ASR_BASE
Change-Id: Icf3719cc0afe3eeb3edc7fa80a2eb5199ca9dda1
diff --git a/package/system/procd/Makefile b/package/system/procd/Makefile
new file mode 100644
index 0000000..867c166
--- /dev/null
+++ b/package/system/procd/Makefile
@@ -0,0 +1,155 @@
+#
+# Copyright (C) 2014-2016 OpenWrt.org
+#
+# This is free software, licensed under the GNU General Public License v2.
+# See /LICENSE for more information.
+#
+
+include $(TOPDIR)/rules.mk
+
+PKG_NAME:=procd
+PKG_RELEASE:=1
+
+PKG_SOURCE_PROTO:=git
+PKG_SOURCE_URL=$(PROJECT_GIT)/project/procd.git
+PKG_MIRROR_HASH:=191264fcd619208ca0f7e5f3f8f61b98d5a2cd0e791157bc8f183bf41a1768bc
+PKG_SOURCE_DATE:=2024-12-22
+PKG_SOURCE_VERSION:=42d3937654508b04da64969f9d764ac2ec411904
+CMAKE_INSTALL:=1
+
+PKG_LICENSE:=GPL-2.0
+PKG_LICENSE_FILES:=
+
+PKG_MAINTAINER:=John Crispin <john@phrozen.org>
+
+PKG_BUILD_FLAGS:=lto
+PKG_ASLR_PIE_REGULAR:=1
+PKG_CONFIG_DEPENDS:= \
+ CONFIG_TARGET_INIT_PATH CONFIG_KERNEL_SECCOMP CONFIG_PROCD_SHOW_BOOT \
+ CONFIG_KERNEL_NAMESPACES CONFIG_PACKAGE_procd-ujail CONFIG_PACKAGE_procd-seccomp
+
+include $(INCLUDE_DIR)/package.mk
+include $(INCLUDE_DIR)/cmake.mk
+
+ifeq ($(DUMP),)
+ STAMP_CONFIGURED:=$(strip $(STAMP_CONFIGURED))_$(shell echo $(CONFIG_TARGET_INIT_PATH) | $(MKHASH) md5)
+endif
+
+CMAKE_OPTIONS += -DEARLY_PATH="$(TARGET_INIT_PATH)"
+
+define Package/procd/Default
+ SECTION:=base
+ CATEGORY:=Base system
+ DEPENDS:=+ubusd +ubus +libjson-script +ubox +libubox +libudebug \
+ +libubus +libblobmsg-json +libjson-c +jshn
+ TITLE:=OpenWrt system process manager
+ USERID:=:dialout=20 :audio=29
+endef
+
+define Package/procd
+ $(call Package/procd/Default)
+ VARIANT:=default
+ CONFLICTS:=procd-selinux
+endef
+
+define Package/procd-selinux
+ $(call Package/procd/Default)
+ DEPENDS += +libselinux
+ DEPENDS += @SELINUX
+ TITLE += with SELinux support
+ PROVIDES:=procd
+ VARIANT:=selinux
+endef
+
+define Package/procd-ujail
+ SECTION:=base
+ CATEGORY:=Base system
+ DEPENDS:=@KERNEL_NAMESPACES +@KERNEL_UTS_NS +@KERNEL_IPC_NS +@KERNEL_PID_NS \
+ +libubox +libubus +libuci +libblobmsg-json
+ TITLE:=OpenWrt process jail helper
+endef
+
+define Package/procd-seccomp
+ SECTION:=base
+ CATEGORY:=Base system
+ DEPENDS:=@USE_SECCOMP +libubox +libblobmsg-json
+ TITLE:=OpenWrt process seccomp helper + utrace
+endef
+
+define Package/uxc
+ SECTION:=base
+ CATEGORY:=Base system
+ DEPENDS:=+procd-ujail +libubus +libubox +libblobmsg-json +blockd +PACKAGE_uxc:rpcd
+ TITLE:=OpenWrt container management
+ MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
+endef
+
+define Package/procd/config
+menu "Configuration"
+ depends on PACKAGE_procd || PACKAGE_procd-selinux
+
+config PROCD_SHOW_BOOT
+ bool
+ default n
+ prompt "Print the shutdown to the console as well as logging it to syslog"
+
+endmenu
+endef
+
+ifeq ($(BUILD_VARIANT),selinux)
+ CMAKE_OPTIONS += -DSELINUX=1
+endif
+
+ifeq ($(CONFIG_PROCD_SHOW_BOOT),y)
+ CMAKE_OPTIONS += -DSHOW_BOOT_ON_CONSOLE=1
+endif
+
+ifdef CONFIG_PACKAGE_procd-ujail
+ CMAKE_OPTIONS += -DJAIL_SUPPORT=1
+endif
+
+SECCOMP=$(if $(CONFIG_PACKAGE_procd-seccomp),1,0)
+CMAKE_OPTIONS += -DSECCOMP_SUPPORT=$(SECCOMP) -DUTRACE_SUPPORT=$(SECCOMP)
+
+define Package/procd/install
+ $(INSTALL_DIR) $(1)/sbin $(1)/etc $(1)/lib/functions
+
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/{init,procd,askfirst,udevtrigger,upgraded} $(1)/sbin/
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libsetlbf.so $(1)/lib
+ $(INSTALL_BIN) ./files/reload_config $(1)/sbin/
+ $(INSTALL_CONF) ./files/hotplug*.json $(1)/etc/
+ $(INSTALL_DATA) ./files/procd.sh $(1)/lib/functions/
+ $(INSTALL_BIN) ./files/service $(1)/sbin/service
+endef
+
+Package/procd-selinux/install = $(Package/procd/install)
+
+define Package/procd-ujail/install
+ $(INSTALL_DIR) $(1)/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ujail $(1)/sbin/
+endef
+
+define Package/procd-seccomp/install
+ $(INSTALL_DIR) $(1)/sbin $(1)/lib
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libpreload-seccomp.so $(1)/lib
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/utrace $(1)/sbin/
+ $(LN) utrace $(1)/sbin/seccomp-trace
+ $(INSTALL_DATA) $(PKG_INSTALL_DIR)/usr/lib/libpreload-trace.so $(1)/lib
+endef
+
+define Package/uxc/conffiles
+/etc/uxc
+endef
+
+define Package/uxc/install
+ $(INSTALL_DIR) $(1)/sbin
+ $(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/uxc $(1)/sbin/
+ $(INSTALL_DIR) $(1)/etc/init.d
+ $(INSTALL_BIN) ./files/uxc.init $(1)/etc/init.d/uxc
+endef
+
+$(eval $(call BuildPackage,procd))
+$(eval $(call BuildPackage,procd-selinux))
+$(eval $(call BuildPackage,procd-ujail))
+$(eval $(call BuildPackage,procd-seccomp))
+$(eval $(call BuildPackage,uxc))
diff --git a/package/system/procd/files/hotplug-preinit.json b/package/system/procd/files/hotplug-preinit.json
new file mode 100644
index 0000000..658c685
--- /dev/null
+++ b/package/system/procd/files/hotplug-preinit.json
@@ -0,0 +1,18 @@
+[
+ [ "case", "ACTION", {
+ "add": [
+ [ "if",
+ [ "has", "FIRMWARE" ],
+ [
+ [ "exec", "/sbin/hotplug-call", "%SUBSYSTEM%" ],
+ [ "load-firmware", "/lib/firmware" ],
+ [ "return" ]
+ ]
+ ]
+ ]
+ } ],
+ [ "if",
+ [ "eq", "SUBSYSTEM", "button" ],
+ [ "exec", "/etc/rc.button/failsafe" ]
+ ]
+]
diff --git a/package/system/procd/files/hotplug.json b/package/system/procd/files/hotplug.json
new file mode 100644
index 0000000..9fecdda
--- /dev/null
+++ b/package/system/procd/files/hotplug.json
@@ -0,0 +1,88 @@
+[
+ [ "case", "ACTION", {
+ "add": [
+ [ "if",
+ [ "and",
+ [ "has", "MAJOR" ],
+ [ "has", "MINOR" ]
+ ],
+ [
+ [ "if",
+ [ "eq", "DEVNAME", "null" ],
+ [
+ [ "makedev", "/dev/%DEVNAME%", "0666" ],
+ [ "exec", "/bin/ln", "-s", "/proc/self/fd", "/dev/fd" ],
+ [ "exec", "/bin/ln", "-s", "/proc/self/fd/0", "/dev/stdin" ],
+ [ "exec", "/bin/ln", "-s", "/proc/self/fd/1", "/dev/stdout" ],
+ [ "exec", "/bin/ln", "-s", "/proc/self/fd/2", "/dev/stderr" ],
+ [ "return" ]
+ ]
+ ],
+ [ "if",
+ [ "eq", "DEVNAME",
+ [ "full", "ptmx", "zero", "tty", "net", "random", "urandom" ]
+ ],
+ [
+ [ "makedev", "/dev/%DEVNAME%", "0666" ],
+ [ "return" ]
+ ]
+ ],
+ [ "if",
+ [ "regex", "DEVNAME", "^snd" ],
+ [ "makedev", "/dev/%DEVNAME%", "0660", "audio" ]
+ ],
+ [ "if",
+ [ "regex", "DEVNAME", "^tty" ],
+ [ "makedev", "/dev/%DEVNAME%", "0660", "dialout" ]
+ ],
+ [ "if",
+ [ "has", "DEVNAME" ],
+ [ "makedev", "/dev/%DEVNAME%", "0600" ]
+ ]
+ ]
+ ],
+ [ "if",
+ [ "has", "FIRMWARE" ],
+ [
+ [ "exec", "/sbin/hotplug-call", "%SUBSYSTEM%" ],
+ [ "load-firmware", "/lib/firmware" ],
+ [ "return" ]
+ ]
+ ],
+ [ "if",
+ [ "regex", "DEVNAME", "^ttyGS" ],
+ [ "start-console", "%DEVNAME%" ]
+ ]
+ ],
+ "remove" : [
+ [ "if",
+ [ "and",
+ [ "has", "DEVNAME" ],
+ [ "has", "MAJOR" ],
+ [ "has", "MINOR" ]
+ ],
+ [ "rm", "/dev/%DEVNAME%" ]
+ ]
+ ]
+ } ],
+ [ "if",
+ [ "and",
+ [ "has", "BUTTON" ],
+ [ "eq", "SUBSYSTEM", "button" ]
+ ],
+ [ "button", "/etc/rc.button/%BUTTON%" ]
+ ],
+ [ "if",
+ [ "and",
+ [ "eq", "SUBSYSTEM", "usb-serial" ],
+ [ "regex", "DEVNAME",
+ [ "^ttyUSB", "^ttyACM" ]
+ ]
+ ],
+ [ "exec", "/sbin/hotplug-call", "tty" ],
+ [ "if",
+ [ "isdir", "/etc/hotplug.d/%SUBSYSTEM%" ],
+ [ "exec", "/sbin/hotplug-call", "%SUBSYSTEM%" ]
+ ]
+ ]
+]
diff --git a/package/system/procd/files/procd.sh b/package/system/procd/files/procd.sh
new file mode 100644
index 0000000..0f9405a
--- /dev/null
+++ b/package/system/procd/files/procd.sh
@@ -0,0 +1,713 @@
+# procd API:
+#
+# procd_open_service(name, [script]):
+# Initialize a new procd command message containing a service with one or more instances
+#
+# procd_close_service()
+# Send the command message for the service
+#
+# procd_open_instance([name]):
+# Add an instance to the service described by the previous procd_open_service call
+#
+# procd_set_param(type, [value...])
+# Available types:
+# command: command line (array).
+# respawn info: array with 3 values $fail_threshold $restart_timeout $max_fail
+# env: environment variable (passed to the process)
+# data: arbitrary name/value pairs for detecting config changes (table)
+# file: configuration files (array)
+# netdev: bound network device (detects ifindex changes)
+# limits: resource limits (passed to the process)
+# user: $username to run service as
+# group: $groupname to run service as
+# pidfile: file name to write pid into
+# stdout: boolean whether to redirect commands stdout to syslog (default: 0)
+# stderr: boolean whether to redirect commands stderr to syslog (default: 0)
+# facility: syslog facility used when logging to syslog (default: daemon)
+#
+# No space separation is done for arrays/tables - use one function argument per command line argument
+#
+# procd_close_instance():
+# Complete the instance being prepared
+#
+# procd_running(service, [instance]):
+# Checks if service/instance is currently running
+#
+# procd_kill(service, [instance]):
+# Kill a service instance (or all instances)
+#
+# procd_send_signal(service, [instance], [signal])
+# Send a signal to a service instance (or all instances)
+#
+
+. "$IPKG_INSTROOT/usr/share/libubox/jshn.sh"
+
+PROCD_RELOAD_DELAY=1000
+_PROCD_SERVICE=
+
+procd_lock() {
+ local basescript=$(readlink "$initscript")
+ local service_name="$(basename ${basescript:-$initscript})"
+
+ flock -n 1000 &> /dev/null
+ if [ "$?" != "0" ]; then
+ exec 1000>"$IPKG_INSTROOT/var/lock/procd_${service_name}.lock"
+ flock 1000
+ if [ "$?" != "0" ]; then
+ logger "warning: procd flock for $service_name failed"
+ fi
+ fi
+}
+
+_procd_call() {
+ local old_cb
+
+ json_set_namespace procd old_cb
+ "$@"
+ json_set_namespace $old_cb
+}
+
+_procd_wrapper() {
+ procd_lock
+ while [ -n "$1" ]; do
+ eval "$1() { _procd_call _$1 \"\$@\"; }"
+ shift
+ done
+}
+
+_procd_ubus_call() {
+ local cmd="$1"
+
+ [ -n "$PROCD_DEBUG" ] && json_dump >&2
+ ubus call service "$cmd" "$(json_dump)"
+ json_cleanup
+}
+
+_procd_open_service() {
+ local name="$1"
+ local script="$2"
+
+ _PROCD_SERVICE="$name"
+ _PROCD_INSTANCE_SEQ=0
+
+ json_init
+ json_add_string name "$name"
+ [ -n "$script" ] && json_add_string script "$script"
+ json_add_object instances
+}
+
+_procd_close_service() {
+ json_close_object
+ _procd_open_trigger
+ service_triggers
+ _procd_close_trigger
+ type service_data >/dev/null 2>&1 && {
+ _procd_open_data
+ service_data
+ _procd_close_data
+ }
+ _procd_ubus_call ${1:-set}
+}
+
+_procd_add_array_data() {
+ while [ "$#" -gt 0 ]; do
+ json_add_string "" "$1"
+ shift
+ done
+}
+
+_procd_add_array() {
+ json_add_array "$1"
+ shift
+ _procd_add_array_data "$@"
+ json_close_array
+}
+
+_procd_add_table_data() {
+ while [ -n "$1" ]; do
+ local var="${1%%=*}"
+ local val="${1#*=}"
+ [ "$1" = "$val" ] && val=
+ json_add_string "$var" "$val"
+ shift
+ done
+}
+
+_procd_add_table() {
+ json_add_object "$1"
+ shift
+ _procd_add_table_data "$@"
+ json_close_object
+}
+
+_procd_open_instance() {
+ local name="$1"; shift
+
+ _PROCD_INSTANCE_SEQ="$(($_PROCD_INSTANCE_SEQ + 1))"
+ name="${name:-instance$_PROCD_INSTANCE_SEQ}"
+ json_add_object "$name"
+ [ -n "$TRACE_SYSCALLS" ] && json_add_boolean trace "1"
+}
+
+_procd_open_trigger() {
+ let '_procd_trigger_open = _procd_trigger_open + 1'
+ [ "$_procd_trigger_open" -gt 1 ] && return
+ json_add_array "triggers"
+}
+
+_procd_close_trigger() {
+ let '_procd_trigger_open = _procd_trigger_open - 1'
+ [ "$_procd_trigger_open" -lt 1 ] || return
+ json_close_array
+}
+
+_procd_open_data() {
+ let '_procd_data_open = _procd_data_open + 1'
+ [ "$_procd_data_open" -gt 1 ] && return
+ json_add_object "data"
+}
+
+_procd_close_data() {
+ let '_procd_data_open = _procd_data_open - 1'
+ [ "$_procd_data_open" -lt 1 ] || return
+ json_close_object
+}
+
+_procd_open_validate() {
+ json_select ..
+ json_add_array "validate"
+}
+
+_procd_close_validate() {
+ json_close_array
+ json_select triggers
+}
+
+_procd_add_jail() {
+ json_add_object "jail"
+ json_add_string name "$1"
+
+ shift
+
+ for a in $@; do
+ case $a in
+ log) json_add_boolean "log" "1";;
+ ubus) json_add_boolean "ubus" "1";;
+ procfs) json_add_boolean "procfs" "1";;
+ sysfs) json_add_boolean "sysfs" "1";;
+ ronly) json_add_boolean "ronly" "1";;
+ requirejail) json_add_boolean "requirejail" "1";;
+ netns) json_add_boolean "netns" "1";;
+ userns) json_add_boolean "userns" "1";;
+ cgroupsns) json_add_boolean "cgroupsns" "1";;
+ esac
+ done
+ json_add_object "mount"
+ json_close_object
+ json_close_object
+}
+
+_procd_add_jail_mount() {
+ local _json_no_warning=1
+
+ json_select "jail"
+ [ $? = 0 ] || return
+ json_select "mount"
+ [ $? = 0 ] || {
+ json_select ..
+ return
+ }
+ for a in $@; do
+ json_add_string "$a" "0"
+ done
+ json_select ..
+ json_select ..
+}
+
+_procd_add_jail_mount_rw() {
+ local _json_no_warning=1
+
+ json_select "jail"
+ [ $? = 0 ] || return
+ json_select "mount"
+ [ $? = 0 ] || {
+ json_select ..
+ return
+ }
+ for a in $@; do
+ json_add_string "$a" "1"
+ done
+ json_select ..
+ json_select ..
+}
+
+_procd_set_param() {
+ local type="$1"; shift
+
+ case "$type" in
+ env|data|limits)
+ _procd_add_table "$type" "$@"
+ ;;
+ command|netdev|file|respawn|watch|watchdog)
+ _procd_add_array "$type" "$@"
+ ;;
+ error)
+ json_add_array "$type"
+ json_add_string "" "$@"
+ json_close_array
+ ;;
+ nice|term_timeout)
+ json_add_int "$type" "$1"
+ ;;
+ reload_signal)
+ json_add_int "$type" $(kill -l "$1")
+ ;;
+ pidfile|user|group|seccomp|capabilities|facility|\
+ extroot|overlaydir|tmpoverlaysize)
+ json_add_string "$type" "$1"
+ ;;
+ stdout|stderr|no_new_privs)
+ json_add_boolean "$type" "$1"
+ ;;
+ esac
+}
+
+_procd_add_timeout() {
+ [ "$PROCD_RELOAD_DELAY" -gt 0 ] && json_add_int "" "$PROCD_RELOAD_DELAY"
+ return 0
+}
+
+_procd_add_interface_trigger() {
+ json_add_array
+ _procd_add_array_data "$1"
+ shift
+
+ json_add_array
+ _procd_add_array_data "if"
+
+ json_add_array
+ _procd_add_array_data "eq" "interface" "$1"
+ shift
+ json_close_array
+
+ json_add_array
+ _procd_add_array_data "run_script" "$@"
+ json_close_array
+
+ json_close_array
+ _procd_add_timeout
+ json_close_array
+}
+
+_procd_add_reload_interface_trigger() {
+ local script=$(readlink "$initscript")
+ local name=$(basename ${script:-$initscript})
+
+ _procd_open_trigger
+ _procd_add_interface_trigger "interface.*" $1 /etc/init.d/$name reload
+ _procd_close_trigger
+}
+
+_procd_add_data_trigger() {
+ json_add_array
+ _procd_add_array_data "service.data.update"
+
+ json_add_array
+ _procd_add_array_data "if"
+
+ json_add_array
+ _procd_add_array_data "eq" "name" "$1"
+ shift
+ json_close_array
+
+ json_add_array
+ _procd_add_array_data "run_script" "$@"
+ json_close_array
+
+ json_close_array
+ _procd_add_timeout
+ json_close_array
+}
+
+_procd_add_reload_data_trigger() {
+ local script=$(readlink "$initscript")
+ local name=$(basename ${script:-$initscript})
+
+ _procd_open_trigger
+ _procd_add_data_trigger $1 /etc/init.d/$name reload
+ _procd_close_trigger
+}
+
+_procd_add_config_trigger() {
+ json_add_array
+ _procd_add_array_data "$1"
+ shift
+
+ json_add_array
+ _procd_add_array_data "if"
+
+ json_add_array
+ _procd_add_array_data "eq" "package" "$1"
+ shift
+ json_close_array
+
+ json_add_array
+ _procd_add_array_data "run_script" "$@"
+ json_close_array
+
+ json_close_array
+ _procd_add_timeout
+ json_close_array
+}
+
+_procd_add_mount_trigger() {
+ json_add_array
+ _procd_add_array_data "$1"
+ local action="$2"
+ local multi=0
+ shift ; shift
+
+ json_add_array
+ _procd_add_array_data "if"
+
+ if [ "$2" ]; then
+ json_add_array
+ _procd_add_array_data "or"
+ multi=1
+ fi
+
+ while [ "$1" ]; do
+ json_add_array
+ _procd_add_array_data "eq" "target" "$1"
+ shift
+ json_close_array
+ done
+
+ [ $multi = 1 ] && json_close_array
+
+ json_add_array
+ _procd_add_array_data "run_script" /etc/init.d/$name $action
+ json_close_array
+
+ json_close_array
+ _procd_add_timeout
+ json_close_array
+}
+
+_procd_add_action_mount_trigger() {
+ local action="$1"
+ shift
+ local mountpoints="$(procd_get_mountpoints "$@")"
+ [ "${mountpoints//[[:space:]]}" ] || return 0
+ local script=$(readlink "$initscript")
+ local name=$(basename ${script:-$initscript})
+
+ _procd_open_trigger
+ _procd_add_mount_trigger mount.add $action "$mountpoints"
+ _procd_close_trigger
+}
+
+procd_get_mountpoints() {
+ (
+ __procd_check_mount() {
+ local cfg="$1"
+ local path="${2%%/}/"
+ local target
+ config_get target "$cfg" target
+ target="${target%%/}/"
+ [ "$path" != "${path##$target}" ] && echo "${target%%/}"
+ }
+ local mpath
+ config_load fstab
+ for mpath in "$@"; do
+ config_foreach __procd_check_mount mount "$mpath"
+ done
+ ) | sort -u
+}
+
+_procd_add_restart_mount_trigger() {
+ _procd_add_action_mount_trigger restart "$@"
+}
+
+_procd_add_reload_mount_trigger() {
+ _procd_add_action_mount_trigger reload "$@"
+}
+
+_procd_add_raw_trigger() {
+ json_add_array
+ _procd_add_array_data "$1"
+ shift
+ local timeout=$1
+ shift
+
+ json_add_array
+ json_add_array
+ _procd_add_array_data "run_script" "$@"
+ json_close_array
+ json_close_array
+
+ json_add_int "" "$timeout"
+
+ json_close_array
+}
+
+_procd_add_reload_trigger() {
+ local script=$(readlink "$initscript")
+ local name=$(basename ${script:-$initscript})
+ local file
+
+ _procd_open_trigger
+ for file in "$@"; do
+ _procd_add_config_trigger "config.change" "$file" /etc/init.d/$name reload
+ done
+ _procd_close_trigger
+}
+
+_procd_add_validation() {
+ _procd_open_validate
+ $@
+ _procd_close_validate
+}
+
+_procd_append_param() {
+ local type="$1"; shift
+ local _json_no_warning=1
+
+ json_select "$type"
+ [ $? = 0 ] || {
+ _procd_set_param "$type" "$@"
+ return
+ }
+ case "$type" in
+ env|data|limits)
+ _procd_add_table_data "$@"
+ ;;
+ command|netdev|file|respawn|watch|watchdog)
+ _procd_add_array_data "$@"
+ ;;
+ error)
+ json_add_string "" "$@"
+ ;;
+ esac
+ json_select ..
+}
+
+_procd_close_instance() {
+ local respawn_vals
+ _json_no_warning=1
+ if json_select respawn ; then
+ json_get_values respawn_vals
+ if [ -z "$respawn_vals" ]; then
+ local respawn_threshold=$(uci_get system.@service[0].respawn_threshold)
+ local respawn_timeout=$(uci_get system.@service[0].respawn_timeout)
+ local respawn_retry=$(uci_get system.@service[0].respawn_retry)
+ _procd_add_array_data ${respawn_threshold:-3600} ${respawn_timeout:-5} ${respawn_retry:-5}
+ fi
+ json_select ..
+ fi
+
+ json_close_object
+}
+
+_procd_add_instance() {
+ _procd_open_instance
+ _procd_set_param command "$@"
+ _procd_close_instance
+}
+
+procd_running() {
+ local service="$1"
+ local instance="${2:-*}"
+ [ "$instance" = "*" ] || instance="'$instance'"
+
+ json_init
+ json_add_string name "$service"
+ local running=$(_procd_ubus_call list | jsonfilter -l 1 -e "@['$service'].instances[$instance].running")
+
+ [ "$running" = "true" ]
+}
+
+_procd_kill() {
+ local service="$1"
+ local instance="$2"
+
+ json_init
+ [ -n "$service" ] && json_add_string name "$service"
+ [ -n "$instance" ] && json_add_string instance "$instance"
+ _procd_ubus_call delete
+}
+
+_procd_send_signal() {
+ local service="$1"
+ local instance="$2"
+ local signal="$3"
+
+ case "$signal" in
+ [A-Z]*) signal="$(kill -l "$signal" 2>/dev/null)" || return 1;;
+ esac
+
+ json_init
+ json_add_string name "$service"
+ [ -n "$instance" -a "$instance" != "*" ] && json_add_string instance "$instance"
+ [ -n "$signal" ] && json_add_int signal "$signal"
+ _procd_ubus_call signal
+}
+
+_procd_status() {
+ local service="$1"
+ local instance="$2"
+ local data state
+ local n_running=0
+ local n_stopped=0
+ local n_total=0
+
+ json_init
+ [ -n "$service" ] && json_add_string name "$service"
+
+ data=$(_procd_ubus_call list | jsonfilter -e '@["'"$service"'"]')
+ [ -z "$data" ] && { echo "inactive"; return 3; }
+
+ data=$(echo "$data" | jsonfilter -e '$.instances')
+ if [ -z "$data" ]; then
+ [ -z "$instance" ] && { echo "active with no instances"; return 0; }
+ data="[]"
+ fi
+
+ [ -n "$instance" ] && instance="\"$instance\"" || instance='*'
+
+ for state in $(jsonfilter -s "$data" -e '$['"$instance"'].running'); do
+ n_total=$((n_total + 1))
+ case "$state" in
+ false) n_stopped=$((n_stopped + 1)) ;;
+ true) n_running=$((n_running + 1)) ;;
+ esac
+ done
+
+ if [ $n_total -gt 0 ]; then
+ if [ $n_running -gt 0 ] && [ $n_stopped -eq 0 ]; then
+ echo "running"
+ return 0
+ elif [ $n_running -gt 0 ]; then
+ echo "running ($n_running/$n_total)"
+ return 0
+ else
+ echo "not running"
+ return 5
+ fi
+ else
+ echo "unknown instance $instance"
+ return 4
+ fi
+}
+
+procd_open_data() {
+ local name="$1"
+ json_set_namespace procd __procd_old_cb
+ json_add_object data
+}
+
+procd_close_data() {
+ json_close_object
+ json_set_namespace $__procd_old_cb
+}
+
+_procd_set_config_changed() {
+ local package="$1"
+
+ json_init
+ json_add_string type config.change
+ json_add_object data
+ json_add_string package "$package"
+ json_close_object
+
+ ubus call service event "$(json_dump)"
+}
+
+procd_add_mdns_service() {
+ local service proto port txt_count=0
+ service=$1; shift
+ proto=$1; shift
+ port=$1; shift
+ json_add_object "${service}_$port"
+ json_add_string "service" "_$service._$proto.local"
+ json_add_int port "$port"
+ for txt in "$@"; do
+ [ -z "$txt" ] && continue
+ txt_count=$((txt_count+1))
+ [ $txt_count -eq 1 ] && json_add_array txt
+ json_add_string "" "$txt"
+ done
+ [ $txt_count -gt 0 ] && json_select ..
+
+ json_select ..
+}
+
+procd_add_mdns() {
+ procd_open_data
+ json_add_object "mdns"
+ procd_add_mdns_service "$@"
+ json_close_object
+ procd_close_data
+}
+
+uci_validate_section()
+{
+ local _package="$1"
+ local _type="$2"
+ local _name="$3"
+ local _result
+ local _error
+ shift; shift; shift
+ _result=$(/sbin/validate_data "$_package" "$_type" "$_name" "$@" 2> /dev/null)
+ _error=$?
+ eval "$_result"
+ [ "$_error" = "0" ] || $(/sbin/validate_data "$_package" "$_type" "$_name" "$@" 1> /dev/null)
+ return $_error
+}
+
+uci_load_validate() {
+ local _package="$1"
+ local _type="$2"
+ local _name="$3"
+ local _function="$4"
+ local _option
+ local _result
+ shift; shift; shift; shift
+ for _option in "$@"; do
+ eval "local ${_option%%:*}"
+ done
+ uci_validate_section "$_package" "$_type" "$_name" "$@"
+ _result=$?
+ [ -n "$_function" ] || return $_result
+ eval "$_function \"\$_name\" \"\$_result\""
+}
+
+_procd_wrapper \
+ procd_open_service \
+ procd_close_service \
+ procd_add_instance \
+ procd_add_raw_trigger \
+ procd_add_config_trigger \
+ procd_add_interface_trigger \
+ procd_add_mount_trigger \
+ procd_add_reload_trigger \
+ procd_add_reload_data_trigger \
+ procd_add_reload_interface_trigger \
+ procd_add_action_mount_trigger \
+ procd_add_reload_mount_trigger \
+ procd_add_restart_mount_trigger \
+ procd_open_trigger \
+ procd_close_trigger \
+ procd_open_instance \
+ procd_close_instance \
+ procd_open_validate \
+ procd_close_validate \
+ procd_add_jail \
+ procd_add_jail_mount \
+ procd_add_jail_mount_rw \
+ procd_set_param \
+ procd_append_param \
+ procd_add_validation \
+ procd_set_config_changed \
+ procd_kill \
+ procd_send_signal
diff --git a/package/system/procd/files/reload_config b/package/system/procd/files/reload_config
new file mode 100644
index 0000000..3ae0de9
--- /dev/null
+++ b/package/system/procd/files/reload_config
@@ -0,0 +1,15 @@
+#!/bin/sh
+rm -rf /var/run/config.check
+mkdir -p /var/run/config.check
+for config in /etc/config/*; do
+ file=${config##*/}
+ uci show "${file##*/}" > /var/run/config.check/$file
+done
+MD5FILE=/var/run/config.md5
+[ -f $MD5FILE ] && {
+ for c in $(md5sum -c $MD5FILE 2>/dev/null| grep FAILED | cut -d: -f1); do
+ ubus call service event "{ \"type\": \"config.change\", \"data\": { \"package\": \"$(basename $c)\" }}"
+ done
+}
+md5sum /var/run/config.check/* > $MD5FILE
+rm -rf /var/run/config.check
diff --git a/package/system/procd/files/service b/package/system/procd/files/service
new file mode 100644
index 0000000..0ca7058
--- /dev/null
+++ b/package/system/procd/files/service
@@ -0,0 +1,30 @@
+#!/bin/sh
+
+main() {
+ local service="$1"
+ shift
+
+ local boot status
+
+ if [ -f "/etc/init.d/${service}" ]; then
+ /etc/init.d/"${service}" "$@"
+ exit "$?"
+ fi
+
+ if [ -n "$service" ]; then
+ echo "Service \"$service\" not found:"
+ exit 1
+ fi
+
+ echo "Usage: $(basename "$0") <service> [command]"
+ for service in /etc/init.d/* ; do
+ boot="$($service enabled && echo "enabled" || echo "disabled" )"
+ status="$( [ "$(ubus call service list "{ 'verbose': true, 'name': '$(basename "$service")' }" \
+ | jsonfilter -q -e "@['$(basename "$service")'].instances[*].running" | uniq)" = "true" ] \
+ && echo "running" || echo "stopped" )"
+
+ printf "%-30s\\t%10s\\t%10s\\n" "$service" "$boot" "$status"
+ done
+}
+
+main "$@"
diff --git a/package/system/procd/files/uxc.init b/package/system/procd/files/uxc.init
new file mode 100644
index 0000000..0b51925
--- /dev/null
+++ b/package/system/procd/files/uxc.init
@@ -0,0 +1,16 @@
+#!/bin/sh /etc/rc.common
+
+START=99
+USE_PROCD=1
+NAME=uxc
+PROG=/sbin/uxc
+
+start_service() {
+ procd_open_instance "uxc"
+ procd_set_param command "$PROG" boot
+ procd_close_instance
+}
+
+service_triggers() {
+ procd_add_raw_trigger "mount.add" 3000 /etc/init.d/uxc start
+}
diff --git a/package/system/procd/patches/0001-add-prod_init-script.patch b/package/system/procd/patches/0001-add-prod_init-script.patch
new file mode 100644
index 0000000..90d9247
--- /dev/null
+++ b/package/system/procd/patches/0001-add-prod_init-script.patch
@@ -0,0 +1,66 @@
+--- a/inittab.c
++++ b/inittab.c
+@@ -44,6 +44,7 @@
+
+ struct init_action;
+ char *console = NULL;
++int production_mode = 0;
+
+ struct init_handler {
+ const char *name;
+@@ -313,9 +314,24 @@ void procd_inittab(void)
+ #define LINE_LEN 128
+ FILE *fp = fopen(tab, "r");
+ struct init_action *a;
+- regex_t pat_inittab;
+- regmatch_t matches[5];
+- char *line;
++ regex_t pat_inittab, pat_cmdline;
++ regmatch_t matches[5], cmd_matches[2];
++ char *line, cmdline[1024];
++ int r, fd = open("/proc/cmdline", O_RDONLY);
++
++ if (fd < 0) {
++ ERROR("Failed to open /proc/cmdline\n");
++ return;
++ }
++
++ r = read(fd, cmdline, sizeof(cmdline) - 1);
++ cmdline[r] = '\0';
++ close(fd);
++ regcomp(&pat_cmdline, "PROD=([0-2])", REG_EXTENDED);
++ if (!regexec(&pat_cmdline, cmdline, 1, cmd_matches, 0)) {
++ cmdline[cmd_matches[0].rm_eo] = '\0';
++ production_mode = atoi(&cmdline[cmd_matches[0].rm_eo - 1]);
++ }
+
+ if (!fp) {
+ ERROR("Failed to open %s: %m\n", tab);
+--- a/rcS.c
++++ b/rcS.c
+@@ -34,6 +34,7 @@
+ #include "rcS.h"
+
+ static struct runqueue q, r;
++extern int production_mode;
+
+ struct initd {
+ struct ustream_fd fd;
+@@ -172,7 +173,17 @@ static int _rc(struct runqueue *q, char
+ }
+
+ for (j = 0; j < gl.gl_pathc; j++)
++ {
++ if (strstr(gl.gl_pathv[j], "prod_init")) {
++ if (production_mode) {
++ add_initd(q, gl.gl_pathv[j], param);
++ break;
++ } else {
++ continue;
++ }
++ }
+ add_initd(q, gl.gl_pathv[j], param);
++ }
+
+ globfree(&gl);
+
diff --git a/package/system/procd/patches/0002-Production-change-init-script-choosing-method.patch b/package/system/procd/patches/0002-Production-change-init-script-choosing-method.patch
new file mode 100644
index 0000000..85b1645
--- /dev/null
+++ b/package/system/procd/patches/0002-Production-change-init-script-choosing-method.patch
@@ -0,0 +1,77 @@
+--- a/rcS.c
++++ b/rcS.c
+@@ -33,6 +33,12 @@
+ #include "procd.h"
+ #include "rcS.h"
+
++/*These are the scripts that are loaded both in normal and production mode.
++ However, product mode only executes the scripts in BASE_SCRIPTS with
++ lower START index than prod_init and prod_init itself.
++ */
++#define BASE_SCRIPTS "sysfixtime boot system sysctl log firewall network odhcpd fstab"
++
+ static struct runqueue q, r;
+ extern int production_mode;
+
+@@ -154,11 +160,26 @@ static void add_initd(struct runqueue *q
+ runqueue_task_add(q, &s->proc.task, false);
+ }
+
++static void remove_str_from_list(char *str, char *list)
++{
++ char *pnt1, *pnt2;
++ if (!str || !list)
++ return;
++ pnt1 = strstr(list, str);
++ if (pnt1 == NULL)
++ return;
++ pnt2 = pnt1 + strlen(str) + 1;
++ memmove(pnt1, pnt2, strlen(pnt2) + 1);
++}
++
+ static int _rc(struct runqueue *q, char *path, const char *file, char *pattern, char *param)
+ {
+ char *dir = alloca(2 + strlen(path) + strlen(file) + strlen(pattern));
+ glob_t gl;
+ int j;
++ char available_strings[] = BASE_SCRIPTS;
++ char str[] = BASE_SCRIPTS;
++ char *token;
+
+ if (!dir) {
+ ERROR("Out of memory in %s.\n", file);
+@@ -174,17 +195,31 @@ static int _rc(struct runqueue *q, char
+
+ for (j = 0; j < gl.gl_pathc; j++)
+ {
+- if (strstr(gl.gl_pathv[j], "prod_init")) {
+- if (production_mode) {
++ if (production_mode) {
++ strcpy(str, available_strings);
++ token = strtok(str, " ");
++ do
++ {
++ if (strstr(gl.gl_pathv[j], token)) {
++ add_initd(q, gl.gl_pathv[j], param);
++ remove_str_from_list(token, available_strings);
++ break;
++ }
++ token = strtok(NULL, " ");
++ } while (token != NULL);
++ if (token == NULL && strstr(gl.gl_pathv[j], "prod_init"))
++ {
+ add_initd(q, gl.gl_pathv[j], param);
+ break;
+ } else {
+ continue;
+ }
++ } else {
++ if (strstr(gl.gl_pathv[j], "prod_init"))
++ continue;
+ }
+ add_initd(q, gl.gl_pathv[j], param);
+ }
+-
+ globfree(&gl);
+
+ return 0;
diff --git a/package/system/procd/patches/0003-Marvell-fast-boot-solution.patch b/package/system/procd/patches/0003-Marvell-fast-boot-solution.patch
new file mode 100644
index 0000000..1439a3f
--- /dev/null
+++ b/package/system/procd/patches/0003-Marvell-fast-boot-solution.patch
@@ -0,0 +1,60 @@
+--- a/inittab.c
++++ b/inittab.c
+@@ -16,6 +16,7 @@
+ #include <sys/types.h>
+ #include <sys/stat.h>
+ #include <sys/ioctl.h>
++#include <sys/wait.h>
+
+ #include <fcntl.h>
+ #include <stdio.h>
+@@ -385,3 +386,28 @@ void procd_inittab(void)
+ free(a);
+ regfree(&pat_inittab);
+ }
++
++/*Implementation of Marvell Fast Boot routine*/
++void mrvl_fast_boot()
++{
++ char *init[] = { "/etc/telinit", NULL };
++ int i, pid;
++
++ pid = fork();
++ if (!pid) {
++ execvp(init[0], init);
++ ERROR("Failed to start telinit\n");
++ exit(-1);
++ }
++ if (pid <= 0) {
++ ERROR("Failed to start new telinit instance\n");
++ return;
++ } else {
++ for (i = 0; i < 200; i++) {
++ if (waitpid(pid, NULL, WNOHANG) > 0)
++ break;
++ usleep(10 * 1000);
++ }
++ }
++}
++
+--- a/procd.h
++++ b/procd.h
+@@ -46,6 +46,7 @@ void procd_inittab(void);
+ void procd_inittab_run(const char *action);
+ void procd_inittab_kill(void);
+ void procd_bcast_event(char *event, struct blob_attr *msg);
++void mrvl_fast_boot(void);
+
+ struct trigger;
+ void trigger_event(const char *type, struct blob_attr *data);
+--- a/state.c
++++ b/state.c
+@@ -137,6 +137,8 @@ static void state_enter(void)
+ break;
+
+ case STATE_UBUS:
++ LOG("- telinit -\n");
++ mrvl_fast_boot();
+ // try to reopen incase the wdt was not available before coldplug
+ watchdog_init(0);
+ set_stdio("console");
diff --git a/package/system/procd/patches/0004-fix-procd-debuglevel-no-output.patch b/package/system/procd/patches/0004-fix-procd-debuglevel-no-output.patch
new file mode 100644
index 0000000..fcf00d4
--- /dev/null
+++ b/package/system/procd/patches/0004-fix-procd-debuglevel-no-output.patch
@@ -0,0 +1,11 @@
+--- a/initd/preinit.c
++++ b/initd/preinit.c
+@@ -91,7 +91,7 @@ static void
+ spawn_procd(struct uloop_process *proc, int ret)
+ {
+ char *wdt_fd = watchdog_fd();
+- char *argv[] = { "/sbin/procd", NULL};
++ char *argv[] = { "/sbin/procd", "-S", NULL};
+ char dbg[2];
+
+ if (plugd_proc.pid > 0)
diff --git a/package/system/procd/patches/0005-add-ramdump-init-script.patch b/package/system/procd/patches/0005-add-ramdump-init-script.patch
new file mode 100644
index 0000000..8c65764
--- /dev/null
+++ b/package/system/procd/patches/0005-add-ramdump-init-script.patch
@@ -0,0 +1,46 @@
+--- a/inittab.c
++++ b/inittab.c
+@@ -327,8 +327,8 @@ void procd_inittab(void)
+
+ r = read(fd, cmdline, sizeof(cmdline) - 1);
+ cmdline[r] = '\0';
+- close(fd);
+- regcomp(&pat_cmdline, "PROD=([0-2])", REG_EXTENDED);
++ close(fd);
++ regcomp(&pat_cmdline, "PROD=([0-5])", REG_EXTENDED);
+ if (!regexec(&pat_cmdline, cmdline, 1, cmd_matches, 0)) {
+ cmdline[cmd_matches[0].rm_eo] = '\0';
+ production_mode = atoi(&cmdline[cmd_matches[0].rm_eo - 1]);
+--- a/rcS.c
++++ b/rcS.c
+@@ -207,15 +207,26 @@ static int _rc(struct runqueue *q, char
+ }
+ token = strtok(NULL, " ");
+ } while (token != NULL);
+- if (token == NULL && strstr(gl.gl_pathv[j], "prod_init"))
++
++ if (token == NULL && strstr(gl.gl_pathv[j], "rdp_init"))
+ {
+- add_initd(q, gl.gl_pathv[j], param);
+- break;
++ if (production_mode == 5) {
++ add_initd(q, gl.gl_pathv[j], param);
++ break;
++ } else
++ continue;
++ } else if (token == NULL && strstr(gl.gl_pathv[j], "prod_init"))
++ {
++ if (production_mode == 1) {
++ add_initd(q, gl.gl_pathv[j], param);
++ break;
++ } else
++ continue;
+ } else {
+ continue;
+ }
+ } else {
+- if (strstr(gl.gl_pathv[j], "prod_init"))
++ if (strstr(gl.gl_pathv[j], "prod_init") || strstr(gl.gl_pathv[j], "rdp_init"))
+ continue;
+ }
+ add_initd(q, gl.gl_pathv[j], param);
diff --git a/package/system/procd/patches/0010-fix_make_option_boot_on_console.patch b/package/system/procd/patches/0010-fix_make_option_boot_on_console.patch
new file mode 100644
index 0000000..40d299c
--- /dev/null
+++ b/package/system/procd/patches/0010-fix_make_option_boot_on_console.patch
@@ -0,0 +1,13 @@
+--- a/CMakeLists.txt
++++ b/CMakeLists.txt
+@@ -43,6 +43,10 @@ IF(EARLY_PATH)
+ ADD_DEFINITIONS(-DEARLY_PATH="${EARLY_PATH}")
+ ENDIF()
+
++IF(SHOW_BOOT_ON_CONSOLE)
++ ADD_DEFINITIONS(-DSHOW_BOOT_ON_CONSOLE)
++ENDIF()
++
+ IF(SELINUX)
+ include(FindPkgConfig)
+ pkg_search_module(SELINUX REQUIRED libselinux)
diff --git a/package/system/procd/patches/0040-disable_watchdog.patch b/package/system/procd/patches/0040-disable_watchdog.patch
new file mode 100644
index 0000000..e4b1edd
--- /dev/null
+++ b/package/system/procd/patches/0040-disable_watchdog.patch
@@ -0,0 +1,12 @@
+--- a/watchdog.c
++++ b/watchdog.c
+@@ -190,6 +190,9 @@ char* watchdog_fd(void)
+
+ void watchdog_init(int preinit)
+ {
++ /* skip here, we handled wdt in kernel */
++ return;
++
+ wdt_timeout.cb = watchdog_timeout_cb;
+
+ if (watchdog_open(!preinit) < 0)
diff --git a/package/system/procd/patches/0050-disable_support_of_loongarch64.patch b/package/system/procd/patches/0050-disable_support_of_loongarch64.patch
new file mode 100644
index 0000000..e94abc1
--- /dev/null
+++ b/package/system/procd/patches/0050-disable_support_of_loongarch64.patch
@@ -0,0 +1,61 @@
+--- a/jail/seccomp-bpf.h
++++ b/jail/seccomp-bpf.h
+@@ -80,9 +80,6 @@ struct seccomp_data {
+ #elif defined(__i386__)
+ # define REG_SYSCALL REG_EAX
+ # define ARCH_NR AUDIT_ARCH_I386
+-#elif defined(__loongarch_lp64)
+-# define REG_SYSCALL regs[11]
+-# define ARCH_NR AUDIT_ARCH_LOONGARCH64
+ #elif defined(__mips__)
+ # define REG_SYSCALL regs[2]
+ # if __BYTE_ORDER == __LITTLE_ENDIAN
+--- a/jail/seccomp-oci.c
++++ b/jail/seccomp-oci.c
+@@ -119,8 +119,6 @@ static uint32_t resolve_architecture(cha
+ return AUDIT_ARCH_ARM;
+ else if (!strcmp(archname, "SCMP_ARCH_AARCH64"))
+ return AUDIT_ARCH_AARCH64;
+- else if (!strcmp(archname, "SCMP_ARCH_LOONGARCH64"))
+- return AUDIT_ARCH_LOONGARCH64;
+ else if (!strcmp(archname, "SCMP_ARCH_MIPS"))
+ return AUDIT_ARCH_MIPS;
+ else if (!strcmp(archname, "SCMP_ARCH_MIPS64"))
+@@ -422,7 +420,7 @@ struct sock_fprog *parseOCIlinuxseccomp(
+ return prog;
+
+ errout1:
+- free(prog->filter);
++ free(filter);
+ errout2:
+ free(prog);
+ return NULL;
+--- a/trace/trace.c
++++ b/trace/trace.c
+@@ -48,7 +48,7 @@
+ #define _offsetof(a, b) __builtin_offsetof(a,b)
+ #define ARRAY_SIZE(arr) (sizeof(arr) / sizeof((arr)[0]))
+
+-#if defined (__aarch64__) || defined(__loongarch_lp64)
++#if defined (__aarch64__)
+ #include <linux/ptrace.h>
+ #elif defined(__amd64__)
+ #define reg_syscall_nr _offsetof(struct user, regs.orig_rax)
+@@ -226,7 +226,7 @@ static void tracer_cb(struct uloop_proce
+ if (WIFSTOPPED(ret) || (ret >> 16)) {
+ if (WSTOPSIG(ret) & 0x80) {
+ if (!tracee->in_syscall) {
+-#if defined(__aarch64__) || defined(__loongarch_lp64)
++#ifdef __aarch64__
+ int syscall = -1;
+ struct ptrace_syscall_info ptsi = {.op=PTRACE_SYSCALL_INFO_ENTRY};
+ if (ptrace(PTRACE_GET_SYSCALL_INFO, c->pid, sizeof(ptsi), &ptsi) != -1)
+@@ -260,7 +260,7 @@ static void tracer_cb(struct uloop_proce
+ } else if ((ret >> 16) == PTRACE_EVENT_STOP) {
+ /* Nothing special to do here */
+ } else if ((ret >> 8) == (SIGTRAP | (PTRACE_EVENT_SECCOMP << 8))) {
+-#if defined(__aarch64__) || defined(__loongarch_lp64)
++#ifdef __aarch64__
+ int syscall = -1;
+ struct ptrace_syscall_info ptsi = {.op=PTRACE_SYSCALL_INFO_SECCOMP};
+ if (ptrace(PTRACE_GET_SYSCALL_INFO, c->pid, sizeof(ptsi), &ptsi) != -1)