Linux has documented but somewhat unusual behavior around
SIGSTOP/SIGCONT and certain syscalls, of which epoll_wait(2) is one. In
this particular case, rngd exited unexpectedly after getting ptrace'd
mid-epoll_wait. Fix this by handling EINTR from this syscall, and
continuing to add entropy and wait.
Signed-off-by: Krister Johansen <krister.johansen@oracle.com>
Update the image tag for the mkimage-rpi3 tool used by the CLI to adopt
the dynamic DTB selection feature.
Signed-off-by: Richard Connon <richard@connon.me.uk>
U-Boot sets the variable fdtfile to the correct file name for the
detected hardware revision. Use this in the boot script to load either
the 3-b or 3-b-plus DTB
Signed-off-by: Richard Connon <richard@connon.me.uk>
Update the u-boot image included in the mkimage-rpi3 image to support
detecting newer hardware versions and setting the fdtfile variable
accordingly
Shallow clone the u-boot repository during docker build to improve build
efficiency
Signed-off-by: Richard Connon <richard@connon.me.uk>
This stops the output from also being copied to logs if the user
has a log driver configured.
Signed-off-by: Justin Cormack <justin.cormack@docker.com>
Update Raspberry Pi firmware used in mkimage-rpi3 to the latest stable
version to support newer hardware models such as the 3B+
Signed-off-by: Richard Connon <richard@connon.me.uk>
Intel seem to have switched to hosting the microcode on GitHub.
Use this source and update to the 20190514 version.
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
== Changes ==
* allowedips: initialize list head when removing intermediate nodes
Fix for an important regression in removing allowed IPs from the last
snapshot. We have new test cases to catch these in the future as well.
* wg-quick: freebsd: rebreak interface loopback, while fixing localhost
* wg-quick: freebsd: export TMPDIR when restoring and don't make empty
Two fixes for FreeBSD which have already been backported into ports.
* tools: genkey: account for short reads of /dev/urandom
* tools: add support for Haiku
The tools now support Haiku! Maybe somebody is working on a WireGuard
implementation for it?
* tools: warn if an AllowedIP has a nonzero host part
If you try to run `wg set wg0 peer ... allowed-ips 192.168.1.82/24`, wg(8)
will now print a warning. Even though we mask this automatically down to
192.168.1.0/24, usually when people specify it like this, it's a mistake.
* wg-quick: add 'strip' subcommand
The new strip subcommand prints the config file to stdout after stripping
it of all wg-quick-specific options. This enables tricks such as:
`wg addconf $DEV <(wg-quick strip $DEV)`.
* tools: avoid unneccessary next_peer assignments in sort_peers()
Small C optimization the compiler was probably already doing.
* peerlookup: rename from hashtables
* allowedips: do not use __always_inline
* device: use skb accessor functions where possible
Suggested tweaks from Dave Miller.
* qemu: set framewarn 1280 for 64bit and 1024 for 32bit
These should indicate to us more clearly when we cross the most strict stack
thresholds expected when using recent compilers with the kernel.
* blake2s: simplify
* blake2s: remove outlen parameter from final
The blake2s implementation has been simplified, since we don't use any of the
fancy tree hashing parameters or the like. We also no longer separate the
output length at initialization time from the output length at finalization
time.
* global: the _bh variety of rcu helpers have been unified
* compat: nf_nat_core.h was removed upstream
* compat: backport skb_mark_not_on_list
The usual assortment of compat fixes for Linux 5.1.
Signed-off-by: Rolf Neugebauer <rn@rneugeba.io>
