diff --git a/board/aarch64/README.md b/board/aarch64/README.md index 304681c71..e1237580b 100644 --- a/board/aarch64/README.md +++ b/board/aarch64/README.md @@ -3,5 +3,7 @@ aarch64 Board Specific Documentation ---------------------------- + - [Marvell CN9130-CRB](cn9130-crb/) - [Microchip SparX-5i PCB135 (eMMC)](sparx5-pcb135/) +- [NanoPi R2S](r2s/) diff --git a/board/aarch64/r2s/README.md b/board/aarch64/r2s/README.md new file mode 100644 index 000000000..46304984d --- /dev/null +++ b/board/aarch64/r2s/README.md @@ -0,0 +1,165 @@ +FriendlyELC NanoPi R2S +====================== + +The [NanoPi R2S][1] is a very low-cost 64-bit ARM min router, powered by +the Rockchip RK3328, quad-core Cortex-A53. + +The R2S does not have any onboard eMMC, so the only way to boot Infix on +it is using and SD card. + + +LEDs +---- + +The front system LEDs work as follows in Infix: + +| **Stage** | **SYS** | **LAN** | **WAN** | +|----------------|---------|---------|---------| +| Power-on | dimmed | off | off | +| Factory reset | on | on | on | +| Linux loading | on | off | off | +| System loading | 1 Hz | off | off | +| System up | off | on | off | +| WAN address | off | on | on | +| Locate | 1 Hz | 1 Hz | 1 Hz | +| Fail safe | 5 Hz | off | off | +| Panic | 5 Hz | 5 Hz | 5 Hz | + +Powering on the device the SYS LED is turned on faintly (dimmed). It +remains dimmed while U-Boot loads the kernel, and turns bright red when +the kernel starts. It remains steady on until the system has started +the LED daemon, `iitod`, which sets it blinking at 1 Hz while the rest +of the system starts up. When the system has come up successfully, the +SYS LED is turned off and the green LAN LED turns on. The WAN LED will +turn on (green) when the WAN interface is up and has an IP address. + +> Compared to the `x86_64` Qemu target, it takes a while to parse all +> YANG models and load `startup-config`, but the whole process should +> not take more than 60 seconds, and usually a lot less. + +If a "find my device" function exists, it will blink all LEDs at 1 Hz. + +If `startup-config` fails to load Ínfix reverts to `failure-config`, +putting the device in fail safe (or fail secure) mode. Indicated by +the SYS LED blinking at 5 Hz instead of turning off. + +If Infix for some reason also fails to load `failure-config`, then all +LEDs will blink at 5 Hz to clearly indicate something is very wrong. + +In all error cases the console shows the problem. + + +Factory Reset +------------- + +The reset button on the side can be used not only to safely reboot the +device, but can also be used to trigger a factory reset at power on. + +At power-on, keep the reset button pressed for 10 seconds. The system +LEDs (SYS, WAN, LAN) will all blink at 1 Hz, to help you count down the +seconds. When the 10 seconds have passed all LEDs are turned off before +loading Linux. + +When Linux boots up it confirms the factory reset by lighting up the +LEDs again, no blinking this time. The LEDs stay on until all files and +directories on read/writable partitions (`/cfg` and `/var`) have been +safely erased. + +The system then continues loading, turning off all LEDs except SYS, +which blinks calmly at 1 Hz as usual until the system has completed +loading, this time with a `startup-config` freshly restored from the +device's `factory-config`. + + +How to Build +------------ + +``` +$ make r2s_defconfig +$ make +``` + +Once the build has finished you will have `output/images/sdcard.img` +which you can flash to an SD card. + +``` +$ sudo dd if=output/images/sdcard.img of=/dev/mmcblk0 bs=1M status=progress oflag=direct +``` + +> **WARNING:** ensure `/dev/mmcblk0` really is the correct device for +> your SD card, and not used by the system! + + +Booting the Board +----------------- + + 1. Connect a TTL cable to three UART pins, GND is closest to the edge + 2. Insert the flashed SD card + 3. Power-up the board using an USB-C cable (ensure good power source!) + +Worth noting, unlike many other boards, the Rockchip family of chipsets +runs the UART at 1500000 bps (1.5 Mbps) 8N1. + + +Secure Boot +----------- + +Like other Infix builds, the R2S enjoys secure boot. Please note, +however that the default signing keys are the public! + +Also, default builds allow modifying and saving the U-Boot environment +(see below), which you may want to disable to secure the device. The +device also runs in *developer mode*, allowing full U-Boot shell access, +which you may also want to disable in a full production setting. + + +Caveat +------ + +Most (all?) of these boards do not have any Vital Product Data (VPD) +EEPROM mounted. This means they do not come with unique MAC addresses +allocated to the two Ethernet ports. + +The bootloader (U-Boot) default environment for the board is usually +what provides a default, the same default MAC addresses to Linux: + + - 4a:dc:d8:20:0d:84 + - 4a:dc:d8:20:0d:85 + +This is important in case you want to run multiple R2S devices on the +same LAN. Meaning you either have to change the MAC address in the +U-Boot environment (below), or modify your `phys-address` setting in +Infix for the interface(s). + +Break into U-Boot using Ctrl-C at power-on, preferably when the text +`Press Ctrl-C NOW to enter boot menu` is displayed. Exit the menu to +get to the prompt: + +``` +(r2s) printenv +... +eth1addr=4a:dc:d8:20:0d:84 +ethact=ethernet@ff540000 +ethaddr=4a:dc:d8:20:0d:85 +ethprime=eth0 +... +``` + +Here we change both addresses, using the *Locally Administered* bit: + +``` +(r2s) setenv eth1addr 02:00:c0:ff:ee:01 +(r2s) setenv ethaddr 02:00:c0:ff:ee:00 +(r2s) saveenv +``` + +Boot the system, log into Linux, and inspect the MAC addresses: + +``` +admin@infix-00-00-00:~$ ip -br l +lo UP 00:00:00:00:00:00 +eth0 UP 02:00:c0:ff:ee:00 +eth1 UP 02:00:c0:ff:ee:01 +``` + +[1]: https://wiki.friendlyelec.com/wiki/index.php/NanoPi_R2S diff --git a/board/aarch64/r2s/extlinux.conf b/board/aarch64/r2s/extlinux.conf deleted file mode 100644 index 0e2b3c031..000000000 --- a/board/aarch64/r2s/extlinux.conf +++ /dev/null @@ -1,4 +0,0 @@ -label Infix on NanoPi R2S - kernel /boot/Image - devicetree /boot/rk3328-nanopi-r2s.dtb - append root=/dev/mmcblk0p1 rw rootwait bonding.max_bonds=0 dummy.numdummies=0 fb_tunnels=none quiet diff --git a/board/aarch64/r2s/genimage.cfg b/board/aarch64/r2s/genimage.cfg index 850ee31a4..a75137403 100644 --- a/board/aarch64/r2s/genimage.cfg +++ b/board/aarch64/r2s/genimage.cfg @@ -1,37 +1,70 @@ image cfg.ext4 { + empty = true + temporary = true + size = 16M + ext4 { label = "cfg" } +} + +image var.ext4 { empty = true - size = 16M + temporary = true + size = 512M + + ext4 { + label = "var" + use-mke2fs = true + } } image sdcard.img { hdimage { + partition-table-type = "gpt" } partition u-boot-tpl-spl-dtb { in-partition-table = "no" - image = "idbloader.img" offset = 32K + image = "idbloader.img" } partition u-boot-dtb { in-partition-table = "no" - image = "u-boot.itb" offset = 8M + image = "u-boot.itb" } - partition rootfs { - partition-type = 0x83 + partition aux { + partition-uuid = D4EF35A0-0652-45A1-B3DE-D63339C82035 offset = 16M - image = "rootfs.ext4" + image = "aux.ext4" + } + + partition primary { + partition-type-uuid = 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + bootable = true + size = 200M + image = "rootfs.squashfs" + } + + partition secondary { + partition-type-uuid = 0FC63DAF-8483-4772-8E79-3D69D8477DE4 + bootable = true + size = 200M + image = "rootfs.squashfs" } partition cfg { - partition-type = 0x83 + partition-uuid = 7aa497f0-73b5-47e5-b2ab-8752d8a48105 image = "cfg.ext4" } + + partition var { + partition-uuid = 8046A06A-E45A-4A14-A6AD-6684704A393F + image = "var.ext4" + } } # Silence genimage warnings diff --git a/board/aarch64/r2s/linux_defconfig b/board/aarch64/r2s/linux_defconfig index c2ce2eb23..0d152b6d2 100644 --- a/board/aarch64/r2s/linux_defconfig +++ b/board/aarch64/r2s/linux_defconfig @@ -3,22 +3,31 @@ CONFIG_POSIX_MQUEUE=y CONFIG_AUDIT=y CONFIG_NO_HZ_IDLE=y CONFIG_HIGH_RES_TIMERS=y +CONFIG_BPF_SYSCALL=y CONFIG_BPF_JIT=y CONFIG_PREEMPT=y CONFIG_IRQ_TIME_ACCOUNTING=y CONFIG_BSD_PROCESS_ACCT=y CONFIG_BSD_PROCESS_ACCT_V3=y +CONFIG_TASKSTATS=y +CONFIG_TASK_DELAY_ACCT=y +CONFIG_TASK_XACCT=y +CONFIG_PSI=y CONFIG_IKCONFIG=y CONFIG_IKCONFIG_PROC=y -CONFIG_NUMA_BALANCING=y +CONFIG_LOG_BUF_SHIFT=18 CONFIG_MEMCG=y CONFIG_BLK_CGROUP=y +CONFIG_CFS_BANDWIDTH=y +CONFIG_RT_GROUP_SCHED=y CONFIG_CGROUP_PIDS=y +CONFIG_CGROUP_FREEZER=y CONFIG_CGROUP_HUGETLB=y CONFIG_CPUSETS=y CONFIG_CGROUP_DEVICE=y CONFIG_CGROUP_CPUACCT=y CONFIG_CGROUP_PERF=y +CONFIG_CGROUP_BPF=y CONFIG_NAMESPACES=y CONFIG_USER_NS=y CONFIG_SCHED_AUTOGROUP=y @@ -27,19 +36,14 @@ CONFIG_EXPERT=y CONFIG_KALLSYMS_ALL=y CONFIG_PROFILING=y CONFIG_KEXEC_FILE=y -CONFIG_CRASH_DUMP=y -CONFIG_ARCH_ACTIONS=y CONFIG_ARCH_ROCKCHIP=y -CONFIG_ARCH_VEXPRESS=y CONFIG_ARM64_VA_BITS_48=y CONFIG_SCHED_MC=y CONFIG_SCHED_SMT=y -CONFIG_NUMA=y +CONFIG_NR_CPUS=8 CONFIG_COMPAT=y CONFIG_RANDOMIZE_BASE=y -CONFIG_HIBERNATION=y -CONFIG_WQ_POWER_EFFICIENT_DEFAULT=y -CONFIG_ENERGY_MODEL=y +# CONFIG_SUSPEND is not set CONFIG_ARM_PSCI_CPUIDLE=y CONFIG_CPU_FREQ=y CONFIG_CPU_FREQ_STAT=y @@ -48,8 +52,8 @@ CONFIG_CPU_FREQ_GOV_USERSPACE=y CONFIG_CPU_FREQ_GOV_ONDEMAND=y CONFIG_CPU_FREQ_GOV_CONSERVATIVE=m CONFIG_CPUFREQ_DT=y -CONFIG_ACPI_CPPC_CPUFREQ=m CONFIG_ARM_SCMI_CPUFREQ=y +CONFIG_ACPI_CPPC_CPUFREQ=m CONFIG_ACPI=y CONFIG_ACPI_APEI=y CONFIG_ACPI_APEI_GHES=y @@ -57,6 +61,7 @@ CONFIG_ACPI_APEI_MEMORY_FAILURE=y CONFIG_ACPI_APEI_EINJ=y CONFIG_VIRTUALIZATION=y CONFIG_KVM=y +CONFIG_KPROBES=y CONFIG_JUMP_LABEL=y # CONFIG_GCC_PLUGINS is not set CONFIG_MODULES=y @@ -67,8 +72,11 @@ CONFIG_KSM=y CONFIG_MEMORY_FAILURE=y CONFIG_TRANSPARENT_HUGEPAGE=y CONFIG_CMA=y +CONFIG_CMA_AREAS=20 CONFIG_NET=y CONFIG_PACKET=y +CONFIG_XDP_SOCKETS=y +CONFIG_XDP_SOCKETS_DIAG=y CONFIG_IP_MULTICAST=y CONFIG_IP_ADVANCED_ROUTER=y CONFIG_IP_MULTIPLE_TABLES=y @@ -76,24 +84,66 @@ CONFIG_IP_ROUTE_MULTIPATH=y CONFIG_IP_PNP=y CONFIG_IP_PNP_DHCP=y CONFIG_IP_PNP_BOOTP=y -CONFIG_NET_IPIP=y -CONFIG_NET_IPGRE_DEMUX=y +CONFIG_NET_IPIP=m +CONFIG_NET_IPGRE_DEMUX=m CONFIG_NET_IPGRE=m CONFIG_NET_IPGRE_BROADCAST=y CONFIG_IP_MROUTE=y CONFIG_IP_MROUTE_MULTIPLE_TABLES=y CONFIG_IP_PIMSM_V1=y CONFIG_IP_PIMSM_V2=y -CONFIG_IPV6=m +CONFIG_SYN_COOKIES=y +CONFIG_IPV6_SIT=m +CONFIG_IPV6_GRE=m +CONFIG_IPV6_MULTIPLE_TABLES=y +CONFIG_IPV6_SUBTREES=y +CONFIG_IPV6_MROUTE=y +CONFIG_IPV6_MROUTE_MULTIPLE_TABLES=y +CONFIG_IPV6_PIMSM_V2=y +CONFIG_NETWORK_PHY_TIMESTAMPING=y CONFIG_NETFILTER=y -CONFIG_NF_CONNTRACK=m +CONFIG_BRIDGE_NETFILTER=y +CONFIG_NETFILTER_NETLINK_QUEUE=y +CONFIG_NETFILTER_NETLINK_LOG=y +CONFIG_NF_CONNTRACK=y CONFIG_NF_CONNTRACK_EVENTS=y +CONFIG_NF_CONNTRACK_FTP=y CONFIG_NF_TABLES=y CONFIG_NF_TABLES_INET=y +CONFIG_NF_TABLES_NETDEV=y +CONFIG_NFT_CT=m +CONFIG_NFT_CONNLIMIT=m +CONFIG_NFT_LOG=m +CONFIG_NFT_LIMIT=m +CONFIG_NFT_MASQ=m +CONFIG_NFT_REDIR=m +CONFIG_NFT_NAT=m +CONFIG_NFT_TUNNEL=m +CONFIG_NFT_QUEUE=m +CONFIG_NFT_REJECT=m +CONFIG_NFT_COMPAT=m +CONFIG_NFT_HASH=m +CONFIG_NFT_SOCKET=m +CONFIG_NFT_OSF=m +CONFIG_NFT_DUP_NETDEV=m +CONFIG_NFT_FWD_NETDEV=m +CONFIG_NFT_REJECT_NETDEV=m CONFIG_NETFILTER_XT_TARGET_CHECKSUM=m CONFIG_NETFILTER_XT_TARGET_LOG=m CONFIG_NETFILTER_XT_MATCH_ADDRTYPE=m +CONFIG_NETFILTER_XT_MATCH_BPF=m +CONFIG_NETFILTER_XT_MATCH_CGROUP=m +CONFIG_NETFILTER_XT_MATCH_COMMENT=m +CONFIG_NETFILTER_XT_MATCH_CONNLABEL=m +CONFIG_NETFILTER_XT_MATCH_CONNMARK=m CONFIG_NETFILTER_XT_MATCH_CONNTRACK=m +CONFIG_NETFILTER_XT_MATCH_DSCP=m +CONFIG_NETFILTER_XT_MATCH_HELPER=m +CONFIG_NETFILTER_XT_MATCH_LIMIT=m +CONFIG_NETFILTER_XT_MATCH_MAC=m +CONFIG_NETFILTER_XT_MATCH_MARK=m +CONFIG_NETFILTER_XT_MATCH_MULTIPORT=m +CONFIG_NETFILTER_XT_MATCH_PHYSDEV=m CONFIG_IP_NF_IPTABLES=m CONFIG_IP_NF_FILTER=m CONFIG_IP_NF_TARGET_REJECT=m @@ -101,17 +151,46 @@ CONFIG_IP_NF_NAT=m CONFIG_IP_NF_TARGET_MASQUERADE=m CONFIG_IP_NF_MANGLE=m CONFIG_IP6_NF_IPTABLES=m +CONFIG_IP6_NF_MATCH_AH=m +CONFIG_IP6_NF_MATCH_EUI64=m +CONFIG_IP6_NF_MATCH_IPV6HEADER=m CONFIG_IP6_NF_FILTER=m CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_MANGLE=m +CONFIG_IP6_NF_RAW=m CONFIG_IP6_NF_NAT=m CONFIG_IP6_NF_TARGET_MASQUERADE=m -CONFIG_BRIDGE=m +CONFIG_IP6_NF_TARGET_NPT=m +CONFIG_NF_TABLES_BRIDGE=m +CONFIG_NFT_BRIDGE_META=m +CONFIG_NFT_BRIDGE_REJECT=m +CONFIG_NF_CONNTRACK_BRIDGE=y +CONFIG_BRIDGE_NF_EBTABLES=m +CONFIG_BRIDGE_EBT_BROUTE=m +CONFIG_BRIDGE_EBT_T_FILTER=m +CONFIG_BRIDGE_EBT_T_NAT=m +CONFIG_BRIDGE_EBT_802_3=m +CONFIG_BRIDGE_EBT_AMONG=m +CONFIG_BRIDGE_EBT_ARP=m +CONFIG_BRIDGE_EBT_IP=m +CONFIG_BRIDGE_EBT_IP6=m +CONFIG_BRIDGE_EBT_LIMIT=m +CONFIG_BRIDGE_EBT_MARK=m +CONFIG_BRIDGE_EBT_PKTTYPE=m +CONFIG_BRIDGE_EBT_STP=m +CONFIG_BRIDGE_EBT_VLAN=m +CONFIG_BRIDGE_EBT_ARPREPLY=m +CONFIG_BRIDGE_EBT_DNAT=m +CONFIG_BRIDGE_EBT_MARK_T=m +CONFIG_BRIDGE_EBT_REDIRECT=m +CONFIG_BRIDGE_EBT_SNAT=m +CONFIG_BRIDGE_EBT_LOG=m +CONFIG_BRIDGE_EBT_NFLOG=m +CONFIG_BRIDGE=y CONFIG_BRIDGE_VLAN_FILTERING=y -CONFIG_NET_DSA=m -CONFIG_NET_DSA_TAG_OCELOT=m -CONFIG_NET_DSA_TAG_OCELOT_8021Q=m -CONFIG_VLAN_8021Q=m +CONFIG_BRIDGE_MRP=y +CONFIG_BRIDGE_CFM=y +CONFIG_VLAN_8021Q=y CONFIG_VLAN_8021Q_GVRP=y CONFIG_VLAN_8021Q_MVRP=y CONFIG_NET_SCHED=y @@ -121,13 +200,22 @@ CONFIG_NET_SCH_TAPRIO=m CONFIG_NET_SCH_MQPRIO=m CONFIG_NET_SCH_INGRESS=m CONFIG_NET_CLS_BASIC=m +CONFIG_NET_CLS_BPF=m CONFIG_NET_CLS_FLOWER=m CONFIG_NET_CLS_ACT=y -CONFIG_NET_ACT_GACT=m -CONFIG_NET_ACT_MIRRED=m -CONFIG_NET_ACT_GATE=m +CONFIG_NET_ACT_GACT=y +CONFIG_NET_ACT_MIRRED=y +CONFIG_NET_ACT_NAT=y +CONFIG_NET_ACT_SKBEDIT=y +CONFIG_NET_ACT_VLAN=y +CONFIG_NET_ACT_BPF=y +CONFIG_DCB=y +CONFIG_NETLINK_DIAG=y +CONFIG_MPLS=y +CONFIG_NET_MPLS_GSO=y +CONFIG_MPLS_ROUTING=m +CONFIG_NET_PKTGEN=y CONFIG_BT=m -CONFIG_BT_HIDP=m # CONFIG_BT_LE is not set CONFIG_BT_LEDS=y # CONFIG_BT_DEBUGFS is not set @@ -142,6 +230,7 @@ CONFIG_MAC80211_LEDS=y CONFIG_RFKILL=y CONFIG_NET_9P=y CONFIG_NET_9P_VIRTIO=y +# CONFIG_ETHTOOL_NETLINK is not set CONFIG_PCI=y CONFIG_PCIEPORTBUS=y CONFIG_PCI_IOV=y @@ -157,6 +246,7 @@ CONFIG_PCI_EPF_TEST=m CONFIG_DEVTMPFS=y CONFIG_DEVTMPFS_MOUNT=y CONFIG_FW_LOADER_USER_HELPER=y +CONFIG_VEXPRESS_CONFIG=y CONFIG_ARM_SCMI_PROTOCOL=y CONFIG_ARM_SCPI_PROTOCOL=y CONFIG_EFI_CAPSULE_LOADER=y @@ -171,6 +261,7 @@ CONFIG_MTD_PHYSMAP=y CONFIG_MTD_PHYSMAP_OF=y CONFIG_MTD_DATAFLASH=y CONFIG_MTD_SST25L=y +CONFIG_MTD_BLOCK2MTD=y CONFIG_MTD_RAW_NAND=y CONFIG_MTD_NAND_DENALI_DT=y CONFIG_MTD_SPI_NOR=y @@ -191,6 +282,7 @@ CONFIG_SCSI_HISI_SAS=y CONFIG_SCSI_HISI_SAS_PCI=y CONFIG_MEGARAID_SAS=y CONFIG_SCSI_MPT3SAS=m +CONFIG_SCSI_VIRTIO=y CONFIG_ATA=y CONFIG_SATA_AHCI=y CONFIG_SATA_AHCI_PLATFORM=y @@ -198,24 +290,29 @@ CONFIG_AHCI_CEVA=y CONFIG_SATA_SIL24=y CONFIG_PATA_OF_PLATFORM=y CONFIG_MD=y -CONFIG_BLK_DEV_MD=m -CONFIG_BLK_DEV_DM=m -CONFIG_DM_MIRROR=m -CONFIG_DM_ZERO=m +# CONFIG_MD_BITMAP_FILE is not set +CONFIG_BLK_DEV_DM=y +CONFIG_DM_INIT=y +CONFIG_DM_VERITY=y +CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG=y CONFIG_NETDEVICES=y CONFIG_BONDING=m -CONFIG_DUMMY=y +CONFIG_DUMMY=m CONFIG_WIREGUARD=m CONFIG_MACVLAN=m CONFIG_MACVTAP=m -CONFIG_VXLAN=y +CONFIG_IPVLAN=m +CONFIG_IPVTAP=m +CONFIG_VXLAN=m CONFIG_GENEVE=m CONFIG_BAREUDP=m -CONFIG_TUN=y +CONFIG_MACSEC=m +CONFIG_TUN=m CONFIG_VETH=m -CONFIG_VIRTIO_NET=m +CONFIG_VIRTIO_NET=y +CONFIG_NLMON=y +CONFIG_NET_VRF=y # CONFIG_NET_VENDOR_3COM is not set -# CONFIG_NET_VENDOR_ACTIONS is not set # CONFIG_NET_VENDOR_ADAPTEC is not set # CONFIG_NET_VENDOR_AGERE is not set # CONFIG_NET_VENDOR_ALACRITECH is not set @@ -283,15 +380,12 @@ CONFIG_STMMAC_ETH=y # CONFIG_NET_VENDOR_VIA is not set # CONFIG_NET_VENDOR_WIZNET is not set # CONFIG_NET_VENDOR_XILINX is not set +CONFIG_LED_TRIGGER_PHY=y CONFIG_AX88796B_PHY=y -CONFIG_MICREL_PHY=y -CONFIG_MICROSEMI_PHY=y -CONFIG_AT803X_PHY=m +CONFIG_DAVICOM_PHY=m CONFIG_REALTEK_PHY=y CONFIG_ROCKCHIP_PHY=y CONFIG_MDIO_BITBANG=y -CONFIG_MDIO_BCM_UNIMAC=m -CONFIG_MDIO_THUNDER=y CONFIG_MDIO_BUS_MUX_MULTIPLEXER=y CONFIG_MDIO_BUS_MUX_MMIOREG=y CONFIG_USB_RTL8150=m @@ -299,6 +393,7 @@ CONFIG_USB_RTL8152=m CONFIG_USB_USBNET=y CONFIG_USB_NET_AX8817X=m CONFIG_USB_NET_AX88179_178A=m +CONFIG_USB_NET_CDC_NCM=m CONFIG_USB_NET_DM9601=m CONFIG_USB_NET_SMSC75XX=m CONFIG_USB_NET_SMSC95XX=m @@ -306,13 +401,12 @@ CONFIG_USB_NET_NET1080=m CONFIG_USB_NET_PLUSB=m CONFIG_USB_NET_MCS7830=m CONFIG_USB_NET_CDC_SUBSET=m -CONFIG_USB_NET_ZAURUS=m +# CONFIG_USB_NET_ZAURUS is not set CONFIG_ATH10K=m CONFIG_ATH10K_PCI=m CONFIG_WCN36XX=m # CONFIG_WLAN_VENDOR_ATMEL is not set # CONFIG_WLAN_VENDOR_BROADCOM is not set -# CONFIG_WLAN_VENDOR_CISCO is not set # CONFIG_WLAN_VENDOR_INTEL is not set # CONFIG_WLAN_VENDOR_INTERSIL is not set # CONFIG_WLAN_VENDOR_MARVELL is not set @@ -355,9 +449,11 @@ CONFIG_RTW89_DEBUGMSG=y # CONFIG_WLAN_VENDOR_TI is not set # CONFIG_WLAN_VENDOR_ZYDAS is not set # CONFIG_WLAN_VENDOR_QUANTENNA is not set -CONFIG_NET_FAILOVER=y CONFIG_INPUT_FF_MEMLESS=y -# CONFIG_INPUT_KEYBOARD is not set +CONFIG_INPUT_EVDEV=y +CONFIG_INPUT_EVBUG=y +CONFIG_KEYBOARD_GPIO=y +CONFIG_KEYBOARD_GPIO_POLLED=y # CONFIG_INPUT_MOUSE is not set CONFIG_INPUT_MISC=y CONFIG_INPUT_RK805_PWRKEY=y @@ -404,47 +500,38 @@ CONFIG_PPS=y CONFIG_DEBUG_PINCTRL=y CONFIG_PINCTRL_RK805=y CONFIG_PINCTRL_SINGLE=y -CONFIG_GPIO_ALTERA=m -CONFIG_GPIO_DWAPB=y -CONFIG_GPIO_MB86S7X=y -CONFIG_GPIO_PL061=y -CONFIG_GPIO_XGENE=y +CONFIG_GPIO_SYSFS=y +CONFIG_GPIO_GENERIC_PLATFORM=y CONFIG_GPIO_MAX732X=y CONFIG_GPIO_PCA953X=y CONFIG_GPIO_PCA953X_IRQ=y -CONFIG_POWER_RESET_XGENE=y +CONFIG_POWER_RESET_GPIO_RESTART=y CONFIG_POWER_RESET_SYSCON=y CONFIG_SYSCON_REBOOT_MODE=y -CONFIG_BATTERY_SBS=m -CONFIG_BATTERY_BQ27XXX=y -CONFIG_BATTERY_MAX17042=m -CONFIG_CHARGER_BQ25890=m -CONFIG_CHARGER_BQ25980=m +CONFIG_CHARGER_RK817=y CONFIG_SENSORS_ARM_SCMI=y CONFIG_SENSORS_ARM_SCPI=y -CONFIG_SENSORS_LM90=m CONFIG_SENSORS_PWM_FAN=m -CONFIG_THERMAL_GOV_POWER_ALLOCATOR=y CONFIG_CPU_THERMAL=y CONFIG_THERMAL_EMULATION=y CONFIG_ROCKCHIP_THERMAL=m CONFIG_WATCHDOG=y -CONFIG_ARM_SP805_WATCHDOG=y -CONFIG_ARM_SBSA_WATCHDOG=y -CONFIG_DW_WATCHDOG=y -CONFIG_ARM_SMC_WATCHDOG=y +CONFIG_WATCHDOG_SYSFS=y +CONFIG_SOFT_WATCHDOG=y CONFIG_MFD_RK8XX_I2C=y CONFIG_MFD_RK8XX_SPI=y -CONFIG_MFD_STMFX=y +# CONFIG_MFD_VEXPRESS_SYSREG is not set +CONFIG_REGULATOR=y CONFIG_REGULATOR_DEBUG=y CONFIG_REGULATOR_FIXED_VOLTAGE=y +CONFIG_REGULATOR_USERSPACE_CONSUMER=y +CONFIG_REGULATOR_NETLINK_EVENTS=y CONFIG_REGULATOR_GPIO=y CONFIG_REGULATOR_PWM=y CONFIG_REGULATOR_RK808=y CONFIG_REGULATOR_VCTRL=y -CONFIG_REGULATOR_VEXPRESS=m -# CONFIG_HID_GENERIC is not set -# CONFIG_USB_HID is not set +# CONFIG_HID_SUPPORT is not set +CONFIG_USB_ULPI_BUS=y CONFIG_USB_CONN_GPIO=y CONFIG_USB=y CONFIG_USB_ANNOUNCE_NEW_DEVICES=y @@ -452,6 +539,7 @@ CONFIG_USB_DYNAMIC_MINORS=y CONFIG_USB_OTG=y CONFIG_USB_XHCI_HCD=y CONFIG_USB_EHCI_HCD=y +CONFIG_USB_EHCI_ROOT_HUB_TT=y CONFIG_USB_EHCI_HCD_PLATFORM=y CONFIG_USB_OHCI_HCD=y CONFIG_USB_OHCI_HCD_PLATFORM=y @@ -460,10 +548,6 @@ CONFIG_USB_STORAGE=y CONFIG_USB_MUSB_HDRC=y CONFIG_USB_DWC3=y CONFIG_USB_DWC2=y -CONFIG_USB_CHIPIDEA=y -CONFIG_USB_CHIPIDEA_UDC=y -CONFIG_USB_CHIPIDEA_HOST=y -CONFIG_USB_ISP1760=y CONFIG_USB_SERIAL=m CONFIG_USB_SERIAL_GENERIC=y CONFIG_USB_SERIAL_SIMPLE=m @@ -471,7 +555,6 @@ CONFIG_USB_SERIAL_CP210X=m CONFIG_USB_SERIAL_FTDI_SIO=m CONFIG_USB_SERIAL_PL2303=m CONFIG_USB_SERIAL_OPTION=m -CONFIG_USB_HSIC_USB3503=y CONFIG_NOP_USB_XCEIV=y CONFIG_USB_ULPI=y CONFIG_USB_GADGET=y @@ -488,12 +571,6 @@ CONFIG_USB_CONFIGFS_RNDIS=y CONFIG_USB_CONFIGFS_EEM=y CONFIG_USB_CONFIGFS_MASS_STORAGE=y CONFIG_USB_CONFIGFS_F_FS=y -CONFIG_TYPEC=m -CONFIG_TYPEC_TCPM=m -CONFIG_TYPEC_TCPCI=m -CONFIG_TYPEC_FUSB302=m -CONFIG_TYPEC_TPS6598X=m -CONFIG_TYPEC_HD3SS3220=m CONFIG_MMC=y CONFIG_MMC_BLOCK_MINORS=32 CONFIG_MMC_ARMMMCI=y @@ -505,13 +582,9 @@ CONFIG_MMC_SDHCI_CADENCE=y CONFIG_MMC_SDHCI_F_SDH30=y CONFIG_MMC_SPI=y CONFIG_MMC_DW=y -CONFIG_MMC_DW_EXYNOS=y CONFIG_MMC_DW_HI3798CV200=y CONFIG_MMC_DW_K3=y CONFIG_MMC_DW_ROCKCHIP=y -CONFIG_MMC_MTK=y -CONFIG_MMC_SDHCI_XENON=y -CONFIG_MMC_SDHCI_AM654=y CONFIG_SCSI_UFSHCD=y CONFIG_SCSI_UFSHCD_PLATFORM=y CONFIG_NEW_LEDS=y @@ -527,6 +600,7 @@ CONFIG_LEDS_TRIGGER_HEARTBEAT=y CONFIG_LEDS_TRIGGER_CPU=y CONFIG_LEDS_TRIGGER_DEFAULT_ON=y CONFIG_LEDS_TRIGGER_PANIC=y +CONFIG_LEDS_TRIGGER_NETDEV=y CONFIG_RTC_CLASS=y CONFIG_RTC_DRV_RK808=y CONFIG_RTC_DRV_EFI=y @@ -541,7 +615,6 @@ CONFIG_VIRTIO_INPUT=y CONFIG_VIRTIO_MMIO=y # CONFIG_VHOST_MENU is not set CONFIG_STAGING=y -CONFIG_PRISM2_USB=m CONFIG_RTLLIB=m CONFIG_RTL8192E=m CONFIG_RTL8723BS=m @@ -565,7 +638,6 @@ CONFIG_ROCKCHIP_IODOMAIN=y CONFIG_ROCKCHIP_DTPM=m CONFIG_ROCKCHIP_PM_DOMAINS=y CONFIG_DEVFREQ_GOV_USERSPACE=m -CONFIG_EXTCON_PTN5150=m CONFIG_EXTCON_USB_GPIO=y CONFIG_MEMORY=y CONFIG_IIO=y @@ -578,6 +650,7 @@ CONFIG_IIO_ST_MAGN_3AXIS=m CONFIG_MPL3115=m CONFIG_PWM=y CONFIG_PWM_ROCKCHIP=y +CONFIG_RESET_GPIO=y CONFIG_PHY_ROCKCHIP_DPHY_RX0=m CONFIG_PHY_ROCKCHIP_EMMC=y CONFIG_PHY_ROCKCHIP_INNO_HDMI=m @@ -590,8 +663,6 @@ CONFIG_PHY_ROCKCHIP_USB=m CONFIG_POWERCAP=y CONFIG_ARM_SCMI_POWERCAP=y CONFIG_DTPM=y -CONFIG_DTPM_CPU=y -CONFIG_DTPM_DEVFREQ=y CONFIG_ARM_SMMU_V3_PMU=m CONFIG_NVMEM_RMEM=m CONFIG_NVMEM_ROCKCHIP_EFUSE=m @@ -603,30 +674,48 @@ CONFIG_INTERCONNECT=y CONFIG_EXT2_FS=y CONFIG_EXT3_FS=y CONFIG_EXT4_FS_POSIX_ACL=y +CONFIG_BTRFS_FS=y +CONFIG_BTRFS_FS_POSIX_ACL=y CONFIG_FANOTIFY=y CONFIG_FANOTIFY_ACCESS_PERMISSIONS=y CONFIG_QUOTA=y -CONFIG_OVERLAY_FS=m +CONFIG_AUTOFS_FS=y +CONFIG_FUSE_FS=y +CONFIG_VIRTIO_FS=y +CONFIG_OVERLAY_FS=y +CONFIG_MSDOS_FS=y CONFIG_VFAT_FS=y +CONFIG_FAT_DEFAULT_UTF8=y +CONFIG_EXFAT_FS=y +CONFIG_PROC_KCORE=y +CONFIG_PROC_CHILDREN=y CONFIG_TMPFS=y CONFIG_TMPFS_POSIX_ACL=y CONFIG_HUGETLBFS=y CONFIG_EFIVAR_FS=y +CONFIG_JFFS2_FS=y +CONFIG_JFFS2_FS_XATTR=y CONFIG_SQUASHFS=y +CONFIG_SQUASHFS_LZO=y +CONFIG_SQUASHFS_XZ=y +CONFIG_SQUASHFS_ZSTD=y CONFIG_NFS_FS=y CONFIG_NFS_V4=y CONFIG_NFS_V4_1=y CONFIG_NFS_V4_2=y CONFIG_ROOT_NFS=y CONFIG_9P_FS=y +CONFIG_NLS_DEFAULT="iso8859-15" CONFIG_NLS_CODEPAGE_437=y CONFIG_NLS_ISO8859_1=y +CONFIG_NLS_ISO8859_15=y +CONFIG_NLS_UTF8=y CONFIG_SECURITY=y CONFIG_CRYPTO_DH=m CONFIG_CRYPTO_CURVE25519=m CONFIG_CRYPTO_ECHAINIV=y -CONFIG_CRYPTO_BLAKE2B=m -CONFIG_CRYPTO_XXHASH=m +CONFIG_CRYPTO_LZO=y +CONFIG_CRYPTO_ZSTD=y CONFIG_CRYPTO_ANSI_CPRNG=y CONFIG_CRYPTO_USER_API_RNG=m CONFIG_CRYPTO_GHASH_ARM64_CE=y @@ -635,20 +724,22 @@ CONFIG_CRYPTO_SHA2_ARM64_CE=y CONFIG_CRYPTO_SHA512_ARM64_CE=m CONFIG_CRYPTO_SHA3_ARM64=m CONFIG_CRYPTO_SM3_ARM64_CE=m -CONFIG_CRYPTO_AES_ARM64_CE_BLK=y CONFIG_CRYPTO_AES_ARM64_BS=m CONFIG_CRYPTO_AES_ARM64_CE_CCM=y CONFIG_CRYPTO_CRCT10DIF_ARM64_CE=m CONFIG_CRYPTO_DEV_ROCKCHIP=y CONFIG_CRYPTO_DEV_CCREE=m +CONFIG_PACKING=y CONFIG_INDIRECT_PIO=y CONFIG_CRC_CCITT=m CONFIG_CRC8=y CONFIG_DMA_CMA=y CONFIG_CMA_SIZE_MBYTES=32 CONFIG_PRINTK_TIME=y +CONFIG_DEBUG_INFO_DWARF_TOOLCHAIN_DEFAULT=y CONFIG_MAGIC_SYSRQ=y CONFIG_DEBUG_FS=y +CONFIG_DETECT_HUNG_TASK=y # CONFIG_SCHED_DEBUG is not set -# CONFIG_FTRACE is not set +CONFIG_FUNCTION_TRACER=y CONFIG_MEMTEST=y diff --git a/board/aarch64/r2s/rootfs/etc/factory-config.cfg b/board/aarch64/r2s/rootfs/etc/factory-config.cfg new file mode 100644 index 000000000..ca97d4c1b --- /dev/null +++ b/board/aarch64/r2s/rootfs/etc/factory-config.cfg @@ -0,0 +1,189 @@ +{ + "ieee802-dot1ab-lldp:lldp": { + "infix-lldp:enabled": true + }, + "ietf-interfaces:interfaces": { + "interface": [ + { + "name": "lo", + "type": "infix-if-type:loopback", + "ietf-ip:ipv4": { + "address": [ + { + "ip": "127.0.0.1", + "prefix-length": 8 + } + ] + }, + "ietf-ip:ipv6": { + "address": [ + { + "ip": "::1", + "prefix-length": 128 + } + ] + } + }, + { + "name": "lan", + "type": "infix-if-type:ethernet", + "ietf-ip:ipv4": { + "address": [ + { + "ip": "192.168.2.1", + "prefix-length": 24 + } + ] + }, + "ietf-ip:ipv6": {} + }, + { + "name": "wan", + "type": "infix-if-type:ethernet" + } + ] + }, + "ietf-keystore:keystore": { + "asymmetric-keys": { + "asymmetric-key": [ + { + "name": "genkey", + "public-key-format": "ietf-crypto-types:ssh-public-key-format", + "public-key": "", + "private-key-format": "ietf-crypto-types:rsa-private-key-format", + "cleartext-private-key": "", + "certificates": {} + } + ] + } + }, + "ietf-netconf-acm:nacm": { + "groups": { + "group": [ + { + "name": "admin", + "user-name": [ + "admin" + ] + } + ] + }, + "rule-list": [ + { + "name": "admin-acl", + "group": [ + "admin" + ], + "rule": [ + { + "name": "permit-all", + "module-name": "*", + "access-operations": "*", + "action": "permit", + "comment": "Allow 'admin' group complete access to all operations and data." + } + ] + } + ] + }, + "ietf-netconf-server:netconf-server": { + "listen": { + "endpoints": { + "endpoint": [ + { + "name": "default-ssh", + "ssh": { + "tcp-server-parameters": { + "local-address": "::" + }, + "ssh-server-parameters": { + "server-identity": { + "host-key": [ + { + "name": "default-key", + "public-key": { + "central-keystore-reference": "genkey" + } + } + ] + } + } + } + } + ] + } + } + }, + "ietf-system:system": { + "hostname": "r2s", + "ntp": { + "enabled": true, + "server": [ + { + "name": "ntp.org", + "udp": { + "address": "pool.ntp.org" + } + } + ] + }, + "authentication": { + "user": [ + { + "name": "admin", + "password": "$factory$", + "infix-system:shell": "bash" + } + ] + }, + "infix-system:motd-banner": "Li0tLS0tLS0uCnwgIC4gLiAgfCBJbmZpeCAtLSBhIE5ldHdvcmsgT3BlcmF0aW5nIFN5c3RlbQp8LS4gdiAuLXwgaHR0cHM6Ly9rZXJuZWxraXQuZ2l0aHViLmlvCictJy0tLSctJwo=" + }, + "infix-dhcp-client:dhcp-client": { + "client-if": [ + { + "if-name": "wan", + "option": [ + { + "name": "broadcast" + }, + { + "name": "dns" + }, + { + "name": "domain" + }, + { + "name": "hostname" + }, + { + "name": "ntpsrv" + }, + { + "name": "router" + }, + { + "name": "subnet" + } + ] + } + ] + }, + "infix-meta:meta": { + "infix-meta:version": "1.0" + }, + "infix-services:mdns": { + "enabled": true + }, + "infix-services:web": { + "enabled": true, + "console": { + "enabled": true + }, + "netbrowse": { + "enabled": true + }, + "restconf": { + "enabled": true + } + } +} diff --git a/board/aarch64/r2s/rootfs/etc/finit.d/enabled/input-event-daemon.conf b/board/aarch64/r2s/rootfs/etc/finit.d/enabled/input-event-daemon.conf new file mode 120000 index 000000000..8238fd3b4 --- /dev/null +++ b/board/aarch64/r2s/rootfs/etc/finit.d/enabled/input-event-daemon.conf @@ -0,0 +1 @@ +../available/input-event-daemon.conf \ No newline at end of file diff --git a/board/aarch64/r2s/rootfs/etc/finit.d/wan-monitor.conf b/board/aarch64/r2s/rootfs/etc/finit.d/wan-monitor.conf new file mode 100644 index 000000000..0620a9109 --- /dev/null +++ b/board/aarch64/r2s/rootfs/etc/finit.d/wan-monitor.conf @@ -0,0 +1 @@ +service [12345789] log wan-monitor.sh -- WAN Health monitor diff --git a/board/aarch64/r2s/rootfs/etc/iitod.json b/board/aarch64/r2s/rootfs/etc/iitod.json new file mode 100644 index 000000000..ef95038ab --- /dev/null +++ b/board/aarch64/r2s/rootfs/etc/iitod.json @@ -0,0 +1,91 @@ +{ + "input": { + "path": { + "locate": { "path": "/run/led/locate" }, + + "status-prime": { "path": "/run/led/status-prime" }, + "status-ok": { "path": "/run/led/status-ok" }, + "status-err": { "path": "/run/led/status-err" }, + "status-crit": { "path": "/run/led/status-crit" }, + + "fault-prime": { "path": "/run/led/fault-prime" }, + "fault-ok": { "path": "/run/led/fault-ok" }, + "fault-err": { "path": "/run/led/fault-err" }, + "fault-crit": { "path": "/run/led/fault-crit" }, + + "wan-up": { "path": "/run/led/wan-up" }, + + "startup": { "path": "/run/finit/cond/run/startup/success" }, + "fail-safe": { "path": "/run/finit/cond/run/failure/success" }, + "panic": { "path": "/run/finit/cond/run/failure/failure" } + }, + "udev": { + "power-a": { "subsystem": "power_supply" }, + "power-b": { "subsystem": "power_supply" } + } + }, + + "output": { + "led-group": { + "port-link-act": { + "match": ["*:green:tp", "*:green:sfp", "*:green:port" ], + + "rules": [ + { "if": "true", "then": { "trigger": "netdev", "link": 1, "rx": 1, "tx": 1 } } + ] + }, + "port-alarm": { + "match": ["*:yellow:tp", "*:yellow:sfp", "*:yellow:port" ], + + "rules": [ + ] + } + }, + "led": { + "nanopi-r2s:red:sys": { + "rules": [ + { "if": "locate", "then": "@blink-1hz" }, + { "if": "panic", "then": "@blink-5hz" }, + { "if": "fail-safe", "then": "@blink-5hz" }, + { "if": "startup", "then": "@off" }, + { "if": "true", "then": "@blink-1hz" } + ] + }, + + "nanopi-r2s:green:lan": { + "rules": [ + { "if": "locate", "then": "@blink-1hz" }, + { "if": "panic", "then": "@blink-5hz" }, + { "if": "startup", "then": "@on" } + ] + }, + + "nanopi-r2s:green:wan": { + "rules": [ + { "if": "locate", "then": "@blink-1hz" }, + { "if": "panic", "then": "@blink-5hz" }, + { "if": "wan-up", "then": "@on" } + ] + } + } + }, + + "aliases": { + "on": { + "brightness": true + }, + "off": { + "brightness": false + }, + "blink-1hz": { + "trigger": "timer", + "delay_on": 500, + "delay_off": 500 + }, + "blink-5hz": { + "trigger": "timer", + "delay_on": 100, + "delay_off": 100 + } + } +} diff --git a/board/aarch64/r2s/rootfs/etc/input-event-daemon.conf b/board/aarch64/r2s/rootfs/etc/input-event-daemon.conf new file mode 100644 index 000000000..161ded278 --- /dev/null +++ b/board/aarch64/r2s/rootfs/etc/input-event-daemon.conf @@ -0,0 +1,5 @@ +[Global] +listen = /dev/input/event1 + +[Keys] +RESTART = reboot diff --git a/board/aarch64/r2s/rootfs/etc/udev/rules.d/90-persistent-net.rules b/board/aarch64/r2s/rootfs/etc/udev/rules.d/90-persistent-net.rules new file mode 100644 index 000000000..ab603dde2 --- /dev/null +++ b/board/aarch64/r2s/rootfs/etc/udev/rules.d/90-persistent-net.rules @@ -0,0 +1,2 @@ +ACTION=="add", SUBSYSTEM=="net", DEVPATH=="/devices/platform/ff540000.ethernet/net/eth0", NAME="wan" +ACTION=="add", SUBSYSTEM=="net", DEVPATH=="/devices/platform/ff600000.usb/xhci-hcd.0.auto/usb3/3-1/3-1:1.0/net/*", NAME="lan" diff --git a/board/aarch64/r2s/rootfs/usr/sbin/wan-monitor.sh b/board/aarch64/r2s/rootfs/usr/sbin/wan-monitor.sh new file mode 100755 index 000000000..160578039 --- /dev/null +++ b/board/aarch64/r2s/rootfs/usr/sbin/wan-monitor.sh @@ -0,0 +1,41 @@ +#!/bin/sh +# Background WAN interface monitor. Lights up WAN LED +# while the interface has a DHCP address. + +LED_FILE="/run/led/wan-up" +PID_FILE="/run/$(basename "$0").pid" + +check_wan() +{ + ip_info=$(ip a show wan) + + if echo "$ip_info" | grep -q "inet .* proto dhcp"; then + [ ! -f "$LED_FILE" ] && touch "$LED_FILE" + else + [ -f "$LED_FILE" ] && rm "$LED_FILE" + fi +} + +cleanup() +{ + rm -f "$LED_FILE" + rm -f "$PID_FILE" + exit 0 +} + +trap 'cleanup' TERM INT HUP QUIT +echo $$ > "$PID_FILE" + +remaining_time=$((1800 - $(awk '{print int($1)}' /proc/uptime))) +[ "$remaining_time" -lt 0 ] && remaining_time=0 + +while [ "$remaining_time" -gt 0 ]; do + check_wan + sleep 1 + remaining_time=$((remaining_time - 1)) +done + +while :; do + check_wan + sleep 5 +done diff --git a/board/aarch64/r2s/uboot/extras.config b/board/aarch64/r2s/uboot/extras.config new file mode 100644 index 000000000..fb36c0ba8 --- /dev/null +++ b/board/aarch64/r2s/uboot/extras.config @@ -0,0 +1,16 @@ +CONFIG_BUTTON=y +CONFIG_BUTTON_GPIO=y + +CONFIG_LED=y +CONFIG_LED_GPIO=y + +# CONFIG_MMC_PCI is not set +CONFIG_DEVICE_TREE_INCLUDES="infix-env.dtsi infix-key.dtsi r2s-env.dtsi" +CONFIG_SYS_PROMPT="(r2s) " + +CONFIG_ENV_OVERWRITE=y +# CONFIG_ENV_IS_NOWHERE is not set +CONFIG_ENV_IS_IN_EXT4=y +# CONFIG_ENV_IS_IN_MMC is not set +CONFIG_ENV_EXT4_INTERFACE="mmc" +CONFIG_ENV_EXT4_DEVICE_AND_PART="1:1" diff --git a/board/aarch64/r2s/uboot/r2s-env.dtsi b/board/aarch64/r2s/uboot/r2s-env.dtsi new file mode 100644 index 000000000..7fd318f66 --- /dev/null +++ b/board/aarch64/r2s/uboot/r2s-env.dtsi @@ -0,0 +1,47 @@ +/ { + config { + environment { + boot_targets = "mmc1"; + ethprime = "eth0"; + + /* This is a development platform, hard code developer mode */ + ixbtn-devmode = "setenv dev_mode yes; echo Enabled"; + + /* Override default definitiion to add LED feedback */ + ixbtn-factory = " +if button factory-reset; then + echo \"Keep button pressed for 10 seconds to engage factory reset ...\" + + for tick in . . . . . . . . . .; do + led nanopi-r2s:red:sys on + led nanopi-r2s:green:lan on + led nanopi-r2s:green:wan on + sleep 0.5 + led nanopi-r2s:red:sys off + led nanopi-r2s:green:lan off + led nanopi-r2s:green:wan off + sleep 0.5 + echo -n \"Checking button: \" + button factory-reset || exit + done + + echo -n \"Final button check: \" + if button factory-reset; then + setenv factory_reset yes + echo \"FACTORY RESET ENGAGED\" + fi +fi +"; + }; + }; + + keys { + compatible = "gpio-keys"; + + factory-reset { + gpios = <&gpio0 0 GPIO_ACTIVE_LOW>; + linux,code = ; + label = "factory-reset"; + }; + }; +}; diff --git a/board/common/mkaux.sh b/board/common/mkaux.sh index aef37f72c..3f1394525 100755 --- a/board/common/mkaux.sh +++ b/board/common/mkaux.sh @@ -11,6 +11,7 @@ image aux.ext4 { ext4 { label = "aux" use-mke2fs = true + features = "^metadata_csum,^metadata_csum_seed" } } diff --git a/board/common/mkrauc.sh b/board/common/mkrauc.sh index 7c71dbbb3..a528c7fa6 100755 --- a/board/common/mkrauc.sh +++ b/board/common/mkrauc.sh @@ -2,30 +2,30 @@ set -e -GIT_VERSION=$(git -C $BR2_EXTERNAL_INFIX_PATH describe --always --dirty --tags) +GIT_VERSION=$(git -C "$BR2_EXTERNAL_INFIX_PATH" describe --always --dirty --tags) name=$1 -arch=$2 +compat=$2 sign=$3 crt=$(ls $sign/*.crt) key=$(ls $sign/*.key) -common=$(dirname $(readlink -f "$0")) +common=$(dirname "$(readlink -f "$0")") work=$BUILD_DIR/mkrauc -mkdir -p $work +mkdir -p "$work" -cp -f $common/rauc-hooks.sh $work/hooks.sh +cp -f "$common/rauc-hooks.sh" "$work/hooks.sh" # RAUC internally uses the file extension to find a suitable install # handler, hence the name must be .img -cp -f $BINARIES_DIR/rootfs.squashfs $work/rootfs.img -cp -f $BINARIES_DIR/rootfs.itbh $work/rootfs.itbh +cp -f "$BINARIES_DIR/rootfs.squashfs" "$work/rootfs.img" +cp -f "$BINARIES_DIR/rootfs.itbh" "$work/rootfs.itbh" -cat >$work/manifest.raucm <"$work/manifest.raucm" < $0/brightness' {} \; logger $opt -p user.crit -t "$nm" "Resetting to factory defaults." + + # Shred all files to prevent restoring contents + find /mnt/cfg -type f -exec shred -zu {} \; + find /mnt/var -type f -exec shred -zu {} \; + + # Remove any lingering directories and symlinks as well rm -rf /mnt/cfg/* /mnt/var/* + + logger $opt -p user.crit -t "$nm" "Factory reset complete." sync } diff --git a/board/riscv64/visionfive2/genimage.cfg b/board/riscv64/visionfive2/genimage.cfg index f892dadbe..0d48b36ca 100644 --- a/board/riscv64/visionfive2/genimage.cfg +++ b/board/riscv64/visionfive2/genimage.cfg @@ -46,12 +46,14 @@ image sdcard.img { partition primary { partition-type-uuid = 0FC63DAF-8483-4772-8E79-3D69D8477DE4 bootable = true + size = 200M image = "rootfs.squashfs" } partition secondary { partition-type-uuid = 0FC63DAF-8483-4772-8E79-3D69D8477DE4 bootable = true + size = 200M image = "rootfs.squashfs" } diff --git a/board/riscv64/visionfive2/patches/linux-headers/linux-headers.hash b/board/riscv64/visionfive2/patches/linux-headers/linux-headers.hash deleted file mode 120000 index 5808d92af..000000000 --- a/board/riscv64/visionfive2/patches/linux-headers/linux-headers.hash +++ /dev/null @@ -1 +0,0 @@ -../linux/linux.hash \ No newline at end of file diff --git a/buildroot b/buildroot index 1dd7a6bb0..6ceb91bdd 160000 --- a/buildroot +++ b/buildroot @@ -1 +1 @@ -Subproject commit 1dd7a6bb02d3ec34809ea950bd3c8a0a56a69ead +Subproject commit 6ceb91bdd9f458ca85c2fb4d3f9c0b061950f6a4 diff --git a/configs/aarch64_defconfig b/configs/aarch64_defconfig index d0cf97146..c797a1cd1 100644 --- a/configs/aarch64_defconfig +++ b/configs/aarch64_defconfig @@ -65,6 +65,7 @@ BR2_PACKAGE_LIBCURL_CURL=y BR2_PACKAGE_NETOPEER2_CLI=y BR2_PACKAGE_NSS_MDNS=y BR2_PACKAGE_LINUX_PAM=y +BR2_PACKAGE_LINUX_PAM_LASTLOG=y BR2_PACKAGE_LIBPAM_RADIUS_AUTH=y BR2_PACKAGE_ONIGURUMA=y BR2_PACKAGE_AVAHI_DAEMON=y diff --git a/configs/r2s_defconfig b/configs/r2s_defconfig index f7c7e7a56..727d8c99b 100644 --- a/configs/r2s_defconfig +++ b/configs/r2s_defconfig @@ -1,5 +1,4 @@ BR2_aarch64=y -BR2_cortex_a53=y BR2_ARM_FPU_VFPV4=y BR2_TOOLCHAIN_EXTERNAL=y BR2_TOOLCHAIN_EXTERNAL_BOOTLIN=y @@ -9,32 +8,35 @@ BR2_CCACHE=y BR2_CCACHE_DIR="${BR2_EXTERNAL_INFIX_PATH}/.ccache" BR2_ENABLE_DEBUG=y BR2_GLOBAL_PATCH_DIR="${BR2_EXTERNAL_INFIX_PATH}/patches" +BR2_DOWNLOAD_FORCE_CHECK_HASHES=y BR2_TARGET_GENERIC_HOSTNAME="infix" BR2_TARGET_GENERIC_ISSUE="Infix by KernelKit" BR2_INIT_FINIT=y BR2_ROOTFS_DEVICE_CREATION_DYNAMIC_EUDEV=y BR2_ROOTFS_DEVICE_TABLE="system/device_table.txt ${BR2_EXTERNAL_INFIX_PATH}/board/common/xattrs" +BR2_ROOTFS_MERGED_USR=y # BR2_TARGET_ENABLE_ROOT_LOGIN is not set BR2_SYSTEM_BIN_SH_BASH=y BR2_TARGET_GENERIC_GETTY_PORT="@console" BR2_TARGET_GENERIC_GETTY_TERM="xterm" BR2_SYSTEM_DHCP="eth0" +BR2_SYSTEM_DEFAULT_PATH="/bin:/sbin:/usr/bin:/usr/sbin" BR2_ENABLE_LOCALE_WHITELIST="C en_US en_CA C.UTF-8" BR2_GENERATE_LOCALE="en_US en_CA C.UTF-8" BR2_TARGET_TZ_INFO=y -BR2_ROOTFS_OVERLAY="${BR2_EXTERNAL_INFIX_PATH}/board/common/rootfs ${BR2_EXTERNAL_INFIX_PATH}/board/aarch64/rootfs" -BR2_ROOTFS_POST_BUILD_SCRIPT="$(BR2_EXTERNAL_INFIX_PATH)/board/aarch64/r2s/post-build.sh ${BR2_EXTERNAL_INFIX_PATH}/board/common/post-build.sh" +BR2_ROOTFS_OVERLAY="${BR2_EXTERNAL_INFIX_PATH}/board/common/rootfs ${BR2_EXTERNAL_INFIX_PATH}/board/aarch64/rootfs ${BR2_EXTERNAL_INFIX_PATH}/board/aarch64/r2s/rootfs" +BR2_ROOTFS_POST_BUILD_SCRIPT="${BR2_EXTERNAL_INFIX_PATH}/board/common/post-build.sh" BR2_ROOTFS_POST_IMAGE_SCRIPT="${BR2_EXTERNAL_INFIX_PATH}/board/common/post-image.sh support/scripts/genimage.sh" BR2_ROOTFS_POST_SCRIPT_ARGS="-c $(BR2_EXTERNAL_INFIX_PATH)/board/aarch64/r2s/genimage.cfg" -BR2_ROOTFS_MERGED_USR=y BR2_LINUX_KERNEL=y BR2_LINUX_KERNEL_CUSTOM_VERSION=y -BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="6.6.34" +BR2_LINUX_KERNEL_CUSTOM_VERSION_VALUE="6.10.3" BR2_LINUX_KERNEL_PATCH="$(BR2_EXTERNAL_INFIX_PATH)/board/aarch64/r2s/rk3328-nanopi-r2s-dts.patch" BR2_LINUX_KERNEL_USE_CUSTOM_CONFIG=y -BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="$(BR2_EXTERNAL_INFIX_PATH)/board/aarch64/r2s/linux_defconfig" +BR2_LINUX_KERNEL_CUSTOM_CONFIG_FILE="${BR2_EXTERNAL_INFIX_PATH}/board/aarch64/r2s/linux_defconfig" BR2_LINUX_KERNEL_DTS_SUPPORT=y BR2_LINUX_KERNEL_INTREE_DTS_NAME="rockchip/rk3328-nanopi-r2s" +BR2_LINUX_KERNEL_DTB_KEEP_DIRNAME=y BR2_LINUX_KERNEL_INSTALL_TARGET=y BR2_LINUX_KERNEL_NEEDS_HOST_OPENSSL=y BR2_PACKAGE_BUSYBOX_CONFIG="$(BR2_EXTERNAL_INFIX_PATH)/board/common/busybox_defconfig" @@ -56,8 +58,11 @@ BR2_PACKAGE_DBUS_GLIB=y BR2_PACKAGE_DBUS_TRIGGERD=y BR2_PACKAGE_EUDEV_RULES_GEN=y # BR2_PACKAGE_EUDEV_ENABLE_HWDB is not set +BR2_PACKAGE_EVEMU=y +BR2_PACKAGE_EVTEST=y BR2_PACKAGE_GPTFDISK=y BR2_PACKAGE_GPTFDISK_SGDISK=y +BR2_PACKAGE_INPUT_EVENT_DAEMON=y BR2_PACKAGE_MDIO_TOOLS=y BR2_PACKAGE_RNG_TOOLS=y BR2_PACKAGE_UBOOT_TOOLS_FIT_SUPPORT=y @@ -71,10 +76,12 @@ BR2_PACKAGE_LIBSSH2=y BR2_PACKAGE_LIBSSH2_OPENSSL=y BR2_PACKAGE_LIBXCRYPT=y BR2_PACKAGE_LIBOPENSSL_BIN=y +BR2_PACKAGE_LIBINPUT=y BR2_PACKAGE_LIBCURL_CURL=y BR2_PACKAGE_NETOPEER2_CLI=y BR2_PACKAGE_NSS_MDNS=y BR2_PACKAGE_LINUX_PAM=y +BR2_PACKAGE_LINUX_PAM_LASTLOG=y BR2_PACKAGE_LIBPAM_RADIUS_AUTH=y BR2_PACKAGE_ONIGURUMA=y BR2_PACKAGE_AVAHI_DAEMON=y @@ -108,6 +115,9 @@ BR2_PACKAGE_TCPDUMP=y BR2_PACKAGE_TRACEROUTE=y BR2_PACKAGE_ULOGD=y BR2_PACKAGE_WHOIS=y +BR2_PACKAGE_WIRELESS_REGDB=y +BR2_PACKAGE_WIRELESS_TOOLS=y +BR2_PACKAGE_WPA_SUPPLICANT=y BR2_PACKAGE_BASH_COMPLETION=y BR2_PACKAGE_SUDO=y BR2_PACKAGE_TTYD=y @@ -125,35 +135,42 @@ BR2_PACKAGE_WATCHDOGD=y BR2_PACKAGE_LESS=y BR2_PACKAGE_MG=y BR2_PACKAGE_NANO=y -BR2_TARGET_ROOTFS_EXT2=y -BR2_TARGET_ROOTFS_EXT2_4=y -BR2_TARGET_ROOTFS_EXT2_SIZE="256M" +BR2_TARGET_ROOTFS_SQUASHFS=y +# BR2_TARGET_ROOTFS_TAR is not set BR2_TARGET_ARM_TRUSTED_FIRMWARE=y BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION=y -BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION_VALUE="v2.5" +BR2_TARGET_ARM_TRUSTED_FIRMWARE_CUSTOM_VERSION_VALUE="v2.9" BR2_TARGET_ARM_TRUSTED_FIRMWARE_PLATFORM="rk3328" BR2_TARGET_ARM_TRUSTED_FIRMWARE_IMAGES="" BR2_TARGET_ARM_TRUSTED_FIRMWARE_NEEDS_ARM32_TOOLCHAIN=y BR2_TARGET_UBOOT=y BR2_TARGET_UBOOT_BUILD_SYSTEM_KCONFIG=y BR2_TARGET_UBOOT_CUSTOM_VERSION=y -BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2021.10" +BR2_TARGET_UBOOT_CUSTOM_VERSION_VALUE="2024.07" BR2_TARGET_UBOOT_BOARD_DEFCONFIG="nanopi-r2s-rk3328" +BR2_TARGET_UBOOT_CONFIG_FRAGMENT_FILES="$(BR2_EXTERNAL_INFIX_PATH)/board/common/uboot/extras.config $(BR2_EXTERNAL_INFIX_PATH)/board/aarch64/r2s/uboot/extras.config" BR2_TARGET_UBOOT_NEEDS_DTC=y BR2_TARGET_UBOOT_NEEDS_PYLIBFDT=y +BR2_TARGET_UBOOT_NEEDS_PYELFTOOLS=y BR2_TARGET_UBOOT_NEEDS_OPENSSL=y BR2_TARGET_UBOOT_NEEDS_ATF_BL31=y BR2_TARGET_UBOOT_NEEDS_ATF_BL31_ELF=y +BR2_TARGET_UBOOT_FORMAT_DTB=y BR2_TARGET_UBOOT_FORMAT_CUSTOM=y BR2_TARGET_UBOOT_FORMAT_CUSTOM_NAME="u-boot.itb" BR2_TARGET_UBOOT_SPL=y BR2_TARGET_UBOOT_SPL_NAME="idbloader.img" +BR2_TARGET_UBOOT_CUSTOM_DTS_PATH="$(BR2_EXTERNAL_INFIX_PATH)/board/aarch64/r2s/uboot/r2s-env.dtsi" +BR2_PACKAGE_HOST_E2FSPROGS=y BR2_PACKAGE_HOST_ENVIRONMENT_SETUP=y BR2_PACKAGE_HOST_GENEXT2FS=y BR2_PACKAGE_HOST_GENIMAGE=y BR2_PACKAGE_HOST_RAUC=y BR2_PACKAGE_HOST_UBOOT_TOOLS=y +BR2_PACKAGE_HOST_UBOOT_TOOLS_FIT_SUPPORT=y +BR2_PACKAGE_HOST_UBOOT_TOOLS_FIT_SIGNATURE_SUPPORT=y INFIX_VENDOR_HOME="https://github.com/kernelkit" +INFIX_IMAGE_ID="${INFIX_ID}-r2s" INFIX_DESC="Infix is a Network Operating System based on Linux. It can be set up both as a switch, with offloading using switchdev, and a router with firewalling." INFIX_HOME="https://github.com/kernelkit/infix/" INFIX_DOC="https://github.com/kernelkit/infix/tree/main/doc" @@ -184,7 +201,8 @@ BR2_PACKAGE_PODMAN_DRIVER_DEVICEMAPPER=y BR2_PACKAGE_PODMAN_DRIVER_VFS=y BR2_PACKAGE_TETRIS=y BR2_PACKAGE_ROUSETTE=y -BR2_PACKAGE_LIBINPUT=y BR2_PACKAGE_HOST_PYTHON_YANGDOC=y -# SIGN_ENABLED is not set +TRUSTED_KEYS=y +TRUSTED_KEYS_DEVELOPMENT=y # GNS3_APPLIANCE is not set +SDCARD_AUX=y diff --git a/configs/riscv64_defconfig b/configs/riscv64_defconfig index dd6bd9fde..81397d909 100644 --- a/configs/riscv64_defconfig +++ b/configs/riscv64_defconfig @@ -4,7 +4,7 @@ BR2_DL_DIR="${BR2_EXTERNAL_INFIX_PATH}/dl" BR2_CCACHE=y BR2_CCACHE_DIR="${BR2_EXTERNAL_INFIX_PATH}/.ccache" BR2_ENABLE_DEBUG=y -BR2_GLOBAL_PATCH_DIR="${BR2_EXTERNAL_INFIX_PATH}/patches ${BR2_EXTERNAL_INFIX_PATH}/board/riscv64/visionfive2/patches" +BR2_GLOBAL_PATCH_DIR="${BR2_EXTERNAL_INFIX_PATH}/patches" BR2_DOWNLOAD_FORCE_CHECK_HASHES=y BR2_TARGET_GENERIC_HOSTNAME="infix" BR2_TARGET_GENERIC_ISSUE="Infix by KernelKit" @@ -70,12 +70,12 @@ BR2_PACKAGE_LIBSSH2=y BR2_PACKAGE_LIBSSH2_OPENSSL=y BR2_PACKAGE_LIBXCRYPT=y BR2_PACKAGE_LIBOPENSSL_BIN=y -BR2_PACKAGE_LIBOPENSSL_ENGINES=y BR2_PACKAGE_LIBINPUT=y BR2_PACKAGE_LIBCURL_CURL=y BR2_PACKAGE_NETOPEER2_CLI=y BR2_PACKAGE_NSS_MDNS=y BR2_PACKAGE_LINUX_PAM=y +BR2_PACKAGE_LINUX_PAM_LASTLOG=y BR2_PACKAGE_LIBPAM_RADIUS_AUTH=y BR2_PACKAGE_ONIGURUMA=y BR2_PACKAGE_AVAHI_DAEMON=y diff --git a/configs/x86_64_defconfig b/configs/x86_64_defconfig index 5630e4747..df707b97a 100644 --- a/configs/x86_64_defconfig +++ b/configs/x86_64_defconfig @@ -60,6 +60,7 @@ BR2_PACKAGE_LIBCURL_CURL=y BR2_PACKAGE_NETOPEER2_CLI=y BR2_PACKAGE_NSS_MDNS=y BR2_PACKAGE_LINUX_PAM=y +BR2_PACKAGE_LINUX_PAM_LASTLOG=y BR2_PACKAGE_LIBPAM_RADIUS_AUTH=y BR2_PACKAGE_ONIGURUMA=y BR2_PACKAGE_AVAHI_DAEMON=y diff --git a/doc/ChangeLog.md b/doc/ChangeLog.md index 9015132f9..442c7a033 100644 --- a/doc/ChangeLog.md +++ b/doc/ChangeLog.md @@ -9,15 +9,36 @@ All notable changes to the project are documented in this file. ### Changes - Initial RISC-V (riscv64) support: StarFive VisionFive2 +- Massive updates to the NanoPi R2S: + - Update Linux kernel to v6.10.3 and sync defconfig with aarch64 + - Workaround `reboot` command "hang" on NanoPi R2S (failure to reboot) + by replacing the Rockchip watchdog driver with "softdog" + - Update U-Boot to v2024.07, enable secure boot loading of images + - Rename interfaces to LAN + WAN to match case and LEDs + - Rename images to `infix-r2s$ver.ext`, not same as other aarch64 + - Change rootfs to squashfs for enhanced security + - Add RAUC support to simplify device maintenance/upgrade + - Add support for saving unique interface MAC addresses in U-Boot + - Add support for system LEDs, see product's README + - Add support for reset button from Linux, issues `reboot` atm. + - Add static `factory-config` as an example - Password login can now be disabled by removing the password. Before this change only empty password disabled password login (in favor of SSH key login), removing the password locked the user completely out +- Add LED indication on factory reset, *all* LEDs available in Linux + `/sys/class/leds` are turned on while clearing writable partitions +- Issue #158: enhance security of factory reset. All file content + is now overwritten x3, the last time with zeroes, then removed. + Example, on the NanoPi R2S this process takes ~30 seconds, but may + take longer in setups with bigger configurations, e.g., containers ### Fixes +- Fix #274: add missing link/traffic LEDs on NanoPi R2S LAN port - Fix #489: ensure all patches are versioned, including Linux kernel - Fix #531: creating a new VLAN interface named `vlanN` should not set `lower-layer-if` to `vlanN`. With the `vlanN` pattern, only C-VLAN and VID can be inferred +- Fix #542: warning message from `login`, cannot find `pam_lastlog.so` - Silence bogus `sysctl` warnings at boot (syslog) - Silence output from user group member check (sys-cli in syslog) diff --git a/package/skeleton-init-finit/skeleton/etc/finit.d/available/input-event-daemon.conf b/package/skeleton-init-finit/skeleton/etc/finit.d/available/input-event-daemon.conf new file mode 100644 index 000000000..acca9be95 --- /dev/null +++ b/package/skeleton-init-finit/skeleton/etc/finit.d/available/input-event-daemon.conf @@ -0,0 +1 @@ +service [12345789] name:eventd input-event-daemon -D -- Input event daemon diff --git a/patches/arm-trusted-firmware/arm-trusted-firmware.hash b/patches/arm-trusted-firmware/arm-trusted-firmware.hash new file mode 100644 index 000000000..8b69a5a96 --- /dev/null +++ b/patches/arm-trusted-firmware/arm-trusted-firmware.hash @@ -0,0 +1,2 @@ +# Locally calculated +sha256 06d32acf42808b682859008292f0591d2d872f19aa1a8021bfcd1c1c626285e6 arm-trusted-firmware-v2.9.tar.gz diff --git a/patches/linux-headers b/patches/linux-headers new file mode 120000 index 000000000..9c52cb36f --- /dev/null +++ b/patches/linux-headers @@ -0,0 +1 @@ +linux \ No newline at end of file diff --git a/patches/linux/6.10.3/0001-net-bridge-avoid-classifying-unknown-multicast-as-mr.patch b/patches/linux/6.10.3/0001-net-bridge-avoid-classifying-unknown-multicast-as-mr.patch new file mode 100644 index 000000000..579044353 --- /dev/null +++ b/patches/linux/6.10.3/0001-net-bridge-avoid-classifying-unknown-multicast-as-mr.patch @@ -0,0 +1,236 @@ +From c2251e09714b9715ee5ece18aa1096bc08cb8f6d Mon Sep 17 00:00:00 2001 +From: Joachim Wiberg +Date: Mon, 4 Mar 2024 16:47:28 +0100 +Subject: [PATCH 1/5] net: bridge: avoid classifying unknown multicast as + mrouters_only +Organization: Addiva Elektronik + +Unknown multicast, MAC/IPv4/IPv6, should always be flooded according to +the per-port mcast_flood setting, as well as to detected and configured +mcast_router ports. + +This patch drops the mrouters_only classifier of unknown IP multicast +and moves the flow handling from br_multicast_flood() to br_flood(). +This in turn means br_flood() must know about multicast router ports. +Because a multicast router should always receive both known and unknown +multicast. + +Signed-off-by: Joachim Wiberg +--- + include/uapi/linux/if_bridge.h | 1 + + net/bridge/br.c | 5 +++++ + net/bridge/br_device.c | 10 ++++++---- + net/bridge/br_forward.c | 14 ++++++++++++-- + net/bridge/br_input.c | 2 +- + net/bridge/br_multicast.c | 11 +++++++++-- + net/bridge/br_private.h | 18 ++++++++++++++++-- + 7 files changed, 50 insertions(+), 11 deletions(-) + +diff --git a/include/uapi/linux/if_bridge.h b/include/uapi/linux/if_bridge.h +index a5b743a2f775..3bffc39d7800 100644 +--- a/include/uapi/linux/if_bridge.h ++++ b/include/uapi/linux/if_bridge.h +@@ -830,6 +830,7 @@ enum br_boolopt_id { + BR_BOOLOPT_NO_LL_LEARN, + BR_BOOLOPT_MCAST_VLAN_SNOOPING, + BR_BOOLOPT_MST_ENABLE, ++ BR_BOOLOPT_MCAST_FLOOD_ALWAYS, + BR_BOOLOPT_MAX + }; + +diff --git a/net/bridge/br.c b/net/bridge/br.c +index 2cab878e0a39..006fb2e5eafb 100644 +--- a/net/bridge/br.c ++++ b/net/bridge/br.c +@@ -277,6 +277,9 @@ int br_boolopt_toggle(struct net_bridge *br, enum br_boolopt_id opt, bool on, + case BR_BOOLOPT_MST_ENABLE: + err = br_mst_set_enabled(br, on, extack); + break; ++ case BR_BOOLOPT_MCAST_FLOOD_ALWAYS: ++ br_opt_toggle(br, BROPT_MCAST_FLOOD_ALWAYS, on); ++ break; + default: + /* shouldn't be called with unsupported options */ + WARN_ON(1); +@@ -295,6 +298,8 @@ int br_boolopt_get(const struct net_bridge *br, enum br_boolopt_id opt) + return br_opt_get(br, BROPT_MCAST_VLAN_SNOOPING_ENABLED); + case BR_BOOLOPT_MST_ENABLE: + return br_opt_get(br, BROPT_MST_ENABLED); ++ case BR_BOOLOPT_MCAST_FLOOD_ALWAYS: ++ return br_opt_get(br, BROPT_MCAST_FLOOD_ALWAYS); + default: + /* shouldn't be called with unsupported options */ + WARN_ON(1); +diff --git a/net/bridge/br_device.c b/net/bridge/br_device.c +index fb1115857e49..6aac21d86d37 100644 +--- a/net/bridge/br_device.c ++++ b/net/bridge/br_device.c +@@ -87,10 +87,10 @@ netdev_tx_t br_dev_xmit(struct sk_buff *skb, struct net_device *dev) + + dest = eth_hdr(skb)->h_dest; + if (is_broadcast_ether_addr(dest)) { +- br_flood(br, skb, BR_PKT_BROADCAST, false, true, vid); ++ br_flood(br, skb, NULL, BR_PKT_BROADCAST, false, true, vid); + } else if (is_multicast_ether_addr(dest)) { + if (unlikely(netpoll_tx_running(dev))) { +- br_flood(br, skb, BR_PKT_MULTICAST, false, true, vid); ++ br_flood(br, skb, brmctx, BR_PKT_MULTICAST, false, true, vid); + goto out; + } + if (br_multicast_rcv(&brmctx, &pmctx_null, vlan, skb, vid)) { +@@ -103,11 +103,11 @@ netdev_tx_t br_dev_xmit(struct sk_buff *skb, struct net_device *dev) + br_multicast_querier_exists(brmctx, eth_hdr(skb), mdst)) + br_multicast_flood(mdst, skb, brmctx, false, true); + else +- br_flood(br, skb, BR_PKT_MULTICAST, false, true, vid); ++ br_flood(br, skb, brmctx, BR_PKT_MULTICAST, false, true, vid); + } else if ((dst = br_fdb_find_rcu(br, dest, vid)) != NULL) { + br_forward(dst->dst, skb, false, true); + } else { +- br_flood(br, skb, BR_PKT_UNICAST, false, true, vid); ++ br_flood(br, skb, NULL, BR_PKT_UNICAST, false, true, vid); + } + out: + rcu_read_unlock(); +@@ -524,6 +524,8 @@ void br_dev_setup(struct net_device *dev) + br->bridge_ageing_time = br->ageing_time = BR_DEFAULT_AGEING_TIME; + dev->max_mtu = ETH_MAX_MTU; + ++ br_opt_toggle(br, BROPT_MCAST_FLOOD_ALWAYS, false); ++ + br_netfilter_rtable_init(br); + br_stp_timer_init(br); + br_multicast_init(br); +diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c +index e19b583ff2c6..1094364d96e0 100644 +--- a/net/bridge/br_forward.c ++++ b/net/bridge/br_forward.c +@@ -198,14 +198,19 @@ static struct net_bridge_port *maybe_deliver( + + /* called under rcu_read_lock */ + void br_flood(struct net_bridge *br, struct sk_buff *skb, +- enum br_pkt_type pkt_type, bool local_rcv, bool local_orig, +- u16 vid) ++ struct net_bridge_mcast *brmctx, enum br_pkt_type pkt_type, ++ bool local_rcv, bool local_orig, u16 vid) + { ++ struct net_bridge_port *rport = NULL; + struct net_bridge_port *prev = NULL; ++ struct hlist_node *rp = NULL; + struct net_bridge_port *p; + + br_tc_skb_miss_set(skb, pkt_type != BR_PKT_BROADCAST); + ++ if (pkt_type == BR_PKT_MULTICAST) ++ rp = br_multicast_get_first_rport_node(brmctx, skb); ++ + list_for_each_entry_rcu(p, &br->port_list, list) { + /* Do not flood unicast traffic to ports that turn it off, nor + * other traffic if flood off, except for traffic we originate +@@ -216,6 +221,11 @@ void br_flood(struct net_bridge *br, struct sk_buff *skb, + continue; + break; + case BR_PKT_MULTICAST: ++ rport = br_multicast_rport_from_node_skb(rp, skb); ++ if (rport == p) { ++ rp = rcu_dereference(hlist_next_rcu(rp)); ++ break; ++ } + if (!(p->flags & BR_MCAST_FLOOD) && skb->dev != br->dev) + continue; + break; +diff --git a/net/bridge/br_input.c b/net/bridge/br_input.c +index ceaa5a89b947..e54d648db7de 100644 +--- a/net/bridge/br_input.c ++++ b/net/bridge/br_input.c +@@ -212,7 +212,7 @@ int br_handle_frame_finish(struct net *net, struct sock *sk, struct sk_buff *skb + br_forward(dst->dst, skb, local_rcv, false); + } else { + if (!mcast_hit) +- br_flood(br, skb, pkt_type, local_rcv, false, vid); ++ br_flood(br, skb, brmctx, pkt_type, local_rcv, false, vid); + else + br_multicast_flood(mdst, skb, brmctx, local_rcv, false); + } +diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c +index 9a1cb5079a7a..dc49df4f92a8 100644 +--- a/net/bridge/br_multicast.c ++++ b/net/bridge/br_multicast.c +@@ -3776,6 +3776,11 @@ static void br_multicast_err_count(const struct net_bridge *br, + u64_stats_update_end(&pstats->syncp); + } + ++static bool br_flood_mrouters(const struct net_bridge *br) ++{ ++ return br_opt_get(br, BROPT_MCAST_FLOOD_ALWAYS) ? false : true; ++} ++ + static void br_multicast_pim(struct net_bridge_mcast *brmctx, + struct net_bridge_mcast_port *pmctx, + const struct sk_buff *skb) +@@ -3822,7 +3827,8 @@ static int br_multicast_ipv4_rcv(struct net_bridge_mcast *brmctx, + + if (err == -ENOMSG) { + if (!ipv4_is_local_multicast(ip_hdr(skb)->daddr)) { +- BR_INPUT_SKB_CB(skb)->mrouters_only = 1; ++ BR_INPUT_SKB_CB(skb)->mrouters_only = ++ br_flood_mrouters(brmctx->br); + } else if (pim_ipv4_all_pim_routers(ip_hdr(skb)->daddr)) { + if (ip_hdr(skb)->protocol == IPPROTO_PIM) + br_multicast_pim(brmctx, pmctx, skb); +@@ -3891,7 +3897,8 @@ static int br_multicast_ipv6_rcv(struct net_bridge_mcast *brmctx, + + if (err == -ENOMSG || err == -ENODATA) { + if (!ipv6_addr_is_ll_all_nodes(&ipv6_hdr(skb)->daddr)) +- BR_INPUT_SKB_CB(skb)->mrouters_only = 1; ++ BR_INPUT_SKB_CB(skb)->mrouters_only = ++ br_flood_mrouters(brmctx->br); + if (err == -ENODATA && + ipv6_addr_is_all_snoopers(&ipv6_hdr(skb)->daddr)) + br_ip6_multicast_mrd_rcv(brmctx, pmctx, skb); +diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h +index d4bedc87b1d8..dfd6e2cdd13e 100644 +--- a/net/bridge/br_private.h ++++ b/net/bridge/br_private.h +@@ -483,6 +483,7 @@ enum net_bridge_opts { + BROPT_VLAN_BRIDGE_BINDING, + BROPT_MCAST_VLAN_SNOOPING_ENABLED, + BROPT_MST_ENABLED, ++ BROPT_MCAST_FLOOD_ALWAYS, + }; + + struct net_bridge { +@@ -886,8 +887,8 @@ void br_forward(const struct net_bridge_port *to, struct sk_buff *skb, + bool local_rcv, bool local_orig); + int br_forward_finish(struct net *net, struct sock *sk, struct sk_buff *skb); + void br_flood(struct net_bridge *br, struct sk_buff *skb, +- enum br_pkt_type pkt_type, bool local_rcv, bool local_orig, +- u16 vid); ++ struct net_bridge_mcast *brmctx, enum br_pkt_type pkt_type, ++ bool local_rcv, bool local_orig, u16 vid); + + /* return true if both source port and dest port are isolated */ + static inline bool br_skb_isolated(const struct net_bridge_port *to, +@@ -1408,6 +1409,19 @@ static inline void br_multicast_flood(struct net_bridge_mdb_entry *mdst, + { + } + ++static inline struct hlist_node * ++br_multicast_get_first_rport_node(struct net_bridge_mcast *brmctx, ++ struct sk_buff *skb) ++{ ++ return NULL; ++} ++ ++static inline struct net_bridge_port * ++br_multicast_rport_from_node_skb(struct hlist_node *rp, struct sk_buff *skb) ++{ ++ return NULL; ++} ++ + static inline bool br_multicast_is_router(struct net_bridge_mcast *brmctx, + struct sk_buff *skb) + { +-- +2.43.0 + diff --git a/patches/linux/6.10.3/0002-net-bridge-Ignore-router-ports-when-forwarding-L2-mu.patch b/patches/linux/6.10.3/0002-net-bridge-Ignore-router-ports-when-forwarding-L2-mu.patch new file mode 100644 index 000000000..9c31d1557 --- /dev/null +++ b/patches/linux/6.10.3/0002-net-bridge-Ignore-router-ports-when-forwarding-L2-mu.patch @@ -0,0 +1,37 @@ +From 75edfa9b690b65423aa3e63ed5870d565950d9bb Mon Sep 17 00:00:00 2001 +From: Joachim Wiberg +Date: Tue, 5 Mar 2024 06:44:41 +0100 +Subject: [PATCH 2/5] net: bridge: Ignore router ports when forwarding L2 + multicast +Organization: Addiva Elektronik + +Multicast router ports are either statically configured or learned from +control protocol traffic (IGMP/MLD/PIM). These protocols regulate IP +multicast -- MAC multicast should always be forwarded through flooding +of unknown multicast or using permanent MDB entries. + +Signed-off-by: Tobias Waldekranz +Signed-off-by: Joachim Wiberg +--- + net/bridge/br_private.h | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h +index dfd6e2cdd13e..7aabf8bd7da2 100644 +--- a/net/bridge/br_private.h ++++ b/net/bridge/br_private.h +@@ -1086,7 +1086,10 @@ br_multicast_get_first_rport_node(struct net_bridge_mcast *brmctx, + if (skb->protocol == htons(ETH_P_IPV6)) + return rcu_dereference(hlist_first_rcu(&brmctx->ip6_mc_router_list)); + #endif +- return rcu_dereference(hlist_first_rcu(&brmctx->ip4_mc_router_list)); ++ if (skb->protocol == htons(ETH_P_IP)) ++ return rcu_dereference(hlist_first_rcu(&brmctx->ip4_mc_router_list)); ++ ++ return NULL; + } + + static inline struct net_bridge_port * +-- +2.43.0 + diff --git a/patches/linux/6.10.3/0003-net-bridge-drop-delay-for-applying-strict-multicast-.patch b/patches/linux/6.10.3/0003-net-bridge-drop-delay-for-applying-strict-multicast-.patch new file mode 100644 index 000000000..8ddc94d96 --- /dev/null +++ b/patches/linux/6.10.3/0003-net-bridge-drop-delay-for-applying-strict-multicast-.patch @@ -0,0 +1,190 @@ +From 2d2ac57a7d9354c2c1fa796659e33496fc8e918d Mon Sep 17 00:00:00 2001 +From: Joachim Wiberg +Date: Thu, 4 Apr 2024 16:36:30 +0200 +Subject: [PATCH 3/5] net: bridge: drop delay for applying strict multicast + filtering +Organization: Addiva Elektronik + +This *local* patch drops the initial delay before applying strict multicast +filtering, introduced in [1] and recently updated in [2]. + +The main reason for this patch is RFC conformance and customer expectations. +At power on we assume the querier role by default and are expected to stop +unknown flooding as soon as we have a membership report in place, not after +10 seconds. + +A proper fix for upstreaming could be to add a knob to disable the delay. + +[1]: https://lore.kernel.org/netdev/1375311980-25575-1-git-send-email-linus.luessing@web.de/ +[2]: https://lore.kernel.org/netdev/20240127175033.9640-1-linus.luessing@c0d3.blue/ + +Signed-off-by: Joachim Wiberg +--- + net/bridge/br_multicast.c | 42 +++++++-------------------------------- + net/bridge/br_private.h | 4 +--- + 2 files changed, 8 insertions(+), 38 deletions(-) + +diff --git a/net/bridge/br_multicast.c b/net/bridge/br_multicast.c +index dc49df4f92a8..47c0625c5553 100644 +--- a/net/bridge/br_multicast.c ++++ b/net/bridge/br_multicast.c +@@ -1762,10 +1762,6 @@ static void br_ip6_multicast_querier_expired(struct timer_list *t) + } + #endif + +-static void br_multicast_query_delay_expired(struct timer_list *t) +-{ +-} +- + static void br_multicast_select_own_querier(struct net_bridge_mcast *brmctx, + struct br_ip *ip, + struct sk_buff *skb) +@@ -3198,12 +3194,8 @@ int br_multicast_dump_querier_state(struct sk_buff *skb, + + static void + br_multicast_update_query_timer(struct net_bridge_mcast *brmctx, +- struct bridge_mcast_other_query *query, +- unsigned long max_delay) ++ struct bridge_mcast_other_query *query) + { +- if (!timer_pending(&query->timer)) +- mod_timer(&query->delay_timer, jiffies + max_delay); +- + mod_timer(&query->timer, jiffies + brmctx->multicast_querier_interval); + } + +@@ -3394,13 +3386,12 @@ static void + br_ip4_multicast_query_received(struct net_bridge_mcast *brmctx, + struct net_bridge_mcast_port *pmctx, + struct bridge_mcast_other_query *query, +- struct br_ip *saddr, +- unsigned long max_delay) ++ struct br_ip *saddr) + { + if (!br_multicast_select_querier(brmctx, pmctx, saddr)) + return; + +- br_multicast_update_query_timer(brmctx, query, max_delay); ++ br_multicast_update_query_timer(brmctx, query); + br_ip4_multicast_mark_router(brmctx, pmctx); + } + +@@ -3409,13 +3400,12 @@ static void + br_ip6_multicast_query_received(struct net_bridge_mcast *brmctx, + struct net_bridge_mcast_port *pmctx, + struct bridge_mcast_other_query *query, +- struct br_ip *saddr, +- unsigned long max_delay) ++ struct br_ip *saddr) + { + if (!br_multicast_select_querier(brmctx, pmctx, saddr)) + return; + +- br_multicast_update_query_timer(brmctx, query, max_delay); ++ br_multicast_update_query_timer(brmctx, query); + br_ip6_multicast_mark_router(brmctx, pmctx); + } + #endif +@@ -3469,7 +3459,7 @@ static void br_ip4_multicast_query(struct net_bridge_mcast *brmctx, + + br_ip4_multicast_query_received(brmctx, pmctx, + &brmctx->ip4_other_query, +- &saddr, max_delay); ++ &saddr); + goto out; + } + +@@ -3557,7 +3547,7 @@ static int br_ip6_multicast_query(struct net_bridge_mcast *brmctx, + + br_ip6_multicast_query_received(brmctx, pmctx, + &brmctx->ip6_other_query, +- &saddr, max_delay); ++ &saddr); + goto out; + } else if (!group) { + goto out; +@@ -4065,8 +4055,6 @@ void br_multicast_ctx_init(struct net_bridge *br, + br_ip4_multicast_local_router_expired, 0); + timer_setup(&brmctx->ip4_other_query.timer, + br_ip4_multicast_querier_expired, 0); +- timer_setup(&brmctx->ip4_other_query.delay_timer, +- br_multicast_query_delay_expired, 0); + timer_setup(&brmctx->ip4_own_query.timer, + br_ip4_multicast_query_expired, 0); + #if IS_ENABLED(CONFIG_IPV6) +@@ -4074,8 +4062,6 @@ void br_multicast_ctx_init(struct net_bridge *br, + br_ip6_multicast_local_router_expired, 0); + timer_setup(&brmctx->ip6_other_query.timer, + br_ip6_multicast_querier_expired, 0); +- timer_setup(&brmctx->ip6_other_query.delay_timer, +- br_multicast_query_delay_expired, 0); + timer_setup(&brmctx->ip6_own_query.timer, + br_ip6_multicast_query_expired, 0); + #endif +@@ -4210,12 +4196,10 @@ static void __br_multicast_stop(struct net_bridge_mcast *brmctx) + { + del_timer_sync(&brmctx->ip4_mc_router_timer); + del_timer_sync(&brmctx->ip4_other_query.timer); +- del_timer_sync(&brmctx->ip4_other_query.delay_timer); + del_timer_sync(&brmctx->ip4_own_query.timer); + #if IS_ENABLED(CONFIG_IPV6) + del_timer_sync(&brmctx->ip6_mc_router_timer); + del_timer_sync(&brmctx->ip6_other_query.timer); +- del_timer_sync(&brmctx->ip6_other_query.delay_timer); + del_timer_sync(&brmctx->ip6_own_query.timer); + #endif + } +@@ -4643,8 +4627,6 @@ EXPORT_SYMBOL_GPL(br_multicast_router); + + int br_multicast_set_querier(struct net_bridge_mcast *brmctx, unsigned long val) + { +- unsigned long max_delay; +- + val = !!val; + + spin_lock_bh(&brmctx->br->multicast_lock); +@@ -4655,19 +4637,9 @@ int br_multicast_set_querier(struct net_bridge_mcast *brmctx, unsigned long val) + if (!val) + goto unlock; + +- max_delay = brmctx->multicast_query_response_interval; +- +- if (!timer_pending(&brmctx->ip4_other_query.timer)) +- mod_timer(&brmctx->ip4_other_query.delay_timer, +- jiffies + max_delay); +- + br_multicast_start_querier(brmctx, &brmctx->ip4_own_query); + + #if IS_ENABLED(CONFIG_IPV6) +- if (!timer_pending(&brmctx->ip6_other_query.timer)) +- mod_timer(&brmctx->ip6_other_query.delay_timer, +- jiffies + max_delay); +- + br_multicast_start_querier(brmctx, &brmctx->ip6_own_query); + #endif + +diff --git a/net/bridge/br_private.h b/net/bridge/br_private.h +index 7aabf8bd7da2..43fff09dfb71 100644 +--- a/net/bridge/br_private.h ++++ b/net/bridge/br_private.h +@@ -78,7 +78,6 @@ struct bridge_mcast_own_query { + /* other querier */ + struct bridge_mcast_other_query { + struct timer_list timer; +- struct timer_list delay_timer; + }; + + /* selected querier */ +@@ -1164,8 +1163,7 @@ __br_multicast_querier_exists(struct net_bridge_mcast *brmctx, + own_querier_enabled = false; + } + +- return !timer_pending(&querier->delay_timer) && +- (own_querier_enabled || timer_pending(&querier->timer)); ++ return own_querier_enabled || timer_pending(&querier->timer); + } + + static inline bool br_multicast_querier_exists(struct net_bridge_mcast *brmctx, +-- +2.43.0 + diff --git a/patches/linux/6.10.3/0004-usb-core-adjust-log-level-for-unauthorized-devices.patch b/patches/linux/6.10.3/0004-usb-core-adjust-log-level-for-unauthorized-devices.patch new file mode 100644 index 000000000..978eed192 --- /dev/null +++ b/patches/linux/6.10.3/0004-usb-core-adjust-log-level-for-unauthorized-devices.patch @@ -0,0 +1,49 @@ +From c7818c4273ef1705d6e153f5e4eda683d68f59be Mon Sep 17 00:00:00 2001 +From: Joachim Wiberg +Date: Mon, 29 Apr 2024 15:14:51 +0200 +Subject: [PATCH 4/5] usb: core: adjust log level for unauthorized devices +Organization: Addiva Elektronik + +The fact that a USB device currently is not authorized is not an error, +so let's adjust the log level so these messages slip below radar for the +commonly used 'quiet' log level. + +Signed-off-by: Joachim Wiberg +--- + drivers/usb/core/driver.c | 4 ++-- + drivers/usb/core/generic.c | 2 +- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/drivers/usb/core/driver.c b/drivers/usb/core/driver.c +index e02ba15f6e34..3fe4d15cd6db 100644 +--- a/drivers/usb/core/driver.c ++++ b/drivers/usb/core/driver.c +@@ -335,10 +335,10 @@ static int usb_probe_interface(struct device *dev) + return error; + + if (udev->authorized == 0) { +- dev_err(&intf->dev, "Device is not authorized for usage\n"); ++ dev_warn(&intf->dev, "Device is not authorized for usage\n"); + return error; + } else if (intf->authorized == 0) { +- dev_err(&intf->dev, "Interface %d is not authorized for usage\n", ++ dev_warn(&intf->dev, "Interface %d is not authorized for usage\n", + intf->altsetting->desc.bInterfaceNumber); + return error; + } +diff --git a/drivers/usb/core/generic.c b/drivers/usb/core/generic.c +index b134bff5c3fe..60575a01a810 100644 +--- a/drivers/usb/core/generic.c ++++ b/drivers/usb/core/generic.c +@@ -247,7 +247,7 @@ int usb_generic_driver_probe(struct usb_device *udev) + * with the driver core and lets interface drivers bind to them. + */ + if (udev->authorized == 0) +- dev_err(&udev->dev, "Device is not authorized for usage\n"); ++ dev_warn(&udev->dev, "Device is not authorized for usage\n"); + else { + c = usb_choose_configuration(udev); + if (c >= 0) { +-- +2.43.0 + diff --git a/patches/linux/6.10.3/0005-net-usb-r8152-add-r8153b-support-for-link-activity-L.patch b/patches/linux/6.10.3/0005-net-usb-r8152-add-r8153b-support-for-link-activity-L.patch new file mode 100644 index 000000000..214f6c882 --- /dev/null +++ b/patches/linux/6.10.3/0005-net-usb-r8152-add-r8153b-support-for-link-activity-L.patch @@ -0,0 +1,49 @@ +From daba70e7782b704224396f0d86dcd91b4713e064 Mon Sep 17 00:00:00 2001 +From: Joachim Wiberg +Date: Sun, 11 Aug 2024 11:27:35 +0200 +Subject: [PATCH 5/5] net: usb: r8152: add r8153b support for link/activity + LEDs +Organization: Addiva Elektronik + +This patch adds support for the link/activity LEDs on the NanoPi R2S +and OrangePi R1 Plus. + +From the Rockchip kernel hosted by FriendlyARM/FriendlyELEC at +https://github.com/friendlyarm/kernel-rockchip/ + +Specifically commit be0b1939b271c307ab1fef5fb1478beaafc6de17 + +Signed-off-by: Joachim Wiberg +--- + drivers/net/usb/r8152.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/drivers/net/usb/r8152.c b/drivers/net/usb/r8152.c +index 19df1cd9f072..810477991810 100644 +--- a/drivers/net/usb/r8152.c ++++ b/drivers/net/usb/r8152.c +@@ -41,6 +41,11 @@ + #define DRIVER_DESC "Realtek RTL8152/RTL8153 Based USB Ethernet Adapters" + #define MODULENAME "r8152" + ++/* LED0: Activity, LED1: Link */ ++static int ledsel = 0x78; ++module_param(ledsel, int, 0); ++MODULE_PARM_DESC(ledsel, "Override default LED configuration"); ++ + #define R8152_PHY_ID 32 + + #define PLA_IDR 0xc000 +@@ -7296,6 +7301,9 @@ static void r8153b_init(struct r8152 *tp) + ocp_data &= ~(RX_AGG_DISABLE | RX_ZERO_EN); + ocp_write_word(tp, MCU_TYPE_USB, USB_USB_CTRL, ocp_data); + ++ /* set customized led */ ++ ocp_write_word(tp, MCU_TYPE_PLA, PLA_LEDSEL, ledsel); ++ + rtl_tally_reset(tp); + + tp->coalesce = 15000; /* 15 us */ +-- +2.43.0 + diff --git a/patches/linux/linux-headers.hash b/patches/linux/linux-headers.hash new file mode 120000 index 000000000..7c10ad098 --- /dev/null +++ b/patches/linux/linux-headers.hash @@ -0,0 +1 @@ +linux.hash \ No newline at end of file diff --git a/board/riscv64/visionfive2/patches/linux/linux.hash b/patches/linux/linux.hash similarity index 54% rename from board/riscv64/visionfive2/patches/linux/linux.hash rename to patches/linux/linux.hash index ccad8068d..6dcaaef7b 100644 --- a/board/riscv64/visionfive2/patches/linux/linux.hash +++ b/patches/linux/linux.hash @@ -1,2 +1,3 @@ # Locally calculated sha256 9ac322d85bcf98a04667d929f5c2666b15bd58c6c2d68dd512c72acbced07d04 linux-6.8.2.tar.xz +sha256 fa5f22fd67dd05812d39dca579320c493048e26c4a556048a12385e7ae6fc698 linux-6.10.3.tar.xz diff --git a/board/riscv64/visionfive2/patches/opensbi/opensbi.hash b/patches/opensbi/opensbi.hash similarity index 100% rename from board/riscv64/visionfive2/patches/opensbi/opensbi.hash rename to patches/opensbi/opensbi.hash diff --git a/board/riscv64/visionfive2/patches/uboot/uboot.hash b/patches/uboot/uboot.hash similarity index 100% rename from board/riscv64/visionfive2/patches/uboot/uboot.hash rename to patches/uboot/uboot.hash diff --git a/src/klish-plugin-infix/xml/infix.xml b/src/klish-plugin-infix/xml/infix.xml index 3cf3409f7..4ee150a15 100644 --- a/src/klish-plugin-infix/xml/infix.xml +++ b/src/klish-plugin-infix/xml/infix.xml @@ -504,8 +504,12 @@ + + + - rauc install $KLISH_PARAM_URI + force=${KLISH_PARAM_force:+--ignore-compatible} + rauc install $force $KLISH_PARAM_URI