Update ubox to latest Git head in order to import the following fixes:
14839f0 kmodloader: make insert_module() idempotent
6e3c6dc kmodloader: add module alias awareness
9371411 kmodloader: fix out-of-bound access when parsing .modinfo
a62c946 kmodloader: modprobe: skip possible command line arguments
46a4b5f kmodloader: log to kmsg when loading directories of modules
eacc426 kmodloader: remove redundant glob wildcard char
8488bb5 ubox: Initialize conditionally uninitialized variable
db070f1 ubox: Fix some memory leaks
acc48b5 kmodloader: Fix typo in error message
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This is how other Linux distributions are doing and kernel
modprobe_path[] of request_module() also has a default value of
/sbin/modprobe
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
A given signal-name is now converted to the corresonding number. In general
it's good style to use names (readability) and it's more portable: signal
numbers can be architecture-dependent, so we are more safe giving names.
A real world example is signal 10, which is BUS on ramips and USR1 on PPC.
All users of 'procd_send_signal' must change their code to reflect this.
Signed-off-by: Bastian Bittorf <bb@npl.de>
Clarify opkg's messages related to downloads:
* more visible error message for package list download failure
* separate error message for signature file download error
* if wget returns 4, signal the network error more clearly
* remove '.' from end of filenames and URLs
* try signature check only if the package list was downloaded ok.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
- Adds support for passing file descriptors in ubus invoke requests
- Fixes clearing pending timers on ubus_shutdown()
- Fixes checking the amount of written data in ubusd
- Fixes an ubusd crash when trying to subscribe to system objects
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Currently system log is always included as a part of ubox. Add logd as a
seperate package and add it to default packages list.
Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>
Signed-off-by: Luka Perkov <luka.perkov@sartura.hr>
opkg doesn't have BUILD_VARIANTs anymore, so the previously defined
PKG_BUILD_DIR would lead to a weird 'opkg-' path component.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
This reverts the following commits:
fbe522d120278ad007ee863888e44f96daf6352fcfd83555fc
This seems to trigger some mconf bugs when built with all feeds
packages, so I will try to find a less intrusive solution before the
release.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
It has never been used by default (due to being too bloated), and it is
properly replaced by usign (which has been the default for a long time
now).
Remove this feature to simplify the build system
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Brings in the following changes:
84b530a732b1 libfstools: Check return values for fread and system
Signed-off-by: Florian Fainelli <f.fainelli@gmail.com>
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.
Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.
This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.
Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Opkg's builtin decompression code is unsuitable to process nested archives as
it uses a single shared state and relies on undefined seek behaviour for pipes.
Rework the extraction logic to use the external gzip command as I/O filter for
decompressing data and remove the builtin inflate code entirely.
This shrinks the final opkg binary by about 4KB and results in less runtime
memory consumption due to efficient use of vfork() and less copy-on-write
operations in the forked child.
Rework by Felix: create a thread that relays data to the gzip process
instead of using a fragile poll loop
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Add procd_send_signal which allows to send an optional specified
kill signal to one specified or all instances of a given service.
By default SIGHUP is sent if no signal is specified
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Update procd to latest HEAD in order to introduce support for services signals:
- Adds a new service.signal ubus call to send a kill() signal to one or all
running instances of a given service
- Adds a new "reload_signal" property which allows service init scripts to
request procd to send a specific kill() signal on reload, instead of
stopping and restarting running processes
Also fixes some potential memory leaks reported by cppcheck and an environment
variable corruption in the trace command.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
To make sure we properly restart services on upgrade we need to
call the prerm script of the old package, in case the init script
changes (or vanishes).
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Allow scripts from the package to be upgraded to be aware of being
upgraded.
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
This will be used to append extra information to images which allows the
system to verify if an image is compatible with the system.
The extra data is appended to the end of the image, where it will be
ignored when upgrading from systems that do not process this data yet:
If the image is a squashfs or jffs2 image, the extra data will land
after the end-of-filesystem marker, where it will be overwritten once
the system boots for the first timee.
If the image is a sysupgrade tar file, tar will simply ignore the extra
data when unpacking.
The layout of the metadata/signature chunks is constructed in a way
that the last part contains just a magic and size information, so that
the tool can quickly check if any valid data is present without having
to do a pattern search throughout the full image.
Chunks also contain CRC32 information to detect file corruption, even
when the image is not signed.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
The libblkid probe support in fstools git head requires blkid/blkid.h for
compilation, so add a build dependency on util-linux which provides libblkid.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Commit f5c741b5e0 updated procd to a more recent version, but did not
change the hash of the tar. Update it to the one matching the file on
the download servers.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* Change git packages to xz
* Update mirror checksums in packages where they are used
* Change a few source tarballs to xz if available upstream
* Remove unused lines in packages we're touching, requested by jow- and blogic
* We're relying more on xz-utils so add official mirror as primary source, master site as secondary.
* Add SHA256 checksums to multiple git tarball packages
Signed-off-by: Daniel Engberg <daniel.engberg.lists@pyret.net>
Enable CONFIG_PROCD_ZRAM_TMPFS compatibility via two changes to list_cpu_idx():
* detect if /tmp is being used by /dev/zram0; if yes, offset initial value by 1 to skip first zram device.
* hot-add /dev/zram1, if not already present.
Signed-off-by: Conn O'Griofa >connogriofa@gmail.com>
This reverts commit 763f5d7873.
Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
This reverts commit 02e3c718e9.
Currently the vfork() code path in opkg is broken and relies on unsupported
ftello() / fseeko() operations on pipes - we need to restructure the code
before we can reconsider this approach.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
src/linksys_bootcount.c misses to include stdint.h.
Apparently musl doesn't mind and includes this header by default,
but glibc does not and causes the build to fail.
Signed-off-by: Josua Mayer <josua.mayer97@gmail.com>
sysupgrade immediately reboots after flashing an image and doesn't
allow to unmount filesystems. At least in case the image used for
sysupgrade is stored on a FAT formatted usb flash drive, the following
warning is printed during the next mount of the flash drive:
FAT-fs (sda1): Volume was not properly unmounted. Some data may be
corrupt. Please run fsck.
Although a data corruption during read operations is unlikely, there is
no need to scare the users.
Signed-off-by: Mathias Kresin <dev@kresin.me>
Open/close triggers array around service_triggers call to make using
multiple triggers easier to deal with.
The API was quite confusing, because some functions contained implicit
trigger open/close calls and some didn't.
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Fixes duplicate ubiblock entries being listed and improves
find_mount_point to also match against a block device's
major:minor numbers (needed e.g. for /dev/root).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Small cleanup. I initially though /dev/kmsg was used for dmsg(and journald
on desktops) but this seems not to be the case. dmsg is still accessible
as non-root(gives output) which begs the question what does this do? Some
googling reveals that permissions are set to 600 for some embedded systems
while 644 for others. I can't find any justification for the latter. Might
as well err on the side of caution.
Signed-off by: Rosen Penev <rosenp@gmail.com>
This changes the default permissions for /dev entries to be more similar to
a desktop distro. Taken from the defaults of Arch Linux and Ubuntu. Also
changed some that were nonsensical. For example, all 660 permissions on
desktop distros were of the form root:x where x is something other than
root. As such, 660 is useless for LEDE where the specific group is missing.
audio seems to be the only group that isn't.
Signed-off by: Rosen Penev <rosenp@gmail.com>
/etc/init.d/fstab had some warnings in it to let users know that they
should call "block mount" directly. these ended up in the bootlog.
fix this by splitting the code into boot() and start(). this way the system
will boot without warning but manually starting the script will lead to the
message.
fixes FS#3
Reported-by: Hannu Nyman <hannu.nyman@iki.fi>
Signed-off-by: John Crispin <john@phrozen.org>
Increase the default system log buffer size
from 16 kB (default both in logd source and in the startup script)
to 64 kB by adjusting the default value in startup script.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Some SSL applications requires a certificates bundle rather
than a directory containing certificates. For thos applications
we build the ca-bundle package
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
the recent fixes to make mount_root work during failsafe caused lots of
unwanted side effects. use the new preinit sentinel file to detect if
we are in preinit. this will also work if logged in via ssh.
Signed-off-by: John Crispin <john@phrozen.org>
Currently system log is always included as a part of ubox.
Add logd as a seperate package and add it to default packages list.
Signed-off-by: Andrej Vlasic <andrej.vlasic@sartura.hr>
SVN-Revision: 49285
So far fixtrx was calculating checksum over amount of data matching
partition erase size. It was mostly a workaround of checksum problem
after changing anything in initial TRX content (e.g. formatting JFFS2).
Its main purpose was to make bootloader accept modified TRX. This didn't
provide much protection of flash data against corruption.
This new option lets caller request calculating checksum over a bigger
amount of data. It may be used e.g. to include whole kernel data for
checksum and hopefully make bootloader go info failsafe mode if
something goes wrong.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
We plan to adjust usage of the main buffer to allow reading custom
amount of data for CRC32. This means we need another buffer that will be
always block aligned.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
1) Put sanity checks in one place
2) Respect provided offset
3) Read only as much data as needed for MD5 calculation
Thanks to the last change this is a great speedup and memory saver. On
devices with NAND flash we were allocating & reading about 128 MiB while
something about 8 MiB is enough.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
This avoid long (and unneeded) process of reading all data in case of
running on MTD not containig Seama entity.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
On platforms supporting both: TRX and Seama calling "fixtrx" was
resulting in trying to fix Seama as well.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Remove the public unatteded buildkey from the opkg package to avoid
having hardcoded keys in tree. Use the external keyring package instead
which can be easily updated by users.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When the same package file is specified multiple times on the opkg install
command line, the name pointer on the argv array becomes stale after the
package structures have been merged, leading to invalid memory accesses
upon install.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Respect user configured mount flags such as "ro" or "sync" when processing
external overlay mount points.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
SVN-Revision: 49223
procd from revision b12bb150ed38a4409bef5127c77b060ee616b860 supports
writing a pidfile. This adds support for setting that parameter with
standard init script hooks:
procd_set_param pidfile /var/run/someprocess.pid
Signed-off-by: Karl Palsson <karlp@etactica.com>
SVN-Revision: 48984
MD5s are shorter than SHA256, so reading buffer has to be bigger to read the
whole hash.
Signed-off-by: Michal Hrusecky <michal.hrusecky@nic.cz>
SVN-Revision: 48917
Extend /etc/config/system with a parameter to set the
default respawn retry for procd launched services that
have respawn enabled.
config service
option respawn_retry -1
All services that don't specify specific respawn parameters
will get their defaults added by procd.sh. If respawn_retry
is specified in /etc/config/system the default retry limit
will be set to this value by procd.
Signed-off-by: Helmut Schaa <helmut.schaa@googlemail.com>
SVN-Revision: 48915
The image_check currently fails when it cannot read all magic bytes in a
single chunk. But this can happen when the data are read from a pipe. This
currently breaks the openmesh.sh upgrade script with musl because it uses
dd with a blocksize of 1 to copy the image file to the mtd process.
The read can simply be repeated until enough bytes are read for the magic
byte check. It only stops when either an error was returned or 0 bytes were
read.
Signed-off-by: Sven Eckelmann <sven.eckelmann@open-mesh.com>
SVN-Revision: 48891
Opkg now uses sha256 by default and expects them. Making it optionally
understand md5s also and detect md5 sum so we can migrate from configuration
that used md5.
Signed-off-by: Michal Hrusecky <Michal.Hrusecky@nic.cz>
SVN-Revision: 48867
There are time that programs need to be notified of events from
subsystems that are not enumerated in the .json definition, e.g. QEMU
guest agent by default requires /dev/virtio-ports/org.qemu.guest_agent.0
which is a symlink to /dev/vportMpN from virtio-ports subsystem.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
SVN-Revision: 48799
Seama header has MD5 similarly to TRX and its CRC32. We need to update
it after replacing anything in Seama entity content to make bootloader
accept it.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48688
Recently TRX checking code was changed to detect Seama format and don't
abort whole writing operation because of it. This isn't a good long-term
solution. It's a poor idea to teach every format handler recognizing all
possible formats. Instead it should be handled in a generic code which
should run check depending on the detected format.
This will also allow further improvements like fixing formats other than
TRX after replacing JFFS2.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 48639
- update to latest version 20160104
- remove cpu dependency (PKGARCH:=all)
- set myself as package maintainer
Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
SVN-Revision: 48271
This fixes diverging executable search paths observed in programs
launched throughn etifd which in turn inherited the search path from
procd early on boot.
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 48235
Add 'platform_nand_pre_upgrade' callback to allow platform specific
preparation right before flashinng, when already in ramdisk.
Example uses might be setting correct values for CI_{KERNPART,UBIPART}.
Signed-off-by: Nikolay Martynov <mar.kolya@gmail.com>
SVN-Revision: 47879
Bump ubus to current Git HEAD in order to:
* Fix a null pointer access when user ACLs are loaded into memory
* Fix wrong permission handling for uid=0, gid!=0 peers
* Fix return code for permission defined cases
* Fix socket error handling when the server connection dies
* Make ACL file path configurable
* Remove invalid usages of poll() when using a zero timeout
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
SVN-Revision: 47816
This version fixes a potential uncontrolled format string problem. This
makes it possible to activate the format security check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47600
This version fixes a potential uncontrolled format string problem. This
makes it possible to activate the format security check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47599
This version fixes a potential uncontrolled format string problem. This
makes it possible to activate the format security check.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47598
I accidentally deactivated it. This should be set to active it in any case
independently what was set in the user config.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
SVN-Revision: 47587
Now we have all targets using platform_pre_upgrade (and calling
nand_do_upgrade directly) we don't need nand_upgrade_stage1 to be in
sysupgrade_pre_upgrade hooks anymore.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
SVN-Revision: 47489
This is done with existing code from the WRT1900AC port.
It makes sure the "auto_recovery" bootloader option is set,
and resets the s_env boot counter after a successful boot.
This gives users without a serial console connection some
measure of safety.
Signed-off-by: Claudio Leite <leitec@staticky.com>
SVN-Revision: 47433
Recently all targets have been updated to call nand_do_upgrade directly.
It's not needed anymore to leave a magic /tmp/sysupgrade-nand-path mark
during image check.
Signed-off-by: Rafał Miłecki <zajec5@gmail.com>
Acked-by: John Crispin <blogic@openwrt.org>
SVN-Revision: 47079
'opkg list' command only displays the available packages' name, version and
description. It would be useful to also see the approximate size of the
available package.
This patch extends "opkg list" command with "--size" to optionally show also
the *.ipk size.
* Default behaviour is to list the available packages as earlier:
"name - version - description"
* with "--size" the output of is "name - version - size - description".
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
SVN-Revision: 46980
this need to be applied after my work on ujail (procd git)
ujail doesn't depend on seccomp and some archs dont support seccomp
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
SVN-Revision: 46936