Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
Next revisionBoth sides next revision
releases:21.02:notes-21.02.0-rc1 [2021/04/23 22:29] – some updates to documentation haukereleases:21.02:notes-21.02.0-rc1 [2021/04/27 15:19] – [Increased minimum hardware requirements: 8 MB flash, 64 MB RAM] zorun
Line 1: Line 1:
-====== OpenWrt 21.02.0-rc1 - First Release Candidate - 21 April 2021 ======+====== OpenWrt 21.02.0-rc1 - First Release Candidate - 26 April 2021 ======
  
 <code> <code>
Line 13: Line 13:
  
 /* Uncomment when the release is still work-in-progress */ /* Uncomment when the release is still work-in-progress */
-{{page>meta:infobox:attention_wiprelease&noheader&nofooter&noeditbtn}}+/* {{page>meta:infobox:attention_wiprelease&noheader&nofooter&noeditbtn}} */
  
 The OpenWrt Project is a Linux operating system targeting embedded devices.   The OpenWrt Project is a Linux operating system targeting embedded devices.  
Line 25: Line 25:
 the help of the sysupgrade utility which will also attempt to preserve the  the help of the sysupgrade utility which will also attempt to preserve the 
 configuration. A configuration backup is advised nonetheless when upgrading to  configuration. A configuration backup is advised nonetheless when upgrading to 
-OpenWrt 21.02.+OpenWrt 21.02. (see "Upgrading" below). 
 + 
 +Get OpenWrt Firmware at: https://downloads.openwrt.org/releases/21.02.0-rc1/
  
-Get OpenWrt Firmware at: https://downloads.openwrt.org/releases/ 
  
 ===== Highlights in OpenWrt 21.02.0-rc1 =====  ===== Highlights in OpenWrt 21.02.0-rc1 ===== 
Line 49: Line 50:
  
 TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that ''wget'' and ''opkg'' now support fetching resources over HTTPS out-of-the-box. TLS support is now provided by default in OpenWrt images including the trusted CA certificates from Mozilla. It means that ''wget'' and ''opkg'' now support fetching resources over HTTPS out-of-the-box.
-''opkg'' will use a https to update packages by default.+The ''opkg'' download server is accessed through HTTPS by default
 +OpenWrt switched from mbed TLS to wolfSSL as the default SSL library, mbed TLS and OpenSSL are still available and can be installed manually
  
 /* LuCI does not use https by default */ /* LuCI does not use https by default */
Line 62: Line 64:
 This is a significant change to how switch ports and VLANs are managed. As such, sysupgrade will not be able to convert existing ''swconfig'' configuration to DSA configuration (see "Upgrading" below). This is a significant change to how switch ports and VLANs are managed. As such, sysupgrade will not be able to convert existing ''swconfig'' configuration to DSA configuration (see "Upgrading" below).
  
-FIXME: add link to OpenWrt DSA documentation+/* FIXME: add link to OpenWrt DSA documentation */ 
 + 
 +The following targets are using a switch managed with DSA in OpenWrt 21.02: 
 +  * [[:docs:techref:targets:ath79]] (only TP-Link TL-WR941ND) 
 +  * [[:docs:techref:targets:bcm4908]] 
 +  * [[:docs:techref:targets:gemini]] 
 +  * [[:docs:techref:targets:kirkwood]] 
 +  * [[:docs:techref:targets:mediatek]] (most boards) 
 +  * [[:docs:techref:targets:mvebu]] 
 +  * [[:docs:techref:targets:octeon]] 
 +  * [[:docs:techref:targets:ramips]] (mt7621 subtarget only) 
 +  * [[:docs:techref:targets:realtek]]
  
 ==== Increased minimum hardware requirements: 8 MB flash, 64 MB RAM ==== ==== Increased minimum hardware requirements: 8 MB flash, 64 MB RAM ====
  
 Due to new features being introduced and the general size increase of the Linux kernel, devices now need at least 8 MB of flash and 64 MB of RAM to run a default build of OpenWrt. Due to new features being introduced and the general size increase of the Linux kernel, devices now need at least 8 MB of flash and 64 MB of RAM to run a default build of OpenWrt.
 +More flash space is recommended for extensibility, see [[:supported_devices:864_warning|8/64 warning]]
  
 It is still possible to build custom OpenWrt images (e.g. using the [[docs:guide-user:additional-software:imagebuilder|ImageBuilder]]) that may fit devices with 4 MB of flash or 32 MB of RAM. It is still possible to build custom OpenWrt images (e.g. using the [[docs:guide-user:additional-software:imagebuilder|ImageBuilder]]) that may fit devices with 4 MB of flash or 32 MB of RAM.
Line 74: Line 88:
 ==== New hardware targets ==== ==== New hardware targets ====
  
-A new ''realtek'' target has been added, which is often found in managed switches. As a result, it is now possible to run OpenWrt on devices with significant number of Ethernet ports. +A new [[:docs:techref:targets:realtek]] target has been added, which is often found in managed switches. As a result, it is now possible to run OpenWrt on devices with significant number of Ethernet ports. 
-See [[:toh:views:toh_dev_arch-target-cpu|supported devices for realtek]].+See [[:toh:views:toh_standard_all?dataflt[0]=target_%3Drealtek|supported devices for realtek]].
  
-In addition, new ''bcm4908'' and ''rockchip'' targets have been added.+In addition, new [[:docs:techref:targets:bcm4908]] and [[:docs:techref:targets:rockchip]] targets have been added
 + 
 +Support for many new boards was added to the existing targets.
  
 ==== Dropped hardware targets ==== ==== Dropped hardware targets ====
  
-The ''ar71xx'' was deprecated in OpenWrt 19.07 and was gradually replaced by ''ath79'', see[[:docs:techref:targets:ar71xx-ath79|ar71xx-ath79 migration]]+The [[:docs:techref:targets:ar71xx]] target was deprecated in OpenWrt 19.07 and has been gradually replaced by [[:docs:techref:targets:ath79]], see [[:docs:techref:targets:ar71xx-ath79|ar71xx-ath79 migration]].
-With OpenWrt 21.02, the ''ar71xx'' has been removed and users must use ''ath79'' instead. +
-If you are still running with the ''ar71xx'' target, it is recommended to reinstall OpenWrt 21.02 from scratch.  Users already on the ''ath79'' target can use sysupgrade to upgrade to OpenWrt 21.02.+
  
-Other targets were also removed: ''cns3xxx''''rb532'' and ''samsung''.+With OpenWrt 21.02, the [[:docs:techref:targets:ar71xx]] has now been removed and users must use [[:docs:techref:targets:ath79]] instead. 
 +If you are still running with the [[:docs:techref:targets:ar71xx]] target, it is recommended to reinstall OpenWrt 21.02 from scratch.  Users already on the [[:docs:techref:targets:ath79]] target can use sysupgrade to upgrade to OpenWrt 21.02. 
 + 
 +Other targets were also removed: [[:docs:techref:targets:cns3xxx]][[:docs:techref:targets:rb532]] and [[:docs:techref:targets:samsung]]. 
 + 
 +==== ASLR activated ==== 
 + 
 +Network exposed user space applications are linked as position-independent executable (PIE) to allow full Address Space Layout Randomization (ASLR) support. This makes it harder for attackers to exploit OpenWrt. See [[docs:guide-developer:security#hardening_build_options|Hardening build options]] for more details.  
 + 
 +==== Kernel with container support ==== 
 + 
 +Multiple Linux kernel compile options, needed for Linux Containers (LXC) and procd-ujail are activated by default for most targets. 
 +This allows to use LXC and ujail with the normal release builds. 
 + 
 +==== SELinux support ==== 
 + 
 +It is possible to compile OpenWrt with SELinux support. This is currently not activated by default.
  
 ==== Core components update ==== ==== Core components update ====
Line 98: Line 128:
   * Updated Linux kernel   * Updated Linux kernel
     * 5.4.111 for all targets     * 5.4.111 for all targets
-  * Network userland:+  * Network:
     * hostapd 2020-06-08, dnsmasq 2.84, dropbear 2020.81     * hostapd 2020-06-08, dnsmasq 2.84, dropbear 2020.81
 +    * cfg80211/mac80211 from kernel 5.10.16
 +    * wireguard backport from upstream Linux kernel
   * System userland:   * System userland:
     * busybox 1.33.0     * busybox 1.33.0
 +
 +In addition to the listed applications, many others were also updated.
 +
 +===== Upgrading to 21.02.0-rc1 ===== 
 +
 +Sysupgrade can be used to upgrade a device from 19.07 to 21.02, and configuration will be preserved in most cases.
 +
 +:!: Sysupgrade from 18.06 to 21.02 is not supported.
 +
 +:!: There is no migration path for targets that switched from swconfig to DSA. In that case, sysupgrade will refuse to proceed with an appropriate error message:\\ 
 +''Image version mismatch. image 1.1 device 1.0 Please wipe config during upgrade (force required) or reinstall. Config cannot be migrated from swconfig to DSA Image check failed''
 +
 +:!: The default root file system partition size changed for targets/devices relying on booting from mass storage (HDD, USB flash, SD card, etc.), so MBR will change and any additional partition will be deleted when sysupgrading.
  
 ==== Known issues ==== ==== Known issues ====
Line 109: Line 154:
   * LuCI writes unnecessary IPv6 RA options to /etc/config/dhcp if the user edits interface's DHCP settings. This could prevent client IPv6 connectivity.   * LuCI writes unnecessary IPv6 RA options to /etc/config/dhcp if the user edits interface's DHCP settings. This could prevent client IPv6 connectivity.
     * Update luci-mod-network to git-21.107.58557 or later to fix this problem     * Update luci-mod-network to git-21.107.58557 or later to fix this problem
- 
-===== Upgrading to 21.02.0-rc1 =====  
- 
-Sysupgrade can be used to upgrade a device from 19.07 to 21.02, and configuration will be preserved in most cases.  Sysupgrade from 18.06 to 21.02 is not supported. 
- 
-However, there is no migration path for targets that switched to DSA. 
-In that case, sysupgrade will refuse to proceed with an appropriate error message: the user has to force sysupgrade and reset the device configuration. 
  
 ===== Final notes ===== ===== Final notes =====
  • Last modified: 2021/05/17 22:22
  • by zorun