Check lo(4) rdomain before attempting to move it to another

Hi, I noticed that if you try to move an immovable lo(4) to a nonexistent rdomain, a new routing table will be created despite the operation failing with an EPERM. The following moves the rdomain/index check for lo(4) to before the creation of a nonexisting target routing table. OK? Thanks, Ay

A first step towards armv7 MULTIPROCESSOR support

Diff below makes it possible to build and run a MULTIPROCESSOR kernel on armv7. It doesn't actually add any SMP support as there is no code to spin up additional CPUs. But it is a first step. The diff is mostly a cleanup of machine/cpu.h that is very similar to what I did to arm64. ok? Index:

Re: reduce pledge(2) on worms(6)

> On Aug 5, 2018, at 3:18 PM, Ricardo Mestre wrote: > > Hi, > > After all ncurses initialization pledge(2) can be reduced only to > stdio/tty operations on worms(6). > > OK? And here I thought you were only doing pledge-tightening on the unimportant stuff in /usr/sbin :) ok cheloha@ signatu

reduce pledge(2) on worms(6)

Hi, After all ncurses initialization pledge(2) can be reduced only to stdio/tty operations on worms(6). OK? Index: worms.c === RCS file: /cvs/src/games/worms/worms.c,v retrieving revision 1.28 diff -u -p -u -r1.28 worms.c --- worms.

Nuke PLEDGE_STAT for further pledge/unveil disentaglement.

So this gets rid of unveil's PLEDGE_STAT. Instead we use UNVEIL_INSPECT which is set by the stat and access opeerations that are needed for realpath() type traversals that effectively call stat/access for each component of a pathname before doing a final operation on the end. The intended semant

libpcap supports classful network names only

Hi, tcpdump(8) does support named networks, but only using the following revolting syntax: $ grep fourrev /etc/hosts 0.192.168.4 fourrev $ tcpdump net fourrev $ ping 192.168.4.1 Two aspects are wrong with that: 1. The hosts(5) entry must have le

do not set nwid over and over again

we just found the ess by comparing the nwid. It will not have magically changed behind our back. OK? diff --git net80211/ieee80211_node.c net80211/ieee80211_node.c index d4561bffc06..a282ed5a333 100644 --- net80211/ieee80211_node.c +++ net80211/ieee80211_node.c @@ -229,11 +229,10 @@ ieee80211_add

Re: [PATCH] bs(6): removing extra signal()

Hi Martin, Martin Kopta wrote on Sat, Aug 04, 2018 at 11:04:34PM +0200: > The original version from Bruce Holloway in 1986-03-06 [0] did only one > signal(SIGINT), but the call was probably duplicated after code cleanup by ESR > somewhere between 1986 and 1993. > > Please, confirm there is no hi

pflogd(8): stop trying to move log files out of the way

In order to be able to safely append to existing log files, pflogd(8) attempts to validate/or move invalid/broken pflog pcap files out of the way on its own. I noticed that this is not compatible with unveil(2), as pflogd(8) would need to be able to rename(2) files in /var/log to /var/log/pflog.bad

Re: remove pledge(2) cpath from iked(8)

OK kn

Re: unveil: incomplete unveil_flagmatch semantic

On Sat, Aug 04, 2018 at 01:16:44PM -0600, Bob Beck wrote: > > > if ((error = namei(&fromnd)) != 0) > > > return (error); > > > fvp = fromnd.ni_vp; > > > @@ -2945,6 +2973,7 @@ sys_revoke(struct proc *p, void *v, regi > > > > > > NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap,

remove pledge(2) cpath from iked(8)

Hi, Here's one more diff which removes the ability of iked(8) to create/delete additional files by removing cpath promise from pledge(2). OK? Index: control.c === RCS file: /cvs/src/sbin/iked/control.c,v retrieving revision 1.25 dif

remove pledge(2) cpath from snmpd(8)

Hi, Here's another path which removes the daemon's ability to delete its unix control socket during shutdown and therefore "cpath" promise is no longer needed. While here I've also scrambled the pledge promises to their canonical form. Regression tests still pass. OK? Index: control.c =

Re: [PATCH] Pluggable disk formats for vmd (qcow2 preparation)

And, as promised, the preview of the approach to qcow2. Current state: - I can install and boot OpenBSD on qcow2 on OpenBSD. However, I can't take that disk image and give it to qemu, it boots but then dies a few seconds after it starts to do file system access: $ qemu-system-x86_64

Re: ifconfig join: show list of configured ess ids

OK florian@ On Sat, Aug 04, 2018 at 09:12:27PM +0200, Sebastian Benoit wrote: > Hi, > > with this diff, > > ifconfig join > > will print the list of networks that are configured for autojoin. > > $ ifconfig iwm0 join > iwm0: flags=208843 mtu 1500 > lladdr a4:7f:da:a4:d7:c1 >

Re: remove pledge(2) cpath from switchd(8)

OK florian@ On Sat, Aug 04, 2018 at 12:18:45PM +0100, Ricardo Mestre wrote: > Hi, > > Here's another one for switchd(8) which removes cpath promise from pledge(2) > > OK? > > Index: control.c > === > RCS file: /cvs/src/usr.sbin/swi

Re: remove pledge(2) cpath from vmd(8)

OK florian@ On Sat, Aug 04, 2018 at 12:21:46PM +0100, Ricardo Mestre wrote: > Hi, > > And here's another one that also removes cpath promise from vmd(8) > > OK? > > Index: control.c > === > RCS file: /cvs/src/usr.sbin/vmd/control.c

Re: remove pledge(2) cpath from eigrpd(8)

On Sat, Aug 04, 2018 at 12:12:06PM +0100, Ricardo Mestre wrote: > Hi, > > As we discussed, here's a diff to revert back my previous commit on > eigrpd(8) and remove cpath promise entirely since if the socket is not > deleted at shutdown it won't cause any harm. > > OK? I'd prefer to get rid of c

[PATCH] Pluggable disk formats for vmd (qcow2 preparation)

This change introduces a 'struct virtio_backing' which makes the disk i/o pluggable, providing 'backing->{pread,pwrite}' calls that can be replaced by different disk i/o drivers. This is necessary preparation for adding qcow2 support, which will come as a follow up patch. I'll be posting a preview