Re: grab global lock during acpi_powerdown
On Wed, Aug 03, 2016 at 01:16:11PM +0200, Mark Kettenis wrote:
> > Date: Wed, 3 Aug 2016 13:22:33 +0300
> > From: Paul Irofti
> >
> > Hi,
> >
> > I was looking at fixing powerdown on the x260 Skylake machine and ran
> > into the EC XXX comment from acpi_powerdown().
> >
> > I think that grabbing the global lock before doing the AML calls is a
> > good start.
> >
> > What we are missing now is incrementing the global_lock_count variable
> > from the ACPI thread so that calls to acpi_glk_leave() take into account
> > our hold of the lock.
> >
> > Should we make that a global variable and protect increments and
> > decrements from acpi_glk_{enter,leave}? This way we could also increment
> > it from acpi_powerdown() and that would put an end to this issue.
>
> Where in the acpi spec does it say you have to grab the acpi global lock?
>
> Unless it explicitly says that, we defenitely shouldn't grab it. The
> global lock is all about locking out the firmware, not the acpi
> thread. And by locking out the firmware when we shouldn't, we will
> probably cause hangs on some machines.
>
> I don't think that XXX is a big issue by the way. By the time
> acpi_powerdown() runs we've halted the secondary CPUs and are running
> on the primary CPU anyway. As long as the acpi_powerdown() doesn't
> sleep, the acpi thread shouldn't interfere. And from a firmware
> perspective this is indistinguishable from running the code in the
> acpi thread.
>
> Mike Larkin was talking recently about moving the S5 transition
> handling into acpi_sleep_state(). If that happens it would be trivial
> to run from the acpi thread. That is probably a better strategy to
> get rid of that XXX.
>
Yes, this is a better way. But I have not made much progress there (lack
of time).
-ml
> Cheers,
>
> Mark
>
>
> > Index: acpi.c
> > ===
> > RCS file: /cvs/src/sys/dev/acpi/acpi.c,v
> > retrieving revision 1.313
> > diff -u -p -u -p -r1.313 acpi.c
> > --- acpi.c 28 Jul 2016 21:57:56 - 1.313
> > +++ acpi.c 3 Aug 2016 10:12:15 -
> > @@ -2497,27 +2497,31 @@ fail_tts:
> > return (error);
> > }
> >
> > -/* XXX
> > - * We are going to do AML execution but are not in the acpi thread.
> > - * We do not know if the acpi thread is sleeping on acpiec in some
> > - * intermediate context. Wish us luck.
> > - */
> > void
> > acpi_powerdown(void)
> > {
> > int state = ACPI_STATE_S5, s;
> > struct acpi_softc *sc = acpi_softc;
> > + int st = 0;
> >
> > if (acpi_enabled == 0)
> > return;
> >
> > + /*
> > +* We are going to do AML execution but are not in the acpi thread.
> > +* Grab the global lock to make sure that the acpi thread is not
> > +* sleeping on acpiec in some intermediate context.
> > +*/
> > + while (!st)
> > + st = acpi_acquire_glk(&sc->sc_facs->global_lock);
> > +
> > s = splhigh();
> > disable_intr();
> > cold = 1;
> >
> > /* 1st powerdown AML step: _PTS(tostate) */
> > aml_node_setval(sc, sc->sc_pts, state);
> > -
> > +
> > acpi_disable_allgpes(sc);
> > acpi_enable_wakegpes(sc, state);
> >
> >
> >
>
Re: quiet legacy drivers on amd64
On Mon, Aug 01, 2016 at 04:14:54PM -0500, joshua stein wrote:
> are these complaints really helpful on modern machines?
>
>
Please do not DEBUG these. They are useful for me when testing vmm,
since presently I have neither the nvram or clock laid out right. We
can remove these once I get the mc146818 emulation complete.
-ml
> Index: arch/amd64/amd64/nvram.c
> ===
> RCS file: /cvs/src/sys/arch/amd64/amd64/nvram.c,v
> retrieving revision 1.6
> diff -u -p -u -p -r1.6 nvram.c
> --- arch/amd64/amd64/nvram.c 6 Mar 2016 22:41:24 - 1.6
> +++ arch/amd64/amd64/nvram.c 1 Aug 2016 21:13:09 -
> @@ -64,8 +64,11 @@ nvramattach(int num)
> printf("nvram: initialized\n");
> #endif
> nvram_initialized = 1;
> - } else
> + }
> +#ifdef NVRAM_DEBUG
> + else
> printf("nvram: invalid checksum\n");
> +#endif
> }
>
> int
> Index: arch/amd64/isa/clock.c
> ===
> RCS file: /cvs/src/sys/arch/amd64/isa/clock.c,v
> retrieving revision 1.22
> diff -u -p -u -p -r1.22 clock.c
> --- arch/amd64/isa/clock.c14 Mar 2015 03:38:46 - 1.22
> +++ arch/amd64/isa/clock.c1 Aug 2016 21:13:09 -
> @@ -428,7 +428,7 @@ clock_expandyear(int clockyear)
> cmoscentury = 0;
> splx(s);
> if (!cmoscentury) {
> -#ifdef DIAGNOSTIC
> +#ifdef DEBUG_CLOCK
> printf("clock: unknown CMOS layout\n");
> #endif
> return (clockyear);
>
OpenIKED Keepalive Broken
The logic of ikev2_ike_sa_alive presumes too much, and breaks NAT traversal
when the _actual_ initiator of real traffic (as opposed to merely being the
SA initiator) is behind NAT.
Background: I currently have an IPSec tunnel configured to provide access to
a corporate network from a remote office. The SA initiator peer on the
corporate nework uses DHCP for its address and is behind a NAT gateway. The
passive peer at the remote office has a static routable address. Currently
I'm using isakmpd and everything has been working relatively fine.
I've been wanting to move to IKEv2 (and iked) for various reasons. But
whenever I tried using iked, the tunnel kept becoming unresponsive almost
immediately. I've spent a couple of days, approximately 200 miles of travel,
and a good deal of my reserve of patience trying to figure out what _I_ was
doing wrong or what idiotic firewall rules IT had setup with their fancy new
deep-packet filtering equipment. (Avoiding IT and DevOps and their
fascination with complex firewall and routing rules being a major reason for
managing my own tunnel.) But now I realize the problem was with iked, and
perhaps another classic case of premature optimization/specialization.
isakmpd unconditionally sends NAT-T keepalive messages every 30 seconds,
whereas iked's ikev2_ike_sa_alive only sends a keepalive message iff
`!foundin && foundout`. But that presumes that the SA initiator is also the
initiator of traffic, which definitely isn't the case in my situation, and
seems dubious and unreliable even for real road warriors.
Everything worked again with this simple patch:
diff -u -p -r1.128 ikev2.c
--- ikev2.c 22 Oct 2015 15:55:18 - 1.128
+++ ikev2.c 6 Aug 2016 00:02:55 -
@@ -3270,7 +3270,7 @@ ikev2_ike_sa_alive(struct iked *env, voi
}
/* send probe if any outging SA has been used, but no incoming SA */
- if (!foundin && foundout) {
+ if (1 || (!foundin && foundout)) {
I'd be happy to create a proper patch if someone could explain the purpose
of the conditional logic. I wouldn't want to accidentally break something.
I also wouldn't mind making the keepalive interval configurable--rather than
a compile-time constant--so users could deal with NAT gateways which
aggressively flush state.
Re: nd6 router adv problem: valid lifetime is 0
An update on this. Looking at flags after a hint from phrased - they're not setting the on-link flag (intentionally, to prevent flooding multicast NDs over the wlan, which makes sense) so it's hitting the XXX case in nd6_rtr.c which replaces lifetimes with 0. Non-OpenBSD devices are working ok with this; link local to reach the router, the address is configured on the interface, but no prefix router, it just sends all traffic to the default router. On 5 August 2016 11:56:22 a.m. Stuart Henderson wrote: Running current I am hitting this on the emfcamp network. in6_update_ifa: valid lifetime is 0 for 2a05:e201:0:1224:f00a:ed61:f722:c5d1 It's slightly annoying because the default route *is* added to the table but obviously because the address isn't added the v6 is unusable and causes a bunch of delays. DestinationGatewayFlags Refs Use Mtu Prio Iface defaultfe80::464c:a8ff:fe73:718f%iwn0 UG 03 -56 iwn0 The advs are looking like this; vltime *is* set: 09:54:03.547930 44:4c:a8:73:71:8f 8c:70:5a:62:b7:f8 86dd 118: fe80::464c:a8ff:fe73:718f > fe80::b8d2:a83e:f1af:1c58: icmp6: router advertisement(chlim=64, O, pref=medium, router_ltime=1800, reachable_time=0, retrans_time=0)(src lladdr: 44:4c:a8:73:71:8f)(mtu: mtu=1500)(prefix info: A valid_ltime=2592000, preferred_ltime=604800, prefix=2a05:e201:0:1224::/64) [icmp6 cksum ok] (len 64, hlim 255) : 8c70 5a62 b7f8 444c a873 718f 86dd 6000 .pZb..DL.sq...`. 0010: 0040 3aff fe80 464c ...@:.FL 0020: a8ff fe73 718f fe80 b8d2 ...sq... 0030: a83e f1af 1c58 8600 d384 4040 0708 .>...X@@ 0040: 0101 444c a873 718f 0501 DL.sq... 0050: 05dc 0304 4040 0027 8d00 0009 @@.' 0060: 3a80 2a05 e201 1224 :.*..$.. 0070: .. Anyone have an idea what to poke at?
Re: Perl HTTP Tiny non configurable Timeout
On Fri, Aug 05, 2016 at 05:01:10PM -0400, sven falempin wrote:
> Base perl got a deprecated HTTP Tiny code (0.29),
> one can use a package but base may enjoy the correction
> around or a better one.
I'm planning to update perl in base after I get mod_perl working under a
version > 5.20, which hopefully won't be too far in the future. Doing that
will update IO::Socket::IP to 0.37 which includes the Timeout options.
> # Annoyingly IO::Socket's connect() is where the timeout logic is
>
> Index: IP.pm
> ===
> RCS file: /cvs/src/gnu/usr.bin/perl/cpan/IO-Socket-IP/lib/IO/Socket/IP.pm,v
> retrieving revision 1.1.1.1
> diff -u -p -r1.1.1.1 IP.pm
> --- IP.pm 17 Nov 2014 20:52:48 - 1.1.1.1
> +++ IP.pm 5 Aug 2016 20:53:17 -
> @@ -1,13 +1,13 @@
> # You may distribute under the terms of either the GNU General Public
> License
> # or the Artistic License (the same terms as Perl itself)
> #
> -# (C) Paul Evans, 2010-2014 -- leon...@leonerd.org.uk
> +# (C) Paul Evans, 2010-2015 -- leon...@leonerd.org.uk
>
> package IO::Socket::IP;
> # $VERSION needs to be set before use base 'IO::Socket'
> # - https://rt.cpan.org/Ticket/Display.html?id=92107
> BEGIN {
> - $VERSION = '0.29';
> + $VERSION = '0.38';
> }
>
> use strict;
> @@ -31,7 +31,7 @@ use Socket 1.97 qw(
> my $AF_INET6 = eval { Socket::AF_INET6() }; # may not be defined
> my $AI_ADDRCONFIG = eval { Socket::AI_ADDRCONFIG() } || 0;
> use POSIX qw( dup2 );
> -use Errno qw( EINVAL EINPROGRESS EISCONN );
> +use Errno qw( EINVAL EINPROGRESS EISCONN ENOTCONN ETIMEDOUT EWOULDBLOCK );
>
> use constant HAVE_MSWIN32 => ( $^O eq "MSWin32" );
>
> @@ -265,6 +265,22 @@ If true, set the C sockopt
>
> If true, set the C sockopt
>
> +=item Sockopts => ARRAY
> +
> +An optional array of other socket options to apply after the three listed
> +above. The value is an ARRAY containing 2- or 3-element ARRAYrefs. Each
> inner
> +array relates to a single option, giving the level and option name, and an
> +optional value. If the value element is missing, it will be given the
> value of
> +a platform-sized integer 1 constant (i.e. suitable to enable most of the
> +common boolean options).
> +
> +For example, both options given below are equivalent to setting
> C.
> +
> + Sockopts => [
> +[ SOL_SOCKET, SO_REUSEADDR ],
> +[ SOL_SOCKET, SO_REUSEADDR, pack( "i", 1 ) ],
> + ]
> +
> =item V6Only => BOOL
>
> If defined, set the C sockopt when creating C
> sockets
> @@ -304,6 +320,22 @@ If defined but false, the socket will be
> it will default to blocking mode. See the NON-BLOCKING section below for
> more
> detail.
>
> +=item Timeout => NUM
> +
> +If defined, gives a maximum time in seconds to block per C call
> +when in blocking mode. If missing, no timeout is applied other than that
> +provided by the underlying operating system. When in non-blocking mode this
> +parameter is ignored.
> +
> +Note that if the hostname resolves to multiple address candidates, the same
> +timeout will apply to each connection attempt individually, rather than to
> the
> +operation as a whole. Further note that the timeout does not apply to the
> +initial hostname resolve operation, if connecting by hostname.
> +
> +This behviour is copied inspired by C; for more fine
> grained
> +control over connection timeouts, consider performing a nonblocking connect
> +directly.
> +
> =back
>
> If neither C nor C hints are provided, a default of
> @@ -380,6 +412,12 @@ sub _io_socket_ip__configure
> my @localinfos;
> my @peerinfos;
>
> + my $listenqueue = $arg->{Listen};
> + if( defined $listenqueue and
> + ( defined $arg->{PeerHost} || defined $arg->{PeerService} ||
> defined $arg->{PeerAddrInfo} ) ) {
> + croak "Cannot Listen with a peer address";
> + }
> +
> if( defined $arg->{GetAddrInfoFlags} ) {
>$hints{flags} = $arg->{GetAddrInfoFlags};
> }
> @@ -425,11 +463,17 @@ sub _io_socket_ip__configure
>ref $info eq "ARRAY" or croak "Expected 'LocalAddrInfo' to be an
> ARRAY ref";
>@localinfos = @$info;
> }
> - elsif( defined $arg->{LocalHost} or defined $arg->{LocalService} ) {
> + elsif( defined $arg->{LocalHost} or
> + defined $arg->{LocalService} or
> + HAVE_MSWIN32 and $arg->{Listen} ) {
># Either may be undef
>my $host = $arg->{LocalHost};
>my $service = $arg->{LocalService};
>
> + unless ( defined $host or defined $service ) {
> + $service = 0;
> + }
> +
>local $1; # Placate a taint-related bug; [perl #67962]
>defined $service and $service =~ s/\((\d+)\)$// and
> my $fallback_port = $1;
> @@ -476,14 +520,27 @@ sub _io_socket_ip__configure
>}
> }
>
> + my $INT_1 = pack "i", 1;
> +
> my @sockopts_enabled;
> - push @sockopts_enabled, SO_REUSEADDR if $arg->{ReuseAddr};
> - push @sockopts_enabled, SO_REUSEPORT if $arg->{ReusePort};
> - pus
Perl HTTP Tiny non configurable Timeout
Base perl got a deprecated HTTP Tiny code (0.29),
one can use a package but base may enjoy the correction
around or a better one.
# Annoyingly IO::Socket's connect() is where the timeout logic is
Index: IP.pm
===
RCS file: /cvs/src/gnu/usr.bin/perl/cpan/IO-Socket-IP/lib/IO/Socket/IP.pm,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 IP.pm
--- IP.pm 17 Nov 2014 20:52:48 - 1.1.1.1
+++ IP.pm 5 Aug 2016 20:53:17 -
@@ -1,13 +1,13 @@
# You may distribute under the terms of either the GNU General Public
License
# or the Artistic License (the same terms as Perl itself)
#
-# (C) Paul Evans, 2010-2014 -- leon...@leonerd.org.uk
+# (C) Paul Evans, 2010-2015 -- leon...@leonerd.org.uk
package IO::Socket::IP;
# $VERSION needs to be set before use base 'IO::Socket'
# - https://rt.cpan.org/Ticket/Display.html?id=92107
BEGIN {
- $VERSION = '0.29';
+ $VERSION = '0.38';
}
use strict;
@@ -31,7 +31,7 @@ use Socket 1.97 qw(
my $AF_INET6 = eval { Socket::AF_INET6() }; # may not be defined
my $AI_ADDRCONFIG = eval { Socket::AI_ADDRCONFIG() } || 0;
use POSIX qw( dup2 );
-use Errno qw( EINVAL EINPROGRESS EISCONN );
+use Errno qw( EINVAL EINPROGRESS EISCONN ENOTCONN ETIMEDOUT EWOULDBLOCK );
use constant HAVE_MSWIN32 => ( $^O eq "MSWin32" );
@@ -265,6 +265,22 @@ If true, set the C sockopt
If true, set the C sockopt
+=item Sockopts => ARRAY
+
+An optional array of other socket options to apply after the three listed
+above. The value is an ARRAY containing 2- or 3-element ARRAYrefs. Each
inner
+array relates to a single option, giving the level and option name, and an
+optional value. If the value element is missing, it will be given the
value of
+a platform-sized integer 1 constant (i.e. suitable to enable most of the
+common boolean options).
+
+For example, both options given below are equivalent to setting
C.
+
+ Sockopts => [
+[ SOL_SOCKET, SO_REUSEADDR ],
+[ SOL_SOCKET, SO_REUSEADDR, pack( "i", 1 ) ],
+ ]
+
=item V6Only => BOOL
If defined, set the C sockopt when creating C
sockets
@@ -304,6 +320,22 @@ If defined but false, the socket will be
it will default to blocking mode. See the NON-BLOCKING section below for
more
detail.
+=item Timeout => NUM
+
+If defined, gives a maximum time in seconds to block per C call
+when in blocking mode. If missing, no timeout is applied other than that
+provided by the underlying operating system. When in non-blocking mode this
+parameter is ignored.
+
+Note that if the hostname resolves to multiple address candidates, the same
+timeout will apply to each connection attempt individually, rather than to
the
+operation as a whole. Further note that the timeout does not apply to the
+initial hostname resolve operation, if connecting by hostname.
+
+This behviour is copied inspired by C; for more fine
grained
+control over connection timeouts, consider performing a nonblocking connect
+directly.
+
=back
If neither C nor C hints are provided, a default of
@@ -380,6 +412,12 @@ sub _io_socket_ip__configure
my @localinfos;
my @peerinfos;
+ my $listenqueue = $arg->{Listen};
+ if( defined $listenqueue and
+ ( defined $arg->{PeerHost} || defined $arg->{PeerService} ||
defined $arg->{PeerAddrInfo} ) ) {
+ croak "Cannot Listen with a peer address";
+ }
+
if( defined $arg->{GetAddrInfoFlags} ) {
$hints{flags} = $arg->{GetAddrInfoFlags};
}
@@ -425,11 +463,17 @@ sub _io_socket_ip__configure
ref $info eq "ARRAY" or croak "Expected 'LocalAddrInfo' to be an
ARRAY ref";
@localinfos = @$info;
}
- elsif( defined $arg->{LocalHost} or defined $arg->{LocalService} ) {
+ elsif( defined $arg->{LocalHost} or
+ defined $arg->{LocalService} or
+ HAVE_MSWIN32 and $arg->{Listen} ) {
# Either may be undef
my $host = $arg->{LocalHost};
my $service = $arg->{LocalService};
+ unless ( defined $host or defined $service ) {
+ $service = 0;
+ }
+
local $1; # Placate a taint-related bug; [perl #67962]
defined $service and $service =~ s/\((\d+)\)$// and
my $fallback_port = $1;
@@ -476,14 +520,27 @@ sub _io_socket_ip__configure
}
}
+ my $INT_1 = pack "i", 1;
+
my @sockopts_enabled;
- push @sockopts_enabled, SO_REUSEADDR if $arg->{ReuseAddr};
- push @sockopts_enabled, SO_REUSEPORT if $arg->{ReusePort};
- push @sockopts_enabled, SO_BROADCAST if $arg->{Broadcast};
+ push @sockopts_enabled, [ SOL_SOCKET, SO_REUSEADDR, $INT_1 ] if
$arg->{ReuseAddr};
+ push @sockopts_enabled, [ SOL_SOCKET, SO_REUSEPORT, $INT_1 ] if
$arg->{ReusePort};
+ push @sockopts_enabled, [ SOL_SOCKET, SO_BROADCAST, $INT_1 ] if
$arg->{Broadcast};
+
+ if( my $sockopts = $arg->{Sockopts} ) {
+ ref $sockopts eq "ARRAY" or croak "Expected 'Sockopts' to be an
ARRAY ref";
+ foreach ( @$sockopts ) {
+ ref $_ eq "ARRAY" or croak "Bad Sockopts item - expected
ARRAYref";
vxlan 2/2: ipv6 tunnel support
Hi,
this diff adds support for tunneling VXLAN over IPv6,
roughly based on an older diff from yasuoka@ and/or goda@.
It currently only supports unicast and not IPv6 multicast mode.
ifconfig vxlan6 tunnel fd00::1 fd00::2 10.1.6.1/24 vnetid 6 up
This diff also includes the previous multicast flags fix.
OK?
Reyk
Index: sys/net/if_vxlan.c
===
RCS file: /cvs/src/sys/net/if_vxlan.c,v
retrieving revision 1.38
diff -u -p -u -p -r1.38 if_vxlan.c
--- sys/net/if_vxlan.c 13 Apr 2016 11:41:15 - 1.38
+++ sys/net/if_vxlan.c 5 Aug 2016 20:18:29 -
@@ -82,8 +82,8 @@ void vxlanstart(struct ifnet *);
int vxlan_clone_create(struct if_clone *, int);
int vxlan_clone_destroy(struct ifnet *);
voidvxlan_multicast_cleanup(struct ifnet *);
-int vxlan_multicast_join(struct ifnet *, struct sockaddr_in *,
- struct sockaddr_in *);
+int vxlan_multicast_join(struct ifnet *, struct sockaddr *,
+ struct sockaddr *);
int vxlan_media_change(struct ifnet *);
voidvxlan_media_status(struct ifnet *, struct ifmediareq *);
int vxlan_config(struct ifnet *, struct sockaddr *, struct sockaddr *);
@@ -92,6 +92,9 @@ void vxlan_addr_change(void *);
voidvxlan_if_change(void *);
voidvxlan_link_change(void *);
+int vxlan_sockaddr_cmp(struct sockaddr *, struct sockaddr *);
+uint16_t vxlan_sockaddr_port(struct sockaddr *);
+
struct if_clonevxlan_cloner =
IF_CLONE_INITIALIZER("vxlan", vxlan_clone_create, vxlan_clone_destroy);
@@ -158,7 +161,7 @@ vxlan_clone_create(struct if_clone *ifc,
* at least 1550 bytes. The following is disabled by default.
*/
ifp->if_mtu = ETHERMTU - sizeof(struct ether_header);
- ifp->if_mtu -= sizeof(struct vxlanudpiphdr);
+ ifp->if_mtu -= sizeof(struct vxlanudphdr) + sizeof(struct ipovly);
#endif
LIST_INSERT_HEAD(&vxlan_tagh[VXLAN_TAGHASH(0)], sc, sc_entry);
@@ -223,27 +226,42 @@ vxlan_multicast_cleanup(struct ifnet *if
}
int
-vxlan_multicast_join(struct ifnet *ifp, struct sockaddr_in *src,
-struct sockaddr_in *dst)
+vxlan_multicast_join(struct ifnet *ifp, struct sockaddr *src,
+struct sockaddr *dst)
{
struct vxlan_softc *sc = ifp->if_softc;
struct ip_moptions *imo = &sc->sc_imo;
+ struct sockaddr_in *src4, *dst4;
+ struct sockaddr_in6 *dst6;
struct ifaddr *ifa;
struct ifnet*mifp;
- if (!IN_MULTICAST(dst->sin_addr.s_addr))
- return (0);
+ if (dst->sa_family == AF_INET) {
+ dst4 = satosin(dst);
+ if (!IN_MULTICAST(dst4->sin_addr.s_addr))
+ return (0);
+ } else if (dst->sa_family == AF_INET6) {
+ dst6 = satosin6(dst);
+ if (!IN6_IS_ADDR_MULTICAST(&dst6->sin6_addr))
+ return (0);
+
+ /* Multicast mode is currently not supported for IPv6 */
+ return (EAFNOSUPPORT);
+ }
- if (src->sin_addr.s_addr == INADDR_ANY ||
- IN_MULTICAST(src->sin_addr.s_addr))
+ src4 = satosin(src);
+ dst4 = satosin(dst);
+
+ if (src4->sin_addr.s_addr == INADDR_ANY ||
+ IN_MULTICAST(src4->sin_addr.s_addr))
return (EINVAL);
- if ((ifa = ifa_ifwithaddr(sintosa(src), sc->sc_rdomain)) == NULL ||
+ if ((ifa = ifa_ifwithaddr(src, sc->sc_rdomain)) == NULL ||
(mifp = ifa->ifa_ifp) == NULL ||
(mifp->if_flags & IFF_MULTICAST) == 0)
return (EADDRNOTAVAIL);
if ((imo->imo_membership[0] =
- in_addmulti(&dst->sin_addr, mifp)) == NULL)
+ in_addmulti(&dst4->sin_addr, mifp)) == NULL)
return (ENOBUFS);
imo->imo_num_memberships++;
@@ -295,34 +313,39 @@ int
vxlan_config(struct ifnet *ifp, struct sockaddr *src, struct sockaddr *dst)
{
struct vxlan_softc *sc = (struct vxlan_softc *)ifp->if_softc;
- struct sockaddr_in *src4, *dst4;
- int reset = 0, error;
+ int reset = 0, error, af;
+ socklen_tslen;
+ in_port_tport;
if (src != NULL && dst != NULL) {
- /* XXX inet6 is not supported */
- if (src->sa_family != AF_INET || dst->sa_family != AF_INET)
+ if ((af = src->sa_family) != dst->sa_family)
return (EAFNOSUPPORT);
} else {
/* Reset current configuration */
+ af = sc->sc_src.ss_family;
src = (struct sockaddr *)&sc->sc_src;
dst = (struct sockaddr *)&sc->sc_dst;
reset = 1;
}
- src4 = satosin(src);
- dst4 = satosin(dst);
+ if (af == AF_INET)
+ slen = sizeof(struct sockaddr_in);
+ else if (af == AF_INET6)
+
vxlan 1/2: multicast fix
Hi, VXLAN has to clear all multicast flags from the outer packet after decapsulating the mbuf. This fixes things like ARP in VXLAN multicast tunnels. It used to work ... but simply clearing M_MCAST and M_BCAST is a practical approach that is also found in other L2 tunnel drivers. OK? Reyk Index: sys/net/if_vxlan.c === RCS file: /cvs/src/sys/net/if_vxlan.c,v retrieving revision 1.38 diff -u -p -u -p -r1.38 if_vxlan.c --- sys/net/if_vxlan.c 13 Apr 2016 11:41:15 - 1.38 +++ sys/net/if_vxlan.c 5 Aug 2016 20:20:27 - @@ -562,11 +562,7 @@ vxlan_lookup(struct mbuf *m, struct udph memcpy(sa, srcsa, sa->sa_len); #endif - /* Clear multicast flag from the outer packet */ - if (sc->sc_imo.imo_num_memberships > 0 && - m->m_flags & (M_MCAST) && - !ETHER_IS_MULTICAST(eh->ether_dhost)) - m->m_flags &= ~M_MCAST; + m->m_flags &= ~(M_MCAST|M_BCAST); #if NPF > 0 pf_pkt_addr_changed(m);
Re: fix usermod -Z / -S
Here is a diff to remove the encrypted password length check. I
don't believe that user(8) has any business mucking about with
either existing encrypted passwords in master.password or with the
password specified by the user.
This also eliminates the exceptionally ugly 13 '*' character entries
that I have always despised.
- todd
Index: usr.sbin/user/user.c
===
RCS file: /cvs/src/usr.sbin/user/user.c,v
retrieving revision 1.111
diff -u -p -u -r1.111 user.c
--- usr.sbin/user/user.c3 May 2016 21:05:14 - 1.111
+++ usr.sbin/user/user.c5 Aug 2016 18:57:30 -
@@ -164,9 +164,6 @@ enum {
MaxUserNameLen = _PW_NAME_LEN,
MaxCommandLen = 2048,
PasswordLength = _PASSWORD_LEN,
-
- DES_Len = 13,
-
LowGid = DEF_LOWUID,
HighGid = DEF_HIGHUID
};
@@ -855,51 +852,6 @@ getnextuid(int sync_uid_gid, uid_t *uid,
return 0;
}
-/* structure which defines a password type */
-typedef struct passwd_type_t {
- const char *type; /* optional type descriptor */
- int desc_length;/* length of type descriptor */
- int length; /* length of password */
-} passwd_type_t;
-
-#define NBLF "$2b"
-#define BLF "$2a"
-#define MD5 "$1"
-#define DES ""
-
-static passwd_type_t passwd_types[] = {
- { NBLF, 3, 54 }, /* Blowfish bcrypt version 2b */
- { BLF, 3, 54 }, /* Blowfish */
- { MD5, 2, 34 }, /* MD5 */
- { DES, 0, DES_Len }, /* standard DES */
- { NULL, -1, -1 } /* none - terminate search */
-};
-
-/* return non-zero if it's a valid password - check length for cipher type */
-static int
-valid_password_length(char *newpasswd)
-{
- passwd_type_t *pwtp;
-
- for (pwtp = passwd_types ; pwtp->desc_length >= 0 ; pwtp++) {
- if (strncmp(newpasswd, pwtp->type, pwtp->desc_length) == 0) {
- char *p;
-
- if (strcmp(pwtp->type, BLF) != 0 &&
- strcmp(pwtp->type, NBLF) != 0) {
- return strlen(newpasswd) == pwtp->length;
- }
- /* Skip first three `$'. */
- if ((p = strchr(newpasswd, '$')) == NULL ||
- *(++p) == '$' || (p = strchr(p, '$')) == NULL ||
- *(++p) == '$' || (p = strchr(p, '$')) == NULL)
- continue;
- return (strlen(p) - 1);
- }
- }
- return 0;
-}
-
/* look for a valid time, return 0 if it was specified but bad */
static int
scantime(time_t *tp, char *s)
@@ -1130,16 +1082,8 @@ adduser(char *login_name, user_t *up)
warnx("Warning: home directory `%s' doesn't exist, and -m was"
" not specified", home);
}
- if (up->u_password != NULL && valid_password_length(up->u_password)) {
- (void) strlcpy(password, up->u_password, sizeof(password));
- } else {
- (void) memset(password, '*', DES_Len);
- password[DES_Len] = 0;
- if (up->u_password != NULL) {
- warnx("Password `%s' is invalid: setting it to `%s'",
- up->u_password, password);
- }
- }
+ (void) strlcpy(password, up->u_password ? up->u_password : "*",
+ sizeof(password));
cc = snprintf(buf, sizeof(buf), "%s:%s:%u:%u:%s:%lld:%lld:%s:%s:%s\n",
login_name,
password,
@@ -1476,15 +1420,8 @@ moduser(char *login_name, char *newlogin
}
}
if (up->u_flags & F_PASSWORD) {
- if (up->u_password != NULL) {
- if (!valid_password_length(up->u_password)) {
- (void) close(ptmpfd);
- pw_abort();
- errx(EXIT_FAILURE, "Invalid password:
`%s'",
- up->u_password);
- }
+ if (up->u_password != NULL)
pwp->pw_passwd = up->u_password;
- }
}
if (up->u_flags & F_ACCTLOCK) {
/* lock the account */
@@ -2028,7 +1965,6 @@ userdel(int argc, char **argv)
{
struct passwd *pwp;
user_t u;
- charpassword[PasswordLength + 1];
int defaultfield;
int rmhome;
int bigD;
@@ -2086,9 +2022,7 @@ userdel(int argc, char **argv)
if (u.u_preserve) {
u.u_flags |= F_SHELL;
memsave(&u.u_shell, NOLOGIN, strlen(NOLOGIN));
-
Re: Update: FreeType 2.6.5
On Fri, Aug 5, 2016 at 2:41 PM, Matthieu Herrb wrote: > On Thu, Aug 04, 2016 at 10:55:29AM +0200, David Coppa wrote: >> >> Here's the update to the latest freetype. >> >> $ check_sym >> /usr/X11R6/lib/libfreetype.so.25.0 --> obj/libfreetype.so.25.0 >> Dynamic export changes: >> added: >> [ bunch deleted] >> And thus I've bumped minor to 1. > > Theo recommends to not commit stuff with ABI changes until the ports > start building again (and some commits were reverted earlier this week > because of that). > > So please hold on a bit... Sure, no problems. > PS: I've an update to fontconfig 2.12 (and soon 2.12.1) ready, but > waiting because of that. Great! I was just starting to work on an update of fontconfig... Ciao! David -- "If you try a few times and give up, you'll never get there. But if you keep at it... There's a lot of problems in the world which can really be solved by applying two or three times the persistence that other people will." -- Stewart Nelson
Re: Update: FreeType 2.6.5
On Thu, Aug 04, 2016 at 10:55:29AM +0200, David Coppa wrote: > > Here's the update to the latest freetype. > > $ check_sym > /usr/X11R6/lib/libfreetype.so.25.0 --> obj/libfreetype.so.25.0 > Dynamic export changes: > added: > [ bunch deleted] > And thus I've bumped minor to 1. Theo recommends to not commit stuff with ABI changes until the ports start building again (and some commits were reverted earlier this week because of that). So please hold on a bit... PS: I've an update to fontconfig 2.12 (and soon 2.12.1) ready, but waiting because of that. -- Matthieu Herrb pgpQhFEbWMcFf.pgp Description: PGP signature
nd6 router adv problem: valid lifetime is 0
Running current I am hitting this on the emfcamp network. in6_update_ifa: valid lifetime is 0 for 2a05:e201:0:1224:f00a:ed61:f722:c5d1 It's slightly annoying because the default route *is* added to the table but obviously because the address isn't added the v6 is unusable and causes a bunch of delays. DestinationGatewayFlags Refs Use Mtu Prio Iface defaultfe80::464c:a8ff:fe73:718f%iwn0 UG 0 3 -56 iwn0 The advs are looking like this; vltime *is* set: 09:54:03.547930 44:4c:a8:73:71:8f 8c:70:5a:62:b7:f8 86dd 118: fe80::464c:a8ff:fe73:718f > fe80::b8d2:a83e:f1af:1c58: icmp6: router advertisement(chlim=64, O, pref=medium, router_ltime=1800, reachable_time=0, retrans_time=0)(src lladdr: 44:4c:a8:73:71:8f)(mtu: mtu=1500)(prefix info: A valid_ltime=2592000, preferred_ltime=604800, prefix=2a05:e201:0:1224::/64) [icmp6 cksum ok] (len 64, hlim 255) : 8c70 5a62 b7f8 444c a873 718f 86dd 6000 .pZb..DL.sq...`. 0010: 0040 3aff fe80 464c ...@:.FL 0020: a8ff fe73 718f fe80 b8d2 ...sq... 0030: a83e f1af 1c58 8600 d384 4040 0708 .>...X@@ 0040: 0101 444c a873 718f 0501 DL.sq... 0050: 05dc 0304 4040 0027 8d00 0009 @@.' 0060: 3a80 2a05 e201 1224 :.*..$.. 0070: .. Anyone have an idea what to poke at?
[patch] src/usr.bin/m4/eval.c function passed as argument to MIN()
Hi tech,
I noticed that atoi(3)/expr() is called within min() macro.
Both atoi(3) and expr() return int.
Store result in temporary variable so we don't call the function twice?
- Michael
Index: eval.c
===
RCS file: /cvs/src/usr.bin/m4/eval.c,v
retrieving revision 1.74
diff -u -p -u -r1.74 eval.c
--- eval.c 5 Feb 2015 12:59:57 - 1.74
+++ eval.c 5 Aug 2016 06:24:57 -
@@ -871,12 +871,15 @@ dosub(const char *argv[], int argc)
fc = ap + atoi(argv[3]); /* first char */
#endif
nc = strlen(fc);
- if (argc >= 5)
+ if (argc >= 5) {
+ int e;
#ifdef EXPR
- nc = min(nc, expr(argv[4]));
+ e = expr(argv[4]);
#else
- nc = min(nc, atoi(argv[4]));
+ e = atoi(argv[4]);
#endif
+ nc = min(nc, e);
+ }
if (fc >= ap && fc < ap + strlen(ap))
for (k = fc + nc - 1; k >= fc; k--)
pushback(*k);
gethostbyname(3) RES_OPTIONS
Hello tech@, In gethostbyname(3) the RES_OPTIONS refers to resolver(3), which in turn merely refers to resolv.conf(5). So why not make the referral directly? martijn@ Index: gethostbyname.3 === RCS file: /cvs/src/lib/libc/net/gethostbyname.3,v retrieving revision 1.30 diff -u -p -r1.30 gethostbyname.3 --- gethostbyname.3 19 Dec 2015 18:59:10 - 1.30 +++ gethostbyname.3 5 Aug 2016 07:20:14 - @@ -177,7 +177,7 @@ with argument .It RES_OPTIONS A list of options to override the resolver's internal defaults. See -.Xr resolver 3 +.Xr resolv.conf 5 for more information. .El .Sh FILES
