Re: malloc.c: better double free check
> In the end all double frees still will be caught by the actual free > code, just with a delay. The delayed free buffer double free check is > just a way of catching it as soon as possible to make debugging > easier. That's the reason the originla code could just do the check > on the slot being replaced only. > > The only case that could be missed is when the chunk is given out by > malloc in between the original free and the double free. But that > case never be caught in all circumstances since the delay buffer is of > finite size. > > -Otto True, the delay buffer currently only guarantees allocations are kept out of circulation for one cycle since the random choice is between previously freed allocations, never the current one. It matters more with the other change making half of the quarantine into a ring buffer to provide a longer guaranteed delay. I think that makes sense as a trade-off vs. an extra bit of entropy from a 2x larger random array for a given total quarantine size. It also improves the write- after-free detection, especially with a configurable quarantine size, which makes it somewhat like the ASan quarantine but with delayed detection of write-after-free and only indirect read-after-free detection via junk filling (i.e. if something ends up crashing / breaking from reading junk instead of what it expected).
sendsyslog ioctl LIOCSFD documentation
Hi, After my talk about syslog at eurobsdcon, I was asked to add more documentation how the syslogd(8) side of sendsyslog(9) works. ok? bluhm Index: usr.sbin/syslogd/syslogd.c === RCS file: /data/mirror/openbsd/cvs/src/usr.sbin/syslogd/syslogd.c,v retrieving revision 1.248 diff -u -p -r1.248 syslogd.c --- usr.sbin/syslogd/syslogd.c 17 Sep 2017 23:49:14 - 1.248 +++ usr.sbin/syslogd/syslogd.c 24 Sep 2017 17:14:00 - @@ -566,6 +566,7 @@ main(int argc, char *argv[]) if ((fd_klog = open(_PATH_KLOG, O_RDONLY, 0)) == -1) { log_warn("open %s", _PATH_KLOG); } else if (fd_sendsys != -1) { + /* Use /dev/klog to register sendsyslogd(2) receiver. */ if (ioctl(fd_klog, LIOCSFD, [1]) == -1) log_warn("ioctl klog LIOCSFD sendsyslog"); } Index: lib/libc/sys/sendsyslog.2 === RCS file: /data/mirror/openbsd/cvs/src/lib/libc/sys/sendsyslog.2,v retrieving revision 1.9 diff -u -p -r1.9 sendsyslog.2 --- lib/libc/sys/sendsyslog.2 18 Jul 2017 22:22:19 - 1.9 +++ lib/libc/sys/sendsyslog.2 24 Sep 2017 17:20:27 - @@ -1,5 +1,6 @@ .\"$OpenBSD: sendsyslog.2,v 1.9 2017/07/18 22:22:19 bluhm Exp $ .\" +.\" Copyright (c) 2017 Alexander Bluhm.\" Copyright (c) 2014 Theo de Raadt .\" .\" Permission to use, copy, modify, and distribute this software for any @@ -54,6 +55,22 @@ fails, dropped messages are counted. When .Xr syslogd 8 works again, a warning with the counter and error number is logged. +.Pp +To receive messages from the kernel, +.Xr syslogd 8 +has to create a socket pair and register one end. +This registration is done by opening the +.Pa /dev/klog +device and passing one file descriptor of the socket pair as argument +to +.Xr ioctl 2 Dv LIOCSFD +invoked on the klog file descriptor. +After that the messages can be be read from the other end of the +socket pair. +By utilizing +.Pa /dev/klog +the access to log messages is limited to processes that may open +this device. .Sh RETURN VALUES .Rv -std .Sh ERRORS
Re: [patch] ftp(1): change mtime for http/https links
On Sat, Sep 23, 2017 at 11:50:46PM +0200, Jesper Wallin wrote: > Woups, seems like I managed to break ftp(1) in the installer due to > pledge being a bit too tight. Here is an updated version of the patch > and with Philips changes as well. ...and hopefully a final version, sorry for the noise. Changed the order of the pledge promises to their canonical order as given by the manual and removed some empty lines. (thanks anton@) I will of course still bump this once we're out of beta. Index: fetch.c === RCS file: /cvs/src/usr.bin/ftp/fetch.c,v retrieving revision 1.163 diff -u -p -r1.163 fetch.c --- fetch.c 7 Mar 2017 08:00:23 - 1.163 +++ fetch.c 24 Sep 2017 08:06:26 - @@ -210,6 +210,7 @@ url_get(const char *origline, const char int status; int save_errno; const size_t buflen = 128 * 1024; + time_t mtime = -1; direction = "received"; @@ -647,7 +648,7 @@ noslash: if (pledge("stdio rpath inet dns tty", NULL) == -1) err(1, "pledge"); } else { - if (pledge("stdio rpath wpath cpath inet dns tty", NULL) == -1) + if (pledge("stdio rpath wpath cpath inet fattr dns tty", NULL) == -1) err(1, "pledge"); } } @@ -860,6 +861,12 @@ noslash: if (restart_point) filesize += restart_point; #endif /* !SMALL */ +#define LASTMOD "Last-Modified: " + } else if (strncasecmp(cp, LASTMOD, sizeof(LASTMOD) - 1) == 0) { + struct tm tm; + cp += sizeof(LASTMOD) - 1; + if (strptime(cp, "%a, %d %b %Y %T %z", ) != NULL) + mtime = mktime(); #define LOCATION "Location: " } else if (isredirect && strncasecmp(cp, LOCATION, sizeof(LOCATION) - 1) == 0) { @@ -1043,8 +1050,19 @@ cleanup_url_get: fclose(fin); else if (s != -1) close(s); - if (out >= 0 && out != fileno(stdout)) + if (out >= 0 && out != fileno(stdout)) { + if (mtime != -1) { + struct timespec tv[2]; + tv[0].tv_nsec = UTIME_NOW; + tv[1].tv_sec = mtime; + tv[1].tv_nsec = 0; + if (futimens(out, tv) == -1) + fprintf(ttyout, + "Can't change modification time on %s to %s\n", + savefile, ctime()); + } close(out); + } free(buf); free(proxyhost); free(proxyurl); Index: ftp.c === RCS file: /cvs/src/usr.bin/ftp/ftp.c,v retrieving revision 1.100 diff -u -p -r1.100 ftp.c --- ftp.c 22 Aug 2016 16:27:00 - 1.100 +++ ftp.c 24 Sep 2017 08:06:26 - @@ -1217,8 +1217,8 @@ break2: ut.modtime = mtime; if (utime(local, ) == -1) fprintf(ttyout, - "Can't change modification time on %s to %s", - local, asctime(localtime())); + "Can't change modification time on %s to %s\n", + local, ctime()); } } }
[patch] vmd.c: Keep the ownership when rebooting a VM
Hi all, If a machine is configured in vm.conf to have the owner of a regular user, the ownership of the machine is lost upon reboot and root becomes the new owner. When restarting the machine, the tty is kept open and the permissions of the tty are untouched. The user can therefore access the console, but it's not possible to stop the machine since the vmd owner is root. The patch below simply leave vm->vm_uid untouched if the keeptty is set. Jesper Wallin Index: vmd.c === RCS file: /cvs/src/usr.sbin/vmd/vmd.c,v retrieving revision 1.69 diff -u -p -r1.69 vmd.c --- vmd.c 8 Sep 2017 06:24:31 - 1.69 +++ vmd.c 24 Sep 2017 15:04:31 - @@ -413,7 +413,7 @@ vmd_dispatch_vmm(int fd, struct privsep_ log_debug("%s: about to stop vm id %d with tty open", __func__, vm->vm_vmid); vm_stop(vm, 1); - config_setvm(ps, vm, (uint32_t)-1, 0); + config_setvm(ps, vm, (uint32_t)-1, vm->vm_uid); } break; case IMSG_VMDOP_GET_INFO_VM_DATA: @@ -1061,9 +1061,10 @@ vm_stop(struct vmd_vm *vm, int keeptty) close(vm->vm_kernel); vm->vm_kernel = -1; } - vm->vm_uid = 0; - if (!keeptty) + if (!keeptty) { vm_closetty(vm); + vm->vm_uid = 0; + } } void
Re: hostname.if5 patch
Please Disgrgard this patch request I have sent an alternate non Mime Formatted one Thanks On 23 September 2017 at 14:16, Tom Smythwrote: > Hello Lads, > > I have submitted a proposed patch for hostname.if5 to show a user how > to do Point to Point Addressing on an interface (thanks to @Tedu for > publishing the correct syntax which helped me. > > So I (tried to ) show syntax for that case on the hostname.if manual file > Thanks to Nikolai for helping me with the patch generation
[patch] hostname.if5 additional info on point to point addressing
Hello lads, and ladies, I have included some extra info on point to point addressing on interfaces in OpenBSD thanks @tedu for the blog post that helpd me learn how to do point to point addressing (non Broadcast) on Openbsd and @theo @ingo for pointing me in the right direction on man page contributions earlier in the year, patch is below I hope it helps Index: src/share/man/man5/hostname.if.5 === RCS file: /cvs/src/share/man/man5/hostname.if.5,v retrieving revision 1.65 diff -u -p -u -r1.65 hostname.if.5 --- src/share/man/man5/hostname.if.510 Mar 2017 18:28:11 -1.65 +++ src/share/man/man5/hostname.if.523 Sep 2017 11:50:49 - @@ -91,6 +91,16 @@ Regular IPv4 network setup: .Va dest_addr .Ed .Pp +Point to Point IPv4 network setup: +.Bd -ragged -offset indent +.Li inet +.Op Li alias +.Va addr +.Va netmask +.Va network_addr +.Va options +.Ed +.Pp Regular IPv6 network setup: .Bd -ragged -offset indent .Li inet6 @@ -122,6 +132,13 @@ inet6 alias fec0::1 64 inet6 alias fec0::2 64 anycast !route add 65.65.65.65 10.0.1.13 up +.Ed +.Pp +Point to point ip addressing can also be applied to an interface +for example: +.Bd -literal -offset 1n +inet 10.64.100.2 0x 10.64.80.25 +#host_addr /32_netmask network_addr .Ed .Pp The above formats have the following field values:
Re: UPDATE: freetype 2.8.1
On Wed, Sep 20, 2017 at 7:06 PM, David Coppawrote: > > Here's the update to FreeType-2.8.1. > > I don't know if there's enough time to have it in for 6.2. Just catching up with icb logs... i'm uncomfortable with updating freetype at this point. i'm more afraid of runtime fallout than build problems. ok no freetype upgrade before release. ok with me too, we'll come back to this after the unlock. Ciao! David
Re: malloc.c: better double free check
On Sat, Sep 23, 2017 at 05:19:58PM -0400, Daniel Micay wrote: > On Sat, 2017-09-23 at 09:32 +0200, Otto Moerbeek wrote: > > On Fri, Sep 22, 2017 at 04:35:39PM -0400, Daniel Micay wrote: > > > > > A linear search works well for the current small quarantine (16) but > > > won't work > > > well if you ever want to have a larger / configurable quarantine > > > size. It would > > > also be nice to make this fast enough to enable by default. > > > > > > We (CopperheadOS) use an open addressed hash table for this based on > > > the > > > existing hash table since we use a larger quarantine with a FIFO > > > queue > > > alongside the random array and a configuration size. Ideally the > > > code would be > > > shared with the existing hash table but I didn't want to make it > > > into an > > > invasive change downstream. > > > > > > These are the three downstream patches for OpenBSD malloc in our > > > copy of Bionic > > > (Android libc), so I'd need to port them to the current upstream > > > code to apply > > > cleanly. They're currently applied after other changes and it's a > > > slightly > > > older copy of the base code (after multi-pool support, but before > > > the canary > > > rework since we'll need to adapt that to our needs). Can get the > > > general idea > > > from the patches even though they're not going to apply cleanly > > > though. > > > > > > [1] quarantine double-free detection via hash table > > > > Thanks for sharing this, I'll take a look soon. > > > > Thinking a bit about this: wouldn't a closed hash table be sufficient? > > A collision would then either be a double free, otherwise just replace > > old with new. You'll get a O(1) lookup and insert and simpler code. > > I wouldn't really want to have a random chance of missing a double-free > even if the chance is small though. In the end all double frees still will be caught by the actual free code, just with a delay. The delayed free buffer double free check is just a way of catching it as soon as possible to make debugging easier. That's the reason the originla code could just do the check on the slot being replaced only. The only case that could be missed is when the chunk is given out by malloc in between the original free and the double free. But that case never be caught in all circumstances since the delay buffer is of finite size. -Otto