**** BEGIN LOGGING AT Fri Nov 01 03:00:13 2019 Nov 01 06:02:53 blogic: now that we've kaloz blessing as well, are you going to officially welcome adrian on board? Nov 01 06:03:21 Hauke: can you pls put adrian to the people list on the wiki as well? Nov 01 06:04:35 seems like cyrus/kaloz replies to "Friendly voting duty reminder" didn't made it to the archive http://lists.infradead.org/pipermail/openwrt-adm/2019-October/thread.html Nov 01 06:04:52 probably some outlook hate :p Nov 01 06:07:13 I see only 7 messages in the "vote/commit for Adrian Schmutzler" e-mail thread including mine Nov 01 06:07:19 I supposed there were more? Nov 01 06:07:51 oh, wait, I found them Nov 01 06:07:55 nevermind, stupid filtering Nov 01 06:21:11 rmilecki: if I count it well, it's 19 ACKs now Nov 01 06:21:17 ok Nov 01 06:38:16 ynezz: where did we get the blessing ? Nov 01 06:39:38 heh, /me be meeting bartman and russel on sunday Nov 01 06:40:00 not seen bartman in 10 years and never meet russel in person, it'll be cool Nov 01 07:16:53 * DonkeyHotei has met both of them, but no one else here Nov 01 07:22:56 blogic: I can't give you the link, as it seems, that those emails from kaloz/cyrus didn't made it to the mailing list archive Nov 01 07:23:28 blogic: so quoting kaloz here "+1 for commit access, -1 for the interviewing process" :D Nov 01 07:44:20 'lo Nov 01 07:44:25 did I miss something? Nov 01 07:46:50 not much, just another insultation attempt Nov 01 07:49:33 we still need to sort out the ustream-ssl client cert validation issue Nov 01 07:50:10 and I'm now wondering if everybody else received those emails from cyrus/kaloz as it seems, that their responses didn't made it to the mailing list (guessing by the list archive web interface) Nov 01 07:50:28 jow: the last 19.07 blocker? :) Nov 01 07:50:57 ynezz: almost yes, I'll push updated to rpcd and luci today, then we could push rc0 Nov 01 07:51:27 thats very good news, thanks a lot for your hard work! Nov 01 07:53:55 I stopped following that ustream-ssl issue as you were active in that topic, so deleted those emails as well Nov 01 07:56:42 I've like ~1 hour of screen time left today, then I'm leaving for a 3-day weekend, but I can take a look at it on Tuesday unless someone else beats me to it Nov 01 07:57:32 and what about https://www.cvedetails.com/cve/CVE-2019-15513/ ? Nov 01 07:59:07 how could we approach the reporter? I've tried to create a test case for this on master, but failed, don't know if Hauke/blogic had more luck with that Nov 01 08:00:22 I mean, are we supposed to find Motorola Cx2l Mwr04l Firmware and get libuci from there in order to find out what version are they using? Nov 01 08:21:19 so I am not entitled to have a phone convesation to make sure i feel comfortable to propose someone for vote Nov 01 08:21:24 interesting concept Nov 01 08:22:20 it's too personal Nov 01 08:36:01 i watched the greg k-h talk from kernel recipes and got the impression that the whole cve system is kind of rotten Nov 01 08:48:00 https://www.youtube.com/watch?v=HeeoTE9jLjM Nov 01 09:37:52 Hi. I am trying to figure out something I cant quite understand with regards to building images for x86 devices Nov 01 09:39:00 If I run make kernel_menuconfig, I see that the files target/linux/generic/config-4.14 and target/linux/x86/config-4.14 are merged into the .config file Nov 01 09:39:52 However, when I build the image, I see that an addition config file (target/linux/x86/64/config-default or target/linux/x86/generic/config-default) is included Nov 01 09:40:43 Is there are a reason for why config-default is not included when I do kernel_menuconfig? The reason I am askin is that I was a bit confused by some missing config symbols when I run kernel_menuconfig Nov 01 09:40:49 This is with 18.06.4 Nov 01 10:00:59 ynezz: what is adrian's nick? Nov 01 10:01:10 -ENOCLUE Nov 01 10:03:38 I don't remember seeing him on IRC Nov 01 10:06:06 I send him a mail Nov 01 10:10:27 ynezz: did you find the source code or the binray for the router mentioned in CVE-2019-15513 ? Nov 01 10:10:48 haven't tried Nov 01 10:11:03 I would like to disassamble it myself to understand this document Nov 01 10:11:27 I think, that the key is the chinese comment Nov 01 10:11:40 more then 5000 chars in that json Nov 01 10:12:20 5000 chars in the value/key (don't remember) Nov 01 10:13:06 they have a mail here: https://github.com/TeamSeri0us/pocs/blob/master/iot/morouter/motorola.pdf Nov 01 10:38:15 ynezz: I think CVE-2019-15513 was fixed 4 year ago: https://git.openwrt.org/?p=project/uci.git;a=commitdiff;h=4b52bdbdbec3c84afeab5c3167e69f7c6012b2f3 Nov 01 10:38:26 but we could still have this problem in case the malloc fails Nov 01 11:03:31 ynezz: here is also a bug report: https://github.com/openwrt/packages/issues/1231 Nov 01 11:04:59 ynezz: here is an other part of the fix: https://git.openwrt.org/?p=project/uci.git;a=commitdiff;h=19e29ffc15dbd958e8e6a648ee0982c68353516f Nov 01 11:32:17 CVE-2019-15513 was in OpenWrt 15.05 and fixed in openwrt 15.05.1 Nov 01 11:37:01 wot? bogus cves for security researcher points? wot?! Nov 01 11:38:18 hmm... no kmod-fs-exfat on 18.06. bummer Nov 01 12:05:16 Turris Mox is available for sale Nov 01 12:05:17 https://www.turris.cz/en/mox/overview/ Nov 01 12:05:26 still on the expensive side though Nov 01 12:06:06 the omnia is also for sale on amazon now. Nov 01 12:15:24 it was already available before, I think Nov 01 12:15:59 oh, varia-store also has the Mox: https://www.varia-store.com/en/suche/search-turris.html Nov 01 13:23:02 jow: what's `diff luci-mod-rpc uhttpd-mod-ubus`? Nov 01 13:26:59 rpcd vs ubus... Nov 01 13:27:04 they're not the same... Nov 01 13:27:34 karlp: here is an other bullshit CVE: https://www.cvedetails.com/cve/CVE-2018-11116/ Nov 01 13:29:48 that CVE was published in 2018-06-19? Nov 01 13:30:06 Hauke: yeah, I remember tha tone :) Nov 01 14:32:51 karlp: from a user's perspective, both are to manage openwrt via http, luci-mod-rpc can be called directly, while for uhttp-mod-ubus I probably need a json-rpc-2 daemon on opewrt to "extract" the method the json-rpc and forward that to ubus. Nov 01 14:33:20 s/the json-rpc/from json-rpc2/ Nov 01 14:34:10 * rr123 is studying luci, the CBI is complex as hell Nov 01 14:37:38 Hauke: that cve is funny Nov 01 14:37:55 its the one where someone set root access to wildcard and then complained that he had root access right ? Nov 01 14:39:36 heh Nov 01 15:09:26 blogic: yes Nov 01 15:23:24 rr123: uhttpd-mod-ubus is a generic http-ubus bridge Nov 01 15:23:36 rr123: luci-mod-rpc is a shared library plugin for rpcd Nov 01 15:24:12 ok, thanks, checking Nov 01 15:24:12 The SPI NOR controller on MTK ARM chips is funny. Why on earth would they ever want to hard-code every instructions in that controller itself? Nov 01 15:25:02 rr123: sorry, luci-mod-rpc is a simple json-rpc implementation directly exposing luci internals Nov 01 15:25:13 Hauke: is rockchip 3328 supported in openwrt? rock64 has 16MB SPI Flash, if openwrt can run it that will be interesting, saw quite some SD corruption complains with various SBC Nov 01 15:25:14 And they don't provide register description for that crappy controller. Nov 01 15:25:17 there also is rpcd-mod-luci, which is a plugin for rpcd Nov 01 15:26:34 rr123: it's like the Judean People's Front vs. the People's Front of Judea in Life of Brian ;) Nov 01 15:26:41 rr123: No. There isn't a rockchip target in OpenWrt yet. Nov 01 15:27:20 jow: tried nginx+luci2+react, back to the tested luci1, re-learning lua these two days, hardware is getting more powerful and openwrt is phasing out 4M/32MB, so who knows, maybe luci will stay forever Nov 01 15:27:30 except, lua5.1 is a little out of date that is Nov 01 15:29:28 gch981213: thanks. i'm porting orangepi zero lts to openwrt, i mean for 16MB, just solder it onto the board as the default is 2MB Nov 01 15:30:01 orangepi can run openwrt from SD but for robustness I want to run squashfs from SPI Nov 01 15:30:48 rr123: Oh. There's SPI controller support in upstream u-boot now. I sold my orangepi zero before those patches are available in mainline u-boot. Nov 01 15:30:52 uboot boots from SPI without problems, as expected Nov 01 15:31:50 it's a $10 device, i hope when you sold it the sold-price exceeded the postage :) Nov 01 15:33:41 i also emailed orangepi and suggest them to provide a 16MB SPI version of LTS, a very interesting device for openwrt(though not wifi AP) at $10 Nov 01 15:34:49 rr123: Sold it to my roommate so there's no postage :P Nov 01 15:38:55 * rr123 is going to binwalk xiaomi wifi router stock firmware and see if they still use luci inside Nov 01 15:39:14 rr123: They do. Nov 01 15:39:33 * rr123 confirmed tp-link's UI is just a sugar-coated luci Nov 01 15:39:53 gch981213: there's a few sunxi boards with spi flash too. Nov 01 15:40:37 these two big guns should donate some to make openwrt/luci even better Nov 01 15:40:37 nvm, I see you already know that now that I'm properly at the bottom of the backlog Nov 01 15:51:03 hmm I'm confused. I have BUILD_PATENTED=y, CONFIG_PACKAGE_kmod-fs-exfat=m and yet the module isn't built afaict... Nov 01 15:56:23 rr123: I had problems with the UART of my rock64 and never finished the rockchip port Nov 01 15:56:46 f00b4r0: kmod-fs-exfat does not depend on BUILD_PATENTED=y any more Nov 01 15:56:59 Hauke: I'm building for 18.06 Nov 01 15:57:01 ;) Nov 01 15:58:19 what bothers me is the unpacked linux-4.9.184 (this is an ar71xx target) tree doesn't seem to even have the exfat bits Nov 01 16:13:49 well, it would have been an out of tree module in 4.9 era surely? Nov 01 16:13:57 Hauke: just googled and others can do serial-ttl on rock64, maybe you got a bad serial on your rock64 Nov 01 16:16:18 karlp: indeed; i was looking in the wrong place. Thanks Nov 01 16:17:14 that's why make package/kernel/linux/compile didn't build it I guess Nov 01 16:18:51 f00b4r0: the exfat driver is an out of tree driver Nov 01 16:19:41 it was only integarted into Linux with kernel 5.4 Nov 01 16:20:13 rr123: yes I think it is my UART adapter these chineese devices have problems with the 1.5MBaud of the rockchip Nov 01 16:28:55 Hauke: ACK, thanks Nov 01 16:34:10 i had one case that my uart-ttl cable is too long, worked on some boards and failed on others, now I use a short-cable(about 2 feet) ttl-usb adapter and it has been solid Nov 01 16:34:48 the failing cable is 3+ feet long Nov 01 16:35:50 on an unrelated topic, is there a particular reason why the SYN flood protection only protects the router and not the hosts it routes/masquerades? Nov 01 16:36:04 (on 18.06 at least) Nov 01 16:38:43 Hi jow Just loaded latest snapshot of luci and it just says Loading view… on the Overview page. Nov 01 16:38:54 any openwrt developer went to Europe embedded linux conference that ended two days ago, looking forward to its video/slides Nov 01 16:39:21 I am using firefox Nov 01 16:39:35 i hope it is not filled with technical marketing folks from big companies Nov 01 16:41:22 luci-apps work like they should like adblock and banip Nov 01 17:11:03 jow: ynezz: do we wnat to upgrade hostapd to 2.9 in openwrt 19.07? Nov 01 17:11:10 like in master Nov 01 18:59:05 Hauke: for the sake of easier backporting future patches and the fact that we don't even have an rc for 19.07 (unless I missed it), I am in favor of upgrading hostapd to 2.9 in 19.07 Nov 01 19:12:50 stintel Nov 01 19:12:50 Hauke then put out a RC? Nov 01 19:13:41 Or a beta? Nov 01 19:21:32 stintel: U agree with you Nov 01 19:21:34 *I Nov 01 19:27:15 jow: rpcd-mod-luci is missing the dependecy to libnl-tiny.so for me Nov 01 19:33:25 Edgewater Wireless Accepted to the Upstream OpenWrt Repository, A Linux Operating System Targeting Embedded Devices https://thedeepdive.ca/edgewater-wireless-accepted-to-the-upstream-openwrt-repository-a-linux-operating-system-targeting-embedded-devices/ Nov 01 19:34:29 I have never hird of this Edgewater Wireless Nov 01 19:51:58 Tapper: funny press release Nov 01 19:53:30 yeah a bit strange imo Nov 01 19:53:51 but the luci-app is there in make menuconfig Nov 01 19:55:25 I don't remember seeing it aded to the git for packages Nov 01 19:57:46 it seems to be git.openwrt.org/9129b75fff Nov 01 19:57:49 https://git.openwrt.org/9129b75fff Nov 01 20:02:09 Tapper: there was something added from this company Nov 01 20:02:32 thanks Nov 01 20:17:08 swalker: perl modules are not linked correctly. See https://github.com/openwrt/packages/pull/10040 . The versions there are newer than what is posted on uscan. Nov 01 20:18:09 the authors changed on some of the packages, hence the source URLs Nov 01 20:18:12 who merged that Nov 01 20:18:17 the code is pretty shitty Nov 01 20:19:05 the dcwifi stuff was merged by me. Nov 01 20:19:25 oops Nov 01 20:19:36 not that i care much about the packages feed Nov 01 20:19:38 BUT Nov 01 20:19:47 try to enforce people to write procd init scripts Nov 01 20:20:11 uci files should not be littered with comments Nov 01 20:21:03 and ... Nov 01 20:21:16 if they merge their own code why to the grab a release and then patch it Nov 01 20:21:24 can't they simply use a patched version Nov 01 20:21:53 that came later Nov 01 20:22:01 https://github.com/openwrt/packages/pull/10170 Nov 01 20:22:29 ok Nov 01 20:22:34 its cpp code anyhow Nov 01 20:22:38 i wont get started Nov 01 20:23:00 * mangix looked through it. Nov 01 20:23:08 * mangix will not get started either :) Nov 01 20:23:47 added to my TODO to update those init scripts Nov 01 20:23:53 thx Nov 01 20:24:26 russell--: you pasted that link to gkh's talk Nov 01 20:24:34 I have been stuck in the youtube hole all day Nov 01 20:24:57 https://www.youtube.com/watch?v=0aqAMGMUOFs this is pretty cool Nov 01 20:25:25 I am currently drafting out some specs for ujail enhancements that dangole will work on Nov 01 20:26:01 Huh. Just read the article. Didn't know dcwifi was sponsored by some company. The code is legacy garbage. Nov 01 20:26:54 yeah Nov 01 20:27:00 it resulted in PR crap Nov 01 20:27:16 that is even worse then techno-dj hipster CVE CV bloating Nov 01 20:28:11 lol Nov 01 20:28:53 blogic: james and his bowties ;) Nov 01 20:29:47 love the outfit Nov 01 20:30:07 Well, at least that crap compiles with uClibc++. The size of libstdcpp is insane. Nov 01 20:30:12 i've known him for 15+ years and I don't think I've ever seen him twice with the same outfit ;) Nov 01 20:30:30 f00b4r0: loving the talk Nov 01 20:30:39 blogic: watching it Nov 01 20:30:46 HAP :-) Nov 01 20:30:49 :) Nov 01 20:30:56 so the idea is to pimp ujail Nov 01 20:31:16 instead of using procd init.d syntax, we add /etc/jail.d/$service.json Nov 01 20:31:48 inside you can set uid/gid, seccomp, cgroups, has/not ubus, firewall, sockets allowed, .... Nov 01 20:32:33 so we could make dnsmasq think that its root/root. while it is avtually nobody/nobody Nov 01 20:32:47 the inherent problem is that it cannot open ports below 1025 Nov 01 20:33:02 however udp sockets allow you to transport fds Nov 01 20:33:17 and the ujail strating wrapper has an open unix socket to procd Nov 01 20:33:30 so we ld-preload the socket() call Nov 01 20:33:50 mangix Hi how does the dcwifi work? Is there a wiki page for it? Nov 01 20:34:19 if the service then tries to open a socket, the call gets intercepted, sent to procd that will know from the json if the socket is allowed, open it and send the fd back over the socket and endup int he retcode of the pre-loaded syscall Nov 01 20:34:29 Tapper: beats me. I've never ran it. Nov 01 20:34:40 Will it work with any wifi driver or is it a ath9k or ath10k thing? Nov 01 20:34:56 O lol Nov 01 20:34:57 this should allow us to pretty much wrap all services with near no overhead inside a namespace/seccomp container Nov 01 20:35:11 and in theory we should be able to load lxc containers using this pattern Nov 01 20:38:09 also we need to add cgroups to ujail Nov 01 20:38:21 however imagine you say a conatiner may take 20% cpu Nov 01 20:38:27 and then run 6 containers Nov 01 20:38:36 so we need to figure out how to add grouping Nov 01 20:38:37 Tapper: I only merged and did a review on it. Nov 01 20:38:47 I am assuming the kernel provides such a feature Nov 01 20:39:38 mangix OK mate. I am going to build with it and give it a run out on my wrt3200acm to see if it how it gos. Nov 01 20:39:58 I have nuthing to do at the mo anyway lol Nov 01 20:41:15 blogic: you should talk to prpl to get the funding for the cgroups or all parts Nov 01 20:41:40 Hauke: i did Nov 01 20:41:43 ;) Nov 01 20:41:47 ok Nov 01 20:41:59 they will provide funding for me to spec out a project for dangole Nov 01 21:27:39 anyone got access to csdn? I need to try&grab the MT7628 SDK Nov 01 21:29:47 csrf: lemme repeat my question, which part do you need ? Nov 01 21:38:41 blogic: I'm trying to get hold of the zip file with the SDK for that line of MTK chips, with the source code for the eCos factory firmware Nov 01 21:39:48 cant help with ecos i am afraid Nov 01 21:41:28 from MTK datasheet: AP Firmware: Linux 2.6 SDK, eCOS with IPv6 Nov 01 21:41:54 yup Nov 01 21:41:55 and I've seen a bunch of mentions of a zip/tar file for the sdk, but they're all buried on the chinese file sites Nov 01 21:42:06 but i never touched the ecos part Nov 01 21:44:49 blogic: do u have *any part of the SDK? Nov 01 21:51:50 blogic: cgroups can set cpu limits, cgroups can be given cpu priorities (nice levels) but hard reservations as far as I know are handled by a user-space orchestrator. Nov 01 21:52:57 agb: you free on sunday night ? Nov 01 21:53:04 touchdown is at 5pm Nov 01 21:53:43 i am doing imigration in denver so portland is just bag pickup + uber2hotel Nov 01 21:53:45 yep! that works for me Nov 01 21:53:57 should be ready for action around 6pm Nov 01 21:54:01 awesome Nov 01 21:54:35 I am staying at the hilton but can grab a ride to anywhere i guess Nov 01 21:57:13 Downtown is easy enough to get to via bike or bus. I'm happy to travel a few km to meet you after you flew several Mm. Nov 01 21:57:31 agb: you thinking of a good place to eat? Nov 01 21:58:13 the immediate vicinity of the hilton is lacking local charm Nov 01 21:58:27 I'll be awake for 26hrs when we meet:-) Nov 01 21:58:36 i'll be flying on redbull by then Nov 01 21:58:47 russell--: yup Nov 01 21:58:52 downtown should be fine Nov 01 21:59:05 you guys just pick and let me know Nov 01 21:59:16 Sadly my sources for Club Mate stateside have dried up. I need to arrange another pallet from the EU. Nov 01 21:59:44 i am actually really excited, will be real cool to meet you guys Nov 01 21:59:50 haha Nov 01 21:59:58 blogic: you should try iceland air, there's a direct flight from KEV to PDX Nov 01 22:00:17 connections are pretty good Nov 01 22:00:27 So far I've got a 100% delay rate going through KEV, but never more than an hour. Nov 01 22:00:42 sorry, lufthansa premiun economy, real autistic about that one .... Nov 01 22:05:57 Cattle class with non-disposable cutlery for you, eh? Nov 01 22:09:31 blogic: what do you think about japanese? Nov 01 22:10:08 russell--: love it Nov 01 22:10:21 ding-ding-ding, we have a winner! Nov 01 22:10:36 i spent alot of time in shiodome during my FON days Nov 01 22:10:46 arigato go si mas Nov 01 22:11:02 i felt healthier everytime i was there Nov 01 22:11:06 love the food Nov 01 22:12:06 ok. I know where we're going then. Does a 18:15 reservation sound fair? Nov 01 22:12:38 maybe 18:30 would give more cushion Nov 01 22:12:56 wait Nov 01 22:13:06 touchdow is 18:55 Nov 01 22:13:18 so i am avaial 8pm Nov 01 22:13:20 sorry .... Nov 01 22:13:47 would that work ? Nov 01 22:14:22 ah. ok. I'll make a 20:00 reservation then. They're open until 21:30 on Sunday Nov 01 22:14:51 awesome Nov 01 22:15:37 mail me the addr, i'll take an uber there directly and got the to the hotel after Nov 01 22:15:57 just maile you my cell just in case Nov 01 22:18:21 ok. sent! Nov 01 22:18:56 sushi is always good :-) Nov 01 22:19:46 looking fwd to meeting you guys Nov 01 22:20:39 me too. I think it's been nine or ten years since we last saw each other. Nov 01 22:20:51 yup about that Nov 01 22:21:07 i still habe that aruba unit in my shelf :-) Nov 02 00:08:03 need some tips on how to do a u-boot dump Nov 02 00:08:11 im a bit confused Nov 02 00:08:15 should I be using spi read or md? Nov 02 00:08:22 2MB SPI flash Nov 02 00:13:20 csrf: 2MB flash...brings back memories of my old WRT54G Nov 02 00:13:46 lol, something like that Nov 02 00:14:14 that 8MB RAM was so bad. I remember I disabled DHCP just so save some RAM Nov 02 00:14:20 *to Nov 02 00:14:53 I'm just trying to get my hands dirty & learn Nov 02 00:14:54 I assigned a static IP to an insurance guy's laptop and he had to call me back to fix it to use DHCP again Nov 02 00:15:02 this particular device runs eCos Nov 02 00:15:09 which is totally new to me Nov 02 00:16:06 anyway, should I be using the spi command, or the md command/ Nov 02 00:16:07 ? Nov 02 00:16:27 I tried doing spi read 0 <1M>, but it errored out, malloc failed Nov 02 00:16:45 won't do more than around ~100kB **** ENDING LOGGING AT Sat Nov 02 02:59:57 2019