refactor bpf_filter
bpf_filter is hard to read. the difficulty is that it looks like you give it packets in vanilla memory buffers (ie, a pointer and a length) to read out of, but packets in the kernel are in mbufs. so if you pass a buffer with a zero length, the bpf filter code when built in the kernel magically figures out to do mbuf operations instead. i was going to change it to get rid of the buffer mode of operation and explicitely use operations on mbufs all the time, but it turns out bpf_filter is built as part of libpcap, and libpcap only knows about vanilla buffers. so i ended up with this. this moves the guts of bpf_filter into a new _bpf_filter function that takes an opaque void pointer to a "thing that has packet data in it", and a set of function pointers that can do reads against that opaque thing. bpf_filter.c includes an implementation of these reads for buffers, which provides the bpf_filter api that libpcap expects. bpf.c provides an implementation of these reads for mbufs, and a bpf_mfilter function that you can call to use it. thoughts? tests would be appreciated. Index: sys/net/bpf.c === RCS file: /cvs/src/sys/net/bpf.c,v retrieving revision 1.136 diff -u -p -r1.136 bpf.c --- sys/net/bpf.c 29 Mar 2016 10:38:27 - 1.136 +++ sys/net/bpf.c 30 Mar 2016 05:13:44 - @@ -1160,7 +1152,7 @@ bpf_tap(caddr_t arg, u_char *pkt, u_int bf = srp_enter(&d->bd_rfilter); if (bf != NULL) fcode = bf->bf_insns; - slen = bpf_filter(fcode, pkt, pktlen, 0); + slen = bpf_filter(fcode, pkt, pktlen, pktlen); srp_leave(&d->bd_rfilter, bf); } @@ -1254,7 +1244,7 @@ _bpf_mtap(caddr_t arg, struct mbuf *m, u bf = srp_enter(&d->bd_rfilter); if (bf != NULL) fcode = bf->bf_insns; - slen = bpf_filter(fcode, (u_char *)m, pktlen, 0); + slen = bpf_mfilter(fcode, m, pktlen); srp_leave(&d->bd_rfilter, bf); } @@ -1748,4 +1738,104 @@ bpf_insn_dtor(void *null, void *f) free(insns, M_DEVBUF, bf->bf_len * sizeof(*insns)); free(bf, M_DEVBUF, sizeof(*bf)); +} + +u_int32_t bpf_mbuf_ldw(const void *, u_int32_t, int *); +u_int32_t bpf_mbuf_ldh(const void *, u_int32_t, int *); +u_int32_t bpf_mbuf_ldb(const void *, u_int32_t, int *); + +intbpf_mbuf_copy(const struct mbuf *, u_int32_t, + void *, u_int32_t); + +const struct bpf_ops bpf_mbuf_ops = { + bpf_mbuf_ldw, + bpf_mbuf_ldh, + bpf_mbuf_ldb, +}; + +int +bpf_mbuf_copy(const struct mbuf *m, u_int32_t off, void *buf, u_int32_t len) +{ + u_int8_t *cp = buf; + u_int32_t count; + + while (off >= m->m_len) { + off -= m->m_len; + + m = m->m_next; + if (m == NULL) + return (-1); + } + + for (;;) { + count = min(m->m_len - off, len); + + memcpy(cp, m->m_data + off, count); + len -= count; + + if (len == 0) + return (0); + + m = m->m_next; + if (m == NULL) + break; + + cp += count; + off = 0; + } + + return (-1); +} + +u_int32_t +bpf_mbuf_ldw(const void *m0, u_int32_t k, int *err) +{ + u_int32_t v; + + if (bpf_mbuf_copy(m0, k, &v, sizeof(v)) != 0) { + *err = 1; + return (0); + } + + *err = 0; + return ntohl(v); +} + +u_int32_t +bpf_mbuf_ldh(const void *m0, u_int32_t k, int *err) +{ + u_int16_t v; + + if (bpf_mbuf_copy(m0, k, &v, sizeof(v)) != 0) { + *err = 1; + return (0); + } + + *err = 0; + return ntohs(v); +} + +u_int32_t +bpf_mbuf_ldb(const void *m0, u_int32_t k, int *err) +{ + const struct mbuf *m = m0; + + while (k >= m->m_len) { + k -= m->m_len; + + m = m->m_next; + if (m == NULL) { + *err = 1; + return (0); + } + } + + *err = 0; + return (m->m_data[k]); +} + +u_int +bpf_mfilter(const struct bpf_insn *pc, const struct mbuf *m, u_int wirelen) +{ + return _bpf_filter(pc, &bpf_mbuf_ops, m, wirelen); } Index: sys/net/bpf.h === RCS file: /cvs/src/sys/net/bpf.h,v retrieving revision 1.51 diff -u -p -r1.51 bpf.h --- sys/net/bpf.h 29 Mar 2016 10:38:27 - 1.51 +++ sys/net/bpf.h 30 Mar 2016 05:13:44 - @@ -265,13 +265,28 @@ struct bpf_dltlist { }; /* + * Load operations for _bpf_filter to use against the packet
alpha fixes for older chips
I got these patches from the ghost of architectures past trying to get perl tests passing on my alpha. I finally got a chance to get back to this and test building a release on both alpha and amd64 and will commit them in the morning unless someone else gets to it first. There are two separate fixes here, the first is a compiler optimization bug and the other handles processors without specific instructions. These help not only perl on my AlphaStation but also gets these two regress tests to pass on it: regress/lib/libm/nextafter regress/lib/libm/rint (I think I properly fixed the paths to be relative to src/ but it's possible I broke something, so if they don't apply that's probably my fault.) Date: Sun, 17 Jan 2016 21:50:30 + (UTC) From: Miod Vallat To: tech@openbsd.org Subject: Re: Perl 5.22.1 testing request + issue on alpha Organization: Prumpleffer Gmbh User-Agent: slrn/1.0.2 (OpenBSD) > I have run into a strange issue on alpha that I'm still tracking down. > I fear this has interrupted me too long to get 5.22 in for OpenBSD 5.9, > but maybe we can get ahead of the curve and be ready after unlock. > > Previously, NaN + 1 looked like this: > $ perl -we 'print "NaN" + 1' > -nan > > Due to improvements in the Inf/NaN code, 5.22 should get: > $ perl -we 'print "NaN" + 1' > NaN > > But for some reason on alpha NaN isn't special and we instead get: > $ ./perl -we 'print "NaN" + 1' > 1 You might want to try this compiler diff on alpha. When compiling with optimization enabled and ieee-style floating point, the compiler tries to insert asynchronous fpu trap synchronization barriers as late as possible. Unfortunately, the logic does not take into account the store of a floating-point result into memory as something requiring a barrier, which leads to incorrect behaviour on alpha processors without the ``precise arithmetic trap'' extension. Index: alpha.c === RCS file: /OpenBSD/src/gnu/gcc/gcc/config/alpha/alpha.c,v retrieving revision 1.4 diff -u -p -r1.4 alpha.c --- gnu/gcc/gcc/config/alpha/alpha.c20 Dec 2012 13:58:06 - 1.4 +++ gnu/gcc/gcc/config/alpha/alpha.c17 Jan 2016 19:42:44 - @@ -8721,11 +8721,15 @@ summarize_insn (rtx x, struct shadow_sum result of an instruction that might generate an UNPREDICTABLE result. - (c) Within the trap shadow, no register may be used more than once + (c) Within the trap shadow, the destination register of the potentially + trapping instruction may not be used as an input, for its value would be + UNPREDICTABLE. + + (d) Within the trap shadow, no register may be used more than once as a destination register. (This is to make life easier for the trap-handler.) - (d) The trap shadow may not include any branch instructions. */ + (e) The trap shadow may not include any branch instructions. */ static void alpha_handle_trap_shadows (void) @@ -8797,7 +8801,7 @@ alpha_handle_trap_shadows (void) if ((sum.defd.i & shadow.defd.i) || (sum.defd.fp & shadow.defd.fp)) { - /* (c) would be violated */ + /* (d) would be violated */ goto close_shadow; } @@ -8820,11 +8824,19 @@ alpha_handle_trap_shadows (void) goto close_shadow; } + + if ((sum.used.i & shadow.defd.i) + || (sum.used.fp & shadow.defd.fp)) + { + /* (c) would be violated */ + goto close_shadow; + } break; case JUMP_INSN: case CALL_INSN: case CODE_LABEL: + /* (e) would be violated */ goto close_shadow; default: Date: Wed, 20 Jan 2016 20:20:51 + From: Miod Vallat To: Andrew Fresh Cc: Theo de Raadt , David Gwynne Subject: Re: alpha User-Agent: Mutt/1.5.24 (2015-08-30) > > However! I have just noticed regress/lib/libm/rint will fail with a > > SIGILL. Apparently not all IEEE-mode instructions are implemented on > > this 21064, but this is one of the earliest alpha systems. Could you > > check if this test passes (or fails, but without SIGILL) on your > > alphastation? > > This fails on my alphastation with SIGILL. > > kern.version=OpenBSD 5.9-beta (GENERIC) #281: Sun Dec 27 13:54:59 MST 2015 > dera...@alpha.openbsd.org:/usr/src/sys/arch/alpha/compile/GENERIC > > $ make regress > cc -O2 -pipe-c rint.c > cc -o rint rint.o -lm > ./rint > *** Signal SIGILL in . (:48 'run-regress-rint') > FAILED > *** Error 1 in target 'regress' (ignored) The following diff will fix it. Unfortunately it changes to publish a formerly internal function prototype (guarded by _KERNEL), so it
sys/mbuf.h and extra headers
i dont think mbuf.h needs to bring in sys/queue.h because it doesnt use anything in it. the malloc.h bits are only used to alias the mbuf allocator flags to the malloc ones, which is only necessary under _KERNEL. i think. hilariously the backend allocator for mbufs are pools too. an amd64 kernel build survives with this. is this worth doing? ok? Index: mbuf.h === RCS file: /cvs/src/sys/sys/mbuf.h,v retrieving revision 1.208 diff -u -p -r1.208 mbuf.h --- mbuf.h 23 Feb 2016 01:39:14 - 1.208 +++ mbuf.h 30 Mar 2016 01:31:39 - @@ -35,9 +35,6 @@ #ifndef _SYS_MBUF_H_ #define _SYS_MBUF_H_ -#include -#include - /* * Constants related to network buffer management. * MCLBYTES must be no larger than PAGE_SIZE (the software page size) and, @@ -242,6 +239,7 @@ struct mbuf { #define M_FLOWID_MASK 0x7fff /* flow id to map to path */ /* flags to m_get/MGET */ +#include #defineM_DONTWAIT M_NOWAIT #defineM_WAIT M_WAITOK
Re: acpi gpio interrupts
On Tue, Mar 29, 2016 at 11:13:51PM +0200, Mark Kettenis wrote: > Hi Jonathan, Joshua & other interested folks, > > The diff below adds support for gpio interrupts for the Bay Trail GPIO > controller. The acpi gpio interface gets extended with an > intr_establish() method that establishes an interrupt on a specific > pin. The pin is configured according to the flags that are passed. > The interrupt is established at IPL_BIO. This is similar to what the > USB subsystem does. The interrupt handler should call splxxx() as > appropriate. This means that keyboard interrupts will be blocked by > pretty much all other interrupt handlers. We can't easily avoid this. > > The diff hooks this support up to the sdhc(4) driver. Card insertions > and de-insertions are now detected in the SD card slot of my Asus > x205ta. > > It should be fairly easy too hook up the keyboard interrupt on the > Lenovo 100s. > > ok? It would be nice if the intr_establish at least returned an int to avoid having to add simple functions to get around to different prototype. Perhaps an empty intr_disestablish and adding the devname argument like acpi_intr_establish? Is it possible multiple callbacks may need to be called for a single pin? It ends up being a bit convoluted on the 100s but works with the following. Can now click and drag windows in x11... dwiic0 at acpi0: I2C1 addr 0x90906000/0x1000 irq 32 iic0 at dwiic0 dwiic1 at acpi0: I2C2 addr 0x9090c000/0x1000 irq 33 iic1 at dwiic1 "10EC5640" at acpi0 not configured dwiic2 at acpi0: I2C3 addr 0x9090e000/0x1000 irq 34 iic2 at dwiic2 GPO2 pin 22 tflags 0x12 ppi 0x1 drs 0x0 dbt 0x0 ihidev0 at iic2 addr 0x5: int 22, vendor 0x6243 product 0x1, ENEE3730 ihidev0: 6 report ids ikbd0 at ihidev0 reportid 1: 8 variable keys, 6 key codes wskbd0 at ikbd0 mux 1 hid at ihidev0 reportid 2 not configured hid at ihidev0 reportid 3 not configured ims0 at ihidev0 reportid 4: 3 buttons, Z dir wsmouse0 at ims0 mux 0 hid at ihidev0 reportid 5 not configured hid at ihidev0 reportid 6 not configured "ENEE3730" at acpi0 not configured dwiic3 at acpi0: I2C4 addr 0x9091/0x1000 irq 35 iic3 at dwiic3 dwiic4 at acpi0: I2C5 addr 0x90912000/0x1000 irq 36 iic4 at dwiic4 Index: acpi/dwiic.c === RCS file: /cvs/src/sys/dev/acpi/dwiic.c,v retrieving revision 1.12 diff -u -p -r1.12 dwiic.c --- acpi/dwiic.c29 Mar 2016 22:35:09 - 1.12 +++ acpi/dwiic.c30 Mar 2016 00:56:40 - @@ -123,6 +123,10 @@ struct dwiic_crs { uint32_t addr_bas; uint32_t addr_len; uint16_t i2c_addr; + struct aml_node *devnode; + struct aml_node *gpio_int_node; + uint16_t gpio_int_pin; + uint16_t gpio_int_flags; }; struct dwiic_softc { @@ -238,6 +242,7 @@ dwiic_attach(struct device *parent, stru return; } memset(&crs, 0, sizeof(crs)); + crs.devnode = sc->sc_devnode; aml_parse_resource(&res, dwiic_acpi_parse_crs, &crs); aml_freevalue(&res); @@ -374,6 +379,8 @@ int dwiic_acpi_parse_crs(union acpi_resource *crs, void *arg) { struct dwiic_crs *sc_crs = arg; + struct aml_node *node; + uint16_t pin; switch (AML_CRSTYPE(crs)) { case SR_IRQ: @@ -386,6 +393,22 @@ dwiic_acpi_parse_crs(union acpi_resource sc_crs->irq_flags = crs->lr_extirq.flags; break; + case LR_GPIO: + node = aml_searchname(sc_crs->devnode, + (char *)&crs->pad[crs->lr_gpio.res_off]); + pin = *(uint16_t *)&crs->pad[crs->lr_gpio.pin_off]; + printf(" %s pin %d\n", node->name, pin); + if (crs->lr_gpio.type == LR_GPIO_INT) { + sc_crs->gpio_int_node = node; + sc_crs->gpio_int_pin = pin; + sc_crs->gpio_int_flags = crs->lr_gpio.tflags; + } + printf(" tflags 0x%x\n", crs->lr_gpio.tflags); + printf(" ppi 0x%x\n", crs->lr_gpio._ppi); + printf(" drs 0x%x\n", crs->lr_gpio._drs); + printf(" dbt 0x%x\n", crs->lr_gpio._dbt); + break; + case LR_MEM32: sc_crs->addr_min = letoh32(crs->lr_m32._min); sc_crs->addr_len = letoh32(crs->lr_m32._len); @@ -553,18 +576,27 @@ dwiic_acpi_foundhid(struct aml_node *nod return (0); } memset(&crs, 0, sizeof(crs)); + crs.devnode = sc->sc_devnode; aml_parse_resource(&res, dwiic_acpi_parse_crs, &crs); aml_freevalue(&res); - if (crs.irq_int <= 0) { + if (crs.gpio_int_node && crs.gpio_int_node->gpio) { + struct acpi_gpio *gpio = crs.gpio_int_node->gpio; + ia.ia_int = crs.gpio_int_pin; + ia.ia_int_flags = crs.gpio_int_flags; + ia.acpi_gpio = gpio; + } else { + ia.ia_int = crs.irq_int; +
remove BIOC[SG]QUEUE from bpf.c
this basically reverts bpf.c r1.117. two reasons. firstly, nothing uses the ioctls. the tcpdump -Q support never materialised. secondly, and probably more importantly, the implementation assumes that bpf handles mbufs with pkthdrs in the first mbuf, but that is incorrect. bpf actually only deals with chains of data (so m_data, m_len, m_next), so this could blow up if anyone actually uses it. ok? Index: bpf.c === RCS file: /cvs/src/sys/net/bpf.c,v retrieving revision 1.136 diff -u -p -r1.136 bpf.c --- bpf.c 29 Mar 2016 10:38:27 - 1.136 +++ bpf.c 30 Mar 2016 00:12:41 - @@ -859,14 +859,6 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t (BPF_DIRECTION_IN|BPF_DIRECTION_OUT); break; - case BIOCGQUEUE:/* get queue */ - *(u_int *)addr = d->bd_queue; - break; - - case BIOCSQUEUE:/* set queue */ - d->bd_queue = *(u_int *)addr; - break; - case FIONBIO: /* Non-blocking I/O */ if (*(int *)addr) d->bd_rtout = -1; @@ -1244,8 +1236,6 @@ _bpf_mtap(caddr_t arg, struct mbuf *m, u atomic_inc_long(&d->bd_rcount); if ((direction & d->bd_dirfilt) != 0) - slen = 0; - else if (d->bd_queue && m->m_pkthdr.pf.qid != d->bd_queue) slen = 0; else { struct bpf_program *bf; Index: bpfdesc.h === RCS file: /cvs/src/sys/net/bpfdesc.h,v retrieving revision 1.29 diff -u -p -r1.29 bpfdesc.h --- bpfdesc.h 3 Dec 2015 16:27:32 - 1.29 +++ bpfdesc.h 30 Mar 2016 00:12:41 - @@ -80,7 +80,6 @@ struct bpf_d { u_char bd_locked; /* true if descriptor is locked */ u_char bd_fildrop; /* true if filtered packets will be dropped */ u_char bd_dirfilt; /* direction filter */ - u_int bd_queue; /* the queue the user wants to watch (0 == all) */ int bd_hdrcmplt;/* false to fill in src lladdr automatically */ int bd_async; /* non-zero if packet reception should generate signal */ int bd_sig; /* signal to send upon packet reception */
Re: multi-pool malloc wip diff
On Mon, Mar 28, 2016 at 11:27:32AM +0200, Otto Moerbeek wrote: > On Wed, Mar 23, 2016 at 08:00:19AM +0100, Otto Moerbeek wrote: > > > Hi, > > > > first diff that seems to work. Tested on amd64 and compile tested on > > sparc64. > > > > It is alo available at http://www.drijf.net/openbsd/malloc > > > > Form the README: > > > > The diff should be applied while in /usr/src/lib, it will patch > > both librthreads as as well as libc. > > > > THIS IS WORK IN PROGRESS. It contains multiple things that should > > be improved. To name a few things: > > > > - Curently fixed at 4 pools with a fixed thread -> pool mapping. > > - All pools are always initialized, even for single threaded programs, where > > only one pool is used. > > - Especially realloc gets quite a bit uglier. > > - I'm pondering storing the thread -> pool mapping in the thread > > struct instead of computing it each time from the tcb address. > > > > -Otto > > > > Second diff. Only one person (Stefan Kempf, thanks!) gave feedback... > > A race condition was fixed in the init code. But there remain race > problems in the init code. I will be working on that the coming time. > > Please be aware that to make this code ready for commit, I need > feedback/tests/reviews. There's no way this code will end up in the tree > without those. I don't see regressions on amd64. -- Juan Francisco Cantero Hurtado http://juanfra.info
Re: spamd - DNS whitelist
No. DNS based whitelisting does not belong in there. because it is slow and DOS'able spamd is designed to be high speed low drag. If you want to do a DNS based whitelist, write a little co-thing that spits one into a file or into your nospamd table that then spamd *does not even see*. In short *spamd* is the wrong place to do this. put your dns based whitelist in a table periodically On Tue, Mar 29, 2016 at 1:11 PM, Christopher Zimmermann wrote: > Hi, > > I want to use a DNS white list to skip greylisting delays for known > good addresses, which would pass the greylist anyway. > To do this with spamd and OpenSMTPd I wrote a prototype which intercepts > the initial SYN packet from any non-whitelisted ip. It then queries DNS > whitelists and on any positive reply it whitelists the ip. The SYN > packet is dropped. Any sane smtp server will very shortly resend the > SYN and get through to OpenSMTPd. > This program is only a proof-of-concept. I think the same functionality > could be integrated into spamd or as transparent relay into relayd. Is > this a sensible approach? > > Christopher > > > On 2016-03-15 Stuart Henderson wrote: >> On 2016/03/15 12:55, Craig Skinner wrote: >> > Generally, everything has changed from file feeds to DNS. >> >> Yep, because for the more actively maintained ones 1) new entries show >> up more quickly than any sane rsync interval, this is quite important >> for good blocking these days 2) DNS is less resource intensive and >> more easily distributed than rsync, and 3) importantly for the rbl >> providers, it gives additional input to them about new mail sources >> (if an rbl suddenly starts seeing queries from all over the world for >> a previously unseen address, it's probably worth investigation - I am >> sure this is why some of the commercial antispam operators provide >> free DNS-based lookups for smaller orgs). >> >> A more flexible approach would be to skip the PF table integration >> completely and do DNS lookups in spamd (or, uh, relayd, or something >> new) and based on that it could choose whether to tarpit, greylist or >> transparent-forward the connection to the real mail server. This >> would also give a way to use dnswl.org's whitelist to avoid >> greylisting for those hosts where it just doesn't work well (gmail, >> office365 etc). >> > > > > -- > http://gmerlin.de > OpenPGP: http://gmerlin.de/christopher.pub > 2779 7F73 44FD 0736 B67A C410 69EC 7922 34B4 2566
Re: multi-pool malloc wip diff
On 2016/03/28 11:27, Otto Moerbeek wrote: > Second diff. Only one person (Stefan Kempf, thanks!) gave feedback... I've done i386 port bulk builds with both iterations of this, no problems seen yet.
Re: gdb on landisk
> Date: Sun, 27 Mar 2016 23:06:23 + > From: Miod Vallat > > There is a fallout from the switch to binutils 2.17: the binaries > created by 2.17 aren't recognized by the in-tree gdb because it's built > with the bfd code from 2.15. > > My understanding is that the in-tree gdb can't be made to run with bfd > from 2.17 without significant non-trivial changes, so I'd suggest the > following diff. Thanks, committed. > Index: gnu/usr.bin/binutils/bfd/elf32-sh.c > === > RCS file: /OpenBSD/src/gnu/usr.bin/binutils/bfd/elf32-sh.c,v > retrieving revision 1.3 > diff -u -p -r1.3 elf32-sh.c > --- gnu/usr.bin/binutils/bfd/elf32-sh.c 22 Dec 2014 14:09:58 - > 1.3 > +++ gnu/usr.bin/binutils/bfd/elf32-sh.c 20 Nov 2015 20:56:20 - > @@ -6849,6 +6849,7 @@ sh_elf_set_mach_from_flags (bfd *abfd) >break; > case EF_SH_UNKNOWN: > case EF_SH4: > +case 23: /* EF_SH2A_SH4 */ >bfd_default_set_arch_mach (abfd, bfd_arch_sh, bfd_mach_sh4); >break; > case EF_SH4_NOFPU: > >
Re: multi-pool malloc wip diff
On Mon, Mar 28, 2016 at 11:27:32AM +0200, Otto Moerbeek wrote: > On Wed, Mar 23, 2016 at 08:00:19AM +0100, Otto Moerbeek wrote: > > > Hi, > > > > first diff that seems to work. Tested on amd64 and compile tested on > > sparc64. > > > > It is alo available at http://www.drijf.net/openbsd/malloc > > > > Form the README: > > > > The diff should be applied while in /usr/src/lib, it will patch > > both librthreads as as well as libc. > > > > THIS IS WORK IN PROGRESS. It contains multiple things that should > > be improved. To name a few things: > > > > - Curently fixed at 4 pools with a fixed thread -> pool mapping. > > - All pools are always initialized, even for single threaded programs, where > > only one pool is used. > > - Especially realloc gets quite a bit uglier. > > - I'm pondering storing the thread -> pool mapping in the thread > > struct instead of computing it each time from the tcb address. > > > > -Otto > > > > Second diff. Only one person (Stefan Kempf, thanks!) gave feedback... > > A race condition was fixed in the init code. But there remain race > problems in the init code. I will be working on that the coming time. > > Please be aware that to make this code ready for commit, I need > feedback/tests/reviews. There's no way this code will end up in the tree > without those. > > -Otto > Been running this in a VM since this weekend, no issues seen. (amd64). -ml > > Index: libc/include/thread_private.h > === > RCS file: /cvs/src/lib/libc/include/thread_private.h,v > retrieving revision 1.26 > diff -u -p -r1.26 thread_private.h > --- libc/include/thread_private.h 7 Apr 2015 01:27:07 - 1.26 > +++ libc/include/thread_private.h 28 Mar 2016 08:22:31 - > @@ -17,6 +17,8 @@ > */ > extern int __isthreaded; > > +#define _MALLOC_MUTEXES 4 > + > /* > * Weak symbols are used in libc so that the thread library can > * efficiently wrap libc functions. > @@ -136,16 +138,16 @@ extern void *__THREAD_NAME(serv_mutex); > /* > * malloc lock/unlock prototypes and definitions > */ > -void _thread_malloc_lock(void); > -void _thread_malloc_unlock(void); > +void _thread_malloc_lock(int); > +void _thread_malloc_unlock(int); > > -#define _MALLOC_LOCK() do { > \ > +#define _MALLOC_LOCK(n) do { > \ > if (__isthreaded) \ > - _thread_malloc_lock(); \ > + _thread_malloc_lock(n); \ > } while (0) > -#define _MALLOC_UNLOCK() do {\ > +#define _MALLOC_UNLOCK(n)do {\ > if (__isthreaded) \ > - _thread_malloc_unlock();\ > + _thread_malloc_unlock(n);\ > } while (0) > > void _thread_atexit_lock(void); > Index: libc/stdlib/malloc.c > === > RCS file: /cvs/src/lib/libc/stdlib/malloc.c,v > retrieving revision 1.185 > diff -u -p -r1.185 malloc.c > --- libc/stdlib/malloc.c 17 Mar 2016 17:55:33 - 1.185 > +++ libc/stdlib/malloc.c 28 Mar 2016 08:22:31 - > @@ -1,6 +1,6 @@ > /* $OpenBSD: malloc.c,v 1.185 2016/03/17 17:55:33 mmcc Exp $ */ > /* > - * Copyright (c) 2008, 2010, 2011 Otto Moerbeek > + * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek > * Copyright (c) 2012 Matthew Dempsky > * Copyright (c) 2008 Damien Miller > * Copyright (c) 2000 Poul-Henning Kamp > @@ -43,6 +43,7 @@ > #endif > > #include "thread_private.h" > +#include > > #if defined(__sparc__) && !defined(__sparcv9__) > #define MALLOC_PAGESHIFT (13U) > @@ -95,10 +96,10 @@ > > #define _MALLOC_LEAVE(d) do { if (__isthreaded) { \ > (d)->active--; \ > - _MALLOC_UNLOCK(); } \ > + _MALLOC_UNLOCK(d->mutex); } \ > } while (0) > #define _MALLOC_ENTER(d) do { if (__isthreaded) { \ > - _MALLOC_LOCK(); \ > + _MALLOC_LOCK(d->mutex); \ > (d)->active++; } \ > } while (0) > > @@ -129,6 +130,7 @@ struct dir_info { > void *delayed_chunks[MALLOC_DELAYED_CHUNK_MASK + 1]; > size_t rbytesused; /* random bytes used */ > char *func; /* current function */ > + int mutex; > u_char rbytes[32]; /* random bytes */ > u_short chunk_start; > #ifdef MALLOC_STATS > @@ -178,7 +180,7 @@ struct chunk_info { > }; > > struct malloc_readonly { > - struct dir_info *malloc_pool; /* Main bookkeeping information */ > + struct dir_info *malloc_pool[_MALLOC_MUTEXES]; /* Main bookkeeping > information */ > int malloc_free
Re: handle bogus sparc64 frame buffers
> Date: Mon, 28 Mar 2016 14:21:33 + > From: Miod Vallat > > Some sparc64 pci frame buffers incorrectly have the `depth' property > spelled `depth ' with a trailing space. > > This can be found in this E450 eeprom -p output: > http://pastebin.com/P4ab4Xt4 > > Because of this, gfxp(4) attaches believing the display is only 8bpp, > and the display gets garbled. > > The following diff will fix this issue. I don't think sparc needs a > similar fix as there are no Sun sparc systems with pci slots. Thanks, Committed. > Index: fb.c > === > RCS file: /OpenBSD/src/sys/arch/sparc64/dev/fb.c,v > retrieving revision 1.25 > diff -u -p -r1.25 fb.c > --- fb.c 21 Oct 2013 10:36:19 - 1.25 > +++ fb.c 28 Mar 2016 12:54:32 - > @@ -131,7 +131,12 @@ fb_setsize(struct sunfb *sf, int def_dep > { > int def_linebytes; > > - sf->sf_depth = getpropint(node, "depth", def_depth); > + /* > + * Some PCI devices lack the `depth' property, but have a `depth ' > + * property (with a trailing space) instead. > + */ > + sf->sf_depth = getpropint(node, "depth", > + getpropint(node, "depth ", def_depth)); > sf->sf_width = getpropint(node, "width", def_width); > sf->sf_height = getpropint(node, "height", def_height); > > >
acpi gpio interrupts
Hi Jonathan, Joshua & other interested folks, The diff below adds support for gpio interrupts for the Bay Trail GPIO controller. The acpi gpio interface gets extended with an intr_establish() method that establishes an interrupt on a specific pin. The pin is configured according to the flags that are passed. The interrupt is established at IPL_BIO. This is similar to what the USB subsystem does. The interrupt handler should call splxxx() as appropriate. This means that keyboard interrupts will be blocked by pretty much all other interrupt handlers. We can't easily avoid this. The diff hooks this support up to the sdhc(4) driver. Card insertions and de-insertions are now detected in the SD card slot of my Asus x205ta. It should be fairly easy too hook up the keyboard interrupt on the Lenovo 100s. ok? Index: acpi/amltypes.h === RCS file: /cvs/src/sys/dev/acpi/amltypes.h,v retrieving revision 1.41 diff -u -p -r1.41 amltypes.h --- acpi/amltypes.h 28 Mar 2016 17:27:57 - 1.41 +++ acpi/amltypes.h 29 Mar 2016 21:04:45 - @@ -367,6 +367,7 @@ struct acpi_pci { struct acpi_gpio { void*cookie; int (*read_pin)(void *, int); + void(*intr_establish)(void *, int, int, void (*)(void *), void *); }; struct aml_node { Index: acpi/bytgpio.c === RCS file: /cvs/src/sys/dev/acpi/bytgpio.c,v retrieving revision 1.3 diff -u -p -r1.3 bytgpio.c --- acpi/bytgpio.c 29 Mar 2016 18:04:09 - 1.3 +++ acpi/bytgpio.c 29 Mar 2016 21:04:45 - @@ -25,8 +25,22 @@ #include #include +#define BYTGPIO_CONF_GD_LEVEL 0x0100 +#define BYTGPIO_CONF_GD_TPE0x0200 +#define BYTGPIO_CONF_GD_TNE0x0400 +#define BYTGPIO_CONF_GD_MASK 0x0f00 + #define BYTGPIO_PAD_VAL0x0001 +#define BYTGPIO_IRQ_TS_0 0x800 +#define BYTGPIO_IRQ_TS_1 0x804 +#define BYTGPIO_IRQ_TS_2 0x808 + +struct bytgpio_intrhand { + void (*ih_func)(void *); + void *ih_arg; +}; + struct bytgpio_softc { struct device sc_dev; struct acpi_softc *sc_acpi; @@ -43,6 +57,7 @@ struct bytgpio_softc { const int *sc_pins; int sc_npins; + struct bytgpio_intrhand *sc_pin_ih; struct acpi_gpio sc_gpio; }; @@ -90,6 +105,7 @@ const int byt_sus_pins[] = { intbytgpio_parse_resources(union acpi_resource *, void *); intbytgpio_read_pin(void *, int); +void bytgpio_intr_establish(void *, int, int, void (*)(), void *); intbytgpio_intr(void *); int @@ -149,29 +165,39 @@ bytgpio_attach(struct device *parent, st return; } + sc->sc_pin_ih = mallocarray(sc->sc_npins, sizeof(*sc->sc_pin_ih), + M_DEVBUF, M_NOWAIT | M_ZERO); + if (sc->sc_pin_ih == NULL) { + printf("\n"); + return; + } + printf(" irq %d", sc->sc_irq); sc->sc_memt = aaa->aaa_memt; if (bus_space_map(sc->sc_memt, sc->sc_addr, sc->sc_size, 0, &sc->sc_memh)) { printf(", can't map registers\n"); - return; + goto fail; } -#if 0 sc->sc_ih = acpi_intr_establish(sc->sc_irq, sc->sc_irq_flags, IPL_BIO, bytgpio_intr, sc, sc->sc_dev.dv_xname); if (sc->sc_ih == NULL) { printf(", can't establish interrupt\n"); - return; + goto fail; } -#endif sc->sc_gpio.cookie = sc; sc->sc_gpio.read_pin = bytgpio_read_pin; + sc->sc_gpio.intr_establish = bytgpio_intr_establish; sc->sc_node->gpio = &sc->sc_gpio; printf(", %d pins\n", sc->sc_npins); + return; + +fail: + free(sc->sc_pin_ih, M_DEVBUF, sc->sc_npins * sizeof(*sc->sc_pin_ih)); } int @@ -207,25 +233,52 @@ bytgpio_read_pin(void *cookie, int pin) return (reg & BYTGPIO_PAD_VAL); } -#if 0 +void +bytgpio_intr_establish(void *cookie, int pin, int flags, +void (*func)(void *), void *arg) +{ + struct bytgpio_softc *sc = cookie; + uint32_t reg; + + KASSERT(pin >= 0 && pin < sc->sc_npins); + + sc->sc_pin_ih[pin].ih_func = func; + sc->sc_pin_ih[pin].ih_arg = arg; + + reg = bus_space_read_4(sc->sc_memt, sc->sc_memh, sc->sc_pins[pin] * 16); + reg &= ~BYTGPIO_CONF_GD_MASK; + if ((flags & LR_GPIO_MODE) == 0) + reg |= BYTGPIO_CONF_GD_LEVEL; + if ((flags & LR_GPIO_POLARITY) == LR_GPIO_ACTLO) + reg |= BYTGPIO_CONF_GD_TNE; + if ((flags & LR_GPIO_POLARITY) == LR_GPIO_ACTHI) + reg |= BYTGPIO_CONF_GD_TPE; + if ((flags & LR_GPIO_POLARITY) == LR_GPIO_ACTBOTH) + reg |= BYTGPIO_CONF_GD_TNE | BYTGPIO_CONF_GD_TPE; + bus_space_write_4(sc->sc_memt, sc->sc_memh, sc->sc_pins[pin] * 16, reg); +} int bytgpio_intr(void *arg) { struct bytgpi
knote activate splhigh
Hi, from a customer's system I got this panic: kernel diagnostic assertion "(kn->kn_status & KN_QUEUED) == 0" failed: file ".. /../../../kern/kern_event.c", line 1071 panic() at panic+0xfe __assert() at __assert+0x25 knote_enqueue() at knote_enqueue+0x8c knote() at knote+0x47 selwakeup() at selwakeup+0x1b logwakeup() at logwakeup+0x20 log() at log+0xfc ... softclock() at softclock+0x315 softintr_dispatch() at softintr_dispatch+0x7f When looking at the condition in KNOTE_ACTIVATE() if ((kn->kn_status & (KN_QUEUED | KN_DISABLED)) == 0) knote_enqueue(kn); and the assertion in knote_enqueue() KASSERT((kn->kn_status & KN_QUEUED) == 0); it is quite obvious that interrupts must be blocked between those. So put the splhigh() around KNOTE_ACTIVATE() and use a splassert() within knote_enqueue(). This is more or less where FreeBSD puts its KQ_LOCK(). ok? bluhm Index: kern/kern_event.c === RCS file: /data/mirror/openbsd/cvs/src/sys/kern/kern_event.c,v retrieving revision 1.71 diff -u -p -r1.71 kern_event.c --- kern/kern_event.c 6 Jan 2016 17:58:46 - 1.71 +++ kern/kern_event.c 29 Mar 2016 19:15:40 - @@ -338,9 +338,12 @@ void filt_timerexpire(void *knx) { struct knote *kn = knx; + int s; kn->kn_data++; + s = splhigh(); KNOTE_ACTIVATE(kn); + splx(s); if ((kn->kn_flags & EV_ONESHOT) == 0) filt_timer_timeout_add(kn); @@ -954,7 +957,11 @@ kqueue_wakeup(struct kqueue *kq) void knote_activate(struct knote *kn) { + int s; + + s = splhigh(); KNOTE_ACTIVATE(kn); + splx(s); } /* @@ -964,10 +971,14 @@ void knote(struct klist *list, long hint) { struct knote *kn, *kn0; + int s; - SLIST_FOREACH_SAFE(kn, list, kn_selnext, kn0) + SLIST_FOREACH_SAFE(kn, list, kn_selnext, kn0) { + s = splhigh(); if (kn->kn_fop->f_event(kn, hint)) KNOTE_ACTIVATE(kn); + splx(s); + } } /* @@ -1073,14 +1084,13 @@ void knote_enqueue(struct knote *kn) { struct kqueue *kq = kn->kn_kq; - int s = splhigh(); + splassert(IPL_HIGH); KASSERT((kn->kn_status & KN_QUEUED) == 0); TAILQ_INSERT_TAIL(&kq->kq_head, kn, kn_tqe); kn->kn_status |= KN_QUEUED; kq->kq_count++; - splx(s); kqueue_wakeup(kq); }
Re: [patch] ftpd: close dirp
On Tue, 29 Mar 2016 21:50:23 +0200, frit...@alokat.org wrote: > The "dirp" pointer is not closed if goto inside the while loop is called. > > This diff: > - closes the dirp object > - moves the jump mark "out" a bit higher to clean the file pointer as well as > the > descriptor if the goto statement is called, and reset global variables > > The "send_file_list" function is only called on NLST. I think it is safer to just move the closedir(dirp) to be after the "out" label. - todd Index: ftpd.c === RCS file: /cvs/src/libexec/ftpd/ftpd.c,v retrieving revision 1.213 diff -u -p -u -r1.213 ftpd.c --- ftpd.c 16 Mar 2016 15:41:10 - 1.213 +++ ftpd.c 29 Mar 2016 20:30:39 - @@ -2694,6 +2694,8 @@ send_file_list(char *whichf) } else if (!S_ISDIR(st.st_mode)) continue; + if (dirp != NULL) + (void) closedir(dirp); if ((dirp = opendir(dirname)) == NULL) continue; @@ -2738,7 +2740,6 @@ send_file_list(char *whichf) byte_count += strlen(nbuf) + 1; } } - (void) closedir(dirp); } if (dout == NULL) @@ -2748,7 +2749,10 @@ send_file_list(char *whichf) else reply(226, "Transfer complete."); +out: transflag = 0; + if (dirp != NULL) + (void) closedir(dirp); if (dout != NULL) (void) fclose(dout); else { @@ -2757,7 +2761,7 @@ send_file_list(char *whichf) } data = -1; pdata = -1; -out: + if (freeglob) { freeglob = 0; globfree(&gl);
Re: spamd - DNS whitelist
Hi, I want to use a DNS white list to skip greylisting delays for known good addresses, which would pass the greylist anyway. To do this with spamd and OpenSMTPd I wrote a prototype which intercepts the initial SYN packet from any non-whitelisted ip. It then queries DNS whitelists and on any positive reply it whitelists the ip. The SYN packet is dropped. Any sane smtp server will very shortly resend the SYN and get through to OpenSMTPd. This program is only a proof-of-concept. I think the same functionality could be integrated into spamd or as transparent relay into relayd. Is this a sensible approach? Christopher On 2016-03-15 Stuart Henderson wrote: > On 2016/03/15 12:55, Craig Skinner wrote: > > Generally, everything has changed from file feeds to DNS. > > Yep, because for the more actively maintained ones 1) new entries show > up more quickly than any sane rsync interval, this is quite important > for good blocking these days 2) DNS is less resource intensive and > more easily distributed than rsync, and 3) importantly for the rbl > providers, it gives additional input to them about new mail sources > (if an rbl suddenly starts seeing queries from all over the world for > a previously unseen address, it's probably worth investigation - I am > sure this is why some of the commercial antispam operators provide > free DNS-based lookups for smaller orgs). > > A more flexible approach would be to skip the PF table integration > completely and do DNS lookups in spamd (or, uh, relayd, or something > new) and based on that it could choose whether to tarpit, greylist or > transparent-forward the connection to the real mail server. This > would also give a way to use dnswl.org's whitelist to avoid > greylisting for those hosts where it just doesn't work well (gmail, > office365 etc). > -- http://gmerlin.de OpenPGP: http://gmerlin.de/christopher.pub 2779 7F73 44FD 0736 B67A C410 69EC 7922 34B4 2566 pgp3n09YtGV91.pgp Description: OpenPGP digital signature
[patch] ftpd: close dirp
The "dirp" pointer is not closed if goto inside the while loop is called. This diff: - closes the dirp object - moves the jump mark "out" a bit higher to clean the file pointer as well as the descriptor if the goto statement is called, and reset global variables The "send_file_list" function is only called on NLST. --F. Index: ftpd.c === RCS file: /cvs/src/libexec/ftpd/ftpd.c,v retrieving revision 1.213 diff -u -r1.213 ftpd.c --- ftpd.c 16 Mar 2016 15:41:10 - 1.213 +++ ftpd.c 29 Mar 2016 19:44:21 - @@ -2704,6 +2704,7 @@ myoob(); recvurg = 0; transflag = 0; + (void)closedir(dirp); goto out; } @@ -2725,8 +2726,10 @@ if (dout == NULL) { dout = dataconn("file list", (off_t)-1, "w"); - if (dout == NULL) + if (dout == NULL) { + (void)closedir(dirp); goto out; + } transflag++; } if (nbuf[0] == '.' && nbuf[1] == '/') @@ -2738,7 +2741,7 @@ byte_count += strlen(nbuf) + 1; } } - (void) closedir(dirp); + (void)closedir(dirp); } if (dout == NULL) @@ -2748,16 +2751,17 @@ else reply(226, "Transfer complete."); +out: transflag = 0; if (dout != NULL) - (void) fclose(dout); + (void)fclose(dout); else { if (pdata >= 0) close(pdata); } data = -1; pdata = -1; -out: + if (freeglob) { freeglob = 0; globfree(&gl);
[PATCH] 59.html - 5.9 for socppc is not available
Hi all, Based on socppc platform page[0], the fact that the snapshots[1] haven't been built since September last year, as well as socppc directory not being present in the 5.9 release directory, I take it that 5.9 for socppc won't see the light of day. If that's the case, then the release page[3] needs adjusting - patch below. Regards, Raf [0] http://www.openbsd.org/socppc.html [1] http://ftp.openbsd.org/pub/OpenBSD/snapshots/socppc/ [2] http://ftp.openbsd.org/pub/OpenBSD/5.9/ [3] http://www.openbsd.org/59.html Index: 59.html === RCS file: /cvs/www/59.html,v retrieving revision 1.82 diff -u -p -r1.82 59.html --- 59.html 27 Mar 2016 22:25:31 - 1.82 +++ 59.html 29 Mar 2016 19:25:59 - @@ -967,8 +967,6 @@ extensive details on how to install Open .../OpenBSD/5.9/octeon/INSTALL.octeon http://ftp.openbsd.org/pub/OpenBSD/5.9/sgi/INSTALL.sgi";> .../OpenBSD/5.9/sgi/INSTALL.sgi -http://ftp.openbsd.org/pub/OpenBSD/5.9/socppc/INSTALL.socppc";> - .../OpenBSD/5.9/socppc/INSTALL.socppc http://ftp.openbsd.org/pub/OpenBSD/5.9/zaurus/INSTALL.zaurus";> .../OpenBSD/5.9/zaurus/INSTALL.zaurus @@ -1132,14 +1130,6 @@ Refer to the instructions in INSTALL.sgi If your machine doesn't have a CD drive, you can setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your system type. Refer to the instructions in INSTALL.sgi for more details. - - -OpenBSD/socppc: - - - -After connecting a serial port, boot over the network via DHCP/tftp. -Refer to the instructions in INSTALL.socppc for more details. OpenBSD/zaurus:
Re: rcctl ls faulty -> failed
On Tue, Mar 29, 2016 at 08:22:31AM -0600, Todd C. Miller wrote: > On Tue, 29 Mar 2016 15:29:27 +0200, Antoine Jacoutot wrote: > > > We'd like to rename the 'faulty' listing to 'failed'. > > i.e. rcctl ls failed > > > > 'faulty' does sound a bit weird and is not obvious to remember. > > Now the question is should we keep supporting the 'faulty' keyword or not? > > I'm not in favor of adding a knob especially when it's just an alias; > > that'd > > also mean documenting it. > > I like this. Me too.
OpenBSD 5.9 released - March 29
- OpenBSD 5.9 RELEASED - March 29, 2016. We are pleased to announce the official release of OpenBSD 5.9. This is our 39th release on CD-ROM (and 40th via FTP/HTTP). We remain proud of OpenBSD's record of more than twenty years with only two remote holes in the default install. As in our previous releases, 5.9 provides significant improvements, including new features, in nearly all areas of the system: - Processor support, including: o W^X policy enforced in the i386 kernel address space. - Improved hardware support, including: o New asmc(4) driver for the Apple System Management Controller. o New pchtemp(4) driver for the thermal sensor found on Intel X99, C610 series, 9 series and 100 series PCH. o New uonerng(4) driver for the Moonbase Otago OneRNG. o New dwiic(4) driver for the Synopsys DesignWare I2C controller. o New ikbd(4), ims(4), and imt(4) drivers for HID-over-i2c keyboards, mice and multitouch touchpads. o New efifb(4) driver for EFI frame buffer. o New viocon(4) driver for the virtio(4) console interface provided by KVM, QEMU, and others. o New xen(4) driver implementing Xen domU initialization and PVHVM device attachment. o New xspd(4) driver for the XenSource Platform Device providing guests with additional capabilities. o New xnf(4) driver for Xen paravirtualized networking interface. o amd64 can now boot from 32 bit and 64 bit EFI. o Initial support for hardware reduced ACPI added to acpi(4). o Support for ACPI configured SD host controllers has been added to sdhc(4). o The puc(4) driver now supports Moxa CP-168U, Perle Speed8 LE and QEMU PCI serial devices. o Intel 100 Series PCH Ethernet MAC with i219 PHY support has been added to the em(4) driver. o RTL8168H/RTL8111H support has been added to re(4). o inteldrm(4) has been updated to Linux 3.14.52 adding initial support for Bay Trail and Broadwell graphics. o Support for audio in Thinkpad docks has been added to the azalia(4) driver. o Support for Synaptic touchpads without W mode has been added to the pms(4) driver. o Support for tap-and-drag detection with ALPS touchpads in the pms(4) driver has been improved. o The sdmmc(4) driver now supports sector mode for eMMC devices, such as those found on some BeagleBone Black boards. o The cnmac(4) driver now supports checksum offloading. o The ipmi(4) driver now supports OpenIPMI compatible character device. o Support for ST-506 disks has been removed. - pledge(2) support integrated: o The tame(2) system call was renamed to pledge(2). Behavior and semantics were extended and refined. o 453 out of 707 base system binaries were adapted to use pledge. o 14 ports now use pledge(2): some decompression tools, mutt, some pdf tools, chromium/iridium, and the i3 window manager. o Various bugs exposed by pledge(2) were corrected. For example in bgpd(8), iked(8), ldapd(8), ntpd(8), and syslogd(8). o Several misfeatures were removed, such as: - support for HOSTALIASES in the resolver. - support for lookup yp in resolv.conf(5). - setuid-preserving code in tools from binutils. - handling of ed-style diffs via proc/exec in patch(1). o Userland programs were audited so that they could be properly annotated with pledge(2). This resulted in design changes such as: - addition of privilege separation to rdate(8) - addition of privilege separation to sndiod(8) - the introduction of the SOCK_DNS socket(2) flag that makes an SS_DNS tagged socket conceptually different from a plain socket. o pledge(2) is also used to constrain programs that handle untrusted data to a very limited subset of POSIX. For example, strings(1) or objdump(1) from binutils or the RSA-privsep process in smtpd(8). - SMP network stack improvements: o The task processing incoming packets can now run mostly in parallel of the rest of the kernel. This includes: - carp(4), trunk(4), vlan(4) and other pseudo-drivers with the exception of bridge(4). - Ethernet decapsulation, ARP processing and MPLS forwarding path. - bpf(4) filter matching. o The Rx and Tx rings of the ix(4), myx(4), em(4), bge(4), bnx(4), vmx(4), gem(4), re(4) and cas(4) drivers can now be processed in parallel of the rest of the kernel. o The Rx ring of the cnmac(4) driver can now be processed in parallel of the rest of the kernel. - Initial IEEE 802.11n wireless support: o The ieee80211(9) subsystem now supports HT data rates up to 65 Mbit/s (802.11n MCS 0-7). o The input path of ieee80211(9) now supports receiving A-MPDU and A-MSDU aggregated fr
Re: proxy ARP for ART
On Tue, Mar 29, 2016 at 12:59:46PM +0200, Martin Pieuchot wrote: > @@ -600,6 +601,10 @@ route_output(struct mbuf *m, ...) > + if (route_arp_conflict(&info, tableid)) { > + error = EEXIST; > + goto flush; > + } I don't like a function that returns a boolean when its name does not clearly say so. And this function has side effects. What about returning EEXIST and using this check? if ((error = route_arp_conflict(&info, tableid))) goto flush; > +route_arp_conflict(struct rt_addrinfo *info, unsigned int tableid) > +{ > +#ifdef ART ... > + (rtable_mpath_next(rt) != NULL)) { ... > +#endif /* ART */ rtable_mpath_next() is not defined with SMALL_KERNEL. You need another #ifndef here or RAMDISK kernel will break when we enable ART there. > @@ -698,8 +698,20 @@ arplookup(u_int32_t addr, int create, in > +#ifdef ART ... > + while ((mrt = rtable_mpath_next(mrt)) != NULL) { ... > +#endif /* ART */ same here with that OK bluhm@
Re: rcctl ls faulty -> failed
> From: "Antoine Jacoutot" > To: "Ian Darwin" > Cc: "tech" > Sent: Tuesday, March 29, 2016 10:59:54 AM > Subject: Re: rcctl ls faulty -> failed > On Tue, Mar 29, 2016 at 10:48:17AM -0400, Ian Darwin wrote: > > On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote: > > > Hi. > > > We'd like to rename the 'faulty' listing to 'failed'. > > > i.e. rcctl ls failed > > > Index: etc/daily > > > === > > > RCS file: /cvs/src/etc/daily,v > > > retrieving revision 1.85 > > > diff -u -p -u -p -r1.85 daily > > > --- etc/daily 28 Jan 2016 15:45:34 - 1.85 > > > +++ etc/daily 29 Mar 2016 13:25:59 - > > > @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do > > > done > > > next_part "Services that should run but don't:" > > While you're there, can you please change "should run but don't" to > > "should be running but aren't" ? The current wording is awkward, > > and also implies that they don't run (ie. they fail to start) > > when in fact they may have been running but been shut down > > manually, or failed. Language should be precise as well as concise. > Sure. > -- > Antoine Contractions aren't necessary. http://courses.cs.vt.edu/cs3604/support/Writing/writing.caveats.html
Re: rcctl ls faulty -> failed
On Tue, Mar 29, 2016 at 10:48:17AM -0400, Ian Darwin wrote: > On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote: > > Hi. > > > > We'd like to rename the 'faulty' listing to 'failed'. > > i.e. rcctl ls failed > > > > Index: etc/daily > > === > > RCS file: /cvs/src/etc/daily,v > > retrieving revision 1.85 > > diff -u -p -u -p -r1.85 daily > > --- etc/daily 28 Jan 2016 15:45:34 - 1.85 > > +++ etc/daily 29 Mar 2016 13:25:59 - > > @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do > > done > > > > next_part "Services that should run but don't:" > > While you're there, can you please change "should run but don't" to > "should be running but aren't" ? The current wording is awkward, > and also implies that they don't run (ie. they fail to start) > when in fact they may have been running but been shut down > manually, or failed. Language should be precise as well as concise. Sure. -- Antoine
Re: rcctl ls faulty -> failed
On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote: > Hi. > > We'd like to rename the 'faulty' listing to 'failed'. > i.e. rcctl ls failed > > Index: etc/daily > === > RCS file: /cvs/src/etc/daily,v > retrieving revision 1.85 > diff -u -p -u -p -r1.85 daily > --- etc/daily 28 Jan 2016 15:45:34 - 1.85 > +++ etc/daily 29 Mar 2016 13:25:59 - > @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do > done > > next_part "Services that should run but don't:" While you're there, can you please change "should run but don't" to "should be running but aren't" ? The current wording is awkward, and also implies that they don't run (ie. they fail to start) when in fact they may have been running but been shut down manually, or failed. Language should be precise as well as concise.
Re: ARP regress fix
On Tue, Mar 29, 2016 at 12:52:38PM +0200, Martin Pieuchot wrote: > It seems to me that the multicast test checks an incorrect MAC. Diff > below fixes that plus a typo. Tested with and without ART. OK bluhm@ Wenn running all tests sequentially, it passed without your diff because some other subtest has left stuff in the ARP table. So I will to commit this on top of your fix. bluhm diff --git a/Makefile b/Makefile index 6b37ad5..b2e410b 100644 --- a/Makefile +++ b/Makefile @@ -73,14 +73,20 @@ PYTHON =python2.7 ./ PYTHON = PYTHONPATH=${.OBJDIR} python2.7 ${.CURDIR}/ .endif +.PHONY: clean-arp + +# Clear local and remote ARP cache. +clean-arp: + @echo '\n $@ ' + ${SUDO} arp -da + ssh -t ${REMOTE_SSH} ${SUDO} arp -da + # Clear ARP cache and ping all addresses. This ensures that # the IP addresses are configured and all routing table are set up # to allow bidirectional packet flow. TARGETS += ping -run-regress-ping: +run-regress-ping: clean-arp @echo '\n $@ ' - ${SUDO} arp -da - ssh -t ${REMOTE_SSH} ${SUDO} arp -da .for ip in LOCAL_ADDR REMOTE_ADDR @echo Check ping ${ip} ping -n -c 1 ${${ip}} @@ -91,10 +97,9 @@ run-regress-ping: # Check that all fields of the answer are filled out correctly. # Check that the remote machine has the local IP and MAC in its ARP table. TARGETS += arp-request -run-regress-arp-request: addr.py +run-regress-arp-request: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Request for remote address and insert local address - ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${LOCAL_ADDR} ${SUDO} ${PYTHON}arp_request.py ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log grep '^${LOCAL_ADDR} .* ${LOCAL_MAC} ' arp.log @@ -106,7 +111,7 @@ run-regress-arp-request: addr.py # Check that all fields of the answer are filled out correctly. # Check that the remote machine overwrites the local address. TARGETS += arp-multicast -run-regress-arp-multicast: addr.py +run-regress-arp-multicast: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Request and overwrite entry with multicast ethernet ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@ @@ -125,7 +130,7 @@ run-regress-arp-multicast: addr.py # defend its IP address with an ARP reply. # Check that all fields of the answer are filled out correctly. TARGETS += arp-probe -run-regress-arp-probe: addr.py +run-regress-arp-probe: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Probe for existing address and expect correct reply ${SUDO} ${PYTHON}arp_probe.py @@ -134,7 +139,7 @@ run-regress-arp-probe: addr.py # Check that no answer is received. # Check that the remote machine rejects the broadcast sender. TARGETS += arp-broadcast -run-regress-arp-broadcast: addr.py +run-regress-arp-broadcast: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Request with broadcast as sender hardware address ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@ @@ -151,7 +156,7 @@ run-regress-arp-broadcast: addr.py # Check that the remote machine reports an duplicate address. # Check that the remote machine keeps its local ARP entry. TARGETS += arp-announcement -run-regress-arp-announcement: addr.py +run-regress-arp-announcement: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Announcement for existing address ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@ @@ -169,7 +174,7 @@ run-regress-arp-announcement: addr.py # Check that the remote machine reports an duplicate address. # Check that the remote machine keeps its local ARP entry. TARGETS += arp-gratuitous -run-regress-arp-gratuitous: addr.py +run-regress-arp-gratuitous: addr.py clean-arp @echo '\n $@ ' @echo Send Gratuitous ARP for existing address ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@ @@ -188,7 +193,7 @@ run-regress-arp-gratuitous: addr.py # Check that the attempt to overwrite the permanent entry is logged. # Check that the remote machine keeps its permanent ARP entry. TARGETS += arp-permanent -run-regress-arp-permanent: addr.py +run-regress-arp-permanent: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Request to change permanent fake address ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@ @@ -208,7 +213,7 @@ run-regress-arp-permanent: addr.py # Check that the attempt to overwrite the permanent entry is logged. # Check that the remote machine keeps its local ARP entry. TARGETS += arp-address -run-regress-arp-address: addr.py +run-regress-arp-address: addr.py clean-arp @echo '\n $@ ' @echo Send ARP Request to change address on other interface ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@ @@ -228,7 +233,7 @@
Re: rcctl ls faulty -> failed
On Tue, 29 Mar 2016 15:29:27 +0200, Antoine Jacoutot wrote: > We'd like to rename the 'faulty' listing to 'failed'. > i.e. rcctl ls failed > > 'faulty' does sound a bit weird and is not obvious to remember. > Now the question is should we keep supporting the 'faulty' keyword or not? > I'm not in favor of adding a knob especially when it's just an alias; that'd > also mean documenting it. I like this. - todd
Re: vlan(4) doesnt have to filter its own mac address
On Tue, Mar 29, 2016 at 02:37:44PM +1000, David Gwynne wrote: > because the network stack does it for it on the way in. > > the following chunk in src/sys/net/if_ethersubr.c does the same job > later on: > > int > ether_input(struct ifnet *ifp, struct mbuf *m, void *cookie) > { > ... > /* > * If packet is unicast, make sure it is for us. Drop otherwise. > * This check is required in promiscous mode, and for some hypervisors > * where the MAC filter is 'best effort' only. > */ > if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) { > if (memcmp(ac->ac_enaddr, eh->ether_dhost, ETHER_ADDR_LEN)) { > m_freem(m); > return (1); > } > } > ... > > ok? Fine with me if you update the comment in ether_input to indicate that this is also needed for vlan and other virtual devices. > Index: if_vlan.c > === > RCS file: /cvs/src/sys/net/if_vlan.c,v > retrieving revision 1.157 > diff -u -p -r1.157 if_vlan.c > --- if_vlan.c 29 Mar 2016 04:33:16 - 1.157 > +++ if_vlan.c 29 Mar 2016 04:35:28 - > @@ -375,18 +375,6 @@ vlan_input(struct ifnet *ifp0, struct mb > goto drop; > > /* > - * Drop promiscuously received packets if we are not in > - * promiscuous mode. > - */ > - if (!ETHER_IS_MULTICAST(eh->ether_dhost) && > - (ifp0->if_flags & IFF_PROMISC) && > - (ifv->ifv_if.if_flags & IFF_PROMISC) == 0) { > - if (bcmp(&ifv->ifv_ac.ac_enaddr, eh->ether_dhost, > - ETHER_ADDR_LEN)) > - goto drop; > - } > - > - /* >* Having found a valid vlan interface corresponding to >* the given source interface and vlan tag, remove the >* encapsulation. > -- :wq Claudio
rcctl ls faulty -> failed
Hi. We'd like to rename the 'faulty' listing to 'failed'. i.e. rcctl ls failed 'faulty' does sound a bit weird and is not obvious to remember. Now the question is should we keep supporting the 'faulty' keyword or not? I'm not in favor of adding a knob especially when it's just an alias; that'd also mean documenting it. Here's a diff that does s/faulty/failed Would that of any concern for anyone? Index: etc/daily === RCS file: /cvs/src/etc/daily,v retrieving revision 1.85 diff -u -p -u -p -r1.85 daily --- etc/daily 28 Jan 2016 15:45:34 - 1.85 +++ etc/daily 29 Mar 2016 13:25:59 - @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do done next_part "Services that should run but don't:" -rcctl ls faulty +rcctl ls failed next_part "Checking subsystem status:" if [ "X$VERBOSESTATUS" != X0 ]; then Index: usr.sbin/rcctl/rcctl.8 === RCS file: /cvs/src/usr.sbin/rcctl/rcctl.8,v retrieving revision 1.30 diff -u -p -u -p -r1.30 rcctl.8 --- usr.sbin/rcctl/rcctl.8 30 Jan 2016 18:57:31 - 1.30 +++ usr.sbin/rcctl/rcctl.8 29 Mar 2016 13:25:59 - @@ -103,7 +103,7 @@ which can be one of: .Bl -tag -width started -offset indent -compact .It Cm all all services and daemons -.It Cm faulty +.It Cm failed enabled but stopped daemons .It Cm off disabled services and daemons @@ -171,7 +171,7 @@ exits with 0 if the daemon or service is .Nm Cm getdef Ar daemon | service Op Cm status exits with 0 if the daemon or service is enabled by default and 1 if it is not. -.Nm Cm ls faulty +.Nm Cm ls failed exits with 1 if an enabled daemon is not running. Otherwise, the .Nm Index: usr.sbin/rcctl/rcctl.sh === RCS file: /cvs/src/usr.sbin/rcctl/rcctl.sh,v retrieving revision 1.91 diff -u -p -u -p -r1.91 rcctl.sh --- usr.sbin/rcctl/rcctl.sh 28 Mar 2016 08:10:19 - 1.91 +++ usr.sbin/rcctl/rcctl.sh 29 Mar 2016 13:25:59 - @@ -31,7 +31,7 @@ usage() "usage: rcctl get|getdef|set service | daemon [variable [arguments]] rcctl [-df] $(echo ${_rc_actions} | tr "[:blank:]" "|") daemon ... rcctl disable|enable|order [daemon ...] - rcctl ls all|faulty|off|on|started|stopped" + rcctl ls all|failed|off|on|started|stopped" } needs_root() @@ -182,7 +182,7 @@ svc_ls() echo ${_special_svcs} | tr "[:blank:]" "\n" ) | sort ;; - faulty) + failed) for _svc in $(svc_ls on); do ! svc_is_special ${_svc} && \ ! /etc/rc.d/${_svc} check >/dev/null && \ @@ -444,7 +444,7 @@ ret=0 case ${action} in ls) lsarg=$2 - [[ ${lsarg} == @(all|faulty|off|on|started|stopped) ]] || usage + [[ ${lsarg} == @(all|failed|off|on|started|stopped) ]] || usage ;; order) shift 1 @@ -529,7 +529,7 @@ case ${action} in ;; ls) # some rc.d(8) scripts need root for rc_check() - [[ ${lsarg} == @(started|stopped|faulty) ]] && needs_root ${action} ${lsarg} + [[ ${lsarg} == @(started|stopped|failed) ]] && needs_root ${action} ${lsarg} svc_ls ${lsarg} ;; order) -- Antoine
Re: ie(4) and ie(4/sparc) vs bpf_tap
On Tue, Mar 29, 2016 at 08:58:35PM +1000, David Gwynne wrote: > i think bpf_tap is broken, so id like to get rid of it. > > the only thing(s) using it is ie, but they dont require bpf_tap. > > the typical idiom with doing bpf on outgoing packets is to pass the > mbuf in between dequeueing the packet from the send queue, and > before it's given to the hardware. > > this diff moves the bpf from reading a buffer out of a ring up into > the start routine as just described. > > ie on isa busses was already doing that, but also doing it again > out of the ring. this simply removes the extra one. this means you > wont get to see the packet twice, but once is enough for everyone > else. > > ok? OK. Diff reads OK. Don't get hold up because of ie(4). > Index: arch/sparc/dev/if_ie.c > === > RCS file: /cvs/src/sys/arch/sparc/dev/if_ie.c,v > retrieving revision 1.62 > diff -u -p -r1.62 if_ie.c > --- arch/sparc/dev/if_ie.c16 Mar 2016 15:41:10 - 1.62 > +++ arch/sparc/dev/if_ie.c29 Mar 2016 10:54:38 - > @@ -998,19 +998,6 @@ static __inline void > iexmit(sc) > struct ie_softc *sc; > { > - > -#if NBPFILTER > 0 > - /* > - * If BPF is listening on this interface, let it see the packet before > - * we push it on the wire. > - */ > - if (sc->sc_arpcom.ac_if.if_bpf) > - bpf_tap(sc->sc_arpcom.ac_if.if_bpf, > - sc->xmit_cbuffs[sc->xctail], > - SWAP(sc->xmit_buffs[sc->xctail]->ie_xmit_flags), > - BPF_DIRECTION_OUT); > -#endif > - > sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST; > sc->xmit_buffs[sc->xctail]->ie_xmit_next = SWAP(0x); > ST_24(sc->xmit_buffs[sc->xctail]->ie_xmit_buf, > @@ -1314,6 +1301,11 @@ iestart(ifp) > IFQ_DEQUEUE(&sc->sc_arpcom.ac_if.if_snd, m); > if (!m) > break; > + > +#if NBPFILTER > 0 > + if (ifp->if_bpf) > + bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); > +#endif > > len = 0; > buffer = sc->xmit_cbuffs[sc->xchead]; > Index: dev/isa/if_ie.c > === > RCS file: /cvs/src/sys/dev/isa/if_ie.c,v > retrieving revision 1.50 > diff -u -p -r1.50 if_ie.c > --- dev/isa/if_ie.c 14 Mar 2016 23:08:06 - 1.50 > +++ dev/isa/if_ie.c 29 Mar 2016 10:54:38 - > @@ -1120,18 +1120,6 @@ iexmit(sc) > sc->xctail); > #endif > > -#if NBPFILTER > 0 > - /* > - * If BPF is listening on this interface, let it see the packet before > - * we push it on the wire. > - */ > - if (sc->sc_arpcom.ac_if.if_bpf) > - bpf_tap(sc->sc_arpcom.ac_if.if_bpf, > - sc->xmit_cbuffs[sc->xctail], > - sc->xmit_buffs[sc->xctail]->ie_xmit_flags, > - BPF_DIRECTION_OUT); > -#endif > - > sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST; > sc->xmit_buffs[sc->xctail]->ie_xmit_next = 0x; > sc->xmit_buffs[sc->xctail]->ie_xmit_buf = > -- :wq Claudio
Re: uvm: enable amap per-page refcounting unconditionally
On 28/03/16(Mon) 11:28, Stefan Kempf wrote: > Miod Vallat wrote: > > > > > It seems per-page reference counting is used since forever. I think > > > there's no reason to ever turn it off (and track referenced pages > > > with less accuracy, causing leaks). > > > > Actually, assuming the #undef code path works, it might work keeping > > this and only defining UVM_AMAP_PPREF iff defined(SMALL_KERNEL). > > Doing this saves around 1.6K on bsd.rd/amd64. > > Would that be preferred over removing the #ifdefs? I'd prefer to get rid of the #ifdefs and have fewer differences between RAMDISK and GENERIC. > text databss dec hex > 4736948 2409000 577536 7723484 75d9dc > 4738636 2409000 577536 7725172 75e074 > > diff --git a/uvm/uvm_amap.h b/uvm/uvm_amap.h > index a98b440..a768e94 100644 > --- a/uvm/uvm_amap.h > +++ b/uvm/uvm_amap.h > @@ -119,7 +119,9 @@ boolean_t amap_swap_off(int, int); > * ... this is enabled with the "UVM_AMAP_PPREF" define. > */ > > -#define UVM_AMAP_PPREF /* track partial references */ > +#ifndef SMALL_KERNEL > +# define UVM_AMAP_PPREF /* track partial references */ > +#endif > > /* > * here is the definition of the vm_amap structure for this implementation. >
ie(4) and ie(4/sparc) vs bpf_tap
i think bpf_tap is broken, so id like to get rid of it. the only thing(s) using it is ie, but they dont require bpf_tap. the typical idiom with doing bpf on outgoing packets is to pass the mbuf in between dequeueing the packet from the send queue, and before it's given to the hardware. this diff moves the bpf from reading a buffer out of a ring up into the start routine as just described. ie on isa busses was already doing that, but also doing it again out of the ring. this simply removes the extra one. this means you wont get to see the packet twice, but once is enough for everyone else. ok? Index: arch/sparc/dev/if_ie.c === RCS file: /cvs/src/sys/arch/sparc/dev/if_ie.c,v retrieving revision 1.62 diff -u -p -r1.62 if_ie.c --- arch/sparc/dev/if_ie.c 16 Mar 2016 15:41:10 - 1.62 +++ arch/sparc/dev/if_ie.c 29 Mar 2016 10:54:38 - @@ -998,19 +998,6 @@ static __inline void iexmit(sc) struct ie_softc *sc; { - -#if NBPFILTER > 0 - /* -* If BPF is listening on this interface, let it see the packet before -* we push it on the wire. -*/ - if (sc->sc_arpcom.ac_if.if_bpf) - bpf_tap(sc->sc_arpcom.ac_if.if_bpf, - sc->xmit_cbuffs[sc->xctail], - SWAP(sc->xmit_buffs[sc->xctail]->ie_xmit_flags), - BPF_DIRECTION_OUT); -#endif - sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST; sc->xmit_buffs[sc->xctail]->ie_xmit_next = SWAP(0x); ST_24(sc->xmit_buffs[sc->xctail]->ie_xmit_buf, @@ -1314,6 +1301,11 @@ iestart(ifp) IFQ_DEQUEUE(&sc->sc_arpcom.ac_if.if_snd, m); if (!m) break; + +#if NBPFILTER > 0 + if (ifp->if_bpf) + bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT); +#endif len = 0; buffer = sc->xmit_cbuffs[sc->xchead]; Index: dev/isa/if_ie.c === RCS file: /cvs/src/sys/dev/isa/if_ie.c,v retrieving revision 1.50 diff -u -p -r1.50 if_ie.c --- dev/isa/if_ie.c 14 Mar 2016 23:08:06 - 1.50 +++ dev/isa/if_ie.c 29 Mar 2016 10:54:38 - @@ -1120,18 +1120,6 @@ iexmit(sc) sc->xctail); #endif -#if NBPFILTER > 0 - /* -* If BPF is listening on this interface, let it see the packet before -* we push it on the wire. -*/ - if (sc->sc_arpcom.ac_if.if_bpf) - bpf_tap(sc->sc_arpcom.ac_if.if_bpf, - sc->xmit_cbuffs[sc->xctail], - sc->xmit_buffs[sc->xctail]->ie_xmit_flags, - BPF_DIRECTION_OUT); -#endif - sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST; sc->xmit_buffs[sc->xctail]->ie_xmit_next = 0x; sc->xmit_buffs[sc->xctail]->ie_xmit_buf =
proxy ARP for ART
Diff below implements proxy ARP using the mpath property of our routing table. This solution is not limited to ART and could be used for different purposes, like putting multicast addresses in the routing table. However I'm keeping it under "#ifdef ART" as long as we are not totally committed to this new routing table. The new function in net/rtsock.c enforces that at most one private and one public ARP entry are inserted in a routing table. I didn't put it in netinet/if_ether.c because I don't want to spread more "rt_addrinfo" than we already have. I'll work on removing the KERNEL_LOCK() around rtable_mpath_next() soon. With this all ARP and arp(8) regression tests pass. ok? Index: net/route.h === RCS file: /cvs/src/sys/net/route.h,v retrieving revision 1.133 diff -u -p -r1.133 route.h --- net/route.h 26 Mar 2016 21:56:04 - 1.133 +++ net/route.h 29 Mar 2016 09:52:29 - @@ -136,6 +136,7 @@ struct rtentry { #define RTF_BLACKHOLE 0x1000 /* just discard pkts (during updates) */ #define RTF_PROTO3 0x2000 /* protocol specific routing flag */ #define RTF_PROTO2 0x4000 /* protocol specific routing flag */ +#define RTF_ANNOUNCE RTF_PROTO2 /* announce L2 entry */ #define RTF_PROTO1 0x8000 /* protocol specific routing flag */ #define RTF_CLONED 0x1 /* this is a cloned route */ #define RTF_MPATH 0x4 /* multipath route or operation */ Index: net/rtsock.c === RCS file: /cvs/src/sys/net/rtsock.c,v retrieving revision 1.187 diff -u -p -r1.187 rtsock.c --- net/rtsock.c26 Mar 2016 21:56:04 - 1.187 +++ net/rtsock.c29 Mar 2016 10:07:53 - @@ -98,6 +98,7 @@ struct walkarg { introute_ctloutput(int, struct socket *, int, int, struct mbuf **); void route_input(struct mbuf *m0, ...); +introute_arp_conflict(struct rt_addrinfo *, unsigned int); struct mbuf*rt_msg1(int, struct rt_addrinfo *); int rt_msg2(int, int, struct rt_addrinfo *, caddr_t, @@ -600,6 +601,10 @@ route_output(struct mbuf *m, ...) error = EINVAL; goto flush; } + if (route_arp_conflict(&info, tableid)) { + error = EEXIST; + goto flush; + } error = rtrequest(RTM_ADD, &info, prio, &saved_nrt, tableid); if (error == 0) { rt_setmetrics(rtm->rtm_inits, &rtm->rtm_rmx, @@ -884,6 +889,47 @@ fail: rp->rcb_proto.sp_family = PF_ROUTE; return (error); +} + +/* + * Check if the user request to insert an ARP entry does not conflict + * with existing ones. + * + * Only two entries are allowed for a given IP address: a private one + * (priv) and a public one (pub). + */ +int +route_arp_conflict(struct rt_addrinfo *info, unsigned int tableid) +{ +#ifdef ART + struct rtentry *rt; + int proxy = (info->rti_flags & RTF_ANNOUNCE); + + if ((info->rti_flags & RTF_LLINFO) == 0 || + (info->rti_info[RTAX_DST]->sa_family != AF_INET)) + return (0); + + rt = rtalloc(info->rti_info[RTAX_DST], 0, tableid); + if (rt == NULL || !ISSET(rt->rt_flags, RTF_LLINFO)) { + rtfree(rt); + return (0); + } + + /* +* Same destination and both "priv" or "pub" conflict. +* If a second entry exists, it always conflict. +*/ + if ((ISSET(rt->rt_flags, RTF_ANNOUNCE) == proxy) || + (rtable_mpath_next(rt) != NULL)) { + rtfree(rt); + return (1); + } + + /* No conflict but an entry exist so we need to force mpath. */ + info->rti_flags |= RTF_MPATH; + rtfree(rt); +#endif /* ART */ + return (0); } void Index: netinet/if_ether.c === RCS file: /cvs/src/sys/netinet/if_ether.c,v retrieving revision 1.203 diff -u -p -r1.203 if_ether.c --- netinet/if_ether.c 24 Mar 2016 07:15:10 - 1.203 +++ netinet/if_ether.c 29 Mar 2016 10:07:12 - @@ -698,8 +698,20 @@ arplookup(u_int32_t addr, int create, in } if (proxy && !ISSET(rt->rt_flags, RTF_ANNOUNCE)) { + struct rtentry *mrt = NULL; +#ifdef ART + mrt = rt; + KERNEL_LOCK(); + while ((mrt = rtable_mpath_next(mrt)) != NULL) { + if (ISSET(mrt->rt_flags, RTF_ANNOUNCE)) { + rtref(mrt); + break; + } + } + KERNEL_UNLOCK(); +#endif /* ART */ rtfree(rt); - return (NULL); + return (mrt); } return (rt); Index: netinet/if_ether.h
ARP regress fix
It seems to me that the multicast test checks an incorrect MAC. Diff below fixes that plus a typo. Index: Makefile === RCS file: /cvs/src/regress/sys/netinet/arp/Makefile,v retrieving revision 1.4 diff -u -p -r1.4 Makefile --- Makefile24 Mar 2016 07:11:45 - 1.4 +++ Makefile29 Mar 2016 10:43:52 - @@ -118,7 +118,7 @@ run-regress-arp-multicast: addr.py ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${LOCAL_ADDR} diff old.log new.log | grep '^> ' >diff.log grep 'bsd: arp info overwritten for ${LOCAL_ADDR} by 33:33:33:33:33:33' diff.log - grep '^${LOCAL_ADDR} .* ${LOCAL_MAC} ' arp.log + grep '^${LOCAL_ADDR} .* 33:33:33:33:33:33 ' arp.log # Send an ARP probe from the local machine with the remote IP as # target. Sender MAC is local and IP is 0. The remote machine must @@ -249,8 +249,8 @@ run-regress-arp-temporary: addr.py # Check that no answer is received. # Check that the attempt to add an entry is logged. # Check that the remote machine keeps its incomplete ARP entry. -TARGETS += arp-incomlete -run-regress-arp-incomlete: addr.py +TARGETS += arp-incomplete +run-regress-arp-incomplete: addr.py @echo '\n $@ ' @echo Send ARP Request filling an incomplete entry on other interface ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
Re: tcp syn cache random reseed
On 28/03/16(Mon) 23:56, Alexander Bluhm wrote: > On Mon, Mar 21, 2016 at 12:58:41PM +0100, Alexander Bluhm wrote: > > The attack I see is that you can measure the bucket distribution > > by timing the SYN+ACK response. You can collect samples that end > > in the same bucket. After you have collected enough, start your > > DoS attack. I think that just collecting data is also possible > > with a strong hash function. With a weak function you may collect > > less and can start guessing early on top of that. But reseeding > > after a number of packets prevents to collect information over a > > long peroid. > > The syn cache already detects when it has too many bucket collisions. > That seems a good moment to reseed the hash function. Makes sense to me. The "> 0" check made me wonder. Can't you simply use an unsigned variable and always set it to 0? > ok? ok mpi@ > Index: netinet/tcp_input.c > === > RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/tcp_input.c,v > retrieving revision 1.316 > diff -u -p -r1.316 tcp_input.c > --- netinet/tcp_input.c 27 Mar 2016 19:19:01 - 1.316 > +++ netinet/tcp_input.c 28 Mar 2016 21:51:20 - > @@ -3400,6 +3400,12 @@ syn_cache_insert(struct syn_cache *sc, s > if (scp->sch_length >= tcp_syn_bucket_limit) { > tcpstat.tcps_sc_bucketoverflow++; > /* > + * Someone might attack our bucket hash function. Reseed > + * with random as soon as the passive syn cache gets empty. > + */ > + if (set->scs_use > 0) > + set->scs_use = 0; > + /* >* The bucket is full. Toss the oldest element in the >* bucket. This will be the first entry in the bucket. >*/ >