Re: netcat: bump BUFSIZE to 64k?
On Sun, Dec 18, 2022 at 06:40:45PM +0100, Claudio Jeker wrote: > > What confuses me is that atomicio() is not used in the main readwrite() > loop. There nc polls on both fds and then read/write depending on return > values. atomicio() is only used by atelnet() and socks_connect() which do > not depend on BUFSIZE. > > I assume this was modified when TLS support was added but I did > not investigate further. Thanks for the pointer. That was changed with the following commit which means that stalling with atomicio() is not an issue anymore. revision 1.125 date: 2014/10/30 16:06:07; author: tedu; state: Exp; lines: +211 -47; rework the poll loop to poll in both directions so it doesn't get stuck if one pipe stalls out. from a diff by Arne Becker. (buffer size left alone for now) There's also a longer discussion here https://marc.info/?t=14023700382&r=1&w=2 Marco
Re: netcat: bump BUFSIZE to 64k?
On Sun, Dec 18, 2022 at 02:00:24PM +0100, Theo Buehler wrote: > This is the remaining bit of mpf's recent netcat diff. The commit log > shows that it was bumped to 64k in the past, but that was promptly > reverted due to concerns of buffer bloat caused by atomicio blocking > traffic in the other direction. Thanks for taking care of this. I should've done some research myself before suggesting this. For reference: revision 1.121 date: 2014/06/10 16:35:42; author: tedu; state: Exp; lines: +2 -2; stick with 16k buffers for a little while to avoid bufferbloat. atomicio writing out 64k in one direction will cause traffic in the other direction to stall until it's complete. discussion with deraadt revision 1.120 date: 2014/06/10 16:23:07; author: tedu; state: Exp; lines: +3 -3; increase buffer size to 64k, and actually use it. ok deraadt from John-Mark Gurney > I don't know if things are different enough 8 years later that this can > be reconsidered. Not my area, just throwing it out there so it doesn't > get lost. I can only assume that the concern was about talking to a server that would block while trying to send a response after only reading a part of the data. I can't think of a real world scenario where this is a problem right now. But since my use case (sending a huge UDP packet) also depends on bumping the socket buffer size with -O, we could also make the BUFSIZE conditional on the provided socket buffer size, or give this a new option.
netcat UDP behavior in verbose mode
The other day I was trying to send a syslog UDP packet via netcat. Out of habit I was running it with the -v flag and noticed that it corrupted my syslog packet with three 'X' characters. Turns out verbose mode enables udptest() which is meant to get feedback if the "connection" is successful and thus sends three 'X' as probes. I suggest we only enable udptest, if nc(1) is run with stdin as input. We might also want to document that behavior. In addition, I wanted to send a huge UDP packet (~64k) for testing. This wasn't possible, because the write(2) happens with only 16k. Bumping BUFSIZE fixes that. Cheers, Marco Index: netcat.c === RCS file: /cvs/src/usr.bin/nc/netcat.c,v retrieving revision 1.219 diff -u -p -p -u -r1.219 netcat.c --- netcat.c8 Jun 2022 20:07:31 - 1.219 +++ netcat.c1 Dec 2022 20:34:40 - @@ -66,7 +66,7 @@ #define POLL_NETOUT1 #define POLL_NETIN 2 #define POLL_STDOUT3 -#define BUFSIZE16384 +#define BUFSIZE65536 #define TLS_NOVERIFY (1 << 1) #define TLS_NONAME (1 << 2) @@ -702,7 +702,7 @@ main(int argc, char *argv[]) ret = 0; if (vflag || zflag) { /* For UDP, make sure we are connected. */ - if (uflag) { + if (uflag && isatty(STDIN_FILENO)) { if (udptest(s) == -1) { ret = 1; continue;
Remove ls -C alias from /etc/ksh.kshrc
While doing some ad-hoc scripting on my command line, I noticed that ls(1) defaults to multi-column output, even if the output is piped to another command. The reason for this annoyance is simple: $ alias |grep ls ls='ls -CF' LS(1) -C Force multi-column output; this is the default when output is to a terminal. ls(1) can detect whether stdout isatty(3) all by itself. I think it's time to remove this artifact from 1996. OK? Index: ksh.kshrc === RCS file: /cvs/src/etc/ksh.kshrc,v retrieving revision 1.31 diff -u -p -p -u -r1.31 ksh.kshrc --- ksh.kshrc 18 Feb 2018 21:48:00 - 1.31 +++ ksh.kshrc 15 May 2018 18:50:40 - @@ -57,7 +57,7 @@ case "$-" in set -o emacs - alias ls='ls -CF' + alias ls='ls -F' alias h='fc -l | more' case "$TERM" in
Re: Export IPsec flows via snmpd(8)
On Tue, Dec 19, 2017 at 12:43:48PM +0100, Martin Pieuchot wrote: > I'd like to see some information about my tunnels in my NMS. Nice. I would find that very useful :) > The problem is that there's not standard MIB for this and most vendor > MIBs are huge and are not easy to implement. What about https://tools.ietf.org/html/rfc4807 ? Marco
Re: TCP support for snmpd(8)
char sm_host[HOST_NAME_MAX+1]; @@ -509,6 +511,7 @@ struct snmp_stats { struct address { struct sockaddr_storage ss; in_port_tport; + int ipproto; TAILQ_ENTRY(address) entry; @@ -521,7 +524,9 @@ TAILQ_HEAD(addresslist, address); struct listen_sock { int s_fd; + int s_ipproto; struct events_ev; + struct events_evt; TAILQ_ENTRY(listen_sock)entry; }; TAILQ_HEAD(socklist, listen_sock); @@ -739,7 +744,7 @@ char*smi_print_element(struct ber_elem voidtimer_init(void); /* snmpd.c */ -int snmpd_socket_af(struct sockaddr_storage *, in_port_t); +int snmpd_socket_af(struct sockaddr_storage *, in_port_t, int); u_long snmpd_engine_time(void); char *tohexstr(u_int8_t *, int); Index: snmpe.c === RCS file: /cvs/src/usr.sbin/snmpd/snmpe.c,v retrieving revision 1.47 diff -u -p -p -u -r1.47 snmpe.c --- snmpe.c 21 Apr 2017 13:50:23 - 1.47 +++ snmpe.c 28 Jul 2017 14:21:22 - @@ -2,6 +2,7 @@ /* * Copyright (c) 2007, 2008, 2012 Reyk Floeter + * Copyright (c) 2017 Marco Pfatschbacher * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above @@ -49,10 +50,16 @@ void snmpe_sig_handler(int sig, short, int snmpe_dispatch_parent(int, struct privsep_proc *, struct imsg *); int snmpe_bind(struct address *); voidsnmpe_recvmsg(int fd, short, void *); +voidsnmpe_readcb(int fd, short, void *); +voidsnmpe_writecb(int fd, short, void *); +voidsnmpe_accept_cb(int fd, short, void *); +voidsnmpe_prepare_read(struct snmp_message *, int); int snmpe_encode(struct snmp_message *); voidsnmp_msgfree(struct snmp_message *); struct imsgev *iev_parent; +struct timeval snmpe_tcp_timeout; +#define SNMPE_TCP_TIMEOUT 10 static struct privsep_proc procs[] = { { "parent", PROC_PARENT,snmpe_dispatch_parent } @@ -76,11 +83,13 @@ snmpe(struct privsep *ps, struct privsep } #endif + /* bind SNMP UDP/TCP sockets */ TAILQ_FOREACH(h, &env->sc_addresses, entry) { if ((so = calloc(1, sizeof(*so))) == NULL) fatal("snmpe: %s", __func__); if ((so->s_fd = snmpe_bind(h)) == -1) - fatal("snmpe: failed to bind SNMP UDP socket"); + fatal("snmpe: failed to bind SNMP socket"); + so->s_ipproto = h->ipproto; TAILQ_INSERT_TAIL(&env->sc_sockets, so, entry); } @@ -99,10 +108,20 @@ snmpe_init(struct privsep *ps, struct pr timer_init(); usm_generate_keys(); - /* listen for incoming SNMP UDP messages */ + timerclear(&snmpe_tcp_timeout); + snmpe_tcp_timeout.tv_sec = SNMPE_TCP_TIMEOUT; + + /* listen for incoming SNMP UDP/TCP messages */ TAILQ_FOREACH(so, &env->sc_sockets, entry) { - event_set(&so->s_ev, so->s_fd, EV_READ|EV_PERSIST, - snmpe_recvmsg, env); + if (so->s_ipproto == IPPROTO_TCP) { + if (listen(so->s_fd, 5) < 0) + fatalx("snmpe: failed to listen on socket"); + event_set(&so->s_ev, so->s_fd, EV_READ, snmpe_accept_cb, so); + evtimer_set(&so->s_evt, snmpe_accept_cb, so); + } else { + event_set(&so->s_ev, so->s_fd, EV_READ|EV_PERSIST, + snmpe_recvmsg, env); + } event_add(&so->s_ev, NULL); } } @@ -110,6 +129,13 @@ snmpe_init(struct privsep *ps, struct pr void snmpe_shutdown(void) { + struct listen_sock *so; + + TAILQ_FOREACH(so, &snmpd_env->sc_sockets, entry) { + event_del(&so->s_ev); + event_del(&so->s_evt); + close(so->s_fd); + } kr_shutdown(); } @@ -130,32 +156,34 @@ snmpe_bind(struct address *addr) char buf[512]; int val, s; - if ((s = snmpd_socket_af(&addr->ss, htons(addr->port))) == -1) + if ((s = snmpd_socket_af(&addr->ss, htons(addr->port), + addr->ipproto)) == -1) return (-1); - /* -* Socket options -*/ - if (fcntl(s, F_SETFL, O_NONBLOCK) == -1) - goto bad; - - switch (addr->ss.ss_family) { - case AF_INET: - val = 1; - i
Re: TCP support for snmpd(8)
On Wed, Jul 19, 2017 at 11:15:45AM +0200, Reyk Floeter wrote: > > > On 19.07.2017, at 10:16, Marco Pfatschbacher wrote: > > > > This adds TCP support to snmpd. > > I've added a tcp option to the "listen on" statement. > > The trap receiver will continue to bind to UDP addresses only. > > > > Tested against net-snmp, which has TCP support. > > > > Nice! > > Are you also planning to add tcp support in snmpctl? Hmm, haven't thought about it :-) > And it would also be nice to get tls (over TCP) later, there is an RFC for > that, > but the tcp implementation can already be done with tls in mind. Isn't that covered with USM? However, I'm tunneling through SSH anyway. That's why I needed TCP. > I will give it a try, see comments below. Thanks, I changed most of them. > > > > @@ -99,10 +107,20 @@ snmpe_init(struct privsep *ps, struct pr > > timer_init(); > > usm_generate_keys(); > > > > - /* listen for incoming SNMP UDP messages */ > > + timerclear(&snmpe_tcp_timeout); > > + snmpe_tcp_timeout.tv_sec = SNMPE_TCP_TIMEOUT; > > The comment says UDP but the variables are for TCP? That's why I deleted it ;) > > + > > + /* listen for incoming SNMP UDP/TCP messages */ > > TAILQ_FOREACH(so, &env->sc_sockets, entry) { > > - event_set(&so->s_ev, so->s_fd, EV_READ|EV_PERSIST, > > - snmpe_recvmsg, env); > > + if (so->s_ipproto == IPPROTO_TCP) { > > + if (listen(so->s_fd, 5) < 0) > > + fatalx("snmpe: failed to listen on socket"); > > + event_set(&so->s_ev, so->s_fd, EV_READ|EV_PERSIST, > > + snmpe_accept_cb, env); > > + } else { > > + event_set(&so->s_ev, so->s_fd, EV_READ|EV_PERSIST, > > + snmpe_recvmsg, env); > > + } > > event_add(&so->s_ev, NULL); > > } > > } > > @@ -110,6 +128,12 @@ snmpe_init(struct privsep *ps, struct pr > > void > > snmpe_shutdown(void) > > { > > + struct listen_sock *so; > > + > > + TAILQ_FOREACH(so, &snmpd_env->sc_sockets, entry) { > > + event_del(&so->s_ev); > > + close(so->s_fd); > > + } > > kr_shutdown(); > > } > > > > @@ -130,32 +154,43 @@ snmpe_bind(struct address *addr) > > char buf[512]; > > int val, s; > > > > - if ((s = snmpd_socket_af(&addr->ss, htons(addr->port))) == -1) > > + if ((s = snmpd_socket_af(&addr->ss, htons(addr->port), > > + addr->ipproto)) == -1) > > return (-1); > > > > /* > > * Socket options > > */ > > - if (fcntl(s, F_SETFL, O_NONBLOCK) == -1) > > - goto bad; > > So are you using blocking listening TCP sockets? Yes, since we are using libevent. But I changed them anyway, in case there is a race. > We also have fd accounting in a few daemons to pause accept when > we're out of fds (ENFILE or EMFILE), but this can be implemented in > a separate commit. Not sure what that solves. sshd has MaxStartups and it's very easy to DoS it. > > best practice is to avoid EV_PERSIST and to always re-schedule when > needed. This prevents us from having stale events. OK. I left it for the accept callbacks though. > > + len = read(fd, msg->sm_data + msg->sm_datalen, > > + sizeof(msg->sm_data) - msg->sm_datalen); > > + if (len == 0) { > > How are you handling error cases len == -1? Thanks, I missed that. > And it is non-blocking I/O so you have to check for EINTR and EAGAIN. > > > + event_del(&msg->sm_sockev); > > + close(fd); > > + snmp_msgfree(msg); > > + return; > > + } > > + > > + msg->sm_datalen = (size_t)len; > > + msg->sm_ber.fd = -1; > > + ber_set_application(&msg->sm_ber, smi_application); > > + ber_set_readbuf(&msg->sm_ber, msg->sm_data, msg->sm_datalen); > > + msg->sm_req = ber_read_elements(&msg->sm_ber, NULL); > > + if (msg->sm_req == NULL) > > + return; /* short read; try again */ > > So you basically keep on retrying if anything goes wrong? > > Will your persist event continue to fire if len returned -1 on read error? Fixed. > > +void > > +snmpe_writecb(int fd, short type, void *arg) > > +{ &g
TCP support for snmpd(8)
This adds TCP support to snmpd. I've added a tcp option to the "listen on" statement. The trap receiver will continue to bind to UDP addresses only. Tested against net-snmp, which has TCP support. Index: parse.y === RCS file: /cvs/src/usr.sbin/snmpd/parse.y,v retrieving revision 1.43 diff -u -p -p -u -r1.43 parse.y --- parse.y 5 Jan 2017 13:53:10 - 1.43 +++ parse.y 19 Jul 2017 07:53:45 - @@ -99,9 +99,9 @@ struct address*host_v4(const char *); struct address *host_v6(const char *); int host_dns(const char *, struct addresslist *, int, in_port_t, struct ber_oid *, char *, - struct address *); + struct address *, int); int host(const char *, struct addresslist *, - int, in_port_t, struct ber_oid *, char *, char *); + int, in_port_t, struct ber_oid *, char *, char *, int); typedef struct { union { @@ -128,12 +128,12 @@ typedef struct { %token SYSTEM CONTACT DESCR LOCATION NAME OBJECTID SERVICES RTFILTER %token READONLY READWRITE OCTETSTRING INTEGER COMMUNITY TRAP RECEIVER %token SECLEVEL NONE AUTH ENC USER AUTHKEY ENCKEY ERROR DISABLED -%token SOCKET RESTRICTED AGENTX HANDLE DEFAULT SRCADDR +%token SOCKET RESTRICTED AGENTX HANDLE DEFAULT SRCADDR TCP UDP %token STRING %token NUMBER %typehostcmn %typesrcaddr -%typeoptwrite yesno seclevel socktype +%typeoptwrite yesno seclevel socktype proto %type objtype cmd %type oid hostoid trapoid %type auth @@ -197,9 +197,9 @@ yesno : STRING { } ; -main : LISTEN ON STRING { +main : LISTEN ON STRING proto{ if (host($3, &conf->sc_addresses, 16, SNMPD_PORT, NULL, - NULL, NULL) <= 0) { + NULL, NULL, $4) <= 0) { yyerror("invalid ip address: %s", $3); free($3); YYERROR; @@ -442,7 +442,7 @@ srcaddr : /* empty */ { $$ = NULL; } hostdef: STRING hostoid hostcmn srcaddr{ if (host($1, hlist, 1, - SNMPD_TRAPPORT, $2, $3, $4) <= 0) { + SNMPD_TRAPPORT, $2, $3, $4, 0) <= 0) { yyerror("invalid host: %s", $1); free($1); YYERROR; @@ -524,6 +524,11 @@ socktype : RESTRICTED{ $$ = SOCK_TYPE_ | /* nothing */ { $$ = 0; } ; +proto : /* empty */ { $$ = IPPROTO_UDP; } + | TCP { $$ = IPPROTO_TCP; } + | UDP { $$ = IPPROTO_UDP; } + ; + cmd: STRING{ struct trapcmd *cmd; size_t span, limit; @@ -634,7 +639,9 @@ lookup(char *s) { "source-address", SRCADDR }, { "string", OCTETSTRING }, { "system", SYSTEM }, + { "tcp",TCP }, { "trap", TRAP }, + { "udp",UDP }, { "user", USER } }; const struct keywords *p; @@ -999,18 +1006,26 @@ parse_config(const char *filename, u_int endservent(); + /* Setup default listen addresses */ if (TAILQ_EMPTY(&conf->sc_addresses)) { - struct address *h; - if ((h = calloc(1, sizeof(*h))) == NULL) - fatal("snmpe: %s", __func__); - h->ss.ss_family = AF_INET; - h->port = SNMPD_PORT; - TAILQ_INSERT_TAIL(&conf->sc_addresses, h, entry); - if ((h = calloc(1, sizeof(*h))) == NULL) - fatal("snmpe: %s", __func__); - h->ss.ss_family = AF_INET6; - h->port = SNMPD_PORT; - TAILQ_INSERT_TAIL(&conf->sc_addresses, h, entry); + host("0.0.0.0", &conf->sc_addresses, 1, SNMPD_PORT, + NULL, NULL, NULL, IPPROTO_UDP); + host("::", &conf->sc_addresses, 1, SNMPD_PORT, + NULL, NULL, NULL, IPPROTO_UDP); + } + if (conf->sc_traphandler) { + struct address *h; + int found = 0; + TAILQ_FOREACH(h, &conf->sc_addresses, entry) { + if (h->ipproto == IPPROTO_UDP) + found = 1; + } + if (!found) { + fprintf(stderr
Re: support to view rc(8) startup skript output via dmesg -s
New diff after some feedback: Restrict this to root only, since there might be sensitive information in the output. e.g. fsck output revealing files. Thanks Theo. Use -s, since -c is already used in other BSDs. I did not go with -a, since that does sth. slightly different on FreeBSD. Thanks Olli. Index: sbin/dmesg/dmesg.8 === RCS file: /cvs/src/sbin/dmesg/dmesg.8,v retrieving revision 1.14 diff -u -p -p -u -r1.14 dmesg.8 --- sbin/dmesg/dmesg.8 14 Aug 2013 06:32:35 - 1.14 +++ sbin/dmesg/dmesg.8 10 Dec 2014 21:36:00 - @@ -38,6 +38,7 @@ .Nd display the system message buffer .Sh SYNOPSIS .Nm dmesg +.Op Fl s .Op Fl M Ar core .Op Fl N Ar system .Sh DESCRIPTION @@ -57,6 +58,12 @@ Extract the name list from the specified .Ar system instead of the default .Pa /bsd . +.It Fl s +Display the contents of the console message buffer instead. +This can be used to review +.Xr rc 8 +system startup messages. +This option is limited to the superuser. .El .Sh FILES .Bl -tag -width /var/run/dmesg.boot -compact Index: sbin/dmesg/dmesg.c === RCS file: /cvs/src/sbin/dmesg/dmesg.c,v retrieving revision 1.23 diff -u -p -p -u -r1.23 dmesg.c --- sbin/dmesg/dmesg.c 22 Apr 2014 20:43:12 - 1.23 +++ sbin/dmesg/dmesg.c 10 Dec 2014 21:36:00 - @@ -66,11 +66,15 @@ main(int argc, char *argv[]) char *p; struct msgbuf cur; char *memf, *nlistf, *bufdata = NULL; + int startupmsgs = 0; char buf[5]; memf = nlistf = NULL; - while ((ch = getopt(argc, argv, "M:N:")) != -1) + while ((ch = getopt(argc, argv, "sM:N:")) != -1) switch(ch) { + case 's': + startupmsgs = 1; + break; case 'M': memf = optarg; break; @@ -89,7 +93,7 @@ main(int argc, char *argv[]) size_t len; mib[0] = CTL_KERN; - mib[1] = KERN_MSGBUFSIZE; + mib[1] = startupmsgs ? KERN_CMSGBUFSIZE : KERN_MSGBUFSIZE; len = sizeof(msgbufsize); if (sysctl(mib, 2, &msgbufsize, &len, NULL, 0)) err(1, "sysctl: KERN_MSGBUFSIZE"); @@ -99,7 +103,7 @@ main(int argc, char *argv[]) if (bufdata == NULL) errx(1, "couldn't allocate space for buffer data"); - mib[1] = KERN_MSGBUF; + mib[1] = startupmsgs ? KERN_CMSGBUF : KERN_MSGBUF; len = msgbufsize; if (sysctl(mib, 2, bufdata, &len, NULL, 0)) err(1, "sysctl: KERN_MSGBUF"); @@ -179,6 +183,6 @@ usage(void) { extern char *__progname; - fprintf(stderr, "usage: %s [-M core] [-N system]\n", __progname); + fprintf(stderr, "usage: %s [-s] [-M core] [-N system]\n", __progname); exit(1); } Index: sys/kern/kern_sysctl.c === RCS file: /cvs/src/sys/kern/kern_sysctl.c,v retrieving revision 1.274 diff -u -p -p -u -r1.274 kern_sysctl.c --- sys/kern/kern_sysctl.c 5 Dec 2014 04:35:08 - 1.274 +++ sys/kern/kern_sysctl.c 10 Dec 2014 21:36:01 - @@ -444,19 +444,30 @@ kern_sysctl(int *name, u_int namelen, vo return (sysctl_rdint(oldp, oldlenp, newp, 0)); #endif case KERN_MSGBUFSIZE: + case KERN_CMSGBUFSIZE: { + struct msgbuf *mp; + mp = (name[0] == KERN_MSGBUFSIZE) ? msgbufp : cmsgbufp; /* * deal with cases where the message buffer has * become corrupted. */ - if (!msgbufp || msgbufp->msg_magic != MSG_MAGIC) + if (!mp || mp->msg_magic != MSG_MAGIC) return (ENXIO); - return (sysctl_rdint(oldp, oldlenp, newp, msgbufp->msg_bufs)); - case KERN_MSGBUF: + return (sysctl_rdint(oldp, oldlenp, newp, mp->msg_bufs)); + } + case KERN_CMSGBUF: + if ((error = suser(p, 0))) + return (error); + /* FALLTHROUGH */ + case KERN_MSGBUF: { + struct msgbuf *mp; + mp = (name[0] == KERN_MSGBUF) ? msgbufp : cmsgbufp; /* see note above */ - if (!msgbufp || msgbufp->msg_magic != MSG_MAGIC) + if (!mp || mp->msg_magic != MSG_MAGIC) return (ENXIO); - return (sysctl_rdstruct(oldp, oldlenp, newp, msgbufp, - msgbufp->msg_bufs + offsetof(struct msgbuf, msg_bufc))); + return (sysctl_rdstruct(oldp, oldlenp, newp, mp, + mp->msg_bufs + offsetof(struct msgbuf, msg_bufc))); + } case KERN_MALLOCSTATS: return (sysctl_malloc(name + 1, namelen - 1,
support to view rc(8) startup skript output via dmesg -c
Hi, something that has often bothered me, is that once you hook up a console to a headless server, you've missed all the output. This makes it harder to diagnose bugs in rc(8) startup skripts from remote. Another thing i've missed is that fsck(8) output will just scroll by and is usually lost. Why not dump the initial output from /dev/console into a share of the system message buffer and make it readable via dmesg -c? Things like the fixed 16k size and bumping the message buffer on various platforms need still to be discussed, but how's the idea in general? Index: sbin/dmesg/dmesg.8 === RCS file: /cvs/src/sbin/dmesg/dmesg.8,v retrieving revision 1.14 diff -u -p -p -u -r1.14 dmesg.8 --- sbin/dmesg/dmesg.8 14 Aug 2013 06:32:35 - 1.14 +++ sbin/dmesg/dmesg.8 7 Dec 2014 12:47:40 - @@ -38,6 +38,7 @@ .Nd display the system message buffer .Sh SYNOPSIS .Nm dmesg +.Op Fl c .Op Fl M Ar core .Op Fl N Ar system .Sh DESCRIPTION @@ -57,6 +58,11 @@ Extract the name list from the specified .Ar system instead of the default .Pa /bsd . +.It Fl c +Display the contents of the console message buffer instead. +This can be used to review +.Xr rc 8 +system startup messages. .El .Sh FILES .Bl -tag -width /var/run/dmesg.boot -compact Index: sbin/dmesg/dmesg.c === RCS file: /cvs/src/sbin/dmesg/dmesg.c,v retrieving revision 1.23 diff -u -p -p -u -r1.23 dmesg.c --- sbin/dmesg/dmesg.c 22 Apr 2014 20:43:12 - 1.23 +++ sbin/dmesg/dmesg.c 7 Dec 2014 12:47:40 - @@ -66,11 +66,15 @@ main(int argc, char *argv[]) char *p; struct msgbuf cur; char *memf, *nlistf, *bufdata = NULL; + int readconsolemsgs = 0; char buf[5]; memf = nlistf = NULL; - while ((ch = getopt(argc, argv, "M:N:")) != -1) + while ((ch = getopt(argc, argv, "cM:N:")) != -1) switch(ch) { + case 'c': + readconsolemsgs = 1; + break; case 'M': memf = optarg; break; @@ -89,7 +93,7 @@ main(int argc, char *argv[]) size_t len; mib[0] = CTL_KERN; - mib[1] = KERN_MSGBUFSIZE; + mib[1] = readconsolemsgs ? KERN_CMSGBUFSIZE : KERN_MSGBUFSIZE; len = sizeof(msgbufsize); if (sysctl(mib, 2, &msgbufsize, &len, NULL, 0)) err(1, "sysctl: KERN_MSGBUFSIZE"); @@ -99,7 +103,7 @@ main(int argc, char *argv[]) if (bufdata == NULL) errx(1, "couldn't allocate space for buffer data"); - mib[1] = KERN_MSGBUF; + mib[1] = readconsolemsgs ? KERN_CMSGBUF : KERN_MSGBUF; len = msgbufsize; if (sysctl(mib, 2, bufdata, &len, NULL, 0)) err(1, "sysctl: KERN_MSGBUF"); @@ -179,6 +183,6 @@ usage(void) { extern char *__progname; - fprintf(stderr, "usage: %s [-M core] [-N system]\n", __progname); + fprintf(stderr, "usage: %s [-c] [-M core] [-N system]\n", __progname); exit(1); } Index: sys/kern/kern_sysctl.c === RCS file: /cvs/src/sys/kern/kern_sysctl.c,v retrieving revision 1.274 diff -u -p -p -u -r1.274 kern_sysctl.c --- sys/kern/kern_sysctl.c 5 Dec 2014 04:35:08 - 1.274 +++ sys/kern/kern_sysctl.c 7 Dec 2014 12:47:40 - @@ -444,19 +444,27 @@ kern_sysctl(int *name, u_int namelen, vo return (sysctl_rdint(oldp, oldlenp, newp, 0)); #endif case KERN_MSGBUFSIZE: + case KERN_CMSGBUFSIZE: { + struct msgbuf *mp; + mp = (name[0] == KERN_MSGBUFSIZE) ? msgbufp : cmsgbufp; /* * deal with cases where the message buffer has * become corrupted. */ - if (!msgbufp || msgbufp->msg_magic != MSG_MAGIC) + if (!mp || mp->msg_magic != MSG_MAGIC) return (ENXIO); - return (sysctl_rdint(oldp, oldlenp, newp, msgbufp->msg_bufs)); + return (sysctl_rdint(oldp, oldlenp, newp, mp->msg_bufs)); + } case KERN_MSGBUF: + case KERN_CMSGBUF: { + struct msgbuf *mp; + mp = (name[0] == KERN_MSGBUF) ? msgbufp : cmsgbufp; /* see note above */ - if (!msgbufp || msgbufp->msg_magic != MSG_MAGIC) + if (!mp || mp->msg_magic != MSG_MAGIC) return (ENXIO); - return (sysctl_rdstruct(oldp, oldlenp, newp, msgbufp, - msgbufp->msg_bufs + offsetof(struct msgbuf, msg_bufc))); + return (sysctl_rdstruct(oldp, oldlenp, newp, mp, + mp->msg_bufs + offsetof(struct msgbuf, msg_bufc))); +
Re: new OpenSSL flaws
On Thu, Jun 05, 2014 at 08:02:58PM +, Miod Vallat wrote: > > If you can't trust people to apply one-liner fixes correctly, can you > trust them for anything serious? I really don't like to point fingers, but... It is done by the same people that introduced the Debian random number bug back in 2006: http://www.gergely.risko.hu/debian-dsa1571.en.html
Re: pax / tar exit code on truncated input
On Thu, Apr 03, 2014 at 05:19:45PM -0600, Theo de Raadt wrote: > Interesting. Can we take bath approaches? I don't see why we should not. > Is there a reason to not expose either error? I thought it might break some legacy stuff regarding tapes and such. But since no one spoke up... OK? > > pax does not exit with an error if the processed > > archive is truncated: > > > > # (cd / && tar zcf - bsd | dd count=128 2>/dev/null | tar tzf -) > > bsd > > gzip: stdin: Input/output error > > tar: End of archive volume 1 reached > > gzip: stdout: Broken pipe > > tar: Failed write to archive volume: 1: Broken pipe > > # echo $? > > 0 > > > > > > There's two ways to fix this. > > 1) take the exit code of gzip into account: > > > > Index: ar_io.c > > === > > RCS file: /cvs/src/bin/pax/ar_io.c,v > > retrieving revision 1.44 > > diff -u -p -p -u -r1.44 ar_io.c > > --- ar_io.c 11 Jan 2014 05:36:26 - 1.44 > > +++ ar_io.c 28 Mar 2014 14:09:37 - > > @@ -337,8 +337,11 @@ ar_close(void) > > (void)close(arfd); > > > > /* Do not exit before child to ensure data integrity */ > > - if (zpid > 0) > > + if (zpid > 0) { > > waitpid(zpid, &status, 0); > > + if (WIFEXITED(status) && WEXITSTATUS(status)) > > + exit_val = 1; > > + } > > > > if (vflag && (artyp == ISTAPE)) { > > (void)fputs("done.\n", listf); > > > > 2) > > call paxwarn with 1 on truncated reads. > > Which will also work for non-gzipped tar files. > > > > Index: ar_io.c > > === > > RCS file: /cvs/src/bin/pax/ar_io.c,v > > retrieving revision 1.44 > > diff -u -p -p -u -r1.44 ar_io.c > > --- ar_io.c 11 Jan 2014 05:36:26 - 1.44 > > +++ ar_io.c 3 Apr 2014 22:04:07 - > > @@ -567,7 +570,7 @@ ar_read(char *buf, int cnt) > > if (res < 0) > > syswarn(1, errno, "Failed read on archive volume %d", arvol); > > else > > - paxwarn(0, "End of archive volume %d reached", arvol); > > + paxwarn(1, "End of archive volume %d reached", arvol); > > return(res); > > } > > > > Is there a historic reason for this? > > >
pax / tar exit code on truncated input
pax does not exit with an error if the processed archive is truncated: # (cd / && tar zcf - bsd | dd count=128 2>/dev/null | tar tzf -) bsd gzip: stdin: Input/output error tar: End of archive volume 1 reached gzip: stdout: Broken pipe tar: Failed write to archive volume: 1: Broken pipe # echo $? 0 There's two ways to fix this. 1) take the exit code of gzip into account: Index: ar_io.c === RCS file: /cvs/src/bin/pax/ar_io.c,v retrieving revision 1.44 diff -u -p -p -u -r1.44 ar_io.c --- ar_io.c 11 Jan 2014 05:36:26 - 1.44 +++ ar_io.c 28 Mar 2014 14:09:37 - @@ -337,8 +337,11 @@ ar_close(void) (void)close(arfd); /* Do not exit before child to ensure data integrity */ - if (zpid > 0) + if (zpid > 0) { waitpid(zpid, &status, 0); + if (WIFEXITED(status) && WEXITSTATUS(status)) + exit_val = 1; + } if (vflag && (artyp == ISTAPE)) { (void)fputs("done.\n", listf); 2) call paxwarn with 1 on truncated reads. Which will also work for non-gzipped tar files. Index: ar_io.c === RCS file: /cvs/src/bin/pax/ar_io.c,v retrieving revision 1.44 diff -u -p -p -u -r1.44 ar_io.c --- ar_io.c 11 Jan 2014 05:36:26 - 1.44 +++ ar_io.c 3 Apr 2014 22:04:07 - @@ -567,7 +570,7 @@ ar_read(char *buf, int cnt) if (res < 0) syswarn(1, errno, "Failed read on archive volume %d", arvol); else - paxwarn(0, "End of archive volume %d reached", arvol); + paxwarn(1, "End of archive volume %d reached", arvol); return(res); } Is there a historic reason for this?
Re: allow sending certain frames on trunkdevs for LLDP
On Wed, Jan 16, 2013 at 10:56:25PM +, Stuart Henderson wrote: > Daemons which send LLDP advertisements (e.g. ladvd and lldpd) need to > send frames on trunk member ports in order that the individual port can > be identified to the switch; currently there is a blanket restriction > on sending via these ports, the following diff changes this to permit > AF_UNSPEC and pseudo_AF_HDRCMPLT as suggested by Sten Spans (ladvd > author). > > Comments? OK? Hmm, that feels a bit too unrestrictive. I remember a cisco that was utterly confused when it received STP on its trunkports. I wonder if there's sth in the standard about extra traffic on the trunkports. OTOH, if reyk@ only added the check as an extra safety net, I'm fine with this. reyk? > Index: if_ethersubr.c > === > RCS file: /cvs/src/sys/net/if_ethersubr.c,v > retrieving revision 1.152 > diff -u -p -r1.152 if_ethersubr.c > --- if_ethersubr.c5 Oct 2012 17:17:04 - 1.152 > +++ if_ethersubr.c16 Jan 2013 22:51:19 - > @@ -227,7 +227,8 @@ ether_output(ifp0, m0, dst, rt0) > #endif > > #if NTRUNK > 0 > - if (ifp->if_type == IFT_IEEE8023ADLAG) > + if (ifp->if_type == IFT_IEEE8023ADLAG && dst->sa_family != AF_UNSPEC > + && dst->sa_family != pseudo_AF_HDRCMPLT) > senderr(EBUSY); > #endif
Re: PATCH: failed spl lock release in fxp
On Fri, Dec 02, 2011 at 12:02:19PM +0100, Jan Klemkow wrote: > Hello, > > i have found an other failed error handling > with interrupt locking. Here is a diff which > should patch this. i don't think this compiles. your label is out: and the goto uses err. > bye, > Jan > > Index: fxp.c > === > RCS file: /mount/cvsdev/cvs/openbsd/src/sys/dev/ic/fxp.c,v > retrieving revision 1.108 > diff -u -w -p -r1.108 fxp.c > --- fxp.c 7 Apr 2011 15:30:16 - 1.108 > +++ fxp.c 1 Dec 2011 16:04:35 - > @@ -1323,7 +1323,7 @@ fxp_init(void *xsc) > FXP_CFG_SYNC(sc, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); > if (!(cbp->cb_status & htole16(FXP_CB_STATUS_C))) { > printf("%s: config command timeout\n", sc->sc_dev.dv_xname); > - return; > + goto err; > } > > /* > @@ -1354,7 +1354,7 @@ fxp_init(void *xsc) > FXP_IAS_SYNC(sc, BUS_DMASYNC_POSTREAD|BUS_DMASYNC_POSTWRITE); > if (!(cb_ias->cb_status & htole16(FXP_CB_STATUS_C))) { > printf("%s: IAS command timeout\n", sc->sc_dev.dv_xname); > - return; > + goto err; > } > > /* Again, this time really upload the multicast addresses */ > @@ -1445,6 +1445,10 @@ fxp_init(void *xsc) > * Start stats updater. > */ > timeout_add_sec(&sc->stats_update_to, 1); > + > + return; > + out: > + splx(s); > } > > /*
carp(4) ip-stealth balancing arp fix
If stealth balancing is used in setups where the carpdev does not share an IP in the same subnet as carp, ARP queries will be replied through the carp interface. arprequest() (which is also used to form replies) will use the MAC address of the carp interface as the ethernet source address. This will let a switch learn the virtual MAC, and thus break stealth balancing. This diff extends arprequest() with an optional ether source address argument. Instead of extending the #ifdef maze even further, a new function carp_arprequest() is used to handle all the carp cases. OK? Index: netinet/if_ether.c === RCS file: /cvs/src/sys/netinet/if_ether.c,v retrieving revision 1.93 diff -p -u -r1.93 if_ether.c --- netinet/if_ether.c 18 Sep 2011 11:17:58 - 1.93 +++ netinet/if_ether.c 17 Oct 2011 21:17:11 - @@ -227,7 +227,7 @@ arp_rtrequest(int req, struct rtentry *r arprequest(rt->rt_ifp, &SIN(rt_key(rt))->sin_addr.s_addr, &SIN(rt_key(rt))->sin_addr.s_addr, - (u_char *)LLADDR(SDL(gate))); + (u_char *)LLADDR(SDL(gate)), NULL); /*FALLTHROUGH*/ case RTM_RESOLVE: if (gate->sa_family != AF_LINK || @@ -322,7 +322,8 @@ arp_rtrequest(int req, struct rtentry *r * - arp header source ethernet address */ void -arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr) +arprequest(struct ifnet *ifp, u_int32_t *sip, u_int32_t *tip, u_int8_t *enaddr, +u_int8_t *eshost) { struct mbuf *m; struct ether_header *eh; @@ -346,7 +347,7 @@ arprequest(struct ifnet *ifp, u_int32_t ea->arp_hln = sizeof(ea->arp_sha); /* hardware address length */ ea->arp_pln = sizeof(ea->arp_spa); /* protocol address length */ ea->arp_op = htons(ARPOP_REQUEST); - bcopy((caddr_t)enaddr, (caddr_t)eh->ether_shost, + bcopy(eshost ? eshost : enaddr, (caddr_t)eh->ether_shost, sizeof(eh->ether_shost)); bcopy((caddr_t)enaddr, (caddr_t)ea->arp_sha, sizeof(ea->arp_sha)); bcopy((caddr_t)sip, (caddr_t)ea->arp_spa, sizeof(ea->arp_spa)); @@ -467,15 +468,14 @@ arpresolve(struct arpcom *ac, struct rte if (la->la_asked == 0 || rt->rt_expire != time_second) { rt->rt_expire = time_second; if (la->la_asked++ < arp_maxtries) +#if NCARP > 0 + carp_arprequest(rt, ac, dst); +#else arprequest(&ac->ac_if, &(SIN(rt->rt_ifa->ifa_addr)->sin_addr.s_addr), - &(SIN(dst)->sin_addr.s_addr), -#if NCARP > 0 - (rt->rt_ifp->if_type == IFT_CARP) ? - ((struct arpcom *) rt->rt_ifp->if_softc - )->ac_enaddr : + &(SIN(dst)->sin_addr.s_addr), ac->ac_enaddr, + NULL); #endif - ac->ac_enaddr); else { rt->rt_flags |= RTF_REJECT; rt->rt_expire += arpt_down; @@ -850,7 +850,7 @@ arp_ifinit(struct arpcom *ac, struct ifa arprequest(&ac->ac_if, &(IA_SIN(ifa)->sin_addr.s_addr), &(IA_SIN(ifa)->sin_addr.s_addr), - ac->ac_enaddr); + ac->ac_enaddr, NULL); ifa->ifa_rtrequest = arp_rtrequest; ifa->ifa_flags |= RTF_CLONING; } Index: netinet/if_ether.h === RCS file: /cvs/src/sys/netinet/if_ether.h,v retrieving revision 1.47 diff -p -u -r1.47 if_ether.h --- netinet/if_ether.h 8 Feb 2010 13:32:50 - 1.47 +++ netinet/if_ether.h 17 Oct 2011 21:00:55 - @@ -278,7 +278,8 @@ do { \ extern struct ifnet *myip_ifp; -void arprequest(struct ifnet *, u_int32_t *, u_int32_t *, u_int8_t *); +void arprequest(struct ifnet *, u_int32_t *, u_int32_t *, u_int8_t *, +u_int8_t *); void revarpinput(struct mbuf *); void in_revarpinput(struct mbuf *); void revarprequest(struct ifnet *); Index: netinet/ip_carp.c === RCS file: /cvs/src/sys/netinet/ip_carp.c,v retrieving revision 1.191 diff -p -u -r1.191 ip_carp.c --- netinet/ip_carp.c 16 Oct 2011 21:07:19 - 1.191 +++ netinet/ip_carp.c 27 Oct 2011 07:34:29 - @@ -1333,7 +1333,7 @@ carp_send_arp(struct carp_softc *sc) continue; in = ifatoia(ifa)->ia_addr.sin_addr.s_addr; - arprequest(sc->sc_carpdev, &in, &in, sc->sc_ac.ac_enaddr); + arprequest(sc->sc_carpdev, &in, &in, s
Re: carp destroy
On Fri, Oct 21, 2011 at 02:44:43PM +0200, Camiel Dobbelaar wrote: > Destroying a carp interface does not restore the demote count of the > carp group. > > Reason is that the interface is removed from the carp group by > if_clone_destroy() before carp_clone_destroy() is run. The second reason > is a simple bug introduced in ip_carp.c, rev 1.175. Oops, my bad. OK on that part. > The diff removes if_delgroup() from if_clone_destroy(). This is possible > because if_detach() that is run later on removes the interface from all > the groups as well. This seems to work fine. I cannot deduce from the > CVS history why it was added to if_clone_destroy... can anyone > remember? (Henning?) That looks reasonable to me as well. (OK) But waiting for Hennings answer might be a good idea... > After the diff (fxp1 has no carrier on purpose): > > camield@rifraf $ ifconfig fxp1 > fxp1: flags=8843 mtu 1500 > lladdr 00:d0:b7:47:3c:07 > priority: 0 > media: Ethernet autoselect (none) > status: no carrier > inet 10.38.38.10 netmask 0xff00 broadcast 10.38.38.255 > inet6 fe80::2d0:b7ff:fe47:3c07%fxp1 prefixlen 64 scopeid 0x3 > camield@rifraf $ sudo ifconfig carp11 vhid 11 carpdev fxp1 > camield@rifraf $ ifconfig carp11 > carp11: flags=8803 mtu 1500 > lladdr 00:00:5e:00:01:0b > priority: 0 > carp: INIT carpdev fxp1 vhid 11 advbase 1 advskew 0 > groups: carp > inet6 fe80::200:5eff:fe00:10b%carp11 prefixlen 64 scopeid 0x6 > camield@rifraf $ ifconfig -g carp > carp: carp demote count 1 > camield@rifraf $ sudo ifconfig carp11 destroy > camield@rifraf $ ifconfig -g carp > carp: carp demote count 0 > camield@rifraf $ tail -2 /var/log/messages > > Oct 21 13:48:25 rifraf /bsd: carp: carp11 demoted group carp by 1 to 1 > (carpdev) > Oct 21 13:48:33 rifraf /bsd: carp: carp11 demoted group carp by -1 to 0 > (detach) > > > Index: net/if.c > === > RCS file: /cvs/src/sys/net/if.c,v > retrieving revision 1.239 > diff -u -p -r1.239 if.c > --- net/if.c 9 Jul 2011 00:47:18 - 1.239 > +++ net/if.c 21 Oct 2011 08:23:04 - > @@ -712,7 +712,7 @@ if_clone_destroy(const char *name) > { > struct if_clone *ifc; > struct ifnet *ifp; > - int s, ret; > + int s; > > ifc = if_clone_lookup(name, NULL); > if (ifc == NULL) > @@ -731,12 +731,7 @@ if_clone_destroy(const char *name) > splx(s); > } > > - if_delgroup(ifp, ifc->ifc_name); > - > - if ((ret = (*ifc->ifc_destroy)(ifp)) != 0) > - if_addgroup(ifp, ifc->ifc_name); > - > - return (ret); > + return ((*ifc->ifc_destroy)(ifp)); > } > > /* > Index: netinet/ip_carp.c > === > RCS file: /cvs/src/sys/netinet/ip_carp.c,v > retrieving revision 1.191 > diff -u -p -r1.191 ip_carp.c > --- netinet/ip_carp.c 16 Oct 2011 21:07:19 - 1.191 > +++ netinet/ip_carp.c 21 Oct 2011 08:23:04 - > @@ -980,7 +980,7 @@ carpdetach(struct carp_softc *sc) > carp_del_all_timeouts(sc); > > if (sc->sc_demote_cnt) > - carp_group_demote_adj(&sc->sc_if, sc->sc_demote_cnt, "detach"); > + carp_group_demote_adj(&sc->sc_if, -sc->sc_demote_cnt, "detach"); > sc->sc_suppress = 0; > sc->sc_sendad_errors = 0;
Re: carp ipv6 checksum fix
On Sun, Oct 02, 2011 at 04:44:46PM +0200, Stefan Sperling wrote: [...] > The problem is that the IPv6 input path uses IP6_EXTHDR_GET() to > obtain a pointer to the carp header when verifying the carp header's > checksum. IP6_EXTHDR_GET() internally uses m_pulldown(), which might > return a pointer to a different mbuf in the chain. However, there is > no way for the caller of IP6_EXTHDR_GET() to get at the different mbuf > pointer returned by m_pulldown(). [...] I think it's easier to just use m_pullup here. m_pulldown() is usually more efficient, since it doesn't have have to start from the beginning of the chain, but that doesn't matter for the carp case. Does this fix your problem as well? Index: ip_carp.c === RCS file: /cvs/src/sys/netinet/ip_carp.c,v retrieving revision 1.190 diff -p -u -p -u -r1.190 ip_carp.c --- ip_carp.c 6 Sep 2011 16:00:22 - 1.190 +++ ip_carp.c 5 Oct 2011 07:57:33 - @@ -650,13 +650,12 @@ carp6_proto_input(struct mbuf **mp, int /* verify that we have a complete carp packet */ len = m->m_len; - IP6_EXTHDR_GET(ch, struct carp_header *, m, *offp, sizeof(*ch)); - if (ch == NULL) { + if ((m = m_pullup(m, *offp + sizeof(*ch))) == NULL) { carpstats.carps_badlen++; CARP_LOG(LOG_INFO, sc, ("packet size %u too small", len)); return (IPPROTO_DONE); } - + ch = (struct carp_header *)(mtod(m, caddr_t) + *offp); /* verify the CARP checksum */ m->m_data += *offp;
Re: remove PROMISC flag if carp device is destroyed
On Tue, Sep 06, 2011 at 02:19:09PM +0200, Stefan Rinkes wrote: > Hi, > > During some testing in a Carp-HA setup, we noticed that the PROMISC flag > on carpdevs never was removed when we destroyed the carp interface. > > Some investigation showed that a counter, which values defines if the > ifpromisc() is called to remove the flag, was not initialized and the counter > started with the DEADBEEF0 value: > > #define DEADBEEF0 0xefffeecc /* malloc's filler */ > > Diff: > Index: ip_carp.c > === > retrieving revision 1.189 > diff -u -r1.189 ip_carp.c > --- ip_carp.c 8 Jul 2011 19:07:18 - 1.189 > +++ ip_carp.c 6 Sep 2011 12:04:49 - > @@ -1821,6 +1821,7 @@ > > if (ifp->if_carp == NULL) { > ncif = malloc(sizeof(*cif), M_IFADDR, M_NOWAIT); > + ncif->vhif_nvrs = 0; > if (ncif == NULL) > return (ENOBUFS); > if ((error = ifpromisc(ifp, 1))) { > > Fix is to initialize the value with 0 and now the PROMISC flag is removed if > the > carp device is destroyed. > Oh, nice catch! But I'd prefer to fix this with M_ZERO. Index: ip_carp.c === RCS file: /cvs/src/sys/netinet/ip_carp.c,v retrieving revision 1.189 diff -p -u -p -u -r1.189 ip_carp.c --- ip_carp.c 8 Jul 2011 19:07:18 - 1.189 +++ ip_carp.c 6 Sep 2011 13:40:09 - @@ -1820,7 +1820,7 @@ carp_set_ifp(struct carp_softc *sc, stru return (EINVAL); if (ifp->if_carp == NULL) { - ncif = malloc(sizeof(*cif), M_IFADDR, M_NOWAIT); + ncif = malloc(sizeof(*cif), M_IFADDR, M_NOWAIT|M_ZERO); if (ncif == NULL) return (ENOBUFS); if ((error = ifpromisc(ifp, 1))) {
Re: two minor carp and pfsync fixes
On Thu, Jun 23, 2011 at 11:33:50AM +1000, David Gwynne wrote: > > On 22/06/2011, at 3:52 AM, Stefan Rinkes wrote: > > > 2. If you are using IP balanced carp and set one of > >the interface to down, the mbufs still reach pf. > >Cause carp_ourether() returns NULL if the interface > >is down and the mbufs gets copied by carp_input(), > >cause the M_MCAST flag is set. The copied mbuf is > >dropped in ether_input() since the carp interface is down > >and the original mbuf reaches the pf. IMHO carp should always > >take care of mbufs with his MAC address, else the machine has > >to do some unnecessary work. > > > > retrieving revision 1.184 > > diff -u -p -r1.184 ip_carp.c > > --- sys/netinet/ip_carp.c 4 May 2011 16:05:49 - 1.184 > > +++ sys/netinet/ip_carp.c 21 Jun 2011 17:34:42 - > > @@ -1514,9 +1514,7 @@ carp_ourether(void *v, struct ether_head > > > >TAILQ_FOREACH(vh, &cif->vhif_vrs, sc_list) { > >struct carp_vhost_entry *vhe; > > - if ((vh->sc_if.if_flags & (IFF_UP|IFF_RUNNING)) != > > - (IFF_UP|IFF_RUNNING)) > > - continue; > > + > >if (vh->sc_balancing == CARP_BAL_ARP) { > >LIST_FOREACH(vhe, &vh->carp_vhosts, vhost_entries) > >if (vhe->state == MASTER && > > > > this looks reasonable to me. mcbride, mpf, could you chip in on this? Hi, I don't like this. While this might be ok for load balanced setups, it complicates the code for standard carp cases. Because it will now rely on vhe->state being INIT when you ifconfig down the interface. IMO, the problem is more fundamental. On the input path, our stack should follow RFC 1122 more closely and drop unicast IP packets that have been received via a link layer broadcast address. Section 3.3.6 states: A host SHOULD silently discard a datagram that is received via a link-layer broadcast (see Section 2.4) but does not specify an IP multicast or broadcast destination address. If we have an IP balanced carp interface, we explicitly allow that of course ;-) I haven't looked into the v6 case, but I guess it would need sth similar. Index: ip_input.c === RCS file: /cvs/src/sys/netinet/ip_input.c,v retrieving revision 1.192 diff -p -u -p -u -r1.192 ip_input.c --- ip_input.c 15 Jun 2011 09:11:01 - 1.192 +++ ip_input.c 4 Jul 2011 02:11:29 - @@ -309,6 +309,16 @@ ipv4_input(m) goto bad; } } + /* +* Discard link layer broadcasts that do not specify +* an IP multicast or broadcast address - RFC1122 3.3.6 +*/ + if (ISSET(m->m_flags, (M_BCAST|M_MCAST)) && + !(IN_MULTICAST(ip->ip_dst.s_addr) || + ip->ip_dst.s_addr == INADDR_BROADCAST)) { + ipstat.ips_badaddr++; + goto bad; + } if ((m->m_pkthdr.csum_flags & M_IPV4_CSUM_IN_OK) == 0) { if (m->m_pkthdr.csum_flags & M_IPV4_CSUM_IN_BAD) {
systat(1) support for thousands separators and byte to bit conversion
I wanted to have $ systat ifstat 1 to print meaningful numbers to measure live network throughput. With these two features you are now able to see sth like "MBit/s" in the ifstat view. "B" converts to Bits "," activates the thousands separator. Comments? OKs? Index: engine.c === RCS file: /cvs/src/usr.bin/systat/engine.c,v retrieving revision 1.13 diff -p -u -p -u -r1.13 engine.c --- engine.c19 Jul 2010 04:41:28 - 1.13 +++ engine.c15 Mar 2011 08:34:00 - @@ -69,6 +69,7 @@ volatile sig_atomic_t gotsig_resize = 0; volatile sig_atomic_t gotsig_alarm = 0; int need_update = 0; int need_sort = 0; +int separate_thousands = 0; SCREEN *screen; @@ -134,7 +135,60 @@ tbprintf(char *format, ...) tb_ptr += len; tb_len -= len; } - + + return len; +} + +int +tbprintft(char *format, ...) + GCC_PRINTFLIKE(1,2) /* defined in curses.h */ +{ + int len; + va_list arg; + char buf[MAX_LINE_BUF]; + + if (tb_ptr == NULL || tb_len <= 0) + return 0; + + va_start(arg, format); + len = vsnprintf(buf, tb_len, format, arg); + va_end(arg); + + if (len > tb_len) + tb_end(); + else if (len > 0) { + int d, s; + int digits, curdigit; + + if (!separate_thousands) { + strlcpy(tb_ptr, buf, tb_len); + return len; + } + + /* count until we hit a non digit. (e.g. the prefix) */ + for (digits = 0; digits < len; digits++) + if (!isdigit(buf[digits])) + break; + + curdigit = digits; + d = s = 0; + /* insert thousands separators while copying */ + while (curdigit && d < tb_len) { + if (curdigit < digits && curdigit % 3 == 0) + tb_ptr[d++] = ','; + tb_ptr[d++] = buf[s++]; + curdigit--; + } + /* copy the remaining non-digits */ + while (len > digits && d < tb_len) { + tb_ptr[d++] = buf[s++]; + digits++; + } + tb_ptr[d] = '\0'; + tb_ptr += d; + tb_len -= d; + len = d; + } return len; } @@ -672,33 +726,33 @@ print_fld_sdiv(field_def *fld, u_int64_t return; tb_start(); - if (tbprintf("%llu", size) <= len) + if (tbprintft("%llu", size) <= len) goto ok; tb_start(); size /= d; - if (tbprintf("%lluK", size) <= len) + if (tbprintft("%lluK", size) <= len) goto ok; if (size == 0) goto err; tb_start(); size /= d; - if (tbprintf("%lluM", size) <= len) + if (tbprintft("%lluM", size) <= len) goto ok; if (size == 0) goto err; tb_start(); size /= d; - if (tbprintf("%lluG", size) <= len) + if (tbprintft("%lluG", size) <= len) goto ok; if (size == 0) goto err; tb_start(); size /= d; - if (tbprintf("%lluT", size) <= len) + if (tbprintft("%lluT", size) <= len) goto ok; err: @@ -729,33 +783,33 @@ print_fld_ssdiv(field_def *fld, int64_t return; tb_start(); - if (tbprintf("%lld", size) <= len) + if (tbprintft("%lld", size) <= len) goto ok; tb_start(); size /= d; - if (tbprintf("%lldK", size) <= len) + if (tbprintft("%lldK", size) <= len) goto ok; if (size == 0) goto err; tb_start(); size /= d; - if (tbprintf("%lldM", size) <= len) + if (tbprintft("%lldM", size) <= len) goto ok; if (size == 0) goto err; tb_start(); size /= d; - if (tbprintf("%lldG", size) <= len) + if (tbprintft("%lldG", size) <= len) goto ok; if (size == 0) goto err; tb_start(); size /= d; - if (tbprintf("%lldT", size) <= len) + if (tbprintft("%lldT", size) <= len) goto ok; err: @@ -806,7 +860,7 @@ print_fld_uint(field_def *fld, unsigned return; tb_start(); - if (tbprintf("%u", size) > len) + if (tbprintft("%u", size) > len) print_fld_str(fld, "*"); else print_fld_tb(fld); Index: engine.h === RCS file: /cvs/src/usr.bin/systat/engine.h,v retrieving revision 1.6 diff -p -u -p -u -r1.6 engine.h --- engine.h16 Ju
ifconfig emX debug
Instead of having to fiddle with em_display_debug_stats, why not have this configurable per interface with IFF_DEBUG? OK? Index: if_em.c === RCS file: /cvs/src/sys/dev/pci/if_em.c,v retrieving revision 1.249 diff -p -u -p -u -r1.249 if_em.c --- if_em.c 13 Feb 2011 19:45:54 - 1.249 +++ if_em.c 8 Mar 2011 09:00:22 - @@ -37,15 +37,6 @@ POSSIBILITY OF SUCH DAMAGE. #include #include -#ifndef SMALL_KERNEL -#ifdef EM_DEBUG -/* - * Set this to one to display debug statistics - */ -int em_display_debug_stats = 0; -#endif -#endif - /* * Driver version */ @@ -1418,7 +1409,7 @@ em_local_timer(void *arg) #ifndef SMALL_KERNEL em_update_stats_counters(sc); #ifdef EM_DEBUG - if (em_display_debug_stats && ifp->if_flags & IFF_RUNNING) + if (ifp->if_flags & IFF_DEBUG && ifp->if_flags & IFF_RUNNING) em_print_hw_stats(sc); #endif #endif @@ -3211,7 +3202,7 @@ em_update_stats_counters(struct em_softc #ifdef EM_DEBUG /** * - * This routine is called only when em_display_debug_stats is enabled. + * This routine is called only when IFF_DEBUG is enabled. * This routine provides a way to take a look at important statistics * maintained by the driver and hardware. *
Re: intel driver fix (PR6517)
On Sat, Jan 29, 2011 at 12:45:25PM +0100, Matthieu Herrb wrote: > Hi, > > More last minute X patches... > > mpf@ reported in PR6517 a problem with his 965GM chipset. No, I have an 865G. > He did some debugging and found that a patch to the kernel i915 drm > driver from one of the X.Org maintaines (Chris Wilson) fixes his > issues. I don't understand the patch Me neither. I've no idea what the HIC or GWB is supposed to do. I just gave it a shot and it worked. I didn't mean to have this patch commited as is. > (the X.Org bug report is about > i855 cache coherency problems, not about 965GM) but since it helps > both mpf and mcbride@ machines, I would like to see this committed. As said, I have an 856G > But wider testing is needed. Please apply the patch below to any > machine you have running X with an intel chipset. Report success or > failure to me please, with a dmesg and /var/log/Xorg.0.log. Only people with chips that are not IS_I9XX() should be affected by this diff. > Thanks in advance. > > Original bug report: > https://bugs.freedesktop.org/show_bug.cgi?id=27187 > and patch : > https://bugs.freedesktop.org//attachment.cgi?id=41531 > > Index: i915_drv.c > === > RCS file: /cvs/OpenBSD/src/sys/dev/pci/drm/i915_drv.c,v > retrieving revision 1.101 > diff -u -r1.101 i915_drv.c > --- i915_drv.c21 Sep 2010 23:05:41 - 1.101 > +++ i915_drv.c29 Jan 2011 08:32:29 - > @@ -995,16 +995,17 @@ > bus_space_write_4(dev_priv->ifp.i9xx.bst, > dev_priv->ifp.i9xx.bsh, 0, 1); > } else { > - /* > - * I8XX don't have a flush page mechanism, but do have the > - * cache. Do it the bruteforce way. we write 1024 byes into > - * the cache, then clflush them out so they'll kick the stuff > - * we care about out of the chipset cache. > - */ > - if (dev_priv->ifp.i8xx.kva != NULL) { > - memset(dev_priv->ifp.i8xx.kva, 0, 1024); > - agp_flush_cache_range((vaddr_t)dev_priv->ifp.i8xx.kva, > - 1024); > + int i; > + > + wbinvd(); > + > +#define I830_HIC 0x70 > + > + I915_WRITE(I830_HIC, (I915_READ(I830_HIC) | (1<<31))); > + for (i = 1000; i; i--) { > + if (!(I915_READ(I830_HIC) & (1<<31))) > + break; > + delay(100); > } > } > } > > -- > Matthieu Herrb
Re: CARP hash vuln
On Tue, Dec 21, 2010 at 09:34:01AM +0100, David Coppa wrote: > On Tue, Dec 21, 2010 at 2:23 AM, Fernando Quintero > wrote: > > some comment? > > > > http://seclists.org/bugtraq/2010/Dec/200 > > I'm not able to provide a solution, but this is of course a bug that > needs to be fixed. If you look at my commit message from 3 years ago, you'll see that we are well aware of this: http://www.openbsd.org/cgi-bin/cvsweb/src/sys/netinet/ip_carp.c?f=h#rev1.152 If someone comes up with a replay protection that works without the help of synchronized clocks, I'm happy to fix this. OTOH, I'm still not convinced that it's worth the effort to fix a L2-only attack. There's still enough other ways for a DoS on L2.
Re: acpithinkpad(4) fan control
On Mon, Nov 29, 2010 at 03:23:58PM +0100, Christopher Zimmermann wrote: > Hi! > > I'd like to implement fan speed control for Thinkpads. It is documented > at http://www.thinkwiki.org/wiki/How_to_control_fan_speed#Hardware_specs > and linux also implements this (but with special case for TP 570, > 600e/x, 770e, 770x - anyone here with access to one of these?) > Implementing a driver for this will be a piece of cake, but I need help > with communication to userspace to get started. I guess the way to go is > sysctl (?) FWIW, I've hacked up that piece of cake for my X300 once. I just used some spare function-keys (Fn-F1,F2,F3) to play with it. (Diff attached) However, since you can damage your hardware with this, I'm not sure whether we want to add support for this into OpenBSD. Index: acpithinkpad.c === RCS file: /cvs/src/sys/dev/acpi/acpithinkpad.c,v retrieving revision 1.24 diff -p -u -p -u -r1.24 acpithinkpad.c --- acpithinkpad.c 7 Aug 2010 16:21:20 - 1.24 +++ acpithinkpad.c 22 Aug 2010 15:43:22 - @@ -86,6 +86,7 @@ struct acpithinkpad_softc { struct ksensor sc_sens[THINKPAD_NSENSORS]; struct ksensordevsc_sensdev; + int cur_fanspeed; }; extern void acpiec_read(struct acpiec_softc *, u_int8_t, int, u_int8_t *); @@ -102,6 +103,9 @@ int thinkpad_volume_up(struct acpithinkp intthinkpad_volume_mute(struct acpithinkpad_softc *); intthinkpad_brightness_up(struct acpithinkpad_softc *); intthinkpad_brightness_down(struct acpithinkpad_softc *); +intthinkpad_get_fan(struct acpithinkpad_softc *); +intthinkpad_step_fan_up(struct acpithinkpad_softc *); +intthinkpad_step_fan_down(struct acpithinkpad_softc *); voidthinkpad_sensor_attach(struct acpithinkpad_softc *sc); voidthinkpad_sensor_refresh(void *); @@ -114,6 +118,9 @@ struct cfdriver acpithinkpad_cd = { NULL, "acpithinkpad", DV_DULL }; +int fan_speeds[] = { 0, 1, 2, 3, 4, 5, 6, 7, 128 }; +#define MAX_FAN_SPEEDS 8 + const char *acpithinkpad_hids[] = { ACPI_DEV_THINKPAD, 0 }; int @@ -288,10 +295,19 @@ thinkpad_hotkey(struct aml_node *node, i #endif handled = 1; break; - case THINKPAD_BUTTON_HIBERNATE: case THINKPAD_BUTTON_FN_F1: + thinkpad_get_fan(sc); + handled = 1; + break; case THINKPAD_BUTTON_LOCK_SCREEN: + thinkpad_step_fan_down(sc); + handled = 1; + break; case THINKPAD_BUTTON_BATTERY_INFO: + thinkpad_step_fan_up(sc); + handled = 1; + break; + case THINKPAD_BUTTON_HIBERNATE: case THINKPAD_BUTTON_FN_F6: case THINKPAD_BUTTON_EXTERNAL_SCREEN: case THINKPAD_BUTTON_POINTER_SWITCH: @@ -417,6 +433,52 @@ int thinkpad_volume_up(struct acpithinkpad_softc *sc) { return (thinkpad_cmos(sc, THINKPAD_CMOS_VOLUME_UP)); +} + +int +thinkpad_get_fan(struct acpithinkpad_softc *sc) +{ + u_int8_t buffer[2]; + + acpiec_read(sc->sc_acpi->sc_ec, 0x2f, 1, buffer); + printf("EC f...@0x2f: 0x%x\n", buffer[0]); + + acpiec_read(sc->sc_acpi->sc_ec, 0x84, 2, buffer); + + /* XXX LE only. But are there any BE thinkpads? */ + printf("EC Fan Speed: %u RPM\n", *((u_int16_t*)buffer)); + + return (0); +} + +int +thinkpad_step_fan_up(struct acpithinkpad_softc *sc) +{ + if (sc->cur_fanspeed + 1 > MAX_FAN_SPEEDS) + return (-1); + + sc->cur_fanspeed++; + + printf("Adjust fan to: %u\n", fan_speeds[sc->cur_fanspeed]); + acpiec_write(sc->sc_acpi->sc_ec, 0x2f, 1, + (u_int8_t *)&fan_speeds[sc->cur_fanspeed]); + + return (0); +} + +int +thinkpad_step_fan_down(struct acpithinkpad_softc *sc) +{ + if (sc->cur_fanspeed - 1 < 0) + return (-1); + + sc->cur_fanspeed--; + + printf("Adjust fan to: %u\n", fan_speeds[sc->cur_fanspeed]); + acpiec_write(sc->sc_acpi->sc_ec, 0x2f, 1, + (u_int8_t *)&fan_speeds[sc->cur_fanspeed]); + + return (0); } int
Re: Does pfsync support failover of pf 'route-to' state? (on CARP failover)
On Wed, Nov 10, 2010 at 05:13:19PM +0100, chefren wrote: > (Hm, saw no response after posting to misc@, manual cross-posting to t...@...) > > > Short question: does pfsync currently support fluent failover of a pf > established 'route-to' state, when a CARP failover happens? No, it doesn't. I have a non-perfect diff for 4.4 if you're interested..
Re: disable wbng
On Wed, Sep 22, 2010 at 06:11:58PM +0200, Mike Belopuhov wrote: > there's nothing special about this driver. as it does usual iic_exec's, > i'm not sure what can be actually fixed there. so if nobody has any > idea what could be done about it, you have my okay to disable it > completely. It's not the drivers fault, it seems that polling on piixpm(4) causes hangs on ServerWorks HT-1000 chips. This is what we are running: Index: piixpm.c === RCS file: /cvs/src/sys/dev/pci/piixpm.c,v retrieving revision 1.34 diff -p -u -r1.34 piixpm.c --- piixpm.c8 Apr 2010 00:23:53 - 1.34 +++ piixpm.c23 Sep 2010 13:08:36 - @@ -159,6 +159,10 @@ piixpm_attach(struct device *parent, str if (sc->sc_poll) printf(": polling"); } + if (sc->sc_poll) { + printf(" disabled\n"); + return; + } printf("\n");
Re: ifstated pidfile
On Mon, Jun 07, 2010 at 09:33:34AM +0200, Michael Lechtermann wrote: > Hi, > > >> Well, that makes sense. But what about not showing the arguments > >> ifstated was started with? Any reason to wipe them? It would really help > >> to identify the correct process when those are showed. > >> > >> What I mean is: > >> setproctitle(NULL); > > > > I have asked a two developers why that was put there. > > Just curious. Has any reason been found? I don't remember why I put it there, it's been over 6 years ago. I'll remove it. I've actually done the same in my tree and forgot about it. Marco
Re: CARP load balancing
On Wed, Oct 14, 2009 at 11:15:05AM +0200, P-O Yliniemi wrote: > > > Thanks for this quick and easy solution. So instead of the old way of > configuring CARP (multiple interfaces with the same address on each > machine), we will have to use carpnodes, which when explained is much > more simple to set up. > > The problem I still have is that the traffic to the hosts are not > balanced, just redundant (if "a" goes down, "b" will take over). The > final set up will be a bit more complex (if I am able to get it working): With how many clients on the same subnet are you testing? Citing carp(4): The ARP load balancing has some limitations. Firstly, ARP balancing only works on the local network segment. It cannot balance traffic that crosses a router, because the router itself will always be balanced to the same carpnode. Depending on your setup you could try IP balancing. HTH, Marco
Re: CARP load balancing
On Mon, Oct 12, 2009 at 01:24:49PM +0200, P-O Yliniemi wrote: > Hi, > > The CARP section (6.11) in the FAQ is incorrect (old), so I'm asking for > a solution here on the list. Hi, yes, the faq is outdated. see http://www.openbsd.org/faq/upgrade43.html#carp The manpage, however has all the info you need. http://www.openbsd.org/cgi-bin/man.cgi?query=carp&sektion=4#LOAD+BALANCING > I want to set up a similar configuration as the FAQ describes, with the > IP-address being the only difference: > > server a ip: 10.5.0.2 > server b ip: 10.5.0.3 > > load balanced ip: 10.5.0.200 > > server a: > ifconfig carp0 create > ifconfig carp0 10.5.0.200 netmask 255.0.0.0 vhid 1 pass carptest advbase > 1 advskew 0 > sysctl net.inet.carp.preempt=1 that should be sth like: server a: ifconfig carp0 10.5.0.200 netmask 255.0.0.0 carpnodes 1:0,2:100 balancing arp server b: ifconfig carp0 10.5.0.200 netmask 255.0.0.0 carpnodes 1:100,2:0 balancing arp > Looking forward for a corrected FAQ section or an answer in this thread. Any volunteers to update the FAQ? :-) Marco