not all of uvm needs to see uvm_swap_encrypt.h
uvm_meter.c needs it to route the sysctl, uvm_swap.c needs it to use the functionality, and uvm_swap_encrypt.c needs it to for obvious reasons. everything else doesnt and shouldnt care. ok? Index: uvm.h === RCS file: /cvs/src/sys/uvm/uvm.h,v retrieving revision 1.57 diff -u -p -r1.57 uvm.h --- uvm.h 3 Oct 2014 17:41:00 - 1.57 +++ uvm.h 4 May 2015 07:30:06 - @@ -38,9 +38,6 @@ #include uvm/uvm_glue.h #include uvm/uvm_km.h #include uvm/uvm_swap.h -#ifdef UVM_SWAP_ENCRYPT -#include uvm/uvm_swap_encrypt.h -#endif #include uvm/uvm_pmemrange.h Index: uvm_swap.c === RCS file: /cvs/src/sys/uvm/uvm_swap.c,v retrieving revision 1.134 diff -u -p -r1.134 uvm_swap.c --- uvm_swap.c 27 Jan 2015 03:17:37 - 1.134 +++ uvm_swap.c 4 May 2015 07:30:06 - @@ -61,7 +61,7 @@ #include uvm/uvm.h #ifdef UVM_SWAP_ENCRYPT -#include sys/syslog.h +#include uvm/uvm_swap_encrypt.h #endif #include sys/specdev.h Index: uvm_swap_encrypt.c === RCS file: /cvs/src/sys/uvm/uvm_swap_encrypt.c,v retrieving revision 1.20 diff -u -p -r1.20 uvm_swap_encrypt.c --- uvm_swap_encrypt.c 14 Mar 2015 03:38:53 - 1.20 +++ uvm_swap_encrypt.c 4 May 2015 07:30:06 - @@ -39,6 +39,7 @@ #include crypto/rijndael.h #include uvm/uvm.h +#include uvm/uvm_swap_encrypt.h struct swap_key *kcur = NULL; rijndael_ctx swap_ctxt;
Re: seccomp system call
I am wondering if the seccomp system call [1] would be welcomed in the OpenBSD tree. I remember it was among the subjects of last year's Google Summer of Code. If there is still interest in having it implemented, I am willing to work on it: I have a diff that creates the system call and allows seccomp to be called with the SECCOMP_SET_MODE_STRICT operation. It's a first step, the next (big) one would be BPF(4) syscall filtering. Personally, I think seccomp-bpf could be a superior alternative to systrace and I'd love to see an implementation. Other developers (inc. Theo) are skeptical though, but this is probably a case where the argument won't be settled without a concrete implementation to look at. I am very skeptical about a bpf-style model, because: People are currently writing policies specific to what glibc does; or what they believe it is doing. Those policies will be wide open, or too strict. If we adopt this into our world, the next step after that is going to be wide use of #ifdef within bpf rulesets.
Re: [PATCH] Man pages: usbd_open_pipe(9), usbd_close_pipe(9)
On 02/05/15(Sat) 08:44, attila wrote: Hi tech@, This patch adds man pages for usbd_open_pipe, usbd_open_pipe_intr, usbd_close_pipe and usbd_abort_pipe, done as two files: usbd_open_pipe.9 and usbd_close_pipe.9. It also adds these two new .9 files to the appropriate Makefile and tweaks usbd_transfer(9) to refer to usbd_open_pipe(9). Comments, feedback most welcome. Thanks, committed with some tweaks : - These functions cannot be called from interrupt context because they might sleep. - I did not return the error values from usbd_open_pipe(9) because they are almost never checked and useless. I think we can improve them in-tree, it might be interesting to add more USB specific information, since people dealing with USB know what endpoints are but not how to deals with usbd_pipes. One more note, I think that our stack does not support shared endpoints, it would be nice to do an audit, but I think that USBD_EXCLUSIVE_ACCESS should/is the default. Pax, -A P.S. I f'ing love mandoc. Just sayin... -- att...@stalphonsos.com | http://trac.haqistan.net/~attila keyid E6CC1EDB | 4D91 1B98 A210 1D71 2A0E AC29 9677 D0A6 E6CC 1EDB Index: Makefile === RCS file: /cvs/src/share/man/man9/Makefile,v retrieving revision 1.230 diff -u -p -r1.230 Makefile --- Makefile 10 Feb 2015 21:56:08 - 1.230 +++ Makefile 2 May 2015 00:07:16 - @@ -31,7 +31,7 @@ MAN=aml_evalnode.9 atomic_add_int.9 ato tsleep.9 spl.9 startuphook_establish.9 \ socreate.9 sosplice.9 style.9 syscall.9 systrace.9 sysctl_int.9 \ task_add.9 tc_init.9 time.9 timeout.9 tvtohz.9 uiomove.9 uvm.9 \ - usbd_transfer.9 \ + usbd_transfer.9 usbd_open_pipe.9 usbd_close_pipe.9 \ vfs.9 vfs_busy.9 \ vfs_cache.9 vaccess.9 vclean.9 vcount.9 vdevgone.9 vfinddev.9 vflush.9 \ vflushbuf.9 vget.9 vgone.9 vhold.9 vinvalbuf.9 vnode.9 vnsubr.9 \ Index: usbd_close_pipe.9 === RCS file: usbd_close_pipe.9 diff -N usbd_close_pipe.9 --- /dev/null 1 Jan 1970 00:00:00 - +++ usbd_close_pipe.9 2 May 2015 00:07:16 - @@ -0,0 +1,59 @@ +.\ $OpenBSD$ +.\ +.\ Copyright (c) 2015 Sean Levy att...@stalphonsos.com +.\ +.\ Permission to use, copy, modify, and distribute this software for any +.\ purpose with or without fee is hereby granted, provided that the above +.\ copyright notice and this permission notice appear in all copies. +.\ +.\ THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\ ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\ WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\ ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\ +.Dd $Mdocdate$ +.Dt USBD_CLOSE_PIPE 9 +.Os +.Sh NAME +.Nm usbd_close_pipe , usbd_abort_pipe +.Nd close or abort transfers on a USB pipe +.Sh SYNOPSIS +.In dev/usb/usb.h +.In dev/usb/usbdi.h +.Ft usbd_status +.Fn usbd_close_pipe struct usbd_pipe *pipe +.Ft usbd_status +.Fn usbd_abort_pipe struct usbd_pipe *pipe +.Sh DESCRIPTION +A pipe is a logical connection between the host and an endpoint +on a USB device, created by one of +.Xr usbd_open_pipe 9 +or +.Xr usbd_open_pipe_intr 9 . +.Pp +The +.Fn usbd_abort_pipe +function aborts any transfers queued on the pipe and ensures it is quiescent +before returning. +.Pp +The +.Fn usbd_close_pipe +function first calls +.Fn usbd_abort_pipe , +then removes the pipe from the relevant USB interface's list of pipes +and cleans up any memory associated with the pipe, including any +implicit transfer created by +.Xr usbd_open_pipe_intr 9 . +.Sh CONTEXT +.Fn usbd_abort_pipe +and +.Fn usbd_close_pipe +can be called during autoconf, from process context or from interrupt +context. +.Sh SEE ALSO +.Xr usbd_open_pipe 9 , +.Xr usb 4 , +.Xr intro 4 Index: usbd_open_pipe.9 === RCS file: usbd_open_pipe.9 diff -N usbd_open_pipe.9 --- /dev/null 1 Jan 1970 00:00:00 - +++ usbd_open_pipe.9 2 May 2015 00:07:16 - @@ -0,0 +1,162 @@ +.\ $OpenBSD$ +.\ +.\ Copyright (c) 2015 Sean Levy att...@stalphonsos.com +.\ +.\ Permission to use, copy, modify, and distribute this software for any +.\ purpose with or without fee is hereby granted, provided that the above +.\ copyright notice and this permission notice appear in all copies. +.\ +.\ THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\ WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\ MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
Re: [patch] rtl8188eu support for urtwn(4)
On 20:20 26-Apr 2015 Stefan Sperling wrote: The chunk below is wrong for OpenBSD since it sets the intitial transmit rate to an 11n rate. 0x13 corresponds to the MCS7 11n rate, see linux/drivers/net/wireless/rtlwifi/rtl8188ee/def.h enum rtl_desc92c_rate. The value 11 corresponds to OFDM 54Mbit which is fine for OpenBSD. We only support 11a/b/g at present. --- sys/dev/usb/if_urtwn.c14 Mar 2015 03:38:49 - 1.43 +++ sys/dev/usb/if_urtwn.c19 Apr 2015 20:27:41 - @@ -1813,7 +2011,10 @@ urtwn_tx(struct urtwn_softc *sc, struct txd-txdw4 |= htole32(SM(R92C_TXDW4_RTSRATE, 8)); txd-txdw5 |= htole32(0x0001ff00); /* Send data at OFDM54. */ - txd-txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 11)); + if (sc-chip URTWN_CHIP_88E) + txd-txdw5 |= htole32(0x13 0x3f); + else + txd-txdw5 |= htole32(SM(R92C_TXDW5_DATARATE, 11)); } else { txd-txdw1 |= htole32( Hello, yes, this change, maybe harmless, but not accurate. I inline new patch against head with this change incorporated and with fix for USB aggregation mode, which Kevin has pushed into FreeBSD[1] to fix performance issues. [1] - https://svnweb.freebsd.org/base?view=revisionrevision=282266 Index: share/man/man4/urtwn.4 === RCS file: /cvs/src/share/man/man4/urtwn.4,v retrieving revision 1.31 diff -u -p -r1.31 urtwn.4 --- share/man/man4/urtwn.4 30 Mar 2015 12:35:15 - 1.31 +++ share/man/man4/urtwn.4 4 May 2015 10:09:59 - @@ -19,17 +19,17 @@ .Os .Sh NAME .Nm urtwn -.Nd Realtek RTL8188CU/RTL8192CU USB IEEE 802.11b/g/n wireless network device +.Nd Realtek RTL8188CU/RTL8188EU/RTL8192CU USB IEEE 802.11b/g/n wireless network device .Sh SYNOPSIS .Cd urtwn* at uhub? port ? .Sh DESCRIPTION The .Nm driver supports USB 2.0 wireless network devices based on Realtek -RTL8188CUS, RTL8188CE-VAU, RTL8188RU and RTL8192CU chipsets. +RTL8188CUS, RTL8188CE-VAU, RTL8188EUS, RTL8188RU and RTL8192CU chipsets. .Pp -The RTL8188CUS is a highly integrated 802.11n adapter that combines -a MAC, a 1T1R capable baseband and an RF in a single chip. +The RTL8188CUS and RTL8188EUS are a highly integrated 802.11n adapter +that combines a MAC, a 1T1R capable baseband and an RF in a single chip. It operates in the 2GHz spectrum only. The RTL8188RU is a high-power variant of the RTL8188CUS. The RTL8188CE-VAU is a PCI Express Mini Card adapter that attaches @@ -83,6 +83,7 @@ which are loaded when an interface is at .It /etc/firmware/urtwn-rtl8192cfwT .It /etc/firmware/urtwn-rtl8192cfwU .It /etc/firmware/urtwn-rtl8723fw +.It /etc/firmware/urtwn-rtl8188eufw .El .Pp A prepackaged version of the firmware can be installed using @@ -119,6 +120,8 @@ The following adapters should work: .It Solwise NET-WL-UMD-606N .It TP-Link TL-WN821N v4 .It TRENDnet TEW-648UBM +.It TP-LINK TL-WN723N v3 +.It TP-LINK TL-WN725N v2 .El .Sh EXAMPLES The following example scans for available networks: Index: sys/dev/usb/if_urtwn.c === RCS file: /cvs/src/sys/dev/usb/if_urtwn.c,v retrieving revision 1.43 diff -u -p -r1.43 if_urtwn.c --- sys/dev/usb/if_urtwn.c 14 Mar 2015 03:38:49 - 1.43 +++ sys/dev/usb/if_urtwn.c 4 May 2015 10:10:00 - @@ -2,6 +2,7 @@ /*- * Copyright (c) 2010 Damien Bergamini damien.bergam...@free.fr + * Copyright (c) 2014 Kevin Lo ke...@freebsd.org * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -17,7 +18,7 @@ */ /* - * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188RU/RTL8192CU. + * Driver for Realtek RTL8188CE-VAU/RTL8188CUS/RTL8188EU/RTL8188RU/RTL8192CU. */ #include bpfilter.h @@ -140,7 +141,10 @@ static const struct usb_devno urtwn_devs { USB_VENDOR_TPLINK,USB_PRODUCT_TPLINK_RTL8192CU }, { USB_VENDOR_TRENDNET, USB_PRODUCT_TRENDNET_RTL8188CU }, { USB_VENDOR_TRENDNET, USB_PRODUCT_TRENDNET_RTL8192CU }, - { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_RTL8192CU } + { USB_VENDOR_ZYXEL, USB_PRODUCT_ZYXEL_RTL8192CU }, + /* URTWN_RTL8188E */ + { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188ETV }, + { USB_VENDOR_REALTEK, USB_PRODUCT_REALTEK_RTL8188EU } }; inturtwn_match(struct device *, void *, void *); @@ -167,14 +171,17 @@ uint8_t urtwn_read_1(struct urtwn_softc uint16_t urtwn_read_2(struct urtwn_softc *, uint16_t); uint32_t urtwn_read_4(struct urtwn_softc *, uint16_t); inturtwn_fw_cmd(struct urtwn_softc *, uint8_t, const void *, int); -void urtwn_rf_write(struct urtwn_softc *, int, uint8_t, uint32_t); +void urtwn_r92c_rf_write(struct urtwn_softc *, int, uint8_t, uint32_t); +void
Re: [patch] rtl8188eu support for urtwn(4)
On Mon, May 04, 2015 at 04:03:01PM +0300, Mikhail wrote: Hello, yes, this change, maybe harmless, but not accurate. I inline new patch against head with this change incorporated and with fix for USB aggregation mode, which Kevin has pushed into FreeBSD[1] to fix performance issues. [1] - https://svnweb.freebsd.org/base?view=revisionrevision=282266 Thanks Mikhail. Unfortunately, this patch doesn't still fix the performance problem for me. How are you testing performance? I'm using tcpbench(1). With your latest patch, on my 8188EU device: urtwn0 at uhub2 port 2 Realtek 802.11n NIC rev 2.00/0.00 addr 4 urtwn0: MAC/BB RTL8188EU, RF 6052 1T1R, address c4:6e:1f:26:af:de tcpbench across the wireless to another openbsd box on my LAN which runs tcpbench -s gives numbers like: elapsed_ms bytes mbps bwidth Conn: 1 Mbps:0.385 Peak Mbps:0.413 Avg Mbps:0.385 10076 485520.382 100.00% Conn: 1 Mbps:0.382 Peak Mbps:0.413 Avg Mbps:0.382 11086 485520.385 100.00% Conn: 1 Mbps:0.385 Peak Mbps:0.413 Avg Mbps:0.385 12096 471240.374 100.00% Conn: 1 Mbps:0.374 Peak Mbps:0.413 Avg Mbps:0.374 13105 442680.351 100.00% Conn: 1 Mbps:0.351 Peak Mbps:0.413 Avg Mbps:0.351 14116 456960.362 100.00% Conn: 1 Mbps:0.362 Peak Mbps:0.413 Avg Mbps:0.362 Mbps never goes above 0.5. Downloading snapshots/i386/install57.fs directly from my access point takes more than 20 minutes. This device: urtwn0 at uhub2 port 2 Realtek 802.11n WLAN Adapter rev 2.00/2.00 addr 4 urtwn0: MAC/BB RTL8188CUS, RF 6052 1T1R, address 08:86:3b:6a:19:4b gives me the following numbers (nothing else changed besides urtwn device): elapsed_ms bytes mbps bwidth Conn: 1 Mbps:3.351 Peak Mbps:3.351 Avg Mbps:3.351 2013 4315043.452 100.00% Conn: 1 Mbps:3.452 Peak Mbps:3.452 Avg Mbps:3.452 3023 5039043.995 100.00% Conn: 1 Mbps:3.995 Peak Mbps:3.995 Avg Mbps:3.995 4033 5169364.099 100.00% Conn: 1 Mbps:4.099 Peak Mbps:4.099 Avg Mbps:4.099 5043 4937683.911 100.00% Conn: 1 Mbps:3.911 Peak Mbps:4.099 Avg Mbps:3.911 6044 4908723.923 100.00% Conn: 1 Mbps:3.923 Peak Mbps:4.099 Avg Mbps:3.923 7053 4691523.723 100.00% Conn: 1 Mbps:3.723 Peak Mbps:4.099 Avg Mbps:3.723 8053 4821843.857 100.00% Conn: 1 Mbps:3.857 Peak Mbps:4.099 Avg Mbps:3.857 9053 5401044.321 100.00% Conn: 1 Mbps:4.321 Peak Mbps:4.321 Avg Mbps:4.321 10063 4763923.777 100.00% Conn: 1 Mbps:3.777 Peak Mbps:4.321 Avg Mbps:3.777 11063 4648083.718 100.00% Conn: 1 Mbps:3.718 Peak Mbps:4.321 Avg Mbps:3.718 Downloading snapshots/i386/install57.fs directly from my access point takes about 8 minutes. Does FreeBSD have the same issue?
Re: [patch] rtl8188eu support for urtwn(4)
On Mon, May 04, 2015 at 01:23:59PM +0200, Stefan Sperling wrote: On Mon, May 04, 2015 at 04:03:01PM +0300, Mikhail wrote: Hello, yes, this change, maybe harmless, but not accurate. I inline new patch against head with this change incorporated and with fix for USB aggregation mode, which Kevin has pushed into FreeBSD[1] to fix performance issues. [1] - https://svnweb.freebsd.org/base?view=revisionrevision=282266 Thanks Mikhail. Unfortunately, this patch doesn't still fix the performance problem for me. How are you testing performance? I'm using tcpbench(1). I've committed your patch so we can work on the remaining issues in smaller chunks. Thanks a lot for your work so far. It's always great to see someone new help us out with wireless.
Re: [patch] security.html page
Hi Roman, Roman Kravchuk wrote on Sun, May 03, 2015 at 12:06:16PM +0300: This patch for fix security.html page - cleanup not found link to errata20.html - add link to errata57.html Committed, thanks. Ingo Index: security.html === RCS file: /cvs/www/security.html,v retrieving revision 1.419 diff -u -p -u -p -r1.419 security.html --- security.html6 Sep 2014 14:12:17 -1.419 +++ security.html2 May 2015 08:20:49 - @@ -21,7 +21,6 @@ For security advisories for specific releases, click below: p -a href=errata20.html2.0/a, a href=errata21.html2.1/a, a href=errata22.html2.2/a, a href=errata23.html2.3/a, @@ -38,8 +37,8 @@ For security advisories for specific rel a href=errata34.html3.4/a, a href=errata35.html3.5/a, a href=errata36.html3.6/a, -br a href=errata37.html3.7/a, +br a href=errata38.html3.8/a, a href=errata39.html3.9/a, a href=errata40.html4.0/a, @@ -56,10 +55,11 @@ For security advisories for specific rel a href=errata51.html5.1/a, a href=errata52.html5.2/a, a href=errata53.html5.3/a, -br a href=errata54.html5.4/a, +br a href=errata55.html5.5/a, -a href=errata56.html5.6/a. +a href=errata56.html5.6/a, +a href=errata57.html5.7/a. br hr
pckbc
Less magic number For PS/2 - status byte - bit 5: The bit is '1' if the data on input port 60h came from the AUX port, or '0' if the data came from the keyboard or from the keyboard controller itself. KBS_TERR (kbd transmission error) was valid for AT-mode, but not for PS/2-mode. Comment ? OK ? -- Alexandr Shadchin Index: i8042reg.h === RCS file: /cvs/src/sys/dev/ic/i8042reg.h,v retrieving revision 1.8 diff -u -p -r1.8 i8042reg.h --- i8042reg.h 25 Dec 2013 21:01:01 - 1.8 +++ i8042reg.h 4 May 2015 15:24:27 - @@ -7,7 +7,7 @@ #define KBS_WARM 0x04/* kbd input buffer low */ #define KBS_OCMD 0x08/* kbd output buffer has command */ #define KBS_NOSEC 0x10/* kbd security lock not engaged */ -#define KBS_TERR 0x20/* kbd transmission error */ +#define KBS_AUXDATA0x20/* kbd data in buffer from aux port */ #define KBS_RERR 0x40/* kbd receive error */ #define KBS_PERR 0x80/* kbd parity error */ Index: pckbc.c === RCS file: /cvs/src/sys/dev/ic/pckbc.c,v retrieving revision 1.47 diff -u -p -r1.47 pckbc.c --- pckbc.c 31 Mar 2015 02:27:30 - 1.47 +++ pckbc.c 4 May 2015 15:24:27 - @@ -153,7 +153,7 @@ pckbc_poll_data1(bus_space_tag_t iot, bu KBD_DELAY; CPU_BUSY_CYCLE(); c = bus_space_read_1(iot, ioh_d, 0); - if (checkaux (stat 0x20)) { /* aux data */ + if (checkaux (stat KBS_AUXDATA)) { if (slot != PCKBC_AUX_SLOT) { DPRINTF(lost aux 0x%x\n, c); continue; @@ -998,7 +998,7 @@ pckbcintr_internal(struct pckbc_internal served = 1; - slot = (t-t_haveaux (stat 0x20)) ? + slot = (t-t_haveaux (stat KBS_AUXDATA)) ? PCKBC_AUX_SLOT : PCKBC_KBD_SLOT; q = t-t_slotdata[slot];
Re: seccomp system call
On Mon, 04 May 2015 02:38:58 -0600, Theo de Raadt wrote: Those policies will be wide open, or too strict. If we adopt this into our world, the next step after that is going to be wide use of #ifdef within bpf rulesets. I don't see how that follows. Security policies are going to be highly OS-specific due to differences in systems calls. I suppose you could make a simple policy work on different OSes using #ifdef but I think this would be too cumbersome for more complex filters. You can't prevent people from doing stupid things but I don't think that is a good reason to reject seccomp() out of hand. - todd
Re: more precise O_ACCMODE handling
On Sun, 03 May 2015 22:07:33 -0700, Philip Guenther wrote: The flags passed to open(2) and openat(2) are not a simple bitset. Instead, the bits in O_ACCMODE are effectively an enumeration, and the other bits are or'ed onto that. For example, a function that wraps open(2), taking a flag argument that it passes through, that wants to verify that it was invoked with either O_WRONLY or O_RDWR *cannot* just say if ((flags O_ACCMODE) ~(O_WRONLY | O_RDWR)) return (EINVAL); as that will accept O_RDONLY as well! The correct test is to mask off O_ACCMODE and compare the results to the acceptable values: if ((flags O_ACCMODE) != O_WRONLY (flags O_ACCMODE) != O_RDWR) return (EINVAL); So, in anticipation of future changes, let's make interfaces that wrap open() be more precise in the handling of flags for open(), testing O_ACCMODE bits separately from others. While here, document that shm_open() accept O_CLOEXEC and O_NOFOLLOW as extensions to POSIX, and use O_CLOEXEC on the temporary fd in posix_openpt() A few comments inline: Index: libc/db/db/db.c === RCS file: /cvs/src/lib/libc/db/db/db.c,v retrieving revision 1.10 diff -u -p -r1.10 db.c --- libc/db/db/db.c 5 Aug 2005 13:03:00 - 1.10 +++ libc/db/db/db.c 4 May 2015 04:48:11 - @@ -48,9 +48,10 @@ dbopen(const char *fname, int flags, int #define DB_FLAGS(DB_LOCK | DB_SHMEM | DB_TXN) #define USE_OPEN_FLAGS \ (O_CREAT | O_EXCL | O_EXLOCK | O_NOFOLLOW | O_NONBLOCK |\ - O_RDONLY | O_RDWR | O_SHLOCK | O_SYNC | O_TRUNC) + O_SHLOCK | O_SYNC | O_TRUNC) - if ((flags ~(USE_OPEN_FLAGS | DB_FLAGS)) == 0) + if (((flags O_ACCMODE) == O_RDONLY || (flags O_ACCMODE) == O_RDWR) + (flags ~(O_ACCMODE | USE_OPEN_FLAGS | DB_FLAGS)) == 0) switch (type) { case DB_BTREE: return (__bt_open(fname, flags USE_OPEN_FLAGS, Index: libc/gen/shm_open.3 === RCS file: /cvs/src/lib/libc/gen/shm_open.3,v retrieving revision 1.4 diff -u -p -r1.4 shm_open.3 --- libc/gen/shm_open.3 8 Jul 2014 00:40:56 - 1.4 +++ libc/gen/shm_open.3 4 May 2015 04:48:11 - @@ -45,7 +45,7 @@ and must include at least or .Dv O_RDWR and may also include a combination of -.Dv O_CREAT , O_EXCL , +.Dv O_CREAT , O_EXCL , O_CLOEXEC , O_NOFOLLOW , or .Dv O_TRUNC . This implementation forces the @@ -81,6 +81,13 @@ and .Fn shm_unlink appear in .St -p1003.1-2001 . +Using +.Dv O_CLOEXEC +or +.Dv O_NOFOLLOW +with +.Fn shm_open +is an extension to that standard. This implementation deviates from the standard by permitting less sharing. .Pp .Fn shm_mkstemp Index: libc/gen/shm_open.c === RCS file: /cvs/src/lib/libc/gen/shm_open.c,v retrieving revision 1.4 diff -u -p -r1.4 shm_open.c --- libc/gen/shm_open.c 12 Nov 2013 06:09:48 - 1.4 +++ libc/gen/shm_open.c 4 May 2015 04:48:11 - @@ -31,6 +31,9 @@ /* /tmp/ + sha256 + .shm */ #define SHM_PATH_SIZE (5 + SHA256_DIGEST_STRING_LENGTH + 4) +/* O_CLOEXEC and O_NOFOLLOW are extensions to POSIX */ +#define OK_FLAGS (O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC | O_NOFOLLOW) + static void makeshmpath(const char *origpath, char *shmpath, size_t len) { @@ -47,8 +50,8 @@ shm_open(const char *path, int flags, mo struct stat sb; int fd; - if (flags ~(O_RDONLY | O_RDWR | - O_CREAT | O_EXCL | O_TRUNC | O_CLOEXEC | O_NOFOLLOW)) { + if (((flags O_ACCMODE) != O_RDONLY (flags O_ACCMODE) != O_RDWR) + || (flags ~(O_ACCMODE | OK_FLAGS))) { errno = EINVAL; return -1; } Index: libc/stdlib/posix_pty.c === RCS file: /cvs/src/lib/libc/stdlib/posix_pty.c,v retrieving revision 1.1 diff -u -p -r1.1 posix_pty.c --- libc/stdlib/posix_pty.c 3 Dec 2012 20:08:33 - 1.1 +++ libc/stdlib/posix_pty.c 4 May 2015 04:48:11 - @@ -35,13 +35,14 @@ posix_openpt(int oflag) int fd, mfd = -1; /* User must specify O_RDWR in oflag. */ - if (!(oflag O_RDWR)) { + if ((oflag O_ACCMODE) != O_RDWR || + (oflag ~(O_ACCMODE | O_NOCTTY)) != 0) { errno = EINVAL; return -1; } I don't see the need to use O_ACCMODE here at all. Why not just: if (!(oflag O_RDWR) || (oflag ~(O_RDWR | O_NOCTTY)) != 0) or even: if (oflag != O_RDWR oflag != (O_RDWR | O_NOCTTY)) /* Get pty master and slave (this API only uses the master). */ - fd = open(PATH_PTMDEV, O_RDWR); + fd = open(PATH_PTMDEV, O_RDWR |
Re: more precise O_ACCMODE handling
Index: libc/stdlib/posix_pty.c === RCS file: /cvs/src/lib/libc/stdlib/posix_pty.c,v retrieving revision 1.1 diff -u -p -r1.1 posix_pty.c --- libc/stdlib/posix_pty.c 3 Dec 2012 20:08:33 - 1.1 +++ libc/stdlib/posix_pty.c 4 May 2015 04:48:11 - @@ -35,13 +35,14 @@ posix_openpt(int oflag) int fd, mfd = -1; /* User must specify O_RDWR in oflag. */ - if (!(oflag O_RDWR)) { + if ((oflag O_ACCMODE) != O_RDWR || + (oflag ~(O_ACCMODE | O_NOCTTY)) != 0) { errno = EINVAL; return -1; } I don't see the need to use O_ACCMODE here at all. Why not just: if (!(oflag O_RDWR) || (oflag ~(O_RDWR | O_NOCTTY)) != 0) because this is as ugly as the existing code, but harder to understand. or even: if (oflag != O_RDWR oflag != (O_RDWR | O_NOCTTY)) because whoever will cut'n'paste this code and then allow another access mode will screw up. Index: libkvm/kvm.c - if (flag ~O_ACCMODE) { + if ((flag ~O_ACCMODE) || (flag != O_RDONLY flag != O_WRONLY + flag != O_RDWR)){ The check against O_ACCMODE seems superfluous here since you added the explicit flag value checks. Agreed.
[PATCH] relayd.conf man page confusion
Fix a contradiction in the relayd.conf man page in the Protocols, tls section. The definition of TLS client and server is the opposite of what is stated in the forward and listen on descriptions, and the TLS Relays section. Tim. Index: relayd.conf.5 === RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v retrieving revision 1.161 diff -u -p -r1.161 relayd.conf.5 --- relayd.conf.5 9 Mar 2015 17:20:38 - 1.161 +++ relayd.conf.5 5 May 2015 00:21:24 - @@ -905,12 +905,12 @@ are true: .Pp .Bl -bullet -compact -offset indent .It -TLS client mode is enabled by the +TLS server mode is enabled by the .Ic listen directive: .Ic listen on ... tls . .It -TLS server mode and divert lookups are enabled by the +TLS client mode and divert lookups are enabled by the .Ic forward directive: .Ic forward with tls to destination .
Re: sprinkle some symmetry on uvm_swap_encrypt
SWAP_KEY_PUT calls swap_key_delete, while SWAP_KEY_GET inlines its work. this shuffles it so the work is in uvm_swap_encrypt.c, and lets us reduce the scope of some of the globals in uvm_swap_encrypt.c. ok? Hmm, I wonder if this was done to limit the amount of stack space we use. In the past, when we were paging the kernel stack, that could obviously cause problems. Nowadays our kernel stacks are not pageable so this should not be an issue. ok kettenis@ Index: uvm_swap_encrypt.c === RCS file: /cvs/src/sys/uvm/uvm_swap_encrypt.c,v retrieving revision 1.21 diff -u -p -r1.21 uvm_swap_encrypt.c --- uvm_swap_encrypt.c 4 May 2015 10:21:15 - 1.21 +++ uvm_swap_encrypt.c 4 May 2015 23:27:51 - @@ -88,6 +88,13 @@ swap_encrypt_ctl(int *name, u_int namele } void +swap_key_create(struct swap_key *key) +{ +arc4random_buf(key-key, sizeof(key-key)); +uvm_swpkeyscreated++; +} + +void swap_key_delete(struct swap_key *key) { /* Make sure that this key gets removed if we just used it */ Index: uvm_swap_encrypt.h === RCS file: /cvs/src/sys/uvm/uvm_swap_encrypt.h,v retrieving revision 1.9 diff -u -p -r1.9 uvm_swap_encrypt.h --- uvm_swap_encrypt.h 23 Mar 2009 22:10:04 - 1.9 +++ uvm_swap_encrypt.h 4 May 2015 23:27:51 - @@ -61,13 +61,9 @@ void swap_decrypt(struct swap_key *,cadd void swap_key_cleanup(struct swap_key *); void swap_key_prepare(struct swap_key *, int); -extern u_int uvm_swpkeyscreated; - #define SWAP_KEY_GET(s,x) do {\ if ((x)-refcount == 0) { \ -arc4random_buf((x)-key,\ -sizeof((x)-key)); \ -uvm_swpkeyscreated++; \ +swap_key_create(x); \ } \ (x)-refcount++;\ } while(0); @@ -79,6 +75,7 @@ extern u_int uvm_swpkeyscreated; } \ } while(0); +void swap_key_create(struct swap_key *); void swap_key_delete(struct swap_key *); extern int uvm_doswapencrypt; /* swapencrypt enabled/disabled */
Re: more precise O_ACCMODE handling
On Mon, 4 May 2015, Miod Vallat wrote: Index: libc/stdlib/posix_pty.c === RCS file: /cvs/src/lib/libc/stdlib/posix_pty.c,v retrieving revision 1.1 diff -u -p -r1.1 posix_pty.c --- libc/stdlib/posix_pty.c 3 Dec 2012 20:08:33 - 1.1 +++ libc/stdlib/posix_pty.c 4 May 2015 04:48:11 - @@ -35,13 +35,14 @@ posix_openpt(int oflag) int fd, mfd = -1; /* User must specify O_RDWR in oflag. */ - if (!(oflag O_RDWR)) { + if ((oflag O_ACCMODE) != O_RDWR || + (oflag ~(O_ACCMODE | O_NOCTTY)) != 0) { errno = EINVAL; return -1; } I don't see the need to use O_ACCMODE here at all. Why not just: if (!(oflag O_RDWR) || (oflag ~(O_RDWR | O_NOCTTY)) != 0) because this is as ugly as the existing code, but harder to understand. It's also wrong if O_RDWR has multiple bits set and there's another mode with a subset of those set...as O_SEARCH or O_EXEC may well be on some systems. Index: libkvm/kvm.c - if (flag ~O_ACCMODE) { + if ((flag ~O_ACCMODE) || (flag != O_RDONLY flag != O_WRONLY + flag != O_RDWR)){ The check against O_ACCMODE seems superfluous here since you added the explicit flag value checks. Agreed. Point. I'll drop that. Philip
sprinkle some symmetry on uvm_swap_encrypt
SWAP_KEY_PUT calls swap_key_delete, while SWAP_KEY_GET inlines its work. this shuffles it so the work is in uvm_swap_encrypt.c, and lets us reduce the scope of some of the globals in uvm_swap_encrypt.c. ok? Index: uvm_swap_encrypt.c === RCS file: /cvs/src/sys/uvm/uvm_swap_encrypt.c,v retrieving revision 1.21 diff -u -p -r1.21 uvm_swap_encrypt.c --- uvm_swap_encrypt.c 4 May 2015 10:21:15 - 1.21 +++ uvm_swap_encrypt.c 4 May 2015 23:27:51 - @@ -88,6 +88,13 @@ swap_encrypt_ctl(int *name, u_int namele } void +swap_key_create(struct swap_key *key) +{ + arc4random_buf(key-key, sizeof(key-key)); + uvm_swpkeyscreated++; +} + +void swap_key_delete(struct swap_key *key) { /* Make sure that this key gets removed if we just used it */ Index: uvm_swap_encrypt.h === RCS file: /cvs/src/sys/uvm/uvm_swap_encrypt.h,v retrieving revision 1.9 diff -u -p -r1.9 uvm_swap_encrypt.h --- uvm_swap_encrypt.h 23 Mar 2009 22:10:04 - 1.9 +++ uvm_swap_encrypt.h 4 May 2015 23:27:51 - @@ -61,13 +61,9 @@ void swap_decrypt(struct swap_key *,cadd void swap_key_cleanup(struct swap_key *); void swap_key_prepare(struct swap_key *, int); -extern u_int uvm_swpkeyscreated; - #define SWAP_KEY_GET(s,x) do {\ if ((x)-refcount == 0) { \ - arc4random_buf((x)-key,\ - sizeof((x)-key)); \ - uvm_swpkeyscreated++; \ + swap_key_create(x); \ } \ (x)-refcount++;\ } while(0); @@ -79,6 +75,7 @@ extern u_int uvm_swpkeyscreated; } \ } while(0); +void swap_key_create(struct swap_key *); void swap_key_delete(struct swap_key *); extern int uvm_doswapencrypt; /* swapencrypt enabled/disabled */
fifo_poll: use a_fflag to determine valid events
Now that we have a_fflag in struct vop_poll_args we can handle things like POLLOUT on a read-only fd more sensibly. Previously, any poll events could be used regardless of the actual file flags of the descriptor. Rather than call soo_poll() I've created a real fifo_poll() that checks the socket status. With this change, POLLOUT on a read-only fd will be ignored. This is similar to what Linux does, though Linux will return POLLHUP when the writer closes even when there are no valid events specified. I have updated regress tests too... - todd Index: sys/miscfs/fifofs/fifo_vnops.c === RCS file: /cvs/src/sys/miscfs/fifofs/fifo_vnops.c,v retrieving revision 1.45 diff -u -p -u -r1.45 fifo_vnops.c --- sys/miscfs/fifofs/fifo_vnops.c 12 Feb 2015 14:31:02 - 1.45 +++ sys/miscfs/fifofs/fifo_vnops.c 4 May 2015 20:41:22 - @@ -38,6 +38,7 @@ #include sys/namei.h #include sys/vnode.h #include sys/lock.h +#include sys/protosw.h #include sys/socket.h #include sys/socketvar.h #include sys/stat.h @@ -289,23 +290,46 @@ int fifo_poll(void *v) { struct vop_poll_args *ap = v; - struct file filetmp; - const int events = ap-a_events; + struct socket *rso = ap-a_vp-v_fifoinfo-fi_readsock; + struct socket *wso = ap-a_vp-v_fifoinfo-fi_writesock; + int events = 0; int revents = 0; + int s; - if (events (POLLIN | POLLPRI | POLLRDNORM | POLLRDBAND)) { - filetmp.f_data = ap-a_vp-v_fifoinfo-fi_readsock; - if (filetmp.f_data) - revents |= soo_poll(filetmp, events, ap-a_p); + if (ap-a_fflag FREAD) + events |= ap-a_events (POLLIN | POLLPRI | POLLRDNORM | POLLRDBAND); + if (ap-a_fflag FWRITE) + events |= ap-a_events (POLLOUT | POLLWRNORM | POLLWRBAND); + if (events == 0) + return (0); + + s = splsoftnet(); + if (events (POLLIN | POLLRDNORM)) { + if (soreadable(rso)) + revents |= events (POLLIN | POLLRDNORM); + } + /* NOTE: POLLHUP and POLLOUT/POLLWRNORM are mutually exclusive */ + if (rso-so_state SS_ISDISCONNECTED) { + revents |= POLLHUP; + } else if (events (POLLOUT | POLLWRNORM)) { + if (sowriteable(wso)) + revents |= events (POLLOUT | POLLWRNORM); } - /* POLLHUP and POLLOUT/POLLWRNORM/POLLWRBAND are mutually exclusive */ - if (!(revents POLLHUP)) { - if (events (POLLOUT | POLLWRNORM | POLLWRBAND)) { - filetmp.f_data = ap-a_vp-v_fifoinfo-fi_writesock; - if (filetmp.f_data) - revents |= soo_poll(filetmp, events, ap-a_p); + if (events (POLLPRI | POLLRDBAND)) { + if (rso-so_oobmark || (rso-so_state SS_RCVATMARK)) + revents |= events (POLLPRI | POLLRDBAND); + } + if (revents == 0) { + if (events (POLLIN | POLLPRI | POLLRDNORM | POLLRDBAND)) { + selrecord(ap-a_p, rso-so_rcv.sb_sel); + rso-so_rcv.sb_flagsintr |= SB_SEL; + } + if (events (POLLOUT | POLLWRNORM)) { + selrecord(ap-a_p, wso-so_snd.sb_sel); + wso-so_snd.sb_flagsintr |= SB_SEL; } } + splx(s); return (revents); }
getprogname(3) manpage fix
Index: getprogname.3 === RCS file: /cvs/src/lib/libc/gen/getprogname.3,v retrieving revision 1.4 diff -u -p -r1.4 getprogname.3 --- getprogname.3 31 Jul 2013 16:43:27 - 1.4 +++ getprogname.3 4 May 2015 20:34:35 - @@ -55,7 +55,7 @@ or other diagnostic output. The .Fn setprogname function sets the name of the program to be the last path component of the -.Fa progname +.Fa name argument. Internally, only the pointer to the given string is kept as the program name, so it should not be modified and the storage for the string must remain valid @@ -65,9 +65,9 @@ for the rest of the program's lifetime. .Xr setproctitle 3 .Sh HISTORY The -.Nm getprogname +.Fn getprogname and -.Nm setprogname +.Fn setprogname functions first appeared in .Ox 5.4 as function-based wrappers around the