sxidog hang
Trying to disable the watchdog on the allwinner,sun5i-r8 breaks the reboot ('reboot failed; spinning'). Can we change this back at least for the A10? Index: sxidog.c === RCS file: /cvs/src/sys/arch/armv7/sunxi/sxidog.c,v retrieving revision 1.9 diff -u -p -r1.9 sxidog.c --- sxidog.c27 Aug 2016 14:13:14 - 1.9 +++ sxidog.c2 Sep 2016 06:27:21 - @@ -148,9 +148,8 @@ sxidog_callback(void *arg, int period) switch (sc->sc_type) { case SXIDOG_A10: - enable = (period > 0) ? WDOG_EN : 0; SXIWRITE4(sc, WDOG_MODE_REG, - enable | WDOG_RST_EN | WDOG_INTV_VALUE(period)); + WDOG_EN | WDOG_RST_EN | WDOG_INTV_VALUE(period)); SXIWRITE4(sc, WDOG_CTRL_REG, WDOG_KEY | WDOG_RSTART); break; case SXIDOG_A31:
Re: armv7/omap: amdisplay(4)
Work on amdisplay(4) continues uneventfully. It is very nearly complete, just need to fix some DMA issues I am having trouble with. Ian Index: arch/armv7/conf/GENERIC === RCS file: /cvs/src/sys/arch/armv7/conf/GENERIC,v retrieving revision 1.45 diff -u -p -r1.45 GENERIC --- arch/armv7/conf/GENERIC 11 Aug 2016 04:33:06 - 1.45 +++ arch/armv7/conf/GENERIC 2 Sep 2016 05:12:54 - @@ -70,6 +70,7 @@ omgpio* at fdt? # user-visible GPIO p gpio* at omgpio? tiiic* at fdt? iic* at tiiic? +nxptda*at iic? gptimer* at omap?# general purpose timers dmtimer* at omap?# am335x dual mode timers omusbtll* at omap? @@ -77,6 +78,7 @@ cpsw* at fdt? com* at fdt? # onboard uarts ommmc* at fdt? # SD/MMC card controller sdmmc* at ommmc? # SD/MMC bus +amdisplay* at fdt? # LCD controller omehci*at fdt? # EHCI usb* at omehci? Index: arch/armv7/omap/am335x_prcmreg.h === RCS file: /cvs/src/sys/arch/armv7/omap/am335x_prcmreg.h,v retrieving revision 1.4 diff -u -p -r1.4 am335x_prcmreg.h --- arch/armv7/omap/am335x_prcmreg.h18 Mar 2014 07:34:17 - 1.4 +++ arch/armv7/omap/am335x_prcmreg.h2 Sep 2016 05:06:06 - @@ -20,6 +20,7 @@ #define AM335X_CLKCTRL_MODULEMODE_MASK 0x0003 #define PRCM_AM335X_CM_PER 0x +#define PRCM_AM335X_LCDC_CLKCTRL 0x0018 #define PRCM_AM335X_USB0_CLKCTRL 0x001c #define PRCM_AM335X_TPTC0_CLKCTRL 0x0024 #define PRCM_AM335X_MMC0_CLKCTRL 0x003c @@ -38,6 +39,10 @@ #define PRCM_AM335X_CM_WKUP0x0400 #define PRCM_AM335X_GPIO0_CLKCTRL 0x0408 #define PRCM_AM335X_TIMER0_CLKCTRL 0x0410 +#define PRCM_AM335X_DISP_IDLEST0x0448 +#define PRCM_AM335X_DISP_CLKSEL0x0454 +#define PRCM_AM335X_DISP_CLKMODE 0x0498 +#define PRCM_AM335X_DISP_M20x04a4 #define PRCM_AM335X_I2C0_CLKCTRL 0x04b8 #define PRCM_AM335X_CM_DPLL0x0500 #define PRCM_AM335X_CLKSEL_TIMER2_CLK 0x0508 Index: arch/armv7/omap/amdisplay.c === RCS file: arch/armv7/omap/amdisplay.c diff -N arch/armv7/omap/amdisplay.c --- /dev/null 1 Jan 1970 00:00:00 - +++ arch/armv7/omap/amdisplay.c 2 Sep 2016 05:06:06 - @@ -0,0 +1,643 @@ +/* + * Copyright (c) 2016 Ian Sutton + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include +#include +#include +#include +#include + +#include +#include +#include +#include +#include +#include +#include + +#include +#include +#include + +#include + +#include +#include +#include + +#define DEVNAME(_s) ((_s)->sc_dev.dv_xname) + +#define HREAD4(sc, reg) \ + (bus_space_read_4((sc)->sc_iot, (sc)->sc_ioh, (reg))) +#define HWRITE4(sc, reg, val) \ + bus_space_write_4((sc)->sc_iot, (sc)->sc_ioh, (reg), (val)) +#define HSET4(sc, reg, bits) \ + HWRITE4((sc), (reg), HREAD4((sc), (reg)) | (bits)) +#define HCLR4(sc, reg, bits) \ + HWRITE4((sc), (reg), HREAD4((sc), (reg)) & ~(bits)) + +struct amdisplay_softc { + struct device sc_dev; + bus_space_tag_t sc_iot; + bus_space_handle_t sc_ioh; + bus_dma_tag_t sc_dmat; + void*sc_ih; + + struct edid_info*sc_edid; + struct videomode*sc_active_mode; + int sc_active_depth; + + bus_dmamap_tsc_fb0_dma; +// bus_dmamap_tsc_fb1_dma; + bus_dma_segment_t sc_fb0_dma_segs[1]; +// bus_dma_segment_t sc_fb1_dma_segs[1]; + void*sc_fb0; +// void*sc_fb1; + int sc_fb_dma_nsegs; + bus_size_t sc_fb_size; +
[patch] www . plat.html - validation nitpick
Thu, 1 Sep 2016 09:15:29 -0600 (MDT) T.J. Townsend > CVSROOT: /cvs > Module name: www > Changes by: t...@cvs.openbsd.org2016/09/01 09:15:29 > > Modified files: > . : plat.html sparc.html > faq: faq1.html > > Log message: > sparc did not have a 6.0 release. > Hi tech@, [http://validator.w3.org/check?uri=http://www.openbsd.org/plat.html] [http://www.htmlhelp.org/cgi-bin/validate.cgi?url=http://www.openbsd.org/plat.html] Tweak previous: rejoin a left behind table row open tag with its block. Kind regards, Anton $ diff -u plat.html-1.14{2,3} --- plat.html-1.142 Fri Sep 2 03:18:29 2016 +++ plat.html-1.143 Fri Sep 2 03:19:57 2016 @@ -193,10 +193,10 @@ Solbourne ``IDT'' Sparc-like S3000, S4000 and S4000DX systems - sparc Sun sun4, sun4c, sun4e and sun4m class SPARC systems + sun3 Sun sun3 class systems
Re: constify auth functions
On Thu, 01 Sep 2016 13:27:49 -0400, "Ted Unangst" wrote: > Ted Unangst wrote: > > I'm getting annoying warnings because these functions aren't const. > > so > > turns out several of these functions *do* modify their parameters. which is > probably chaos, because i think we sometimes call them with const parameters. I think you'll have to constify login_cap(3) first since the auth functions call into login_cap(3). - todd
Re: switch the cubie miniroot to cubieboard2
si...@slackware.it [si...@slackware.it] wrote: > Speaking as a Cubieboard owner here ;-) > Would it be too much hassle to provide both images? (and a pony!) > It's fairly easy to take a miniroot image for a similar board, and adapt it to your board. Since both the Cubieboard and Cubieboard2 are Allwinner based, the miniroot's general structure does not change. 1. Install u-boot-2016.07p1 from ports/packages (packages if you don't want to wait all day) 2. Examine /usr/src/distrib/armv7/ramdisk/install.md and find a similar board (same or similar chipset). 3. Find the proper u-boot/dtb stuff in /usr/local/share/u-boot 4. Download the miniroot image for a board that has the same or similar chipset to your board 5. vnconfig vnd0 miniroot.fs 6. Install proper u-boot image to the miniroot image. The install.md file tells you how to copy the proper u-boot/dtb over. For instance, Cubieboard is Allwinner A10/A20, and my Lime is A20. install.md says: cubie) dd if=$_mdec/u-boot-sunxi-with-spl.bin of=${_disk}c \ bs=1024 seek=8 >/dev/null 2>&1 So, to get my Lime or Lime2 working, I do this: dd if=/usr/local/share/u-boot/A20-OLinuXino-Lime2/u-boot-sunxi-with-spl.bin of=/dev/rvnd0c bs=1024 seek=8 (Note: Lime and lime2 bootloaders will appear to work on both boards, but if you don't use the right one, the Realtek ethernet PHY will not be properly initialized.) 7. vnconfig -u vnd0 8. Write miniroot.fs to your SD card You don't have to use vnd, but this is conceptually simpler and less error prone than trying to chop it up with dd. Chris
NULL deref in usb_set_config_index()
Diff attached fix two NULL dereferences in usb_set_config_index(). Index: usb_subr.c === RCS file: /cvs/src/sys/dev/usb/usb_subr.c,v retrieving revision 1.123 diff -u -p -r1.123 usb_subr.c --- usb_subr.c 23 May 2016 11:31:12 - 1.123 +++ usb_subr.c 1 Sep 2016 17:30:35 - @@ -654,17 +654,20 @@ usbd_set_config_index(struct usbd_device /* We are unconfiguring the device, so leave unallocated. */ DPRINTF(("usbd_set_config_index: set config 0\n")); err = usbd_set_config(dev, USB_UNCONFIG_NO); - if (err) + if (err) { DPRINTF(("usbd_set_config_index: setting config=0 " "failed, error=%s\n", usbd_errstr(err))); + } return (err); } /* Get the short descriptor. */ err = usbd_get_desc(dev, UDESC_CONFIG, index, USB_CONFIG_DESCRIPTOR_SIZE, &cd); - if (err || cd.bDescriptorType != UDESC_CONFIG) + if (err) return (err); + if (cd.bDescriptorType != UDESC_CONFIG) + return (USBD_INVAL); len = UGETW(cd.wTotalLength); cdp = malloc(len, M_USB, M_NOWAIT); if (cdp == NULL)
Re: constify auth functions
Ted Unangst wrote: > I'm getting annoying warnings because these functions aren't const. so turns out several of these functions *do* modify their parameters. which is probably chaos, because i think we sometimes call them with const parameters.
Re: Drop IPSec traffic that should be encapsulated but is not
On Thu, Sep 01 2016 at 46:18, Vincent Gross wrote: > On Thu, 1 Sep 2016 18:02:14 +0200 > Claer wrote: > > > Hello, > > > > In some production systems, I'm still using an old patch to isakmpd for > > Nat-t. When negociating SAs with ASA peers and OpenBSD is nated, you have > > issues during negociation. The following discutions explain the issue > > > > http://openbsd.7691.n7.nabble.com/isakmpd-NAT-T-interoperability-td173004.html > > http://marc.info/?l=openbsd-tech&m=139140140105433&w=2 > > > > I think the patch is related to the parts of the code you are working on. > > > > Actually it is not. The issue you are referencing is in isakmpd, > whereas the diff below is in the OpenBSD kernel. Totally different > stuff. I do not plan to look at isakmpd at the moment, as it only > supports IKEv1, and its code is nearly twice the size of iked. > > I do not have Cisco gear available to test, is this issue present when > opening NAT-T tunnels with iked ? Sorry I overlooked your diff. Unfortunately I didn't have the opportunity to test with an ASA and iked. I don't have any ASA on hand (usually they are on the client's side :)) > Cheers Thanks for your time! Claer > > Would you mind looking at this issue also? :) > > > > Thanks! > > > > Claer > > > > On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote: > > > > > Our IPSec stack rejects UDP-encapsulated traffic using a non > > > encapsulating SA, but not the other way around. This diff adds > > > the missing check and the corresponding stat counter. > > > > > > Ok ? > > > > > > Index: sys/netinet/ip_esp.h > > > === > > > RCS file: /cvs/src/sys/netinet/ip_esp.h,v > > > retrieving revision 1.42 > > > diff -u -p -r1.42 ip_esp.h > > > --- sys/netinet/ip_esp.h 10 Jan 2010 12:43:07 - > > > 1.42 +++ sys/netinet/ip_esp.h 1 Sep 2016 08:24:15 - > > > @@ -62,6 +62,7 @@ struct espstat > > > u_int32_tesps_udpencin; /* Input ESP-in-UDP packets */ > > > u_int32_tesps_udpencout; /* Output ESP-in-UDP packets > > > */ u_int32_t esps_udpinval; /* Invalid input ESP-in-UDP > > > packets */ > > > +u_int32_tesps_udpneeded; /* Trying to use a ESP-in-UDP > > > TDB */ }; > > > > > > /* > > > Index: sys/netinet/ipsec_input.c > > > === > > > RCS file: /cvs/src/sys/netinet/ipsec_input.c,v > > > retrieving revision 1.135 > > > diff -u -p -r1.135 ipsec_input.c > > > --- sys/netinet/ipsec_input.c 10 Sep 2015 17:52:05 > > > - 1.135 +++ sys/netinet/ipsec_input.c 1 Sep 2016 > > > 08:24:16 - @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf > > > *m, int s return EINVAL; > > > } > > > > > > + if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) { > > > + splx(s); > > > + DPRINTF(("ipsec_common_input(): attempted to use > > > udpencap " > > > + "SA %s/%08x/%u\n", ipsp_address(&dst_address, > > > buf, > > > + sizeof(buf)), ntohl(spi), tdbp->tdb_sproto)); > > > + m_freem(m); > > > + espstat.esps_udpneeded++; > > > + return EINVAL; > > > + } > > > + > > > if (tdbp->tdb_xform == NULL) { > > > splx(s); > > > DPRINTF(("ipsec_common_input(): attempted to use > > > uninitialized " Index: usr.bin/netstat/inet.c > > > === > > > RCS file: /cvs/src/usr.bin/netstat/inet.c,v > > > retrieving revision 1.150 > > > diff -u -p -r1.150 inet.c > > > --- usr.bin/netstat/inet.c27 Aug 2016 04:13:43 - > > > 1.150 +++ usr.bin/netstat/inet.c 1 Sep 2016 08:24:16 - > > > @@ -1073,6 +1073,7 @@ esp_stats(char *name) > > > p(esps_udpencin, "\t%u input UDP encapsulated ESP > > > packet%s\n"); p(esps_udpencout, "\t%u output UDP encapsulated ESP > > > packet%s\n"); p(esps_udpinval, "\t%u UDP packet%s for > > > non-encapsulating TDB received\n"); > > > + p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating > > > TDB received\n"); p(esps_ibytes, "\t%llu input byte%s\n"); > > > p(esps_obytes, "\t%llu output byte%s\n"); > > > > > > >
Re: Drop IPSec traffic that should be encapsulated but is not
On Thu, 1 Sep 2016 18:02:14 +0200 Claer wrote: > Hello, > > In some production systems, I'm still using an old patch to isakmpd > for Nat-t. > When negociating SAs with ASA peers and OpenBSD is nated, you have > issues during negociation. The following discutions explain the issue > > http://openbsd.7691.n7.nabble.com/isakmpd-NAT-T-interoperability-td173004.html > http://marc.info/?l=openbsd-tech&m=139140140105433&w=2 > > I think the patch is related to the parts of the code you are working > on. > Actually it is not. The issue you are referencing is in isakmpd, whereas the diff below is in the OpenBSD kernel. Totally different stuff. I do not plan to look at isakmpd at the moment, as it only supports IKEv1, and its code is nearly twice the size of iked. I do not have Cisco gear available to test, is this issue present when opening NAT-T tunnels with iked ? Cheers > Would you mind looking at this issue also? :) > > Thanks! > > Claer > > On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote: > > > Our IPSec stack rejects UDP-encapsulated traffic using a non > > encapsulating SA, but not the other way around. This diff adds > > the missing check and the corresponding stat counter. > > > > Ok ? > > > > Index: sys/netinet/ip_esp.h > > === > > RCS file: /cvs/src/sys/netinet/ip_esp.h,v > > retrieving revision 1.42 > > diff -u -p -r1.42 ip_esp.h > > --- sys/netinet/ip_esp.h10 Jan 2010 12:43:07 - > > 1.42 +++ sys/netinet/ip_esp.h 1 Sep 2016 08:24:15 - > > @@ -62,6 +62,7 @@ struct espstat > > u_int32_t esps_udpencin; /* Input ESP-in-UDP packets */ > > u_int32_t esps_udpencout; /* Output ESP-in-UDP packets > > */ u_int32_tesps_udpinval; /* Invalid input ESP-in-UDP > > packets */ > > +u_int32_t esps_udpneeded; /* Trying to use a ESP-in-UDP > > TDB */ }; > > > > /* > > Index: sys/netinet/ipsec_input.c > > === > > RCS file: /cvs/src/sys/netinet/ipsec_input.c,v > > retrieving revision 1.135 > > diff -u -p -r1.135 ipsec_input.c > > --- sys/netinet/ipsec_input.c 10 Sep 2015 17:52:05 > > - 1.135 +++ sys/netinet/ipsec_input.c 1 Sep 2016 > > 08:24:16 - @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf > > *m, int s return EINVAL; > > } > > > > + if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) { > > + splx(s); > > + DPRINTF(("ipsec_common_input(): attempted to use > > udpencap " > > + "SA %s/%08x/%u\n", ipsp_address(&dst_address, > > buf, > > + sizeof(buf)), ntohl(spi), tdbp->tdb_sproto)); > > + m_freem(m); > > + espstat.esps_udpneeded++; > > + return EINVAL; > > + } > > + > > if (tdbp->tdb_xform == NULL) { > > splx(s); > > DPRINTF(("ipsec_common_input(): attempted to use > > uninitialized " Index: usr.bin/netstat/inet.c > > === > > RCS file: /cvs/src/usr.bin/netstat/inet.c,v > > retrieving revision 1.150 > > diff -u -p -r1.150 inet.c > > --- usr.bin/netstat/inet.c 27 Aug 2016 04:13:43 - > > 1.150 +++ usr.bin/netstat/inet.c1 Sep 2016 08:24:16 - > > @@ -1073,6 +1073,7 @@ esp_stats(char *name) > > p(esps_udpencin, "\t%u input UDP encapsulated ESP > > packet%s\n"); p(esps_udpencout, "\t%u output UDP encapsulated ESP > > packet%s\n"); p(esps_udpinval, "\t%u UDP packet%s for > > non-encapsulating TDB received\n"); > > + p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating > > TDB received\n"); p(esps_ibytes, "\t%llu input byte%s\n"); > > p(esps_obytes, "\t%llu output byte%s\n"); > > > >
Re: Drop IPSec traffic that should be encapsulated but is not
Hello, In some production systems, I'm still using an old patch to isakmpd for Nat-t. When negociating SAs with ASA peers and OpenBSD is nated, you have issues during negociation. The following discutions explain the issue http://openbsd.7691.n7.nabble.com/isakmpd-NAT-T-interoperability-td173004.html http://marc.info/?l=openbsd-tech&m=139140140105433&w=2 I think the patch is related to the parts of the code you are working on. Would you mind looking at this issue also? :) Thanks! Claer On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote: > Our IPSec stack rejects UDP-encapsulated traffic using a non > encapsulating SA, but not the other way around. This diff adds > the missing check and the corresponding stat counter. > > Ok ? > > Index: sys/netinet/ip_esp.h > === > RCS file: /cvs/src/sys/netinet/ip_esp.h,v > retrieving revision 1.42 > diff -u -p -r1.42 ip_esp.h > --- sys/netinet/ip_esp.h 10 Jan 2010 12:43:07 - 1.42 > +++ sys/netinet/ip_esp.h 1 Sep 2016 08:24:15 - > @@ -62,6 +62,7 @@ struct espstat > u_int32_tesps_udpencin; /* Input ESP-in-UDP packets */ > u_int32_tesps_udpencout; /* Output ESP-in-UDP packets */ > u_int32_tesps_udpinval; /* Invalid input ESP-in-UDP packets */ > +u_int32_tesps_udpneeded; /* Trying to use a ESP-in-UDP TDB */ > }; > > /* > Index: sys/netinet/ipsec_input.c > === > RCS file: /cvs/src/sys/netinet/ipsec_input.c,v > retrieving revision 1.135 > diff -u -p -r1.135 ipsec_input.c > --- sys/netinet/ipsec_input.c 10 Sep 2015 17:52:05 - 1.135 > +++ sys/netinet/ipsec_input.c 1 Sep 2016 08:24:16 - > @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf *m, int s > return EINVAL; > } > > + if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) { > + splx(s); > + DPRINTF(("ipsec_common_input(): attempted to use udpencap " > + "SA %s/%08x/%u\n", ipsp_address(&dst_address, buf, > + sizeof(buf)), ntohl(spi), tdbp->tdb_sproto)); > + m_freem(m); > + espstat.esps_udpneeded++; > + return EINVAL; > + } > + > if (tdbp->tdb_xform == NULL) { > splx(s); > DPRINTF(("ipsec_common_input(): attempted to use uninitialized " > Index: usr.bin/netstat/inet.c > === > RCS file: /cvs/src/usr.bin/netstat/inet.c,v > retrieving revision 1.150 > diff -u -p -r1.150 inet.c > --- usr.bin/netstat/inet.c27 Aug 2016 04:13:43 - 1.150 > +++ usr.bin/netstat/inet.c1 Sep 2016 08:24:16 - > @@ -1073,6 +1073,7 @@ esp_stats(char *name) > p(esps_udpencin, "\t%u input UDP encapsulated ESP packet%s\n"); > p(esps_udpencout, "\t%u output UDP encapsulated ESP packet%s\n"); > p(esps_udpinval, "\t%u UDP packet%s for non-encapsulating TDB > received\n"); > + p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating TDB > received\n"); > p(esps_ibytes, "\t%llu input byte%s\n"); > p(esps_obytes, "\t%llu output byte%s\n"); > >
Re: constify auth functions
On Thu, 01 Sep 2016 10:51:06 -0400, "Ted Unangst" wrote: > I'm getting annoying warnings because these functions aren't const. As we're the only users of BSD auth I think this is fine. - todd
Use after fruit in usbd_set_config_index()
Fuzzing our USB stack is interesting. Here's the first panic: panic() at panic+0xfe free() at free+0xed usbd_free_iface_data() at usbd_free_iface_data+0x49 usb_free_device() at usb_free_device+0x83 usbd_new_device() at usbd_new_device+0x1f5 uhub_port_connect() at uhub_port_connect+0x14e uhub_explore() at uhub_explore+0x229 uhub_explore() at uhub_explore+0x180 usb_explore() at usb_explore+0x153 usb_task_thread() at usb_task_thread+0xb6 What happened here is that usbd_set_config_index() incorrectly free'd the device descriptor: ``dev->cdesc'' of the faulty USB device. However the stack and drivers assumes that this descriptor is always present and dereference it in usb_free_device(). That's why I want to call usbd_set_config_index() as early as possible, cf my other email. Diff attached fix this problem by not freeing the descriptor if an error occurs. ok? Index: usb_subr.c === RCS file: /cvs/src/sys/dev/usb/usb_subr.c,v retrieving revision 1.123 diff -u -p -u -7 -r1.123 usb_subr.c --- usb_subr.c 23 May 2016 11:31:12 - 1.123 +++ usb_subr.c 1 Sep 2016 14:12:37 - @@ -775,19 +775,16 @@ usbd_set_config_index(struct usbd_device goto bad; } DPRINTFN(5,("usbd_set_config_index: dev=%p cdesc=%p\n", dev, cdp)); dev->cdesc = cdp; dev->config = cdp->bConfigurationValue; for (ifcidx = 0; ifcidx < nifc; ifcidx++) { err = usbd_fill_iface_data(dev, ifcidx, 0); - if (err) { - while (--ifcidx >= 0) -usbd_free_iface_data(dev, ifcidx); - goto bad; - } + if (err) + return (err); } return (USBD_NORMAL_COMPLETION); bad: free(cdp, M_USB, 0); return (err);
Re: MSI-X support
On 4.5.2016. 16:32, Mark Kettenis wrote: >>> This is great, thanks for doing this! I'm a bit surprised that >>> we don't need to the same suspend/resume dance in ppb(4) as with >>> MSI. >>> >> >> That is an excellent point I overlooked. Kettenis, do we? > > Almost certainly. I committed the diff, but left the bits out that > start using it in em(4) and xhci(4). > Hi all, is it a good time to enable msi-x on em(4) ?
constify auth functions
I'm getting annoying warnings because these functions aren't const. Index: include/bsd_auth.h === RCS file: /cvs/src/include/bsd_auth.h,v retrieving revision 1.10 diff -u -p -r1.10 bsd_auth.h --- include/bsd_auth.h 21 Apr 2014 11:27:34 - 1.10 +++ include/bsd_auth.h 1 Sep 2016 13:15:08 - @@ -60,15 +60,15 @@ char*auth_getitem(auth_session_t *, aut int auth_setitem(auth_session_t *, auth_item_t, char *); auth_session_t *auth_open(void); -auth_session_t *auth_verify(auth_session_t *, char *, char *, ...) +auth_session_t *auth_verify(auth_session_t *, const char *, const char *, ...) __attribute__((__sentinel__)); -auth_session_t *auth_userchallenge(char *, char *, char *, char **); -auth_session_t *auth_usercheck(char *, char *, char *, char *); +auth_session_t *auth_userchallenge(const char *, const char *, const char *, char **); +auth_session_t *auth_usercheck(const char *, const char *, const char *, char *); int auth_userresponse(auth_session_t *, char *, int); -int auth_userokay(char *, char *, char *, char *); -int auth_approval(auth_session_t *, struct login_cap *, char *, char *); +int auth_userokay(const char *, const char *, const char *, char *); +int auth_approval(auth_session_t *, struct login_cap *, const char *, const char *); int auth_close(auth_session_t *); voidauth_clean(auth_session_t *); Index: lib/libc/gen/authenticate.c === RCS file: /cvs/src/lib/libc/gen/authenticate.c,v retrieving revision 1.26 diff -u -p -r1.26 authenticate.c --- lib/libc/gen/authenticate.c 26 May 2016 15:51:37 - 1.26 +++ lib/libc/gen/authenticate.c 1 Sep 2016 13:12:42 - @@ -174,7 +174,7 @@ auth_cat(char *file) DEF_WEAK(auth_cat); int -auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type) +auth_approval(auth_session_t *as, login_cap_t *lc, const char *name, const char *type) { int close_on_exit, close_lc_on_exit, len; struct passwd pwstore, *pwd; @@ -305,7 +305,7 @@ out: DEF_WEAK(auth_approval); auth_session_t * -auth_usercheck(char *name, char *style, char *type, char *password) +auth_usercheck(const char *name, const char *style, const char *type, char *password) { char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1]; char pwbuf[_PW_BUF_LEN]; @@ -363,7 +363,7 @@ auth_usercheck(char *name, char *style, DEF_WEAK(auth_usercheck); int -auth_userokay(char *name, char *style, char *type, char *password) +auth_userokay(const char *name, const char *style, const char *type, char *password) { auth_session_t *as; @@ -374,7 +374,7 @@ auth_userokay(char *name, char *style, c DEF_WEAK(auth_userokay); auth_session_t * -auth_userchallenge(char *name, char *style, char *type, char **challengep) +auth_userchallenge(const char *name, const char *style, const char *type, char **challengep) { char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1]; auth_session_t *as; @@ -489,7 +489,7 @@ DEF_WEAK(auth_userresponse); * worked. */ auth_session_t * -auth_verify(auth_session_t *as, char *style, char *name, ...) +auth_verify(auth_session_t *as, const char *style, const char *name, ...) { va_list ap; char path[PATH_MAX];
iwn: enable SGI
This diff enables the short guard interval (SGI) feature of 802.11n. In theory this should raise the max data rate from 65Mbit/s to 72Mbit/s. To check if your AP supports SGI, associate to your AP and then run: tcpdump -n -i iwn0 -s 1500 -y IEEE802_11_RADIO -v type mgt subtype beacon and look for the SGI@20MHz HT capability: "htcaps=<...,SGI@20MHz,...>" Performance tests welcome. Index: if_iwn.c === RCS file: /cvs/src/sys/dev/pci/if_iwn.c,v retrieving revision 1.170 diff -u -p -r1.170 if_iwn.c --- if_iwn.c17 Aug 2016 09:43:27 - 1.170 +++ if_iwn.c1 Sep 2016 13:56:20 - @@ -463,15 +463,15 @@ iwn_attach(struct device *parent, struct ic->ic_txbfcaps = 0; ic->ic_aselcaps = 0; ic->ic_ampdu_params = (IEEE80211_AMPDU_PARAM_SS_4 | 0x3 /* 64k */); -#ifdef notyet if (sc->sc_flags & IWN_FLAG_HAS_11N) { /* Set HT capabilities. */ - ic->ic_htcaps = + ic->ic_htcaps = IEEE80211_HTCAP_SGI20; +#ifdef notyet + ic->ic_htcaps |= #if IWN_RBUF_SIZE == 8192 IEEE80211_HTCAP_AMSDU7935 | #endif IEEE80211_HTCAP_CBW20_40 | - IEEE80211_HTCAP_SGI20 | IEEE80211_HTCAP_SGI40; if (sc->hw_type != IWN_HW_REV_TYPE_4965) ic->ic_htcaps |= IEEE80211_HTCAP_GF; @@ -479,8 +479,8 @@ iwn_attach(struct device *parent, struct ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DYN; else ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DIS; - } #endif /* notyet */ + } /* Set supported legacy rates. */ ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b; @@ -3007,8 +3007,11 @@ iwn_tx(struct iwn_softc *sc, struct mbuf tx->plcp = rinfo->plcp; if ((ni->ni_flags & IEEE80211_NODE_HT) && - tx->id != sc->broadcast_id) + tx->id != sc->broadcast_id) { tx->rflags = rinfo->ht_flags; + if (ni->ni_htcaps & IEEE80211_HTCAP_SGI20) + tx->rflags |= IWN_RFLAG_SGI; + } else tx->rflags = rinfo->flags; if (tx->id == sc->broadcast_id) { @@ -3416,6 +3419,9 @@ iwn_set_link_quality(struct iwn_softc *s rinfo = &iwn_rates[iwn_mcs2ridx[txrate]]; linkq.retry[i].plcp = rinfo->ht_plcp; linkq.retry[i].rflags = rinfo->ht_flags; + + if (ni->ni_htcaps & IEEE80211_HTCAP_SGI20) + linkq.retry[i].rflags |= IWN_RFLAG_SGI; /* XXX set correct ant mask for MIMO rates here */ linkq.retry[i].rflags |= IWN_RFLAG_ANT(txant);
Malformed USB descriptors & usbd_set_config_index()
usbd_set_config_index() is a complex function parsing unstrusted USB descriptors. If a device presents itself with malformed descriptors we should stop probing as soon as possible. Our USB stack has a way to attach unconfigured USB devices to drivers, meaning that such drivers have to call usbd_set_config_index() in their *_attach() function. This is bad because *_attach() functions do not return errors and, in the best case, the kernel ends up with an attached but unusable driver. In the worst case this ends up in a panic, generally when the device is detached. I'll send one diff per panic as I found them with the fuzzer I got. In the meantime I'd like to commit the diff below which changes all the drivers using the first configuration, with index 0, to let the stack call usbd_set_config_index() for them. Ok? Index: uhub.c === RCS file: /cvs/src/sys/dev/usb/uhub.c,v retrieving revision 1.88 diff -u -p -r1.88 uhub.c --- uhub.c 29 Nov 2015 16:30:48 - 1.88 +++ uhub.c 1 Sep 2016 12:47:31 - @@ -102,11 +102,14 @@ uhub_match(struct device *parent, void * struct usb_attach_arg *uaa = aux; usb_device_descriptor_t *dd = usbd_get_device_descriptor(uaa->device); + if (uaa->iface == NULL) + return (UMATCH_NONE); + /* * The subclass for hubs seems to be 0 for some and 1 for others, * so we just ignore the subclass. */ - if (uaa->iface == NULL && dd->bDeviceClass == UDCLASS_HUB) + if (dd->bDeviceClass == UDCLASS_HUB) return (UMATCH_DEVCLASS_DEVSUBCLASS); return (UMATCH_NONE); } @@ -134,13 +137,6 @@ uhub_attach(struct device *parent, struc sc->sc_hub = dev; - err = usbd_set_config_index(dev, 0, 1); - if (err) { - DPRINTF("%s: configuration failed, error=%s\n", - sc->sc_dev.dv_xname, usbd_errstr(err)); - return; - } - if (dev->depth > USB_HUB_MAX_DEPTH) { printf("%s: hub depth (%d) exceeded, hub ignored\n", sc->sc_dev.dv_xname, USB_HUB_MAX_DEPTH); @@ -324,10 +320,10 @@ uhub_attach(struct device *parent, struc for (port = 1; port <= nports; port++) { /* Turn the power on. */ err = usbd_set_port_feature(dev, port, UHF_PORT_POWER); - if (err) - printf("%s: port %d power on failed, %s\n", - sc->sc_dev.dv_xname, port, - usbd_errstr(err)); + if (err) { + DPRINTF("%s: port %d power on failed, %s\n", + sc->sc_dev.dv_xname, port, usbd_errstr(err)); + } /* Make sure we check the port status at least once. */ sc->sc_status |= (1 << port); } Index: moscom.c === RCS file: /cvs/src/sys/dev/usb/moscom.c,v retrieving revision 1.23 diff -u -p -r1.23 moscom.c --- moscom.c 7 Jan 2016 12:53:37 - 1.23 +++ moscom.c 1 Sep 2016 11:49:33 - @@ -30,7 +30,6 @@ #include #define MOSCOMBUFSZ 256 -#define MOSCOM_CONFIG_INDEX 0 #define MOSCOM_IFACE_NO 0 #define MOSCOM_READ 0x0d @@ -178,7 +177,7 @@ moscom_match(struct device *parent, void { struct usb_attach_arg *uaa = aux; - if (uaa->iface != NULL) + if (uaa->iface == NULL) return UMATCH_NONE; return (usb_lookup(moscom_devs, uaa->vendor, uaa->product) != NULL) ? @@ -198,13 +197,6 @@ moscom_attach(struct device *parent, str bzero(&uca, sizeof(uca)); sc->sc_udev = uaa->device; - - if (usbd_set_config_index(sc->sc_udev, MOSCOM_CONFIG_INDEX, 1) != 0) { - printf("%s: could not set configuration no\n", - sc->sc_dev.dv_xname); - usbd_deactivate(sc->sc_udev); - return; - } /* get the first interface handle */ error = usbd_device2interface_handle(sc->sc_udev, MOSCOM_IFACE_NO, Index: uark.c === RCS file: /cvs/src/sys/dev/usb/uark.c,v retrieving revision 1.23 diff -u -p -r1.23 uark.c --- uark.c 7 Jan 2016 12:53:37 - 1.23 +++ uark.c 1 Sep 2016 11:50:05 - @@ -38,7 +38,6 @@ int uarkebug = 0; #define DPRINTF(x) DPRINTFN(0, x) #define UARKBUFSZ 256 -#define UARK_CONFIG_INDEX 0 #define UARK_IFACE_NO 0 #define UARK_SET_DATA_BITS(x) (x - 5) @@ -105,7 +104,7 @@ uark_match(struct device *parent, void * { struct usb_attach_arg *uaa = aux; - if (uaa->iface != NULL) + if (uaa->iface == NULL) return UMATCH_NONE; return (usb_lookup(uark_devs, uaa->vendor, uaa->product) != NULL) ? @@ -125,13 +124,6 @@ uark_attach(struct device *parent, struc bzero(&uca, sizeof(uca)); sc->sc_udev = uaa->device; - - if (usbd_set_config_index(sc->sc_udev, UARK_CONFIG_INDEX, 1) != 0) { - printf("%s: could not set configuration no\n", - sc->sc_dev.dv_xname); - usbd_deactivate(sc->sc_udev); - return; - } /* get the first interface handle */ error = usbd_device2interface_handle(sc->sc_udev, UARK_IFACE_NO, Index: uchcom.c === RCS file: /cvs/src/sys/dev/usb/uchcom.c,v retrieving revision 1.24 diff -u -p -r1.24 uchcom.c --- uchcom.c 14 Apr 2015 07:57:33 - 1.24 +++ uchcom.c 1 Sep 20
Unbreak libobjc for ARM EABI
This diff unbreaks libobjc on arm. I copied bits and pieces from the C++ exception handling code. Seems to be enough to make all the objc exception handling tests in the gcc 4.2.1 testsuite pass. ok? Index: exception.c === RCS file: /cvs/src/gnu/gcc/libobjc/exception.c,v retrieving revision 1.1.1.1 diff -u -p -r1.1.1.1 exception.c --- exception.c 15 Oct 2009 17:11:28 - 1.1.1.1 +++ exception.c 1 Sep 2016 13:05:24 - @@ -28,9 +28,40 @@ Boston, MA 02110-1301, USA. */ #include "config.h" #include "objc/objc-api.h" #include "unwind.h" + +#ifdef __ARM_EABI_UNWINDER__ +#define NO_SIZE_OF_ENCODED_VALUE +#endif + #include "unwind-pe.h" +#ifdef __ARM_EABI_UNWINDER__ + +static inline void +__OBJC_INIT_EXCEPTION_CLASS(_Unwind_Exception_Class c) +{ + c[0] = 'G'; + c[1] = 'N'; + c[2] = 'U'; + c[3] = 'C'; + c[4] = 'C'; + c[5] = '+'; + c[6] = '+'; + c[7] = '\0'; +} + +#define CONTINUE_UNWINDING \ + do \ +{ \ + if (__gnu_unwind_frame(ue_header, context) != _URC_OK) \ + return _URC_FAILURE;\ + return _URC_CONTINUE_UNWIND; \ +} \ + while (0) + +#else /* !__ARM_EABI_UNWINDER__ */ + /* This is the exception class we report -- "GNUCOBJC". */ #define __objc_exception_class \ _Unwind_Exception_Class) 'G' \ @@ -42,6 +73,12 @@ Boston, MA 02110-1301, USA. */ << 8 | (_Unwind_Exception_Class) 'J') \ << 8 | (_Unwind_Exception_Class) 'C') +#define __OBJC_INIT_EXCEPTION_CLASS(c) c = __objc_exception_class + +#define CONTINUE_UNWINDING return _URC_CONTINUE_UNWIND + +#endif /* !__ARM_EABI_UNWINDER__ */ + /* This is the object that is passed around by the Objective C runtime to represent the exception in flight. */ @@ -106,6 +143,25 @@ parse_lsda_header (struct _Unwind_Contex return p; } +#ifdef __ARM_EABI_UNWINDER__ + +static Class +get_ttype_entry (struct lsda_header_info *info, _Unwind_Word i) +{ + _Unwind_Ptr ptr; + + ptr = (_Unwind_Ptr) (info->TType - (i * 4)); + ptr = _Unwind_decode_target2(ptr); + + /* NULL ptr means catch-all. */ + if (ptr) +return objc_get_class ((const char *) ptr); + else +return 0; +} + +#else + static Class get_ttype_entry (struct lsda_header_info *info, _Unwind_Word i) { @@ -122,6 +178,8 @@ get_ttype_entry (struct lsda_header_info return 0; } +#endif + /* Like unto the method of the same name on Object, but takes an id. */ /* ??? Does this bork the meta-type system? Can/should we look up an isKindOf method on the id? */ @@ -151,11 +209,17 @@ isKindOf (id value, Class target) #endif _Unwind_Reason_Code +#ifdef __ARM_EABI_UNWINDER__ +PERSONALITY_FUNCTION (_Unwind_State state, + struct _Unwind_Exception *ue_header, + struct _Unwind_Context *context) +#else PERSONALITY_FUNCTION (int version, _Unwind_Action actions, _Unwind_Exception_Class exception_class, struct _Unwind_Exception *ue_header, struct _Unwind_Context *context) +#endif { struct ObjcException *xh = (struct ObjcException *) ue_header; @@ -167,17 +231,56 @@ PERSONALITY_FUNCTION (int version, int handler_switch_value; int saw_cleanup = 0, saw_handler; void *return_object; + int foreign_exception; + int ip_before_insn = 0; + +#ifdef __ARM_EABI_UNWINDER__ + _Unwind_Action actions; + switch (state & _US_ACTION_MASK) +{ +case _US_VIRTUAL_UNWIND_FRAME: + actions = _UA_SEARCH_PHASE; + break; + +case _US_UNWIND_FRAME_STARTING: + actions = _UA_CLEANUP_PHASE; + if (!(state & _US_FORCE_UNWIND) + && ue_header->barrier_cache.sp == _Unwind_GetGR(context, 13)) + actions |= _UA_HANDLER_FRAME; + break; + +case _US_UNWIND_FRAME_RESUME: + CONTINUE_UNWINDING; + break; + +default: + abort(); +} + actions |= state & _US_FORCE_UNWIND; + + foreign_exception = 0; + + ip = (_Unwind_Ptr) ue_header; + _Unwind_SetGR(context, 12, ip); +#else /* Interface version check. */ if (version != 1) return _URC_FATAL_PHASE1_ERROR; + foreign_exception = !(exception_class == __objc_exception_class); +#endif /* Shortcut for phase 2 found handler for domestic exception. */ if (actions == (_UA_CLEANUP_PHASE | _UA_HANDLER_FRAME) - && exception_class == __objc_exception_class) + && !foreign_exception) { +#ifdef __ARM_EABI_UNWINDER__ + handler_switch_value = (int) ue_header->barrier_cache.bitpattern[1]; + landing_pad = (_Unwind_Ptr) ue_header->barrier_cache.bitpattern[3]; +#else handler_switch_value = xh->handlerSwitchValue; landing_pad = xh->landing
ABI BREAK: OpenBSD/armv7 moves to ARM EABI
Hi, I just switched OpenBSD/armv7 to ARM EABI. This is a complete ABI break which you cannot easily cross with a build. Instead, you need to upgrade through this break with a snapshot. An EABI snapshot will be synced to the mirrors soon. Patrick
iwm: enable SGI
This diff enables the short guard interval (SGI) feature of 802.11n. In theory this should raise the max data rate from 65Mbit/s to 72Mbit/s. To check if your AP supports SGI, associate to your AP and then run: tcpdump -n -i iwm0 -s 1500 -y IEEE802_11_RADIO -v type mgt subtype beacon and look for the SGI@20MHz HT capability: "htcaps=<...,SGI@20MHz,...>" Performance tests welcome. Index: if_iwm.c === RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v retrieving revision 1.100 diff -u -p -r1.100 if_iwm.c --- if_iwm.c1 Sep 2016 09:47:47 - 1.100 +++ if_iwm.c1 Sep 2016 10:37:40 - @@ -6082,7 +6082,7 @@ iwm_setrates(struct iwm_node *in) struct iwm_softc *sc = IC2IFP(ic)->if_softc; struct iwm_lq_cmd *lq = &in->in_lq; struct ieee80211_rateset *rs = &ni->ni_rates; - int i, ridx, ridx_min, j, tab = 0; + int i, ridx, ridx_min, j, sgi_ok, tab = 0; struct iwm_host_cmd cmd = { .id = IWM_LQ_CMD, .len = { sizeof(in->in_lq), }, @@ -6092,9 +6092,12 @@ iwm_setrates(struct iwm_node *in) memset(lq, 0, sizeof(*lq)); lq->sta_id = IWM_STATION_ID; - /* For HT, always enable RTS/CTS to avoid excessive retries. */ - if (ni->ni_flags & IEEE80211_NODE_HT) + /* For HT, enable RTS/CTS, and SGI (if supported). */ + if (ni->ni_flags & IEEE80211_NODE_HT) { lq->flags |= IWM_LQ_FLAG_USE_RTS_MSK; + sgi_ok = (ni->ni_htcaps & IEEE80211_HTCAP_SGI20); + } else + sgi_ok = 0; /* * Fill the LQ rate selection table with legacy and/or HT rates @@ -6120,6 +6123,8 @@ iwm_setrates(struct iwm_node *in) if (ridx == iwm_mcs2ridx[i]) { tab = iwm_rates[ridx].ht_plcp; tab |= IWM_RATE_MCS_HT_MSK; + if (sgi_ok) + tab |= IWM_RATE_MCS_SGI_MSK; break; } } @@ -8000,8 +8005,7 @@ iwm_attach(struct device *parent, struct IEEE80211_C_SHSLOT |/* short slot time supported */ IEEE80211_C_SHPREAMBLE; /* short preamble supported */ - /* No optional HT features supported for now, */ - ic->ic_htcaps = 0; + ic->ic_htcaps = IEEE80211_HTCAP_SGI20; ic->ic_htxcaps = 0; ic->ic_txbfcaps = 0; ic->ic_aselcaps = 0;
tcpdump: print association requests
This diff makes tcpdump display details of association requests. These are interesting because clients announce HT capabilities there. We can share some printing code with beacons. Use with something like tcpdump -s 1500 -v -y IEEE802_11_RADIO -i iwn0 Index: print-802_11.c === RCS file: /cvs/src/usr.sbin/tcpdump/print-802_11.c,v retrieving revision 1.32 diff -u -p -r1.32 print-802_11.c --- print-802_11.c 21 Feb 2016 16:09:47 - 1.32 +++ print-802_11.c 1 Sep 2016 12:21:43 - @@ -101,7 +101,9 @@ void ieee80211_print_essid(u_int8_t *, voidieee80211_print_country(u_int8_t *, u_int); voidieee80211_print_htcaps(u_int8_t *, u_int); voidieee80211_print_htop(u_int8_t *, u_int); -int ieee80211_elements(struct ieee80211_frame *, u_int); +int ieee80211_print_beacon(struct ieee80211_frame *, u_int); +int ieee80211_print_assocreq(struct ieee80211_frame *, u_int); +int ieee80211_print_elements(uint8_t *); int ieee80211_frame(struct ieee80211_frame *, u_int); int ieee80211_print(struct ieee80211_frame *, u_int); u_int ieee80211_any2ieee(u_int, u_int); @@ -589,37 +591,74 @@ ieee80211_print_htop(u_int8_t *data, u_i } int -ieee80211_elements(struct ieee80211_frame *wh, u_int flen) +ieee80211_print_beacon(struct ieee80211_frame *wh, u_int len) { - u_int8_t *buf, *frm; - u_int64_t tstamp; - u_int16_t bintval, capinfo; - int i; + uint64_t tstamp; + uint16_t bintval, capinfo; + uint8_t *frm; + + if (len < sizeof(tstamp) + sizeof(bintval) + sizeof(capinfo)) + return 1; /* truncated */ - buf = (u_int8_t *)wh; frm = (u_int8_t *)&wh[1]; - TCHECK2(*frm, 8); bcopy(frm, &tstamp, sizeof(u_int64_t)); frm += 8; - if (vflag > 1) printf(", timestamp %llu", letoh64(tstamp)); - TCHECK2(*frm, 2); bcopy(frm, &bintval, sizeof(u_int16_t)); frm += 2; - if (vflag > 1) printf(", interval %u", letoh16(bintval)); - TCHECK2(*frm, 2); bcopy(frm, &capinfo, sizeof(u_int16_t)); frm += 2; + if (vflag) + printb(", caps", letoh16(capinfo), IEEE80211_CAPINFO_BITS); + + return ieee80211_print_elements(frm); +} + +int +ieee80211_print_assocreq(struct ieee80211_frame *wh, u_int len) +{ + uint8_t subtype; + uint16_t capinfo, lintval; + uint8_t *frm; + + subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK; + + if (len < sizeof(capinfo) + sizeof(lintval) + + (subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ ? + IEEE80211_ADDR_LEN : 0)) + return 1; /* truncated */ + + frm = (u_int8_t *)&wh[1]; + bcopy(frm, &capinfo, sizeof(u_int16_t)); + frm += 2; if (vflag) - printb(", caps", letoh16(capinfo), - IEEE80211_CAPINFO_BITS); + printb(", caps", letoh16(capinfo), IEEE80211_CAPINFO_BITS); + + bcopy(frm, &lintval, sizeof(u_int16_t)); + frm += 2; + if (vflag > 1) + printf(", listen interval %u", letoh16(lintval)); + + if (subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) { + if (vflag) + printf(", AP %s", etheraddr_string(frm)); + frm += IEEE80211_ADDR_LEN; + } + + return ieee80211_print_elements(frm); +} + +int +ieee80211_print_elements(uint8_t *frm) +{ + int i; while (TTEST2(*frm, 2)) { u_int len = frm[1]; @@ -628,7 +667,7 @@ ieee80211_elements(struct ieee80211_fram if (!TTEST2(*data, len)) break; -#define ELEM_CHECK(l) if (len != l) break +#define ELEM_CHECK(l) if (len != l) goto trunc switch (*frm) { case IEEE80211_ELEMID_SSID: @@ -789,7 +828,12 @@ ieee80211_frame(struct ieee80211_frame * switch (subtype) { case IEEE80211_FC0_SUBTYPE_BEACON: case IEEE80211_FC0_SUBTYPE_PROBE_RESP: - if (ieee80211_elements(wh, len) != 0) + if (ieee80211_print_beacon(wh, len) != 0) + goto trunc; + break; + case IEEE80211_FC0_SUBTYPE_ASSOC_REQ: + case IEEE80211_FC0_SUBTYPE_REASSOC_REQ: + if (ieee80211_print_assocreq(wh, len) != 0) goto trunc; break; case IEEE80211_FC0_SUBTYPE_AUTH:
NAT-on-enc on iked(8)
This diff adds the missing bits to support NAT-on-enc in iked(8). See OUTGOING NETWORK ADDRESS TRANSLATION in iked.conf(5), and also http://undeadly.org/cgi?action=article&sid=20090127205841. Ok ? diff --git sbin/iked/iked.h sbin/iked/iked.h index aa40d70..dfa04ad 100644 --- sbin/iked/iked.h +++ sbin/iked/iked.h @@ -140,6 +140,7 @@ struct iked_flow { struct iked_addr flow_src; struct iked_addr flow_dst; unsigned int flow_dir; /* in/out */ + struct iked_addr flow_prenat; unsigned int flow_loaded; /* pfkey done */ diff --git sbin/iked/parse.y sbin/iked/parse.y index c93a978..e3e7c29 100644 --- sbin/iked/parse.y +++ sbin/iked/parse.y @@ -2418,7 +2418,7 @@ create_ike(char *name, int af, uint8_t ipproto, struct ipsec_hosts *hosts, { char idstr[IKED_ID_SIZE]; unsigned int idtype = IKEV2_ID_NONE; - struct ipsec_addr_wrap *ipa, *ipb; + struct ipsec_addr_wrap *ipa, *ipb, *ippn; struct iked_policy pol; struct iked_proposal prop[2]; unsigned int j; @@ -2640,6 +2640,17 @@ create_ike(char *name, int af, uint8_t ipproto, struct ipsec_hosts *hosts, flows[j].flow_dst.addr_net = ipb->netaddress; flows[j].flow_dst.addr_port = hosts->dport; + ippn = ipa->srcnat; + if (ippn) { + memcpy(&flows[j].flow_prenat.addr, &ippn->address, + sizeof(ippn->address)); + flows[j].flow_prenat.addr_af = ippn->af; + flows[j].flow_prenat.addr_mask = ippn->mask; + flows[j].flow_prenat.addr_net = ippn->netaddress; + } else { + flows[j].flow_prenat.addr_af = 0; + } + flows[j].flow_ipproto = ipproto; pol.pol_nflows++; diff --git sbin/iked/pfkey.c sbin/iked/pfkey.c index 72c2d31..20ca4aa 100644 --- sbin/iked/pfkey.c +++ sbin/iked/pfkey.c @@ -173,6 +173,7 @@ int pfkey_flow(int sd, uint8_t satype, uint8_t action, struct iked_flow *flow) { struct sadb_msg smsg; + struct iked_addr*flow_src, *flow_dst; struct sadb_address sa_src, sa_dst, sa_local, sa_peer, sa_smask, sa_dmask; struct sadb_protocol sa_flowtype, sa_protocol; @@ -183,56 +184,75 @@ pfkey_flow(int sd, uint8_t satype, uint8_t action, struct iked_flow *flow) sa_srcid = sa_dstid = NULL; + flow_src = &flow->flow_src; + flow_dst = &flow->flow_dst; + + if (flow->flow_prenat.addr_af == flow_src->addr_af) { + switch (flow->flow_type) { + case SADB_X_FLOW_TYPE_USE: + flow_dst = &flow->flow_prenat; + break; + case SADB_X_FLOW_TYPE_REQUIRE: + flow_src = &flow->flow_prenat; + break; + case 0: + if (flow->flow_dir == IPSP_DIRECTION_IN) + flow_dst = &flow->flow_prenat; + else + flow_src = &flow->flow_prenat; + } + } + bzero(&ssrc, sizeof(ssrc)); bzero(&smask, sizeof(smask)); - memcpy(&ssrc, &flow->flow_src.addr, sizeof(ssrc)); - memcpy(&smask, &flow->flow_src.addr, sizeof(smask)); - socket_af((struct sockaddr *)&ssrc, flow->flow_src.addr_port); - socket_af((struct sockaddr *)&smask, flow->flow_src.addr_port ? + memcpy(&ssrc, &flow_src->addr, sizeof(ssrc)); + memcpy(&smask, &flow_src->addr, sizeof(smask)); + socket_af((struct sockaddr *)&ssrc, flow_src->addr_port); + socket_af((struct sockaddr *)&smask, flow_src->addr_port ? 0x : 0); - switch (flow->flow_src.addr_af) { + switch (flow_src->addr_af) { case AF_INET: ((struct sockaddr_in *)&smask)->sin_addr.s_addr = - prefixlen2mask(flow->flow_src.addr_net ? - flow->flow_src.addr_mask : 32); + prefixlen2mask(flow_src->addr_net ? + flow_src->addr_mask : 32); break; case AF_INET6: - prefixlen2mask6(flow->flow_src.addr_net ? - flow->flow_src.addr_mask : 128, + prefixlen2mask6(flow_src->addr_net ? + flow_src->addr_mask : 128, (uint32_t *)((struct sockaddr_in6 *) &smask)->sin6_addr.s6_addr); break; default: log_warnx("%s: unsupported address family %d", - __func__, flow->flow_src.addr_af); + __func__, flow_src->addr_af); return (-1); } smask.ss_len = ssrc.ss_len;
Re: multi-pool malloc wip diff
On Tue, Aug 23, 2016 at 09:57:03AM +0200, Otto Moerbeek wrote: > On Mon, Aug 22, 2016 at 08:59:44PM -0400, Ted Unangst wrote: > > > Otto Moerbeek wrote: > > > > > > After a forkl of a threaded program __isthreaded is reset, but > > > existing allocations are spread around the pools. But the new single > > > threaded child only looks in the first pool. I have to think how to > > > solve this. > > > > Create a new flag, _malloc_threads. Init to 0. > > > > Change all existing tests for __isthreaded in malloc.c to _malloc_threads. > > > > Set _malloc_threads to 1 (or N) in malloc_init(). > > > > (Future direction may be to replace _MALLOC_MUTEXES with _malloc_threads and > > allow it to vary somewhat based on cpu count.) > > > > Trying to reverse the process of going to thread mode is more trouble than > > it's work. I'd even argue there's no need to reset __isthreaded, but I don't > > want to get bogged down with other consequences. > > Indeed, thats the solution I came up with as well. chrome, ff, gimp > and mysqld seem to be happy. Online now. > > -Otto Hi, diff has been commited just now (from the hackathon in Cambridge, UK). Upcoming snaps will contain it. Please make sure you update packages as well when they arrive at mirrors, since both librthread and libc versions have been bumped. Otherwise you just will be testing old code. Thanks to all the testers, -Otto
Re: relayd TLS ticket and session support accross processes
On Thu, Sep 01, 2016 at 11:27:55AM +0200, Claudio Jeker wrote: > On Tue, Aug 30, 2016 at 03:51:04PM +0200, Claudio Jeker wrote: > > On Tue, Aug 30, 2016 at 02:44:17PM +0200, Reyk Floeter wrote: > > > On Tue, Aug 30, 2016 at 01:22:49PM +0200, Claudio Jeker wrote: > > > > Here is the latest version of the ticket and tls session cache support. > > > > Tickets can be disabled and also the session timeout is configurable. > > > > Same code as before with man page diff > > > > > > > > > > Nice work! I'm curious how this impact production, do you have any > > > experience to share? > > > > > > > Will commit this soonish unless somebody complains > > > > > > I do complain, but just a bit. nit-picking below. > > > > > After some more talking to people here a new version that drops the > session cache and only implements session tickets. Everything modern (aka > the stuff we care about) implements tickets and they are so much easier to > work with. The system in place now uses a primary key and a backup key and > will refresh the tickets for everything that was encrypted with the backup > key. The keys are rotated every 2h so at max a key is valid for 4h. > We set the tls session timeout also to 2h so that this value is announced > as TLS session ticket lifetime hint. It is still possible to disable the > tickets per relay just in case. > See comments below, otherwise OK > -- > :wq Claudio > > Index: ca.c > === > RCS file: /cvs/src/usr.sbin/relayd/ca.c,v > retrieving revision 1.16 > diff -u -p -r1.16 ca.c > --- ca.c 5 Dec 2015 13:13:11 - 1.16 > +++ ca.c 30 Aug 2016 12:59:36 - > @@ -23,6 +23,7 @@ > #include > #include > #include > +#include > #include > > #include > @@ -256,6 +257,7 @@ static int > rsae_send_imsg(int flen, const u_char *from, u_char *to, RSA *rsa, > int padding, u_int cmd) > { > + struct pollfdpfd[1]; > struct ctl_keyop cko; > int ret = 0; > objid_t *id; > @@ -292,9 +294,21 @@ rsae_send_imsg(int flen, const u_char *f >* operation in OpenSSL's engine layer. >*/ > imsg_composev(ibuf, cmd, 0, 0, -1, iov, cnt); > - imsg_flush(ibuf); > + if (imsg_flush(ibuf) == -1) > + log_warn("rsae_send_imsg: imsg_flush"); > > + pfd[0].fd = ibuf->fd; > + pfd[0].events = POLLIN; > while (!done) { > + switch (poll(pfd, 1, TLS_PRIV_SEND_TIMEOUT)) { > + case -1: > + fatal("rsae_send_imsg: poll"); > + case 0: > + log_warnx("rsae_send_imsg: poll timeout"); > + break; > + default: > + break; > + } > if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) > fatalx("imsg_read"); > if (n == 0) > Index: config.c > === > RCS file: /cvs/src/usr.sbin/relayd/config.c,v > retrieving revision 1.27 > diff -u -p -r1.27 config.c > --- config.c 7 Dec 2015 04:03:27 - 1.27 > +++ config.c 31 Aug 2016 12:53:03 - > @@ -94,7 +94,6 @@ config_init(struct relayd *env) > bzero(&env->sc_proto_default, sizeof(env->sc_proto_default)); > env->sc_proto_default.id = EMPTY_ID; > env->sc_proto_default.flags = F_USED; > - env->sc_proto_default.cache = RELAY_CACHESIZE; > env->sc_proto_default.tcpflags = TCPFLAG_DEFAULT; > env->sc_proto_default.tcpbacklog = RELAY_BACKLOG; > env->sc_proto_default.tlsflags = TLSFLAG_DEFAULT; > Index: parse.y > === > RCS file: /cvs/src/usr.sbin/relayd/parse.y,v > retrieving revision 1.207 > diff -u -p -r1.207 parse.y > --- parse.y 21 Jun 2016 21:35:25 - 1.207 > +++ parse.y 1 Sep 2016 08:25:35 - > @@ -172,13 +172,13 @@ typedef struct { > %token SOCKET SPLICE SSL STICKYADDR STYLE TABLE TAG TAGGED TCP TIMEOUT > TLS TO > %token ROUTER RTLABEL TRANSPARENT TRAP UPDATES URL VIRTUAL WITH TTL > RTABLE > %token MATCH PARAMS RANDOM LEASTSTATES SRCHASH KEY CERTIFICATE > PASSWORD ECDH > -%token EDH CURVE > +%token EDH CURVE TICKETS > %token STRING > %token NUMBER > %type hostname interface table value optstring > %type http_type loglevel quick trap > %type dstmode flag forwardmode retry > -%type opttls opttlsclient tlscache > +%type opttls opttlsclient tlstickets > %type redirect_proto relay_proto match > %type action ruleaf key_option > %type tlsdhparams tlsecdhcurve > @@ -996,7 +996,6 @@ proto : relay_proto PROTO STRING { > free($3); > p->id = ++last_proto_id; >
Re: iwm(4): iwm_firmware_load_chunk returns uninitialized error value.
On Thu, Sep 01, 2016 at 11:26:10AM +0200, Imre Vadasz wrote: > Hi, > The iwm_firmware_load_chunk() function returns the value of the > uninitialized int error variable, when the "while (!sc->sc_fw_chunk_done)" > loop terminates immediately. I saw this happen repeatedly in the init > firmware loading during bootup. Example log output with iwm compiled with > debugging output, for an AC8260 chipset: > > iwm0: loading ucode type 1 > iwm0: could not load firmware chunk 0 (error 712) > iwm0: failed to load init firmware > iwm apm stop > > So we should explicitly initialize the error variable to 0 in > iwm_firmware_load_chunk(): Yes, indeed. I will commit this now. Thank you! > > Index: sys/dev/pci/if_iwm.c > === > RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v > retrieving revision 1.99 > diff -u -r1.99 if_iwm.c > --- sys/dev/pci/if_iwm.c 17 Aug 2016 09:39:38 - 1.99 > +++ sys/dev/pci/if_iwm.c 1 Sep 2016 09:17:50 - > @@ -3169,6 +3169,7 @@ > iwm_nic_unlock(sc); > > /* wait 1s for this segment to load */ > + error = 0; > while (!sc->sc_fw_chunk_done) > if ((error = tsleep(&sc->sc_fw, 0, "iwmfw", hz)) != 0) > break; >
Re: Array of TAILQs in kern_synch.c
Ted Unangst wrote: > Michal Mazurek wrote: > > There is what appears to be a sensless hash in kern_synch.c. It's an > > array of 128 TAILQs which are hashed according to the high bits of the > > wchan. It's possible to write a program that adds kern.maxthread entries > > to one of those TAILQs. Just running chrome with 11 tabs open adds 35 > > entries to one TAILQ, while leaving others empty. > > > > If it doesn't matter that a user program can make a TAILQ very long, > > then the hash is senseless (diff below). > > > > If it does matter, then it's broken, and a different data structure > > needs to be used. Currently RB trees require all element values to be > > unique, > > but a version of RB trees with non-unique element values is possible. > > > > Any thoughts? > > I don't think this is a good change. it's going backwards. even if there's 100 > things waiting on the same thing, there are other procs that aren't waiting on > it. Yeah, if anything, we might want a better distribution. FreeBSD XOR the shifted bits with the wait channel (and uses a 256 bucket table). In my limited testing it doesn't seem to make much of a difference thoughm, I need to come up with a better workload for this.
Re: relayd TLS ticket and session support accross processes
On Tue, Aug 30, 2016 at 03:51:04PM +0200, Claudio Jeker wrote: > On Tue, Aug 30, 2016 at 02:44:17PM +0200, Reyk Floeter wrote: > > On Tue, Aug 30, 2016 at 01:22:49PM +0200, Claudio Jeker wrote: > > > Here is the latest version of the ticket and tls session cache support. > > > Tickets can be disabled and also the session timeout is configurable. > > > Same code as before with man page diff > > > > > > > Nice work! I'm curious how this impact production, do you have any > > experience to share? > > > > > Will commit this soonish unless somebody complains > > > > I do complain, but just a bit. nit-picking below. > > After some more talking to people here a new version that drops the session cache and only implements session tickets. Everything modern (aka the stuff we care about) implements tickets and they are so much easier to work with. The system in place now uses a primary key and a backup key and will refresh the tickets for everything that was encrypted with the backup key. The keys are rotated every 2h so at max a key is valid for 4h. We set the tls session timeout also to 2h so that this value is announced as TLS session ticket lifetime hint. It is still possible to disable the tickets per relay just in case. -- :wq Claudio Index: ca.c === RCS file: /cvs/src/usr.sbin/relayd/ca.c,v retrieving revision 1.16 diff -u -p -r1.16 ca.c --- ca.c5 Dec 2015 13:13:11 - 1.16 +++ ca.c30 Aug 2016 12:59:36 - @@ -23,6 +23,7 @@ #include #include #include +#include #include #include @@ -256,6 +257,7 @@ static int rsae_send_imsg(int flen, const u_char *from, u_char *to, RSA *rsa, int padding, u_int cmd) { + struct pollfdpfd[1]; struct ctl_keyop cko; int ret = 0; objid_t *id; @@ -292,9 +294,21 @@ rsae_send_imsg(int flen, const u_char *f * operation in OpenSSL's engine layer. */ imsg_composev(ibuf, cmd, 0, 0, -1, iov, cnt); - imsg_flush(ibuf); + if (imsg_flush(ibuf) == -1) + log_warn("rsae_send_imsg: imsg_flush"); + pfd[0].fd = ibuf->fd; + pfd[0].events = POLLIN; while (!done) { + switch (poll(pfd, 1, TLS_PRIV_SEND_TIMEOUT)) { + case -1: + fatal("rsae_send_imsg: poll"); + case 0: + log_warnx("rsae_send_imsg: poll timeout"); + break; + default: + break; + } if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN) fatalx("imsg_read"); if (n == 0) Index: config.c === RCS file: /cvs/src/usr.sbin/relayd/config.c,v retrieving revision 1.27 diff -u -p -r1.27 config.c --- config.c7 Dec 2015 04:03:27 - 1.27 +++ config.c31 Aug 2016 12:53:03 - @@ -94,7 +94,6 @@ config_init(struct relayd *env) bzero(&env->sc_proto_default, sizeof(env->sc_proto_default)); env->sc_proto_default.id = EMPTY_ID; env->sc_proto_default.flags = F_USED; - env->sc_proto_default.cache = RELAY_CACHESIZE; env->sc_proto_default.tcpflags = TCPFLAG_DEFAULT; env->sc_proto_default.tcpbacklog = RELAY_BACKLOG; env->sc_proto_default.tlsflags = TLSFLAG_DEFAULT; Index: parse.y === RCS file: /cvs/src/usr.sbin/relayd/parse.y,v retrieving revision 1.207 diff -u -p -r1.207 parse.y --- parse.y 21 Jun 2016 21:35:25 - 1.207 +++ parse.y 1 Sep 2016 08:25:35 - @@ -172,13 +172,13 @@ typedef struct { %token SOCKET SPLICE SSL STICKYADDR STYLE TABLE TAG TAGGED TCP TIMEOUT TLS TO %token ROUTER RTLABEL TRANSPARENT TRAP UPDATES URL VIRTUAL WITH TTL RTABLE %token MATCH PARAMS RANDOM LEASTSTATES SRCHASH KEY CERTIFICATE PASSWORD ECDH -%token EDH CURVE +%token EDH CURVE TICKETS %token STRING %token NUMBER %typehostname interface table value optstring %typehttp_type loglevel quick trap %typedstmode flag forwardmode retry -%typeopttls opttlsclient tlscache +%typeopttls opttlsclient tlstickets %typeredirect_proto relay_proto match %typeaction ruleaf key_option %typetlsdhparams tlsecdhcurve @@ -996,7 +996,6 @@ proto : relay_proto PROTO STRING { free($3); p->id = ++last_proto_id; p->type = $1; - p->cache = RELAY_CACHESIZE; p->tcpflags = TCPFLAG_DEFAULT; p->tlsflags = TLSFLAG_DEFAULT; p->tcpbacklog = RELAY_BACKLOG; @@ -1091,7 +1090,7 @@ tlsflags_l: tlsflags comma tlsflags_l | tls
iwm(4): iwm_firmware_load_chunk returns uninitialized error value.
Hi, The iwm_firmware_load_chunk() function returns the value of the uninitialized int error variable, when the "while (!sc->sc_fw_chunk_done)" loop terminates immediately. I saw this happen repeatedly in the init firmware loading during bootup. Example log output with iwm compiled with debugging output, for an AC8260 chipset: iwm0: loading ucode type 1 iwm0: could not load firmware chunk 0 (error 712) iwm0: failed to load init firmware iwm apm stop So we should explicitly initialize the error variable to 0 in iwm_firmware_load_chunk(): Index: sys/dev/pci/if_iwm.c === RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v retrieving revision 1.99 diff -u -r1.99 if_iwm.c --- sys/dev/pci/if_iwm.c17 Aug 2016 09:39:38 - 1.99 +++ sys/dev/pci/if_iwm.c1 Sep 2016 09:17:50 - @@ -3169,6 +3169,7 @@ iwm_nic_unlock(sc); /* wait 1s for this segment to load */ + error = 0; while (!sc->sc_fw_chunk_done) if ((error = tsleep(&sc->sc_fw, 0, "iwmfw", hz)) != 0) break;
Re: remove ntfs write code
Removing unfinished write support makes sense. Who knows, maybe it makes read support more sustainable...
Re: remove ntfs write code
Martin Natano wrote: > mount_ntfs forces the mount point to be MNT_RDONLY, so the write parts > in ntfs are never used. OK to remove? i think so. by the way, this code is probably a dead end, compared to the fuse code. is that right? but we should keep it around for a while until we're sure the fuse code is a good replacement.
Re: passwd(1) - use explicit_bzero(3)
Gleydson Soares wrote: > after recents passwd(1) changes, We should use explicit_bzero(3) for > clearing these sensitive strings. > OK? right, ok
Re: Array of TAILQs in kern_synch.c
Michal Mazurek wrote: > There is what appears to be a sensless hash in kern_synch.c. It's an > array of 128 TAILQs which are hashed according to the high bits of the > wchan. It's possible to write a program that adds kern.maxthread entries > to one of those TAILQs. Just running chrome with 11 tabs open adds 35 > entries to one TAILQ, while leaving others empty. > > If it doesn't matter that a user program can make a TAILQ very long, > then the hash is senseless (diff below). > > If it does matter, then it's broken, and a different data structure > needs to be used. Currently RB trees require all element values to be unique, > but a version of RB trees with non-unique element values is possible. > > Any thoughts? I don't think this is a good change. it's going backwards. even if there's 100 things waiting on the same thing, there are other procs that aren't waiting on it.
Re: iwm(4): Use htole16 for policy field in iwm_time_event_cmd_v2 struct.
On Wed, Aug 31, 2016 at 09:39:47PM +0200, Imre Vadasz wrote: > Hi, > The policy field in struct iwm_time_event_cmd_v2 is just a 16bit integer, > so we should use htole16() when setting it, instead of htole32(). Makes sense to me, although I don't have hardware to test this. > > Index: sys/dev/pci/if_iwm.c > === > RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v > retrieving revision 1.99 > diff -u -r1.99 if_iwm.c > --- sys/dev/pci/if_iwm.c 17 Aug 2016 09:39:38 - 1.99 > +++ sys/dev/pci/if_iwm.c 31 Aug 2016 19:37:05 - > @@ -2379,7 +2379,7 @@ > time_cmd.duration = htole32(duration); > time_cmd.repeat = 1; > time_cmd.policy > - = htole32(IWM_TE_V2_NOTIF_HOST_EVENT_START | > + = htole16(IWM_TE_V2_NOTIF_HOST_EVENT_START | > IWM_TE_V2_NOTIF_HOST_EVENT_END | > IWM_T2_V2_START_IMMEDIATELY); > >
Re: remove ntfs write code
On Wed, Aug 31, 2016 at 05:17:41PM -0600, Bob Beck wrote: > Yes, ok beck@ > > to be shortly followed by the ntfs code - don't we have a fuse version of > this? There's the ntfs_3g port benno uses. Iirc, access via ntfs_3g is somewhat slower than with the native filesystem (not that I care). > > > On Wed, Aug 31, 2016 at 3:34 PM, Martin Natano wrote: > > > mount_ntfs forces the mount point to be MNT_RDONLY, so the write parts > > in ntfs are never used. OK to remove? > > > > natano > > > > > > Index: ntfs/ntfs_subr.c > > === > > RCS file: /cvs/src/sys/ntfs/ntfs_subr.c,v > > retrieving revision 1.47 > > diff -u -p -r1.47 ntfs_subr.c > > --- ntfs/ntfs_subr.c31 Aug 2016 15:13:57 - 1.47 > > +++ ntfs/ntfs_subr.c31 Aug 2016 19:58:31 - > > @@ -1336,152 +1336,6 @@ ntfs_filesize(struct ntfsmount *ntmp, st > > } > > > > /* > > - * This is one of the write routines. > > - */ > > -int > > -ntfs_writeattr_plain(struct ntfsmount *ntmp, struct ntnode *ip, > > -u_int32_t attrnum, char *attrname, off_t roff, size_t rsize, void > > *rdata, > > -size_t *initp, struct uio *uio) > > -{ > > - size_t init; > > - int error = 0; > > - off_t off = roff; > > - size_t left = rsize, towrite; > > - caddr_t data = rdata; > > - struct ntvattr *vap; > > - *initp = 0; > > - > > - while (left) { > > - error = ntfs_ntvattrget(ntmp, ip, attrnum, attrname, > > - ntfs_btocn(off), &vap); > > - if (error) > > - return (error); > > - towrite = MIN(left, ntfs_cntob(vap->va_vcnend + 1) - off); > > - DDPRINTF("ntfs_writeattr_plain: o: %lld, s: %zu " > > - "(%llu - %llu)\n", off, towrite, > > - vap->va_vcnstart, vap->va_vcnend); > > - error = ntfs_writentvattr_plain(ntmp, ip, vap, > > -off - > > ntfs_cntob(vap->va_vcnstart), > > -towrite, data, &init, uio); > > - if (error) { > > - DPRINTF("ntfs_writeattr_plain: > > ntfs_writentvattr_plain " > > - "failed: o: %lld, s: %zu\n", off, towrite); > > - DPRINTF("ntfs_writeattr_plain: attrib: %llu - > > %llu\n", > > - vap->va_vcnstart, vap->va_vcnend); > > - ntfs_ntvattrrele(vap); > > - break; > > - } > > - ntfs_ntvattrrele(vap); > > - left -= towrite; > > - off += towrite; > > - data = data + towrite; > > - *initp += init; > > - } > > - > > - return (error); > > -} > > - > > -/* > > - * This is one of the write routines. > > - * > > - * ntnode should be locked. > > - */ > > -int > > -ntfs_writentvattr_plain(struct ntfsmount *ntmp, struct ntnode *ip, > > -struct ntvattr *vap, off_t roff, size_t rsize, void *rdata, size_t > > *initp, > > -struct uio *uio) > > -{ > > - int error = 0; > > - off_t off; > > - int cnt; > > - cn_tccn, ccl, cn, cl; > > - caddr_t data = rdata; > > - struct buf *bp; > > - size_t left, tocopy; > > - > > - *initp = 0; > > - > > - if ((vap->va_flag & NTFS_AF_INRUN) == 0) { > > - DPRINTF("ntfs_writevattr_plain: CAN'T WRITE RES. > > ATTRIBUTE\n"); > > - return ENOTTY; > > - } > > - > > - DDPRINTF("ntfs_writentvattr_plain: data in run: %lu chains\n", > > - vap->va_vruncnt); > > - > > - off = roff; > > - left = rsize; > > - > > - for (cnt = 0; left && (cnt < vap->va_vruncnt); cnt++) { > > - ccn = vap->va_vruncn[cnt]; > > - ccl = vap->va_vruncl[cnt]; > > - > > - DDPRINTF("ntfs_writentvattr_plain: left %zu, cn: 0x%llx, " > > - "cl: %llu, off: %lld\n", left, ccn, ccl, off); > > - > > - if (ntfs_cntob(ccl) < off) { > > - off -= ntfs_cntob(ccl); > > - cnt++; > > - continue; > > - } > > - if (!ccn && ip->i_number != NTFS_BOOTINO) > > - continue; /* XXX */ > > - > > - ccl -= ntfs_btocn(off); > > - cn = ccn + ntfs_btocn(off); > > - off = ntfs_btocnoff(off); > > - > > - while (left && ccl) { > > - /* > > -* Always read and write single clusters at a time > > - > > -* we need to avoid requesting differently-sized > > -* blocks at the same disk offsets to avoid > > -* conf
Drop IPSec traffic that should be encapsulated but is not
Our IPSec stack rejects UDP-encapsulated traffic using a non encapsulating SA, but not the other way around. This diff adds the missing check and the corresponding stat counter. Ok ? Index: sys/netinet/ip_esp.h === RCS file: /cvs/src/sys/netinet/ip_esp.h,v retrieving revision 1.42 diff -u -p -r1.42 ip_esp.h --- sys/netinet/ip_esp.h10 Jan 2010 12:43:07 - 1.42 +++ sys/netinet/ip_esp.h1 Sep 2016 08:24:15 - @@ -62,6 +62,7 @@ struct espstat u_int32_t esps_udpencin; /* Input ESP-in-UDP packets */ u_int32_t esps_udpencout; /* Output ESP-in-UDP packets */ u_int32_t esps_udpinval; /* Invalid input ESP-in-UDP packets */ +u_int32_t esps_udpneeded; /* Trying to use a ESP-in-UDP TDB */ }; /* Index: sys/netinet/ipsec_input.c === RCS file: /cvs/src/sys/netinet/ipsec_input.c,v retrieving revision 1.135 diff -u -p -r1.135 ipsec_input.c --- sys/netinet/ipsec_input.c 10 Sep 2015 17:52:05 - 1.135 +++ sys/netinet/ipsec_input.c 1 Sep 2016 08:24:16 - @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf *m, int s return EINVAL; } + if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) { + splx(s); + DPRINTF(("ipsec_common_input(): attempted to use udpencap " + "SA %s/%08x/%u\n", ipsp_address(&dst_address, buf, + sizeof(buf)), ntohl(spi), tdbp->tdb_sproto)); + m_freem(m); + espstat.esps_udpneeded++; + return EINVAL; + } + if (tdbp->tdb_xform == NULL) { splx(s); DPRINTF(("ipsec_common_input(): attempted to use uninitialized " Index: usr.bin/netstat/inet.c === RCS file: /cvs/src/usr.bin/netstat/inet.c,v retrieving revision 1.150 diff -u -p -r1.150 inet.c --- usr.bin/netstat/inet.c 27 Aug 2016 04:13:43 - 1.150 +++ usr.bin/netstat/inet.c 1 Sep 2016 08:24:16 - @@ -1073,6 +1073,7 @@ esp_stats(char *name) p(esps_udpencin, "\t%u input UDP encapsulated ESP packet%s\n"); p(esps_udpencout, "\t%u output UDP encapsulated ESP packet%s\n"); p(esps_udpinval, "\t%u UDP packet%s for non-encapsulating TDB received\n"); + p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating TDB received\n"); p(esps_ibytes, "\t%llu input byte%s\n"); p(esps_obytes, "\t%llu output byte%s\n");
Re: better return type for usqrt() in factor(6)
On Thu, Sep 01, 2016 at 06:36:15AM +0100, Theo Buehler wrote: > In factor(6), there is the line > > 216 stop = usqrt(val) + 1; > > where the u_int64_t stop is the upper bound for the sieve of > Eratosthenes (I cautiously added 1 to be sure to be on the safe side). > Unfortunately, the right hand side may now overflow for large enough > val because my brilliant former self chose usqrt() to be of type > u_int32_t usqrt(u_sqrt64_t); ... > > Example from http://cvsweb.netbsd.org/bsdweb.cgi/src/games/primes/pattern.c > > $ printf "%u\n" $((139646831 * 132095686967)) > 18446744073709551577 > $ factor 18446744073709551577 > 18446744073709551577 > > With the patch below: > > $ obj/factor > 18446744073709551577: 139646831 132095686967 > > as it should be. ok, -Otto > > Index: factor.c > === > RCS file: /var/cvs/src/games/factor/factor.c,v > retrieving revision 1.29 > diff -u -p -r1.29 factor.c > --- factor.c 14 Aug 2016 18:34:48 - 1.29 > +++ factor.c 1 Sep 2016 04:56:00 - > @@ -75,7 +75,7 @@ extern const int pattern_size; > > static void pr_fact(u_int64_t); /* print factors of a value */ > static void pr_bigfact(u_int64_t); > -static u_int32_t usqrt(u_int64_t); > +static u_int64_t usqrt(u_int64_t); > static void __dead usage(void); > > int > @@ -284,7 +284,7 @@ pr_bigfact(u_int64_t val) /* Factor this > } > > /* Code taken from ping.c */ > -static u_int32_t > +static u_int64_t > usqrt(u_int64_t n) > { > u_int64_t y, x = 1; > @@ -299,7 +299,7 @@ usqrt(u_int64_t n) > x /= 2; > } while (((y < x) && (x - y) > 1) || (y - x) > 1); > > - return (u_int32_t)x; > + return x; > } > > static void __dead
Re: better return type for usqrt() in factor(6)
ok tom@ >>> Theo Buehler 1-Sep-16 06:36 >>> > > In factor(6), there is the line > > 216 stop = usqrt(val) + 1; > > where the u_int64_t stop is the upper bound for the sieve of > Eratosthenes (I cautiously added 1 to be sure to be on the safe side). > Unfortunately, the right hand side may now overflow for large enough > val because my brilliant former self chose usqrt() to be of type > u_int32_t usqrt(u_sqrt64_t); ... > > Example from http://cvsweb.netbsd.org/bsdweb.cgi/src/games/primes/pattern.c > > $ printf "%u\n" $((139646831 * 132095686967)) > 18446744073709551577 > $ factor 18446744073709551577 > 18446744073709551577 > > With the patch below: > > $ obj/factor > 18446744073709551577: 139646831 132095686967 > > as it should be. > > Index: factor.c > === > RCS file: /var/cvs/src/games/factor/factor.c,v > retrieving revision 1.29 > diff -u -p -r1.29 factor.c > --- factor.c 14 Aug 2016 18:34:48 - 1.29 > +++ factor.c 1 Sep 2016 04:56:00 - > @@ -75,7 +75,7 @@ extern const int pattern_size; > > static void pr_fact(u_int64_t); /* print factors of a value */ > static void pr_bigfact(u_int64_t); > -static u_int32_t usqrt(u_int64_t); > +static u_int64_t usqrt(u_int64_t); > static void __dead usage(void); > > int > @@ -284,7 +284,7 @@ pr_bigfact(u_int64_t val) /* Factor this > } > > /* Code taken from ping.c */ > -static u_int32_t > +static u_int64_t > usqrt(u_int64_t n) > { > u_int64_t y, x = 1; > @@ -299,7 +299,7 @@ usqrt(u_int64_t n) > x /= 2; > } while (((y < x) && (x - y) > 1) || (y - x) > 1); > > - return (u_int32_t)x; > + return x; > } > > static void __dead
Re: sys_process.c: remove relebad
On Thu, Sep 1, 2016 at 8:39 AM, Michal Mazurek wrote: > This was OKd but forgotten: > https://marc.info/?l=openbsd-tech&m=146001680811549&w=2 You'll have to commit it yourself then. ok guenther@
Re: better return type for usqrt() in factor(6)
On Thu, Sep 1, 2016 at 6:36 AM, Theo Buehler wrote: > In factor(6), there is the line > > 216 stop = usqrt(val) + 1; > > where the u_int64_t stop is the upper bound for the sieve of > Eratosthenes (I cautiously added 1 to be sure to be on the safe side). > Unfortunately, the right hand side may now overflow for large enough > val because my brilliant former self chose usqrt() to be of type > u_int32_t usqrt(u_sqrt64_t); ... Yeah, it might seem that square-root of a 64bit number should fit in 32bits, but nope, there's a range at the top where the square-root takes 33bits. ok guenther@
Re: Fix comment in sys/sem.h
On Thu, Sep 1, 2016 at 8:24 AM, Michal Mazurek wrote: > It's _SYS_SEM_H_ not _SEM_H_: > > #ifndef _SYS_SEM_H_ > #define _SYS_SEM_H_ ok guenther@
Re: Remove last mention of nonexistent ktr_kuser().
On Thu, Sep 1, 2016 at 8:27 AM, Michal Mazurek wrote: > --- sys/sys/ktrace.h18 Jun 2016 17:39:44 - 1.31 > +++ sys/sys/ktrace.h1 Sep 2016 07:26:30 - > @@ -206,7 +206,6 @@ void ktrnamei(struct proc *, char *); > void ktrpsig(struct proc *, int, sig_t, int, int, siginfo_t *); > void ktrsyscall(struct proc *, register_t, size_t, register_t []); > void ktrsysret(struct proc *, register_t, int, const register_t [2]); > -void ktr_kuser(const char *, void *, size_t); ok guenther@
sys_process.c: remove relebad
This was OKd but forgotten: https://marc.info/?l=openbsd-tech&m=146001680811549&w=2 relebad used to have more body: relebad: PRELE(t); return (error); But then PRELE(t); was removed. This diff gets rid of what remains of relebad. Index: sys/kern/sys_process.c === RCS file: /cvs/src/sys/kern/sys_process.c,v retrieving revision 1.69 diff -u -p -r1.69 sys_process.c --- sys/kern/sys_process.c 31 May 2016 22:34:53 - 1.69 +++ sys/kern/sys_process.c 1 Sep 2016 07:30:55 - @@ -454,7 +454,7 @@ sys_ptrace(struct proc *p, void *v, regi /* If the address parameter is not (int *)1, set the pc. */ if ((int *)SCARG(uap, addr) != (int *)1) if ((error = process_set_pc(t, SCARG(uap, addr))) != 0) - goto relebad; + return error; #ifdef PT_STEP /* @@ -462,7 +462,7 @@ sys_ptrace(struct proc *p, void *v, regi */ error = process_sstep(t, req == PT_STEP); if (error) - goto relebad; + return error; #endif goto sendsig; @@ -492,7 +492,7 @@ sys_ptrace(struct proc *p, void *v, regi */ error = process_sstep(t, 0); if (error) - goto relebad; + return error; #endif /* give process back to original parent or init */ @@ -522,9 +522,6 @@ sys_ptrace(struct proc *p, void *v, regi } return (0); - - relebad: - return (error); case PT_KILL: if (SCARG(uap, pid) < THREAD_PID_OFFSET && tr->ps_single) -- Michal Mazurek
remove MPSAFE from makesyscalls.sh
This was OKd but forgotten: http://openbsd-archive.7691.n7.nabble.com/remove-MPSAFE-from-makesyscalls-sh-td293382.html Index: sys/sys/systm.h === RCS file: /cvs/src/sys/sys/systm.h,v retrieving revision 1.113 diff -u -p -r1.113 systm.h --- sys/sys/systm.h 17 May 2016 23:28:03 - 1.113 +++ sys/sys/systm.h 1 Sep 2016 07:34:19 - @@ -112,8 +112,7 @@ extern struct sysent { /* system call t sy_call_t *sy_call; /* implementing function */ } sysent[]; -#define SY_MPSAFE 0x01 -#define SY_NOLOCK 0x02 +#define SY_NOLOCK 0x01 #if_BYTE_ORDER == _BIG_ENDIAN #define SCARG(p, k)((p)->k.be.datum) /* get arg from args pointer */ Index: sys/kern/makesyscalls.sh === RCS file: /cvs/src/sys/kern/makesyscalls.sh,v retrieving revision 1.11 diff -u -p -r1.11 makesyscalls.sh --- sys/kern/makesyscalls.sh27 Nov 2007 18:04:01 - 1.11 +++ sys/kern/makesyscalls.sh1 Sep 2016 07:34:19 - @@ -255,10 +255,6 @@ function parseline() { funcalias="" end=NF } - if ($f == "MPSAFE") { # allow MP-safe syscalls - sycall_flags = sprintf("SY_MPSAFE | %s", sycall_flags) - f++ - } if ($f == "NOLOCK") { # syscall does not need locks sycall_flags = sprintf("SY_NOLOCK | %s", sycall_flags) f++ -- Michal Mazurek
Remove last mention of nonexistent ktr_kuser().
Index: sys/sys/ktrace.h === RCS file: /cvs/src/sys/sys/ktrace.h,v retrieving revision 1.31 diff -u -p -r1.31 ktrace.h --- sys/sys/ktrace.h18 Jun 2016 17:39:44 - 1.31 +++ sys/sys/ktrace.h1 Sep 2016 07:26:30 - @@ -206,7 +206,6 @@ void ktrnamei(struct proc *, char *); void ktrpsig(struct proc *, int, sig_t, int, int, siginfo_t *); void ktrsyscall(struct proc *, register_t, size_t, register_t []); void ktrsysret(struct proc *, register_t, int, const register_t [2]); -void ktr_kuser(const char *, void *, size_t); int ktruser(struct proc *, const char *, const void *, size_t); void ktrexec(struct proc *, int, const char *, ssize_t); void ktrpledge(struct proc *, int, uint64_t, int); -- Michal Mazurek
Fix comment in sys/sem.h
It's _SYS_SEM_H_ not _SEM_H_: #ifndef _SYS_SEM_H_ #define _SYS_SEM_H_ Index: sys/sys/sem.h === RCS file: /cvs/src/sys/sys/sem.h,v retrieving revision 1.23 diff -u -p -r1.23 sem.h --- sys/sys/sem.h 23 Nov 2014 04:31:42 - 1.23 +++ sys/sys/sem.h 1 Sep 2016 07:22:26 - @@ -195,4 +195,4 @@ int semop(int, struct sembuf *, size_t); __END_DECLS #endif /* !_KERNEL */ -#endif /* !_SEM_H_ */ +#endif /* !_SYS_SEM_H_ */ -- Michal Mazurek