Small cleanup. I initially though /dev/kmsg was used for dmsg(and journald
on desktops) but this seems not to be the case. dmsg is still accessible
as non-root(gives output) which begs the question what does this do? Some
googling reveals that permissions are set to 600 for some embedded systems
while 644 for others. I can't find any justification for the latter. Might
as well err on the side of caution.
Signed-off by: Rosen Penev <rosenp@gmail.com>
This package is a custom build(like ubi-utils) of mtd-utils from infradead.org
It is required to work with Mikrotik NAND based devices
Signed-off-by: Sergey Sergeev <adron@yapic.net>
This adds this commit from normal libnl to libnl-tiny:
2dbc1ca76c
commit 2dbc1ca76c5b82c40749e609eb83877418abb006
Author: dima <dima.ky@gmail.com>
Date: Wed Oct 13 17:53:34 2010 +0300
Generic Netlink multicast groups support
I have a patch against commit d378220c96c3c8b6f27dca33e7d8ba03318f9c2d
extending libnl with a facility to receive generic netlink messages sent
to multicast groups.
Essentially it add one new function genl_ctrl_resolve_grp which
prototype looks like this
int genl_ctrl_resolve_grp(struct nl_sock *sk, const char *family_name,
const char *grp_name)
It resolves the family name and the group name to group id. Then
the returned id can be used in nl_socket_add_membership to subscribe
to multicast messages.
Besides that it adds two more functions
uint32_t nl_socket_get_peer_groups(struct nl_sock *sk)
void nl_socket_set_peer_groups(struct nl_sock *sk, uint32_t groups)
allowing to modify the socket peer groups field. So it's possible to
multicast messages from the user space using the legacy interface.
Looks like there is no way (or I was not able to find one?) to modify
the netlink socket destination group from the user space, when the
group id is greater then 32.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [cosmetic style fix]
The pps-ldisc kernel module supports Pulse-Per-Second connected with the CD (Carrier Detect) pin.
Signed-off-by: Stephen Walker <stephendwalker+github@gmail.com>
This changes the default permissions for /dev entries to be more similar to
a desktop distro. Taken from the defaults of Arch Linux and Ubuntu. Also
changed some that were nonsensical. For example, all 660 permissions on
desktop distros were of the form root:x where x is something other than
root. As such, 660 is useless for LEDE where the specific group is missing.
audio seems to be the only group that isn't.
Signed-off by: Rosen Penev <rosenp@gmail.com>
This commit:
1) seed /dev/urandom with the saved seeds as early as possible
(see /lib/preinit/81_urandom_seed)
2) save a seed at /etc/urandom.seed if it doesn't exists
3) save a new seed each boot at "system.@system[0].urandom_seed"
(see /etc/init.d/urandom_seed)
We use getrandom() so we are sure /dev/urandom pool is initialized
Seed size is 512 bytes (ie /proc/sys/kernel/random/poolsize / 8)
it's the same size as in ubuntu 14.04 and all systemd systems
Seeding /dev/urandom doesn't change entropy estimation, so we still have
"random: ubus urandom read with 4 bits of entropy available"
messages in the logs, but we can now ignore them if
after "urandom-seed: Seeding with ..." message
Saving a new seed on each boot is disabled by default to avoid too much
writes without user consent
v2: log preinit messages to /dev/kmsg
v3: use non generic function name for logging, as /lib/preinit/ files
are all sourced together in /etc/preinit
v4: after a lot of discussion on the ML, use a uci config param
v5: config param is now the path of the seed
Signed-off-by: Etienne CHAMPETIER <champetier.etienne@gmail.com>
Acked-by: Jo-Philipp Wich <jo@mein.io>
OpenWrt enables XATTR support pretty much universally, therefore
for filesystems that a loaded as modules also enable XATTR support
so that there are no unexpected missing capabilities.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
Instead of downloading the firmware for prism54 devices in the
wireless.mk do it in an extra package Makefile. To ship the complete
source code Intel ships our modified OpenWrt/LEDE + the content of the
dl directory. We do not want to have any files in the dl/ directory
which are not needed to build our images. The prism54 gets downloaded
every time independently of building kmod-net-prism54 or not. When it
is in a own package it only gets downloaded when the firmware package
is selected.
Signed-off-by: Hauke Mehrtens <hauke.mehrtens@intel.com>
Following fixes are included in the latest version:
-Script is launched with incorrect action
-Possible buffer overflows
-Lots of minor bugfixes
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
COBALT is a hybrid codel/blue algo combining best elements of both.
Exhibits improved behaviour in presence of abuse from unresponsive flows
handled by 'blue', whereas responsive flows are still handled by codel.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Cake AQM is experimenting with a codel/blue hybrid AQM COBALT instead
of just using codel alone. This patch updates tc to cope with some new
stats produced by COBALT.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
By default dnsmasq uses the time function; which returns the time since
Epoch; to retrieve the current time. On boards which have no realtime
clock this can lead to side effects when the time is synced via ntp
as the "time wrap" forces dhcp leases to be considered as expired.
By enabling the broken realtime clock build switch dnsmasq uses the
times utility which returns the number of clock tick.
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
[Jo-Philipp Wich: change symbol name, add sym to PKG_CONFIG_DEPENDS]
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
93d5629a introduced a build failure on older platforms (<4.4)
because bmp085 is a boolean and not a tristate.
Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
add BMP085 and BMP180 pressure sensors
this driver supports the SPI and I2C and
older chips (BMP280 is supported by iio subsystem)
issue found when cleaning up omap/config
found while writing this patch that a
similar patch was submitted in June/July 2014 but not integrated
only compile tested
Signed-off-by: Dirk Neukirchen <dirkneukirchen@web.de>
The PDU length of incoming LLC frames is set to the total skb payload size
in __ieee80211_data_to_8023() of net/wireless/util.c which incorrectly
includes the length of the IEEE 802.11 header.
The resulting LLC frame header has a too large PDU length, causing the
llc_fixup_skb() function of net/llc/llc_input.c to reject the incoming
skb, effectively breaking STP.
Solve the problem by properly substracting the IEEE 802.11 frame header size
from the PDU length, allowing the LLC processor to pick up the incoming
control messages.
Special thanks to Gerry Rozema for tracking down the regression and proposing
a suitable patch.
Fixes FS#24.
References:
https://bugs.lede-project.org/index.php?do=details&task_id=24
Reported-by: Gerry Rozema <gerryr@rozeware.com>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Upstream OpenSSL hardening work introduced a change in shared code that
causes polarssl / mbedtls builds to break when no --tls-cipher is specified.
Import the upstream fix commit as patch until the next OpenVPN release gets
released and packaged.
Reported-by: Sebastian Koch <seb@metafly.info>
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
With the addition of /etc/os-release patching lldpd to use
/etc/openwrt_release and to have the initscript use
/etc/openwrt_release and/or /etc/openwrt_version becomes
unnecessary.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
There are 2 issues fixed by this patch:
- UDP checksum is computed incorrectly, the used pseudo IP header
contains transport protocol 6 iso 17
- on big endian arches the UDP/TCP checksum is incorrectly
computed when payload length is odd
Signed-off-by: Alin Nastac <alin.nastac@gmail.com>
Signed-off-by: Felix Fietkau <nbd@nbd.name> [refresh patch]
The copy on the mirror has a different md5sum as specified in this
package Makefile. The content of the file on the mirror is the same as
in the checkout so just update our md5sum.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Instead of downloading the firmware from some website take it from
linux-firmware package and do not download it separately any more.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
The ebtables code relies on the `-nostartfiles` linker argument to execute the
extension modules' `_init()` functions automatically which is not working
reliably across all supported targets and gcc versions.
Running an ebtables executable linked this way just crashes with a segmentation
fault at runtime on program startup, e.g. on ARM architectures.
In order to fix the issue ...
- remove the use of the -nostartfiles linker flag
- rename the init procedures to a generic name without implicit semantics
- explicitely annotate those init procedures as constructors
The patch has been taken from the Alpine Linux distribution at
http://git.alpinelinux.org/cgit/aports/tree/main/ebtables/fix-extension-init.patch
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
dnsmasq's dnssec time checking method now uses a ntp hotplug mechanism,
therefore dnsmasq.time is redudant and no longer needs to be explicitly
excluded from sysfixtime.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
Change dnsmasq's dnssec time check handling to use time validity
indicated by ntpd rather than maintaining a cross boot/upgrade
/etc/dnsmasq.time timestamp file. This saves flash device wear.
If ntpd client is configured in uci and you're using dnssec, then
dnsmasq will not check dnssec timestamp validity until ntpd hotplug
indicates sync via a stratum change. The ntpd hotplug leaves a status
flag file to indicate to dnsmasq.init that time is valid and that it
should now start in 'check dnssec timestamp valid' mode.
If ntpd client is not configured and you're using dnssec, then it is
presumed you're using an alternate time sync mechanism and that time is
correct, thus dnsmasq checks dnssec timestamps are valid from 1st start.
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>
V2 - stratum & step ntp changes indicate time is valid
V3 - on initial flag file step signal dnsmasq with SIGHUP if running
V4 - only accept step ntp changes. Accepting both stratum & step could
result in unpleasant script race conditions
V5 - Actually only accepting stratum is the correct thing to do after
further testing
V6 - improve handling of non busybox ntpd
if sysntpd not executable
dnsmasq checks dnssec timestamps
else
sysntp script disabled - look for timestamp file - allows external mechanism to use hotplug flag file
sysntp script enabled & uci ntp enabled - look for timestamp file
sysntp script enabled & uci ntp disabled - dnsmasq checks dnssec
timestamps
fi
/etc/os-release is the standard distribution release information
file, therefore add it (and image configuration options for
fields not previously present in LEDE). Once it is deemed
reasonable the non-standard openwrt_release, openwrt_version,
and device_info files could be removed (that is with this patch
we consider them deprecated in favour of the standard file).
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
In company networks everything except the http and https protocol is
often causes problems, because the network administrators try to block
everything else. To make it easier to use LEDE in company networks use
the https/http protocol for git access when possible.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
puts br2684ctl init after ADSL init instead of before, so that the ESI
is set at the right time, and for consistency with the PTM driver.
Signed-off-by: Daniel Gimpelevich <daniel@gimpelevich.san-francisco.ca.us>
Original URL got 303 redirect which then also dropped the commit id
leading to different file revision & MD5 mismatch.
Corrected URL & clarified commit ID use in Makefile
Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>