iked config test hanging on 6.0

[Matt Behrens]

I've tried this on a few different systems now, one upgraded from 5.9 to 6.0
with the install CD, one a brand-new 6.0 install. The former is running as a
hosted VM at Vultr, the latter a VMware Fusion machine.

I'm not sure if this is a problem just in a virtual machine context, but I
don't have any physical hardware available to check it on at the moment. As
such, I'm not confident I have a bug, and would appreciate comments from the
community on whether they experience the same problem.

The iked config test in /etc/rc.d/iked hangs fairly reliably. I've ktraced it
and it looks like this when hanging, stopping at the wait4:

 91211 iked CALL  write(2,0x7b37a13ec73,0x11)
 91211 iked GIO   fd 2 wrote 17 bytes
   "configuration OK
   "
 91211 iked RET   write 17/0x11
 91211 iked CALL  kbind(0x7f7ce4f8,24,0x2e9d25833eef97c0)
 91211 iked RET   kbind 0
 91211 iked CALL  kill(-91211,SIGTERM)
 91211 iked RET   kill -1 errno 3 No such process
 91211 iked CALL  kill(-84806,SIGTERM)
 91211 iked RET   kill -1 errno 3 No such process
 91211 iked CALL  kill(-90967,SIGTERM)
 91211 iked RET   kill -1 errno 3 No such process
 91211 iked CALL  kill(-50484,SIGTERM)
 91211 iked RET   kill -1 errno 3 No such process
 91211 iked CALL  kbind(0x7f7ce4f8,24,0x2e9d25833eef97c0)
 91211 iked RET   kbind 0
 91211 iked CALL  wait4(WAIT_ANY,0,0<>,0)

The kill pids are all valid pids (one is the process itself), and earlier in
the ktrace output they were fork results:

 91211 iked CALL  fork()
 91211 iked RET   fork 90967/0x16357
 91211 iked CALL  fork()
 91211 iked RET   fork 84806/0x14b46
 91211 iked CALL  fork()
 91211 iked RET   fork 50484/0xc534

On the Vultr VM, if I run with -d (e.g. rcctl -df start iked), it starts fine.
It seems like this is because iked -n is allowed to output "configuration OK"
to the console. This doesn't work on the VMware Fusion machine.

I can run iked -n just fine without any problem, though on the Vultr machine
sometimes it prints exits for the privsep processes, and not predictably:

# iked -n
configuration OK
ca exiting, pid 8933
# iked -n
configuration OK
ca exiting, pid 46440
# iked -n
configuration OK
ca exiting, pid 99924
# iked -n
configuration OK
ca exiting, pid 57315
ikev2 exiting, pid 38805

On the VMware machine, it always just prints "configuration OK".

Commenting out the config test in /etc/rc.d/iked appears to be a viable
workaround.

To reproduce this on the brand-new VMware machine, I created a basic "road
warrior" config similar to the one I run on the Vultr machine:

# ikectl ca CA create

ikectl.conf:

user username passive

ikev2 'configuration' passive esp \
from 0.0.0.0/0 to 10.0.0.0/24 local any peer any \
src vpn.local \
eap "mschap-v2" \
config address 10.0.0.1 \
config name-server 8.8.8.8

Mbim device umb0 - no authentification?

[Kapfhammer, Stefan]

Hello misc,
hello developers,

‎first of all thank you for the stunning release
of OpenBSD 6.0.
Well, so much improvements. WOW!

I have a builtin UMTS card Ericsson H5321gw.
Until 5.9 I used pppd(1) together with chat(1)
to connect to my mobile provider. Devices
/dev/cuaU0 - /dev/cuaU2

To my surprise I could see today, that this
card is registered as MBIM device umb0.
I created a hostname.umb0 file in /etc
with:

apn internet.telekom
pin 

after 'ifconfig umb0 up'

the blue light at the frontpanel, indicating
UMTS connection, turned on.

'ifconfig umb0' showed up the correct apn,
‎the entered pin as valid, 2 provider given dns servers
as well as a remote and a local ip address.

What I have to give‎, but still missing in the manpage
is the username telekom, the password telekom
and the authentication protocol pap.

Is this work-in-progress and I missed some reading
or what did I wrong? With Telekom DE no packets pass
without authentication.

Have you any advice for me?

Freundliche Grüße / Regards
-stefan kapfhammer

Re: OpenBSD 6.0 released, September 1, 2016

[Scott Bonds]

Thank you! Congratulations on another great release. I can't wait to get 
this deployed on all my boxes. :) Much love to everyone that 
contributed--I'm consistently amazed by the level of awesome that is 
OpenBSD and how it just keeps getting better.


On 09/01, Theo de Raadt wrote:


September 1, 2016.

We are pleased to announce the official release of OpenBSD 6.0.
This is our 40th release on CD-ROM (and 41st via FTP/HTTP).  We remain
proud of OpenBSD's record of more than twenty years with only two remote
holes in the default install.

As in our previous releases, 6.0 provides significant improvements,
including new features, in nearly all areas of the system:

- New/extended platforms:
   o armv7:
  - EFI bootloader added, kernels are now loaded from FFS instead
of FAT or EXT filesystems, without U-Boot headers.
  - A single kernel and ramdisk are now used for all SoCs.
  - Hardware is dynamically enumerated via Flattened Device Tree
(FDT) instead of via static tables based on board id numbers.
  - Miniroot installer images include U-Boot 2016.07 with support
for EFI payloads.
   o vax:
  - Removed.

- Improved hardware support, including:
   o New bytgpio(4) driver for the Intel Bay Trail GPIO controller.
   o New chvgpio(4) driver for the Intel Cherry View GPIO controller.
   o New maxrtc(4) driver for the Maxim DS1307 real time clock.
   o New nvme(4) driver for the Non-Volatile Memory Express (NVMe) host
 controller interface.
   o New pcfrtc(4) driver for the NXP PCF8523 real time clock.
   o New umb(4) driver for the Mobile Broadband Interface Model (MBIM).
   o New ure(4) driver for RealTek RTL8152 based 10/100 USB Ethernet
 devices.
   o New utvfu(4) driver for audio/video capture devices based on the
 Fushicai USBTV007.
   o The iwm(4) driver now supports Intel Wireless 3165 and 8260
 devices, and works more reliably in RAMDISK kernels.
   o Support for I2C HID devices with GPIO signalled interrupts has
 been added to dwiic(4).
   o Support for larger bus widths, high speed modes, and DMA transfers
 has been added to sdmmc(4), rtsx(4), sdhc(4), and imxesdhc(4).
   o Support for EHCI and OHCI compliant USB controllers on Octeon II
 SoCs.
   o Many USB device drivers have been enabled on OpenBSD/octeon.
   o Improved support for hardware-reduced ACPI implementations.
   o Improved support for ACPI 5.0 implementations.
   o AES-NI crypto is now done without holding the kernel lock.
   o Improved AGP support on PowerPC G5 machines.
   o Added support for the SD card slot in Intel Bay Trail SoCs.
   o The ichiic(4) driver now ignores the SMBALERT# interrupt to
 prevent an interrupt storm with buggy BIOS implementations.
   o Device attachment problems with the axen(4) driver have been
 fixed.
   o The ral(4) driver is more stable under load with RT2860 devices.
   o Problems with dead keyboards after resume have been fixed in the
 pckbd(4) driver.
   o The rtsx(4) driver now supports RTS522A devices.
   o Initial support for MSI-X has been added.
   o Support MSI-X in the virtio(4) driver.
   o Added a workaround for hardware DMA overruns to the dc(4) driver.
   o The acpitz(4) driver now spins the fan down after cooling if ACPI
 uses hysteresis for active cooling.
   o The xhci(4) driver now performs handoff from an xHCI-capable BIOS
 correctly.
   o Support for multi-touch input has been added to the wsmouse(4)
 driver.
   o The uslcom(4) driver now supports the serial console of Aruba 7xxx
 wireless controllers.
   o The re(4) driver now works around broken LED configurations in
 APU1 EEPROMs.
   o The ehci(4) driver now works around problems with ATI USB
 controllers (e.g. SB700).
   o The xen(4) driver now supports domU configuration under Qubes OS.

- IEEE 802.11 wireless stack improvements:
   o The HT block ack receive buffer logic follows the algorithm given
 in the 802.11-2012 spec more closely.
   o The iwn(4) driver now keeps track of HT protection changes while
 associated to an 11n AP.
   o The wireless stack and several drivers make more aggressive use of
 RTS/CTS to avoid interference from legacy devices and hidden
 nodes.
   o The netstat(1) -W command now shows information about 802.11n
 events.
   o In hostap mode, do not reuse association IDs of nodes which are
 still cached. Fixes a problem where an access point using the
 ral(4) driver would get stuck at 1 Mbps because Tx rate accounting
 happened on the wrong node object.

- Generic network stack improvements:
   o The routing table is now based on ART offering a faster lookup.
   o The number of route lookup per packet has been reduced to 1 in the
 forwarding path.
   o The prio field on VLAN headers is now correctly set on each
 fragment of an IPv4 packet going out on a vlan(4) interface.
   o Enabled 

openbsd/socppc

[Denis Fondras]

Hello,

socppc is mentionned in 60.html but I can't find a build of it.

Denis 

Re: OpenBSD 6.0 release and errata60.html

[Francois Pussault]

hello, no apply patches new if you want to

> 
> From: R0me0 *** 
> Sent: Thu Sep 01 20:59:43 CEST 2016
> To: OpenBSD Misc 
> Subject: OpenBSD 6.0 release and errata60.html
>
>
> Hello misc,
>
> I have a little doubt
>
> Today was a Official Release of 6.0
>
> This release already include errata60.html patches or I need to apply ?
>
> Thanks in advance,
>


Cordialement
Francois Pussault
10 chemin de négo saoumos
apt 202 - bat 2
31300 Toulouse
+33 6 17 230 820
fpussa...@contactoffice.fr

Re: OpenBSD 6.0 release and errata60.html

[R0me0 ***]

Howdy !

Thanks for quick reply

Really appreciated.

Regards,





2016-09-01 16:06 GMT-03:00 Francois Pussault :

> hello, no apply patches new if you want to
>
> > 
> > From: R0me0 *** 
> > Sent: Thu Sep 01 20:59:43 CEST 2016
> > To: OpenBSD Misc 
> > Subject: OpenBSD 6.0 release and errata60.html
> >
> >
> > Hello misc,
> >
> > I have a little doubt
> >
> > Today was a Official Release of 6.0
> >
> > This release already include errata60.html patches or I need to apply ?
> >
> > Thanks in advance,
> >
>
>
> Cordialement
> Francois Pussault
> 10 chemin de négo saoumos
> apt 202 - bat 2
> 31300 Toulouse
> +33 6 17 230 820
> fpussa...@contactoffice.fr

Re: OpenBSD 6.0 release and errata60.html

[Daniel Ouellet]

On 9/1/16 2:59 PM, R0me0 *** wrote:
> Hello misc,
> 
> I have a little doubt
> 
> Today was a Official Release of 6.0
> 
> This release already include errata60.html patches or I need to apply ?

Yes you need to apply the patch.

The release was done long ago already it was release to the public
today. Takes time to get all piece together you know.

Might be more welcome to say thanks to the devs instead don't you think?

I am sure they would appreciate that more...

Best,

Daniel

OpenBSD 6.0 release and errata60.html

[R0me0 ***]

Hello misc,

I have a little doubt

Today was a Official Release of 6.0

This release already include errata60.html patches or I need to apply ?

Thanks in advance,

Re: BL460c G1 issues

[Steve Shockley]

On 2016-08-03 23:33, YASUOKA Masahiko wrote:

On Tue, 24 May 2016 16:02:21 -0400
Steve Shockley  wrote:

I have an HP BL460c blade I'm using with OpenBSD.  I was able to get
5.8 to install by disabling ACPI; since I'm lazy I didn't submit a bug
report.  I tried to upgrade to 5.9 (and -current), but booting from


I hit a similar problem on NEC Express5800/R110h-1.  On that machine,
X2APIC is enabled on boot and this seems to cause the panic following.


cpu0 at mainbus0panic: cpu at apic id 0 already attached?


So the diff disables the X2APIC.  Can you try the diff attached?


Thanks for your help.  Unfortunately, this did not solve the issue.  I 
was able to install by disabling ACPI, but the result would not boot.


Booting bsd.mp results in this result.  Unfortunately at this point 
moving the mouse or typing only generates garbage.


acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0panic: cpu at apic id 0 already attached?
Stopped at  Debugger+0x9:   leave
   TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
*0  0  0 0x1  0x2000  swapper
Debugger() at Debugger+0x9
panic() at panic+0xfe
cpu_attach() at cpu_attach+0x381
config_attach() at config_attach+0x1bc
acpimadt_attach() at acpimadt_attach+0x5cd
config_attach() at config_attach+0x1bc
acpi_attach() at acpi_attach+0x497
config_attach() at config_attach+0x1bc
bios_attach() at bios_attach+0x236
config_attach() at config_attach+0x1bc
mainbus_attach() at mainbus_attach+0x74
config_attach() at config_attach+0x1bc
cpu_configure() at cpu_configure+0x1b
main() at main+0x40d
end trace frame: 0x0, count: 1
http://www.openbsd.org/ddb.html describes the minimum info required in 
bug

reports.  Insufficient info makes it difficult to find and fix bugs.
ddb{0}> zx
ddb{0}> fjb1YW

Booting bsd.sp hangs after:
pckbc0 at isa0 port 0x60/5 irq 1 irq 12
pckbd0 at pckbc0 (kbd slot)
wskbd0 at pckbd0: console keyboard
pcppi0 at isa0 port 0x61
spkr0 at pcppi0

Booting bsd.mp with acpi disabled gives me:
root on sd0a (d986443fd835edf5.a) swap on sd0b dump on sd0b
bnx0: address 00:1c:c4:a8:63:94
brgphy0 at bnx0 phy 2: BCM5708S 1000/2500baseSX PHY, rev. 1
bnx1: address 00:1c:c4:a8:63:8c
brgphy1 at bnx1 phy 2: BCM5708S 1000/2500baseSX PHY, rev. 1
uvm_fault(0x8193ae00, 0x60, 0, 1) -> e
kernel: page fault trap, code=0
Stopped at  acpi_get_table_with_size+0x24:  movq
clean_idt+0x40(%rax),%r

ddb>

Again with keyboard unresponsive.  I guess that makes sense, there 
probably aren't many machines with bnx without ACPI.


dmesg from CD boot with ACPI disabled below.  Please let me know if 
you'd like to see any other info from this system.  Thanks.


# dmesg | more
OpenBSD 6.0-current (RAMDISK_CD) #2173: Thu Aug 25 23:16:10 MDT 2016
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 6423851008 (6126MB)
avail mem = 6227447808 (5938MB)
User Kernel Config
UKC> disable acpi
213 acpi0 disabled
UKC> quit
Continuing...
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xee000 (73 entries)
bios0: vendor HP version "I15" date 05/02/2011
bios0: HP ProLiant BL460c G1
acpi at bios0 not configured
mpbios0 at bios0: Intel MP Specification 1.4
cpu0 at mainbus0: apid 4 (boot processor)
cpu0: Intel(R) Xeon(R) CPU X5355 @ 2.66GHz, 2685.92 MHz
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,DCA,NXE,LONG,LAHF,PERF,SENSOR

cpu0: 4MB 64b/line 16-way L2 cache
cpu0: apic clock running at 333MHz
cpu0: mwait min=64, max=64, C-substates=0.2, IBE
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
cpu at mainbus0: not configured
mpbios0: bus 0 is type PCI
mpbios0: bus 1 is type PCI
mpbios0: bus 2 is type PCI
mpbios0: bus 3 is type PCI
mpbios0: bus 4 is type PCI
mpbios0: bus 5 is type PCI
mpbios0: bus 6 is type PCI
mpbios0: bus 7 is type PCI
mpbios0: bus 8 is type PCI
mpbios0: bus 9 is type PCI
mpbios0: bus 10 is type PCI
mpbios0: bus 164 is type PCI
mpbios0: bus 168 is type PCI
mpbios0: bus 13 is type PCI
mpbios0: bus 16 is type PCI
mpbios0: bus 19 is type PCI
mpbios0: bus 22 is type PCI
mpbios0: bus 188 is type PCI
mpbios0: bus 39 is type ISA
ioapic0 at mainbus0: apid 8 pa 0xfec0, version 20, 24 pins
pci0 at mainbus0 bus 0
pchb0 at pci0 dev 0 function 0 "Intel 5000P Host" rev 0xb1
ppb0 at pci0 dev 2 function 0 "Intel 5000 PCIE" rev 0xb1
pci1 at ppb0 bus 4
ppb1 at pci1 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01
pci2 at ppb1 bus 5
ppb2 at pci2 dev 0 function 0 "Intel 6321ESB PCIE" rev 0x01
pci3 at ppb2 bus 6
ppb3 at pci3 dev 0 function 0 "ServerWorks PCIE-PCIX" rev 0xc3
pci4 at ppb3 bus 7
bnx0 at pci4 dev 0 function 0 "Broadcom BCM5708S" rev 0x12: apic 8 int 
16

ppb4 at pci2 dev 1 function 0 "Intel 

OpenBSD 6.0 released, September 1, 2016

[Theo de Raadt]

September 1, 2016.

We are pleased to announce the official release of OpenBSD 6.0.
This is our 40th release on CD-ROM (and 41st via FTP/HTTP).  We remain
proud of OpenBSD's record of more than twenty years with only two remote
holes in the default install.

As in our previous releases, 6.0 provides significant improvements,
including new features, in nearly all areas of the system:

 - New/extended platforms:
o armv7:
   - EFI bootloader added, kernels are now loaded from FFS instead
 of FAT or EXT filesystems, without U-Boot headers.
   - A single kernel and ramdisk are now used for all SoCs.
   - Hardware is dynamically enumerated via Flattened Device Tree
 (FDT) instead of via static tables based on board id numbers.
   - Miniroot installer images include U-Boot 2016.07 with support
 for EFI payloads.
o vax:
   - Removed.

 - Improved hardware support, including:
o New bytgpio(4) driver for the Intel Bay Trail GPIO controller.
o New chvgpio(4) driver for the Intel Cherry View GPIO controller.
o New maxrtc(4) driver for the Maxim DS1307 real time clock.
o New nvme(4) driver for the Non-Volatile Memory Express (NVMe) host
  controller interface.
o New pcfrtc(4) driver for the NXP PCF8523 real time clock.
o New umb(4) driver for the Mobile Broadband Interface Model (MBIM).
o New ure(4) driver for RealTek RTL8152 based 10/100 USB Ethernet
  devices.
o New utvfu(4) driver for audio/video capture devices based on the
  Fushicai USBTV007.
o The iwm(4) driver now supports Intel Wireless 3165 and 8260
  devices, and works more reliably in RAMDISK kernels.
o Support for I2C HID devices with GPIO signalled interrupts has
  been added to dwiic(4).
o Support for larger bus widths, high speed modes, and DMA transfers
  has been added to sdmmc(4), rtsx(4), sdhc(4), and imxesdhc(4).
o Support for EHCI and OHCI compliant USB controllers on Octeon II
  SoCs.
o Many USB device drivers have been enabled on OpenBSD/octeon.
o Improved support for hardware-reduced ACPI implementations.
o Improved support for ACPI 5.0 implementations.
o AES-NI crypto is now done without holding the kernel lock.
o Improved AGP support on PowerPC G5 machines.
o Added support for the SD card slot in Intel Bay Trail SoCs.
o The ichiic(4) driver now ignores the SMBALERT# interrupt to
  prevent an interrupt storm with buggy BIOS implementations.
o Device attachment problems with the axen(4) driver have been
  fixed.
o The ral(4) driver is more stable under load with RT2860 devices.
o Problems with dead keyboards after resume have been fixed in the
  pckbd(4) driver.
o The rtsx(4) driver now supports RTS522A devices.
o Initial support for MSI-X has been added.
o Support MSI-X in the virtio(4) driver.
o Added a workaround for hardware DMA overruns to the dc(4) driver.
o The acpitz(4) driver now spins the fan down after cooling if ACPI
  uses hysteresis for active cooling.
o The xhci(4) driver now performs handoff from an xHCI-capable BIOS
  correctly.
o Support for multi-touch input has been added to the wsmouse(4)
  driver.
o The uslcom(4) driver now supports the serial console of Aruba 7xxx
  wireless controllers.
o The re(4) driver now works around broken LED configurations in
  APU1 EEPROMs.
o The ehci(4) driver now works around problems with ATI USB
  controllers (e.g. SB700).
o The xen(4) driver now supports domU configuration under Qubes OS.

 - IEEE 802.11 wireless stack improvements:
o The HT block ack receive buffer logic follows the algorithm given
  in the 802.11-2012 spec more closely.
o The iwn(4) driver now keeps track of HT protection changes while
  associated to an 11n AP.
o The wireless stack and several drivers make more aggressive use of
  RTS/CTS to avoid interference from legacy devices and hidden
  nodes.
o The netstat(1) -W command now shows information about 802.11n
  events.
o In hostap mode, do not reuse association IDs of nodes which are
  still cached. Fixes a problem where an access point using the
  ral(4) driver would get stuck at 1 Mbps because Tx rate accounting
  happened on the wrong node object.

 - Generic network stack improvements:
o The routing table is now based on ART offering a faster lookup.
o The number of route lookup per packet has been reduced to 1 in the
  forwarding path.
o The prio field on VLAN headers is now correctly set on each
  fragment of an IPv4 packet going out on a vlan(4) interface.
o Enabled device cloning for bpf(4). This allows the system to have
  just one bpf device node in /dev that services all bpf consumers
  (up to 1024).
o The Tx queue of the cnmac(4) driver can now be 

Your PHP install does not have the mhash() function.

[Kirill Peskov]

Hi All!

Using phpldapadmin under OpenBSD 5.9 recently I ran into a problem with
php-5.6 (fpm). phpldapadmin cannot work with password hashes and shows
the message:

Your PHP install does not have the mhash() function. In the older
versions there was separate extension for php-mhash, in the current one
this is not the case. mhash library from ports tree is already installed.

Any ideas (except building php binary from sources with --with-mhash
option)?


Thanx in advance,

Kirill