Re: armv7/omap: amdisplay(4)

[Ian Sutton]

Work on amdisplay(4) continues uneventfully. It is very nearly complete,
just need to fix some DMA issues I am having trouble with.

Ian

Index: arch/armv7/conf/GENERIC
===
RCS file: /cvs/src/sys/arch/armv7/conf/GENERIC,v
retrieving revision 1.45
diff -u -p -r1.45 GENERIC
--- arch/armv7/conf/GENERIC 11 Aug 2016 04:33:06 -  1.45
+++ arch/armv7/conf/GENERIC 2 Sep 2016 05:12:54 -
@@ -70,6 +70,7 @@ omgpio*   at fdt? # user-visible 
GPIO p
 gpio*  at omgpio?
 tiiic* at fdt?
 iic*   at tiiic?
+nxptda*at iic?
 gptimer*   at omap?# general purpose timers
 dmtimer*   at omap?# am335x dual mode timers
 omusbtll*  at omap?
@@ -77,6 +78,7 @@ cpsw* at fdt?
 com*   at fdt? # onboard uarts
 ommmc* at fdt? # SD/MMC card controller
 sdmmc* at ommmc?   # SD/MMC bus
+amdisplay* at fdt? # LCD controller
 
 omehci*at fdt? # EHCI
 usb*   at omehci?
Index: arch/armv7/omap/am335x_prcmreg.h
===
RCS file: /cvs/src/sys/arch/armv7/omap/am335x_prcmreg.h,v
retrieving revision 1.4
diff -u -p -r1.4 am335x_prcmreg.h
--- arch/armv7/omap/am335x_prcmreg.h18 Mar 2014 07:34:17 -  1.4
+++ arch/armv7/omap/am335x_prcmreg.h2 Sep 2016 05:06:06 -
@@ -20,6 +20,7 @@
 #define AM335X_CLKCTRL_MODULEMODE_MASK 0x0003
 
 #define PRCM_AM335X_CM_PER 0x
+#define PRCM_AM335X_LCDC_CLKCTRL   0x0018
 #define PRCM_AM335X_USB0_CLKCTRL   0x001c
 #define PRCM_AM335X_TPTC0_CLKCTRL  0x0024
 #define PRCM_AM335X_MMC0_CLKCTRL   0x003c
@@ -38,6 +39,10 @@
 #define PRCM_AM335X_CM_WKUP0x0400
 #define PRCM_AM335X_GPIO0_CLKCTRL  0x0408
 #define PRCM_AM335X_TIMER0_CLKCTRL 0x0410
+#define PRCM_AM335X_DISP_IDLEST0x0448
+#define PRCM_AM335X_DISP_CLKSEL0x0454
+#define PRCM_AM335X_DISP_CLKMODE   0x0498
+#define PRCM_AM335X_DISP_M20x04a4
 #define PRCM_AM335X_I2C0_CLKCTRL   0x04b8
 #define PRCM_AM335X_CM_DPLL0x0500
 #define PRCM_AM335X_CLKSEL_TIMER2_CLK  0x0508
Index: arch/armv7/omap/amdisplay.c
===
RCS file: arch/armv7/omap/amdisplay.c
diff -N arch/armv7/omap/amdisplay.c
--- /dev/null   1 Jan 1970 00:00:00 -
+++ arch/armv7/omap/amdisplay.c 2 Sep 2016 05:06:06 -
@@ -0,0 +1,643 @@
+/*
+ * Copyright (c) 2016 Ian Sutton 
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+#include 
+
+#include 
+#include 
+#include 
+
+#define DEVNAME(_s) ((_s)->sc_dev.dv_xname)
+
+#define HREAD4(sc, reg)
\
+   (bus_space_read_4((sc)->sc_iot, (sc)->sc_ioh, (reg)))
+#define HWRITE4(sc, reg, val)  \
+   bus_space_write_4((sc)->sc_iot, (sc)->sc_ioh, (reg), (val))
+#define HSET4(sc, reg, bits)   \
+   HWRITE4((sc), (reg), HREAD4((sc), (reg)) | (bits))
+#define HCLR4(sc, reg, bits)   \
+   HWRITE4((sc), (reg), HREAD4((sc), (reg)) & ~(bits))
+
+struct amdisplay_softc {
+   struct device   sc_dev;
+   bus_space_tag_t sc_iot;
+   bus_space_handle_t  sc_ioh;
+   bus_dma_tag_t   sc_dmat;
+   void*sc_ih;
+
+   struct edid_info*sc_edid;
+   struct videomode*sc_active_mode;
+   int sc_active_depth;
+
+   bus_dmamap_tsc_fb0_dma;
+// bus_dmamap_tsc_fb1_dma;
+   bus_dma_segment_t   sc_fb0_dma_segs[1];
+// bus_dma_segment_t   sc_fb1_dma_segs[1];
+   void*sc_fb0;
+// void*sc_fb1;
+   int sc_fb_dma_nsegs;
+   bus_size_t  

[patch] www . plat.html - validation nitpick

[lists]

Thu, 1 Sep 2016 09:15:29 -0600 (MDT) T.J. Townsend 
> CVSROOT:  /cvs
> Module name:  www
> Changes by:   t...@cvs.openbsd.org2016/09/01 09:15:29
> 
> Modified files:
>   .  : plat.html sparc.html 
>   faq: faq1.html 
> 
> Log message:
> sparc did not have a 6.0 release.
> 

Hi tech@,

[http://validator.w3.org/check?uri=http://www.openbsd.org/plat.html]
[http://www.htmlhelp.org/cgi-bin/validate.cgi?url=http://www.openbsd.org/plat.html]

Tweak previous: rejoin a left behind table row open tag with its block.

Kind regards,
Anton

$ diff -u plat.html-1.14{2,3}
--- plat.html-1.142 Fri Sep  2 03:18:29 2016
+++ plat.html-1.143 Fri Sep  2 03:19:57 2016
@@ -193,10 +193,10 @@
 Solbourne ``IDT'' Sparc-like S3000, S4000 and S4000DX systems
 
 
-
 sparc
 Sun sun4, sun4c, sun4e and sun4m class SPARC systems
 
+
 sun3
 Sun sun3 class systems
 

Re: constify auth functions

[Todd C. Miller]

On Thu, 01 Sep 2016 13:27:49 -0400, "Ted Unangst" wrote:

> Ted Unangst wrote:
> > I'm getting annoying warnings because these functions aren't const.
> 
> so
> 
> turns out several of these functions *do* modify their parameters. which is
> probably chaos, because i think we sometimes call them with const parameters.

I think you'll have to constify login_cap(3) first since the auth
functions call into login_cap(3).

 - todd

Re: switch the cubie miniroot to cubieboard2

[Chris Cappuccio]

si...@slackware.it [si...@slackware.it] wrote:
> Speaking as a Cubieboard owner here ;-)
> Would it be too much hassle to provide both images? (and a pony!)
> 

It's fairly easy to take a miniroot image for a similar board, and
adapt it to your board.

Since both the Cubieboard and Cubieboard2 are Allwinner based,
the miniroot's general structure does not change.

1. Install u-boot-2016.07p1 from ports/packages (packages if you don't
want to wait all day)

2. Examine /usr/src/distrib/armv7/ramdisk/install.md and find
a similar board (same or similar chipset).

3. Find the proper u-boot/dtb stuff in /usr/local/share/u-boot

4. Download the miniroot image for a board that has the same
or similar chipset to your board

5. vnconfig vnd0 miniroot.fs

6. Install proper u-boot image to the miniroot image. The install.md
file tells you how to copy the proper u-boot/dtb over. For instance,
Cubieboard is Allwinner A10/A20, and my Lime is A20.

install.md says:

cubie)
dd if=$_mdec/u-boot-sunxi-with-spl.bin of=${_disk}c \
bs=1024 seek=8 >/dev/null 2>&1

So, to get my Lime or Lime2 working, I do this:

dd if=/usr/local/share/u-boot/A20-OLinuXino-Lime2/u-boot-sunxi-with-spl.bin 
of=/dev/rvnd0c bs=1024 seek=8

(Note: Lime and lime2 bootloaders will appear to work on both boards,
but if you don't use the right one, the Realtek ethernet PHY will
not be properly initialized.)

7. vnconfig -u vnd0

8. Write miniroot.fs to your SD card

You don't have to use vnd, but this is conceptually simpler
and less error prone than trying to chop it up with dd.

Chris

NULL deref in usb_set_config_index()

[Martin Pieuchot]

Diff attached fix two NULL dereferences in usb_set_config_index().

Index: usb_subr.c
===
RCS file: /cvs/src/sys/dev/usb/usb_subr.c,v
retrieving revision 1.123
diff -u -p -r1.123 usb_subr.c
--- usb_subr.c	23 May 2016 11:31:12 -	1.123
+++ usb_subr.c	1 Sep 2016 17:30:35 -
@@ -654,17 +654,20 @@ usbd_set_config_index(struct usbd_device
 		/* We are unconfiguring the device, so leave unallocated. */
 		DPRINTF(("usbd_set_config_index: set config 0\n"));
 		err = usbd_set_config(dev, USB_UNCONFIG_NO);
-		if (err)
+		if (err) {
 			DPRINTF(("usbd_set_config_index: setting config=0 "
  "failed, error=%s\n", usbd_errstr(err)));
+		}
 		return (err);
 	}
 
 	/* Get the short descriptor. */
 	err = usbd_get_desc(dev, UDESC_CONFIG, index,
 	USB_CONFIG_DESCRIPTOR_SIZE, );
-	if (err || cd.bDescriptorType != UDESC_CONFIG)
+	if (err)
 		return (err);
+	if (cd.bDescriptorType != UDESC_CONFIG)
+		return (USBD_INVAL);
 	len = UGETW(cd.wTotalLength);
 	cdp = malloc(len, M_USB, M_NOWAIT);
 	if (cdp == NULL)

Re: constify auth functions

[Ted Unangst]

Ted Unangst wrote:
> I'm getting annoying warnings because these functions aren't const.

so

turns out several of these functions *do* modify their parameters. which is
probably chaos, because i think we sometimes call them with const parameters.

Re: Drop IPSec traffic that should be encapsulated but is not

[Claer]

On Thu, Sep 01 2016 at 46:18, Vincent Gross wrote:
> On Thu, 1 Sep 2016 18:02:14 +0200
> Claer  wrote:
> 
> > Hello,
> > 
> > In some production systems, I'm still using an old patch to isakmpd for
> > Nat-t.  When negociating SAs with ASA peers and OpenBSD is nated, you have
> > issues during negociation. The following discutions explain the issue
> > 
> > http://openbsd.7691.n7.nabble.com/isakmpd-NAT-T-interoperability-td173004.html
> > http://marc.info/?l=openbsd-tech=139140140105433=2
> > 
> > I think the patch is related to the parts of the code you are working on.
> > 
> 
> Actually it is not. The issue you are referencing is in isakmpd,
> whereas the diff below is in the OpenBSD kernel. Totally different
> stuff. I do not plan to look at isakmpd at the moment, as it only
> supports IKEv1, and its code is nearly twice the size of iked.
> 
> I do not have Cisco gear available to test, is this issue present when
> opening NAT-T tunnels with iked ?

Sorry I overlooked your diff. Unfortunately I didn't have the opportunity
to test with an ASA and iked. I don't have any ASA on hand (usually they are
on the client's side :))

> Cheers
Thanks for your time!

Claer

> > Would you mind looking at this issue also? :)
> > 
> > Thanks!
> > 
> > Claer
> > 
> > On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote:
> > 
> > > Our IPSec stack rejects UDP-encapsulated traffic using a non
> > > encapsulating SA, but not the other way around. This diff adds
> > > the missing check and the corresponding stat counter.
> > > 
> > > Ok ?
> > > 
> > > Index: sys/netinet/ip_esp.h
> > > ===
> > > RCS file: /cvs/src/sys/netinet/ip_esp.h,v
> > > retrieving revision 1.42
> > > diff -u -p -r1.42 ip_esp.h
> > > --- sys/netinet/ip_esp.h  10 Jan 2010 12:43:07 -
> > > 1.42 +++ sys/netinet/ip_esp.h 1 Sep 2016 08:24:15 -
> > > @@ -62,6 +62,7 @@ struct espstat
> > >  u_int32_tesps_udpencin;  /* Input ESP-in-UDP packets */
> > >  u_int32_tesps_udpencout; /* Output ESP-in-UDP packets
> > > */ u_int32_t  esps_udpinval;  /* Invalid input ESP-in-UDP
> > > packets */
> > > +u_int32_tesps_udpneeded; /* Trying to use a ESP-in-UDP
> > > TDB */ };
> > >  
> > >  /*
> > > Index: sys/netinet/ipsec_input.c
> > > ===
> > > RCS file: /cvs/src/sys/netinet/ipsec_input.c,v
> > > retrieving revision 1.135
> > > diff -u -p -r1.135 ipsec_input.c
> > > --- sys/netinet/ipsec_input.c 10 Sep 2015 17:52:05
> > > - 1.135 +++ sys/netinet/ipsec_input.c 1 Sep 2016
> > > 08:24:16 - @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf
> > > *m, int s return EINVAL;
> > >   }
> > >  
> > > + if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) {
> > > + splx(s);
> > > + DPRINTF(("ipsec_common_input(): attempted to use
> > > udpencap "
> > > + "SA %s/%08x/%u\n", ipsp_address(_address,
> > > buf,
> > > + sizeof(buf)), ntohl(spi), tdbp->tdb_sproto));
> > > + m_freem(m);
> > > + espstat.esps_udpneeded++;
> > > + return EINVAL;
> > > + }
> > > +
> > >   if (tdbp->tdb_xform == NULL) {
> > >   splx(s);
> > >   DPRINTF(("ipsec_common_input(): attempted to use
> > > uninitialized " Index: usr.bin/netstat/inet.c
> > > ===
> > > RCS file: /cvs/src/usr.bin/netstat/inet.c,v
> > > retrieving revision 1.150
> > > diff -u -p -r1.150 inet.c
> > > --- usr.bin/netstat/inet.c27 Aug 2016 04:13:43 -
> > > 1.150 +++ usr.bin/netstat/inet.c  1 Sep 2016 08:24:16 -
> > > @@ -1073,6 +1073,7 @@ esp_stats(char *name)
> > >   p(esps_udpencin, "\t%u input UDP encapsulated ESP
> > > packet%s\n"); p(esps_udpencout, "\t%u output UDP encapsulated ESP
> > > packet%s\n"); p(esps_udpinval, "\t%u UDP packet%s for
> > > non-encapsulating TDB received\n");
> > > + p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating
> > > TDB received\n"); p(esps_ibytes, "\t%llu input byte%s\n");
> > >   p(esps_obytes, "\t%llu output byte%s\n");
> > >  
> > >   
> 

Re: Drop IPSec traffic that should be encapsulated but is not

[Vincent Gross]

On Thu, 1 Sep 2016 18:02:14 +0200
Claer  wrote:

> Hello,
> 
> In some production systems, I'm still using an old patch to isakmpd
> for Nat-t.
> When negociating SAs with ASA peers and OpenBSD is nated, you have
> issues during negociation. The following discutions explain the issue
> 
> http://openbsd.7691.n7.nabble.com/isakmpd-NAT-T-interoperability-td173004.html
> http://marc.info/?l=openbsd-tech=139140140105433=2
> 
> I think the patch is related to the parts of the code you are working
> on.
> 

Actually it is not. The issue you are referencing is in isakmpd,
whereas the diff below is in the OpenBSD kernel. Totally different
stuff. I do not plan to look at isakmpd at the moment, as it only
supports IKEv1, and its code is nearly twice the size of iked.

I do not have Cisco gear available to test, is this issue present when
opening NAT-T tunnels with iked ?

Cheers

> Would you mind looking at this issue also? :)
> 
> Thanks!
> 
> Claer
> 
> On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote:
> 
> > Our IPSec stack rejects UDP-encapsulated traffic using a non
> > encapsulating SA, but not the other way around. This diff adds
> > the missing check and the corresponding stat counter.
> > 
> > Ok ?
> > 
> > Index: sys/netinet/ip_esp.h
> > ===
> > RCS file: /cvs/src/sys/netinet/ip_esp.h,v
> > retrieving revision 1.42
> > diff -u -p -r1.42 ip_esp.h
> > --- sys/netinet/ip_esp.h10 Jan 2010 12:43:07 -
> > 1.42 +++ sys/netinet/ip_esp.h   1 Sep 2016 08:24:15 -
> > @@ -62,6 +62,7 @@ struct espstat
> >  u_int32_t  esps_udpencin;  /* Input ESP-in-UDP packets */
> >  u_int32_t  esps_udpencout; /* Output ESP-in-UDP packets
> > */ u_int32_tesps_udpinval;  /* Invalid input ESP-in-UDP
> > packets */
> > +u_int32_t  esps_udpneeded; /* Trying to use a ESP-in-UDP
> > TDB */ };
> >  
> >  /*
> > Index: sys/netinet/ipsec_input.c
> > ===
> > RCS file: /cvs/src/sys/netinet/ipsec_input.c,v
> > retrieving revision 1.135
> > diff -u -p -r1.135 ipsec_input.c
> > --- sys/netinet/ipsec_input.c   10 Sep 2015 17:52:05
> > -   1.135 +++ sys/netinet/ipsec_input.c 1 Sep 2016
> > 08:24:16 - @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf
> > *m, int s return EINVAL;
> > }
> >  
> > +   if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) {
> > +   splx(s);
> > +   DPRINTF(("ipsec_common_input(): attempted to use
> > udpencap "
> > +   "SA %s/%08x/%u\n", ipsp_address(_address,
> > buf,
> > +   sizeof(buf)), ntohl(spi), tdbp->tdb_sproto));
> > +   m_freem(m);
> > +   espstat.esps_udpneeded++;
> > +   return EINVAL;
> > +   }
> > +
> > if (tdbp->tdb_xform == NULL) {
> > splx(s);
> > DPRINTF(("ipsec_common_input(): attempted to use
> > uninitialized " Index: usr.bin/netstat/inet.c
> > ===
> > RCS file: /cvs/src/usr.bin/netstat/inet.c,v
> > retrieving revision 1.150
> > diff -u -p -r1.150 inet.c
> > --- usr.bin/netstat/inet.c  27 Aug 2016 04:13:43 -
> > 1.150 +++ usr.bin/netstat/inet.c1 Sep 2016 08:24:16 -
> > @@ -1073,6 +1073,7 @@ esp_stats(char *name)
> > p(esps_udpencin, "\t%u input UDP encapsulated ESP
> > packet%s\n"); p(esps_udpencout, "\t%u output UDP encapsulated ESP
> > packet%s\n"); p(esps_udpinval, "\t%u UDP packet%s for
> > non-encapsulating TDB received\n");
> > +   p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating
> > TDB received\n"); p(esps_ibytes, "\t%llu input byte%s\n");
> > p(esps_obytes, "\t%llu output byte%s\n");
> >  
> >   

Re: Drop IPSec traffic that should be encapsulated but is not

[Claer]

Hello,

In some production systems, I'm still using an old patch to isakmpd
for Nat-t.
When negociating SAs with ASA peers and OpenBSD is nated, you have issues
during negociation. The following discutions explain the issue

http://openbsd.7691.n7.nabble.com/isakmpd-NAT-T-interoperability-td173004.html
http://marc.info/?l=openbsd-tech=139140140105433=2

I think the patch is related to the parts of the code you are working on.

Would you mind looking at this issue also? :)

Thanks!

Claer

On Thu, Sep 01 2016 at 31:10, Vincent Gross wrote:

> Our IPSec stack rejects UDP-encapsulated traffic using a non
> encapsulating SA, but not the other way around. This diff adds
> the missing check and the corresponding stat counter.
> 
> Ok ?
> 
> Index: sys/netinet/ip_esp.h
> ===
> RCS file: /cvs/src/sys/netinet/ip_esp.h,v
> retrieving revision 1.42
> diff -u -p -r1.42 ip_esp.h
> --- sys/netinet/ip_esp.h  10 Jan 2010 12:43:07 -  1.42
> +++ sys/netinet/ip_esp.h  1 Sep 2016 08:24:15 -
> @@ -62,6 +62,7 @@ struct espstat
>  u_int32_tesps_udpencin;  /* Input ESP-in-UDP packets */
>  u_int32_tesps_udpencout; /* Output ESP-in-UDP packets */
>  u_int32_tesps_udpinval;  /* Invalid input ESP-in-UDP packets */
> +u_int32_tesps_udpneeded; /* Trying to use a ESP-in-UDP TDB */
>  };
>  
>  /*
> Index: sys/netinet/ipsec_input.c
> ===
> RCS file: /cvs/src/sys/netinet/ipsec_input.c,v
> retrieving revision 1.135
> diff -u -p -r1.135 ipsec_input.c
> --- sys/netinet/ipsec_input.c 10 Sep 2015 17:52:05 -  1.135
> +++ sys/netinet/ipsec_input.c 1 Sep 2016 08:24:16 -
> @@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf *m, int s
>   return EINVAL;
>   }
>  
> + if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) {
> + splx(s);
> + DPRINTF(("ipsec_common_input(): attempted to use udpencap "
> + "SA %s/%08x/%u\n", ipsp_address(_address, buf,
> + sizeof(buf)), ntohl(spi), tdbp->tdb_sproto));
> + m_freem(m);
> + espstat.esps_udpneeded++;
> + return EINVAL;
> + }
> +
>   if (tdbp->tdb_xform == NULL) {
>   splx(s);
>   DPRINTF(("ipsec_common_input(): attempted to use uninitialized "
> Index: usr.bin/netstat/inet.c
> ===
> RCS file: /cvs/src/usr.bin/netstat/inet.c,v
> retrieving revision 1.150
> diff -u -p -r1.150 inet.c
> --- usr.bin/netstat/inet.c27 Aug 2016 04:13:43 -  1.150
> +++ usr.bin/netstat/inet.c1 Sep 2016 08:24:16 -
> @@ -1073,6 +1073,7 @@ esp_stats(char *name)
>   p(esps_udpencin, "\t%u input UDP encapsulated ESP packet%s\n");
>   p(esps_udpencout, "\t%u output UDP encapsulated ESP packet%s\n");
>   p(esps_udpinval, "\t%u UDP packet%s for non-encapsulating TDB 
> received\n");
> + p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating TDB 
> received\n");
>   p(esps_ibytes, "\t%llu input byte%s\n");
>   p(esps_obytes, "\t%llu output byte%s\n");
>  
> 

Re: constify auth functions

[Todd C. Miller]

On Thu, 01 Sep 2016 10:51:06 -0400, "Ted Unangst" wrote:

> I'm getting annoying warnings because these functions aren't const.

As we're the only users of BSD auth I think this is fine.

 - todd

Use after fruit in usbd_set_config_index()

[Martin Pieuchot]

Fuzzing our USB stack is interesting.  Here's the first panic:

panic() at panic+0xfe
free() at free+0xed
usbd_free_iface_data() at usbd_free_iface_data+0x49
usb_free_device() at usb_free_device+0x83
usbd_new_device() at usbd_new_device+0x1f5
uhub_port_connect() at uhub_port_connect+0x14e
uhub_explore() at uhub_explore+0x229
uhub_explore() at uhub_explore+0x180
usb_explore() at usb_explore+0x153
usb_task_thread() at usb_task_thread+0xb6

What happened here is that usbd_set_config_index() incorrectly free'd 
the device descriptor: ``dev->cdesc'' of the faulty USB device.


However the stack and drivers assumes that this descriptor is always 
present and dereference it in usb_free_device().  That's why I want to 
call usbd_set_config_index() as early as possible, cf my other email.


Diff attached fix this problem by not freeing the descriptor if an error
occurs. ok?

Index: usb_subr.c
===
RCS file: /cvs/src/sys/dev/usb/usb_subr.c,v
retrieving revision 1.123
diff -u -p -u -7 -r1.123 usb_subr.c
--- usb_subr.c	23 May 2016 11:31:12 -	1.123
+++ usb_subr.c	1 Sep 2016 14:12:37 -
@@ -775,19 +775,16 @@ usbd_set_config_index(struct usbd_device
 		goto bad;
 	}
 	DPRINTFN(5,("usbd_set_config_index: dev=%p cdesc=%p\n", dev, cdp));
 	dev->cdesc = cdp;
 	dev->config = cdp->bConfigurationValue;
 	for (ifcidx = 0; ifcidx < nifc; ifcidx++) {
 		err = usbd_fill_iface_data(dev, ifcidx, 0);
-		if (err) {
-			while (--ifcidx >= 0)
-usbd_free_iface_data(dev, ifcidx);
-			goto bad;
-		}
+		if (err)
+			return (err);
 	}
 
 	return (USBD_NORMAL_COMPLETION);
 
  bad:
 	free(cdp, M_USB, 0);
 	return (err);

Re: MSI-X support

[Hrvoje Popovski]

On 4.5.2016. 16:32, Mark Kettenis wrote:
>>> This is great, thanks for doing this!  I'm a bit surprised that
>>> we don't need to the same suspend/resume dance in ppb(4) as with
>>> MSI.
>>>
>>
>> That is an excellent point I overlooked. Kettenis, do we?
> 
> Almost certainly.  I committed the diff, but left the bits out that
> start using it in em(4) and xhci(4).
> 

Hi all,

is it a good time to enable msi-x on em(4) ?

constify auth functions

[Ted Unangst]

I'm getting annoying warnings because these functions aren't const.


Index: include/bsd_auth.h
===
RCS file: /cvs/src/include/bsd_auth.h,v
retrieving revision 1.10
diff -u -p -r1.10 bsd_auth.h
--- include/bsd_auth.h  21 Apr 2014 11:27:34 -  1.10
+++ include/bsd_auth.h  1 Sep 2016 13:15:08 -
@@ -60,15 +60,15 @@ char*auth_getitem(auth_session_t *, aut
 int auth_setitem(auth_session_t *, auth_item_t, char *);
 
 auth_session_t *auth_open(void);
-auth_session_t *auth_verify(auth_session_t *, char *, char *, ...)
+auth_session_t *auth_verify(auth_session_t *, const char *, const char *, ...)
__attribute__((__sentinel__));
 
-auth_session_t *auth_userchallenge(char *, char *, char *, char **);
-auth_session_t *auth_usercheck(char *, char *, char *, char *);
+auth_session_t *auth_userchallenge(const char *, const char *, const char *, 
char **);
+auth_session_t *auth_usercheck(const char *, const char *, const char *, char 
*);
 
 int auth_userresponse(auth_session_t *, char *, int);
-int auth_userokay(char *, char *, char *, char *);
-int auth_approval(auth_session_t *, struct login_cap *, char *, char *);
+int auth_userokay(const char *, const char *, const char *, char *);
+int auth_approval(auth_session_t *, struct login_cap *, const char *, 
const char *);
 
 int auth_close(auth_session_t *);
 voidauth_clean(auth_session_t *);
Index: lib/libc/gen/authenticate.c
===
RCS file: /cvs/src/lib/libc/gen/authenticate.c,v
retrieving revision 1.26
diff -u -p -r1.26 authenticate.c
--- lib/libc/gen/authenticate.c 26 May 2016 15:51:37 -  1.26
+++ lib/libc/gen/authenticate.c 1 Sep 2016 13:12:42 -
@@ -174,7 +174,7 @@ auth_cat(char *file)
 DEF_WEAK(auth_cat);
 
 int
-auth_approval(auth_session_t *as, login_cap_t *lc, char *name, char *type)
+auth_approval(auth_session_t *as, login_cap_t *lc, const char *name, const 
char *type)
 {
int close_on_exit, close_lc_on_exit, len;
struct passwd pwstore, *pwd;
@@ -305,7 +305,7 @@ out:
 DEF_WEAK(auth_approval);
 
 auth_session_t *
-auth_usercheck(char *name, char *style, char *type, char *password)
+auth_usercheck(const char *name, const char *style, const char *type, char 
*password)
 {
char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1];
char pwbuf[_PW_BUF_LEN];
@@ -363,7 +363,7 @@ auth_usercheck(char *name, char *style, 
 DEF_WEAK(auth_usercheck);
 
 int
-auth_userokay(char *name, char *style, char *type, char *password)
+auth_userokay(const char *name, const char *style, const char *type, char 
*password)
 {
auth_session_t *as;
 
@@ -374,7 +374,7 @@ auth_userokay(char *name, char *style, c
 DEF_WEAK(auth_userokay);
 
 auth_session_t *
-auth_userchallenge(char *name, char *style, char *type, char **challengep)
+auth_userchallenge(const char *name, const char *style, const char *type, char 
**challengep)
 {
char namebuf[LOGIN_NAME_MAX + 1 + NAME_MAX + 1];
auth_session_t *as;
@@ -489,7 +489,7 @@ DEF_WEAK(auth_userresponse);
  * worked.
  */
 auth_session_t *
-auth_verify(auth_session_t *as, char *style, char *name, ...)
+auth_verify(auth_session_t *as, const char *style, const char *name, ...)
 {
va_list ap;
char path[PATH_MAX];

iwn: enable SGI

[Stefan Sperling]

This diff enables the short guard interval (SGI) feature of 802.11n.
In theory this should raise the max data rate from 65Mbit/s to 72Mbit/s.

To check if your AP supports SGI, associate to your AP and then run:

  tcpdump -n -i iwn0 -s 1500 -y IEEE802_11_RADIO -v type mgt subtype beacon

and look for the SGI@20MHz HT capability: "htcaps=<...,SGI@20MHz,...>"

Performance tests welcome.

Index: if_iwn.c
===
RCS file: /cvs/src/sys/dev/pci/if_iwn.c,v
retrieving revision 1.170
diff -u -p -r1.170 if_iwn.c
--- if_iwn.c17 Aug 2016 09:43:27 -  1.170
+++ if_iwn.c1 Sep 2016 13:56:20 -
@@ -463,15 +463,15 @@ iwn_attach(struct device *parent, struct
ic->ic_txbfcaps = 0;
ic->ic_aselcaps = 0;
ic->ic_ampdu_params = (IEEE80211_AMPDU_PARAM_SS_4 | 0x3 /* 64k */);
-#ifdef notyet
if (sc->sc_flags & IWN_FLAG_HAS_11N) {
/* Set HT capabilities. */
-   ic->ic_htcaps =
+   ic->ic_htcaps = IEEE80211_HTCAP_SGI20;
+#ifdef notyet
+   ic->ic_htcaps |=
 #if IWN_RBUF_SIZE == 8192
IEEE80211_HTCAP_AMSDU7935 |
 #endif
IEEE80211_HTCAP_CBW20_40 |
-   IEEE80211_HTCAP_SGI20 |
IEEE80211_HTCAP_SGI40;
if (sc->hw_type != IWN_HW_REV_TYPE_4965)
ic->ic_htcaps |= IEEE80211_HTCAP_GF;
@@ -479,8 +479,8 @@ iwn_attach(struct device *parent, struct
ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DYN;
else
ic->ic_htcaps |= IEEE80211_HTCAP_SMPS_DIS;
-   }
 #endif /* notyet */
+   }
 
/* Set supported legacy rates. */
ic->ic_sup_rates[IEEE80211_MODE_11B] = ieee80211_std_rateset_11b;
@@ -3007,8 +3007,11 @@ iwn_tx(struct iwn_softc *sc, struct mbuf
tx->plcp = rinfo->plcp;
 
if ((ni->ni_flags & IEEE80211_NODE_HT) &&
-   tx->id != sc->broadcast_id)
+   tx->id != sc->broadcast_id) {
tx->rflags = rinfo->ht_flags;
+   if (ni->ni_htcaps & IEEE80211_HTCAP_SGI20)
+   tx->rflags |= IWN_RFLAG_SGI;
+   }
else
tx->rflags = rinfo->flags;
if (tx->id == sc->broadcast_id) {
@@ -3416,6 +3419,9 @@ iwn_set_link_quality(struct iwn_softc *s
rinfo = _rates[iwn_mcs2ridx[txrate]];
linkq.retry[i].plcp = rinfo->ht_plcp;
linkq.retry[i].rflags = rinfo->ht_flags;
+
+   if (ni->ni_htcaps & IEEE80211_HTCAP_SGI20)
+   linkq.retry[i].rflags |= IWN_RFLAG_SGI;
 
/* XXX set correct ant mask for MIMO rates here */
linkq.retry[i].rflags |= IWN_RFLAG_ANT(txant);

Malformed USB descriptors & usbd_set_config_index()

[Martin Pieuchot]

usbd_set_config_index() is a complex function parsing unstrusted USB 
descriptors.  If a device presents itself with malformed descriptors

we should stop probing as soon as possible.

Our USB stack has a way to attach unconfigured USB devices to drivers,
meaning that such drivers have to call usbd_set_config_index() in their
*_attach() function.  This is bad because *_attach() functions do not 
return errors and, in the best case, the kernel ends up with an attached 
but unusable driver.


In the worst case this ends up in a panic, generally when the device
is detached.  I'll send one diff per panic as I found them with the 
fuzzer I got.  In the meantime I'd like to commit the diff below which
changes all the drivers using the first configuration, with index 0, to 
let the stack call usbd_set_config_index() for them.


Ok?
Index: uhub.c
===
RCS file: /cvs/src/sys/dev/usb/uhub.c,v
retrieving revision 1.88
diff -u -p -r1.88 uhub.c
--- uhub.c	29 Nov 2015 16:30:48 -	1.88
+++ uhub.c	1 Sep 2016 12:47:31 -
@@ -102,11 +102,14 @@ uhub_match(struct device *parent, void *
 	struct usb_attach_arg *uaa = aux;
 	usb_device_descriptor_t *dd = usbd_get_device_descriptor(uaa->device);
 
+	if (uaa->iface == NULL)
+		return (UMATCH_NONE);
+
 	/*
 	 * The subclass for hubs seems to be 0 for some and 1 for others,
 	 * so we just ignore the subclass.
 	 */
-	if (uaa->iface == NULL && dd->bDeviceClass == UDCLASS_HUB)
+	if (dd->bDeviceClass == UDCLASS_HUB)
 		return (UMATCH_DEVCLASS_DEVSUBCLASS);
 	return (UMATCH_NONE);
 }
@@ -134,13 +137,6 @@ uhub_attach(struct device *parent, struc
 
 	sc->sc_hub = dev;
 
-	err = usbd_set_config_index(dev, 0, 1);
-	if (err) {
-		DPRINTF("%s: configuration failed, error=%s\n",
-			 sc->sc_dev.dv_xname, usbd_errstr(err));
-		return;
-	}
-
 	if (dev->depth > USB_HUB_MAX_DEPTH) {
 		printf("%s: hub depth (%d) exceeded, hub ignored\n",
 		   sc->sc_dev.dv_xname, USB_HUB_MAX_DEPTH);
@@ -324,10 +320,10 @@ uhub_attach(struct device *parent, struc
 	for (port = 1; port <= nports; port++) {
 		/* Turn the power on. */
 		err = usbd_set_port_feature(dev, port, UHF_PORT_POWER);
-		if (err)
-			printf("%s: port %d power on failed, %s\n",
-			   sc->sc_dev.dv_xname, port,
-			   usbd_errstr(err));
+		if (err) {
+			DPRINTF("%s: port %d power on failed, %s\n",
+			   sc->sc_dev.dv_xname, port, usbd_errstr(err));
+		}
 		/* Make sure we check the port status at least once. */
 		sc->sc_status |= (1 << port);
 	}
Index: moscom.c
===
RCS file: /cvs/src/sys/dev/usb/moscom.c,v
retrieving revision 1.23
diff -u -p -r1.23 moscom.c
--- moscom.c	7 Jan 2016 12:53:37 -	1.23
+++ moscom.c	1 Sep 2016 11:49:33 -
@@ -30,7 +30,6 @@
 #include 
 
 #define MOSCOMBUFSZ		256
-#define MOSCOM_CONFIG_INDEX	0
 #define MOSCOM_IFACE_NO		0
 
 #define MOSCOM_READ		0x0d
@@ -178,7 +177,7 @@ moscom_match(struct device *parent, void
 {
 	struct usb_attach_arg *uaa = aux;
 
-	if (uaa->iface != NULL)
+	if (uaa->iface == NULL)
 		return UMATCH_NONE;
 
 	return (usb_lookup(moscom_devs, uaa->vendor, uaa->product) != NULL) ?
@@ -198,13 +197,6 @@ moscom_attach(struct device *parent, str
 
 	bzero(, sizeof(uca));
 	sc->sc_udev = uaa->device;
-
-	if (usbd_set_config_index(sc->sc_udev, MOSCOM_CONFIG_INDEX, 1) != 0) {
-		printf("%s: could not set configuration no\n",
-		sc->sc_dev.dv_xname);
-		usbd_deactivate(sc->sc_udev);
-		return;
-	}
 
 	/* get the first interface handle */
 	error = usbd_device2interface_handle(sc->sc_udev, MOSCOM_IFACE_NO,
Index: uark.c
===
RCS file: /cvs/src/sys/dev/usb/uark.c,v
retrieving revision 1.23
diff -u -p -r1.23 uark.c
--- uark.c	7 Jan 2016 12:53:37 -	1.23
+++ uark.c	1 Sep 2016 11:50:05 -
@@ -38,7 +38,6 @@ int	uarkebug = 0;
 #define DPRINTF(x) DPRINTFN(0, x)
 
 #define UARKBUFSZ		256
-#define UARK_CONFIG_INDEX	0
 #define UARK_IFACE_NO		0
 
 #define UARK_SET_DATA_BITS(x)	(x - 5)
@@ -105,7 +104,7 @@ uark_match(struct device *parent, void *
 {
 	struct usb_attach_arg *uaa = aux;
 
-	if (uaa->iface != NULL)
+	if (uaa->iface == NULL)
 		return UMATCH_NONE;
 
 	return (usb_lookup(uark_devs, uaa->vendor, uaa->product) != NULL) ?
@@ -125,13 +124,6 @@ uark_attach(struct device *parent, struc
 
 	bzero(, sizeof(uca));
 	sc->sc_udev = uaa->device;
-
-	if (usbd_set_config_index(sc->sc_udev, UARK_CONFIG_INDEX, 1) != 0) {
-		printf("%s: could not set configuration no\n",
-		sc->sc_dev.dv_xname);
-		usbd_deactivate(sc->sc_udev);
-		return;
-	}
 
 	/* get the first interface handle */
 	error = usbd_device2interface_handle(sc->sc_udev, UARK_IFACE_NO,
Index: uchcom.c
===
RCS file: /cvs/src/sys/dev/usb/uchcom.c,v
retrieving revision 1.24
diff -u -p -r1.24 uchcom.c
--- uchcom.c	14 Apr 2015 07:57:33 -	1.24
+++ uchcom.c	1 Sep 2016 

Unbreak libobjc for ARM EABI

[Mark Kettenis]

This diff unbreaks libobjc on arm.  I copied bits and pieces from the
C++ exception handling code.  Seems to be enough to make all the objc
exception handling tests in the gcc 4.2.1 testsuite pass.

ok?


Index: exception.c
===
RCS file: /cvs/src/gnu/gcc/libobjc/exception.c,v
retrieving revision 1.1.1.1
diff -u -p -r1.1.1.1 exception.c
--- exception.c 15 Oct 2009 17:11:28 -  1.1.1.1
+++ exception.c 1 Sep 2016 13:05:24 -
@@ -28,9 +28,40 @@ Boston, MA 02110-1301, USA.  */
 #include "config.h"
 #include "objc/objc-api.h"
 #include "unwind.h"
+
+#ifdef __ARM_EABI_UNWINDER__
+#define NO_SIZE_OF_ENCODED_VALUE
+#endif
+
 #include "unwind-pe.h"
 
 
+#ifdef __ARM_EABI_UNWINDER__
+
+static inline void
+__OBJC_INIT_EXCEPTION_CLASS(_Unwind_Exception_Class c)
+{
+  c[0] = 'G';
+  c[1] = 'N';
+  c[2] = 'U';
+  c[3] = 'C';
+  c[4] = 'C';
+  c[5] = '+';
+  c[6] = '+';
+  c[7] = '\0';
+}
+
+#define CONTINUE_UNWINDING \
+  do   \
+{  \
+  if (__gnu_unwind_frame(ue_header, context) != _URC_OK)   \
+   return _URC_FAILURE;\
+  return _URC_CONTINUE_UNWIND; \
+}  \
+  while (0)
+
+#else /* !__ARM_EABI_UNWINDER__ */
+
 /* This is the exception class we report -- "GNUCOBJC".  */
 #define __objc_exception_class \
   _Unwind_Exception_Class) 'G' \
@@ -42,6 +73,12 @@ Boston, MA 02110-1301, USA.  */
 << 8 | (_Unwind_Exception_Class) 'J')  \
<< 8 | (_Unwind_Exception_Class) 'C')
 
+#define __OBJC_INIT_EXCEPTION_CLASS(c) c = __objc_exception_class
+
+#define CONTINUE_UNWINDING return _URC_CONTINUE_UNWIND
+
+#endif /* !__ARM_EABI_UNWINDER__ */
+
 /* This is the object that is passed around by the Objective C runtime
to represent the exception in flight.  */
 
@@ -106,6 +143,25 @@ parse_lsda_header (struct _Unwind_Contex
   return p;
 }
 
+#ifdef __ARM_EABI_UNWINDER__
+
+static Class
+get_ttype_entry (struct lsda_header_info *info, _Unwind_Word i)
+{
+  _Unwind_Ptr ptr;
+
+  ptr = (_Unwind_Ptr) (info->TType - (i * 4));
+  ptr = _Unwind_decode_target2(ptr);
+  
+  /* NULL ptr means catch-all.  */
+  if (ptr)
+return objc_get_class ((const char *) ptr);
+  else
+return 0;
+}
+
+#else
+
 static Class
 get_ttype_entry (struct lsda_header_info *info, _Unwind_Word i)
 {
@@ -122,6 +178,8 @@ get_ttype_entry (struct lsda_header_info
 return 0;
 }
 
+#endif
+
 /* Like unto the method of the same name on Object, but takes an id.  */
 /* ??? Does this bork the meta-type system?  Can/should we look up an
isKindOf method on the id?  */
@@ -151,11 +209,17 @@ isKindOf (id value, Class target)
 #endif
 
 _Unwind_Reason_Code
+#ifdef __ARM_EABI_UNWINDER__
+PERSONALITY_FUNCTION (_Unwind_State state,
+ struct _Unwind_Exception *ue_header,
+ struct _Unwind_Context *context)
+#else
 PERSONALITY_FUNCTION (int version,
  _Unwind_Action actions,
  _Unwind_Exception_Class exception_class,
  struct _Unwind_Exception *ue_header,
  struct _Unwind_Context *context)
+#endif
 {
   struct ObjcException *xh = (struct ObjcException *) ue_header;
 
@@ -167,17 +231,56 @@ PERSONALITY_FUNCTION (int version,
   int handler_switch_value;
   int saw_cleanup = 0, saw_handler;
   void *return_object;
+  int foreign_exception;
+  int ip_before_insn = 0;
+
+#ifdef __ARM_EABI_UNWINDER__
+  _Unwind_Action actions;
 
+  switch (state & _US_ACTION_MASK)
+{
+case _US_VIRTUAL_UNWIND_FRAME:
+  actions = _UA_SEARCH_PHASE;
+  break;
+
+case _US_UNWIND_FRAME_STARTING:
+  actions = _UA_CLEANUP_PHASE;
+  if (!(state & _US_FORCE_UNWIND)
+ && ue_header->barrier_cache.sp == _Unwind_GetGR(context, 13))
+   actions |= _UA_HANDLER_FRAME;
+  break;
+
+case _US_UNWIND_FRAME_RESUME:
+  CONTINUE_UNWINDING;
+  break;
+
+default:
+  abort();
+}
+  actions |= state & _US_FORCE_UNWIND;
+
+  foreign_exception = 0;
+
+  ip = (_Unwind_Ptr) ue_header;
+  _Unwind_SetGR(context, 12, ip);
+#else
   /* Interface version check.  */
   if (version != 1)
 return _URC_FATAL_PHASE1_ERROR;
+  foreign_exception = !(exception_class == __objc_exception_class);
+#endif
 
   /* Shortcut for phase 2 found handler for domestic exception.  */
   if (actions == (_UA_CLEANUP_PHASE | _UA_HANDLER_FRAME)
-  && exception_class == __objc_exception_class)
+  && !foreign_exception)
 {
+#ifdef __ARM_EABI_UNWINDER__
+  handler_switch_value = (int) ue_header->barrier_cache.bitpattern[1];
+  landing_pad = (_Unwind_Ptr) ue_header->barrier_cache.bitpattern[3];
+#else
   handler_switch_value = xh->handlerSwitchValue;
   landing_pad = 

ABI BREAK: OpenBSD/armv7 moves to ARM EABI

[Patrick Wildt]

Hi,

I just switched OpenBSD/armv7 to ARM EABI.  This is a complete ABI
break which you cannot easily cross with a build.  Instead, you need
to upgrade through this break with a snapshot.  An EABI snapshot will
be synced to the mirrors soon.

Patrick

iwm: enable SGI

[Stefan Sperling]

This diff enables the short guard interval (SGI) feature of 802.11n.
In theory this should raise the max data rate from 65Mbit/s to 72Mbit/s.

To check if your AP supports SGI, associate to your AP and then run:

  tcpdump -n -i iwm0 -s 1500 -y IEEE802_11_RADIO -v type mgt subtype beacon

and look for the SGI@20MHz HT capability: "htcaps=<...,SGI@20MHz,...>"

Performance tests welcome.

Index: if_iwm.c
===
RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v
retrieving revision 1.100
diff -u -p -r1.100 if_iwm.c
--- if_iwm.c1 Sep 2016 09:47:47 -   1.100
+++ if_iwm.c1 Sep 2016 10:37:40 -
@@ -6082,7 +6082,7 @@ iwm_setrates(struct iwm_node *in)
struct iwm_softc *sc = IC2IFP(ic)->if_softc;
struct iwm_lq_cmd *lq = >in_lq;
struct ieee80211_rateset *rs = >ni_rates;
-   int i, ridx, ridx_min, j, tab = 0;
+   int i, ridx, ridx_min, j, sgi_ok, tab = 0;
struct iwm_host_cmd cmd = {
.id = IWM_LQ_CMD,
.len = { sizeof(in->in_lq), },
@@ -6092,9 +6092,12 @@ iwm_setrates(struct iwm_node *in)
memset(lq, 0, sizeof(*lq));
lq->sta_id = IWM_STATION_ID;
 
-   /* For HT, always enable RTS/CTS to avoid excessive retries. */
-   if (ni->ni_flags & IEEE80211_NODE_HT)
+   /* For HT, enable RTS/CTS, and SGI (if supported). */
+   if (ni->ni_flags & IEEE80211_NODE_HT) {
lq->flags |= IWM_LQ_FLAG_USE_RTS_MSK;
+   sgi_ok = (ni->ni_htcaps & IEEE80211_HTCAP_SGI20);
+   } else
+   sgi_ok = 0;
 
/*
 * Fill the LQ rate selection table with legacy and/or HT rates
@@ -6120,6 +6123,8 @@ iwm_setrates(struct iwm_node *in)
if (ridx == iwm_mcs2ridx[i]) {
tab = iwm_rates[ridx].ht_plcp;
tab |= IWM_RATE_MCS_HT_MSK;
+   if (sgi_ok)
+   tab |= IWM_RATE_MCS_SGI_MSK;
break;
}
}
@@ -8000,8 +8005,7 @@ iwm_attach(struct device *parent, struct
IEEE80211_C_SHSLOT |/* short slot time supported */
IEEE80211_C_SHPREAMBLE; /* short preamble supported */
 
-   /* No optional HT features supported for now, */
-   ic->ic_htcaps = 0;
+   ic->ic_htcaps = IEEE80211_HTCAP_SGI20;
ic->ic_htxcaps = 0;
ic->ic_txbfcaps = 0;
ic->ic_aselcaps = 0;

tcpdump: print association requests

[Stefan Sperling]

This diff makes tcpdump display details of association requests.
These are interesting because clients announce HT capabilities there.
We can share some printing code with beacons.

Use with something like tcpdump -s 1500 -v -y IEEE802_11_RADIO -i iwn0

Index: print-802_11.c
===
RCS file: /cvs/src/usr.sbin/tcpdump/print-802_11.c,v
retrieving revision 1.32
diff -u -p -r1.32 print-802_11.c
--- print-802_11.c  21 Feb 2016 16:09:47 -  1.32
+++ print-802_11.c  1 Sep 2016 12:21:43 -
@@ -101,7 +101,9 @@ void ieee80211_print_essid(u_int8_t *, 
 voidieee80211_print_country(u_int8_t *, u_int);
 voidieee80211_print_htcaps(u_int8_t *, u_int);
 voidieee80211_print_htop(u_int8_t *, u_int);
-int ieee80211_elements(struct ieee80211_frame *, u_int);
+int ieee80211_print_beacon(struct ieee80211_frame *, u_int);
+int ieee80211_print_assocreq(struct ieee80211_frame *, u_int);
+int ieee80211_print_elements(uint8_t *);
 int ieee80211_frame(struct ieee80211_frame *, u_int);
 int ieee80211_print(struct ieee80211_frame *, u_int);
 u_int   ieee80211_any2ieee(u_int, u_int);
@@ -589,37 +591,74 @@ ieee80211_print_htop(u_int8_t *data, u_i
 }
 
 int
-ieee80211_elements(struct ieee80211_frame *wh, u_int flen)
+ieee80211_print_beacon(struct ieee80211_frame *wh, u_int len)
 {
-   u_int8_t *buf, *frm;
-   u_int64_t tstamp;
-   u_int16_t bintval, capinfo;
-   int i;
+   uint64_t tstamp;
+   uint16_t bintval, capinfo;
+   uint8_t *frm;
+
+   if (len < sizeof(tstamp) + sizeof(bintval) + sizeof(capinfo))
+   return 1; /* truncated */
 
-   buf = (u_int8_t *)wh;
frm = (u_int8_t *)[1];
 
-   TCHECK2(*frm, 8);
bcopy(frm, , sizeof(u_int64_t));
frm += 8;
-
if (vflag > 1)
printf(", timestamp %llu", letoh64(tstamp));
 
-   TCHECK2(*frm, 2);
bcopy(frm, , sizeof(u_int16_t));
frm += 2;
-
if (vflag > 1)
printf(", interval %u", letoh16(bintval));
 
-   TCHECK2(*frm, 2);
bcopy(frm, , sizeof(u_int16_t));
frm += 2;
+   if (vflag)
+   printb(", caps", letoh16(capinfo), IEEE80211_CAPINFO_BITS);
+
+   return ieee80211_print_elements(frm);
+}
+
+int
+ieee80211_print_assocreq(struct ieee80211_frame *wh, u_int len)
+{
+   uint8_t subtype;
+   uint16_t capinfo, lintval;
+   uint8_t *frm;
+
+   subtype = wh->i_fc[0] & IEEE80211_FC0_SUBTYPE_MASK;
+
+   if (len < sizeof(capinfo) + sizeof(lintval) +
+   (subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ ?
+   IEEE80211_ADDR_LEN : 0))
+   return 1; /* truncated */
+
+   frm = (u_int8_t *)[1];
 
+   bcopy(frm, , sizeof(u_int16_t));
+   frm += 2;
if (vflag)
-   printb(", caps", letoh16(capinfo),
-   IEEE80211_CAPINFO_BITS);
+   printb(", caps", letoh16(capinfo), IEEE80211_CAPINFO_BITS);
+
+   bcopy(frm, , sizeof(u_int16_t));
+   frm += 2;
+   if (vflag > 1)
+   printf(", listen interval %u", letoh16(lintval));
+
+   if (subtype == IEEE80211_FC0_SUBTYPE_REASSOC_REQ) {
+   if (vflag)
+   printf(", AP %s", etheraddr_string(frm));
+   frm += IEEE80211_ADDR_LEN;
+   }
+
+   return ieee80211_print_elements(frm);
+}
+
+int
+ieee80211_print_elements(uint8_t *frm)
+{
+   int i;
 
while (TTEST2(*frm, 2)) {
u_int len = frm[1];
@@ -628,7 +667,7 @@ ieee80211_elements(struct ieee80211_fram
if (!TTEST2(*data, len))
break;
 
-#define ELEM_CHECK(l)  if (len != l) break
+#define ELEM_CHECK(l)  if (len != l) goto trunc
 
switch (*frm) {
case IEEE80211_ELEMID_SSID:
@@ -789,7 +828,12 @@ ieee80211_frame(struct ieee80211_frame *
switch (subtype) {
case IEEE80211_FC0_SUBTYPE_BEACON:
case IEEE80211_FC0_SUBTYPE_PROBE_RESP:
-   if (ieee80211_elements(wh, len) != 0)
+   if (ieee80211_print_beacon(wh, len) != 0)
+   goto trunc;
+   break;
+   case IEEE80211_FC0_SUBTYPE_ASSOC_REQ:
+   case IEEE80211_FC0_SUBTYPE_REASSOC_REQ:
+   if (ieee80211_print_assocreq(wh, len) != 0)
goto trunc;
break;
case IEEE80211_FC0_SUBTYPE_AUTH:

NAT-on-enc on iked(8)

[Vincent Gross]

This diff adds the missing bits to support NAT-on-enc in iked(8).

See OUTGOING NETWORK ADDRESS TRANSLATION in iked.conf(5), and also
http://undeadly.org/cgi?action=article=20090127205841.

Ok ?


diff --git sbin/iked/iked.h sbin/iked/iked.h
index aa40d70..dfa04ad 100644
--- sbin/iked/iked.h
+++ sbin/iked/iked.h
@@ -140,6 +140,7 @@ struct iked_flow {
struct iked_addr flow_src;
struct iked_addr flow_dst;
unsigned int flow_dir;  /* in/out */
+   struct iked_addr flow_prenat;
 
unsigned int flow_loaded;   /* pfkey done */
 
diff --git sbin/iked/parse.y sbin/iked/parse.y
index c93a978..e3e7c29 100644
--- sbin/iked/parse.y
+++ sbin/iked/parse.y
@@ -2418,7 +2418,7 @@ create_ike(char *name, int af, uint8_t ipproto, struct 
ipsec_hosts *hosts,
 {
char idstr[IKED_ID_SIZE];
unsigned int idtype = IKEV2_ID_NONE;
-   struct ipsec_addr_wrap  *ipa, *ipb;
+   struct ipsec_addr_wrap  *ipa, *ipb, *ippn;
struct iked_policy   pol;
struct iked_proposal prop[2];
unsigned int j;
@@ -2640,6 +2640,17 @@ create_ike(char *name, int af, uint8_t ipproto, struct 
ipsec_hosts *hosts,
flows[j].flow_dst.addr_net = ipb->netaddress;
flows[j].flow_dst.addr_port = hosts->dport;
 
+   ippn = ipa->srcnat;
+   if (ippn) {
+   memcpy([j].flow_prenat.addr, >address,
+   sizeof(ippn->address));
+   flows[j].flow_prenat.addr_af = ippn->af;
+   flows[j].flow_prenat.addr_mask = ippn->mask;
+   flows[j].flow_prenat.addr_net = ippn->netaddress;
+   } else {
+   flows[j].flow_prenat.addr_af = 0;
+   }
+
flows[j].flow_ipproto = ipproto;
 
pol.pol_nflows++;
diff --git sbin/iked/pfkey.c sbin/iked/pfkey.c
index 72c2d31..20ca4aa 100644
--- sbin/iked/pfkey.c
+++ sbin/iked/pfkey.c
@@ -173,6 +173,7 @@ int
 pfkey_flow(int sd, uint8_t satype, uint8_t action, struct iked_flow *flow)
 {
struct sadb_msg  smsg;
+   struct iked_addr*flow_src, *flow_dst;
struct sadb_address  sa_src, sa_dst, sa_local, sa_peer, sa_smask,
 sa_dmask;
struct sadb_protocol sa_flowtype, sa_protocol;
@@ -183,56 +184,75 @@ pfkey_flow(int sd, uint8_t satype, uint8_t action, struct 
iked_flow *flow)
 
sa_srcid = sa_dstid = NULL;
 
+   flow_src = >flow_src;
+   flow_dst = >flow_dst;
+
+   if (flow->flow_prenat.addr_af == flow_src->addr_af) {
+   switch (flow->flow_type) {
+   case SADB_X_FLOW_TYPE_USE:
+   flow_dst = >flow_prenat;
+   break;
+   case SADB_X_FLOW_TYPE_REQUIRE:
+   flow_src = >flow_prenat;
+   break;
+   case 0:
+   if (flow->flow_dir == IPSP_DIRECTION_IN)
+   flow_dst = >flow_prenat;
+   else
+   flow_src = >flow_prenat;
+   }
+   }
+
bzero(, sizeof(ssrc));
bzero(, sizeof(smask));
-   memcpy(, >flow_src.addr, sizeof(ssrc));
-   memcpy(, >flow_src.addr, sizeof(smask));
-   socket_af((struct sockaddr *), flow->flow_src.addr_port);
-   socket_af((struct sockaddr *), flow->flow_src.addr_port ?
+   memcpy(, _src->addr, sizeof(ssrc));
+   memcpy(, _src->addr, sizeof(smask));
+   socket_af((struct sockaddr *), flow_src->addr_port);
+   socket_af((struct sockaddr *), flow_src->addr_port ?
0x : 0);
 
-   switch (flow->flow_src.addr_af) {
+   switch (flow_src->addr_af) {
case AF_INET:
((struct sockaddr_in *))->sin_addr.s_addr =
-   prefixlen2mask(flow->flow_src.addr_net ?
-   flow->flow_src.addr_mask : 32);
+   prefixlen2mask(flow_src->addr_net ?
+   flow_src->addr_mask : 32);
break;
case AF_INET6:
-   prefixlen2mask6(flow->flow_src.addr_net ?
-   flow->flow_src.addr_mask : 128,
+   prefixlen2mask6(flow_src->addr_net ?
+   flow_src->addr_mask : 128,
(uint32_t *)((struct sockaddr_in6 *)
)->sin6_addr.s6_addr);
break;
default:
log_warnx("%s: unsupported address family %d",
-   __func__, flow->flow_src.addr_af);
+   __func__, flow_src->addr_af);
return (-1);
}
smask.ss_len = ssrc.ss_len;
 
bzero(, sizeof(sdst));
bzero(, sizeof(dmask));
-   memcpy(, >flow_dst.addr, sizeof(sdst));
-   memcpy(, 

Re: multi-pool malloc wip diff

[Otto Moerbeek]

On Tue, Aug 23, 2016 at 09:57:03AM +0200, Otto Moerbeek wrote:

> On Mon, Aug 22, 2016 at 08:59:44PM -0400, Ted Unangst wrote:
> 
> > Otto Moerbeek wrote:
> > > 
> > > After a forkl of a threaded program __isthreaded is reset, but
> > > existing allocations are spread around the pools. But the new single
> > > threaded child only looks in the first pool. I have to think how to
> > > solve this.
> > 
> > Create a new flag, _malloc_threads. Init to 0.
> > 
> > Change all existing tests for __isthreaded in malloc.c to _malloc_threads.
> > 
> > Set _malloc_threads to 1 (or N) in malloc_init().
> > 
> > (Future direction may be to replace _MALLOC_MUTEXES with _malloc_threads and
> > allow it to vary somewhat based on cpu count.)
> > 
> > Trying to reverse the process of going to thread mode is more trouble than
> > it's work. I'd even argue there's no need to reset __isthreaded, but I don't
> > want to get bogged down with other consequences.
> 
> Indeed, thats the solution I came up with as well. chrome, ff, gimp
> and mysqld seem to be happy. Online now.
> 
>   -Otto

Hi,

diff has been commited just now (from the hackathon in Cambridge,
UK). Upcoming snaps will contain it.  Please make sure you update
packages as well when they arrive at mirrors, since both librthread and
libc versions have been bumped. Otherwise you just will be testing old
code.

Thanks to all the testers,

-Otto

Re: relayd TLS ticket and session support accross processes

[Reyk Floeter]

On Thu, Sep 01, 2016 at 11:27:55AM +0200, Claudio Jeker wrote:
> On Tue, Aug 30, 2016 at 03:51:04PM +0200, Claudio Jeker wrote:
> > On Tue, Aug 30, 2016 at 02:44:17PM +0200, Reyk Floeter wrote:
> > > On Tue, Aug 30, 2016 at 01:22:49PM +0200, Claudio Jeker wrote:
> > > > Here is the latest version of the ticket and tls session cache support.
> > > > Tickets can be disabled and also the session timeout is configurable.
> > > > Same code as before with man page diff
> > > > 
> > > 
> > > Nice work! I'm curious how this impact production, do you have any
> > > experience to share?
> > > 
> > > > Will commit this soonish unless somebody complains
> > > 
> > > I do complain, but just a bit.  nit-picking below.
> > > 
> 
> After some more talking to people here a new version that drops the
> session cache and only implements session tickets. Everything modern (aka
> the stuff we care about) implements tickets and they are so much easier to
> work with. The system in place now uses a primary key and a backup key and
> will refresh the tickets for everything that was encrypted with the backup
> key. The keys are rotated every 2h so at max a key is valid for 4h.
> We set the tls session timeout also to 2h so that this value is announced
> as TLS session ticket lifetime hint. It is still possible to disable the
> tickets per relay just in case.
> 

See comments below, otherwise OK

> -- 
> :wq Claudio
> 
> Index: ca.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
> retrieving revision 1.16
> diff -u -p -r1.16 ca.c
> --- ca.c  5 Dec 2015 13:13:11 -   1.16
> +++ ca.c  30 Aug 2016 12:59:36 -
> @@ -23,6 +23,7 @@
>  #include 
>  #include 
>  #include 
> +#include 
>  #include 
>  
>  #include 
> @@ -256,6 +257,7 @@ static int
>  rsae_send_imsg(int flen, const u_char *from, u_char *to, RSA *rsa,
>  int padding, u_int cmd)
>  {
> + struct pollfdpfd[1];
>   struct ctl_keyop cko;
>   int  ret = 0;
>   objid_t *id;
> @@ -292,9 +294,21 @@ rsae_send_imsg(int flen, const u_char *f
>* operation in OpenSSL's engine layer.
>*/
>   imsg_composev(ibuf, cmd, 0, 0, -1, iov, cnt);
> - imsg_flush(ibuf);
> + if (imsg_flush(ibuf) == -1)
> + log_warn("rsae_send_imsg: imsg_flush");
>  
> + pfd[0].fd = ibuf->fd;
> + pfd[0].events = POLLIN;
>   while (!done) {
> + switch (poll(pfd, 1, TLS_PRIV_SEND_TIMEOUT)) {
> + case -1:
> + fatal("rsae_send_imsg: poll");
> + case 0:
> + log_warnx("rsae_send_imsg: poll timeout");
> + break;
> + default:
> + break;
> + }
>   if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
>   fatalx("imsg_read");
>   if (n == 0)
> Index: config.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/config.c,v
> retrieving revision 1.27
> diff -u -p -r1.27 config.c
> --- config.c  7 Dec 2015 04:03:27 -   1.27
> +++ config.c  31 Aug 2016 12:53:03 -
> @@ -94,7 +94,6 @@ config_init(struct relayd *env)
>   bzero(>sc_proto_default, sizeof(env->sc_proto_default));
>   env->sc_proto_default.id = EMPTY_ID;
>   env->sc_proto_default.flags = F_USED;
> - env->sc_proto_default.cache = RELAY_CACHESIZE;
>   env->sc_proto_default.tcpflags = TCPFLAG_DEFAULT;
>   env->sc_proto_default.tcpbacklog = RELAY_BACKLOG;
>   env->sc_proto_default.tlsflags = TLSFLAG_DEFAULT;
> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
> retrieving revision 1.207
> diff -u -p -r1.207 parse.y
> --- parse.y   21 Jun 2016 21:35:25 -  1.207
> +++ parse.y   1 Sep 2016 08:25:35 -
> @@ -172,13 +172,13 @@ typedef struct {
>  %token   SOCKET SPLICE SSL STICKYADDR STYLE TABLE TAG TAGGED TCP TIMEOUT 
> TLS TO
>  %token   ROUTER RTLABEL TRANSPARENT TRAP UPDATES URL VIRTUAL WITH TTL 
> RTABLE
>  %token   MATCH PARAMS RANDOM LEASTSTATES SRCHASH KEY CERTIFICATE 
> PASSWORD ECDH
> -%token   EDH CURVE
> +%token   EDH CURVE TICKETS
>  %token STRING
>  %token NUMBER
>  %type  hostname interface table value optstring
>  %type  http_type loglevel quick trap
>  %type  dstmode flag forwardmode retry
> -%type  opttls opttlsclient tlscache
> +%type  opttls opttlsclient tlstickets
>  %type  redirect_proto relay_proto match
>  %type  action ruleaf key_option
>  %type  tlsdhparams tlsecdhcurve
> @@ -996,7 +996,6 @@ proto : relay_proto PROTO STRING  {
>   free($3);
>   p->id = ++last_proto_id;
> 

Re: iwm(4): iwm_firmware_load_chunk returns uninitialized error value.

[Stefan Sperling]

On Thu, Sep 01, 2016 at 11:26:10AM +0200, Imre Vadasz wrote:
> Hi,
> The iwm_firmware_load_chunk() function returns the value of the
> uninitialized int error variable, when the "while (!sc->sc_fw_chunk_done)"
> loop terminates immediately. I saw this happen repeatedly in the init
> firmware loading during bootup. Example log output with iwm compiled with
> debugging output, for an AC8260 chipset:
> 
>   iwm0: loading ucode type 1
>   iwm0: could not load firmware chunk 0 (error 712)
>   iwm0: failed to load init firmware
>   iwm apm stop
> 
> So we should explicitly initialize the error variable to 0 in
> iwm_firmware_load_chunk():

Yes, indeed. I will commit this now. Thank you!

> 
> Index: sys/dev/pci/if_iwm.c
> ===
> RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v
> retrieving revision 1.99
> diff -u -r1.99 if_iwm.c
> --- sys/dev/pci/if_iwm.c  17 Aug 2016 09:39:38 -  1.99
> +++ sys/dev/pci/if_iwm.c  1 Sep 2016 09:17:50 -
> @@ -3169,6 +3169,7 @@
>   iwm_nic_unlock(sc);
>  
>   /* wait 1s for this segment to load */
> + error = 0;
>   while (!sc->sc_fw_chunk_done)
>   if ((error = tsleep(>sc_fw, 0, "iwmfw", hz)) != 0)
>   break;
> 

Re: Array of TAILQs in kern_synch.c

[Mathieu -]

Ted Unangst wrote:
> Michal Mazurek wrote:
> > There is what appears to be a sensless hash in kern_synch.c. It's an
> > array of 128 TAILQs which are hashed according to the high bits of the
> > wchan. It's possible to write a program that adds kern.maxthread entries
> > to one of those TAILQs. Just running chrome with 11 tabs open adds 35
> > entries to one TAILQ, while leaving others empty.
> > 
> > If it doesn't matter that a user program can make a TAILQ very long,
> > then the hash is senseless (diff below).
> > 
> > If it does matter, then it's broken, and a different data structure
> > needs to be used. Currently RB trees require all element values to be 
> > unique,
> > but a version of RB trees with non-unique element values is possible.
> > 
> > Any thoughts?
> 
> I don't think this is a good change. it's going backwards. even if there's 100
> things waiting on the same thing, there are other procs that aren't waiting on
> it.

Yeah, if anything, we might want a better distribution. FreeBSD XOR the
shifted bits with the wait channel (and uses a 256 bucket table).
In my limited testing it doesn't seem to make much of a difference
thoughm, I need to come up with a better workload for this.

Re: relayd TLS ticket and session support accross processes

[Claudio Jeker]

On Tue, Aug 30, 2016 at 03:51:04PM +0200, Claudio Jeker wrote:
> On Tue, Aug 30, 2016 at 02:44:17PM +0200, Reyk Floeter wrote:
> > On Tue, Aug 30, 2016 at 01:22:49PM +0200, Claudio Jeker wrote:
> > > Here is the latest version of the ticket and tls session cache support.
> > > Tickets can be disabled and also the session timeout is configurable.
> > > Same code as before with man page diff
> > > 
> > 
> > Nice work! I'm curious how this impact production, do you have any
> > experience to share?
> > 
> > > Will commit this soonish unless somebody complains
> > 
> > I do complain, but just a bit.  nit-picking below.
> > 

After some more talking to people here a new version that drops the
session cache and only implements session tickets. Everything modern (aka
the stuff we care about) implements tickets and they are so much easier to
work with. The system in place now uses a primary key and a backup key and
will refresh the tickets for everything that was encrypted with the backup
key. The keys are rotated every 2h so at max a key is valid for 4h.
We set the tls session timeout also to 2h so that this value is announced
as TLS session ticket lifetime hint. It is still possible to disable the
tickets per relay just in case.

-- 
:wq Claudio

Index: ca.c
===
RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
retrieving revision 1.16
diff -u -p -r1.16 ca.c
--- ca.c5 Dec 2015 13:13:11 -   1.16
+++ ca.c30 Aug 2016 12:59:36 -
@@ -23,6 +23,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -256,6 +257,7 @@ static int
 rsae_send_imsg(int flen, const u_char *from, u_char *to, RSA *rsa,
 int padding, u_int cmd)
 {
+   struct pollfdpfd[1];
struct ctl_keyop cko;
int  ret = 0;
objid_t *id;
@@ -292,9 +294,21 @@ rsae_send_imsg(int flen, const u_char *f
 * operation in OpenSSL's engine layer.
 */
imsg_composev(ibuf, cmd, 0, 0, -1, iov, cnt);
-   imsg_flush(ibuf);
+   if (imsg_flush(ibuf) == -1)
+   log_warn("rsae_send_imsg: imsg_flush");
 
+   pfd[0].fd = ibuf->fd;
+   pfd[0].events = POLLIN;
while (!done) {
+   switch (poll(pfd, 1, TLS_PRIV_SEND_TIMEOUT)) {
+   case -1:
+   fatal("rsae_send_imsg: poll");
+   case 0:
+   log_warnx("rsae_send_imsg: poll timeout");
+   break;
+   default:
+   break;
+   }
if ((n = imsg_read(ibuf)) == -1 && errno != EAGAIN)
fatalx("imsg_read");
if (n == 0)
Index: config.c
===
RCS file: /cvs/src/usr.sbin/relayd/config.c,v
retrieving revision 1.27
diff -u -p -r1.27 config.c
--- config.c7 Dec 2015 04:03:27 -   1.27
+++ config.c31 Aug 2016 12:53:03 -
@@ -94,7 +94,6 @@ config_init(struct relayd *env)
bzero(>sc_proto_default, sizeof(env->sc_proto_default));
env->sc_proto_default.id = EMPTY_ID;
env->sc_proto_default.flags = F_USED;
-   env->sc_proto_default.cache = RELAY_CACHESIZE;
env->sc_proto_default.tcpflags = TCPFLAG_DEFAULT;
env->sc_proto_default.tcpbacklog = RELAY_BACKLOG;
env->sc_proto_default.tlsflags = TLSFLAG_DEFAULT;
Index: parse.y
===
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.207
diff -u -p -r1.207 parse.y
--- parse.y 21 Jun 2016 21:35:25 -  1.207
+++ parse.y 1 Sep 2016 08:25:35 -
@@ -172,13 +172,13 @@ typedef struct {
 %token SOCKET SPLICE SSL STICKYADDR STYLE TABLE TAG TAGGED TCP TIMEOUT TLS TO
 %token ROUTER RTLABEL TRANSPARENT TRAP UPDATES URL VIRTUAL WITH TTL RTABLE
 %token MATCH PARAMS RANDOM LEASTSTATES SRCHASH KEY CERTIFICATE PASSWORD ECDH
-%token EDH CURVE
+%token EDH CURVE TICKETS
 %token   STRING
 %token   NUMBER
 %typehostname interface table value optstring
 %typehttp_type loglevel quick trap
 %typedstmode flag forwardmode retry
-%typeopttls opttlsclient tlscache
+%typeopttls opttlsclient tlstickets
 %typeredirect_proto relay_proto match
 %typeaction ruleaf key_option
 %typetlsdhparams tlsecdhcurve
@@ -996,7 +996,6 @@ proto   : relay_proto PROTO STRING  {
free($3);
p->id = ++last_proto_id;
p->type = $1;
-   p->cache = RELAY_CACHESIZE;
p->tcpflags = TCPFLAG_DEFAULT;
p->tlsflags = TLSFLAG_DEFAULT;
p->tcpbacklog = RELAY_BACKLOG;
@@ -1091,7 +1090,7 @@ tlsflags_l: tlsflags comma tlsflags_l
| 

iwm(4): iwm_firmware_load_chunk returns uninitialized error value.

[Imre Vadasz]

Hi,
The iwm_firmware_load_chunk() function returns the value of the
uninitialized int error variable, when the "while (!sc->sc_fw_chunk_done)"
loop terminates immediately. I saw this happen repeatedly in the init
firmware loading during bootup. Example log output with iwm compiled with
debugging output, for an AC8260 chipset:

  iwm0: loading ucode type 1
  iwm0: could not load firmware chunk 0 (error 712)
  iwm0: failed to load init firmware
  iwm apm stop

So we should explicitly initialize the error variable to 0 in
iwm_firmware_load_chunk():

Index: sys/dev/pci/if_iwm.c
===
RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v
retrieving revision 1.99
diff -u -r1.99 if_iwm.c
--- sys/dev/pci/if_iwm.c17 Aug 2016 09:39:38 -  1.99
+++ sys/dev/pci/if_iwm.c1 Sep 2016 09:17:50 -
@@ -3169,6 +3169,7 @@
iwm_nic_unlock(sc);
 
/* wait 1s for this segment to load */
+   error = 0;
while (!sc->sc_fw_chunk_done)
if ((error = tsleep(>sc_fw, 0, "iwmfw", hz)) != 0)
break;

Re: remove ntfs write code

[Theo de Raadt]

Removing unfinished write support makes sense.  Who knows, maybe
it makes read support more sustainable...
 

Re: remove ntfs write code

[Ted Unangst]

Martin Natano wrote:
> mount_ntfs forces the mount point to be MNT_RDONLY, so the write parts
> in ntfs are never used. OK to remove?

i think so.

by the way, this code is probably a dead end, compared to the fuse code. is
that right? but we should keep it around for a while until we're sure the fuse
code is a good replacement.

Re: passwd(1) - use explicit_bzero(3)

[Ted Unangst]

Gleydson Soares wrote:
> after recents passwd(1) changes, We should use explicit_bzero(3) for
> clearing these sensitive strings.
> OK?

right, ok

Re: Array of TAILQs in kern_synch.c

[Ted Unangst]

Michal Mazurek wrote:
> There is what appears to be a sensless hash in kern_synch.c. It's an
> array of 128 TAILQs which are hashed according to the high bits of the
> wchan. It's possible to write a program that adds kern.maxthread entries
> to one of those TAILQs. Just running chrome with 11 tabs open adds 35
> entries to one TAILQ, while leaving others empty.
> 
> If it doesn't matter that a user program can make a TAILQ very long,
> then the hash is senseless (diff below).
> 
> If it does matter, then it's broken, and a different data structure
> needs to be used. Currently RB trees require all element values to be unique,
> but a version of RB trees with non-unique element values is possible.
> 
> Any thoughts?

I don't think this is a good change. it's going backwards. even if there's 100
things waiting on the same thing, there are other procs that aren't waiting on
it.

Re: iwm(4): Use htole16 for policy field in iwm_time_event_cmd_v2 struct.

[Martin Natano]

On Wed, Aug 31, 2016 at 09:39:47PM +0200, Imre Vadasz wrote:
> Hi,
> The policy field in struct iwm_time_event_cmd_v2 is just a 16bit integer,
> so we should use htole16() when setting it, instead of htole32().

Makes sense to me, although I don't have hardware to test this.


> 
> Index: sys/dev/pci/if_iwm.c
> ===
> RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v
> retrieving revision 1.99
> diff -u -r1.99 if_iwm.c
> --- sys/dev/pci/if_iwm.c  17 Aug 2016 09:39:38 -  1.99
> +++ sys/dev/pci/if_iwm.c  31 Aug 2016 19:37:05 -
> @@ -2379,7 +2379,7 @@
>   time_cmd.duration = htole32(duration);
>   time_cmd.repeat = 1;
>   time_cmd.policy
> - = htole32(IWM_TE_V2_NOTIF_HOST_EVENT_START |
> + = htole16(IWM_TE_V2_NOTIF_HOST_EVENT_START |
>   IWM_TE_V2_NOTIF_HOST_EVENT_END |
>   IWM_T2_V2_START_IMMEDIATELY);
>  
> 

Re: remove ntfs write code

[Martin Natano]

On Wed, Aug 31, 2016 at 05:17:41PM -0600, Bob Beck wrote:
> Yes, ok beck@
> 
> to be shortly followed by the ntfs code - don't we have a fuse version of
> this?

There's the ntfs_3g port benno uses. Iirc, access via ntfs_3g is
somewhat slower than with the native filesystem (not that I care).


> 
> 
> On Wed, Aug 31, 2016 at 3:34 PM, Martin Natano  wrote:
> 
> > mount_ntfs forces the mount point to be MNT_RDONLY, so the write parts
> > in ntfs are never used. OK to remove?
> >
> > natano
> >
> >
> > Index: ntfs/ntfs_subr.c
> > ===
> > RCS file: /cvs/src/sys/ntfs/ntfs_subr.c,v
> > retrieving revision 1.47
> > diff -u -p -r1.47 ntfs_subr.c
> > --- ntfs/ntfs_subr.c31 Aug 2016 15:13:57 -  1.47
> > +++ ntfs/ntfs_subr.c31 Aug 2016 19:58:31 -
> > @@ -1336,152 +1336,6 @@ ntfs_filesize(struct ntfsmount *ntmp, st
> >  }
> >
> >  /*
> > - * This is one of the write routines.
> > - */
> > -int
> > -ntfs_writeattr_plain(struct ntfsmount *ntmp, struct ntnode *ip,
> > -u_int32_t attrnum, char *attrname, off_t roff, size_t rsize, void
> > *rdata,
> > -size_t *initp, struct uio *uio)
> > -{
> > -   size_t  init;
> > -   int error = 0;
> > -   off_t   off = roff;
> > -   size_t  left = rsize, towrite;
> > -   caddr_t data = rdata;
> > -   struct ntvattr *vap;
> > -   *initp = 0;
> > -
> > -   while (left) {
> > -   error = ntfs_ntvattrget(ntmp, ip, attrnum, attrname,
> > -   ntfs_btocn(off), );
> > -   if (error)
> > -   return (error);
> > -   towrite = MIN(left, ntfs_cntob(vap->va_vcnend + 1) - off);
> > -   DDPRINTF("ntfs_writeattr_plain: o: %lld, s: %zu "
> > -   "(%llu - %llu)\n", off, towrite,
> > -   vap->va_vcnstart, vap->va_vcnend);
> > -   error = ntfs_writentvattr_plain(ntmp, ip, vap,
> > -off -
> > ntfs_cntob(vap->va_vcnstart),
> > -towrite, data, , uio);
> > -   if (error) {
> > -   DPRINTF("ntfs_writeattr_plain:
> > ntfs_writentvattr_plain "
> > -   "failed: o: %lld, s: %zu\n", off, towrite);
> > -   DPRINTF("ntfs_writeattr_plain: attrib: %llu -
> > %llu\n",
> > -   vap->va_vcnstart, vap->va_vcnend);
> > -   ntfs_ntvattrrele(vap);
> > -   break;
> > -   }
> > -   ntfs_ntvattrrele(vap);
> > -   left -= towrite;
> > -   off += towrite;
> > -   data = data + towrite;
> > -   *initp += init;
> > -   }
> > -
> > -   return (error);
> > -}
> > -
> > -/*
> > - * This is one of the write routines.
> > - *
> > - * ntnode should be locked.
> > - */
> > -int
> > -ntfs_writentvattr_plain(struct ntfsmount *ntmp, struct ntnode *ip,
> > -struct ntvattr *vap, off_t roff, size_t rsize, void *rdata, size_t
> > *initp,
> > -struct uio *uio)
> > -{
> > -   int error = 0;
> > -   off_t   off;
> > -   int cnt;
> > -   cn_tccn, ccl, cn, cl;
> > -   caddr_t data = rdata;
> > -   struct buf *bp;
> > -   size_t  left, tocopy;
> > -
> > -   *initp = 0;
> > -
> > -   if ((vap->va_flag & NTFS_AF_INRUN) == 0) {
> > -   DPRINTF("ntfs_writevattr_plain: CAN'T WRITE RES.
> > ATTRIBUTE\n");
> > -   return ENOTTY;
> > -   }
> > -
> > -   DDPRINTF("ntfs_writentvattr_plain: data in run: %lu chains\n",
> > -   vap->va_vruncnt);
> > -
> > -   off = roff;
> > -   left = rsize;
> > -
> > -   for (cnt = 0; left && (cnt < vap->va_vruncnt); cnt++) {
> > -   ccn = vap->va_vruncn[cnt];
> > -   ccl = vap->va_vruncl[cnt];
> > -
> > -   DDPRINTF("ntfs_writentvattr_plain: left %zu, cn: 0x%llx, "
> > -   "cl: %llu, off: %lld\n", left, ccn, ccl, off);
> > -
> > -   if (ntfs_cntob(ccl) < off) {
> > -   off -= ntfs_cntob(ccl);
> > -   cnt++;
> > -   continue;
> > -   }
> > -   if (!ccn && ip->i_number != NTFS_BOOTINO)
> > -   continue; /* XXX */
> > -
> > -   ccl -= ntfs_btocn(off);
> > -   cn = ccn + ntfs_btocn(off);
> > -   off = ntfs_btocnoff(off);
> > -
> > -   while (left && ccl) {
> > -   /*
> > -* Always read and write single clusters at a time
> > -
> > -* we need to avoid requesting differently-sized
> > -* blocks at the same disk offsets to avoid
> > -

Drop IPSec traffic that should be encapsulated but is not

[Vincent Gross]

Our IPSec stack rejects UDP-encapsulated traffic using a non
encapsulating SA, but not the other way around. This diff adds
the missing check and the corresponding stat counter.

Ok ?

Index: sys/netinet/ip_esp.h
===
RCS file: /cvs/src/sys/netinet/ip_esp.h,v
retrieving revision 1.42
diff -u -p -r1.42 ip_esp.h
--- sys/netinet/ip_esp.h10 Jan 2010 12:43:07 -  1.42
+++ sys/netinet/ip_esp.h1 Sep 2016 08:24:15 -
@@ -62,6 +62,7 @@ struct espstat
 u_int32_t  esps_udpencin;  /* Input ESP-in-UDP packets */
 u_int32_t  esps_udpencout; /* Output ESP-in-UDP packets */
 u_int32_t  esps_udpinval;  /* Invalid input ESP-in-UDP packets */
+u_int32_t  esps_udpneeded; /* Trying to use a ESP-in-UDP TDB */
 };
 
 /*
Index: sys/netinet/ipsec_input.c
===
RCS file: /cvs/src/sys/netinet/ipsec_input.c,v
retrieving revision 1.135
diff -u -p -r1.135 ipsec_input.c
--- sys/netinet/ipsec_input.c   10 Sep 2015 17:52:05 -  1.135
+++ sys/netinet/ipsec_input.c   1 Sep 2016 08:24:16 -
@@ -262,6 +262,16 @@ ipsec_common_input(struct mbuf *m, int s
return EINVAL;
}
 
+   if (!udpencap && (tdbp->tdb_flags & TDBF_UDPENCAP)) {
+   splx(s);
+   DPRINTF(("ipsec_common_input(): attempted to use udpencap "
+   "SA %s/%08x/%u\n", ipsp_address(_address, buf,
+   sizeof(buf)), ntohl(spi), tdbp->tdb_sproto));
+   m_freem(m);
+   espstat.esps_udpneeded++;
+   return EINVAL;
+   }
+
if (tdbp->tdb_xform == NULL) {
splx(s);
DPRINTF(("ipsec_common_input(): attempted to use uninitialized "
Index: usr.bin/netstat/inet.c
===
RCS file: /cvs/src/usr.bin/netstat/inet.c,v
retrieving revision 1.150
diff -u -p -r1.150 inet.c
--- usr.bin/netstat/inet.c  27 Aug 2016 04:13:43 -  1.150
+++ usr.bin/netstat/inet.c  1 Sep 2016 08:24:16 -
@@ -1073,6 +1073,7 @@ esp_stats(char *name)
p(esps_udpencin, "\t%u input UDP encapsulated ESP packet%s\n");
p(esps_udpencout, "\t%u output UDP encapsulated ESP packet%s\n");
p(esps_udpinval, "\t%u UDP packet%s for non-encapsulating TDB 
received\n");
+   p(esps_udpneeded, "\t%u raw ESP packet%s for encapsulating TDB 
received\n");
p(esps_ibytes, "\t%llu input byte%s\n");
p(esps_obytes, "\t%llu output byte%s\n");
 

Re: better return type for usqrt() in factor(6)

[Otto Moerbeek]

On Thu, Sep 01, 2016 at 06:36:15AM +0100, Theo Buehler wrote:

> In factor(6), there is the line
> 
> 216   stop = usqrt(val) + 1;
> 
> where the u_int64_t stop is the upper bound for the sieve of
> Eratosthenes (I cautiously added 1 to be sure to be on the safe side).
> Unfortunately, the right hand side may now overflow for large enough
> val because my brilliant former self chose usqrt() to be of type
> u_int32_t usqrt(u_sqrt64_t); ...
> 
> Example from http://cvsweb.netbsd.org/bsdweb.cgi/src/games/primes/pattern.c
> 
> $ printf "%u\n" $((139646831 * 132095686967))
> 18446744073709551577
> $ factor 18446744073709551577
> 18446744073709551577
> 
> With the patch below:
> 
> $ obj/factor
> 18446744073709551577: 139646831 132095686967
> 
> as it should be.

ok, 

-Otto

> 
> Index: factor.c
> ===
> RCS file: /var/cvs/src/games/factor/factor.c,v
> retrieving revision 1.29
> diff -u -p -r1.29 factor.c
> --- factor.c  14 Aug 2016 18:34:48 -  1.29
> +++ factor.c  1 Sep 2016 04:56:00 -
> @@ -75,7 +75,7 @@ extern const int pattern_size;
>  
>  static void  pr_fact(u_int64_t); /* print factors of a value */
>  static void  pr_bigfact(u_int64_t);
> -static u_int32_t usqrt(u_int64_t);
> +static u_int64_t usqrt(u_int64_t);
>  static void __dead   usage(void);
>  
>  int
> @@ -284,7 +284,7 @@ pr_bigfact(u_int64_t val) /* Factor this
>  }
>  
>  /* Code taken from ping.c */
> -static u_int32_t
> +static u_int64_t
>  usqrt(u_int64_t n)
>  {
>   u_int64_t y, x = 1;
> @@ -299,7 +299,7 @@ usqrt(u_int64_t n)
>   x /= 2;
>   } while (((y < x) && (x - y) > 1) || (y - x) > 1);
>  
> - return (u_int32_t)x;
> + return x;
>  }
>  
>  static void __dead

Re: better return type for usqrt() in factor(6)

[Tom Cosgrove]

ok tom@

>>> Theo Buehler 1-Sep-16 06:36 >>>
>
> In factor(6), there is the line
>
> 216   stop = usqrt(val) + 1;
>
> where the u_int64_t stop is the upper bound for the sieve of
> Eratosthenes (I cautiously added 1 to be sure to be on the safe side).
> Unfortunately, the right hand side may now overflow for large enough
> val because my brilliant former self chose usqrt() to be of type
> u_int32_t usqrt(u_sqrt64_t); ...
>
> Example from http://cvsweb.netbsd.org/bsdweb.cgi/src/games/primes/pattern.c
>
> $ printf "%u\n" $((139646831 * 132095686967))
> 18446744073709551577
> $ factor 18446744073709551577
> 18446744073709551577
>
> With the patch below:
>
> $ obj/factor
> 18446744073709551577: 139646831 132095686967
>
> as it should be.
>
> Index: factor.c
> ===
> RCS file: /var/cvs/src/games/factor/factor.c,v
> retrieving revision 1.29
> diff -u -p -r1.29 factor.c
> --- factor.c  14 Aug 2016 18:34:48 -  1.29
> +++ factor.c  1 Sep 2016 04:56:00 -
> @@ -75,7 +75,7 @@ extern const int pattern_size;
>  
>  static void  pr_fact(u_int64_t); /* print factors of a value */
>  static void  pr_bigfact(u_int64_t);
> -static u_int32_t usqrt(u_int64_t);
> +static u_int64_t usqrt(u_int64_t);
>  static void __dead   usage(void);
>  
>  int
> @@ -284,7 +284,7 @@ pr_bigfact(u_int64_t val) /* Factor this
>  }
>  
>  /* Code taken from ping.c */
> -static u_int32_t
> +static u_int64_t
>  usqrt(u_int64_t n)
>  {
>   u_int64_t y, x = 1;
> @@ -299,7 +299,7 @@ usqrt(u_int64_t n)
>   x /= 2;
>   } while (((y < x) && (x - y) > 1) || (y - x) > 1);
>  
> - return (u_int32_t)x;
> + return x;
>  }
>  
>  static void __dead

Re: sys_process.c: remove relebad

[Philip Guenther]

On Thu, Sep 1, 2016 at 8:39 AM, Michal Mazurek  wrote:
> This was OKd but forgotten:
> https://marc.info/?l=openbsd-tech=146001680811549=2

You'll have to commit it yourself then.

ok guenther@

Re: better return type for usqrt() in factor(6)

[Philip Guenther]

On Thu, Sep 1, 2016 at 6:36 AM, Theo Buehler  wrote:
> In factor(6), there is the line
>
> 216 stop = usqrt(val) + 1;
>
> where the u_int64_t stop is the upper bound for the sieve of
> Eratosthenes (I cautiously added 1 to be sure to be on the safe side).
> Unfortunately, the right hand side may now overflow for large enough
> val because my brilliant former self chose usqrt() to be of type
> u_int32_t usqrt(u_sqrt64_t); ...

Yeah, it might seem that square-root of a 64bit number should fit in
32bits, but nope, there's a range at the top where the square-root
takes 33bits.

ok guenther@

Re: Fix comment in sys/sem.h

[Philip Guenther]

On Thu, Sep 1, 2016 at 8:24 AM, Michal Mazurek  wrote:
> It's _SYS_SEM_H_ not _SEM_H_:
>
> #ifndef _SYS_SEM_H_
> #define _SYS_SEM_H_

ok guenther@

Re: Remove last mention of nonexistent ktr_kuser().

[Philip Guenther]

On Thu, Sep 1, 2016 at 8:27 AM, Michal Mazurek  wrote:
> --- sys/sys/ktrace.h18 Jun 2016 17:39:44 -  1.31
> +++ sys/sys/ktrace.h1 Sep 2016 07:26:30 -
> @@ -206,7 +206,6 @@ void ktrnamei(struct proc *, char *);
>  void ktrpsig(struct proc *, int, sig_t, int, int, siginfo_t *);
>  void ktrsyscall(struct proc *, register_t, size_t, register_t []);
>  void ktrsysret(struct proc *, register_t, int, const register_t [2]);
> -void ktr_kuser(const char *, void *, size_t);

ok guenther@

sys_process.c: remove relebad

[Michal Mazurek]

This was OKd but forgotten:
https://marc.info/?l=openbsd-tech=146001680811549=2



relebad used to have more body:
relebad:
PRELE(t);
return (error);
But then PRELE(t); was removed. This diff gets rid of what remains of
relebad.

Index: sys/kern/sys_process.c
===
RCS file: /cvs/src/sys/kern/sys_process.c,v
retrieving revision 1.69
diff -u -p -r1.69 sys_process.c
--- sys/kern/sys_process.c  31 May 2016 22:34:53 -  1.69
+++ sys/kern/sys_process.c  1 Sep 2016 07:30:55 -
@@ -454,7 +454,7 @@ sys_ptrace(struct proc *p, void *v, regi
/* If the address parameter is not (int *)1, set the pc. */
if ((int *)SCARG(uap, addr) != (int *)1)
if ((error = process_set_pc(t, SCARG(uap, addr))) != 0)
-   goto relebad;
+   return error;
 
 #ifdef PT_STEP
/*
@@ -462,7 +462,7 @@ sys_ptrace(struct proc *p, void *v, regi
 */
error = process_sstep(t, req == PT_STEP);
if (error)
-   goto relebad;
+   return error;
 #endif
goto sendsig;
 
@@ -492,7 +492,7 @@ sys_ptrace(struct proc *p, void *v, regi
 */
error = process_sstep(t, 0);
if (error)
-   goto relebad;
+   return error;
 #endif
 
/* give process back to original parent or init */
@@ -522,9 +522,6 @@ sys_ptrace(struct proc *p, void *v, regi
}
 
return (0);
-
-   relebad:
-   return (error);
 
case  PT_KILL:
if (SCARG(uap, pid) < THREAD_PID_OFFSET && tr->ps_single)

-- 
Michal Mazurek

remove MPSAFE from makesyscalls.sh

[Michal Mazurek]

This was OKd but forgotten:
http://openbsd-archive.7691.n7.nabble.com/remove-MPSAFE-from-makesyscalls-sh-td293382.html

Index: sys/sys/systm.h
===
RCS file: /cvs/src/sys/sys/systm.h,v
retrieving revision 1.113
diff -u -p -r1.113 systm.h
--- sys/sys/systm.h 17 May 2016 23:28:03 -  1.113
+++ sys/sys/systm.h 1 Sep 2016 07:34:19 -
@@ -112,8 +112,7 @@ extern struct sysent {  /* system call t
sy_call_t *sy_call; /* implementing function */
 } sysent[];
 
-#define SY_MPSAFE  0x01
-#define SY_NOLOCK  0x02
+#define SY_NOLOCK  0x01
 
 #if_BYTE_ORDER == _BIG_ENDIAN
 #define SCARG(p, k)((p)->k.be.datum)   /* get arg from args pointer */
Index: sys/kern/makesyscalls.sh
===
RCS file: /cvs/src/sys/kern/makesyscalls.sh,v
retrieving revision 1.11
diff -u -p -r1.11 makesyscalls.sh
--- sys/kern/makesyscalls.sh27 Nov 2007 18:04:01 -  1.11
+++ sys/kern/makesyscalls.sh1 Sep 2016 07:34:19 -
@@ -255,10 +255,6 @@ function parseline() {
funcalias=""
end=NF
}
-   if ($f == "MPSAFE") {   # allow MP-safe syscalls
-   sycall_flags = sprintf("SY_MPSAFE | %s", sycall_flags)
-   f++
-   }
if ($f == "NOLOCK") {   # syscall does not need locks
sycall_flags = sprintf("SY_NOLOCK | %s", sycall_flags)
f++

-- 
Michal Mazurek

Remove last mention of nonexistent ktr_kuser().

[Michal Mazurek]

Index: sys/sys/ktrace.h
===
RCS file: /cvs/src/sys/sys/ktrace.h,v
retrieving revision 1.31
diff -u -p -r1.31 ktrace.h
--- sys/sys/ktrace.h18 Jun 2016 17:39:44 -  1.31
+++ sys/sys/ktrace.h1 Sep 2016 07:26:30 -
@@ -206,7 +206,6 @@ void ktrnamei(struct proc *, char *);
 void ktrpsig(struct proc *, int, sig_t, int, int, siginfo_t *);
 void ktrsyscall(struct proc *, register_t, size_t, register_t []);
 void ktrsysret(struct proc *, register_t, int, const register_t [2]);
-void ktr_kuser(const char *, void *, size_t);
 int ktruser(struct proc *, const char *, const void *, size_t);
 void ktrexec(struct proc *, int, const char *, ssize_t);
 void ktrpledge(struct proc *, int, uint64_t, int);

-- 
Michal Mazurek

Fix comment in sys/sem.h

[Michal Mazurek]

It's _SYS_SEM_H_ not _SEM_H_:

#ifndef _SYS_SEM_H_
#define _SYS_SEM_H_

Index: sys/sys/sem.h
===
RCS file: /cvs/src/sys/sys/sem.h,v
retrieving revision 1.23
diff -u -p -r1.23 sem.h
--- sys/sys/sem.h   23 Nov 2014 04:31:42 -  1.23
+++ sys/sys/sem.h   1 Sep 2016 07:22:26 -
@@ -195,4 +195,4 @@ int semop(int, struct sembuf *, size_t);
 __END_DECLS
 #endif /* !_KERNEL */
 
-#endif /* !_SEM_H_ */
+#endif /* !_SYS_SEM_H_ */

-- 
Michal Mazurek