Several devices provide U-Boot versions with only gzip compressed kernel
support (e.g. Realtek switches). This compression method produces larger
images than lzma. To save space on flash and avoid going the hard way with
lzma-loader we can make use of enhanced gzip tool based on libdeflate
compression library from https://github.com/ebiggers/libdeflate. It
keeps 100% deflate/gzip compatibility while improving compression ratio.
The image can be unpacked by the default inflate routines inside U-Boot.
Signed-off-by: Markus Stockhausen <markus.stockhausen@gmx.de>
[Switched to v1.15 and made it work with cmake]
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Reviewed-by: Robert Marko <robimarko@gmail.com>
Reviewed-by: Rosen Penev <rosenp@gmail.com>
Reviewed-by: Sander Vanheule <sander@svanheule.net>
* rules: fix broken commitcount on alpine system
To generate commitcount we use grep --max-count. This is not present on
alpine grep and cause wrong generation. Use -m as it's just the short
version of --max-count and more portable.
Fixes: #11200
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
* image-commands.mk: Be consistent in command invocation
Most/all other tools use the staging dir prefix, gzip should as well.
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Acked-by: Christian Marangi <ansuelsmth@gmail.com>
* image: fix device profile specific COMPILE targets
Commit a01d23e75 ("image: always rebuild kernel loaders")
is a step in the right direction, but exposed some issues
and regressions in the makefile.
Some of the files made by device specific COMPILE targets
start with an "append" command (i.e. >> instead of > redirection)
and if the file already exists, the target file is the
input to itself before the first recipe-specified input.
Fixes: a01d23e75 ("image: always rebuild kernel loaders")
Fixes: a7fb589e8 ("image: always rebuild kernel loaders")
Signed-off-by: Michael Pratt <mcpratt@pm.me>
* trusted-firmware-a.mk: use correct CPE ID
There are 2 different CPE IDs on the NVD website:
cpe:/a:arm:trusted_firmware-a
cpe:/o:arm:arm_trusted_firmware
The ID as currently used in trusted-firmware-a.mk does not exist. The
CPE ID using the arm_trusted_firmware product name only lists a few
records for versions 2.2 and 2.3 on the NVD site. The CPE ID using the
trusted_firmware-a product name lists many more records, and actually
has a CVE linked to it. Therefore, use the CPE ID using the
trusted_firmware-a product name.
Fixes: 104d60fe94ce ("trusted-firmware-a.mk: add PKG_CPE_ID")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
* fritz-tools: fritz_tffs_nand: exclude oob code when disabled
Skip unnecessary stuff if checking the oob data is disabled.
Signed-off-by: Andre Heider <a.heider@gmail.com>
* fritz-tools: fritz_tffs_nand: get rid of struct tffs_sectors
This doesn't help and "[0]" gets in the way of bounds checks.
Signed-off-by: Andre Heider <a.heider@gmail.com>
* fritz-tools: fritz_tffs_nand: cache already read sector ids
This speeds up the tool significantly, especially when using the "-a"
argument.
Signed-off-by: Andre Heider <a.heider@gmail.com>
* iproute2: add missing libbpf dependency
This patch adds libbpf to the dependencies of tc-mod-iptables.
The package tc-mod-iptables is missing libbpf as a dependency,
which leads to the build failure described in bug #9491
LIBBPF_FORCE=on set, but couldn't find a usable libbpf
The build dependency is already automatically added because some other
packages from iproute2 depend on libbpf, but bpftools has multiple build
variants. With multiple build variants none gets build by default and
the build system will not build bpftools before iproute2.
Fixes: #9491
Signed-off-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* iproute2: update to 6.0.0
Release Notes:
https://lore.kernel.org/netdev/20221004082610.56b04719@hermes.local/t/
Remove upstreamed patch:
- 010-ipstats-Add-param.h-for-musl.patch
Refreshed:
- 140-keep_libmnl_optional.patch
- 145-keep_libelf_optional.patch
- 150-keep_libcap_optional.patch
- 155-keep_tirpc_optional.patch
- 170-ip_tiny.patch
- 190-fix-nls-rpath-link.patch
- 200-drop_libbsd_dependency.patch
- 300-selinux-configurable.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
* iproute2: update to 6.1.0
Announcement:
https://lore.kernel.org/netdev/20221214094130.7b11ec2e@hermes.local/T/#t
Refresh patch:
- 170-ip_tiny.patch
Signed-off-by: Nick Hainke <vincent@systemli.org>
* tools/xz: update to 5.2.10
Update to latest version.
Signed-off-by: Nick Hainke <vincent@systemli.org>
* Revert "Revert "tools/upx: remove (#10622)""
This reverts commit d3e16f203a.
* kernel: Make use of KERNEL_MAKE
Make use of KERNEL_MAKE in kernel packages were easily possible.
This moves some more code to common places and reduces the number of
lines.
It is defined like this:
KERNEL_MAKE = $(MAKE) $(KERNEL_MAKEOPTS)
KERNEL_MAKEOPTS = -C $(LINUX_DIR) $(KERNEL_MAKE_FLAGS)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* toolchain: gcc: backport patches to fix build with glibc 2.36
glibc 2.36 changed the definition of enum fsconfig_command, it now
collides with the same definition from sys/mount.h. Remove the include
of linux/fs.h This still compiled with musl too.
This backports a patch which is already in the stable branch of GCC 11
and GCC 12.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* toolchain: glibc: Update to glibc 2.36
This updates to glibc to version 2.36.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools/llvm: update to 15.0.6
Release Notes:
https://discourse.llvm.org/t/llvm-15-0-0-release/65099https://discourse.llvm.org/t/llvm-15-0-1-released/65380https://discourse.llvm.org/t/llvm-15-0-2-released/65695https://discourse.llvm.org/t/llvm-15-0-3-released/66036https://discourse.llvm.org/t/llvm-15-0-4-released/66337https://discourse.llvm.org/t/llvm-15-0-5-release/66616https://discourse.llvm.org/t/llvm-15-0-6-released/66899
Remove HOST_BUILD_PARALLEL as it's default now.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Signed-off-by: Olliver Schinagl <oliver@schinagl.nl>
Signed-off-by: Michael Pratt <mcpratt@pm.me>
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Signed-off-by: Andre Heider <a.heider@gmail.com>
Signed-off-by: Kien Truong <duckientruong@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Co-authored-by: Christian Marangi <ansuelsmth@gmail.com>
Co-authored-by: Olliver Schinagl <oliver@schinagl.nl>
Co-authored-by: Michael Pratt <mcpratt@pm.me>
Co-authored-by: Stijn Tintel <stijn@linux-ipv6.be>
Co-authored-by: Andre Heider <a.heider@gmail.com>
Co-authored-by: Kien Truong <duckientruong@gmail.com>
Co-authored-by: Nick Hainke <vincent@systemli.org>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
upx is already in package/lean/upx
save a bit of compilation time.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* package: sync with upstream
Removed: package/libs/libselinux/bcm27xx-userland (Already in package/utils/bcm27xx-userland)
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* uclibc++: remove
No package here depends on it. Furthermore, uClibc++ is a fairly buggy
C++ library and seems to be relatively inactive upstream.
It also lacks proper support for modern C++11 features.
The main benefit of it is size: 66.6 KB vs 287.3 KB on mips24kc. Static
linking and LTO can help bring the size down of packages that need it.
Added warning message to uclibc++.mk
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
* target: sync with upstream
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
* toolchain: gcc: Remove gcc 10.x support
This compiler is old and was never used by default in OpenWrt.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* ucode: update to latest Git HEAD
46d93c9 tests: fixup testcases
4c654df types: adjust double printing format
eac2add compiler: fix bytecode for logical assignments of properties
3903b18 fs: add `realpath()` function
8366102 math: add isnan() function
eef83d3 tests: relax sleep() test
394e901 lib: uc_json(): accept trailing whitespace when parsing strings
1867c8b uloop: terminate parent uloop in task child processes
d2cc003 uci: auto-load package in `ctx.foreach()` and `ctx.get_first()`
6c5ee53 compiler: ensure that arrow functions with block bodies return no value
fdc9b6a compiler: fix `??=`, `||=` and `&&=` logical assignment semantics
88dcca7 add cmake to install requires for debian
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* firewall4: update to latest Git HEAD
700a925 fw4: prevent null access when no ipsets are defined
6443ec7 config: drop input traffic by default
119ee1a ruleset: drop ctstate invalid traffic for masq-enabled zones
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* ustream-ssl: update to Git version 2022-12-07
9217ab4 ustream-openssl: Disable renegotiation in TLSv1.2 and earlier
2ce1d48 ci: fix building with i.MX6 SDK
584f1f6 ustream-openssl: wolfSSL: provide detailed information in debug builds
aa8c48e cmake: add a possibility to set library version
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* tools/mpfr: import patch fixing macro bug
Co-authored-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Co-authored-by: Rosen Penev <rosenp@gmail.com>
Co-authored-by: Hauke Mehrtens <hauke@hauke-m.de>
Co-authored-by: Jo-Philipp Wich <jo@mein.io>
Co-authored-by: Nick Hainke <vincent@systemli.org>
this is in the codebase because of libsigc++, which is not in the codebase anymore.
Neither in base nor in packages. It doesn't seem to be needed by
anything else either. GNOME packages have transitioned to using meson,
which does not use m4 files.
Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
It shouldn't be needed anymore as we've now `scripts/xxdi.pl`, which
should be self contained and fully compatible `xxd -i` replacement.
Fixes: #10555
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Some buildbots fail to build elfutils due to m4 being missing. Add m4 as
a dependency for elfutils to fix this.
Fixes: ad79b9271949 ("elfutils: move host build to tools")
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
dwarves is a set of tools that use the debugging information inserted in
ELF binaries by compilers such as GCC. Utilities in the dwarves suite
include pahole, which can be used to find alignment holes in structs and
classes, and also extracts other information such as CPU cacheline
alignment, helping pack those structures to achieve more cache hits.
These tools are also used to encode and read the BTF type information
format used with the bpf syscall, making this a Linux build dependency
when using kernel BTF information.
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
[bump to 1.23, add elfutils dep, drop host lib usage, drop cmake release
target, use RM macro]
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
The upcoming dwarves host package requires elfutils. As dependencies for
tools must exist in tools, we need to move elfutils host build there.
As there is at least one package that depends on this, and there is no
proper way to create such dependency in the build system, build it
unconditionally when not building on macOS.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
On macOS, system binaries silently drop the environment variables for injecting
extra shared libraries (used by fakeroot). This is done for security reasons.
Work around this by building bash from source, so that it gets an ad-hoc signature
and does not have these restrictions
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add the 7zr command line tool, which is a version of the 7z application
that only supports 7z archives.
7z is one of the two compression formats supported in H3C firmware
images (the alternative would be ARJ).
(Alternatively, the 7zr command line tool could also be built from a
current version of the public-domain LZMA SDK. That would require
repackaging the source package, as it is only provided in 7z format.)
Signed-off-by: Jan Hoffmann <jan@3e8.eu>
Switched to CMake for faster compilation and greater parallel
friendliness.
Added CMake options from the packages feed.
This release fixes various CVEs.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
* download.pl: add jsDelivr mirror for GitHub and add utsc mirrors
* m520: fix 'hlos' not found
* dependence: add python3
* netfilter: Revert delete support for kernel 4.9
* scons: move to packages feed
