diff options
Diffstat (limited to 'scripts/package-build/linux-kernel')
18 files changed, 850 insertions, 294 deletions
diff --git a/scripts/package-build/linux-kernel/.gitignore b/scripts/package-build/linux-kernel/.gitignore index 0a18ea8c..f1fb5374 100644 --- a/scripts/package-build/linux-kernel/.gitignore +++ b/scripts/package-build/linux-kernel/.gitignore @@ -9,6 +9,7 @@ /ovpn-dco /nat-rtsp* /jool* +/ipt-netflow* /qat* /QAT* *.tar.gz @@ -18,13 +19,12 @@ # Intel Driver source i40e-*/ igb-*/ -ixgbe-*/ -ixgbevf-*/ +ethernet-linux-*/ vyos-intel-*/ vyos-linux-firmware*/ kernel-vars r8152-*.tar.bz2 - +ephemeral.* *.buildinfo *.build *.changes diff --git a/scripts/package-build/linux-kernel/README.md b/scripts/package-build/linux-kernel/README.md index 56954e5a..927e880c 100644 --- a/scripts/package-build/linux-kernel/README.md +++ b/scripts/package-build/linux-kernel/README.md @@ -5,9 +5,9 @@ # About -VyOS runs on a custom Linux Kernel (which is 4.19) at the time of this writing. -This repository holds a Jenkins Pipeline which is used to build the Custom -Kernel (x86_64/amd64 at the moment) and all required out-of tree modules. +VyOS runs on a custom Linux Kernel (which is 6.6) at the time of this writing. +This repository holds build scripts that are used to build the Custom Kernel +(x86_64/amd64 at the moment) and all required out-of tree modules. VyOS does not utilize the build in Intel Kernel drivers for its NICs as those Kernels sometimes lack features e.g. configurable receive-side-scaling queues. @@ -33,9 +33,3 @@ VyOS utilizes several Out-of-Tree modules (e.g. WireGuard, Accel-PPP and Intel network interface card drivers). Module source code is retrieved from the upstream repository and - when needed - patched so it can be build using this pipeline. - -In the past VyOS maintainers had a fork of the Linux Kernel, WireGuard and -Accel-PPP. This is fine but increases maintenance effort. By utilizing vanilla -repositories upgrading to new versions is very easy - only the branch/commit/tag -used when cloning the repository via [Jenkinsfile](Jenkinsfile) needs to be -adjusted. diff --git a/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig b/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig index 7b49f05f..e6ea3893 100644 --- a/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig +++ b/scripts/package-build/linux-kernel/arch/arm64/configs/vyos_defconfig @@ -234,7 +234,7 @@ CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y -CONFIG_IO_URING=y +# CONFIG_IO_URING is not set CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y CONFIG_KALLSYMS=y @@ -1735,7 +1735,7 @@ CONFIG_RFKILL_INPUT=y # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set -# CONFIG_PSAMPLE is not set +CONFIG_PSAMPLE=y # CONFIG_NET_IFE is not set CONFIG_LWTUNNEL=y CONFIG_LWTUNNEL_BPF=y @@ -1975,7 +1975,7 @@ CONFIG_RASPBERRYPI_FIRMWARE=y CONFIG_QCOM_SCM=y # CONFIG_QCOM_SCM_DOWNLOAD_MODE_DEFAULT is not set CONFIG_SYSFB=y -# CONFIG_SYSFB_SIMPLEFB is not set +CONFIG_SYSFB_SIMPLEFB=y CONFIG_TI_SCI_PROTOCOL=y CONFIG_TURRIS_MOX_RWTM=m # CONFIG_ARM_FFA_TRANSPORT is not set @@ -3353,7 +3353,8 @@ CONFIG_SERIAL_8250_TEGRA=y # Non-8250 serial port support # # CONFIG_SERIAL_AMBA_PL010 is not set -# CONFIG_SERIAL_AMBA_PL011 is not set +CONFIG_SERIAL_AMBA_PL011=y +CONFIG_SERIAL_AMBA_PL011_CONSOLE=y # CONFIG_SERIAL_EARLYCON_SEMIHOST is not set # CONFIG_SERIAL_MESON is not set # CONFIG_SERIAL_TEGRA is not set @@ -3401,7 +3402,7 @@ CONFIG_TTY_PRINTK=m CONFIG_TTY_PRINTK_LEVEL=6 # CONFIG_PRINTER is not set # CONFIG_PPDEV is not set -CONFIG_VIRTIO_CONSOLE=m +CONFIG_VIRTIO_CONSOLE=y CONFIG_IPMI_HANDLER=m CONFIG_IPMI_DMI_DECODE=y CONFIG_IPMI_PLAT_DATA=y @@ -4495,8 +4496,141 @@ CONFIG_VIDEO_CMDLINE=y # CONFIG_AUXDISPLAY is not set # CONFIG_PANEL is not set # CONFIG_TEGRA_HOST1X is not set -# CONFIG_DRM is not set +CONFIG_DRM=y +# CONFIG_DRM_DEBUG_MM is not set +CONFIG_DRM_KMS_HELPER=y +# CONFIG_DRM_DEBUG_DP_MST_TOPOLOGY_REFS is not set # CONFIG_DRM_DEBUG_MODESET_LOCK is not set +CONFIG_DRM_FBDEV_EMULATION=y +CONFIG_DRM_FBDEV_OVERALLOC=100 +# CONFIG_DRM_FBDEV_LEAK_PHYS_SMEM is not set +# CONFIG_DRM_LOAD_EDID_FIRMWARE is not set +CONFIG_DRM_TTM=y +CONFIG_DRM_TTM_HELPER=y +CONFIG_DRM_GEM_SHMEM_HELPER=y + +# +# I2C encoder or helper chips +# +# CONFIG_DRM_I2C_CH7006 is not set +# CONFIG_DRM_I2C_SIL164 is not set +# CONFIG_DRM_I2C_NXP_TDA998X is not set +# CONFIG_DRM_I2C_NXP_TDA9950 is not set +# end of I2C encoder or helper chips + +# +# ARM devices +# +# CONFIG_DRM_HDLCD is not set +# CONFIG_DRM_MALI_DISPLAY is not set +# CONFIG_DRM_KOMEDA is not set +# end of ARM devices + +# CONFIG_DRM_RADEON is not set +# CONFIG_DRM_AMDGPU is not set +# CONFIG_DRM_NOUVEAU is not set +# CONFIG_DRM_VGEM is not set +# CONFIG_DRM_VKMS is not set +# CONFIG_DRM_ROCKCHIP is not set +# CONFIG_DRM_VMWGFX is not set +# CONFIG_DRM_UDL is not set +# CONFIG_DRM_AST is not set +# CONFIG_DRM_MGAG200 is not set +# CONFIG_DRM_RCAR_DU is not set +# CONFIG_DRM_RZG2L_MIPI_DSI is not set +# CONFIG_DRM_SHMOBILE is not set +# CONFIG_DRM_SUN4I is not set +CONFIG_DRM_QXL=y +CONFIG_DRM_VIRTIO_GPU=y +CONFIG_DRM_VIRTIO_GPU_KMS=y +# CONFIG_DRM_MSM is not set +# CONFIG_DRM_TEGRA is not set +CONFIG_DRM_PANEL=y + +# +# Display Panels +# +# CONFIG_DRM_PANEL_ARM_VERSATILE is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6E88A0_AMS452EF01 is not set +# CONFIG_DRM_PANEL_SAMSUNG_S6E8AA0 is not set +# CONFIG_DRM_PANEL_SHARP_LS037V7DW01 is not set +# end of Display Panels + +CONFIG_DRM_BRIDGE=y +CONFIG_DRM_PANEL_BRIDGE=y + +# +# Display Interface Bridges +# +# CONFIG_DRM_CHIPONE_ICN6211 is not set +# CONFIG_DRM_CHRONTEL_CH7033 is not set +# CONFIG_DRM_DISPLAY_CONNECTOR is not set +# CONFIG_DRM_FSL_LDB is not set +# CONFIG_DRM_ITE_IT6505 is not set +# CONFIG_DRM_LONTIUM_LT8912B is not set +# CONFIG_DRM_LONTIUM_LT9211 is not set +# CONFIG_DRM_LONTIUM_LT9611 is not set +# CONFIG_DRM_LONTIUM_LT9611UXC is not set +# CONFIG_DRM_ITE_IT66121 is not set +# CONFIG_DRM_LVDS_CODEC is not set +# CONFIG_DRM_MEGACHIPS_STDPXXXX_GE_B850V3_FW is not set +# CONFIG_DRM_NWL_MIPI_DSI is not set +# CONFIG_DRM_NXP_PTN3460 is not set +# CONFIG_DRM_PARADE_PS8622 is not set +# CONFIG_DRM_PARADE_PS8640 is not set +# CONFIG_DRM_SAMSUNG_DSIM is not set +# CONFIG_DRM_SIL_SII8620 is not set +# CONFIG_DRM_SII902X is not set +# CONFIG_DRM_SII9234 is not set +# CONFIG_DRM_SIMPLE_BRIDGE is not set +# CONFIG_DRM_THINE_THC63LVD1024 is not set +# CONFIG_DRM_TOSHIBA_TC358762 is not set +# CONFIG_DRM_TOSHIBA_TC358764 is not set +# CONFIG_DRM_TOSHIBA_TC358767 is not set +# CONFIG_DRM_TOSHIBA_TC358768 is not set +# CONFIG_DRM_TOSHIBA_TC358775 is not set +# CONFIG_DRM_TI_DLPC3433 is not set +# CONFIG_DRM_TI_TFP410 is not set +# CONFIG_DRM_TI_SN65DSI83 is not set +# CONFIG_DRM_TI_SN65DSI86 is not set +# CONFIG_DRM_TI_TPD12S015 is not set +# CONFIG_DRM_ANALOGIX_ANX6345 is not set +# CONFIG_DRM_ANALOGIX_ANX78XX is not set +# CONFIG_DRM_ANALOGIX_ANX7625 is not set +# CONFIG_DRM_I2C_ADV7511 is not set +# CONFIG_DRM_CDNS_DSI is not set +# CONFIG_DRM_CDNS_MHDP8546 is not set +# CONFIG_DRM_IMX8QM_LDB is not set +# CONFIG_DRM_IMX8QXP_LDB is not set +# CONFIG_DRM_IMX8QXP_PIXEL_COMBINER is not set +# CONFIG_DRM_IMX8QXP_PIXEL_LINK_TO_DPI is not set +# end of Display Interface Bridges + +# CONFIG_DRM_IMX_DCSS is not set +# CONFIG_DRM_IMX_LCDC is not set +# CONFIG_DRM_V3D is not set +# CONFIG_DRM_LOONGSON is not set +# CONFIG_DRM_ETNAVIV is not set +# CONFIG_DRM_HISI_HIBMC is not set +# CONFIG_DRM_HISI_KIRIN is not set +# CONFIG_DRM_LOGICVC is not set +# CONFIG_DRM_MXSFB is not set +# CONFIG_DRM_IMX_LCDIF is not set +# CONFIG_DRM_MESON is not set +# CONFIG_DRM_ARCPGU is not set +# CONFIG_DRM_BOCHS is not set +# CONFIG_DRM_CIRRUS_QEMU is not set +# CONFIG_DRM_GM12U320 is not set +CONFIG_DRM_SIMPLEDRM=y +# CONFIG_DRM_PL111 is not set +# CONFIG_DRM_XEN_FRONTEND is not set +# CONFIG_DRM_LIMA is not set +# CONFIG_DRM_PANFROST is not set +# CONFIG_DRM_TIDSS is not set +# CONFIG_DRM_GUD is not set +# CONFIG_DRM_SSD130X is not set +# CONFIG_DRM_HYPERV is not set +# CONFIG_DRM_LEGACY is not set CONFIG_DRM_PANEL_ORIENTATION_QUIRKS=y # @@ -5362,7 +5496,9 @@ CONFIG_VIRTIO_MEM=m CONFIG_VIRTIO_INPUT=m CONFIG_VIRTIO_MMIO=m CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y -# CONFIG_VDPA is not set +CONFIG_VIRTIO_VDPA=m +CONFIG_VDPA=m +CONFIG_VHOST_VDPA=m CONFIG_VHOST_IOTLB=m CONFIG_VHOST_TASK=y CONFIG_VHOST=m @@ -6194,7 +6330,7 @@ CONFIG_VFAT_FS=m CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="ascii" CONFIG_FAT_DEFAULT_UTF8=y -# CONFIG_EXFAT_FS is not set +CONFIG_EXFAT_FS=m # CONFIG_NTFS_FS is not set # CONFIG_NTFS3_FS is not set # end of DOS/FAT/EXFAT/NT Filesystems diff --git a/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig b/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig index 4c1a4adc..de3b84aa 100644 --- a/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig +++ b/scripts/package-build/linux-kernel/arch/x86/configs/vyos_defconfig @@ -1,6 +1,6 @@ # # Automatically generated file; DO NOT EDIT. -# Linux/x86 6.6.52 Kernel Configuration +# Linux/x86 6.6.89 Kernel Configuration # CONFIG_CC_VERSION_TEXT="gcc (Debian 12.2.0-14) 12.2.0" CONFIG_CC_IS_GCC=y @@ -122,6 +122,7 @@ CONFIG_BPF_JIT=y CONFIG_BPF_JIT_DEFAULT_ON=y # CONFIG_BPF_UNPRIV_DEFAULT_OFF is not set # CONFIG_BPF_PRELOAD is not set +# CONFIG_BPF_LSM is not set # end of BPF subsystem CONFIG_PREEMPT_NONE_BUILD=y @@ -256,7 +257,7 @@ CONFIG_TIMERFD=y CONFIG_EVENTFD=y CONFIG_SHMEM=y CONFIG_AIO=y -CONFIG_IO_URING=y +# CONFIG_IO_URING is not set CONFIG_ADVISE_SYSCALLS=y CONFIG_MEMBARRIER=y CONFIG_KALLSYMS=y @@ -488,7 +489,6 @@ CONFIG_PHYSICAL_ALIGN=0x200000 CONFIG_DYNAMIC_MEMORY_LAYOUT=y CONFIG_RANDOMIZE_MEMORY=y CONFIG_RANDOMIZE_MEMORY_PHYSICAL_PADDING=0xa -# CONFIG_ADDRESS_MASKING is not set CONFIG_HOTPLUG_CPU=y # CONFIG_COMPAT_VDSO is not set # CONFIG_LEGACY_VSYSCALL_XONLY is not set @@ -1185,6 +1185,7 @@ CONFIG_IPV6_SEG6_HMAC=y CONFIG_IPV6_SEG6_BPF=y # CONFIG_IPV6_RPL_LWTUNNEL is not set # CONFIG_IPV6_IOAM6_LWTUNNEL is not set +# CONFIG_NETLABEL is not set CONFIG_MPTCP=y CONFIG_INET_MPTCP_DIAG=m CONFIG_MPTCP_IPV6=y @@ -1477,6 +1478,7 @@ CONFIG_IP_NF_MANGLE=m CONFIG_IP_NF_TARGET_ECN=m CONFIG_IP_NF_TARGET_TTL=m CONFIG_IP_NF_RAW=m +# CONFIG_IP_NF_SECURITY is not set CONFIG_IP_NF_ARPTABLES=m CONFIG_IP_NF_ARPFILTER=m CONFIG_IP_NF_ARP_MANGLE=m @@ -1511,6 +1513,7 @@ CONFIG_IP6_NF_TARGET_REJECT=m CONFIG_IP6_NF_TARGET_SYNPROXY=m CONFIG_IP6_NF_MANGLE=m CONFIG_IP6_NF_RAW=m +# CONFIG_IP6_NF_SECURITY is not set CONFIG_IP6_NF_NAT=m CONFIG_IP6_NF_TARGET_MASQUERADE=m CONFIG_IP6_NF_TARGET_NPT=m @@ -1777,7 +1780,7 @@ CONFIG_RFKILL_INPUT=y # CONFIG_CAIF is not set # CONFIG_CEPH_LIB is not set # CONFIG_NFC is not set -# CONFIG_PSAMPLE is not set +CONFIG_PSAMPLE=y # CONFIG_NET_IFE is not set CONFIG_LWTUNNEL=y CONFIG_LWTUNNEL_BPF=y @@ -1795,8 +1798,6 @@ CONFIG_ETHTOOL_NETLINK=y # # Device Drivers # -CONFIG_HAVE_EISA=y -# CONFIG_EISA is not set CONFIG_HAVE_PCI=y CONFIG_PCI=y CONFIG_PCI_DOMAINS=y @@ -4415,6 +4416,7 @@ CONFIG_HID_GENERIC=m # CONFIG_HID_THRUSTMASTER is not set # CONFIG_HID_UDRAW_PS3 is not set # CONFIG_HID_U2FZERO is not set +# CONFIG_HID_UNIVERSAL_PIDFF is not set # CONFIG_HID_WACOM is not set # CONFIG_HID_WIIMOTE is not set # CONFIG_HID_XINMO is not set @@ -4422,6 +4424,7 @@ CONFIG_HID_GENERIC=m # CONFIG_HID_ZYDACRON is not set # CONFIG_HID_SENSOR_HUB is not set # CONFIG_HID_ALPS is not set +# CONFIG_HID_MCP2200 is not set # CONFIG_HID_MCP2221 is not set # end of Special HID drivers @@ -5019,18 +5022,27 @@ CONFIG_VIRTIO_PCI_LIB_LEGACY=m CONFIG_VIRTIO_MENU=y CONFIG_VIRTIO_PCI=m CONFIG_VIRTIO_PCI_LEGACY=y +CONFIG_VIRTIO_VDPA=m # CONFIG_VIRTIO_PMEM is not set CONFIG_VIRTIO_BALLOON=m CONFIG_VIRTIO_INPUT=m CONFIG_VIRTIO_MMIO=m CONFIG_VIRTIO_MMIO_CMDLINE_DEVICES=y -# CONFIG_VDPA is not set +CONFIG_VDPA=m +# CONFIG_VDPA_USER is not set +# CONFIG_IFCVF is not set +# CONFIG_MLX5_VDPA_NET is not set +# CONFIG_MLX5_VDPA_STEERING_DEBUG is not set +# CONFIG_VP_VDPA is not set +# CONFIG_ALIBABA_ENI_VDPA is not set +# CONFIG_SNET_VDPA is not set CONFIG_VHOST_IOTLB=m CONFIG_VHOST_TASK=y CONFIG_VHOST=m CONFIG_VHOST_MENU=y CONFIG_VHOST_NET=m CONFIG_VHOST_VSOCK=m +CONFIG_VHOST_VDPA=m # CONFIG_VHOST_CROSS_ENDIAN_LEGACY is not set # @@ -5408,7 +5420,6 @@ CONFIG_FILE_LOCKING=y CONFIG_FSNOTIFY=y CONFIG_DNOTIFY=y CONFIG_INOTIFY_USER=y -CONFIG_INOTIFY_STACKFS=y # CONFIG_FANOTIFY is not set # CONFIG_QUOTA is not set CONFIG_AUTOFS_FS=m @@ -5452,7 +5463,8 @@ CONFIG_VFAT_FS=m CONFIG_FAT_DEFAULT_CODEPAGE=437 CONFIG_FAT_DEFAULT_IOCHARSET="ascii" CONFIG_FAT_DEFAULT_UTF8=y -# CONFIG_EXFAT_FS is not set +CONFIG_EXFAT_FS=m +CONFIG_EXFAT_DEFAULT_IOCHARSET="utf8" # CONFIG_NTFS_FS is not set # CONFIG_NTFS3_FS is not set # end of DOS/FAT/EXFAT/NT Filesystems @@ -5474,9 +5486,9 @@ CONFIG_TMPFS_XATTR=y # CONFIG_TMPFS_INODE64 is not set # CONFIG_TMPFS_QUOTA is not set CONFIG_HUGETLBFS=y +# CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP_DEFAULT_ON is not set CONFIG_HUGETLB_PAGE=y CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP=y -# CONFIG_HUGETLB_PAGE_OPTIMIZE_VMEMMAP_DEFAULT_ON is not set CONFIG_ARCH_HAS_GIGANTIC_PAGE=y CONFIG_CONFIGFS_FS=m CONFIG_EFIVAR_FS=m @@ -5581,7 +5593,6 @@ CONFIG_NLS_ISO8859_1=m CONFIG_NLS_UTF8=m # CONFIG_DLM is not set # CONFIG_UNICODE is not set -CONFIG_IO_WQ=y # end of File systems # @@ -5594,12 +5605,31 @@ CONFIG_KEYS=y # CONFIG_ENCRYPTED_KEYS is not set # CONFIG_KEY_DH_OPERATIONS is not set CONFIG_SECURITY_DMESG_RESTRICT=y -# CONFIG_SECURITY is not set +CONFIG_PROC_MEM_ALWAYS_FORCE=y +# CONFIG_PROC_MEM_FORCE_PTRACE is not set +# CONFIG_PROC_MEM_NO_FORCE is not set +CONFIG_SECURITY=y CONFIG_SECURITYFS=y +# CONFIG_SECURITY_NETWORK is not set +# CONFIG_SECURITY_INFINIBAND is not set +# CONFIG_SECURITY_PATH is not set # CONFIG_INTEL_TXT is not set -CONFIG_HARDENED_USERCOPY=y +# CONFIG_HARDENED_USERCOPY is not set CONFIG_FORTIFY_SOURCE=y # CONFIG_STATIC_USERMODEHELPER is not set +# CONFIG_SECURITY_SMACK is not set +# CONFIG_SECURITY_TOMOYO is not set +# CONFIG_SECURITY_APPARMOR is not set +# CONFIG_SECURITY_LOADPIN is not set +# CONFIG_SECURITY_YAMA is not set +# CONFIG_SECURITY_SAFESETID is not set +CONFIG_SECURITY_LOCKDOWN_LSM=y +CONFIG_SECURITY_LOCKDOWN_LSM_EARLY=y +CONFIG_LOCK_DOWN_KERNEL_FORCE_NONE=y +# CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY is not set +# CONFIG_LOCK_DOWN_KERNEL_FORCE_CONFIDENTIALITY is not set +# CONFIG_SECURITY_LANDLOCK is not set +# CONFIG_INTEGRITY is not set # CONFIG_IMA_SECURE_AND_OR_TRUSTED_BOOT is not set CONFIG_DEFAULT_SECURITY_DAC=y CONFIG_LSM="lockdown,yama,loadpin,safesetid,integrity" @@ -5900,8 +5930,8 @@ CONFIG_SIGNED_PE_FILE_VERIFICATION=y CONFIG_MODULE_SIG_KEY="certs/signing_key.pem" CONFIG_MODULE_SIG_KEY_TYPE_RSA=y # CONFIG_MODULE_SIG_KEY_TYPE_ECDSA is not set -# CONFIG_SYSTEM_TRUSTED_KEYRING is not set -# CONFIG_SYSTEM_TRUSTED_KEYS is not set +CONFIG_SYSTEM_TRUSTED_KEYRING=y +CONFIG_SYSTEM_TRUSTED_KEYS="" # CONFIG_SYSTEM_EXTRA_CERTIFICATE is not set # CONFIG_SECONDARY_TRUSTED_KEYRING is not set # CONFIG_SYSTEM_BLACKLIST_KEYRING is not set diff --git a/scripts/package-build/linux-kernel/build-intel-ixgbe.sh b/scripts/package-build/linux-kernel/build-intel-ixgbe.sh deleted file mode 100755 index 797ed60f..00000000 --- a/scripts/package-build/linux-kernel/build-intel-ixgbe.sh +++ /dev/null @@ -1,113 +0,0 @@ -#!/bin/sh -CWD=$(pwd) -KERNEL_VAR_FILE=${CWD}/kernel-vars - -if ! dpkg-architecture -iamd64; then - echo "Intel ixgbe is only buildable on amd64 platforms" - exit 0 -fi - -if [ ! -f ${KERNEL_VAR_FILE} ]; then - echo "Kernel variable file '${KERNEL_VAR_FILE}' does not exist, run ./build_kernel.sh first" - exit 1 -fi - -. ${KERNEL_VAR_FILE} - -url="https://sourceforge.net/projects/e1000/files/ixgbe%20stable/5.20.3/ixgbe-5.20.3.tar.gz" - -cd ${CWD} - -DRIVER_FILE=$(basename ${url} | sed -e s/tar_0/tar/) -DRIVER_DIR="${DRIVER_FILE%.tar.gz}" -DRIVER_NAME="ixgbe" -DRIVER_VERSION=$(echo ${DRIVER_DIR} | awk -F${DRIVER_NAME} '{print $2}' | sed 's/^-//') -DRIVER_VERSION_EXTRA="" - -# Build up Debian related variables required for packaging -DEBIAN_ARCH=$(dpkg --print-architecture) -DEBIAN_DIR="${CWD}/vyos-intel-${DRIVER_NAME}_${DRIVER_VERSION}_${DEBIAN_ARCH}" -DEBIAN_CONTROL="${DEBIAN_DIR}/DEBIAN/control" -DEBIAN_POSTINST="${CWD}/vyos-intel-ixgbe.postinst" - -# Fetch Intel driver source from SourceForge -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -curl -L -o ${DRIVER_FILE} ${url} -if [ "$?" -ne "0" ]; then - exit 1 -fi - -# Unpack archive -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -mkdir -p ${DRIVER_DIR} -tar -C ${DRIVER_DIR} --strip-components=1 -xf ${DRIVER_FILE} - -cd ${DRIVER_DIR}/src -if [ -z $KERNEL_DIR ]; then - echo "KERNEL_DIR not defined" - exit 1 -fi - -# See https://lore.kernel.org/lkml/f90837d0-810e-5772-7841-28d47c44d260@intel.com/ -echo "I: remove pci_enable_pcie_error_reporting() code no longer present in Kernel" -sed -i '/.*pci_disable_pcie_error_reporting(pdev);/d' ixgbe_main.c -sed -i '/.*pci_enable_pcie_error_reporting(pdev);/d' ixgbe_main.c - -# See https://vyos.dev/T6155 -echo "I: always enable allow_unsupported_sfp for all NICs by default" -patch -l -p1 < ../../patches/ixgbe/allow_unsupported_sfp.patch - -# See https://vyos.dev/T6162 -echo "I: add 1000BASE-BX support" -patch -l -p1 < ../../patches/ixgbe/add_1000base-bx_support.patch - -echo "I: Compile Kernel module for Intel ${DRIVER_NAME} driver" -make KSRC=${KERNEL_DIR} INSTALL_MOD_PATH=${DEBIAN_DIR} INSTALL_FW_PATH=${DEBIAN_DIR} -j $(getconf _NPROCESSORS_ONLN) install - -if [ "x$?" != "x0" ]; then - exit 1 -fi - -if [ -f ${DEBIAN_DIR}.deb ]; then - rm ${DEBIAN_DIR}.deb -fi - -# build Debian package -echo "I: Building Debian package vyos-intel-${DRIVER_NAME}" -cd ${CWD} - -# Sign generated Kernel modules -${CWD}/sign-modules.sh ${DEBIAN_DIR} - -# delete non required files which are also present in the kernel package -# und thus lead to duplicated files -find ${DEBIAN_DIR} -name "modules.*" | xargs rm -f - -echo "#!/bin/sh" > ${DEBIAN_POSTINST} -echo "/sbin/depmod -a ${KERNEL_VERSION}${KERNEL_SUFFIX}" >> ${DEBIAN_POSTINST} - -fpm --input-type dir --output-type deb --name vyos-intel-${DRIVER_NAME} \ - --version ${DRIVER_VERSION} --deb-compression gz \ - --maintainer "VyOS Package Maintainers <maintainers@vyos.net>" \ - --description "Vendor based driver for Intel ${DRIVER_NAME}" \ - --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ - --license "GPL2" -C ${DEBIAN_DIR} --after-install ${DEBIAN_POSTINST} - -echo "I: Cleanup ${DRIVER_NAME} source" -cd ${CWD} -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -if [ -d ${DEBIAN_DIR} ]; then - rm -rf ${DEBIAN_DIR} -fi -if [ -f ${DEBIAN_POSTINST} ]; then - rm -f ${DEBIAN_POSTINST} -fi diff --git a/scripts/package-build/linux-kernel/build-intel-ixgbevf.sh b/scripts/package-build/linux-kernel/build-intel-nic.sh index 7d389832..3e8bbb37 100755 --- a/scripts/package-build/linux-kernel/build-intel-ixgbevf.sh +++ b/scripts/package-build/linux-kernel/build-intel-nic.sh @@ -3,7 +3,7 @@ CWD=$(pwd) KERNEL_VAR_FILE=${CWD}/kernel-vars if ! dpkg-architecture -iamd64; then - echo "Intel ixgbevf is only buildable on amd64 platforms" + echo "Intel drivers only buildable on amd64 platforms" exit 0 fi @@ -14,51 +14,39 @@ fi . ${KERNEL_VAR_FILE} -url="https://sourceforge.net/projects/e1000/files/ixgbevf%20stable/4.18.9/ixgbevf-4.18.9.tar.gz" +if [ -z $KERNEL_DIR ]; then + echo "KERNEL_DIR not defined" + exit 1 +fi -cd ${CWD} +DRIVER_NAME=$1 +cd ${CWD}/ethernet-linux-${DRIVER_NAME} +if [ -d .git ]; then + git clean --force -d -x + git reset --hard origin/main +fi -DRIVER_FILE=$(basename ${url} | sed -e s/tar_0/tar/) -DRIVER_DIR="${DRIVER_FILE%.tar.gz}" -DRIVER_NAME="ixgbevf" -DRIVER_VERSION=$(echo ${DRIVER_DIR} | awk -F${DRIVER_NAME} '{print $2}' | sed 's/^-//') -DRIVER_VERSION_EXTRA="" +DRIVER_VERSION=$(git describe | sed s/^v//) # Build up Debian related variables required for packaging DEBIAN_ARCH=$(dpkg --print-architecture) DEBIAN_DIR="${CWD}/vyos-intel-${DRIVER_NAME}_${DRIVER_VERSION}_${DEBIAN_ARCH}" DEBIAN_CONTROL="${DEBIAN_DIR}/DEBIAN/control" -DEBIAN_POSTINST="${CWD}/vyos-intel-ixgbevf.postinst" - -# Fetch Intel driver source from SourceForge -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -curl -L -o ${DRIVER_FILE} ${url} -if [ "$?" -ne "0" ]; then - exit 1 +DEBIAN_POSTINST="${CWD}/vyos-intel-${DRIVER_NAME}.postinst" + +# See https://vyos.dev/T6155 +# See https://vyos.dev/T6162 +PATCH_DIR=${CWD}/patches/${DRIVER_NAME} +if [ -d $PATCH_DIR ]; then + for patch in $(ls ${PATCH_DIR}) + do + echo "I: Apply patch: ${PATCH_DIR}/${patch}" + patch -p1 < ${PATCH_DIR}/${patch} + done fi -# Unpack archive -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -mkdir -p ${DRIVER_DIR} -tar -C ${DRIVER_DIR} --strip-components=1 -xf ${DRIVER_FILE} - -cd ${DRIVER_DIR}/src -if [ -z $KERNEL_DIR ]; then - echo "KERNEL_DIR not defined" - exit 1 -fi - -# See https://lore.kernel.org/lkml/f90837d0-810e-5772-7841-28d47c44d260@intel.com/ -echo "I: remove pci_enable_pcie_error_reporting() code no longer present in Kernel" -sed -i '/.*pci_disable_pcie_error_reporting(pdev);/d' ixgbevf_main.c -sed -i '/.*pci_enable_pcie_error_reporting(pdev);/d' ixgbevf_main.c - echo "I: Compile Kernel module for Intel ${DRIVER_NAME} driver" -make KSRC=${KERNEL_DIR} INSTALL_MOD_PATH=${DEBIAN_DIR} INSTALL_FW_PATH=${DEBIAN_DIR} -j $(getconf _NPROCESSORS_ONLN) install +make KSRC=${KERNEL_DIR} INSTALL_MOD_PATH=${DEBIAN_DIR} INSTALL_FW_PATH=${DEBIAN_DIR} -j $(getconf _NPROCESSORS_ONLN) -C src install if [ "x$?" != "x0" ]; then exit 1 @@ -88,18 +76,3 @@ fpm --input-type dir --output-type deb --name vyos-intel-${DRIVER_NAME} \ --description "Vendor based driver for Intel ${DRIVER_NAME}" \ --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ --license "GPL2" -C ${DEBIAN_DIR} --after-install ${DEBIAN_POSTINST} - -echo "I: Cleanup ${DRIVER_NAME} source" -cd ${CWD} -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -if [ -d ${DEBIAN_DIR} ]; then - rm -rf ${DEBIAN_DIR} -fi -if [ -f ${DEBIAN_POSTINST} ]; then - rm -f ${DEBIAN_POSTINST} -fi diff --git a/scripts/package-build/linux-kernel/build-intel-qat.sh b/scripts/package-build/linux-kernel/build-intel-qat.sh index fb6ccbb5..c2c364a9 100755 --- a/scripts/package-build/linux-kernel/build-intel-qat.sh +++ b/scripts/package-build/linux-kernel/build-intel-qat.sh @@ -101,17 +101,17 @@ fpm --input-type dir --output-type deb --name vyos-intel-${DRIVER_NAME} \ --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ --license "GPL2" -C ${DEBIAN_DIR} --after-install ${DEBIAN_POSTINST} -echo "I: Cleanup ${DRIVER_NAME} source" -cd ${CWD} -if [ -e ${DRIVER_FILE} ]; then - rm -f ${DRIVER_FILE} -fi -if [ -d ${DRIVER_DIR} ]; then - rm -rf ${DRIVER_DIR} -fi -if [ -d ${DEBIAN_DIR} ]; then - rm -rf ${DEBIAN_DIR} -fi -if [ -f ${DEBIAN_POSTINST} ]; then - rm -f ${DEBIAN_POSTINST} -fi +# echo "I: Cleanup ${DRIVER_NAME} source" +# cd ${CWD} +# if [ -e ${DRIVER_FILE} ]; then +# rm -f ${DRIVER_FILE} +# fi +# if [ -d ${DRIVER_DIR} ]; then +# rm -rf ${DRIVER_DIR} +# fi +# if [ -d ${DEBIAN_DIR} ]; then +# rm -rf ${DEBIAN_DIR} +# fi +# if [ -f ${DEBIAN_POSTINST} ]; then +# rm -f ${DEBIAN_POSTINST} +# fi diff --git a/scripts/package-build/linux-kernel/build-ipt-netflow.sh b/scripts/package-build/linux-kernel/build-ipt-netflow.sh new file mode 100755 index 00000000..9245a416 --- /dev/null +++ b/scripts/package-build/linux-kernel/build-ipt-netflow.sh @@ -0,0 +1,69 @@ +#!/bin/sh +CWD=$(pwd) +KERNEL_VAR_FILE=${CWD}/kernel-vars + +IPT_NETFLOW_SRC=${CWD}/ipt-netflow +if [ ! -d ${IPT_NETFLOW_SRC} ]; then + echo "ipt_NETFLOW source not found" + exit 1 +fi + +if [ ! -f ${KERNEL_VAR_FILE} ]; then + echo "Kernel variable file '${KERNEL_VAR_FILE}' does not exist, run ./build_kernel.sh first" + exit 1 +fi + +cd ${IPT_NETFLOW_SRC} +if [ -d .git ]; then + git reset --hard HEAD + git clean --force -d -x +fi + +. ${KERNEL_VAR_FILE} + +DRIVER_VERSION=$(git describe | sed s/^v//) + +# Build up Debian related variables required for packaging +DEBIAN_ARCH=$(dpkg --print-architecture) +DEBIAN_DIR="tmp/" +DEBIAN_CONTROL="${DEBIAN_DIR}/DEBIAN/control" +DEBIAN_POSTINST="${CWD}/vyos-ipt-netflow.postinst" + +./configure --enable-aggregation --kdir=${KERNEL_DIR} +make all + +if [ "x$?" != "x0" ]; then + exit 1 +fi + +if [ -f ${DEBIAN_DIR}.deb ]; then + rm ${DEBIAN_DIR}.deb +fi + +if [ ! -d ${DEBIAN_DIR} ]; then + mkdir -p ${DEBIAN_DIR} +fi + +# build Debian package +echo "I: Building Debian package vyos-ipt-netflow" +cp ipt_NETFLOW.ko ${DEBIAN_DIR} +cp libipt_NETFLOW.so ${DEBIAN_DIR} +cp libip6t_NETFLOW.so ${DEBIAN_DIR} + +# Sign generated Kernel modules +${CWD}/sign-modules.sh ${DEBIAN_DIR} + +echo "#!/bin/sh" > ${DEBIAN_POSTINST} +echo "/sbin/depmod -a ${KERNEL_VERSION}${KERNEL_SUFFIX}" >> ${DEBIAN_POSTINST} + +cd ${CWD} + +fpm --input-type dir --output-type deb --name vyos-ipt-netflow \ + --version ${DRIVER_VERSION} --deb-compression gz \ + --maintainer "VyOS Package Maintainers <maintainers@vyos.net>" \ + --description "ipt_NETFLOW module" \ + --depends linux-image-${KERNEL_VERSION}${KERNEL_SUFFIX} \ + --license "GPL2" -C ${IPT_NETFLOW_SRC}/tmp --after-install ${DEBIAN_POSTINST} \ + ipt_NETFLOW.ko=/lib/modules/${KERNEL_VERSION}${KERNEL_SUFFIX}/extra/ipt_NETFLOW.ko \ + libipt_NETFLOW.so=/lib/$(uname -m)-linux-gnu/xtables/libipt_NETFLOW.so \ + libip6t_NETFLOW.so=/lib/$(uname -m)-linux-gnu/xtables/libip6t_NETFLOW.so diff --git a/scripts/package-build/linux-kernel/build-kernel.sh b/scripts/package-build/linux-kernel/build-kernel.sh index cd9c1054..62dd7829 100755 --- a/scripts/package-build/linux-kernel/build-kernel.sh +++ b/scripts/package-build/linux-kernel/build-kernel.sh @@ -36,12 +36,13 @@ do done # Change name of Signing Cert -sed -i -e "s/CN =.*/CN=VyOS build time autogenerated kernel key/" certs/default_x509.genkey +sed -i -e "s/CN =.*/CN=VyOS Networks build time autogenerated Kernel key/" certs/default_x509.genkey TRUSTED_KEYS_FILE=trusted_keys.pem # start with empty key file echo -n "" > $TRUSTED_KEYS_FILE -CERTS=$(find ../../../data/live-build-config/includes.chroot/var/lib/shim-signed/mok -name "*.pem" -type f || true) +GIT_ROOT=$(git rev-parse --show-toplevel) +CERTS=$(find ${GIT_ROOT}/data/certificates -name "*.pem" -type f || true) if [ ! -z "${CERTS}" ]; then # add known public keys to Kernel certificate chain for file in $CERTS; do diff --git a/scripts/package-build/linux-kernel/build-realtek-r8152.py b/scripts/package-build/linux-kernel/build-realtek-r8152.py new file mode 100755 index 00000000..0113eafc --- /dev/null +++ b/scripts/package-build/linux-kernel/build-realtek-r8152.py @@ -0,0 +1,95 @@ +#!/usr/bin/env python3 + +import os +from tomllib import loads as toml_loads +from requests import get +from pathlib import Path +from subprocess import run + +CWD = os.getcwd() + +# dependency modifier +def add_depends(package_dir: str, package_name: str, + depends: list[str]) -> None: + """Add dependencies to a package + Args: + package_dir (str): a directory where package sources are located + package_name (str): a name of package + depends (list[str]): a list of dependencies to add + """ + depends_list: str = ', '.join(depends) + depends_line: str = f'misc:Depends={depends_list}\n' + + substvars_file = Path(f'{package_dir}/debian/{package_name}.substvars') + substvars_file.write_text(depends_line) + + +# find kernel version and source path +defaults_file: str = Path('../../../data/defaults.toml').read_text() +architecture_file: str = Path('../../../data/architectures/amd64.toml').read_text() +KERNEL_VER: str = toml_loads(defaults_file).get('kernel_version') +KERNEL_FLAVOR: str = toml_loads(defaults_file).get('kernel_flavor') +KERNEL_SRC: str = Path.cwd().as_posix() + '/linux' +# define variables +PACKAGE_NAME: str = 'vyos-drivers-realtek-r8152' +PACKAGE_VERSION: str = '2.18.1' +PACKAGE_DIR: str = f'{PACKAGE_NAME}-{PACKAGE_VERSION}' +SOURCES_ARCHIVE: str = 'r8152-2.18.1.tar.bz2' +SOURCES_URL: str = f'https://packages.vyos.net/source-mirror/r8152-2.18.1.tar.bz2' + +# download sources +sources_archive = Path(SOURCES_ARCHIVE) +sources_archive.write_bytes(get(SOURCES_URL).content) + +# prepare sources +debmake_cmd: list[str] = [ + 'debmake', '-e', 'support@vyos.io', '-f', 'VyOS Support', '-p', + PACKAGE_NAME, '-u', PACKAGE_VERSION, '-a', SOURCES_ARCHIVE +] +run(debmake_cmd) + +# add kernel to dependencies +add_depends(PACKAGE_DIR, PACKAGE_NAME, + [f'linux-image-{KERNEL_VER}-{KERNEL_FLAVOR}']) + +# configure build rules +build_rules_text: str = '''#!/usr/bin/make -f +# config +export KERNELDIR := {KERNEL_SRC} +PACKAGE_BUILD_DIR := debian/{PACKAGE_NAME} +KVER := {KERNEL_VER}-{KERNEL_FLAVOR} +MODULES_DIR := updates/drivers/net/usb +# main packaging script based on dh7 syntax +%: +\tdh $@ + +override_dh_clean: +\tdh_clean --exclude=debian/{PACKAGE_NAME}.substvars + +override_dh_prep: +\tdh_prep --exclude=debian/{PACKAGE_NAME}.substvars + +override_dh_auto_clean: +\tmake clean + +override_dh_auto_build: +\techo "KERNELDIR=${{KERNELDIR}}" +\techo "CURDIR=${{CURDIR}}" +\tmake -C ${{KERNELDIR}} M=${{CURDIR}} modules + +override_dh_auto_install: +\tinstall -D -m 644 r8152.ko ${{PACKAGE_BUILD_DIR}}/lib/modules/${{KVER}}/${{MODULES_DIR}}/r8152.ko +\t${{KERNELDIR}}/../sign-modules.sh ${{PACKAGE_BUILD_DIR}}/lib +\tinstall -D -m 644 50-usb-realtek-net.rules ${{PACKAGE_BUILD_DIR}}/etc/udev/rules.d/50-usb-realtek-net.rules +'''.format(KERNEL_SRC=KERNEL_SRC, PACKAGE_NAME=PACKAGE_NAME, KERNEL_VER=KERNEL_VER, KERNEL_FLAVOR=KERNEL_FLAVOR) + +build_rules_path = Path(f'{PACKAGE_DIR}/debian/rules') +build_rules_path.write_text(build_rules_text, encoding='utf-8') + +# build a package +debuild_cmd: list[str] = ['debuild'] +run(debuild_cmd, cwd=PACKAGE_DIR, check=True) + +# Sign generated Kernel modules +clean_cmd: list[str] = ['rm', '-rf', PACKAGE_DIR] +run(clean_cmd, cwd=CWD, check=True) diff --git a/scripts/package-build/linux-kernel/build.py b/scripts/package-build/linux-kernel/build.py index 318cb0ce..6fa6af35 100755 --- a/scripts/package-build/linux-kernel/build.py +++ b/scripts/package-build/linux-kernel/build.py @@ -37,6 +37,7 @@ def ensure_dependencies(dependencies: list) -> None: return print("I: Ensure Debian build dependencies are met") + run(['sudo', 'apt-get', 'update'], check=True) run(['sudo', 'apt-get', 'install', '-y'] + dependencies, check=True) @@ -63,6 +64,40 @@ def clone_or_update_repo(repo_dir: Path, scm_url: str, commit_id: str) -> None: run(['git', 'checkout', commit_id], cwd=repo_dir, check=True) +def create_tarball(package_name, source_dir=None): + """Creates a .tar.gz archive of the specified directory. + + Args: + package_name (str): The name of the package. This will also be the name of the output tarball. + source_dir (str, optional): The directory to be archived. If not provided, defaults to `package_name`. + + Raises: + FileNotFoundError: If the specified `source_dir` does not exist. + Exception: If an error occurs during tarball creation. + + Example: + >>> create_tarball("linux-6.6.56") + I: Tarball created: linux-6.6.56.tar.gz + + >>> create_tarball("my-package", "/path/to/source") + I: Tarball created: my-package.tar.gz + """ + # Use package_name as the source directory if source_dir is not provided + source_dir = source_dir or package_name + output_tarball = f"{package_name}.tar.gz" + + # Check if the source directory exists + if not os.path.isdir(source_dir): + raise FileNotFoundError(f"Directory '{source_dir}' does not exist.") + + # Create the tarball + try: + shutil.make_archive(base_name=output_tarball.replace('.tar.gz', ''), format='gztar', root_dir=source_dir) + print(f"I: Tarball created: {output_tarball}") + except Exception as e: + print(f"I: Failed to create tarball for {package_name}: {e}") + + def build_package(package: dict, dependencies: list) -> None: """Build a package from the repository @@ -78,9 +113,6 @@ def build_package(package: dict, dependencies: list) -> None: # Clone or update the repository #clone_or_update_repo(repo_dir, package['scm_url'], package['commit_id']) - # Ensure dependencies - #ensure_dependencies(dependencies) - # Prepare the package if required #if package.get('prepare_package', False): # prepare_package(repo_dir, package.get('install_data', '')) @@ -88,22 +120,32 @@ def build_package(package: dict, dependencies: list) -> None: # Execute the build command if package['build_cmd'] == 'build_kernel': build_kernel(package['kernel_version']) + create_tarball(f'{package["name"]}-{package["kernel_version"]}', f'linux-{package["kernel_version"]}') elif package['build_cmd'] == 'build_linux_firmware': build_linux_firmware(package['commit_id'], package['scm_url']) + create_tarball(f'{package["name"]}-{package["commit_id"]}', f'{package["name"]}') elif package['build_cmd'] == 'build_accel_ppp': build_accel_ppp(package['commit_id'], package['scm_url']) + create_tarball(f'{package["name"]}-{package["commit_id"]}', f'{package["name"]}') elif package['build_cmd'] == 'build_intel_qat': build_intel_qat() + elif package['build_cmd'] == 'build_intel_igb': + build_intel(package['name'], package['commit_id'], package['scm_url']) elif package['build_cmd'] == 'build_intel_ixgbe': - build_intel_ixgbe() + build_intel(package['name'], package['commit_id'], package['scm_url']) elif package['build_cmd'] == 'build_intel_ixgbevf': - build_intel_ixgbevf() + build_intel(package['name'], package['commit_id'], package['scm_url']) elif package['build_cmd'] == 'build_mellanox_ofed': build_mellanox_ofed() + elif package['build_cmd'] == 'build_realtek_r8152': + build_realtek_r8152() elif package['build_cmd'] == 'build_jool': build_jool() + elif package['build_cmd'] == 'build_ipt_netflow': + build_ipt_netflow(package['commit_id'], package['scm_url']) elif package['build_cmd'] == 'build_openvpn_dco': build_openvpn_dco(package['commit_id'], package['scm_url']) + create_tarball(f'{package["name"]}-{package["commit_id"]}', f'{package["name"]}') elif package['build_cmd'] == 'build_nat_rtsp': build_nat_rtsp(package['commit_id'], package['scm_url']) else: @@ -175,14 +217,11 @@ def build_intel_qat(): run(['./build-intel-qat.sh'], check=True) -def build_intel_ixgbe(): - """Build Intel IXGBE""" - run(['./build-intel-ixgbe.sh'], check=True) - - -def build_intel_ixgbevf(): - """Build Intel IXGBEVF""" - run(['./build-intel-ixgbevf.sh'], check=True) +def build_intel(driver_name: str, commit_id: str, scm_url: str): + """Build Intel driver from Git repository""" + repo_dir = Path(f'ethernet-linux-{driver_name}') + clone_or_update_repo(repo_dir, scm_url, commit_id) + run(['./build-intel-nic.sh', driver_name], check=True) def build_mellanox_ofed(): @@ -190,10 +229,20 @@ def build_mellanox_ofed(): run(['sudo', './build-mellanox-ofed.sh'], check=True) +def build_realtek_r8152(): + """Build Realtek r8152""" + run(['sudo', './build-realtek-r8152.py'], check=True) + + def build_jool(): """Build Jool""" run(['echo y | ./build-jool.py'], check=True, shell=True) +def build_ipt_netflow(commit_id, scm_url): + """Build ipt_NETFLOW""" + repo_dir = Path('ipt-netflow') + clone_or_update_repo(repo_dir, scm_url, commit_id) + run(['./build-ipt-netflow.sh'], check=True, shell=True) def build_openvpn_dco(commit_id, scm_url): """Build OpenVPN DCO""" @@ -224,6 +273,11 @@ if __name__ == '__main__': with open(defaults_path, 'r') as file: defaults = toml.load(file) + # Load global dependencies + global_dependencies = config.get('dependencies', {}).get('packages', []) + if global_dependencies: + ensure_dependencies(global_dependencies) + packages = config['packages'] # Filter packages if specific packages are specified in the arguments diff --git a/scripts/package-build/linux-kernel/package.toml b/scripts/package-build/linux-kernel/package.toml index 44102298..b98bcd2f 100644 --- a/scripts/package-build/linux-kernel/package.toml +++ b/scripts/package-build/linux-kernel/package.toml @@ -22,7 +22,6 @@ commit_id = "1.13.0" scm_url = "https://github.com/accel-ppp/accel-ppp.git" build_cmd = "build_accel_ppp" - [[packages]] name = "ovpn-dco" commit_id = "v0.2.20231117" @@ -35,7 +34,6 @@ commit_id = "475af0a" scm_url = "https://github.com/maru-sama/rtsp-linux.git" build_cmd = "build_nat_rtsp" - [[packages]] name = "qat" commit_id = "" @@ -43,15 +41,21 @@ scm_url = "" build_cmd = "build_intel_qat" [[packages]] +name = "igb" +commit_id = "v5.18.7" +scm_url = "https://github.com/intel/ethernet-linux-igb" +build_cmd = "build_intel_igb" + +[[packages]] name = "ixgbe" -commit_id = "" -scm_url = "" +commit_id = "v6.0.5" +scm_url = "https://github.com/intel/ethernet-linux-ixgbe" build_cmd = "build_intel_ixgbe" [[packages]] name = "ixgbevf" -commit_id = "" -scm_url = "" +commit_id = "v5.0.2" +scm_url = "http://github.com/intel/ethernet-linux-ixgbevf" build_cmd = "build_intel_ixgbevf" [[packages]] @@ -65,3 +69,57 @@ name = "mlnx" commit_id = "" scm_url = "" build_cmd = "build_mellanox_ofed" + +[[packages]] +name = "realtek-r8152" +commit_id = "" +scm_url = "" +build_cmd = "build_realtek_r8152" + +[[packages]] +name = "ipt-netflow" +commit_id = "0eb2092e93" +scm_url = "https://github.com/aabc/ipt-netflow" +build_cmd = "build_ipt_netflow" + +[dependencies] +packages = [ + "cmake", + "gnupg2", + "rsync", + "libelf-dev", + "libncurses5-dev", + "flex", + "bison", + "bc", + "kmod", + "cpio", + "dwarves", + "nasm", + "rdfind", + "pciutils", + "yasm", + "libudev-dev", + "ruby", + "ruby-dev", + "rubygems", + "build-essential", + "libdw-dev", + "libunwind-dev", + "systemtap-sdt-dev", + "libslang2-dev", + "python-dev-is-python3", + "libzstd-dev", + "libcap-dev", + "libnuma-dev", + "libbabeltrace-ctf-dev", + "libpfm4-dev", + "libtraceevent-dev", + "liblua5.3-dev", + "libssl3", + "libssl-dev", + "libpcre3-dev", + "libnl-genl-3-dev", + "libxtables-dev", + "asciidoc-base" +] diff --git a/scripts/package-build/linux-kernel/patches/accel-ppp/0002-Radius-Dns-Server-IPv6-Address.patch b/scripts/package-build/linux-kernel/patches/accel-ppp/0002-Radius-Dns-Server-IPv6-Address.patch new file mode 100644 index 00000000..a8991801 --- /dev/null +++ b/scripts/package-build/linux-kernel/patches/accel-ppp/0002-Radius-Dns-Server-IPv6-Address.patch @@ -0,0 +1,195 @@ +From: Ben Hardill <ben@hardill.me.uk> +Date: Tue, 13 Mar 2025 05:00:00 +0000 +Subject: [PATCH] PPPoE: IPv6 DNS from Radius - managing the DNS-Server-IPv6-Address attribute + +Patch authored by Ben Hardill from +https://github.com/accel-ppp/accel-ppp/pull/69 +--- +diff --git a/accel-pppd/include/ap_session.h b/accel-pppd/include/ap_session.h +index 70515133..507eae04 100644 +--- a/accel-pppd/include/ap_session.h ++++ b/accel-pppd/include/ap_session.h +@@ -84,6 +84,7 @@ struct ap_session + struct ipv4db_item_t *ipv4; + struct ipv6db_item_t *ipv6; + struct ipv6db_prefix_t *ipv6_dp; ++ struct ipv6db_item_t *ipv6_dns; + char *ipv4_pool_name; + char *ipv6_pool_name; + char *dpv6_pool_name; +diff --git a/accel-pppd/ipv6/dhcpv6.c b/accel-pppd/ipv6/dhcpv6.c +index 158771b1..1ef48132 100644 +--- a/accel-pppd/ipv6/dhcpv6.c ++++ b/accel-pppd/ipv6/dhcpv6.c +@@ -214,19 +214,41 @@ static void insert_status(struct dhcpv6_packet *pkt, struct dhcpv6_option *opt, + status->code = htons(code); + } + +-static void insert_oro(struct dhcpv6_packet *reply, struct dhcpv6_option *opt) ++static void insert_oro(struct dhcpv6_packet *reply, struct dhcpv6_option *opt, struct ap_session *ses) + { + struct dhcpv6_option *opt1; +- int i, j; ++ int i = 0, j = 0, k = 0; + uint16_t *ptr; + struct in6_addr addr, *addr_ptr; ++ struct ipv6db_addr_t *dns; + + for (i = ntohs(opt->hdr->len) / 2, ptr = (uint16_t *)opt->hdr->data; i; i--, ptr++) { + if (ntohs(*ptr) == D6_OPTION_DNS_SERVERS) { +- if (conf_dns_count) { +- opt1 = dhcpv6_option_alloc(reply, D6_OPTION_DNS_SERVERS, conf_dns_count * sizeof(addr)); +- for (j = 0, addr_ptr = (struct in6_addr *)opt1->hdr->data; j < conf_dns_count; j++, addr_ptr++) +- memcpy(addr_ptr, conf_dns + j, sizeof(addr)); ++ if (ses->ipv6_dns && !list_empty(&ses->ipv6_dns->addr_list)) { ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ j++; ++ } ++ if (j >= 3) { ++ j = 3; ++ } ++ opt1 = dhcpv6_option_alloc(reply, D6_OPTION_DNS_SERVERS, j * sizeof(addr)); ++ addr_ptr = (struct in6_addr *)opt1->hdr->data; ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ if (k < j) { ++ memcpy(addr_ptr, &dns->addr, sizeof(addr)); ++ k++; ++ addr_ptr++; ++ } else { ++ break; ++ } ++ } ++ ++ } else { ++ if (conf_dns_count) { ++ opt1 = dhcpv6_option_alloc(reply, D6_OPTION_DNS_SERVERS, conf_dns_count * sizeof(addr)); ++ for (j = 0, addr_ptr = (struct in6_addr *)opt1->hdr->data; j < conf_dns_count; j++, addr_ptr++) ++ memcpy(addr_ptr, conf_dns + j, sizeof(addr)); ++ } + } + } else if (ntohs(*ptr) == D6_OPTION_DOMAIN_LIST) { + if (conf_dnssl_size) { +@@ -434,7 +456,10 @@ static void dhcpv6_send_reply(struct dhcpv6_packet *req, struct dhcpv6_pd *pd, i + + // Option Request + } else if (ntohs(opt->hdr->code) == D6_OPTION_ORO) { +- insert_oro(reply, opt); ++ if (ses->ipv6_dns &&!list_empty(&ses->ipv6_dns->addr_list)) { ++ log_ppp_info2("User specific IPv6 DNS entries\n"); ++ } ++ insert_oro(reply, opt, ses); + + } else if (ntohs(opt->hdr->code) == D6_OPTION_RAPID_COMMIT) { + if (req->hdr->type == D6_SOLICIT) +@@ -594,7 +619,7 @@ static void dhcpv6_send_reply2(struct dhcpv6_packet *req, struct dhcpv6_pd *pd, + } + // Option Request + } else if (ntohs(opt->hdr->code) == D6_OPTION_ORO) +- insert_oro(reply, opt); ++ insert_oro(reply, opt, ses); + } + + opt1 = dhcpv6_option_alloc(reply, D6_OPTION_PREFERENCE, 1); +diff --git a/accel-pppd/ipv6/nd.c b/accel-pppd/ipv6/nd.c +index 297e4d63..b3054274 100644 +--- a/accel-pppd/ipv6/nd.c ++++ b/accel-pppd/ipv6/nd.c +@@ -174,7 +174,32 @@ static void ipv6_nd_send_ra(struct ipv6_nd_handler_t *h, struct sockaddr_in6 *ds + rinfo++; + }*/ + +- if (conf_dns_count) { ++ if (ses->ipv6_dns && !list_empty(&ses->ipv6_dns->addr_list)) { ++ int i = 0, j = 0; ++ struct ipv6db_addr_t *dns; ++ ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ i++; ++ } ++ if (i >= 3) { ++ i = 3; ++ } ++ rdnssinfo = (struct nd_opt_rdnss_info_local *)pinfo; ++ memset(rdnssinfo, 0, sizeof(*rdnssinfo)); ++ rdnssinfo->nd_opt_rdnssi_type = ND_OPT_RDNSS_INFORMATION; ++ rdnssinfo->nd_opt_rdnssi_len = 1 + 2 * i; ++ rdnssinfo->nd_opt_rdnssi_lifetime = htonl(conf_rdnss_lifetime); ++ rdnss_addr = (struct in6_addr *)rdnssinfo->nd_opt_rdnssi; ++ list_for_each_entry(dns, &ses->ipv6_dns->addr_list, entry) { ++ if (j < i) { ++ memcpy(rdnss_addr, &dns->addr, sizeof(*rdnss_addr)); ++ j++; ++ rdnss_addr++; ++ } else { ++ break; ++ } ++ } ++ } else if (conf_dns_count) { + rdnssinfo = (struct nd_opt_rdnss_info_local *)pinfo; + memset(rdnssinfo, 0, sizeof(*rdnssinfo)); + rdnssinfo->nd_opt_rdnssi_type = ND_OPT_RDNSS_INFORMATION; +diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c +index 786faa56..1379b0b2 100644 +--- a/accel-pppd/radius/radius.c ++++ b/accel-pppd/radius/radius.c +@@ -403,6 +403,12 @@ int rad_proc_attrs(struct rad_req_t *req) + case Framed_IPv6_Route: + rad_add_framed_ipv6_route(attr->val.string, rpd); + break; ++ case DNS_Server_IPv6_Address: ++ a = _malloc(sizeof(*a)); ++ memset(a, 0, sizeof(*a)); ++ a->addr = attr->val.ipv6addr; ++ list_add_tail(&a->entry, &rpd->ipv6_dns.addr_list); ++ break; + } + } + +@@ -420,6 +426,9 @@ int rad_proc_attrs(struct rad_req_t *req) + if (!rpd->ses->ipv6_dp && !list_empty(&rpd->ipv6_dp.prefix_list)) + rpd->ses->ipv6_dp = &rpd->ipv6_dp; + ++ if (!rpd->ses->ipv6_dns && !list_empty(&rpd->ipv6_dns.addr_list)) ++ rpd->ses->ipv6_dns = &rpd->ipv6_dns; ++ + return res; + } + +@@ -584,10 +593,12 @@ static void ses_starting(struct ap_session *ses) + INIT_LIST_HEAD(&rpd->plugin_list); + INIT_LIST_HEAD(&rpd->ipv6_addr.addr_list); + INIT_LIST_HEAD(&rpd->ipv6_dp.prefix_list); ++ INIT_LIST_HEAD(&rpd->ipv6_dns.addr_list); + + rpd->ipv4_addr.owner = &ipdb; + rpd->ipv6_addr.owner = &ipdb; + rpd->ipv6_dp.owner = &ipdb; ++ rpd->ipv6_dns.owner = &ipdb; + + list_add_tail(&rpd->pd.entry, &ses->pd_list); + +@@ -764,6 +775,12 @@ static void ses_finished(struct ap_session *ses) + _free(a); + } + ++ while (!list_empty(&rpd->ipv6_dns.addr_list)) { ++ a = list_entry(rpd->ipv6_dns.addr_list.next, typeof(*a), entry); ++ list_del(&a->entry); ++ _free(a); ++ } ++ + fr6 = rpd->fr6; + while (fr6) { + struct framed_ip6_route *next = fr6->next; +diff --git a/accel-pppd/radius/radius_p.h b/accel-pppd/radius/radius_p.h +index 988f154f..eaa5acb0 100644 +--- a/accel-pppd/radius/radius_p.h ++++ b/accel-pppd/radius/radius_p.h +@@ -65,6 +65,7 @@ struct radius_pd_t { + struct ipv4db_item_t ipv4_addr; + struct ipv6db_item_t ipv6_addr; + struct ipv6db_prefix_t ipv6_dp; ++ struct ipv6db_item_t ipv6_dns; + int acct_interim_interval; + int acct_interim_jitter; + diff --git a/scripts/package-build/linux-kernel/patches/ixgbe/allow_unsupported_sfp.patch b/scripts/package-build/linux-kernel/patches/ixgbe/0001-ixgbe-always-enable-support-for-unsupported-SFP-modu.patch index 647fe4d5..3f2cbb4f 100644 --- a/scripts/package-build/linux-kernel/patches/ixgbe/allow_unsupported_sfp.patch +++ b/scripts/package-build/linux-kernel/patches/ixgbe/0001-ixgbe-always-enable-support-for-unsupported-SFP-modu.patch @@ -1,16 +1,16 @@ -From 4f6c1dc3c48a1b2fa7c06206e6366bcfaa33f3f7 Mon Sep 17 00:00:00 2001 +From a3ebb453f4a8c95fe3674d09646edb93946d450a Mon Sep 17 00:00:00 2001 From: Christian Breunig <christian@breunig.cc> -Date: Fri, 22 Mar 2024 11:33:27 +0000 +Date: Sat, 15 Feb 2025 09:17:10 +0100 Subject: [PATCH] ixgbe: always enable support for unsupported SFP+ modules --- - ixgbe_param.c | 10 +++++++--- + src/ixgbe_param.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) -diff --git a/ixgbe_param.c b/ixgbe_param.c -index 71197b7..dac33ca 100644 ---- a/ixgbe_param.c -+++ b/ixgbe_param.c +diff --git a/src/ixgbe_param.c b/src/ixgbe_param.c +index bba03ae..3f29492 100644 +--- a/src/ixgbe_param.c ++++ b/src/ixgbe_param.c @@ -307,7 +307,7 @@ IXGBE_PARAM(LRO, "Large Receive Offload (0,1), default 0 = off"); * Default Value: 0 */ @@ -20,7 +20,7 @@ index 71197b7..dac33ca 100644 /* Enable/disable support for DMA coalescing * -@@ -1133,8 +1133,8 @@ void ixgbe_check_options(struct ixgbe_adapter *adapter) +@@ -1135,8 +1135,8 @@ void ixgbe_check_options(struct ixgbe_adapter *adapter) struct ixgbe_option opt = { .type = enable_option, .name = "allow_unsupported_sfp", @@ -31,7 +31,7 @@ index 71197b7..dac33ca 100644 }; #ifdef module_param_array if (num_allow_unsupported_sfp > bd) { -@@ -1150,7 +1150,11 @@ void ixgbe_check_options(struct ixgbe_adapter *adapter) +@@ -1152,7 +1152,11 @@ void ixgbe_check_options(struct ixgbe_adapter *adapter) } #ifdef module_param_array } else { @@ -44,5 +44,5 @@ index 71197b7..dac33ca 100644 #endif } -- -2.39.2 +2.39.5 diff --git a/scripts/package-build/linux-kernel/patches/ixgbe/add_1000base-bx_support.patch b/scripts/package-build/linux-kernel/patches/ixgbe/0002-BACKPORT-linux-v6.9-PATCH-ixgbe-Add-1000BASE-BX-supp.patch index 6c536c38..924c248b 100644 --- a/scripts/package-build/linux-kernel/patches/ixgbe/add_1000base-bx_support.patch +++ b/scripts/package-build/linux-kernel/patches/ixgbe/0002-BACKPORT-linux-v6.9-PATCH-ixgbe-Add-1000BASE-BX-supp.patch @@ -1,7 +1,7 @@ -From 02491fc5cb9bfd0905cfa481d3a6156167fa1720 Mon Sep 17 00:00:00 2001 -From: Ernesto Castellotti <ernesto@castellotti.net> -Date: Sat, 23 Mar 2024 12:57:56 +0100 -Subject: [BACKPORT linux v6.9] [PATCH] ixgbe: Add 1000BASE-BX support +From 0ef6088d0d93fcda7adee59fe675f96bcae36c13 Mon Sep 17 00:00:00 2001 +From: Christian Breunig <christian@breunig.cc> +Date: Sat, 15 Feb 2025 09:17:35 +0100 +Subject: [PATCH] [BACKPORT linux v6.9] [PATCH] ixgbe: Add 1000BASE-BX support Added support for 1000BASE-BX, i.e. Gigabit Ethernet over single strand of single-mode fiber. @@ -94,17 +94,17 @@ Signed-off-by: Tony Nguyen <anthony.l.nguyen@intel.com> Link: https://lore.kernel.org/r/20240301184806.2634508-3-anthony.l.nguyen@intel.com Signed-off-by: Jakub Kicinski <kuba@kernel.org> --- - ixgbe_82599.c | 4 +++- - ixgbe_ethtool.c | 4 ++++ - ixgbe_phy.c | 33 +++++++++++++++++++++++++++++---- - ixgbe_phy.h | 2 ++ - ixgbe_type.h | 2 ++ + src/ixgbe_82599.c | 4 +++- + src/ixgbe_ethtool.c | 4 ++++ + src/ixgbe_phy.c | 33 +++++++++++++++++++++++++++++---- + src/ixgbe_phy.h | 2 ++ + src/ixgbe_type.h | 2 ++ 5 files changed, 40 insertions(+), 5 deletions(-) -diff --git a/ixgbe_82599.c b/ixgbe_82599.c -index 75e368f..b0a10de 100644 ---- a/ixgbe_82599.c -+++ b/ixgbe_82599.c +diff --git a/src/ixgbe_82599.c b/src/ixgbe_82599.c +index c95fc4f..a5c74df 100644 +--- a/src/ixgbe_82599.c ++++ b/src/ixgbe_82599.c @@ -395,7 +395,9 @@ s32 ixgbe_get_link_capabilities_82599(struct ixgbe_hw *hw, hw->phy.sfp_type == ixgbe_sfp_type_1g_lx_core0 || hw->phy.sfp_type == ixgbe_sfp_type_1g_lx_core1 || @@ -116,10 +116,10 @@ index 75e368f..b0a10de 100644 *speed = IXGBE_LINK_SPEED_1GB_FULL; *autoneg = true; goto out; -diff --git a/ixgbe_ethtool.c b/ixgbe_ethtool.c -index 7ada455..fb16f3c 100644 ---- a/ixgbe_ethtool.c -+++ b/ixgbe_ethtool.c +diff --git a/src/ixgbe_ethtool.c b/src/ixgbe_ethtool.c +index e983035..7dc9343 100644 +--- a/src/ixgbe_ethtool.c ++++ b/src/ixgbe_ethtool.c @@ -412,6 +412,8 @@ static int ixgbe_get_link_ksettings(struct net_device *netdev, case ixgbe_sfp_type_1g_sx_core1: case ixgbe_sfp_type_1g_lx_core0: @@ -138,11 +138,11 @@ index 7ada455..fb16f3c 100644 ecmd->supported |= SUPPORTED_FIBRE; ecmd->advertising |= ADVERTISED_FIBRE; ecmd->port = PORT_FIBRE; -diff --git a/ixgbe_phy.c b/ixgbe_phy.c -index 647fdba..0f39fd8 100644 ---- a/ixgbe_phy.c -+++ b/ixgbe_phy.c -@@ -1266,6 +1266,7 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) +diff --git a/src/ixgbe_phy.c b/src/ixgbe_phy.c +index 3d99a88..3632234 100644 +--- a/src/ixgbe_phy.c ++++ b/src/ixgbe_phy.c +@@ -1268,6 +1268,7 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) u8 comp_codes_1g = 0; u8 comp_codes_10g = 0; u8 oui_bytes[3] = {0, 0, 0}; @@ -150,7 +150,7 @@ index 647fdba..0f39fd8 100644 u8 cable_tech = 0; u8 cable_spec = 0; u16 enforce_sfp = 0; -@@ -1309,6 +1310,12 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) +@@ -1311,6 +1312,12 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) IXGBE_SFF_CABLE_TECHNOLOGY, &cable_tech); @@ -163,7 +163,7 @@ index 647fdba..0f39fd8 100644 if (status != IXGBE_SUCCESS) goto err_read_i2c_eeprom; -@@ -1391,6 +1398,18 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) +@@ -1393,6 +1400,18 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) else hw->phy.sfp_type = ixgbe_sfp_type_1g_lx_core1; @@ -182,7 +182,7 @@ index 647fdba..0f39fd8 100644 } else { hw->phy.sfp_type = ixgbe_sfp_type_unknown; } -@@ -1481,7 +1500,9 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) +@@ -1483,7 +1502,9 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) hw->phy.sfp_type == ixgbe_sfp_type_1g_lx_core0 || hw->phy.sfp_type == ixgbe_sfp_type_1g_lx_core1 || hw->phy.sfp_type == ixgbe_sfp_type_1g_sx_core0 || @@ -193,7 +193,7 @@ index 647fdba..0f39fd8 100644 hw->phy.type = ixgbe_phy_sfp_unsupported; status = IXGBE_ERR_SFP_NOT_SUPPORTED; goto out; -@@ -1500,7 +1521,9 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) +@@ -1502,7 +1523,9 @@ s32 ixgbe_identify_sfp_module_generic(struct ixgbe_hw *hw) hw->phy.sfp_type == ixgbe_sfp_type_1g_lx_core0 || hw->phy.sfp_type == ixgbe_sfp_type_1g_lx_core1 || hw->phy.sfp_type == ixgbe_sfp_type_1g_sx_core0 || @@ -204,7 +204,7 @@ index 647fdba..0f39fd8 100644 /* Make sure we're a supported PHY type */ if (hw->phy.type == ixgbe_phy_sfp_intel) { status = IXGBE_SUCCESS; -@@ -1819,12 +1842,14 @@ s32 ixgbe_get_sfp_init_sequence_offsets(struct ixgbe_hw *hw, +@@ -1821,12 +1844,14 @@ s32 ixgbe_get_sfp_init_sequence_offsets(struct ixgbe_hw *hw, if (sfp_type == ixgbe_sfp_type_da_act_lmt_core0 || sfp_type == ixgbe_sfp_type_1g_lx_core0 || sfp_type == ixgbe_sfp_type_1g_cu_core0 || @@ -221,10 +221,10 @@ index 647fdba..0f39fd8 100644 sfp_type = ixgbe_sfp_type_srlr_core1; /* Read offset to PHY init contents */ -diff --git a/ixgbe_phy.h b/ixgbe_phy.h -index 3ece00f..60c7574 100644 ---- a/ixgbe_phy.h -+++ b/ixgbe_phy.h +diff --git a/src/ixgbe_phy.h b/src/ixgbe_phy.h +index b6ddb2e..29c4645 100644 +--- a/src/ixgbe_phy.h ++++ b/src/ixgbe_phy.h @@ -18,6 +18,7 @@ #define IXGBE_SFF_1GBE_COMP_CODES 0x6 #define IXGBE_SFF_10GBE_COMP_CODES 0x3 @@ -241,11 +241,11 @@ index 3ece00f..60c7574 100644 #define IXGBE_SFF_10GBASESR_CAPABLE 0x10 #define IXGBE_SFF_10GBASELR_CAPABLE 0x20 #define IXGBE_SFF_SOFT_RS_SELECT_MASK 0x8 -diff --git a/ixgbe_type.h b/ixgbe_type.h -index d85bd9b..fbe2e66 100644 ---- a/ixgbe_type.h -+++ b/ixgbe_type.h -@@ -3705,6 +3705,8 @@ enum ixgbe_sfp_type { +diff --git a/src/ixgbe_type.h b/src/ixgbe_type.h +index 1700599..403687c 100644 +--- a/src/ixgbe_type.h ++++ b/src/ixgbe_type.h +@@ -3722,6 +3722,8 @@ enum ixgbe_sfp_type { ixgbe_sfp_type_1g_sx_core1 = 12, ixgbe_sfp_type_1g_lx_core0 = 13, ixgbe_sfp_type_1g_lx_core1 = 14, @@ -255,5 +255,5 @@ index d85bd9b..fbe2e66 100644 ixgbe_sfp_type_unknown = 0xFFFF }; -- -2.44.0 +2.39.5 diff --git a/scripts/package-build/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch b/scripts/package-build/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch index bedcec6e..107fdc67 100644 --- a/scripts/package-build/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch +++ b/scripts/package-build/linux-kernel/patches/kernel/0001-linkstate-ip-device-attribute.patch @@ -6,6 +6,7 @@ Subject: [PATCH] VyOS: Add linkstate IP device attribute Backport of earlier Vyatta patch. (cherry picked from commit 7c5a851086686be14ae937c80d6cee34814dbefc) + --- Documentation/networking/ip-sysctl.rst | 11 +++++++++++ include/linux/inetdevice.h | 1 + @@ -88,10 +89,10 @@ index cf592d7b630f..e8915701aa73 100644 }; diff --git a/net/ipv4/devinet.c b/net/ipv4/devinet.c -index bc74f131fe4d..9cdd5b50f9b2 100644 +index c33b1ecc591e..7576d51cd16d 100644 --- a/net/ipv4/devinet.c +++ b/net/ipv4/devinet.c -@@ -2595,6 +2595,7 @@ static struct devinet_sysctl_table { +@@ -2609,6 +2609,7 @@ static struct devinet_sysctl_table { "route_localnet"), DEVINET_SYSCTL_FLUSHING_ENTRY(DROP_UNICAST_IN_L2_MULTICAST, "drop_unicast_in_l2_multicast"), @@ -100,10 +101,10 @@ index bc74f131fe4d..9cdd5b50f9b2 100644 }; diff --git a/net/ipv6/addrconf.c b/net/ipv6/addrconf.c -index a9358c796a81..7e39846f556b 100644 +index bb9add46e382..20346b1dd103 100644 --- a/net/ipv6/addrconf.c +++ b/net/ipv6/addrconf.c -@@ -5657,6 +5657,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, +@@ -5674,6 +5674,7 @@ static inline void ipv6_store_devconf(struct ipv6_devconf *cnf, array[DEVCONF_NDISC_EVICT_NOCARRIER] = cnf->ndisc_evict_nocarrier; array[DEVCONF_ACCEPT_UNTRACKED_NA] = cnf->accept_untracked_na; array[DEVCONF_ACCEPT_RA_MIN_LFT] = cnf->accept_ra_min_lft; @@ -111,7 +112,7 @@ index a9358c796a81..7e39846f556b 100644 } static inline size_t inet6_ifla6_size(void) -@@ -7086,6 +7087,13 @@ static const struct ctl_table addrconf_sysctl[] = { +@@ -7116,6 +7117,13 @@ static const struct ctl_table addrconf_sysctl[] = { .extra1 = (void *)SYSCTL_ZERO, .extra2 = (void *)SYSCTL_ONE, }, @@ -126,10 +127,10 @@ index a9358c796a81..7e39846f556b 100644 .procname = "ioam6_id", .data = &ipv6_devconf.ioam6_id, diff --git a/net/ipv6/route.c b/net/ipv6/route.c -index eb3afaee62e8..0f8670e74cc7 100644 +index 53197087353a..4fed0253cf83 100644 --- a/net/ipv6/route.c +++ b/net/ipv6/route.c -@@ -679,6 +679,14 @@ static inline void rt6_probe(struct fib6_nh *fib6_nh) +@@ -716,6 +716,14 @@ static inline void rt6_probe(struct fib6_nh *fib6_nh) } #endif @@ -144,7 +145,7 @@ index eb3afaee62e8..0f8670e74cc7 100644 /* * Default Router Selection (RFC 2461 6.3.6) */ -@@ -720,6 +728,8 @@ static int rt6_score_route(const struct fib6_nh *nh, u32 fib6_flags, int oif, +@@ -757,6 +765,8 @@ static int rt6_score_route(const struct fib6_nh *nh, u32 fib6_flags, int oif, if (!m && (strict & RT6_LOOKUP_F_IFACE)) return RT6_NUD_FAIL_HARD; @@ -154,5 +155,5 @@ index eb3afaee62e8..0f8670e74cc7 100644 m |= IPV6_DECODE_PREF(IPV6_EXTRACT_PREF(fib6_flags)) << 2; #endif -- -2.39.2 +2.39.5 diff --git a/scripts/package-build/linux-kernel/patches/kernel/0002-inotify-support-for-stackable-filesystems.patch b/scripts/package-build/linux-kernel/patches/kernel/0002-inotify-support-for-stackable-filesystems.patch index b19a8d25..115f6831 100644 --- a/scripts/package-build/linux-kernel/patches/kernel/0002-inotify-support-for-stackable-filesystems.patch +++ b/scripts/package-build/linux-kernel/patches/kernel/0002-inotify-support-for-stackable-filesystems.patch @@ -19,6 +19,7 @@ for bug #303, and will allow that commit to be reverted. Bug #425 http://bugzilla.vyos.net/show_bug.cgi?id=425 (cherry picked from commit a93f1128bc83b5a6628da242e71c18ef05e81ea2) + --- fs/notify/inotify/Kconfig | 9 +++ fs/notify/inotify/inotify_user.c | 114 ++++++++++++++++++++++++++++++- @@ -190,7 +191,7 @@ index 1c4bfdab008d..cf567cc33679 100644 struct inotify_inode_mark *i_mark) { diff --git a/fs/overlayfs/super.c b/fs/overlayfs/super.c -index 2c056d737c27..2cb1f0024e70 100644 +index 93ee57bc82ad..5f4f886d011e 100644 --- a/fs/overlayfs/super.c +++ b/fs/overlayfs/super.c @@ -15,6 +15,7 @@ @@ -201,7 +202,7 @@ index 2c056d737c27..2cb1f0024e70 100644 #include <linux/file.h> #include <linux/fs_context.h> #include <linux/fs_parser.h> -@@ -1528,6 +1529,18 @@ static void ovl_inode_init_once(void *foo) +@@ -1533,6 +1534,18 @@ static void ovl_inode_init_once(void *foo) inode_init_once(&oi->vfs_inode); } @@ -220,7 +221,7 @@ index 2c056d737c27..2cb1f0024e70 100644 static int __init ovl_init(void) { int err; -@@ -1543,18 +1556,24 @@ static int __init ovl_init(void) +@@ -1548,18 +1561,24 @@ static int __init ovl_init(void) err = ovl_aio_request_cache_init(); if (!err) { err = register_filesystem(&ovl_fs_type); @@ -294,5 +295,5 @@ index 8d20caa1b268..c126e2f93a73 100644 + #endif /* _LINUX_INOTIFY_H */ -- -2.39.2 +2.39.5 diff --git a/scripts/package-build/linux-kernel/patches/kernel/build-linux-perf-package.patch b/scripts/package-build/linux-kernel/patches/kernel/build-linux-perf-package.patch new file mode 100644 index 00000000..082ad589 --- /dev/null +++ b/scripts/package-build/linux-kernel/patches/kernel/build-linux-perf-package.patch @@ -0,0 +1,62 @@ +diff --git c/scripts/package/builddeb i/scripts/package/builddeb +index d7dd0d04c70c..6f4a9a7c2c62 100755 +--- c/scripts/package/builddeb ++++ i/scripts/package/builddeb +@@ -182,6 +182,16 @@ install_libc_headers () { + mv $pdir/usr/include/asm $pdir/usr/include/$host_arch/ + } + ++install_perf () { ++ pdir=$1 ++ ++ rm -rf $pdir ++ ++ $MAKE -C tools/ perf_install prefix=$pdir/usr ++ mv tools/perf/$pdir/usr $srctree/$pdir ++ ++} ++ + rm -f debian/files + + packages_enabled=$(dh_listpackages) +@@ -199,6 +209,8 @@ do + install_libc_headers debian/linux-libc-dev;; + linux-headers-*) + install_kernel_headers debian/linux-headers ${package#linux-headers-};; ++ linux-perf-*) ++ install_perf debian/linux-perf ${package};; + esac + done + +@@ -213,6 +225,8 @@ do + create_package ${package} debian/linux-libc-dev;; + linux-headers-*) + create_package ${package} debian/linux-headers;; ++ linux-perf-*) ++ create_package ${package} debian/linux-perf;; + esac + done + +diff --git c/scripts/package/mkdebian i/scripts/package/mkdebian +index 5044224cf671..21f98ae50be0 100755 +--- c/scripts/package/mkdebian ++++ i/scripts/package/mkdebian +@@ -238,6 +238,18 @@ Description: Linux support headers for userspace development + Multi-Arch: same + EOF + ++cat <<EOF >> debian/control ++ ++Package: linux-perf-$version ++Section: devel ++Architecture: $debarch ++Depends: \${shlibs:Depends} ++Description: Performance analysis tools for Linux $version ++ This package contains the 'perf' performance analysis tools for Linux ++ kernel version $version . ++Multi-Arch: same ++EOF ++ + if is_enabled CONFIG_MODULES; then + cat <<EOF >> debian/control + |