This removes support for executing old 32 bit applications on 64 bit ARM
and MIPS kernels.
On OpenWrt we normally compile all the user space applications on our
own and do not support third party binary only modules especial not 32
bit applications on 64 bit CPUs.
This reduces the attack surface on such systems and should also save
some memory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates "Emulate Privileged Access Never using TTBR0_EL1
switching" on ARM64.
This should prevent the kernel from reading code from user space in
kernel context.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Refreshed all patches.
Altered patches:
- 666-Add-support-for-MAP-E-FMRs-mesh-mode.patch
New symbol for arm targets:
- HARDEN_BRANCH_PREDICTOR
Compile-tested on: ar71xx, cns3xxx, imx6
Runtime-tested on: ar71xx, cns3xxx, imx6
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
Add out of the box support for 802.11r and 802.11w to all targets not
suffering from small flash.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Mathias did all the heavy lifting on this, but I'm the one who should
get shouted at for committing.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Compaction is the only memory management component to form high order (larger
physically contiguous) memory blocks reliably. The page allocator relies on
compaction heavily and the lack of the feature can lead to unexpected OOM
killer invocations for high order memory requests. You shouldn't disable this
option unless there really is a strong reason for it.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
Commit 7af1fb9faa ("kernel: add a RPS balancer") introduces a RPS balancer
for all targets.
In the past however, this patch was already introduced for target "mediatek"
in commit 7762c07c88 ("mediatek: bump to v4.14")
Remove the separate copy of the patch within the mediatek target,
which otherwise is applied twice and results in a build error.
Fixes: 7af1fb9faa ("kernel: add a RPS balancer")
Signed-off-by: Koen Vandeputte <koen.vandeputte@ncentric.com>
The following patches were integrated upstream:
* target/linux/ipq40xx/patches-4.14/050-0006-mtd-nand-qcom-Add-a-NULL-check-for-devm_kasprintf.patch
* target/linux/mediatek/patches-4.14/0177-phy-phy-mtk-tphy-use-auto-instead-of-force-to-bypass.patch
This fixes tries to work around the following security problems:
* CVE-2018-3620 L1 Terminal Fault OS, SMM related aspects
* CVE-2018-3646 L1 Terminal Fault Virtualization related aspects
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
While finalizing support for the U7623 with 512MB, I made an embarresing
error and configured 1GB RAM for the board. I also forgot to move memory
from the dtsi and to the dts. This commit takes care of my mistakes.
While I am confessing my mistakes, I also note that I made a mistake in
the commit message of the initial U7623 commit. It is the .bin-file, and
not the .gz file that shall be sent to the device via tftp.
v1->v2:
* Remove redundant memory node (thanks Jonas Gorski)
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
In 4.14.57, a new symbol for Spectre v4 mitigation was introduced for
ARM64. Add this symbol to all ARM64 targets using kernel 4.14.
This mitigates CVE-2018-3639 on ARM64.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Drop the parallel-unsafe custom Build/dtb macro and use the .dtb artifacts
produced by the generic image build code.
Also remove unused .dtb references in the mt7623 subtarget.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add a new config option to allow to select the default compile
optimization level for the kernel.
Select the optimization for size by default if the small_flash feature is
set. Otherwise "Optimize for performance" is set.
Add the small_flash feature flag to all (sub)targets which had the
optimization for size in their default kernel config.
Remove CC_OPTIMIZE_FOR_* symbols from all kernel configs to apply the new
setting.
Exceptions to the above are:
- lantiq, where the optimization for size is only required for the
xway_legacy subtarget but was set for the whole target
- mediatek, ramips/mt7620 & ramips/mt76x8 where boards should have
plenty of space and an optimization for size doesn't make much sense
- rb532, which has 128MByte flash
Signed-off-by: Mathias Kresin <dev@kresin.me>
The changed applied to BananaPi R2 in upstream commit c0b0d540db1a,
which was backported to 4.14 in 4.14.53, is also required for the U7623.
Without updating the memory node, the board refuses to boot.
Fixes: d0839e020d ("kernel: bump 4.14 to 4.14.53")
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
CONFIG_USB_MTU3 is not visible for the mediatek target by default, but
only when CONFIG_USB_GADGET is set. This will config option will be
remove with when running "make kernel_oldconfig", move this option to
the generic config to prevent this.
This fixes the build of the mt7623 subtarget of the mediatek target.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The sender domain has a DMARC Reject/Quarantine policy which disallows
sending mailing list messages using the original "From" header.
To mitigate this problem, the original message has been wrapped
automatically by the mailing list software.
Refresh patches.
Remove patch that can be reverse applied:
mvebu/patches-4.14/530-ATA-ahci_mvebu-enable-stop_engine-override.patch
mvebu/patches-4.14/531-ATA-ahci_mvebu-pmp-stop-errata-226.patch
Update patch that no longer applied:
ipq806x/patches-4.14/0035-clk-mux-Split-out-register-accessors-for-reuse.patch
Compiled-tested-for: lantiq, ramips
Run-tested-on: lantiq BT hh5a, ramips MIR3g
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Tested-by: Michael Yartys <michael.yartys@protonmail.com>
Tested-by: Rosen Penev <rosenp@gmail.com>
This commit adds support for the MT7623A-based UniElec U7623-02 router,
with eMMC storage and 512MB RAM. The router can be delivered with NAND
Flash and more memory, but I only have access to the one configuration.
The DTS is structured in such a way that adding support for
more/different storage/memory should be straight forward.
The device has the following specifications:
* MT7623A (quad-core, 1.3 GHz)
* 512MB RAM (DDR3)
* 8GB storage (eMMC 4.5)
* 2x normal miniPCIe slots
* 1x miniPCIe slot that is connected via an internal USB OTG port
* 5x 1Gbps Ethernet (MT7530 switch)
* 1x UART header
* 1x USB 3.0 port
* 1x SATA 3.0
* 1x 40P*0.5mm FPC for MIPI LCD
* 1x SIM slot
* 12x LEDs (2 GPIO controlled)
* 1x reset button
* 1x DC jack for main power (12V)
The following has been tested and is working:
* Ethernet switch
* miniPCIe slots (tested with Wi-Fi cards)
* USB 3.0 port
* sysupgrade
* reset button
Not working:
* The miniPCIe connected via USB OTG. For the port to work, some MUSB
glue must be added. I am currently in the process of porting the glue
from the vendor SDK.
Not tested:
* SATA 3.0
* MIPI LCD
Installation:
The board ships with u-boot, and the first installation needs to be done
via the bootloader using tftp. Step number one is to update the MBR of
the eMMC, as the one that ships with the device is broken. Since the
device can ship with different storage sizes, I will not provide the
exact steps for creating a valid MBR. However, I have made some
assumptions about the disk layout - there must be one 8MB recovery
partition (FAT32) and a partition for the rootfs (Linux).
The board loads the kernel from block 0xA00 (2560) and I have reserved
32MB for the kernel (65536 blocks). I have aligned the partitions on the
erase block size (4096 byte), so the recovery partition must start on
block 69632 and end on 86016 (16385 sectors). The rootfs is assumed to
start on sector 90112.
In order to install the mbr, you run the following commands from the
u-boot command line:
* tftpboot ${loadaddr} <name of mbr file>
* mmc device 0
* mmc write ${loadaddr} 0x00 1
Run the following commands to install + boot OpenWRT:
* tftpboot ${loadaddr} openwrt-mediatek-mt7623-7623a-unielec-u7623-02-emmc-512m-squashfs-sysupgrade-emmc.bin.gz
* run boot_wr_img
* run boot_rd_img
* bootm
Recovery:
In order to recover the router, you need to follow the installation
steps above (no need to replace MBR).
Notes:
* F2FS is used as the overlay filesystem.
* The device does not ship with any valid MAC address, so a random
address has to be generated. As a work-around, I write the initial
random MAC to a file on the recovery partition. The MAC of the WAN
interface is set to the MAC-address contained in this file on each boot,
and the address of the LAN-interfaces are WAN + 1. The MAC file is kept
across sysupgrade/firstboot.
My approach is slightly different than what the stock image does. The
first fives bytes of the MAC addresses in the stock image are static,
and then the last byte is random. I believe it is better to create fully
random MAC addresses.
* In order to support the miniPCIe-slots, I needed to add missing
pcie-nodes to mt7623.dtsi. The nodes are just c&p from the upstream
dtsi.
* One of the USB3.0 phys (u3phy2) on the board can be used as either USB
or PCI, and one of the wifi-cards is connected to this phy. In order to
support switching the phy from USB to PCI, I needed to patch the
phy-driver. The patch is based on a rejected (at least last time I
checked) PCI-driver submitted to the linux-mediatek mailing list.
* The eMMC is configured to boot from the user area, and according to
the data sheet of the eMMC this value can't be changed.
* I tried to structure the MBR more nicely and use for example a
FAT32-parition for the kernel, so that we don't need to write/read from
some offset. The bootloader does not support reading from
FAT32-paritions. While the command (fatload) is there, it just throws an
error when I try to use it.
* I will submit and hope to get the DTS for the device accepted
upstream. If and when that happens, I will update the patches
accordingly.
Signed-off-by: Kristian Evensen <kristian.evensen@gmail.com>
zram.ko needs CONFIG_BLK_DEV activated and it is by default for all
other targets in OpenWrt.
This makes zram.ko compile again.
Compile tested only.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Neon and vfpv4 are mandatory extensions in the ARM64 instruction set
now, do not activate them explicitly. GCC will make use of these
extension now by default.
This makes it possible to share the toolchain with other Cortex A53
SoCs.
Compile tested only.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
THIN_ARCHIVES option is enabled by default in the kernel configuration
and no one target config disables it. So enable it by default and remove
this symbol from target specific configs to keep them light.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
New FUTEX_PI configuration symbol enabled if FUTEX and RT_MUTEX symbols
are enabled. Both of these symbols are enabled by default in the
generic config, so enable FUTEX_PI by default too to keep platform
specific configs minimal.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
OVERLAY_FS config symbol selects EXPORTFS since 4.12 kernel, we have
OVERLAY_FS enabled by default, so enable EXPORTFS in the generic config
of 4.14 and remove this option from platform specific configs.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
DRM_LIB_RANDOM config symbol selected only by DRM_DEBUG_MM_SELFTEST
which is disable by default, so disable DRM_LIB_RANDOM by default too.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
These options do not used by any supported arch, so disable them by
default to make arch configs a bit more clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
Only one arch (x86_64) enables this option. So disable
ARCH_WANTS_THP_SWAP by default and remove referencies to it from all
configs (except x86_64) to make them clean.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
This reverts commit 5555545494.
The target supports both NEON and VFPv4, but for this to work properly,
a few more changes are needed:
- enable NEON support in the kernel config
- add the fpu feature flag to the makefile
Signed-off-by: Felix Fietkau <nbd@nbd.name>