Chromium package is recording you?
Hi, On Debian lists was been reported a new version of "chromium" have a closed source module that activate the audio recording without the user concern. Since the chromium package are in ftp and (I think) on CD, should OpenBSD Project remove it? Here is the report: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=786909
snapshots
Snapshots will be in disarray for the next day or two as I move everything from 5.7 to 5.8-beta.
Re: [patch]diff: uninitialized values
On Wed, Jun 17, 2015 at 08:53:57PM +0200, Fritjof Bornebusch wrote: > Hi tech@, > > *edp1* and *edp2* could be used uninitialized, if *goto closem;* is called. > Such initializers hiding a false positive, cause the compiler does not understand this case can never happen. -> warning: 'edp1' may be used uninitialized in this function -> warning: 'edp2' may be used uninitialized in this function Sorry for beeing not that clear. > Regards, > --F. > > > Index: diffdir.c > === > RCS file: /cvs/src/usr.bin/diff/diffdir.c,v > retrieving revision 1.43 > diff -u -p -r1.43 diffdir.c > --- diffdir.c 16 Jan 2015 06:40:07 - 1.43 > +++ diffdir.c 17 Jun 2015 18:50:57 - > @@ -48,8 +48,8 @@ static void diffit(struct dirent *, char > void > diffdir(char *p1, char *p2, int flags) > { > - struct dirent *dent1, **dp1, **edp1, **dirp1 = NULL; > - struct dirent *dent2, **dp2, **edp2, **dirp2 = NULL; > + struct dirent *dent1, **dp1, **edp1 = NULL, **dirp1 = NULL; > + struct dirent *dent2, **dp2, **edp2 = NULL, **dirp2 = NULL; > size_t dirlen1, dirlen2; > char path1[PATH_MAX], path2[PATH_MAX]; > int pos; >
[patch]diff: uninitialized values
Hi tech@, *edp1* and *edp2* could be used uninitialized, if *goto closem;* is called. Regards, --F. Index: diffdir.c === RCS file: /cvs/src/usr.bin/diff/diffdir.c,v retrieving revision 1.43 diff -u -p -r1.43 diffdir.c --- diffdir.c 16 Jan 2015 06:40:07 - 1.43 +++ diffdir.c 17 Jun 2015 18:50:57 - @@ -48,8 +48,8 @@ static void diffit(struct dirent *, char void diffdir(char *p1, char *p2, int flags) { - struct dirent *dent1, **dp1, **edp1, **dirp1 = NULL; - struct dirent *dent2, **dp2, **edp2, **dirp2 = NULL; + struct dirent *dent1, **dp1, **edp1 = NULL, **dirp1 = NULL; + struct dirent *dent2, **dp2, **edp2 = NULL, **dirp2 = NULL; size_t dirlen1, dirlen2; char path1[PATH_MAX], path2[PATH_MAX]; int pos;
Re: [patch]diff: xstrdup wrappes strdup(3)
Any ok for this, and the same for rcs? (And ssh?) On Wed, Jun 17, 2015 at 08:42:04PM +0200, Fritjof Bornebusch wrote: > Hi tech@, > > as requested by nicm@, xstrdup calls strdup(3) now. > > Regards, > --F. > > > Index: xmalloc.c > === > RCS file: /cvs/src/usr.bin/diff/xmalloc.c,v > retrieving revision 1.6 > diff -u -p -r1.6 xmalloc.c > --- xmalloc.c 29 Apr 2015 04:00:25 - 1.6 > +++ xmalloc.c 17 Jun 2015 18:13:25 - > @@ -73,12 +73,10 @@ xfree(void *ptr) > char * > xstrdup(const char *str) > { > - size_t len; > char *cp; > - > - len = strlen(str) + 1; > - cp = xmalloc(len); > - strlcpy(cp, str, len); > + > + if ((cp = strdup(str)) == NULL) > + err(1, "xstrdup"); > return cp; > } >
Re: [patch]file: xstrdup just wrappes strdup(3)
> + err(1, "xstrdup"); slight tweak, usually the err output is: err(1, "strdup")
[patch]ssh: xstrdup wrappes strdup(3)
Hi tech@, as requested by nicm@, xstrdup just wrappes strdup(3). Regards, --F. Index: xmalloc.c === RCS file: /cvs/src/usr.bin/ssh/xmalloc.c,v retrieving revision 1.32 diff -u -p -r1.32 xmalloc.c --- xmalloc.c 24 Apr 2015 01:36:01 - 1.32 +++ xmalloc.c 17 Jun 2015 18:42:43 - @@ -13,6 +13,7 @@ * called by a name other than "ssh" or "Secure Shell". */ +#include #include #include #include @@ -66,12 +67,10 @@ xreallocarray(void *ptr, size_t nmemb, s char * xstrdup(const char *str) { - size_t len; char *cp; - len = strlen(str) + 1; - cp = xmalloc(len); - strlcpy(cp, str, len); + if ((cp = strdup(str)) == NULL) + fatal("xstrdup: %s", strerror(errno)); return cp; }
[patch]diff: xstrdup wrappes strdup(3)
Hi tech@, as requested by nicm@, xstrdup calls strdup(3) now. Regards, --F. Index: xmalloc.c === RCS file: /cvs/src/usr.bin/diff/xmalloc.c,v retrieving revision 1.6 diff -u -p -r1.6 xmalloc.c --- xmalloc.c 29 Apr 2015 04:00:25 - 1.6 +++ xmalloc.c 17 Jun 2015 18:13:25 - @@ -73,12 +73,10 @@ xfree(void *ptr) char * xstrdup(const char *str) { - size_t len; char *cp; - - len = strlen(str) + 1; - cp = xmalloc(len); - strlcpy(cp, str, len); + + if ((cp = strdup(str)) == NULL) + err(1, "xstrdup"); return cp; }
[patch]file: xstrdup just wrappes strdup(3)
Hi tech@, as requested by nicm@, xstrdup calls strdup(3) now. Regards, --F. Index: xmalloc.c === RCS file: /cvs/src/usr.bin/file/xmalloc.c,v retrieving revision 1.1 diff -u -p -r1.1 xmalloc.c --- xmalloc.c 24 Apr 2015 16:24:11 - 1.1 +++ xmalloc.c 17 Jun 2015 18:18:10 - @@ -76,13 +76,10 @@ xfree(void *ptr) char * xstrdup(const char *str) { - size_t len; char *cp; - len = strlen(str) + 1; - cp = xmalloc(len); - if (strlcpy(cp, str, len) >= len) - errx(1, "xstrdup: string truncated"); + if ((cp = strdup(str)) == NULL) + err(1, "xstrdup"); return cp; }
Re: [patch]rcs: xstrdup just wrappes strdup
On Wed, Jun 17, 2015 at 01:25:07PM +0200, Fritjof Bornebusch wrote: > On Mon, Jun 15, 2015 at 10:22:27AM +0100, Nicholas Marriott wrote: > > What about diff and ssh and file? They all use the a copy of the same > > xmalloc.c. > > > > > > Personally, I would recommend that "xstrdup" just calls strdup(3), as > Theo said: it's 100.00% portable. Right, that's fine, I meant are you going to change the others? > > But I don't think I'm the right person who should answer that question. ;) > > Regards, > --F. > > > > > On Mon, Jun 15, 2015 at 10:00:01AM +0200, Fritjof Bornebusch wrote: > > > Hi, > > > > > > thanks for the hint. > > > This one should do the trick. > > > > > > > > > > > > > > > Index: xmalloc.c > > > === > > > RCS file: /cvs/src/usr.bin/rcs/xmalloc.c,v > > > retrieving revision 1.9 > > > diff -u -p -r1.9 xmalloc.c > > > --- xmalloc.c 13 Jun 2015 20:15:21 - 1.9 > > > +++ xmalloc.c 15 Jun 2015 07:52:15 - > > > @@ -68,13 +68,10 @@ xreallocarray(void *ptr, size_t nmemb, s > > > char * > > > xstrdup(const char *str) > > > { > > > - size_t len; > > > char *cp; > > > - > > > - len = strlen(str) + 1; > > > - cp = xmalloc(len); > > > - if (strlcpy(cp, str, len) >= len) > > > - errx(1, "xstrdup: string truncated"); > > > + > > > + if ((cp = strdup(str)) == NULL) > > > + err(1, "xstrdup"); > > > return cp; > > > } > > > > >
[patch] nm: read after bound
Hi, This patch corrects a read after bound that occurs in strcmp (line just after the added bound check). Found with afl. -- Sébastien Marie Index: elf.c === RCS file: /cvs/src/usr.bin/nm/elf.c,v retrieving revision 1.28 diff -u -p -r1.28 elf.c --- elf.c 17 May 2015 20:19:08 - 1.28 +++ elf.c 17 Jun 2015 15:18:03 - @@ -441,7 +451,7 @@ elf_size(Elf_Ehdr *head, Elf_Shdr *shdr, int elf_symloadx(const char *name, FILE *fp, off_t foff, Elf_Ehdr *eh, -Elf_Shdr *shdr, char *shstr, struct nlist **pnames, +Elf_Shdr *shdr, char *shstr, long shstrsize, struct nlist **pnames, struct nlist ***psnames, size_t *pstabsize, int *pnrawnames, const char *strtab, const char *symtab) { @@ -451,6 +461,10 @@ elf_symloadx(const char *name, FILE *fp, int i; for (i = 0; i < eh->e_shnum; i++) { + if (shdr[i].sh_name >= shstrsize) { + warnx("%s: corrupt file", name); + return (1); + } if (!strcmp(shstr + shdr[i].sh_name, strtab)) { *pstabsize = shdr[i].sh_size; if (*pstabsize > SIZE_MAX) { @@ -551,11 +565,11 @@ elf_symload(const char *name, FILE *fp, stab = NULL; *pnames = NULL; *psnames = NULL; *pnrawnames = 0; if (!dynamic_only) { - elf_symloadx(name, fp, foff, eh, shdr, shstr, pnames, + elf_symloadx(name, fp, foff, eh, shdr, shstr, shstrsize, pnames, psnames, pstabsize, pnrawnames, ELF_STRTAB, ELF_SYMTAB); } if (stab == NULL) { - elf_symloadx(name, fp, foff, eh, shdr, shstr, pnames, + elf_symloadx(name, fp, foff, eh, shdr, shstr, shstrsize, pnames, psnames, pstabsize, pnrawnames, ELF_DYNSTR, ELF_DYNSYM); } Index: elfuncs.h === RCS file: /cvs/src/usr.bin/nm/elfuncs.h,v retrieving revision 1.3 diff -u -p -r1.3 elfuncs.h --- elfuncs.h 30 Sep 2006 14:34:13 - 1.3 +++ elfuncs.h 17 Jun 2015 15:18:03 - @@ -36,7 +36,7 @@ int elf32_fix_phdrs(Elf32_Ehdr *eh, Elf3 intelf32_fix_sym(Elf32_Ehdr *eh, Elf32_Sym *sym); intelf32_size(Elf32_Ehdr *, Elf32_Shdr *, u_long *, u_long *, u_long *); intelf32_symloadx(const char *, FILE *, off_t, Elf32_Ehdr *, Elf32_Shdr *, - char *, struct nlist **, struct nlist ***, size_t *, int *, + char *, long, struct nlist **, struct nlist ***, size_t *, int *, const char *, const char *); intelf32_symload(const char *, FILE *, off_t, Elf32_Ehdr *, Elf32_Shdr *, struct nlist **, struct nlist ***, size_t *, int *); @@ -49,7 +49,7 @@ int elf64_fix_phdrs(Elf64_Ehdr *eh, Elf6 intelf64_fix_sym(Elf64_Ehdr *eh, Elf64_Sym *sym); intelf64_size(Elf64_Ehdr *, Elf64_Shdr *, u_long *, u_long *, u_long *); intelf64_symloadx(const char *, FILE *, off_t, Elf64_Ehdr *, Elf64_Shdr *, - char *, struct nlist **, struct nlist ***, size_t *, int *, + char *, long, struct nlist **, struct nlist ***, size_t *, int *, const char *, const char *); intelf64_symload(const char *, FILE *, off_t, Elf64_Ehdr *, Elf64_Shdr *, struct nlist **, struct nlist ***, size_t *, int *);
Re: [patch] nm segfault
On Wed, Jun 17, 2015 at 02:43:41PM +0200, Sébastien Marie wrote: > Hi, > > I would like to report a SEGFAULT in nm(1) that occurs with object-file > with no section headers (e_shnum = 0). > > > Index: elf.c > === > RCS file: /cvs/src/usr.bin/nm/elf.c,v > retrieving revision 1.28 > diff -u -p -r1.28 elf.c > --- elf.c 17 May 2015 20:19:08 - 1.28 > +++ elf.c 17 Jun 2015 12:05:25 - > @@ -149,6 +149,16 @@ elf_load_shdrs(const char *name, FILE *f > > elf_fix_header(head); > > + if (head->e_shnum == 0) { > + warnx("%s: no section header table", name); > + return (NULL); > + } > + > + if (head->e_shstrndx >= head->e_shentsize * head->e_shnum) { > + warnx("%s: inconsistent section header table", name); > + return (NULL); > + } wrong here: the check should be (head->e_shstrndx >= head->e_shnum) corrected patch below. > if ((shdr = calloc(head->e_shentsize, head->e_shnum)) == NULL) { > warn("%s: malloc shdr", name); > return (NULL); -- Sébastien Marie Index: elf.c === RCS file: /cvs/src/usr.bin/nm/elf.c,v retrieving revision 1.28 diff -u -p -r1.28 elf.c --- elf.c 17 May 2015 20:19:08 - 1.28 +++ elf.c 17 Jun 2015 15:07:19 - @@ -149,6 +149,16 @@ elf_load_shdrs(const char *name, FILE *f elf_fix_header(head); + if (head->e_shnum == 0) { + warnx("%s: no section header table", name); + return (NULL); + } + + if (head->e_shstrndx >= head->e_shnum) { + warnx("%s: inconsistent section header table", name); + return (NULL); + } + if ((shdr = calloc(head->e_shentsize, head->e_shnum)) == NULL) { warn("%s: malloc shdr", name); return (NULL);
[patch] nm segfault
Hi, I would like to report a SEGFAULT in nm(1) that occurs with object-file with no section headers (e_shnum = 0). This object-file was generated by eg++ (I am not sure if the object-file is valid or not). I am also able to reproduce the problem with edited elf object (using hte [editors/ht]) by manually setting the section header count to zero. $ readelf -h obj/cciVHsvd-2.o ELF Header: Magic: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 Class: ELF64 Data: 2's complement, little endian Version: 1 (current) OS/ABI:UNIX - System V ABI Version: 0 Type: REL (Relocatable file) Machine: Advanced Micro Devices X86-64 Version: 0x1 Entry point address: 0x0 Start of program headers: 0 (bytes into file) Start of section headers: 8932544 (bytes into file) Flags: 0x0 Size of this header: 64 (bytes) Size of program headers: 0 (bytes) Number of program headers: 0 Size of section headers: 64 (bytes) Number of section headers: 0 (73122) Section header string table index: 65535 (73374) $ gdb -q -args ./obj/nm -n obj/cciVHsvd-2.o (gdb) r Starting program: /usr/obj/usr.bin/nm/nm -n obj/cciVHsvd-2.o Program received signal SIGSEGV, Segmentation fault. 0x19a9f830728e in elf64_symload (name=0x7f7efe82 "obj/cciVHsvd-2.o", fp=0x19aca16c7180, foff=0, eh=0x7f7efbb0, shdr=0x19aca4026720, pnames=0x7f7efb38, psnames=0x7f7efb30, pstabsize=0x7f7efb28, pnrawnames=0x7f7efb70) at elf64.c:529 529 shstrsize = shdr[eh->e_shstrndx].sh_size; (gdb) bt #0 0x19a9f830728e in elf64_symload (name=0x7f7efe82 "obj/cciVHsvd-2.o", fp=0x19aca16c7180, foff=0, eh=0x7f7efbb0, shdr=0x19aca4026720, pnames=0x7f7efb38, psnames=0x7f7efb30, pstabsize=0x7f7efb28, pnrawnames=0x7f7efb70) at elf64.c:529 #1 0x19a9f83037ca in show_file (count=1, warn_fmt=1, name=0x7f7efe82 "obj/cciVHsvd-2.o", fp=0x19aca16c7180, foff=0, head=0x7f7efbb0) at /usr/src/usr.bin/nm/nm.c:636 #2 0x19a9f8302548 in process_file (count=1, fname=0x7f7efe82 "obj/cciVHsvd-2.o") at /usr/src/usr.bin/nm/nm.c:267 #3 0x19a9f83022e3 in main (argc=1, argv=0x7f7efcd8) at /usr/src/usr.bin/nm/nm.c:208 (gdb) print eh $1 = (Elf64_Ehdr *) 0x7f7efbb0 (gdb) print *eh $2 = {e_ident = "\177ELF\002\001\001\000\000\000\000\000\000\000\000", e_type = 1, e_machine = 62, e_version = 1, e_entry = 0, e_phoff = 0, e_shoff = 8932544, e_flags = 0, e_ehsize = 64, e_phentsize = 0, e_phnum = 0, e_shentsize = 64, e_shnum = 0, e_shstrndx = 65535} (gdb) print shdr $3 = (Elf64_Shdr *) 0x19aca4026720 (gdb) print *shdr Cannot access memory at address 0x19aca4026720 (gdb) quit The segfault is caused by "shdr[eh->e_shstrndx]" (src/usr.bin/nm/elf.c:528). shdr is allocated by elf_load_shdrs() (elf.c:152): >if ((shdr = calloc(head->e_shentsize, head->e_shnum)) == NULL) { > warn("%s: malloc shdr", name); > return (NULL); > } Here, the object-file has e_shnum=0 (no section header table), so shdr is an zero sized object. The patch adds two check: - e_shnum == 0: no section header table - a consistency check (should prevent craft object-file to generate out-of-bound read). Maybe a check for overflow would be needed too ? -- Sébastien Marie Index: elf.c === RCS file: /cvs/src/usr.bin/nm/elf.c,v retrieving revision 1.28 diff -u -p -r1.28 elf.c --- elf.c 17 May 2015 20:19:08 - 1.28 +++ elf.c 17 Jun 2015 12:05:25 - @@ -149,6 +149,16 @@ elf_load_shdrs(const char *name, FILE *f elf_fix_header(head); + if (head->e_shnum == 0) { + warnx("%s: no section header table", name); + return (NULL); + } + + if (head->e_shstrndx >= head->e_shentsize * head->e_shnum) { + warnx("%s: inconsistent section header table", name); + return (NULL); + } + if ((shdr = calloc(head->e_shentsize, head->e_shnum)) == NULL) { warn("%s: malloc shdr", name); return (NULL);
bridge(4) local broadcast fix
It makes sense to not retransmit a packet on the interface it was received from but we should still call bridge_localbroadcast() on this interface otherwise the network stack never see this packet. This fix the configuration where you have a vlan(4) on top of an interface in a bridge(4) and the vlan(4) is not in the bridge(4). ok? Index: net/if_bridge.c === RCS file: /cvs/src/sys/net/if_bridge.c,v retrieving revision 1.244 diff -u -p -r1.244 if_bridge.c --- net/if_bridge.c 16 Jun 2015 11:09:39 - 1.244 +++ net/if_bridge.c 17 Jun 2015 12:05:05 - @@ -1500,12 +1500,9 @@ bridge_broadcast(struct bridge_softc *sc int len, used = 0; TAILQ_FOREACH(p, &sc->sc_iflist, next) { - /* -* Don't retransmit out of the same interface where -* the packet was received from. -*/ dst_if = p->ifp; - if (dst_if->if_index == ifp->if_index) + + if ((dst_if->if_flags & IFF_RUNNING) == 0) continue; if ((p->bif_flags & IFBIF_STP) && @@ -1516,15 +1513,6 @@ bridge_broadcast(struct bridge_softc *sc (m->m_flags & (M_BCAST | M_MCAST)) == 0) continue; - if ((dst_if->if_flags & IFF_RUNNING) == 0) - continue; - - if (IF_QFULL(&dst_if->if_snd)) { - IF_DROP(&dst_if->if_snd); - sc->sc_if.if_oerrors++; - continue; - } - /* Drop non-IP frames if the appropriate flag is set. */ if (p->bif_flags & IFBIF_BLOCKNONIP && bridge_blocknonip(eh, m)) @@ -1534,6 +1522,19 @@ bridge_broadcast(struct bridge_softc *sc continue; bridge_localbroadcast(sc, dst_if, eh, m); + + /* +* Don't retransmit out of the same interface where +* the packet was received from. +*/ + if (dst_if->if_index == ifp->if_index) + continue; + + if (IF_QFULL(&dst_if->if_snd)) { + IF_DROP(&dst_if->if_snd); + sc->sc_if.if_oerrors++; + continue; + } /* If last one, reuse the passed-in mbuf */ if (TAILQ_NEXT(p, next) == NULL) {
Re: Conver bridge(4) to if_input()
On 08/06/15(Mon) 16:11, Martin Pieuchot wrote: > This is the last pseudo-driver conversion. > > The idea is to run bridge_input() *before* any ifih on an interface. > Doing so allow us to remove the hack between vlan(4) and bridge(4) > and simplify the logic for "stacked" ifih. > > With that net/if_ethersubr.c is now free from "#ifdef NPSEUDODRIVER". > > As usual, tests comments and oks welcome. Updated diff to match recent if_get() change, as for the other bridge diff I've got one positive test report. Any ok? Index: net/if.c === RCS file: /cvs/src/sys/net/if.c,v retrieving revision 1.340 diff -u -p -r1.340 if.c --- net/if.c16 Jun 2015 11:09:39 - 1.340 +++ net/if.c17 Jun 2015 12:03:36 - @@ -530,6 +530,15 @@ if_input_process(void *xmq) continue; } +#if NBRIDGE > 0 + if (ifp->if_bridgeport && (m->m_flags & M_PROTO1) == 0) { + m = bridge_input(m); + if (m == NULL) + continue; + } + m->m_flags &= ~M_PROTO1;/* Loop prevention */ +#endif + /* * Pass this mbuf to all input handlers of its * interface until it is consumed. Index: net/if_bridge.c === RCS file: /cvs/src/sys/net/if_bridge.c,v retrieving revision 1.244 diff -u -p -r1.244 if_bridge.c --- net/if_bridge.c 16 Jun 2015 11:09:39 - 1.244 +++ net/if_bridge.c 17 Jun 2015 12:03:36 - @@ -116,8 +116,6 @@ voidbridge_broadcast(struct bridge_soft void bridge_localbroadcast(struct bridge_softc *, struct ifnet *, struct ether_header *, struct mbuf *); void bridge_span(struct bridge_softc *, struct mbuf *); -struct mbuf *bridge_dispatch(struct bridge_iflist *, struct ifnet *, -struct mbuf *); void bridge_stop(struct bridge_softc *); void bridge_init(struct bridge_softc *); intbridge_bifconf(struct bridge_softc *, struct ifbifconf *); @@ -1198,7 +1196,7 @@ bridgeintr_frame(struct bridge_softc *sc * If packet is unicast, destined for someone on "this" * side of the bridge, drop it. */ - if ((m->m_flags & (M_BCAST | M_MCAST)) == 0) { + if (!ETHER_IS_MULTICAST(eh.ether_dhost)) { if ((dst_p = bridge_rtlookup(sc, dst)) != NULL) dst_if = dst_p->brt_if; else @@ -1207,8 +1205,14 @@ bridgeintr_frame(struct bridge_softc *sc m_freem(m); return; } - } else + } else { + if (memcmp(etherbroadcastaddr, eh.ether_dhost, + sizeof(etherbroadcastaddr)) == 0) + m->m_flags |= M_BCAST; + else + m->m_flags |= M_MCAST; dst_if = NULL; + } /* * Multicast packets get handled a little differently: @@ -1302,37 +1306,31 @@ bridgeintr_frame(struct bridge_softc *sc * not for us, and schedule an interrupt. */ struct mbuf * -bridge_input(struct ifnet *ifp, struct ether_header *eh0, struct mbuf *m) +bridge_input(struct mbuf *m) { + struct ifnet *ifp; struct bridge_softc *sc; struct bridge_iflist *ifl; + struct bridge_iflist *srcifl; struct ether_header *eh; -#if NVLAN > 0 - uint16_t etype = ntohs(eh0->ether_type); -#endif /* NVLAN > 0 */ + struct arpcom *ac; + struct mbuf_list ml = MBUF_LIST_INITIALIZER(); + struct mbuf *mc; + int s; - /* -* Make sure this interface is a bridge member. -*/ - if (ifp == NULL || ifp->if_bridgeport == NULL || m == NULL) + ifp = if_get(m->m_pkthdr.ph_ifidx); + KASSERT(ifp != NULL); + if (((ifp->if_flags & IFF_UP) == 0) || (ifp->if_bridgeport == NULL)) return (m); if ((m->m_flags & M_PKTHDR) == 0) panic("bridge_input(): no HDR"); - m->m_flags &= ~M_PROTO1;/* Loop prevention */ - ifl = (struct bridge_iflist *)ifp->if_bridgeport; sc = ifl->bridge_sc; if ((sc->sc_if.if_flags & IFF_RUNNING) == 0) return (m); - M_PREPEND(m, sizeof(*eh), M_DONTWAIT); - if (m == NULL) - return (NULL); - eh = mtod(m, struct ether_header *); - memmove(eh, eh0, sizeof(*eh)); - #if NBPFILTER > 0 if (sc->sc_if.if_bpf) bpf_mtap_ether(sc->sc_if.if_bpf, m, BPF_DIRECTION_IN); @@ -1340,35 +1338,8 @@ bridge_input(struct ifnet *ifp, struct e bridge_span(sc, m); - m = bridge_dispatch(ifl, ifp, m); - -#if NVLAN > 0 - if ((m != NULL) && ((m->m_flags & M_VLANTAG) || - etype == ETHERTYPE_VLAN || etype == ETHERTYPE_QINQ)) { - /* The bridge did not want the vlan frame eit
Re: bridge_output() without m_buf_tag
On 08/06/15(Mon) 15:58, Martin Pieuchot wrote: > Diff below moves bridge_output() to if_output(). It fixes the case I > already described some weeks ago where you have a physical interface > in a bridge and a vlan on top of it which is not in the bridge. > > It also change the loop prevention code to use M_PROTO1 like in the > input path. > > Tests, comments and oks welcome. Updated diff to match the recent if_get() change. I've got one positive report so far, any ok? Index: net/if.c === RCS file: /cvs/src/sys/net/if.c,v retrieving revision 1.340 diff -u -p -r1.340 if.c --- net/if.c16 Jun 2015 11:09:39 - 1.340 +++ net/if.c17 Jun 2015 12:01:12 - @@ -449,6 +449,19 @@ if_output(struct ifnet *ifp, struct mbuf int s, length, error = 0; unsigned short mflags; +#ifdef DIAGNOSTIC + if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.ph_rtableid)) { + printf("%s: trying to send packet on wrong domain. " + "if %d vs. mbuf %d\n", ifp->if_xname, ifp->if_rdomain, + rtable_l2(m->m_pkthdr.ph_rtableid)); + } +#endif + +#if NBRIDGE > 0 + if (ifp->if_bridgeport && (m->m_flags & M_PROTO1) == 0) + return (bridge_output(ifp, m, NULL, NULL)); +#endif + length = m->m_pkthdr.len; mflags = m->m_flags; Index: net/if_bridge.c === RCS file: /cvs/src/sys/net/if_bridge.c,v retrieving revision 1.244 diff -u -p -r1.244 if_bridge.c --- net/if_bridge.c 16 Jun 2015 11:09:39 - 1.244 +++ net/if_bridge.c 17 Jun 2015 12:01:12 - @@ -2635,10 +2635,12 @@ bridge_ifenqueue(struct bridge_softc *sc { int error, len; + /* Loop prevention. */ + m->m_flags |= M_PROTO1; + #if NGIF > 0 /* Packet needs etherip encapsulation. */ if (ifp->if_type == IFT_GIF) { - m->m_flags |= M_PROTO1; /* Count packets input into the gif from outside */ ifp->if_ipackets++; Index: net/if_ethersubr.c === RCS file: /cvs/src/sys/net/if_ethersubr.c,v retrieving revision 1.205 diff -u -p -r1.205 if_ethersubr.c --- net/if_ethersubr.c 16 Jun 2015 11:09:39 - 1.205 +++ net/if_ethersubr.c 17 Jun 2015 12:01:12 - @@ -181,15 +181,6 @@ ether_output(struct ifnet *ifp, struct m struct arpcom *ac = (struct arpcom *)ifp; int error = 0; -#ifdef DIAGNOSTIC - if (ifp->if_rdomain != rtable_l2(m->m_pkthdr.ph_rtableid)) { - printf("%s: trying to send packet on wrong domain. " - "if %d vs. mbuf %d, AF %d\n", ifp->if_xname, - ifp->if_rdomain, rtable_l2(m->m_pkthdr.ph_rtableid), - dst->sa_family); - } -#endif - esrc = ac->ac_enaddr; if ((ifp->if_flags & (IFF_UP|IFF_RUNNING)) != (IFF_UP|IFF_RUNNING)) @@ -276,47 +267,6 @@ ether_output(struct ifnet *ifp, struct m eh->ether_type = etype; memcpy(eh->ether_dhost, edst, sizeof(eh->ether_dhost)); memcpy(eh->ether_shost, esrc, sizeof(eh->ether_shost)); - -#if NBRIDGE > 0 - /* -* Interfaces that are bridgeports need special handling for output. -*/ - if (ifp->if_bridgeport) { - struct m_tag *mtag; - - /* -* Check if this packet has already been sent out through -* this bridgeport, in which case we simply send it out -* without further bridge processing. -*/ - for (mtag = m_tag_find(m, PACKET_TAG_BRIDGE, NULL); mtag; - mtag = m_tag_find(m, PACKET_TAG_BRIDGE, mtag)) { -#ifdef DEBUG - /* Check that the information is there */ - if (mtag->m_tag_len != sizeof(caddr_t)) { - error = EINVAL; - goto bad; - } -#endif - if (!memcmp(&ifp->if_bridgeport, mtag + 1, - sizeof(caddr_t))) - break; - } - if (mtag == NULL) { - /* Attach a tag so we can detect loops */ - mtag = m_tag_get(PACKET_TAG_BRIDGE, sizeof(caddr_t), - M_NOWAIT); - if (mtag == NULL) { - error = ENOBUFS; - goto bad; - } - memcpy(mtag + 1, &ifp->if_bridgeport, sizeof(caddr_t)); - m_tag_prepend(m, mtag); - error = bridge_output(ifp, m, NULL, NULL); - return (error); - } - } -#endif return (if_output(ifp, m)); bad: Index: sys/mbuf.h
Re: [patch]rcs: xstrdup just wrappes strdup
On Mon, Jun 15, 2015 at 10:22:27AM +0100, Nicholas Marriott wrote: > What about diff and ssh and file? They all use the a copy of the same > xmalloc.c. > > Personally, I would recommend that "xstrdup" just calls strdup(3), as Theo said: it's 100.00% portable. But I don't think I'm the right person who should answer that question. ;) Regards, --F. > > On Mon, Jun 15, 2015 at 10:00:01AM +0200, Fritjof Bornebusch wrote: > > Hi, > > > > thanks for the hint. > > This one should do the trick. > > > > > > > > > > Index: xmalloc.c > > === > > RCS file: /cvs/src/usr.bin/rcs/xmalloc.c,v > > retrieving revision 1.9 > > diff -u -p -r1.9 xmalloc.c > > --- xmalloc.c 13 Jun 2015 20:15:21 - 1.9 > > +++ xmalloc.c 15 Jun 2015 07:52:15 - > > @@ -68,13 +68,10 @@ xreallocarray(void *ptr, size_t nmemb, s > > char * > > xstrdup(const char *str) > > { > > - size_t len; > > char *cp; > > - > > - len = strlen(str) + 1; > > - cp = xmalloc(len); > > - if (strlcpy(cp, str, len) >= len) > > - errx(1, "xstrdup: string truncated"); > > + > > + if ((cp = strdup(str)) == NULL) > > + err(1, "xstrdup"); > > return cp; > > } > > >
Re: Bug in uvm_pmr_get1page()?
On Tue, Jun 16, 2015 at 23:57 +0200, Mark Kettenis wrote: > You're definitely on to something. It certainly looks like your diff > fixes the bug. However, if there is no constraint, it would make > sense to pick a page from the size tree of the right type. Not sure > if that optimization would really matter though. How about the following patch? It adds an opportunistic size tree check before the address tree search. If there are no constraints, the opportunistically checked entry will be selected directly. The updated patch does not seem to have any clear impact on performance, at least when there is no heavy memory contention. In my cursory tests, kernel build times were effectively the same on an amd64 with and without the fix. The octeon fared similarly. Index: uvm/uvm_pmemrange.c === RCS file: src/sys/uvm/uvm_pmemrange.c,v retrieving revision 1.44 diff -u -p -r1.44 uvm_pmemrange.c --- uvm/uvm_pmemrange.c 13 Nov 2014 00:47:44 - 1.44 +++ uvm/uvm_pmemrange.c 17 Jun 2015 07:12:14 - @@ -1708,11 +1708,35 @@ uvm_pmr_get1page(psize_t count, int memt found = TAILQ_NEXT(found, pageq); if (found == NULL) { - found = RB_ROOT(&pmr->size[memtype]); - /* Size tree gives pg[1] instead of pg[0] */ + /* +* Check if the size tree contains a range +* that intersects with the boundaries. As the +* allocation is for any page, try the smallest +* range so that large ranges are preserved for +* more constrained cases. Only one entry is +* checked here, to avoid a brute-force search. +* +* Note that a size tree gives pg[1] instead of +* pg[0]. +*/ + found = RB_MIN(uvm_pmr_size, + &pmr->size[memtype]); if (found != NULL) { found--; - + if (!PMR_INTERSECTS_WITH( + atop(VM_PAGE_TO_PHYS(found)), + atop(VM_PAGE_TO_PHYS(found)) + + found->fpgsz, start, end)) + found = NULL; + } + } + if (found == NULL) { + /* +* Try address-guided search to meet the page +* number constraints. +*/ + found = RB_ROOT(&pmr->addr); + if (found != NULL) { found = uvm_pmr_rootupdate(pmr, found, start, end, memtype); }
Re: [patch]rcs: no null check before free(3)
Fixed, thanks On Wed, Jun 17, 2015 at 09:51:38AM +0200, Fritjof Bornebusch wrote: > Hi tech@, > > just saw I missed removing the null check before calling free(3), sorry. > > Regards, > --F. > > > Index: ci.c > === > RCS file: /cvs/src/usr.bin/rcs/ci.c,v > retrieving revision 1.220 > diff -u -p -r1.220 ci.c > --- ci.c 13 Jun 2015 20:15:21 - 1.220 > +++ ci.c 17 Jun 2015 07:47:09 - > @@ -210,8 +210,7 @@ checkin_main(int argc, char **argv) > printf("%s\n", rcs_version); > exit(0); > case 'w': > - if (pb.author != NULL) > - free(pb.author); > + free(pb.author); > pb.author = xstrdup(rcs_optarg); > break; > case 'x':
[patch]rcs: no null check before free(3)
Hi tech@, just saw I missed removing the null check before calling free(3), sorry. Regards, --F. Index: ci.c === RCS file: /cvs/src/usr.bin/rcs/ci.c,v retrieving revision 1.220 diff -u -p -r1.220 ci.c --- ci.c13 Jun 2015 20:15:21 - 1.220 +++ ci.c17 Jun 2015 07:47:09 - @@ -210,8 +210,7 @@ checkin_main(int argc, char **argv) printf("%s\n", rcs_version); exit(0); case 'w': - if (pb.author != NULL) - free(pb.author); + free(pb.author); pb.author = xstrdup(rcs_optarg); break; case 'x':