add_gpio_switch "poe_power_port3" "PoE Power Port3" "403"
ucidef_add_gpio_switch "poe_power_port4" "PoE Power Port4" "500" ucidef_add_gpio_switch "poe_power_port4" "PoE Power Port4" "404"
;; ;;
esac esac

View File

@ -217,6 +217,7 @@ CONFIG_MTD_UBI_BLOCK=y
# CONFIG_MTD_UBI_FASTMAP is not set # CONFIG_MTD_UBI_FASTMAP is not set
# CONFIG_MTD_UBI_GLUEBI is not set # CONFIG_MTD_UBI_GLUEBI is not set
CONFIG_MTD_UBI_WL_THRESHOLD=4096 CONFIG_MTD_UBI_WL_THRESHOLD=4096
CONFIG_MTD_VIRT_CONCAT=y
# CONFIG_MTK_HSDMA is not set # CONFIG_MTK_HSDMA is not set
CONFIG_NEED_DMA_MAP_STATE=y CONFIG_NEED_DMA_MAP_STATE=y
CONFIG_NET_DEVLINK=y CONFIG_NET_DEVLINK=y

View File

@ -0,0 +1,65 @@
From 5fcded5e857cf66c9592e4be28c4dab4520c9177 Mon Sep 17 00:00:00 2001
From: Sergio Paracuellos <sergio.paracuellos@gmail.com>
Date: Thu, 9 Apr 2020 13:16:52 +0200
Subject: [PATCH] staging: mt7621-pci: properly power off dual-ported pcie phy
Pcie phy for pcie0 and pcie1 is shared using a dual ported
one. Current code was assuming that if nothing is connected
in pcie0 it won't be also nothing connected in pcie1. This
assumtion is wrong for some devices such us 'Mikrotik rbm33g'
and 'ZyXEL LTE3301-PLUS' where only connecting a card to the
second bus on the phy is possible. For such devices kernel
hangs in the same point because of the wrong poweroff of the
phy getting the following trace:
mt7621-pci-phy 1e149000.pcie-phy: PHY for 0xbe149000 (dual port = 1)
mt7621-pci-phy 1e14a000.pcie-phy: PHY for 0xbe14a000 (dual port = 0)
mt7621-pci-phy 1e149000.pcie-phy: Xtal is 40MHz
mt7621-pci-phy 1e14a000.pcie-phy: Xtal is 40MHz
mt7621-pci 1e140000.pcie: pcie0 no card, disable it (RST & CLK)
[hangs]
The wrong assumption is located in the 'mt7621_pcie_init_ports'
function where we are just making a power off of the phy for
slots 0 and 2 if nothing is connected in them. Hence, only
poweroff the phy if nothing is connected in both slot 0 and
slot 1 avoiding the kernel to hang.
Fixes: 5737cfe87a9c ("staging: mt7621-pci: avoid to poweroff the phy for slot one")
Signed-off-by: Sergio Paracuellos <sergio.paracuellos@gmail.com>
Link: https://lore.kernel.org/r/20200409111652.30964-1-sergio.paracuellos@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/staging/mt7621-pci/pci-mt7621.c | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--- a/drivers/staging/mt7621-pci/pci-mt7621.c
+++ b/drivers/staging/mt7621-pci/pci-mt7621.c
@@ -502,17 +502,25 @@ static void mt7621_pcie_init_ports(struc
mt7621_pcie_reset_ep_deassert(pcie);
+ tmp = NULL;
list_for_each_entry(port, &pcie->ports, list) {
u32 slot = port->slot;
if (!mt7621_pcie_port_is_linkup(port)) {
dev_err(dev, "pcie%d no card, disable it (RST & CLK)\n",
slot);
- if (slot != 1)
- phy_power_off(port->phy);
mt7621_control_assert(port);
mt7621_pcie_port_clk_disable(port);
port->enabled = false;
+
+ if (slot == 0) {
+ tmp = port;
+ continue;
+ }
+
+ if (slot == 1 && tmp && !tmp->enabled)
+ phy_power_off(tmp->phy);
+
}
}
}

View File

@ -0,0 +1,157 @@
From fab6710e4c51f4eb622f95a08322ab5fdbe3f295 Mon Sep 17 00:00:00 2001
From: Sergio Paracuellos <sergio.paracuellos@gmail.com>
Date: Mon, 13 Apr 2020 07:59:42 +0200
Subject: [PATCH] staging: mt7621-pci: fix PCIe interrupt mapping
MT7621 has three assigned interrupts for the pcie. This
interrupts should properly being mapped taking into account
which devices are finally connected in which bus according
to link status. So the irq mappings should be as follows
according to link status (three bits indicating which devices
are link up):
* For PCIe Bus 1 slot 0:
- status = 0x2 || status = 0x6 => IRQ = pcie1_irq (24).
- status = 0x4 => IRQ = pcie2_irq (25).
- default => IRQ = pcie0_irq (23).
* For PCIe Bus 2 slot 0:
- status = 0x5 || status = 0x6 => IRQ = pcie2_irq (25).
- default => IRQ = pcie1_irq (24).
* For PCIe Bus 2 slot 1:
- status = 0x5 || status = 0x6 => IRQ = pcie2_irq (25).
- default => IRQ = pcie1_irq (24).
* For PCIe Bus 3 any slot:
- default => IRQ = pcie2_irq (25).
Because of this, the function 'of_irq_parse_and_map_pci' cannot
be used and we need to change device tree information from using
the 'interrupt-map' and 'interrupt-map-mask' properties into an
'interrupts' property to be able to get irq information from the
ports using the 'platform_get_irq' and storing an 'irq-map' into
the pcie driver data node to properly map correct irq using a
new 'mt7621_map_irq' function where this map will be read and the
correct irq returned.
Fixes: 46d093124df4 ("staging: mt7621-pci: improve interrupt mapping")
Signed-off-by: Sergio Paracuellos <sergio.paracuellos@gmail.com>
Link: https://lore.kernel.org/r/20200413055942.2714-1-sergio.paracuellos@gmail.com
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
drivers/staging/mt7621-dts/mt7621.dtsi | 9 +++----
drivers/staging/mt7621-pci/pci-mt7621.c | 36 +++++++++++++++++++++++--
2 files changed, 38 insertions(+), 7 deletions(-)
--- a/drivers/staging/mt7621-pci/pci-mt7621.c
+++ b/drivers/staging/mt7621-pci/pci-mt7621.c
@@ -97,6 +97,7 @@
* @pcie_rst: pointer to port reset control
* @gpio_rst: gpio reset
* @slot: port slot
+ * @irq: GIC irq
* @enabled: indicates if port is enabled
*/
struct mt7621_pcie_port {
@@ -107,6 +108,7 @@ struct mt7621_pcie_port {
struct reset_control *pcie_rst;
struct gpio_desc *gpio_rst;
u32 slot;
+ int irq;
bool enabled;
};
@@ -120,6 +122,7 @@ struct mt7621_pcie_port {
* @dev: Pointer to PCIe device
* @io_map_base: virtual memory base address for io
* @ports: pointer to PCIe port information
+ * @irq_map: irq mapping info according pcie link status
* @resets_inverted: depends on chip revision
* reset lines are inverted.
*/
@@ -135,6 +138,7 @@ struct mt7621_pcie {
} offset;
unsigned long io_map_base;
struct list_head ports;
+ int irq_map[PCIE_P2P_MAX];
bool resets_inverted;
};
@@ -279,6 +283,16 @@ static void setup_cm_memory_region(struc
}
}
+static int mt7621_map_irq(const struct pci_dev *pdev, u8 slot, u8 pin)
+{
+ struct mt7621_pcie *pcie = pdev->bus->sysdata;
+ struct device *dev = pcie->dev;
+ int irq = pcie->irq_map[slot];
+
+ dev_info(dev, "bus=%d slot=%d irq=%d\n", pdev->bus->number, slot, irq);
+ return irq;
+}
+
static int mt7621_pci_parse_request_of_pci_ranges(struct mt7621_pcie *pcie)
{
struct device *dev = pcie->dev;
@@ -330,6 +344,7 @@ static int mt7621_pcie_parse_port(struct
{
struct mt7621_pcie_port *port;
struct device *dev = pcie->dev;
+ struct platform_device *pdev = to_platform_device(dev);
struct device_node *pnode = dev->of_node;
struct resource regs;
char name[10];
@@ -371,6 +386,12 @@ static int mt7621_pcie_parse_port(struct
port->slot = slot;
port->pcie = pcie;
+ port->irq = platform_get_irq(pdev, slot);
+ if (port->irq < 0) {
+ dev_err(dev, "Failed to get IRQ for PCIe%d\n", slot);
+ return -ENXIO;
+ }
+
INIT_LIST_HEAD(&port->list);
list_add_tail(&port->list, &pcie->ports);
@@ -585,13 +606,15 @@ static int mt7621_pcie_init_virtual_brid
{
u32 pcie_link_status = 0;
u32 n;
- int i;
+ int i = 0;
u32 p2p_br_devnum[PCIE_P2P_MAX];
+ int irqs[PCIE_P2P_MAX];
struct mt7621_pcie_port *port;
list_for_each_entry(port, &pcie->ports, list) {
u32 slot = port->slot;
+ irqs[i++] = port->irq;
if (port->enabled)
pcie_link_status |= BIT(slot);
}
@@ -614,6 +637,15 @@ static int mt7621_pcie_init_virtual_brid
(p2p_br_devnum[1] << PCIE_P2P_BR_DEVNUM1_SHIFT) |
(p2p_br_devnum[2] << PCIE_P2P_BR_DEVNUM2_SHIFT));
+ /* Assign IRQs */
+ n = 0;
+ for (i = 0; i < PCIE_P2P_MAX; i++)
+ if (pcie_link_status & BIT(i))
+ pcie->irq_map[n++] = irqs[i];
+
+ for (i = n; i < PCIE_P2P_MAX; i++)
+ pcie->irq_map[i] = -1;
+
return 0;
}
@@ -638,7 +670,7 @@ static int mt7621_pcie_register_host(str
host->busnr = pcie->busn.start;
host->dev.parent = pcie->dev;
host->ops = &mt7621_pci_ops;
- host->map_irq = of_irq_parse_and_map_pci;
+ host->map_irq = mt7621_map_irq;
host->swizzle_irq = pci_common_swizzle;
host->sysdata = pcie;

View File

@ -7,12 +7,12 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=glibc PKG_NAME:=glibc
PKG_VERSION:=2.27 PKG_VERSION:=2.31
PKG_SOURCE_PROTO:=git PKG_SOURCE_PROTO:=git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION) PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=bef0b1cb31bed76a355776154af9191ed1758222 PKG_SOURCE_VERSION:=54ba2541b3a76441a9cbe5dd14c963bf874fd5e9
PKG_MIRROR_HASH:=24a137758acdc0d8c5254891204ba38d759838123bab09a64ec0bdb94289aafd PKG_MIRROR_HASH:=333bff38151f333e93a239aa91e0de28a1e7d24863aafe569caf05b9bdb01461
PKG_SOURCE_URL:=https://sourceware.org/git/glibc.git PKG_SOURCE_URL:=https://sourceware.org/git/glibc.git
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION)-$(PKG_SOURCE_VERSION).tar.xz
@ -60,7 +60,8 @@ GLIBC_CONFIGURE:= \
--without-gd \ --without-gd \
--without-cvs \ --without-cvs \
--enable-add-ons \ --enable-add-ons \
--$(if $(CONFIG_SOFT_FLOAT),without,with)-fp --$(if $(CONFIG_SOFT_FLOAT),without,with)-fp \
--enable-kernel=4.14.0
export libc_cv_ssp=no export libc_cv_ssp=no
export libc_cv_ssp_strong=no export libc_cv_ssp_strong=no

View File

@ -1,26 +0,0 @@
commit 583dd860d5b833037175247230a328f0050dbfe9
Author: Paul Eggert <eggert@cs.ucla.edu>
Date: Mon Jan 21 11:08:13 2019 -0800
regex: fix read overrun [BZ #24114]
Problem found by AddressSanitizer, reported by Hongxu Chen in:
https://debbugs.gnu.org/34140
* posix/regexec.c (proceed_next_node):
Do not read past end of input buffer.
--- a/posix/regexec.c
+++ b/posix/regexec.c
@@ -1293,8 +1293,10 @@ proceed_next_node (const re_match_context_t *mctx, Idx nregs, regmatch_t *regs,
else if (naccepted)
{
char *buf = (char *) re_string_get_buffer (&mctx->input);
- if (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx,
- naccepted) != 0)
+ if (mctx->input.valid_len - *pidx < naccepted
+ || (memcmp (buf + regs[subexp_idx].rm_so, buf + *pidx,
+ naccepted)
+ != 0))
return -1;
}
}

View File

@ -0,0 +1,686 @@
From cfc93329e00cd23c226f34b3ffd5552a93c35bd7 Mon Sep 17 00:00:00 2001
From: Hauke Mehrtens <hauke@hauke-m.de>
Date: Mon, 23 Mar 2020 22:33:46 +0100
Subject: Revert "Disallow use of DES encryption functions in new programs."
This reverts commit b10a0accee709a5efff2fadf0b0bbb79ff0ad759.
ppp still uses the encrypt functions from the libc. musl libc also
provides them.
---
conform/data/stdlib.h-data | 3 +
conform/data/unistd.h-data | 6 ++
crypt/cert.c | 26 -----
crypt/crypt-entry.c | 15 ++-
crypt/crypt.h | 16 +++
crypt/crypt_util.c | 9 --
manual/conf.texi | 2 -
manual/crypt.texi | 201 +++++++++++++++++++++++++++++++++++++
manual/string.texi | 82 +++++++--------
posix/unistd.h | 22 ++--
stdlib/stdlib.h | 6 ++
sunrpc/Makefile | 2 +-
sunrpc/des_crypt.c | 7 +-
sunrpc/des_soft.c | 2 +-
14 files changed, 303 insertions(+), 96 deletions(-)
--- a/conform/data/stdlib.h-data
+++ b/conform/data/stdlib.h-data
@@ -149,6 +149,9 @@ function {unsigned short int*} seed48 (u
#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined XPG4 && !defined XPG42 && !defined UNIX98
function int setenv (const char*, const char*, int)
#endif
+#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined POSIX && !defined POSIX2008
+function void setkey (const char*)
+#endif
#if !defined ISO && !defined ISO99 && !defined ISO11 && !defined XPG4 && !defined POSIX && !defined POSIX2008
function {char*} setstate (char*)
#endif
--- a/conform/data/unistd.h-data
+++ b/conform/data/unistd.h-data
@@ -437,6 +437,9 @@ function int chroot (const char*)
function int chown (const char*, uid_t, gid_t)
function int close (int)
function size_t confstr (int, char*, size_t)
+#if !defined POSIX && !defined POSIX2008
+function {char*} crypt (const char*, const char*)
+#endif
#if defined XPG4 || defined XPG42 || defined UNIX98
function {char*} ctermid (char*)
function {char*} cuserid (char*)
@@ -446,6 +449,9 @@ allow cuserid
#endif
function int dup (int)
function int dup2 (int, int)
+#if !defined POSIX && !defined POSIX2008
+function void encrypt (char[64], int)
+#endif
function int execl (const char*, const char*, ...)
function int execle (const char*, const char*, ...)
function int execlp (const char*, const char*, ...)
--- a/crypt/cert.c
+++ b/crypt/cert.c
@@ -10,22 +10,6 @@
#include <stdlib.h>
#include "crypt.h"
-/* This file tests the deprecated setkey/encrypt interface. */
-#include <shlib-compat.h>
-#if TEST_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
-
-#define libcrypt_version_reference(symbol, version) \
- _libcrypt_version_reference (symbol, VERSION_libcrypt_##version)
-#define _libcrypt_version_reference(symbol, version) \
- __libcrypt_version_reference (symbol, version)
-#define __libcrypt_version_reference(symbol, version) \
- __asm__ (".symver " #symbol ", " #symbol "@" #version)
-
-extern void setkey (const char *);
-extern void encrypt (const char *, int);
-libcrypt_version_reference (setkey, GLIBC_2_0);
-libcrypt_version_reference (encrypt, GLIBC_2_0);
-
int totfails = 0;
int main (int argc, char *argv[]);
@@ -120,13 +104,3 @@ put8 (char *cp)
printf("%02x", t);
}
}
-
-#else /* encrypt and setkey are not available. */
-
-int
-main (void)
-{
- return 77; /* UNSUPPORTED */
-}
-
-#endif
--- a/crypt/crypt-entry.c
+++ b/crypt/crypt-entry.c
@@ -35,7 +35,6 @@
#endif
#include "crypt-private.h"
-#include <shlib-compat.h>
/* Prototypes for local functions. */
#ifndef __GNU_LIBRARY__
@@ -177,7 +176,17 @@ crypt (const char *key, const char *salt
return __crypt_r (key, salt, &_ufc_foobar);
}
-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
+
+/*
+ * To make fcrypt users happy.
+ * They don't need to call init_des.
+ */
+#ifdef _LIBC
weak_alias (crypt, fcrypt)
-compat_symbol (libcrypt, fcrypt, fcrypt, GLIBC_2_0);
+#else
+char *
+__fcrypt (const char *key, const char *salt)
+{
+ return crypt (key, salt);
+}
#endif
--- a/crypt/crypt.h
+++ b/crypt/crypt.h
@@ -36,6 +36,14 @@ __BEGIN_DECLS
extern char *crypt (const char *__phrase, const char *__salt)
__THROW __nonnull ((1, 2));
+/* Setup DES tables according KEY. */
+extern void setkey (const char *__key) __THROW __nonnull ((1));
+
+/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
+ block in place. */
+extern void encrypt (char *__glibc_block, int __edflag)
+ __THROW __nonnull ((1));
+
#ifdef __USE_GNU
/* This structure provides scratch and output buffers for 'crypt_r'.
@@ -63,6 +71,14 @@ struct crypt_data
extern char *crypt_r (const char *__phrase, const char *__salt,
struct crypt_data * __restrict __data)
__THROW __nonnull ((1, 2, 3));
+
+extern void setkey_r (const char *__key,
+ struct crypt_data * __restrict __data)
+ __THROW __nonnull ((1, 2));
+
+extern void encrypt_r (char *__glibc_block, int __edflag,
+ struct crypt_data * __restrict __data)
+ __THROW __nonnull ((1, 3));
#endif
__END_DECLS
--- a/crypt/crypt_util.c
+++ b/crypt/crypt_util.c
@@ -34,7 +34,6 @@
#endif
#include "crypt-private.h"
-#include <shlib-compat.h>
/* Prototypes for local functions. */
#ifndef __GNU_LIBRARY__
@@ -151,7 +150,6 @@ static const int sbox[8][4][16]= {
}
};
-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
/*
* This is the initial
* permutation matrix
@@ -162,7 +160,6 @@ static const int initial_perm[64] = {
57, 49, 41, 33, 25, 17, 9, 1, 59, 51, 43, 35, 27, 19, 11, 3,
61, 53, 45, 37, 29, 21, 13, 5, 63, 55, 47, 39, 31, 23, 15, 7
};
-#endif
/*
* This is the final
@@ -788,7 +785,6 @@ _ufc_output_conversion_r (ufc_long v1, u
__data->crypt_3_buf[13] = 0;
}
-#if SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28)
/*
* UNIX encrypt function. Takes a bitvector
@@ -889,14 +885,12 @@ __encrypt_r (char *__block, int __edflag
}
}
weak_alias (__encrypt_r, encrypt_r)
-compat_symbol (libcrypt, encrypt_r, encrypt_r, GLIBC_2_0);
void
encrypt (char *__block, int __edflag)
{
__encrypt_r(__block, __edflag, &_ufc_foobar);
}
-compat_symbol (libcrypt, encrypt, encrypt, GLIBC_2_0);
/*
@@ -921,15 +915,12 @@ __setkey_r (const char *__key, struct cr
_ufc_mk_keytab_r((char *) ktab, __data);
}
weak_alias (__setkey_r, setkey_r)
-compat_symbol (libcrypt, setkey_r, setkey_r, GLIBC_2_0);
void
setkey (const char *__key)
{
__setkey_r(__key, &_ufc_foobar);
}
-compat_symbol (libcrypt, setkey, setkey, GLIBC_2_0);
-#endif /* SHLIB_COMPAT (libcrypt, GLIBC_2_0, GLIBC_2_28) */
void
__b64_from_24bit (char **cp, int *buflen,
--- a/manual/conf.texi
+++ b/manual/conf.texi
@@ -780,8 +780,6 @@ Inquire about the parameter correspondin
@item _SC_XOPEN_CRYPT
@standards{X/Open, unistd.h}
Inquire about the parameter corresponding to @code{_XOPEN_CRYPT}.
-@Theglibc no longer implements the @code{_XOPEN_CRYPT} extensions,
-so @samp{sysconf (_SC_XOPEN_CRYPT)} always returns @code{-1}.
@item _SC_XOPEN_ENH_I18N
@standards{X/Open, unistd.h}
--- a/manual/crypt.texi
+++ b/manual/crypt.texi
@@ -16,8 +16,19 @@ subject to them, even if you do not use
yourself. The restrictions vary from place to place and are changed
often, so we cannot give any more specific advice than this warning.
+@vindex AUTH_DES
+@cindex FIPS 140-2
+It also provides support for Secure RPC, and some library functions that
+can be used to perform normal DES encryption. The @code{AUTH_DES}
+authentication flavor in Secure RPC, as provided by @theglibc{},
+uses DES and does not comply with FIPS 140-2 nor does any other use of DES
+within @theglibc{}. It is recommended that Secure RPC should not be used
+for systems that need to comply with FIPS 140-2 since all flavors of
+encrypted authentication use normal DES.
+
@menu
* Passphrase Storage:: One-way hashing for passphrases.
+* DES Encryption:: Routines for DES encryption.
* Unpredictable Bytes:: Randomness for cryptographic purposes.
@end menu
@@ -200,6 +211,196 @@ hashes for the same passphrase.
@include testpass.c.texi
@end smallexample
+@node DES Encryption
+@section DES Encryption
+
+@cindex FIPS 46-3
+The Data Encryption Standard is described in the US Government Federal
+Information Processing Standards (FIPS) 46-3 published by the National
+Institute of Standards and Technology. The DES has been very thoroughly
+analyzed since it was developed in the late 1970s, and no new
+significant flaws have been found.
+
+However, the DES uses only a 56-bit key (plus 8 parity bits), and a
+machine has been built in 1998 which can search through all possible
+keys in about 6 days, which cost about US$200000; faster searches would
+be possible with more money. This makes simple DES insecure for most
+purposes, and NIST no longer permits new US government systems
+to use simple DES.
+
+For serious encryption functionality, it is recommended that one of the
+many free encryption libraries be used instead of these routines.
+
+The DES is a reversible operation which takes a 64-bit block and a
+64-bit key, and produces another 64-bit block. Usually the bits are
+numbered so that the most-significant bit, the first bit, of each block
+is numbered 1.
+
+Under that numbering, every 8th bit of the key (the 8th, 16th, and so
+on) is not used by the encryption algorithm itself. But the key must
+have odd parity; that is, out of bits 1 through 8, and 9 through 16, and
+so on, there must be an odd number of `1' bits, and this completely
+specifies the unused bits.
+
+@deftypefun void setkey (const char *@var{key})
+@standards{BSD, crypt.h}
+@standards{SVID, crypt.h}
+@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
+@c The static buffer stores the key, making it fundamentally
+@c thread-unsafe. The locking issues are only in the initialization
+@c path; cancelling the initialization will leave the lock held, it
+@c would otherwise repeat the initialization on the next call.
+
+The @code{setkey} function sets an internal data structure to be an
+expanded form of @var{key}. @var{key} is specified as an array of 64
+bits each stored in a @code{char}, the first bit is @code{key[0]} and
+the 64th bit is @code{key[63]}. The @var{key} should have the correct
+parity.
+@end deftypefun
+
+@deftypefun void encrypt (char *@var{block}, int @var{edflag})
+@standards{BSD, crypt.h}
+@standards{SVID, crypt.h}
+@safety{@prelim{}@mtunsafe{@mtasurace{:crypt}}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
+@c Same issues as setkey.
+
+The @code{encrypt} function encrypts @var{block} if
+@var{edflag} is 0, otherwise it decrypts @var{block}, using a key
+previously set by @code{setkey}. The result is
+placed in @var{block}.
+
+Like @code{setkey}, @var{block} is specified as an array of 64 bits each
+stored in a @code{char}, but there are no parity bits in @var{block}.
+@end deftypefun
+
+@deftypefun void setkey_r (const char *@var{key}, {struct crypt_data *} @var{data})
+@deftypefunx void encrypt_r (char *@var{block}, int @var{edflag}, {struct crypt_data *} @var{data})
+@standards{GNU, crypt.h}
+@c setkey_r: @safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
+@safety{@prelim{}@mtsafe{}@asunsafe{@asucorrupt{} @asulock{}}@acunsafe{@aculock{}}}
+
+These are reentrant versions of @code{setkey} and @code{encrypt}. The
+only difference is the extra parameter, which stores the expanded
+version of @var{key}. Before calling @code{setkey_r} the first time,
+@code{data->initialized} must be cleared to zero.
+@end deftypefun
+
+The @code{setkey_r} and @code{encrypt_r} functions are GNU extensions.
+@code{setkey}, @code{encrypt}, @code{setkey_r}, and @code{encrypt_r} are
+defined in @file{crypt.h}.
+
+@deftypefun int ecb_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode})
+@standards{SUNRPC, rpc/des_crypt.h}
+@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
+
+The function @code{ecb_crypt} encrypts or decrypts one or more blocks
+using DES. Each block is encrypted independently.
+
+The @var{blocks} and the @var{key} are stored packed in 8-bit bytes, so
+that the first bit of the key is the most-significant bit of
+@code{key[0]} and the 63rd bit of the key is stored as the
+least-significant bit of @code{key[7]}. The @var{key} should have the
+correct parity.
+
+@var{len} is the number of bytes in @var{blocks}. It should be a
+multiple of 8 (so that there are a whole number of blocks to encrypt).
+@var{len} is limited to a maximum of @code{DES_MAXDATA} bytes.
+
+The result of the encryption replaces the input in @var{blocks}.
+
+The @var{mode} parameter is the bitwise OR of two of the following:
+
+@vtable @code
+@item DES_ENCRYPT
+@standards{SUNRPC, rpc/des_crypt.h}
+This constant, used in the @var{mode} parameter, specifies that
+@var{blocks} is to be encrypted.
+
+@item DES_DECRYPT
+@standards{SUNRPC, rpc/des_crypt.h}
+This constant, used in the @var{mode} parameter, specifies that
+@var{blocks} is to be decrypted.
+
+@item DES_HW
+@standards{SUNRPC, rpc/des_crypt.h}
+This constant, used in the @var{mode} parameter, asks to use a hardware
+device. If no hardware device is available, encryption happens anyway,
+but in software.
+
+@item DES_SW
+@standards{SUNRPC, rpc/des_crypt.h}
+This constant, used in the @var{mode} parameter, specifies that no
+hardware device is to be used.
+@end vtable
+
+The result of the function will be one of these values:
+
+@vtable @code
+@item DESERR_NONE
+@standards{SUNRPC, rpc/des_crypt.h}
+The encryption succeeded.
+
+@item DESERR_NOHWDEVICE
+@standards{SUNRPC, rpc/des_crypt.h}
+The encryption succeeded, but there was no hardware device available.
+
+@item DESERR_HWERROR
+@standards{SUNRPC, rpc/des_crypt.h}
+The encryption failed because of a hardware problem.
+
+@item DESERR_BADPARAM
+@standards{SUNRPC, rpc/des_crypt.h}
+The encryption failed because of a bad parameter, for instance @var{len}
+is not a multiple of 8 or @var{len} is larger than @code{DES_MAXDATA}.
+@end vtable
+@end deftypefun
+
+@deftypefun int DES_FAILED (int @var{err})
+@standards{SUNRPC, rpc/des_crypt.h}
+@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
+This macro returns 1 if @var{err} is a `success' result code from
+@code{ecb_crypt} or @code{cbc_crypt}, and 0 otherwise.
+@end deftypefun
+
+@deftypefun int cbc_crypt (char *@var{key}, char *@var{blocks}, unsigned int @var{len}, unsigned int @var{mode}, char *@var{ivec})
+@standards{SUNRPC, rpc/des_crypt.h}
+@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
+
+The function @code{cbc_crypt} encrypts or decrypts one or more blocks
+using DES in Cipher Block Chaining mode.
+
+For encryption in CBC mode, each block is exclusive-ored with @var{ivec}
+before being encrypted, then @var{ivec} is replaced with the result of
+the encryption, then the next block is processed. Decryption is the
+reverse of this process.
+
+This has the advantage that blocks which are the same before being
+encrypted are very unlikely to be the same after being encrypted, making
+it much harder to detect patterns in the data.
+
+Usually, @var{ivec} is set to 8 random bytes before encryption starts.
+Then the 8 random bytes are transmitted along with the encrypted data
+(without themselves being encrypted), and passed back in as @var{ivec}
+for decryption. Another possibility is to set @var{ivec} to 8 zeroes
+initially, and have the first block encrypted consist of 8 random
+bytes.
+
+Otherwise, all the parameters are similar to those for @code{ecb_crypt}.
+@end deftypefun
+
+@deftypefun void des_setparity (char *@var{key})
+@standards{SUNRPC, rpc/des_crypt.h}
+@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
+
+The function @code{des_setparity} changes the 64-bit @var{key}, stored
+packed in 8-bit bytes, to have odd parity by altering the low bits of
+each byte.
+@end deftypefun
+
+The @code{ecb_crypt}, @code{cbc_crypt}, and @code{des_setparity}
+functions and their accompanying macros are all defined in the header
+@file{rpc/des_crypt.h}.
+
@node Unpredictable Bytes
@section Generating Unpredictable Bytes
@cindex randomness source
--- a/manual/string.texi
+++ b/manual/string.texi
@@ -36,8 +36,8 @@ too.
for delimiters.
* Erasing Sensitive Data:: Clearing memory which contains sensitive
data, after it's no longer needed.
-* Shuffling Bytes:: Or how to flash-cook a string.
-* Obfuscating Data:: Reversibly obscuring data from casual view.
+* strfry:: Function for flash-cooking a string.
+* Trivial Encryption:: Obscuring data.
* Encode Binary Data:: Encoding and Decoding of Binary Data.
* Argz and Envz Vectors:: Null-separated string vectors.
@end menu
@@ -2426,73 +2426,73 @@ functionality under a different name, su
systems it may be in @file{strings.h} instead.
@end deftypefun
-
-@node Shuffling Bytes
-@section Shuffling Bytes
+@node strfry
+@section strfry
The function below addresses the perennial programming quandary: ``How do
I take good data in string form and painlessly turn it into garbage?''
-This is not a difficult thing to code for oneself, but the authors of
-@theglibc{} wish to make it as convenient as possible.
+This is actually a fairly simple task for C programmers who do not use
+@theglibc{} string functions, but for programs based on @theglibc{},
+the @code{strfry} function is the preferred method for
+destroying string data.
-To @emph{erase} data, use @code{explicit_bzero} (@pxref{Erasing
-Sensitive Data}); to obfuscate it reversibly, use @code{memfrob}
-(@pxref{Obfuscating Data}).
+The prototype for this function is in @file{string.h}.
@deftypefun {char *} strfry (char *@var{string})
@standards{GNU, string.h}
@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
@c Calls initstate_r, time, getpid, strlen, and random_r.
-@code{strfry} performs an in-place shuffle on @var{string}. Each
-character is swapped to a position selected at random, within the
-portion of the string starting with the character's original position.
-(This is the Fisher-Yates algorithm for unbiased shuffling.)
-
-Calling @code{strfry} will not disturb any of the random number
-generators that have global state (@pxref{Pseudo-Random Numbers}).
+@code{strfry} creates a pseudorandom anagram of a string, replacing the
+input with the anagram in place. For each position in the string,
+@code{strfry} swaps it with a position in the string selected at random
+(from a uniform distribution). The two positions may be the same.
The return value of @code{strfry} is always @var{string}.
@strong{Portability Note:} This function is unique to @theglibc{}.
-It is declared in @file{string.h}.
+
@end deftypefun
-@node Obfuscating Data
-@section Obfuscating Data
+@node Trivial Encryption
+@section Trivial Encryption
+@cindex encryption
+
+
+The @code{memfrob} function converts an array of data to something
+unrecognizable and back again. It is not encryption in its usual sense
+since it is easy for someone to convert the encrypted data back to clear
+text. The transformation is analogous to Usenet's ``Rot13'' encryption
+method for obscuring offensive jokes from sensitive eyes and such.
+Unlike Rot13, @code{memfrob} works on arbitrary binary data, not just
+text.
@cindex Rot13
-The @code{memfrob} function reversibly obfuscates an array of binary
-data. This is not true encryption; the obfuscated data still bears a
-clear relationship to the original, and no secret key is required to
-undo the obfuscation. It is analogous to the ``Rot13'' cipher used on
-Usenet for obscuring offensive jokes, spoilers for works of fiction,
-and so on, but it can be applied to arbitrary binary data.
-
-Programs that need true encryption---a transformation that completely
-obscures the original and cannot be reversed without knowledge of a
-secret key---should use a dedicated cryptography library, such as
-@uref{https://www.gnu.org/software/libgcrypt/,,libgcrypt}.
-
-Programs that need to @emph{destroy} data should use
-@code{explicit_bzero} (@pxref{Erasing Sensitive Data}), or possibly
-@code{strfry} (@pxref{Shuffling Bytes}).
+For true encryption, @xref{Cryptographic Functions}.
+
+This function is declared in @file{string.h}.
+@pindex string.h
@deftypefun {void *} memfrob (void *@var{mem}, size_t @var{length})
@standards{GNU, string.h}
@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}}
-The function @code{memfrob} obfuscates @var{length} bytes of data
-beginning at @var{mem}, in place. Each byte is bitwise xor-ed with
-the binary pattern 00101010 (hexadecimal 0x2A). The return value is
-always @var{mem}.
-
-@code{memfrob} a second time on the same data returns it to
-its original state.
+@code{memfrob} transforms (frobnicates) each byte of the data structure
+at @var{mem}, which is @var{length} bytes long, by bitwise exclusive
+oring it with binary 00101010. It does the transformation in place and
+its return value is always @var{mem}.
+
+Note that @code{memfrob} a second time on the same data structure
+returns it to its original state.
+
+This is a good function for hiding information from someone who doesn't
+want to see it or doesn't want to see it very much. To really prevent
+people from retrieving the information, use stronger encryption such as
+that described in @xref{Cryptographic Functions}.
@strong{Portability Note:} This function is unique to @theglibc{}.
-It is declared in @file{string.h}.
+
@end deftypefun
@node Encode Binary Data
--- a/posix/unistd.h
+++ b/posix/unistd.h
@@ -107,6 +107,9 @@ __BEGIN_DECLS
/* The X/Open Unix extensions are available. */
#define _XOPEN_UNIX 1
+/* Encryption is present. */
+#define _XOPEN_CRYPT 1
+
/* The enhanced internationalization capabilities according to XPG4.2
are present. */
#define _XOPEN_ENH_I18N 1
@@ -1115,17 +1118,20 @@ ssize_t copy_file_range (int __infd, __o
extern int fdatasync (int __fildes);
#endif /* Use POSIX199309 */
-#ifdef __USE_MISC
-/* One-way hash PHRASE, returning a string suitable for storage in the
- user database. SALT selects the one-way function to use, and
- ensures that no two users' hashes are the same, even if they use
- the same passphrase. The return value points to static storage
- which will be overwritten by the next call to crypt. */
+
+/* XPG4.2 specifies that prototypes for the encryption functions must
+ be defined here. */
+#ifdef __USE_XOPEN
+/* Encrypt at most 8 characters from KEY using salt to perturb DES. */
extern char *crypt (const char *__key, const char *__salt)
__THROW __nonnull ((1, 2));
-#endif
-#ifdef __USE_XOPEN
+/* Encrypt data in BLOCK in place if EDFLAG is zero; otherwise decrypt
+ block in place. */
+extern void encrypt (char *__glibc_block, int __edflag)
+ __THROW __nonnull ((1));
+
+
/* Swab pairs bytes in the first N bytes of the area pointed to by
FROM and copy the result to TO. The value of TO must not be in the
range [FROM - N + 1, FROM - 1]. If N is odd the first byte in FROM
--- a/stdlib/stdlib.h
+++ b/stdlib/stdlib.h
@@ -961,6 +961,12 @@ extern int getsubopt (char **__restrict
#endif
+#ifdef __USE_XOPEN
+/* Setup DES tables according KEY. */
+extern void setkey (const char *__key) __THROW __nonnull ((1));
+#endif
+
+
/* X/Open pseudo terminal handling. */
#ifdef __USE_XOPEN2KXSI
--- a/sunrpc/Makefile
+++ b/sunrpc/Makefile
@@ -51,7 +51,7 @@ rpcsvc = bootparam_prot.x nlm_prot.x rst
headers-sunrpc = $(addprefix rpc/,auth.h auth_unix.h clnt.h pmap_clnt.h \
pmap_prot.h pmap_rmt.h rpc.h rpc_msg.h \
svc.h svc_auth.h types.h xdr.h auth_des.h \
- key_prot.h) \
+ des_crypt.h key_prot.h rpc_des.h) \
$(rpcsvc:%=rpcsvc/%) rpcsvc/bootparam.h
headers = rpc/netdb.h
install-others = $(inst_sysconfdir)/rpc
--- a/sunrpc/des_crypt.c
+++ b/sunrpc/des_crypt.c
@@ -86,9 +86,6 @@ common_crypt (char *key, char *buf, regi
return desdev == DES_SW ? DESERR_NONE : DESERR_NOHWDEVICE;
}
-/* Note: these cannot be excluded from the build yet, because they are
- still used internally. */
-
/*
* CBC mode encryption
*/
@@ -105,7 +102,7 @@ cbc_crypt (char *key, char *buf, unsigne
COPY8 (dp.des_ivec, ivec);
return err;
}
-hidden_nolink (cbc_crypt, libc, GLIBC_2_1)
+libc_hidden_nolink_sunrpc (cbc_crypt, GLIBC_2_1)
/*
* ECB mode encryption
@@ -118,4 +115,4 @@ ecb_crypt (char *key, char *buf, unsigne
dp.des_mode = ECB;
return common_crypt (key, buf, len, mode, &dp);
}
-hidden_nolink (ecb_crypt, libc, GLIBC_2_1)
+libc_hidden_nolink_sunrpc (ecb_crypt, GLIBC_2_1)
--- a/sunrpc/des_soft.c
+++ b/sunrpc/des_soft.c
@@ -71,4 +71,4 @@ des_setparity (char *p)
p++;
}
}
-hidden_nolink (des_setparity, libc, GLIBC_2_1)
+libc_hidden_nolink_sunrpc (des_setparity, GLIBC_2_1)

View File

@ -2,7 +2,7 @@ add /usr/lib to default search path for the dynamic linker
--- a/Makeconfig --- a/Makeconfig
+++ b/Makeconfig +++ b/Makeconfig
@@ -589,6 +589,9 @@ else @@ -601,6 +601,9 @@ else
default-rpath = $(libdir) default-rpath = $(libdir)
endif endif