Re: BFD: route get and route monitor
On Thu, Jan 19, 2017 at 06:26:25AM +0100, Peter Hessler wrote: > On 2016 Dec 17 (Sat) at 14:05:40 +0100 (+0100), Peter Hessler wrote: > :On 2016 Sep 30 (Fri) at 10:16:19 +0200 (+0200), Peter Hessler wrote: > ::This diff makes route get and route monitor work. sockaddr_bfd is so we > ::can play like the other RTAX_* indexes in rti_info of route messages. > :: > > In route(8), only say "up" or "down" for the state of BFD. use -v or > -bfd to get details that only matter to debug BFD. > > $ route -n get 203.0.113.9 >route to: 203.0.113.9 > destination: 203.0.113.9 >mask: 255.255.255.255 > interface: em1 > if address: 203.0.113.1 >priority: 3 () > flags:> BFD: up > use mtuexpire > 1402 0 922 > sockaddrs: > > I also fixed a number of things that mpi@ noticed. > You need to restructure sockaddr_bfd to be a) a power of 2 and b) so layed out that there is no implicit padding on any arch. For example the 64bit time_t values need to start on a 8byte offset. Abusing sockaddrs for something that is only used on the routing socket feels a but wrong but that is a different thing to fix. > +struct sockaddr_bfd { > + uint8_t bs_len; /* total length */ > + sa_family_t bs_family; /* address family */ > + /* above matches sockaddr_storage */ > + > + uint16_tbs_mode; > + uint32_tbs_mintx; > + uint32_tbs_minrx; > + uint32_tbs_minecho; > + uint16_tbs_multiplier; > + > + time_t bs_uptime; > + time_t bs_lastuptime; > + int bs_state; > + int bs_remotestate; > + int bs_laststate; > + int bs_error; > + > + uint32_tbs_localdiscr; > + uint32_tbs_localdiag; > + uint32_tbs_remotediscr; > + uint32_tbs_remotediag; > +}; > + -- :wq Claudio
Re: BFD: route get and route monitor
On 2016 Dec 17 (Sat) at 14:05:40 +0100 (+0100), Peter Hessler wrote: :On 2016 Sep 30 (Fri) at 10:16:19 +0200 (+0200), Peter Hessler wrote: ::This diff makes route get and route monitor work. sockaddr_bfd is so we ::can play like the other RTAX_* indexes in rti_info of route messages. :: In route(8), only say "up" or "down" for the state of BFD. use -v or -bfd to get details that only matter to debug BFD. $ route -n get 203.0.113.9 route to: 203.0.113.9 destination: 203.0.113.9 mask: 255.255.255.255 interface: em1 if address: 203.0.113.1 priority: 3 () flags:BFD: up use mtuexpire 1402 0 922 sockaddrs: I also fixed a number of things that mpi@ noticed. Index: sbin/route/Makefile === RCS file: /cvs/openbsd/src/sbin/route/Makefile,v retrieving revision 1.13 diff -u -p -u -p -r1.13 Makefile --- sbin/route/Makefile 19 Jul 2013 14:41:46 - 1.13 +++ sbin/route/Makefile 17 Dec 2016 12:47:35 - @@ -4,7 +4,7 @@ PROG= route MAN= route.8 SRCS= route.c show.c -CFLAGS+= -Wall +CFLAGS+= -Wall -DBFD route.o .depend lint tags: keywords.h Index: sbin/route/route.c === RCS file: /cvs/openbsd/src/sbin/route/route.c,v retrieving revision 1.194 diff -u -p -u -p -r1.194 route.c --- sbin/route/route.c 17 Jan 2017 19:05:47 - 1.194 +++ sbin/route/route.c 19 Jan 2017 03:39:55 - @@ -100,6 +100,7 @@ const char *bfd_state(unsigned int); const char *bfd_diag(unsigned int); const char *bfd_calc_uptime(time_t); voidprint_bfdmsg(struct rt_msghdr *); +voidprint_sabfd(struct sockaddr_bfd *, int); #endif const char *get_linkstate(int, int); voidprint_rtmsg(struct rt_msghdr *, int); @@ -1444,6 +1445,9 @@ print_getmsg(struct rt_msghdr *rtm, int struct sockaddr *dst = NULL, *gate = NULL, *mask = NULL, *ifa = NULL; struct sockaddr_dl *ifp = NULL; struct sockaddr_rtlabel *sa_rl = NULL; +#ifdef BFD + struct sockaddr_bfd *sa_bfd = NULL; +#endif struct sockaddr *mpls = NULL; struct sockaddr *sa; char *cp; @@ -1492,6 +1496,11 @@ print_getmsg(struct rt_msghdr *rtm, int case RTA_LABEL: sa_rl = (struct sockaddr_rtlabel *)sa; break; +#ifdef BFD + case RTA_BFD: + sa_bfd = (struct sockaddr_bfd *)sa; + break; +#endif } ADVANCE(cp, sa); } @@ -1524,6 +1533,10 @@ print_getmsg(struct rt_msghdr *rtm, int printf("\n"); if (sa_rl != NULL) printf(" label: %s\n", sa_rl->sr_label); +#ifdef BFD + if (sa_bfd) + print_sabfd(sa_bfd, rtm->rtm_fmask); +#endif #define lock(f)((rtm->rtm_rmx.rmx_locks & __CONCAT(RTV_,f)) ? 'L' : ' ') relative_expire = rtm->rtm_rmx.rmx_expire ? @@ -1626,40 +1639,61 @@ void print_bfdmsg(struct rt_msghdr *rtm) { struct bfd_msghdr *bfdm = (struct bfd_msghdr *)rtm; + + printf("\n"); + print_sabfd(>bm_sa, rtm->rtm_fmask); + pmsg_addrs(((char *)rtm + rtm->rtm_hdrlen), rtm->rtm_addrs); +} + +void +print_sabfd(struct sockaddr_bfd *sa_bfd, int fmask) +{ struct timeval tv; gettimeofday(, NULL); - printf(" mode "); - switch (bfdm->bm_mode) { + printf("BFD:"); + + /* only show the state, unless verbose or -bfd */ + if (!verbose && ((fmask & RTF_BFD) != RTF_BFD)) { + printf(" %s\n", bfd_state(sa_bfd->bs_state)); + return; + } + + switch (sa_bfd->bs_mode) { case BFD_MODE_ASYNC: - printf("async"); + printf(" async"); break; case BFD_MODE_DEMAND: - printf("demand"); + printf(" demand"); break; default: - printf("unknown %u", bfdm->bm_mode); + printf(" unknown %u", sa_bfd->bs_mode); break; } - printf(" state %s", bfd_state(bfdm->bm_state)); - printf(" remotestate %s", bfd_state(bfdm->bm_remotestate)); - printf(" laststate %s", bfd_state(bfdm->bm_laststate)); - - printf(" error %d", bfdm->bm_error); - printf(" localdiscr %u", bfdm->bm_localdiscr); - printf(" remotediscr %u", bfdm->bm_remotediscr); - printf(" localdiag %s", bfd_diag(bfdm->bm_localdiag)); - printf(" remotediag %s", bfd_diag(bfdm->bm_remotediag)); - printf(" uptime %s", bfd_calc_uptime(tv.tv_sec - bfdm->bm_uptime)); - printf(" lastuptime %s", bfd_calc_uptime(bfdm->bm_lastuptime)); - -
Re: NET_LOCK() pr_sysctl
On 16/01/17(Mon) 23:53, Alexander Bluhm wrote: > On Mon, Jan 16, 2017 at 08:34:43PM +0100, Alexander Bluhm wrote: > > If I implement the same trick for newp, I can avoid the "netlock > > locking against myself" with sysctl on memory mapped files over > > NFS. Of course other copyin/copyout paths like pf(4) ioctl(2) still > > have to be checked. IPsec pfkey seem to use the sysctl mechanism. > > Hrvoje Popovski has tested the diff and found some ugly > pmap_unwire: wiring for pmap 0xff00075f5210 va 0x7f7d5000 didn't > change! > kernel printfs. The happens when sysctl(8) writes a value. > > If oldp and newp are in the same page, I have called uvm_vsunlock() > twice on the same address. I have added a simple check that does > not cover complicated overlappings but catches the common case. > > Also I think PROT_READ for the newp should be enough. > Does anybody know, why the oldp is mapped PROT_READ | PROT_WRITE? > Is PROT_WRITE not sufficient? I don't think this is the way to go. I'd prefer a solution that work for the other code paths as well.
netinet/ipsec* vs splsoftnet()
We can remove these splsoftnet()/splx() dances because: - pr_ctlinput* are now always called at IPL_SOFTNET - ipsec_adjust_mtu() is only called in ip_output() so at the correct IPL. ok? Index: netinet/ipsec_input.c === RCS file: /cvs/src/sys/netinet/ipsec_input.c,v retrieving revision 1.136 diff -u -p -r1.136 ipsec_input.c --- netinet/ipsec_input.c 2 Sep 2016 09:39:32 - 1.136 +++ netinet/ipsec_input.c 19 Jan 2017 03:59:37 - @@ -817,7 +817,6 @@ ipsec_common_ctlinput(u_int rdomain, int void *v, int proto) { struct ip *ip = v; - int s; if (cmd == PRC_MSGSIZE && ip && ip_mtudisc && ip->ip_v == 4) { struct tdb *tdbp; @@ -846,21 +845,16 @@ ipsec_common_ctlinput(u_int rdomain, int bcopy((caddr_t)ip + hlen, , sizeof(u_int32_t)); - s = splsoftnet(); tdbp = gettdb(rdomain, spi, (union sockaddr_union *), proto); - if (tdbp == NULL || tdbp->tdb_flags & TDBF_INVALID) { - splx(s); + if (tdbp == NULL || tdbp->tdb_flags & TDBF_INVALID) return (NULL); - } /* Walk the chain backwards to the first tdb */ for (; tdbp; tdbp = tdbp->tdb_inext) { if (tdbp->tdb_flags & TDBF_INVALID || - (adjust = ipsec_hdrsz(tdbp)) == -1) { - splx(s); + (adjust = ipsec_hdrsz(tdbp)) == -1) return (NULL); - } mtu -= adjust; @@ -873,8 +867,6 @@ ipsec_common_ctlinput(u_int rdomain, int ntohl(tdbp->tdb_spi), tdbp->tdb_mtu, adjust)); } - splx(s); - return (NULL); } return (NULL); } @@ -890,7 +882,8 @@ udpencap_ctlinput(int cmd, struct sockad ssize_t adjust; struct sockaddr_in dst, src; union sockaddr_union *su_dst, *su_src; - int s; + + splsoftassert(IPL_SOFTNET); icp = (struct icmp *)((caddr_t) ip - offsetof(struct icmp, icmp_ip)); mtu = ntohs(icp->icmp_nextmtu); @@ -913,7 +906,6 @@ udpencap_ctlinput(int cmd, struct sockad src.sin_addr.s_addr = ip->ip_src.s_addr; su_src = (union sockaddr_union *) - s = splsoftnet(); tdbp = gettdbbysrcdst(rdomain, 0, su_src, su_dst, IPPROTO_ESP); for (; tdbp != NULL; tdbp = tdbp->tdb_snext) { @@ -934,7 +926,6 @@ udpencap_ctlinput(int cmd, struct sockad } } } - splx(s); return (NULL); } Index: netinet/ipsec_output.c === RCS file: /cvs/src/sys/netinet/ipsec_output.c,v retrieving revision 1.64 diff -u -p -r1.64 ipsec_output.c --- netinet/ipsec_output.c 11 Oct 2016 22:08:01 - 1.64 +++ netinet/ipsec_output.c 19 Jan 2017 03:57:56 - @@ -567,9 +567,8 @@ ipsec_adjust_mtu(struct mbuf *m, u_int32 struct tdb *tdbp; struct m_tag *mtag; ssize_t adjust; - int s; - s = splsoftnet(); + splsoftassert(IPL_SOFTNET); for (mtag = m_tag_find(m, PACKET_TAG_IPSEC_OUT_DONE, NULL); mtag; mtag = m_tag_find(m, PACKET_TAG_IPSEC_OUT_DONE, mtag)) { @@ -590,6 +589,4 @@ ipsec_adjust_mtu(struct mbuf *m, u_int32 ntohl(tdbp->tdb_spi), tdbp->tdb_mtu, adjust, m)); } - - splx(s); }
pfsync(4) vs splsoftnet()
pfsync_update_net_tdb() is only called by pfsync_input() which already runs at IPL_SOFTNET. So trade the spl dance for an assert, ok? Index: net/if_pfsync.c === RCS file: /cvs/src/sys/net/if_pfsync.c,v retrieving revision 1.239 diff -u -p -r1.239 if_pfsync.c --- net/if_pfsync.c 19 Dec 2016 15:46:28 - 1.239 +++ net/if_pfsync.c 19 Jan 2017 03:52:57 - @@ -1164,7 +1164,8 @@ void pfsync_update_net_tdb(struct pfsync_tdb *pt) { struct tdb *tdb; - int s; + + splsoftassert(IPL_SOFTNET); /* check for invalid values */ if (ntohl(pt->spi) <= SPI_RESERVED_MAX || @@ -1172,7 +1173,6 @@ pfsync_update_net_tdb(struct pfsync_tdb pt->dst.sa.sa_family != AF_INET6)) goto bad; - s = splsoftnet(); tdb = gettdb(ntohs(pt->rdomain), pt->spi, (union sockaddr_union *)>dst, pt->sproto); if (tdb) { @@ -1182,14 +1182,12 @@ pfsync_update_net_tdb(struct pfsync_tdb /* Neither replay nor byte counter should ever decrease. */ if (pt->rpl < tdb->tdb_rpl || pt->cur_bytes < tdb->tdb_cur_bytes) { - splx(s); goto bad; } tdb->tdb_rpl = pt->rpl; tdb->tdb_cur_bytes = pt->cur_bytes; } - splx(s); return; bad:
Re: [patch] fake pv drivers installation on xen
I use Xenserver 7.0 with xencenter management console. without it doesn't allow shutdown or reboot. Anyway I'll try with hostctl. Thanks. 2017-01-18 21:53 GMT+03:00 Mike Belopuhov: > On Wed, Jan 18, 2017 at 21:23 +0300, Dinar Talypov wrote: > > +void > > +xen_inform_host(struct xen_softc *sc) > > +{ > > + char *os_name; > > + > > + /* Fake PV drivers version */ > > + xs_setnum(sc, "attr/PVAddons", "MajorVersion", 6); > > + xs_setnum(sc, "attr/PVAddons", "MinorVersion", 2); > > + xs_setnum(sc, "attr/PVAddons", "MicroVersion", 0); > > + xs_setnum(sc, "attr/PVAddons", "BuildVersion", 76888); > > + xs_setnum(sc, "attr/PVAddons", "Installed", 1); > > + > > + /* Set OS version */ > > + snprintf(os_name, sizeof((char *)ostype) + sizeof((char > *)osrelease), > > + "%s %s", ostype, osrelease); > > and btw, here you're corrupting kernel memory since os_name is > an uninitialized pointer :-) >
Re: [patch] fake pv drivers installation on xen
On Wed, Jan 18, 2017 at 21:23 +0300, Dinar Talypov wrote: > +void > +xen_inform_host(struct xen_softc *sc) > +{ > + char *os_name; > + > + /* Fake PV drivers version */ > + xs_setnum(sc, "attr/PVAddons", "MajorVersion", 6); > + xs_setnum(sc, "attr/PVAddons", "MinorVersion", 2); > + xs_setnum(sc, "attr/PVAddons", "MicroVersion", 0); > + xs_setnum(sc, "attr/PVAddons", "BuildVersion", 76888); > + xs_setnum(sc, "attr/PVAddons", "Installed", 1); > + > + /* Set OS version */ > + snprintf(os_name, sizeof((char *)ostype) + sizeof((char *)osrelease), > + "%s %s", ostype, osrelease); and btw, here you're corrupting kernel memory since os_name is an uninitialized pointer :-)
Re: [patch] fake pv drivers installation on xen
On Wed, Jan 18, 2017 at 21:23 +0300, Dinar Talypov wrote: > > Hi, > Privet, Dinar! > The patch below fakes pv drivers installation. > Version numbers are taken from FreeBSD sysutils/xe-guest-utilities. > With this xen allows reboot or shutdown OpenBSD guest. > Which Xen version or what environment requires such properties? Neither plain Xen 4.5+ on Ubuntu nor EC2 version have the "attr" subtree and you can reboot and/or shutdown OpenBSD guests there without any issues (for instance via xl on Ubuntu). > Index: sys/dev/pv/xen.c > === > RCS file: /cvs/src/sys/dev/pv/xen.c,v > retrieving revision 1.71 > diff -u -p -u -r1.71 xen.c > --- sys/dev/pv/xen.c 10 Jan 2017 17:16:39 - 1.71 > +++ sys/dev/pv/xen.c 18 Jan 2017 18:05:27 - > @@ -35,6 +35,7 @@ > #include > #include > #include > +#include > #include > #include > #include > @@ -75,6 +76,7 @@ voidxen_disable_emulated_devices(struct > int xen_match(struct device *, void *, void *); > void xen_attach(struct device *, struct device *, void *); > void xen_deferred(struct device *); > +void xen_inform_host(struct xen_softc *); > void xen_control(void *); > void xen_hotplug(void *); > void xen_resume(struct device *); > @@ -194,6 +196,29 @@ xen_deferred(struct device *self) > xen_control, sc)) > printf("%s: failed to setup shutdown control watch\n", > sc->sc_dev.dv_xname); > + xen_inform_host(sc); > +} > +void > +xen_inform_host(struct xen_softc *sc) > +{ > + char *os_name; > + > + /* Fake PV drivers version */ > + xs_setnum(sc, "attr/PVAddons", "MajorVersion", 6); > + xs_setnum(sc, "attr/PVAddons", "MinorVersion", 2); > + xs_setnum(sc, "attr/PVAddons", "MicroVersion", 0); > + xs_setnum(sc, "attr/PVAddons", "BuildVersion", 76888); Where did you get this build version number from? It looks rather arbitrary. > + xs_setnum(sc, "attr/PVAddons", "Installed", 1); > + > + /* Set OS version */ > + snprintf(os_name, sizeof((char *)ostype) + sizeof((char *)osrelease), > + "%s %s", ostype, osrelease); > + xs_setprop(sc, "data", "os_name", (char *)os_name, strlen(os_name)); > + xs_setprop(sc, "data", "os_uname", (char *)osrelease, > strlen(osrelease)); > + xs_setprop(sc, "data", "os_distro", (char *)ostype, strlen(ostype)); > + > + /* Update xenstore */ > + xs_setnum(sc, "data", "updated", 1); > } > > void > In any case you can set these values yourself with hostctl(8), i.e. 'hostctl attr/PVAddons/BuildVersion 123456'. There should be no need to do that from the kernel.
[patch] fake pv drivers installation on xen
Hi, The patch below fakes pv drivers installation. Version numbers are taken from FreeBSD sysutils/xe-guest-utilities. With this xen allows reboot or shutdown OpenBSD guest. Index: sys/dev/pv/xen.c === RCS file: /cvs/src/sys/dev/pv/xen.c,v retrieving revision 1.71 diff -u -p -u -r1.71 xen.c --- sys/dev/pv/xen.c10 Jan 2017 17:16:39 - 1.71 +++ sys/dev/pv/xen.c18 Jan 2017 18:05:27 - @@ -35,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -75,6 +76,7 @@ void xen_disable_emulated_devices(struct intxen_match(struct device *, void *, void *); void xen_attach(struct device *, struct device *, void *); void xen_deferred(struct device *); +void xen_inform_host(struct xen_softc *); void xen_control(void *); void xen_hotplug(void *); void xen_resume(struct device *); @@ -194,6 +196,29 @@ xen_deferred(struct device *self) xen_control, sc)) printf("%s: failed to setup shutdown control watch\n", sc->sc_dev.dv_xname); + xen_inform_host(sc); +} +void +xen_inform_host(struct xen_softc *sc) +{ + char *os_name; + + /* Fake PV drivers version */ + xs_setnum(sc, "attr/PVAddons", "MajorVersion", 6); + xs_setnum(sc, "attr/PVAddons", "MinorVersion", 2); + xs_setnum(sc, "attr/PVAddons", "MicroVersion", 0); + xs_setnum(sc, "attr/PVAddons", "BuildVersion", 76888); + xs_setnum(sc, "attr/PVAddons", "Installed", 1); + + /* Set OS version */ + snprintf(os_name, sizeof((char *)ostype) + sizeof((char *)osrelease), + "%s %s", ostype, osrelease); + xs_setprop(sc, "data", "os_name", (char *)os_name, strlen(os_name)); + xs_setprop(sc, "data", "os_uname", (char *)osrelease, strlen(osrelease)); + xs_setprop(sc, "data", "os_distro", (char *)ostype, strlen(ostype)); + + /* Update xenstore */ + xs_setnum(sc, "data", "updated", 1); } void
IPv6 Atomic Fragments Considered Harmful
Hi, There is a new RFC 8021 "IPv6 Atomic Fragments Considered Harmful". Someone has even created CVE-2016-10142 because of it. I don't think that the constructed attacks are a big issue and I think that similar attacks are still possible. We prevent atomic fragments for MTU < 1280 now. But the same attacks can be done for MTU >= 1280. Then real fragments get dropped by misbehaving routers. It does get better for TCP as fragments are not generated anymore. Anyway, this RFC allows to remove some code, so it is good. ok? bluhm Index: netinet6/icmp6.c === RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/icmp6.c,v retrieving revision 1.195 diff -u -p -r1.195 icmp6.c --- netinet6/icmp6.c19 Dec 2016 08:36:50 - 1.195 +++ netinet6/icmp6.c18 Jan 2017 15:51:28 - @@ -981,11 +981,7 @@ icmp6_mtudisc_update(struct ip6ctlparam struct rtentry *rt = NULL; struct sockaddr_in6 sin6; - /* -* The MTU may not be less then the minimal IPv6 MTU except for the -* hack in ip6_output/ip6_setpmtu where we always include a frag header. -*/ - if (mtu < IPV6_MMTU - sizeof(struct ip6_frag)) + if (mtu < IPV6_MMTU) return; /* Index: netinet6/ip6_output.c === RCS file: /data/mirror/openbsd/cvs/src/sys/netinet6/ip6_output.c,v retrieving revision 1.220 diff -u -p -r1.220 ip6_output.c --- netinet6/ip6_output.c 10 Jan 2017 09:04:19 - 1.220 +++ netinet6/ip6_output.c 18 Jan 2017 14:06:30 - @@ -126,7 +126,7 @@ int ip6_insertfraghdr(struct mbuf *, str struct ip6_frag **); int ip6_insert_jumboopt(struct ip6_exthdrs *, u_int32_t); int ip6_splithdr(struct mbuf *, struct ip6_exthdrs *); -int ip6_getpmtu(struct rtentry *, struct ifnet *, u_long *, int *); +int ip6_getpmtu(struct rtentry *, struct ifnet *, u_long *); int copypktopts(struct ip6_pktopts *, struct ip6_pktopts *, int); static __inline u_int16_t __attribute__((__unused__)) in6_cksum_phdr(const struct in6_addr *, const struct in6_addr *, @@ -160,7 +160,7 @@ ip6_output(struct mbuf *m0, struct ip6_p struct sockaddr_in6 *dst, dstsock; int error = 0; u_long mtu; - int alwaysfrag, dontfrag; + int dontfrag; u_int16_t src_scope, dst_scope; u_int32_t optlen = 0, plen = 0, unfragpartlen = 0; struct ip6_exthdrs exthdrs; @@ -555,7 +555,7 @@ reroute: } /* Determine path MTU. */ - if ((error = ip6_getpmtu(ro_pmtu->ro_rt, ifp, , )) != 0) + if ((error = ip6_getpmtu(ro_pmtu->ro_rt, ifp, )) != 0) goto bad; /* @@ -654,19 +654,13 @@ reroute: * If necessary, do IPv6 fragmentation before sending. * * the logic here is rather complex: -* 1: normal case (dontfrag == 0, alwaysfrag == 0) +* 1: normal case (dontfrag == 0) * 1-a: send as is if tlen <= path mtu * 1-b: fragment if tlen > path mtu * * 2: if user asks us not to fragment (dontfrag == 1) * 2-a: send as is if tlen <= interface mtu * 2-b: error if tlen > interface mtu -* -* 3: if we always need to attach fragment header (alwaysfrag == 1) -* always fragment -* -* 4: if dontfrag == 1 && alwaysfrag == 1 -* error, as we cannot handle this conflicting request */ tlen = m->m_pkthdr.len; @@ -674,11 +668,6 @@ reroute: dontfrag = 1; else dontfrag = 0; - if (dontfrag && alwaysfrag) { /* case 4 */ - /* conflicting request - can't transmit */ - error = EMSGSIZE; - goto bad; - } if (dontfrag && tlen > ifp->if_mtu) { /* case 2-b */ error = EMSGSIZE; goto bad; @@ -687,13 +676,13 @@ reroute: /* * transmit packet without fragmentation */ - if (dontfrag || (!alwaysfrag && tlen <= mtu)) { /* case 1-a and 2-a */ + if (dontfrag || (tlen <= mtu)) {/* case 1-a and 2-a */ error = ifp->if_output(ifp, m, sin6tosa(dst), ro->ro_rt); goto done; } /* -* try to fragment the packet. case 1-b and 3 +* try to fragment the packet. case 1-b */ if (mtu < IPV6_MMTU) { /* path MTU cannot be less than IPV6_MMTU */ @@ -1021,11 +1010,9 @@ ip6_insertfraghdr(struct mbuf *m0, struc } int -ip6_getpmtu(struct rtentry *rt, struct ifnet *ifp, u_long *mtup, -int *alwaysfragp) +ip6_getpmtu(struct rtentry *rt, struct ifnet *ifp, u_long *mtup) { u_int32_t mtu = 0; - int alwaysfrag = 0; int error = 0; if (rt != NULL) { @@ -1033,15 +1020,7 @@ ip6_getpmtu(struct rtentry *rt, struct i if (mtu == 0)
Enable building wsfontload on Loongson
Hi tech@, Here is a diff to enable building wsfontload on Loongson. Builds and works correctly, allowing loading and using custom fonts. Comments? OK? Index: distrib/sets/lists/base/md.loongson === RCS file: /cvs/src/distrib/sets/lists/base/md.loongson,v retrieving revision 1.433 diff -u -p -r1.433 md.loongson --- distrib/sets/lists/base/md.loongson 9 Nov 2016 16:24:17 - 1.433 +++ distrib/sets/lists/base/md.loongson 18 Jan 2017 11:55:56 - @@ -452,4 +452,5 @@ ./usr/sbin/hotplugd ./usr/sbin/pcidump ./usr/sbin/wsconscfg +./usr/sbin/wsfontload ./usr/sbin/zzz Index: usr.sbin/wsfontload/Makefile === RCS file: /cvs/src/usr.sbin/wsfontload/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- usr.sbin/wsfontload/Makefile3 Sep 2016 13:37:46 - 1.15 +++ usr.sbin/wsfontload/Makefile18 Jan 2017 11:55:57 - @@ -1,7 +1,8 @@ # $OpenBSD: Makefile,v 1.15 2016/09/03 13:37:46 guenther Exp $ .if ${MACHINE} == "i386" || ${MACHINE} == "amd64" || \ -${MACHINE} == "alpha" || ${MACHINE} == "hppa" +${MACHINE} == "alpha" || ${MACHINE} == "hppa" || \ +${MACHINE} == "loongson" PROG= wsfontload SRCS= wsfontload.c
Re: 11n support for athn(4)
On Wed, Jan 18, 2017 at 09:19:28AM +0100, Uwe Werler wrote: > On 16. Jan 17:46:48, Uwe Werler wrote: > > > > Unfortunately the throughput is very low, only ~7 MBit. With mode 11g I get > > ~16 MBit. > > > > > > zarathustra:~# tcpbench apu01 > > elapsed_ms bytes mbps bwidth > > 1004 7482725.962 100.00% > > Conn: 1 Mbps:5.962 Peak Mbps:5.962 Avg Mbps:5.962 > > 2007 8396646.697 100.00% > > Conn: 1 Mbps:6.697 Peak Mbps:6.697 Avg Mbps:6.697 > > 3010 8182446.533 100.00% > > Conn: 1 Mbps:6.533 Peak Mbps:6.697 Avg Mbps:6.533 > > 4013 9096367.255 100.00% > > Conn: 1 Mbps:7.255 Peak Mbps:7.255 Avg Mbps:7.255 > > 5014 8568006.848 100.00% > > Conn: 1 Mbps:6.848 Peak Mbps:7.255 Avg Mbps:6.848 > > 6015 8682246.946 100.00% > > Conn: 1 Mbps:6.946 Peak Mbps:7.255 Avg Mbps:6.946 > > 7021 8725086.945 100.00% > > Conn: 1 Mbps:6.945 Peak Mbps:7.255 Avg Mbps:6.945 > > 8023 8353806.670 100.00% > > Conn: 1 Mbps:6.670 Peak Mbps:7.255 Avg Mbps:6.670 > > 9025 8482326.779 100.00% > > Conn: 1 Mbps:6.779 Peak Mbps:7.255 Avg Mbps:6.779 > >10028 8439486.731 100.00% > > Conn: 1 Mbps:6.731 Peak Mbps:7.255 Avg Mbps:6.731 > >11036 8310966.596 100.00% > > Conn: 1 Mbps:6.596 Peak Mbps:7.255 Avg Mbps:6.596 > > > > I'm now ready to test furhter. > > > > I tested yesterday with my Android phone (Galaxy S7) and got only ~4 MBit. Thank you for providing these numbers. I would like to note though that there are many factors determining the effective throughput of wifi, ranging from wifi hardware, across OS and driver code, to specific AP/client behaviour and environmental RF conditions. So when you report a number, you help with establishing a picture of the overall range of throughput people are seeing. But a number does not tell anybody anything about why throughput is lower than expected in your case. So this number cannot be used to actually improve the driver. It is just a data point. What would help a small bit is a direct comparison with Linux running on the same access point hardware in the exact same environment. That would indicate which performance levels could be reached in your environment if OpenBSD was optimally tuned. I assume Linux has reached optimal performance levels on this several years old hardware by now. In my testing I have noticed that Intel clients send data much faster than athn APs/clients do. The AP is able to receive higher data rates than it is sending. I don't know why that is happening and under which conditions this is to be expected. But it points to a problem with the athn driver. Perhaps the hardware is not tuned towards the specific way in which our driver makes use of it. For now, I am happy if your AP works without crashing. As mentioned in the driver's man page, our 11n support is still incomplete and a whole lot remains to be done.
Re: 11n support for athn(4)
On 16. Jan 17:46:48, Uwe Werler wrote: > > Unfortunately the throughput is very low, only ~7 MBit. With mode 11g I get > ~16 MBit. > > > zarathustra:~# tcpbench apu01 > elapsed_ms bytes mbps bwidth > 1004 7482725.962 100.00% > Conn: 1 Mbps:5.962 Peak Mbps:5.962 Avg Mbps:5.962 > 2007 8396646.697 100.00% > Conn: 1 Mbps:6.697 Peak Mbps:6.697 Avg Mbps:6.697 > 3010 8182446.533 100.00% > Conn: 1 Mbps:6.533 Peak Mbps:6.697 Avg Mbps:6.533 > 4013 9096367.255 100.00% > Conn: 1 Mbps:7.255 Peak Mbps:7.255 Avg Mbps:7.255 > 5014 8568006.848 100.00% > Conn: 1 Mbps:6.848 Peak Mbps:7.255 Avg Mbps:6.848 > 6015 8682246.946 100.00% > Conn: 1 Mbps:6.946 Peak Mbps:7.255 Avg Mbps:6.946 > 7021 8725086.945 100.00% > Conn: 1 Mbps:6.945 Peak Mbps:7.255 Avg Mbps:6.945 > 8023 8353806.670 100.00% > Conn: 1 Mbps:6.670 Peak Mbps:7.255 Avg Mbps:6.670 > 9025 8482326.779 100.00% > Conn: 1 Mbps:6.779 Peak Mbps:7.255 Avg Mbps:6.779 >10028 8439486.731 100.00% > Conn: 1 Mbps:6.731 Peak Mbps:7.255 Avg Mbps:6.731 >11036 8310966.596 100.00% > Conn: 1 Mbps:6.596 Peak Mbps:7.255 Avg Mbps:6.596 > > I'm now ready to test furhter. > I tested yesterday with my Android phone (Galaxy S7) and got only ~4 MBit.