aboutsummaryrefslogtreecommitdiffstats
path: root/package/system
Commit message (Collapse)AuthorAgeFilesLines
* procd: update to git HEADDaniel Golle2021-03-191-4/+4
| | | | | | | | | Enable seccomp features on Aarch64. 3e88c6f jail/seccomp: add support for aarch64 c23d8bf trace: fix build on aarch64 Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2021-03-191-3/+3
| | | | | | 964d1e3 partname: allow skipping existing 'rootfs_data' partition Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mtd: fix imagetag compilationÁlvaro Fernández Rojas2021-03-171-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | Commit b5b0796a1322 added an uint32_t to mtd.h without including stdint, which results in a compilation error for those files not including stdint.h. In file included from imagetag.c:36: mtd.h:15:8: error: unknown type name 'uint32_t' extern uint32_t opt_trxmagic; ^~~~~~~~ imagetag.c: In function 'trx_fixup': imagetag.c:180:10: warning: unused variable 'res' [-Wunused-variable] ssize_t res; ^~~ imagetag.c:177:14: warning: unused variable 'scan' [-Wunused-variable] void *ptr, *scan; ^~~~ imagetag.c: In function 'trx_check': imagetag.c:246:27: warning: initialization discards 'const' qualifier from pointer target type [-Wdiscarded-qualifiers] struct bcm_tag *tag = (const struct bcm_tag *) buf; ^ make[3]: *** [<builtin>: imagetag.o] Error 1 Fixes: b5b0796a1322 ("mtd: add option for TRX magic to fixtrx") Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* mediatek: add support for Buffalo WSR-2533DHP2INAGAKI Hiroshi2021-03-151-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds support for the Buffalo WSR-2533DHP2. The device uses the Broadcom TRX image format with a special magic. To be able to boot the images or load them they have to be wrapped with different headers depending how it is loaded. There are multiple ways to install OpenWrt on this device. Boot ramdisk from U-Boot ---------------------------- This will load the image and not write it into the flash. 1. Stop boot menu with "space" key 2. Select "System Load Linux to SDRAM via TFTP." 3. Load this image: openwrt-mediatek-mt7622-buffalo_wsr-2533dhp2-initramfs-kernel.bin 4. The system boots the image Write to flash from U-Boot ----------------------------- This will load the image over tftp and directly write it into the flash. 1. Stop boot menu with "space" key 2. Select "System Load Linux Kernel then write to Flash via TFTP." 3. Load this image: openwrt-mediatek-mt7622-buffalo_wsr-2533dhp2-squashfs-factory-uboot.bin 4. The system writes this image into the flash and boots into it. Write to flash from Web UI ----------------------------- This will load the image over over the Web UI and write it into the flash 1. Open the Web UI 2. Go to "管理" -> "ファームウェア更新" 3. Select "ローカルファイル指定" and click "更新実行" 4. Load this image: openwrt-mediatek-mt7622-buffalo_wsr-2533dhp2-squashfs-factory.bin 5. The system writes this image into the flash and boots into it. Specifications ------------------- * SoC: MT7622 (4x4 2.4 GHz Wifi) * Wifi: MT7615 (4x4 5 GHz Wifi) * Flash: Winbond W29N01HZ 128MB SLC NAND * RAM 256MB * Ethernet: Realtek RTL8367S (5 x 1GBit/s, SoC via 2.5GBit/s) Co-Developed-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* mtd: add option for TRX magic to fixtrxINAGAKI Hiroshi2021-03-153-6/+17
| | | | | | | | | | | | Buffalo uses the TRX header with a different magic and even changes this magic with different devices. This change allows to specify the header to use as a command line argument. This is needed for the Buffalo WSR-2533DHP2 based on mt7622. Co-Developed-by: Hauke Mehrtens <hauke@hauke-m.de> Signed-off-by: INAGAKI Hiroshi <musashino.open@gmail.com> Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
* opkg: update to git HEADDaniel Golle2021-03-151-3/+3
| | | | | | 5936c4f libopkg: pkg_hash: prefer original packages to satisfy dependencies Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: update to git HEADDaniel Golle2021-03-141-3/+3
| | | | | | d3a63b3 libopkg: add option to strip ABI versions from listed names Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to version v0.8Dominick Grift2021-03-141-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 3d7da7a igmpproxy tidy some loose ends c84ba0f rcigmpproxy: add entries to /etc when creating /etc/igmpproxy.conf 5a18967 adds igmpproxy skeleton 7e6a218 logread: support resolving dns names e39ca8b netifd: add support for /etc/udhcpc.user 7952bd0 odhcp6c: support /etc/odhcp6c.user ba0eb4e swconfig, fwenv, agent 4556b8a pppd cosmetic 9324d9d pppd: sends AT commands to model using /dev/ttyUSBN 417b14a ttydev: add some more ttyUSB ed739dc example: dont depend on policycoreutils 97613f9 dropbear: using dropbear as scp: dns name resolving 12c193b dropbear tcp connect ssh ports for scp c050077 rcdnsmasq: remove redundant rule and make rcsysntpd optional 8c5de35 this is a bug 8d5c463 uhttpd rcboot rcdnsmasq 094266e hostapd and wpa_supplicant aef0bd7 mountroot: maintains /tmp/sysupgrade.tar 24f0406 dropbear: allow it to read tmp.fs files 2901433 firstboot mkfsf2fs rcboot 2c4afb7 blockmount mmc 465ca98 adds industrial i/o (iio) nodedev 82f686e mtd stordev: back that ubiblock0_4p1 up with a filecon 7df78bd ubus: "support" older ubusd versions that run as root 4458bce swconfig: allow using terminal (to print output) e8d606d sslcert: openssl linked: this shaves off 200 bytes 93afffb jshn ntpdhotplug 0b847f0 wpad: reads /etc/ssl/openssl.cnf f14ee34 indent fix a0c7cad mtd, uhttpd, ubus and ntpdhotplug d74f98f adds a not about checkreqprot requirement in some scenarios affacce example: add policycoreutils-setfiles for make check 4f944dc kmodloader and fwenv: efe36a3 netifd: adds a comment/reminder 581b087 more fw_printenv loose ends 30177a4 fw_setenv: needs mtd write access to set and delete env da28f4c fw_printenv: some minor clean ups a062053 fw_printenv missing rules 244ba5f blockmount: extroot and /rwm 0745a6a squid: allow squid to run sslcrtd with domain transition b851df6 squid fix 8c55acd squid: adds certfile and allow connect http but... b7c1f6d Makefile: exclude tinyproxy from mintesttgt (using squid) 5ff39bd squid: forgot about luci 5366c97 squid/rcsquid some basic fill in 8743da6 squid skeleton 687a43b adds squid 3128 port to httpproxy port Signed-off-by: Dominick Grift <dominick.grift@defensec.nl>
* rpcd: update to git HEADDaniel Golle2021-03-111-3/+3
| | | | | | | d3f2041 uci: manually clear uci_ptr flags after uci_delete() operations ccb7517 sys: packagelist: drop ABI version from package name Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: update to git HEADDaniel Golle2021-03-111-3/+3
| | | | | | d71856a pkg: pass-through ABIVersion to status file Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2021-03-081-3/+3
| | | | | | | 945d0d7 utils: fix C style in header file 2cfc26f inittab: detect active console from kernel if no console= specified Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: fix build with glibcDaniel Golle2021-03-051-3/+3
| | | | | | | | stropts.h is unavailable under glibc (and unneeded when building against glibc). Include it only if not building against glibc. Reported-by: @DazzyWalkman Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2021-03-021-3/+3
| | | | | | 19d7d93 libfstools: partname: several fixes Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2021-03-021-3/+3
| | | | | | 64e9f3a procd: fix compilation with newer musl Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to version 0.7Daniel Golle2021-02-281-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | a857b45 resolv/locale: eventually this should be more efficient 11ed281 some more optimization 764a475 add redundant calls to file.search_conffile_dirs() 7d4558e fs: treat devtmpfs that same as tmpfs 81b677e adds irqbalance skeleton 5506244 irqbalance rules cc96cd8 adds usbutil and gtpfdisk skels 01e2a55 some fsck, gptfdisk, mkfs and usbutil rules d6d1e7d usbutil: output to terminal da576fa fsck, gptfdisk and usbutil rules 09b39e9 unbound 241a029 hotplugcall: allow dac_read_search (is a subset of dac_override) af0fe90 adds label for tcsh 160f79e adds tcpdump 6d02b96 adds coreutil execfile for busybox alternatives ac54884 coreutilexecfile: these are known to require privileges, so exclude 8cb3b66 adds chrootexecfile 6d329d3 this saves 9KiB and its a bit more robust 88e2425 move addpart/delpart/partx to gptfdisk.cil 261012d ntphotplug: reads ubox data files 0473ace various 740e820 work through to genfs_seclabel_symlinks loose ends (Linux 5.10) bef21f5 TODO adds a note about how I dont need to upgrade to polver 33 from 31 cb2e5a3 ubus uses ntpdhotplug fd, and some genfs_seclabel_symlink changes 07df9b9 luci, rpcd and wpad (mainly genfs_selabel related but not all) 8d86cab genfs_seclabel loose ends for blockmount, hotplugcall, irqbalance, zram-swap b8156cd adds a note about how i forgot to target blockd 6e82ab8 adds blockd and related 254ff43 Makefile: exclude blockd from mintesttgt 4dc6bc2 pppd update related and unbound-odhcp rules Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2021-02-281-4/+4
| | | | | | bad1835 fstools: add partname volume driver Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* download: add mirror alias for DebianDavid Bauer2021-02-261-1/+1
| | | | | | | Add an alias for Debian packages and download them from the Debian mirror redirector. Signed-off-by: David Bauer <mail@david-bauer.net>
* procd: update to git HEADDaniel Golle2021-02-231-3/+3
| | | | | | | 2be57ed cosmetics: provide compatible system info on Aarch64 37eed13 system: expose if system was booted from initramfs Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* mtd: fixtrx: support CFE imagetag on bmips targetÁlvaro Fernández Rojas2021-02-221-0/+1
| | | | Signed-off-by: Álvaro Fernández Rojas <noltari@gmail.com>
* openwrt-keyring: add OpenWrt 21.02 GPG/usign keysPetr Štetiar2021-02-201-3/+3
| | | | | | | 49283916005d usign: add 21.02 release build pubkey bc4d80f064f2 gpg: add OpenWrt 21.02 signing key Signed-off-by: Petr Štetiar <ynezz@true.cz>
* build: reorder more BuildPackages lines to deal with ABI_VERSIONFelix Fietkau2021-02-161-1/+1
| | | | | | | After the ABI version rework, packages need to be declared in the order of their dependencies, so that dependent packages will use the right ABI version Signed-off-by: Felix Fietkau <nbd@nbd.name>
* libubox: update to the latest version, set ABI_VERSION dynamicallyFelix Fietkau2021-02-151-6/+8
| | | | | | 2537be018587 cmake: add a possibility to set library version Signed-off-by: Felix Fietkau <nbd@nbd.name>
* procd: add hotplug-call dispatcher ubus objectsDaniel Golle2021-02-081-3/+3
| | | | | | Add per-subsystem ubus objects exposing hotplug-call. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to version 0.6Daniel Golle2021-02-051-2/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2021-02-021-4/+4
| | | | | | | | | | 0aee1c3 hotplug.c: set nl_pid to zero d6dda31 procd: fix compiler warning 92c8e8f jail: remove duplicate check for hook file permissions 0a74c06 jail: only output BPF instr. table header if debugging fd18379 jail: cgroups: fix uninitialized variabl Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to git tag v0.5Daniel Golle2021-01-311-2/+2
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ca-certicficates: Update to version 20210119Paul Menzel2021-01-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Update the ca-certificates and ca-bundle package from version 20200601 to version 2021019. This version uses Python 3 for the build, fixing a build issue on systems, where `/usr/bin/python3` is a wrapper script [1]. Debian change-log entry [2]: > [ Julien Cristau ] > * New maintainer (closes: #976406) > * mozilla/{certdata.txt,nssckbi.h}: Update Mozilla certificate > authority > bundle to version 2.46. > The following certificate authorities were added (+): > + "certSIGN ROOT CA G2" > + "e-Szigno Root CA 2017" > + "Microsoft ECC Root Certificate Authority 2017" > + "Microsoft RSA Root Certificate Authority 2017" > + "NAVER Global Root Certification Authority" > + "Trustwave Global Certification Authority" > + "Trustwave Global ECC P256 Certification Authority" > + "Trustwave Global ECC P384 Certification Authority" > The following certificate authorities were removed (-): > - "EE Certification Centre Root CA" > - "GeoTrust Universal CA 2" > - "LuxTrust Global Root 2" > - "OISTE WISeKey Global Root GA CA" > - "Staat der Nederlanden Root CA - G2" (closes: #962079) > - "Taiwan GRCA" > - "Verisign Class 3 Public Primary Certification Authority - G3" > > [ Michael Shuler ] > * mozilla/blacklist: > Revert Symantec CA blacklist (#911289). Closes: #962596 > The following root certificates were added back (+): > + "GeoTrust Primary Certification Authority - G2" > + "VeriSign Universal Root Certification Authority" > > [ Gianfranco Costamagna ] > * debian/{rules,control}: > Merge Ubuntu patch from Matthias Klose to use Python3 during build. > Closes: #942915 [1]: https://github.molgen.mpg.de/mariux64/mxtools/issues/148 [2]: https://metadata.ftp-master.debian.org/changelogs//main/c/ca-certificates/ca-certificates_20210119_changelog Signed-off-by: Paul Menzel <pmenzel@molgen.mpg.de>
* treewide: drop shebang from non-executable lib filesAdrian Schmutzler2021-01-294-5/+2
| | | | | | | | | | | | This drops the shebang from another bunch of files in various /lib folders, as these are sourced and the shebang is useless. Fix execute bit in one case, too. This should cover almost all trivial cases now, i.e. where /lib is actually used for library files. Signed-off-by: Adrian Schmutzler <freifunk@adrianschmutzler.de>
* rpcd: update to git HEADDaniel Golle2021-01-071-4/+4
| | | | | | | | | | fd017ba iwinfo: add ht and vht operation info to wifi scan 4c66b31 iwinfo: export center channel for info ubus call e28d4a5 iwinfo: add support for 802.11ad and GCMP 5c15f57 iwinfo: return hwmode 'ad' on 802.11ad-only hardware ea7f471 iwinfo: include ht_operation data only if available Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "rpcd: update to git HEAD"Jo-Philipp Wich2021-01-061-4/+4
| | | | | | | | | | | This reverts commit 190e7939639846b86ab487c50169963382720e2b. This update introduces a potential null-pointer deref with subsequent rpcd crash when querying wireless info for non-nl80211 wdevs. Additionally it wrongly includes ht frequency information for non-ht BSSes. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
* rpcd: update to git HEADDaniel Golle2021-01-051-4/+4
| | | | | | | | | fd017ba iwinfo: add ht and vht operation info to wifi scan 4c66b31 iwinfo: export center channel for info ubus call e28d4a5 iwinfo: add support for 802.11ad and GCMP 5c15f57 iwinfo: return hwmode 'ad' on 802.11ad-only hardware Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: fix 'firstboot' on unmounted UBIFS overlayDaniel Golle2021-01-041-3/+3
| | | | | | | | | | | The usual OpenWrt-way of writing the JFFS2-marker in order to have a filesystem erased at the next boot fails on UBIFS volumes due to UBI being a different beast when it comes to writing. As truncating a UBIFS volume only takes a few milliseconds and has the desired effect of wiping-out all content of that volume, just do that instead. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: update to git HEADDaniel Golle2020-12-241-3/+3
| | | | | | 9bbc7ea pkg_hash: pkg_hash_check_unresolved: fix segfault Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* zram-swap: remove the compression streams settingsRui Salvaterra2020-12-131-15/+0
| | | | | | | | | Zram switched to per-cpu compression streams since Linux 4.7 [1]. Drop the irrelevant configuration (no-op). [1] https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/drivers/block/zram?h=v4.7&id=43209ea2d17aae1540d4e28274e36404f72702f2 Signed-off-by: Rui Salvaterra <rsalvaterra@gmail.com>
* procd: update to git HEADDaniel Golle2020-12-121-3/+3
| | | | | | | 111416d jail: remove unreachable code 7f12c89 treewide: replace local mkdir_p implementations Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* fstools: update to git HEADDaniel Golle2020-12-121-3/+3
| | | | | | | | 0c6fb90 jffs2-reset: allow doing a factory reset and passing a sysupgrade.tgz 4862530 mount: restorecon: guard against execl() errors f415323 block: replace local mkdir_p implementation Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* selinux-policy: update to version 0.4Daniel Golle2020-12-121-2/+3
| | | | Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: remove legacy dist and extra_dataPaul Spooren2020-12-091-3/+3
| | | | | | | | | efb26a3 libopkg: remove "extra_data" option 1d67ab7 libopkg: remove support for "dist" config Reduces opkg size by about 400 Bytes. Signed-off-by: Paul Spooren <mail@aparcar.org>
* procd: also depend on jshnSven Roederer2020-12-051-2/+2
| | | | | | fixes "file no found" error on stripped down images, caused by prod.sh:43. Signed-off-by: Sven Roederer <devel-sven@geroedel.de>
* procd: output warning if user 'ubus' doesn't existDaniel Golle2020-12-041-3/+3
| | | | | | 6acc48c early: fall-back to run ubus as root if user can't be found Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* ubus: make sure ubusd starts in case user 'ubus' doesn't existDaniel Golle2020-12-041-3/+3
| | | | | | d1d9ddf ubusd: attempt to create socket folder Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2020-11-301-3/+3
| | | | | | | | f3c3563 jail: improve seccomp BPF generator f67a66f jail: always call cgroups_free() 4625350 jail: seccomp: improve code readability Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2020-11-271-3/+3
| | | | | | | | | | | | | | | | 3019f50 jail: leak less memory 7e01453 jail: fix segfault on missing name and refactor 5abee8f jail: fix and simplify userns uid/gid maps from OCI 4ba72ec jail: relax /etc/resolv.conf creation db5ef86 jail: don't use NULL arguments for mount syscall 19ac9df jail: don't fail if can't mount-bind /etc/resolv.conf acf36f2 jail: seteuid before clone(CLONE_NEWUSER) e40828f jail: fix typo in usage output b87984b jail: don't attempt to mount /sys with noatime b275b11 jail: enter existing cgroups namespace if given 31e0a46 jail: properly initialize timens_fd Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* opkg: cleanup man pages and md5 fixupPaul Spooren2020-11-251-3/+3
| | | | | | | 66f458d fix md5sum calculation 02eaf9c man: remove obsolete manual pages Signed-off-by: Paul Spooren <mail@aparcar.org>
* opkg: purge package from cache on hash mismatchPaul Spooren2020-11-241-4/+4
| | | | | | | | | | 61b3c62 opkg_verify_integrity: better logging and error conditions f73d42f download: purge cached packages that have incorrect checksum 1c1480e download: factor out the logic for building cache filenames 293b1ce libopkg: factor out checksum and size verification a786e25 download: remove compatibility with old cache naming scheme Signed-off-by: Paul Spooren <mail@aparcar.org>
* procd: update to git HEADDaniel Golle2020-11-231-3/+3
| | | | | | | d4d78db uxc: also delete procd runtime state on 'delete' e935c0c jail: add 'debug' extern variable to preload_seccomp Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* Revert "refpolicy: add variant that builds modular policy"Daniel Golle2020-11-221-33/+2
| | | | | | | | | | This reverts commit 9eb9943f82e0b2d5e32ffe1c63f5a82caca5094d. Building the 'modular' variant requires 'semodule_package' from 'selinux-python' to be installed on the buildhost. Apart from that, this change also broke the monolithic refpolicy 'targeted' build. Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: update to git HEADDaniel Golle2020-11-221-3/+3
| | | | | | | | | 04a2edd uxc: make force-delete kill container process be6da62 seccomp: silence 'unknown syscall' warnings b22e625 jail: cgroup hack: rewrite cgroup -> cgroup2 df7fa7b uxc: fix incomplete commit Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* procd: drop legacy seccomp support, switch to OCI parsersDaniel Golle2020-11-171-3/+3
| | | | | | | | d8f36f5 seccomp: specifying architectures is optional d352e6e seccomp: switch to new OCI compliant parser c110405 trace: switch to OCI seccomp JSON output Signed-off-by: Daniel Golle <daniel@makrotopia.org>
* rpcd: remove file when appliedHuangbin Zhan2020-11-122-5/+7
| | | | | | Make sure exit value of this script is zero. Or the file won't be deleted. Signed-off-by: Huangbin Zhan <zhanhb88@gmail.com>