OpenWrt v21.02.0-rc2: adjust config defaults

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
base-files: simplify setting device MAC
2021-05-29 20:01:58 +02:00 · 2021-05-28 16:04:04 +02:00 · 2021-05-28 15:25:31 +02:00 · 2021-05-27 11:39:15 +02:00 · 2021-05-27 11:39:15 +02:00 · 2021-05-27 11:39:15 +02:00
10299 changed files with 906257 additions and 857207 deletions
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1 +0,0 @@
-custom: [ 'https://openwrt.org/donate' ]
--- a/.github/ISSUE_TEMPLATE/bug-report.yml
+++ b/.github/ISSUE_TEMPLATE/bug-report.yml
@@ -1,84 +0,0 @@
-name: Bug report
-description: Create a bug report to help us improve
-labels:
-  - bug
-body:
-  - type: textarea
-    id: description
-    attributes:
-      label: Describe the bug
-      description: A clear and concise description of the bug.
-    validations:
-      required: true
-  - type: input
-    id: version
-    attributes:
-      label: OpenWrt version
-      description: |
-        The OpenWrt release or commit hash where this bug occurs (use command below).
-        ```. /etc/openwrt_release && echo $DISTRIB_REVISION```
-    validations:
-      required: true
-  - type: input
-    id: target
-    attributes:
-      label: OpenWrt target/subtarget
-      description: |
-        The OpenWrt target and subtarget where this bug is observed (use command below).
-        ```. /etc/openwrt_release && echo $DISTRIB_TARGET```
-    validations:
-      required: true
-  - type: input
-    id: device
-    attributes:
-      label: Device
-      description: |
-        The device exhibiting this bug (if unsure, use command below).
-        ```cat /tmp/sysinfo/model```
-    validations:
-      required: true
-  - type: dropdown
-    id: image_kind
-    attributes:
-      label: Image kind
-      options:
-        - Official downloaded image
-        - Self-built image
-    validations:
-      required: true
-  - type: textarea
-    id: reproduce
-    attributes:
-      label: Steps to reproduce
-      description: Steps to reproduce the reported behaviour.
-  - type: textarea
-    id: behaviour
-    attributes:
-      label: Actual behaviour
-      description: A clear and concise description of what actually happens.
-  - type: textarea
-    id: expected
-    attributes:
-      label: Expected behaviour
-      description: A clear and concise description of what you expected to happen.
-  - type: textarea
-    id: additional
-    attributes:
-      label: Additional info
-      description: Add any additional info you think might be helfpul.
-  - type: textarea
-    id: diffconfig
-    attributes:
-      label: Diffconfig
-      description: |
-        In case of a self-built image, please attach diffconfig.
-        ```./scripts/diffconfig.sh```
-      render: text
-  - type: checkboxes
-    id: terms
-    attributes:
-      label: Terms
-      description: By submitting this issue, you agree to the terms below.
-      options:
-        - label: I am reporting an issue for OpenWrt, not an unsupported fork.
-          required: true
--- a/.github/ISSUE_TEMPLATE/config.yml
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -1,12 +0,0 @@
---
-blank_issues_enabled: false
-contact_links:
-  - name: Feature request
-    url: https://forum.openwrt.org/c/feature-requests
-    about: The OpenWrt project relies on volunteers. While we appreciate feature requests, we might lack the manpower to handle them. Ideally, you get familiar with the codebase and attempt to contribute the feature yourself. We recommend to post in the forum, as this is the most likely place to receive feedback on feature requests.
-  - name: OpenWrt community
-    url: https://openwrt.org/contact
-    about: Consider reaching out to our community to get help. OpenWrt is a complex software project with many pitfalls; there is a good chance someone can help you solve your issue in no time.
-  - name: OpenWrt documentation
-    url: https://openwrt.org/docs/start
-    about: The OpenWrt documentation contains a lot of valuable information.
--- a/.github/issue_template
+++ b/.github/issue_template
@@ -0,0 +1,13 @@
+This repository is a mirror of our main repo at https://git.openwrt.org/openwrt/openwrt.git
+It is for reference only and is not active for checkins or for reporting issues.
+
+All issues should be reported at: https://bugs.openwrt.org
+
+Please do not open any NEW issue here - we will be closing the Github issues
+capability in the near future.
+
+We will continue to accept Pull Requests here as described in the repo description.
+
+Close this now and click here: https://bugs.openwrt.org
+
+Thankyou for your co-operation.
--- a/.github/labeler.yml
+++ b/.github/labeler.yml
@@ -1,138 +0,0 @@
-# target/*
-"target/airoha":
-  - "target/linux/airoha/**"
-"target/apm821xx":
-  - "target/linux/apm821xx/**"
-"target/archs38":
-  - "target/linux/archs38/**"
-"target/armsr":
-  - "target/linux/armsr/**"
-"target/at91":
-  - "target/linux/at91/**"
-  - "package/boot/at91bootstrap/**"
-  - "package/boot/uboot-at91/**"
-"target/ath25":
-  - "target/linux/ath25/**"
-"target/ath79":
-  - "target/linux/ath79/**"
-"target/bcm27xx":
-  - "target/linux/bcm27xx/**"
-  - "package/kernel/bcm27xx-gpu-fw/**"
-"target/bcm47xx":
-  - "target/linux/bcm47xx/**"
-"target/bcm4908":
-  - "target/linux/bcm4908/**"
-  - "package/boot/uboot-bcm4908/**"
-"target/bcm53xx":
-  - "target/linux/bcm53xx/**"
-"target/bcm63xx":
-  - "target/linux/bcm63xx/**"
-  - "package/kernel/bcm63xx-cfe/**"
-  - "package/boot/arm-trusted-firmware-bcm63xx/**"
-"target/bmips":
-  - "target/linux/bmips/**"
-"target/gemini":
-  - "target/linux/gemini/**"
-"target/imx":
-  - "target/linux/imx/**"
-  - "package/boot/imx-bootlets/**"
-  - "package/boot/uboot-imx/**"
-"target/ipq40xx":
-  - "target/linux/ipq40xx/**"
-"target/ipq806x":
-  - "target/linux/ipq806x/**"
-"target/ipq807x":
-  - "target/linux/ipq807x/**"
-"target/kirkwood":
-  - "target/linux/kirkwood/**"
-  - "package/boot/uboot-kirkwood/**"
-"target/lantiq":
-  - "target/linux/lantiq/**"
-  - "package/kernel/lantiq/**"
-  - "package/firmware/lantiq/**"
-  - "package/boot/uboot-lantiq/**"
-"target/layerscape":
-  - "target/linux/layerscape/**"
-  - "package/firmware/layerscape/**"
-  - "package/boot/tfa-layerscape/**"
-  - "package/boot/uboot-layerscape/**"
-  - "package/network/utils/layerscape/**"
-"target/malta":
-  - "target/linux/malta/**"
-"target/mediatek":
-  - "target/linux/mediatek/**"
-  - "package/boot/arm-trusted-firmware-mediatek/**"
-  - "package/boot/uboot-mediatek/**"
-"target/mpc85xx":
-  - "target/linux/mpc85xx/**"
-"target/mvebu":
-  - "target/linux/mvebu/**"
-  - "package/boot/arm-trusted-firmware-mvebu/**"
-  - "package/boot/uboot-mvebu/**"
-"target/mxs":
-  - "target/linux/mxs/**"
-  - "package/boot/uboot-mxs/**"
-"target/octeon":
-  - "target/linux/octeon/**"
-"target/octeontx":
-  - "target/linux/octeontx/**"
-"target/omap":
-  - "target/linux/omap/**"
-  - "package/boot/uboot-omap/**"
-"target/oxnas":
-  - "target/linux/oxnas/**"
-  - "package/boot/uboot-oxnas/**"
-"target/pistachio":
-  - "target/linux/pistachio/**"
-"target/qoriq":
-  - "target/linux/qoriq/**"
-"target/ramips":
-  - "target/linux/ramips/**"
-"target/realtek":
-  - "target/linux/realtek/**"
-"target/rockchip":
-  - "target/linux/rockchip/**"
-  - "package/boot/arm-trusted-firmware-rockchip/**"
-  - "package/boot/uboot-rockchip/**"
-"target/sifiveu":
-  - "target/linux/sifiveu/**"
-  - "package/boot/uboot-sifiveu/**"
-  - "package/boot/opensbi/**"
-"target/sunxi":
-  - "target/linux/sunxi/**"
-  - "package/boot/arm-trusted-firmware-sunxi/**"
-  - "package/boot/uboot-sunxi/**"
-"target/tegra":
-  - "target/linux/tegra/**"
-  - "package/boot/uboot-tegra/**"
-"target/uml":
-  - "target/linux/uml/**"
-"target/x86":
-  - "target/linux/x86/**"
-"target/zynq":
-  - "target/linux/zynq/**"
-  - "package/boot/uboot-zynq/**"
-# target/imagebuilder
-"target/imagebuilder":
-  - "target/imagebuilder/**"
-# kernel
-"kernel":
-  - "target/linux/generic/**"
-  - "target/linux/**/config-*"
-  - "target/linux/**/patches-*"
-  - "target/linux/**/files/**"
-  - "package/kernel/linux/**"
-# core packages
-"core packages":
-  - "package/**"
-# build/scripts/tools
-"build/scripts/tools":
-  - "include/**"
-  - "scripts/**"
-  - "tools/**"
-# toolchain
-"toolchain":
-  - "toolchain/**"
-# GitHub/CI
-"GitHub/CI":
-  - ".github/**"
--- a/.github/workflows/Dockerfile.tools
+++ b/.github/workflows/Dockerfile.tools
@@ -1,4 +0,0 @@
-FROM ghcr.io/openwrt/buildbot/buildworker-v3.8.0:v2
-
-COPY --chown=buildbot staging_dir/host /prebuilt_tools/staging_dir/host
-COPY --chown=buildbot build_dir/host /prebuilt_tools/build_dir/host
--- a/.github/workflows/build-tools.yml
+++ b/.github/workflows/build-tools.yml
@@ -1,72 +0,0 @@
-name: Build host tools
-
-on:
-  workflow_call:
-    inputs:
-      generate_prebuilt_artifacts:
-        type: boolean
-
-permissions:
-  contents: read
-
-jobs:
-  build:
-    name: Build tools
-    runs-on: ubuntu-latest
-    container: ghcr.io/openwrt/buildbot/buildworker-v3.8.0:v2
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          path: openwrt
-
-      - name: Fix permission
-        run: chown -R buildbot:buildbot openwrt
-
-      - name: Set configs for tools container
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          touch .config
-          echo CONFIG_DEVEL=y >> .config
-          echo CONFIG_AUTOREMOVE=y >> .config
-          echo CONFIG_CCACHE=y >> .config
-
-      - name: Make prereq
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make defconfig
-
-      - name: Build tools
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make tools/install -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Upload logs
-        if: always()
-        uses: actions/upload-artifact@v3
-        with:
-          name: linux-buildbot-logs
-          path: openwrt/logs
-
-      - name: Upload config
-        if: always()
-        uses: actions/upload-artifact@v3
-        with:
-          name: linux-buildbot-config
-          path: openwrt/.config
-
-      - name: Archive prebuilt tools
-        if: inputs.generate_prebuilt_artifacts == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: tar -cf tools.tar staging_dir/host build_dir/host
-
-      - name: Upload prebuilt tools
-        if: inputs.generate_prebuilt_artifacts == true
-        uses: actions/upload-artifact@v3
-        with:
-          name: linux-buildbot-prebuilt-tools
-          path: openwrt/tools.tar
-          retention-days: 1
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,435 +0,0 @@
-name: Build sub target
-
-on:
-  workflow_call:
-    secrets:
-      coverity_api_token:
-    inputs:
-      target:
-        required: true
-        type: string
-      subtarget:
-        required: true
-        type: string
-      testing:
-        type: boolean
-      build_toolchain:
-        type: boolean
-      include_feeds:
-        type: boolean
-      build_full:
-        type: boolean
-      build_kernel:
-        type: boolean
-      build_all_modules:
-        type: boolean
-      build_all_kmods:
-        type: boolean
-      build_all_boards:
-        type: boolean
-      use_openwrt_container:
-        type: boolean
-        default: true
-      coverity_project_name:
-        type: string
-        default: OpenWrt
-      coverity_check_packages:
-        type: string
-      coverity_compiler_template_list:
-        type: string
-        default: >-
-          arm-openwrt-linux-gcc
-      coverity_force_compile_packages:
-        type: string
-        default: >-
-          curl
-          libnl
-          mbedtls
-          wolfssl
-          openssl
-
-permissions:
-  contents: read
-
-jobs:
-  setup_build:
-    name: Setup build ${{ inputs.target }}/${{ inputs.subtarget }}
-    runs-on: ubuntu-latest
-    outputs:
-      owner_lc: ${{ steps.lower_owner.outputs.owner_lc }}
-      ccache_hash: ${{ steps.ccache_hash.outputs.ccache_hash }}
-      container_tag: ${{ steps.determine_tools_container.outputs.container_tag }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set lower case owner name
-        id: lower_owner
-        run: |
-          OWNER_LC=$(echo "${{ github.repository_owner }}" \
-            | tr '[:upper:]' '[:lower:]')
-
-          if [ ${{ inputs.use_openwrt_container }} == "true" ]; then
-            OWNER_LC=openwrt
-          fi
-
-          echo "owner_lc=$OWNER_LC" >> $GITHUB_OUTPUT
-
-      - name: Generate ccache hash
-        id: ccache_hash
-        run: |
-          CCACHE_HASH=$(md5sum include/kernel-* | awk '{ print $1 }' \
-           | md5sum | awk '{ print $1 }')
-          echo "ccache_hash=$CCACHE_HASH" >> $GITHUB_OUTPUT
-
-      # Per branch tools container tag
-      # By default stick to latest
-      # For official test targetting openwrt stable branch
-      # Get the branch or parse the tag and push dedicated tools containers
-      # For local test to use the correct container for stable release testing
-      # you need to use for the branch name a prefix of openwrt-[0-9][0-9].[0-9][0-9]-
-      - name: Determine tools container tag
-        id: determine_tools_container
-        run: |
-          CONTAINER_TAG=latest
-          if [ -n "${{ github.base_ref }}" ]; then
-            if echo "${{ github.base_ref }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]$'; then
-              CONTAINER_TAG="${{ github.base_ref }}"
-            fi
-          elif [ ${{ github.ref_type }} == "branch" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]$'; then
-              CONTAINER_TAG=${{ github.ref_name }}
-            elif echo "${{ github.ref_name }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]-'; then
-              CONTAINER_TAG="$(echo ${{ github.ref_name }} | sed 's/^\(openwrt-[0-9][0-9]\.[0-9][0-9]\)-.*/\1/')"
-            fi
-          elif [ ${{ github.ref_type }} == "tag" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E '^v[0-9][0-9]\.[0-9][0-9]\..+'; then
-              CONTAINER_TAG=openwrt-"$(echo ${{ github.ref_name }} | sed 's/^v\([0-9][0-9]\.[0-9][0-9]\)\..\+/\1/')"
-            fi
-          fi
-          echo "Tools container to use tools:$CONTAINER_TAG"
-          echo "container_tag=$CONTAINER_TAG" >> $GITHUB_OUTPUT
-
-  build:
-    name: Build ${{ inputs.target }}/${{ inputs.subtarget }}
-    needs: setup_build
-    runs-on: ubuntu-latest
-
-    container: ghcr.io/${{ needs.setup_build.outputs.owner_lc }}/tools:${{ needs.setup_build.outputs.container_tag }}
-
-    permissions:
-      contents: read
-      packages: read
-
-    steps:
-      - name: Checkout master directory
-        uses: actions/checkout@v3
-        with:
-          path: openwrt
-
-      - name: Checkout packages feed
-        if: inputs.include_feeds == true
-        uses: actions/checkout@v3
-        with:
-          repository: openwrt/packages
-          path: openwrt/feeds/packages
-
-      - name: Checkout luci feed
-        if: inputs.include_feeds == true
-        uses: actions/checkout@v3
-        with:
-          repository: openwrt/luci
-          path: openwrt/feeds/luci
-
-      - name: Checkout routing feed
-        if: inputs.include_feeds == true
-        uses: actions/checkout@v3
-        with:
-          repository: openwrt/routing
-          path: openwrt/feeds/routing
-
-      - name: Checkout telephony feed
-        if: inputs.include_feeds == true
-        uses: actions/checkout@v3
-        with:
-          repository: openwrt/telephony
-          path: openwrt/feeds/telephony
-
-      - name: Parse toolchain file
-        if: inputs.build_toolchain == false
-        id: parse-toolchain
-        working-directory: openwrt
-        run: |
-          TOOLCHAIN_PATH=snapshots
-
-          if [ -n "${{ github.base_ref }}" ]; then
-            if echo "${{ github.base_ref }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]$'; then
-              major_ver="$(echo ${{ github.base_ref }} | sed 's/^openwrt-/v/')"
-            fi
-          elif [ "${{ github.ref_type }}" = "branch" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]$'; then
-              major_ver="$(echo ${{ github.ref_name }} | sed 's/^openwrt-/v/')"
-            elif echo "${{ github.ref_name }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]-'; then
-              major_ver="$(echo ${{ github.ref_name }} | sed 's/^openwrt-\([0-9][0-9]\.[0-9][0-9]\)-.*/v\1/')"
-            fi
-          elif [ "${{ github.ref_type }}" = "tag" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E '^v[0-9][0-9]\.[0-9][0-9]\..+'; then
-              major_ver="$(echo ${{ github.ref_name }} | sed 's/^\(v[0-9][0-9]\.[0-9][0-9]\)\..\+/\1/')"
-            fi
-          fi
-
-          if [ -n "$major_ver" ]; then
-            git fetch --tags -f
-            latest_tag="$(git tag --sort=-creatordate -l $major_ver* | head -n1)"
-            if [ -n "$latest_tag" ]; then
-              TOOLCHAIN_PATH=releases/$(echo $latest_tag | sed 's/^v//')
-            fi
-          fi
-
-          SUMS_FILE="https://downloads.cdn.openwrt.org/$TOOLCHAIN_PATH/targets/${{ inputs.target }}/${{ inputs.subtarget }}/sha256sums"
-          if curl $SUMS_FILE | grep -q ".*openwrt-toolchain.*tar.xz"; then
-            TOOLCHAIN_STRING="$( curl $SUMS_FILE | grep ".*openwrt-toolchain.*tar.xz")"
-            TOOLCHAIN_FILE=$(echo "$TOOLCHAIN_STRING" | sed -n -e 's/.*\(openwrt-toolchain.*\).tar.xz/\1/p')
-            
-            echo "toolchain-type=external_toolchain" >> $GITHUB_OUTPUT
-          elif curl $SUMS_FILE | grep -q ".*openwrt-sdk.*tar.xz"; then
-            TOOLCHAIN_STRING="$( curl $SUMS_FILE | grep ".*openwrt-sdk.*tar.xz")"
-            TOOLCHAIN_FILE=$(echo "$TOOLCHAIN_STRING" | sed -n -e 's/.*\(openwrt-sdk.*\).tar.xz/\1/p')
-
-            echo "toolchain-type=external_sdk" >> $GITHUB_OUTPUT
-          else
-            echo "toolchain-type=internal" >> $GITHUB_OUTPUT
-          fi
-
-          echo "TOOLCHAIN_FILE=$TOOLCHAIN_FILE" >> "$GITHUB_ENV"
-          echo "TOOLCHAIN_PATH=$TOOLCHAIN_PATH" >> "$GITHUB_ENV"
-
-      - name: Fix permission
-        run: |
-          chown -R buildbot:buildbot openwrt
-
-      - name: Prepare prebuilt tools
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          mkdir -p staging_dir build_dir
-          ln -s /prebuilt_tools/staging_dir/host staging_dir/host
-          ln -s /prebuilt_tools/build_dir/host build_dir/host
-
-          ./scripts/ext-tools.sh --refresh
-
-      - name: Update & Install feeds
-        if: inputs.include_feeds == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          ./scripts/feeds update -a
-          ./scripts/feeds install -a
-
-      - name: Cache ccache
-        uses: actions/cache@v3
-        with:
-          path: openwrt/.ccache
-          key: ccache-kernel-${{ inputs.target }}/${{ inputs.subtarget }}-${{ needs.setup_build.outputs.ccache_hash }}
-          restore-keys: |
-            ccache-kernel-${{ inputs.target }}/${{ inputs.subtarget }}-
-
-      - name: Download external toolchain/sdk
-        if: inputs.build_toolchain == false && steps.parse-toolchain.outputs.toolchain-type != 'internal'
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          wget -O - https://downloads.cdn.openwrt.org/${{ env.TOOLCHAIN_PATH }}/targets/${{ inputs.target }}/${{ inputs.subtarget }}/${{ env.TOOLCHAIN_FILE }}.tar.xz \
-            | tar --xz -xf -
-
-      - name: Configure testing kernel
-        if: inputs.testing == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_TESTING_KERNEL=y >> .config
-
-      - name: Configure all kernel modules
-        if: inputs.build_all_kmods == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_ALL_KMODS=y >> .config
-
-      - name: Configure all modules
-        if: inputs.build_all_modules == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_ALL=y >> .config
-
-      - name: Configure all boards
-        if: inputs.build_all_boards == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_TARGET_MULTI_PROFILE=y >> .config
-          echo CONFIG_TARGET_PER_DEVICE_ROOTFS=y >> .config
-          echo CONFIG_TARGET_ALL_PROFILES=y >> .config
-
-      - name: Configure external toolchain
-        if: inputs.build_toolchain == false && steps.parse-toolchain.outputs.toolchain-type == 'external_toolchain'
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_DEVEL=y >> .config
-          echo CONFIG_AUTOREMOVE=y >> .config
-          echo CONFIG_CCACHE=y >> .config
-
-          ./scripts/ext-toolchain.sh \
-            --toolchain ${{ env.TOOLCHAIN_FILE }}/toolchain-* \
-            --overwrite-config \
-            --config ${{ inputs.target }}/${{ inputs.subtarget }}
-
-      - name: Adapt external sdk to external toolchain format
-        if: inputs.build_toolchain == false && steps.parse-toolchain.outputs.toolchain-type == 'external_sdk'
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          TOOLCHAIN_DIR=${{ env.TOOLCHAIN_FILE }}/staging_dir/$(ls ${{ env.TOOLCHAIN_FILE }}/staging_dir | grep toolchain)
-          TOOLCHAIN_BIN=$TOOLCHAIN_DIR/bin
-          OPENWRT_DIR=$(pwd)
-
-          # Find target name from toolchain info.mk
-          GNU_TARGET_NAME=$(cat $TOOLCHAIN_DIR/info.mk | grep TARGET_CROSS | sed 's/^TARGET_CROSS=\(.*\)-$/\1/')
-
-          cd $TOOLCHAIN_BIN
-
-          # Revert sdk wrapper scripts applied to all the bins
-          for app in $(find . -name "*.bin"); do
-            TARGET_APP=$(echo $app | sed 's/\.\/\.\(.*\)\.bin/\1/')
-            rm $TARGET_APP
-            mv .$TARGET_APP.bin $TARGET_APP
-          done
-
-          # Setup the wrapper script in the sdk toolchain dir simulating an external toolchain build
-          cp $OPENWRT_DIR/target/toolchain/files/wrapper.sh $GNU_TARGET_NAME-wrapper.sh
-          for app in cc gcc g++ c++ cpp ld as ; do
-            [ -f $GNU_TARGET_NAME-$app ] && mv $GNU_TARGET_NAME-$app $GNU_TARGET_NAME-$app.bin
-            ln -sf $GNU_TARGET_NAME-wrapper.sh $GNU_TARGET_NAME-$app
-          done
-
-      - name: Configure external toolchain with sdk
-        if: inputs.build_toolchain == false && steps.parse-toolchain.outputs.toolchain-type == 'external_sdk'
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_DEVEL=y >> .config
-          echo CONFIG_AUTOREMOVE=y >> .config
-          echo CONFIG_CCACHE=y >> .config
-
-          ./scripts/ext-toolchain.sh \
-            --toolchain ${{ env.TOOLCHAIN_FILE }}/staging_dir/toolchain-* \
-            --overwrite-config \
-            --config ${{ inputs.target }}/${{ inputs.subtarget }}
-
-      - name: Configure internal toolchain
-        if: inputs.build_toolchain == true || steps.parse-toolchain.outputs.toolchain-type == 'internal'
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_DEVEL=y >> .config
-          echo CONFIG_AUTOREMOVE=y >> .config
-          echo CONFIG_CCACHE=y >> .config
-
-          echo "CONFIG_TARGET_${{ inputs.target }}=y" >> .config
-          echo "CONFIG_TARGET_${{ inputs.target }}_${{ inputs.subtarget }}=y" >> .config
-
-          make defconfig
-
-      - name: Show configuration
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: ./scripts/diffconfig.sh
-
-      - name: Build tools
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make tools/install -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Build toolchain
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make toolchain/install -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Build Kernel
-        if: inputs.build_kernel == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make target/compile -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Build Kernel Kmods
-        if: inputs.build_kernel == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make package/linux/compile -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Build everything
-        if: inputs.build_full == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Coverity prepare toolchain
-        if: inputs.coverity_check_packages != ''
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          wget -q https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.coverity_api_token }}&project=${{ inputs.coverity_project_name }}" -O coverity.tar.gz
-          wget -q https://scan.coverity.com/download/linux64 --post-data "token=${{ secrets.coverity_api_token }}&project=${{ inputs.coverity_project_name }}&md5=1" -O coverity.tar.gz.md5
-          echo ' coverity.tar.gz' >> coverity.tar.gz.md5
-          md5sum -c coverity.tar.gz.md5
-
-          mkdir cov-analysis-linux64
-          tar xzf coverity.tar.gz --strip 1 -C cov-analysis-linux64
-          export PATH=$(pwd)/cov-analysis-linux64/bin:$PATH
-
-          for template in ${{ inputs.coverity_compiler_template_list }}; do
-            cov-configure --template --comptype gcc --compiler "$template"
-          done
-
-      - name: Clean and recompile packages with Coverity toolchain
-        if: inputs.coverity_check_packages != ''
-        shell: su buildbot -c "bash {0}"
-        working-directory: openwrt
-        run: |
-          set -o pipefail -o errexit
-
-          coverity_check_packages=(${{ inputs.coverity_check_packages }})
-          printf -v clean_packages "package/%s/clean " "${coverity_check_packages[@]}"
-          make -j$(nproc) BUILD_LOG=1 $clean_packages || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-          coverity_force_compile_packages=(${{ inputs.coverity_force_compile_packages }})
-          printf -v force_compile_packages "package/%s/compile " "${coverity_force_compile_packages[@]}"
-          make -j$(nproc) BUILD_LOG=1 $force_compile_packages || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-          printf -v compile_packages "package/%s/compile " "${coverity_check_packages[@]}"
-          export PATH=$(pwd)/cov-analysis-linux64/bin:$PATH
-          cov-build --dir cov-int make -j $(nproc) BUILD_LOG=1 $compile_packages || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Upload build to Coverity for analysis
-        if: inputs.coverity_check_packages != ''
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          tar czf cov-int.tar.gz ./cov-int
-          curl \
-            --form token="${{ secrets.coverity_api_token }}" \
-            --form email="contact@openwrt.org" \
-            --form file=@cov-int.tar.gz \
-            --form version="${{ github.ref_name }}-${{ github.sha }}" \
-            --form description="OpenWrt ${{ github.ref_name }}-${{ github.sha }}" \
-            "https://scan.coverity.com/builds?project=${{ inputs.coverity_project_name }}"
-
-      - name: Upload logs
-        if: failure()
-        uses: actions/upload-artifact@v3
-        with:
-          name: ${{ inputs.target }}-${{ inputs.subtarget }}-logs
-          path: "openwrt/logs"
--- a/.github/workflows/check-kernel-patches.yml
+++ b/.github/workflows/check-kernel-patches.yml
@@ -1,155 +0,0 @@
-name: Refresh kernel for target
-
-on:
-  workflow_call:
-    inputs:
-      target:
-        required: true
-        type: string
-      subtarget:
-        required: true
-        type: string
-      testing:
-        type: boolean
-      use_openwrt_container:
-        type: boolean
-        default: true
-
-permissions:
-  contents: read
-
-jobs:
-  setup_build:
-    name: Setup build
-    runs-on: ubuntu-latest
-    outputs:
-      owner_lc: ${{ steps.lower_owner.outputs.owner_lc }}
-      container_tag: ${{ steps.determine_tools_container.outputs.container_tag }}
-
-    steps:
-      - name: Set lower case owner name
-        id: lower_owner
-        run: |
-          OWNER_LC=$(echo "${{ github.repository_owner }}" \
-            | tr '[:upper:]' '[:lower:]')
-
-          if [ ${{ inputs.use_openwrt_container }} == "true" ]; then
-            OWNER_LC=openwrt
-          fi
-
-          echo "owner_lc=$OWNER_LC" >> $GITHUB_OUTPUT
-
-      # Per branch tools container tag
-      # By default stick to latest
-      # For official test targetting openwrt stable branch
-      # Get the branch or parse the tag and push dedicated tools containers
-      # For local test to use the correct container for stable release testing
-      # you need to use for the branch name a prefix of openwrt-[0-9][0-9].[0-9][0-9]-
-      - name: Determine tools container tag
-        id: determine_tools_container
-        run: |
-          CONTAINER_TAG=latest
-          if [ -n "${{ github.base_ref }}" ]; then
-            if echo "${{ github.base_ref }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]$'; then
-              CONTAINER_TAG="${{ github.base_ref }}"
-            fi
-          elif [ ${{ github.ref_type }} == "branch" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]$'; then
-              CONTAINER_TAG=${{ github.ref_name }}
-            elif echo "${{ github.ref_name }}" | grep -q -E '^openwrt-[0-9][0-9]\.[0-9][0-9]-'; then
-              CONTAINER_TAG="$(echo ${{ github.ref_name }} | sed 's/^\(openwrt-[0-9][0-9]\.[0-9][0-9]\)-.*/\1/')"
-            fi
-          elif [ ${{ github.ref_type }} == "tag" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E '^v[0-9][0-9]\.[0-9][0-9]\..+'; then
-              CONTAINER_TAG=openwrt-"$(echo ${{ github.ref_name }} | sed 's/^v\([0-9][0-9]\.[0-9][0-9]\)\..\+/\1/')"
-            fi
-          fi
-          echo "Tools container to use tools:$CONTAINER_TAG"
-          echo "container_tag=$CONTAINER_TAG" >> $GITHUB_OUTPUT
-
-  check-patch:
-    name: Check Kernel patches
-    needs: setup_build
-    runs-on: ubuntu-latest
-
-    container: ghcr.io/${{ needs.setup_build.outputs.owner_lc }}/tools:${{ needs.setup_build.outputs.container_tag }}
-
-    permissions:
-      contents: read
-      packages: read
-
-    steps:
-      - name: Checkout master directory
-        uses: actions/checkout@v3
-        with:
-          path: openwrt
-
-      - name: Fix permission
-        run: |
-          chown -R buildbot:buildbot openwrt
-
-      - name: Prepare prebuilt tools
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          mkdir -p staging_dir build_dir
-          ln -sf /prebuilt_tools/staging_dir/host staging_dir/host
-          ln -sf /prebuilt_tools/build_dir/host build_dir/host
-
-          ./scripts/ext-tools.sh --refresh
-
-      - name: Configure testing kernel
-        if: inputs.testing == true
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_TESTING_KERNEL=y >> .config
-
-      - name: Configure system
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          echo CONFIG_ALL_KMODS=y >> .config
-          echo CONFIG_DEVEL=y >> .config
-          echo CONFIG_AUTOREMOVE=y >> .config
-          echo CONFIG_CCACHE=y >> .config
-
-          echo "CONFIG_TARGET_${{ inputs.target }}=y" >> .config
-          echo "CONFIG_TARGET_${{ inputs.target }}_${{ inputs.subtarget }}=y" >> .config
-
-          make defconfig
-
-      - name: Build tools
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make tools/quilt/compile -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Refresh Kernel patches
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: make target/linux/refresh V=s
-
-      - name: Validate Refreshed Kernel Patches
-        shell: su buildbot -c "sh -e {0}"
-        working-directory: openwrt
-        run: |
-          . .github/workflows/scripts/ci_helpers.sh
-
-          if git diff --name-only --exit-code; then
-            success "Kernel patches for ${{ inputs.target }}/${{ inputs.subtarget }} seems ok"
-          else
-            err "Kernel patches for ${{ inputs.target }}/${{ inputs.subtarget }} require refresh. (run 'make target/linux/refresh' and force push this pr)"
-            err "You can also check the provided artifacts with the refreshed patch from this CI run."
-            mkdir ${{ inputs.target }}-${{ inputs.subtarget }}-refreshed
-            for f in $(git diff --name-only); do
-              cp --parents $f ${{ inputs.target }}-${{ inputs.subtarget }}-refreshed/
-            done
-            exit 1
-          fi
-
-      - name: Upload Refreshed Patches
-        if: failure()
-        uses: actions/upload-artifact@v3
-        with:
-          name: ${{ inputs.target }}-${{ inputs.subtarget }}-refreshed
-          path: openwrt/${{ inputs.target }}-${{ inputs.subtarget }}-refreshed
--- a/.github/workflows/coverity.yml
+++ b/.github/workflows/coverity.yml
@@ -1,65 +0,0 @@
-name: Coverity scan build
-
-on:
-  schedule:
-    - cron: '30 2 * * 6'
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-
-jobs:
-  coverity_build:
-    name: Coverity x86/64 build
-    secrets:
-      coverity_api_token: ${{ secrets.COVERITY_API_TOKEN }}
-    permissions:
-      contents: read
-      packages: read
-    uses: ./.github/workflows/build.yml
-    with:
-      target: x86
-      subtarget: 64
-      build_full: true
-      include_feeds: true
-      coverity_compiler_template_list: >-
-        x86_64-openwrt-linux-gcc
-        x86_64-openwrt-linux-musl-gcc
-      #  qosify fails to build with cov-build
-      coverity_check_packages: >-
-        cgi-io
-        dnsmasq
-        dropbear
-        firewall
-        fstools
-        fwtool
-        iwinfo
-        jsonfilter
-        libnl-tiny
-        libubox
-        mtd
-        netifd
-        odhcp6c
-        odhcpd
-        opkg
-        procd
-        relayd
-        rpcd
-        swconfig
-        ubox
-        ubus
-        ucert
-        uci
-        uclient
-        ucode
-        ugps
-        uhttpd
-        umbim
-        umdns
-        unetd
-        uqmi
-        urngd
-        usbmode
-        usign
-        usteer
-        ustp
-        ustream-ssl
--- a/.github/workflows/formal.yml
+++ b/.github/workflows/formal.yml
@@ -1,73 +0,0 @@
-name: Test Formalities
-
-on:
-  pull_request:
-
-permissions:
-  contents: read
-
-jobs:
-  build:
-    name: Test Formalities
-    runs-on: ubuntu-latest
-    strategy:
-      fail-fast: false
-
-    steps:
-      - uses: actions/checkout@v3
-        with:
-          ref: ${{ github.event.pull_request.head.sha }}
-          fetch-depth: 0
-
-      - name: Determine branch name
-        run: |
-          BRANCH="${GITHUB_BASE_REF#refs/heads/}"
-          echo "Building for $BRANCH"
-          echo "BRANCH=$BRANCH" >> $GITHUB_ENV
-
-      - name: Test formalities
-        run: |
-          source .github/workflows/scripts/ci_helpers.sh
-
-          RET=0
-          for commit in $(git rev-list HEAD ^origin/$BRANCH); do
-            info "=== Checking commit '$commit'"
-            if git show --format='%P' -s $commit | grep -qF ' '; then
-              err "Pull request should not include merge commits"
-              RET=1
-            fi
-
-            author="$(git show -s --format=%aN $commit)"
-            if echo $author | grep -q '\S\+\s\+\S\+'; then
-              success "Author name ($author) seems ok"
-            else
-              err "Author name ($author) need to be your real name 'firstname lastname'"
-              RET=1
-            fi
-
-            subject="$(git show -s --format=%s $commit)"
-            if echo "$subject" | grep -q -e '^[0-9A-Za-z,+/_\.-]\+: ' -e '^Revert '; then
-              success "Commit subject line seems ok ($subject)"
-            else
-              err "Commit subject line MUST start with '<area>: ' ($subject)"
-              RET=1
-            fi
-
-            body="$(git show -s --format=%b $commit)"
-            sob="$(git show -s --format='Signed-off-by: %aN <%aE>' $commit)"
-            if echo "$body" | grep -qF "$sob"; then
-              success "Signed-off-by match author"
-            else
-              err "Signed-off-by is missing or doesn't match author (should be '$sob')"
-              RET=1
-            fi
-
-            if echo "$body" | grep -v "Signed-off-by:"; then
-              success "A commit message exists"
-            else
-              err "Missing commit message. Please describe your changes"
-              RET=1
-            fi
-          done
-
-          exit $RET
--- a/.github/workflows/kernel.yml
+++ b/.github/workflows/kernel.yml
@@ -1,131 +0,0 @@
-name: Build Kernel
-
-on:
-  pull_request:
-    paths:
-      - '.github/workflows/check-kernel-patches.yml'
-      - '.github/workflows/build.yml'
-      - '.github/workflows/kernel.yml'
-      - 'include/kernel*'
-      - 'package/kernel/**'
-      - 'target/linux/**'
-  push:
-    paths:
-      - '.github/workflows/check-kernel-patches.yml'
-      - '.github/workflows/build.yml'
-      - '.github/workflows/kernel.yml'
-      - 'include/kernel*'
-      - 'package/kernel/**'
-      - 'target/linux/**'
-
-permissions:
-  contents: read
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  determine_targets:
-    name: Set targets
-    runs-on: ubuntu-latest
-    outputs:
-      targets_subtargets: ${{ steps.find_targets.outputs.targets_subtargets }}
-      targets: ${{ steps.find_targets.outputs.targets }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          fetch-depth: 2
-
-      - name: Get changed files
-        id: changed-files
-        uses: tj-actions/changed-files@v35
-
-      - name: Set targets
-        id: find_targets
-        run: |
-          ALL_TARGETS="$(perl ./scripts/dump-target-info.pl targets 2>/dev/null)"
-          CHANGED_FILES="$(echo ${{ steps.changed-files.outputs.all_changed_files }} | tr ' ' '\n')"
-
-          TARGETS_SUBTARGETS="$(echo "$ALL_TARGETS" | sort -u -t '/' -k1 | awk '{ print $1 }')"
-          TARGETS="$(echo "$ALL_TARGETS" | sort -u -t '/' -k1,1 | awk '{ print $1 }')"
-
-          # On testing non-specific target, skip testing each subtarget
-          if echo "$CHANGED_FILES" | grep -v -q target/linux ||
-            echo "$CHANGED_FILES" | grep -q target/linux/generic; then
-            TARGETS_SUBTARGETS=$TARGETS
-          fi
-
-          JSON_TARGETS_SUBTARGETS='['
-          FIRST=1
-          for TARGET in $TARGETS_SUBTARGETS; do
-            if echo "$CHANGED_FILES" | grep -v -q target/linux ||
-              echo "$CHANGED_FILES" | grep -q target/linux/generic ||
-              echo "$CHANGED_FILES" | grep -q $(echo $TARGET | cut -d "/" -f 1); then
-              TUPLE='{"target":"'"$(echo $TARGET | cut -d "/" -f 1)"'","subtarget":"'"$(echo $TARGET | cut -d "/" -f 2)"'"}'
-              [[ $FIRST -ne 1 ]] && JSON_TARGETS_SUBTARGETS="$JSON_TARGETS_SUBTARGETS"','
-              JSON_TARGETS_SUBTARGETS="$JSON_TARGETS_SUBTARGETS""$TUPLE"
-              FIRST=0
-            fi
-          done
-          JSON_TARGETS_SUBTARGETS="$JSON_TARGETS_SUBTARGETS"']'
-
-          JSON_TARGETS='['
-          FIRST=1
-          for TARGET in $TARGETS; do
-            if echo "$CHANGED_FILES" | grep -v -q target/linux ||
-              echo "$CHANGED_FILES" | grep -q target/linux/generic ||
-              echo "$CHANGED_FILES" | grep -q $(echo $TARGET | cut -d "/" -f 1); then
-              TUPLE='{"target":"'"$(echo $TARGET | cut -d "/" -f 1)"'","subtarget":"'"$(echo $TARGET | cut -d "/" -f 2)"'"}'
-              [[ $FIRST -ne 1 ]] && JSON_TARGETS="$JSON_TARGETS"','
-              JSON_TARGETS="$JSON_TARGETS""$TUPLE"
-              FIRST=0
-            fi
-          done
-          JSON_TARGETS="$JSON_TARGETS"']'
-
-          echo -e "\n---- targets to build ----\n"
-          echo "$JSON_TARGETS_SUBTARGETS"
-          echo -e "\n---- targets to build ----\n"
-
-          echo -e "\n---- targets to check patch ----\n"
-          echo "$JSON_TARGETS"
-          echo -e "\n---- targets to check patch ----\n"
-
-          echo "targets_subtargets=$JSON_TARGETS_SUBTARGETS" >> $GITHUB_OUTPUT
-          echo "targets=$JSON_TARGETS" >> $GITHUB_OUTPUT
-
-  build:
-    name: Build Kernel with external toolchain
-    needs: determine_targets
-    permissions:
-      contents: read
-      packages: read
-    strategy:
-       fail-fast: False
-       matrix:
-         include: ${{fromJson(needs.determine_targets.outputs.targets_subtargets)}}
-    uses: ./.github/workflows/build.yml
-    with:
-      target: ${{ matrix.target }}
-      subtarget: ${{ matrix.subtarget }}
-      build_kernel: true
-      build_all_kmods: true
-
-  check-kernel-patches:
-    name: Check Kernel patches
-    needs: determine_targets
-    permissions:
-      contents: read
-      packages: read
-    strategy:
-       fail-fast: False
-       matrix:
-         include: ${{fromJson(needs.determine_targets.outputs.targets)}}
-    uses: ./.github/workflows/check-kernel-patches.yml
-    with:
-      target: ${{ matrix.target }}
-      subtarget: ${{ matrix.subtarget }}
-
--- a/.github/workflows/label-kernel.yml
+++ b/.github/workflows/label-kernel.yml
@@ -1,50 +0,0 @@
-# ci:kernel:x86:64 is going to trigger CI kernel check jobs for x86/64 target
-
-name: Build kernel and check patches for target specified in labels
-on:
-  pull_request:
-    types:
-      - labeled
-
-jobs:
-  set_target:
-    if: startsWith(github.event.label.name, 'ci:kernel:')
-    name: Set target
-    runs-on: ubuntu-latest
-    outputs:
-      target: ${{ steps.set_target.outputs.target }}
-      subtarget: ${{ steps.set_target.outputs.subtarget }}
-
-    steps:
-      - name: Set target
-        id: set_target
-        env:
-          CI_EVENT_LABEL_NAME: ${{ github.event.label.name }}
-        run: |
-          echo "$CI_EVENT_LABEL_NAME" | sed -n 's/.*:\(.*\):\(.*\)$/target=\1/p' | tee --append $GITHUB_OUTPUT
-          echo "$CI_EVENT_LABEL_NAME" | sed -n 's/.*:\(.*\):\(.*\)$/subtarget=\2/p' | tee --append $GITHUB_OUTPUT
-
-  build_kernel:
-    name: Build Kernel with external toolchain
-    needs: set_target
-    permissions:
-      contents: read
-      packages: read
-    uses: ./.github/workflows/build.yml
-    with:
-      container_name: toolchain
-      target: ${{ needs.set_target.outputs.target }}
-      subtarget: ${{ needs.set_target.outputs.subtarget }}
-      build_kernel: true
-      build_all_kmods: true
-
-  check-kernel-patches:
-    name: Check Kernel patches
-    needs: set_target
-    permissions:
-      contents: read
-      packages: read
-    uses: ./.github/workflows/check-kernel-patches.yml
-    with:
-      target: ${{ needs.set_target.outputs.target }}
-      subtarget: ${{ needs.set_target.outputs.subtarget }}
--- a/.github/workflows/label-target.yml
+++ b/.github/workflows/label-target.yml
@@ -1,41 +0,0 @@
-# ci:target:x86:64 is going to trigger CI target check jobs for x86/64 target
-
-name: Build check target specified in labels
-on:
-  pull_request:
-    types:
-      - labeled
-
-jobs:
-  set_target:
-    if: startsWith(github.event.label.name, 'ci:target:')
-    name: Set target
-    runs-on: ubuntu-latest
-    outputs:
-      target: ${{ steps.set_target.outputs.target }}
-      subtarget: ${{ steps.set_target.outputs.subtarget }}
-
-    steps:
-      - name: Set target
-        id: set_target
-        env:
-          CI_EVENT_LABEL_NAME: ${{ github.event.label.name }}
-        run: |
-          echo "$CI_EVENT_LABEL_NAME" | sed -n 's/.*:\(.*\):\(.*\)$/target=\1/p' | tee --append $GITHUB_OUTPUT
-          echo "$CI_EVENT_LABEL_NAME" | sed -n 's/.*:\(.*\):\(.*\)$/subtarget=\2/p' | tee --append $GITHUB_OUTPUT
-
-  build_target:
-    name: Build target
-    needs: set_target
-    permissions:
-      contents: read
-      packages: read
-    uses: ./.github/workflows/build.yml
-    with:
-      container_name: toolchain
-      target: ${{ needs.set_target.outputs.target }}
-      subtarget: ${{ needs.set_target.outputs.subtarget }}
-      build_full: true
-      build_all_kmods: true
-      build_all_boards: true
-      build_all_modules: true
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -1,33 +0,0 @@
-name: 'Pull Request Labeler'
-on:
-  - pull_request_target
-
-permissions:
-  contents: read
-
-jobs:
-  labeler:
-    permissions:
-      contents: read # to determine modified files (actions/labeler)
-      pull-requests: write # to add labels to PRs (actions/labeler)
-
-    name: Pull Request Labeler
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/labeler@v4
-        with:
-          repo-token: '${{ secrets.GITHUB_TOKEN }}'
-
-      - name: Check Branch
-        id: check-branch
-        run: |
-          if echo "${{ github.base_ref }}" | grep -q -E 'openwrt-[0-9][0-9]\.[0-9][0-9]'; then
-              echo "release-tag=$(echo ${{ github.base_ref }} | sed 's/openwrt-/release\//')" >> $GITHUB_OUTPUT
-          fi
-
-      - uses: buildsville/add-remove-label@v2.0.0
-        if: ${{ steps.check-branch.outputs.release-tag }}
-        with:
-          token: ${{secrets.GITHUB_TOKEN}}
-          labels: ${{ steps.check-branch.outputs.release-tag }}
-          type: add
--- a/.github/workflows/packages.yml
+++ b/.github/workflows/packages.yml
@@ -1,52 +0,0 @@
-name: Build all core packages
-
-on:
-  pull_request:
-    paths:
-      - '.github/workflows/build.yml'
-      - '.github/workflows/packages.yml'
-      - 'config/**'
-      - 'include/**'
-      - 'package/**'
-      - 'target/linux/generic/**'
-      - 'toolchain/**'
-  push:
-    paths:
-      - '.github/workflows/build.yml'
-      - '.github/workflows/packages.yml'
-      - 'config/**'
-      - 'include/**'
-      - 'package/**'
-      - 'target/linux/generic/**'
-      - 'toolchain/**'
-
-permissions:
-  contents: read
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  build:
-    name: Build Packages with external toolchain
-    permissions:
-      contents: read
-      packages: read
-    strategy:
-      fail-fast: False
-      matrix:
-        include:
-          - target: malta
-            subtarget: be
-          - target: x86
-            subtarget: 64
-    uses: ./.github/workflows/build.yml
-    with:
-      target: ${{ matrix.target }}
-      subtarget: ${{ matrix.subtarget }}
-      build_kernel: true
-      build_all_kmods: true
-      build_all_modules: true
-      build_full: true
-
--- a/.github/workflows/push-containers.yml
+++ b/.github/workflows/push-containers.yml
@@ -1,98 +0,0 @@
-name: Build and Push prebuilt tools container
-
-on:
-  push:
-    paths:
-      - 'include/version.mk'
-      - 'include/cmake.mk'
-      - 'tools/**'
-      - '.github/workflows/build-tools.yml'
-      - '.github/workflows/push-containers.yml'
-      - '.github/workflows/Dockerfile.tools'
-
-permissions:
-  contents: read
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  build-linux-buildbot:
-    name: Build tools with buildbot container
-    if: ${{ github.repository_owner  == 'openwrt' }}
-    uses: ./.github/workflows/build-tools.yml
-    with:
-      generate_prebuilt_artifacts: true
-
-  push-tools-container:
-    needs: build-linux-buildbot
-    name: Push prebuilt tools container
-    if: ${{ github.repository_owner  == 'openwrt' }}
-    runs-on: ubuntu-latest
-
-    permissions:
-      contents: read
-      packages: write
-
-    steps:
-      - name: Set lower case owner name
-        env:
-          OWNER: ${{ github.repository_owner }}
-        run: |
-          echo "OWNER_LC=${OWNER,,}" >> "$GITHUB_ENV"
-
-      # Per branch tools container tag
-      # By default stick to latest
-      # For official test targetting openwrt stable branch
-      # Get the branch or parse the tag and push dedicated tools containers
-      # Any branch that will match this pattern openwrt-[0-9][0-9].[0-9][0-9]
-      # will refresh the tools container with the matching tag.
-      # (example branch openwrt-22.03 -> tools:openwrt-22.03)
-      # (example branch openwrt-22.03-test -> tools:openwrt-22.03)
-      - name: Determine tools container tag
-        run: |
-          CONTAINER_TAG=latest
-
-          if [ ${{ github.ref_type }} == "branch" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E 'openwrt-[0-9][0-9]\.[0-9][0-9]'; then
-              CONTAINER_TAG="$(echo ${{ github.ref_name }} | sed 's/^\(openwrt-[0-9][0-9]\.[0-9][0-9]\).*/\1/')"
-            fi
-          elif [ ${{ github.ref_type }} == "tag" ]; then
-            if echo "${{ github.ref_name }}" | grep -q -E 'v[0-9][0-9]\.[0-9][0-9]\..+'; then
-              CONTAINER_TAG=openwrt-"$(echo ${{ github.ref_name }} | sed 's/v\([0-9][0-9]\.[0-9][0-9]\)\..\+/\1/')"
-            fi
-          fi
-
-          echo "Tools container to push tools:$CONTAINER_TAG"
-          echo "CONTAINER_TAG=$CONTAINER_TAG" >> "$GITHUB_ENV"
-
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          path: 'openwrt'
-
-      - name: Download prebuilt tools from build job
-        uses: actions/download-artifact@v3
-        with:
-          name: linux-buildbot-prebuilt-tools
-          path: openwrt
-
-      - name: Extract prebuild tools
-        working-directory: openwrt
-        run: tar -xf tools.tar
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v2
-        with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Build and push
-        uses: docker/build-push-action@v3
-        with:
-          context: openwrt
-          push: true
-          tags: ghcr.io/${{ env.OWNER_LC }}/tools:${{ env.CONTAINER_TAG }}
-          file: openwrt/.github/workflows/Dockerfile.tools
--- a/.github/workflows/scripts/ci_helpers.sh
+++ b/.github/workflows/scripts/ci_helpers.sh
@@ -1,26 +0,0 @@
-#!/bin/sh
-
-color_out() {
-	printf "\e[0;$1m%s\e[0;0m\n" "$2"
-}
-
-success() {
-	color_out 32 "$1"
-}
-
-info() {
-	color_out 36 "$1"
-}
-
-err() {
-	color_out 31 "$1"
-}
-
-warn() {
-	color_out 33 "$1"
-}
-
-err_die() {
-	err "$1"
-	exit 1
-}
--- a/.github/workflows/scripts/show_build_failures.sh
+++ b/.github/workflows/scripts/show_build_failures.sh
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-original_exit_code="${ret:-1}"
-log_dir_path="${1:-logs}"
-context="${2:-10}"
-
-show_make_build_errors() {
-	grep -slr 'make\[[[:digit:]]\+\].*Error [[:digit:]]\+$' "$log_dir_path" | while IFS= read -r log_file; do
-		printf "====== Make errors from %s ======\n" "$log_file";
-		grep -r -C"$context" 'make\[[[:digit:]]\+\].*Error [[:digit:]]\+$' "$log_file" ;
-	done
-}
-
-show_make_build_errors
-exit "$original_exit_code"
--- a/.github/workflows/toolchain.yml
+++ b/.github/workflows/toolchain.yml
@@ -1,70 +0,0 @@
-name: Build Toolchains
-
-on:
-  pull_request:
-    paths:
-      - '.github/workflows/build.yml'
-      - '.github/workflows/toolchain.yml'
-      - 'toolchain/**'
-  push:
-    paths:
-      - '.github/workflows/build.yml'
-      - '.github/workflows/toolchain.yml'
-      - 'toolchain/**'
-
-permissions:
-  contents: read
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  determine_targets:
-    name: Set targets
-    runs-on: ubuntu-latest
-    outputs:
-      target: ${{ steps.find_targets.outputs.target }}
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-
-      - name: Set targets
-        id: find_targets
-        run: |
-          export TARGETS="$(perl ./scripts/dump-target-info.pl targets 2>/dev/null \
-            | sort -u -t '/' -k1,1 \
-            | awk '{ print $1 }')"
-
-          JSON='['
-          FIRST=1
-          for TARGET in $TARGETS; do
-            TUPLE='{"target":"'"$(echo $TARGET | cut -d "/" -f 1)"'","subtarget":"'"$(echo $TARGET | cut -d "/" -f 2)"'"}'
-            [[ $FIRST -ne 1 ]] && JSON="$JSON"','
-            JSON="$JSON""$TUPLE"
-            FIRST=0
-          done
-          JSON="$JSON"']'
-
-           echo -e "\n---- targets ----\n"
-           echo "$JSON"
-           echo -e "\n---- targets ----\n"
-
-           echo "target=$JSON" >> $GITHUB_OUTPUT
-
-  build:
-    name: Build Target Toolchain
-    needs: determine_targets
-    permissions:
-      contents: read
-      packages: read
-    strategy:
-       fail-fast: False
-       matrix:
-         include: ${{fromJson(needs.determine_targets.outputs.target)}}
-    uses: ./.github/workflows/build.yml
-    with:
-      target: ${{ matrix.target }}
-      subtarget: ${{ matrix.subtarget }}
-      build_toolchain: true
--- a/.github/workflows/tools.yml
+++ b/.github/workflows/tools.yml
@@ -1,93 +0,0 @@
-name: Build host tools
-
-on:
-  pull_request:
-    paths:
-      - 'include/**'
-      - 'tools/**'
-      - '.github/workflows/build-tools.yml'
-      - '.github/workflows/tools.yml'
-  push:
-    paths:
-      - 'include/**'
-      - 'tools/**'
-      - '.github/workflows/build-tools.yml'
-      - '.github/workflows/tools.yml'
-
-permissions:
-  contents: read
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: ${{ github.event_name == 'pull_request' }}
-
-jobs:
-  build-macos-latest:
-    name: Build tools with macos latest
-    runs-on: macos-latest
-
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-        with:
-          path: openwrt
-
-      - name: Setup MacOS
-        run: |
-          echo "WORKPATH=/Volumes/OpenWrt" >> "$GITHUB_ENV"
-          hdiutil create -size 20g -type SPARSE -fs "Case-sensitive HFS+" -volname OpenWrt OpenWrt.sparseimage
-          hdiutil attach OpenWrt.sparseimage
-          mv "$GITHUB_WORKSPACE/openwrt" /Volumes/OpenWrt/
-
-      - name: Install required prereq on MacOS
-        working-directory: ${{ env.WORKPATH }}/openwrt
-        run: |
-          brew install \
-            automake \
-            coreutils \
-            diffutils \
-            findutils \
-            gawk \
-            git-extras \
-            gnu-getopt \
-            gnu-sed \
-            grep \
-            make
-
-            echo "/bin" >> "$GITHUB_PATH"
-            echo "/sbin/Library/Apple/usr/bin" >> "$GITHUB_PATH"
-            echo "/usr/bin" >> "$GITHUB_PATH"
-            echo "/usr/local/bin" >> "$GITHUB_PATH"
-            echo "/usr/local/opt/coreutils/bin" >> "$GITHUB_PATH"
-            echo "/usr/local/opt/findutils/libexec/gnubin" >> "$GITHUB_PATH"
-            echo "/usr/local/opt/gettext/bin" >> "$GITHUB_PATH"
-            echo "/usr/local/opt/gnu-getopt/bin" >> "$GITHUB_PATH"
-            echo "/usr/local/opt/make/libexec/gnubin" >> "$GITHUB_PATH"
-            echo "/usr/local/opt/make/libexec/gnubin" >> "$GITHUB_PATH"
-            echo "/usr/sbin" >> "$GITHUB_PATH"
-
-      - name: Make prereq
-        working-directory: ${{ env.WORKPATH }}/openwrt
-        run: make defconfig
-
-      - name: Build tools MacOS
-        working-directory: ${{ env.WORKPATH }}/openwrt
-        run: make tools/install -j$(nproc) BUILD_LOG=1 || ret=$? .github/workflows/scripts/show_build_failures.sh
-
-      - name: Upload logs
-        if: always()
-        uses: actions/upload-artifact@v3
-        with:
-          name: macos-latest-logs
-          path: ${{ env.WORKPATH }}/openwrt/logs
-
-      - name: Upload config
-        if: always()
-        uses: actions/upload-artifact@v3
-        with:
-          name: macos-latest-config
-          path: ${{ env.WORKPATH }}/openwrt/.config
-
-  build-linux-buildbot:
-    name: Build tools with buildbot container
-    uses: ./.github/workflows/build-tools.yml
--- a/.gitignore
+++ b/.gitignore
@@ -5,7 +5,6 @@
 /dl
 /.config
 /.config.old
-/.toolchain_build_ver
 /bin
 /build_dir
 /staging_dir
@@ -18,7 +17,6 @@
 /package/feeds
 /package/openwrt-packages
 /*.patch
-/llvm-bpf*
 key-build*
 *.orig
 *.rej
@@ -31,4 +29,4 @@ git-src
 .project
 .cproject
 .ccache
-.vscode*
+.vscode
--- a/Config.in
+++ b/Config.in
@@ -5,7 +5,7 @@
 mainmenu "OpenWrt Configuration"

 config MODULES
-	modules
+	option modules
 	bool
 	default y

@@ -13,14 +13,6 @@ config HAVE_DOT_CONFIG
 	bool
 	default y

-HOST_OS := $(shell, uname)
-
-config HOST_OS_LINUX
-	def_bool $(shell, ./config/check-uname.sh Linux)
-
-config HOST_OS_MACOS
-	def_bool $(shell, ./config/check-uname.sh Darwin)
-
 source "target/Config.in"

 source "config/Config-images.in"
--- a/25
+++ b/25
@@ -14,10 +14,8 @@ $(if $(findstring $(space),$(TOPDIR)),$(error ERROR: The path to the OpenWrt dir

 world:

-DISTRO_PKG_CONFIG:=$(shell $(TOPDIR)/scripts/command_all.sh pkg-config | grep '/usr' -m 1)
-
-export ORIG_PATH:=$(if $(ORIG_PATH),$(ORIG_PATH),$(PATH))
-export PATH:=$(if $(STAGING_DIR),$(abspath $(STAGING_DIR)/../host/bin),$(TOPDIR)/staging_dir/host/bin):$(PATH)
+DISTRO_PKG_CONFIG:=$(shell which -a pkg-config | grep -E '\/usr' | head -n 1)
+export PATH:=$(TOPDIR)/staging_dir/host/bin:$(PATH)

 ifneq ($(OPENWRT_BUILD),1)
  _SINGLE=export MAKEFLAGS=$(space);
@@ -40,7 +38,7 @@ else
  include tools/Makefile
  include toolchain/Makefile

-$(toolchain/stamp-compile): $(tools/stamp-compile) $(if $(CONFIG_BUILDBOT),toolchain_rebuild_check)
+$(toolchain/stamp-compile): $(tools/stamp-compile)
 $(target/stamp-compile): $(toolchain/stamp-compile) $(tools/stamp-compile) $(BUILD_DIR)/.prepared
 $(package/stamp-compile): $(target/stamp-compile) $(package/stamp-cleanup)
 $(package/stamp-install): $(package/stamp-compile)
@@ -52,23 +50,14 @@ printdb:

 prepare: $(target/stamp-compile)

-_clean: FORCE
-	rm -rf $(BUILD_DIR) $(STAGING_DIR) $(BIN_DIR) $(OUTPUT_DIR)/packages/$(ARCH_PACKAGES) $(TOPDIR)/staging_dir/packages
+clean: FORCE
+	rm -rf $(BUILD_DIR) $(STAGING_DIR) $(BIN_DIR) $(OUTPUT_DIR)/packages/$(ARCH_PACKAGES) $(BUILD_LOG_DIR) $(TOPDIR)/staging_dir/packages

-clean: _clean
-	rm -rf $(BUILD_LOG_DIR)
-
-targetclean: _clean
-	rm -rf $(TOOLCHAIN_DIR) $(BUILD_DIR_BASE)/hostpkg $(BUILD_DIR_TOOLCHAIN)
-
-dirclean: targetclean clean
-	rm -rf $(STAGING_DIR_HOST) $(STAGING_DIR_HOSTPKG) $(BUILD_DIR_BASE)/host
+dirclean: clean
+	rm -rf $(STAGING_DIR_HOST) $(STAGING_DIR_HOSTPKG) $(TOOLCHAIN_DIR) $(BUILD_DIR_BASE)/host $(BUILD_DIR_BASE)/hostpkg $(BUILD_DIR_TOOLCHAIN)
 	rm -rf $(TMP_DIR)
 	$(MAKE) -C $(TOPDIR)/scripts/config clean

-toolchain_rebuild_check:
-	$(SCRIPT_DIR)/check-toolchain-clean.sh
-
 cacheclean:
 ifneq ($(CONFIG_CCACHE),)
 	$(STAGING_DIR_HOST)/bin/ccache -C
--- a/README.md
+++ b/README.md
@@ -11,24 +11,6 @@ full customization, to use the device in ways never envisioned.

 Sunshine!

-## Download
-
-Built firmware images are available for many architectures and come with a
-package selection to be used as WiFi home router. To quickly find a factory
-image usable to migrate from a vendor stock firmware to OpenWrt, try the
-*Firmware Selector*.
-
-* [OpenWrt Firmware Selector](https://firmware-selector.openwrt.org/)
-
-If your device is supported, please follow the **Info** link to see install
-instructions or consult the support resources listed below.
-
-## 
-
-An advanced user may require additional or specific package. (Toolchain, SDK, ...) For everything else than simple firmware download, try the wiki download page:
-
-* [OpenWrt Wiki Download](https://openwrt.org/downloads)
-
 ## Development

 To build your own firmware you need a GNU/Linux, BSD or MacOSX system (case
@@ -43,8 +25,8 @@ the [Build System Setup](https://openwrt.org/docs/guide-developer/build-system/i
 documentation.

 ```
-binutils bzip2 diff find flex gawk gcc-6+ getopt grep install libc-dev libz-dev
-make4.1+ perl python3.6+ rsync subversion unzip which
+gcc binutils bzip2 flex python3 perl make find grep diff unzip gawk getopt
+subversion libz-dev libc-dev rsync which
 ```

 ### Quickstart
@@ -75,11 +57,8 @@ packages to OpenWrt, please find the fitting repository below.
 * [OpenWrt Packages](https://github.com/openwrt/packages): Community repository
  of ported packages.

-* [OpenWrt Routing](https://github.com/openwrt/routing): Packages specifically
-  focused on (mesh) routing.
-
-* [OpenWrt Video](https://github.com/openwrt/video): Packages specifically
-  focused on display servers and clients (Xorg and Wayland).
+* [OpenWrt Routing](https://github.com/openwrt-routing/packages): Packages
+  specifically focused on (mesh) routing.

 ## Support Information

@@ -95,13 +74,13 @@ For a list of supported devices see the [OpenWrt Hardware Database](https://open
 ### Support Community

 * [Forum](https://forum.openwrt.org): For usage, projects, discussions and hardware advise.
-* [Support Chat](https://webchat.oftc.net/#openwrt): Channel `#openwrt` on **oftc.net**.
+* [Support Chat](https://webchat.freenode.net/#openwrt): Channel `#openwrt` on freenode.net.

 ### Developer Community

 * [Bug Reports](https://bugs.openwrt.org): Report bugs in OpenWrt
 * [Dev Mailing List](https://lists.openwrt.org/mailman/listinfo/openwrt-devel): Send patches
-* [Dev Chat](https://webchat.oftc.net/#openwrt-devel): Channel `#openwrt-devel` on **oftc.net**.
+* [Dev Chat](https://webchat.freenode.net/#openwrt-devel): Channel `#openwrt-devel` on freenode.net.

 ## License

--- a/config/Config-build.in
+++ b/config/Config-build.in
@@ -5,6 +5,7 @@

 config EXPERIMENTAL
 	bool "Enable experimental features by default"
+	default n
 	help
 	  Set this option to build with latest bleeding edge features
 	  which may or may not work as expected.
@@ -13,14 +14,14 @@ config EXPERIMENTAL
 	  positive and negative). But do so only if you know how to
 	  recover your device in case of flashing potentially non-working
 	  firmware.
-
+	
 	  If you plan to use this build in production, say NO!

 menu "Global build settings"

 	config JSON_OVERVIEW_IMAGE_INFO
 		bool "Create JSON info file overview per target"
-		default y
+		default BUILDBOT
 		help
 		  Create a JSON info file called profiles.json in the target
 		  directory containing machine readable list of built profiles
@@ -41,6 +42,7 @@ menu "Global build settings"

 	config BUILDBOT
 		bool "Set build defaults for automatic builds (e.g. via buildbot)"
+		default n
 		help
 		  This option changes several defaults to be more suitable for
 		  automatic builds. This includes the following changes:
@@ -56,10 +58,6 @@ menu "Global build settings"
 		bool "Enable signature checking in opkg"
 		default SIGNED_PACKAGES

-	config DOWNLOAD_CHECK_CERTIFICATE
-		bool "Enable TLS certificate verification during package download"
-		default y
-
 	comment "General build options"

 	config TESTING_KERNEL
@@ -73,8 +71,10 @@ menu "Global build settings"

 	config DISPLAY_SUPPORT
 		bool "Show packages that require graphics support (local or remote)"
+		default n

 	config BUILD_PATENTED
+		default n
 		bool "Compile with support for patented functionality"
 		help
 		  When this option is disabled, software which provides patented functionality
@@ -82,6 +82,7 @@ menu "Global build settings"
 		  functionality, this optional support will get disabled for this package.

 	config BUILD_NLS
+		default n
 		bool "Compile with full language support"
 		help
 		  When this option is enabled, packages are built with the full versions of
@@ -95,6 +96,7 @@ menu "Global build settings"
 	config CLEAN_IPKG
 		bool
 		prompt "Remove ipkg/opkg status data files in final images"
+		default n
 		help
 		  This removes all ipkg/opkg status data files from the target directory
 		  before building the root filesystem.
@@ -102,12 +104,14 @@ menu "Global build settings"
 	config IPK_FILES_CHECKSUMS
 		bool
 		prompt "Record files checksums in package metadata"
+		default n
 		help
 		  This makes file checksums part of package metadata. It increases size
-		  but provides you with pkg_check command to check for flash corruptions.
+		  but provides you with pkg_check command to check for flash coruptions.

 	config INCLUDE_CONFIG
 		bool "Include build configuration in firmware" if DEVEL
+		default n
 		help
 		  If enabled, buildinfo files will be stored in /etc/build.* of firmware.

@@ -141,31 +145,22 @@ menu "Global build settings"
 	config DEBUG
 		bool
 		prompt "Compile packages with debugging info"
+		default n
 		help
 		  Adds -g3 to the CFLAGS.

-	config USE_GC_SECTIONS
-		bool
-		prompt "Dead code and data elimination for all packages (EXPERIMENTAL)"
-		help
-		  Places functions and data items into its own sections to use the linker's
-		  garbage collection capabilites.
-		  Packages can choose to opt-out via setting PKG_BUILD_FLAGS:=no-gc-sections
-
-	config USE_LTO
-		bool
-		prompt "Use the link-time optimizer for all packages (EXPERIMENTAL)"
-		help
-		  Adds LTO flags to the CFLAGS and LDFLAGS.
-		  Packages can choose to opt-out via setting PKG_BUILD_FLAGS:=no-lto
-
 	config IPV6
-		def_bool y
+		bool
+		prompt "Enable IPv6 support in packages"
+		default y
+		help
+		  Enables IPv6 support in kernel (builtin) and packages.

 	comment "Stripping options"

 	choice
 		prompt "Binary stripping method"
+		default USE_STRIP   if EXTERNAL_TOOLCHAIN
 		default USE_STRIP   if USE_GLIBC
 		default USE_SSTRIP
 		help
@@ -222,6 +217,20 @@ menu "Global build settings"
 		  make the system libraries incompatible with most of the packages that are
 		  not selected during the build process.

+	choice
+		prompt "Preferred standard C++ library"
+		default USE_LIBSTDCXX if USE_GLIBC
+		default USE_UCLIBCXX
+		help
+		  Select the preferred standard C++ library for all packages that support this.
+
+		config USE_UCLIBCXX
+			bool "uClibc++"
+
+		config USE_LIBSTDCXX
+			bool "libstdc++"
+	endchoice
+
 	comment "Hardening build options"

 	config PKG_CHECK_FORMAT_SECURITY
@@ -377,16 +386,4 @@ menu "Global build settings"

 	endchoice

-	config SECCOMP
-		bool "Enable SECCOMP"
-		select KERNEL_SECCOMP
-		select PACKAGE_procd-seccomp
-		depends on (aarch64 || arm || armeb || mips || mipsel || mips64 || mips64el || i386 || powerpc || x86_64)
-		depends on !TARGET_uml
-		default y
-		help
-		  This option enables seccomp kernel features to safely
-		  execute untrusted bytecode and selects the seccomp-variants
-		  of procd
-
 endmenu
--- a/config/Config-devel.in
+++ b/config/Config-devel.in
@@ -4,9 +4,11 @@

 menuconfig DEVEL
 	bool "Advanced configuration options (for developers)"
+	default n

 	config BROKEN
 		bool "Show broken platforms / packages / devices" if DEVEL
+		default n

 	config BINARY_FOLDER
 		string "Binary folder" if DEVEL
@@ -15,20 +17,6 @@ menuconfig DEVEL
 		  Store built firmware images and filesystem images in this directory.
 		  If not set, uses './bin/$(BOARD)'

-	config DOWNLOAD_TOOL_CUSTOM
-		string "Use custom download tool" if DEVEL
-		default ""
-		help
-		  Use and force custom download tool instead of relying on autoselection
-		  between curl if available and wget as a fallback.
-
-		  download.pl supports 3 tools officially aria2c, curl and wget.
-		  If one of the tool is used in this config, download.pl will use the
-		  default args to make use of them.
-
-		  If the provided string is different than aria2c, curl or wget, the command
-		  is used as is and the download url will be appended at the end of such command.
-
 	config DOWNLOAD_FOLDER
 		string "Download folder" if DEVEL
 		default ""
@@ -51,17 +39,12 @@ menuconfig DEVEL

 	config AUTOREMOVE
 		bool "Automatic removal of build directories" if DEVEL
+		default n
 		help
 		  Automatically delete build directories after make target completed.
 		  This allows you to symlink build_dir into a scratch location, e.g. a ramdisk,
 		  which does not have enough space to keep a complete build_dir.

-	config BUILD_ALL_HOST_TOOLS
-		bool "Compile all host tools" if DEVEL
-		help
-		  Compile all host host tools even if not needed. This is needed to prepare a
-		  universal precompiled host tools archive to use in another buildroot.
-
 	config BUILD_SUFFIX
 		string "Build suffix to append to the target BUILD_DIR variable" if DEVEL
 		default ""
@@ -80,6 +63,7 @@ menuconfig DEVEL

 	config CCACHE
 		bool "Use ccache" if DEVEL
+		default n
 		help
 		  Compiler cache; see https://ccache.samba.org/

@@ -90,11 +74,6 @@ menuconfig DEVEL
 		  Store ccache in this directory.
 		  If not set, uses './.ccache'

-	config KERNEL_CFLAGS
-		string "Kernel extra CFLAGS" if DEVEL
-		default "-falign-functions=32" if TARGET_bcm53xx
-		default ""
-
 	config EXTERNAL_KERNEL_TREE
 		string "Use external kernel tree" if DEVEL
 		default ""
--- a/config/Config-images.in
+++ b/config/Config-images.in
@@ -17,8 +17,6 @@ menu "Target Images"
 			default TARGET_INITRAMFS_COMPRESSION_LZMA if TARGET_lantiq
 			default TARGET_INITRAMFS_COMPRESSION_LZMA if TARGET_mpc85xx
 			default TARGET_INITRAMFS_COMPRESSION_LZMA if TARGET_ramips
-			default TARGET_INITRAMFS_COMPRESSION_ZSTD if TARGET_ipq807x
-			default TARGET_INITRAMFS_COMPRESSION_XZ if USES_SEPARATE_INITRAMFS
 			default TARGET_INITRAMFS_COMPRESSION_NONE
 			depends on TARGET_ROOTFS_INITRAMFS
 			help
@@ -44,9 +42,6 @@ menu "Target Images"

 			config TARGET_INITRAMFS_COMPRESSION_XZ
 				bool "xz"
-
-			config TARGET_INITRAMFS_COMPRESSION_ZSTD
-				bool "zstd"
 		endchoice

 		config EXTERNAL_CPIO
@@ -57,19 +52,11 @@ menu "Target Images"
 			  Kernel uses specified external cpio as INITRAMFS_SOURCE.

 		config TARGET_INITRAMFS_FORCE
-			bool "Force"
-			depends on TARGET_ROOTFS_INITRAMFS
-			help
-			  Ignore the initramfs passed by the bootloader.
-
-		config TARGET_ROOTFS_INITRAMFS_SEPARATE
-			bool "separate ramdisk"
-			depends on USES_SEPARATE_INITRAMFS && TARGET_ROOTFS_INITRAMFS && !TARGET_INITRAMFS_FORCE
-			default y if USES_SEPARATE_INITRAMFS
-			help
-			  Generate separate initrd.cpio instead of embedding it.
-			  This is useful for generating images with a dedicated
-			  ramdisk e.g. in U-Boot's uImage and uImage.FIT formats.
+                        bool "Force"
+                        depends on TARGET_ROOTFS_INITRAMFS
+                        default n
+                        help
+                          Ignore the initramfs passed by the bootloader.

 	comment "Root filesystem archives"

@@ -127,6 +114,7 @@ menu "Target Images"
 		config TARGET_EXT4_JOURNAL
 			bool "Create a journaling filesystem"
 			depends on TARGET_ROOTFS_EXT4FS
+			default n
 			help
 			  Create an ext4 filesystem with a journal.

@@ -147,7 +135,7 @@ menu "Target Images"
 		bool "squashfs"
 		default y if USES_SQUASHFS
 		help
-		  Build a squashfs root filesystem.
+		  Build a squashfs-lzma root filesystem.

 		config TARGET_SQUASHFS_BLOCK_SIZE
 			int "Block size (in KiB)"
@@ -155,9 +143,6 @@ menu "Target Images"
 			default 64 if LOW_MEMORY_FOOTPRINT
 			default 1024 if (SMALL_FLASH && !LOW_MEMORY_FOOTPRINT)
 			default 256
-			help
-			  Select squashfs block size, must be one of:
-			    4, 8, 16, 32, 64, 128, 256, 512, 1024

 	menuconfig TARGET_ROOTFS_UBIFS
 		bool "ubifs"
@@ -199,17 +184,14 @@ menu "Target Images"
 		depends on TARGET_x86
 		depends on TARGET_ROOTFS_EXT4FS || TARGET_ROOTFS_JFFS2 || TARGET_ROOTFS_SQUASHFS
 		select PACKAGE_grub2
-		select PACKAGE_grub2-bios-setup
 		default y

 	config GRUB_EFI_IMAGES
 		bool "Build GRUB EFI images (Linux x86 or x86_64 host only)"
-		depends on TARGET_x86 || TARGET_armsr
+		depends on TARGET_x86
 		depends on TARGET_ROOTFS_EXT4FS || TARGET_ROOTFS_JFFS2 || TARGET_ROOTFS_SQUASHFS
-		select PACKAGE_grub2 if TARGET_x86
-		select PACKAGE_grub2-efi if TARGET_x86
-		select PACKAGE_grub2-bios-setup if TARGET_x86
-		select PACKAGE_grub2-efi-arm if TARGET_armsr
+		select PACKAGE_grub2
+		select PACKAGE_grub2-efi
 		select PACKAGE_kmod-fs-vfat
 		default y

@@ -232,6 +214,7 @@ menu "Target Images"
 	config GRUB_FLOWCONTROL
 		bool "Use RTE/CTS on serial console"
 		depends on GRUB_SERIAL != ""
+		default n

 	config GRUB_BOOTOPTS
 		string "Extra kernel boot options"
@@ -267,37 +250,29 @@ menu "Target Images"

 	config VMDK_IMAGES
 		bool "Build VMware image files (VMDK)"
-		depends on TARGET_x86 || TARGET_armsr
-		depends on GRUB_IMAGES || GRUB_EFI_IMAGES
-		select PACKAGE_kmod-e1000
-
-	config VHDX_IMAGES
-		bool "Build Hyper-V image files (VHDX)"
 		depends on TARGET_x86
 		depends on GRUB_IMAGES || GRUB_EFI_IMAGES
 		select PACKAGE_kmod-e1000

 	config TARGET_IMAGES_GZIP
 		bool "GZip images"
-		depends on TARGET_ROOTFS_EXT4FS || TARGET_x86 || TARGET_armsr || TARGET_malta
+		depends on TARGET_ROOTFS_EXT4FS || TARGET_x86 || TARGET_armvirt || TARGET_malta
 		default y

 	comment "Image Options"

 	source "target/linux/*/image/Config.in"
-	source "target/linux/*/*/image/Config.in"

 	config TARGET_KERNEL_PARTSIZE
-		int "Kernel partition size (in MiB)"
+		int "Kernel partition size (in MB)"
 		depends on USES_BOOT_PART
 		default 8 if TARGET_apm821xx_sata
 		default 64 if TARGET_bcm27xx
-		default 128 if TARGET_armsr
 		default 16

 	config TARGET_ROOTFS_PARTSIZE
-		int "Root filesystem partition size (in MiB)"
-		depends on USES_ROOTFS_PART || TARGET_ROOTFS_EXT4FS
+		int "Root filesystem partition size (in MB)"
+		depends on USES_ROOTFS_PART || TARGET_ROOTFS_EXT4FS || TARGET_omap || TARGET_sunxi || TARGET_uml
 		default 104
 		help
 		  Select the root filesystem partition size.
@@ -310,11 +285,4 @@ menu "Target Images"
 		  it will be mounted by PARTUUID which makes the kernel find the
 		  appropriate disk automatically.

-	config TARGET_ROOTFS_PERSIST_VAR
-		bool "Make /var persistent"
-		help
-		  Do not symlink /var to /tmp, so that its content will persist
-		  across reboots. When enabled, /var/run will still be linked
-		  to /tmp/run.
-
 endmenu
--- a/config/Config-kernel.in
+++ b/config/Config-kernel.in
@@ -24,6 +24,11 @@ config KERNEL_PRINTK
 	bool "Enable support for printk"
 	default y

+config KERNEL_CRASHLOG
+	bool "Crash logging"
+	depends on !(arm || powerpc || sparc || TARGET_uml || i386 || x86_64)
+	default y
+
 config KERNEL_SWAP
 	bool "Support for paging of anonymous memory (swap)"
 	default y if !SMALL_FLASH
@@ -47,11 +52,12 @@ config KERNEL_MIPS_FP_SUPPORT

 config KERNEL_ARM_PMU
 	bool
-	default y if TARGET_armsr_armv8
+	default n
 	depends on (arm || aarch64)

 config KERNEL_X86_VSYSCALL_EMULATION
 	bool "Enable vsyscall emulation"
+	default n
 	depends on x86_64
 	help
 	  This enables emulation of the legacy vsyscall page.  Disabling
@@ -69,20 +75,17 @@ config KERNEL_X86_VSYSCALL_EMULATION

 config KERNEL_PERF_EVENTS
 	bool "Compile the kernel with performance events and counters"
+	default n
 	select KERNEL_ARM_PMU if (arm || aarch64)

 config KERNEL_PROFILING
 	bool "Compile the kernel with profiling enabled"
+	default n
 	select KERNEL_PERF_EVENTS
 	help
 	  Enable the extended profiling support mechanisms used by profilers such
 	  as OProfile.

-config KERNEL_RPI_AXIPERF
-	bool "Compile the kernel with RaspberryPi AXI Performance monitors"
-	default y
-	depends on KERNEL_PERF_EVENTS && TARGET_bcm27xx
-
 config KERNEL_UBSAN
 	bool "Compile the kernel with undefined behaviour sanity checker"
 	help
@@ -111,16 +114,6 @@ config KERNEL_UBSAN_ALIGNMENT
 	  Enabling this option on architectures that support unaligned
 	  accesses may produce a lot of false positives.

-config KERNEL_UBSAN_BOUNDS
-	bool "Perform array index bounds checking"
-	depends on KERNEL_UBSAN
-	help
-	  This option enables detection of directly indexed out of bounds array
-	  accesses, where the array size is known at compile time. Note that
-	  this does not protect array overflows via bad calls to the
-	  {str,mem}*cpy() family of functions (that is addressed by
-	  FORTIFY_SOURCE).
-
 config KERNEL_UBSAN_NULL
 	bool "Enable checking of null pointers"
 	depends on KERNEL_UBSAN
@@ -128,19 +121,6 @@ config KERNEL_UBSAN_NULL
 	  This option enables detection of memory accesses via a
 	  null pointer.

-config KERNEL_UBSAN_TRAP
-	bool "On Sanitizer warnings, abort the running kernel code"
-	depends on KERNEL_UBSAN
-	help
-	  Building kernels with Sanitizer features enabled tends to grow the
-	  kernel size by around 5%, due to adding all the debugging text on
-	  failure paths. To avoid this, Sanitizer instrumentation can just
-	  issue a trap. This reduces the kernel size overhead but turns all
-	  warnings (including potentially harmless conditions) into full
-	  exceptions that abort the running kernel code (regardless of context,
-	  locks held, etc), which may destabilize the system. For some system
-	  builders this is an acceptable trade-off.
-
 config KERNEL_KASAN
 	bool "Compile the kernel with KASan: runtime memory debugger"
 	select KERNEL_SLUB_DEBUG
@@ -167,30 +147,6 @@ config KERNEL_KASAN_EXTRA
 	  compile time.
 	  https://gcc.gnu.org/bugzilla/show_bug.cgi?id=81715 has more

-config KERNEL_KASAN_VMALLOC
-	bool "Back mappings in vmalloc space with real shadow memory"
-	depends on KERNEL_KASAN
-	help
-	  By default, the shadow region for vmalloc space is the read-only
-	  zero page. This means that KASAN cannot detect errors involving
-	  vmalloc space.
-
-	  Enabling this option will hook in to vmap/vmalloc and back those
-	  mappings with real shadow memory allocated on demand. This allows
-	  for KASAN to detect more sorts of errors (and to support vmapped
-	  stacks), but at the cost of higher memory usage.
-
-	  This option depends on HAVE_ARCH_KASAN_VMALLOC, but we can't
-	  depend on that in here, so it is possible that enabling this
-	  will have no effect.
-
-if KERNEL_KASAN
-	config KERNEL_KASAN_GENERIC
-	def_bool y
-
-	config KERNEL_KASAN_SW_TAGS
-	def_bool n
-endif

 choice
 	prompt "Instrumentation type"
@@ -252,6 +208,7 @@ config KERNEL_KCOV_INSTRUMENT_ALL

 config KERNEL_TASKSTATS
 	bool "Compile the kernel with task resource/io statistics and accounting"
+	default n
 	help
 	  Enable the collection and publishing of task/io statistics and
 	  accounting.  Enable this option to enable i/o monitoring in system
@@ -279,30 +236,37 @@ config KERNEL_KALLSYMS
 config KERNEL_FTRACE
 	bool "Compile the kernel with tracing support"
 	depends on !TARGET_uml
+	default n

 config KERNEL_FTRACE_SYSCALLS
 	bool "Trace system calls"
 	depends on KERNEL_FTRACE
+	default n

 config KERNEL_ENABLE_DEFAULT_TRACERS
 	bool "Trace process context switches and events"
 	depends on KERNEL_FTRACE
+	default n

 config KERNEL_FUNCTION_TRACER
 	bool "Function tracer"
 	depends on KERNEL_FTRACE
+	default n

 config KERNEL_FUNCTION_GRAPH_TRACER
 	bool "Function graph tracer"
 	depends on KERNEL_FUNCTION_TRACER
+	default n

 config KERNEL_DYNAMIC_FTRACE
 	bool "Enable/disable function tracing dynamically"
 	depends on KERNEL_FUNCTION_TRACER
+	default n

 config KERNEL_FUNCTION_PROFILER
 	bool "Function profiler"
 	depends on KERNEL_FUNCTION_TRACER
+	default n

 config KERNEL_IRQSOFF_TRACER
 	bool "Interrupts-off Latency Tracer"
@@ -338,21 +302,9 @@ config KERNEL_PREEMPT_TRACER
 	  enabled. This option and the irqs-off timing option can be
 	  used together or separately.)

-config KERNEL_HIST_TRIGGERS
-	bool "Histogram triggers"
-	depends on KERNEL_FTRACE
-	help
-	  Hist triggers allow one or more arbitrary trace event fields to be
-	  aggregated into hash tables and dumped to stdout by reading a
-	  debugfs/tracefs file. They're useful for gathering quick and dirty
-	  (though precise) summaries of event activity as an initial guide for
-	  further investigation using more advanced tools.
-
-	  Inter-event tracing of quantities such as latencies is also
-	  supported using hist triggers under this option.
-
 config KERNEL_DEBUG_KERNEL
 	bool
+	default n

 config KERNEL_DEBUG_INFO
 	bool "Compile the kernel with debug information"
@@ -361,48 +313,6 @@ config KERNEL_DEBUG_INFO
 	help
 	  This will compile your kernel and modules with debug information.

-config KERNEL_DEBUG_INFO_BTF
-
-	bool "Enable additional BTF type information"
-	depends on !HOST_OS_MACOS
-	depends on KERNEL_DEBUG_INFO && !KERNEL_DEBUG_INFO_REDUCED
-	select DWARVES
-	help
-	  Generate BPF Type Format (BTF) information from DWARF debug info.
-	  Turning this on expects presence of pahole tool, which will convert
-	  DWARF type info into equivalent deduplicated BTF type info.
-
-	  Required to run BPF CO-RE applications.
-
-config KERNEL_DEBUG_INFO_REDUCED
-	bool "Reduce debugging information"
-	default y
-	depends on KERNEL_DEBUG_INFO
-	help
-	  If you say Y here gcc is instructed to generate less debugging
-	  information for structure types. This means that tools that
-	  need full debugging information (like kgdb or systemtap) won't
-	  be happy. But if you merely need debugging information to
-	  resolve line numbers there is no loss. Advantage is that
-	  build directory object sizes shrink dramatically over a full
-	  DEBUG_INFO build and compile times are reduced too.
-	  Only works with newer gcc versions.
-
-config KERNEL_FRAME_WARN
-	int
-	range 0 8192
-	default 1280 if KERNEL_KASAN && !ARCH_64BIT
-	default 1024 if !ARCH_64BIT
-	default 2048 if ARCH_64BIT
-	help
-	  Tell the compiler to warn at build time for stack frames larger than this.
-	  Setting this too low will cause a lot of warnings.
-	  Setting it to 0 disables the warning.
-
-# KERNEL_DEBUG_LL symbols must have the default value set as otherwise
-# KConfig wont evaluate them unless KERNEL_EARLY_PRINTK is selected
-# which means that buildroot wont override the DEBUG_LL symbols in target
-# kernel configurations and lead to devices that dont have working console
 config KERNEL_DEBUG_LL_UART_NONE
 	bool
 	default n
@@ -416,16 +326,10 @@ config KERNEL_DEBUG_LL
 	help
 	  ARM low level debugging.

-config KERNEL_DEBUG_VIRTUAL
-	bool "Compile the kernel with VM translations debugging"
-	select KERNEL_DEBUG_KERNEL
-	help
-	  Enable checks sanity checks to catch invalid uses of
-	  virt_to_phys()/phys_to_virt() against the non-linear address space.
-
 config KERNEL_DYNAMIC_DEBUG
 	bool "Compile the kernel with dynamic printk"
 	select KERNEL_DEBUG_FS
+	default n
 	help
 	  Compiles debug level messages into the kernel, which would not
 	  otherwise be available at runtime. These messages can then be
@@ -437,6 +341,7 @@ config KERNEL_DYNAMIC_DEBUG
 config KERNEL_EARLY_PRINTK
 	bool "Compile the kernel with early printk"
 	default y if TARGET_bcm53xx
+	default n
 	depends on arm
 	select KERNEL_DEBUG_KERNEL
 	select KERNEL_DEBUG_LL if arm
@@ -447,6 +352,7 @@ config KERNEL_EARLY_PRINTK

 config KERNEL_KPROBES
 	bool "Compile the kernel with kprobes support"
+	default n
 	select KERNEL_FTRACE
 	select KERNEL_PERF_EVENTS
 	help
@@ -461,28 +367,13 @@ config KERNEL_KPROBE_EVENTS
 	bool
 	default y if KERNEL_KPROBES

-config KERNEL_BPF_EVENTS
-	bool "Compile the kernel with BPF event support"
-	select KERNEL_KPROBES
-	help
-	  Allows to attach BPF programs to kprobe, uprobe and tracepoint events.
-	  This is required to use BPF maps of type BPF_MAP_TYPE_PERF_EVENT_ARRAY
-	  for sending data from BPF programs to user-space for post-processing
-	  or logging.
-
-config KERNEL_BPF_KPROBE_OVERRIDE
-	bool
-	depends on KERNEL_KPROBES
-	default n
-
 config KERNEL_AIO
 	bool "Compile the kernel with asynchronous IO support"
 	default y if !SMALL_FLASH

 config KERNEL_IO_URING
 	bool "Compile the kernel with io_uring support"
-	depends on !SMALL_FLASH
-	default y if (x86_64 || aarch64)
+	default y if !SMALL_FLASH

 config KERNEL_FHANDLE
 	bool "Compile the kernel with support for fhandle syscalls"
@@ -494,6 +385,7 @@ config KERNEL_FANOTIFY

 config KERNEL_BLK_DEV_BSG
 	bool "Compile the kernel with SCSI generic v4 support for any block device"
+	default n

 config KERNEL_TRANSPARENT_HUGEPAGE
 	bool
@@ -517,6 +409,7 @@ config KERNEL_HUGETLB_PAGE
 	bool "Compile the kernel with HugeTLB support"
 	select KERNEL_TRANSPARENT_HUGEPAGE
 	select KERNEL_HUGETLBFS
+	default n

 config KERNEL_MAGIC_SYSRQ
 	bool "Compile the kernel with SysRq support"
@@ -541,35 +434,36 @@ config KERNEL_ELF_CORE
 config KERNEL_PROVE_LOCKING
 	bool "Enable kernel lock checking"
 	select KERNEL_DEBUG_KERNEL
+	default n

-config KERNEL_SOFTLOCKUP_DETECTOR
-	bool "Compile the kernel with detect Soft Lockups"
+config KERNEL_LOCKUP_DETECTOR
+	bool "Compile the kernel with detect Hard and Soft Lockups"
 	depends on KERNEL_DEBUG_KERNEL
 	help
 	  Say Y here to enable the kernel to act as a watchdog to detect
-	  soft lockups.
+	  hard and soft lockups.

 	  Softlockups are bugs that cause the kernel to loop in kernel
 	  mode for more than 20 seconds, without giving other tasks a
 	  chance to run.  The current stack trace is displayed upon
 	  detection and the system will stay locked up.

-config KERNEL_HARDLOCKUP_DETECTOR
-	bool "Compile the kernel with detect Hard Lockups"
-	depends on KERNEL_DEBUG_KERNEL
-	help
-	  Say Y here to enable the kernel to act as a watchdog to detect
-	  hard lockups.
-
 	  Hardlockups are bugs that cause the CPU to loop in kernel mode
 	  for more than 10 seconds, without letting other interrupts have a
 	  chance to run.  The current stack trace is displayed upon detection
 	  and the system will stay locked up.

+	  The overhead should be minimal.  A periodic hrtimer runs to
+	  generate interrupts and kick the watchdog task every 4 seconds.
+	  An NMI is generated every 10 seconds or so to check for hardlockups.
+
+	  The frequency of hrtimer and NMI events and the soft and hard lockup
+	  thresholds can be controlled through the sysctl watchdog_thresh.
+
 config KERNEL_DETECT_HUNG_TASK
 	bool "Compile the kernel with detect Hung Tasks"
 	depends on KERNEL_DEBUG_KERNEL
-	default KERNEL_SOFTLOCKUP_DETECTOR
+	default KERNEL_LOCKUP_DETECTOR
 	help
 	  Say Y here to enable the kernel to detect "hung tasks",
 	  which are bugs that cause the task to be stuck in
@@ -654,9 +548,11 @@ config USE_RFKILL

 config USE_SPARSE
 	bool "Enable sparse check during kernel build"
+	default n

 config KERNEL_DEVTMPFS
 	bool "Compile the kernel with device tmpfs enabled"
+	default n
 	help
 	  devtmpfs is a simple, kernel-managed /dev filesystem. The kernel creates
 	  devices nodes for all registered devices to simplify boot, but leaves more
@@ -666,6 +562,7 @@ if KERNEL_DEVTMPFS

 	config KERNEL_DEVTMPFS_MOUNT
 		bool "Automatically mount devtmpfs after root filesystem is mounted"
+		default n

 endif

@@ -676,14 +573,17 @@ config KERNEL_KEYS
 config KERNEL_PERSISTENT_KEYRINGS
 	bool "Enable kernel persistent keyrings"
 	depends on KERNEL_KEYS
+	default n

 config KERNEL_KEYS_REQUEST_CACHE
 	bool "Enable temporary caching of the last request_key() result"
 	depends on KERNEL_KEYS
+	default n

 config KERNEL_BIG_KEYS
 	bool "Enable large payload keys on kernel keyrings"
 	depends on KERNEL_KEYS
+	default n

 #
 # CGROUP support symbols
@@ -697,6 +597,7 @@ if KERNEL_CGROUPS

 	config KERNEL_CGROUP_DEBUG
 		bool "Example debug cgroup subsystem"
+		default n
 		help
 		  This option enables a simple cgroup subsystem that
 		  exports useful debugging information about the cgroups
@@ -707,6 +608,7 @@ if KERNEL_CGROUPS

 	config KERNEL_CGROUP_FREEZER
 		bool "legacy Freezer cgroup subsystem"
+		default n
 		select KERNEL_FREEZER
 		help
 		  Provides a way to freeze and unfreeze all tasks in a
@@ -716,6 +618,7 @@ if KERNEL_CGROUPS

 	config KERNEL_CGROUP_DEVICE
 		bool "legacy Device controller for cgroups"
+		default n
 		help
 		  Provides a cgroup implementing whitelists for devices which
 		  a process in the cgroup can mknod or open.
@@ -723,6 +626,7 @@ if KERNEL_CGROUPS

 	config KERNEL_CGROUP_HUGETLB
 		bool "HugeTLB controller"
+		default n
 		select KERNEL_HUGETLB_PAGE

 	config KERNEL_CGROUP_PIDS
@@ -751,6 +655,7 @@ if KERNEL_CGROUPS

 	config KERNEL_PROC_PID_CPUSET
 		bool "Include legacy /proc/<pid>/cpuset file"
+		default n
 		depends on KERNEL_CPUSETS

 	config KERNEL_CGROUP_CPUACCT
@@ -775,7 +680,7 @@ if KERNEL_CGROUPS
 		bool "Memory Resource Controller for Control Groups"
 		default y
 		select KERNEL_FREEZER
-		depends on KERNEL_RESOURCE_COUNTERS
+		depends on KERNEL_RESOURCE_COUNTERS || !LINUX_3_18
 		help
 		  Provides a memory resource controller that manages both anonymous
 		  memory and page cache. (See Documentation/cgroups/memory.txt)
@@ -816,6 +721,7 @@ if KERNEL_CGROUPS

 	config KERNEL_MEMCG_SWAP_ENABLED
 		bool "Memory Resource Controller Swap Extension enabled by default"
+		default n
 		depends on KERNEL_MEMCG_SWAP
 		help
 		  Memory Resource Controller Swap Extension comes with its price in
@@ -844,6 +750,7 @@ if KERNEL_CGROUPS
 	config KERNEL_CGROUP_PERF
 		bool "Enable perf_event per-cpu per-container group (cgroup) monitoring"
 		select KERNEL_PERF_EVENTS
+		default n
 		help
 		  This option extends the per-cpu mode to restrict monitoring to
 		  threads which belong to the cgroup specified and run on the
@@ -920,6 +827,7 @@ if KERNEL_CGROUPS

 	config KERNEL_DEBUG_BLK_CGROUP
 		bool "Enable Block IO controller debugging"
+		default n
 		depends on KERNEL_BLK_CGROUP
 		help
 		  Enable some debugging help. Currently it exports additional stat
@@ -927,12 +835,15 @@ if KERNEL_CGROUPS

 	config KERNEL_NET_CLS_CGROUP
 		bool "legacy Control Group Classifier"
+		default n

 	config KERNEL_CGROUP_NET_CLASSID
 		bool "legacy Network classid cgroup"
+		default n

 	config KERNEL_CGROUP_NET_PRIO
 		bool "legacy Network priority cgroup"
+		default n

 endif

@@ -1032,19 +943,6 @@ config KERNEL_IP_MROUTE
 	  Multicast routing requires a multicast routing daemon in
 	  addition to kernel support.

-if KERNEL_IP_MROUTE
-
-	config KERNEL_IP_MROUTE_MULTIPLE_TABLES
-		def_bool y
-
-	config KERNEL_IP_PIMSM_V1
-		def_bool y
-
-	config KERNEL_IP_PIMSM_V2
-		def_bool y
-
-endif
-
 #
 # IPv6 configuration
 #
@@ -1067,15 +965,8 @@ if KERNEL_IPV6
 		  Multicast routing requires a multicast routing daemon in
 		  addition to kernel support.

-	if KERNEL_IPV6_MROUTE
-
-		config KERNEL_IPV6_MROUTE_MULTIPLE_TABLES
-			def_bool y
-
-		config KERNEL_IPV6_PIMSM_V2
-			def_bool y
-
-	endif
+	config KERNEL_IPV6_PIMSM_V2
+		def_bool n

 	config KERNEL_IPV6_SEG6_LWTUNNEL
 		bool "Enable support for lightweight tunnels"
@@ -1088,44 +979,6 @@ if KERNEL_IPV6

 endif

-#
-# Miscellaneous network configuration
-#
-
-config KERNEL_NET_L3_MASTER_DEV
-	bool "L3 Master device support"
-	help
-	  This module provides glue between core networking code and device
-	  drivers to support L3 master devices like VRF.
-
-config KERNEL_XDP_SOCKETS
-	bool "XDP sockets support"
-	help
-	  XDP sockets allows a channel between XDP programs and
-	  userspace applications.
-
-config KERNEL_WIRELESS_EXT
-	def_bool n
-
-config KERNEL_WEXT_CORE
-	def_bool KERNEL_WIRELESS_EXT
-
-config KERNEL_WEXT_PRIV
-	def_bool KERNEL_WIRELESS_EXT
-
-config KERNEL_WEXT_PROC
-	def_bool KERNEL_WIRELESS_EXT
-
-config KERNEL_WEXT_SPY
-	def_bool KERNEL_WIRELESS_EXT
-
-config KERNEL_PAGE_POOL
-	def_bool n
-
-config KERNEL_PAGE_POOL_STATS
-	bool "Page pool stats support"
-	depends on KERNEL_PAGE_POOL
-
 #
 # NFS related symbols
 #
@@ -1163,6 +1016,7 @@ endif
 menu "Filesystem ACL and attr support options"
 	config USE_FS_ACL_ATTR
 		bool "Use filesystem ACL and attr support by default"
+		default n
 		help
 		  Make using ACLs (e.g. POSIX ACL, NFSv4 ACL) the default
 		  for kernel and packages, except tmpfs, flash filesystems,
@@ -1187,14 +1041,17 @@ menu "Filesystem ACL and attr support options"
 	config KERNEL_F2FS_FS_POSIX_ACL
 		bool "Enable POSIX ACL for F2FS Filesystems"
 		select KERNEL_FS_POSIX_ACL
+		default n

 	config KERNEL_JFFS2_FS_POSIX_ACL
 		bool "Enable POSIX ACL for JFFS2 Filesystems"
 		select KERNEL_FS_POSIX_ACL
+		default n

 	config KERNEL_TMPFS_POSIX_ACL
 		bool "Enable POSIX ACL for TMPFS Filesystems"
 		select KERNEL_FS_POSIX_ACL
+		default n

 	config KERNEL_CIFS_ACL
 		bool "Enable CIFS ACLs"
@@ -1217,12 +1074,15 @@ menu "Filesystem ACL and attr support options"

 	config KERNEL_NFS_V3_ACL_SUPPORT
 		bool "Enable ACLs for NFSv3"
+		default n

 	config KERNEL_NFSD_V2_ACL_SUPPORT
 		bool "Enable ACLs for NFSDv2"
+		default n

 	config KERNEL_NFSD_V3_ACL_SUPPORT
 		bool "Enable ACLs for NFSDv3"
+		default n

 	config KERNEL_REISER_FS_POSIX_ACL
 		bool "Enable POSIX ACLs for ReiserFS"
@@ -1264,7 +1124,7 @@ config KERNEL_SQUASHFS_XATTR
 	bool "Squashfs XATTR support"

 #
-# compile optimization setting
+# compile optimiziation setting
 #
 choice
 	prompt "Compiler optimization level"
--- a/config/check-uname.sh
+++ b/config/check-uname.sh
@@ -1 +0,0 @@
-[ "$(uname)" = "$1" ] && echo y || echo n
--- a/feeds.conf.default
+++ b/feeds.conf.default
@@ -1,4 +1,4 @@
-src-git packages https://git.openwrt.org/feed/packages.git^0da9f622975aa1e4efe452da4acbae15479bee63
-src-git luci https://git.openwrt.org/project/luci.git^257f54cb8bcd493d9be0a45a3c316668b793e8ae
-src-git routing https://git.openwrt.org/feed/routing.git^2272106e0839ee06957e88e3596489e1b510d3c2
-src-git telephony https://git.openwrt.org/feed/telephony.git^9746ae8f964e18f04b64fbe1956366954ff223f8
+src-git packages https://git.openwrt.org/feed/packages.git^920c4f29c55d26d8d602c1357ffd6b23a0df5914
+src-git luci https://git.openwrt.org/project/luci.git^09329fe7bb6571032570b21541c1991a3443cc07
+src-git routing https://git.openwrt.org/feed/routing.git^57533a25e84932a7e50b8483843c840f0924bc0c
+src-git telephony https://git.openwrt.org/feed/telephony.git^04e1378baf2b720395d284f661240e6f7f9cab35
--- a/include/autotools.mk
+++ b/include/autotools.mk
@@ -2,9 +2,6 @@
 #
 # Copyright (C) 2007-2020 OpenWrt.org

-ifneq ($(__autotools_inc),1)
-__autotools_inc=1
-
 autoconf_bool = $(patsubst %,$(if $($(1)),--enable,--disable)-%,$(2))

 # delete *.la-files from staging_dir - we can not yet remove respective lines within all package
@@ -23,10 +20,7 @@ AM_TOOL_PATHS:= \
 	LIBTOOLIZE=$(STAGING_DIR_HOST)/bin/libtoolize \
 	LIBTOOL=$(STAGING_DIR_HOST)/bin/libtool \
 	M4=$(STAGING_DIR_HOST)/bin/m4 \
-	AUTOPOINT=true \
-	GTKDOCIZE=true
-
-AM_TOOL_PATHS_FAKE:=$(subst = ,=,$(patsubst "%,"$(TRUE)",$(subst =,= ",$(AM_TOOL_PATHS))))
+	AUTOPOINT=true

 # 1: build dir
 # 2: remove files
@@ -38,7 +32,7 @@ define autoreconf
 		$(patsubst %,rm -f %;,$(2)) \
 		$(foreach p,$(3), \
 			if [ -f $(p)/configure.ac ] || [ -f $(p)/configure.in ]; then \
-				[ -d $(p)/autom4te.cache ] && rm -rf $(p)/autom4te.cache; \
+				[ -d $(p)/autom4te.cache ] && rm -rf autom4te.cache; \
 				[ -e $(p)/config.rpath ] || \
 						ln -s $(SCRIPT_DIR)/config.rpath $(p)/config.rpath; \
 				touch NEWS AUTHORS COPYING ABOUT-NLS ChangeLog; \
@@ -96,7 +90,7 @@ endef

 define gettext_version_target
 	(cd $(PKG_BUILD_DIR) && \
-		GETTEXT_VERSION=$(shell $(STAGING_DIR_HOSTPKG)/bin/gettext -V | $(STAGING_DIR_HOST)/bin/sed -rne '1s/.*\b([0-9]\.[0-9]+(\.[0-9]+)?)\b.*/\1/p' ) && \
+		GETTEXT_VERSION=$(shell $(STAGING_DIR_HOSTPKG)/bin/gettext -V | $(STAGING_DIR_HOST)/bin/sed -ne '1s/.*\([0-9]\.[0-9]\{2\}\.[0-9]\).*/\1/p' ) && \
 		$(STAGING_DIR_HOST)/bin/sed \
 			-i $(PKG_BUILD_DIR)/configure.ac \
 			-e "s/AM_GNU_GETTEXT_VERSION(.*)/AM_GNU_GETTEXT_VERSION(\[$$$$GETTEXT_VERSION\])/g" && \
@@ -116,7 +110,7 @@ ifneq ($(filter patch-libtool,$(PKG_FIXUP)),)
 endif

 ifneq ($(filter libtool,$(PKG_FIXUP)),)
-  PKG_BUILD_DEPENDS += libtool
+  PKG_BUILD_DEPENDS += libtool gettext libiconv
 ifeq ($(filter no-autoreconf,$(PKG_FIXUP)),)
  Hooks/Configure/Pre += autoreconf_target
 endif
@@ -126,6 +120,13 @@ ifneq ($(filter libtool-abiver,$(PKG_FIXUP)),)
  Hooks/Configure/Post += set_libtool_abiver
 endif

+ifneq ($(filter libtool-ucxx,$(PKG_FIXUP)),)
+  PKG_BUILD_DEPENDS += libtool gettext libiconv
+ ifeq ($(filter no-autoreconf,$(PKG_FIXUP)),)
+  Hooks/Configure/Pre += autoreconf_target
+ endif
+endif
+
 ifneq ($(filter autoreconf,$(PKG_FIXUP)),)
  ifeq ($(filter autoreconf,$(Hooks/Configure/Pre)),)
    Hooks/Configure/Pre += autoreconf_target
@@ -151,20 +152,28 @@ define patch_libtool_host
    $(HOST_BUILD_DIR)))
 endef

-ifneq ($(filter patch-libtool,$(HOST_FIXUP)),)
+ifneq ($(filter patch-libtool,$(PKG_FIXUP)),)
  Hooks/HostConfigure/Pre += patch_libtool_host
 endif

+ifneq ($(filter patch-libtool,$(HOST_FIXUP)),)
+  Hooks/HostConfigure/Pre += $(strip $(call patch_libtool,$(HOST_BUILD_DIR)))
+endif
+
 ifneq ($(filter libtool,$(HOST_FIXUP)),)
 ifeq ($(filter no-autoreconf,$(HOST_FIXUP)),)
  Hooks/HostConfigure/Pre += autoreconf_host
 endif
 endif

+ifneq ($(filter libtool-ucxx,$(HOST_FIXUP)),)
+ ifeq ($(filter no-autoreconf,$(HOST_FIXUP)),)
+  Hooks/HostConfigure/Pre += autoreconf_host
+ endif
+endif
+
 ifneq ($(filter autoreconf,$(HOST_FIXUP)),)
  ifeq ($(filter autoreconf,$(Hooks/HostConfigure/Pre)),)
    Hooks/HostConfigure/Pre += autoreconf_host
  endif
 endif
-
-endif #__autotools_inc
--- a/include/bpf.mk
+++ b/include/bpf.mk
@@ -1,85 +0,0 @@
-BPF_DEPENDS := @HAS_BPF_TOOLCHAIN
-LLVM_VER:=
-
-CLANG_MIN_VER:=12
-
-ifneq ($(CONFIG_USE_LLVM_HOST),)
-  BPF_TOOLCHAIN_HOST_PATH:=$(call qstrip,$(CONFIG_BPF_TOOLCHAIN_HOST_PATH))
-  ifneq ($(BPF_TOOLCHAIN_HOST_PATH),)
-    BPF_PATH:=$(BPF_TOOLCHAIN_HOST_PATH)/bin:$(PATH)
-  else
-    BPF_PATH:=$(PATH)
-  endif
-  CLANG:=$(firstword $(shell PATH='$(BPF_PATH)' command -v clang clang-13 clang-12 clang-11))
-  LLVM_VER:=$(subst clang,,$(notdir $(CLANG)))
-endif
-ifneq ($(CONFIG_USE_LLVM_PREBUILT),)
-  CLANG:=$(TOPDIR)/llvm-bpf/bin/clang
-endif
-ifneq ($(CONFIG_USE_LLVM_BUILD),)
-  CLANG:=$(STAGING_DIR_HOST)/llvm-bpf/bin/clang
-endif
-
-LLVM_PATH:=$(dir $(CLANG))
-LLVM_LLC:=$(LLVM_PATH)/llc$(LLVM_VER)
-LLVM_DIS:=$(LLVM_PATH)/llvm-dis$(LLVM_VER)
-LLVM_OPT:=$(LLVM_PATH)/opt$(LLVM_VER)
-LLVM_STRIP:=$(LLVM_PATH)/llvm-strip$(LLVM_VER)
-
-BPF_KARCH:=mips
-BPF_ARCH:=mips$(if $(CONFIG_ARCH_64BIT),64)$(if $(CONFIG_BIG_ENDIAN),,el)
-BPF_TARGET:=bpf$(if $(CONFIG_BIG_ENDIAN),eb,el)
-
-BPF_HEADERS_DIR:=$(STAGING_DIR)/bpf-headers
-
-BPF_KERNEL_INCLUDE := \
-	-nostdinc -isystem $(TOOLCHAIN_DIR)/include \
-	-I$(BPF_HEADERS_DIR)/arch/$(BPF_KARCH)/include \
-	-I$(BPF_HEADERS_DIR)/arch/$(BPF_KARCH)/include/asm/mach-generic \
-	-I$(BPF_HEADERS_DIR)/arch/$(BPF_KARCH)/include/generated \
-	-I$(BPF_HEADERS_DIR)/include \
-	-I$(BPF_HEADERS_DIR)/arch/$(BPF_KARCH)/include/uapi \
-	-I$(BPF_HEADERS_DIR)/arch/$(BPF_KARCH)/include/generated/uapi \
-	-I$(BPF_HEADERS_DIR)/include/uapi \
-	-I$(BPF_HEADERS_DIR)/include/generated/uapi \
-	-I$(BPF_HEADERS_DIR)/tools/lib \
-	-I$(BPF_HEADERS_DIR)/tools/testing/selftests \
-	-I$(BPF_HEADERS_DIR)/samples/bpf \
-	-include linux/kconfig.h -include asm_goto_workaround.h
-
-BPF_CFLAGS := \
-	$(BPF_KERNEL_INCLUDE) -I$(PKG_BUILD_DIR) \
-	-D__KERNEL__ -D__BPF_TRACING__ -DCONFIG_GENERIC_CSUM \
-	-D__TARGET_ARCH_${BPF_KARCH} \
-	-m$(if $(CONFIG_BIG_ENDIAN),big,little)-endian \
-	-fno-stack-protector -Wall \
-	-Wno-unused-value -Wno-pointer-sign \
-	-Wno-compare-distinct-pointer-types \
-	-Wno-gnu-variable-sized-type-not-at-end \
-	-Wno-address-of-packed-member -Wno-tautological-compare \
-	-Wno-unknown-warning-option \
-	-fno-asynchronous-unwind-tables \
-	-Wno-uninitialized -Wno-unused-variable \
-	-Wno-unused-label \
-	-O2 -emit-llvm -Xclang -disable-llvm-passes
-
-ifneq ($(CONFIG_HAS_BPF_TOOLCHAIN),)
-ifeq ($(DUMP)$(filter download refresh,$(MAKECMDGOALS)),)
-  CLANG_VER:=$(shell $(CLANG) -dM -E - < /dev/null | grep __clang_major__ | cut -d' ' -f3)
-  CLANG_VER_VALID:=$(shell [ "$(CLANG_VER)" -ge "$(CLANG_MIN_VER)" ] && echo 1 )
-  ifeq ($(CLANG_VER_VALID),)
-    $(error ERROR: LLVM/clang version too old. Minimum required: $(CLANG_MIN_VER), found: $(CLANG_VER))
-  endif
-endif
-endif
-
-define CompileBPF
-	$(CLANG) -g -target $(BPF_ARCH)-linux-gnu $(BPF_CFLAGS) $(2) \
-		-c $(1) -o $(patsubst %.c,%.bc,$(1))
-	$(LLVM_OPT) -O2 -mtriple=$(BPF_TARGET) < $(patsubst %.c,%.bc,$(1)) > $(patsubst %.c,%.opt,$(1))
-	$(LLVM_DIS) < $(patsubst %.c,%.opt,$(1)) > $(patsubst %.c,%.S,$(1))
-	$(LLVM_LLC) -march=$(BPF_TARGET) -mcpu=v3 -filetype=obj -o $(patsubst %.c,%.o,$(1)) < $(patsubst %.c,%.S,$(1))
-	$(CP) $(patsubst %.c,%.o,$(1)) $(patsubst %.c,%.debug.o,$(1))
-	$(LLVM_STRIP) --strip-debug $(patsubst %.c,%.o,$(1))
-endef
-
--- a/include/cmake.mk
+++ b/include/cmake.mk
@@ -1,13 +1,5 @@
 cmake_bool = $(patsubst %,-D%:BOOL=$(if $($(1)),ON,OFF),$(2))

-PKG_USE_NINJA ?= 1
-HOST_USE_NINJA ?= 1
-ifeq ($(PKG_USE_NINJA),1)
-  PKG_BUILD_PARALLEL ?= 1
-endif
-ifeq ($(HOST_USE_NINJA),1)
-  HOST_BUILD_PARALLEL ?= 1
-endif
 PKG_INSTALL:=1

 ifneq ($(findstring c,$(OPENWRT_VERBOSE)),)
@@ -18,13 +10,12 @@ endif
 CMAKE_BINARY_DIR = $(PKG_BUILD_DIR)$(if $(CMAKE_BINARY_SUBDIR),/$(CMAKE_BINARY_SUBDIR))
 CMAKE_SOURCE_DIR = $(PKG_BUILD_DIR)$(if $(CMAKE_SOURCE_SUBDIR),/$(CMAKE_SOURCE_SUBDIR))
 HOST_CMAKE_SOURCE_DIR = $(HOST_BUILD_DIR)$(if $(CMAKE_SOURCE_SUBDIR),/$(CMAKE_SOURCE_SUBDIR))
-HOST_CMAKE_BINARY_DIR = $(HOST_BUILD_DIR)$(if $(CMAKE_BINARY_SUBDIR),/$(CMAKE_BINARY_SUBDIR))
 MAKE_PATH = $(firstword $(CMAKE_BINARY_SUBDIR) .)

 ifeq ($(CONFIG_EXTERNAL_TOOLCHAIN),)
  cmake_tool=$(TOOLCHAIN_DIR)/bin/$(1)
 else
-  cmake_tool=$(shell command -v $(1))
+  cmake_tool=$(shell which $(1))
 endif

 ifeq ($(CONFIG_CCACHE),)
@@ -52,35 +43,6 @@ CMAKE_RANLIB:=$(call cmake_tool,$(TARGET_RANLIB))
 CMAKE_FIND_ROOT_PATH:=$(STAGING_DIR)/usr;$(TOOLCHAIN_DIR)$(if $(CONFIG_EXTERNAL_TOOLCHAIN),;$(CONFIG_TOOLCHAIN_ROOT))
 CMAKE_HOST_FIND_ROOT_PATH:=$(STAGING_DIR)/host;$(STAGING_DIR_HOSTPKG);$(STAGING_DIR_HOST)
 CMAKE_SHARED_LDFLAGS:=-Wl,-Bsymbolic-functions
-CMAKE_HOST_INSTALL_PREFIX = $(HOST_BUILD_PREFIX)
-
-ifeq ($(HOST_USE_NINJA),1)
-  CMAKE_HOST_OPTIONS += -DCMAKE_GENERATOR="Ninja"
-
-  define Host/Compile/Default
-	+$(NINJA) -C $(HOST_CMAKE_BINARY_DIR) $(1)
-  endef
-
-  define Host/Install/Default
-	+$(NINJA) -C $(HOST_CMAKE_BINARY_DIR) install
-  endef
-
-  define Host/Uninstall/Default
-	+$(NINJA) -C $(HOST_CMAKE_BINARY_DIR) uninstall
-  endef
-endif
-
-ifeq ($(PKG_USE_NINJA),1)
-  CMAKE_OPTIONS += -DCMAKE_GENERATOR="Ninja"
-
-  define Build/Compile/Default
-	+$(NINJA) -C $(CMAKE_BINARY_DIR) $(1)
-  endef
-
-  define Build/Install/Default
-	+DESTDIR="$(PKG_INSTALL_DIR)" $(NINJA) -C $(CMAKE_BINARY_DIR) install
-  endef
-endif

 define Build/Configure/Default
 	mkdir -p $(CMAKE_BINARY_DIR)
@@ -135,8 +97,7 @@ endef
 Build/InstallDev = $(if $(CMAKE_INSTALL),$(Build/InstallDev/cmake))

 define Host/Configure/Default
-	mkdir -p "$(HOST_CMAKE_BINARY_DIR)"
-	(cd $(HOST_CMAKE_BINARY_DIR); \
+	(cd $(HOST_BUILD_DIR); \
 		CFLAGS="$(HOST_CFLAGS)" \
 		CXXFLAGS="$(HOST_CFLAGS)" \
 		LDFLAGS="$(HOST_LDFLAGS)" \
@@ -158,7 +119,7 @@ define Host/Configure/Default
 			-DCMAKE_FIND_ROOT_PATH_MODE_LIBRARY=ONLY \
 			-DCMAKE_FIND_ROOT_PATH_MODE_INCLUDE=ONLY \
 			-DCMAKE_STRIP=: \
-			-DCMAKE_INSTALL_PREFIX=$(CMAKE_HOST_INSTALL_PREFIX) \
+			-DCMAKE_INSTALL_PREFIX=$(HOST_BUILD_PREFIX) \
 			-DCMAKE_PREFIX_PATH=$(HOST_BUILD_PREFIX) \
 			-DCMAKE_SKIP_RPATH=TRUE  \
 			-DCMAKE_INSTALL_LIBDIR=lib \
--- a/include/depends.mk
+++ b/include/depends.mk
@@ -11,8 +11,7 @@

 DEP_FINDPARAMS := -x "*/.svn*" -x ".*" -x "*:*" -x "*\!*" -x "* *" -x "*\\\#*" -x "*/.*_check" -x "*/.*.swp" -x "*/.pkgdir*"

-find_md5=find $(wildcard $(1)) -type f $(patsubst -x,-and -not -path,$(DEP_FINDPARAMS) $(2)) -printf "%p%T@\n" | sort | $(MKHASH) md5
-find_md5_reproducible=find $(wildcard $(1)) -type f $(patsubst -x,-and -not -path,$(DEP_FINDPARAMS) $(2)) -print0 | xargs -0 $(MKHASH) md5 | sort | $(MKHASH) md5
+find_md5=find $(wildcard $(1)) -type f $(patsubst -x,-and -not -path,$(DEP_FINDPARAMS) $(2)) -printf "%p%T@\n" | sort | mkhash md5

 define rdep
  .PRECIOUS: $(2)
@@ -28,7 +27,7 @@ ifneq ($(wildcard $(2)),)
 		{ [ \! -f "$(3)" ] || diff $(3) $(3).1 >/dev/null; } && \
 	) \
 	{ \
-		[ -f "$(2)_check.1" ] && mv "$(2)_check.1" "$(2)_check"; \
+		[ -f "$(2)_check.1" ] && mv "$(2)_check.1"; \
 	    $(TOPDIR)/scripts/timestamp.pl $(DEP_FINDPARAMS) $(4) -n $(2) $(1) && { \
 			$(call debug_eval,$(SUBDIR),r,echo "No need to rebuild $(2)";) \
 			touch -r "$(2)" "$(2)_check"; \
--- a/include/download.mk
+++ b/include/download.mk
@@ -18,10 +18,6 @@ endif

 DOWNLOAD_RDEP=$(STAMP_PREPARED) $(HOST_STAMP_PREPARED)

-# Export options for download.pl
-export DOWNLOAD_CHECK_CERTIFICATE:=$(CONFIG_DOWNLOAD_CHECK_CERTIFICATE)
-export DOWNLOAD_TOOL_CUSTOM:=$(CONFIG_DOWNLOAD_TOOL_CUSTOM)
-
 define dl_method_git
 $(if $(filter https://github.com/% git://github.com/%,$(1)),github_archive,git)
 endef
@@ -31,7 +27,7 @@ define dl_method
 $(strip \
  $(if $(filter git,$(2)),$(call dl_method_git,$(1),$(2)),
    $(if $(2),$(2), \
-      $(if $(filter @OPENWRT @APACHE/% @DEBIAN/% @GITHUB/% @GNOME/% @GNU/% @KERNEL/% @SF/% @SAVANNAH/% ftp://% http://% https://% file://%,$(1)),default, \
+      $(if $(filter @OPENWRT @APACHE/% @GITHUB/% @GNOME/% @GNU/% @KERNEL/% @SF/% @SAVANNAH/% ftp://% http://% https://% file://%,$(1)),default, \
        $(if $(filter git://%,$(1)),$(call dl_method_git,$(1),$(2)), \
          $(if $(filter svn://%,$(1)),svn, \
            $(if $(filter cvs://%,$(1)),cvs, \
@@ -63,21 +59,6 @@ define dl_tar_pack
 		$$$${TAR_TIMESTAMP:+--mtime="$$$$TAR_TIMESTAMP"} -c $(2) | $(call dl_pack,$(1))
 endef

-gen_sha256sum = $(shell $(MKHASH) sha256 $(DL_DIR)/$(1))
-
-# Used in Build/CoreTargets and HostBuild/Core as an integrity check for
-# downloaded files.  It will add a FORCE rule if the sha256 hash does not
-# match, so that the download can be more thoroughly handled by download.pl.
-define check_download_integrity
-  expected_hash:=$(strip $(if $(filter-out x,$(HASH)),$(HASH),$(MIRROR_HASH)))
-  $$(if $$(and $(FILE),$$(wildcard $(DL_DIR)/$(FILE)), \
-	       $$(filter undefined,$$(flavor DownloadChecked/$(FILE)))), \
-    $$(eval DownloadChecked/$(FILE):=1) \
-    $$(if $$(filter-out $$(call gen_sha256sum,$(FILE)),$$(expected_hash)), \
-      $(DL_DIR)/$(FILE): FORCE) \
-  )
-endef
-
 ifdef CHECK
 check_escape=$(subst ','\'',$(1))
 #')
@@ -93,6 +74,8 @@ else
  check_warn = $(if $(filter-out undefined,$(origin F_$(1))),$(filter ,$(shell $(call F_$(1),$(2),$(3),$(4)) >&2)),$(check_warn_nofix))
 endif

+gen_sha256sum = $(shell mkhash sha256 $(DL_DIR)/$(1))
+
 ifdef FIXUP
 F_hash_deprecated = $(SCRIPT_DIR)/fixup-makefile.pl $(CURDIR)/Makefile fix-hash $(3) $(call gen_sha256sum,$(1)) $(2)
 F_hash_mismatch = $(F_hash_deprecated)
@@ -187,7 +170,7 @@ define DownloadMethod/svn
 		svn export --non-interactive --trust-server-cert -r$(VERSION) $(URL) $(SUBDIR) || \
 		svn export --non-interactive -r$(VERSION) $(URL) $(SUBDIR) ) && \
 		echo "Packing checkout..." && \
-		export TAR_TIMESTAMP="`svn info -r$(VERSION) --show-item last-changed-date $(URL)`" && \
+		export TAR_TIMESTAMP="" && \
 		$(call dl_tar_pack,$(TMP_DIR)/dl/$(FILE),$(SUBDIR)) && \
 		mv $(TMP_DIR)/dl/$(FILE) $(DL_DIR)/ && \
 		rm -rf $(SUBDIR); \
--- a/include/feeds.mk
+++ b/include/feeds.mk
@@ -43,11 +43,5 @@ endef

 # 1: package name
 define GetABISuffix
-$(if $(ABIV_$(1)),$(ABIV_$(1)),$(call FormatABISuffix,$(1),$(foreach v,$(wildcard $(STAGING_DIR)/pkginfo/$(1).version),$(shell cat $(v)))))
-endef
-
-# 1: package name
-# 2: abi version
-define FormatABISuffix
-$(if $(filter-out kmod-%,$(1)),$(if $(2),$(if $(filter %0 %1 %2 %3 %4 %5 %6 %7 %8 %9,$(1)),-)$(2)))
+$(if $(filter-out kmod-%,$(1)),$(if $(ABIV_$(1)),$(ABIV_$(1)),$(foreach v,$(wildcard $(STAGING_DIR)/pkginfo/$(1).version),$(shell cat $(v)))))
 endef
--- a/include/host-build.mk
+++ b/include/host-build.mk
@@ -21,12 +21,11 @@ include $(INCLUDE_DIR)/depends.mk
 include $(INCLUDE_DIR)/quilt.mk

 BUILD_TYPES += host
-HOST_STAMP_PREPARED=$(HOST_BUILD_DIR)/.prepared$(if $(HOST_QUILT)$(DUMP),,$(shell $(call $(if $(CONFIG_AUTOREMOVE),find_md5_reproducible,find_md5),${CURDIR} $(PKG_FILE_DEPENDS),))_$(call confvar,CONFIG_AUTOREMOVE $(HOST_PREPARED_DEPENDS)))
+HOST_STAMP_PREPARED=$(HOST_BUILD_DIR)/.prepared$(if $(HOST_QUILT)$(DUMP),,$(shell $(call find_md5,${CURDIR} $(PKG_FILE_DEPENDS),))_$(call confvar,CONFIG_AUTOREMOVE $(HOST_PREPARED_DEPENDS)))
 HOST_STAMP_CONFIGURED:=$(HOST_BUILD_DIR)/.configured
 HOST_STAMP_BUILT:=$(HOST_BUILD_DIR)/.built
 HOST_BUILD_PREFIX?=$(if $(IS_PACKAGE_BUILD),$(STAGING_DIR_HOSTPKG),$(STAGING_DIR_HOST))
 HOST_STAMP_INSTALLED:=$(HOST_BUILD_PREFIX)/stamp/.$(PKG_NAME)_installed
-HOST_STAMP_PROGRAMS:=$(foreach program,$(PKG_PROGRAMS),$(subst $(PKG_NAME),$(program),$(HOST_STAMP_INSTALLED)) )

 override MAKEFLAGS=

@@ -52,7 +51,6 @@ HOST_CONFIGURE_VARS = \
 	CFLAGS="$(HOST_CFLAGS)" \
 	CXX="$(HOSTCXX)" \
 	CPPFLAGS="$(HOST_CPPFLAGS)" \
-	CXXFLAGS="$(HOST_CXXFLAGS)" \
 	LDFLAGS="$(HOST_LDFLAGS)" \
 	CONFIG_SHELL="$(SHELL)"

@@ -60,7 +58,6 @@ HOST_CONFIGURE_ARGS = \
 	--target=$(GNU_HOST_NAME) \
 	--host=$(GNU_HOST_NAME) \
 	--build=$(GNU_HOST_NAME) \
-	--disable-dependency-tracking \
 	--program-prefix="" \
 	--program-suffix="" \
 	--prefix=$(HOST_BUILD_PREFIX) \
@@ -132,7 +129,6 @@ define Host/Exports/Default
  $(1) : export STAGING_PREFIX=$$(HOST_BUILD_PREFIX)
  $(1) : export PKG_CONFIG_PATH=$$(STAGING_DIR_HOST)/lib/pkgconfig:$$(HOST_BUILD_PREFIX)/lib/pkgconfig
  $(1) : export PKG_CONFIG_LIBDIR=$$(HOST_BUILD_PREFIX)/lib/pkgconfig
-  $(1) : export GIT_CEILING_DIRECTORIES=$$(BUILD_DIR_HOST)
  $(if $(HOST_CONFIG_SITE),$(1) : export CONFIG_SITE:=$(HOST_CONFIG_SITE))
  $(if $(IS_PACKAGE_BUILD),$(1) : export PATH=$$(TARGET_PATH_PKG))
 endef
@@ -173,7 +169,7 @@ ifndef DUMP
 		$(foreach hook,$(Hooks/HostInstall/Post),$(call $(hook))$(sep))
 		mkdir -p $$(shell dirname $$@)
 		touch $(HOST_STAMP_BUILT)
-		touch $$@ $(HOST_STAMP_PROGRAMS)
+		touch $$@

  $(call DefaultTargets,$(patsubst %,host-%,$(DEFAULT_SUBDIR_TARGETS)))
  ifndef STAMP_BUILT
@@ -184,11 +180,11 @@ ifndef DUMP
    clean-build: host-clean-build
  endif

-  $(call check_download_integrity)
+  $(DL_DIR)/$(FILE): FORCE

  $(_host_target)host-prepare: $(HOST_STAMP_PREPARED)
  $(_host_target)host-configure: $(HOST_STAMP_CONFIGURED)
-  $(_host_target)host-compile: $(HOST_STAMP_BUILT) $(HOST_STAMP_INSTALLED) $(HOST_STAMP_PROGRAMS)
+  $(_host_target)host-compile: $(HOST_STAMP_BUILT) $(HOST_STAMP_INSTALLED)
  host-install: host-compile

  host-clean-build: FORCE
@@ -197,21 +193,17 @@ ifndef DUMP

  host-clean: host-clean-build
 	$(call Host/Clean)
-	rm -rf $(HOST_STAMP_INSTALLED) $(HOST_STAMP_PROGRAMS)
+	rm -rf $(HOST_STAMP_INSTALLED)

    ifneq ($(CONFIG_AUTOREMOVE),)
      host-compile:
-		$(FIND) $(HOST_BUILD_DIR) -mindepth 1 -maxdepth 1 -not '(' -type f -and -name '.*' -and -size 0 ')' -print0 | \
-			$(XARGS) -0 rm -rf
+		$(FIND) $(HOST_BUILD_DIR) -mindepth 1 -maxdepth 1 -not '(' -type f -and -name '.*' -and -size 0 ')' | \
+			$(XARGS) rm -rf
    endif
  endef
 endif

 define HostBuild
  $(HostBuild/Core)
-  $(if $(if $(PKG_HOST_ONLY),,$(if $(and $(filter host-%,$(MAKECMDGOALS)),$(PKG_SKIP_DOWNLOAD)),,$(STAMP_PREPARED))),,
-	$(if $(and $(CONFIG_AUTOREMOVE), $(wildcard $(HOST_STAMP_INSTALLED), $(wildcard $(HOST_STAMP_BUILT)))),,
-		$(if $(strip $(PKG_SOURCE_URL)),$(call Download,default))
-	)
-  )
+  $(if $(if $(PKG_HOST_ONLY),,$(STAMP_PREPARED)),,$(if $(strip $(PKG_SOURCE_URL)),$(call Download,default)))
 endef
--- a/include/image-commands.mk
+++ b/include/image-commands.mk
@@ -4,7 +4,7 @@ IMAGE_KERNEL = $(word 1,$^)
 IMAGE_ROOTFS = $(word 2,$^)

 define ModelNameLimit16
-$(shell printf %.16s "$(word 2, $(subst _, ,$(1)))")
+$(shell expr substr "$(word 2, $(subst _, ,$(1)))" 1 16)
 endef

 define rootfs_align
@@ -27,40 +27,6 @@ define Build/append-kernel
 	dd if=$(IMAGE_KERNEL) >> $@
 endef

-define Build/package-kernel-ubifs
-	mkdir $@.kernelubifs
-	cp $@ $@.kernelubifs/kernel
-	$(STAGING_DIR_HOST)/bin/mkfs.ubifs \
-		$(KERNEL_UBIFS_OPTS) \
-		-r $@.kernelubifs $@
-	rm -r $@.kernelubifs
-endef
-
-define Build/append-image
-	cp "$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)" "$@.stripmeta"
-	fwtool -s /dev/null -t "$@.stripmeta" || :
-	fwtool -i /dev/null -t "$@.stripmeta" || :
-	dd if="$@.stripmeta" >> "$@"
-	rm "$@.stripmeta"
-endef
-
-ifdef IB
-define Build/append-image-stage
-	dd if=$(STAGING_DIR_IMAGE)/$(BOARD)$(if $(SUBTARGET),-$(SUBTARGET))-$(DEVICE_NAME)-$(1) >> $@
-endef
-else
-define Build/append-image-stage
-	cp "$(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)" "$@.stripmeta"
-	fwtool -s /dev/null -t "$@.stripmeta" || :
-	fwtool -i /dev/null -t "$@.stripmeta" || :
-	mkdir -p "$(STAGING_DIR_IMAGE)"
-	dd if="$@.stripmeta" of="$(STAGING_DIR_IMAGE)/$(BOARD)$(if $(SUBTARGET),-$(SUBTARGET))-$(DEVICE_NAME)-$(1)"
-	dd if="$@.stripmeta" >> "$@"
-	rm "$@.stripmeta"
-endef
-endif
-
-
 compat_version=$(if $(DEVICE_COMPAT_VERSION),$(DEVICE_COMPAT_VERSION),1.0)
 json_quote=$(subst ','\'',$(subst ",\",$(1)))
 #")')
@@ -90,7 +56,6 @@ metadata_json = \

 define Build/append-metadata
 	$(if $(SUPPORTED_DEVICES),-echo $(call metadata_json) | fwtool -I - $@)
-	sha256sum "$@" | cut -d" " -f1 > "$@.sha256sum"
 	[ ! -s "$(BUILD_KEY)" -o ! -s "$(BUILD_KEY).ucert" -o ! -s "$@" ] || { \
 		cp "$(BUILD_KEY).ucert" "$@.ucert" ;\
 		usign -S -m "$@" -s "$(BUILD_KEY)" -x "$@.sig" ;\
@@ -106,39 +71,23 @@ endef
 define Build/append-squashfs-fakeroot-be
 	rm -rf $@.fakefs $@.fakesquashfs
 	mkdir $@.fakefs
-	$(STAGING_DIR_HOST)/bin/mksquashfs3-lzma \
+	$(STAGING_DIR_HOST)/bin/mksquashfs-lzma \
 		$@.fakefs $@.fakesquashfs \
 		-noappend -root-owned -be -nopad -b 65536 \
 		$(if $(SOURCE_DATE_EPOCH),-fixed-time $(SOURCE_DATE_EPOCH))
 	cat $@.fakesquashfs >> $@
 endef

-define Build/append-squashfs4-fakeroot
-	rm -rf $@.fakefs $@.fakesquashfs
-	mkdir $@.fakefs
-	$(STAGING_DIR_HOST)/bin/mksquashfs4 \
-		$@.fakefs $@.fakesquashfs \
-		-nopad -noappend -root-owned
-	cat $@.fakesquashfs >> $@
-endef
-
 define Build/append-string
 	echo -n $(1) >> $@
 endef

-define Build/append-md5sum-ascii-salted
-	cp $@ $@.salted
-	echo -ne $(1) >> $@.salted
-	$(STAGING_DIR_HOST)/bin/mkhash md5 $@.salted | head -c32 >> $@
-	rm $@.salted
-endef
-
 define Build/append-ubi
 	sh $(TOPDIR)/scripts/ubinize-image.sh \
 		$(if $(UBOOTENV_IN_UBI),--uboot-env) \
 		$(if $(KERNEL_IN_UBI),--kernel $(IMAGE_KERNEL)) \
 		$(foreach part,$(UBINIZE_PARTS),--part $(part)) \
-		--rootfs $(IMAGE_ROOTFS) \
+		$(IMAGE_ROOTFS) \
 		$@.tmp \
 		-p $(BLOCKSIZE:%k=%KiB) -m $(PAGESIZE) \
 		$(if $(SUBPAGESIZE),-s $(SUBPAGESIZE)) \
@@ -148,18 +97,6 @@ define Build/append-ubi
 	rm $@.tmp
 endef

-define Build/ubinize-kernel
-	cp $@ $@.tmp
-	sh $(TOPDIR)/scripts/ubinize-image.sh \
-		--kernel $@.tmp \
-		$@ \
-		-p $(BLOCKSIZE:%k=%KiB) -m $(PAGESIZE) \
-		$(if $(SUBPAGESIZE),-s $(SUBPAGESIZE)) \
-		$(if $(VID_HDR_OFFSET),-O $(VID_HDR_OFFSET)) \
-		$(UBINIZE_OPTS)
-	rm $@.tmp
-endef
-
 define Build/append-uboot
 	dd if=$(UBOOT_PATH) >> $@
 endef
@@ -217,20 +154,11 @@ define Build/check-size
 	@imagesize="$$(stat -c%s $@)"; \
 	limitsize="$$(($(subst k,* 1024,$(subst m, * 1024k,$(if $(1),$(1),$(IMAGE_SIZE))))))"; \
 	[ $$limitsize -ge $$imagesize ] || { \
-		$(call ERROR_MESSAGE,    WARNING: Image file $@ is too big: $$imagesize > $$limitsize); \
+		echo "WARNING: Image file $@ is too big: $$imagesize > $$limitsize" >&2; \
 		rm -f $@; \
 	}
 endef

-define Build/copy-file
-	cat "$(1)" > "$@"
-endef
-
-define Build/edimax-header
-	$(STAGING_DIR_HOST)/bin/mkedimaximg -i $@ -o $@.new $(1)
-	@mv $@.new $@
-endef
-
 define Build/elecom-product-header
 	$(eval product=$(word 1,$(1)))
 	$(eval fw=$(if $(word 2,$(1)),$(word 2,$(1)),$@))
@@ -243,19 +171,6 @@ define Build/elecom-product-header
 	mv $(fw).new $(fw)
 endef

-define Build/elecom-wrc-gs-factory
-	$(eval product=$(word 1,$(1)))
-	$(eval version=$(word 2,$(1)))
-	$(eval hash_opt=$(word 3,$(1)))
-	$(MKHASH) md5 $(hash_opt) $@ >> $@
-	( \
-		echo -n "ELECOM $(product) v$(version)" | \
-			dd bs=32 count=1 conv=sync; \
-		dd if=$@; \
-	) > $@.new
-	mv $@.new $@
-endef
-
 define Build/elx-header
 	$(eval hw_id=$(word 1,$(1)))
 	$(eval xor_pattern=$(word 2,$(1)))
@@ -267,7 +182,7 @@ define Build/elx-header
 			dd bs=20 count=1 conv=sync; \
 		echo -ne "$$(printf '%08x' $$(stat -c%s $@) | fold -s2 | xargs -I {} echo \\x{} | tr -d '\n')" | \
 			dd bs=8 count=1 conv=sync; \
-		echo -ne "$$($(MKHASH) md5 $@ | fold -s2 | xargs -I {} echo \\x{} | tr -d '\n')" | \
+		echo -ne "$$($(STAGING_DIR_HOST)/bin/mkhash md5 $@ | fold -s2 | xargs -I {} echo \\x{} | tr -d '\n')" | \
 			dd bs=58 count=1 conv=sync; \
 	) > $(KDIR)/tmp/$(DEVICE_NAME).header
 	$(call Build/xor-image,-p $(xor_pattern) -x)
@@ -281,59 +196,23 @@ define Build/eva-image
 	mv $@.new $@
 endef

-define Build/initrd_compression
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_BZIP2),.bzip2) \
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),.gzip) \
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZ4),.lz4) \
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZMA),.lzma) \
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZO),.lzo) \
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),.xz) \
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_ZSTD),.zstd)
-endef
-
 define Build/fit
 	$(TOPDIR)/scripts/mkits.sh \
 		-D $(DEVICE_NAME) -o $@.its -k $@ \
-		-C $(word 1,$(1)) \
-		$(if $(word 2,$(1)),\
-			$(if $(findstring 11,$(if $(DEVICE_DTS_OVERLAY),1)$(if $(findstring $(KERNEL_BUILD_DIR)/image-,$(word 2,$(1))),,1)), \
-				-d $(KERNEL_BUILD_DIR)/image-$$(basename $(word 2,$(1))), \
-				-d $(word 2,$(1)))) \
-		$(if $(findstring with-rootfs,$(word 3,$(1))),-r $(IMAGE_ROOTFS)) \
-		$(if $(findstring with-initrd,$(word 3,$(1))), \
-			$(if $(CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE), \
-				-i $(KERNEL_BUILD_DIR)/initrd.cpio$(strip $(call Build/initrd_compression)))) \
+		$(if $(word 2,$(1)),-d $(word 2,$(1))) -C $(word 1,$(1)) \
 		-a $(KERNEL_LOADADDR) -e $(if $(KERNEL_ENTRY),$(KERNEL_ENTRY),$(KERNEL_LOADADDR)) \
 		$(if $(DEVICE_FDT_NUM),-n $(DEVICE_FDT_NUM)) \
-		$(if $(DEVICE_DTS_DELIMITER),-l $(DEVICE_DTS_DELIMITER)) \
-		$(if $(DEVICE_DTS_LOADADDR),-s $(DEVICE_DTS_LOADADDR)) \
-		$(if $(DEVICE_DTS_OVERLAY),$(foreach dtso,$(DEVICE_DTS_OVERLAY), -O $(dtso):$(KERNEL_BUILD_DIR)/image-$(dtso).dtbo)) \
-		-c $(if $(DEVICE_DTS_CONFIG),$(DEVICE_DTS_CONFIG),"config-1") \
+		-c $(if $(DEVICE_DTS_CONFIG),$(DEVICE_DTS_CONFIG),"config@1") \
 		-A $(LINUX_KARCH) -v $(LINUX_VERSION)
-	PATH=$(LINUX_DIR)/scripts/dtc:$(PATH) mkimage $(if $(findstring external,$(word 3,$(1))),\
-		-E -B 0x1000 $(if $(findstring static,$(word 3,$(1))),-p 0x1000)) -f $@.its $@.new
-	@mv $@.new $@
-endef
-
-define Build/libdeflate-gzip
-	$(STAGING_DIR_HOST)/bin/libdeflate-gzip -f -12 -c $@ $(1) > $@.new
+	PATH=$(LINUX_DIR)/scripts/dtc:$(PATH) mkimage -f $@.its $@.new
 	@mv $@.new $@
 endef

 define Build/gzip
-	$(STAGING_DIR_HOST)/bin/gzip -f -9n -c $@ $(1) > $@.new
+	gzip -f -9n -c $@ $(1) > $@.new
 	@mv $@.new $@
 endef

-define Build/gzip-filename
-	@mkdir -p $@.tmp
-	@cp $@ $@.tmp/$(word 1,$(1))
-	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $@.tmp/$(word 1,$(1)) $(word 2,$(1)))
-	$(STAGING_DIR_HOST)/bin/gzip -f -9 -N -c $@.tmp/$(word 1,$(1)) $(word 2,$(1)) > $@.new
-	@mv $@.new $@
-	@rm -rf $@.tmp
-endef
-
 define Build/install-dtb
 	$(call locked, \
 		$(foreach dts,$(DEVICE_DTS), \
@@ -345,16 +224,6 @@ define Build/install-dtb
 	)
 endef

-define Build/iptime-crc32
-	$(STAGING_DIR_HOST)/bin/iptime-crc32 $(1) $@ $@.new
-	mv $@.new $@
-endef
-
-define Build/iptime-naspkg
-	$(STAGING_DIR_HOST)/bin/iptime-naspkg $(1) $@ $@.new
-	mv $@.new $@
-endef
-
 define Build/jffs2
 	rm -rf $(KDIR_TMP)/$(DEVICE_NAME)/jffs2 && \
 		mkdir -p $(KDIR_TMP)/$(DEVICE_NAME)/jffs2/$$(dirname $(1)) && \
@@ -371,11 +240,8 @@ define Build/jffs2
 endef

 define Build/kernel2minor
-	$(eval temp_file := $(shell mktemp))
-	cp $@ $(temp_file)
-	kernel2minor -k $(temp_file) -r $(temp_file).new $(1)
-	mv $(temp_file).new $@
-	rm -f $(temp_file)
+	kernel2minor -k $@ -r $@.new $(1)
+	mv $@.new $@
 endef

 define Build/kernel-bin
@@ -410,28 +276,13 @@ endef

 define Build/netgear-dni
 	$(STAGING_DIR_HOST)/bin/mkdniimg \
-		-B $(NETGEAR_BOARD_ID) -v $(shell cat $(VERSION_DIST)| sed -e 's/[[:space:]]/-/g').$(firstword $(subst -, ,$(REVISION))) \
+		-B $(NETGEAR_BOARD_ID) -v $(VERSION_DIST).$(firstword $(subst -, ,$(REVISION))) \
 		$(if $(NETGEAR_HW_ID),-H $(NETGEAR_HW_ID)) \
 		-r "$(1)" \
 		-i $@ -o $@.new
 	mv $@.new $@
 endef

-define Build/netgear-encrypted-factory
-	$(TOPDIR)/scripts/netgear-encrypted-factory.py \
-		--input-file $@ \
-		--output-file $@ \
-		--model $(NETGEAR_ENC_MODEL) \
-		--region $(NETGEAR_ENC_REGION) \
-		$(if $(NETGEAR_ENC_HW_ID_LIST),--hw-id-list "$(NETGEAR_ENC_HW_ID_LIST)") \
-		$(if $(NETGEAR_ENC_MODEL_LIST),--model-list "$(NETGEAR_ENC_MODEL_LIST)") \
-		--version V1.0.0.0.$(shell cat $(VERSION_DIST)| sed -e 's/[[:space:]]/-/g').$(firstword $(subst -, ,$(REVISION))) \
-		--encryption-block-size 0x20000 \
-		--openssl-bin "$(STAGING_DIR_HOST)/bin/openssl" \
-		--key 6865392d342b4d212964363d6d7e7765312c7132613364316e26322a5a5e2538 \
-		--iv 4a253169516c38243d6c6d2d3b384145
-endef
-
 define Build/openmesh-image
 	$(TOPDIR)/scripts/om-fwupgradecfg-gen.sh \
 		"$(call param_get_default,ce_type,$(1),$(DEVICE_NAME))" \
@@ -474,7 +325,7 @@ define Build/patch-cmdline
 endef

 # Convert a raw image into a $1 type image.
-# E.g. | qemu-image vdi <optional extra arguments to qemu-img binary>
+# E.g. | qemu-image vdi
 define Build/qemu-image
 	if command -v qemu-img; then \
 		qemu-img convert -f raw -O $1 $@ $@.new; \
@@ -583,7 +434,6 @@ define Build/tplink-v2-image
 endef

 define Build/uImage
-	$(if $(UIMAGE_TIME),SOURCE_DATE_EPOCH="$(UIMAGE_TIME)") \
 	mkimage \
 		-A $(LINUX_KARCH) \
 		-O linux \
@@ -604,12 +454,12 @@ define Build/xor-image
 endef

 define Build/zip
-	rm -rf $@.tmp
 	mkdir $@.tmp
-	mv $@ $@.tmp/$(word 1,$(1))
-	TZ=UTC $(STAGING_DIR_HOST)/bin/zip -j -X \
-		$(wordlist 2,$(words $(1)),$(1)) \
-		$@ $@.tmp/$(if $(word 1,$(1)),$(word 1,$(1)),$$(basename $@))
+	mv $@ $@.tmp/$(1)
+
+	zip -j -X \
+		$(if $(SOURCE_DATE_EPOCH),--mtime="$(SOURCE_DATE_EPOCH)") \
+		$@ $@.tmp/$(if $(1),$(1),$@)
 	rm -rf $@.tmp
 endef

--- a/include/image.mk
+++ b/include/image.mk
@@ -26,7 +26,7 @@ param_get_default = $(firstword $(call param_get,$(1),$(2)) $(3))
 param_mangle = $(subst $(space),_,$(strip $(1)))
 param_unmangle = $(subst _,$(space),$(1))

-mkfs_packages_id = $(shell echo $(sort $(1)) | $(MKHASH) md5 | cut -b1-8)
+mkfs_packages_id = $(shell echo $(sort $(1)) | mkhash md5 | cut -b1-8)
 mkfs_target_dir = $(if $(call param_get,pkg,$(1)),$(KDIR)/target-dir-$(call param_get,pkg,$(1)),$(TARGET_DIR))

 KDIR=$(KERNEL_BUILD_DIR)
@@ -40,8 +40,8 @@ IMG_PREFIX_VERCODE:=$(if $(CONFIG_VERSION_CODE_FILENAMES),$(call sanitize,$(VERS
 IMG_PREFIX:=$(VERSION_DIST_SANITIZED)-$(IMG_PREFIX_VERNUM)$(IMG_PREFIX_VERCODE)$(IMG_PREFIX_EXTRA)$(BOARD)$(if $(SUBTARGET),-$(SUBTARGET))
 IMG_ROOTFS:=$(IMG_PREFIX)-rootfs
 IMG_COMBINED:=$(IMG_PREFIX)-combined
-IMG_PART_SIGNATURE:=$(shell echo $(SOURCE_DATE_EPOCH)$(LINUX_VERMAGIC) | $(MKHASH) md5 | cut -b1-8)
-IMG_PART_DISKGUID:=$(shell echo $(SOURCE_DATE_EPOCH)$(LINUX_VERMAGIC) | $(MKHASH) md5 | sed -E 's/(.{8})(.{4})(.{4})(.{4})(.{10})../\1-\2-\3-\4-\500/')
+IMG_PART_SIGNATURE:=$(shell echo $(SOURCE_DATE_EPOCH)$(LINUX_VERMAGIC) | mkhash md5 | cut -b1-8)
+IMG_PART_DISKGUID:=$(shell echo $(SOURCE_DATE_EPOCH)$(LINUX_VERMAGIC) | mkhash md5 | sed -E 's/(.{8})(.{4})(.{4})(.{4})(.{10})../\1-\2-\3-\4-\500/')

 MKFS_DEVTABLE_OPT := -D $(INCLUDE_DIR)/device_table.txt

@@ -75,7 +75,6 @@ JFFS2OPTS += $(MKFS_DEVTABLE_OPT)
 SQUASHFS_BLOCKSIZE := $(CONFIG_TARGET_SQUASHFS_BLOCK_SIZE)k
 SQUASHFSOPT := -b $(SQUASHFS_BLOCKSIZE)
 SQUASHFSOPT += -p '/dev d 755 0 0' -p '/dev/console c 600 0 0 5 1'
-SQUASHFSOPT += $(if $(CONFIG_SELINUX),-xattrs,-no-xattrs)
 SQUASHFSCOMP := gzip
 LZMA_XZ_OPTIONS := -Xpreset 9 -Xe -Xlc 0 -Xlp 2 -Xpb 2
 ifeq ($(CONFIG_SQUASHFS_XZ),y)
@@ -137,6 +136,14 @@ define Image/BuildKernel/MkuImage
 		-n '$(call toupper,$(ARCH)) $(VERSION_DIST) Linux-$(LINUX_VERSION)' -d $(4) $(5)
 endef

+define Image/BuildKernel/MkFIT
+	$(TOPDIR)/scripts/mkits.sh \
+		-D $(1) -o $(KDIR)/fit-$(1).its -k $(2) $(if $(3),-d $(3)) -C $(4) -a $(5) -e $(6) \
+		-c $(if $(DEVICE_DTS_CONFIG),$(DEVICE_DTS_CONFIG),"config@1") \
+		-A $(LINUX_KARCH) -v $(LINUX_VERSION)
+	PATH=$(LINUX_DIR)/scripts/dtc:$(PATH) mkimage -f $(KDIR)/fit-$(1).its $(KDIR)/fit-$(1)$(7).itb
+endef
+
 ifdef CONFIG_TARGET_IMAGES_GZIP
  define Image/Gzip
 	rm -f $(1).gz
@@ -146,7 +153,7 @@ endif


 # Disable noisy checks by default as in upstream
-DTC_WARN_FLAGS := \
+DTC_FLAGS += \
  -Wno-unit_address_vs_reg \
  -Wno-simple_bus_reg \
  -Wno-unit_address_format \
@@ -159,9 +166,6 @@ DTC_WARN_FLAGS := \
  -Wno-graph_port \
  -Wno-unique_unit_address

-DTC_FLAGS += $(DTC_WARN_FLAGS)
-DTCO_FLAGS += $(DTC_WARN_FLAGS)
-
 define Image/pad-to
 	dd if=$(1) of=$(1).new bs=$(2) conv=sync
 	mv $(1).new $(1)
@@ -177,29 +181,19 @@ endef
 # $(2) target dtb file
 # $(3) extra CPP flags
 # $(4) extra DTC flags
-define Image/BuildDTB/sub
+define Image/BuildDTB
 	$(TARGET_CROSS)cpp -nostdinc -x assembler-with-cpp \
-		$(DTS_CPPFLAGS) \
 		-I$(DTS_DIR) \
 		-I$(DTS_DIR)/include \
 		-I$(LINUX_DIR)/include/ \
 		-undef -D__DTS__ $(3) \
 		-o $(2).tmp $(1)
 	$(LINUX_DIR)/scripts/dtc/dtc -O dtb \
-		-i$(dir $(1)) $(4) \
-	$(if $(CONFIG_HAS_DT_OVERLAY_SUPPORT),-@) \
+		-i$(dir $(1)) $(DTC_FLAGS) $(4) \
 		-o $(2) $(2).tmp
 	$(RM) $(2).tmp
 endef

-define Image/BuildDTB
-	$(call Image/BuildDTB/sub,$(1),$(2),$(3),$(DTC_FLAGS) $(DEVICE_DTC_FLAGS) $(4))
-endef
-
-define Image/BuildDTBO
-	$(call Image/BuildDTB/sub,$(1),$(2),$(3),$(DTCO_FLAGS) $(DEVICE_DTCO_FLAGS) $(4))
-endef
-
 define Image/mkfs/jffs2/sub-raw
 	$(STAGING_DIR_HOST)/bin/mkfs.jffs2 \
 		$(2) \
@@ -233,7 +227,8 @@ $(eval $(foreach S,$(NAND_BLOCKSIZE),$(call Image/mkfs/jffs2-nand/template,$(S))
 define Image/mkfs/squashfs-common
 	$(STAGING_DIR_HOST)/bin/mksquashfs4 $(call mkfs_target_dir,$(1)) $@ \
 		-nopad -noappend -root-owned \
-		-comp $(SQUASHFSCOMP) $(SQUASHFSOPT)
+		-comp $(SQUASHFSCOMP) $(SQUASHFSOPT) \
+		-processors 1
 endef

 ifeq ($(CONFIG_TARGET_ROOTFS_SECURITY_LABELS),y)
@@ -306,7 +301,7 @@ endif

 ifdef CONFIG_TARGET_ROOTFS_CPIOGZ
  define Image/Build/cpiogz
-	( cd $(TARGET_DIR); find . | $(STAGING_DIR_HOST)/bin/cpio -o -H newc -R 0:0 | gzip -9n >$(BIN_DIR)/$(IMG_ROOTFS).cpio.gz )
+	( cd $(TARGET_DIR); find . | cpio -o -H newc -R root:root | gzip -9n >$(BIN_DIR)/$(IMG_ROOTFS).cpio.gz )
  endef
 endif

@@ -344,8 +339,6 @@ define Device/InitProfile
  DEVICE_ALT0_TITLE = $$(DEVICE_ALT0_VENDOR) $$(DEVICE_ALT0_MODEL)$$(if $$(DEVICE_ALT0_VARIANT), $$(DEVICE_ALT0_VARIANT))
  DEVICE_ALT1_TITLE = $$(DEVICE_ALT1_VENDOR) $$(DEVICE_ALT1_MODEL)$$(if $$(DEVICE_ALT1_VARIANT), $$(DEVICE_ALT1_VARIANT))
  DEVICE_ALT2_TITLE = $$(DEVICE_ALT2_VENDOR) $$(DEVICE_ALT2_MODEL)$$(if $$(DEVICE_ALT2_VARIANT), $$(DEVICE_ALT2_VARIANT))
-  DEVICE_ALT3_TITLE = $$(DEVICE_ALT3_VENDOR) $$(DEVICE_ALT3_MODEL)$$(if $$(DEVICE_ALT3_VARIANT), $$(DEVICE_ALT3_VARIANT))
-  DEVICE_ALT4_TITLE = $$(DEVICE_ALT4_VENDOR) $$(DEVICE_ALT4_MODEL)$$(if $$(DEVICE_ALT4_VARIANT), $$(DEVICE_ALT4_VARIANT))
  DEVICE_VENDOR :=
  DEVICE_MODEL :=
  DEVICE_VARIANT :=
@@ -358,12 +351,6 @@ define Device/InitProfile
  DEVICE_ALT2_VENDOR :=
  DEVICE_ALT2_MODEL :=
  DEVICE_ALT2_VARIANT :=
-  DEVICE_ALT3_VENDOR :=
-  DEVICE_ALT3_MODEL :=
-  DEVICE_ALT3_VARIANT :=
-  DEVICE_ALT4_VENDOR :=
-  DEVICE_ALT4_MODEL :=
-  DEVICE_ALT4_VARIANT :=
  DEVICE_PACKAGES :=
  DEVICE_DESCRIPTION = Build firmware images for $$(DEVICE_TITLE)
 endef
@@ -376,15 +363,14 @@ define Device/Init

  IMAGES :=
  ARTIFACTS :=
-  DEVICE_IMG_PREFIX := $(IMG_PREFIX)-$(1)
-  DEVICE_IMG_NAME = $$(DEVICE_IMG_PREFIX)-$$(1)-$$(2)
-  FACTORY_IMG_NAME :=
+  IMAGE_PREFIX := $(IMG_PREFIX)-$(1)
+  IMAGE_NAME = $$(IMAGE_PREFIX)-$$(1)-$$(2)
  IMAGE_SIZE :=
-  KERNEL_PREFIX = $$(DEVICE_IMG_PREFIX)
+  KERNEL_PREFIX = $$(IMAGE_PREFIX)
  KERNEL_SUFFIX := -kernel.bin
  KERNEL_INITRAMFS_SUFFIX = $$(KERNEL_SUFFIX)
  KERNEL_IMAGE = $$(KERNEL_PREFIX)$$(KERNEL_SUFFIX)
-  KERNEL_INITRAMFS_PREFIX = $$(DEVICE_IMG_PREFIX)-initramfs
+  KERNEL_INITRAMFS_PREFIX = $$(IMAGE_PREFIX)-initramfs
  KERNEL_INITRAMFS_IMAGE = $$(KERNEL_INITRAMFS_PREFIX)$$(KERNEL_INITRAMFS_SUFFIX)
  KERNEL_INITRAMFS_NAME = $$(KERNEL_NAME)-initramfs
  KERNEL_INSTALL :=
@@ -406,19 +392,13 @@ define Device/Init

  DEVICE_DTS :=
  DEVICE_DTS_CONFIG :=
-  DEVICE_DTS_DELIMITER :=
  DEVICE_DTS_DIR :=
-  DEVICE_DTS_LOADADDR :=
-  DEVICE_DTS_OVERLAY :=
  DEVICE_FDT_NUM :=
-  DEVICE_DTC_FLAGS :=
-  DEVICE_DTCO_FLAGS :=
  SOC :=

  BOARD_NAME :=
  UIMAGE_MAGIC :=
  UIMAGE_NAME :=
-  UIMAGE_TIME :=
  DEVICE_COMPAT_VERSION := 1.0
  DEVICE_COMPAT_MESSAGE :=
  SUPPORTED_DEVICES := $(subst _,$(comma),$(1))
@@ -435,20 +415,16 @@ endef
 DEFAULT_DEVICE_VARS := \
  DEVICE_NAME KERNEL KERNEL_INITRAMFS KERNEL_INITRAMFS_IMAGE KERNEL_SIZE \
  CMDLINE UBOOTENV_IN_UBI KERNEL_IN_UBI BLOCKSIZE PAGESIZE SUBPAGESIZE \
-  VID_HDR_OFFSET UBINIZE_OPTS UBINIZE_PARTS MKUBIFS_OPTS DEVICE_DTC_FLAGS \
-  DEVICE_DTCO_FLAGS DEVICE_DTS DEVICE_DTS_CONFIG DEVICE_DTS_DELIMITER \
-  DEVICE_DTS_DIR DEVICE_DTS_OVERLAY DEVICE_DTS_LOADADDR \
-  DEVICE_FDT_NUM DEVICE_IMG_PREFIX SOC BOARD_NAME UIMAGE_MAGIC UIMAGE_NAME \
-  UIMAGE_TIME SUPPORTED_DEVICES IMAGE_METADATA KERNEL_ENTRY KERNEL_LOADADDR \
+  VID_HDR_OFFSET UBINIZE_OPTS UBINIZE_PARTS MKUBIFS_OPTS DEVICE_DTS \
+  DEVICE_DTS_CONFIG DEVICE_DTS_DIR DEVICE_FDT_NUM SOC BOARD_NAME \
+  UIMAGE_MAGIC UIMAGE_NAME \
+  SUPPORTED_DEVICES IMAGE_METADATA KERNEL_ENTRY KERNEL_LOADADDR \
  UBOOT_PATH IMAGE_SIZE \
-  FACTORY_IMG_NAME FACTORY_SIZE \
-  DEVICE_PACKAGES DEVICE_COMPAT_VERSION DEVICE_COMPAT_MESSAGE \
+  DEVICE_COMPAT_VERSION DEVICE_COMPAT_MESSAGE \
  DEVICE_VENDOR DEVICE_MODEL DEVICE_VARIANT \
  DEVICE_ALT0_VENDOR DEVICE_ALT0_MODEL DEVICE_ALT0_VARIANT \
  DEVICE_ALT1_VENDOR DEVICE_ALT1_MODEL DEVICE_ALT1_VARIANT \
-  DEVICE_ALT2_VENDOR DEVICE_ALT2_MODEL DEVICE_ALT2_VARIANT \
-  DEVICE_ALT3_VENDOR DEVICE_ALT3_MODEL DEVICE_ALT3_VARIANT \
-  DEVICE_ALT4_VENDOR DEVICE_ALT4_MODEL DEVICE_ALT4_VARIANT
+  DEVICE_ALT2_VENDOR DEVICE_ALT2_MODEL DEVICE_ALT2_VARIANT

 define Device/ExportVar
  $(1) : $(2):=$$($(2))
@@ -500,7 +476,6 @@ define Device/Build/initramfs
 	  $$(if $$(CONFIG_JSON_OVERVIEW_IMAGE_INFO), $(BUILD_DIR)/json_info_files/$$(KERNEL_INITRAMFS_IMAGE).json,))

  $(KDIR)/$$(KERNEL_INITRAMFS_NAME):: image_prepare
-  $(1)-images: $$(if $$(KERNEL_INITRAMFS),$(BIN_DIR)/$$(KERNEL_INITRAMFS_IMAGE))
  $(BIN_DIR)/$$(KERNEL_INITRAMFS_IMAGE): $(KDIR)/tmp/$$(KERNEL_INITRAMFS_IMAGE)
 	cp $$^ $$@

@@ -513,12 +488,12 @@ define Device/Build/initramfs
  $(BUILD_DIR)/json_info_files/$$(KERNEL_INITRAMFS_IMAGE).json: $(BIN_DIR)/$$(KERNEL_INITRAMFS_IMAGE)
 	@mkdir -p $$(shell dirname $$@)
 	DEVICE_ID="$(1)" \
+	BIN_DIR="$(BIN_DIR)" \
 	SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
-	FILE_NAME="$$(notdir $$^)" \
-	FILE_DIR="$(KDIR)/tmp" \
-	FILE_TYPE="kernel" \
-	FILE_FILESYSTEM="initramfs" \
-	DEVICE_IMG_PREFIX="$$(DEVICE_IMG_PREFIX)" \
+	IMAGE_NAME="$$(notdir $$^)" \
+	IMAGE_TYPE="kernel" \
+	IMAGE_FILESYSTEM="initramfs" \
+	IMAGE_PREFIX="$$(IMAGE_PREFIX)" \
 	DEVICE_VENDOR="$$(DEVICE_VENDOR)" \
 	DEVICE_MODEL="$$(DEVICE_MODEL)" \
 	DEVICE_VARIANT="$$(DEVICE_VARIANT)" \
@@ -531,12 +506,6 @@ define Device/Build/initramfs
 	DEVICE_ALT2_VENDOR="$$(DEVICE_ALT2_VENDOR)" \
 	DEVICE_ALT2_MODEL="$$(DEVICE_ALT2_MODEL)" \
 	DEVICE_ALT2_VARIANT="$$(DEVICE_ALT2_VARIANT)" \
-	DEVICE_ALT3_VENDOR="$$(DEVICE_ALT3_VENDOR)" \
-	DEVICE_ALT3_MODEL="$$(DEVICE_ALT3_MODEL)" \
-	DEVICE_ALT3_VARIANT="$$(DEVICE_ALT3_VARIANT)" \
-	DEVICE_ALT4_VENDOR="$$(DEVICE_ALT4_VENDOR)" \
-	DEVICE_ALT4_MODEL="$$(DEVICE_ALT4_MODEL)" \
-	DEVICE_ALT4_VARIANT="$$(DEVICE_ALT4_VARIANT)" \
 	DEVICE_TITLE="$$(DEVICE_TITLE)" \
 	DEVICE_PACKAGES="$$(DEVICE_PACKAGES)" \
 	TARGET="$(BOARD)" \
@@ -551,8 +520,7 @@ endif
 define Device/Build/compile
  $$(_COMPILE_TARGET): $(KDIR)/$(1)
  $(eval $(call Device/Export,$(KDIR)/$(1)))
-  $(KDIR)/$(1): FORCE
-	rm -f $(KDIR)/$(1)
+  $(KDIR)/$(1):
 	$$(call concat_cmd,$(COMPILE/$(1)))

 endef
@@ -567,17 +535,6 @@ define Device/Build/dtb
  image_prepare: $(KDIR)/image-$(1).dtb
  endif

-endef
-
-define Device/Build/dtbo
-  ifndef BUILD_DTSO_$(1)
-  BUILD_DTSO_$(1) := 1
-  $(KDIR)/image-$(1).dtbo: FORCE
-	$(call Image/BuildDTBO,$(strip $(2))/$(strip $(3)).dtso,$$@)
-
-  image_prepare: $(KDIR)/image-$(1).dtbo
-  endif
-
 endef
 endif

@@ -588,12 +545,6 @@ define Device/Build/kernel
 		$$(dts) \
 	) \
  ))
-  $$(eval $$(foreach dtso,$$(DEVICE_DTS_OVERLAY), \
-	$$(call Device/Build/dtbo,$$(notdir $$(dtso)), \
-		$$(if $$(DEVICE_DTS_DIR),$$(DEVICE_DTS_DIR),$$(DTS_DIR)), \
-		$$(dtso) \
-	) \
-  ))

  $(KDIR)/$$(KERNEL_NAME):: image_prepare
  $$(_TARGET): $$(if $$(KERNEL_INSTALL),$(BIN_DIR)/$$(KERNEL_IMAGE))
@@ -614,10 +565,9 @@ endef
 define Device/Build/image
  GZ_SUFFIX := $(if $(filter %dtb %gz,$(2)),,$(if $(and $(findstring ext4,$(1)),$(CONFIG_TARGET_IMAGES_GZIP)),.gz))
  $$(_TARGET): $(if $(CONFIG_JSON_OVERVIEW_IMAGE_INFO), \
-	  $(BUILD_DIR)/json_info_files/$(call DEVICE_IMG_NAME,$(1),$(2)).json, \
-	  $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2))$$(GZ_SUFFIX))
-  $(eval $(call Device/Export,$(KDIR)/tmp/$(call DEVICE_IMG_NAME,$(1),$(2)),$(1)))
-  $(3)-images: $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2))$$(GZ_SUFFIX)
+	  $(BUILD_DIR)/json_info_files/$(call IMAGE_NAME,$(1),$(2)).json, \
+	  $(BIN_DIR)/$(call IMAGE_NAME,$(1),$(2))$$(GZ_SUFFIX))
+  $(eval $(call Device/Export,$(KDIR)/tmp/$(call IMAGE_NAME,$(1),$(2)),$(1)))

  ROOTFS/$(1)/$(3) := \
 	$(KDIR)/root.$(1)$$(strip \
@@ -628,28 +578,28 @@ define Device/Build/image
  ifndef IB
    $$(ROOTFS/$(1)/$(3)): $(if $(TARGET_PER_DEVICE_ROOTFS),target-dir-$$(ROOTFS_ID/$(3)))
  endif
-  $(KDIR)/tmp/$(call DEVICE_IMG_NAME,$(1),$(2)): $$(KDIR_KERNEL_IMAGE) $$(ROOTFS/$(1)/$(3))
+  $(KDIR)/tmp/$(call IMAGE_NAME,$(1),$(2)): $$(KDIR_KERNEL_IMAGE) $$(ROOTFS/$(1)/$(3))
 	@rm -f $$@
 	[ -f $$(word 1,$$^) -a -f $$(word 2,$$^) ]
 	$$(call concat_cmd,$(if $(IMAGE/$(2)/$(1)),$(IMAGE/$(2)/$(1)),$(IMAGE/$(2))))

-  .IGNORE: $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2))
+  .IGNORE: $(BIN_DIR)/$(call IMAGE_NAME,$(1),$(2))

-  $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2)).gz: $(KDIR)/tmp/$(call DEVICE_IMG_NAME,$(1),$(2))
+  $(BIN_DIR)/$(call IMAGE_NAME,$(1),$(2)).gz: $(KDIR)/tmp/$(call IMAGE_NAME,$(1),$(2))
 	gzip -c -9n $$^ > $$@

-  $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2)): $(KDIR)/tmp/$(call DEVICE_IMG_NAME,$(1),$(2))
+  $(BIN_DIR)/$(call IMAGE_NAME,$(1),$(2)): $(KDIR)/tmp/$(call IMAGE_NAME,$(1),$(2))
 	cp $$^ $$@

-  $(BUILD_DIR)/json_info_files/$(call DEVICE_IMG_NAME,$(1),$(2)).json: $(BIN_DIR)/$(call DEVICE_IMG_NAME,$(1),$(2))$$(GZ_SUFFIX)
+  $(BUILD_DIR)/json_info_files/$(call IMAGE_NAME,$(1),$(2)).json: $(BIN_DIR)/$(call IMAGE_NAME,$(1),$(2))$$(GZ_SUFFIX)
 	@mkdir -p $$(shell dirname $$@)
 	DEVICE_ID="$(DEVICE_NAME)" \
+	BIN_DIR="$(BIN_DIR)" \
 	SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
-	FILE_NAME="$(DEVICE_IMG_NAME)" \
-	FILE_DIR="$(KDIR)/tmp" \
-	FILE_TYPE=$(word 1,$(subst ., ,$(2))) \
-	FILE_FILESYSTEM="$(1)" \
-	DEVICE_IMG_PREFIX="$(DEVICE_IMG_PREFIX)" \
+	IMAGE_NAME="$(IMAGE_NAME)" \
+	IMAGE_TYPE=$(word 1,$(subst ., ,$(2))) \
+	IMAGE_FILESYSTEM="$(1)" \
+	IMAGE_PREFIX="$(IMAGE_PREFIX)" \
 	DEVICE_VENDOR="$(DEVICE_VENDOR)" \
 	DEVICE_MODEL="$(DEVICE_MODEL)" \
 	DEVICE_VARIANT="$(DEVICE_VARIANT)" \
@@ -662,12 +612,6 @@ define Device/Build/image
 	DEVICE_ALT2_VENDOR="$(DEVICE_ALT2_VENDOR)" \
 	DEVICE_ALT2_MODEL="$(DEVICE_ALT2_MODEL)" \
 	DEVICE_ALT2_VARIANT="$(DEVICE_ALT2_VARIANT)" \
-	DEVICE_ALT3_VENDOR="$(DEVICE_ALT3_VENDOR)" \
-	DEVICE_ALT3_MODEL="$(DEVICE_ALT3_MODEL)" \
-	DEVICE_ALT3_VARIANT="$(DEVICE_ALT3_VARIANT)" \
-	DEVICE_ALT4_VENDOR="$(DEVICE_ALT4_VENDOR)" \
-	DEVICE_ALT4_MODEL="$(DEVICE_ALT4_MODEL)" \
-	DEVICE_ALT4_VARIANT="$(DEVICE_ALT4_VARIANT)" \
 	DEVICE_TITLE="$(DEVICE_TITLE)" \
 	DEVICE_PACKAGES="$(DEVICE_PACKAGES)" \
 	TARGET="$(BOARD)" \
@@ -680,54 +624,17 @@ define Device/Build/image
 endef

 define Device/Build/artifact
-  $$(_TARGET): $(if $(CONFIG_JSON_OVERVIEW_IMAGE_INFO), \
-	  $(BUILD_DIR)/json_info_files/$(DEVICE_IMG_PREFIX)-$(1).json, \
-	  $(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1))
-  $(eval $(call Device/Export,$(KDIR)/tmp/$(DEVICE_IMG_PREFIX)-$(1)))
-  $(KDIR)/tmp/$(DEVICE_IMG_PREFIX)-$(1): $$(KDIR_KERNEL_IMAGE) $(2)-images
+  $$(_TARGET): $(BIN_DIR)/$(IMAGE_PREFIX)-$(1)
+  $(eval $(call Device/Export,$(KDIR)/tmp/$(IMAGE_PREFIX)-$(1)))
+  $(KDIR)/tmp/$(IMAGE_PREFIX)-$(1): $$(KDIR_KERNEL_IMAGE)
 	@rm -f $$@
 	$$(call concat_cmd,$(ARTIFACT/$(1)))

-  .IGNORE: $(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)
+  .IGNORE: $(BIN_DIR)/$(IMAGE_PREFIX)-$(1)

-  $(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1): $(KDIR)/tmp/$(DEVICE_IMG_PREFIX)-$(1)
+  $(BIN_DIR)/$(IMAGE_PREFIX)-$(1): $(KDIR)/tmp/$(IMAGE_PREFIX)-$(1)
 	cp $$^ $$@

-  $(BUILD_DIR)/json_info_files/$(DEVICE_IMG_PREFIX)-$(1).json: $(BIN_DIR)/$(DEVICE_IMG_PREFIX)-$(1)
-	@mkdir -p $$(shell dirname $$@)
-	DEVICE_ID="$(DEVICE_NAME)" \
-	SOURCE_DATE_EPOCH=$(SOURCE_DATE_EPOCH) \
-	FILE_NAME="$(DEVICE_IMG_PREFIX)-$(1)" \
-	FILE_DIR="$(KDIR)/tmp" \
-	FILE_TYPE="$(1)" \
-	DEVICE_IMG_PREFIX="$(DEVICE_IMG_PREFIX)" \
-	DEVICE_VENDOR="$(DEVICE_VENDOR)" \
-	DEVICE_MODEL="$(DEVICE_MODEL)" \
-	DEVICE_VARIANT="$(DEVICE_VARIANT)" \
-	DEVICE_ALT0_VENDOR="$(DEVICE_ALT0_VENDOR)" \
-	DEVICE_ALT0_MODEL="$(DEVICE_ALT0_MODEL)" \
-	DEVICE_ALT0_VARIANT="$(DEVICE_ALT0_VARIANT)" \
-	DEVICE_ALT1_VENDOR="$(DEVICE_ALT1_VENDOR)" \
-	DEVICE_ALT1_MODEL="$(DEVICE_ALT1_MODEL)" \
-	DEVICE_ALT1_VARIANT="$(DEVICE_ALT1_VARIANT)" \
-	DEVICE_ALT2_VENDOR="$(DEVICE_ALT2_VENDOR)" \
-	DEVICE_ALT2_MODEL="$(DEVICE_ALT2_MODEL)" \
-	DEVICE_ALT2_VARIANT="$(DEVICE_ALT2_VARIANT)" \
-	DEVICE_ALT3_VENDOR="$(DEVICE_ALT3_VENDOR)" \
-	DEVICE_ALT3_MODEL="$(DEVICE_ALT3_MODEL)" \
-	DEVICE_ALT3_VARIANT="$(DEVICE_ALT3_VARIANT)" \
-	DEVICE_ALT4_VENDOR="$(DEVICE_ALT4_VENDOR)" \
-	DEVICE_ALT4_MODEL="$(DEVICE_ALT4_MODEL)" \
-	DEVICE_ALT4_VARIANT="$(DEVICE_ALT4_VARIANT)" \
-	DEVICE_TITLE="$(DEVICE_TITLE)" \
-	DEVICE_PACKAGES="$(DEVICE_PACKAGES)" \
-	TARGET="$(BOARD)" \
-	SUBTARGET="$(if $(SUBTARGET),$(SUBTARGET),generic)" \
-	VERSION_NUMBER="$(VERSION_NUMBER)" \
-	VERSION_CODE="$(VERSION_CODE)" \
-	SUPPORTED_DEVICES="$(SUPPORTED_DEVICES)" \
-	$(TOPDIR)/scripts/json_add_image_info.py $$@
-
 endef

 define Device/Build
@@ -742,7 +649,7 @@ define Device/Build
      $$(call Device/Build/image,$$(fs),$$(image),$(1)))))

  $$(eval $$(foreach artifact,$$(ARTIFACTS), \
-    $$(call Device/Build/artifact,$$(artifact),$(1))))
+    $$(call Device/Build/artifact,$$(artifact))))

 endef

@@ -760,8 +667,6 @@ $(if $(strip $(DEVICE_ALT0_TITLE)),Alternative device titles:
 - $(DEVICE_ALT0_TITLE))
 $(if $(strip $(DEVICE_ALT1_TITLE)),- $(DEVICE_ALT1_TITLE))
 $(if $(strip $(DEVICE_ALT2_TITLE)),- $(DEVICE_ALT2_TITLE))
-$(if $(strip $(DEVICE_ALT3_TITLE)),- $(DEVICE_ALT3_TITLE))
-$(if $(strip $(DEVICE_ALT4_TITLE)),- $(DEVICE_ALT4_TITLE))
@@

 endef
@@ -779,14 +684,6 @@ ifneq ($$(strip $$(DEVICE_ALT2_TITLE)),)
 DEVICE_DISPLAY = $$(DEVICE_ALT2_TITLE) ($$(DEVICE_TITLE))
 $$(info $$(call Device/DumpInfo,$(1)))
 endif
-ifneq ($$(strip $$(DEVICE_ALT3_TITLE)),)
-DEVICE_DISPLAY = $$(DEVICE_ALT3_TITLE) ($$(DEVICE_TITLE))
-$$(info $$(call Device/DumpInfo,$(1)))
-endif
-ifneq ($$(strip $$(DEVICE_ALT4_TITLE)),)
-DEVICE_DISPLAY = $$(DEVICE_ALT4_TITLE) ($$(DEVICE_TITLE))
-$$(info $$(call Device/DumpInfo,$(1)))
-endif
 DEVICE_DISPLAY = $$(DEVICE_TITLE)
 $$(eval $$(if $$(DEVICE_TITLE),$$(info $$(call Device/DumpInfo,$(1)))))
 endef
@@ -830,7 +727,6 @@ define BuildImage

  else
    image_prepare:
-		rm -rf $(KDIR)/tmp
 		mkdir -p $(BIN_DIR) $(KDIR)/tmp
  endif

--- a/include/kernel-5.15
+++ b/include/kernel-5.15
@@ -1,2 +0,0 @@
-LINUX_VERSION-5.15 = .134
-LINUX_KERNEL_HASH-5.15.134 = f37182aecb57ed6853d01e1074d3a60a653331e35f3115728381e08be050b9d3
--- a/include/kernel-build.mk
+++ b/include/kernel-build.mk
@@ -10,7 +10,7 @@ ifneq ($(DUMP),1)
 endif

 KERNEL_FILE_DEPENDS=$(GENERIC_BACKPORT_DIR) $(GENERIC_PATCH_DIR) $(GENERIC_HACK_DIR) $(PATCH_DIR) $(GENERIC_FILES_DIR) $(FILES_DIR)
-STAMP_PREPARED=$(LINUX_DIR)/.prepared$(if $(QUILT)$(DUMP),,_$(shell $(call $(if $(CONFIG_AUTOREMOVE),find_md5_reproducible,find_md5),$(KERNEL_FILE_DEPENDS),)))
+STAMP_PREPARED=$(LINUX_DIR)/.prepared$(if $(QUILT)$(DUMP),,_$(shell $(call find_md5,$(KERNEL_FILE_DEPENDS),)))
 STAMP_CONFIGURED:=$(LINUX_DIR)/.configured
 include $(INCLUDE_DIR)/download.mk
 include $(INCLUDE_DIR)/quilt.mk
@@ -132,7 +132,6 @@ define BuildKernel
  $(LINUX_DIR)/.modules: export STAGING_PREFIX=$$(STAGING_DIR_HOST)
  $(LINUX_DIR)/.modules: export PKG_CONFIG_PATH=$$(STAGING_DIR_HOST)/lib/pkgconfig
  $(LINUX_DIR)/.modules: export PKG_CONFIG_LIBDIR=$$(STAGING_DIR_HOST)/lib/pkgconfig
-  $(LINUX_DIR)/.modules: export FAIL_ON_UNCONFIGURED=1
  $(LINUX_DIR)/.modules: $(STAMP_CONFIGURED) $(LINUX_DIR)/.config FORCE
 	$(Kernel/CompileModules)
 	touch $$@
@@ -162,6 +161,7 @@ define BuildKernel
 	$(LINUX_RECONF_CMD) > $(LINUX_DIR)/.config
 	$(_SINGLE)$(KERNEL_MAKE) \
 		$(if $(findstring Darwin,$(HOST_OS)), \
+			HOST_LOADLIBES="-L$(STAGING_DIR_HOST)/lib -lncurses" \
 			HOSTLDLIBS_mconf="-L$(STAGING_DIR_HOST)/lib -lncurses" \
 			filechk_conf_cfg="	:" \
 		) \
--- a/include/kernel-defaults.mk
+++ b/include/kernel-defaults.mk
@@ -3,7 +3,7 @@
 # Copyright (C) 2006-2020 OpenWrt.org

 ifdef CONFIG_STRIP_KERNEL_EXPORTS
-  KERNEL_MAKEOPTS_IMAGE += \
+  KERNEL_MAKEOPTS += \
 	EXTRA_LDSFLAGS="-I$(KERNEL_BUILD_DIR) -include symtab.h"
 endif

@@ -21,7 +21,7 @@ Kernel/Patch:=$(Kernel/Patch/Default)
 ifneq (,$(findstring .xz,$(LINUX_SOURCE)))
  LINUX_CAT:=xzcat
 else
-  LINUX_CAT:=$(STAGING_DIR_HOST)/bin/libdeflate-gzip -dc
+  LINUX_CAT:=gzip -dc
 endif

 ifeq ($(strip $(CONFIG_EXTERNAL_KERNEL_TREE)),"")
@@ -50,13 +50,6 @@ else
 endif

 ifeq ($(CONFIG_TARGET_ROOTFS_INITRAMFS),y)
-  ifeq ($(CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE),y)
-    define Kernel/SetInitramfs/PreConfigure
-	grep -v -e CONFIG_BLK_DEV_INITRD $(LINUX_DIR)/.config.old > $(LINUX_DIR)/.config
-	echo 'CONFIG_BLK_DEV_INITRD=y' >> $(LINUX_DIR)/.config
-	echo 'CONFIG_INITRAMFS_SOURCE=""' >> $(LINUX_DIR)/.config
-    endef
-  else
  ifeq ($(strip $(CONFIG_EXTERNAL_CPIO)),"")
    define Kernel/SetInitramfs/PreConfigure
 	grep -v -e INITRAMFS -e CONFIG_RD_ -e CONFIG_BLK_DEV_INITRD $(LINUX_DIR)/.config.old > $(LINUX_DIR)/.config
@@ -69,19 +62,14 @@ ifeq ($(CONFIG_TARGET_ROOTFS_INITRAMFS),y)
 	echo 'CONFIG_INITRAMFS_SOURCE="$(call qstrip,$(CONFIG_EXTERNAL_CPIO))"' >> $(LINUX_DIR)/.config
    endef
  endif
-endif

  define Kernel/SetInitramfs
 	rm -f $(LINUX_DIR)/.config.prev
 	mv $(LINUX_DIR)/.config $(LINUX_DIR)/.config.old
 	$(call Kernel/SetInitramfs/PreConfigure)
-  ifneq ($(CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE),y)
 	echo 'CONFIG_INITRAMFS_ROOT_UID=$(shell id -u)' >> $(LINUX_DIR)/.config
 	echo 'CONFIG_INITRAMFS_ROOT_GID=$(shell id -g)' >> $(LINUX_DIR)/.config
 	echo "$(if $(CONFIG_TARGET_INITRAMFS_FORCE),CONFIG_INITRAMFS_FORCE=y,# CONFIG_INITRAMFS_FORCE is not set)" >> $(LINUX_DIR)/.config
-  else
-	echo "# CONFIG_INITRAMFS_FORCE is not set" >> $(LINUX_DIR)/.config
-  endif
 	echo "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_NONE),CONFIG_INITRAMFS_COMPRESSION_NONE=y,# CONFIG_INITRAMFS_COMPRESSION_NONE is not set)" >> $(LINUX_DIR)/.config
 	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),CONFIG_INITRAMFS_COMPRESSION_GZIP=y\nCONFIG_RD_GZIP=y,# CONFIG_INITRAMFS_COMPRESSION_GZIP is not set\n# CONFIG_RD_GZIP is not set)" >> $(LINUX_DIR)/.config
 	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_BZIP2),CONFIG_INITRAMFS_COMPRESSION_BZIP2=y\nCONFIG_RD_BZIP2=y,# CONFIG_INITRAMFS_COMPRESSION_BZIP2 is not set\n# CONFIG_RD_BZIP2 is not set)" >> $(LINUX_DIR)/.config
@@ -89,7 +77,7 @@ endif
 	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZO),CONFIG_INITRAMFS_COMPRESSION_LZO=y\nCONFIG_RD_LZO=y,# CONFIG_INITRAMFS_COMPRESSION_LZO is not set\n# CONFIG_RD_LZO is not set)" >> $(LINUX_DIR)/.config
 	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),CONFIG_INITRAMFS_COMPRESSION_XZ=y\nCONFIG_RD_XZ=y,# CONFIG_INITRAMFS_COMPRESSION_XZ is not set\n# CONFIG_RD_XZ is not set)" >> $(LINUX_DIR)/.config
 	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZ4),CONFIG_INITRAMFS_COMPRESSION_LZ4=y\nCONFIG_RD_LZ4=y,# CONFIG_INITRAMFS_COMPRESSION_LZ4 is not set\n# CONFIG_RD_LZ4 is not set)" >> $(LINUX_DIR)/.config
-	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_ZSTD),CONFIG_INITRAMFS_COMPRESSION_ZSTD=y\nCONFIG_RD_ZSTD=y,# CONFIG_INITRAMFS_COMPRESSION_ZSTD is not set\n# CONFIG_RD_ZSTD is not set)" >> $(LINUX_DIR)/.config
+	echo -e "$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_ZSTD),CONFIG_INITRAMFS_COMPRESSION_ZSTD=y\nCONFIG_RD_STD=y,# CONFIG_INITRAMFS_COMPRESSION_ZSTD is not set\n# CONFIG_RD_ZSTD is not set)" >> $(LINUX_DIR)/.config
  endef
 else
 endif
@@ -117,8 +105,8 @@ define Kernel/Configure/Default
 		cp $(LINUX_DIR)/.config.set $(LINUX_DIR)/.config; \
 		cp $(LINUX_DIR)/.config.set $(LINUX_DIR)/.config.prev; \
 	}
-	$(_SINGLE) [ -d $(LINUX_DIR)/user_headers ] || $(KERNEL_MAKE) $(if $(findstring uml,$(BOARD)),ARCH=$(ARCH)) INSTALL_HDR_PATH=$(LINUX_DIR)/user_headers headers_install
-	grep '=[ym]' $(LINUX_DIR)/.config.set | LC_ALL=C sort | $(MKHASH) md5 > $(LINUX_DIR)/.vermagic
+	$(_SINGLE) [ -d $(LINUX_DIR)/user_headers ] || $(KERNEL_MAKE) INSTALL_HDR_PATH=$(LINUX_DIR)/user_headers headers_install
+	grep '=[ym]' $(LINUX_DIR)/.config.set | LC_ALL=C sort | mkhash md5 > $(LINUX_DIR)/.vermagic
 endef

 define Kernel/Configure/Initramfs
@@ -127,11 +115,7 @@ endef

 define Kernel/CompileModules/Default
 	rm -f $(LINUX_DIR)/vmlinux $(LINUX_DIR)/System.map
-	+$(KERNEL_MAKE) $(if $(KERNELNAME),$(KERNELNAME),all) modules
-	# If .config did not change, use the previous timestamp to avoid package rebuilds
-	cmp -s $(LINUX_DIR)/.config $(LINUX_DIR)/.config.modules.save && \
-		mv $(LINUX_DIR)/.config.modules.save $(LINUX_DIR)/.config; \
-	$(CP) $(LINUX_DIR)/.config $(LINUX_DIR)/.config.modules.save
+	+$(KERNEL_MAKE) modules
 endef

 OBJCOPY_STRIP = -R .reginfo -R .notes -R .note -R .comment -R .mdebug -R .note.gnu.build-id
@@ -155,7 +139,7 @@ endef

 define Kernel/CompileImage/Default
 	rm -f $(TARGET_DIR)/init
-	+$(KERNEL_MAKE) $(KERNEL_MAKEOPTS_IMAGE) $(if $(KERNELNAME),$(KERNELNAME),all)
+	+$(KERNEL_MAKE) $(if $(KERNELNAME),$(KERNELNAME),all) modules
 	$(call Kernel/CopyImage)
 endef

@@ -163,24 +147,9 @@ ifneq ($(CONFIG_TARGET_ROOTFS_INITRAMFS),)
 define Kernel/CompileImage/Initramfs
 	$(call Kernel/Configure/Initramfs)
 	$(CP) $(GENERIC_PLATFORM_DIR)/other-files/init $(TARGET_DIR)/init
-	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(TARGET_DIR) $(TARGET_DIR)/init)
+	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(TARGET_DIR)/init)
 	rm -rf $(KERNEL_BUILD_DIR)/linux-$(LINUX_VERSION)/usr/initramfs_data.cpio*
-ifeq ($(CONFIG_TARGET_ROOTFS_INITRAMFS_SEPARATE),y)
-ifneq ($(qstrip $(CONFIG_EXTERNAL_CPIO)),)
-	$(CP) $(CONFIG_EXTERNAL_CPIO) $(KERNEL_BUILD_DIR)/initrd.cpio
-else
-	( cd $(TARGET_DIR); find . | LC_ALL=C sort | $(STAGING_DIR_HOST)/bin/cpio --reproducible -o -H newc -R 0:0 > $(KERNEL_BUILD_DIR)/initrd.cpio )
-endif
-	$(if $(SOURCE_DATE_EPOCH),touch -hcd "@$(SOURCE_DATE_EPOCH)" $(KERNEL_BUILD_DIR)/initrd.cpio)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_BZIP2),$(STAGING_DIR_HOST)/bin/bzip2 -9 -c < $(KERNEL_BUILD_DIR)/initrd.cpio > $(KERNEL_BUILD_DIR)/initrd.cpio.bzip2)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_GZIP),$(STAGING_DIR_HOST)/bin/libdeflate-gzip -n -f -S .gzip -12 $(KERNEL_BUILD_DIR)/initrd.cpio)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZ4),$(STAGING_DIR_HOST)/bin/lz4c -l -c1 -fz --favor-decSpeed $(KERNEL_BUILD_DIR)/initrd.cpio)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZMA),$(STAGING_DIR_HOST)/bin/lzma e -lc1 -lp2 -pb2 $(KERNEL_BUILD_DIR)/initrd.cpio $(KERNEL_BUILD_DIR)/initrd.cpio.lzma)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_LZO),$(STAGING_DIR_HOST)/bin/lzop -9 -f $(KERNEL_BUILD_DIR)/initrd.cpio)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_XZ),$(STAGING_DIR_HOST)/bin/xz -T$(if $(filter 1,$(NPROC)),2,0) -9 -fz --check=crc32 $(KERNEL_BUILD_DIR)/initrd.cpio)
-	$(if $(CONFIG_TARGET_INITRAMFS_COMPRESSION_ZSTD),$(STAGING_DIR_HOST)/bin/zstd -T0 -f -o $(KERNEL_BUILD_DIR)/initrd.cpio.zstd $(KERNEL_BUILD_DIR)/initrd.cpio)
-endif
-	+$(KERNEL_MAKE) $(KERNEL_MAKEOPTS_IMAGE) $(if $(KERNELNAME),$(KERNELNAME),all)
+	+$(KERNEL_MAKE) $(if $(KERNELNAME),$(KERNELNAME),all) modules
 	$(call Kernel/CopyImage,-initramfs)
 endef
 else
@@ -193,3 +162,5 @@ define Kernel/Clean/Default
 	rm -f $(LINUX_KERNEL)
 	$(_SINGLE)$(MAKE) -C $(KERNEL_BUILD_DIR)/linux-$(LINUX_VERSION) clean
 endef
+
+
--- a/include/kernel-version.mk
+++ b/include/kernel-version.mk
@@ -6,21 +6,9 @@ ifdef CONFIG_TESTING_KERNEL
  KERNEL_PATCHVER:=$(KERNEL_TESTING_PATCHVER)
 endif

-KERNEL_DETAILS_FILE=$(INCLUDE_DIR)/kernel-$(KERNEL_PATCHVER)
-ifeq ($(wildcard $(KERNEL_DETAILS_FILE)),)
-  $(error Missing kernel version/hash file for $(KERNEL_PATCHVER). Please create $(KERNEL_DETAILS_FILE))
-endif
+LINUX_VERSION-5.4 = .119

-include $(KERNEL_DETAILS_FILE)
-
-ifdef KERNEL_TESTING_PATCHVER
-  KERNEL_TESTING_DETAILS_FILE=$(INCLUDE_DIR)/kernel-$(KERNEL_TESTING_PATCHVER)
-  ifeq ($(wildcard $(KERNEL_TESTING_DETAILS_FILE)),)
-    $(error Missing kernel version/hash file for $(KERNEL_TESTING_PATCHVER). Please create $(KERNEL_TESTING_DETAILS_FILE))
-  endif
-
-  include $(KERNEL_TESTING_DETAILS_FILE)
-endif
+LINUX_KERNEL_HASH-5.4.119 = 71e7decf1e8149a8aed88d30df4f2a62a6c6b168111de6b261685ac7c0ecb2a0

 remove_uri_prefix=$(subst git://,,$(subst http://,,$(subst https://,,$(1))))
 sanitize_uri=$(call qstrip,$(subst @,_,$(subst :,_,$(subst .,_,$(subst -,_,$(subst /,_,$(1)))))))
--- a/include/kernel.mk
+++ b/include/kernel.mk
@@ -90,8 +90,6 @@ else ifneq (,$(findstring $(ARCH) , mipsel mips64 mips64el ))
  LINUX_KARCH := mips
 else ifneq (,$(findstring $(ARCH) , powerpc64 ))
  LINUX_KARCH := powerpc
-else ifneq (,$(findstring $(ARCH) , riscv64 ))
-  LINUX_KARCH := riscv
 else ifneq (,$(findstring $(ARCH) , sh2 sh3 sh4 ))
  LINUX_KARCH := sh
 else ifneq (,$(findstring $(ARCH) , i386 x86_64 ))
@@ -103,7 +101,7 @@ endif
 KERNEL_MAKE = $(MAKE) $(KERNEL_MAKEOPTS)

 KERNEL_MAKE_FLAGS = \
-	KCFLAGS="$(call iremap,$(BUILD_DIR),$(notdir $(BUILD_DIR))) $(filter-out -fno-plt,$(call qstrip,$(CONFIG_EXTRA_OPTIMIZATION))) $(call qstrip,$(CONFIG_KERNEL_CFLAGS))" \
+	KCFLAGS="$(call iremap,$(BUILD_DIR),$(notdir $(BUILD_DIR)))" \
 	HOSTCFLAGS="$(HOST_CFLAGS) -Wall -Wmissing-prototypes -Wstrict-prototypes" \
 	CROSS_COMPILE="$(KERNEL_CROSS)" \
 	ARCH="$(LINUX_KARCH)" \
@@ -112,7 +110,8 @@ KERNEL_MAKE_FLAGS = \
 	KBUILD_BUILD_HOST="$(call qstrip,$(CONFIG_KERNEL_BUILD_DOMAIN))" \
 	KBUILD_BUILD_TIMESTAMP="$(KBUILD_BUILD_TIMESTAMP)" \
 	KBUILD_BUILD_VERSION="0" \
-	KBUILD_HOSTLDFLAGS="-L$(STAGING_DIR_HOST)/lib" \
+	HOST_LOADLIBES="-L$(STAGING_DIR_HOST)/lib" \
+	KBUILD_HOSTLDLIBS="-L$(STAGING_DIR_HOST)/lib" \
 	CONFIG_SHELL="$(BASH)" \
 	$(if $(findstring c,$(OPENWRT_VERBOSE)),V=1,V='') \
 	$(if $(PKG_BUILD_ID),LDFLAGS_MODULE=--build-id=0x$(PKG_BUILD_ID)) \
@@ -127,17 +126,17 @@ ifeq ($(call qstrip,$(CONFIG_EXTERNAL_KERNEL_TREE))$(call qstrip,$(CONFIG_KERNEL
 	KERNELRELEASE=$(LINUX_VERSION)
 endif

-ifneq ($(HOST_OS),Linux)
-  KERNEL_MAKE_FLAGS += CONFIG_STACK_VALIDATION=
-  export SKIP_STACK_VALIDATION:=1
-endif
-
-KERNEL_MAKEOPTS = -C $(LINUX_DIR) $(KERNEL_MAKE_FLAGS)
+KERNEL_MAKEOPTS := -C $(LINUX_DIR) $(KERNEL_MAKE_FLAGS)

 ifdef CONFIG_USE_SPARSE
  KERNEL_MAKEOPTS += C=1 CHECK=$(STAGING_DIR_HOST)/bin/sparse
 endif

+ifneq ($(HOST_OS),Linux)
+  KERNEL_MAKEOPTS += CONFIG_STACK_VALIDATION=
+  export SKIP_STACK_VALIDATION:=1
+endif
+
 PKG_EXTMOD_SUBDIRS ?= .

 PKG_SYMVERS_DIR = $(KERNEL_BUILD_DIR)/symvers
@@ -236,7 +235,7 @@ $(call KernelPackage/$(1)/config)
  $(call KernelPackage/depends)
  $(call KernelPackage/hooks)

-  ifneq ($(if $(filter-out %=y %=n %=m,$(KCONFIG)),$(filter m y,$(foreach c,$(call version_filter,$(filter-out %=y %=n %=m,$(KCONFIG))),$($(c)))),.),)
+  ifneq ($(if $(filter-out %=y %=n %=m,$(KCONFIG)),$(filter m y,$(foreach c,$(filter-out %=y %=n %=m,$(KCONFIG)),$($(c)))),.),)
    define Package/kmod-$(1)/install
 		  @for mod in $$(call version_filter,$$(FILES)); do \
 			if grep -q "$$$$$$$${mod##$(LINUX_DIR)/}" "$(LINUX_DIR)/modules.builtin"; then \
--- a/include/meson.mk
+++ b/include/meson.mk
@@ -1,146 +0,0 @@
-# To build your package using meson:
-#
-# include $(INCLUDE_DIR)/meson.mk
-# MESON_ARGS+=-Dfoo -Dbar=baz
-#
-# To pass additional environment variables to meson:
-#
-# MESON_VARS+=FOO=bar
-#
-# Default configure/compile/install targets are provided, but can be
-# overwritten if required:
-#
-# define Build/Configure
-#   $(call Build/Configure/Meson)
-#   ...
-# endef
-#
-# same for Build/Compile and Build/Install
-#
-# Host packages are built in the same fashion, just use these vars instead:
-#
-# MESON_HOST_ARGS+=-Dfoo -Dbar=baz
-# MESON_HOST_VARS+=FOO=bar
-
-MESON_DIR:=$(STAGING_DIR_HOST)/lib/meson
-
-MESON_HOST_BUILD_DIR:=$(HOST_BUILD_DIR)/openwrt-build
-MESON_HOST_VARS:=
-MESON_HOST_ARGS:=
-
-MESON_BUILD_DIR:=$(PKG_BUILD_DIR)/openwrt-build
-MESON_VARS:=
-MESON_ARGS:=
-
-ifneq ($(findstring i386,$(CONFIG_ARCH)),)
-MESON_ARCH:="x86"
-else ifneq ($(findstring powerpc64,$(CONFIG_ARCH)),)
-MESON_ARCH:="ppc64"
-else ifneq ($(findstring powerpc,$(CONFIG_ARCH)),)
-MESON_ARCH:="ppc"
-else ifneq ($(findstring mips64el,$(CONFIG_ARCH)),)
-MESON_ARCH:="mips64"
-else ifneq ($(findstring mipsel,$(CONFIG_ARCH)),)
-MESON_ARCH:="mips"
-else ifneq ($(findstring armeb,$(CONFIG_ARCH)),)
-MESON_ARCH:="arm"
-else
-MESON_ARCH:=$(CONFIG_ARCH)
-endif
-
-# this is undefined for just x64_64
-ifeq ($(origin CPU_TYPE),undefined)
-MESON_CPU:="generic"
-else
-MESON_CPU:="$(CPU_TYPE)$(if $(CPU_SUBTYPE),+$(CPU_SUBTYPE))"
-endif
-
-define Meson
-	$(2) $(STAGING_DIR_HOST)/bin/$(PYTHON) $(STAGING_DIR_HOST)/bin/meson.py $(1)
-endef
-
-define Meson/CreateNativeFile
-	$(STAGING_DIR_HOST)/bin/sed \
-		-e "s|@CC@|$(foreach BIN,$(HOSTCC),'$(BIN)',)|" \
-		-e "s|@CXX@|$(foreach BIN,$(HOSTCXX),'$(BIN)',)|" \
-		-e "s|@PKGCONFIG@|$(PKG_CONFIG)|" \
-		-e "s|@CMAKE@|$(STAGING_DIR_HOST)/bin/cmake|" \
-		-e "s|@PYTHON@|$(STAGING_DIR_HOST)/bin/python3|" \
-		-e "s|@CFLAGS@|$(foreach FLAG,$(HOST_CFLAGS) $(HOST_CPPFLAGS),'$(FLAG)',)|" \
-		-e "s|@CXXFLAGS@|$(foreach FLAG,$(HOST_CXXFLAGS) $(HOST_CPPFLAGS),'$(FLAG)',)|" \
-		-e "s|@LDFLAGS@|$(foreach FLAG,$(HOST_LDFLAGS),'$(FLAG)',)|" \
-		-e "s|@PREFIX@|$(HOST_BUILD_PREFIX)|" \
-		< $(MESON_DIR)/openwrt-native.txt.in \
-		> $(1)
-endef
-
-define Meson/CreateCrossFile
-	$(STAGING_DIR_HOST)/bin/sed \
-		-e "s|@CC@|$(foreach BIN,$(TARGET_CC),'$(BIN)',)|" \
-		-e "s|@CXX@|$(foreach BIN,$(TARGET_CXX),'$(BIN)',)|" \
-		-e "s|@AR@|$(TARGET_AR)|" \
-		-e "s|@STRIP@|$(TARGET_CROSS)strip|" \
-		-e "s|@NM@|$(TARGET_NM)|" \
-		-e "s|@PKGCONFIG@|$(PKG_CONFIG)|" \
-		-e "s|@CMAKE@|$(STAGING_DIR_HOST)/bin/cmake|" \
-		-e "s|@PYTHON@|$(STAGING_DIR_HOST)/bin/python3|" \
-		-e "s|@CFLAGS@|$(foreach FLAG,$(TARGET_CFLAGS) $(EXTRA_CFLAGS) $(TARGET_CPPFLAGS) $(EXTRA_CPPFLAGS),'$(FLAG)',)|" \
-		-e "s|@CXXFLAGS@|$(foreach FLAG,$(TARGET_CXXFLAGS) $(EXTRA_CXXFLAGS) $(TARGET_CPPFLAGS) $(EXTRA_CPPFLAGS),'$(FLAG)',)|" \
-		-e "s|@LDFLAGS@|$(foreach FLAG,$(TARGET_LDFLAGS) $(EXTRA_LDFLAGS),'$(FLAG)',)|" \
-		-e "s|@ARCH@|$(MESON_ARCH)|" \
-		-e "s|@CPU@|$(MESON_CPU)|" \
-		-e "s|@ENDIAN@|$(if $(CONFIG_BIG_ENDIAN),big,little)|" \
-		< $(MESON_DIR)/openwrt-cross.txt.in \
-		> $(1)
-endef
-
-define Host/Configure/Meson
-	$(call Meson/CreateNativeFile,$(HOST_BUILD_DIR)/openwrt-native.txt)
-	$(call Meson, \
-		--native-file $(HOST_BUILD_DIR)/openwrt-native.txt \
-		$(MESON_HOST_ARGS) \
-		$(MESON_HOST_BUILD_DIR) \
-		$(MESON_HOST_BUILD_DIR)/.., \
-		$(MESON_HOST_VARS))
-endef
-
-define Host/Compile/Meson
-	+$(NINJA) -C $(MESON_HOST_BUILD_DIR) $(1)
-endef
-
-define Host/Install/Meson
-	+$(NINJA) -C $(MESON_HOST_BUILD_DIR) install
-endef
-
-define Host/Uninstall/Meson
-	+$(NINJA) -C $(MESON_HOST_BUILD_DIR) uninstall || true
-endef
-
-define Build/Configure/Meson
-	$(call Meson/CreateNativeFile,$(PKG_BUILD_DIR)/openwrt-native.txt)
-	$(call Meson/CreateCrossFile,$(PKG_BUILD_DIR)/openwrt-cross.txt)
-	$(call Meson, \
-		--buildtype plain \
-		--native-file $(PKG_BUILD_DIR)/openwrt-native.txt \
-		--cross-file $(PKG_BUILD_DIR)/openwrt-cross.txt \
-		$(MESON_ARGS) \
-		$(MESON_BUILD_DIR) \
-		$(MESON_BUILD_DIR)/.., \
-		$(MESON_VARS))
-endef
-
-define Build/Compile/Meson
-	+$(NINJA) -C $(MESON_BUILD_DIR) $(1)
-endef
-
-define Build/Install/Meson
-	+DESTDIR="$(PKG_INSTALL_DIR)" $(NINJA) -C $(MESON_BUILD_DIR) install
-endef
-
-Host/Configure=$(call Host/Configure/Meson)
-Host/Compile=$(call Host/Compile/Meson)
-Host/Install=$(call Host/Install/Meson)
-Host/Uninstall=$(call Host/Uninstall/Meson)
-Build/Configure=$(call Build/Configure/Meson)
-Build/Compile=$(call Build/Compile/Meson)
-Build/Install=$(call Build/Install/Meson)
--- a/include/netfilter.mk
+++ b/include/netfilter.mk
@@ -48,6 +48,8 @@ $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_MATCH_COMMENT, $(P_XT)xt_comme
 $(eval $(call nf_add,IPT_CLUSTER,CONFIG_NETFILTER_XT_MATCH_CLUSTER, $(P_XT)xt_cluster))

 $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_XT)xt_LOG))
+$(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_XT)nf_log_common))
+$(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_LOG, $(P_V4)nf_log_ipv4))
 $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_TARGET_TCPMSS, $(P_XT)xt_TCPMSS))
 $(eval $(call nf_add,IPT_CORE,CONFIG_IP_NF_TARGET_REJECT, $(P_V4)ipt_REJECT))
 $(eval $(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_MATCH_TIME, $(P_XT)xt_time))
@@ -62,7 +64,9 @@ $(eval $(if $(NF_KMOD),,$(call nf_add,IPT_CORE,CONFIG_NETFILTER_XT_MARK, $(P_XT)

 # kernel only
 $(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_CONNTRACK, $(P_XT)nf_conntrack),))
+$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_CONNTRACK_RTCACHE, $(P_XT)nf_conntrack_rtcache),))
 $(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_DEFRAG_IPV4, $(P_V4)nf_defrag_ipv4),))
+$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_CONNTRACK_IPV4, $(P_V4)nf_conntrack_ipv4),))

 $(eval $(call nf_add,IPT_CONNTRACK,CONFIG_NETFILTER_XT_MATCH_STATE, $(P_XT)xt_state))
 $(eval $(call nf_add,IPT_CONNTRACK,CONFIG_NETFILTER_XT_TARGET_CT, $(P_XT)xt_CT))
@@ -73,6 +77,7 @@ $(eval $(call nf_add,IPT_CONNTRACK,CONFIG_NETFILTER_XT_MATCH_CONNTRACK, $(P_XT)x

 $(eval $(call nf_add,IPT_CONNTRACK_EXTRA,CONFIG_NETFILTER_XT_MATCH_CONNBYTES, $(P_XT)xt_connbytes))
 $(eval $(call nf_add,IPT_CONNTRACK_EXTRA,CONFIG_NETFILTER_XT_MATCH_CONNLIMIT, $(P_XT)xt_connlimit))
+$(eval $(call nf_add,IPT_CONNTRACK_EXTRA,CONFIG_NETFILTER_CONNCOUNT, $(P_XT)nf_conncount))
 $(eval $(call nf_add,IPT_CONNTRACK_EXTRA,CONFIG_NETFILTER_XT_CONNMARK, $(P_XT)xt_connmark))
 $(eval $(call nf_add,IPT_CONNTRACK_EXTRA,CONFIG_NETFILTER_XT_MATCH_HELPER, $(P_XT)xt_helper))
 $(eval $(call nf_add,IPT_CONNTRACK_EXTRA,CONFIG_NETFILTER_XT_MATCH_RECENT, $(P_XT)xt_recent))
@@ -89,7 +94,6 @@ $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_ADDRTYPE, $(if $(NF_KMO
 $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_OWNER, $(P_XT)xt_owner))
 $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_PKTTYPE, $(P_XT)xt_pkttype))
 $(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_QUOTA, $(P_XT)xt_quota))
-$(eval $(call nf_add,IPT_EXTRA,CONFIG_NETFILTER_XT_MATCH_CGROUP, $(P_XT)xt_cgroup))

 #$(eval $(call nf_add,IPT_EXTRA,CONFIG_IP_NF_TARGET_ROUTE, $(P_V4)ipt_ROUTE))

@@ -115,6 +119,7 @@ $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_MATCH_STATISTIC, $(P_XT)xt_st
 $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_MATCH_TCPMSS, $(P_XT)xt_tcpmss))

 $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_TARGET_CLASSIFY, $(P_XT)xt_CLASSIFY))
+$(eval $(call nf_add,IPT_IPOPT,CONFIG_IP_NF_MATCH_DSCP, $(P_V4)ipt_dscp))
 $(eval $(call nf_add,IPT_IPOPT,CONFIG_IP_NF_TARGET_ECN, $(P_V4)ipt_ECN))

 $(eval $(call nf_add,IPT_IPOPT,CONFIG_NETFILTER_XT_MATCH_ECN, $(P_XT)xt_ecn))
@@ -150,13 +155,17 @@ $(eval $(if $(NF_KMOD),$(call nf_add,NF_REJECT6,CONFIG_NF_REJECT_IPV6, $(P_V6)nf
 $(eval $(if $(NF_KMOD),$(call nf_add,NF_IPT6,CONFIG_IP6_NF_IPTABLES, $(P_V6)ip6_tables),))

 $(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK,CONFIG_NF_DEFRAG_IPV6, $(P_V6)nf_defrag_ipv6),))
+$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNTRACK6,CONFIG_NF_CONNTRACK_IPV6, $(P_V6)nf_conntrack_ipv6),))

 $(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_FILTER, $(P_V6)ip6table_filter),))
 $(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_MANGLE, $(P_V6)ip6table_mangle),))
+$(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_QUEUE, $(P_V6)ip6_queue),))
+$(eval $(if $(NF_KMOD),$(call nf_add,IPT_IPV6,CONFIG_NF_LOG_IPV6, $(P_V6)nf_log_ipv6),))

 $(eval $(if $(NF_KMOD),,$(call nf_add,IPT_IPV6,CONFIG_IP6_NF_IPTABLES, ip6t_icmp6)))


+$(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_LOG, $(P_V6)ip6t_LOG))
 $(eval $(call nf_add,IPT_IPV6,CONFIG_IP6_NF_TARGET_REJECT, $(P_V6)ip6t_REJECT))

 # ipv6 extra
@@ -168,13 +177,6 @@ $(eval $(call nf_add,IPT_IPV6_EXTRA,CONFIG_IP6_NF_MATCH_OPTS, $(P_V6)ip6t_hbh))
 $(eval $(call nf_add,IPT_IPV6_EXTRA,CONFIG_IP6_NF_MATCH_FRAG, $(P_V6)ip6t_frag))
 $(eval $(call nf_add,IPT_IPV6_EXTRA,CONFIG_IP6_NF_MATCH_RT, $(P_V6)ip6t_rt))

-# log
-
-$(eval $(call nf_add,NF_LOG,CONFIG_NF_LOG_COMMON, $(P_XT)nf_log_common, lt 5.13))
-$(eval $(call nf_add,NF_LOG,CONFIG_NF_LOG_IPV4, $(P_V4)nf_log_ipv4, lt 5.13))
-$(eval $(call nf_add,NF_LOG,CONFIG_NF_LOG_SYSLOG, $(P_XT)nf_log_syslog, ge 5.13))
-$(eval $(if $(NF_KMOD),$(call nf_add,NF_LOG6,CONFIG_NF_LOG_IPV6, $(P_V6)nf_log_ipv6,lt 5.13),))
-
 # nat

 # kernel only
@@ -223,6 +225,11 @@ $(eval $(call nf_add,NF_NATHELPER_EXTRA,CONFIG_NF_CONNTRACK_IRC, $(P_XT)nf_connt
 $(eval $(call nf_add,NF_NATHELPER_EXTRA,CONFIG_NF_NAT_IRC, $(P_XT)nf_nat_irc))


+# ulog
+
+$(eval $(call nf_add,IPT_ULOG,CONFIG_IP_NF_TARGET_ULOG, $(P_V4)ipt_ULOG))
+
+
 # nflog

 $(eval $(call nf_add,IPT_NFLOG,CONFIG_NETFILTER_XT_TARGET_NFLOG, $(P_XT)xt_NFLOG))
@@ -237,15 +244,14 @@ $(eval $(call nf_add,IPT_NFQUEUE,CONFIG_NETFILTER_XT_TARGET_NFQUEUE, $(P_XT)xt_N

 $(eval $(call nf_add,IPT_DEBUG,CONFIG_NETFILTER_XT_TARGET_TRACE, $(P_XT)xt_TRACE))

-# socket
-$(eval $(call nf_add,NF_SOCKET,CONFIG_NF_SOCKET_IPV4, $(P_V4)nf_socket_ipv4))
-$(eval $(call nf_add,NF_SOCKET,CONFIG_NF_SOCKET_IPV6, $(P_V6)nf_socket_ipv6))
-$(eval $(call nf_add,IPT_SOCKET,CONFIG_NETFILTER_XT_MATCH_SOCKET, $(P_XT)xt_socket))
-
 # tproxy
-$(eval $(call nf_add,NF_TPROXY,CONFIG_NF_TPROXY_IPV4, $(P_V4)nf_tproxy_ipv4))
-$(eval $(call nf_add,NF_TPROXY,CONFIG_NF_TPROXY_IPV6, $(P_V6)nf_tproxy_ipv6))
+
+$(eval $(call nf_add,IPT_TPROXY,CONFIG_NETFILTER_XT_MATCH_SOCKET, $(P_XT)xt_socket))
+$(eval $(call nf_add,IPT_TPROXY,CONFIG_NF_SOCKET_IPV4, $(P_V4)nf_socket_ipv4))
+$(eval $(call nf_add,IPT_TPROXY,CONFIG_NF_SOCKET_IPV6, $(P_V6)nf_socket_ipv6))
 $(eval $(call nf_add,IPT_TPROXY,CONFIG_NETFILTER_XT_TARGET_TPROXY, $(P_XT)xt_TPROXY))
+$(eval $(call nf_add,IPT_TPROXY,CONFIG_NF_TPROXY_IPV4, $(P_V4)nf_tproxy_ipv4))
+$(eval $(call nf_add,IPT_TPROXY,CONFIG_NF_TPROXY_IPV6, $(P_V6)nf_tproxy_ipv6))

 # led
 $(eval $(call nf_add,IPT_LED,CONFIG_NETFILTER_XT_TARGET_LED, $(P_XT)xt_LED))
@@ -277,10 +283,6 @@ $(eval $(call nf_add,NFNETLINK_LOG,CONFIG_NETFILTER_NETLINK_LOG, $(P_XT)nfnetlin

 $(eval $(call nf_add,NFNETLINK_QUEUE,CONFIG_NETFILTER_NETLINK_QUEUE, $(P_XT)nfnetlink_queue))

-# conncount
-
-$(eval $(if $(NF_KMOD),$(call nf_add,NF_CONNCOUNT,CONFIG_NETFILTER_CONNCOUNT, $(P_XT)nf_conncount),))
-
 #
 # ebtables
 #
@@ -313,6 +315,7 @@ $(eval $(call nf_add,EBTABLES_IP4,CONFIG_BRIDGE_EBT_SNAT, $(P_EBT)ebt_snat))

 # watchers
 $(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_LOG, $(P_EBT)ebt_log))
+$(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_ULOG, $(P_EBT)ebt_ulog))
 $(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_NFLOG, $(P_EBT)ebt_nflog))
 $(eval $(call nf_add,EBTABLES_WATCHERS,CONFIG_BRIDGE_EBT_NFQUEUE, $(P_EBT)ebt_nfqueue))

@@ -334,11 +337,15 @@ $(eval $(if $(NF_KMOD),$(call nf_add,NFT_CORE,CONFIG_NFT_REJECT_INET, $(P_XT)nft

 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_BRIDGE,CONFIG_NFT_BRIDGE_META, $(P_EBT)nft_meta_bridge),))
 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_BRIDGE,CONFIG_NFT_BRIDGE_REJECT, $(P_EBT)nft_reject_bridge),))
-$(eval $(if $(NF_KMOD),$(call nf_add,NFT_BRIDGE,CONFIG_NF_CONNTRACK_BRIDGE, $(P_EBT)nf_conntrack_bridge),))

 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_NAT, $(P_XT)nft_nat),))
 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_NAT, $(P_XT)nft_chain_nat),))
+$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_REDIR_IPV4, $(P_V4)nft_redir_ipv4),))
 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_MASQ, $(P_XT)nft_masq),))
+$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT,CONFIG_NFT_MASQ_IPV4, $(P_V4)nft_masq_ipv4),))
+
+$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_REDIR_IPV6, $(P_V6)nft_redir_ipv6),))
+$(eval $(if $(NF_KMOD),$(call nf_add,NFT_NAT6,CONFIG_NFT_MASQ_IPV6, $(P_V6)nft_masq_ipv6),))

 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_FIB,CONFIG_NFT_FIB, $(P_XT)nft_fib),))
 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_FIB,CONFIG_NFT_FIB_INET, $(P_XT)nft_fib_inet),))
@@ -347,16 +354,6 @@ $(eval $(if $(NF_KMOD),$(call nf_add,NFT_FIB,CONFIG_NFT_FIB_IPV6, $(P_V6)nft_fib

 $(eval $(if $(NF_KMOD),$(call nf_add,NFT_QUEUE,CONFIG_NFT_QUEUE, $(P_XT)nft_queue),))

-$(eval $(if $(NF_KMOD),$(call nf_add,NFT_SOCKET,CONFIG_NFT_SOCKET, $(P_XT)nft_socket),))
-
-$(eval $(if $(NF_KMOD),$(call nf_add,NFT_TPROXY,CONFIG_NFT_TPROXY, $(P_XT)nft_tproxy),))
-
-$(eval $(if $(NF_KMOD),$(call nf_add,NFT_COMPAT,CONFIG_NFT_COMPAT, $(P_XT)nft_compat),))
-
-$(eval $(if $(NF_KMOD),$(call nf_add,NFT_XFRM,CONFIG_NFT_XFRM, $(P_XT)nft_xfrm),))
-
-$(eval $(if $(NF_KMOD),$(call nf_add,NFT_CONNLIMIT,CONFIG_NFT_CONNLIMIT, $(P_XT)nft_connlimit),))
-
 # userland only
 IPT_BUILTIN += $(NF_IPT-y) $(NF_IPT-m)
 IPT_BUILTIN += $(IPT_CORE-y) $(IPT_CORE-m)
@@ -381,6 +378,7 @@ IPT_BUILTIN += $(IPT_NAT6-y)
 IPT_BUILTIN += $(IPT_NAT_EXTRA-y)
 IPT_BUILTIN += $(NF_NATHELPER-y)
 IPT_BUILTIN += $(NF_NATHELPER_EXTRA-y)
+IPT_BUILTIN += $(IPT_ULOG-y)
 IPT_BUILTIN += $(IPT_TPROXY-y)
 IPT_BUILTIN += $(NFNETLINK-y)
 IPT_BUILTIN += $(NFNETLINK_LOG-y)
--- a/include/nls.mk
+++ b/include/nls.mk
@@ -10,38 +10,27 @@ ifeq ($(CONFIG_BUILD_NLS),y)
 	INTL_PREFIX:=$(STAGING_DIR)/usr/lib/libintl-full
 	INTL_FULL:=1

-	CMAKE_OPTIONS += -DCMAKE_PREFIX_PATH="$(ICONV_PREFIX);$(INTL_PREFIX)"
+# iconv stub
 else
-	ICONV_PREFIX:=
+	ICONV_PREFIX:=$(STAGING_DIR)/usr/lib/libiconv-stub
 	ICONV_FULL:=

-	INTL_PREFIX:=
+	INTL_PREFIX:=$(STAGING_DIR)/usr/lib/libintl-stub
 	INTL_FULL:=
 endif

 PKG_CONFIG_DEPENDS += CONFIG_BUILD_NLS
+PKG_BUILD_DEPENDS += !BUILD_NLS:libiconv !BUILD_NLS:gettext

 ICONV_DEPENDS:=+BUILD_NLS:libiconv-full
-ifeq ($(CONFIG_BUILD_NLS),y)
-	ICONV_CFLAGS:=-I$(ICONV_PREFIX)/include
-	ICONV_CPPFLAGS:=-I$(ICONV_PREFIX)/include
-	ICONV_LDFLAGS:=-L$(ICONV_PREFIX)/lib -Wl,-rpath-link=$(ICONV_PREFIX)/lib
-else
-	ICONV_CFLAGS:=
-	ICONV_CPPFLAGS:=
-	ICONV_LDFLAGS:=
-endif
+ICONV_CFLAGS:=-I$(ICONV_PREFIX)/include
+ICONV_CPPFLAGS:=-I$(ICONV_PREFIX)/include
+ICONV_LDFLAGS:=-L$(ICONV_PREFIX)/lib -Wl,-rpath-link=$(ICONV_PREFIX)/lib

 INTL_DEPENDS:=+BUILD_NLS:libintl-full
-ifeq ($(CONFIG_BUILD_NLS),y)
-	INTL_CFLAGS:=-I$(INTL_PREFIX)/include
-	INTL_CPPFLAGS:=-I$(INTL_PREFIX)/include
-	INTL_LDFLAGS:=-L$(INTL_PREFIX)/lib -Wl,-rpath-link=$(INTL_PREFIX)/lib
-else
-	INTL_CFLAGS:=
-	INTL_CPPFLAGS:=
-	INTL_LDFLAGS:=
-endif
+INTL_CFLAGS:=-I$(INTL_PREFIX)/include
+INTL_CPPFLAGS:=-I$(INTL_PREFIX)/include
+INTL_LDFLAGS:=-L$(INTL_PREFIX)/lib -Wl,-rpath-link=$(INTL_PREFIX)/lib

 TARGET_CFLAGS += $(ICONV_CFLAGS) $(INTL_CFLAGS)
 TARGET_CPPFLAGS += $(ICONV_CPPFLAGS) $(INTL_CPPFLAGS)
--- a/include/openssl-module.mk
+++ b/include/openssl-module.mk
@@ -1,79 +0,0 @@
-# SPDX-License-Identifier: GPL-2.0-only
-#
-# Copyright (C) 2022-2023 Enéas Ulir de Queiroz
-
-ENGINES_DIR=engines-3
-
-define Package/openssl/module/Default
-  SECTION:=libs
-  CATEGORY:=Libraries
-  SUBMENU:=SSL
-  DEPENDS:=libopenssl +libopenssl-conf
-endef
-
-define Package/openssl/engine/Default
-  $(Package/openssl/module/Default)
-  DEPENDS+=@OPENSSL_ENGINE
-endef
-
-
-# 1 = moudule type (engine|provider)
-# 2 = module name
-# 3 = directory to save .so file
-# 4 = [ package name, defaults to libopenssl-$(2) ]
-define Package/openssl/add-module
-  $(eval MOD_TYPE:=$(1))
-  $(eval MOD_NAME:=$(2))
-  $(eval MOD_DIR:=$(3))
-  $(eval OSSL_PKG:=$(if $(4),$(4),libopenssl-$(MOD_NAME)))
-  $(info Package/openssl/add-module 1='$(1)'; 2='$(2)'; 3='$(3)' 4='$(4)')
-  $(info MOD_TYPE='$(MOD_TYPE)'; MOD_NAME='$(MOD_NAME)'; MOD_DIR='$(MOD_DIR)' OSSL_PKG='$(OSSL_PKG)')
-  Package/$(OSSL_PKG)/conffiles:=/etc/ssl/modules.cnf.d/$(MOD_NAME).cnf
-
-  define Package/$(OSSL_PKG)/install
-	$$(INSTALL_DIR)  $$(1)/$(MOD_DIR)
-	$$(INSTALL_BIN)  $$(PKG_INSTALL_DIR)/$(MOD_DIR)/$(MOD_NAME).so \
-			 $$(1)/$(MOD_DIR)
-	$$(INSTALL_DIR)  $$(1)/etc/ssl/modules.cnf.d
-	$$(INSTALL_DATA) ./files/$(MOD_NAME).cnf $$(1)/etc/ssl/modules.cnf.d/
-  endef
-
-  define Package/$(OSSL_PKG)/postinst
-#!/bin/sh
-OPENSSL_UCI="$$$${IPKG_INSTROOT}/etc/config/openssl"
-
-[ -z "$$$${IPKG_INSTROOT}" ] \
-	&& uci -q get openssl.$(MOD_NAME) >/dev/null \
-	&& exit 0
-
-cat << EOF >> "$$$${OPENSSL_UCI}"
-
-config $(MOD_TYPE) '$(MOD_NAME)'
-	option enabled '1'
-EOF
-
-[ -n "$$$${IPKG_INSTROOT}" ] || /etc/init.d/openssl reload
-exit 0
-  endef
-
-  define Package/$(OSSL_PKG)/postrm
-#!/bin/sh
-[ -n "$$$${IPKG_INSTROOT}" ] && exit 0
-uci -q delete openssl.$(MOD_NAME) && uci commit openssl
-/etc/init.d/openssl reload
-exit 0
-  endef
-endef
-
-# 1 = engine name
-# 2 - package name, defaults to libopenssl-$(1)
-define Package/openssl/add-engine
-  $(call Package/openssl/add-module,engine,$(1),/usr/lib/$(ENGINES_DIR),$(2))
-endef
-
-# 1 = provider name
-# 2 = [ package name, defaults to libopenssl-$(1) ]
-define Package/openssl/add-provider
-  $(call Package/openssl/add-module,provider,$(1),/usr/lib/ossl-modules,$(2))
-endef
-
--- a/include/package-bin.mk
+++ b/include/package-bin.mk
@@ -4,8 +4,7 @@

 ifeq ($(DUMP),)
  define BuildTarget/bin
-    TARGET_VARIANT=$(if $(ALL_VARIANTS),$(if $(VARIANT),$(filter-out *,$(VARIANT)),$(firstword $(ALL_VARIANTS))))
-    ifeq ($(if $(TARGET_VARIANT),$(BUILD_VARIANT)),$(TARGET_VARIANT))
+    ifeq ($(if $(VARIANT),$(BUILD_VARIANT)),$(VARIANT))
    ifdef Package/$(1)/install
      ifneq ($(CONFIG_PACKAGE_$(1))$(DEVELOPER),)
        $(_pkg_target)compile: $(PKG_BUILD_DIR)/.pkgdir/$(1).installed
--- a/include/package-defaults.mk
+++ b/include/package-defaults.mk
@@ -2,7 +2,7 @@
 #
 # Copyright (C) 2006-2020 OpenWrt.org

-PKG_DEFAULT_DEPENDS = +libc
+PKG_DEFAULT_DEPENDS = +libc +USE_GLIBC:librt +USE_GLIBC:libpthread

 ifneq ($(PKG_NAME),toolchain)
  PKG_FIXUP_DEPENDS = $(if $(filter kmod-%,$(1)),$(2),$(PKG_DEFAULT_DEPENDS) $(filter-out $(PKG_DEFAULT_DEPENDS),$(2)))
@@ -80,7 +80,6 @@ CONFIGURE_ARGS = \
 		--target=$(GNU_TARGET_NAME) \
 		--host=$(GNU_TARGET_NAME) \
 		--build=$(GNU_HOST_NAME) \
-		--disable-dependency-tracking \
 		--program-prefix="" \
 		--program-suffix="" \
 		--prefix=$(CONFIGURE_PREFIX) \
--- a/include/package-ipkg.mk
+++ b/include/package-ipkg.mk
@@ -99,14 +99,13 @@ _endef=endef

 ifeq ($(DUMP),)
  define BuildTarget/ipkg
-    ABIV_$(1):=$(call FormatABISuffix,$(1),$(ABI_VERSION))
+    ABIV_$(1):=$(if $(filter-out kmod-%,$(1)),$(ABI_VERSION))
    PDIR_$(1):=$(call FeedPackageDir,$(1))
    IPKG_$(1):=$$(PDIR_$(1))/$(1)$$(ABIV_$(1))_$(VERSION)_$(PKGARCH).ipk
    IDIR_$(1):=$(PKG_BUILD_DIR)/ipkg-$(PKGARCH)/$(1)
    KEEP_$(1):=$(strip $(call Package/$(1)/conffiles))

-    TARGET_VARIANT:=$$(if $(ALL_VARIANTS),$$(if $$(VARIANT),$$(filter-out *,$$(VARIANT)),$(firstword $(ALL_VARIANTS))))
-    ifeq ($(BUILD_VARIANT),$$(if $$(TARGET_VARIANT),$$(TARGET_VARIANT),$(BUILD_VARIANT)))
+    ifeq ($(BUILD_VARIANT),$$(if $$(VARIANT),$$(VARIANT),$(BUILD_VARIANT)))
    do_install=
    ifdef Package/$(1)/install
      do_install=yes
@@ -222,7 +221,7 @@ $(_endef)
    ifneq ($$(CONFIG_IPK_FILES_CHECKSUMS),)
 	(cd $$(IDIR_$(1)); \
 		( \
-			find . -type f \! -path ./CONTROL/\* -exec $(MKHASH) sha256 -n \{\} \; 2> /dev/null | \
+			find . -type f \! -path ./CONTROL/\* -exec mkhash sha256 -n \{\} \; 2> /dev/null | \
 			sed 's|\([[:blank:]]\)\./| \1/|' > $$(IDIR_$(1))/CONTROL/files-sha256sum \
 		) || true \
 	)
@@ -264,7 +263,7 @@ $(_endef)
    endif

 	$(INSTALL_DIR) $$(PDIR_$(1))
-	$(FAKEROOT) $(STAGING_DIR_HOST)/bin/bash $(SCRIPT_DIR)/ipkg-build -m "$(FILE_MODES)" $$(IDIR_$(1)) $$(PDIR_$(1))
+	$(FAKEROOT) $(SCRIPT_DIR)/ipkg-build -m "$(FILE_MODES)" $$(IDIR_$(1)) $$(PDIR_$(1))
 	@[ -f $$(IPKG_$(1)) ]

    $(1)-clean:
--- a/include/package.mk
+++ b/include/package.mk
@@ -11,7 +11,8 @@ include $(INCLUDE_DIR)/download.mk
 PKG_BUILD_DIR ?= $(BUILD_DIR)/$(if $(BUILD_VARIANT),$(PKG_NAME)-$(BUILD_VARIANT)/)$(PKG_NAME)$(if $(PKG_VERSION),-$(PKG_VERSION))
 PKG_INSTALL_DIR ?= $(PKG_BUILD_DIR)/ipkg-install
 PKG_BUILD_PARALLEL ?=
-PKG_SKIP_DOWNLOAD=$(USE_SOURCE_DIR)$(USE_GIT_TREE)$(USE_GIT_SRC_CHECKOUT)
+PKG_USE_MIPS16 ?= 1
+PKG_IREMAP ?= 1

 MAKE_J:=$(if $(MAKE_JOBSERVER),$(MAKE_JOBSERVER) $(if $(filter 3.% 4.0 4.1,$(MAKE_VERSION)),-j))

@@ -22,38 +23,15 @@ PKG_JOBS?=-j1
 else
 PKG_JOBS?=$(if $(PKG_BUILD_PARALLEL),$(MAKE_J),-j1)
 endif
-
-PKG_BUILD_FLAGS?=
-__unknown_flags=$(filter-out no-iremap no-mips16 gc-sections no-gc-sections lto no-lto,$(PKG_BUILD_FLAGS))
-ifneq ($(__unknown_flags),)
-  $(error unknown PKG_BUILD_FLAGS: $(__unknown_flags))
-endif
-
-# $1=flagname, $2=default (0/1)
-define pkg_build_flag
-$(if $(filter no-$(1),$(PKG_BUILD_FLAGS)),0,$(if $(filter $(1),$(PKG_BUILD_FLAGS)),1,$(2)))
-endef
-
-ifeq ($(call pkg_build_flag,iremap,1),1)
-  IREMAP_CFLAGS = $(call iremap,$(PKG_BUILD_DIR),$(notdir $(PKG_BUILD_DIR)))
-  TARGET_CFLAGS += $(IREMAP_CFLAGS)
-endif
 ifdef CONFIG_USE_MIPS16
-  ifeq ($(call pkg_build_flag,mips16,1),1)
+  ifeq ($(strip $(PKG_USE_MIPS16)),1)
    TARGET_ASFLAGS_DEFAULT = $(filter-out -mips16 -minterlink-mips16,$(TARGET_CFLAGS))
    TARGET_CFLAGS += -mips16 -minterlink-mips16
-    TARGET_CXXFLAGS += -mips16 -minterlink-mips16
  endif
 endif
-ifeq ($(call pkg_build_flag,gc-sections,$(if $(CONFIG_USE_GC_SECTIONS),1,0)),1)
-  TARGET_CFLAGS+= -ffunction-sections -fdata-sections
-  TARGET_CXXFLAGS+= -ffunction-sections -fdata-sections
-  TARGET_LDFLAGS+= -Wl,--gc-sections
-endif
-ifeq ($(call pkg_build_flag,lto,$(if $(CONFIG_USE_LTO),1,0)),1)
-  TARGET_CFLAGS+= -flto=auto -fno-fat-lto-objects
-  TARGET_CXXFLAGS+= -flto=auto -fno-fat-lto-objects
-  TARGET_LDFLAGS+= -flto=auto -fuse-linker-plugin
+ifeq ($(strip $(PKG_IREMAP)),1)
+  IREMAP_CFLAGS = $(call iremap,$(PKG_BUILD_DIR),$(notdir $(PKG_BUILD_DIR)))
+  TARGET_CFLAGS += $(IREMAP_CFLAGS)
 endif

 include $(INCLUDE_DIR)/hardening.mk
@@ -106,7 +84,7 @@ ifneq ($(PREV_STAMP_PREPARED),)
  STAMP_PREPARED:=$(PREV_STAMP_PREPARED)
  CONFIG_AUTOREBUILD:=
 else
-  STAMP_PREPARED=$(PKG_BUILD_DIR)/.prepared$(if $(QUILT)$(DUMP),,_$(shell $(call $(if $(CONFIG_AUTOREMOVE),find_md5_reproducible,find_md5),${CURDIR} $(PKG_FILE_DEPENDS),))_$(call confvar,CONFIG_AUTOREMOVE $(PKG_PREPARED_DEPENDS)))
+  STAMP_PREPARED=$(PKG_BUILD_DIR)/.prepared$(if $(QUILT)$(DUMP),,_$(shell $(call find_md5,${CURDIR} $(PKG_FILE_DEPENDS),))_$(call confvar,CONFIG_AUTOREMOVE $(PKG_PREPARED_DEPENDS)))
 endif
 STAMP_CONFIGURED=$(PKG_BUILD_DIR)/.configured$(if $(DUMP),,_$(call confvar,$(PKG_CONFIG_DEPENDS)))
 STAMP_CONFIGURED_WILDCARD=$(PKG_BUILD_DIR)/.configured_*
@@ -194,7 +172,6 @@ define Build/Exports/Default
  $(1) : export CONFIG_SITE:=$$(CONFIG_SITE)
  $(1) : export PKG_CONFIG_PATH:=$$(PKG_CONFIG_PATH)
  $(1) : export PKG_CONFIG_LIBDIR:=$$(PKG_CONFIG_PATH)
-  $(1) : export GIT_CEILING_DIRECTORIES:=$$(BUILD_DIR)
 endef
 Build/Exports=$(Build/Exports/Default)

@@ -206,7 +183,7 @@ define Build/CoreTargets
  $(call Build/Autoclean)
  $(call DefaultTargets)

-  $(call check_download_integrity)
+  $(DL_DIR)/$(FILE): FORCE

  download:
 	$(foreach hook,$(Hooks/Download),
@@ -281,13 +258,13 @@ define Build/CoreTargets
  ifneq ($(CONFIG_AUTOREMOVE),)
    compile:
 		-touch -r $(PKG_BUILD_DIR)/.built $(PKG_BUILD_DIR)/.autoremove 2>/dev/null >/dev/null
-		$(FIND) $(PKG_BUILD_DIR) -mindepth 1 -maxdepth 1 -not '(' -type f -and -name '.*' -and -size 0 ')' -and -not -name '.pkgdir'  -print0 | \
-			$(XARGS) -0 rm -rf
+		$(FIND) $(PKG_BUILD_DIR) -mindepth 1 -maxdepth 1 -not '(' -type f -and -name '.*' -and -size 0 ')' -and -not -name '.pkgdir' | \
+			$(XARGS) rm -rf
  endif
 endef

 define Build/DefaultTargets
-  $(if $(PKG_SKIP_DOWNLOAD),,$(if $(strip $(PKG_SOURCE_URL)),$(call Download,default)))
+  $(if $(USE_SOURCE_DIR)$(USE_GIT_TREE)$(USE_GIT_SRC_CHECKOUT),,$(if $(strip $(PKG_SOURCE_URL)),$(call Download,default)))
  $(if $(DUMP),,$(Build/CoreTargets))

  define Build/DefaultTargets
--- a/include/prereq-build.mk
+++ b/include/prereq-build.mk
@@ -8,18 +8,11 @@ include $(INCLUDE_DIR)/prereq.mk
 SHELL:=sh
 PKG_NAME:=Build dependency

-$(eval $(call TestHostCommand,true, \
-	Please install GNU 'coreutils', \
-	$(TRUE)))
-
-$(eval $(call TestHostCommand,false, \
-	Please install GNU 'coreutils', \
-	$(FALSE); [ $$$$$$$$? = 1 ] && $(TRUE)))

 # Required for the toolchain
 $(eval $(call TestHostCommand,working-make, \
-	Please install GNU make v4.1 or later., \
-	$(MAKE) -v | grep -E 'Make (4\.[1-9]|[5-9]\.)'))
+	Please install GNU make v3.82 or later. (This version has bugs), \
+	$(MAKE) -v | grep -E 'Make (3\.8[2-9]|3\.9[0-9]|[4-9]\.)'))

 $(eval $(call TestHostCommand,case-sensitive-fs, \
 	OpenWrt can only be built on a case-sensitive filesystem, \
@@ -32,40 +25,34 @@ $(eval $(call TestHostCommand,proper-umask, \

 ifndef IB
 $(eval $(call SetupHostCommand,gcc, \
-	Please install the GNU C Compiler (gcc) 6 or later, \
-	$(CC) -dumpversion | grep -E '^([6-9]\.?|1[0-9]\.?)', \
-	gcc -dumpversion | grep -E '^([6-9]\.?|1[0-9]\.?)', \
+	Please install the GNU C Compiler (gcc) 4.8 or later, \
+	$(CC) -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|1[0-9]\.?)', \
+	gcc -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|1[0-9]\.?)', \
 	gcc --version | grep -E 'Apple.(LLVM|clang)' ))

 $(eval $(call TestHostCommand,working-gcc, \
-	Please reinstall the GNU C Compiler (6 or later) - \
+	\nPlease reinstall the GNU C Compiler (4.8 or later) - \
 	it appears to be broken, \
 	echo 'int main(int argc, char **argv) { return 0; }' | \
 		gcc -x c -o $(TMP_DIR)/a.out -))

 $(eval $(call SetupHostCommand,g++, \
-	Please install the GNU C++ Compiler (g++) 6 or later, \
-	$(CXX) -dumpversion | grep -E '^([6-9]\.?|1[0-9]\.?)', \
-	g++ -dumpversion | grep -E '^([6-9]\.?|1[0-9]\.?)', \
+	Please install the GNU C++ Compiler (g++) 4.8 or later, \
+	$(CXX) -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|1[0-9]\.?)', \
+	g++ -dumpversion | grep -E '^(4\.[8-9]|[5-9]\.?|1[0-9]\.?)', \
 	g++ --version | grep -E 'Apple.(LLVM|clang)' ))

 $(eval $(call TestHostCommand,working-g++, \
-	Please reinstall the GNU C++ Compiler (6 or later) - \
+	\nPlease reinstall the GNU C++ Compiler (4.8 or later) - \
 	it appears to be broken, \
 	echo 'int main(int argc, char **argv) { return 0; }' | \
 		g++ -x c++ -o $(TMP_DIR)/a.out - -lstdc++ && \
 		$(TMP_DIR)/a.out))

-$(eval $(call RequireCHeader,ncurses.h, \
+$(eval $(call TestHostCommand,ncurses, \
 	Please install ncurses. (Missing libncurses.so or ncurses.h), \
-	initscr(), -lncurses))
-
-$(eval $(call SetupHostCommand,git,Please install Git (git-core) >= 1.7.12.2, \
-	git --exec-path | xargs -I % -- grep -q -- --recursive %/git-submodule, \
-	git submodule --help | grep -- --recursive))
-
-$(eval $(call SetupHostCommand,rsync,Please install 'rsync', \
-	rsync --version </dev/null))
+	echo 'int main(int argc, char **argv) { initscr(); return 0; }' | \
+		gcc -include ncurses.h -x c -o $(TMP_DIR)/a.out - -lncurses))
 endif # IB

 ifeq ($(HOST_OS),Linux)
@@ -115,9 +102,9 @@ $(eval $(call SetupHostCommand,patch,Please install GNU 'patch', \
 	gpatch --version 2>&1 | grep 'Free Software Foundation', \
 	patch --version 2>&1 | grep 'Free Software Foundation'))

-$(eval $(call SetupHostCommand,diff,Please install GNU diffutils, \
-	gdiff --version 2>&1 | grep GNU, \
-	diff --version 2>&1 | grep GNU))
+$(eval $(call SetupHostCommand,diff,Please install diffutils, \
+	gdiff --version 2>&1 | grep diff, \
+	diff --version 2>&1 | grep diff))

 $(eval $(call SetupHostCommand,cp,Please install GNU fileutils, \
 	gcp --help 2>&1 | grep 'Copy SOURCE', \
@@ -143,21 +130,13 @@ $(eval $(call SetupHostCommand,getopt, \
 	Please install an extended getopt version that supports --long, \
 	gnugetopt -o t --long test -- --test | grep '^ *--test *--', \
 	getopt -o t --long test -- --test | grep '^ *--test *--', \
-	/usr/local/opt/gnu-getopt/bin/getopt -o t --long test -- --test | grep '^ *--test *--', \
-	/opt/local/bin/getopt -o t --long test -- --test | grep '^ *--test *--'))
-
-$(eval $(call SetupHostCommand,realpath,Please install a 'realpath' utility, \
-	grealpath /, \
-	realpath /))
+	/usr/local/opt/gnu-getopt/bin/getopt -o t --long test -- --test | grep '^ *--test *--'))

 $(eval $(call SetupHostCommand,stat,Cannot find a file stat utility, \
 	gnustat -c%s $(TOPDIR)/Makefile, \
 	gstat -c%s $(TOPDIR)/Makefile, \
 	stat -c%s $(TOPDIR)/Makefile))

-$(eval $(call SetupHostCommand,gzip,Please install 'gzip', \
-	gzip --version </dev/null))
-
 $(eval $(call SetupHostCommand,unzip,Please install 'unzip', \
 	unzip 2>&1 | grep zipfile, \
 	unzip))
@@ -168,70 +147,46 @@ $(eval $(call SetupHostCommand,bzip2,Please install 'bzip2', \
 $(eval $(call SetupHostCommand,wget,Please install GNU 'wget', \
 	wget --version | grep GNU))

-$(eval $(call SetupHostCommand,install,Please install GNU 'install', \
-	install --version | grep GNU, \
-	ginstall --version | grep GNU))
-
 $(eval $(call SetupHostCommand,perl,Please install Perl 5.x, \
 	perl --version | grep "perl.*v5"))

-$(eval $(call SetupHostCommand,python,Please install Python >= 3.6, \
-	python3.11 -V 2>&1 | grep 'Python 3', \
-	python3.10 -V 2>&1 | grep 'Python 3', \
+$(eval $(call CleanupPython2))
+
+$(eval $(call SetupHostCommand,python,Please install Python >= 3.5, \
 	python3.9 -V 2>&1 | grep 'Python 3', \
 	python3.8 -V 2>&1 | grep 'Python 3', \
 	python3.7 -V 2>&1 | grep 'Python 3', \
 	python3.6 -V 2>&1 | grep 'Python 3', \
-	python3 -V 2>&1 | grep -E 'Python 3\.([6-9]|[0-9][0-9])\.?'))
+	python3.5 -V 2>&1 | grep 'Python 3', \
+	python3 -V 2>&1 | grep -E 'Python 3\.[5-9]\.?'))

-$(eval $(call SetupHostCommand,python3,Please install Python >= 3.6, \
-	python3.11 -V 2>&1 | grep 'Python 3', \
-	python3.10 -V 2>&1 | grep 'Python 3', \
+$(eval $(call SetupHostCommand,python3,Please install Python >= 3.5, \
 	python3.9 -V 2>&1 | grep 'Python 3', \
 	python3.8 -V 2>&1 | grep 'Python 3', \
 	python3.7 -V 2>&1 | grep 'Python 3', \
 	python3.6 -V 2>&1 | grep 'Python 3', \
-	python3 -V 2>&1 | grep -E 'Python 3\.([6-9]|[0-9][0-9])\.?'))
+	python3.5 -V 2>&1 | grep 'Python 3', \
+	python3 -V 2>&1 | grep -E 'Python 3\.[5-9]\.?'))

-$(eval $(call TestHostCommand,python3-distutils, \
-	Please install the Python3 distutils module, \
-	$(STAGING_DIR_HOST)/bin/python3 -c 'from distutils import util'))
-
-$(eval $(call TestHostCommand,python3-stdlib, \
-	Please install the Python3 stdlib module, \
-	$(STAGING_DIR_HOST)/bin/python3 -c 'import ntpath'))
+$(eval $(call SetupHostCommand,git,Please install Git (git-core) >= 1.7.12.2, \
+	git --exec-path | xargs -I % -- grep -q -- --recursive %/git-submodule))

 $(eval $(call SetupHostCommand,file,Please install the 'file' package, \
 	file --version 2>&1 | grep file))

+$(eval $(call SetupHostCommand,rsync,Please install 'rsync', \
+	rsync --version </dev/null))
+
 $(eval $(call SetupHostCommand,which,Please install 'which', \
-	/usr/bin/which which, \
-	/bin/which which, \
-	which which))
-
-ifeq ($(HOST_OS),Linux)
-  $(eval $(call RequireCHeader,argp.h, \
-	Missing argp.h Please install the argp-standalone package if musl libc))
-
-  $(eval $(call RequireCHeader,fts.h, \
-	Missing fts.h Please install the musl-fts-dev package if musl libc))
-
-  $(eval $(call RequireCHeader,obstack.h, \
-	Missing obstack.h Please install the musl-obstack-dev package if musl libc))
-
-  $(eval $(call RequireCHeader,libintl.h, \
-	Missing libintl.h Please install the musl-libintl package if musl libc))
-endif
+	which which | grep which))

 $(STAGING_DIR_HOST)/bin/mkhash: $(SCRIPT_DIR)/mkhash.c
 	mkdir -p $(dir $@)
 	$(CC) -O2 -I$(TOPDIR)/tools/include -o $@ $<

-$(STAGING_DIR_HOST)/bin/xxd: $(SCRIPT_DIR)/xxdi.pl
-	$(LN) $< $@
-
-prereq: $(STAGING_DIR_HOST)/bin/mkhash $(STAGING_DIR_HOST)/bin/xxd
+prereq: $(STAGING_DIR_HOST)/bin/mkhash

 # Install ldconfig stub
 $(eval $(call TestHostCommand,ldconfig-stub,Failed to install stub, \
-	$(LN) $(firstword $(wildcard /bin/true /usr/bin/true)) $(STAGING_DIR_HOST)/bin/ldconfig))
+	touch $(STAGING_DIR_HOST)/bin/ldconfig && \
+	chmod +x $(STAGING_DIR_HOST)/bin/ldconfig))
--- a/include/prereq.mk
+++ b/include/prereq.mk
@@ -28,10 +28,8 @@ define Require

    prereq-$(1): $(if $(PREREQ_PREV),prereq-$(PREREQ_PREV)) FORCE
 		printf "Checking '$(1)'... "
-		if $(NO_TRACE_MAKE) -f $(firstword $(MAKEFILE_LIST)) check-$(1) PATH="$(ORIG_PATH)" >/dev/null 2>/dev/null; then \
+		if $(NO_TRACE_MAKE) -f $(firstword $(MAKEFILE_LIST)) check-$(1) >/dev/null 2>/dev/null; then \
 			echo 'ok.'; \
-		elif $(NO_TRACE_MAKE) -f $(firstword $(MAKEFILE_LIST)) check-$(1) PATH="$(ORIG_PATH)" >/dev/null 2>/dev/null; then \
-			echo 'updated.'; \
 		else \
 			echo 'failed.'; \
 			echo "$(PKG_NAME): $(strip $(2))" >> $(TMP_DIR)/.prereq-error; \
@@ -51,7 +49,7 @@ endef

 define RequireCommand
  define Require/$(1)
-    command -v $(1)
+    which $(1)
  endef

  $$(eval $$(call Require,$(1),$(2)))
@@ -65,16 +63,16 @@ define RequireHeader
  $$(eval $$(call Require,$(1),$(2)))
 endef

-# 1: header to test
-# 2: failure message
-# 3: optional compile time test
-# 4: optional link library test (example -lncurses)
-define RequireCHeader
-  define Require/$(1)
-    echo 'int main(int argc, char **argv) { $(3); return 0; }' | gcc -include $(1) -x c -o $(TMP_DIR)/a.out - $(4)
+define CleanupPython2
+  define Require/python2-cleanup
+	if [ -f "$(STAGING_DIR_HOST)/bin/python" ] && \
+		$(STAGING_DIR_HOST)/bin/python -V 2>&1 | \
+		grep -q 'Python 2'; then \
+			rm $(STAGING_DIR_HOST)/bin/python; \
+	fi
  endef

-  $$(eval $$(call Require,$(1),$(2)))
+  $$(eval $$(call Require,python2-cleanup))
 endef

 define QuoteHostCommand
@@ -97,29 +95,17 @@ endef
 # 3+: candidates
 define SetupHostCommand
  define Require/$(1)
-	mkdir -p "$(STAGING_DIR_HOST)/bin"; \
+	[ -f "$(STAGING_DIR_HOST)/bin/$(strip $(1))" ] && exit 0; \
 	for cmd in $(call QuoteHostCommand,$(3)) $(call QuoteHostCommand,$(4)) \
 	           $(call QuoteHostCommand,$(5)) $(call QuoteHostCommand,$(6)) \
 	           $(call QuoteHostCommand,$(7)) $(call QuoteHostCommand,$(8)) \
 	           $(call QuoteHostCommand,$(9)) $(call QuoteHostCommand,$(10)) \
 	           $(call QuoteHostCommand,$(11)) $(call QuoteHostCommand,$(12)); do \
 		if [ -n "$$$$$$$$cmd" ]; then \
-			bin="$$$$$$$$(command -v "$$$$$$$${cmd%% *}")"; \
+			bin="$$$$$$$$(PATH="$(subst $(space),:,$(filter-out $(STAGING_DIR_HOST)/%,$(subst :,$(space),$(PATH))))" \
+				which "$$$$$$$${cmd%% *}")"; \
 			if [ -x "$$$$$$$$bin" ] && eval "$$$$$$$$cmd" >/dev/null 2>/dev/null; then \
-				case "$$$$$$$$(ls -dl -- $(STAGING_DIR_HOST)/bin/$(strip $(1)))" in \
-					*" -> $$$$$$$$bin"*) \
-						[ -x "$(STAGING_DIR_HOST)/bin/$(strip $(1))" ] && exit 0 \
-						;; \
-					"-"*) \
-						find "$(STAGING_DIR_HOST)/stamp" | grep $(strip $(1)) && \
-						[ -x "$(STAGING_DIR_HOST)/bin/$(strip $(1))" ] && exit 0 \
-						;; \
-					*" -> /"*) \
-						;; \
-					*" -> "*) \
-						[ -x "$(STAGING_DIR_HOST)/bin/$(strip $(1))" ] && exit 0 \
-						;; \
-				esac; \
+				mkdir -p "$(STAGING_DIR_HOST)/bin"; \
 				ln -sf "$$$$$$$$bin" "$(STAGING_DIR_HOST)/bin/$(strip $(1))"; \
 				exit 0; \
 			fi; \
--- a/include/quilt.mk
+++ b/include/quilt.mk
@@ -116,7 +116,7 @@ define Quilt/RefreshDir
 endef

 define Quilt/Refresh/Host
-	$(call Quilt/RefreshDir,$(HOST_BUILD_DIR),$(HOST_PATCH_DIR))
+	$(call Quilt/RefreshDir,$(HOST_BUILD_DIR),$(PATCH_DIR))
 endef

 define Quilt/Refresh/Package
@@ -159,7 +159,7 @@ define Quilt/Template
 		false; \
 	}
 	@[ -n "$$$$(ls $(1)/patches/series)" -o \
-	   "$$$$(cat $(1)/patches/series | $(MKHASH) md5)" = "$$(sort $(1)/patches/series | $(MKHASH) md5)" ] || { \
+	   "$$$$(cat $(1)/patches/series | mkhash md5)" = "$$(sort $(1)/patches/series | mkhash md5)" ] || { \
 		echo "The patches are not sorted in the right order. Please fix."; \
 		false; \
 	}
--- a/include/scan.mk
+++ b/include/scan.mk
@@ -1,5 +1,4 @@
 include $(TOPDIR)/include/verbose.mk
-include $(TOPDIR)/rules.mk
 TMP_DIR:=$(TOPDIR)/tmp

 all: $(TMP_DIR)/.$(SCAN_TARGET)
@@ -11,8 +10,7 @@ TARGET_STAMP:=$(TMP_DIR)/info/.files-$(SCAN_TARGET).stamp
 FILELIST:=$(TMP_DIR)/info/.files-$(SCAN_TARGET)-$(SCAN_COOKIE)
 OVERRIDELIST:=$(TMP_DIR)/info/.overrides-$(SCAN_TARGET)-$(SCAN_COOKIE)

-export ORIG_PATH:=$(if $(ORIG_PATH),$(ORIG_PATH),$(PATH))
-export PATH:=$(STAGING_DIR_HOST)/bin:$(PATH)
+export PATH:=$(TOPDIR)/staging_dir/host/bin:$(PATH)

 define feedname
 $(if $(patsubst feeds/%,,$(1)),,$(word 2,$(subst /, ,$(1))))
@@ -73,7 +71,7 @@ endif

 $(FILELIST): $(OVERRIDELIST)
 	rm -f $(TMP_DIR)/info/.files-$(SCAN_TARGET)-*
-	find -L $(SCAN_DIR) -mindepth 1 $(if $(SCAN_DEPTH),-maxdepth $(SCAN_DEPTH)) $(SCAN_EXTRA) -name Makefile | xargs grep -aHE 'call $(GREP_STRING)' | sed -e 's#^$(SCAN_DIR)/##' -e 's#/Makefile:.*##' | uniq | awk -v of=$(OVERRIDELIST) -f include/scan.awk > $@
+	find -L $(SCAN_DIR) $(SCAN_EXTRA) -mindepth 1 $(if $(SCAN_DEPTH),-maxdepth $(SCAN_DEPTH)) -name Makefile | xargs grep -aHE 'call $(GREP_STRING)' | sed -e 's#^$(SCAN_DIR)/##' -e 's#/Makefile:.*##' | uniq | awk -v of=$(OVERRIDELIST) -f include/scan.awk > $@

 $(TMP_DIR)/info/.files-$(SCAN_TARGET).mk: $(FILELIST)
 	( \
@@ -102,7 +100,7 @@ $(TMP_DIR)/info/.files-$(SCAN_TARGET).mk: $(FILELIST)
 $(TARGET_STAMP)::
 	+( \
 		$(NO_TRACE_MAKE) $(FILELIST); \
-		MD5SUM=$$(cat $(FILELIST) $(OVERRIDELIST) | $(MKHASH) md5 | awk '{print $$1}'); \
+		MD5SUM=$$(cat $(FILELIST) $(OVERRIDELIST) | mkhash md5 | awk '{print $$1}'); \
 		[ -f "$@.$$MD5SUM" ] || { \
 			rm -f $@.*; \
 			touch $@.$$MD5SUM; \
--- a/include/site/riscv64
+++ b/include/site/riscv64
@@ -1,30 +0,0 @@
-#!/bin/sh
-. $TOPDIR/include/site/linux
-ac_cv_c_littleendian=${ac_cv_c_littleendian=yes}
-ac_cv_c_bigendian=${ac_cv_c_bigendian=no}
-
-ac_cv_sizeof___int64=8
-ac_cv_sizeof_char=1
-ac_cv_sizeof_int=4
-ac_cv_sizeof_int16_t=2
-ac_cv_sizeof_int32_t=4
-ac_cv_sizeof_int64_t=8
-ac_cv_sizeof_long_int=8
-ac_cv_sizeof_long_long=8
-ac_cv_sizeof_long=8
-ac_cv_sizeof_off_t=8
-ac_cv_sizeof_short_int=2
-ac_cv_sizeof_short=2
-ac_cv_sizeof_size_t=8
-ac_cv_sizeof_ssize_t=8
-ac_cv_sizeof_u_int16_t=2
-ac_cv_sizeof_u_int32_t=4
-ac_cv_sizeof_u_int64_t=8
-ac_cv_sizeof_uint16_t=2
-ac_cv_sizeof_uint32_t=4
-ac_cv_sizeof_uint64_t=8
-ac_cv_sizeof_unsigned_int=4
-ac_cv_sizeof_unsigned_long=8
-ac_cv_sizeof_unsigned_long_long=8
-ac_cv_sizeof_unsigned_short=2
-ac_cv_sizeof_void_p=8
--- a/include/subdir.mk
+++ b/include/subdir.mk
@@ -27,16 +27,14 @@ lastdir=$(word $(words $(subst /, ,$(1))),$(subst /, ,$(1)))
 diralias=$(if $(findstring $(1),$(call lastdir,$(1))),,$(call lastdir,$(1)))

 subdir_make_opts = \
-	$(if $(SUBDIR_MAKE_DEBUG),-d) -r -C $(1) \
+	-r -C $(1) \
 		BUILD_SUBDIR="$(1)" \
-		BUILD_VARIANT="$(4)" \
-		ALL_VARIANTS="$(5)"
+		BUILD_VARIANT="$(4)"

 # 1: subdir
 # 2: target
 # 3: build type
 # 4: build variant
-# 5: all variants
 log_make = \
 	 $(if $(call debug,$(1),v),,@)+ \
 	 $(if $(BUILD_LOG), \
@@ -64,15 +62,15 @@ define subdir
    $(foreach target,$(SUBTARGETS) $($(1)/subtargets),
      $(foreach btype,$(buildtypes-$(bd)),
        $(call warn_eval,$(1)/$(bd),t,T,$(1)/$(bd)/$(btype)/$(target): $(if $(NO_DEPS)$(QUILT),,$($(1)/$(bd)/$(btype)/$(target)) $(call $(1)//$(btype)/$(target),$(1)/$(bd)/$(btype))))
-		  $(call log_make,$(1)/$(bd),$(target),$(btype),$(filter-out __default,$(variant)),$($(1)/$(bd)/variants)) \
+		  $(call log_make,$(1)/$(bd),$(target),$(btype),$(filter-out __default,$(variant))) \
 			|| $(call ERROR,$(2),   ERROR: $(1)/$(bd) [$(btype)] failed to build.,$(findstring $(bd),$($(1)/builddirs-ignore-$(btype)-$(target))))
        $(if $(call diralias,$(bd)),$(call warn_eval,$(1)/$(bd),l,T,$(1)/$(call diralias,$(bd))/$(btype)/$(target): $(1)/$(bd)/$(btype)/$(target)))
      )
      $(call warn_eval,$(1)/$(bd),t,T,$(1)/$(bd)/$(target): $(if $(NO_DEPS)$(QUILT),,$($(1)/$(bd)/$(target)) $(call $(1)//$(target),$(1)/$(bd))))
-        $(foreach variant,$(filter-out *,$(if $(BUILD_VARIANT),$(BUILD_VARIANT),$(if $(strip $($(1)/$(bd)/variants)),$($(1)/$(bd)/variants),$(if $($(1)/$(bd)/default-variant),$($(1)/$(bd)/default-variant),__default)))),
+        $(foreach variant,$(if $(BUILD_VARIANT),$(BUILD_VARIANT),$(if $(strip $($(1)/$(bd)/variants)),$($(1)/$(bd)/variants),$(if $($(1)/$(bd)/default-variant),$($(1)/$(bd)/default-variant),__default))),
 			$(if $(BUILD_LOG),@mkdir -p $(BUILD_LOG_DIR)/$(1)/$(bd)/$(filter-out __default,$(variant)))
-			$(if $($(1)/autoremove),$(call rebuild_check,$(1)/$(bd),$(target),,$(filter-out __default,$(variant)),$($(1)/$(bd)/variants)))
-			$(call log_make,$(1)/$(bd),$(target),,$(filter-out __default,$(variant)),$($(1)/$(bd)/variants)) \
+			$(if $($(1)/autoremove),$(call rebuild_check,$(1)/$(bd),$(target),,$(filter-out __default,$(variant))))
+			$(call log_make,$(1)/$(bd),$(target),,$(filter-out __default,$(variant))) \
 				|| $(call ERROR,$(1),   ERROR: $(1)/$(bd) failed to build$(if $(filter-out __default,$(variant)), (build variant: $(variant))).,$(findstring $(bd),$($(1)/builddirs-ignore-$(target)))) 
        )
      $(if $(PREREQ_ONLY)$(DUMP_TARGET_DB),,
--- a/include/target.mk
+++ b/include/target.mk
@@ -17,7 +17,7 @@ DEFAULT_PACKAGES:=\
 	fstools \
 	libc \
 	libgcc \
-	libustream-mbedtls \
+	libustream-wolfssl \
 	logd \
 	mtd \
 	netifd \
@@ -33,16 +33,6 @@ else
 DEFAULT_PACKAGES+=busybox procd
 endif

-# include ujail on systems with enough storage
-ifeq ($(CONFIG_SMALL_FLASH),)
-DEFAULT_PACKAGES+=procd-ujail
-endif
-
-# include seccomp ld-preload hooks if kernel supports it
-ifneq ($(CONFIG_SECCOMP),)
-DEFAULT_PACKAGES+=procd-seccomp
-endif
-
 # For the basic set
 DEFAULT_PACKAGES.basic:=
 # For nas targets
@@ -54,9 +44,10 @@ DEFAULT_PACKAGES.nas:=\
 # For router targets
 DEFAULT_PACKAGES.router:=\
 	dnsmasq \
-	firewall4 \
-	nftables \
-	kmod-nft-offload \
+	firewall \
+	ip6tables \
+	iptables \
+	kmod-ipt-offload \
 	odhcp6c \
 	odhcpd-ipv6only \
 	ppp \
@@ -68,7 +59,7 @@ endif

 target_conf=$(subst .,_,$(subst -,_,$(subst /,_,$(1))))
 ifeq ($(DUMP),)
-  PLATFORM_DIR:=$(firstword $(wildcard $(TOPDIR)/target/linux/feeds/$(BOARD) $(TOPDIR)/target/linux/$(BOARD)))
+  PLATFORM_DIR:=$(TOPDIR)/target/linux/$(BOARD)
  SUBTARGET:=$(strip $(foreach subdir,$(patsubst $(PLATFORM_DIR)/%/target.mk,%,$(wildcard $(PLATFORM_DIR)/*/target.mk)),$(if $(CONFIG_TARGET_$(call target_conf,$(BOARD)_$(subdir))),$(subdir))))
 else
  PLATFORM_DIR:=${CURDIR}
@@ -173,30 +164,22 @@ USE_SUBTARGET_CONFIG = $(if $(wildcard $(LINUX_TARGET_CONFIG)),,$(if $(LINUX_SUB
 LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_TARGET_CONFIG) $(if $(USE_SUBTARGET_CONFIG),$(LINUX_SUBTARGET_CONFIG)))
 LINUX_RECONFIG_TARGET = $(if $(USE_SUBTARGET_CONFIG),$(LINUX_SUBTARGET_CONFIG),$(LINUX_TARGET_CONFIG))

-CFG_TARGET = $(CONFIG_TARGET)
-ifeq ($(CFG_TARGET),platform)
-  CFG_TARGET = target
-  $(warning Deprecation warning: use CONFIG_TARGET=target instead.)
-else ifeq ($(CFG_TARGET),subtarget_platform)
-  CFG_TARGET = subtarget_target
-  $(warning Deprecation warning: use CONFIG_TARGET=subtarget_target instead.)
-endif
-
 # select the config file to be changed by kernel_menuconfig/kernel_oldconfig
-ifeq ($(CFG_TARGET),target)
+ifeq ($(CONFIG_TARGET),platform)
  LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_TARGET_CONFIG))
  LINUX_RECONFIG_TARGET = $(LINUX_TARGET_CONFIG)
-else ifeq ($(CFG_TARGET),subtarget)
+endif
+ifeq ($(CONFIG_TARGET),subtarget)
  LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_TARGET_CONFIG) $(LINUX_SUBTARGET_CONFIG))
  LINUX_RECONFIG_TARGET = $(LINUX_SUBTARGET_CONFIG)
-else ifeq ($(CFG_TARGET),subtarget_target)
+endif
+ifeq ($(CONFIG_TARGET),subtarget_platform)
  LINUX_RECONFIG_LIST = $(wildcard $(GENERIC_LINUX_CONFIG) $(LINUX_SUBTARGET_CONFIG) $(LINUX_TARGET_CONFIG))
  LINUX_RECONFIG_TARGET = $(LINUX_TARGET_CONFIG)
-else ifeq ($(CFG_TARGET),env)
+endif
+ifeq ($(CONFIG_TARGET),env)
  LINUX_RECONFIG_LIST = $(LINUX_KCONFIG_LIST)
  LINUX_RECONFIG_TARGET = $(TOPDIR)/env/kernel-config
-else ifneq ($(strip $(CFG_TARGET)),)
-  $(error CONFIG_TARGET=$(CFG_TARGET) is invalid. Valid: target|subtarget|subtarget_target|env)
 endif

 __linux_confcmd = $(2) $(patsubst %,+,$(wordlist 2,9999,$(1))) $(1)
@@ -235,14 +218,12 @@ ifeq ($(DUMP),1)
  ifeq ($(ARCH),powerpc)
    CPU_CFLAGS_603e:=-mcpu=603e
    CPU_CFLAGS_8540:=-mcpu=8540
-    CPU_CFLAGS_8548:=-mcpu=8548
    CPU_CFLAGS_405:=-mcpu=405
    CPU_CFLAGS_440:=-mcpu=440
    CPU_CFLAGS_464fp:=-mcpu=464fp
  endif
  ifeq ($(ARCH),powerpc64)
    CPU_TYPE ?= powerpc64
-    CPU_CFLAGS_e5500:=-mcpu=e5500
    CPU_CFLAGS_powerpc64:=-mcpu=powerpc64
  endif
  ifeq ($(ARCH),sparc)
@@ -260,10 +241,6 @@ ifeq ($(DUMP),1)
    CPU_CFLAGS_arc700 = -mcpu=arc700
    CPU_CFLAGS_archs = -mcpu=archs
  endif
-  ifeq ($(ARCH),riscv64)
-    CPU_TYPE ?= riscv64
-    CPU_CFLAGS_riscv64:=-mabi=lp64d -march=rv64imafdc
-  endif
  ifneq ($(CPU_TYPE),)
    ifndef CPU_CFLAGS_$(CPU_TYPE)
      $(warning CPU_TYPE "$(CPU_TYPE)" doesn't correspond to a known type)
--- a/include/toolchain-build.mk
+++ b/include/toolchain-build.mk
@@ -18,6 +18,6 @@ define FixupLibdir
 		mkdir -p $(1)/lib; \
 		mv $(1)/lib64/* $(1)/lib/; \
 		rm -rf $(1)/lib64; \
-		ln -sf lib $(1)/lib64; \
 	fi
+	ln -sf lib $(1)/lib64
 endef
--- a/include/toplevel.mk
+++ b/include/toplevel.mk
@@ -4,7 +4,7 @@

 PREP_MK= OPENWRT_BUILD= QUIET=0

-export IS_TTY=$(if $(MAKE_TERMOUT),1,0)
+export IS_TTY=$(shell tty -s && echo 1 || echo 0)

 include $(TOPDIR)/include/verbose.mk

@@ -50,14 +50,12 @@ space:= $(empty) $(empty)
 path:=$(subst :,$(space),$(PATH))
 path:=$(filter-out .%,$(path))
 path:=$(subst $(space),:,$(path))
-export ORIG_PATH:=$(if $(ORIG_PATH),$(ORIG_PATH),$(PATH))
 export PATH:=$(path)
-export STAGING_DIR_HOST:=$(if $(STAGING_DIR),$(abspath $(STAGING_DIR)/../host),$(TOPDIR)/staging_dir/host)

 unexport TAR_OPTIONS

 ifeq ($(FORCE),)
-  .config scripts/config/conf scripts/config/mconf: $(STAGING_DIR_HOST)/.prereq-build
+  .config scripts/config/conf scripts/config/mconf: staging_dir/host/.prereq-build
 endif

 SCAN_COOKIE?=$(shell echo $$$$)
@@ -67,7 +65,7 @@ SUBMAKE:=umask 022; $(SUBMAKE)

 ULIMIT_FIX=_limit=`ulimit -n`; [ "$$_limit" = "unlimited" -o "$$_limit" -ge 1024 ] || ulimit -n 1024;

-prepare-mk: $(STAGING_DIR_HOST)/.prereq-build FORCE ;
+prepare-mk: staging_dir/host/.prereq-build FORCE ;

 ifdef SDK
  IGNORE_PACKAGES = linux
@@ -76,10 +74,10 @@ endif
 _ignore = $(foreach p,$(IGNORE_PACKAGES),--ignore $(p))

 prepare-tmpinfo: FORCE
-	@+$(MAKE) -r -s $(STAGING_DIR_HOST)/.prereq-build $(PREP_MK)
+	@+$(MAKE) -r -s staging_dir/host/.prereq-build $(PREP_MK)
 	mkdir -p tmp/info
 	$(_SINGLE)$(NO_TRACE_MAKE) -j1 -r -s -f include/scan.mk SCAN_TARGET="packageinfo" SCAN_DIR="package" SCAN_NAME="package" SCAN_DEPTH=5 SCAN_EXTRA=""
-	$(_SINGLE)$(NO_TRACE_MAKE) -j1 -r -s -f include/scan.mk SCAN_TARGET="targetinfo" SCAN_DIR="target/linux" SCAN_NAME="target" SCAN_DEPTH=3 SCAN_EXTRA="" SCAN_MAKEOPTS="TARGET_BUILD=1"
+	$(_SINGLE)$(NO_TRACE_MAKE) -j1 -r -s -f include/scan.mk SCAN_TARGET="targetinfo" SCAN_DIR="target/linux" SCAN_NAME="target" SCAN_DEPTH=2 SCAN_EXTRA="" SCAN_MAKEOPTS="TARGET_BUILD=1"
 	for type in package target; do \
 		f=tmp/.$${type}info; t=tmp/.config-$${type}.in; \
 		[ "$$t" -nt "$$f" ] || ./scripts/$${type}-metadata.pl $(_ignore) config "$$f" > "$$t" || { rm -f "$$t"; echo "Failed to build $$t"; false; break; }; \
@@ -103,7 +101,7 @@ ifneq ($(DISTRO_PKG_CONFIG),)
 scripts/config/%onf: export PATH:=$(dir $(DISTRO_PKG_CONFIG)):$(PATH)
 endif
 scripts/config/%onf: CFLAGS+= -O2
-scripts/config/%onf: FORCE
+scripts/config/%onf:
 	@$(_SINGLE)$(SUBMAKE) $(if $(findstring s,$(OPENWRT_VERBOSE)),,-s) \
 		-C scripts/config $(notdir $@)

@@ -153,7 +151,7 @@ xconfig: scripts/config/qconf prepare-tmpinfo FORCE

 prepare_kernel_conf: .config toolchain/install FORCE

-ifeq ($(wildcard $(STAGING_DIR_HOST)/bin/quilt),)
+ifeq ($(wildcard staging_dir/host/bin/quilt),)
  prepare_kernel_conf:
 	@+$(SUBMAKE) -r tools/quilt/compile
 else
@@ -177,7 +175,7 @@ kernel_nconfig: prepare_kernel_conf
 kernel_xconfig: prepare_kernel_conf
 	$(_SINGLE)$(NO_TRACE_MAKE) -C target/linux xconfig

-$(STAGING_DIR_HOST)/.prereq-build: include/prereq-build.mk
+staging_dir/host/.prereq-build: include/prereq-build.mk
 	mkdir -p tmp
 	@$(_SINGLE)$(NO_TRACE_MAKE) -j1 -r -s -f $(TOPDIR)/include/prereq-build.mk prereq 2>/dev/null || { \
 		echo "Prerequisite check failed. Use FORCE=1 to override."; \
@@ -200,7 +198,7 @@ else
  DOWNLOAD_DIRS = package/download
 endif

-download: .config FORCE $(if $(wildcard $(STAGING_DIR_HOST)/bin/flock),,tools/flock/compile)
+download: .config FORCE $(if $(wildcard $(TOPDIR)/staging_dir/host/bin/flock),,tools/flock/compile)
 	@+$(foreach dir,$(DOWNLOAD_DIRS),$(SUBMAKE) $(dir);)

 clean dirclean: .config
@@ -260,11 +258,11 @@ help:
 	cat README.md

 distclean:
-	rm -rf bin build_dir .ccache .config* dl feeds key-build* logs package/feeds staging_dir tmp
+	rm -rf bin build_dir .ccache .config* dl feeds key-build* logs package/feeds package/openwrt-packages staging_dir tmp
 	@$(_SINGLE)$(SUBMAKE) -C scripts/config clean

 ifeq ($(findstring v,$(DEBUG)),)
-  .SILENT: symlinkclean clean dirclean distclean config-clean download help tmpinfo-clean .config scripts/config/mconf scripts/config/conf menuconfig $(STAGING_DIR_HOST)/.prereq-build tmp/.prereq-package prepare-tmpinfo
+  .SILENT: symlinkclean clean dirclean distclean config-clean download help tmpinfo-clean .config scripts/config/mconf scripts/config/conf menuconfig staging_dir/host/.prereq-build tmp/.prereq-package prepare-tmpinfo
 endif
 .PHONY: help FORCE
 .NOTPARALLEL:
--- a/include/trusted-firmware-a.mk
+++ b/include/trusted-firmware-a.mk
@@ -1,5 +1,5 @@
 PKG_NAME ?= trusted-firmware-a
-PKG_CPE_ID ?= cpe:/a:arm:trusted_firmware-a
+PKG_CPE_ID ?= cpe:/a:arm:arm_trusted_firmware

 ifndef PKG_SOURCE_PROTO
 PKG_SOURCE = trusted-firmware-a-$(PKG_VERSION).tar.gz
@@ -68,20 +68,13 @@ define Build/Trusted-Firmware-A/Target
  endef
 endef

-define Build/Configure/Trusted-Firmware-A
-	$(INSTALL_DIR) $(STAGING_DIR)/usr/include
-endef
-
-DTC=$(wildcard $(LINUX_DIR)/scripts/dtc/dtc)

 define Build/Compile/Trusted-Firmware-A
 	+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \
 		CROSS_COMPILE=$(TARGET_CROSS) \
 		OPENSSL_DIR=$(STAGING_DIR_HOST) \
-		$(if $(DTC),DTC="$(DTC)") \
 		PLAT=$(PLAT) \
 		BUILD_STRING="OpenWrt v$(PKG_VERSION)-$(PKG_RELEASE) ($(VARIANT))" \
-		$(if $(CONFIG_BINUTILS_VERSION_2_37)$(CONFIG_BINUTILS_VERSION_2_38),,LDFLAGS="-no-warn-rwx-segments") \
 		$(TFA_MAKE_FLAGS)
 endef

--- a/include/u-boot.mk
+++ b/include/u-boot.mk
@@ -44,13 +44,7 @@ TARGET_DEP = TARGET_$(BUILD_TARGET)$(if $(BUILD_SUBTARGET),_$(BUILD_SUBTARGET))
 UBOOT_MAKE_FLAGS = \
 	HOSTCC="$(HOSTCC)" \
 	HOSTCFLAGS="$(HOST_CFLAGS) $(HOST_CPPFLAGS) -std=gnu11" \
-	HOSTLDFLAGS="$(HOST_LDFLAGS)" \
-	LOCALVERSION="-OpenWrt-$(REVISION)" \
-	STAGING_PREFIX="$(STAGING_DIR_HOST)" \
-	PKG_CONFIG_PATH="$(STAGING_DIR_HOST)/lib/pkgconfig" \
-	PKG_CONFIG_LIBDIR="$(STAGING_DIR_HOST)/lib/pkgconfig" \
-	PKG_CONFIG_EXTRAARGS="--static" \
-	$(if $(findstring c,$(OPENWRT_VERBOSE)),V=1,V='')
+	HOSTLDFLAGS="$(HOST_LDFLAGS)"

 define Build/U-Boot/Target
  $(eval $(call U-Boot/Init,$(1)))
@@ -83,9 +77,6 @@ endef

 define Build/Configure/U-Boot
 	+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) $(UBOOT_CONFIGURE_VARS) $(UBOOT_CONFIG)_config
-	$(if $(strip $(UBOOT_CUSTOMIZE_CONFIG)),
-		$(PKG_BUILD_DIR)/scripts/config --file $(PKG_BUILD_DIR)/.config $(UBOOT_CUSTOMIZE_CONFIG)
-		+$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) $(UBOOT_CONFIGURE_VARS) oldconfig)
 endef

 DTC=$(wildcard $(LINUX_DIR)/scripts/dtc/dtc)
--- a/include/uclibc++.mk
+++ b/include/uclibc++.mk
@@ -1,2 +1,16 @@
-$(warn uclibc++.mk is deprecated. Please remove it and CXX_DEPENDS)
-CXX_DEPENDS = +libstdcpp
+ifndef DUMP
+  ifdef __package_mk
+    $(error uclibc++.mk must be included before package.mk)
+  endif
+endif
+
+PKG_PREPARED_DEPENDS += CONFIG_USE_UCLIBCXX
+CXX_DEPENDS = +USE_UCLIBCXX:uclibcxx +USE_LIBSTDCXX:libstdcpp
+
+ifneq ($(CONFIG_USE_UCLIBCXX),)
+ ifneq ($(CONFIG_CCACHE),)
+  TARGET_CXX_NOCACHE=g++-uc
+ else
+  TARGET_CXX=g++-uc
+ endif
+endif
--- a/include/unpack.mk
+++ b/include/unpack.mk
@@ -18,7 +18,7 @@ ifeq ($(strip $(UNPACK_CMD)),)

    ifeq ($(filter gz tgz,$(EXT)),$(EXT))
      EXT:=$(call ext,$(PKG_SOURCE:.$(EXT)=))
-      DECOMPRESS_CMD:=$(STAGING_DIR_HOST)/bin/libdeflate-gzip -dc $(DL_DIR)/$(PKG_SOURCE) |
+      DECOMPRESS_CMD:=gzip -dc $(DL_DIR)/$(PKG_SOURCE) |
    endif
    ifeq ($(filter bzip2 bz2 bz tbz2 tbz,$(EXT)),$(EXT))
      EXT:=$(call ext,$(PKG_SOURCE:.$(EXT)=))
@@ -40,7 +40,7 @@ ifeq ($(strip $(UNPACK_CMD)),)
      UNPACK_CMD=$(DECOMPRESS_CMD) $(TAR_CMD)
    endif
    ifeq ($(EXT),cpio)
-      UNPACK_CMD=$(DECOMPRESS_CMD) (cd $(1)/..; $(STAGING_DIR_HOST)/bin/cpio -i -d)
+      UNPACK_CMD=$(DECOMPRESS_CMD) (cd $(1)/..; cpio -i -d)
    endif
    ifeq ($(EXT),zip)
      UNPACK_CMD=$(UNZIP_CMD)
@@ -56,7 +56,7 @@ ifeq ($(strip $(UNPACK_CMD)),)
    endif
    # replace zcat with $(ZCAT), because some system don't support it properly
    ifeq ($(PKG_CAT),zcat)
-      UNPACK_CMD=$(STAGING_DIR_HOST)/bin/libdeflate-gzip -dc $(DL_DIR)/$(PKG_SOURCE) | $(TAR_CMD)
+      UNPACK_CMD=gzip -dc $(DL_DIR)/$(PKG_SOURCE) | $(TAR_CMD)
    endif
  endif
 endif
--- a/include/verbose.mk
+++ b/include/verbose.mk
@@ -29,15 +29,15 @@ ifeq ($(IS_TTY),1)
  endif
 endif

-define ERROR_MESSAGE
-  printf "$(_R)%s$(_N)\n" "$(1)" >&8
-endef
-
 ifeq ($(findstring s,$(OPENWRT_VERBOSE)),)
  define MESSAGE
 	printf "$(_Y)%s$(_N)\n" "$(1)" >&8
  endef

+  define ERROR_MESSAGE
+	printf "$(_R)%s$(_N)\n" "$(1)" >&8
+  endef
+
  ifeq ($(QUIET),1)
    ifneq ($(CURDIR),$(TOPDIR))
      _DIR:=$(patsubst $(TOPDIR)/%,%,${CURDIR})
@@ -60,4 +60,5 @@ else
  define MESSAGE
    printf "%s\n" "$(1)"
  endef
+  ERROR_MESSAGE=$(MESSAGE)
 endif
--- a/include/version.mk
+++ b/include/version.mk
@@ -23,13 +23,13 @@ PKG_CONFIG_DEPENDS += \
 sanitize = $(call tolower,$(subst _,-,$(subst $(space),-,$(1))))

 VERSION_NUMBER:=$(call qstrip,$(CONFIG_VERSION_NUMBER))
-VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),23.05.0)
+VERSION_NUMBER:=$(if $(VERSION_NUMBER),$(VERSION_NUMBER),21.02.0-rc2)

 VERSION_CODE:=$(call qstrip,$(CONFIG_VERSION_CODE))
-VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r23497-6637af95aa)
+VERSION_CODE:=$(if $(VERSION_CODE),$(VERSION_CODE),r16122-c2139eef27)

 VERSION_REPO:=$(call qstrip,$(CONFIG_VERSION_REPO))
-VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/releases/23.05.0)
+VERSION_REPO:=$(if $(VERSION_REPO),$(VERSION_REPO),https://downloads.openwrt.org/releases/21.02.0-rc2)

 VERSION_DIST:=$(call qstrip,$(CONFIG_VERSION_DIST))
 VERSION_DIST:=$(if $(VERSION_DIST),$(VERSION_DIST),OpenWrt)
--- a/package/Makefile
+++ b/package/Makefile
@@ -66,10 +66,8 @@ $(curdir)/install: $(TMP_DIR)/.build $(curdir)/merge $(if $(CONFIG_TARGET_PER_DE
 	- find $(STAGING_DIR_ROOT) -type d | $(XARGS) chmod 0755
 	rm -rf $(TARGET_DIR) $(TARGET_DIR_ORIG)
 	mkdir -p $(TARGET_DIR)/tmp
-	$(file >$(TMP_DIR)/opkg_install_list,\
-	  $(call opkg_package_files,\
-	    $(foreach pkg,$(shell cat $(PACKAGE_INSTALL_FILES) 2>/dev/null),$(pkg)$(call GetABISuffix,$(pkg)))))
-	$(call opkg,$(TARGET_DIR)) install $$(cat $(TMP_DIR)/opkg_install_list)
+	$(call opkg,$(TARGET_DIR)) install \
+		$(call opkg_package_files,$(foreach pkg,$(shell cat $(PACKAGE_INSTALL_FILES) 2>/dev/null),$(pkg)$(call GetABISuffix,$(pkg))))
 	@for file in $(PACKAGE_INSTALL_FILES); do \
 		[ -s $$file.flags ] || continue; \
 		for flag in `cat $$file.flags`; do \
@@ -92,10 +90,6 @@ $(curdir)/index: FORCE
 			$(call ERROR_MESSAGE,WARNING: Applying padding in $$d/Packages to workaround usign SHA-512 bug!); \
 			{ echo ""; echo ""; } >> Packages;; \
 		esac; \
-		echo -n '{"architecture": "$(ARCH_PACKAGES)", "packages":{' > index.json; \
-		sed -n -e 's/^Package: \(.*\)$$/"\1":/p' -e 's/^Version: \(.*\)$$/"\1",/p' Packages | tr '\n' ' ' >> index.json; \
-		echo '}}' >> index.json; \
-		sed -i 's/, }}/}}/' index.json; \
 		gzip -9nc Packages > Packages.gz; \
 	); done
 ifdef CONFIG_SIGNED_PACKAGES
--- a/package/base-files/Makefile
+++ b/package/base-files/Makefile
@@ -23,8 +23,6 @@ PKG_LICENSE:=GPL-2.0
 PKG_CONFIG_DEPENDS += \
 	CONFIG_SIGNED_PACKAGES CONFIG_TARGET_INIT_PATH CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE \
 	CONFIG_NAND_SUPPORT \
-	CONFIG_LEGACY_SDCARD_SUPPORT \
-	CONFIG_EMMC_SUPPORT \
 	CONFIG_CLEAN_IPKG \
 	CONFIG_PER_FEED_REPO \
 	$(foreach feed,$(FEEDS_AVAILABLE),CONFIG_FEED_$(feed))
@@ -32,7 +30,7 @@ PKG_CONFIG_DEPENDS += \
 include $(INCLUDE_DIR)/package.mk

 ifneq ($(DUMP),1)
-  STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell echo $(CONFIG_TARGET_INIT_PATH) | $(MKHASH) md5)
+  STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell echo $(CONFIG_TARGET_INIT_PATH) | mkhash md5)
  TARGET:=-$(BOARD)
 endif

@@ -49,6 +47,7 @@ define Package/base-files/conffiles
 /etc/config/
 /etc/config/network
 /etc/config/system
+/etc/crontabs/
 /etc/dropbear/
 /etc/ethers
 /etc/group
@@ -89,19 +88,6 @@ define ImageConfigOptions
 	echo 'pi_preinit_net_messages="$(CONFIG_TARGET_PREINIT_SHOW_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
 	echo 'pi_preinit_no_failsafe_netmsg="$(CONFIG_TARGET_PREINIT_SUPPRESS_FAILSAFE_NETMSG)"' >>$(1)/lib/preinit/00_preinit.conf
 	echo 'pi_preinit_no_failsafe="$(CONFIG_TARGET_PREINIT_DISABLE_FAILSAFE)"' >>$(1)/lib/preinit/00_preinit.conf
-ifeq ($(CONFIG_TARGET_DEFAULT_LAN_IP_FROM_PREINIT),y)
-	mkdir -p $(1)/etc/board.d
-	echo '. /lib/functions/uci-defaults.sh' >$(1)/etc/board.d/99-lan-ip
-	echo 'logger -t 99-lan-ip "setting custom default LAN IP"' >>$(1)/etc/board.d/99-lan-ip
-	echo 'board_config_update' >>$(1)/etc/board.d/99-lan-ip
-	echo 'json_select network' >>$(1)/etc/board.d/99-lan-ip
-	echo 'json_select lan' >>$(1)/etc/board.d/99-lan-ip
-	echo 'json_add_string ipaddr $(if $(CONFIG_TARGET_PREINIT_IP),$(CONFIG_TARGET_PREINIT_IP),"192.168.1.1")' >>$(1)/etc/board.d/99-lan-ip
-	echo 'json_add_string netmask $(if $(CONFIG_TARGET_PREINIT_NETMASK),$(CONFIG_TARGET_PREINIT_NETMASK),"255.255.255.0")' >>$(1)/etc/board.d/99-lan-ip
-	echo 'json_select ..' >>$(1)/etc/board.d/99-lan-ip
-	echo 'json_select ..' >>$(1)/etc/board.d/99-lan-ip
-	echo 'board_config_flush' >>$(1)/etc/board.d/99-lan-ip
-endif
 endef

 define Build/Prepare
@@ -138,25 +124,10 @@ ifeq ($(CONFIG_NAND_SUPPORT),)
  endef
 endif

-ifeq ($(CONFIG_EMMC_SUPPORT),)
-  define Package/base-files/emmc-support
-	rm -f $(1)/lib/upgrade/emmc.sh
-  endef
-endif
-
-ifeq ($(CONFIG_LEGACY_SDCARD_SUPPORT),)
-  define Package/base-files/legacy-sdcard-support
-	rm -f $(1)/lib/upgrade/legacy-sdcard.sh
-  endef
-endif
-
-
 define Package/base-files/install
 	$(CP) ./files/* $(1)/
 	$(Package/base-files/install-key)
 	$(Package/base-files/nand-support)
-	$(Package/base-files/legacy-sdcard-support)
-	$(Package/base-files/emmc-support)
 	if [ -d $(GENERIC_PLATFORM_DIR)/base-files/. ]; then \
 		$(CP) $(GENERIC_PLATFORM_DIR)/base-files/* $(1)/; \
 	fi
@@ -171,45 +142,40 @@ define Package/base-files/install

 	$(VERSION_SED_SCRIPT) \
 		$(1)/etc/banner \
-		$(1)/etc/device_info \
-		$(1)/etc/openwrt_release \
 		$(1)/etc/openwrt_version \
 		$(1)/usr/lib/os-release

+	$(VERSION_SED_SCRIPT) \
+		$(1)/etc/openwrt_release \
+		$(1)/etc/device_info \
+		$(1)/usr/lib/os-release

 	$(SED) "s#%PATH%#$(TARGET_INIT_PATH)#g" \
 		$(1)/sbin/hotplug-call \
 		$(1)/etc/preinit \
 		$(1)/etc/profile

-	mkdir -p \
-		$(1)/CONTROL \
-		$(1)/dev \
-		$(1)/etc/config \
-		$(1)/etc/crontabs \
-		$(1)/etc/rc.d \
-		$(1)/overlay \
-		$(1)/lib/firmware \
-		$(1)/mnt \
-		$(1)/proc \
-		$(1)/tmp \
-		$(1)/usr/lib \
-		$(1)/usr/bin \
-		$(1)/sys \
-		$(1)/www \
-		$(1)/root
-
-	$(LN) /proc/mounts $(1)/etc/mtab
+	mkdir -p $(1)/CONTROL
+	mkdir -p $(1)/dev
+	mkdir -p $(1)/etc/config
+	mkdir -p $(1)/etc/crontabs
+	mkdir -p $(1)/etc/rc.d
+	mkdir -p $(1)/overlay
+	mkdir -p $(1)/lib/firmware
 	$(if $(LIB_SUFFIX),-$(LN) lib $(1)/lib$(LIB_SUFFIX))
+	mkdir -p $(1)/mnt
+	mkdir -p $(1)/proc
+	mkdir -p $(1)/tmp
+	mkdir -p $(1)/usr/lib
 	$(if $(LIB_SUFFIX),-$(LN) lib $(1)/usr/lib$(LIB_SUFFIX))
-
-ifneq ($(CONFIG_TARGET_ROOTFS_PERSIST_VAR),y)
+	mkdir -p $(1)/usr/bin
+	mkdir -p $(1)/sys
+	mkdir -p $(1)/www
+	mkdir -p $(1)/root
+	$(LN) /proc/mounts $(1)/etc/mtab
 	rm -f $(1)/var
 	$(LN) tmp $(1)/var
-else
-	mkdir -p $(1)/var
-	$(LN) /tmp/run $(1)/var/run
-endif
+	mkdir -p $(1)/etc
 	$(LN) /tmp/resolv.conf /tmp/TZ /tmp/localtime $(1)/etc/

 	chmod 0600 $(1)/etc/shadow
--- a/package/base-files/files/bin/board_detect
+++ b/package/base-files/files/bin/board_detect
@@ -6,7 +6,7 @@ CFG=$1

 [ -d "/etc/board.d/" -a ! -s "$CFG" ] && {
 	for a in $(ls /etc/board.d/*); do
-		[ -s $a ] || continue;
+		[ -x $a ] || continue;
 		$(. $a)
 	done
 }
--- a/package/base-files/files/bin/config_generate
+++ b/package/base-files/files/bin/config_generate
@@ -96,7 +96,7 @@ generate_network() {

 	json_select network
 		json_select "$1"
-			json_get_vars device macaddr metric protocol ipaddr netmask vlan
+			json_get_vars device macaddr protocol ipaddr netmask vlan
 			json_get_values ports ports
 		json_select ..
 	json_select ..
@@ -114,17 +114,9 @@ generate_network() {
 			add network device
 			set network.@device[-1].name='br-$1'
 			set network.@device[-1].type='bridge'
+			set network.@device[-1].macaddr='$macaddr'
 		EOF
 		for port in $ports; do uci add_list network.@device[-1].ports="$port"; done
-		[ -n "$macaddr" ] && {
-			for port in $ports; do
-				uci -q batch <<-EOF
-					add network device
-					set network.@device[-1].name='$port'
-					set network.@device[-1].macaddr='$macaddr'
-				EOF
-			done
-		}
 		device=br-$1
 		type=
 		macaddr=""
@@ -154,7 +146,6 @@ generate_network() {
 		set network.$1='interface'
 		set network.$1.type='$type'
 		set network.$1.device='$device'
-		set network.$1.metric='$metric'
 		set network.$1.proto='none'
 	EOF

@@ -207,15 +198,6 @@ generate_network() {
 				EOF
 			}
 		;;
-
-		ncm|\
-		qmi|\
-		mbim)
-			uci -q batch <<-EOF
-				set network.$1.proto='${protocol}'
-				set network.$1.pdptype='ipv4'
-			EOF
-		;;
 	esac
 }

--- a/package/base-files/files/bin/ipcalc.sh
+++ b/package/base-files/files/bin/ipcalc.sh
@@ -1,5 +1,6 @@
-#!/usr/bin/awk -f
+#!/bin/sh

+awk -f - $* <<EOF
 function bitcount(c) {
 	c=and(rshift(c, 1),0x55555555)+and(c,0x55555555)
 	c=and(rshift(c, 2),0x33333333)+and(c,0x33333333)
@@ -10,20 +11,14 @@ function bitcount(c) {
 }

 function ip2int(ip) {
-	ret=0
-	n=split(ip,a,"\\.")
-	for (x=1;x<=n;x++)
-		ret=or(lshift(ret,8),a[x])
+	for (ret=0,n=split(ip,a,"\."),x=1;x<=n;x++) ret=or(lshift(ret,8),a[x])
 	return ret
 }

 function int2ip(ip,ret,x) {
 	ret=and(ip,255)
 	ip=rshift(ip,8)
-	for(;x<3;x++) {
-		ret=and(ip,255)"."ret
-		ip=rshift(ip,8)
-	}
+	for(;x<3;ret=and(ip,255)"."ret,ip=rshift(ip,8),x++);
 	return ret
 }

@@ -49,40 +44,28 @@ BEGIN {
 	}

 	network=and(ipaddr,netmask)
-	prefix=32-bitcount(compl32(netmask))
 	broadcast=or(network,compl32(netmask))

+	start=or(network,and(ip2int(ARGV[3]),compl32(netmask)))
+	limit=network+1
+	if (start<limit) start=limit
+
+	end=start+ARGV[4]
+	limit=or(network,compl32(netmask))-1
+	if (end>limit) end=limit
+
 	print "IP="int2ip(ipaddr)
 	print "NETMASK="int2ip(netmask)
 	print "BROADCAST="int2ip(broadcast)
 	print "NETWORK="int2ip(network)
-	print "PREFIX="prefix
+	print "PREFIX="32-bitcount(compl32(netmask))

 	# range calculations:
 	# ipcalc <ip> <netmask> <start> <num>

-	if (ARGC <= 3)
-		exit(0)
-
-	start=or(network,and(ip2int(ARGV[3]),compl32(netmask)))
-	limit=network+1
-	if (start<limit) start=limit
-	if (start==ipaddr) start=ipaddr+1
-
-	end=start+ARGV[4]
-	limit=or(network,compl32(netmask))-1
-	if (end>limit) end=limit
-	if (end==ipaddr) end=ipaddr-1
-
-	if (start>end) {
-		print "network ("int2ip(network)"/"prefix") too small" > "/dev/stderr"
-		exit(1)
+	if (ARGC > 3) {
+		print "START="int2ip(start)
+		print "END="int2ip(end)
 	}
-
-	if (ipaddr > start && ipaddr < end) {
-		print "warning: ipaddr inside range - this might not be supported in future releases of Openwrt" > "/dev/stderr"
-	}
-
-	print "START="int2ip(start)
-	print "END="int2ip(end)
 }
+EOF
--- a/package/base-files/files/etc/board.d/99-default_network
+++ b/package/base-files/files/etc/board.d/99-default_network
@@ -1,3 +1,4 @@
+#!/bin/sh
 #
 # Copyright (C) 2013-2015 OpenWrt.org
 #
--- a/package/base-files/files/etc/init.d/boot
+++ b/package/base-files/files/etc/init.d/boot
@@ -21,10 +21,9 @@ boot() {
 	[ -f /proc/mounts ] || /sbin/mount_root
 	[ -f /proc/jffs2_bbc ] && echo "S" > /proc/jffs2_bbc

-	mkdir -p /var/lock
-	chmod 1777 /var/lock
-	mkdir -p /var/log
 	mkdir -p /var/run
+	mkdir -p /var/log
+	mkdir -p /var/lock
 	mkdir -p /var/state
 	mkdir -p /var/tmp
 	mkdir -p /tmp/.uci
@@ -48,7 +47,6 @@ boot() {

 	/bin/config_generate
 	uci_apply_defaults
-	sync
 	
 	# temporary hack until configd exists
 	/sbin/reload_config
--- a/package/base-files/files/etc/init.d/led
+++ b/package/base-files/files/etc/init.d/led
@@ -29,13 +29,12 @@ load_led() {
 	config_get delay $1 delay "150"
 	config_get message $1 message ""
 	config_get gpio $1 gpio "0"
-	config_get_bool inverted $1 inverted "0"
+	config_get inverted $1 inverted "0"

-	# execute application led trigger
-	[ -f "/usr/libexec/led-trigger/${trigger}" ] && {
-		. "/usr/libexec/led-trigger/${trigger}"
-		return 0
-	}
+	if [ "$trigger" = "rssi" ]; then
+		# handled by rssileds userspace process
+		return
+	fi

 	[ "$trigger" = "usbdev" ] && {
 		# Backward compatibility: translate to the new trigger
@@ -69,10 +68,6 @@ load_led() {
 			return 1
 		}
 		case "$trigger" in
-		"heartbeat")
-			echo "${inverted}" > "/sys/class/leds/${sysfs}/invert"
-			;;
-
 		"netdev")
 			[ -n "$dev" ] && {
 				echo $dev > /sys/class/leds/${sysfs}/device_name
--- a/package/base-files/files/etc/init.d/sysfixtime
+++ b/package/base-files/files/etc/init.d/sysfixtime
@@ -8,33 +8,23 @@ RTC_DEV=/dev/rtc0
 HWCLOCK=/sbin/hwclock

 boot() {
-	hwclock_load
-	local maxtime="$(find_max_time)"
+	start && exit 0
+
+	local maxtime="$(maxtime)"
 	local curtime="$(date +%s)"
-	if [ $curtime -lt $maxtime ]; then
-		date -s @$maxtime
-		hwclock_save
-	fi
+	[ $curtime -lt $maxtime ] && date -s @$maxtime
 }

 start() {
-	hwclock_load
-}
-
-stop() {
-	hwclock_save
-}
-
-hwclock_load() {
 	[ -e "$RTC_DEV" ] && [ -e "$HWCLOCK" ] && $HWCLOCK -s -u -f $RTC_DEV
 }

-hwclock_save(){
+stop() {
 	[ -e "$RTC_DEV" ] && [ -e "$HWCLOCK" ] && $HWCLOCK -w -u -f $RTC_DEV && \
 		logger -t sysfixtime "saved '$(date)' to $RTC_DEV"
 }

-find_max_time() {
+maxtime() {
 	local file newest

 	for file in $( find /etc -type f ) ; do
--- a/package/base-files/files/etc/init.d/system
+++ b/package/base-files/files/etc/init.d/system
@@ -4,7 +4,8 @@
 START=10
 USE_PROCD=1

-validate_system_section() {
+validate_system_section()
+{
 	uci_load_validate system system "$1" "$2" \
 		'hostname:string:OpenWrt' \
 		'conloglevel:uinteger' \
@@ -22,9 +23,8 @@ system_config() {
 	echo "$hostname" > /proc/sys/kernel/hostname
 	[ -z "$conloglevel" -a -z "$buffersize" ] || dmesg ${conloglevel:+-n $conloglevel} ${buffersize:+-s $buffersize}
 	echo "$timezone" > /tmp/TZ
-	[ -n "$zonename" ] && [ -f "/usr/share/zoneinfo/${zonename// /_}" ] \
-		&& ln -sf "/usr/share/zoneinfo/${zonename// /_}" /tmp/localtime \
-		&& rm -f /tmp/TZ
+	[ -n "$zonename" ] && [ -f "/usr/share/zoneinfo/$zonename" ] && \
+		ln -sf "/usr/share/zoneinfo/$zonename" /tmp/localtime && rm -f /tmp/TZ

 	# apply timezone to kernel
 	hwclock -u --systz
@@ -35,7 +35,8 @@ reload_service() {
 	config_foreach validate_system_section system system_config
 }

-service_triggers() {
+service_triggers()
+{
 	procd_add_reload_trigger "system"
 	procd_add_validation validate_system_section
 }
--- a/package/base-files/files/etc/profile
+++ b/package/base-files/files/etc/profile
@@ -3,7 +3,7 @@
 [ -f /etc/banner ] && cat /etc/banner
 [ -n "$FAILSAFE" ] && cat /etc/banner.failsafe

-grep -Fsq '/ overlay ro,' /proc/mounts && {
+fgrep -sq '/ overlay ro,' /proc/mounts && {
 	echo 'Your JFFS2-partition seems full and overlayfs is mounted read-only.'
 	echo 'Please try to remove files from /overlay/upper/... and reboot!'
 }
--- a/package/base-files/files/etc/rc.common
+++ b/package/base-files/files/etc/rc.common
@@ -55,12 +55,7 @@ enable() {

 enabled() {
 	name="$(basename "${initscript}")"
-	name="${name##[SK][0-9][0-9]}"
-	{
-		[ -z "${START:-}" ] || [ -L "$IPKG_INSTROOT/etc/rc.d/S${START}$name" ]
-	} && {
-		[ -z "${STOP:-}" ] || [ -L "$IPKG_INSTROOT/etc/rc.d/K${STOP}$name" ]
-	}
+	[ -x "$IPKG_INSTROOT/etc/rc.d/S${START}${name##S[0-9][0-9]}" ]
 }

 depends() {
@@ -105,9 +100,9 @@ service_data() {
 }

 service_running() {
-	local instance="${1:-*}"
-
-	procd_running "$(basename $initscript)" "$instance"
+	local service="${1:-$(basename $initscript)}"
+	local instance="${2:-*}"
+	procd_running "$service" "$instance" "$@"
 }

 ${INIT_TRACE:+set -x}
@@ -126,7 +121,6 @@ extra_command "enabled" "Check if service is started on boot"
 	extra_command "running" "Check if service is running"
 	extra_command "status" "Service status"
 	extra_command "trace" "Start with syscall trace"
-	extra_command "info" "Dump procd service info"

 	. $IPKG_INSTROOT/lib/functions/procd.sh
 	basescript=$(readlink "$initscript")
@@ -150,13 +144,6 @@ extra_command "enabled" "Check if service is started on boot"
 		start "$@"
 	}

-	info() {
-		json_init
-		json_add_string name "$(basename ${basescript:-$initscript})"
-		json_add_boolean verbose "1"
-		_procd_ubus_call list
-	}
-
 	stop() {
 		procd_lock
 		stop_service "$@"
--- a/package/base-files/files/etc/shadow
+++ b/package/base-files/files/etc/shadow
@@ -1,4 +1,4 @@
-root:::0:99999:7:::
+root::0:0:99999:7:::
 daemon:*:0:0:99999:7:::
 ftp:*:0:0:99999:7:::
 network:*:0:0:99999:7:::
--- a/package/base-files/files/etc/shinit
+++ b/package/base-files/files/etc/shinit
@@ -8,5 +8,26 @@ alias ll='ls -alF --color=auto'
 [ -x /usr/bin/arp -o -x /sbin/arp ] || arp() { cat /proc/net/arp; }
 [ -x /usr/bin/ldd ] || ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; }

+service() {
+	if [ -f "/etc/init.d/$1" ]; then
+		/etc/init.d/$@
+	else
+		echo "Usage: service <service> [command]"
+		if [ -n "$1" ]; then
+			echo "Service "'"'"$1"'"'" not found, the following services are available:"
+		else
+			echo "The following services are available:"
+		fi
+		for F in /etc/init.d/* ; do
+			printf "%-30s\t%10s\t%10s\n"  "$F" \
+			$( $($F enabled) && echo "enabled" || echo "disabled" ) \
+			$( [ "$(ubus call service list "{ 'verbose': true, 'name': '$(basename $F)' }" \
+			| jsonfilter -q -e "@['$(basename $F)'].instances[*].running" | uniq)" = "true" ] \
+			&& echo "running" || echo "stopped" )
+		done;
+		return 1
+	fi
+}
+
 [ -n "$KSH_VERSION" -o \! -s "$HOME/.shinit" ] || . "$HOME/.shinit"
 [ -z "$KSH_VERSION" -o \! -s "$HOME/.mkshrc" ] || . "$HOME/.mkshrc"
--- a/package/base-files/files/etc/sysctl.d/10-default.conf
+++ b/package/base-files/files/etc/sysctl.d/10-default.conf
@@ -9,7 +9,6 @@ fs.protected_hardlinks=1
 fs.protected_symlinks=1

 net.core.bpf_jit_enable=1
-net.core.bpf_jit_kallsyms=1

 net.ipv4.conf.default.arp_ignore=1
 net.ipv4.conf.all.arp_ignore=1
--- a/package/base-files/files/lib/functions.sh
+++ b/package/base-files/files/lib/functions.sh
@@ -209,10 +209,10 @@ add_group_and_user() {
 	if [ -n "$rusers" ]; then
 		local tuple oIFS="$IFS"
 		for tuple in $rusers; do
-			local uid gid uname gname addngroups addngroup addngname addngid
+			local uid gid uname gname

 			IFS=":"
-			set -- $tuple; uname="$1"; gname="$2"; addngroups="$3"
+			set -- $tuple; uname="$1"; gname="$2"
 			IFS="="
 			set -- $uname; uname="$1"; uid="$2"
 			set -- $gname; gname="$1"; gid="$2"
@@ -232,24 +232,7 @@ add_group_and_user() {
 				group_add_user "$gname" "$uname"
 			fi

-			if [ -n "$uname" ] &&  [ -n "$addngroups" ]; then
-				oIFS="$IFS"
-				IFS=","
-				for addngroup in $addngroups ; do
-					IFS="="
-					set -- $addngroup; addngname="$1"; addngid="$2"
-					if [ -n "$addngid" ]; then
-						group_exists "$addngname" || group_add "$addngname" "$addngid"
-					else
-						group_add_next "$addngname"
-					fi
-
-					group_add_user "$addngname" "$uname"
-				done
-				IFS="$oIFS"
-			fi
-
-			unset uid gid uname gname addngroups addngroup addngname addngid
+			unset uid gid uname gname
 		done
 	fi
 }
@@ -330,25 +313,6 @@ find_mtd_part() {
 	echo "${INDEX:+$PREFIX$INDEX}"
 }

-find_mmc_part() {
-	local DEVNAME PARTNAME ROOTDEV
-
-	if grep -q "$1" /proc/mtd; then
-		echo "" && return 0
-	fi
-
-	if [ -n "$2" ]; then
-		ROOTDEV="$2"
-	else
-		ROOTDEV="mmcblk*"
-	fi
-
-	for DEVNAME in /sys/block/$ROOTDEV/mmcblk*p*; do
-		PARTNAME="$(grep PARTNAME ${DEVNAME}/uevent | cut -f2 -d'=')"
-		[ "$PARTNAME" = "$1" ] && echo "/dev/$(basename $DEVNAME)" && return 0
-	done
-}
-
 group_add() {
 	local name="$1"
 	local gid="$2"
@@ -386,9 +350,6 @@ group_add_user() {
 	echo "$grp" | grep -q ":$" && delim=""
 	[ -n "$IPKG_INSTROOT" ] || lock /var/lock/passwd
 	sed -i "s/$grp/$grp$delim$2/g" ${IPKG_INSTROOT}/etc/group
-	if [ -z "$IPKG_INSTROOT" ] && [ -x /usr/sbin/selinuxenabled ] && selinuxenabled; then
-		restorecon /etc/group
-	fi
 	[ -n "$IPKG_INSTROOT" ] || lock -u /var/lock/passwd
 }

@@ -423,14 +384,4 @@ board_name() {
 	[ -e /tmp/sysinfo/board_name ] && cat /tmp/sysinfo/board_name || echo "generic"
 }

-cmdline_get_var() {
-	local var=$1
-	local cmdlinevar tmp
-
-	for cmdlinevar in $(cat /proc/cmdline); do
-		tmp=${cmdlinevar##${var}}
-		[ "=" = "${tmp:0:1}" ] && echo ${tmp:1}
-	done
-}
-
 [ -z "$IPKG_INSTROOT" ] && [ -f /lib/config/uci.sh ] && . /lib/config/uci.sh
--- a/package/base-files/files/lib/functions/caldata.sh
+++ b/package/base-files/files/lib/functions/caldata.sh
@@ -48,19 +48,6 @@ caldata_extract_ubi() {
 		caldata_die "failed to extract calibration data from $ubi"
 }

-caldata_extract_mmc() {
-	local part=$1
-	local offset=$(($2))
-	local count=$(($3))
-	local mmc_part
-
-	mmc_part=$(find_mmc_part $part)
-	[ -n "$mmc_part" ] || caldata_die "no mmc partition found for partition $part"
-
-	caldata_dd $mmc_part /lib/firmware/$FIRMWARE $count $offset || \
-		caldata_die "failed to extract calibration data from $mmc_part"
-}
-
 caldata_extract_reverse() {
 	local part=$1
 	local offset=$2
--- a/package/base-files/files/lib/functions/network.sh
+++ b/package/base-files/files/lib/functions/network.sh
@@ -90,13 +90,6 @@ network_get_prefix6() {
 	__network_ifstatus "$1" "$2" "['ipv6-prefix'][0]['address','mask']" "/"
 }

-# determine first IPv6 prefix assignment of given logical interface
-# 1: destination variable
-# 2: interface
-network_get_prefix_assignment6() {
-	__network_ifstatus "$1" "$2" "['ipv6-prefix-assignment'][0]['address','mask']" "/"
-}
-
 # determine all IPv4 addresses of given logical interface
 # 1: destination variable
 # 2: interface
@@ -194,13 +187,6 @@ network_get_prefixes6() {
 	__network_ifstatus "$1" "$2" "['ipv6-prefix'][*]['address','mask']" "/ "
 }

-# determine all IPv6 prefix assignments of given logical interface
-# 1: destination variable
-# 2: interface
-network_get_prefix_assignments6() {
-	__network_ifstatus "$1" "$2" "['ipv6-prefix-assignment'][*]['address','mask']" "/ "
-}
-
 # determine IPv4 gateway of given logical interface
 # 1: destination variable
 # 2: interface
--- a/package/base-files/files/lib/functions/system.sh
+++ b/package/base-files/files/lib/functions/system.sh
@@ -79,72 +79,11 @@ mtd_get_mac_ascii() {
 	[ -n "$mac_dirty" ] && macaddr_canonicalize "$mac_dirty"
 }

-mtd_get_mac_encrypted_arcadyan() {
-	local iv="00000000000000000000000000000000"
-	local key="2A4B303D7644395C3B2B7053553C5200"
-	local mac_dirty
-	local mtdname="$1"
-	local part
-	local size
-
-	part=$(find_mtd_part "$mtdname")
-	if [ -z "$part" ]; then
-		echo "mtd_get_mac_encrypted_arcadyan: partition $mtdname not found!" >&2
-		return
-	fi
-
-	# Config decryption and getting mac. Trying uencrypt and openssl utils.
-	size=$((0x$(dd if=$part skip=9 bs=1 count=4 2>/dev/null | hexdump -v -e '1/4 "%08x"')))
-	if [[ -f  "/usr/bin/uencrypt" ]]; then
-		mac_dirty=$(dd if=$part bs=1 count=$size skip=$((0x100)) 2>/dev/null | \
-			uencrypt -d -n -k $key -i $iv | grep mac | cut -c 5-)
-	elif [[ -f  "/usr/bin/openssl" ]]; then
-		mac_dirty=$(dd if=$part bs=1 count=$size skip=$((0x100)) 2>/dev/null | \
-			openssl aes-128-cbc -d -nopad -K $key -iv $iv | grep mac | cut -c 5-)
-	else
-		echo "mtd_get_mac_encrypted_arcadyan: Neither uencrypt nor openssl was found!" >&2
-		return
-	fi
-
-	# "canonicalize" mac
-	[ -n "$mac_dirty" ] && macaddr_canonicalize "$mac_dirty"
-}
-
-mtd_get_mac_encrypted_deco() {
-	local mtdname="$1"
-
-	if ! [ -e "$mtdname" ]; then
-		echo "mtd_get_mac_encrypted_deco: file $mtdname not found!" >&2
-		return
-	fi
-
-	tplink_key="3336303032384339"
-
-	key=$(dd if=$mtdname bs=1 skip=16 count=8 2>/dev/null | \
-		uencrypt -n -d -k $tplink_key -c des-ecb | hexdump -v -n 8 -e '1/1 "%02x"')
-
-	macaddr=$(dd if=$mtdname bs=1 skip=32 count=8 2>/dev/null | \
-		uencrypt -n -d -k $key -c des-ecb | hexdump -v -n 6 -e '5/1 "%02x:" 1/1 "%02x"')
-
-	echo $macaddr
-}
-
-mtd_get_mac_uci_config_ubi() {
-	local volumename="$1"
-
-	. /lib/upgrade/nand.sh
-
-	local ubidev=$(nand_attach_ubi $CI_UBIPART)
-	local part=$(nand_find_volume $ubidev $volumename)
-
-	cat "/dev/$part" | sed -n 's/^\s*option macaddr\s*'"'"'\?\([0-9A-F:]\+\)'"'"'\?/\1/Ip'
-}
-
 mtd_get_mac_text() {
-	local mtdname="$1"
-	local offset=$((${2:-0}))
-	local length="${3:-17}"
+	local mtdname=$1
+	local offset=$(($2))
 	local part
+	local mac_dirty

 	part=$(find_mtd_part "$mtdname")
 	if [ -z "$part" ]; then
@@ -152,9 +91,15 @@ mtd_get_mac_text() {
 		return
 	fi

-	[ $((offset + length)) -le $(mtd_get_part_size "$mtdname") ] || return
+	if [ -z "$offset" ]; then
+		echo "mtd_get_mac_text: offset missing!" >&2
+		return
+	fi

-	macaddr_canonicalize $(dd bs=1 if="$part" skip="$offset" count="$length" 2>/dev/null)
+	mac_dirty=$(dd if="$part" bs=1 skip="$offset" count=17 2>/dev/null)
+
+	# "canonicalize" mac
+	[ -n "$mac_dirty" ] && macaddr_canonicalize "$mac_dirty"
 }

 mtd_get_mac_binary() {
@@ -190,15 +135,6 @@ mtd_get_part_size() {
 	done < /proc/mtd
 }

-mmc_get_mac_binary() {
-	local part_name="$1"
-	local offset="$2"
-	local part
-
-	part=$(find_mmc_part "$part_name")
-	get_mac_binary "$part" "$offset"
-}
-
 macaddr_add() {
 	local mac=$1
 	local val=$2
@@ -209,14 +145,6 @@ macaddr_add() {
 	echo $oui:$nic
 }

-macaddr_generate_from_mmc_cid() {
-	local mmc_dev=$1
-
-	local sd_hash=$(sha256sum /sys/class/block/$mmc_dev/device/cid)
-	local mac_base=$(macaddr_canonicalize "$(echo "${sd_hash}" | dd bs=1 count=12 2>/dev/null)")
-	echo "$(macaddr_unsetbit_mc "$(macaddr_setbit_la "${mac_base}")")"
-}
-
 macaddr_geteui() {
 	local mac=$1
 	local sep=$2
@@ -296,7 +224,3 @@ macaddr_canonicalize() {

 	printf "%02x:%02x:%02x:%02x:%02x:%02x" 0x${canon// / 0x} 2>/dev/null
 }
-
-dt_is_enabled() {
-	grep -q okay "/proc/device-tree/$1/status"
-}
--- a/package/base-files/files/lib/functions/uci-defaults.sh
+++ b/package/base-files/files/lib/functions/uci-defaults.sh
@@ -96,7 +96,7 @@ ucidef_set_interfaces_lan_wan() {

 ucidef_set_bridge_device() {
 	json_select_object bridge
-	json_add_string name "${1:-switch0}"
+	json_add_string name "${1:switch0}"
 	json_select ..
 }

@@ -114,14 +114,6 @@ ucidef_set_network_device_mac() {
 	json_select ..
 }

-ucidef_set_network_device_path() {
-	json_select_object "network_device"
-	json_select_object "$1"
-	json_add_string path "$2"
-	json_select ..
-	json_select ..
-}
-
 _ucidef_add_switch_port() {
 	# inherited: $num $device $need_tag $want_untag $role $index $prev_role
 	# inherited: $n_cpu $n_ports $n_vlan $cpu0 $cpu1 $cpu2 $cpu3 $cpu4 $cpu5
@@ -426,15 +418,6 @@ ucidef_set_led_default() {
 	json_select ..
 }

-ucidef_set_led_heartbeat() {
-	_ucidef_set_led_common "$1" "$2" "$3"
-
-	json_add_string trigger heartbeat
-	json_select ..
-
-	json_select ..
-}
-
 ucidef_set_led_gpio() {
 	local gpio="$4"
 	local inverted="$5"
@@ -646,21 +629,6 @@ ucidef_set_ntpserver() {
 	json_select ..
 }

-ucidef_add_wlan() {
-	local path="$1"; shift
-
-	ucidef_wlan_idx=${ucidef_wlan_idx:-0}
-
-	json_select_object wlan
-	json_select_object "wl$ucidef_wlan_idx"
-	json_add_string path "$path"
-	json_add_fields "$@"
-	json_select ..
-	json_select ..
-
-	ucidef_wlan_idx="$((ucidef_wlan_idx + 1))"
-}
-
 board_config_update() {
 	json_init
 	[ -f ${CFG} ] && json_load "$(cat ${CFG})"
--- a/package/base-files/files/lib/preinit/10_indicate_preinit
+++ b/package/base-files/files/lib/preinit/10_indicate_preinit
@@ -18,9 +18,6 @@ preinit_ip_config() {
 	fi

 	ip link set dev $netdev up
-	if [ -n "$vid" ]; then
-		ip link set dev $1 up
-	fi
 	ip -4 address add $pi_ip/$pi_netmask broadcast $pi_broadcast dev $1
 }

@@ -63,20 +60,6 @@ preinit_config_switch() {
 	json_select ..
 }

-preinit_config_port() {
-	local original
-
-	local netdev="$1"
-	local path="$2"
-
-	[ -d "/sys/devices/$path/net" ] || return
-	original="$(ls "/sys/devices/$path/net" | head -1)"
-
-	[ "$netdev" = "$original" ] && return
-
-	ip link set "$original" name "$netdev"
-}
-
 preinit_config_board() {
 	/bin/board_detect /tmp/board.json

@@ -87,49 +70,16 @@ preinit_config_board() {
 	json_init
 	json_load "$(cat /tmp/board.json)"

-	# Find the current highest eth*
-	max_eth=$(grep -o '^ *eth[0-9]*:' /proc/net/dev | tr -dc '[0-9]\n' | sort -n | tail -1)
-	# Find and move netdevs using eth*s we are configuring
-	json_get_keys keys "network_device"
-	for netdev in $keys; do
-		json_select "network_device"
-			json_select "$netdev"
-				json_get_vars path path
-				if [ -n "$path" -a -h "/sys/class/net/$netdev" ]; then
-					ip link set "$netdev" down
-					ip link set "$netdev" name eth$((++max_eth))
-				fi
-			json_select ..
-		json_select ..
-	done
-
-	# Move interfaces by path to their netdev name
-	json_get_keys keys "network_device"
-	for netdev in $keys; do
-		json_select "network_device"
-			json_select "$netdev"
-				json_get_vars path path
-				[ -n "$path" ] && preinit_config_port "$netdev" "$path"
-			json_select ..
-		json_select ..
-	done
-
 	json_select network
 		json_select "lan"
-			json_get_vars device
-			json_get_values ports ports
+			json_get_vars ifname
 		json_select ..
 	json_select ..

-	[ -n "$device" -o -n "$ports" ] || return
-
-	# swconfig uses $device and DSA uses ports
-	[ -z "$ports" ] && {
-		ports="$device"
-	}
+	[ -n "$ifname" ] || return

 	# only use the first one
-	ifname=${ports%% *}
+	ifname=${ifname%% *}

 	if [ -x /sbin/swconfig ]; then
 		# configure the switch, if present
@@ -141,8 +91,6 @@ preinit_config_board() {
 	else
 		# trim any vlan ids
 		ifname=${ifname%\.*}
-		# trim any vlan modifiers like :t
-		ifname=${ifname%\:*}
 	fi

 	pi_ifname=$ifname
--- a/package/base-files/files/lib/preinit/30_failsafe_wait
+++ b/package/base-files/files/lib/preinit/30_failsafe_wait
@@ -40,39 +40,35 @@ fs_wait_for_key () {
 		rm -f $keypress_wait
 	} &

-	local consoles="$(sed -e 's/ /\n/g' /proc/cmdline | grep '^console=' | sed -e 's/^console=//' -e 's/,.*//')"
-	[ -n "$consoles" ] || consoles=console
-	for console in $consoles; do
-		[ -c "/dev/$console" ] || continue
-		[ "$pi_preinit_no_failsafe" != "y" ] && echo "Press the [$1] key and hit [enter] $2" > "/dev/$console"
-		echo "Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level" > "/dev/$console"
-		{
-			while [ -r $keypress_wait ]; do
-				timer="$(cat $keypress_sec)"
+	[ "$pi_preinit_no_failsafe" != "y" ] && echo "Press the [$1] key and hit [enter] $2"
+	echo "Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level"
+	# if we're on the console we wait for input
+	{
+		while [ -r $keypress_wait ]; do
+			timer="$(cat $keypress_sec)"

-				[ -n "$timer" ] || timer=1
-				timer="${timer%%\ *}"
-				[ $timer -ge 1 ] || timer=1
-				do_keypress=""
-				{
-					read -t "$timer" do_keypress < "/dev/$console"
-					case "$do_keypress" in
-					$1)
-						echo "true" >$keypress_true
-						;;
-					1 | 2 | 3 | 4)
-						echo "$do_keypress" >/tmp/debug_level
-						;;
-					*)
-						continue;
-						;;
-					esac
-					lock -u $keypress_wait
-					rm -f $keypress_wait
-				}
-			done
-		} &
-	done
+			[ -n "$timer" ] || timer=1
+			timer="${timer%%\ *}"
+			[ $timer -ge 1 ] || timer=1
+			do_keypress=""
+			{
+				read -t "$timer" do_keypress
+				case "$do_keypress" in
+				$1)
+					echo "true" >$keypress_true
+					;;
+				1 | 2 | 3 | 4)
+					echo "$do_keypress" >/tmp/debug_level
+					;;
+				*)
+					continue;
+					;;
+				esac
+				lock -u $keypress_wait
+				rm -f $keypress_wait
+			}
+		done
+	}
 	lock -w $keypress_wait

 	keypressed=1
--- a/package/base-files/files/lib/preinit/80_mount_root
+++ b/package/base-files/files/lib/preinit/80_mount_root
@@ -17,12 +17,11 @@ missing_lines() {
 do_mount_root() {
 	mount_root
 	boot_run_hook preinit_mount_root
-	[ -f /sysupgrade.tgz -o -f /tmp/sysupgrade.tar ] && {
+	[ -f /sysupgrade.tgz ] && {
 		echo "- config restore -"
 		cp /etc/passwd /etc/group /etc/shadow /tmp
 		cd /
-		[ -f /sysupgrade.tgz ] && tar xzf /sysupgrade.tgz
-		[ -f /tmp/sysupgrade.tar ] && tar xf /tmp/sysupgrade.tar
+		tar xzf /sysupgrade.tgz
 		missing_lines /tmp/passwd /etc/passwd >> /etc/passwd
 		missing_lines /tmp/group /etc/group >> /etc/group
 		missing_lines /tmp/shadow /etc/shadow >> /etc/shadow
--- a/package/base-files/files/lib/preinit/99_10_failsafe_login
+++ b/package/base-files/files/lib/preinit/99_10_failsafe_login
@@ -2,14 +2,13 @@
 # Copyright (C) 2010 Vertical Communications

 failsafe_shell() {
-	local consoles="$(sed -e 's/ /\n/g' /proc/cmdline | grep '^console=' | sed -e 's/^console=//' -e 's/,.*//')"
-	[ -n "$consoles" ] || consoles=console
-	for console in $consoles; do
-		[ -c "/dev/$console" ] && while true; do
-			ash --login <"/dev/$console" >"/dev/$console" 2>"/dev/$console"
-			sleep 1
-		done &
-	done
+	local console="$(sed -e 's/ /\n/g' /proc/cmdline | grep '^console=' | head -1 | sed -e 's/^console=//' -e 's/,.*//')"
+	[ -n "$console" ] || console=console
+	[ -c "/dev/$console" ] || return 0
+	while true; do
+		ash --login <"/dev/$console" >"/dev/$console" 2>"/dev/$console"
+		sleep 1
+	done &
 }

 boot_hook_add failsafe failsafe_shell
--- a/package/base-files/files/lib/upgrade/common.sh
+++ b/package/base-files/files/lib/upgrade/common.sh
@@ -65,9 +65,16 @@ _v() {
 	[ -n "$VERBOSE" ] && [ "$VERBOSE" -ge 1 ] && echo "$*" >&2
 }

+_vn() {
+	[ -n "$VERBOSE" ] && [ "$VERBOSE" -ge 1 ] && echo -n "$*" >&2
+}
+
 v() {
 	_v "$(date) upgrade: $@"
-	logger -p info -t upgrade "$@"
+}
+
+vn() {
+	_vn "$(date) upgrade: $@"
 }

 json_string() {
@@ -88,7 +95,8 @@ get_image() { # <source> [ <command> ]
 	if [ -z "$cmd" ]; then
 		local magic="$(dd if="$from" bs=2 count=1 2>/dev/null | hexdump -n 2 -e '1/1 "%02x"')"
 		case "$magic" in
-			1f8b) cmd="busybox zcat";;
+			1f8b) cmd="zcat";;
+			425a) cmd="bzcat";;
 			*) cmd="cat";;
 		esac
 	fi
@@ -127,33 +135,6 @@ get_magic_fat32() {
 	(get_image "$@" | dd bs=1 count=5 skip=82) 2>/dev/null
 }

-identify_magic_long() {
-	local magic=$1
-	case "$magic" in
-		"55424923")
-			echo "ubi"
-			;;
-		"31181006")
-			echo "ubifs"
-			;;
-		"68737173")
-			echo "squashfs"
-			;;
-		"d00dfeed")
-			echo "fit"
-			;;
-		"4349"*)
-			echo "combined"
-			;;
-		"1f8b"*)
-			echo "gzip"
-			;;
-		*)
-			echo "unknown $magic"
-			;;
-	esac
-}
-
 part_magic_efi() {
 	local magic=$(get_magic_gpt "$@")
 	[ "$magic" = "EFI PART" ]
@@ -166,59 +147,71 @@ part_magic_fat() {
 }

 export_bootdevice() {
-	local cmdline uuid blockdev uevent line class
+	local cmdline bootdisk rootpart uuid blockdev uevent line class
 	local MAJOR MINOR DEVNAME DEVTYPE
-	local rootpart="$(cmdline_get_var root)"

-	case "$rootpart" in
-		PARTUUID=[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9]-[a-f0-9][a-f0-9])
-			uuid="${rootpart#PARTUUID=}"
-			uuid="${uuid%-[a-f0-9][a-f0-9]}"
-			for blockdev in $(find /dev -type b); do
-				set -- $(dd if=$blockdev bs=1 skip=440 count=4 2>/dev/null | hexdump -v -e '4/1 "%02x "')
-				if [ "$4$3$2$1" = "$uuid" ]; then
-					uevent="/sys/class/block/${blockdev##*/}/uevent"
-					break
-				fi
-			done
-		;;
-		PARTUUID=????????-????-????-????-??????????0?/PARTNROFF=1 | \
-		PARTUUID=????????-????-????-????-??????????02)
-			uuid="${rootpart#PARTUUID=}"
-			uuid="${uuid%/PARTNROFF=1}"
-			uuid="${uuid%0?}00"
-			for disk in $(find /dev -type b); do
-				set -- $(dd if=$disk bs=1 skip=568 count=16 2>/dev/null | hexdump -v -e '8/1 "%02x "" "2/1 "%02x""-"6/1 "%02x"')
-				if [ "$4$3$2$1-$6$5-$8$7-$9" = "$uuid" ]; then
-					uevent="/sys/class/block/${disk##*/}/uevent"
-					break
-				fi
-			done
-		;;
-		/dev/*)
-			uevent="/sys/class/block/${rootpart##*/}/../uevent"
-		;;
-		0x[a-f0-9][a-f0-9][a-f0-9] | 0x[a-f0-9][a-f0-9][a-f0-9][a-f0-9] | \
-		[a-f0-9][a-f0-9][a-f0-9] | [a-f0-9][a-f0-9][a-f0-9][a-f0-9])
-			rootpart=0x${rootpart#0x}
-			for class in /sys/class/block/*; do
-				while read line; do
-					export -n "$line"
-				done < "$class/uevent"
-				if [ $((rootpart/256)) = $MAJOR -a $((rootpart%256)) = $MINOR ]; then
-					uevent="$class/../uevent"
-				fi
-			done
-		;;
-	esac
+	if read cmdline < /proc/cmdline; then
+		case "$cmdline" in
+			*root=*)
+				rootpart="${cmdline##*root=}"
+				rootpart="${rootpart%% *}"
+			;;
+		esac

-	if [ -e "$uevent" ]; then
-		while read line; do
-			export -n "$line"
-		done < "$uevent"
-		export BOOTDEV_MAJOR=$MAJOR
-		export BOOTDEV_MINOR=$MINOR
-		return 0
+		case "$bootdisk" in
+			/dev/*)
+				uevent="/sys/class/block/${bootdisk##*/}/uevent"
+			;;
+		esac
+
+		case "$rootpart" in
+			PARTUUID=[a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9][a-f0-9]-[a-f0-9][a-f0-9])
+				uuid="${rootpart#PARTUUID=}"
+				uuid="${uuid%-[a-f0-9][a-f0-9]}"
+				for blockdev in $(find /dev -type b); do
+					set -- $(dd if=$blockdev bs=1 skip=440 count=4 2>/dev/null | hexdump -v -e '4/1 "%02x "')
+					if [ "$4$3$2$1" = "$uuid" ]; then
+						uevent="/sys/class/block/${blockdev##*/}/uevent"
+						break
+					fi
+				done
+			;;
+			PARTUUID=????????-????-????-????-??????????02)
+				uuid="${rootpart#PARTUUID=}"
+				uuid="${uuid%02}00"
+				for disk in $(find /dev -type b); do
+					set -- $(dd if=$disk bs=1 skip=568 count=16 2>/dev/null | hexdump -v -e '8/1 "%02x "" "2/1 "%02x""-"6/1 "%02x"')
+					if [ "$4$3$2$1-$6$5-$8$7-$9" = "$uuid" ]; then
+						uevent="/sys/class/block/${disk##*/}/uevent"
+						break
+					fi
+				done
+			;;
+			/dev/*)
+				uevent="/sys/class/block/${rootpart##*/}/../uevent"
+			;;
+			0x[a-f0-9][a-f0-9][a-f0-9] | 0x[a-f0-9][a-f0-9][a-f0-9][a-f0-9] | \
+			[a-f0-9][a-f0-9][a-f0-9] | [a-f0-9][a-f0-9][a-f0-9][a-f0-9])
+				rootpart=0x${rootpart#0x}
+				for class in /sys/class/block/*; do
+					while read line; do
+						export -n "$line"
+					done < "$class/uevent"
+					if [ $((rootpart/256)) = $MAJOR -a $((rootpart%256)) = $MINOR ]; then
+						uevent="$class/../uevent"
+					fi
+				done
+			;;
+		esac
+
+		if [ -e "$uevent" ]; then
+			while read line; do
+				export -n "$line"
+			done < "$uevent"
+			export BOOTDEV_MAJOR=$MAJOR
+			export BOOTDEV_MINOR=$MINOR
+			return 0
+		fi
 	fi

 	return 1
@@ -232,7 +225,7 @@ export_partdevice() {
 		while read line; do
 			export -n "$line"
 		done < "$uevent"
-		if [ "$BOOTDEV_MAJOR" = "$MAJOR" -a $(($BOOTDEV_MINOR + $offset)) = "$MINOR" -a -b "/dev/$DEVNAME" ]; then
+		if [ $BOOTDEV_MAJOR = $MAJOR -a $(($BOOTDEV_MINOR + $offset)) = $MINOR -a -b "/dev/$DEVNAME" ]; then
 			export "$var=$DEVNAME"
 			return 0
 		fi
@@ -274,7 +267,7 @@ get_partitions() { # <device> <filename>
 				local type="$1"
 				local lba="$(( $(hex_le32_to_cpu $4) * 0x100000000 + $(hex_le32_to_cpu $3) ))"
 				local end="$(( $(hex_le32_to_cpu $6) * 0x100000000 + $(hex_le32_to_cpu $5) ))"
-				local num="$(( $end - $lba + 1 ))"
+				local num="$(( $end - $lba ))"

 				[ "$type" = "00000000000000000000000000000000" ] && continue

--- a/package/base-files/files/lib/upgrade/emmc.sh
+++ b/package/base-files/files/lib/upgrade/emmc.sh
@@ -1,67 +0,0 @@
-# Copyright (C) 2021 OpenWrt.org
-#
-
-. /lib/functions.sh
-
-emmc_upgrade_tar() {
-	local tar_file="$1"
-	[ "$CI_KERNPART" -a -z "$EMMC_KERN_DEV" ] && export EMMC_KERN_DEV="$(find_mmc_part $CI_KERNPART $CI_ROOTDEV)"
-	[ "$CI_ROOTPART" -a -z "$EMMC_ROOT_DEV" ] && export EMMC_ROOT_DEV="$(find_mmc_part $CI_ROOTPART $CI_ROOTDEV)"
-	[ "$CI_DATAPART" -a -z "$EMMC_DATA_DEV" ] && export EMMC_DATA_DEV="$(find_mmc_part $CI_DATAPART $CI_ROOTDEV)"
-	local has_kernel
-	local has_rootfs
-	local board_dir=$(tar tf "$tar_file" | grep -m 1 '^sysupgrade-.*/$')
-	board_dir=${board_dir%/}
-
-	tar tf "$tar_file" ${board_dir}/kernel 1>/dev/null 2>/dev/null && has_kernel=1
-	tar tf "$tar_file" ${board_dir}/root 1>/dev/null 2>/dev/null && has_rootfs=1
-
-	[ "$has_kernel" = 1 -a "$EMMC_KERN_DEV" ] &&
-		export EMMC_KERNEL_BLOCKS=$(($(tar xf "$tar_file" ${board_dir}/kernel -O | dd of="$EMMC_KERN_DEV" bs=512 2>&1 | grep "records out" | cut -d' ' -f1)))
-
-	[ "$has_rootfs" = 1 -a "$EMMC_ROOT_DEV" ] && {
-		export EMMC_ROOTFS_BLOCKS=$(($(tar xf "$tar_file" ${board_dir}/root -O | dd of="$EMMC_ROOT_DEV" bs=512 2>&1 | grep "records out" | cut -d' ' -f1)))
-		# Account for 64KiB ROOTDEV_OVERLAY_ALIGN in libfstools
-		EMMC_ROOTFS_BLOCKS=$(((EMMC_ROOTFS_BLOCKS + 127) & ~127))
-	}
-
-	if [ -z "$UPGRADE_BACKUP" ]; then
-		if [ "$EMMC_DATA_DEV" ]; then
-			dd if=/dev/zero of="$EMMC_DATA_DEV" bs=512 count=8
-		elif [ "$EMMC_ROOTFS_BLOCKS" ]; then
-			dd if=/dev/zero of="$EMMC_ROOT_DEV" bs=512 seek=$EMMC_ROOTFS_BLOCKS count=8
-		elif [ "$EMMC_KERNEL_BLOCKS" ]; then
-			dd if=/dev/zero of="$EMMC_KERN_DEV" bs=512 seek=$EMMC_KERNEL_BLOCKS count=8
-		fi
-	fi
-}
-
-emmc_upgrade_fit() {
-	local fit_file="$1"
-	[ "$CI_KERNPART" -a -z "$EMMC_KERN_DEV" ] && export EMMC_KERN_DEV="$(find_mmc_part $CI_KERNPART $CI_ROOTDEV)"
-
-	if [ "$EMMC_KERN_DEV" ]; then
-		export EMMC_KERNEL_BLOCKS=$(($(get_image "$fit_file" | fwtool -i /dev/null -T - | dd of="$EMMC_KERN_DEV" bs=512 2>&1 | grep "records out" | cut -d' ' -f1)))
-
-		[ -z "$UPGRADE_BACKUP" ] && dd if=/dev/zero of="$EMMC_KERN_DEV" bs=512 seek=$EMMC_KERNEL_BLOCKS count=8
-	fi
-}
-
-emmc_copy_config() {
-	if [ "$EMMC_DATA_DEV" ]; then
-		dd if="$UPGRADE_BACKUP" of="$EMMC_DATA_DEV" bs=512
-	elif [ "$EMMC_ROOTFS_BLOCKS" ]; then
-		dd if="$UPGRADE_BACKUP" of="$EMMC_ROOT_DEV" bs=512 seek=$EMMC_ROOTFS_BLOCKS
-	elif [ "$EMMC_KERNEL_BLOCKS" ]; then
-		dd if="$UPGRADE_BACKUP" of="$EMMC_KERN_DEV" bs=512 seek=$EMMC_KERNEL_BLOCKS
-	fi
-}
-
-emmc_do_upgrade() {
-	local file_type=$(identify_magic_long "$(get_magic_long "$1")")
-
-	case "$file_type" in
-		"fit")  emmc_upgrade_fit $1;;
-		*)      emmc_upgrade_tar $1;;
-	esac
-}
--- a/package/base-files/files/lib/upgrade/fwtool.sh
+++ b/package/base-files/files/lib/upgrade/fwtool.sh
@@ -71,7 +71,6 @@ fwtool_check_image() {

 			# minor compat version -> sysupgrade with -n required
 			if [ "${devicecompat#.*}" != "${imagecompat#.*}" ] && [ "$SAVE_CONFIG" = "1" ]; then
-				[ "$IGNORE_MINOR_COMPAT" = 1 ] && return 0
 				v "The device is supported, but the config is incompatible to the new image ($devicecompat->$imagecompat). Please upgrade without keeping config (sysupgrade -n)."
 				[ -n "$compatmessage" ] && v "$compatmessage"
 				return 1
@@ -82,12 +81,12 @@ fwtool_check_image() {
 	done

 	v "Device $device not supported by this image"
-	local devices="Supported devices:"
+	vn "Supported devices:"
 	for k in $dev_keys; do
 		json_get_var dev "$k"
-		devices="$devices $dev"
+		_vn " $dev"
 	done
-	v "$devices"
+	_v

 	return 1
 }
--- a/package/base-files/files/lib/upgrade/legacy-sdcard.sh
+++ b/package/base-files/files/lib/upgrade/legacy-sdcard.sh
@@ -1,91 +0,0 @@
-legacy_sdcard_check_image() {
-	local file="$1"
-	local diskdev partdev diff
-
-	export_bootdevice && export_partdevice diskdev 0 || {
-		v "Unable to determine upgrade device"
-	return 1
-	}
-
-	get_partitions "/dev/$diskdev" bootdisk
-
-	v "Extract boot sector from the image"
-	get_image_dd "$1" of=/tmp/image.bs count=1 bs=512b
-
-	get_partitions /tmp/image.bs image
-
-	#compare tables
-	diff="$(grep -F -x -v -f /tmp/partmap.bootdisk /tmp/partmap.image)"
-
-	rm -f /tmp/image.bs /tmp/partmap.bootdisk /tmp/partmap.image
-
-	if [ -n "$diff" ]; then
-		v "Partition layout has changed. Full image will be written."
-		ask_bool 0 "Abort" && exit 1
-		return 0
-	fi
-}
-
-legacy_sdcard_do_upgrade() {
-	local board=$(board_name)
-	local diskdev partdev diff
-
-	export_bootdevice && export_partdevice diskdev 0 || {
-		v "Unable to determine upgrade device"
-	return 1
-	}
-
-	sync
-
-	if [ "$UPGRADE_OPT_SAVE_PARTITIONS" = "1" ]; then
-		get_partitions "/dev/$diskdev" bootdisk
-
-		v "Extract boot sector from the image"
-		get_image_dd "$1" of=/tmp/image.bs count=1 bs=512b
-
-		get_partitions /tmp/image.bs image
-
-		#compare tables
-		diff="$(grep -F -x -v -f /tmp/partmap.bootdisk /tmp/partmap.image)"
-	else
-		diff=1
-	fi
-
-	if [ -n "$diff" ]; then
-		get_image_dd "$1" of="/dev/$diskdev" bs=4096 conv=fsync
-
-		# Separate removal and addtion is necessary; otherwise, partition 1
-		# will be missing if it overlaps with the old partition 2
-		partx -d - "/dev/$diskdev"
-		partx -a - "/dev/$diskdev"
-	else
-		v "Writing bootloader to /dev/$diskdev"
-		get_image_dd "$1" of="$diskdev" bs=512 skip=1 seek=1 count=2048 conv=fsync
-		#iterate over each partition from the image and write it to the boot disk
-		while read part start size; do
-			if export_partdevice partdev $part; then
-				v "Writing image to /dev/$partdev..."
-				get_image_dd "$1" of="/dev/$partdev" ibs="512" obs=1M skip="$start" count="$size" conv=fsync
-			else
-				v "Unable to find partition $part device, skipped."
-			fi
-		done < /tmp/partmap.image
-
-		v "Writing new UUID to /dev/$diskdev..."
-		get_image_dd "$1" of="/dev/$diskdev" bs=1 skip=440 count=4 seek=440 conv=fsync
-	fi
-
-	sleep 1
-}
-
-legacy_sdcard_copy_config() {
-	local partdev
-
-	if export_partdevice partdev 1; then
-		mkdir -p /boot
-		[ -f /boot/kernel.img ] || mount -o rw,noatime /dev/$partdev /boot
-		cp -af "$UPGRADE_BACKUP" "/boot/$BACKUP_FILE"
-		sync
-		umount /boot
-	fi
-}
--- a/package/base-files/files/lib/upgrade/nand.sh
+++ b/package/base-files/files/lib/upgrade/nand.sh
@@ -3,15 +3,13 @@

 . /lib/functions.sh

-# 'kernel' partition or UBI volume on NAND contains the kernel
+# 'kernel' partition on NAND contains the kernel
 CI_KERNPART="${CI_KERNPART:-kernel}"

 # 'ubi' partition on NAND contains UBI
-# There are also CI_KERN_UBIPART and CI_ROOT_UBIPART if kernel
-# and rootfs are on separated UBIs.
 CI_UBIPART="${CI_UBIPART:-ubi}"

-# 'rootfs' UBI volume on NAND contains the rootfs
+# 'rootfs' partition on NAND contains the rootfs
 CI_ROOTPART="${CI_ROOTPART:-rootfs}"

 ubi_mknod() {
@@ -28,7 +26,7 @@ ubi_mknod() {

 nand_find_volume() {
 	local ubidevdir ubivoldir
-	ubidevdir="/sys/class/ubi/"
+	ubidevdir="/sys/devices/virtual/ubi/$1"
 	[ ! -d "$ubidevdir" ] && return 1
 	for ubivoldir in $ubidevdir/${1}_*; do
 		[ ! -d "$ubivoldir" ] && continue
@@ -41,12 +39,13 @@ nand_find_volume() {
 }

 nand_find_ubi() {
-	local ubidevdir ubidev mtdnum cmtdnum
+	local ubidevdir ubidev mtdnum
 	mtdnum="$( find_mtd_index $1 )"
 	[ ! "$mtdnum" ] && return 1
-	for ubidevdir in /sys/class/ubi/ubi*; do
-		[ ! -e "$ubidevdir/mtd_num" ] && continue
+	for ubidevdir in /sys/devices/virtual/ubi/ubi*; do
+		[ ! -d "$ubidevdir" ] && continue
 		cmtdnum="$( cat $ubidevdir/mtd_num )"
+		[ ! "$mtdnum" ] && continue
 		if [ "$mtdnum" = "$cmtdnum" ]; then
 			ubidev=$( basename $ubidevdir )
 			ubi_mknod "$ubidevdir"
@@ -57,400 +56,248 @@ nand_find_ubi() {
 }

 nand_get_magic_long() {
-	(${3}cat "$1" | dd bs=4 "skip=${2:-0}" count=1 | hexdump -v -n 4 -e '1/1 "%02x"') 2> /dev/null
+	dd if="$1" skip=$2 bs=4 count=1 2>/dev/null | hexdump -v -n 4 -e '1/1 "%02x"'
 }

 get_magic_long_tar() {
-	(tar xO${3}f "$1" "$2" | dd bs=4 count=1 | hexdump -v -n 4 -e '1/1 "%02x"') 2> /dev/null
+	( tar xf $1 $2 -O | dd bs=4 count=1 | hexdump -v -n 4 -e '1/1 "%02x"') 2> /dev/null
 }

+identify_magic() {
+	local magic=$1
+	case "$magic" in
+		"55424923")
+			echo "ubi"
+			;;
+		"31181006")
+			echo "ubifs"
+			;;
+		"68737173")
+			echo "squashfs"
+			;;
+		"d00dfeed")
+			echo "fit"
+			;;
+		"4349"*)
+			echo "combined"
+			;;
+		*)
+			echo "unknown $magic"
+			;;
+	esac
+}
+
+
 identify() {
-	identify_magic_long $(nand_get_magic_long "$@")
+	identify_magic $(nand_get_magic_long "$1" "${2:-0}")
 }

 identify_tar() {
-	identify_magic_long $(get_magic_long_tar "$@")
-}
-
-identify_if_gzip() {
-	if [ "$(identify "$1")" = gzip ]; then echo -n z; fi
+	identify_magic $(get_magic_long_tar "$1" "$2")
 }

 nand_restore_config() {
-	local ubidev=$( nand_find_ubi "${CI_ROOT_UBIPART:-$CI_UBIPART}" )
+	sync
+	local ubidev=$( nand_find_ubi $CI_UBIPART )
 	local ubivol="$( nand_find_volume $ubidev rootfs_data )"
-	if [ ! "$ubivol" ]; then
-		ubivol="$( nand_find_volume $ubidev "$CI_ROOTPART" )"
-		if [ ! "$ubivol" ]; then
-			echo "cannot find ubifs data volume"
-			return 1
-		fi
-	fi
+	[ ! "$ubivol" ] &&
+		ubivol="$( nand_find_volume $ubidev $CI_ROOTPART )"
 	mkdir /tmp/new_root
 	if ! mount -t ubifs /dev/$ubivol /tmp/new_root; then
-		echo "cannot mount ubifs volume $ubivol"
+		echo "mounting ubifs $ubivol failed"
 		rmdir /tmp/new_root
 		return 1
 	fi
-	if mv "$1" "/tmp/new_root/$BACKUP_FILE"; then
-		if umount /tmp/new_root; then
-			echo "configuration saved"
-			rmdir /tmp/new_root
-			return 0
-		fi
-	else
-		umount /tmp/new_root
-	fi
-	echo "could not save configuration to ubifs volume $ubivol"
+	mv "$1" "/tmp/new_root/$BACKUP_FILE"
+	umount /tmp/new_root
+	sync
 	rmdir /tmp/new_root
-	return 1
-}
-
-nand_remove_ubiblock() {
-	local ubivol="$1"
-
-	local ubiblk="ubiblock${ubivol:3}"
-	if [ -e "/dev/$ubiblk" ]; then
-		umount "/dev/$ubiblk" && echo "unmounted /dev/$ubiblk" || :
-		if ! ubiblock -r "/dev/$ubivol"; then
-			echo "cannot remove $ubiblk"
-			return 1
-		fi
-	fi
-}
-
-nand_attach_ubi() {
-	local ubipart="$1"
-	local has_env="${2:-0}"
-
-	local mtdnum="$( find_mtd_index "$ubipart" )"
-	if [ ! "$mtdnum" ]; then
-		>&2 echo "cannot find ubi mtd partition $ubipart"
-		return 1
-	fi
-
-	local ubidev="$( nand_find_ubi "$ubipart" )"
-	if [ ! "$ubidev" ]; then
-		>&2 ubiattach -m "$mtdnum"
-		ubidev="$( nand_find_ubi "$ubipart" )"
-
-		if [ ! "$ubidev" ]; then
-			>&2 ubiformat /dev/mtd$mtdnum -y
-			>&2 ubiattach -m "$mtdnum"
-			ubidev="$( nand_find_ubi "$ubipart" )"
-
-			if [ ! "$ubidev" ]; then
-				>&2 echo "cannot attach ubi mtd partition $ubipart"
-				return 1
-			fi
-
-			if [ "$has_env" -gt 0 ]; then
-				>&2 ubimkvol /dev/$ubidev -n 0 -N ubootenv -s 1MiB
-				>&2 ubimkvol /dev/$ubidev -n 1 -N ubootenv2 -s 1MiB
-			fi
-		fi
-	fi
-
-	echo "$ubidev"
-	return 0
-}
-
-nand_detach_ubi() {
-	local ubipart="$1"
-
-	local mtdnum="$( find_mtd_index "$ubipart" )"
-	if [ ! "$mtdnum" ]; then
-		echo "cannot find ubi mtd partition $ubipart"
-		return 1
-	fi
-
-	local ubidev="$( nand_find_ubi "$ubipart" )"
-	if [ "$ubidev" ]; then
-		for ubivol in $(find /dev -name "${ubidev}_*" -maxdepth 1 | sort); do
-			ubivol="${ubivol:5}"
-			nand_remove_ubiblock "$ubivol" || :
-			umount "/dev/$ubivol" && echo "unmounted /dev/$ubivol" || :
-		done
-		if ! ubidetach -m "$mtdnum"; then
-			echo "cannot detach ubi mtd partition $ubipart"
-			return 1
-		fi
-	fi
 }

 nand_upgrade_prepare_ubi() {
 	local rootfs_length="$1"
 	local rootfs_type="$2"
-	local rootfs_data_max="$(fw_printenv -n rootfs_data_max 2> /dev/null)"
-	[ -n "$rootfs_data_max" ] && rootfs_data_max=$((rootfs_data_max))
-
-	local kernel_length="$3"
+	local has_kernel="${3:-0}"
 	local has_env="${4:-0}"
-	local kern_ubidev
-	local root_ubidev

-	[ -n "$rootfs_length" -o -n "$kernel_length" ] || return 1
-
-	if [ -n "$CI_KERN_UBIPART" -a -n "$CI_ROOT_UBIPART" ]; then
-		kern_ubidev="$( nand_attach_ubi "$CI_KERN_UBIPART" "$has_env" )"
-		[ -n "$kern_ubidev" ] || return 1
-		root_ubidev="$( nand_attach_ubi "$CI_ROOT_UBIPART" )"
-		[ -n "$root_ubidev" ] || return 1
-	else
-		kern_ubidev="$( nand_attach_ubi "$CI_UBIPART" "$has_env" )"
-		[ -n "$kern_ubidev" ] || return 1
-		root_ubidev="$kern_ubidev"
+	local mtdnum="$( find_mtd_index "$CI_UBIPART" )"
+	if [ ! "$mtdnum" ]; then
+		echo "cannot find ubi mtd partition $CI_UBIPART"
+		return 1
 	fi

-	local kern_ubivol="$( nand_find_volume $kern_ubidev "$CI_KERNPART" )"
-	local root_ubivol="$( nand_find_volume $root_ubidev "$CI_ROOTPART" )"
-	local data_ubivol="$( nand_find_volume $root_ubidev rootfs_data )"
-	[ "$root_ubivol" = "$kern_ubivol" ] && root_ubivol=
+	local ubidev="$( nand_find_ubi "$CI_UBIPART" )"
+	if [ ! "$ubidev" ]; then
+		ubiattach -m "$mtdnum"
+		sync
+		ubidev="$( nand_find_ubi "$CI_UBIPART" )"
+	fi

-	# remove ubiblocks
-	[ "$kern_ubivol" ] && { nand_remove_ubiblock $kern_ubivol || return 1; }
-	[ "$root_ubivol" ] && { nand_remove_ubiblock $root_ubivol || return 1; }
-	[ "$data_ubivol" ] && { nand_remove_ubiblock $data_ubivol || return 1; }
+	if [ ! "$ubidev" ]; then
+		ubiformat /dev/mtd$mtdnum -y
+		ubiattach -m "$mtdnum"
+		sync
+		ubidev="$( nand_find_ubi "$CI_UBIPART" )"
+		[ "$has_env" -gt 0 ] && {
+			ubimkvol /dev/$ubidev -n 0 -N ubootenv -s 1MiB
+			ubimkvol /dev/$ubidev -n 1 -N ubootenv2 -s 1MiB
+		}
+	fi
+
+	local kern_ubivol="$( nand_find_volume $ubidev $CI_KERNPART )"
+	local root_ubivol="$( nand_find_volume $ubidev $CI_ROOTPART )"
+	local data_ubivol="$( nand_find_volume $ubidev rootfs_data )"
+
+	# remove ubiblock device of rootfs
+	local root_ubiblk="ubiblock${root_ubivol:3}"
+	if [ "$root_ubivol" -a -e "/dev/$root_ubiblk" ]; then
+		echo "removing $root_ubiblk"
+		if ! ubiblock -r /dev/$root_ubivol; then
+			echo "cannot remove $root_ubiblk"
+			return 1;
+		fi
+	fi

 	# kill volumes
-	[ "$kern_ubivol" ] && ubirmvol /dev/$kern_ubidev -N "$CI_KERNPART" || :
-	[ "$root_ubivol" ] && ubirmvol /dev/$root_ubidev -N "$CI_ROOTPART" || :
-	[ "$data_ubivol" ] && ubirmvol /dev/$root_ubidev -N rootfs_data || :
+	[ "$kern_ubivol" ] && ubirmvol /dev/$ubidev -N $CI_KERNPART || true
+	[ "$root_ubivol" ] && ubirmvol /dev/$ubidev -N $CI_ROOTPART || true
+	[ "$data_ubivol" ] && ubirmvol /dev/$ubidev -N rootfs_data || true

-	# create kernel vol
-	if [ -n "$kernel_length" ]; then
-		if ! ubimkvol /dev/$kern_ubidev -N "$CI_KERNPART" -s $kernel_length; then
+	# update kernel
+	if [ "$has_kernel" = "1" ]; then
+		if ! ubimkvol /dev/$ubidev -N $CI_KERNPART -s $kernel_length; then
 			echo "cannot create kernel volume"
 			return 1;
 		fi
 	fi

-	# create rootfs vol
-	if [ -n "$rootfs_length" ]; then
-		local rootfs_size_param
-		if [ "$rootfs_type" = "ubifs" ]; then
-			rootfs_size_param="-m"
-		else
-			rootfs_size_param="-s $rootfs_length"
-		fi
-		if ! ubimkvol /dev/$root_ubidev -N "$CI_ROOTPART" $rootfs_size_param; then
-			echo "cannot create rootfs volume"
-			return 1;
-		fi
+	# update rootfs
+	local root_size_param
+	if [ "$rootfs_type" = "ubifs" ]; then
+		root_size_param="-m"
+	else
+		root_size_param="-s $rootfs_length"
+	fi
+	if ! ubimkvol /dev/$ubidev -N $CI_ROOTPART $root_size_param; then
+		echo "cannot create rootfs volume"
+		return 1;
 	fi

-	# create rootfs_data vol for non-ubifs rootfs
+	# create rootfs_data for non-ubifs rootfs
 	if [ "$rootfs_type" != "ubifs" ]; then
-		local rootfs_data_size_param="-m"
-		if [ -n "$rootfs_data_max" ]; then
-			rootfs_data_size_param="-s $rootfs_data_max"
-		fi
-		if ! ubimkvol /dev/$root_ubidev -N rootfs_data $rootfs_data_size_param; then
-			if ! ubimkvol /dev/$root_ubidev -N rootfs_data -m; then
-				echo "cannot initialize rootfs_data volume"
-				return 1
-			fi
-		fi
-	fi
-
-	return 0
-}
-
-# Write the UBI image to MTD ubi partition
-nand_upgrade_ubinized() {
-	local ubi_file="$1"
-	local gz="$2"
-
-	local ubi_length=$( (${gz}cat "$ubi_file" | wc -c) 2> /dev/null)
-
-	nand_detach_ubi "$CI_UBIPART" || return 1
-
-	local mtdnum="$( find_mtd_index "$CI_UBIPART" )"
-	${gz}cat "$ubi_file" | ubiformat "/dev/mtd$mtdnum" -S "$ubi_length" -y -f - && ubiattach -m "$mtdnum"
-}
-
-# Write the UBIFS image to UBI rootfs volume
-nand_upgrade_ubifs() {
-	local ubifs_file="$1"
-	local gz="$2"
-
-	local ubifs_length=$( (${gz}cat "$ubifs_file" | wc -c) 2> /dev/null)
-
-	nand_upgrade_prepare_ubi "$ubifs_length" "ubifs" "" "" || return 1
-
-	local ubidev="$( nand_find_ubi "$CI_UBIPART" )"
-	local root_ubivol="$(nand_find_volume $ubidev "$CI_ROOTPART")"
-	${gz}cat "$ubifs_file" | ubiupdatevol /dev/$root_ubivol -s "$ubifs_length" -
-}
-
-# Write the FIT image to UBI kernel volume
-nand_upgrade_fit() {
-	local fit_file="$1"
-	local gz="$2"
-
-	local fit_length=$( (${gz}cat "$fit_file" | wc -c) 2> /dev/null)
-
-	nand_upgrade_prepare_ubi "" "" "$fit_length" "1" || return 1
-
-	local fit_ubidev="$(nand_find_ubi "$CI_UBIPART")"
-	local fit_ubivol="$(nand_find_volume $fit_ubidev "$CI_KERNPART")"
-	${gz}cat "$fit_file" | ubiupdatevol /dev/$fit_ubivol -s "$fit_length" -
-}
-
-# Write images in the TAR file to MTD partitions and/or UBI volumes as required
-nand_upgrade_tar() {
-	local tar_file="$1"
-	local gz="$2"
-	local jffs2_markers="${CI_JFFS2_CLEAN_MARKERS:-0}"
-
-	# WARNING: This fails if tar contains more than one 'sysupgrade-*' directory.
-	local board_dir="$(tar t${gz}f "$tar_file" | grep -m 1 '^sysupgrade-.*/$')"
-	board_dir="${board_dir%/}"
-
-	local kernel_mtd kernel_length
-	if [ "$CI_KERNPART" != "none" ]; then
-		kernel_mtd="$(find_mtd_index "$CI_KERNPART")"
-		kernel_length=$( (tar xO${gz}f "$tar_file" "$board_dir/kernel" | wc -c) 2> /dev/null)
-		[ "$kernel_length" = 0 ] && kernel_length=
-	fi
-	local rootfs_length=$( (tar xO${gz}f "$tar_file" "$board_dir/root" | wc -c) 2> /dev/null)
-	[ "$rootfs_length" = 0 ] && rootfs_length=
-	local rootfs_type
-	[ "$rootfs_length" ] && rootfs_type="$(identify_tar "$tar_file" "$board_dir/root" "$gz")"
-
-	local ubi_kernel_length
-	if [ "$kernel_length" ]; then
-		if [ "$kernel_mtd" ]; then
-			# On some devices, the raw kernel and ubi partitions overlap.
-			# These devices brick if the kernel partition is erased.
-			# Hence only invalidate kernel for now.
-			dd if=/dev/zero bs=4096 count=1 2> /dev/null | \
-				mtd write - "$CI_KERNPART"
-		else
-			ubi_kernel_length="$kernel_length"
-		fi
-	fi
-
-	local has_env=0
-	nand_upgrade_prepare_ubi "$rootfs_length" "$rootfs_type" "$ubi_kernel_length" "$has_env" || return 1
-
-	if [ "$rootfs_length" ]; then
-		local ubidev="$( nand_find_ubi "${CI_ROOT_UBIPART:-$CI_UBIPART}" )"
-		local root_ubivol="$( nand_find_volume $ubidev "$CI_ROOTPART" )"
-		tar xO${gz}f "$tar_file" "$board_dir/root" | \
-			ubiupdatevol /dev/$root_ubivol -s "$rootfs_length" -
-	fi
-	if [ "$kernel_length" ]; then
-		if [ "$kernel_mtd" ]; then
-			if [ "$jffs2_markers" = 1 ]; then
-				flash_erase -j "/dev/mtd${kernel_mtd}" 0 0
-				tar xO${gz}f "$tar_file" "$board_dir/kernel" | \
-					nandwrite "/dev/mtd${kernel_mtd}" -
-			else
-				tar xO${gz}f "$tar_file" "$board_dir/kernel" | \
-					mtd write - "$CI_KERNPART"
-			fi
-		else
-			local ubidev="$( nand_find_ubi "${CI_KERN_UBIPART:-$CI_UBIPART}" )"
-			local kern_ubivol="$( nand_find_volume $ubidev "$CI_KERNPART" )"
-			tar xO${gz}f "$tar_file" "$board_dir/kernel" | \
-				ubiupdatevol /dev/$kern_ubivol -s "$kernel_length" -
-		fi
-	fi
-
-	return 0
-}
-
-nand_verify_if_gzip_file() {
-	local file="$1"
-	local gz="$2"
-
-	if [ "$gz" = z ]; then
-		echo "verifying compressed sysupgrade file integrity"
-		if ! gzip -t "$file"; then
-			echo "corrupted compressed sysupgrade file"
+		if ! ubimkvol /dev/$ubidev -N rootfs_data -m; then
+			echo "cannot initialize rootfs_data volume"
 			return 1
 		fi
 	fi
-}
-
-nand_verify_tar_file() {
-	local file="$1"
-	local gz="$2"
-
-	echo "verifying sysupgrade tar file integrity"
-	if ! tar xO${gz}f "$file" > /dev/null; then
-		echo "corrupted sysupgrade tar file"
-		return 1
-	fi
-}
-
-nand_do_flash_file() {
-	local file="$1"
-
-	local gz="$(identify_if_gzip "$file")"
-	local file_type="$(identify "$file" "" "$gz")"
-
-	[ ! "$(find_mtd_index "$CI_UBIPART")" ] && CI_UBIPART=rootfs
-
-	case "$file_type" in
-		"fit")
-			nand_verify_if_gzip_file "$file" "$gz" || return 1
-			nand_upgrade_fit "$file" "$gz"
-			;;
-		"ubi")
-			nand_verify_if_gzip_file "$file" "$gz" || return 1
-			nand_upgrade_ubinized "$file" "$gz"
-			;;
-		"ubifs")
-			nand_verify_if_gzip_file "$file" "$gz" || return 1
-			nand_upgrade_ubifs "$file" "$gz"
-			;;
-		*)
-			nand_verify_tar_file "$file" "$gz" || return 1
-			nand_upgrade_tar "$file" "$gz"
-			;;
-	esac
-}
-
-nand_do_restore_config() {
-	local conf_tar="/tmp/sysupgrade.tgz"
-	[ ! -f "$conf_tar" ] || nand_restore_config "$conf_tar"
-}
-
-# Recognize type of passed file and start the upgrade process
-nand_do_upgrade() {
-	local file="$1"
-
 	sync
-	nand_do_flash_file "$file" && nand_do_upgrade_success
-	nand_do_upgrade_failed
+	return 0
 }

 nand_do_upgrade_success() {
-	if nand_do_restore_config && sync; then
-		echo "sysupgrade successful"
-		umount -a
-		reboot -f
-	fi
-	nand_do_upgrade_failed
-}
+	local conf_tar="/tmp/sysupgrade.tgz"

-nand_do_upgrade_failed() {
 	sync
-	echo "sysupgrade failed"
-	# Should we reboot or bring up some failsafe mode instead?
+	[ -f "$conf_tar" ] && nand_restore_config "$conf_tar"
+	echo "sysupgrade successful"
 	umount -a
 	reboot -f
 }

-# Check if passed file is a valid one for NAND sysupgrade.
-# Currently it accepts 4 types of files:
-# 1) UBI: a ubinized image containing required UBI volumes.
-# 2) UBIFS: a UBIFS rootfs volume image.
-# 3) FIT: a FIT image containing kernel and rootfs.
-# 4) TAR: an archive that includes directory "sysupgrade-${BOARD_NAME}" containing
-#         a non-empty "CONTROL" file and required partition and/or volume images.
+# Flash the UBI image to MTD partition
+nand_upgrade_ubinized() {
+	local ubi_file="$1"
+	local mtdnum="$(find_mtd_index "$CI_UBIPART")"
+
+	[ ! "$mtdnum" ] && {
+		CI_UBIPART="rootfs"
+		mtdnum="$(find_mtd_index "$CI_UBIPART")"
+	}
+
+	if [ ! "$mtdnum" ]; then
+		echo "cannot find mtd device $CI_UBIPART"
+		umount -a
+		reboot -f
+	fi
+
+	local mtddev="/dev/mtd${mtdnum}"
+	ubidetach -p "${mtddev}" || true
+	sync
+	ubiformat "${mtddev}" -y -f "${ubi_file}"
+	ubiattach -p "${mtddev}"
+	nand_do_upgrade_success
+}
+
+# Write the UBIFS image to UBI volume
+nand_upgrade_ubifs() {
+	local rootfs_length=$( (cat $1 | wc -c) 2> /dev/null)
+
+	nand_upgrade_prepare_ubi "$rootfs_length" "ubifs" "0" "0"
+
+	local ubidev="$( nand_find_ubi "$CI_UBIPART" )"
+	local root_ubivol="$(nand_find_volume $ubidev $CI_ROOTPART)"
+	ubiupdatevol /dev/$root_ubivol -s $rootfs_length $1
+
+	nand_do_upgrade_success
+}
+
+nand_upgrade_tar() {
+	local tar_file="$1"
+	local kernel_mtd="$(find_mtd_index $CI_KERNPART)"
+
+	local board_dir=$(tar tf $tar_file | grep -m 1 '^sysupgrade-.*/$')
+	board_dir=${board_dir%/}
+
+	local kernel_length=$( (tar xf $tar_file ${board_dir}/kernel -O | wc -c) 2> /dev/null)
+	local rootfs_length=$( (tar xf $tar_file ${board_dir}/root -O | wc -c) 2> /dev/null)
+
+	local rootfs_type="$(identify_tar "$tar_file" ${board_dir}/root)"
+
+	local has_kernel=1
+	local has_env=0
+
+	[ "$kernel_length" != 0 -a -n "$kernel_mtd" ] && {
+		tar xf $tar_file ${board_dir}/kernel -O | mtd write - $CI_KERNPART
+	}
+	[ "$kernel_length" = 0 -o ! -z "$kernel_mtd" ] && has_kernel=0
+
+	nand_upgrade_prepare_ubi "$rootfs_length" "$rootfs_type" "$has_kernel" "$has_env"
+
+	local ubidev="$( nand_find_ubi "$CI_UBIPART" )"
+	[ "$has_kernel" = "1" ] && {
+		local kern_ubivol="$(nand_find_volume $ubidev $CI_KERNPART)"
+		tar xf $tar_file ${board_dir}/kernel -O | \
+			ubiupdatevol /dev/$kern_ubivol -s $kernel_length -
+	}
+
+	local root_ubivol="$(nand_find_volume $ubidev $CI_ROOTPART)"
+	tar xf $tar_file ${board_dir}/root -O | \
+		ubiupdatevol /dev/$root_ubivol -s $rootfs_length -
+
+	nand_do_upgrade_success
+}
+
+# Recognize type of passed file and start the upgrade process
+nand_do_upgrade() {
+	local file_type=$(identify $1)
+
+	[ ! "$(find_mtd_index "$CI_UBIPART")" ] && CI_UBIPART="rootfs"
+
+	case "$file_type" in
+		"ubi")		nand_upgrade_ubinized $1;;
+		"ubifs")	nand_upgrade_ubifs $1;;
+		*)		nand_upgrade_tar $1;;
+	esac
+}
+
+# Check if passed file is a valid one for NAND sysupgrade. Currently it accepts
+# 3 types of files:
+# 1) UBI - should contain an ubinized image, header is checked for the proper
+#    MAGIC
+# 2) UBIFS - should contain UBIFS partition that will replace "rootfs" volume,
+#    header is checked for the proper MAGIC
+# 3) TAR - archive has to include "sysupgrade-BOARD" directory with a non-empty
+#    "CONTROL" file (at this point its content isn't verified)
 #
 # You usually want to call this function in platform_check_image.
 #
@@ -458,25 +305,14 @@ nand_do_upgrade_failed() {
 # $(2): file to be checked
 nand_do_platform_check() {
 	local board_name="$1"
-	local file="$2"
+	local tar_file="$2"
+	local control_length=$( (tar xf $tar_file sysupgrade-$board_name/CONTROL -O | wc -c) 2> /dev/null)
+	local file_type="$(identify $2)"

-	local gz="$(identify_if_gzip "$file")"
-	local file_type="$(identify "$file" "" "$gz")"
-	local control_length=$( (tar xO${gz}f "$file" "sysupgrade-${board_name//,/_}/CONTROL" | wc -c) 2> /dev/null)
-
-	if [ "$control_length" = 0 ]; then
-		control_length=$( (tar xO${gz}f "$file" "sysupgrade-${board_name//_/,}/CONTROL" | wc -c) 2> /dev/null)
-	fi
-
-	if [ "$control_length" != 0 ]; then
-		nand_verify_tar_file "$file" "$gz" || return 1
-	else
-		nand_verify_if_gzip_file "$file" "$gz" || return 1
-		if [ "$file_type" != "fit" -a "$file_type" != "ubi" -a "$file_type" != "ubifs" ]; then
-			echo "invalid sysupgrade file"
-			return 1
-		fi
-	fi
+	[ "$control_length" = 0 -a "$file_type" != "ubi" -a "$file_type" != "ubifs" ] && {
+		echo "Invalid sysupgrade file."
+		return 1
+	}

 	return 0
 }
--- a/package/base-files/files/lib/upgrade/stage2
+++ b/package/base-files/files/lib/upgrade/stage2
@@ -33,32 +33,22 @@ supivot() { # <new_root> <old_root>
 }

 switch_to_ramfs() {
-	RAMFS_COPY_LOSETUP="$(command -v /usr/sbin/losetup)"
-	RAMFS_COPY_LVM="$(command -v lvm)"
-
 	for binary in \
 		/bin/busybox /bin/ash /bin/sh /bin/mount /bin/umount	\
 		pivot_root mount_root reboot sync kill sleep		\
-		md5sum hexdump cat zcat dd tar gzip			\
+		md5sum hexdump cat zcat bzcat dd tar			\
 		ls basename find cp mv rm mkdir rmdir mknod touch chmod \
-		'[' printf wc grep awk sed cut sort tail		\
+		'[' printf wc grep awk sed cut				\
 		mtd partx losetup mkfs.ext4 nandwrite flash_erase	\
 		ubiupdatevol ubiattach ubiblock ubiformat		\
 		ubidetach ubirsvol ubirmvol ubimkvol			\
-		snapshot snapshot_tool date logger			\
-		/usr/sbin/fw_printenv /usr/bin/fwtool			\
-		$RAMFS_COPY_LOSETUP $RAMFS_COPY_LVM			\
+		snapshot snapshot_tool date				\
 		$RAMFS_COPY_BIN
 	do
 		local file="$(command -v "$binary" 2>/dev/null)"
 		[ -n "$file" ] && install_bin "$file"
 	done
-	install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh	\
-		/lib/upgrade/*.sh /lib/upgrade/do_stage2 		\
-		/usr/share/libubox/jshn.sh /usr/sbin/fw_setenv		\
-		/etc/fw_env.config $RAMFS_COPY_DATA
-
-	mkdir -p $RAM_ROOT/var/lock
+	install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh /lib/upgrade/*.sh /lib/upgrade/do_stage2 /usr/share/libubox/jshn.sh $RAMFS_COPY_DATA

 	[ -L "/lib64" ] && ln -s /lib $RAM_ROOT/lib64

@@ -70,16 +60,6 @@ switch_to_ramfs() {
 	/bin/mount -o remount,ro /mnt
 	/bin/umount -l /mnt

-	grep -e "^/dev/dm-.*" -e "^/dev/loop.*" /proc/mounts | while read bdev mp _r; do
-		umount $mp
-	done
-
-	[ "$RAMFS_COPY_LOSETUP" ] && losetup -D
-	[ "$RAMFS_COPY_LVM" ] && {
-		mkdir -p /tmp/lvm/cache
-		$RAMFS_COPY_LVM vgchange -aln --ignorelockingfailure
-	}
-
 	grep /overlay /proc/mounts > /dev/null && {
 		/bin/mount -o noatime,remount,ro /overlay
 		/bin/umount -l /overlay
@@ -95,7 +75,7 @@ kill_remaining() { # [ <signal> [ <loop> ] ]
 	local stat
 	local proc_ppid=$(cut -d' ' -f4  /proc/$$/stat)

-	v "Sending $sig to remaining processes ..."
+	vn "Sending $sig to remaining processes ..."

 	while $run; do
 		run=false
@@ -103,62 +83,45 @@ kill_remaining() { # [ <signal> [ <loop> ] ]
 			[ -f "$stat" ] || continue

 			local pid name state ppid rest
-			read pid rest < $stat
-			name="${rest#\(}" ; rest="${name##*\) }" ; name="${name%\)*}"
-			set -- $rest ; state="$1" ; ppid="$2"
+			read pid name state ppid rest < $stat
+			name="${name#(}"; name="${name%)}"

 			# Skip PID1, our parent, ourself and our children
 			[ $pid -ne 1 -a $pid -ne $proc_ppid -a $pid -ne $$ -a $ppid -ne $$ ] || continue

-			[ -f "/proc/$pid/cmdline" ] || continue
-
 			local cmdline
 			read cmdline < /proc/$pid/cmdline

 			# Skip kernel threads
 			[ -n "$cmdline" ] || continue

-			v "Sending signal $sig to $name ($pid)"
+			_vn " $name"
 			kill -$sig $pid 2>/dev/null

-			[ $loop -eq 1 ] && sleep 2 && run=true
+			[ $loop -eq 1 ] && run=true
 		done

 		let loop_limit--
 		[ $loop_limit -eq 0 ] && {
+			_v
 			v "Failed to kill all processes."
 			exit 1
 		}
 	done
+	_v
 }

 indicate_upgrade

-while read -r a b c; do
-	case "$a" in
-		MemT*) mem="$b" ;; esac
-done < /proc/meminfo
-
-[ "$mem" -gt 32768 ] && \
-	skip_services="dnsmasq log network"
-for service in /etc/init.d/*; do
-	service=${service##*/}
-
-	case " $skip_services " in
-		*" $service "*) continue ;; esac
-
-	ubus call service delete '{ "name": "'"$service"'" }' 2>/dev/null
-done
-
-killall -9 telnetd 2>/dev/null
-killall -9 dropbear 2>/dev/null
-killall -9 ash 2>/dev/null
+killall -9 telnetd
+killall -9 dropbear
+killall -9 ash

 kill_remaining TERM
-sleep 4
+sleep 3
 kill_remaining KILL 1

-sleep 6
+sleep 1

 echo 3 > /proc/sys/vm/drop_caches

--- a/package/base-files/files/sbin/sysupgrade
+++ b/package/base-files/files/sbin/sysupgrade
@@ -19,7 +19,6 @@ export CONF_IMAGE=
 export CONF_BACKUP_LIST=0
 export CONF_BACKUP=
 export CONF_RESTORE=
-export IGNORE_MINOR_COMPAT=0
 export NEED_IMAGE=
 export HELP=0
 export FORCE=0
@@ -45,7 +44,6 @@ while [ -n "$1" ]; do
 		-F|--force) export FORCE=1;;
 		-T|--test) export TEST=1;;
 		-h|--help) export HELP=1; break;;
-		--ignore-minor-compat-version) export IGNORE_MINOR_COMPAT=1;;
 		-*)
 			echo "Invalid option: $1" >&2
 			exit 1
@@ -82,8 +80,6 @@ upgrade-option:
 	             Verify image and config .tar.gz but do not actually flash.
 	-F | --force
 	             Flash image even if image checks fail, this is dangerous!
-	--ignore-minor-compat-version
-		     Flash image even if the minor compat version is incompatible.
 	-q           less verbose
 	-v           more verbose
 	-h | --help  display this help
--- a/package/base-files/files/sbin/wifi
+++ b/package/base-files/files/sbin/wifi
@@ -6,7 +6,7 @@

 usage() {
 	cat <<EOF
-Usage: $0 [config|up|down|reconf|reload|status|isup]
+Usage: $0 [config|up|down|reconf|reload|status]
 enables (default), disables or configures devices not yet configured.
 EOF
 	exit 1
@@ -17,24 +17,8 @@ ubus_wifi_cmd() {
 	local dev="$2"

 	json_init
-	[ -n "$dev" ] && json_add_string device "$dev"
-	ubus call network.wireless "$cmd" "$(json_dump)"
-}
-
-wifi_isup() {
-	local dev="$1"
-
-	json_load "$(ubus_wifi_cmd "status" "$dev")"
-	json_get_keys devices
-
-	for device in $devices; do
-		json_select "$device"
-			json_get_var up up
-			[ $up -eq 0 ] && return 1
-		json_select ..
-	done
-
-	return 0
+	[ -n "$2" ] && json_add_string device "$2"
+	ubus call network.wireless "$1" "$(json_dump)"
 }

 find_net_config() {(
@@ -144,12 +128,10 @@ wifi_updown() {
 	[ enable = "$1" ] && {
 		_wifi_updown disable "$2"
 		ubus_wifi_cmd "$cmd" "$2"
-		ubus call network reload
 		scan_wifi
 		cmd=up
 	}
 	[ reconf = "$1" ] && {
-		ubus call network reload
 		scan_wifi
 		cmd=reconf
 	}
@@ -261,11 +243,10 @@ case "$1" in
 	detect) wifi_detect_notice ;;
 	config) wifi_config ;;
 	status) ubus_wifi_cmd "status" "$2";;
-	isup) wifi_isup "$2"; exit $?;;
 	reload) wifi_reload "$2";;
 	reload_legacy) wifi_reload_legacy "$2";;
 	--help|help) usage;;
-	reconf) wifi_updown "reconf" "$2";;
-	''|up) wifi_updown "enable" "$2";;
+	reconf) ubus call network reload; wifi_updown "reconf" "$2";;
+	''|up) ubus call network reload; wifi_updown "enable" "$2";;
 	*) usage; exit 1;;
 esac
--- a/Show More
+++ b/Show More