More cleanup in radix.c and route.h
Try to be more consistent in how various variables are setup and named.
Also remove a memset that is already happeing because we use PR_ZERO on
the allocation. Move to memmove to memcpy because the addrs can not
overlap. Make some simple helper functions static __inline and remove one
of the explicit rn_search inlines. Also remove another insane #ifdef dance
int route.h.
Works for me, OK?
--
:wq Claudio
Index: net/radix.c
===
RCS file: /cvs/src/sys/net/radix.c,v
retrieving revision 1.36
diff -u -p -r1.36 radix.c
--- net/radix.c 19 Jan 2014 09:52:25 - 1.36
+++ net/radix.c 20 Jan 2014 01:03:17 -
@@ -60,15 +60,16 @@ struct pool rtmask_pool;/* pool for rad
#define rn_masktop (mask_rnhead->rnh_treetop)
-static int rn_satisfies_leaf(char *, struct radix_node *, int);
-static int rn_lexobetter(void *, void *);
-static struct radix_mask *rn_new_radix_mask(struct radix_node *,
+static __inline int rn_satisfies_leaf(char *, struct radix_node *, int);
+static __inline int rn_lexobetter(void *, void *);
+static __inline struct radix_mask *rn_new_radix_mask(struct radix_node *,
struct radix_mask *);
struct radix_node *rn_insert(void *, struct radix_node_head *, int *,
struct radix_node [2]);
struct radix_node *rn_newpair(void *, int, struct radix_node[2]);
-struct radix_node *rn_search(void *, struct radix_node *);
+
+static __inline struct radix_node *rn_search(void *, struct radix_node *);
struct radix_node *rn_search_m(void *, struct radix_node *, void *);
/*
@@ -105,13 +106,13 @@ struct radix_node *rn_search_m(void *, s
* that governs a subtree.
*/
-struct radix_node *
+static __inline struct radix_node *
rn_search(void *v_arg, struct radix_node *head)
{
struct radix_node *x;
- caddr_t v;
+ caddr_t v = v_arg;
- for (x = head, v = v_arg; x->rn_b >= 0;) {
+ for (x = head; x->rn_b >= 0;) {
if (x->rn_bmask & v[x->rn_off])
x = x->rn_r;
else
@@ -124,7 +125,8 @@ struct radix_node *
rn_search_m(void *v_arg, struct radix_node *head, void *m_arg)
{
struct radix_node *x;
- caddr_t v = v_arg, m = m_arg;
+ caddr_t v = v_arg;
+ caddr_t m = m_arg;
for (x = head; x->rn_b >= 0;) {
if ((x->rn_bmask & m[x->rn_off]) &&
@@ -139,11 +141,14 @@ rn_search_m(void *v_arg, struct radix_no
int
rn_refines(void *m_arg, void *n_arg)
{
- caddr_t m = m_arg, n = n_arg;
- caddr_t lim, lim2 = lim = n + *(u_char *)n;
- int longer = (*(u_char *)n++) - (int)(*(u_char *)m++);
+ caddr_t m = m_arg;
+ caddr_t n = n_arg;
+ caddr_t lim, lim2;
+ int longer;
int masks_are_equal = 1;
+ lim2 = lim = n + *(u_char *)n;
+ longer = (*(u_char *)n++) - (int)(*(u_char *)m++);
if (longer > 0)
lim -= longer;
while (n < lim) {
@@ -182,13 +187,16 @@ rn_lookup(void *v_arg, void *m_arg, stru
return x;
}
-static int
+static __inline int
rn_satisfies_leaf(char *trial, struct radix_node *leaf, int skip)
{
- char *cp = trial, *cp2 = leaf->rn_key, *cp3 = leaf->rn_mask;
+ char *cp = trial;
+ char *cp2 = leaf->rn_key;
+ char *cp3 = leaf->rn_mask;
char *cplim;
- int length = min(*(u_char *)cp, *(u_char *)cp2);
+ int length;
+ length = min(*(u_char *)cp, *(u_char *)cp2);
if (cp3 == NULL)
cp3 = rn_ones;
else
@@ -204,23 +212,14 @@ struct radix_node *
rn_match(void *v_arg, struct radix_node_head *head)
{
caddr_t v = v_arg;
- struct radix_node *t = head->rnh_treetop, *x;
- caddr_t cp = v, cp2;
- caddr_t cplim;
- struct radix_node *saved_t, *top = t;
- int off = t->rn_off, vlen = *(u_char *)cp, matched_off;
+ caddr_t cp, cp2, cplim;
+ struct radix_node *top = head->rnh_treetop;
+ struct radix_node *saved_t, *t;
+ int off = top->rn_off;
+ int vlen, matched_off;
int test, b, rn_b;
- /*
-* Open code rn_search(v, top) to avoid overhead of extra
-* subroutine call.
-*/
- for (; t->rn_b >= 0; ) {
- if (t->rn_bmask & cp[t->rn_off])
- t = t->rn_r;
- else
- t = t->rn_l;
- }
+ t = rn_search(v, top);
/*
* See if we match exactly as a host destination
* or at least learn how many bits match, for normal mask finesse.
@@ -234,7 +233,11 @@ rn_match(void *v_arg, struct radix_node_
*/
if (t->rn_mask)
vlen = *(u_char *)t->rn_mask;
- cp += off; cp2 = t->rn_key + off; cplim = v + vlen;
+ else
+ vlen = *(u_char *)v;
+ cp = v + off;
+ cp2 = t->rn_key + off;
+ cplim = v + vlen;
for (; cp < cplim; cp++, cp2++)
if (*cp != *cp2)
Switch ppb(4) from workq to task
Currently not able to test this myself. Can somebody verify that
hotplug a *real* expresscard device still works?
Thanks,
Mark
Index: ppb.c
===
RCS file: /home/cvs/src/sys/dev/pci/ppb.c,v
retrieving revision 1.56
diff -u -p -r1.56 ppb.c
--- ppb.c 6 Dec 2013 21:03:04 - 1.56
+++ ppb.c 20 Jan 2014 04:52:48 -
@@ -35,8 +35,8 @@
#include
#include
#include
+#include
#include
-#include
#include
#include
@@ -70,6 +70,9 @@ struct ppb_softc {
struct extent *sc_pmemex;
struct device *sc_psc;
int sc_cap_off;
+ struct task sc_insert_task;
+ struct task sc_rescan_task;
+ struct task sc_remove_task;
struct timeout sc_to;
bus_addr_t sc_iobase, sc_iolimit;
@@ -173,6 +176,11 @@ ppbattach(struct device *parent, struct
/* Check for PCI Express capabilities and setup hotplug support. */
if (pci_get_capability(pc, pa->pa_tag, PCI_CAP_PCIEXPRESS,
&sc->sc_cap_off, ®) && (reg & PCI_PCIE_XCAP_SI)) {
+ task_set(&sc->sc_insert_task, ppb_hotplug_insert, sc, NULL);
+ task_set(&sc->sc_rescan_task, ppb_hotplug_rescan, sc, NULL);
+ task_set(&sc->sc_remove_task, ppb_hotplug_remove, sc, NULL);
+ timeout_set(&sc->sc_to, ppb_hotplug_insert_finish, sc);
+
#ifdef __i386__
if (pci_intr_map(pa, &ih) == 0)
sc->sc_intrhand = pci_intr_establish(pc, ih, IPL_BIO,
@@ -193,8 +201,6 @@ ppbattach(struct device *parent, struct
reg |= (PCI_PCIE_SLCSR_HPE | PCI_PCIE_SLCSR_PDE);
pci_conf_write(pc, pa->pa_tag,
sc->sc_cap_off + PCI_PCIE_SLCSR, reg);
-
- timeout_set(&sc->sc_to, ppb_hotplug_insert_finish, sc);
}
}
@@ -646,9 +652,9 @@ ppb_intr(void *arg)
sc->sc_cap_off + PCI_PCIE_SLCSR);
if (reg & PCI_PCIE_SLCSR_PDC) {
if (reg & PCI_PCIE_SLCSR_PDS)
- workq_add_task(NULL, 0, ppb_hotplug_insert, sc, NULL);
+ task_add(systq, &sc->sc_insert_task);
else
- workq_add_task(NULL, 0, ppb_hotplug_remove, sc, NULL);
+ task_add(systq, &sc->sc_remove_task);
/* Clear interrupts. */
pci_conf_write(sc->sc_pc, sc->sc_tag,
@@ -686,7 +692,9 @@ ppb_hotplug_insert(void *arg1, void *arg
void
ppb_hotplug_insert_finish(void *arg)
{
- workq_add_task(NULL, 0, ppb_hotplug_rescan, arg, NULL);
+ struct ppb_softc *sc = arg;
+
+ task_add(systq, &sc->sc_rescan_task);
}
int
extent_supply_region_descriptor
In order to make the sparc64 iommu code "mpsafe", I need to make sure
the extent manager can be used in an mpsafe manner. The current code
isn't really safe since the extent manager needs to allocate region
descriptors whenever we do a bus_dmamap_load(). The diff below adds a
function to provide the extent manager with a region descriptor such
that the next extent_alloc_xxx() call can use that one instead of
allocating a new one.
I deliberately chose to add a seperate API, since
extent_alloc_subregion() already has too many arguments.
The 2nd diff shows how I use this in the sparc64 iommu code.
opinions?
Index: sys/extent.h
===
RCS file: /cvs/src/sys/sys/extent.h,v
retrieving revision 1.12
diff -u -p -r1.12 extent.h
--- sys/extent.h19 Apr 2009 15:26:52 - 1.12
+++ sys/extent.h20 Jan 2014 04:01:45 -
@@ -44,6 +44,7 @@ struct extent_region {
/* er_flags */
#define ER_ALLOC 0x01/* region descriptor dynamically allocated */
+#define ER_DISCARD 0x02/* discard region descriptor after use */
struct extent {
char*ex_name; /* name of extent */
@@ -101,13 +102,15 @@ struct extent_fixed {
void extent_print_all(void);
struct extent *extent_create(char *, u_long, u_long, int,
- caddr_t, size_t, int);
+ void *, size_t, int);
void extent_destroy(struct extent *);
intextent_alloc_subregion(struct extent *, u_long, u_long,
u_long, u_long, u_long, u_long, int, u_long *);
intextent_alloc_region(struct extent *, u_long, u_long, int);
intextent_free(struct extent *, u_long, u_long, int);
void extent_print(struct extent *);
+void extent_supply_region_descriptor(struct extent *,
+ struct extent_region *);
/* Simple case of extent_alloc_subregion() */
#define extent_alloc(_ex, _size, _alignment, _skew, _boundary, \
Index: kern/subr_extent.c
===
RCS file: /cvs/src/sys/kern/subr_extent.c,v
retrieving revision 1.48
diff -u -p -r1.48 subr_extent.c
--- kern/subr_extent.c 8 Aug 2013 23:25:06 - 1.48
+++ kern/subr_extent.c 20 Jan 2014 04:01:45 -
@@ -157,7 +157,7 @@ extent_print_all(void)
* Allocate and initialize an extent map.
*/
struct extent *
-extent_create(char *name, u_long start, u_long end, int mtype, caddr_t storage,
+extent_create(char *name, u_long start, u_long end, int mtype, void *storage,
size_t storagesize, int flags)
{
struct extent *ex;
@@ -,6 +,9 @@ extent_alloc_region_descriptor(struct ex
static void
extent_free_region_descriptor(struct extent *ex, struct extent_region *rp)
{
+ if (rp->er_flags & ER_DISCARD)
+ return;
+
if (ex->ex_flags & EXF_FIXED) {
struct extent_fixed *fex = (struct extent_fixed *)ex;
@@ -1149,7 +1152,17 @@ extent_free_region_descriptor(struct ext
pool_put(&ex_region_pl, rp);
}
-
+void
+extent_supply_region_descriptor(struct extent *ex, struct extent_region *rp)
+{
+ struct extent_fixed *fex = (struct extent_fixed *)ex;
+
+ KASSERT(ex->ex_flags & EXF_FIXED);
+
+ rp->er_flags = ER_DISCARD;
+ LIST_INSERT_HEAD(&fex->fex_freelist, rp, er_link);
+}
+
#if defined(DIAGNOSTIC) || defined(DDB) || !defined(_KERNEL)
void
Index: arch/sparc64/dev/iommu.c
===
RCS file: /cvs/src/sys/arch/sparc64/dev/iommu.c,v
retrieving revision 1.66
diff -u -p -r1.66 iommu.c
--- arch/sparc64/dev/iommu.c15 Jan 2013 03:14:01 - 1.66
+++ arch/sparc64/dev/iommu.c20 Jan 2014 04:03:41 -
@@ -226,7 +226,7 @@ iommu_init(char *name, struct iommu_stat
#endif
is->is_dvmamap = extent_create(name,
is->is_dvmabase, (u_long)is->is_dvmaend + 1,
- M_DEVBUF, 0, 0, EX_NOWAIT);
+ M_DEVBUF, &is->is_fex, sizeof(is->is_fex), EX_NOCOALESCE);
mtx_init(&is->is_mtx, IPL_HIGH);
/*
@@ -749,6 +749,7 @@ iommu_dvmamap_load(bus_dma_tag_t t, bus_
* If our segment size is larger than the boundary we need to
* split the transfer up into little pieces ourselves.
*/
+ extent_supply_region_descriptor(is->is_dvmamap, &ims->ims_er);
err = extent_alloc_subregion(is->is_dvmamap, sgstart, sgend,
sgsize, align, 0, (sgsize > boundary) ? 0 : boundary,
EX_NOWAIT | EX_BOUNDZERO, (u_long *)&dvmaddr);
@@ -956,6 +957,7 @@ iommu_dvmamap_load_raw(bus_dma_tag_t t,
* If our segment size is larger than the boundary we need to
* split the transfer up into little pieces ourselves.
*/
+ extent_supply_region_descriptor(is->is_dvmamap, &ims->ims_er);
err = extent_alloc_subregion(is->is_dvmamap, sgstart, sgend,
sgsize, align, 0, (sgsize > boundary) ? 0 : boundary,
EX_NOWAIT | EX_BOUNDZERO, (u_long *)&d
Re: Get random data very early
On 20 January 2014 02:05, Theo de Raadt wrote: > This change allows the arc4random() subsystem to self-initialize from > boot-supplied data, upon first call. It uses rs_buf[] to build the > chacha context, then permits drawing of up to 1GB of data without > entering the difficult reseeding or rekeying codepaths. > > When other required subsystems are ready, kernel main() properly > starts the entropy flow as before. > > This is intended to allow super-early random use. > OK
Re: ibss and hostap support for urtwn(4)
On Thu, Jan 16, 2014 at 01:43:22AM +0100, Stefan Sperling wrote:
> I had almost forgotten that wifi hacking can be fun if it results
> in something working.
>
> Tested between two laptops (hostap) and with Berlin's freifunk
> network (ibss). Seems to work but I have no idea about long
> term stability yet. Additional testing much appreciated.
Is nobody able to test this?
> Index: sys/dev/usb/if_urtwn.c
> ===
> RCS file: /cvs/src/sys/dev/usb/if_urtwn.c,v
> retrieving revision 1.32
> diff -u -p -r1.32 if_urtwn.c
> --- sys/dev/usb/if_urtwn.c30 Sep 2013 05:18:57 - 1.32
> +++ sys/dev/usb/if_urtwn.c16 Jan 2014 00:26:03 -
> @@ -240,6 +240,10 @@ void urtwn_lc_calib(struct urtwn_softc
> void urtwn_temp_calib(struct urtwn_softc *);
> int urtwn_init(struct ifnet *);
> void urtwn_stop(struct ifnet *);
> +#ifndef IEEE80211_STA_ONLY
> +void urtwn_newassoc(struct ieee80211com *, struct ieee80211_node *,
> + int);
> +#endif
>
> /* Aliases. */
> #define urtwn_bb_write urtwn_write_4
> @@ -332,6 +336,10 @@ urtwn_attach(struct device *parent, stru
> /* Set device capabilities. */
> ic->ic_caps =
> IEEE80211_C_MONITOR | /* Monitor mode supported. */
> +#ifndef IEEE80211_STA_ONLY
> + IEEE80211_C_IBSS | /* IBSS mode supported */
> + IEEE80211_C_HOSTAP |/* HostAp mode supported */
> +#endif
> IEEE80211_C_SHPREAMBLE |/* Short preamble supported. */
> IEEE80211_C_SHSLOT |/* Short slot time supported. */
> IEEE80211_C_WEP | /* WEP. */
> @@ -377,6 +385,9 @@ urtwn_attach(struct device *parent, stru
>
> if_attach(ifp);
> ieee80211_ifattach(ifp);
> +#ifndef IEEE80211_STA_ONLY
> + ic->ic_newassoc = urtwn_newassoc;
> +#endif
> ic->ic_updateedca = urtwn_updateedca;
> #ifdef notyet
> ic->ic_set_key = urtwn_set_key;
> @@ -1153,6 +1164,17 @@ urtwn_next_scan(void *arg)
> usbd_ref_decr(sc->sc_udev);
> }
>
> +#ifndef IEEE80211_STA_ONLY
> +void
> +urtwn_newassoc(struct ieee80211com *ic, struct ieee80211_node *ni, int isnew)
> +{
> + DPRINTF(("new node %s\n", ether_sprintf(ni->ni_macaddr)));
> + /* start with lowest Tx rate */
> + ni->ni_txrate = 0;
> +}
> +#endif
> +
> +
> int
> urtwn_newstate(struct ieee80211com *ic, enum ieee80211_state nstate, int arg)
> {
> @@ -1175,6 +1197,9 @@ urtwn_newstate_cb(struct urtwn_softc *sc
> enum ieee80211_state ostate;
> uint32_t reg;
> int s;
> +#ifndef IEEE80211_STA_ONLY
> + u_int8_t msr;
> +#endif
>
> s = splnet();
> ostate = ic->ic_state;
> @@ -1270,6 +1295,8 @@ urtwn_newstate_cb(struct urtwn_softc *sc
> }
> ni = ic->ic_bss;
>
> + urtwn_set_chan(sc, ni->ni_chan, NULL);
> +
> /* Set media status to 'Associated'. */
> reg = urtwn_read_4(sc, R92C_CR);
> reg = RW(reg, R92C_CR_NETTYPE, R92C_CR_NETTYPE_INFRA);
> @@ -1298,6 +1325,33 @@ urtwn_newstate_cb(struct urtwn_softc *sc
> urtwn_read_4(sc, R92C_RCR) |
> R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN);
>
> +#ifndef IEEE80211_STA_ONLY
> + if (ic->ic_opmode == IEEE80211_M_HOSTAP) {
> + urtwn_write_2(sc, R92C_BCNTCFG, 0x000f);
> +
> + /* Allow Rx from any BSSID. */
> + urtwn_write_4(sc, R92C_RCR,
> + urtwn_read_4(sc, R92C_RCR) &
> + ~(R92C_RCR_CBSSID_DATA | R92C_RCR_CBSSID_BCN));
> +
> + /* Reset TSF timer to zero. */
> + reg = urtwn_read_4(sc, R92C_TCR);
> + reg &= ~0x01;
> + urtwn_write_4(sc, R92C_TCR, reg);
> + reg |= 0x01;
> + urtwn_write_4(sc, R92C_TCR, reg);
> + }
> +
> + msr = urtwn_read_1(sc, R92C_MSR);
> + msr &= 0xfc;
> + if (ic->ic_opmode == IEEE80211_M_HOSTAP)
> + msr |= R92C_MSR_AP;
> + else if (ic->ic_opmode == IEEE80211_M_IBSS)
> + msr |= R92C_MSR_ADHOC;
> + else
> + msr |= R92C_MSR_INFRA;
> + urtwn_write_1(sc, R92C_MSR, msr);
> +#endif
> /* Enable TSF synchronization. */
> urtwn_tsf_sync_enable(sc);
>
> @@ -3118,8 +3172,8 @@ urtwn_init(struct ifnet *ifp)
>
> /* Initialize beacon parameters. */
> urtwn_write_2(sc, R92C_TBTT_PROHIBIT, 0x6404);
> - urtwn_write_1(sc, R92C_DRVERLYINT, 0x05);
> - urtwn_write_1(sc, R92C_BCNDMATIM, 0x02);
> + urtwn_write_1(sc, R92C_DRVERLYINT, R92C_DRIVER_EARLY_INT_TIME); /* ms */
> + urtwn_write_1(sc, R92C_BCNDMATIM, R92C_DMA_ATIME_INT_TIME);
> urtwn_write_2(sc, R92C_BCNTCFG, 0x660f);
>
> /* Setup
Re: lpd: race condition
On Mon, Jan 20, 2014 at 10:11:53AM +1300, Philip Guenther wrote: > On Sun, Jan 19, 2014 at 10:48 AM, Todd C. Miller > wrote: > > Perhaps something like this? Only compile-tested. > > Looks good. We also need to fix the 'S' line parsing code in sendit() > and printit() in lpd/printjob.c to use unsigned long long when parsing > the ino_t instead of trying to store it in an int. Perhaps change it > to use strtoull() too? I'll investigate into that further, too. To keep tech@ updated, the fdev = fino = -1 part has to be put up one more level, because the same code exists in sendit() that has to be fixed, too. Will send a fully updated diff soon. Index: lpd/printjob.c === RCS file: /var/www/cvs/src/usr.sbin/lpr/lpd/printjob.c,v retrieving revision 1.49 diff -u -p -r1.49 printjob.c --- lpd/printjob.c 10 Dec 2013 16:38:04 - 1.49 +++ lpd/printjob.c 18 Jan 2014 22:09:53 - @@ -226,7 +226,9 @@ again: continue; errcnt = 0; restart: - (void)lseek(lfd, pidoff, 0); + fdev = (dev_t)-1; + fino = (ino_t)-1; + (void)lseek(lfd, pidoff, SEEK_SET); if ((i = snprintf(line, sizeof(line), "%s\n", q->q_name)) >= sizeof(line) || i == -1) i = sizeof(line) - 1; /* can't happen */
Re: lpd: race condition
On Sun, Jan 19, 2014 at 10:48 AM, Todd C. Miller wrote: > Perhaps something like this? Only compile-tested. Looks good. We also need to fix the 'S' line parsing code in sendit() and printit() in lpd/printjob.c to use unsigned long long when parsing the ino_t instead of trying to store it in an int. Perhaps change it to use strtoull() too? Philip
Re: signed base installs
> On Jan 19, 2014, at 8:47, Theo de Raadt wrote: > > I suspect only a few have noticed, so it probably should be mentioned > that install/upgrades are also signed now. > > The documentation isn't written yet because change is ongoing. Here > is a rough primer, for one or two usage cases. More install methods > will work, but some are not perfect yet. > > As detailed in the new signify(1) manual page, if you download bsd.rd > you can: > > Verify a bsd.rd before an upgrade: > $ signify -V -e -p /etc/signify/55base.pub -x SHA256.sig -m - | \ > sha256 -C - bsd.rd Starting with a 5.5 beta installed late last week. sha256 -C gives me "unknown option" Without it the above works perfectly. The rest of the install goes as expected. > > The same can be done with cd55.iso or install55.iso, of course. > > If this is OK, you can boot that bsd.rd (OK, you are trusting your > pre-existing bootblocks, though you could verify new ones). > > When you install or upgrade from the net, it will use the SHA256.sig > file first, verify it using signify, then collect the base sets and > compare them against the SHA256 hashes. They are all downloaded to a > spare place on the disk, and then extracted. This change also makes > upgrades more "atomic". > > There are a few raw edges still, but we would appreciate if this is > tried by a few people.. please give us feedback. > > This mechanism was designed by Ted Unangst; a few pieces here and > there by Todd Fries and myself; the bulk of the install script changes > by Alexander Hall and Robert Peichaer. >
signed base installs
I suspect only a few have noticed, so it probably should be mentioned that install/upgrades are also signed now. The documentation isn't written yet because change is ongoing. Here is a rough primer, for one or two usage cases. More install methods will work, but some are not perfect yet. As detailed in the new signify(1) manual page, if you download bsd.rd you can: Verify a bsd.rd before an upgrade: $ signify -V -e -p /etc/signify/55base.pub -x SHA256.sig -m - | \ sha256 -C - bsd.rd The same can be done with cd55.iso or install55.iso, of course. If this is OK, you can boot that bsd.rd (OK, you are trusting your pre-existing bootblocks, though you could verify new ones). When you install or upgrade from the net, it will use the SHA256.sig file first, verify it using signify, then collect the base sets and compare them against the SHA256 hashes. They are all downloaded to a spare place on the disk, and then extracted. This change also makes upgrades more "atomic". There are a few raw edges still, but we would appreciate if this is tried by a few people.. please give us feedback. This mechanism was designed by Ted Unangst; a few pieces here and there by Todd Fries and myself; the bulk of the install script changes by Alexander Hall and Robert Peichaer.
Get random data very early
This change allows the arc4random() subsystem to self-initialize from
boot-supplied data, upon first call. It uses rs_buf[] to build the
chacha context, then permits drawing of up to 1GB of data without
entering the difficult reseeding or rekeying codepaths.
When other required subsystems are ready, kernel main() properly
starts the entropy flow as before.
This is intended to allow super-early random use.
Index: dev/rnd.c
===
RCS file: /cvs/src/sys/dev/rnd.c,v
retrieving revision 1.152
diff -u -p -u -r1.152 rnd.c
--- dev/rnd.c 19 Jan 2014 00:39:40 - 1.152
+++ dev/rnd.c 19 Jan 2014 12:57:22 -
@@ -540,7 +540,8 @@ void arc4_init(void *, void *); /* actu
#define RSBUFSZ(16*BLOCKSZ)
static int rs_initialized;
static chacha_ctx rs; /* chacha context for random keystream */
-static u_char rs_buf[RSBUFSZ]; /* keystream blocks */
+/* keystream blocks (also chacha seed from boot) */
+static u_char rs_buf[RSBUFSZ] __attribute__((section(".openbsd.randomdata")));
static size_t rs_have; /* valid bytes at end of rs_buf */
static size_t rs_count;/* bytes till reseed */
@@ -557,14 +558,7 @@ _rs_init(u_char *buf, size_t n)
static void
_rs_seed(u_char *buf, size_t n)
{
- if (!rs_initialized) {
- rs_initialized = 1;
- rnd_states[RND_SRC_TIMER].dont_count_entropy = 1;
- rnd_states[RND_SRC_TRUE].dont_count_entropy = 1;
- rnd_states[RND_SRC_TRUE].max_entropy = 1;
- _rs_init(buf, n);
- } else
- _rs_rekey(buf, n);
+ _rs_rekey(buf, n);
/* invalidate rs_buf */
rs_have = 0;
@@ -605,7 +599,11 @@ _rs_stir(int do_lock)
static inline void
_rs_stir_if_needed(size_t len)
{
- if (rs_count <= len || !rs_initialized)
+ if (!rs_initialized) {
+ _rs_init(rs_buf, KEYSZ + IVSZ);
+ rs_count = 1024 * 1024 * 1024; /* until main() runs */
+ rs_initialized = 1;
+ } else if (rs_count <= len)
_rs_stir(0);
else
rs_count -= len;
@@ -745,21 +743,6 @@ arc4_reinit(void *v)
timeout_add_sec(&arc4_timeout, 10 * 60);
}
-void
-random_init(void)
-{
- int off;
-
- /*
-* MI code did not initialize us with a seed, so we are
-* hitting the fall-back from kernel main(). Do the best
-* we can... We assume there are at 8192 bytes mapped after
-* version, because we want to pull some "code" in as well.
-*/
- for (off = 0; off < 8192 - KEYSZ - IVSZ; off += KEYSZ + IVSZ)
- _rs_seed((u_int8_t *)version + off, KEYSZ + IVSZ);
-}
-
/*
* Start periodic services inside the random subsystem, which pull
* entropy forward, hash it, and re-seed the random stream as needed.
@@ -767,14 +750,24 @@ random_init(void)
void
random_start(void)
{
- /*
-* At this point, the message buffer is mapped, and may contain
-* some historical information still.
-*/
+ rnd_states[RND_SRC_TIMER].dont_count_entropy = 1;
+ rnd_states[RND_SRC_TRUE].dont_count_entropy = 1;
+ rnd_states[RND_SRC_TRUE].max_entropy = 1;
+
+ /* Provide some data from this kernel */
+ add_entropy_words((u_int32_t *)version,
+ strlen(version) / sizeof(u_int32_t));
+
+ /* Provide some data from this kernel */
+ add_entropy_words((u_int32_t *)cfdata,
+ 8192 / sizeof(u_int32_t));
+
+ /* Message buffer may contain data from previous boot */
if (msgbufp->msg_magic == MSG_MAGIC)
add_entropy_words((u_int32_t *)msgbufp->msg_bufc,
msgbufp->msg_bufs / sizeof(u_int32_t));
+ rs_initialized = 1;
dequeue_randomness(NULL);
arc4_init(NULL, NULL);
task_set(&arc4_task, arc4_init, NULL, NULL);
Index: dev/rndvar.h
===
RCS file: /cvs/src/sys/dev/rndvar.h,v
retrieving revision 1.32
diff -u -p -u -r1.32 rndvar.h
--- dev/rndvar.h19 Jan 2014 00:39:40 - 1.32
+++ dev/rndvar.h19 Jan 2014 06:53:33 -
@@ -69,7 +69,6 @@ extern struct rndstats rndstats;
#defineadd_audio_randomness(d) enqueue_randomness(RND_SRC_AUDIO,
(int)(d))
#defineadd_video_randomness(d) enqueue_randomness(RND_SRC_VIDEO,
(int)(d))
-void random_init(void);
void random_start(void);
void enqueue_randomness(int, int);
Index: kern/init_main.c
===
RCS file: /cvs/src/sys/kern/init_main.c,v
retrieving revision 1.199
diff -u -p -u -r1.199 init_main.c
--- kern/init_main.c19 Jan 2014 00:39:40 - 1.199
+++ kern/init_main.c19 Jan 2014 08:19:11 -
@@ -218,8 +218,6 @@ main(void *framep)
KERNEL_LOCK_INIT();
SCHED_LOCK_INIT();
- random_init();
-
uvm_init(
slowcgi(8): small wording tweak
Hello, I just read slowcgi(8) and one of the sentences read a bit strange to me. Anyone agree? Regards, Patrik Lundin Index: slowcgi.8 === RCS file: /cvs/src/usr.sbin/slowcgi/slowcgi.8,v retrieving revision 1.5 diff -u -p -u -r1.5 slowcgi.8 --- slowcgi.8 12 Dec 2013 10:48:52 - 1.5 +++ slowcgi.8 19 Jan 2014 11:30:24 - @@ -33,11 +33,11 @@ opens a socket at .Pa /var/www/run/slowcgi.sock , owned by root:www, with permissions 0660. -It then +It will then .Xr chroot 8 to .Pa /var/www -and drops privileges to user +and drop privileges to user .Qq www . .Pp The options are as follows:
Re: report icmp error drops because of rate limiting
On 19 January 2014 12:03, Claudio Jeker wrote: > As done in IPv6 land report how many packets are dropped because we hit > the rate limiter (net.inet.icmp.errppslimit). On bigger routers it may be > needed to tune that value up in case to many packets are dropped. > > OK? > -- > :wq Claudio > OK
Re: rc default PF ruleset too restrictive for DHCPv6
* Kenneth Westerback [2014-01-19 09:56]: > *But what is the practical problem being addressed? Is dhcp not functional > with the existing default **ruleset?* it's not correct and we rely on dhclient falling back to a new discovery eventually. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: report icmp error drops because of rate limiting
yes, I frequently run into this and always forget to follow up. we
might even want some heuristic for the errppslimit.
anyway, this is good and makes sense. ok.
* Claudio Jeker [2014-01-19 00:04]:
> As done in IPv6 land report how many packets are dropped because we hit
> the rate limiter (net.inet.icmp.errppslimit). On bigger routers it may be
> needed to tune that value up in case to many packets are dropped.
>
> OK?
> --
> :wq Claudio
>
> Index: sys/netinet/icmp_var.h
> ===
> RCS file: /cvs/src/sys/netinet/icmp_var.h,v
> retrieving revision 1.13
> diff -u -p -r1.13 icmp_var.h
> --- sys/netinet/icmp_var.h13 Dec 2007 20:00:53 - 1.13
> +++ sys/netinet/icmp_var.h18 Jan 2014 22:52:51 -
> @@ -42,6 +42,7 @@
> struct icmpstat {
> /* statistics related to icmp packets generated */
> u_long icps_error; /* # of calls to icmp_error */
> + u_long icps_toofreq; /* no error because rate limiter */
> u_long icps_oldshort; /* no error because old ip too short */
> u_long icps_oldicmp; /* no error because old was icmp */
> u_long icps_outhist[ICMP_MAXTYPE + 1];
> Index: sys/netinet/ip_icmp.c
> ===
> RCS file: /cvs/src/sys/netinet/ip_icmp.c,v
> retrieving revision 1.113
> diff -u -p -r1.113 ip_icmp.c
> --- sys/netinet/ip_icmp.c 9 Jan 2014 06:29:06 - 1.113
> +++ sys/netinet/ip_icmp.c 18 Jan 2014 22:53:19 -
> @@ -178,8 +178,10 @@ icmp_do_error(struct mbuf *n, int type,
> /*
>* First, do a rate limitation check.
>*/
> - if (icmp_ratelimit(&oip->ip_src, type, code))
> - goto freeit;/* XXX stat */
> + if (icmp_ratelimit(&oip->ip_src, type, code)) {
> + icmpstat.icps_toofreq++;
> + goto freeit;
> + }
>
> /*
>* Now, formulate icmp message
> Index: usr.bin/netstat/inet.c
> ===
> RCS file: /cvs/src/usr.bin/netstat/inet.c,v
> retrieving revision 1.129
> diff -u -p -r1.129 inet.c
> --- usr.bin/netstat/inet.c25 Dec 2013 01:46:00 - 1.129
> +++ usr.bin/netstat/inet.c18 Jan 2014 22:55:15 -
> @@ -583,6 +583,9 @@ icmp_stats(char *name)
> p(icps_error, "\t%lu call%s to icmp_error\n");
> p(icps_oldicmp,
> "\t%lu error%s not generated because old message was icmp\n");
> + p(icps_toofreq,
> + "\t%llu error%s not generated because of rate limitation\n");
> +
> for (first = 1, i = 0; i < ICMP_MAXTYPE + 1; i++)
> if (icmpstat.icps_outhist[i] != 0) {
> if (first) {
>
--
Henning Brauer, h...@bsws.de, henn...@openbsd.org
BS Web Services GmbH, http://bsws.de, Full-Service ISP
Secure Hosting, Mail and DNS Services. Dedicated Servers, Root to Fully Managed
Henning Brauer Consulting, http://henningbrauer.com/
Re: rc default PF ruleset too restrictive for DHCPv6
*But what is the practical problem being addressed? Is dhcp not functional
with the existing default **ruleset?*
* Ken*
On 19 January 2014 19:39, Brad Smith wrote:
> On Sun, Jan 19, 2014 at 04:10:21AM +0100, Claudio Jeker wrote:
> > On Sat, Jan 18, 2014 at 09:57:26PM -0500, Brad wrote:
> > > On Thu, Jan 09, 2014 at 03:55:44PM -0500, Brad Smith wrote:
> > > > The default PF ruleset as setup by rc is too restrictive. Have the
> default
> > > > ruleset allow for DHCPv6.
> > >
> > > Anyone?
> >
> > Looks good to me. OK claudio@
> >
> > Question: should we add the same for inet as well since dhclient may use
> > a normal udp socket in some cases?
>
> Untested on the v4 side but how about something like the following?
>
>
> Index: rc
> ===
> RCS file: /home/cvs/src/etc/rc,v
> retrieving revision 1.419
> diff -u -p -u -p -r1.419 rc
> --- rc 3 Jan 2014 23:24:19 - 1.419
> +++ rc 19 Jan 2014 08:32:17 -
> @@ -325,11 +325,15 @@ if [ X"${pf}" != X"NO" ]; then
> RULES="$RULES\npass in proto tcp from any to any port 22 keep
> state"
> RULES="$RULES\npass out proto { tcp, udp } from any to any port 53
> keep state"
> RULES="$RULES\npass out inet proto icmp all icmp-type echoreq keep
> state"
> + RULES="$RULES\npass out inet proto udp from any port bootpc to any
> port bootps"
> + RULES="$RULES\npass in inet proto udp from any port bootps to any
> port bootpc"
> if ifconfig lo0 inet6 >/dev/null 2>&1; then
> RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type
> neighbrsol"
> RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type
> neighbradv"
> RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type
> routersol"
> RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type
> routeradv"
> + RULES="$RULES\npass out inet6 proto udp from any port
> dhcpv6-client to any port dhcpv6-server"
> + RULES="$RULES\npass in inet6 proto udp from any port
> dhcpv6-server to any port dhcpv6-client"
> fi
> RULES="$RULES\npass proto carp keep state (no-sync)"
> case `sysctl vfs.mounts.nfs 2>/dev/null` in
>
> --
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
>
>
Re: rc default PF ruleset too restrictive for DHCPv6
On Sun, Jan 19, 2014 at 04:10:21AM +0100, Claudio Jeker wrote:
> On Sat, Jan 18, 2014 at 09:57:26PM -0500, Brad wrote:
> > On Thu, Jan 09, 2014 at 03:55:44PM -0500, Brad Smith wrote:
> > > The default PF ruleset as setup by rc is too restrictive. Have the default
> > > ruleset allow for DHCPv6.
> >
> > Anyone?
>
> Looks good to me. OK claudio@
>
> Question: should we add the same for inet as well since dhclient may use
> a normal udp socket in some cases?
Untested on the v4 side but how about something like the following?
Index: rc
===
RCS file: /home/cvs/src/etc/rc,v
retrieving revision 1.419
diff -u -p -u -p -r1.419 rc
--- rc 3 Jan 2014 23:24:19 - 1.419
+++ rc 19 Jan 2014 08:32:17 -
@@ -325,11 +325,15 @@ if [ X"${pf}" != X"NO" ]; then
RULES="$RULES\npass in proto tcp from any to any port 22 keep state"
RULES="$RULES\npass out proto { tcp, udp } from any to any port 53 keep
state"
RULES="$RULES\npass out inet proto icmp all icmp-type echoreq keep
state"
+ RULES="$RULES\npass out inet proto udp from any port bootpc to any port
bootps"
+ RULES="$RULES\npass in inet proto udp from any port bootps to any port
bootpc"
if ifconfig lo0 inet6 >/dev/null 2>&1; then
RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type
neighbrsol"
RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type
neighbradv"
RULES="$RULES\npass out inet6 proto icmp6 all icmp6-type
routersol"
RULES="$RULES\npass in inet6 proto icmp6 all icmp6-type
routeradv"
+ RULES="$RULES\npass out inet6 proto udp from any port
dhcpv6-client to any port dhcpv6-server"
+ RULES="$RULES\npass in inet6 proto udp from any port
dhcpv6-server to any port dhcpv6-client"
fi
RULES="$RULES\npass proto carp keep state (no-sync)"
case `sysctl vfs.mounts.nfs 2>/dev/null` in
--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.
