Re: [LEDE-DEV] Ubnt Bullet M2 flashing ?
We've found that some of the newer AirMax hardware releasing with XW revs, do not have a downgrade process. For example the NanoStation M2 XW. The AirOX 5.5.x firmware did not offer support and the nanostation-m-xw image has no path to load. Downgrading the AirMax devices to AirOS 5.5.x is a lot of extra steps. Just in case this is not already known, It is possible to directly load, in one step, an image using 'tftp'. The AirOS UI requires signed firmware in newer versions, but tftp does not.A patch like the following is required for uboot to accept the firmware and load via tftp. Newer versions of ubnt's uboot have a restriction on naming convention (seems to reject firmware if alpha chars in some places). This works for all AirOS versions (the respective uboot version), available today, on AirMax hardware.Example, "v6.0.6.31296.170704.204" is from an AirOS image applied in chaos calmer. --- a/target/linux/ar71xx/image/Makefile +++ b/target/linux/ar71xx/image/Makefile @@ -1406,7 +1406,7 @@ define Image/Build/UBNT2 dd if=$(call sysupname,$(1),$(2)) of=$(KDIR_TMP)/$(2)-mtdpart-kernel.bin bs=1024k count=1; \ dd if=$(call sysupname,$(1),$(2)) of=$(KDIR_TMP)/$(2)-mtdpart-rootfs.bin bs=1024k skip=1; \ $(STAGING_DIR_HOST)/bin/mkfwimage \ - -B $(4) -v $(5).$(6).v6.0.0-OpenWrt-$(REVISION) \ + -B $(4) -v $(5).$(6).v6.0.6.31296.170704.204 \ -k $(KDIR_TMP)/$(2)-mtdpart-kernel.bin \ -r $(KDIR_TMP)/$(2)-mtdpart-rootfs.bin \ -o $(call factoryname,$(1),$(2)); \ Joe AE6XE > Date: Mon, 30 Apr 2018 12:24:15 -0700 > From: Etienne Champetier> To: LEDE Development List > Cc: Bill Moffitt , Joseph Marlin > > Subject: Re: [LEDE-DEV] Ubnt Bullet M2 flashing ? > Message-ID: > Content-Type: text/plain; charset="UTF-8" > Hi All, > 2018-04-19 6:19 GMT-07:00 Joseph Marlin : >> We still flash Ubiquiti Airrouters regularly, and we still have to downgrade to 5.5.10 as a >> first step. I imagine Bullet M2 would be similar. > I received last week my new Bullet M, and I confirm it is still > possible to downgrade to 5.5.10 > It was shipped with 5.6.11, but I wanted to confirm that I can > downgrade from latest AirOS version, so what I did: > 1) Upgrade to 6.1.6 > XM.v6.1.6.32290.180307.1650.bin (md5sum 96a876222ede2cac4b2e895c14160c31) > This version only accept signed image via the WebUI > 2) Downgrade to 6.0.6-beta > XM.v6.0.6-beta.30875.170526.0038.bin (md5sum 6baf82898fd70e9d394fb3b5a17d6fc3) > This version is signed but accept non signed image via the WebUI > 3) Downgrade to 5.6.15 > XM.v5.6.15.30572.170328.1107.bin (md5sum dbe0fe1c5404c19f0adf328ca8d01a7a) > .0.6-beta refuses to go back to 5.5.10 directly, so I went to 5.6.15 > (unsigned version) > 4) Downgrade to 5.5.10 > XM.v5.5.10.24241.141001.1649.bin (md5sum 288b6dd2cbf35a85582f942ae5489873) > 5) Upgrade to LEDE 17.01 \o/ using the WebUI and the factory image > Adrian Schmutzler sent me another downgrade path that they use with > OpenWRT-based Freifunk Franken Firmware > XM.v6.0.6-beta.30875.170526.0038.bin > XM.v6.0.4.30805.170505.1525.bin > XM.v5.5.11.28002.150723.1344.bin > Also I want to point to another email thread "ar71xx: Ubiquiti Airmax > M: add relocate-kernel to invalidate cache" > http://lists.infradead.org/pipermail/lede-dev/2018-April/011980.html > According to this thread OpenWRT master should be compatible with all AirOS 5.X > Cheers > Etienne ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] sysctl: Protect hard/symlinks by default.
On 30/04/18 22:15, Rosen Penev wrote: There is no usecase for not protecting symlinks that I know of in OpenWrt. Not even on desktop systems where you have multiple users with a shell. Signed-off-by: Rosen Penevv2: Move to 10-default.conf file. Hi, no need to resend but in future please put the v1->v2 info below the tear line (---) and add V2 to the description ([PATCH V2]) John --- package/base-files/files/etc/sysctl.d/10-default.conf | 4 1 file changed, 4 insertions(+) diff --git a/package/base-files/files/etc/sysctl.d/10-default.conf b/package/base-files/files/etc/sysctl.d/10-default.conf index 98867b7..bfe26ca 100644 --- a/package/base-files/files/etc/sysctl.d/10-default.conf +++ b/package/base-files/files/etc/sysctl.d/10-default.conf @@ -5,6 +5,10 @@ kernel.panic=3 kernel.core_pattern=/tmp/%e.%t.%p.%s.core fs.suid_dumpable=2 +#enable hard/symlink protection +fs.protected_hardlinks=1 +fs.protected_symlinks=1 + net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1 net.ipv4.ip_forward=1 ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
[LEDE-DEV] [PATCH] sysctl: Protect hard/symlinks by default.
There is no usecase for not protecting symlinks that I know of in OpenWrt. Not even on desktop systems where you have multiple users with a shell. Signed-off-by: Rosen Penevv2: Move to 10-default.conf file. --- package/base-files/files/etc/sysctl.d/10-default.conf | 4 1 file changed, 4 insertions(+) diff --git a/package/base-files/files/etc/sysctl.d/10-default.conf b/package/base-files/files/etc/sysctl.d/10-default.conf index 98867b7..bfe26ca 100644 --- a/package/base-files/files/etc/sysctl.d/10-default.conf +++ b/package/base-files/files/etc/sysctl.d/10-default.conf @@ -5,6 +5,10 @@ kernel.panic=3 kernel.core_pattern=/tmp/%e.%t.%p.%s.core fs.suid_dumpable=2 +#enable hard/symlink protection +fs.protected_hardlinks=1 +fs.protected_symlinks=1 + net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1 net.ipv4.ip_forward=1 -- 2.7.4 ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
[LEDE-DEV] [PATCH] uboot-envtools: Change download to git.
Currently, the build system uses an openwrt mirror which does not currently workand FTP can be unreliable under several circumstances (Ubuntu 16.04 WSL being an example). This change implicitly allows using all the mirrors to download. Changing this to git also allows using .tar.xz archives which are smaller. Size difference: 10416503 u-boot-2015.10.tar.bz2 8351456 u-boot-2015.10.tar.xz Signed-off-by: Rosen Penevv2: Change git URL from GitHub to official mirror. v3: Change URL to HTTPS now that Wolfgang Denke added support. v4: Rebased against current master. New sizes: 12304292 u-boot-2018.03.tar.bz2 10060652 u-boot-2018.03.tar.xz --- package/boot/uboot-envtools/Makefile | 11 +++ 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/package/boot/uboot-envtools/Makefile b/package/boot/uboot-envtools/Makefile index 4f7cf57..2f8dd0a 100644 --- a/package/boot/uboot-envtools/Makefile +++ b/package/boot/uboot-envtools/Makefile @@ -12,10 +12,13 @@ PKG_DISTNAME:=u-boot PKG_VERSION:=2018.03 PKG_RELEASE:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/u-boot-$(PKG_VERSION) -PKG_SOURCE:=$(PKG_DISTNAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=http://ftp.denx.de/pub/u-boot -PKG_HASH:=7e7477534409d5368eb1371ffde6820f0f79780a1a1f676161c48442cb303dfd +PKG_SOURCE_PROTO:=git +PKG_SOURCE:=$(PKG_DISTNAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_SUBDIR:=$(PKG_DISTNAME)-$(PKG_VERSION) +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_DISTNAME)-$(PKG_VERSION) +PKG_SOURCE_URL:=https://git.denx.de/u-boot.git +PKG_SOURCE_VERSION:=f95ab1fb6e37f0601f397091bb011edf7a98b890 +PKG_MIRROR_HASH:=b50d8b6fe0d90b92c8c147457b1b4c2ed1cdb03191085cfc57fdad77c0bfffab PKG_BUILD_DEPENDS:=fstools -- 2.7.4 ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
[LEDE-DEV] [PATCH v2] build: log time taken by each packages/steps
The idea is to easily get the list of packages taking the most time to build, and see if we can improve them v1: Use SetupHostCommand as recommended by John v2: add space after 'time:', remove useless /usr/bin/time from SetupHostCommand Signed-off-by: Etienne Champetier--- include/prereq-build.mk | 4 include/subdir.mk | 1 + 2 files changed, 5 insertions(+) diff --git a/include/prereq-build.mk b/include/prereq-build.mk index 5b9a7e049d..bac5fdc84c 100644 --- a/include/prereq-build.mk +++ b/include/prereq-build.mk @@ -138,6 +138,10 @@ $(eval $(call SetupHostCommand,bzip2,Please install 'bzip2', \ $(eval $(call SetupHostCommand,wget,Please install GNU 'wget', \ wget --version | grep GNU)) +$(eval $(call SetupHostCommand,gtime,Please install GNU 'time', \ + gtime --version 2>&1 | grep GNU, \ + time --version 2>&1 | grep GNU)) + $(eval $(call SetupHostCommand,perl,Please install Perl 5.x, \ perl --version | grep "perl.*v5")) diff --git a/include/subdir.mk b/include/subdir.mk index 79a80528ae..ed4f7537d5 100644 --- a/include/subdir.mk +++ b/include/subdir.mk @@ -43,6 +43,7 @@ log_make = \ $(if $(BUILD_LOG), \ set -o pipefail; \ mkdir -p $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4));) \ + gtime -f "time: $(1)$(if $(4),/$(4))/$(if $(3),$(3)-)$(2)\#%U\#%S\#%e" -- \ $$(SUBMAKE) $(subdir_make_opts) $(if $(3),$(3)-)$(2) \ $(if $(BUILD_LOG),SILENT= 2>&1 | tee $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4))/$(if $(3),$(3)-)$(2).txt) -- 2.14.3 ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] build: log time taken by each packages/steps
Hi John, 2018-04-29 23:41 GMT-07:00 John Crispin: > > > On 31/03/18 06:22, Etienne Champetier wrote: >> >> The idea is to easily get the list of packages taking the most time to >> build, >> and see if we can improve them >> >> Use SetupHostCommand as recommended by John >> >> Signed-off-by: Etienne Champetier >> --- >> include/prereq-build.mk | 5 + >> include/subdir.mk | 1 + >> 2 files changed, 6 insertions(+) >> >> diff --git a/include/prereq-build.mk b/include/prereq-build.mk >> index 6a423d2c7d..7d5b2f2b45 100644 >> --- a/include/prereq-build.mk >> +++ b/include/prereq-build.mk >> @@ -139,6 +139,11 @@ $(eval $(call SetupHostCommand,bzip2,Please install >> 'bzip2', \ >> $(eval $(call SetupHostCommand,wget,Please install GNU 'wget', \ >> wget --version | grep GNU)) >> +$(eval $(call SetupHostCommand,gtime,Please install GNU 'time', \ >> + gtime --version 2>&1 | grep GNU, \ >> + /usr/bin/time --version 2>&1 | grep GNU, \ > > > Hi, > i think the line above should be removed. happy to merge the patch once that > has been done and florian's space request was added You are right, SetupHostCommand find "time" binary without "/usr/bin/time" line sending v2 > John > > >> + time --version 2>&1 | grep GNU)) >> + >> $(eval $(call SetupHostCommand,perl,Please install Perl 5.x, \ >> perl --version | grep "perl.*v5")) >> diff --git a/include/subdir.mk b/include/subdir.mk >> index 79a80528ae..546ed57ae6 100644 >> --- a/include/subdir.mk >> +++ b/include/subdir.mk >> @@ -43,6 +43,7 @@ log_make = \ >> $(if $(BUILD_LOG), \ >> set -o pipefail; \ >> mkdir -p $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4));) \ >> + gtime -f "time:$(1)$(if $(4),/$(4))/$(if >> $(3),$(3)-)$(2)\#%U\#%S\#%e" -- \ >> $$(SUBMAKE) $(subdir_make_opts) $(if $(3),$(3)-)$(2) \ >> $(if $(BUILD_LOG),SILENT= 2>&1 | tee >> $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4))/$(if $(3),$(3)-)$(2).txt) >> > > ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] build: log time taken by each packages/steps
Hi Florian, 2018-04-04 9:44 GMT-07:00 Florian Fainelli: > Hi Etienne, > > On 03/30/2018 09:22 PM, Etienne Champetier wrote: >> The idea is to easily get the list of packages taking the most time to build, >> and see if we can improve them > > I like the idea a lot although I was not getting timestamps printed for > all steps of the build, for instance tools/* seems to have been > completely missing while I would expect to see some timestamps printed > there to possibly optimize the tools builds. This also applied to the > toolchain part, does that match what you would be expecting? just ran a build after "make dirclean" $ make -j4 V=99 2>&1 | grep '^time: ' time: target/linux/prereq#0.27#0.04#0.31 time: tools/flock/compile#0.18#0.08#0.49 time: tools/sed/compile#17.93#10.52#24.20 time: tools/xz/compile#29.36#8.00#25.35 ... And a second one: $ make -j4 V=99 2>&1 | grep '^time: ' time: target/linux/compile#5.24#3.41#5.32 time: package/libs/ncurses/host-compile#0.13#0.10#0.35 time: package/libs/toolchain/compile#0.11#0.13#0.45 ... So it's just that tools/* is skipped when it's already built > >> >> Use SetupHostCommand as recommended by John >> >> Signed-off-by: Etienne Champetier >> --- >> include/prereq-build.mk | 5 + >> include/subdir.mk | 1 + >> 2 files changed, 6 insertions(+) >> >> diff --git a/include/prereq-build.mk b/include/prlereq-build.mk >> index 6a423d2c7d..7d5b2f2b45 100644 >> --- a/include/prereq-build.mk >> +++ b/include/prereq-build.mk >> @@ -139,6 +139,11 @@ $(eval $(call SetupHostCommand,bzip2,Please install >> 'bzip2', \ >> $(eval $(call SetupHostCommand,wget,Please install GNU 'wget', \ >> wget --version | grep GNU)) >> >> +$(eval $(call SetupHostCommand,gtime,Please install GNU 'time', \ >> + gtime --version 2>&1 | grep GNU, \ >> + /usr/bin/time --version 2>&1 | grep GNU, \ >> + time --version 2>&1 | grep GNU)) >> + >> $(eval $(call SetupHostCommand,perl,Please install Perl 5.x, \ >> perl --version | grep "perl.*v5")) >> >> diff --git a/include/subdir.mk b/include/subdir.mk >> index 79a80528ae..546ed57ae6 100644 >> --- a/include/subdir.mk >> +++ b/include/subdir.mk >> @@ -43,6 +43,7 @@ log_make = \ >>$(if $(BUILD_LOG), \ >> set -o pipefail; \ >> mkdir -p $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4));) \ >> + gtime -f "time:$(1)$(if $(4),/$(4))/$(if $(3),$(3)-)$(2)\#%U\#%S\#%e" >> -- \ > > Can we add a space between time and $(1) here? will do > >> $$(SUBMAKE) $(subdir_make_opts) $(if $(3),$(3)-)$(2) \ >> $(if $(BUILD_LOG),SILENT= 2>&1 | tee $(BUILD_LOG_DIR)/$(1)$(if >> $(4),/$(4))/$(if $(3),$(3)-)$(2).txt) >> >> > > -- > Florian ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] Ubnt Bullet M2 flashing ?
Hi All, 2018-04-19 6:19 GMT-07:00 Joseph Marlin: > We still flash Ubiquiti Airrouters regularly, and we still have to downgrade > to 5.5.10 as a first step. I imagine Bullet M2 would be similar. I received last week my new Bullet M, and I confirm it is still possible to downgrade to 5.5.10 It was shipped with 5.6.11, but I wanted to confirm that I can downgrade from latest AirOS version, so what I did: 1) Upgrade to 6.1.6 XM.v6.1.6.32290.180307.1650.bin (md5sum 96a876222ede2cac4b2e895c14160c31) This version only accept signed image via the WebUI 2) Downgrade to 6.0.6-beta XM.v6.0.6-beta.30875.170526.0038.bin (md5sum 6baf82898fd70e9d394fb3b5a17d6fc3) This version is signed but accept non signed image via the WebUI 3) Downgrade to 5.6.15 XM.v5.6.15.30572.170328.1107.bin (md5sum dbe0fe1c5404c19f0adf328ca8d01a7a) 6.0.6-beta refuses to go back to 5.5.10 directly, so I went to 5.6.15 (unsigned version) 4) Downgrade to 5.5.10 XM.v5.5.10.24241.141001.1649.bin (md5sum 288b6dd2cbf35a85582f942ae5489873) 5) Upgrade to LEDE 17.01 \o/ using the WebUI and the factory image Adrian Schmutzler sent me another downgrade path that they use with OpenWRT-based Freifunk Franken Firmware XM.v6.0.6-beta.30875.170526.0038.bin XM.v6.0.4.30805.170505.1525.bin XM.v5.5.11.28002.150723.1344.bin Also I want to point to another email thread "ar71xx: Ubiquiti Airmax M: add relocate-kernel to invalidate cache" http://lists.infradead.org/pipermail/lede-dev/2018-April/011980.html According to this thread OpenWRT master should be compatible with all AirOS 5.X Cheers Etienne > > - Original Message - > From: "Bill Moffitt" > To: lede-dev@lists.infradead.org > Sent: Wednesday, April 18, 2018 5:20:10 PM > Subject: Re: [LEDE-DEV] Ubnt Bullet M2 flashing ? > > I have not been able to figure out a way to do it. > > > On 04/18/2018 02:14 PM, Etienne Champetier wrote: >> Hi All, >> >> Is it still possible to flash latest ubnt bullet m2 with OpenWRT? (AirOS 6.X) >> Is it possible to downgrade to 5.5.10 from the 6.X versions ? is it >> still required ? >> >> The wiki is not really up to date: >> https://openwrt.org/toh/ubiquiti/bullet >> And I've tried to ask on the forum but no luck :( >> https://forum.lede-project.org/t/bullet-m2-flashing-replacement/10849 >> >> Thanks in advance >> Etienne >> >> ___ >> Lede-dev mailing list >> Lede-dev@lists.infradead.org >> http://lists.infradead.org/mailman/listinfo/lede-dev > > > ___ > Lede-dev mailing list > Lede-dev@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/lede-dev > > ___ > Lede-dev mailing list > Lede-dev@lists.infradead.org > http://lists.infradead.org/mailman/listinfo/lede-dev ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] Setting *wireless* MTU, "UCI-compliant" way?
Hi Jeff, On Mon, Apr 30, 2018 at 08:59:12AM -0700, Jeff Kletsky wrote: > TL;DR > > When wireless is used as transport for an encapsulated stream, it can be > beneficial (or essential) to increase the MTU of the link closer to the 2304 > 802.11 MTU. I haven't found a way to set the MTU of the wireless device > itself through UCI. If there's something I'm missing, I'd appreciate hearing > about it. The wireless config section is kinda only up to layer 1.5, so everything on netdev level has to be done in the network UCI config. Example: config interface 'wireless0' option proto 'none' option mtu '1536' (in order to avoid batman-adv fragmenting) Cheers Daniel ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
[LEDE-DEV] Setting *wireless* MTU, "UCI-compliant" way?
TL;DR When wireless is used as transport for an encapsulated stream, it can be beneficial (or essential) to increase the MTU of the link closer to the 2304 802.11 MTU. I haven't found a way to set the MTU of the wireless device itself through UCI. If there's something I'm missing, I'd appreciate hearing about it. In Detail I'm using 802.11s for transport of GRE-encapsulated bridged streams. PMTUD doesn't work in a bridged situation (for non-local devices) as there no way of determining to whom the fragmentation-required ICMP packet needs to be sent to. This is not an OpenWRT-specific problem. OpenWRT "properly" reduces the MTU of the gretap link based on the underlying link, in this case below the 1500 MTU of an OpenWRT wireless link configured with config wifi-iface 'mesh0' option device 'radio5' option ifname 'mesh0' option mode 'mesh' option mesh_id '' option mesh_fwding '1' option encryption 'psk2+ccmp' option key '' option sae_password '' (Yes, both key and sae_password are there, as they have been bouncing around as to which works and which doesn't over the last month or so of master commits.) What is challenging is that even with a "named" wireless interface, there doesn't seem to be a way to directly use netifd and UCI configuration to override the default MTU. Changing the bridge over the interface doesn't help, as the bridge MTU is limited by the smallest MTU of its bridged interfaces. Right now, I "hook" things in a somewhat hack-ish way --- a/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh +++ b/package/kernel/mac80211/files/lib/netifd/wireless/mac80211.sh @@ -513,6 +513,8 @@ mac80211_prepare_vif() { ip link set dev "$ifname" address "$macaddr" fi + [ -x /etc/mac80211-post-add.sh ] && /etc/mac80211-post-add.sh "$ifname" + json_select .. } At least my read of things is that virtual wireless devices are "wiped" and re-created when changes are made. If this isn't the case, I'd appreciate knowing where else I might need to "hook" things if this is the "only" approach to managing MTU of the wireless link. All nodes are under my administrative control, so the "non-standard" MTU does not pose interoperability concerns for me. Is there a cleaner way to manage this? Jeff ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] wireguard: add distinction for remote and local endpoint ip
On 19/02/18 19:54, Thomas Huehn wrote: This patch fixes a bug when someone tries to set up a Wireguard tunnel to an endpoint where its ip belongs to a local subnet, e.g. in a Freifunk olsr mesh. The call of proto_add_host_dependency() is just needed in cases where the endpoint is reachable via a default gateway but not in such cases where the endpoint is part of a local subnet. Signed-off-by: Thomas HuehnHi, this should be fixed in trunk due to a netifd update. please let us know if you are still seeing this issue. John --- package/network/services/wireguard/files/wireguard.sh | 8 +++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/package/network/services/wireguard/files/wireguard.sh b/package/network/services/wireguard/files/wireguard.sh index 7b18a2e0ecdb..36ed80d9e7aa 100644 --- a/package/network/services/wireguard/files/wireguard.sh +++ b/package/network/services/wireguard/files/wireguard.sh @@ -16,6 +16,10 @@ fi init_proto "$@" } +is_remote_ip() { + ip route get $1 | grep "via $(ip route | grep -m1 default | cut -d" " -f3)" +} + proto_wireguard_init_config() { proto_config_add_string "private_key" @@ -174,7 +178,9 @@ proto_wireguard_setup() { sed -E 's/\[?([0-9.:a-f]+)\]?:([0-9]+)/\1 \2/' | \ while IFS=$'\t ' read -r key address port; do [ -n "${port}" ] || continue -proto_add_host_dependency "${config}" "${address}" +is_remote_ip ${address} && { + logger -t Wireguard "no local route to endpoint - call proto_add_host_dependency()" + proto_add_host_dependency "${config}" "${address}" done proto_send_update "${config}" ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] uboot-envtools: Change download to git.
On 16/03/18 01:26, Rosen Penev wrote: Currently, the build system uses an openwrt mirror which does not currently workand FTP can be unreliable under several circumstances (Ubuntu 16.04 WSL being an example). This change implicitly allows using all the mirrors to download. Changing this to git also allows using .tar.xz archives which are smaller. Size difference: 10416503 u-boot-2015.10.tar.bz2 8351456 u-boot-2015.10.tar.xz Signed-off-by: Rosen PenevHi, patch no longer applies since the last envtools update. please rebase/send, Thanks ! John v2: Change git URL from GitHub to official mirror. v3: Change URL to HTTPS now that Wolfgang Denke added support. --- package/boot/uboot-envtools/Makefile | 13 +++-- 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/package/boot/uboot-envtools/Makefile b/package/boot/uboot-envtools/Makefile index 442cf3fd83..9b1ed6967b 100644 --- a/package/boot/uboot-envtools/Makefile +++ b/package/boot/uboot-envtools/Makefile @@ -12,12 +12,13 @@ PKG_DISTNAME:=u-boot PKG_VERSION:=2015.10 PKG_RELEASE:=1 -PKG_BUILD_DIR:=$(BUILD_DIR)/u-boot-$(PKG_VERSION) -PKG_SOURCE:=$(PKG_DISTNAME)-$(PKG_VERSION).tar.bz2 -PKG_SOURCE_URL:=\ - http://mirror2.openwrt.org/sources \ - ftp://ftp.denx.de/pub/u-boot -PKG_HASH:=bdc68d5f9455ad933b059c735d983f2c8b6b552dafb062e5ff1444f623021955 +PKG_SOURCE_PROTO:=git +PKG_SOURCE:=$(PKG_DISTNAME)-$(PKG_VERSION).tar.xz +PKG_SOURCE_SUBDIR:=$(PKG_DISTNAME)-$(PKG_VERSION) +PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_DISTNAME)-$(PKG_VERSION) +PKG_SOURCE_URL:=https://git.denx.de/u-boot.git +PKG_SOURCE_VERSION:=5ec0003b19cbdf06ccd6941237cbc0d1c3468e2d +PKG_MIRROR_HASH:=e207d996ebfff7335eed99789e3dcb9da071499f347fcdd86725b9d4dac5a5bb PKG_BUILD_DEPENDS:=fstools ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] mvebu: Switch Turris Omnia to use ath10k-ct driver and firmware.
On Sun, Apr 29, 2018 at 11:44 PM, John Crispinwrote: > > > On 31/03/18 00:19, Rosen Penev wrote: >> >> My testing has shown both ath10k and firmware to be unstable. Here is a >> summary of results done over two weeks: >> >> ath10k + QCA firmware = driver crash, WiFi dies completely. >> ath10k + CT firmware = driver crash. WiFi dies completely. >> ath10k-ct + QCA firmware = firmware crash. WiFi does not die*. >> ath10k-ct + CT firmware = I have not gotten either to crash. >> >> WiFi does not die completely with scenario 3 as mac80211 is able to >> restart the hardware. From my testing, it dies twice a day. I have no idea >> what triggers it. My best guess is an Apple iPhone. >> >> I also tried QCA firmware 37. No difference. > > > Hi, > > there will always be combos of FW/drv version that will/not work. this can > change over time back and fwd between stock and -ct code bases. -ct has been > opt-in since it was merged. It would be uch better to figure out which FW > works and why the driver dies. Otherwise we'll start flipping back and fwd > between stock/-ct versions with each update on each wmac silicon / arch > combo constantly. So the initial report was premature. I've since tried with more firmwares only to find that they all crash. Even -ct. The basic problem is that in the case of the firmware crashing, -ct restarts the firmware whereas ath10k dies with it. I've concluded that it's my phone running Android Oreo that causes all the firmware crashing. > > John > > >> Signed-off-by: Rosen Penev >> --- >> target/linux/mvebu/image/cortex-a9.mk | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >> diff --git a/target/linux/mvebu/image/cortex-a9.mk >> b/target/linux/mvebu/image/cortex-a9.mk >> index d9defe880d..a6529220ea 100644 >> --- a/target/linux/mvebu/image/cortex-a9.mk >> +++ b/target/linux/mvebu/image/cortex-a9.mk >> @@ -152,7 +152,7 @@ define Device/turris-omnia >> DEVICE_TITLE := Turris Omnia >> DEVICE_PACKAGES := \ >> mkf2fs e2fsprogs kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1 \ >> -wpad-mini kmod-ath9k kmod-ath10k ath10k-firmware-qca988x >> +wpad-mini kmod-ath9k kmod-ath10k-ct ath10k-firmware-qca988x-ct >> IMAGES := $$(IMAGE_PREFIX)-sysupgrade.img.gz >> omnia-medkit-$$(IMAGE_PREFIX)-initramfs.tar.gz >> IMAGE/$$(IMAGE_PREFIX)-sysupgrade.img.gz := boot-img | sdcard-img | >> gzip | append-metadata >> IMAGE/omnia-medkit-$$(IMAGE_PREFIX)-initramfs.tar.gz := >> omnia-medkit-initramfs | gzip > > ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] tools/squashfs update to 5.0 before next release
On Tue, Apr 17, 2018 at 6:10 PM, Paul Spoorenwrote: Hi, if I understand lynxis staging tree [1] correctly, future squashfs images will be reproducible. Will this be merged to master before the next 18.x release? Best, Paul [1] https://git.openwrt.org/?p=openwrt/staging/lynxis.git;a=commit;h=1fd818d4f8255cbaa0173d856f09f24bd88a6209 I tried the patch apart from a typo (?) in the file `./tools/squashfs4/Makefile` it seems to work and creates actually reproducible squashfs images! The typo is line 18 [1] where the 4 of squashfs is missing. In the current state the staging tree produces the following error message: CFLAGS="-O2 -I/home/a/src/openwrt/staging_dir/host/include " CPPFLAGS="-I/home/a/src/openwrt/staging_dir/host/include " CXXFLAGS="" LDFLAGS="-L/home/a/src/openwrt/staging_dir/host/lib " make -C /home/a/src/openwrt/build_dir/host/squashfs5.0/squashfs-tools XZ_SUPPORT=1 LZMA_XZ_SUPPORT=1 XATTR_SUPPORT= LZMA_LIB="/home/a/src/openwrt/staging_dir/host/lib/liblzma.a" EXTRA_CFLAGS="-I/home/a/src/openwrt/staging_dir/host/include" mksquashfs unsquashfs make[4]: *** /home/a/src/openwrt/build_dir/host/squashfs5.0/squashfs-tools: No such file or directory. Stop. make[3]: *** [Makefile:44: /home/a/src/openwrt/build_dir/host/squashfs5.0/.built] Error 2 make[3]: Leaving directory '/home/a/src/openwrt/tools/squashfs4' make[2]: *** [tools/Makefile:154: tools/squashfs4/compile] Error 2 make[2]: Leaving directory '/home/a/src/openwrt' make[1]: *** [tools/Makefile:150: /home/a/src/openwrt/staging_dir/target-mipsel_24kc_musl/stamp/.tools_compile_yynynynyynnnyyynyynynnyyynnyy] Error 2 make[1]: Leaving directory '/home/a/src/openwrt' make: *** [/home/a/src/openwrt/include/toplevel.mk:218: world] Error 2``` Best regards, Paul Spooren [1] https://git.openwrt.org/?p=openwrt/staging/lynxis.git;a=blob;f=tools/squashfs4/Makefile;h=fd4388d03137454914007e8f1fb7a120c127674c;hb=1fd818d4f8255cbaa0173d856f09f24bd88a6209#l18 ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH v2 3/5] tools/mtd-utils: update to version 2.0.2
On 2018-04-20 00:12, Hauke Mehrtens wrote: > This version now uses autotools to configure the build system. They are > also using the newly added zlib package. > > Signed-off-by: Hauke Mehrtens> --- > > changes since v1: > * Update to version 2.0.2 > * use ftp to download the tar > > tools/Makefile | 2 +- > tools/mtd-utils/Makefile | 46 +++- > tools/mtd-utils/patches/100-sscanf_fix.patch | 6 +- > tools/mtd-utils/patches/110-portability.patch | 51 + > .../mtd-utils/patches/120-include_sysmacros.patch | 25 - > tools/mtd-utils/patches/130-lzma_jffs2.patch | 65 +-- > .../patches/135-mkubifs_optional_lzo.patch | 119 > - > ...igen-add-ubigen_write_terminator-function.patch | 8 +- > .../201-ubinize-add-terminator-support.patch | 23 ++-- > .../patches/310-add-static-linking-option.patch| 43 > .../patches/320-mkfs.jffs2-SOURCE_DATE_EPOCH.patch | 16 +-- > 11 files changed, 101 insertions(+), 303 deletions(-) > delete mode 100644 tools/mtd-utils/patches/120-include_sysmacros.patch > delete mode 100644 tools/mtd-utils/patches/135-mkubifs_optional_lzo.patch > delete mode 100644 > tools/mtd-utils/patches/310-add-static-linking-option.patch > > diff --git a/tools/Makefile b/tools/Makefile > index 8dfab9892b..d2b5daf18c 100644 > --- a/tools/Makefile > +++ b/tools/Makefile > @@ -50,7 +50,7 @@ $(curdir)/automake/compile := $(curdir)/m4/compile > $(curdir)/autoconf/compile $( > $(curdir)/gmp/compile := $(curdir)/libtool/compile > $(curdir)/mpc/compile := $(curdir)/mpfr/compile $(curdir)/gmp/compile > $(curdir)/mpfr/compile := $(curdir)/gmp/compile > -$(curdir)/mtd-utils/compile := $(curdir)/e2fsprogs/compile > $(curdir)/zlib/compile > +$(curdir)/mtd-utils/compile := $(curdir)/libtool/compile > $(curdir)/e2fsprogs/compile $(curdir)/zlib/compile > $(curdir)/mklibs/compile := $(curdir)/libtool/compile > $(curdir)/qemu/compile := $(curdir)/e2fsprogs/compile $(curdir)/zlib/compile > $(curdir)/upslug2/compile := $(curdir)/libtool/compile > diff --git a/tools/mtd-utils/Makefile b/tools/mtd-utils/Makefile > index 7b4a91a73d..1527d10579 100644 > --- a/tools/mtd-utils/Makefile > +++ b/tools/mtd-utils/Makefile > @@ -7,44 +7,30 @@ > include $(TOPDIR)/rules.mk > > PKG_NAME:=mtd-utils > -PKG_VERSION:=1.5.2 > +PKG_VERSION:=2.0.2 > > -PKG_SOURCE_VERSION:=aea36417067dade75192bafa03af70b6eb2677b1 > -PKG_SOURCE_URL:=git://git.infradead.org/mtd-utils.git > -PKG_SOURCE_PROTO:=git > -PKG_MIRROR_HASH:=e11b342b85a36b2e438a8412ec52f87621d3046aec1a93039f8c72de9990b2a7 > +PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 > +PKG_SOURCE_URL:=ftp://ftp.infradead.org/pub/mtd-utils/ > +PKG_HASH:=fb3de61be8e932abb424e8ea3c30298f553d5f970ad158a737bb303bbf9660b8 > + > +PKG_FIXUP:=autoreconf > > include $(INCLUDE_DIR)/host-build.mk > > -HOST_CFLAGS += -I$(STAGING_DIR_HOST)/include/e2fsprogs > -CFLAGS := $(HOST_CFLAGS) -I$(HOST_BUILD_DIR)/include -L$(HOST_BUILD_DIR) > -L$(STAGING_DIR_HOST)/lib -DNO_NATIVE_SUPPORT > -ifneq ($(HOST_OS),Linux) > -CFLAGS += -Dloff_t=off_t -D__BYTE_ORDER=BYTE_ORDER -include endian.h > -I$(CURDIR)/include -include fls.h This patch was dropping a lot of important compat stuff for non-linux systems. I've added back the important bits in r6796-56ae9f9b0b so that it builds on macOS again. - Felix ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] iptables: link extension libraries with -lm
On Mon, Apr 30, 2018 at 7:58 AM, John Crispinwrote: > > > On 27/04/18 16:05, Alin Năstac wrote: >> >> According to "Automatic variables" chapter of make manual, $* expands >> to the pattern matched by % in an implicit rule. >> However, the make rules in which this patch use the $* variable is an >> explicit rule, hence $* expansion will be empty. >> >> >> On Fri, Apr 27, 2018 at 8:41 AM, John Crispin wrote: >>> >>> >>> On 24/04/18 10:05, Alin Nastac wrote: This fixes an iptables link error when kernel config include CONFIG_NETFILTER_XT_MATCH_STATISTIC=y related to the missing -lm argument on the linker command line. Error is caused by the odd looking linker argument ${$*_LIBADD} which get expanded to an empty string. >>> >>> >>> Hi, >>> the $* usage is correct >>> >>> src/%.c: >>> echo $* >>> >>> ->src/example (bei src/example.c) >>> >>> please provide your diffconfig so i can reproduce your issue locally. >>> >>> John >>> > > Hi, > please try not to top post. and see if this fixes your issue please. --> > > https://pastebin.com/qbMfwGer > > > John Your solution works and is indeed a better solution. Don't forget to replace all package/network/utils/iptables/patches/600-shared-libext.patch occurrences of the expression ${$*_LIBADD}. >>> >>> Signed-off-by: Alin Nastac --- package/network/utils/iptables/patches/600-shared-libext.patch | 10 +- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/package/network/utils/iptables/patches/600-shared-libext.patch b/package/network/utils/iptables/patches/600-shared-libext.patch index a906d40..17e7fbe 100644 --- a/package/network/utils/iptables/patches/600-shared-libext.patch +++ b/package/network/utils/iptables/patches/600-shared-libext.patch @@ -28,27 +28,27 @@ -libext.a: initext.o ${libext_objs} - ${AM_VERBOSE_AR} ${AR} crs $@ $^; +libiptext.so: initext.o ${libext_objs} -+ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${$*_LIBADD}; ++ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${xt_statistic_LIBADD} ${xt_connlabel_LIBADD}; -libext_ebt.a: initextb.o ${libext_ebt_objs} - ${AM_VERBOSE_AR} ${AR} crs $@ $^; +libiptext_ebt.so: initextb.o ${libext_ebt_objs} -+ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${$*_LIBADD}; ++ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${xt_statistic_LIBADD} ${xt_connlabel_LIBADD}; -libext_arpt.a: initexta.o ${libext_arpt_objs} - ${AM_VERBOSE_AR} ${AR} crs $@ $^; +libiptext_arpt.so: initexta.o ${libext_arpt_objs} -+ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${$*_LIBADD}; ++ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${xt_statistic_LIBADD} ${xt_connlabel_LIBADD}; -libext4.a: initext4.o ${libext4_objs} - ${AM_VERBOSE_AR} ${AR} crs $@ $^; +libiptext4.so: initext4.o ${libext4_objs} -+ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${$*_LIBADD}; ++ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${xt_statistic_LIBADD} ${xt_connlabel_LIBADD}; -libext6.a: initext6.o ${libext6_objs} - ${AM_VERBOSE_AR} ${AR} crs $@ $^; +libiptext6.so: initext6.o ${libext6_objs} -+ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${$*_LIBADD}; ++ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $^ -L../libxtables/.libs -lxtables ${xt_statistic_LIBADD} ${xt_connlabel_LIBADD}; initext_func := $(addprefix xt_,${pfx_build_static}) initextb_func := $(addprefix ebt_,${pfb_build_static}) >>> >>> > ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [OpenWrt-Devel] [PATCH 0/4] Gemini forward-port to kernel v4.14
On 29/04/18 20:32, Roman Yeryomin wrote: On 2018-04-27 09:18, John Crispin wrote: On 17/04/18 00:34, Roman Yeryomin wrote: On 2018-04-15 20:22, Roman Yeryomin wrote: On 2018-04-14 20:36, Hans Ulli Kroll wrote: Hi Roman On Tue, 10 Apr 2018, Linus Walleij wrote: On Mon, Apr 9, 2018 at 12:38 PM, Roman Yeryominwrote: > I have tested them quickly yesterday on nas4220b board. Although I've > managed to boot it (had to fix rootfs image) ethernet and usb didn't work. > And I didn't check anything else. > I didn't yet look at the code but before I dive there I have a question: did > you have a chance to test it yourself on any of the boards? And if yes, > which one? I think the fotg controller gets stalled after a port reset. Please check attached (untested) patch for openwrt. I can test this next week by myself +diff --git a/drivers/usb/host/fotg210-hcd.c b/drivers/usb/host/fotg210-hcd.c +index 2acc51b0be5a..bc9efb49adc7 100644 +--- a/drivers/usb/host/fotg210-hcd.c b/drivers/usb/host/fotg210-hcd.c +@@ -1653,6 +1653,10 @@ static int fotg210_hub_control(struct usb_hcd *hcd, u16 typeReq, u16 wValue, + /* see what we found out */ + temp = check_reset_complete(fotg210, wIndex, status_reg, + fotg210_readl(fotg210, status_reg)); ++ ++ /* restart schedule */ ++ fotg210->command |= CMD_RUN; ++ fotg210_writel(fotg210, fotg210->command, >regs->command); + } + + if (!(temp & (PORT_RESUME|PORT_RESET))) { +-- +2.16.2 + Didn't work for me :( I've found why it didn't work: [ 5.845199] Warning! fotg210_hcd should always be loaded before uhci_hcd and ohci_hcd, not after After fixing kernel config and applying your patch it works. So your patch works and is needed indeed. But there are other problems. Second USB (USB1) port cannot be initialized and only USB0 is working: [ 5.843831] fotg210_hcd: FOTG210 Host Controller (EHCI) Driver [ 5.844298] pinctrl-gemini 4000.syscon:pinctrl: ACTIVATE function "usb" with group "usbgrp" [ 5.845067] fotg210-hcd 6800.usb: initialized Gemini PHY [ 5.845095] fotg210-hcd 6800.usb: Faraday USB2.0 Host Controller [ 5.845176] fotg210-hcd 6800.usb: new USB bus registered, assigned bus number 1 [ 5.845696] fotg210-hcd 6800.usb: irq 29, io mem 0x6800 [ 5.877212] fotg210-hcd 6800.usb: USB 2.0 started, EHCI 1.00 [ 5.880314] hub 1-0:1.0: USB hub found [ 5.880546] hub 1-0:1.0: 1 port detected [ 5.904768] pinctrl-gemini 4000.syscon:pinctrl: pin T6 USB GNDA U20 already requested by 6800.usb; cannot claim for 6900.usb [ 5.904807] pinctrl-gemini 4000.syscon:pinctrl: pin-305 (6900.usb) status -22 [ 5.904845] pinctrl-gemini 4000.syscon:pinctrl: could not request pin 305 (T6 USB GNDA U20) from group usbgrp on device pinctrl-gemini [ 5.904872] fotg210-hcd 6900.usb: Error applying setting, reverse things back [ 5.904928] fotg210-hcd: probe of 6900.usb failed with error -22 After removing pinctrl from USB1 it is initialized but then only USB1 is working, USB0 is seen but there are no interrupts. Didn't yet look at the code, maybe you will know where to fix right away. Regards, Roman Hi, how shall we proceed ? merge 1, 2 and 3, let roman fix the regressions and then merge 4 ? or drop the series for now and let you guys send a V2 with the regression fixes integrated ? Hi John, I've prepared 4.14 branch here https://github.com/yeryomin/openwrt/commits/gemini-4.14 I think it can be merged in it's current state. The only problem I'm aware of is that usb is not fully working (afaik, Hans is working on it). Linus, could you test that branch on your device and see if network is working by default? Regards, Roman Great, please send patches or a PR once you feel happy with the series. John ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH 07/12] at91: sdcard image with ext4 rootfs
On 2018-04-02 18:34, Sandeep Sheriker Mallikarjun wrote: > creating sdcard image with ext4 rootfs only and ignoring creating > other filesystem in sdcard image. > > Signed-off-by: Sandeep Sheriker Mallikarjun >Why do you need ext4 images? I think squashfs images (with f2fs/ext4 overlay created by fstools) are more useful, since they're smaller and allow easy reset-to-defaults. - Felix ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH 3/3] sysctl: Protect hard/symlinks by default.
On 31/03/18 00:18, Rosen Penev wrote: There is no usecase for not protecting symlinks that I know of in OpenWrt. Not even on desktop systems where you have multiple users with a shell. Signed-off-by: Rosen PenevHi, does not apply due to bee696d66c95337d91fc0256afbf481dc93ddb27 please fix/resend John --- package/base-files/files/etc/sysctl.conf | 4 1 file changed, 4 insertions(+) diff --git a/package/base-files/files/etc/sysctl.conf b/package/base-files/files/etc/sysctl.conf index 61a43057a1..790fc02654 100644 --- a/package/base-files/files/etc/sysctl.conf +++ b/package/base-files/files/etc/sysctl.conf @@ -5,6 +5,10 @@ fs.suid_dumpable=2 #disable kernel pointer access from normal users kernel.kptr_restrict=1 +#enable hard/symlink protection +fs.protected_hardlinks=1 +fs.protected_symlinks=1 + net.ipv4.conf.default.arp_ignore=1 net.ipv4.conf.all.arp_ignore=1 net.ipv4.ip_forward=1 ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] mvebu: Switch Turris Omnia to use ath10k-ct driver and firmware.
On 31/03/18 00:19, Rosen Penev wrote: My testing has shown both ath10k and firmware to be unstable. Here is a summary of results done over two weeks: ath10k + QCA firmware = driver crash, WiFi dies completely. ath10k + CT firmware = driver crash. WiFi dies completely. ath10k-ct + QCA firmware = firmware crash. WiFi does not die*. ath10k-ct + CT firmware = I have not gotten either to crash. WiFi does not die completely with scenario 3 as mac80211 is able to restart the hardware. From my testing, it dies twice a day. I have no idea what triggers it. My best guess is an Apple iPhone. I also tried QCA firmware 37. No difference. Hi, there will always be combos of FW/drv version that will/not work. this can change over time back and fwd between stock and -ct code bases. -ct has been opt-in since it was merged. It would be uch better to figure out which FW works and why the driver dies. Otherwise we'll start flipping back and fwd between stock/-ct versions with each update on each wmac silicon / arch combo constantly. John Signed-off-by: Rosen Penev--- target/linux/mvebu/image/cortex-a9.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/target/linux/mvebu/image/cortex-a9.mk b/target/linux/mvebu/image/cortex-a9.mk index d9defe880d..a6529220ea 100644 --- a/target/linux/mvebu/image/cortex-a9.mk +++ b/target/linux/mvebu/image/cortex-a9.mk @@ -152,7 +152,7 @@ define Device/turris-omnia DEVICE_TITLE := Turris Omnia DEVICE_PACKAGES := \ mkf2fs e2fsprogs kmod-fs-vfat kmod-nls-cp437 kmod-nls-iso8859-1 \ -wpad-mini kmod-ath9k kmod-ath10k ath10k-firmware-qca988x +wpad-mini kmod-ath9k kmod-ath10k-ct ath10k-firmware-qca988x-ct IMAGES := $$(IMAGE_PREFIX)-sysupgrade.img.gz omnia-medkit-$$(IMAGE_PREFIX)-initramfs.tar.gz IMAGE/$$(IMAGE_PREFIX)-sysupgrade.img.gz := boot-img | sdcard-img | gzip | append-metadata IMAGE/omnia-medkit-$$(IMAGE_PREFIX)-initramfs.tar.gz := omnia-medkit-initramfs | gzip ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] build: log time taken by each packages/steps
On 31/03/18 06:22, Etienne Champetier wrote: The idea is to easily get the list of packages taking the most time to build, and see if we can improve them Use SetupHostCommand as recommended by John Signed-off-by: Etienne Champetier--- include/prereq-build.mk | 5 + include/subdir.mk | 1 + 2 files changed, 6 insertions(+) diff --git a/include/prereq-build.mk b/include/prereq-build.mk index 6a423d2c7d..7d5b2f2b45 100644 --- a/include/prereq-build.mk +++ b/include/prereq-build.mk @@ -139,6 +139,11 @@ $(eval $(call SetupHostCommand,bzip2,Please install 'bzip2', \ $(eval $(call SetupHostCommand,wget,Please install GNU 'wget', \ wget --version | grep GNU)) +$(eval $(call SetupHostCommand,gtime,Please install GNU 'time', \ + gtime --version 2>&1 | grep GNU, \ + /usr/bin/time --version 2>&1 | grep GNU, \ Hi, i think the line above should be removed. happy to merge the patch once that has been done and florian's space request was added John + time --version 2>&1 | grep GNU)) + $(eval $(call SetupHostCommand,perl,Please install Perl 5.x, \ perl --version | grep "perl.*v5")) diff --git a/include/subdir.mk b/include/subdir.mk index 79a80528ae..546ed57ae6 100644 --- a/include/subdir.mk +++ b/include/subdir.mk @@ -43,6 +43,7 @@ log_make = \ $(if $(BUILD_LOG), \ set -o pipefail; \ mkdir -p $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4));) \ + gtime -f "time:$(1)$(if $(4),/$(4))/$(if $(3),$(3)-)$(2)\#%U\#%S\#%e" -- \ $$(SUBMAKE) $(subdir_make_opts) $(if $(3),$(3)-)$(2) \ $(if $(BUILD_LOG),SILENT= 2>&1 | tee $(BUILD_LOG_DIR)/$(1)$(if $(4),/$(4))/$(if $(3),$(3)-)$(2).txt) ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH] download: skip hash check without a download hash
On 30/03/18 17:34, Hauke Mehrtens wrote: If the package doe not contain a PKG_HASH just skip the check instead of making the download fail. The scripts/download.pl script will automatically skip the hash check in case the hash value equals skip, otherwise it fails. Signed-off-by: Hauke Mehrtens--- include/download.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/download.mk b/include/download.mk index 2ba8a7bdf4..b14ce2a39a 100644 --- a/include/download.mk +++ b/include/download.mk @@ -239,11 +239,11 @@ define Download/Defaults URL_FILE:= PROTO:= HASH=$$(MD5SUM) - MD5SUM:=x + MD5SUM:=skip SUBDIR:= MIRROR:=1 MIRROR_HASH=$$(MIRROR_MD5SUM) - MIRROR_MD5SUM:=x + MIRROR_MD5SUM:=skip VERSION:= OPTS:= endef Hi, I am against merging this patch. b30ba14e2a858cfebcfdbc38348ab96a6d179556 fixed an error where we had a copy/paste mess up of a hash causing a none valid length. we would think that there is hash that gets checked but it would never be validated. Adding your patch would introduce a similar case where a typo in the variable name would make us believe that a hash is present but in reality there it none. I'd prefer that the Makefile would have the skip inside it and that the buildsystem would then skip the validation. John ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev
Re: [LEDE-DEV] [PATCH 10/12] at91: reorganize at91 subtargets
On 02/04/18 18:34, Sandeep Sheriker Mallikarjun wrote: reorganizing at91 subtargets based on sama5 soc features and this fix below problems. 1. able to set neon flags to sama5d2 & sama5d4 subtargets. 2. fix the make clean which removes all the subtargets in bin folder. 3. able to configure kernel specific to subtarget. 4. able to set vfpu4 flags to samad3 subtargets. Signed-off-by: Sandeep Sheriker MallikarjunHi, due to me letting these rot too long 10 11 and 12/12 dont apply any longer. copuld you rebase/send them please ? John --- package/boot/at91bootstrap/Makefile| 12 +- package/boot/uboot-at91/Makefile | 18 +- target/linux/at91/Makefile |2 +- target/linux/at91/image/Makefile | 51 +- target/linux/at91/image/sama5.mk | 101 -- target/linux/at91/image/sama5d2.mk | 23 + target/linux/at91/image/sama5d3.mk | 33 + target/linux/at91/image/sama5d4.mk | 20 + target/linux/at91/sama5/target.mk |9 - .../linux/at91/{sama5 => sama5d2}/config-default |0 target/linux/at91/sama5d2/target.mk| 10 + target/linux/at91/sama5d3/config-default | 1311 target/linux/at91/sama5d3/target.mk| 10 + target/linux/at91/sama5d4/config-default | 1311 target/linux/at91/sama5d4/target.mk| 10 + 15 files changed, 2798 insertions(+), 123 deletions(-) delete mode 100644 target/linux/at91/image/sama5.mk create mode 100644 target/linux/at91/image/sama5d2.mk create mode 100644 target/linux/at91/image/sama5d3.mk create mode 100644 target/linux/at91/image/sama5d4.mk delete mode 100644 target/linux/at91/sama5/target.mk rename target/linux/at91/{sama5 => sama5d2}/config-default (100%) create mode 100644 target/linux/at91/sama5d2/target.mk create mode 100644 target/linux/at91/sama5d3/config-default create mode 100644 target/linux/at91/sama5d3/target.mk create mode 100644 target/linux/at91/sama5d4/config-default create mode 100644 target/linux/at91/sama5d4/target.mk diff --git a/package/boot/at91bootstrap/Makefile b/package/boot/at91bootstrap/Makefile index fbe44c4..b350555 100644 --- a/package/boot/at91bootstrap/Makefile +++ b/package/boot/at91bootstrap/Makefile @@ -24,63 +24,73 @@ include $(INCLUDE_DIR)/package.mk define AT91Bootstrap/Default BUILD_TARGET:=at91 - BUILD_SUBTARGET:=sama5 HIDDEN:=1 AT91BOOTSTRAP_IMAGE:=at91bootstrap.bin endef define AT91Bootstrap/sama5d2_xplaineddf_uboot TITLE:=AT91Bootstrap for SAMA5D2 Xplained board (SPI Flash) + BUILD_SUBTARGET:=sama5d2 BUILD_DEVICES:=at91-sama5d2_xplained endef define AT91Bootstrap/sama5d2_xplaineddf_qspi_uboot TITLE:=AT91Bootstrap for SAMA5D2 Xplained board (QSPI Flash) + BUILD_SUBTARGET:=sama5d2 BUILD_DEVICES:=at91-sama5d2_xplained endef define AT91Bootstrap/sama5d2_xplainedsd_uboot TITLE:=AT91Bootstrap for SAMA5D2 Xplained board (SDcard/EMMC) + BUILD_SUBTARGET:=sama5d2 BUILD_DEVICES:=at91-sama5d2_xplained endef define AT91Bootstrap/sama5d3_xplainednf_uboot TITLE:=AT91Bootstrap for SAMA5D3 Xplained board (Nand Flash) + BUILD_SUBTARGET:=sama5d3 BUILD_DEVICES:=at91-sama5d3_xplained endef define AT91Bootstrap/sama5d3_xplainedsd_uboot TITLE:=AT91Bootstrap for SAMA5D3 Xplained board (SDcard) + BUILD_SUBTARGET:=sama5d3 BUILD_DEVICES:=at91-sama5d3_xplained endef define AT91Bootstrap/sama5d4_xplainednf_uboot_secure TITLE:=AT91Bootstrap for SAMA5D4 Xplained board (Nand Flash) + BUILD_SUBTARGET:=sama5d4 BUILD_DEVICES:=at91-sama5d4_xplained endef define AT91Bootstrap/sama5d4_xplaineddf_uboot_secure TITLE:=AT91Bootstrap for SAMA5D4 Xplained board (SPI Flash) + BUILD_SUBTARGET:=sama5d4 BUILD_DEVICES:=at91-sama5d4_xplained endef define AT91Bootstrap/sama5d4_xplainedsd_uboot_secure TITLE:=AT91Bootstrap for SAMA5D4 Xplained board (SDcard) + BUILD_SUBTARGET:=sama5d4 BUILD_DEVICES:=at91-sama5d4_xplained endef define AT91Bootstrap/sama5d27_som1_eksd_uboot TITLE:=AT91Bootstrap for SAMA5D27 SOM1 Ek (SDcard0) + BUILD_SUBTARGET:=sama5d2 BUILD_DEVICES:=at91-sama5d27_som1_ek endef define AT91Bootstrap/sama5d27_som1_eksd1_uboot TITLE:=AT91Bootstrap for SAMA5D27 SOM1 Ek (SDcard1) + BUILD_SUBTARGET:=sama5d2 BUILD_DEVICES:=at91-sama5d27_som1_ek endef define AT91Bootstrap/sama5d27_som1_ekqspi_uboot TITLE:=AT91Bootstrap for SAMA5D27 SOM1 Ek (QSPI Flash) + BUILD_SUBTARGET:=sama5d2 BUILD_DEVICES:=at91-sama5d27_som1_ek endef diff --git a/package/boot/uboot-at91/Makefile b/package/boot/uboot-at91/Makefile index 73a2d62..b336321 100644 --- a/package/boot/uboot-at91/Makefile +++
Re: [LEDE-DEV] [PATCH] samba36: add hotplug script
On 12/04/18 11:41, Rosy Song wrote: Add hotplug handle script for storage devices, this will add corresponding option in the /etc/config/samba file automatically. If user do not want this feature, it can be cancel via samba relevant menu option. Hi, patch as such looks ok. however i am not sure if we want to always add any and every device we see into uci unconditionally. also having this as a compile option for the main package is bad as it will result in release builds never seeing this feature. please move it to a separate package inside the same Makefile and a small nitpick at the end of the patch ... John Signed-off-by: Rosy Song--- package/network/services/samba36/Makefile | 11 +++ .../network/services/samba36/files/lib/samba.sh| 83 ++ .../network/services/samba36/files/samba.hotplug | 11 +++ 3 files changed, 105 insertions(+) create mode 100644 package/network/services/samba36/files/lib/samba.sh create mode 100644 package/network/services/samba36/files/samba.hotplug [...] diff --git a/package/network/services/samba36/files/samba.hotplug b/package/network/services/samba36/files/samba.hotplug new file mode 100644 index 00..d4c8e7c5f5 --- /dev/null +++ b/package/network/services/samba36/files/samba.hotplug @@ -0,0 +1,11 @@ +. /lib/samba/samba.sh + +samba_dev_filter $DEVNAME +[ "$FLAG_DEV_TYPE" = "not-mtd" ] || exit + +config_load samba +case $ACTION in + add) samba_add_section $DEVNAME;; + remove) samba_delete_section $DEVNAME;; +esac +uci commit uci commit samba should be enough here. ___ Lede-dev mailing list Lede-dev@lists.infradead.org http://lists.infradead.org/mailman/listinfo/lede-dev