Re: Revisit tcpdump(8) pledge(2) promises
On Thu, Sep 14, 2017 at 01:40:31AM -0400, Bryan Steele wrote:
> On Wed, Sep 13, 2017 at 09:53:09PM -0400, Bryan Steele wrote:
> > On Wed, Sep 13, 2017 at 08:58:28PM -0400, Bryan Steele wrote:
> > >
> > > 'rpath dns' for DNS lookups
> > >
> >
> > To clarify, "rpath" is not needed for DNS lookups, but currently for
> > other address to name translations, i.e: getrpcbynumber(3) and
> > ether_ntohost(3).
>
> Here's a diff to pre-open both of these, using setrpcent(1) which
> keeps /etc/rpc open in libc, and including a modified copy of
> ether_ntohost from libc.
>
> I'd appreciate testing to see if any more open paths happen late,
> with the diff below, the "rpath" promise is completely removed!
>
> -Bryan.
There's another solution to this coming soon, so I'd like to get my
original diff in, with a comment:
ok?
-Bryan.
Index: pfctl_osfp.c
===
RCS file: /cvs/src/usr.sbin/tcpdump/pfctl_osfp.c,v
retrieving revision 1.13
diff -u -p -u -r1.13 pfctl_osfp.c
--- usr.sbin/tcpdump/pfctl_osfp.c 28 May 2017 10:06:12 - 1.13
+++ usr.sbin/tcpdump/pfctl_osfp.c 18 Sep 2017 22:17:00 -
@@ -81,17 +81,14 @@ void print_name_list(int, struct
name
voidsort_name_list(int, struct name_list *);
struct name_entry *lookup_name_list(struct name_list *, const char *);
-/* XXX arbitrary */
-#define MAX_FP_LINE 1024
-
/* Load fingerprints from a file */
int
pfctl_file_fingerprints(int dev, int opts, const char *fp_filename)
{
- u_char buf[MAX_FP_LINE];
+ FILE *in;
u_char *line;
size_t len;
- int i, lineno = 0;
+ int i, fd, lineno = 0;
int window, w_mod, ttl, df, psize, p_mod, mss, mss_mod, wscale,
wscale_mod, optcnt, ts0;
pf_tcpopts_t packed_tcpopts;
@@ -99,15 +96,22 @@ pfctl_file_fingerprints(int dev, int opt
struct pf_osfp_ioctl fp;
pfctl_flush_my_fingerprints();
+
+ fd = priv_open_pfosfp();
+ if (fd < 0)
+ return (1);
+
+ if ((in = fdopen(fd, "r")) == NULL) {
+ warn("%s", fp_filename);
+ return (1);
+ }
+
class = version = subtype = desc = tcpopts = NULL;
if ((opts & PF_OPT_NOACTION) == 0)
pfctl_clear_fingerprints(dev, opts);
- priv_getlines(FTAB_PFOSFP);
- while ((len = priv_getline(buf, sizeof(buf))) > 0) {
- buf[len -1] = '\n';
- line = buf;
+ while ((line = fgetln(in, )) != NULL) {
lineno++;
free(class);
free(version);
Index: privsep.c
===
RCS file: /cvs/src/usr.sbin/tcpdump/privsep.c,v
retrieving revision 1.47
diff -u -p -u -r1.47 privsep.c
--- usr.sbin/tcpdump/privsep.c 8 Sep 2017 19:30:13 - 1.47
+++ usr.sbin/tcpdump/privsep.c 18 Sep 2017 22:17:00 -
@@ -73,12 +73,13 @@ static const int allowed_max[] = {
/* INIT */ ALLOW(PRIV_OPEN_BPF) | ALLOW(PRIV_OPEN_DUMP) |
ALLOW(PRIV_SETFILTER),
/* BPF */ ALLOW(PRIV_SETFILTER),
- /* FILTER */ALLOW(PRIV_OPEN_OUTPUT) | ALLOW(PRIV_GETSERVENTRIES) |
+ /* FILTER */ALLOW(PRIV_OPEN_PFOSFP) | ALLOW(PRIV_OPEN_OUTPUT) |
+ ALLOW(PRIV_GETSERVENTRIES) |
ALLOW(PRIV_GETPROTOENTRIES) |
ALLOW(PRIV_ETHER_NTOHOST) | ALLOW(PRIV_INIT_DONE),
/* RUN */ ALLOW(PRIV_GETHOSTBYADDR) | ALLOW(PRIV_ETHER_NTOHOST) |
- ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_GETLINES) |
- ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS),
+ ALLOW(PRIV_GETRPCBYNUMBER) | ALLOW(PRIV_LOCALTIME) |
+ ALLOW(PRIV_PCAP_STATS),
/* EXIT */ 0
};
@@ -90,21 +91,10 @@ static int allowed_ext[] = {
/* INIT */ ALLOW(PRIV_SETFILTER),
/* BPF */ ALLOW(PRIV_SETFILTER),
/* FILTER */ALLOW(PRIV_GETSERVENTRIES),
- /* RUN */ ALLOW(PRIV_GETLINES) | ALLOW(PRIV_LOCALTIME) |
- ALLOW(PRIV_PCAP_STATS),
+ /* RUN */ ALLOW(PRIV_LOCALTIME) | ALLOW(PRIV_PCAP_STATS),
/* EXIT */ 0
};
-struct ftab {
- char *name;
- int max;
- int count;
-};
-
-static struct ftab file_table[] = {{PF_OSFP_FILE, 1, 0}};
-
-#define NUM_FILETAB (sizeof(file_table) / sizeof(struct ftab))
-
intdebug_level = LOG_INFO;
intpriv_fd = -1;
volatile pid_t child_pid = -1;
@@ -112,8 +102,11 @@ static volatilesig_atomic_t cur_state =
extern voidset_slave_signals(void);
+static voiddrop_privs(int);
+
static voidimpl_open_bpf(int, int *);
static voidimpl_open_dump(int, const char *);
+static voidimpl_open_pfosfp(int);
static voidimpl_open_output(int, const char
Re: armv7 a4x dsb fix
On Sun, Sep 03, 2017 at 07:56:30AM +0300, Artturi Alm wrote: > On Mon, Jul 03, 2017 at 06:14:06AM +0300, Artturi Alm wrote: > > Hi, > > > > just the bug fix, so this diff leaves the unused relics around and so, > > but better than current/nothing, and hopefully small enough to get looked > > at. > > > > -Artturi > > > > ping? > a4x bus_space is supposed to be identical to armv7 bus_space w/ offset << 2. > > -Artturi > pong? just in case the minimal diff was lacking good enough description, i'll try again, hoping the desire for md correctness will prevail even for an arch like armv7, atleast for obvious(?) things like this. for those who don't know what a4x bus_space is for: /* * There are simple bus space functions for IO registers mapped at * 32-bit aligned positions. offset is multiplied by 4. */ i guess it should read "These are ..", that was from armv7_a4x_io.S, another more broken descr. of it can be found from armv7_a4x_space.c: /* * Bus space tag for 8/16-bit devices on 32-bit bus. * all registers are located at the address of multiple of 4. */ == wrong, as it does support 32-bit reads and writes, but not in multiples. anyway, it's purpose remains the same, to do offset << 2 before bus op. So, there's nothing suggesting a4x shouldn't have the barriers added by diff below, to really make it armv7_bus_space+off*4 i believe it was/is meant to be, and nothing should use the generic/generic_armv4 bs. current might work now, will anyone remember this if MULTIPROCESSOR would ever appear, and have weird problems w/console? idk. i'll just leave this here:) -Artturi diff --git a/sys/arch/arm/arm/bus_space_asm_generic.S b/sys/arch/arm/arm/bus_space_asm_generic.S deleted file mode 100644 index 97b71a5cecc..000 --- a/sys/arch/arm/arm/bus_space_asm_generic.S +++ /dev/null @@ -1,336 +0,0 @@ -/* $OpenBSD: bus_space_asm_generic.S,v 1.5 2017/01/06 00:06:02 jsg Exp $ */ -/* $NetBSD: bus_space_asm_generic.S,v 1.3 2003/03/27 19:46:14 mycroft Exp $*/ - -/* - * Copyright (c) 1997 Causality Limited. - * Copyright (c) 1997 Mark Brinicombe. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - *notice, this list of conditions and the following disclaimer. - * 2. Redistributions in binary form must reproduce the above copyright - *notice, this list of conditions and the following disclaimer in the - *documentation and/or other materials provided with the distribution. - * 3. All advertising materials mentioning features or use of this software - *must display the following acknowledgement: - * This product includes software developed by Mark Brinicombe - * for the NetBSD Project. - * 4. The name of the company nor the name of the author may be used to - *endorse or promote products derived from this software without specific - *prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF - * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. - * IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - */ - -#include -#include - -/* - * Generic bus_space functions. - */ - -/* - * read single - */ - -ENTRY(generic_bs_r_1) - ldrbr0, [r1, r2] - mov pc, lr - -ENTRY(generic_armv4_bs_r_2) - ldrhr0, [r1, r2] - mov pc, lr - -ENTRY(generic_bs_r_4) - ldr r0, [r1, r2] - mov pc, lr - -/* - * write single - */ - -ENTRY(generic_bs_w_1) - strbr3, [r1, r2] - mov pc, lr - -ENTRY(generic_armv4_bs_w_2) - strhr3, [r1, r2] - mov pc, lr - -ENTRY(generic_bs_w_4) - str r3, [r1, r2] - mov pc, lr - -/* - * read multiple - */ - -ENTRY(generic_bs_rm_1) - add r0, r1, r2 - mov r1, r3 - ldr r2, [sp, #0] - teq r2, #0 - moveq pc, lr - -1: ldrbr3, [r0] - strbr3, [r1], #1 - subsr2, r2, #1 - bne 1b - - mov pc, lr - -ENTRY(generic_armv4_bs_rm_2) - add r0, r1, r2 - mov r1, r3 - ldr r2, [sp, #0] - teq r2, #0 - moveq pc, lr - -1: ldrhr3, [r0] - strhr3, [r1], #2 - subsr2, r2, #1 - bne
Re: armv7 a few tc_counter_mask fixes
On Mon, Sep 18, 2017 at 03:41:56PM +0300, Artturi Alm wrote:
> On Mon, Sep 18, 2017 at 11:19:09AM +0100, Stuart Henderson wrote:
> > On 2017/09/18 04:28, Artturi Alm wrote:
> > > Do i really need to reference datasheets, or would someone explain to me
> > > the value of this MSB robbing?
> >
> > I think, if you're proposing a change, you should explain why that
> > change should be made, rather than asking others to defend the current
> > situation..
> >
>
> guess i wasn't clear enough. of the 3 timers two are 64bit timers, of them
> agtimer doesn't even support reading just 32bit, nor any of them do just
> 31bits as claimed by the timercounter mask.
> so all of them act opposite to what's written in sys/timetc.h, the last bit
> won't be constant with these.
>
> amptimer's low register does have full 32bits, if it didn't, i doubt this
> function could exist:
> /sys/arch/arm/cortex/amptimer.c:
> 128 uint64_t
> 129 amptimer_readcnt64(struct amptimer_softc *sc)
> 130 {
> 131 uint32_t high0, high1, low;
> 132 bus_space_tag_t iot = sc->sc_iot;
> 133 bus_space_handle_t ioh = sc->sc_ioh;
> 134
> 135 do {
> 136 high0 = bus_space_read_4(iot, ioh, GTIMER_CNT_HIGH);
> 137 low = bus_space_read_4(iot, ioh, GTIMER_CNT_LOW);
> 138 high1 = bus_space_read_4(iot, ioh, GTIMER_CNT_HIGH);
> 139 } while (high0 != high1);
> 140
> 141 return uint64_t)high1) << 32) | low);
> 142 }
>
> if you google for "swpu223g" you'll find omap3430 technical reference manual
> pdf, in it you can find the description of gptimer's TCRR register, at
> page 2600, also it _will_ count beyond 0x7fff.
>
> you can find reference to gptimer(missed replace) from amptimer.c, i guess
> amptimer was where agtimer got it from, so maybe just an bad copy-paste.
>
i meant to write "(missed replace?)" above, as i'm not sure,
but now i think i know who i should have cc'ed initially.
i'm guessing the chain has gone something like this:
macppc||socppc->beagle's gptimer->panda's amptimer->agtimer->arm64 agtimer
drahn@, would you help me out a bit here? do you know/remember about
these enough, to ok what i've suggested(+same for arm64 agtimer) to anyone
who could pick this up?
-Artturi
> -Artturi
Re: [Patch] directory.3 should describe return value of readdir_r()
On Wed, 13 Sep 2017 20:52:58 +1000, Ross L Richardson wrote: > directory.3 (has no "RETURN VALUES" section and) fails to > describe the return value of readdir_r(). > > The diff below adds a sentence about the return value. > It also converts "return (X)" to "return X" in the > sample code. Thanks, I just committed a variation of this diff. - todd
HEADS-UP: package @version
The switch to clang for some arches was a bit annoying, because suddenly you had to force an update of every package (practically, bumping every package was next to impossible). The HEADS-UP is that actually there should be *no* heads-up for 6.2. Thanks to sthen@'s prodding, I've just committed a mechanism that will force all binary packages to update on i386/amd64. User-visible parts end up as @version in each package, a new option in pkg_create, and a new component in pkg_info -S signatures. The bump to the version number for i386 and amd64 has been done in bsd.port.mk/arch-defines.mk. As of now, there are no user-visible parts in there (everything is prefixed with _). People running snapshots will soon noticed a "forced update" of the binary packages (sorry for those of you who already ran pkg_add -u -Dinstalled), but at least, "average" users going from release to release won't see a thing. (and we won't have to advertize using -Dinstalled when such a large change happens).
syslogd log startup errors persistently
Hi,
When syslogd writes some startup errors to stderr or console, they
never appear in any log file. After initialization, write a summary
into log files and to remote log host. So the problem shows up,
when someone is looking at the persistent messages.
syslogd[91295]: dropped 3 messages during initialization
While there, print the "dropped message" warning in a common function.
ok?
bluhm
Index: usr.sbin/syslogd/syslogd.c
===
RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v
retrieving revision 1.248
diff -u -p -r1.248 syslogd.c
--- usr.sbin/syslogd/syslogd.c 17 Sep 2017 23:49:14 - 1.248
+++ usr.sbin/syslogd/syslogd.c 18 Sep 2017 14:30:33 -
@@ -226,6 +226,7 @@ const char *ClientCertfile = NULL;
const char *ClientKeyfile = NULL;
const char *ServerCAfile = NULL;
inttcpbuf_dropped = 0; /* count messages dropped from TCP or TLS */
+intinit_dropped = 0; /* messages dropped during initialization */
#define CTL_READING_CMD1
#define CTL_WRITING_REPLY 2
@@ -320,6 +321,7 @@ voidcvthname(struct sockaddr *, char *,
intdecode(const char *, const CODE *);
void markit(void);
void fprintlog(struct filed *, int, char *);
+void dropped_warn(int *, const char *);
void init(void);
void logevent(int, const char *);
void logline(int, int, char *, char *);
@@ -1361,6 +1363,7 @@ void
tcp_writecb(struct bufferevent *bufev, void *arg)
{
struct filed*f = arg;
+ char ebuf[ERRBUFSIZE];
/*
* Successful write, connection to server is good, reset wait time.
@@ -1370,11 +1373,9 @@ tcp_writecb(struct bufferevent *bufev, v
if (f->f_un.f_forw.f_dropped > 0 &&
EVBUFFER_LENGTH(f->f_un.f_forw.f_bufev->output) < MAX_TCPBUF) {
- log_info(LOG_WARNING, "dropped %d message%s to loghost \"%s\"",
- f->f_un.f_forw.f_dropped,
- f->f_un.f_forw.f_dropped == 1 ? "" : "s",
+ snprintf(ebuf, sizeof(ebuf), "to loghost \"%s\"",
f->f_un.f_forw.f_loghost);
- f->f_un.f_forw.f_dropped = 0;
+ dropped_warn(>f_un.f_forw.f_dropped, ebuf);
}
}
@@ -1649,6 +1650,7 @@ vlogmsg(int pri, const char *proc, const
vsnprintf(msg + l, sizeof(msg) - l, fmt, ap);
if (!Started) {
fprintf(stderr, "%s\n", msg);
+ init_dropped++;
return;
}
logline(pri, ADDDATE, LocalHostName, msg);
@@ -1793,6 +1795,7 @@ logline(int pri, int flags, char *from,
/* May be set to F_UNUSED, try again next time. */
f->f_type = F_CONSOLE;
}
+ init_dropped++;
return;
}
SIMPLEQ_FOREACH(f, , f_next) {
@@ -2205,11 +2208,7 @@ init_signalcb(int signum, short event, v
init();
log_info(LOG_INFO, "restart");
- if (tcpbuf_dropped > 0) {
- log_info(LOG_WARNING, "dropped %d message%s to remote loghost",
- tcpbuf_dropped, tcpbuf_dropped == 1 ? "" : "s");
- tcpbuf_dropped = 0;
- }
+ dropped_warn(_dropped, "to remote loghost");
log_debug("syslogd: restarted");
}
@@ -2219,6 +2218,20 @@ logevent(int severity, const char *msg)
log_debug("libevent: [%d] %s", severity, msg);
}
+void
+dropped_warn(int *count, const char *what)
+{
+ int dropped;
+
+ if (*count == 0)
+ return;
+
+ dropped = *count;
+ *count = 0;
+ log_info(LOG_WARNING, "dropped %d message%s %s",
+ dropped, dropped == 1 ? "" : "s", what);
+}
+
__dead void
die(int signo)
{
@@ -2237,12 +2250,8 @@ die(int signo)
}
}
Initialized = was_initialized;
-
- if (tcpbuf_dropped > 0) {
- log_info(LOG_WARNING, "dropped %d message%s to remote loghost",
- tcpbuf_dropped, tcpbuf_dropped == 1 ? "" : "s");
- tcpbuf_dropped = 0;
- }
+ dropped_warn(_dropped, "during initialization");
+ dropped_warn(_dropped, "to remote loghost");
if (signo)
log_info(LOG_ERR, "exiting on signal %d", signo);
@@ -2323,6 +2332,7 @@ init(void)
SIMPLEQ_INSERT_TAIL(,
cfline("*.PANIC\t*", "*", "*"), f_next);
Initialized = 1;
+ dropped_warn(_dropped, "during initialization");
return;
}
@@ -2423,6 +2433,7 @@ init(void)
(void)fclose(cf);
Initialized = 1;
+ dropped_warn(_dropped, "during initialization");
if (Debug) {
SIMPLEQ_FOREACH(f, , f_next) {
Re: unbound 1.6.6
I'm running this now and haven't noticed any issues so far. - todd
Re: armv7 a few tc_counter_mask fixes
On Mon, Sep 18, 2017 at 11:19:09AM +0100, Stuart Henderson wrote:
> On 2017/09/18 04:28, Artturi Alm wrote:
> > Do i really need to reference datasheets, or would someone explain to me
> > the value of this MSB robbing?
>
> I think, if you're proposing a change, you should explain why that
> change should be made, rather than asking others to defend the current
> situation..
>
guess i wasn't clear enough. of the 3 timers two are 64bit timers, of them
agtimer doesn't even support reading just 32bit, nor any of them do just
31bits as claimed by the timercounter mask.
so all of them act opposite to what's written in sys/timetc.h, the last bit
won't be constant with these.
amptimer's low register does have full 32bits, if it didn't, i doubt this
function could exist:
/sys/arch/arm/cortex/amptimer.c:
128 uint64_t
129 amptimer_readcnt64(struct amptimer_softc *sc)
130 {
131 uint32_t high0, high1, low;
132 bus_space_tag_t iot = sc->sc_iot;
133 bus_space_handle_t ioh = sc->sc_ioh;
134
135 do {
136 high0 = bus_space_read_4(iot, ioh, GTIMER_CNT_HIGH);
137 low = bus_space_read_4(iot, ioh, GTIMER_CNT_LOW);
138 high1 = bus_space_read_4(iot, ioh, GTIMER_CNT_HIGH);
139 } while (high0 != high1);
140
141 return uint64_t)high1) << 32) | low);
142 }
if you google for "swpu223g" you'll find omap3430 technical reference manual
pdf, in it you can find the description of gptimer's TCRR register, at
page 2600, also it _will_ count beyond 0x7fff.
you can find reference to gptimer(missed replace) from amptimer.c, i guess
amptimer was where agtimer got it from, so maybe just an bad copy-paste.
-Artturi
Re: armv7 a few tc_counter_mask fixes
On 2017/09/18 04:28, Artturi Alm wrote: > Do i really need to reference datasheets, or would someone explain to me > the value of this MSB robbing? I think, if you're proposing a change, you should explain why that change should be made, rather than asking others to defend the current situation..
