Re: tcpdump: decode BGP Administrative Shutdown Communication
On Wed, 19 Apr 2017, Job Snijders wrote: > The realisation that a shutdown communication may contain \0 (since NUL is a > valid UTF-8 char) \0 isn't a valid UTF-8 character. UTF-8 sets the MSB on code points > 127: https://en.wikipedia.org/wiki/UTF-8#Description
Re: clang: ignore -fno-force-addr
On Wed, Apr 19, 2017 at 10:30:43AM -0600, Todd C. Miller wrote: > In general, if -fdo-something is supported I think it should also > accept -fno-do-something. Since this was seen in the wild, patching > llvm makes the most sense. Bonus points if you can get it upstreamed. The positive forms of some harmless / useless GCC options are recognized if they are popular. It was never meant to be exhaustive and there is little motivation for adding to the list just because one person brilliantly decided to pick something from the GCC manual. I'd just drop the option -- it only exists in modern GCC for legacy compat as well. Joerg
Re: Sun T2000 internal communications
Hello, I'm not sure I'll be able to help you. I'm using ldoms on T5 running Solaris 11.2. According to blog [1], the /var/adm/messages in primary domain (ldom0) should give you some hint on what is going on. I hope it will help you to get unstuck. regards sasha [1] https://blogs.oracle.com/vmserver/entry/device_validation_with_ldoms_2 On Wed, Apr 19, 2017 at 05:00:07PM +0100, Andrew Grillet wrote: > Hi, > > how _exactly_ does a guest domain connect to a virtual disk? > > I am asking this because I installed 6.1 onto my system which had > been running 6.0. However, I took the opportunity to reformat and partition > the hard disks. I reinstalled the same virtual disks in the same logical > positions: > /home/xxx//vdisk0 > etc, but on a different physical disk in some cases. > but the domains wont boot. There is a message > "WARNING: /virtual-devices@100/channel-devices@200/disk@0: Communication > error with Virtual Disk Server using Port 0. Retrying". > which repeats continually. I can not kill it with Ctrl-C, or any other > means I am aware of. > > I have previously moved, and even replaced the virtual disks, but as far as > I know, > always on the same physical disk. (Not certain of this though, and I think > some of > the domains in the new setup are on the same disk as before). > > I am not aware of any documentation explaining how the name supplied to the > ldom config file is used to access the actual physical disk - at what stage > is the file name and path converted to an inode? and in what domain? eg at > "compile time" or "run time"? Are there any rules about permissions on the > virtual disks? > > In practice, these are things a system administrator needs to know, as most > systems will need disk space to grow eventually. There is also the issue of > backup and restore: the obvious way is to connect a tape drive - which > means connect it to the primary domain - and save vdisks to tape. How can I > be sure the restored vdisks will work? (I assume this requires the guest > domain to be properly shut down before the backup stops, and not just > "ldomctl stop " It would be really nice if the tape backup script > could send the shutdown command using something like "ldomctl exec > ". > > I have no way of knowing what is possible, since I am not aware of any > Sun/Oracle documentation on any part of this stuff, and I doubt I have the > skills to do it either. But Oracle do claim to support Open Source - and > there is not much else than OpenBSD in the Open Source world supporting > Oracle. > > regards > > Andrew
Re: use strtonum to parse the argument to -j in make
David Gwynne(da...@gwynne.id.au) on 2017.04.19 11:41:40 +1000:
> i cant remember why i was looking at this, but strtoll annoys me.
>
> ok?
ok, especially since the old code fails on
$ make -j a5 all
but not on
$ make -j 5a all
:-)
> Index: main.c
> ===
> RCS file: /cvs/src/usr.bin/make/main.c,v
> retrieving revision 1.119
> diff -u -p -r1.119 main.c
> --- main.c4 Jan 2016 10:59:23 - 1.119
> +++ main.c19 Apr 2017 01:39:22 -
> @@ -310,14 +310,14 @@ MainParseArgs(int argc, char **argv)
> Lst_AtEnd(, optarg);
> break;
> case 'j': {
> -char *endptr;
> + const char *errstr;
>
> forceJobs = true;
> - maxJobs = strtol(optarg, , 0);
> - if (endptr == optarg) {
> + maxJobs = strtonum(optarg, 1, INT_MAX, );
> + if (errstr != NULL) {
> fprintf(stderr,
> - "make: illegal argument to -j option --
> %s -- not a number\n",
> - optarg);
> + "make: illegal argument to -j option"
> + " -- %s -- %s\n", optarg, errstr);
> usage();
> }
> record_option(c, optarg);
>
Re: clang: ignore -fno-force-addr
In general, if -fdo-something is supported I think it should also accept -fno-do-something. Since this was seen in the wild, patching llvm makes the most sense. Bonus points if you can get it upstreamed. - todd
Sun T2000 internal communications
Hi, how _exactly_ does a guest domain connect to a virtual disk? I am asking this because I installed 6.1 onto my system which had been running 6.0. However, I took the opportunity to reformat and partition the hard disks. I reinstalled the same virtual disks in the same logical positions: /home/xxx//vdisk0 etc, but on a different physical disk in some cases. but the domains wont boot. There is a message "WARNING: /virtual-devices@100/channel-devices@200/disk@0: Communication error with Virtual Disk Server using Port 0. Retrying". which repeats continually. I can not kill it with Ctrl-C, or any other means I am aware of. I have previously moved, and even replaced the virtual disks, but as far as I know, always on the same physical disk. (Not certain of this though, and I think some of the domains in the new setup are on the same disk as before). I am not aware of any documentation explaining how the name supplied to the ldom config file is used to access the actual physical disk - at what stage is the file name and path converted to an inode? and in what domain? eg at "compile time" or "run time"? Are there any rules about permissions on the virtual disks? In practice, these are things a system administrator needs to know, as most systems will need disk space to grow eventually. There is also the issue of backup and restore: the obvious way is to connect a tape drive - which means connect it to the primary domain - and save vdisks to tape. How can I be sure the restored vdisks will work? (I assume this requires the guest domain to be properly shut down before the backup stops, and not just "ldomctl stop " It would be really nice if the tape backup script could send the shutdown command using something like "ldomctl exec ". I have no way of knowing what is possible, since I am not aware of any Sun/Oracle documentation on any part of this stuff, and I doubt I have the skills to do it either. But Oracle do claim to support Open Source - and there is not much else than OpenBSD in the Open Source world supporting Oracle. regards Andrew
clang: ignore -fno-force-addr
clang already recognizes (and ignores) -fforce-addr but errors out on -fno-force-addr. This breaks the build of ports/databases/qdbm: http://build-failures.rhaalovely.net/amd64-clang/2017-04-14/databases/qdbm.log Fixing the port is easy, but so is ignoring -fno-force-addr. -fno-force-addr should probably be pushed upstream if the latter is preferred. Thoughts? Diff tested with rebuilding base clang. Index: gnu/llvm/tools/clang/include/clang/Driver/Options.td === RCS file: /d/cvs/src/gnu/llvm/tools/clang/include/clang/Driver/Options.td,v retrieving revision 1.4 diff -u -p -r1.4 Options.td --- gnu/llvm/tools/clang/include/clang/Driver/Options.td24 Jan 2017 08:39:08 - 1.4 +++ gnu/llvm/tools/clang/include/clang/Driver/Options.td19 Apr 2017 13:20:17 - @@ -1149,6 +1149,7 @@ def force__cpusubtype__ALL : Flag<["-"], def force__flat__namespace : Flag<["-"], "force_flat_namespace">; def force__load : Separate<["-"], "force_load">; def force_addr : Joined<["-"], "fforce-addr">, Group; +def fno_force_addr : Joined<["-"], "fno-force-addr">, Group; def foutput_class_dir_EQ : Joined<["-"], "foutput-class-dir=">, Group; def fpack_struct : Flag<["-"], "fpack-struct">, Group; def fno_pack_struct : Flag<["-"], "fno-pack-struct">, Group; -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: tcpdump: decode BGP Administrative Shutdown Communication
> The realisation that a shutdown communication may contain \0 (since NUL is a > valid UTF-8 char), led me to alter the proposed changes. A debugging tool like > tcpdump should display trash too. This 0003 patch avoids the memset/memcpy and > can deal with trash in the shutdown communication through a new util > putlchars(). What kind of trash do you mean? Any kind of trash? How about an xterm set-title ANSI sequence, or something worse. Personally, I think this should use vis.
Re: tcpdump: decode BGP Administrative Shutdown Communication
On Mon, Apr 17, 2017 at 01:56:17PM -0600, Theo de Raadt wrote:
> + memset(string, 0, 129);
> + memcpy(string, p+1, shutdown_comm_length);
> + safeputs(string);
>
> Please don't copy numbers like that. If this is a string, why not use
> string functions that gaurantee truncation and truncation detection...
The payload of the shutdown communication (which starts at p+1) is not a
C string: the content of the field wich is memcpy'd, is not
null-terminated. Instead the field's size is available through
'shutdown_comm_length'.
The realisation that a shutdown communication may contain \0 (since NUL is a
valid UTF-8 char), led me to alter the proposed changes. A debugging tool like
tcpdump should display trash too. This 0003 patch avoids the memset/memcpy and
can deal with trash in the shutdown communication through a new util
putlchars().
example output:
BGP (NOTIFICATION: error Cease, subcode #2, Shutdown Communication
(length: 52): "This is a test of the sh\000\000\000\000wn communication
system.") (DF) [tos 0xc0] (ttl 255, id 40416, len 126)
Kind regards,
Job
diff --git a/usr.sbin/tcpdump/print-bgp.c b/usr.sbin/tcpdump/print-bgp.c
index d028d671893..e25fdbd930a 100644
--- a/usr.sbin/tcpdump/print-bgp.c
+++ b/usr.sbin/tcpdump/print-bgp.c
@@ -228,9 +228,13 @@ static const char *bgpnotify_minor_update[] = {
/* RFC 4486 */
#define BGP_NOTIFY_MINOR_CEASE_MAXPRFX 1
+/* draft-ietf-idr-shutdown-07 */
+#define BGP_NOTIFY_MINOR_CEASE_SHUT2
+#define BGP_NOTIFY_MINOR_CEASE_RESET 4
+#define BGP_NOTIFY_MINOR_CEASE_ADMIN_SHUTDOWN_LEN 128
static const char *bgpnotify_minor_cease[] = {
- NULL, "Maximum Number of Prefixes Reached", "Administratively Shutdown",
- "Peer De-configured", "Administratively Reset", "Connection Rejected",
+ NULL, "Maximum Number of Prefixes Reached", "Administrative Shutdown",
+ "Peer De-configured", "Administrative Reset", "Connection Rejected",
"Other Configuration Change", "Connection Collision Resolution",
"Out of Resources",
};
@@ -302,6 +306,21 @@ static const char *afnumber[] = AFNUM_NAME_STR;
sizeof(afnumber)/sizeof(afnumber[0]), (x)))
+static void
+print_hex(const u_char *p, u_int len)
+{
+ while (len--)
+ printf("%02x", *p++);
+}
+
+static void
+putlchars(const u_char *str, u_int len)
+{
+ while (len--)
+ safeputchar(*str++);
+}
+
+
static const char *
num_or_str(const char **table, size_t siz, int value)
{
@@ -996,6 +1015,8 @@ bgp_notification_print(const u_char *dat, int length)
u_int16_t af;
u_int8_t safi;
const u_char *p;
+ uint8_t shutdown_comm_length;
+ uint8_t remainder_offset;
TCHECK2(dat[0], BGP_NOTIFICATION_SIZE);
memcpy(, dat, BGP_NOTIFICATION_SIZE);
@@ -1026,9 +1047,54 @@ bgp_notification_print(const u_char *dat, int length)
printf(" Max Prefixes: %u", EXTRACT_32BITS(p+3));
}
+
+ /*
+* draft-ietf-idr-shutdown describes a method to send a
+* message intended for human consumption regarding the
+* Administrative Shutdown or Reset event. This is called
+* the "Shutdown Communication". The communication is
+* UTF-8 encoded and may be no longer than 128 bytes.
+*/
+
+ if ((bgpn.bgpn_minor == BGP_NOTIFY_MINOR_CEASE_SHUT ||
+ bgpn.bgpn_minor == BGP_NOTIFY_MINOR_CEASE_RESET) &&
+ (length >= BGP_NOTIFICATION_SIZE + 1)) {
+ p = dat + BGP_NOTIFICATION_SIZE;
+ TCHECK2(*p, 1);
+ shutdown_comm_length = *(p);
+ remainder_offset = 0;
+ /* if we received garbage, make sure we hexdump it all
*/
+ if (shutdown_comm_length >
+ BGP_NOTIFY_MINOR_CEASE_ADMIN_SHUTDOWN_LEN ||
+ shutdown_comm_length > (length -
BGP_NOTIFICATION_SIZE) + 1)
+ printf(", invalid Shutdown Communication
length");
+ else if (shutdown_comm_length == 0) {
+ printf(", empty Shutdown Communication");
+ remainder_offset += 1;
+ }
+ /* a proper shutdown communication */
+ else {
+ TCHECK2(*(p+1), shutdown_comm_length);
+ printf(", Shutdown Communication (length: %u):
\"",
+ shutdown_comm_length);
+ putlchars(p+1, shutdown_comm_length);
+ printf("\"");
+ remainder_offset +=
Re: make.1 spellcheck
On Wed, Apr 19, 2017 at 03:16:20PM +0800, Michael W. Bombardieri wrote:
> Hi,
>
> Spellchecker found two non-dictionary words in the make(1) manual.
>
> - Michael
>
fixed, thanks.
jmc
>
> Index: make.1
> ===
> RCS file: /cvs/src/usr.bin/make/make.1,v
> retrieving revision 1.124
> diff -u -p -u -r1.124 make.1
> --- make.11 Jan 2017 01:08:11 - 1.124
> +++ make.119 Apr 2017 07:06:51 -
> @@ -209,7 +209,7 @@ is defined,
> will wait between 0 and ${RANDOM_DELAY} seconds before starting a command.
> A given random seed can be forced by setting
> .Va RANDOM_SEED ,
> -but this does not guarantee reproductibility.
> +but this does not guarantee reproducibility.
> .It Ar q
> .Sq quick death
> option: after a fatal error, instead of waiting for other jobs to die,
> @@ -1342,7 +1342,7 @@ recognizes standard special targets:
> .It Ic .DEFAULT
> If there is a
> .Ic .DEFAULT
> -target rule, with commands but no prequisites, and
> +target rule, with commands but no prerequisites, and
> .Nm
> can't figure out another way to build a target, it will use that
> list of commands, setting
>
make.1 spellcheck
Hi,
Spellchecker found two non-dictionary words in the make(1) manual.
- Michael
Index: make.1
===
RCS file: /cvs/src/usr.bin/make/make.1,v
retrieving revision 1.124
diff -u -p -u -r1.124 make.1
--- make.1 1 Jan 2017 01:08:11 - 1.124
+++ make.1 19 Apr 2017 07:06:51 -
@@ -209,7 +209,7 @@ is defined,
will wait between 0 and ${RANDOM_DELAY} seconds before starting a command.
A given random seed can be forced by setting
.Va RANDOM_SEED ,
-but this does not guarantee reproductibility.
+but this does not guarantee reproducibility.
.It Ar q
.Sq quick death
option: after a fatal error, instead of waiting for other jobs to die,
@@ -1342,7 +1342,7 @@ recognizes standard special targets:
.It Ic .DEFAULT
If there is a
.Ic .DEFAULT
-target rule, with commands but no prequisites, and
+target rule, with commands but no prerequisites, and
.Nm
can't figure out another way to build a target, it will use that
list of commands, setting
