Re: Stop abusing rcvif pointer to pass wireless nodes
On 14/03/14(Fri) 15:46, Martin Pieuchot wrote: Diff below adds a new pointer to struct pkthdr to explicitly pass some wireless nodes to the pointer without abusing the interface pointer that I'd like to kill. I kept and updated the comments saying that this way of passing the corresponding node is a hack since using a dedicated pointer does not change the design. Somebody will certainly dig into this at some point :) Here's a new diff addressing some comments I received: - Use a longer/more explicit name - Remove useless cast - Remove comments talking about a hack since we're no longer abusing the rcvif pointer. ok? Index: dev/usb/if_athn_usb.c === RCS file: /home/ncvs/src/sys/dev/usb/if_athn_usb.c,v retrieving revision 1.18 diff -u -p -r1.18 if_athn_usb.c --- dev/usb/if_athn_usb.c 7 Aug 2013 01:06:41 - 1.18 +++ dev/usb/if_athn_usb.c 17 Mar 2014 10:10:27 - @@ -2009,7 +2009,7 @@ athn_usb_start(struct ifnet *ifp) /* Send pending management frames first. */ IF_DEQUEUE(ic-ic_mgtq, m); if (m != NULL) { - ni = (void *)m-m_pkthdr.rcvif; + ni = m-m_pkthdr.ieee80211_ni; goto sendit; } if (ic-ic_state != IEEE80211_S_RUN) Index: dev/usb/if_atu.c === RCS file: /home/ncvs/src/sys/dev/usb/if_atu.c,v retrieving revision 1.105 diff -u -p -r1.105 if_atu.c --- dev/usb/if_atu.c7 Mar 2014 18:39:02 - 1.105 +++ dev/usb/if_atu.c17 Mar 2014 10:10:27 - @@ -2013,17 +2013,7 @@ atu_start(struct ifnet *ifp) DPRINTFN(25, (%s: atu_start: mgmt packet\n, sc-atu_dev.dv_xname)); - /* -* Hack! The referenced node pointer is in the -* rcvif field of the packet header. This is -* placed there by ieee80211_mgmt_output because -* we need to hold the reference with the frame -* and there's no other way (other than packet -* tags which we consider too expensive to use) -* to pass it along. -*/ - ni = (struct ieee80211_node *)m-m_pkthdr.rcvif; - m-m_pkthdr.rcvif = NULL; + ni = m-m_pkthdr.ieee80211_ni; wh = mtod(m, struct ieee80211_frame *); /* sc-sc_stats.ast_tx_mgmt++; */ Index: dev/usb/if_otus.c === RCS file: /home/ncvs/src/sys/dev/usb/if_otus.c,v retrieving revision 1.38 diff -u -p -r1.38 if_otus.c --- dev/usb/if_otus.c 7 Mar 2014 18:39:02 - 1.38 +++ dev/usb/if_otus.c 17 Mar 2014 10:10:27 - @@ -1438,7 +1438,7 @@ otus_start(struct ifnet *ifp) /* Send pending management frames first. */ IF_DEQUEUE(ic-ic_mgtq, m); if (m != NULL) { - ni = (void *)m-m_pkthdr.rcvif; + ni = m-m_pkthdr.ieee80211_ni; goto sendit; } if (ic-ic_state != IEEE80211_S_RUN) Index: dev/usb/if_ral.c === RCS file: /home/ncvs/src/sys/dev/usb/if_ral.c,v retrieving revision 1.125 diff -u -p -r1.125 if_ral.c --- dev/usb/if_ral.c7 Mar 2014 18:39:02 - 1.125 +++ dev/usb/if_ral.c17 Mar 2014 10:10:27 - @@ -1255,8 +1255,7 @@ ural_start(struct ifnet *ifp) } IF_DEQUEUE(ic-ic_mgtq, m0); - ni = (struct ieee80211_node *)m0-m_pkthdr.rcvif; - m0-m_pkthdr.rcvif = NULL; + ni = m0-m_pkthdr.ieee80211_ni; #if NBPFILTER 0 if (ic-ic_rawbpf != NULL) bpf_mtap(ic-ic_rawbpf, m0, BPF_DIRECTION_OUT); Index: dev/usb/if_rum.c === RCS file: /home/ncvs/src/sys/dev/usb/if_rum.c,v retrieving revision 1.102 diff -u -p -r1.102 if_rum.c --- dev/usb/if_rum.c7 Mar 2014 18:39:02 - 1.102 +++ dev/usb/if_rum.c17 Mar 2014 10:10:27 - @@ -1274,8 +1274,7 @@ rum_start(struct ifnet *ifp) } IF_DEQUEUE(ic-ic_mgtq, m0); - ni = (struct ieee80211_node *)m0-m_pkthdr.rcvif; - m0-m_pkthdr.rcvif = NULL; + ni = m0-m_pkthdr.ieee80211_ni; #if NBPFILTER 0 if (ic-ic_rawbpf != NULL) bpf_mtap(ic-ic_rawbpf, m0, BPF_DIRECTION_OUT); Index: dev/usb/if_run.c
arp resolution completion notifications
Hi, I would like to send results of ARP resolution back to the userland in order to be able to catch them via the AF_ROUTE socket. I'm cooking some SNMPd changes (ipNetToMediaPhysAddress support primarily) based on this. I have inspected bgpd's and ospfd's kroute.c files and believe they should safely ignore these messages. OK? diff --git sys/netinet/if_ether.c sys/netinet/if_ether.c index 9910a1c..9b31560 100644 --- sys/netinet/if_ether.c +++ sys/netinet/if_ether.c @@ -687,20 +687,21 @@ in_arpinput(struct mbuf *m) ether_sprintf(ea-arp_sha), ac-ac_if.if_xname); goto out; } sdl-sdl_alen = sizeof(ea-arp_sha); memcpy(LLADDR(sdl), ea-arp_sha, sizeof(ea-arp_sha)); if (rt-rt_expire) rt-rt_expire = time_second + arpt_keep; rt-rt_flags = ~RTF_REJECT; la-la_asked = 0; + rt_sendmsg(rt, RTM_RESOLVE, rt-rt_ifp-if_rdomain); while ((mh = la-la_hold_head) != NULL) { if ((la-la_hold_head = mh-m_nextpkt) == NULL) la-la_hold_tail = NULL; la-la_hold_count--; la_hold_total--; mt = la-la_hold_tail; (*ac-ac_if.if_output)(ac-ac_if, mh, rt_key(rt), rt); if (la-la_hold_tail == mh) {
Re: Split IPv4 automagic route to prefix/host creation
On 10/03/14(Mon) 15:28, Martin Pieuchot wrote: Diff below splits in_addprefix() into two functions, one for adding a route to host (for point-to-point interfaces) and one for adding a route prefix. This simplifies a lot the RTF_* flags logic and will make it easier to create routes to loopback in a near future. The only difference it introduces is that the (new) code to add a route to host no longer check for an associated carp interface to move the route from/to it. I'd also like to remove the magic to check if there's already a route to the same destination, but that'll be for another diff. Did somebody at least *tried* this diff? Did somebody read it? Any ok? Index: netinet/in.c === RCS file: /home/ncvs/src/sys/netinet/in.c,v retrieving revision 1.91 diff -u -p -r1.91 in.c --- netinet/in.c 21 Jan 2014 10:18:26 - 1.91 +++ netinet/in.c 10 Mar 2014 12:38:20 - @@ -94,8 +94,10 @@ int in_lifaddr_ioctl(struct socket *, u_ struct ifnet *); void in_purgeaddr(struct ifaddr *); -int in_addprefix(struct in_ifaddr *, int); +int in_addprefix(struct in_ifaddr *); int in_scrubprefix(struct in_ifaddr *); +int in_addhost(struct in_ifaddr *); +int in_scrubhost(struct in_ifaddr *); /* Return 1 if an internet address is for a directly connected host */ int @@ -608,7 +610,10 @@ in_lifaddr_ioctl(struct socket *so, u_lo void in_ifscrub(struct ifnet *ifp, struct in_ifaddr *ia) { - in_scrubprefix(ia); + if ((ifp-if_flags (IFF_LOOPBACK | IFF_POINTOPOINT)) == 0) + in_scrubprefix(ia); + else + in_scrubhost(ia); } /* @@ -621,7 +626,7 @@ in_ifinit(struct ifnet *ifp, struct in_i { u_int32_t i = sin-sin_addr.s_addr; struct sockaddr_in oldaddr; - int s = splnet(), flags = RTF_UP, error = 0; + int s = splnet(), error = 0; if (newaddr) TAILQ_INSERT_TAIL(in_ifaddr, ia, ia_list); @@ -681,13 +686,15 @@ in_ifinit(struct ifnet *ifp, struct in_i } } else if (ifp-if_flags IFF_LOOPBACK) { ia-ia_dstaddr = ia-ia_addr; - flags |= RTF_HOST; } else if (ifp-if_flags IFF_POINTOPOINT) { if (ia-ia_dstaddr.sin_family != AF_INET) goto out; - flags |= RTF_HOST; } - error = in_addprefix(ia, flags); + + if ((ifp-if_flags (IFF_LOOPBACK | IFF_POINTOPOINT)) == 0) + error = in_addprefix(ia); + else + error = in_addhost(ia); /* * If the interface supports multicast, join the all hosts @@ -739,51 +746,118 @@ in_purgeaddr(struct ifaddr *ifa) ifafree(ia-ia_ifa); } -#define rtinitflags(x) \ - x)-ia_ifp-if_flags (IFF_LOOPBACK | IFF_POINTOPOINT)) != 0) \ - ? RTF_HOST : 0) +int +in_addhost(struct in_ifaddr *ia0) +{ + struct in_ifaddr *ia; + struct in_addr dst; + int error; + + dst = ia0-ia_dstaddr.sin_addr; + + /* + * If an interface already have a route to the same + * destination don't do anything. + */ + TAILQ_FOREACH(ia, in_ifaddr, ia_list) { + if (ia-ia_ifp-if_rdomain != ia0-ia_ifp-if_rdomain) + continue; + + if (dst.s_addr != ia-ia_dstaddr.sin_addr.s_addr) + continue; + + if ((ia-ia_flags IFA_ROUTE) == 0) + continue; + + return (0); + } + + error = rtinit(ia0-ia_ifa, RTM_ADD, RTF_UP | RTF_HOST); + if (!error) + ia0-ia_flags |= IFA_ROUTE; + + return (error); +} + +int +in_scrubhost(struct in_ifaddr *ia0) +{ + struct in_ifaddr *ia; + struct in_addr dst; + int error; + + if ((ia0-ia_flags IFA_ROUTE) == 0) + return (0); + + dst = ia0-ia_dstaddr.sin_addr; + + /* + * Because we only add one route for a given destination at + * a time, here we need to do some magic to move this route + * to another interface if it has the same destination. + */ + TAILQ_FOREACH(ia, in_ifaddr, ia_list) { + if (ia-ia_ifp-if_rdomain != ia0-ia_ifp-if_rdomain) + continue; + + if (dst.s_addr != ia-ia_dstaddr.sin_addr.s_addr) + continue; + + if ((ia-ia_flags IFA_ROUTE) != 0) + continue; + + rtinit(ia0-ia_ifa, RTM_DELETE, RTF_HOST); + ia0-ia_flags = ~IFA_ROUTE; + error = rtinit(ia-ia_ifa, RTM_ADD, RTF_UP | RTF_HOST); + if (!error) + ia-ia_flags |= IFA_ROUTE; + + return (error); + } + + rtinit(ia0-ia_ifa, RTM_DELETE, RTF_HOST); + ia0-ia_flags = ~IFA_ROUTE; + + return (0); +} /* * add a route to prefix (connected route in cisco terminology). *
Re: if_detach() addresses cleanup
On 06/03/14(Thu) 09:35, Martin Pieuchot wrote: On 22/01/14(Wed) 11:46, Martin Pieuchot wrote: Network addresses added to the interface local list thought ifa_add() are the link-local address and the IPv4/6 ones. Since if_detach() now calls in_ifdetach(), there should be no address left on the list apart from the link-layer one at this stage. So the diff below removes it directly, there's no need for a loop anymore. I left a check for safety afterward... ok? Still looking for oks... Anybody? Index: net/if.c === RCS file: /home/ncvs/src/sys/net/if.c,v retrieving revision 1.279 diff -u -p -r1.279 if.c --- net/if.c28 Nov 2013 10:16:44 - 1.279 +++ net/if.c7 Jan 2014 11:57:09 - @@ -359,12 +359,10 @@ if_free_sadl(struct ifnet *ifp) s = splnet(); rtinit(ifa, RTM_DELETE, 0); -#if 0 ifa_del(ifp, ifa); + ifafree(ifp-if_lladdr); ifp-if_lladdr = NULL; -#endif ifp-if_sadl = NULL; - splx(s); } @@ -587,27 +585,22 @@ do { \ if (ISSET(ifp-if_xflags, IFXF_TXREADY)) TAILQ_REMOVE(iftxlist, ifp, if_txlist); - /* -* Deallocate private resources. -*/ - while ((ifa = TAILQ_FIRST(ifp-if_addrlist)) != NULL) { - ifa_del(ifp, ifa); - /* XXX if_free_sadl needs this */ - if (ifa == ifp-if_lladdr) - continue; - - ifa-ifa_ifp = NULL; - ifafree(ifa); - } - while ((ifg = TAILQ_FIRST(ifp-if_groups)) != NULL) if_delgroup(ifp, ifg-ifgl_group-ifg_group); if_free_sadl(ifp); - ifp-if_lladdr-ifa_ifp = NULL; - ifafree(ifp-if_lladdr); - ifp-if_lladdr = NULL; + /* We should not have any address left at this point. */ + if (!TAILQ_EMPTY(ifp-if_addrlist)) { +#ifdef DIAGNOSTIC + printf(%s: address list non empty\n, ifp-if_xname); +#endif + while ((ifa = TAILQ_FIRST(ifp-if_addrlist)) != NULL) { + ifa_del(ifp, ifa); + ifa-ifa_ifp = NULL; + ifafree(ifa); + } + } free(ifp-if_addrhooks, M_TEMP); free(ifp-if_linkstatehooks, M_TEMP);
[PATCH] Allow bioctl(8) to recognise DUIDs (and such) for many operations
This patch allows bioctl(8) to perform operations on volumes using either the fully-qualified device path (eg. /dev/sd0a) or a valid DUID pointing to the RAID volume or device. Basically, anything that opendev(3) can open. Index: sbin/bioctl/bioctl.c === RCS file: /cvs/src/sbin/bioctl/bioctl.c,v retrieving revision 1.119 diff -u -p -r1.119 bioctl.c --- sbin/bioctl/bioctl.c18 Jan 2014 09:11:12 - 1.119 +++ sbin/bioctl/bioctl.c17 Mar 2014 11:38:10 - @@ -62,6 +62,7 @@ struct locator { void usage(void); const char *str2locator(const char *, struct locator *); +intopen_device(const char *, char *, size_t); void bio_status(struct bio_status *); intbio_parse_devlist(char *, dev_t *); void bio_kdf_derive(struct sr_crypto_kdfinfo *, @@ -101,7 +102,8 @@ main(int argc, char *argv[]) extern char *optarg; u_int64_t func = 0; char*devicename = NULL; - char*realname = NULL, *al_arg = NULL; + charrealname[MAXPATHLEN] = {0}; + char*al_arg = NULL; char*bl_arg = NULL, *dev_list = NULL; char*key_disk = NULL; const char *errstr; @@ -216,7 +218,9 @@ main(int argc, char *argv[]) if (devicename == NULL) errx(1, need device); - devh = opendev(devicename, O_RDWR, OPENDEV_PART, realname); + devh = open_device(devicename, realname, MAXPATHLEN); + devicename = realname; + if (devh == -1) { devh = open(/dev/bio, O_RDWR); if (devh == -1) @@ -312,6 +316,30 @@ str2locator(const char *string, struct l if (errstr) return (errstr); return (NULL); +} + +int +open_device(const char *devname, char *realname, size_t rnmax) +{ + int devh; + char *temp = NULL; + size_t slen = 0; + + devh = opendev(devname, O_RDWR, OPENDEV_PART, temp); + if(devh != -1) { + if(temp) + temp = basename(temp); + if(temp (temp[0] != '\0')) + slen = strlcpy(realname, temp + 1, rnmax); + + if(slen = rnmax) + slen = rnmax - 1; + + if(slen 2) + realname[slen - 1] = '\0'; + } + + return devh; } void
Re: Stop abusing rcvif pointer to pass wireless nodes
On Mon, Mar 17, 2014 at 11:14:24AM +0100, Martin Pieuchot wrote: On 14/03/14(Fri) 15:46, Martin Pieuchot wrote: Diff below adds a new pointer to struct pkthdr to explicitly pass some wireless nodes to the pointer without abusing the interface pointer that I'd like to kill. I kept and updated the comments saying that this way of passing the corresponding node is a hack since using a dedicated pointer does not change the design. Somebody will certainly dig into this at some point :) Here's a new diff addressing some comments I received: - Use a longer/more explicit name What about using a more generic name which is not bound to 80211 since the field is a generic pointer. This may allow us to use something similar in other drivers like mpe(4), gif(4), gre(4). - Remove useless cast - Remove comments talking about a hack since we're no longer abusing the rcvif pointer. ok? Index: dev/usb/if_athn_usb.c === RCS file: /home/ncvs/src/sys/dev/usb/if_athn_usb.c,v retrieving revision 1.18 diff -u -p -r1.18 if_athn_usb.c --- dev/usb/if_athn_usb.c 7 Aug 2013 01:06:41 - 1.18 +++ dev/usb/if_athn_usb.c 17 Mar 2014 10:10:27 - @@ -2009,7 +2009,7 @@ athn_usb_start(struct ifnet *ifp) /* Send pending management frames first. */ IF_DEQUEUE(ic-ic_mgtq, m); if (m != NULL) { - ni = (void *)m-m_pkthdr.rcvif; + ni = m-m_pkthdr.ieee80211_ni; goto sendit; } if (ic-ic_state != IEEE80211_S_RUN) Index: dev/usb/if_atu.c === RCS file: /home/ncvs/src/sys/dev/usb/if_atu.c,v retrieving revision 1.105 diff -u -p -r1.105 if_atu.c --- dev/usb/if_atu.c 7 Mar 2014 18:39:02 - 1.105 +++ dev/usb/if_atu.c 17 Mar 2014 10:10:27 - @@ -2013,17 +2013,7 @@ atu_start(struct ifnet *ifp) DPRINTFN(25, (%s: atu_start: mgmt packet\n, sc-atu_dev.dv_xname)); - /* - * Hack! The referenced node pointer is in the - * rcvif field of the packet header. This is - * placed there by ieee80211_mgmt_output because - * we need to hold the reference with the frame - * and there's no other way (other than packet - * tags which we consider too expensive to use) - * to pass it along. - */ - ni = (struct ieee80211_node *)m-m_pkthdr.rcvif; - m-m_pkthdr.rcvif = NULL; + ni = m-m_pkthdr.ieee80211_ni; wh = mtod(m, struct ieee80211_frame *); /* sc-sc_stats.ast_tx_mgmt++; */ Index: dev/usb/if_otus.c === RCS file: /home/ncvs/src/sys/dev/usb/if_otus.c,v retrieving revision 1.38 diff -u -p -r1.38 if_otus.c --- dev/usb/if_otus.c 7 Mar 2014 18:39:02 - 1.38 +++ dev/usb/if_otus.c 17 Mar 2014 10:10:27 - @@ -1438,7 +1438,7 @@ otus_start(struct ifnet *ifp) /* Send pending management frames first. */ IF_DEQUEUE(ic-ic_mgtq, m); if (m != NULL) { - ni = (void *)m-m_pkthdr.rcvif; + ni = m-m_pkthdr.ieee80211_ni; goto sendit; } if (ic-ic_state != IEEE80211_S_RUN) Index: dev/usb/if_ral.c === RCS file: /home/ncvs/src/sys/dev/usb/if_ral.c,v retrieving revision 1.125 diff -u -p -r1.125 if_ral.c --- dev/usb/if_ral.c 7 Mar 2014 18:39:02 - 1.125 +++ dev/usb/if_ral.c 17 Mar 2014 10:10:27 - @@ -1255,8 +1255,7 @@ ural_start(struct ifnet *ifp) } IF_DEQUEUE(ic-ic_mgtq, m0); - ni = (struct ieee80211_node *)m0-m_pkthdr.rcvif; - m0-m_pkthdr.rcvif = NULL; + ni = m0-m_pkthdr.ieee80211_ni; #if NBPFILTER 0 if (ic-ic_rawbpf != NULL) bpf_mtap(ic-ic_rawbpf, m0, BPF_DIRECTION_OUT); Index: dev/usb/if_rum.c === RCS file: /home/ncvs/src/sys/dev/usb/if_rum.c,v retrieving revision 1.102 diff -u -p -r1.102 if_rum.c --- dev/usb/if_rum.c 7 Mar 2014 18:39:02 - 1.102 +++ dev/usb/if_rum.c 17 Mar 2014 10:10:27 - @@ -1274,8 +1274,7 @@ rum_start(struct ifnet *ifp) } IF_DEQUEUE(ic-ic_mgtq, m0); - ni = (struct ieee80211_node *)m0-m_pkthdr.rcvif; - m0-m_pkthdr.rcvif = NULL; +
fixup arp(8) rdomain hang
Hi, It's been known for ages that arp -V 1 -d 10.0.0.1 would hang forever. Apparently the cause is simple: we pass the target rdomain in the rtm, but the AF_ROUTE socket that we create is always in rdomain 0 (c.f. getsocket in the arp source code). The hang happens in the read syscall at the bottom of rtmsg() in arp.c when we're trying to get the reply back. There's no reply since the rop-rtableid != rtm-rtm_tableid condition at sys/net/rtsock.c:383 evaluates to true (forces continue). rop is a route socket control block that is created when the socket is opened therefore it's rtableid is 0, while rtm_tableid comes from the message we send to the routing socket and has the target routing table id. The setsockopt(ROUTE_TABLEFILTER) call in the diff below is equivalent to setsockopt(SO_RTABLE), but in the case of AF_ROUTE sockets the latter one is not implemented. The other possibility is calling setrtable(2) right before the socket, but I think it's fine this way as well. OK? diff --git usr.sbin/arp/arp.c usr.sbin/arp/arp.c index a4e37b6..b1fabca 100644 --- usr.sbin/arp/arp.c +++ usr.sbin/arp/arp.c @@ -238,11 +238,15 @@ file(char *name) void getsocket(void) { + socklen_t len = sizeof(rdomain); + if (s = 0) return; s = socket(PF_ROUTE, SOCK_RAW, 0); if (s 0) err(1, socket); + if (setsockopt(s, PF_ROUTE, ROUTE_TABLEFILTER, rdomain, len) 0) + err(1, ROUTE_TABLEFILTER); } struct sockaddr_in so_mask = { 8, 0, 0, { 0x } };
Re: Stop abusing rcvif pointer to pass wireless nodes
What about using a more generic name which is not bound to 80211 since the field is a generic pointer. This may allow us to use something similar in other drivers like mpe(4), gif(4), gre(4). That is basically the only thought I had. I mean you could also start passing it as a mbuf tag, but probably don't want the allocate/free overhead.
Re: lock(1) timeout message deduplication
Thank you very much for the feedback. On 3/14/14 9:38 AM, Ingo Schwarze wrote: According to the sigaction(3) manual, volatile sig_atomic_t would be better. If i understand correctly, overzealous compilers might otherwise optimize checks away. Dammit, of course. I should have caught that. However, either way is incorrect. There is a race condition. The ALRM signal may arrive after the if(done), but before the call to readpassphrase(). Yes, that's narrow, but still. In that case, the lock utility will sit at the Key: prompt for good, even though a timeout was requested. Then you just hit enter at the Key: prompt, and bang, it says timeout and gives you the shell. Ouch. Right. That's why I wasn't sure where to place the check. Now I realize why the entire approach is incorrect. That said, i consider having a lock(1) utility time out stupid in the first place. It is conceptually insecure. Would anybody be opposed to either of the following changes? 1) On timeout and before exiting, send a -HUP signal to the process group [i.e. kill(0, SIGHUP)]. That way, you get the terminal back on timeout, but without the login shell still open. The following is based on the assumption that you meant session rather than process group [i.e. kill(getsid(), SIGHUP)]: I don't think we should introduce such behavior because I can think of several situations where it wouldn't work as expected (like w/ su), and it encourages the user to rely on functionality which has certain caveats that they would probably ignore or forget, even if well documented. The possibility of behaving in unexpected ways is quite dangerous, especially when you'd only notice after the timeout period, and even more so when it directly leads to an attacker with a shell. 2) Make -n the default and silently ignore the -t option. The lock(1) utility still won't become a model of robustness and security, but at least a bit safer. Right now, it is horribly insecure by default. Imagine an operator being called away from the terminal, quickly typing lock. How easy is it to forget -n? Now if the attacker manages to distract the operator for 15 minutes, he gets the shell for free. Well, lock(1) is part of the 2BSD legacy, one of the few tools remaining from that time. But i think we shouldn't be awestruck but still ensure a minimum level of sanity. I'm in favor of that. Following from that, what would you think of making -p default too and providing a way to negate it if desired. The thinking is that an inattentive operator may think to type lock while leaving his workstation in a hurry, but may not notice or remember to enter a password (because he is distracted and leaving). If we're going to break backwards compatibility anyway, this seems like a more sane default to me. I certainly don't feel like setting up the usual pipe(2) to self and a select(2) or poll(2) loop merely to correctly implement a feature that's an awful idea in the first place... How about just making the signal handler safe then? I think that's the simplest approach. I should have tried that to begin with. Would this do it? (applies on top of my first lock(1) patch http://marc.info/?l=openbsd-techm=139465495417843q=raw ) --- lock.c.post-patch1 Mon Mar 17 13:10:43 2014 +++ lock.c Mon Mar 17 13:50:53 2014 @@ -61,8 +61,9 @@ #defineTIMEOUT 15 -void bye(int); -void hi(void); +void time_remaining(void); +static size_t sigsafe_strlen(const char *); +void do_timeout(int); struct timeval timeout; struct timeval zerotime; @@ -165,7 +166,7 @@ (void)signal(SIGINT, SIG_IGN); (void)signal(SIGQUIT, SIG_IGN); (void)signal(SIGTSTP, SIG_IGN); - (void)signal(SIGALRM, bye); + (void)signal(SIGALRM, do_timeout); ntimer.it_interval = zerotime; ntimer.it_value = timeout; @@ -186,7 +187,7 @@ for (cnt = 0;;) { if (!readpassphrase(Key: , s, sizeof(s), RPP_ECHO_OFF) || *s == '\0') { - hi(); + time_remaining(); continue; } if (usemine) { @@ -220,7 +221,7 @@ } void -hi(void) +time_remaining(void) { char buf[1024], buf2[1024]; time_t left; @@ -237,12 +238,33 @@ (void) write(STDERR_FILENO, buf, strlen(buf)); } +/* + * Duplicate of our libc's strlen. I don't like duplicating code, but POSIX + * doesn't guarantee strlen() is signal-safe, so we need to assume it may + * become unsafe in the future, maybe due to some crazy hardware-enhanced + * optimization that stores state or something... + */ +static size_t +sigsafe_strlen(const char *str) +{ + const char *s; + + for (s = str; *s; ++s) + ; + return (s - str); +} + /*ARGSUSED*/ void -bye(int signo) +do_timeout(int signo) { + extern char *__progname; - if (!no_timeout) - warnx(timeout); +
thinkpad adaptive keyboard patch
Hi! New 2nd generation Lenovo X1 Carbon has touchable lcd strip instead of the F1-12 keys and the multimedia keys. It has 5 modes with tons of useless buttons triggering acpi hotkey events and 6th inactive mode. This patch adds support for switching between the Home and the Function modes. The Function mode has the standard F1-12 buttons and the Home mode has Volume, Mute and Brightness buttons. Other functions of the the Home mode are ignored. On power up BIOS activates the Function mode for us, on suspend it goes to the inactive mode and we need to reenable it when coming from suspend. The patch has been tested on X1 Carbon, X220 and X61s Dmesg: OpenBSD 5.5-current (GENERIC.MP) #26: Mon Mar 17 18:14:05 UTC 2014 rix@x1:/usr/src/sys/arch/amd64/compile/GENERIC.MP real mem = 8262828032 (7880MB) avail mem = 8034148352 (7661MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xdcd3d000 (60 entries) bios0: vendor LENOVO version GRET32WW (1.09 ) date 02/13/2014 bios0: LENOVO 20A7005KMS acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SLIC ASF! DBGP ECDT HPET APIC MCFG SSDT SSDT SSDT SSDT SSDT SSDT TCPA UEFI MSDM BATB FPDT UEFI SSDT acpi0: wakeup devices LID_(S4) SLPB(S3) IGBE(S4) EXP2(S4) XHCI(S3) EHC1(S3) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpihpet0 at acpi0: 14318179 Hz acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM) i7-4550U CPU @ 1.50GHz, 1396.98 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID cpu0: 256KB 64b/line 8-way L2 cache cpu0: smt 0, core 0, package 0 mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges cpu0: apic clock running at 99MHz cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4, IBE cpu1 at mainbus0: apid 1 (application processor) cpu1: Intel(R) Core(TM) i7-4550U CPU @ 1.50GHz, 1396.77 MHz cpu1: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID cpu1: 256KB 64b/line 8-way L2 cache cpu1: smt 1, core 0, package 0 cpu2 at mainbus0: apid 2 (application processor) cpu2: Intel(R) Core(TM) i7-4550U CPU @ 1.50GHz, 1396.77 MHz cpu2: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID cpu2: 256KB 64b/line 8-way L2 cache cpu2: smt 0, core 1, package 0 cpu3 at mainbus0: apid 3 (application processor) cpu3: Intel(R) Core(TM) i7-4550U CPU @ 1.50GHz, 1396.77 MHz cpu3: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID cpu3: 256KB 64b/line 8-way L2 cache cpu3: smt 1, core 1, package 0 ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins acpimcfg0 at acpi0 addr 0xf800, bus 0-63 acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (PEG_) acpiprt2 at acpi0: bus 2 (EXP1) acpiprt3 at acpi0: bus 3 (EXP2) acpiprt4 at acpi0: bus -1 (EXP3) acpicpu0 at acpi0: C3, C1, PSS acpicpu1 at acpi0: C3, C1, PSS acpicpu2 at acpi0: C3, C1, PSS acpicpu3 at acpi0: C3, C1, PSS acpipwrres0 at acpi0: PUBS, resource for XHCI, EHC1 acpitz0 at acpi0: critical temperature is 200 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model 45N1701 serial 11637 type LiP oem SONY acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit online acpithinkpad0 at acpi0 cpu0: Enhanced SpeedStep 1396 MHz: speeds: 2101, 2100, 2000, 1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200, 1100, 1000, 900, 800, 777 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 Intel Core 4G Host rev 0x09 vga1 at pci0 dev 2 function 0 Intel HD Graphics 5000 rev 0x09 intagp0 at vga1 agp0 at intagp0: aperture at 0xe000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 error: [drm:pid0:i915_write32] *ERROR* Unknown unclaimed register before writing to 10 error: [drm:pid0:intel_dp_set_link_train] *ERROR* Timed out waiting for DP idle patterns error: [drm:pid0:i915_write32] *ERROR* Unknown unclaimed register before writing to 64040 inteldrm0:
upd(4) needs testing
upd(4) has been integrated to the tree a few hours ago. it is disabled for now, so if you follow current and can test it, please use this patch (mostly the same mpi@'s patch from yesterday, plus the removal of the supported product/device-ids from usb_quirks.c). if you have an ups with you which does not match any of the ones removed from usb_quicks, please send me your usbdevs -v output. thanks, -a Index: arch/amd64/conf/GENERIC === RCS file: /cvs/src/sys/arch/amd64/conf/GENERIC,v retrieving revision 1.363 diff -u -p -r1.363 GENERIC --- arch/amd64/conf/GENERIC 17 Mar 2014 18:40:46 - 1.363 +++ arch/amd64/conf/GENERIC 17 Mar 2014 23:28:37 - @@ -236,7 +236,7 @@ udsbr* at uhub?# D-Link DSB-R100 radio radio* at udsbr? # USB radio uberry*at uhub?# Research In Motion Blackberry ugen* at uhub?# USB Generic driver -#upd* at uhidev? # USB Power Devices sensors +upd* at uhidev? # USB Power Devices sensors uath* at uhub?# Atheros AR5005UG/AR5005UX ural* at uhub?# Ralink RT2500USB rum* at uhub?# Ralink RT2501USB/RT2601USB Index: dev/usb/ucycom.c === RCS file: /cvs/src/sys/dev/usb/ucycom.c,v retrieving revision 1.24 diff -u -p -r1.24 ucycom.c --- dev/usb/ucycom.c15 Nov 2013 08:25:31 - 1.24 +++ dev/usb/ucycom.c17 Mar 2014 23:28:38 - @@ -174,7 +174,9 @@ ucycom_match(struct device *parent, void { struct uhidev_attach_arg *uha = aux; - DPRINTF((ucycom match\n)); + if (uha-reportid == UHIDEV_CLAIM_ALLREPORTID) + return (UMATCH_NONE); + return (usb_lookup(ucycom_devs, uha-uaa-vendor, uha-uaa-product) != NULL ? UMATCH_VENDOR_PRODUCT : UMATCH_NONE); } Index: dev/usb/ugold.c === RCS file: /cvs/src/sys/dev/usb/ugold.c,v retrieving revision 1.3 diff -u -p -r1.3 ugold.c --- dev/usb/ugold.c 4 Nov 2013 11:51:33 - 1.3 +++ dev/usb/ugold.c 17 Mar 2014 23:28:38 - @@ -102,6 +102,9 @@ ugold_match(struct device *parent, void int size; void *desc; + if (uha-reportid == UHIDEV_CLAIM_ALLREPORTID) + return (UMATCH_NONE); + if (usb_lookup(ugold_devs, uha-uaa-vendor, uha-uaa-product) == NULL) return (UMATCH_NONE); Index: dev/usb/uhid.c === RCS file: /cvs/src/sys/dev/usb/uhid.c,v retrieving revision 1.55 diff -u -p -r1.55 uhid.c --- dev/usb/uhid.c 19 Nov 2013 14:04:07 - 1.55 +++ dev/usb/uhid.c 17 Mar 2014 23:28:38 - @@ -114,11 +114,10 @@ const struct cfattach uhid_ca = { int uhid_match(struct device *parent, void *match, void *aux) { -#ifdef UHID_DEBUG - struct uhidev_attach_arg *uha = (struct uhidev_attach_arg *)aux; -#endif + struct uhidev_attach_arg *uha = aux; - DPRINTF((uhid_match: report=%d\n, uha-reportid)); + if (uha-reportid == UHIDEV_CLAIM_ALLREPORTID) + return (UMATCH_NONE); return (UMATCH_IFACECLASS_GENERIC); } Index: dev/usb/uhidev.c === RCS file: /cvs/src/sys/dev/usb/uhidev.c,v retrieving revision 1.55 diff -u -p -r1.55 uhidev.c --- dev/usb/uhidev.c16 Mar 2014 10:54:40 - 1.55 +++ dev/usb/uhidev.c17 Mar 2014 23:28:38 - @@ -128,6 +128,7 @@ uhidev_attach(struct device *parent, str int size, nrepid, repid, repsz; int i, repsizes[256]; void *desc = NULL; + struct device *dev; sc-sc_udev = uaa-device; sc-sc_iface = uaa-iface; @@ -217,19 +218,25 @@ uhidev_attach(struct device *parent, str repsz = hid_report_size(desc, size, hid_input, repid); DPRINTF((uhidev_match: repid=%d, repsz=%d\n, repid, repsz)); repsizes[repid] = repsz; - if (repsz 0) { - if (repsz sc-sc_isize) - sc-sc_isize = repsz; - } + if (repsz sc-sc_isize) + sc-sc_isize = repsz; } - sc-sc_isize += nrepid != 1;/* space for report ID */ + sc-sc_isize += (nrepid != 1); /* one byte for the report ID */ DPRINTF((uhidev_attach: isize=%d\n, sc-sc_isize)); uha.uaa = uaa; uha.parent = sc; - for (repid = 0; repid nrepid; repid++) { - struct device *dev; + uha.reportid = UHIDEV_CLAIM_ALLREPORTID; + + /* Look for a driver claiming all report IDs first. */ + dev = config_found_sm(self, uha, NULL, uhidevsubmatch); + if (dev != NULL) { + for (repid = 0; repid nrepid; repid++) +
Re: remove `my $_` from usr.bin/libtool
On Sun, Mar 16, 2014 at 06:45:31PM -0700, Andrew Fresh wrote: Lexical $_ (my $_) has been made experimental in perl 5.18 which causes warnings where used. This makes usr.bin/libtool stop using them. http://perldoc.perl.org/perldiag.html#Use-of-my-$_-is-experimental Also standardizes on using parenthesis for push in the subs where it was common. Even though it makes my eyes hurt. Try this again, just fixing the missed chomp in LaLoFile.pm l8rZ, -- andrew - http://afresh1.com Speed matters. Almost as much as some things, and nowhere near as much as others. -- Nick Holland Index: usr.bin/libtool//libtool === RCS file: /cvs/src/usr.bin/libtool/libtool,v retrieving revision 1.41 diff -u -p -u -r1.41 libtool --- usr.bin/libtool//libtool6 Mar 2014 08:58:43 - 1.41 +++ usr.bin/libtool//libtool18 Mar 2014 00:28:08 - @@ -30,9 +30,9 @@ use LT::Getopt; $SIG{__DIE__} = sub { require Carp; - my $_ = pop @_; - s/(.*)( at .*? line .*?\n$)/$1/s; - push @_, $_; + my $message = pop @_; + $message =~ s/(.*)( at .*? line .*?\n$)/$1/s; + push @_, $message; die Carp::longmess; }; Index: usr.bin/libtool//LT/Getopt.pm === RCS file: /cvs/src/usr.bin/libtool/LT/Getopt.pm,v retrieving revision 1.11 diff -u -p -u -r1.11 Getopt.pm --- usr.bin/libtool//LT/Getopt.pm 12 Jul 2012 12:20:06 - 1.11 +++ usr.bin/libtool//LT/Getopt.pm 18 Mar 2014 00:28:08 - @@ -260,19 +260,19 @@ sub handle_options MAINLOOP: while (@main::ARGV 0) { - my $_ = shift @main::ARGV; - if (m/^\-\-$/) { + my $arg = shift @main::ARGV; + if ($arg =~ m/^\-\-$/) { last; } - if (m/^\-/) { + if ($arg =~ m/^\-/) { for my $opt (@options) { - if ($opt-match($_, $self)) { + if ($opt-match($arg, $self)) { next MAINLOOP; } } - shortdie Unknown option $_\n; + shortdie Unknown option $arg\n; } else { - unshift(@main::ARGV, $_); + unshift(@main::ARGV, $arg); last; } } @@ -288,18 +288,18 @@ sub handle_permuted_options MAINLOOP2: while (@main::ARGV 0) { - my $_ = shift @main::ARGV; - if (m/^\-\-$/) { + my $arg = shift @main::ARGV; + if ($arg =~ m/^\-\-$/) { next; # XXX ? } - if (m/^\-/) { + if ($arg =~ m/^\-/) { for my $opt (@options) { - if ($opt-match($_, $self)) { + if ($opt-match($arg, $self)) { next MAINLOOP2; } } } - $self-keep_for_later($_); + $self-keep_for_later($arg); } @main::ARGV = @{$self-{kept}}; } Index: usr.bin/libtool//LT/LaLoFile.pm === RCS file: /cvs/src/usr.bin/libtool/LT/LaLoFile.pm,v retrieving revision 1.3 diff -u -p -u -r1.3 LaLoFile.pm --- usr.bin/libtool//LT/LaLoFile.pm 6 Jul 2012 11:30:41 - 1.3 +++ usr.bin/libtool//LT/LaLoFile.pm 18 Mar 2014 00:28:08 - @@ -48,14 +48,13 @@ sub read my ($class, $filename) = @_; my $info = $class-new; open(my $fh, '', $filename) or die Cannot read $filename: $!\n; - my $_; - while ($fh) { - chomp; - next if /^\#/; - next if /^\s*$/; - if (m/^(\S+)\=\'(.*)\'$/) { + while (my $line = $fh) { + chomp $line; + next if $line =~ /^\#/; + next if $line =~ /^\s*$/; + if ($line =~ m/^(\S+)\=\'(.*)\'$/) { $info-set($1, $2); - } elsif (m/^(\S+)\=(\S+)$/) { + } elsif ($line =~ m/^(\S+)\=(\S+)$/) { $info-set($1, $2); } } Index: usr.bin/libtool//LT/Library.pm === RCS file: /cvs/src/usr.bin/libtool/LT/Library.pm,v retrieving revision 1.8 diff -u -p -u -r1.8 Library.pm --- usr.bin/libtool//LT/Library.pm 13 Jul 2012 11:56:12 - 1.8 +++ usr.bin/libtool//LT/Library.pm 18 Mar 2014 00:28:08 - @@ -154,11 +154,11 @@ sub findbest my $best = undef; if (opendir(my $dir, $sd)) { my ($major, $minor) = (-1, -1);
Re: skip pflog interfaces in pcap_lookupdev()
On Thu, Aug 08, 2013 at 12:12:39AM -0500, joshua stein wrote: Running tcpdump with no -i arg finds a good interface to listen on by default on many machines, but on my laptop it finds pflog0 before urtwn0. Can we skip pflog interfaces like loopbacks? I got reminded of this diff while working on libpcap recently. The behavior you described annoys me as well, and I agree with your change. :) OK lteo@ I had a version that looked up the interface in the egress group but this is much simpler since pflog0 is usually the only other up interface that isn't important. Index: lib/libpcap/inet.c === RCS file: /cvs/src/lib/libpcap/inet.c,v retrieving revision 1.19 diff -u -p -u -p -r1.19 inet.c --- lib/libpcap/inet.c26 Mar 2006 20:58:50 - 1.19 +++ lib/libpcap/inet.c8 Aug 2013 05:10:19 - @@ -141,6 +141,8 @@ pcap_lookupdev(errbuf) continue; if (ISLOOPBACK(ifa-ifa_name, ifa-ifa_flags)) continue; + if (!strncmp(ifa-ifa_name, pflog, 5)) + continue; for (cp = ifa-ifa_name; !isdigit(*cp); ++cp) continue; n = atoi(cp);