Re: trunk vs busy ports
On 20/11/15(Fri) 15:36, David Gwynne wrote: > IFF_OACTIVE means the hardware ring is full, not if it is busy. As discussed earlier, I'd still love to have a document (manpage?) describing these flags so we can agree on when to use them. > perhaps a better check is to see whether there are pending packets > on the send queue? What's the underlying problem here, checking for if_flags in ioctl() path? > i could also argue we dont need the check at all, but this is less > of a semantic change. I'm also wondering why do we need this check at all.
Re: Memory corruptions in bc(1)
On Thu, Nov 19, 2015 at 05:52:39PM -0500, Michael McConville wrote: > I'm already cache-thrashing with all of my side projects, so if anyone's > interested I'll leave this to them. > > A few days ago, I wanted to try American Fuzzy Lop (afl), and bc(1) > seemed like a good first target: it pretty much just goes from stdin to > stdout, so there's no code reorganization needed. > > For those not familiar, bc compiles its input to dc(1)'s syntax and > forks to dc. > > There are many unique crash paths - 1041 before I killed afl. Most > center around emit(), which emits a dc instr. Many pass NULL to fputs() > in emit(). I found at least one (crashes/id:001041*) that > nondeterministically passes the str pointer 0xdfdfdfdfdfdfdfdf to > fputs(), which is probably uninitialized or already-freed memory. > Backtrace below. > > malloc.conf(5) may be useful. > > Here's the full afl directory: > > http://www.sccs.swarthmore.edu/users/16/mmcconv1/bc-afl/ > > > Core was generated by `bc'. > Program terminated with signal SIGBUS, Bus error. > #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:152 > 152 movq(%rax),%rdx /* first data in high bytes */ > (gdb) bt > #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:152 > #1 0x19f79fa7c43d in *_libc_fputs (s=0xdfdfdfdfdfdfdfdf access memory at address 0xdfdfdfdfdfdfdfdf>, fp=0x1) at > /usr/src/lib/libc/stdio/fputs.c:50 > #2 0x19f4ecb0f401 in emit (i=28548786530304) at > /usr/src/usr.bin/bc/bc.y:810 > #3 yyparse () at /usr/src/usr.bin/bc/bc.y:178 > #4 0x19f4ecb13f3e in main (argc=1, argv=0x7f7fa570) at > /usr/src/usr.bin/bc/bc.y:1188 This fixes at least one case (id-000141*) and make the printing of non-ascci chars better -Otto Index: bc.y === RCS file: /cvs/src/usr.bin/bc/bc.y,v retrieving revision 1.48 diff -u -p -r1.48 bc.y --- bc.y10 Oct 2015 19:28:54 - 1.48 +++ bc.y20 Nov 2015 10:46:29 - @@ -808,7 +808,7 @@ emit(ssize_t i) if (instructions[i].index >= 0) while (instructions[i].index != END_NODE) emit(instructions[i++].index); - else + else if (instructions[i].index != END_NODE) fputs(instructions[i].u.cstr, stdout); } @@ -951,7 +951,7 @@ yyerror(char *s) !isprint((unsigned char)yytext[0])) n = asprintf(&str, "%s: %s:%d: %s: ascii char 0x%02x unexpected", - __progname, filename, lineno, s, yytext[0]); + __progname, filename, lineno, s, yytext[0] & 0xff); else n = asprintf(&str, "%s: %s:%d: %s: %s unexpected", __progname, filename, lineno, s, yytext);
sppp(4) PP_NOFRAMING
Currently pppoe(4) is the only user of sppp(4) and it uses PP_NOFRAMING.
Do we expect sppp(4) to be used for anything other than pppoe(4) in the
future? If not, we can simplify things by removing the code to support
framing.
Diff also removes some useless ifdefs while there.
Index: if_pppoe.c
===
RCS file: /cvs/src/sys/net/if_pppoe.c,v
retrieving revision 1.49
diff -u -p -r1.49 if_pppoe.c
--- if_pppoe.c 25 Oct 2015 11:58:11 - 1.49
+++ if_pppoe.c 20 Nov 2015 11:32:07 -
@@ -223,8 +223,7 @@ pppoe_clone_create(struct if_clone *ifc,
sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX | IFF_POINTOPOINT |
IFF_MULTICAST;
sc->sc_sppp.pp_if.if_type = IFT_PPP;
sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) +
PPPOE_HEADERLEN;
- sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */
- PP_NOFRAMING; /* no serial
encapsulation */
+ sc->sc_sppp.pp_flags |= PP_KEEPALIVE; /* use LCP keepalive */
sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN;/* framing added to ppp
packets */
sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl;
sc->sc_sppp.pp_if.if_start = pppoe_start;
Index: if_spppsubr.c
===
RCS file: /cvs/src/sys/net/if_spppsubr.c,v
retrieving revision 1.146
diff -u -p -r1.146 if_spppsubr.c
--- if_spppsubr.c 11 Nov 2015 01:49:17 - 1.146
+++ if_spppsubr.c 20 Nov 2015 11:32:08 -
@@ -162,6 +162,8 @@
#define STATE_ACK_SENT 8
#define STATE_OPENED 9
+#define PKTHDRLEN 2
+
struct ppp_header {
u_char address;
u_char control;
@@ -445,16 +447,10 @@ sppp_input(struct ifnet *ifp, struct mbu
/* mark incoming routing domain */
m->m_pkthdr.ph_rtableid = ifp->if_rdomain;
- if (sp->pp_flags & PP_NOFRAMING) {
- m_copydata(m, 0, sizeof(ht.protocol), (caddr_t)&ht.protocol);
- m_adj(m, 2);
- ht.control = PPP_UI;
- ht.address = PPP_ALLSTATIONS;
- } else {
- /* Get PPP header. */
- m_copydata(m, 0, sizeof(ht), (caddr_t)&ht);
- m_adj (m, PPP_HEADER_LEN);
- }
+ m_copydata(m, 0, sizeof(ht.protocol), (caddr_t)&ht.protocol);
+ m_adj(m, 2);
+ ht.control = PPP_UI;
+ ht.address = PPP_ALLSTATIONS;
/* preserve the alignment */
if (m->m_len < m->m_pkthdr.len) {
@@ -557,7 +553,6 @@ sppp_output(struct ifnet *ifp, struct mb
struct sockaddr *dst, struct rtentry *rt)
{
struct sppp *sp = (struct sppp*) ifp;
- struct ppp_header *h;
struct timeval tv;
int s, rv = 0;
u_int16_t protocol;
@@ -620,29 +615,6 @@ sppp_output(struct ifnet *ifp, struct mb
}
}
- if (sp->pp_flags & PP_NOFRAMING)
- goto skip_header;
- /*
-* Prepend general data packet PPP header. For now, IP only.
-*/
- M_PREPEND (m, PPP_HEADER_LEN, M_DONTWAIT);
- if (!m) {
- if (ifp->if_flags & IFF_DEBUG)
- log(LOG_DEBUG, SPP_FMT "no memory for transmit
header\n",
- SPP_ARGS(ifp));
- ++ifp->if_oerrors;
- splx (s);
- return (ENOBUFS);
- }
- /*
-* May want to check size of packet
-* (albeit due to the implementation it's always enough)
-*/
- h = mtod (m, struct ppp_header*);
- h->address = PPP_ALLSTATIONS;/* broadcast address */
- h->control = PPP_UI; /* Unnumbered Info */
-
- skip_header:
switch (dst->sa_family) {
case AF_INET: /* Internet Protocol */
/*
@@ -681,20 +653,17 @@ sppp_output(struct ifnet *ifp, struct mb
return (EAFNOSUPPORT);
}
- if (sp->pp_flags & PP_NOFRAMING) {
- M_PREPEND(m, 2, M_DONTWAIT);
- if (m == NULL) {
- if (ifp->if_flags & IFF_DEBUG)
- log(LOG_DEBUG, SPP_FMT
- "no memory for transmit header\n",
- SPP_ARGS(ifp));
- ++ifp->if_oerrors;
- splx(s);
- return (ENOBUFS);
- }
- *mtod(m, u_int16_t *) = protocol;
- } else
- h->protocol = protocol;
+ M_PREPEND(m, 2, M_DONTWAIT);
+ if (m == NULL) {
+ if (ifp->if_flags & IFF_DEBUG)
+ log(LOG_DEBUG, SPP_FMT
+ "no memory for transmit header\n",
+ SPP_ARGS(ifp));
+ ++ifp->if_oerrors;
+ splx(s);
+ return (ENOBUFS);
+ }
+ *mtod(m, u_int16_t *) = protocol;
/*
* Q
Re: sppp(4) PP_NOFRAMING
On 2015/11/20 11:36, Stuart Henderson wrote:
> Currently pppoe(4) is the only user of sppp(4) and it uses PP_NOFRAMING.
> Do we expect sppp(4) to be used for anything other than pppoe(4) in the
> future? If not, we can simplify things by removing the code to support
> framing.
>
> Diff also removes some useless ifdefs while there.
Oh some other bits spidered their way in - these chunks shouldn't be there.
> @@ -997,14 +932,15 @@ sppp_cp_send(struct sppp *sp, u_short pr
> sppp_print_bytes ((u_char*) (lh+1), len);
> addlog(">\n");
> }
> +
> + len = m->m_pkthdr.len + sp->pp_framebytes;
> if (mq_enqueue(&sp->pp_cpq, m) != 0) {
> - ++ifp->if_oerrors;
> - m = NULL;
> + ifp->if_oerrors++;
> + return;
> }
> - if (!(ifp->if_flags & IFF_OACTIVE))
> - (*ifp->if_start) (ifp);
> - if (m != NULL)
> - ifp->if_obytes += m->m_pkthdr.len + sp->pp_framebytes;
> +
> + ifp->if_obytes += len;
> + if_start(ifp);
> }
> @@ -4101,14 +4025,15 @@ sppp_auth_send(const struct cp *cp, stru
> sppp_print_bytes((u_char*) (lh+1), len);
> addlog(">\n");
> }
> +
> + len = m->m_pkthdr.len + sp->pp_framebytes;
> if (mq_enqueue(&sp->pp_cpq, m) != 0) {
> - ++ifp->if_oerrors;
> - m = NULL;
> + ifp->if_oerrors++;
> + return;
> }
> - if (! (ifp->if_flags & IFF_OACTIVE))
> - (*ifp->if_start) (ifp);
> - if (m != NULL)
> - ifp->if_obytes += m->m_pkthdr.len + sp->pp_framebytes;
> +
> + ifp->if_obytes += len;
> + if_start(ifp);
> }
I'll send another diff after dlg's bits go in unless someone wants me
to clean it beforehand :)
Re: sppp(4) PP_NOFRAMING
> On 20 Nov 2015, at 9:36 PM, Stuart Henderson wrote:
>
> Currently pppoe(4) is the only user of sppp(4) and it uses PP_NOFRAMING.
> Do we expect sppp(4) to be used for anything other than pppoe(4) in the
> future? If not, we can simplify things by removing the code to support
> framing.
>
> Diff also removes some useless ifdefs while there.
sppp will go away before it gets used for something else. im fine with you
trimming it down.
dlg
>
>
> Index: if_pppoe.c
> ===
> RCS file: /cvs/src/sys/net/if_pppoe.c,v
> retrieving revision 1.49
> diff -u -p -r1.49 if_pppoe.c
> --- if_pppoe.c25 Oct 2015 11:58:11 - 1.49
> +++ if_pppoe.c20 Nov 2015 11:32:07 -
> @@ -223,8 +223,7 @@ pppoe_clone_create(struct if_clone *ifc,
> sc->sc_sppp.pp_if.if_flags = IFF_SIMPLEX | IFF_POINTOPOINT |
> IFF_MULTICAST;
> sc->sc_sppp.pp_if.if_type = IFT_PPP;
> sc->sc_sppp.pp_if.if_hdrlen = sizeof(struct ether_header) +
> PPPOE_HEADERLEN;
> - sc->sc_sppp.pp_flags |= PP_KEEPALIVE | /* use LCP keepalive */
> - PP_NOFRAMING; /* no serial
> encapsulation */
> + sc->sc_sppp.pp_flags |= PP_KEEPALIVE; /* use LCP keepalive */
> sc->sc_sppp.pp_framebytes = PPPOE_HEADERLEN;/* framing added to ppp
> packets */
> sc->sc_sppp.pp_if.if_ioctl = pppoe_ioctl;
> sc->sc_sppp.pp_if.if_start = pppoe_start;
> Index: if_spppsubr.c
> ===
> RCS file: /cvs/src/sys/net/if_spppsubr.c,v
> retrieving revision 1.146
> diff -u -p -r1.146 if_spppsubr.c
> --- if_spppsubr.c 11 Nov 2015 01:49:17 - 1.146
> +++ if_spppsubr.c 20 Nov 2015 11:32:08 -
> @@ -162,6 +162,8 @@
> #define STATE_ACK_SENT8
> #define STATE_OPENED 9
>
> +#define PKTHDRLEN2
> +
> struct ppp_header {
> u_char address;
> u_char control;
> @@ -445,16 +447,10 @@ sppp_input(struct ifnet *ifp, struct mbu
> /* mark incoming routing domain */
> m->m_pkthdr.ph_rtableid = ifp->if_rdomain;
>
> - if (sp->pp_flags & PP_NOFRAMING) {
> - m_copydata(m, 0, sizeof(ht.protocol), (caddr_t)&ht.protocol);
> - m_adj(m, 2);
> - ht.control = PPP_UI;
> - ht.address = PPP_ALLSTATIONS;
> - } else {
> - /* Get PPP header. */
> - m_copydata(m, 0, sizeof(ht), (caddr_t)&ht);
> - m_adj (m, PPP_HEADER_LEN);
> - }
> + m_copydata(m, 0, sizeof(ht.protocol), (caddr_t)&ht.protocol);
> + m_adj(m, 2);
> + ht.control = PPP_UI;
> + ht.address = PPP_ALLSTATIONS;
>
> /* preserve the alignment */
> if (m->m_len < m->m_pkthdr.len) {
> @@ -557,7 +553,6 @@ sppp_output(struct ifnet *ifp, struct mb
> struct sockaddr *dst, struct rtentry *rt)
> {
> struct sppp *sp = (struct sppp*) ifp;
> - struct ppp_header *h;
> struct timeval tv;
> int s, rv = 0;
> u_int16_t protocol;
> @@ -620,29 +615,6 @@ sppp_output(struct ifnet *ifp, struct mb
> }
> }
>
> - if (sp->pp_flags & PP_NOFRAMING)
> - goto skip_header;
> - /*
> - * Prepend general data packet PPP header. For now, IP only.
> - */
> - M_PREPEND (m, PPP_HEADER_LEN, M_DONTWAIT);
> - if (!m) {
> - if (ifp->if_flags & IFF_DEBUG)
> - log(LOG_DEBUG, SPP_FMT "no memory for transmit
> header\n",
> - SPP_ARGS(ifp));
> - ++ifp->if_oerrors;
> - splx (s);
> - return (ENOBUFS);
> - }
> - /*
> - * May want to check size of packet
> - * (albeit due to the implementation it's always enough)
> - */
> - h = mtod (m, struct ppp_header*);
> - h->address = PPP_ALLSTATIONS;/* broadcast address */
> - h->control = PPP_UI; /* Unnumbered Info */
> -
> - skip_header:
> switch (dst->sa_family) {
> case AF_INET: /* Internet Protocol */
> /*
> @@ -681,20 +653,17 @@ sppp_output(struct ifnet *ifp, struct mb
> return (EAFNOSUPPORT);
> }
>
> - if (sp->pp_flags & PP_NOFRAMING) {
> - M_PREPEND(m, 2, M_DONTWAIT);
> - if (m == NULL) {
> - if (ifp->if_flags & IFF_DEBUG)
> - log(LOG_DEBUG, SPP_FMT
> - "no memory for transmit header\n",
> - SPP_ARGS(ifp));
> - ++ifp->if_oerrors;
> - splx(s);
> - return (ENOBUFS);
> - }
> - *mtod(m, u_int16_t *) = protocol;
> - } else
> - h->protocol = protocol;
> + M_PREPEND(m, 2, M_DONTWAIT);
> + if (m == NULL) {
> + if (ifp->if_flags & IFF_DEBUG)
> + log(LOG_DEBUG, SPP_FMT
> +
Re: trunk vs busy ports
> On 20 Nov 2015, at 8:18 PM, Martin Pieuchot wrote: > > On 20/11/15(Fri) 15:36, David Gwynne wrote: >> IFF_OACTIVE means the hardware ring is full, not if it is busy. > > As discussed earlier, I'd still love to have a document (manpage?) > describing these flags so we can agree on when to use them. > >> perhaps a better check is to see whether there are pending packets >> on the send queue? > > What's the underlying problem here, checking for if_flags in ioctl() > path? one problem is the check doesn't mean what it is intended to mean, the other is i want to get rid of IFF_OACTIVE. > >> i could also argue we dont need the check at all, but this is less >> of a semantic change. > > I'm also wondering why do we need this check at all. i dont see why it matters if we wait for pending packets to send before joining it to a trunk, or just join it to a trunk and let the pending packets leave. there's no consequence to having a slightly wrong temporal ordering.
Re: trunk vs busy ports
On 20.11.2015. 6:36, David Gwynne wrote: > IFF_OACTIVE means the hardware ring is full, not if it is busy. > > perhaps a better check is to see whether there are pending packets > on the send queue? > > i could also argue we dont need the check at all, but this is less > of a semantic change. don't know if this is relevant other than mentioning IFF_OACTIVE :) https://www.dragonflybsd.org/mailarchive/users/2013-01/msg0.html
Re: trunk vs busy ports
On 20.11.2015. 13:26, Hrvoje Popovski wrote: > On 20.11.2015. 6:36, David Gwynne wrote: >> IFF_OACTIVE means the hardware ring is full, not if it is busy. >> >> perhaps a better check is to see whether there are pending packets >> on the send queue? >> >> i could also argue we dont need the check at all, but this is less >> of a semantic change. > > > don't know if this is relevant other than mentioning IFF_OACTIVE :) > > https://www.dragonflybsd.org/mailarchive/users/2013-01/msg0.html > by relevant i meant interesting :)
Use symbolic name instead of hardcoded value on telnet(1)
Use symbolic name instead of hardcoded value on telnet(1):
Index: commands.c
===
RCS file: /cvs/src/usr.bin/telnet/commands.c,v
retrieving revision 1.79
diff -u -p -u -r1.79 commands.c
--- commands.c 13 Nov 2015 17:04:48 - 1.79
+++ commands.c 20 Nov 2015 12:30:50 -
@@ -1192,7 +1192,7 @@ static void
close_connection(void)
{
if (connected) {
- (void) shutdown(net, 2);
+ (void) shutdown(net, SHUT_RDWR);
printf("Connection closed.\r\n");
(void)close(net);
connected = 0;
Re: Use symbolic name instead of hardcoded value on telnet(1)
Ricardo Mestre writes:
> Use symbolic name instead of hardcoded value on telnet(1):
Committed, thanks.
> Index: commands.c
> ===
> RCS file: /cvs/src/usr.bin/telnet/commands.c,v
> retrieving revision 1.79
> diff -u -p -u -r1.79 commands.c
> --- commands.c13 Nov 2015 17:04:48 - 1.79
> +++ commands.c20 Nov 2015 12:30:50 -
> @@ -1192,7 +1192,7 @@ static void
> close_connection(void)
> {
> if (connected) {
> - (void) shutdown(net, 2);
> + (void) shutdown(net, SHUT_RDWR);
> printf("Connection closed.\r\n");
> (void)close(net);
> connected = 0;
>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: does openssl get to use dns?
"Todd T. Fries" writes:
> To demonstrate:
>
> openssl s_client -connect www.google.com:443
Heh.
> A fix, probably not the full or correct one:
ok jca@
do_accept(), in s_socket.c calls gethostbyaddr, then gethostbyname if
the former fails...
> Index: openssl.c
> ===
> RCS file: /cvs/src/usr.bin/openssl/openssl.c,v
> retrieving revision 1.19
> diff -u -p -u -r1.19 openssl.c
> --- openssl.c 17 Oct 2015 07:51:10 - 1.19
> +++ openssl.c 20 Nov 2015 06:06:47 -
> @@ -438,7 +438,7 @@ main(int argc, char **argv)
> arg.data = NULL;
> arg.count = 0;
>
> - if (pledge("stdio inet rpath wpath cpath proc flock tty", NULL) == -1) {
> + if (pledge("stdio inet rpath wpath cpath proc flock tty dns", NULL) ==
> -1) {
> fprintf(stderr, "openssl: pledge: %s\n", strerror(errno));
> exit(1);
> }
> Index: s_client.c
> ===
> RCS file: /cvs/src/usr.bin/openssl/s_client.c,v
> retrieving revision 1.23
> diff -u -p -u -r1.23 s_client.c
> --- s_client.c17 Oct 2015 15:00:11 - 1.23
> +++ s_client.c20 Nov 2015 06:06:47 -
> @@ -365,7 +365,7 @@ s_client_main(int argc, char **argv)
> long socket_mtu = 0;
>
> if (single_execution) {
> - if (pledge("stdio inet rpath wpath cpath tty", NULL) == -1) {
> + if (pledge("stdio inet rpath wpath cpath tty dns", NULL) == -1)
> {
> perror("pledge");
> exit(1);
> }
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: trunk vs busy ports
On Fri, Nov 20, 2015 at 03:36:40PM +1000, David Gwynne wrote: > IFF_OACTIVE means the hardware ring is full, not if it is busy. > > perhaps a better check is to see whether there are pending packets > on the send queue? > > i could also argue we dont need the check at all, but this is less > of a semantic change. > > ok? > OK I added this check in the initial commit of trunk(4) more than 10 years ago. I don't remember a particular reason - there wasn't even a production use yet. I initially wrote trunk to use it for failover on some firewalls, but it was not going into production before it was committed to OpenBSD. So the reason for the flag might just be a historical one: back in the days, I heard that 10 years is a long time in IT, there was not much reference about implementing such a "cloner" correctly. I must have looked at vlan(4) or bridge(4) and decided that it was the way to do. I mean, before mpi@, working in the network stack was tough and very different: you didn't ask, never refered to any documentation, just relied on the traditions and repeated what was done by the BSD heroes in the past. Reyk > Index: if_trunk.c > === > RCS file: /cvs/src/sys/net/if_trunk.c,v > retrieving revision 1.124 > diff -u -p -r1.124 if_trunk.c > --- if_trunk.c20 Nov 2015 05:33:54 - 1.124 > +++ if_trunk.c20 Nov 2015 05:35:07 - > @@ -296,7 +296,7 @@ trunk_port_create(struct trunk_softc *tr > return (ENOSPC); > > /* New trunk port has to be in an idle state */ > - if (ifp->if_flags & IFF_OACTIVE) > + if (!ifq_empty(&ifp->if_snd)) > return (EBUSY); > > /* Check if port has already been associated to a trunk */ --
Re: ntpd pledge, needs "unix" to talk to ntpctl
Andreas Kusalananda Kähäri writes:
> Hi,
>
> I noticed that ntpd would die if I tried to use ntpctl to check on it:
>
> [...]
> 29946 ntpd CALL poll(0xda8993ab5c0,4,1000)
> 29946 ntpd RET poll 1
> 29946 ntpd CALL kbind(0x7f7c2558,0x18,0x7bb3facd5f812ed9)
> 29946 ntpd RET kbind 0
> 29946 ntpd CALL accept(5,0x7f7c2630,0x7f7c262c)
> 29946 ntpd PLDG accept, "unix", errno 1 Operation not permitted
> 29946 ntpd PSIG SIGABRT SIG_DFL
> [...]
>
> I also get ntpd(): syscall 30 "unix" in the console.
Confirmed, the failure is in control_accept(), which should be allowed
to speak on a Unix socket.
See the diff below.
> Cheer,
>
> ps. is tech@ the right list for these sorts of things?
For this case I'd say "yes", as it was trivial for me to reproduce the
bug.
Index: ntp.c
===
RCS file: /cvs/src/usr.sbin/ntpd/ntp.c,v
retrieving revision 1.139
diff -u -p -p -u -r1.139 ntp.c
--- ntp.c 30 Oct 2015 16:41:53 - 1.139
+++ ntp.c 20 Nov 2015 13:03:29 -
@@ -149,7 +149,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, s
endservent();
/* The ntp process will want to open NTP client sockets -> "inet" */
- if (pledge("stdio inet", NULL) == -1)
+ if (pledge("stdio unix inet", NULL) == -1)
err(1, "pledge");
signal(SIGTERM, ntp_sighdlr);
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: Use symbolic name instead of hardcoded value on telnet(1)
That was fast, thank you! In the meantime I found a few more offenders,
patch below. PS: I previously sent a patch for route, which also uses
shutdown with a number, but for now I'm still waiting for comments on
that one.
Index: gnu/usr.bin/cvs/src/client.c
===
RCS file: /cvs/src/gnu/usr.bin/cvs/src/client.c,v
retrieving revision 1.13
diff -u -p -u -r1.13 client.c
--- gnu/usr.bin/cvs/src/client.c3 Dec 2013 01:32:49 - 1.13
+++ gnu/usr.bin/cvs/src/client.c20 Nov 2015 12:57:35 -
@@ -3586,7 +3586,7 @@ get_responses_and_close ()
#ifdef NO_SOCKET_TO_FD
if (use_socket_style)
{
- if (shutdown (server_sock, 2) < 0)
+ if (shutdown (server_sock, SHUT_RDWR) < 0)
error (1, 0, "shutting down server socket: %s", SOCK_STRERROR
(SOCK_ERRNO));
}
else
@@ -3595,7 +3595,7 @@ get_responses_and_close ()
#if defined(HAVE_KERBEROS) || defined(AUTH_CLIENT_SUPPORT)
if (server_fd != -1)
{
- if (shutdown (server_fd, 1) < 0)
+ if (shutdown (server_fd, SHUT_WR) < 0)
error (1, 0, "shutting down connection to %s: %s",
current_parsed_root->hostname, SOCK_STRERROR
(SOCK_ERRNO));
server_fd = -1;
@@ -4071,7 +4071,7 @@ connect_to_pserver (tofdp, fromfdp, veri
else
{
/* Unrecognized response from server. */
- if (shutdown (sock, 2) < 0)
+ if (shutdown (sock, SHUT_RDWR) < 0)
{
error (0, 0,
"unrecognized auth response from %s: %s",
@@ -4091,7 +4091,7 @@ connect_to_pserver (tofdp, fromfdp, veri
if (verify_only)
{
- if (shutdown (sock, 2) < 0)
+ if (shutdown (sock, SHUT_RDWR) < 0)
error (0, 0, "shutdown() failed, server %s: %s",
current_parsed_root->hostname,
SOCK_STRERROR (SOCK_ERRNO));
if (res0)
@@ -4121,7 +4121,7 @@ connect_to_pserver (tofdp, fromfdp, veri
return;
rejected:
-if (shutdown (sock, 2) < 0)
+if (shutdown (sock, SHUT_RDWR) < 0)
{
error (0, 0,
"shutdown() failed (server %s): %s",
Index: gnu/usr.bin/cvs/emx/startserver.c
===
RCS file: /cvs/src/gnu/usr.bin/cvs/emx/startserver.c,v
retrieving revision 1.1.1.1
diff -u -p -u -r1.1.1.1 startserver.c
--- gnu/usr.bin/cvs/emx/startserver.c 22 Feb 1998 08:22:41 - 1.1.1.1
+++ gnu/usr.bin/cvs/emx/startserver.c 20 Nov 2015 12:59:27 -
@@ -76,7 +76,7 @@ void
os2_shutdown_server (int fd)
{
/* FIXME: shutdown on files seems to have no bad effects */
-if (shutdown (fd, 2) < 0 && errno != ENOTSOCK)
+if (shutdown (fd, SHUT_RDWR) < 0 && errno != ENOTSOCK)
error (1, 0, "couldn't shutdown server connection");
if (close (fd) < 0)
error (1, 0, "couldn't close server connection");
Index: gnu/usr.bin/cvs/windows-NT/startserver.c
===
RCS file: /cvs/src/gnu/usr.bin/cvs/windows-NT/startserver.c,v
retrieving revision 1.1.1.6
diff -u -p -u -r1.1.1.6 startserver.c
--- gnu/usr.bin/cvs/windows-NT/startserver.c22 Aug 1998 20:55:00 -
1.1.1.6
+++ gnu/usr.bin/cvs/windows-NT/startserver.c20 Nov 2015 12:59:45 -
@@ -71,7 +71,7 @@ wnt_shutdown_server (int fd)
SOCKET s;
s = fd;
- if (shutdown (s, 2) == SOCKET_ERROR)
+ if (shutdown (s, SHUT_RDWR) == SOCKET_ERROR)
error (1, 0, "couldn't shutdown server connection: %s",
SOCK_STRERROR (SOCK_ERRNO));
if (closesocket (s) == SOCKET_ERROR)
Index: sbin/route/route.c
===
RCS file: /cvs/src/sbin/route/route.c,v
retrieving revision 1.179
diff -u -p -u -r1.179 route.c
--- sbin/route/route.c 25 Oct 2015 09:37:08 - 1.179
+++ sbin/route/route.c 20 Nov 2015 13:00:51 -
@@ -270,7 +270,7 @@ flushroutes(int argc, char **argv)
if (uid)
errx(1, "must be root to alter routing table");
- shutdown(s, 0); /* Don't want to read back our messages */
+ shutdown(s, SHUT_RD); /* Don't want to read back our messages */
while (--argc > 0) {
if (**(++argv) == '-')
switch (keyword(*argv + 1)) {
@@ -450,7 +450,7 @@ newroute(int argc, char **argv)
errx(1, "must be root to alter routing table");
cmd = argv[0];
if (*cmd != 'g')
- shutdown(s, 0); /* Don't want to read back our messages */
+ shutdown(s, SHUT_RD); /* Don't want to read back our messages */
while (--argc > 0) {
if (**(++argv)== '-') {
switch (key = keyword(1 + *argv)) {
On 20/11/2015 12:44, Jérémie Courrèges-Anglas wrote:
> Ricardo Mestre writes:
>
>> Use symbolic na
Re: serious watchdog timeout issues with em driver
On 19/11/15(Thu) 17:54, Sonic wrote: > Have serious problems for over 7 weeks now with em driver, > specifically any rev of if_em.c > 1.305. Starting with rev 1.306, > released on 2015/09/30 and continuing to -current, watchdog timeouts > rue the day. Unfortunately rev 1.305 no longer builds with -current as > it appears the patch in rev 1.309 would be necessary. I just committed a revert to 1.305 keeping the API changes needed for the driver to build. This should bring your stability back, please let us know if that's not the case. I'm sorry for your troubles.
Re: Memory corruptions in bc(1)
On Fri, Nov 20, 2015 at 11:52:16AM +0100, Otto Moerbeek wrote:
> On Thu, Nov 19, 2015 at 05:52:39PM -0500, Michael McConville wrote:
>
> > I'm already cache-thrashing with all of my side projects, so if anyone's
> > interested I'll leave this to them.
> >
> > A few days ago, I wanted to try American Fuzzy Lop (afl), and bc(1)
> > seemed like a good first target: it pretty much just goes from stdin to
> > stdout, so there's no code reorganization needed.
> >
> > For those not familiar, bc compiles its input to dc(1)'s syntax and
> > forks to dc.
> >
> > There are many unique crash paths - 1041 before I killed afl. Most
> > center around emit(), which emits a dc instr. Many pass NULL to fputs()
> > in emit(). I found at least one (crashes/id:001041*) that
> > nondeterministically passes the str pointer 0xdfdfdfdfdfdfdfdf to
> > fputs(), which is probably uninitialized or already-freed memory.
> > Backtrace below.
> >
> > malloc.conf(5) may be useful.
> >
> > Here's the full afl directory:
> >
> > http://www.sccs.swarthmore.edu/users/16/mmcconv1/bc-afl/
> >
> >
> > Core was generated by `bc'.
> > Program terminated with signal SIGBUS, Bus error.
> > #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:152
> > 152 movq(%rax),%rdx /* first data in high bytes
> > */
> > (gdb) bt
> > #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:152
> > #1 0x19f79fa7c43d in *_libc_fputs (s=0xdfdfdfdfdfdfdfdf > access memory at address 0xdfdfdfdfdfdfdfdf>, fp=0x1) at
> > /usr/src/lib/libc/stdio/fputs.c:50
> > #2 0x19f4ecb0f401 in emit (i=28548786530304) at
> > /usr/src/usr.bin/bc/bc.y:810
> > #3 yyparse () at /usr/src/usr.bin/bc/bc.y:178
> > #4 0x19f4ecb13f3e in main (argc=1, argv=0x7f7fa570) at
> > /usr/src/usr.bin/bc/bc.y:1188
>
> This fixes at least one case (id-000141*) and make the printing of
> non-ascci chars better
>
> -Otto
>
New version, which solves all cases found in crashes, hangs and queue
above. The remaining cases were emit going into an infinite recursion
becuse the tree wasn't a tree but a cyclic graph.
Regress still succeeds.
-Otto
Index: bc.y
===
RCS file: /cvs/src/usr.bin/bc/bc.y,v
retrieving revision 1.48
diff -u -p -r1.48 bc.y
--- bc.y10 Oct 2015 19:28:54 - 1.48
+++ bc.y20 Nov 2015 13:19:07 -
@@ -72,7 +72,7 @@ static void grow(void);
static ssize_t cs(const char *);
static ssize_t as(const char *);
static ssize_t node(ssize_t, ...);
-static voidemit(ssize_t);
+static voidemit(ssize_t, int);
static voidemit_macro(int, ssize_t);
static voidfree_tree(void);
static ssize_t numnode(int);
@@ -175,7 +175,7 @@ program : /* empty */
input_item : semicolon_list NEWLINE
{
- emit($1);
+ emit($1, 0);
macro_char = reset_macro_char;
putchar('\n');
free_tree();
@@ -803,12 +803,17 @@ node(ssize_t arg, ...)
}
static void
-emit(ssize_t i)
+emit(ssize_t i, int level)
{
- if (instructions[i].index >= 0)
- while (instructions[i].index != END_NODE)
- emit(instructions[i++].index);
- else
+ if (level > 1000)
+ errx(1, "internal error: tree level > 1000");
+ if (instructions[i].index >= 0) {
+ while (instructions[i].index != END_NODE &&
+ instructions[i].index != i) {
+ emit(instructions[i].index, level + 1);
+ i++;
+ }
+ } else if (instructions[i].index != END_NODE)
fputs(instructions[i].u.cstr, stdout);
}
@@ -816,7 +821,7 @@ static void
emit_macro(int node, ssize_t code)
{
putchar('[');
- emit(code);
+ emit(code, 0);
printf("]s%s\n", instructions[node].u.cstr);
nesting--;
}
@@ -951,7 +956,7 @@ yyerror(char *s)
!isprint((unsigned char)yytext[0]))
n = asprintf(&str,
"%s: %s:%d: %s: ascii char 0x%02x unexpected",
- __progname, filename, lineno, s, yytext[0]);
+ __progname, filename, lineno, s, yytext[0] & 0xff);
else
n = asprintf(&str, "%s: %s:%d: %s: %s unexpected",
__progname, filename, lineno, s, yytext);
Re: trunk vs busy ports
> On 20 Nov 2015, at 11:23 PM, Reyk Floeter wrote: > > On Fri, Nov 20, 2015 at 03:36:40PM +1000, David Gwynne wrote: >> IFF_OACTIVE means the hardware ring is full, not if it is busy. >> >> perhaps a better check is to see whether there are pending packets >> on the send queue? >> >> i could also argue we dont need the check at all, but this is less >> of a semantic change. >> >> ok? >> > > OK > > I added this check in the initial commit of trunk(4) more than 10 > years ago. I don't remember a particular reason - there wasn't even a > production use yet. I initially wrote trunk to use it for failover on > some firewalls, but it was not going into production before it was > committed to OpenBSD. > > So the reason for the flag might just be a historical one: back in the > days, I heard that 10 years is a long time in IT, there was not much > reference about implementing such a "cloner" correctly. I must have > looked at vlan(4) or bridge(4) and decided that it was the way to do. > I mean, before mpi@, working in the network stack was tough and very > different: you didn't ask, never refered to any documentation, just > relied on the traditions and repeated what was done by the BSD heroes > in the past. thats exactly right. please dont take this as an accusation of negligence, this is just mopping up some of that inherited code. im upset about my own use of IFQ_POLL() in a bunch of my own drivers, but really i am only guilty of what you described above too. ie, we're not guilty, we were just following best practices at the time. how would you feel if i simply removed the check? dlg > > Reyk > >> Index: if_trunk.c >> === >> RCS file: /cvs/src/sys/net/if_trunk.c,v >> retrieving revision 1.124 >> diff -u -p -r1.124 if_trunk.c >> --- if_trunk.c 20 Nov 2015 05:33:54 - 1.124 >> +++ if_trunk.c 20 Nov 2015 05:35:07 - >> @@ -296,7 +296,7 @@ trunk_port_create(struct trunk_softc *tr >> return (ENOSPC); >> >> /* New trunk port has to be in an idle state */ >> -if (ifp->if_flags & IFF_OACTIVE) >> +if (!ifq_empty(&ifp->if_snd)) >> return (EBUSY); >> >> /* Check if port has already been associated to a trunk */ > > --
rt_ifp and icmp
The first rt_ifp of the day, make use of if_get() inside icmp_mtudisc().
ok?
Index: netinet/ip_icmp.c
===
RCS file: /cvs/src/sys/netinet/ip_icmp.c,v
retrieving revision 1.145
diff -u -p -r1.145 ip_icmp.c
--- netinet/ip_icmp.c 30 Oct 2015 09:39:42 - 1.145
+++ netinet/ip_icmp.c 19 Nov 2015 11:34:21 -
@@ -981,12 +981,17 @@ void
icmp_mtudisc(struct icmp *icp, u_int rtableid)
{
struct rtentry *rt;
+ struct ifnet *ifp;
u_long mtu = ntohs(icp->icmp_nextmtu); /* Why a long? IPv6 */
rt = icmp_mtudisc_clone(icp->icmp_ip.ip_dst, rtableid);
if (rt == NULL)
return;
+ ifp = if_get(rt->rt_ifidx);
+ if (ifp == NULL)
+ return;
+
if (mtu == 0) {
int i = 0;
@@ -1002,7 +1007,7 @@ icmp_mtudisc(struct icmp *icp, u_int rta
/* If no route mtu, default to the interface mtu */
if (mtu == 0)
- mtu = rt->rt_ifp->if_mtu;
+ mtu = ifp->if_mtu;
}
for (i = 0; i < nitems(mtu_table); i++)
@@ -1019,15 +1024,14 @@ icmp_mtudisc(struct icmp *icp, u_int rta
*on a route. We should be using a separate flag
*for the kernel to indicate this.
*/
-
if ((rt->rt_rmx.rmx_locks & RTV_MTU) == 0) {
- if (mtu < 296 || mtu > rt->rt_ifp->if_mtu)
+ if (mtu < 296 || mtu > ifp->if_mtu)
rt->rt_rmx.rmx_locks |= RTV_MTU;
- else if (rt->rt_rmx.rmx_mtu > mtu ||
- rt->rt_rmx.rmx_mtu == 0)
+ else if (rt->rt_rmx.rmx_mtu > mtu || rt->rt_rmx.rmx_mtu == 0)
rt->rt_rmx.rmx_mtu = mtu;
}
+ if_put(ifp);
rtfree(rt);
}
rt_ifp and icmp6
Some if_get() love in icmp6.
ok?
Index: netinet6/icmp6.c
===
RCS file: /cvs/src/sys/netinet6/icmp6.c,v
retrieving revision 1.177
diff -u -p -r1.177 icmp6.c
--- netinet6/icmp6.c3 Nov 2015 21:39:34 - 1.177
+++ netinet6/icmp6.c20 Nov 2015 13:33:10 -
@@ -1018,16 +1018,19 @@ icmp6_mtudisc_update(struct ip6ctlparam
rt = icmp6_mtudisc_clone(sin6tosa(&sin6), m->m_pkthdr.ph_rtableid);
- if (rt && (rt->rt_flags & RTF_HOST) &&
+ if (rt != NULL && ISSET(rt->rt_flags, RTF_HOST) &&
!(rt->rt_rmx.rmx_locks & RTV_MTU) &&
(rt->rt_rmx.rmx_mtu > mtu || rt->rt_rmx.rmx_mtu == 0)) {
- if (mtu < rt->rt_ifp->if_mtu) {
+ struct ifnet *ifp;
+
+ ifp = if_get(rt->rt_ifidx);
+ if (ifp != NULL && mtu < ifp->if_mtu) {
icmp6stat.icp6s_pmtuchg++;
rt->rt_rmx.rmx_mtu = mtu;
}
+ if_put(ifp);
}
- if (rt)
- rtfree(rt);
+ rtfree(rt);
/*
* Notify protocols that the MTU for this destination
@@ -1549,7 +1552,7 @@ icmp6_redirect_input(struct mbuf *m, int
void
icmp6_redirect_output(struct mbuf *m0, struct rtentry *rt)
{
- struct ifnet *ifp; /* my outgoing interface */
+ struct ifnet *ifp = NULL;
struct in6_addr *ifp_ll6;
struct in6_addr *nexthop;
struct ip6_hdr *sip6; /* m0 as struct ip6_hdr */
@@ -1569,7 +1572,10 @@ icmp6_redirect_output(struct mbuf *m0, s
/* sanity check */
if (m0 == NULL || !rtisvalid(rt))
goto fail;
- ifp = rt->rt_ifp;
+
+ ifp = if_get(rt->rt_ifidx);
+ if (ifp == NULL)
+ goto fail;
/*
* Address check:
@@ -1795,9 +1801,11 @@ noredhdropt:
icmp6stat.icp6s_outhist[ND_REDIRECT]++;
+ if_put(ifp);
return;
fail:
+ if_put(ifp);
m_freem(m);
m_freem(m0);
}
Re: ntpd pledge, needs "unix" to talk to ntpctl
On Fri, Nov 20, 2015 at 02:07:46PM +0100, J??r??mie Courr??ges-Anglas wrote:
> Andreas Kusalananda K??h??ri writes:
>
> > Hi,
> >
> > I noticed that ntpd would die if I tried to use ntpctl to check on it:
> >
> > [...]
> > 29946 ntpd CALL poll(0xda8993ab5c0,4,1000)
> > 29946 ntpd RET poll 1
> > 29946 ntpd CALL kbind(0x7f7c2558,0x18,0x7bb3facd5f812ed9)
> > 29946 ntpd RET kbind 0
> > 29946 ntpd CALL accept(5,0x7f7c2630,0x7f7c262c)
> > 29946 ntpd PLDG accept, "unix", errno 1 Operation not permitted
> > 29946 ntpd PSIG SIGABRT SIG_DFL
> > [...]
> >
> > I also get ntpd(): syscall 30 "unix" in the console.
>
> Confirmed, the failure is in control_accept(), which should be allowed
> to speak on a Unix socket.
>
> See the diff below.
>
There was some semantical fix in sys/kern/uipc_usrreq.c for unix
sockets that might have triggered it. I'm sure I had used ntpctl with
"older" pledge.
The diff looks OK, with the drawback that the ntp process now needs
"all of unix" for the accept() - but the unix socket is pre-opened
before its pledge/chroot.
OK reyk@
> Index: ntp.c
> ===
> RCS file: /cvs/src/usr.sbin/ntpd/ntp.c,v
> retrieving revision 1.139
> diff -u -p -p -u -r1.139 ntp.c
> --- ntp.c 30 Oct 2015 16:41:53 - 1.139
> +++ ntp.c 20 Nov 2015 13:03:29 -
> @@ -149,7 +149,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, s
> endservent();
>
> /* The ntp process will want to open NTP client sockets -> "inet" */
> - if (pledge("stdio inet", NULL) == -1)
> + if (pledge("stdio unix inet", NULL) == -1)
> err(1, "pledge");
>
> signal(SIGTERM, ntp_sighdlr);
>
> --
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
>
--
Re: trunk vs busy ports
On Fri, Nov 20, 2015 at 11:27:05PM +1000, David Gwynne wrote: > > > On 20 Nov 2015, at 11:23 PM, Reyk Floeter wrote: > > > > On Fri, Nov 20, 2015 at 03:36:40PM +1000, David Gwynne wrote: > >> IFF_OACTIVE means the hardware ring is full, not if it is busy. > >> > >> perhaps a better check is to see whether there are pending packets > >> on the send queue? > >> > >> i could also argue we dont need the check at all, but this is less > >> of a semantic change. > >> > >> ok? > >> > > > > OK > > > > I added this check in the initial commit of trunk(4) more than 10 > > years ago. I don't remember a particular reason - there wasn't even a > > production use yet. I initially wrote trunk to use it for failover on > > some firewalls, but it was not going into production before it was > > committed to OpenBSD. > > > > So the reason for the flag might just be a historical one: back in the > > days, I heard that 10 years is a long time in IT, there was not much > > reference about implementing such a "cloner" correctly. I must have > > looked at vlan(4) or bridge(4) and decided that it was the way to do. > > I mean, before mpi@, working in the network stack was tough and very > > different: you didn't ask, never refered to any documentation, just > > relied on the traditions and repeated what was done by the BSD heroes > > in the past. > > thats exactly right. please dont take this as an accusation of negligence, > this is just mopping up some of that inherited code. > > im upset about my own use of IFQ_POLL() in a bunch of my own drivers, but > really i am only guilty of what you described above too. ie, we're not > guilty, we were just following best practices at the time. > Hehe, i'm not feeling accused. I think it is a lot of fun to see all the progress and cleanup happening. I just wanted to tell a story ... and to point out that some of the obvious mistakes of the past weren't so obvious to us back then. > how would you feel if i simply removed the check? > fine! Reyk > >> Index: if_trunk.c > >> === > >> RCS file: /cvs/src/sys/net/if_trunk.c,v > >> retrieving revision 1.124 > >> diff -u -p -r1.124 if_trunk.c > >> --- if_trunk.c 20 Nov 2015 05:33:54 - 1.124 > >> +++ if_trunk.c 20 Nov 2015 05:35:07 - > >> @@ -296,7 +296,7 @@ trunk_port_create(struct trunk_softc *tr > >>return (ENOSPC); > >> > >>/* New trunk port has to be in an idle state */ > >> - if (ifp->if_flags & IFF_OACTIVE) > >> + if (!ifq_empty(&ifp->if_snd)) > >>return (EBUSY); > >> > >>/* Check if port has already been associated to a trunk */ > > > > -- > --
Interesting if_get() case
This is an interesting case to understand why we're using interface
indexes instead pointers.
When the code below will be executed without being serialized with
ifdetach(), it might have to deal with an invalid ``ipforward_rt''.
By "invalid" here I mean a route entry pointing to a detached ifp.
Every cached entry can become "invalid" and they can be found in
multiple places: PCBs, tunneling interfaces, gateway routes, TCP
syncache...
Currently, when a route is removed from the table it loses its
RTF_UP flag. Since (hopefully) all our code check for this flag
via rtisvalid(9) and it is serialized with ifdetach(), we're safe.
But as soon as CPU0 will be able to execute the chunk below while
CPU1 is detaching the interface pointed by rt_ifp we can trigger
a bad dereference quite complicated to reproduce.
By making use of indexes with if_get()/if_put() we are sure that
the interface won't disappear while we're accessing it.
Another alternative would have been to reference count the interface
pointer on the route entry but this doesn't really fly with our
approach of sleeping until all the references are dropped when an
interface is detached.
Ok?
Index: netinet/ip_input.c
===
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.261
diff -u -p -u -5 -r1.261 ip_input.c
--- netinet/ip_input.c 14 Nov 2015 15:40:40 - 1.261
+++ netinet/ip_input.c 19 Nov 2015 12:36:05 -
@@ -1514,12 +1514,18 @@ ip_forward(struct mbuf *m, struct ifnet
if (ipforward_rt.ro_rt) {
struct rtentry *rt = ipforward_rt.ro_rt;
if (rt->rt_rmx.rmx_mtu)
destmtu = rt->rt_rmx.rmx_mtu;
- else
- destmtu = ipforward_rt.ro_rt->rt_ifp->if_mtu;
+ else {
+ struct ifnet *destifp;
+
+ destifp = if_get(rt->rt_ifidx);
+ if (destifp != NULL)
+ destmtu = destifp->if_mtu;
+ if_put(destifp);
+ }
}
#endif /*IPSEC*/
ipstat.ips_cantfrag++;
break;
Re: ntpd pledge, needs "unix" to talk to ntpctl
Reyk Floeter writes:
> On Fri, Nov 20, 2015 at 02:07:46PM +0100, J??r??mie Courr??ges-Anglas wrote:
>> Andreas Kusalananda K??h??ri writes:
>>
>> > Hi,
>> >
>> > I noticed that ntpd would die if I tried to use ntpctl to check on it:
>> >
>> > [...]
>> > 29946 ntpd CALL poll(0xda8993ab5c0,4,1000)
>> > 29946 ntpd RET poll 1
>> > 29946 ntpd CALL kbind(0x7f7c2558,0x18,0x7bb3facd5f812ed9)
>> > 29946 ntpd RET kbind 0
>> > 29946 ntpd CALL accept(5,0x7f7c2630,0x7f7c262c)
>> > 29946 ntpd PLDG accept, "unix", errno 1 Operation not permitted
>> > 29946 ntpd PSIG SIGABRT SIG_DFL
>> > [...]
>> >
>> > I also get ntpd(): syscall 30 "unix" in the console.
>>
>> Confirmed, the failure is in control_accept(), which should be allowed
>> to speak on a Unix socket.
>>
>> See the diff below.
>>
>
> There was some semantical fix in sys/kern/uipc_usrreq.c for unix
> sockets that might have triggered it.
Yup. And the change that lead to this ntpd failure was amended earlier
today, so the patch isn't actually needed.
Cheers,
> I'm sure I had used ntpctl with
> "older" pledge.
>
> The diff looks OK, with the drawback that the ntp process now needs
> "all of unix" for the accept() - but the unix socket is pre-opened
> before its pledge/chroot.
>
> OK reyk@
>
>> Index: ntp.c
>> ===
>> RCS file: /cvs/src/usr.sbin/ntpd/ntp.c,v
>> retrieving revision 1.139
>> diff -u -p -p -u -r1.139 ntp.c
>> --- ntp.c30 Oct 2015 16:41:53 - 1.139
>> +++ ntp.c20 Nov 2015 13:03:29 -
>> @@ -149,7 +149,7 @@ ntp_main(int pipe_prnt[2], int fd_ctl, s
>> endservent();
>>
>> /* The ntp process will want to open NTP client sockets -> "inet" */
>> -if (pledge("stdio inet", NULL) == -1)
>> +if (pledge("stdio unix inet", NULL) == -1)
>> err(1, "pledge");
>>
>> signal(SIGTERM, ntp_sighdlr);
>>
>> --
>> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
>>
--
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: ntpd pledge, needs "unix" to talk to ntpctl
> Andreas Kusalananda K=C3=A4h=C3=A4ri writes: > > > Hi, > > > > I noticed that ntpd would die if I tried to use ntpctl to check on it: > > > > [...] > > 29946 ntpd CALL poll(0xda8993ab5c0,4,1000) > > 29946 ntpd RET poll 1 > > 29946 ntpd CALL kbind(0x7f7c2558,0x18,0x7bb3facd5f812ed9) > > 29946 ntpd RET kbind 0 > > 29946 ntpd CALL accept(5,0x7f7c2630,0x7f7c262c) > > 29946 ntpd PLDG accept, "unix", errno 1 Operation not permitted > > 29946 ntpd PSIG SIGABRT SIG_DFL > > [...] > > > > I also get ntpd(): syscall 30 "unix" in the console. > > Confirmed, the failure is in control_accept(), which should be allowed > to speak on a Unix socket. > > See the diff below. > > > Cheer, > > > > ps. is tech@ the right list for these sorts of things? > > For this case I'd say "yes", as it was trivial for me to reproduce the > bug. > > Index: ntp.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D you are sending mime again. the kernel has been fixed for this issue, not ntpd. We don't want that process able to open sockets outbound, which your diff does.
Re: serious watchdog timeout issues with em driver
On Fri, Nov 20, 2015 at 8:12 AM, Martin Pieuchot wrote: > I just committed a revert to 1.305 keeping the API changes needed for > the driver to build. > > This should bring your stability back, please let us know if that's not > the case. The kernel/driver builds with those changes but crashes on startup (hadn't rebuilt userland yet). Couldn't see much when it happened, I believe it was just after starting the network, and there was some Xsoft... error and then what I would describe as a core dump to the console. No footprints seem to be left after a power reset and booting into obsd. Thanks, Chris
afterboot - ntpd now on by default
Ping. Index: afterboot.8 === RCS file: /cvs/src/share/man/man8/afterboot.8,v retrieving revision 1.149 diff -u -p -r1.149 afterboot.8 --- afterboot.8 24 Sep 2015 15:07:55 - 1.149 +++ afterboot.8 26 Sep 2015 16:22:07 - @@ -124,6 +124,14 @@ Furthermore, the superuser's should never contain the current directory .Pq Dq \&. . .Ss System date +.Xr ntpd 8 +is used to automatically synchronize clocks with remote NTP servers. +You can use +.Xr ntpctl 8 +to check the status. +To change the NTP server see +.Xr ntpd.conf 5 . +.Pp Check the system date with the .Xr date 1 command. @@ -132,14 +140,11 @@ If needed, change the date, and/or chang to the correct time zone in the .Pa /usr/share/zoneinfo directory. -Alternatively, -.Xr ntpd 8 -can be used to automatically synchronize clocks with remote NTP servers. .Pp Examples: .Pp -Set the current date to January 27th, 1999 3:04pm: -.Dl # date 199901271504 +Set the current date to January 27th, 2016 3:04pm: +.Dl # date 201601271504 .Pp Set the time zone to Atlantic Standard Time: .Dl # ln -fs /usr/share/zoneinfo/Canada/Atlantic /etc/localtime
Re: Interesting if_get() case
Hello,
thanks for detailed explanation.
> + else {
> + struct ifnet *destifp;
> +
> + destifp = if_get(rt->rt_ifidx);
> + if (destifp != NULL)
> + destmtu = destifp->if_mtu;
> + if_put(destifp);
> + }
your code potentially leaves destmtu set to 0 in case we deal with invalid
ipforward_rt. I wonder how icmp_error() we are going to call further below
(at line 1544 in the old code) is going to deal with it. May be we
should just give up on sending ICMP_UNREACH message in this case.
find my small improvement to your patch further below.
regards
sasha
8<---8<---8<--8<
Warning: Permanently added 'anoncvs.spacehopper.org' (ECDSA) to the list of
known hosts.
Index: ip_input.c
===
RCS file: /cvs/src/sys/netinet/ip_input.c,v
retrieving revision 1.261
diff -u -p -r1.261 ip_input.c
--- ip_input.c 14 Nov 2015 15:40:40 - 1.261
+++ ip_input.c 20 Nov 2015 15:48:47 -
@@ -1516,11 +1516,24 @@ ip_forward(struct mbuf *m, struct ifnet
if (rt->rt_rmx.rmx_mtu)
destmtu = rt->rt_rmx.rmx_mtu;
- else
- destmtu = ipforward_rt.ro_rt->rt_ifp->if_mtu;
+ else {
+ struct ifnet *destifp;
+
+ destifp = if_get(rt->rt_ifidx);
+ if (destifp != NULL)
+ destmtu = destifp->if_mtu;
+ if_put(destifp);
+ }
}
#endif /*IPSEC*/
ipstat.ips_cantfrag++;
+
+ /*
+* route to destniation no longer exists, we should revert code
+* back to host unreachable.
+*/
+ if (destmtu == 0)
+ code = ICMP_UNREACH_HOST;
break;
case EACCES:
Re: rt_ifp and icmp
On Fri, Nov 20, 2015 at 02:31:23PM +0100, Martin Pieuchot wrote: > The first rt_ifp of the day, make use of if_get() inside icmp_mtudisc(). > > ok? > OK (however you are probably better to wait for more experienced one OK) BTW I like the way rt_ifidx is defined, it's smart way to move forward safely. regards sasha
Re: rt_ifp and icmp6
Hello, OK regards sasha On Fri, Nov 20, 2015 at 02:33:44PM +0100, Martin Pieuchot wrote: > Some if_get() love in icmp6. > > ok? >
Re: [PATCH 1/2] flex 2.5.39
On Thu, Nov 19, 2015 at 06:53:45PM -0500, Ted Unangst wrote: > Serguey Parkhomovsky wrote: > > * renamed parse.c, parse.h, scan.c, skel.c with init prefix so compiling > > flex outside of obj by accident wouldn't clobber the bootstrap files > > Do you remember what caused you to skip using the in base yacc? The diff below > seems to work for me. > I skipped using the base yacc because flex would error out on compiling itself. I'm not sure what was happening there, but I've tested your patch and it works for me too.
netstat -P - no namelist
Hello - I used to use netstat -P to view PCB information. Running -current, I get 'no namelist' now. Any ideas? 0xff0397c4da50 tcp 0 0 127.0.0.1.33845127.0.0.1.18333 ESTABLISHED # netstat -P 0xff0397c4da50 netstat: no namelist Thanks, David
Re: rt_ifp and pf(4)
Hello,
I have just nit comments, feel free to ignore them.
1) would it be possible to use closing #endif guards as follows:
#endif /* NCARP */
2) another nit here:
> @@ -5607,6 +5616,8 @@ pf_route(struct mbuf **m, struct pf_rule
> done:
> if (r->rt != PF_DUPTO)
> *m = NULL;
> + if (!r->rt)
> + if_put(ifp);
> rtfree(rt);
> return;
>
I would probably use test as follows:
if (rt != NULL)
if_put(ifp);
it's detail, given at some point in future we will probably have to use
if_put()/if_get() for ifp's bound to kif's (right?). My point here is we call
if_get() after we successfully obtain rt.
Apart those two everything is OK, since those two are nits, it's up to you if
you go for my suggestions.
regards
sasha
On Thu, Nov 19, 2015 at 12:07:38PM +0100, Martin Pieuchot wrote:
> Stop using rt_ifp. While here put some NCARP... ok?
>
> Index: net/pf.c
> ===
> RCS file: /cvs/src/sys/net/pf.c,v
> retrieving revision 1.950
> diff -u -p -r1.950 pf.c
> --- net/pf.c 12 Nov 2015 10:07:14 - 1.950
> +++ net/pf.c 19 Nov 2015 11:05:37 -
> @@ -36,6 +36,7 @@
> */
>
> #include "bpfilter.h"
> +#include "carp.h"
> #include "pflog.h"
> #include "pfsync.h"
> #include "pflow.h"
> @@ -2595,9 +2596,11 @@ pf_match_rcvif(struct mbuf *m, struct pf
> if (ifp == NULL)
> return (0);
>
> +#if NCARP > 0
> if (ifp->if_type == IFT_CARP && ifp->if_carpdev)
> kif = (struct pfi_kif *)ifp->if_carpdev->if_pf_kif;
> else
> +#endif
> kif = (struct pfi_kif *)ifp->if_pf_kif;
>
> if_put(ifp);
> @@ -5347,7 +5350,6 @@ pf_routable(struct pf_addr *addr, sa_fam
> struct sockaddr_in6 *dst6;
> #endif /* INET6 */
> struct rtentry *rt, *rt0 = NULL;
> - struct ifnet*ifp;
>
> check_mpath = 0;
> memset(&ss, 0, sizeof(ss));
> @@ -5397,13 +5399,20 @@ pf_routable(struct pf_addr *addr, sa_fam
> ret = 0;
> rt = rt0;
> do {
> - if (rt->rt_ifp->if_type == IFT_CARP)
> - ifp = rt->rt_ifp->if_carpdev;
> - else
> - ifp = rt->rt_ifp;
> -
> - if (kif->pfik_ifp == ifp)
> + if (rt->rt_ifidx == kif->pfik_ifp->if_index) {
> ret = 1;
> +#if NCARP > 0
> + } else {
> + struct ifnet*ifp;
> +
> + ifp = if_get(rt->rt_ifidx);
> + if (ifp != NULL && ifp->if_type == IFT_CARP &&
> + ifp->if_carpdev == kif->pfik_ifp)
> + ret = 1;
> + if_put(ifp);
> +#endif
> + }
> +
> #ifndef SMALL_KERNEL
> rt = rtable_mpath_next(rt);
> #else
> @@ -5512,7 +5521,7 @@ pf_route(struct mbuf **m, struct pf_rule
> goto bad;
> }
>
> - ifp = rt->rt_ifp;
> + ifp = if_get(rt->rt_ifidx);
>
> if (rt->rt_flags & RTF_GATEWAY)
> dst = satosin(rt->rt_gateway);
> @@ -5607,6 +5616,8 @@ pf_route(struct mbuf **m, struct pf_rule
> done:
> if (r->rt != PF_DUPTO)
> *m = NULL;
> + if (!r->rt)
> + if_put(ifp);
> rtfree(rt);
> return;
>
> @@ -6312,9 +6323,11 @@ pf_test(sa_family_t af, int fwdir, struc
> if (!pf_status.running)
> return (PF_PASS);
>
> +#if NCARP > 0
> if (ifp->if_type == IFT_CARP && ifp->if_carpdev)
> kif = (struct pfi_kif *)ifp->if_carpdev->if_pf_kif;
> else
> +#endif
> kif = (struct pfi_kif *)ifp->if_pf_kif;
>
> if (kif == NULL) {
>
Re: Use symbolic name instead of hardcoded value on telnet(1)
Ricardo Mestre writes: > That was fast, thank you! In the meantime I found a few more offenders, > patch below. It is unclear to me whether the cvs patch should be committed. Most of those calls *may* go away soon, along with the surrounding code. > PS: I previously sent a patch for route, which also uses > shutdown with a number, but for now I'm still waiting for comments on > that one. Well, it was included at the end of your diff, so I committed it. Thanks! -- jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
Re: serious watchdog timeout issues with em driver
> Date: Fri, 20 Nov 2015 14:12:52 +0100 > From: Martin Pieuchot > > On 19/11/15(Thu) 17:54, Sonic wrote: > > Have serious problems for over 7 weeks now with em driver, > > specifically any rev of if_em.c > 1.305. Starting with rev 1.306, > > released on 2015/09/30 and continuing to -current, watchdog timeouts > > rue the day. Unfortunately rev 1.305 no longer builds with -current as > > it appears the patch in rev 1.309 would be necessary. > > I just committed a revert to 1.305 keeping the API changes needed for > the driver to build. Thanks Martin. I didn't have the time in the last few weeks to do the backout.
typo in tcsetpgrp.3
ok? Index: lib/libc/termios/tcsetpgrp.3 === RCS file: /cvs/src/lib/libc/termios/tcsetpgrp.3,v retrieving revision 1.11 diff -u -p -r1.11 tcsetpgrp.3 --- lib/libc/termios/tcsetpgrp.312 Dec 2013 22:44:22 - 1.11 +++ lib/libc/termios/tcsetpgrp.320 Nov 2015 18:00:06 - @@ -58,7 +58,7 @@ Upon successful completion, returns a value of zero. .Sh ERRORS If an error occurs, -.Fn tcgetpgrp +.Fn tcsetpgrp returns \-1 and the global variable .Va errno is set to indicate the error, as follows:
Re: Memory corruptions in bc(1)
ok
Otto Moerbeek(o...@drijf.net) on 2015.11.20 14:22:12 +0100:
> On Fri, Nov 20, 2015 at 11:52:16AM +0100, Otto Moerbeek wrote:
>
> > On Thu, Nov 19, 2015 at 05:52:39PM -0500, Michael McConville wrote:
> >
> > > I'm already cache-thrashing with all of my side projects, so if anyone's
> > > interested I'll leave this to them.
> > >
> > > A few days ago, I wanted to try American Fuzzy Lop (afl), and bc(1)
> > > seemed like a good first target: it pretty much just goes from stdin to
> > > stdout, so there's no code reorganization needed.
> > >
> > > For those not familiar, bc compiles its input to dc(1)'s syntax and
> > > forks to dc.
> > >
> > > There are many unique crash paths - 1041 before I killed afl. Most
> > > center around emit(), which emits a dc instr. Many pass NULL to fputs()
> > > in emit(). I found at least one (crashes/id:001041*) that
> > > nondeterministically passes the str pointer 0xdfdfdfdfdfdfdfdf to
> > > fputs(), which is probably uninitialized or already-freed memory.
> > > Backtrace below.
> > >
> > > malloc.conf(5) may be useful.
> > >
> > > Here's the full afl directory:
> > >
> > > http://www.sccs.swarthmore.edu/users/16/mmcconv1/bc-afl/
> > >
> > >
> > > Core was generated by `bc'.
> > > Program terminated with signal SIGBUS, Bus error.
> > > #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:152
> > > 152 movq(%rax),%rdx /* first data in high
> > > bytes */
> > > (gdb) bt
> > > #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:152
> > > #1 0x19f79fa7c43d in *_libc_fputs (s=0xdfdfdfdfdfdfdfdf > > Cannot access memory at address 0xdfdfdfdfdfdfdfdf>, fp=0x1) at
> > > /usr/src/lib/libc/stdio/fputs.c:50
> > > #2 0x19f4ecb0f401 in emit (i=28548786530304) at
> > > /usr/src/usr.bin/bc/bc.y:810
> > > #3 yyparse () at /usr/src/usr.bin/bc/bc.y:178
> > > #4 0x19f4ecb13f3e in main (argc=1, argv=0x7f7fa570) at
> > > /usr/src/usr.bin/bc/bc.y:1188
> >
> > This fixes at least one case (id-000141*) and make the printing of
> > non-ascci chars better
> >
> > -Otto
> >
>
> New version, which solves all cases found in crashes, hangs and queue
> above. The remaining cases were emit going into an infinite recursion
> becuse the tree wasn't a tree but a cyclic graph.
>
> Regress still succeeds.
>
> -Otto
>
> Index: bc.y
> ===
> RCS file: /cvs/src/usr.bin/bc/bc.y,v
> retrieving revision 1.48
> diff -u -p -r1.48 bc.y
> --- bc.y 10 Oct 2015 19:28:54 - 1.48
> +++ bc.y 20 Nov 2015 13:19:07 -
> @@ -72,7 +72,7 @@ static void grow(void);
> static ssize_t cs(const char *);
> static ssize_t as(const char *);
> static ssize_t node(ssize_t, ...);
> -static void emit(ssize_t);
> +static void emit(ssize_t, int);
> static void emit_macro(int, ssize_t);
> static void free_tree(void);
> static ssize_t numnode(int);
> @@ -175,7 +175,7 @@ program : /* empty */
>
> input_item : semicolon_list NEWLINE
> {
> - emit($1);
> + emit($1, 0);
> macro_char = reset_macro_char;
> putchar('\n');
> free_tree();
> @@ -803,12 +803,17 @@ node(ssize_t arg, ...)
> }
>
> static void
> -emit(ssize_t i)
> +emit(ssize_t i, int level)
> {
> - if (instructions[i].index >= 0)
> - while (instructions[i].index != END_NODE)
> - emit(instructions[i++].index);
> - else
> + if (level > 1000)
> + errx(1, "internal error: tree level > 1000");
> + if (instructions[i].index >= 0) {
> + while (instructions[i].index != END_NODE &&
> + instructions[i].index != i) {
> + emit(instructions[i].index, level + 1);
> + i++;
> + }
> + } else if (instructions[i].index != END_NODE)
> fputs(instructions[i].u.cstr, stdout);
> }
>
> @@ -816,7 +821,7 @@ static void
> emit_macro(int node, ssize_t code)
> {
> putchar('[');
> - emit(code);
> + emit(code, 0);
> printf("]s%s\n", instructions[node].u.cstr);
> nesting--;
> }
> @@ -951,7 +956,7 @@ yyerror(char *s)
> !isprint((unsigned char)yytext[0]))
> n = asprintf(&str,
> "%s: %s:%d: %s: ascii char 0x%02x unexpected",
> - __progname, filename, lineno, s, yytext[0]);
> + __progname, filename, lineno, s, yytext[0] & 0xff);
> else
> n = asprintf(&str, "%s: %s:%d: %s: %s unexpected",
> __progname, filename, lineno, s, yytext);
>
--
pledge monop(6)
Hi!
pledge right at the top to rpath to read the cardfiles at the beginning,
and wpath cpath to write the save game at any time of the game. Also a KNF.
Index: monop.c
===
RCS file: /cvs/src/games/monop/monop.c,v
retrieving revision 1.13
diff -u -p -u -r1.13 monop.c
--- monop.c 22 Aug 2015 14:47:41 - 1.13
+++ monop.c 20 Nov 2015 19:02:05 -
@@ -48,8 +48,12 @@ main(ac, av)
char*av[];
{
num_luck = sizeof lucky_mes / sizeof (char *);
+
+ if (pledge("stdio rpath wpath cpath", NULL) == -1)
+ err(1, "pledge");
+
init_decks();
- init_monops();
+ init_monops();
if (ac > 1) {
if (!rest_f(av[1]))
restore();
Re: serious watchdog timeout issues with em driver
On Fri, Nov 20, 2015 at 12:37 PM, Mark Kettenis wrote: > Thanks Martin. All is fine now. System booted with no errors and no watchdog timeouts. Thanks to all. Chris
Add V4L2_FMT_FLAG_EMULATED to videoio.h
I would like to add V4L2_FMT_FLAG_EMULATED to sys/videoio.h as libv4l
(https://github.com/jasperla/openbsd-wip/tree/master/multimedia/libv4l)
returns the flag for emulated (i.e., not natively supported by your
webcam) video formats. In turn some userspace applications (like the SIP
user-agent baresip) look for this flag as well.
OK?
Best regards,
Ingo
Index: videoio.h
===
RCS file: /cvs/src/sys/sys/videoio.h,v
retrieving revision 1.8
diff -u -p -r1.8 videoio.h
--- videoio.h 23 Oct 2014 07:34:48 - 1.8
+++ videoio.h 20 Nov 2015 19:02:10 -
@@ -360,6 +360,7 @@ struct v4l2_fmtdesc {
};
#define V4L2_FMT_FLAG_COMPRESSED 0x0001
+#define V4L2_FMT_FLAG_EMULATED 0x0002
/*
* F R A M E S I Z E E N U M E R A T I O N
Re: trunk vs busy ports
On Fri, Nov 20, 2015 at 9:00 AM, Reyk Floeter wrote: > On Fri, Nov 20, 2015 at 11:27:05PM +1000, David Gwynne wrote: > > > > > On 20 Nov 2015, at 11:23 PM, Reyk Floeter wrote: > > > > > > On Fri, Nov 20, 2015 at 03:36:40PM +1000, David Gwynne wrote: > > >> IFF_OACTIVE means the hardware ring is full, not if it is busy. > > >> > > >> perhaps a better check is to see whether there are pending packets > > >> on the send queue? > > >> > > >> i could also argue we dont need the check at all, but this is less > > >> of a semantic change. > > >> > > >> ok? > > >> > > > > > > OK > > > > > > I added this check in the initial commit of trunk(4) more than 10 > > > years ago. I don't remember a particular reason - there wasn't even a > > > production use yet. I initially wrote trunk to use it for failover on > > > some firewalls, but it was not going into production before it was > > > committed to OpenBSD. > > > > > > So the reason for the flag might just be a historical one: back in the > > > days, I heard that 10 years is a long time in IT, there was not much > > > reference about implementing such a "cloner" correctly. I must have > > > looked at vlan(4) or bridge(4) and decided that it was the way to do. > > > I mean, before mpi@, working in the network stack was tough and very > > > different: you didn't ask, never refered to any documentation, just > > > relied on the traditions and repeated what was done by the BSD heroes > > > in the past. > > > > thats exactly right. please dont take this as an accusation of > negligence, this is just mopping up some of that inherited code. > > > > im upset about my own use of IFQ_POLL() in a bunch of my own drivers, > but really i am only guilty of what you described above too. ie, we're not > guilty, we were just following best practices at the time. > > > > Hehe, i'm not feeling accused. I think it is a lot of fun to see all > the progress and cleanup happening. I just wanted to tell a story ... > and to point out that some of the obvious mistakes of the past weren't > so obvious to us back then. > > > how would you feel if i simply removed the check? > > > > fine! > > Reyk > > > >> Index: if_trunk.c > > >> === > > >> RCS file: /cvs/src/sys/net/if_trunk.c,v > > >> retrieving revision 1.124 > > >> diff -u -p -r1.124 if_trunk.c > > >> --- if_trunk.c 20 Nov 2015 05:33:54 - 1.124 > > >> +++ if_trunk.c 20 Nov 2015 05:35:07 - > > >> @@ -296,7 +296,7 @@ trunk_port_create(struct trunk_softc *tr > > >>return (ENOSPC); > > >> > > >>/* New trunk port has to be in an idle state */ > > >> - if (ifp->if_flags & IFF_OACTIVE) > > >> + if (!ifq_empty(&ifp->if_snd)) > > >>return (EBUSY); > > >> > > >>/* Check if port has already been associated to a trunk */ > > > > > > -- > > > > -- > > I have a trunk usage currently, and when the trunk is created, the first data to go through suffer a very high latency. After less than 5 seconds, everything runs smoothly (same latency as each link) Could it be related ? -- - () ascii ribbon campaign - against html e-mail /\
pledge for nsd
Tested with and without zone transfers, forced writing of zones to
disk and adding and removing zones at run time.
Is the order of pledges in main() correct?
OK?
diff --git nsd.c nsd.c
index 2420a65..d2084b7 100644
--- nsd.c
+++ nsd.c
@@ -,6 +,11 @@ main(int argc, char *argv[])
nsd.username));
}
#endif /* HAVE_GETPWNAM */
+
+ if (pledge("stdio rpath wpath cpath dns inet proc", NULL) == -1)
+ error("pledge");
+
+
xfrd_make_tempdir(&nsd);
#ifdef USE_ZONE_STATS
options_zonestatnames_create(nsd.options);
diff --git server.c server.c
index 9ac2687..1309316 100644
--- server.c
+++ server.c
@@ -301,6 +301,12 @@ restart_child_servers(struct nsd *nsd, region_type*
region, netio_type* netio,
/* the child need not be able to access the
* nsd.db file */
namedb_close_udb(nsd->db);
+
+ if (pledge("stdio rpath inet", NULL) == -1) {
+ log_msg(LOG_ERR, "pledge");
+ exit(1);
+ }
+
nsd->pid = 0;
nsd->child_count = 0;
nsd->server_kind = nsd->children[i].kind;
--
I'm not entirely sure you are real.
[patch] cwm: Preserve stacking order during cycling
Hi,
After cycling through many windows, the original window may be
obscured by many others, and if you still want to see its
contents you end up doing the Alt-Tab-Tab-Tab-Tab-Tab, Alt-Tab,
Alt-Tab dance.
This patch adds restacking of windows during cycling. Hold Alt,
press Tab and a window will be raised. Press Tab again while
still holding Alt and that window will be lowered back before
another is raised. Once you release Alt, the original window
will be hidden behind no more than one other (the target),
assuming it was raised before.
What do you think?
Vadik.
--
Nondeterminism means never having to say you are wrong.
? cwm-incresize.diff
? p
Index: calmwm.h
===
RCS file: /cvs/xenocara/app/cwm/calmwm.h,v
retrieving revision 1.311
diff -u -r1.311 calmwm.h
--- calmwm.h 12 Nov 2015 21:28:03 - 1.311
+++ calmwm.h 21 Nov 2015 00:12:09 -
@@ -62,6 +62,8 @@
#define CWM_CLIENT_RCYCLE 0x0002
#define CWM_CLIENT_CYCLE_INGRP 0x0004
+#define CWM_CLIENT_RESTACK_GRP 0x0001
+
#define CWM_CLIENT_TILE_HORIZ 0x0001
#define CWM_CLIENT_TILE_VERT 0x0002
@@ -385,6 +387,7 @@
void client_applysizehints(struct client_ctx *);
void client_config(struct client_ctx *);
struct client_ctx *client_current(void);
+void client_restack(struct client_ctx_q *, int);
void client_cycle(struct screen_ctx *, int);
void client_cycle_leave(struct screen_ctx *);
void client_delete(struct client_ctx *);
Index: client.c
===
RCS file: /cvs/xenocara/app/cwm/client.c,v
retrieving revision 1.214
diff -u -r1.214 client.c
--- client.c 12 Nov 2015 18:33:30 - 1.214
+++ client.c 21 Nov 2015 00:12:09 -
@@ -664,6 +664,50 @@
}
void
+client_restack(struct client_ctx_q *clientq, int flags)
+{
+#define CLIENTQ_FOREACH(var, head, ingrp)\
+ for((var) = TAILQ_FIRST(head); \
+ (var) != TAILQ_END(head); \
+ (var) = (ingrp) ? \
+ TAILQ_NEXT(var, group_entry) : TAILQ_NEXT(var, entry))
+ struct client_ctx *cc;
+ Window *winlist;
+ int i, lastempty = -1;
+ int nwins = 0, highstack = 0;
+
+ CLIENTQ_FOREACH(cc, clientq, flags & CWM_CLIENT_RESTACK_GRP) {
+ if (cc->flags & CLIENT_HIDDEN)
+ continue;
+ if (cc->stackingorder > highstack)
+ highstack = cc->stackingorder;
+ }
+ winlist = xreallocarray(NULL, (highstack + 1), sizeof(*winlist));
+
+ /* Invert the stacking order for XRestackWindows(). */
+ CLIENTQ_FOREACH(cc, clientq, flags & CWM_CLIENT_RESTACK_GRP) {
+ if (cc->flags & CLIENT_HIDDEN)
+ continue;
+ winlist[highstack - cc->stackingorder] = cc->win;
+ nwins++;
+ }
+
+ /* Un-sparseify */
+ for (i = 0; i <= highstack; i++) {
+ if (!winlist[i] && lastempty == -1)
+ lastempty = i;
+ else if (winlist[i] && lastempty != -1) {
+ winlist[lastempty] = winlist[i];
+ if (++lastempty == i)
+lastempty = -1;
+ }
+ }
+
+ XRestackWindows(X_Dpy, winlist, nwins);
+ free(winlist);
+}
+
+void
client_cycle(struct screen_ctx *sc, int flags)
{
struct client_ctx *newcc, *oldcc;
@@ -704,9 +748,15 @@
}
}
- /* reset when cycling mod is released. XXX I hate this hack */
- sc->cycling = 1;
client_ptrsave(oldcc);
+ if (!sc->cycling) {
+ /* reset when cycling mod is released. XXX I hate this hack */
+ sc->cycling = 1;
+ screen_updatestackingorder(sc);
+ } else {
+ client_restack(&sc->clientq, (flags & CWM_CLIENT_CYCLE_INGRP) ?
+ CWM_CLIENT_RESTACK_GRP : 0);
+ }
client_ptrwarp(newcc);
}
Index: group.c
===
RCS file: /cvs/xenocara/app/cwm/group.c,v
retrieving revision 1.121
diff -u -r1.121 group.c
--- group.c 10 Nov 2015 20:05:33 - 1.121
+++ group.c 21 Nov 2015 00:12:09 -
@@ -34,7 +34,6 @@
static struct group_ctx *group_next(struct group_ctx *);
static struct group_ctx *group_prev(struct group_ctx *);
-static void group_restack(struct group_ctx *);
static void group_setactive(struct group_ctx *);
const char *num_to_name[] = {
@@ -82,43 +81,8 @@
client_unhide(cc);
}
- group_restack(gc);
+ client_restack(&gc->clientq, CWM_CLIENT_RESTACK_GRP);
group_setactive(gc);
-}
-
-static void
-group_restack(struct group_ctx *gc)
-{
- struct client_ctx *cc;
- Window *winlist;
- int i, lastempty = -1;
- int nwins = 0, highstack = 0;
-
- TAILQ_FOREACH(cc, &gc->clientq, group_entry) {
- if (cc->stackingorder > highstack)
- highstack = cc->stackingorder;
- }
- winlist = xreallocarray(NULL, (highstack + 1), sizeof(*winlist));
-
- /* Invert the stacking order for XRestackWindows(). */
- TAILQ_FOREACH(cc, &gc->clientq, group_entry) {
- winlist[highstack - cc->stackingorder] = cc->win;
- nwins++;
- }
-
- /* Un-sparseify */
- for (i = 0; i <= highstack; i++) {
- if (!winlist[i] && lastempty == -1)
- lastempty = i;
- else if (winlist[i] && lastempty != -1) {
- winlist[lastempty] = winlist[i];
- if (++lastempty == i)
-lastempty = -1;
- }
- }
-
- X
Re: sunfire v120 gem interfaces
On Fri, Nov 13, 2015 at 12:36:40PM +1000, David Gwynne wrote: > > > On 13 Nov 2015, at 12:16, Ryan Freeman wrote: > > > > On Tue, Nov 10, 2015 at 08:27:36PM +1000, David Gwynne wrote: > >> any joy? i mean, failure? > > > > Well I got something different. I've noticed the failures only seem to > > happen > > when my roommates arrive home. I can use my stuff remotely all day from > > work > > without a hitch, roommates come home and usually within an hr there is an > > internet complaint. > > > > Since I started using the little scripts to detect connection failure > > and down/up the iface in question, things had been pretty good simply in the > > fact that nobody could really notice before it fixed itself. > > > > Today the machine dropped to ddb>! of course i couldn't remember a damn > > thing to type :( i got trace, terribly sorry it wasn't more... > > > > ddb> trace > > extent_free(400012600c0, 0, 0, 0, 1fef078, 800012fa) at > > extent_free > > +0x174 > > iommu_dvmamap_unload(40001266300, 0, 4000129f080, 0, 0, 2) at > > iommu_dvmamap_unl > > oad+0x74 > > gem_rint(400014ac000, 40016ff, 7fff, e0017c48, 4000, > > 80 > > 00) at gem_rint+0x160 > > gem_intr(400014ac000, c00ca000, 2000, 0, 0, 8000) at gem_intr+0x154 > > intr_handler(e0017ec8, 4000117ae00, 4bca3020, 0, 800, 2) at intr_handler+0xc > > sparc_interrupt(0, 400014b, 80206910, 400171b7c60, 40009ec0810, 0) at > > sparc > > _interrupt+0x298 > > gem_ioctl(400014ac048, 400014ac000, 400171b7c60, 400171b7c60, 0, > > 40009b73c10) a > > t gem_ioctl+0x19c > > ifioctl(0, 80206910, 400171b7c60, 40009b73c10, 1012d74, 0) at ifioctl+0x38c > > sys_ioctl(0, 400171b7db8, 400171b7df8, 0, 0, 14b) at sys_ioctl+0x190 > > syscall(400171b7ed0, 436, bec8920888, bec892088c, 0, 0) at syscall+0x3c4 > > softtrap(3, 80206910, fffe3018, 0, 0, 1ff7fff6df8) at softtrap+0x19c > > ddb> > > that is interesting. if you're still in ddb, can you go sh panic? > > if not, not biggy. > > my gut feeling is our ring accounting is wonky. mpi@ and jmatthew@ have > tweaks to gem(4) for mpsafety which might fix this. ill poke them to see if > they would share. I scraped some more stuff from another panic, not running w/ the jmatthew patch yet though... Connected to /dev/cuaU0 (speed 9600) ddb> trace extent_free(400012600c0, 0, 0, 0, 1fef078, 86fc) at extent_free +0x174 iommu_dvmamap_unload(40001266300, 0, 4000129f080, 0, 0, 2) at iommu_dvmamap_unl oad+0x74 gem_rint(400014ac000, 40016ff, 7fff, e0017c48, 4000, 80 00) at gem_rint+0x160 gem_intr(400014ac000, c005, 2000, 0, 0, 8000) at gem_intr+0x154 intr_handler(e0017ec8, 4000117ae00, 1b5e78e1, 0, 800, 2) at intr_handler+0xc sparc_interrupt(0, 400014b, 80206910, 40017d87c60, 40009f34cb0, 0) at sparc _interrupt+0x298 gem_ioctl(400014ac048, 400014ac000, 40017d87c60, 40017d87c60, 0, 400096ca950) a t gem_ioctl+0x19c ifioctl(0, 80206910, 40017d87c60, 400096ca950, 1012d74, 0) at ifioctl+0x38c sys_ioctl(0, 40017d87db8, 40017d87df8, 0, 0, 14b) at sys_ioctl+0x190 syscall(40017d87ed0, 436, 198ac20888, 198ac2088c, 0, 0) at syscall+0x3c4 softtrap(3, 80206910, fffd8138, 0, 0, 1ff7fff6df8) at softtrap+0x19c ddb> sh panic extent_free: extent `psycho0 dvma', region not within extent ddb> ps PID PPID PGRPUID S FLAGS WAIT COMMAND *22395 2599 32097 0 7 0x2ifconfig 2599 32097 32097 0 30x8a pause sh 32097 1585 32097 0 30x8a pause sh 1585 27132 27132 0 30x80 piperdcron 21846 1 21846 77 20x90dhclient 13160 1 13160 0 30x80 poll dhclient 5578 7747 5578 1000 30x83 ttyin ksh 7747 16002 16002 1000 30x90 selectsshd 16002 28625 16002 0 30x92 poll sshd 4106195195 0 30x83 poll pftop 195 24715195 1000 30x8b pause ksh 24715 5976 5976 1000 30x90 selectsshd 5976 28625 5976 0 30x92 poll sshd 28625 1 28625 0 30x80 selectsshd 29463 19386 29463 1000 30x83 kqreadtail 19386 24409 19386 1000 30x8b pause ksh 24409 7564 7564 1000 30x90 selectsshd 7564 1 7564 0 30x92 poll sshd
Re: [patch] tail(1) follow multiple files
This is broken: $ echo moo | tail -c +2 >From an older working system: $ echo moo | tail -c +2 oo Noticed while trying to package /usr/ports/sysutils/firmware/ulpt.
Re: [patch] tail(1) follow multiple files
Stuart Henderson wrote: > This is broken: > > $ echo moo | tail -c +2 > > > From an older working system: > > $ echo moo | tail -c +2 > oo yes, same as the case with lines which i hack/fixed. martijn sent me a patch, pending review.
Re: [patch] fortune(6): fix missing negative in manpage
On Thu, Nov 19, 2015 at 08:10:08AM -0800, Serguey Parkhomovsky wrote: > If you are willing to be offended, then quit using -o? It should be the > opposite. > > Index: fortune.6 > === > RCS file: /cvs/src/games/fortune/fortune/fortune.6,v > retrieving revision 1.14 > diff -u -p -r1.14 fortune.6 > --- fortune.6 25 Sep 2015 17:37:23 - 1.14 > +++ fortune.6 19 Nov 2015 15:46:46 - > @@ -86,7 +86,7 @@ Choose only from potentially offensive a > Please, please, please request a potentially offensive fortune if and > only if you believe, deep down in your heart, that you are willing > to be offended. > -(And that if you are, you'll just quit using > +(And that if you aren't, you'll just quit using > .Fl o > rather than give us > grief about it, okay?) > just to follow up... i discussed this with serguey and pjanzen and we've agreed to leave as-is. it was really a misunderstanding of the text. there is a possible ambiguity, but it wouldn;t really make sense. jmc
