From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753919AbbDGQeg (ORCPT ); Tue, 7 Apr 2015 12:34:36 -0400 Received: from p3plsmtpa09-03.prod.phx3.secureserver.net ([173.201.193.232]:39112 "EHLO p3plsmtpa09-03.prod.phx3.secureserver.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753881AbbDGQea (ORCPT ); Tue, 7 Apr 2015 12:34:30 -0400 X-Greylist: delayed 429 seconds by postgrey-1.27 at vger.kernel.org; Tue, 07 Apr 2015 12:34:30 EDT From: "Will Tucker" To: References: In-Reply-To: Subject: Linux version 3.18.10 Bluez ver 5.28 security level crashing system Date: Tue, 7 Apr 2015 10:27:16 -0600 Message-ID: <003001d0714f$b67cc650$237652f0$@blueradios.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 15.0 Thread-Index: AdBxTSSVVttwbnuhTrC51CNUdNAatAAAmejQ Content-Language: en-us Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Trying to get Bluez 5.28 pairing to work on openwrt. Using Linux version 3.18.10. I would use Bluez 5.30 but I read a post that stated it needed Linux 3.19 and that may be long tedious job to update openwrt. Below is the sequence and result of trying to set the security level using bluetoothctl interactively. eth0: 00:03:7f:ff:ff:ff eth0 up : cfg1 0xf cfg2 0x7214 eth1: 00:03:7f:ff:ff:fe athrs26_reg_init_lan ATHRS26: resetting s26 ATHRS26: s26 reset done eth1 up eth0, eth1 Hit any key to stop autoboot: 0 ## Booting image at 9f080000 ... Image Name: MIPS OpenWrt Linux-3.18.10 Created: 2015-04-07 13:03:05 UTC Image Type: MIPS Linux Kernel Image (lzma compressed) Data Size: 1151316 Bytes = 1.1 MB Load Address: 80060000 Entry Point: 80060000 Verifying Checksum at 0x9f080040 ...OK Uncompressing Kernel Image ... OK No initrd ## Transferring control to Linux (at address 80060000) ... ## Giving linux memsize in bytes, 67108864 Starting kernel ... [ 0.000000] Linux version 3.18.10 (guest@WILLS-LINUX-BOX) (gcc version 4.8.3 (OpenWrt/Linaro GCC 4.8-2014.04 r44873) ) #7 Tue Apr 7 07:02:38 MDT 2015 [ 0.000000] bootconsole [early0] enabled [ 0.000000] CPU0 revision is: 00019374 (MIPS 24Kc) [ 0.000000] SoC: Atheros AR9330 rev 1 [ 0.000000] Determined physical RAM map: [ 0.000000] memory: 04000000 @ 00000000 (usable) [ 0.000000] Initrd not found or empty - disabling initrd [ 0.000000] Zone ranges: [ 0.000000] Normal [mem 0x00000000-0x03ffffff] [ 0.000000] Movable zone start for each node [ 0.000000] Early memory node ranges [ 0.000000] node 0: [mem 0x00000000-0x03ffffff] [ 0.000000] Initmem setup node 0 [mem 0x00000000-0x03ffffff] [ 0.000000] Primary instruction cache 64kB, VIPT, 4-way, linesize 32 bytes. [ 0.000000] Primary data cache 32kB, 4-way, VIPT, cache aliases, linesize 32 bytes [ 0.000000] Built 1 zonelists in Zone order, mobility grouping on. Total pag es: 16256 [ 0.000000] Kernel command line: board=DIR-505-A1 console=ttyATH0,115200 mtd parts=spi0.0:64k(u-boot)ro,64k(art)ro,64k(mac)ro,64k(nvram)ro,256k(language) ro,7 680k@0x80000(firmware) rootfstype=squashfs,jffs2 noinitrd [ 0.000000] PID hash table entries: 256 (order: -2, 1024 bytes) [ 0.000000] Dentry cache hash table entries: 8192 (order: 3, 32768 bytes) [ 0.000000] Inode-cache hash table entries: 4096 (order: 2, 16384 bytes) [ 0.000000] Writing ErrCtl register=00000000 [ 0.000000] Readback ErrCtl register=00000000 [ 0.000000] Memory: 60944K/65536K available (2485K kernel code, 125K rwdata, 528K rodata, 244K init, 188K bss, 4592K reserved) [ 0.000000] SLUB: HWalign=32, Order=0-3, MinObjects=0, CPUs=1, Nodes=1 [ 0.000000] NR_IRQS:51 [ 0.000000] Clocks: CPU:400.000MHz, DDR:400.000MHz, AHB:200.000MHz, Ref:25.00 0MHz [ 0.000000] Calibrating delay loop... 265.42 BogoMIPS (lpj=1327104) [ 0.080000] pid_max: default: 32768 minimum: 301 [ 0.080000] Mount-cache hash table entries: 1024 (order: 0, 4096 bytes) [ 0.090000] Mountpoint-cache hash table entries: 1024 (order: 0, 4096 bytes) [ 0.100000] NET: Registered protocol family 16 [ 0.100000] MIPS: machine is D-Link DIR-505 rev. A1 [ 0.610000] Switched to clocksource MIPS [ 0.610000] NET: Registered protocol family 2 [ 0.620000] TCP established hash table entries: 1024 (order: 0, 4096 bytes) [ 0.620000] TCP bind hash table entries: 1024 (order: 0, 4096 bytes) [ 0.620000] TCP: Hash tables configured (established 1024 bind 1024) [ 0.630000] TCP: reno registered [ 0.630000] UDP hash table entries: 256 (order: 0, 4096 bytes) [ 0.640000] UDP-Lite hash table entries: 256 (order: 0, 4096 bytes) [ 0.650000] NET: Registered protocol family 1 [ 0.650000] futex hash table entries: 256 (order: -1, 3072 bytes) [ 0.670000] squashfs: version 4.0 (2009/01/31) Phillip Lougher [ 0.670000] jffs2: version 2.2 (NAND) (SUMMARY) (LZMA) (RTIME) (CMODE_PRIORIT Y) (c) 2001-2006 Red Hat, Inc. [ 0.680000] msgmni has been set to 119 [ 0.680000] io scheduler noop registered [ 0.690000] io scheduler deadline registered (default) [ 0.690000] Serial: 8250/16550 driver, 1 ports, IRQ sharing disabled [ 0.700000] ar933x-uart: ttyATH0 at MMIO 0x18020000 (irq = 11, base_baud = 15 62500) is a AR933X UART [ 0.710000] console [ttyATH0] enabled [ 0.710000] console [ttyATH0] enabled [ 0.710000] bootconsole [early0] disabled [ 0.710000] bootconsole [early0] disabled [ 0.720000] m25p80 spi0.0: found mx25l6405d, expected m25p80 [ 0.730000] m25p80 spi0.0: mx25l6405d (8192 Kbytes) [ 0.730000] 6 cmdlinepart partitions found on MTD device spi0.0 [ 0.740000] Creating 6 MTD partitions on "spi0.0": [ 0.740000] 0x000000000000-0x000000010000 : "u-boot" [ 0.750000] 0x000000010000-0x000000020000 : "art" [ 0.760000] 0x000000020000-0x000000030000 : "mac" [ 0.760000] 0x000000030000-0x000000040000 : "nvram" [ 0.760000] 0x000000040000-0x000000080000 : "language" [ 0.770000] 0x000000080000-0x000000800000 : "firmware" [ 0.810000] 2 uimage-fw partitions found on MTD device firmware [ 0.810000] 0x000000080000-0x000000199194 : "kernel" [ 0.820000] mtd: partition "kernel" must either start or end on erase block b oundary or be smaller than an erase block -- forcing read-only [ 0.830000] 0x000000199194-0x000000800000 : "rootfs" [ 0.840000] mtd: partition "rootfs" must either start or end on erase block b oundary or be smaller than an erase block -- forcing read-only [ 0.850000] mtd: device 7 (rootfs) set to be root filesystem [ 0.860000] 1 squashfs-split partitions found on MTD device rootfs [ 0.860000] 0x000000610000-0x000000800000 : "rootfs_data" [ 0.880000] libphy: ag71xx_mdio: probed [ 1.480000] ag71xx-mdio.1: Found an AR7240/AR9330 built-in switch [ 1.510000] eth0: Atheros AG71xx at 0xba000000, irq 5, mode:GMII [ 2.100000] ag71xx ag71xx.0: connected to PHY at ag71xx-mdio.1:04 [uid=004dd0 41, driver=Generic PHY] [ 2.110000] eth1: Atheros AG71xx at 0xb9000000, irq 4, mode:MII [ 2.110000] TCP: cubic registered [ 2.110000] NET: Registered protocol family 17 [ 2.120000] bridge: automatic filtering via arp/ip/ip6tables has been depreca ted. Update your scripts to load br_netfilter if you need this. [ 2.130000] 8021q: 802.1Q VLAN Support v1.8 [ 2.150000] VFS: Mounted root (squashfs filesystem) readonly on device 31:7. [ 2.150000] Freeing unused kernel memory: 244K (80373000 - 803b0000) [ 3.540000] init: failed to symlink /tmp -> /var [ 3.550000] init: Console is alive [ 3.550000] init: - watchdog - [ 5.960000] usbcore: registered new interface driver usbfs [ 5.960000] usbcore: registered new interface driver hub [ 5.970000] usbcore: registered new device driver usb [ 6.020000] SCSI subsystem initialized [ 6.030000] ehci_hcd: USB 2.0 'Enhanced' Host Controller (EHCI) Driver [ 6.040000] ehci-platform: EHCI generic platform driver [ 6.040000] ehci-platform ehci-platform: EHCI Host Controller [ 6.050000] ehci-platform ehci-platform: new USB bus registered, assigned bus number 1 [ 6.060000] ehci-platform ehci-platform: irq 3, io mem 0x1b000000 [ 6.080000] ehci-platform ehci-platform: USB 2.0 started, EHCI 1.00 [ 6.080000] hub 1-0:1.0: USB hub found [ 6.080000] hub 1-0:1.0: 1 port detected [ 6.090000] usbcore: registered new interface driver usb-storage [ 6.410000] usb 1-1: new full-speed USB device number 2 using ehci-platform [ 6.600000] init: - preinit - [ 7.290000] random: procd urandom read with 12 bits of entropy available Press the [f] key and hit [enter] to enter failsafe mode Press the [1], [2], [3] or [4] key and hit [enter] to select the debug level [ 10.660000] mount_root: loading kmods from internal overlay [ 11.060000] jffs2: notice: (353) jffs2_build_xattr_subsystem: complete buildi ng xattr subsystem, 1 of xdatum (1 unchecked, 0 orphan) and 1 of xref (0 dead, 0 orphan) found. [ 11.070000] block: attempting to load /tmp/jffs_cfg/upper/etc/config/fstab [ 11.080000] block: extroot: not configured [ 11.120000] jffs2: notice: (350) jffs2_build_xattr_subsystem: complete buildi ng xattr subsystem, 1 of xdatum (1 unchecked, 0 orphan) and 1 of xref (0 dead, 0 orphan) found. [ 11.270000] eth1: link up (100Mbps/Full duplex) [ 11.370000] block: attempting to load /tmp/jffs_cfg/upper/etc/config/fstab [ 11.380000] block: extroot: not configured [ 11.380000] mount_root: switching to jffs2 overlay [ 11.430000] eth1: link down [ 11.450000] procd: - early - [ 11.450000] procd: - watchdog - [ 12.360000] procd: - ubus - [ 13.370000] procd: - init - Please press Enter to activate this console. [ 14.980000] NET: Registered protocol family 10 [ 15.000000] ip6_tables: (C) 2000-2006 Netfilter Core Team [ 15.050000] hidraw: raw HID events driver (C) Jiri Kosina [ 15.070000] u32 classifier [ 15.070000] input device check on [ 15.070000] Actions configured [ 15.080000] Mirror/redirect action on [ 15.090000] nf_conntrack version 0.5.0 (956 buckets, 3824 max) [ 15.200000] Bluetooth: Core ver 2.19 [ 15.210000] NET: Registered protocol family 31 [ 15.210000] Bluetooth: HCI device and connection manager initialized [ 15.220000] Bluetooth: HCI socket layer initialized [ 15.220000] Bluetooth: L2CAP socket layer initialized [ 15.230000] Bluetooth: SCO socket layer initialized [ 15.240000] Bluetooth: BNEP (Ethernet Emulation) ver 1.3 [ 15.240000] Bluetooth: BNEP filters: protocol multicast [ 15.250000] Bluetooth: BNEP socket layer initialized [ 15.260000] usbcore: registered new interface driver btusb [ 15.260000] Loading modules backported from Linux version master-2015-03-09-0 -g141f155 [ 15.270000] Backport generated by backports.git backports-20150129-0-gdd4a670 [ 15.280000] bluetooth hci0: Direct firmware load for brcm/BCM20702A0-0a5c-21e 8.hcd failed with error -2 [ 15.280000] bluetooth hci0: Falling back to user helper [ 15.300000] Bluetooth: HCI UART driver ver 2.2 [ 15.300000] Bluetooth: HCI H4 protocol initialized [ 15.310000] Bluetooth: HCI BCSP protocol initialized [ 15.330000] Bluetooth: HIDP (Human Interface Emulation) ver 1.2 [ 15.330000] Bluetooth: HIDP socket layer initialized [ 15.340000] ip_tables: (C) 2000-2006 Netfilter Core Team [ 15.430000] Bluetooth: RFCOMM TTY layer initialized [ 15.440000] Bluetooth: RFCOMM socket layer initialized [ 15.440000] Bluetooth: RFCOMM ver 1.11 [ 15.540000] xt_time: kernel timezone is -0000 [ 15.600000] cfg80211: Calling CRDA to update world regulatory domain [ 15.620000] cfg80211: World regulatory domain updated: [ 15.620000] cfg80211: DFS Master region: unset [ 15.620000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gai n, max_eirp), (dfs_cac_time) [ 15.630000] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 2000 m Bm), (N/A) [ 15.640000] cfg80211: (2457000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 m Bm), (N/A) [ 15.650000] cfg80211: (2474000 KHz - 2494000 KHz @ 20000 KHz), (N/A, 2000 m Bm), (N/A) [ 15.660000] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz), (N/A, 2000 m Bm), (N/A) [ 15.670000] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AU TO), (N/A, 2000 mBm), (0 s) [ 15.680000] cfg80211: (5490000 KHz - 5730000 KHz @ 160000 KHz), (N/A, 2000 mBm), (0 s) [ 15.680000] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 2000 m Bm), (N/A) [ 15.690000] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 0 mBm), (N/A) [ 15.800000] PPP generic driver version 2.4.2 [ 15.810000] NET: Registered protocol family 24 [ 15.870000] firmware brcm!BCM20702A0-0a5c-21e8.hcd: firmware_loading_store: m ap pages failed [ 15.880000] Bluetooth: hci0: BCM: patch brcm/BCM20702A0-0a5c-21e8.hcd not fou nd [ 15.940000] ieee80211 phy0: Atheros AR9330 Rev:1 mem=0xb8100000, irq=2 [ 15.950000] cfg80211: Calling CRDA for country: US [ 15.950000] cfg80211: Regulatory domain changed to country: US [ 15.960000] cfg80211: DFS Master region: FCC [ 15.960000] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gai n, max_eirp), (dfs_cac_time) [ 15.970000] cfg80211: (2402000 KHz - 2472000 KHz @ 40000 KHz), (N/A, 3000 m Bm), (N/A) [ 15.980000] cfg80211: (5170000 KHz - 5250000 KHz @ 80000 KHz, 160000 KHz AU TO), (N/A, 1700 mBm), (N/A) [ 15.990000] cfg80211: (5250000 KHz - 5330000 KHz @ 80000 KHz, 160000 KHz AU TO), (N/A, 2300 mBm), (0 s) [ 16.000000] cfg80211: (5735000 KHz - 5835000 KHz @ 80000 KHz), (N/A, 3000 m Bm), (N/A) [ 16.010000] cfg80211: (57240000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 40 00 mBm), (N/A) [ 16.060000] Bluetooth: Unable to create crypto context BusyBox v1.23.2 (2015-04-06 07:12:41 MDT) built-in shell (ash) _______ ________ __ | |.-----.-----.-----.| | | |.----.| |_ | - || _ | -__| || | | || _|| _| |_______|| __|_____|__|__||________||__| |____| |__| W I R E L E S S F R E E D O M ----------------------------------------------------- CHAOS CALMER (Bleeding Edge, r45288) ----------------------------------------------------- * 1 1/2 oz Gin Shake with a glassful * 1/4 oz Triple Sec of broken ice and pour * 3/4 oz Lime Juice unstrained into a goblet. * 1 1/2 oz Orange Juice * 1 tsp. Grenadine Syrup ----------------------------------------------------- root@OpenWrt:/# root@OpenWrt:/# root@OpenWrt:/# root@OpenWrt:/# [ 27.080000] device eth1 entered promiscuous mode [ 27.080000] IPv6: ADDRCONF(NETDEV_UP): br-lan: link is not ready root@OpenWrt:/# [ 29.870000] eth1: link up (100Mbps/Full duplex) [ 29.870000] br-lan: port 1(eth1) entered forwarding state [ 29.880000] br-lan: port 1(eth1) entered forwarding state [ 29.880000] IPv6: ADDRCONF(NETDEV_CHANGE): br-lan: link becomes ready [ 31.880000] br-lan: port 1(eth1) entered forwarding state root@OpenWrt:/# hciconfig hci0 up root@OpenWrt:/# hciconfig hci0: Type: BR/EDR Bus: USB BD Address: 00:19:0E:12:46:8A ACL MTU: 1021:8 SCO MTU: 64:1 UP RUNNING RX bytes:1158 acl:0 sco:0 events:63 errors:0 TX bytes:1046 acl:0 sco:0 commands:63 errors:0 root@OpenWrt:/# gatttool --adapter=hci0 -I [ ][LE]> connect EC:FE:7E:10:95:1F Attempting to connect to EC:FE:7E:10:95:1F Connection successful [EC:FE:7E:10:95:1F][LE]> sec-level medium [ 334.770000] CPU 0 Unable to handle kernel paging request at virtual address 0 0000200, epc == 80067e20, ra == 83231668 [ 334.770000] Oops[#1]: [ 334.770000] CPU: 0 PID: 1553 Comm: gatttool Not tainted 3.18.10 #7 [ 334.770000] task: 82a43548 ti: 829a8000 task.ti: 829a8000 [ 334.770000] $ 0 : 00000000 7ffaed06 00000000 00000000 [ 334.770000] $ 4 : 00000200 830bcc0c 00000000 00000000 [ 334.770000] $ 8 : 00000000 00000000 00000001 00000057 [ 334.770000] $12 : 7ffaecd0 00000002 00000000 00000000 [ 334.770000] $16 : 830bcc00 829d1700 00000000 00000002 [ 334.770000] $20 : 00000200 006afb50 77209118 00000000 [ 334.770000] $24 : 00000000 7709ca40 [ 334.770000] $28 : 829a8000 829a9e88 00000000 83231668 [ 334.770000] Hi : 00000020 [ 334.770000] Lo : 00000033 [ 334.770000] epc : 80067e20 mutex_lock+0x0/0x30 [ 334.770000] Not tainted [ 334.770000] ra : 83231668 smp_conn_security+0x88/0x200 [bluetooth] [ 334.770000] Status: 1000fc03 KERNEL EXL IE [ 334.770000] Cause : 00800008 [ 334.770000] BadVA : 00000200 [ 334.770000] PrId : 00019374 (MIPS 24Kc) [ 334.770000] Modules linked in: ath9k ath9k_common pppoe ppp_async iptable_nat ath9k_hw ath pppox ppp_generic nf_nat_ipv4 nf_conntrack_ipv6 nf_conntrack_ipv4 mac80211 ipt_REJECT ipt_MASQUERADE cfg80211 xt_time xt_tcpudp xt_tcpmss xt_strin g xt_statistic xt_state xt_recent xt_nat xt_multiport xt_mark xt_mac xt_limit xt _length xt_id xt_hl xt_helper xt_ecn xt_dscp xt_conntrack xt_connmark xt_connlim it xt_connbytes xt_comment xt_TCPMSS xt_REDIRECT xt_LOG xt_HL xt_DSCP xt_CT xt_C LASSIFY ts_kmp ts_fsm ts_bm slhc rfcomm nf_reject_ipv4 nf_nat_masquerade_ipv4 nf _nat_irc nf_nat_ftp nf_nat nf_log_ipv4 nf_defrag_ipv6 nf_defrag_ipv4 nf_conntrac k_rtcache nf_conntrack_irc nf_conntrack_ftp iptable_raw iptable_mangle iptable_f ilter ipt_ECN ip_tables hidp hci_uart crc_ccitt compat btusb bnep bluetooth act_ connmark nf_conntrack act_skbedit act_mirred em_u32 cls_u32 cls_tcindex cls_flow cls_route cls_fw sch_hfsc sch_ingress hid evdev input_core ledtrig_usbdev ip6t_ REJECT nf_reject_ipv6 nf_log_ipv6 nf_log_common ip6table_raw ip6table_mangle ip6 table_filter ip6_tables x_tables ifb ipv6 arc4 crypto_blkcipher usb_storage ehci _platform ehci_hcd sd_mod scsi_mod gpio_button_hotplug ext4 jbd2 mbcache usbcore nls_base usb_common crc16 crypto_hash [ 334.770000] Process gatttool (pid: 1553, threadinfo=829a8000, task=82a43548, tls=772c4750) [ 334.770000] Stack : 829a9f00 80134464 0000540f 00000000 7ffaedb8 801381f4 829 9d400 7ffaed04 82ade200 ffffffea 83237b50 8322e274 77209118 7ffaee20 829a9ee8 006af8a 8 02000000 80269348 00000004 800796d4 83550b00 00000002 7ffaed04 0000000 4 00000112 8007c714 00000000 00000000 00000000 00000000 00000002 0000000 0 00000000 00000000 00000005 00000002 006af8a8 77294b70 00000000 80062b5 c ... [ 334.770000] Call Trace: [ 334.770000] [<80067e20>] mutex_lock+0x0/0x30 [ 334.770000] [<83231668>] smp_conn_security+0x88/0x200 [bluetooth] [ 334.770000] [<8322e274>] l2cap_is_socket+0x1514/0x242c [bluetooth] [ 334.770000] [ 334.770000] Code: 8fb00024 03e00008 27bd0040 2443ffff e0830000 1060fffc 0000 0000 2442ffff [ 335.050000] ---[ end trace fe8f2f0ed758dfcc ]--- Will Tucker BlueRadios, Inc. 8310 South Valley Highway, Suite 275 Englewood, Colorado 80112 USA wtucker@BlueRadios.com www.BlueRadios.com