Re: two bge(4) bugfixes

[Miod Vallat]

> This chunk doesn't make sense to me.  The code is supposed to write a
> magic value into SRAM, not into a register.

If I understand if_bgereg.h correctly, access to the SRAM can be
performed either through a simple indirect access (write address to the
index register, read from or write to the data register), or through a
fixed 32KB window in the pci address space, and the latter is not
available on older models.

Thus it makes sense to use write_op as determined from the board type
earlier, rather than always use writemem_ind.

Also, the following diff to if_bgereg.h makes sure that the window is
used as a 32KB window, not a 64KB one.

Index: if_bgereg.h
===
RCS file: /OpenBSD/src/sys/dev/pci/if_bgereg.h,v
retrieving revision 1.128
diff -u -p -r1.128 if_bgereg.h
--- if_bgereg.h 19 Oct 2015 05:31:25 -  1.128
+++ if_bgereg.h 1 Nov 2015 10:01:54 -
@@ -47,7 +47,7 @@
  *
  * The NIC's memory can be accessed by the host in one of 3 ways:
  *
- * 1) Indirect register access. The MEMWIN_BASEADDR and MEMWIN_DATA
+ * 1) Indirect register access. The REG_BASEADDR and REG_DATA
  *registers in PCI config space can be used to read any 32-bit
  *address within the NIC's memory.
  *
@@ -2272,15 +2272,15 @@
 #defineBGE_MEMWIN_READ(pc, tag, x, val)
\
do {\
pci_conf_write(pc, tag, BGE_PCI_MEMWIN_BASEADDR,\
-   (0x & x));  \
-   val = CSR_READ_4(sc, BGE_MEMWIN_START + (x & 0x));  \
+   (0x8000 & x));  \
+   val = CSR_READ_4(sc, BGE_MEMWIN_START + (x & 0x7FFF));  \
} while(0)
 
 #defineBGE_MEMWIN_WRITE(pc, tag, x, val)   
\
do {\
pci_conf_write(pc, tag, BGE_PCI_MEMWIN_BASEADDR,\
-   (0x & x));  \
-   CSR_WRITE_4(sc, BGE_MEMWIN_START + (x & 0x), val);  \
+   (0x8000 & x));  \
+   CSR_WRITE_4(sc, BGE_MEMWIN_START + (x & 0x7FFF), val);  \
} while(0)
 
 /*

Re: [PATCH] rcs: buf_free/rcsnum_free

[Michael W. Bombardieri]

I remember reading a while ago that people were thinking to
use opencvs for anoncvs mirrors. I don't see any mirrors
reporting as opencvs though...

$ for h in $hosts; do printf "%-30s" $h; export CVSROOT="anoncvs@$h:/cvs"; cvs 
version | grep -v Client; done ;
anoncvs.au.openbsd.orgServer: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
ftp5.eu.openbsd.org   Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs1.ca.openbsd.org   Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs.comstyle.com  Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
openbsd.cs.toronto.eduServer: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs.fr.openbsd.orgServer: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
openbsd.cs.fau.de Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
mirror.osn.de Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
ftp.hostserver.de Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs.jp.openbsd.orgServer: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
openbsd.park.rambler.ru   Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs.obsd.si   Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs.eu.openbsd.orgServer: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs.spacehopper.org   Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs1.usa.openbsd.org  Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
anoncvs3.usa.openbsd.org  Server: Concurrent Versions System (CVS) 1.11.1p1 
(client/server)
mirror.planetunix.net Server: Concurrent Versions System (CVS) 1.12.13 
(client/server)

On Fri, Oct 30, 2015 at 10:26:31AM +, Nicholas Marriott wrote:
> I think it is never going to rise from the dead.
> 
>  Original message 
> From: Tobias Stoeckmann  
> Date:30/10/2015  10:06  (GMT+00:00) 
> To: "Michael W. Bombardieri"  
> Cc: Nicholas Marriott ,tech@openbsd.org 
> Subject: Re: [PATCH] rcs: buf_free/rcsnum_free 
> 
> On Fri, Oct 30, 2015 at 08:52:02AM +0800, Michael W. Bombardieri wrote:
> > Sorry. Here is new diff. Hopefully I haven't missed anything else.
> 
> You missed OpenCVS, which shares the same code base.
> 
> But is OpenCVS worth it anymore?
> Even a harsher question: Is it time to tedu it?

Re: [PATCH] rcs: buf_free/rcsnum_free

[Nicholas Marriott]

Some did for a while but it has some nasty bugs and nobody is working on
fixing it.


On Sun, Nov 01, 2015 at 03:08:54PM +0800, Michael W. Bombardieri wrote:
> I remember reading a while ago that people were thinking to
> use opencvs for anoncvs mirrors. I don't see any mirrors
> reporting as opencvs though...
> 
> $ for h in $hosts; do printf "%-30s" $h; export CVSROOT="anoncvs@$h:/cvs"; 
> cvs version | grep -v Client; done ;
> anoncvs.au.openbsd.orgServer: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> ftp5.eu.openbsd.org   Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs1.ca.openbsd.org   Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs.comstyle.com  Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> openbsd.cs.toronto.eduServer: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs.fr.openbsd.orgServer: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> openbsd.cs.fau.de Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> mirror.osn.de Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> ftp.hostserver.de Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs.jp.openbsd.orgServer: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> openbsd.park.rambler.ru   Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs.obsd.si   Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs.eu.openbsd.orgServer: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs.spacehopper.org   Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs1.usa.openbsd.org  Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> anoncvs3.usa.openbsd.org  Server: Concurrent Versions System (CVS) 
> 1.11.1p1 (client/server)
> mirror.planetunix.net Server: Concurrent Versions System (CVS) 
> 1.12.13 (client/server)
> 
> On Fri, Oct 30, 2015 at 10:26:31AM +, Nicholas Marriott wrote:
> > I think it is never going to rise from the dead.
> > 
> >  Original message 
> > From: Tobias Stoeckmann  
> > Date:30/10/2015  10:06  (GMT+00:00) 
> > To: "Michael W. Bombardieri"  
> > Cc: Nicholas Marriott ,tech@openbsd.org 
> > Subject: Re: [PATCH] rcs: buf_free/rcsnum_free 
> > 
> > On Fri, Oct 30, 2015 at 08:52:02AM +0800, Michael W. Bombardieri wrote:
> > > Sorry. Here is new diff. Hopefully I haven't missed anything else.
> > 
> > You missed OpenCVS, which shares the same code base.
> > 
> > But is OpenCVS worth it anymore?
> > Even a harsher question: Is it time to tedu it?

pledging m4

[Marc Espie]

I did partial work before if was called pledge.

Now, with fork and exec, simple pledge is easy.

There might be something down the line to explicitly allow m4 to fork 
and exec, but unfortunately, the corresponding macros are used by both
sendmail and autoconf scripts, so I would say they're rather ubiquitous.



Index: main.c
===
RCS file: /cvs/src/usr.bin/m4/main.c,v
retrieving revision 1.84
diff -u -p -r1.84 main.c
--- main.c  21 Dec 2014 09:33:12 -  1.84
+++ main.c  1 Nov 2015 09:12:04 -
@@ -174,6 +174,9 @@ main(int argc, char *argv[])
int n;
char *p;
 
+   if (pledge("stdio proc exec rpath wpath cpath", NULL) == -1)
+   err(1, "pledge");
+
if (signal(SIGINT, SIG_IGN) != SIG_IGN)
signal(SIGINT, onintr);
 

Re: [PATCH] rcs: buf_free/rcsnum_free

[Tobias Stoeckmann]

On Sun, Nov 01, 2015 at 11:17:40AM +, Stuart Henderson wrote:
> On 2015/11/01 08:03, Nicholas Marriott wrote:
> > Some did for a while but it has some nasty bugs and nobody is working on
> > fixing it.
> 
> Some used it on amd64 for a while to avoid checkout failures due to
> running into memory limits, but then I tracked it down and increased
> the limit in CVSROOT/options to get around this.
> 
> Switching between cvs and opencvs upstreams without making a fresh
> checkout caused some problems so it's better if mirrors all just use
> cvs.

I think it should be moved into Attic. It's not like we've been nice to
the pcc tree-import either after it lacked attention.

Re: [PATCH] rcs: buf_free/rcsnum_free

[Stuart Henderson]

On 2015/11/01 08:03, Nicholas Marriott wrote:
> Some did for a while but it has some nasty bugs and nobody is working on
> fixing it.

Some used it on amd64 for a while to avoid checkout failures due to
running into memory limits, but then I tracked it down and increased
the limit in CVSROOT/options to get around this.

Switching between cvs and opencvs upstreams without making a fresh
checkout caused some problems so it's better if mirrors all just use
cvs.

relayd: improving sessions distribution across hosts in hash mode

[Sebastian Benoit]

Hi,

relayd (when running relays) will distribute client sessions over hosts
using various algorithms. Some of them generate a hash from different data
and calculate modulo rlt->rlt_nhosts to find the host the session should go
to. If this host is down, the current algorithm simply selects the next host
that is up.

This puts heavier load on this next host, it would be nicer if the
connections would be distributed to more destinations.

The following diff changes this algorithm: if the chosen host is not
available, the hash value p is shifted to the right and the calculation is
retried until a host that is usable is found or a maximum of retires is
reached (in that case the old method is used).

ok?

diff --git usr.sbin/relayd/relay.c usr.sbin/relayd/relay.c
index f14d7c9..9bb69ba 100644
--- usr.sbin/relayd/relay.c
+++ usr.sbin/relayd/relay.c
@@ -1220,6 +1220,8 @@ relay_from_table(struct rsession *con)
struct relay_table  *rlt = NULL;
struct table*table = NULL;
int  idx = -1;
+   int  cnt = 0;
+   int  maxtries;
u_int64_tp = 0;
 
/* the table is already selected */
@@ -1275,18 +1277,38 @@ relay_from_table(struct rsession *con)
/* NOTREACHED */
}
if (idx == -1) {
+   /* handle all hashing algorithms */
p = SipHash24_End(>se_siphashctx);
 
/* Reset hash context */
SipHash24_Init(>se_siphashctx,
>rl_conf.hashkey.siphashkey);
 
-   if ((idx = p % rlt->rlt_nhosts) >= RELAY_MAXHOSTS)
-   return (-1);
+   maxtries = (rlt->rlt_nhosts < RELAY_MAX_HASH_RETRIES ?
+   rlt->rlt_nhosts : RELAY_MAX_HASH_RETRIES);
+   while (cnt < maxtries) {
+   if ((idx = p % rlt->rlt_nhosts) >= RELAY_MAXHOSTS)
+   return (-1);
+   
+   host = rlt->rlt_host[idx];
+
+   DPRINTF("%s: session %d: table %s host %s, "
+   "p 0x%016llx, idx %d, cnt %d, max %d",
+   __func__, con->se_id, table->conf.name,
+   host->conf.name, p, idx, cnt, maxtries);
+
+   if (!table->conf.check || host->up == HOST_UP)
+   goto found;
+   p = p >> 1;
+   cnt++;
+   }
+   } else {
+   /* handle all non-hashing algorithms */
+   host = rlt->rlt_host[idx];
+   DPRINTF("%s: session %d: table %s host %s, p 0x%016llx, idx %d",
+   __func__, con->se_id, table->conf.name, host->conf.name, p, 
idx);
}
-   host = rlt->rlt_host[idx];
-   DPRINTF("%s: session %d: table %s host %s, p 0x%016llx, idx %d",
-   __func__, con->se_id, table->conf.name, host->conf.name, p, idx);
+
while (host != NULL) {
DPRINTF("%s: session %d: host %s", __func__,
con->se_id, host->conf.name);
diff --git usr.sbin/relayd/relayd.h usr.sbin/relayd/relayd.h
index 3c7dc89..2e0fd58 100644
--- usr.sbin/relayd/relayd.h
+++ usr.sbin/relayd/relayd.h
@@ -76,6 +76,7 @@
 #define RELAY_BACKLOG  10
 #define RELAY_MAXLOOKUPLEVELS  5
 #define RELAY_OUTOF_FD_RETRIES 5
+#define RELAY_MAX_HASH_RETRIES 5
 
 #define CONFIG_RELOAD  0x00
 #define CONFIG_TABLES  0x01

Re: Upgrading flex?

[Michael McConville]

Serguey Parkhomovsky wrote:
> Is there any interest in having a newer version of flex in base? I
> recently tried compiling some software with OpenBSD's flex, but had to
> tweak some code in order to get it to compile with 2.5.4. Of course, I
> could always install the flex in ports to get a newer version, but I
> was wondering what would be involved/if anyone is working on this
> already.

tedu@ was talking about this very recently - I'd search the archives.

Tweaks to malloc(3) manpage

[Michael McConville]

1. I don't see much reason to mention calloc() as an alternative to
reallocarray() when it's the worse option.

2. Use size > 0 when testing overflow.

ok?


Index: lib/libc/stdlib/malloc.3
===
RCS file: /cvs/src/lib/libc/stdlib/malloc.3,v
retrieving revision 1.91
diff -u -p -r1.91 malloc.3
--- lib/libc/stdlib/malloc.314 Sep 2015 13:08:01 -  1.91
+++ lib/libc/stdlib/malloc.31 Nov 2015 16:35:17 -
@@ -203,10 +203,6 @@ if ((p = reallocarray(NULL, num, size)) 
err(1, "reallocarray");
 .Ed
 .Pp
-Alternatively,
-.Fn calloc
-may be used at the cost of initialization overhead.
-.Pp
 When using
 .Fn realloc ,
 be careful to avoid the following idiom:
@@ -291,7 +287,7 @@ size_t num, size;
 \&...
 
 /* Check for size_t overflow */
-if (size && num > SIZE_MAX / size)
+if (size > 0 && num > SIZE_MAX / size)
errc(1, EOVERFLOW, "overflow");
 
 if ((p = malloc(size * num)) == NULL)
@@ -309,7 +305,7 @@ if (size < 0 || num < 0)
errc(1, EOVERFLOW, "overflow");
 
 /* Check for signed int overflow */
-if (size && num > INT_MAX / size)
+if (size > 0 && num > INT_MAX / size)
errc(1, EOVERFLOW, "overflow");
 
 if ((p = malloc(size * num)) == NULL)

Re: Another use of areallocarray() in ksh

[Michael McConville]

Michael McConville wrote:
> Mike Burns wrote:
> > On 2015-11-01 10.44.45 -0500, Michael McConville wrote:
> > > Index: history.c
> > > ===
> > > RCS file: /cvs/src/bin/ksh/history.c,v
> > > retrieving revision 1.52
> > > diff -u -p -r1.52 history.c
> > > --- history.c 1 Nov 2015 15:38:53 -   1.52
> > > +++ history.c 1 Nov 2015 15:44:02 -
> > > @@ -507,7 +507,7 @@ sethistsize(int n)
> > >   cursize = n;
> > >   }
> > >  
> > > - history = (char **)aresize(history, n*sizeof(char *), APERM);
> > > + history = areallocarray(history, n, sizeof(char *), APERM);
> > 
> > Is this a memory leak? I'm thinking of the IDIOMS section of
> > realloc(3).
> 
> I don't think so. This is areallocarray(), a ksh-specific function, not
> the stdlib's reallocarray(3). I'm pretty sure that a failed allocation
> in ksh is fatal. It's defined in bin/ksh/alloc.c if you're interested.

Also, I think that idiom only applies when you're incrementing a size
variable (n, in this case) before reallocating.

Re: [PATCH] rcs: buf_free/rcsnum_free

[Theo de Raadt]

> > I think it should be moved into Attic. It's not like we've been nice to
> > the pcc tree-import either after it lacked attention.
> 
> I agree, it has been unlinked from the build for more than 5 years.

I don't agree.  I still have some hope.

Yes, it has problems.  But go look at the code in gnu/usr.bin/cvs

There were good reasons to start the effort...

Re: inteldrm(4) diff that needs testing

[Josh]

Hi Mark,

Just tried amd64 snapshot (1st Nov) on Intel NUC5i7RYH and building
world from source (updated around 4PM UTC, 1st Nov).
While I do not get any kernel panic or crash as others may have faced,
the behavior of some programs such as firefox, dillo under X (startx
with default install) will give some strange rendering: Firefox/Dillo
window will stay gray/black/blank. Still responsive but the display is
not there. Moving the mouse over the window will un-hide some of the
toolbar's button but that's all I managed to see. (this does not
happen on 5.8-release and not sure if its related to that diff)

Below full dmesg with some "error" lines displayed: error:
[drm:pid20852:intel_dp_set_idle_link_train] *ERROR* Timed out waiting
for DP idle patterns

OpenBSD 5.8-current (GENERIC.MP) #1: Sun Nov  1 23:58:23 SGT 2015
r...@nuc.none:/usr/src/sys/arch/amd64/compile/GENERIC.MP
real mem = 16036732928 (15293MB)
avail mem = 15546572800 (14826MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0x36ee7000 (53 entries)
bios0: vendor Intel Corporation version
"RYBDWi35.86A.0350.2015.0812.1722" date 08/12/2015
bios0: Intel Corporation NUC5i7RYB
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP APIC FPDT FIDT MCFG HPET SSDT UEFI LPIT SSDT
ASF! SSDT SSDT SSDT DMAR
acpi0: wakeup devices PEGP(S4) PEG0(S4) PEGP(S4) PEG1(S4) PEGP(S4)
PEG2(S4) PS2K(S3) PS2M(S3) PXSX(S4) RP01(S4) PXSX(S4) RP02(S4)
PXSX(S4) RP03(S4) PXSX(S4) RP04(S4) [...]
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz, 3392.68 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz, 3392.15 MHz
cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz, 3392.15 MHz
cpu2: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i7-5557U CPU @ 3.10GHz, 3392.15 MHz
cpu3: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,3DNOWP,PERF,ITSC,FSGSBASE,BMI1,AVX2,SMEP,BMI2,ERMS,INVPCID,RDSEED,ADX,SMAP,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpimadt0: bogus nmi for apid 3
acpimcfg0 at acpi0 addr 0xf800, bus 0-63
acpihpet0 at acpi0: 14318179 Hz
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (PEG0)
acpiprt2 at acpi0: bus -1 (PEG1)
acpiprt3 at acpi0: bus -1 (PEG2)
acpiprt4 at acpi0: bus 1 (RP01)
acpiprt5 at acpi0: bus -1 (RP02)
acpiprt6 at acpi0: bus -1 (RP03)
acpiprt7 at acpi0: bus 2 (RP04)
acpiprt8 at acpi0: bus -1 (RP05)
acpiprt9 at acpi0: bus -1 (RP06)
acpiprt10 at acpi0: bus -1 (RP07)
acpiprt11 at acpi0: bus -1 (RP08)
acpiec0 at acpi0: not present
acpicpu0 at acpi0: C3(200@506 mwait.1@0x60), C2(200@230 mwait.1@0x31),
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C3(200@506 mwait.1@0x60), C2(200@230 mwait.1@0x31),
C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0: C3(200@506 mwait.1@0x60), C2(200@230 mwait.1@0x31),
C1(1000@1 mwait.1), PSS
acpicpu3 at acpi0: C3(200@506 mwait.1@0x60), C2(200@230 mwait.1@0x31),
C1(1000@1 mwait.1), PSS
acpipwrres0 at 

Another use of areallocarray() in ksh

[Michael McConville]

ok?


Index: history.c
===
RCS file: /cvs/src/bin/ksh/history.c,v
retrieving revision 1.52
diff -u -p -r1.52 history.c
--- history.c   1 Nov 2015 15:38:53 -   1.52
+++ history.c   1 Nov 2015 15:44:02 -
@@ -507,7 +507,7 @@ sethistsize(int n)
cursize = n;
}
 
-   history = (char **)aresize(history, n*sizeof(char *), APERM);
+   history = areallocarray(history, n, sizeof(char *), APERM);
 
histsize = n;
histptr = history + cursize;

Re: [PATCH] rcs: buf_free/rcsnum_free

[Nicholas Marriott]

On Sun, Nov 01, 2015 at 01:10:21PM +0100, Tobias Stoeckmann wrote:
> On Sun, Nov 01, 2015 at 11:17:40AM +, Stuart Henderson wrote:
> > On 2015/11/01 08:03, Nicholas Marriott wrote:
> > > Some did for a while but it has some nasty bugs and nobody is working on
> > > fixing it.
> > 
> > Some used it on amd64 for a while to avoid checkout failures due to
> > running into memory limits, but then I tracked it down and increased
> > the limit in CVSROOT/options to get around this.
> > 
> > Switching between cvs and opencvs upstreams without making a fresh
> > checkout caused some problems so it's better if mirrors all just use
> > cvs.
> 
> I think it should be moved into Attic. It's not like we've been nice to
> the pcc tree-import either after it lacked attention.

I agree, it has been unlinked from the build for more than 5 years.

Re: Another use of areallocarray() in ksh

[Michael McConville]

Mike Burns wrote:
> On 2015-11-01 10.44.45 -0500, Michael McConville wrote:
> > Index: history.c
> > ===
> > RCS file: /cvs/src/bin/ksh/history.c,v
> > retrieving revision 1.52
> > diff -u -p -r1.52 history.c
> > --- history.c   1 Nov 2015 15:38:53 -   1.52
> > +++ history.c   1 Nov 2015 15:44:02 -
> > @@ -507,7 +507,7 @@ sethistsize(int n)
> > cursize = n;
> > }
> >  
> > -   history = (char **)aresize(history, n*sizeof(char *), APERM);
> > +   history = areallocarray(history, n, sizeof(char *), APERM);
> 
> Is this a memory leak? I'm thinking of the IDIOMS section of
> realloc(3).

I don't think so. This is areallocarray(), a ksh-specific function, not
the stdlib's reallocarray(3). I'm pretty sure that a failed allocation
in ksh is fatal. It's defined in bin/ksh/alloc.c if you're interested.

Re: Another use of areallocarray() in ksh

[Mike Burns]

On 2015-11-01 10.44.45 -0500, Michael McConville wrote:
> Index: history.c
> ===
> RCS file: /cvs/src/bin/ksh/history.c,v
> retrieving revision 1.52
> diff -u -p -r1.52 history.c
> --- history.c 1 Nov 2015 15:38:53 -   1.52
> +++ history.c 1 Nov 2015 15:44:02 -
> @@ -507,7 +507,7 @@ sethistsize(int n)
>   cursize = n;
>   }
>  
> - history = (char **)aresize(history, n*sizeof(char *), APERM);
> + history = areallocarray(history, n, sizeof(char *), APERM);

Is this a memory leak? I'm thinking of the IDIOMS section of
realloc(3).

Re: inteldrm(4) diff that needs testing

[Bryan Vyhmeister]

I somehow missed this thread before posting to misc@. I’m using the Nov
1 snapshot with an OpenBSD-only EFI install on the internal SSD of a
2013 MacBook Air and inteldrm(4) does attach but immediately after the
display is corrupted. I can start X just fine but the corruption
remains. I can quit fvwm by carefully guessing where “Quit" is and X
also shuts down just fine too.

Bryan


OpenBSD 5.8-current (GENERIC.MP) #1557: Sun Nov  1 07:21:09 MST 2015
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
RTC BIOS diagnostic error
ff
real mem = 8509276160 (8115MB)
avail mem = 8247255040 (7865MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0x8cd14000 (42 entries)
bios0: vendor Apple Inc. version "MBA61.88Z.0099.B20.1509081314" date
09/08/2015
bios0: Apple Inc. MacBookAir6,1
acpi0 at bios0: rev 2
acpi0: sleep states S0 S3 S4 S5
acpi0: tables DSDT FACP HPET APIC SBST ECDT SSDT SSDT SSDT SSDT SSDT
SSDT SSDT SSDT MCFG DMAR
acpi0: wakeup devices P0P2(S3) EC__(S3) HDEF(S3) RP01(S3) RP02(S3)
RP03(S3) ARPT(S4) RP05(S3) RP06(S3) SPIT(S3) XHC1(S3) ADP1(S3) LID0(S3)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpihpet0 at acpi0: 14318179 Hz
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz, 1600.24 MHz
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 0, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.2.4.1.1.1, IBE
cpu1 at mainbus0: apid 2 (application processor)
cpu1: Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz, 1600.00 MHz
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 1, package 0
cpu2 at mainbus0: apid 1 (application processor)
cpu2: Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz, 1600.00 MHz
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 1, core 0, package 0
cpu3 at mainbus0: apid 3 (application processor)
cpu3: Intel(R) Core(TM) i7-4650U CPU @ 1.70GHz, 1600.00 MHz
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,FMA3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,LONG,LAHF,ABM,PERF,ITSC,FSGSBASE,BMI1,HLE,AVX2,SMEP,BMI2,ERMS,INVPCID,RTM,SENSOR,ARAT
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 1, core 1, package 0
ioapic0 at mainbus0: apid 2 pa 0xfec0, version 20, 40 pins
acpiec0 at acpi0
acpimcfg0 at acpi0 addr 0xe000, bus 0-155
acpiprt0 at acpi0: bus 0 (PCI0)
acpiprt1 at acpi0: bus -1 (P0P2)
acpiprt2 at acpi0: bus 1 (RP01)
acpiprt3 at acpi0: bus 2 (RP02)
acpiprt4 at acpi0: bus 3 (RP03)
acpiprt5 at acpi0: bus 5 (RP05)
acpiprt6 at acpi0: bus 4 (RP06)
acpicpu0 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu1 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu2 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpicpu3 at acpi0: C3(200@506 mwait.1@0x60), C2(200@148 mwait.1@0x33),
C1(1000@1 mwait.1), PSS
acpibat0 at acpi0: BAT0 model "3545797981023400290" type
3545797981528607052 oem "3545797981528673619"
acpiac0 at acpi0: AC unit online
acpibtn0 at acpi0: LID0
acpibtn1 at acpi0: PWRB
acpibtn2 at acpi0: SLPB
acpivideo0 at acpi0: IGPU
acpivout0 at acpivideo0: DD01
cpu0: Enhanced SpeedStep 1600 MHz: speeds: 2301, 2300, 2200, 2100, 2000,
1900, 1800, 1700, 1600, 1500, 1400, 1300, 1200, 1100, 1000, 900, 800,
759 MHz
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel Core 4G Host" rev 0x09
inteldrm0 at pci0 dev 2 function 0 "Intel HD Graphics 5000" rev 0x09
drm0 at inteldrm0

Re: Drop register keyword from less(1)

[Nicholas Marriott]

No, I don't think we should do this because it will make updating to
upstream less more difficult, and it is painful enough as it is.



On Sun, Nov 01, 2015 at 02:25:58PM -0500, Michael McConville wrote:
> Every one of these is in a var declaration, so a megadiff is probably
> the easiest way to do it.
> 
> ok?
> 
> 
> Index: brac.c
> ===
> RCS file: /cvs/src/usr.bin/less/brac.c,v
> retrieving revision 1.6
> diff -u -p -r1.6 brac.c
> --- brac.c25 Apr 2014 13:38:21 -  1.6
> +++ brac.c1 Nov 2015 19:19:16 -
> @@ -25,13 +25,13 @@
>   */
>   public void
>  match_brac(obrac, cbrac, forwdir, n)
> - register int obrac;
> - register int cbrac;
> + int obrac;
> + int cbrac;
>   int forwdir;
>   int n;
>  {
> - register int c;
> - register int nest;
> + int c;
> + int nest;
>   POSITION pos;
>   int (*chget)();
>  
> Index: ch.c
> ===
> RCS file: /cvs/src/usr.bin/less/ch.c,v
> retrieving revision 1.10
> diff -u -p -r1.10 ch.c
> --- ch.c  25 Apr 2014 13:38:21 -  1.10
> +++ ch.c  1 Nov 2015 19:19:16 -
> @@ -144,11 +144,11 @@ static int ch_addbuf();
>   int
>  ch_get()
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> - register int n;
> - register int slept;
> - register int h;
> + struct buf *bp;
> + struct bufnode *bn;
> + int n;
> + int slept;
> + int h;
>   POSITION pos;
>   POSITION len;
>  
> @@ -410,8 +410,8 @@ end_logfile()
>   public void
>  sync_logfile()
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> + struct buf *bp;
> + struct bufnode *bn;
>   int warned = FALSE;
>   BLOCKNUM block;
>   BLOCKNUM nblocks;
> @@ -448,9 +448,9 @@ sync_logfile()
>  buffered(block)
>   BLOCKNUM block;
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> - register int h;
> + struct buf *bp;
> + struct bufnode *bn;
> + int h;
>  
>   h = BUFHASH(block);
>   FOR_BUFS_IN_CHAIN(h, bn)
> @@ -468,7 +468,7 @@ buffered(block)
>   */
>   public int
>  ch_seek(pos)
> - register POSITION pos;
> + POSITION pos;
>  {
>   BLOCKNUM new_block;
>   POSITION len;
> @@ -537,8 +537,8 @@ ch_end_seek()
>   public int
>  ch_beg_seek()
>  {
> - register struct bufnode *bn;
> - register struct bufnode *firstbn;
> + struct bufnode *bn;
> + struct bufnode *firstbn;
>  
>   /*
>* Try a plain ch_seek first.
> @@ -595,7 +595,7 @@ ch_tell()
>   public int
>  ch_forw_get()
>  {
> - register int c;
> + int c;
>  
>   if (thisfile == NULL)
>   return (EOI);
> @@ -658,7 +658,7 @@ ch_setbufspace(bufspace)
>   public void
>  ch_flush()
>  {
> - register struct bufnode *bn;
> + struct bufnode *bn;
>  
>   if (thisfile == NULL)
>   return;
> @@ -725,8 +725,8 @@ ch_flush()
>   static int
>  ch_addbuf()
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> + struct buf *bp;
> + struct bufnode *bn;
>  
>   /*
>* Allocate and initialize a new buffer and link it 
> @@ -750,7 +750,7 @@ ch_addbuf()
>   static void
>  init_hashtbl()
>  {
> - register int h;
> + int h;
>  
>   for (h = 0;  h < BUFHASH_SIZE;  h++)
>   {
> @@ -765,7 +765,7 @@ init_hashtbl()
>   static void
>  ch_delbufs()
>  {
> - register struct bufnode *bn;
> + struct bufnode *bn;
>  
>   while (ch_bufhead != END_OF_CHAIN)
>   {
> Index: charset.c
> ===
> RCS file: /cvs/src/usr.bin/less/charset.c,v
> retrieving revision 1.10
> diff -u -p -r1.10 charset.c
> --- charset.c 25 Apr 2014 13:38:21 -  1.10
> +++ charset.c 1 Nov 2015 19:19:16 -
> @@ -134,9 +134,9 @@ public int binattr = AT_STANDOUT;
>  ichardef(s)
>   char *s;
>  {
> - register char *cp;
> - register int n;
> - register char v;
> + char *cp;
> + int n;
> + char v;
>  
>   n = 0;
>   v = 0;
> @@ -189,11 +189,11 @@ ichardef(s)
>   */
>   static int
>  icharset(name, no_error)
> - register char *name;
> + char *name;
>   int no_error;
>  {
> - register struct charset *p;
> - register struct cs_alias *a;
> + struct charset *p;
> + struct cs_alias *a;
>  
>   if (name == NULL || *name == '\0')
>   return (0);
> @@ -233,7 +233,7 @@ icharset(name, no_error)
>   static void
>  ilocale()
>  {
> - register int c;
> + int c;
>  
>   for (c = 0;  c < (int) sizeof(chardef);  c++)
>   {
> Index: cmdbuf.c
> ===
> RCS file: /cvs/src/usr.bin/less/cmdbuf.c,v
> retrieving revision 1.7
> diff -u -p -r1.7 cmdbuf.c
> --- cmdbuf.c  25 Apr 2014 13:38:21 

Re: Drop register keyword from less(1)

[Todd C. Miller]

If we are going to diverge from upstream less, a better starting
point would be https://github.com/gdamore/less-fork

See also http://garrett.damore.org/2014_09_01_archive.html

If you decide to tackle that you'll also want to diff our less
against the stock version to make sure we don't lose any local
changes, of which there were a few.

 - todd

Re: [PATCH] rcs: buf_free/rcsnum_free

[Todd C. Miller]

On Sun, 01 Nov 2015 09:07:18 -0700, Theo de Raadt wrote:

> > > I think it should be moved into Attic. It's not like we've been nice to
> > > the pcc tree-import either after it lacked attention.
> > 
> > I agree, it has been unlinked from the build for more than 5 years.
> 
> I don't agree.  I still have some hope.
> 
> Yes, it has problems.  But go look at the code in gnu/usr.bin/cvs
> 
> There were good reasons to start the effort...

I'd also like it to stick around for a bit longer.

 - todd

IPv6 DHCP-PD/SLAAC - no /64 route in routing table

[Yury Shefer]

Hi all,

I'm having trouble with enabling IPv6 routing on my 5.8 gateway.

(Internet)[DHCPv6+PD](em0-GW-axe0)[SLAAC/rtadvd]

My box is connected to Comcast, I'm getting IPv6 address assignment over
DHCPv6 (wide dhcp6c) on WAN interface(em0) together with prefix delegation
and assigning this prefix to axe0 (internal interface).

On axe0 i'm running rtadvd. My clients are getting IPv6 addresses properly
assigned and i'm able to ping link-local address of my gw. but if I check
ipv6 neighbors on my gw I see that there are no global addresses except
permanent (GW-owned addresses).

When I enabled nd6_debug in sysctl - i'm getting the following error
message - my laptop send neighbor solicitation message to lookup GW's
address:
nd6_ns_input: src=2601:647:::82e6:50ff:fe04:e758
nd6_ns_input: dst=ff02:5::1:ff46:fb5c
nd6_ns_input: tgt=2601:647:::cab3:73ff:fe46:fb5c
nd6_ns_input: NS packet from non-neighbor
nd6_ns_input: src=2601:647:::82e6:50ff:fe04:e758
nd6_ns_input: dst=ff02:5::1:ff46:fb5c


$ndp -p
2601:647::::/64 if=axe0
flags=LD vltime=infinity, pltime=infinity, expire=Never, ref=1
  No advertising router
fe80::%axe0/64 if=axe0
flags=LAO vltime=infinity, pltime=infinity, expire=Never, ref=0
  No advertising router
fe80::%em0/64 if=em0
flags=LAO vltime=infinity, pltime=infinity, expire=Never, ref=0
  No advertising router
fe80::%lo0/64 if=lo0
flags=LAO vltime=infinity, pltime=infinity, expire=Never, ref=0
  No advertising router

In tcpdump I see nbr sol messages:
11:16:00.099357 2601:647:::82e6:50ff:fe04:e758 > ff02::1:ff46:fb5c:
icmp6: neighbor sol: who has 2601:647:::cab3:73ff:fe46:fb5c
11:16:01.110618 2601:647:::82e6:50ff:fe04:e758 > ff02::1:ff46:fb5c:
icmp6: neighbor sol: who has 2601:647::893a:cab3:73ff:fe46:fb5c


ifconfig:
# ifconfig axe0
axe0: flags=208843 mtu
1500
lladdr c8:b3:73:46:fb:5c
priority: 0
media: Ethernet autoselect (100baseTX full-duplex)
status: active
inet 10.0.1.254 netmask 0xff00 broadcast 10.0.1.255
inet6 fe80::cab3:73ff:fe46:fb5c%axe0 prefixlen 64 scopeid 0x5
inet6 2601:647:::cab3:73ff:fe46:fb5c prefixlen 64


It seems a bit strange that there is no connected DHCP-PD /64 prefix route
in the routing table (as you can see above - interface have this prefix
configured by dhcp6c):

# route show -inet6 | grep 647
2601:647:: c8:b3:73:46:fb:5c  UHLl   0   10 - 1 lo0
# netstat -rn | grep 647
2601:647:::cab3:73ff:fe46:fb5c c8:b3:73:46:fb:5c  UHLl
  0   10 - 1 lo0

As a result, if i try to do traceroute6 from the GW to my laptop (1 hop) -
the packet gets routed to the default gw (ISP/WAN interface):

$ traceroute6 2601:647:::82e6:50ff:fe04:e758
traceroute6 to 2601:647:::82e6:50ff:fe04:e758
(2601:647:::82e6:50ff:fe04:e758), 64 hops max, 60 byte packets
 1  2001:558::::1 (2001:558::::1)  8.669 ms  8.08 ms  9.143
ms
^C

Any suggestions/ideas?

-- 
Thanks a lot,
Yury.

Re: ChachaPoly-04: Hook up Chacha20-Poly1305 to the OCF

[Mike Belopuhov]

On Mon, Oct 26, 2015 at 18:30 +0100, Mike Belopuhov wrote:
> OK?
> 

Update due to changes in ChachaPoly-02.

Right now those long lines fit into 80 symbol wide columns,
but I'll see if I can clean it up further and remove those
pesky casts.

OK?

---
 sys/conf/files |  2 ++
 sys/crypto/cryptodev.h |  9 ++---
 sys/crypto/xform.c | 22 ++
 sys/crypto/xform.h |  2 ++
 4 files changed, 32 insertions(+), 3 deletions(-)

diff --git sys/conf/files sys/conf/files
index 7e56c2e..9816077 100644
--- sys/conf/files
+++ sys/conf/files
@@ -858,10 +858,12 @@ file crypto/michael.c wlan
 file crypto/cmac.c wlan
 file crypto/hmac.c wlan | (softraid & crypto)
 file crypto/gmac.c ipsec | crypto
 file crypto/key_wrap.c wlan
 file crypto/idgen.cinet6 | nfsclient | nfsserver
+file crypto/chachapoly.c   ipsec | crypto
+file crypto/poly1305.c ipsec | crypto
 file crypto/siphash.c
 file netmpls/mpls_input.c  mpls
 file netmpls/mpls_output.c mpls
 file netmpls/mpls_proto.c  mpls
 file netmpls/mpls_raw.cmpls
diff --git sys/crypto/cryptodev.h sys/crypto/cryptodev.h
index f4af569..5923512 100644
--- sys/crypto/cryptodev.h
+++ sys/crypto/cryptodev.h
@@ -75,11 +75,12 @@
 #define DES_BLOCK_LEN  8
 #define DES3_BLOCK_LEN 8
 #define BLOWFISH_BLOCK_LEN 8
 #define CAST128_BLOCK_LEN  8
 #define RIJNDAEL128_BLOCK_LEN  16
-#define EALG_MAX_BLOCK_LEN 16 /* Keep this updated */
+#define CHACHA20_BLOCK_LEN 64
+#define EALG_MAX_BLOCK_LEN 64 /* Keep this updated */
 
 /* Maximum hash algorithm result length */
 #define AALG_MAX_RESULT_LEN64 /* Keep this updated */
 
 #define CRYPTO_DES_CBC 1
@@ -105,12 +106,14 @@
 #define CRYPTO_AES_GCM_16  23
 #define CRYPTO_AES_128_GMAC24
 #define CRYPTO_AES_192_GMAC25
 #define CRYPTO_AES_256_GMAC26
 #define CRYPTO_AES_GMAC27
-#define CRYPTO_ESN 28 /* Support for Extended Sequence Numbers */
-#define CRYPTO_ALGORITHM_MAX   28 /* Keep updated */
+#define CRYPTO_CHACHA20_POLY1305   28
+#define CRYPTO_CHACHA20_POLY1305_MAC   29
+#define CRYPTO_ESN 30 /* Support for Extended Sequence Numbers */
+#define CRYPTO_ALGORITHM_MAX   30 /* Keep updated */
 
 /* Algorithm flags */
 #defineCRYPTO_ALG_FLAG_SUPPORTED   0x01 /* Algorithm is supported 
*/
 #defineCRYPTO_ALG_FLAG_RNG_ENABLE  0x02 /* Has HW RNG for DH/DSA */
 #defineCRYPTO_ALG_FLAG_DSA_SHA 0x04 /* Can do SHA on msg */
diff --git sys/crypto/xform.c sys/crypto/xform.c
index aaf6f29..1a106ca 100644
--- sys/crypto/xform.c
+++ sys/crypto/xform.c
@@ -56,10 +56,11 @@
 #include 
 #include 
 #include 
 #include 
 #include 
+#include 
 
 extern void des_ecb3_encrypt(caddr_t, caddr_t, caddr_t, caddr_t, caddr_t, int);
 extern void des_ecb_encrypt(caddr_t, caddr_t, caddr_t, int);
 
 int  des_set_key(void *, caddr_t);
@@ -214,10 +215,20 @@ struct enc_xform enc_xform_aes_xts = {
aes_xts_decrypt,
aes_xts_setkey,
aes_xts_reinit
 };
 
+struct enc_xform enc_xform_chacha20_poly1305 = {
+   CRYPTO_CHACHA20_POLY1305, "CHACHA20-POLY1305",
+   1, 8, 32+4, 32+4,
+   sizeof(struct chacha20_ctx),
+   chacha20_crypt,
+   chacha20_crypt,
+   chacha20_setkey,
+   chacha20_reinit
+};
+
 struct enc_xform enc_xform_arc4 = {
CRYPTO_ARC4, "ARC4",
1, 1, 1, 32, 0,
NULL,
NULL,
@@ -311,10 +322,21 @@ struct auth_hash auth_hash_gmac_aes_256 = {
(void (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Reinit,
(int  (*)(void *, const u_int8_t *, u_int16_t)) AES_GMAC_Update,
(void (*)(u_int8_t *, void *)) AES_GMAC_Final
 };
 
+struct auth_hash auth_hash_chacha20_poly1305 = {
+   CRYPTO_CHACHA20_POLY1305_MAC, "CHACHA20-POLY1305",
+   CHACHA20_KEYSIZE+CHACHA20_SALT, POLY1305_BLOCK_LEN, POLY1305_TAGLEN,
+   sizeof(CHACHA20_POLY1305_CTX), CHACHA20_BLOCK_LEN,
+   (void (*)(void *))Chacha20_Poly1305_Init,
+   (void (*)(void *, const u_int8_t *, u_int16_t))Chacha20_Poly1305_Setkey,
+   (void (*)(void *, const u_int8_t *, u_int16_t))Chacha20_Poly1305_Reinit,
+   (int  (*)(void *, const u_int8_t *, u_int16_t))Chacha20_Poly1305_Update,
+   (void (*)(u_int8_t *, void *))Chacha20_Poly1305_Final
+};
+
 struct auth_hash auth_hash_md5 = {
CRYPTO_MD5, "MD5",
0, 16, 16, sizeof(MD5_CTX), 0,
(void (*) (void *)) MD5Init, NULL, NULL,
MD5Update_int,
diff --git sys/crypto/xform.h sys/crypto/xform.h
index 0e7678c..4591666 100644
--- sys/crypto/xform.h
+++ sys/crypto/xform.h
@@ -83,10 +83,11 @@ extern struct enc_xform enc_xform_cast5;
 extern struct enc_xform enc_xform_rijndael128;
 extern struct enc_xform enc_xform_aes_ctr;
 extern struct enc_xform enc_xform_aes_gcm;
 extern 

Re: ChachaPoly-07: test vectors

[Mike Belopuhov]

On Mon, Oct 26, 2015 at 18:34 +0100, Mike Belopuhov wrote:
> Rather scarce, but that's all we've been given so far.
> I can add more chacha-only test cases, but I don't believe
> that this is strictly necessary.
> 
> OK?
>

Update due to Chacha20_Poly1305_* function name changes.

Please note that this includes a slight adjustment to the
second (data, not AAD) Chacha20_Poly1305_Update loop:
I have removed a copy of leftover bytes into a temporary
buffer to simulate the same loop in cryptosoft driver
more closely, i.e. supply data in 64 byte (Chacha20 block
size) chunks until the last block which is provided with
a non-padded length.

OK?

---
 regress/sys/crypto/Makefile |   1 +
 regress/sys/crypto/chachapoly/Makefile  |  26 ++
 regress/sys/crypto/chachapoly/chachapoly_test.c | 438 
 3 files changed, 465 insertions(+)
 create mode 100644 regress/sys/crypto/chachapoly/Makefile
 create mode 100644 regress/sys/crypto/chachapoly/chachapoly_test.c

diff --git regress/sys/crypto/Makefile regress/sys/crypto/Makefile
index 233dac3..3991e34 100644
--- regress/sys/crypto/Makefile
+++ regress/sys/crypto/Makefile
@@ -8,10 +8,11 @@ SUBDIR+= key_wrap
 .if defined(REGRESS_FULL) || make(clean) || make(cleandir) || make(obj)
 SUBDIR+= enc
 SUBDIR+= aesctr
 SUBDIR+= aesxts
 SUBDIR+= aes
+SUBDIR+= chachapoly
 .endif
 
 install:
 
 .include 
diff --git regress/sys/crypto/chachapoly/Makefile 
regress/sys/crypto/chachapoly/Makefile
new file mode 100644
index 000..827d1d0
--- /dev/null
+++ regress/sys/crypto/chachapoly/Makefile
@@ -0,0 +1,26 @@
+#  $OpenBSD: Makefile,v 1.2 2014/01/18 05:54:52 martynas Exp $
+
+DIR=${.CURDIR}/../../../../sys
+
+PROG=  chachapoly_test
+SRCS+= poly1305.c chachapoly.c chachapoly_test.c
+CDIAGFLAGS=-Wall
+CDIAGFLAGS+=   -Werror
+CDIAGFLAGS+=   -Wpointer-arith
+CDIAGFLAGS+=   -Wno-uninitialized
+CDIAGFLAGS+=   -Wstrict-prototypes
+CDIAGFLAGS+=   -Wmissing-prototypes
+CDIAGFLAGS+=   -Wunused
+CDIAGFLAGS+=   -Wsign-compare
+#CDIAGFLAGS+=  -Wshadow
+
+REGRESS_TARGETS=   run-regress-${PROG}
+
+CFLAGS+=   -I${DIR}
+
+.PATH: ${DIR}/crypto
+
+run-regress-${PROG}: ${PROG}
+   ./${PROG}
+
+.include 
diff --git regress/sys/crypto/chachapoly/chachapoly_test.c 
regress/sys/crypto/chachapoly/chachapoly_test.c
new file mode 100644
index 000..6e074ae
--- /dev/null
+++ regress/sys/crypto/chachapoly/chachapoly_test.c
@@ -0,0 +1,438 @@
+/*  $OpenBSD: gmac_test.c,v 1.2 2011/04/04 16:46:22 deraadt Exp $  */
+
+/*
+ * Copyright (c) 2010,2015 Mike Belopuhov 
+ * Copyright (c) 2005 Markus Friedl 
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+int debug = 0;
+
+enum { TST_KEY, TST_IV, TST_AAD, TST_PLAIN, TST_CIPHER, TST_TAG, TST_NUM };
+
+struct {
+   char*data[TST_NUM];
+} tests[] = {
+   /* Chacha20, counter=1 test vectors */
+
+   /* Test vector from RFC7539 2.4.2 */
+   {
+   /* key + salt */
+   "00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f "
+   "10 11 12 13 14 15 16 17 18 19 1a 1b 1c 1d 1e 1f "
+   "00 00 00 00",
+   /* iv */
+   "00 00 00 4a 00 00 00 00",
+   /* aad */
+   NULL,
+   /* plaintext */
+   "4c 61 64 69 65 73 20 61 6e 64 20 47 65 6e 74 6c "
+   "65 6d 65 6e 20 6f 66 20 74 68 65 20 63 6c 61 73 "
+   "73 20 6f 66 20 27 39 39 3a 20 49 66 20 49 20 63 "
+   "6f 75 6c 64 20 6f 66 66 65 72 20 79 6f 75 20 6f "
+   "6e 6c 79 20 6f 6e 65 20 74 69 70 20 66 6f 72 20 "
+   "74 68 65 20 66 75 74 75 72 65 2c 20 73 75 6e 73 "
+   "63 72 65 65 6e 20 77 6f 75 6c 64 20 62 65 20 69 "
+   "74 2e",
+   /* ciphertext */
+   "6e 2e 35 9a 25 68 f9 80 41 ba 07 28 dd 0d 69 81 "
+   "e9 7e 7a ec 1d 43 60 c2 0a 27 af cc fd 9f ae 0b "
+   "f9 1b 65 c5 52 47 33 ab 8f 59 3d ab cd 62 b3 57 "
+   "16 39 d6 24 e6 51 52 ab 8f 53 0c 35 9f 08 61 d8 "
+   "07 ca 0d bf 50 0d 6a 61 56 a3 8e 08 8a 22 b6 5e "
+   "52 bc 51 4d 16 cc f8 06 

Re: Tweaks to malloc(3) manpage

[Theo de Raadt]

> 1. I don't see much reason to mention calloc() as an alternative to
> reallocarray() when it's the worse option.

calloc() still remains the portable option.  Something should probably
still be mentioned here, otherwise people fall back to unchecked
malloc -- no matter what is stated further below regarding overflow
checks.

> 2. Use size > 0 when testing overflow.

That feels wrong.  The size variables in some code contexts may
mistakenly be signed, yet assigned an unsigned value from a caller.
You are trying to fight a losing battle with undefined behaviour
handling in modern compilers, and programmers who don't have time to
use static analysis tools.  In case size is signed, it would be better
to FAIL the overflow check as happens currently, rather multiply a
negative number, end up with a result, malloc, and then screw things up.

Re: enhanced use-after-free detection for malloc v2

[Otto Moerbeek]

On Fri, Oct 30, 2015 at 11:51:17PM -0400, Daniel Micay wrote:

> On 26/10/15 04:19 PM, Daniel Micay wrote:
> > This is an improved revision of my earlier patch.
> > 
> > It now validates the junk data in the delayed_chunks array in an atexit 
> > handler
> > too, rather than just when allocations are swapped out.
> > 
> > It will now catch this simple UAF 100% of the time:
> > 
> > #include 
> > #include 
> > 
> > int main(void) {
> >   size_t i;
> >   char *p;
> >   for (i = 0; i < 32; i++) {
> > p = malloc(16);
> > if (!p) return 1;
> >   }
> > 
> >   p = malloc(16);
> >   if (!p) return 1;
> >   free(p);
> >   *p = 5;
> > 
> >   for (i = 0; i < 4; i++) {
> > p = malloc(16);
> > if (!p) return 1;
> > free(p);
> >   }
> >   return 0;
> > }
> > 
> > In general, it depends on the allocation still being in the delayed chunks
> > array when the use-after-free happens. This means a larger delayed chunks
> > array would improve the detection rate.
> 
> That revision was missing a NULL check as it got lost when refactoring
> and the test cases weren't short enough to trigger it. Properly working
> implementation:

Hi Daniel,

I did not have time to look into this up until now and I'm pretty sure
I will not have much time in the near future. But after a casual look
I consider this a very nice addition, so please do continue to persue
this. 

To all others: please test and give Daniel feedback,

-Otto


> 
> diff --git a/stdlib/malloc.c b/stdlib/malloc.c
> index 424dd77..c408594 100644
> --- a/stdlib/malloc.c
> +++ b/stdlib/malloc.c
> @@ -182,6 +182,7 @@ struct malloc_readonly {
>   int malloc_freeunmap;   /* mprotect free pages PROT_NONE? */
>   int malloc_hint;/* call madvice on free pages?  */
>   int malloc_junk;/* junk fill? */
> + int malloc_validate;/* validate junk */
>   int malloc_move;/* move allocations to end of page? */
>   int malloc_realloc; /* always realloc? */
>   int malloc_xmalloc; /* xmalloc behaviour? */
> @@ -218,6 +219,8 @@ static void malloc_exit(void);
>  #define CALLER   NULL
>  #endif
> 
> +static void validate_delayed_chunks(void);
> +
>  /* low bits of r->p determine size: 0 means >= page size and p->size
> holding
>   *  real size, otherwise r->size is a shift count, or 1 for malloc(0)
>   */
> @@ -560,6 +563,12 @@ omalloc_init(struct dir_info **dp)
>   case 'J':
>   mopts.malloc_junk = 2;
>   break;
> + case 'v':
> + mopts.malloc_validate = 0;
> + break;
> + case 'V':
> + mopts.malloc_validate = 1;
> + break;
>   case 'n':
>   case 'N':
>   break;
> @@ -608,6 +617,9 @@ omalloc_init(struct dir_info **dp)
>   }
>   }
> 
> + if (!mopts.malloc_junk)
> + mopts.malloc_validate = 0;
> +
>  #ifdef MALLOC_STATS
>   if (mopts.malloc_stats && (atexit(malloc_exit) == -1)) {
>   static const char q[] = "malloc() warning: atexit(2) failed."
> @@ -616,6 +628,12 @@ omalloc_init(struct dir_info **dp)
>   }
>  #endif /* MALLOC_STATS */
> 
> + if (mopts.malloc_validate && (atexit(validate_delayed_chunks) == -1)) {
> + static const char q[] = "malloc() warning: atexit(2) failed."
> + " Will not be able to check for use after free\n";
> + write(STDERR_FILENO, q, sizeof(q) - 1);
> + }
> +
>   while ((mopts.malloc_canary = arc4random()) == 0)
>   ;
> 
> @@ -1190,6 +1208,35 @@ malloc(size_t size)
>  /*DEF_STRONG(malloc);*/
> 
>  static void
> +validate_junk(void *p) {
> + struct region_info *r;
> + struct dir_info *pool = getpool();
> + size_t byte, sz;
> + if (p == NULL)
> + return;
> + r = find(pool, p);
> + if (r == NULL)
> + wrterror("bogus pointer in validate_junk", p);
> + REALSIZE(sz, r);
> + for (byte = 0; byte < sz; byte++) {
> + if (((char *)p)[byte] != SOME_FREEJUNK) {
> + wrterror("use after free", p);
> + return;
> + }
> + }
> +}
> +
> +static void
> +validate_delayed_chunks(void) {
> + struct dir_info *pool = getpool();
> + int i;
> + if (pool == NULL)
> + return;
> + for (i = 0; i < MALLOC_DELAYED_CHUNK_MASK + 1; i++)
> + validate_junk(pool->delayed_chunks[i]);
> +}
> +
> +static void
>  ofree(void *p)
>  {
>   struct dir_info *pool = getpool();
> @@ -1253,6 +1300,8 @@ ofree(void *p)
>   wrterror("double free", p);
>   return;
>   }
> + if (mopts.malloc_validate)
> +

Re: Drop register keyword from less(1)

[Theo de Raadt]

less is code imported on a regular basis from upstream.
Look at the commit log.

> Every one of these is in a var declaration, so a megadiff is probably
> the easiest way to do it.
> 
> ok?
> 
> 
> Index: brac.c
> ===
> RCS file: /cvs/src/usr.bin/less/brac.c,v
> retrieving revision 1.6
> diff -u -p -r1.6 brac.c
> --- brac.c25 Apr 2014 13:38:21 -  1.6
> +++ brac.c1 Nov 2015 19:19:16 -
> @@ -25,13 +25,13 @@
>   */
>   public void
>  match_brac(obrac, cbrac, forwdir, n)
> - register int obrac;
> - register int cbrac;
> + int obrac;
> + int cbrac;
>   int forwdir;
>   int n;
>  {
> - register int c;
> - register int nest;
> + int c;
> + int nest;
>   POSITION pos;
>   int (*chget)();
>  
> Index: ch.c
> ===
> RCS file: /cvs/src/usr.bin/less/ch.c,v
> retrieving revision 1.10
> diff -u -p -r1.10 ch.c
> --- ch.c  25 Apr 2014 13:38:21 -  1.10
> +++ ch.c  1 Nov 2015 19:19:16 -
> @@ -144,11 +144,11 @@ static int ch_addbuf();
>   int
>  ch_get()
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> - register int n;
> - register int slept;
> - register int h;
> + struct buf *bp;
> + struct bufnode *bn;
> + int n;
> + int slept;
> + int h;
>   POSITION pos;
>   POSITION len;
>  
> @@ -410,8 +410,8 @@ end_logfile()
>   public void
>  sync_logfile()
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> + struct buf *bp;
> + struct bufnode *bn;
>   int warned = FALSE;
>   BLOCKNUM block;
>   BLOCKNUM nblocks;
> @@ -448,9 +448,9 @@ sync_logfile()
>  buffered(block)
>   BLOCKNUM block;
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> - register int h;
> + struct buf *bp;
> + struct bufnode *bn;
> + int h;
>  
>   h = BUFHASH(block);
>   FOR_BUFS_IN_CHAIN(h, bn)
> @@ -468,7 +468,7 @@ buffered(block)
>   */
>   public int
>  ch_seek(pos)
> - register POSITION pos;
> + POSITION pos;
>  {
>   BLOCKNUM new_block;
>   POSITION len;
> @@ -537,8 +537,8 @@ ch_end_seek()
>   public int
>  ch_beg_seek()
>  {
> - register struct bufnode *bn;
> - register struct bufnode *firstbn;
> + struct bufnode *bn;
> + struct bufnode *firstbn;
>  
>   /*
>* Try a plain ch_seek first.
> @@ -595,7 +595,7 @@ ch_tell()
>   public int
>  ch_forw_get()
>  {
> - register int c;
> + int c;
>  
>   if (thisfile == NULL)
>   return (EOI);
> @@ -658,7 +658,7 @@ ch_setbufspace(bufspace)
>   public void
>  ch_flush()
>  {
> - register struct bufnode *bn;
> + struct bufnode *bn;
>  
>   if (thisfile == NULL)
>   return;
> @@ -725,8 +725,8 @@ ch_flush()
>   static int
>  ch_addbuf()
>  {
> - register struct buf *bp;
> - register struct bufnode *bn;
> + struct buf *bp;
> + struct bufnode *bn;
>  
>   /*
>* Allocate and initialize a new buffer and link it 
> @@ -750,7 +750,7 @@ ch_addbuf()
>   static void
>  init_hashtbl()
>  {
> - register int h;
> + int h;
>  
>   for (h = 0;  h < BUFHASH_SIZE;  h++)
>   {
> @@ -765,7 +765,7 @@ init_hashtbl()
>   static void
>  ch_delbufs()
>  {
> - register struct bufnode *bn;
> + struct bufnode *bn;
>  
>   while (ch_bufhead != END_OF_CHAIN)
>   {
> Index: charset.c
> ===
> RCS file: /cvs/src/usr.bin/less/charset.c,v
> retrieving revision 1.10
> diff -u -p -r1.10 charset.c
> --- charset.c 25 Apr 2014 13:38:21 -  1.10
> +++ charset.c 1 Nov 2015 19:19:16 -
> @@ -134,9 +134,9 @@ public int binattr = AT_STANDOUT;
>  ichardef(s)
>   char *s;
>  {
> - register char *cp;
> - register int n;
> - register char v;
> + char *cp;
> + int n;
> + char v;
>  
>   n = 0;
>   v = 0;
> @@ -189,11 +189,11 @@ ichardef(s)
>   */
>   static int
>  icharset(name, no_error)
> - register char *name;
> + char *name;
>   int no_error;
>  {
> - register struct charset *p;
> - register struct cs_alias *a;
> + struct charset *p;
> + struct cs_alias *a;
>  
>   if (name == NULL || *name == '\0')
>   return (0);
> @@ -233,7 +233,7 @@ icharset(name, no_error)
>   static void
>  ilocale()
>  {
> - register int c;
> + int c;
>  
>   for (c = 0;  c < (int) sizeof(chardef);  c++)
>   {
> Index: cmdbuf.c
> ===
> RCS file: /cvs/src/usr.bin/less/cmdbuf.c,v
> retrieving revision 1.7
> diff -u -p -r1.7 cmdbuf.c
> --- cmdbuf.c  25 Apr 2014 13:38:21 -  1.7
> +++ cmdbuf.c  1 Nov 2015 19:19:16 -
> @@ -525,7 +525,7 @@ cmd_ichar(cs, clen)
>   static int
>  

Re: enhanced use-after-free detection for malloc v2

[Daniel Micay]

(without mangling it this time...)

diff --git a/stdlib/malloc.c b/stdlib/malloc.c
index 424dd77..c408594 100644
--- a/stdlib/malloc.c
+++ b/stdlib/malloc.c
@@ -182,6 +182,7 @@ struct malloc_readonly {
int malloc_freeunmap;   /* mprotect free pages PROT_NONE? */
int malloc_hint;/* call madvice on free pages?  */
int malloc_junk;/* junk fill? */
+   int malloc_validate;/* validate junk */
int malloc_move;/* move allocations to end of page? */
int malloc_realloc; /* always realloc? */
int malloc_xmalloc; /* xmalloc behaviour? */
@@ -218,6 +219,8 @@ static void malloc_exit(void);
 #define CALLER NULL
 #endif
 
+static void validate_delayed_chunks(void);
+
 /* low bits of r->p determine size: 0 means >= page size and p->size holding
  *  real size, otherwise r->size is a shift count, or 1 for malloc(0)
  */
@@ -560,6 +563,12 @@ omalloc_init(struct dir_info **dp)
case 'J':
mopts.malloc_junk = 2;
break;
+   case 'v':
+   mopts.malloc_validate = 0;
+   break;
+   case 'V':
+   mopts.malloc_validate = 1;
+   break;
case 'n':
case 'N':
break;
@@ -608,6 +617,9 @@ omalloc_init(struct dir_info **dp)
}
}
 
+   if (!mopts.malloc_junk)
+   mopts.malloc_validate = 0;
+
 #ifdef MALLOC_STATS
if (mopts.malloc_stats && (atexit(malloc_exit) == -1)) {
static const char q[] = "malloc() warning: atexit(2) failed."
@@ -616,6 +628,12 @@ omalloc_init(struct dir_info **dp)
}
 #endif /* MALLOC_STATS */
 
+   if (mopts.malloc_validate && (atexit(validate_delayed_chunks) == -1)) {
+   static const char q[] = "malloc() warning: atexit(2) failed."
+   " Will not be able to check for use after free\n";
+   write(STDERR_FILENO, q, sizeof(q) - 1);
+   }
+
while ((mopts.malloc_canary = arc4random()) == 0)
;
 
@@ -1190,6 +1208,35 @@ malloc(size_t size)
 /*DEF_STRONG(malloc);*/
 
 static void
+validate_junk(void *p) {
+   struct region_info *r;
+   struct dir_info *pool = getpool();
+   size_t byte, sz;
+   if (p == NULL)
+   return;
+   r = find(pool, p);
+   if (r == NULL)
+   wrterror("bogus pointer in validate_junk", p);
+   REALSIZE(sz, r);
+   for (byte = 0; byte < sz; byte++) {
+   if (((char *)p)[byte] != SOME_FREEJUNK) {
+   wrterror("use after free", p);
+   return;
+   }
+   }
+}
+
+static void
+validate_delayed_chunks(void) {
+   struct dir_info *pool = getpool();
+   int i;
+   if (pool == NULL)
+   return;
+   for (i = 0; i < MALLOC_DELAYED_CHUNK_MASK + 1; i++)
+   validate_junk(pool->delayed_chunks[i]);
+}
+
+static void
 ofree(void *p)
 {
struct dir_info *pool = getpool();
@@ -1253,6 +1300,8 @@ ofree(void *p)
wrterror("double free", p);
return;
}
+   if (mopts.malloc_validate)
+   validate_junk(p);
pool->delayed_chunks[i] = tmp;
}
if (p != NULL) {

nd6 pool

[Alexander Bluhm]

Hi,

To make the nd6 code more like arp, I would like to replace the
llinfo malloc(9) with pool_get(9).

ok?

bluhm

Index: netinet/if_ether.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/if_ether.c,v
retrieving revision 1.179
diff -u -p -r1.179 if_ether.c
--- netinet/if_ether.c  27 Oct 2015 15:22:58 -  1.179
+++ netinet/if_ether.c  1 Nov 2015 19:47:45 -
@@ -215,7 +215,7 @@ arp_rtrequest(struct ifnet *ifp, int req
la = pool_get(_pool, PR_NOWAIT | PR_ZERO);
rt->rt_llinfo = (caddr_t)la;
if (la == NULL) {
-   log(LOG_DEBUG, "%s: malloc failed\n", __func__);
+   log(LOG_DEBUG, "%s: pool get failed\n", __func__);
break;
}
arp_inuse++;
Index: netinet6/nd6.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/nd6.c,v
retrieving revision 1.168
diff -u -p -r1.168 nd6.c
--- netinet6/nd6.c  1 Nov 2015 17:02:44 -   1.168
+++ netinet6/nd6.c  1 Nov 2015 19:47:45 -
@@ -39,6 +39,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -82,6 +83,7 @@ int nd6_debug = 1;
 int nd6_debug = 0;
 #endif
 
+struct pool nd6_pool;  /* pool for llinfo_nd6 structures */
 static int nd6_inuse, nd6_allocated;
 
 struct llinfo_nd6 llinfo_nd6 = {_nd6, _nd6};
@@ -123,6 +125,8 @@ nd6_init(void)
return;
}
 
+   pool_init(_pool, sizeof(struct llinfo_nd6), 0, 0, 0, "nd6", NULL);
+
/* initialization of the default router list */
TAILQ_INIT(_defrouter);
 
@@ -996,10 +1000,10 @@ nd6_rtrequest(struct ifnet *ifp, int req
 * Case 2: This route may come from cloning, or a manual route
 * add with a LL address.
 */
-   ln = malloc(sizeof(*ln), M_RTABLE, M_NOWAIT | M_ZERO);
+   ln = pool_get(_pool, PR_NOWAIT | PR_ZERO);
rt->rt_llinfo = (caddr_t)ln;
if (ln == NULL) {
-   log(LOG_DEBUG, "%s: malloc failed\n", __func__);
+   log(LOG_DEBUG, "%s: pool get failed\n", __func__);
break;
}
nd6_inuse++;
@@ -1126,7 +1130,7 @@ nd6_rtrequest(struct ifnet *ifp, int req
rt->rt_llinfo = NULL;
rt->rt_flags &= ~RTF_LLINFO;
m_freem(ln->ln_hold);
-   free(ln, M_RTABLE, 0);
+   pool_put(_pool, ln);
}
 }
 

Re: ChachaPoly-03: Chacha20-Poly1305 AEAD construction as per RFC7634

[Mike Belopuhov]

On Tue, Oct 27, 2015 at 14:16 +0100, Mike Belopuhov wrote:
> On Mon, Oct 26, 2015 at 18:29 +0100, Mike Belopuhov wrote:
> > OK?
> > 
> 
> Update due to poly1305.{c,h} changes.
> 

3rd update.

I've been asked to use numbers (20 for Chacha and 1305 for Poly)
in function/object names more consistently or rather always.

This also includes a minor change in the Update method: due to the
fact that we use a stock poly1305.c implementation that supports
arbitrary input lengths we can use the same trick reyk@ does in his
Libressl code and avoid additional code performing a data copy into
a temporary buffer.

Note that this will *not* avoid data copy: when poly1305_update is
called on an incomplete buffer it will store up to 15 last bytes of
input in the buffer within its context and will perform an actual
computation when remaining bytes (data or zeroes) are provided or
poly1305_finish is called whichever occurs first.  Therefore this
change just simplifies the Chacha20_Poly1305_Update method slightly.

I have verified that this passes test vectors (an update is needed
due to the change of function names) and works against old code as
well as against itself in IPsec.

Please note that the next diff ChachaPoly-04 will require an update
as well due to the function name changes.

OK?

---
 sys/crypto/chachapoly.c | 107 
 sys/crypto/chachapoly.h |  66 +
 2 files changed, 173 insertions(+)
 create mode 100644 sys/crypto/chachapoly.c
 create mode 100644 sys/crypto/chachapoly.h

diff --git sys/crypto/chachapoly.c sys/crypto/chachapoly.c
new file mode 100644
index 000..647a8dd
--- /dev/null
+++ sys/crypto/chachapoly.c
@@ -0,0 +1,107 @@
+/*
+ * Copyright (c) 2015 Mike Belopuhov
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+int
+chacha20_setkey(void *sched, u_int8_t *key, int len)
+{
+   struct chacha20_ctx *ctx = (struct chacha20_ctx *)sched;
+
+   if (len != CHACHA20_KEYSIZE + CHACHA20_SALT)
+   return (-1);
+
+   /* initial counter is 1 */
+   ctx->nonce[0] = 1;
+   memcpy(ctx->nonce + CHACHA20_CTR, key + CHACHA20_KEYSIZE,
+   CHACHA20_SALT);
+   chacha_keysetup((chacha_ctx *)>block, key, CHACHA20_KEYSIZE * 8);
+   return (0);
+}
+
+void
+chacha20_reinit(caddr_t key, u_int8_t *iv)
+{
+   struct chacha20_ctx *ctx = (struct chacha20_ctx *)key;
+
+   chacha_ivsetup((chacha_ctx *)ctx->block, iv, ctx->nonce);
+}
+
+void
+chacha20_crypt(caddr_t key, u_int8_t *data)
+{
+   struct chacha20_ctx *ctx = (struct chacha20_ctx *)key;
+
+   chacha_encrypt_bytes((chacha_ctx *)ctx->block, data, data,
+   CHACHA20_BLOCK_LEN);
+}
+
+void
+Chacha20_Poly1305_Init(CHACHA20_POLY1305_CTX *ctx)
+{
+   memset(ctx, 0, sizeof(*ctx));
+}
+
+void
+Chacha20_Poly1305_Setkey(CHACHA20_POLY1305_CTX *ctx, const uint8_t *key,
+uint16_t klen)
+{
+   /* salt is part of the nonce */
+   memcpy(ctx->nonce + CHACHA20_CTR, key + CHACHA20_KEYSIZE,
+   CHACHA20_SALT);
+   chacha_keysetup((chacha_ctx *)>chacha, key, CHACHA20_KEYSIZE * 8);
+}
+
+void
+Chacha20_Poly1305_Reinit(CHACHA20_POLY1305_CTX *ctx, const uint8_t *iv,
+uint16_t ivlen)
+{
+   /* initial counter is 0 */
+   chacha_ivsetup((chacha_ctx *)>chacha, iv, ctx->nonce);
+   chacha_encrypt_bytes((chacha_ctx *)>chacha, ctx->key, ctx->key,
+   POLY1305_KEYLEN);
+   poly1305_init((poly1305_state *)>poly, ctx->key);
+}
+
+int
+Chacha20_Poly1305_Update(CHACHA20_POLY1305_CTX *ctx, const uint8_t *data,
+uint16_t len)
+{
+   static const char zeroes[POLY1305_BLOCK_LEN];
+   size_t rem;
+
+   poly1305_update((poly1305_state *)>poly, data, len);
+
+   /* Number of bytes in the last 16 byte block */
+   rem = (len + POLY1305_BLOCK_LEN) & (POLY1305_BLOCK_LEN - 1);
+   if (rem > 0)
+   poly1305_update((poly1305_state *)>poly, zeroes,
+   POLY1305_BLOCK_LEN - rem);
+   return (0);
+}
+
+void
+Chacha20_Poly1305_Final(uint8_t tag[POLY1305_TAGLEN],
+CHACHA20_POLY1305_CTX *ctx)
+{
+   poly1305_finish((poly1305_state *)>poly, tag);
+   explicit_bzero(ctx, sizeof(*ctx));
+}
diff --git 

Drop register keyword from less(1)

[Michael McConville]

Every one of these is in a var declaration, so a megadiff is probably
the easiest way to do it.

ok?


Index: brac.c
===
RCS file: /cvs/src/usr.bin/less/brac.c,v
retrieving revision 1.6
diff -u -p -r1.6 brac.c
--- brac.c  25 Apr 2014 13:38:21 -  1.6
+++ brac.c  1 Nov 2015 19:19:16 -
@@ -25,13 +25,13 @@
  */
public void
 match_brac(obrac, cbrac, forwdir, n)
-   register int obrac;
-   register int cbrac;
+   int obrac;
+   int cbrac;
int forwdir;
int n;
 {
-   register int c;
-   register int nest;
+   int c;
+   int nest;
POSITION pos;
int (*chget)();
 
Index: ch.c
===
RCS file: /cvs/src/usr.bin/less/ch.c,v
retrieving revision 1.10
diff -u -p -r1.10 ch.c
--- ch.c25 Apr 2014 13:38:21 -  1.10
+++ ch.c1 Nov 2015 19:19:16 -
@@ -144,11 +144,11 @@ static int ch_addbuf();
int
 ch_get()
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
-   register int n;
-   register int slept;
-   register int h;
+   struct buf *bp;
+   struct bufnode *bn;
+   int n;
+   int slept;
+   int h;
POSITION pos;
POSITION len;
 
@@ -410,8 +410,8 @@ end_logfile()
public void
 sync_logfile()
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
+   struct buf *bp;
+   struct bufnode *bn;
int warned = FALSE;
BLOCKNUM block;
BLOCKNUM nblocks;
@@ -448,9 +448,9 @@ sync_logfile()
 buffered(block)
BLOCKNUM block;
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
-   register int h;
+   struct buf *bp;
+   struct bufnode *bn;
+   int h;
 
h = BUFHASH(block);
FOR_BUFS_IN_CHAIN(h, bn)
@@ -468,7 +468,7 @@ buffered(block)
  */
public int
 ch_seek(pos)
-   register POSITION pos;
+   POSITION pos;
 {
BLOCKNUM new_block;
POSITION len;
@@ -537,8 +537,8 @@ ch_end_seek()
public int
 ch_beg_seek()
 {
-   register struct bufnode *bn;
-   register struct bufnode *firstbn;
+   struct bufnode *bn;
+   struct bufnode *firstbn;
 
/*
 * Try a plain ch_seek first.
@@ -595,7 +595,7 @@ ch_tell()
public int
 ch_forw_get()
 {
-   register int c;
+   int c;
 
if (thisfile == NULL)
return (EOI);
@@ -658,7 +658,7 @@ ch_setbufspace(bufspace)
public void
 ch_flush()
 {
-   register struct bufnode *bn;
+   struct bufnode *bn;
 
if (thisfile == NULL)
return;
@@ -725,8 +725,8 @@ ch_flush()
static int
 ch_addbuf()
 {
-   register struct buf *bp;
-   register struct bufnode *bn;
+   struct buf *bp;
+   struct bufnode *bn;
 
/*
 * Allocate and initialize a new buffer and link it 
@@ -750,7 +750,7 @@ ch_addbuf()
static void
 init_hashtbl()
 {
-   register int h;
+   int h;
 
for (h = 0;  h < BUFHASH_SIZE;  h++)
{
@@ -765,7 +765,7 @@ init_hashtbl()
static void
 ch_delbufs()
 {
-   register struct bufnode *bn;
+   struct bufnode *bn;
 
while (ch_bufhead != END_OF_CHAIN)
{
Index: charset.c
===
RCS file: /cvs/src/usr.bin/less/charset.c,v
retrieving revision 1.10
diff -u -p -r1.10 charset.c
--- charset.c   25 Apr 2014 13:38:21 -  1.10
+++ charset.c   1 Nov 2015 19:19:16 -
@@ -134,9 +134,9 @@ public int binattr = AT_STANDOUT;
 ichardef(s)
char *s;
 {
-   register char *cp;
-   register int n;
-   register char v;
+   char *cp;
+   int n;
+   char v;
 
n = 0;
v = 0;
@@ -189,11 +189,11 @@ ichardef(s)
  */
static int
 icharset(name, no_error)
-   register char *name;
+   char *name;
int no_error;
 {
-   register struct charset *p;
-   register struct cs_alias *a;
+   struct charset *p;
+   struct cs_alias *a;
 
if (name == NULL || *name == '\0')
return (0);
@@ -233,7 +233,7 @@ icharset(name, no_error)
static void
 ilocale()
 {
-   register int c;
+   int c;
 
for (c = 0;  c < (int) sizeof(chardef);  c++)
{
Index: cmdbuf.c
===
RCS file: /cvs/src/usr.bin/less/cmdbuf.c,v
retrieving revision 1.7
diff -u -p -r1.7 cmdbuf.c
--- cmdbuf.c25 Apr 2014 13:38:21 -  1.7
+++ cmdbuf.c1 Nov 2015 19:19:16 -
@@ -525,7 +525,7 @@ cmd_ichar(cs, clen)
static int
 cmd_erase()
 {
-   register char *s;
+   char *s;
int clen;
 
if (cp == cmdbuf)
Index: command.c
===
RCS file: /cvs/src/usr.bin/less/command.c,v
retrieving revision 

Re: inteldrm(4) diff that needs testing

[Jan Stary]

On Oct 26 13:31:14, h...@stare.cz wrote:
> On Oct 24 23:48:01, mark.kette...@xs4all.nl wrote:
> > The diff below makes inteldrm(4) attach directly to pci(4) instead of
> > vga(1).  Because inteldrm(4) depends on intagp(4), this also make
> > intagp(4) a child of inteldrm(4).  Ultimately I'd like to integrate
> > intagp(4) into inteldrm(4), but that's going to be a bit more work.
> > 
> > This diff is needed to make inteldrm(4) work when OpenBSD gets booted
> > by UEFI firmware.  It will also make inteldrm(4) work on machines with
> > discrete graphics.
> > 
> > This diff needs to be tested on a wide range of hardware.  So if you
> > have a machine with inteldrm(4), please give it a shot.  I'm
> > particularly interested in testing on an x40.
> 
> This is an old MacBook2,1 running current/amd64.
> Both dmesg below, this is the hightlight of the dmesg diff:
> 
> -vga1 at pci0 dev 2 function 0 "Intel 82945GM Video" rev 0x03
> -intagp0 at vga1
> +inteldrm0 at pci0 dev 2 function 0 "Intel 82945GM Video" rev 0x03
> +intagp0 at inteldrm0
>  agp0 at intagp0: aperture at 0xc000, size 0x1000
> -inteldrm0 at vga1
>  drm0 at inteldrm0
>  inteldrm0: apic 1 int 16
>  inteldrm0: 1280x800
> -wsdisplay0 at vga1 mux 1: console (std, vt100 emulation)
> +wsdisplay0 at inteldrm0 mux 1: console (std, vt100 emulation)
>  wsdisplay0: screen 1-5 added (std, vt100 emulation)
>  "Intel 82945GM Video" rev 0x03 at pci0 dev 2 function 1 not configured
>  vendor "Intel", unknown product 0x27a3 (class DASP subclass Time and 
> Frequency, rev 0x03) at pci0 dev 7 function 0 not configured
> 
> With the patch applied, X seems to run just fine,
> including video-heavy things like firefox or mplayer .
> 
> It suspends but does not resume correctly; the resume does happen
> (see below for /var/log/messages), but the screen is mostly black
> with seemingly random color patches.
> 
> Unfortunately, I do not have any other access to the machine right now
> (will try again on one of my networks where I can connect remotely).

I can confirm the machine does wake up and can be accessed remotely;
but the screen remains garbled. This is with the latest current/amd64
snapshot and a kernel compiled with the patch.
(Is the patch already in?)

Please let me know if I can help test it further.

Jan

> 
> 
> Before:
> 
> OpenBSD 5.8-current (GENERIC.MP) #1537: Tue Oct 20 09:44:09 MDT 2015
> dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
> real mem = 3171901440 (3024MB)
> avail mem = 3071705088 (2929MB)
> mpath0 at root
> scsibus0 at mpath0: 256 targets
> mainbus0 at root
> bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe (37 entries)
> bios0: vendor Apple Inc. version "MB21.88Z.00A5.B07.0706270922" date 06/27/07
> bios0: Apple Inc. MacBook2,1
> acpi0 at bios0: rev 2
> acpi0: sleep states S0 S3 S4 S5
> acpi0: tables DSDT FACP HPET APIC MCFG ASF! SBST ECDT SSDT SSDT SSDT
> acpi0: wakeup devices ADP1(S3) LID0(S3) PXS1(S4) PXS2(S4) USB1(S3) USB2(S3) 
> USB3(S3) USB4(S3) USB7(S3) EC__(S3)
> acpitimer0 at acpi0: 3579545 Hz, 24 bits
> acpihpet0 at acpi0: 14318179 Hz
> acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
> cpu0 at mainbus0: apid 0 (boot processor)
> cpu0: Intel(R) Core(TM)2 CPU T7400 @ 2.16GHz, 2161.61 MHz
> cpu0: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR
> cpu0: 4MB 64b/line 16-way L2 cache
> cpu0: smt 0, core 0, package 0
> mtrr: Pentium Pro MTRR support, 8 var ranges, 88 fixed ranges
> cpu0: apic clock running at 166MHz
> cpu0: mwait min=64, max=64, C-substates=0.2.2.2.2, IBE
> cpu1 at mainbus0: apid 1 (application processor)
> cpu1: Intel(R) Core(TM)2 CPU T7400 @ 2.16GHz, 2161.26 MHz
> cpu1: 
> FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,NXE,LONG,LAHF,PERF,SENSOR
> cpu1: 4MB 64b/line 16-way L2 cache
> cpu1: smt 0, core 1, package 0
> ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins
> ioapic0: misconfigured as apic 0, remapped to apid 1
> acpimcfg0 at acpi0 addr 0xf000, bus 0-255
> acpiec0 at acpi0
> acpiprt0 at acpi0: bus 0 (PCI0)
> acpiprt1 at acpi0: bus 1 (RP01)
> acpiprt2 at acpi0: bus 2 (RP02)
> acpiprt3 at acpi0: bus 3 (PCIB)
> acpicpu0 at acpi0: !C3(100@55 mwait@0x31), !C2(500@1 mwait@0x10), C1(1000@1 
> mwait), PSS
> acpicpu1 at acpi0: !C3(100@55 mwait@0x31), !C2(500@1 mwait@0x10), C1(1000@1 
> mwait), PSS
> acpiac0 at acpi0: AC unit online
> acpibtn0 at acpi0: LID0
> acpibtn1 at acpi0: PWRB
> acpibtn2 at acpi0: SLPB
> acpibat0 at acpi0: BAT0 model "15253732082930497" type 15253732284385612 oem 
> "15253732284387396"
> acpivideo0 at acpi0: GFX0
> cpu0: Enhanced SpeedStep 2161 MHz: speeds: 2167, 2000, 1833, 1667, 1500, 
> 1333, 1000 MHz
> memory map conflict 0xbef0/0x10
> memory map 

Merge bugfix from NetBSD's mountd(8)

[Michael McConville]

The two most recent diffs here:


http://cvsweb.netbsd.org/bsdweb.cgi/src/usr.sbin/mountd/mountd.c?only_with_tag=MAIN

Here's the referenced PR:

https://gnats.netbsd.org/cgi-bin/query-pr-single.pl?number=48282

Essentially, we daemonize after rather than before registering the
service.

Diff below. Is anyone running an NFS server on -current willing to test?


Index: mountd.c
===
RCS file: /cvs/src/sbin/mountd/mountd.c,v
retrieving revision 1.81
diff -u -p -r1.81 mountd.c
--- mountd.c20 Aug 2015 22:16:35 -  1.81
+++ mountd.c2 Nov 2015 06:12:12 -
@@ -242,6 +242,24 @@ main(int argc, char *argv[])
get_mountlist();
if (debug)
fprintf(stderr, "Here we go.\n");
+
+   signal(SIGHUP, (void (*)(int)) new_exportlist);
+   signal(SIGTERM, (void (*)(int)) send_umntall);
+   signal(SIGSYS, SIG_IGN);
+   if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL ||
+   (tcptransp = svctcp_create(RPC_ANYSOCK, 0, 0)) == NULL) {
+   syslog(LOG_ERR, "Can't create socket");
+   exit(1);
+   }
+   pmap_unset(RPCPROG_MNT, RPCMNT_VER1);
+   pmap_unset(RPCPROG_MNT, RPCMNT_VER3);
+   if (!svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
IPPROTO_UDP) ||
+   !svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
IPPROTO_UDP) ||
+   !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
IPPROTO_TCP) ||
+   !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
IPPROTO_TCP)) {
+   syslog(LOG_ERR, "Can't register mount");
+   exit(1);
+   }
if (debug == 0) {
daemon(0, 0);
signal(SIGINT, SIG_IGN);
@@ -263,24 +281,6 @@ main(int argc, char *argv[])
if (pidfile) {
fprintf(pidfile, "%ld\n", (long)getpid());
fclose(pidfile);
-   }
-
-   signal(SIGHUP, (void (*)(int)) new_exportlist);
-   signal(SIGTERM, (void (*)(int)) send_umntall);
-   signal(SIGSYS, SIG_IGN);
-   if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL ||
-   (tcptransp = svctcp_create(RPC_ANYSOCK, 0, 0)) == NULL) {
-   syslog(LOG_ERR, "Can't create socket");
-   exit(1);
-   }
-   pmap_unset(RPCPROG_MNT, RPCMNT_VER1);
-   pmap_unset(RPCPROG_MNT, RPCMNT_VER3);
-   if (!svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
IPPROTO_UDP) ||
-   !svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
IPPROTO_UDP) ||
-   !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
IPPROTO_TCP) ||
-   !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
IPPROTO_TCP)) {
-   syslog(LOG_ERR, "Can't register mount");
-   exit(1);
}
mountd_svc_run();
syslog(LOG_ERR, "Mountd died");

Re: Merge bugfix from NetBSD's mountd(8)

[Michael McConville]

Michael McConville wrote:
> Diff below. Is anyone running an NFS server on -current willing to
> test?

Disregard, this needs more initial testing (by me) first. It's hanging
when registering the service.

> Index: mountd.c
> ===
> RCS file: /cvs/src/sbin/mountd/mountd.c,v
> retrieving revision 1.81
> diff -u -p -r1.81 mountd.c
> --- mountd.c  20 Aug 2015 22:16:35 -  1.81
> +++ mountd.c  2 Nov 2015 06:12:12 -
> @@ -242,6 +242,24 @@ main(int argc, char *argv[])
>   get_mountlist();
>   if (debug)
>   fprintf(stderr, "Here we go.\n");
> +
> + signal(SIGHUP, (void (*)(int)) new_exportlist);
> + signal(SIGTERM, (void (*)(int)) send_umntall);
> + signal(SIGSYS, SIG_IGN);
> + if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL ||
> + (tcptransp = svctcp_create(RPC_ANYSOCK, 0, 0)) == NULL) {
> + syslog(LOG_ERR, "Can't create socket");
> + exit(1);
> + }
> + pmap_unset(RPCPROG_MNT, RPCMNT_VER1);
> + pmap_unset(RPCPROG_MNT, RPCMNT_VER3);
> + if (!svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
> IPPROTO_UDP) ||
> + !svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
> IPPROTO_UDP) ||
> + !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
> IPPROTO_TCP) ||
> + !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
> IPPROTO_TCP)) {
> + syslog(LOG_ERR, "Can't register mount");
> + exit(1);
> + }
>   if (debug == 0) {
>   daemon(0, 0);
>   signal(SIGINT, SIG_IGN);
> @@ -263,24 +281,6 @@ main(int argc, char *argv[])
>   if (pidfile) {
>   fprintf(pidfile, "%ld\n", (long)getpid());
>   fclose(pidfile);
> - }
> -
> - signal(SIGHUP, (void (*)(int)) new_exportlist);
> - signal(SIGTERM, (void (*)(int)) send_umntall);
> - signal(SIGSYS, SIG_IGN);
> - if ((udptransp = svcudp_create(RPC_ANYSOCK)) == NULL ||
> - (tcptransp = svctcp_create(RPC_ANYSOCK, 0, 0)) == NULL) {
> - syslog(LOG_ERR, "Can't create socket");
> - exit(1);
> - }
> - pmap_unset(RPCPROG_MNT, RPCMNT_VER1);
> - pmap_unset(RPCPROG_MNT, RPCMNT_VER3);
> - if (!svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
> IPPROTO_UDP) ||
> - !svc_register(udptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
> IPPROTO_UDP) ||
> - !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER1, mntsrv, 
> IPPROTO_TCP) ||
> - !svc_register(tcptransp, RPCPROG_MNT, RPCMNT_VER3, mntsrv, 
> IPPROTO_TCP)) {
> - syslog(LOG_ERR, "Can't register mount");
> - exit(1);
>   }
>   mountd_svc_run();
>   syslog(LOG_ERR, "Mountd died");
> 

ftp(1): pledge smaller subset in SMALL version

[Frederic Nowak]

Hi there,

at the moment ftp pledges "proc exec" in its SMALL version, but not
otherwise. This seems wrong, because the SMALL version does not support
interactive mode (which needs "proc exec" for e.g. the page command),
while the !SMALL version does.
The patch below switches the two pledges, so that the SMALL version
pledges a smaller subset.

Cheers,
Frederic


Index: usr.bin/ftp/main.c
===
RCS file: /cvs/src/usr.bin/ftp/main.c,v
retrieving revision 1.104
diff -u -p -r1.104 main.c
--- usr.bin/ftp/main.c  18 Oct 2015 03:39:37 -  1.104
+++ usr.bin/ftp/main.c  2 Nov 2015 05:29:39 -
@@ -444,21 +444,21 @@ main(volatile int argc, char *argv[])
if (isurl(argv[0])) {
if (pipeout) {
 #ifndef SMALL
-   if (pledge("stdio rpath dns tty inet fattr",
+   if (pledge("stdio rpath dns tty inet proc exec 
fattr",
NULL) == -1)
err(1, "pledge");
 #else
-   if (pledge("stdio rpath dns tty inet proc exec 
fattr",
+   if (pledge("stdio rpath dns tty inet fattr",
NULL) == -1)
err(1, "pledge");
 #endif
} else {
 #ifndef SMALL
-   if (pledge("stdio rpath wpath cpath dns tty 
inet fattr",
+   if (pledge("stdio rpath wpath cpath dns tty 
inet proc exec fattr",
NULL) == -1)
err(1, "pledge");
 #else
-   if (pledge("stdio rpath wpath cpath dns tty 
inet proc exec fattr",
+   if (pledge("stdio rpath wpath cpath dns tty 
inet fattr",
NULL) == -1)
err(1, "pledge");
 #endif