Re: sbin/iked fallout after OpenSSL valahalla slashing
not quite, because your diff was mangled, but I think you had it right anyway.. fix committed by miod, thanks for telling us. On Wed, Apr 16, 2014 at 03:39:03PM +1000, Ian McWilliam wrote: Hoope the attached diff is a correct fix. Hit me with the cluebat if not. cc -O2 -pipe ??-Wall -I/usr/src/sbin/iked -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -fno-pie ?? -c /usr/src/sbin/iked/chap_ms.c/usr/src/sbin/iked/chap_ms.c: In function 'mschap_des_addparity':/usr/src/sbin/iked/chap_ms.c:104: error: 'des_cblock' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:104: error: (Each undeclared identifier is reported only once/usr/src/sbin/iked/chap_ms.c:104: error: for each function it appears in.)/usr/src/sbin/iked/chap_ms.c:104: error: expected expression before ')' token/usr/src/sbin/iked/chap_ms.c: In function 'mschap_des_encrypt':/usr/src/sbin/iked/chap_ms.c:110: error: 'des_cblock' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:110: error: expected ';' before 'des_key'/usr/src/sbin/iked/chap_ms.c:111: error: 'des_key_schedule' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:111: error: expected ';' before 'key_schedule'/usr/src/sbin/iked/chap_ms.c:113: error: 'des_key' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:115: error: 'key_schedule' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:116: error: expected expression before ')' token/usr/src/sbin/iked/chap_ms.c:117: error: too few arguments to function 'DES_ecb_encrypt'*** Error 1 in /usr/src/sbin/iked (:87 'chap_ms.o') ? chap_ms.c.ianm? ided.diffIndex: chap_ms.c===RCS file: /cvs/src/sbin/iked/chap_ms.c,vretrieving revision 1.6diff -u -p -u -p -r1.6 chap_ms.c--- chap_ms.c ?? 8 Jan 2013 10:38:19 - ?? ?? ?? 1.6+++ chap_ms.c ?? 16 Apr 2014 05:30:50 -@@ -101,19 +101,19 @@ mschap_des_addparity(u_int8_t *key, u_in?? ?? ?? ?? des_key[6] = get7bits(key, 42);?? ?? ?? ?? des_key[7] = get7bits(key, 49); - ?? ?? ?? DES_set_odd_parity((des_cblock *)des_key);+ ?? ?? ?? DES_set_odd_parity((DES_cblock *)des_key);??} ??void??mschap_des_encrypt(u_int8_t *clear, u_int8_t *key, u_int8_t *cipher)??{- ?? ?? ?? des_cblock ?? ?? ?? ?? ?? ?? ??des_key;- ?? ?? ?? des_key_schedule ?? ?? ?? ??key_schedule;+ ?? ?? ?? DES_cblock ?? ?? ?? ?? ?? ?? ??des_key;+ ?? ?? ?? DES_key_schedule ?? ?? ?? ??key_schedule; ?? ?? ?? ?? mschap_des_addparity(key, des_key); ?? ?? ?? ?? DES_set_key(des_key, key_schedule);- ?? ?? ?? DES_ecb_encrypt((des_cblock *)clear, (des_cblock *)cipher,+ ?? ?? ?? DES_ecb_encrypt((DES_cblock *)clear, (DES_cblock *)cipher,?? ?? ?? ?? ?? ?? key_schedule, 1);??}
Re: sbin/iked fallout after OpenSSL valahalla slashing
Sorry, it's a poor choice of MS outlook or Web email client here at work. /usr/src/usr.bin/gzsig suffers similar fallout it looks a little bit tricker to fix. cc -O2 -pipe -c /usr/src/usr.bin/gzsig/ssh.c /usr/src/usr.bin/gzsig/ssh.c:59: error: expected specifier-qualifier-list before 'des_key_schedule' /usr/src/usr.bin/gzsig/ssh.c: In function 'des3_init': /usr/src/usr.bin/gzsig/ssh.c:156: error: 'struct des3_state' has no member named 'k1' /usr/src/usr.bin/gzsig/ssh.c:157: error: 'struct des3_state' has no member named 'k2' /usr/src/usr.bin/gzsig/ssh.c:160: error: 'struct des3_state' has no member named 'k3' /usr/src/usr.bin/gzsig/ssh.c:162: error: 'struct des3_state' has no member named 'k3' /usr/src/usr.bin/gzsig/ssh.c:164: error: 'struct des3_state' has no member named 'iv1' /usr/src/usr.bin/gzsig/ssh.c:165: error: 'struct des3_state' has no member named 'iv2' /usr/src/usr.bin/gzsig/ssh.c:166: error: 'struct des3_state' has no member named 'iv3' /usr/src/usr.bin/gzsig/ssh.c: In function 'des3_decrypt': /usr/src/usr.bin/gzsig/ssh.c:177: error: 'struct des3_state' has no member named 'iv1' /usr/src/usr.bin/gzsig/ssh.c:177: error: 'struct des3_state' has no member named 'iv2' /usr/src/usr.bin/gzsig/ssh.c:179: error: 'struct des3_state' has no member named 'k3' /usr/src/usr.bin/gzsig/ssh.c:179: error: 'struct des3_state' has no member named 'iv3' /usr/src/usr.bin/gzsig/ssh.c:180: error: 'struct des3_state' has no member named 'k2' /usr/src/usr.bin/gzsig/ssh.c:180: error: 'struct des3_state' has no member named 'iv2' /usr/src/usr.bin/gzsig/ssh.c:181: error: 'struct des3_state' has no member named 'k1' /usr/src/usr.bin/gzsig/ssh.c:181: error: 'struct des3_state' has no member named 'iv1' *** Error 1 in /usr/src/usr.bin/gzsig (:87 'ssh.o') I can get it down to this ssh.o(.text+0x5ab): In function `ssh_load_private': : undefined reference to `des_set_key' ssh.o(.text+0x675): In function `ssh_load_private': : undefined reference to `des_set_key' ssh.o(.text+0x745): In function `ssh_load_private': : undefined reference to `des_set_key' ssh.o(.text+0x85c): In function `ssh_load_private': : undefined reference to `des_ncbc_encrypt' ssh.o(.text+0x938): In function `ssh_load_private': : undefined reference to `des_ncbc_encrypt' ssh.o(.text+0x9db): In function `ssh_load_private': : undefined reference to `des_ncbc_encrypt' collect2: ld returned 1 exit status going a bit further gets me here cc -O2 -pipe -c /usr/src/usr.bin/gzsig/ssh.c /usr/src/usr.bin/gzsig/ssh.c: In function 'des3_decrypt': /usr/src/usr.bin/gzsig/ssh.c:179: error: incompatible type for argument 4 of 'DES_ncbc_encrypt' /usr/src/usr.bin/gzsig/ssh.c:180: error: incompatible type for argument 4 of 'DES_ncbc_encrypt' /usr/src/usr.bin/gzsig/ssh.c:181: error: incompatible type for argument 4 of 'DES_ncbc_encrypt' *** Error 1 in /usr/src/usr.bin/gzsig (:87 'ssh.o') I'll leave this one for you guys. Ian McWilliam - Original Message - From: Bob Beck To:Ian McWilliam Cc: Sent:Wed, 16 Apr 2014 00:10:42 -0600 Subject:Re: sbin/iked fallout after OpenSSL valahalla slashing not quite, because your diff was mangled, but I think you had it right anyway.. fix committed by miod, thanks for telling us. On Wed, Apr 16, 2014 at 03:39:03PM +1000, Ian McWilliam wrote: Hoope the attached diff is a correct fix. Hit me with the cluebat if not. cc -O2 -pipe ??-Wall -I/usr/src/sbin/iked -Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations -Wshadow -Wpointer-arith -Wcast-qual -Wsign-compare -fno-pie ?? -c /usr/src/sbin/iked/chap_ms.c/usr/src/sbin/iked/chap_ms.c: In function 'mschap_des_addparity':/usr/src/sbin/iked/chap_ms.c:104: error: 'des_cblock' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:104: error: (Each undeclared identifier is reported only once/usr/src/sbin/iked/chap_ms.c:104: error: for each function it appears in.)/usr/src/sbin/iked/chap_ms.c:104: error: expected expression before ')' token/usr/src/sbin/iked/chap_ms.c: In function 'mschap_des_encrypt':/usr/src/sbin/iked/chap_ms.c:110: error: 'des_cblock' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:110: error: expected ';' before 'des_key'/usr/src/sbin/iked/chap_ms.c:111: error: 'des_key_schedule' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:111: error: expected ';' before 'key_schedule'/usr/src/sbin/iked/chap_ms.c:113: error: 'des_key' undeclared (first use in this function)/usr/src/sbin/iked/chap_ms.c:115: error: 'key_schedule' undeclared (first use in this
Re: Intel HD Graphics 4000, only one monitor detected
2014-02-26 11:08 GMT+01:00 Markus Bergkvist mar...@familjenbergkvist.net: 2014-02-26 8:52 GMT+01:00 Mark Kettenis mark.kette...@xs4all.nl: Date: Wed, 26 Feb 2014 07:38:29 +0100 From: Markus Bergkvist mar...@familjenbergkvist.net 2014-02-14 15:15 GMT+01:00 Markus Bergkvist mar...@familjenbergkvist.net: Synced and verified that kettenis patch was there but unfortunately it did not help with a new kernel. 2014-02-14 9:54 GMT+01:00 Jonathan Gray j...@jsg.id.au: On Fri, Feb 14, 2014 at 08:48:04AM +0100, Markus Bergkvist wrote: I did an update to recent snapshot OpenBSD 5.5-beta (GENERIC.MP) #287: Fri Feb 7 11:45:09 MST 2014 I have two identical monitors connected to my Intel HD Graphics 4000 on DisplayPort and HDMI respectively. Usually there is no problem detecting them both and split my desktop across both monitors. But somewhere between OpenBSD 5.5-beta (GENERIC.MP) #284: Mon Feb 3 07:57:32 MST 2014 and OpenBSD 5.5-beta (GENERIC.MP) #287: Fri Feb 7 11:45:09 MST 2014 something happened. The monitor on HDMI is mirroring the DisplayPort and it is not detected by xrand. Output from xrandr, diff between previous and current dmesg and a complete dmesg below. Any suggestion on what might be wrong? Any more information I can provide? The xf86-video-intel driver was recently updated, this triggered a bug in copying data out of the kernel that was previously hidden which affects xrandr. It would be interesting to see if compiling your own kernel sometime after the following commit by kettenis@ helps: CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2014/02/13 05:33:08 Modified files: sys/dev/pci/drm: drm_crtc.c Log message: Make sure we copy out the right amount of data in the various copyout() calls that replace the put_user() calls in the Linux code by using sizeof on the appropriate variables instead of explicit uint32_t/uint64_t types. Fixes a case where we accidentally copied out only 32 bits of a 64-bit value, uncovered by xf86-video-intel 2.99.909. ok jsg@, matthieu@ Updated to recent snapshot. Monitor on HDMI-port is detected but is disconnected? What does xrandr --verbose say? The problem is still there with recent -current. Are there any more information I can provide besides the xrand and dmesg below? $ xrandr --verbose Screen 0: minimum 320 x 200, current 1920 x 1200, maximum 32767 x 32767 VGA1 disconnected (normal left inverted right x axis y axis) Identifier: 0x43 Timestamp: 14588 Subpixel: unknown Clones: CRTCs: 0 1 2 Transform: 1.00 0.00 0.00 0.00 1.00 0.00 0.00 0.00 1.00 filter: HDMI1 disconnected 1920x1200+0+0 (0x4a) normal (normal left inverted right x axis y axis) 0mm x 0mm Identifier: 0x44 Timestamp: 14588 Subpixel: unknown Gamma: 1.0:1.0:1.0 Brightness: 1.0 Clones: CRTC: 0 CRTCs: 0 1 2 Transform: 1.00 0.00 0.00 0.00 1.00 0.00 0.00 0.00 1.00 filter: Broadcast RGB: Full supported: Full, Limited 16:235 audio: auto supported: force-dvi, off, auto, on HDMI2 disconnected (normal left inverted right x axis y axis) Identifier: 0x45 Timestamp: 14588 Subpixel: unknown Clones: CRTCs: 0 1 2 Transform: 1.00 0.00 0.00 0.00 1.00 0.00 0.00 0.00 1.00 filter: Broadcast RGB: Full supported: Full, Limited 16:235 audio: auto supported: force-dvi, off, auto, on DP1 disconnected (normal left inverted right x axis y axis) Identifier: 0x46 Timestamp: 14588 Subpixel: unknown Clones: CRTCs: 0 1 2 Transform: 1.00 0.00 0.00 0.00 1.00 0.00 0.00 0.00 1.00 filter: Broadcast RGB: Full supported: Full, Limited 16:235 audio: auto supported: force-dvi, off, auto, on DP2 connected 1920x1200+0+0 (0x4a) normal (normal left inverted right x axis y axis) 518mm x 324mm Identifier: 0x47 Timestamp: 14588 Subpixel: unknown Gamma: 1.0:1.0:1.0 Brightness: 1.0 Clones: CRTC: 1 CRTCs: 0 1 2 Transform: 1.00 0.00 0.00 0.00 1.00 0.00 0.00 0.00 1.00 filter: EDID: 00000469a32401010101 07170104a53420783a4ca5a7554da226 105054230800818081409500a940b300 d1c001010101283c80a070b023403020 36000644211a00fd00323d1e 5311000a20202020202000fc0050 423234380a2020202020202000ff 0044324c4d51533032383531300a01ca 020318f14b90050403020213141f 2309070783011a3680a070381e40 302035000644211a662156aa5100 1e30468f33000644211e011d0072 51d01e206e2855000644211e8c0a d08a20e02d10103e960006442118 011d8018711c1620582c250006442100 009e0088 Broadcast RGB: Full supported: Full, Limited 16:235 audio: auto supported: force-dvi, off, auto, on
Re: GOST was removed
On Tue, Apr 15, 2014 at 03:34:36PM -0600, Theo de Raadt wrote: Log message: Remove the GOST engine: It is not compiled or used and depends on the dynamic engine feature that is not enabled in our build. People who need it can still pull it out of the Attic; if it is to have a Russian engine just because it's a Russian engine. -- This hash function is a formal requirement in all public institutions in Russia. Removing it, the work of people using OpenBSD in these institutions is greatly complicated by its return. First off, this library primary function is to supply two major components for use by people: SSL protocol raw symmetric assymetric crypto functions Meeting the requirements of public institutions is pretty low on the list right about now. Quite frankly, I do not want my own government using OpenSSL for anything. As it is now, it is not suitable. This is a political decision, or indeed it is necessary for the cleaning OpenSSL? Do not throw out the child along with the bath. Dynamic loading of crypto libraries into a framework is not acceptable. Furthermore, if you dig just a bit deeper, you will quickly realize that this code has not worked in our tree before. It was not enabled. It did not work. In the interests of full disclosure, do you work for the government or sell to the government? I'm not sure what it means to work for the government in terms of the English language. I am now in the process of transfer to the IT-department of city hall of small town in the geographical center of Russia. In the area of my responsibility will be the network infrastructure of city hall. This is work for the government? I assumed that, for establishment GOST, it is enough to recompile OpenSSL in source tree and install it. Situation worsens in that it is the only implementation of GOST, so that there are no alternatives for unix and unix-like systems. Yet your words as the words of Bob and Reyk, given your competence in this area, sound convincing. If it makes the system more secure, it is a sensible move. I am glad that there is no politics.
Re: GOST was removed
On Wed, Apr 16, 2014 at 08:15:02AM +, Артур Истомин wrote: I assumed that, for establishment GOST, it is enough to recompile OpenSSL in source tree and install it. Situation worsens in that it is the only implementation of GOST, so that there are no alternatives for unix and unix-like systems. I am liar. Libgrypt, noteworthy changes between version 1.5.0 and 1.6.0 (Dec 16 18:49:01 CET 2013): * Added limited support for the GOST 28147-89 cipher algorithm. * Added support for the GOST R 34.11-94 and R 34.11-2012 (Stribog) hash algorithms.
Re: GOST was removed
On Wed, Apr 16, 2014 at 10:15 AM, Артур Истомин art.is...@yandex.ru wrote: On Tue, Apr 15, 2014 at 03:34:36PM -0600, Theo de Raadt wrote: Log message: Remove the GOST engine: It is not compiled or used and depends on the dynamic engine feature that is not enabled in our build. People who need it can still pull it out of the Attic; if it is to have a Russian engine just because it's a Russian engine. -- This hash function is a formal requirement in all public institutions in Russia. Removing it, the work of people using OpenBSD in these institutions is greatly complicated by its return. First off, this library primary function is to supply two major components for use by people: SSL protocol raw symmetric assymetric crypto functions Meeting the requirements of public institutions is pretty low on the list right about now. Quite frankly, I do not want my own government using OpenSSL for anything. As it is now, it is not suitable. This is a political decision, or indeed it is necessary for the cleaning OpenSSL? Do not throw out the child along with the bath. Dynamic loading of crypto libraries into a framework is not acceptable. Furthermore, if you dig just a bit deeper, you will quickly realize that this code has not worked in our tree before. It was not enabled. It did not work. In the interests of full disclosure, do you work for the government or sell to the government? I'm not sure what it means to work for the government in terms of the English language. I am now in the process of transfer to the IT-department of city hall of small town in the geographical center of Russia. In the area of my responsibility will be the network infrastructure of city hall. This is work for the government? I assumed that, for establishment GOST, it is enough to recompile OpenSSL in source tree and install it. Situation worsens in that it is the only implementation of GOST, so that there are no alternatives for unix and unix-like systems. Yet your words as the words of Bob and Reyk, given your competence in this area, sound convincing. If it makes the system more secure, it is a sensible move. I am glad that there is no politics. Well mostly no politics here in a sense you thought initially (and not everyone behind your borders think that * we can see in our media is true). OpenBSD is just trying to fix crap created by outside company http://undeadly.org/cgi?action=articlesid=20140415093252mode=expandedcount=8and well on the way things are removed which doesn't make any sense or were used in the past or are supposed to not be used. From this point of view it's maybe better to try to convince local authority where you will be doing some work in IT area to use something really newer and better. I know it can be nearly impossible, but it is worth of the try. Of course don''t know how much is GOST used in Russia and why (historical reasons, whatever).
Re: p2p interfaces and route to loopback
On 09/04/14(Wed) 15:36, Martin Pieuchot wrote: On 09/04/14(Wed) 11:22, Martin Pieuchot wrote: When an IPv6 address is configured on a point-to-point interface, it is associated to nd6_rtrequest(). This is because nd6_request() contains a hack to automatically create a route to loopback for p2p interfaces. The resulting route looks like this: fe80::300:245f:fedc:22f8%pppoe0link#12HL 00 - 4 lo0 I'd like to stop abusing nd6_rtrequest() for point-to-point interfaces because I want to introduce a similar behavior for IPv4. So the diff below adds a sppp_rtrequest() function that works for both IPv4 and IPv6 and creates a local route if the loopback interface has an address of the same family. This diff introduce a difference in the routing table, see below, but it shouldn't matter. The RTF_LLINFO flags is necessary for ND6 or ARP, not for p2p interfaces. -fe80::300:245f:fedc:22f8%pppoe0link#12HL 00 - 4 lo0 -2011:4b10:1003:ff::1 link#12HL 00 - 4 lo0 +fe80::300:245f:fedc:22f8%pppoe0::1H 00 - 4 lo0 +2011:4b10:1003:ff::1 ::1H 00 - 4 lo0 Here's an updated diff that addresses some points raised by claudio@: - Support all the p2p interfaces but mpe(4) (should I include it?) - Add comment about lo0 vs rdomain in {p2p,arp,nd6}_rtrequest(). Anyone? Index: net/if.c === RCS file: /home/ncvs/src/sys/net/if.c,v retrieving revision 1.282 diff -u -p -r1.282 if.c --- net/if.c 20 Mar 2014 13:19:06 - 1.282 +++ net/if.c 9 Apr 2014 13:31:06 - @@ -1009,6 +1009,71 @@ link_rtrequest(int cmd, struct rtentry * } /* + * Default action when installing a local route on a point-to-point + * interface. + */ +void +p2p_rtrequest(int req, struct rtentry *rt) +{ + struct ifnet *ifp = rt-rt_ifp; + struct ifaddr *ifa, *lo0ifa; + + switch (req) { + case RTM_ADD: + /* + * XXX Here we abuse RTF_LLINFO to add a route to + * loopback. We do that to always have a route + * pointing to our address. + */ + if ((rt-rt_flags RTF_LLINFO) == 0) + break; + + TAILQ_FOREACH(ifa, ifp-if_addrlist, ifa_list) { + if (memcmp(rt_key(rt), ifa-ifa_addr, + rt_key(rt)-sa_len) == 0) + break; + } + + if (ifa == NULL) + break; + + /* + * XXX Since lo0 is in the default rdomain we should not + * (ab)use it for any route related to an interface of a + * different rdomain. + */ + TAILQ_FOREACH(lo0ifa, lo0ifp-if_addrlist, ifa_list) + if (lo0ifa-ifa_addr-sa_family == + ifa-ifa_addr-sa_family) + break; + + if (lo0ifa == NULL) + break; + + rt_setgate(rt, rt_key(rt), lo0ifa-ifa_addr, ifp-if_rdomain); + rt-rt_ifp = lo0ifp; + rt-rt_flags = ~RTF_LLINFO; + + /* + * make sure to set rt-rt_ifa to the interface + * address we are using, otherwise we will have trouble + * with source address selection. + */ + if (ifa != rt-rt_ifa) { + ifafree(rt-rt_ifa); + ifa-ifa_refcnt++; + rt-rt_ifa = ifa; + } + break; + case RTM_DELETE: + case RTM_RESOLVE: + default: + break; + } +} + + +/* * Bring down all interfaces */ void Index: net/if_gif.c === RCS file: /home/ncvs/src/sys/net/if_gif.c,v retrieving revision 1.64 diff -u -p -r1.64 if_gif.c --- net/if_gif.c 19 Oct 2013 14:46:30 - 1.64 +++ net/if_gif.c 9 Apr 2014 13:31:06 - @@ -356,7 +356,8 @@ int gif_ioctl(struct ifnet *ifp, u_long cmd, caddr_t data) { struct gif_softc *sc = (struct gif_softc*)ifp; - struct ifreq *ifr = (struct ifreq*)data; + struct ifreq *ifr = (struct ifreq *)data; + struct ifaddr*ifa = (struct ifaddr *)data; int error = 0, size; struct sockaddr *dst, *src; struct sockaddr *sa; @@ -365,6 +366,7 @@ gif_ioctl(struct ifnet *ifp, u_long cmd, switch (cmd) { case SIOCSIFADDR: + ifa-ifa_rtrequest = p2p_rtrequest; break; case SIOCSIFDSTADDR: Index:
sftp upload resume diff
Hi All, First version of the diff: It works fine for resuming uploads. I'm going to upload a 2nd revision soon. Index: sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114 sftp-client.c --- sftp-client.c 31 Jan 2014 16:39:19 - 1.114 +++ sftp-client.c 16 Apr 2014 13:33:27 - @@ -1409,7 +1409,7 @@ download_dir(struct sftp_conn *conn, cha int do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, -int preserve_flag, int fsync_flag) +int preserve_flag, int resume, int fsync_flag) { int local_fd; int status = SSH2_FX_OK; @@ -1418,7 +1418,7 @@ do_upload(struct sftp_conn *conn, char * char *handle, *data; Buffer msg; struct stat sb; - Attrib a; + Attrib a, *c = NULL; u_int32_t startid; u_int32_t ackid; struct outstanding_ack { @@ -1456,6 +1456,26 @@ do_upload(struct sftp_conn *conn, char * if (!preserve_flag) a.flags = ~SSH2_FILEXFER_ATTR_ACMODTIME; + if (resume) { + /* Get remote file size if it exists */ + if ((c = do_stat(conn, remote_path, 0)) == NULL) { + close(local_fd); + return -1; + } + + if ((off_t)c-size sb.st_size || + (off_t)c-size == sb.st_size) { + error(destination file bigger or same size as source file); + close(local_fd); + return -1; + } + + if (lseek(local_fd, (off_t)c-size, SEEK_SET) == -1) { + close(local_fd); + return -1; + } + } + buffer_init(msg); /* Send open request */ @@ -1463,7 +1483,8 @@ do_upload(struct sftp_conn *conn, char * buffer_put_char(msg, SSH2_FXP_OPEN); buffer_put_int(msg, id); buffer_put_cstring(msg, remote_path); - buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); + buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| + (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC)); encode_attrib(msg, a); send_msg(conn, msg); debug3(Sent message SSH2_FXP_OPEN I:%u P:%s, id, remote_path); @@ -1482,7 +1503,7 @@ do_upload(struct sftp_conn *conn, char * data = xmalloc(conn-transfer_buflen); /* Read from local and write to remote */ - offset = progress_counter = 0; + offset = progress_counter = (resume ? c-size : 0); if (showprogress) start_progress_meter(local_path, sb.st_size, progress_counter); @@ -1596,7 +1617,7 @@ do_upload(struct sftp_conn *conn, char * static int upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, int depth, -int preserve_flag, int print_flag, int fsync_flag) +int preserve_flag, int print_flag, int resume, int fsync_flag) { int ret = 0, status; DIR *dirp; @@ -1665,12 +1686,12 @@ upload_dir_internal(struct sftp_conn *co continue; if (upload_dir_internal(conn, new_src, new_dst, - depth + 1, preserve_flag, print_flag, + depth + 1, preserve_flag, print_flag, resume, fsync_flag) == -1) ret = -1; } else if (S_ISREG(sb.st_mode)) { if (do_upload(conn, new_src, new_dst, - preserve_flag, fsync_flag) == -1) { + preserve_flag, resume, fsync_flag) == -1) { error(Uploading of file %s to %s failed!, new_src, new_dst); ret = -1; @@ -1689,7 +1710,7 @@ upload_dir_internal(struct sftp_conn *co int upload_dir(struct sftp_conn *conn, char *src, char *dst, int preserve_flag, -int print_flag, int fsync_flag) +int print_flag, int resume, int fsync_flag) { char *dst_canon; int ret; @@ -1700,7 +1721,7 @@ upload_dir(struct sftp_conn *conn, char } ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, - print_flag, fsync_flag); + print_flag, resume, fsync_flag); free(dst_canon); return ret; Index: sftp-client.h === RCS file: /cvs/src/usr.bin/ssh/sftp-client.h,v retrieving revision 1.24 diff -u -p -u -p -r1.24 sftp-client.h --- sftp-client.h 17 Oct 2013 00:30:13 - 1.24 +++ sftp-client.h 16 Apr 2014 13:33:27 - @@ -120,13 +120,13 @@ int download_dir(struct sftp_conn *, cha * Upload 'local_path' to 'remote_path'. Preserve permissions and times * if 'pflag'
Re: sftp upload resume diff
Hi, Fixed the style issue for an error() line that Mike Larkin pointed out to me. Index: usr.bin/ssh/sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114 sftp-client.c --- usr.bin/ssh/sftp-client.c 31 Jan 2014 16:39:19 - 1.114 +++ usr.bin/ssh/sftp-client.c 16 Apr 2014 14:03:05 - @@ -1409,7 +1409,7 @@ download_dir(struct sftp_conn *conn, cha int do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, -int preserve_flag, int fsync_flag) +int preserve_flag, int resume, int fsync_flag) { int local_fd; int status = SSH2_FX_OK; @@ -1418,7 +1418,7 @@ do_upload(struct sftp_conn *conn, char * char *handle, *data; Buffer msg; struct stat sb; - Attrib a; + Attrib a, *c = NULL; u_int32_t startid; u_int32_t ackid; struct outstanding_ack { @@ -1456,6 +1456,27 @@ do_upload(struct sftp_conn *conn, char * if (!preserve_flag) a.flags = ~SSH2_FILEXFER_ATTR_ACMODTIME; + if (resume) { + /* Get remote file size if it exists */ + if ((c = do_stat(conn, remote_path, 0)) == NULL) { + close(local_fd); + return -1; + } + + if ((off_t)c-size sb.st_size || + (off_t)c-size == sb.st_size) { + error(destination file bigger or same size as + source file); + close(local_fd); + return -1; + } + + if (lseek(local_fd, (off_t)c-size, SEEK_SET) == -1) { + close(local_fd); + return -1; + } + } + buffer_init(msg); /* Send open request */ @@ -1463,7 +1484,8 @@ do_upload(struct sftp_conn *conn, char * buffer_put_char(msg, SSH2_FXP_OPEN); buffer_put_int(msg, id); buffer_put_cstring(msg, remote_path); - buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); + buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| + (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC)); encode_attrib(msg, a); send_msg(conn, msg); debug3(Sent message SSH2_FXP_OPEN I:%u P:%s, id, remote_path); @@ -1482,7 +1504,7 @@ do_upload(struct sftp_conn *conn, char * data = xmalloc(conn-transfer_buflen); /* Read from local and write to remote */ - offset = progress_counter = 0; + offset = progress_counter = (resume ? c-size : 0); if (showprogress) start_progress_meter(local_path, sb.st_size, progress_counter); @@ -1596,7 +1618,7 @@ do_upload(struct sftp_conn *conn, char * static int upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, int depth, -int preserve_flag, int print_flag, int fsync_flag) +int preserve_flag, int print_flag, int resume, int fsync_flag) { int ret = 0, status; DIR *dirp; @@ -1665,12 +1687,12 @@ upload_dir_internal(struct sftp_conn *co continue; if (upload_dir_internal(conn, new_src, new_dst, - depth + 1, preserve_flag, print_flag, + depth + 1, preserve_flag, print_flag, resume, fsync_flag) == -1) ret = -1; } else if (S_ISREG(sb.st_mode)) { if (do_upload(conn, new_src, new_dst, - preserve_flag, fsync_flag) == -1) { + preserve_flag, resume, fsync_flag) == -1) { error(Uploading of file %s to %s failed!, new_src, new_dst); ret = -1; @@ -1689,7 +1711,7 @@ upload_dir_internal(struct sftp_conn *co int upload_dir(struct sftp_conn *conn, char *src, char *dst, int preserve_flag, -int print_flag, int fsync_flag) +int print_flag, int resume, int fsync_flag) { char *dst_canon; int ret; @@ -1700,7 +1722,7 @@ upload_dir(struct sftp_conn *conn, char } ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, - print_flag, fsync_flag); + print_flag, resume, fsync_flag); free(dst_canon); return ret; Index: usr.bin/ssh/sftp-client.h === RCS file: /cvs/src/usr.bin/ssh/sftp-client.h,v retrieving revision 1.24 diff -u -p -u -p -r1.24 sftp-client.h --- usr.bin/ssh/sftp-client.h 17 Oct 2013 00:30:13 - 1.24 +++ usr.bin/ssh/sftp-client.h 16 Apr 2014 14:03:05 - @@ -120,13 +120,13 @@ int download_dir(struct sftp_conn *, cha * Upload 'local_path' to
Re: sftp upload resume diff
Rework the wording for uploading resume as suggested by Mike Larkin. (More tweaks coming up soon) Index: sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114 sftp-client.c --- sftp-client.c 31 Jan 2014 16:39:19 - 1.114 +++ sftp-client.c 16 Apr 2014 14:14:34 - @@ -1409,7 +1409,7 @@ download_dir(struct sftp_conn *conn, cha int do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, -int preserve_flag, int fsync_flag) +int preserve_flag, int resume, int fsync_flag) { int local_fd; int status = SSH2_FX_OK; @@ -1418,7 +1418,7 @@ do_upload(struct sftp_conn *conn, char * char *handle, *data; Buffer msg; struct stat sb; - Attrib a; + Attrib a, *c = NULL; u_int32_t startid; u_int32_t ackid; struct outstanding_ack { @@ -1456,6 +1456,27 @@ do_upload(struct sftp_conn *conn, char * if (!preserve_flag) a.flags = ~SSH2_FILEXFER_ATTR_ACMODTIME; + if (resume) { + /* Get remote file size if it exists */ + if ((c = do_stat(conn, remote_path, 0)) == NULL) { + close(local_fd); + return -1; + } + + if ((off_t)c-size sb.st_size || + (off_t)c-size == sb.st_size) { + error(destination file bigger or same size as + source file); + close(local_fd); + return -1; + } + + if (lseek(local_fd, (off_t)c-size, SEEK_SET) == -1) { + close(local_fd); + return -1; + } + } + buffer_init(msg); /* Send open request */ @@ -1463,7 +1484,8 @@ do_upload(struct sftp_conn *conn, char * buffer_put_char(msg, SSH2_FXP_OPEN); buffer_put_int(msg, id); buffer_put_cstring(msg, remote_path); - buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); + buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| + (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC)); encode_attrib(msg, a); send_msg(conn, msg); debug3(Sent message SSH2_FXP_OPEN I:%u P:%s, id, remote_path); @@ -1482,7 +1504,7 @@ do_upload(struct sftp_conn *conn, char * data = xmalloc(conn-transfer_buflen); /* Read from local and write to remote */ - offset = progress_counter = 0; + offset = progress_counter = (resume ? c-size : 0); if (showprogress) start_progress_meter(local_path, sb.st_size, progress_counter); @@ -1596,7 +1618,7 @@ do_upload(struct sftp_conn *conn, char * static int upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, int depth, -int preserve_flag, int print_flag, int fsync_flag) +int preserve_flag, int print_flag, int resume, int fsync_flag) { int ret = 0, status; DIR *dirp; @@ -1665,12 +1687,12 @@ upload_dir_internal(struct sftp_conn *co continue; if (upload_dir_internal(conn, new_src, new_dst, - depth + 1, preserve_flag, print_flag, + depth + 1, preserve_flag, print_flag, resume, fsync_flag) == -1) ret = -1; } else if (S_ISREG(sb.st_mode)) { if (do_upload(conn, new_src, new_dst, - preserve_flag, fsync_flag) == -1) { + preserve_flag, resume, fsync_flag) == -1) { error(Uploading of file %s to %s failed!, new_src, new_dst); ret = -1; @@ -1689,7 +1711,7 @@ upload_dir_internal(struct sftp_conn *co int upload_dir(struct sftp_conn *conn, char *src, char *dst, int preserve_flag, -int print_flag, int fsync_flag) +int print_flag, int resume, int fsync_flag) { char *dst_canon; int ret; @@ -1700,7 +1722,7 @@ upload_dir(struct sftp_conn *conn, char } ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, - print_flag, fsync_flag); + print_flag, resume, fsync_flag); free(dst_canon); return ret; Index: sftp-client.h === RCS file: /cvs/src/usr.bin/ssh/sftp-client.h,v retrieving revision 1.24 diff -u -p -u -p -r1.24 sftp-client.h --- sftp-client.h 17 Oct 2013 00:30:13 - 1.24 +++ sftp-client.h 16 Apr 2014 14:14:34 - @@ -120,13 +120,13 @@ int download_dir(struct sftp_conn *, cha * Upload 'local_path' to 'remote_path'. Preserve permissions and times
Re: sftp upload resume diff
Use = instead of == || for file size comparison as pointed out by Okan Demirmen. Index: sftp-client.c === RCS file: /cvs/src/usr.bin/ssh/sftp-client.c,v retrieving revision 1.114 diff -u -p -u -p -r1.114 sftp-client.c --- sftp-client.c 31 Jan 2014 16:39:19 - 1.114 +++ sftp-client.c 16 Apr 2014 14:42:04 - @@ -1409,7 +1409,7 @@ download_dir(struct sftp_conn *conn, cha int do_upload(struct sftp_conn *conn, char *local_path, char *remote_path, -int preserve_flag, int fsync_flag) +int preserve_flag, int resume, int fsync_flag) { int local_fd; int status = SSH2_FX_OK; @@ -1418,7 +1418,7 @@ do_upload(struct sftp_conn *conn, char * char *handle, *data; Buffer msg; struct stat sb; - Attrib a; + Attrib a, *c = NULL; u_int32_t startid; u_int32_t ackid; struct outstanding_ack { @@ -1456,6 +1456,26 @@ do_upload(struct sftp_conn *conn, char * if (!preserve_flag) a.flags = ~SSH2_FILEXFER_ATTR_ACMODTIME; + if (resume) { + /* Get remote file size if it exists */ + if ((c = do_stat(conn, remote_path, 0)) == NULL) { + close(local_fd); + return -1; + } + + if ((off_t)c-size = sb.st_size) { + error(destination file bigger or same size as + source file); + close(local_fd); + return -1; + } + + if (lseek(local_fd, (off_t)c-size, SEEK_SET) == -1) { + close(local_fd); + return -1; + } + } + buffer_init(msg); /* Send open request */ @@ -1463,7 +1483,8 @@ do_upload(struct sftp_conn *conn, char * buffer_put_char(msg, SSH2_FXP_OPEN); buffer_put_int(msg, id); buffer_put_cstring(msg, remote_path); - buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT|SSH2_FXF_TRUNC); + buffer_put_int(msg, SSH2_FXF_WRITE|SSH2_FXF_CREAT| + (resume ? SSH2_FXF_APPEND : SSH2_FXF_TRUNC)); encode_attrib(msg, a); send_msg(conn, msg); debug3(Sent message SSH2_FXP_OPEN I:%u P:%s, id, remote_path); @@ -1482,7 +1503,7 @@ do_upload(struct sftp_conn *conn, char * data = xmalloc(conn-transfer_buflen); /* Read from local and write to remote */ - offset = progress_counter = 0; + offset = progress_counter = (resume ? c-size : 0); if (showprogress) start_progress_meter(local_path, sb.st_size, progress_counter); @@ -1596,7 +1617,7 @@ do_upload(struct sftp_conn *conn, char * static int upload_dir_internal(struct sftp_conn *conn, char *src, char *dst, int depth, -int preserve_flag, int print_flag, int fsync_flag) +int preserve_flag, int print_flag, int resume, int fsync_flag) { int ret = 0, status; DIR *dirp; @@ -1665,12 +1686,12 @@ upload_dir_internal(struct sftp_conn *co continue; if (upload_dir_internal(conn, new_src, new_dst, - depth + 1, preserve_flag, print_flag, + depth + 1, preserve_flag, print_flag, resume, fsync_flag) == -1) ret = -1; } else if (S_ISREG(sb.st_mode)) { if (do_upload(conn, new_src, new_dst, - preserve_flag, fsync_flag) == -1) { + preserve_flag, resume, fsync_flag) == -1) { error(Uploading of file %s to %s failed!, new_src, new_dst); ret = -1; @@ -1689,7 +1710,7 @@ upload_dir_internal(struct sftp_conn *co int upload_dir(struct sftp_conn *conn, char *src, char *dst, int preserve_flag, -int print_flag, int fsync_flag) +int print_flag, int resume, int fsync_flag) { char *dst_canon; int ret; @@ -1700,7 +1721,7 @@ upload_dir(struct sftp_conn *conn, char } ret = upload_dir_internal(conn, src, dst_canon, 0, preserve_flag, - print_flag, fsync_flag); + print_flag, resume, fsync_flag); free(dst_canon); return ret; Index: sftp-client.h === RCS file: /cvs/src/usr.bin/ssh/sftp-client.h,v retrieving revision 1.24 diff -u -p -u -p -r1.24 sftp-client.h --- sftp-client.h 17 Oct 2013 00:30:13 - 1.24 +++ sftp-client.h 16 Apr 2014 14:42:04 - @@ -120,13 +120,13 @@ int download_dir(struct sftp_conn *, cha * Upload 'local_path' to 'remote_path'. Preserve permissions and times * if 'pflag' is set */ -int do_upload(struct sftp_conn *, char *,
Re: segfault in dhclient 5.4 please help
On Tue, Apr 15, 2014 at 8:05 AM, Otto Moerbeek o...@drijf.net wrote: Op 15 apr. 2014 om 13:13 heeft Kenneth Westerback kwesterb...@gmail.com het volgende geschreven: On 15 April 2014 08:34, Otto Moerbeek o...@drijf.net wrote: On Mon, Apr 14, 2014 at 09:32:43PM -0400, sven falempin wrote: so i got gdb back to the machine because i cannot reproduce outside of the box. gdb too old cannot gcore. The state is nasty, but i do get the trace of the dhcp transaction. [..] DHCPREQUEST on trunk0 to 255.255.255.255 port 67 DHCPACK from 10.0.0.254 (96:4f:87:9c:ad:67) Program received signal SIGSEGV, Segmentation fault. 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 2408/usr/src/sbin/dhclient/dhclient.c: No such file or directory. in /usr/src/sbin/dhclient/dhclient.c (gdb) bt #0 0x1c005b26 in add_classless_static_routes (rdomain=13684944, classless_static_routes=0x0) at /usr/src/sbin/dhclient/dhclient.c:2408 #1 0xd0d0d0d0 in ?? () #2 0x00d0d0d0 in ?? () #3 0x in ?? () ... the line in 5.4 is : 2405: i += bytes; 2406: 2407: memset(gateway, 0, sizeof(gateway)); 2408: memcpy(gateway, classless_static_routes-data[i], 4); The memcpy segfaults. Not surprising *if* the gdb info is correct and the pointer parameter 'classless_static_routes' is NULL. :-) Current and 5.5 have a rewritten version of this code. Can you reproduce on current? That would be good to check, but if there a NULL pointer being passed I fear it will still fault. -Otto [snip] 1397524674.011308 96:4f:87:9c:ad:67 fe:e1:ba:d0:8e:d0 0800 373: 10.0.0.254.67 10.0.0.126.68: xid:0x95ce17 Y:10.0.0.126 S:10.0.0.254 vend-rfc1048 DHCP:ACK SID:10.0.0.254 LT:43200 RN:21600 RB:37800 SM:255.255.255.0 BR:10.0.0.255 HN:ulis-v12-GW T121:415279105,3232236030,415279114,3232236030,3232236030,167772414 NS:10.0.0.254 DG:10.0.0.254 (DF) : fee1 bad0 8ed0 964f 879c ad67 0800 4500 ...O...g..E. 0010: 0167 4000 4011 240b 0a00 00fe 0a00 .g..@.@.$... 0020: 007e 0043 0044 0153 9aa6 0201 0600 0095 .~.C.D.S 0030: ce17 0a00 007e 0a00 .~.. 0040: 00fe fee1 bad0 8ed0 0050: 0060: 0070: 0080: 0090: 00a0: 00b0: 00c0: 00d0: 00e0: 00f0: 0100: 0110: 6382 5363 3501 0536 040a ..c.Sc5..6.. 0120: fe33 0400 00a8 c03a 0400 0054 603b ...3.:...T`; 0130: 0400 0093 a801 04ff 001c 040a 0140: ff0c 0b75 6c69 732d 7631 322d 4757 7918 ...ulis-v12-GWy. 0150: 18c0 a801 c0a8 01fe 18c0 a80a c0a8 01fe 0160: c0a8 01fe 0a00 00fe 0604 0a00 00fe 0304 0170: 0a00 00fe ff . Pulling out the options provided we get Options === 6382 5363 /* Cookie */ 35 01 05 /* DHCP message type */ 36 04 0a 00 00 fe /* DHCP server id */ 33 04 00 00 a8 c0 /* DHCP lease time */ 3a 04 00 00 54 60 /* DHCP renewal time */ 3b 04 00 00 93 a8 /* DHCP rebinding time */ 01 04 ff ff ff 00 /* Subnet Mask */ 1c 04 0a 00 00 ff /* Broadcast Address */ 0c 0b 75 6c 69 73 2d 76 31 32 2d 47 57 /* Hostname */ 79 18 18 c0 a8 01 c0 a8 01 fe 18 c0 a8 0a c0 a8 01 fe c0 a8 01 fe 0a 00 00 fe /Classless static routes */ 06 04 0a 00 00 fe /* Domain Name Servers */ 03 04 0a 00 00 fe /* Routers */ ff /* End of Options */ And looking at the classless static routes closer we see 79 18 18 c0 a8 01 c0 a8 01 fe /* 192.168.1/24 via 192.168.1.254 */ 18 c0 a8 0a c0 a8 01 fe /* 192.168.10/24 via 192.168.1.254 */ c0 a8 01 fe 0a 00 00 fe /* ??? */ Where the last one is, to use the technical term, fucked. It seems to specify a network with 'c0' == 192 bits. I can't see how this would cause a NULL pointer to be passed though. Ken I think the NULL is a red herring. If I see thing correctly the value comes from an expression which should never be NULL. It's pretty common for gdb to get locals or rags wrong or maybe the
Check syntax of Perl stuff at build time
This is a PoC I'm currently using while hacking at our libtool. What I dream about is putting such code in /usr/share/bsd.perl.mk or such, allowing to run checks for all Perl-based tools in base.It's better to know something is broken at build time rather after install, isn't it? If idea and actual implementation is approved, I'll prepare and mail out a patch for /usr/share/bsd.perl.mk (or whatever) and actual Makefiles. Any recommendations or other comments are welcome. Maybe, this should be put in some other file or done differently... Thanks in advance. -- WBR, Vadim Zhukov Index: Makefile === RCS file: /cvs/src/usr.bin/libtool/Makefile,v retrieving revision 1.7 diff -u -p -r1.7 Makefile --- Makefile16 Apr 2014 10:31:27 - 1.7 +++ Makefile16 Apr 2014 15:58:30 - @@ -37,4 +37,12 @@ realinstall: ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m ${BINMODE} \ ${.CURDIR}/libtool ${DESTDIR}${BINDIR}/libtool +PERLCHECK= libtool ${PACKAGES} +.for pm in libtool ${PERLCHECK} +CLEANFILES += ${pm:C@/@_@g}.perlcheck +all: ${pm:C@/@_@g}.perlcheck +${pm:C@/@_@g}.perlcheck: ${pm} + rm -f $@; perl -c ${.CURDIR}/${pm} touch $@ +.endfor + .include bsd.prog.mk
Target partition needs to be named OpenBSD as well type
Hi, I was advised to post here as more people may see it than the PPC list, http://marc.info/?l=openbsd-ppcm=139680393624940w=2 Is the diff valid or a known bug? Sevan
rshd spring cleaning
rshd has des_old API references, but it's in the kerberosIV code which we don't build anymore since years. The following diff removes the KerberosIV code from rshd (cpp symbols KERBEROS and CRYPT); and as a bonus, fixing the indentation of code afterwards apparently exposed a minor bug where errorhost would not be initialized with the correct value. Index: rshd.c === RCS file: /cvs/src/libexec/rshd/rshd.c,v retrieving revision 1.54 diff -u -p -r1.54 rshd.c --- rshd.c 4 Dec 2012 02:24:47 - 1.54 +++ rshd.c 16 Apr 2014 17:43:28 - @@ -77,36 +77,10 @@ int local_domain(char *); char *topdomain(char *); voidusage(void); -#ifdef KERBEROS -#include des.h -#include kerberosIV/krb.h -#defineVERSION_SIZE9 -#define SECURE_MESSAGE This rsh session is using DES encryption for all transmissions.\r\n - -#ifdef CRYPT -#define OPTIONSalnkvxL -#else -#defineOPTIONS alnkvL -#endif - -char authbuf[sizeof(AUTH_DAT)]; -char tickbuf[sizeof(KTEXT_ST)]; -intdoencrypt, use_kerberos, vacuous; -des_key_schedule schedule; -#ifdef CRYPT -int des_read(int, char *, int); -int des_write(int, char *, int); -void desrw_clear_key(); -void desrw_set_key(des_cblock *, des_key_schedule *); -#endif -#else #defineOPTIONS alnL -#endif #defineP_SOCKREAD 0 #defineP_PIPEREAD 1 -#defineP_CRYPTREAD 2 -#defineP_CRYPTWRITE3 int main(int argc, char *argv[]) @@ -131,21 +105,6 @@ main(int argc, char *argv[]) case 'n': keepalive = 0; break; -#ifdef KERBEROS - case 'k': - use_kerberos = 1; - break; - - case 'v': - vacuous = 1; - break; - -#ifdef CRYPT - case 'x': - doencrypt = 1; - break; -#endif -#endif case 'L': log_success = 1; break; @@ -158,19 +117,6 @@ main(int argc, char *argv[]) argc -= optind; argv += optind; -#ifdef KERBEROS - if (use_kerberos vacuous) { - syslog(LOG_ERR, only one of -k and -v allowed); - exit(2); - } -#ifdef CRYPT - if (doencrypt !use_kerberos) { - syslog(LOG_ERR, -k is required for -x); - exit(2); - } -#endif -#endif - fromlen = sizeof (from); if (getpeername(STDIN_FILENO, (struct sockaddr *)from, fromlen) 0) { /* syslog(LOG_ERR, getpeername: %m); */ @@ -202,7 +148,7 @@ doit(struct sockaddr *fromp) struct passwd *pwd; u_short port; in_port_t *portp; - struct pollfd pfd[4]; + struct pollfd pfd[2]; int cc, nfd, pv[2], s = 0, one = 1; pid_t pid; char *hostname, *errorstr, *errorhost = (char *) NULL; @@ -217,25 +163,6 @@ doit(struct sockaddr *fromp) auth_session_t *as; const int niflags = NI_NUMERICHOST | NI_NUMERICSERV; -#ifdef KERBEROS - AUTH_DAT*kdata = (AUTH_DAT *) NULL; - KTEXT ticket = (KTEXT) NULL; - charinstance[INST_SZ], version[VERSION_SIZE]; - struct sockaddr_storage fromaddr; - int rc; - longauthopts; -#ifdef CRYPT - int pv1[2], pv2[2]; -#endif - - if (sizeof(fromaddr) fromp-sa_len) { - syslog(LOG_ERR, malformed \from\ address (af %d), - fromp-sa_family); - exit(1); - } - memcpy(fromaddr, fromp, fromp-sa_len); -#endif - (void) signal(SIGINT, SIG_DFL); (void) signal(SIGQUIT, SIG_DFL); (void) signal(SIGTERM, SIG_DFL); @@ -293,16 +220,13 @@ doit(struct sockaddr *fromp) } #endif -#ifdef KERBEROS - if (!use_kerberos) -#endif - if (ntohs(*portp) = IPPORT_RESERVED || - ntohs(*portp) IPPORT_RESERVED/2) { - syslog(LOG_NOTICE|LOG_AUTH, - Connection from %s on illegal port %u, - naddr, ntohs(*portp)); - exit(1); - } + if (ntohs(*portp) = IPPORT_RESERVED || + ntohs(*portp) IPPORT_RESERVED/2) { + syslog(LOG_NOTICE|LOG_AUTH, + Connection from %s on illegal port %u, + naddr, ntohs(*portp)); + exit(1); + } (void) alarm(60); port = 0; @@ -322,14 +246,11 @@ doit(struct sockaddr *fromp) (void) alarm(0); if (port != 0) { int lport; -#ifdef KERBEROS - if (!use_kerberos) -#endif - if (port = IPPORT_RESERVED || - port IPPORT_RESERVED/2) { -
Re: rshd spring cleaning
Whoops, I sent this before seeing Okan's mail. Sorry for the dup.
Re: cpsw device timeouts
I patched this against (1st) the latest anoncvs tree and (2nd) against your cpsw patch from 04/12/14 (2). Both times it works (compile, boot) and so I tested the timeout bug described at http://marc.info/?l=openbsd-bugsm=138275913126582w=2 First i can reproduce the timeout bug with the latest snapshot kernel OpenBSD 5.5 (GENERIC-OMAP) #11: Sat Mar 8 12:52:57 EST 2014 With the patched kernels (1) and (2) the timeout shiftet. # ping -f -n -c100 -s289 ip runs with 0% packet loss # ping -f -n -c100 -s225 ip runs with 0% packet loss # ping -f -n -c100 -s221 ip runs with complete packet loss (100%), sometimes I get 1 return packet. All others -s1 up to -s1000 come back mixed, with 1/3rd coming back with max. 1 lost packet and 2/3rd coming back with 0% packet loss. - Ben On 04/14/14 20:18, Brandon Mercer wrote: whoops, small typo in the previous diff: cvs diff: Diffing sys/arch/armv7/omap/ Index: sys/arch/armv7/omap//if_cpsw.c === RCS file: /cvs/src/sys/arch/armv7/omap/if_cpsw.c,v retrieving revision 1.21 diff -u -p -u -r1.21 if_cpsw.c --- sys/arch/armv7/omap//if_cpsw.c 26 Nov 2013 20:33:11 - 1.21 +++ sys/arch/armv7/omap//if_cpsw.c 14 Apr 2014 17:37:27 - @@ -816,6 +816,8 @@ cpsw_init(struct ifnet *ifp) cpsw_write_4(sc, CPSW_CPDMA_SOFT_RESET, 1); while(cpsw_read_4(sc, CPSW_CPDMA_SOFT_RESET) 1); + + cpsw_write_4(sc, CPSW_SS_FLOW_CONTROL, 0); for (i = 0; i 8; i++) { cpsw_write_4(sc, CPSW_CPDMA_TX_HDP(i), 0); Index: sys/arch/armv7/omap//if_cpswreg.h === RCS file: /cvs/src/sys/arch/armv7/omap/if_cpswreg.h,v retrieving revision 1.5 diff -u -p -u -r1.5 if_cpswreg.h --- sys/arch/armv7/omap//if_cpswreg.h 15 Nov 2013 14:31:52 - 1.5 +++ sys/arch/armv7/omap//if_cpswreg.h 14 Apr 2014 18:08:52 - @@ -39,6 +39,7 @@ #define CPSW_SS_SOFT_RESET (CPSW_SS_OFFSET + 0x08) #define CPSW_SS_STAT_PORT_EN (CPSW_SS_OFFSET + 0x0C) #define CPSW_SS_PTYPE (CPSW_SS_OFFSET + 0x10) +#define CPSW_SS_FLOW_CONTROL (CPSW_SS_OFFSET + 0x24) #define CPSW_PORT_OFFSET 0x0100 #define CPSW_PORT_P_TX_PRI_MAP(p) (CPSW_PORT_OFFSET + 0x118 + ((p-1) * 0x100))
Re: ffs2 boot
The other day I was doing an install in qemu-kvm and newfs was taking forever, to the tune of hours. This is similar to formatting on arm boards. In my quest to track down why, I discovered that ffs2 takes far less time to format than ffs1 (about 30 seconds for the entire disk). I've put together a diff that updates the boot blocks on amd64 to be able to boot ffs2. From there it's a one line change to make newfs format ffs2 by default. Obviously this would need to happen for other architectures as well and I'd be glad to tackle that if others see this as worthwhile. Please let me know your thoughts. Awesome. You've just trimmed my todolist by a few lines (-: And you've done it so that you do not force UFS2 support on tight-space-challenged boot blocks on other arches. All you need now is to merge your installboot changes into the MI installboot, and we'll be able to add ffs2 support in the installer on a per-platform basis. However, it is way too early to make ffs2 the default for newfs. Please commit your libsa changes at the earliest opportunity. Miod
Re: openbsd-current: cannot suspend -return from zzz-
On Sun, Apr 13, 2014 at 08:00:39AM -0500, Abel Abraham Camarillo Ojeda wrote: On Tue, Apr 8, 2014 at 9:44 PM, Abel Abraham Camarillo Ojeda acam...@verlet.org wrote: well, I didn't mentioned it I already tried that -disable radeondrm- with -current, didn't work, will try again to provide log file... As soon as I can get home ... On Tue, Apr 8, 2014 at 5:46 PM, Mike Larkin mlar...@azathoth.net wrote: On Tue, Apr 08, 2014 at 05:30:59PM -0500, Abel Abraham Camarillo Ojeda wrote: will provide dmesg from 5.3, 'zzz' works in 5.3 -with or without serial console- 'zzz' dont works in 5.4 -with or without serial console- zzz dont works in 5.5~ with or without serial console zzz dont works in -current with or without serial console I was trying to build some kernels between 5.3 and 5.4 to see when this machine breaks, had no time to do it though... Thanks, this information is helpful. Can you try one test with disabled radeondrm? config -ef /bsd disable radeondrm quit -ml I still haven't got time to test 5.3 again - some of my disks died-, but when I push the power button in my desktop and have a serial console I can get a ddb prompt if I previously set ddb.console=1, now I inline -and attach- ddb's dmesg, ps and trace post -failed- resume. I can get a ddb prompt - does this mean you can get one by sending a break, or you automatically get dumped into ddb? -ml
Re: ffs2 boot
On Wed, Apr 16, 2014 at 08:05:57PM +, Miod Vallat wrote: The other day I was doing an install in qemu-kvm and newfs was taking forever, to the tune of hours. This is similar to formatting on arm boards. In my quest to track down why, I discovered that ffs2 takes far less time to format than ffs1 (about 30 seconds for the entire disk). I've put together a diff that updates the boot blocks on amd64 to be able to boot ffs2. From there it's a one line change to make newfs format ffs2 by default. Obviously this would need to happen for other architectures as well and I'd be glad to tackle that if others see this as worthwhile. Please let me know your thoughts. Awesome. You've just trimmed my todolist by a few lines (-: And you've done it so that you do not force UFS2 support on tight-space-challenged boot blocks on other arches. All you need now is to merge your installboot changes into the MI installboot, and we'll be able to add ffs2 support in the installer on a per-platform basis. However, it is way too early to make ffs2 the default for newfs. Please commit your libsa changes at the earliest opportunity. Slightly revised diff. In my haste to make the compiler happy I likely broke things. This diff properly casts the pointer. This work was done by Pedro Martelletto for bitrig. I'll commit the diff below per miod's request. Index: lib/libsa/ufs2.c === RCS file: lib/libsa/ufs2.c diff -N lib/libsa/ufs2.c --- /dev/null 1 Jan 1970 00:00:00 - +++ lib/libsa/ufs2.c16 Apr 2014 21:43:19 - @@ -0,0 +1,712 @@ +/*- + * Copyright (c) 1993 + * The Regents of the University of California. All rights reserved. + * + * This code is derived from software contributed to Berkeley by + * The Mach Operating System project at Carnegie-Mellon University. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * 3. Neither the name of the University nor the names of its contributors + *may be used to endorse or promote products derived from this software + *without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + * + * Copyright (c) 1990, 1991 Carnegie Mellon University + * All Rights Reserved. + * + * Author: David Golub + * + * Permission to use, copy, modify and distribute this software and its + * documentation is hereby granted, provided that both the copyright + * notice and this permission notice appear in all copies of the + * software, derivative works or modified versions, and any portions + * thereof, and that both notices appear in supporting documentation. + * + * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS AS IS + * CONDITION. CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR + * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE. + * + * Carnegie Mellon requests users of this software to return to + * + * Software Distribution Coordinator or software.distribut...@cs.cmu.edu + * School of Computer Science + * Carnegie Mellon University + * Pittsburgh PA 15213-3890 + * + * any improvements or extensions that they make and grant Carnegie the + * rights to redistribute these changes. + */ + +/* + * Stand-alone file reading package. + */ + +#include sys/param.h +#include sys/time.h +#include sys/stat.h +#include ufs/ffs/fs.h +#include ufs/ufs/dinode.h +#include ufs/ufs/dir.h +#include lib/libkern/libkern.h + +#include stand.h +#include ufs2.h + +/* + * In-core open file. + */ +struct file { + off_t f_seekp;/* seek pointer */ + struct fs *f_fs; /* pointer to super-block */ + struct ufs2_dinode f_di; /* copy of on-disk inode */ + int
Re: ffs2 boot
On Wed, Apr 16, 2014, at 03:05 PM, Miod Vallat wrote: [responding to Brandon Mercer who wrote:] The other day I was doing an install in qemu-kvm and newfs was taking forever, to the tune of hours. This is similar to formatting on arm boards. In my quest to track down why, I discovered that ffs2 takes far less time to format than ffs1 (about 30 seconds for the entire disk). I've put together a diff that updates the boot blocks on amd64 to be able to boot ffs2. From there it's a one line change to make newfs format ffs2 by default. Obviously this would need to happen for other architectures as well and I'd be glad to tackle that if others see this as worthwhile. Please let me know your thoughts. Awesome. You've just trimmed my todolist by a few lines (-: And you've done it so that you do not force UFS2 support on tight-space-challenged boot blocks on other arches. I'm not against adding cool features, but are there people who really need a root filesystem of one whole terabyte or larger? I've never needed my root filesystem to be larger than, say, a gigabyte or two. The only case for which this might make some sense is an external hard drive, formatted FFS2, on a 1T+ drive nearly full of personal files that just happens to have a bsd.rd in the root to reinstall/upgrade a hosed system. For most others, there should be a note that making your root filesystem That Big is usually a Really Bad Idea. -- Shawn K. Quinn skqu...@rushpost.com
Re: ffs2 boot
As I mentioned previously, this does more than just allow you to boot from TB disks. When I configure a 100GB disk in qemu-kvm it takes forever to format. On small flash installations, formatting is faster there as well. You don't need a 1TB disk to benefit from ffs2. On Wed, Apr 16, 2014 at 3:57 PM, Brandon Mercer yourcomputer...@gmail.com wrote: The other day I was doing an install in qemu-kvm and newfs was taking forever, to the tune of hours. This is similar to formatting on arm boards. In my quest to track down why, I discovered that ffs2 takes far less time to format than ffs1 (about 30 seconds for the entire disk). I've put together a diff that updates the boot blocks on amd64 to be able to boot ffs2. From there it's a one line change to make newfs format ffs2 by default. Obviously this would need to happen for other architectures as well and I'd be glad to tackle that if others see this as worthwhile. Please let me know your thoughts. Brandon Index: sbin/newfs/newfs.c === RCS file: /cvs/src/sbin/newfs/newfs.c,v retrieving revision 1.95 diff -u -p -u -r1.95 newfs.c --- sbin/newfs/newfs.c 22 Nov 2013 04:12:48 - 1.95 +++ sbin/newfs/newfs.c 16 Apr 2014 17:47:02 - @@ -112,7 +112,7 @@ u_short dkcksum(struct disklabel *); intmfs;/* run as the memory based filesystem */ intNflag; /* run without writing file system */ -intOflag = 1; /* 0 = 4.3BSD ffs, 1 = 4.4BSD ffs, 2 = ffs2 */ +intOflag = 2; /* 0 = 4.3BSD ffs, 1 = 4.4BSD ffs, 2 = ffs2 */ daddr_tfssize; /* file system size in 512-byte blocks */ long long sectorsize; /* bytes/sector */ intfsize = 0; /* fragment size */ Index: arch/amd64/stand/biosboot/biosboot.S === RCS file: /cvs/src/sys/arch/amd64/stand/biosboot/biosboot.S,v retrieving revision 1.7 diff -u -p -r1.7 biosboot.S --- arch/amd64/stand/biosboot/biosboot.S5 Jul 2011 17:38:54 - 1.7 +++ arch/amd64/stand/biosboot/biosboot.S16 Apr 2014 17:22:25 - @@ -108,6 +108,9 @@ * While this can be calculated as * howmany(di_size, fs_bsize) it takes us too * many code bytes to do it. + * blkskew uint8t the skew used to parse di_db[]. this is set to four by + * installboot for ffs2 (due to 64-bit blocks) and should + * be zero for ffs1. * * All of these are patched directly into the code where they are used * (once only, each), to save space. @@ -121,7 +124,7 @@ */ .globl inodeblk, inodedbl, fs_bsize_p, fsbtodb, p_offset, nblocks - .globl fs_bsize_s, force_chs + .globl fs_bsize_s, force_chs, blkskew .type inodeblk, @function .type inodedbl, @function .type fs_bsize_p, @function @@ -130,6 +133,7 @@ .type p_offset, @function .type nblocks, @function .type force_chs, @function + .type blkskew, @function /* Clobbers %ax, maybe more */ @@ -460,7 +464,8 @@ load_blocks: /* Get the next filesystem block number into %eax */ lodsl /* %eax = *(%si++), make sure 0x66 0xad */ - +blkskew = .+2 + addw$0x90, %si /* adjust %si if needed (for ffs2) */ pushal /* Save all 32-bit registers */ /* Index: arch/amd64/stand/boot/Makefile === RCS file: /cvs/src/sys/arch/amd64/stand/boot/Makefile,v retrieving revision 1.26 diff -u -p -r1.26 Makefile --- arch/amd64/stand/boot/Makefile 28 Dec 2013 15:16:28 - 1.26 +++ arch/amd64/stand/boot/Makefile 16 Apr 2014 17:22:51 - @@ -38,7 +38,7 @@ SRCS+=alloc.c ctime.c exit.c memcmp.c m SRCS+= close.c closeall.c cons.c cread.c dev.c disklabel.c dkcksum.c fstat.c \ lseek.c open.c read.c readdir.c stat.c SRCS+= elf32.c elf64.c loadfile.c -SRCS+= ufs.c +SRCS+= ufs.c ufs2.c .if ${SOFTRAID:L} == yes SRCS+= aes_xts.c explicit_bzero.c hmac_sha1.c pbkdf2.c rijndael.c sha1.c .endif Index: arch/amd64/stand/boot/conf.c === RCS file: /cvs/src/sys/arch/amd64/stand/boot/conf.c,v retrieving revision 1.31 diff -u -p -r1.31 conf.c --- arch/amd64/stand/boot/conf.c18 Feb 2014 13:56:02 - 1.31 +++ arch/amd64/stand/boot/conf.c16 Apr 2014 17:25:17 - @@ -31,6 +31,7 @@ #include netinet/in.h #include libsa.h #include lib/libsa/ufs.h +#include lib/libsa/ufs2.h #ifdef notdef #include lib/libsa/cd9660.h #include lib/libsa/fat.h @@ -66,6 +67,8 @@ int nibprobes = nitems(probe_list); struct fs_ops
Re: Check syntax of Perl stuff at build time
On Wed, Apr 16, 2014 at 08:07:55PM +0400, Vadim Zhukov wrote: This is a PoC I'm currently using while hacking at our libtool. What I dream about is putting such code in /usr/share/bsd.perl.mk or such, allowing to run checks for all Perl-based tools in base.It's better to know something is broken at build time rather after install, isn't it? If idea and actual implementation is approved, I'll prepare and mail out a patch for /usr/share/bsd.perl.mk (or whatever) and actual Makefiles. Any recommendations or other comments are welcome. Maybe, this should be put in some other file or done differently... Thanks in advance. -- WBR, Vadim Zhukov Index: Makefile === RCS file: /cvs/src/usr.bin/libtool/Makefile,v retrieving revision 1.7 diff -u -p -r1.7 Makefile --- Makefile 16 Apr 2014 10:31:27 - 1.7 +++ Makefile 16 Apr 2014 15:58:30 - @@ -37,4 +37,12 @@ realinstall: ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m ${BINMODE} \ ${.CURDIR}/libtool ${DESTDIR}${BINDIR}/libtool +PERLCHECK= libtool ${PACKAGES} +.for pm in libtool ${PERLCHECK} +CLEANFILES +=${pm:C@/@_@g}.perlcheck +all: ${pm:C@/@_@g}.perlcheck +${pm:C@/@_@g}.perlcheck: ${pm} + rm -f $@; perl -c ${.CURDIR}/${pm} touch $@ +.endfor + .include bsd.prog.mk Nope, doesn't always work. use needs to actually eval part of the code, and so for complicated code, -c will just check the syntax and say there are issues, because there is some code which really really needs the use to be evaluated to be syntaxicallt correct.
Re: openbsd-current: cannot suspend -return from zzz-
On Wed, Apr 16, 2014 at 4:31 PM, Mike Larkin mlar...@azathoth.net wrote: On Sun, Apr 13, 2014 at 08:00:39AM -0500, Abel Abraham Camarillo Ojeda wrote: On Tue, Apr 8, 2014 at 9:44 PM, Abel Abraham Camarillo Ojeda acam...@verlet.org wrote: well, I didn't mentioned it I already tried that -disable radeondrm- with -current, didn't work, will try again to provide log file... As soon as I can get home ... On Tue, Apr 8, 2014 at 5:46 PM, Mike Larkin mlar...@azathoth.net wrote: On Tue, Apr 08, 2014 at 05:30:59PM -0500, Abel Abraham Camarillo Ojeda wrote: will provide dmesg from 5.3, 'zzz' works in 5.3 -with or without serial console- 'zzz' dont works in 5.4 -with or without serial console- zzz dont works in 5.5~ with or without serial console zzz dont works in -current with or without serial console I was trying to build some kernels between 5.3 and 5.4 to see when this machine breaks, had no time to do it though... Thanks, this information is helpful. Can you try one test with disabled radeondrm? config -ef /bsd disable radeondrm quit -ml I still haven't got time to test 5.3 again - some of my disks died-, but when I push the power button in my desktop and have a serial console I can get a ddb prompt if I previously set ddb.console=1, now I inline -and attach- ddb's dmesg, ps and trace post -failed- resume. I can get a ddb prompt - does this mean you can get one by sending a break, or you automatically get dumped into ddb? -ml Sorry, In all my tests I never get dumped into ddb -no panic-, I can force ddb sending a break via console (cu(1) ~#) or ctrl-alt-del (when machdep.kbdreset=2, if not using serial console) Thanks.
Re: ffs2 boot
On Wed, Apr 16, 2014 at 06:37:08PM -0400, Brandon Mercer wrote: As I mentioned previously, this does more than just allow you to boot from TB disks. When I configure a 100GB disk in qemu-kvm it takes forever to format. On small flash installations, formatting is faster there as well. You don't need a 1TB disk to benefit from ffs2. But bear in mind that ffs2 has more overhead in terms of metadata. IMO, making it the default is not a good idea. -Otto On Wed, Apr 16, 2014 at 3:57 PM, Brandon Mercer yourcomputer...@gmail.com wrote: The other day I was doing an install in qemu-kvm and newfs was taking forever, to the tune of hours. This is similar to formatting on arm boards. In my quest to track down why, I discovered that ffs2 takes far less time to format than ffs1 (about 30 seconds for the entire disk). I've put together a diff that updates the boot blocks on amd64 to be able to boot ffs2. From there it's a one line change to make newfs format ffs2 by default. Obviously this would need to happen for other architectures as well and I'd be glad to tackle that if others see this as worthwhile. Please let me know your thoughts. Brandon Index: sbin/newfs/newfs.c === RCS file: /cvs/src/sbin/newfs/newfs.c,v retrieving revision 1.95 diff -u -p -u -r1.95 newfs.c --- sbin/newfs/newfs.c 22 Nov 2013 04:12:48 - 1.95 +++ sbin/newfs/newfs.c 16 Apr 2014 17:47:02 - @@ -112,7 +112,7 @@ u_short dkcksum(struct disklabel *); intmfs;/* run as the memory based filesystem */ intNflag; /* run without writing file system */ -intOflag = 1; /* 0 = 4.3BSD ffs, 1 = 4.4BSD ffs, 2 = ffs2 */ +intOflag = 2; /* 0 = 4.3BSD ffs, 1 = 4.4BSD ffs, 2 = ffs2 */ daddr_tfssize; /* file system size in 512-byte blocks */ long long sectorsize; /* bytes/sector */ intfsize = 0; /* fragment size */ Index: arch/amd64/stand/biosboot/biosboot.S === RCS file: /cvs/src/sys/arch/amd64/stand/biosboot/biosboot.S,v retrieving revision 1.7 diff -u -p -r1.7 biosboot.S --- arch/amd64/stand/biosboot/biosboot.S5 Jul 2011 17:38:54 - 1.7 +++ arch/amd64/stand/biosboot/biosboot.S16 Apr 2014 17:22:25 - @@ -108,6 +108,9 @@ * While this can be calculated as * howmany(di_size, fs_bsize) it takes us too * many code bytes to do it. + * blkskew uint8t the skew used to parse di_db[]. this is set to four by + * installboot for ffs2 (due to 64-bit blocks) and should + * be zero for ffs1. * * All of these are patched directly into the code where they are used * (once only, each), to save space. @@ -121,7 +124,7 @@ */ .globl inodeblk, inodedbl, fs_bsize_p, fsbtodb, p_offset, nblocks - .globl fs_bsize_s, force_chs + .globl fs_bsize_s, force_chs, blkskew .type inodeblk, @function .type inodedbl, @function .type fs_bsize_p, @function @@ -130,6 +133,7 @@ .type p_offset, @function .type nblocks, @function .type force_chs, @function + .type blkskew, @function /* Clobbers %ax, maybe more */ @@ -460,7 +464,8 @@ load_blocks: /* Get the next filesystem block number into %eax */ lodsl /* %eax = *(%si++), make sure 0x66 0xad */ - +blkskew = .+2 + addw$0x90, %si /* adjust %si if needed (for ffs2) */ pushal /* Save all 32-bit registers */ /* Index: arch/amd64/stand/boot/Makefile === RCS file: /cvs/src/sys/arch/amd64/stand/boot/Makefile,v retrieving revision 1.26 diff -u -p -r1.26 Makefile --- arch/amd64/stand/boot/Makefile 28 Dec 2013 15:16:28 - 1.26 +++ arch/amd64/stand/boot/Makefile 16 Apr 2014 17:22:51 - @@ -38,7 +38,7 @@ SRCS+=alloc.c ctime.c exit.c memcmp.c m SRCS+= close.c closeall.c cons.c cread.c dev.c disklabel.c dkcksum.c fstat.c \ lseek.c open.c read.c readdir.c stat.c SRCS+= elf32.c elf64.c loadfile.c -SRCS+= ufs.c +SRCS+= ufs.c ufs2.c .if ${SOFTRAID:L} == yes SRCS+= aes_xts.c explicit_bzero.c hmac_sha1.c pbkdf2.c rijndael.c sha1.c .endif Index: arch/amd64/stand/boot/conf.c === RCS file: /cvs/src/sys/arch/amd64/stand/boot/conf.c,v retrieving revision 1.31 diff -u -p -r1.31 conf.c --- arch/amd64/stand/boot/conf.c18 Feb 2014 13:56:02 - 1.31 +++