Re: merge vlan and carp input back into ether_input

[David Gwynne]

On Thu, Jan 11, 2018 at 02:51:40PM +0100, Martin Pieuchot wrote:
> On 11/01/18(Thu) 21:59, David Gwynne wrote:
> > [...] 
> > when you say i break carp balancing, are you talking about the removal of 
> > the PACKET_TAG_CARP_BAL_IP tagging? PACKET_TAG_CARP_BAL_IP is only used in 
> > carp_lsdrop to clear the M_MCAST flag on the mbuf. M_MCAST wont be set on 
> > packets destined for the carp interface because we check ac_enaddr before 
> > checking if the packet is multicast or broadcast.
> 
> I might be mistaken.  I just know that this code is fragile and I'd
> prefer to see such change tested isolated because carp(4) itself has
> multiple configurations.  CARP balancing has been fixed for 6.2 by
> friehm@ after being broken for multiple releases.

ok.

i had a look the commit related to this at
https://github.com/openbsd/src/commit/76dda2b0279f3c37adf1c059c3bab4d74bc96602

that change happened because ethernet_input checks and sets the
multicast bits before doing the ac_enaddr comparison. that's reversed
in the big diff i sent, but i pulled it out and attached it below.
it doesn't take away the mbuf tag carp uses, but it would make it
unnecessary.

> > are you sure? carp and vlan on top of trunk should still function. however, 
> > trunk or bridge/switch on vlan is broken though :(
> 
> I'm not sure, but I believe mixing input handler and hardcoding some in
> ether_input() won't fly :)

agreed.

> 
> > > If if_input() is called on a pseudo-interface we know we're already in
> > > a softnet process.
> > 
> > or a syscall.
> > 
> > the code above has pseudo interfaces recurse, where they'd loop either on 
> > ifih or at the task level. probably not a huge concern though.
> 
> We can unroll the loop afterward.  What we need now is get rid of the
> queues.

ok.

> 
> > > We could also think of doing something similar for if_enqueue() and call
> > > if_start() directly for pseudo-interface.
> > 
> > ill think about that. ive had some other experiments in that area we could 
> > look at too.
> 
> I'd be glad to look at your experiments :)

but im shy :(

> > >> note that trunk and bridge/switch are still implemented using
> > >> interface input handlers at the moment.
> > > 
> > > If you want to get rid of the input handlers, I'd suggest doing it in
> > > the beginning of a release cycle and for all pseudo drivers at once.
> > 
> > considering the trunk and bridge/switch issue, it probably is best to do 
> > them all at once.
> 
> Yes.  I'm aware that the SRP/input handler loop might be considered.
> We can probably gain some percents if we remove it.  However this is
> a micro optimization compared to other improvements that can be done.
> Plus it has the advantage of not having fragile #ifdef maze in the
> rest of the code.

im not expecting a performance difference with this stuff, it's
more about correctness. right now the behaviour of the stack is
arguably incorrect depending on when you configure pseudo-interfaces.
here are two examples:

if you configure a carp interface on myx0 after configuring a vlan
interface, carp_input input handler will be in the SRPL before
vlan_input. because of that we have this chunk in carp_input:

#if NVLAN > 0
/*
 * If the underlying interface removed the VLAN header itself,
 * it's not for us.
 */
if (ISSET(m->m_flags, M_VLANTAG))
return (0);
#endif

however, myx does not do hw vlan tagging and we dont check for
ETHERTYPE_VLAN or _QINQ there. carp may take a packet that vlan
should have taken.

secondly, if you configure switch(4) on an interface after configuring
it as a trunk port, switch will happily take all the packets on it.

it could be argued that these examples are a bit contrived, which
i will accept, and they could be fixed with some stricter code
checks, but they do demonstrate a problem with the stack.

in my mind, the order of processing by pseudo interfaces attached
to an ethernet interface would be:

1. let trunk(4) look at it

if trunk is configured on the port...

while we're talking about this, i would like to implement "independent"
ports on trunks. independent ports mean that if lacp isnt negotiated
on the ethernet interface, it can be used as a normal interface.
cisco do this by default on port channels, but other vendors require
explicit config. eg, on a force10^Wdell i need to add something
like "lacp ungroup member-independent port-channel 12" to allow
members of po12 to function as normal ports when lacp isnt negotiated.
this is useful if you want to pxe boot boxes that are usually
connected using lacp.

if we supported independent trunk ports, then we should allow
otherwise normal ethernet interface configuration.

2. let bridge(4) or switch(4) look at it

not both.

it only makes sense for a bridge/switch to get the packet if trunk
doesnt want it.

3. if it is vlan or qinq tagged, give it to vlan or drop it.

4. check ac_enaddr to see if it is for the current interface.

5. otherwise, give 

Re: jot: small cleanup for conversion switch

[Alexander Hall]

On January 12, 2018 7:26:58 AM GMT+01:00, Theo Buehler  
wrote:
>> >+   case 'd':
>> >+   case 'i':
>> >intdata = true;
>> >break;
>> >+   case 'o':
>> >+   case 'u':
>> >+   case 'x':
>> >+   case 'X':
>> 
>> Convention is X before x in usage() and friends, so I guess that'd
>> make sense here (and below) too.
>
>Thanks. I deliberately used the same order as in printf(3) and the C11
>standard, so I left that as it was. If this makes your eyes twitch too
>hard, feel free to change it. :)

Sounds reasonable, and like a fair deal. :-)

Re: jot: small cleanup for conversion switch

[Theo Buehler]

> >+case 'd':
> >+case 'i':
> > intdata = true;
> > break;
> >+case 'o':
> >+case 'u':
> >+case 'x':
> >+case 'X':
> 
> Convention is X before x in usage() and friends, so I guess that'd
> make sense here (and below) too.

Thanks. I deliberately used the same order as in printf(3) and the C11
standard, so I left that as it was. If this makes your eyes twitch too
hard, feel free to change it. :)

Re: constrain drm alloc_pages() to dma range

[David Gwynne]

> On 12 Jan 2018, at 13:53, Jonathan Gray  wrote:
> 
> When trying to use alloc_page from ttm with radeon on an amd64
> machine with 8GB physmem the system would panic part way through
> taking over the console along the lines of
> 
> 'panic: Non dma-reachable buffer at paddr 0x1ef221000(raw)'
> 
> This adds the dma constraints ttm_uvm_alloc_page() has.

ok.

> 
> Index: drm_linux.c
> ===
> RCS file: /cvs/src/sys/dev/pci/drm/drm_linux.c,v
> retrieving revision 1.15
> diff -u -p -r1.15 drm_linux.c
> --- drm_linux.c   12 Jul 2017 20:12:19 -  1.15
> +++ drm_linux.c   12 Jan 2018 03:36:20 -
> @@ -204,8 +204,8 @@ alloc_pages(unsigned int gfp_mask, unsig
>   flags |= UVM_PLA_ZERO;
> 
>   TAILQ_INIT();
> - if (uvm_pglistalloc(PAGE_SIZE << order, 0, -1, PAGE_SIZE, 0,
> - , 1, flags))
> + if (uvm_pglistalloc(PAGE_SIZE << order, dma_constraint.ucr_low,
> + dma_constraint.ucr_high, PAGE_SIZE, 0, , 1, flags))
>   return NULL;
>   return TAILQ_FIRST();
> }
> 

implement linux request_firmware() api in drm

[Jonathan Gray]

Tested on radeon.

This should cause no change in behaviour on inteldrm systems that require
firmware (ie skylake, kabylake, broxton) until a mountroot hook is
added and firmware installed but I have no way of testing that here.

Index: drm_linux.h
===
RCS file: /cvs/src/sys/dev/pci/drm/drm_linux.h,v
retrieving revision 1.65
diff -u -p -r1.65 drm_linux.h
--- drm_linux.h 29 Nov 2017 03:59:34 -  1.65
+++ drm_linux.h 12 Jan 2018 03:43:03 -
@@ -2161,6 +2161,7 @@ size_t sg_copy_from_buffer(struct scatte
 const void *, size_t);
 
 struct firmware {
+   size_t size;
const u8 *data;
 };
 
@@ -2168,7 +2169,14 @@ static inline int
 request_firmware(const struct firmware **fw, const char *name,
 struct device *device)
 {
-   return -EINVAL;
+   int r;
+   struct firmware *f = malloc(sizeof(struct firmware), M_DRM, M_WAITOK);
+   *fw = f;
+   r = loadfirmware(name, __DECONST(u_char **, >data), >size);
+   if (r != 0)
+   return -r;
+   else
+   return 0;
 }
 
 #define request_firmware_nowait(a, b, c, d, e, f, g) -EINVAL
@@ -2176,6 +2184,8 @@ request_firmware(const struct firmware *
 static inline void
 release_firmware(const struct firmware *fw)
 {
+   free(__DECONST(u_char *, fw->data), M_DRM, fw->size);
+   free(__DECONST(struct firmware *, fw), M_DRM, sizeof(*fw));
 }
 
 void *memchr_inv(const void *, int, size_t);

constrain drm alloc_pages() to dma range

[Jonathan Gray]

When trying to use alloc_page from ttm with radeon on an amd64
machine with 8GB physmem the system would panic part way through
taking over the console along the lines of

'panic: Non dma-reachable buffer at paddr 0x1ef221000(raw)'

This adds the dma constraints ttm_uvm_alloc_page() has.

Index: drm_linux.c
===
RCS file: /cvs/src/sys/dev/pci/drm/drm_linux.c,v
retrieving revision 1.15
diff -u -p -r1.15 drm_linux.c
--- drm_linux.c 12 Jul 2017 20:12:19 -  1.15
+++ drm_linux.c 12 Jan 2018 03:36:20 -
@@ -204,8 +204,8 @@ alloc_pages(unsigned int gfp_mask, unsig
flags |= UVM_PLA_ZERO;
 
TAILQ_INIT();
-   if (uvm_pglistalloc(PAGE_SIZE << order, 0, -1, PAGE_SIZE, 0,
-   , 1, flags))
+   if (uvm_pglistalloc(PAGE_SIZE << order, dma_constraint.ucr_low,
+   dma_constraint.ucr_high, PAGE_SIZE, 0, , 1, flags))
return NULL;
return TAILQ_FIRST();
 }

Re: sysctl(3) or sysctl(2)?

[Theo de Raadt]

> According to /usr/src/sys/kern/syscalls.master, sysctl is system call
> number 202. But its manual page is in section 3, at
>   /usr/src/lib/libc/gen/sysctl.3
> 
> Should it actually be in section 2?

It used to be wrapped in an odd way.  The manual page could now be renamed,
but we have to find all the tendrils.

revision 1.130
date: 2015/09/13 17:08:03;  author: guenther;  state: Exp;  lines: +4 -4;  
commitid: BssYI6s6zozAyfkk;
Rename __sysctl syscall to just sysctl, as the userland wrapper is no longer
necessary
ok deraadt@ jsing@

sysctl(3) or sysctl(2)?

[Anthony Coulter]

According to /usr/src/sys/kern/syscalls.master, sysctl is system call
number 202. But its manual page is in section 3, at
/usr/src/lib/libc/gen/sysctl.3

Should it actually be in section 2?

Regards,
Anthony Coulter

stack pointer checking

[Theo de Raadt]

Stefan (stefan@) and I have been working for a few months on this
diff, with help from a few others.

At every trap and system call, it checks if the stack-pointer is on a
page that is marked MAP_STACK.  execve() is changed to create such
mappings for the process stack.  Also, libpthread is taught the new
MAP_STACK flag to use with mmap().

There is no corresponding system call which can set MAP_FLAG on an
existing page, you can only set the flag by mapping new memory into
place.  That is a piece of the security model.

The purpose of this change is to twart stack pivots, which apparently
have gained some popularity in JIT ROP attacks.  It makes it difficult
to place the ROP stack in regular data memory, and then perform a
system call from it.  Workarounds are cumbersome, increasing the need
for far more gadgetry.  But also the trap case -- if any memory
experiences a demand page fault, the same check will occur and
potentially also kill the process.

We have experimented a little with performing this check during device
interrupts, but there are some locking concerns and performance may
then become a concern.  It'll be best to gain experience from handle
of syncronous trap cases first.

chrome and other applications I use run fine!

I'm asking for some feedback to discover what ports this breaks, we'd
like to know.  Those would be ports which try to (unconvenionally)
create their stacks in malloc()'d memory or inside another
datastructure.  Most of them are probably easily fixed ...


Index: lib/libc/sys/mmap.2
===
RCS file: /cvs/src/lib/libc/sys/mmap.2,v
retrieving revision 1.56
diff -u -p -u -r1.56 mmap.2
--- lib/libc/sys/mmap.2 20 Jul 2017 18:22:25 -  1.56
+++ lib/libc/sys/mmap.2 6 Jan 2018 18:56:04 -
@@ -153,6 +153,11 @@ mappings)
 must be multiples of the page size.
 Existing mappings in the address range will be replaced.
 Use of this option is discouraged.
+.It Dv MAP_STACK
+Indicate that the mapping is used as a stack.
+This flag must be used in combination with
+.Dv MAP_ANON and
+.Dv MAP_PRIVATE .
 .El
 .Pp
 Finally, the following flags are also provided for
Index: lib/libc/sys/sigaltstack.2
===
RCS file: /cvs/src/lib/libc/sys/sigaltstack.2,v
retrieving revision 1.19
diff -u -p -u -r1.19 sigaltstack.2
--- lib/libc/sys/sigaltstack.2  31 May 2015 23:54:25 -  1.19
+++ lib/libc/sys/sigaltstack.2  6 Jan 2018 18:56:04 -
@@ -92,6 +92,15 @@ field will contain the value
 if the thread is currently on a signal stack and
 .Dv SS_DISABLE
 if the signal stack is currently disabled.
+.Pp
+The stack must be allocated using
+.Xr mmap 2
+with
+.Ar MAP_STACK
+to inform the kernel that the memory is being used as a stack.
+Otherwise, the first system call performed while operating on
+that stack will deliver
+.Dv SIGABRT .
 .Sh NOTES
 The value
 .Dv SIGSTKSZ
@@ -99,7 +108,8 @@ is defined to be the number of bytes/cha
 the usual case when allocating an alternate stack area.
 The following code fragment is typically used to allocate an alternate stack.
 .Bd -literal -offset indent
-if ((sigstk.ss_sp = malloc(SIGSTKSZ)) == NULL)
+if ((sigstk.ss_sp = mmap(NULL, SIGSTKSZ, PROT_WRITE | PROT_READ,
+MAP_PRIVATE | MAP_ANON | MAP_STACK, -1, 0)) == NULL)
/* error return */
 sigstk.ss_size = SIGSTKSZ;
 sigstk.ss_flags = 0;
Index: lib/librthread/rthread_stack.c
===
RCS file: /cvs/src/lib/librthread/rthread_stack.c,v
retrieving revision 1.17
diff -u -p -u -r1.17 rthread_stack.c
--- lib/librthread/rthread_stack.c  5 Sep 2017 02:40:54 -   1.17
+++ lib/librthread/rthread_stack.c  6 Jan 2018 18:56:04 -
@@ -92,7 +92,7 @@ _rthread_alloc_stack(pthread_t thread)
 
/* actually allocate the real stack */
base = mmap(NULL, size, PROT_READ | PROT_WRITE,
-   MAP_PRIVATE | MAP_ANON, -1, 0);
+   MAP_PRIVATE | MAP_ANON | MAP_STACK, -1, 0);
if (base == MAP_FAILED) {
free(stack);
return (NULL);
Index: sys/arch/amd64/amd64/trap.c
===
RCS file: /cvs/src/sys/arch/amd64/amd64/trap.c,v
retrieving revision 1.63
diff -u -p -u -r1.63 trap.c
--- sys/arch/amd64/amd64/trap.c 5 Jan 2018 11:10:25 -   1.63
+++ sys/arch/amd64/amd64/trap.c 6 Jan 2018 19:05:06 -
@@ -175,9 +175,29 @@ trap(struct trapframe *frame)
 #endif
 
if (!KERNELMODE(frame->tf_cs, frame->tf_rflags)) {
+   vaddr_t sp = PROC_STACK(p);
+
type |= T_USER;
p->p_md.md_regs = frame;
refreshcreds(p);
+
+   if (p->p_vmspace->vm_map.serial != p->p_spserial ||
+   p->p_spstart == 0 || sp < p->p_spstart ||
+   sp >= p->p_spend) {
+   KERNEL_LOCK();
+   if 

have carp register detachhooks rather than get special handling in if.c

[David Gwynne]

this makes carp less special by having it register detachhooks.
right now if.c treats it better than it needs to.

the diff shuffles establishment of the link status hook and the new
detachhook to make carp_set_ifp fail if the hooks cannot be allocated.

the following seems to work both before and after the diff:

ifconfig vether1 create

ifconfig -g carp carpdemote 20
ifconfig carp0 create
ifconfig carp0 carpdev vether1 
ifconfig carp0 vhid 66
ifconfig carp0 pass `openssl rand -base64 12`
ifconfig carp0 advskew 192
ifconfig carp0 inet alias 100.64.0.1 netmask 255.255.255.0

ifconfig vether1
ifconfig carp0

ifconfig vether1 destroy

ifconfig carp0

tests?

Index: net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.537
diff -u -p -r1.537 if.c
--- net/if.c10 Jan 2018 23:50:39 -  1.537
+++ net/if.c12 Jan 2018 01:50:44 -
@@ -1005,11 +1005,6 @@ if_deactivate(struct ifnet *ifp)
 */
dohooks(ifp->if_detachhooks, HOOK_REMOVE | HOOK_FREE);
 
-#if NCARP > 0
-   /* Remove the interface from any carp group it is a part of.  */
-   if (ifp->if_type != IFT_CARP && !SRPL_EMPTY_LOCKED(>if_carp))
-   carp_ifdetach(ifp);
-#endif
NET_UNLOCK();
 }
 
Index: netinet/ip_carp.c
===
RCS file: /cvs/src/sys/netinet/ip_carp.c,v
retrieving revision 1.325
diff -u -p -r1.325 ip_carp.c
--- netinet/ip_carp.c   12 Jan 2018 00:36:13 -  1.325
+++ netinet/ip_carp.c   12 Jan 2018 01:50:44 -
@@ -133,6 +133,7 @@ struct carp_softc {
 #definesc_carpdev  sc_ac.ac_if.if_carpdev
void *ah_cookie;
void *lh_cookie;
+   void *dh_cookie;
struct ip_moptions sc_imo;
 #ifdef INET6
struct ip6_moptions sc_im6o;
@@ -215,7 +216,7 @@ int carp_proto_input_if(struct ifnet *, 
 intcarp6_proto_input_if(struct ifnet *, struct mbuf **, int *, int);
 #endif
 void   carpattach(int);
-void   carpdetach(struct carp_softc *);
+void   carpdetach(void *);
 intcarp_prepare_ad(struct mbuf *, struct carp_vhost_entry *,
struct carp_header *);
 void   carp_send_ad_all(void);
@@ -901,8 +902,9 @@ carp_del_all_timeouts(struct carp_softc 
 }
 
 void
-carpdetach(struct carp_softc *sc)
+carpdetach(void *arg)
 {
+   struct carp_softc *sc = arg;
struct ifnet *ifp0;
struct srpl *cif;
 
@@ -929,26 +931,13 @@ carpdetach(struct carp_softc *sc)
/* Restore previous input handler. */
if_ih_remove(ifp0, carp_input, NULL);
 
-   if (sc->lh_cookie != NULL)
-   hook_disestablish(ifp0->if_linkstatehooks, sc->lh_cookie);
-
SRPL_REMOVE_LOCKED(_sc_rc, cif, sc, carp_softc, sc_list);
if (SRPL_EMPTY_LOCKED(cif))
ifpromisc(ifp0, 0);
sc->sc_carpdev = NULL;
-}
-
-/* Detach an interface from the carp. */
-void
-carp_ifdetach(struct ifnet *ifp0)
-{
-   struct carp_softc *sc, *nextsc;
-   struct srpl *cif = >if_carp;
 
-   KERNEL_ASSERT_LOCKED(); /* touching if_carp */
-
-   SRPL_FOREACH_SAFE_LOCKED(sc, cif, sc_list, nextsc)
-   carpdetach(sc);
+   hook_disestablish(ifp0->if_linkstatehooks, sc->lh_cookie);
+   hook_disestablish(ifp0->if_detachhooks, sc->dh_cookie);
 }
 
 void
@@ -1697,13 +1686,27 @@ carp_set_ifp(struct carp_softc *sc, stru
if (ifp0->if_type != IFT_ETHER)
return (EINVAL);
 
+   sc->dh_cookie = hook_establish(ifp0->if_detachhooks, 0,
+carpdetach, sc);
+   if (sc->dh_cookie == NULL)
+   return (ENOMEM);
+
+   sc->lh_cookie = hook_establish(ifp0->if_linkstatehooks, 1,
+   carp_carpdev_state, ifp0);
+   if (sc->lh_cookie == NULL) {
+   error = ENOMEM;
+   goto rm_dh;
+   }
+
cif = >if_carp;
if (SRPL_EMPTY_LOCKED(cif)) {
if ((error = ifpromisc(ifp0, 1)))
-   return (error);
+   goto rm_lh;
 
-   } else if (carp_check_dup_vhids(sc, cif, NULL))
-   return (EINVAL);
+   } else if (carp_check_dup_vhids(sc, cif, NULL)) {
+   error = EINVAL;
+   goto rm_lh;
+   }
 
/* detach from old interface */
if (sc->sc_carpdev != NULL)
@@ -1744,15 +1747,19 @@ carp_set_ifp(struct carp_softc *sc, stru
sc->sc_if.if_flags |= IFF_UP;
carp_set_enaddr(sc);
 
-   sc->lh_cookie = hook_establish(ifp0->if_linkstatehooks, 1,
-   carp_carpdev_state, ifp0);
-
/* Change input handler of the physical interface. */
if_ih_insert(ifp0, carp_input, NULL);
 
carp_carpdev_state(ifp0);
 
return (0);
+
+rm_lh:
+   hook_disestablish(ifp0->if_linkstatehooks, sc->lh_cookie);
+rm_dh:
+   hook_disestablish(ifp0->if_detachhooks, 

Re: bpf for subsystems, not just interfaces

[David Gwynne]

> On 11 Jan 2018, at 23:54, Martin Pieuchot  wrote:
> 
> On 11/01/18(Thu) 23:10, David Gwynne wrote:
>> 
>> 
>>> On 11 Jan 2018, at 9:11 pm, Martin Pieuchot  wrote:
>>> 
>>> On 11/01/18(Thu) 11:58, David Gwynne wrote:
 im sending this out more as a backup than a serious diff.
>>> 
>>> I love this.  It's one of the steps to be able to use bpf(4) for USB.
>> 
>> oh yeah.
>> 
>>> 
>>> Is there an easy way to also remove the mbuf requirement?  For example
>>> I'd like to call bpf_mtap() or similar in usb_transfer_complete().
>> 
>> is the usb payload in one or two contig buffers? we could just fake it.
> 
> Yes, it's  KERNADDR(>dmabuf, 0) of size `xfer->actlen'.

if it's a single buffer, just use https://man.openbsd.org/bpf_filter.

if you want to put a header on it too, we'll need to a bit of extra code, but 
it's fairly trivial.

jono reminded me that i wanted bpf on sd(4) at one point too. or ttys. i dont 
think ttys was my idea though.

dlg

> 
 this tweaks bpf so it can be used by subsystems, not just interfaces.
 this is done by making bpf store and use names (eg, "pf" and "em0")
 instead of just interfaces. interfaces get some special handling
 so you can't bpfwrite or enable ifpromisc unless bif_ifp is set.
 
 an example use of this is attaching bpf to pf. you can see all the
 packets handed to pf_test with this diff and tcpdump -ni pf.
 
 Index: bpf.c
 ===
 RCS file: /cvs/src/sys/net/bpf.c,v
 retrieving revision 1.165
 diff -u -p -r1.165 bpf.c
 --- bpf.c  30 Dec 2017 23:08:29 -  1.165
 +++ bpf.c  10 Jan 2018 07:27:45 -
 @@ -93,7 +93,7 @@ struct bpf_if*bpf_iflist;
 LIST_HEAD(, bpf_d) bpf_d_list;
 
 intbpf_allocbufs(struct bpf_d *);
 -void  bpf_ifname(struct ifnet *, struct ifreq *);
 +void  bpf_ifname(struct bpf_if*, struct ifreq *);
 int_bpf_mtap(caddr_t, const struct mbuf *, u_int,
void (*)(const void *, void *, size_t));
 void   bpf_mcopy(const void *, void *, size_t);
 @@ -320,6 +320,8 @@ bpf_detachd(struct bpf_d *d)
if (d->bd_promisc) {
int error;
 
 +  KASSERT(bp->bif_ifp != NULL);
 +
d->bd_promisc = 0;
 
bpf_get(d);
 @@ -593,7 +595,7 @@ bpfwrite(dev_t dev, struct uio *uio, int
bpf_get(d);
ifp = d->bd_bif->bif_ifp;
 
 -  if ((ifp->if_flags & IFF_UP) == 0) {
 +  if (ifp == NULL || (ifp->if_flags & IFF_UP) == 0) {
error = ENETDOWN;
goto out;
}
 @@ -789,7 +791,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
 * No interface attached yet.
 */
error = EINVAL;
 -  } else {
 +  } else if (d->bd_bif->bif_ifp != NULL) { 
if (d->bd_promisc == 0) {
MUTEX_ASSERT_UNLOCKED(>bd_mtx);
error = ifpromisc(d->bd_bif->bif_ifp, 1);
 @@ -839,7 +841,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
if (d->bd_bif == NULL)
error = EINVAL;
else
 -  bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr);
 +  bpf_ifname(d->bd_bif, (struct ifreq *)addr);
break;
 
/*
 @@ -1049,10 +1051,7 @@ bpf_setif(struct bpf_d *d, struct ifreq 
 * Look through attached interfaces for the named one.
 */
for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
 -  struct ifnet *ifp = bp->bif_ifp;
 -
 -  if (ifp == NULL ||
 -  strcmp(ifp->if_xname, ifr->ifr_name) != 0)
 +  if (strcmp(bp->bif_name, ifr->ifr_name) != 0)
continue;
 
if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt)
 @@ -1090,9 +1089,9 @@ out:
 * Copy the interface name to the ifreq.
 */
 void
 -bpf_ifname(struct ifnet *ifp, struct ifreq *ifr)
 +bpf_ifname(struct bpf_if *bif, struct ifreq *ifr)
 {
 -  bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ);
 +  bcopy(bif->bif_name, ifr->ifr_name, sizeof(ifr->ifr_name));
 }
 
 /*
 @@ -1538,21 +1537,17 @@ bpf_put(struct bpf_d *bd)
free(bd, M_DEVBUF, sizeof(*bd));
 }
 
 -/*
 - * Attach an interface to bpf.  driverp is a pointer to a (struct bpf_if 
 *)
 - * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
 - * size of the link header (variable length headers not yet supported).
 - */
 -void
 -bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen)
 +void *
 +bpfsattach(caddr_t *bpfp, const char *name, u_int dlt, u_int hdrlen)
 {
struct bpf_if *bp;
 

Re: jot: small cleanup for conversion switch

[Alexander Hall]

Didn't test, but reads ok to me, with minor nit below.

On January 11, 2018 9:25:10 PM GMT+01:00, Theo Buehler  
wrote:
>This aligns all cases vertically which makes them easier to find.
>
>Normalize all cases: if the long form is illegal or unsupported,
>'goto fmt_broken;', then set the flags for the casts in putdata() on a
>single line.
>
>This is all straightforward, but I think the resulting code is easier
>to
>follow. Of note is the case of '%c' which used to check whether intdata
>is set. This is impossible, so I dropped that bit.
>
>Regression tests still happy.
>
>Index: jot.c
>===
>RCS file: /var/cvs/src/usr.bin/jot/jot.c,v
>retrieving revision 1.42
>diff -u -p -r1.42 jot.c
>--- jot.c  11 Jan 2018 14:53:42 -  1.42
>+++ jot.c  11 Jan 2018 20:08:16 -
>@@ -398,38 +398,41 @@ getformat(void)
>   }
>   }
>   switch (*p) {
>-  case 'o': case 'u': case 'x': case 'X':
>-  intdata = nosign = true;
>-  break;
>-  case 'd': case 'i':
>+  case 'd':
>+  case 'i':
>   intdata = true;
>   break;
>+  case 'o':
>+  case 'u':
>+  case 'x':
>+  case 'X':

Convention is X before x in usage() and friends, so I guess that'd make sense 
here (and below) too.

/Alexander

>+  intdata = nosign = true;
>+  break;
>   case 'D':
>-  /* %lD is undefined */
>-  if (!longdata) {
>-  longdata = true; /* %D behaves as %ld */
>-  intdata = true;
>-  break;
>-  }
>-  goto fmt_broken;
>-  case 'O': case 'U':
>-  /* %lO and %lU are undefined */
>-  if (!longdata) {
>-  longdata = true; /* %O, %U behave as %lo, %lu */
>-  intdata = nosign = true;
>-  break;
>-  }
>-  goto fmt_broken;
>+  if (longdata)
>+  goto fmt_broken;
>+  longdata = intdata = true; /* same as %ld */
>+  break;
>+  case 'O':
>+  case 'U':
>+  if (longdata)
>+  goto fmt_broken;
>+  longdata = intdata = nosign = true; /* same as %l[ou] */
>+  break;
>   case 'c':
>-  if (!(intdata | longdata)) {
>-  chardata = true;
>-  break;
>-  }
>-  goto fmt_broken;
>-  case 'f': case 'e': case 'g': case 'E': case 'G':
>-  if (!longdata)
>-  break;
>-  /* FALLTHROUGH */
>+  if (longdata)
>+  goto fmt_broken;
>+  chardata = true;
>+  break;
>+  case 'e':
>+  case 'E':
>+  case 'f':
>+  case 'g':
>+  case 'G':
>+  if (longdata)
>+  goto fmt_broken;
>+  /* No cast needed for printing in putdata() */
>+  break;
>   default:
> fmt_broken:
>   errx(1, "illegal or unsupported format '%.*s'",

jot: small cleanup for conversion switch

[Theo Buehler]

This aligns all cases vertically which makes them easier to find.

Normalize all cases: if the long form is illegal or unsupported,
'goto fmt_broken;', then set the flags for the casts in putdata() on a
single line.

This is all straightforward, but I think the resulting code is easier to
follow. Of note is the case of '%c' which used to check whether intdata
is set. This is impossible, so I dropped that bit.

Regression tests still happy.

Index: jot.c
===
RCS file: /var/cvs/src/usr.bin/jot/jot.c,v
retrieving revision 1.42
diff -u -p -r1.42 jot.c
--- jot.c   11 Jan 2018 14:53:42 -  1.42
+++ jot.c   11 Jan 2018 20:08:16 -
@@ -398,38 +398,41 @@ getformat(void)
}
}
switch (*p) {
-   case 'o': case 'u': case 'x': case 'X':
-   intdata = nosign = true;
-   break;
-   case 'd': case 'i':
+   case 'd':
+   case 'i':
intdata = true;
break;
+   case 'o':
+   case 'u':
+   case 'x':
+   case 'X':
+   intdata = nosign = true;
+   break;
case 'D':
-   /* %lD is undefined */
-   if (!longdata) {
-   longdata = true; /* %D behaves as %ld */
-   intdata = true;
-   break;
-   }
-   goto fmt_broken;
-   case 'O': case 'U':
-   /* %lO and %lU are undefined */
-   if (!longdata) {
-   longdata = true; /* %O, %U behave as %lo, %lu */
-   intdata = nosign = true;
-   break;
-   }
-   goto fmt_broken;
+   if (longdata)
+   goto fmt_broken;
+   longdata = intdata = true; /* same as %ld */
+   break;
+   case 'O':
+   case 'U':
+   if (longdata)
+   goto fmt_broken;
+   longdata = intdata = nosign = true; /* same as %l[ou] */
+   break;
case 'c':
-   if (!(intdata | longdata)) {
-   chardata = true;
-   break;
-   }
-   goto fmt_broken;
-   case 'f': case 'e': case 'g': case 'E': case 'G':
-   if (!longdata)
-   break;
-   /* FALLTHROUGH */
+   if (longdata)
+   goto fmt_broken;
+   chardata = true;
+   break;
+   case 'e':
+   case 'E':
+   case 'f':
+   case 'g':
+   case 'G':
+   if (longdata)
+   goto fmt_broken;
+   /* No cast needed for printing in putdata() */
+   break;
default:
 fmt_broken:
errx(1, "illegal or unsupported format '%.*s'",

Re: Basic SHA3 support (cryptographic discussion)

[Daniel Loebenberger]

Hi,

concerning the question who needs SHA3, we do not agree that SHA3 should
be skipped as a standard. As cryptographers we sincerely believe that
the SHA3 design is superior to the one of SHA256 also due to the process
it was created. We believe that an efficient implementation will trigger
increased use of the standard and hope that its user base will grow
quickly once the commands are simply there.

For the discussion, find here some additional arguments in favor of
SHA3:

- The construction of SHA3 differs considerably from the SHA2
constructions (which covers all variants). Cryptanalytic progress for
SHA2 can destroy all variants at once, but will probably not affect
SHA3.

- SHA3's design principles are far better understood than the ones of
SHA2. The invention of sponge functions is in our opinion one of the
greatest inventions in hash-function design over the past few years. It
is simple and brilliant, and the generic properties of the construction
have appealing properties. - A possible migration away from SHA2 will be
faster when including SHA3 in OpenBSD now if it should happen that major
cryptanalytic advances attacking SHA2 pop up in the future. - The claim
that we now "know" how to build secure hash functions in general seems
problematic. To break a function, substantial cryptanalytic effort must
be made. It is not clear how much of this effort was put in the
presumably secure "newer" functions. - The argument that SHA3 is slow
does at least not apply to the reference code we used: The current
implementation of sha3-256 is indeed [slightly] faster on our machine
than the one of sha256.

Best regards,
Daniel, Stefan and Alexander

Re: Basic SHA3 support

[Daniel Loebenberger]

Hi,

we thank you for all your comments!

The following contains our answers specific to your technical remarks
on the patch itself. Another email on the cryptographic discussion
will follow.

1.) We agree that six new commands are not a good idea. The minimal
variant would be to include sha3-256. If there is a sha512 command, one
could think of adding -- for the sake of consistency -- sha3-512 as
well.

2.) The issue with the SHA2_ONLY macro is fixed now, we also
crosschecked that in distrib/special/md5 no additional code is included
by our patch.

3.) Concerning the question on whether one should also include the
implementation in LibreSSL, we did not think of such an application in
the first place (and also think that we cannot answer it competently).
This is also the reason for the wording "basic" in our submission.

Attached you find the updated patch.

Best regards,
Daniel, Stefan and Alexander

Index: bin/md5/Makefile
===
RCS file: /cvs/src/bin/md5/Makefile,v
retrieving revision 1.15
diff -u -p -u -p -r1.15 Makefile
--- bin/md5/Makefile30 Mar 2016 06:38:40 -  1.15
+++ bin/md5/Makefile11 Jan 2018 09:04:04 -
@@ -6,6 +6,8 @@ MAN=cksum.1 md5.1
 LINKS= ${BINDIR}/md5 ${BINDIR}/sha1 \
${BINDIR}/md5 ${BINDIR}/sha256 \
${BINDIR}/md5 ${BINDIR}/sha512 \
+   ${BINDIR}/md5 ${BINDIR}/sha3-256 \
+   ${BINDIR}/md5 ${BINDIR}/sha3-512 \
${BINDIR}/md5 ${BINDIR}/cksum
 
 CPPFLAGS+= -I${.CURDIR}
Index: bin/md5/md5.1
===
RCS file: /cvs/src/bin/md5/md5.1,v
retrieving revision 1.47
diff -u -p -u -p -r1.47 md5.1
--- bin/md5/md5.1   23 Feb 2017 20:46:08 -  1.47
+++ bin/md5/md5.1   11 Jan 2018 09:04:04 -
@@ -18,14 +18,18 @@
 .\" Agency (DARPA) and Air Force Research Laboratory, Air Force
 .\" Materiel Command, USAF, under agreement number F39502-99-1-0512.
 .\"
-.Dd $Mdocdate: February 23 2017 $
+.Dd $Mdocdate: January 9 2018 $
 .Dt MD5 1
 .Os
 .Sh NAME
 .Nm md5 ,
 .Nm sha1 ,
 .Nm sha256 ,
-.Nm sha512
+.Nm sha512 ,
+.Nm sha3-224 ,
+.Nm sha3-256 ,
+.Nm sha3-384 ,
+.Nm sha3-512
 .Nd calculate a message digest (checksum) for a file
 .Sh SYNOPSIS
 .Nm md5
@@ -52,6 +56,30 @@
 .Op Fl h Ar hashfile
 .Op Fl s Ar string
 .Op Ar
+.Nm sha3-224
+.Op Fl bcpqrtx
+.Op Fl C Ar checklist
+.Op Fl h Ar hashfile
+.Op Fl s Ar string
+.Op Ar
+.Nm sha3-256
+.Op Fl bcpqrtx
+.Op Fl C Ar checklist
+.Op Fl h Ar hashfile
+.Op Fl s Ar string
+.Op Ar
+.Nm sha3-384
+.Op Fl bcpqrtx
+.Op Fl C Ar checklist
+.Op Fl h Ar hashfile
+.Op Fl s Ar string
+.Op Ar
+.Nm sha3-512
+.Op Fl bcpqrtx
+.Op Fl C Ar checklist
+.Op Fl h Ar hashfile
+.Op Fl s Ar string
+.Op Ar
 .Sh DESCRIPTION
 These utilities take as input a message of arbitrary length and produce
 as output a message digest (checksum) of the input.
@@ -136,7 +164,13 @@ and \*(Gt0 if an error occurs.
 .%R RFC 3174
 .%T US Secure Hash Algorithm 1 (SHA1)
 .Re
+.Pp
 .Rs
 .%T Secure Hash Standard
 .%O FIPS PUB 180-2
+.Re
+.Pp
+.Rs
+.%T SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions
+.%O FIPS PUB 202
 .Re
Index: bin/md5/md5.c
===
RCS file: /cvs/src/bin/md5/md5.c,v
retrieving revision 1.92
diff -u -p -u -p -r1.92 md5.c
--- bin/md5/md5.c   11 Sep 2017 16:35:38 -  1.92
+++ bin/md5/md5.c   11 Jan 2018 09:04:04 -
@@ -42,6 +42,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #define STYLE_MD5  0
@@ -59,6 +60,7 @@ union ANY_CTX {
MD5_CTX md5;
RMD160_CTX rmd160;
SHA1_CTX sha1;
+   SHA3_CTX sha3;
 #endif /* !defined(SHA2_ONLY) */
SHA2_CTX sha2;
 };
@@ -178,6 +180,52 @@ struct hash_function {
(void (*)(unsigned char *, void *))SHA512Final,
(char *(*)(void *, char *))SHA512End
},
+#if !defined(SHA2_ONLY)
+   {
+   "SHA3-224",
+   SHA3_224_DIGEST_LENGTH,
+   STYLE_MD5,
+   0,
+   NULL,
+   (void (*)(void *))SHA3_224Init,
+   (void (*)(void *, const unsigned char *, size_t))SHA3_Update,
+   (void (*)(unsigned char *, void *))SHA3_Final,
+   (char *(*)(void *, char *))SHA3_224End
+   },
+   {
+   "SHA3-256",
+   SHA3_256_DIGEST_LENGTH,
+   STYLE_MD5,
+   0,
+   NULL,
+   (void (*)(void *))SHA3_256Init,
+   (void (*)(void *, const unsigned char *, size_t))SHA3_Update,
+   (void (*)(unsigned char *, void *))SHA3_Final,
+   (char *(*)(void *, char *))SHA3_256End
+   },
+   {
+   "SHA3-384",
+   SHA3_384_DIGEST_LENGTH,
+   STYLE_MD5,
+   0,
+   NULL,
+   (void (*)(void *))SHA3_384Init,
+   (void (*)(void *, const unsigned 

Re: merge vlan and carp input back into ether_input

[Martin Pieuchot]

On 11/01/18(Thu) 21:59, David Gwynne wrote:
> [...] 
> when you say i break carp balancing, are you talking about the removal of the 
> PACKET_TAG_CARP_BAL_IP tagging? PACKET_TAG_CARP_BAL_IP is only used in 
> carp_lsdrop to clear the M_MCAST flag on the mbuf. M_MCAST wont be set on 
> packets destined for the carp interface because we check ac_enaddr before 
> checking if the packet is multicast or broadcast.

I might be mistaken.  I just know that this code is fragile and I'd
prefer to see such change tested isolated because carp(4) itself has
multiple configurations.  CARP balancing has been fixed for 6.2 by
friehm@ after being broken for multiple releases.

> are you sure? carp and vlan on top of trunk should still function. however, 
> trunk or bridge/switch on vlan is broken though :(

I'm not sure, but I believe mixing input handler and hardcoding some in
ether_input() won't fly :)

> > If if_input() is called on a pseudo-interface we know we're already in
> > a softnet process.
> 
> or a syscall.
> 
> the code above has pseudo interfaces recurse, where they'd loop either on 
> ifih or at the task level. probably not a huge concern though.

We can unroll the loop afterward.  What we need now is get rid of the
queues.

> > We could also think of doing something similar for if_enqueue() and call
> > if_start() directly for pseudo-interface.
> 
> ill think about that. ive had some other experiments in that area we could 
> look at too.

I'd be glad to look at your experiments :)

> >> note that trunk and bridge/switch are still implemented using
> >> interface input handlers at the moment.
> > 
> > If you want to get rid of the input handlers, I'd suggest doing it in
> > the beginning of a release cycle and for all pseudo drivers at once.
> 
> considering the trunk and bridge/switch issue, it probably is best to do them 
> all at once.

Yes.  I'm aware that the SRP/input handler loop might be considered.
We can probably gain some percents if we remove it.  However this is
a micro optimization compared to other improvements that can be done.
Plus it has the advantage of not having fragile #ifdef maze in the
rest of the code.

Re: bpf for subsystems, not just interfaces

[Martin Pieuchot]

On 11/01/18(Thu) 23:10, David Gwynne wrote:
> 
> 
> > On 11 Jan 2018, at 9:11 pm, Martin Pieuchot  wrote:
> > 
> > On 11/01/18(Thu) 11:58, David Gwynne wrote:
> >> im sending this out more as a backup than a serious diff.
> > 
> > I love this.  It's one of the steps to be able to use bpf(4) for USB.
> 
> oh yeah.
> 
> > 
> > Is there an easy way to also remove the mbuf requirement?  For example
> > I'd like to call bpf_mtap() or similar in usb_transfer_complete().
> 
> is the usb payload in one or two contig buffers? we could just fake it.

Yes, it's  KERNADDR(>dmabuf, 0) of size `xfer->actlen'.

> >> this tweaks bpf so it can be used by subsystems, not just interfaces.
> >> this is done by making bpf store and use names (eg, "pf" and "em0")
> >> instead of just interfaces. interfaces get some special handling
> >> so you can't bpfwrite or enable ifpromisc unless bif_ifp is set.
> >> 
> >> an example use of this is attaching bpf to pf. you can see all the
> >> packets handed to pf_test with this diff and tcpdump -ni pf.
> >> 
> >> Index: bpf.c
> >> ===
> >> RCS file: /cvs/src/sys/net/bpf.c,v
> >> retrieving revision 1.165
> >> diff -u -p -r1.165 bpf.c
> >> --- bpf.c  30 Dec 2017 23:08:29 -  1.165
> >> +++ bpf.c  10 Jan 2018 07:27:45 -
> >> @@ -93,7 +93,7 @@ struct bpf_if*bpf_iflist;
> >> LIST_HEAD(, bpf_d) bpf_d_list;
> >> 
> >> intbpf_allocbufs(struct bpf_d *);
> >> -void  bpf_ifname(struct ifnet *, struct ifreq *);
> >> +void  bpf_ifname(struct bpf_if*, struct ifreq *);
> >> int_bpf_mtap(caddr_t, const struct mbuf *, u_int,
> >>void (*)(const void *, void *, size_t));
> >> void   bpf_mcopy(const void *, void *, size_t);
> >> @@ -320,6 +320,8 @@ bpf_detachd(struct bpf_d *d)
> >>if (d->bd_promisc) {
> >>int error;
> >> 
> >> +  KASSERT(bp->bif_ifp != NULL);
> >> +
> >>d->bd_promisc = 0;
> >> 
> >>bpf_get(d);
> >> @@ -593,7 +595,7 @@ bpfwrite(dev_t dev, struct uio *uio, int
> >>bpf_get(d);
> >>ifp = d->bd_bif->bif_ifp;
> >> 
> >> -  if ((ifp->if_flags & IFF_UP) == 0) {
> >> +  if (ifp == NULL || (ifp->if_flags & IFF_UP) == 0) {
> >>error = ENETDOWN;
> >>goto out;
> >>}
> >> @@ -789,7 +791,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
> >> * No interface attached yet.
> >> */
> >>error = EINVAL;
> >> -  } else {
> >> +  } else if (d->bd_bif->bif_ifp != NULL) { 
> >>if (d->bd_promisc == 0) {
> >>MUTEX_ASSERT_UNLOCKED(>bd_mtx);
> >>error = ifpromisc(d->bd_bif->bif_ifp, 1);
> >> @@ -839,7 +841,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
> >>if (d->bd_bif == NULL)
> >>error = EINVAL;
> >>else
> >> -  bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr);
> >> +  bpf_ifname(d->bd_bif, (struct ifreq *)addr);
> >>break;
> >> 
> >>/*
> >> @@ -1049,10 +1051,7 @@ bpf_setif(struct bpf_d *d, struct ifreq 
> >> * Look through attached interfaces for the named one.
> >> */
> >>for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
> >> -  struct ifnet *ifp = bp->bif_ifp;
> >> -
> >> -  if (ifp == NULL ||
> >> -  strcmp(ifp->if_xname, ifr->ifr_name) != 0)
> >> +  if (strcmp(bp->bif_name, ifr->ifr_name) != 0)
> >>continue;
> >> 
> >>if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt)
> >> @@ -1090,9 +1089,9 @@ out:
> >>  * Copy the interface name to the ifreq.
> >>  */
> >> void
> >> -bpf_ifname(struct ifnet *ifp, struct ifreq *ifr)
> >> +bpf_ifname(struct bpf_if *bif, struct ifreq *ifr)
> >> {
> >> -  bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ);
> >> +  bcopy(bif->bif_name, ifr->ifr_name, sizeof(ifr->ifr_name));
> >> }
> >> 
> >> /*
> >> @@ -1538,21 +1537,17 @@ bpf_put(struct bpf_d *bd)
> >>free(bd, M_DEVBUF, sizeof(*bd));
> >> }
> >> 
> >> -/*
> >> - * Attach an interface to bpf.  driverp is a pointer to a (struct bpf_if 
> >> *)
> >> - * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
> >> - * size of the link header (variable length headers not yet supported).
> >> - */
> >> -void
> >> -bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen)
> >> +void *
> >> +bpfsattach(caddr_t *bpfp, const char *name, u_int dlt, u_int hdrlen)
> >> {
> >>struct bpf_if *bp;
> >> 
> >>if ((bp = malloc(sizeof(*bp), M_DEVBUF, M_NOWAIT)) == NULL)
> >>panic("bpfattach");
> >>SRPL_INIT(>bif_dlist);
> >> -  bp->bif_driverp = (struct bpf_if **)driverp;
> >> -  bp->bif_ifp = ifp;
> >> +  bp->bif_driverp = (struct bpf_if **)bpfp;
> >> +  bp->bif_name = name;
> >> +  bp->bif_ifp = NULL;
> >>bp->bif_dlt = dlt;
> >> 
> >>bp->bif_next 

Re: Basic SHA3 support

[Todd C. Miller]

On Wed, 10 Jan 2018 22:06:37 +, Christian Weisgerber wrote:

> I've had something like this on my to-do list for some time and
> eventually dropped it because I couldn't think of a compelling use
> case.
>
> "Maybe Skip SHA-3"
> https://www.imperialviolet.org/2017/05/31/skipsha3.html

That makes a pretty convincing case for *not* inluding sha-3.

I think at this point there needs to be a compelling argument to
include it in libc.  As you say, it is not even present in LibreSSL,
though OpenSSL did eventually add it.

 - todd

Re: bpf for subsystems, not just interfaces

[David Gwynne]

> On 11 Jan 2018, at 9:11 pm, Martin Pieuchot  wrote:
> 
> On 11/01/18(Thu) 11:58, David Gwynne wrote:
>> im sending this out more as a backup than a serious diff.
> 
> I love this.  It's one of the steps to be able to use bpf(4) for USB.

oh yeah.

> 
> Is there an easy way to also remove the mbuf requirement?  For example
> I'd like to call bpf_mtap() or similar in usb_transfer_complete().

is the usb payload in one or two contig buffers? we could just fake it.

> 
>> this tweaks bpf so it can be used by subsystems, not just interfaces.
>> this is done by making bpf store and use names (eg, "pf" and "em0")
>> instead of just interfaces. interfaces get some special handling
>> so you can't bpfwrite or enable ifpromisc unless bif_ifp is set.
>> 
>> an example use of this is attaching bpf to pf. you can see all the
>> packets handed to pf_test with this diff and tcpdump -ni pf.
>> 
>> Index: bpf.c
>> ===
>> RCS file: /cvs/src/sys/net/bpf.c,v
>> retrieving revision 1.165
>> diff -u -p -r1.165 bpf.c
>> --- bpf.c30 Dec 2017 23:08:29 -  1.165
>> +++ bpf.c10 Jan 2018 07:27:45 -
>> @@ -93,7 +93,7 @@ struct bpf_if  *bpf_iflist;
>> LIST_HEAD(, bpf_d) bpf_d_list;
>> 
>> int  bpf_allocbufs(struct bpf_d *);
>> -voidbpf_ifname(struct ifnet *, struct ifreq *);
>> +voidbpf_ifname(struct bpf_if*, struct ifreq *);
>> int  _bpf_mtap(caddr_t, const struct mbuf *, u_int,
>>  void (*)(const void *, void *, size_t));
>> void bpf_mcopy(const void *, void *, size_t);
>> @@ -320,6 +320,8 @@ bpf_detachd(struct bpf_d *d)
>>  if (d->bd_promisc) {
>>  int error;
>> 
>> +KASSERT(bp->bif_ifp != NULL);
>> +
>>  d->bd_promisc = 0;
>> 
>>  bpf_get(d);
>> @@ -593,7 +595,7 @@ bpfwrite(dev_t dev, struct uio *uio, int
>>  bpf_get(d);
>>  ifp = d->bd_bif->bif_ifp;
>> 
>> -if ((ifp->if_flags & IFF_UP) == 0) {
>> +if (ifp == NULL || (ifp->if_flags & IFF_UP) == 0) {
>>  error = ENETDOWN;
>>  goto out;
>>  }
>> @@ -789,7 +791,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
>>   * No interface attached yet.
>>   */
>>  error = EINVAL;
>> -} else {
>> +} else if (d->bd_bif->bif_ifp != NULL) { 
>>  if (d->bd_promisc == 0) {
>>  MUTEX_ASSERT_UNLOCKED(>bd_mtx);
>>  error = ifpromisc(d->bd_bif->bif_ifp, 1);
>> @@ -839,7 +841,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
>>  if (d->bd_bif == NULL)
>>  error = EINVAL;
>>  else
>> -bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr);
>> +bpf_ifname(d->bd_bif, (struct ifreq *)addr);
>>  break;
>> 
>>  /*
>> @@ -1049,10 +1051,7 @@ bpf_setif(struct bpf_d *d, struct ifreq 
>>   * Look through attached interfaces for the named one.
>>   */
>>  for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
>> -struct ifnet *ifp = bp->bif_ifp;
>> -
>> -if (ifp == NULL ||
>> -strcmp(ifp->if_xname, ifr->ifr_name) != 0)
>> +if (strcmp(bp->bif_name, ifr->ifr_name) != 0)
>>  continue;
>> 
>>  if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt)
>> @@ -1090,9 +1089,9 @@ out:
>>  * Copy the interface name to the ifreq.
>>  */
>> void
>> -bpf_ifname(struct ifnet *ifp, struct ifreq *ifr)
>> +bpf_ifname(struct bpf_if *bif, struct ifreq *ifr)
>> {
>> -bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ);
>> +bcopy(bif->bif_name, ifr->ifr_name, sizeof(ifr->ifr_name));
>> }
>> 
>> /*
>> @@ -1538,21 +1537,17 @@ bpf_put(struct bpf_d *bd)
>>  free(bd, M_DEVBUF, sizeof(*bd));
>> }
>> 
>> -/*
>> - * Attach an interface to bpf.  driverp is a pointer to a (struct bpf_if *)
>> - * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
>> - * size of the link header (variable length headers not yet supported).
>> - */
>> -void
>> -bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen)
>> +void *
>> +bpfsattach(caddr_t *bpfp, const char *name, u_int dlt, u_int hdrlen)
>> {
>>  struct bpf_if *bp;
>> 
>>  if ((bp = malloc(sizeof(*bp), M_DEVBUF, M_NOWAIT)) == NULL)
>>  panic("bpfattach");
>>  SRPL_INIT(>bif_dlist);
>> -bp->bif_driverp = (struct bpf_if **)driverp;
>> -bp->bif_ifp = ifp;
>> +bp->bif_driverp = (struct bpf_if **)bpfp;
>> +bp->bif_name = name;
>> +bp->bif_ifp = NULL;
>>  bp->bif_dlt = dlt;
>> 
>>  bp->bif_next = bpf_iflist;
>> @@ -1567,6 +1562,17 @@ bpfattach(caddr_t *driverp, struct ifnet
>>   * performance reasons and to alleviate alignment restrictions).
>>   */
>>  bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
>> +
>> +return 

Re: restrict carp use to ethernet interfaces

[Claudio Jeker]

On Thu, Jan 11, 2018 at 11:51:25AM +0100, Peter Hessler wrote:
> On 2018 Jan 11 (Thu) at 20:41:19 +1000 (+1000), David Gwynne wrote:
> :vlan and trunk are definitely ethernet interfaces.
> :
> 
> Is there anything in OpenBSD that isn't an ethernet inteface?
> 

How about gif(4), gre(4), tun(4), ppp(4), pppoe(4), mpe(4) and lo(4)?

-- 
:wq Claudio

Re: merge vlan and carp input back into ether_input

[David Gwynne]

> On 11 Jan 2018, at 8:58 pm, Martin Pieuchot  wrote:
> 
> On 11/01/18(Thu) 11:50, David Gwynne wrote:
>> while we were working on making the various pseudo interfaces you
>> stack on top of ethernet mpsafe, we split their input processing
>> off so they could be attacked one by one. they're all mpsafe now,
>> so this separation is not strictly necessary anymore.
> 
> Well at that time we weren't sure how to split the work between
> CPUs.  The current design allow to have multiple tasks doing some
> part of the work and, like we are pushing now, process all the
> incoming packets in the same context.

yes.

now though we assign interfaces to softnettqs, no matter what their 
relationship to each other is. a physical interface could be on tq 0, and it's 
child vlan on 1, which goes against the goal of processing all incoming packets 
in the same context.

> 
>> this moves carp and vlan input back into ether_input. [...]
> 
> It does much more than that.  It's also doing a conversion from mbuf to
> mbuf_list, it contains some IFF_RUNNING "fixes",  it breaks carp(4)
> balancing, it breaks vlan/carp on top of trunk(4)...

it doesnt replace mbufs with mbuf_lists, it gets rid of the cookies for vlan 
and carp input and gives them the list to requeue their packets on for input.

wrt to IFF_RUNNING, if we agree that we should be looking at it to know if an 
interface is functional i can make a bunch of those fixes without oks.

when you say i break carp balancing, are you talking about the removal of the 
PACKET_TAG_CARP_BAL_IP tagging? PACKET_TAG_CARP_BAL_IP is only used in 
carp_lsdrop to clear the M_MCAST flag on the mbuf. M_MCAST wont be set on 
packets destined for the carp interface because we check ac_enaddr before 
checking if the packet is multicast or broadcast.

are you sure? carp and vlan on top of trunk should still function. however, 
trunk or bridge/switch on vlan is broken though :(

> 
>> this diff also gets rid of the use of the pseudo interfaces input
>> queues, it processes their packets off an mbuf list for each real
>> ethernet packet. if we can tie all the work done on behalf of a
>> physical ring to a single task it makes rx ring moderation for
>> physical interfaces a lot easier to implement.
> 
> This needs to be done.  But please don't mix that with a rewrite of
> the input handlers.  I believe that's the easiest way to do that is
> to modify if_input() do process the packets directly if `ifp' is a
> pseudo-interface:
> 
>   if (ISSET(ifp->if_xflags, IFXF_CLONED) {
>   struct ifih *ifih;
>   struct srp_ref sr;
> 
>   NET_ASSERT_LOCKED();
> 
>SRPL_FOREACH(ifih, , >if_inputs, ifih_next) {
>if ((*ifih->ifih_input)(ifp, m, ifih->ifih_cookie))
>break;
>}
>SRPL_LEAVE()
>   } else
>   ifiq_input(>if_rcv, ml, 2048);
> 
> If if_input() is called on a pseudo-interface we know we're already in
> a softnet process.

or a syscall.

the code above has pseudo interfaces recurse, where they'd loop either on ifih 
or at the task level. probably not a huge concern though.

> 
> We could also think of doing something similar for if_enqueue() and call
> if_start() directly for pseudo-interface.

ill think about that. ive had some other experiments in that area we could look 
at too.

> 
>> note that trunk and bridge/switch are still implemented using
>> interface input handlers at the moment.
> 
> If you want to get rid of the input handlers, I'd suggest doing it in
> the beginning of a release cycle and for all pseudo drivers at once.

considering the trunk and bridge/switch issue, it probably is best to do them 
all at once.

Re: restrict carp use to ethernet interfaces

[Peter Hessler]

On 2018 Jan 11 (Thu) at 11:51:25 +0100 (+0100), Peter Hessler wrote:
:On 2018 Jan 11 (Thu) at 20:41:19 +1000 (+1000), David Gwynne wrote:
::vlan and trunk are definitely ethernet interfaces.
::
:
:Is there anything in OpenBSD that isn't an ethernet inteface?
:

based on a simplistic grep:  upl(4), umb(4), bridge(4), enc(4), gre(4),
lo(4), mpe(4), pflog(4), pflow(4), pfsync(4), ppp/pppoe/pppx/sppp,
trunk(4), tun(4), switch(4), mpw(4), and of course, carp(4).

-- 
Pity the meek, for they shall inherit the earth.
-- Don Marquis

Re: merge vlan and carp input back into ether_input

[Martin Pieuchot]

On 11/01/18(Thu) 11:50, David Gwynne wrote:
> while we were working on making the various pseudo interfaces you
> stack on top of ethernet mpsafe, we split their input processing
> off so they could be attacked one by one. they're all mpsafe now,
> so this separation is not strictly necessary anymore.

Well at that time we weren't sure how to split the work between
CPUs.  The current design allow to have multiple tasks doing some
part of the work and, like we are pushing now, process all the
incoming packets in the same context.

> this moves carp and vlan input back into ether_input. [...]

It does much more than that.  It's also doing a conversion from mbuf to
mbuf_list, it contains some IFF_RUNNING "fixes",  it breaks carp(4)
balancing, it breaks vlan/carp on top of trunk(4)...

> this diff also gets rid of the use of the pseudo interfaces input
> queues, it processes their packets off an mbuf list for each real
> ethernet packet. if we can tie all the work done on behalf of a
> physical ring to a single task it makes rx ring moderation for
> physical interfaces a lot easier to implement.

This needs to be done.  But please don't mix that with a rewrite of
the input handlers.  I believe that's the easiest way to do that is
to modify if_input() do process the packets directly if `ifp' is a
pseudo-interface:

if (ISSET(ifp->if_xflags, IFXF_CLONED) {
struct ifih *ifih;
struct srp_ref sr;

NET_ASSERT_LOCKED();

SRPL_FOREACH(ifih, , >if_inputs, ifih_next) {
if ((*ifih->ifih_input)(ifp, m, ifih->ifih_cookie))
break;
}
SRPL_LEAVE()
} else
ifiq_input(>if_rcv, ml, 2048);

If if_input() is called on a pseudo-interface we know we're already in
a softnet process.

We could also think of doing something similar for if_enqueue() and call
if_start() directly for pseudo-interface.

> note that trunk and bridge/switch are still implemented using
> interface input handlers at the moment.

If you want to get rid of the input handlers, I'd suggest doing it in
the beginning of a release cycle and for all pseudo drivers at once.

Re: bpf for subsystems, not just interfaces

[Martin Pieuchot]

On 11/01/18(Thu) 11:58, David Gwynne wrote:
> im sending this out more as a backup than a serious diff.

I love this.  It's one of the steps to be able to use bpf(4) for USB.

Is there an easy way to also remove the mbuf requirement?  For example
I'd like to call bpf_mtap() or similar in usb_transfer_complete().

> this tweaks bpf so it can be used by subsystems, not just interfaces.
> this is done by making bpf store and use names (eg, "pf" and "em0")
> instead of just interfaces. interfaces get some special handling
> so you can't bpfwrite or enable ifpromisc unless bif_ifp is set.
> 
> an example use of this is attaching bpf to pf. you can see all the
> packets handed to pf_test with this diff and tcpdump -ni pf.
> 
> Index: bpf.c
> ===
> RCS file: /cvs/src/sys/net/bpf.c,v
> retrieving revision 1.165
> diff -u -p -r1.165 bpf.c
> --- bpf.c 30 Dec 2017 23:08:29 -  1.165
> +++ bpf.c 10 Jan 2018 07:27:45 -
> @@ -93,7 +93,7 @@ struct bpf_if   *bpf_iflist;
>  LIST_HEAD(, bpf_d) bpf_d_list;
>  
>  int  bpf_allocbufs(struct bpf_d *);
> -void bpf_ifname(struct ifnet *, struct ifreq *);
> +void bpf_ifname(struct bpf_if*, struct ifreq *);
>  int  _bpf_mtap(caddr_t, const struct mbuf *, u_int,
>   void (*)(const void *, void *, size_t));
>  void bpf_mcopy(const void *, void *, size_t);
> @@ -320,6 +320,8 @@ bpf_detachd(struct bpf_d *d)
>   if (d->bd_promisc) {
>   int error;
>  
> + KASSERT(bp->bif_ifp != NULL);
> +
>   d->bd_promisc = 0;
>  
>   bpf_get(d);
> @@ -593,7 +595,7 @@ bpfwrite(dev_t dev, struct uio *uio, int
>   bpf_get(d);
>   ifp = d->bd_bif->bif_ifp;
>  
> - if ((ifp->if_flags & IFF_UP) == 0) {
> + if (ifp == NULL || (ifp->if_flags & IFF_UP) == 0) {
>   error = ENETDOWN;
>   goto out;
>   }
> @@ -789,7 +791,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
>* No interface attached yet.
>*/
>   error = EINVAL;
> - } else {
> + } else if (d->bd_bif->bif_ifp != NULL) { 
>   if (d->bd_promisc == 0) {
>   MUTEX_ASSERT_UNLOCKED(>bd_mtx);
>   error = ifpromisc(d->bd_bif->bif_ifp, 1);
> @@ -839,7 +841,7 @@ bpfioctl(dev_t dev, u_long cmd, caddr_t 
>   if (d->bd_bif == NULL)
>   error = EINVAL;
>   else
> - bpf_ifname(d->bd_bif->bif_ifp, (struct ifreq *)addr);
> + bpf_ifname(d->bd_bif, (struct ifreq *)addr);
>   break;
>  
>   /*
> @@ -1049,10 +1051,7 @@ bpf_setif(struct bpf_d *d, struct ifreq 
>* Look through attached interfaces for the named one.
>*/
>   for (bp = bpf_iflist; bp != NULL; bp = bp->bif_next) {
> - struct ifnet *ifp = bp->bif_ifp;
> -
> - if (ifp == NULL ||
> - strcmp(ifp->if_xname, ifr->ifr_name) != 0)
> + if (strcmp(bp->bif_name, ifr->ifr_name) != 0)
>   continue;
>  
>   if (candidate == NULL || candidate->bif_dlt > bp->bif_dlt)
> @@ -1090,9 +1089,9 @@ out:
>   * Copy the interface name to the ifreq.
>   */
>  void
> -bpf_ifname(struct ifnet *ifp, struct ifreq *ifr)
> +bpf_ifname(struct bpf_if *bif, struct ifreq *ifr)
>  {
> - bcopy(ifp->if_xname, ifr->ifr_name, IFNAMSIZ);
> + bcopy(bif->bif_name, ifr->ifr_name, sizeof(ifr->ifr_name));
>  }
>  
>  /*
> @@ -1538,21 +1537,17 @@ bpf_put(struct bpf_d *bd)
>   free(bd, M_DEVBUF, sizeof(*bd));
>  }
>  
> -/*
> - * Attach an interface to bpf.  driverp is a pointer to a (struct bpf_if *)
> - * in the driver's softc; dlt is the link layer type; hdrlen is the fixed
> - * size of the link header (variable length headers not yet supported).
> - */
> -void
> -bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen)
> +void *
> +bpfsattach(caddr_t *bpfp, const char *name, u_int dlt, u_int hdrlen)
>  {
>   struct bpf_if *bp;
>  
>   if ((bp = malloc(sizeof(*bp), M_DEVBUF, M_NOWAIT)) == NULL)
>   panic("bpfattach");
>   SRPL_INIT(>bif_dlist);
> - bp->bif_driverp = (struct bpf_if **)driverp;
> - bp->bif_ifp = ifp;
> + bp->bif_driverp = (struct bpf_if **)bpfp;
> + bp->bif_name = name;
> + bp->bif_ifp = NULL;
>   bp->bif_dlt = dlt;
>  
>   bp->bif_next = bpf_iflist;
> @@ -1567,6 +1562,17 @@ bpfattach(caddr_t *driverp, struct ifnet
>* performance reasons and to alleviate alignment restrictions).
>*/
>   bp->bif_hdrlen = BPF_WORDALIGN(hdrlen + SIZEOF_BPF_HDR) - hdrlen;
> +
> + return (bp);
> +}
> +
> +void
> +bpfattach(caddr_t *driverp, struct ifnet *ifp, u_int dlt, u_int hdrlen)
> +{
> + struct bpf_if *bp;
> +
> + bp = bpfsattach(driverp, ifp->if_xname, dlt, hdrlen);
> + bp->bif_ifp = ifp;
>  }
>  

Re: ksh: unused param in print_expansions()

[Theo Buehler]

On Thu, Jan 11, 2018 at 11:56:32AM +0100, Ingo Schwarze wrote:
> Hi,
> 
> Michael W. Bombardieri wrote on Thu, Jan 11, 2018 at 05:37:29PM +0800:
> 
> > The local function print_expansions() is a wrapper for
> > x_print_expansions(). Going back to revision 1.1 of vi.c
> > reveals the command parameter wasn't used then either.
> 
> Yes, this patch looks correct and works, and i fail to see what the
> extra argument could be used for in the future.
> 
> OK?

ok

Re: ksh: unused param in print_expansions()

[Ingo Schwarze]

Hi,

Michael W. Bombardieri wrote on Thu, Jan 11, 2018 at 05:37:29PM +0800:

> The local function print_expansions() is a wrapper for
> x_print_expansions(). Going back to revision 1.1 of vi.c
> reveals the command parameter wasn't used then either.

Yes, this patch looks correct and works, and i fail to see what the
extra argument could be used for in the future.

OK?
  Ingo


> Index: vi.c
> ===
> RCS file: /cvs/src/bin/ksh/vi.c,v
> retrieving revision 1.53
> diff -u -p -u -r1.53 vi.c
> --- vi.c  6 Jan 2018 16:28:58 -   1.53
> +++ vi.c  11 Jan 2018 09:28:10 -
> @@ -61,7 +61,7 @@ static void display(char *, char *, int)
>  static void  ed_mov_opt(int, char *);
>  static int   expand_word(int);
>  static int   complete_word(int, int);
> -static int   print_expansions(struct edstate *, int);
> +static int   print_expansions(struct edstate *);
>  static int   char_len(int);
>  static void  x_vi_zotc(int);
>  static void  vi_pprompt(int);
> @@ -648,7 +648,7 @@ vi_insert(int ch)
>   break;
>  
>   case CTRL('e'):
> - print_expansions(es, 0);
> + print_expansions(es);
>   break;
>  
>   case CTRL('i'):
> @@ -1125,7 +1125,7 @@ vi_cmd(int argcnt, const char *cmd)
>  
>   case '=':   /* at ksh */
>   case CTRL('e'): /* Nonstandard vi/ksh */
> - print_expansions(es, 1);
> + print_expansions(es);
>   break;
>  
>  
> @@ -2052,7 +2052,7 @@ complete_word(int command, int count)
>  
>   /* Undo previous completion */
>   if (command == 0 && expanded == COMPLETE && buf) {
> - print_expansions(buf, 0);
> + print_expansions(buf);
>   expanded = PRINT;
>   return 0;
>   }
> @@ -2143,7 +2143,7 @@ complete_word(int command, int count)
>  }
>  
>  static int
> -print_expansions(struct edstate *e, int command)
> +print_expansions(struct edstate *e)
>  {
>   int nwords;
>   int start, end;
> 

Re: restrict carp use to ethernet interfaces

[David Gwynne]

> On 11 Jan 2018, at 8:51 pm, Peter Hessler  wrote:
> 
> On 2018 Jan 11 (Thu) at 20:41:19 +1000 (+1000), David Gwynne wrote:
> :vlan and trunk are definitely ethernet interfaces.
> :
> 
> Is there anything in OpenBSD that isn't an ethernet inteface?

carp :)

> 
> -- 
> It is impossible to travel faster than light, and certainly not
> desirable, as one's hat keeps blowing off.
>   -- Woody Allen
> 

Re: restrict carp use to ethernet interfaces

[Peter Hessler]

On 2018 Jan 11 (Thu) at 20:41:19 +1000 (+1000), David Gwynne wrote:
:vlan and trunk are definitely ethernet interfaces.
:

Is there anything in OpenBSD that isn't an ethernet inteface?


-- 
It is impossible to travel faster than light, and certainly not
desirable, as one's hat keeps blowing off.
-- Woody Allen

Re: restrict carp use to ethernet interfaces

[David Gwynne]

> On 11 Jan 2018, at 5:53 pm, Jonathan Gray  wrote:
> 
> On Thu, Jan 11, 2018 at 08:25:26AM +0100, Matthieu Herrb wrote:
>> On Thu, Jan 11, 2018 at 10:29:17AM +1000, David Gwynne wrote:
>>> carp interfaces output using ether_output, so it is reasonable to
>>> require that they only get configured on top of ethernet interfaces
>>> rather than just !IFT_CARP.
>>> 
>> Hi,
>> 
>> in this context are vlan interfaces also considered as IFT_ETHER ?
>> I've use cases for carp over vlan interfaces. I'd hate not being able
>> to do that anymore.
>> -- 
>> Matthieu Herrb
>> 
> 
> vlan(4) calls ether_ifattach() which sets ifp->if_type = IFT_ETHER

yes.

vlan and trunk are definitely ethernet interfaces.

Re: cast __swapXX in _endian.h to help the compiler

[Mark Kettenis]

> Date: Thu, 11 Jan 2018 13:53:00 +1000
> From: David Gwynne 
> 
> this silences the warnings when building dhclient.
> 
> according to guenther@, the c standard says ternary operators are
> subject to type promotion rules, ie, it ends up being at least an
> int. this adds explicit casts to the expected type, which makes
> printf happier when you tell it that it's a %hu coming up.
> 
> ok?

ok kettenis@

> Index: _endian.h
> ===
> RCS file: /cvs/src/sys/sys/_endian.h,v
> retrieving revision 1.7
> diff -u -p -r1.7 _endian.h
> --- _endian.h 7 Jan 2018 15:17:42 -   1.7
> +++ _endian.h 11 Jan 2018 03:31:01 -
> @@ -83,9 +83,12 @@ __swap64md(__uint64_t x)
>  }
>  #endif
>  
> -#define __swap16(x) (__builtin_constant_p(x) ? __swap16gen(x) : 
> __swap16md(x))
> -#define __swap32(x) (__builtin_constant_p(x) ? __swap32gen(x) : 
> __swap32md(x))
> -#define __swap64(x) (__builtin_constant_p(x) ? __swap64gen(x) : 
> __swap64md(x))
> +#define __swap16(x)  \
> + (__uint16_t)(__builtin_constant_p(x) ? __swap16gen(x) : __swap16md(x))
> +#define __swap32(x)  \
> + (__uint32_t)(__builtin_constant_p(x) ? __swap32gen(x) : __swap32md(x))
> +#define __swap64(x)  \
> + (__uint64_t)(__builtin_constant_p(x) ? __swap64gen(x) : __swap64md(x))
>  
>  #if _BYTE_ORDER == _LITTLE_ENDIAN
>  
> 
> 

ksh: unused param in print_expansions()

[Michael W. Bombardieri]

Hello,

The local function print_expansions() is a wrapper for
x_print_expansions(). Going back to revision 1.1 of vi.c
reveals the command parameter wasn't used then either.

- Michael


Index: vi.c
===
RCS file: /cvs/src/bin/ksh/vi.c,v
retrieving revision 1.53
diff -u -p -u -r1.53 vi.c
--- vi.c6 Jan 2018 16:28:58 -   1.53
+++ vi.c11 Jan 2018 09:28:10 -
@@ -61,7 +61,7 @@ static void   display(char *, char *, int)
 static voided_mov_opt(int, char *);
 static int expand_word(int);
 static int complete_word(int, int);
-static int print_expansions(struct edstate *, int);
+static int print_expansions(struct edstate *);
 static int char_len(int);
 static voidx_vi_zotc(int);
 static voidvi_pprompt(int);
@@ -648,7 +648,7 @@ vi_insert(int ch)
break;
 
case CTRL('e'):
-   print_expansions(es, 0);
+   print_expansions(es);
break;
 
case CTRL('i'):
@@ -1125,7 +1125,7 @@ vi_cmd(int argcnt, const char *cmd)
 
case '=':   /* at ksh */
case CTRL('e'): /* Nonstandard vi/ksh */
-   print_expansions(es, 1);
+   print_expansions(es);
break;
 
 
@@ -2052,7 +2052,7 @@ complete_word(int command, int count)
 
/* Undo previous completion */
if (command == 0 && expanded == COMPLETE && buf) {
-   print_expansions(buf, 0);
+   print_expansions(buf);
expanded = PRINT;
return 0;
}
@@ -2143,7 +2143,7 @@ complete_word(int command, int count)
 }
 
 static int
-print_expansions(struct edstate *e, int command)
+print_expansions(struct edstate *e)
 {
int nwords;
int start, end;

[PATCH] add support for Huawei E3372

[Kevin Lo]

Hi,

Below are the diffs to make the Huawei E3372 work. dmesg:

umsm0 at uhub0 port 4 configuration 1 interface 0 "HUAWEI_MOBILE HUAWEI_MOBILE" 
rev 2.10/1.02 addr 3
umsm0 detached
umsm0 at uhub0 port 4 configuration 1 interface 0 "HUAWEI_MOBILE HUAWEI_MOBILE" 
rev 2.10/1.02 addr 3
ucom0 at umsm0
umsm1 at uhub0 port 4 configuration 1 interface 1 "HUAWEI_MOBILE HUAWEI_MOBILE" 
rev 2.10/1.02 addr 3

ok?

Index: share/man/man4/umsm.4
===
RCS file: /cvs/src/share/man/man4/umsm.4,v
retrieving revision 1.92
diff -u -p -u -p -r1.92 umsm.4
--- share/man/man4/umsm.4   12 Dec 2016 04:26:29 -  1.92
+++ share/man/man4/umsm.4   11 Jan 2018 08:51:49 -
@@ -73,6 +73,7 @@ driver:
 .It Li "Huawei Mobile E1750" Ta "USB"
 .It Li "Huawei Mobile E1752" Ta "USB"
 .It Li "Huawei Mobile E1820" Ta "USB"
+.It Li "Huawei Mobile E3372" Ta "USB"
 .It Li "Huawei Mobile EM770W" Ta "PCI Express Mini Card"
 .It Li "Huawei Mobile K4510" Ta "USB"
 .It Li "Huawei Mobile K4511" Ta "USB"
Index: sys/dev/usb/umsm.c
===
RCS file: /cvs/src/sys/dev/usb/umsm.c,v
retrieving revision 1.109
diff -u -p -u -p -r1.109 umsm.c
--- sys/dev/usb/umsm.c  8 Apr 2017 02:57:25 -   1.109
+++ sys/dev/usb/umsm.c  11 Jan 2018 08:51:50 -
@@ -147,6 +147,7 @@ static const struct umsm_type umsm_devs[
{{ USB_VENDOR_HUAWEI,   USB_PRODUCT_HUAWEI_K4511 }, DEV_UMASS5},
{{ USB_VENDOR_HUAWEI,   USB_PRODUCT_HUAWEI_E1750 }, DEV_UMASS5},
{{ USB_VENDOR_HUAWEI,   USB_PRODUCT_HUAWEI_E1752 }, 0},
+   {{ USB_VENDOR_HUAWEI,   USB_PRODUCT_HUAWEI_E3372 }, DEV_UMASS5},
 
{{ USB_VENDOR_HYUNDAI,  USB_PRODUCT_HYUNDAI_UM175 }, 0},
 
Index: sys/dev/usb/usbdevs
===
RCS file: /cvs/src/sys/dev/usb/usbdevs,v
retrieving revision 1.679
diff -u -p -u -p -r1.679 usbdevs
--- sys/dev/usb/usbdevs 14 Dec 2017 09:22:16 -  1.679
+++ sys/dev/usb/usbdevs 11 Jan 2018 08:51:50 -
@@ -2209,6 +2209,7 @@ product HUAWEI E510   0x1411  HUAWEI Mobil
 product HUAWEI E1810x1414  HUAWEI Mobile E181
 product HUAWEI E1752   0x1417  HUAWEI Mobile Modem
 product HUAWEI E1820x1429  HUAWEI Mobile Modem
+product HUAWEI E3372   0x1442  HUAWEI Mobile Modem
 product HUAWEI E1610x1446  HUAWEI Mobile Modem
 product HUAWEI K3765   0x1465  HUAWEI Mobile K3765
 product HUAWEI E1820   0x14ac  HUAWEI Mobile Modem