Commit Graph

786 Commits

Author SHA1 Message Date
Jo-Philipp Wich
2285eb732a ucode: update to Git HEAD (2023-11-07)
0352a33 uloop: support new interval and signal APIs
1468cc4 syntax: don't treat `as` and `from` as reserved keywords

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 551963662b)
2023-11-09 16:38:02 +01:00
Hauke Mehrtens
5106f554bb px5g-wolfssl: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.*
-rw-r--r--    1 root     root           749 Nov  6 23:14 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 23:14 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 6aad5ab099)
2023-11-08 19:04:11 +01:00
Hauke Mehrtens
6fd16b0d27 px5g-mbedtls: Fix permission of private key
Store the private key with read and write permission for the user only
and not with read permissions for everyone. This converts the
write_file() function from fopen() to open() because open allows to
specify the permission mask of the newly created file. It also adds and
fixes some existing error handling.

OpenSSL does this in the same way already.

With this change it looks like this:
root@OpenWrt:/# ls -al /etc/uhttpd.crt /etc/uhttpd.key
-rw-r--r--    1 root     root           519 Nov  6 22:58 /etc/uhttpd.crt
-rw-------    1 root     root           121 Nov  6 22:58 /etc/uhttpd.key

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit 929c9a58c9)
2023-11-08 19:04:11 +01:00
Jo-Philipp Wich
f34ccb10dd ucode: update to latest Git HEAD
cfb24ea build: avoid redefining _FORTIFY_SOURCE
448c763 lib: enforce consistent `index()` behavior with empty needle argument
cdc0203 nl80211: fix maybe uninitialized variable
a69b5c8 vm: fix unused result warning
ea046bd build: enable source fortification by default

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit 262554f12cbcc4e3bea2440ce1e696ce8791e732)
2023-11-02 10:38:48 +01:00
Felix Fietkau
51b1d5950e ucode: fix build on macos
Remove ABI version, since its format is not accepted by the linker.
Enable rpath to avoid clash with system libraries

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 5eb8a21ba5)
2023-11-02 10:38:48 +01:00
Jo-Philipp Wich
b549880815 ucode: update to latest Git HEAD
- Introduces signal handling facilities
 - Fixes potentially incorrect object equality tests
 - Introduces debug library
 - Introduces log library
 - ABI version bump due to changed VM structure layout
 - Revised packaging

Changelog:

07c0317 jsdoc: switch to own custom theme
6ca08b0 jsdoc: properly handle indented documentation blocks
2a67f22 lib: add/improve documentation for require(), loadfile(), loadstring()
9993ccb uci: fix potential memory leaks in `configs()`
f56394f ci: re-trigger workflows on pull request pushes
1c18993 lib: various documentation fixes
d25dcb1 uci: add module documentation
4a8ece2 docs: use CSS and local JavaScript fixups to improve formatting
8f21cfa lib: introduce log library
8a3aefe build: auto-enable module depending on present libraries
6a01adc build: convert CMakeLists.txt into lowercase
8700665 ci: don't skip pull request workflows for `master` branch
0184d23 include: fix execvpe compat function on macOS
8b23884 uloop: rename environ variable to avoid clashing with system macro on macOS
7c209d7 types: ensure double serializatiion with decimal places
d150425 rtnl: update the link attr TODOs
d394174 rtnl: add IFLA_TARGET_NETNSID for operating in other namespaces
1227733 lib: fix documented return value for `splice()`
c9982de docs: add struct module documentation
7dde493 docs: add missing headline to debug module documentation
8f852ea types: improve comparison reliability of binary strings
6940c28 lib: introduce debug library
be07107 treewide: consolidate platform specific code in platform.c
2593270 uloop: interrupt on VM signals
97a5292 lib: add `signal()` stdlib function
1dbbb6a main: enable signal dispatching in the standalone cli interpreter
1623245 types: treat signal handler array as GC root
29b1c0d vm: introduce basic signal handling infrastructure
093684d fs: explicitly compare isatty() result
4f4f38f types: don't rely on implicit type conversion in ucv_compare()
4bee0ef docs: disable GitHub Jekyll post processing
5efb7a0 docs: further rework
33bc7bf docs: fix markup quirks
9d5e420 docs: add information about memory management and operator precedence
f1190ef docs: various improvements
f0cc841 fs: use `fseeko()` and `ftello()`
cba0c3c fs: complete function documentation coverage
f9260f7 github: drop superfluous CNAME file
c85bc74 Create CNAME
5309294 lib: add JSDoc documentation
b0f2f90 fs: add JSDoc documentation
fe086da math: add JSDoc documentation
70f9348 docs: add initial JSDoc infrastructure
24f1a56 source: fix source offset accounting
9df9160 lexer: don't count EOF token as newline
b9d8f06 ci: switch to official openwrt/gh-action-sdk

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
(cherry picked from commit eacc885816)
2023-11-02 10:38:48 +01:00
Anari Jalakas
f1ea45f853 lua: opt-out of lto usage
This fixes building with USE_LTO enabled.

<artificial>:(.text+0xcc8): relocation R_MIPS16_26 against `luaL_argerror' cannot be used when making a shared object; recompile with -fPIC
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: non-dynamic relocations refer to dynamic symbol strcpy
./openwrt/staging_dir/toolchain-mips_24kc_gcc-12.3.0_musl/lib/gcc/mips-openwrt-linux-musl/12.3.0/../../../../mips-openwrt-linux-musl/bin/ld.bfd: failed to set dynamic section sizes: bad value
collect2: error: ld returned 1 exit status

Signed-off-by: Anari Jalakas <anari.jalakas@gmail.com>
(cherry picked from commit 246b97b607)
2023-10-31 00:44:03 +01:00
Rani Hod
6a1b92b024 bcm53xx: Linksys EA9200 nvram and 02_network fixes
1) clear nvram partialboots upon successful boot
This behavior is already defined for EA9500; enabled for EA9200 too.

2) fix MAC address in board.d/02_network
Use the correct nvram variable to derive lan/wan MAC address.

Signed-off-by: Rani Hod <rani.hod@gmail.com>
(cherry picked from commit 9c42d23c5f)
2023-10-26 00:14:10 +02:00
Hauke Mehrtens
6637af95aa bsdiff: Add patches for CVEs
Add two patches from Debian fixing CVEs in the bsdiff application.
CVE-2014-9862: Heap vulnerability in bspatch
CVE-2020-14315: Memory Corruption Vulnerability in bspatch

Copied the patches from this location:
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/20-CVE-2014-9862.patch
https://salsa.debian.org/debian/bsdiff/-/blob/debian/latest/debian/patches/33-CVE-2020-14315.patch

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
(cherry picked from commit cac723e8b8)
2023-10-09 23:45:35 +02:00
Christian Marangi
76758a8694 yafut: add missing PKG_MIRROR_HASH
Add missing PKG_MIRROR_HASH. This is always needed as is used to
generate and use a tar instead of git clone and validate the hash of it.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
(cherry picked from commit a181b9f0f9)
2023-10-08 14:14:50 +02:00
Alexander Couzens
388d213392 packages: assign PKG_CPE_ID for all missing packages
The PKG_CPE_ID links to NIST CPE version 2.2.
Assign PKG_CPE_ID to all remaining package which have a CPE ID.
Not every package has CPE id.

Related: https://github.com/openwrt/packages/issues/8534
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
2023-09-27 22:37:01 +02:00
Felix Fietkau
9af2ad5111 ucode: update to the latest version
9986b839595d ci: unbreak failing builds by using fixed gh-actions-openwrt-ci-sdk
77c961e20eda ci: fix broken imx6-generic SDK build
86107a647cb0 ci: cancel concurrent builds
ed543d8bf481 ci: update the workflows
11d5f8840002 Merge pull request #151 from ynezz/ynezz/unbreak-ci
b934ce815ff2 program: fix memory leak in read_sourceinfo
b0baf043e64c Merge pull request #152 from Ansuel/fix-memory-leak
740e2501fdca main: add user specified library search paths before default path
15f1a669e8e2 struct: remove state->len
29edb011caf1 ubus: add support for strings containing null bytes
2b4346bfdc67 vm: clear vm->alloc_refs in uc_gc_common
b213bd120d55 Merge pull request #150 from nbd168/misc-improvements
66520ebe27ae vm: immediately release arguments on calls with invalid spreads
07cc72a77e3b README.md: fix debian dependencies
d048ea88fe71 compiler: fix memory leak in uc_compiler_compile_import on early exit
7b7e22dcdf02 Merge pull request #155 from luizluca/luizluca-patch-1
d656d150905e types: implement ucv_object_sort()
d72eebeb168b lib: support object ordering in `uc_sort()`
ed1f0133c870 nl80211: add constants for iftypes
3ffb046c59a6 Merge pull request #156 from nbd168/nl80211-iftypes
c7d84aae0969 Merge pull request #153 from jow-/lib-sort-object-support

Signed-off-by: Felix Fietkau <nbd@nbd.name>
(cherry picked from commit 9419a50242)
2023-09-18 14:25:18 +02:00
Oskari Rauta
e997456595 util-linux: enable colrm util as package
colrm is already built, package just isn't generated.

colrm can be used to remove columns from file/stdin.
Use cases vary, personally I needed it because I build openwrt
natively - and wolfssl configure script wants either colrm, or cut
but busybox's cut isn't accepted.

Built: x86_64, latest git
Tested: x86_64, latest git

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
(cherry picked from commit e21b4c9636)
2023-08-11 12:53:33 +02:00
Adam Bailey
a5b03a34c3 lua: fix integer overflow in LNUM patch
Safely detect integer overflow in try_addint() and try_subint().
Old code relied on undefined behavior, and recent versions of GCC on x86
optimized away the if-statements.
This caused integer overflow in Lua code instead of falling back to
floating-point numbers.

Signed-off-by: Adam Bailey <aebailey@gmail.com>
(cherry picked from commit 3a2e7c30d3)
2023-08-11 12:53:33 +02:00
Martin Schiller
4a3c66a401 e2fsprogs: do not symlink tune2fs to findfs
commit c0611b45a9 ("e2fsprogs: symlink e2fsck to fsck.ext{2, 3, 4},
and tune2fs to findfs") introduced a symlink from tune2fs to findfs.

This only works when the included private libblkid library is used, but
commit 5b1660a538 ("utils/e2fsprogs: Update to 1.43.6") disabled the
usage of this private lib and enabled the shared lib support.

Removing this symlink makes it possible to install tune2fs and findfs
package.

Signed-off-by: Martin Schiller <ms@dev.tdt.de>
(cherry picked from commit 0b80c5725f)
2023-08-11 12:53:33 +02:00
David Bauer
476bf135fc mediatek: add support for ZyXEL NWA50AX Pro
Hardware
--------
CPU:    Mediatek MT7981
RAM:    512M DDR4
FLASH:  256M NAND
ETH:    MaxLinear GPY211 (2.5GbE N Base-T)
WiFi:   Mediatek MT7981 (2.4GHz 2T2R:2 5GHz 3T3R:2 802.11ax)
BTN:    1x Reset
LED:    1x Multi-Color

UART Console
------------
Available below the rubber cover next to the ethernet port.

Settings: 115200 8N1

Layout:

<12V> <LAN> GND-RX-TX-VCC

Logic-Level is 3V3. Don't connect VCC to your UART adapter!

Installation Web-UI
-------------------
Upload the Factory image using the devices Web-Interface.

As the device uses a dual-image partition layout, OpenWrt can only
installed on Slot A. This requires the current active image prior
flashing the device to be on Slot B.

In case this is not the case, OpenWrt will boot only one time, returning
to the ZyXEL firmware the second boot.

If this happens, first install a ZyXEL firmware upgrade of any version
and install OpenWrt after that.

Installation TFTP / Recovery
----------------------------
This installation routine is especially useful in case of a bricked
device.

Attach to the UART console header of the device. Interrupt the boot
procedure by pressing Enter.

The bootloader has a reduced command-set available from CLI, but more
commands can be executed by abusing the atns command.

Boot a OpenWrt initramfs image available on a TFTP server at
192.168.1.66. Rename the image to nwa50axpro-openwrt-initramfs.bin.

 $ atnf nwa50axpro-openwrt-initramfs.bin
 $ atna 192.168.1.88
 $ atns "192.168.1.66; tftpboot; setenv fdt_high 0xffffffffffffffff;
   bootm"

Upon booting, set the booted image to the correct slot:

 $ zyxel-bootconfig /dev/mtd9 get-status
 $ zyxel-bootconfig /dev/mtd9 set-image-status 0 valid
 $ zyxel-bootconfig /dev/mtd9 set-active-image 0

Copy the OpenWrt sysupgrade image to the device using scp.
Write the sysupgrade image to NAND using sysupgrade.

 $ sysupgrade -n image.bin

Signed-off-by: David Bauer <mail@david-bauer.net>
(cherry picked from commit f0445746f6)
2023-07-23 16:10:08 +02:00
Nick Hainke
d4b4926320 busybox: update to 1.36.1
Release Notes:
http://lists.busybox.net/pipermail/busybox-cvs/2023-May/041510.html

Refresh commands, run after busybox is first built once (nothing changed
compared to 1.36.0):

  cd package/utils/busybox/config/
  ../convert_menuconfig.pl ../../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1
  cd ..
  ./convert_defaults.pl ../../../build_dir/target-mipsel_24kc_musl/busybox-default/busybox-1.36.1/.config > Config-defaults.in

Manual edits needed afterward:

* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
  BUSYBOX_DEFAULT_FEATURE_IPV6

* Config-defaults.in: OpenWrt config TARGET_bcm53xx logic applied to
  BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)

* Config-defaults.in: OpenWrt logic applied to
  BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)

* Config-defaults.in: correct the default ports that get reset
  BUSYBOX_DEFAULT_FEATURE_HTTPD_PORT_DEFAULT    80
  BUSYBOX_DEFAULT_FEATURE_TELNETD_PORT_DEFAULT  23

* config/editors/Config.in: Add USE_GLIBC dependency to
  BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)

* config/shell/Config.in: change at "Options common to all shells" the conditional symbol
  SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
  (discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
  Apparently our script does not see the hidden option while
  prepending config options with "BUSYBOX_CONFIG_" which leads to a
  missed dependency when the options are later evaluated.)

* Edit a few Config.in files by adding quotes to sourced items in
  config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)

Tested-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 3b76f6eee4)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2023-05-24 19:26:32 +01:00
Hauke Mehrtens
3a935f7ea9 util-linux: Use SYS_getrandom in randutils.c
The getrandom syscall is not hanging at bootup any more if there is
not enough entropy. This was fixed upstream in 2018 in commit:
a9cf659e05

This OpenWrt patch is not needed any more.
This reverts commit e64463ebde ("util-linux: avoid using the getrandom syscall")

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-19 22:43:45 +02:00
Hauke Mehrtens
2f11a89140 util-linux: Fix taskset conflict with busybox
This fixes the following error:
 * check_data_file_clashes: Package taskset wants to install file build_dir/target-powerpc_8548_musl/root-mpc85xx/usr/bin/taskset
	But that file is already provided by package  * busybox
 * opkg_install_cmd: Cannot install package taskset.

Fixes: 3c3d797c4d ("busybox: enable taskset by default")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-19 22:42:31 +02:00
Nick Hainke
f18cb0ba63 f2fs-tools: update to 1.16.0
Remove upstramed patches:
- 100-configure.ac-fix-AC_ARG_WITH.patch
- 101-configure.ac-fix-cross-compilation.patch

Remove deprecated f2fstat tool:
https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git/commit/?id=77bf7ed29f1dd1341079913f3b36fc62f812c4f5

Changelog:
06c027a f2fs-tools: upgrade version 1.16.0
542cc57 fsck.f2fs: fix sanity check logic for cp_payload
a7df89e mkfs.f2fs: remove indentation
c82985a fsck.f2fs: don't call report_zone on normal partition
0ac168e f2fs-tools: relax zone size of power of 2
641be32 mkfs.f2fs: trim all the devices except the first one
3835fef f2fs-tools: fix # of total segments
5b08ca9 f2fs_io: support AES_256_HCTR2
ae3301c f2fs_io: Fix out of tree builds
ddbde27 fsck.f2fs: relocate chksum verification step during f2fs_do_mount()
77bf7ed f2fs-tools: Remove deprecated f2fstat
fb6575e Remove sg_write_buffer
1bb669e fsck.f2fs: avoid uncessary recalculation
ccd2361 fsck.f2fs: fix potential overflow of copying i_name
cd6b133 fsck.f2fs: add parentheses for SB_MASK
399600a dump.f2fs: remove unavailable option -g
3e6e178 f2fs-tools: define HAVE_CLOCK_GETTIME properly
907b972 f2fs-tools: support F2FS_IOC_START_ATOMIC_REPLACE
9ff70fb f2fs-tools: give less overprovisioning space
844f821 f2fs-tools: set host-aware zoned device similar to host-managed one
88ac76d fsck.f2fs: fix missing to assign c.zoned_model
8cbe34e fsck.f2fs: trigger repairing if filesystem has inconsistent errors
2f1dde2 fsck.f2fs: trigger repairing if filesystem was forced to stop
465159f fsck.f2fs: export valid image size
3486b62 mkfs.f2fs: update allocation policy for ro feature
bdd51e5 fsck.f2fs: fix __end_block_addr()
5a5e419 Always use sparse/sparse.h when building for Android
19f77c6 f2fs-tools: fix build error on lz4-1.9.4
986c1f1 Fix format strings in log messages
0d6acbe fsck.f2fs: use elapsed_time in checkpoint for period check
9b7a4c5 mkfs.f2fs: catch total_zones=0 instead of crashing
6148db3 f2fs-tools: use F2FS_BLKSIZE instead of PAGE_*_SIZE
f09c2b7 f2fs_io: support triggering filesystem GC via ioctl
32e7d27 configure.ac: fix cross compilation
65fe94e configure.ac: fix AC_ARG_WITH
6325cf7 Use F2FS_BLKSIZE as the size of struct f2fs_summary_block
c89be7a Use F2FS_BLKSIZE for dev_read_block() buffers
5317d18 Improve compile-time type checking for f2fs_report_zone()
92e2e52 Fix f2fs_report_zone()
648a491 Fix the struct f2fs_dentry_block definition
c964547 resize.f2fs: add option to manually specify new overprovision
a741438 fsck.f2fs: drop compression bit if inline_data is set
406b1c9 f2fs-tools: fix cannot get bdev information
9d0cb9e f2fs_io: add dsync option for write
a7b8b46 tools: fix file too large causing overflow
bddca6f dump.f2fs: add -I nid to dump inode by scan full disk
ebc3879 android_config: add time headers
c1144bf Check fallthrough in mount.h for Mac
bcb9929 avoid unnecessary function
7d902f4 Fix dependencies on linux/blkzoned.h when using Bionic.
274abbb Remove unnecessary config.h
8c97ab3 libzone: remove duplicate header
adcec10 Support zoned device if libc exists
efc2bc7 mkfs.f2fs: fix typo
3034a41 mkfs.f2fs: split unused parameter
dd8d8e5 f2fs-tools: do not use SG_IO in Android
4f216e6 f2fs-tools: move android_config before defining them
48c5dbb f2fscrypt: adjust config file first
4b55459 android_config: add missing uuid library

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-19 12:07:14 +02:00
Hauke Mehrtens
a665c8e5bd util-linux: Fix build on powerpc and arc
This fixes the build of util-linux on powerpc and arc. Both CPU
architectures were not supported here in addition to the missing MIPS
support.

Fixes: 628a410ed1 ("util-linux: update to 2.39")
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-19 11:56:45 +02:00
Thomas Weißschuh
628a410ed1 util-linux: update to 2.39
Release Notes:
	https://cdn.kernel.org/pub/linux/utils/util-linux/v2.39/v2.39-ReleaseNotes

Remove upstreamed:
	030-meson-don-t-use-run.patch
	040-meson-fix-cpu_set_t-test.patch
	050-meson-fix-environ-search.patch
	060-meson-add-_GNU_SOURCE-for-sighandler_t.patch
	070-meson-fix-isnan-check.patch
	080-meson-fix-tzname-check.patch
	090-meson-libpam.patch
	100-meson-make-libcap-ng-dependent-on-setpriv.patch
	120-meson-get-the-project-version-from-the-version-gen-s.patch
	130-meson-fix-error-in-processing-version-for-pc-files.patch

New:
	0001-test_enosys-add-support-for-mips.patch

Signed-off-by: Thomas Weißschuh <thomas@t-8ch.de>
[Refresh patches]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-05-18 16:56:45 +02:00
Tianling Shen
cca7ccf2d9 ucode: update to the latest version
8f78aff2cb68 ubus: support multiple call return values
51f4dba67313 ucode: also link libresolv if ns_initparse() is not found
5c7d07773a59 uci: fix ctx.commit() without arguments
5163867269fc Merge pull request #148 from jow-/uci-fix-commit

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-18 14:26:48 +02:00
Tianling Shen
dd1f3f0675 px5g-wolfssl: replace COMMITCOUNT with real PKG_RELEASE
Similar to the AUTORELEASE conversion process.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-18 11:35:29 +02:00
Tianling Shen
48ed07bc0b treewide: replace AUTORELEASE with real PKG_RELEASE
Based on Paul Fertser <fercerpav@gmail.com>'s guidance:
Change AUTORELEASE in rules.mk to:
```
AUTORELEASE = $(if $(DUMP),0,$(shell sed -i "s/\$$(AUTORELEASE)/$(call commitcount,1)/" $(CURDIR)/Makefile))
```

then update all affected packages by:
```
for i in $(git grep -l PKG_RELEASE:=.*AUTORELEASE | sed 's^.*/\([^/]*\)/Makefile^\1^';);
do
	make package/$i/clean
done
```

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-18 11:35:29 +02:00
Linhui Liu
a1c3f08eae secilc: update to 3.5
Release Notes:
https://github.com/SELinuxProject/selinux/releases/download/3.4/RELEASE-3.4.txt
https://github.com/SELinuxProject/selinux/releases/download/3.5/RELEASE-3.5.txt

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-05-18 10:14:13 +02:00
Linhui Liu
d7feeef3c2 policycoreutils: update to 3.5
Release Notes:
https://github.com/SELinuxProject/selinux/releases/download/3.4/RELEASE-3.4.txt
https://github.com/SELinuxProject/selinux/releases/download/3.5/RELEASE-3.5.txt

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-05-18 10:14:13 +02:00
Linhui Liu
a851c175fe checkpolicy: update to 3.5
Release Notes:
https://github.com/SELinuxProject/selinux/releases/download/3.4/RELEASE-3.4.txt
https://github.com/SELinuxProject/selinux/releases/download/3.5/RELEASE-3.5.txt

Signed-off-by: Linhui Liu <liulinhui36@gmail.com>
2023-05-18 10:14:13 +02:00
Nick Hainke
abec62a542 mdadm: fix compilation with musl 1.2.4
_LARGEFILE64_SOURCE has to be defined in the source, or CFLAGS can be used
to pass -D_LARGEFILE64_SOURCE to allow to keep using LFS64 definitions.

Fixes error in the form of:
restripe.c: In function 'restore_stripes':
restripe.c:758:43: error: 'off64_t' undeclared (first use in this function); did you mean 'off_t'?
  758 |                                          (off64_t)read_offset) {
      |                                           ^~~~~~~
      |                                           off_t
restripe.c:758:43: note: each undeclared identifier is reported only once for each function it appears in
restripe.c:758:51: error: expected ')' before 'read_offset'
  758 |                                          (off64_t)read_offset) {
      |                                                   ^~~~~~~~~~~
      |                                                   )
restripe.c:757:36: note: to match this '('
  757 |                                 if (lseek64(source, read_offset, 0) !=
      |                                    ^
make[3]: *** [Makefile:193: restripe.o] Error 1

Fixes: fff878c5bc ("toolchain/musl: update to 1.2.4")
Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-05-16 22:54:29 +02:00
Tianling Shen
466be0612a
e2fsprogs: fix compilation with musl 1.2.4
musl 1.2.4 deprecated legacy "LFS64" ("large file support") interfaces and
autotools failed to check the lseek64 function.

Force enable ac_cv_func_lseek64 to workaround it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-16 16:33:20 +02:00
Tianling Shen
8f455f7c5e
f2fs-tools: fix compilation with musl 1.2.4
musl 1.2.4 deprecated legacy "LFS64" ("large file support") interfaces and
autotools failed to check the lseek64 function.

Force enable ac_cv_func_lseek64 to workaround it.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
2023-05-16 16:32:59 +02:00
Ilario Gelmetti
8f427f1a05 busybox: turn on BUSYBOX_DEFAULT_ASH_RANDOM_SUPPORT for having $RANDOM
$RANDOM shell variable is a convenient way for getting a random number from 0 to 32767

Signed-off-by: Ilario Gelmetti <iochesonome@gmail.com>
2023-04-25 22:01:20 +02:00
Hauke Mehrtens
fca966aab2 busybox: Activate resize tool by default
The resize tool will resize the prompt to match the current terminal
size. This is helpful when connecting to the system using UART to make
the vi or top output match the current terminal size.

This increases the busybox binary size by 136 bytes and the ipkg size by
335 bytes on aarch64.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-04-25 22:00:03 +02:00
Michał Kępień
27acf2413e
yafut: add a kernel update tool for MikroTik NAND
Commit 9d96b6fb72 ("ath79/mikrotik: disable building NAND images")
disabled building images for MikroTik devices with NAND flash due to a
less than satisfactory method used for updating the kernel on those
devices back then.

To address the problem, add support for updating the kernel on MikroTik
devices with NAND flash using a new tool, Yafut, which enables copying
files from/to Yaffs file systems even if the kernel does not have native
support for the Yaffs file system compiled in.  Instead of erasing the
entire NAND partition holding the kernel during every system upgrade
(which is what the previously-used approach employing kernel2minor
involved), Yafut preserves the Yaffs filesystem present on that
partition and only replaces the kernel executable.  This allows bad
block information to be preserved across sysupgrade runs and also
enables wear leveling on the NAND partition holding the kernel.  Yafut
does not rely on kernel2minor in any way and intends to eventually
supersede the latter for NAND devices.

Signed-off-by: Michał Kępień <openwrt@kempniu.pl>
2023-04-18 13:53:04 +02:00
Felix Fietkau
3c3d797c4d busybox: enable taskset by default
This is useful for controlling process affinity on SMP systems

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-04-01 09:16:30 +02:00
Oskari Rauta
1558bbd116 util-linux: add rev utility package
I found use for this in my scripts; I noticed that it is already
compiled with util-linux - there just isn't package for it -
let's package it then.

Description:
The rev utility copies the specified files to the standard output,
reversing the order of characters in everyline.

Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
2023-03-25 16:39:37 +01:00
Andre Heider
07730ff346
treewide: add support for "lto" in PKG_BUILD_FLAGS
This reduces open coding and allows to easily add a knob to enable
it treewide, where chosen packages can still opt-out via "no-lto".

Some packages used LTO, but not the linker plugin. This unifies 'em
all to attempt to produce better code.
Quoting man gcc(1):
"This improves the quality of optimization by exposing more code to the
link-time optimizer."

Also use -flto=auto instead of -flto=jobserver, as it's not guaranteed
that every buildsystem uses +$(MAKE) correctly.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-21 18:28:22 +01:00
Andre Heider
da3700988d
treewide: add support for "gc-sections" in PKG_BUILD_FLAGS
This reduces open coding and allows to easily add a knob to
enable it treewide, where chosen packages can still opt-out via
"no-gc-sections".

Note: libnl, mbedtls and opkg only used the CFLAGS part without the
LDFLAGS counterpart. That doesn't help at all if the goal is to produce
smaller binaries. I consider that an accident, and this fixes it.

Note: there are also packages using only the LDFLAGS part. I didn't
touch those, as gc might have been disabled via CFLAGS intentionally.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-21 18:28:22 +01:00
Andre Heider
5c545bdb36
treewide: replace PKG_USE_MIPS16:=0 with PKG_BUILD_FLAGS:=no-mips16
Keep backwards compatibility via PKG_USE_MIPS16 for now, as this is
used in all package feeds.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-03-21 18:28:22 +01:00
Eneas U de Queiroz
1781e7408a
uencrypt: split common and library-specific code
This splits the code in 4 files:
 - uencrypt.h
 - uencrypt.c - main program
 - uencrypt-openssl.c - OpenSSL/wolfSSL implementation
 - uencrypt-mbedtls - mbedTLS implementation

Other changes, accounting for ~400 bytes increase in ipk size:
 - more error condition checking and reporting,
 - hide key and iv command line arguments

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2023-03-17 17:22:54 -03:00
Eneas U de Queiroz
4662adef2a
uencrypt: add support for mbedtls
This commit includes some additional changes:
 - better handling of iv and keys in openssl/wolfssl variants
 - fix compiler warnings and whitespace
 - build all 3 variants as separate packages
 - adjust the new package name in targets' DEVICE_PACKAGES
 - remove PKG_FLAGS:=nonshared

[Beeline SmartBox Flash - OK]
Tested-by: Mikhail Zhilkin <csharper2005@gmail.com>
[after test: replaced a hardcoded IV size of 16 by cipher_info->iv_size]
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
2023-03-17 17:22:53 -03:00
Nick Hainke
69ff678711 dtc: update to 1.7.0
Changelog:
039a994 Bump version to v1.7.0
3f29d6d pylibfdt: add size_hint parameter for get_path
2022bb1 checks: Update #{size,address}-cells check for 'dma-ranges'
abbd523 pylibfdt: Work-around SWIG limitations with flexible arrays
a41509b libfdt: Replace deprecated 0-length arrays with proper flexible arrays
2cd89f8 dtc: Warning rather than error on possible truncation of cell values
55778a0 libfdt: tests: add get_next_tag_invalid_prop_len
7359034 libfdt: prevent integer overflow in fdt_next_tag
035fb90 libfdt: add fdt_get_property_by_offset_w helper
98a0700 Makefile: fix infinite recursion by dropping non-existent `%.output`
a036cc7 Makefile: limit make re-execution to avoid infinite spin
c6e9210 libdtc: remove duplicate judgments
e37c256 Don't generate erroneous fixups from reference to path
5045465 libfdt: Don't mask fdt_get_name() returned error
e64a204 manual.txt: Follow README.md and remove Jon
f508c83 Update README in MANIFEST.in and setup.py to README.md
c2ccf8a Add description of Signed-off-by lines
90b9d9d Split out information for contributors to CONTRIBUTING.md
0ee1d47 Remove Jon Loeliger from maintainers list
b33a73c Convert README to README.md
7ad6073 Allow static building with meson
fd9b8c9 Allow static building with make
fda71da libfdt: Handle failed get_name() on BEGIN_NODE
c7c7f17 Fix test script to run also on dash shell
01f23ff Add missing relref_merge test to meson test list
ed31080 pylibfdt: add FdtRo.get_path()
c001fc0 pylibfdt: fix swig build in install
26c54f8 tests: add test cases for label-relative path references
ec7986e dtc: introduce label relative path references
651410e util: introduce xstrndup helper
4048aed setup.py: fix out of tree build
ff5afb9 Handle integer overflow in check_property_phandle_args()
ca72944 README: Explain how to add a new API function
c0c2e11 Fix a UB when fdt_get_string return null
cd5f69c tests: setprop_inplace: use xstrdup instead of unchecked strdup
a04f690 pylibfdt: add Property.as_*int*_array()
8310271 pylibfdt: add Property.as_stringlist()
d152126 Fix Python crash on getprop deallocation
17739b7 Support 'r' format for printing raw bytes with fdtget
45f3d1a libfdt: overlay: make overlay_get_target() public
c19a4ba libfdt: fix an incorrect integer promotion
1cc41b1 pylibfdt: Add packaging metadata
db72398 README: Update pylibfdt install instructions
383e148 pylibfdt: fix with Python 3.10
23b56cb pylibfdt: Move setup.py to the top level
69a7607 pylibfdt: Split setup.py author name and email
0b106a7 pylibfdt: Use setuptools_scm for the version
c691776 pylibfdt: Use setuptools instead of distutils
5216f3f libfdt: Add static lib to meson build
4eda259 CI: Cirrus: bump used FreeBSD from 12.1 to 13.0
0a3a9d3 checks: Add an interrupt-map check
8fd2474 checks: Ensure '#interrupt-cells' only exists in interrupt providers
d8d1a9a checks: Drop interrupt provider '#address-cells' check
52a16fd checks: Make interrupt_provider check dependent on interrupts_extended_is_cell
37fd700 treesource: Maintain phandle label/path on output
e33ce1d flattree: Use '\n', not ';' to separate asm pseudo-ops
d24cc18 asm: Use assembler macros instead of cpp macros
ff3a30c asm: Use .asciz and .ascii instead of .string
5eb5927 fdtdump: fix -Werror=int-to-pointer-cast
0869f82 libfdt: Add ALIGNMENT error string
69595a1 checks: Fix bus-range check
72d09e2 Makefile: add -Wsign-compare to warning options
b587787 checks: Fix signedness comparisons warnings
69bed6c dtc: Wrap phandle validity check
9102211 fdtget: Fix signedness comparisons warnings
d966f08 tests: Fix signedness comparisons warnings
ecfb438 dtc: Fix signedness comparisons warnings: pointer diff
5bec74a dtc: Fix signedness comparisons warnings: reservednum
24e7f51 fdtdump: Fix signedness comparisons warnings

Remove upstreamed:
- 0001-Support-r-format-for-printing-raw-bytes-with-fdtget.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-03-05 01:37:24 +01:00
David Bauer
7662700613 fritz-tools: fix segfault in caldata-extract
* Fix incorrect error message in case input file opening fails
 * Don't close files in case the pointers are invalid

Signed-off-by: David Bauer <mail@david-bauer.net>
2023-03-02 17:04:28 +01:00
Felix Fietkau
ac4fae2338 ucode: update to the latest version
08c709c58187 rtnl: add support for registering an uloop based listener
599a7fb59380 Merge pull request #140 from nbd168/rtnl
c4125c516e0a nl80211: fix NL80211_ATTR_SURVEY_INFO
c43bb9d8fe8d Merge pull request #141 from dhewg/master
c1342d934b2d nl80211: add missing ucv_get() calls
9022b270683a rtnl: add missing ucv_get() calls
837cffec5a5c Merge pull request #142 from nbd168/ref-fixes
65b1f181e642 rtnl: add missing uc_vm_registry_set call
ab2f3f70257d Merge pull request #143 from nbd168/rtnl-fix

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-02-14 09:59:16 +01:00
Nick Hainke
9639ef2a5b e2fsprogs: update to 1.47.0
Release notes:
https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.47.0

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-02-13 00:48:25 +01:00
Nick Hainke
b6bc924b19 e2fsprogs: update to 1.46.6
Release information:
https://e2fsprogs.sourceforge.net/e2fsprogs-release.html#1.46.6

Remove upstreamed patch:
- 004-CVE-2022-1304-libext2fs-add-sanity-check-to-extent-manipulation.patch

Signed-off-by: Nick Hainke <vincent@systemli.org>
2023-02-08 00:14:53 +01:00
Felix Fietkau
74e5e213da ucode: update to the latest version
1c8df08824ef style: add .editorconfig file
ec167d39b803 nl80211: refactor command bitmask handling
6704ec0d5b29 nl80211: add support for registering an uloop based listener
48a6eac1da15 fs: implement `fs.pipe()`
f1be0d725735 types: fix array unshift operations and add test coverage
941d14837faf Merge pull request #138 from nbd168/nl80211

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2023-01-29 10:08:21 +01:00
Andre Heider
b246385126 ucode: move to the lang submenu
Just as lua or the various languages from the package feed.
libucode is the exception, so move it to the libs menu instead.

Signed-off-by: Andre Heider <a.heider@gmail.com>
2023-01-28 22:37:35 +01:00
Hauke Mehrtens
d1893f1c88 px5g-mbedtls: Use getrandom()
Instead of accessing /dev/urandom use the getrandom syscall. This way we
do not have to keep the file open all the time.
This also fixes a compile error with glibc:

--------
px5g-mbedtls.c: In function '_urandom':
px5g-mbedtls.c:48:9: error: ignoring return value of 'read' declared with attribute 'warn_unused_result' [-Werror=unused-result]
   48 |         read(urandom_fd, out, len);
      |         ^~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: all warnings being treated as errors
--------

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
2023-01-28 22:26:06 +01:00
Brian Norris
bf1634f318
ucode: update to latest Git HEAD
To bring in isatty() support.

Includes new commits:

be30472bfdbb fs: add `isatty()` function
0a58d510529e nl80211: add support for NL80211_ATTR_MPATH_INFO

Signed-off-by: Brian Norris <computersforpeace@gmail.com>
[ remove additional merge commit ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>
2023-01-21 01:02:23 +01:00