Re: doas: adjust yyerror() output

[Philip Guenther]

On Tue, Apr 26, 2016 at 8:06 PM, Ted Unangst  wrote:
> Gleydson Soares wrote:
>> > what about just printing "doas: "?
>>
>> I prefer not hardcoded string, although I've committed as you pointed out,
>
> getprogname() doesn't seem any more portable than __progname, which is the
> classic means of doing this. It's useful in cases where a program may have
> more than one name, or be called via alias, or what have you. As evidenced by
> the fact that a million programs use it. But...

This is lateral to your main point, but:

IMNSHO, getprogname() should be preferred over __progname, as
functional references can be make relocatable by the tool chain more
easily than data references: __progname results in a copy relocation
(boo hiss) in non-PIE executables.

(That's a general rule for new library interfaces: they should provide
functional interfaces only and never direct data references.)


Philip Guenther

Re: doas: adjust yyerror() output

[Ted Unangst]

Gleydson Soares wrote:
> > what about just printing "doas: "?
> 
> I prefer not hardcoded string, although I've committed as you pointed out,

getprogname() doesn't seem any more portable than __progname, which is the
classic means of doing this. It's useful in cases where a program may have
more than one name, or be called via alias, or what have you. As evidenced by
the fact that a million programs use it. But...

Upon some reflection (some time ago, but not too long), I came to the
conclusion that this was an example of a best practice being over practiced
without regard to the rationale that recommends its use. Some of these strings
will never change. There is no gain in making them "portable" or "reusable".

(The man page for getprogname even happens to comment that setuid programs,
which includes doas, must be extra careful because they do not control the
string's contents. In your diff, it was safe, but a trivial modification that
attempted to build a larger string would have a vulnerability. We avoid such
mistakes in part by not doing potentially dangerous things even when safe.)

Re: doas: adjust yyerror() output

[Gleydson Soares]

> what about just printing "doas: "?

I prefer not hardcoded string, although I've committed as you pointed out,

Re: anti-ROP mechanism in libc

[Vadim Zhukov]

26 Apr. 2016 19:58 "Theo de Raadt"  wrote:
>
> Here is a new version that does a more comprehensive test of the new
> libc.so before installing it, and uses install -S
>
> Index: etc/rc
> ===
> RCS file: /cvs/src/etc/rc,v
> retrieving revision 1.474
> diff -u -p -u -r1.474 rc
> --- etc/rc  29 Dec 2015 19:41:24 -  1.474
> +++ etc/rc  26 Apr 2016 11:56:46 -
> @@ -158,6 +158,35 @@ make_keys() {
> ssh-keygen -A
>  }
>
> +rebuildlibs() {
> +   local _l _liba _libas _tmpdir
> +
> +   # Only choose newest
> +   for _liba in /usr/lib/libc.so.*.a; do
> +   _liba=$(ls ${_liba%%.[0-9]*}*.a | sort -n | tail -1)
> +   for _l in $_libas; do
> +   [[ $_l == $_liba ]] && continue 2
> +   done
> +   _libas="$_libas $_liba"
> +   done

I'm afraid sort -n would not behave the way you probably think:

$ (echo 10.2; echo 10.10; echo 10.50) | sort -n
10.10
10.2
10.50

Also, you code does something strange, because $_liba will be always the
same thing in the loop.

> +   for _liba in $_libas; do
> +   _tmpdir=$(mktemp -dq /tmp/_librebuild.) || return
> +   (
> +   set -o errexit
> +   _lib=${_liba#/usr/lib/}
> +   _lib=${_lib%.a}
> +   cd $_tmpdir
> +   ar x ${_liba}
> +   cc -shared -o $_lib $(ls *.so | sort -R) $(cat .ldadd)
> +   [[ -s $_lib ]] && file $_lib | fgrep -q 'shared 
> object'
> +   LD_BIND_NOW=1 LD_LIBRARY_PATH=$_tmpdir awk 'BEGIN 
> {exit 0}'
> +   install -S -o root -g bin -m 0444 $_lib /usr/lib/$_lib
> +   )
> +   rm -rf /tmp/_librebuild.${_tmpdir#*.}
> +   done
> +}

So I propose something like that instead:

find_newest() {
set -x
local _l _ls _bestmaj _bestmin _maj _min

for _l in /usr/lib/lib$1.so.+([0-9]).+([0-9]); do
_ls=${_l%.*}
_maj=${_ls##*.}
_min=${_l##*.}
if [ _maj -gt _bestmaj -o \
 _maj -eq _bestmaj -a _min -gt _bestmin ]; then
_bestmaj=$_maj
_bestmin=$_min
fi
done
if [ -n $_bestmaj ]; then
echo $_bestmaj.$_bestmin
else
return 1
fi
}

rebuildlibs() {
local _lib _tmpdir _v

_v=$(find_newest c) || return
_lib=libc.so.$_v
_tmpdir=$(mktemp -dq /tmp/_librebuild.) || return
(
set -o errexit
cd $_tmpdir
ar x ${_lib}.a
cc -shared -o $_lib $(ls *.so | sort -R) $(cat .ldadd)
[[ -s $_lib ]] && file $_lib | fgrep -q 'shared object'
LD_BIND_NOW=1 LD_LIBRARY_PATH=$_tmpdir awk 'BEGIN {exit 0}'
install -S -o root -g bin -m 0444 $_lib /usr/lib/$_lib
)
}

--
WBR,
  Vadim Zhukov

BISTRO AT THE OLD FORT INN wins 2016 customer satisfaction award!

[Customer Care]

View this email with images.

2016 CUSTOMER SERVICE REPORT RESULTS Call Today! 866-732-9800


WE IDENTIFY OUTSTANDING BUSINESSES

[IMAGE]


BISTRO AT THE OLD FORT INN IS BEING HONORED AS A WINNER OF THE 2016
SPECTRUM AWARD FOR SERVICE EXCELLENCE!


Congratulations are in order to you and your team at BISTRO AT THE OLD
FORT INN for winning the Spectrum Award and earning a 5 star rating!

Our mission is to support businesses that provide excellence in customer
satisfaction. We award and give voice to those exceptional companies.
Spectrum Award Winners are rated using our exclusive research and
proprietary algorithm. This allows us to provide independent ratings that
remove bias and uniquely recognize businesses providing exceptional
customer experiences.

View your 2016 Customer Satisfaction Rating online at
awards.citybeatnews.com

or

CLICK HERE

Cheers!

Frequently Asked Questions

-The City Beat News Team

[IMAGE]


[IMAGE]

SHARE the
GOOD NEWS

[IMAGE]

Start reaping the benefits of your elite, award-winning status. Refer
customers and leads to your Star Page, which provides you with the
third-party credibility you’ve earned and assures them that they are
making the right choice in you. Don't forget to share the good news on
your social media sites!

View your Star Page by clicking on the link below or copy and paste the
following URL into your 
browser:https://awards.citybeatnews.com/58120682466/YOUNGSTOWN-NY-BISTRO-AT-THE-OLD-FORT-INN



UNDERSTANDING
 the SPECTRUM AWARD 

[IMAGE]

  * The  point: Your customers are highly satisfied.

  * An annual rating, not like a consumer review site

  * One easily understood rating number

  * Independently researched, unbiased report

  * Your dedication and hard word deserves recognition!




BENEFITS for AWARD WINNERS

[IMAGE]

  * Immediate third-party credibility

  * Improve Brand Recognition

  * Improve SEO

  * Reassure Customers

  * Empower Employees



ORDER YOUR AWARD MATERIALS TODAY!

[IMAGE]

When you need it most, awards can make the difference. Your team will
thank you for providing them with the tools they need to make your
business prosper.

CONTACT US TODAY AT 866-732-9800 TO LEARN MORE

WWW.CITYBEATNEWS.COM

[IMAGE][IMAGE][IMAGE]

[IMAGE]

About Us

Marketing Services

 The Stirling Alliance

About the Award

© City Beat News, Success Max, LLC, 121 W. Nepessing St., Lapeer, MI
48446
 T: 866.732.9800 | E: customerc...@citybeatnews.com

We intend to provide businesses with useful information in our emails. 
We hope you enjoy learning of your award status and how you can benefit
from it. However, if you do not wish to receive e-mail messages from City
Beat News, click unsubscribe.

Start reaping the benefits of your elite, award-winning status. Refer
customers and leads to your Star Page on our website, which provides you
with the third-party credibility you’ve earned and assures them that are
making the right choice in you. View your Star Page [insert URL here].

Start reaping the benefits of your elite, award-winning status. Refer
customers and leads to your Star Page on our website, which provides you
with the third-party credibility you’ve earned and assures them that are
making the right choice in you. View your Star Page [insert URL here].

· The Spectrum Award is to the point: your customers are highly
satisfied.

· An annual rating, not like a consumer review site

· One simple, easily understood rating number

· Independently researched, unbiased report

· The Spectrum Award is to the point: your customers are highly
satisfied.

· An annual rating, not like a consumer review site

· One simple, easily understood rating number

· Independently researched, unbiased report

· The Spectrum Award is to the point: your customers are highly
satisfied.

· An annual rating, not like a consumer review site

· One simple, easily understood rating number

· Independently researched, unbiased report

· The Spectrum Award is to the point: your customers are highly
satisfied.

· An annual rating, not like a consumer review site

· One simple, easily understood rating number

· Independently researched, unbiased report

· Immediate third-party credibility

· Improve Brand Recognition

· Improve SEO

· Reassure Customers

· Empower Employees

Re: Moving away from softnet interrupts

[Janne Johansson]

2016-04-25 9:59 GMT+02:00 Martin Pieuchot :

> > > The current goal of the Network SMP effort is to have a single CPU
> > > process the IP forwarding path in a process context without holding
> > > the KERNEL_LOCK().  To achieve this goal we're progressively moving
> > > code from the softnet interrupt context to the if_input_task.  In
> > > the end we'll completely get rid of this soft-interrupt.
> > >
> > > So now would be a good time to know if moving all the code currently
> > > run in a soft-interrupt context to a task uncovers any bug.  I'm
> > > happily running the diff below on amd64 and macppc, it even gives me
> > > a small performance boost.
> > >
> > > I'd appreciate more tests especially on exotic archs.
>
>
> I'm still looking for reports on different architectures.
>
>
I ran this overnight on my edgerouter lite, it has survived a few cvs-up's
and building a kernel over NFS.
So octeon doesn't seem to mind the patch.

-- 
May the most significant bit of your life be positive.

longjmp without sigreturn on sparc64

[Mark Kettenis]

Diff below simplifies setjmp(3) and longjmp(3) on sparc64 by not using
sigreturn(2).  This basically uses the logic from _setjmp(3) and
_longjmp(3) to save and restore the state (but additionally saves and
restores the signal mask).  I believe this may make us lose the
capability to longjmp() out of a signal handler when running on an
alternate stack.  But that shouldn't be a big issue since on amd64 we
don't go through extra hoops to support that either.

The setjmp regression tests still pass with this, except for the
setjmp-fpu test which already fails on sparc64 (and amd64).

ok?


Index: libc/arch/sparc64/gen/setjmp.S
===
RCS file: /cvs/src/lib/libc/arch/sparc64/gen/setjmp.S,v
retrieving revision 1.5
diff -u -p -r1.5 setjmp.S
--- libc/arch/sparc64/gen/setjmp.S  29 Jan 2004 18:56:14 -  1.5
+++ libc/arch/sparc64/gen/setjmp.S  26 Apr 2016 13:00:51 -
@@ -34,9 +34,7 @@
  * SUCH DAMAGE.
  */
 
-#define _LOCORE
 #include 
-#include 
 
 /*
  * C library -- setjmp, longjmp
@@ -45,71 +43,39 @@
  * will generate a "return(v)" from
  * the last call to
  * setjmp(a)
- * by restoring registers from the stack,
- * and a struct sigcontext, see 
+ * by restoring the previous context.
+ * The previous signal state is restored.
  */
 
 #include "SYS.h"
 
 #define STACK_T_SZ
 ENTRY(setjmp)
-   /*
-* We use the part of the sigcontext structure, the sp, pc, and npc
-* fields, for the sigaltstack call so we don't need to get our own
-* stackframe. It won't be filled out till later anyway.
-*/
mov %o0, %o3/* Save our jmp_buf in %o3 */
 
-   stx %sp, [%o3 + 0x08]   /* sc.sc_sp = sp (both ours and 
caller's) */
-   add %o7, 8, %o0
-   stx %o0, [%o3 + 0x10]   /* sc.sc_pc = return_pc */
-   add %o7, 12, %o0
-   stx %o0, [%o3 + 0x18]   /* sc.sc_npc = return_pc + 4 */
-   stx %g0, [%o3 + 0x20]   /* sc.sc_psr = (clean psr) */
-   stx %fp, [%o3 + 0x28]   /* sc.sc_g1 = %fp (misuse, but what the 
heck) */
-   /* sc.sc_o0 = random(), set in longjmp 
*/
-
mov 1, %o0  /* SIG_BLOCK */
-   mov SYS_sigprocmask, %g1
+   mov SYS_sigprocmask, %g1
clr %o1 /* sigprocmask(SIG_BLOCK, 0) */
t   ST_SYSCALL
+   stx %o0, [%o3 + 0x10]
 
-   st  %o0, [%o3 + 0x38]   /* sc.sc_mask = current mask; */
-
-   mov SYS_sigaltstack, %g1
-   clr %o0 /* sigaltstack(NULL, ) */
-   add %o3, 0x40, %o1  /* (foo being the sigcontext sc_mask) */
-   t   ST_SYSCALL
-   
-   lduw[%o3 + 0x40+0x10], %o0  /* foo.ss_flags */
-   and %o0, 1, %o1 /* onstack = foo.ss_flags & 1; */
-   st  %o1, [%o3 + 0x00]   /* sc.sc_onstack = current onstack; */
-
-   retl/* return 0 */
-clr%o0
+   stx %sp, [%o3 + 0x00]   /* store caller's stack pointer */
+   stx %o7, [%o3 + 0x08]   /* ... and return pc */
+   retl
+clr%o0 /* return 0 */
 
-/*
- * All we need to do here is force sigreturn to load a new stack pointer,
- * new , and appropriate %o0 return value from the sigcontext built
- * in setjmp.  The %i and %l registers will be reloaded from the place to
- * which %sp points, due to sigreturn() semantics (sigreturn does not modify
- * the window pointer in the psr, hence it must force all windows to reload).
- */
 ENTRY(longjmp)
save%sp, -CC64FSZ, %sp
-   ldx [%i0 + 0x08], %o2   /* make sure sc->sc_sp, sc->sc_fp 
nonzero */
-   ldx [%i0 + 0x28], %o3
-   orcc%o2, %o3, %g0
-   bz,pn   %xcc, Lbotch
-nop
-   movrz   %i1, 1, %i1 /* if (v == 0) v = 1; */
-   st  %i1, [%i0 + 0x34]   /* sc.sc_o0 = v; */
-   mov SYS_sigreturn, %g1
-   mov %i0, %o0
-   t   ST_SYSCALL  /* sigreturn(scp); */
-
-Lbotch:
-   /* oops, caller botched it */
-   call_C_LABEL(longjmperror)
-nop
-   unimp   0
+   flushw
+   
+   mov 3, %o0  /* SIG_SETMASK */
+   ldx [%i0 + 0x10], %o1
+   mov SYS_sigprocmask, %g1
+   t   ST_SYSCALL
+   
+   ldx [%i0 + 0x00], %fp
+   ldx [%i0 + 0x08], %i7
+   mov 1, %i0
+   movrnz  %i1, %i1, %i0   ! compute v ? v : 1
+   ret
+restore

Re: anti-ROP mechanism in libc

[Theo de Raadt]

Here is a new version that does a more comprehensive test of the new
libc.so before installing it, and uses install -S

Index: etc/rc
===
RCS file: /cvs/src/etc/rc,v
retrieving revision 1.474
diff -u -p -u -r1.474 rc
--- etc/rc  29 Dec 2015 19:41:24 -  1.474
+++ etc/rc  26 Apr 2016 11:56:46 -
@@ -158,6 +158,35 @@ make_keys() {
ssh-keygen -A
 }
 
+rebuildlibs() {
+   local _l _liba _libas _tmpdir
+
+   # Only choose newest
+   for _liba in /usr/lib/libc.so.*.a; do
+   _liba=$(ls ${_liba%%.[0-9]*}*.a | sort -n | tail -1)
+   for _l in $_libas; do
+   [[ $_l == $_liba ]] && continue 2
+   done
+   _libas="$_libas $_liba"
+   done
+
+   for _liba in $_libas; do
+   _tmpdir=$(mktemp -dq /tmp/_librebuild.) || return
+   (
+   set -o errexit
+   _lib=${_liba#/usr/lib/}
+   _lib=${_lib%.a}
+   cd $_tmpdir
+   ar x ${_liba}
+   cc -shared -o $_lib $(ls *.so | sort -R) $(cat .ldadd)
+   [[ -s $_lib ]] && file $_lib | fgrep -q 'shared object'
+   LD_BIND_NOW=1 LD_LIBRARY_PATH=$_tmpdir awk 'BEGIN {exit 
0}'
+   install -S -o root -g bin -m 0444 $_lib /usr/lib/$_lib
+   )
+   rm -rf /tmp/_librebuild.${_tmpdir#*.}
+   done
+}
+
 # Check filesystems, optionally by using a fsck(8) flag.
 # Usage: do_fsck [-flag]
 do_fsck() {
@@ -337,6 +366,8 @@ mount -s /usr >/dev/null 2>&1
 mount -s /var >/dev/null 2>&1
 
 random_seed
+
+rebuildlibs
 
 # Clean up left-over files.
 rm -f /etc/nologin /var/spool/lock/LCK.* /var/spool/uucp/STST/*
Index: share/mk/bsd.lib.mk
===
RCS file: /cvs/src/share/mk/bsd.lib.mk,v
retrieving revision 1.74
diff -u -p -u -r1.74 bsd.lib.mk
--- share/mk/bsd.lib.mk 26 Oct 2015 10:43:42 -  1.74
+++ share/mk/bsd.lib.mk 25 Apr 2016 08:58:26 -
@@ -174,6 +174,15 @@ FULLSHLIBNAME=lib${LIB}.so.${SHLIB_MAJOR
 _LIBS+=${FULLSHLIBNAME}
 .endif
 
+.if defined(LIBREBUILD)
+_LIBS+=${FULLSHLIBNAME}.a
+
+.if exists(${.CURDIR}/Symbols.list)
+SYMBOLSMAP=Symbols.map
+.endif
+
+.endif
+
 .if defined(VERSION_SCRIPT)
 ${FULLSHLIBNAME}:  ${VERSION_SCRIPT}
 LDADD+=-Wl,--version-script=${VERSION_SCRIPT}
@@ -209,7 +218,13 @@ ${FULLSHLIBNAME}: ${SOBJS} ${DPADD}
@echo building shared ${LIB} library \(version 
${SHLIB_MAJOR}.${SHLIB_MINOR}\)
@rm -f ${.TARGET}
${CC} -shared ${PICFLAG} -o ${.TARGET} \
-   `${LORDER} ${SOBJS}|tsort -q` ${LDADD}
+   `echo ${SOBJS} | tr ' ' '\n' | sort -R` ${LDADD}
+
+${FULLSHLIBNAME}.a: ${SOBJS}
+   @echo building shared ${LIB} library \(version 
${SHLIB_MAJOR}.${SHLIB_MINOR}\) ar
+   @rm -f ${.TARGET}
+   @echo ${PICFLAG} ${LDADD} > .ldadd
+   ar cq ${FULLSHLIBNAME}.a ${SOBJS} .ldadd ${SYMBOLSMAP}
 
 # all .do files...
 DOBJS+=${OBJS:.o=.do}
@@ -290,6 +305,10 @@ realinstall:
 .if !defined(NOPIC) && defined(SHLIB_MAJOR) && defined(SHLIB_MINOR)
${INSTALL} ${INSTALL_COPY} -S -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
${FULLSHLIBNAME} ${DESTDIR}${LIBDIR}
+.if defined(LIBREBUILD)
+   ${INSTALL} ${INSTALL_COPY} -S -o ${LIBOWN} -g ${LIBGRP} -m ${LIBMODE} \
+   ${FULLSHLIBNAME}.a ${DESTDIR}${LIBDIR}
+.endif
 .endif
 .if defined(LINKS) && !empty(LINKS)
 .  for lnk file in ${LINKS}
Index: lib/libc/Makefile
===
RCS file: /cvs/src/lib/libc/Makefile,v
retrieving revision 1.38
diff -u -p -u -r1.38 Makefile
--- lib/libc/Makefile   10 Nov 2015 04:14:03 -  1.38
+++ lib/libc/Makefile   28 Mar 2016 04:08:34 -
@@ -6,6 +6,7 @@
 .include 
 
 LIB=c
+LIBREBUILD=y
 CLEANFILES+=tags Symbols.map
 CFLAGS+=-Wimplicit
 #CFLAGS+=-Werror
Index: distrib/sets/lists/base/md.alpha
===
RCS file: /cvs/src/distrib/sets/lists/base/md.alpha,v
retrieving revision 1.1097
diff -u -p -u -r1.1097 md.alpha
--- distrib/sets/lists/base/md.alpha26 Apr 2016 05:54:20 -  1.1097
+++ distrib/sets/lists/base/md.alpha26 Apr 2016 07:02:07 -
@@ -61,6 +61,11 @@
 ./sbin/kbd
 ./sbin/mount_ntfs
 ./sbin/wsconsctl
+./usr/lib/gcc-lib/alpha-unknown-openbsd5.9
+./usr/lib/gcc-lib/alpha-unknown-openbsd5.9/4.2.1
+./usr/lib/gcc-lib/alpha-unknown-openbsd5.9/4.2.1/collect2
+./usr/lib/gcc-lib/alpha-unknown-openbsd5.9/4.2.1/libgcc.a
+./usr/lib/gcc-lib/alpha-unknown-openbsd5.9/4.2.1/specs
 ./usr/libdata/perl5/alpha-openbsd
 ./usr/libdata/perl5/alpha-openbsd/5.20.2
 ./usr/libdata/perl5/alpha-openbsd/5.20.2/.packlist
Index: distrib/sets/lists/base/md.amd64
===
RCS 

Re: MP-safe TX for cnmac(4)

[Visa Hankala]

On Tue, Apr 26, 2016 at 05:29:43PM +1000, David Gwynne wrote:
> 
> > On 25 Apr 2016, at 02:13, Visa Hankala  wrote:
> > 
> > This adds MP-safe TX for cnmac(4). OK?
> 
> nearly. see inline.

Here is a new try. ifq_serialize() is just what the code needs. Thanks!
To simplify things a bit, octeon_eth_tick_free() now uses a constant
timeout.

Index: arch/octeon/dev/if_cnmac.c
===
RCS file: src/sys/arch/octeon/dev/if_cnmac.c,v
retrieving revision 1.38
diff -u -p -r1.38 if_cnmac.c
--- arch/octeon/dev/if_cnmac.c  13 Apr 2016 11:34:00 -  1.38
+++ arch/octeon/dev/if_cnmac.c  26 Apr 2016 09:41:49 -
@@ -173,6 +173,7 @@ int octeon_eth_reset(struct octeon_eth_s
 intocteon_eth_configure(struct octeon_eth_softc *);
 intocteon_eth_configure_common(struct octeon_eth_softc *);
 
+void   octeon_eth_free_task(void *);
 void   octeon_eth_tick_free(void *arg);
 void   octeon_eth_tick_misc(void *);
 
@@ -290,6 +291,7 @@ octeon_eth_attach(struct device *parent,
 
cn30xxgmx_stats_init(sc->sc_gmx_port);
 
+   task_set(>sc_free_task, octeon_eth_free_task, sc);
timeout_set(>sc_tick_misc_ch, octeon_eth_tick_misc, sc);
timeout_set(>sc_tick_free_ch, octeon_eth_tick_free, sc);
 
@@ -317,6 +319,7 @@ octeon_eth_attach(struct device *parent,
strncpy(ifp->if_xname, sc->sc_dev.dv_xname, sizeof(ifp->if_xname));
ifp->if_softc = sc;
ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
+   ifp->if_xflags = IFXF_MPSAFE;
ifp->if_ioctl = octeon_eth_ioctl;
ifp->if_start = octeon_eth_start;
ifp->if_watchdog = octeon_eth_watchdog;
@@ -742,7 +745,7 @@ octeon_eth_ioctl(struct ifnet *ifp, u_lo
error = 0;
}
 
-   octeon_eth_start(ifp);
+   if_start(ifp);
 
splx(s);
return (error);
@@ -959,18 +962,17 @@ octeon_eth_start(struct ifnet *ifp)
struct octeon_eth_softc *sc = ifp->if_softc;
struct mbuf *m;
 
+   if (__predict_false(!cn30xxgmx_link_status(sc->sc_gmx_port))) {
+   IFQ_PURGE(>if_snd);
+   return;
+   }
+
/*
 * performance tuning
 * presend iobdma request 
 */
octeon_eth_send_queue_flush_prefetch(sc);
 
-   if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(>if_snd))
-   goto last;
-
-   if (__predict_false(!cn30xxgmx_link_status(sc->sc_gmx_port)))
-   goto last;
-
for (;;) {
octeon_eth_send_queue_flush_fetch(sc); /* XXX */
 
@@ -980,6 +982,7 @@ octeon_eth_start(struct ifnet *ifp)
 * and bail out.
 */
if (octeon_eth_send_queue_is_full(sc)) {
+   ifq_set_oactive(>if_snd);
return;
}
/* XXX */
@@ -1008,7 +1011,6 @@ octeon_eth_start(struct ifnet *ifp)
octeon_eth_send_queue_flush_prefetch(sc);
}
 
-last:
octeon_eth_send_queue_flush_fetch(sc);
 }
 
@@ -1019,13 +1021,14 @@ octeon_eth_watchdog(struct ifnet *ifp)
 
printf("%s: device timeout\n", sc->sc_dev.dv_xname);
 
+   octeon_eth_stop(ifp, 0);
+
octeon_eth_configure(sc);
 
SET(ifp->if_flags, IFF_RUNNING);
-   ifq_clr_oactive(>if_snd);
ifp->if_timer = 0;
 
-   octeon_eth_start(ifp);
+   ifq_restart(>if_snd);
 }
 
 int
@@ -1066,6 +1069,8 @@ octeon_eth_stop(struct ifnet *ifp, int d
 {
struct octeon_eth_softc *sc = ifp->if_softc;
 
+   CLR(ifp->if_flags, IFF_RUNNING);
+
timeout_del(>sc_tick_misc_ch);
timeout_del(>sc_tick_free_ch);
timeout_del(>sc_resume_ch);
@@ -1074,13 +1079,12 @@ octeon_eth_stop(struct ifnet *ifp, int d
 
cn30xxgmx_port_enable(sc->sc_gmx_port, 0);
 
-   /* Mark the interface as down and cancel the watchdog timer. */
-   CLR(ifp->if_flags, IFF_RUNNING);
+   intr_barrier(octeon_eth_pow_recv_ih);
+   ifq_barrier(>if_snd);
+
ifq_clr_oactive(>if_snd);
ifp->if_timer = 0;
 
-   intr_barrier(octeon_eth_pow_recv_ih);
-
return 0;
 }
 
@@ -1361,6 +1365,26 @@ octeon_eth_recv_intr(void *data, uint64_
 
 /*  tick */
 
+void
+octeon_eth_free_task(void *arg)
+{
+   struct octeon_eth_softc *sc = arg;
+   struct ifnet *ifp = >sc_arpcom.ac_if;
+
+   if (ml_len(>sc_sendq) > 0) {
+   octeon_eth_send_queue_flush_prefetch(sc);
+   octeon_eth_send_queue_flush_fetch(sc);
+   octeon_eth_send_queue_flush(sc);
+   }
+
+   if (ifq_is_oactive(>if_snd)) {
+   ifq_clr_oactive(>if_snd);
+   octeon_eth_start(ifp);
+   }
+
+   timeout_add_sec(>sc_tick_free_ch, 1);
+}
+
 /*
  * octeon_eth_tick_free
  *
@@ -1371,25 +1395,9 @@ void
 octeon_eth_tick_free(void *arg)
 {
struct octeon_eth_softc *sc = arg;
-   int timo;
-   int s;
-
-   s = splnet();
-   /* 

Re: openssl: ocsp: needs to pledge "dns" promise

[Bob Beck]

Yes, ok.. ocsp will need dns. 

-Bob


On Tue, Apr 26, 2016 at 11:19:33AM +0200, Sebastien Marie wrote:
> Hi,
> 
> It has been reported to landry and me a pledge problem with the
> following openssl command:
> 
> $ /usr/bin/openssl ocsp -issuer bla.sub+ca -cert bla.crt -url 
> http://ocsp.startssl.com/sub/class2/server/ca -header Host ocsp.startssl.com 
> -respout /tmp/ocsp.rv8rDSvf6f
> abort (core dumped)
> 
> and dmesg:
> openssl(15019): syscall 97 "dns"
> 
> backtrace at https://gist.github.com/kAworu/dc30ead97d3b44b5cabb67b134362820
> 
> After testing, the following diff corrects the problem.
> 
> OK ?
> -- 
> Sebastien Marie
> 
> 
> Index: ocsp.c
> ===
> RCS file: /cvs/src/usr.bin/openssl/ocsp.c,v
> retrieving revision 1.7
> diff -u -p -r1.7 ocsp.c
> --- ocsp.c17 Oct 2015 15:00:11 -  1.7
> +++ ocsp.c26 Apr 2016 09:08:54 -
> @@ -147,7 +147,7 @@ ocsp_main(int argc, char **argv)
>   const char *errstr = NULL;
>  
>   if (single_execution) {
> - if (pledge("stdio inet rpath wpath cpath", NULL) == -1) {
> + if (pledge("stdio inet dns rpath wpath cpath", NULL) == -1) {
>   perror("pledge");
>   exit(1);
>   }
> 

openssl: ocsp: needs to pledge "dns" promise

[Sebastien Marie]

Hi,

It has been reported to landry and me a pledge problem with the
following openssl command:

$ /usr/bin/openssl ocsp -issuer bla.sub+ca -cert bla.crt -url 
http://ocsp.startssl.com/sub/class2/server/ca -header Host ocsp.startssl.com 
-respout /tmp/ocsp.rv8rDSvf6f
abort (core dumped)

and dmesg:
openssl(15019): syscall 97 "dns"

backtrace at https://gist.github.com/kAworu/dc30ead97d3b44b5cabb67b134362820

After testing, the following diff corrects the problem.

OK ?
-- 
Sebastien Marie


Index: ocsp.c
===
RCS file: /cvs/src/usr.bin/openssl/ocsp.c,v
retrieving revision 1.7
diff -u -p -r1.7 ocsp.c
--- ocsp.c  17 Oct 2015 15:00:11 -  1.7
+++ ocsp.c  26 Apr 2016 09:08:54 -
@@ -147,7 +147,7 @@ ocsp_main(int argc, char **argv)
const char *errstr = NULL;
 
if (single_execution) {
-   if (pledge("stdio inet rpath wpath cpath", NULL) == -1) {
+   if (pledge("stdio inet dns rpath wpath cpath", NULL) == -1) {
perror("pledge");
exit(1);
}

Re: MP-safe TX for cnmac(4)

[David Gwynne]

> On 25 Apr 2016, at 02:13, Visa Hankala  wrote:
> 
> This adds MP-safe TX for cnmac(4). OK?

nearly. see inline.

> 
> Index: arch/octeon/dev/if_cnmac.c
> ===
> RCS file: src/sys/arch/octeon/dev/if_cnmac.c,v
> retrieving revision 1.38
> diff -u -p -r1.38 if_cnmac.c
> --- arch/octeon/dev/if_cnmac.c13 Apr 2016 11:34:00 -  1.38
> +++ arch/octeon/dev/if_cnmac.c24 Apr 2016 15:35:04 -
> @@ -285,6 +285,7 @@ octeon_eth_attach(struct device *parent,
>   octeon_eth_gsc[sc->sc_port] = sc;
> 
>   ml_init(>sc_sendq);
> + mtx_init(>sc_sendq_mtx, IPL_NET);

this is unnecessary because the ifq machinery makes sure that the call to the 
drivers start routine is serialised. the driver doesn't have to do it again.

>   sc->sc_soft_req_thresh = 15/* XXX */;
>   sc->sc_ext_callback_cnt = 0;
> 
> @@ -317,6 +318,7 @@ octeon_eth_attach(struct device *parent,
>   strncpy(ifp->if_xname, sc->sc_dev.dv_xname, sizeof(ifp->if_xname));
>   ifp->if_softc = sc;
>   ifp->if_flags = IFF_BROADCAST | IFF_SIMPLEX | IFF_MULTICAST;
> + ifp->if_xflags = IFXF_MPSAFE;
>   ifp->if_ioctl = octeon_eth_ioctl;
>   ifp->if_start = octeon_eth_start;
>   ifp->if_watchdog = octeon_eth_watchdog;
> @@ -742,7 +744,7 @@ octeon_eth_ioctl(struct ifnet *ifp, u_lo
>   error = 0;
>   }
> 
> - octeon_eth_start(ifp);
> + if_start(ifp);
> 
>   splx(s);
>   return (error);
> @@ -959,18 +961,19 @@ octeon_eth_start(struct ifnet *ifp)
>   struct octeon_eth_softc *sc = ifp->if_softc;
>   struct mbuf *m;
> 
> + if (__predict_false(!cn30xxgmx_link_status(sc->sc_gmx_port))) {
> + IFQ_PURGE(>if_snd);
> + return;
> + }
> +
> + mtx_enter(>sc_sendq_mtx);
> +
>   /*
>* performance tuning
>* presend iobdma request 
>*/
>   octeon_eth_send_queue_flush_prefetch(sc);
> 
> - if (!(ifp->if_flags & IFF_RUNNING) || ifq_is_oactive(>if_snd))
> - goto last;
> -
> - if (__predict_false(!cn30xxgmx_link_status(sc->sc_gmx_port)))
> - goto last;
> -
>   for (;;) {
>   octeon_eth_send_queue_flush_fetch(sc); /* XXX */
> 
> @@ -980,13 +983,16 @@ octeon_eth_start(struct ifnet *ifp)
>* and bail out.
>*/
>   if (octeon_eth_send_queue_is_full(sc)) {
> + mtx_leave(>sc_sendq_mtx);

not directly related to these changes, but the driver should ifq_set_oactive() 
in this situation.

>   return;
>   }
>   /* XXX */
> 
>   IFQ_DEQUEUE(>if_snd, m);
> - if (m == NULL)
> + if (m == NULL) {
> + mtx_leave(>sc_sendq_mtx);
>   return;
> + }
> 
>   OCTEON_ETH_TAP(ifp, m, BPF_DIRECTION_OUT);
> 
> @@ -1008,8 +1014,9 @@ octeon_eth_start(struct ifnet *ifp)
>   octeon_eth_send_queue_flush_prefetch(sc);
>   }
> 
> -last:
>   octeon_eth_send_queue_flush_fetch(sc);
> +
> + mtx_leave(>sc_sendq_mtx);
> }
> 
> void
> @@ -1025,7 +1032,7 @@ octeon_eth_watchdog(struct ifnet *ifp)
>   ifq_clr_oactive(>if_snd);
>   ifp->if_timer = 0;
> 
> - octeon_eth_start(ifp);
> + if_start(ifp);

i think you mean ifq_restart here.

> }
> 
> int
> @@ -1066,6 +1073,8 @@ octeon_eth_stop(struct ifnet *ifp, int d
> {
>   struct octeon_eth_softc *sc = ifp->if_softc;
> 
> + CLR(ifp->if_flags, IFF_RUNNING);
> +
>   timeout_del(>sc_tick_misc_ch);
>   timeout_del(>sc_tick_free_ch);
>   timeout_del(>sc_resume_ch);
> @@ -1074,13 +1083,12 @@ octeon_eth_stop(struct ifnet *ifp, int d
> 
>   cn30xxgmx_port_enable(sc->sc_gmx_port, 0);
> 
> - /* Mark the interface as down and cancel the watchdog timer. */
> - CLR(ifp->if_flags, IFF_RUNNING);
> + intr_barrier(octeon_eth_pow_recv_ih);
> + ifq_barrier(>if_snd);
> +
>   ifq_clr_oactive(>if_snd);
>   ifp->if_timer = 0;
> 
> - intr_barrier(octeon_eth_pow_recv_ih);
> -
>   return 0;
> }
> 
> @@ -1372,9 +1380,8 @@ octeon_eth_tick_free(void *arg)
> {
>   struct octeon_eth_softc *sc = arg;
>   int timo;
> - int s;
> 
> - s = splnet();
> + mtx_enter(>sc_sendq_mtx);
>   /* XXX */
>   if (ml_len(>sc_sendq) > 0) {
>   octeon_eth_send_queue_flush_prefetch(sc);
> @@ -1389,7 +1396,7 @@ octeon_eth_tick_free(void *arg)
>timo = 10;
>   timeout_add_msec(>sc_tick_free_ch, 1000 * timo / hz);
>   /* XXX */
> - splx(s);
> + mtx_leave(>sc_sendq_mtx);

ah, i see why you want the mutex now. you could serialise that work with the 
start routine via ifq_serialize().

cnmac doesnt interrupt for completions?

> }
> 
> /*
> Index: arch/octeon/dev/if_cnmacvar.h
> ===
> RCS file: 

Re: failure to send a udp packet is not a fatal error

[Claudio Jeker]

On Tue, Apr 26, 2016 at 01:43:31PM +1000, David Gwynne wrote:
> the tftp proxy on the firewall is dying these days. i managed to
> track the failure down to an error sending the udp packet on.
> 
> rather than err, i think it more appropriate to warn and let the
> client retry in this situation.
> 
> ok?
> 
> Index: tftp-proxy.c
> ===
> RCS file: /cvs/src/usr.sbin/tftp-proxy/tftp-proxy.c,v
> retrieving revision 1.18
> diff -u -p -r1.18 tftp-proxy.c
> --- tftp-proxy.c  24 Feb 2016 16:34:47 -  1.18
> +++ tftp-proxy.c  26 Apr 2016 03:41:39 -
> @@ -869,7 +869,7 @@ unprivproc_pop(int fd, short events, voi
>   if (sendto(s, r->buf, r->buflen, 0,
>   (struct sockaddr *)>addrs.dst,
>   r->addrs.dst.ss_len) == -1)
> - lerr(1, "%s: unable to send", __func__);
> + lwarn("%s: unable to send", __func__);
>  
>   close(s);
>  
> 

Makes sense to me. UDP can bubble up many errors from the network stack so
it sure makes sense to not die on an error. OK claudio@

-- 
:wq Claudio