Re: [PATCH] kernel: fix mtd partition erase
On Wed, 5 Aug 2020, at 21:13, John Thomson wrote: > -@@ -213,6 +262,24 @@ static int part_erase(struct mtd_info *m > if (instr->fail_addr != MTD_FAIL_ADDR_UNKNOWN) > instr->fail_addr -= part->offset; I should modify this to avoid the _write, if the _erase fails before the write address? > if (mtd->flags & MTD_ERASE_PARTIAL) { > if (partial_start) { > part->parent->_write(part->parent, -- John Thomson ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: MT7621 Flow Control
On Thu, Aug 6, 2020 at 2:35 PM John Crispin wrote: > > > On 06.08.20 14:31, Andre Valentin wrote: > > Hi Jaap, > > > > > > Am 06.08.20 um 13:43 schrieb Jaap Buurman: > >> Dear all, > >> > >> I have noticed the flow control work for mt7621 in the following > >> Openwrt patch: > >> https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=c8f8e59816eca49d776562d2d302bf990a87faf0 > >> > >> However, the problem that the patch is supposed to fix is still > >> occurring, even in combination with other experimental patches > >> submitted. These experiences can be read about here: > >> https://forum.openwrt.org/t/mtk-soc-eth-watchdog-timeout-after-r11573/5/ > >> > >> However, on this mailing list a user by the name of Kristian claims > >> that disabling flow control helps fix this problem, as can be read > >> here: > >> https://lists.openwrt.org/pipermail/openwrt-devel/2017-November/009882.html > >> > >> From what I understood, he was running many mt7621 devices > >> commercially, with many of them experiencing the issue, which were all > >> fixed with his own flow control patch. My question is why the decision > >> was made to only disable flow control on port 5 in the above mentioned > >> Openwrt patch? AFAIK, Kristian's own patch disables flow control on > >> all of the ports and he claims the issue is fixed for him. Perhaps the > >> current patch should be extended to disable flow control on all ports? > >> What are people's thoughts on this? > > I'm facing the same issue now after upgrading to 5.4 kernel more often than > > before. > > Every second reboot reboot with 5.4 fails with this timeout error. > > > >> Yours sincerely, > >> > >> Jaap > > André > > > > > from previous discussions with MTK and looking at the SDK code, the flow > control should always be disabled. > > John > Dear all, I had a look at the actual patch to see if it would be possible for me to extend it to disable flow control on all ports. However, I am unsure if the patch in its current form even does anything, even for port 5. Here is the diff of the commit in question: https://git.openwrt.org/?p=openwrt/openwrt.git;a=blobdiff;f=target/linux/ramips/files-4.14/drivers/net/ethernet/mediatek/gsw_mt7621.c;h=232bcd8cf4ea5edbd34d815032ce72b1f1f85661;hp=89be23900738095a8180532d5dd7e585f01bb7c4;hb=c8f8e59816eca49d776562d2d302bf990a87faf0;hpb=3e11ddaf2ede4f105bc9ac91229623526371a7a2 In the old code, the IF statement was used to check silicon revision. As this code only runs on mt7621 devices, this apparently always evaluates to TRUE, which means the ELSE statement is never run. Therefore, the IF condition is removed. However, let's see what was in the original IF block: /* (GE1, Force 1000M/FD, FC ON, MAX_RX_LENGTH 1536) */ mtk_switch_w32(gsw, 0x2305e30b, GSW_REG_MAC_P0_MCR); mt7530_mdio_w32(gsw, 0x3600, 0x5e30b); As we can see, some values are written to the switch's registers. The included comment states "FC ON" implying that flow control is enabled, as expected (since this was the old code). Now if we look at the new code, we see this: /* (GE1, Force 1000M/FD, FC OFF, MAX_RX_LENGTH 1536) */ mtk_switch_w32(gsw, 0x2305e30b, GSW_REG_MAC_P0_MCR); mt7530_mdio_w32(gsw, 0x3600, 0x5e30b); Here the included comment states "FC OFF" implying that flow control is disabled. HOWEVER, if we look at the values written and the location where they are written to, they are identical in the old and new code. Hence this commit doesn't seem to actually change anything. Am I reading this correct, or am I missing something? Jaap ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Merged: tools/firmware-utils: use UTC for image timestamps
Merged into my staging tree at http://git.openwrt.org/?p=openwrt/staging/jow.git. Thank you! ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
OpenWRT (ucert) signature check during upgrade
Hi there, I'd like to use signature verification during sysupgrade, but at the moment I get "Image check failed" message. Similar to what guys mentioned here: https://forum.openwrt.org/t/possible-bug-in-ucert/57704 By digging around, I found out that: fwtool -q -T -s /dev/null /tmp/sysupgrade.bin | ucert -V -m - -c "/tmp/sysupgrade.ucert" -P /etc/opkg/keys command fails, with the following message "cert_verify: cannot parse cert". My assumption is that it is because of a signature of the upgrade file that we add at the end of the certificate, while appending metadata to the upgrade file. line below (ucert -A -c "$@.ucert" -x "$@.sig") define Build/append-metadata >---$(if $(SUPPORTED_DEVICES),-echo $(call metadata_json,$(SUPPORTED_DEVICES)) >| fwtool -I - $@) >---[ ! -s "$(BUILD_KEY)" -o ! -s "$(BUILD_KEY).ucert" -o ! -s "$@" ] || { \ >--->---cp "$(BUILD_KEY).ucert" "$@.ucert" ;\ >--->---usign -S -m "$@" -s "$(BUILD_KEY)" -x "$@.sig" ;\ >--->---ucert -A -c "$@.ucert" -x "$@.sig" ;\ >--->---fwtool -S "$@.ucert" "$@" ;\ >---} endef Would (ucert -V -m) expect appended upgrade image file signature in the certificate passed with -c? Or this functionality has not been implemented yet? In other words how to check upgtade file signature prior to upgrade with ucert tool? Cheers, Andrew ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
RE: Fate of 4.14 targets
> -Original Message- > From: openwrt-devel [mailto:openwrt-devel-boun...@lists.openwrt.org] > On Behalf Of m...@adrianschmutzler.de > Sent: Dienstag, 4. August 2020 16:43 > To: openwrt-devel@lists.openwrt.org > Subject: Fate of 4.14 targets > > Hi together, > > with bcm47xx/bcm53xx bumped to 5.4 now (thanks!), we are left we the > following targets that (most likely) won't be moved to 5.4 anymore: > > 4.19: cns3xxx > 4.14: ar71xx, at91, ath25, pistachio, rb532, samsung, uml > > Now, where 20.xx comes closer, I wonder whether we should remove the > 4.14 targets _before_ branching. > Those are already two LTS kernel versions behind, the probability that > somebody will bump them to an even newer kernel after 20.xx is quite small. > Despite, if we drop them before the branch, we only have to drop them > once. :-) After having reminded about the situation of the named targets > several times, I don't think anything will change if we wait any longer with > this step. > > The only remaining targets with 4.14 support would be ramips and arc770 > then. FYI: For illustration, I've put together a staging tree including everything up to the final removal of kernel 4.14 here: https://git.openwrt.org/?p=openwrt/staging/adrian.git;a=shortlog;h=refs/heads/remove414 https://github.com/adrianschmutzler/openwrt/commits/remove414 Both trees are equivalent, just the "viewer" is different :-) Best Adrian > > Thoughts/opinions? > > Best > > Adrian openpgp-digital-signature.asc Description: PGP signature ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[RFC netifd 2/3] vlan: add pass-through hotplug ops that pass the VLAN info to the bridge
Signed-off-by: Felix Fietkau --- vlan.c | 64 ++ 1 file changed, 64 insertions(+) diff --git a/vlan.c b/vlan.c index 6270d95d755d..7d37fef33e2f 100644 --- a/vlan.c +++ b/vlan.c @@ -18,6 +18,8 @@ #include "netifd.h" #include "system.h" +static struct blob_buf b; + struct vlan_device { struct device dev; struct device_user dep; @@ -36,6 +38,66 @@ static void free_vlan_if(struct device *iface) free(vldev); } +static int +vlan_hotplug_add(struct device *dev, struct device *member, struct blob_attr *vlan) +{ + struct vlan_device *vldev = container_of(dev, struct vlan_device, dev); + void *a; + + dev = vldev->dep.dev; + if (!dev || !dev->hotplug_ops) + return UBUS_STATUS_NOT_SUPPORTED; + + blob_buf_init(, 0); + a = blobmsg_open_array(, "vlans"); + blobmsg_printf(, NULL, "%d", vldev->id); + blobmsg_close_array(, a); + + return dev->hotplug_ops->add(dev, member, blobmsg_data(b.head)); +} + +static int +vlan_hotplug_del(struct device *dev, struct device *member) +{ + struct vlan_device *vldev = container_of(dev, struct vlan_device, dev); + + dev = vldev->dep.dev; + if (!dev || !dev->hotplug_ops) + return UBUS_STATUS_NOT_SUPPORTED; + + return dev->hotplug_ops->del(dev, member); +} + +static int +vlan_hotplug_prepare(struct device *dev) +{ + struct vlan_device *vldev = container_of(dev, struct vlan_device, dev); + + dev = vldev->dep.dev; + if (!dev || !dev->hotplug_ops) + return UBUS_STATUS_NOT_SUPPORTED; + + return dev->hotplug_ops->prepare(dev); +} + +static void vlan_hotplug_check(struct vlan_device *vldev) +{ + static const struct device_hotplug_ops hotplug_ops = { + .prepare = vlan_hotplug_prepare, + .add = vlan_hotplug_add, + .del = vlan_hotplug_del + }; + struct device *dev = vldev->dep.dev; + + if (!dev || !dev->hotplug_ops || avl_is_empty(>vlans.avl)) { + vldev->dev.hotplug_ops = NULL; + return; + } + + vldev->dev.hotplug_ops = _ops; +} + + static int vlan_set_device_state(struct device *dev, bool up) { struct vlan_device *vldev; @@ -75,6 +137,7 @@ static void vlan_dev_cb(struct device_user *dep, enum device_event ev) device_set_present(>dev, false); break; case DEV_EVENT_UPDATE_IFNAME: + vlan_hotplug_check(vldev); vldev->dev.hidden = dep->dev->hidden; if (snprintf(name, sizeof(name), "%s.%d", dep->dev->ifname, vldev->id) >= sizeof(name) - 1 || @@ -139,6 +202,7 @@ static struct device *get_vlan_device(struct device *dev, int id, bool create) vldev->dep.cb = vlan_dev_cb; device_add_user(>dep, dev); + vlan_hotplug_check(vldev); return >dev; -- 2.28.0 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[RFC netifd 3/3] vlandev: add pass-through hotplug ops that pass the VLAN info to the bridge
Only used for 802.1q devices Signed-off-by: Felix Fietkau --- vlandev.c | 66 +++ 1 file changed, 66 insertions(+) diff --git a/vlandev.c b/vlandev.c index 10b78e241576..7efb5f42b5c4 100644 --- a/vlandev.c +++ b/vlandev.c @@ -45,6 +45,7 @@ static const struct uci_blob_param_list vlandev_attr_list = { }; static struct device_type vlan8021q_device_type; +static struct blob_buf b; struct vlandev_device { struct device dev; @@ -57,6 +58,67 @@ struct vlandev_device { struct vlandev_config config; }; +static int +vlandev_hotplug_add(struct device *dev, struct device *member, struct blob_attr *vlan) +{ + struct vlandev_device *mvdev = container_of(dev, struct vlandev_device, dev); + void *a; + + dev = mvdev->parent.dev; + if (!dev || !dev->hotplug_ops) + return UBUS_STATUS_NOT_SUPPORTED; + + blob_buf_init(, 0); + a = blobmsg_open_array(, "vlans"); + blobmsg_printf(, NULL, "%d", mvdev->config.vid); + blobmsg_close_array(, a); + + return dev->hotplug_ops->add(dev, member, blobmsg_data(b.head)); +} + +static int +vlandev_hotplug_del(struct device *dev, struct device *member) +{ + struct vlandev_device *mvdev = container_of(dev, struct vlandev_device, dev); + + dev = mvdev->parent.dev; + if (!dev || !dev->hotplug_ops) + return UBUS_STATUS_NOT_SUPPORTED; + + return dev->hotplug_ops->del(dev, member); +} + +static int +vlandev_hotplug_prepare(struct device *dev) +{ + struct vlandev_device *mvdev = container_of(dev, struct vlandev_device, dev); + + dev = mvdev->parent.dev; + if (!dev || !dev->hotplug_ops) + return UBUS_STATUS_NOT_SUPPORTED; + + return dev->hotplug_ops->prepare(dev); +} + +static void vlandev_hotplug_check(struct vlandev_device *mvdev) +{ + static const struct device_hotplug_ops hotplug_ops = { + .prepare = vlandev_hotplug_prepare, + .add = vlandev_hotplug_add, + .del = vlandev_hotplug_del + }; + struct device *dev = mvdev->parent.dev; + + if (!dev || !dev->hotplug_ops || avl_is_empty(>vlans.avl) || + dev->type != _device_type) { + mvdev->dev.hotplug_ops = NULL; + return; + } + + mvdev->dev.hotplug_ops = _ops; +} + + static void vlandev_base_cb(struct device_user *dev, enum device_event ev) { @@ -69,6 +131,9 @@ vlandev_base_cb(struct device_user *dev, enum device_event ev) case DEV_EVENT_REMOVE: device_set_present(>dev, false); break; + case DEV_EVENT_UPDATE_IFNAME: + vlandev_hotplug_check(mvdev); + break; default: return; } @@ -179,6 +244,7 @@ vlandev_config_init(struct device *dev) basedev = device_get(blobmsg_data(mvdev->ifname), true); device_add_user(>parent, basedev); + vlandev_hotplug_check(mvdev); } static void vlandev_qos_mapping_list_apply(struct vlist_simple_tree *qos_mapping_li, struct blob_attr *list) -- 2.28.0 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[RFC netifd 1/3] bridge: add support for defining port member vlans via hotplug ops
Signed-off-by: Felix Fietkau --- bridge.c| 105 +++- config.c| 1 + device.h| 4 +- interface.c | 10 +++-- interface.h | 2 +- ubus.c | 5 ++- wireless.c | 4 +- 7 files changed, 120 insertions(+), 11 deletions(-) diff --git a/bridge.c b/bridge.c index 14d497298352..92eea9f7e22e 100644 --- a/bridge.c +++ b/bridge.c @@ -122,6 +122,11 @@ struct bridge_member { char name[]; }; +struct bridge_vlan_hotplug_port { + struct list_head list; + struct bridge_vlan_port port; +}; + static void bridge_reset_primary(struct bridge_state *bst) { @@ -153,6 +158,7 @@ bridge_reset_primary(struct bridge_state *bst) static struct bridge_vlan_port * bridge_find_vlan_member_port(struct bridge_member *bm, struct bridge_vlan *vlan) { + struct bridge_vlan_hotplug_port *port; const char *ifname = bm->dev.dev->ifname; int i; @@ -163,6 +169,13 @@ bridge_find_vlan_member_port(struct bridge_member *bm, struct bridge_vlan *vlan) return >ports[i]; } + list_for_each_entry(port, >hotplug_ports, list) { + if (strcmp(port->port.ifname, ifname) != 0) + continue; + + return >port; + } + return NULL; } @@ -415,9 +428,25 @@ bridge_remove_member(struct bridge_member *bm) static void bridge_free_member(struct bridge_member *bm) { + struct bridge_state *bst = bm->bst; struct device *dev = bm->dev.dev; + const char *ifname = dev->ifname; + struct bridge_vlan *vlan; bridge_remove_member(bm); + + vlist_for_each_element(>dev.vlans, vlan, node) { + struct bridge_vlan_hotplug_port *port, *tmp; + + list_for_each_entry_safe(port, tmp, >hotplug_ports, list) { + if (strcmp(port->port.ifname, ifname) != 0) + continue; + + list_del(>list); + free(port); + } + } + device_remove_user(>dev); /* @@ -616,11 +645,66 @@ bridge_add_member(struct bridge_state *bst, const char *name) bridge_create_member(bst, name, dev, false); } +static void +bridge_hotplug_create_member_vlans(struct bridge_state *bst, struct blob_attr *vlans, const char *ifname) +{ + struct bridge_vlan *vlan; + struct blob_attr *cur; + int rem; + + if (!vlans) + return; + + blobmsg_for_each_attr(cur, vlans, rem) { + struct bridge_vlan_hotplug_port *port; + uint16_t flags = BRVLAN_F_UNTAGGED; + char *name_buf; + unsigned int vid; + char *end; + + if (blobmsg_type(cur) != BLOBMSG_TYPE_STRING) + continue; + + vid = strtoul(blobmsg_get_string(cur), , 0); + if (!vid || vid > 4095) + continue; + + vlan = vlist_find(>dev.vlans, , vlan, node); + if (!vlan) + continue; + + if (end && *end) { + if (*end != ':') + continue; + + for (end++; *end; end++) { + switch (*end) { + case 't': + flags &= ~BRVLAN_F_UNTAGGED; + break; + case '*': + flags |= BRVLAN_F_PVID; + break; + } + } + } + + port = calloc_a(sizeof(*port), _buf, strlen(ifname) + 1); + if (!port) + continue; + + port->port.flags = flags; + port->port.ifname = strcpy(name_buf, ifname); + list_add_tail(>list, >hotplug_ports); + } +} + static int -bridge_hotplug_add(struct device *dev, struct device *member) +bridge_hotplug_add(struct device *dev, struct device *member, struct blob_attr *vlan) { struct bridge_state *bst = container_of(dev, struct bridge_state, dev); + bridge_hotplug_create_member_vlans(bst, vlan, member->ifname); bridge_create_member(bst, member->ifname, member, true); return 0; @@ -899,6 +983,20 @@ bridge_vlan_equal(struct bridge_vlan *v1, struct bridge_vlan *v2) return true; } +static void +bridge_vlan_free(struct bridge_vlan *vlan) +{ + struct bridge_vlan_hotplug_port *port, *tmp; + + if (!vlan) + return; + + list_for_each_entry_safe(port, tmp, >hotplug_ports, list) + free(port); + + free(vlan); +} + static void bridge_vlan_update(struct vlist_tree *tree, struct vlist_node *node_new, struct vlist_node *node_old) @@ -920,13 +1018,16 @@
Re: OpenWRT (ucert) signature check during upgrade
On Fri, Aug 07, 2020 at 03:47:57PM +0300, Andrii Voloshyn wrote: > Hi there, > > I'd like to use signature verification during sysupgrade, but at the moment I > get "Image check failed" message. > Similar to what guys mentioned here: > https://forum.openwrt.org/t/possible-bug-in-ucert/57704 > By digging around, I found out that: > > fwtool -q -T -s /dev/null /tmp/sysupgrade.bin | ucert -V -m - -c > "/tmp/sysupgrade.ucert" -P /etc/opkg/keys > > command fails, with the following message "cert_verify: cannot parse cert". > My assumption is that it is because of a signature of the upgrade file that > we add at the end of the certificate, while appending metadata to the upgrade > file. line below (ucert -A -c "$@.ucert" -x "$@.sig") > > define Build/append-metadata > >---$(if $(SUPPORTED_DEVICES),-echo $(call > >metadata_json,$(SUPPORTED_DEVICES)) | fwtool -I - $@) > >---[ ! -s "$(BUILD_KEY)" -o ! -s "$(BUILD_KEY).ucert" -o ! -s "$@" ] || { \ > >--->---cp "$(BUILD_KEY).ucert" "$@.ucert" ;\ > >--->---usign -S -m "$@" -s "$(BUILD_KEY)" -x "$@.sig" ;\ > >--->---ucert -A -c "$@.ucert" -x "$@.sig" ;\ > >--->---fwtool -S "$@.ucert" "$@" ;\ > >---} > endef > > Would (ucert -V -m) expect appended upgrade image file signature in the > certificate passed with -c? > Or this functionality has not been implemented yet? > In other words how to check upgtade file signature prior to upgrade with > ucert tool? Yes, this is exactly how it is supposed to work. There has been a bug caused by libubox security improvements which made ucert always fail to parse certificates, it should have been fixed by commit 96c42c5ed3207b8ad1ce836a4426c8700c13b655 Author: Matthias Schiffer Date: Sat May 16 22:29:24 2020 +0200 Fix length checks in cert_load() Please verify manually if ucert can parse the certificate, ie. extract it into a file /tmp/sysupgrade.ucert using fwtool, then install ucert-full and use `ucert -D -c /tmp/sysupgrade.ucert` and see what happends. Cheers Daniel > > > Cheers, > Andrew > > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH v2] busybox: bump to 1.32.0
Hauke Mehrtens [2020-08-06 23:48:55]: Hi, > On 7/28/20 10:14 AM, Petr Štetiar wrote: > > Refreshed patches and config options. Removed upstreamed patches: > > > > 001-remove-stime-function-calls.patch > > 110-no_static_libgcc.patch > > > > Run tested on x86_64 under QEMU. > > > > Signed-off-by: Petr Štetiar > Acked-by: Hauke Mehrtens > > Tested on lantiq mips. Thanks for testing! FYI there seems to be some regression[1] in ash so I've postponed merging. 1. http://lists.busybox.net/pipermail/busybox/2020-July/088161.html -- ynezz ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: MT7621 Flow Control
On Fri, Aug 7, 2020 at 10:09 AM Kristian Evensen wrote: > > Hello, > > On Thu, Aug 6, 2020 at 1:44 PM Jaap Buurman wrote: > > However, on this mailing list a user by the name of Kristian claims > > that disabling flow control helps fix this problem, as can be read > > here: > > https://lists.openwrt.org/pipermail/openwrt-devel/2017-November/009882.html > > My patch unfortunately does not solve the problem, as I can still see > the timeout error. However, by disabling flow control, the frequency > of the error is decreased to the point where it almost never happens > (even on devices where I would frequently see the error). In order to > deal with the remaining timeout cases, I wrote a small watchdog script > that checks syslog for the timeout message and restarts networking if > the error occurs. A restart has always been able to recover networking > (at the cost of a small interruption). > > Kristian Dear Kristian, Thank you very much for your input. It's unfortunate to hear you were unable to fix the issue completely, but good to hear the frequency of it happening has gone way down. I have two questions for you if you wouldn't mind: 1) Would you perhaps be willing to share the watchdog script? It would be very useful to me, and probably with me many others with the same issue. 2) Is my assertion that the above mentioned patch that is supposed to disable flow control never changed anything, correct? I am not sure I saw a reduction in the issue cropping up after that patch landed, which could be explained if the patch never disabled flow control as it was intended to do. Thank you! Jaap ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH v5] treewide: use wpad-basic-wolfssl as default
From: Petr Štetiar In order to support SAE/WPA3-Personal in default images. Replaced almost all occurencies of wpad-basic and wpad-mini with wpad-basic-wolfssl for consistency. Keeping out ar71xx from the list in order to make the backports easier. Signed-off-by: Petr Štetiar [rebase] Signed-off-by: Adrian Schmutzler --- Changes in v5: - Rebased due to wpad selection inversion in mt7621 --- target/linux/apm821xx/image/sata.mk | 2 +- target/linux/apm821xx/nand/target.mk | 2 +- .../apm821xx/sata/profiles/00-default.mk | 2 +- .../arc770/generic/profiles/00-default.mk | 2 +- .../archs38/generic/profiles/00-default.mk| 2 +- target/linux/ath25/Makefile | 2 +- target/linux/ath79/generic/target.mk | 2 +- target/linux/ath79/image/generic-ubnt.mk | 2 +- target/linux/ath79/image/generic.mk | 4 +-- target/linux/ath79/mikrotik/target.mk | 2 +- target/linux/ath79/nand/target.mk | 2 +- target/linux/ath79/tiny/target.mk | 2 +- target/linux/bcm27xx/image/Makefile | 8 ++--- .../generic/profiles/101-Broadcom-wl.mk | 2 +- .../generic/profiles/105-Broadcom-none.mk | 2 +- .../generic/profiles/201-Broadcom-b44-wl.mk | 2 +- .../generic/profiles/205-Broadcom-b44-none.mk | 2 +- .../generic/profiles/211-Broadcom-tg3-wl.mk | 2 +- .../generic/profiles/215-Broadcom-tg3-none.mk | 2 +- .../generic/profiles/221-Broadcom-bgmac-wl.mk | 2 +- .../profiles/225-Broadcom-bgmac-none.mk | 2 +- .../bcm47xx/generic/profiles/PS-1208MFG.mk| 2 +- target/linux/bcm47xx/generic/target.mk| 2 +- .../legacy/profiles/101-Broadcom-wl.mk| 2 +- target/linux/bcm47xx/legacy/target.mk | 2 +- .../mips74k/profiles/102-Broadcom-wl.mk | 2 +- .../mips74k/profiles/103-Broadcom-none.mk | 2 +- target/linux/bcm47xx/mips74k/target.mk| 2 +- target/linux/bcm53xx/image/Makefile | 2 +- target/linux/bcm63xx/image/Makefile | 10 +++--- target/linux/bcm63xx/profiles/default.mk | 2 +- target/linux/cns3xxx/Makefile | 2 +- target/linux/ipq40xx/Makefile | 2 +- target/linux/ipq806x/Makefile | 2 +- target/linux/kirkwood/image/Makefile | 4 +-- target/linux/kirkwood/profiles/00-default.mk | 2 +- target/linux/lantiq/image/ar9.mk | 18 +- target/linux/lantiq/image/danube.mk | 24 ++--- target/linux/lantiq/image/tp-link.mk | 8 ++--- target/linux/lantiq/image/vr9.mk | 30 target/linux/lantiq/image/xway_legacy.mk | 10 +++--- target/linux/malta/Makefile | 2 +- target/linux/mediatek/mt7622/target.mk| 2 +- target/linux/mpc85xx/Makefile | 2 +- target/linux/mvebu/image/cortexa9.mk | 4 +-- target/linux/omap/profiles/00-default.mk | 2 +- target/linux/oxnas/image/ox820.mk | 2 +- target/linux/ramips/image/mt7620.mk | 2 +- target/linux/ramips/image/mt7621.mk | 34 +-- target/linux/ramips/mt7620/target.mk | 2 +- target/linux/ramips/mt7621/target.mk | 2 +- target/linux/ramips/mt76x8/target.mk | 2 +- target/linux/ramips/rt288x/target.mk | 2 +- target/linux/ramips/rt305x/target.mk | 2 +- target/linux/ramips/rt3883/target.mk | 2 +- target/linux/rb532/Makefile | 2 +- target/linux/sunxi/image/cortexa7.mk | 8 ++--- target/linux/sunxi/profiles/00-default.mk | 2 +- target/linux/tegra/image/Makefile | 2 +- target/linux/uml/Makefile | 2 +- 60 files changed, 129 insertions(+), 129 deletions(-) diff --git a/target/linux/apm821xx/image/sata.mk b/target/linux/apm821xx/image/sata.mk index 6fe8324b93..bcb612c22f 100644 --- a/target/linux/apm821xx/image/sata.mk +++ b/target/linux/apm821xx/image/sata.mk @@ -6,7 +6,7 @@ endef define Device/wd_mybooklive DEVICE_VENDOR := Western Digital DEVICE_MODEL := My Book Live Series (Single + Duo) - DEVICE_PACKAGES := kmod-usb-dwc2 kmod-usb-ledtrig-usbport kmod-usb-storage kmod-fs-vfat wpad-basic + DEVICE_PACKAGES := kmod-usb-dwc2 kmod-usb-ledtrig-usbport kmod-usb-storage kmod-fs-vfat wpad-basic-wolfssl SUPPORTED_DEVICES += mbl wd,mybooklive-duo BLOCKSIZE := 1k DTB_SIZE := 16384 diff --git a/target/linux/apm821xx/nand/target.mk b/target/linux/apm821xx/nand/target.mk index 16475307d7..d40b0fbc19 100644 --- a/target/linux/apm821xx/nand/target.mk +++ b/target/linux/apm821xx/nand/target.mk @@ -1,7 +1,7 @@ BOARDNAME:=Devices with NAND flash (Routers) FEATURES += nand pcie ramdisk squashfs usb -DEFAULT_PACKAGES += kmod-ath9k swconfig wpad-basic +DEFAULT_PACKAGES += kmod-ath9k swconfig wpad-basic-wolfssl define Target/Description Build firmware images for APM821XX boards with NAND
Re: MT7621 Flow Control
Hello, On Thu, Aug 6, 2020 at 1:44 PM Jaap Buurman wrote: > However, on this mailing list a user by the name of Kristian claims > that disabling flow control helps fix this problem, as can be read > here: > https://lists.openwrt.org/pipermail/openwrt-devel/2017-November/009882.html My patch unfortunately does not solve the problem, as I can still see the timeout error. However, by disabling flow control, the frequency of the error is decreased to the point where it almost never happens (even on devices where I would frequently see the error). In order to deal with the remaining timeout cases, I wrote a small watchdog script that checks syslog for the timeout message and restarts networking if the error occurs. A restart has always been able to recover networking (at the cost of a small interruption). Kristian ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH] bcm47xx: use vendor_model scheme for device/image names
Most targets have been updated to consistently use the vendor_model scheme for device definitions and thus, image names. Apply this to bcm47xx as well. This does _not_ apply any other specific naming changes. Cc: Rafał Miłecki Signed-off-by: Adrian Schmutzler --- target/linux/bcm47xx/image/generic.mk | 24 +-- target/linux/bcm47xx/image/legacy.mk | 124 +++ target/linux/bcm47xx/image/mips74k.mk | 212 +- 3 files changed, 180 insertions(+), 180 deletions(-) diff --git a/target/linux/bcm47xx/image/generic.mk b/target/linux/bcm47xx/image/generic.mk index e5ae952137..61204bf232 100644 --- a/target/linux/bcm47xx/image/generic.mk +++ b/target/linux/bcm47xx/image/generic.mk @@ -3,7 +3,7 @@ # # BCM4705 with tg3 -define Device/linksys-wrt300n-v1.1 +define Device/linksys_wrt300n-v1.1 DEVICE_MODEL := WRT300N DEVICE_VARIANT := v1.1 DEVICE_PACKAGES := kmod-tg3 kmod-b43 @@ -11,9 +11,9 @@ define Device/linksys-wrt300n-v1.1 DEVICE_ID := EWC2 VERSION := 1.51.2 endef -TARGET_DEVICES += linksys-wrt300n-v1.1 +TARGET_DEVICES += linksys_wrt300n-v1.1 -define Device/linksys-wrt310n-v1 +define Device/linksys_wrt310n-v1 DEVICE_MODEL := WRT310N DEVICE_VARIANT := v1 DEVICE_PACKAGES := kmod-tg3 kmod-b43 @@ -21,9 +21,9 @@ define Device/linksys-wrt310n-v1 DEVICE_ID := 310N VERSION := 1.0.10 endef -TARGET_DEVICES += linksys-wrt310n-v1 +TARGET_DEVICES += linksys_wrt310n-v1 -define Device/linksys-wrt350n-v1 +define Device/linksys_wrt350n-v1 DEVICE_MODEL := WRT350N DEVICE_VARIANT := v1 DEVICE_PACKAGES := kmod-tg3 kmod-b43 $(USB2_PACKAGES) @@ -31,9 +31,9 @@ define Device/linksys-wrt350n-v1 DEVICE_ID := EWCG VERSION := 1.04.1 endef -TARGET_DEVICES += linksys-wrt350n-v1 +TARGET_DEVICES += linksys_wrt350n-v1 -define Device/linksys-wrt610n-v1 +define Device/linksys_wrt610n-v1 DEVICE_MODEL := WRT610N DEVICE_VARIANT := v1 DEVICE_PACKAGES := kmod-tg3 kmod-b43 $(USB2_PACKAGES) @@ -41,10 +41,10 @@ define Device/linksys-wrt610n-v1 DEVICE_ID := 610N VERSION := 1.0.1 endef -TARGET_DEVICES += linksys-wrt610n-v1 +TARGET_DEVICES += linksys_wrt610n-v1 # BCMA SoC with SSB WiFi -define Device/linksys-wrt610n-v2 +define Device/linksys_wrt610n-v2 DEVICE_MODEL := WRT610N DEVICE_VARIANT := v2 DEVICE_PACKAGES := kmod-bgmac kmod-b43 $(USB2_PACKAGES) @@ -52,9 +52,9 @@ define Device/linksys-wrt610n-v2 DEVICE_ID := 610N VERSION := 2.0.0 endef -TARGET_DEVICES += linksys-wrt610n-v2 +TARGET_DEVICES += linksys_wrt610n-v2 -define Device/linksys-e3000-v1 +define Device/linksys_e3000-v1 DEVICE_MODEL := E3000 DEVICE_VARIANT := v1 DEVICE_PACKAGES := kmod-bgmac kmod-b43 $(USB2_PACKAGES) @@ -62,7 +62,7 @@ define Device/linksys-e3000-v1 DEVICE_ID := 61XN VERSION := 1.0.3 endef -TARGET_DEVICES += linksys-e3000-v1 +TARGET_DEVICES += linksys_e3000-v1 # generic has Ethernet drivers as modules so overwrite standard image define Device/standard diff --git a/target/linux/bcm47xx/image/legacy.mk b/target/linux/bcm47xx/image/legacy.mk index 66d7efd5d2..4538813b91 100644 --- a/target/linux/bcm47xx/image/legacy.mk +++ b/target/linux/bcm47xx/image/legacy.mk @@ -2,107 +2,107 @@ # Subtarget legacy # -define Device/asus-wl-300g +define Device/asus_wl-300g DEVICE_MODEL := WL-300g DEVICE_PACKAGES := kmod-b43 kmod-b43legacy $(Device/asus) PRODUCTID := "WL300g " endef -TARGET_DEVICES += asus-wl-300g +TARGET_DEVICES += asus_wl-300g -define Device/asus-wl-320gp +define Device/asus_wl-320gp DEVICE_MODEL := WL-320gP DEVICE_PACKAGES := kmod-b43 $(Device/asus) PRODUCTID := "WL320gP " endef -TARGET_DEVICES += asus-wl-320gp +TARGET_DEVICES += asus_wl-320gp -define Device/asus-wl-330ge +define Device/asus_wl-330ge DEVICE_MODEL := WL-330gE DEVICE_PACKAGES := kmod-b43 $(Device/asus) PRODUCTID := "WL-330gE" endef -TARGET_DEVICES += asus-wl-330ge +TARGET_DEVICES += asus_wl-330ge -define Device/asus-wl-500gd +define Device/asus_wl-500gd DEVICE_MODEL := WL-500g Deluxe DEVICE_PACKAGES := kmod-b43 $(USB2_PACKAGES) $(Device/asus) PRODUCTID := "WL500gx " endef -TARGET_DEVICES += asus-wl-500gd +TARGET_DEVICES += asus_wl-500gd -define Device/asus-wl-500gp-v1 +define Device/asus_wl-500gp-v1 DEVICE_MODEL := WL-500gP DEVICE_VARIANT := v1 DEVICE_PACKAGES := kmod-b43 $(USB2_PACKAGES) $(Device/asus) PRODUCTID := "WL500gp " endef -TARGET_DEVICES += asus-wl-500gp-v1 +TARGET_DEVICES += asus_wl-500gp-v1 -define Device/asus-wl-500gp-v2 +define Device/asus_wl-500gp-v2 DEVICE_MODEL := WL-500gP DEVICE_VARIANT := v2 DEVICE_PACKAGES := kmod-b43 $(USB2_PACKAGES) $(Device/asus) PRODUCTID := "WL500gpv2 " endef -TARGET_DEVICES += asus-wl-500gp-v2 +TARGET_DEVICES += asus_wl-500gp-v2 -define Device/asus-wl-500w +define Device/asus_wl-500w DEVICE_MODEL :=
Re: OpenWRT (ucert) signature check during upgrade
On 07/08/2020 09:47, Andrii Voloshyn wrote: I'd like to use signature verification during sysupgrade, but at the moment I get "Image check failed" message. Similar to what guys mentioned here: https://forum.openwrt.org/t/possible-bug-in-ucert/57704 Keep in mind that, for security purposes, optional signatures are useless. You will have to change things so that your firmware *requires* the signature to be always present. No backwards compatibility with unsigned images is possible. As a rule, an optional metadata field at the *end* of an image is useless for either security or corruption checking purposes. All it takes is the most common download issue of them all: truncation. The end of the file isn't there (because it was truncated early enough), the *optional* metadata isn't there, but enough of the headers made it through to look like a valid image to sysupgrade. The corrupt (incomplete) file is accepted and used, despise the fact that the original had checksum metadata and signatures. Not Good[tm]. Prepending the metadata allows it to protect properly against download truncation, but if the presence of signature metadata is still optional, prepended or not it will still be useless as far as *security* goes. The proper answer is *requiring* the metadata and signature to be present. It resolves both issues, regardless of whether the metadata is prepended or appended to the image. What you're going to do about "sysupgrade -F" and direct flashing is another angle to think about, as well... -- Henrique de Moraes Holschuh ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
OpenWrt's 'procd' now speaks containers
Dear community, in the past couple of months I've been working on implementing the Open Container Initiative Runtime Specification [1] in procd by extending the already existing support for slim containers ('ujail'). As a result, there is now a new CLI tool called 'uxc' which handles the basic operations on containers as defined by the spec [2]. This allows to use it as a drop-in replacement for Docker's 'runc' (or 'crun') on OpenWrt hosts with a significantly reduced footprint. Examples usage: # install packages opkg install kmod-veth uxc ujail-console # create veth pair for container uci batch
Re: [PATCH] busybox: use settimeofday() instead of syscall
On Thu, Aug 6, 2020 at 10:02 PM Rosen Penev wrote: > > On Thu, Aug 6, 2020 at 9:49 PM wrote: > > > > From: Masafumi UTSUGI > > > > SYS_settimeofday syscall is not time64 safe. > > Using settimeofday() instead of syscall() is recommended or > > some C libraries such as musl might cause compile error. More information here: https://github.com/systemd/systemd/issues/13305 > Eh no. > > The reason for using the syscall is that musl ignores the tz > parameter. See: > https://github.com/openwrt/openwrt/commit/5a7c064bdbb71bfbcded073c7c0a8723be306009 > > A proper fix is here: > https://github.com/openwrt/openwrt/pull/3004/commits/bd6af541da7b27399143ce91081c44c3c9a155d9 > > I will resend once busybox 1.3.2 gets merged. > > > > Signed-off-by: Masafumi UTSUGI > > --- > > Makefile | 2 +- > > patches/250-date-k-flag.patch | 26 +++--- > > 2 files changed, 12 insertions(+), 16 deletions(-) > > > > diff --git a/Makefile b/Makefile > > index 01441d1..baf375e 100644 > > --- a/Makefile > > +++ b/Makefile > > @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk > > > > PKG_NAME:=busybox > > PKG_VERSION:=1.31.1 > > -PKG_RELEASE:=1 > > +PKG_RELEASE:=2 > > PKG_FLAGS:=essential > > > > PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 > > diff --git a/patches/250-date-k-flag.patch b/patches/250-date-k-flag.patch > > index 5aadbb2..ef0545c 100644 > > --- a/patches/250-date-k-flag.patch > > +++ b/patches/250-date-k-flag.patch > > @@ -8,19 +8,15 @@ > > //usage: "\n" > > //usage: "\nRecognized TIME formats:" > > //usage: "\n hh:mm[:ss]" > > -@@ -139,9 +140,8 @@ > > - > > - #include "libbb.h" > > - #include "common_bufsiz.h" > > --#if ENABLE_FEATURE_DATE_NANO > > --# include > > --#endif > > +@@ -142,6 +143,7 @@ > > + #if ENABLE_FEATURE_DATE_NANO > > + # include > > + #endif > > +#include > > -+#include > > > > enum { > > OPT_RFC2822 = (1 << 0), /* R */ > > -@@ -149,8 +149,9 @@ enum { > > +@@ -149,8 +151,9 @@ enum { > > OPT_UTC = (1 << 2), /* u */ > > OPT_DATE = (1 << 3), /* d */ > > OPT_REFERENCE = (1 << 4), /* r */ > > @@ -32,7 +28,7 @@ > > }; > > > > #if ENABLE_LONG_OPTS > > -@@ -162,6 +163,7 @@ static const char date_longopts[] ALIGN1 > > +@@ -162,6 +165,7 @@ static const char date_longopts[] ALIGN1 = > > /* "universal\0" No_argument "u" */ > > "date\0" Required_argument "d" > > "reference\0" Required_argument "r" > > @@ -40,7 +36,7 @@ > > ; > > #endif > > > > -@@ -181,6 +183,8 @@ static void maybe_set_utc(int opt) > > +@@ -181,6 +185,8 @@ static void maybe_set_utc(int opt) > > int date_main(int argc, char **argv) MAIN_EXTERNALLY_VISIBLE; > > int date_main(int argc UNUSED_PARAM, char **argv) > > { > > @@ -49,7 +45,7 @@ > > struct timespec ts; > > struct tm tm_time; > > char buf_fmt_dt2str[64]; > > -@@ -193,7 +197,7 @@ int date_main(int argc UNUSED_PARAM, cha > > +@@ -193,7 +199,7 @@ int date_main(int argc UNUSED_PARAM, char **argv) > > char *isofmt_arg = NULL; > > > > opt = getopt32long(argv, "^" > > @@ -58,7 +54,7 @@ > > IF_FEATURE_DATE_ISOFMT("I::D:") > > "\0" > > "d--s:s--d" > > -@@ -256,6 +260,31 @@ int date_main(int argc UNUSED_PARAM, cha > > +@@ -256,6 +262,31 @@ int date_main(int argc UNUSED_PARAM, char **argv) > > if (*argv) > > bb_show_usage(); > > > > @@ -69,7 +65,7 @@ > > + > > + /* workaround warp_clock() on first invocation */ > > + memset(, 0, sizeof(tz)); > > -+ syscall(SYS_settimeofday, NULL, ); > > ++ settimeofday(NULL, ); > > + > > + memset(, 0, sizeof(tz)); > > +#ifdef __USE_MISC > > @@ -78,7 +74,7 @@ > > + tz.tz_minuteswest = -(tm_time.__tm_gmtoff / 60); > > +#endif > > + > > -+ if (syscall(SYS_settimeofday, NULL, )) > > ++ if (settimeofday(NULL, )) > > + { > > + bb_perror_msg("can't set kernel time zone"); > > + return EXIT_FAILURE; > > -- > > 2.7.4 > > > > > > ___ > > openwrt-devel mailing list > > openwrt-devel@lists.openwrt.org > > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: Policy on BUILD_PATENTED
On Mon, Aug 3, 2020 at 9:11 AM Etienne Champetier wrote: > > Hi Rosen, > > Le lun. 3 août 2020 à 00:04, Rosen Penev a écrit : > > > > Recently there's been a pull request to get patented functionality in > > the packages feed: https://github.com/openwrt/packages/pull/12992 > > > > Which pointed me to this lovely description: > > https://www.videolan.org/legal.html > > > > Two excerpts: > > > > In the USA, you should check out the US Copyright Office decision that > > allows circumvention in some cases. > > VideoLAN is NOT a US-based organization and is therefore outside US > > jurisdiction. > > > > Neither French law nor European conventions recognize software as > > patentable (see French section below). > > Therefore, software patents licenses do not apply on VideoLAN software. > > > > The commit that disabled patented packages is: > > https://github.com/openwrt/openwrt/commit/dc555d003c21679c8c94ac7f5c74cbd5cd089ae0 > > > > This caused controversy regarding ffmpeg at the time since it meant > > that minidlna would be unavailable. > > > > Which brings me to my question. How should BUILD_PATENTED be treated? > > OpenWrt as far as I know is not US based. > > OpenWrt is represented by a US non profit, so not sure where it is based. > https://openwrt.org/about > > The remerged OpenWrt project is legally represented by the Software in the > > Public Interest (SPI) - an US 501(c)(3) non-profit organization which is > > managing our OpenWrt trademark, handling our donations and helping us with > > legal problems. > > Software Freedom Conservancy (future replacement of SPI) is also US based Sounds problematic then. > > Best > > Etienne > > > > > Whenever discussion about patents arise, I usually point to Fedora > > whose parent company is Red Hat, which is based in the US. There are > > many things that they do not distribute that OpenWrt does for legal > > reasons. Should Fedora's practices be mirrored or should a more > > liberal policy regarding patented functionality be taken? > > > > ___ > > openwrt-devel mailing list > > openwrt-devel@lists.openwrt.org > > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH 2/4] build: ipkg-build use fakeroot with PKG_FILE_MODES
The `ipkg-build` script converts a folder into a `opkg` installable package. Until now it would use root:root for all packages and try to preserve file modes. This has the two drawbacks of packages want to add non-root files or add SUID files, like the `sudo` package does. To give more flexibility regarding file modes and avoid init script hacks, a new variable called `PKG_FILE_MODES`. The variable contains a list of files modes in the format `path:owner:group:mode`. An example for the `sudo` package below: ``` PKG_FILE_MODES:=\ /usr/bin/sudo:root:root:4755 \ /etc/sudoers:root:root:0440 ``` The `ipkg-build` now runs within a fakeroot environment to set any mode and directly store it in the resulting `ipk` package archive. Both options `-o` and `-g` are no longer required due to the introduction of the more flexible `-m` options, which takes the `PKG_FILE_MODES` as input. Lastly the option `-c` is removed as it's unused within the script. Signed-off-by: Paul Spooren --- include/package-ipkg.mk | 6 +- scripts/ipkg-build | 41 + 2 files changed, 26 insertions(+), 21 deletions(-) diff --git a/include/package-ipkg.mk b/include/package-ipkg.mk index 622cbf3223..d8b65433c2 100644 --- a/include/package-ipkg.mk +++ b/include/package-ipkg.mk @@ -9,10 +9,6 @@ ifndef DUMP include $(INCLUDE_DIR)/feeds.mk endif -# invoke ipkg-build with some default options -IPKG_BUILD:= \ - $(SCRIPT_DIR)/ipkg-build -c -o 0 -g 0 - IPKG_REMOVE:= \ $(SCRIPT_DIR)/ipkg-remove @@ -262,7 +258,7 @@ $(_endef) endif $(INSTALL_DIR) $$(PDIR_$(1)) - $(IPKG_BUILD) $$(IDIR_$(1)) $$(PDIR_$(1)) + $(FAKEROOT) $(SCRIPT_DIR)/ipkg-build -m "$(PKG_FILE_MODES)" $$(IDIR_$(1)) $$(PDIR_$(1)) @[ -f $$(IPKG_$(1)) ] $(1)-clean: diff --git a/scripts/ipkg-build b/scripts/ipkg-build index 21127f3391..c547c439ef 100755 --- a/scripts/ipkg-build +++ b/scripts/ipkg-build @@ -77,23 +77,15 @@ pkg_appears_sane() { ### # ipkg-build "main" ### -ogargs="" -noclean=0 -usage="Usage: $0 [-c] [-C] [-o owner] [-g group] []" -while getopts "cg:ho:v" opt; do +file_modes="" +usage="Usage: $0 [-v] [-h] [-m] []" +while getopts "hvm:" opt; do case $opt in - o ) owner=$OPTARG - ogargs="--owner=$owner" - ;; - g ) group=$OPTARG - ogargs="$ogargs --group=$group" - ;; - c ) ;; - C ) noclean=1;; v ) echo $version exit 0 ;; h ) echo $usage >&2 ;; + m ) file_modes=$OPTARG ;; \? )echo $usage >&2 esac done @@ -144,21 +136,38 @@ tmp_dir=$dest_dir/IPKG_BUILD.$$ mkdir $tmp_dir echo $CONTROL > $tmp_dir/tarX -# Preserve permissions (-p) when creating data.tar.gz as non-root user -( cd $pkg_dir && $TAR $ogargs -X $tmp_dir/tarX --format=gnu --sort=name -cpf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/data.tar.gz ) +cd $pkg_dir +for file_mode in $file_modes; do + case $file_mode in + /*:*:*:*) + ;; + *) + echo "ERROR: file modes must use absolute path and contain user:group:mode" + echo "$file_mode" + exit 1 + ;; + esac + path=$(echo "$file_mode" | cut -d ':' -f 1) + user_group=$(echo "$file_mode" | cut -d ':' -f 2-3) + mode=$(echo "$file_mode" | cut -d ':' -f 4) + + chown "$user_group" "$pkg_dir/$path" + chmod "$mode" "$pkg_dir/$path" +done +$TAR -X $tmp_dir/tarX --format=gnu --sort=name -cpf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/data.tar.gz installed_size=`stat -c "%s" $tmp_dir/data.tar.gz` sed -i -e "s/^Installed-Size: .*/Installed-Size: $installed_size/" \ $pkg_dir/$CONTROL/control -( cd $pkg_dir/$CONTROL && $TAR $ogargs --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/control.tar.gz ) +( cd $pkg_dir/$CONTROL && $TAR --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" . | $GZIP -n - > $tmp_dir/control.tar.gz ) rm $tmp_dir/tarX echo "2.0" > $tmp_dir/debian-binary pkg_file=$dest_dir/${pkg}_${version}_${arch}.ipk rm -f $pkg_file -( cd $tmp_dir && $TAR $ogargs --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" ./debian-binary ./data.tar.gz ./control.tar.gz | $GZIP -n - > $pkg_file ) +( cd $tmp_dir && $TAR --format=gnu --sort=name -cf - --mtime="$TIMESTAMP" ./debian-binary ./data.tar.gz ./control.tar.gz | $GZIP -n - > $pkg_file ) rm $tmp_dir/debian-binary $tmp_dir/data.tar.gz $tmp_dir/control.tar.gz rmdir $tmp_dir -- 2.25.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH 1/4] tools: add fakeroot
From: Thomas Petazzoni SELinux support requires setting the appropriate SELinux security context to files and directories, which needs to happen at build time in order to support read-only root filesystem scenarios. In order to create these security contexts, we will have to run some SELinux-specific tools on the host machine, but that requires root access. This adds support for fakeroot, which the build process will use to run the SELinux security context creation and the image creation. Signed-off-by: Thomas Petazzoni Apply to current master, and adjust commit message Thomas' original work is available at http://lists.infradead.org/pipermail/openwrt-devel/2019-November/025976.html. Signed-off-by: W. Michael Petullo [add rules.mk FAKEROOT variable] Signed-off-by: Paul Spooren --- rules.mk| 1 + tools/Makefile | 2 +- tools/fakeroot/Makefile | 20 3 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 tools/fakeroot/Makefile diff --git a/rules.mk b/rules.mk index 479172de03..45d96d6be4 100644 --- a/rules.mk +++ b/rules.mk @@ -264,6 +264,7 @@ endif BUILD_KEY=$(TOPDIR)/key-build +FAKEROOT:=$(STAGING_DIR_HOST)/bin/fakeroot TARGET_CC:=$(TARGET_CROSS)gcc TARGET_CXX:=$(TARGET_CROSS)g++ KPATCH:=$(SCRIPT_DIR)/patch-kernel.sh diff --git a/tools/Makefile b/tools/Makefile index 9bae09ece6..f038c90ba9 100644 --- a/tools/Makefile +++ b/tools/Makefile @@ -26,7 +26,7 @@ tools-y += m4 libtool autoconf autoconf-archive automake flex bison pkgconf mkli tools-y += sstrip make-ext4fs e2fsprogs mtd-utils mkimage tools-y += firmware-utils patch-image quilt padjffs2 tools-y += mm-macros missing-macros cmake bc findutils gengetopt patchelf -tools-y += mtools dosfstools libressl +tools-y += mtools dosfstools libressl fakeroot tools-$(CONFIG_TARGET_orion_generic) += wrt350nv2-builder upslug2 tools-$(CONFIG_TARGET_x86) += qemu tools-$(CONFIG_TARGET_mxs) += elftosb sdimage diff --git a/tools/fakeroot/Makefile b/tools/fakeroot/Makefile new file mode 100644 index 00..04d9a0dd60 --- /dev/null +++ b/tools/fakeroot/Makefile @@ -0,0 +1,20 @@ +# +# This is free software, licensed under the GNU General Public License v2. +# See /LICENSE for more information. +# +include $(TOPDIR)/rules.mk + +PKG_NAME:=fakeroot +PKG_VERSION:=1.20.2 + +PKG_SOURCE:=$(PKG_NAME)_$(PKG_VERSION).orig.tar.bz2 +PKG_SOURCE_URL:=http://snapshot.debian.org/archive/debian/20141005T221953Z/pool/main/f/fakeroot +PKG_HASH:=7c0a164d19db3efa9e802e0fc7cdfeff70ec6d26cdbdc4338c9c2823c5ea230c + +include $(INCLUDE_DIR)/host-build.mk + +HOST_CONFIGURE_VARS += \ + ac_cv_header_sys_capability_h=no \ + ac_cv_func_capset=no + +$(eval $(call HostBuild)) -- 2.25.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH 4/4] build: remove INSTALL_SUID
Instead of INSTALL_SUID the PKG_FILE_MODES variable should be used Signed-off-by: Paul Spooren --- rules.mk | 1 - 1 file changed, 1 deletion(-) diff --git a/rules.mk b/rules.mk index 45d96d6be4..d535e57266 100644 --- a/rules.mk +++ b/rules.mk @@ -281,7 +281,6 @@ PATCH:=patch PYTHON:=python INSTALL_BIN:=install -m0755 -INSTALL_SUID:=install -m4755 INSTALL_DIR:=install -d -m0755 INSTALL_DATA:=install -m0644 INSTALL_CONF:=install -m0600 -- 2.25.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[PATCH 3/4] busybox: Use PKG_FILE_MODES for SUID
Instead of using INSTALL_SUID use the more flexible PKG_FILE_MODES variable withn the Makefile to set the SUID bit. Signed-off-by: Paul Spooren --- package/utils/busybox/Makefile | 9 + 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile index 01441d1e87..e5507aa787 100644 --- a/package/utils/busybox/Makefile +++ b/package/utils/busybox/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=busybox PKG_VERSION:=1.31.1 -PKG_RELEASE:=1 +PKG_RELEASE:=2 PKG_FLAGS:=essential PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 @@ -28,6 +28,10 @@ PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=LICENSE archival/libarchive/bz/LICENSE PKG_CPE_ID:=cpe:/a:busybox:busybox +ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_FEATURE_SUID),) + PKG_FILE_MODES:=/bin/busybox:root:root:4755 +endif + include $(INCLUDE_DIR)/package.mk ifeq ($(DUMP),) @@ -118,9 +122,6 @@ endif ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_NTPD),) $(INSTALL_BIN) ./files/sysntpd $(1)/etc/init.d/sysntpd $(INSTALL_BIN) ./files/ntpd-hotplug $(1)/usr/sbin/ntpd-hotplug -endif -ifneq ($(CONFIG_BUSYBOX_$(BUSYBOX_SYM)_FEATURE_SUID),) - $(INSTALL_SUID) $(PKG_INSTALL_DIR)/bin/busybox $(1)/bin/busybox endif -rm -rf $(1)/lib64 endef -- 2.25.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
[RFC] Policy for PKG_RELEASE bumps
Hi team, currently exist two different ideas on when to raise the PKG_RELEASE of a package. * When functional things change For example, a OpenWrt specific patch is added * When anything inside the packages ipk file changes Includes patch and so called "cosmetic" changes outside the Makefile, e.g. replace tabs with spaces. While one could argue that following the first approach lowers the number of non functional updates via `opkg`, it results in packages with different checksums. To keep track of what is reproducible and what not, it is very helpful to see changes in PKG_RELEASE. If not, two seemingly same packages (version/release) have different checksums. The frequent package updates are likely to happen only when using snapshots, which receives a new firmware on a daily basis anyway. Please share your thoughts. If there are no strong arguments against bumping the PKG_RELEASE on anything that changes the resulting package content, I'd like to make that a policy. Best, Paul ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH] treewide: replace `which` with `command -v`
On 07.08.20 16:48, Rosen Penev wrote: On Fri, Aug 7, 2020 at 5:42 PM Paul Spooren wrote: On 07.08.20 14:18, Rosen Penev wrote: On Fri, Aug 7, 2020 at 3:57 PM Paul Spooren wrote: Fix shellcheck SC2230 which is non-standard. Use builtin 'command -v' instead. Once applied to everything concerning OpenWrt we can disable the busybox feature `which` and save 3.8kB. which and command -v seem to not be the same. See https://github.com/openwrt/openwrt/commit/8242c6de29951fbb549355770cd685ffe3ac9c54 Afaik ldir uses a Mac which may has a different build in implementation of `command`. Testing it locally on a Linux machine they behave very much the same. user@dawn:~/src/openwrt/openwrt$ command -v git /usr/bin/git user@dawn:~/src/openwrt/openwrt$ which git /usr/bin/git user@dawn:~/src/openwrt/openwrt$ command -v git-nope user@dawn:~/src/openwrt/openwrt$ echo $? 1 user@dawn:~/src/openwrt/openwrt$ which git-nope user@dawn:~/src/openwrt/openwrt$ echo $? 1 I'd image the *command* `command` doesn't exist on a Mac and it would actually execute the *command* `git` there, which obviously pollutes the output. command is a shell builtin. macOS used bash and now zsh. I doubt that's the problem. All right, I found the issue. The problem is the following commit: https://github.com/openwrt/openwrt/commit/56f813674a912490df327304033bf667b285930a It replaces the function without migrating the 2>/dev/null. It's therefore neither the fault of MacOS nor command. I therefore assume my proposed patch is fine. Seems like a problem of Mac and not the bash/sh included `command`. Thinking about that, it seems fairly dangerous: If you'd run `command -v nuke_harddrive > /dev/null` it would actually run whatever command silently. There is a wrapper called `./scripts/md5sum` which calls `md5`, the Mac tool to get a MD5 checksum. I guess we could create a wrapper like ./scripts/command which contains the following line: which $2 # skipping the -v arg of command Ultimately it's about freeing up busybox-which, which is independent of any Mac ideas. For that rootfs.mk and ipkg-build could be left untouched. Signed-off-by: Paul Spooren --- include/rootfs.mk| 6 +++--- package/base-files/files/lib/upgrade/stage2 | 2 +- .../kernel/broadcom-wl/files/lib/wifi/broadcom.sh| 2 +- scripts/ipkg-build | 12 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/include/rootfs.mk b/include/rootfs.mk index b6775c7e15..18ada3cd43 100644 --- a/include/rootfs.mk +++ b/include/rootfs.mk @@ -69,7 +69,7 @@ define prepare_rootfs @( \ cd $(1); \ for script in ./usr/lib/opkg/info/*.postinst; do \ - IPKG_INSTROOT=$(1) $$(which bash) $$script; \ + IPKG_INSTROOT=$(1) $$(command -v bash) $$script; \ ret=$$?; \ if [ $$ret -ne 0 ]; then \ echo "postinst script $$script has failed with exit code $$ret" >&2; \ @@ -79,10 +79,10 @@ define prepare_rootfs for script in ./etc/init.d/*; do \ grep '#!/bin/sh /etc/rc.common' $$script >/dev/null || continue; \ if ! echo " $(3) " | grep -q " $$(basename $$script) "; then \ - IPKG_INSTROOT=$(1) $$(which bash) ./etc/rc.common $$script enable; \ + IPKG_INSTROOT=$(1) $$(command -v bash) ./etc/rc.common $$script enable; \ echo "Enabling" $$(basename $$script); \ else \ - IPKG_INSTROOT=$(1) $$(which bash) ./etc/rc.common $$script disable; \ + IPKG_INSTROOT=$(1) $$(command -v bash) ./etc/rc.common $$script disable; \ echo "Disabling" $$(basename $$script); \ fi; \ done || true \ diff --git a/package/base-files/files/lib/upgrade/stage2 b/package/base-files/files/lib/upgrade/stage2 index dbb33e8958..a4fef42134 100755 --- a/package/base-files/files/lib/upgrade/stage2 +++ b/package/base-files/files/lib/upgrade/stage2 @@ -45,7 +45,7 @@ switch_to_ramfs() { snapshot snapshot_tool \ $RAMFS_COPY_BIN do - local file="$(which "$binary" 2>/dev/null)" + local file="$(command -v "$binary" 2>/dev/null)" [ -n "$file" ] && install_bin "$file" done install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh /lib/upgrade/*.sh /lib/upgrade/do_stage2 /usr/share/libubox/jshn.sh $RAMFS_COPY_DATA diff --git a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh index 33447341b2..352c365f27 100644 ---
Re: OpenWrt's 'procd' now speaks containers
On 07.08.20 09:47, Daniel Golle wrote: Dear community, in the past couple of months I've been working on implementing the Open Container Initiative Runtime Specification [1] in procd by extending the already existing support for slim containers ('ujail'). As a result, there is now a new CLI tool called 'uxc' which handles the basic operations on containers as defined by the spec [2]. This allows to use it as a drop-in replacement for Docker's 'runc' (or 'crun') on OpenWrt hosts with a significantly reduced footprint. Great news! Thank you very much your work! Due to the high traffic on OpenWrt I'm sure a lot of people will miss that email. I'd like to see a first usage[1] of openwrt-annouce and also a news bit on the website. [1]: https://lists.openwrt.org/pipermail/openwrt-announce/ Examples usage: # install packages opkg install kmod-veth uxc ujail-console # create veth pair for container uci batch
[PATCH] treewide: replace `which` with `command -v`
Fix shellcheck SC2230 > which is non-standard. Use builtin 'command -v' instead. Once applied to everything concerning OpenWrt we can disable the busybox feature `which` and save 3.8kB. Signed-off-by: Paul Spooren --- include/rootfs.mk| 6 +++--- package/base-files/files/lib/upgrade/stage2 | 2 +- .../kernel/broadcom-wl/files/lib/wifi/broadcom.sh| 2 +- scripts/ipkg-build | 12 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/include/rootfs.mk b/include/rootfs.mk index b6775c7e15..18ada3cd43 100644 --- a/include/rootfs.mk +++ b/include/rootfs.mk @@ -69,7 +69,7 @@ define prepare_rootfs @( \ cd $(1); \ for script in ./usr/lib/opkg/info/*.postinst; do \ - IPKG_INSTROOT=$(1) $$(which bash) $$script; \ + IPKG_INSTROOT=$(1) $$(command -v bash) $$script; \ ret=$$?; \ if [ $$ret -ne 0 ]; then \ echo "postinst script $$script has failed with exit code $$ret" >&2; \ @@ -79,10 +79,10 @@ define prepare_rootfs for script in ./etc/init.d/*; do \ grep '#!/bin/sh /etc/rc.common' $$script >/dev/null || continue; \ if ! echo " $(3) " | grep -q " $$(basename $$script) "; then \ - IPKG_INSTROOT=$(1) $$(which bash) ./etc/rc.common $$script enable; \ + IPKG_INSTROOT=$(1) $$(command -v bash) ./etc/rc.common $$script enable; \ echo "Enabling" $$(basename $$script); \ else \ - IPKG_INSTROOT=$(1) $$(which bash) ./etc/rc.common $$script disable; \ + IPKG_INSTROOT=$(1) $$(command -v bash) ./etc/rc.common $$script disable; \ echo "Disabling" $$(basename $$script); \ fi; \ done || true \ diff --git a/package/base-files/files/lib/upgrade/stage2 b/package/base-files/files/lib/upgrade/stage2 index dbb33e8958..a4fef42134 100755 --- a/package/base-files/files/lib/upgrade/stage2 +++ b/package/base-files/files/lib/upgrade/stage2 @@ -45,7 +45,7 @@ switch_to_ramfs() { snapshot snapshot_tool \ $RAMFS_COPY_BIN do - local file="$(which "$binary" 2>/dev/null)" + local file="$(command -v "$binary" 2>/dev/null)" [ -n "$file" ] && install_bin "$file" done install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh /lib/upgrade/*.sh /lib/upgrade/do_stage2 /usr/share/libubox/jshn.sh $RAMFS_COPY_DATA diff --git a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh index 33447341b2..352c365f27 100644 --- a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh +++ b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh @@ -223,7 +223,7 @@ enable_broadcom() { } local _c=0 - local nas="$(which nas)" + local nas="$(command -v nas)" local if_pre_up if_up nas_cmd local vif vif_pre_up vif_post_up vif_do_up vif_txpower local bssmax=$(wlc ifname "$device" bssmax) diff --git a/scripts/ipkg-build b/scripts/ipkg-build index 21127f3391..6e027bc546 100755 --- a/scripts/ipkg-build +++ b/scripts/ipkg-build @@ -10,10 +10,10 @@ set -e version=1.0 -FIND="$(which find)" -FIND="${FIND:-$(which gfind)}" -TAR="${TAR:-$(which tar)}" -GZIP="$(which gzip)" +FIND="$(command -v find)" +FIND="${FIND:-$(command -v gfind)}" +TAR="${TAR:-$(command -v tar)}" +GZIP="$(command -v gzip)" # try to use fixed source epoch if [ -n "$SOURCE_DATE_EPOCH" ]; then @@ -21,10 +21,10 @@ if [ -n "$SOURCE_DATE_EPOCH" ]; then # look up date of last commit elif [ -d "$TOPDIR/.git" ]; then - GIT="$(which git)" + GIT="$(command -v git)" TIMESTAMP=$(cd $TOPDIR; $GIT log -1 -s --format=%ci) elif [ -d "$TOPDIR/.svn" ]; then - SVN="$(which svn)" + SVN="$(command -v svn)" TIMESTAMP=$($SVN info "$TOPDIR" | sed -n "s/^Last Changed Date: \(.*\)/\1/p") else TIMESTAMP=$(date) -- 2.25.1 ___ openwrt-devel mailing list openwrt-devel@lists.openwrt.org https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Re: [PATCH] treewide: replace `which` with `command -v`
On Fri, Aug 7, 2020 at 3:57 PM Paul Spooren wrote: > > Fix shellcheck SC2230 > > which is non-standard. Use builtin 'command -v' instead. > > Once applied to everything concerning OpenWrt we can disable the busybox > feature `which` and save 3.8kB. which and command -v seem to not be the same. See https://github.com/openwrt/openwrt/commit/8242c6de29951fbb549355770cd685ffe3ac9c54 > > Signed-off-by: Paul Spooren > --- > include/rootfs.mk| 6 +++--- > package/base-files/files/lib/upgrade/stage2 | 2 +- > .../kernel/broadcom-wl/files/lib/wifi/broadcom.sh| 2 +- > scripts/ipkg-build | 12 ++-- > 4 files changed, 11 insertions(+), 11 deletions(-) > > diff --git a/include/rootfs.mk b/include/rootfs.mk > index b6775c7e15..18ada3cd43 100644 > --- a/include/rootfs.mk > +++ b/include/rootfs.mk > @@ -69,7 +69,7 @@ define prepare_rootfs > @( \ > cd $(1); \ > for script in ./usr/lib/opkg/info/*.postinst; do \ > - IPKG_INSTROOT=$(1) $$(which bash) $$script; \ > + IPKG_INSTROOT=$(1) $$(command -v bash) $$script; \ > ret=$$?; \ > if [ $$ret -ne 0 ]; then \ > echo "postinst script $$script has failed > with exit code $$ret" >&2; \ > @@ -79,10 +79,10 @@ define prepare_rootfs > for script in ./etc/init.d/*; do \ > grep '#!/bin/sh /etc/rc.common' $$script >/dev/null > || continue; \ > if ! echo " $(3) " | grep -q " $$(basename $$script) > "; then \ > - IPKG_INSTROOT=$(1) $$(which bash) > ./etc/rc.common $$script enable; \ > + IPKG_INSTROOT=$(1) $$(command -v bash) > ./etc/rc.common $$script enable; \ > echo "Enabling" $$(basename $$script); \ > else \ > - IPKG_INSTROOT=$(1) $$(which bash) > ./etc/rc.common $$script disable; \ > + IPKG_INSTROOT=$(1) $$(command -v bash) > ./etc/rc.common $$script disable; \ > echo "Disabling" $$(basename $$script); \ > fi; \ > done || true \ > diff --git a/package/base-files/files/lib/upgrade/stage2 > b/package/base-files/files/lib/upgrade/stage2 > index dbb33e8958..a4fef42134 100755 > --- a/package/base-files/files/lib/upgrade/stage2 > +++ b/package/base-files/files/lib/upgrade/stage2 > @@ -45,7 +45,7 @@ switch_to_ramfs() { > snapshot snapshot_tool \ > $RAMFS_COPY_BIN > do > - local file="$(which "$binary" 2>/dev/null)" > + local file="$(command -v "$binary" 2>/dev/null)" > [ -n "$file" ] && install_bin "$file" > done > install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh > /lib/upgrade/*.sh /lib/upgrade/do_stage2 /usr/share/libubox/jshn.sh > $RAMFS_COPY_DATA > diff --git a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh > b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh > index 33447341b2..352c365f27 100644 > --- a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh > +++ b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh > @@ -223,7 +223,7 @@ enable_broadcom() { > } > > local _c=0 > - local nas="$(which nas)" > + local nas="$(command -v nas)" > local if_pre_up if_up nas_cmd > local vif vif_pre_up vif_post_up vif_do_up vif_txpower > local bssmax=$(wlc ifname "$device" bssmax) > diff --git a/scripts/ipkg-build b/scripts/ipkg-build > index 21127f3391..6e027bc546 100755 > --- a/scripts/ipkg-build > +++ b/scripts/ipkg-build > @@ -10,10 +10,10 @@ > set -e > > version=1.0 > -FIND="$(which find)" > -FIND="${FIND:-$(which gfind)}" > -TAR="${TAR:-$(which tar)}" > -GZIP="$(which gzip)" > +FIND="$(command -v find)" > +FIND="${FIND:-$(command -v gfind)}" > +TAR="${TAR:-$(command -v tar)}" > +GZIP="$(command -v gzip)" > > # try to use fixed source epoch > if [ -n "$SOURCE_DATE_EPOCH" ]; then > @@ -21,10 +21,10 @@ if [ -n "$SOURCE_DATE_EPOCH" ]; then > > # look up date of last commit > elif [ -d "$TOPDIR/.git" ]; then > - GIT="$(which git)" > + GIT="$(command -v git)" > TIMESTAMP=$(cd $TOPDIR; $GIT log -1 -s --format=%ci) > elif [ -d "$TOPDIR/.svn" ]; then > - SVN="$(which svn)" > + SVN="$(command -v svn)" > TIMESTAMP=$($SVN info "$TOPDIR" | sed -n "s/^Last Changed Date: > \(.*\)/\1/p") > else > TIMESTAMP=$(date) > -- > 2.25.1 > > > ___ > openwrt-devel mailing list > openwrt-devel@lists.openwrt.org > https://lists.openwrt.org/mailman/listinfo/openwrt-devel ___ openwrt-devel mailing
Re: [PATCH] treewide: replace `which` with `command -v`
On Fri, Aug 7, 2020 at 5:42 PM Paul Spooren wrote: > > > On 07.08.20 14:18, Rosen Penev wrote: > > On Fri, Aug 7, 2020 at 3:57 PM Paul Spooren wrote: > >> Fix shellcheck SC2230 > >>> which is non-standard. Use builtin 'command -v' instead. > >> Once applied to everything concerning OpenWrt we can disable the busybox > >> feature `which` and save 3.8kB. > > which and command -v seem to not be the same. See > > https://github.com/openwrt/openwrt/commit/8242c6de29951fbb549355770cd685ffe3ac9c54 > > Afaik ldir uses a Mac which may has a different build in implementation > of `command`. > > Testing it locally on a Linux machine they behave very much the same. > > user@dawn:~/src/openwrt/openwrt$ command -v git > /usr/bin/git > user@dawn:~/src/openwrt/openwrt$ which git > /usr/bin/git > user@dawn:~/src/openwrt/openwrt$ command -v git-nope > user@dawn:~/src/openwrt/openwrt$ echo $? > 1 > user@dawn:~/src/openwrt/openwrt$ which git-nope > user@dawn:~/src/openwrt/openwrt$ echo $? > 1 > > I'd image the *command* `command` doesn't exist on a Mac and it would > actually execute the *command* `git` there, which obviously pollutes the > output. command is a shell builtin. macOS used bash and now zsh. I doubt that's the problem. > > Seems like a problem of Mac and not the bash/sh included `command`. > Thinking about that, it seems fairly dangerous: If you'd run `command -v > nuke_harddrive > /dev/null` it would actually run whatever command silently. > > There is a wrapper called `./scripts/md5sum` which calls `md5`, the Mac > tool to get a MD5 checksum. > > I guess we could create a wrapper like ./scripts/command which contains > the following line: > > which $2 # skipping the -v arg of command > > Ultimately it's about freeing up busybox-which, which is independent of > any Mac ideas. For that rootfs.mk and ipkg-build could be left untouched. > > >> Signed-off-by: Paul Spooren > >> --- > >> include/rootfs.mk| 6 +++--- > >> package/base-files/files/lib/upgrade/stage2 | 2 +- > >> .../kernel/broadcom-wl/files/lib/wifi/broadcom.sh| 2 +- > >> scripts/ipkg-build | 12 ++-- > >> 4 files changed, 11 insertions(+), 11 deletions(-) > >> > >> diff --git a/include/rootfs.mk b/include/rootfs.mk > >> index b6775c7e15..18ada3cd43 100644 > >> --- a/include/rootfs.mk > >> +++ b/include/rootfs.mk > >> @@ -69,7 +69,7 @@ define prepare_rootfs > >> @( \ > >> cd $(1); \ > >> for script in ./usr/lib/opkg/info/*.postinst; do \ > >> - IPKG_INSTROOT=$(1) $$(which bash) $$script; \ > >> + IPKG_INSTROOT=$(1) $$(command -v bash) $$script; \ > >> ret=$$?; \ > >> if [ $$ret -ne 0 ]; then \ > >> echo "postinst script $$script has failed > >> with exit code $$ret" >&2; \ > >> @@ -79,10 +79,10 @@ define prepare_rootfs > >> for script in ./etc/init.d/*; do \ > >> grep '#!/bin/sh /etc/rc.common' $$script > >> >/dev/null || continue; \ > >> if ! echo " $(3) " | grep -q " $$(basename > >> $$script) "; then \ > >> - IPKG_INSTROOT=$(1) $$(which bash) > >> ./etc/rc.common $$script enable; \ > >> + IPKG_INSTROOT=$(1) $$(command -v bash) > >> ./etc/rc.common $$script enable; \ > >> echo "Enabling" $$(basename $$script); \ > >> else \ > >> - IPKG_INSTROOT=$(1) $$(which bash) > >> ./etc/rc.common $$script disable; \ > >> + IPKG_INSTROOT=$(1) $$(command -v bash) > >> ./etc/rc.common $$script disable; \ > >> echo "Disabling" $$(basename $$script); \ > >> fi; \ > >> done || true \ > >> diff --git a/package/base-files/files/lib/upgrade/stage2 > >> b/package/base-files/files/lib/upgrade/stage2 > >> index dbb33e8958..a4fef42134 100755 > >> --- a/package/base-files/files/lib/upgrade/stage2 > >> +++ b/package/base-files/files/lib/upgrade/stage2 > >> @@ -45,7 +45,7 @@ switch_to_ramfs() { > >> snapshot snapshot_tool \ > >> $RAMFS_COPY_BIN > >> do > >> - local file="$(which "$binary" 2>/dev/null)" > >> + local file="$(command -v "$binary" 2>/dev/null)" > >> [ -n "$file" ] && install_bin "$file" > >> done > >> install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh > >> /lib/upgrade/*.sh /lib/upgrade/do_stage2 /usr/share/libubox/jshn.sh > >> $RAMFS_COPY_DATA > >> diff --git a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh > >> b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh > >> index 33447341b2..352c365f27 100644 > >> ---
Re: [PATCH] treewide: replace `which` with `command -v`
On 07.08.20 14:18, Rosen Penev wrote: On Fri, Aug 7, 2020 at 3:57 PM Paul Spooren wrote: Fix shellcheck SC2230 which is non-standard. Use builtin 'command -v' instead. Once applied to everything concerning OpenWrt we can disable the busybox feature `which` and save 3.8kB. which and command -v seem to not be the same. See https://github.com/openwrt/openwrt/commit/8242c6de29951fbb549355770cd685ffe3ac9c54 Afaik ldir uses a Mac which may has a different build in implementation of `command`. Testing it locally on a Linux machine they behave very much the same. user@dawn:~/src/openwrt/openwrt$ command -v git /usr/bin/git user@dawn:~/src/openwrt/openwrt$ which git /usr/bin/git user@dawn:~/src/openwrt/openwrt$ command -v git-nope user@dawn:~/src/openwrt/openwrt$ echo $? 1 user@dawn:~/src/openwrt/openwrt$ which git-nope user@dawn:~/src/openwrt/openwrt$ echo $? 1 I'd image the *command* `command` doesn't exist on a Mac and it would actually execute the *command* `git` there, which obviously pollutes the output. Seems like a problem of Mac and not the bash/sh included `command`. Thinking about that, it seems fairly dangerous: If you'd run `command -v nuke_harddrive > /dev/null` it would actually run whatever command silently. There is a wrapper called `./scripts/md5sum` which calls `md5`, the Mac tool to get a MD5 checksum. I guess we could create a wrapper like ./scripts/command which contains the following line: which $2 # skipping the -v arg of command Ultimately it's about freeing up busybox-which, which is independent of any Mac ideas. For that rootfs.mk and ipkg-build could be left untouched. Signed-off-by: Paul Spooren --- include/rootfs.mk| 6 +++--- package/base-files/files/lib/upgrade/stage2 | 2 +- .../kernel/broadcom-wl/files/lib/wifi/broadcom.sh| 2 +- scripts/ipkg-build | 12 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/include/rootfs.mk b/include/rootfs.mk index b6775c7e15..18ada3cd43 100644 --- a/include/rootfs.mk +++ b/include/rootfs.mk @@ -69,7 +69,7 @@ define prepare_rootfs @( \ cd $(1); \ for script in ./usr/lib/opkg/info/*.postinst; do \ - IPKG_INSTROOT=$(1) $$(which bash) $$script; \ + IPKG_INSTROOT=$(1) $$(command -v bash) $$script; \ ret=$$?; \ if [ $$ret -ne 0 ]; then \ echo "postinst script $$script has failed with exit code $$ret" >&2; \ @@ -79,10 +79,10 @@ define prepare_rootfs for script in ./etc/init.d/*; do \ grep '#!/bin/sh /etc/rc.common' $$script >/dev/null || continue; \ if ! echo " $(3) " | grep -q " $$(basename $$script) "; then \ - IPKG_INSTROOT=$(1) $$(which bash) ./etc/rc.common $$script enable; \ + IPKG_INSTROOT=$(1) $$(command -v bash) ./etc/rc.common $$script enable; \ echo "Enabling" $$(basename $$script); \ else \ - IPKG_INSTROOT=$(1) $$(which bash) ./etc/rc.common $$script disable; \ + IPKG_INSTROOT=$(1) $$(command -v bash) ./etc/rc.common $$script disable; \ echo "Disabling" $$(basename $$script); \ fi; \ done || true \ diff --git a/package/base-files/files/lib/upgrade/stage2 b/package/base-files/files/lib/upgrade/stage2 index dbb33e8958..a4fef42134 100755 --- a/package/base-files/files/lib/upgrade/stage2 +++ b/package/base-files/files/lib/upgrade/stage2 @@ -45,7 +45,7 @@ switch_to_ramfs() { snapshot snapshot_tool \ $RAMFS_COPY_BIN do - local file="$(which "$binary" 2>/dev/null)" + local file="$(command -v "$binary" 2>/dev/null)" [ -n "$file" ] && install_bin "$file" done install_file /etc/resolv.conf /lib/*.sh /lib/functions/*.sh /lib/upgrade/*.sh /lib/upgrade/do_stage2 /usr/share/libubox/jshn.sh $RAMFS_COPY_DATA diff --git a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh index 33447341b2..352c365f27 100644 --- a/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh +++ b/package/kernel/broadcom-wl/files/lib/wifi/broadcom.sh @@ -223,7 +223,7 @@ enable_broadcom() { } local _c=0 - local nas="$(which nas)" + local nas="$(command -v nas)" local if_pre_up if_up nas_cmd local vif vif_pre_up vif_post_up vif_do_up vif_txpower local bssmax=$(wlc ifname "$device" bssmax) diff --git a/scripts/ipkg-build b/scripts/ipkg-build index 21127f3391..6e027bc546 100755 ---
Re: [PATCH] treewide: replace `which` with `command -v`
On Fri, Aug 7, 2020 at 8:24 PM Paul Spooren wrote: > > > On 07.08.20 16:48, Rosen Penev wrote: > > On Fri, Aug 7, 2020 at 5:42 PM Paul Spooren wrote: > >> > >> On 07.08.20 14:18, Rosen Penev wrote: > >>> On Fri, Aug 7, 2020 at 3:57 PM Paul Spooren wrote: > Fix shellcheck SC2230 > > which is non-standard. Use builtin 'command -v' instead. > Once applied to everything concerning OpenWrt we can disable the busybox > feature `which` and save 3.8kB. > >>> which and command -v seem to not be the same. See > >>> https://github.com/openwrt/openwrt/commit/8242c6de29951fbb549355770cd685ffe3ac9c54 > >> Afaik ldir uses a Mac which may has a different build in implementation > >> of `command`. > >> > >> Testing it locally on a Linux machine they behave very much the same. > >> > >> user@dawn:~/src/openwrt/openwrt$ command -v git > >> /usr/bin/git > >> user@dawn:~/src/openwrt/openwrt$ which git > >> /usr/bin/git > >> user@dawn:~/src/openwrt/openwrt$ command -v git-nope > >> user@dawn:~/src/openwrt/openwrt$ echo $? > >> 1 > >> user@dawn:~/src/openwrt/openwrt$ which git-nope > >> user@dawn:~/src/openwrt/openwrt$ echo $? > >> 1 > >> > >> I'd image the *command* `command` doesn't exist on a Mac and it would > >> actually execute the *command* `git` there, which obviously pollutes the > >> output. > > command is a shell builtin. macOS used bash and now zsh. I doubt > > that's the problem. > > All right, I found the issue. The problem is the following commit: > > https://github.com/openwrt/openwrt/commit/56f813674a912490df327304033bf667b285930a > > It replaces the function without migrating the 2>/dev/null. It's > therefore neither the fault of MacOS nor command. Good catch. > > I therefore assume my proposed patch is fine. > > >> Seems like a problem of Mac and not the bash/sh included `command`. > >> Thinking about that, it seems fairly dangerous: If you'd run `command -v > >> nuke_harddrive > /dev/null` it would actually run whatever command > >> silently. > >> > >> There is a wrapper called `./scripts/md5sum` which calls `md5`, the Mac > >> tool to get a MD5 checksum. > >> > >> I guess we could create a wrapper like ./scripts/command which contains > >> the following line: > >> > >> which $2 # skipping the -v arg of command > >> > >> Ultimately it's about freeing up busybox-which, which is independent of > >> any Mac ideas. For that rootfs.mk and ipkg-build could be left untouched. > >> > Signed-off-by: Paul Spooren > --- > include/rootfs.mk| 6 +++--- > package/base-files/files/lib/upgrade/stage2 | 2 +- > .../kernel/broadcom-wl/files/lib/wifi/broadcom.sh| 2 +- > scripts/ipkg-build | 12 ++-- > 4 files changed, 11 insertions(+), 11 deletions(-) > > diff --git a/include/rootfs.mk b/include/rootfs.mk > index b6775c7e15..18ada3cd43 100644 > --- a/include/rootfs.mk > +++ b/include/rootfs.mk > @@ -69,7 +69,7 @@ define prepare_rootfs > @( \ > cd $(1); \ > for script in ./usr/lib/opkg/info/*.postinst; do \ > - IPKG_INSTROOT=$(1) $$(which bash) $$script; \ > + IPKG_INSTROOT=$(1) $$(command -v bash) $$script; > \ > ret=$$?; \ > if [ $$ret -ne 0 ]; then \ > echo "postinst script $$script has > failed with exit code $$ret" >&2; \ > @@ -79,10 +79,10 @@ define prepare_rootfs > for script in ./etc/init.d/*; do \ > grep '#!/bin/sh /etc/rc.common' $$script > >/dev/null || continue; \ > if ! echo " $(3) " | grep -q " $$(basename > $$script) "; then \ > - IPKG_INSTROOT=$(1) $$(which bash) > ./etc/rc.common $$script enable; \ > + IPKG_INSTROOT=$(1) $$(command -v bash) > ./etc/rc.common $$script enable; \ > echo "Enabling" $$(basename $$script); > \ > else \ > - IPKG_INSTROOT=$(1) $$(which bash) > ./etc/rc.common $$script disable; \ > + IPKG_INSTROOT=$(1) $$(command -v bash) > ./etc/rc.common $$script disable; \ > echo "Disabling" $$(basename > $$script); \ > fi; \ > done || true \ > diff --git a/package/base-files/files/lib/upgrade/stage2 > b/package/base-files/files/lib/upgrade/stage2 > index dbb33e8958..a4fef42134 100755 > --- a/package/base-files/files/lib/upgrade/stage2 > +++ b/package/base-files/files/lib/upgrade/stage2 > @@ -45,7 +45,7 @@