<Grommish>
neggles: Any rust cargo package that is going to work should word with: cargo build -v --release --target $(RUSTC_TARGET_ARCH) as far as args? I know the -v is optional, but can you think of anything else that would be required?
<Grommish>
neggles: I think I've got it setup so that an cargo package can be build as a OpenWrt package/host tool via $(call xxx/Compile/Cargo) in a standard define xxx/Compile section.. and it's setup so that anything that uses a Makefile wrapper for cargo should be handled correctly now
Tapper has quit [Ping timeout: 480 seconds]
mattytap_ has joined #openwrt-devel
mattytap has quit [Ping timeout: 480 seconds]
mattytap_ has quit [Remote host closed the connection]
mattytap has joined #openwrt-devel
danitool has quit [Quit: Cubum autem in duos cubos, aut quadratoquadratum in duos quadratoquadratos]
KGB-0 has quit []
KGB-0 has joined #openwrt-devel
<Slimey>
is there a definitive list of what kernels dirty pipe is vulnerable with?
<Grommish>
Slimey: The vulnerability was fixed in Linux 5.16.11, 5.15.25 and 5.10.102. <- https://dirtypipe.cm4all.com/
<Slimey>
right
<Slimey>
someone mentioned 4.8 as well but they cant tell me where they saw that at
<Grommish>
Since 5.4 isn't on that list, I'd suspect it's still vulnerable
<Grommish>
But I haven't tested it
<Grommish>
of course, these devices run as root anyway :D so if they get in at all, it's pretty much game over
<Slimey>
hmm and now i sure as hell cant find the email anymore
<Slimey>
oh nm got it
<Grommish>
Slimey: Two weeks ago, I found a vulnerability in the Linux kernel since version 5.8 commit f6dd975583bd Well.. That would clean 5.4 :D
<Slimey>
im talking about 4.x
<Slimey>
apparently our security person is stupid
<Grommish>
Right, but if it wasn't introduced until 5.8...
<Slimey>
yeah
<Grommish>
But, you could check the 4.x tree for the commit
<Grommish>
in case someone backported it
<Slimey>
heh
<Slimey>
bunch of cisco gear running 4.x kernels so i think they are okay unless cisco says otherwise
<Grommish>
Cisco seems to be good with patches it seems, it's just getting poeple to apply them
<Slimey>
aka fmc and dumpsterfire
GNUmoon has quit [Remote host closed the connection]
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
GNUmoon has joined #openwrt-devel
rua has quit [Ping timeout: 480 seconds]
rua has joined #openwrt-devel
mattytap has quit [Read error: No route to host]
mattytap has joined #openwrt-devel
mattytap_ has joined #openwrt-devel
mattytap has quit [Ping timeout: 480 seconds]
mattytap__ has joined #openwrt-devel
mattytap_ has quit [Read error: Connection reset by peer]
mattytap_ has joined #openwrt-devel
Misanthropos has quit [Ping timeout: 480 seconds]
mattytap__ has quit [Read error: No route to host]
mattytap_ has quit [Remote host closed the connection]
mattytap_ has joined #openwrt-devel
Slimey has quit [Remote host closed the connection]
mattytap__ has joined #openwrt-devel
mattytap_ has quit [Read error: Connection reset by peer]
mattytap_ has joined #openwrt-devel
mattytap__ has quit [Ping timeout: 480 seconds]
mattytap__ has joined #openwrt-devel
mattytap_ has quit [Read error: Connection reset by peer]
mattytap_ has joined #openwrt-devel
mattytap__ has quit [Read error: No route to host]
mattytap__ has joined #openwrt-devel
mattytap_ has quit [Read error: Connection reset by peer]
mattytap_ has joined #openwrt-devel
Slimey has joined #openwrt-devel
mattytap__ has quit [Ping timeout: 480 seconds]
Tapper has joined #openwrt-devel
GNUmoon has quit [Ping timeout: 480 seconds]
Tapper has quit [Read error: Connection reset by peer]
Tapper has joined #openwrt-devel
rmilecki has quit [Quit: Konversation terminated!]
<Pepes>
mangix: That's not unclear. Unfortunately. If you take a look here, it mentions A9 ttps://developer.arm.com/support/arm-security-updates/speculative-processor-vulnerability but it is missing on the previous site that A9 is affected or not.
<Pepes>
oops, missing h in https. :(
minimal has joined #openwrt-devel
<neggles>
Grommish: hello hi sorry
<neggles>
i can't see any reason why that wouldn't work
<neggles>
but you might want to have a CARGO_EXTRA_ARGS
<Grommish>
neggles: nice. Thanks :) Seems to work, but I wanted to make sure I wasn't missing anything obvious
<Grommish>
neggles: Or just CARGO_ARGS and preset them like i do in the the environmental and folks can just += if they need more
<neggles>
yeah that'd be the way
<Grommish>
I broke gdb in some way, if you're interested in carnage
<f00b4r0>
what's the policy on backporting device support to 21.02?
<ynezz>
f00b4r0: miminal changes, thus limit possible regressions as much as possible, so ideally just DTS and base-files boilerplate
<f00b4r0>
ynezz: sounds good. How do I ask for backporting https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=eb38af788180d624e5b37aa5db1fe3766b138dc8 then? :)
<stintel>
02|09:14:47< stintel> anyone seen this before with gdbserver / remote-gdb? xml-support.c:567: internal-error: XML_UseForeignDTD failed: requested feature requires XML_DTD support in Expat
<Grommish>
Good.. Then it probably isn't something I screwed up :D
Guest1809 has quit [Ping timeout: 480 seconds]
<Grommish>
stintel: Did you ever get a resolution on it?
<stintel>
nope
<Slimey>
damnit spent all morning fixing a server, software issue
<Grommish>
Slimey: I've been breaking Suricata.. It's gotten to the point they are just sending me patches to run and give output for :D
<Grommish>
mangix: It does.. I switched it on when you nentioned it.. I didn't realize there was tools/expat, I was looking at the expat/host in packages
<mangix>
Grommish: there's a PR to remove expat/host. No point in it.
<Grommish>
mangix: Makes sense.. redundant if it's also in tools/