refactor bpf_filter

bpf_filter is hard to read. the difficulty is that it looks like you give it packets in vanilla memory buffers (ie, a pointer and a length) to read out of, but packets in the kernel are in mbufs. so if you pass a buffer with a zero length, the bpf filter code when built in the kernel magically

alpha fixes for older chips

I got these patches from the ghost of architectures past trying to get perl tests passing on my alpha. I finally got a chance to get back to this and test building a release on both alpha and amd64 and will commit them in the morning unless someone else gets to it first. There are two separate

sys/mbuf.h and extra headers

i dont think mbuf.h needs to bring in sys/queue.h because it doesnt use anything in it. the malloc.h bits are only used to alias the mbuf allocator flags to the malloc ones, which is only necessary under _KERNEL. i think. hilariously the backend allocator for mbufs are pools too. an amd64 kernel

Re: acpi gpio interrupts

On Tue, Mar 29, 2016 at 11:13:51PM +0200, Mark Kettenis wrote: > Hi Jonathan, Joshua & other interested folks, > > The diff below adds support for gpio interrupts for the Bay Trail GPIO > controller. The acpi gpio interface gets extended with an > intr_establish() method that establishes an

remove BIOC[SG]QUEUE from bpf.c

this basically reverts bpf.c r1.117. two reasons. firstly, nothing uses the ioctls. the tcpdump -Q support never materialised. secondly, and probably more importantly, the implementation assumes that bpf handles mbufs with pkthdrs in the first mbuf, but that is incorrect. bpf actually only deals

Re: multi-pool malloc wip diff

On Mon, Mar 28, 2016 at 11:27:32AM +0200, Otto Moerbeek wrote: > On Wed, Mar 23, 2016 at 08:00:19AM +0100, Otto Moerbeek wrote: > > > Hi, > > > > first diff that seems to work. Tested on amd64 and compile tested on > > sparc64. > > > > It is alo available at http://www.drijf.net/openbsd/malloc

Re: spamd - DNS whitelist

No. DNS based whitelisting does not belong in there. because it is slow and DOS'able spamd is designed to be high speed low drag. If you want to do a DNS based whitelist, write a little co-thing that spits one into a file or into your nospamd table that then spamd *does not even see*. In short

Re: multi-pool malloc wip diff

On 2016/03/28 11:27, Otto Moerbeek wrote: > Second diff. Only one person (Stefan Kempf, thanks!) gave feedback... I've done i386 port bulk builds with both iterations of this, no problems seen yet.

Re: gdb on landisk

> Date: Sun, 27 Mar 2016 23:06:23 + > From: Miod Vallat > > There is a fallout from the switch to binutils 2.17: the binaries > created by 2.17 aren't recognized by the in-tree gdb because it's built > with the bfd code from 2.15. > > My understanding is that the in-tree gdb

Re: multi-pool malloc wip diff

On Mon, Mar 28, 2016 at 11:27:32AM +0200, Otto Moerbeek wrote: > On Wed, Mar 23, 2016 at 08:00:19AM +0100, Otto Moerbeek wrote: > > > Hi, > > > > first diff that seems to work. Tested on amd64 and compile tested on > > sparc64. > > > > It is alo available at http://www.drijf.net/openbsd/malloc

Re: handle bogus sparc64 frame buffers

> Date: Mon, 28 Mar 2016 14:21:33 + > From: Miod Vallat > > Some sparc64 pci frame buffers incorrectly have the `depth' property > spelled `depth ' with a trailing space. > > This can be found in this E450 eeprom -p output: > http://pastebin.com/P4ab4Xt4 > > Because of

acpi gpio interrupts

Hi Jonathan, Joshua & other interested folks, The diff below adds support for gpio interrupts for the Bay Trail GPIO controller. The acpi gpio interface gets extended with an intr_establish() method that establishes an interrupt on a specific pin. The pin is configured according to the flags

knote activate splhigh

Hi, from a customer's system I got this panic: kernel diagnostic assertion "(kn->kn_status & KN_QUEUED) == 0" failed: file ".. /../../../kern/kern_event.c", line 1071 panic() at panic+0xfe

Re: [patch] ftpd: close dirp

On Tue, 29 Mar 2016 21:50:23 +0200, frit...@alokat.org wrote: > The "dirp" pointer is not closed if goto inside the while loop is called. > > This diff: > - closes the dirp object > - moves the jump mark "out" a bit higher to clean the file pointer as well as > the > descriptor if the goto

[patch] ftpd: close dirp

The "dirp" pointer is not closed if goto inside the while loop is called. This diff: - closes the dirp object - moves the jump mark "out" a bit higher to clean the file pointer as well as the descriptor if the goto statement is called, and reset global variables The "send_file_list" function

Re: spamd - DNS whitelist

Hi, I want to use a DNS white list to skip greylisting delays for known good addresses, which would pass the greylist anyway. To do this with spamd and OpenSMTPd I wrote a prototype which intercepts the initial SYN packet from any non-whitelisted ip. It then queries DNS whitelists and on any

[PATCH] 59.html - 5.9 for socppc is not available

Hi all, Based on socppc platform page[0], the fact that the snapshots[1] haven't been built since September last year, as well as socppc directory not being present in the 5.9 release directory, I take it that 5.9 for socppc won't see the light of day. If that's the case, then the release

Re: rcctl ls faulty -> failed

On Tue, Mar 29, 2016 at 08:22:31AM -0600, Todd C. Miller wrote: > On Tue, 29 Mar 2016 15:29:27 +0200, Antoine Jacoutot wrote: > > > We'd like to rename the 'faulty' listing to 'failed'. > > i.e. rcctl ls failed > > > > 'faulty' does sound a bit weird and is not obvious to remember. > > Now the

OpenBSD 5.9 released - March 29

- OpenBSD 5.9 RELEASED - March 29, 2016. We are pleased to announce the official release of OpenBSD 5.9. This is our 39th release on CD-ROM (and 40th via FTP/HTTP). We

Re: proxy ARP for ART

On Tue, Mar 29, 2016 at 12:59:46PM +0200, Martin Pieuchot wrote: > @@ -600,6 +601,10 @@ route_output(struct mbuf *m, ...) > + if (route_arp_conflict(, tableid)) { > + error = EEXIST; > + goto flush; > + } I don't like a function that

Re: rcctl ls faulty -> failed

> From: "Antoine Jacoutot" > To: "Ian Darwin" > Cc: "tech" > Sent: Tuesday, March 29, 2016 10:59:54 AM > Subject: Re: rcctl ls faulty -> failed > On Tue, Mar 29, 2016 at 10:48:17AM -0400, Ian Darwin wrote: > > On Tue, Mar 29, 2016 at

Re: rcctl ls faulty -> failed

On Tue, Mar 29, 2016 at 10:48:17AM -0400, Ian Darwin wrote: > On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote: > > Hi. > > > > We'd like to rename the 'faulty' listing to 'failed'. > > i.e. rcctl ls failed > > > > Index: etc/daily > >

Re: rcctl ls faulty -> failed

On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote: > Hi. > > We'd like to rename the 'faulty' listing to 'failed'. > i.e. rcctl ls failed > > Index: etc/daily > === > RCS file: /cvs/src/etc/daily,v > retrieving

Re: ARP regress fix

On Tue, Mar 29, 2016 at 12:52:38PM +0200, Martin Pieuchot wrote: > It seems to me that the multicast test checks an incorrect MAC. Diff > below fixes that plus a typo. Tested with and without ART. OK bluhm@ Wenn running all tests sequentially, it passed without your diff because some other

Re: rcctl ls faulty -> failed

On Tue, 29 Mar 2016 15:29:27 +0200, Antoine Jacoutot wrote: > We'd like to rename the 'faulty' listing to 'failed'. > i.e. rcctl ls failed > > 'faulty' does sound a bit weird and is not obvious to remember. > Now the question is should we keep supporting the 'faulty' keyword or not? > I'm not in

Re: vlan(4) doesnt have to filter its own mac address

On Tue, Mar 29, 2016 at 02:37:44PM +1000, David Gwynne wrote: > because the network stack does it for it on the way in. > > the following chunk in src/sys/net/if_ethersubr.c does the same job > later on: > > int > ether_input(struct ifnet *ifp, struct mbuf *m, void *cookie) > { > ... >

rcctl ls faulty -> failed

Hi. We'd like to rename the 'faulty' listing to 'failed'. i.e. rcctl ls failed 'faulty' does sound a bit weird and is not obvious to remember. Now the question is should we keep supporting the 'faulty' keyword or not? I'm not in favor of adding a knob especially when it's just an alias; that'd

Re: ie(4) and ie(4/sparc) vs bpf_tap

On Tue, Mar 29, 2016 at 08:58:35PM +1000, David Gwynne wrote: > i think bpf_tap is broken, so id like to get rid of it. > > the only thing(s) using it is ie, but they dont require bpf_tap. > > the typical idiom with doing bpf on outgoing packets is to pass the > mbuf in between dequeueing the

Re: uvm: enable amap per-page refcounting unconditionally

On 28/03/16(Mon) 11:28, Stefan Kempf wrote: > Miod Vallat wrote: > > > > > It seems per-page reference counting is used since forever. I think > > > there's no reason to ever turn it off (and track referenced pages > > > with less accuracy, causing leaks). > > > > Actually, assuming the #undef

ie(4) and ie(4/sparc) vs bpf_tap

i think bpf_tap is broken, so id like to get rid of it. the only thing(s) using it is ie, but they dont require bpf_tap. the typical idiom with doing bpf on outgoing packets is to pass the mbuf in between dequeueing the packet from the send queue, and before it's given to the hardware. this

proxy ARP for ART

Diff below implements proxy ARP using the mpath property of our routing table. This solution is not limited to ART and could be used for different purposes, like putting multicast addresses in the routing table. However I'm keeping it under "#ifdef ART" as long as we are not totally committed to

ARP regress fix

It seems to me that the multicast test checks an incorrect MAC. Diff below fixes that plus a typo. Index: Makefile === RCS file: /cvs/src/regress/sys/netinet/arp/Makefile,v retrieving revision 1.4 diff -u -p -r1.4 Makefile ---

Re: tcp syn cache random reseed

On 28/03/16(Mon) 23:56, Alexander Bluhm wrote: > On Mon, Mar 21, 2016 at 12:58:41PM +0100, Alexander Bluhm wrote: > > The attack I see is that you can measure the bucket distribution > > by timing the SYN+ACK response. You can collect samples that end > > in the same bucket. After you have