Rather than unconditionally adding busybox and procd to the set of
default packages, add busybox-selinux and procd-selinux in case
CONFIG_SELINUX is set.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Instead of duplicating the '/sbin/setfiles' binary, have
'/sbin/restorecon' as yet another alias for
'/sbin/policycoreutils-setfiles'.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The file /lib/functions/system.sh depends on find_mtd_index() and
find_mtd_part() located in /lib/function.sh, so let's source that
file.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
netifd does not handle network.@device[x].name properly if it
contains multiple ifaces separated by spaces. Due to this, board.d
lan_mac setup does not work if multiple ifaces are set to LAN by
ucidef_set_interface_lan.
To fix this, create a device node for each member iface when
running config_generate instead.
Signed-off-by: Sungbo Eo <mans0n@gorani.run>
[always use new scheme, extend description, change commit title]
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
If set, label MAC address is available from one of two sources,
device tree or board.json. So far, the function get_mac_label
was meant for retrieving the address, while an option in uci
system config was specified only for case 2 (board.json).
The uci config option has several drawbacks:
- it is only used for a fraction of devices (those not in DT)
- label MAC address is a device property, while config implies
user interaction
- label_macaddr option will only be set if /etc/config/system
does not exist (i.e. only for new installations)
Thus, this patch changes the behavior of get_mac_label:
Instead of writing the value in board.json to uci system config
and reading from this location afterwards, get_mac_label now
extracts data from board.json directly. The uci config option
won't be used anymore.
In addition, two utility functions for extraction only from DT
or from board.json are introduced.
Since this is only changing the access to the label MAC address, it
won't interfere with the addresses stored in the code base so far.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
For many devices, MAC addresses cannot be retrieved via the
device tree alias.
To still provide the label MAC address for those, this implements
a second mechanism that will put the address into uci config.
Note that this stores the actual MAC address, whereas in DTS
we reference the bearing device.
This is based on the work of Rosy Song <rosysong@rosinson.com>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
To refer to the MAC address on a device's label, one can
specify the alias label-mac-device in the DTS which should
point to the bearer of the corresponding MAC address.
With the function get_mac_label, the user can retrieve then
retrieve this address and use it as a value that uniquely
identifies his device.
This is severely helpful for several downstream functionalities,
e.g. define MAC addresses of custom netifs or change the SSID to
be easily recognizable.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
The actual retrieval of the MAC address in mtd_get_mac_binary_ubi()
is the same as in get_mac_binary(). Thus, use the latter function
in the former to reduce duplicate code.
This will also allow to benefit from the enhanced path check there
and bring mtd_get_mac_binary_ubi() more in line with the similar
mtd_get_mac_binary().
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Logic was inverted when changing from string check to file check.
Fix it.
Fixes: 8592602d0a ("base-files: Really check path in get_mac_binary")
Reported-by: Matthias Schiffer <mschiffer@universe-factory.net>
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Currently, path argument is only checked for being not empty.
This changes behavior to actually check whether path exists.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
vconfig has been disabled by default since 2015 [1] and there are
no remaining uses in entire OpenWrt trunk. However, we still set up
a specific name_type for it during boot.
While this setup is properly implemented to be only triggered when
vconfig is present, it still seems anachronistic and unnecessary
to set up a standard for a tool that is not used anymore.
Therefore, this removes the set_name_type initialization and leaves
it for those people actually using the tool to configure it as needed.
[1] 899a23227e ("busybox: improve applets & deprecate ifconfig, route")
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Due to filesystem write caching the old configuration data could stay
out of flash for a long time during a first boot after the sysupgrade.
Power loss during this period could damage the overlay data and even
make device inaccessable via the network.
Fix this by syncing data to a flash as soon as the previous
configuration will be unpacked after the sysupgrade. Also sync the FS
state after the sysupgrade.tgz archive removing to prevent duplicative
extraction of a previous configuration.
Tested with AMD Geode based board.
Signed-off-by: Sergey Ryazanov <ryazanov.s.a@gmail.com>
This changes the ide-disk LED trigger to the generic disk-activity as
ide-disk trigger was removed in upstream commit eb25cb9956cc ("leds:
convert IDE trigger to common disk trigger").
Signed-off-by: Thomas Albers <thomas.gameiro@googlemail.com>
[split into separate commit, commit description facelift]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
This replaces deprecated backticks by more versatile $(...) syntax.
This does not touch lib/upgrade/nand.sh, as there replacement is
not trivial.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
uci-defaults are sourced and non-executable, so they do not require
a shebang.
While at it, apply consistent naming scheme.
Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
For devices such as BTHOMEHUBV5A with both reset and restart buttons,
its easily accessible restart button has been assigned to KEY_POWER
power script to poweroff preventing accidental (or malicious) factory
resets by KEY_RESTART reset script. However an easily accessible button
immediately powering off the device is also undesirable.
Fixes: FS#1965
Signed-off-by: Alan Swanson <reiver@improbability.net>
Signed-off-by: Petr Štetiar <ynezz@true.cz> [long line wrap]
Restart is in default implemented so it calls stop and start. This is
pretty unsafe to call on umount service. This service should not do
anything on restart the same way as on start. Only use of this service
is on stop.
Signed-off-by: Karel Kočí <cynerd@email.cz>
This patch is in a series to allow additional STOP indexes after umount,
so that other block devices may stop cleanly.
boot is now STOP=90
umount is now STOP=90
Signed-off-by: Joseph Tingiris <joseph.tingiris@gmail.com>
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
"coreutil-date" package from the packages feed replaces the Busybox date
applet by symlinking /usr/bin/gnu-date to /bin/date. This prevents the system
init script from setting kernel timezone because the GNU date utility does not
provide such functionality:
root@OpenWrt:~# date -k
date: invalid option -- 'k'
Try 'date --help' for more information.
A specific reference to the Busybox date applet prevents alternative date
utilities from breaking the system init script.
Signed-off-by: Val Kulkov <val.kulkov@gmail.com>
This adds a wrapper (uci_load_validate) for uci_validate_section() that
allows callers (through a callback function) to access the values set by
uci_validate_section(), without having to manually declare a
(potentially long) list of local variables.
The callback function receives two arguments when called, the config
section name and the return value of uci_validate_section().
If no callback function is given, then the wrapper exits with the value
returned by uci_validate_section().
This also updates several init scripts to use the new wrapper function.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Part of the commit content is already in dropbear/files, procd/files,
ubox/files and busybox/files.
Commit ed5b9129d7 ("base-files: implement generic service_running")
has added EXTRA_HELP variable, thus overriding already available
EXTRA_HELP text available in other init scripts, resulting in the
missing help text from services like dropbear for example.
So fix this regression by appending EXTRA_HELP text provided by the
other init scripts into the one provided by the script itself.
Fixes: ed5b9129d7 ("base-files: implement generic service_running")
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
[commit title/description facelift, fixes tag, fixed From:, pkg bump]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Adds a default status action for init.d scripts.
procd "service status" will return:
0) for loaded services (even if disabled by conf or dead)
3) for inactive services
4) when filtering a non-existing instance
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
[rebased, cleaned up]
Signed-off-by: Petr Štetiar <ynezz@true.cz>
Part of the commit content is already in system/procd/files.
Purpose of these changes is to introduce a hook for post service
shutdown in a similar fashion to the existing hook service_started. I
found it to be useful to specify a hook that is called once the service
has been stopped and not before the service is stopped like the
stop_service hook does.
The concrete use case I have for this is that I'm running a binary that
takes over the hardware watchdog timer. Said binary unfortunately can
not use ubus directly to tell procd to hand over the watchdog timer so
this has to be done in the service file for the binary in question. In
order to support a clean handover of the watchdog timer back to procd,
the service init script has to dispatch the ubus invocation once the
binary in question has been stopped.
Signed-off-by: Arthur Skowronek <ags@digineo.de>
Signed-off-by: Petr Štetiar <ynezz@true.cz>
[added commit message, use the same form as other hooks]
Commit 124ab1dc0a and 5523ee3459 introduced the assignment of the
group "tty" to /dev/tty* devices in order to support unprivileged
user access to serial devices.
However, due to an improperly rebased commit this feature broke.
This patch restores the lost hunk in hotplug.json file to
re-introduce this feature and also renames the existing "tty" group
to "dialout" as this is the more typical name for such a group
on desktop systems.
Fixes: 5209cfa534 ("procd: fix hotplug.json syntax")
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Acked-by: Jo-Philipp Wich <jo@mein.io>
Part of the commit content is already in system/procd/files.
For devices without a dedicated 'diag' LED, we use sometimes one of
other LEDs for indicating at least 'boot', 'failsafe' and 'upgrade'
stages. In some cases, at the same time these LEDs have defined default
triggers in DTS using 'linux,default-trigger' property. Current 'diag'
setup removes the trigger and turns off 'boot' LED after bootup.
This patch extends 'diag.sh' and 'leds.sh' scripts to make sure default
trigger defined in DTS is restored for 'diag' LED which isn't used for
indicating 'running' stage.
Acked-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
Signed-off-by: Piotr Dymacz <pepe2k@gmail.com>
If you compile first libaudit library and then trace-cmd package,
compilations fails with:
Package trace-cmd is missing dependencies for the following libraries:
libaudit.so.1
If you enable libaudit for trace-cmd, it will show system name calls while using command profile.
Try to be slim as much as possible - libaudit .ipk has 42,4 kB.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
libzstd from the packages feed gets picked up. Remove it.
Fixes:
Package perf is missing dependencies for the following libraries:
libzstd.so.1
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Add missing build dependency to both host and target build. The `msgfmt`
is required which is missing without gettext-full.
Signed-off-by: Paul Spooren <mail@aparcar.org>
Add missing dependency for target build of seclic which requires
libsepol (just like the host build requires libsepol/host).
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
00a84c5 linux-firmware: Update AMD SEV firmware
71338c2 Merge branch 'for-master' of https://github.com/CosmicPenguin/linux-firmware into main
07367b9 linux-firmware: Update firmware file for Intel Bluetooth AX200
1d1586a linux-firmware: Update firmware file for Intel Bluetooth AX201
28b333d linux-firmware: Update firmware file for Intel Bluetooth 9560
db30380 linux-firmware: Update firmware file for Intel Bluetooth 9260
eb3aa1f Mellanox: Add new mlxsw_spectrum firmware xx.2008.1310
ec88f05 mediatek: update MT7915 firmware to 20200819
a9993f8 brcm: Fix a stale symlink for RPi3 model b+
f48fec4 qcom: Add updated a5xx and a6xx microcode
d5f9eea wl18xx: update firmware file 8.9.0.0.83
7a237c6 linux-firmware: mt7615: update firmware to 20200814 version
74bd44f amdgpu: add navi12 firmware from 20.30
b9f69cd amdgpu: update navi10 firmware for 20.30
Signed-off-by: David Bauer <mail@david-bauer.net>
Directly set path via MAKE vars instead of defning TESTTOOLS. This way
setfiles, which is required by the ImageBuilder, ends up in /host/bin
while checkpolicy can stay in hostpkg/bin.
Signed-off-by: Paul Spooren <mail@aparcar.org>
By installing policycoreutils to host/bin it is also available within
the ImageBuilder and SDK, allowing to correctly label both filesystems
and packages.
Signed-off-by: Paul Spooren <mail@aparcar.org>
The firmware for Wave1 chips was updated to the latest release
10.2.4-1.0-00047 at the end of 2019 (commit 513d70cc50b).
Package firmware for these chips from linux-firmware.
This avoids downloading the ath10k-firmware repository.
Signed-off-by: David Bauer <mail@david-bauer.net>
This commit add support for the yyets_le router.
Hardware Highlights:
SoC: Qualcomm IPQ4019 717 MHz
RAM: 512M NT5CC256M16ER-EK
Flash: 32M SPI NOR MX25L25635F
WIFI1: 2.4 GHz 2T2R integrated
WIFI2: 5 GHz 2T2R integrated
Ethernet: Qualcomm QCA8075 (4x LAN, 1x WAN)
USB: 1x 3.0
LEDS: power, wlan2g, wlan5g, usb
Button: Reset
Installation:
Upload the firmware on the upgrade page of the stcok, and this will take a few minutes.
This commit also supports the addition of a 128M nand flash version,
just use the P&W R619AC's opboot to overwrite the original uboot.
Signed-off-by: AmadeusGhost <amadeus@jmu.edu.cn>
'setfiles' and others should be installed to $(STAGING_DIR_HOSTPKG)/bin
rather than $(...)/sbin which isn't in PATH.
Also using -Wl,-rpath to set library search location instead of setting
LD_LIBRARY_PATH when calling setfiles in image.mk.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
As the PWM has its own sub-system in the Linux kernel,
I think it should be handled in the same way as GPIO, RTC, PCI...
This patch introduces a specific feature flag "pwm" and the
"leds-pwm" kernel module as the first customer.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
It should return false to indicate that the option should not be ignored
Fixes 064dc1e8 ("dnsmasq: abort when dnssec requested but not
available")
Reported-by: Sami Olmari <sami@olmari.fi>
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
The TFTP server provided by dnsmasq supports serving a select boot image
based on the client's MAC or IP address. This allows an administrator
to activate this feature in /etc/config/dhcp. Here is an example
/etc/config/dhcp that configures dnsmasq with --tftp-unique-root=mac.
With this configuration, dnsmasq will serve
/usr/libexec/tftpboot/00-11-22-33-44-55/openwrt-initramfs-kernel.bin to
the client with MAC address 00:11:22:33:44:55.
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Add config options:
srcportmin/srcportmax : range of port numbers to use as UDP source ports
to communicate to the remote VXLAN tunnel endpoint
ageing : lifetime in seconds of FDB entries learnt by the kernel
maxaddress : maximum number of FDB entries
learning : enable/disable entering unknown source link layer addresses
and IP addresses into the VXLAN device FDB.
rsc : enable/disable route short circuit
proxy : enable/disable ARP proxy
l2miss : enable/disable netlink LLADDR miss notifications
l3miss : enable/disable netlink IP ADDR miss notifications
gbp : enable/disable the Group Policy extension
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
UCI defaults scripts are supposed to be numbered, but odhcpd's lacked numbering, which
turned out to mess up my custom scripts numbered 9[0-9]_*. The idea is to have high number
(custom) scripts executed last. Jow confirmed numbering is the default case, not the
exception (thanks).
Signed-off-by: Stijn Segers <foss@volatilesystems.org>
Instead of vaguely describing dependencies in the package description
actually split-up into individual packages, each with their
dependencies expressed accurately.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Split utility packages similar to coreutils in packages feed, adding
ALTERNATIVES for those which are also provided by busybox-selinux.
Also add missing license information.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
The required BusyBox applets are enabled by default, so we can rely on them
being present in the system. This way, we make sure there are no conflicts
with less featured variants of these same applets which might also be
present in the system.
Fixes: 0bd7dfa3ed ("zram-swap: enable swap discard")
Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
[wrap commit description]
Signed-off-by: David Bauer <mail@david-bauer.net>
With global NLS support enabled (CONFIG_BUILD_NLS), the linked libelf.so
and libbfd.so libraries will depend on libintl.so. Import the nls.mk helper
to set library prefixes and flags accordingly, and also conditionally add
"-lintl" as link-time library.
Fix a build error on ppc due to a EDEADLOCK redefinition in errno.h.
Use upstream stable kernel 5.8.9, and fix overriding of feature detection
to only allow/hide detected features. Also refresh existing patches.
Fixes: 2f0d672088 ("bpftools: add utility and library packages supporting
eBPF usage")
Signed-off-by: Tony Ambardar <itugrok@yahoo.com>
amd64-microcode (3.20191218.1)
* New microcode update packages from AMD upstream:
+ Removed Microcode updates (known to cause issues):
sig 0x00830f10, patch id 0x08301025, 2019-07-11
* README: update for new release
amd64-microcode (3.20191021.1)
* New microcode update packages from AMD upstream:
+ New Microcodes:
sig 0x00830f10, patch id 0x08301025, 2019-07-11
+ Updated Microcodes:
sig 0x00800f12, patch id 0x08001250, 2019-04-16
sig 0x00800f82, patch id 0x0800820d, 2019-04-16
amd64-microcode (3.20181128.1)
* New microcode update packages from AMD upstream:
+ New Microcodes:
sig 0x00800f82, patch id 0x0800820b, 2018-06-20
Signed-off-by: Tan Zien <nabsdh9@gmail.com>
CONFIG_BMP085* is replaced by CONFIG_BMP280 since 4.9[1] and this package is empty.
OpenWRT also has kmod-iio-bmp280* package and we can drop old packages.
1. [ misc: retire the old BMP085 driver ]
(832c8232dd (diff-5000d544d790c669405eb2a6775e5981))
Signed-off-by: Aleksander Jan Bajkowski <A.Bajkowski@stud.elka.pw.edu.pl>
Drop patches as they've been upstreamed:
* 001-Fix-CVE-2020-12762.patch
Refresh patches:
* 000-libm.patch
Add patch to avoid build failure due to missing docs in tarball.
Signed-off-by: David Bauer <mail@david-bauer.net>
This enables the ipq-wifi package to be used on IPQ806x target.
Its needed for boards using a different BDF than one shipped in the upstream board-2.bin.
Currently needed for Edgecore ECW5410.
Signed-off-by: Robert Marko <robert.marko@sartura.hr>
