fix errno propagation and messages
Error messages are now more coherent.
* device: remove allowedips before individual peers
This avoids an O(n^2) traversal in favor of an O(n) one. Before systems with
many peers would grind when deleting the interface.
Signed-off-by: Jason A. Donenfeld <ja
On Wed, May 30, 2018 at 8:24 PM, Pablo Neira Ayuso wrote:
> May it crash the kernel because it's assuming is set? If so, then
> I'd appreciate if you send us a patch to
I suspect it won't crash, but the pmtu might wind up wrong / not calculated.
> Please, use the nf-next.git tree to patch
Hey Pablo,
On Wed, May 30, 2018 at 8:05 PM, Pablo Neira Ayuso wrote:
> If there a more drivers in-tree that need this, we may add
> skb_dst_set_noref() calls to _hook function in the flowtable codebase.
Can I, then, take that as an implicit acknowledgement that this
observed behavior on OpenWRT
This version bump was made upstream mostly for OpenWRT, and should fix
an issue with a null dst when on the flow offloading path.
While we're at it, Kevin and I are the only people actually taking care
of this package, so trim the maintainer list a bit.
Signed-off-by: Jason A. Donenfeld
Hi Jaap,
This should now be taken care of by
http://lists.infradead.org/pipermail/openwrt-devel/2018-May/012675.html
. Thanks for the useful bug report.
Jason
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
Hey Pablo,
Some OpenWRT people have reported to me that there's a crash when
enabling flow offloading, because I rely on skb_dst(skb) being
non-null in ndo_start_xmit. The fix in my code for this is very
simple:
- mtu = dst_mtu(skb_dst(skb));
+ dst = skb_dst(skb);
+ mtu = dst ? dst_mtu(dst) :
wrote:
> Dear Jason,
>
> This isn't a regression. This is simply the first time this has been
> observed. (hw) flow offload is a new feature, and hence this
> interaction with wireguard is also new.
>
> Yours sincerely,
>
> Jaap
>
> On Tue, May 29, 2018 at 1:54 PM,
hence this
>> interaction with wireguard is also new.
>>
>> Yours sincerely,
>>
>> Jaap
>>
>> On Tue, May 29, 2018 at 1:54 PM, Jason A. Donenfeld wrote:
>>> Hi Jaap,
>>>
>>> Thanks for the report. Is this a _new_ bug in _new_ ver
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index a88dca1..d314cd5 100644
--- a/package/network
found a bug where a netlink dump of peers would never terminate in
some circumstances, causing wg(8) to keep trying forever. We now have a fix as
well as a unit test to mitigate this, and we'll be looking to create a fuzzer
out of Matt's nice library.
Signed-off-by: Jason A. Donenfeld
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index 90ecae3..9965002 100644
--- a/package/network
and epilogue
* curve25519-arm: do not waste 32 bytes of stack
* curve25519-arm: prefix immediates with #
This incorporates ASM nits from upstream review.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions
. It also sets the stage for moving to a
HACL* implementation when that's ready.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network
performance on most
systems by using NAPI. The main purpose of this snapshot is to test out this
technique.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index dad430b..8a71ce2 100644
--- a/package/network
of
skb_checksum_setup check.
* wg.8: specify that wg(8) shows runtime info too
* wg.8: AllowedIPs isn't actually required
* keygen-html: add missing glue macro
* wg-quick: android: do not choke on empty allowed-ips
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4
ead name the files with a .c
instead of a .h, so we now follow the convention.
* Support many more platforms in QEMU, especially big endian ones.
* Kernels < 3.17 don't have read_cpuid_part, so fix building there.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Ma
example, so that others can paste it into
their own GUI clients for having the same strictly validating highlighting.
* netlink: use __kernel_timespec for handshake time
This readies us for Y2038. See https://lwn.net/Articles/776435/ for more info.
Signed-off-by: Jason A. Donenfeld
---
package
trying to port to using Andy Polyakov's original
perlasm files, and this means quite a lot of work to re-do that had stableized
in our old .S.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
or not to inline certain
functions, while still manually choosing so for a few performance-critical
sections.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b
nux 5.1.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index aab3e59..c04762b 100644
--- a/pack
orders of magnitude faster now.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index 2e9f17e
building wg(8)-based init
scripts and services, or 0, or any other integer.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network
tricky
to support 33 different kernel versions (3.10+), plus weird distro
frankenkernels.
If OpenWRT doesn't support < 4.2, you probably don't need to apply this.
But it also can't hurt, and probably best to stay updated.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wiregu
lan of Axatrax was kind
enough to mail me.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index 310d
* messages: recalculate rekey max based on a one minute flood
* allowedips: safely dereference rcu roots
* socket: remove redundant check of new4
* allowedips: avoid double lock in selftest error case
* tools: add syncconf command
Signed-off-by: Jason A. Donenfeld
---
package/network/services
ure userspace communication frees wgdevice
Free things properly on error paths.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/netw
d on
libmnl.
* embeddable-wg-library: use newer string_list
* netlink: don't pretend that sysconf isn't a function
Small cleanups.
Signed-off-by: Jason A. Donenfeld
---
package/network/utils/wireguard-tools/Makefile | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/package/ne
This fixes a few small oversights for the 5.5 compat layer.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard
* netns: tie socket waiting to target pid
An added test to our test suite for the above and a small fix for high-load CI
scenarios.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package
related to setting the MTU of a device to zero.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index
* send: cleanup skb padding calculation
* socket: remove useless synchronize_net
Sorry for the back-to-back releases. This fixes a regression spotted by Eric
Dumazet.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2
in the
linker receiving its inputs in a filesystem-dependent order. This screwed up
reproducible builds.
Signed-off-by: Jason A. Donenfeld
---
package/network/utils/wireguard-tools/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/utils/wireguard-tools
s per call
Achieving these kind of results with formally verified code is quite
remarkable, especialy considering that performance is favorable for
newer chips.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
t(8).
* fuzz: find bugs in the config syntax parser
* fuzz: find bugs when parsing uapi input
These are two fuzzers that have been laying around without a repo for a while.
Perhaps somebody with enough compute power will find bugs with them.
Signed-off-by: Jason A. Donenfeld
---
package/network/ut
Qualcomm 4.14 devices. But I fear
that it could lead to issues on other drivers on weird OpenWRT routers.
This commit is upstream in net-next as:
https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=736775d06bac60d7a353e405398b48b2bd8b1e54
Signed-off-by: Jason A. Donenfeld
, we'll drop the original module
package, leaving only the tools. So this commit shuffles the build
definition around a bit but is basically the same idea as before.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 41 +++---
.../network/utils/wireguard
number on the backport compat codebase.
When OpenWRT bumps to Linux 5.6, we'll be able to drop this package
entirely, which I look forward to seeing.
[1] https://lists.zx2c4.com/pipermail/wireguard/2020-March/005206.html
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard
Recent backports to 5.5 and 5.4 broke our compat layer. This release is
to keep things running with the latest upstream stable kernels.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git
upstream, there's no need to set the taint flag.
* receive: use tunnel helpers for decapsulating ECN markings
ECN markings are now decapsulated using RFC6040 instead of the old RFC3168.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2
Is this a patch you'd like to send upstream to wiregu...@lists.zx2c4.com?
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
l to schedule
in preempt_enable.
* selftests: initalize ipv6 members to NULL to squelch clang warning
This fixes a worthless warning from clang.
* send/receive: use explicit unlikely branch instead of implicit coalescing
Some code readibility cleanups.
Signed-off-by: Jason A. Donenfeld
---
package/net
pages in mdocml at some
point soon.
Signed-off-by: Jason A. Donenfeld
---
package/network/utils/wireguard-tools/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/utils/wireguard-tools/Makefile
b/package/network/utils/wireguard-tools/Makefile
index
won't complete if
they're being used anywhere.
* send: use normaler alignment formula from upstream
We're trying to keep a minimal delta with upstream for the compat backport.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions
now: three stable kernels were released
at the same time, with a patch that necessitated updating in our compat layer.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/servi
an application whitelist instead of application
blacklist.
* systemd: add wg-quick.target
This enables all wg-quick at .services to be restarted or managed as a unit via
wg-quick.target.
* Makefile: remember to install all systemd units
Signed-off-by: Jason A. Donenfeld
---
package/network/utils
for a race condition caught by syzkaller.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index
* ipc: split into separate files per-platform
This is in preparation for FreeBSD support, which I had hoped to have this
release, but we're still waiting on some tooling fixes, so hopefully next
wg(8) will support that. Either way, the code base is now a lot more amenable
to adding more kernel
On Tue, Sep 8, 2020 at 6:30 PM Jason A. Donenfeld wrote:
>
> * ipc: split into separate files per-platform
>
> This is in preparation for FreeBSD support, which I had hoped to have this
> release, but we're still waiting on some tooling fixes, so hopefully next
> wg(8) will su
etting the DEPMODBASEDIR
environment variable.
* compat: add missing headers for ip_tunnel_parse_protocol
This fixes compilation with some unusual configurations.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
col and simply use the new
ip_tunnel_parse_protocol function directly.
* compat: backport ip_tunnel_parse_protocol and ip_tunnel_header_ops
These are required for moving wg_examine_packet_protocol out of
wireguard and into upstream.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wire
On Wed, Jun 17, 2020 at 02:33:49PM -0600, Jason A. Donenfeld wrote:
> So, some more research: it looks like the R_ARM_THM_JUMP11 symbol is
> actually wg_packet_send_staged_packets, a boring C function with
> nothing fancy about it. That github issue you pointed to suggested
> that i
Hi Rui,
On Wed, Jun 17, 2020 at 7:19 AM Rui Salvaterra wrote:
> After a bit more digging [1], I believe I've narrowed it down.
> CONFIG_THUMB2_AVOID_R_ARM_THM_JUMP11=y is required in order to avoid
> the emission of R_ARM_THM_JUMP11 relocations in the WireGuard module.
> I'm now wondering why
So, some more research: it looks like the R_ARM_THM_JUMP11 symbol is
actually wg_packet_send_staged_packets, a boring C function with
nothing fancy about it. That github issue you pointed to suggested
that it might have something to do with complex crypto functions, but
it looks like that's not
On Wed, Jun 17, 2020 at 02:45:12PM -0600, Jason A. Donenfeld wrote:
> Looks like my explanation there wasn't 100% accurate, but it does seem
> like the issue occurs when gcc sees a clear tail call that it can
> optimize into a B instruction instead of a BL instruction.
>
> The bel
these days so
it's just fallen by the wayside and
CONFIG_THUMB2_AVOID_R_ARM_THM_JUMP11=y is the best we've got? Or
something else?
Jason
On Wed, Jun 17, 2020 at 2:54 PM Jason A. Donenfeld wrote:
>
> On Wed, Jun 17, 2020 at 02:45:12PM -0600, Jason A. Donenfeld wrote:
> > Looks like
Looks as though in the end this is a binutils bug with
-fvisibility=hidden. Details on
https://sourceware.org/bugzilla/show_bug.cgi?id=12532#c9
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
Hey Rui,
I fixed it! It turned out to be caused by -fvisibility=hidden undoing
the effect of the binutils fix from a while back. Here's the patch
that makes the problem go away:
https://git.zx2c4.com/wireguard-linux-compat/commit/?id=178cdfffb99f2fd6fb4a5bfd2f9319461d93f53b
This will be in the
5.2.y series.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/network/services/wireguard/Makefile
b/package/network/services/wireguard/Makefile
index ce91fbe..b7adf27 100644
--- a/p
On Wed, Jun 10, 2020 at 4:05 AM Rui Salvaterra wrote:
>
> Hi, Jason,
>
> On Wed, 10 Jun 2020 at 10:31, Rui Salvaterra wrote:
> >
> > Good question. :) You're testing in QEMU (which I personally never
> > used), right? I don't know how familiar you are with OpenWrt, but I
> > can surely send you
Hi Rui,
I'm unable to reproduce this:
$ git clone https://git.zx2c4.com/wireguard-linux-compat
$ ARCH=arm make -C wireguard-linux-compat/src test-qemu -j$(nproc)
[... big test suite ...]
$ vim wireguard-linux-compat/qemu-build/arm/linux-5.5.14/.config
[... enable CONFIG_THUMB2_KERNEL=y ...]
$
On Fri, Jul 24, 2020 at 10:39 AM Rui Salvaterra wrote:
>
> Well…
>
> On Fri, 24 Jul 2020 at 09:32, Rosen Penev wrote:
> >
> > > On Jul 24, 2020, at 1:14 AM, Jason A. Donenfeld wrote:
> > >
> > > Seems probably fine to me, but would you let me know if
On Fri, Jul 24, 2020 at 11:05 AM Rui Salvaterra wrote:
>
> On Fri, 24 Jul 2020 at 09:53, Jason A. Donenfeld wrote:
> >
> > Testing the process once like that isn't a good testing methodology
> > representative of anything at all.
>
> I completely agree, this wasn
On Fri, Jul 24, 2020 at 10:03 AM Rui Salvaterra wrote:
>
> The wg utility compiles and runs without issues in MIPS16 mode, despite
> setting
> PKG_USE_MIPS16:=0 in the makefile. Let's remove this, allowing for a
> substantial
> size reduction of the wg executable. Since wg is a just a
} were backported to 5.4
* qemu: bump default testing version
The real motivation for this version bump: 5.4.76 made a change that broke our
compat layer.
Signed-off-by: Jason A. Donenfeld
---
package/network/services/wireguard/Makefile | 4 ++--
1 file changed, 2 insertions(+), 2 deletions
Could somebody apply this please?
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
Hi Ilya,
> diff --git
> a/target/linux/generic/backport-5.4/080-wireguard-0124-crypto-mips-poly1305-enable-for-all-MIPS-processors.patch
>
> b/target/linux/generic/backport-5.4/080-wireguard-0124-crypto-mips-poly1305-enable-for-all-MIPS-processors.patch
> new file mode 100644
> index
These are the latest patches that just landed upstream for 5.13, will be
backported by Greg into 5.10 (because of stable@), and are now in the
5.4 backport branch of wireguard:
https://git.zx2c4.com/wireguard-linux/log/?h=backport-5.4.y
Cc: Ilya Lipnitskiy
Signed-off-by: Jason A. Donenfeld
On Tue, Apr 6, 2021 at 5:33 PM Ilya Lipnitskiy
wrote:
>
> Hi Hauke,
>
> On Tue, Apr 6, 2021 at 3:43 PM Hauke Mehrtens wrote:
> >
> > Hi,
> >
> > How do we want to go forward with OpenWrt 21.02-rc1?
> >
> > * I think the base system is ok.
> > * The http (original wolfssl) problem reported by jow
/ase, ath25 builds.
>
> Fixes: 06351f1 ("kernel: migrate wireguard into the kernel tree")
> Cc: Jason A. Donenfeld
> Signed-off-by: Ilya Lipnitskiy
> ---
> package/kernel/linux/modules/crypto.mk | 7 +--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> d
On Tue, Mar 2, 2021 at 9:09 AM Petr Štetiar wrote:
>
> Jason A. Donenfeld [2021-03-02 00:08:56]:
>
> Hi,
>
> > 126 files changed, 288 insertions(+), 249 deletions(-)
>
> this is quite huge diff for such simple update, what about using `git
> format-pat
These make a big difference when doing WireGuard with small armv7
routers, and the 5.4 backport already has it.
Suggested-by: Ilya Lipnitskiy
Cc: David Bauer
Cc: Petr Štetiar
Signed-off-by: Jason A. Donenfeld
---
...a-neon-optimize-for-non-block-size-m.patch | 272
Lipnitskiy
Cc: David Bauer
Signed-off-by: Jason A. Donenfeld
---
...CPU_MIPS64-for-remaining-MIPS64-CPUs.patch | 36 ++
...CPU_MIPS64-for-remaining-MIPS64-CPUs.patch | 37 +++
2 files changed, 73 insertions(+)
create mode 100644
target/linux/generic/pending-5.10/103-MIPS
Re:WireGuard - fine by me. Thanks for doing that.
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
I've backported WireGuard patch-by patch to 5.4, in a series that you
can simply apply to your existing 5.4 kernels. I can prepare that for
you guys tomorrow. That way, you'll have the kernel module in both 5.4
and 5.10 through the same mechanisms with the same code. That might
save a lot of the
https://github.com/openwrt/openwrt/pull/3890 Voila -- here's a
potentially much, much nicer approach in the long term.
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
On Fri, Feb 19, 2021 at 5:48 AM Rosen Penev wrote:
>
> On Thu, Feb 18, 2021 at 8:31 PM Ilya Lipnitskiy
> wrote:
> >
> > Hi,
> > On Thu, Feb 18, 2021 at 5:57 PM Jason A. Donenfeld wrote:
> > >
> > > I've backported WireGuard patch-by patch to 5.4
https://git.zx2c4.com/wireguard-linux/commit/?h=backport-5.4.y=ac8265d3b26e7c2674e066af6451c5a61d3f2e7a
This will be included in the patchset next time I push a refresh of those.
___
openwrt-devel mailing list
openwrt-devel@lists.openwrt.org
an old one, which means that the
amount of entropy might actually regress, due to failing to credit the
old seed.
Closes: https://github.com/openwrt/openwrt/issues/9570
Signed-off-by: Jason A. Donenfeld
---
package/system/urandom-seed/Makefile | 4 +-
.../files/etc/init.d/urando
Hey Etienne,
On Tue, Mar 29, 2022 at 7:21 AM Jason A. Donenfeld wrote:
>
> Hi Etienne,
>
> On Tue, Mar 29, 2022 at 1:06 AM Etienne Champetier
> wrote:
> > > Oh that's an interesting set of considerations and it's possible I
> > > didn't understand some aspe
Hey Etienne,
On Mon, Mar 28, 2022 at 10:19 AM Etienne Champetier
wrote:
>
> Hi All, Jason,
>
> @Petr Štetiar this merge was a bit too fast to get reviews ...
> Some comments inline
We can apply fixups on top, no big deal.
> When urandom-seed was introduced in 2016 it was decided during review
Hi Etienne,
On Tue, Mar 29, 2022 at 1:06 AM Etienne Champetier
wrote:
> > Oh that's an interesting set of considerations and it's possible I
> > didn't understand some aspect of this. Most OSes should call seedrng
> > once at boot and once at shutdown.
>
> As routers are always on devices, it's
quot;
+echo "Seed saved ($1)"
+}
+
+SEED="$(uci -q get system.@system[0].urandom_seed || true)"
+[ "${SEED:0:1}" = "/" ] && save "$SEED"
+
+SEED=/etc/urandom.seed
+[ ! -f $SEED ] && save "$SEED"
+true
diff --git a/pa
83 matches
Mail list logo