ssh_config: Match exec broken
Just upgraded the latest snapshot OpenBSD 6.3-beta (GENERIC.MP) #25: Fri Mar 2 14:41:23 MST 2018 The following ssh_config(5) snippet is now broken: Match exec "echo %n | grep -qxE 'some|nifty|regex'" Include some/config $ ssh some_host Unsupported Match attribute echo /home/kn/.ssh/config line 42: Bad Match condition Reverting the following commit fixes this and I can connect again regardless of matching: revision 1.124 date: 2018/03/02 03:02:11; author: djm; state: Exp; lines: +19 -8; commitid: nNRsCijZiGG6SUTT; Allow escaped quotes \" and \' in ssh_config and sshd_config quotes option strings. bz#1596 ok markus@
Re: syslogd deletes any existing file if defined as value for -p [was: syslogd loghost only - without unix socket & /dev/klog]
Do we want this syslogd feature that it only removes files it created at startup? On Sat, Feb 10, 2018 at 12:28:31AM +0100, Alexander Bluhm wrote: > The file removal is part of a regression introduced by moving to > fork+exec. Before only files that were actually open were removed. > Now the reexec parent does not know that and removes all files > passed with -p, -a, or -s. > > This can be fixed by passing the files that have been successfully > opened with -R to the reexec parent. While doing that I found a > missing realpath(3) before chdir(2). It is not clever to remove > relative files in / that were created somewhere else. > > Instead of using the global variables nunix, path_unix, and > path_ctlsock I pass the files to be removed to the parent explicitly. > > When I started syslogd -d I noticed that it was doing almost what > you want. It checks whether a unix domain socket is used by another > server. I guess that this is only done in debug mode to debug > syslogd while another instance is running. > > I consider it a bad idea to change behavior in debug mode. That > makes debugging real problems harder. So let's rearrange the > existing connect(2) code in a way that only unconnected unix domain > sockets are removed before creating a new server socket. > > ok? > > bluhm > > Index: usr.sbin/syslogd/privsep.c > === > RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/privsep.c,v > retrieving revision 1.67 > diff -u -p -r1.67 privsep.c > --- usr.sbin/syslogd/privsep.c5 Apr 2017 11:31:45 - 1.67 > +++ usr.sbin/syslogd/privsep.c9 Feb 2018 21:48:21 - > @@ -94,7 +94,8 @@ static void must_write(int, void *, size > static int may_read(int, void *, size_t); > > void > -priv_init(int lockfd, int nullfd, int argc, char *argv[]) > +priv_init(int lockfd, int nullfd, int nremove, char *path_remove[], > +int argc, char *argv[]) > { > int i, socks[2]; > struct passwd *pw; > @@ -135,6 +136,13 @@ priv_init(int lockfd, int nullfd, int ar > execpath = argv[0]; > else if ((execpath = realpath(argv[0], NULL)) == NULL) > err(1, "realpath %s", argv[0]); > + for (i = 0; i < nremove; i++) { > + char *tmp; > + > + if ((tmp = realpath(path_remove[i], NULL)) == NULL) > + err(1, "remove path %s", path_remove[i]); > + path_remove[i] = tmp; > + } > if (chdir("/") != 0) > err(1, "chdir /"); > > @@ -153,11 +161,16 @@ priv_init(int lockfd, int nullfd, int ar > err(1, "closefrom 4 failed"); > > snprintf(childnum, sizeof(childnum), "%d", child_pid); > - if ((privargv = reallocarray(NULL, argc + 3, sizeof(char *))) == NULL) > + if ((privargv = reallocarray(NULL, argc + 2 * nremove + 3, > + sizeof(char *))) == NULL) > err(1, "alloc priv argv failed"); > privargv[0] = execpath; > for (i = 1; i < argc; i++) > privargv[i] = argv[i]; > + while (nremove > 0) { > + privargv[i++] = "-R"; > + privargv[i++] = path_remove[--nremove]; > + } > privargv[i++] = "-P"; > privargv[i++] = childnum; > privargv[i++] = NULL; > @@ -166,7 +179,8 @@ priv_init(int lockfd, int nullfd, int ar > } > > __dead void > -priv_exec(char *conf, int numeric, int child, int argc, char *argv[]) > +priv_exec(char *conf, int numeric, int child, int nremove, char > *path_remove[], > +int argc, char *argv[]) > { > int i, fd, sock, cmd, addr_len, result, restart; > size_t path_len, protoname_len, hostname_len, servname_len; > @@ -406,10 +420,8 @@ priv_exec(char *conf, int numeric, int c > close(sock); > > /* Unlink any domain sockets that have been opened */ > - for (i = 0; i < nunix; i++) > - (void)unlink(path_unix[i]); > - if (path_ctlsock != NULL) > - (void)unlink(path_ctlsock); > + for (i = 0; i < nremove; i++) > + (void)unlink(path_remove[i]); > > if (restart) { > int status; > Index: usr.sbin/syslogd/syslogd.c > === > RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v > retrieving revision 1.254 > diff -u -p -r1.254 syslogd.c > --- usr.sbin/syslogd/syslogd.c24 Nov 2017 23:11:42 - 1.254 > +++ usr.sbin/syslogd/syslogd.c9 Feb 2018 22:49:37 - > @@ -214,8 +214,6 @@ char *TypeNames[] = { > SIMPLEQ_HEAD(filed_list, filed) Files; > struct filed consfile; > > -int nunix; /* Number of Unix domain sockets requested */ > -char **path_unix;/* Paths to Unix domain sockets */ > int Debug; /* debug flag */ > int Foreground; /* run in foreground, instead of daemonizing */ > char LocalHostName[HOST_NAME_MAX+1]; /* our
Re: AMD64 panic: netlock: lock not held
2018-03-02 15:45 GMT+01:00 Alexander Bluhm: > On Fri, Mar 02, 2018 at 02:25:21PM +0100, Pierre Emeriaud wrote: >> panic: netlock: lock not held > >> ifpromisc(800021f85400,805ae000) at ifpromisc+0xb3 >> bpfioctl(ff027eb5fc18,ff027eb5fc18,ff02414ac4a0,20004269,ff02414ac4a0) >> at bpfioctl+0x53c > > I would say this is a missing netlock around ifpromisc() in bpfioctl(). > And in the bpfclose() path it is also missing. This seems to fix the issue. I'm not panic'ing anymore when using tcpdump. Thanks!
Re: AMD64 panic: netlock: lock not held
On Fri, Mar 02, 2018 at 02:25:21PM +0100, Pierre Emeriaud wrote: > panic: netlock: lock not held > ifpromisc(800021f85400,805ae000) at ifpromisc+0xb3 > bpfioctl(ff027eb5fc18,ff027eb5fc18,ff02414ac4a0,20004269,ff02414ac4a0) > at bpfioctl+0x53c I would say this is a missing netlock around ifpromisc() in bpfioctl(). And in the bpfclose() path it is also missing. ok? bluhm Index: net/bpf.c === RCS file: /data/mirror/openbsd/cvs/src/sys/net/bpf.c,v retrieving revision 1.168 diff -u -p -r1.168 bpf.c --- net/bpf.c 19 Feb 2018 08:59:52 - 1.168 +++ net/bpf.c 2 Mar 2018 14:35:29 - @@ -326,7 +326,9 @@ bpf_detachd(struct bpf_d *d) bpf_get(d); mtx_leave(>bd_mtx); + NET_LOCK(); error = ifpromisc(bp->bif_ifp, 0); + NET_UNLOCK(); mtx_enter(>bd_mtx); bpf_put(d); @@ -794,7 +796,9 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t } else if (d->bd_bif->bif_ifp != NULL) { if (d->bd_promisc == 0) { MUTEX_ASSERT_UNLOCKED(>bd_mtx); + NET_LOCK(); error = ifpromisc(d->bd_bif->bif_ifp, 1); + NET_UNLOCK(); if (error == 0) d->bd_promisc = 1; }
Re: cgi-bin/bgplg 'show ip bgp as' fails with as < 10
2018-03-01 16:50 GMT+01:00 Pierre Emeriaud: >> I found an interesting behavior with bgplg when used as cgi-bin. It >> fails with "show ip bgp {as|source-as|transit-as}" at least when as is >> < 10. The following seems to fix the issue, but I may have overlooked some things. Both cgi-bin and bgplgsh works fine now. Thanks Denis :) Index: bgplg.c === RCS file: /cvs/src/usr.bin/bgplg/bgplg.c,v retrieving revision 1.18 diff -u -p -r1.18 bgplg.c --- bgplg.c 18 Dec 2017 09:12:49 - 1.18 +++ bgplg.c 2 Mar 2018 13:29:57 - @@ -160,7 +160,7 @@ lg_arg2argv(char *arg, int *argc) len = strlen(arg); /* Count elements */ - for (i = 0; i < (len - 1); i++) { + for (i = 0; i < len; i++) { if (isspace((unsigned char)arg[i])) { /* filter out additional options */ if (arg[i + 1] == '-') { @@ -182,7 +182,7 @@ lg_arg2argv(char *arg, int *argc) *argc = c; /* Fill array */ - for (i = c = 0; i < (len - 1); i++) { + for (i = c = 0; i < len; i++) { if (arg[i] == '\0' || i == 0) { if (i != 0) ptr = [i + 1];
AMD64 panic: netlock: lock not held
>Synopsis: Machine (virtual) crashed when attempting to troubleshoot slow bgp >updates with tcpdump. >Category: kernel >Environment: System : OpenBSD 6.3 Details : OpenBSD 6.3-beta (GENERIC) #19: Thu Mar 1 09:13:58 MST 2018 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC Architecture: OpenBSD.amd64 Machine : amd64 >Description: Machine (virtual) crashed when attempting to troubleshoot slow bgp updates with tcpdump. To test some bgpd ideas I set up an ipv6 transit session with a border router of mine (full ipv6 table - ~46k pfx), but bgp updates were apparently very slow, with an increase of around 1 prefix / second. As soon as I launched tcpdump -v -i vio0 host the machine crashed with netlock panic. The affected machine is running -current as of yesterday on a proxmox linux. So as the border and another server (both 6.2-stable) which have been running nice besides hardlocks at reboot (now fixed). >Output from serial console: panic: netlock: lock not held Stopped at db_enter+0x5: popq%rbp TIDPIDUID PRFLAGS PFLAGS CPU COMMAND *521757 10098 0 0x3 00 tcpdump db_enter() at db_enter+0x5 panic() at panic+0x129 rw_assert_wrlock(811020e7) at rw_assert_wrlock+0x37 rwsleep(800ed8cc,800ed000,800ed1d0,800bef00,802 06910) at rwsleep+0x41 vio_set_rx_filter(800bef00) at vio_set_rx_filter+0x2fe vio_iff(800ed290) at vio_iff+0xfd vio_ioctl(0,800ed290,0) at vio_ioctl+0x127 ifpromisc(800021f85400,805ae000) at ifpromisc+0xb3 bpfioctl(ff027eb5fc18,ff027eb5fc18,ff02414ac4a0,20004269,ff0241 4ac4a0) at bpfioctl+0x53c VOP_IOCTL(800021f886d0,fb2f86b766fc4d27,800021f886d0,ff027f7d2900,f fff0001,800021f85400) at VOP_IOCTL+0x46 vn_ioctl(800021f854f0,800021f886d0,ff02414ac4a0,0) at vn_ioctl+0x5d sys_ioctl(360,800021f886d0,36) at sys_ioctl+0x346 syscall() at syscall+0x206 --- syscall (number 54) --- end of kernel end trace frame: 0x7f7fab50, count: 2 0x13a0ab8edaaa: https://www.openbsd.org/ddb.html describes the minimum info required in bug reports. Insufficient info makes it difficult to find and fix bugs. >Virtual machine configuration from proxmox: $ sudo qm config 104 args: -cpu host,+kvm_pv_unhalt,+kvm_pv_eoi,x2apic boot: ndc bootdisk: virtio0 cores: 1 cpu: host ide2: none,media=cdrom machine: q35 memory: 8192 name: openbsd-dev net0: virtio=0E:86:1F:01:BC:42,bridge=vmbr2 numa: 0 ostype: other scsihw: virtio-scsi-pci serial0: socket smbios1: uuid=4699eb37-063c-400c-8e86-d43e6595d2e8 sockets: 1 virtio0: local:104/vm-104-disk-1.qcow2,size=32G ddb> show panic netlock: lock not held ddb> trace db_enter() at db_enter+0x5 panic() at panic+0x129 rw_assert_wrlock(811020e7) at rw_assert_wrlock+0x37 rwsleep(800ed8cc,800ed000,800ed1d0,800bef00,802 06910) at rwsleep+0x41 vio_set_rx_filter(800bef00) at vio_set_rx_filter+0x2fe vio_iff(800ed290) at vio_iff+0xfd vio_ioctl(0,800ed290,0) at vio_ioctl+0x127 ifpromisc(800021f85400,805ae000) at ifpromisc+0xb3 bpfioctl(ff027eb5fc18,ff027eb5fc18,ff02414ac4a0,20004269,ff0241 4ac4a0) at bpfioctl+0x53c VOP_IOCTL(800021f886d0,fb2f86b766fc4d27,800021f886d0,ff027f7d2900,f fff0001,800021f85400) at VOP_IOCTL+0x46 vn_ioctl(800021f854f0,800021f886d0,ff02414ac4a0,0) at vn_ioctl+0x5d sys_ioctl(360,800021f886d0,36) at sys_ioctl+0x346 syscall() at syscall+0x206 --- syscall (number 54) --- end of kernel end trace frame: 0x7f7fab50, count: -13 0x13a0ab8edaaa: ddb> ps PID TID PPIDUID S FLAGS WAIT COMMAND *10098 521757 70553 0 7 0x3tcpdump 70553 363279 30249 76 30x93 netio tcpdump 95781 507544 93482 75 30x100092 poll bgpd 81123 271231 93482 75 30x100092 poll bgpd 93482 304497 1 0 30x80 poll bgpd 30249 86067 94716 1000 30x10008b pause ksh 94716 378518 59185 1000 30x90 selectsshd 59185 325077 5766 0 30x82 poll sshd 44309 405369 1 0 30x100083 ttyin ksh 67269 502292 1 0 30x100083 ttyin getty 28198 282478 1 0 30x100083 ttyin getty 15930 481854 1 0 30x100083 ttyin getty 10957 290065 1 0 30x100083 ttyin getty 3076 242186 1 0 30x100083 ttyin getty 46936 486193 1 0 30x100098 poll cron 82263 415128 1 99 30x100090 poll sndiod 59247 3 1110 30x100090 poll sndiod 41252 273090 91070 95 30x100092 kqreadsmtpd 43808 382325 91070103 3
Re: Vertical lines present on fonts (FreeType update related)
I finally had some time to bisect this diff and found that reverting the following line of code to the one that was present in FreeType 2.8.0 fixes the error for me. Is there any way this can go in? This bug significantly affects the legibility of Asian fonts, and while the diff is a one-liner, I won't claim to understand what exactly the new memory allocation function is doing differently than the old one. -- Bryan Index: ftutil.c === RCS file: /cvs/xenocara/lib/freetype/src/base/ftutil.c,v retrieving revision 1.9 diff -u -r1.9 ftutil.c --- ftutil.c15 Dec 2017 19:29:12 - 1.9 +++ ftutil.c2 Mar 2018 12:27:45 - @@ -143,7 +143,8 @@ { FT_ASSERT( !block ); - block = memory->alloc( memory, new_count * item_size ); +// block = memory->alloc( memory, new_count * item_size ); + block = ft_mem_alloc( memory, new_count * item_size, ); if ( block == NULL ) error = FT_THROW( Out_Of_Memory ); }
X forwarding stopped working in Feb
SENDBUG: -*- sendbug -*- SENDBUG: Lines starting with `SENDBUG' will be removed automatically. SENDBUG: SENDBUG: Choose from the following categories: SENDBUG: SENDBUG: system user library documentation kernel alpha amd64 arm hppa i386 m88k mips64 powerpc sh sparc sparc64 vax SENDBUG: SENDBUG: >Synopsis: Since February (roughly) X forwarding fails when accessing with >putty .68 >Category: amd64 >Environment: System : OpenBSD 6.2 Details : OpenBSD 6.2-current (GENERIC.MP) #15: Tue Feb 27 22:15:26 MST 2018 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP Architecture: OpenBSD.amd64 Machine : amd64 >Description: Since early February, several snapshots have not forwarded X when the machine is accessed through putty .68 from Windows 10. A machine that has been held at an earlier snapshot is fine. A Gtk WARNIING is returned. This has occurred at about the same time as failure of LibreOffice to run with an error of "can't open libGL.so.1", which is intermittent now, with the change of behavior not tied to upgrading to a newer snapshot. >How-To-Repeat: Start the machine, attempt to connect with ssh using an ed25519 keypair. Start an X application. >Fix: No workaround. X.log.0 appended. SENDBUG: Run sendbug as root if this is an ACPI report! SENDBUG: dmesg and usbdevs are attached. SENDBUG: Feel free to delete or use the -D flag if they contain sensitive information. dmesg: OpenBSD 6.2-current (GENERIC.MP) #15: Tue Feb 27 22:15:26 MST 2018 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 4176125952 (3982MB) avail mem = 4042530816 (3855MB) mpath0 at root scsibus0 at mpath0: 256 targets mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xdbc40018 (36 entries) bios0: vendor AMI version "80.06" date 04/01/2015 bios0: Hewlett-Packard 550-036 acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP APIC FPDT FIDT MSDM SSDT SSDT MCFG HPET SSDT SSDT DBGP acpi0: wakeup devices PXSX(S4) RP01(S4) PXSX(S4) PXSX(S4) PXSX(S4) RP04(S4) PXSX(S4) PXSX(S4) RP06(S4) PXSX(S4) RP07(S4) PXSX(S4) GLAN(S4) EHC1(S3) EHC2(S3) XHC_(S3) [...] acpitimer0 at acpi0: 3579545 Hz, 24 bits acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz, 3691.91 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT,MELTDOWN cpu0: 256KB 64b/line 8-way L2 cache acpitimer0: recalibrated TSC frequency 3691459755 Hz cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4, IBE cpu1 at mainbus0: apid 2 (application processor) cpu1: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz, 3691.46 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT,MELTDOWN cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 0, core 1, package 0 cpu2 at mainbus0: apid 1 (application processor) cpu2: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz, 3691.45 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT,MELTDOWN cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 1, core 0, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i3-4170 CPU @ 3.70GHz, 3691.45 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,SDBG,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,SENSOR,ARAT,MELTDOWN cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpihpet0: recalibrated TSC frequency 3691432285 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus 1 (RP01) acpiprt2 at acpi0: bus 2 (RP04)