sk(4): jumbo mbufs and rxring accounting
this is an update of if_sk.c r1.151, which tried to introduce
mclgeti. it updates it to use the if_rxring accounting.
does anyone have one they can test this on?
it also saves about 2k on amd64.
Index: if_sk.c
===
RCS file: /cvs/src/sys/dev/pci/if_sk.c,v
retrieving revision 1.168
diff -u -p -r1.168 if_sk.c
--- if_sk.c 19 Apr 2014 18:29:39 - 1.168
+++ if_sk.c 10 Jul 2014 05:27:38 -
@@ -157,12 +157,10 @@ void sk_watchdog(struct ifnet *);
int sk_ifmedia_upd(struct ifnet *);
void sk_ifmedia_sts(struct ifnet *, struct ifmediareq *);
void skc_reset(struct sk_softc *);
-int sk_newbuf(struct sk_if_softc *, int, struct mbuf *, bus_dmamap_t);
-int sk_alloc_jumbo_mem(struct sk_if_softc *);
-void *sk_jalloc(struct sk_if_softc *);
-void sk_jfree(caddr_t, u_int, void *);
+int sk_newbuf(struct sk_if_softc *);
int sk_reset(struct sk_if_softc *);
int sk_init_rx_ring(struct sk_if_softc *);
+void sk_fill_rx_ring(struct sk_if_softc *);
int sk_init_tx_ring(struct sk_if_softc *);
int sk_xmac_miibus_readreg(struct device *, int, int);
@@ -551,21 +549,29 @@ sk_init_rx_ring(struct sk_if_softc *sc_i
rd->sk_rx_ring[i].sk_next = htole32(SK_RX_RING_ADDR(sc_if,
nexti));
}
- for (i = 0; i < SK_RX_RING_CNT; i++) {
- if (sk_newbuf(sc_if, i, NULL,
- sc_if->sk_cdata.sk_rx_jumbo_map) == ENOBUFS) {
- printf("%s: failed alloc of %dth mbuf\n",
- sc_if->sk_dev.dv_xname, i);
- return (ENOBUFS);
- }
- }
-
sc_if->sk_cdata.sk_rx_prod = 0;
sc_if->sk_cdata.sk_rx_cons = 0;
+ if_rxr_init(&sc_if->sk_cdata.sk_rx_ring, 2, SK_RX_RING_CNT);
+
+ sk_fill_rx_ring(sc_if);
+
return (0);
}
+void
+sk_fill_rx_ring(struct sk_if_softc *sc_if)
+{
+ struct if_rxring *rxr = &sc_if->sk_cdata.sk_rx_ring;
+ u_int slots;
+
+ for (slots = if_rxr_get(rxr, SK_RX_RING_CNT); slots > 0; slots--) {
+ if (sk_newbuf(sc_if) == ENOBUFS)
+ break;
+ }
+ if_rxr_put(rxr, slots);
+}
+
int
sk_init_tx_ring(struct sk_if_softc *sc_if)
{
@@ -613,199 +619,44 @@ sk_init_tx_ring(struct sk_if_softc *sc_i
}
int
-sk_newbuf(struct sk_if_softc *sc_if, int i, struct mbuf *m,
- bus_dmamap_t dmamap)
+sk_newbuf(struct sk_if_softc *sc_if)
{
- struct mbuf *m_new = NULL;
+ struct mbuf *m;
struct sk_chain *c;
struct sk_rx_desc *r;
+ bus_dmamap_tdmamap;
+ int error;
- if (m == NULL) {
- caddr_t buf = NULL;
-
- MGETHDR(m_new, M_DONTWAIT, MT_DATA);
- if (m_new == NULL)
- return (ENOBUFS);
-
- /* Allocate the jumbo buffer */
- buf = sk_jalloc(sc_if);
- if (buf == NULL) {
- m_freem(m_new);
- DPRINTFN(1, ("%s jumbo allocation failed -- packet "
- "dropped!\n", sc_if->arpcom.ac_if.if_xname));
- return (ENOBUFS);
- }
-
- /* Attach the buffer to the mbuf */
- m_new->m_len = m_new->m_pkthdr.len = SK_JLEN;
- MEXTADD(m_new, buf, SK_JLEN, 0, sk_jfree, sc_if);
- } else {
- /*
-* We're re-using a previously allocated mbuf;
-* be sure to re-init pointers and lengths to
-* default values.
-*/
- m_new = m;
- m_new->m_len = m_new->m_pkthdr.len = SK_JLEN;
- m_new->m_data = m_new->m_ext.ext_buf;
- }
- m_adj(m_new, ETHER_ALIGN);
-
- c = &sc_if->sk_cdata.sk_rx_chain[i];
- r = c->sk_desc;
- c->sk_mbuf = m_new;
- r->sk_data_lo = htole32(dmamap->dm_segs[0].ds_addr +
- (((vaddr_t)m_new->m_data
- - (vaddr_t)sc_if->sk_cdata.sk_jumbo_buf)));
- r->sk_ctl = htole32(SK_JLEN | SK_RXSTAT);
- SK_CDRXSYNC(sc_if, i, BUS_DMASYNC_PREWRITE|BUS_DMASYNC_PREREAD);
+ m = MCLGETI(NULL, M_DONTWAIT, NULL, SK_JLEN);
+ if (m == NULL)
+ return (ENOBUFS);
- return (0);
-}
+ m_adj(m, ETHER_ALIGN);
-/*
- * Memory management for jumbo frames.
- */
+ dmamap = sc_if->sk_cdata.sk_rx_map[sc_if->sk_cdata.sk_rx_prod];
-int
-sk_alloc_jumbo_mem(struct sk_if_softc *sc_if)
-{
- struct sk_softc *sc = sc_if->sk_softc;
- caddr_t ptr, kva;
- bus_dma_segment_t seg;
- int i, rseg, state, error;
- struct sk_jpool_entry *entry;
-
- state = error = 0;
-
- /* Grab a big chunk o' storage. */
- if (bus_dmamem_alloc(sc->sc_dmatag, SK_JMEM, PAGE_SIZE, 0,
-&seg, 1, &rseg, BUS_DMA_NOWAIT)) {
-
Re: ftp(1) User-Agent
About a month ago, I sent a diff that allows ftp(1) to set its
User-Agent.
Based on feedback from halex@ and deraadt@, I have changed it so that
the User-Agent can be set via a -U command-line option instead of an
environment variable.
I have also fixed a conflict with guenther@'s recent fetch.c commit.
Would anyone like to ok this latest version?
Index: fetch.c
===
RCS file: /cvs/src/usr.bin/ftp/fetch.c,v
retrieving revision 1.123
diff -u -p -r1.123 fetch.c
--- fetch.c 5 Jul 2014 09:20:54 - 1.123
+++ fetch.c 9 Jul 2014 03:41:16 -
@@ -884,10 +884,10 @@ again:
ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n"
"Proxy-Authorization: Basic %s%s\r\n%s\r\n\r\n",
epath, credentials, buf ? buf : "",
- HTTP_USER_AGENT);
+ httpuseragent);
else
ftp_printf(fin, ssl, "GET %s HTTP/1.0\r\n%s%s\r\n\r\n",
- epath, buf ? buf : "", HTTP_USER_AGENT);
+ epath, buf ? buf : "", httpuseragent);
} else {
#ifndef SMALL
@@ -945,7 +945,7 @@ again:
ftp_printf(fin, ssl, ":%s", port);
#endif /* !SMALL */
ftp_printf(fin, ssl, "\r\n%s%s\r\n\r\n",
- buf ? buf : "", HTTP_USER_AGENT);
+ buf ? buf : "", httpuseragent);
if (verbose)
fprintf(ttyout, "\n");
}
@@ -1284,6 +1284,9 @@ auto_fetch(int argc, char *argv[], char
char *cp, *url, *host, *dir, *file, *portnum;
char *username, *pass, *pathstart;
char *ftpproxy, *httpproxy;
+#ifndef SMALL
+ char *uagent = NULL;
+#endif /* !SMALL */
int rval, xargc;
volatile int argpos;
int dirhasglob, filehasglob, oautologin;
@@ -1304,6 +1307,13 @@ auto_fetch(int argc, char *argv[], char
if ((httpproxy = getenv(HTTP_PROXY)) != NULL && *httpproxy == '\0')
httpproxy = NULL;
+ if (httpuseragent == NULL)
+ httpuseragent = HTTP_USER_AGENT;
+#ifndef SMALL
+ else
+ uagent = httpuseragent;
+#endif /* !SMALL */
+
/*
* Loop through as long as there's files to fetch.
*/
@@ -1580,6 +1590,9 @@ bad_ftp_url:
}
if (connected && rval != -1)
disconnect(0, NULL);
+#ifndef SMALL
+ free(uagent);
+#endif /* !SMALL */
return (rval);
}
Index: ftp.1
===
RCS file: /cvs/src/usr.bin/ftp/ftp.1,v
retrieving revision 1.92
diff -u -p -r1.92 ftp.1
--- ftp.1 25 Jun 2014 06:57:42 - 1.92
+++ ftp.1 8 Jul 2014 22:06:04 -
@@ -62,6 +62,7 @@
.Op Fl o Ar output
.Op Fl S Ar ssl_options
.Op Fl s Ar srcaddr
+.Op Fl U Ar useragent
.Sm off
.No http[s]:// Oo Ar user : password No @
.Oc Ar host Oo : Ar port
@@ -268,6 +269,11 @@ of the connection.
Only useful on systems with more than one address.
.It Fl t
Enables packet tracing.
+.It Fl U Ar useragent
+Set
+.Ar useragent
+as the User-Agent for HTTP(S) URL requests.
+If not specified, the default User-Agent is ``OpenBSD ftp''.
.It Fl V
Disable verbose mode, overriding the default of enabled when input
is from a terminal.
Index: ftp_var.h
===
RCS file: /cvs/src/usr.bin/ftp/ftp_var.h,v
retrieving revision 1.33
diff -u -p -r1.33 ftp_var.h
--- ftp_var.h 24 Dec 2013 13:00:59 - 1.33
+++ ftp_var.h 12 Jun 2014 19:32:51 -
@@ -181,6 +181,7 @@ char *httpport; /* port number to use
#ifndef SMALL
char *httpsport; /* port number to use for https connections */
#endif /* !SMALL */
+char *httpuseragent; /* user agent for http(s) connections */
char *gateport;/* port number to use for gateftp
connections */
jmp_buftoplevel; /* non-local goto stuff for cmd scanner
*/
Index: main.c
===
RCS file: /cvs/src/usr.bin/ftp/main.c,v
retrieving revision 1.87
diff -u -p -r1.87 main.c
--- main.c 23 Jan 2014 00:39:15 - 1.87
+++ main.c 9 Jul 2014 03:45:03 -
@@ -198,9 +198,10 @@ main(volatile int argc, char *argv[])
#ifndef SMALL
cookiefile = getenv("http_cookies");
#endif /* !SMALL */
+ httpuseragent = NULL;
while ((ch = getopt(argc, argv,
- "46AaCc:dD:Eegik:mno:pP:r:S:s:tvV")) != -1) {
+ "46AaCc:dD:Eegik:mno:pP:r:S:s:tU:vV")) != -1) {
switch (ch) {
case '4':
family = PF_INET;
@@ -361,6 +362,20 @@ main(volatile int argc, char *argv[])
trace = 1;
break;
+ case 'U':
+#ifnd
divert(4) checksum offload
Packets that are reinjected via a divert(4) socket will have their IP
and protocol checksums recalculated, since the userspace application
could have modified them.
Currently, these checksums are manually recalculated by divert_output().
But now that the new checksum offloading system is in place, we can use
that instead, at least for reinjected outbound packets.
This diff does the following for reinjected packets:
1. Zero the protocol checksum.
2. Set the checksum flag in pkthdr.
3a. For outbound packets, let the stack take care of the checksum.
3b. For inbound packets, calculate the checksum immediately with
in_proto_cksum_out(m, NULL).
I'm not sure if it's all right to use in_proto_cksum_out() for inbound
packets (its name ends with "_out" after all :)) but using it really
helps to simplify things and avoid redundant code.
Thoughts/ok?
Index: netinet/ip_divert.c
===
RCS file: /cvs/src/sys/netinet/ip_divert.c,v
retrieving revision 1.23
diff -U7 -p -r1.23 ip_divert.c
--- netinet/ip_divert.c 10 Jul 2014 03:17:59 - 1.23
+++ netinet/ip_divert.c 10 Jul 2014 03:35:07 -
@@ -81,18 +81,17 @@ int
divert_output(struct inpcb *inp, struct mbuf *m, struct mbuf *nam,
struct mbuf *control)
{
struct ifqueue *inq;
struct sockaddr_in *sin;
struct socket *so;
struct ifaddr *ifa;
- int s, error = 0, p_hdrlen = 0;
+ int s, error = 0, p_hdrlen = 0, dir;
struct ip *ip;
- u_int16_t off, csum = 0;
- u_int8_t nxt;
+ u_int16_t off, csum_flag = 0;
size_t p_off = 0;
m->m_pkthdr.rcvif = NULL;
m->m_nextpkt = NULL;
m->m_pkthdr.ph_rtableid = inp->inp_rtableid;
if (control)
@@ -113,64 +112,72 @@ divert_output(struct inpcb *inp, struct
if (ip->ip_v != IPVERSION)
goto fail;
off = ip->ip_hl << 2;
if (off < sizeof(struct ip) || ntohs(ip->ip_len) < off ||
m->m_pkthdr.len < ntohs(ip->ip_len))
goto fail;
- /*
-* Recalculate IP and protocol checksums since the userspace application
-* may have modified the packet prior to reinjection.
-*/
- ip->ip_sum = 0;
- ip->ip_sum = in_cksum(m, off);
- nxt = ip->ip_p;
+ dir = (sin->sin_addr.s_addr == INADDR_ANY ? PF_OUT : PF_IN);
+
switch (ip->ip_p) {
case IPPROTO_TCP:
p_hdrlen = sizeof(struct tcphdr);
- p_off = offsetof(struct tcphdr, th_sum);
+ p_off = off + offsetof(struct tcphdr, th_sum);
+ csum_flag = M_TCP_CSUM_OUT;
break;
case IPPROTO_UDP:
p_hdrlen = sizeof(struct udphdr);
- p_off = offsetof(struct udphdr, uh_sum);
+ p_off = off + offsetof(struct udphdr, uh_sum);
+ csum_flag = M_UDP_CSUM_OUT;
break;
case IPPROTO_ICMP:
p_hdrlen = sizeof(struct icmp);
- p_off = offsetof(struct icmp, icmp_cksum);
- nxt = 0;
+ p_off = off + offsetof(struct icmp, icmp_cksum);
+ csum_flag = M_ICMP_CSUM_OUT;
break;
default:
/* nothing */
break;
}
- if (p_hdrlen) {
- if (m->m_pkthdr.len < off + p_hdrlen)
- goto fail;
+ if (p_hdrlen && m->m_pkthdr.len < off + p_hdrlen)
+ goto fail;
- if ((error = m_copyback(m, off + p_off, sizeof(csum), &csum,
M_NOWAIT)))
- goto fail;
- csum = in4_cksum(m, nxt, off, m->m_pkthdr.len - off);
- if (ip->ip_p == IPPROTO_UDP && csum == 0)
- csum = 0x;
- if ((error = m_copyback(m, off + p_off, sizeof(csum), &csum,
M_NOWAIT)))
- goto fail;
+ if (csum_flag) {
+ u_int16_t csum = 0;
+
+ if ((p_off + sizeof(u_int16_t)) > m->m_len) {
+ if ((error = m_copyback(m, p_off, sizeof(csum), &csum,
+ M_NOWAIT)))
+ goto fail;
+ } else
+ *(u_int16_t *)(mtod(m, caddr_t) + p_off) = 0;
+ m->m_pkthdr.csum_flags |= csum_flag;
}
m->m_pkthdr.pf.flags |= PF_TAG_DIVERTED_PACKET;
- if (sin->sin_addr.s_addr != INADDR_ANY) {
+ if (dir == PF_IN) {
ipaddr.sin_addr = sin->sin_addr;
ifa = ifa_ifwithaddr(sintosa(&ipaddr), m->m_pkthdr.ph_rtableid);
if (ifa == NULL) {
error = EADDRNOTAVAIL;
goto fail;
}
m->m_pkthdr.rcvif = ifa->ifa_ifp;
inq = &ipintrq;
+
+ /*
+* Recalculate IP and protocol checksums for the inbound packet
+* sinc
ppb driver not
Dear tech@, Running a somewhat recent snapshot the device behave differently, as the dmesg say : ppb5 at pci5 dev 0 function 0 vendor "Pericom", unknown product 0xe111 rev 0x02: not configured by system firmware instead of ppb5 at pci5 dev 0 function 0 vendor "Pericom", unknown product 0xe111 rev 0x02 in -stable At first i was thinking it was some kind of firmware issue and check /etc/firmware but it doesnt look like I do not know what is the best next step: - check with current - look for some diff between 5.5 - stable (where it was detected correctly) around ppb - something else Best regards, -- - () ascii ribbon campaign - against html e-mail /\
Re: diff: Option to use duids in /etc/dumpdates
On 07/09/14 21:13, Maximilian Fillinger wrote: Thanks for your feedback! I like the idea. I would have liked to read an explanation for the selected solution though, or a brief description of it. I'll add a description below for the benefit of other readers. I think adding a check to make sure there is a nonzero duid [...] is reasonable. Right, I'll add that. I think -U should imply -u, since there is no use for it without it. I'm not sure. Whether or not -u is given, dump searches /etc/dumpdates for the date of the latest lower-level dump. With my patch, if you want dump to search by duid, you need to give it the -U flag. So, as it is now, -U should not imply -u. On the other hand, it might make right. sense to always search for both duid and device-filename (preferring the duid when both are present). I think it defeats the purpose. You could end up looking at a line from a former dump fitting by device name but still referring to another disk. Description of the diff: In main.c, when the flag -U is given, we set duidflag = 1. Then, the program proceeds normally to determine what is to be dumped. We end up with disk being the device file name. We then read the disklabel from disk using ioctl DIOCGDINFO. We then do duid = asprintf(...) to print the duid from the disklabel, followed by a '.' and a partition letter (last character in disk). In itime.c, the function getdumptime() reads off the date of the latest lower-level dump. The patch modifies it so that it searches for duid instead of disk if duidflag is set. Similarly, putdumptime() is modified to update /etc/dumpdates with duid instead of disk. In include/protocols/dumprestore.h, I had to change the format strings DUMPOUTFMT and DUMPINFMT. These are used for writing and reading /etc/dumpdates, and when we allow duids in that file, the first field has to be wider. a bit more than I aimed at, but nice. ;) oh, diff with -uNp helps too, for a bit more context.
bpf_mtap_stripvlan
so dlg noticed that tcpdump on vlan is now somewhat busted,
specifically dhc* don't work on the any more. the reason is that bpf
now sees the ether_vlan_header instead of the ether_header. only
visible if your NIC does NOT have hw vlan tagging.
reason: while we previously would prepend an ethernet header in
ether_output and way later in vlan_start throw the ethernet header
away again, replacing it by an ether_vlan_header, we now add the
ether_vlan_header in ether_output already. the mtap is in vlan_start,
aka after.
now removing the ether_vlan_header and either prepending a new
ether_header or calling bpf_mtap_ether which adds a fake one didn't
seem too smart. so I made a bpf_mcopy_stripvlan which, well, cuts
those extra 4 bytes out.
the if_ethersubr.c chunk eases testing, it'll make us hit the right
codepath wether the hw has tagging or not. that chunk not to be
committed of course.
Index: net/bpf.c
===
RCS file: /cvs/src/sys/net/bpf.c,v
retrieving revision 1.97
diff -u -p -r1.97 bpf.c
--- net/bpf.c 9 Jul 2014 13:52:35 - 1.97
+++ net/bpf.c 9 Jul 2014 21:30:19 -
@@ -90,6 +90,7 @@ void bpf_ifname(struct ifnet *, struct i
void _bpf_mtap(caddr_t, struct mbuf *, u_int,
void (*)(const void *, void *, size_t));
void bpf_mcopy(const void *, void *, size_t);
+void bpf_mcopy_stripvlan(const void *, void *, size_t);
intbpf_movein(struct uio *, u_int, struct mbuf **,
struct sockaddr *, struct bpf_insn *);
void bpf_attachd(struct bpf_d *, struct bpf_if *);
@@ -1169,6 +1170,46 @@ bpf_mcopy(const void *src_arg, void *dst
}
/*
+ * Copy an ethernet frame from an mbuf chain into a buffer, strip the
+ * vlan header bits
+ */
+void
+bpf_mcopy_stripvlan(const void *src_arg, void *dst_arg, size_t len)
+{
+#if NVLAN > 0
+ const struct mbuf *m;
+ u_intcount, copied = 0, hdrdone = 0;
+ u_char *dst;
+ struct ether_vlan_header*evh;
+
+ m = src_arg;
+ dst = dst_arg;
+ evh = dst_arg;
+ while (len > 0) {
+ if (m == 0)
+ panic("bpf_mcopy_stripvlan");
+ count = min(m->m_len, len);
+ bcopy(mtod(m, caddr_t), (caddr_t)dst, count);
+ m = m->m_next;
+ dst += count;
+ len -= count;
+ copied += count;
+ if (!hdrdone && copied >= sizeof(struct ether_vlan_header) &&
+ (ntohs(evh->evl_encap_proto) == ETHERTYPE_VLAN ||
+ ntohs(evh->evl_encap_proto) == ETHERTYPE_QINQ)) {
+ /* move up by 4 bytes, overwrite encap_proto + tag */
+ memmove(&evh->evl_encap_proto, &evh->evl_proto, copied -
+ offsetof(struct ether_vlan_header, evl_proto));
+ dst -= (offsetof(struct ether_vlan_header, evl_proto) -
+ offsetof(struct ether_vlan_header,
+ evl_encap_proto)); /* long expression for "4" */
+ hdrdone = 1;
+ }
+ }
+#endif
+}
+
+/*
* like bpf_mtap, but copy fn can be given. used by various bpf_mtap*
*/
void
@@ -1218,6 +1259,13 @@ void
bpf_mtap(caddr_t arg, struct mbuf *m, u_int direction)
{
_bpf_mtap(arg, m, direction, NULL);
+}
+
+/* like bpf_mtap, but strip the vlan header, leave regular ethernet hdr */
+void
+bpf_mtap_stripvlan(caddr_t arg, struct mbuf *m, u_int direction)
+{
+ _bpf_mtap(arg, m, direction, bpf_mcopy_stripvlan);
}
/*
Index: net/bpf.h
===
RCS file: /cvs/src/sys/net/bpf.h,v
retrieving revision 1.45
diff -u -p -r1.45 bpf.h
--- net/bpf.h 9 Jul 2014 11:03:04 - 1.45
+++ net/bpf.h 9 Jul 2014 13:16:31 -
@@ -272,6 +272,7 @@ struct bpf_dltlist {
int bpf_validate(struct bpf_insn *, int);
int bpf_tap(caddr_t, u_char *, u_int, u_int);
voidbpf_mtap(caddr_t, struct mbuf *, u_int);
+voidbpf_mtap_stripvlan(caddr_t, struct mbuf *, u_int);
voidbpf_mtap_hdr(caddr_t, caddr_t, u_int, struct mbuf *, u_int,
void (*)(const void *, void *, size_t));
voidbpf_mtap_af(caddr_t, u_int32_t, struct mbuf *, u_int);
Index: net/if_ethersubr.c
===
RCS file: /cvs/src/sys/net/if_ethersubr.c,v
retrieving revision 1.173
diff -u -p -r1.173 if_ethersubr.c
--- net/if_ethersubr.c 8 Jul 2014 07:10:12 - 1.173
+++ net/if_ethersubr.c 9 Jul 2014 14:03:10 -
@@ -204,7 +204,7 @@ ether_addheader(struct mbuf **m, struct
struct ifnet*p = ifv->ifv_p;
/* should we use the tx tagging hw offload at all? */
- if ((p->if_capabilities & IFCAP_VLAN_HWTAGGING) &&
+ if (0 && (p->if_capabilities & IFCAP_VLAN_HWTAGGING) &&
Re: diff: Option to use duids in /etc/dumpdates
On 07/09/14 21:13, Maximilian Fillinger wrote: Thanks for your feedback! I like the idea. I would have liked to read an explanation for the selected solution though, or a brief description of it. I'll add a description below for the benefit of other readers. I think adding a check to make sure there is a nonzero duid [...] is reasonable. Right, I'll add that. I think -U should imply -u, since there is no use for it without it. I'm not sure. Whether or not -u is given, dump searches /etc/dumpdates for the date of the latest lower-level dump. With my patch, if you want dump to search by duid, you need to give it the -U flag. So, as it is now, -U should not imply -u. On the other hand, it might make sense to always search for both duid and device-filename (preferring the duid when both are present). Description of the diff: In main.c, when the flag -U is given, we set duidflag = 1. Then, the program proceeds normally to determine what is to be dumped. We end up with disk being the device file name. We then read the disklabel from disk using ioctl DIOCGDINFO. We then do duid = asprintf(...) to print the duid from the disklabel, followed by a '.' and a partition letter (last character in disk). In itime.c, the function getdumptime() reads off the date of the latest lower-level dump. The patch modifies it so that it searches for duid instead of disk if duidflag is set. Similarly, putdumptime() is modified to update /etc/dumpdates with duid instead of disk. In include/protocols/dumprestore.h, I had to change the format strings DUMPOUTFMT and DUMPINFMT. These are used for writing and reading /etc/dumpdates, and when we allow duids in that file, the first field has to be wider. While looking at this, I noticed we don't support specifying the duid for the device to dump. Thinking a bit more, I'm forming a different approach for this. Hold on. /Alexander
pcidevs: add devices for Vortex86EX SoC
Hello, here is device list for DM&P Vortex86EX SoC. ok? Index: pcidevs === RCS file: /cvs/src/sys/dev/pci/pcidevs,v retrieving revision 1.1730 diff -u -p -r1.1730 pcidevs --- pcidevs 8 Jul 2014 08:55:33 - 1.1730 +++ pcidevs 9 Jul 2014 19:44:53 - @@ -5830,11 +5830,20 @@ product RALINK RT5390 0x5390 RT5390 /* RDC products */ product RDC R1010_IDE 0x1010 R1010 IDE product RDC R1011_IDE 0x1011 R1011 IDE +product RDC R1012_IDE 0x1012 R1012 IDE +product RDC R1031_PCIE 0x1031 R1031 PCIe +product RDC R1060_USBD 0x1060 R1060 USB Device +product RDC R1070_CAN 0x1070 R1070 CAN +product RDC R1331_MC 0x1331 R1331 MC +product RDC R1710_SPI 0x1710 R1710 SPI +product RDC R3010_HDA 0x3010 R3010 HDA +product RDC R6011_SB 0x6011 R6011 SB product RDC R6021_HB 0x6021 R6021 Host +product RDC R6025_HB 0x6025 R6025 Host product RDC R6031_ISA 0x6031 R6031 ISA product RDC R6040_ETHER0x6040 R6040 Ethernet -product RDC R6060_OHCI 0x6060 R6060 USB -product RDC R6061_EHCI 0x6061 R6061 USB +product RDC R6060_OHCI 0x6060 R6060 USB OHCI +product RDC R6061_EHCI 0x6061 R6061 USB EHCI /* Realtek products */ product REALTEK RTS52090x5209 RTS5209 Card Reader -- SASANO Takayoshi
asn1 free null
just like libc free(), asn1_string_free can cope with null. so don't bother with polluting the callers with such tests. Index: asn1/a_bytes.c === RCS file: /cvs/src/lib/libssl/src/crypto/asn1/a_bytes.c,v retrieving revision 1.14 diff -u -p -r1.14 a_bytes.c --- asn1/a_bytes.c 12 Jun 2014 15:49:27 - 1.14 +++ asn1/a_bytes.c 9 Jul 2014 19:55:28 - @@ -121,7 +121,7 @@ d2i_ASN1_type_bytes(ASN1_STRING **a, con err: ASN1err(ASN1_F_D2I_ASN1_TYPE_BYTES, i); - if ((ret != NULL) && ((a == NULL) || (*a != ret))) + if (a == NULL || *a != ret) ASN1_STRING_free(ret); return (NULL); } @@ -230,7 +230,7 @@ d2i_ASN1_bytes(ASN1_STRING **a, const un return (ret); err: - if ((ret != NULL) && ((a == NULL) || (*a != ret))) + if (a == NULL || *a != ret) ASN1_STRING_free(ret); ASN1err(ASN1_F_D2I_ASN1_BYTES, i); return (NULL); @@ -292,14 +292,12 @@ asn1_collate_primitive(ASN1_STRING *a, A a->length = num; free(a->data); a->data = (unsigned char *)b.data; - if (os != NULL) - ASN1_STRING_free(os); + ASN1_STRING_free(os); return (1); err: ASN1err(ASN1_F_ASN1_COLLATE_PRIMITIVE, c->error); - if (os != NULL) - ASN1_STRING_free(os); + ASN1_STRING_free(os); free(b.data); return (0); } Index: asn1/p5_pbe.c === RCS file: /cvs/src/lib/libssl/src/crypto/asn1/p5_pbe.c,v retrieving revision 1.13 diff -u -p -r1.13 p5_pbe.c --- asn1/p5_pbe.c 12 Jun 2014 15:49:27 - 1.13 +++ asn1/p5_pbe.c 9 Jul 2014 19:55:29 - @@ -119,8 +119,7 @@ PKCS5_pbe_set0_algor(X509_ALGOR *algor, err: if (pbe != NULL) PBEPARAM_free(pbe); - if (pbe_str != NULL) - ASN1_STRING_free(pbe_str); + ASN1_STRING_free(pbe_str); return 0; } Index: dh/dh_ameth.c === RCS file: /cvs/src/lib/libssl/src/crypto/dh/dh_ameth.c,v retrieving revision 1.9 diff -u -p -r1.9 dh_ameth.c --- dh/dh_ameth.c 9 Jul 2014 13:26:47 - 1.9 +++ dh/dh_ameth.c 9 Jul 2014 19:55:29 - @@ -167,8 +167,7 @@ dh_pub_encode(X509_PUBKEY *pk, const EVP err: free(penc); - if (str) - ASN1_STRING_free(str); + ASN1_STRING_free(str); return 0; } @@ -271,10 +270,8 @@ dh_priv_encode(PKCS8_PRIV_KEY_INFO *p8, err: free(dp); - if (params != NULL) - ASN1_STRING_free(params); - if (prkey != NULL) - ASN1_INTEGER_free(prkey); + ASN1_STRING_free(params); + ASN1_INTEGER_free(prkey); return 0; } Index: dsa/dsa_ameth.c === RCS file: /cvs/src/lib/libssl/src/crypto/dsa/dsa_ameth.c,v retrieving revision 1.9 diff -u -p -r1.9 dsa_ameth.c --- dsa/dsa_ameth.c 9 Jul 2014 10:16:24 - 1.9 +++ dsa/dsa_ameth.c 9 Jul 2014 19:55:29 - @@ -164,8 +164,7 @@ dsa_pub_encode(X509_PUBKEY *pk, const EV err: free(penc); - if (pval) - ASN1_STRING_free(pval); + ASN1_STRING_free(pval); return 0; } @@ -319,10 +318,8 @@ dsa_priv_encode(PKCS8_PRIV_KEY_INFO *p8, err: free(dp); - if (params != NULL) - ASN1_STRING_free(params); - if (prkey != NULL) - ASN1_INTEGER_free(prkey); + ASN1_STRING_free(params); + ASN1_INTEGER_free(prkey); return 0; } Index: rsa/rsa_ameth.c === RCS file: /cvs/src/lib/libssl/src/crypto/rsa/rsa_ameth.c,v retrieving revision 1.7 diff -u -p -r1.7 rsa_ameth.c --- rsa/rsa_ameth.c 9 Jul 2014 08:20:08 - 1.7 +++ rsa/rsa_ameth.c 9 Jul 2014 19:55:29 - @@ -622,8 +622,7 @@ err: X509_ALGOR_free(mgf1alg); if (pss) RSA_PSS_PARAMS_free(pss); - if (os1) - ASN1_STRING_free(os1); + ASN1_STRING_free(os1); return rv; } return 2;
Re: Paravirtualized optimizations for KVM
On Tuesday 08 July 2014 23:53:21, Mark Kettenis wrote: > Are these paravirtualization APIs stable? Are they (properly) > documented somewhere? Mostly. So far, I am using three things: 1) the paravirtualized EOI. Documented in Documentation/virtual/kvm/msr.txt in linux source. 2) the MSR to write to the lapic ICR register. This is a Hyper-V interface that is also implemented by KVM. It's documented in the Microsoft Hyper-V docs (don't have a pointer right now). 3) the fact that doing IPIs does not require waiting for the BUSY bit to clear in ICR. This is really an implementation detail in KVM. Unless there is some way to detect this, it's not something that one can depend on by default but it could be enabled by some UKC flag with default off. A different approach would be to add support for x2apic mode, which would take care of 2)+3). But this cannot be mixed with normal accesses to the memory mapped apic registers (xapic mode) and would therefore be a lot more intrusive to implement. > If we're serious about supporting OpenBSD on (KVM) hypervisors, > something like this makes sense. We tend to try and have a single > kernel that runs on the widest range of hardware that is possible. > For example the OpenBSD/sparc64 kernel runs on both sun4u and sun4v > hardware, and the sun4v platforms has written paravirtualization all > over it. There I successfully made use of code patching > techniques. That might help on x86 as well. Yes, code patching may be useful. I haven't noticed it used in openbsd before, but I will take a look at sparc64. > Can't say I'm happy with making the interrupt handling code even > more complicated though... Do you think that putting all lapic operations as function into a apic_ops struct would be preferable? This would make the code much easier to read/maintain at the cost of some indirection and a few function calls in interrupt paths.
Re: diff: Option to use duids in /etc/dumpdates
Thanks for your feedback! > I like the idea. I would have liked to read an explanation for the > selected solution though, or a brief description of it. I'll add a description below for the benefit of other readers. > I think adding a check to make sure there is a nonzero duid [...] > is reasonable. Right, I'll add that. > I think -U should imply -u, since there is no use for it without it. I'm not sure. Whether or not -u is given, dump searches /etc/dumpdates for the date of the latest lower-level dump. With my patch, if you want dump to search by duid, you need to give it the -U flag. So, as it is now, -U should not imply -u. On the other hand, it might make sense to always search for both duid and device-filename (preferring the duid when both are present). Description of the diff: In main.c, when the flag -U is given, we set duidflag = 1. Then, the program proceeds normally to determine what is to be dumped. We end up with disk being the device file name. We then read the disklabel from disk using ioctl DIOCGDINFO. We then do duid = asprintf(...) to print the duid from the disklabel, followed by a '.' and a partition letter (last character in disk). In itime.c, the function getdumptime() reads off the date of the latest lower-level dump. The patch modifies it so that it searches for duid instead of disk if duidflag is set. Similarly, putdumptime() is modified to update /etc/dumpdates with duid instead of disk. In include/protocols/dumprestore.h, I had to change the format strings DUMPOUTFMT and DUMPINFMT. These are used for writing and reading /etc/dumpdates, and when we allow duids in that file, the first field has to be wider.
Re: diff: fix dhcpinform to work without lease
On Wed, 9 Jul 2014 19:08:09 +0200 Kenneth Westerback wrote: > On 9 July 2014 16:26, YASUOKA Masahiko wrote: >> This diff fixes dhcpinform to work without lease. >> >> ok? >> >> Fix dhcpinform to work without lease. >> >> Diff from Yuuichi Someya. > > This seems to be a large chunk of code duplication. Was it not be > possible to have dhcpinform() create a lease and then simply call the > normal ack_lease() function to send out the information? Just creating a lease and calling ack_lease() doesn't comply with RFC 2131. So creating a fake lease and adding some "if" switches to ack_lease() is required. And I didn't think it's better. --yasuoka
new relayd(8) filter rules
Hi,
I just committed a big change to relayd: the new filtering language.
tl;dr - I need your help! Please test the new filter rules in relayd
-current to eliminate any remaining issues in the new implementation.
When I wrote the HTTP support in relayd, I needed a way to filter and
manipulate HTTP headers, to add the X-Forwarded-For header for load
balancing or to select a backend server based on hashed cookies. So I
added the tree-based "protocol nodes". The code was extended to
support URLs, blacklists and many other HTTP options over the time. I
didn't like the implementation very much, because it extended the
intial red/black tree of HTTP headers into a forest of trees and
associated lists with multiple hooks for the filters.
One main missing feature of the old code was the possibility to select
a relay target based on the request path or URL, for example to send
requests to "/images" to a different backend than requests to "/". I
refused to cram it into the existing "protocol nodes" because it
didn't fit in the old implementation and grammar.
So I removed all the "protocol nodes" code from relayd and started to
reimplement it as a new filtering subsystem. The resulting
configuration language uses last-matching pf-like rules starting with
the "pass", "block" or "match" keywords. If you know how to use
OpenBSD's pf, you will quickly know how to use the filter rules;
otherwise it is a bit of a learning curve.
Good news: the new filter rules now support URL-based relaying.
http protocol www {
return error
pass
match request path "/images/*" forward to
}
relayd www {
listen on 10.1.1.1 port 80
protocol www
forward to check tcp port 80
forward to check tcp port 80
}
andre@ helped me by writing a tool that ended up as a port in
sysutils/relayd-updateconf to convert old configuration files to the
new grammar. This tool is provided as a convenience, and you should
still review and adjust the configuration manually. He also updated
the regression tests in src/regress/usr.sbin/relayd to verify the
functionality of existing relayd features with the new grammar.
Now I need your help to test it in the real world! We will continue
to improve the code and add a few more features (like filtering based
on IP addresses, other protocols, and more), but we also want to make
sure that it does not break any existings setups.
Reyk
--
relayd - BSD plumbing since 2006: http://bsd.plumbing/
Re: increase netcat's buffer...
On Wed, Jul 09, 2014 at 18:33, Arne Becker wrote:
> atelnet uses atomicio, which depends on blocking sockets. Since we call
> atelnet from readwrite, the sockets are likely non-blocking.
> If we enter the for()-loop in atelnet, we set the sockets to blocking
> and remember that, so we do it only once.
> If we made them blocking, we make them non-blocking again at the end.
> + /* make all fds non-blocking */
> + for (n = 0; n < 4; n++) {
> + if (pfd[n].fd == -1)
> + continue;
> + flags = fcntl(pfd[n].fd, F_GETFL, 0);
> + /*
> + * For sockets and pipes, we want non-block, but setting it
> + * might fail for files or devices, so we ignore the return
> + * code.
> + */
> + fcntl(pfd[n].fd, F_SETFL, flags | O_NONBLOCK);
> + }
Thanks. I think this is the trouble spot. Without this, we don't need
to fool around in atelnet either. And we probably don't really need
this. The point isn't really to create an nc that never blocks. In
particular, turning stdin and stdout non-blocking has weird effects
that has broken sh pipelines in the past.
Drop the above, the relevant chunk in atelnet, and I think it looks good.
Re: increase netcat's buffer...
Hi.
>> -err(1, "bind failed");
>> +errx(1, "bind failed: %s", strerror(errno));
>> freeaddrinfo(ares);
>
> This doesn't seem necessary, or correct.
Indeed. New patch below.
>> @@ -640,7 +648,7 @@ timeout_connect(int s, const struct sock
>> if (timeout != -1) {
>> flags = fcntl(s, F_GETFL, 0);
>> if (fcntl(s, F_SETFL, flags | O_NONBLOCK) == -1)
>> -err(1, "set non-blocking mode");
>> +warn("unable to set non-blocking mode");
>
> ok, maybe. i wonder what this will break...
Since this must be a socket, O_NONBLOCK really should not fail. Changed
back to err in patch below.
>> @@ -877,8 +1049,20 @@ atelnet(int nfd, unsigned char *buf, uns
>>
>> p++;
>> obuf[2] = *p;
>> +
>> +if (!blocking) {
>> +flags = fcntl(nfd, F_GETFL, 0);
>> +if (fcntl(nfd, F_SETFL, flags & ~O_NONBLOCK) == -1)
>> +warn("unable to set blocking mode");
>> +blocking = 1;
>> +}
>> if (atomicio(vwrite, nfd, obuf, 3) != 3)
>> warn("Write Error!");
>> +}
>> +if (blocking) {
>> +flags = fcntl(nfd, F_GETFL, 0);
>> +if (fcntl(nfd, F_SETFL, flags | O_NONBLOCK) == -1)
>> +warn("unable to set non-blocking mode");
>> }
>> }
>
> I don't understand this part. What's the reasoning?
atelnet uses atomicio, which depends on blocking sockets. Since we call
atelnet from readwrite, the sockets are likely non-blocking.
If we enter the for()-loop in atelnet, we set the sockets to blocking
and remember that, so we do it only once.
If we made them blocking, we make them non-blocking again at the end.
We could also append the bytes that atelnet adds to the stdinbuf we have
in readwrite, but I wanted to keep it simple. Likely performance isn't
that much of an issue for telnet.
In any case, it is arguable if we should pass the bytes of the "IAC
WILL/DO X" on, since if netcat answers, the user likely isn't interested
in seeing them. Again, I kept it simple, it works like it did before.
Lightly tested against a telnet server.
- Arne
Index: netcat.c
===
RCS file: /mount/cvsdev/cvs/openbsd/src/usr.bin/nc/netcat.c,v
retrieving revision 1.121
diff -u -p -r1.121 netcat.c
--- netcat.c10 Jun 2014 16:35:42 - 1.121
+++ netcat.c9 Jul 2014 16:06:01 -
@@ -65,6 +65,12 @@
#define PORT_MAX_LEN 6
#define UNIX_DG_TMP_SOCKET_SIZE19
+#define POLL_STDIN 0
+#define POLL_NETOUT 1
+#define POLL_NETIN 2
+#define POLL_STDOUT 3
+#define BUFSIZE 16384
+
/* Command Line Options */
intdflag; /* detached, no stdin */
intFflag; /* fdpass sock to stdout */
@@ -112,6 +118,8 @@ voidset_common_sockopts(int);
intmap_tos(char *, int *);
void report_connect(const struct sockaddr *, socklen_t);
void usage(int);
+ssize_t drainbuf(int, unsigned char *, size_t *);
+ssize_t fillbuf(int, unsigned char *, size_t *);
int
main(int argc, char *argv[])
@@ -640,7 +648,7 @@ timeout_connect(int s, const struct sock
if (timeout != -1) {
flags = fcntl(s, F_GETFL, 0);
if (fcntl(s, F_SETFL, flags | O_NONBLOCK) == -1)
- err(1, "set non-blocking mode");
+ err(1, "unable to set non-blocking mode");
}
if ((ret = connect(s, name, namelen)) != 0 && errno == EINPROGRESS) {
@@ -730,67 +738,229 @@ local_listen(char *host, char *port, str
* Loop that polls on the network file descriptor and stdin.
*/
void
-readwrite(int nfd)
+readwrite(int net_fd)
{
- struct pollfd pfd[2];
- unsigned char buf[16 * 1024];
- int n, wfd = fileno(stdin);
- int lfd = fileno(stdout);
- int plen;
-
- plen = sizeof(buf);
-
- /* Setup Network FD */
- pfd[0].fd = nfd;
- pfd[0].events = POLLIN;
+ struct pollfd pfd[4];
+ int stdin_fd = STDIN_FILENO;
+ int stdout_fd = STDOUT_FILENO;
+ unsigned char netinbuf[BUFSIZE];
+ size_t netinbufpos = 0;
+ unsigned char stdinbuf[BUFSIZE];
+ size_t stdinbufpos = 0;
+ int n, num_fds, flags;
+ ssize_t ret;
+
+ /* don't read from stdin if requested */
+ if (dflag)
+ stdin_fd = -1;
+
+ /* stdin */
+ pfd[POLL_STDIN].fd = stdin_fd;
+ pfd[POLL_STDIN].events = POLLIN;
+
+ /* network out */
+ pfd[POLL_NETOUT].fd = net_fd;
+ pfd[POLL_NETOUT].events = 0;
+
+ /* network in */
+ pfd[POLL_NETIN].fd = net_fd;
+ pfd[POLL_NETIN].events = POLLIN;
+
+ /* stdout */
+ pfd[POLL_STDOUT].fd = stdout_fd;
+ pfd[POLL_STDOUT].events = 0;
+
+
+ /* make all fds non-blocking */
+ for (n = 0; n < 4; n++) {
+ if (pfd[n].fd == -1)
+ continue;
+
Re: Kill unused (cached) routes
On Wed, Jul 09, 2014 at 04:56:13PM +0200, Bret Lambert wrote:
> On Wed, Jul 09, 2014 at 04:52:06PM +0200, Martin Pieuchot wrote:
> > While looking at route refcounting issues I found some unused fields...
> >
> > Ok to kill them?
>
> These appear to have been part of a plan of deep and evil magic;
> the diff appears okay to me on purely visual inspection, at least.
Hmm. I though gif was still caching the tunnel endpoint but maybe I'm
wrong. Caching the route could make sense but is not super important.
If they are not used then they should be removed for sure.
> >
> > Index: net/if_gif.h
> > ===
> > RCS file: /cvs/src/sys/net/if_gif.h,v
> > retrieving revision 1.10
> > diff -u -p -r1.10 if_gif.h
> > --- net/if_gif.h21 Nov 2009 14:08:14 - 1.10
> > +++ net/if_gif.h9 Jul 2014 14:49:25 -
> > @@ -37,29 +37,13 @@
> > #ifndef _NET_IF_GIF_H_
> > #define _NET_IF_GIF_H_
> >
> > -
> > -#include
> > -/* XXX sigh, why route have struct route instead of pointer? */
> > -
> > struct gif_softc {
> > struct ifnetgif_if;/* common area */
> > struct sockaddr *gif_psrc; /* Physical src addr */
> > struct sockaddr *gif_pdst; /* Physical dst addr */
> > - union {
> > - struct route gifscr_ro;/* xxx */
> > -#ifdef INET6
> > - struct route_in6 gifscr_ro6; /* xxx */
> > -#endif
> > - } gifsc_gifscr;
> > - int gif_flags;
> > u_int gif_rtableid;
> > LIST_ENTRY(gif_softc) gif_list; /* list of all gifs */
> > };
> > -
> > -#define gif_ro gifsc_gifscr.gifscr_ro
> > -#ifdef INET6
> > -#define gif_ro6 gifsc_gifscr.gifscr_ro6
> > -#endif
> >
> > #define GIF_MTU(1280) /* Default MTU */
> > #defineGIF_MTU_MIN (1280) /* Minimum MTU */
> > Index: netinet6/ip6_mroute.h
> > ===
> > RCS file: /cvs/src/sys/netinet6/ip6_mroute.h,v
> > retrieving revision 1.13
> > diff -u -p -r1.13 ip6_mroute.h
> > --- netinet6/ip6_mroute.h 29 Oct 2013 19:05:45 - 1.13
> > +++ netinet6/ip6_mroute.h 9 Jul 2014 14:49:25 -
> > @@ -180,7 +180,6 @@ struct mif6 {
> > u_int64_t m6_pkt_out; /* # pkts out on interface */
> > u_int64_t m6_bytes_in;/* # bytes in on interface */
> > u_int64_t m6_bytes_out; /* # bytes out on interface */
> > - struct route_in6 m6_route;/* cached route if this is a tunnel */
> > };
> >
> > /*
> >
>
--
:wq Claudio
Re: Kill unused (cached) routes
On Wed, Jul 09, 2014 at 04:52:06PM +0200, Martin Pieuchot wrote:
> While looking at route refcounting issues I found some unused fields...
>
> Ok to kill them?
These appear to have been part of a plan of deep and evil magic;
the diff appears okay to me on purely visual inspection, at least.
>
> Index: net/if_gif.h
> ===
> RCS file: /cvs/src/sys/net/if_gif.h,v
> retrieving revision 1.10
> diff -u -p -r1.10 if_gif.h
> --- net/if_gif.h 21 Nov 2009 14:08:14 - 1.10
> +++ net/if_gif.h 9 Jul 2014 14:49:25 -
> @@ -37,29 +37,13 @@
> #ifndef _NET_IF_GIF_H_
> #define _NET_IF_GIF_H_
>
> -
> -#include
> -/* XXX sigh, why route have struct route instead of pointer? */
> -
> struct gif_softc {
> struct ifnetgif_if;/* common area */
> struct sockaddr *gif_psrc; /* Physical src addr */
> struct sockaddr *gif_pdst; /* Physical dst addr */
> - union {
> - struct route gifscr_ro;/* xxx */
> -#ifdef INET6
> - struct route_in6 gifscr_ro6; /* xxx */
> -#endif
> - } gifsc_gifscr;
> - int gif_flags;
> u_int gif_rtableid;
> LIST_ENTRY(gif_softc) gif_list; /* list of all gifs */
> };
> -
> -#define gif_ro gifsc_gifscr.gifscr_ro
> -#ifdef INET6
> -#define gif_ro6 gifsc_gifscr.gifscr_ro6
> -#endif
>
> #define GIF_MTU (1280) /* Default MTU */
> #define GIF_MTU_MIN (1280) /* Minimum MTU */
> Index: netinet6/ip6_mroute.h
> ===
> RCS file: /cvs/src/sys/netinet6/ip6_mroute.h,v
> retrieving revision 1.13
> diff -u -p -r1.13 ip6_mroute.h
> --- netinet6/ip6_mroute.h 29 Oct 2013 19:05:45 - 1.13
> +++ netinet6/ip6_mroute.h 9 Jul 2014 14:49:25 -
> @@ -180,7 +180,6 @@ struct mif6 {
> u_int64_t m6_pkt_out; /* # pkts out on interface */
> u_int64_t m6_bytes_in;/* # bytes in on interface */
> u_int64_t m6_bytes_out; /* # bytes out on interface */
> - struct route_in6 m6_route;/* cached route if this is a tunnel */
> };
>
> /*
>
Kill unused (cached) routes
While looking at route refcounting issues I found some unused fields...
Ok to kill them?
Index: net/if_gif.h
===
RCS file: /cvs/src/sys/net/if_gif.h,v
retrieving revision 1.10
diff -u -p -r1.10 if_gif.h
--- net/if_gif.h21 Nov 2009 14:08:14 - 1.10
+++ net/if_gif.h9 Jul 2014 14:49:25 -
@@ -37,29 +37,13 @@
#ifndef _NET_IF_GIF_H_
#define _NET_IF_GIF_H_
-
-#include
-/* XXX sigh, why route have struct route instead of pointer? */
-
struct gif_softc {
struct ifnetgif_if;/* common area */
struct sockaddr *gif_psrc; /* Physical src addr */
struct sockaddr *gif_pdst; /* Physical dst addr */
- union {
- struct route gifscr_ro;/* xxx */
-#ifdef INET6
- struct route_in6 gifscr_ro6; /* xxx */
-#endif
- } gifsc_gifscr;
- int gif_flags;
u_int gif_rtableid;
LIST_ENTRY(gif_softc) gif_list; /* list of all gifs */
};
-
-#define gif_ro gifsc_gifscr.gifscr_ro
-#ifdef INET6
-#define gif_ro6 gifsc_gifscr.gifscr_ro6
-#endif
#define GIF_MTU(1280) /* Default MTU */
#defineGIF_MTU_MIN (1280) /* Minimum MTU */
Index: netinet6/ip6_mroute.h
===
RCS file: /cvs/src/sys/netinet6/ip6_mroute.h,v
retrieving revision 1.13
diff -u -p -r1.13 ip6_mroute.h
--- netinet6/ip6_mroute.h 29 Oct 2013 19:05:45 - 1.13
+++ netinet6/ip6_mroute.h 9 Jul 2014 14:49:25 -
@@ -180,7 +180,6 @@ struct mif6 {
u_int64_t m6_pkt_out; /* # pkts out on interface */
u_int64_t m6_bytes_in;/* # bytes in on interface */
u_int64_t m6_bytes_out; /* # bytes out on interface */
- struct route_in6 m6_route;/* cached route if this is a tunnel */
};
/*
diff: fix dhcpinform to work without lease
This diff fixes dhcpinform to work without lease.
ok?
Fix dhcpinform to work without lease.
Diff from Yuuichi Someya.
Index: usr.sbin/dhcpd/dhcp.c
===
RCS file: /disk/cvs/openbsd/src/usr.sbin/dhcpd/dhcp.c,v
retrieving revision 1.36
diff -u -p -r1.36 dhcp.c
--- usr.sbin/dhcpd/dhcp.c 5 Apr 2013 19:31:36 - 1.36
+++ usr.sbin/dhcpd/dhcp.c 9 Jul 2014 14:00:05 -
@@ -45,6 +45,8 @@ int outstanding_pings;
static char dhcp_message[256];
+void ack_inform(struct packet *, struct subnet *, struct iaddr *);
+
void
dhcp(struct packet *packet)
{
@@ -500,7 +502,6 @@ dhcpdecline(struct packet *packet)
void
dhcpinform(struct packet *packet)
{
- struct lease *lease;
struct iaddr cip;
struct subnet *subnet;
@@ -528,28 +529,328 @@ dhcpinform(struct packet *packet)
return;
}
- lease = find_lease(packet, subnet->shared_network, 0);
- if (!lease) {
- note("DHCPINFORM packet from %s but no lease present",
- print_hw_addr(packet->raw->htype, packet->raw->hlen,
- packet->raw->chaddr));
- return;
- }
+ ack_inform(packet, subnet, &cip);
+}
- /* If this subnet won't boot unknown clients, ignore the
- request. */
- if (!lease->host &&
- !lease->subnet->group->boot_unknown_clients) {
- note("Ignoring unknown client %s",
- print_hw_addr(packet->raw->htype, packet->raw->hlen,
- packet->raw->chaddr));
- } else if (lease->host && !lease->host->group->allow_booting) {
- note("Declining to boot client %s",
- lease->host->name ? lease->host->name :
- print_hw_addr(packet->raw->htype, packet->raw->hlen,
- packet->raw->chaddr));
+void
+ack_inform(struct packet *packet, struct subnet *subnet, struct iaddr *cip)
+{
+ struct lease lt;
+ struct lease_state *state;
+ struct class *vendor_class, *user_class;
+ int ulafdr, i;
+
+ if (packet->options[DHO_DHCP_CLASS_IDENTIFIER].len) {
+ vendor_class = find_class(0,
+ packet->options[DHO_DHCP_CLASS_IDENTIFIER].data,
+ packet->options[DHO_DHCP_CLASS_IDENTIFIER].len);
} else
- ack_lease(packet, lease, DHCPACK, 0);
+ vendor_class = NULL;
+
+ if (packet->options[DHO_DHCP_USER_CLASS_ID].len) {
+ user_class = find_class(1,
+ packet->options[DHO_DHCP_USER_CLASS_ID].data,
+ packet->options[DHO_DHCP_USER_CLASS_ID].len);
+ } else
+ user_class = NULL;
+
+ /* Allocate a lease state structure... */
+ state = new_lease_state("ack_inform");
+ if (!state)
+ error("unable to allocate lease state!");
+ memset(state, 0, sizeof *state);
+ state->got_requested_address = packet->got_requested_address;
+ state->shared_network = packet->interface->shared_network;
+
+ /* Remember if we got a server identifier option. */
+ if (packet->options[DHO_DHCP_SERVER_IDENTIFIER].len)
+ state->got_server_identifier = 1;
+
+ if (user_class && user_class->group->filename)
+ strlcpy(state->filename, user_class->group->filename,
+ sizeof state->filename);
+ else if (vendor_class && vendor_class->group->filename)
+ strlcpy(state->filename, vendor_class->group->filename,
+ sizeof state->filename);
+ else if (packet->raw->file[0])
+ strlcpy(state->filename, packet->raw->file,
+ sizeof state->filename);
+ else if (subnet->group->filename)
+ strlcpy(state->filename, subnet->group->filename,
+ sizeof state->filename);
+ else
+ strlcpy(state->filename, "", sizeof state->filename);
+
+ /* Choose a server name as above. */
+ if (user_class && user_class->group->server_name)
+ state->server_name = user_class->group->server_name;
+ else if (vendor_class && vendor_class->group->server_name)
+ state->server_name = vendor_class->group->server_name;
+ else if (subnet->group->server_name)
+ state->server_name = subnet->group->server_name;
+ else state->server_name = NULL;
+
+ memset(<, 0, sizeof lt);
+ lt.ip_addr = *cip;
+
+ /* Record the uid, if given... */
+ i = DHO_DHCP_CLIENT_IDENTIFIER;
+ if (packet->options[i].len) {
+ if (packet->options[i].len <= sizeof lt.uid_buf) {
+ memcpy(lt.uid_buf, packet->options[i].data,
+ packet->options[i].len);
+ lt.uid = lt.uid_buf;
+ lt.uid_max = sizeof lt.uid_buf;
+ lt.uid_le
diff: dhcpd on DLT_LOOP interfaces
Hi,
Some users of npppd(8) want to use dhcpd(8) on tunneling interface to
provide additional routing entries and so on to VPN clients. So I'd
like to make the dhcpd work on the DLT_LOOP interfaces.
comment or ok?
Make dhcpd(8) work on the DLT_LOOP interfaces.
worked with Yuuichi Someya
Index: usr.sbin/dhcpd/bpf.c
===
RCS file: /disk/cvs/openbsd/src/usr.sbin/dhcpd/bpf.c,v
retrieving revision 1.10
diff -u -p -r1.10 bpf.c
--- usr.sbin/dhcpd/bpf.c5 Apr 2013 19:31:36 - 1.10
+++ usr.sbin/dhcpd/bpf.c9 Jul 2014 13:59:31 -
@@ -52,6 +52,9 @@
#define BPF_FORMAT "/dev/bpf%d"
+void dhcp_bpf_filter(struct bpf_program *, int);
+void dhcp_bpf_wfilter (struct bpf_program *, int);
+
/*
* Called by get_interface_list for each interface that's discovered.
* Opens a packet filter for each interface and adds it to the select
@@ -94,76 +97,116 @@ if_register_send(struct interface_info *
info->wfdesc = info->rfdesc;
}
+#define SUBST_BPF_STMT(_insns, _code, _k) \
+do {\
+struct bpf_insn insnx = BPF_STMT((_code), (_k));\
+(_insns) = insnx; \
+} while (0 /* CONSTCOND */)
+
+#define SUBST_BPF_JUMP(_insns, _code, _k, _jt, _jf) \
+do {\
+struct bpf_insn insnx = \
+BPF_JUMP((_code), (_k), (_jt), (_jf)); \
+(_insns) = insnx; \
+} while (0 /* CONSTCOND */)
+
/*
* Packet read filter program: 'ip and udp and dst port bootps'
*/
-struct bpf_insn dhcp_bpf_filter[] = {
+void
+dhcp_bpf_filter(struct bpf_program *p, int dlt)
+{
+ int hdrlen;
+ static struct bpf_insn insns[11];
+
/* Make sure this is an IP packet... */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 12),
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 8),
+ if (dlt == DLT_LOOP) {
+ SUBST_BPF_STMT(insns[0], BPF_LD + BPF_W + BPF_ABS, 0);
+ SUBST_BPF_JUMP(insns[1], BPF_JMP + BPF_JEQ + BPF_K, AF_INET, 0,
8);
+ hdrlen = 4;
+ } else {
+ /* Make sure this is an IP packet... */
+ SUBST_BPF_STMT(insns[0], BPF_LD + BPF_H + BPF_ABS, 12);
+ SUBST_BPF_JUMP(insns[1], BPF_JMP + BPF_JEQ + BPF_K,
ETHERTYPE_IP, 0, 8);
+ hdrlen = 14;
+ }
/* Make sure it's a UDP packet... */
- BPF_STMT(BPF_LD + BPF_B + BPF_ABS, 23),
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 0, 6),
+ SUBST_BPF_STMT(insns[2], BPF_LD + BPF_B + BPF_ABS, hdrlen + 9);
+ SUBST_BPF_JUMP(insns[3], BPF_JMP + BPF_JEQ + BPF_K, IPPROTO_UDP, 0, 6);
/* Make sure this isn't a fragment... */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 20),
- BPF_JUMP(BPF_JMP + BPF_JSET + BPF_K, 0x1fff, 4, 0),
+ SUBST_BPF_STMT(insns[4], BPF_LD + BPF_H + BPF_ABS, hdrlen + 6);
+ SUBST_BPF_JUMP(insns[5], BPF_JMP + BPF_JSET + BPF_K, 0x1fff, 4, 0);
/* Get the IP header length... */
- BPF_STMT(BPF_LDX + BPF_B + BPF_MSH, 14),
+ SUBST_BPF_STMT(insns[6], BPF_LDX + BPF_B + BPF_MSH, hdrlen);
/* Make sure it's to the right port... */
- BPF_STMT(BPF_LD + BPF_H + BPF_IND, 16),
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, SERVER_PORT, 0, 1),
+ SUBST_BPF_STMT(insns[7], BPF_LD + BPF_H + BPF_IND, hdrlen + 2);
+ SUBST_BPF_JUMP(insns[8], BPF_JMP + BPF_JEQ + BPF_K, SERVER_PORT, 0, 1);
/* If we passed all the tests, ask for the whole packet. */
- BPF_STMT(BPF_RET+BPF_K, (u_int)-1),
+ SUBST_BPF_STMT(insns[9], BPF_RET+BPF_K, (u_int)-1);
/* Otherwise, drop it. */
- BPF_STMT(BPF_RET+BPF_K, 0),
-};
-
-int dhcp_bpf_filter_len = sizeof(dhcp_bpf_filter) / sizeof(struct bpf_insn);
+ SUBST_BPF_STMT(insns[10], BPF_RET+BPF_K, 0);
+ p->bf_insns = insns;
+ p->bf_len = 11;
+}
/*
* Packet write filter program:
* 'ip and udp and src port bootps and dst port (bootps or bootpc)'
*/
-struct bpf_insn dhcp_bpf_wfilter[] = {
+void
+dhcp_bpf_wfilter(struct bpf_program *p, int dlt)
+{
+ int hdrlen;
+ static struct bpf_insn insns[14];
+
/* Make sure this is an IP packet... */
- BPF_STMT(BPF_LD + BPF_H + BPF_ABS, 12),
- BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, ETHERTYPE_IP, 0, 11),
+ if (dlt == DLT_LOOP) {
+ SUBST_BPF_STMT(insns[0], BPF_LD + BPF_W + BPF_ABS, 0);
+ SUBST_BPF_JUMP(insns[1], BPF_JMP + BPF_JEQ + BPF_K, AF_INET, 0,
11);
+ hdrlen = 4;
+ } else {
+ /* Make sure this is an IP packet... */
+ SUBST_BPF_STMT(insns[0], BPF_LD + BPF_H + BPF_
Re: diff: Option to use duids in /etc/dumpdates
On 07/08/14 19:36, Maximilian Fillinger wrote:
Hi!
This diff adds a "-U" flag to dump that allows using disklabel
UIDs in /etc/dumpdates. That makes incremental dumps possible when a
disk is roaming between device files.
I like the idea. I would have liked to read an explanation for the
selected solution though, or a brief description of it.
I'd be happy to receive comments.
Some below.
Also, sorry for the noise in misc, and thanks to everyone pointing me
in the right direction.
Best regards,
Max
--- sbin/dump/dump.h2014/06/24 21:35:13 1.1
+++ sbin/dump/dump.h2014/06/24 21:38:47 1.2
@@ -56,9 +56,11 @@
char *tape; /* name of the tape file */
char *dumpdates; /* name of the file containing dump date information*/
char *temp; /* name of the file for doing rewrite of dumpdates */
+char *duid; /* duid of the disk being dumped */
char lastlevel; /* dump level of previous dump */
char level; /* dump level of this dump */
int uflag; /* update flag */
+intduidflag; /* use duids in dumpdates flag */
int diskfd; /* disk file descriptor */
int tapefd; /* tape file descriptor */
int pipeout;/* true => output to standard output */
--- sbin/dump/main.c2014/06/24 21:35:37 1.1
+++ sbin/dump/main.c2014/06/24 21:38:23 1.2
@@ -112,7 +112,7 @@
usage();
obsolete(&argc, &argv);
- while ((ch = getopt(argc, argv, "0123456789aB:b:cd:f:h:ns:ST:uWw")) !=
-1)
+ while ((ch = getopt(argc, argv, "0123456789aB:b:cd:f:h:ns:ST:UuWw")) !=
-1)
switch (ch) {
/* dump level */
case '0': case '1': case '2': case '3': case '4':
@@ -180,6 +180,9 @@
lastlevel = '?';
break;
+ case 'U':
+ duidflag = 1; /* use duids */
+ break;
I think -U should imply -u, since there is no use for it without it.
case 'u': /* update /etc/dumpdates */
uflag = 1;
break;
@@ -370,6 +373,21 @@
(void)gethostname(spcl.c_host, sizeof(spcl.c_host));
spcl.c_level = level - '0';
spcl.c_type = TS_TAPE;
+
+ if ((diskfd = open(disk, O_RDONLY)) < 0) {
+ msg("Cannot open %s\n", disk);
+ exit(X_STARTUP);
+ }
+ if (ioctl(diskfd, DIOCGDINFO, (char *)&lab) < 0)
+ err(1, "ioctl (DIOCGDINFO)");
+ if (duidflag && asprintf(&duid,
+ "%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx%02hhx.%c",
+ lab.d_uid[0], lab.d_uid[1], lab.d_uid[2], lab.d_uid[3],
+ lab.d_uid[4], lab.d_uid[5], lab.d_uid[6], lab.d_uid[7],
+ disk[strlen(disk)-1]) == -1) {
I think adding a check to make sure there is a nonzero duid, as in
u_int64_t zero_uid = 0;
if (duidflag && memcmp(nlp->d_uid, &zero_uid,
sizeof(nlp->d_uid)) == 0) {
msg("Cannot find DUID of disk %s\n", disk)
exit(X_STARTUP)
}
or somesuch, is reasonable.
/Alexander
+ msg("Cannot malloc duid\n");
+ exit(X_STARTUP);
+ }
if (!Tflag)
getdumptime(); /* /etc/dumpdates snarfed */
@@ -387,10 +405,6 @@
else
msgtail("to %s\n", tape);
- if ((diskfd = open(disk, O_RDONLY)) < 0) {
- msg("Cannot open %s\n", disk);
- exit(X_STARTUP);
- }
if (ioctl(diskfd, DIOCGPDINFO, (char *)&lab) < 0)
err(1, "ioctl (DIOCGPDINFO)");
sync();
--- sbin/dump/itime.c 2014/06/24 21:35:30 1.1
+++ sbin/dump/itime.c 2014/06/24 21:38:33 1.2
@@ -124,7 +124,7 @@
int i;
char *fname;
- fname = disk;
+ fname = duidflag ? duid : disk;
#ifdef FDEBUG
msg("Looking for name %s in dumpdates = %s for level = %c\n",
fname, dumpdates, level);
@@ -164,7 +164,7 @@
quit("cannot rewrite %s: %s\n", dumpdates, strerror(errno));
fd = fileno(df);
(void) flock(fd, LOCK_EX);
- fname = disk;
+ fname = duidflag ? duid : disk;
free((char *)ddatev);
ddatev = 0;
nddates = 0;
--- include/protocols/dumprestore.h 2014/06/24 22:23:05 1.1
+++ include/protocols/dumprestore.h 2014/06/24 22:52:53 1.3
@@ -152,8 +152,8 @@
#define DR_NEWHEADER 0x0001 /* new format tape header */
#define DR_NEWINODEFMT0x0002 /* new format inodes on tape */
-#defineDUMPOUTFMT "%-16s %c %s" /* for printf */
+#defineDUMPOUTFMT "%-18s %c %s" /* for printf */
/* name, level, ctime(date) */
-#defineDUMPINFMT "%16s %c %[^\n]\n"/* inverse for scanf */
+#defineDUMPINFMT "%18s %c %[^
kill unused shutdown hook pointers
ok?
Index: dev/ata/wdvar.h
===
RCS file: /cvs/src/sys/dev/ata/wdvar.h,v
retrieving revision 1.20
diff -u -p -r1.20 wdvar.h
--- dev/ata/wdvar.h 11 Jun 2013 16:42:14 - 1.20
+++ dev/ata/wdvar.h 9 Jul 2014 10:52:35 -
@@ -87,7 +87,6 @@ struct wd_softc {
int sectors;
int retries; /* number of xfer retry */
struct timeout sc_restart_timeout;
- void *sc_sdhook;
};
/* drive states stored in ata_drive_datas */
Index: dev/ic/aic79xx.h
===
RCS file: /cvs/src/sys/dev/ic/aic79xx.h,v
retrieving revision 1.22
diff -u -p -r1.22 aic79xx.h
--- dev/ic/aic79xx.h24 Feb 2012 06:19:00 - 1.22
+++ dev/ic/aic79xx.h9 Jul 2014 10:52:35 -
@@ -1105,7 +1105,6 @@ struct ahd_softc {
#ifndef __linux__
bus_dma_tag_t buffer_dmat; /* dmat for buffer I/O */
#endif
- void*shutdown_hook;
struct scb_data scb_data;
struct hardware_scb *next_queued_hscb;
Index: dev/ic/aic7xxxvar.h
===
RCS file: /cvs/src/sys/dev/ic/aic7xxxvar.h,v
retrieving revision 1.25
diff -u -p -r1.25 aic7xxxvar.h
--- dev/ic/aic7xxxvar.h 24 Feb 2012 06:19:00 - 1.25
+++ dev/ic/aic7xxxvar.h 9 Jul 2014 10:52:35 -
@@ -1142,8 +1142,6 @@ struct ahc_softc {
uint16_t user_tagenable;/* Tagged Queuing allowed */
struct ahc_pci_busdata*bd;
-
- void *shutdown_hook;
};
TAILQ_HEAD(ahc_softc_tailq, ahc_softc);
Index: arch/octeon/dev/if_cnmacvar.h
===
RCS file: /cvs/src/sys/arch/octeon/dev/if_cnmacvar.h,v
retrieving revision 1.3
diff -u -p -r1.3 if_cnmacvar.h
--- arch/octeon/dev/if_cnmacvar.h 16 Sep 2013 20:52:14 - 1.3
+++ arch/octeon/dev/if_cnmacvar.h 9 Jul 2014 10:52:35 -
@@ -72,8 +72,6 @@ struct octeon_eth_softc {
struct arpcom sc_arpcom;
struct mii_data sc_mii;
- void*sc_sdhook;
-
struct timeout sc_tick_misc_ch;
struct timeout sc_tick_free_ch;
struct timeout sc_resume_ch;
Re: divert(4) without mbuf tags
* Reyk Floeter [2014-07-09 11:21]: > Nice one. indeed. > Does anyone have an idea why the mbuf tag was added in the first > place? Maybe henning's PF shuffling removed the need for it. while not impossible, I doubt it. looks like a copy & paste issue. ok -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: divert(4) without mbuf tags
On Tue, Jul 08, 2014 at 11:39:12PM -0400, Lawrence Teo wrote:
> The current divert(4) implementation allocates an mbuf tag in pf_test()
> to store the divert port specified by a divert-packet PF rule.
>
> The divert_packet() function then looks up that mbuf tag to retrieve the
> divert port number before sending the packet to userspace.
>
> As far as I can tell, this approach of using an mbuf tag was borrowed
> from divert-to's implementation. However, in the case of divert(4) I
> think it's overkill because once the packet has reached userspace,
> its mbuf and mbuf tag are no longer needed.
>
> I would like to simplify divert(4)'s implementation by passing the
> divert port to divert_packet() directly as an argument, which avoids the
> allocation of an mbuf tag completely.
>
> ok?
>
Nice one.
Does anyone have an idea why the mbuf tag was added in the first
place? Maybe henning's PF shuffling removed the need for it.
ok reyk@
>
> Index: net/pf.c
> ===
> RCS file: /cvs/src/sys/net/pf.c,v
> retrieving revision 1.878
> diff -u -p -u -p -r1.878 pf.c
> --- net/pf.c 20 May 2014 11:03:13 - 1.878
> +++ net/pf.c 14 Jun 2014 18:12:06 -
> @@ -6617,14 +6617,8 @@ done:
> }
> }
>
> - if (action == PF_PASS && r->divert_packet.port) {
> - struct pf_divert *divert;
> -
> - if ((divert = pf_get_divert(pd.m)))
> - divert->port = r->divert_packet.port;
> -
> + if (action == PF_PASS && r->divert_packet.port)
> action = PF_DIVERT;
> - }
>
> if (pd.pflog) {
> struct pf_rule_item *ri;
> @@ -6651,12 +6645,12 @@ done:
> case PF_DIVERT:
> switch (pd.af) {
> case AF_INET:
> - if (divert_packet(pd.m, pd.dir) == 0)
> + if (!divert_packet(pd.m, pd.dir, r->divert_packet.port))
> *m0 = NULL;
> break;
> #ifdef INET6
> case AF_INET6:
> - if (divert6_packet(pd.m, pd.dir) == 0)
> + if (!divert6_packet(pd.m, pd.dir,
> r->divert_packet.port))
> *m0 = NULL;
> break;
> #endif /* INET6 */
> Index: netinet/ip_divert.c
> ===
> RCS file: /cvs/src/sys/netinet/ip_divert.c,v
> retrieving revision 1.22
> diff -u -p -u -p -r1.22 ip_divert.c
> --- netinet/ip_divert.c 23 Apr 2014 14:43:14 - 1.22
> +++ netinet/ip_divert.c 14 Jun 2014 17:45:12 -
> @@ -189,12 +189,11 @@ fail:
> }
>
> int
> -divert_packet(struct mbuf *m, int dir)
> +divert_packet(struct mbuf *m, int dir, u_int16_t divert_port)
> {
> struct inpcb *inp;
> struct socket *sa = NULL;
> struct sockaddr_in addr;
> - struct pf_divert *divert;
>
> inp = NULL;
> divstat.divs_ipackets++;
> @@ -205,15 +204,8 @@ divert_packet(struct mbuf *m, int dir)
> return (0);
> }
>
> - divert = pf_find_divert(m);
> - if (divert == NULL) {
> - divstat.divs_errors++;
> - m_freem(m);
> - return (0);
> - }
> -
> TAILQ_FOREACH(inp, &divbtable.inpt_queue, inp_queue) {
> - if (inp->inp_lport != divert->port)
> + if (inp->inp_lport != divert_port)
> continue;
> if (inp->inp_divertfl == 0)
> break;
> Index: netinet/ip_divert.h
> ===
> RCS file: /cvs/src/sys/netinet/ip_divert.h,v
> retrieving revision 1.5
> diff -u -p -u -p -r1.5 ip_divert.h
> --- netinet/ip_divert.h 23 Apr 2014 14:43:14 - 1.5
> +++ netinet/ip_divert.h 14 Jun 2014 17:52:05 -
> @@ -55,7 +55,7 @@ extern struct divstat divstat;
>
> void divert_init(void);
> void divert_input(struct mbuf *, ...);
> -int divert_packet(struct mbuf *, int);
> +int divert_packet(struct mbuf *, int, u_int16_t);
> int divert_sysctl(int *, u_int, void *, size_t *, void *, size_t);
> int divert_usrreq(struct socket *,
> int, struct mbuf *, struct mbuf *, struct mbuf *, struct proc *);
> Index: netinet6/ip6_divert.c
> ===
> RCS file: /cvs/src/sys/netinet6/ip6_divert.c,v
> retrieving revision 1.23
> diff -u -p -u -p -r1.23 ip6_divert.c
> --- netinet6/ip6_divert.c 28 Apr 2014 15:43:04 - 1.23
> +++ netinet6/ip6_divert.c 14 Jun 2014 18:13:03 -
> @@ -188,12 +188,11 @@ fail:
> }
>
> int
> -divert6_packet(struct mbuf *m, int dir)
> +divert6_packet(struct mbuf *m, int dir, u_int16_t divert_port)
> {
> struct inpcb *inp;
> struct socket *sa = NULL;
> struct sockaddr_in6 addr;
> - struct pf_divert *divert;
>
> inp = NULL;
> div6stat
uninitialized memory smtpd table_api.c
Hello tech@,
I send this patch in to m...@opensmtpd.org a couple of days ago, but
since there is a hackathon ongoing I thought I might send it here as
well.
When running against the sqlite backend I noticed that multiple chained
aliases/virtual users I would receive an invalid user. This turned out
to be because the lookup always would return the original user along
with extra users that were retrieved from the database.
I found that table_msg_dispatch didn't initialize res, so every request
would (by chance?) still have the residual previous request, which got
the new result appended by table_sqlite_lookup.
The patch below initializes this memory and fixes the bug for me.
Index: table_api.c
===
RCS file: /cvs/src/usr.sbin/smtpd/table_api.c,v
retrieving revision 1.4
diff -u -p -u -r1.4 table_api.c
--- table_api.c 4 Feb 2014 13:55:34 - 1.4
+++ table_api.c 9 Jul 2014 08:36:17 -
@@ -108,6 +108,7 @@ table_msg_dispatch(void)
char res[4096];
int type, r;
+ bzero(res, sizeof(res));
switch (imsg.hdr.type) {
case PROC_TABLE_OPEN:
table_msg_get(&op, sizeof op);
Sincerely,
Martijn van Duren
Re: divert(4) without mbuf tags
On Tue, Jul 08, 2014 at 11:39:12PM -0400, Lawrence Teo wrote: > #ifdef INET6 > case AF_INET6: > - if (divert6_packet(pd.m, pd.dir) == 0) > + if (!divert6_packet(pd.m, pd.dir, > r->divert_packet.port)) > *m0 = NULL; > break; This line is longer that 80 characters. OK bluhm@
