Re: Kill ifa_ifwithnet()

2016-11-04 Thread Vincent Gross 
On Fri, 4 Nov 2016 12:01:58 +0100
Martin Pieuchot  wrote:

> Rather than trying to keep this old routing table like function alive
> by reimplementing rn_refines(), let's get rid of it.
> 
> ok?
> 
> Index: net/route.c
> ===
> RCS file: /cvs/src/sys/net/route.c,v
> retrieving revision 1.333
> diff -u -p -r1.333 route.c
> --- net/route.c   6 Oct 2016 19:09:08 -   1.333
> +++ net/route.c   4 Nov 2016 10:51:55 -
> @@ -550,11 +550,16 @@ rtredirect(struct sockaddr *dst, struct 
>   splsoftassert(IPL_SOFTNET);
>  
>   /* verify the gateway is directly reachable */
> - if ((ifa = ifa_ifwithnet(gateway, rdomain)) == NULL) {
> + rt = rtalloc(gateway, 0, rdomain);
> + if (!rtisvalid(rt) || ISSET(rt->rt_flags, RTF_GATEWAY)) {
> + rtfree(rt);
>   error = ENETUNREACH;
>   goto out;
>   }
> - ifidx = ifa->ifa_ifp->if_index;
> + ifidx = rt->rt_ifidx;
> + rtfree(rt);
> + rt = NULL;
> +
>   rt = rtable_lookup(rdomain, dst, NULL, NULL, RTP_ANY);
>   /*
>* If the redirect isn't from our current router for this
> dst, Index: net/if.c
> ===
> RCS file: /cvs/src/sys/net/if.c,v
> retrieving revision 1.456
> diff -u -p -r1.456 if.c
> --- net/if.c  19 Oct 2016 02:05:49 -  1.456
> +++ net/if.c  4 Nov 2016 10:55:03 -
> @@ -1282,47 +1282,6 @@ ifa_ifwithdstaddr(struct sockaddr *addr,
>  }
>  
>  /*
> - * Find an interface on a specific network.  If many, choice
> - * is most specific found.
> - */
> -struct ifaddr *
> -ifa_ifwithnet(struct sockaddr *sa, u_int rtableid)
> -{
> - struct ifnet *ifp;
> - struct ifaddr *ifa, *ifa_maybe = NULL;
> - char *cplim, *addr_data = sa->sa_data;
> - u_int rdomain;
> -
> - KERNEL_ASSERT_LOCKED();
> - rdomain = rtable_l2(rtableid);
> - TAILQ_FOREACH(ifp, , if_list) {
> - if (ifp->if_rdomain != rdomain)
> - continue;
> - TAILQ_FOREACH(ifa, >if_addrlist, ifa_list) {
> - char *cp, *cp2, *cp3;
> -
> - if (ifa->ifa_addr->sa_family !=
> sa->sa_family ||
> - ifa->ifa_netmask == 0)
> - next: continue;
> - cp = addr_data;
> - cp2 = ifa->ifa_addr->sa_data;
> - cp3 = ifa->ifa_netmask->sa_data;
> - cplim = (char *)ifa->ifa_netmask +
> - ifa->ifa_netmask->sa_len;
> - while (cp3 < cplim)
> - if ((*cp++ ^ *cp2++) & *cp3++)
> - /* want to continue for() loop */
> - goto next;
> - if (ifa_maybe == 0 ||
> - rn_refines((caddr_t)ifa->ifa_netmask,
> - (caddr_t)ifa_maybe->ifa_netmask))
> - ifa_maybe = ifa;
> - }
> - }
> - return (ifa_maybe);
> -}
> -
> -/*
>   * Find an interface address specific to an interface best matching
>   * a given address.
>   */
> Index: net/if_var.h
> ===
> RCS file: /cvs/src/sys/net/if_var.h,v
> retrieving revision 1.75
> diff -u -p -r1.75 if_var.h
> --- net/if_var.h  4 Sep 2016 15:46:39 -   1.75
> +++ net/if_var.h  4 Nov 2016 10:54:55 -
> @@ -304,7 +304,6 @@ void  p2p_rtrequest(struct ifnet *, int, 
>  
>  struct   ifaddr *ifa_ifwithaddr(struct sockaddr *, u_int);
>  struct   ifaddr *ifa_ifwithdstaddr(struct sockaddr *, u_int);
> -struct   ifaddr *ifa_ifwithnet(struct sockaddr *, u_int);
>  struct   ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct
> ifnet *); voidifafree(struct ifaddr *);
>  

Everything above is ok vgross@

> Index: netinet/ip_input.c
> ===
> RCS file: /cvs/src/sys/netinet/ip_input.c,v
> retrieving revision 1.282
> diff -u -p -r1.282 ip_input.c
> --- netinet/ip_input.c22 Sep 2016 10:12:25 -  1.282
> +++ netinet/ip_input.c4 Nov 2016 10:54:49 -
> @@ -1117,37 +1117,19 @@ ip_dooptions(struct mbuf *m, struct ifne
>   ipaddr.sin_len = sizeof(ipaddr);
>   memcpy(_addr, cp + off,
>   sizeof(ipaddr.sin_addr));
> - if (opt == IPOPT_SSRR) {
> - if ((ia = ifatoia(ifa_ifwithdstaddr(
> - sintosa(),
> - m->m_pkthdr.ph_rtableid))) ==
> NULL)
> - ia = ifatoia(ifa_ifwithnet(
> - sintosa(),
> -
> m->m_pkthdr.ph_rtableid));
> - if (ia == NULL) {
> -

guest crashes when ping'ing host

2016-11-04 Thread Daniel Bolgheroni 
Hi,

guest running -current crashes trying to ping host running the same -current
snapshot. The configuration is based on a diff to faq6.html from Edd Barrett,
which is going to be commited for 6.1:

http://marc.info/?l=openbsd-tech=147654794511843=2

Don't know if it is related to the recent changes to sys/kern/subr_pool.c,
since these changes do not touch pool_do_get().

Thank you.

--
/etc/vm.conf:
vm "first" {
disable
memory 512M
kernel "/bsd.rd"
disk /home/dbolgheroni/vm/first.img
interfaces 1
interface { switch "myswitch" }
}

switch "myswitch" {
add vether0
}

--
$ doas vmd -d -
startup
/etc/vm.conf:8: vm "first" skipped (disabled)
/etc/vm.conf:12: switch "myswitch" registered
vm_priv_brconfig: interface bridge0 description switch1-myswitch
vm_priv_brconfig: interface bridge0 add vether0
vm_priv_ifconfig: interface tap0 description vm1-if0-first
first: started vm 1 successfully, tty /dev/ttyp4
run_vm: initializing hardware for vm first
run_vm: starting vcpu threads for vm first
vcpu_reset: resetting vcpu 0 for vm 1
run_vm: waiting on events for VM first
i8253_reset: unsupported counter mode 0xe
vmd: unknown exit reason 1
vmd: unknown exit reason 1
vmd: unknown exit reason 48
vmd: unknown exit reason 48
vmd: unknown exit reason 1
vmd: unknown exit reason 1
vmd: unknown exit reason 1
(...)

--
$ doas vmctl start first -c -k /bsd.rd -m 512M -d first.img -i 1
Connected to /dev/ttyp4 (speed 9600)

Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2016 OpenBSD. All rights reserved.  https://www.OpenBSD.org

OpenBSD 6.0-current (RAMDISK_CD) #0: Thu Nov  3 20:46:48 MDT 2016
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 520093696 (496MB)
avail mem = 502673408 (479MB)
mainbus0 at root
bios0 at mainbus0
acpi at bios0 not configured
cpu0 at mainbus0: (uniprocessor)
cpu0: Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz, 2484.00 MHz
cpu0: 
FPU,VME,DE,PSE,MSR,PAE,MCE,CX8,SEP,PGE,MCA,CMOV,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,SSSE3,CX16,SSE4.1,SSE4.2,POPCNT,AES,XSAVE,AVX,HV
pvbus0 at mainbus0: OpenBSD
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "OpenBSD VMM PCI Host Bridge" rev 0x00
virtio0 at pci0 dev 1 function 0 "Qumranet Virtio RNG" rev 0x00
viornd0 at virtio0
virtio0: irq 3
virtio1 at pci0 dev 2 function 0 "Qumranet Virtio Storage" rev 0x00
vioblk0 at virtio1
scsibus0 at vioblk0: 2 targets
sd0 at scsibus0 targ 0 lun 0:  SCSI3 0/direct fixed
sd0: 8192MB, 512 bytes/sector, 16777216 sectors
virtio1: irq 5
virtio2 at pci0 dev 3 function 0 "Qumranet Virtio Network" rev 0x00
vio0 at virtio2: address fe:e1:bb:d1:63:96
virtio2: irq 7
isa0 at mainbus0
com0 at isa0 port 0x3f8/8 irq 4: ns8250, no fifo
com0: console
softraid0 at root
scsibus1 at softraid0: 256 targets
root on rd0a swap on rd0b dump on rd0b

erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to the OpenBSD/amd64 6.0 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? s
# doas ifconfig vio0 192.168.3.2 up
# ping 192.168.3;2
ping: no address associated with name
sh: 2: not found
# ping 192.168.3.2
PING 192.168.3.2 (192.168.3.2): 56 data bytes
64 bytes from 192.168.3.2: icmp_seq=0 ttl=255 time=4.615 ms
64 bytes from 192.168.3.2: icmp_seq=1 ttl=255 time=0.215 ms
64 bytes from 192.168.3.2: icmp_seq=2 ttl=255 time=0.215 ms
64 bytes from 192.168.3.2: icmp_seq=3 ttl=255 time=0.000 ms
64 bytes from 192.168.3.2: icmp_seq=4 ttl=255 time=0.215 ms
^C
--- 192.168.3.2 ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/std-dev = 0.000/1.052/4.615/1.783 ms
# ping 192.168.3.1
PING 192.168.3.1 (192.168.3.1): 56 data bytes
panic: pool_do_get: mbufpl free list modified: page 0xff001f7d9000; item 
addr 0xff001f7d9600; offset 0x0=0x3ab868690400aaec != 0xf0c80e781b55d7da
syncing disks... done

--
host "ifconfig -a":
lo0: flags=8049 mtu 32768
index 4 priority 0 llprio 3
groups: lo
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x4
inet 127.0.0.1 netmask 0xff00
em0: flags=8843 mtu 1500
lladdr 00:21:cc:ba:e3:5d
index 1 priority 0 llprio 3
groups: egress
media: Ethernet autoselect (none)
status: no carrier
inet 192.168.2.9 netmask 0xff00 broadcast 192.168.2.255
iwn0: flags=8843 mtu 1500
lladdr 10:0b:a9:96:72:30
index 2 priority 4 llprio 3
groups: wlan egress
media: IEEE802.11 autoselect (OFDM18 mode 11g)
status: active
ieee80211: nwid home chan 1 bssid 00:23:08:47:96:8c -44dBm wpakey 
0x77c02ba09022a2abbd3ede6c14e9844018061140c91ecac65715bb53326fd0b5 wpaprotos 
wpa1,wpa2 wpaakms psk wpaciphers tkip,ccmp wpagroupcipher tkip
inet 192.168.2.25

Re: Append system start up messages to new /var/log/dmesg in /etc/rc

2016-11-04 Thread Craig Skinner 
Resend folks:

On 2016-10-19 Wed 14:19 PM |, Craig Skinner wrote:
> Hi,
> 
> With dmesg's new -s flag, append each boot's full log to a new
> /var/log/dmesg semi-private log file.
> 
> Inspired by Alexander Hall's recent post:
> http://marc.info/?l=openbsd-misc=147674181621645
> 
> This works for me (on 5.9) & rotates correctly:
> 
> 
> 
> Index: rc
> ===
> RCS file: /cvs/src/etc/rc,v
> retrieving revision 1.486
> diff -u -p -r1.486 rc
> --- rc10 Jul 2016 09:08:18 -  1.486
> +++ rc19 Oct 2016 13:04:04 -
> @@ -563,4 +563,7 @@ start_daemon apmd sensorsd hotplugd watc
>  echo '.'
>  
>  date
> -exit 0
> +umask 027
> +dmesg >>/var/log/dmesg
> +dmesg -s >>/var/log/dmesg
> +umask 022
> Index: newsyslog.conf
> ===
> RCS file: /cvs/src/etc/newsyslog.conf,v
> retrieving revision 1.35
> diff -u -p -r1.35 newsyslog.conf
> --- newsyslog.conf1 Jun 2016 16:57:07 -   1.35
> +++ newsyslog.conf19 Oct 2016 13:04:04 -
> @@ -10,6 +10,7 @@
>  /var/log/lpd-errs640  7 10   * Z
>  /var/log/maillog 640  7 *24Z
>  /var/log/messages644  5 300  * Z
> +/var/log/dmesg   640  3 100  * Z
>  /var/log/secure  600  7 *168   Z
>  /var/log/wtmp644  7 *$W6D4 B
>  /var/log/xferlog 640  7 250  * Z
> 

-- 
Craig Skinner | http://linkd.in/yGqkv7

Re: SOCKET_LOCK looking for testers

2016-11-04 Thread Simon Mages 
Hi,

i did some performance measurements with and without your diff on
OpenBSD-current.

There is no performance difference. I think this is the expected outcome.

BR
Simon

2016-11-04 10:12 GMT+01:00, Martin Pieuchot :
> On 03/11/16(Thu) 11:21, Martin Pieuchot wrote:
>> Here's the next iteration of my diff introducing a rwlock to serialize
>> the network input path with socket paths.  Changes are:
>>
>>   - more timeout_set_proc() that should fix problems reported by
>> Chris Jackman.
>>
>>   - I introduced a set of macro to make it easier to audit existing
>> splsoftnet().
>>
>>   - It makes use of splassert_fail() if the lock is not held.
>>
>>
>> My plan is to commit it, assuming it is stable enough, then fix the
>> remaining issues in tree.  This includes:
>>
>>   - Analyze and if needed fix the two code paths were we do an
>> unlock/lock
>> dance
>>
>>   - Remove unneeded/recursive splsoftnet() dances.
>>
>> Once that's done we should be able to remove the KERNEL_LOCK() from the
>> input path.
>>
>> So please test and report back.
>
> Updated version that prevents a recursion in doaccept(), reported by Nils
> Frohberg.
>
> diff --git sys/kern/sys_socket.c sys/kern/sys_socket.c
> index 7a90f78..a7be8a1 100644
> --- sys/kern/sys_socket.c
> +++ sys/kern/sys_socket.c
> @@ -133,7 +133,7 @@ soo_poll(struct file *fp, int events, struct proc *p)
>   int revents = 0;
>   int s;
>
> - s = splsoftnet();
> + SOCKET_LOCK(s);
>   if (events & (POLLIN | POLLRDNORM)) {
>   if (soreadable(so))
>   revents |= events & (POLLIN | POLLRDNORM);
> @@ -159,7 +159,7 @@ soo_poll(struct file *fp, int events, struct proc *p)
>   so->so_snd.sb_flagsintr |= SB_SEL;
>   }
>   }
> - splx(s);
> + SOCKET_UNLOCK(s);
>   return (revents);
>  }
>
> diff --git sys/kern/uipc_socket.c sys/kern/uipc_socket.c
> index 9e8d05f..dd067b3 100644
> --- sys/kern/uipc_socket.c
> +++ sys/kern/uipc_socket.c
> @@ -89,6 +89,11 @@ struct pool sosplice_pool;
>  struct taskq *sosplice_taskq;
>  #endif
>
> +/*
> + * Serialize socket operations.
> + */
> +struct rwlock socketlock = RWLOCK_INITIALIZER("socketlock");
> +
>  void
>  soinit(void)
>  {
> @@ -123,7 +128,7 @@ socreate(int dom, struct socket **aso, int type, int
> proto)
>   return (EPROTONOSUPPORT);
>   if (prp->pr_type != type)
>   return (EPROTOTYPE);
> - s = splsoftnet();
> + SOCKET_LOCK(s);
>   so = pool_get(_pool, PR_WAITOK | PR_ZERO);
>   TAILQ_INIT(>so_q0);
>   TAILQ_INIT(>so_q);
> @@ -141,10 +146,10 @@ socreate(int dom, struct socket **aso, int type, int
> proto)
>   if (error) {
>   so->so_state |= SS_NOFDREF;
>   sofree(so);
> - splx(s);
> + SOCKET_UNLOCK(s);
>   return (error);
>   }
> - splx(s);
> + SOCKET_UNLOCK(s);
>   *aso = so;
>   return (0);
>  }
> @@ -154,9 +159,9 @@ sobind(struct socket *so, struct mbuf *nam, struct proc
> *p)
>  {
>   int s, error;
>
> - s = splsoftnet();
> + SOCKET_LOCK(s);
>   error = (*so->so_proto->pr_usrreq)(so, PRU_BIND, NULL, nam, NULL, p);
> - splx(s);
> + SOCKET_UNLOCK(s);
>   return (error);
>  }
>
> @@ -171,11 +176,11 @@ solisten(struct socket *so, int backlog)
>   if (isspliced(so) || issplicedback(so))
>   return (EOPNOTSUPP);
>  #endif /* SOCKET_SPLICE */
> - s = splsoftnet();
> + SOCKET_LOCK(s);
>   error = (*so->so_proto->pr_usrreq)(so, PRU_LISTEN, NULL, NULL, NULL,
>   curproc);
>   if (error) {
> - splx(s);
> + SOCKET_UNLOCK(s);
>   return (error);
>   }
>   if (TAILQ_FIRST(>so_q) == NULL)
> @@ -185,14 +190,14 @@ solisten(struct socket *so, int backlog)
>   if (backlog < sominconn)
>   backlog = sominconn;
>   so->so_qlimit = backlog;
> - splx(s);
> + SOCKET_UNLOCK(s);
>   return (0);
>  }
>
>  void
>  sofree(struct socket *so)
>  {
> - splsoftassert(IPL_SOFTNET);
> + SOCKET_ASSERT_LOCKED();
>
>   if (so->so_pcb || (so->so_state & SS_NOFDREF) == 0)
>   return;
> @@ -232,7 +237,7 @@ soclose(struct socket *so)
>   struct socket *so2;
>   int s, error = 0;
>
> - s = splsoftnet();
> + SOCKET_LOCK(s);
>   if (so->so_options & SO_ACCEPTCONN) {
>   while ((so2 = TAILQ_FIRST(>so_q0)) != NULL) {
>   (void) soqremque(so2, 0);
> @@ -256,7 +261,7 @@ soclose(struct socket *so)
>   (so->so_state & SS_NBIO))
>   goto drop;
>   while (so->so_state & SS_ISCONNECTED) {
> - error = tsleep(>so_timeo,
> + error = rwsleep(>so_timeo, ,
>   PSOCK | PCATCH, "netcls",
>   so->so_linger * hz);
>

Kill ifa_ifwithnet()

2016-11-04 Thread Martin Pieuchot 
Rather than trying to keep this old routing table like function alive by
reimplementing rn_refines(), let's get rid of it.

ok?

Index: net/route.c
===
RCS file: /cvs/src/sys/net/route.c,v
retrieving revision 1.333
diff -u -p -r1.333 route.c
--- net/route.c 6 Oct 2016 19:09:08 -   1.333
+++ net/route.c 4 Nov 2016 10:51:55 -
@@ -550,11 +550,16 @@ rtredirect(struct sockaddr *dst, struct 
splsoftassert(IPL_SOFTNET);
 
/* verify the gateway is directly reachable */
-   if ((ifa = ifa_ifwithnet(gateway, rdomain)) == NULL) {
+   rt = rtalloc(gateway, 0, rdomain);
+   if (!rtisvalid(rt) || ISSET(rt->rt_flags, RTF_GATEWAY)) {
+   rtfree(rt);
error = ENETUNREACH;
goto out;
}
-   ifidx = ifa->ifa_ifp->if_index;
+   ifidx = rt->rt_ifidx;
+   rtfree(rt);
+   rt = NULL;
+
rt = rtable_lookup(rdomain, dst, NULL, NULL, RTP_ANY);
/*
 * If the redirect isn't from our current router for this dst,
Index: net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.456
diff -u -p -r1.456 if.c
--- net/if.c19 Oct 2016 02:05:49 -  1.456
+++ net/if.c4 Nov 2016 10:55:03 -
@@ -1282,47 +1282,6 @@ ifa_ifwithdstaddr(struct sockaddr *addr,
 }
 
 /*
- * Find an interface on a specific network.  If many, choice
- * is most specific found.
- */
-struct ifaddr *
-ifa_ifwithnet(struct sockaddr *sa, u_int rtableid)
-{
-   struct ifnet *ifp;
-   struct ifaddr *ifa, *ifa_maybe = NULL;
-   char *cplim, *addr_data = sa->sa_data;
-   u_int rdomain;
-
-   KERNEL_ASSERT_LOCKED();
-   rdomain = rtable_l2(rtableid);
-   TAILQ_FOREACH(ifp, , if_list) {
-   if (ifp->if_rdomain != rdomain)
-   continue;
-   TAILQ_FOREACH(ifa, >if_addrlist, ifa_list) {
-   char *cp, *cp2, *cp3;
-
-   if (ifa->ifa_addr->sa_family != sa->sa_family ||
-   ifa->ifa_netmask == 0)
-   next: continue;
-   cp = addr_data;
-   cp2 = ifa->ifa_addr->sa_data;
-   cp3 = ifa->ifa_netmask->sa_data;
-   cplim = (char *)ifa->ifa_netmask +
-   ifa->ifa_netmask->sa_len;
-   while (cp3 < cplim)
-   if ((*cp++ ^ *cp2++) & *cp3++)
-   /* want to continue for() loop */
-   goto next;
-   if (ifa_maybe == 0 ||
-   rn_refines((caddr_t)ifa->ifa_netmask,
-   (caddr_t)ifa_maybe->ifa_netmask))
-   ifa_maybe = ifa;
-   }
-   }
-   return (ifa_maybe);
-}
-
-/*
  * Find an interface address specific to an interface best matching
  * a given address.
  */
Index: net/if_var.h
===
RCS file: /cvs/src/sys/net/if_var.h,v
retrieving revision 1.75
diff -u -p -r1.75 if_var.h
--- net/if_var.h4 Sep 2016 15:46:39 -   1.75
+++ net/if_var.h4 Nov 2016 10:54:55 -
@@ -304,7 +304,6 @@ voidp2p_rtrequest(struct ifnet *, int, 
 
 struct ifaddr *ifa_ifwithaddr(struct sockaddr *, u_int);
 struct ifaddr *ifa_ifwithdstaddr(struct sockaddr *, u_int);
-struct ifaddr *ifa_ifwithnet(struct sockaddr *, u_int);
 struct ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *);
 void   ifafree(struct ifaddr *);
 
Index: netinet/ip_input.c
===
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.282
diff -u -p -r1.282 ip_input.c
--- netinet/ip_input.c  22 Sep 2016 10:12:25 -  1.282
+++ netinet/ip_input.c  4 Nov 2016 10:54:49 -
@@ -1117,37 +1117,19 @@ ip_dooptions(struct mbuf *m, struct ifne
ipaddr.sin_len = sizeof(ipaddr);
memcpy(_addr, cp + off,
sizeof(ipaddr.sin_addr));
-   if (opt == IPOPT_SSRR) {
-   if ((ia = ifatoia(ifa_ifwithdstaddr(
-   sintosa(),
-   m->m_pkthdr.ph_rtableid))) == NULL)
-   ia = ifatoia(ifa_ifwithnet(
-   sintosa(),
-   m->m_pkthdr.ph_rtableid));
-   if (ia == NULL) {
-   type = ICMP_UNREACH;
-   code = ICMP_UNREACH_SRCFAIL;
-   goto bad;
-   }
-   memcpy(cp +

Re: libcrypto: get rid of I386_ONLY

2016-11-04 Thread Brent Cook 
OK bcook@, looks fine for portable too.

> On Nov 4, 2016, at 11:02 AM, Tom Cosgrove 
>  wrote:
> 
 Miod Vallat 4-Nov-16 08:53 >>>
>> 
>> I386_ONLY was used to prefer a different assembler sequence in the
>> sha512 code, which would be faster on 80386 processors, but slower on
>> 80486 and above.
>> 
>> This code path has never been enabled, and there are actually no plans
>> to make libcrypto friendlier to genuine 80386 chips, so why bother
>> keeping this - it's only contributing to obfuscation.
> 
> ... not to mention that OpenBSD hasn't supported the 386 for a long time now
> 
> ok tom@
> 
>> Index: cryptlib.c
>> ===
>> RCS file: /cvs/src/lib/libcrypto/cryptlib.c,v
>> retrieving revision 1.37
>> diff -u -p -r1.37 cryptlib.c
>> --- cryptlib.c   13 Sep 2015 16:56:11 -  1.37
>> +++ cryptlib.c   4 Nov 2016 08:49:22 -
>> @@ -635,7 +635,7 @@ OPENSSL_cpu_caps(void)
>>  return *(uint64_t *)OPENSSL_ia32cap_P;
>> }
>> 
>> -#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && 
>> !defined(I386_ONLY)
>> +#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM)
>> #define OPENSSL_CPUID_SETUP
>> typedef unsigned long long IA32CAP;
>> void
>> Index: md32_common.h
>> ===
>> RCS file: /cvs/src/lib/libcrypto/md32_common.h,v
>> retrieving revision 1.21
>> diff -u -p -r1.21 md32_common.h
>> --- md32_common.h4 Sep 2016 14:31:29 -   1.21
>> +++ md32_common.h4 Nov 2016 08:49:22 -
>> @@ -152,8 +152,8 @@ static inline uint32_t ROTATE(uint32_t a
>> #if defined(DATA_ORDER_IS_BIG_ENDIAN)
>> 
>> #if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && 
>> !defined(OPENSSL_NO_INLINE_ASM)
>> -# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
>> -  (defined(__x86_64) || defined(__x86_64__))
>> +# if (defined(__i386) || defined(__i386__) || \
>> +  defined(__x86_64) || defined(__x86_64__))
>> /*
>>  * This gives ~30-40% performance improvement in SHA-256 compiled
>>  * with gcc [on P4]. Well, first macro to be frank. We can pull
>> Index: arch/alpha/opensslconf.h
>> ===
>> RCS file: /cvs/src/lib/libcrypto/arch/alpha/opensslconf.h,v
>> retrieving revision 1.7
>> diff -u -p -r1.7 opensslconf.h
>> --- arch/alpha/opensslconf.h 19 Jun 2015 06:05:11 -  1.7
>> +++ arch/alpha/opensslconf.h 4 Nov 2016 08:49:22 -
>> @@ -1,9 +1,6 @@
>> #include 
>> /* crypto/opensslconf.h.in */
>> 
>> -/* Generate 80386 code? */
>> -#undef I386_ONLY
>> -
>> #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>> #define OPENSSLDIR "/etc/ssl"
>> #endif
>> Index: arch/amd64/opensslconf.h
>> ===
>> RCS file: /cvs/src/lib/libcrypto/arch/amd64/opensslconf.h,v
>> retrieving revision 1.9
>> diff -u -p -r1.9 opensslconf.h
>> --- arch/amd64/opensslconf.h 19 Jun 2015 06:05:11 -  1.9
>> +++ arch/amd64/opensslconf.h 4 Nov 2016 08:49:22 -
>> @@ -1,9 +1,6 @@
>> #include 
>> /* crypto/opensslconf.h.in */
>> 
>> -/* Generate 80386 code? */
>> -#undef I386_ONLY
>> -
>> #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>> #define OPENSSLDIR "/etc/ssl"
>> #endif
>> Index: arch/arm/opensslconf.h
>> ===
>> RCS file: /cvs/src/lib/libcrypto/arch/arm/opensslconf.h,v
>> retrieving revision 1.7
>> diff -u -p -r1.7 opensslconf.h
>> --- arch/arm/opensslconf.h   19 Jun 2015 06:05:11 -  1.7
>> +++ arch/arm/opensslconf.h   4 Nov 2016 08:49:22 -
>> @@ -1,9 +1,6 @@
>> #include 
>> /* crypto/opensslconf.h.in */
>> 
>> -/* Generate 80386 code? */
>> -#undef I386_ONLY
>> -
>> #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>> #define OPENSSLDIR "/etc/ssl"
>> #endif
>> Index: arch/hppa/opensslconf.h
>> ===
>> RCS file: /cvs/src/lib/libcrypto/arch/hppa/opensslconf.h,v
>> retrieving revision 1.7
>> diff -u -p -r1.7 opensslconf.h
>> --- arch/hppa/opensslconf.h  19 Jun 2015 06:05:11 -  1.7
>> +++ arch/hppa/opensslconf.h  4 Nov 2016 08:49:22 -
>> @@ -1,9 +1,6 @@
>> #include 
>> /* crypto/opensslconf.h.in */
>> 
>> -/* Generate 80386 code? */
>> -#undef I386_ONLY
>> -
>> #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>> #define OPENSSLDIR "/etc/ssl"
>> #endif
>> Index: arch/i386/opensslconf.h
>> ===
>> RCS file: /cvs/src/lib/libcrypto/arch/i386/opensslconf.h,v
>> retrieving revision 1.7
>> diff -u -p -r1.7 opensslconf.h
>> --- arch/i386/opensslconf.h  19 Jun 2015 06:05:11 -  1.7
>> +++ arch/i386/opensslconf.h  4 Nov 2016 08:49:22 -
>> @@ -1,9 +1,6 @@
>> #include 
>> /* crypto/opensslconf.h.in */
>> 
>> -/* Generate 80386 code? */
>>

Re: The end of nd6_output()

2016-11-04 Thread Martin Pieuchot 
On 30/10/16(Sun) 02:02, Gregor Best wrote:
> Hi,
> 
> On Mon, Jun 06, 2016 at 07:16:20PM +0200, Martin Pieuchot wrote:
> > [...]
> > +   if (rt->rt_gateway->sa_family != AF_LINK) {
> > +   printf("%s: something odd happens\n", __func__);
> > +   m_freem(m);
> > +   return (EINVAL);
> > +   }
> > [...]
> 
> I noticed that since a week or two ago, this printfs gets triggered on
> my laptops and relatively quickly floods my dmesg. One is running a
> snapshot from two weeks ago, the other one runs a snapshot from about a
> month ago. On both, I have IPv6 routes that look like this:
> 
> Routing tables
> 
> Internet6:
> DestinationGatewayFlags   
> Refs  Use   Mtu  Prio Iface
[...]
> fd97:1c82:9447::/64fd97:1c82:9447::1  UCn
> 10 - 4 tap0 
> fd97:1c82:9447::   fd97:1c82:9447::   UHLc   
> 0 7408 - 4 tap0 
 ^^^

That's the problem.  The entry is flagged as RTF_LLINFO but contains an
IPv6 address.

Do you see any other errors in /log/messages?

Re: libcrypto: get rid of I386_ONLY

2016-11-04 Thread Tom Cosgrove 
>>> Miod Vallat 4-Nov-16 08:53 >>>
>
> I386_ONLY was used to prefer a different assembler sequence in the
> sha512 code, which would be faster on 80386 processors, but slower on
> 80486 and above.
>
> This code path has never been enabled, and there are actually no plans
> to make libcrypto friendlier to genuine 80386 chips, so why bother
> keeping this - it's only contributing to obfuscation.

... not to mention that OpenBSD hasn't supported the 386 for a long time now

ok tom@

> Index: cryptlib.c
> ===
> RCS file: /cvs/src/lib/libcrypto/cryptlib.c,v
> retrieving revision 1.37
> diff -u -p -r1.37 cryptlib.c
> --- cryptlib.c13 Sep 2015 16:56:11 -  1.37
> +++ cryptlib.c4 Nov 2016 08:49:22 -
> @@ -635,7 +635,7 @@ OPENSSL_cpu_caps(void)
>   return *(uint64_t *)OPENSSL_ia32cap_P;
>  }
>  
> -#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && 
> !defined(I386_ONLY)
> +#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM)
>  #define OPENSSL_CPUID_SETUP
>  typedef unsigned long long IA32CAP;
>  void
> Index: md32_common.h
> ===
> RCS file: /cvs/src/lib/libcrypto/md32_common.h,v
> retrieving revision 1.21
> diff -u -p -r1.21 md32_common.h
> --- md32_common.h 4 Sep 2016 14:31:29 -   1.21
> +++ md32_common.h 4 Nov 2016 08:49:22 -
> @@ -152,8 +152,8 @@ static inline uint32_t ROTATE(uint32_t a
>  #if defined(DATA_ORDER_IS_BIG_ENDIAN)
>  
>  #if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && 
> !defined(OPENSSL_NO_INLINE_ASM)
> -# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
> -  (defined(__x86_64) || defined(__x86_64__))
> +# if (defined(__i386) || defined(__i386__) || \
> +  defined(__x86_64) || defined(__x86_64__))
>  /*
>   * This gives ~30-40% performance improvement in SHA-256 compiled
>   * with gcc [on P4]. Well, first macro to be frank. We can pull
> Index: arch/alpha/opensslconf.h
> ===
> RCS file: /cvs/src/lib/libcrypto/arch/alpha/opensslconf.h,v
> retrieving revision 1.7
> diff -u -p -r1.7 opensslconf.h
> --- arch/alpha/opensslconf.h  19 Jun 2015 06:05:11 -  1.7
> +++ arch/alpha/opensslconf.h  4 Nov 2016 08:49:22 -
> @@ -1,9 +1,6 @@
>  #include 
>  /* crypto/opensslconf.h.in */
>  
> -/* Generate 80386 code? */
> -#undef I386_ONLY
> -
>  #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>  #define OPENSSLDIR "/etc/ssl"
>  #endif
> Index: arch/amd64/opensslconf.h
> ===
> RCS file: /cvs/src/lib/libcrypto/arch/amd64/opensslconf.h,v
> retrieving revision 1.9
> diff -u -p -r1.9 opensslconf.h
> --- arch/amd64/opensslconf.h  19 Jun 2015 06:05:11 -  1.9
> +++ arch/amd64/opensslconf.h  4 Nov 2016 08:49:22 -
> @@ -1,9 +1,6 @@
>  #include 
>  /* crypto/opensslconf.h.in */
>  
> -/* Generate 80386 code? */
> -#undef I386_ONLY
> -
>  #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>  #define OPENSSLDIR "/etc/ssl"
>  #endif
> Index: arch/arm/opensslconf.h
> ===
> RCS file: /cvs/src/lib/libcrypto/arch/arm/opensslconf.h,v
> retrieving revision 1.7
> diff -u -p -r1.7 opensslconf.h
> --- arch/arm/opensslconf.h19 Jun 2015 06:05:11 -  1.7
> +++ arch/arm/opensslconf.h4 Nov 2016 08:49:22 -
> @@ -1,9 +1,6 @@
>  #include 
>  /* crypto/opensslconf.h.in */
>  
> -/* Generate 80386 code? */
> -#undef I386_ONLY
> -
>  #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>  #define OPENSSLDIR "/etc/ssl"
>  #endif
> Index: arch/hppa/opensslconf.h
> ===
> RCS file: /cvs/src/lib/libcrypto/arch/hppa/opensslconf.h,v
> retrieving revision 1.7
> diff -u -p -r1.7 opensslconf.h
> --- arch/hppa/opensslconf.h   19 Jun 2015 06:05:11 -  1.7
> +++ arch/hppa/opensslconf.h   4 Nov 2016 08:49:22 -
> @@ -1,9 +1,6 @@
>  #include 
>  /* crypto/opensslconf.h.in */
>  
> -/* Generate 80386 code? */
> -#undef I386_ONLY
> -
>  #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>  #define OPENSSLDIR "/etc/ssl"
>  #endif
> Index: arch/i386/opensslconf.h
> ===
> RCS file: /cvs/src/lib/libcrypto/arch/i386/opensslconf.h,v
> retrieving revision 1.7
> diff -u -p -r1.7 opensslconf.h
> --- arch/i386/opensslconf.h   19 Jun 2015 06:05:11 -  1.7
> +++ arch/i386/opensslconf.h   4 Nov 2016 08:49:22 -
> @@ -1,9 +1,6 @@
>  #include 
>  /* crypto/opensslconf.h.in */
>  
> -/* Generate 80386 code? */
> -#undef I386_ONLY
> -
>  #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
>  #define OPENSSLDIR "/etc/ssl"
>  #endif
> Index: arch/m88k/opensslconf.h
>

Re: SOCKET_LOCK looking for testers

2016-11-04 Thread Martin Pieuchot 
On 03/11/16(Thu) 11:21, Martin Pieuchot wrote:
> Here's the next iteration of my diff introducing a rwlock to serialize
> the network input path with socket paths.  Changes are:
> 
>   - more timeout_set_proc() that should fix problems reported by
> Chris Jackman.
> 
>   - I introduced a set of macro to make it easier to audit existing
> splsoftnet().
> 
>   - It makes use of splassert_fail() if the lock is not held.
> 
> 
> My plan is to commit it, assuming it is stable enough, then fix the
> remaining issues in tree.  This includes:
> 
>   - Analyze and if needed fix the two code paths were we do an unlock/lock
> dance
> 
>   - Remove unneeded/recursive splsoftnet() dances.
> 
> Once that's done we should be able to remove the KERNEL_LOCK() from the
> input path.
> 
> So please test and report back.

Updated version that prevents a recursion in doaccept(), reported by Nils
Frohberg.

diff --git sys/kern/sys_socket.c sys/kern/sys_socket.c
index 7a90f78..a7be8a1 100644
--- sys/kern/sys_socket.c
+++ sys/kern/sys_socket.c
@@ -133,7 +133,7 @@ soo_poll(struct file *fp, int events, struct proc *p)
int revents = 0;
int s;
 
-   s = splsoftnet();
+   SOCKET_LOCK(s);
if (events & (POLLIN | POLLRDNORM)) {
if (soreadable(so))
revents |= events & (POLLIN | POLLRDNORM);
@@ -159,7 +159,7 @@ soo_poll(struct file *fp, int events, struct proc *p)
so->so_snd.sb_flagsintr |= SB_SEL;
}
}
-   splx(s);
+   SOCKET_UNLOCK(s);
return (revents);
 }
 
diff --git sys/kern/uipc_socket.c sys/kern/uipc_socket.c
index 9e8d05f..dd067b3 100644
--- sys/kern/uipc_socket.c
+++ sys/kern/uipc_socket.c
@@ -89,6 +89,11 @@ struct pool sosplice_pool;
 struct taskq *sosplice_taskq;
 #endif
 
+/*
+ * Serialize socket operations.
+ */
+struct rwlock socketlock = RWLOCK_INITIALIZER("socketlock");
+
 void
 soinit(void)
 {
@@ -123,7 +128,7 @@ socreate(int dom, struct socket **aso, int type, int proto)
return (EPROTONOSUPPORT);
if (prp->pr_type != type)
return (EPROTOTYPE);
-   s = splsoftnet();
+   SOCKET_LOCK(s);
so = pool_get(_pool, PR_WAITOK | PR_ZERO);
TAILQ_INIT(>so_q0);
TAILQ_INIT(>so_q);
@@ -141,10 +146,10 @@ socreate(int dom, struct socket **aso, int type, int 
proto)
if (error) {
so->so_state |= SS_NOFDREF;
sofree(so);
-   splx(s);
+   SOCKET_UNLOCK(s);
return (error);
}
-   splx(s);
+   SOCKET_UNLOCK(s);
*aso = so;
return (0);
 }
@@ -154,9 +159,9 @@ sobind(struct socket *so, struct mbuf *nam, struct proc *p)
 {
int s, error;
 
-   s = splsoftnet();
+   SOCKET_LOCK(s);
error = (*so->so_proto->pr_usrreq)(so, PRU_BIND, NULL, nam, NULL, p);
-   splx(s);
+   SOCKET_UNLOCK(s);
return (error);
 }
 
@@ -171,11 +176,11 @@ solisten(struct socket *so, int backlog)
if (isspliced(so) || issplicedback(so))
return (EOPNOTSUPP);
 #endif /* SOCKET_SPLICE */
-   s = splsoftnet();
+   SOCKET_LOCK(s);
error = (*so->so_proto->pr_usrreq)(so, PRU_LISTEN, NULL, NULL, NULL,
curproc);
if (error) {
-   splx(s);
+   SOCKET_UNLOCK(s);
return (error);
}
if (TAILQ_FIRST(>so_q) == NULL)
@@ -185,14 +190,14 @@ solisten(struct socket *so, int backlog)
if (backlog < sominconn)
backlog = sominconn;
so->so_qlimit = backlog;
-   splx(s);
+   SOCKET_UNLOCK(s);
return (0);
 }
 
 void
 sofree(struct socket *so)
 {
-   splsoftassert(IPL_SOFTNET);
+   SOCKET_ASSERT_LOCKED();
 
if (so->so_pcb || (so->so_state & SS_NOFDREF) == 0)
return;
@@ -232,7 +237,7 @@ soclose(struct socket *so)
struct socket *so2;
int s, error = 0;
 
-   s = splsoftnet();
+   SOCKET_LOCK(s);
if (so->so_options & SO_ACCEPTCONN) {
while ((so2 = TAILQ_FIRST(>so_q0)) != NULL) {
(void) soqremque(so2, 0);
@@ -256,7 +261,7 @@ soclose(struct socket *so)
(so->so_state & SS_NBIO))
goto drop;
while (so->so_state & SS_ISCONNECTED) {
-   error = tsleep(>so_timeo,
+   error = rwsleep(>so_timeo, ,
PSOCK | PCATCH, "netcls",
so->so_linger * hz);
if (error)
@@ -276,14 +281,14 @@ discard:
panic("soclose NOFDREF: so %p, so_type %d", so, so->so_type);
so->so_state |= SS_NOFDREF;
sofree(so);
-   splx(s);
+   SOCKET_UNLOCK(s);
return (error);
 }
 
 int
 soabort(struct socket *so)
 {
-   splsoftassert(IPL_SOFTNET);
+

libcrypto: get rid of I386_ONLY

2016-11-04 Thread Miod Vallat 
I386_ONLY was used to prefer a different assembler sequence in the
sha512 code, which would be faster on 80386 processors, but slower on
80486 and above.

This code path has never been enabled, and there are actually no plans
to make libcrypto friendlier to genuine 80386 chips, so why bother
keeping this - it's only contributing to obfuscation.

Index: cryptlib.c
===
RCS file: /cvs/src/lib/libcrypto/cryptlib.c,v
retrieving revision 1.37
diff -u -p -r1.37 cryptlib.c
--- cryptlib.c  13 Sep 2015 16:56:11 -  1.37
+++ cryptlib.c  4 Nov 2016 08:49:22 -
@@ -635,7 +635,7 @@ OPENSSL_cpu_caps(void)
return *(uint64_t *)OPENSSL_ia32cap_P;
 }
 
-#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM) && 
!defined(I386_ONLY)
+#if defined(OPENSSL_CPUID_OBJ) && !defined(OPENSSL_NO_ASM)
 #define OPENSSL_CPUID_SETUP
 typedef unsigned long long IA32CAP;
 void
Index: md32_common.h
===
RCS file: /cvs/src/lib/libcrypto/md32_common.h,v
retrieving revision 1.21
diff -u -p -r1.21 md32_common.h
--- md32_common.h   4 Sep 2016 14:31:29 -   1.21
+++ md32_common.h   4 Nov 2016 08:49:22 -
@@ -152,8 +152,8 @@ static inline uint32_t ROTATE(uint32_t a
 #if defined(DATA_ORDER_IS_BIG_ENDIAN)
 
 #if defined(__GNUC__) && __GNUC__>=2 && !defined(OPENSSL_NO_ASM) && 
!defined(OPENSSL_NO_INLINE_ASM)
-# if ((defined(__i386) || defined(__i386__)) && !defined(I386_ONLY)) || \
-  (defined(__x86_64) || defined(__x86_64__))
+# if (defined(__i386) || defined(__i386__) || \
+  defined(__x86_64) || defined(__x86_64__))
 /*
  * This gives ~30-40% performance improvement in SHA-256 compiled
  * with gcc [on P4]. Well, first macro to be frank. We can pull
Index: arch/alpha/opensslconf.h
===
RCS file: /cvs/src/lib/libcrypto/arch/alpha/opensslconf.h,v
retrieving revision 1.7
diff -u -p -r1.7 opensslconf.h
--- arch/alpha/opensslconf.h19 Jun 2015 06:05:11 -  1.7
+++ arch/alpha/opensslconf.h4 Nov 2016 08:49:22 -
@@ -1,9 +1,6 @@
 #include 
 /* crypto/opensslconf.h.in */
 
-/* Generate 80386 code? */
-#undef I386_ONLY
-
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define OPENSSLDIR "/etc/ssl"
 #endif
Index: arch/amd64/opensslconf.h
===
RCS file: /cvs/src/lib/libcrypto/arch/amd64/opensslconf.h,v
retrieving revision 1.9
diff -u -p -r1.9 opensslconf.h
--- arch/amd64/opensslconf.h19 Jun 2015 06:05:11 -  1.9
+++ arch/amd64/opensslconf.h4 Nov 2016 08:49:22 -
@@ -1,9 +1,6 @@
 #include 
 /* crypto/opensslconf.h.in */
 
-/* Generate 80386 code? */
-#undef I386_ONLY
-
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define OPENSSLDIR "/etc/ssl"
 #endif
Index: arch/arm/opensslconf.h
===
RCS file: /cvs/src/lib/libcrypto/arch/arm/opensslconf.h,v
retrieving revision 1.7
diff -u -p -r1.7 opensslconf.h
--- arch/arm/opensslconf.h  19 Jun 2015 06:05:11 -  1.7
+++ arch/arm/opensslconf.h  4 Nov 2016 08:49:22 -
@@ -1,9 +1,6 @@
 #include 
 /* crypto/opensslconf.h.in */
 
-/* Generate 80386 code? */
-#undef I386_ONLY
-
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define OPENSSLDIR "/etc/ssl"
 #endif
Index: arch/hppa/opensslconf.h
===
RCS file: /cvs/src/lib/libcrypto/arch/hppa/opensslconf.h,v
retrieving revision 1.7
diff -u -p -r1.7 opensslconf.h
--- arch/hppa/opensslconf.h 19 Jun 2015 06:05:11 -  1.7
+++ arch/hppa/opensslconf.h 4 Nov 2016 08:49:22 -
@@ -1,9 +1,6 @@
 #include 
 /* crypto/opensslconf.h.in */
 
-/* Generate 80386 code? */
-#undef I386_ONLY
-
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define OPENSSLDIR "/etc/ssl"
 #endif
Index: arch/i386/opensslconf.h
===
RCS file: /cvs/src/lib/libcrypto/arch/i386/opensslconf.h,v
retrieving revision 1.7
diff -u -p -r1.7 opensslconf.h
--- arch/i386/opensslconf.h 19 Jun 2015 06:05:11 -  1.7
+++ arch/i386/opensslconf.h 4 Nov 2016 08:49:22 -
@@ -1,9 +1,6 @@
 #include 
 /* crypto/opensslconf.h.in */
 
-/* Generate 80386 code? */
-#undef I386_ONLY
-
 #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR)
 #define OPENSSLDIR "/etc/ssl"
 #endif
Index: arch/m88k/opensslconf.h
===
RCS file: /cvs/src/lib/libcrypto/arch/m88k/opensslconf.h,v
retrieving revision 1.7
diff -u -p -r1.7 opensslconf.h
--- arch/m88k/opensslconf.h 19 Jun 2015 06:05:11 -  1.7
+++ arch/m88k/opensslconf.h 4 Nov 2016 08:49:22 -
@@ -1,9 +1,6 @@
 #include 
 /* crypto/opensslconf.h.in */
 
-/* Generate 80386 code? */
-#undef I386_ONLY
-
 #if

obsolete bits in libcrypto Makefile

2016-11-04 Thread Miod Vallat 
libcrypto no longer needs to use internal headers from libssl; and no
longer checks for TERMIOS being defined.

Index: Makefile
===
RCS file: /cvs/src/lib/libcrypto/Makefile,v
retrieving revision 1.8
diff -u -p -r1.8 Makefile
--- Makefile16 Oct 2016 19:28:44 -  1.8
+++ Makefile4 Nov 2016 08:40:33 -
@@ -7,7 +7,6 @@ PC_FILES=libcrypto.pc
 
 CLEANFILES=${PC_FILES}
 
-SSL_SRC=   ${.CURDIR}/../libssl
 LCRYPTO_SRC=   ${.CURDIR}
 
 CFLAGS+= -Wall -Wundef -Werror
@@ -18,11 +17,9 @@ CFLAGS+= -DDSO_DLFCN -DHAVE_DLFCN_H -DHA
 .endif
 
 CFLAGS+= -DLIBRESSL_INTERNAL
-CFLAGS+= -DTERMIOS
 # Hardware engines
 CFLAGS+= -DOPENSSL_NO_HW_PADLOCK # XXX enable this?
 
-CFLAGS+= -I${SSL_SRC}
 CFLAGS+= -I${LCRYPTO_SRC}
 CFLAGS+= -I${LCRYPTO_SRC}/modes -I${LCRYPTO_SRC}/asn1 -I${LCRYPTO_SRC}/evp