Re: sync bioctl manual

[Jason McIntyre]

On Thu, Oct 22, 2015 at 11:10:53AM +0300, Kirill Bychkov wrote:
> 
> Index: bioctl.8
> ===
> RCS file: /cvs/src/sbin/bioctl/bioctl.8,v
> retrieving revision 1.97
> diff -u -r1.97 bioctl.8
> --- bioctl.8  12 Sep 2015 14:21:25 -  1.97
> +++ bioctl.8  22 Oct 2015 08:10:10 -
> @@ -260,7 +260,6 @@
>  .It Fl p Ar passfile
>  Passphrase file used when crypto volumes are brought up.
>  This file must be root owned and have 0600 permissions.
> -This option cannot be used during the initial creation of the crypto volume.
>  .It Fl r Ar rounds
>  When creating an encrypted volume, specifies the number of iterations of
>  the PBKDF2 algorithm used to convert a passphrase into a key.
> 

fixed, thanks!
jmc

Re: smtpd: pledge, chmod and deliver_maildir

[Gilles Chehade]

On Wed, Oct 21, 2015 at 10:41:16PM +0200, Gregor Best wrote:
> Nice to see rubber duck debugging working. The attached patch seems to
> be enough
> 

Thanks.

There is work in progress to shring the pledge list but I have
committed this meanwhile to fix the immediate issue.


-- 
Gilles Chehade

https://www.poolp.org  @poolpOrg

Re: sync bioctl manual

[Kirill Bychkov]

On Thu, October 22, 2015 00:45, Jason McIntyre wrote:
> On Thu, Oct 22, 2015 at 12:35:53AM +0300, Kirill Bychkov wrote:
>> On Thu, October 22, 2015 00:16, Jason McIntyre wrote:
>> > On Wed, Oct 21, 2015 at 11:19:12PM +0300, Kirill Bychkov wrote:
>> >> Hi!
>> >> After halex@ removed a restriction to use passfile for creation of
>> >> crypto volume, man page wasn't changed to explain new behaviour.
>> >> OK?
>> >>
>> >
>> > why not just remove the sentence? if you really want to keep it, i
>>
>> An idea was to explicitly tell about this possibility because people still
>> may
>> think it's forbidden.
>>
>
> yes, i see that. but it cuts both ways - in a release or two, no one
> will remember we've put this there, and it will sound odd.
>
> i'd just zap it.

Makes sense.

> jmc
>
>> > suggest using "can" instead of "could also".
>>
>> I'll change it, if the line will remain in manual.
>>
>> >
>> > jmc
>> >

Index: bioctl.8
===
RCS file: /cvs/src/sbin/bioctl/bioctl.8,v
retrieving revision 1.97
diff -u -r1.97 bioctl.8
--- bioctl.812 Sep 2015 14:21:25 -  1.97
+++ bioctl.822 Oct 2015 08:10:10 -
@@ -260,7 +260,6 @@
 .It Fl p Ar passfile
 Passphrase file used when crypto volumes are brought up.
 This file must be root owned and have 0600 permissions.
-This option cannot be used during the initial creation of the crypto volume.
 .It Fl r Ar rounds
 When creating an encrypted volume, specifies the number of iterations of
 the PBKDF2 algorithm used to convert a passphrase into a key.

Re: towards mpsafe rtfree(9)

[Bret Lambert]

On Thu, Oct 22, 2015 at 07:42:24PM +0200, Martin Pieuchot wrote:
> Now that we have a single refcounting mechanism for route entries, I'd
> like to use atomic operations and grab the KERNEL_LOCK only if a CPU is
> dropping the last reference on an entry.
> 
> Currently this only matters for MPLS.  I intentionally use atomic_* ops
> because I'd like to see be able to see if a counter goes negative.
> 
> For symmetry reasons I'm also moving the KERNEL_LOCK() inside rtalloc().
> These two functions are my current targets.
> 
> Comments, oks?

One comment inline...

> 
> Index: sys/net/route.c
> ===
> RCS file: /cvs/src/sys/net/route.c,v
> retrieving revision 1.258
> diff -u -p -r1.258 route.c
> --- sys/net/route.c   22 Oct 2015 17:19:38 -  1.258
> +++ sys/net/route.c   22 Oct 2015 17:21:52 -
> @@ -215,6 +215,7 @@ rtalloc(struct sockaddr *dst, int flags,
>   info.rti_info[RTAX_DST] = dst;
>  
>   s = splsoftnet();
> + KERNEL_LOCK();
>   rt = rtable_match(tableid, dst);
>   if (rt != NULL) {
>   if ((rt->rt_flags & RTF_CLONING) && ISSET(flags, RT_RESOLVE)) {
> @@ -236,6 +237,7 @@ miss:
>   if (ISSET(flags, RT_REPORT))
>   rt_missmsg(RTM_MISS, , 0, NULL, error, tableid);
>   }
> + KERNEL_UNLOCK();
>   splx(s);
>   return (rt);
>  }
> @@ -337,7 +339,7 @@ rtalloc_mpath(struct sockaddr *dst, uint
>  void
>  rtref(struct rtentry *rt)
>  {
> - rt->rt_refcnt++;
> + atomic_inc_int(>rt_refcnt);
>  }
>  
>  void
> @@ -348,14 +350,16 @@ rtfree(struct rtentry *rt)
>   if (rt == NULL)
>   return;
>  
> - if (--rt->rt_refcnt <= 0) {
> + if (atomic_dec_int_nv(>rt_refcnt) <= 0) {
>   KASSERT(!ISSET(rt->rt_flags, RTF_UP));
>   KASSERT(!RT_ROOT(rt));
> - rttrash--;
> + atomic_dec_int();

Are you using rttrash for debugging? It's unused anywhere else,
and if it's just incrementing and decrementing a counter only
used for debugging (or possibly not at all!), it might be
better to put it in DEBUG kernels, or just remove it entirely.

>   if (rt->rt_refcnt < 0) {
>   printf("rtfree: %p not freed (neg refs)\n", rt);
>   return;
>   }
> +
> + KERNEL_LOCK();
>   rt_timer_remove_all(rt);
>   ifa = rt->rt_ifa;
>   if (ifa)
> @@ -368,6 +372,8 @@ rtfree(struct rtentry *rt)
>   if (rt->rt_gateway)
>   free(rt->rt_gateway, M_RTABLE, 0);
>   free(rt_key(rt), M_RTABLE, 0);
> + KERNEL_UNLOCK();
> +
>   pool_put(_pool, rt);
>   }
>  }
> @@ -773,7 +779,7 @@ rtrequest1(int req, struct rt_addrinfo *
>   rt->rt_flags &= ~RTF_UP;
>   if ((ifa = rt->rt_ifa) && ifa->ifa_rtrequest)
>   ifa->ifa_rtrequest(RTM_DELETE, rt);
> - rttrash++;
> + atomic_inc_int();
>  
>   if (ret_nrt != NULL)
>   *ret_nrt = rt;
> Index: sys/netmpls/mpls_input.c
> ===
> RCS file: /cvs/src/sys/netmpls/mpls_input.c,v
> retrieving revision 1.50
> diff -u -p -r1.50 mpls_input.c
> --- sys/netmpls/mpls_input.c  23 Sep 2015 08:49:46 -  1.50
> +++ sys/netmpls/mpls_input.c  22 Oct 2015 17:21:52 -
> @@ -170,9 +170,7 @@ do_v6:
>   }
>   }
>  
> - KERNEL_LOCK();
>   rt = rtalloc(smplstosa(smpls), RT_REPORT|RT_RESOLVE, 0);
> - KERNEL_UNLOCK();
>   if (rt == NULL) {
>   /* no entry for this label */
>  #ifdef MPLS_DEBUG
> @@ -290,9 +288,7 @@ do_v6:
>   if (ifp != NULL && rt_mpls->mpls_operation != MPLS_OP_LOCAL)
>   break;
>  
> - KERNEL_LOCK();
>   rtfree(rt);
> - KERNEL_UNLOCK();
>   rt = NULL;
>   }
>  
> @@ -323,11 +319,7 @@ do_v6:
>   (*ifp->if_ll_output)(ifp, m, smplstosa(smpls), rt);
>   KERNEL_UNLOCK();
>  done:
> - if (rt) {
> - KERNEL_LOCK();
> - rtfree(rt);
> - KERNEL_UNLOCK();
> - }
> + rtfree(rt);
>  }
>  
>  int
> @@ -394,7 +386,7 @@ mpls_do_error(struct mbuf *m, int type, 
>   struct in_ifaddr *ia;
>   struct icmp *icp;
>   struct ip *ip;
> - int nstk;
> + int nstk, error;
>  
>   for (nstk = 0; nstk < MPLS_INKERNEL_LOOP_MAX; nstk++) {
>   if (m->m_len < sizeof(*shim) &&
> @@ -427,9 +419,7 @@ mpls_do_error(struct mbuf *m, int type, 
>   smpls->smpls_len = sizeof(*smpls);
>   smpls->smpls_label = shim->shim_label & MPLS_LABEL_MASK;
>  
> - KERNEL_LOCK();
>   rt = rtalloc(smplstosa(smpls), RT_REPORT|RT_RESOLVE, 0);
> - KERNEL_UNLOCK();
>   if (rt == 

Re: mpsafe gem(4)

[Alexey Suslikov]

Martin Pieuchot  openbsd.org> writes:

> + /*
> +  * If we have enough room, clear IFF_OACTIVE to tell the stack
> +  * that it iss OK to send packets.
> +  */

there's a typo here. "that it iss" should be "that it is".

Re: Kill link_rtrequest()

[Claudio Jeker]

On Thu, Oct 22, 2015 at 06:50:01PM +0200, Martin Pieuchot wrote:
> On 19/10/15(Mon) 14:07, Martin Pieuchot wrote:
> > This function is a no-op, let's kill it.
> 
> Anybody?

What could go wrong? (mwhahahaha)
Put it in and lets see on which dragons tail we're jumping around this
time. 

 
> > 
> > Index: net/if.c
> > ===
> > RCS file: /cvs/src/sys/net/if.c,v
> > retrieving revision 1.389
> > diff -u -p -r1.389 if.c
> > --- net/if.c12 Oct 2015 13:17:58 -  1.389
> > +++ net/if.c19 Oct 2015 11:43:32 -
> > @@ -1274,30 +1274,6 @@ ifaof_ifpforaddr(struct sockaddr *addr, 
> >  }
> >  
> >  /*
> > - * Default action when installing a route with a Link Level gateway.
> > - * Lookup an appropriate real ifa to point to.
> > - * This should be moved to /sys/net/link.c eventually.
> > - */
> > -void
> > -link_rtrequest(int cmd, struct rtentry *rt)
> > -{
> > -   struct ifaddr *ifa;
> > -   struct sockaddr *dst;
> > -   struct ifnet *ifp;
> > -
> > -   if (cmd != RTM_ADD || ((ifa = rt->rt_ifa) == 0) ||
> > -   ((ifp = ifa->ifa_ifp) == 0) || ((dst = rt_key(rt)) == 0))
> > -   return;
> > -   if ((ifa = ifaof_ifpforaddr(dst, ifp)) != NULL) {
> > -   ifa->ifa_refcnt++;
> > -   ifafree(rt->rt_ifa);
> > -   rt->rt_ifa = ifa;
> > -   if (ifa->ifa_rtrequest && ifa->ifa_rtrequest != link_rtrequest)
> > -   ifa->ifa_rtrequest(cmd, rt);
> > -   }
> > -}
> > -
> > -/*
> >   * Default action when installing a local route on a point-to-point
> >   * interface.
> >   */
> > Index: net/if_enc.c
> > ===
> > RCS file: /cvs/src/sys/net/if_enc.c,v
> > retrieving revision 1.60
> > diff -u -p -r1.60 if_enc.c
> > --- net/if_enc.c14 Mar 2015 03:38:51 -  1.60
> > +++ net/if_enc.c19 Oct 2015 11:38:10 -
> > @@ -103,7 +103,6 @@ enc_clone_create(struct if_clone *ifc, i
> >  */
> > if_alloc_sadl(ifp);
> > sc->sc_ifa.ifa_ifp = ifp;
> > -   sc->sc_ifa.ifa_rtrequest = link_rtrequest;
> > sc->sc_ifa.ifa_addr = (struct sockaddr *)ifp->if_sadl;
> > sc->sc_ifa.ifa_netmask = NULL;
> >  
> > Index: net/if_mpe.c
> > ===
> > RCS file: /cvs/src/sys/net/if_mpe.c,v
> > retrieving revision 1.47
> > diff -u -p -r1.47 if_mpe.c
> > --- net/if_mpe.c12 Sep 2015 20:50:17 -  1.47
> > +++ net/if_mpe.c19 Oct 2015 11:38:00 -
> > @@ -104,7 +104,6 @@ mpe_clone_create(struct if_clone *ifc, i
> >  #endif
> >  
> > mpeif->sc_ifa.ifa_ifp = ifp;
> > -   mpeif->sc_ifa.ifa_rtrequest = link_rtrequest;
> > mpeif->sc_ifa.ifa_addr = (struct sockaddr *) ifp->if_sadl;
> > mpeif->sc_smpls.smpls_len = sizeof(mpeif->sc_smpls);
> > mpeif->sc_smpls.smpls_family = AF_MPLS;
> > Index: net/if_mpw.c
> > ===
> > RCS file: /cvs/src/sys/net/if_mpw.c,v
> > retrieving revision 1.6
> > diff -u -p -r1.6 if_mpw.c
> > --- net/if_mpw.c12 Sep 2015 20:50:17 -  1.6
> > +++ net/if_mpw.c19 Oct 2015 11:37:53 -
> > @@ -104,7 +104,6 @@ mpw_clone_create(struct if_clone *ifc, i
> > if_alloc_sadl(ifp);
> >  
> > sc->sc_ifa.ifa_ifp = ifp;
> > -   sc->sc_ifa.ifa_rtrequest = link_rtrequest;
> > sc->sc_ifa.ifa_addr = (struct sockaddr *) ifp->if_sadl;
> > sc->sc_smpls.smpls_len = sizeof(sc->sc_smpls);
> > sc->sc_smpls.smpls_family = AF_MPLS;
> > Index: net/if_var.h
> > ===
> > RCS file: /cvs/src/sys/net/if_var.h,v
> > retrieving revision 1.48
> > diff -u -p -r1.48 if_var.h
> > --- net/if_var.h12 Oct 2015 13:17:58 -  1.48
> > +++ net/if_var.h19 Oct 2015 11:38:22 -
> > @@ -422,7 +422,6 @@ struct  ifaddr *ifa_ifwithdstaddr(struct 
> >  struct ifaddr *ifa_ifwithnet(struct sockaddr *, u_int);
> >  struct ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *);
> >  void   ifafree(struct ifaddr *);
> > -void   link_rtrequest(int, struct rtentry *);
> >  void   p2p_rtrequest(int, struct rtentry *);
> >  
> >  void   if_clone_attach(struct if_clone *);
> > 
> 

-- 
:wq Claudio

towards mpsafe rtfree(9)

[Martin Pieuchot]

Now that we have a single refcounting mechanism for route entries, I'd
like to use atomic operations and grab the KERNEL_LOCK only if a CPU is
dropping the last reference on an entry.

Currently this only matters for MPLS.  I intentionally use atomic_* ops
because I'd like to see be able to see if a counter goes negative.

For symmetry reasons I'm also moving the KERNEL_LOCK() inside rtalloc().
These two functions are my current targets.

Comments, oks?

Index: sys/net/route.c
===
RCS file: /cvs/src/sys/net/route.c,v
retrieving revision 1.258
diff -u -p -r1.258 route.c
--- sys/net/route.c 22 Oct 2015 17:19:38 -  1.258
+++ sys/net/route.c 22 Oct 2015 17:21:52 -
@@ -215,6 +215,7 @@ rtalloc(struct sockaddr *dst, int flags,
info.rti_info[RTAX_DST] = dst;
 
s = splsoftnet();
+   KERNEL_LOCK();
rt = rtable_match(tableid, dst);
if (rt != NULL) {
if ((rt->rt_flags & RTF_CLONING) && ISSET(flags, RT_RESOLVE)) {
@@ -236,6 +237,7 @@ miss:
if (ISSET(flags, RT_REPORT))
rt_missmsg(RTM_MISS, , 0, NULL, error, tableid);
}
+   KERNEL_UNLOCK();
splx(s);
return (rt);
 }
@@ -337,7 +339,7 @@ rtalloc_mpath(struct sockaddr *dst, uint
 void
 rtref(struct rtentry *rt)
 {
-   rt->rt_refcnt++;
+   atomic_inc_int(>rt_refcnt);
 }
 
 void
@@ -348,14 +350,16 @@ rtfree(struct rtentry *rt)
if (rt == NULL)
return;
 
-   if (--rt->rt_refcnt <= 0) {
+   if (atomic_dec_int_nv(>rt_refcnt) <= 0) {
KASSERT(!ISSET(rt->rt_flags, RTF_UP));
KASSERT(!RT_ROOT(rt));
-   rttrash--;
+   atomic_dec_int();
if (rt->rt_refcnt < 0) {
printf("rtfree: %p not freed (neg refs)\n", rt);
return;
}
+
+   KERNEL_LOCK();
rt_timer_remove_all(rt);
ifa = rt->rt_ifa;
if (ifa)
@@ -368,6 +372,8 @@ rtfree(struct rtentry *rt)
if (rt->rt_gateway)
free(rt->rt_gateway, M_RTABLE, 0);
free(rt_key(rt), M_RTABLE, 0);
+   KERNEL_UNLOCK();
+
pool_put(_pool, rt);
}
 }
@@ -773,7 +779,7 @@ rtrequest1(int req, struct rt_addrinfo *
rt->rt_flags &= ~RTF_UP;
if ((ifa = rt->rt_ifa) && ifa->ifa_rtrequest)
ifa->ifa_rtrequest(RTM_DELETE, rt);
-   rttrash++;
+   atomic_inc_int();
 
if (ret_nrt != NULL)
*ret_nrt = rt;
Index: sys/netmpls/mpls_input.c
===
RCS file: /cvs/src/sys/netmpls/mpls_input.c,v
retrieving revision 1.50
diff -u -p -r1.50 mpls_input.c
--- sys/netmpls/mpls_input.c23 Sep 2015 08:49:46 -  1.50
+++ sys/netmpls/mpls_input.c22 Oct 2015 17:21:52 -
@@ -170,9 +170,7 @@ do_v6:
}
}
 
-   KERNEL_LOCK();
rt = rtalloc(smplstosa(smpls), RT_REPORT|RT_RESOLVE, 0);
-   KERNEL_UNLOCK();
if (rt == NULL) {
/* no entry for this label */
 #ifdef MPLS_DEBUG
@@ -290,9 +288,7 @@ do_v6:
if (ifp != NULL && rt_mpls->mpls_operation != MPLS_OP_LOCAL)
break;
 
-   KERNEL_LOCK();
rtfree(rt);
-   KERNEL_UNLOCK();
rt = NULL;
}
 
@@ -323,11 +319,7 @@ do_v6:
(*ifp->if_ll_output)(ifp, m, smplstosa(smpls), rt);
KERNEL_UNLOCK();
 done:
-   if (rt) {
-   KERNEL_LOCK();
-   rtfree(rt);
-   KERNEL_UNLOCK();
-   }
+   rtfree(rt);
 }
 
 int
@@ -394,7 +386,7 @@ mpls_do_error(struct mbuf *m, int type, 
struct in_ifaddr *ia;
struct icmp *icp;
struct ip *ip;
-   int nstk;
+   int nstk, error;
 
for (nstk = 0; nstk < MPLS_INKERNEL_LOOP_MAX; nstk++) {
if (m->m_len < sizeof(*shim) &&
@@ -427,9 +419,7 @@ mpls_do_error(struct mbuf *m, int type, 
smpls->smpls_len = sizeof(*smpls);
smpls->smpls_label = shim->shim_label & MPLS_LABEL_MASK;
 
-   KERNEL_LOCK();
rt = rtalloc(smplstosa(smpls), RT_REPORT|RT_RESOLVE, 0);
-   KERNEL_UNLOCK();
if (rt == NULL) {
/* no entry for this label */
m_freem(m);
@@ -442,19 +432,16 @@ mpls_do_error(struct mbuf *m, int type, 
 * less interface we need to find some other IP to
 * use as source.
 */
-   KERNEL_LOCK();
rtfree(rt);
-   KERNEL_UNLOCK();

carp_iamatch() tweak

[Martin Pieuchot]

Instead of passing an ``ia'' to dereference ``ia_ifp'', pass ``ifp''
directly, we have it.

ok?

Index: netinet/if_ether.c
===
RCS file: /cvs/src/sys/netinet/if_ether.c,v
retrieving revision 1.172
diff -u -p -r1.172 if_ether.c
--- netinet/if_ether.c  13 Oct 2015 10:21:27 -  1.172
+++ netinet/if_ether.c  22 Oct 2015 10:32:51 -
@@ -578,7 +578,7 @@ in_arpinput(struct mbuf *m)
(IFF_UP|IFF_RUNNING))) {
if (op == ARPOP_REPLY)
break;
-   if (carp_iamatch(ifatoia(ifa), ea->arp_sha,
+   if (carp_iamatch(ifp, ea->arp_sha,
, _shost))
break;
else
Index: netinet/ip_carp.c
===
RCS file: /cvs/src/sys/netinet/ip_carp.c,v
retrieving revision 1.276
diff -u -p -r1.276 ip_carp.c
--- netinet/ip_carp.c   14 Oct 2015 13:59:31 -  1.276
+++ netinet/ip_carp.c   22 Oct 2015 10:32:51 -
@@ -1355,10 +1355,10 @@ carp_update_lsmask(struct carp_softc *sc
 }
 
 int
-carp_iamatch(struct in_ifaddr *ia, u_char *src, u_int8_t **sha,
+carp_iamatch(struct ifnet *ifp, u_char *src, u_int8_t **sha,
 u_int8_t **ether_shost)
 {
-   struct carp_softc *sc = ia->ia_ifp->if_softc;
+   struct carp_softc *sc = ifp->if_softc;
struct carp_vhost_entry *vhe = SRPL_FIRST_LOCKED(>carp_vhosts);
 
KERNEL_ASSERT_LOCKED(); /* touching carp_vhosts */
Index: netinet/ip_carp.h
===
RCS file: /cvs/src/sys/netinet/ip_carp.h,v
retrieving revision 1.34
diff -u -p -r1.34 ip_carp.h
--- netinet/ip_carp.h   8 Jun 2015 13:40:48 -   1.34
+++ netinet/ip_carp.h   22 Oct 2015 10:32:50 -
@@ -168,7 +168,7 @@ void carp_proto_input (struct mbuf *, 
 voidcarp_carpdev_state(void *);
 voidcarp_group_demote_adj(struct ifnet *, int, char *);
 int carp6_proto_input(struct mbuf **, int *, int);
-int carp_iamatch(struct in_ifaddr *, u_char *, u_int8_t **,
+int carp_iamatch(struct ifnet *, u_char *, u_int8_t **,
 u_int8_t **);
 int carp_iamatch6(struct ifnet *, u_char *, struct sockaddr_dl **);
 struct ifnet   *carp_ourether(void *, u_int8_t *);

rt_ifa_add() dead code

[Martin Pieuchot]

RTAX_IFA is specified so rt_getifa() is never called and this is simply
dead code.

ok?

Index: net/route.c
===
RCS file: /cvs/src/sys/net/route.c,v
retrieving revision 1.254
diff -u -p -r1.254 route.c
--- net/route.c 21 Oct 2015 08:21:06 -  1.254
+++ net/route.c 22 Oct 2015 11:02:00 -
@@ -1133,19 +1133,6 @@ rt_ifa_add(struct ifaddr *ifa, int flags
 
error = rtrequest1(RTM_ADD, , prio, , rtableid);
if (error == 0) {
-   if (rt->rt_ifa != ifa) {
-   printf("%s: wrong ifa (%p) was (%p)\n", __func__,
-   ifa, rt->rt_ifa);
-   if (rt->rt_ifa->ifa_rtrequest)
-   rt->rt_ifa->ifa_rtrequest(RTM_DELETE, rt);
-   ifafree(rt->rt_ifa);
-   rt->rt_ifa = ifa;
-   rt->rt_ifp = ifa->ifa_ifp;
-   ifa->ifa_refcnt++;
-   if (ifa->ifa_rtrequest)
-   ifa->ifa_rtrequest(RTM_ADD, rt);
-   }
-
/*
 * A local route is created for every address configured
 * on an interface, so use this information to notify

Fwd: Allow bioctl to go through all controllers at once

[Vadim Zhukov]

ping?
--
  WBR,
  Vadim Zhukov



-- Forwarded message --
From: Vadim Zhukov 
Date: 2015-10-01 21:59 GMT+03:00
Subject: Allow bioctl to go through all controllers at once
To: tech@openbsd.org


Hi all.

I've recently found that this patch still produces M's in my tree.
What it does is going through all bio(4)-enabled controllers in system,
like ifconfig -A does. I didn't add SMALL_KERNEL ifdefs since its very
useful on ramdisks, IMHO, but I don't insist on that.

Any objections/okays/showers?

--
WBR,
  Vadim Zhukov


Index: sys/dev/bio.c
===
RCS file: /cvs/src/sys/dev/bio.c,v
retrieving revision 1.17
diff -u -p -r1.17 bio.c
--- sys/dev/bio.c   26 Aug 2015 22:28:57 -  1.17
+++ sys/dev/bio.c   1 Oct 2015 18:53:18 -
@@ -52,6 +52,7 @@ int   bioopen(dev_t, int, int, struct proc
 intbio_delegate_ioctl(struct bio_mapping *, u_long, caddr_t);
 struct bio_mapping *bio_lookup(char *);
 intbio_validate(void *);
+intbio_listcontrollers(struct bioc_controllerlist *);

 void
 bioattach(int nunits)
@@ -89,6 +90,9 @@ bioioctl(dev_t dev, u_long cmd, caddr_t
return (ENOENT);
break;

+   case BIOCLISTCONTROLLERS:
+   return (bio_listcontrollers((struct bioc_controllerlist*)addr));
+
case BIOCINQ:
case BIOCDISK:
case BIOCVOL:
@@ -138,6 +142,32 @@ bio_unregister(struct device *dev)
free(bm, M_DEVBUF, sizeof(*bm));
}
}
+}
+
+int
+bio_listcontrollers(struct bioc_controllerlist *bcl) {
+   struct bio_mapping *bm;
+   int error, i;
+
+   if (bcl->bcl_size < 0)
+   return EINVAL;
+   if (bcl->bcl_size == 0) {
+   LIST_FOREACH(bm, , bm_link)
+   bcl->bcl_size++;
+   return 0;
+   }
+   i = 0;
+   LIST_FOREACH(bm, , bm_link) {
+   error = copyoutstr(bm->bm_dev->dv_xname,
+   bcl->bcl_list[i].bc_xname,
+   sizeof(bcl->bcl_list[i].bc_xname), NULL);
+   if (error)
+   return (error);
+   if (++i == bcl->bcl_size)
+   break;
+   }
+   bcl->bcl_size = i;
+   return 0;
 }

 struct bio_mapping *
Index: sys/dev/biovar.h
===
RCS file: /cvs/src/sys/dev/biovar.h,v
retrieving revision 1.44
diff -u -p -r1.44 biovar.h
--- sys/dev/biovar.h29 May 2015 00:33:37 -  1.44
+++ sys/dev/biovar.h1 Oct 2015 18:53:18 -
@@ -277,6 +277,15 @@ struct bioc_patrol {
int bp_autonow;
 };

+#define BIOCLISTCONTROLLERS _IOWR('B', 43, struct bioc_controllerlist)
+struct bioc_controller {
+   charbc_xname[16];
+};
+struct bioc_controllerlist {
+   struct bioc_controller  *bcl_list;
+   int  bcl_size;
+};
+
 /* kernel and userspace defines */
 #define BIOC_INQ   0x0001
 #define BIOC_DISK  0x0002
Index: sbin/bioctl/bioctl.c
===
RCS file: /cvs/src/sbin/bioctl/bioctl.c,v
retrieving revision 1.129
diff -u -p -r1.129 bioctl.c
--- sbin/bioctl/bioctl.c18 Jul 2015 23:23:20 -  1.129
+++ sbin/bioctl/bioctl.c1 Oct 2015 18:53:18 -
@@ -69,7 +69,8 @@ void  bio_kdf_generate(struct sr_crypto
 void   derive_key_pkcs(int, u_int8_t *, size_t, u_int8_t *,
size_t, char *, int);

-void   bio_inq(char *);
+void   bio_listall();
+void   bio_inq(char *, int);
 void   bio_alarm(char *);
 intbio_getvolbyname(char *);
 void   bio_setstate(char *, int, char *);
@@ -110,12 +111,17 @@ main(int argc, char *argv[])
u_int16_t   cr_level = 0;
int biodev = 0;

-   if (argc < 2)
-   usage();
+   if (argc < 2) {
+   bio_listall();
+   return 0;
+   }

-   while ((ch = getopt(argc, argv, "a:b:C:c:dH:hik:l:O:Pp:qr:R:st:u:v")) !=
+   while ((ch = getopt(argc, argv,
"Aa:b:C:c:dH:hik:l:O:Pp:qr:R:st:u:v")) !=
-1) {
switch (ch) {
+   case 'A':
+   bio_listall();
+   return 0;
case 'a': /* alarm */
func |= BIOC_ALARM;
al_arg = optarg;
@@ -243,7 +249,7 @@ main(int argc, char *argv[])
} else if (changepass && !biodev) {
bio_changepass(devicename);
} else if (func & BIOC_INQ) {
-   bio_inq(devicename);
+   bio_inq(devicename, 0);
} else if (func == BIOC_ALARM) {
bio_alarm(al_arg);
} else if (func == BIOC_BLINK) {
@@ -273,7 

Do not change rt_ifa after insertion

[Martin Pieuchot]

Either because it has been specified in rt_ifa_add() or because
rt_getifa() returns you the correct one.  So if the key of a route
matches an address on the ifp it *must* be the same ifa.

Let's make sure of that, ok?

Index: net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.390
diff -u -p -r1.390 if.c
--- net/if.c22 Oct 2015 10:46:26 -  1.390
+++ net/if.c22 Oct 2015 11:06:11 -
@@ -1321,6 +1321,8 @@ p2p_rtrequest(int req, struct rtentry *r
if (ifa == NULL)
break;
 
+   KASSERT(ifa == rt->rt_ifa);
+
/*
 * XXX Since lo0 is in the default rdomain we should not
 * (ab)use it for any route related to an interface of a
@@ -1335,17 +1337,6 @@ p2p_rtrequest(int req, struct rtentry *r
break;
 
rt->rt_flags &= ~RTF_LLINFO;
-
-   /*
-* make sure to set rt->rt_ifa to the interface
-* address we are using, otherwise we will have trouble
-* with source address selection.
-*/
-   if (ifa != rt->rt_ifa) {
-   ifafree(rt->rt_ifa);
-   ifa->ifa_refcnt++;
-   rt->rt_ifa = ifa;
-   }
break;
case RTM_DELETE:
case RTM_RESOLVE:
Index: netinet/if_ether.c
===
RCS file: /cvs/src/sys/netinet/if_ether.c,v
retrieving revision 1.172
diff -u -p -r1.172 if_ether.c
--- netinet/if_ether.c  13 Oct 2015 10:21:27 -  1.172
+++ netinet/if_ether.c  22 Oct 2015 11:06:13 -
@@ -235,17 +235,8 @@ arp_rtrequest(int req, struct rtentry *r
break;
}
if (ifa) {
+   KASSERT(ifa == rt->rt_ifa);
rt->rt_expire = 0;
-   /*
-* make sure to set rt->rt_ifa to the interface
-* address we are using, otherwise we will have trouble
-* with source address selection.
-*/
-   if (ifa != rt->rt_ifa) {
-   ifafree(rt->rt_ifa);
-   ifa->ifa_refcnt++;
-   rt->rt_ifa = ifa;
-   }
}
break;
 
Index: netinet6/nd6.c
===
RCS file: /cvs/src/sys/netinet6/nd6.c,v
retrieving revision 1.156
diff -u -p -r1.156 nd6.c
--- netinet6/nd6.c  22 Oct 2015 10:27:22 -  1.156
+++ netinet6/nd6.c  22 Oct 2015 11:06:15 -
@@ -1103,20 +1103,7 @@ nd6_rtrequest(int req, struct rtentry *r
nd6_llinfo_settimer(ln, -1);
ln->ln_state = ND6_LLINFO_REACHABLE;
ln->ln_byhint = 0;
-
-   /*
-* Make sure rt_ifa be equal to the ifaddr
-* corresponding to the address.
-* We need this because when we refer
-* rt_ifa->ia6_flags in ip6_input, we assume
-* that the rt_ifa points to the address instead
-* of the loopback address.
-*/
-   if (ifa != rt->rt_ifa) {
-   ifafree(rt->rt_ifa);
-   ifa->ifa_refcnt++;
-   rt->rt_ifa = ifa;
-   }
+   KASSERT(ifa == rt->rt_ifa);
} else if (rt->rt_flags & RTF_ANNOUNCE) {
nd6_llinfo_settimer(ln, -1);
ln->ln_state = ND6_LLINFO_REACHABLE;

pledge(2) in quiz(6)

[Jan Stary]

games/quiz.c popen()s a PAGER to display the help message.
Throw that away and let the use pipe into a PAGER if needed.
Then we can just pledge "stdio rpath".

Jan


Index: quiz.c
===
RCS file: /cvs/src/games/quiz/quiz.c,v
retrieving revision 1.21
diff -u -p -u -p -r1.21 quiz.c
--- quiz.c  29 Aug 2013 20:22:18 -  1.21
+++ quiz.c  22 Oct 2015 11:42:42 -
@@ -66,6 +66,9 @@ main(int argc, char *argv[])
int ch;
const char *indexfile;
 
+   if (pledge("stdio rpath", NULL) == -1)
+   err(1, "pledge");
+
indexfile = _PATH_QUIZIDX;
while ((ch = getopt(argc, argv, "i:t")) != -1)
switch(ch) {
@@ -144,30 +147,21 @@ show_index(void)
 {
QE *qp;
const char *p, *s;
-   FILE *pf;
-   const char *pager;
 
-   if (!isatty(1))
-   pager = "/bin/cat";
-   else if (!(pager = getenv("PAGER")) || (*pager == 0))
-   pager = _PATH_PAGER;
-   if ((pf = popen(pager, "w")) == NULL)
-   err(1, "%s", pager);
-   (void)fprintf(pf, "Subjects:\n\n");
+   printf("Subjects:\n\n");
for (qp = qlist.q_next; qp; qp = qp->q_next) {
for (s = next_cat(qp->q_text); s; s = next_cat(s)) {
if (!rxp_compile(s))
errx(1, "%s", rxperr);
if ((p = rxp_expand()))
-   (void)fprintf(pf, "%s ", p);
+   printf("%s ", p);
}
-   (void)fprintf(pf, "\n");
+   printf("\n");
}
-   (void)fprintf(pf, "\n%s\n%s\n%s\n",
+   printf("\n%s\n%s\n%s\n",
 "For example, \"quiz victim killer\" prints a victim's name and you reply",
 "with the killer, and \"quiz killer victim\" works the other way around.",
 "Type an empty line to get the correct answer.");
-   (void)pclose(pf);
 }
 
 void

axphy(4): new dumb driver for axe(4) phys

[Paul Irofti]

The following diff adds a basic PHY for Axis dongles.

Changes:
ukphy0 at axe0 phy 16: Generic IEEE 802.3u media interface, rev. 1: OUI 
0x000ec6, model 0x0001
ukphy0 at axe0 phy 16: Generic IEEE 802.3u media interface, rev. 1: OUI 
0x000ec6, model 0x0008

To:
axphy0 at axe0 phy 16: AX88772 10/100 PHY, rev. 1
axphy0 at axe0 phy 16: AX88772B 10/100 PHY, rev. 1

Tested on landisk and amd64. Okay?

Index: dev/mii/axphy.c
===
RCS file: dev/mii/axphy.c
diff -N dev/mii/axphy.c
--- /dev/null   1 Jan 1970 00:00:00 -
+++ dev/mii/axphy.c 22 Oct 2015 22:03:32 -
@@ -0,0 +1,174 @@
+/* $OpenBSD$   */
+
+/*
+ * Copyright (c) 2015 Paul Irofti 
+ *
+ * Permission to use, copy, modify, and/or distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+#include 
+#include 
+#include 
+
+struct axphy_softc {
+   struct mii_softcsc_mii; /* common mii device part */
+
+   uint8_t sc_current_page;
+};
+
+intaxphymatch(struct device *, void *, void *);
+void   axphyattach(struct device *, struct device *, void *);
+
+struct cfattach axphy_ca = { sizeof(struct axphy_softc),
+   axphymatch, axphyattach, mii_phy_detach,
+};
+
+struct cfdriver axphy_cd = {
+   NULL, "axphy", DV_DULL
+};
+
+intaxphy_service(struct mii_softc *, struct mii_data *, int);
+void   axphy_status(struct mii_softc *);
+void   axphy_reset(struct mii_softc *);
+
+const struct mii_phy_funcs axphy_funcs = {
+   axphy_service, ukphy_status, mii_phy_reset,
+};
+
+static const struct mii_phydesc axphys[] = {
+   { MII_OUI_ASIX, MII_MODEL_ASIX_AX88772,
+ MII_STR_ASIX_AX88772 },
+   { MII_OUI_ASIX, MII_MODEL_ASIX_AX88772B,
+ MII_STR_ASIX_AX88772B },
+
+   { 0,0,
+ NULL },
+};
+
+int
+axphymatch(struct device *parent, void *match, void *aux)
+{
+   struct mii_attach_args *ma = aux;
+
+   if (mii_phy_match(ma, axphys) != NULL)
+   return (10);
+
+   return (0);
+}
+
+void
+axphyattach(struct device *parent, struct device *self, void *aux)
+{
+   struct axphy_softc *bsc = (struct axphy_softc *)self;
+   struct mii_softc *sc = >sc_mii;
+   struct mii_attach_args *ma = aux;
+   struct mii_data *mii = ma->mii_data;
+   const struct mii_phydesc *mpd;
+
+   mpd = mii_phy_match(ma, axphys);
+   printf(": %s, rev. %d\n", mpd->mpd_name, MII_REV(ma->mii_id2));
+
+   sc->mii_inst = mii->mii_instance;
+   sc->mii_phy = ma->mii_phyno;
+   sc->mii_funcs = _funcs;
+   sc->mii_model = MII_MODEL(ma->mii_id2);
+   sc->mii_rev = MII_REV(ma->mii_id2);
+   sc->mii_pdata = mii;
+   sc->mii_flags = ma->mii_flags;
+   sc->mii_anegticks = MII_ANEGTICKS_GIGE;
+
+   sc->mii_flags |= MIIF_NOISOLATE | MIIF_NOLOOP;
+
+   sc->mii_capabilities = PHY_READ(sc, MII_BMSR) & ma->mii_capmask;
+
+   if (sc->mii_capabilities & BMSR_EXTSTAT)
+   sc->mii_extcapabilities = PHY_READ(sc, MII_EXTSR);
+   if ((sc->mii_capabilities & BMSR_MEDIAMASK) ||
+   (sc->mii_extcapabilities & EXTSR_MEDIAMASK))
+   mii_phy_add_media(sc);
+
+   PHY_RESET(sc);
+}
+
+int
+axphy_service(struct mii_softc *sc, struct mii_data *mii, int cmd)
+{
+   struct ifmedia_entry *ife = mii->mii_media.ifm_cur;
+   int reg;
+
+   if ((sc->mii_dev.dv_flags & DVF_ACTIVE) == 0)
+   return (ENXIO);
+
+   switch (cmd) {
+   case MII_POLLSTAT:
+   /*
+* If we're not polling our PHY instance, just return.
+*/
+   if (IFM_INST(ife->ifm_media) != sc->mii_inst)
+   return (0);
+   break;
+
+   case MII_MEDIACHG:
+   /*
+* If the media indicates a different PHY instance,
+* isolate ourselves.
+*/
+   if (IFM_INST(ife->ifm_media) != sc->mii_inst) {
+   reg = PHY_READ(sc, MII_BMCR);
+   PHY_WRITE(sc, MII_BMCR, reg | BMCR_ISO);
+   return (0);
+   }
+
+   /*
+* If the interface is not up, don't 

change gateway to gateway route

[Alexander Bluhm]

Hi,

It is possible to create a gateway route pointing to another gateway
route by changing the gateway.

# route add 1/8 127.0.0.1
# route add 2/8 127.0.0.1
1/8127.0.0.1  UGS00 32768 8 lo0
2/8127.0.0.1  UGS00 32768 8 lo0
# route change 2/8 1.0.0.1
route: writing to routing socket: Network is unreachable
change net 2/8: gateway 1.0.0.1: Network is unreachable
1/8127.0.0.1  UGS12 32768 8 lo0
2/81.0.0.1UGS00 32768 8 lo0

Despite the error message when doing so, the route has actually
changed.  The gateway is modified by rt_setgate(), the error is
created by rt_getifa().  So these operations should be done the
other way around.

ok?

bluhm

Index: net/rtsock.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/net/rtsock.c,v
retrieving revision 1.172
diff -u -p -u -p -r1.172 rtsock.c
--- net/rtsock.c22 Oct 2015 15:37:47 -  1.172
+++ net/rtsock.c22 Oct 2015 21:05:51 -
@@ -744,6 +744,13 @@ report:
info.rti_info[RTAX_GATEWAY]->sa_len)) {
newgate = 1;
}
+   /* check reachable gateway before changing the route */
+   if (newgate || info.rti_info[RTAX_IFP] != NULL ||
+   info.rti_info[RTAX_IFA] != NULL) {
+   if ((error = rt_getifa(, tableid)) != 0)
+   goto flush;
+   ifa = info.rti_ifa;
+   }
if (info.rti_info[RTAX_GATEWAY] != NULL &&
(error = rt_setgate(rt, info.rti_info[RTAX_GATEWAY],
 tableid)))
@@ -753,12 +760,6 @@ report:
 * flags may also be different; ifp may be specified
 * by ll sockaddr when protocol address is ambiguous
 */
-   if (newgate || info.rti_info[RTAX_IFP] != NULL ||
-   info.rti_info[RTAX_IFA] != NULL) {
-   if ((error = rt_getifa(, tableid)) != 0)
-   goto flush;
-   ifa = info.rti_ifa;
-   }
if (ifa) {
if (rt->rt_ifa != ifa) {
if (rt->rt_ifa->ifa_rtrequest)

connect routing domains on layer 2

[Reyk Floeter]

Hi,

this diff allows to interconnect routing domains.

It is very useful to route traffic from one routing domain to another,
without using the pf "rtable" hack (tested in production for a long
time).

eg.,
# ifconfig vether0 10.0.1.1/24
# ifconfig vether1 rdomain 1 10.0.1.2/24
# ping 10.1.1.2
# route -T 1 add default 10.0.1.1
# ifconfig bridge0 add vether0 add em0

for hacking/testing, you can do thing like:
# dhcpd vether0
# dhclient vether1

It has been discussed in much detail if this is possible with
bridge(4).  It is not.  The bridge is not designed for it and explain
on request.

OK?

Reyk

Index: sbin/ifconfig/ifconfig.8
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
retrieving revision 1.257
diff -u -p -u -p -r1.257 ifconfig.8
--- sbin/ifconfig/ifconfig.86 Oct 2015 17:23:21 -   1.257
+++ sbin/ifconfig/ifconfig.822 Oct 2015 22:33:40 -
@@ -1560,6 +1560,33 @@ The accepted size of the number depends 
 it is a 24-bit number for
 .Xr vxlan 4 .
 .El
+.\" VETHER
+.Sh VETHER
+.nr nS 1
+.Bk -words
+.Nm ifconfig
+.Ar vether-interface
+.Op Oo Fl Oc Ns Cm crossover Ar interface
+.Ek
+.nr nS 0
+.Pp
+The following options are available for a
+.Xr vether 4
+interface:
+.Bl -tag -width Ds
+.It Cm crossover Ar interface
+Create a virtual crossover link with another
+.Xr vether 4
+interface.
+Any outgoing packets from the
+.Ar vether-interface
+will be received by the crossover
+.Ar interface
+and vice versa.
+This link allows to interconnect two routing domains locally.
+.It Fl crossover
+If configured, disconnect the virtual crossover link.
+.El
 .\" VLAN
 .Sh VLAN
 .nr nS 1
Index: sbin/ifconfig/ifconfig.c
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.302
diff -u -p -u -p -r1.302 ifconfig.c
--- sbin/ifconfig/ifconfig.c3 Oct 2015 10:44:23 -   1.302
+++ sbin/ifconfig/ifconfig.c22 Oct 2015 22:33:41 -
@@ -275,6 +275,8 @@ voidsetifipdst(const char *, int);
 void   setifdesc(const char *, int);
 void   unsetifdesc(const char *, int);
 void   printifhwfeatures(const char *, int);
+void   setxover(const char *, int);
+void   unsetxover(const char *, int);
 #else
 void   setignore(const char *, int);
 #endif
@@ -490,6 +492,8 @@ const structcmd {
{ "-descr", 1,  0,  unsetifdesc },
{ "wol",IFXF_WOL,   0,  setifxflags },
{ "-wol",   -IFXF_WOL,  0,  setifxflags },
+   { "crossover",  NEXTARG,0,  setxover },
+   { "-crossover", 1,  0,  unsetxover },
 #else /* SMALL */
{ "powersave",  NEXTARG0,   0,  setignore },
{ "priority",   NEXTARG,0,  setignore },
@@ -2917,6 +2921,7 @@ status(int link, struct sockaddr_dl *sdl
struct ifreq ifrdesc;
struct ifkalivereq ikardesc;
char ifdescr[IFDESCRSIZE];
+   char ifname[IF_NAMESIZE];
 #endif
uint64_t *media_list;
int i;
@@ -2955,6 +2960,9 @@ status(int link, struct sockaddr_dl *sdl
(ikardesc.ikar_timeo != 0 || ikardesc.ikar_cnt != 0))
printf("\tkeepalive: timeout %d count %d\n",
ikardesc.ikar_timeo, ikardesc.ikar_cnt);
+   if (ioctl(s, SIOCGXOVER, ) == 0 && ifrdesc.ifr_index != 0 &&
+   if_indextoname(ifrdesc.ifr_index, ifname) != NULL)
+   printf("\tcrossover: %s\n", ifname);
 #endif
vlan_status();
 #ifndef SMALL
@@ -5199,6 +5207,29 @@ setinstance(const char *id, int param)
ifr.ifr_rdomainid = rdomainid;
if (ioctl(s, SIOCSIFRDOMAIN, (caddr_t)) < 0)
warn("SIOCSIFRDOMAIN");
+}
+#endif
+
+#ifndef SMALL
+void
+setxover(const char *val, int d)
+{
+   strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+   if ((ifr.ifr_index = if_nametoindex(val)) == 0) {
+   errno = ENOENT;
+   err(1, "crossover %s", val);
+   }
+   if (ioctl(s, SIOCSXOVER, (caddr_t)) < 0)
+   warn("SIOCSXOVER");
+}
+
+void
+unsetxover(const char *val, int d)
+{
+   ifr.ifr_index = 0;
+   strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
+   if (ioctl(s, SIOCSXOVER, (caddr_t)) < 0)
+   warn("SIOCSXOVER");
 }
 #endif
 
Index: sys/net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.391
diff -u -p -u -p -r1.391 if.c
--- sys/net/if.c22 Oct 2015 15:37:47 -  1.391
+++ sys/net/if.c22 Oct 2015 22:33:42 -
@@ -1794,6 +1794,7 @@ ifioctl(struct socket *so, u_long cmd, c
case SIOCDELMULTI:
case SIOCSIFMEDIA:
case SIOCSVNETID:
+   case SIOCSXOVER:
if ((error = suser(p, 0)) != 0)
return (error);
/* FALLTHROUGH */
@@ 

mkdir pledge condition

[Ilya Kaliman]

& has lower precedence than ==, so this seems to be not what was
intended (the condition is always false):

===
RCS file: /cvs/src/bin/mkdir/mkdir.c,v
retrieving revision 1.28
diff -u -p -r1.28 mkdir.c
--- mkdir.c 10 Oct 2015 20:18:30 -  1.28
+++ mkdir.c 23 Oct 2015 00:03:31 -
@@ -82,7 +82,7 @@ main(int argc, char *argv[])
argc -= optind;
argv += optind;

-   if (mode & (S_ISUID | S_ISGID | S_ISTXT) == 0) {
+   if ((mode & (S_ISUID | S_ISGID | S_ISTXT)) == 0) {
if (pledge("stdio rpath cpath fattr", NULL) == -1)
err(1, "pledge");
}

unused macros in ksh

[Ilya Kaliman]

===
RCS file: /cvs/src/bin/ksh/shf.c,v
retrieving revision 1.25
diff -u -p -r1.25 shf.c
--- shf.c   19 Oct 2015 14:42:16 -  1.25
+++ shf.c   23 Oct 2015 00:27:40 -
@@ -707,10 +707,6 @@ shf_smprintf(const char *fmt, ...)
return shf_sclose(); /* null terminates */
 }

-#define BUF_SIZE   128
-#define ABIGNUM32000   /* big number that will fit in
a short */
-#define LOG2_103.321928094887362347870319429   /* log
base 2 of 10 */
-
 #defineFL_HASH 0x001   /* `#' seen */
 #define FL_PLUS0x002   /* `+' seen */
 #define FL_RIGHT   0x004   /* `-' seen */
@@ -722,7 +718,6 @@ shf_smprintf(const char *fmt, ...)
 #define FL_DOT 0x100   /* '.' seen */
 #define FL_UPPER   0x200   /* format character was uppercase */
 #define FL_NUMBER  0x400   /* a number was formated %[douxefg] */
-

 int
 shf_vfprintf(struct shf *shf, const char *fmt, va_list args)

Re: axphy(4): new dumb driver for axe(4) phys

[Jonathan Gray]

What does this do that ukphy doesn't?

I don't see any errata or special handling here.

On Fri, Oct 23, 2015 at 04:33:22AM +0300, Paul Irofti wrote:
> The following diff adds a basic PHY for Axis dongles.
> 
> Changes:
> ukphy0 at axe0 phy 16: Generic IEEE 802.3u media interface, rev. 1: OUI 
> 0x000ec6, model 0x0001
> ukphy0 at axe0 phy 16: Generic IEEE 802.3u media interface, rev. 1: OUI 
> 0x000ec6, model 0x0008
> 
> To:
> axphy0 at axe0 phy 16: AX88772 10/100 PHY, rev. 1
> axphy0 at axe0 phy 16: AX88772B 10/100 PHY, rev. 1
> 
> Tested on landisk and amd64. Okay?
> 
> Index: dev/mii/axphy.c
> ===
> RCS file: dev/mii/axphy.c
> diff -N dev/mii/axphy.c
> --- /dev/null 1 Jan 1970 00:00:00 -
> +++ dev/mii/axphy.c   22 Oct 2015 22:03:32 -
> @@ -0,0 +1,174 @@
> +/*   $OpenBSD$   */
> +
> +/*
> + * Copyright (c) 2015 Paul Irofti 
> + *
> + * Permission to use, copy, modify, and/or distribute this software for any
> + * purpose with or without fee is hereby granted, provided that the above
> + * copyright notice and this permission notice appear in all copies.
> + *
> + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
> + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
> + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
> + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
> + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
> + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
> + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
> + */
> +
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +#include 
> +
> +#include 
> +#include 
> +#include 
> +
> +#include 
> +#include 
> +#include 
> +
> +struct axphy_softc {
> + struct mii_softcsc_mii; /* common mii device part */
> +
> + uint8_t sc_current_page;
> +};
> +
> +int  axphymatch(struct device *, void *, void *);
> +void axphyattach(struct device *, struct device *, void *);
> +
> +struct cfattach axphy_ca = { sizeof(struct axphy_softc),
> + axphymatch, axphyattach, mii_phy_detach,
> +};
> +
> +struct cfdriver axphy_cd = {
> + NULL, "axphy", DV_DULL
> +};
> +
> +int  axphy_service(struct mii_softc *, struct mii_data *, int);
> +void axphy_status(struct mii_softc *);
> +void axphy_reset(struct mii_softc *);
> +
> +const struct mii_phy_funcs axphy_funcs = {
> + axphy_service, ukphy_status, mii_phy_reset,
> +};
> +
> +static const struct mii_phydesc axphys[] = {
> + { MII_OUI_ASIX, MII_MODEL_ASIX_AX88772,
> +   MII_STR_ASIX_AX88772 },
> + { MII_OUI_ASIX, MII_MODEL_ASIX_AX88772B,
> +   MII_STR_ASIX_AX88772B },
> +
> + { 0,0,
> +   NULL },
> +};
> +
> +int
> +axphymatch(struct device *parent, void *match, void *aux)
> +{
> + struct mii_attach_args *ma = aux;
> +
> + if (mii_phy_match(ma, axphys) != NULL)
> + return (10);
> +
> + return (0);
> +}
> +
> +void
> +axphyattach(struct device *parent, struct device *self, void *aux)
> +{
> + struct axphy_softc *bsc = (struct axphy_softc *)self;
> + struct mii_softc *sc = >sc_mii;
> + struct mii_attach_args *ma = aux;
> + struct mii_data *mii = ma->mii_data;
> + const struct mii_phydesc *mpd;
> +
> + mpd = mii_phy_match(ma, axphys);
> + printf(": %s, rev. %d\n", mpd->mpd_name, MII_REV(ma->mii_id2));
> +
> + sc->mii_inst = mii->mii_instance;
> + sc->mii_phy = ma->mii_phyno;
> + sc->mii_funcs = _funcs;
> + sc->mii_model = MII_MODEL(ma->mii_id2);
> + sc->mii_rev = MII_REV(ma->mii_id2);
> + sc->mii_pdata = mii;
> + sc->mii_flags = ma->mii_flags;
> + sc->mii_anegticks = MII_ANEGTICKS_GIGE;
> +
> + sc->mii_flags |= MIIF_NOISOLATE | MIIF_NOLOOP;
> +
> + sc->mii_capabilities = PHY_READ(sc, MII_BMSR) & ma->mii_capmask;
> +
> + if (sc->mii_capabilities & BMSR_EXTSTAT)
> + sc->mii_extcapabilities = PHY_READ(sc, MII_EXTSR);
> + if ((sc->mii_capabilities & BMSR_MEDIAMASK) ||
> + (sc->mii_extcapabilities & EXTSR_MEDIAMASK))
> + mii_phy_add_media(sc);
> +
> + PHY_RESET(sc);
> +}
> +
> +int
> +axphy_service(struct mii_softc *sc, struct mii_data *mii, int cmd)
> +{
> + struct ifmedia_entry *ife = mii->mii_media.ifm_cur;
> + int reg;
> +
> + if ((sc->mii_dev.dv_flags & DVF_ACTIVE) == 0)
> + return (ENXIO);
> +
> + switch (cmd) {
> + case MII_POLLSTAT:
> + /*
> +  * If we're not polling our PHY instance, just return.
> +  */
> + if (IFM_INST(ife->ifm_media) != sc->mii_inst)
> + return (0);
> + break;
> +
> + case MII_MEDIACHG:
> + /*
> +  * If the media indicates a different PHY instance,
> +  * isolate 

Re: unused macros in ksh

[Michael McConville]

Beat me to it. ok mmcc@

Ilya Kaliman wrote:
> ===
> RCS file: /cvs/src/bin/ksh/shf.c,v
> retrieving revision 1.25
> diff -u -p -r1.25 shf.c
> --- shf.c   19 Oct 2015 14:42:16 -  1.25
> +++ shf.c   23 Oct 2015 00:27:40 -
> @@ -707,10 +707,6 @@ shf_smprintf(const char *fmt, ...)
> return shf_sclose(); /* null terminates */
>  }
> 
> -#define BUF_SIZE   128
> -#define ABIGNUM32000   /* big number that will fit in
> a short */
> -#define LOG2_103.321928094887362347870319429   /* log
> base 2 of 10 */
> -
>  #defineFL_HASH 0x001   /* `#' seen */
>  #define FL_PLUS0x002   /* `+' seen */
>  #define FL_RIGHT   0x004   /* `-' seen */
> @@ -722,7 +718,6 @@ shf_smprintf(const char *fmt, ...)
>  #define FL_DOT 0x100   /* '.' seen */
>  #define FL_UPPER   0x200   /* format character was uppercase */
>  #define FL_NUMBER  0x400   /* a number was formated %[douxefg] */
> -
> 
>  int
>  shf_vfprintf(struct shf *shf, const char *fmt, va_list args)
> 

Re: catopen/catgets: out of boundary access

[Stefan Sperling]

On Tue, Oct 06, 2015 at 11:57:40PM +0200, Tobias Stoeckmann wrote:
> By the way, this is the second version with miod's feedback. Time to
> send it to tech@ now, too.
> 
> Fixed one issue due to missing braces and less ntohl() calls, which
> makes the code easier to read.

ok with me

> Index: catopen.c
> ===
> RCS file: /cvs/src/lib/libc/nls/catopen.c,v
> retrieving revision 1.17
> diff -u -p -r1.17 catopen.c
> --- catopen.c 5 Sep 2015 11:25:30 -   1.17
> +++ catopen.c 14 Sep 2015 18:27:00 -
> @@ -30,20 +30,24 @@
>  
>  #define _NLS_PRIVATE
>  
> -#include 
> -#include 
> -#include 
>  #include 
>  #include 
>  #include 
> -#include 
> +#include 
>  #include 
> +#include 
>  #include 
> +#include 
> +#include 
> +#include 
> +
> +#define MAXIMUM(a, b)(((a) > (b)) ? (a) : (b))
>  
>  #define NLS_DEFAULT_PATH 
> "/usr/share/nls/%L/%N.cat:/usr/share/nls/%l.%c/%N.cat:/usr/share/nls/%l/%N.cat"
>  #define NLS_DEFAULT_LANG "C"
>  
> -static nl_catd load_msgcat(const char *);
> +static nl_catd   load_msgcat(const char *);
> +static int   verify_msgcat(nl_catd);
>  
>  nl_catd
>  catopen(const char *name, int oflag)
> @@ -165,6 +169,8 @@ load_msgcat(const char *path)
>   void *data;
>   int fd;
>  
> + catd = NULL;
> +
>   if ((fd = open(path, O_RDONLY|O_CLOEXEC)) == -1)
>   return (nl_catd) -1;
>  
> @@ -173,24 +179,106 @@ load_msgcat(const char *path)
>   return (nl_catd) -1;
>   }
>  
> - data = mmap(0, (size_t) st.st_size, PROT_READ, MAP_SHARED, fd, 
> (off_t)0);
> - close (fd);
> -
> - if (data == MAP_FAILED) {
> + if (st.st_size > INT_MAX || st.st_size < sizeof (struct _nls_cat_hdr)) {
> + errno = EINVAL;
> + close (fd);
>   return (nl_catd) -1;
>   }
>  
> - if (ntohl(((struct _nls_cat_hdr *) data)->__magic) != _NLS_MAGIC) {
> - munmap(data, (size_t) st.st_size);
> - return (nl_catd) -1;
> - }
> + data = mmap(0, (size_t)st.st_size, PROT_READ, MAP_SHARED, fd, (off_t)0);
> + close (fd);
>  
> - if ((catd = malloc(sizeof (*catd))) == 0) {
> - munmap(data, (size_t) st.st_size);
> + if (data == MAP_FAILED)
>   return (nl_catd) -1;
> - }
> +
> + if (ntohl(((struct _nls_cat_hdr *) data)->__magic) != _NLS_MAGIC)
> + goto invalid;
> +
> + if ((catd = malloc(sizeof (*catd))) == 0)
> + goto invalid;
>  
>   catd->__data = data;
>   catd->__size = st.st_size;
> +
> + if (verify_msgcat(catd))
> + goto invalid;
> +
>   return catd;
> +
> +invalid:
> + free(catd);
> + munmap(data, (size_t) st.st_size);
> + errno = EINVAL;
> + return (nl_catd) -1;
>  }
> +
> +static int
> +verify_msgcat(nl_catd catd)
> +{
> + struct _nls_cat_hdr *cat;
> + struct _nls_set_hdr *set;
> + struct _nls_msg_hdr *msg;
> + size_t remain;
> + int hdr_offset, i, index, j, msgs, nmsgs, nsets, off, txt_offset;
> +
> + remain = catd->__size;
> + cat = (struct _nls_cat_hdr *) catd->__data;
> +
> + hdr_offset = ntohl(cat->__msg_hdr_offset);
> + nsets = ntohl(cat->__nsets);
> + txt_offset = ntohl(cat->__msg_txt_offset);
> +
> + /* catalog must contain at least one set and no negative offsets */
> + if (nsets < 1 || hdr_offset < 0 || txt_offset < 0)
> + return (1);
> +
> + remain -= sizeof (*cat);
> +
> + /* check if offsets or set size overflow */
> + if (remain <= hdr_offset || remain <= ntohl(cat->__msg_txt_offset) ||
> + remain / sizeof (*set) < nsets)
> + return (1);
> +
> + set = (struct _nls_set_hdr *) ((char *) catd->__data + sizeof (*cat));
> +
> + /* make sure that msg has space for at least one index */
> + if (remain - hdr_offset < sizeof(*msg))
> + return (1);
> +
> + msg = (struct _nls_msg_hdr *) ((char *) catd->__data + sizeof (*cat)
> + + hdr_offset);
> +
> + /* validate and retrieve largest string offset from sets */
> + off = 0;
> + for (i = 0; i < nsets; i++) {
> + index = ntohl(set[i].__index);
> + nmsgs = ntohl(set[i].__nmsgs);
> + /* set must contain at least one message */
> + if (index < 0 || nmsgs < 1)
> + return (1);
> +
> + if (INT_MAX - nmsgs < index)
> + return (1);
> + msgs = index + nmsgs;
> +
> + /* avoid msg index overflow */
> + if ((remain - hdr_offset) / sizeof(*msg) < msgs)
> + return (1);
> +
> + /* retrieve largest string offset */
> + for (j = index; j < nmsgs; j++) {
> + if (ntohl(msg[j].__offset) < 0)
> + return (1);
> + off = MAXIMUM(off, ntohl(msg[j].__offset));
> + }
> + }
> +
> +   

Re: make iked not static

[Stuart Henderson]

On 2015/10/21 22:30, Theo de Raadt wrote:
> >Already, iked is started after /usr has been mounted, so why the
> >static requirement?
> 
> Historic theories about ipsec protected nfs?  Who knows.
> 
> >> --- etc/rc 18 Oct 2015 21:33:18 -  1.467
> >> +++ etc/rc 20 Oct 2015 18:03:58 -
> >> @@ -353,7 +353,7 @@ make_keys
> >>  
> >>  echo -n 'starting early daemons:'
> >>  start_daemon syslogd ldattach pflogd nsd unbound ntpd
> >> -start_daemon iscsid isakmpd iked sasyncd ldapd npppd
> >> +start_daemon iscsid isakmpd sasyncd ldapd npppd
> >>  echo '.'
> >
> >Most of these are dynamically linked.
> >
> >You can make iked dynamic without moving it in the startup sequence.
> 
> Let's focus on that question first.  Where should it be started?
> 
> Let's move isakmpd and iked at the same time.  To where?
> 

I think immediately before iscsid. They need to be after ntpd because
you may be running on a machine without RTC and using X.509 certificates
for IPsec. And after the DNS daemons because you might be connecting to
a VPN by hostname. isakmpd should be before npppd. And actually I think
"Load IPsec rules" should also be before npppd, should npppd move later
to "starting network daemons"?

On 2015/10/20 20:25, Reyk Floeter wrote:
>  echo -n 'starting network daemons:'
> -start_daemon ldomd sshd snmpd ldpd ripd ospfd ospf6d bgpd ifstated
> +start_daemon iked ldomd sshd snmpd ldpd ripd ospfd ospf6d bgpd ifstated

IPsec should be brought up before ypldap.

Fewer ifa_ifp

[Martin Pieuchot]

Two more cases, ok?

Index: netinet6/in6_src.c
===
RCS file: /cvs/src/sys/netinet6/in6_src.c,v
retrieving revision 1.64
diff -u -p -r1.64 in6_src.c
--- netinet6/in6_src.c  19 Oct 2015 12:11:28 -  1.64
+++ netinet6/in6_src.c  22 Oct 2015 14:25:26 -
@@ -285,7 +285,7 @@ in6_selectsrc(struct in6_addr **in6src, 
 */
 
if (ro->ro_rt) {
-   ia6 = in6_ifawithscope(ro->ro_rt->rt_ifa->ifa_ifp, dst,
+   ia6 = in6_ifawithscope(ro->ro_rt->rt_ifp, dst,
rtableid);
if (ia6 == NULL) /* xxx scope error ?*/
ia6 = ifatoia6(ro->ro_rt->rt_ifa);
@@ -456,15 +456,8 @@ in6_selectif(struct sockaddr_in6 *dstsoc
if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE)))
return (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
 
-   /*
-* Adjust the "outgoing" interface.  If we're going to loop the packet
-* back to ourselves, the ifp would be the loopback interface.
-* However, we'd rather know the interface associated to the
-* destination address (which should probably be one of our own
-* addresses.)
-*/
-   if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp)
-   *retifp = if_ref(rt->rt_ifa->ifa_ifp);
+   if (rt != NULL)
+   *retifp = if_ref(rt->rt_ifp);
 
return (0);
 }

Re: mpsafe gem(4)

[Martin Pieuchot]

On 16/10/15(Fri) 15:05, Martin Pieuchot wrote:
> I'm a bit late to the party, but here's a diff to bring gem(4) to the
> group of cool^WIPL_MPSAFE drivers.
> 
> sparc and sparc64 are only compile tested, I've been running with this
> on my dual G5.
> 
> It includes Mark's diff to disable flow control since I'm running with
> it and it does help in my lab!
> 
> More tests and comments are welcome.

New diff fixing two issues found by jmatthew@

Index: dev/ic/gem.c
===
RCS file: /cvs/src/sys/dev/ic/gem.c,v
retrieving revision 1.113
diff -u -p -r1.113 gem.c
--- dev/ic/gem.c11 Sep 2015 13:02:28 -  1.113
+++ dev/ic/gem.c22 Oct 2015 13:48:52 -
@@ -96,6 +96,8 @@ void  gem_rx_watchdog(void *);
 void   gem_rxdrain(struct gem_softc *);
 void   gem_fill_rx_ring(struct gem_softc *);
 intgem_add_rxbuf(struct gem_softc *, int idx);
+intgem_load_mbuf(struct gem_softc *, struct gem_sxd *,
+   struct mbuf *);
 void   gem_iff(struct gem_softc *);
 
 /* MII methods & callbacks */
@@ -539,6 +541,10 @@ gem_stop(struct ifnet *ifp, int softonly
gem_reset_tx(sc);
}
 
+   intr_barrier(sc->sc_ih);
+
+   KASSERT((ifp->if_flags & IFF_RUNNING) == 0);
+
/*
 * Release any queued transmit buffers.
 */
@@ -949,6 +955,9 @@ gem_rint(struct gem_softc *sc)
u_int64_t rxstat;
int i, len;
 
+   if (if_rxr_inuse(>sc_rx_ring) == 0)
+   return (0);
+
for (i = sc->sc_rx_cons; if_rxr_inuse(>sc_rx_ring) > 0;
i = GEM_NEXTRX(i)) {
rxs = >sc_rxsoft[i];
@@ -1134,8 +1143,11 @@ gem_intr(void *v)
printf("%s: MAC tx fault, status %x\n",
sc->sc_dev.dv_xname, txstat);
 #endif
-   if (txstat & (GEM_MAC_TX_UNDERRUN | GEM_MAC_TX_PKT_TOO_LONG))
+   if (txstat & (GEM_MAC_TX_UNDERRUN | GEM_MAC_TX_PKT_TOO_LONG)) {
+   KERNEL_LOCK();
gem_init(ifp);
+   KERNEL_UNLOCK();
+   }
}
if (status & GEM_INTR_RX_MAC) {
int rxstat = bus_space_read_4(t, seb, GEM_MAC_RX_STATUS);
@@ -1617,6 +1629,7 @@ gem_tint(struct gem_softc *sc, u_int32_t
struct ifnet *ifp = >sc_arpcom.ac_if;
struct gem_sxd *sd;
u_int32_t cons, hwcons;
+   u_int32_t used, free = 0;;
 
hwcons = status >> 19;
cons = sc->sc_tx_cons;
@@ -1630,76 +1643,96 @@ gem_tint(struct gem_softc *sc, u_int32_t
sd->sd_mbuf = NULL;
ifp->if_opackets++;
}
-   sc->sc_tx_cnt--;
+   free++;
if (++cons == GEM_NTXDESC)
cons = 0;
}
+
sc->sc_tx_cons = cons;
+   used = atomic_sub_int_nv(>sc_tx_cnt, free);
 
-   if (sc->sc_tx_cnt < GEM_NTXDESC - 2)
-   ifp->if_flags &= ~IFF_OACTIVE;
-   if (sc->sc_tx_cnt == 0)
+   /* All clean, turn off the timer. */
+   if (used == 0)
ifp->if_timer = 0;
 
-   gem_start(ifp);
+   /*
+* If we have enough room, clear IFF_OACTIVE to tell the stack
+* that it iss OK to send packets.
+*/
+   if (ISSET(ifp->if_flags, IFF_OACTIVE) && (used < GEM_NTXDESC - 2)) {
+   KERNEL_LOCK();
+   CLR(ifp->if_flags, IFF_OACTIVE);
+   gem_start(ifp);
+   KERNEL_UNLOCK();
+   }
 
return (1);
 }
 
+int
+gem_load_mbuf(struct gem_softc *sc, struct gem_sxd *sd, struct mbuf *m)
+{
+   int error;
+
+   error = bus_dmamap_load_mbuf(sc->sc_dmatag, sd->sd_map, m,
+   BUS_DMA_NOWAIT);
+   switch (error) {
+   case 0:
+   break;
+
+   case EFBIG: /* mbuf chain is too fragmented */
+   if (m_defrag(m, M_DONTWAIT) == 0 &&
+   bus_dmamap_load_mbuf(sc->sc_dmatag, sd->sd_map, m,
+   BUS_DMA_NOWAIT) == 0)
+   break;
+   /* FALLTHROUGH */
+   default:
+   return (1);
+   }
+
+   sd->sd_mbuf = m;
+   return (0);
+}
+
 void
 gem_start(struct ifnet *ifp)
 {
struct gem_softc *sc = ifp->if_softc;
+   struct gem_sxd *sd;
struct mbuf *m;
u_int64_t flags;
bus_dmamap_t map;
-   u_int32_t cur, frag, i;
-   int error;
+   u_int32_t cons, prod;
+   unsigned int used, new;
 
if ((ifp->if_flags & (IFF_RUNNING | IFF_OACTIVE)) != IFF_RUNNING)
return;
 
-   while (sc->sc_txd[sc->sc_tx_prod].sd_mbuf == NULL) {
-   IFQ_POLL(>if_snd, m);
+   cons = prod = sc->sc_tx_prod;
+   used = sc->sc_tx_cnt;
+   new = 0;
+
+   for (;;) {
+   IFQ_DEQUEUE(>if_snd, m);
if (m == NULL)
break;
 
-

Re: Do not change rt_ifa after insertion

[Alexander Bluhm]

On Thu, Oct 22, 2015 at 01:34:20PM +0200, Martin Pieuchot wrote:
> Either because it has been specified in rt_ifa_add() or because
> rt_getifa() returns you the correct one.  So if the key of a route
> matches an address on the ifp it *must* be the same ifa.
> 
> Let's make sure of that, ok?

OK bluhm@

> 
> Index: net/if.c
> ===
> RCS file: /cvs/src/sys/net/if.c,v
> retrieving revision 1.390
> diff -u -p -r1.390 if.c
> --- net/if.c  22 Oct 2015 10:46:26 -  1.390
> +++ net/if.c  22 Oct 2015 11:06:11 -
> @@ -1321,6 +1321,8 @@ p2p_rtrequest(int req, struct rtentry *r
>   if (ifa == NULL)
>   break;
>  
> + KASSERT(ifa == rt->rt_ifa);
> +
>   /*
>* XXX Since lo0 is in the default rdomain we should not
>* (ab)use it for any route related to an interface of a
> @@ -1335,17 +1337,6 @@ p2p_rtrequest(int req, struct rtentry *r
>   break;
>  
>   rt->rt_flags &= ~RTF_LLINFO;
> -
> - /*
> -  * make sure to set rt->rt_ifa to the interface
> -  * address we are using, otherwise we will have trouble
> -  * with source address selection.
> -  */
> - if (ifa != rt->rt_ifa) {
> - ifafree(rt->rt_ifa);
> - ifa->ifa_refcnt++;
> - rt->rt_ifa = ifa;
> - }
>   break;
>   case RTM_DELETE:
>   case RTM_RESOLVE:
> Index: netinet/if_ether.c
> ===
> RCS file: /cvs/src/sys/netinet/if_ether.c,v
> retrieving revision 1.172
> diff -u -p -r1.172 if_ether.c
> --- netinet/if_ether.c13 Oct 2015 10:21:27 -  1.172
> +++ netinet/if_ether.c22 Oct 2015 11:06:13 -
> @@ -235,17 +235,8 @@ arp_rtrequest(int req, struct rtentry *r
>   break;
>   }
>   if (ifa) {
> + KASSERT(ifa == rt->rt_ifa);
>   rt->rt_expire = 0;
> - /*
> -  * make sure to set rt->rt_ifa to the interface
> -  * address we are using, otherwise we will have trouble
> -  * with source address selection.
> -  */
> - if (ifa != rt->rt_ifa) {
> - ifafree(rt->rt_ifa);
> - ifa->ifa_refcnt++;
> - rt->rt_ifa = ifa;
> - }
>   }
>   break;
>  
> Index: netinet6/nd6.c
> ===
> RCS file: /cvs/src/sys/netinet6/nd6.c,v
> retrieving revision 1.156
> diff -u -p -r1.156 nd6.c
> --- netinet6/nd6.c22 Oct 2015 10:27:22 -  1.156
> +++ netinet6/nd6.c22 Oct 2015 11:06:15 -
> @@ -1103,20 +1103,7 @@ nd6_rtrequest(int req, struct rtentry *r
>   nd6_llinfo_settimer(ln, -1);
>   ln->ln_state = ND6_LLINFO_REACHABLE;
>   ln->ln_byhint = 0;
> -
> - /*
> -  * Make sure rt_ifa be equal to the ifaddr
> -  * corresponding to the address.
> -  * We need this because when we refer
> -  * rt_ifa->ia6_flags in ip6_input, we assume
> -  * that the rt_ifa points to the address instead
> -  * of the loopback address.
> -  */
> - if (ifa != rt->rt_ifa) {
> - ifafree(rt->rt_ifa);
> - ifa->ifa_refcnt++;
> - rt->rt_ifa = ifa;
> - }
> + KASSERT(ifa == rt->rt_ifa);
>   } else if (rt->rt_flags & RTF_ANNOUNCE) {
>   nd6_llinfo_settimer(ln, -1);
>   ln->ln_state = ND6_LLINFO_REACHABLE;

Re: connect routing domains on layer 2

[David Gwynne]

> On 23 Oct 2015, at 09:00, Reyk Floeter  wrote:
> 
> Hi,
> 
> this diff allows to interconnect routing domains.
> 
> It is very useful to route traffic from one routing domain to another,
> without using the pf "rtable" hack (tested in production for a long
> time).
> 
> eg.,
> # ifconfig vether0 10.0.1.1/24
> # ifconfig vether1 rdomain 1 10.0.1.2/24
> # ping 10.1.1.2
> # route -T 1 add default 10.0.1.1
> # ifconfig bridge0 add vether0 add em0
> 
> for hacking/testing, you can do thing like:
> # dhcpd vether0
> # dhclient vether1
> 
> It has been discussed in much detail if this is possible with
> bridge(4).  It is not.  The bridge is not designed for it and explain
> on request.

the diff implements a crossover option, but the example above doesnt use them. 
does that mean you can use a bridge to build crossovers without the extra code, 
or the example is wrong?

> 
> OK?
> 
> Reyk
> 
> Index: sbin/ifconfig/ifconfig.8
> ===
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.8,v
> retrieving revision 1.257
> diff -u -p -u -p -r1.257 ifconfig.8
> --- sbin/ifconfig/ifconfig.8  6 Oct 2015 17:23:21 -   1.257
> +++ sbin/ifconfig/ifconfig.8  22 Oct 2015 22:33:40 -
> @@ -1560,6 +1560,33 @@ The accepted size of the number depends 
> it is a 24-bit number for
> .Xr vxlan 4 .
> .El
> +.\" VETHER
> +.Sh VETHER
> +.nr nS 1
> +.Bk -words
> +.Nm ifconfig
> +.Ar vether-interface
> +.Op Oo Fl Oc Ns Cm crossover Ar interface
> +.Ek
> +.nr nS 0
> +.Pp
> +The following options are available for a
> +.Xr vether 4
> +interface:
> +.Bl -tag -width Ds
> +.It Cm crossover Ar interface
> +Create a virtual crossover link with another
> +.Xr vether 4
> +interface.
> +Any outgoing packets from the
> +.Ar vether-interface
> +will be received by the crossover
> +.Ar interface
> +and vice versa.
> +This link allows to interconnect two routing domains locally.
> +.It Fl crossover
> +If configured, disconnect the virtual crossover link.
> +.El
> .\" VLAN
> .Sh VLAN
> .nr nS 1
> Index: sbin/ifconfig/ifconfig.c
> ===
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> retrieving revision 1.302
> diff -u -p -u -p -r1.302 ifconfig.c
> --- sbin/ifconfig/ifconfig.c  3 Oct 2015 10:44:23 -   1.302
> +++ sbin/ifconfig/ifconfig.c  22 Oct 2015 22:33:41 -
> @@ -275,6 +275,8 @@ void  setifipdst(const char *, int);
> void  setifdesc(const char *, int);
> void  unsetifdesc(const char *, int);
> void  printifhwfeatures(const char *, int);
> +void setxover(const char *, int);
> +void unsetxover(const char *, int);
> #else
> void  setignore(const char *, int);
> #endif
> @@ -490,6 +492,8 @@ const struct  cmd {
>   { "-descr", 1,  0,  unsetifdesc },
>   { "wol",IFXF_WOL,   0,  setifxflags },
>   { "-wol",   -IFXF_WOL,  0,  setifxflags },
> + { "crossover",  NEXTARG,0,  setxover },
> + { "-crossover", 1,  0,  unsetxover },
> #else /* SMALL */
>   { "powersave",  NEXTARG0,   0,  setignore },
>   { "priority",   NEXTARG,0,  setignore },
> @@ -2917,6 +2921,7 @@ status(int link, struct sockaddr_dl *sdl
>   struct ifreq ifrdesc;
>   struct ifkalivereq ikardesc;
>   char ifdescr[IFDESCRSIZE];
> + char ifname[IF_NAMESIZE];
> #endif
>   uint64_t *media_list;
>   int i;
> @@ -2955,6 +2960,9 @@ status(int link, struct sockaddr_dl *sdl
>   (ikardesc.ikar_timeo != 0 || ikardesc.ikar_cnt != 0))
>   printf("\tkeepalive: timeout %d count %d\n",
>   ikardesc.ikar_timeo, ikardesc.ikar_cnt);
> + if (ioctl(s, SIOCGXOVER, ) == 0 && ifrdesc.ifr_index != 0 &&
> + if_indextoname(ifrdesc.ifr_index, ifname) != NULL)
> + printf("\tcrossover: %s\n", ifname);
> #endif
>   vlan_status();
> #ifndef SMALL
> @@ -5199,6 +5207,29 @@ setinstance(const char *id, int param)
>   ifr.ifr_rdomainid = rdomainid;
>   if (ioctl(s, SIOCSIFRDOMAIN, (caddr_t)) < 0)
>   warn("SIOCSIFRDOMAIN");
> +}
> +#endif
> +
> +#ifndef SMALL
> +void
> +setxover(const char *val, int d)
> +{
> + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
> + if ((ifr.ifr_index = if_nametoindex(val)) == 0) {
> + errno = ENOENT;
> + err(1, "crossover %s", val);
> + }
> + if (ioctl(s, SIOCSXOVER, (caddr_t)) < 0)
> + warn("SIOCSXOVER");
> +}
> +
> +void
> +unsetxover(const char *val, int d)
> +{
> + ifr.ifr_index = 0;
> + strlcpy(ifr.ifr_name, name, sizeof(ifr.ifr_name));
> + if (ioctl(s, SIOCSXOVER, (caddr_t)) < 0)
> + warn("SIOCSXOVER");
> }
> #endif
> 
> Index: sys/net/if.c
> ===
> RCS file: /cvs/src/sys/net/if.c,v
> retrieving revision 

Re: A couple of style(9) tweaks

[Philip Guenther]

On Tue, Oct 20, 2015 at 3:55 PM, Ilya Kaliman  wrote:
...
> --- bin/ed/main.c   9 Oct 2015 21:24:05 -   1.53
> +++ bin/ed/main.c   20 Oct 2015 22:49:53 -
> @@ -174,7 +174,7 @@ top:
> signal(SIGHUP, signal_hup);
> signal(SIGQUIT, SIG_IGN);
> signal(SIGINT, signal_int);
> -   if (status = sigsetjmp(env, 1)) {
> +   if ((status = sigsetjmp(env, 1))) {

This technically undefined behavior, as you are not allowed to capture
the return value of setjmp(), _setjmp(), or sigsetjmp() in a variable
To quote the C standard:

An application shall ensure that an invocation of setjmp( ) appears in
one of the following
contexts only:

· The entire controlling expression of a selection or iteration statement

· One operand of a relational or equality operator with the other
operand an integral
   constant expression, with the resulting expression being the
entire controlling expression
   of a selection or iteration statement

· The operand of a unary '!' operator with the resulting
expression being the entire
   controlling expression of a selection or iteration

· The entire expression of an expression statement (possibly cast to void)

If the invocation appears in any other context, the behavior is undefined.


POSIX extends that to the other two functions.


Fortunately, ed only call sigsetjmpt() with the value -1, and status
is initialized to zero, so the diff below should fix it without
changing the behavior.

oks?

Philip Guenther

--- bin/ed/main.c   21 Oct 2015 16:06:57 -  1.54
+++ bin/ed/main.c   23 Oct 2015 04:55:31 -
@@ -174,7 +174,8 @@ top:
signal(SIGHUP, signal_hup);
signal(SIGQUIT, SIG_IGN);
signal(SIGINT, signal_int);
-   if ((status = sigsetjmp(env, 1))) {
+   if (sigsetjmp(env, 1)) {
+   status = -1;
fputs("\n?\n", stderr);
seterrmsg("interrupt");
} else {

Re: Pledge "id" for identd

[Jérémie Courrèges-Anglas]

Gregor Best  writes:

> Hi people,

Hi,

> identd's parent process needs to pledge "id" so it can call setgroups
> and friends later.

Likely a victim of the "proc" -> "id" switch.  The following diff
survived a few tests.

Index: identd.c
===
RCS file: /cvs/src/usr.sbin/identd/identd.c,v
retrieving revision 1.32
diff -u -p -p -u -r1.32 identd.c
--- identd.c16 Oct 2015 05:55:23 -  1.32
+++ identd.c22 Oct 2015 13:47:11 -
@@ -314,7 +314,7 @@ main(int argc, char *argv[])
lerr(1, "signal(SIGPIPE)");
 
if (parent) {
-   if (pledge("stdio proc getpw rpath", NULL) == -1)
+   if (pledge("stdio getpw rpath id", NULL) == -1)
err(1, "pledge");
 
SIMPLEQ_INIT();


-- 
jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF  DDCC 0DFA 74AE 1524 E7EE

Re: carp_iamatch() tweak

[Alexander Bluhm]

On Thu, Oct 22, 2015 at 12:34:56PM +0200, Martin Pieuchot wrote:
> Instead of passing an ``ia'' to dereference ``ia_ifp'', pass ``ifp''
> directly, we have it.
> 
> ok?

OK bluhm@

> 
> Index: netinet/if_ether.c
> ===
> RCS file: /cvs/src/sys/netinet/if_ether.c,v
> retrieving revision 1.172
> diff -u -p -r1.172 if_ether.c
> --- netinet/if_ether.c13 Oct 2015 10:21:27 -  1.172
> +++ netinet/if_ether.c22 Oct 2015 10:32:51 -
> @@ -578,7 +578,7 @@ in_arpinput(struct mbuf *m)
>   (IFF_UP|IFF_RUNNING))) {
>   if (op == ARPOP_REPLY)
>   break;
> - if (carp_iamatch(ifatoia(ifa), ea->arp_sha,
> + if (carp_iamatch(ifp, ea->arp_sha,
>   , _shost))
>   break;
>   else
> Index: netinet/ip_carp.c
> ===
> RCS file: /cvs/src/sys/netinet/ip_carp.c,v
> retrieving revision 1.276
> diff -u -p -r1.276 ip_carp.c
> --- netinet/ip_carp.c 14 Oct 2015 13:59:31 -  1.276
> +++ netinet/ip_carp.c 22 Oct 2015 10:32:51 -
> @@ -1355,10 +1355,10 @@ carp_update_lsmask(struct carp_softc *sc
>  }
>  
>  int
> -carp_iamatch(struct in_ifaddr *ia, u_char *src, u_int8_t **sha,
> +carp_iamatch(struct ifnet *ifp, u_char *src, u_int8_t **sha,
>  u_int8_t **ether_shost)
>  {
> - struct carp_softc *sc = ia->ia_ifp->if_softc;
> + struct carp_softc *sc = ifp->if_softc;
>   struct carp_vhost_entry *vhe = SRPL_FIRST_LOCKED(>carp_vhosts);
>  
>   KERNEL_ASSERT_LOCKED(); /* touching carp_vhosts */
> Index: netinet/ip_carp.h
> ===
> RCS file: /cvs/src/sys/netinet/ip_carp.h,v
> retrieving revision 1.34
> diff -u -p -r1.34 ip_carp.h
> --- netinet/ip_carp.h 8 Jun 2015 13:40:48 -   1.34
> +++ netinet/ip_carp.h 22 Oct 2015 10:32:50 -
> @@ -168,7 +168,7 @@ void   carp_proto_input (struct mbuf *, 
>  void  carp_carpdev_state(void *);
>  void  carp_group_demote_adj(struct ifnet *, int, char *);
>  int   carp6_proto_input(struct mbuf **, int *, int);
> -int   carp_iamatch(struct in_ifaddr *, u_char *, u_int8_t **,
> +int   carp_iamatch(struct ifnet *, u_char *, u_int8_t **,
>u_int8_t **);
>  int   carp_iamatch6(struct ifnet *, u_char *, struct sockaddr_dl **);
>  struct ifnet *carp_ourether(void *, u_int8_t *);

Re: rt_ifa_add() dead code

[Alexander Bluhm]

On Thu, Oct 22, 2015 at 01:04:16PM +0200, Martin Pieuchot wrote:
> RTAX_IFA is specified so rt_getifa() is never called and this is simply
> dead code.
> 
> ok?

OK bluhm@

> 
> Index: net/route.c
> ===
> RCS file: /cvs/src/sys/net/route.c,v
> retrieving revision 1.254
> diff -u -p -r1.254 route.c
> --- net/route.c   21 Oct 2015 08:21:06 -  1.254
> +++ net/route.c   22 Oct 2015 11:02:00 -
> @@ -1133,19 +1133,6 @@ rt_ifa_add(struct ifaddr *ifa, int flags
>  
>   error = rtrequest1(RTM_ADD, , prio, , rtableid);
>   if (error == 0) {
> - if (rt->rt_ifa != ifa) {
> - printf("%s: wrong ifa (%p) was (%p)\n", __func__,
> - ifa, rt->rt_ifa);
> - if (rt->rt_ifa->ifa_rtrequest)
> - rt->rt_ifa->ifa_rtrequest(RTM_DELETE, rt);
> - ifafree(rt->rt_ifa);
> - rt->rt_ifa = ifa;
> - rt->rt_ifp = ifa->ifa_ifp;
> - ifa->ifa_refcnt++;
> - if (ifa->ifa_rtrequest)
> - ifa->ifa_rtrequest(RTM_ADD, rt);
> - }
> -
>   /*
>* A local route is created for every address configured
>* on an interface, so use this information to notify

support for malloc allocation canaries

[Daniel Micay]

Hi,

This patch adds an opt-in malloc configuration option placing canaries after
small allocations to detect heap overflows on free(...). It's intended to be
used alongside guard pages for large allocations. Since it's essentially
adding extra padding to all small allocations, a small heap overflow will be
rendered harmless.

The current implementation uses pointer-size canaries, but it could be easily
extended to allow bumping up the size of the canaries by passing the option
multiple times. The entry points into malloc account for the canary size when
it's enabled and then it's generated on allocation and checked on free. Small
allocations without room for a canary are simply turned into large
allocations. Some care needs to be taken to avoid clobbering the canary in the
junk filling code and realloc copying.

The canary is placed at the very end of the memory allocations so there will
often be slack space in between the real allocation and the canary preventing
small overflows from being detected. It would be much better at detecting
corruption with finer-grained size classes. The extreme would be every
multiple of the alignment, but logarithmic growth would be more realistic (see
jemalloc's size classes). Finer-grained size classes would also reduce the
memory overhead caused by allocations being pushed into the next size class by
the canary.

The canaries are currently generated with canary_value ^ hash(canary_address).
It would be best to avoid involving addresses to avoid introducing address
leaks via read overflows where there were none before, but it's the easiest
way to get unique canaries and is a minor issue to improve down the road.

I implemented this feature after porting OpenBSD malloc to Android (in
CopperheadOS) and it has found a few bugs in the app ecosystem. Note that I've
only heavily tested it there, not on OpenBSD itself. I'm not sure if you want
this feature but it seemed worth submitting.

Hopefully you don't mind a patch generated with Git. :)

diff --git a/stdlib/malloc.c b/stdlib/malloc.c
index 424dd77..65b5027 100644
--- a/stdlib/malloc.c
+++ b/stdlib/malloc.c
@@ -185,12 +185,14 @@ struct malloc_readonly {
int malloc_move;/* move allocations to end of page? */
int malloc_realloc; /* always realloc? */
int malloc_xmalloc; /* xmalloc behaviour? */
+   size_t  malloc_canaries;/* use canaries after chunks? */
size_t  malloc_guard;   /* use guard pages after allocations? */
u_int   malloc_cache;   /* free pages we cache */
 #ifdef MALLOC_STATS
int malloc_stats;   /* dump statistics at end */
 #endif
u_int32_t malloc_canary;/* Matched against ones in malloc_pool 
*/
+   uintptr_t malloc_chunk_canary;
 };
 
 /* This object is mapped PROT_READ after initialisation to prevent tampering */
@@ -526,6 +528,12 @@ omalloc_init(struct dir_info **dp)
case 'A':
mopts.malloc_abort = 1;
break;
+   case 'c':
+   mopts.malloc_canaries = 0;
+   break;
+   case 'C':
+   mopts.malloc_canaries = sizeof(void *);
+   break;
 #ifdef MALLOC_STATS
case 'd':
mopts.malloc_stats = 0;
@@ -619,6 +627,9 @@ omalloc_init(struct dir_info **dp)
while ((mopts.malloc_canary = arc4random()) == 0)
;
 
+   arc4random_buf(_chunk_canary,
+   sizeof(mopts.malloc_chunk_canary));
+
/*
 * Allocate dir_info with a guard page on either side. Also
 * randomise offset inside the page at which the dir_info
@@ -984,8 +995,15 @@ malloc_bytes(struct dir_info *d, size_t size, void *f)
k += (lp - bp->bits) * MALLOC_BITS;
k <<= bp->shift;
 
+   if (mopts.malloc_canaries && bp->size > 0) {
+   char *end = (char *)bp->page + k + bp->size;
+   uintptr_t *canary = (uintptr_t *)(end - mopts.malloc_canaries);
+   *canary = mopts.malloc_chunk_canary ^ hash(canary);
+   }
+
if (mopts.malloc_junk == 2 && bp->size > 0)
-   memset((char *)bp->page + k, SOME_JUNK, bp->size);
+   memset((char *)bp->page + k, SOME_JUNK,
+   bp->size - mopts.malloc_canaries);
return ((char *)bp->page + k);
 }
 
@@ -999,6 +1017,13 @@ find_chunknum(struct dir_info *d, struct region_info *r, 
void *ptr)
if (info->canary != d->canary1)
wrterror("chunk info corrupted", NULL);
 
+   if (mopts.malloc_canaries && info->size > 0) {
+   char *end = (char *)ptr + info->size;
+   uintptr_t *canary = (uintptr_t *)(end - mopts.malloc_canaries);
+   if (*canary != (mopts.malloc_chunk_canary ^ hash(canary)))
+   

Re: ifa_ifp and RTF_LOCAL routes

[Alexander Bluhm]

On Wed, Oct 21, 2015 at 10:18:49AM +0200, Martin Pieuchot wrote:
> Now that (rt_ifa->ifa_ifp == rt_ifp) we can simplify the check below.
> 
> Ok?

OK bluhm@

> 
> Index: net/route.c
> ===
> RCS file: /cvs/src/sys/net/route.c,v
> retrieving revision 1.253
> diff -u -p -r1.253 route.c
> --- net/route.c   16 Oct 2015 12:36:02 -  1.253
> +++ net/route.c   21 Oct 2015 08:12:53 -
> @@ -1666,8 +1666,7 @@ rt_if_linkstate_change(struct rtentry *r
>  {
>   struct ifnet *ifp = arg;
>  
> - if ((rt->rt_ifp != ifp) &&
> - (rt->rt_ifa == NULL || rt->rt_ifa->ifa_ifp != ifp))
> + if (rt->rt_ifp != ifp)
>   return (0);
>  
>   /* Local routes are always usable. */

Re: Fewer ifa_ifp

[Alexander Bluhm]

On Thu, Oct 22, 2015 at 04:31:09PM +0200, Martin Pieuchot wrote:
> Two more cases, ok?

OK bluhm@

> 
> Index: netinet6/in6_src.c
> ===
> RCS file: /cvs/src/sys/netinet6/in6_src.c,v
> retrieving revision 1.64
> diff -u -p -r1.64 in6_src.c
> --- netinet6/in6_src.c19 Oct 2015 12:11:28 -  1.64
> +++ netinet6/in6_src.c22 Oct 2015 14:25:26 -
> @@ -285,7 +285,7 @@ in6_selectsrc(struct in6_addr **in6src, 
>*/
>  
>   if (ro->ro_rt) {
> - ia6 = in6_ifawithscope(ro->ro_rt->rt_ifa->ifa_ifp, dst,
> + ia6 = in6_ifawithscope(ro->ro_rt->rt_ifp, dst,
>   rtableid);
>   if (ia6 == NULL) /* xxx scope error ?*/
>   ia6 = ifatoia6(ro->ro_rt->rt_ifa);
> @@ -456,15 +456,8 @@ in6_selectif(struct sockaddr_in6 *dstsoc
>   if (rt && (rt->rt_flags & (RTF_REJECT | RTF_BLACKHOLE)))
>   return (rt->rt_flags & RTF_HOST ? EHOSTUNREACH : ENETUNREACH);
>  
> - /*
> -  * Adjust the "outgoing" interface.  If we're going to loop the packet
> -  * back to ourselves, the ifp would be the loopback interface.
> -  * However, we'd rather know the interface associated to the
> -  * destination address (which should probably be one of our own
> -  * addresses.)
> -  */
> - if (rt && rt->rt_ifa && rt->rt_ifa->ifa_ifp)
> - *retifp = if_ref(rt->rt_ifa->ifa_ifp);
> + if (rt != NULL)
> + *retifp = if_ref(rt->rt_ifp);
>  
>   return (0);
>  }

Re: Kill link_rtrequest()

[Martin Pieuchot]

On 19/10/15(Mon) 14:07, Martin Pieuchot wrote:
> This function is a no-op, let's kill it.

Anybody?

> 
> Index: net/if.c
> ===
> RCS file: /cvs/src/sys/net/if.c,v
> retrieving revision 1.389
> diff -u -p -r1.389 if.c
> --- net/if.c  12 Oct 2015 13:17:58 -  1.389
> +++ net/if.c  19 Oct 2015 11:43:32 -
> @@ -1274,30 +1274,6 @@ ifaof_ifpforaddr(struct sockaddr *addr, 
>  }
>  
>  /*
> - * Default action when installing a route with a Link Level gateway.
> - * Lookup an appropriate real ifa to point to.
> - * This should be moved to /sys/net/link.c eventually.
> - */
> -void
> -link_rtrequest(int cmd, struct rtentry *rt)
> -{
> - struct ifaddr *ifa;
> - struct sockaddr *dst;
> - struct ifnet *ifp;
> -
> - if (cmd != RTM_ADD || ((ifa = rt->rt_ifa) == 0) ||
> - ((ifp = ifa->ifa_ifp) == 0) || ((dst = rt_key(rt)) == 0))
> - return;
> - if ((ifa = ifaof_ifpforaddr(dst, ifp)) != NULL) {
> - ifa->ifa_refcnt++;
> - ifafree(rt->rt_ifa);
> - rt->rt_ifa = ifa;
> - if (ifa->ifa_rtrequest && ifa->ifa_rtrequest != link_rtrequest)
> - ifa->ifa_rtrequest(cmd, rt);
> - }
> -}
> -
> -/*
>   * Default action when installing a local route on a point-to-point
>   * interface.
>   */
> Index: net/if_enc.c
> ===
> RCS file: /cvs/src/sys/net/if_enc.c,v
> retrieving revision 1.60
> diff -u -p -r1.60 if_enc.c
> --- net/if_enc.c  14 Mar 2015 03:38:51 -  1.60
> +++ net/if_enc.c  19 Oct 2015 11:38:10 -
> @@ -103,7 +103,6 @@ enc_clone_create(struct if_clone *ifc, i
>*/
>   if_alloc_sadl(ifp);
>   sc->sc_ifa.ifa_ifp = ifp;
> - sc->sc_ifa.ifa_rtrequest = link_rtrequest;
>   sc->sc_ifa.ifa_addr = (struct sockaddr *)ifp->if_sadl;
>   sc->sc_ifa.ifa_netmask = NULL;
>  
> Index: net/if_mpe.c
> ===
> RCS file: /cvs/src/sys/net/if_mpe.c,v
> retrieving revision 1.47
> diff -u -p -r1.47 if_mpe.c
> --- net/if_mpe.c  12 Sep 2015 20:50:17 -  1.47
> +++ net/if_mpe.c  19 Oct 2015 11:38:00 -
> @@ -104,7 +104,6 @@ mpe_clone_create(struct if_clone *ifc, i
>  #endif
>  
>   mpeif->sc_ifa.ifa_ifp = ifp;
> - mpeif->sc_ifa.ifa_rtrequest = link_rtrequest;
>   mpeif->sc_ifa.ifa_addr = (struct sockaddr *) ifp->if_sadl;
>   mpeif->sc_smpls.smpls_len = sizeof(mpeif->sc_smpls);
>   mpeif->sc_smpls.smpls_family = AF_MPLS;
> Index: net/if_mpw.c
> ===
> RCS file: /cvs/src/sys/net/if_mpw.c,v
> retrieving revision 1.6
> diff -u -p -r1.6 if_mpw.c
> --- net/if_mpw.c  12 Sep 2015 20:50:17 -  1.6
> +++ net/if_mpw.c  19 Oct 2015 11:37:53 -
> @@ -104,7 +104,6 @@ mpw_clone_create(struct if_clone *ifc, i
>   if_alloc_sadl(ifp);
>  
>   sc->sc_ifa.ifa_ifp = ifp;
> - sc->sc_ifa.ifa_rtrequest = link_rtrequest;
>   sc->sc_ifa.ifa_addr = (struct sockaddr *) ifp->if_sadl;
>   sc->sc_smpls.smpls_len = sizeof(sc->sc_smpls);
>   sc->sc_smpls.smpls_family = AF_MPLS;
> Index: net/if_var.h
> ===
> RCS file: /cvs/src/sys/net/if_var.h,v
> retrieving revision 1.48
> diff -u -p -r1.48 if_var.h
> --- net/if_var.h  12 Oct 2015 13:17:58 -  1.48
> +++ net/if_var.h  19 Oct 2015 11:38:22 -
> @@ -422,7 +422,6 @@ structifaddr *ifa_ifwithdstaddr(struct 
>  struct   ifaddr *ifa_ifwithnet(struct sockaddr *, u_int);
>  struct   ifaddr *ifaof_ifpforaddr(struct sockaddr *, struct ifnet *);
>  void ifafree(struct ifaddr *);
> -void link_rtrequest(int, struct rtentry *);
>  void p2p_rtrequest(int, struct rtentry *);
>  
>  void if_clone_attach(struct if_clone *);
>