Add the KERNEL_BTRFS_FS config option so that targets can select
whether BTRFS support must be built-in.
Select this option (alongside KERNEL_BTRFS_FS_POSIX_ACL) from the
layerscape/armv8_64b subtarget instead of enabling it in
target/linux/layerscape/armv8_64b/config-* files.
Move disabling of CONFIG_BTRFS_FS_CHECK_INTEGRITY into generic configs.
This makes it possible for OpenWRT to be built with built-in BTRFS
support on specific boards, instead of whole targets.
Signed-off-by: Marek Behún <kabel@kernel.org>
Link: https://github.com/openwrt/openwrt/pull/15990
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Enabling KERNEL_DEBUG_INFO_BTF and KERNEL_KPROBE_EVENTS on 6.6 exposes
CONFIG_PROBE_EVENTS_BTF_ARGS in the kernel config. Add a build option
for it to fix build failures with KERNEL_DEBUG_INFO_BTF and
KERNEL_KPROBE_EVENTS enabled on targets using the 6.6 kernel.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
This reverts commit 25bbefcdd9424ed1b6ef35a39e84420fc4cce322.
Only the Config-build.in change needed to be merged and this contains
leftover from previous revision of the feature.
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
On top of the fixup to select apk-mbedtls when USE_APK is enabled from a
new config, also imply the package when enabling the config to catch
.config that are already init.
(Having both opkg and apk installed in a system is not a problem but if
USE_APK is used, APK presence in the system is mandatory)
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
Limit CONFIG_IPK_FILES_CHECKSUMS config to OPKG as APK have different
way to validate package integrity (apk audit)
Link: https://github.com/openwrt/openwrt/pull/15543
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
The recent kernel v6.6.31 update broke BTF-enabled builds since upstream
Linux added a prompt for config option DEBUG_INFO_BTF_MODULES in commit
2166cb2e21 ("bpf, kconfig: Fix DEBUG_INFO_BTF_MODULES Kconfig definition").
Fix by updating Config-kernel.in to add the option, cleaning up a related
dependency and whitespace also.
Fixes: 10d77b9bc3 ("kernel: bump 6.6 to 6.6.31")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
A new option called `USE_APK` is added which generated APK packages
(.apk) instead of OPKG packages (.ipk).
Some features like fstools `snapshot` command are not yet ported
Signed-off-by: Paul Spooren <mail@aparcar.org>
STRIP_KERNEL_EXPORTS is currently not working on kernel 6.6 as there
have been major changes in the upstream kernel.
I have looked at it, and I dont think we can adapt the current patch to
work so until this is fixed lets prevent STRIP_KERNEL_EXPORTS from
being selected on 6.6.
Link: https://github.com/openwrt/openwrt/pull/15498
Signed-off-by: Robert Marko <robimarko@gmail.com>
Kernel 6.6 has moved the ARM PMUv3 driver to drivers/perf and now once
KERNEL_ARM_PMU is selected trying to build the kernel will stop with:
ARM PMUv3 support (ARM_PMUV3) [N/y/?] (NEW)
So, lets enable ARM_PMUV3 for ARMv7 and ARMv8 architectures if
KERNEL_PERF_EVENTS is selected.
Fixes: #15466
Link: https://github.com/openwrt/openwrt/pull/15469
Signed-off-by: Robert Marko <robimarko@gmail.com>
Add target for Loongson LoongArch64-based boards.
LoongArch is a new RISC ISA developed by Loongson. It's a bit like
MIPS or RISC-V. LoongArch includes both 32-bit and 64-bit versions
(LoongArch32/LoongArch64).
Loongson 3A5000 and 3A6000 are the two existing CPUs of LoongArch64
and is used for PC products. It's BIOS supports ACPI and UEFI-only
boot. These CPUs supports SMP and SMT.
At present only LoongArch64 is supported by linux kernel.
Toolchain requirement:
binutils >= 2.40
gcc >= 13.1
For details, please check the following links:
https://lwn.net/Articles/861951/https://loongson.github.io/LoongArch-Documentation/README-EN.html
Signed-off-by: Weijie Gao <hackpascal@gmail.com>
Increasing the size of the rootfs_data filesystem has become a ever
repeating discussion and seems to be the most important thing for
users of the MediaTek-based BananaPi boards.
Using the whole remaining size of a microSD or the eMMC for rootfs_data
doesn't make sense for many reasons, but neither does the current
default of 104 MiB for the 'rootfs' partition size.
Increase the 'rootfs' partition size to 448 MiB which will result in
the sdcard image being exactly 512 MiB. Finding a microSD card smaller
than 512 MiB and still working could anyway be difficult in 2024.
That will allow users to install even bloatware written in Go or other
space-hungry languages while still leaving most of the space unallocated
for additional partitions or volumes to be used for persistent user
data.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
At the moment we have to manually follow the default GCC version
also in config/Config-kernel.in. This tends to be forgotten at GCC
version bumps (just happened when switching from version 12 to 13).
Instead, introduce a hidden Kconfig symbol which implies KERNEL_WERROR
in toolchain/gcc/Config.in where it is visible for developers changing
the default version.
Also remove the explicit default on BUILDBOT to avoid a circular
dependency and also because buildbots anyway implicitly always select
the default GCC version.
Reference: https://github.com/openwrt/openwrt/pull/15064
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Not having a journal by default is a major "gotcha".
Because openwrt does not fsck on boot, a power loss without journaling
can result in a dirty filesystem that openwrt will mount as read-only
which requires intervention to restore the router to working order.
Signed-off-by: Jordan Woyak <jordan.woyak@gmail.com>
KASAN has supported more architectures, such as ARM, PPC32 and RISC-V 64.
Enable KASAN option for those architectures.
Signed-off-by: Qingfang Deng <dqfext@gmail.com>
The GCC option -fstack-protector-all is a security feature used to protect against stack-smashing attacks.
This option enhances the stack-smashing protection provided by -fstack-protector-strong.
-fstack-protector-all option applies stack protection to all functions, regardless of their characteristics.
While this offers the most comprehensive protection against stack-smashing attacks, it can significantly impact
the performance of the program because every function call includes additional checks for stack integrity.
This option can incur a performance penalty because of the extra checks added to every function call,
but it significantly enhances security, making it harder for attackers to exploit buffer overflows to execute arbitrary code.
It's particularly useful in scenarios where security is paramount and performance trade-offs are acceptable.
Signed-off-by: Cedric DOURLENT <cedric.dourlent@softathome.com>
The newly added device Linksys MX4200, however, has limited kernel
partition and it's too small to place BTF kernel there.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
GRUB_SERIAL is also used for the default serial on the target and not
only in grub. When no grub was build it was not available and the build
fails.
Rename GRUB_SERIAL to TARGET_SERIAL and make it always available on x86
and armsr targets.
Fixes: #14063
Fixes: b10768476f9d ("x86,armsr: interpolate GRUB_SERIAL into /etc/inittab")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Allow selecting KERNEL_SLUB_DEBUG and KERNEL_SLUB_DEBUG_ON manually and
provide detailed help for both.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
CycloneDX is an open source standard developed by the OWASP foundation.
It supports a wide range of development ecosystems, a comprehensive set
of use cases, and focuses on automation, ease of adoption, and
progressive enhancement of SBOMs (Software Bill Of Materials) throughout
build pipelines.
So lets add support for CycloneDX SBOM for packages and images
manifests.
Signed-off-by: Petr Štetiar <ynezz@true.cz>
CONFIG_ARM_PMU (Arm Performance Monitor Unit) is a requirement
to use KVM (virtualization) from Linux 5.11+, as the virtualised
guest has virtualized PMU access.
Signed-off-by: Mathew McBride <matt@traverse.com.au>
Currently KASAN is supported but only the generic one. SW-tag and HW-tag
based KASAN have less impact on memory footprint or performance, and are
worth supporting.
Add choice menu for software and hardware Tag-Based KASAN, in addition
to the generic one.
Signed-off-by: Zhen XIN <zhen.xin@nokia-sbell.com>
[Restructure commit message]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
