Use flock to protect init script from concurrent execution
(of the same script).
Important for services which generate native config files.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
Signed-off-by: Andrejs Hanins <ahanins@gmail.com>
This is needed for procd init script protection to work.
flock adds 4248 bytes to stripped busybox binary.
Signed-off-by: Roman Yeryomin <roman@advem.lv>
The CPU sub type was set to a CPU version with FPU, but the FPU feature
was not activated before, so a soft float toolchain was created.
Activate also the FPU feature to create the correct toolchain.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
This activates neon and VFPv4 support for this target. The CPU support
these feature so also use them.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2,
the tab autocomplete feature of the shell, used to get a list of filenames
in a directory, does not sanitize filenames and results in executing any
escape sequence in the terminal. This could potentially result in code
execution, arbitrary file writes, or other attacks.
Fixes: FS#1181 - CVE-2017-16544:
Backport the patch from:
https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8https://nvd.nist.gov/vuln/detail/CVE-2017-16544
Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com>
Signed-off-by: John Crispin <john@phrozen.org>
In current state, if there is START but no STOP, enbale()
will return 1 (failure), which is wrong.
Moreover there is no need to check for START/STOP twice.
Instead, add err variable to save success state and
and return it's value.
Also eliminate the need to disable() by using 'ln -sf',
which will first delete the old symlink if one exists.
Changes from v1:
- fixed description
Signed-off-by: Roman Yeryomin <roman@advem.lv>
5beb95d lua: additionally return name when looking up sections
ff33bb2 lua: support extended section notation
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Fix overhead accounting error introduced by f33c4d6 refactor
cake_advance_shaper and ack_filter
Symptoms were links running under rate.
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
Since BusyBox 1.25.0 dd command supports iflag=skip_bytes which allows
skipping requested amount of bytes without reducing blocksize. Thanks to
this we can leave default blocksize and let dd work more efficiently.
On Netgear R6250 "dd skip=58 iflag=skip_bytes" can be 5 times faster
than "dd bs=58 skip=1" when extracting TRX out of CHK.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
It's a device based on BCM5365P (0x5365 package 0x00). This SoC has
USB 1.1 controller but device has two USB 2.0 parts. They are handled by
PCI-based controllers: 1106:3038 UHCI and 1106:3104 EHCI.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
This was broken in 7bab49fd ("lantiq: add compatible strings to dts
files"), causing for the dm200 garbled serial output during boot, and
likely other issues.
Signed-off-by: Thomas Nixon <tom@tomn.co.uk>
[fix the compat string of the P2601HNFX as well]
Signed-off-by: Mathias Kresin <dev@kresin.me>
Enabling IPTABLES_NFTABLES resulted in an error during build:#
*** No rule to make target '../extensions/libext.a',
needed by 'xtables-compat-multi'."
Comments from Alexander Lochmann and Fedor Konstantinov in FS#711
provided fixes for this build error, allowing iptables to compile.
https://bugs.lede-project.org/index.php?do=details&task_id=711.
This commit updates the Makefile.am xtables_compat_multi_LDFLAGS
and _LDADD, moving linking of extensions to LDFLAGS.
Signed-off-by: rektide de la faye <rektide@voodoowarez.com>
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: 8170f280c4 ("base-files: set FAILSAFE in /etc/profile when
/tmp/.failsafe exists")
That patch fixes handling SPI messages with two writing transfers. It's
important when using e.g. by m25p80 driver which uses one transfer for
opcode and another one for data.
Thanks to that fix we can now drop m25p80 workaround patch. It means one
less hack and also a better flash writing performance as there is no
more data buf copying.
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>
Since dropbear clears the environment, FAILSAFE was not set as intended in
failsafe mode. This also broke sysupgrade from failsafe mode over SSH.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Unconditionally pass TARGET_CPPFLAGS (not passed at all before) and
TARGET_LDFLAGS (passed only in certain non-default configuration before the
Makefile streamlining). Without these flags, hardening options
(PKG_FORTIFY_SOURCE and PKG_RELRO) were not actually applied to busybox.
The addition of these flags increases the size of the stripped busybox
binary by about 6KB (~4KB with fortify headers, ~2KB with "-znow -zrelro")
with the default hardening options PKG_FORTIFY_SOURCE_1 and PKG_RELRO_FULL.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Use default Build/Install steps where possible. No binary change in default
configuration, so PKG_RELEASE is not incremented.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Some packages, e.g. busybox, explicitly remove old .configured stamps
before attempting configuration, rather than after the actual configuration
step. This seems like a good idea, as there will be no stamp left if
configuration fails. Change generic rules to work like this, so package-
specific rules can be dropped.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Send a SIGHUP signal via procd to the dnsmasq service so the instance(s)
re-read(s) the /tmp/hosts/dhcp config.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
If the hostname in /etc/config/system is modified the dnsmasq should also
get triggered to rewrite/reload the config.
Signed-off-by: Florian Eckert <fe@dev.tdt.de>
A lot of 1U x86_64 servers have NVMe support, which is lower-power
and higher speed than SSD or CFast drives, etc. The drivers
required to make this work are trivial.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
PKG_BUILD_DIR was defined with quoting PKG_VERSION in
layerscape package makefiles. Now PKG_VERSION has been
removed from these makefiles. When PKG_BUILD_DIR quotes
PKG_VERSION, '=' should be used instead ':=' to make
sure PKG_VERSION has been defined in common makefile.
Signed-off-by: Yangbo Lu <yangbo.lu@nxp.com>
Intel motherboards (as well as the Cavium ThunderX SoC) use a
superset of the I2C protocol called SMBus.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
Remove a stray -Wp left in host_c_flags causing build failures for newer
4.14 versions.
Reported-by: Michael Marley <michael@michaelmarley.com>
Signed-off-by: Jonas Gorski <jonas.gorski@gmail.com>
Advantages:
- preserves existing partition layout on the sd-card.
Only the boot and rootfs partition will be overwritten.
Please note that sysupgrade will refuse to upgrade, if the existing
installation has an incompatible partition layout. Future changes
to the bootfs and/or rootfs partition size will likely cause breakage
to the sysupgrade procedure. In these cases, the ext4-sdcard.img.gz
will have to be written to the sdcard manually.
Please don't forget to backup your configuration in this case.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
Use the values populated by the generic board detect function. The
first compatible from the device tree source file will be the board
name in userspace. The model property from the device tree source file
will be the model name.
Change the board name where used in the userspace and drop the target
specific board detect, to use the generic one.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch adds the compatible string for the various RPIs from
4.14 upstream.
Note: The 4.14 upstream does not include the compute modules.
If the CM* would just house the SoC, it could in theory use the
"raw" chip compatible string. However, these CM boards also come
with RAM and eMMC. So they have to have a proper comaptible.
For now, "raspberrypi,compute-module-{1|3}" will be good enough.
Note2: The original CM was renamed to CM1 when CM3 was released.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
This patch converts all the raspberrypi images to utilize
the common metadata-based image verification.
Note: the CM1 and CM3 currently use the same "rpi-cm"
boardname.
Signed-off-by: Christian Lamparter <chunkeey@gmail.com>
439b9b6c (tag: v1.29.0) Update manual pages
48498452 Bump up version number to v1.29.0, LT revision to 29:1:15
d30f3816 Update manual pages
4d1139f6 Remove SPDY
48f57407 nghttpx: Update doc
c1f14d73 Update manual pages
216f4dad nghttpx: Remove redundant check
a4e27d76 Revert "nghttpx: Use an existing h2 backend connection as much as possible"
2365f12e Fix CMAKE_MODULE_PATH
03f7ec0f nghttpx: Write API request body in temporary file
2056e812 nghttpx: Increase api-max-request-body
1ebb6810 nghttpx: Faster configuration loading with lots of backends
a3ebeeaf nghttpx: Fix crash with --backend-http-proxy-uri option
422ad1be Use NGHTTP2_REFUSED_STREAM for streams which are closed by GOAWAY
97f1735c Bump up version number to 1.29.0
Signed-off-by: Hans Dedecker <dedeckeh@gmail.com>
f40f84c support PantechMode
d8dc335 support Quanta and Blackberry modes
333e486 fix support for Option modems
Signed-off-by: John Crispin <john@phrozen.org>
Commit c312cef223 ("ar71xx: spi-rb4xx fix.") replaced the clk_enable() call
with clk_prepare_enable() to meet the common clock framework requirements.
However it did not change the clk_disable() call in the error patch which
thus leads to imbalance.
Fix the code by using the correct counterpart of clk_prepare_enable() in both
places.
Fixes: c312cef223 ("ar71xx: spi-rb4xx fix.")
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
A few UBI messages lacks the trailing newline character which
leads to ugly lines in the bootlog like this:
[ 6.649159] UBI error: no valid UBI magic found inside mtd6[ 6.667751] Freeing unused kernel memory: 2196K
Add a newline character to the end of the messages to fix it.
After the fix the line from above looks better in the log:
[ 6.609182] UBI error: no valid UBI magic found inside mtd6
[ 6.627599] Freeing unused kernel memory: 2132K
Signed-off-by: Gabor Juhos <juhosg@freemail.hu>
