sshd fails to validate my valid config file

2018-04-26 Thread Daniel Jakots 
Hi,

Attached config seems to work on both 6.2 and 6.3 (I simplified the one
which is really running on my servers). On 6.2:
$ doas /usr/sbin/sshd -T -f /tmp/sshd_config 1> /dev/null ; echo $?
0
on 6.3:
$ doas /usr/sbin/sshd -T -f /tmp/sshd_config 1> /dev/null ; echo $?
'Match Address' in configuration but 'addr' not in connection test
specification.
255

But on 6.3 I can still reload sshd and sshd started fine when the vm
booted so I guess the config is fine.

Seeing in servconf.c#L952 (on -current) I ran in verbose test mode it
says:
# /usr/sbin/sshd -T -f sshd_config
debug3: checking match for 'Address 185.19.29.62' user (null) host
(null) addr (null) laddr (null) lport 0

I noticed because I configure the config with ansible with a validate
rule.

Cheers,
Daniel


sshd_config
Description: Binary data

Re: certbot problem on sparc64 (probably python)

2018-07-04 Thread Daniel Jakots 
On Tue, 3 Jul 2018 19:29:07 +0100 (BST), and...@grillet.co.uk wrote:

> From the log, it looks like bits are missing from the python
> install, but I don't know python, and I could be wrong.

Can you share the log (so we don't have to guess) please?


Cheers,
Daniel

updating softraid password running on top of grub2 broken?

2018-08-02 Thread Daniel Jakots 
Hi,

I've been told to install OpenBSD alongside Windows and Debian (with
grub2) because it's my $dayjob laptop and I could have the need for
them. It's an x260 with UEFI. I have to give back the laptop now. In
case someone wanted to access the stuff I had on it, I changed the
softraid crypto password (let's just say it was so people don't see
that I'm using "hunter2" everywhere).

I updated the password with bioctl -P sd1 which worked correctly. Then
I rebooted and it says:

probing: pc0 mem[352K 204K 3273M 153M 4648M]
disk: hd0 sr0
>> OpenBSD/amd64 BOOTX64 3.32
Passphrase: 
bcrypt_pbkdf failed
open(sr0a:/etc/boot.conf): Operation not permitted
boot>
Passphrase: 
incorrect passphrase or keydisk
booting sr0a:/bsd: Passphrase: 
bcrypt_pbkdf failed
open(sr0a:/etc/boot.conf): Operation not permitted
failed(1). will try /bsd
boot>

I'm pretty sure it's the correct passphrase because I type a known
wrong passphrase the error message is not the same. The laptop was
installed in December 2016, I guessed the problem could have been the
switch:

> Switch softraid crypto from PKCS5 PBKDF2 to bcrypt PBKDF

if the boot loader hadn't been upgraded (because of grub2) but this
commit was on September 2016 so I guess it's something else.

Any idea what could it be?
Any idea what could have been done otherwise from the user side to
prevent this?
I'm asking mainly for other people, running the same fragile system. I
have backups so I should be fine (famous last words).

Cheers,
Daniel

Re: updating softraid password running on top of grub2 broken?

2018-08-02 Thread Daniel Jakots 
On Thu, 2 Aug 2018 14:47:43 -0400, Daniel Jakots 
wrote:

> probing: pc0 mem[352K 204K 3273M 153M 4648M]
> disk: hd0 sr0
> >> OpenBSD/amd64 BOOTX64 3.32  
> Passphrase: 
> bcrypt_pbkdf failed
> open(sr0a:/etc/boot.conf): Operation not permitted
> boot>  

@vi@cybre.espace (mastodon) pointed me that the message is an
error message printed only if the function fails and he thinks it can
fail only this way: 
https://github.com/openbsd/src/blob/master/sys/lib/libsa/bcrypt_pbkdf.c#L110-L114

So I thought maybe the usb keyboard is to blame here, and indeed, I can
reproduce the problem if I type the password on a usb keyboard but it
works fine if I type the password directly on the laptop.

Now, I don't think I've ever typed the password on a usb keyboard before
so it's probably not a regression.

So please disregard this.

Cheers,
Daniel

Re: pkg_info on -current returns permission denied on uninstalled packages

2019-07-05 Thread Daniel Jakots 
On Fri, 5 Jul 2019 23:01:10 +0200, Jan Vlach  wrote:

> Comment:
> Permission denied at /usr/libdata/perl5/OpenBSD/PackageLocation.pm
> line 160.


I think it has been fixed with
https://github.com/openbsd/src/commit/2619906e705af8847358c6a636c25ad351dc3064

Cheers,
Daniel

terminal is cleared when logging as root

2023-10-23 Thread Daniel Jakots 
Hi,

I installed a new machine on Saturday (with -current) and I noticed
that when I logged in as root the terminal get cleared but not cleanly.
I upgraded a existing machine to a newer snapshot and then the problem
appeared as well.

This happens when using `doas su -`, `ssh root@` and I think I had it on
console as well.
For some reason, it doesn't happen with my regular user.

Previous snapshot was from 2023-10-13. I guess it's since the
libcurses update on the 17th?

Cheers,
Daniel

dmesg:
OpenBSD 7.4-current (GENERIC.MP) #1415: Fri Oct 20 10:00:26 MDT 2023
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 4278042624 (4079MB)
avail mem = 4128636928 (3937MB)
random: good seed from bootblocks
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf59a0 (11 entries)
bios0: vendor SeaBIOS version "1.15.0-1" date 04/01/2014
bios0: QEMU Standard PC (Q35 + ICH9, 2009)
acpi0 at bios0: ACPI 3.0
acpi0: sleep states S5
acpi0: tables DSDT FACP APIC MCFG WAET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-9700T CPU @ 2.00GHz, 312.77 MHz, 06-9e-0d
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,VMX,SSSE3,FMA3,CX16,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,UMIP,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TSX_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES
cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 4MB
64b/line 16-way L2 cache, 16MB 64b/line 16-way L3 cache cpu0: smt 0,
core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88
fixed ranges cpu0: apic clock running at 1000MHz cpu1 at mainbus0: apid
1 (application processor) cpu1: Intel(R) Core(TM) i7-9700T CPU @
2.00GHz, 270.19 MHz, 06-9e-0d cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SS,SSE3,PCLMUL,VMX,SSSE3,FMA3,CX16,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,UMIP,MD_CLEAR,IBRS,IBPB,STIBP,SSBD,ARAT,IBRS_ALL,SKIP_L1DFL,MDS_NO,IF_PSCHANGE,TSX_CTRL,XSAVEOPT,XSAVEC,XGETBV1,XSAVES
cpu1: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 4MB
64b/line 16-way L2 cache, 16MB 64b/line 16-way L3 cache cpu1: smt 0,
core 0, package 1 ioapic0 at mainbus0: apid 0 pa 0xfec0, version
11, 24 pins acpimcfg0 at acpi0 acpimcfg0: addr 0xb000, bus 0-255
acpiprt0 at acpi0: bus 0 (PCI0)
"ACPI0006" at acpi0 not configured
acpipci0 at acpi0 PCI0: 0x0010 0x0011 0x
com0 at acpi0 COM1 addr 0x3f8/0x8 irq 4: ns16550a, 16 byte fifo
acpicmos0 at acpi0
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"QEMU0002" at acpi0 not configured
"ACPI0010" at acpi0 not configured
acpicpu0 at acpi0: C1(@1 halt!)
acpicpu1 at acpi0: C1(@1 halt!)
pvbus0 at mainbus0: KVM
pvclock0 at pvbus0
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82G33 Host" rev 0x00
vga1 at pci0 dev 1 function 0 "Qumranet Virtio 1.x GPU" rev 0x01
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
ppb0 at pci0 dev 2 function 0 vendor "Red Hat", unknown product 0x000c
rev 0x00: apic 0 int 22 pci1 at ppb0 bus 1
virtio0 at pci1 dev 0 function 0 "Qumranet Virtio 1.x Network" rev 0x01
vio0 at virtio0: address 52:54:00:06:db:03
virtio0: msix per-VQ
ppb1 at pci0 dev 2 function 1 vendor "Red Hat", unknown product 0x000c
rev 0x00: apic 0 int 22 pci2 at ppb1 bus 2
xhci0 at pci2 dev 0 function 0 vendor "Red Hat", unknown product 0x000d
rev 0x01: msix, xHCI 0.0 usb0 at xhci0: USB revision 3.0
uhub0 at usb0 configuration 1 interface 0 "Red Hat xHCI root hub" rev
3.00/1.00 addr 1 ppb2 at pci0 dev 2 function 2 vendor "Red Hat",
unknown product 0x000c rev 0x00: apic 0 int 22 pci3 at ppb2 bus 3
virtio1 at pci3 dev 0 function 0 "Qumranet Virtio 1.x Console" rev 0x01
virtio1: no matching child driver; not configured
ppb3 at pci0 dev 2 function 3 vendor "Red Hat", unknown product 0x000c
rev 0x00: apic 0 int 22 pci4 at ppb3 bus 4
virtio2 at pci4 dev 0 function 0 "Qumranet Virtio 1.x Storage" rev 0x01
vioblk0 at virtio2
scsibus1 at vioblk0: 1 targets
sd0 at scsibus1 targ 0 lun 0: 
sd0: 92160MB, 512 bytes/sector, 188743680 sectors
virtio2: msix per-VQ
ppb4 at pci0 dev 2 function 4 vendor "Red Hat", unknown product 0x000c
rev 0x00: apic 0 int 22 pci5 at ppb4 bus 5
virtio3 at pci5 dev 0 function 0 vendor "Qumranet", unknown product
0x1045 rev 0x01 viomb0 at virtio3
virtio3: apic 0 int 22
ppb5 at

Re: terminal is cleared when logging as root

2023-10-24 Thread Daniel Jakots 
On Tue, 24 Oct 2023 13:48:31 -0600, Todd C. Miller
 wrote:

> Index: etc/root/dot.profile
> ===
> RCS file: /cvs/src/etc/root/dot.profile,v
> retrieving revision 1.9
> diff -u -p -u -r1.9 dot.profile
> --- etc/root/dot.profile  13 Dec 2010 12:54:31 -  1.9
> +++ etc/root/dot.profile  24 Oct 2023 19:44:21 -
> @@ -11,11 +11,7 @@ umask 022
>  case "$-" in
>  *i*)# interactive shell
>   if [ -x /usr/bin/tset ]; then
> - if [ X"$XTERM_VERSION" = X"" ]; then
> - eval `/usr/bin/tset -sQ '-munknown:?vt220'
> $TERM`
> - else
> - eval `/usr/bin/tset -IsQ '-munknown:?vt220'
> $TERM`
> - fi
> + eval `/usr/bin/tset -IsQ '-munknown:?vt220' $TERM`
>   fi
>   ;;
>  esac

Applying this to my /root/.profile fixes the issue, thanks!

Re: /usr/local/bin/mosh broken by recent ssh changes ?

2018-11-17 Thread Daniel Jakots 
On Sun, 18 Nov 2018 10:10:30 +1100, Darren Tucker 
wrote:

> On Sun, Nov 18, 2018 at 10:03:20AM +1100, Darren Tucker wrote:

> You can work around it by setting ControlPersist=yes either in
> ~/.ssh/config or via mosh's --ssh option.


 
> ok?

This diff makes mosh work again, thanks!
(ok danj@ fwiw)

> diff --git a/sshconnect.c b/sshconnect.c
> index a700f467..ed86d0d9 100644
> --- a/sshconnect.c
> +++ b/sshconnect.c
> @@ -163,7 +163,8 @@ ssh_proxy_fdpass_connect(struct ssh *ssh, const
> char *host, u_short port,
>* Stderr is left for non-ControlPersist connections
> is so
>* error messages may be printed on the user's
> terminal. */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> + options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
> @@ -245,7 +246,8 @@ ssh_proxy_connect(struct ssh *ssh, const char
> *host, u_short port,
>* Stderr is left for non-ControlPersist connections
> is so
>* error messages may be printed on the user's
> terminal. */
> - if (debug_flag || !options.control_persist)
> + if (!debug_flag && options.control_path != NULL &&
> + options.control_persist)
>   stderr_null();
>  
>   argv[0] = shell;
>

Re: Ansible 2.7.x broken looping

2018-11-22 Thread Daniel Jakots 
On Thu, 22 Nov 2018 10:23:39 -0600, Edward Lopez-Acosta
 wrote:

> $ cat test.yml
> ---
> - hosts: localhost
>tasks:
>- name: testloop
>  shell: echo "{{ item }}"
>  loop: [ 0, 1, 2, 3, 4, 5 ]
> 

> This is an issue in ansible 2.7.x. I did not see any list emails for 
> this, and checking on IRC others saw similar issues.
> 
> My experience with this is limited and I am not sure where to look
> next. Would anyone be able to lend a hand and help me learn while
> this gets solved please?

The problem is "Add automatic threading initialization for libcrypto."
https://github.com/openbsd/src/commit/3938ed1ebd7560655156b4463ed629b56b149c35#diff-14fea22428619a6129735cb456170388

Thanks for the PoC, Brent asked how to reproduce the problem so
hopefully it will help him.


Cheers,
Daniel

Re: ssh-keygen -o not documented

2019-01-18 Thread Daniel Jakots 
On Fri, 18 Jan 2019 18:12:44 +0100, Adam Kalisz
 wrote:

> I haven't found the ssh-keygen -o option in the man page. Have I
> missed something? [0] tedu@ wrote about it in a blog some time ago.
> [1] Interesting thing, FreeBSD and Debian has it documented in the
> manpage [2], [3] but I cannot find the option on an actual Debian
> Testing installation too.

Yes, it used to be documented until it was switched to be the default:
https://github.com/openbsd/src/commit/c48dde59ec5591eacf95d782113b8b6633a21383#diff-4597e82a1701f574ab527756a8324149

Cheers,
Daniel

ksh: meta dot doesn't use the shell history

2019-01-27 Thread Daniel Jakots 
Hi,

Sending this email to bugs@ as I consider it a usability bug.

I really like in my shell the meta dot functionality to get the last
argument of the previous command. In bash typing 3 times "alt ." gives
you the last argument of the n-3 command, while in ksh it gives you 3
times the last argument of the last command.
IMHO the bash behaviour makes more sense.

Cheers,
Daniel

sshd regression: keyword AuthenticationMethods extra arguments at end of line

2021-06-05 Thread Daniel Jakots 
Hi,

I updated some machines of mine to a newer snapshot and got some
problems with sshd.

Old snapshot is from 2021-05-19.
New snapshot is from 2021-06-05 (today).

I use the default config (only change is LogLevel VERBOSE) and at the
end I put some custom config which I give here:

 90 # Custom config
 91 PermitRootLogin without-password
 92 
 93 # 2FA (yubikey or totp)
 94 PasswordAuthentication yes
 95 AuthenticationMethods publickey,password
 96 #AuthenticationMethods publickey
 97 
 98 AllowUsers www
 99 
100 
101 # 1FA for those users
102 Match User zzz
103 AuthenticationMethods publickey
104 Match Address 192.168.111.34/32
105 AllowUsers xxx
106 AuthenticationMethods publickey
107 
108 # For 2FA but also to allow root from legit IP
109 Match Address 192.0.2.221
110 AuthenticationMethods publickey
111 AllowUsers root www xxx yyy
112 


sshd doesn't start. With debug mode:
$ /usr/sbin/sshd -d 
/etc/ssh/sshd_config line 103: keyword AuthenticationMethods extra arguments at 
end of line
/etc/ssh/sshd_config line 106: keyword AuthenticationMethods extra arguments at 
end of line
/etc/ssh/sshd_config line 110: keyword AuthenticationMethods extra arguments at 
end of line
/etc/ssh/sshd_config: terminating, 3 bad configuration options

Cheers,
Daniel

Re: missing KERNEL_LOCK() for `ifconfig wgX destroy`?

2021-08-25 Thread Daniel Jakots 
On Wed, 25 Aug 2021 12:40:29 +0300, Vitaliy Makkoveev 
wrote:

> I see this assertion wrong. if_get(9) returns NULL here if the
> interface is going to die and already unlinked from the stack, but
> the routing table entries are not yet removed by in{,6}_ifdetach().
> So I propose to return ESRCH and let concurrent if_detach() to follow
> it's way.
> 
> Also the following "ifp != NULL" assertions in rtm_output() are wrong
> and kernel lock serialization doesn't work here because we are
> grabbing netlock before if_get(9). We have the same case here: the
> returned NULL means the requested interface is going to die and there
> is no reason to perform ifp->if_rtrequest().

Thanks for looking into it!

> Does the diff below helps? The panic should gone, but I'm interesting
> about the routing table consistency.

What should I look for with the diff? If the routing table is free of
wg0 route after the destroy?

Cheers,
Daniel

wrong key type in sshd logs

2022-02-13 Thread Daniel Jakots 
Hi,

I thought I could restrict further my sshd_config regarding
PubkeyAcceptedAlgorithms. I've one user where I can't use another key
type than rsa. I added a `Match User whatever` and since I wasn't sure
about which thingy I needed from `ssh -Q PubkeyAcceptedAlgorithms |
grep rsa | grep -v cert`, I put an unrelated to algo with
PubkeyAcceptedAlgorithms and checked the logs.

It said "userauth_pubkey: key type ssh-rsa not in
PubkeyAcceptedAlgorithms [preauth]"

I replaced the PubkeyAcceptedAlgorithms setting, except it still didn't
work. Eventually, I tried them one by one and found out rsa-sha2-512
is the one I needed.

It's unfortunate the log doesn't give the right one.

I went into the code to check. In sshkey.c there is

113 { "ssh-rsa", "RSA", NULL, KEY_RSA, 0, 0, 0 },
114 { "rsa-sha2-256", "RSA", NULL, KEY_RSA, 0, 0, 1 },
115 { "rsa-sha2-512", "RSA", NULL, KEY_RSA, 0, 0, 1 },

Since they all share "KEY_RSA", I assume there's no way to differentiate
one 'subtype' vs another?

(I'm using -current but I doubt it matters).

Cheers,
Daniel

Re: panic: pool_do_get: mcl2k free list modified

2024-06-16 Thread Daniel Jakots 
On Sat, 15 Jun 2024 11:58:42 -0400, Daniel Jakots  wrote:

> Hey,
> 
> I updated my machines today to the latest snapshot. Previous
> snapshot it was running was from 2024-05-24.
> 
> I don't have time right now to type the panic stuff, so I just include
> the pictures of the panic for now. I'll type the messages later.

panic: pool_go_get: mcl2k free list modified: page 0xfd8005ac7000;
item add
r 0xfd8005ac8800; offset 0x0=0x0 != 0xa8c209c77e2fbcaa
Stopped at db_enter+0x14: popq %rbp
TID   PID UID   PRFLAGS PFLAGS CPU COMMAND
*244621 54621   0   0X14000 0x2000  wg_crypt
db_enter() at db_enter+0xcf
pool_do_get(927f6360,2,80001ca74af4) at pool_do_get+0x350
pool_get(827f6360,2) at pool_get+0x86
m_clget(0,2,800) at m_clget+0x1a8
vio_populate_rx_mbufs(800b4000) at vio_populate_rx_mbufs+0x133
vio_rx_intr(800b4050) at vio_rx_intr+0x50
intr_handler(80001ca74c90,80082200) at intr_handler+0x18f
memset() at memset+0x5c
wg_encap_worker(808a9000) at wg_encap_worker+0x8b
taskq_thread(8007e080) at taskq_thread+0x129
end trace frame: 0x0, count: 3

> I'm not sure if they include enough information, but I hit the panic
> twice in a couple of hours so it seems it's easily reproducible. Tell
> me what more info do you need. :)
> 
> This is a virtual machine single core, which is running bgp sessions
> over Wireguard® tunnels. Surprisingly, it's not the only machine with
> that setup, but the panic seems to happen only on this one.
> 
> Cheers,
> Daniel
> 
> OpenBSD 7.5-current (GENERIC) #129: Fri Jun 14 15:46:47 MDT 2024
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
> real mem = 1056813056 (1007MB)
> avail mem = 1001955328 (955MB)
> random: good seed from bootblocks
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf5940 (9 entries)
> bios0: vendor Vultr
> bios0: Vultr VC2
> acpi0 at bios0: ACPI 1.0
> acpi0: sleep states S3 S4 S5
> acpi0: tables DSDT FACP APIC HPET WAET
> acpi0: wakeup devices
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: Intel Xeon Processor (Skylake, IBRS), 2595.08 MHz, 06-55-04
> cpu0: cpuid 1
> edx=78bfbff
> ecx=f6da3203
> cpu0: cpuid 6 eax=4 cpu0: cpuid 7.0
> ebx=d10307a9
> ecx=8 edx=8400 cpu0: cpuid d.1
> eax=1 cpu0: cpuid 8001
> edx=2c100800 ecx=21 cpu0: MELTDOWN
> cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way I-cache, 4MB
> 64b/line 16-way L2 cache, 16MB 64b/line 16-way L3 cache cpu0: smt 0,
> core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var ranges, 88
> fixed ranges cpu0: apic clock running at 1000MHz ioapic0 at mainbus0:
> apid 0 pa 0xfec0, version 20, 24 pins acpihpet0 at acpi0:
> 1 Hz acpiprt0 at acpi0: bus 0 (PCI0) "ACPI0006" at acpi0 not
> configured acpipci0 at acpi0 PCI0
> "PNP0A06" at acpi0 not configured
> "PNP0A06" at acpi0 not configured
> "PNP0A06" at acpi0 not configured
> "QEMU0002" at acpi0 not configured
> acpicmos0 at acpi0
> "ACPI0010" at acpi0 not configured
> acpicpu0 at acpi0: C1(@1 halt!)
> cpu0: using Skylake AVX-512 MDS workaround
> pvbus0 at mainbus0: KVM
> pvclock0 at pvbus0
> pci0 at mainbus0 bus 0
> pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
> pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
> pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA,
> channel 0 wired to compatibility, channel 1 wired to compatibility
> pciide0: channel 0 disabled (no drives) atapiscsi0 at pciide0 channel
> 1 drive 0 scsibus1 at atapiscsi0: 2 targets
> cd0 at scsibus1 targ 0 lun 0:  removable
> cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
> uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0
> int 11 piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev
> 0x03: apic 0 int 9 iic0 at piixpm0
> vga1 at pci0 dev 2 function 0 "Cirrus Logic CL-GD5446" rev 0x00
> wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
> vio0 at virtio0: address 56:00:02:c5:18:cb
> virtio0: msix per-VQ
> virtio1 at pci0 dev 4 function 0 "Qumranet Virtio Storage" rev 0x00
> vioblk0 at virtio1
> scsibus2 at vioblk0: 1 targets
> sd0 at scsibus2 targ 0 lun 0: 
> sd0: 25600MB, 512 bytes/sector, 52428800 sectors
> virtio1: msix per-VQ
> virtio2 at pci0 dev 5 function 0 "Qumranet Virtio Memory Balloon" rev
&

Re: panic: pool_do_get: mcl2k free list modified

2024-06-16 Thread Daniel Jakots 
On Sat, 15 Jun 2024 18:56:14 +0200, Jan Klemkow  wrote:

> Does ist also happend, if you disable LRO?
> 
> try:
> 
> ifconfig vio0 -tcplro

Thanks for the cue, it doesn't happen indeed.
 
> thanks for you bug report,
> jan
> 
> 
> 
> On June 15, 2024 5:58:42 PM GMT+02:00, Daniel Jakots 
> wrote:
> >Hey,
> >
> >I updated my machines today to the latest snapshot. Previous
> >snapshot it was running was from 2024-05-24.
> >
> >I don't have time right now to type the panic stuff, so I just
> >include the pictures of the panic for now. I'll type the messages
> >later.
> >
> >I'm not sure if they include enough information, but I hit the panic
> >twice in a couple of hours so it seems it's easily reproducible. Tell
> >me what more info do you need. :)
> >
> >This is a virtual machine single core, which is running bgp sessions
> >over Wireguard® tunnels. Surprisingly, it's not the only machine with
> >that setup, but the panic seems to happen only on this one.
> >
> >Cheers,
> >Daniel
> >
> >OpenBSD 7.5-current (GENERIC) #129: Fri Jun 14 15:46:47 MDT 2024
> >dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
> >real mem = 1056813056 (1007MB)
> >avail mem = 1001955328 (955MB)
> >random: good seed from bootblocks
> >mpath0 at root
> >scsibus0 at mpath0: 256 targets
> >mainbus0 at root
> >bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf5940 (9 entries)
> >bios0: vendor Vultr
> >bios0: Vultr VC2
> >acpi0 at bios0: ACPI 1.0
> >acpi0: sleep states S3 S4 S5
> >acpi0: tables DSDT FACP APIC HPET WAET
> >acpi0: wakeup devices
> >acpitimer0 at acpi0: 3579545 Hz, 24 bits
> >acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> >cpu0 at mainbus0: apid 0 (boot processor)
> >cpu0: Intel Xeon Processor (Skylake, IBRS), 2595.08 MHz, 06-55-04
> >cpu0: cpuid 1
> >edx=78bfbff
> >ecx=f6da3203
> >cpu0: cpuid 6 eax=4 cpu0: cpuid 7.0
> >ebx=d10307a9
> >ecx=8 edx=8400 cpu0: cpuid d.1
> >eax=1 cpu0: cpuid 8001
> >edx=2c100800 ecx=21 cpu0:
> >MELTDOWN cpu0: 32KB 64b/line 8-way D-cache, 32KB 64b/line 8-way
> >I-cache, 4MB 64b/line 16-way L2 cache, 16MB 64b/line 16-way L3 cache
> >cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 8 var
> >ranges, 88 fixed ranges cpu0: apic clock running at 1000MHz ioapic0
> >at mainbus0: apid 0 pa 0xfec0, version 20, 24 pins acpihpet0 at
> >acpi0: 1 Hz acpiprt0 at acpi0: bus 0 (PCI0) "ACPI0006" at
> >acpi0 not configured acpipci0 at acpi0 PCI0
> >"PNP0A06" at acpi0 not configured
> >"PNP0A06" at acpi0 not configured
> >"PNP0A06" at acpi0 not configured
> >"QEMU0002" at acpi0 not configured
> >acpicmos0 at acpi0
> >"ACPI0010" at acpi0 not configured
> >acpicpu0 at acpi0: C1(@1 halt!)
> >cpu0: using Skylake AVX-512 MDS workaround
> >pvbus0 at mainbus0: KVM
> >pvclock0 at pvbus0
> >pci0 at mainbus0 bus 0
> >pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
> >pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
> >pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA,
> >channel 0 wired to compatibility, channel 1 wired to compatibility
> >pciide0: channel 0 disabled (no drives) atapiscsi0 at pciide0
> >channel 1 drive 0 scsibus1 at atapiscsi0: 2 targets
> >cd0 at scsibus1 targ 0 lun 0:  removable
> >cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
> >uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0
> >int 11 piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev
> >0x03: apic 0 int 9 iic0 at piixpm0
> >vga1 at pci0 dev 2 function 0 "Cirrus Logic CL-GD5446" rev 0x00
> >wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
> >wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
> >virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
> >vio0 at virtio0: address 56:00:02:c5:18:cb
> >virtio0: msix per-VQ
> >virtio1 at pci0 dev 4 function 0 "Qumranet Virtio Storage" rev 0x00
> >vioblk0 at virtio1
> >scsibus2 at vioblk0: 1 targets
> >sd0 at scsibus2 targ 0 lun 0: 
> >sd0: 25600MB, 512 bytes/sector, 52428800 sectors
> >virtio1: msix per-VQ
> >virtio2 at pci0 dev 5 function 0 "Qumranet Virtio Memory Balloon"
> >rev 0x00 viomb0 at virtio2
> >virtio2: apic 0 int 10
> >virtio3 at pci0 dev 6 function 0 "Qumranet Virtio RNG" rev 0x00
> >viorn

Re: radeon(4) drm crashing on current/amd64

2016-06-01 Thread Daniel Jakots 
On Fri, 27 May 2016 16:18:48 +0200, David Coppa 
wrote:

> On Fri, 27 May 2016, Carlin Bingham wrote:
> 
> > On Fri, May 27, 2016 at 01:07:09AM +0200, Theo Buehler wrote:  
> > > On Thu, May 26, 2016 at 05:54:30PM -0400, Andre Smagin wrote:  
> > > > On Sat, 14 May 2016 21:01:29 +0200 (CEST)
> > > > danj+o...@chown.me wrote:
> > > >   
> > > > > >Synopsis:radeon(4) drm crashing on current/amd64  
> > > > [...]  
> > > > > drm:pid77501:radeon_fence_wait_empty_locked *ERROR* error
> > > > > waiting for ring[3] to become idle (-1601868)  
> > > > 
> > > > 
> > > > I am seeing the same issue, very infrequently (may be once
> > > > every week or two):
> > > > 
> > > > drm:pid55825:radeon_fence_wait_empty_locked *ERROR* error
> > > > waiting for ring[3] to become idle (-6007676) i3(49392):
> > > > syscall 97 "inet"
> > > > 
> > > > Not sure what happens to i3 as X crashes, but I get that pledge
> > > > message every time. (Previously mentioned i3 to dcoppa, but
> > > > before realizing it was related to radeon issue.)  
> > > 
> > > I combed through the i3 source code hoping to get an indication
> > > what might be the cause for that socket(2) call breaking a pledge
> > > promise i3. I couldn't find anything: all socket calls are with
> > > AF_LOCAL that should be covered by the "unix" pledge.
> > > 
> > > Without seeing a ktrace output, I don't think I can make any
> > > progress here.
> > >   
> > 
> > i3's restore_xcb_check_cb() (src/restore_layout.c), if it sees that
> > the connection to X has been lost, it calls restore_connect() which
> > calls libxcb's xcb_connect().
> > 
> > In libxcb that calls xcb_connect_to_display_with_auth_info() which
> > calls _xcb_open(), which calls _xcb_open_unix() and ususally that
> > would be it, but if opening the unix socket fails (beause X has
> > fallen over) it tries again to connect by calling _xcb_open_tcp()
> > which sets up an AF_INET addrinfo and passes that to
> > _xcb_socket()... and you can probably guess what happens next.  
> 
> Fallback code could be removed with no (imho) dramatic consequences.

So I've been running with this code since saturday, no issue.
It just died again and now I have at the end of my dmesg:

drm:pid29592:radeon_fence_wait_empty_locked *ERROR* error waiting for ring[3] 
to become idle (-1352594)
xhci0: NULL xfer pointer

So no more i3 pledge call :)

FWIW, I was just browsing with chrome (and ironically, I was actually
looking for a *ring* (I hope my gf doesn't read this ml :3)),
with a bunch of terminator and with an instance of smplayer. Code run is
-current, checked out and compiled about 5 hours ago. 

> Index: src/xcb_util.c
> ===
> RCS file: /cvs/xenocara/dist/libxcb/src/xcb_util.c,v
> retrieving revision 1.11
> diff -u -p -u -p -r1.11 xcb_util.c
> --- src/xcb_util.c2 Feb 2016 18:42:22 -   1.11
> +++ src/xcb_util.c27 May 2016 14:18:23 -
> @@ -297,11 +297,6 @@ static int _xcb_open(const char *host, c
>  fd = _xcb_open_unix(protocol, file);
>  free(file);
>  
> -if (fd < 0 && !protocol && *host == '\0') {
> -unsigned short port = X_TCP_PORT + display;
> -fd = _xcb_open_tcp(host, protocol, port);
> -}
> -
>  return fd;
>  #endif /* !_WIN32 */
>  return -1; /* if control reaches here then something has gone
> wrong */
>

can't set lladdr on apu1 re(4) nics (vlan over trunk problem?) on 5.9

2016-04-10 Thread Daniel Jakots 
Hi,

I just upgraded to OpenBSD 5.9 -stable for my apu which I use as home
router.

My setup is 3 vlans over a trunk lacp between re0 and re2 while re1
goes to my ISP black box which gives it an IP through dhcp.

When it boots, it says:
starting network
re0: PHY write failed
re0: PHY write failed
DHCPREQUEST on re1 to 255.255.255.255
DHCPREQUEST on re1 to 255.255.255.255
DHCPACK from 10.39.0.1 (64:9e:f3:66:06:d9)
bound to 109.8.xxx.xxx -- renewal in 43200 seconds.
re0: PHY write failed
re0: PHY write failed

re1 works normally but all other interfaces have 00:00:00:00:00:00 as
their lladdr.

$ ifconfig | grep -B1 00:00
re0: 
flags=18b43 mtu 
1500
lladdr 00:00:00:00:00:00
--
re2: 
flags=18b43 mtu 
1500
lladdr 00:00:00:00:00:00
--
trunk0: flags=8843 mtu 1500
lladdr 00:00:00:00:00:00
--
trunk: trunkproto lacp
trunk id: [(8000,00:00:00:00:00:00,4034,,),
--
vlan10: flags=8843 mtu 1500
lladdr 00:00:00:00:00:00
--
vlan20: flags=8843 mtu 1500
lladdr 00:00:00:00:00:00
--
vlan30: flags=8843 mtu 1500
lladdr 00:00:00:00:00:00

So obviously the network doesn't work so well with that :-)

If I try to force the lladdr:
# ifconfig re0 lladdr 00:0d:b9:3a:24:b8
ifconfig: SIOCSIFLLADDR: Operation not supported by device

FWIW I also use a gif0 tunnel (for !legacy internet).

Previously it was running 5.8 smoothly and the bios looks like to be
one listed as "current production" on pcenginces website.

Cheers,
Daniel

/etc/hostname.gif0
tunnel 109.X.X.X 216.66.84.42
!ifconfig gif0 inet6 alias 2001:470:1f12:488::2 2001:470:1f12:488::1 prefixlen 
128
!route -n add -inet6 default 2001:470:1f12:488::1

/etc/hostname.re0
up

/etc/hostname.re1
dhcp
#inet 10.19.18.72 255.255.255.0

/etc/hostname.re2
up

/etc/hostname.trunk0
trunkproto lacp trunkport re0 trunkport re2
up

/etc/hostname.vlan10
vlandev trunk0
inet 10.19.18.1 255.255.255.0
inet6 2001:470:c977:10::1 64
#inet6 2001:470:1f13:488::1 64
#!ifconfig vlan10 lladdr 00:0d:b9:3a:24:b8

/etc/hostname.vlan20
vlandev trunk0
inet 10.19.19.1/24
inet6 2001:470:c977:20::1 64
#!ifconfig vlan20 lladdr 00:0d:b9:3a:24:b4

/etc/hostname.vlan30
vlandev trunk0
inet 10.250.250.1/24
inet6 2001:470:c977:250::1 64
#!ifconfig vlan30 lladdr 00:0d:b9:3a:24:ba

Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
default109.8.170.1UGS4   480776 - 8 re1  
10.19.18/2410.19.18.1 UC 2   14 - 4 vlan10
10.19.18.1 00:00:00:00:00:00  UHLl   0   44 - 1 vlan10
10.19.18.1700:14:d1:b0:d0:a2  UHLc   0 3807 - 4 vlan10
10.19.18.706c:19:8f:9a:4b:ea  UHLc   3 9081 - 4 vlan10
10.19.18.255   10.19.18.1 UHb00 - 1 vlan10
10.19.19/2410.19.19.1 UC 12 - 4 vlan20
10.19.19.1 00:00:00:00:00:00  UHLl   0 2991 - 1 vlan20
10.19.19.128   64:66:b3:d1:28:4a  UHLc   0 2985 - 4 vlan20
10.19.19.255   10.19.19.1 UHb00 - 1 vlan20
10.250.250/24  10.250.250.1   UC 00 - 4 vlan30
10.250.250.1   00:00:00:00:00:00  UHLl   00 - 1 vlan30
10.250.250.255 10.250.250.1   UHb00 - 1 vlan30
109.8.170/23   109.8.171.90   UC 1 2346 - 4 re1  
109.8.170.164:9e:f3:66:06:d9  UHLc   1 1174 - 4 re1  
109.8.171.90   00:0d:b9:3a:24:b9  UHLl   0  388 - 1 re1  
109.8.171.255  109.8.171.90   UHb00 - 1 re1  
127/8  127.0.0.1  UGRS   00 32768 8 lo0  
127.0.0.1  127.0.0.1  UHl00 32768 1 lo0  
224/4  127.0.0.1  URS0   91 32768 8 lo0  

Internet6:
DestinationGatewayFlags   Refs  
Use   Mtu  Prio Iface
::/104 ::1UGRS   0  
 54 32768 8 lo0  
::/96  ::1UGRS   0  
  0 32768 8 lo0  
default2001:470:1f12:488::1   UGS0  
386 - 8 gif0 
::1::1UHl4  
  4 32768 1 lo0  
::127.0.0.0/104::1UGRS   0  
  0 32768 8 lo0  
::224.0.0.0/100::1UGRS   0  
  0 32768 8 lo0  
::255.0.0.0/104::1UGRS   0  
  0 32768 8 lo0  
:::0.0.0.0/96  ::1UGRS   0  
  0 32768 8 lo0  
2001:470:1f12:488::1   2001:470:1f12:488::2   UH

Re: can't set lladdr on apu1 re(4) nics (vlan over trunk problem?) on 5.9

2016-04-14 Thread Daniel Jakots 
On Sun, 10 Apr 2016 18:04:04 +0200, Daniel Jakots 
wrote:

> I just upgraded to OpenBSD 5.9 -stable for my apu which I use as home
> router.

I installed OpenBSD -current on a usb key, and put my /etc in it (I
only changed fstab) and same problem.

I didn't notice before but even in the dmesg their address is 00:... so
could it be a hardware problem?

Cheers,
Daniel

Re: can't set lladdr on apu1 re(4) nics (vlan over trunk problem?) on 5.9

2016-04-16 Thread Daniel Jakots 
On Thu, 14 Apr 2016 21:08:39 +0100, Stuart Henderson
 wrote:

> On 2016/04/14 19:53, Daniel Jakots wrote:
> > On Sun, 10 Apr 2016 18:04:04 +0200, Daniel Jakots
> >  wrote:
> >   
> > > I just upgraded to OpenBSD 5.9 -stable for my apu which I use as
> > > home router.  
> > 
> > I installed OpenBSD -current on a usb key, and put my /etc in it (I
> > only changed fstab) and same problem.
> > 
> > I didn't notice before but even in the dmesg their address is
> > 00:... so could it be a hardware problem?  
> 
> It normally starts 00:0d:b9 on pc engines boards. Sounds like software
> is more likely, do you have a time window of when it broke? If
> it's too wide, can you bisect to narrow it down further?
> 
> 

So I installed 5.8 on my usb key and thought at least that should work
because I was previously running 5.8 -stable. But it didn't.

Until then, I was always using reboot. I wanted to have a look at
the pcb to see how it looks like (to be sure), so I did halt -p. It
looked good so I rebooted it and then it could assign the lladdr to the
NIC as it should.

So turning it off for a few minutes looks to have solved my misery.

Cheers,
Daniel

weird behaviour following ifconfig carp1 destroy

2017-08-25 Thread Daniel Jakots 
Hi,

I setup two laptop running OpenBSD current to play with carp. I saw
something weird they would always both be the master (that's not the
mail is about). I thought that was because I didn't configured any
advskew (I just copy/pasted the commands from the FAQ [1]).

ifconfig carp1 vhid 1 carpdev trunk0 pass lanpasswd \
 10.20.20.15 netmask 255.255.255.0

So I thought I would destroy the carp interface and try again. When I
destroyed it, I lost the ssh (I was from another lan).

[1]: https://www.openbsd.org/faq/pf/carp.html#failover

IP are:
- 10.20.20.10 first laptop
- 10.20.20.20 second laptop
- 10.20.20.254 the gateway

Both laptop uses trunk with em0 and iwn0/iwm0.

Just after I destroyed carp (ifconfig carp1 destroy), dmesg was
*flooded* by:
Aug 25 19:57:17 black-cat /bsd: arpresolve: 10.20.20.254: route
contains no arp information

and by flood I mean:
Aug 25 19:57:59 black-cat last message repeated 323 times
Aug 25 19:58:30 black-cat last message repeated 682 times
Aug 25 19:58:52 black-cat last message repeated 584 times
Aug 25 19:59:22 black-cat last message repeated 786 times
Aug 25 20:00:26 black-cat last message repeated 1602 times

for always the same message.

During that moment I could ping the gateway but pinging a host from
another network resulted in 

$ ping 10.10.10.254 # which another interface on the router
PING 10.10.10.254 (10.10.10.254): 56 data bytes
ping: sendmsg: Invalid argument
ping: wrote 10.10.10.254 64 chars, ret=-1
ping: sendmsg: Invalid argument
ping: wrote 10.10.10.254 64 chars, ret=-1


arp table looked fine

$ arp -an
Host Ethernet AddressNetif ExpireFlags
10.20.20.20  c8:5b:76:90:5b:35  trunk0 permanent l
10.20.20.254 00:0d:b9:43:9f:fc  trunk0 8m5s  


route table looked fine as well
$ route -n show
Routing tables

Internet:
DestinationGatewayFlags   Refs  Use   Mtu  Prio Iface
default10.20.20.254   UGS   10  864 - 8 trunk0
224/4  127.0.0.1  URS00 32768 8 lo0  
10.20.20/2410.20.20.20UCn1   52 - 4 trunk0
10.20.20.20c8:5b:76:90:5b:35  UHLl   0 1994 - 1 trunk0
10.20.20.254   00:0d:b9:43:9f:fc  UHLch  1   58 - 3 trunk0
10.20.20.255   10.20.20.20UHb00 - 1 trunk0
127/8  127.0.0.1  UGRS   00 32768 8 lo0  
127.0.0.1  127.0.0.1  UHhl   1 2000 32768 1 lo0  

(showing only v4 because v6 wasn't used)

After looking at these, I just rerun sh /etc/netstart and everything
worked again.

Is that normal?

Cheers,
Daniel

(from dmesg.boot)
OpenBSD 6.2-beta (GENERIC.MP) #37: Wed Aug 23 14:46:48 MDT 2017
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 8451014656 (8059MB)
avail mem = 8187875328 (7808MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xd7bfb000 (65 entries)
bios0: vendor LENOVO version "R02ET50W (1.23 )" date 09/20/2016
bios0: LENOVO 20F6CTO1WW
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP UEFI SSDT SSDT ECDT HPET APIC MCFG SSDT SSDT DBGP DBG2 
BOOT BATB SLIC SSDT SSDT MSDM DMAR ASF! FPDT UEFI
acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP8(S4) XHCI(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpiec0 at acpi0
acpihpet0 at acpi0: 2399 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 2400.00 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: TSC frequency 24 Hz
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 23MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i5-6200U CPU @ 2.30GHz, 2400.00 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,SGX,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,MPX,RDSEED,ADX,SMAP,CLFLUSHOPT,PT,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor

panic on 6.2: rw_enter: netlock locking against myself

2017-10-20 Thread Daniel Jakots 
Hi,

I have a router/fw running in a carp setup which panic'ed. It panic'ed
three times on the 13th, twice when the other box rebooted and another
one randomly. Since that, it works ok. The carp setting is that one box
is master on IPv4 and the other is master on IPv6.

Inline, the result of ddb and the content of /var/run/dmesg.boot. I'm
not sure if I can easily test some patch but I can for sure provide
additional information if you need something else.

Cheers,
Daniel

ddb{1}> show panic
rw_enter: netlock locking against myself


ddb{1}> trace
db_enter() at db_enter+0x5
panic() at panic+0x128
_rw_enter(81acb0f0,81b1de30) at _rw_enter+0x2be
if_downall() at if_downall+0x23
boot(4904) at boot+0x76
reboot(0) at reboot+0x4b
db_boot_crash_cmd(8181412e,800021ff8d30,0,1) at db_boot_crash_cmd+0
xe
db_command(d,0) at db_command+0x28d
db_command_loop() at db_command_loop+0x86
db_trap() at db_trap+0x134
db_ktrap(8000225ab000,800021ff8f20,8000225ad1a4) at db_ktrap+0xe4
trap() at trap+0x42d
--- trap (number 13) ---
pf_test_state_icmp(2,0,0) at pf_test_state_icmp+0x69
pf_test(ff007a051cd4,ff007a051cc4,0,8000225ad2f0) at pf_test+0xb82
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x788
ip_forward(8020a000,14,8000225ad4d0,8000225ad4cc) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225ad610,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225ad620) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225ad7f0,8000225ad7ec) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225ad930,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225ad940) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225adb10,8000225adb0c) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225adc50,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225adc60) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225ade30,8000225ade2c) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225adf70,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225adf80) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225ae150,8000225ae14c) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225ae290,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225ae2a0) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225ae470,8000225ae46c) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225ae5b0,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225ae5c0) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225ae790,8000225ae78c) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225ae8d0,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225ae8e0) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225aeab0,8000225aeaac) at ip_forward
+0x26e
ip_input_if(2,ff007a051c00,0,8000225aebf0,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1fd1605865b4c,ff007a051c00) at ipv4_input+0x39
if_input_local(ff007a051cd4,ff007a051cc4,8000225aec00) at if_input_
local+0x9b
ip_output(1,0,0,ff07769b5078,ff007a051c00,cdb1fd1605865b4c,
) at ip_output+0x90b
ip_forward(8020a000,14,8000225aedd0,8000225aedcc) at ip_forward
+0x26e 
ip_input_if(2,ff007a051c00,0,8000225aef10,8020a000) at ip_input
_if+0x5df
ipv4_input(cdb1f

Re: Hardware Initialization Failed with Intel I219-V

2017-03-14 Thread Daniel Jakots 
On Tue, 14 Mar 2017 16:01:16 +0200, Paul Irofti  wrote:

> On 12/5/2016 12:16 PM, danj+o...@chown.me wrote:
> >> Synopsis:  
> >> Category:  
> >> Environment:  
> > System  : OpenBSD 6.0
> > Details : OpenBSD 6.0-current (GENERIC.MP) #0: Wed Nov
> > 30 09:19:28 MST 2016
> > bu...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> >
> > Architecture: OpenBSD.amd64
> > Machine : amd64  
> >> Description:  
> > I received a few days ago a thinkpad x260. Sometimes em0
> > won't show up and in dmesg it says:
> > em0 at pci0 dev 31 function 6 "Intel I219-V" rev 0x21: msi
> > em0: Hardware Initialization Failed
> > em0: Unable to initialize the hardware
> >
> > On other reboots, it works fine.  
> 
> Do you happen to be multi-booting on this machine? I think I found a 
> reliable way to reproduce this...
> 

Yes I guess it's related because I stopped cheating on^W^W multi-booting
and I've never had the problem again.

ipsec connections dying after 15 minutes with ios road warrior

2017-05-07 Thread Daniel Jakots 
Hi,

I'm trying to set up a ipsec vpn for my iPhone. I tried with both iked
and ipsec/isakmpd + npppd. They both work for 10/15 minutes then it
dies. This mail is only about the iked problem (at least for now).

The server runs 6.1 -stable and isn't behind any nat. Client runs
ios 10.3.1 and use the included ipsec client (and is behind nat).

The iked.conf file I use is 

ikev2 "ios10" passive esp from 0.0.0.0/0 to 192.168.222.0/24 \
 local egress peer any \
 ikesa enc aes-256 auth hmac-sha2-256 group modp2048 \
 childsa enc aes-256 auth hmac-sha2-256 group modp2048 \
 psk "whatever" config address 192.168.222.0/24 \
 config name-server 192.168.222.254 config access-server 192.168.222.1

I run iked -dvvv (full log attached) it seems to close nicely:
ikev2_msg_send: INFORMATIONAL response from 159.100.249.61:4500 to 
198.48.213.186:58457 msgid 1, 80 bytes, NAT-T
sa_state: ESTABLISHED -> CLOSED from 198.48.213.186:58457 to 
159.100.249.61:4500 policy 'ios10'

and I'm not sure why.

Any idea?

Cheers,
Daniel

OpenBSD 6.1 (GENERIC) #6: Sat May  6 09:33:26 CEST 2017
rob...@syspatch-61-amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC
real mem = 519962624 (495MB)
avail mem = 499658752 (476MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf63a0 (9 entries)
bios0: vendor SeaBIOS version "Ubuntu-1.8.2-1ubuntu1~precise0+exo1" date 
04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: rev 0
acpi0: sleep states S3 S4 S5
acpi0: tables DSDT FACP SSDT APIC HPET
acpi0: wakeup devices
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel Xeon E312xx (Sandy Bridge), 2594.10 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,VMX,SSSE3,CX16,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,HV,NXE,RDTSCP,LONG,LAHF
cpu0: 64KB 64b/line 2-way I-cache, 64KB 64b/line 2-way D-cache, 512KB 64b/line 
16-way L2 cache
cpu0: ITLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: DTLB 255 4KB entries direct-mapped, 255 4MB entries direct-mapped
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
cpu0: apic clock running at 1000MHz
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins
acpihpet0 at acpi0: 1 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpicpu0 at acpi0: C1(@1 halt!)
"ACPI0006" at acpi0 not configured
"PNP0303" at acpi0 not configured
"PNP0F13" at acpi0 not configured
"PNP0700" at acpi0 not configured
"PNP0501" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
pvbus0 at mainbus0: KVM
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 82441FX" rev 0x02
pcib0 at pci0 dev 1 function 0 "Intel 82371SB ISA" rev 0x00
pciide0 at pci0 dev 1 function 1 "Intel 82371SB IDE" rev 0x00: DMA, channel 0 
wired to compatibility, channel 1 wired to compatibility
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus1 at atapiscsi0: 2 targets
cd0 at scsibus1 targ 0 lun 0:  ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, DMA mode 2
uhci0 at pci0 dev 1 function 2 "Intel 82371SB USB" rev 0x01: apic 0 int 11
piixpm0 at pci0 dev 1 function 3 "Intel 82371AB Power" rev 0x03: apic 0 int 9
iic0 at piixpm0
vga1 at pci0 dev 2 function 0 "Cirrus Logic CL-GD5446" rev 0x00
wsdisplay0 at vga1 mux 1: console (80x25, vt100 emulation)
wsdisplay0: screen 1-5 added (80x25, vt100 emulation)
virtio0 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio0: address 06:eb:fa:00:01:45
virtio0: msix shared
virtio1 at pci0 dev 4 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus2 at vioblk0: 2 targets
sd0 at scsibus2 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 51200MB, 512 bytes/sector, 104857600 sectors
virtio1: msix shared
isa0 at pcib0
isadma0 at isa0
fdc0 at isa0 port 0x3f0/6 irq 6 drq 2
fd0 at fdc0 drive 1: density unknown
com0 at isa0 port 0x3f8/8 irq 4: ns16550a, 16 byte fifo
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard, using wsdisplay0
pms0 at pckbc0 (aux slot)
wsmouse0 at pms0 mux 0
pcppi0 at isa0 port 0x61
spkr0 at pcppi0
usb0 at uhci0: USB revision 1.0
uhub0 at usb0 configuration 1 interface 0 "Intel UHCI root hub" rev 1.00/1.00 
addr 1
vmm0 at mainbus0: VMX/EPT
uhidev0 at uhub0 port 1 configuration 1 interface 0 "QEMU QEMU USB Tablet" rev 
2.00/0.00 addr 2
uhidev0: iclass 3/0
ums0 at uhidev0: 3 buttons, Z dir
wsmouse1 at ums0 mux 0
vscsi0 at root
scsibus3 at vscsi0: 256 targets
softraid0 at root
scsibus4 at softraid0: 256 targets
root on sd0a (bfd80eba6139c686.a) swap on sd0b dump on sd0b
ikev2 "ios10" passive esp inet from 0.0.0.0/0 to 192.168.222.0/24 local 159.100.249.61 peer any ikesa enc aes-256 prf hmac-sha2-256,hmac-sha1