Changing a running process' cmd name/argv[0]
Hi, Bit of a programming question/inquiry... I'm looking at 5.5-current. I'm forking inside a lib and I want to change the forks cmd or argv[0]. I mean, what you see as "command" in ps or top. I've looked at setproctitle. And I lurked around kvm_getprocs and kvm_getargv, but these functions only give readable data, nothing can be changed, correct? I've gotten a dozen questions why I'm doing this and the reason is X runs my lib or a program that runs my lib and thus gets fork, which it can't handle. I think this is because it has the same command name (probably not.) What I really want to do is a double fork, as you say... I want to fork and completely disconnect the child from the parent so it's just gone without a trace for anything anywhere to see, capisce? I've tried using daemon(3) for this and yes, it disconnects it but then this new problem with X appeared. It's a little hard to follow maybe... It seems like in this area there is something of a lack of API in the kernel. I haven't researched "double fork" but I suspect it's most likely daemon(3) being used. If you understand what I've written then any suggestions are welcome. Thanks. //Gustav -- This e-mail is confidential and may not be shared with anyone other than recipient(s) without written permission from sender. Don't get funny with me.
Re: LibreSSL 2.0.1 released
On Jul 13, 2014, at 5:45 PM, Jan Engelhardt wrote: > On Sunday 2014-07-13 17:36, Brent Cook wrote: This release includes a number of portability fixes based on the initial feedback we have received from the community. >>> >>> I was looking at Solaris documentation and found that -lrt may be >>> needed for some versions as well. A test has not been conducted. >> >> Thanks Jan, we fixed this in a more generic way: >> >> https://github.com/libressl-portable/portable/commit/7a9aa4dd7eaa91a532af39ff20fac09e49f2 > > Ah yes, interesting. > > JFYI, mingw-w64 has clock_gettime in -lpthread instead, so that needs to > be tested as well. Thanks Jan. I have some patches that I’m testing to fix mingw builds to properly build getentropy_win.c. This version does not use clock_gettime in the first place, so there will hopefully be no pthread dependency on mingw builds. Not all mingw toolchains have winpthreads available yet (e.g. ones shipped with somewhat recent versions of ubuntu), so we will likely need to avoid depending on it for a bit, if its easy enough to avoid.
Re: use mallocarray in kern
> On Sun, Jul 13, 2014 at 17:52, Theo de Raadt wrote: > >> And some others from exec that follow a slightly different pattern. > > > > This is the pattern I have been following as well. > > > > As for the final diff, I've been giving up on the "known constant" > > scenario. It seems expensive. > > Meh. :) I think they can be changed back if necessary; in the mean > time it makes it easier to see what's done and what remains. It is an extra register window on sparc and sparc64.
Re: use mallocarray in kern
On Sun, Jul 13, 2014 at 17:52, Theo de Raadt wrote: >> And some others from exec that follow a slightly different pattern. > > This is the pattern I have been following as well. > > As for the final diff, I've been giving up on the "known constant" > scenario. It seems expensive. Meh. :) I think they can be changed back if necessary; in the mean time it makes it easier to see what's done and what remains.
Re: use mallocarray in kern
> And some others from exec that follow a slightly different pattern. This is the pattern I have been following as well. As for the final diff, I've been giving up on the "known constant" scenario. It seems expensive. > Index: exec_script.c > === > RCS file: /cvs/src/sys/kern/exec_script.c,v > retrieving revision 1.30 > diff -u -p -r1.30 exec_script.c > --- exec_script.c 12 Jul 2014 18:43:32 - 1.30 > +++ exec_script.c 13 Jul 2014 23:46:23 - > @@ -208,7 +208,7 @@ check_shell: > epp->ep_flags |= EXEC_INDIR; > > /* and set up the fake args list, for later */ > - shellargp = malloc(4 * sizeof(char *), M_EXEC, M_WAITOK); > + shellargp = mallocarray(4, sizeof(char *), M_EXEC, M_WAITOK); > tmpsap = shellargp; > *tmpsap = malloc(shellnamelen + 1, M_EXEC, M_WAITOK); > strlcpy(*tmpsap++, shellname, shellnamelen + 1); >
Re: use mallocarray in kern
On Sun, Jul 13, 2014 at 11:14, Ted Unangst wrote: > sprinkle malloc array in the kern directory. And some others from exec that follow a slightly different pattern. Index: exec_elf.c === RCS file: /cvs/src/sys/kern/exec_elf.c,v retrieving revision 1.99 diff -u -p -r1.99 exec_elf.c --- exec_elf.c 12 Jul 2014 18:43:32 - 1.99 +++ exec_elf.c 13 Jul 2014 23:46:23 - @@ -355,8 +355,8 @@ ELFNAME(load_file)(struct proc *p, char goto bad1; } + ph = mallocarray(eh.e_phnum, sizeof(Elf_Phdr), M_TEMP, M_WAITOK); phsize = eh.e_phnum * sizeof(Elf_Phdr); - ph = malloc(phsize, M_TEMP, M_WAITOK); if ((error = ELFNAME(read_from)(p, nd.ni_vp, eh.e_phoff, (caddr_t)ph, phsize)) != 0) @@ -539,8 +539,8 @@ ELFNAME2(exec,makecmds)(struct proc *p, * Allocate space to hold all the program headers, and read them * from the file */ + ph = malloc(eh->e_phnum, sizeof(Elf_Phdr), M_TEMP, M_WAITOK); phsize = eh->e_phnum * sizeof(Elf_Phdr); - ph = malloc(phsize, M_TEMP, M_WAITOK); if ((error = ELFNAME(read_from)(p, epp->ep_vp, eh->e_phoff, (caddr_t)ph, phsize)) != 0) @@ -860,8 +860,8 @@ ELFNAME(os_pt_note)(struct proc *p, stru size_t phsize; int error; + hph = malloc(eh->e_phnum, sizeof(Elf_Phdr), M_TEMP, M_WAITOK); phsize = eh->e_phnum * sizeof(Elf_Phdr); - hph = malloc(phsize, M_TEMP, M_WAITOK); if ((error = ELFNAME(read_from)(p, epp->ep_vp, eh->e_phoff, (caddr_t)hph, phsize)) != 0) goto out1; @@ -1005,7 +1005,7 @@ ELFNAMEEND(coredump)(struct proc *p, voi notestart = offset + sizeof(phdr) * cs.npsections; secstart = notestart + notesize; - psections = malloc(cs.npsections * sizeof(Elf_Phdr), + psections = mallocarray(cs.npsections, sizeof(Elf_Phdr), M_TEMP, M_WAITOK|M_ZERO); /* Pass 2: now write the P-section headers. */ Index: exec_script.c === RCS file: /cvs/src/sys/kern/exec_script.c,v retrieving revision 1.30 diff -u -p -r1.30 exec_script.c --- exec_script.c 12 Jul 2014 18:43:32 - 1.30 +++ exec_script.c 13 Jul 2014 23:46:23 - @@ -208,7 +208,7 @@ check_shell: epp->ep_flags |= EXEC_INDIR; /* and set up the fake args list, for later */ - shellargp = malloc(4 * sizeof(char *), M_EXEC, M_WAITOK); + shellargp = mallocarray(4, sizeof(char *), M_EXEC, M_WAITOK); tmpsap = shellargp; *tmpsap = malloc(shellnamelen + 1, M_EXEC, M_WAITOK); strlcpy(*tmpsap++, shellname, shellnamelen + 1);
getentropy.2 incorrect arg type
It takes a void *, not a char *. Index: getentropy.2 === RCS file: /cvs/src/lib/libc/sys/getentropy.2,v retrieving revision 1.4 diff -u -p -r1.4 getentropy.2 --- getentropy.215 Jun 2014 07:24:19 - 1.4 +++ getentropy.213 Jul 2014 21:32:54 - @@ -23,7 +23,7 @@ .Sh SYNOPSIS .Fd #include .Ft int -.Fn getentropy "char *buf" "size_t buflen" +.Fn getentropy "void *buf" "size_t buflen" .Sh DESCRIPTION .Nm fills a buffer with high-quality seed-grade entropy, which can
Re: Possible bug in cpu_chooseproc?
> > Index: kern_sched.c
> > ===
> > RCS file: /cvs/src/sys/kern/kern_sched.c,v
> > retrieving revision 1.32
> > diff -u -p -r1.32 kern_sched.c
> > --- kern_sched.c4 May 2014 05:03:26 - 1.32
> > +++ kern_sched.c13 Jul 2014 20:18:38 -
> > @@ -272,7 +272,7 @@ sched_chooseproc(void)
> > if (spc->spc_schedflags & SPCF_SHOULDHALT) {
> > if (spc->spc_whichqs) {
> > for (queue = 0; queue < SCHED_NQS; queue++) {
> > - TAILQ_FOREACH(p, &spc->spc_qs[queue], p_runq) {
> > + while ((p = TAILQ_FIRST(&spc->spc_qs[queue]))) {
> > remrunqueue(p);
> > p->p_cpu = sched_choosecpu(p);
> > setrunqueue(p);
> >
> >
>
I'd add KASSERT(TAILQ_EMPTY()).
pciide(4): port NetBSD's rdcide(4)
Hello,
I am playing with 86duino EduCake, and I found pciide(4) did not support DMA
of Vortex86EX SoC (RDC R1012).
I tried to port NetBSD's rdcide(4) and it seems to work.
Here is the diff, and please tell me how to test more verbose.
At least there is no problem to build -current kernel, but poor performance
boost because CPU is too slow... 109min -> 101min :-(.
Regards,
--
SASANO Takayoshi
Index: pciide.c
===
RCS file: /cvs/src/sys/dev/pci/pciide.c,v
retrieving revision 1.345
diff -u -p -r1.345 pciide.c
--- pciide.c24 Apr 2014 15:38:25 - 1.345
+++ pciide.c13 Jul 2014 20:44:40 -
@@ -123,6 +123,7 @@ int wdcdebug_pciide_mask = WDCDEBUG_PCII
#include
#include
#include
+#include
#include
/* functions for reading/writing 8-bit PCI registers */
@@ -282,6 +283,9 @@ void phison_setup_channel(struct channel
void sch_chip_map(struct pciide_softc *, struct pci_attach_args *);
void sch_setup_channel(struct channel_softc *);
+void rdc_chip_map(struct pciide_softc *, struct pci_attach_args *);
+void rdc_setup_channel(struct channel_softc *);
+
struct pciide_product_desc {
u_int32_t ide_product;
u_short ide_flags;
@@ -1335,6 +1339,13 @@ const struct pciide_product_desc pciide_
},
};
+const struct pciide_product_desc pciide_rdc_products[] = {
+ { PCI_PRODUCT_RDC_R1012_IDE,
+ 0,
+ rdc_chip_map
+ },
+};
+
struct pciide_vendor_desc {
u_int32_t ide_vendor;
const struct pciide_product_desc *ide_products;
@@ -1379,7 +1390,9 @@ const struct pciide_vendor_desc pciide_v
{ PCI_VENDOR_JMICRON, pciide_jmicron_products,
nitems(pciide_jmicron_products) },
{ PCI_VENDOR_PHISON, pciide_phison_products,
- nitems(pciide_phison_products) }
+ nitems(pciide_phison_products) },
+ { PCI_VENDOR_RDC, pciide_rdc_products,
+ nitems(pciide_rdc_products) }
};
/* options passed via the 'flags' config keyword */
@@ -1581,6 +1594,7 @@ pciide_activate(struct device *self, int
sc->sc_pp->chip_map == piix_chip_map ||
sc->sc_pp->chip_map == amd756_chip_map ||
sc->sc_pp->chip_map == phison_chip_map ||
+ sc->sc_pp->chip_map == rdc_chip_map ||
sc->sc_pp->chip_map == ixp_chip_map ||
sc->sc_pp->chip_map == acard_chip_map ||
sc->sc_pp->chip_map == apollo_chip_map ||
@@ -9103,4 +9117,151 @@ pio:
}
pciide_print_modes(cp);
+}
+
+void
+rdc_chip_map(struct pciide_softc *sc, struct pci_attach_args *pa)
+{
+ struct pciide_channel *cp;
+ int channel;
+ u_int32_t patr;
+ pcireg_t interface = PCI_INTERFACE(pa->pa_class);
+ bus_size_t cmdsize, ctlsize;
+
+ printf(": DMA");
+ pciide_mapreg_dma(sc, pa);
+ sc->sc_wdcdev.cap |= WDC_CAPABILITY_DATA16 | WDC_CAPABILITY_DATA32;
+ if (sc->sc_dma_ok) {
+ sc->sc_wdcdev.cap |= WDC_CAPABILITY_UDMA |
+ WDC_CAPABILITY_DMA | WDC_CAPABILITY_IRQACK;
+ sc->sc_wdcdev.irqack = pciide_irqack;
+ sc->sc_wdcdev.dma_init = pciide_dma_init;
+ }
+ sc->sc_wdcdev.PIO_cap = 4;
+ sc->sc_wdcdev.DMA_cap = 2;
+ sc->sc_wdcdev.UDMA_cap = 5;
+ sc->sc_wdcdev.set_modes = rdc_setup_channel;
+ sc->sc_wdcdev.channels = sc->wdc_chanarray;
+ sc->sc_wdcdev.nchannels = PCIIDE_NUM_CHANNELS;
+
+ pciide_print_channels(sc->sc_wdcdev.nchannels, interface);
+
+ WDCDEBUG_PRINT(("rdc_chip_map: old PATR=0x%x, "
+ "PSD1ATR=0x%x, UDCCR=0x%x, IIOCR=0x%x\n",
+ pci_conf_read(sc->sc_pc, sc->sc_tag, RDCIDE_PATR),
+ pci_conf_read(sc->sc_pc, sc->sc_tag, RDCIDE_PSD1ATR),
+ pci_conf_read(sc->sc_pc, sc->sc_tag, RDCIDE_UDCCR),
+ pci_conf_read(sc->sc_pc, sc->sc_tag, RDCIDE_IIOCR)),
+ DEBUG_PROBE);
+
+ for (channel = 0; channel < sc->sc_wdcdev.nchannels; channel++) {
+ cp = &sc->pciide_channels[channel];
+
+ if (pciide_chansetup(sc, channel, interface) == 0)
+ continue;
+ patr = pci_conf_read(sc->sc_pc, sc->sc_tag, RDCIDE_PATR);
+ if ((patr & RDCIDE_PATR_EN(channel)) == 0) {
+ printf("%s: %s ignored (disabled)\n",
+ sc->sc_wdcdev.sc_dev.dv_xname, cp->name);
+ continue;
+ }
+ pciide_map_compat_intr(pa, cp, channel, interface);
+ if (cp->hw_ok == 0)
+ continue;
+ pciide_mapchan(pa, cp, interface, &cmdsize, &ctlsize,
+ pciide_pci_intr);
+ if (cp->hw_ok == 0)
+ goto next;
+ if (pciide_chan_candisable(c
Re: Possible bug in cpu_chooseproc?
> Date: Sun, 13 Jul 2014 13:12:46 -0700
> From: Matthew Dempsky
>
> As the name suggests, remrunqueue(p) removes p from its run queue, and
> I believe that makes TAILQ_FOREACH() here unsafe. Instead of actually
> removing all threads from the processor, we'll only remove the first
> from each of its run queues.
>
> Diff below replaces TAILQ_FOREACH with the safe/idiomatic pattern for
> draining a queue.
>
> ok?
Ugh, yes.
> Index: kern_sched.c
> ===
> RCS file: /cvs/src/sys/kern/kern_sched.c,v
> retrieving revision 1.32
> diff -u -p -r1.32 kern_sched.c
> --- kern_sched.c 4 May 2014 05:03:26 - 1.32
> +++ kern_sched.c 13 Jul 2014 20:18:38 -
> @@ -272,7 +272,7 @@ sched_chooseproc(void)
> if (spc->spc_schedflags & SPCF_SHOULDHALT) {
> if (spc->spc_whichqs) {
> for (queue = 0; queue < SCHED_NQS; queue++) {
> - TAILQ_FOREACH(p, &spc->spc_qs[queue], p_runq) {
> + while ((p = TAILQ_FIRST(&spc->spc_qs[queue]))) {
> remrunqueue(p);
> p->p_cpu = sched_choosecpu(p);
> setrunqueue(p);
>
>
Possible bug in cpu_chooseproc?
As the name suggests, remrunqueue(p) removes p from its run queue, and
I believe that makes TAILQ_FOREACH() here unsafe. Instead of actually
removing all threads from the processor, we'll only remove the first
from each of its run queues.
Diff below replaces TAILQ_FOREACH with the safe/idiomatic pattern for
draining a queue.
ok?
(This hasn't bit me and I don't know any practical consequences of it.
Just spotted it while tracking down a bug in a kern_synch.c diff I'm
working on.)
Index: kern_sched.c
===
RCS file: /cvs/src/sys/kern/kern_sched.c,v
retrieving revision 1.32
diff -u -p -r1.32 kern_sched.c
--- kern_sched.c4 May 2014 05:03:26 - 1.32
+++ kern_sched.c13 Jul 2014 20:18:38 -
@@ -272,7 +272,7 @@ sched_chooseproc(void)
if (spc->spc_schedflags & SPCF_SHOULDHALT) {
if (spc->spc_whichqs) {
for (queue = 0; queue < SCHED_NQS; queue++) {
- TAILQ_FOREACH(p, &spc->spc_qs[queue], p_runq) {
+ while ((p = TAILQ_FIRST(&spc->spc_qs[queue]))) {
remrunqueue(p);
p->p_cpu = sched_choosecpu(p);
setrunqueue(p);
Re: network autoconfig
On 13/07/14 4:22 PM, frantisek holop wrote: hmm, on Sun, Jul 13, 2014 at 02:21:06PM -0400, Brad Smith said that On 13/07/14 2:16 PM, frantisek holop wrote: hmm, on Sun, Jul 13, 2014 at 05:37:51PM +0200, Denis Fondras said that >from the user's PoV, there shouldn't be more needed than ifconfig inet autoconf ifconfig inet6 autoconf aka inet/inet6 autoconf in hostname.if. I'm curious to see what will come out of it as I cannot envision any added value of these autoconf compared to dhclient. sounds like a great place to deal with wifi networks. That comment doesn't even make any sense. Wifi networks are not magic unicorns. that "little userland daemon, let's call it autoconfd" could have a privsepped part doing scans and could make a decision how to set up the wifi interface before dhclient is called. i can dream, can't i? This isn't a do everything command line parameter. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: network autoconfig
hmm, on Sun, Jul 13, 2014 at 02:21:06PM -0400, Brad Smith said that > On 13/07/14 2:16 PM, frantisek holop wrote: > >hmm, on Sun, Jul 13, 2014 at 05:37:51PM +0200, Denis Fondras said that > >>> > >>>from the user's PoV, there shouldn't be more needed than > >>> ifconfig inet autoconf > >>> ifconfig inet6 autoconf > >>>aka inet/inet6 autoconf in hostname.if. > >>> > >> > >>I'm curious to see what will come out of it as I cannot envision any > >>added value of these autoconf compared to dhclient. > > > >sounds like a great place to deal with wifi networks. > > That comment doesn't even make any sense. Wifi networks > are not magic unicorns. that "little userland daemon, let's call it autoconfd" could have a privsepped part doing scans and could make a decision how to set up the wifi interface before dhclient is called. i can dream, can't i? -f -- there is never sunshine without shadow.
Re: Refactoring process-local file descriptor data
Updated for mallocarray() and free(size).
On Thu, Jul 10, 2014 at 04:13:38PM -0400, Jean-Philippe Ouellet wrote:
> This diff adds another struct between filedesc and file to store
> process-local per-descriptor information. Currently, the only thing in
> this struct is the file pointer and some flags, however I have another
> patch on top of this that adds capsicum capabilities to it. (And
> another that uses mallocarray(9) where applicable. One thing at a time.)
>
> The data is currently stored in one big allocation with all the file *s
> in front, and all the flags after. When that allocation grows, there are
> two copies and two zeroings. This is fine when we only have two fields
> (fd_ofiles and fd_ofileflags), but adding more is ugly.
>
> Instead, I propose we have a struct for each file descriptor table entry
> (filedescent) and put the files, flags, and capabilities in that.
>
> The immediate impact is some memory waste due to padding (3 or 7 bytes
> per file descriptor, depending on the arch), however once capabilities
> are added it will be negligible. I discussed it with matthew@ and
> guenther@ and concluded this was the saner way. For what it's worth,
> FreeBSD and NetBSD have done the same thing.
>
> I've been running different versions of this for about a month or so,
> no issues noticed so far.
>
> A similar earlier version was reviewed by matthew@ and guenther@.
Index: sys/filedesc.h
===
RCS file: /cvs/src/sys/sys/filedesc.h,v
retrieving revision 1.28
diff -u -p -r1.28 filedesc.h
--- sys/filedesc.h 15 May 2014 03:52:25 - 1.28
+++ sys/filedesc.h 13 Jul 2014 19:40:01 -
@@ -34,9 +34,6 @@
#include
/*
- * This structure is used for the management of descriptors. It may be
- * shared by multiple processes.
- *
* A process is initially started out with NDFILE descriptors stored within
* this structure, selected to be enough for typical applications based on
* the historical limit of 20 open files (and the usage of descriptors by
@@ -56,22 +53,33 @@
#define NDHISLOTS(x) (NDREDUCE(NDREDUCE(x)))
#define NDLOSLOTS(x) (NDHISLOTS(x) << NDENTRYSHIFT)
+/*
+ * File wrapper for per-process per-file data.
+ */
+struct filedescent {
+ struct file *fde_file; /* file structure for open file */
+ charfde_flags; /* process-local file flags */
+};
+
+/*
+ * This structure is used for the management of descriptors. It may be
+ * shared by multiple processes.
+ */
struct filedesc {
- struct file **fd_ofiles; /* file structures for open files */
- char*fd_ofileflags; /* per-process open file flags */
+ struct filedescent *fd_fdents; /* per-process file wrappers */
struct vnode *fd_cdir; /* current directory */
struct vnode *fd_rdir; /* root directory */
int fd_nfiles; /* number of open files allocated */
int fd_openfd; /* number of files currently open */
u_int *fd_himap; /* each bit points to 32 fds */
u_int *fd_lomap; /* bitmap of free fds */
- int fd_lastfile;/* high-water mark of fd_ofiles */
+ int fd_lastfile;/* high-water mark of fd_fdents */
int fd_freefile;/* approx. next free file */
u_short fd_cmask; /* mask for file creation */
u_short fd_refcnt; /* reference count */
struct rwlock fd_lock; /* lock for the file descs; must be */
- /* held when writing to fd_ofiles, */
- /* fd_ofileflags, or fd_{hi,lo}map */
+ /* held when writing to fd_fdents */
+ /* or fd_{hi,lo}map */
int fd_knlistsize; /* size of knlist */
struct klist *fd_knlist; /* list of attached knotes */
@@ -91,8 +99,7 @@ struct filedesc0 {
* These arrays are used when the number of open files is
* <= NDFILE, and are then pointed to by the pointers above.
*/
- struct file *fd_dfiles[NDFILE];
- charfd_dfileflags[NDFILE];
+ struct filedescent fd_dfdents[NDFILE];
/*
* There arrays are used when the number of open files is
* <= 1024, and are then pointed to by the pointers above.
Index: kern/kern_descrip.c
===
RCS file: /cvs/src/sys/kern/kern_descrip.c,v
retrieving revision 1.112
diff -u -p -r1.112 kern_descrip.c
--- kern/kern_descrip.c 13 Jul 2014 15:29:04 - 1.112
+++ kern/kern_descrip.c 13 Jul 2014 19:40:01 -
@@ -123,7 +123,7 @@ int
find_last_set(struct filedesc *fd, int last)
{
int off, i;
- struct file **ofiles = fd->fd_ofiles;
+ struct filedesce
Re: mallocarray() in sys/dev, first pass
On Sun, Jul 13, 2014 at 11:29:22AM -0600, dera...@cvs.openbsd.org wrote:
> This is the first pass of mallocarray() in sys/dev. Please proofread.
[...]
> ===
> RCS file: /cvs/src/sys/dev/softraid.c,v
> retrieving revision 1.334
> diff -u -p -u -r1.334 softraid.c
> --- softraid.c12 Jul 2014 18:48:51 - 1.334
> +++ softraid.c13 Jul 2014 15:48:56 -
> @@ -252,7 +252,7 @@ sr_meta_attach(struct sr_discipline *sd,
>
> /* we have a valid list now create an array index */
> cl = &sd->sd_vol.sv_chunk_list;
> - sd->sd_vol.sv_chunks = malloc(sizeof(struct sr_chunk *) * chunk_no,
> + sd->sd_vol.sv_chunks = mallocarray(chunk_no, sizeof(struct sr_chunk *),
> M_DEVBUF, M_WAITOK | M_ZERO);
>
> /* fill out chunk array */
> @@ -1284,13 +1284,13 @@ sr_boot_assembly(struct sr_softc *sc)
> }
>
> /* Allocate memory for device and ondisk version arrays. */
> - devs = malloc(BIOC_CRMAXLEN * sizeof(dev_t), M_DEVBUF,
> + devs = mallocarray(BIOC_CRMAXLEN, sizeof(dev_t), M_DEVBUF,
> M_NOWAIT | M_CANFAIL);
> if (devs == NULL) {
> printf("%s: failed to allocate device array\n", DEVNAME(sc));
> goto unwind;
> }
> - ondisk = malloc(BIOC_CRMAXLEN * sizeof(u_int64_t), M_DEVBUF,
> + ondisk = mallocarray(BIOC_CRMAXLEN, sizeof(u_int64_t), M_DEVBUF,
> M_NOWAIT | M_CANFAIL);
> if (ondisk == NULL) {
> printf("%s: failed to allocate ondisk array\n", DEVNAME(sc));
> @@ -1934,8 +1934,9 @@ sr_ccb_alloc(struct sr_discipline *sd)
> if (sd->sd_ccb)
> return (1);
>
> - sd->sd_ccb = malloc(sizeof(struct sr_ccb) *
> - sd->sd_max_wu * sd->sd_max_ccb_per_wu, M_DEVBUF, M_WAITOK | M_ZERO);
> + sd->sd_ccb = mallocarray(sd->sd_max_wu,
> + sd->sd_max_ccb_per_wu * sizeof(struct sr_ccb),
> + M_DEVBUF, M_WAITOK | M_ZERO);
I don't have the knowledge, but I'd hope sd->sd_max_ccb_per_wu
is smaller than sd->sd_max_wu?
> TAILQ_INIT(&sd->sd_ccb_freeq);
> for (i = 0; i < sd->sd_max_wu * sd->sd_max_ccb_per_wu; i++) {
> ccb = &sd->sd_ccb[i];
[...]
> Index: ic/ciss.c
> ===
> RCS file: /cvs/src/sys/dev/ic/ciss.c,v
> retrieving revision 1.69
> diff -u -p -u -r1.69 ciss.c
> --- ic/ciss.c 12 Jul 2014 18:48:17 - 1.69
> +++ ic/ciss.c 13 Jul 2014 16:20:29 -
> @@ -347,7 +347,7 @@ ciss_attach(struct ciss_softc *sc)
> return -1;
> }
>
> - if (!(sc->sc_lds = malloc(sc->maxunits * sizeof(*sc->sc_lds),
> + if (!(sc->sc_lds = mallocarray(sc->maxunits, sizeof(*sc->sc_lds),
> M_DEVBUF, M_NOWAIT | M_ZERO))) {
> bus_dmamem_free(sc->dmat, sc->cmdseg, 1);
> bus_dmamap_destroy(sc->dmat, sc->cmdmap);
> @@ -385,7 +385,7 @@ ciss_attach(struct ciss_softc *sc)
>
> sc->sc_flags |= CISS_BIO;
> #ifndef SMALL_KERNEL
> - sc->sensors = malloc(sizeof(struct ksensor) * sc->maxunits,
> + sc->sensors = mallocarray(sc->maxunits, sizeof(struct ksensor),
> M_DEVBUF, M_NOWAIT | M_ZERO);
> if (sc->sensors) {
> struct device *dev;
> @@ -1311,7 +1311,7 @@ ciss_pdscan(struct ciss_softc *sc, int l
> if (!k)
> return NULL;
>
> - ldp = malloc(sizeof(*ldp) + (k-1), M_DEVBUF, M_NOWAIT);
> + ldp = mallocarray(k-1, sizeof(*ldp), M_DEVBUF, M_NOWAIT);
Oops!
That's not a multiplication. It's an addition.
... or is/was the original code incorrect?
> if (!ldp)
> return NULL;
>
[...]
> Index: ic/qla.c
> ===
> RCS file: /cvs/src/sys/dev/ic/qla.c,v
> retrieving revision 1.42
> diff -u -p -u -r1.42 qla.c
> --- ic/qla.c 12 Jul 2014 18:48:17 - 1.42
> +++ ic/qla.c 13 Jul 2014 16:02:02 -
> @@ -2547,7 +2547,7 @@ qla_alloc_ccbs(struct qla_softc *sc)
> mtx_init(&sc->sc_port_mtx, IPL_BIO);
> mtx_init(&sc->sc_mbox_mtx, IPL_BIO);
>
> - sc->sc_ccbs = malloc(sizeof(struct qla_ccb) * sc->sc_maxcmds,
> + sc->sc_ccbs = mallocarray(sizeof(struct qla_ccb), sc->sc_maxcmds,
> M_DEVBUF, M_WAITOK | M_CANFAIL | M_ZERO);
typically put count as first and size as second param?
> if (sc->sc_ccbs == NULL) {
> printf("%s: unable to allocate ccbs\n", DEVNAME(sc));
> Index: ic/qlw.c
> ===
> RCS file: /cvs/src/sys/dev/ic/qlw.c,v
> retrieving revision 1.23
> diff -u -p -u -r1.23 qlw.c
> --- ic/qlw.c 12 Jul 2014 18:48:17 - 1.23
> +++ ic/qlw.c 13 Jul 2014 16:01:53 -
> @@ -1699,7 +1699,7 @@ qlw_alloc_ccbs(struct qlw_softc *sc)
> mtx_init(&sc->sc_ccb_mtx, IPL_BIO);
> mtx_init(&sc->sc_queue_mtx, IPL_BIO);
>
> - sc->sc_ccbs = malloc(sizeof(struct qlw_ccb) * sc->sc_maxccbs,
> +
Re: mallocarray() in sys/dev, first pass
> > Index: ic/malo.c > > - ring->data = malloc(count * sizeof (struct malo_rx_data), M_DEVBUF, > > - M_NOWAIT); > > + ring->data = mallocarray(count, sizeof (struct malo_rx_data), > > + M_DEVBUF, M_NOWAIT); > > Might as well s/sizeof (/sizeof(/ while you're here. And fix the interrupt handler while I am there, too? You missed the point of doing only one step.
Re: mallocarray() in sys/dev, first pass
And some cosmetic things: > Index: ic/malo.c > - ring->data = malloc(count * sizeof (struct malo_rx_data), M_DEVBUF, > - M_NOWAIT); > + ring->data = mallocarray(count, sizeof (struct malo_rx_data), > + M_DEVBUF, M_NOWAIT); Might as well s/sizeof (/sizeof(/ while you're here. > Index: ic/qla.c > - sc->sc_ccbs = malloc(sizeof(struct qla_ccb) * sc->sc_maxcmds, > + sc->sc_ccbs = mallocarray(sizeof(struct qla_ccb), sc->sc_maxcmds, Wrong order. > Index: ic/qlw.c > - sc->sc_ccbs = malloc(sizeof(struct qlw_ccb) * sc->sc_maxccbs, > + sc->sc_ccbs = mallocarray(sizeof(struct qlw_ccb), sc->sc_maxccbs, Wrong order. > Index: ic/rt2560.c > @@ -388,8 +388,8 @@ rt2560_alloc_tx_ring(struct rt2560_softc > - ring->data = malloc(count * sizeof (struct rt2560_tx_data), M_DEVBUF, > - M_NOWAIT | M_ZERO); > + ring->data = mallocarray(count, sizeof (struct rt2560_tx_data), > + M_DEVBUF, M_NOWAIT | M_ZERO); sizeof ( > @@ -532,8 +532,8 @@ rt2560_alloc_rx_ring(struct rt2560_softc > - ring->data = malloc(count * sizeof (struct rt2560_rx_data), M_DEVBUF, > - M_NOWAIT | M_ZERO); > + ring->data = mallocarray(count, sizeof (struct rt2560_rx_data), > + M_DEVBUF, M_NOWAIT | M_ZERO); sizeof ( > Index: ic/rt2661.c > @@ -473,8 +473,8 @@ rt2661_alloc_tx_ring(struct rt2661_softc > - ring->data = malloc(count * sizeof (struct rt2661_tx_data), M_DEVBUF, > - M_NOWAIT | M_ZERO); > + ring->data = mallocarray(count, sizeof (struct rt2661_tx_data), > + M_DEVBUF, M_NOWAIT | M_ZERO); sizeof ( > @@ -614,8 +614,8 @@ rt2661_alloc_rx_ring(struct rt2661_softc > - ring->data = malloc(count * sizeof (struct rt2661_rx_data), M_DEVBUF, > - M_NOWAIT | M_ZERO); > + ring->data = mallocarray(count, sizeof (struct rt2661_rx_data), > + M_DEVBUF, M_NOWAIT | M_ZERO); sizeof ( > Index: ic/siop.c > - newcbd->cmds = malloc(sizeof(struct siop_cmd) * SIOP_NCMDPB, > + newcbd->cmds = mallocarray(sizeof(struct siop_cmd), SIOP_NCMDPB, Wrong order. > Index: pci/agp.c > - segs = malloc(nseg * sizeof *segs, M_AGP, M_WAITOK); > + segs = mallocarray(nseg, sizeof *segs, M_AGP, M_WAITOK); sizeof(*segs) > Index: pci/hifn7751.c > - ses = (struct hifn_session *)malloc((sesn + 1) * > - sizeof(*ses), M_DEVBUF, M_NOWAIT); > + ses = mallocarray((sesn + 1), sizeof(*ses), > + M_DEVBUF, M_NOWAIT); useless () > Index: pci/mpii.c > - sc->sc_ccbs = malloc(sizeof(*ccb) * (sc->sc_max_cmds-1), > + sc->sc_ccbs = mallocarray((sc->sc_max_cmds-1), sizeof(*ccb), mallocarray(sc->sc_max_cmds - 1, ... > Index: pci/safe.c > - ses = (struct safe_session *)malloc((sesn + 1) * > + ses = mallocarray((sesn + 1), useless () > Index: pci/ubsec.c > - ses = (struct ubsec_session *)malloc((sesn + 1) * > + ses = mallocarray((sesn + 1), useless ()
Re: LibreSSL 2.0.1 released - installation extra_mode
On Sunday 2014-07-13 13:07, Bob Beck wrote: >We have released an update, LibreSSL 2.0.1 >As noted before, we welcome feedback from the broader community. Something that I have noticed is that the shared libraries generated by the portable libressl tarball are installed to their final location (in DESTDIR) with odd mode 644. Looking a bit into it, this originates in libressl-2.0.1/ltmain.sh: $ grep extra_mode -r . ./ltmain.sh:*[\\\ /]cp\ *) extra_mode=;; ./ltmain.sh:*) extra_mode='-m 0644';; [...] However, the unmodified libtool sources (git://git.sv.gnu.org/libtool) do not contain any mention of "extra_mode", so this seems like a OpenBSD-specific addition that should not be applied to the portable package. (IOW, run autoreconf using unmodified libtool.)
Re: network autoconfig
On 13/07/14 2:16 PM, frantisek holop wrote: hmm, on Sun, Jul 13, 2014 at 05:37:51PM +0200, Denis Fondras said that from the user's PoV, there shouldn't be more needed than ifconfig inet autoconf ifconfig inet6 autoconf aka inet/inet6 autoconf in hostname.if. I'm curious to see what will come out of it as I cannot envision any added value of these autoconf compared to dhclient. sounds like a great place to deal with wifi networks. That comment doesn't even make any sense. Wifi networks are not magic unicorns. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.
Re: network autoconfig
hmm, on Sun, Jul 13, 2014 at 05:37:51PM +0200, Denis Fondras said that > > > > from the user's PoV, there shouldn't be more needed than > > ifconfig inet autoconf > > ifconfig inet6 autoconf > > aka inet/inet6 autoconf in hostname.if. > > > > I'm curious to see what will come out of it as I cannot envision any > added value of these autoconf compared to dhclient. sounds like a great place to deal with wifi networks. -f -- lsd will make your cga screen display 16.2 million colors
Re: mallocarray() in sys/dev, first pass
On Sun, Jul 13, 2014 at 11:29:22AM -0600, dera...@cvs.openbsd.org wrote: > - ldp = malloc(sizeof(*ldp) + (k-1), M_DEVBUF, M_NOWAIT); > + ldp = mallocarray(k-1, sizeof(*ldp), M_DEVBUF, M_NOWAIT); Are you sure k-1 can never be small enough such that a*b is less than a+b?
mallocarray() in sys/dev, first pass
This is the first pass of mallocarray() in sys/dev. Please proofread.
Index: rd.c
===
RCS file: /cvs/src/sys/dev/rd.c,v
retrieving revision 1.7
diff -u -p -u -r1.7 rd.c
--- rd.c12 Jul 2014 18:48:51 - 1.7
+++ rd.c13 Jul 2014 15:49:17 -
@@ -88,7 +88,7 @@ rdattach(int num)
cf.cf_driver = &rd_cd;
rd_cd.cd_ndevs = num;
- rd_cd.cd_devs = malloc(num * sizeof(void *), M_DEVBUF, M_NOWAIT);
+ rd_cd.cd_devs = mallocarray(num, sizeof(void *), M_DEVBUF, M_NOWAIT);
if (rd_cd.cd_devs == NULL)
panic("rdattach: out of memory");
Index: softraid.c
===
RCS file: /cvs/src/sys/dev/softraid.c,v
retrieving revision 1.334
diff -u -p -u -r1.334 softraid.c
--- softraid.c 12 Jul 2014 18:48:51 - 1.334
+++ softraid.c 13 Jul 2014 15:48:56 -
@@ -252,7 +252,7 @@ sr_meta_attach(struct sr_discipline *sd,
/* we have a valid list now create an array index */
cl = &sd->sd_vol.sv_chunk_list;
- sd->sd_vol.sv_chunks = malloc(sizeof(struct sr_chunk *) * chunk_no,
+ sd->sd_vol.sv_chunks = mallocarray(chunk_no, sizeof(struct sr_chunk *),
M_DEVBUF, M_WAITOK | M_ZERO);
/* fill out chunk array */
@@ -1284,13 +1284,13 @@ sr_boot_assembly(struct sr_softc *sc)
}
/* Allocate memory for device and ondisk version arrays. */
- devs = malloc(BIOC_CRMAXLEN * sizeof(dev_t), M_DEVBUF,
+ devs = mallocarray(BIOC_CRMAXLEN, sizeof(dev_t), M_DEVBUF,
M_NOWAIT | M_CANFAIL);
if (devs == NULL) {
printf("%s: failed to allocate device array\n", DEVNAME(sc));
goto unwind;
}
- ondisk = malloc(BIOC_CRMAXLEN * sizeof(u_int64_t), M_DEVBUF,
+ ondisk = mallocarray(BIOC_CRMAXLEN, sizeof(u_int64_t), M_DEVBUF,
M_NOWAIT | M_CANFAIL);
if (ondisk == NULL) {
printf("%s: failed to allocate ondisk array\n", DEVNAME(sc));
@@ -1934,8 +1934,9 @@ sr_ccb_alloc(struct sr_discipline *sd)
if (sd->sd_ccb)
return (1);
- sd->sd_ccb = malloc(sizeof(struct sr_ccb) *
- sd->sd_max_wu * sd->sd_max_ccb_per_wu, M_DEVBUF, M_WAITOK | M_ZERO);
+ sd->sd_ccb = mallocarray(sd->sd_max_wu,
+ sd->sd_max_ccb_per_wu * sizeof(struct sr_ccb),
+ M_DEVBUF, M_WAITOK | M_ZERO);
TAILQ_INIT(&sd->sd_ccb_freeq);
for (i = 0; i < sd->sd_max_wu * sd->sd_max_ccb_per_wu; i++) {
ccb = &sd->sd_ccb[i];
Index: systrace.c
===
RCS file: /cvs/src/sys/dev/systrace.c,v
retrieving revision 1.70
diff -u -p -u -r1.70 systrace.c
--- systrace.c 12 Jul 2014 18:48:51 - 1.70
+++ systrace.c 13 Jul 2014 15:43:25 -
@@ -1639,7 +1639,7 @@ systrace_newpolicy(struct fsystrace *fst
DPRINTF(("%s: allocating %d -> %lu\n", __func__,
maxents, (u_long)maxents * sizeof(int)));
- pol->sysent = (u_char *)malloc(maxents * sizeof(u_char),
+ pol->sysent = mallocarray(maxents, sizeof(u_char),
M_XDATA, M_WAITOK);
pol->nsysent = maxents;
for (i = 0; i < maxents; i++)
Index: ic/ahci.c
===
RCS file: /cvs/src/sys/dev/ic/ahci.c,v
retrieving revision 1.15
diff -u -p -u -r1.15 ahci.c
--- ic/ahci.c 12 Jul 2014 18:48:17 - 1.15
+++ ic/ahci.c 13 Jul 2014 16:25:21 -
@@ -527,8 +527,8 @@ ahci_port_alloc(struct ahci_softc *sc, u
}
/* Allocate a CCB for each command slot */
- ap->ap_ccbs = malloc(sizeof(struct ahci_ccb) * sc->sc_ncmds, M_DEVBUF,
- M_NOWAIT | M_ZERO);
+ ap->ap_ccbs = mallocarray(sc->sc_ncmds, sizeof(struct ahci_ccb),
+ M_DEVBUF, M_NOWAIT | M_ZERO);
if (ap->ap_ccbs == NULL) {
printf("%s: unable to allocate command list for port %d\n",
DEVNAME(sc), port);
Index: ic/aic79xx.c
===
RCS file: /cvs/src/sys/dev/ic/aic79xx.c,v
retrieving revision 1.53
diff -u -p -u -r1.53 aic79xx.c
--- ic/aic79xx.c12 Jul 2014 18:48:17 - 1.53
+++ ic/aic79xx.c13 Jul 2014 16:25:06 -
@@ -6177,8 +6177,8 @@ ahd_init(struct ahd_softc *ahd)
AHD_ASSERT_MODES(ahd, AHD_MODE_SCSI_MSK, AHD_MODE_SCSI_MSK);
ahd->stack_size = ahd_probe_stack_size(ahd);
- ahd->saved_stack = malloc(ahd->stack_size * sizeof(uint16_t), M_DEVBUF,
- M_NOWAIT | M_ZERO);
+ ahd->saved_stack = mallocarray(ahd->stack_size, sizeof(uint16_t),
+ M_DEVBUF, M_NOWAIT | M_ZERO);
if (ahd->saved_stack == NULL)
return (ENOMEM);
Index: ic/aic7xxx.c
===
RCS file: /cvs/src/sys/dev/ic/aic7xxx.c,
Re: improve srandomdev
On Sun, Jul 13, 2014 at 04:03:53PM +0200, Brent Cook wrote:
> On Jul 13, 2014, at 3:58 PM, Ted Unangst wrote:
> > @@ -411,6 +404,9 @@ static long
> > random_l(void)
> > {
> > int32_t i;
> > +
> > + if (use_arc4random)
> > + return arc4random() & 0x7fff;
>
> return arc4random() % ((unsigned)RAND_MAX + 1) ?
No. RAND_MAX is for rand() not random().
>From posix for random():
The random() function shall use a non-linear additive feedback
random-number generator employing a default state array size of
31 long integers to return successive pseudo-random numbers in
the range from 0 to 2^31 - 1.
>From posix for rand():
The rand() function shall compute a sequence of pseudo-random
integers in the range [0, {RAND_MAX}]
Re: apmd -C tweak
I would like this.
On Sun, Jul 13, 2014 at 8:06 AM, Ted Unangst wrote:
> for reference, i use this. faster query interval and when not idle, slam
> high immediately.
>
> Index: apmd.c
> ===
> RCS file: /cvs/src/usr.sbin/apmd/apmd.c,v
> retrieving revision 1.63
> diff -u -p -r1.63 apmd.c
> --- apmd.c 13 Nov 2013 04:50:21 - 1.63
> +++ apmd.c 1 Jul 2014 01:16:29 -
> @@ -65,8 +65,8 @@ int doperf = PERF_NONE;
> #define PERFDEC 20
> #define PERFMIN 0
> #define PERFMAX 100
> -#define PERFINCTHRES 10
> -#define PERFDECTHRES 30
> +#define PERFINCTHRES 50
> +#define PERFDECTHRES 60
>
> extern char *__progname;
>
> @@ -339,9 +339,7 @@ perf_status(struct apm_power_info *pinfo
> syslog(LOG_INFO, "cannot read hw.setperf");
>
> if (forcehi || (avg_idle < PERFINCTHRES && perf < PERFMAX)) {
> - perf += PERFINC;
> - if (perf > PERFMAX)
> - perf = PERFMAX;
> + perf = PERFMAX;
> setperf(perf);
> } else if (avg_idle > PERFDECTHRES && perf > PERFMIN) {
> perf -= PERFDEC;
> @@ -643,11 +641,12 @@ main(int argc, char *argv[])
> sts = ts;
>
> if (doperf == PERF_AUTO || doperf == PERF_COOL) {
> - sts.tv_sec = 1;
> + sts.tv_sec = 0;
> + sts.tv_nsec = 2;
> perf_status(&pinfo, ncpu);
> }
>
> - apmtimeout += sts.tv_sec;
> + apmtimeout += 1;
> if ((rv = kevent(kq, NULL, 0, ev, 1, &sts)) < 0)
> break;
>
>
Re: LibreSSL 2.0.1 released
On Sunday 2014-07-13 17:36, Brent Cook wrote: >>> >>> This release includes a number of portability fixes based on the >>> initial feedback we have received from the community. >> >> I was looking at Solaris documentation and found that -lrt may be >> needed for some versions as well. A test has not been conducted. > >Thanks Jan, we fixed this in a more generic way: > >https://github.com/libressl-portable/portable/commit/7a9aa4dd7eaa91a532af39ff20fac09e49f2 Ah yes, interesting. JFYI, mingw-w64 has clock_gettime in -lpthread instead, so that needs to be tested as well.
Re: network autoconfig
> > from the user's PoV, there shouldn't be more needed than > ifconfig inet autoconf > ifconfig inet6 autoconf > aka inet/inet6 autoconf in hostname.if. > I'm curious to see what will come out of it as I cannot envision any added value of these autoconf compared to dhclient. Denis
Re: LibreSSL 2.0.1 released
On Jul 13, 2014, at 4:36 PM, Jan Engelhardt wrote: > On Sunday 2014-07-13 13:07, Bob Beck wrote: >> >> This release includes a number of portability fixes based on the >> initial feedback >> we have received from the community. > > > I was looking at Solaris documentation and found that -lrt may be needed > for some versions as well. A test has not been conducted. Thanks Jan, we fixed this in a more generic way: https://github.com/libressl-portable/portable/commit/7a9aa4dd7eaa91a532af39ff20fac09e49f2 > ---8<--- > According to Solaris documentation[1,2], clock_gettime is to be found > in librt until including Solaris 10. > > [1] http://docs.oracle.com/cd/E23823_01/html/816-5171/clock-getres-3rt.html > [2] http://docs.oracle.com/cd/E23824_01/html/821-1465/clock-gettime-3c.html > > --- > configure.ac |2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > Index: libressl-2.0.1/configure.ac > === > --- libressl-2.0.1.orig/configure.ac > +++ libressl-2.0.1/configure.ac > @@ -21,7 +21,7 @@ case $target_os in > *solaris*) > TARGET_OS=solaris; > CFLAGS="$CFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" > - AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket']) > + AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket -lrt']) > ;; > *openbsd*) > AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has > bounded]) >
use mallocarray in kern
sprinkle malloc array in the kern directory.
Index: exec_subr.c
===
RCS file: /cvs/src/sys/kern/exec_subr.c,v
retrieving revision 1.36
diff -u -p -r1.36 exec_subr.c
--- exec_subr.c 12 Jul 2014 18:43:32 - 1.36
+++ exec_subr.c 13 Jul 2014 15:13:59 -
@@ -91,7 +91,7 @@ vmcmdset_extend(struct exec_vmcmd_set *e
evsp->evs_cnt += ocnt;
/* reallocate the command set */
- nvcp = malloc(evsp->evs_cnt * sizeof(struct exec_vmcmd), M_EXEC,
+ nvcp = mallocarray(evsp->evs_cnt, sizeof(struct exec_vmcmd), M_EXEC,
M_WAITOK);
bcopy(evsp->evs_cmds, nvcp, (ocnt * sizeof(struct exec_vmcmd)));
if (evsp->evs_cmds != evsp->evs_start)
Index: kern_descrip.c
===
RCS file: /cvs/src/sys/kern/kern_descrip.c,v
retrieving revision 1.111
diff -u -p -r1.111 kern_descrip.c
--- kern_descrip.c 12 Jul 2014 18:43:32 - 1.111
+++ kern_descrip.c 13 Jul 2014 15:14:00 -
@@ -765,7 +765,7 @@ fdexpand(struct proc *p)
else
nfiles = 2 * fdp->fd_nfiles;
- newofile = malloc(nfiles * OFILESIZE, M_FILEDESC, M_WAITOK);
+ newofile = mallocarray(nfiles, OFILESIZE, M_FILEDESC, M_WAITOK);
newofileflags = (char *) &newofile[nfiles];
/*
@@ -784,9 +784,9 @@ fdexpand(struct proc *p)
free(fdp->fd_ofiles, M_FILEDESC, 0);
if (NDHISLOTS(nfiles) > NDHISLOTS(fdp->fd_nfiles)) {
- newhimap = malloc(NDHISLOTS(nfiles) * sizeof(u_int),
+ newhimap = mallocarray(NDHISLOTS(nfiles), sizeof(u_int),
M_FILEDESC, M_WAITOK);
- newlomap = malloc(NDLOSLOTS(nfiles) * sizeof(u_int),
+ newlomap = mallocarray(NDLOSLOTS(nfiles), sizeof(u_int),
M_FILEDESC, M_WAITOK);
copylen = NDHISLOTS(fdp->fd_nfiles) * sizeof(u_int);
@@ -939,7 +939,7 @@ fdcopy(struct process *pr)
i = newfdp->fd_nfiles;
while (i >= 2 * NDEXTENT && i > newfdp->fd_lastfile * 2)
i /= 2;
- newfdp->fd_ofiles = malloc(i * OFILESIZE, M_FILEDESC, M_WAITOK);
+ newfdp->fd_ofiles = mallocarray(i, OFILESIZE, M_FILEDESC,
M_WAITOK);
newfdp->fd_ofileflags = (char *) &newfdp->fd_ofiles[i];
}
if (NDHISLOTS(i) <= NDHISLOTS(NDFILE)) {
@@ -948,9 +948,9 @@ fdcopy(struct process *pr)
newfdp->fd_lomap =
((struct filedesc0 *) newfdp)->fd_dlomap;
} else {
- newfdp->fd_himap = malloc(NDHISLOTS(i) * sizeof(u_int),
+ newfdp->fd_himap = mallocarray(NDHISLOTS(i), sizeof(u_int),
M_FILEDESC, M_WAITOK);
- newfdp->fd_lomap = malloc(NDLOSLOTS(i) * sizeof(u_int),
+ newfdp->fd_lomap = mallocarray(NDLOSLOTS(i), sizeof(u_int),
M_FILEDESC, M_WAITOK);
}
newfdp->fd_nfiles = i;
Index: kern_subr.c
===
RCS file: /cvs/src/sys/kern/kern_subr.c,v
retrieving revision 1.38
diff -u -p -r1.38 kern_subr.c
--- kern_subr.c 12 Jul 2014 18:43:32 - 1.38
+++ kern_subr.c 13 Jul 2014 15:14:00 -
@@ -166,7 +166,7 @@ hashinit(int elements, int type, int fla
panic("hashinit: bad cnt");
for (hashsize = 1; hashsize < elements; hashsize <<= 1)
continue;
- hashtbl = malloc(hashsize * sizeof(*hashtbl), type, flags);
+ hashtbl = mallocarray(hashsize, sizeof(*hashtbl), type, flags);
if (hashtbl == NULL)
return NULL;
for (i = 0; i < hashsize; i++)
Index: kern_sysctl.c
===
RCS file: /cvs/src/sys/kern/kern_sysctl.c,v
retrieving revision 1.256
diff -u -p -r1.256 kern_sysctl.c
--- kern_sysctl.c 12 Jul 2014 18:43:32 - 1.256
+++ kern_sysctl.c 13 Jul 2014 15:14:00 -
@@ -1854,7 +1854,7 @@ sysctl_diskinit(int update, struct proc
free(diskstats, M_SYSCTL, 0);
diskstats = NULL;
disknames = NULL;
- diskstats = malloc(disk_count * sizeof(struct diskstats),
+ diskstats = mallocarray(disk_count, sizeof(struct diskstats),
M_SYSCTL, M_WAITOK);
disknames = malloc(tlen, M_SYSCTL, M_WAITOK);
disknames[0] = '\0';
Index: subr_autoconf.c
===
RCS file: /cvs/src/sys/kern/subr_autoconf.c,v
retrieving revision 1.77
diff -u -p -r1.77 subr_autoconf.c
--- subr_autoconf.c 12 Jul 2014 18:43:32 - 1.77
+++ subr_autoconf.c 13 Jul 2014 15:14:00 -
@@ -462,7 +462,7 @@ config_make_softc(struct device *parent,
while (new <= dev->dv_unit)
new *= 2;
Don't use n_long in libsa & stand/*
Stop using n_long and remove ?
ok?
Index: lib/libsa/arp.c
===
RCS file: /cvs/src/sys/lib/libsa/arp.c,v
retrieving revision 1.11
diff -u -p -r1.11 arp.c
--- lib/libsa/arp.c 11 Aug 2003 06:23:09 - 1.11
+++ lib/libsa/arp.c 13 Jul 2014 14:47:25 -
@@ -46,7 +46,6 @@
#include
#include
-#include
#include "stand.h"
#include "net.h"
Index: lib/libsa/bootp.c
===
RCS file: /cvs/src/sys/lib/libsa/bootp.c,v
retrieving revision 1.13
diff -u -p -r1.13 bootp.c
--- lib/libsa/bootp.c 28 Mar 2014 01:12:58 - 1.13
+++ lib/libsa/bootp.c 13 Jul 2014 14:47:25 -
@@ -43,14 +43,13 @@
#include
#include
#include
-#include
#include "stand.h"
#include "net.h"
#include "netif.h"
#include "bootp.h"
-static n_long nmask, smask;
+static u_int32_t nmask, smask;
static time_t bot;
Index: lib/libsa/bootparam.c
===
RCS file: /cvs/src/sys/lib/libsa/bootparam.c,v
retrieving revision 1.11
diff -u -p -r1.11 bootparam.c
--- lib/libsa/bootparam.c 11 Aug 2003 06:23:09 - 1.11
+++ lib/libsa/bootparam.c 13 Jul 2014 14:47:25 -
@@ -41,7 +41,6 @@
#include
#include
-#include
#include
@@ -58,7 +57,7 @@
#endif
struct in_addr bp_server_addr; /* net order */
-n_shortbp_server_port; /* net order */
+u_int16_t bp_server_port; /* net order */
/*
* RPC definitions for bootparamd
@@ -115,14 +114,14 @@ bp_whoami(int sockfd)
u_int16_t port;
u_int32_t encap_len;
/* encapsulated data here */
- n_long capsule[64];
+ u_int32_t capsule[64];
} *repl;
struct {
- n_long h[RPC_HEADER_WORDS];
+ u_int32_t h[RPC_HEADER_WORDS];
struct args d;
} sdata;
struct {
- n_long h[RPC_HEADER_WORDS];
+ u_int32_t h[RPC_HEADER_WORDS];
struct repl d;
} rdata;
char *send_tail, *recv_head;
@@ -229,12 +228,12 @@ int
bp_getfile(int sockfd, char *key, struct in_addr *serv_addr, char *pathname)
{
struct {
- n_long h[RPC_HEADER_WORDS];
- n_long d[64];
+ u_int32_t h[RPC_HEADER_WORDS];
+ u_int32_t d[64];
} sdata;
struct {
- n_long h[RPC_HEADER_WORDS];
- n_long d[128];
+ u_int32_t h[RPC_HEADER_WORDS];
+ u_int32_t d[128];
} rdata;
char serv_name[FNAME_SIZE];
char *send_tail, *recv_head;
@@ -368,7 +367,7 @@ xdr_inaddr_encode(char **pkt, struct in_
u_char *cp;
int32_t *ip;
union {
- n_long l; /* network order */
+ u_int32_t l;/* network order */
u_char c[4];
} uia;
@@ -399,7 +398,7 @@ xdr_inaddr_decode(char **pkt, struct in_
u_char *cp;
int32_t *ip;
union {
- n_long l; /* network order */
+ u_int32_t l;/* network order */
u_char c[4];
} uia;
Index: lib/libsa/ether.c
===
RCS file: /cvs/src/sys/lib/libsa/ether.c,v
retrieving revision 1.7
diff -u -p -r1.7 ether.c
--- lib/libsa/ether.c 11 Aug 2003 06:23:09 - 1.7
+++ lib/libsa/ether.c 13 Jul 2014 14:47:25 -
@@ -47,7 +47,6 @@
#include
#include
-#include
#include
#include "stand.h"
Index: lib/libsa/globals.c
===
RCS file: /cvs/src/sys/lib/libsa/globals.c,v
retrieving revision 1.3
diff -u -p -r1.3 globals.c
--- lib/libsa/globals.c 23 Sep 1996 14:18:54 - 1.3
+++ lib/libsa/globals.c 13 Jul 2014 14:47:25 -
@@ -12,7 +12,6 @@
#include
#include
#include
-#include
#include "stand.h"
#include "net.h"
@@ -31,4 +30,4 @@ structin_addr nameip; /* DNS server i
struct in_addr rootip; /* root ip address */
struct in_addr swapip; /* swap ip address */
struct in_addr gateip; /* swap ip address */
-n_long netmask = 0xff00; /* subnet or net mask */
+u_int32_t netmask = 0xff00;/* subnet or net mask */
Index: lib/libsa/in_cksum.c
===
RCS file: /cvs/src/sys/lib/libsa/in_cksum.c,v
retrieving revision 1.3
diff -u -p -r1.3 in_cksum.c
--- lib/libsa/in_cksum.c11 Aug 2003 06:23:09 - 1.3
+++ lib/libsa/in_cksum.c13 Jul 2014 14:47:25 -
@@ -46,7 +46,6 @@
#include
#include
-#include
#include "stand.h"
#include "net.h"
Index: lib/libsa/net.c
===
network autoconfig
before I forget half of what we talked about here and to share it, here's how I think the network autoconfig stuff should work in the future. from the user's PoV, there shouldn't be more needed than ifconfig inet autoconf ifconfig inet6 autoconf aka inet/inet6 autoconf in hostname.if. for inet6, we're almost there with the work done by florian and me from this week. not all of that is in yet. now for inet, I'm pretty damn certain we don't want to do DHCP in the kernel. turning on autoconf should lead to a new message on the routing socket, and a little userland daemon, let's call it autoconfd for the moment, reacts to that message insofar that it sends out the dhcp request(s) and deals with the answers. using the dhclient code of course. open question is what to do if inet autoconf is on on more than one interface - gotta select the default route somehow. inet6 does that and does it very different. we'll figure sth out it. if needed/useful dhcp6 could be integrated into that scheme kinda easily, too. i won't judge on whether that is the case; it isn't relevant yet. for the nameservers: in the inet case, autoconfd would know them from dhcp. i've been told the inet6 RAs can contain nameserver information, too. we can pass those up from the kernel using a message on the routing socket as well (this is inspired by the kernel-ipsec <-> iked/isakmpd model). the resolv.conf writing races / fights would be gone since autoconfd is the only one dealing with it. of course i don't insist on implementing all that myself, not remotely. -- Henning Brauer, h...@bsws.de, henn...@openbsd.org BS Web Services GmbH, http://bsws.de, Full-Service ISP Secure Hosting, Mail and DNS. Virtual & Dedicated Servers, Root to Fully Managed Henning Brauer Consulting, http://henningbrauer.com/
Re: LibreSSL 2.0.1 released
On Sunday 2014-07-13 13:07, Bob Beck wrote: > >This release includes a number of portability fixes based on the >initial feedback >we have received from the community. I was looking at Solaris documentation and found that -lrt may be needed for some versions as well. A test has not been conducted. ---8<--- According to Solaris documentation[1,2], clock_gettime is to be found in librt until including Solaris 10. [1] http://docs.oracle.com/cd/E23823_01/html/816-5171/clock-getres-3rt.html [2] http://docs.oracle.com/cd/E23824_01/html/821-1465/clock-gettime-3c.html --- configure.ac |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) Index: libressl-2.0.1/configure.ac === --- libressl-2.0.1.orig/configure.ac +++ libressl-2.0.1/configure.ac @@ -21,7 +21,7 @@ case $target_os in *solaris*) TARGET_OS=solaris; CFLAGS="$CFLAGS -D__EXTENSIONS__ -D_XOPEN_SOURCE=600 -DBSD_COMP" - AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket']) + AC_SUBST([PLATFORM_LDADD], ['-lnsl -lsocket -lrt']) ;; *openbsd*) AC_DEFINE([HAVE_ATTRIBUTE__BOUNDED__], [1], [OpenBSD gcc has bounded])
apmd -C tweak
for reference, i use this. faster query interval and when not idle, slam
high immediately.
Index: apmd.c
===
RCS file: /cvs/src/usr.sbin/apmd/apmd.c,v
retrieving revision 1.63
diff -u -p -r1.63 apmd.c
--- apmd.c 13 Nov 2013 04:50:21 - 1.63
+++ apmd.c 1 Jul 2014 01:16:29 -
@@ -65,8 +65,8 @@ int doperf = PERF_NONE;
#define PERFDEC 20
#define PERFMIN 0
#define PERFMAX 100
-#define PERFINCTHRES 10
-#define PERFDECTHRES 30
+#define PERFINCTHRES 50
+#define PERFDECTHRES 60
extern char *__progname;
@@ -339,9 +339,7 @@ perf_status(struct apm_power_info *pinfo
syslog(LOG_INFO, "cannot read hw.setperf");
if (forcehi || (avg_idle < PERFINCTHRES && perf < PERFMAX)) {
- perf += PERFINC;
- if (perf > PERFMAX)
- perf = PERFMAX;
+ perf = PERFMAX;
setperf(perf);
} else if (avg_idle > PERFDECTHRES && perf > PERFMIN) {
perf -= PERFDEC;
@@ -643,11 +641,12 @@ main(int argc, char *argv[])
sts = ts;
if (doperf == PERF_AUTO || doperf == PERF_COOL) {
- sts.tv_sec = 1;
+ sts.tv_sec = 0;
+ sts.tv_nsec = 2;
perf_status(&pinfo, ncpu);
}
- apmtimeout += sts.tv_sec;
+ apmtimeout += 1;
if ((rv = kevent(kq, NULL, 0, ev, 1, &sts)) < 0)
break;
Re: Compiling LibreSSL 2.0.1 on Debian 7.6
On 07/13/2014 03:42 PM, Brent Cook wrote: > Hi Jean, > > We enabled more aggressive warnings in the 2.0.1 release from 2.0.0. > > Our team looked at these warnings before the release and, while we can > potentially make them go away, they are harmless. > > - Brent Hi Brent, Cool, nothing to fret over then!
apmd -A induced hangs
Some people have reported that apmd -A makes their machines hang.
Could those people try the diff below and see whether it helps?
Index: acpicpu.c
===
RCS file: /home/cvs/src/sys/dev/acpi/acpicpu.c,v
retrieving revision 1.60
diff -u -p -r1.60 acpicpu.c
--- acpicpu.c 12 Jul 2014 18:48:17 - 1.60
+++ acpicpu.c 13 Jul 2014 14:00:03 -
@@ -202,9 +202,7 @@ acpicpu_set_pdc(struct acpicpu_softc *sc
static uint8_t cpu_oscuuid[16] = { 0x16, 0xA6, 0x77, 0x40, 0x0C, 0x29,
0xBE, 0x47, 0x9E, 0xBD, 0xD8, 0x70,
0x58, 0x71, 0x39, 0x53 };
- cap = ACPI_PDC_C_C1_HALT | ACPI_PDC_P_FFH | ACPI_PDC_C_C1_FFH
- | ACPI_PDC_C_C2C3_FFH | ACPI_PDC_SMP_P_SWCOORD | ACPI_PDC_SMP_C2C3
- | ACPI_PDC_SMP_C1PT;
+ cap = ACPI_PDC_P_FFH | ACPI_PDC_C_C1_FFH;
if (aml_searchname(sc->sc_devnode, "_OSC")) {
/* Query _OSC */
Re: improve srandomdev
On Jul 13, 2014, at 3:58 PM, Ted Unangst wrote:
> If the user calls srandomdev(), they are asking for an unpredictable
> sequence, even one that could not normally be produced. So give them
> one. Use arc4random in that case.
>
>
> Index: stdlib/random.c
> ===
> RCS file: /cvs/src/lib/libc/stdlib/random.c,v
> retrieving revision 1.22
> diff -u -p -r1.22 random.c
> --- stdlib/random.c 15 Jun 2014 05:10:58 - 1.22
> +++ stdlib/random.c 13 Jul 2014 13:56:34 -
> @@ -176,6 +176,8 @@ static int rand_type = TYPE_3;
> static int rand_deg = DEG_3;
> static int rand_sep = SEP_3;
>
> +static int use_arc4random;
> +
> _THREAD_PRIVATE_MUTEX(random);
> static long random_l(void);
>
> @@ -201,6 +203,7 @@ srandom_l(unsigned int x)
> int32_t test;
> div_t val;
>
> + use_arc4random = 0;
> if (rand_type == TYPE_0)
> state[0] = x;
> else {
> @@ -254,17 +257,7 @@ srandomdev(void)
> size_t len;
>
> LOCK();
> - if (rand_type == TYPE_0)
> - len = sizeof(state[0]);
> - else
> - len = rand_deg * sizeof(state[0]);
> -
> - arc4random_buf(state, len);
> -
> - if (rand_type != TYPE_0) {
> - fptr = &state[rand_sep];
> - rptr = &state[0];
> - }
> + use_arc4random = 1;
> UNLOCK();
> }
>
> @@ -411,6 +404,9 @@ static long
> random_l(void)
> {
> int32_t i;
> +
> + if (use_arc4random)
> + return arc4random() & 0x7fff;
return arc4random() % ((unsigned)RAND_MAX + 1) ?
>
> if (rand_type == TYPE_0)
> i = state[0] = (state[0] * 1103515245 + 12345) & 0x7fff;
>
improve srandomdev
If the user calls srandomdev(), they are asking for an unpredictable
sequence, even one that could not normally be produced. So give them
one. Use arc4random in that case.
Index: stdlib/random.c
===
RCS file: /cvs/src/lib/libc/stdlib/random.c,v
retrieving revision 1.22
diff -u -p -r1.22 random.c
--- stdlib/random.c 15 Jun 2014 05:10:58 - 1.22
+++ stdlib/random.c 13 Jul 2014 13:56:34 -
@@ -176,6 +176,8 @@ static int rand_type = TYPE_3;
static int rand_deg = DEG_3;
static int rand_sep = SEP_3;
+static int use_arc4random;
+
_THREAD_PRIVATE_MUTEX(random);
static long random_l(void);
@@ -201,6 +203,7 @@ srandom_l(unsigned int x)
int32_t test;
div_t val;
+ use_arc4random = 0;
if (rand_type == TYPE_0)
state[0] = x;
else {
@@ -254,17 +257,7 @@ srandomdev(void)
size_t len;
LOCK();
- if (rand_type == TYPE_0)
- len = sizeof(state[0]);
- else
- len = rand_deg * sizeof(state[0]);
-
- arc4random_buf(state, len);
-
- if (rand_type != TYPE_0) {
- fptr = &state[rand_sep];
- rptr = &state[0];
- }
+ use_arc4random = 1;
UNLOCK();
}
@@ -411,6 +404,9 @@ static long
random_l(void)
{
int32_t i;
+
+ if (use_arc4random)
+ return arc4random() & 0x7fff;
if (rand_type == TYPE_0)
i = state[0] = (state[0] * 1103515245 + 12345) & 0x7fff;
IFXF_NOINET doesn't make sense any more
now that we have an uncontaminated, err, inet6-free system by default,
IFXF_NOINET6 just doesn't make sense any more.
fully go for no inet6 by default, get rid of the IFXF_NOINET6 guarded
attachments etc.
introduce IFAFATTACH and IFAFDETACH ioctls. note that they are NOT
inet6 specific; the kernel only has code for inet6 so far and will
properly return EAFNOSUPPORT for all others.
there should be no user visible changes from this.
Index: sbin/ifconfig/ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.287
diff -u -p -r1.287 ifconfig.c
--- sbin/ifconfig/ifconfig.c12 Jul 2014 19:58:17 - 1.287
+++ sbin/ifconfig/ifconfig.c13 Jul 2014 13:05:15 -
@@ -148,6 +148,7 @@ voidsetiflladdr(const char *, int);
void setifdstaddr(const char *, int);
void setifflags(const char *, int);
void setifxflags(const char *, int);
+void addaf(const char *, int);
void removeaf(const char *, int);
void setifbroadaddr(const char *, int);
void setifmtu(const char *, int);
@@ -682,7 +683,7 @@ main(int argc, char *argv[])
}
#ifdef INET6
if (argc != 0 && af == AF_INET6)
- setifxflags("inet6", -IFXF_NOINET6);
+ addaf(name, AF_INET6);
#endif
while (argc > 0) {
const struct cmd *p;
@@ -1258,18 +1259,25 @@ setifxflags(const char *vname, int value
}
void
+addaf(const char *vname, int value)
+{
+ struct if_afreq ifar;
+
+ strlcpy(ifar.ifar_name, name, sizeof(ifar.ifar_name));
+ ifar.ifar_af = value;
+ if (ioctl(s, SIOCIFAFATTACH, (caddr_t)&ifar) < 0)
+ warn("SIOCIFAFATTACH");
+}
+
+void
removeaf(const char *vname, int value)
{
- switch (value) {
-#ifdef INET6
- case AF_INET6:
- setifxflags(vname, IFXF_NOINET6);
- setifxflags(vname, -IFXF_AUTOCONF6);
- break;
-#endif
- default:
- errx(1, "removeaf not implemented for this AF");
- }
+ struct if_afreq ifar;
+
+ strlcpy(ifar.ifar_name, name, sizeof(ifar.ifar_name));
+ ifar.ifar_af = value;
+ if (ioctl(s, SIOCIFAFDETACH, (caddr_t)&ifar) < 0)
+ warn("SIOCIFAFDETACH");
}
#ifdef INET6
@@ -1331,7 +1339,9 @@ setia6eui64(const char *cmd, int val)
if (afp->af_af != AF_INET6)
errx(1, "%s not allowed for the AF", cmd);
- setifxflags("inet6", -IFXF_NOINET6);
+#ifdef INET6
+ addaf(name, AF_INET6);
+#endif
in6 = (struct in6_addr *)&in6_addreq.ifra_addr.sin6_addr;
if (memcmp(&in6addr_any.s6_addr[8], &in6->s6_addr[8], 8) != 0)
errx(1, "interface index is already filled");
Index: sys/net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.297
diff -u -p -r1.297 if.c
--- sys/net/if.c12 Jul 2014 18:44:22 - 1.297
+++ sys/net/if.c13 Jul 2014 13:15:09 -
@@ -428,10 +428,6 @@ if_attach(struct ifnet *ifp)
#else
TAILQ_INSERT_TAIL(&ifnet, ifp, if_list);
#endif
-#ifdef INET6
- ifp->if_xflags |= IFXF_NOINET6;
-#endif
-
if_attachsetup(ifp);
}
@@ -1133,11 +1129,6 @@ if_up(struct ifnet *ifp)
bstp_ifstate(ifp);
#endif
rt_ifmsg(ifp);
-#ifdef INET6
- if (!(ifp->if_xflags & IFXF_NOINET6))
- in6_if_up(ifp);
-#endif
-
#ifndef SMALL_KERNEL
rt_if_track(ifp);
#endif
@@ -1237,6 +1228,7 @@ ifioctl(struct socket *so, u_long cmd, c
struct ifaddr *ifa;
struct sockaddr_dl *sdl;
struct ifgroupreq *ifgr;
+ struct if_afreq *ifar;
char ifdescrbuf[IFDESCRSIZE];
char ifrtlabelbuf[RTLABEL_LEN];
int s, error = 0;
@@ -1271,6 +1263,26 @@ ifioctl(struct socket *so, u_long cmd, c
if ((error = suser(p, 0)) != 0)
return (error);
return (if_setgroupattribs(data));
+ case SIOCIFAFATTACH:
+ case SIOCIFAFDETACH:
+ if ((error = suser(p, 0)) != 0)
+ return (error);
+ ifar = (struct if_afreq *)data;
+ if ((ifp = ifunit(ifar->ifar_name)) == NULL)
+ return (ENXIO);
+ switch (ifar->ifar_af) {
+ case AF_INET6:
+ s = splnet();
+ if (cmd == SIOCIFAFATTACH) {
+ if (in6ifa_ifpforlinklocal(ifp, 0) == NULL)
+ in6_if_up(ifp);
+ } else
+ in6_ifdetach(ifp);
+ splx(s);
+ return (0);
+ default:
+ return (EAFNOSUPPORT);
+ }
}
ifp = ifunit(ifr->ifr_name);
@@ -1327,25 +1339,6 @@ ifioctl(struct socket *so, u_long cmd, c
if ((error = suse
Re: Compiling LibreSSL 2.0.1 on Debian 7.6
On Jul 13, 2014, at 2:48 PM, Jean Paul Galea wrote: > Hello, > > I compiled LibreSSL 2.0.1 on my Debian machine, and while doing so, > noticed some compiler warnings. > > I'm not competent to understand what's going on, but perhaps someone > here wants to pick this up. > > Thank you for the hard work your team is putting into this fork. > > Jean Paul Hi Jean, We enabled more aggressive warnings in the 2.0.1 release from 2.0.0. Our team looked at these warnings before the release and, while we can potentially make them go away, they are harmless. - Brent > > jean@thinkpad:~/Downloads/libressl-2.0.1$ uname -a > Linux thinkpad 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u1 x86_64 GNU/Linux > > jean@thinkpad:~/Downloads/libressl-2.0.1$ gcc -v > Using built-in specs. > COLLECT_GCC=gcc > COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.7/lto-wrapper > Target: x86_64-linux-gnu > Configured with: ../src/configure -v --with-pkgversion='Debian 4.7.2-5' > --with-bugurl=file:///usr/share/doc/gcc-4.7/README.Bugs > --enable-languages=c,c++,go,fortran,objc,obj-c++ --prefix=/usr > --program-suffix=-4.7 --enable-shared --enable-linker-build-id > --with-system-zlib --libexecdir=/usr/lib --without-included-gettext > --enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.7 > --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu > --enable-libstdcxx-debug --enable-libstdcxx-time=yes > --enable-gnu-unique-object --enable-plugin --enable-objc-gc > --with-arch-32=i586 --with-tune=generic --enable-checking=release > --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu > Thread model: posix > gcc version 4.7.2 (Debian 4.7.2-5) > > > jean@thinkpad:~/Downloads/libressl-2.0.1$ ./configure > checking build system type... x86_64-unknown-linux-gnu > checking host system type... x86_64-unknown-linux-gnu > checking target system type... x86_64-unknown-linux-gnu > checking for a BSD-compatible install... /usr/bin/install -c > checking whether build environment is sane... yes > checking for a thread-safe mkdir -p... /bin/mkdir -p > checking for gawk... no > checking for mawk... mawk > checking whether make sets $(MAKE)... yes > checking whether make supports nested variables... yes > checking whether make supports nested variables... (cached) yes > checking for gcc... gcc > checking whether the C compiler works... yes > checking for C compiler default output file name... a.out > checking for suffix of executables... > checking whether we are cross compiling... no > checking for suffix of object files... o > checking whether we are using the GNU C compiler... yes > checking whether gcc accepts -g... yes > checking for gcc option to accept ISO C89... none needed > checking whether gcc understands -c and -o together... yes > checking for style of include used by make... GNU > checking dependency style of gcc... gcc3 > checking how to print strings... printf > checking for a sed that does not truncate output... /bin/sed > checking for grep that handles long lines and -e... /bin/grep > checking for egrep... /bin/grep -E > checking for fgrep... /bin/grep -F > checking for ld used by gcc... /usr/bin/ld > checking if the linker (/usr/bin/ld) is GNU ld... yes > checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B > checking the name lister (/usr/bin/nm -B) interface... BSD nm > checking whether ln -s works... yes > checking the maximum length of command line arguments... 1572864 > checking whether the shell understands some XSI constructs... yes > checking whether the shell understands "+="... yes > checking how to convert x86_64-unknown-linux-gnu file names to > x86_64-unknown-linux-gnu format... func_convert_file_noop > checking how to convert x86_64-unknown-linux-gnu file names to toolchain > format... func_convert_file_noop > checking for /usr/bin/ld option to reload object files... -r > checking for objdump... objdump > checking how to recognize dependent libraries... pass_all > checking for dlltool... no > checking how to associate runtime and link libraries... printf %s\n > checking for ar... ar > checking for archiver @FILE support... @ > checking for strip... strip > checking for ranlib... ranlib > checking command to parse /usr/bin/nm -B output from gcc object... ok > checking for sysroot... no > checking for mt... mt > checking if mt is a manifest tool... no > checking how to run the C preprocessor... gcc -E > checking for ANSI C header files... yes > checking for sys/types.h... yes > checking for sys/stat.h... yes > checking for stdlib.h... yes > checking for string.h... yes > checking for memory.h... yes > checking for strings.h... yes > checking for inttypes.h... yes > checking for stdint.h... yes > checking for unistd.h... yes > checking for dlfcn.h... yes > checking for objdir... .libs > checking if gcc supports -fno-rtti -fno-exceptions... no > checking for gcc option to produce PIC... -fPIC -DPIC > checking if gcc PIC flag -fPIC -DPIC works... yes > ch
better random in atc
We have to support a seed, but if we don't start with one, use
arc4random() instead.
This also makes the linker warnings a little nicer and more localized:
update.o(.text+0xbfd): In function `setseed':
: warning: srandom() seed choices are invariably poor
update.o(.text+0x259): In function `addplane':
: warning: random() isn't random; consider using arc4random()
Index: extern.h
===
RCS file: /cvs/src/games/atc/extern.h,v
retrieving revision 1.7
diff -u -p -r1.7 extern.h
--- extern.h25 Oct 2013 21:57:10 - 1.7
+++ extern.h13 Jul 2014 13:21:46 -
@@ -102,6 +102,7 @@ voidquit(int);
intread_file(const char *);
void redraw(void);
void rezero(void);
+void setseed(const char *);
void setup_screen(const C_SCREEN *);
inttoo_close(const PLANE *p1, const PLANE *p2, int);
void update(int);
Index: main.c
===
RCS file: /cvs/src/games/atc/main.c,v
retrieving revision 1.22
diff -u -p -r1.22 main.c
--- main.c 13 Jul 2014 13:00:40 - 1.22
+++ main.c 13 Jul 2014 13:21:46 -
@@ -111,10 +111,8 @@ main(int ac, char *av[])
ptr++;
}
}
- if (seed != NULL)
- srandom(atol(seed));
- else
- srandomdev();
+ if (seed != NULL)
+ setseed(seed);
if (f_usage)
fprintf(stderr,
Index: update.c
===
RCS file: /cvs/src/games/atc/update.c,v
retrieving revision 1.13
diff -u -p -r1.13 update.c
--- update.c13 Jul 2014 13:00:40 - 1.13
+++ update.c13 Jul 2014 13:21:46 -
@@ -43,6 +43,23 @@
#include "include.h"
+int seeded;
+void
+setseed(const char *seed)
+{
+ seeded = 1;
+ srandom(atol(seed));
+}
+
+uint32_t
+atcrandom()
+{
+ if (seeded)
+ return random();
+ else
+ return arc4random();
+}
+
void
update(int dummy)
{
@@ -196,7 +213,7 @@ update(int dummy)
* Otherwise, prop jobs show up *on* entrance. Remember that
* we don't update props on odd updates.
*/
- if ((random() % sp->newplane_time) == 0)
+ if ((atcrandom() % sp->newplane_time) == 0)
addplane();
}
@@ -292,10 +309,10 @@ addplane(void)
memset(&p, 0, sizeof (p));
p.status = S_MARKED;
- p.plane_type = random() % 2;
+ p.plane_type = atcrandom() % 2;
num_starts = sp->num_exits + sp->num_airports;
- rnd = random() % num_starts;
+ rnd = atcrandom() % num_starts;
if (rnd < sp->num_exits) {
p.dest_type = T_EXIT;
@@ -308,7 +325,7 @@ addplane(void)
/* loop until we get a plane not near another */
for (i = 0; i < num_starts; i++) {
/* loop till we get a different start point */
- while ((rnd2 = random() % num_starts) == rnd)
+ while ((rnd2 = atcrandom() % num_starts) == rnd)
;
if (rnd2 < sp->num_exits) {
p.orig_type = T_EXIT;
Compiling LibreSSL 2.0.1 on Debian 7.6
Hello, I compiled LibreSSL 2.0.1 on my Debian machine, and while doing so, noticed some compiler warnings. I'm not competent to understand what's going on, but perhaps someone here wants to pick this up. Thank you for the hard work your team is putting into this fork. Jean Paul jean@thinkpad:~/Downloads/libressl-2.0.1$ uname -a Linux thinkpad 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u1 x86_64 GNU/Linux jean@thinkpad:~/Downloads/libressl-2.0.1$ gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/usr/lib/gcc/x86_64-linux-gnu/4.7/lto-wrapper Target: x86_64-linux-gnu Configured with: ../src/configure -v --with-pkgversion='Debian 4.7.2-5' --with-bugurl=file:///usr/share/doc/gcc-4.7/README.Bugs --enable-languages=c,c++,go,fortran,objc,obj-c++ --prefix=/usr --program-suffix=-4.7 --enable-shared --enable-linker-build-id --with-system-zlib --libexecdir=/usr/lib --without-included-gettext --enable-threads=posix --with-gxx-include-dir=/usr/include/c++/4.7 --libdir=/usr/lib --enable-nls --with-sysroot=/ --enable-clocale=gnu --enable-libstdcxx-debug --enable-libstdcxx-time=yes --enable-gnu-unique-object --enable-plugin --enable-objc-gc --with-arch-32=i586 --with-tune=generic --enable-checking=release --build=x86_64-linux-gnu --host=x86_64-linux-gnu --target=x86_64-linux-gnu Thread model: posix gcc version 4.7.2 (Debian 4.7.2-5) jean@thinkpad:~/Downloads/libressl-2.0.1$ ./configure checking build system type... x86_64-unknown-linux-gnu checking host system type... x86_64-unknown-linux-gnu checking target system type... x86_64-unknown-linux-gnu checking for a BSD-compatible install... /usr/bin/install -c checking whether build environment is sane... yes checking for a thread-safe mkdir -p... /bin/mkdir -p checking for gawk... no checking for mawk... mawk checking whether make sets $(MAKE)... yes checking whether make supports nested variables... yes checking whether make supports nested variables... (cached) yes checking for gcc... gcc checking whether the C compiler works... yes checking for C compiler default output file name... a.out checking for suffix of executables... checking whether we are cross compiling... no checking for suffix of object files... o checking whether we are using the GNU C compiler... yes checking whether gcc accepts -g... yes checking for gcc option to accept ISO C89... none needed checking whether gcc understands -c and -o together... yes checking for style of include used by make... GNU checking dependency style of gcc... gcc3 checking how to print strings... printf checking for a sed that does not truncate output... /bin/sed checking for grep that handles long lines and -e... /bin/grep checking for egrep... /bin/grep -E checking for fgrep... /bin/grep -F checking for ld used by gcc... /usr/bin/ld checking if the linker (/usr/bin/ld) is GNU ld... yes checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm -B checking the name lister (/usr/bin/nm -B) interface... BSD nm checking whether ln -s works... yes checking the maximum length of command line arguments... 1572864 checking whether the shell understands some XSI constructs... yes checking whether the shell understands "+="... yes checking how to convert x86_64-unknown-linux-gnu file names to x86_64-unknown-linux-gnu format... func_convert_file_noop checking how to convert x86_64-unknown-linux-gnu file names to toolchain format... func_convert_file_noop checking for /usr/bin/ld option to reload object files... -r checking for objdump... objdump checking how to recognize dependent libraries... pass_all checking for dlltool... no checking how to associate runtime and link libraries... printf %s\n checking for ar... ar checking for archiver @FILE support... @ checking for strip... strip checking for ranlib... ranlib checking command to parse /usr/bin/nm -B output from gcc object... ok checking for sysroot... no checking for mt... mt checking if mt is a manifest tool... no checking how to run the C preprocessor... gcc -E checking for ANSI C header files... yes checking for sys/types.h... yes checking for sys/stat.h... yes checking for stdlib.h... yes checking for string.h... yes checking for memory.h... yes checking for strings.h... yes checking for inttypes.h... yes checking for stdint.h... yes checking for unistd.h... yes checking for dlfcn.h... yes checking for objdir... .libs checking if gcc supports -fno-rtti -fno-exceptions... no checking for gcc option to produce PIC... -fPIC -DPIC checking if gcc PIC flag -fPIC -DPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.o... (cached) yes checking whether the gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes checking whether -lc should be explicitly linked in... no checking dynamic linker characteristics... GNU/Linux ld.so checking how to hardcode library paths into programs... immediate checking whether stripping libraries is possible... yes ch
Re: LibreSSL 2.0.1 released
Also starting with this release the directory includes SHA256 signatures which are signed using signify. The signify public key for libressl is: untrusted comment: LibreSSL Portable public key RWQg/nutTVqCUVUw8OhyHt9n51IC8mdQRd1b93dOyVrwtIXmMI+dtGFe On Sun, Jul 13, 2014 at 5:07 AM, Bob Beck wrote: > We have released an update, LibreSSL 2.0.1 > > This release includes a number of portability fixes based on the > initial feedback > we have received from the community. This includes among other things > two new configure options to set OPENSSLDIR and ENGINESDIR. We have > removed a few hardcoded compiler options that were problematic on some > systems as well as -Werror. We have also re-synced with the latest OpenBSD > sources as a number of issues were fixed upstream. This release also includes > pkg-config support. > > As noted before, we welcome feedback from the broader community. > > Enjoy, > > -Bob
LibreSSL 2.0.1 released
We have released an update, LibreSSL 2.0.1 This release includes a number of portability fixes based on the initial feedback we have received from the community. This includes among other things two new configure options to set OPENSSLDIR and ENGINESDIR. We have removed a few hardcoded compiler options that were problematic on some systems as well as -Werror. We have also re-synced with the latest OpenBSD sources as a number of issues were fixed upstream. This release also includes pkg-config support. As noted before, we welcome feedback from the broader community. Enjoy, -Bob
Re: lynx: disable old protocols
On Sun, Jul 13, 2014 at 02:58:04AM -0500, Shawn K. Quinn wrote: | On Sun, 2014-07-13 at 01:38 -0600, Theo de Raadt wrote: | > With your attitude, I beg you to please go run some other | > operating system. | | The plan is when the first Bitrig release comes out, I'm done and switch | to that. The donations I was going to make to your project later this | year? Not anymore. They are either going to Bitrig, or maybe some even | to the FSF. Oh, the latter I would love to do especially since you keep | trashing Richard Stallman every chance you get, even after the FSF gave | you an award. (Did they ever ask for that award back? The FSF is run by | a lot of nice people. Maybe they are too nice to have asked for you to | return the award, but they should have. The lack of gratitude shown by | your ridicule of RMS after getting it is just plain atrocious and casts | a black eye on the "open source" movement you claim to be part of.) | | By the way, you would not have had BSD source code to hack on without | the efforts of RMS. Think about that next time before you insult him. | Show a little fucking gratitude for a change. And you show your gratitude for the free software that you use by telling the people that wrote it how to behave and making demands from them? Should OpenBSD keep lynx as it is because you and maybe a handful of others want it to stay that way? Some (extremely small) subset of users get to decide how things are? I believe the answer to the last question should be yes: but I don't think you are in that subset. The people maintaining OpenBSD get to maintain it. You get to use it. You choose to complain, they choose to ignore or ridicule you. | Until then, I'm going to keep a close eye on changes | under /usr/src/gnu/usr.bin/lynx and undo them on my own system if it | disables useful functionality. It's just outrageous I have to do this to | keep things like gopher support. Why is that outrageous?! Is it really outrageous that you get all the stuff you need to turn this into exactly what you want for free? Including, in this case, advance notification? Should Theo come to your house and do a little song and dance for you too? This is Open Source Software. You've stated it loud enough. | BTW, I still want to see an actual exploit. None of this "the code looks | shitty" vagueness. Look hard enough, you'll find code that looks shitty | everywhere. Why do you want to see an actual exploit? Do you want to see an actual exploit for changes that have gone into any other part of the tree? Ted (and others, I'm singling out Ted as he's become the personification of deleting stuff) has been deleting lots of arcane stuff from the tree; why are you not demanding things like fsplit are brought back, asking where exploits are? I know why not: you are not a fortran user. You don't use fsplit. You, and a few others, have stated you still use lynx with gopher and/or other protocols. Great: submit a port and use that. It's perfectly OK to actually participate in the development with submitting changes instead of getting all worked up when things don't happen the way you want them to. Things in OpenBSD have changed a lot since I started using it, and not always to my liking. I just deal with it. Why can't you? Why does anybody in OpenBSD owe you anything? Where does your sense of entitlement stem from? Cheers, Paul 'WEiRD' de Weerd -- >[<++>-]<+++.>+++[<-->-]<.>+++[<+ +++>-]<.>++[<>-]<+.--.[-] http://www.weirdnet.nl/
adduser crypt methods
1. md5crypt isn't support anymore
2. if you want des passwords, go use vipw
I kept auto and blowfish instead of just hard coding blowfish because
there's some bits that allow fiddling with the salt. (that needs
improvement too, but not this diff)
Index: adduser.perl
===
RCS file: /cvs/src/usr.sbin/adduser/adduser.perl,v
retrieving revision 1.61
diff -u -p -r1.61 adduser.perl
--- adduser.perl15 Feb 2014 06:27:50 - 1.61
+++ adduser.perl13 Jul 2014 10:18:41 -
@@ -96,7 +96,7 @@ sub variables {
# common shells, first element has higher priority
@shellpref = ('csh', 'sh', 'bash', 'tcsh', 'ksh');
-@encryption_methods = ('auto', 'blowfish', 'md5', 'des', 'old');
+@encryption_methods = ('auto', 'blowfish' );
$defaultshell = 'ksh'; # defaultshell if not empty
$group_uniq = 'USER';
@@ -958,18 +958,7 @@ sub uniq {
# That may be a DES salt or a blowfish rotation count
sub salt {
local($salt); # initialization
-if ($encryptionmethod eq "des" || $encryptionmethod eq "old") {
-local($i, $rand);
-local(@itoa64) = ( '0' .. '9', 'a' .. 'z', 'A' .. 'Z' ); # 0 .. 63
-
-warn "calculate salt\n" if $verbose > 1;
-
-for ($i = 0; $i < 8; $i++) {
- srand(time + $rand + $$);
- $rand = rand(25*29*17 + $rand);
- $salt .= $itoa64[$rand & $#itoa64];
-}
-} elsif ($encryptionmethod eq "md5" || $encryptionmethod eq "auto") {
+if ($encryptionmethod eq "auto") {
$salt = "";
} elsif ($encryptionmethod =~ /^blowfish/ ) {
($encryptionmethod, $salt) = split(/\,/, $encryptionmethod);
@@ -991,11 +980,7 @@ sub encrypt {
local($pass, $salt) = ($_[0], $_[1]);
local(@args, $crypt);
-if ($encryptionmethod eq "des" || $encryptionmethod eq "old") {
-@args = ("-s", $salt);
-} elsif ($encryptionmethod eq "md5") {
-@args = ("-m");
-} elsif ($encryptionmethod eq "blowfish") {
+if ($encryptionmethod eq "blowfish") {
@args = ("-b", $salt);
} elsif ($encryptionmethod eq "auto") {
@args = ("-c", $log_cl);
Re: [PATCH] fix overflow handling in dd(1)
Here is the latest diff with the bullshit removed and the loop replaced with
strchr.
Index: bin/dd/args.c
===
RCS file: /cvs/src/bin/dd/args.c,v
retrieving revision 1.25
diff -u -b -w -p -r1.25 args.c
--- bin/dd/args.c 21 May 2014 06:23:02 - 1.25
+++ bin/dd/args.c 13 Jul 2014 09:13:18 -
@@ -196,8 +196,7 @@ static void
f_count(char *arg)
{
- if ((cpy_cnt = get_bsz(arg)) == 0)
- cpy_cnt = (size_t)-1;
+ cpy_cnt = get_bsz(arg);
}
static void
@@ -323,8 +322,12 @@ get_bsz(char *val)
size_t num, t;
char *expr;
- num = strtoul(val, &expr, 0);
- if (num == SIZE_T_MAX) /* Overflow. */
+ if (strchr(val, '-'))
+ errx(1, "%s: illegal numeric value", oper);
+
+ errno = 0;
+ num = strtoul(val, &expr, 0);
+ if (num == ULONG_MAX && errno == ERANGE)/* Overflow. */
err(1, "%s", oper);
if (expr == val)/* No digits. */
errx(1, "%s: illegal numeric value", oper);
Index: bin/dd/dd.c
===
RCS file: /cvs/src/bin/dd/dd.c,v
retrieving revision 1.18
diff -u -b -w -p -r1.18 dd.c
--- bin/dd/dd.c 1 Jun 2013 16:46:49 - 1.18
+++ bin/dd/dd.c 13 Jul 2014 09:13:18 -
@@ -77,7 +77,7 @@ main(int argc, char *argv[])
atexit(summary);
- if (cpy_cnt != (size_t)-1) {
+ if (cpy_cnt != 0) {
while (files_cnt--)
dd_in();
}
On 7/13/2014 2:08 AM, William Orr wrote:
Sorry, the libssl patch was unintentional. I forgot to cvs up -C that
one.
On 7/13/2014 2:05 AM, Ted Unangst wrote:
On Sun, Jul 13, 2014 at 01:52, William Orr wrote:
Hey,
I sent a patch similar to this almost a month ago with no response.
Feedback? Interest?
Yes.
-num = strtoul(val, &expr, 0);
-if (num == SIZE_T_MAX)/* Overflow. */
+while (isspace(vp[0]))
+vp++;
+if (vp[0] == '-')
+errx(1, "%s: cannot be negative", oper);
+
+errno = 0;
+num = strtoul(vp, &expr, 0);
+if (num == SIZE_T_MAX && errno == ERANGE) /* Overflow. */
I think you can just use strchr to look for a - anywhere in the
string. It shouldn't be anywhere, right? And use ULONG_MAX to match
strtoul.
Index: lib/libssl/src/crypto/conf/conf_api.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v
retrieving revision 1.11
diff -u -b -w -p -r1.11 conf_api.c
--- lib/libssl/src/crypto/conf/conf_api.c23 Jun 2014 22:19:02
-1.11
+++ lib/libssl/src/crypto/conf/conf_api.c13 Jul 2014 07:43:09 -
@@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char
if ((v->section = malloc(i)) == NULL)
goto err;
-memcpy(v->section, section, i);
+memmove(v->section, section, i);
v->name = NULL;
v->value = (char *)sk;
Unrelated, but also unnecessary. The malloc above makes it clear
v->section is a unique pointer not aliased with section. memcpy is fine.
Re: [PATCH] fix overflow handling in dd(1)
Sorry, the libssl patch was unintentional. I forgot to cvs up -C that one. On 7/13/2014 2:05 AM, Ted Unangst wrote: On Sun, Jul 13, 2014 at 01:52, William Orr wrote: Hey, I sent a patch similar to this almost a month ago with no response. Feedback? Interest? Yes. - num = strtoul(val, &expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + while (isspace(vp[0])) + vp++; + if (vp[0] == '-') + errx(1, "%s: cannot be negative", oper); + + errno = 0; + num = strtoul(vp, &expr, 0); + if (num == SIZE_T_MAX && errno == ERANGE) /* Overflow. */ I think you can just use strchr to look for a - anywhere in the string. It shouldn't be anywhere, right? And use ULONG_MAX to match strtoul. Index: lib/libssl/src/crypto/conf/conf_api.c === RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v retrieving revision 1.11 diff -u -b -w -p -r1.11 conf_api.c --- lib/libssl/src/crypto/conf/conf_api.c 23 Jun 2014 22:19:02 - 1.11 +++ lib/libssl/src/crypto/conf/conf_api.c 13 Jul 2014 07:43:09 - @@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char if ((v->section = malloc(i)) == NULL) goto err; - memcpy(v->section, section, i); + memmove(v->section, section, i); v->name = NULL; v->value = (char *)sk; Unrelated, but also unnecessary. The malloc above makes it clear v->section is a unique pointer not aliased with section. memcpy is fine.
Re: [PATCH] fix overflow handling in dd(1)
On Sun, Jul 13, 2014 at 01:52, William Orr wrote: > Hey, > > I sent a patch similar to this almost a month ago with no response. > > Feedback? Interest? Yes. > > - num = strtoul(val, &expr, 0); > - if (num == SIZE_T_MAX) /* Overflow. */ > + while (isspace(vp[0])) > + vp++; > + if (vp[0] == '-') > + errx(1, "%s: cannot be negative", oper); > + > + errno = 0; > + num = strtoul(vp, &expr, 0); > + if (num == SIZE_T_MAX && errno == ERANGE) /* Overflow. */ I think you can just use strchr to look for a - anywhere in the string. It shouldn't be anywhere, right? And use ULONG_MAX to match strtoul. > Index: lib/libssl/src/crypto/conf/conf_api.c > === > RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v > retrieving revision 1.11 > diff -u -b -w -p -r1.11 conf_api.c > --- lib/libssl/src/crypto/conf/conf_api.c 23 Jun 2014 22:19:02 - > 1.11 > +++ lib/libssl/src/crypto/conf/conf_api.c 13 Jul 2014 07:43:09 - > @@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char > if ((v->section = malloc(i)) == NULL) > goto err; > > - memcpy(v->section, section, i); > + memmove(v->section, section, i); > v->name = NULL; > v->value = (char *)sk; Unrelated, but also unnecessary. The malloc above makes it clear v->section is a unique pointer not aliased with section. memcpy is fine.
Re: lynx: disable old protocols
On Sun, 2014-07-13 at 02:23 -0600, Theo de Raadt wrote: > You demand us to do work? > > Please leave immediately. No, I'm asking why there's been no exploit, not necessarily for you to write one. In fact, Theo, I'd really rather you not try to write one, since apparently you're averse to the idea of doing so. -- Shawn K. Quinn
[PATCH] fix overflow handling in dd(1)
Hey,
I sent a patch similar to this almost a month ago with no response.
Feedback? Interest?
This patch fixes the following:
- Takes negative values
- When SIZE_T_MAX was passed, returns undefined error
Index: bin/dd/args.c
===
RCS file: /cvs/src/bin/dd/args.c,v
retrieving revision 1.25
diff -u -b -w -p -r1.25 args.c
--- bin/dd/args.c 21 May 2014 06:23:02 - 1.25
+++ bin/dd/args.c 13 Jul 2014 07:43:07 -
@@ -37,6 +37,7 @@
#include
#include
+#include
#include
#include
#include
@@ -196,8 +197,7 @@ static void
f_count(char *arg)
{
- if ((cpy_cnt = get_bsz(arg)) == 0)
- cpy_cnt = (size_t)-1;
+ cpy_cnt = get_bsz(arg);
}
static void
@@ -322,9 +322,16 @@ get_bsz(char *val)
{
size_t num, t;
char *expr;
+ char *vp = val;
- num = strtoul(val, &expr, 0);
- if (num == SIZE_T_MAX) /* Overflow. */
+ while (isspace(vp[0]))
+ vp++;
+ if (vp[0] == '-')
+ errx(1, "%s: cannot be negative", oper);
+
+ errno = 0;
+ num = strtoul(vp, &expr, 0);
+ if (num == SIZE_T_MAX && errno == ERANGE) /* Overflow. */
err(1, "%s", oper);
if (expr == val)/* No digits. */
errx(1, "%s: illegal numeric value", oper);
Index: bin/dd/dd.c
===
RCS file: /cvs/src/bin/dd/dd.c,v
retrieving revision 1.18
diff -u -b -w -p -r1.18 dd.c
--- bin/dd/dd.c 1 Jun 2013 16:46:49 - 1.18
+++ bin/dd/dd.c 13 Jul 2014 07:43:07 -
@@ -77,7 +77,7 @@ main(int argc, char *argv[])
atexit(summary);
- if (cpy_cnt != (size_t)-1) {
+ if (cpy_cnt != 0) {
while (files_cnt--)
dd_in();
}
Index: lib/libssl/src/crypto/conf/conf_api.c
===
RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v
retrieving revision 1.11
diff -u -b -w -p -r1.11 conf_api.c
--- lib/libssl/src/crypto/conf/conf_api.c 23 Jun 2014 22:19:02 -
1.11
+++ lib/libssl/src/crypto/conf/conf_api.c 13 Jul 2014 07:43:09 -
@@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char
if ((v->section = malloc(i)) == NULL)
goto err;
- memcpy(v->section, section, i);
+ memmove(v->section, section, i);
v->name = NULL;
v->value = (char *)sk;
Re: lynx: disable old protocols
On Sat, Jul 12, 2014 at 21:43, Shawn K. Quinn wrote: > For now, I'm going to make sure my Lynx still has full functionality if > I have to manually unfuck the Makefile myself everytime after I update > my sources. In the future? Maybe I (and the other users who actually > give a shit about having non-crippled software) should have switched to > BitRig (or NetBSD, or maybe even something else) already. It's a shame > because I was looking to buy a CD set for 5.6, too. But I won't if Lynx > isn't all there in 5.6-release, and I'll be donating the money to > another project (most likely BitRig) instead. Feel free to follow my > lead should you desire. That's a strange choice. bitrig deleted lynx entirely quite some time ago. You won't find gopher support there either.
Re: lynx: disable old protocols
You demand us to do work? Please leave immediately. > On Sun, 2014-07-13 at 02:01 -0600, Theo de Raadt wrote: > > Why haven't you left yet Shawn? > > Because for the moment, I still am an OpenBSD user. And you haven't > answered my question why there's been no exploit of this "poor quality" > code (in the entire history of Lynx going back to 1992, no less). > > It's so easy to look at code and say it's shitty. It's another to prove > it. > > -- > Shawn K. Quinn >
Re: lynx: disable old protocols
On Sun, 2014-07-13 at 02:01 -0600, Theo de Raadt wrote: > Why haven't you left yet Shawn? Because for the moment, I still am an OpenBSD user. And you haven't answered my question why there's been no exploit of this "poor quality" code (in the entire history of Lynx going back to 1992, no less). It's so easy to look at code and say it's shitty. It's another to prove it. -- Shawn K. Quinn
Kill old n_time, n_short types,
Here's an updated version of a diff I sent some months ago.
It removes the dependency on for the network
headers by substituting n_time, n_long and n_short by their equivalent
u_int_* types.
This will allows to stop including in all the
files pulling or . Here's what I
said in my previous mail:
> Since in most of the protocol header definitions we generally use
> u_intX_t types and then call the appropriate ntohX() function on
> every field, can't we do the same here?
>
> The diff below converts all of the n_* declaration under sys/netinet
> and leave sys/lib/libsa for the moment.
>
> Apart from reducing the obfuscating factor of our sources this change
> would allow us to remove an include from ~400 files.
Only one program in userland uses n_time, trpt(8), it can be cleaned
when removing the include.
ok?
Index: netinet/in_systm.h
===
RCS file: /cvs/src/sys/netinet/in_systm.h,v
retrieving revision 1.6
diff -u -p -r1.6 in_systm.h
--- netinet/in_systm.h 19 Oct 2013 14:50:21 - 1.6
+++ netinet/in_systm.h 13 Jul 2014 07:48:23 -
@@ -41,7 +41,7 @@ typedef u_int32_t n_long;
typedef u_int32_t n_time; /* ms since 00:00 GMT */
#ifdef _KERNEL
-n_time iptime(void);
+u_int32_t iptime(void);
#endif /* _KERNEL */
#endif /* _NETINET_IN_SYSTM_H_ */
Index: netinet/ip.h
===
RCS file: /cvs/src/sys/netinet/ip.h,v
retrieving revision 1.15
diff -u -p -r1.15 ip.h
--- netinet/ip.h12 May 2014 09:15:00 - 1.15
+++ netinet/ip.h13 Jul 2014 07:48:23 -
@@ -176,10 +176,10 @@ structip_timestamp {
ipt_flg:4; /* flags, see below */
#endif
union ipt_timestamp {
-n_time ipt_time[1];
+u_int32_t ipt_time[1];
struct ipt_ta {
struct in_addr ipt_addr;
- n_time ipt_time;
+ u_int32_t ipt_time;
} ipt_ta[1];
} ipt_timestamp;
};
Index: netinet/ip_icmp.c
===
RCS file: /cvs/src/sys/netinet/ip_icmp.c,v
retrieving revision 1.122
diff -u -p -r1.122 ip_icmp.c
--- netinet/ip_icmp.c 7 May 2014 08:09:33 - 1.122
+++ netinet/ip_icmp.c 13 Jul 2014 07:48:23 -
@@ -143,7 +143,7 @@ icmp_init(void)
}
struct mbuf *
-icmp_do_error(struct mbuf *n, int type, int code, n_long dest, int destmtu)
+icmp_do_error(struct mbuf *n, int type, int code, u_int32_t dest, int destmtu)
{
struct ip *oip = mtod(n, struct ip *), *nip;
unsigned oiplen = oip->ip_hl << 2;
@@ -289,7 +289,7 @@ freeit:
* The ip packet inside has ip_off and ip_len in host byte order.
*/
void
-icmp_error(struct mbuf *n, int type, int code, n_long dest, int destmtu)
+icmp_error(struct mbuf *n, int type, int code, u_int32_t dest, int destmtu)
{
struct mbuf *m;
@@ -849,7 +849,7 @@ icmp_send(struct mbuf *m, struct mbuf *o
ip_output(m, opts, NULL, 0, NULL, NULL, 0);
}
-n_time
+u_int32_t
iptime(void)
{
struct timeval atv;
Index: netinet/ip_icmp.h
===
RCS file: /cvs/src/sys/netinet/ip_icmp.h,v
retrieving revision 1.25
diff -u -p -r1.25 ip_icmp.h
--- netinet/ip_icmp.h 8 Aug 2013 14:29:29 - 1.25
+++ netinet/ip_icmp.h 13 Jul 2014 07:48:23 -
@@ -51,8 +51,8 @@
* ICMP Router Advertisement data
*/
struct icmp_ra_addr {
- n_long ira_addr;
- n_long ira_preference;
+ u_int32_t ira_addr;
+ u_int32_t ira_preference;
};
/*
@@ -70,21 +70,21 @@ struct icmp {
} ih_exthdr;
struct in_addr ih_gwaddr; /* ICMP_REDIRECT */
struct ih_idseq {
- n_short icd_id;
- n_short icd_seq;
+ u_int16_t icd_id;
+ u_int16_t icd_seq;
} ih_idseq;
int32_t ih_void;
/* ICMP_UNREACH_NEEDFRAG -- Path MTU Discovery (RFC1191) */
struct ih_pmtu {
- n_short ipm_void;
- n_short ipm_nextmtu;
+ u_int16_t ipm_void;
+ u_int16_t ipm_nextmtu;
} ih_pmtu;
struct ih_rtradv {
u_int8_t irt_num_addrs;
u_int8_t irt_wpa;
- n_short irt_lifetime;
+ u_int16_t irt_lifetime;
} ih_rtradv;
} icmp_hun;
#defineicmp_pptr icmp_hun.ih_pptr
@@ -100,9 +100,9 @@ struct icmp {
#defineicmp_lifetime icmp_hun.ih_rtradv.irt_lifetime
union {
struct id_ts {
- n_time its_otime;
- n_time its_rtime;
-
Re: lynx: disable old protocols
Why haven't you left yet Shawn?
Re: lynx: disable old protocols
On Sun, Jul 13, 2014 at 02:26:10AM -0500, Shawn K. Quinn wrote: > On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote: > > wrt. auditing it, should we send patches here? Or upstream? > > I'd send them both places, if they apply cleanly to both sets of code. > Otherwise, send them here. I'd love to be proven wrong about the > maintainers not really giving a shit about the users, and accepting > packages which make gopher browsing "more secure" or "improve the code > quality" would help. > > BTW, I forgot to ask, where are the exploits for this poor quality code? > i.e. if I'm browsing a gopher site with the current Lynx as root, what > exactly do I have to stumble upon to get "owned?" Or is it just a "this > is ugly in a few places" kind of vague feeling by some devs? I have a > feeling there aren't any (exploits), but I thought I'd ask anyway. Sigh, you want to make use spend time on writing exploits for every potential problem found? That means any developemt will grind to a halt. If you don't trust our judgement, then don't use OpenBSD. -Otto
Re: lynx: disable old protocols
On Sun, 2014-07-13 at 01:38 -0600, Theo de Raadt wrote: > With your attitude, I beg you to please go run some other > operating system. The plan is when the first Bitrig release comes out, I'm done and switch to that. The donations I was going to make to your project later this year? Not anymore. They are either going to Bitrig, or maybe some even to the FSF. Oh, the latter I would love to do especially since you keep trashing Richard Stallman every chance you get, even after the FSF gave you an award. (Did they ever ask for that award back? The FSF is run by a lot of nice people. Maybe they are too nice to have asked for you to return the award, but they should have. The lack of gratitude shown by your ridicule of RMS after getting it is just plain atrocious and casts a black eye on the "open source" movement you claim to be part of.) By the way, you would not have had BSD source code to hack on without the efforts of RMS. Think about that next time before you insult him. Show a little fucking gratitude for a change. Until then, I'm going to keep a close eye on changes under /usr/src/gnu/usr.bin/lynx and undo them on my own system if it disables useful functionality. It's just outrageous I have to do this to keep things like gopher support. BTW, I still want to see an actual exploit. None of this "the code looks shitty" vagueness. Look hard enough, you'll find code that looks shitty everywhere. -- Shawn K. Quinn "OpenBSD: Where do you want to go today?"
Re: lynx: disable old protocols
Why haven't you left? Please leave. > On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote: > > wrt. auditing it, should we send patches here? Or upstream? > > I'd send them both places, if they apply cleanly to both sets of code. > Otherwise, send them here. I'd love to be proven wrong about the > maintainers not really giving a shit about the users, and accepting > packages which make gopher browsing "more secure" or "improve the code > quality" would help. > > BTW, I forgot to ask, where are the exploits for this poor quality code? > i.e. if I'm browsing a gopher site with the current Lynx as root, what > exactly do I have to stumble upon to get "owned?" Or is it just a "this > is ugly in a few places" kind of vague feeling by some devs? I have a > feeling there aren't any (exploits), but I thought I'd ask anyway. > > -- > Shawn K. Quinn >
Re: lynx: disable old protocols
On Sat, 2014-07-12 at 23:58 -0700, William Orr wrote: > wrt. auditing it, should we send patches here? Or upstream? I'd send them both places, if they apply cleanly to both sets of code. Otherwise, send them here. I'd love to be proven wrong about the maintainers not really giving a shit about the users, and accepting packages which make gopher browsing "more secure" or "improve the code quality" would help. BTW, I forgot to ask, where are the exploits for this poor quality code? i.e. if I'm browsing a gopher site with the current Lynx as root, what exactly do I have to stumble upon to get "owned?" Or is it just a "this is ugly in a few places" kind of vague feeling by some devs? I have a feeling there aren't any (exploits), but I thought I'd ask anyway. -- Shawn K. Quinn
Re: lynx: disable old protocols
With your attitude, I beg you to please go run some other operating system.
Re: lynx: disable old protocols
On 7/11/2014 2:03 AM, Theo de Raadt wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? I absolutely would use it if it were only available in ports. I only complain about gopher support being removed because lynx has the best gopher browsing experience around, and in OpenBSD-land, there's no alternative other than building it and installing it out-of-band. I would happily use a package, be it instead of or in addition to a stripped-down lynx in base. wrt. auditing it, should we send patches here? Or upstream?
