2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s
Also expose the socket and timeout options in /etc/config/rpcd for
easier use.
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
221ce7e ubusd_acl: event send access list support
da503db ubusd_acl: event listen access list support
c035bab ubusd_acl: rework wildcard support
73bd847 ubusd_event: move strmatch_len to ubus_common.h
0327a91 ubus/lua: add support for BLOBMSG_TYPE_DOUBLE
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Config option to limit maximum compression streams per zram dev for
multicore CPU's. This could be defined via 'zram_comp_streams' option in
the 'system' section of '/etc/config/system' file or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_streams=2 && uci commit
system'). Default is number of logical CPU cores.
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Use only one zram swap device of the specified $size instead of
[N x $size] devices for multicore CPUs Now zram module uses multiple
compression streams for each dev by default, so we do not need to create
several zram devs to utilize multicore CPUs.
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
* "zram stop" could reset up to $(num_of_cores) zram devices even if
some of those were not mounted as swap dev's. This fix tries to
enumerate mounted swap zram dev's before making a reset
* remove hot-added zram devs on stop (except zram0)
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
Compression algorithms for zram are provided by kernel crypto API, could
be any of [lzo|zl4|deflate|<some_more>] depending on kernel modules.
Compress algo for zram-swap could be defined via 'zram_comp_algo' option
in 'system' section of '/etc/config/system' file, or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_algo=lz4 && uci commit
system'). check available algo's via 'cat /sys/block/zram0
/comp_algorithm'
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
usign occasionally writes 16 characters then exits without writing a LF,
leaving ucert hanging waiting for more input. Accept 16 characters
or more rather than 17 to work around the short read.
Signed-off-by: Mike McCormack <mike@atratus.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Update to latest HEAD in order to fix a stack memory corruption issue:
1056e73 Change the sigb buffer to be the same size as the fread
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
ad816fc set rpath to make bundle-libraries.sh happy
63ad591 blob_buf needs to be zero'd
Now that libubox, libjson-c and libblobms_json are installed into
STAGING_DIR_HOST we can properly bundle ucert in the ImageBuilder.
Follow-up commits will make use of it to include a signature-chain in
sysupgrade images using fwtool.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
e29966f Allow disabling seccomp or changing the whitelist
5f57223 trace: Use properly sized type for PTRACE_GETEVENTMSG
747efb6 procd: fix ustream deadlock when there are 0 bytes or no newlines
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
First of all lengths should be compared after checking all blocks for
being good/bad. It's because requested length may differ from a final
one if there were some bad blocks.
Secondly it makes sense to also compare crc32 since we already have a
new one calculated.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Reading MTD data with (p)read doesn't return any error when accessing
bad block. As the result, with current code, CRC32 covers "data" stored
in bad blocks.
That behavior doesn't match CFE's one (bootloader simply skips bad
blocks) and may result in:
1) Invalid CRC32
2) CFE refusing to boot firmware with a following error:
Boot program checksum is invalid
Fix that problem by checking every block before reading its content.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem. This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation
Fixesopenwrt/packages#6152
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
ucert is a wrapper around usign to allow delegation and revocation of
public keys for future use in sysupgrade.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This work was sponsored by WIO (wiowireless.com)
If log_file is specified, make sure its directory exists.
Signed-off-by: Karl Palsson <karlp@etactica.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com> [PKG_RELEASE increase]
The mtd tool is built with different configurations depending on the
target. For example, brcm47xx adds the fixtrx subcommand, without which
an image fails when booting the second time.
Mark the mtd package as nonshared to really fix FS#484.
Signed-off-by: Mirko Parthey <mirko.parthey@web.de>
dd02dad fstools: allow the mounting with full access time accounting
242248c fstools: allow to compress the filesystem
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Mounting using the zlib compression and mounting with
full access accounting are now available in the
menuconfig.
Signed-off-by: Pierre Lebleu <pme.lebleu@gmail.com>
8206219 uci: fix memory leak in rpc_uci_replace_savedir()
10f7878 exec: close stdout and stderr streams on child signal
92d0d75 uci: use correct sort index when reordering sections
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
When a partition offset is given, it is used in an lseek call, which
affects write, but not erase. Add it to the offset for erase calls as
well
Signed-off-by: Felix Fietkau <nbd@nbd.name>
e243683 libfstools: move mount points when switching to JFFS2
3782b59 libfstools: add "const" to char pointer arguments in mount_move()
79721f0 libfstools: fix foreachdir() to pass dir with a trailing slash
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Changes since last version
dfb68f8 service: initialize supplementary group ids
3db4e6d service: add func for string config change check
c3faabe procd: get rid of putenv usage.
The supplementary group id change fixes FS#988
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5d2bf09 uci: fix a potential use-after-free in uci_set()
3b3d63e list: only record ordering deltas if element position changed
4c4d343 cmake: Fix cli shared linking against ubox
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
128bc35 logread: fix reconnect logd logic
66347ec logread: move the code setting up the request blob out of the main loop
975a258 logread: move output connection setup code out of main loop
b81bea7 logread: cleanup pid file handling
d73e7d2 ubox: Replace strerror(errno) with %m format.
Signed-off-by: John Crispin <john@phrozen.org>
D-Link DAP-1522 is a wireless bridge/access point with 4 LAN
ports and a dual-band wireless chipset.
Specifications:
- Ralink RT2880
- 32 MB of RAM
- 4 MB of Flash
- 4x 10/100/1000 Mbps Ethernet (RTL8366SR)
- 802.11abgn (RT2850)
Flash Instructions:
1. Download lede-ramips-rt288x-dap-1522-a1-squashfs-factory.bin
2. Open the web interface and upload the image
Signed-off-by: George Hopkins <george-hopkins@null.net>
Add tool to "compile" Intel microcode files. The tool will be
compiled for host (to split the microcode.dat) and for target
(to forcibly reload the microcode if required).
Instead of using the large microcode.bin/microcode-64.bin, the
splitted ucode files (separate for CPU families) will be
installed.
Signed-off-by: Zoltan HERPAI <wigyori@uid0.hu>
This fixes the following errors when doing "make package/install"
/home/yousong/git-repo/lede-project/lede/build_dir/target-mips_24kc_musl/root-malta/lib/functions/procd.sh: line 47: /home/yousong/git-repo/l
ede-project/lede/build_dir/target-mips_24kc_musl/root-malta/var/lock/procd_urandom_seed.lock: No such file or directory
flock: 1000: Bad file descriptor
Fixes FS#1260
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
5bae22e ubus/lua: pass notification name to callback
212ceb1 valgrind complained about these
d57907c fix invalid close() call
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
18090d9 overlay: fix compilation with glibc
2a9a6ea libfstools: optimize building directory string for glob
de6b026 libfstools: support file paths longer than 255 chars
Signed-off-by: John Crispin <john@phrozen.org>
2a9a6ea libfstools: optimize building directory string for glob
de6b026 libfstools: support file paths longer than 255 chars
Signed-off-by: John Crispin <john@phrozen.org>
When using the uci.sh wrapper, allow parameters to match those supported
by the uci binary i.e. "uci rename <config>.<section>[.<option>]=<name>".
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
Usage documentation for 'procd_send_signal' states "The signal is SIGHUP
by default, and must be specified by NAME." Make actual behaviour match
the stated documented behaviour.
https://wiki.openwrt.org/inbox/procd-init-scripts
Suggested-by: Jo-Philip Wich <jow@mein.io>
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
a5954cf procd: Add %m to several functions that return errno.
810d7a5 procd: Remove redundant errno variable in several printf functions.
fa5ce1c procd: Replace strerror(errno) with %m.
Signed-off-by: John Crispin <john@phrozen.org>
11efbf3 overlay: fix race condition when switching to jffs2
bdeb95a libblkid-tiny: add support for NTFS superblock
ef2cc03 fstools: Replace strerror(errno) with %m format.
98fd5b4 libblkid-tiny: add support for UBI superblock
Signed-off-by: John Crispin <john@phrozen.org>
Use flock to protect init script from concurrent execution
(of the same script).
Important for services which generate native config files.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
5beb95d lua: additionally return name when looking up sections
ff33bb2 lua: support extended section notation
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Including version.mk sets PKG_CONFIG_DEPENDS to config entries used for
VERSION_SED command. We should keep these configs to make sure package
gets refreshed when needed.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
All the relevant options used for distfeeds.conf are part of base-files,
so it makes more sense to move the file there as well.
This has the added benefit that the we can share the opkg package again,
reducing the amount of target specific packages.
Acked-by: Jo-Philipp Wich <jo@mein.io>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
9c13096 ubus: Remove unnecessary memset calls.
6d1ea6c libubus: Fix deletion from context's object AVL tree when removing object
e02813b ubusd: don't free messages in ubus_send_msg() anymore
be146ad ubusd: rename goto label from `error` to `out`
27d712d ubusd_monitor: alloc & free the buffer outside of the loop
5f87f54 ubusd: move global retmsg per client
Signed-off-by: Felix Fietkau <nbd@nbd.name>
7a49632 logd: use uloop instead of ustream_fd for syslog
69d6542 logd: only create pipe in stream mode
df30c8c logread: terminate after EOF
bdcacad logd: implement oneshot mode for stream log read
4a10d4e logread: use oneshot mode without -f, wait for logd to close
ea3d7fa logd: enforce line length limit for ubus based log messages as well
960a29d logread: remove leftover debug code
a081904 logread: fix line buffer size
2c0d9cf logd: move stripping of newlines to log_add()
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Without this change, when a user disables seccomp support in .config,
procd does not get recompiled unless the package is cleaned manually.
It is because when -D option is missing from cmake command line, cmake
uses cached value from the previous run where seccomp was enabled.
Signed-off-by: Michal Sojka <sojkam1@fel.cvut.cz>
ee582d1 instance: properly compare and reload respawn config
260a4cd utrace: Start the tracee only after uloop initialization
520ad3c utrace: Switch all logging to ulog
1c48104 utrace: Support non-contiguous syscall numbers
582cf97 utrace: Forward SIGTERM to the traced process
32534f7 utrace: Report ptrace errors
ccde3fb seccomp: Improve error message
7f9b174 preload-seccomp: Use proper log level for error messages
e3c4302 Start seccomp-enabled services via seccomp-trace
5e4ad02 seccomp: Log seccomp violations with utrace
2661b2f utrace: Use PTHREAD_SEIZE instead of PTHREAD_TRACEME
b5d53c6 utrace: Deliver signals to traced processes
b416ed9 utrace: Support tracing multi-threaded processes and vfork
8b7d47a utrace: Trace processes across forks
c6b6ec6 utrace: Sort syscalls by number of invocations
592c532 Update trace attribute
c8faedc Do not disable seccomp when configuration is not found
017f3a1 utrace: Fix off-by-one errors
5acaf15 utrace: Fix environment initialization
Signed-off-by: John Crispin <john@phrozen.org>
b1bc8d5 kmodloader: log error message in case of out of memory
f346111 kmodloader: lift restriction on module alias info
f1ef2c3 kmodloader: fix possible segfaults
9cb63df kmodloader: fix endianess check
2cff779 kmodloader: Check module endian before loading
d54f38a kmodloader/get_module_info: initialized aliases to make it more clean
a0b6fef kmodloader: insmod: fix a memoryleak in error case
278c4c4 kmodloader/get_module_name: null-terminate the string
16f7e16 syslog: remove unnecessary sizeof struct between messages
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Properly quote the arguments so that you can register a service with TXT
entries that contains spaces.
Example:
procd_add_mdns myservice tcp 9999 "key=descriptive text field 1" \
"another=something equally verbose"
Output before:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp local
hostname = [blah.local]
address = [192.168.255.74]
port = [9999]
txt = ["verbose" "equally" "another=something" "1" "field" "text" "key=descriptive"]
Output now:
$ avahi-browse -r -v _myservice._tcp
_myservice._tcp local
hostname = [blah.local]
address = [192.168.255.74]
port = [9999]
txt = ["another=something equally verbose" "key=descriptive text field 1"]
Signed-off-by: Karl Palsson <karlp@etactica.com>
