Re: malloc.conf: better docs and impl for J/J
On Sun, Jul 03, 2016 at 09:31:11AM +0200, Otto Moerbeek wrote: > On Sat, Jul 02, 2016 at 01:17:10PM -0400, Ted Unangst wrote: > > > Otto Moerbeek wrote: > > > Hi, > > > > > > J/j is actually a three valued var. So document that and make it > > > possible to set all three values. Default is still 1. > > > > I initially left the default as is deliberately. I would like for there to > > be > > fewer options, because I think people spend too much mental effort picking > > the > > "right" setting. We should be spending that effort making the default the > > best > > it can be. > > > > In this case, I'm not sure how or why the user would want to set it 1. It > > starts at 1. If you like it, don't change it. If you don't like it, change > > it > > to 0 or 2. > > A case is: you have a malloc.conf with S or J, and you want to run a > single program with the default using MALLOC_OPTIONS to hunt a bug. > Currently there's no way to do that. > > -Otto So what about the diff? -Otto
Re: pledge bpf + 32bit arch unbreak
On Tue, Jul 05, 2016 at 08:12:05PM +0200, Martin Pelikan wrote: > > The uint64_t part still stands. > ok semarie@ -- Sebastien Marie
Add libtls functionality for OCSP, and OCSP stapling support
Ok, so this work was done by Marko Kreen, all as the result of a very long discussion in: https://github.com/libressl-portable/openbsd/pull/47 In a nutshell, I threw down a glove that libtls could have functions to support OCSP, and make it where a client could write ocsp stuff, but I would resist making libtls be and http library that does that for you. I challenged him to add the necessary support functions so it was possible to write a client. He delivered, and I've cleaned a few things up in it. (after a long delay which I apologize for) Attached to this message is marko's test program, which uses libcurl - The diff is for our libtls, and I've been able to compile and use his test program with it: $ ./oc amazon.com libssl: LibreSSL 2.4.1 OCSP stapling: good req_status=0 cert_status=0 crl_reason=0 this update: Mon Jul 4 08:17:21 2016 next update: Mon Jul 11 08:17:21 2016 revocation: -- OCSP URL: http://ss.symcd.com OCSP responder: good req_status=0 cert_status=0 crl_reason=0 this update: Mon Jul 4 08:17:21 2016 next update: Mon Jul 11 08:17:21 2016 revocation: -- $ ./oc google.com libssl: LibreSSL 2.4.1 OCSP stapling: no-ocsp OCSP URL: http://clients1.google.com/ocsp OCSP responder: good req_status=0 cert_status=0 crl_reason=0 this update: Tue Jul 5 13:00:28 2016 next update: Tue Jul 12 13:00:28 2016 revocation: -- $ Discussion, OK's diff --git lib/libtls/Makefile lib/libtls/Makefile index ca2f00b..461bf44 100644 --- lib/libtls/Makefile +++ lib/libtls/Makefile @@ -19,6 +19,7 @@ SRCS= tls.c \ tls_peer.c \ tls_server.c \ tls_util.c \ + tls_ocsp.c \ tls_verify.c MAN= tls_init.3 diff --git lib/libtls/tls.c lib/libtls/tls.c index 76d00e5..b00bea8 100644 --- lib/libtls/tls.c +++ lib/libtls/tls.c @@ -393,6 +393,13 @@ tls_reset(struct tls *ctx) tls_free_conninfo(ctx->conninfo); free(ctx->conninfo); ctx->conninfo = NULL; + + tls_ocsp_info_free(ctx->ocsp_info); + ctx->ocsp_info = NULL; + ctx->ocsp_result = NULL; + + if (ctx->flags & TLS_OCSP_CLIENT) + tls_ocsp_client_free(ctx); } int diff --git lib/libtls/tls.h lib/libtls/tls.h index 75c46c1..da6cd69 100644 --- lib/libtls/tls.h +++ lib/libtls/tls.h @@ -40,6 +40,29 @@ extern "C" { #define TLS_WANT_POLLIN-2 #define TLS_WANT_POLLOUT -3 +#define TLS_NO_OCSP-4 + +#define TLS_OCSP_RESPONSE_SUCCESSFUL 0 +#define TLS_OCSP_RESPONSE_MALFORMED1 +#define TLS_OCSP_RESPONSE_INTERNALERR 2 +#define TLS_OCSP_RESPONSE_TRYLATER 3 +#define TLS_OCSP_RESPONSE_SIGREQUIRED 5 +#define TLS_OCSP_RESPONSE_UNAUTHORIZED 6 + +#define TLS_OCSP_CERT_GOOD 0 +#define TLS_OCSP_CERT_REVOKED 1 +#define TLS_OCSP_CERT_UNKNOWN 2 + +#define TLS_CRL_REASON_UNPSECIFIED 0 +#define TLS_CRL_REASON_KEY_COMPROMISE 1 +#define TLS_CRL_REASON_CA_COMPROMISE 2 +#define TLS_CRL_REASON_AFFILIATION_CHANGED 3 +#define TLS_CRL_REASON_SUPERSEDED 4 +#define TLS_CRL_REASON_CESSATION_OF_OPERATION 5 +#define TLS_CRL_REASON_CERTIFICATE_HOLD6 +#define TLS_CRL_REASON_REMOVE_FROM_CRL 8 +#define TLS_CRL_REASON_PRIVILEGE_WITH_DRAWN9 +#define TLS_CRL_REASON_AA_COMPROMISE 10 struct tls; struct tls_config; @@ -70,6 +93,8 @@ int tls_config_set_keypair_file(struct tls_config *_config, const char *_cert_file, const char *_key_file); int tls_config_set_keypair_mem(struct tls_config *_config, const uint8_t *_cert, size_t _cert_len, const uint8_t *_key, size_t _key_len); +int tls_config_set_ocsp_stapling_file(struct tls_config *_config, const char *_blob_file); +int tls_config_set_ocsp_stapling_mem(struct tls_config *_config, const uint8_t *_blob, size_t _len); void tls_config_set_protocols(struct tls_config *_config, uint32_t _protocols); void tls_config_set_verify_depth(struct tls_config *_config, int _verify_depth); @@ -121,6 +146,18 @@ const char *tls_conn_cipher(struct tls *_ctx); uint8_t *tls_load_file(const char *_file, size_t *_len, char *_password); +int tls_get_ocsp_info(struct tls *ctx, int *response_status, int *cert_status, int *crl_reason, + time_t *this_update, time_t *next_update, time_t *revoction_time, + const char **result_text); + +int tls_ocsp_check_peer_request(struct tls **ocsp_ctx_p, struct tls *target, + char **ocsp_url, void **request_blob, size_t *request_size); + +int tls_ocsp_refresh_stapling_request(struct tls **ocsp_ctx_p, struct tls_config *config, + char **ocsp_url, void **request_blob, size_t *request_size); + +int tls_ocsp_process_response(struct tls *ctx, const void *response_blob, size_t size); + #ifdef __cplusplus } #endif diff --git lib/libtls/tls_client.c lib/libtls/tls_client.c index 3847f4c..86dd9a8
Re: Root can panic kernel with mknod on a tmpfs filesystem
On Tue, Jul 05, 2016 at 07:21:57PM -0400, Ted Unangst wrote: > Tim Newsham wrote: > > Recommendation: > > Validate the device number vap->va_rdev in tmpfs_mknod() and return > > an error if it is VNOVAL (-1). > > Sounds about right to me. > > Index: tmpfs_vnops.c > === > RCS file: /cvs/src/sys/tmpfs/tmpfs_vnops.c,v > retrieving revision 1.27 > diff -u -p -r1.27 tmpfs_vnops.c > --- tmpfs_vnops.c 19 Jun 2016 11:54:33 - 1.27 > +++ tmpfs_vnops.c 5 Jul 2016 23:20:33 - > @@ -343,6 +343,10 @@ tmpfs_mknod(void *v) > vput(dvp); > return EINVAL; > } > + if ((vt == VBLK || vt == VCHR) && vap->va_rdev == VNOVAL) { > + vput(dvp); > + return EINVAL; > + } > > /* tmpfs_alloc_file() will unlock 'dvp'. */ > error = tmpfs_alloc_file(dvp, vpp, vap, cnp, NULL); Better than what I had. I missed the VFIFO case. Fold both tests together though, so that the same error path is more apparent ?
Re: Root can panic kernel with mknod on a tmpfs filesystem
Tim Newsham wrote: > Recommendation: > Validate the device number vap->va_rdev in tmpfs_mknod() and return > an error if it is VNOVAL (-1). Sounds about right to me. Index: tmpfs_vnops.c === RCS file: /cvs/src/sys/tmpfs/tmpfs_vnops.c,v retrieving revision 1.27 diff -u -p -r1.27 tmpfs_vnops.c --- tmpfs_vnops.c 19 Jun 2016 11:54:33 - 1.27 +++ tmpfs_vnops.c 5 Jul 2016 23:20:33 - @@ -343,6 +343,10 @@ tmpfs_mknod(void *v) vput(dvp); return EINVAL; } + if ((vt == VBLK || vt == VCHR) && vap->va_rdev == VNOVAL) { + vput(dvp); + return EINVAL; + } /* tmpfs_alloc_file() will unlock 'dvp'. */ error = tmpfs_alloc_file(dvp, vpp, vap, cnp, NULL);
route6d summer cleanup
Nobody cares about route6d, and it shows: runas as root, not chrooted. Also it uses wide pledge(2) permissions. I have diffs to switch the logging to log.c and use it to support the -R option and /var/run/route6d_dump. The end goal is to use a tighter pledge(2) call: + if (pledge("stdio inet route mcast", NULL) == -1) But first I'd like to get rid of a few "nits". - nuke util.h, not needed since pidfile(3) went away - nuke the rrt_same member of struct riprt, "future use" since import - mark rtdexit as __dead - nuke progname handling - fix pid handling: cache the pid *after* calling daemon(3) - nuke the useless myseq variable ok? Index: route6d.c === RCS file: /cvs/src/usr.sbin/route6d/route6d.c,v retrieving revision 1.86 diff -u -p -p -u -r1.86 route6d.c --- route6d.c 25 Jan 2016 05:15:43 - 1.86 +++ route6d.c 5 Jul 2016 22:26:36 - @@ -58,7 +58,6 @@ #include #include #include -#include #include "route6d.h" @@ -142,7 +141,6 @@ struct rip6 *ripbuf; /* packet buffer fo struct riprt { struct riprt *rrt_next;/* next destination */ - struct riprt *rrt_same;/* same destination - future use */ struct netinfo6 rrt_info; /* network info */ struct in6_addr rrt_gw;/* gateway */ u_long rrt_flags; /* kernel routing table flags */ @@ -215,7 +213,7 @@ void ifdump(int); void ifdump0(FILE *, const struct ifc *); void rtdump(int); void rt_entry(struct rt_msghdr *, int); -void rtdexit(void); +__dead void rtdexit(void); void riprequest(struct ifc *, struct netinfo6 *, int, struct sockaddr_in6 *); void ripflush(struct ifc *, struct sockaddr_in6 *); void sendrequest(struct ifc *); @@ -253,16 +251,8 @@ main(int argc, char *argv[]) int error = 0; struct ifc *ifcp; sigset_t mask, omask; - char *progname; char *ep; - progname = strrchr(*argv, '/'); - if (progname) - progname++; - else - progname = *argv; - - pid = getpid(); while ((ch = getopt(argc, argv, "A:N:O:R:T:L:t:adDhlnqsS")) != -1) { switch (ch) { case 'A': @@ -326,7 +316,9 @@ main(int argc, char *argv[]) } } - openlog(progname, LOG_NDELAY|LOG_PID, LOG_DAEMON); + openlog("route6d", LOG_NDELAY|LOG_PID, LOG_DAEMON); + + pid = getpid(); if ((ripbuf = calloc(RIP6_MAXMTU, 1)) == NULL) fatal("calloc"); @@ -1268,7 +1260,6 @@ riprecv(void) } nq = >rrt_info; - rrt->rrt_same = NULL; rrt->rrt_index = ifcp->ifc_index; rrt->rrt_flags = RTF_UP|RTF_GATEWAY; rrt->rrt_gw = nh; @@ -1989,7 +1980,6 @@ ifrt(struct ifc *ifcp, int again) if (ifcp->ifc_flags & IFF_UP) { if ((rrt = calloc(1, sizeof(struct riprt))) == NULL) fatal("calloc: struct riprt"); - rrt->rrt_same = NULL; rrt->rrt_index = ifcp->ifc_index; rrt->rrt_t = 0; /* don't age */ rrt->rrt_info.rip6_dest = ifa->ifa_addr; @@ -2145,7 +2135,6 @@ ifrt_p2p(struct ifc *ifcp, int again) fatal("calloc: struct riprt"); /*NOTREACHED*/ } - rrt->rrt_same = NULL; rrt->rrt_index = ifcp->ifc_index; rrt->rrt_t = 0; /* don't age */ switch (i) { @@ -2518,7 +2507,6 @@ rt_entry(struct rt_msghdr *rtm, int agai /*NOTREACHED*/ } np = >rrt_info; - rrt->rrt_same = NULL; rrt->rrt_t = time(NULL); if (aflag == 0 && (rtm->rtm_flags & RTF_STATIC)) rrt->rrt_t = 0; /* Don't age static routes */ @@ -2630,7 +2618,6 @@ addroute(struct riprt *rrt, const struct rtm->rtm_type = RTM_ADD; rtm->rtm_version = RTM_VERSION; rtm->rtm_seq = ++seq; - rtm->rtm_pid = pid; rtm->rtm_flags = rrt->rrt_flags; rtm->rtm_addrs = RTA_DST | RTA_GATEWAY | RTA_NETMASK; rtm->rtm_inits = RTV_HOPCOUNT; @@ -2694,7 +2681,6 @@ delroute(struct netinfo6 *np, struct in6 rtm->rtm_type = RTM_DELETE; rtm->rtm_version = RTM_VERSION; rtm->rtm_seq = ++seq; - rtm->rtm_pid = pid; rtm->rtm_flags = RTF_UP | RTF_GATEWAY; if (np->rip6_plen == sizeof(struct in6_addr) * 8) rtm->rtm_flags |= RTF_HOST; @@ -2741,7 +2727,6 @@ struct in6_addr * getroute(struct netinfo6 *np, struct in6_addr *gw) { u_char buf[BUFSIZ]; - int myseq; int len; struct rt_msghdr *rtm; struct sockaddr_in6 *sin6; @@ -2751,8 +2736,7 @@
Root can panic kernel with mknod on a tmpfs filesystem
Hi, While fuzzing the openbsd system call interface we came across a low severity issue. The details are below in our proof-of-concept that includes a writeup with recommendations. Tim & Jesse @ NCC Group /* * tmpfs_mknod_panic.c: *Demonstrate a panic in tmpfs when performing mknod * * gcc -g tmpfs_mknod_panic.c -o tmpfs_mknod_panic */ #ifdef BUG_WRITEUP //--- Root can panic kernel with mknod on a tmpfs filesystem Impact: Root can panic the kernel. Description: When performing a mknod system call on a tmpfs filesystem, the tmpfs_alloc_node() function asserts that the rdev parameter is not VNOVAL (-1): /* Type-specific initialization. */ switch (nnode->tn_type) { case VBLK: case VCHR: /* Character/block special device. */ KASSERT(rdev != VNOVAL); nnode->tn_spec.tn_dev.tn_rdev = rdev; break; However, the value or rdev is never validated previous to this. Users that can perform mknod() calls on a tmpfs (i.e. root) can trigger this condition to panic the kernel. Reproduction: Compile the attached test program and execute it as root with a path to a non-existance filename on a tmpfs filesystem: # mount -o rw,-s16M -t tmpfs swap /mnt # gcc -g tmpfs_mknod_panic.c -o tmpfs_mknod_panic # ./tmpfs_mknod_panic /mnt/boom This should cause the kernel to panic in tmpfs_alloc_node(). Recommendation: Validate the device number vap->va_rdev in tmpfs_mknod() and return an error if it is VNOVAL (-1). Reported: 2016-07-05 Fixed:notyet #endif // BUG_WRITEUP --- #include #include int main(int argc, char **argv) { char *fn; int i, x; for(i = 1; i < argc; i++) { fn = argv[i]; x = mknod(fn, S_IFBLK | 0666, -1); if(x == -1) perror(fn); } printf("nothing happened!\n"); return 0; } -- Tim Newsham | www.thenewsh.com/~newsham | @newshtwit | thenewsh.blogspot.com
Re: [armv7] introducing tipru(4)
On Tue, Jul 5, 2016 at 12:56 AM, Jonathan Graywrote: > I don't have time to look into how tied to the rest of the > system the pru is at the moment. I can save you the trouble; page 198 of am335x TRM: "The PRUs have access to all resources on the SoC through the Interface/OCP Master port" > Perhaps it could only permit access at a particular securelevel > like gpio or be disabled by default. I'm willing to modify the design to fit whichever security model you find appropriate. I like the idea of locking it to a securelevel. I'm taking 'disabled by default' to mean you would have to add a specific option to config(8) infile, which I'm less thrilled about.
Re: pledge bpf + 32bit arch unbreak
Martin Pelikanwrites: [...] > The uint64_t part still stands. ok jca@ -- jca | PGP: 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: pledge bpf + 32bit arch unbreak
> In many bpf-using programs, bpf is setup before privs are droppped, > then locked, and then no significant ioctl's are done after that. > > So please show the userland diffs that use this. You're right. I was thinking of arp(8) but that code path is write only. I wrote it for the GSoC dhcpd which keeps a routing socket for interfaces arriving/departing (plugging USB NICs or adding vlan(4)s into your router really shouldn't make the dhcpd process die; even deleting interfaces will keep the rest of the system serving happily). It probably doesn't have to be there; the privileged part of the code fits on a screen anyway and only does the bare minimum. The uint64_t part still stands. Index: kern/kern_pledge.c === RCS file: /cvs/src/sys/kern/kern_pledge.c,v retrieving revision 1.174 diff -u -p -r1.174 kern_pledge.c --- kern/kern_pledge.c 3 Jul 2016 04:36:08 - 1.174 +++ kern/kern_pledge.c 5 Jul 2016 17:35:04 - @@ -79,7 +79,7 @@ #include "drm.h" #endif -int pledgereq_flags(const char *req); +uint64_t pledgereq_flags(const char *req); int canonpath(const char *input, char *buf, size_t bufsize); int substrcmp(const char *p1, size_t s1, const char *p2, size_t s2); int resolvpath(struct proc *p, char **rdir, size_t *rdirlen, char **cwd, @@ -404,7 +405,7 @@ sys_pledge(struct proc *p, void *v, regi if (SCARG(uap, request)) { size_t rbuflen; char *rbuf, *rp, *pn; - int f; + uint64_t f; rbuf = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); error = copyinstr(SCARG(uap, request), rbuf, MAXPATHLEN, @@ -1514,7 +1534,7 @@ pledge_swapctl(struct proc *p) } /* bsearch over pledgereq. return flags value if found, 0 else */ -int +uint64_t pledgereq_flags(const char *req_name) { int base = 0, cmp, i, lim;
Re: pledge bpf + 32bit arch unbreak
In many bpf-using programs, bpf is setup before privs are droppped, then locked, and then no significant ioctl's are done after that. Meaning, which bpf is being setup -- the program is still fully root, has no lockdown, etc, and the bpf programming component is probably not the riskiest aspect... So please show the userland diffs that use this.
pledge bpf + 32bit arch unbreak
Only the bits necessary to set up a filter and lock down an incoming interface. Index: kern/kern_pledge.c === RCS file: /cvs/src/sys/kern/kern_pledge.c,v retrieving revision 1.174 diff -u -p -r1.174 kern_pledge.c --- kern/kern_pledge.c 3 Jul 2016 04:36:08 - 1.174 +++ kern/kern_pledge.c 5 Jul 2016 17:35:04 - @@ -79,7 +79,7 @@ #include "drm.h" #endif -int pledgereq_flags(const char *req); +uint64_t pledgereq_flags(const char *req); int canonpath(const char *input, char *buf, size_t bufsize); int substrcmp(const char *p1, size_t s1, const char *p2, size_t s2); int resolvpath(struct proc *p, char **rdir, size_t *rdirlen, char **cwd, @@ -359,6 +359,7 @@ static const struct { uint64_t flags; } pledgereq[] = { { "audio", PLEDGE_AUDIO }, + { "bpf",PLEDGE_BPF }, { "chown", PLEDGE_CHOWN | PLEDGE_CHOWNUID }, { "cpath", PLEDGE_CPATH }, { "disklabel", PLEDGE_DISKLABEL }, @@ -404,7 +405,7 @@ sys_pledge(struct proc *p, void *v, regi if (SCARG(uap, request)) { size_t rbuflen; char *rbuf, *rp, *pn; - int f; + uint64_t f; rbuf = malloc(MAXPATHLEN, M_TEMP, M_WAITOK); error = copyinstr(SCARG(uap, request), rbuf, MAXPATHLEN, @@ -1198,6 +1199,25 @@ pledge_ioctl(struct proc *p, long com, s #endif /* NAUDIO > 0 */ } + if ((p->p_p->ps_pledge & PLEDGE_BPF)) { + switch (com) { + case BIOCGBLEN: + case BIOCVERSION: + case BIOCIMMEDIATE: + case BIOCSFILDROP: + case BIOCSHDRCMPLT: + case BIOCSETF: + case BIOCSETIF: + case BIOCSETWF: + case BIOCLOCK: + if ((fp->f_type == DTYPE_VNODE) && + (vp->v_type == VCHR) && + (cdevsw[major(vp->v_rdev)].d_open == bpfopen)) + return (0); + break; + } + } + if ((p->p_p->ps_pledge & PLEDGE_DISKLABEL)) { switch (com) { case DIOCGDINFO: @@ -1514,7 +1534,7 @@ pledge_swapctl(struct proc *p) } /* bsearch over pledgereq. return flags value if found, 0 else */ -int +uint64_t pledgereq_flags(const char *req_name) { int base = 0, cmp, i, lim; Index: sys/pledge.h === RCS file: /cvs/src/sys/sys/pledge.h,v retrieving revision 1.29 diff -u -p -r1.29 pledge.h --- sys/pledge.h3 Jul 2016 04:36:08 - 1.29 +++ sys/pledge.h5 Jul 2016 17:35:04 - @@ -58,6 +58,7 @@ #define PLEDGE_VMM 0x4000ULL /* vmm ioctls */ #define PLEDGE_CHOWN 0x8000ULL /* chown(2) family */ #define PLEDGE_CHOWNUID0x0001ULL /* allow owner/group changes */ +#define PLEDGE_BPF 0x0002ULL /* bpf ioctls */ /* * Bits outside PLEDGE_USERSET are used by the kernel itself @@ -103,6 +104,7 @@ static struct { { PLEDGE_DRM, "drm" }, { PLEDGE_VMM, "vmm" }, { PLEDGE_CHOWNUID, "chown" }, + { PLEDGE_BPF, "bpf" }, { 0, NULL }, }; #endif
Re: [PATCH] dont increase the size of socket buffers in low memory situations
2016-07-05 15:36 GMT+02:00, Claudio Jeker: > On Tue, Jul 05, 2016 at 07:22:27AM -0600, Bob Beck wrote: >> Makes sense to me. Others? >> >> >> On Tue, Jul 5, 2016 at 4:08 AM, Simon Mages >> wrote: >> > At the moment the buffersize will be set to the default even if the >> > current value >> > is smaller. >> > >> > The following diff fixes this problem. >> > >> > Index: netinet/tcp_usrreq.c >> > === >> > RCS file: /cvs/src/sys/netinet/tcp_usrreq.c,v >> > retrieving revision 1.131 >> > diff -u -p -u -p -r1.131 tcp_usrreq.c >> > --- netinet/tcp_usrreq.c18 Jun 2016 10:36:13 - 1.131 >> > +++ netinet/tcp_usrreq.c5 Jul 2016 09:26:24 - >> > @@ -979,10 +979,11 @@ tcp_update_sndspace(struct tcpcb *tp) >> > struct socket *so = tp->t_inpcb->inp_socket; >> > u_long nmax; >> > >> > - if (sbchecklowmem()) >> > + if (sbchecklowmem()) { >> > /* low on memory try to get rid of some */ >> > - nmax = tcp_sendspace; >> > - else if (so->so_snd.sb_wat != tcp_sendspace) >> > + if (so->so_snd.sb_hiwat < nmax) >> > + nmax = tcp_sendspace; >> > + } else if (so->so_snd.sb_wat != tcp_sendspace) >> > /* user requested buffer size, auto-scaling disabled */ >> > nmax = so->so_snd.sb_wat; >> > else > > Here, nmax can be used uninitialized now. > It needs be initialized to something maybe sb_hiwat? Thats true, i found also another bug in this diff, the new one follows. > >> > @@ -1017,10 +1018,11 @@ tcp_update_rcvspace(struct tcpcb *tp) >> > struct socket *so = tp->t_inpcb->inp_socket; >> > u_long nmax = so->so_rcv.sb_hiwat; >> > >> > - if (sbchecklowmem()) >> > + if (sbchecklowmem()) { >> > /* low on memory try to get rid of some */ >> > - nmax = tcp_recvspace; >> > - else if (so->so_rcv.sb_wat != tcp_recvspace) >> > + if (tcp_recvspace < nmax) >> > + nmax = tcp_recvspace; >> > + } else if (so->so_rcv.sb_wat != tcp_recvspace) >> > /* user requested buffer size, auto-scaling disabled */ >> > nmax = so->so_rcv.sb_wat; >> > else { >> > > > Here there is no issue. > > -- > :wq Claudio > Index: netinet/tcp_usrreq.c === RCS file: /cvs/src/sys/netinet/tcp_usrreq.c,v retrieving revision 1.131 diff -u -p -u -p -r1.131 tcp_usrreq.c --- netinet/tcp_usrreq.c18 Jun 2016 10:36:13 - 1.131 +++ netinet/tcp_usrreq.c5 Jul 2016 13:41:49 - @@ -977,12 +977,13 @@ void tcp_update_sndspace(struct tcpcb *tp) { struct socket *so = tp->t_inpcb->inp_socket; - u_long nmax; + u_long nmax = so->so_snd.sb_hiwat; - if (sbchecklowmem()) + if (sbchecklowmem()) { /* low on memory try to get rid of some */ - nmax = tcp_sendspace; - else if (so->so_snd.sb_wat != tcp_sendspace) + if (tcp_sendspace < nmax) + nmax = tcp_sendspace; + } else if (so->so_snd.sb_wat != tcp_sendspace) /* user requested buffer size, auto-scaling disabled */ nmax = so->so_snd.sb_wat; else @@ -1017,10 +1018,11 @@ tcp_update_rcvspace(struct tcpcb *tp) struct socket *so = tp->t_inpcb->inp_socket; u_long nmax = so->so_rcv.sb_hiwat; - if (sbchecklowmem()) + if (sbchecklowmem()) { /* low on memory try to get rid of some */ - nmax = tcp_recvspace; - else if (so->so_rcv.sb_wat != tcp_recvspace) + if (tcp_recvspace < nmax) + nmax = tcp_recvspace; + } else if (so->so_rcv.sb_wat != tcp_recvspace) /* user requested buffer size, auto-scaling disabled */ nmax = so->so_rcv.sb_wat; else {
Re: [PATCH] dont increase the size of socket buffers in low memory situations
On Tue, Jul 05, 2016 at 07:22:27AM -0600, Bob Beck wrote: > Makes sense to me. Others? > > > On Tue, Jul 5, 2016 at 4:08 AM, Simon Mages> wrote: > > At the moment the buffersize will be set to the default even if the > > current value > > is smaller. > > > > The following diff fixes this problem. > > > > Index: netinet/tcp_usrreq.c > > === > > RCS file: /cvs/src/sys/netinet/tcp_usrreq.c,v > > retrieving revision 1.131 > > diff -u -p -u -p -r1.131 tcp_usrreq.c > > --- netinet/tcp_usrreq.c18 Jun 2016 10:36:13 - 1.131 > > +++ netinet/tcp_usrreq.c5 Jul 2016 09:26:24 - > > @@ -979,10 +979,11 @@ tcp_update_sndspace(struct tcpcb *tp) > > struct socket *so = tp->t_inpcb->inp_socket; > > u_long nmax; > > > > - if (sbchecklowmem()) > > + if (sbchecklowmem()) { > > /* low on memory try to get rid of some */ > > - nmax = tcp_sendspace; > > - else if (so->so_snd.sb_wat != tcp_sendspace) > > + if (so->so_snd.sb_hiwat < nmax) > > + nmax = tcp_sendspace; > > + } else if (so->so_snd.sb_wat != tcp_sendspace) > > /* user requested buffer size, auto-scaling disabled */ > > nmax = so->so_snd.sb_wat; > > else Here, nmax can be used uninitialized now. It needs be initialized to something maybe sb_hiwat? > > @@ -1017,10 +1018,11 @@ tcp_update_rcvspace(struct tcpcb *tp) > > struct socket *so = tp->t_inpcb->inp_socket; > > u_long nmax = so->so_rcv.sb_hiwat; > > > > - if (sbchecklowmem()) > > + if (sbchecklowmem()) { > > /* low on memory try to get rid of some */ > > - nmax = tcp_recvspace; > > - else if (so->so_rcv.sb_wat != tcp_recvspace) > > + if (tcp_recvspace < nmax) > > + nmax = tcp_recvspace; > > + } else if (so->so_rcv.sb_wat != tcp_recvspace) > > /* user requested buffer size, auto-scaling disabled */ > > nmax = so->so_rcv.sb_wat; > > else { > > Here there is no issue. -- :wq Claudio
Re: [PATCH] dont increase the size of socket buffers in low memory situations
Makes sense to me. Others? On Tue, Jul 5, 2016 at 4:08 AM, Simon Mageswrote: > At the moment the buffersize will be set to the default even if the > current value > is smaller. > > The following diff fixes this problem. > > Index: netinet/tcp_usrreq.c > === > RCS file: /cvs/src/sys/netinet/tcp_usrreq.c,v > retrieving revision 1.131 > diff -u -p -u -p -r1.131 tcp_usrreq.c > --- netinet/tcp_usrreq.c18 Jun 2016 10:36:13 - 1.131 > +++ netinet/tcp_usrreq.c5 Jul 2016 09:26:24 - > @@ -979,10 +979,11 @@ tcp_update_sndspace(struct tcpcb *tp) > struct socket *so = tp->t_inpcb->inp_socket; > u_long nmax; > > - if (sbchecklowmem()) > + if (sbchecklowmem()) { > /* low on memory try to get rid of some */ > - nmax = tcp_sendspace; > - else if (so->so_snd.sb_wat != tcp_sendspace) > + if (so->so_snd.sb_hiwat < nmax) > + nmax = tcp_sendspace; > + } else if (so->so_snd.sb_wat != tcp_sendspace) > /* user requested buffer size, auto-scaling disabled */ > nmax = so->so_snd.sb_wat; > else > @@ -1017,10 +1018,11 @@ tcp_update_rcvspace(struct tcpcb *tp) > struct socket *so = tp->t_inpcb->inp_socket; > u_long nmax = so->so_rcv.sb_hiwat; > > - if (sbchecklowmem()) > + if (sbchecklowmem()) { > /* low on memory try to get rid of some */ > - nmax = tcp_recvspace; > - else if (so->so_rcv.sb_wat != tcp_recvspace) > + if (tcp_recvspace < nmax) > + nmax = tcp_recvspace; > + } else if (so->so_rcv.sb_wat != tcp_recvspace) > /* user requested buffer size, auto-scaling disabled */ > nmax = so->so_rcv.sb_wat; > else { >
Re: syslogd: accept space-deliminated fields
- Original Message - > From: "Todd C. Miller"> To: "tech" > Sent: Friday, July 1, 2016 12:55:11 PM > Subject: syslogd: accept space-deliminated fields > Linux, Net and Free also support space-deliminated fields. Maybe > we should too... > - todd > Index: usr.sbin/syslogd/syslog.conf.5 > === > RCS file: /cvs/src/usr.sbin/syslogd/syslog.conf.5,v > retrieving revision 1.33 > diff -u -p -u -r1.33 syslog.conf.5 > --- usr.sbin/syslogd/syslog.conf.5 10 Sep 2015 15:16:44 - 1.33 > +++ usr.sbin/syslogd/syslog.conf.5 1 Jul 2016 16:50:37 - > @@ -55,7 +55,7 @@ The > .Em selector > field is separated from the > .Em action > -field by one or more tab characters. > +field by one or more tab or space characters. > .Pp > The > .Em selectors > @@ -334,6 +334,10 @@ file appeared in > .Bx 4.3 , > along with > .Xr syslogd 8 . > +.Pp > +Historic versions of > +.Xr syslogd 8 > +did not support space-delimited fields. > .Sh BUGS > The effects of multiple selectors are sometimes not intuitive. > For example > Index: usr.sbin/syslogd/syslogd.c > === > RCS file: /cvs/src/usr.sbin/syslogd/syslogd.c,v > retrieving revision 1.207 > diff -u -p -u -r1.207 syslogd.c > --- usr.sbin/syslogd/syslogd.c 1 Jul 2016 15:47:15 - 1.207 > +++ usr.sbin/syslogd/syslogd.c 1 Jul 2016 16:50:37 - > @@ -2454,19 +2454,19 @@ cfline(char *line, char *progblock, char > f->f_hostname = strdup(hostblock); > /* scan through the list of selectors */ > - for (p = line; *p && *p != '\t';) { > + for (p = line; *p && *p != '\t' && *p != ' ';) { > /* find the end of this facility name list */ > - for (q = p; *q && *q != '\t' && *q++ != '.'; ) > + for (q = p; *q && *q != '\t' && *q != ' ' && *q++ != '.'; ) > continue; > /* collect priority name */ > - for (bp = buf; *q && !strchr("\t,;", *q); ) > + for (bp = buf; *q && !strchr("\t,; ", *q); ) > *bp++ = *q++; > *bp = '\0'; > /* skip cruft */ > - while (*q && strchr(", ;", *q)) > + while (*q && strchr(",;", *q)) > q++; > /* decode priority name */ > @@ -2489,8 +2489,8 @@ cfline(char *line, char *progblock, char > } > /* scan facilities */ > - while (*p && !strchr("\t.;", *p)) { > - for (bp = buf; *p && !strchr("\t,;.", *p); ) > + while (*p && !strchr("\t.; ", *p)) { > + for (bp = buf; *p && !strchr("\t,;. ", *p); ) > *bp++ = *p++; > *bp = '\0'; > if (*buf == '*') > @@ -2516,7 +2516,7 @@ cfline(char *line, char *progblock, char > } > /* skip to action part */ > - while (*p == '\t') > + while (*p == '\t' || *p == ' ') > p++; > switch (*p) { This passed some basic testing on my end. Thanks! Rob
Re: does true.c need command line arguments?
On Mon, Jul 04, 2016 at 03:04:32PM -0600, Theo de Raadt wrote: > Because main() is specified to take those arguments. For what it's worth, the C-standard [1] specifies both versions: int main(void) and int main(int argc, char *argv[]). Regards Simon [1]: C11-draft, section 5.1.2.2.1 -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9 signature.asc Description: PGP signature
Re: ypbind: convert from select to poll
On Tue, 05 Jul 2016 07:32:19 +0200, Jeremie Courreges-Anglas wrote: > Updated diff: > - ignore EINTR > - add a comment about POLLHUP, for people that could be tempted to copy > the code. Looks great, OK millert@ - todd
Re: libc: simplify devname() fallback
On Mon, 04 Jul 2016 22:24:02 -0700, Philip Guenther wrote: > Yep. Too much programming in a garbage collected language recently, I > guess. :-) > > Revised diff below. OK millert@ - todd
Re: IPv6 forwarding path without KERNEL_LOCK
On 04/07/16(Mon) 15:52, Alexander Bluhm wrote: > On Mon, Jul 04, 2016 at 01:03:22PM +0200, Martin Pieuchot wrote: > > + if (ip6_hbhchcheck(m, , , )) { > > + if_put(ifp); > > + return; /* m have already been freed */ > > } > > As ip6_hbhchcheck() does ip6 = mtod(m, struct ip6_hdr *) after > ip6_hopopts_input() you have to add this here, too. > > /* adjust pointer */ > ip6 = mtod(m, struct ip6_hdr *); Updated thanks! > > +int > > +ip6_hbhchcheck(struct mbuf *m, int *offp, int *nxtp, int *oursp) > > +{ > > + struct ip6_hdr *ip6; > > + u_int32_t plen, rtalert = ~0; > > + int ours, off, nxt; > > ours may be used uninitialized. > > > + *offp = off; > > + *nxtp = nxt; > > + *oursp = ours; > > I would prefer to use the passed values as *off, *nxt, *ours directly > than to use another set of local variables. This also fixes > initialization problem. Fine, new diff doing that. Index: netinet6/ip6_input.c === RCS file: /cvs/src/sys/netinet6/ip6_input.c,v retrieving revision 1.161 diff -u -p -r1.161 ip6_input.c --- netinet6/ip6_input.c5 Jul 2016 10:17:14 - 1.161 +++ netinet6/ip6_input.c5 Jul 2016 10:21:10 - @@ -122,6 +122,7 @@ struct ip6stat ip6stat; void ip6_init2(void *); int ip6_check_rh0hdr(struct mbuf *, int *); +int ip6_hbhchcheck(struct mbuf *, int *, int *, int *); int ip6_hopopts_input(u_int32_t *, u_int32_t *, struct mbuf **, int *); struct mbuf *ip6_pullexthdr(struct mbuf *, size_t, int); @@ -192,7 +193,6 @@ ip6_input(struct mbuf *m) struct ip6_hdr *ip6; int off, nest; u_int16_t src_scope, dst_scope; - u_int32_t plen, rtalert = ~0; int nxt, ours = 0; #if NPF > 0 struct in6_addr odst; @@ -495,78 +495,15 @@ ip6_input(struct mbuf *m) } hbhcheck: - /* -* Process Hop-by-Hop options header if it's contained. -* m may be modified in ip6_hopopts_input(). -* If a JumboPayload option is included, plen will also be modified. -*/ - plen = (u_int32_t)ntohs(ip6->ip6_plen); - off = sizeof(struct ip6_hdr); - if (ip6->ip6_nxt == IPPROTO_HOPOPTS) { - struct ip6_hbh *hbh; - - if (ip6_hopopts_input(, , , )) { - if_put(ifp); - return; /* m have already been freed */ - } - - /* adjust pointer */ - ip6 = mtod(m, struct ip6_hdr *); - - /* -* if the payload length field is 0 and the next header field -* indicates Hop-by-Hop Options header, then a Jumbo Payload -* option MUST be included. -*/ - if (ip6->ip6_plen == 0 && plen == 0) { - /* -* Note that if a valid jumbo payload option is -* contained, ip6_hopopts_input() must set a valid -* (non-zero) payload length to the variable plen. -*/ - ip6stat.ip6s_badoptions++; - icmp6_error(m, ICMP6_PARAM_PROB, - ICMP6_PARAMPROB_HEADER, - (caddr_t)>ip6_plen - (caddr_t)ip6); - if_put(ifp); - return; - } - IP6_EXTHDR_GET(hbh, struct ip6_hbh *, m, sizeof(struct ip6_hdr), - sizeof(struct ip6_hbh)); - if (hbh == NULL) { - ip6stat.ip6s_tooshort++; - if_put(ifp); - return; - } - nxt = hbh->ip6h_nxt; - /* -* accept the packet if a router alert option is included -* and we act as an IPv6 router. -*/ - if (rtalert != ~0 && ip6_forwarding) - ours = 1; - } else - nxt = ip6->ip6_nxt; - - /* -* Check that the amount of data in the buffers -* is as at least much as the IPv6 header would have us expect. -* Trim mbufs if longer than we expect. -* Drop packet if shorter than we expect. -*/ - if (m->m_pkthdr.len - sizeof(struct ip6_hdr) < plen) { - ip6stat.ip6s_tooshort++; - goto bad; - } - if (m->m_pkthdr.len > sizeof(struct ip6_hdr) + plen) { - if (m->m_len == m->m_pkthdr.len) { - m->m_len = sizeof(struct ip6_hdr) + plen; - m->m_pkthdr.len = sizeof(struct ip6_hdr) + plen; - } else - m_adj(m, sizeof(struct ip6_hdr) + plen - m->m_pkthdr.len); + if (ip6_hbhchcheck(m, , , )) { + if_put(ifp); + return; /* m have already been freed */ } + /* adjust pointer */ +
[PATCH] dont increase the size of socket buffers in low memory situations
At the moment the buffersize will be set to the default even if the current value is smaller. The following diff fixes this problem. Index: netinet/tcp_usrreq.c === RCS file: /cvs/src/sys/netinet/tcp_usrreq.c,v retrieving revision 1.131 diff -u -p -u -p -r1.131 tcp_usrreq.c --- netinet/tcp_usrreq.c18 Jun 2016 10:36:13 - 1.131 +++ netinet/tcp_usrreq.c5 Jul 2016 09:26:24 - @@ -979,10 +979,11 @@ tcp_update_sndspace(struct tcpcb *tp) struct socket *so = tp->t_inpcb->inp_socket; u_long nmax; - if (sbchecklowmem()) + if (sbchecklowmem()) { /* low on memory try to get rid of some */ - nmax = tcp_sendspace; - else if (so->so_snd.sb_wat != tcp_sendspace) + if (so->so_snd.sb_hiwat < nmax) + nmax = tcp_sendspace; + } else if (so->so_snd.sb_wat != tcp_sendspace) /* user requested buffer size, auto-scaling disabled */ nmax = so->so_snd.sb_wat; else @@ -1017,10 +1018,11 @@ tcp_update_rcvspace(struct tcpcb *tp) struct socket *so = tp->t_inpcb->inp_socket; u_long nmax = so->so_rcv.sb_hiwat; - if (sbchecklowmem()) + if (sbchecklowmem()) { /* low on memory try to get rid of some */ - nmax = tcp_recvspace; - else if (so->so_rcv.sb_wat != tcp_recvspace) + if (tcp_recvspace < nmax) + nmax = tcp_recvspace; + } else if (so->so_rcv.sb_wat != tcp_recvspace) /* user requested buffer size, auto-scaling disabled */ nmax = so->so_rcv.sb_wat; else {