a29bad9 compiler: fix patchlist corruption on switch statement syntax errors
86f0662 lib: change `ord()` to always return single byte value
116a8ce vallist: fix storing/retrieving short strings with 8bit byte value
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
11adf0c source: convert source objects into proper uc_value_t type
3a49192 treewide: rework function memory model
7edad5c tests: add functional tests for builtin functions
d5003fd lib: fix leaking tokener in uc_json() on parse exception
5d0ecd9 lib: fix infinite loop on empty regexp matches in uc_replace()
3ad57f1 lib: fix infinite loop on empty regexp matches in uc_match()
32d596d lib: fix infinite loop on empty regexp matches in uc_split()
3e3f38d vm: ensure consistent trace output between gcc and clang compiled ucode
3600ded vm: fix leaking function value on call exception
3059295 vm: NULL-initialize pointer to make cppcheck happy
98e59bf source: zero-initialize conversion union to make cppcheck happy
7a65c14 run_tests.sh: change workdir to testcase directory during execution
afec8d7 run_tests.sh: support placing supplemental testcase files
3ada6e0 run_tests.sh: always treat outputs as text data
2cb627f program: rename bytecode load/write functions, track path of executed file
1094ffa lib: fix memory leak in uc_require_ucode()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Add a package for util-linux' ipcs command, to show information about
System V inter-process communication facilities.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
This release fixes two security mount(8) and umount(8) issues:
CVE-2021-3996
Improper UID check in libmount allows an unprivileged user to unmount FUSE
filesystems of users with similar UID.
CVE-2021-3995
This issue is related to parsing the /proc/self/mountinfo file allows an
unprivileged user to unmount other user's filesystems that are either
world-writable themselves or mounted in a world-writable directory.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The man page of the raw tool does not build because the disk-utils/raw.8
file is missing. It looks like it should be in the tar.xz file we
download, but it is missing.
We do not package the raw tool, so this is not a problem.
This fixes the following build error:
No rule to make target 'disk-utils/raw.8', needed by 'all-am'. Stop.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The ucode VM always passes 64bit integer values to sprintf implementation
while the `%d` format expects 32bit integers on 32bit platforms, leading
to incorrect formatting results.
Temporarily solve the issue by casting the numeric argument to int until
a more thorough fix arrives with the next update.
Fixes: FS#4234
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Changes from 2.1.3 to 2.1.4:
Features:
- ubiscan debugging and statistics utility
Fixes:
- Some mtd-tests erroneously using sub-pages instead of the full page size
- Buffer overrun in fectest
- Missing jffs2 kernel header in the last release, leading to build
failures on some systems.
Changes from 2.1.2 to 2.1.3:
Features:
flashcp: Add new function that copy only different blocks
flash_erase: Add flash erase chip
Add flash_otp_erase
Add an ubifs mount helper
Add nandflipbits tool
Fixes:
mkfs.ubifs: Fix runtime assertions when running without crypto
mtd-utils: Use AC_SYS_LARGEFILE
Fix test binary installation
libmtd: avoid divide by zero
ubihealthd: fix UBIFS build dependency
mkfs.ubifs: remove OPENSSL_no_config()
misc-utils: Add fectest to build system
mkfs.ubifs: Fix build with SELinux
Fix typos found by Debian's lintian tool
Fix jffs2 build if zlib or lzo headers are not in default paths
Signed-off-by: Nick Hainke <vincent@systemli.org>
Update busybox to 1.35.0
* refresh patches
Config refresh:
Refresh commands, run after busybox is first built once:
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0
cd ..
./convert_defaults.pl ../../../build_dir/target-arm_cortex-a15+neon-vfpv4_musl_eabi/busybox-default/busybox-1.35.0/.config > Config-defaults.in
Manual edits needed after config refresh:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to
BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
* config/editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in : change at "Options common to all shells" the symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
CHECK_RUN_DIR=0 must be a part of MAKE_FLAGS, not MAKE_VARS, otherwise
it is not possible to compile mdadm on host without /run dir.
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Compiling without fPIC causes linking issues for packages using liblua.
Add $(HOST_FPIC) to host builds for both lua and lua5.3.
Suggested-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: Paul Spooren <mail@aparcar.org>
Chromium based web-browsers (version >58) checks x509v3 extended attributes.
If this check fails then chromium does not allow to click "Proceed to ...
(unsafe)" link. This patch add three x509v3 extended attributes to self-signed
certificate:
1. SAN (Subject Alternative Name) (DNS Name) = CN (common name)
2. Key Usage = Digital Signature, Non Repudiation, Key Encipherment
3. Extended Key Usage = TLS Web Server Authentication
SAN will be added only if CONFIG_WOLFSSL_ALT_NAMES=y
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
fdt* utils are needed by targets that use U-Boot FIT images for
sysupgrade. It includes all recent BCM4908 SoC routers as Broadcom
switched from CFE to U-Boot.
fdtget is required for extracting images (bootfs & rootfs) from
Broadcom's ITB. Extracted images can be then flashed to UBI volumes.
sysupgrade is core functionality so it needs dtc as part of base code
base.
Cc: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Set the different libf2fs packages's VARIANT, so that the right settings
will be used by each different variant, if they are both being built.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Update VERSIONs to 3.3 for release.
Update VERSIONs to 3.3-rc3 for release.
Correct some typos
Update VERSIONs to 3.3-rc2 for release.
Update VERSIONs and Python bindings version to 3.3-rc1 for release
libsepol/secilc/docs: Update the CIL documentation
secilc: fix memory leaks in secilc2conf
secilc: fix memory leaks in secilc
libsepol/cil: Add support for using qualified names to secil2conf
libsepol/cil: Add support for using qualified names to secil2tree
secilc: Add support for using qualified names to secilc
secilc/test: Add test for anonymous args
secilc/docs: Relocate and reword macro call name resolution order
secilc/docs: Document the order that inherited rules are resolved in
secilc: Create the new program called secil2tree to write out CIL AST
secilc/docs: Update the CIL documentation for various blocks
secilc.c: Don't fail if input file is empty
cil_conditional_statements.md: fix expr definition
secilc/docs: Lists are now allowed in constraint expressions
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[re-apply now that libsepol is up-to-date as well]
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
This reverts commit 2da891e735.
secilc 3.3 requires libsepol to be version 3.3 as well and doesn't
build otherwise. Revert for now.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update VERSIONs to 3.3 for release.
Update VERSIONs to 3.3-rc3 for release.
Correct some typos
Update VERSIONs to 3.3-rc2 for release.
Update VERSIONs and Python bindings version to 3.3-rc1 for release
libsepol/secilc/docs: Update the CIL documentation
secilc: fix memory leaks in secilc2conf
secilc: fix memory leaks in secilc
libsepol/cil: Add support for using qualified names to secil2conf
libsepol/cil: Add support for using qualified names to secil2tree
secilc: Add support for using qualified names to secilc
secilc/test: Add test for anonymous args
secilc/docs: Relocate and reword macro call name resolution order
secilc/docs: Document the order that inherited rules are resolved in
secilc: Create the new program called secil2tree to write out CIL AST
secilc/docs: Update the CIL documentation for various blocks
secilc.c: Don't fail if input file is empty
cil_conditional_statements.md: fix expr definition
secilc/docs: Lists are now allowed in constraint expressions
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
Update VERSIONs to 3.3 for release.
Update VERSIONs to 3.3-rc3 for release.
libselinux/semodule: Improve extracting message
Correct some typos
Update VERSIONs to 3.3-rc2 for release.
Update VERSIONs and Python bindings version to 3.3-rc1 for release
policycoreutils: free memory of allocated context in newrole
policycoreutils: free memory of allocated context in run_init
policycoreutils: free memory on lstat failure in sestatus
policycoreutils: silence -Wextra-semi-stmt warning
fixfiles: do not exclude /dev and /run in -C mode
policycoreutils/setfiles: do not create useless setfiles.8.man file
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
Update VERSIONs to 3.3 for release.
checkpolicy: Fix potential undefined shifts
Update VERSIONs to 3.3-rc3 for release.
checkpolicy: delay down-cast to avoid align warning
checkpolicy: drop incorrect cast
checkpolicy: update documentation
checkpolicy: print reason of fopen failure
checkpolicy: policy_define: cleanup declarations
Update VERSIONs to 3.3-rc2 for release.
checkpolicy: free extended permission memory
checkpolicy: print warning on source line overflow
checkpolicy: error out on parsing too big integers
checkpolicy: avoid implicit conversion
checkpolicy: resolve dismod memory leaks
checkpolicy: add missing function declarations
checkpolicy: mark file local functions in policy_define static
checkpolicy: mark read-only parameters in module compiler const
checkpolicy: misc checkpolicy tweaks
checkpolicy: misc checkmodule tweaks
checkpolicy: enclose macro argument in parentheses
Update VERSIONs and Python bindings version to 3.3-rc1 for release
checkpolicy: mark read-only parameters in policy define const
checkpolicy/test: mark file local functions static
checkpolicy: parse_util drop unused declaration
checkpolicy: drop redundant cast to the same type
checkpolicy: avoid potential use of uninitialized variable
checkpolicy: check before potential NULL dereference
checkpolicy: remove dead assignments
checkpolicy: follow declaration-after-statement
checkpolicy: use correct format specifier for unsigned
checkpolicy: drop dead condition
checkpolicy: simplify assignment
checkpolicy: drop -pipe compile option
checkpolicy: pass CFLAGS at link stage
checkpolicy: silence -Wextra-semi-stmt warning
checkpolicy: Do not automatically upgrade when using "-b" flag
libsepol/checkpolicy: Set user roles using role value instead of dominance
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
Update busybox to version 1.34.1, which is a minor
maintenance release. It contains just the two post-1.34.0
upstream patches that we earlier backported plus a few fixes
to awk.
* Remove the two backported upstream patches that are
now unnecessary.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
This simplifies some operations as it doesn't have to be caculated over
and over. It will also allow adding support for more vendor formats.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Update busybox to version 1.34.0
* Remove upstreamed patches (205, 530, 540)
* Remove one old patch that does not apply any more. (203)
That was originally introduced in 2008 with 563d23459,
but does not apply after busybox restructuring with
https://git.busybox.net/busybox/commit/networking/udhcp/dhcpc.c?h=1_34_stable&id=e6007c4911c3ea26925f9473b9f156a692585f30
and
https://git.busybox.net/busybox/commit/networking/udhcp/dhcpc.c?h=1_34_stable&id=1c7253726fcbab09917f143f0b703efbd2df55c3
* Refresh config and patches.
* Backport upstream fixes for
- MIPS compilation breakage and
- process substitution regression
Config refresh:
Refresh commands, run after busybox is first built once:
cd utils/busybox/
cd config/
../convert_menuconfig.pl ../../../../build_dir/target-aarch64_cortex-a53_musl/busybox-default/busybox-1.34.0
cd ..
./convert_defaults.pl < ../../../build_dir/target-aarch64_cortex-a53_musl/busybox-default/busybox-1.34.0/.config > Config-defaults.in
Manual edits needed afterward:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* Config-defaults.in: OpenWrt logic applied to
BUSYBOX_DEFAULT_LOGIN_SESSION_AS_CHILD (commit dc92917)
BUSYBOX_DEFAULT_UDHCPC_DEFAULT_INTERFACE (just "")
* config/editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* config/shell/Config.in : change at "Options common to all shells" the symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
config/Config.in, config/networking/Config.in and config/util-linux/Config.in (commit 1da014f)
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
929c862 vm: fix toplevel function call protocol
8f34d70 fs: fix chown() and rename() error return values
03ca445 tests: disable fuzz tests for now
3b1be3d types: mark further GC roots
d49af4e types: fix comparison of differently signed integers
c79ff39 types: handle conversion errors when dealing with negative error indexes
3315b1f types: allow negative array indexes
d5b25f9 treewide: harmonize function naming
cc4ce8d module: remove unused defines
f5d7526 examples: add libucode usage examples
559eff2 types, vm: adjust GC api
e5e7e62 treewide: move header files into dedicated directory
ff6168a build: install header files
7e6ce0f main: introduce new flag `-x` to allow disabling specific functions
b1817b3 vm: fix invalid memory access on GC'ing uninitialized VM context
498fe87 main: refactor option parsing and VM setup
ff52440 treewide: consolidate typedef naming
1d60418 vm: add API to control trace mode
48f33ad vm: make root exception handler configurable
0f69f09 vm: fix invalid memory access on toplevel function calls
6bcc318 vm: fix handling exceptions in top-level function calls
4ae0568 lib, vm: reimplement exit() as exception type
2f77657 vm: extend API to allow returning result value from VM execution
111645a vm: remove module preloading logic
38ff6de main: preload modules ourselves
d5bc223 vm: add uc_vm_invoke() helper
ef0baf1 vm: cosmetic fix for outputting exceptions without source context
b11a2fa vm: move global scope allocation into uc_vm_init()
900b2a3 vm: add getter and setter for vm globals scope
0179576 lib: rename uc_add_proto_functions() to uc_add_functions()
98b9c84 lib: expose stdlib function array
1adfba0 treewide: eliminate dead code and unused functions
3974e71 treewide: replace a number of unnecessary type casts
bf85226 treewide: move ressource type registry into vm instance
e2b3d2e build: split into libucode and ucode cli
dad8f3a types: properly deal with circular data in GC mark phase
62dbd64 lexer: rename UT_ prefixed constants to UC_
bc8e465 types: fix wrong assert() on tearing down object trees
853b9f1 vm: fix potential invalid memory access in uc_vm_get_error_context()
6f05cdd lib: fix refcount imbalance in uc_require_path()
96f140b lib, vm: ensure that require() compiles modules only once
df5db5f compiler: don't segfault on invalid declaration expressions
a97c7a1 lexer: transition into EOF state on unrecognized character
2a838d1 compiler: improve mapping of binary operator tokens to instructions
9872f65 vm: add support for I_LE and I_GE instructions
4e410c3 treewide: let uc_cmp() use instruction instead of token numbers
ce6081d lexer, vm: reorder token and instruction numbers
234a4f6 lib: implement b64enc() and b64dec() functions
856a0c0 lib: only consider context of calling function for callbacks
86fb130 lib: implement min() and max() functions
3e893e6 lib: pass-through "this" context to library function callbacks
42de7ab lib: implement `sourcepath()` function
05c80a7 lib: fix negative uc_index() return value on 32bit systems
9874562 lexer: implement raw code mode
3b665c8 lexer: drop value union from keyword table
44354cf lexer, compiler: separate TK_BOOL token into TK_TRUE and TK_FALSE tokens
5879bdf syntax: drop Infinity and NaN keywords
d4edadc lib: rename uc_lib_init() to uc_load_stdlib()
d81bad7 main, lib: move allocation of globals object into lib function
c4f4b38 main: simplify REQUIRE_SEARCH_PATH initialization
54ca3aa types: fix uninitialized memory on setting non-contiguous array indexes
cbc0d78 build: let require search patch default to CMAKE_INSTALL_PREFIX
5714705 syntax: introduce `const` support
ed32c42 compiler, lexer: add NO_LEGACY define to disable legacy syntax features
ff6811f syntax: implement `delete` as proper operator
5803d86 lib: implement wildcard() function
dfb7379 fs: implement chmod(), chown(), rename() and glob() functions
1ddf5b6 lexer: skip interpreter line in any source buffer
9951a00 build: lower minimum required CMake version to v3.13
7b81ab2 main: expose argv as global ARGV array to ucode scripts
7283a70 tests: rename misnamed testcases for consistency
3f80116 compiler: fix local for-loop initializer variable declarations
f20b56f compiler: properly parse slashes in parenthesized division expressions
5c4e1ea lib: implement regexp(), a function to construct regexp instances at runtime
e546bba lib: implement render(), an include variant capturing output in a string
0cb10c6 vm: implement mechanism to change output file descriptor
eb8a64d lib: fix uc_sort()
f1ffc9f vm: truncate long values after 60 chars in trace output
850612f compiler: properly handle break/continue in nested scopes
f0a9875 compiler: properly handle keyword in parenthesized property access expression
1660433 compiler: fix stack mismatch on compiling `use strict` statements
a36e0df syntax: implement support for 'use strict' pragma
827a34a vm, compiler: get rid of unused struct members
594cdf3 lib: implement assert()
c4d1648 lib: add support for pretty printing JSON to printf() and sprintf()
f2eaea3 lib: gracefully handle truncated format strings in uc_printf_common()
02629b8 lexer: fix infinite loop on parsing unterminated comments
2bc9bac lexer: fix infinite loop on parsing unterminated expression blocks
f73e201 lexer: fix infinite loop when parsing regexp literal at EOF
86b4863 compiler: fix segfault on parsing invalid pre/post increment expressions
0e24509 lib: fix reporting source context lines at EOF
e66b2ad compiler, lexer: improve lexical state handling
e29b574 lib: fix uc_split() quirks
64eec7f treewide: ISO C / pedantic compliance
4af803d build: output error messages on test failures
9ef693e vm: improve context for early errors
6def9fc tests: pass ucode library path through environment
d5dd183 treewide: address various sign-compare warnings
28825ac types: support creating ressource values without associated type
9c5106a types: fix potential memory leaks and null pointer accesses
c51934a types: fix potential leak of key in ucv_object_add()
7b28727 main: fix ineffective EOF check in parse()
4cf897c lib: uc_system(): fix invalid free() of non-heap memory
35af4ba treewide: rework internal data type system
f2c4b79 treewide: fix issues reported by clang code analyzer
93ededb tests: allow executing run_tests.sh from any directory
0e4a387 Add initial GitLab and GitHub CI support
df73b25 tests: add more tests
41d33d0 tests: custom: return exit code if tests fails
1c548a6 cmake: do not output binaries into lib directory
2b59097 tests: create custom tests from current tests cases
8039361 main: provide just binary name in help output
778e4f7 lexer: fix incomplete struct initializers
502ecdc cmake: enable extra compiler checks
3c2aeff cmake: fix includes and libraries
617a114 cmake: make 3.0 minimum version
f360350 lib: implement sleep(ms) function
7f0ff91 lib: allow parsing non-array, non-object value in json()
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Installing headers and static libraries to the target system seems
to be not required for most use cases, so let's factor them
out into a dedicated -dev package.
This cuts down to disk usage to around 50% of the original
package to ~ 2MB - not that disk space is an issue normally,
but when using inside an initramfs only project, it counts.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
When compiling busybox with GCC 10 and CONFIG_PKG_ASLR_PIE_ALL=y, there
are hundreds of errors like:
relocation R_MIPS16_26 against `xzalloc' cannot be used when making a
shared object; recompile with -fPIC
Simply solve this by no longer disabling PKG_ASLR_PIE, so that $(FPIC)
is properly added to the CFLAGS and LDFLAGS.
Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
Acked-by: Hauke Mehrtens <hauke@hauke-m.de>
When having two keys that start with the same characters and the second
key just has one character more nand_tffs_read and tffs_read return the
wrong value for the longer key. This is due to the usage of strncmp in
combination with the length of the shorter key which is usually first in
the list before the longer key and when strncmp matches, the search is
stopped. The problem only occurs when the length of the two keys is
different, not if just the last character is different. The fix is to
use strcmp and as such it will only return the value if the key (name)
and the key to look for (namefilter) have the same value and length. A
sample case returning wrong values is when keys macwlan and macwlan2 are
defined and querying macwlan2 returns the value for macwlan.
Signed-off-by: Daniel Kestrel <kestrel1974@t-online.de>
This partially reverts changes done in commit 72cc44958e ("treewide:
mark selected packages nonshared") as it removes the nonshared flag, but
keeps the PKG_RELEASE as the PKG_RELEASE bump while adding nonshared
flag was incorrect.
Unmark uci, ubus, libubox, lua, libnl-tiny and libjson-c as nonshared
packages as this fix attempt didn't worked out. Currently the
imagebuilder is broken again:
openwrt-imagebuilder-21.02.0-rc3-ipq40xx-generic.Linux-x86_64$ make image PROFILE=avm_fritzbox-7530 PACKAGES=luci-ssl-openssl
...
Collected errors:
* pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for luci-mod-status
* pkg_hash_fetch_best_installation_candidate: Packages for luci-mod-status found, but incompatible with the architectures configured
* pkg_hash_check_unresolved: cannot find dependency libiwinfo20210430 for rpcd-mod-iwinfo
* pkg_hash_fetch_best_installation_candidate: Packages for rpcd-mod-iwinfo found, but incompatible with the architectures configured
* satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-ssl-openssl:
* libiwinfo20210430
* opkg_install_cmd: Cannot install package luci-ssl-openssl.
Everything because iwinfo's ABI was changed two times since rc3 release:
+IWINFO_ABI_VERSION:=20210430
+IWINFO_ABI_VERSION:=20210420
Since iwinfo is marked as nonshared, it wasn't built by phase2 builders, but
luci-mod-status was already updated 2 times since rc3 and was thus rebuilt by
phase2 builders:
d1d452ed2fb3 luci-mod-status: don't set '-' hostname when creating static lease
95b3633055c1 luci-mod-status: switch to html table for wlan channel analysis
So now luci-mod-status depends on libiwinfo20210430 but only
libiwinfo20210106 can be downloaded. This is first part of the fix, in
the upcoming commit Jo is going to remove nonshared flag from iwinfo
package as well.
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035736.html
References: https://lists.infradead.org/pipermail/openwrt-devel/2021-July/035741.html
Acked-by: Jo-Philipp Wich <jo@mein.io>
Reported-by: Nick Hainke <vincent@systemli.org>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
sysntpd server becomes unavailable if the index of the bound
interface changes. So let's add an interface trigger to reload sysntpd.
This patch also adds the ability for the sysntpd script to handle
uci interface name from configuration.
Fixes: 4da60500ebd2 ("busybox: sysntpd: option to bind server to iface")
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
Reviewed-by: Philip Prindeville <philipp@redfish-solutions.com>
bzip2 adds about 8kb of size. For tiny builds it's often disabled.
It's not directly used by stock OpenWrt programs.
Kernel images compressed with bzip2 are also not fully supported.
Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
[fix \ indention]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Don't bail out from init script in case the GPS device is missing.
Some modems take time to come up, and some people may use things like
'kplex' to feed ugpsd. Hence it is better to always start ugpsd
unconditionally and let procd's respawn take care of retrying.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Mark uci, ubus, libubox, lua, libnl-tiny and libjson-c
as nonshared packages. This helps to keep coherent dependencies
if these ABI versioned packages are later updated.
Before this commit it is possible to get missing dependencies
in target-specific nonshared packages (like iwinfo) that depend
on these shared ABI versioned packages. If these are later updated
and rebuilt, only the new ABI version will be available for download,
while the target-specific packages in releases continue to depend on
the old ABI version.
After this commit the packages are built along the other nonshared
packages by the phase1 images buildbot and will be available at the
target/ download directories instead of packages/base dir. That will
help to keep a coherent set available.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
86ee86e nmea: parse $GPZDA sentences for date/time
8e12414 nmea: parse $GPGLL sentences for position
5e88403 ubus: display only available information
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The SRV was added some time ago and should be mentioned in the short
help message to avoid confusion about missing features.
Signed-off-by: Paul Spooren <mail@aparcar.org>
This marks all packages which depend on a target with @TARGET nonshared.
If they are not marked nonshared they would be build by the SDK build
and if this happens with a different SDK, then the SDK from the target
the package depends on, the package would not be added to the index.
This should fix the image builder for some of these packages.
This should fix the image builder at least for bcm27xx/bcm2710 and
bcm4908/generic.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This fixed b36b8b6929
("busybox: remove nslookup_lede/openwrt.patch")
It is likely dropped by mistake, This add back the changes
Signed-off-by: Chen Minqiang <ptpt52@gmail.com>
/etc/syslog.conf is used by sysklogd, and /etc/crontabs is used
by crond, both features of busybox. Given this, ownership for
these files should be bound to busybox, especially if one day
there's a way to do an in-place opkg update of busybox.
There's also the busybox provided syslogd which uses this file
if CONFIG_BUSYBOX_FEATURE_SYSLOGD_CFG is set.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
The nslookup_lede/openwrt applet was introduced in de5b8e5. It was
introduced because:
Add a new LEDE nslookup applet which is compatible with musl libc
and providing more features like ability to specify query type.
In contrast to busybox' builtin nslookup applet, this variant does
not rely on libc resolver internals but uses explicit send logic
and the libresolv primitives to parse received DNS responses.
In busybox this applet is added in 0dd3be8. In particular, this commit
introduces the variable NSLOOKUP_BIG. We set the default to true and
so nothing changes.
Signed-off-by: Nick Hainke <vincent@systemli.org>
On login busybox shows a timestamp per default contianing the build
date. Since the build date isn't reproducible per default this behaviour
was disabled by default via 34df4d40 "busybox: disable timestamp in
version".
This commit modifies busybox so that the printed timestamp reproducible
using SOURCE_DATE_EPOCH and therefore shouldn't be disabled anymore.
Before:
BusyBox v1.33.1 () built-in shell (ash)
After:
BusyBox v1.33.1 (2021-05-13 09:34:34 UTC) built-in shell (ash)
Signed-off-by: Paul Spooren <mail@aparcar.org>
use AUTORELEASE since BusyBox is often updaten and PKG_RELEASE is not
consistently bumped. Also use SPDX license headers to be machine
readable and bump the copyright year to 2021.
Signed-off-by: Paul Spooren <mail@aparcar.org>
PREFER_IPV4_ADDRESS is broken on IPv6-only hosts, as it causes busybox
utilities (ping, traceroute, ntpd) to forcibly use the A record instead of
the AAAA record when resolving a DNS name. This obviously fails when
there is no IPv4 connectivity. Since IPv6-only hosts or routers will only
become more common over time, disable PREFER_IPV4_ADDRESS to support this
use-case.
As a side-effect, disabling PREFER_IPV4_ADDRESS changes the default
resolution behaviour of busybox utilities on dual-stack hosts. Busybox
utilities now simply use the order given by getaddrinfo(), so they will
now prefer IPv6 addresses when resolving a name with both A and AAAA
records if there is IPv6 connectivity. This is in line with RFC 6724.
PREFER_IPV4_ADDRESS was likely intended to work around naive
implementations of getaddrinfo() that could return AAAA records first,
even on an IPv4-only host. But both musl (since 1.1.3) and glibc
correctly implement RFC 6724 for getaddrinfo() and check connectivity to
determine the correct order in which to return records. On IPv4-only
hosts, getaddrinfo() will return A records first, so there is no need for
the PREFER_IPV4_ADDRESS hack.
See also: https://bugs.busybox.net/show_bug.cgi?id=12381
Fixes: FS#84
Fixes: FS#2608
References: https://github.com/openwrt/openwrt/pull/4167
Signed-off-by: Alexander Traud <pabstraud@compuserve.com>
Signed-off-by: Baptiste Jonglez <git@bitsofnetworks.org>
Before this commit, it was assumed that mkhash is in the PATH. While
this was fine for the normal build workflow, this led to some issues if
make TOPDIR="$(pwd)" -C "$pkgdir" compile
was called manually. In most of the cases, I just saw warnings like this:
make: Entering directory '/home/.../package/gluon-status-page'
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
bash: line 1: mkhash: command not found
[...]
While these were only warnings and the package still compiled sucessfully,
I also observed that some package even fail to build because of this.
After applying this commit, the variable $(MKHASH) is introduced. This
variable points to $(STAGING_DIR_HOST)/bin/mkhash, which is always the
correct path.
Signed-off-by: Leonardo Mörlein <me@irrelefant.net>
Add support for querying and parsing SRV DNS records to nslookup_lede.c
This patch is based on http://lists.busybox.net/pipermail/busybox/2019-June/087359.html
Signed-off-by: Perry Melange <isprotejesvalkata@gmail.com>
[reword subject, bump PKG_RELEASE]
Signed-off-by: Paul Spooren <mail@aparcar.org>
This backports a fix for the low priority CVE-2021-28831:
decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit
on the huft_build result pointer, with a resultant invalid free or
segmentation fault, via malformed gzip data.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
bcm4908img is a tool managing BCM4908 platform images. It's used for
creating them as well as checking, modifying and extracting data from.
It's required by both: host (for building firmware images) and target
(for sysupgrade purposes). Make it a host/target package.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
973cc6c compiler: actually expand block scope fix to for/while alt syntax
97bf297 compiler: ensure that alternative if/for/while syntax has own block scope
f0e2a64 tests: add missing test case for fixed switch codegen
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
d464187c policycoreutils: sestatus belongs to bin not sbin
d59932a7 policycoreutils: Resolve path in restorecon_xattr
5682c0d5 policycoreutils/fixfiles.8: add missing file systems and merge check and verify
57dd1f65 policycoreutils/setfiles: Drop unused nerr variable
be7f54cb setfiles: drop ABORT_ON_ERRORS and related code
9207823c setfiles: Do not abort on labeling error
c064d214 selinux_config(5): add a note that runtime disable is deprecated
8bc865e1 newrole: support cross-compilation with PAM and audit
ba2d6c10 fixfiles: correctly restore context of mountpoints
Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
NTPD in busybox has option -I to bind server to IFACE.
However, capabilities of the busybox are limited, the -I option cannot be
repeated and only one interface can be effectively specified in it.
This option is currently not configurable via UCI.
The patch adds an interface option to the system config, ntp section.
Also sort options for uci_load_validate alphabetically.
Signed-off-by: Alexey Dobrovolsky <dobrovolskiy.alexey@gmail.com>
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
After the ABI version rework, packages need to be declared in the order of
their dependencies, so that dependent packages will use the right ABI version
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The first two are useless as /bin/sh can execute those scripts just
fine. Shellcheck reports no problems.
Telnetd patch is useless as telnet is no longer used in OpenWrt.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Remove stime backport.
Remove static libgcc patch as upstream fixed it with
BUSYBOX_DEFAULT_STATIC_LIBGCC which defauls to off.
Remove date -k patch as it no longer applies. It's also pointless as
busybox' hwclock utility can do the same thing.
Remove ntpd patch as that seems to have been applied upstream.
Add smalll patch fixing compilation with SELinux. Upstream commit
2496616b0a8d1c80cd1416b73a4847b59b9f969a renamed the variable without
renaming it in the SELinux path.
Refresh config and patches.
Config refresh:
Refresh commands, run after busybox is first built once:
cd package/utils/busybox/config/
../convert_menuconfig.pl ../../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0
cd ..
./convert_defaults.pl < ../../../build_dir/target-mips_24kc_musl/busybox-default/busybox-1.33.0/.config > Config-defaults.in
Manual edits needed afterward:
* Config-defaults.in: OpenWrt config symbol IPV6 logic applied to
BUSYBOX_DEFAULT_FEATURE_IPV6
* Config-defaults.in: OpenWrt configTARGET_bcm53xx logic applied to
BUSYBOX_DEFAULT_TRUNCATE (commit 547f1ec)
* editors/Config.in: Add USE_GLIBC dependency to
BUSYBOX_CONFIG_FEATURE_VI_REGEX_SEARCH (commit f141090)
* shell/Config.in : change at "Options common to all shells" the symbol
SHELL_ASH --> BUSYBOX_CONFIG_SHELL_ASH
(discussion in http://lists.openwrt.org/pipermail/openwrt-devel/2021-January/033140.html
Apparently our script does not see the hidden option while
prepending config options with "BUSYBOX_CONFIG_" which leads to a
missed dependency when the options are later evaluated.)
* Edit Config.in files by adding quotes to sourced items in
config/Config.in, networking/Config.in and util-linux/Config.in (commit 1da014f)
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
[Added comments from Hannu Nyman to commit message]
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Replace with sed as done elsewhere.
Fixes error with at least btrfs-progs:
Package '@LIBSELINUX@', required by 'mount', not found
Package '@LIBCRYPTSETUP@', required by 'mount', not foun
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Certificate signature algorithm was being set after call to
`wc_MakeCert`, resulting in a mismatch between specified signature in
certificate and the actual signature type.
Signed-off-by: Jeffrey Elms <jeff@wolfssl.com>
[fix commit subject, use COMMITCOUNT]
Signed-off-by: Paul Spooren <mail@aparcar.org>
For glibc, lua needs an explicit link to libdl as glibc has it separate
Fixes the following error in at least collectd:
ld: usr/lib/liblua.so: undefined reference to `dlopen'
ld: usr/lib/liblua.so: undefined reference to `dlclose'
ld: usr/lib/liblua.so: undefined reference to `dlerror'
ld: usr/lib/liblua.so: undefined reference to `dlsym'
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This package is not needed in base. It will be imported in the packages
feed.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Acked-by: Paul Spooren <mail@aparcar.org>
The package `usbutils` already offers an USB reset function, this
package is therefore not really required standalone.
CC: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Paul Spooren <mail@aparcar.org>
The build option `--withouth-lzo` is added in the Makefile which makes
the existence of lzo obsolete. To remove the lzo package from
openwrt.git entirely, remove the legacy dependency.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[improved commit message]
Signed-off-by: Paul Spooren <mail@aparcar.org>
Similar to the previous commit adding a check to the init script of
umdns, do a similar change for sysntpd, just to be on the safe side.
Inspired-by: 520403cd49 ("umdns: add check for seccomp list")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Enable busybox's find -mmin time support, which is extremely small,
however also very useful in scripts:
72d1a2357d
Comparing package sizes...
Change Local Remote Package
+7 229009 229002 busybox
Signed-off-by: Lukas Tribus <lukas@ltri.eu>
[fix commit message long line and missing size change]
Signed-off-by: Paul Spooren <mail@aparcar.org>
On some systems I see the issue that crond dies after a few days.
Simply letting procd respawn the process is a simple safety-net.
Signed-off-by: Bruno Randolf <br1@einfach.org>
ntpd in packages feed had already a user 'ntp' with UID 123 declared.
Rename the username of busybox-ntpd to be 'ntp' instead of 'ntpd' so
it doesn't clash.
Reported-by: Etienne Champetier <champetier.etienne@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of duplicating the '/sbin/setfiles' binary, have
'/sbin/restorecon' as yet another alias for
'/sbin/policycoreutils-setfiles'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add missing dependency for target build of seclic which requires
libsepol (just like the host build requires libsepol/host).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Add missing build dependency to both host and target build. The `msgfmt`
is required which is missing without gettext-full.
Signed-off-by: Paul Spooren <mail@aparcar.org>
By installing policycoreutils to host/bin it is also available within
the ImageBuilder and SDK, allowing to correctly label both filesystems
and packages.
Signed-off-by: Paul Spooren <mail@aparcar.org>
'setfiles' and others should be installed to $(STAGING_DIR_HOSTPKG)/bin
rather than $(...)/sbin which isn't in PATH.
Also using -Wl,-rpath to set library search location instead of setting
LD_LIBRARY_PATH when calling setfiles in image.mk.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of vaguely describing dependencies in the package description
actually split-up into individual packages, each with their
dependencies expressed accurately.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When the libmagic from the file package in the packages feed was also
compiled and provided its libmagic.so file, util-linux tried to link
against it. Avoid this by explicitly disable libmagic support.
This fixes the following build error:
Package more is missing dependencies for the following libraries:
libmagic.so.1
Fixes: 36d9ed360a ("util-linux: update to 2.36")
Acked-by: Sebastian Kemper <sebastian_ml@gmx.net>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
[Add commit description]
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
