Request: include AppleTalk kernel module in Raspbian #386
Comments
|
Are you asking for CONFIG_ATALK=m |
|
Yes. I sure am. Thanks. |
|
Okay, seems reasonable. It's on the list. |
|
Great! Thank you. |
|
CONFIG_ATALK enabled some other kernel options, which have sub options. if you don't care, I'll just use the defaults. |
|
I don't care. Defaults are fine AFAIK. |
popcornmix
added a commit
that referenced
this issue
Sep 27, 2013
popcornmix
added a commit
that referenced
this issue
Sep 29, 2013
|
rpi-update should get a kernel with AppleTalk module. |
|
It's there. Awesome. Thank you. |
popcornmix
added a commit
that referenced
this issue
Oct 7, 2013
popcornmix
added a commit
that referenced
this issue
Oct 18, 2013
popcornmix
added a commit
that referenced
this issue
Oct 22, 2013
asb
pushed a commit
to asb/firmware
that referenced
this issue
Dec 11, 2013
See: raspberrypi/linux#383 linux: Add AppleTalk module See: raspberrypi/linux#386 firmware: audioplus: Try to get force_hdmi_open option working See: http://forum.xbmc.org/showthread.php?tid=169674&pid=1511632&highlight=force_hdmi_open#pid1511632 userland: Userland raspberrypi#80 - fix for exposure setting See: raspberrypi/userland#80 userland raspberrypi#64 Add support to set H264 profile See: raspberrypi/userland#64
asb
pushed a commit
to asb/firmware
that referenced
this issue
Dec 11, 2013
Use: usb_mdio=0x7000 to revert the behaviour kernel: dwc_otg: Don't issue traffic to LS devices in FS mode See: raspberrypi/linux#390 kernel: Add AppleTalk module See: raspberrypi/linux#386
neuschaefer
pushed a commit
to neuschaefer/raspi-binary-firmware
that referenced
this issue
Feb 27, 2017
See: raspberrypi/linux#383 linux: Add AppleTalk module See: raspberrypi/linux#386 firmware: audioplus: Try to get force_hdmi_open option working See: http://forum.xbmc.org/showthread.php?tid=169674&pid=1511632&highlight=force_hdmi_open#pid1511632 userland: Userland raspberrypi#80 - fix for exposure setting See: raspberrypi/userland#80 userland raspberrypi#64 Add support to set H264 profile See: raspberrypi/userland#64
neuschaefer
pushed a commit
to neuschaefer/raspi-binary-firmware
that referenced
this issue
Feb 27, 2017
Use: usb_mdio=0x7000 to revert the behaviour kernel: dwc_otg: Don't issue traffic to LS devices in FS mode See: raspberrypi/linux#390 kernel: Add AppleTalk module See: raspberrypi/linux#386
popcornmix
pushed a commit
that referenced
this issue
Jul 15, 2021
[ Upstream commit 7506d21 ] The sub-programs prog->aux->poke_tab[] is populated in jit_subprogs() and then used when emitting 'BPF_JMP|BPF_TAIL_CALL' insn->code from the individual JITs. The poke_tab[] to use is stored in the insn->imm by the code adding it to that array slot. The JIT then uses imm to find the right entry for an individual instruction. In the x86 bpf_jit_comp.c this is done by calling emit_bpf_tail_call_direct with the poke_tab[] of the imm value. However, we observed the below null-ptr-deref when mixing tail call programs with subprog programs. For this to happen we just need to mix bpf-2-bpf calls and tailcalls with some extra calls or instructions that would be patched later by one of the fixup routines. So whats happening? Before the fixup_call_args() -- where the jit op is done -- various code patching is done by do_misc_fixups(). This may increase the insn count, for example when we patch map_lookup_up using map_gen_lookup hook. This does two things. First, it means the instruction index, insn_idx field, of a tail call instruction will move by a 'delta'. In verifier code, struct bpf_jit_poke_descriptor desc = { .reason = BPF_POKE_REASON_TAIL_CALL, .tail_call.map = BPF_MAP_PTR(aux->map_ptr_state), .tail_call.key = bpf_map_key_immediate(aux), .insn_idx = i + delta, }; Then subprog start values subprog_info[i].start will be updated with the delta and any poke descriptor index will also be updated with the delta in adjust_poke_desc(). If we look at the adjust subprog starts though we see its only adjusted when the delta occurs before the new instructions, /* NOTE: fake 'exit' subprog should be updated as well. */ for (i = 0; i <= env->subprog_cnt; i++) { if (env->subprog_info[i].start <= off) continue; Earlier subprograms are not changed because their start values are not moved. But, adjust_poke_desc() does the offset + delta indiscriminately. The result is poke descriptors are potentially corrupted. Then in jit_subprogs() we only populate the poke_tab[] when the above insn_idx is less than the next subprogram start. From above we corrupted our insn_idx so we might incorrectly assume a poke descriptor is not used in a subprogram omitting it from the subprogram. And finally when the jit runs it does the deref of poke_tab when emitting the instruction and crashes with below. Because earlier step omitted the poke descriptor. The fix is straight forward with above context. Simply move same logic from adjust_subprog_starts() into adjust_poke_descs() and only adjust insn_idx when needed. [ 82.396354] bpf_testmod: version magic '5.12.0-rc2alu+ SMP preempt mod_unload ' should be '5.12.0+ SMP preempt mod_unload ' [ 82.623001] loop10: detected capacity change from 0 to 8 [ 88.487424] ================================================================== [ 88.487438] BUG: KASAN: null-ptr-deref in do_jit+0x184a/0x3290 [ 88.487455] Write of size 8 at addr 0000000000000008 by task test_progs/5295 [ 88.487471] CPU: 7 PID: 5295 Comm: test_progs Tainted: G I 5.12.0+ #386 [ 88.487483] Hardware name: Dell Inc. Precision 5820 Tower/002KVM, BIOS 1.9.2 01/24/2019 [ 88.487490] Call Trace: [ 88.487498] dump_stack+0x93/0xc2 [ 88.487515] kasan_report.cold+0x5f/0xd8 [ 88.487530] ? do_jit+0x184a/0x3290 [ 88.487542] do_jit+0x184a/0x3290 ... [ 88.487709] bpf_int_jit_compile+0x248/0x810 ... [ 88.487765] bpf_check+0x3718/0x5140 ... [ 88.487920] bpf_prog_load+0xa22/0xf10 Fixes: a748c69 ("bpf: propagate poke descriptors to subprograms") Reported-by: Jussi Maki <[email protected]> Signed-off-by: John Fastabend <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Reviewed-by: Daniel Borkmann <[email protected]> Signed-off-by: Sasha Levin <[email protected]>
popcornmix
pushed a commit
that referenced
this issue
Jul 15, 2021
[ Upstream commit 7506d21 ] The sub-programs prog->aux->poke_tab[] is populated in jit_subprogs() and then used when emitting 'BPF_JMP|BPF_TAIL_CALL' insn->code from the individual JITs. The poke_tab[] to use is stored in the insn->imm by the code adding it to that array slot. The JIT then uses imm to find the right entry for an individual instruction. In the x86 bpf_jit_comp.c this is done by calling emit_bpf_tail_call_direct with the poke_tab[] of the imm value. However, we observed the below null-ptr-deref when mixing tail call programs with subprog programs. For this to happen we just need to mix bpf-2-bpf calls and tailcalls with some extra calls or instructions that would be patched later by one of the fixup routines. So whats happening? Before the fixup_call_args() -- where the jit op is done -- various code patching is done by do_misc_fixups(). This may increase the insn count, for example when we patch map_lookup_up using map_gen_lookup hook. This does two things. First, it means the instruction index, insn_idx field, of a tail call instruction will move by a 'delta'. In verifier code, struct bpf_jit_poke_descriptor desc = { .reason = BPF_POKE_REASON_TAIL_CALL, .tail_call.map = BPF_MAP_PTR(aux->map_ptr_state), .tail_call.key = bpf_map_key_immediate(aux), .insn_idx = i + delta, }; Then subprog start values subprog_info[i].start will be updated with the delta and any poke descriptor index will also be updated with the delta in adjust_poke_desc(). If we look at the adjust subprog starts though we see its only adjusted when the delta occurs before the new instructions, /* NOTE: fake 'exit' subprog should be updated as well. */ for (i = 0; i <= env->subprog_cnt; i++) { if (env->subprog_info[i].start <= off) continue; Earlier subprograms are not changed because their start values are not moved. But, adjust_poke_desc() does the offset + delta indiscriminately. The result is poke descriptors are potentially corrupted. Then in jit_subprogs() we only populate the poke_tab[] when the above insn_idx is less than the next subprogram start. From above we corrupted our insn_idx so we might incorrectly assume a poke descriptor is not used in a subprogram omitting it from the subprogram. And finally when the jit runs it does the deref of poke_tab when emitting the instruction and crashes with below. Because earlier step omitted the poke descriptor. The fix is straight forward with above context. Simply move same logic from adjust_subprog_starts() into adjust_poke_descs() and only adjust insn_idx when needed. [ 82.396354] bpf_testmod: version magic '5.12.0-rc2alu+ SMP preempt mod_unload ' should be '5.12.0+ SMP preempt mod_unload ' [ 82.623001] loop10: detected capacity change from 0 to 8 [ 88.487424] ================================================================== [ 88.487438] BUG: KASAN: null-ptr-deref in do_jit+0x184a/0x3290 [ 88.487455] Write of size 8 at addr 0000000000000008 by task test_progs/5295 [ 88.487471] CPU: 7 PID: 5295 Comm: test_progs Tainted: G I 5.12.0+ #386 [ 88.487483] Hardware name: Dell Inc. Precision 5820 Tower/002KVM, BIOS 1.9.2 01/24/2019 [ 88.487490] Call Trace: [ 88.487498] dump_stack+0x93/0xc2 [ 88.487515] kasan_report.cold+0x5f/0xd8 [ 88.487530] ? do_jit+0x184a/0x3290 [ 88.487542] do_jit+0x184a/0x3290 ... [ 88.487709] bpf_int_jit_compile+0x248/0x810 ... [ 88.487765] bpf_check+0x3718/0x5140 ... [ 88.487920] bpf_prog_load+0xa22/0xf10 Fixes: a748c69 ("bpf: propagate poke descriptors to subprograms") Reported-by: Jussi Maki <[email protected]> Signed-off-by: John Fastabend <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Reviewed-by: Daniel Borkmann <[email protected]> Signed-off-by: Sasha Levin <[email protected]>
popcornmix
pushed a commit
that referenced
this issue
Jul 15, 2021
[ Upstream commit 7506d21 ] The sub-programs prog->aux->poke_tab[] is populated in jit_subprogs() and then used when emitting 'BPF_JMP|BPF_TAIL_CALL' insn->code from the individual JITs. The poke_tab[] to use is stored in the insn->imm by the code adding it to that array slot. The JIT then uses imm to find the right entry for an individual instruction. In the x86 bpf_jit_comp.c this is done by calling emit_bpf_tail_call_direct with the poke_tab[] of the imm value. However, we observed the below null-ptr-deref when mixing tail call programs with subprog programs. For this to happen we just need to mix bpf-2-bpf calls and tailcalls with some extra calls or instructions that would be patched later by one of the fixup routines. So whats happening? Before the fixup_call_args() -- where the jit op is done -- various code patching is done by do_misc_fixups(). This may increase the insn count, for example when we patch map_lookup_up using map_gen_lookup hook. This does two things. First, it means the instruction index, insn_idx field, of a tail call instruction will move by a 'delta'. In verifier code, struct bpf_jit_poke_descriptor desc = { .reason = BPF_POKE_REASON_TAIL_CALL, .tail_call.map = BPF_MAP_PTR(aux->map_ptr_state), .tail_call.key = bpf_map_key_immediate(aux), .insn_idx = i + delta, }; Then subprog start values subprog_info[i].start will be updated with the delta and any poke descriptor index will also be updated with the delta in adjust_poke_desc(). If we look at the adjust subprog starts though we see its only adjusted when the delta occurs before the new instructions, /* NOTE: fake 'exit' subprog should be updated as well. */ for (i = 0; i <= env->subprog_cnt; i++) { if (env->subprog_info[i].start <= off) continue; Earlier subprograms are not changed because their start values are not moved. But, adjust_poke_desc() does the offset + delta indiscriminately. The result is poke descriptors are potentially corrupted. Then in jit_subprogs() we only populate the poke_tab[] when the above insn_idx is less than the next subprogram start. From above we corrupted our insn_idx so we might incorrectly assume a poke descriptor is not used in a subprogram omitting it from the subprogram. And finally when the jit runs it does the deref of poke_tab when emitting the instruction and crashes with below. Because earlier step omitted the poke descriptor. The fix is straight forward with above context. Simply move same logic from adjust_subprog_starts() into adjust_poke_descs() and only adjust insn_idx when needed. [ 82.396354] bpf_testmod: version magic '5.12.0-rc2alu+ SMP preempt mod_unload ' should be '5.12.0+ SMP preempt mod_unload ' [ 82.623001] loop10: detected capacity change from 0 to 8 [ 88.487424] ================================================================== [ 88.487438] BUG: KASAN: null-ptr-deref in do_jit+0x184a/0x3290 [ 88.487455] Write of size 8 at addr 0000000000000008 by task test_progs/5295 [ 88.487471] CPU: 7 PID: 5295 Comm: test_progs Tainted: G I 5.12.0+ #386 [ 88.487483] Hardware name: Dell Inc. Precision 5820 Tower/002KVM, BIOS 1.9.2 01/24/2019 [ 88.487490] Call Trace: [ 88.487498] dump_stack+0x93/0xc2 [ 88.487515] kasan_report.cold+0x5f/0xd8 [ 88.487530] ? do_jit+0x184a/0x3290 [ 88.487542] do_jit+0x184a/0x3290 ... [ 88.487709] bpf_int_jit_compile+0x248/0x810 ... [ 88.487765] bpf_check+0x3718/0x5140 ... [ 88.487920] bpf_prog_load+0xa22/0xf10 Fixes: a748c69 ("bpf: propagate poke descriptors to subprograms") Reported-by: Jussi Maki <[email protected]> Signed-off-by: John Fastabend <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Reviewed-by: Daniel Borkmann <[email protected]> Signed-off-by: Sasha Levin <[email protected]>
valkerice112
pushed a commit
to valkerice112/Raspi-Firmware
that referenced
this issue
Jan 9, 2025
See: raspberrypi/linux#383 linux: Add AppleTalk module See: raspberrypi/linux#386 firmware: audioplus: Try to get force_hdmi_open option working See: http://forum.xbmc.org/showthread.php?tid=169674&pid=1511632&highlight=force_hdmi_open#pid1511632 userland: Userland #80 - fix for exposure setting See: raspberrypi/userland#80 userland #64 Add support to set H264 profile See: raspberrypi/userland#64 linux: bump to 3.10.13
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The AppleTalk kernel module is part of the standard Linux tree, and kernel configuration options. It makes it possible for the Netatalk 2.x package to use the Raspberry Pi as a file and print server for classic Mac and Apple II computers. I have simplified this setup in my A2SERVER project at http://appleii.ivanx.com/a2server.
The AppleTalk module is provided by default in most standard Linux installations, but not Raspbian, so I have compiled and provided an AppleTalk kernel module for every release, using the method I outline at http://appleii.ivanx.com/a2server/a2server_raspberrypi_kernel.html.
However, I can't make it work for NOOBS (which seems to use a modified kernel), and, even worse, I can no longer even make a module for the raw Raspbian 2013-09-10 image. (See issue 387.)
For my purposes, the best solution to this would be to have Raspbian provide appletalk.ko as part of the standard Raspbian build. Is this something you could consider?
The text was updated successfully, but these errors were encountered: