Commit Graph

747 Commits

Author SHA1 Message Date
Felix Fietkau
8f4e31ea6e fwtool: add support for extracting the truncated data part to stdout
This allows extracing the firmware + metadata from a signed firmware without
altering the original image file

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-02-12 16:41:38 +01:00
Felix Fietkau
d5681e45f0 fwtool: do not strip metadata if extracting signature
This allows the signature to cover the metadata area

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2019-02-12 16:41:38 +01:00
Jo-Philipp Wich
40bb2ae211 opkg: update to latest Git head
d4ba162 libopkg: only perform size check when information is available

Fixes: e079591b84 ("opkg: update to latest Git head")
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-31 10:23:20 +01:00
Jo-Philipp Wich
e079591b84 opkg: update to latest Git head
cb66403 libopkg: check for file size mismatches

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-31 08:52:51 +01:00
David Bauer
1e06482f7d mtd: add logic for TP-Link ramips recovery magic
This adds an option to set the recovery flag of newer TP-Link MediaTek
boards and remove it after a successful write.

To make use of this feature, add the '-t' option to mtd-write.

The '-t' option takes the mtd partition containing the recovery flag
(usually 'romfile') as an argument. Make sure this partition is not
flagged as read-only!

Example:
 > mtd -t romfile write owrt.bin firmware

This command writes the recovery-flag before it begins writing the image
to the firmware partition. After the image-write has been successful,
the recovery flag is removed.

This way, the TP-Link web-recovery is automatically enabled on an
unsucessful flash (e.g. power loss).

This option is only available if the mtd package is compiled for the
ramips target.

Signed-off-by: David Bauer <mail@david-bauer.net>
2019-01-26 21:46:32 +01:00
Oever González
c43acdf342 mtd: add linksys_bootcount to the ipq40xx target
This commit adds the object 'linksys_bootcount_fix.o' to the ipq40xx
target.

This is needed for the Linksys EA6350v3 device. Without this patch, the
device will switch-back between the current and the last flashed firmware
every 3 (three) reboots. With this patch, the device works as expected.

Signed-off-by: Ryan Pannell <ryan@osukl.com>
Signed-off-by: Oever González <notengobattery@gmail.com>
2019-01-26 21:43:06 +01:00
Hans Dedecker
e906a75e67 procd: update to latest git HEAD
e2b055e hotplug.c: Make sure hotplug buffer is NULL terminated

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2019-01-24 22:54:13 +01:00
Jo-Philipp Wich
0e70f69a35 treewide: revise library packaging
- Annotate versionless libraries (such as libubox, libuci etc.) with a fixed
  ABI_VERSION resembling the source date of the last incompatible change
- Annotate packages shipping versioned library objects with ABI_VERSION
- Stop shipping unversioned library symlinks for packages with ABI_VERSION

Ref: https://openwrt.org/docs/guide-developer/package-policies#shared_libraries
Ref: https://github.com/KanjiMonster/maintainer-tools/blob/master/check-abi-versions.pl
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-24 10:39:30 +01:00
Jeffery To
d13e86d4c2 procd: Add wrapper for uci_validate_section()
This adds a wrapper (uci_load_validate) for uci_validate_section() that
allows callers (through a callback function) to access the values set by
uci_validate_section(), without having to manually declare a
(potentially long) list of local variables.

The callback function receives two arguments when called, the config
section name and the return value of uci_validate_section().

If no callback function is given, then the wrapper exits with the value
returned by uci_validate_section().

This also updates several init scripts to use the new wrapper function.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2019-01-22 09:05:59 +01:00
Matthias Badaire
cf8483cb4f fstools: media change detection (eg:sdcard) using kernel polling
Linux kernel has a polling mechanism that can be activated by changing
the parameter /sys/module/block/parameters/events_dfl_poll_msecs which
is deactivated by default or the /sys/block/[device]/events_poll_msecs
for one device.

This patch set the events_poll_msecs when a disk is inserted.
Once the media disk change event is sent by the kernel then we force a
re-read of the devices using /sbin/block info.

With this patch, insertion and ejection of sd card will automatically
generate partition devices in /dev.

Signed-off-by: Matthias Badaire <mbadaire@gmail.com>
[rewrap commit message, fix bashisms, fix non-matching condition,
 bump pkg release]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-22 08:49:36 +01:00
Jo-Philipp Wich
797e5c1c48 packages: set more explicit ABI_VERSION values
In the case of upstream libraries, set the ABI_VERSION variable to the
soname value of the first version version after the last backwards
incompatible change.

For custom OpenWrt libraries, set the ABI_VERSION to the date of the
last Git commit doing backwards incompatible changes to the source,
such as changing function singatures or dropping exported symbols.

The soname values have been determined by either checking
https://abi-laboratory.pro/index.php?view=tracker or - in the case
of OpenWrt libraries - by carefully reviewing the changes made to
header files thorough the corresponding Git history.

In the future, the ABI_VERSION values must be bumped whenever the
library is updated to an incpompatible version but not with every
package update, in order to reduce the dependency churn in the
binary package repository.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-19 14:31:51 +01:00
Jo-Philipp Wich
1bd18f2b5c opkg: update to latest Git head
This update fixes some cosmetical issues and a number of segmentation
faults when parsing lists having Conflicts or Replaces tags.

d217daf libopkg: fix replacelist parsing and writing
9dd9a07 libopkg: fix segmentation fault when traversing conflicts
34571ba libopkg: consider provided packages in pkg_vec_mark_if_matches()
18740e6 opkg_download: print error when fork() fails
e3d7330 libopkg: don't print unresolved dependencies twice

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2019-01-19 14:31:46 +01:00
Rafał Miłecki
5c4277ec37 fstools: update to the latest master branch
This is a big block(d) cleanup with new feature of generating "mount"
hotplug.d events.

It's an important update for those who were using mountd in the
pre-18.06 releases. Due to the mountd being replaced with blockd a
support for "mountd" hotplug.d events has been lost. It broke all kind
of shell scripts that were e.g. managing services depending on an
external USB drive availability.

This basically (re-)adds support for calling /etc/hotplug.d/mount/
scripts with ACTION ("add" or "remove") and DEVICE set.

af93f4b block(d): improve hotplug.d "mount" events for the autofs
3bb3352 blockd: unmount device explicitly when it disappears
28753b3 block: remove target directory after unmounting
c8c7ca5 block: cleanup handling "start" action of the "autofs" command
f1bb762 block: make blockd_notify() return an int instead of void
71c2bde block: generate hotplug.d mount events
30f5096 block: validate amount of arguments for the "autofs" command
dc6a462 blockd: don't reparse blob msg in the vlist callbacks
f6a9686 blockd: don't unmount device when removing it from the list
1913fea block: don't duplicate unmounting code in the mount_action()
6b445fa block: make umount_device() function more generic
a778468 block: don't duplicate mounting code in the mount_device()
5dc631d block: simplify code picking mount target directory
2971779 block: move blockd_notify() call out of the conditional blocks
b86bd6e block: fix formatting & indent in the mount_device()
e12c0d6 fstools: use EXIT_FAILURE when indicating error on exit
091aa3d fstools: guard usage of WEXITSTATUS

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2019-01-02 07:21:39 +01:00
Jonas Gorski
d3bf5ff9bc opkg: drop argument from check_signature in opkg.conf
check_signature is a bool option and doesn't take any arguments. The
presence of the 1 falsely suggests setting it to 0 disables the check,
while the option actually needs to be removed or commented out to be
disabled. So remove the argument to make it more clear.

Fixes: beca028bd6 ("build: add integration for managing opkg package feed keys")
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
2018-12-30 13:25:58 +01:00
Stijn Tintel
b209e2b3b0 ubox: bump to git HEAD
876c7f5 kmodloader: load_modprobe: abort after 2 attempts

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>
2018-12-18 23:17:39 +02:00
Jo-Philipp Wich
e533fb1706 rpcd: update to latest Git head
3aa81d0 file: access exec timeout via daemon ops structure
7235f34 plugin: store pointer to exec timeout value in the ops structure
ccd7c0a treewide: rename exec_timeout to rpc_exec_timeout

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-12-12 16:33:54 +01:00
Hans Dedecker
c19f1a8665 procd: update to latest git HEAD
d667354 early: set /tmp permissions explicitly

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-23 15:27:35 +01:00
Jo-Philipp Wich
952b11766c rpcd: update to latest Git head
c79ef22 main: fix logic bug when not specifying a timeout option

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-11-22 16:30:38 +01:00
Jo-Philipp Wich
4105555115 rpcd: update to latest Git head
2cc4b99 file: use global exec timeout instead of own hardcoded limit
ecd1660 exec: increase maximum execution time to 120s

Also expose the socket and timeout options in /etc/config/rpcd for
easier use.

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-11-22 14:43:36 +01:00
Hans Dedecker
c97c672f9b procd: update to latest git HEAD
20192e4 watchdog: improve seting watchdog timeout and frequency

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-11-08 14:51:33 +01:00
Hans Dedecker
59db98d0f2 fstools: update to git HEAD
29e53af fstools: add ntfs support

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-21 20:48:36 +02:00
John Crispin
d24bdaa794 procd: update to latest git HEAD
94944ab procd: Add cpu string to board detection

Signed-off-by: John Crispin <john@phrozen.org>
2018-10-11 08:42:52 +02:00
John Crispin
3e8ef61c01 package/: fix $(PROJECT_GIT) usage
Signed-off-by: John Crispin <john@phrozen.org>
2018-10-11 08:42:52 +02:00
Rosen Penev
82d272efed procd: Install hotplug files as 600
procd runs as root, so it only makes sense that its files are restricted.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-10-11 08:06:43 +02:00
Rosy Song
0fa1dd71cc fstools: filter unknown action in mount.hotplug script
Signed-off-by: Rosy Song <rosysong@rosinson.com>
2018-10-07 21:34:13 +02:00
Hans Dedecker
f771a1b962 ubus: update to latest git HEAD
221ce7e ubusd_acl: event send access list support
da503db ubusd_acl: event listen access list support
c035bab ubusd_acl: rework wildcard support
73bd847 ubusd_event: move strmatch_len to ubus_common.h
0327a91 ubus/lua: add support for BLOBMSG_TYPE_DOUBLE

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-10-06 21:26:34 +02:00
Emil Muratov
bbf46c9f8f zram-swap: bump pkg version
Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2018-09-29 17:23:11 +02:00
Emil Muratov
70d3ffb47f zram-swap: Add "max compression streams" configuration option
Config option to limit maximum compression streams per zram dev for
multicore CPU's. This could be defined via 'zram_comp_streams' option in
the 'system' section of '/etc/config/system' file or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_streams=2 && uci commit
system'). Default is number of logical CPU cores.

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2018-09-29 17:23:11 +02:00
Emil Muratov
814cae7362 zram-swap: fix number of created zram devices for multicore CPU's
Use only one zram swap device of the specified $size instead of
[N x $size] devices for multicore CPUs Now zram module uses multiple
compression streams for each dev by default, so we do not need to create
several zram devs to utilize multicore CPUs.

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2018-09-29 17:23:11 +02:00
Emil Muratov
9edc1fe8ab zram-swap: fix zram dev reset for multicore cpu devices
* "zram stop" could reset up to $(num_of_cores) zram devices even if
   some of those were not mounted as swap dev's. This fix tries to
   enumerate mounted swap zram dev's before making a reset

 * remove hot-added zram devs on stop (except zram0)

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2018-09-29 17:23:11 +02:00
Emil Muratov
b9e89adfb7 zram-swap: compression algorithm configuration option
Compression algorithms for zram are provided by kernel crypto API, could
be any of [lzo|zl4|deflate|<some_more>] depending on kernel modules.
Compress algo for zram-swap could be defined via 'zram_comp_algo' option
in 'system' section of '/etc/config/system' file, or via cli (for e.x.
with 'uci set system.@System[0].zram_comp_algo=lz4 && uci commit
system'). check available algo's via 'cat /sys/block/zram0
/comp_algorithm'

Signed-off-by: Emil Muratov <gpm@hotplug.ru>
2018-09-29 17:23:11 +02:00
Samuel Casa
65e9561b3d zram-swap: Shell cosmetic
Signed-off-by: Samuel Casa <samuel.casa@neratec.com>
2018-09-24 19:08:59 +02:00
Samuel Casa
b291517fdf zram-swap: remove trailing whitespaces in init script
Signed-off-by: Samuel Casa <samuel.casa@neratec.com>
[slightly reword subject]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-09-24 19:08:59 +02:00
Rosen Penev
4ad87744fa fstools: Install mount.hotplug and 10-fstab.defaults as 600
Both of these are used by programs that run as root and nothing else.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
2018-09-19 09:41:28 +01:00
Mike McCormack
e8cbfedc72 ucert: work around short read
usign occasionally writes 16 characters then exits without writing a LF,
leaving ucert hanging waiting for more input.  Accept 16 characters
or more rather than 17 to work around the short read.

Signed-off-by: Mike McCormack <mike@atratus.org>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-09-18 13:51:09 +02:00
Jo-Philipp Wich
8c91807214 rpcd: update to latest git HEAD
41333ab uci: tighten uci reorder operation error handling
f91751b uci: tighten uci delete operation error handling
c2c612b uci: tighten uci set operation error handling
948bb51 uci: tighten uci add operation error handling
51980c6 uci: reject invalid section and option names

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-16 09:43:11 +02:00
Yousong Zhou
3493c1cf41 uci: bump to source date 2018-08-11
Fixes segfault when parsing malformed delta lines

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-08-11 12:04:31 +00:00
Jo-Philipp Wich
cc21dab6cc ucert: update to lastest git HEAD
Update to latest HEAD in order to fix a stack memory corruption issue:

1056e73 Change the sigb buffer to be the same size as the fread

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-08-08 19:52:13 +02:00
Daniel Golle
7a52ce3faf ucert: update source
ad816fc set rpath to make bundle-libraries.sh happy
 63ad591 blob_buf needs to be zero'd

Now that libubox, libjson-c and libblobms_json are installed into
STAGING_DIR_HOST we can properly bundle ucert in the ImageBuilder.
Follow-up commits will make use of it to include a signature-chain in
sysupgrade images using fwtool.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-08-07 23:20:18 +02:00
Hans Dedecker
9537c1a153 procd: update to latest git HEAD
e29966f Allow disabling seccomp or changing the whitelist
5f57223 trace: Use properly sized type for PTRACE_GETEVENTMSG
747efb6 procd: fix ustream deadlock when there are 0 bytes or no newlines

Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
2018-08-06 22:48:42 +02:00
Christian Schoenebeck
c89195eb25 ca-caertificates: remove myself as PKG_MAINTAINER
remove myself as PKG_MAINTAINER

Signed-off-by: Christian Schoenebeck <christian.schoenebeck@gmail.com>
2018-07-31 00:00:20 +02:00
Jo-Philipp Wich
7316515891 ubus: update to latest git HEAD
40e0931 libubus: pass an empty UBUS_ATTR_DATA block if msg is NULL on invoke

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
2018-07-26 16:48:07 +02:00
John Crispin
a5c3bbaf56 ubus: update to latest git HEAD
884be45 libubus: check for non-NULL data before running callbacks

Signed-off-by: John Crispin <john@phrozen.org>
2018-07-25 12:15:45 +02:00
Rafał Miłecki
82498a7f7a mtd: improve check for TRX header being already fixed
First of all lengths should be compared after checking all blocks for
being good/bad. It's because requested length may differ from a final
one if there were some bad blocks.

Secondly it makes sense to also compare crc32 since we already have a
new one calculated.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-15 23:27:09 +02:00
Rafał Miłecki
0f54489f75 mtd: support bad blocks within the mtd_fixtrx()
Reading MTD data with (p)read doesn't return any error when accessing
bad block. As the result, with current code, CRC32 covers "data" stored
in bad blocks.

That behavior doesn't match CFE's one (bootloader simply skips bad
blocks) and may result in:
1) Invalid CRC32
2) CFE refusing to boot firmware with a following error:
Boot program checksum is invalid

Fix that problem by checking every block before reading its content.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
2018-07-15 16:51:41 +02:00
Felix Fietkau
154c0c4006 ubus: compile with LTO enabled
Reduces total .ipk size by about 1k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-13 17:22:53 +02:00
Felix Fietkau
73fc67b614 procd: compile with LTO enabled
Reduces .ipk size on MIPS from 42k to 39k

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-13 17:22:53 +02:00
Felix Fietkau
e07ad61aec procd: update to the latest version, fixes gcc 8 build error
a0372ac procd: increase watchdog fd_buf storage size to fix gcc8 build error

Signed-off-by: Felix Fietkau <nbd@nbd.name>
2018-07-11 18:34:59 +02:00
Yousong Zhou
191078e83d ca-certificates: ca-bundle: add symlink for openssl default setting
OpenSSL defaults X509_CERT_FILE to /etc/ssl/cert.pem.  This change is
needed for wget-ssl and possibly others to work seamlessly with fresh
ca-bundle installation

Fixes openwrt/packages#6152

Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
2018-07-07 18:19:39 +02:00
Daniel Golle
f47d7df6a8 ucert: fix build
set PKG_BUILD_DIR before including package.mk to avoid problems as
seen on buildbot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
2018-06-15 08:57:44 +02:00