libc: make internal _malloc_init() calls go direct
Diff below makes the calls to _malloc_init() from inside libc go direct, while leaving malloc_init() callable from outside for libpthread, eliminating the overridable PLT entry for _malloc_init. ok? With the harsh light of California beating down on me, I now wonder if we should have instead had libc provide a "_malloc_make_me_mt()" routine that knows how to frob the normally-made-readonly mopts bits, but a) can only set the malloc_mt flag, and b) blocks all signals while doing so. Would that be less of a target for exploits? Anyway. I only caught this when I saw it while ltrace'ing something unrelated, which is a bad way to realize you missed something. My apologies to otto@ and everyone following OpenBSD for not catching this earlier. I don't have a firm idea on how to prevent this sort of thing in the future yet; suggestions? Maybe the libc.so.* build should have a check that matches a regexp against the overridable symbols and fails if an unexpected symbol is present? Mind you, that check is difficult to write on mips64 and and a couple other archs due to arch weirdness, but maybe it's Good Enough if it works on x86, sparc64, and arm? Philip Guenther Index: include/thread_private.h === RCS file: /data/src/openbsd/src/lib/libc/include/thread_private.h,v retrieving revision 1.28 diff -u -p -r1.28 thread_private.h --- include/thread_private.h1 Sep 2016 10:41:02 - 1.28 +++ include/thread_private.h11 Sep 2016 05:06:29 - @@ -9,6 +9,9 @@ #define _MALLOC_MUTEXES 4 void _malloc_init(int); +#ifdef __LIBC__ +PROTO_NORMAL(_malloc_init); +#endif /* __LIBC__ */ /* * The callbacks needed by libc to handle the threaded case. Index: stdlib/malloc.c === RCS file: /data/src/openbsd/src/lib/libc/stdlib/malloc.c,v retrieving revision 1.195 diff -u -p -r1.195 malloc.c --- stdlib/malloc.c 1 Sep 2016 10:41:02 - 1.195 +++ stdlib/malloc.c 11 Sep 2016 05:06:47 - @@ -1226,6 +1226,7 @@ _malloc_init(int from_rthreads) mprotect(&malloc_readonly, sizeof(malloc_readonly), PROT_READ); _MALLOC_UNLOCK(0); } +DEF_STRONG(_malloc_init); void * malloc(size_t size)
libm: make sqrtl() use fe*() instead of fp*()
On systems that don't have a native version, we use an implementation of sqrtl() (square-root of long double) that -- to do its job -- pokes at the floating-point exception state and rounding mode. In particular, at a key point it clears any previous "inexact" exception and sets the rounding mode to "toward zero" and then does a division. It then tests whether that raised an "inexact" exception and fixes the result up based on that, and finally restores the rounding mode before returning. The current version does that using the old, non-standard fp* routines: fp{set,get}sticky() and fpsetround(). This diff switches it to the new, standardized fe* routines: fe{clear,test}except() and fe{get,set}round(). (Why bother? The fp* routines are defined in libc, while the fe* routines are defined inside libm itself...which means that with some symbol redirection they can be made to call directly, without going through the PLT. This diff is thus a prelude to the larger diff I have sitting in my tree to do exactly that, reducing 136 PLT entries to just 22 on amd64, for example. Even on a HW-FP-poor arch like mips64 it gets reduced from 204 to only 56 PLT entries.) ok? Philip Guenther Index: src/e_sqrtl.c === RCS file: /data/src/openbsd/src/lib/libm/src/e_sqrtl.c,v retrieving revision 1.1 diff -u -p -r1.1 e_sqrtl.c --- src/e_sqrtl.c 9 Dec 2008 20:00:35 - 1.1 +++ src/e_sqrtl.c 11 Sep 2016 03:47:45 - @@ -26,9 +26,9 @@ */ #include -#include +#include /* for struct ieee_ext */ +#include #include -#include #include #ifdef EXT_IMPLICIT_NBIT @@ -204,27 +204,28 @@ sqrtl(long double x) u.e = xn + lo; /* Combine everything. */ u.bits.ext_exp += (k >> 1) - 1; - fpsetsticky(fpgetsticky() & ~FP_X_IMP); - r = fpsetround(FP_RZ); /* Set to round-toward-zero. */ + feclearexcept(FE_INEXACT); + r = fegetround(); + fesetround(FE_TOWARDZERO); /* Set to round-toward-zero. */ xn = x / u.e; /* Chopped quotient (inexact?). */ - if (!(fpgetsticky() & FP_X_IMP)) { /* Quotient is exact. */ + if (!fetestexcept(FE_INEXACT)) { /* Quotient is exact. */ if (xn == u.e) { - fpsetround(r); + fesetround(r); return (u.e); } /* Round correctly for inputs like x = y**2 - ulp. */ xn = dec(xn); /* xn = xn - ulp. */ } - if (r == FP_RN) { + if (r == FE_TONEAREST) { xn = inc(xn); /* xn = xn + ulp. */ - } else if (r == FP_RP) { + } else if (r == FE_UPWARD) { u.e = inc(u.e); /* u.e = u.e + ulp. */ xn = inc(xn); /* xn = xn + ulp. */ } u.e = u.e + xn; /* Chopped sum. */ - fpsetround(r); /* Restore env and raise inexact */ + fesetround(r); /* Restore env and raise inexact */ u.bits.ext_exp--; return (u.e); }
Re: binutils-2.17 ownership fixes
On Sat, 10 Sep 2016, Philip Guenther wrote: > Same diff as binutils, with same open question: > > > Maybe we should add ${INSTALL_STRIP} to the INSTALL_PROGRAM assignment > > here? Here's the combined diff that does that. (Note to self: if you set DEBUG in /etc/mk.conf, INSTALL_STRIP isn't set) ok? Philip Index: gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper === RCS file: /data/src/openbsd/src/gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper,v retrieving revision 1.8 diff -u -p -r1.8 Makefile.bsd-wrapper --- gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper 5 Jul 2013 21:29:51 - 1.8 +++ gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper 11 Sep 2016 01:54:10 - @@ -102,7 +102,8 @@ install: maninstall tooldir=${PREFIX} \ BSDSRCDIR=${BSDSRCDIR} \ INSTALL_MODULES='${INSTALL_MODULES}' \ - INSTALL_PROGRAM='install -c -S' \ + INSTALL_PROGRAM='install -c -S ${INSTALL_STRIP} -o ${BINOWN} -g ${BINGRP} -m ${BINMODE}' \ + INSTALL_DATA='install -c -o ${BINOWN} -g ${DOCGRP} -m ${NONBINMODE}' \ INSTALL_INFO_HOST_MODULES='${INSTALL_INFO_HOST_MODULES}' \ install install-info Index: gnu/usr.bin/binutils/Makefile.bsd-wrapper === RCS file: /data/src/openbsd/src/gnu/usr.bin/binutils/Makefile.bsd-wrapper,v retrieving revision 1.83 diff -u -p -r1.83 Makefile.bsd-wrapper --- gnu/usr.bin/binutils/Makefile.bsd-wrapper 1 Jun 2015 17:36:19 - 1.83 +++ gnu/usr.bin/binutils/Makefile.bsd-wrapper 11 Sep 2016 01:54:15 - @@ -81,7 +81,8 @@ install: maninstall tooldir=${PREFIX} \ BSDSRCDIR=${BSDSRCDIR} \ INSTALL_MODULES='${INSTALL_MODULES}' \ - INSTALL_PROGRAM='install -c -S' \ + INSTALL_PROGRAM='install -c -S ${INSTALL_STRIP} -o ${BINOWN} -g ${BINGRP} -m ${BINMODE}' \ + INSTALL_DATA='install -c -o ${BINOWN} -g ${DOCGRP} -m ${NONBINMODE}' \ INSTALL_INFO_HOST_MODULES='${INSTALL_INFO_HOST_MODULES}' \ install install-info
Re: /usr/sbin/sysctl owner
On Sat, Sep 10, 2016 at 1:42 PM, Philip Guenther wrote: > On Sat, 10 Sep 2016, Philip Guenther wrote: > >> On Sat, 10 Sep 2016, Martin Natano wrote: >> > Yet another symlink that belongs to root. Ok? >> ... >> > --- sbin/sysctl/Makefile4 May 2016 19:48:08 - 1.11 >> > +++ sbin/sysctl/Makefile10 Sep 2016 18:05:09 - >> > @@ -7,5 +7,6 @@ CPPFLAGS+= -D_LIBKVM >> > >> > afterinstall: >> > ln -sf ../../sbin/sysctl ${DESTDIR}/usr/sbin >> > + chown -h root:wheel ${DESTDIR}/usr/sbin/sysctl >> >> ok guenther@ > > Actually, maybe that should be root:bin to match the other files in > /usr/sbin Or rather: they should be ${BINOWN}:${BINGRP} I'll stop talking to myself (about this) now...
binutils-2.17 ownership fixes
Same diff as binutils, with same open question: > Maybe we should add ${INSTALL_STRIP} to the INSTALL_PROGRAM assignment > here? ok? Index: usr.bin/binutils-2.17/Makefile.bsd-wrapper === RCS file: /data/src/openbsd/src/gnu/usr.bin/binutils-2.17/Makefile.bsd-wrapper,v retrieving revision 1.8 diff -u -p -r1.8 Makefile.bsd-wrapper --- usr.bin/binutils-2.17/Makefile.bsd-wrapper 5 Jul 2013 21:29:51 - 1.8 +++ usr.bin/binutils-2.17/Makefile.bsd-wrapper 10 Sep 2016 21:42:14 - @@ -102,7 +102,8 @@ install: maninstall tooldir=${PREFIX} \ BSDSRCDIR=${BSDSRCDIR} \ INSTALL_MODULES='${INSTALL_MODULES}' \ - INSTALL_PROGRAM='install -c -S' \ + INSTALL_PROGRAM='install -c -S -o ${BINOWN} -g ${BINGRP} -m ${BINMODE}' \ + INSTALL_DATA='install -c -o ${BINOWN} -g ${DOCGRP} -m ${NONBINMODE}' \ INSTALL_INFO_HOST_MODULES='${INSTALL_INFO_HOST_MODULES}' \ install install-info
binutils ownership fixes
This should fix the ownership (and mode) of /usr/bin/gdb and its associated info pages. ok? One open question: we never strip gdb, unlike other binaries. Maybe we should add ${INSTALL_STRIP} to the INSTALL_PROGRAM assignment here? Philip Guenther Index: usr.bin/binutils/Makefile.bsd-wrapper === RCS file: /data/src/openbsd/src/gnu/usr.bin/binutils/Makefile.bsd-wrapper,v retrieving revision 1.83 diff -u -p -r1.83 Makefile.bsd-wrapper --- usr.bin/binutils/Makefile.bsd-wrapper 1 Jun 2015 17:36:19 - 1.83 +++ usr.bin/binutils/Makefile.bsd-wrapper 10 Sep 2016 21:33:56 - @@ -81,7 +81,8 @@ install: maninstall tooldir=${PREFIX} \ BSDSRCDIR=${BSDSRCDIR} \ INSTALL_MODULES='${INSTALL_MODULES}' \ - INSTALL_PROGRAM='install -c -S' \ + INSTALL_PROGRAM='install -c -S -o ${BINOWN} -g ${BINGRP} -m ${BINMODE}' \ + INSTALL_DATA='install -c -o ${BINOWN} -g ${DOCGRP} -m ${NONBINMODE}' \ INSTALL_INFO_HOST_MODULES='${INSTALL_INFO_HOST_MODULES}' \ install install-info
Re: more clang libc fun
On Sat, 10 Sep 2016, Mark Kettenis wrote: > From: Philip Guenther ... > > Also interesting that it generates memmove() calls. Wonder where it > > ended up doing that. > > Well, clang actually calls the functions with their standard name even > for the cases where we explicitly call those functions in the source > code. And since we do call memmove() in various places in the source > code, that's where they come from. Ah. Still: it's totally ignoring our renaming for those? Thanks, clang! Guess I'll need to roll up my sleeves on this...
Re: more clang libc fun
> Date: Sat, 10 Sep 2016 13:55:15 -0700 > From: Philip Guenther > > On Sat, 10 Sep 2016, Mark Kettenis wrote: > > Thanks. Now the only issue seems to be: > > > > barber$ check_sym > > /usr/lib/libc.so.89.1 --> obj/libc.so.89.1 > > Dynamic export changes: > > PLT added: > > __stack_smash_handler > > memcpy > > memmove > > memset > > > > Not sure how to tackle those yet. > > Harumph. That's what that chunk at the bottom of include/namespace.h is > there for. This will take some research to figure out how to get clang to > apply asm names to calls that it generates. :-( Not the end of the > world, just annoying. > > (gcc's support for renames like this is incomplete, btw, at least in our > old version: I couldn't find a way to do this sort of renaming on calls > generated to math helper functions like __umodsi3. gcc also ignores the > renaming on certain functions when it tries to optimize out calls to them > but ends up calling them anway, including ffs() on archs like sparc64 and > mips64 which don't have it as a compiler builtin, so that even though we > do an internal renaming, gcc still generates a call to ffs() instead of > _libc_ffs(). Fail) > > > Also interesting that it generates memmove() calls. Wonder where it ended > up doing that. Well, clang actually calls the functions with their standard name even for the cases where we explicitly call those functions in the source code. And since we do call memmove() in various places in the source code, that's where they come from.
Re: mailwrapper symlinks owner
On Sat, 10 Sep 2016, Martin Natano wrote: > Another set of symlinks, same drill: the owner should be root. Ok? ... > --- usr.sbin/mailwrapper/Makefile 16 Mar 2009 22:34:13 - 1.5 > +++ usr.sbin/mailwrapper/Makefile 10 Sep 2016 17:53:45 - > @@ -13,5 +13,9 @@ afterinstall: > ln -fs /usr/sbin/mailwrapper ${DESTDIR}/usr/sbin/makemap > ln -fs /usr/sbin/mailwrapper ${DESTDIR}/usr/bin/hoststat > ln -fs /usr/sbin/mailwrapper ${DESTDIR}/usr/bin/purgestat > + chown -h root:wheel ${DESTDIR}/usr/sbin/sendmail \ > + ${DESTDIR}/usr/bin/newaliases ${DESTDIR}/usr/bin/mailq \ > + ${DESTDIR}/usr/sbin/makemap ${DESTDIR}/usr/bin/hoststat \ > + ${DESTDIR}/usr/bin/purgestat root:bin on these too, IMO. modulo that, ok guenther@
Re: create /usr/share/calendar/$lang with root owner
On Sat, 10 Sep 2016, Martin Natano wrote: > Currently the /usr/share/calendar/$lang directories are created with the > build user as owner, but should be owned by root. Ok? ok guenther@
Re: more clang libc fun
On Sat, 10 Sep 2016, Mark Kettenis wrote: > Thanks. Now the only issue seems to be: > > barber$ check_sym > /usr/lib/libc.so.89.1 --> obj/libc.so.89.1 > Dynamic export changes: > PLT added: > __stack_smash_handler > memcpy > memmove > memset > > Not sure how to tackle those yet. Harumph. That's what that chunk at the bottom of include/namespace.h is there for. This will take some research to figure out how to get clang to apply asm names to calls that it generates. :-( Not the end of the world, just annoying. (gcc's support for renames like this is incomplete, btw, at least in our old version: I couldn't find a way to do this sort of renaming on calls generated to math helper functions like __umodsi3. gcc also ignores the renaming on certain functions when it tries to optimize out calls to them but ends up calling them anway, including ffs() on archs like sparc64 and mips64 which don't have it as a compiler builtin, so that even though we do an internal renaming, gcc still generates a call to ffs() instead of _libc_ffs(). Fail) Also interesting that it generates memmove() calls. Wonder where it ended up doing that. Philip
Re: bin/chmod: set owner of symlinks
On Sat, 10 Sep 2016, Martin Natano wrote: > When building with noperm the symlinks end up with the build user as > owner instead of root. Ok? ... > --- bin/chmod/Makefile6 Sep 2001 18:52:55 - 1.7 > +++ bin/chmod/Makefile10 Sep 2016 17:31:05 - > @@ -10,9 +10,11 @@ LINKS= ${BINDIR}/chmod ${BINDIR}/chgrp \ > afterinstall: > (cd ${DESTDIR}/usr/sbin; \ > ln -sf ../../sbin/chown .; \ > - ln -sf ../../bin/chgrp .) > + ln -sf ../../bin/chgrp .; \ > + chown -h root:wheel chown chgrp) > (cd ${DESTDIR}/usr/bin; \ > - ln -sf ../../bin/chmod chflags) > + ln -sf ../../bin/chmod chflags; \ > + chown -h root:wheel chflags) As with the sysctl symlink, I think these should be root:bin. Also, let's follow best practice and s/;/ &&/ in those commands so that failure propagates.
Re: more clang libc fun
> Date: Sat, 10 Sep 2016 13:33:58 -0700 > From: Philip Guenther > > On Sat, 10 Sep 2016, Mark Kettenis wrote: > > Seems the clang assembler ignores a .weak directive before the symbol is > > defined. > > > > ok? > > certainly. Thanks. Now the only issue seems to be: barber$ check_sym /usr/lib/libc.so.89.1 --> obj/libc.so.89.1 Dynamic export changes: PLT added: __stack_smash_handler memcpy memmove memset Not sure how to tackle those yet.
Re: /usr/sbin/sysctl owner
On Sat, 10 Sep 2016, Philip Guenther wrote: > On Sat, 10 Sep 2016, Martin Natano wrote: > > Yet another symlink that belongs to root. Ok? > ... > > --- sbin/sysctl/Makefile4 May 2016 19:48:08 - 1.11 > > +++ sbin/sysctl/Makefile10 Sep 2016 18:05:09 - > > @@ -7,5 +7,6 @@ CPPFLAGS+= -D_LIBKVM > > > > afterinstall: > > ln -sf ../../sbin/sysctl ${DESTDIR}/usr/sbin > > + chown -h root:wheel ${DESTDIR}/usr/sbin/sysctl > > ok guenther@ Actually, maybe that should be root:bin to match the other files in /usr/sbin
Re: /usr/sbin/sysctl owner
On Sat, 10 Sep 2016, Martin Natano wrote: > Yet another symlink that belongs to root. Ok? ... > --- sbin/sysctl/Makefile 4 May 2016 19:48:08 - 1.11 > +++ sbin/sysctl/Makefile 10 Sep 2016 18:05:09 - > @@ -7,5 +7,6 @@ CPPFLAGS+=-D_LIBKVM > > afterinstall: > ln -sf ../../sbin/sysctl ${DESTDIR}/usr/sbin > + chown -h root:wheel ${DESTDIR}/usr/sbin/sysctl ok guenther@
Re: more clang libc fun
On Sat, 10 Sep 2016, Mark Kettenis wrote: > Seems the clang assembler ignores a .weak directive before the symbol is > defined. > > ok? certainly.
libm: don't use deprecated classification macros
fpclassify(3) says: The symbols isinff(), and isnanf() are provided as compatibility aliases to isinf(), and isnan(), respectively, and their uses are deprecated. Similarly, finite() and finitef() are deprecated versions of isfinite(). So let's use the preferred names in libm. ok? Philip Index: noieee_src/n_atan2.c === RCS file: /cvs/src/lib/libm/noieee_src/n_atan2.c,v retrieving revision 1.18 diff -u -p -r1.18 n_atan2.c --- noieee_src/n_atan2.c15 Jul 2013 04:08:26 - 1.18 +++ noieee_src/n_atan2.c10 Sep 2016 20:30:34 - @@ -151,7 +151,7 @@ atan2(double y, double x) signx = copysign(one,x) ; /* if x is 1.0, goto begin */ - if(x==1) { y=copysign(y,one); t=y; if(finite(t)) goto begin;} + if(x==1) { y=copysign(y,one); t=y; if(isfinite(t)) goto begin;} /* when y = 0 */ if(y==zero) return((signx==one)?y:copysign(PI,signy)); @@ -160,14 +160,14 @@ atan2(double y, double x) if(x==zero) return(copysign(PIo2,signy)); /* when x is INF */ - if(!finite(x)) - if(!finite(y)) + if(!isfinite(x)) + if(!isfinite(y)) return(copysign((signx==one)?PIo4:3*PIo4,signy)); else return(copysign((signx==one)?zero:PI,signy)); /* when y is INF */ - if(!finite(y)) return(copysign(PIo2,signy)); + if(!isfinite(y)) return(copysign(PIo2,signy)); /* compute y/x */ x=copysign(x,one); Index: noieee_src/n_erf.c === RCS file: /cvs/src/lib/libm/noieee_src/n_erf.c,v retrieving revision 1.7 diff -u -p -r1.7 n_erf.c --- noieee_src/n_erf.c 27 Oct 2009 23:59:29 - 1.7 +++ noieee_src/n_erf.c 10 Sep 2016 20:30:34 - @@ -255,7 +255,7 @@ double erf(double x) { double R, S, P, Q, ax, s, y, z, r; - if(!finite(x)) {/* erf(nan)=nan */ + if(!isfinite(x)) { /* erf(nan)=nan */ if (isnan(x)) return(x); return (x > 0 ? one : -one); /* erf(+/-inf)= +/-1 */ @@ -313,7 +313,7 @@ double erfc(double x) { double R, S, P, Q, s, ax, y, z, r; - if (!finite(x)) { + if (!isfinite(x)) { if (isnan(x)) /* erfc(NaN) = NaN */ return(x); else if (x > 0) /* erfc(+-inf)=0,2 */ Index: noieee_src/n_exp.c === RCS file: /cvs/src/lib/libm/noieee_src/n_exp.c,v retrieving revision 1.10 diff -u -p -r1.10 n_exp.c --- noieee_src/n_exp.c 27 Oct 2009 23:59:29 - 1.10 +++ noieee_src/n_exp.c 10 Sep 2016 20:30:35 - @@ -37,7 +37,7 @@ * Required system supported functions: * scalbn(x,n) * copysign(x,y) - * finite(x) + * isfinite(x) * * Method: * 1. Argument Reduction: given the input x, find r and integer k such @@ -115,7 +115,7 @@ exp(double x) else /* exp(-big#) underflows to zero */ -if(finite(x)) return(scalbn(1.0,-5000)); +if(isfinite(x)) return(scalbn(1.0,-5000)); /* exp(-INF) is zero */ else return(0.0); @@ -124,7 +124,7 @@ exp(double x) else /* exp(INF) is INF, exp(+big#) overflows to INF */ - return( finite(x) ? scalbn(1.0,5000) : x); + return( isfinite(x) ? scalbn(1.0,5000) : x); } /* returns exp(r = x + c) for |c| < |x| with no overlap. */ @@ -160,7 +160,7 @@ __exp__D(double x, double c) else /* exp(-big#) underflows to zero */ -if(finite(x)) return(scalbn(1.0,-5000)); +if(isfinite(x)) return(scalbn(1.0,-5000)); /* exp(-INF) is zero */ else return(0.0); @@ -169,5 +169,5 @@ __exp__D(double x, double c) else /* exp(INF) is INF, exp(+big#) overflows to INF */ - return( finite(x) ? scalbn(1.0,5000) : x); + return( isfinite(x) ? scalbn(1.0,5000) : x); } Index: noieee_src/n_expm1.c === RCS file: /cvs/src/lib/libm/noieee_src/n_expm1.c,v retrieving revision 1.12 diff -u -p -r1.12 n_expm1.c --- noieee_src/n_expm1.c27 Oct 2009 23:59:29 - 1.12 +++ noieee_src/n_expm1.c10 Sep 2016 20:30:35 - @@ -38,7 +38,7 @@ * Required system supported functions: * scalbn(x,n) * copysign(x,y) - * finite(x) + * isfinite(x) * * Kernel function: * exp__E(x,c) @@ -135,7 +135,7 @@ expm1(double x) else /* expm1(-big#) rounded to -1 (inexact) */ -if(finite(x)) +if(isfinite(x)) return(tiny-one); /* expm1(-I
more clang libc fun
Seems the clang assembler ignores a .weak directive before the symbol is defined. ok? Index: lib/libc/arch/amd64/sys/brk.S === RCS file: /cvs/src/lib/libc/arch/amd64/sys/brk.S,v retrieving revision 1.8 diff -u -p -r1.8 brk.S --- lib/libc/arch/amd64/sys/brk.S 7 May 2016 19:05:21 - 1.8 +++ lib/libc/arch/amd64/sys/brk.S 10 Sep 2016 20:20:25 - @@ -49,7 +49,6 @@ __minbrk: .type __minbrk,@object .text - .weak brk ENTRY(brk) cmpq%rdi,__minbrk(%rip) jb 1f @@ -64,3 +63,4 @@ ENTRY(brk) SET_ERRNO ret END(brk) + .weak brk Index: lib/libc/arch/amd64/sys/sbrk.S === RCS file: /cvs/src/lib/libc/arch/amd64/sys/sbrk.S,v retrieving revision 1.8 diff -u -p -r1.8 sbrk.S --- lib/libc/arch/amd64/sys/sbrk.S 7 May 2016 19:05:21 - 1.8 +++ lib/libc/arch/amd64/sys/sbrk.S 10 Sep 2016 20:20:25 - @@ -53,7 +53,6 @@ __curbrk: .quad _end .type __curbrk,@object .text - .weak sbrk ENTRY(sbrk) movq__curbrk(%rip),%rax movslq %edi,%rsi @@ -68,3 +67,4 @@ ENTRY(sbrk) SET_ERRNO ret END(sbrk) + .weak sbrk
Re: share/: install ownership fixes
Another diff I typoed, also found by rpe@. Ok? Index: share/misc/pcvtfonts/Makefile === RCS file: /cvs/src/share/misc/pcvtfonts/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- share/misc/pcvtfonts/Makefile 13 May 2002 15:27:58 - 1.6 +++ share/misc/pcvtfonts/Makefile 8 Sep 2016 20:54:08 - @@ -16,12 +16,9 @@ FONTDIR =${BINDIR}/misc/pcvtfonts all: $(FONTS) install: ${FONTS} - @if [ ! -d ${DESTDIR}${FONTDIR} ]; then mkdir ${DESTDIR}${FONTDIR};fi - @for i in ${FONTS}; do \ - echo "installing font $$i into ${DESTDIR}${FONTDIR}"; \ - install -c -m ${LIBMODE} -o ${LIBOWN} -g ${LIBGRP} \ - $$i ${DESTDIR}${FONTDIR}; \ - done + ${INSTALL} -d -o root -g wheel ${DESTDIR}${FONTDIR} + ${INSTALL} ${INSTALL_COPY} -m ${LIBMODE} -o ${LIBOWN} -g ${LIBGRP} \ + ${FONTS} ${DESTDIR}${FONTDIR} clean: rm -f ${CLEANFILES} Index: share/snmp/Makefile === RCS file: /cvs/src/share/snmp/Makefile,v retrieving revision 1.4 diff -u -p -r1.4 Makefile --- share/snmp/Makefile 29 Jan 2016 03:06:00 - 1.4 +++ share/snmp/Makefile 8 Sep 2016 21:02:02 - @@ -8,6 +8,7 @@ FILES+= OPENBSD-RELAYD-MIB.txt all clean cleandir depend lint obj tags: _SUBDIRUSE realinstall: - ${INSTALL} -c -m 0444 ${FILES} ${DESTDIR}${BINDIR}/snmp/mibs + ${INSTALL} ${INSTALL_COPY} -o root -g wheel -m 0444 \ + ${FILES} ${DESTDIR}${BINDIR}/snmp/mibs .include Index: share/termtypes/Makefile === RCS file: /cvs/src/share/termtypes/Makefile,v retrieving revision 1.24 diff -u -p -r1.24 Makefile --- share/termtypes/Makefile3 Dec 2015 11:30:46 - 1.24 +++ share/termtypes/Makefile10 Sep 2016 20:11:58 - @@ -14,12 +14,14 @@ termcap: termtypes.master @[ -s ${.TARGET} ] || exit 1 realinstall: + ${INSTALL} -d -o root -g wheel ${DESTDIR}${BINDIR}/terminfo find terminfo -type f -exec \ ${INSTALL} -D ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ {} ${DESTDIR}${BINDIR}/{} \; ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 termcap \ ${DESTDIR}${BINDIR}/misc/termcap ln -fs ${BINDIR}/misc/termcap ${DESTDIR}/etc/termcap + chown -h root:wheel ${DESTDIR}/etc/termcap clean: rm -f termcap
Re: etc ownership fixes
I used chmod instead of chown. That's what I get for changing the diff _after_ testing it... Mistake found by rpe@, thanks! Fixed diff below. Ok? Index: etc/Makefile === RCS file: /cvs/src/etc/Makefile,v retrieving revision 1.430 diff -u -p -r1.430 Makefile --- etc/Makefile3 Sep 2016 13:37:40 - 1.430 +++ etc/Makefile10 Sep 2016 20:00:52 - @@ -154,7 +154,9 @@ distribution-etc-root-var: distrib-dirs ${INSTALL} -c -o root -g wheel -m 644 *.pub \ ${DESTDIR}/etc/signify ln -fs ${TZDIR}/${LOCALTIME} ${DESTDIR}/etc/localtime + chown -h root:wheel ${DESTDIR}/etc/localtime ln -fs /usr/sbin/rmt ${DESTDIR}/etc/rmt + chown -h root:wheel ${DESTDIR}/etc/rmt ${INSTALL} -c -o root -g wheel -m 644 minfree \ ${DESTDIR}/var/crash ${INSTALL} -c -o ${BINOWN} -g operator -m 664 /dev/null \ @@ -206,6 +208,7 @@ distribution-etc-root-var: distrib-dirs ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 555 ${RCDAEMONS} \ ${DESTDIR}/etc/rc.d cd ${DESTDIR}/var; ln -fs ../tmp + chown -h root:wheel ${DESTDIR}/var/tmp touch ${DESTDIR}/var/sysmerge/etcsum cd ${DESTDIR}/ && \ sort ${.CURDIR}/../distrib/sets/lists/etc/{mi,md.${MACHINE}} | \ @@ -213,6 +216,7 @@ distribution-etc-root-var: distrib-dirs cd ${DESTDIR}/ && \ sort ${.CURDIR}/../distrib/sets/lists/etc/{mi,md.${MACHINE}} | \ pax -w -d | gzip -9 > ${DESTDIR}/var/sysmerge/etc.tgz + chown root:wheel ${DESTDIR}/var/sysmerge/etc.tgz distribution: exec ${SUDO} ${MAKE} distribution-etc-root-var @@ -227,6 +231,7 @@ distrib-dirs: ${INSTALL} -d -o root -g wsrc -m 775 ${DESTDIR}/usr/src; \ fi cd ${DESTDIR}/; ln -fhs usr/src/sys sys + chown -h root:wheel ${DESTDIR}/sys .ifndef RELEASEDIR release:
Re: sparc64: convert trap.c function defs from K&R to standard-style
> Date: Sat, 10 Sep 2016 11:59:29 -0700 > From: Philip Guenther > > The functions here all have full prototypes in scope, so gcc is already > treating them as if they were standard-style definitions. While here, > s/__inline/inline/ as it's been 17 years since C99. > > ok? ok kettenis@ > A warning for those doing these sorts of K&R -> standard conversions: > beware of argument order mismatches in the K&R bits! The order in the > parenthesised list is what matters and must be preserved, not the order of > the K&R declarations. Here in trap.c the main trap example was this: > > void > data_access_error(tf, type, afva, afsr, sfva, sfsr) > struct trapframe64 *tf; > unsigned type; > vaddr_t sfva; > u_long sfsr; > vaddr_t afva; > u_long afsr; > > The last four declaration must be shuffled when converting: > > void > data_access_error(struct trapframe64 *tf, unsigned type, vaddr_t afva, > u_long afsr, vaddr_t sfva, u_long sfsr) > > > Philip Guenther > > Index: trap.c > === > RCS file: /cvs/src/sys/arch/sparc64/sparc64/trap.c,v > retrieving revision 1.90 > diff -u -p -r1.90 trap.c > --- trap.c10 Sep 2016 18:31:15 - 1.90 > +++ trap.c10 Sep 2016 18:54:08 - > @@ -309,7 +309,7 @@ const char *trap_type[] = { > > #define N_TRAP_TYPES(sizeof trap_type / sizeof *trap_type) > > -static __inline void share_fpu(struct proc *, struct trapframe64 *); > +static inline void share_fpu(struct proc *, struct trapframe64 *); > > void trap(struct trapframe64 *tf, unsigned type, vaddr_t pc, long tstate); > void data_access_fault(struct trapframe64 *tf, unsigned type, vaddr_t pc, > @@ -330,9 +330,8 @@ void syscall(struct trapframe64 *, regis > * > * Oh, and don't touch the FPU bit if we're returning to the kernel. > */ > -static __inline void share_fpu(p, tf) > - struct proc *p; > - struct trapframe64 *tf; > +static inline void > +share_fpu(struct proc *p, struct trapframe64 *tf) > { > if (!(tf->tf_tstate & TSTATE_PRIV) && > (tf->tf_tstate & TSTATE_PEF) && fpproc != p) > @@ -344,11 +343,7 @@ static __inline void share_fpu(p, tf) > * (MMU-related traps go through mem_access_fault, below.) > */ > void > -trap(tf, type, pc, tstate) > - struct trapframe64 *tf; > - unsigned type; > - vaddr_t pc; > - long tstate; > +trap(struct trapframe64 *tf, unsigned type, vaddr_t pc, long tstate) > { > struct proc *p; > struct pcb *pcb; > @@ -746,8 +741,7 @@ rwindow_save(struct proc *p) > * the registers into the new process after the exec. > */ > void > -pmap_unuse_final(p) > - struct proc *p; > +pmap_unuse_final(struct proc *p) > { > > write_user_windows(); > @@ -759,13 +753,8 @@ pmap_unuse_final(p) > * of them could be recoverable through uvm_fault. > */ > void > -data_access_fault(tf, type, pc, addr, sfva, sfsr) > - struct trapframe64 *tf; > - unsigned type; > - vaddr_t pc; > - vaddr_t addr; > - vaddr_t sfva; > - u_long sfsr; > +data_access_fault(struct trapframe64 *tf, unsigned type, vaddr_t pc, > +vaddr_t addr, vaddr_t sfva, u_long sfsr) > { > u_int64_t tstate; > struct proc *p; > @@ -907,13 +896,8 @@ kfault: > * special PEEK/POKE code sequence. > */ > void > -data_access_error(tf, type, afva, afsr, sfva, sfsr) > - struct trapframe64 *tf; > - unsigned type; > - vaddr_t sfva; > - u_long sfsr; > - vaddr_t afva; > - u_long afsr; > +data_access_error(struct trapframe64 *tf, unsigned type, vaddr_t afva, > +u_long afsr, vaddr_t sfva, u_long sfsr) > { > u_long pc; > u_int64_t tstate; > @@ -989,11 +973,8 @@ out: > * of them could be recoverable through uvm_fault. > */ > void > -text_access_fault(tf, type, pc, sfsr) > - unsigned type; > - vaddr_t pc; > - struct trapframe64 *tf; > - u_long sfsr; > +text_access_fault(struct trapframe64 *tf, unsigned type, vaddr_t pc, > +u_long sfsr) > { > u_int64_t tstate; > struct proc *p; > @@ -1076,13 +1057,8 @@ text_access_fault(tf, type, pc, sfsr) > * special PEEK/POKE code sequence. > */ > void > -text_access_error(tf, type, pc, sfsr, afva, afsr) > - struct trapframe64 *tf; > - unsigned type; > - vaddr_t pc; > - u_long sfsr; > - vaddr_t afva; > - u_long afsr; > +text_access_error(struct trapframe64 *tf, unsigned type, vaddr_t pc, > +u_long sfsr, vaddr_t afva, u_long afsr) > { > int64_t tstate; > struct proc *p; > @@ -1188,10 +1164,7 @@ out: > * thing that made the system call, and are named that way here. > */ > void > -syscall(tf, code, pc) > - register_t code; > - struct trapframe64 *tf; > - register_t pc; > +syscall(struct trapframe64 *tf, register_t code, register_t pc) > { > int i, nsys, nap; > int64_t *ap; > >
Re: mg docs ownership
Maybe we should just not install it? Mark? On Sat, Sep 10, 2016 at 07:47:30PM +0200, Martin Natano wrote: > We should be explicit about owner/group when using install, so this also > works correctly with noperm. Ok? > > natano > > > Index: usr.bin/mg/Makefile > === > RCS file: /cvs/src/usr.bin/mg/Makefile,v > retrieving revision 1.31 > diff -u -p -r1.31 Makefile > --- usr.bin/mg/Makefile 29 Sep 2015 03:50:58 - 1.31 > +++ usr.bin/mg/Makefile 10 Sep 2016 17:45:11 - > @@ -24,8 +24,8 @@ SRCS= autoexec.c basic.c bell.c buffer.c > SRCS+= cmode.c cscope.c dired.c grep.c tags.c theo.c > > afterinstall: > - ${INSTALL} -d ${DESTDIR}${DOCDIR}/mg > - ${INSTALL} -m ${DOCMODE} -c ${.CURDIR}/tutorial \ > - ${DESTDIR}${DOCDIR}/mg > + ${INSTALL} -d -o root -g wheel ${DESTDIR}${DOCDIR}/mg > + ${INSTALL} ${INSTALL_COPY} -o root -g wheel -m ${DOCMODE} \ > + ${.CURDIR}/tutorial ${DESTDIR}${DOCDIR}/mg > > .include > -- I'm not entirely sure you are real.
sparc64: convert trap.c function defs from K&R to standard-style
The functions here all have full prototypes in scope, so gcc is already treating them as if they were standard-style definitions. While here, s/__inline/inline/ as it's been 17 years since C99. ok? A warning for those doing these sorts of K&R -> standard conversions: beware of argument order mismatches in the K&R bits! The order in the parenthesised list is what matters and must be preserved, not the order of the K&R declarations. Here in trap.c the main trap example was this: void data_access_error(tf, type, afva, afsr, sfva, sfsr) struct trapframe64 *tf; unsigned type; vaddr_t sfva; u_long sfsr; vaddr_t afva; u_long afsr; The last four declaration must be shuffled when converting: void data_access_error(struct trapframe64 *tf, unsigned type, vaddr_t afva, u_long afsr, vaddr_t sfva, u_long sfsr) Philip Guenther Index: trap.c === RCS file: /cvs/src/sys/arch/sparc64/sparc64/trap.c,v retrieving revision 1.90 diff -u -p -r1.90 trap.c --- trap.c 10 Sep 2016 18:31:15 - 1.90 +++ trap.c 10 Sep 2016 18:54:08 - @@ -309,7 +309,7 @@ const char *trap_type[] = { #defineN_TRAP_TYPES(sizeof trap_type / sizeof *trap_type) -static __inline void share_fpu(struct proc *, struct trapframe64 *); +static inline void share_fpu(struct proc *, struct trapframe64 *); void trap(struct trapframe64 *tf, unsigned type, vaddr_t pc, long tstate); void data_access_fault(struct trapframe64 *tf, unsigned type, vaddr_t pc, @@ -330,9 +330,8 @@ void syscall(struct trapframe64 *, regis * * Oh, and don't touch the FPU bit if we're returning to the kernel. */ -static __inline void share_fpu(p, tf) - struct proc *p; - struct trapframe64 *tf; +static inline void +share_fpu(struct proc *p, struct trapframe64 *tf) { if (!(tf->tf_tstate & TSTATE_PRIV) && (tf->tf_tstate & TSTATE_PEF) && fpproc != p) @@ -344,11 +343,7 @@ static __inline void share_fpu(p, tf) * (MMU-related traps go through mem_access_fault, below.) */ void -trap(tf, type, pc, tstate) - struct trapframe64 *tf; - unsigned type; - vaddr_t pc; - long tstate; +trap(struct trapframe64 *tf, unsigned type, vaddr_t pc, long tstate) { struct proc *p; struct pcb *pcb; @@ -746,8 +741,7 @@ rwindow_save(struct proc *p) * the registers into the new process after the exec. */ void -pmap_unuse_final(p) - struct proc *p; +pmap_unuse_final(struct proc *p) { write_user_windows(); @@ -759,13 +753,8 @@ pmap_unuse_final(p) * of them could be recoverable through uvm_fault. */ void -data_access_fault(tf, type, pc, addr, sfva, sfsr) - struct trapframe64 *tf; - unsigned type; - vaddr_t pc; - vaddr_t addr; - vaddr_t sfva; - u_long sfsr; +data_access_fault(struct trapframe64 *tf, unsigned type, vaddr_t pc, +vaddr_t addr, vaddr_t sfva, u_long sfsr) { u_int64_t tstate; struct proc *p; @@ -907,13 +896,8 @@ kfault: * special PEEK/POKE code sequence. */ void -data_access_error(tf, type, afva, afsr, sfva, sfsr) - struct trapframe64 *tf; - unsigned type; - vaddr_t sfva; - u_long sfsr; - vaddr_t afva; - u_long afsr; +data_access_error(struct trapframe64 *tf, unsigned type, vaddr_t afva, +u_long afsr, vaddr_t sfva, u_long sfsr) { u_long pc; u_int64_t tstate; @@ -989,11 +973,8 @@ out: * of them could be recoverable through uvm_fault. */ void -text_access_fault(tf, type, pc, sfsr) - unsigned type; - vaddr_t pc; - struct trapframe64 *tf; - u_long sfsr; +text_access_fault(struct trapframe64 *tf, unsigned type, vaddr_t pc, +u_long sfsr) { u_int64_t tstate; struct proc *p; @@ -1076,13 +1057,8 @@ text_access_fault(tf, type, pc, sfsr) * special PEEK/POKE code sequence. */ void -text_access_error(tf, type, pc, sfsr, afva, afsr) - struct trapframe64 *tf; - unsigned type; - vaddr_t pc; - u_long sfsr; - vaddr_t afva; - u_long afsr; +text_access_error(struct trapframe64 *tf, unsigned type, vaddr_t pc, +u_long sfsr, vaddr_t afva, u_long afsr) { int64_t tstate; struct proc *p; @@ -1188,10 +1164,7 @@ out: * thing that made the system call, and are named that way here. */ void -syscall(tf, code, pc) - register_t code; - struct trapframe64 *tf; - register_t pc; +syscall(struct trapframe64 *tf, register_t code, register_t pc) { int i, nsys, nap; int64_t *ap;
etc ownership fixes
Diff below sets the owner for the /etc/localtime, /etc/rmt, /var/tmp and /sys symlinks and for the /var/sysmerge/etc.tgz tarball. This is the last of the noperm related pending M's in my tree. Ok? natano Index: etc/Makefile === RCS file: /cvs/src/etc/Makefile,v retrieving revision 1.430 diff -u -p -r1.430 Makefile --- etc/Makefile3 Sep 2016 13:37:40 - 1.430 +++ etc/Makefile10 Sep 2016 18:30:28 - @@ -154,7 +154,9 @@ distribution-etc-root-var: distrib-dirs ${INSTALL} -c -o root -g wheel -m 644 *.pub \ ${DESTDIR}/etc/signify ln -fs ${TZDIR}/${LOCALTIME} ${DESTDIR}/etc/localtime + chown -h root:wheel ${DESTDIR}/etc/localtime ln -fs /usr/sbin/rmt ${DESTDIR}/etc/rmt + chown -h root:wheel ${DESTDIR}/etc/rmt ${INSTALL} -c -o root -g wheel -m 644 minfree \ ${DESTDIR}/var/crash ${INSTALL} -c -o ${BINOWN} -g operator -m 664 /dev/null \ @@ -206,6 +208,7 @@ distribution-etc-root-var: distrib-dirs ${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 555 ${RCDAEMONS} \ ${DESTDIR}/etc/rc.d cd ${DESTDIR}/var; ln -fs ../tmp + chmod -h root:wheel ${DESTDIR}/var/tmp touch ${DESTDIR}/var/sysmerge/etcsum cd ${DESTDIR}/ && \ sort ${.CURDIR}/../distrib/sets/lists/etc/{mi,md.${MACHINE}} | \ @@ -213,6 +216,7 @@ distribution-etc-root-var: distrib-dirs cd ${DESTDIR}/ && \ sort ${.CURDIR}/../distrib/sets/lists/etc/{mi,md.${MACHINE}} | \ pax -w -d | gzip -9 > ${DESTDIR}/var/sysmerge/etc.tgz + chown root:wheel ${DESTDIR}/var/sysmerge/etc.tgz distribution: exec ${SUDO} ${MAKE} distribution-etc-root-var @@ -227,6 +231,7 @@ distrib-dirs: ${INSTALL} -d -o root -g wsrc -m 775 ${DESTDIR}/usr/src; \ fi cd ${DESTDIR}/; ln -fhs usr/src/sys sys + chmod -h root:wheel ${DESTDIR}/sys .ifndef RELEASEDIR release:
Re: sparc64: delete 32bit process support from syscall()
> Date: Sat, 10 Sep 2016 11:14:53 -0700 > From: Philip Guenther > > On Sat, 10 Sep 2016, Mark Kettenis wrote: > > ok kettenis@, but it is probably time to rewrite the comment above > > thie function as well. > > Like this? Yeah, nothing worth keeping in the bits you removed. > Index: trap.c > === > RCS file: /cvs/src/sys/arch/sparc64/sparc64/trap.c,v > retrieving revision 1.89 > diff -u -p -r1.89 trap.c > --- trap.c10 Sep 2016 18:02:15 - 1.89 > +++ trap.c10 Sep 2016 18:06:52 - > @@ -1186,27 +1186,6 @@ out: > * `in' registers within the syscall trap code (because of the automatic > * `save' effect of each trap). They are, however, the %o registers of the > * thing that made the system call, and are named that way here. > - * > - * 32-bit system calls on a 64-bit system are a problem. Each system call > - * argument is stored in the smaller of the argument's true size or a > - * `register_t'. Now on a 64-bit machine all normal types can be stored in a > - * `register_t'. (The only exceptions would be 128-bit `quad's or 128-bit > - * extended precision floating point values, which we don't support.) For > - * 32-bit syscalls, 64-bit integers like `off_t's, double precision floating > - * point values, and several other types cannot fit in a 32-bit `register_t'. > - * These will require reading in two `register_t' values for one argument. > - * > - * In order to calculate the true size of the arguments and therefore whether > - * any argument needs to be split into two slots, the system call args > - * structure needs to be built with the appropriately sized register_t. > - * Otherwise the emul needs to do some magic to split oversized arguments. > - * > - * We can handle most this stuff for normal syscalls by using either a 32-bit > - * or 64-bit array of `register_t' arguments. Unfortunately ktrace always > - * expects arguments to be `register_t's, so it loses badly. What's worse, > - * ktrace may need to do size translations to massage the argument array > - * appropriately according to the emulation that is doing the ktrace. > - * > */ > void > syscall(tf, code, pc) > @@ -1248,10 +1227,10 @@ syscall(tf, code, pc) >* of the user's stack frame (see ). >* >* Check for ``special'' codes that alter this, namely syscall and > - * __syscall. The latter takes a quad syscall number, so that other > - * arguments are at their natural alignments. Adjust the number > - * of ``easy'' arguments as appropriate; we will copy the hard > - * ones later as needed. > + * __syscall. These both pass a syscall number in the first argument > + * register, so the other arguments are just shifted down, possibly > + * pushing one off the end into the extension area. This happens > + * with mmap() and mquery() used via __syscall(). >*/ > ap = &tf->tf_out[0]; > nap = 6; >
share/: install ownership fixes
A couple of ownership fixes for share/. While there I cleaned up the pcvtfonts install loop. Ok? natano Index: share/misc/pcvtfonts/Makefile === RCS file: /cvs/src/share/misc/pcvtfonts/Makefile,v retrieving revision 1.6 diff -u -p -r1.6 Makefile --- share/misc/pcvtfonts/Makefile 13 May 2002 15:27:58 - 1.6 +++ share/misc/pcvtfonts/Makefile 10 Sep 2016 18:15:55 - @@ -16,12 +16,9 @@ FONTDIR =${BINDIR}/misc/pcvtfonts all: $(FONTS) install: ${FONTS} - @if [ ! -d ${DESTDIR}${FONTDIR} ]; then mkdir ${DESTDIR}${FONTDIR};fi - @for i in ${FONTS}; do \ - echo "installing font $$i into ${DESTDIR}${FONTDIR}"; \ - install -c -m ${LIBMODE} -o ${LIBOWN} -g ${LIBGRP} \ - $$i ${DESTDIR}${FONTDIR}; \ - done + ${INSTALL} -d -o root -g wheel ${DESTDIR}${FONTDIR} + ${INSTALL} ${INSTALL_COPY} -m ${LIBMODE} -o ${LIBOWN} -g ${LIBGRP} \ + ${FONTS} ${DESTDIR}${FONTDIR} clean: rm -f ${CLEANFILES} Index: share/snmp/Makefile === RCS file: /cvs/src/share/snmp/Makefile,v retrieving revision 1.4 diff -u -p -r1.4 Makefile --- share/snmp/Makefile 29 Jan 2016 03:06:00 - 1.4 +++ share/snmp/Makefile 10 Sep 2016 18:15:55 - @@ -8,6 +8,7 @@ FILES+= OPENBSD-RELAYD-MIB.txt all clean cleandir depend lint obj tags: _SUBDIRUSE realinstall: - ${INSTALL} -c -m 0444 ${FILES} ${DESTDIR}${BINDIR}/snmp/mibs + ${INSTALL} ${INSTALL_COPY} -o root -g wheel -m 0444 \ + ${FILES} ${DESTDIR}${BINDIR}/snmp/mibs .include Index: share/termtypes/Makefile === RCS file: /cvs/src/share/termtypes/Makefile,v retrieving revision 1.24 diff -u -p -r1.24 Makefile --- share/termtypes/Makefile3 Dec 2015 11:30:46 - 1.24 +++ share/termtypes/Makefile10 Sep 2016 18:15:55 - @@ -14,12 +14,14 @@ termcap: termtypes.master @[ -s ${.TARGET} ] || exit 1 realinstall: + ${INSTALL} -d -o root -g wheel ${DESTDIR}${BINDIR}/terminfo find terminfo -type f -exec \ -${INSTALL} -D ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ +${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ {} ${DESTDIR}${BINDIR}/{} \; ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 termcap \ ${DESTDIR}${BINDIR}/misc/termcap ln -fs ${BINDIR}/misc/termcap ${DESTDIR}/etc/termcap + chown -h root:wheel ${DESTDIR}/etc/termcap clean: rm -f termcap
Re: sparc64: delete 32bit process support from syscall()
On Sat, 10 Sep 2016, Mark Kettenis wrote: > ok kettenis@, but it is probably time to rewrite the comment above > thie function as well. Like this? Index: trap.c === RCS file: /cvs/src/sys/arch/sparc64/sparc64/trap.c,v retrieving revision 1.89 diff -u -p -r1.89 trap.c --- trap.c 10 Sep 2016 18:02:15 - 1.89 +++ trap.c 10 Sep 2016 18:06:52 - @@ -1186,27 +1186,6 @@ out: * `in' registers within the syscall trap code (because of the automatic * `save' effect of each trap). They are, however, the %o registers of the * thing that made the system call, and are named that way here. - * - * 32-bit system calls on a 64-bit system are a problem. Each system call - * argument is stored in the smaller of the argument's true size or a - * `register_t'. Now on a 64-bit machine all normal types can be stored in a - * `register_t'. (The only exceptions would be 128-bit `quad's or 128-bit - * extended precision floating point values, which we don't support.) For - * 32-bit syscalls, 64-bit integers like `off_t's, double precision floating - * point values, and several other types cannot fit in a 32-bit `register_t'. - * These will require reading in two `register_t' values for one argument. - * - * In order to calculate the true size of the arguments and therefore whether - * any argument needs to be split into two slots, the system call args - * structure needs to be built with the appropriately sized register_t. - * Otherwise the emul needs to do some magic to split oversized arguments. - * - * We can handle most this stuff for normal syscalls by using either a 32-bit - * or 64-bit array of `register_t' arguments. Unfortunately ktrace always - * expects arguments to be `register_t's, so it loses badly. What's worse, - * ktrace may need to do size translations to massage the argument array - * appropriately according to the emulation that is doing the ktrace. - * */ void syscall(tf, code, pc) @@ -1248,10 +1227,10 @@ syscall(tf, code, pc) * of the user's stack frame (see ). * * Check for ``special'' codes that alter this, namely syscall and -* __syscall. The latter takes a quad syscall number, so that other -* arguments are at their natural alignments. Adjust the number -* of ``easy'' arguments as appropriate; we will copy the hard -* ones later as needed. +* __syscall. These both pass a syscall number in the first argument +* register, so the other arguments are just shifted down, possibly +* pushing one off the end into the extension area. This happens +* with mmap() and mquery() used via __syscall(). */ ap = &tf->tf_out[0]; nap = 6;
/usr/sbin/sysctl owner
Yet another symlink that belongs to root. Ok? natano Index: sbin/sysctl/Makefile === RCS file: /cvs/src/sbin/sysctl/Makefile,v retrieving revision 1.11 diff -u -p -r1.11 Makefile --- sbin/sysctl/Makefile4 May 2016 19:48:08 - 1.11 +++ sbin/sysctl/Makefile10 Sep 2016 18:05:09 - @@ -7,5 +7,6 @@ CPPFLAGS+= -D_LIBKVM afterinstall: ln -sf ../../sbin/sysctl ${DESTDIR}/usr/sbin + chown -h root:wheel ${DESTDIR}/usr/sbin/sysctl .include
mailwrapper symlinks owner
Another set of symlinks, same drill: the owner should be root. Ok? natano Index: usr.sbin/mailwrapper/Makefile === RCS file: /cvs/src/usr.sbin/mailwrapper/Makefile,v retrieving revision 1.5 diff -u -p -r1.5 Makefile --- usr.sbin/mailwrapper/Makefile 16 Mar 2009 22:34:13 - 1.5 +++ usr.sbin/mailwrapper/Makefile 10 Sep 2016 17:53:45 - @@ -13,5 +13,9 @@ afterinstall: ln -fs /usr/sbin/mailwrapper ${DESTDIR}/usr/sbin/makemap ln -fs /usr/sbin/mailwrapper ${DESTDIR}/usr/bin/hoststat ln -fs /usr/sbin/mailwrapper ${DESTDIR}/usr/bin/purgestat + chown -h root:wheel ${DESTDIR}/usr/sbin/sendmail \ + ${DESTDIR}/usr/bin/newaliases ${DESTDIR}/usr/bin/mailq \ + ${DESTDIR}/usr/sbin/makemap ${DESTDIR}/usr/bin/hoststat \ + ${DESTDIR}/usr/bin/purgestat .include
mg docs ownership
We should be explicit about owner/group when using install, so this also works correctly with noperm. Ok? natano Index: usr.bin/mg/Makefile === RCS file: /cvs/src/usr.bin/mg/Makefile,v retrieving revision 1.31 diff -u -p -r1.31 Makefile --- usr.bin/mg/Makefile 29 Sep 2015 03:50:58 - 1.31 +++ usr.bin/mg/Makefile 10 Sep 2016 17:45:11 - @@ -24,8 +24,8 @@ SRCS= autoexec.c basic.c bell.c buffer.c SRCS+= cmode.c cscope.c dired.c grep.c tags.c theo.c afterinstall: - ${INSTALL} -d ${DESTDIR}${DOCDIR}/mg - ${INSTALL} -m ${DOCMODE} -c ${.CURDIR}/tutorial \ - ${DESTDIR}${DOCDIR}/mg + ${INSTALL} -d -o root -g wheel ${DESTDIR}${DOCDIR}/mg + ${INSTALL} ${INSTALL_COPY} -o root -g wheel -m ${DOCMODE} \ + ${.CURDIR}/tutorial ${DESTDIR}${DOCDIR}/mg .include
create /usr/share/calendar/$lang with root owner
Currently the /usr/share/calendar/$lang directories are created with the build user as owner, but should be owned by root. Ok? natano Index: usr.bin/calendar/Makefile === RCS file: /cvs/src/usr.bin/calendar/Makefile,v retrieving revision 1.10 diff -u -p -r1.10 Makefile --- usr.bin/calendar/Makefile 23 Oct 2015 10:33:52 - 1.10 +++ usr.bin/calendar/Makefile 10 Sep 2016 17:37:28 - @@ -8,11 +8,10 @@ beforeinstall: ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ ${.CURDIR}/calendars/calendar.* ${DESTDIR}/usr/share/calendar .for lang in ${INTER} - @test -d ${DESTDIR}/usr/share/calendar/${lang} || \ - mkdir ${DESTDIR}/usr/share/calendar/${lang} + ${INSTALL} -d -o root -g wheel ${DESTDIR}/usr/share/calendar/${lang} ${INSTALL} ${INSTALL_COPY} -o ${BINOWN} -g ${BINGRP} -m 444 \ ${.CURDIR}/calendars/${lang}/calendar.* \ - ${DESTDIR}/usr/share/calendar/${lang}; + ${DESTDIR}/usr/share/calendar/${lang} .endfor .include
bin/chmod: set owner of symlinks
When building with noperm the symlinks end up with the build user as owner instead of root. Ok? natano Index: bin/chmod/Makefile === RCS file: /cvs/src/bin/chmod/Makefile,v retrieving revision 1.7 diff -u -p -r1.7 Makefile --- bin/chmod/Makefile 6 Sep 2001 18:52:55 - 1.7 +++ bin/chmod/Makefile 10 Sep 2016 17:31:05 - @@ -10,9 +10,11 @@ LINKS= ${BINDIR}/chmod ${BINDIR}/chgrp \ afterinstall: (cd ${DESTDIR}/usr/sbin; \ ln -sf ../../sbin/chown .; \ - ln -sf ../../bin/chgrp .) + ln -sf ../../bin/chgrp .; \ + chown -h root:wheel chown chgrp) (cd ${DESTDIR}/usr/bin; \ - ln -sf ../../bin/chmod chflags) + ln -sf ../../bin/chmod chflags; \ + chown -h root:wheel chflags) .include
TXIC TX382B UART controller support
I'm not an OpenBSD user, I'm not asking for help. I'm posting here because OpenBSD was the only mention of this device I found when searching the net. My device also identifies as 0x4651 0x3273, though marked as PCI 60806 instead of TX382B. I never found a data sheet for it, but after some trial and error reverse engineering, I discovered its quirks. a) As reported in the subject thread, MCR loopback is non functional. But the UART has a standard 16 byte FIFO, thus probing its depth is not necessary. b) In a normal UART, you see THRE interrupt after clearing higher priority interrupts (LINE and RECV). As the PC16550D data sheet says, THRE is reset by: "Reading the IIR Register (if source of interrupt) or Writing into the Transmitter Holding Register" The point of note is that reading the IIR will not clear THRE from the IIR unless it's the source of interrupt. Reading the IIR when LINE and RECV interrupts are active will leave the THRE indication intact, and you will see it as expected, after LINE and RECV interrupts are cleared. However, the 60806 / TX382B does not work that way. Any read of the IIR clears the THRE indication. So if you get a LINE or RECV indication when reading IIR, if THRE was there, it's now lost. You only see a THRE indication if it was the highest priority interrupt pending when reading the IIR. Losing THRE interrupts is a problem if your code assumes a standard UART and relies on THRE interrupts to keep transmission going. Once I understood that quirk, I was able to work around it. c) Unlike a normal UART, you cannot clear LSR error bits or LINE status interrupt by reading the LSR. This will cause havoc when you get a frame or break error, because you can't clear the interrupt, and that means trouble. I was able to crash linux by inducing a break / frame error when powering off my device attached to a null modem cable. This had me stumped at first, I thought it made the UART worthless. But after more testing, I discovered the LSR error bits and LINE status interrupt *auto* clear themselves, upon reception of the next good data byte. Until that happens, the error bits and LINE status interrupt are stuck on. Understanding that quirk, you can work around it too.
Re: sparc64: clean up db_trace.c
> Date: Fri, 9 Sep 2016 20:44:00 -0700 > From: Philip Guenther > > On Fri, 9 Sep 2016, Philip Guenther wrote: > > Noticed while looking at Jasper's diff. > > - convert declarations from k&r to standard C > > - delete support for 32bit frame backtracing. I doubt this code has ever > >been executed on OpenBSD. If a 32bit frame is encountered ((sp&1)==0) > >then print a warning and stop processing the frames > > - delete a pile of casts that are unnecessary > > - minor whitespace tweaks > > > > build tested > > Testing "tr", "mach stack", "mach window", and "mach tf" showed one > reversed test. Updated diff below. > > ok? ok kettenis@ > Index: db_trace.c > === > RCS file: /data/src/openbsd/src/sys/arch/sparc64/sparc64/db_trace.c,v > retrieving revision 1.10 > diff -u -p -r1.10 db_trace.c > --- db_trace.c9 Feb 2015 09:21:30 - 1.10 > +++ db_trace.c10 Sep 2016 03:36:20 - > @@ -56,12 +56,8 @@ void db_print_window(u_int64_t); > #define ULOAD(x) probeget((paddr_t)(u_long)&(x), ASI_AIUS, sizeof(x)) > > void > -db_stack_trace_print(addr, have_addr, count, modif, pr) > - db_expr_t addr; > - int have_addr; > - db_expr_t count; > - char*modif; > - int (*pr)(const char *, ...); > +db_stack_trace_print(db_expr_t addr, int have_addr, db_expr_t count, > +char *modif, int (*pr)(const char *, ...)) > { > vaddr_t frame; > boolean_t kernel_only = TRUE; > @@ -95,28 +91,26 @@ db_stack_trace_print(addr, have_addr, co > } > } > > + if ((frame & 1) == 0) { > + db_printf("WARNING: corrupt frame at %lx\n", frame); > + return; > + } > + > while (count--) { > int i; > db_expr_t offset; > char*name; > db_addr_t pc; > struct frame64 *f64; > - struct frame32 *f32; > > /* >* Switch to frame that contains arguments >*/ > - if (frame & 1) { > - f64 = (struct frame64 *)(frame + BIAS); > - pc = (db_addr_t)KLOAD(f64->fr_pc); > - > - frame = KLOAD(f64->fr_fp); > - } else { > - f32 = (struct frame32 *)(frame); > - pc = (db_addr_t)KLOAD(f32->fr_pc); > - > - frame = (long)KLOAD(f32->fr_fp); > - } > + > + f64 = (struct frame64 *)(frame + BIAS); > + pc = (db_addr_t)KLOAD(f64->fr_pc); > + > + frame = KLOAD(f64->fr_fp); > > if (kernel_only) { > if (pc < KERNBASE || pc >= KERNEND) > @@ -137,22 +131,20 @@ db_stack_trace_print(addr, have_addr, co > name = "?"; > > (*pr)("%s(", name); > + > + if ((frame & 1) == 0) { > + db_printf(")\nWARNING: corrupt frame at %lx\n", frame); > + break; > + } > > /* >* Print %i0..%i5; hope these still reflect the >* actual arguments somewhat... >*/ > - if (frame & 1) { > - f64 = (struct frame64 *)(frame + BIAS); > - for (i = 0; i < 5; i++) > - (*pr)("%lx, ", (long)KLOAD(f64->fr_arg[i])); > - (*pr)("%lx) at ", (long)KLOAD(f64->fr_arg[i])); > - } else { > - f32 = (struct frame32 *)(frame); > - for (i = 0; i < 5; i++) > - (*pr)("%x, ", (u_int)KLOAD(f32->fr_arg[i])); > - (*pr)("%x) at ", (u_int)KLOAD(f32->fr_arg[i])); > - } > + f64 = (struct frame64 *)(frame + BIAS); > + for (i = 0; i < 5; i++) > + (*pr)("%lx, ", (long)KLOAD(f64->fr_arg[i])); > + (*pr)("%lx) at ", (long)KLOAD(f64->fr_arg[i])); > db_printsym(pc, DB_STGY_PROC, pr); > (*pr)("\n"); > } > @@ -160,11 +152,7 @@ db_stack_trace_print(addr, have_addr, co > > > void > -db_dump_window(addr, have_addr, count, modif) > - db_expr_t addr; > - int have_addr; > - db_expr_t count; > - char *modif; > +db_dump_window(db_expr_t addr, int have_addr, db_expr_t count, char *modif) > { > int i; > u_int64_t frame = DDB_TF->tf_out[6]; > @@ -174,10 +162,15 @@ db_dump_window(addr, have_addr, count, m > addr = 0; > > /* Traverse window stack */ > - for (i=0; i - if (frame & 1) > - frame = (u_int64_t)((struct frame64 *)(u_long)(frame + > BIAS))->fr_fp; > - else frame = (u_int64_t)((struct frame32 > *
Re: sparc64: delete 32bit process support from syscall()
> Date: Fri, 9 Sep 2016 20:47:47 -0700 > From: Philip Guenther > > Simplify syscall(): > - if the trapframe is of a 32bit process, just call sigexit() instead of >returning an error > - delete other code for 32bit processes > - 64bit processes only, so SYS__syscall can be handled the same as >SYS_syscall > - delete a superfluous cast > > builds and runs fine > > ok? ok kettenis@, but it is probably time to rewrite the comment above thie function as well. > Index: trap.c > === > RCS file: /data/src/openbsd/src/sys/arch/sparc64/sparc64/trap.c,v > retrieving revision 1.88 > diff -u -p -r1.88 trap.c > --- trap.c27 Feb 2016 13:08:07 - 1.88 > +++ trap.c10 Sep 2016 03:27:37 - > @@ -1222,6 +1222,9 @@ syscall(tf, code, pc) > register_t args[8]; > register_t rval[2]; > > + if ((tf->tf_out[6] & 1) == 0) > + sigexit(p, SIGILL); > + > uvmexp.syscalls++; > p = curproc; > #ifdef DIAGNOSTIC > @@ -1255,29 +1258,15 @@ syscall(tf, code, pc) > > switch (code) { > case SYS_syscall: > + case SYS___syscall: > code = *ap++; > nap--; > break; > - case SYS___syscall: > - if (code < nsys && callp[code].sy_call != > - callp[p->p_p->ps_emul->e_nosys].sy_call) > - break; /* valid system call */ > - if (tf->tf_out[6] & 1L) { > - /* longs *are* quadwords */ > - code = ap[0]; > - ap += 1; > - nap -= 1; > - } else { > - code = ap[_QUAD_LOWWORD]; > - ap += 2; > - nap -= 2; > - } > - break; > } > > if (code < 0 || code >= nsys) > callp += p->p_p->ps_emul->e_nosys; > - else if (tf->tf_out[6] & 1L) { > + else { > register_t *argp; > > callp += code; > @@ -1286,7 +1275,7 @@ syscall(tf, code, pc) > if (i > 8) > panic("syscall nargs"); > /* Read the whole block in */ > - if ((error = copyin((caddr_t)(u_long)tf->tf_out[6] > + if ((error = copyin((caddr_t)tf->tf_out[6] > + BIAS + offsetof(struct frame64, fr_argx), > &args[nap], (i - nap) * sizeof(register_t > goto bad; > @@ -1298,9 +1287,6 @@ syscall(tf, code, pc) >*/ > for (argp = args; i--;) > *argp++ = *ap++; > - } else { > - error = EFAULT; > - goto bad; > } > > rval[0] = 0; > >
Re: reduce double caching in mfs
> Isn't the solution to this problem a working dynamic buffer cache? I'm > not sure adding a hack for mfs, and the complexity that comes with it, > is the way to go. Did somebody analyzed what broke when the buffer > cache was cranked to 90%? My digging suggested that something on "write side" got slow. Maybe flipping a buffer from high back to low, has some super high cost, or a missing splx.
Re: random malloc junk
> On Thu, Sep 08, 2016 at 07:47:58PM -0400, Daniel Micay wrote: > > > A nice security property of 0xdf filling is that a use-after-free of a > > pointer is guaranteed to fault in a typical environment since it ends up > > pointing outside userspace (I assume that's the case on OpenBSD). A heap > > spray could potentially allow exploiting a random pointer. Perhaps it > > would be better if only the byte range guaranteeing faults for pointers > > was used? Less random, but strictly better than the current situation > > rather than losing a nice guarantee. > > AFAIK 0xdf...df it is not guaranteed, just often outside the address > space. > > I selected 0xdf a long time ago as an alternative to the 0xd0 (Duh) > byte used for new chunks. Both as a mnemonic for "free" and because it > is likely to cause segfaults. A pointer ending in 0xdf often will be > unaligned. Of course that won't work on all archs or all pointers. > > Random patterns are also likely to produce segfaults, using them as a > pointer has a big chance of being unaligned or pointing to an unmapped > page. There is only one benefit from full-random. That it creates a little bit more register damage as the code goes fully astray. On non-shared address spaces, no byte-repeat address we choose is gauranteed to be outside the address space. Some of our architectures in that family do have full address spaces. On any such systems if the attacked can place something at that address before things go wrong, then he probably has substantial control already. A machine-dependent value could be chosen to land within the VA hole that some 64-bit architectures have, but shrug, I don't see the point. I think 0xdf is still the best of all worlds.
Re: Kernel panic pf.c during halting
My system don't started Tor daemon and dnscrypt-proxy daemon and still I get this kernel panic. I still use Unbound. I still have pf rules for transparent proxying. I only disabled Tor client. I was thinking about simplify more before I answer, but dhill () mindcry ! org posted similar bug to bug mailing list. I will post further messages to his bug report. I have complete list of processes (ps auxww) just before I executed halt -p, because I have written script to do so every time I turn off or reboot OpenBSD. USER PID %CPU %MEM VSZ RSS TT STAT STARTED TIME COMMAND root 1 0.0 0.0 444 560 ?? Is10:35AM0:01.00 /sbin/init root 23793 0.0 1.1 409972 67552 ?? Ss10:35AM0:00.22 /sbin/mount_mfs -o rw -s 819200 -o nosuid -o nodev swap /tmp root 86233 0.0 0.0 20852 328 ?? Ss10:35AM0:00.01 /sbin/mount_mfs -o rw -s 40960 -o nosuid -o nodev swap /var/log root 5733 0.0 0.0 608 476 ?? Is10:35AM0:00.01 dhclient: bge0 [priv] (dhclient) _dhcp91232 0.0 0.0 736 680 ?? Isp 10:35AM0:00.07 dhclient: bge0 (dhclient) _syslogd 41780 0.0 0.0 956 1480 ?? Sp10:36AM0:00.03 /usr/sbin/syslogd root 18297 0.0 0.0 956 1292 ?? Isp 10:36AM0:00.00 syslogd: [priv] (syslogd) root 38573 0.0 0.0 604 612 ?? Is10:36AM0:00.02 pflogd: [priv] (pflogd) _pflogd 35694 0.0 0.0 668 436 ?? Sp10:36AM0:00.36 pflogd: [running] -s 160 -i pflog0 -f /var/log/pflog (pflogd) _unbound 90885 0.0 0.2 9852 10852 ?? Is10:36AM0:00.25 unbound -c /var/unbound/etc/unbound.conf _relayd 74560 0.0 0.0 1176 2836 ?? Ip10:36AM0:00.01 relayd: hce (relayd) root 18863 0.0 0.1 1568 3408 ?? Is10:36AM0:00.02 /usr/sbin/relayd _relayd 50673 0.0 0.0 1204 2908 ?? Ip10:36AM0:00.02 relayd: pfe (relayd) _relayd 70251 0.0 0.1 1308 3280 ?? Ip10:36AM0:00.03 relayd: relay (relayd) _relayd 13920 0.0 0.0 1136 2876 ?? Ip10:36AM0:00.02 relayd: ca (relayd) _relayd 97513 0.0 0.0 1148 2856 ?? Ip10:36AM0:00.02 relayd: ca (relayd) _relayd 68353 0.0 0.0 1140 2860 ?? Ip10:36AM0:00.02 relayd: ca (relayd) _relayd 98221 0.0 0.1 1312 3280 ?? Ip10:36AM0:00.03 relayd: relay (relayd) _relayd 52134 0.0 0.1 1316 3288 ?? Ip10:36AM0:00.03 relayd: relay (relayd) _sndio 12325 0.0 0.0 500 1188 ?? I
iwm aux sta
This removes unnecessary fluff from the AUX STA code and simplifies error handling around iwm_send_cmd_pdu_status() calls. While at it I spotted an uninitalized 'status' variable in iwm_add_int_sta_common() (note how iwm_send_cmd_pdu_status() won't always initialize *status). Index: if_iwm.c === RCS file: /cvs/src/sys/dev/pci/if_iwm.c,v retrieving revision 1.131 diff -u -p -r1.131 if_iwm.c --- if_iwm.c10 Sep 2016 10:00:41 - 1.131 +++ if_iwm.c10 Sep 2016 10:55:01 - @@ -387,8 +387,6 @@ int iwm_power_update_device(struct iwm_s intiwm_enable_beacon_filter(struct iwm_softc *, struct iwm_node *); intiwm_disable_beacon_filter(struct iwm_softc *); intiwm_add_sta_cmd(struct iwm_softc *, struct iwm_node *, int); -intiwm_add_int_sta_common(struct iwm_softc *, struct iwm_int_sta *, - const uint8_t *, uint16_t, uint16_t); intiwm_add_aux_sta(struct iwm_softc *); uint16_t iwm_scan_rx_chain(struct iwm_softc *); uint32_t iwm_scan_max_out_time(struct iwm_softc *, uint32_t, int); @@ -2406,26 +2404,18 @@ iwm_sta_rx_agg(struct iwm_softc *sc, str IWM_STA_MODIFY_REMOVE_BA_TID; status = IWM_ADD_STA_SUCCESS; - err = iwm_send_cmd_pdu_status(sc, IWM_ADD_STA, - sizeof(cmd), &cmd, &status); + err = iwm_send_cmd_pdu_status(sc, IWM_ADD_STA, sizeof(cmd), &cmd, + &status); if (err) return; - switch (status) { - case IWM_ADD_STA_SUCCESS: + if (status == IWM_ADD_STA_SUCCESS) { s = splnet(); if (start) sc->sc_rx_ba_sessions++; else if (sc->sc_rx_ba_sessions > 0) sc->sc_rx_ba_sessions--; splx(s); - break; - case IWM_ADD_STA_IMMEDIATE_BA_FAILURE: - err = EIO; - break; - default: - err = EIO; - break; } } @@ -3471,10 +3461,7 @@ iwm_binding_cmd(struct iwm_softc *sc, st status = 0; err = iwm_send_cmd_pdu_status(sc, IWM_BINDING_CONTEXT_CMD, sizeof(cmd), &cmd, &status); - if (err) - return err; - - if (status) + if (err == 0 && status != 0) err = EIO; return err; @@ -3998,7 +3985,7 @@ iwm_tx(struct iwm_softc *sc, struct mbuf if (IEEE80211_IS_MULTICAST(wh->i_addr1) || type != IEEE80211_FC0_TYPE_DATA) - tx->sta_id = sc->sc_aux_sta.sta_id; + tx->sta_id = IWM_AUX_STA_ID; else tx->sta_id = IWM_STATION_ID; @@ -4370,70 +4357,36 @@ iwm_add_sta_cmd(struct iwm_softc *sc, st status = IWM_ADD_STA_SUCCESS; err = iwm_send_cmd_pdu_status(sc, IWM_ADD_STA, sizeof(add_sta_cmd), &add_sta_cmd, &status); - if (err) - return err; - - switch (status) { - case IWM_ADD_STA_SUCCESS: - break; - default: + if (err == 0 && status != IWM_ADD_STA_SUCCESS) err = EIO; - break; - } return err; } int -iwm_add_int_sta_common(struct iwm_softc *sc, struct iwm_int_sta *sta, -const uint8_t *addr, uint16_t mac_id, uint16_t color) +iwm_add_aux_sta(struct iwm_softc *sc) { struct iwm_add_sta_cmd_v7 cmd; int err; uint32_t status; - memset(&cmd, 0, sizeof(cmd)); - cmd.sta_id = sta->sta_id; - cmd.mac_id_n_color = htole32(IWM_FW_CMD_ID_AND_COLOR(mac_id, color)); - - cmd.tfd_queue_msk = htole32(sta->tfd_queue_msk); - cmd.tid_disable_tx = htole16(0x); - - if (addr) - memcpy(cmd.addr, addr, ETHER_ADDR_LEN); - - err = iwm_send_cmd_pdu_status(sc, IWM_ADD_STA, - sizeof(cmd), &cmd, &status); - if (err) - return err; - - switch (status) { - case IWM_ADD_STA_SUCCESS: - return 0; - default: - err = EIO; - break; - } - return err; -} - -int -iwm_add_aux_sta(struct iwm_softc *sc) -{ - int err; - - sc->sc_aux_sta.sta_id = IWM_AUX_STA_ID; - sc->sc_aux_sta.tfd_queue_msk = (1 << IWM_AUX_QUEUE); - err = iwm_enable_txq(sc, 0, IWM_AUX_QUEUE, IWM_TX_FIFO_MCAST); if (err) return err; - err = iwm_add_int_sta_common(sc, - &sc->sc_aux_sta, NULL, IWM_MAC_INDEX_AUX, 0); + memset(&cmd, 0, sizeof(cmd)); + cmd.sta_id = IWM_AUX_STA_ID; + cmd.mac_id_n_color = + htole32(IWM_FW_CMD_ID_AND_COLOR(IWM_MAC_INDEX_AUX, 0)); + cmd.tfd_queue_msk = htole32(1 << IWM_AUX_QUEUE); + cmd.tid_disable_tx = htole16(0x); + + status = IWM_ADD_STA_SUCCESS; + err = iwm_send_cmd_pdu_status(sc, IWM_ADD_STA, sizeof(cmd), &cmd, + &status); + if (err == 0 && status != IWM_ADD_STA_SUCCESS) + err = EIO;
Fix NFS hanging on shutdown/reboot
Pending NFS requests loop forever, blocking umount and not even allowing for clean shutdown/reboot. If you ever played with NFS for more than 30 seconds, you have run into this and had to press the reset button, followed by suffering through fsck... Pending requests occur because the NFS server is gone (duh), network problems (duh) or the server is sending replies faster than the client can receive/reassemble packets (sneaky). The least invasive fix is marking all pending requests "soft". Timeouts apply and the blocking request gets discarded. Index: nfs/nfs_vfsops.c === RCS file: /home/vcs/cvs/openbsd/src/sys/nfs/nfs_vfsops.c,v retrieving revision 1.110 diff -u -p -r1.110 nfs_vfsops.c --- nfs/nfs_vfsops.c13 Aug 2016 20:53:17 - 1.110 +++ nfs/nfs_vfsops.c10 Sep 2016 08:12:27 - @@ -689,13 +689,18 @@ int nfs_unmount(struct mount *mp, int mntflags, struct proc *p) { struct nfsmount *nmp; + struct nfsreq *rep; int error, flags; nmp = VFSTONFS(mp); flags = 0; - if (mntflags & MNT_FORCE) + if (mntflags & MNT_FORCE) { flags |= FORCECLOSE; + TAILQ_FOREACH(rep, &nmp->nm_reqsq, r_chain) { + rep->r_flags |= R_SOFTTERM; + } + } error = vflush(mp, NULL, flags); if (error)
Re: random malloc junk
On Thu, Sep 08, 2016 at 07:47:58PM -0400, Daniel Micay wrote: > A nice security property of 0xdf filling is that a use-after-free of a > pointer is guaranteed to fault in a typical environment since it ends up > pointing outside userspace (I assume that's the case on OpenBSD). A heap > spray could potentially allow exploiting a random pointer. Perhaps it > would be better if only the byte range guaranteeing faults for pointers > was used? Less random, but strictly better than the current situation > rather than losing a nice guarantee. AFAIK 0xdf...df it is not guaranteed, just often outside the address space. I selected 0xdf a long time ago as an alternative to the 0xd0 (Duh) byte used for new chunks. Both as a mnemonic for "free" and because it is likely to cause segfaults. A pointer ending in 0xdf often will be unaligned. Of course that won't work on all archs or all pointers. Random patterns are also likely to produce segfaults, using them as a pointer has a big chance of being unaligned or pointing to an unmapped page. -Otto