pthread signal delivery

[Alexander Bluhm]

Hi,

When killing a process, the signal is handled by any thread that
does not block the signal.  If all threads block the signal, we
currently deliver it to the main thread.  This does not conform to
POSIX.  If any thread unblocks the signal, it should be delivered
immediately to this thread.  We block it until the main thread
unblocks.

I see the problem as some tests of posixtestsuite hang.  Various
people reported similar observations with multi threaded programs
to me.

Solution is to mark such signals at the process instead of one
thread.  Then any thread can handle it later.  There is a XXX comment
that suggests this behavior, NetBSD also does this.

This diff survived a full regress run on i386.

bluhm

Index: kern/exec_elf.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/kern/exec_elf.c,v
retrieving revision 1.149
diff -u -p -r1.149 exec_elf.c
--- kern/exec_elf.c 9 May 2019 22:25:42 -   1.149
+++ kern/exec_elf.c 10 May 2019 02:39:07 -
@@ -1224,7 +1224,7 @@ coredump_notes_elf(struct proc *p, void
cpi.cpi_signo = p->p_sisig;
cpi.cpi_sigcode = p->p_sicode;

-   cpi.cpi_sigpend = p->p_siglist;
+   cpi.cpi_sigpend = p->p_siglist | pr->ps_siglist;
cpi.cpi_sigmask = p->p_sigmask;
cpi.cpi_sigignore = pr->ps_sigacts->ps_sigignore;
cpi.cpi_sigcatch = pr->ps_sigacts->ps_sigcatch;
Index: kern/kern_exit.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/kern/kern_exit.c,v
retrieving revision 1.173
diff -u -p -r1.173 kern_exit.c
--- kern/kern_exit.c23 Jan 2019 22:39:47 -  1.173
+++ kern/kern_exit.c10 May 2019 02:39:07 -
@@ -179,7 +179,7 @@ exit1(struct proc *p, int rv, int flags)
rup = pr->ps_ru;
}
}
-   p->p_siglist = 0;
+   p->p_siglist = pr->ps_siglist = 0;

 #if NKCOV > 0
kcov_exit(p);
Index: kern/kern_sig.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/kern/kern_sig.c,v
retrieving revision 1.229
diff -u -p -r1.229 kern_sig.c
--- kern/kern_sig.c 1 May 2019 06:26:42 -   1.229
+++ kern/kern_sig.c 10 May 2019 02:41:20 -
@@ -365,6 +365,7 @@ setsigvec(struct proc *p, int signum, st
if (sa->sa_handler == SIG_IGN ||
(sigprop[signum] & SA_IGNORE && sa->sa_handler == SIG_DFL)) {
atomic_clearbits_int(&p->p_siglist, bit);
+   atomic_clearbits_int(&p->p_p->ps_siglist, bit);
if (signum != SIGCONT)
ps->ps_sigignore |= bit;/* easier in psignal */
ps->ps_sigcatch &= ~bit;
@@ -419,6 +420,7 @@ execsigs(struct proc *p)
if (nc != SIGCONT)
ps->ps_sigignore |= mask;
atomic_clearbits_int(&p->p_siglist, mask);
+   atomic_clearbits_int(&p->p_p->ps_siglist, mask);
}
ps->ps_sigact[nc] = SIG_DFL;
}
@@ -472,7 +474,7 @@ int
 sys_sigpending(struct proc *p, void *v, register_t *retval)
 {

-   *retval = p->p_siglist;
+   *retval = p->p_siglist | p->p_p->ps_siglist;
return (0);
 }

@@ -875,7 +877,6 @@ psignal(struct proc *p, int signum)

 /*
  * type = SPROCESS process signal, can be diverted (sigwait())
- * XXX if blocked in all threads, mark as pending in struct process
  * type = STHREAD  thread signal, but should be propagated if unhandled
  * type = SPROPAGATED  propagated to this thread, so don't propagate again
  */
@@ -885,6 +886,7 @@ ptsignal(struct proc *p, int signum, enu
int s, prop;
sig_t action;
int mask;
+   int *siglist;
struct process *pr = p->p_p;
struct proc *q;
int wakeparent = 0;
@@ -907,7 +909,7 @@ ptsignal(struct proc *p, int signum, enu
if (pr->ps_flags & PS_COREDUMP && signum == SIGKILL) {
if (pr->ps_single != NULL)
p = pr->ps_single;
-   atomic_setbits_int(&p->p_siglist, mask);
+   atomic_setbits_int(&p->p_p->ps_siglist, mask);
return;
}

@@ -962,7 +964,6 @@ ptsignal(struct proc *p, int signum, enu
 */
if (pr->ps_flags & PS_TRACED) {
action = SIG_DFL;
-   atomic_setbits_int(&p->p_siglist, mask);
} else {
/*
 * If the signal is being ignored,
@@ -992,17 +993,23 @@ ptsignal(struct proc *p, int signum, enu
if (prop & SA_TTYSTOP && pr->ps_pgrp->pg_jobc == 0)
return;
}
-
-   atomic_setbits_int(&p->p_siglist, mask);
}
-
-   if (prop & SA_CONT)
- 

Re: switch(4): add support for protected domains

[Sebastian Benoit]

Ayaka Koshibe(akosh...@openbsd.org) on 2019.05.09 15:56:49 -0700:
> Hi,
> 
> The following adds port protection support to switch(4). The behavior
> copies that of bridge(4), where ports can be added to up to 31 protected
> domains with a list of IDs using ifconfig(8):
> 
> # ifconfig switch0 protected pair1 1,2,..
> 
> Domain membership is checked for unicast, flooded (broadcast), and local
> (host-network-bound, e.g. a trunk) traffic.
> 
> Man page updates will follow in a separate diff.
> 
> OK?

ok

> 
> 
> Thanks,
> Ayaka
> 
> 
> Index: net/if_switch.c
> ===
> RCS file: /cvs/src/sys/net/if_switch.c,v
> retrieving revision 1.26
> diff -u -p -u -r1.26 if_switch.c
> --- net/if_switch.c   28 Apr 2019 22:15:57 -  1.26
> +++ net/if_switch.c   9 May 2019 22:18:27 -
> @@ -434,6 +434,7 @@ switch_ioctl(struct ifnet *ifp, unsigned
>   }
>   breq->ifbr_ifsflags = swpo->swpo_flags;
>   breq->ifbr_portno = swpo->swpo_port_no;
> + breq->ifbr_protected = swpo->swpo_protected;
>   break;
>   case SIOCSIFFLAGS:
>   if ((ifp->if_flags & IFF_UP) == IFF_UP)
> @@ -467,6 +468,19 @@ switch_ioctl(struct ifnet *ifp, unsigned
>   brop->ifbop_last_tc_time.tv_sec = bs->bs_last_tc_time.tv_sec;
>   brop->ifbop_last_tc_time.tv_usec = bs->bs_last_tc_time.tv_usec;
>   break;
> + case SIOCBRDGSIFPROT:
> + ifs = ifunit(breq->ifbr_ifsname);
> + if (ifs == NULL) {
> + error = ENOENT;
> + break;
> + }
> + swpo = (struct switch_port *)ifs->if_switchport;
> + if (swpo == NULL || swpo->swpo_switch != sc) {
> + error = ESRCH;
> + break;
> + }
> + swpo->swpo_protected = breq->ifbr_protected;
> + break;
>   case SIOCSWGDPID:
>   case SIOCSWSDPID:
>   case SIOCSWGMAXFLOW:
> @@ -560,7 +574,7 @@ switch_port_list(struct switch_softc *sc
>   strlcpy(breq.ifbr_name, sc->sc_if.if_xname, IFNAMSIZ);
>   breq.ifbr_ifsflags = swpo->swpo_flags;
>   breq.ifbr_portno = swpo->swpo_port_no;
> -
> + breq.ifbr_protected = swpo->swpo_protected;
>   if ((error = copyout((caddr_t)&breq,
>   (caddr_t)(bifc->ifbic_req + n), sizeof(breq))) != 0)
>   goto done;
> Index: net/if_switch.h
> ===
> RCS file: /cvs/src/sys/net/if_switch.h,v
> retrieving revision 1.10
> diff -u -p -u -r1.10 if_switch.h
> --- net/if_switch.h   20 Nov 2016 12:45:26 -  1.10
> +++ net/if_switch.h   9 May 2019 22:18:27 -
> @@ -174,6 +174,7 @@ struct switch_port {
>   struct timespec  swpo_appended;
>   struct switch_softc *swpo_switch;
>   uint32_t swpo_flags;
> + uint32_t swpo_protected;
>   void*swpo_dhcookie;
>   void(*swop_bk_start)(struct ifnet *);
>  };
> Index: net/switchofp.c
> ===
> RCS file: /cvs/src/sys/net/switchofp.c,v
> retrieving revision 1.72
> diff -u -p -u -r1.72 switchofp.c
> --- net/switchofp.c   28 Dec 2018 14:32:47 -  1.72
> +++ net/switchofp.c   9 May 2019 22:18:28 -
> @@ -3492,6 +3492,7 @@ swofp_action_output(struct switch_softc 
>   struct ofp_action_output*oao;
>   struct switch_port  *swpo;
>   struct mbuf *mc;
> + uint32_tprotected = 0;
>  
>   m->m_pkthdr.csum_flags = 0;
>  
> @@ -3509,6 +3510,14 @@ swofp_action_output(struct switch_softc 
>   }
>   }
>  
> + TAILQ_FOREACH(swpo, &sc->sc_swpo_list, swpo_list_next) {
> + if (swpo->swpo_port_no ==
> + swpld->swpld_swfcl->swfcl_in_port) {
> + protected = swpo->swpo_protected;
> + break;
> + }
> + }
> +
>   switch (ntohl(oao->ao_port)) {
>   case OFP_PORT_CONTROLLER:
>   swofp_action_output_controller(sc, mc, swpld,
> @@ -3521,7 +3530,8 @@ swofp_action_output(struct switch_softc 
>   case OFP_PORT_FLOOD:
>   TAILQ_FOREACH(swpo, &sc->sc_swpo_list, swpo_list_next) {
>   if (swpo->swpo_port_no !=
> - swpld->swpld_swfcl->swfcl_in_port)
> + swpld->swpld_swfcl->swfcl_in_port &&
> + (protected & swpo->swpo_protected) == 0)
>   TAILQ_INSERT_HEAD(&swpld->swpld_fwdp_q, swpo,
>   swpo_fwdp_next);
>   }
> @@ -3543,7 +3553,8 @@ swofp_action_output(struct switch_softc 
>   break

switch(4): add support for protected domains

[Ayaka Koshibe]

Hi,

The following adds port protection support to switch(4). The behavior
copies that of bridge(4), where ports can be added to up to 31 protected
domains with a list of IDs using ifconfig(8):

# ifconfig switch0 protected pair1 1,2,..

Domain membership is checked for unicast, flooded (broadcast), and local
(host-network-bound, e.g. a trunk) traffic.

Man page updates will follow in a separate diff.

OK?


Thanks,
Ayaka


Index: net/if_switch.c
===
RCS file: /cvs/src/sys/net/if_switch.c,v
retrieving revision 1.26
diff -u -p -u -r1.26 if_switch.c
--- net/if_switch.c 28 Apr 2019 22:15:57 -  1.26
+++ net/if_switch.c 9 May 2019 22:18:27 -
@@ -434,6 +434,7 @@ switch_ioctl(struct ifnet *ifp, unsigned
}
breq->ifbr_ifsflags = swpo->swpo_flags;
breq->ifbr_portno = swpo->swpo_port_no;
+   breq->ifbr_protected = swpo->swpo_protected;
break;
case SIOCSIFFLAGS:
if ((ifp->if_flags & IFF_UP) == IFF_UP)
@@ -467,6 +468,19 @@ switch_ioctl(struct ifnet *ifp, unsigned
brop->ifbop_last_tc_time.tv_sec = bs->bs_last_tc_time.tv_sec;
brop->ifbop_last_tc_time.tv_usec = bs->bs_last_tc_time.tv_usec;
break;
+   case SIOCBRDGSIFPROT:
+   ifs = ifunit(breq->ifbr_ifsname);
+   if (ifs == NULL) {
+   error = ENOENT;
+   break;
+   }
+   swpo = (struct switch_port *)ifs->if_switchport;
+   if (swpo == NULL || swpo->swpo_switch != sc) {
+   error = ESRCH;
+   break;
+   }
+   swpo->swpo_protected = breq->ifbr_protected;
+   break;
case SIOCSWGDPID:
case SIOCSWSDPID:
case SIOCSWGMAXFLOW:
@@ -560,7 +574,7 @@ switch_port_list(struct switch_softc *sc
strlcpy(breq.ifbr_name, sc->sc_if.if_xname, IFNAMSIZ);
breq.ifbr_ifsflags = swpo->swpo_flags;
breq.ifbr_portno = swpo->swpo_port_no;
-
+   breq.ifbr_protected = swpo->swpo_protected;
if ((error = copyout((caddr_t)&breq,
(caddr_t)(bifc->ifbic_req + n), sizeof(breq))) != 0)
goto done;
Index: net/if_switch.h
===
RCS file: /cvs/src/sys/net/if_switch.h,v
retrieving revision 1.10
diff -u -p -u -r1.10 if_switch.h
--- net/if_switch.h 20 Nov 2016 12:45:26 -  1.10
+++ net/if_switch.h 9 May 2019 22:18:27 -
@@ -174,6 +174,7 @@ struct switch_port {
struct timespec  swpo_appended;
struct switch_softc *swpo_switch;
uint32_t swpo_flags;
+   uint32_t swpo_protected;
void*swpo_dhcookie;
void(*swop_bk_start)(struct ifnet *);
 };
Index: net/switchofp.c
===
RCS file: /cvs/src/sys/net/switchofp.c,v
retrieving revision 1.72
diff -u -p -u -r1.72 switchofp.c
--- net/switchofp.c 28 Dec 2018 14:32:47 -  1.72
+++ net/switchofp.c 9 May 2019 22:18:28 -
@@ -3492,6 +3492,7 @@ swofp_action_output(struct switch_softc 
struct ofp_action_output*oao;
struct switch_port  *swpo;
struct mbuf *mc;
+   uint32_tprotected = 0;
 
m->m_pkthdr.csum_flags = 0;
 
@@ -3509,6 +3510,14 @@ swofp_action_output(struct switch_softc 
}
}
 
+   TAILQ_FOREACH(swpo, &sc->sc_swpo_list, swpo_list_next) {
+   if (swpo->swpo_port_no ==
+   swpld->swpld_swfcl->swfcl_in_port) {
+   protected = swpo->swpo_protected;
+   break;
+   }
+   }
+
switch (ntohl(oao->ao_port)) {
case OFP_PORT_CONTROLLER:
swofp_action_output_controller(sc, mc, swpld,
@@ -3521,7 +3530,8 @@ swofp_action_output(struct switch_softc 
case OFP_PORT_FLOOD:
TAILQ_FOREACH(swpo, &sc->sc_swpo_list, swpo_list_next) {
if (swpo->swpo_port_no !=
-   swpld->swpld_swfcl->swfcl_in_port)
+   swpld->swpld_swfcl->swfcl_in_port &&
+   (protected & swpo->swpo_protected) == 0)
TAILQ_INSERT_HEAD(&swpld->swpld_fwdp_q, swpo,
swpo_fwdp_next);
}
@@ -3543,7 +3553,8 @@ swofp_action_output(struct switch_softc 
break;
case OFP_PORT_LOCAL:
TAILQ_FOREACH(swpo, &sc->sc_swpo_list, swpo_list_next) {
-   if (swpo->swpo_flags & IFBIF_LOCAL) {
+  

sysupgrade: tweak verbosity

[Christian Weisgerber]

Tweak sysupgrade's verbosity:
* If we are verifying old sets, say so.  This is not an instaneous
  operation.
* Only say that we are verifying the (newly downloaded) sets, if
  we're actually doing so.

OK?

# rm /home/_sysupgrade/x*.tgz
# sysupgrade -knf 
SHA256.sig   100% |*|  2141   00:00
Signature Verified
Verifying old sets.
xbase65.tgz  100% |*| 20108 KB00:03
xfont65.tgz  100% |*| 39342 KB00:07
xserv65.tgz  100% |*| 16341 KB00:03
xshare65.tgz 100% |*|  4460 KB00:01
Verifying sets.
Will upgrade on next reboot
# sysupgrade -knf 
SHA256.sig   100% |*|  2141   00:00
Signature Verified
Verifying old sets.
Will upgrade on next reboot

Index: sysupgrade.sh
===
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v
retrieving revision 1.18
diff -u -p -r1.18 sysupgrade.sh
--- sysupgrade.sh   9 May 2019 21:09:37 -   1.18
+++ sysupgrade.sh   9 May 2019 21:36:44 -
@@ -162,7 +162,8 @@ OLD_FILES=$(ls)
 OLD_FILES=$(rmel SHA256 $OLD_FILES)
 DL=$SETS
 
-for f in $SETS; do
+[[ -n ${OLD_FILES} ]] && echo Verifying old sets.
+for f in ${OLD_FILES}; do
if cksum -C SHA256 $f >/dev/null 2>&1; then
DL=$(rmel $f ${DL})
OLD_FILES=$(rmel $f ${OLD_FILES})
@@ -174,8 +175,10 @@ for f in ${DL}; do
unpriv -f $f ftp -Vmo ${f} ${URL}${f}
 done
 
-echo Verifying sets.
-[[ -n ${DL} ]] && unpriv cksum -qC SHA256 ${DL}
+if [[ -n ${DL} ]]; then
+   echo Verifying sets.
+   unpriv cksum -qC SHA256 ${DL}
+fi
 
 ${KEEP} && > keep
 
-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

KASSERT(9) header

[Martin Pieuchot]

All the places using KASSERT(9) include  and not libkern.h.

Shouldn't we recommend that?

Index: KASSERT.9
===
RCS file: /cvs/src/share/man/man9/KASSERT.9,v
retrieving revision 1.1
diff -u -p -r1.1 KASSERT.9
--- KASSERT.9   19 Apr 2018 22:46:21 -  1.1
+++ KASSERT.9   9 May 2019 20:49:03 -
@@ -36,7 +36,7 @@
 .Nm CTASSERT
 .Nd kernel assert library routines
 .Sh SYNOPSIS
-.In lib/libkern/libkern.h
+.In sys/systm.h
 .Ft "void"
 .Fn assert "CONDITION"
 .Ft "void"

Re: [patch] improve strptime(3) %z timezone parsing

[Ted Unangst]

Ingo Schwarze wrote:
> I'm not mixing anything else into this diff.  The other bugs should
> be handled separately.
> 
> OK?

Works for me. (with additional comment removal)

Re: sysupgrade: keep sets after upgrade

[Klemens Nanni]

On Thu, May 09, 2019 at 08:00:36PM +0200, Christian Weisgerber wrote:
> Add a -k flag to sysupgrade to keep the files in /home/_sysupgrade,
> since they will be deleted after the upgrade by default.
> Florian already added the installer part yesterday.
OK

Re: inteldrm: Use "the flush page mechanism" only on chips having it.

[Alexandre Ratchov]

On Thu, May 09, 2019 at 10:26:52PM +1000, Jonathan Gray wrote:
> On Thu, May 09, 2019 at 07:45:37AM +0200, Alexandre Ratchov wrote:
> > In the intel_gtt_chipset_setup() routine, called at initialization,
> > the driver maps pci space for certain chip models only, but later in
> > intel_gtt_chipset_flush() it calls bus_space_write() on it in cases
> > it's not initialized.
> > 
> > This results in crashes during boot with "Pineview" generation chips,
> > which are "gen == 3", but, according to intel_gtt_chipset_setup() have
> > no flush page mechanism.
> > 
> > Fix this by adding a flag indicating whether the feature is available
> > or not. Then use the flag to check if it's OK to write to the pci
> > space. This is the what the driver did before the 14 april update.
> > 
> > OK?
> > 
> > FWIW, first it looked surprising to do nothing in
> > intel_gtt_chipset_flush(), so I also tried to call the "gen < 3"
> > code. It works as well.
> 
> intel_gtt_chipset_setup() is wrong the 915/945 ifp setup should be used
> on pineview as well.  g33 is the only gen3 that is different.
> 
> This was apparently missed in
> 
> 
> revision 1.78
> date: 2010/05/12 16:20:00;  author: oga;  state: Exp;  lines: +2 -0;
> Add Pineview M to intagp and inteldrm.
> 
> Tested (and initial tweaked diff) from Erik Mugele; thanks!
> 
> 
> The original ifp setup bits were added in sys/dev/pci/drm/i915_drv.c
> rev 1.45 and the ifp setup we use today come from that.
> 

Makes much more sense this way, thanks. Tested on laptop and it works
as expected.

ok ratchov@

Re: [patch] improve strptime(3) %z timezone parsing

[Hiltjo Posthuma]

On Thu, May 09, 2019 at 08:38:43PM +0200, Ingo Schwarze wrote:
> Hi,
> 
> Theo de Raadt wrote on Sun, Mar 24, 2019 at 12:48:03PM -0600:
> > Hiltjo Posthuma  wrote:
> >> On Sun, Feb 24, 2019 at 01:11:39PM +0100, Hiltjo Posthuma wrote:
> 
> >>> 2. The military/nautical UTC offsets are [...]
> 
> broken by design.
> 
> >> As discussed previously for point 2 I think it is fine to either
> >> return NULL and not handle military zones like most libc's do
> 
> > My position is we should delete support.
> 
> So here is a diff to delete support for the military time zones.
> Just error out when encountering them.  That's the best thing we
> can do because their meaning is ill-defined in the first place.
> 
> I'm not mixing anything else into this diff.  The other bugs should
> be handled separately.
> 
> OK?
>   Ingo
> 
> 
> Index: strptime.3
> ===
> RCS file: /cvs/src/lib/libc/time/strptime.3,v
> retrieving revision 1.27
> diff -u -p -r1.27 strptime.3
> --- strptime.321 Feb 2019 19:10:32 -  1.27
> +++ strptime.39 May 2019 18:29:19 -
> @@ -242,15 +242,7 @@ time
>  or
>  .Ql Standard
>  .Pq Dq S
> -time;
> -a single letter military timezone specified as:
> -.Dq A
> -through
> -.Dq I
> -and
> -.Dq K
> -through
> -.Dq Y .
> +time.
>  .It Cm \&%Z
>  timezone name or no characters when timezone information is unavailable.
>  .It Cm \&%%
> Index: strptime.c
> ===
> RCS file: /cvs/src/lib/libc/time/strptime.c,v
> retrieving revision 1.25
> diff -u -p -r1.25 strptime.c
> --- strptime.c21 Feb 2019 19:10:32 -  1.25
> +++ strptime.c9 May 2019 18:29:19 -
> @@ -520,25 +520,6 @@ literal:
>   bp = ep;
>   continue;
>   }
> -
> - if ((*bp >= 'A' && *bp <= 'I') ||
> - (*bp >= 'L' && *bp <= 'Y')) {
> -#ifdef TM_GMTOFF
> - /* Argh! No 'J'! */
> - if (*bp >= 'A' && *bp <= 'I')
> - tm->TM_GMTOFF =
> - ('A' - 1) - (int)*bp;
> - else if (*bp >= 'L' && *bp <= 'M')
> - tm->TM_GMTOFF = 'A' - (int)*bp;
> - else if (*bp >= 'N' && *bp <= 'Y')
> - tm->TM_GMTOFF = (int)*bp - 'M';
> -#endif
> -#ifdef TM_ZONE
> - tm->TM_ZONE = NULL; /* XXX */
> -#endif
> - bp++;
> - continue;
> - }
>   return NULL;
>   }
>   offs = 0;
> 

Hi,

This looks good to me. There is also a comment which could be removed or
changed:


@@ -464,9 +464,6 @@ literal:
 * C[DS]T = Central : -5 | -6
 * M[DS]T = Mountain: -6 | -7
 * P[DS]T = Pacific : -7 | -8
-*  Military
-* [A-IL-M] = -1 ... -9 (J not used)
-* [N-Y]  = +1 ... +12
 */
while (isspace(*bp))
bp++;

-- 
Kind regards,
Hiltjo

Re: relayd: add from/to filter options

[Sebastian Benoit]

ok


Reyk Floeter(r...@openbsd.org) on 2019.05.09 19:27:31 +0200:
> Hi,
> 
> the relayd code already had a few bits for from/to specifiers in
> filter rules, but it wasn't finished.  I did get occasional requests
> if it would be possible to filter based on IPs (much like Allow/Deny
> rules elsewhere).  Simple blocking should better be done in pf but the
> purpose of this is to match URLs/headers related to IPs (see below).
> 
> ```relayd.conf
> http protocol foo {
>   block from 10.1.1.1
>   block from 10.1.1.2 to 192.168.0.0/24
>   pass from 10.1.0.0/16 path "/hello/*" forward to 
>   pass from 10.2.0.0/16 path "/hello/*" forward to 
> }
> ```
> 
> Ok?
> 
> Reyk
> 
> Index: usr.sbin/relayd/parse.y
> ===
> RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
> retrieving revision 1.233
> diff -u -p -u -p -r1.233 parse.y
> --- usr.sbin/relayd/parse.y   13 Mar 2019 23:29:32 -  1.233
> +++ usr.sbin/relayd/parse.y   9 May 2019 17:12:09 -
> @@ -153,6 +153,7 @@ typedef struct {
>   enum direction   dir;
>   struct {
>   struct sockaddr_storage  ss;
> + int  prefixlen;
>   char name[HOST_NAME_MAX+1];
>   }addr;
>   struct {
> @@ -187,7 +188,7 @@ typedef struct {
>  %type  action ruleaf key_option
>  %typeport
>  %typehost
> -%typeaddress
> +%typeaddress rulesrc ruledst addrprefix
>  %type  timeout
>  %type  digest optdigest
>  %type   tablespec
> @@ -1293,6 +1294,20 @@ filterrule : action dir quick ruleaf rul
>   rule->rule_dir = $2;
>   rule->rule_flags |= $3;
>   rule->rule_af = $4;
> + rule->rule_src.addr = $5.ss;
> + rule->rule_src.addr_mask = $5.prefixlen;
> + rule->rule_dst.addr = $6.ss;
> + rule->rule_dst.addr_mask = $6.prefixlen;
> +
> + if (RELAY_AF_NEQ(rule->rule_af,
> + rule->rule_src.addr.ss_family) ||
> + RELAY_AF_NEQ(rule->rule_af,
> + rule->rule_dst.addr.ss_family) ||
> + RELAY_AF_NEQ(rule->rule_src.addr.ss_family,
> + rule->rule_dst.addr.ss_family)) {
> + yyerror("address family mismatch");
> + YYERROR;
> + }
>  
>   rulefile = NULL;
>   } ruleopts_l {
> @@ -1341,10 +1356,20 @@ ruleaf: /* empty */   
> { $$ = AF_UNSPEC
>   | INET  { $$ = AF_INET; }
>   ;
>  
> -rulesrc  : /* XXX */
> +rulesrc  : /* empty */   {
> + memset(&$$, 0, sizeof($$));
> + }
> + | FROM addrprefix   {
> + $$ = $2;
> + }
>   ;
>  
> -ruledst  : /* XXX */
> +ruledst  : /* empty */   {
> + memset(&$$, 0, sizeof($$));
> + }
> + | TO addrprefix {
> + $$ = $2;
> + }
>   ;
>  
>  ruleopts_l   : /* empty */
> @@ -1967,7 +1992,7 @@ routeopts_l : routeopts_l routeoptsl nl
>   | routeoptsl optnl
>   ;
>  
> -routeoptsl   : ROUTE address '/' NUMBER {
> +routeoptsl   : ROUTE addrprefix {
>   struct netroute *nr;
>  
>   if (router->rt_conf.af == AF_UNSPEC)
> @@ -1978,14 +2003,6 @@ routeoptsl : ROUTE address '/' NUMBER {
>   YYERROR;
>   }
>  
> - if ((router->rt_conf.af == AF_INET &&
> - ($4 > 32 || $4 < 0)) ||
> - (router->rt_conf.af == AF_INET6 &&
> - ($4 > 128 || $4 < 0))) {
> - yyerror("invalid prefixlen %d", $4);
> - YYERROR;
> - }
> -
>   if ((nr = calloc(1, sizeof(*nr))) == NULL)
>   fatal("out of memory");
>  
> @@ -1995,7 +2012,7 @@ routeoptsl  : ROUTE address '/' NUMBER {
>   free(nr);
>   YYERROR;
>   }
> - nr->nr_conf.prefixlen = $4;
> + nr->nr_conf.prefixlen = $2.prefixlen;
>   nr->nr_conf.routerid = router->rt_conf.id;
>   nr->nr_router = router;
>   bcopy(&$2.ss, &nr->nr_conf.ss, sizeof($2.ss));
> @@ -2166,6 +

Re: [patch] improve strptime(3) %z timezone parsing

[Ingo Schwarze]

Hi,

Theo de Raadt wrote on Sun, Mar 24, 2019 at 12:48:03PM -0600:
> Hiltjo Posthuma  wrote:
>> On Sun, Feb 24, 2019 at 01:11:39PM +0100, Hiltjo Posthuma wrote:

>>> 2. The military/nautical UTC offsets are [...]

broken by design.

>> As discussed previously for point 2 I think it is fine to either
>> return NULL and not handle military zones like most libc's do

> My position is we should delete support.

So here is a diff to delete support for the military time zones.
Just error out when encountering them.  That's the best thing we
can do because their meaning is ill-defined in the first place.

I'm not mixing anything else into this diff.  The other bugs should
be handled separately.

OK?
  Ingo


Index: strptime.3
===
RCS file: /cvs/src/lib/libc/time/strptime.3,v
retrieving revision 1.27
diff -u -p -r1.27 strptime.3
--- strptime.3  21 Feb 2019 19:10:32 -  1.27
+++ strptime.3  9 May 2019 18:29:19 -
@@ -242,15 +242,7 @@ time
 or
 .Ql Standard
 .Pq Dq S
-time;
-a single letter military timezone specified as:
-.Dq A
-through
-.Dq I
-and
-.Dq K
-through
-.Dq Y .
+time.
 .It Cm \&%Z
 timezone name or no characters when timezone information is unavailable.
 .It Cm \&%%
Index: strptime.c
===
RCS file: /cvs/src/lib/libc/time/strptime.c,v
retrieving revision 1.25
diff -u -p -r1.25 strptime.c
--- strptime.c  21 Feb 2019 19:10:32 -  1.25
+++ strptime.c  9 May 2019 18:29:19 -
@@ -520,25 +520,6 @@ literal:
bp = ep;
continue;
}
-
-   if ((*bp >= 'A' && *bp <= 'I') ||
-   (*bp >= 'L' && *bp <= 'Y')) {
-#ifdef TM_GMTOFF
-   /* Argh! No 'J'! */
-   if (*bp >= 'A' && *bp <= 'I')
-   tm->TM_GMTOFF =
-   ('A' - 1) - (int)*bp;
-   else if (*bp >= 'L' && *bp <= 'M')
-   tm->TM_GMTOFF = 'A' - (int)*bp;
-   else if (*bp >= 'N' && *bp <= 'Y')
-   tm->TM_GMTOFF = (int)*bp - 'M';
-#endif
-#ifdef TM_ZONE
-   tm->TM_ZONE = NULL; /* XXX */
-#endif
-   bp++;
-   continue;
-   }
return NULL;
}
offs = 0;

sysupgrade: keep sets after upgrade

[Christian Weisgerber]

Add a -k flag to sysupgrade to keep the files in /home/_sysupgrade,
since they will be deleted after the upgrade by default.
Florian already added the installer part yesterday.

OK?

Index: sysupgrade.8
===
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.8,v
retrieving revision 1.7
diff -u -p -r1.7 sysupgrade.8
--- sysupgrade.86 May 2019 18:33:21 -   1.7
+++ sysupgrade.89 May 2019 17:54:35 -
@@ -22,7 +22,7 @@
 .Nd upgrade system to the next release or a new snapshot
 .Sh SYNOPSIS
 .Nm
-.Op Fl fn
+.Op Fl fkn
 .Op Fl r | s
 .Op Ar installurl
 .Sh DESCRIPTION
@@ -52,6 +52,10 @@ The options are as follows:
 Force an already applied upgrade.
 The default is to upgrade to latest snapshot only if available.
 This option has no effect on releases.
+.It Fl k
+Keep the files in
+.Pa /home/_sysupgrade .
+By default they will be deleted after the upgrade.
 .It Fl n
 Fetch and verify the files and create
 .Pa /bsd.upgrade
Index: sysupgrade.sh
===
RCS file: /cvs/src/usr.sbin/sysupgrade/sysupgrade.sh,v
retrieving revision 1.16
diff -u -p -r1.16 sysupgrade.sh
--- sysupgrade.sh   8 May 2019 15:06:20 -   1.16
+++ sysupgrade.sh   9 May 2019 17:54:35 -
@@ -33,7 +33,7 @@ ug_err()
 
 usage()
 {
-   ug_err "usage: ${0##*/} [-fn] [-r | -s] [installurl]"
+   ug_err "usage: ${0##*/} [-fkn] [-r | -s] [installurl]"
 }
 
 unpriv()
@@ -72,11 +72,13 @@ rmel() {
 RELEASE=false
 SNAP=false
 FORCE=false
+KEEP=false
 REBOOT=true
 
-while getopts fnrs arg; do
+while getopts fknrs arg; do
case ${arg} in
f)  FORCE=true;;
+   k)  KEEP=true;;
n)  REBOOT=false;;
r)  RELEASE=true;;
s)  SNAP=true;;
@@ -174,6 +176,8 @@ done
 
 echo Verifying sets.
 [[ -n ${DL} ]] && unpriv cksum -qC SHA256 ${DL}
+
+${KEEP} && > keep
 
 cp bsd.rd /nbsd.upgrade
 ln -f /nbsd.upgrade /bsd.upgrade
-- 
Christian "naddy" Weisgerber  na...@mips.inka.de

relayd: add from/to filter options

[Reyk Floeter]

Hi,

the relayd code already had a few bits for from/to specifiers in
filter rules, but it wasn't finished.  I did get occasional requests
if it would be possible to filter based on IPs (much like Allow/Deny
rules elsewhere).  Simple blocking should better be done in pf but the
purpose of this is to match URLs/headers related to IPs (see below).

```relayd.conf
http protocol foo {
block from 10.1.1.1
block from 10.1.1.2 to 192.168.0.0/24
pass from 10.1.0.0/16 path "/hello/*" forward to 
pass from 10.2.0.0/16 path "/hello/*" forward to 
}
```

Ok?

Reyk

Index: usr.sbin/relayd/parse.y
===
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.233
diff -u -p -u -p -r1.233 parse.y
--- usr.sbin/relayd/parse.y 13 Mar 2019 23:29:32 -  1.233
+++ usr.sbin/relayd/parse.y 9 May 2019 17:12:09 -
@@ -153,6 +153,7 @@ typedef struct {
enum direction   dir;
struct {
struct sockaddr_storage  ss;
+   int  prefixlen;
char name[HOST_NAME_MAX+1];
}addr;
struct {
@@ -187,7 +188,7 @@ typedef struct {
 %typeaction ruleaf key_option
 %type  port
 %type  host
-%type  address
+%type  address rulesrc ruledst addrprefix
 %typetimeout
 %typedigest optdigest
 %type tablespec
@@ -1293,6 +1294,20 @@ filterrule   : action dir quick ruleaf rul
rule->rule_dir = $2;
rule->rule_flags |= $3;
rule->rule_af = $4;
+   rule->rule_src.addr = $5.ss;
+   rule->rule_src.addr_mask = $5.prefixlen;
+   rule->rule_dst.addr = $6.ss;
+   rule->rule_dst.addr_mask = $6.prefixlen;
+
+   if (RELAY_AF_NEQ(rule->rule_af,
+   rule->rule_src.addr.ss_family) ||
+   RELAY_AF_NEQ(rule->rule_af,
+   rule->rule_dst.addr.ss_family) ||
+   RELAY_AF_NEQ(rule->rule_src.addr.ss_family,
+   rule->rule_dst.addr.ss_family)) {
+   yyerror("address family mismatch");
+   YYERROR;
+   }
 
rulefile = NULL;
} ruleopts_l {
@@ -1341,10 +1356,20 @@ ruleaf  : /* empty */   { $$ = 
AF_UNSPEC
| INET  { $$ = AF_INET; }
;
 
-rulesrc: /* XXX */
+rulesrc: /* empty */   {
+   memset(&$$, 0, sizeof($$));
+   }
+   | FROM addrprefix   {
+   $$ = $2;
+   }
;
 
-ruledst: /* XXX */
+ruledst: /* empty */   {
+   memset(&$$, 0, sizeof($$));
+   }
+   | TO addrprefix {
+   $$ = $2;
+   }
;
 
 ruleopts_l : /* empty */
@@ -1967,7 +1992,7 @@ routeopts_l   : routeopts_l routeoptsl nl
| routeoptsl optnl
;
 
-routeoptsl : ROUTE address '/' NUMBER {
+routeoptsl : ROUTE addrprefix {
struct netroute *nr;
 
if (router->rt_conf.af == AF_UNSPEC)
@@ -1978,14 +2003,6 @@ routeoptsl   : ROUTE address '/' NUMBER {
YYERROR;
}
 
-   if ((router->rt_conf.af == AF_INET &&
-   ($4 > 32 || $4 < 0)) ||
-   (router->rt_conf.af == AF_INET6 &&
-   ($4 > 128 || $4 < 0))) {
-   yyerror("invalid prefixlen %d", $4);
-   YYERROR;
-   }
-
if ((nr = calloc(1, sizeof(*nr))) == NULL)
fatal("out of memory");
 
@@ -1995,7 +2012,7 @@ routeoptsl: ROUTE address '/' NUMBER {
free(nr);
YYERROR;
}
-   nr->nr_conf.prefixlen = $4;
+   nr->nr_conf.prefixlen = $2.prefixlen;
nr->nr_conf.routerid = router->rt_conf.id;
nr->nr_router = router;
bcopy(&$2.ss, &nr->nr_conf.ss, sizeof($2.ss));
@@ -2166,6 +2183,26 @@ address  : STRING{
h = TAILQ_FIRST(&al);
memcpy(&$$.ss, &h->ss, sizeof($$.ss));
host_free(&al);
+  

Re: [patch] remove reference to HOSTALIASES in hostname(7)

[Ingo Schwarze]

Hi,

Theo de Raadt wrote on Mon, Apr 15, 2019 at 12:56:35PM -0600:
> Hiltjo Posthuma  wrote:

>> I noticed the man page hostname(7) still references the environment
>> variable HOSTALIASES.  This functionality seems to be removed in the
>> commit:
>> https://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib/libc/asr/asr.c?rev=1.50&content-type=text/x-cvsweb-markup

> Your deletion is highly excessive.

I believe the following is the right amount of text to remove.
The description of the file format can go because it does not
appear to be used for anything else.  In particular, hosts(5)
contains its own file format description, which is different.

OK?
  Ingo


Index: hostname.7
===
RCS file: /cvs/src/share/man/man7/hostname.7,v
retrieving revision 1.10
diff -u -p -r1.10 hostname.7
--- hostname.7  29 May 2017 12:13:50 -  1.10
+++ hostname.7  9 May 2019 17:17:47 -
@@ -52,19 +52,6 @@ which must generally translate the name 
 Hostnames are resolved by the Internet name resolver in the following
 fashion.
 .Pp
-If the name consists of a single component, i.e., contains no dot,
-and if the environment variable
-.Ev HOSTALIASES
-is set to the name of a file,
-that file is searched for any string matching the input hostname.
-The file should consist of lines made up of two whitespace separated strings,
-the first of which is the hostname alias,
-and the second of which is the complete hostname
-to be substituted for that alias.
-If a case-insensitive match is found between the hostname to be resolved
-and the first field of a line in the file, the substituted name is looked
-up with no further processing.
-.Pp
 If the input name ends with a trailing dot,
 the trailing dot is removed,
 and the remaining name is looked up with no further processing.

bgpd, filterstate can never be NULL so don't check for it

[Claudio Jeker]

This is cleanup. rde_filter() and rde_apply_set() are no longer called
with a NULL filterstate (since introduction of the Adj-RIB-Out).
So remove all those extra checks to make sure state is not NULL.

-- 
:wq Claudio

Index: rde_filter.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde_filter.c,v
retrieving revision 1.117
diff -u -p -r1.117 rde_filter.c
--- rde_filter.c4 Feb 2019 18:53:10 -   1.117
+++ rde_filter.c9 May 2019 16:00:22 -
@@ -44,9 +44,6 @@ rde_apply_set(struct filter_set_head *sh
u_int16_tnl;
u_int8_t prepend;
 
-   if (state == NULL)
-   return;
-
TAILQ_FOREACH(set, sh, entry) {
switch (set->type) {
case ACTION_SET_LOCALPREF:
@@ -208,12 +205,9 @@ int
 rde_filter_match(struct filter_rule *f, struct rde_peer *peer,
 struct filterstate *state, struct prefix *p)
 {
-   struct rde_aspath *asp = NULL;
+   struct rde_aspath *asp = &state->aspath;
int i;
 
-   if (state != NULL)
-   asp = &state->aspath;
-
if (f->peer.ebgp && !peer->conf.ebgp)
return (0);
if (f->peer.ibgp && peer->conf.ebgp)
@@ -257,7 +251,7 @@ rde_filter_match(struct filter_rule *f, 
}
}
 
-   if (state != NULL && f->match.nexthop.flags != 0) {
+   if (f->match.nexthop.flags != 0) {
struct bgpd_addr *nexthop, *cmpaddr;
if (state->nexthop == NULL)
/* no nexthop, skip */
@@ -798,10 +792,7 @@ rde_filter(struct filter_head *rules, st
struct filter_rule  *f;
enum filter_actions  action = ACTION_DENY; /* default deny */
 
-   if (state == NULL) /* withdraw should be accepted by default */
-   action = ACTION_ALLOW;
-
-   if (state && state->aspath.flags & F_ATTR_PARSE_ERR)
+   if (state->aspath.flags & F_ATTR_PARSE_ERR)
/*
 * don't try to filter bad updates just deny them
 * so they act as implicit withdraws
@@ -827,10 +818,8 @@ rde_filter(struct filter_head *rules, st
 f->skip[RDE_FILTER_SKIP_PEERID]);
 
if (rde_filter_match(f, peer, state, p)) {
-   if (state != NULL) {
-   rde_apply_set(&f->set, state,
-   p->re->prefix->aid, prefix_peer(p), peer);
-   }
+   rde_apply_set(&f->set, state,
+   p->re->prefix->aid, prefix_peer(p), peer);
if (f->action != ACTION_NONE)
action = f->action;
if (f->quick)
Index: rde_update.c
===
RCS file: /cvs/src/usr.sbin/bgpd/rde_update.c,v
retrieving revision 1.108
diff -u -p -r1.108 rde_update.c
--- rde_update.c21 Jan 2019 02:07:56 -  1.108
+++ rde_update.c9 May 2019 16:01:18 -
@@ -202,7 +202,7 @@ up_generate_default(struct filter_head *
 * XXX apply default overrides. Not yet possible, mainly a parse.y
 * problem.
 */
-   /* rde_apply_set(asp, set, af, NULL ???, DIR_IN); */
+   /* rde_apply_set(asp, set, af, &state, DIR_IN); */
 
/*
 * XXX this is ugly because we need to have a prefix for rde_filter()

Re: inteldrm: Use "the flush page mechanism" only on chips having it.

[Mark Kettenis]

> Date: Thu, 9 May 2019 22:26:52 +1000
> From: Jonathan Gray 
> 
> On Thu, May 09, 2019 at 07:45:37AM +0200, Alexandre Ratchov wrote:
> > In the intel_gtt_chipset_setup() routine, called at initialization,
> > the driver maps pci space for certain chip models only, but later in
> > intel_gtt_chipset_flush() it calls bus_space_write() on it in cases
> > it's not initialized.
> > 
> > This results in crashes during boot with "Pineview" generation chips,
> > which are "gen == 3", but, according to intel_gtt_chipset_setup() have
> > no flush page mechanism.
> > 
> > Fix this by adding a flag indicating whether the feature is available
> > or not. Then use the flag to check if it's OK to write to the pci
> > space. This is the what the driver did before the 14 april update.
> > 
> > OK?
> > 
> > FWIW, first it looked surprising to do nothing in
> > intel_gtt_chipset_flush(), so I also tried to call the "gen < 3"
> > code. It works as well.
> 
> intel_gtt_chipset_setup() is wrong the 915/945 ifp setup should be used
> on pineview as well.  g33 is the only gen3 that is different.
> 
> This was apparently missed in
> 
> 
> revision 1.78
> date: 2010/05/12 16:20:00;  author: oga;  state: Exp;  lines: +2 -0;
> Add Pineview M to intagp and inteldrm.
> 
> Tested (and initial tweaked diff) from Erik Mugele; thanks!
> 
> 
> The original ifp setup bits were added in sys/dev/pci/drm/i915_drv.c
> rev 1.45 and the ifp setup we use today come from that.

Looks good to me.

> Index: intel_gtt.c
> ===
> RCS file: /cvs/src/sys/dev/pci/drm/i915/intel_gtt.c,v
> retrieving revision 1.2
> diff -u -p -r1.2 intel_gtt.c
> --- intel_gtt.c   14 Apr 2019 10:14:52 -  1.2
> +++ intel_gtt.c   9 May 2019 12:07:01 -
> @@ -130,11 +130,10 @@ intel_gtt_chipset_setup(struct drm_devic
>   }
>  
>   /* Set up the IFP for chipset flushing */
> - if (IS_I915G(dev_priv) || IS_I915GM(dev_priv) || IS_I945G(dev_priv) ||
> - IS_I945GM(dev_priv)) {
> - i915_alloc_ifp(dev_priv, &bpa);
> - } else if (INTEL_GEN(dev_priv) >= 4 || IS_G33(dev_priv)) {
> + if (INTEL_GEN(dev_priv) >= 4 || IS_G33(dev_priv)) {
>   i965_alloc_ifp(dev_priv, &bpa);
> + } else if (INTEL_GEN(dev_priv) == 3) {
> + i915_alloc_ifp(dev_priv, &bpa);
>   } else {
>   int nsegs;
>   /*
> 
> 

Re: stack trace / free(0) in isascan()

[Ted Unangst]

Sebastien Marie wrote:
> 
> So calling free() with cf->cf_attach->ca_devsize should be fine.
> Diff below.

ok. didn't get to this one yet.

Re: Reorder comic fonts used in error pages for httpd(8) and relayd(8)

[Reyk Floeter]

Thanks for your patch!

So we have to figure out if people prefer the new fonts or the classic Comic 
Sans MS font.

It is style vs. authenticity.

But I think your suggestion is OK.

Reyk

> Am 09.05.2019 um 15:34 schrieb Nathan Galt :
> 
> I happened upon , currently a 404 Not 
> Found page, and noticed that its font ordering was odd. While I appreciate 
> the httpd author's attempt to inject a bit of fun into error pages, the 
> ordering of the fonts in the font-family property could be improved. 
> Currently, all devices that have Chalkboard SE installed (iOS, macOS) also 
> have Comic Sans MS installed. This means that Apple-device users aren't 
> getting the best comic font available on their system. Windows users are in a 
> similar situation; even if some of them install Comic Neue, Comic Sans MS 
> will be chosen first as Comic Sans MS comes with Windows, too.
> 
> Since the font stack appears to be crafted to pick the best-available comic 
> font, I'm submitting this patch so viewers of httpd and relayd error pages 
> get the best-available preinstalled comic font.
> 
> Apologies if I've submitted the patch incorrectly; this is my first time 
> posting in tech@.
> 
> diff --git usr.sbin/httpd/server_http.c usr.sbin/httpd/server_http.c
> index 817588e2278..bc11700a92a 100644
> --- usr.sbin/httpd/server_http.c
> +++ usr.sbin/httpd/server_http.c
> @@ -923,7 +923,7 @@ server_abort_http(struct client *clt, unsigned int code, 
> const char *msg)
> 
>/* A CSS stylesheet allows minimal customization by the user */
>style = "body { background-color: white; color: black; font-family: "
> -"'Comic Sans MS', 'Chalkboard SE', 'Comic Neue', sans-serif; }\n"
> +"'Chalkboard SE', 'Comic Neue', 'Comic Sans MS', sans-serif; }\n"
>"hr { border: 0; border-bottom: 1px dashed; }\n";
> 
>/* Generate simple HTML error document */
> diff --git usr.sbin/relayd/relay_http.c usr.sbin/relayd/relay_http.c
> index f31c7e6e183..4153f53cca8 100644
> --- usr.sbin/relayd/relay_http.c
> +++ usr.sbin/relayd/relay_http.c
> @@ -1052,7 +1052,7 @@ relay_abort_http(struct rsession *con, u_int code, 
> const char *msg,
>/* A CSS stylesheet allows minimal customization by the user */
>style = (rlay->rl_proto->style != NULL) ? rlay->rl_proto->style :
>"body { background-color: #a0; color: white; font-family: "
> -"'Comic Sans MS', 'Chalkboard SE', 'Comic Neue', sans-serif; }\n"
> +"'Chalkboard SE', 'Comic Neue', 'Comic Sans MS', sans-serif; }\n"
>"hr { border: 0; border-bottom: 1px dashed; }\n";
> 
>/* Generate simple HTTP+HTML error document */
> 

Reorder comic fonts used in error pages for httpd(8) and relayd(8)

[Nathan Galt]

I happened upon , currently a 404 Not 
Found page, and noticed that its font ordering was odd. While I appreciate the 
httpd author's attempt to inject a bit of fun into error pages, the ordering of 
the fonts in the font-family property could be improved. Currently, all devices 
that have Chalkboard SE installed (iOS, macOS) also have Comic Sans MS 
installed. This means that Apple-device users aren't getting the best comic 
font available on their system. Windows users are in a similar situation; even 
if some of them install Comic Neue, Comic Sans MS will be chosen first as Comic 
Sans MS comes with Windows, too.

Since the font stack appears to be crafted to pick the best-available comic 
font, I'm submitting this patch so viewers of httpd and relayd error pages get 
the best-available preinstalled comic font.

Apologies if I've submitted the patch incorrectly; this is my first time 
posting in tech@.

diff --git usr.sbin/httpd/server_http.c usr.sbin/httpd/server_http.c
index 817588e2278..bc11700a92a 100644
--- usr.sbin/httpd/server_http.c
+++ usr.sbin/httpd/server_http.c
@@ -923,7 +923,7 @@ server_abort_http(struct client *clt, unsigned int code, 
const char *msg)
 
/* A CSS stylesheet allows minimal customization by the user */
style = "body { background-color: white; color: black; font-family: "
-   "'Comic Sans MS', 'Chalkboard SE', 'Comic Neue', sans-serif; }\n"
+   "'Chalkboard SE', 'Comic Neue', 'Comic Sans MS', sans-serif; }\n"
"hr { border: 0; border-bottom: 1px dashed; }\n";
 
/* Generate simple HTML error document */
diff --git usr.sbin/relayd/relay_http.c usr.sbin/relayd/relay_http.c
index f31c7e6e183..4153f53cca8 100644
--- usr.sbin/relayd/relay_http.c
+++ usr.sbin/relayd/relay_http.c
@@ -1052,7 +1052,7 @@ relay_abort_http(struct rsession *con, u_int code, const 
char *msg,
/* A CSS stylesheet allows minimal customization by the user */
style = (rlay->rl_proto->style != NULL) ? rlay->rl_proto->style :
"body { background-color: #a0; color: white; font-family: "
-   "'Comic Sans MS', 'Chalkboard SE', 'Comic Neue', sans-serif; }\n"
+   "'Chalkboard SE', 'Comic Neue', 'Comic Sans MS', sans-serif; }\n"
"hr { border: 0; border-bottom: 1px dashed; }\n";
 
/* Generate simple HTTP+HTML error document */

relayd: SNI

[Reyk Floeter]

Hi,

this diff adds SNI support to relayd.

It is a bit big and I have to break it down, but I'm sending this
first version now to give people a chance to test.  The major
"infrastructure" change is that keypairs are not stored in relay
structs anymore but in a global list where each keypair ("cert") is
associated to a relay id.

relayd currently loads the keypair using the listen address as the
file name for the .key and .crt files.  I decided to keep this
behavior.  The new optional "tls keypair" argument allows to specify
one or more keypairs by name instead and they will be loaded as .key
and .crt files accordingly.

```relayd.conf
protocol foo {
tls keypair "localhost"
tls keypair "server"
# Or: tls { keypair "localhost", keypair "server" }
}

relay assl {
listen on 127.0.0.1 port 443 tls
protocol foo
forward to 199.233.217.205 port 80
}
```

Results in:
relay_load_certfiles: using certificate /etc/ssl/localhost.crt
relay_load_certfiles: using private key /etc/ssl/private/localhost.key
relay_load_certfiles: using certificate /etc/ssl/server.crt
relay_load_certfiles: using private key /etc/ssl/private/server.key

Connecting to relayd now gives you certificates based on the server
name, using the first one as the default.

Comments?

Reyk

Index: usr.sbin/relayd/ca.c
===
RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
retrieving revision 1.34
diff -u -p -u -p -r1.34 ca.c
--- usr.sbin/relayd/ca.c19 Sep 2018 11:28:02 -  1.34
+++ usr.sbin/relayd/ca.c9 May 2019 12:35:40 -
@@ -108,56 +108,60 @@ hash_x509(X509 *cert, char *hash, size_t
 void
 ca_launch(void)
 {
-   char hash[TLS_CERT_HASH_SIZE];
-   char*buf;
-   BIO *in = NULL;
-   EVP_PKEY*pkey = NULL;
-   struct relay*rlay;
-   X509*cert = NULL;
-   off_tlen;
+   char hash[TLS_CERT_HASH_SIZE];
+   char*buf;
+   BIO *in = NULL;
+   EVP_PKEY*pkey = NULL;
+   struct relay*rlay;
+   struct relay_cert   *cert;
+   X509*x509 = NULL;
+   off_tlen;
 
-   TAILQ_FOREACH(rlay, env->sc_relays, rl_entry) {
-   if ((rlay->rl_conf.flags & (F_TLS|F_TLSCLIENT)) == 0)
+   TAILQ_FOREACH(cert, env->sc_certs, cert_entry) {
+   if (cert->cert_fd == -1 || cert->cert_key_fd == -1)
continue;
 
-   if (rlay->rl_tls_cert_fd != -1) {
-   if ((buf = relay_load_fd(rlay->rl_tls_cert_fd,
-   &len)) == NULL)
-   fatal("ca_launch: cert relay_load_fd");
+   if ((buf = relay_load_fd(cert->cert_fd, &len)) == NULL)
+   fatal("ca_launch: cert relay_load_fd");
 
-   if ((in = BIO_new_mem_buf(buf, len)) == NULL)
-   fatalx("ca_launch: cert BIO_new_mem_buf");
+   if ((in = BIO_new_mem_buf(buf, len)) == NULL)
+   fatalx("ca_launch: cert BIO_new_mem_buf");
 
-   if ((cert = PEM_read_bio_X509(in, NULL,
-   NULL, NULL)) == NULL)
-   fatalx("ca_launch: cert PEM_read_bio_X509");
+   if ((x509 = PEM_read_bio_X509(in, NULL,
+   NULL, NULL)) == NULL)
+   fatalx("ca_launch: cert PEM_read_bio_X509");
 
-   hash_x509(cert, hash, sizeof(hash));
+   hash_x509(x509, hash, sizeof(hash));
 
-   BIO_free(in);
-   X509_free(cert);
-   purge_key(&buf, len);
-   }
-   if (rlay->rl_conf.tls_key_len) {
-   if ((in = BIO_new_mem_buf(rlay->rl_tls_key,
-   rlay->rl_conf.tls_key_len)) == NULL)
-   fatalx("%s: key", __func__);
-
-   if ((pkey = PEM_read_bio_PrivateKey(in,
-   NULL, NULL, NULL)) == NULL)
-   fatalx("%s: PEM", __func__);
-   BIO_free(in);
+   BIO_free(in);
+   X509_free(x509);
+   purge_key(&buf, len);
 
-   rlay->rl_tls_pkey = pkey;
+   if ((buf = relay_load_fd(cert->cert_key_fd, &len)) == NULL)
+   fatal("ca_launch: key relay_load_fd");
 
-   if (pkey_add(env, pkey, hash) == NULL)
-   fatalx("tls pkey");
+   if ((in = BIO_new_mem_buf(buf, len)) == NULL)
+   fatalx("%s: key", __func__);
 
-   purge_key(&rlay->rl_tls_key,
-   rlay->rl_conf.tls_key_len);
-   }
+

less(1) UTF-8 cleanup: cmd_putstr()

[Ingo Schwarze]

Hi,

let's start tackling the last file which is using stuff from charset.c:
the file cmdbuf.c.  The first dirty function is cmd_putstr().
Fortunately, it doesn't actually need to handle non-ASCII characters.

The function cmd_putstr() is called only from command.c.
Almost all callers pass literal ASCII strings.
The only exception is start_mca(), which passes on its second argument.
Again, almost all callers of start_mca() pass literal ASCII strings.
The only exception is mca_opt_char(), which passes the return value
of opt_prompt(), defined in option.c.

The argument of opt_prompt() is the static variable curropt,
which is only set to non-NULL from findopt_name() or findopt() in opttbl.c.
Both of these functions only ever return literal ASCII strings contained
in the static struct loption option[].

To summarize, cmd_putstr() is only ever called with ASCII strings,
so it can be radically simplified, deleting two LWCHAR variables,
one call to step_char(), is_composing_char(), is_combining_char(),
and is_wide_char() each.

OK?
  Ingo


Index: cmdbuf.c
===
RCS file: /cvs/src/usr.bin/less/cmdbuf.c,v
retrieving revision 1.16
diff -u -p -r1.16 cmdbuf.c
--- cmdbuf.c17 Sep 2016 15:06:41 -  1.16
+++ cmdbuf.c9 May 2019 12:22:51 -
@@ -117,29 +117,16 @@ clear_cmd(void)
 }
 
 /*
- * Display a string, usually as a prompt for input into the command buffer.
+ * Display an ASCII string, usually as a prompt for input,
+ * into the command buffer.
  */
 void
 cmd_putstr(char *s)
 {
-   LWCHAR prev_ch = 0;
-   LWCHAR ch;
-   char *endline = s + strlen(s);
while (*s != '\0') {
-   char *ns = s;
-   ch = step_char(&ns, +1, endline);
-   while (s < ns)
-   putchr(*s++);
-   if (!utf_mode) {
-   cmd_col++;
-   prompt_col++;
-   } else if (!is_composing_char(ch) &&
-   !is_combining_char(prev_ch, ch)) {
-   int width = is_wide_char(ch) ? 2 : 1;
-   cmd_col += width;
-   prompt_col += width;
-   }
-   prev_ch = ch;
+   putchr(*s++);
+   cmd_col++;
+   prompt_col++;
}
 }
 

Re: stack trace / free(0) in isascan()

[Hrvoje Popovski]

On 9.5.2019. 11:14, Sebastien Marie wrote:
> On Thu, May 09, 2019 at 10:55:44AM +0200, Hrvoje Popovski wrote:
>>
>> with this diff i'm getting new traces
> 
> it is (somehow) expected.
> 
> the commit that starts showing traces do the following:
> - when there is missing size on free() reports it (with a backtrace to know 
> the caller)
> - but report only a fixed number of calls (5), because else users will be mad
> 
> so by correcting some sizes it makes others calls to free() to be visible.
> 
>> free with zero size: (127)
>> Starting stack trace...
>> free(8013f800,7f,0,8013f800,cf43c4f465ef43f8,0) at free+0xd8
>> uhidev_attach(80071200,8014ed00,8000224a40a0,80071200,89eb6e07df884e85,80071200)
>>  at uhidev_attach+0x1b4
> 
>> free with zero size: (127)
>> Starting stack trace...
>> free(8013f800,7f,0,8013f800,cf43c4f465284bc3,0) at free+0xd8
>> hid_report_size(80070c00,41,0,0,764c887b264d079f,0) at 
>> hid_report_size+0x10f
> 
>> free with zero size: (127)
>> Starting stack trace...
>> free(8013f800,7f,0,8013f800,cf43c4f465284185,0) at free+0xd8
>> hid_is_collection(80070c00,41,ff,10006,a6cb281b8426ee7e,81cf60e0)
>>  at hid_is_collection+0xe9
> 
>> free with zero size: (127)
>> Starting stack trace...
>> free(8013f800,7f,0,8013f800,cf43c4f465284185,0) at free+0xd8
>> hid_is_collection(80070c00,41,ff,10001,a6cb281b844568dc,81cf6118)
>>  at hid_is_collection+0xe9
> 
>> free with zero size: (127)
>> Starting stack trace...
>> free(8013f800,7f,0,8013f800,cf43c4f465284185,0) at free+0xd8
>> hid_is_collection(80070c00,41,ff,10002,a6cb281b844568fc,3) at 
>> hid_is_collection+0xe9
> 
> I am leaving others free() calls to people that would like to play this game 
> too.
> 

traces from different pc

free with zero size: (2)
Starting stack trace...
free(800dc000,2,0,800dc000,bccbb3f663e5b90b,0) at free+0xd8
azalia_mixer_delete(800d9410,800d9410,12eae783e6f10d36,800d9410,815389e0,82004a20)
at azalia_mixer_delete+0x30
azalia_codec_delete(800d9410,800d9410,fb5581cc816e9ad6,800b6c00,814e84ed,82004a50)
at azalia_codec_delete+0x1d
azalia_init_codecs(800b6c00,800b6c00,d1d8bb30647efc90,82004b90,800b6c00,0)
at azalia_init_codecs+0x344
azalia_pci_attach(800c6800,800b6c00,82004b90,800c6800,6a09b45b25c7514b,800c6800)
at azalia_pci_attach+0x21f
config_attach(800c6800,81d2c1f8,82004b90,815ad6c0,fb1ef9caf20ebad0,8000d800)
at config_attach+0x1ee
pci_probe_device(800c6800,8000d800,0,0,271a74bc17e998d4,0) at
pci_probe_device+0x4c0
pci_enumerate_bus(800c6800,0,0,800c6800,7473f8bb614e5ef1,80026100)
at pci_enumerate_bus+0xb7
config_attach(80026100,81d2be08,82004db8,8143f230,fb1ef9caf2179750,82004db8)
at config_attach+0x1ee
mainbus_attach(0,80026100,0,0,7473f8bb614e5ef1,0) at
mainbus_attach+0x280
config_attach(0,81d2b938,0,0,fb1ef9caf259a843,2c5dc00) at
config_attach+0x1ee
cpu_configure(fb1ef9caf20e9d69,2c5dc00,0,80027000,810dce43,82004f00)
at cpu_configure+0x33
main(0,0,2c5dc00,0,10ff8c0,1) at main+0x4a9
end trace frame: 0x0, count: 244
End of stack trace.
free with zero size: (2)
Starting stack trace...
free(800b9e00,2,0,800b9e00,bccbb3f663f8b5ee,0) at free+0xd8
azalia_codec_delete(800d9410,800d9410,fb5581cc816e9ad6,800b6c00,814e8505,82004a50)
at azalia_codec_delete+0x35
azalia_init_codecs(800b6c00,800b6c00,d1d8bb30647efc90,82004b90,800b6c00,0)
at azalia_init_codecs+0x344
azalia_pci_attach(800c6800,800b6c00,82004b90,800c6800,6a09b45b25c7514b,800c6800)
at azalia_pci_attach+0x21f
config_attach(800c6800,81d2c1f8,82004b90,815ad6c0,fb1ef9caf20ebad0,8000d800)
at config_attach+0x1ee
pci_probe_device(800c6800,8000d800,0,0,271a74bc17e998d4,0) at
pci_probe_device+0x4c0
pci_enumerate_bus(800c6800,0,0,800c6800,7473f8bb614e5ef1,80026100)
at pci_enumerate_bus+0xb7
config_attach(80026100,81d2be08,82004db8,8143f230,fb1ef9caf2179750,82004db8)
at config_attach+0x1ee
mainbus_attach(0,80026100,0,0,7473f8bb614e5ef1,0) at
mainbus_attach+0x280
config_attach(0,81d2b938,0,0,fb1ef9caf259a843,2c5dc00) at
config_attach+0x1ee
cpu_configure(fb1ef9caf20e9d69,2c5dc00,0,80027000,810dce43,82004f00)
at cpu_configure+0x33
main(0,0,2c5dc00,0,10ff8c0,1) at main+0x4a9
end trace frame: 0x0, count: 245
End of stack trace.
free with zero size: (2)
Starting stack trace...
free(80028890,2,0,80028890,bccbb3f663f8b5d8,0) at fre

Re: inteldrm: Use "the flush page mechanism" only on chips having it.

[Jonathan Gray]

On Thu, May 09, 2019 at 07:45:37AM +0200, Alexandre Ratchov wrote:
> In the intel_gtt_chipset_setup() routine, called at initialization,
> the driver maps pci space for certain chip models only, but later in
> intel_gtt_chipset_flush() it calls bus_space_write() on it in cases
> it's not initialized.
> 
> This results in crashes during boot with "Pineview" generation chips,
> which are "gen == 3", but, according to intel_gtt_chipset_setup() have
> no flush page mechanism.
> 
> Fix this by adding a flag indicating whether the feature is available
> or not. Then use the flag to check if it's OK to write to the pci
> space. This is the what the driver did before the 14 april update.
> 
> OK?
> 
> FWIW, first it looked surprising to do nothing in
> intel_gtt_chipset_flush(), so I also tried to call the "gen < 3"
> code. It works as well.

intel_gtt_chipset_setup() is wrong the 915/945 ifp setup should be used
on pineview as well.  g33 is the only gen3 that is different.

This was apparently missed in


revision 1.78
date: 2010/05/12 16:20:00;  author: oga;  state: Exp;  lines: +2 -0;
Add Pineview M to intagp and inteldrm.

Tested (and initial tweaked diff) from Erik Mugele; thanks!


The original ifp setup bits were added in sys/dev/pci/drm/i915_drv.c
rev 1.45 and the ifp setup we use today come from that.

Index: intel_gtt.c
===
RCS file: /cvs/src/sys/dev/pci/drm/i915/intel_gtt.c,v
retrieving revision 1.2
diff -u -p -r1.2 intel_gtt.c
--- intel_gtt.c 14 Apr 2019 10:14:52 -  1.2
+++ intel_gtt.c 9 May 2019 12:07:01 -
@@ -130,11 +130,10 @@ intel_gtt_chipset_setup(struct drm_devic
}
 
/* Set up the IFP for chipset flushing */
-   if (IS_I915G(dev_priv) || IS_I915GM(dev_priv) || IS_I945G(dev_priv) ||
-   IS_I945GM(dev_priv)) {
-   i915_alloc_ifp(dev_priv, &bpa);
-   } else if (INTEL_GEN(dev_priv) >= 4 || IS_G33(dev_priv)) {
+   if (INTEL_GEN(dev_priv) >= 4 || IS_G33(dev_priv)) {
i965_alloc_ifp(dev_priv, &bpa);
+   } else if (INTEL_GEN(dev_priv) == 3) {
+   i915_alloc_ifp(dev_priv, &bpa);
} else {
int nsegs;
/*

Re: less discriminatory battlestar

[Sebastian Benoit]

Ted Unangst(t...@tedunangst.com) on 2019.05.08 23:39:30 -0400:
> there are lists of annointed usernames in battlestar. this creates an unfair
> playing field! worse, there is a list of "bad" people! and i'm almost one of
> them!

ok, but i think you need krw@ to ok it too.

> -static const char *const badguys[] = {
> -   "wnj",
> -   "root",
> -   "ted",
> -   0
> -};
> 
> 
> Index: com1.c
> ===
> RCS file: /home/cvs/src/games/battlestar/com1.c,v
> retrieving revision 1.15
> diff -u -p -r1.15 com1.c
> --- com1.c31 Dec 2015 17:51:19 -  1.15
> +++ com1.c9 May 2019 03:31:36 -
> @@ -129,7 +129,7 @@ news(void)
>   }
>   rythmn = ourtime - ourtime % CYCLE;
>   }
> - if (!wiz && !tempwiz)
> + if (!tempwiz)
>   if ((TestBit(inven, TALISMAN) || TestBit(wear, TALISMAN)) && 
> (TestBit(inven, MEDALION) || TestBit(wear, MEDALION)) && (TestBit(inven, 
> AMULET) || TestBit(wear, AMULET))) {
>   tempwiz = 1;
>   puts("The three amulets glow and reenforce each other 
> in power.\nYou are now a wizard.");
> Index: com4.c
> ===
> RCS file: /home/cvs/src/games/battlestar/com4.c,v
> retrieving revision 1.15
> diff -u -p -r1.15 com4.c
> --- com4.c31 Dec 2015 17:51:19 -  1.15
> +++ com4.c9 May 2019 03:32:49 -
> @@ -53,7 +53,7 @@ take(unsigned int from[])
>   printf("%s:\n", objsht[value]);
>   heavy = (carrying + objwt[value]) <= WEIGHT;
>   bulky = (encumber + objcumber[value]) <= CUMBER;
> - if ((TestBit(from, value) || wiz || tempwiz) && heavy 
> && bulky && !TestBit(inven, value)) {
> + if ((TestBit(from, value) || tempwiz) && heavy && bulky 
> && !TestBit(inven, value)) {
>   SetBit(inven, value);
>   carrying += objwt[value];
>   encumber += objcumber[value];
> Index: com6.c
> ===
> RCS file: /home/cvs/src/games/battlestar/com6.c,v
> retrieving revision 1.24
> diff -u -p -r1.24 com6.c
> --- com6.c7 Feb 2018 20:22:23 -   1.24
> +++ com6.c9 May 2019 03:33:19 -
> @@ -130,13 +130,10 @@ post(char ch)
>  
>   if (score_fp != NULL) {
>   fprintf(score_fp, "%s  %31s  %c%20s", date, username, ch, 
> rate());
> - if (wiz)
> - fprintf(score_fp, "   wizard\n");
> + if (tempwiz)
> + fprintf(score_fp, "   WIZARD!\n");
>   else
> - if (tempwiz)
> - fprintf(score_fp, "   WIZARD!\n");
> - else
> - fprintf(score_fp, "\n");
> + fprintf(score_fp, "\n");
>   }
>   sigprocmask(SIG_SETMASK, &osigset, (sigset_t *)0);
>  }
> Index: cypher.c
> ===
> RCS file: /home/cvs/src/games/battlestar/cypher.c,v
> retrieving revision 1.19
> diff -u -p -r1.19 cypher.c
> --- cypher.c  31 Dec 2015 17:51:19 -  1.19
> +++ cypher.c  9 May 2019 03:34:13 -
> @@ -105,7 +105,7 @@ cypher(void)
>   break;
>  
>   case UP:
> - if (location[position].access || wiz || tempwiz) {
> + if (location[position].access || tempwiz) {
>   if (!location[position].access)
>   puts("Zap!  A gust of wind lifts you 
> up.");
>   if (!moveplayer(location[position].up, AHEAD))
> @@ -318,7 +318,7 @@ cypher(void)
>   break;
>  
>   case SU:
> - if (wiz || tempwiz) {
> + if (tempwiz) {
>   getnum(&position, "\nRoom (was %d) = ", 
> position);
>   getnum(&ourtime, "Time (was %d) = ", ourtime);
>   getnum(&fuel, "Fuel (was %d) = ", fuel);
> @@ -326,8 +326,8 @@ cypher(void)
>   getnum(&CUMBER, "CUMBER (was %d) = ", CUMBER);
>   getnum(&WEIGHT, "WEIGHT (was %d) = ", WEIGHT);
>   getnum(&ourclock, "Clock (was %d) = ", 
> ourclock);
> - if (getnum(&junk, "Wizard (was %d, %d) = ", 
> wiz, tempwiz) != -1 && !junk)
> - tempwiz = wiz = 0;
> + if (getnum(&junk, "Wizard (was %d) = ", 
> tempwiz) != -1 && !junk)
> + tempwiz = 0;
>   printf("\nDONE.\n");
>   return (0); /* No commands after a SU */
>  

Re: stack trace / free(0) in isascan()

[Sebastien Marie]

On Thu, May 09, 2019 at 10:55:44AM +0200, Hrvoje Popovski wrote:
> 
> with this diff i'm getting new traces

it is (somehow) expected.

the commit that starts showing traces do the following:
- when there is missing size on free() reports it (with a backtrace to know the 
caller)
- but report only a fixed number of calls (5), because else users will be mad

so by correcting some sizes it makes others calls to free() to be visible.

> free with zero size: (127)
> Starting stack trace...
> free(8013f800,7f,0,8013f800,cf43c4f465ef43f8,0) at free+0xd8
> uhidev_attach(80071200,8014ed00,8000224a40a0,80071200,89eb6e07df884e85,80071200)
>  at uhidev_attach+0x1b4

> free with zero size: (127)
> Starting stack trace...
> free(8013f800,7f,0,8013f800,cf43c4f465284bc3,0) at free+0xd8
> hid_report_size(80070c00,41,0,0,764c887b264d079f,0) at 
> hid_report_size+0x10f

> free with zero size: (127)
> Starting stack trace...
> free(8013f800,7f,0,8013f800,cf43c4f465284185,0) at free+0xd8
> hid_is_collection(80070c00,41,ff,10006,a6cb281b8426ee7e,81cf60e0)
>  at hid_is_collection+0xe9

> free with zero size: (127)
> Starting stack trace...
> free(8013f800,7f,0,8013f800,cf43c4f465284185,0) at free+0xd8
> hid_is_collection(80070c00,41,ff,10001,a6cb281b844568dc,81cf6118)
>  at hid_is_collection+0xe9

> free with zero size: (127)
> Starting stack trace...
> free(8013f800,7f,0,8013f800,cf43c4f465284185,0) at free+0xd8
> hid_is_collection(80070c00,41,ff,10002,a6cb281b844568fc,3) at 
> hid_is_collection+0xe9

I am leaving others free() calls to people that would like to play this game 
too.
-- 
Sebastien Marie

Re: stack trace / free(0) in isascan()

[Hrvoje Popovski]

On 9.5.2019. 10:35, Sebastien Marie wrote:
> On Thu, May 09, 2019 at 10:12:49AM +0200, Hrvoje Popovski wrote:
>> Hi all,
>>
>> i update kernel from cvs few minutes ago and i'm seeing this stack trace
>> in dmesg. i'm just reporting it.
> 
> The principe of the game is to look at the free() call that still use 0
> as size, and found the right size to fill it.
> 
>> free with zero size: (2)
>> Starting stack trace...
>> free(80074100,2,0,80074100,1d5a05b47900fbf4,81d287e8)
>>  at free+0xd8
>> isascan(80101200,80074100,9563e4d9af15796a,81618690,80101200,81d16d01)
>>  at isascan+0x3f8
> 
> Here, isascan() calls free() on dev (a struct device).
> 
> the related malloc() call is done by config_make_softc() at line 248:
>247  config_attach(parent, dev, &ia2, isaprint);
>248  dev = config_make_softc(parent, cf);
> 
> The size used for malloc() is :
> 
> kern/subr_autoconf.c
>417  struct device *
>418  config_make_softc(struct device *parent, struct cfdata *cf)
>419  {
>420  struct device *dev;
>421  struct cfdriver *cd;
>422  struct cfattach *ca;
>423
>424  cd = cf->cf_driver;
>425  ca = cf->cf_attach;
>426  if (ca->ca_devsize < sizeof(struct device))
>427  panic("config_make_softc");
>428
>429  /* get memory for all device vars */
>430  dev = malloc(ca->ca_devsize, M_DEVBUF, M_NOWAIT|M_ZERO);
>431  if (dev == NULL)
>432  panic("config_make_softc: allocation for device softc 
> failed");
> 
> 
> So calling free() with cf->cf_attach->ca_devsize should be fine.
> Diff below.
> 
> OK ?
> 

with this diff i'm getting new traces

dmesg

OpenBSD 6.5-current (GENERIC.MP) #2: Thu May  9 10:48:28 CEST 2019
r...@r620-1.srce.hr:/sys/arch/amd64/compile/GENERIC.MP
real mem = 17115840512 (16322MB)
avail mem = 16587034624 (15818MB)
mpath0 at root
scsibus0 at mpath0: 256 targets
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xcf42c000 (99 entries)
bios0: vendor Dell Inc. version "2.7.0" date 05/23/2018
bios0: Dell Inc. PowerEdge R620
acpi0 at bios0: rev 2
acpi0: sleep states S0 S4 S5
acpi0: tables DSDT FACP APIC SPCR HPET DMAR MCFG WDAT SLIC ERST HEST
BERT EINJ TCPA PC__ SRAT SSDT
acpi0: wakeup devices PCI0(S5)
acpitimer0 at acpi0: 3579545 Hz, 24 bits
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 4 (boot processor)
cpu0: Intel(R) Xeon(R) CPU E5-2643 v2 @ 3.50GHz, 3600.45 MHz, 06-3e-04
cpu0:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu0: 256KB 64b/line 8-way L2 cache
cpu0: smt 0, core 2, package 0
mtrr: Pentium Pro MTRR support, 10 var ranges, 88 fixed ranges
cpu0: apic clock running at 99MHz
cpu0: mwait min=64, max=64, C-substates=0.2.1.1, IBE
cpu1 at mainbus0: apid 6 (application processor)
cpu1: Intel(R) Xeon(R) CPU E5-2643 v2 @ 3.50GHz, 3600.00 MHz, 06-3e-04
cpu1:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu1: 256KB 64b/line 8-way L2 cache
cpu1: smt 0, core 3, package 0
cpu2 at mainbus0: apid 8 (application processor)
cpu2: Intel(R) Xeon(R) CPU E5-2643 v2 @ 3.50GHz, 3600.00 MHz, 06-3e-04
cpu2:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu2: 256KB 64b/line 8-way L2 cache
cpu2: smt 0, core 4, package 0
cpu3 at mainbus0: apid 16 (application processor)
cpu3: Intel(R) Xeon(R) CPU E5-2643 v2 @ 3.50GHz, 3600.00 MHz, 06-3e-04
cpu3:
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,DCA,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,NXE,PAGE1GB,RDTSCP,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,IBRS,IBPB,STIBP,L1DF,SSBD,SENSOR,ARAT,XSAVEOPT,MELTDOWN
cpu3: 256KB 64b/line 8-way L2 cache
cpu3: smt 0, core 8, package 0
cpu4 at mainbus0: apid 18 (application processor)
cpu4: Intel(R) Xeon(R)

Re: stack trace / free(0) in isascan()

[Sebastien Marie]

On Thu, May 09, 2019 at 10:12:49AM +0200, Hrvoje Popovski wrote:
> Hi all,
> 
> i update kernel from cvs few minutes ago and i'm seeing this stack trace
> in dmesg. i'm just reporting it.

The principe of the game is to look at the free() call that still use 0
as size, and found the right size to fill it.

> free with zero size: (2)
> Starting stack trace...
> free(80074100,2,0,80074100,1d5a05b47900fbf4,81d287e8) 
> at free+0xd8
> isascan(80101200,80074100,9563e4d9af15796a,81618690,80101200,81d16d01)
>  at isascan+0x3f8

Here, isascan() calls free() on dev (a struct device).

the related malloc() call is done by config_make_softc() at line 248:
   247  config_attach(parent, dev, &ia2, isaprint);
   248  dev = config_make_softc(parent, cf);

The size used for malloc() is :

kern/subr_autoconf.c
   417  struct device *
   418  config_make_softc(struct device *parent, struct cfdata *cf)
   419  {
   420  struct device *dev;
   421  struct cfdriver *cd;
   422  struct cfattach *ca;
   423
   424  cd = cf->cf_driver;
   425  ca = cf->cf_attach;
   426  if (ca->ca_devsize < sizeof(struct device))
   427  panic("config_make_softc");
   428
   429  /* get memory for all device vars */
   430  dev = malloc(ca->ca_devsize, M_DEVBUF, M_NOWAIT|M_ZERO);
   431  if (dev == NULL)
   432  panic("config_make_softc: allocation for device softc 
failed");


So calling free() with cf->cf_attach->ca_devsize should be fine.
Diff below.

OK ?
-- 
Sebastien Marie

Index: dev/isa/isa.c
===
RCS file: /cvs/src/sys/dev/isa/isa.c,v
retrieving revision 1.46
diff -u -p -r1.46 isa.c
--- dev/isa/isa.c   25 May 2015 15:19:22 -  1.46
+++ dev/isa/isa.c   9 May 2019 08:28:47 -
@@ -257,7 +257,7 @@ isascan(parent, match)
if (autoconf_verbose)
printf(">>> probing for %s* finished\n",
cf->cf_driver->cd_name);
-   free(dev, M_DEVBUF, 0);
+   free(dev, M_DEVBUF, cf->cf_attach->ca_devsize);
return;
}
 
@@ -270,7 +270,7 @@ isascan(parent, match)
!isa_intr_check(sc->sc_ic, ia.ia_irq, IST_EDGE)) {
printf("%s%d: irq %d already in use\n",
cf->cf_driver->cd_name, cf->cf_unit, ia.ia_irq);
-   free(dev, M_DEVBUF, 0);
+   free(dev, M_DEVBUF, cf->cf_attach->ca_devsize);
} else {
 #endif
if (autoconf_verbose)
@@ -291,7 +291,7 @@ isascan(parent, match)
if (autoconf_verbose)
printf(">>> probing for %s%d failed\n",
cf->cf_driver->cd_name, cf->cf_unit);
-   free(dev, M_DEVBUF, 0);
+   free(dev, M_DEVBUF, cf->cf_attach->ca_devsize);
}
 }
 

stack trace

[Hrvoje Popovski]

Hi all,

i update kernel from cvs few minutes ago and i'm seeing this stack trace
in dmesg. i'm just reporting it.


free with zero size: (2)
Starting stack trace...
free(80074100,2,0,80074100,1d5a05b47900fbf4,81d287e8)
at free+0xd8
isascan(80101200,80074100,9563e4d9af15796a,81618690,80101200,81d16d01)
at isascan+0x3f8
config_scan(81618690,80101200,788843d91069b7bd,8006d600,82005c80,81d16d20)
at config_scan+0xc6
config_attach(8006d600,81d285f0,82005c80,81349ac0,5d5d0c36f785b613,80021560)
at config_attach+0x1ee
pcib_callback(8006d600,8006d600,5d5d0c36f7ced75e,0,81d15068,81c3e5f0)
at pcib_callback+0x57
config_process_deferred_children(8001ce00,8001ce00,9a28fdbe853a8244,80027100,82005db8,81d11808)
at config_process_deferred_children+0x8a
config_attach(80027100,81d25f38,82005db8,81715070,5d5d0c36f7c06324,82005db8)
at config_attach+0x1f6
mainbus_attach(0,80027100,0,0,1fd016762ddbd092,0) at
mainbus_attach+0x280
config_attach(0,81d25a68,0,0,5d5d0c36f7e2cbd7,0) at
config_attach+0x1ee
cpu_configure(707e1942dfa51104,0,0,80028000,8153e763,82005f00)
at cpu_configure+0x33
main(0,0,0,0,0,1) at main+0x4a9
end trace frame: 0x0, count: 246
End of stack trace.

Re: [patch] cwm: filter duplicate hostnames in ssh menu

[Thuban]

* Landry Breuil  le [06-05-2019 09:45:08 +0200]:
> On Mon, May 06, 2019 at 08:04:02AM +0200, Bruno Flückiger wrote:
> > On 01.05., Marcus MERIGHI wrote:
> > > Hello,
> > >
> > > o...@demirmen.com (Okan Demirmen), 2019.04.29 (Mon) 16:19 (CEST):
> > > > On Fri 2019.04.26 at 07:15 +0200, Bruno Fl?ckiger wrote:
> > > > > Hi,
> > > > >
> > > > > The ssh menu of cwm(1) doesn't filter duplicated hostnames when 
> > > > > reading
> > > > > them from ~/.ssh/known_hosts. This patch makes sure each hostname is
> > > > > only displayed once to the menu.
> > > >
> > > > Sure, maybe; but why again do we even have this inside a window manager?
> > > > Really, the known_hosts parsing is incomplete at best; either the entire
> > > > parsing code needs to be lifted from ssh or this (mis)feature should be
> > > > removed from cwm. I prefer the latter.
> > >
> > > FWIW, i use "M-period" a lot... are there easy alternatives?
> > >
> > > Marcus
> > >
> > 
> > I'm thinking about transforming the ssh menu into a standalone
> > application. This way the (mis)feature could be removed, but those who
> > like using would get an adequate replacement. Any opinions about that?
> 
> there are already standalone applications that do this among other
> things, https://github.com/davatorium/rofi comes to my mind (yes, it's in
> ports).
> 
> Landry
> 

CWM is a window manager. 
It should manage windows, not ssh IMHO.

I use the following (perfectible) shell script, bind to a key in any
window manager : 


#!/bin/sh
# run ssh session in one hosts listed in 
#   ~/.ssh/config 
#   ~/.ssh/known_hosts
# Require : x11/dmenu 
# Author : thuban 
# Licence : MIT

# term ?
TERMINAL='xterm'

# few options for dmenu
NB="#151515"
NF="#e1e5ea"
SF="#151515"
SB="#75a9e8"
FN="Liberation Mono-12"
PROMPT="ssh host:"
LINES=6

C=~/.ssh/config
K=~/.ssh/known_hosts

HOST=$(
(awk '/Host [^*]/ {print $2}' "${C}"
cut -d' ' -f 1 "${K}" |\
cut -d',' -f1 |\
sed -e 's;\[;;' -e 's;\];;'
) | sort -u \
| dmenu -l ${LINES} \
-fn "${FN}" \
-nb "${NB}" \
-nf "${NF}" \
-sb "${SB}" \
-sf "${SF}" \
-p "${PROMPT}")

if [ -n "${HOST}"]; then
case "${HOST}" in
*:*) "${TERMINAL}" -e "ssh ssh://${HOST}" ;;
*) "${TERMINAL}" -e "ssh ${HOST}" ;;
esac
fi

exit


-- 
thuban