refactor bpf_filter

[David Gwynne]

bpf_filter is hard to read.

the difficulty is that it looks like you give it packets in vanilla
memory buffers (ie, a pointer and a length) to read out of, but
packets in the kernel are in mbufs. so if you pass a buffer with a
zero length, the bpf filter code when built in the kernel magically
figures out to do mbuf operations instead.

i was going to change it to get rid of the buffer mode of operation
and explicitely use operations on mbufs all the time, but it turns
out bpf_filter is built as part of libpcap, and libpcap only knows
about vanilla buffers.

so i ended up with this.

this moves the guts of bpf_filter into a new _bpf_filter function
that takes an opaque void pointer to a "thing that has packet data
in it", and a set of function pointers that can do reads against
that opaque thing.

bpf_filter.c includes an implementation of these reads for buffers,
which provides the bpf_filter api that libpcap expects.

bpf.c provides an implementation of these reads for mbufs, and a
bpf_mfilter function that you can call to use it.

thoughts?

tests would be appreciated.

Index: sys/net/bpf.c
===
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.136
diff -u -p -r1.136 bpf.c
--- sys/net/bpf.c   29 Mar 2016 10:38:27 -  1.136
+++ sys/net/bpf.c   30 Mar 2016 05:13:44 -
@@ -1160,7 +1152,7 @@ bpf_tap(caddr_t arg, u_char *pkt, u_int 
bf = srp_enter(>bd_rfilter);
if (bf != NULL)
fcode = bf->bf_insns;
-   slen = bpf_filter(fcode, pkt, pktlen, 0);
+   slen = bpf_filter(fcode, pkt, pktlen, pktlen);
srp_leave(>bd_rfilter, bf);
}
 
@@ -1254,7 +1244,7 @@ _bpf_mtap(caddr_t arg, struct mbuf *m, u
bf = srp_enter(>bd_rfilter);
if (bf != NULL)
fcode = bf->bf_insns;
-   slen = bpf_filter(fcode, (u_char *)m, pktlen, 0);
+   slen = bpf_mfilter(fcode, m, pktlen);
srp_leave(>bd_rfilter, bf);
}
 
@@ -1748,4 +1738,104 @@ bpf_insn_dtor(void *null, void *f)
 
free(insns, M_DEVBUF, bf->bf_len * sizeof(*insns));
free(bf, M_DEVBUF, sizeof(*bf));
+}
+
+u_int32_t  bpf_mbuf_ldw(const void *, u_int32_t, int *);
+u_int32_t  bpf_mbuf_ldh(const void *, u_int32_t, int *);
+u_int32_t  bpf_mbuf_ldb(const void *, u_int32_t, int *);
+
+intbpf_mbuf_copy(const struct mbuf *, u_int32_t,
+   void *, u_int32_t);
+
+const struct bpf_ops bpf_mbuf_ops = {
+   bpf_mbuf_ldw,
+   bpf_mbuf_ldh,
+   bpf_mbuf_ldb,
+};
+
+int
+bpf_mbuf_copy(const struct mbuf *m, u_int32_t off, void *buf, u_int32_t len)
+{
+   u_int8_t *cp = buf;
+   u_int32_t count;
+
+   while (off >= m->m_len) {
+   off -= m->m_len;
+
+   m = m->m_next;
+   if (m == NULL)
+   return (-1);
+   }
+
+   for (;;) {
+   count = min(m->m_len - off, len);
+   
+   memcpy(cp, m->m_data + off, count);
+   len -= count;
+
+   if (len == 0)
+   return (0);
+
+   m = m->m_next;
+   if (m == NULL)
+   break;
+
+   cp += count;
+   off = 0;
+   }
+
+   return (-1);
+}
+
+u_int32_t
+bpf_mbuf_ldw(const void *m0, u_int32_t k, int *err)
+{
+   u_int32_t v;
+
+   if (bpf_mbuf_copy(m0, k, , sizeof(v)) != 0) {
+   *err = 1;
+   return (0);
+   }
+
+   *err = 0;
+   return ntohl(v);
+}
+
+u_int32_t
+bpf_mbuf_ldh(const void *m0, u_int32_t k, int *err)
+{
+   u_int16_t v;
+
+   if (bpf_mbuf_copy(m0, k, , sizeof(v)) != 0) {
+   *err = 1;
+   return (0);
+   }
+
+   *err = 0;
+   return ntohs(v);
+}
+
+u_int32_t
+bpf_mbuf_ldb(const void *m0, u_int32_t k, int *err)
+{
+   const struct mbuf *m = m0;
+
+   while (k >= m->m_len) {
+   k -= m->m_len;
+
+   m = m->m_next;
+   if (m == NULL) {
+   *err = 1;
+   return (0);
+   }
+   }
+
+   *err = 0;
+   return (m->m_data[k]);
+}
+
+u_int
+bpf_mfilter(const struct bpf_insn *pc, const struct mbuf *m, u_int wirelen)
+{
+   return _bpf_filter(pc, _mbuf_ops, m, wirelen);
 }
Index: sys/net/bpf.h
===
RCS file: /cvs/src/sys/net/bpf.h,v
retrieving revision 1.51
diff -u -p -r1.51 bpf.h
--- sys/net/bpf.h   29 Mar 2016 10:38:27 -  1.51
+++ sys/net/bpf.h   30 Mar 2016 05:13:44 -
@@ -265,13 +265,28 @@ struct bpf_dltlist {
 };
 
 /*
+ * Load operations for _bpf_filter to use against the packet pointer.
+ */

alpha fixes for older chips

[Andrew Fresh]

I got these patches from the ghost of architectures past trying to get
perl tests passing on my alpha. 

I finally got a chance to get back to this and test building a release
on both alpha and amd64 and will commit them in the morning unless
someone else gets to it first.


There are two separate fixes here, the first is a compiler optimization
bug and the other handles processors without specific instructions.

These help not only perl on my AlphaStation but also gets these two
regress tests to pass on it:

regress/lib/libm/nextafter
regress/lib/libm/rint


(I think I properly fixed the paths to be relative to src/ but it's
possible I broke something, so if they don't apply that's probably my
fault.)

Date: Sun, 17 Jan 2016 21:50:30 + (UTC)
From: Miod Vallat 
To: tech@openbsd.org
Subject: Re: Perl 5.22.1 testing request + issue on alpha
Organization: Prumpleffer Gmbh
User-Agent: slrn/1.0.2 (OpenBSD)

> I have run into a strange issue on alpha that I'm still tracking down.
> I fear this has interrupted me too long to get 5.22 in for OpenBSD 5.9,
> but maybe we can get ahead of the curve and be ready after unlock.
>
> Previously, NaN + 1 looked like this:
> $ perl -we 'print "NaN" + 1'
> -nan
>
> Due to improvements in the Inf/NaN code, 5.22 should get:
> $ perl -we 'print "NaN" + 1' 
> NaN
>
> But for some reason on alpha NaN isn't special and we instead get:
> $ ./perl -we 'print "NaN" + 1'
> 1

You might want to try this compiler diff on alpha.





When compiling with optimization enabled and ieee-style floating point, the
compiler tries to insert asynchronous fpu trap synchronization barriers as
late as possible.

Unfortunately, the logic does not take into account the store of a
floating-point result into memory as something requiring a barrier, which
leads to incorrect behaviour on alpha processors without the ``precise
arithmetic trap'' extension.

Index: alpha.c
===
RCS file: /OpenBSD/src/gnu/gcc/gcc/config/alpha/alpha.c,v
retrieving revision 1.4
diff -u -p -r1.4 alpha.c
--- gnu/gcc/gcc/config/alpha/alpha.c20 Dec 2012 13:58:06 -  1.4
+++ gnu/gcc/gcc/config/alpha/alpha.c17 Jan 2016 19:42:44 -
@@ -8721,11 +8721,15 @@ summarize_insn (rtx x, struct shadow_sum
result of an instruction that might generate an UNPREDICTABLE
result.
 
-   (c) Within the trap shadow, no register may be used more than once
+   (c) Within the trap shadow, the destination register of the potentially
+   trapping instruction may not be used as an input, for its value would be
+   UNPREDICTABLE.
+
+   (d) Within the trap shadow, no register may be used more than once
as a destination register.  (This is to make life easier for the
trap-handler.)
 
-   (d) The trap shadow may not include any branch instructions.  */
+   (e) The trap shadow may not include any branch instructions.  */
 
 static void
 alpha_handle_trap_shadows (void)
@@ -8797,7 +8801,7 @@ alpha_handle_trap_shadows (void)
  if ((sum.defd.i & shadow.defd.i)
  || (sum.defd.fp & shadow.defd.fp))
{
- /* (c) would be violated */
+ /* (d) would be violated */
  goto close_shadow;
}
 
@@ -8820,11 +8824,19 @@ alpha_handle_trap_shadows (void)
 
  goto close_shadow;
}
+
+ if ((sum.used.i & shadow.defd.i)
+ || (sum.used.fp & shadow.defd.fp))
+   {
+ /* (c) would be violated */
+ goto close_shadow;
+   }
  break;
 
case JUMP_INSN:
case CALL_INSN:
case CODE_LABEL:
+ /* (e) would be violated */
  goto close_shadow;
 
default:


Date: Wed, 20 Jan 2016 20:20:51 +
From: Miod Vallat 
To: Andrew Fresh 
Cc: Theo de Raadt , David Gwynne 
Subject: Re: alpha
User-Agent: Mutt/1.5.24 (2015-08-30)

> > However! I have just noticed regress/lib/libm/rint will fail with a
> > SIGILL. Apparently not all IEEE-mode instructions are implemented on
> > this 21064, but this is one of the earliest alpha systems. Could you
> > check if this test passes (or fails, but without SIGILL) on your
> > alphastation?
> 
> This fails on my alphastation with SIGILL.
> 
> kern.version=OpenBSD 5.9-beta (GENERIC) #281: Sun Dec 27 13:54:59 MST 2015
> dera...@alpha.openbsd.org:/usr/src/sys/arch/alpha/compile/GENERIC
> 
> $ make regress
> cc -O2 -pipe-c rint.c
> cc   -o rint rint.o -lm
> ./rint
> *** Signal SIGILL in . (:48 'run-regress-rint')
> FAILED
> *** Error 1 in target 'regress' (ignored)

The following diff will fix it. 

sys/mbuf.h and extra headers

[David Gwynne]

i dont think mbuf.h needs to bring in sys/queue.h because it doesnt
use anything in it.

the malloc.h bits are only used to alias the mbuf allocator flags
to the malloc ones, which is only necessary under _KERNEL. i think.
hilariously the backend allocator for mbufs are pools too.

an amd64 kernel build survives with this. is this worth doing?

ok?

Index: mbuf.h
===
RCS file: /cvs/src/sys/sys/mbuf.h,v
retrieving revision 1.208
diff -u -p -r1.208 mbuf.h
--- mbuf.h  23 Feb 2016 01:39:14 -  1.208
+++ mbuf.h  30 Mar 2016 01:31:39 -
@@ -35,9 +35,6 @@
 #ifndef _SYS_MBUF_H_
 #define _SYS_MBUF_H_
 
-#include 
-#include 
-
 /*
  * Constants related to network buffer management.
  * MCLBYTES must be no larger than PAGE_SIZE (the software page size) and,
@@ -242,6 +239,7 @@ struct mbuf {
 #define M_FLOWID_MASK  0x7fff  /* flow id to map to path */
 
 /* flags to m_get/MGET */
+#include 
 #defineM_DONTWAIT  M_NOWAIT
 #defineM_WAIT  M_WAITOK
 

Re: acpi gpio interrupts

[Jonathan Gray]

On Tue, Mar 29, 2016 at 11:13:51PM +0200, Mark Kettenis wrote:
> Hi Jonathan, Joshua & other interested folks,
> 
> The diff below adds support for gpio interrupts for the Bay Trail GPIO
> controller.  The acpi gpio interface gets extended with an
> intr_establish() method that establishes an interrupt on a specific
> pin.  The pin is configured according to the flags that are passed.
> The interrupt is established at IPL_BIO.  This is similar to what the
> USB subsystem does.  The interrupt handler should call splxxx() as
> appropriate.  This means that keyboard interrupts will be blocked by
> pretty much all other interrupt handlers.  We can't easily avoid this.
> 
> The diff hooks this support up to the sdhc(4) driver.  Card insertions
> and de-insertions are now detected in the SD card slot of my Asus
> x205ta.
> 
> It should be fairly easy too hook up the keyboard interrupt on the
> Lenovo 100s.
> 
> ok?

It would be nice if the intr_establish at least returned an int to avoid
having to add simple functions to get around to different prototype.
Perhaps an empty intr_disestablish and adding the devname argument
like acpi_intr_establish?  Is it possible multiple callbacks may
need to be called for a single pin?

It ends up being a bit convoluted on the 100s but works with the
following.  Can now click and drag windows in x11...

dwiic0 at acpi0: I2C1 addr 0x90906000/0x1000 irq 32
iic0 at dwiic0
dwiic1 at acpi0: I2C2 addr 0x9090c000/0x1000 irq 33
iic1 at dwiic1
"10EC5640" at acpi0 not configured
dwiic2 at acpi0: I2C3 addr 0x9090e000/0x1000 irq 34
iic2 at dwiic2
 GPO2 pin 22
 tflags 0x12
 ppi 0x1
 drs 0x0
 dbt 0x0
ihidev0 at iic2 addr 0x5: int 22, vendor 0x6243 product 0x1, ENEE3730
ihidev0: 6 report ids
ikbd0 at ihidev0 reportid 1: 8 variable keys, 6 key codes
wskbd0 at ikbd0 mux 1
hid at ihidev0 reportid 2 not configured
hid at ihidev0 reportid 3 not configured
ims0 at ihidev0 reportid 4: 3 buttons, Z dir
wsmouse0 at ims0 mux 0
hid at ihidev0 reportid 5 not configured
hid at ihidev0 reportid 6 not configured
"ENEE3730" at acpi0 not configured
dwiic3 at acpi0: I2C4 addr 0x9091/0x1000 irq 35
iic3 at dwiic3
dwiic4 at acpi0: I2C5 addr 0x90912000/0x1000 irq 36
iic4 at dwiic4

Index: acpi/dwiic.c
===
RCS file: /cvs/src/sys/dev/acpi/dwiic.c,v
retrieving revision 1.12
diff -u -p -r1.12 dwiic.c
--- acpi/dwiic.c29 Mar 2016 22:35:09 -  1.12
+++ acpi/dwiic.c30 Mar 2016 00:56:40 -
@@ -123,6 +123,10 @@ struct dwiic_crs {
uint32_t addr_bas;
uint32_t addr_len;
uint16_t i2c_addr;
+   struct aml_node *devnode;
+   struct aml_node *gpio_int_node;
+   uint16_t gpio_int_pin;
+   uint16_t gpio_int_flags;
 };
 
 struct dwiic_softc {
@@ -238,6 +242,7 @@ dwiic_attach(struct device *parent, stru
return;
}
memset(, 0, sizeof(crs));
+   crs.devnode = sc->sc_devnode;
aml_parse_resource(, dwiic_acpi_parse_crs, );
aml_freevalue();
 
@@ -374,6 +379,8 @@ int
 dwiic_acpi_parse_crs(union acpi_resource *crs, void *arg)
 {
struct dwiic_crs *sc_crs = arg;
+   struct aml_node *node;
+   uint16_t pin;
 
switch (AML_CRSTYPE(crs)) {
case SR_IRQ:
@@ -386,6 +393,22 @@ dwiic_acpi_parse_crs(union acpi_resource
sc_crs->irq_flags = crs->lr_extirq.flags;
break;
 
+   case LR_GPIO:
+   node = aml_searchname(sc_crs->devnode,
+   (char *)>pad[crs->lr_gpio.res_off]);
+   pin = *(uint16_t *)>pad[crs->lr_gpio.pin_off];
+   printf(" %s pin %d\n", node->name, pin);
+   if (crs->lr_gpio.type == LR_GPIO_INT) {
+   sc_crs->gpio_int_node = node;
+   sc_crs->gpio_int_pin = pin;
+   sc_crs->gpio_int_flags = crs->lr_gpio.tflags;
+   }
+   printf(" tflags 0x%x\n", crs->lr_gpio.tflags);
+   printf(" ppi 0x%x\n", crs->lr_gpio._ppi);
+   printf(" drs 0x%x\n", crs->lr_gpio._drs);
+   printf(" dbt 0x%x\n", crs->lr_gpio._dbt);
+   break;
+
case LR_MEM32:
sc_crs->addr_min = letoh32(crs->lr_m32._min);
sc_crs->addr_len = letoh32(crs->lr_m32._len);
@@ -553,18 +576,27 @@ dwiic_acpi_foundhid(struct aml_node *nod
return (0);
}
memset(, 0, sizeof(crs));
+   crs.devnode = sc->sc_devnode;
aml_parse_resource(, dwiic_acpi_parse_crs, );
aml_freevalue();
 
-   if (crs.irq_int <= 0) {
+   if (crs.gpio_int_node && crs.gpio_int_node->gpio) {
+   struct acpi_gpio *gpio = crs.gpio_int_node->gpio;
+   ia.ia_int = crs.gpio_int_pin;
+   ia.ia_int_flags = crs.gpio_int_flags;
+   ia.acpi_gpio = gpio;
+   } else {
+   ia.ia_int = crs.irq_int;
+   ia.ia_int_flags = crs.irq_flags;
+ 

remove BIOC[SG]QUEUE from bpf.c

[David Gwynne]

this basically reverts bpf.c r1.117.

two reasons. firstly, nothing uses the ioctls. the tcpdump -Q support
never materialised.

secondly, and probably more importantly, the implementation assumes
that bpf handles mbufs with pkthdrs in the first mbuf, but that is
incorrect. bpf actually only deals with chains of data (so m_data,
m_len, m_next), so this could blow up if anyone actually uses it.

ok?

Index: bpf.c
===
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.136
diff -u -p -r1.136 bpf.c
--- bpf.c   29 Mar 2016 10:38:27 -  1.136
+++ bpf.c   30 Mar 2016 00:12:41 -
@@ -859,14 +859,6 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
(BPF_DIRECTION_IN|BPF_DIRECTION_OUT);
break;
 
-   case BIOCGQUEUE:/* get queue */
-   *(u_int *)addr = d->bd_queue;
-   break;
-
-   case BIOCSQUEUE:/* set queue */
-   d->bd_queue = *(u_int *)addr;
-   break;
-
case FIONBIO:   /* Non-blocking I/O */
if (*(int *)addr)
d->bd_rtout = -1;
@@ -1244,8 +1236,6 @@ _bpf_mtap(caddr_t arg, struct mbuf *m, u
atomic_inc_long(>bd_rcount);
 
if ((direction & d->bd_dirfilt) != 0)
-   slen = 0;
-   else if (d->bd_queue && m->m_pkthdr.pf.qid != d->bd_queue)
slen = 0;
else {
struct bpf_program *bf;
Index: bpfdesc.h
===
RCS file: /cvs/src/sys/net/bpfdesc.h,v
retrieving revision 1.29
diff -u -p -r1.29 bpfdesc.h
--- bpfdesc.h   3 Dec 2015 16:27:32 -   1.29
+++ bpfdesc.h   30 Mar 2016 00:12:41 -
@@ -80,7 +80,6 @@ struct bpf_d {
u_char  bd_locked;  /* true if descriptor is locked */
u_char  bd_fildrop; /* true if filtered packets will be 
dropped */
u_char  bd_dirfilt; /* direction filter */
-   u_int   bd_queue;   /* the queue the user wants to watch (0 
== all) */
int bd_hdrcmplt;/* false to fill in src lladdr 
automatically */
int bd_async;   /* non-zero if packet reception should 
generate signal */
int bd_sig; /* signal to send upon packet reception 
*/

Re: multi-pool malloc wip diff

[Juan Francisco Cantero Hurtado]

On Mon, Mar 28, 2016 at 11:27:32AM +0200, Otto Moerbeek wrote:
> On Wed, Mar 23, 2016 at 08:00:19AM +0100, Otto Moerbeek wrote:
> 
> > Hi,
> > 
> > first diff that seems to work. Tested on amd64 and compile tested on
> > sparc64. 
> > 
> > It is alo available at http://www.drijf.net/openbsd/malloc
> > 
> > Form the README:
> > 
> > The diff should be applied while in /usr/src/lib, it will patch
> > both librthreads as as well as libc.
> > 
> > THIS IS WORK IN PROGRESS. It contains multiple things that should
> > be improved. To name a few things:
> > 
> > - Curently fixed at 4 pools with a fixed thread -> pool mapping.
> > - All pools are always initialized, even for single threaded programs, where
> >   only one pool is used.
> > - Especially realloc gets quite a bit uglier.
> > - I'm pondering storing the thread -> pool mapping in the thread
> >   struct instead of computing it each time from the tcb address.
> > 
> > -Otto
> > 
> 
> Second diff. Only one person (Stefan Kempf, thanks!) gave feedback...
> 
> A race condition was fixed in the init code. But there remain race
> problems in the init code. I will be working on that the coming time.
> 
> Please be aware that to make this code ready for commit, I need
> feedback/tests/reviews. There's no way this code will end up in the tree 
> without those.

I don't see regressions on amd64.

-- 
Juan Francisco Cantero Hurtado http://juanfra.info

Re: spamd - DNS whitelist

[Bob Beck]

No.  DNS based whitelisting does not belong in there. because it is
slow and DOS'able

spamd is designed to be high speed low drag. If you want to do a DNS
based whitelist, write a little co-thing that spits one
into a file or into your nospamd table that then spamd *does not even see*.

In short *spamd* is the wrong place to do this.  put your dns based
whitelist in a table periodically


On Tue, Mar 29, 2016 at 1:11 PM, Christopher Zimmermann
 wrote:
> Hi,
>
> I want to use a DNS white list to skip greylisting delays for known
> good addresses, which would pass the greylist anyway.
> To do this with spamd and OpenSMTPd I wrote a prototype which intercepts
> the initial SYN packet from any non-whitelisted ip. It then queries DNS
> whitelists and on any positive reply it whitelists the ip. The SYN
> packet is dropped. Any sane smtp server will very shortly resend the
> SYN and get through to OpenSMTPd.
> This program is only a proof-of-concept. I think the same functionality
> could be integrated into spamd or as transparent relay into relayd. Is
> this a sensible approach?
>
> Christopher
>
>
> On 2016-03-15 Stuart Henderson  wrote:
>> On 2016/03/15 12:55, Craig Skinner wrote:
>> > Generally, everything has changed from file feeds to DNS.
>>
>> Yep, because for the more actively maintained ones 1) new entries show
>> up more quickly than any sane rsync interval, this is quite important
>> for good blocking these days 2) DNS is less resource intensive and
>> more easily distributed than rsync, and 3) importantly for the rbl
>> providers, it gives additional input to them about new mail sources
>> (if an rbl suddenly starts seeing queries from all over the world for
>> a previously unseen address, it's probably worth investigation - I am
>> sure this is why some of the commercial antispam operators provide
>> free DNS-based lookups for smaller orgs).
>>
>> A more flexible approach would be to skip the PF table integration
>> completely and do DNS lookups in spamd (or, uh, relayd, or something
>> new) and based on that it could choose whether to tarpit, greylist or
>> transparent-forward the connection to the real mail server. This
>> would also give a way to use dnswl.org's whitelist to avoid
>> greylisting for those hosts where it just doesn't work well (gmail,
>> office365 etc).
>>
>
>
>
> --
> http://gmerlin.de
> OpenPGP: http://gmerlin.de/christopher.pub
> 2779 7F73 44FD 0736 B67A  C410 69EC 7922 34B4 2566

Re: multi-pool malloc wip diff

[Stuart Henderson]

On 2016/03/28 11:27, Otto Moerbeek wrote:
> Second diff. Only one person (Stefan Kempf, thanks!) gave feedback...

I've done i386 port bulk builds with both iterations of this, no
problems seen yet.

Re: gdb on landisk

[Mark Kettenis]

> Date: Sun, 27 Mar 2016 23:06:23 +
> From: Miod Vallat 
> 
> There is a fallout from the switch to binutils 2.17: the binaries
> created by 2.17 aren't recognized by the in-tree gdb because it's built
> with the bfd code from 2.15.
> 
> My understanding is that the in-tree gdb can't be made to run with bfd
> from 2.17 without significant non-trivial changes, so I'd suggest the
> following diff.

Thanks, committed.

> Index: gnu/usr.bin/binutils/bfd/elf32-sh.c
> ===
> RCS file: /OpenBSD/src/gnu/usr.bin/binutils/bfd/elf32-sh.c,v
> retrieving revision 1.3
> diff -u -p -r1.3 elf32-sh.c
> --- gnu/usr.bin/binutils/bfd/elf32-sh.c   22 Dec 2014 14:09:58 -  
> 1.3
> +++ gnu/usr.bin/binutils/bfd/elf32-sh.c   20 Nov 2015 20:56:20 -
> @@ -6849,6 +6849,7 @@ sh_elf_set_mach_from_flags (bfd *abfd)
>break;
>  case EF_SH_UNKNOWN:
>  case EF_SH4:
> +case 23: /* EF_SH2A_SH4 */
>bfd_default_set_arch_mach (abfd, bfd_arch_sh, bfd_mach_sh4);
>break;
>  case EF_SH4_NOFPU:
> 
> 

Re: multi-pool malloc wip diff

[Mike Larkin]

On Mon, Mar 28, 2016 at 11:27:32AM +0200, Otto Moerbeek wrote:
> On Wed, Mar 23, 2016 at 08:00:19AM +0100, Otto Moerbeek wrote:
> 
> > Hi,
> > 
> > first diff that seems to work. Tested on amd64 and compile tested on
> > sparc64. 
> > 
> > It is alo available at http://www.drijf.net/openbsd/malloc
> > 
> > Form the README:
> > 
> > The diff should be applied while in /usr/src/lib, it will patch
> > both librthreads as as well as libc.
> > 
> > THIS IS WORK IN PROGRESS. It contains multiple things that should
> > be improved. To name a few things:
> > 
> > - Curently fixed at 4 pools with a fixed thread -> pool mapping.
> > - All pools are always initialized, even for single threaded programs, where
> >   only one pool is used.
> > - Especially realloc gets quite a bit uglier.
> > - I'm pondering storing the thread -> pool mapping in the thread
> >   struct instead of computing it each time from the tcb address.
> > 
> > -Otto
> > 
> 
> Second diff. Only one person (Stefan Kempf, thanks!) gave feedback...
> 
> A race condition was fixed in the init code. But there remain race
> problems in the init code. I will be working on that the coming time.
> 
> Please be aware that to make this code ready for commit, I need
> feedback/tests/reviews. There's no way this code will end up in the tree 
> without those.
> 
>   -Otto
> 

Been running this in a VM since this weekend, no issues seen. (amd64).

-ml

> 
> Index: libc/include/thread_private.h
> ===
> RCS file: /cvs/src/lib/libc/include/thread_private.h,v
> retrieving revision 1.26
> diff -u -p -r1.26 thread_private.h
> --- libc/include/thread_private.h 7 Apr 2015 01:27:07 -   1.26
> +++ libc/include/thread_private.h 28 Mar 2016 08:22:31 -
> @@ -17,6 +17,8 @@
>   */
>  extern int __isthreaded;
>  
> +#define _MALLOC_MUTEXES 4
> +
>  /*
>   * Weak symbols are used in libc so that the thread library can
>   * efficiently wrap libc functions.
> @@ -136,16 +138,16 @@ extern void *__THREAD_NAME(serv_mutex);
>  /*
>   * malloc lock/unlock prototypes and definitions
>   */
> -void _thread_malloc_lock(void);
> -void _thread_malloc_unlock(void);
> +void _thread_malloc_lock(int);
> +void _thread_malloc_unlock(int);
>  
> -#define _MALLOC_LOCK()   do {
> \
> +#define _MALLOC_LOCK(n)  do {
> \
>   if (__isthreaded)   \
> - _thread_malloc_lock();  \
> + _thread_malloc_lock(n); \
>   } while (0)
> -#define _MALLOC_UNLOCK() do {\
> +#define _MALLOC_UNLOCK(n)do {\
>   if (__isthreaded)   \
> - _thread_malloc_unlock();\
> + _thread_malloc_unlock(n);\
>   } while (0)
>  
>  void _thread_atexit_lock(void);
> Index: libc/stdlib/malloc.c
> ===
> RCS file: /cvs/src/lib/libc/stdlib/malloc.c,v
> retrieving revision 1.185
> diff -u -p -r1.185 malloc.c
> --- libc/stdlib/malloc.c  17 Mar 2016 17:55:33 -  1.185
> +++ libc/stdlib/malloc.c  28 Mar 2016 08:22:31 -
> @@ -1,6 +1,6 @@
>  /*   $OpenBSD: malloc.c,v 1.185 2016/03/17 17:55:33 mmcc Exp $   */
>  /*
> - * Copyright (c) 2008, 2010, 2011 Otto Moerbeek 
> + * Copyright (c) 2008, 2010, 2011, 2016 Otto Moerbeek 
>   * Copyright (c) 2012 Matthew Dempsky 
>   * Copyright (c) 2008 Damien Miller 
>   * Copyright (c) 2000 Poul-Henning Kamp 
> @@ -43,6 +43,7 @@
>  #endif
>  
>  #include "thread_private.h"
> +#include 
>  
>  #if defined(__sparc__) && !defined(__sparcv9__)
>  #define MALLOC_PAGESHIFT (13U)
> @@ -95,10 +96,10 @@
>  
>  #define _MALLOC_LEAVE(d) do { if (__isthreaded) { \
>   (d)->active--; \
> - _MALLOC_UNLOCK(); } \
> + _MALLOC_UNLOCK(d->mutex); } \
>  } while (0)
>  #define _MALLOC_ENTER(d) do { if (__isthreaded) { \
> - _MALLOC_LOCK(); \
> + _MALLOC_LOCK(d->mutex); \
>   (d)->active++; } \
>  } while (0)
>  
> @@ -129,6 +130,7 @@ struct dir_info {
>   void *delayed_chunks[MALLOC_DELAYED_CHUNK_MASK + 1];
>   size_t rbytesused;  /* random bytes used */
>   char *func; /* current function */
> + int mutex;
>   u_char rbytes[32];  /* random bytes */
>   u_short chunk_start;
>  #ifdef MALLOC_STATS
> @@ -178,7 +180,7 @@ struct chunk_info {
>  };
>  
>  struct malloc_readonly {
> - struct dir_info *malloc_pool;   /* Main bookkeeping information */
> + struct dir_info 

Re: handle bogus sparc64 frame buffers

[Mark Kettenis]

> Date: Mon, 28 Mar 2016 14:21:33 +
> From: Miod Vallat 
> 
> Some sparc64 pci frame buffers incorrectly have the `depth' property
> spelled `depth ' with a trailing space.
> 
> This can be found in this E450 eeprom -p output:
>   http://pastebin.com/P4ab4Xt4
> 
> Because of this, gfxp(4) attaches believing the display is only 8bpp,
> and the display gets garbled.
> 
> The following diff will fix this issue. I don't think sparc needs a
> similar fix as there are no Sun sparc systems with pci slots.

Thanks,

Committed.

> Index: fb.c
> ===
> RCS file: /OpenBSD/src/sys/arch/sparc64/dev/fb.c,v
> retrieving revision 1.25
> diff -u -p -r1.25 fb.c
> --- fb.c  21 Oct 2013 10:36:19 -  1.25
> +++ fb.c  28 Mar 2016 12:54:32 -
> @@ -131,7 +131,12 @@ fb_setsize(struct sunfb *sf, int def_dep
>  {
>   int def_linebytes;
>  
> - sf->sf_depth = getpropint(node, "depth", def_depth);
> + /*
> +  * Some PCI devices lack the `depth' property, but have a `depth '
> +  * property (with a trailing space) instead.
> +  */
> + sf->sf_depth = getpropint(node, "depth",
> + getpropint(node, "depth ", def_depth));
>   sf->sf_width = getpropint(node, "width", def_width);
>   sf->sf_height = getpropint(node, "height", def_height);
>  
> 
> 

acpi gpio interrupts

[Mark Kettenis]

Hi Jonathan, Joshua & other interested folks,

The diff below adds support for gpio interrupts for the Bay Trail GPIO
controller.  The acpi gpio interface gets extended with an
intr_establish() method that establishes an interrupt on a specific
pin.  The pin is configured according to the flags that are passed.
The interrupt is established at IPL_BIO.  This is similar to what the
USB subsystem does.  The interrupt handler should call splxxx() as
appropriate.  This means that keyboard interrupts will be blocked by
pretty much all other interrupt handlers.  We can't easily avoid this.

The diff hooks this support up to the sdhc(4) driver.  Card insertions
and de-insertions are now detected in the SD card slot of my Asus
x205ta.

It should be fairly easy too hook up the keyboard interrupt on the
Lenovo 100s.

ok?


Index: acpi/amltypes.h
===
RCS file: /cvs/src/sys/dev/acpi/amltypes.h,v
retrieving revision 1.41
diff -u -p -r1.41 amltypes.h
--- acpi/amltypes.h 28 Mar 2016 17:27:57 -  1.41
+++ acpi/amltypes.h 29 Mar 2016 21:04:45 -
@@ -367,6 +367,7 @@ struct acpi_pci {
 struct acpi_gpio {
void*cookie;
int (*read_pin)(void *, int);
+   void(*intr_establish)(void *, int, int, void (*)(void *), void *);
 };
 
 struct aml_node {
Index: acpi/bytgpio.c
===
RCS file: /cvs/src/sys/dev/acpi/bytgpio.c,v
retrieving revision 1.3
diff -u -p -r1.3 bytgpio.c
--- acpi/bytgpio.c  29 Mar 2016 18:04:09 -  1.3
+++ acpi/bytgpio.c  29 Mar 2016 21:04:45 -
@@ -25,8 +25,22 @@
 #include 
 #include 
 
+#define BYTGPIO_CONF_GD_LEVEL  0x0100
+#define BYTGPIO_CONF_GD_TPE0x0200
+#define BYTGPIO_CONF_GD_TNE0x0400
+#define BYTGPIO_CONF_GD_MASK   0x0f00
+
 #define BYTGPIO_PAD_VAL0x0001
 
+#define BYTGPIO_IRQ_TS_0   0x800
+#define BYTGPIO_IRQ_TS_1   0x804
+#define BYTGPIO_IRQ_TS_2   0x808
+
+struct bytgpio_intrhand {
+   void (*ih_func)(void *);
+   void *ih_arg;
+};
+
 struct bytgpio_softc {
struct device sc_dev;
struct acpi_softc *sc_acpi;
@@ -43,6 +57,7 @@ struct bytgpio_softc {
 
const int *sc_pins;
int sc_npins;
+   struct bytgpio_intrhand *sc_pin_ih;
 
struct acpi_gpio sc_gpio;
 };
@@ -90,6 +105,7 @@ const int byt_sus_pins[] = {
 
 intbytgpio_parse_resources(union acpi_resource *, void *);
 intbytgpio_read_pin(void *, int);
+void   bytgpio_intr_establish(void *, int, int, void (*)(), void *);
 intbytgpio_intr(void *);
 
 int
@@ -149,29 +165,39 @@ bytgpio_attach(struct device *parent, st
return;
}
 
+   sc->sc_pin_ih = mallocarray(sc->sc_npins, sizeof(*sc->sc_pin_ih),
+   M_DEVBUF, M_NOWAIT | M_ZERO);
+   if (sc->sc_pin_ih == NULL) {
+   printf("\n");
+   return;
+   }
+
printf(" irq %d", sc->sc_irq);
 
sc->sc_memt = aaa->aaa_memt;
if (bus_space_map(sc->sc_memt, sc->sc_addr, sc->sc_size, 0,
>sc_memh)) {
printf(", can't map registers\n");
-   return;
+   goto fail;
}
 
-#if 0
sc->sc_ih = acpi_intr_establish(sc->sc_irq, sc->sc_irq_flags, IPL_BIO,
bytgpio_intr, sc, sc->sc_dev.dv_xname);
if (sc->sc_ih == NULL) {
printf(", can't establish interrupt\n");
-   return;
+   goto fail;
}
-#endif
 
sc->sc_gpio.cookie = sc;
sc->sc_gpio.read_pin = bytgpio_read_pin;
+   sc->sc_gpio.intr_establish = bytgpio_intr_establish;
sc->sc_node->gpio = >sc_gpio;
 
printf(", %d pins\n", sc->sc_npins);
+   return;
+
+fail:
+   free(sc->sc_pin_ih, M_DEVBUF, sc->sc_npins * sizeof(*sc->sc_pin_ih));
 }
 
 int
@@ -207,25 +233,52 @@ bytgpio_read_pin(void *cookie, int pin)
return (reg & BYTGPIO_PAD_VAL);
 }
 
-#if 0
+void
+bytgpio_intr_establish(void *cookie, int pin, int flags,
+void (*func)(void *), void *arg)
+{
+   struct bytgpio_softc *sc = cookie;
+   uint32_t reg;
+
+   KASSERT(pin >= 0 && pin < sc->sc_npins);
+
+   sc->sc_pin_ih[pin].ih_func = func;
+   sc->sc_pin_ih[pin].ih_arg = arg;
+
+   reg = bus_space_read_4(sc->sc_memt, sc->sc_memh, sc->sc_pins[pin] * 16);
+   reg &= ~BYTGPIO_CONF_GD_MASK;
+   if ((flags & LR_GPIO_MODE) == 0)
+   reg |= BYTGPIO_CONF_GD_LEVEL;
+   if ((flags & LR_GPIO_POLARITY) == LR_GPIO_ACTLO)
+   reg |= BYTGPIO_CONF_GD_TNE;
+   if ((flags & LR_GPIO_POLARITY) == LR_GPIO_ACTHI)
+   reg |= BYTGPIO_CONF_GD_TPE;
+   if ((flags & LR_GPIO_POLARITY) == LR_GPIO_ACTBOTH)
+   reg |= BYTGPIO_CONF_GD_TNE | BYTGPIO_CONF_GD_TPE;
+   bus_space_write_4(sc->sc_memt, sc->sc_memh, sc->sc_pins[pin] * 16, reg);
+}
 
 int
 bytgpio_intr(void *arg)
 {
struct bytgpio_softc 

knote activate splhigh

[Alexander Bluhm]

Hi,

from a customer's system I got this panic:

kernel diagnostic assertion "(kn->kn_status & KN_QUEUED) == 0" failed: file ".. 
/../../../kern/kern_event.c", line 1071 

panic() at panic+0xfe   
__assert() at __assert+0x25 
knote_enqueue() at knote_enqueue+0x8c   
knote() at knote+0x47   
selwakeup() at selwakeup+0x1b   
logwakeup() at logwakeup+0x20   
log() at log+0xfc   
...
softclock() at softclock+0x315  
softintr_dispatch() at softintr_dispatch+0x7f   

When looking at the condition in KNOTE_ACTIVATE()
if ((kn->kn_status & (KN_QUEUED | KN_DISABLED)) == 0)
knote_enqueue(kn);
and the assertion in knote_enqueue()
KASSERT((kn->kn_status & KN_QUEUED) == 0);
it is quite obvious that interrupts must be blocked between those.

So put the splhigh() around KNOTE_ACTIVATE() and use a splassert()
within knote_enqueue().  This is more or less where FreeBSD puts
its KQ_LOCK().

ok?

bluhm

Index: kern/kern_event.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/kern/kern_event.c,v
retrieving revision 1.71
diff -u -p -r1.71 kern_event.c
--- kern/kern_event.c   6 Jan 2016 17:58:46 -   1.71
+++ kern/kern_event.c   29 Mar 2016 19:15:40 -
@@ -338,9 +338,12 @@ void
 filt_timerexpire(void *knx)
 {
struct knote *kn = knx;
+   int s;
 
kn->kn_data++;
+   s = splhigh();
KNOTE_ACTIVATE(kn);
+   splx(s);
 
if ((kn->kn_flags & EV_ONESHOT) == 0)
filt_timer_timeout_add(kn);
@@ -954,7 +957,11 @@ kqueue_wakeup(struct kqueue *kq)
 void
 knote_activate(struct knote *kn)
 {
+   int s;
+
+   s = splhigh();
KNOTE_ACTIVATE(kn);
+   splx(s);
 }
 
 /*
@@ -964,10 +971,14 @@ void
 knote(struct klist *list, long hint)
 {
struct knote *kn, *kn0;
+   int s;
 
-   SLIST_FOREACH_SAFE(kn, list, kn_selnext, kn0)
+   SLIST_FOREACH_SAFE(kn, list, kn_selnext, kn0) {
+   s = splhigh();
if (kn->kn_fop->f_event(kn, hint))
KNOTE_ACTIVATE(kn);
+   splx(s);
+   }
 }
 
 /*
@@ -1073,14 +1084,13 @@ void
 knote_enqueue(struct knote *kn)
 {
struct kqueue *kq = kn->kn_kq;
-   int s = splhigh();
 
+   splassert(IPL_HIGH);
KASSERT((kn->kn_status & KN_QUEUED) == 0);
 
TAILQ_INSERT_TAIL(>kq_head, kn, kn_tqe);
kn->kn_status |= KN_QUEUED;
kq->kq_count++;
-   splx(s);
kqueue_wakeup(kq);
 }
 

Re: [patch] ftpd: close dirp

[Todd C. Miller]

On Tue, 29 Mar 2016 21:50:23 +0200, frit...@alokat.org wrote:

> The "dirp" pointer is not closed if goto inside the while loop is called.
> 
> This diff:
> - closes the dirp object
> - moves the jump mark "out" a bit higher to clean the file pointer as well as
>  the
>   descriptor if the goto statement is called, and reset global variables
> 
> The "send_file_list" function is only called on NLST. 

I think it is safer to just move the closedir(dirp) to be after the
"out" label.

 - todd

Index: ftpd.c
===
RCS file: /cvs/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.213
diff -u -p -u -r1.213 ftpd.c
--- ftpd.c  16 Mar 2016 15:41:10 -  1.213
+++ ftpd.c  29 Mar 2016 20:30:39 -
@@ -2694,6 +2694,8 @@ send_file_list(char *whichf)
} else if (!S_ISDIR(st.st_mode))
continue;
 
+   if (dirp != NULL)
+   (void) closedir(dirp);
if ((dirp = opendir(dirname)) == NULL)
continue;
 
@@ -2738,7 +2740,6 @@ send_file_list(char *whichf)
byte_count += strlen(nbuf) + 1;
}
}
-   (void) closedir(dirp);
}
 
if (dout == NULL)
@@ -2748,7 +2749,10 @@ send_file_list(char *whichf)
else
reply(226, "Transfer complete.");
 
+out:
transflag = 0;
+   if (dirp != NULL)
+   (void) closedir(dirp);
if (dout != NULL)
(void) fclose(dout);
else {
@@ -2757,7 +2761,7 @@ send_file_list(char *whichf)
}
data = -1;
pdata = -1;
-out:
+
if (freeglob) {
freeglob = 0;
globfree();

[patch] ftpd: close dirp

[fritjof]

The "dirp" pointer is not closed if goto inside the while loop is called.

This diff:
- closes the dirp object
- moves the jump mark "out" a bit higher to clean the file pointer as well as 
the
  descriptor if the goto statement is called, and reset global variables

The "send_file_list" function is only called on NLST. 

--F.

Index: ftpd.c
===
RCS file: /cvs/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.213
diff -u -r1.213 ftpd.c
--- ftpd.c  16 Mar 2016 15:41:10 -  1.213
+++ ftpd.c  29 Mar 2016 19:44:21 -
@@ -2704,6 +2704,7 @@
myoob();
recvurg = 0;
transflag = 0;
+   (void)closedir(dirp);
goto out;
}
 
@@ -2725,8 +2726,10 @@
if (dout == NULL) {
dout = dataconn("file list", (off_t)-1,
"w");
-   if (dout == NULL)
+   if (dout == NULL) {
+   (void)closedir(dirp);
goto out;
+   }
transflag++;
}
if (nbuf[0] == '.' && nbuf[1] == '/')
@@ -2738,7 +2741,7 @@
byte_count += strlen(nbuf) + 1;
}
}
-   (void) closedir(dirp);
+   (void)closedir(dirp);
}
 
if (dout == NULL)
@@ -2748,16 +2751,17 @@
else
reply(226, "Transfer complete.");
 
+out:
transflag = 0;
if (dout != NULL)
-   (void) fclose(dout);
+   (void)fclose(dout);
else {
if (pdata >= 0)
close(pdata);
}
data = -1;
pdata = -1;
-out:
+
if (freeglob) {
freeglob = 0;
globfree();

Re: spamd - DNS whitelist

[Christopher Zimmermann]

Hi,

I want to use a DNS white list to skip greylisting delays for known
good addresses, which would pass the greylist anyway.
To do this with spamd and OpenSMTPd I wrote a prototype which intercepts
the initial SYN packet from any non-whitelisted ip. It then queries DNS
whitelists and on any positive reply it whitelists the ip. The SYN
packet is dropped. Any sane smtp server will very shortly resend the
SYN and get through to OpenSMTPd.
This program is only a proof-of-concept. I think the same functionality
could be integrated into spamd or as transparent relay into relayd. Is
this a sensible approach? 

Christopher


On 2016-03-15 Stuart Henderson  wrote:
> On 2016/03/15 12:55, Craig Skinner wrote:
> > Generally, everything has changed from file feeds to DNS.  
> 
> Yep, because for the more actively maintained ones 1) new entries show
> up more quickly than any sane rsync interval, this is quite important
> for good blocking these days 2) DNS is less resource intensive and
> more easily distributed than rsync, and 3) importantly for the rbl
> providers, it gives additional input to them about new mail sources
> (if an rbl suddenly starts seeing queries from all over the world for
> a previously unseen address, it's probably worth investigation - I am
> sure this is why some of the commercial antispam operators provide
> free DNS-based lookups for smaller orgs).
> 
> A more flexible approach would be to skip the PF table integration
> completely and do DNS lookups in spamd (or, uh, relayd, or something
> new) and based on that it could choose whether to tarpit, greylist or
> transparent-forward the connection to the real mail server. This
> would also give a way to use dnswl.org's whitelist to avoid
> greylisting for those hosts where it just doesn't work well (gmail,
> office365 etc).
> 



-- 
http://gmerlin.de
OpenPGP: http://gmerlin.de/christopher.pub
2779 7F73 44FD 0736 B67A  C410 69EC 7922 34B4 2566


pgp3n09YtGV91.pgp
Description: OpenPGP digital signature

[PATCH] 59.html - 5.9 for socppc is not available

[Raf Czlonka]

Hi all,

Based on socppc platform page[0], the fact that the snapshots[1]
haven't been built since September last year, as well as socppc
directory not being present in the 5.9 release directory, I take
it that 5.9 for socppc won't see the light of day.

If that's the case, then the release page[3] needs adjusting - 
patch below.

Regards,

Raf

[0] http://www.openbsd.org/socppc.html
[1] http://ftp.openbsd.org/pub/OpenBSD/snapshots/socppc/
[2] http://ftp.openbsd.org/pub/OpenBSD/5.9/
[3] http://www.openbsd.org/59.html

Index: 59.html
===
RCS file: /cvs/www/59.html,v
retrieving revision 1.82
diff -u -p -r1.82 59.html
--- 59.html 27 Mar 2016 22:25:31 -  1.82
+++ 59.html 29 Mar 2016 19:25:59 -
@@ -967,8 +967,6 @@ extensive details on how to install Open
.../OpenBSD/5.9/octeon/INSTALL.octeon
 http://ftp.openbsd.org/pub/OpenBSD/5.9/sgi/INSTALL.sgi;>
.../OpenBSD/5.9/sgi/INSTALL.sgi
-http://ftp.openbsd.org/pub/OpenBSD/5.9/socppc/INSTALL.socppc;>
-   .../OpenBSD/5.9/socppc/INSTALL.socppc
 http://ftp.openbsd.org/pub/OpenBSD/5.9/zaurus/INSTALL.zaurus;>
.../OpenBSD/5.9/zaurus/INSTALL.zaurus
 
@@ -1132,14 +1130,6 @@ Refer to the instructions in INSTALL.sgi
 If your machine doesn't have a CD drive, you can setup a DHCP/tftp network
 server, and boot using "bootp()/bsd.rd.IP##" using the kernel matching your
 system type. Refer to the instructions in INSTALL.sgi for more details.
-
-
-OpenBSD/socppc:
-
-
-
-After connecting a serial port, boot over the network via DHCP/tftp.
-Refer to the instructions in INSTALL.socppc for more details.
 
 
 OpenBSD/zaurus:

Re: rcctl ls faulty -> failed

[Joerg Jung]

On Tue, Mar 29, 2016 at 08:22:31AM -0600, Todd C. Miller wrote:
> On Tue, 29 Mar 2016 15:29:27 +0200, Antoine Jacoutot wrote:
> 
> > We'd like to rename the 'faulty' listing to 'failed'.
> > i.e. rcctl ls failed
> > 
> > 'faulty' does sound a bit weird and is not obvious to remember.
> > Now the question is should we keep supporting the 'faulty' keyword or not?
> > I'm not in favor of adding a knob especially when it's just an alias; 
> > that'd 
> > also mean documenting it.
> 
> I like this.

Me too.

OpenBSD 5.9 released - March 29

[Theo de Raadt]

- OpenBSD 5.9 RELEASED -

March 29, 2016.

We are pleased to announce the official release of OpenBSD 5.9.
This is our 39th release on CD-ROM (and 40th via FTP/HTTP).  We remain
proud of OpenBSD's record of more than twenty years with only two remote
holes in the default install.

As in our previous releases, 5.9 provides significant improvements,
including new features, in nearly all areas of the system:

 - Processor support, including:
o W^X policy enforced in the i386 kernel address space.

 - Improved hardware support, including:
o New asmc(4) driver for the Apple System Management Controller.
o New pchtemp(4) driver for the thermal sensor found on Intel X99,
  C610 series, 9 series and 100 series PCH.
o New uonerng(4) driver for the Moonbase Otago OneRNG.
o New dwiic(4) driver for the Synopsys DesignWare I2C controller.
o New ikbd(4), ims(4), and imt(4) drivers for HID-over-i2c
  keyboards, mice and multitouch touchpads.
o New efifb(4) driver for EFI frame buffer.
o New viocon(4) driver for the virtio(4) console interface provided
  by KVM, QEMU, and others.
o New xen(4) driver implementing Xen domU initialization and PVHVM
  device attachment.
o New xspd(4) driver for the XenSource Platform Device providing
  guests with additional capabilities.
o New xnf(4) driver for Xen paravirtualized networking interface.
o amd64 can now boot from 32 bit and 64 bit EFI.
o Initial support for hardware reduced ACPI added to acpi(4).
o Support for ACPI configured SD host controllers has been added to
  sdhc(4).
o The puc(4) driver now supports Moxa CP-168U, Perle Speed8 LE and
  QEMU PCI serial devices.
o Intel 100 Series PCH Ethernet MAC with i219 PHY support has been
  added to the em(4) driver.
o RTL8168H/RTL8111H support has been added to re(4).
o inteldrm(4) has been updated to Linux 3.14.52 adding initial
  support for Bay Trail and Broadwell graphics.
o Support for audio in Thinkpad docks has been added to the
  azalia(4) driver.
o Support for Synaptic touchpads without W mode has been added to
  the pms(4) driver.
o Support for tap-and-drag detection with ALPS touchpads in the
  pms(4) driver has been improved.
o The sdmmc(4) driver now supports sector mode for eMMC devices,
  such as those found on some BeagleBone Black boards.
o The cnmac(4) driver now supports checksum offloading.
o The ipmi(4) driver now supports OpenIPMI compatible character
  device.
o Support for ST-506 disks has been removed.

 - pledge(2) support integrated:
o The tame(2) system call was renamed to pledge(2). Behavior and
  semantics were extended and refined.
o 453 out of 707 base system binaries were adapted to use pledge.
o 14 ports now use pledge(2): some decompression tools, mutt, some
  pdf tools, chromium/iridium, and the i3 window manager.
o Various bugs exposed by pledge(2) were corrected. For example in
  bgpd(8), iked(8), ldapd(8), ntpd(8), and syslogd(8).
o Several misfeatures were removed, such as:
   - support for HOSTALIASES in the resolver.
   - support for lookup yp in resolv.conf(5).
   - setuid-preserving code in tools from binutils.
   - handling of ed-style diffs via proc/exec in patch(1).
o Userland programs were audited so that they could be properly
  annotated with pledge(2). This resulted in design changes such as:
   - addition of privilege separation to rdate(8)
   - addition of privilege separation to sndiod(8)
   - the introduction of the SOCK_DNS socket(2) flag that makes
 an SS_DNS tagged socket conceptually different from a plain
 socket.
o pledge(2) is also used to constrain programs that handle untrusted
  data to a very limited subset of POSIX. For example, strings(1) or
  objdump(1) from binutils or the RSA-privsep process in smtpd(8).

 - SMP network stack improvements:
o The task processing incoming packets can now run mostly in
  parallel of the rest of the kernel. This includes:
   - carp(4), trunk(4), vlan(4) and other pseudo-drivers with the
 exception of bridge(4).
   - Ethernet decapsulation, ARP processing and MPLS forwarding
 path.
   - bpf(4) filter matching.
o The Rx and Tx rings of the ix(4), myx(4), em(4), bge(4), bnx(4),
  vmx(4), gem(4), re(4) and cas(4) drivers can now be processed in
  parallel of the rest of the kernel.
o The Rx ring of the cnmac(4) driver can now be processed in
  parallel of the rest of the kernel.

 - Initial IEEE 802.11n wireless support:
o The ieee80211(9) subsystem now supports HT data rates up to
  65 Mbit/s (802.11n MCS 0-7).
o The input path of ieee80211(9) now supports receiving A-MPDU and
  A-MSDU aggregated 

Re: proxy ARP for ART

[Alexander Bluhm]

On Tue, Mar 29, 2016 at 12:59:46PM +0200, Martin Pieuchot wrote:
> @@ -600,6 +601,10 @@ route_output(struct mbuf *m, ...)
> + if (route_arp_conflict(, tableid)) {
> + error = EEXIST;
> + goto flush;
> + }

I don't like a function that returns a boolean when its name does
not clearly say so.  And this function has side effects.
What about returning EEXIST and using this check?

if ((error = route_arp_conflict(, tableid)))
goto flush;

> +route_arp_conflict(struct rt_addrinfo *info, unsigned int tableid)
> +{
> +#ifdef ART
...
> + (rtable_mpath_next(rt) != NULL)) {
...
> +#endif /* ART */

rtable_mpath_next() is not defined with SMALL_KERNEL.  You need
another #ifndef here or RAMDISK kernel will break when we enable
ART there.


> @@ -698,8 +698,20 @@ arplookup(u_int32_t addr, int create, in
> +#ifdef ART
...
> + while ((mrt = rtable_mpath_next(mrt)) != NULL) {
...
> +#endif /* ART */

same here

with that OK bluhm@

Re: rcctl ls faulty -> failed

[Rob Pierce]

> From: "Antoine Jacoutot" 
> To: "Ian Darwin" 
> Cc: "tech" 
> Sent: Tuesday, March 29, 2016 10:59:54 AM
> Subject: Re: rcctl ls faulty -> failed

> On Tue, Mar 29, 2016 at 10:48:17AM -0400, Ian Darwin wrote:
> > On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote:
> > > Hi.

> > > We'd like to rename the 'faulty' listing to 'failed'.
> > > i.e. rcctl ls failed

> > > Index: etc/daily
> > > ===
> > > RCS file: /cvs/src/etc/daily,v
> > > retrieving revision 1.85
> > > diff -u -p -u -p -r1.85 daily
> > > --- etc/daily 28 Jan 2016 15:45:34 - 1.85
> > > +++ etc/daily 29 Mar 2016 13:25:59 -
> > > @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do
> > > done

> > > next_part "Services that should run but don't:"

> > While you're there, can you please change "should run but don't" to
> > "should be running but aren't" ? The current wording is awkward,
> > and also implies that they don't run (ie. they fail to start)
> > when in fact they may have been running but been shut down
> > manually, or failed. Language should be precise as well as concise.

> Sure.

> --
> Antoine
Contractions aren't necessary. 

http://courses.cs.vt.edu/cs3604/support/Writing/writing.caveats.html 

Re: rcctl ls faulty -> failed

[Antoine Jacoutot]

On Tue, Mar 29, 2016 at 10:48:17AM -0400, Ian Darwin wrote:
> On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote:
> > Hi.
> > 
> > We'd like to rename the 'faulty' listing to 'failed'.
> > i.e. rcctl ls failed
> > 
> > Index: etc/daily
> > ===
> > RCS file: /cvs/src/etc/daily,v
> > retrieving revision 1.85
> > diff -u -p -u -p -r1.85 daily
> > --- etc/daily   28 Jan 2016 15:45:34 -  1.85
> > +++ etc/daily   29 Mar 2016 13:25:59 -
> > @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do
> >  done
> >  
> >  next_part "Services that should run but don't:"
> 
> While you're there, can you please change "should run but don't" to
> "should be running but aren't" ? The current wording is awkward,
> and also implies that they don't run (ie. they fail to start)
> when in fact they may have been running but been shut down
> manually, or failed. Language should be precise as well as concise.

Sure.

-- 
Antoine

Re: rcctl ls faulty -> failed

[Ian Darwin]

On Tue, Mar 29, 2016 at 03:29:27PM +0200, Antoine Jacoutot wrote:
> Hi.
> 
> We'd like to rename the 'faulty' listing to 'failed'.
> i.e. rcctl ls failed
> 
> Index: etc/daily
> ===
> RCS file: /cvs/src/etc/daily,v
> retrieving revision 1.85
> diff -u -p -u -p -r1.85 daily
> --- etc/daily 28 Jan 2016 15:45:34 -  1.85
> +++ etc/daily 29 Mar 2016 13:25:59 -
> @@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do
>  done
>  
>  next_part "Services that should run but don't:"

While you're there, can you please change "should run but don't" to
"should be running but aren't" ? The current wording is awkward,
and also implies that they don't run (ie. they fail to start)
when in fact they may have been running but been shut down
manually, or failed. Language should be precise as well as concise.

Re: ARP regress fix

[Alexander Bluhm]

On Tue, Mar 29, 2016 at 12:52:38PM +0200, Martin Pieuchot wrote:
> It seems to me that the multicast test checks an incorrect MAC.  Diff
> below fixes that plus a typo.

Tested with and without ART.  OK bluhm@

Wenn running all tests sequentially, it passed without your diff
because some other subtest has left stuff in the ARP table.  So I
will to commit this on top of your fix.

bluhm

diff --git a/Makefile b/Makefile
index 6b37ad5..b2e410b 100644
--- a/Makefile
+++ b/Makefile
@@ -73,14 +73,20 @@ PYTHON =python2.7 ./
 PYTHON =   PYTHONPATH=${.OBJDIR} python2.7 ${.CURDIR}/
 .endif
 
+.PHONY: clean-arp
+
+# Clear local and remote ARP cache.
+clean-arp:
+   @echo '\n $@ '
+   ${SUDO} arp -da
+   ssh -t ${REMOTE_SSH} ${SUDO} arp -da
+
 # Clear ARP cache and ping all addresses.  This ensures that
 # the IP addresses are configured and all routing table are set up
 # to allow bidirectional packet flow.
 TARGETS += ping
-run-regress-ping:
+run-regress-ping: clean-arp
@echo '\n $@ '
-   ${SUDO} arp -da
-   ssh -t ${REMOTE_SSH} ${SUDO} arp -da
 .for ip in LOCAL_ADDR REMOTE_ADDR
@echo Check ping ${ip}
ping -n -c 1 ${${ip}}
@@ -91,10 +97,9 @@ run-regress-ping:
 # Check that all fields of the answer are filled out correctly.
 # Check that the remote machine has the local IP and MAC in its ARP table.
 TARGETS += arp-request
-run-regress-arp-request: addr.py
+run-regress-arp-request: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Request for remote address and insert local address
-   ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${LOCAL_ADDR}
${SUDO} ${PYTHON}arp_request.py
ssh ${REMOTE_SSH} ${SUDO} arp -an >arp.log
grep '^${LOCAL_ADDR} .* ${LOCAL_MAC} ' arp.log
@@ -106,7 +111,7 @@ run-regress-arp-request: addr.py
 # Check that all fields of the answer are filled out correctly.
 # Check that the remote machine overwrites the local address.
 TARGETS += arp-multicast
-run-regress-arp-multicast: addr.py
+run-regress-arp-multicast: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Request and overwrite entry with multicast ethernet
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
@@ -125,7 +130,7 @@ run-regress-arp-multicast: addr.py
 # defend its IP address with an ARP reply.
 # Check that all fields of the answer are filled out correctly.
 TARGETS += arp-probe
-run-regress-arp-probe: addr.py
+run-regress-arp-probe: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Probe for existing address and expect correct reply
${SUDO} ${PYTHON}arp_probe.py
@@ -134,7 +139,7 @@ run-regress-arp-probe: addr.py
 # Check that no answer is received.
 # Check that the remote machine rejects the broadcast sender.
 TARGETS += arp-broadcast
-run-regress-arp-broadcast: addr.py
+run-regress-arp-broadcast: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Request with broadcast as sender hardware address
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
@@ -151,7 +156,7 @@ run-regress-arp-broadcast: addr.py
 # Check that the remote machine reports an duplicate address.
 # Check that the remote machine keeps its local ARP entry.
 TARGETS += arp-announcement
-run-regress-arp-announcement: addr.py
+run-regress-arp-announcement: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Announcement for existing address
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
@@ -169,7 +174,7 @@ run-regress-arp-announcement: addr.py
 # Check that the remote machine reports an duplicate address.
 # Check that the remote machine keeps its local ARP entry.
 TARGETS += arp-gratuitous
-run-regress-arp-gratuitous: addr.py
+run-regress-arp-gratuitous: addr.py clean-arp
@echo '\n $@ '
@echo Send Gratuitous ARP for existing address
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
@@ -188,7 +193,7 @@ run-regress-arp-gratuitous: addr.py
 # Check that the attempt to overwrite the permanent entry is logged.
 # Check that the remote machine keeps its permanent ARP entry.
 TARGETS += arp-permanent
-run-regress-arp-permanent: addr.py
+run-regress-arp-permanent: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Request to change permanent fake address
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
@@ -208,7 +213,7 @@ run-regress-arp-permanent: addr.py
 # Check that the attempt to overwrite the permanent entry is logged.
 # Check that the remote machine keeps its local ARP entry.
 TARGETS += arp-address
-run-regress-arp-address: addr.py
+run-regress-arp-address: addr.py clean-arp
@echo '\n $@ '
@echo Send ARP Request to change address on other interface
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@
@@ -228,7 +233,7 

Re: rcctl ls faulty -> failed

[Todd C. Miller]

On Tue, 29 Mar 2016 15:29:27 +0200, Antoine Jacoutot wrote:

> We'd like to rename the 'faulty' listing to 'failed'.
> i.e. rcctl ls failed
> 
> 'faulty' does sound a bit weird and is not obvious to remember.
> Now the question is should we keep supporting the 'faulty' keyword or not?
> I'm not in favor of adding a knob especially when it's just an alias; that'd 
> also mean documenting it.

I like this.

 - todd

Re: vlan(4) doesnt have to filter its own mac address

[Claudio Jeker]

On Tue, Mar 29, 2016 at 02:37:44PM +1000, David Gwynne wrote:
> because the network stack does it for it on the way in.
> 
> the following chunk in src/sys/net/if_ethersubr.c does the same job
> later on:
> 
> int
> ether_input(struct ifnet *ifp, struct mbuf *m, void *cookie)
> {
> ...
> /*
>  * If packet is unicast, make sure it is for us.  Drop otherwise.
>  * This check is required in promiscous mode, and for some hypervisors
>  * where the MAC filter is 'best effort' only.
>  */
> if ((m->m_flags & (M_BCAST|M_MCAST)) == 0) {
> if (memcmp(ac->ac_enaddr, eh->ether_dhost, ETHER_ADDR_LEN)) {
> m_freem(m);
> return (1);
> }
> }
> ...
> 
> ok?

Fine with me if you update the comment in ether_input to indicate that
this is also needed for vlan and other virtual devices.
 
> Index: if_vlan.c
> ===
> RCS file: /cvs/src/sys/net/if_vlan.c,v
> retrieving revision 1.157
> diff -u -p -r1.157 if_vlan.c
> --- if_vlan.c 29 Mar 2016 04:33:16 -  1.157
> +++ if_vlan.c 29 Mar 2016 04:35:28 -
> @@ -375,18 +375,6 @@ vlan_input(struct ifnet *ifp0, struct mb
>   goto drop;
>  
>   /*
> -  * Drop promiscuously received packets if we are not in
> -  * promiscuous mode.
> -  */
> - if (!ETHER_IS_MULTICAST(eh->ether_dhost) &&
> - (ifp0->if_flags & IFF_PROMISC) &&
> - (ifv->ifv_if.if_flags & IFF_PROMISC) == 0) {
> - if (bcmp(>ifv_ac.ac_enaddr, eh->ether_dhost,
> - ETHER_ADDR_LEN))
> - goto drop;
> - }
> -
> - /*
>* Having found a valid vlan interface corresponding to
>* the given source interface and vlan tag, remove the
>* encapsulation.
> 

-- 
:wq Claudio

rcctl ls faulty -> failed

[Antoine Jacoutot]

Hi.

We'd like to rename the 'faulty' listing to 'failed'.
i.e. rcctl ls failed

'faulty' does sound a bit weird and is not obvious to remember.
Now the question is should we keep supporting the 'faulty' keyword or not?
I'm not in favor of adding a knob especially when it's just an alias; that'd 
also mean documenting it.

Here's a diff that does s/faulty/failed
Would that of any concern for anyone?



Index: etc/daily
===
RCS file: /cvs/src/etc/daily,v
retrieving revision 1.85
diff -u -p -u -p -r1.85 daily
--- etc/daily   28 Jan 2016 15:45:34 -  1.85
+++ etc/daily   29 Mar 2016 13:25:59 -
@@ -127,7 +127,7 @@ while [ "X$ROOTBACKUP" = X1 ]; do
 done
 
 next_part "Services that should run but don't:"
-rcctl ls faulty
+rcctl ls failed
 
 next_part "Checking subsystem status:"
 if [ "X$VERBOSESTATUS" != X0 ]; then
Index: usr.sbin/rcctl/rcctl.8
===
RCS file: /cvs/src/usr.sbin/rcctl/rcctl.8,v
retrieving revision 1.30
diff -u -p -u -p -r1.30 rcctl.8
--- usr.sbin/rcctl/rcctl.8  30 Jan 2016 18:57:31 -  1.30
+++ usr.sbin/rcctl/rcctl.8  29 Mar 2016 13:25:59 -
@@ -103,7 +103,7 @@ which can be one of:
 .Bl -tag -width started -offset indent -compact
 .It Cm all
 all services and daemons
-.It Cm faulty
+.It Cm failed
 enabled but stopped daemons
 .It Cm off
 disabled services and daemons
@@ -171,7 +171,7 @@ exits with 0 if the daemon or service is
 .Nm Cm getdef Ar daemon | service Op Cm status
 exits with 0 if the daemon or service is enabled by default
 and 1 if it is not.
-.Nm Cm ls faulty
+.Nm Cm ls failed
 exits with 1 if an enabled daemon is not running.
 Otherwise, the
 .Nm
Index: usr.sbin/rcctl/rcctl.sh
===
RCS file: /cvs/src/usr.sbin/rcctl/rcctl.sh,v
retrieving revision 1.91
diff -u -p -u -p -r1.91 rcctl.sh
--- usr.sbin/rcctl/rcctl.sh 28 Mar 2016 08:10:19 -  1.91
+++ usr.sbin/rcctl/rcctl.sh 29 Mar 2016 13:25:59 -
@@ -31,7 +31,7 @@ usage()
"usage: rcctl get|getdef|set service | daemon [variable [arguments]]
rcctl [-df] $(echo ${_rc_actions} | tr "[:blank:]" "|") daemon ...
rcctl disable|enable|order [daemon ...]
-   rcctl ls all|faulty|off|on|started|stopped"
+   rcctl ls all|failed|off|on|started|stopped"
 }
 
 needs_root()
@@ -182,7 +182,7 @@ svc_ls()
echo ${_special_svcs} | tr "[:blank:]" "\n"
) | sort
;;
-   faulty)
+   failed)
for _svc in $(svc_ls on); do
! svc_is_special ${_svc} && \
! /etc/rc.d/${_svc} check >/dev/null && 
\
@@ -444,7 +444,7 @@ ret=0
 case ${action} in
ls)
lsarg=$2
-   [[ ${lsarg} == @(all|faulty|off|on|started|stopped) ]] || usage
+   [[ ${lsarg} == @(all|failed|off|on|started|stopped) ]] || usage
;;
order)
shift 1
@@ -529,7 +529,7 @@ case ${action} in
;;
ls)
# some rc.d(8) scripts need root for rc_check()
-   [[ ${lsarg} == @(started|stopped|faulty) ]] && needs_root 
${action} ${lsarg}
+   [[ ${lsarg} == @(started|stopped|failed) ]] && needs_root 
${action} ${lsarg}
svc_ls ${lsarg}
;;
order)




-- 
Antoine

Re: ie(4) and ie(4/sparc) vs bpf_tap

[Claudio Jeker]

On Tue, Mar 29, 2016 at 08:58:35PM +1000, David Gwynne wrote:
> i think bpf_tap is broken, so id like to get rid of it.
> 
> the only thing(s) using it is ie, but they dont require bpf_tap.
> 
> the typical idiom with doing bpf on outgoing packets is to pass the
> mbuf in between dequeueing the packet from the send queue, and
> before it's given to the hardware.
> 
> this diff moves the bpf from reading a buffer out of a ring up into
> the start routine as just described.
> 
> ie on isa busses was already doing that, but also doing it again
> out of the ring. this simply removes the extra one. this means you
> wont get to see the packet twice, but once is enough for everyone
> else.
> 
> ok?

OK. Diff reads OK. Don't get hold up because of ie(4).
 
> Index: arch/sparc/dev/if_ie.c
> ===
> RCS file: /cvs/src/sys/arch/sparc/dev/if_ie.c,v
> retrieving revision 1.62
> diff -u -p -r1.62 if_ie.c
> --- arch/sparc/dev/if_ie.c16 Mar 2016 15:41:10 -  1.62
> +++ arch/sparc/dev/if_ie.c29 Mar 2016 10:54:38 -
> @@ -998,19 +998,6 @@ static __inline void
>  iexmit(sc)
>   struct ie_softc *sc;
>  {
> -
> -#if NBPFILTER > 0
> - /*
> -  * If BPF is listening on this interface, let it see the packet before
> -  * we push it on the wire.
> -  */
> - if (sc->sc_arpcom.ac_if.if_bpf)
> - bpf_tap(sc->sc_arpcom.ac_if.if_bpf,
> - sc->xmit_cbuffs[sc->xctail],
> - SWAP(sc->xmit_buffs[sc->xctail]->ie_xmit_flags),
> - BPF_DIRECTION_OUT);
> -#endif
> -
>   sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST;
>   sc->xmit_buffs[sc->xctail]->ie_xmit_next = SWAP(0x);
>   ST_24(sc->xmit_buffs[sc->xctail]->ie_xmit_buf,
> @@ -1314,6 +1301,11 @@ iestart(ifp)
>   IFQ_DEQUEUE(>sc_arpcom.ac_if.if_snd, m);
>   if (!m)
>   break;
> +
> +#if NBPFILTER > 0
> + if (ifp->if_bpf)
> + bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT);
> +#endif
>  
>   len = 0;
>   buffer = sc->xmit_cbuffs[sc->xchead];
> Index: dev/isa/if_ie.c
> ===
> RCS file: /cvs/src/sys/dev/isa/if_ie.c,v
> retrieving revision 1.50
> diff -u -p -r1.50 if_ie.c
> --- dev/isa/if_ie.c   14 Mar 2016 23:08:06 -  1.50
> +++ dev/isa/if_ie.c   29 Mar 2016 10:54:38 -
> @@ -1120,18 +1120,6 @@ iexmit(sc)
>   sc->xctail);
>  #endif
>  
> -#if NBPFILTER > 0
> - /*
> -  * If BPF is listening on this interface, let it see the packet before
> -  * we push it on the wire.
> -  */
> - if (sc->sc_arpcom.ac_if.if_bpf)
> - bpf_tap(sc->sc_arpcom.ac_if.if_bpf,
> - sc->xmit_cbuffs[sc->xctail],
> - sc->xmit_buffs[sc->xctail]->ie_xmit_flags,
> - BPF_DIRECTION_OUT);
> -#endif
> -
>   sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST;
>   sc->xmit_buffs[sc->xctail]->ie_xmit_next = 0x;
>   sc->xmit_buffs[sc->xctail]->ie_xmit_buf =
> 

-- 
:wq Claudio

Re: uvm: enable amap per-page refcounting unconditionally

[Martin Pieuchot]

On 28/03/16(Mon) 11:28, Stefan Kempf wrote:
> Miod Vallat wrote:
> > 
> > > It seems per-page reference counting is used since forever. I think
> > > there's no reason to ever turn it off (and track referenced pages
> > > with less accuracy, causing leaks).
> > 
> > Actually, assuming the #undef code path works, it might work keeping
> > this and only defining UVM_AMAP_PPREF iff defined(SMALL_KERNEL).
> 
> Doing this saves around 1.6K on bsd.rd/amd64.
> 
> Would that be preferred over removing the #ifdefs?

I'd prefer to get rid of the #ifdefs and have fewer differences between
RAMDISK and GENERIC.

> text  databss dec hex
> 4736948   2409000 577536  7723484 75d9dc
> 4738636   2409000 577536  7725172 75e074
>  
> diff --git a/uvm/uvm_amap.h b/uvm/uvm_amap.h
> index a98b440..a768e94 100644
> --- a/uvm/uvm_amap.h
> +++ b/uvm/uvm_amap.h
> @@ -119,7 +119,9 @@ boolean_t amap_swap_off(int, int);
>   * ... this is enabled with the "UVM_AMAP_PPREF" define.
>   */
>  
> -#define UVM_AMAP_PPREF   /* track partial references */
> +#ifndef SMALL_KERNEL
> +# define UVM_AMAP_PPREF  /* track partial references */
> +#endif
>  
>  /*
>   * here is the definition of the vm_amap structure for this implementation.
> 

ie(4) and ie(4/sparc) vs bpf_tap

[David Gwynne]

i think bpf_tap is broken, so id like to get rid of it.

the only thing(s) using it is ie, but they dont require bpf_tap.

the typical idiom with doing bpf on outgoing packets is to pass the
mbuf in between dequeueing the packet from the send queue, and
before it's given to the hardware.

this diff moves the bpf from reading a buffer out of a ring up into
the start routine as just described.

ie on isa busses was already doing that, but also doing it again
out of the ring. this simply removes the extra one. this means you
wont get to see the packet twice, but once is enough for everyone
else.

ok?

Index: arch/sparc/dev/if_ie.c
===
RCS file: /cvs/src/sys/arch/sparc/dev/if_ie.c,v
retrieving revision 1.62
diff -u -p -r1.62 if_ie.c
--- arch/sparc/dev/if_ie.c  16 Mar 2016 15:41:10 -  1.62
+++ arch/sparc/dev/if_ie.c  29 Mar 2016 10:54:38 -
@@ -998,19 +998,6 @@ static __inline void
 iexmit(sc)
struct ie_softc *sc;
 {
-
-#if NBPFILTER > 0
-   /*
-* If BPF is listening on this interface, let it see the packet before
-* we push it on the wire.
-*/
-   if (sc->sc_arpcom.ac_if.if_bpf)
-   bpf_tap(sc->sc_arpcom.ac_if.if_bpf,
-   sc->xmit_cbuffs[sc->xctail],
-   SWAP(sc->xmit_buffs[sc->xctail]->ie_xmit_flags),
-   BPF_DIRECTION_OUT);
-#endif
-
sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST;
sc->xmit_buffs[sc->xctail]->ie_xmit_next = SWAP(0x);
ST_24(sc->xmit_buffs[sc->xctail]->ie_xmit_buf,
@@ -1314,6 +1301,11 @@ iestart(ifp)
IFQ_DEQUEUE(>sc_arpcom.ac_if.if_snd, m);
if (!m)
break;
+
+#if NBPFILTER > 0
+   if (ifp->if_bpf)
+   bpf_mtap(ifp->if_bpf, m, BPF_DIRECTION_OUT);
+#endif
 
len = 0;
buffer = sc->xmit_cbuffs[sc->xchead];
Index: dev/isa/if_ie.c
===
RCS file: /cvs/src/sys/dev/isa/if_ie.c,v
retrieving revision 1.50
diff -u -p -r1.50 if_ie.c
--- dev/isa/if_ie.c 14 Mar 2016 23:08:06 -  1.50
+++ dev/isa/if_ie.c 29 Mar 2016 10:54:38 -
@@ -1120,18 +1120,6 @@ iexmit(sc)
sc->xctail);
 #endif
 
-#if NBPFILTER > 0
-   /*
-* If BPF is listening on this interface, let it see the packet before
-* we push it on the wire.
-*/
-   if (sc->sc_arpcom.ac_if.if_bpf)
-   bpf_tap(sc->sc_arpcom.ac_if.if_bpf,
-   sc->xmit_cbuffs[sc->xctail],
-   sc->xmit_buffs[sc->xctail]->ie_xmit_flags,
-   BPF_DIRECTION_OUT);
-#endif
-
sc->xmit_buffs[sc->xctail]->ie_xmit_flags |= IE_XMIT_LAST;
sc->xmit_buffs[sc->xctail]->ie_xmit_next = 0x;
sc->xmit_buffs[sc->xctail]->ie_xmit_buf =

proxy ARP for ART

[Martin Pieuchot]

Diff below implements proxy ARP using the mpath property of our routing
table.  This solution is not limited to ART and could be used for
different purposes, like putting multicast addresses in the routing
table.  However I'm keeping it under "#ifdef ART" as long as we are not
totally committed to this new routing table.

The new function in net/rtsock.c enforces that at most one private and
one public ARP entry are inserted in a routing table.  I didn't put it
in netinet/if_ether.c because I don't want to spread more "rt_addrinfo"
than we already have.

I'll work on removing the KERNEL_LOCK() around rtable_mpath_next() soon.

With this all ARP and arp(8) regression tests pass.

ok?

Index: net/route.h
===
RCS file: /cvs/src/sys/net/route.h,v
retrieving revision 1.133
diff -u -p -r1.133 route.h
--- net/route.h 26 Mar 2016 21:56:04 -  1.133
+++ net/route.h 29 Mar 2016 09:52:29 -
@@ -136,6 +136,7 @@ struct rtentry {
 #define RTF_BLACKHOLE  0x1000  /* just discard pkts (during updates) */
 #define RTF_PROTO3 0x2000  /* protocol specific routing flag */
 #define RTF_PROTO2 0x4000  /* protocol specific routing flag */
+#define RTF_ANNOUNCE   RTF_PROTO2  /* announce L2 entry */
 #define RTF_PROTO1 0x8000  /* protocol specific routing flag */
 #define RTF_CLONED 0x1 /* this is a cloned route */
 #define RTF_MPATH  0x4 /* multipath route or operation */
Index: net/rtsock.c
===
RCS file: /cvs/src/sys/net/rtsock.c,v
retrieving revision 1.187
diff -u -p -r1.187 rtsock.c
--- net/rtsock.c26 Mar 2016 21:56:04 -  1.187
+++ net/rtsock.c29 Mar 2016 10:07:53 -
@@ -98,6 +98,7 @@ struct walkarg {
 
 introute_ctloutput(int, struct socket *, int, int, struct mbuf **);
 void   route_input(struct mbuf *m0, ...);
+introute_arp_conflict(struct rt_addrinfo *, unsigned int);
 
 struct mbuf*rt_msg1(int, struct rt_addrinfo *);
 int rt_msg2(int, int, struct rt_addrinfo *, caddr_t,
@@ -600,6 +601,10 @@ route_output(struct mbuf *m, ...)
error = EINVAL;
goto flush;
}
+   if (route_arp_conflict(, tableid)) {
+   error = EEXIST;
+   goto flush;
+   }
error = rtrequest(RTM_ADD, , prio, _nrt, tableid);
if (error == 0) {
rt_setmetrics(rtm->rtm_inits, >rtm_rmx,
@@ -884,6 +889,47 @@ fail:
rp->rcb_proto.sp_family = PF_ROUTE;
 
return (error);
+}
+
+/*
+ * Check if the user request to insert an ARP entry does not conflict
+ * with existing ones.
+ *
+ * Only two entries are allowed for a given IP address: a private one
+ * (priv) and a public one (pub).
+ */
+int
+route_arp_conflict(struct rt_addrinfo *info, unsigned int tableid)
+{
+#ifdef ART
+   struct rtentry  *rt;
+   int  proxy = (info->rti_flags & RTF_ANNOUNCE);
+
+   if ((info->rti_flags & RTF_LLINFO) == 0 ||
+   (info->rti_info[RTAX_DST]->sa_family != AF_INET))
+   return (0);
+
+   rt = rtalloc(info->rti_info[RTAX_DST], 0, tableid);
+   if (rt == NULL || !ISSET(rt->rt_flags, RTF_LLINFO)) {
+   rtfree(rt);
+   return (0);
+   }
+
+   /*
+* Same destination and both "priv" or "pub" conflict.
+* If a second entry exists, it always conflict.
+*/
+   if ((ISSET(rt->rt_flags, RTF_ANNOUNCE) == proxy) ||
+   (rtable_mpath_next(rt) != NULL)) {
+   rtfree(rt);
+   return (1);
+   }
+
+   /* No conflict but an entry exist so we need to force mpath. */
+   info->rti_flags |= RTF_MPATH;
+   rtfree(rt);
+#endif /* ART */
+   return (0);
 }
 
 void
Index: netinet/if_ether.c
===
RCS file: /cvs/src/sys/netinet/if_ether.c,v
retrieving revision 1.203
diff -u -p -r1.203 if_ether.c
--- netinet/if_ether.c  24 Mar 2016 07:15:10 -  1.203
+++ netinet/if_ether.c  29 Mar 2016 10:07:12 -
@@ -698,8 +698,20 @@ arplookup(u_int32_t addr, int create, in
}
 
if (proxy && !ISSET(rt->rt_flags, RTF_ANNOUNCE)) {
+   struct rtentry *mrt = NULL;
+#ifdef ART
+   mrt = rt;
+   KERNEL_LOCK();
+   while ((mrt = rtable_mpath_next(mrt)) != NULL) {
+   if (ISSET(mrt->rt_flags, RTF_ANNOUNCE)) {
+   rtref(mrt);
+   break;
+   }
+   }
+   KERNEL_UNLOCK();
+#endif /* ART */
rtfree(rt);
-   return (NULL);
+   return (mrt);
}
 
return (rt);
Index: netinet/if_ether.h

ARP regress fix

[Martin Pieuchot]

It seems to me that the multicast test checks an incorrect MAC.  Diff
below fixes that plus a typo.

Index: Makefile
===
RCS file: /cvs/src/regress/sys/netinet/arp/Makefile,v
retrieving revision 1.4
diff -u -p -r1.4 Makefile
--- Makefile24 Mar 2016 07:11:45 -  1.4
+++ Makefile29 Mar 2016 10:43:52 -
@@ -118,7 +118,7 @@ run-regress-arp-multicast: addr.py
ssh -t ${REMOTE_SSH} ${SUDO} arp -d ${LOCAL_ADDR}
diff old.log new.log | grep '^> ' >diff.log
grep 'bsd: arp info overwritten for ${LOCAL_ADDR} by 33:33:33:33:33:33' 
diff.log
-   grep '^${LOCAL_ADDR} .* ${LOCAL_MAC} ' arp.log
+   grep '^${LOCAL_ADDR} .* 33:33:33:33:33:33 ' arp.log
 
 # Send an ARP probe from the local machine with the remote IP as
 # target.  Sender MAC is local and IP is 0.  The remote machine must
@@ -249,8 +249,8 @@ run-regress-arp-temporary: addr.py
 # Check that no answer is received.
 # Check that the attempt to add an entry is logged.
 # Check that the remote machine keeps its incomplete ARP entry.
-TARGETS += arp-incomlete
-run-regress-arp-incomlete: addr.py
+TARGETS += arp-incomplete
+run-regress-arp-incomplete: addr.py
@echo '\n $@ '
@echo Send ARP Request filling an incomplete entry on other interface
ssh -t ${REMOTE_SSH} logger -t "arp-regress[]" $@

Re: tcp syn cache random reseed

[Martin Pieuchot]

On 28/03/16(Mon) 23:56, Alexander Bluhm wrote:
> On Mon, Mar 21, 2016 at 12:58:41PM +0100, Alexander Bluhm wrote:
> > The attack I see is that you can measure the bucket distribution
> > by timing the SYN+ACK response.  You can collect samples that end
> > in the same bucket.  After you have collected enough, start your
> > DoS attack.  I think that just collecting data is also possible
> > with a strong hash function.  With a weak function you may collect
> > less and can start guessing early on top of that.  But reseeding
> > after a number of packets prevents to collect information over a
> > long peroid.
> 
> The syn cache already detects when it has too many bucket collisions.
> That seems a good moment to reseed the hash function.

Makes sense to me.  The "> 0" check made me wonder.  Can't you simply
use an unsigned variable and always set it to 0?

> ok?

ok mpi@

> Index: netinet/tcp_input.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/tcp_input.c,v
> retrieving revision 1.316
> diff -u -p -r1.316 tcp_input.c
> --- netinet/tcp_input.c   27 Mar 2016 19:19:01 -  1.316
> +++ netinet/tcp_input.c   28 Mar 2016 21:51:20 -
> @@ -3400,6 +3400,12 @@ syn_cache_insert(struct syn_cache *sc, s
>   if (scp->sch_length >= tcp_syn_bucket_limit) {
>   tcpstat.tcps_sc_bucketoverflow++;
>   /*
> +  * Someone might attack our bucket hash function.  Reseed
> +  * with random as soon as the passive syn cache gets empty.
> +  */
> + if (set->scs_use > 0)
> + set->scs_use = 0;
> + /*
>* The bucket is full.  Toss the oldest element in the
>* bucket.  This will be the first entry in the bucket.
>*/
>