Re: mcl2k2 mbuf clusters

[Claudio Jeker]

It is time to put the nasty comment from rl(4) into em(4) and ix(4).
Everybody knew how bad realtek was but thinks Intel nics are good. The
truth is that modern Intel nic are as bad as the cheepest and crapiest
10/100 Mbps Ethernet chips from the last millenium.

-- 
:wq Claudio

On Fri, Oct 14, 2016 at 03:48:18PM +1000, David Gwynne wrote:
> this adds a pool backend for MCLGETI thats 2k+2 bytes in size, which
> can be used on some very common nics that have annoying constraints
> on their rx descriptors.
> 
> this in turn simplifies the code in those drivers and lets them
> always operate on ETHER_ALIGN boundaries.
> 
> the pool is cheap, pages will only be allocated in it if something
> asks for them, and it keeps this complexity out of the drivers.
> 
> ok?
> 
> Index: net/if.h
> ===
> RCS file: /cvs/src/sys/net/if.h,v
> retrieving revision 1.179
> diff -u -p -r1.179 if.h
> --- net/if.h  4 Sep 2016 15:10:59 -   1.179
> +++ net/if.h  14 Oct 2016 03:46:22 -
> @@ -68,7 +68,7 @@ struct if_clonereq {
>   char*ifcr_buffer;   /* buffer for cloner names */
>  };
>  
> -#define MCLPOOLS 7   /* number of cluster pools */
> +#define MCLPOOLS 8   /* number of cluster pools */
>  
>  struct if_rxring {
>   int rxr_adjusted;
> Index: kern/uipc_mbuf.c
> ===
> RCS file: /cvs/src/sys/kern/uipc_mbuf.c,v
> retrieving revision 1.233
> diff -u -p -r1.233 uipc_mbuf.c
> --- kern/uipc_mbuf.c  10 Oct 2016 00:41:17 -  1.233
> +++ kern/uipc_mbuf.c  14 Oct 2016 03:46:22 -
> @@ -107,6 +107,7 @@ structpool mtagpool;
>  /* mbuf cluster pools */
>  u_intmclsizes[MCLPOOLS] = {
>   MCLBYTES,   /* must be at slot 0 */
> + MCLBYTES + 2,   /* ETHER_ALIGNED 2k mbufs */
>   4 * 1024,
>   8 * 1024,
>   9 * 1024,
> @@ -142,6 +143,7 @@ void
>  mbinit(void)
>  {
>   int i;
> + unsigned int lowbits;
>  
>  #if DIAGNOSTIC
>   if (mclsizes[0] != MCLBYTES)
> @@ -158,9 +160,15 @@ mbinit(void)
>   IPL_NET, 0, "mtagpl", NULL);
>  
>   for (i = 0; i < nitems(mclsizes); i++) {
> - snprintf(mclnames[i], sizeof(mclnames[0]), "mcl%dk",
> - mclsizes[i] >> 10);
> - pool_init([i], mclsizes[i], 0, IPL_NET, 0,
> + lowbits = mclsizes[i] & ((1 << 10) - 1);
> + if (lowbits) {
> + snprintf(mclnames[i], sizeof(mclnames[0]),
> + "mcl%dk%u", mclsizes[i] >> 10, lowbits);
> + } else {
> + snprintf(mclnames[i], sizeof(mclnames[0]), "mcl%dk",
> + mclsizes[i] >> 10);
> + }
> + pool_init([i], mclsizes[i], 64, IPL_NET, 0,
>   mclnames[i], NULL);
>   pool_set_constraints([i], _dma_contig);
>   pool_setlowat([i], mcllowat);
> Index: dev/pci/if_em.c
> ===
> RCS file: /cvs/src/sys/dev/pci/if_em.c,v
> retrieving revision 1.331
> diff -u -p -r1.331 if_em.c
> --- dev/pci/if_em.c   13 Apr 2016 10:34:32 -  1.331
> +++ dev/pci/if_em.c   14 Oct 2016 03:47:21 -
> @@ -2450,9 +2450,7 @@ em_get_buf(struct em_softc *sc, int i)
>   return (ENOBUFS);
>   }
>   m->m_len = m->m_pkthdr.len = EM_MCLBYTES;
> -#ifdef __STRICT_ALIGNMENT
>   m_adj(m, ETHER_ALIGN);
> -#endif
>  
>   error = bus_dmamap_load_mbuf(sc->sc_dmat, pkt->pkt_map,
>   m, BUS_DMA_NOWAIT);
> Index: dev/pci/if_ix.c
> ===
> RCS file: /cvs/src/sys/dev/pci/if_ix.c,v
> retrieving revision 1.132
> diff -u -p -r1.132 if_ix.c
> --- dev/pci/if_ix.c   13 Apr 2016 10:34:32 -  1.132
> +++ dev/pci/if_ix.c   14 Oct 2016 03:47:21 -
> @@ -616,11 +616,7 @@ ixgbe_init(void *arg)
>   ixgbe_initialize_transmit_units(sc);
>  
>   /* Use 2k clusters, even for jumbo frames */
> -#ifdef __STRICT_ALIGNMENT
>   sc->rx_mbuf_sz = MCLBYTES + ETHER_ALIGN;
> -#else
> - sc->rx_mbuf_sz = MCLBYTES;
> -#endif
>  
>   /* Prepare receive descriptors and buffers */
>   if (ixgbe_setup_receive_structures(sc)) {
> @@ -2458,9 +2454,7 @@ ixgbe_get_buf(struct rx_ring *rxr, int i
>   return (ENOBUFS);
>  
>   mp->m_len = mp->m_pkthdr.len = sc->rx_mbuf_sz;
> -#ifdef __STRICT_ALIGNMENT
>   m_adj(mp, ETHER_ALIGN);
> -#endif
>  
>   error = bus_dmamap_load_mbuf(rxr->rxdma.dma_tag, rxbuf->map,
>   mp, BUS_DMA_NOWAIT);
> @@ -2667,11 +2661,7 @@ ixgbe_initialize_receive_units(struct ix
>   hlreg |= IXGBE_HLREG0_JUMBOEN;
>   IXGBE_WRITE_REG(>hw, IXGBE_HLREG0, hlreg);
>  
> -#ifdef __STRICT_ALIGNMENT
>   bufsz = (sc->rx_mbuf_sz - ETHER_ALIGN) >> IXGBE_SRRCTL_BSIZEPKT_SHIFT;
> -#else
> - bufsz = sc->rx_mbuf_sz >> IXGBE_SRRCTL_BSIZEPKT_SHIFT;

mcl2k2 mbuf clusters

[David Gwynne]

this adds a pool backend for MCLGETI thats 2k+2 bytes in size, which
can be used on some very common nics that have annoying constraints
on their rx descriptors.

this in turn simplifies the code in those drivers and lets them
always operate on ETHER_ALIGN boundaries.

the pool is cheap, pages will only be allocated in it if something
asks for them, and it keeps this complexity out of the drivers.

ok?

Index: net/if.h
===
RCS file: /cvs/src/sys/net/if.h,v
retrieving revision 1.179
diff -u -p -r1.179 if.h
--- net/if.h4 Sep 2016 15:10:59 -   1.179
+++ net/if.h14 Oct 2016 03:46:22 -
@@ -68,7 +68,7 @@ struct if_clonereq {
char*ifcr_buffer;   /* buffer for cloner names */
 };
 
-#define MCLPOOLS   7   /* number of cluster pools */
+#define MCLPOOLS   8   /* number of cluster pools */
 
 struct if_rxring {
int rxr_adjusted;
Index: kern/uipc_mbuf.c
===
RCS file: /cvs/src/sys/kern/uipc_mbuf.c,v
retrieving revision 1.233
diff -u -p -r1.233 uipc_mbuf.c
--- kern/uipc_mbuf.c10 Oct 2016 00:41:17 -  1.233
+++ kern/uipc_mbuf.c14 Oct 2016 03:46:22 -
@@ -107,6 +107,7 @@ struct  pool mtagpool;
 /* mbuf cluster pools */
 u_int  mclsizes[MCLPOOLS] = {
MCLBYTES,   /* must be at slot 0 */
+   MCLBYTES + 2,   /* ETHER_ALIGNED 2k mbufs */
4 * 1024,
8 * 1024,
9 * 1024,
@@ -142,6 +143,7 @@ void
 mbinit(void)
 {
int i;
+   unsigned int lowbits;
 
 #if DIAGNOSTIC
if (mclsizes[0] != MCLBYTES)
@@ -158,9 +160,15 @@ mbinit(void)
IPL_NET, 0, "mtagpl", NULL);
 
for (i = 0; i < nitems(mclsizes); i++) {
-   snprintf(mclnames[i], sizeof(mclnames[0]), "mcl%dk",
-   mclsizes[i] >> 10);
-   pool_init([i], mclsizes[i], 0, IPL_NET, 0,
+   lowbits = mclsizes[i] & ((1 << 10) - 1);
+   if (lowbits) {
+   snprintf(mclnames[i], sizeof(mclnames[0]),
+   "mcl%dk%u", mclsizes[i] >> 10, lowbits);
+   } else {
+   snprintf(mclnames[i], sizeof(mclnames[0]), "mcl%dk",
+   mclsizes[i] >> 10);
+   }
+   pool_init([i], mclsizes[i], 64, IPL_NET, 0,
mclnames[i], NULL);
pool_set_constraints([i], _dma_contig);
pool_setlowat([i], mcllowat);
Index: dev/pci/if_em.c
===
RCS file: /cvs/src/sys/dev/pci/if_em.c,v
retrieving revision 1.331
diff -u -p -r1.331 if_em.c
--- dev/pci/if_em.c 13 Apr 2016 10:34:32 -  1.331
+++ dev/pci/if_em.c 14 Oct 2016 03:47:21 -
@@ -2450,9 +2450,7 @@ em_get_buf(struct em_softc *sc, int i)
return (ENOBUFS);
}
m->m_len = m->m_pkthdr.len = EM_MCLBYTES;
-#ifdef __STRICT_ALIGNMENT
m_adj(m, ETHER_ALIGN);
-#endif
 
error = bus_dmamap_load_mbuf(sc->sc_dmat, pkt->pkt_map,
m, BUS_DMA_NOWAIT);
Index: dev/pci/if_ix.c
===
RCS file: /cvs/src/sys/dev/pci/if_ix.c,v
retrieving revision 1.132
diff -u -p -r1.132 if_ix.c
--- dev/pci/if_ix.c 13 Apr 2016 10:34:32 -  1.132
+++ dev/pci/if_ix.c 14 Oct 2016 03:47:21 -
@@ -616,11 +616,7 @@ ixgbe_init(void *arg)
ixgbe_initialize_transmit_units(sc);
 
/* Use 2k clusters, even for jumbo frames */
-#ifdef __STRICT_ALIGNMENT
sc->rx_mbuf_sz = MCLBYTES + ETHER_ALIGN;
-#else
-   sc->rx_mbuf_sz = MCLBYTES;
-#endif
 
/* Prepare receive descriptors and buffers */
if (ixgbe_setup_receive_structures(sc)) {
@@ -2458,9 +2454,7 @@ ixgbe_get_buf(struct rx_ring *rxr, int i
return (ENOBUFS);
 
mp->m_len = mp->m_pkthdr.len = sc->rx_mbuf_sz;
-#ifdef __STRICT_ALIGNMENT
m_adj(mp, ETHER_ALIGN);
-#endif
 
error = bus_dmamap_load_mbuf(rxr->rxdma.dma_tag, rxbuf->map,
mp, BUS_DMA_NOWAIT);
@@ -2667,11 +2661,7 @@ ixgbe_initialize_receive_units(struct ix
hlreg |= IXGBE_HLREG0_JUMBOEN;
IXGBE_WRITE_REG(>hw, IXGBE_HLREG0, hlreg);
 
-#ifdef __STRICT_ALIGNMENT
bufsz = (sc->rx_mbuf_sz - ETHER_ALIGN) >> IXGBE_SRRCTL_BSIZEPKT_SHIFT;
-#else
-   bufsz = sc->rx_mbuf_sz >> IXGBE_SRRCTL_BSIZEPKT_SHIFT;
-#endif
 
for (i = 0; i < sc->num_queues; i++, rxr++) {
uint64_t rdba = rxr->rxdma.dma_map->dm_segs[0].ds_addr;
Index: dev/pci/if_em.h
===
RCS file: /cvs/src/sys/dev/pci/if_em.h,v
retrieving revision 1.72
diff -u -p -r1.72 if_em.h
--- dev/pci/if_em.h 18 Feb 2016 14:24:39 -  1.72
+++ dev/pci/if_em.h 14 Oct 2016 03:48:32 -
@@ -263,11 +263,7 @@ typedef int

Re: rebound case randomization

[Ted Unangst]

Ted Unangst wrote:
> 16 bit IDs don't offer much security. This is well known. A trick to encode
> more bits into the query is to vary the case of the query name. It's case
> insensitive, but all known servers echo it back exactly, case preserving. Thus
> we can twiddle the query on the way out and verify we get exactly the right
> reply.
> 
> In theory a dns packet can contain more than one query, but in practice it's
> only one, so this also adds a few checks for that to avoid some more
> complicated parsing.

Matthew Martin pointed out a bug in the randomizer. Only increment the byte
pointer when we've used up all the bits. Tried to be clever, and it bit me.
(hahahahaha). Math should be better now.

Index: rebound.c
===
RCS file: /cvs/src/usr.sbin/rebound/rebound.c,v
retrieving revision 1.74
diff -u -p -r1.74 rebound.c
--- rebound.c   8 Oct 2016 06:33:59 -   1.74
+++ rebound.c   14 Oct 2016 04:47:10 -
@@ -32,6 +32,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -63,8 +64,10 @@ struct dnspacket {
uint16_t ancount;
uint16_t nscount;
uint16_t arcount;
+   char qname[];
/* ... */
 };
+#define NAMELEN 256
 
 /*
  * requests will point to cache entries until a response is received.
@@ -102,6 +105,8 @@ struct request {
uint16_t clientid;
uint16_t reqid;
struct dnscache *cacheent;
+   char origname[NAMELEN];
+   char newname[NAMELEN];
 };
 static TAILQ_HEAD(, request) reqfifo;
 
@@ -157,12 +162,47 @@ cachecmp(struct dnscache *c1, struct dns
 }
 RB_GENERATE_STATIC(cachetree, dnscache, cachenode, cachecmp)
 
+static void
+lowercase(unsigned char *s)
+{
+   while (*s) {
+   *s = tolower(*s);
+   s++;
+   }
+}
+
+static void
+randomcase(unsigned char *s)
+{
+   unsigned char bits[NAMELEN / 8], *b;
+   u_int i = 0;
+
+   arc4random_buf(bits, (strlen(s) + 7) / 8);
+   b = bits;
+   while (*s) {
+   *s = (*b & (1 << i)) ? toupper(*s) : tolower(*s);
+   s++;
+   i++;
+   if (i == 8) {
+   b++;
+   i = 0;
+   }
+   }
+}
+
 static struct dnscache *
 cachelookup(struct dnspacket *dnsreq, size_t reqlen)
 {
struct dnscache *hit, key;
+   unsigned char origname[NAMELEN];
uint16_t origid;
 
+   if (ntohs(dnsreq->qdcount) != 1)
+   return NULL;
+
+   strlcpy(origname, dnsreq->qname, sizeof(origname));
+   lowercase(dnsreq->qname);
+
origid = dnsreq->id;
dnsreq->id = 0;
 
@@ -172,6 +212,7 @@ cachelookup(struct dnspacket *dnsreq, si
if (hit)
cachehits += 1;
 
+   strlcpy(dnsreq->qname, origname, sizeof(origname));
dnsreq->id = origid;
return hit;
 }
@@ -241,6 +282,7 @@ newrequest(int ud, struct sockaddr *remo
conntotal += 1;
if ((hit = cachelookup(dnsreq, r))) {
hit->resp->id = dnsreq->id;
+   strlcpy(hit->resp->qname, dnsreq->qname, 
strlen(hit->resp->qname) + 1);
sendto(ud, hit->resp, hit->resplen, 0, , fromlen);
return NULL;
}
@@ -260,21 +302,27 @@ newrequest(int ud, struct sockaddr *remo
req->clientid = dnsreq->id;
req->reqid = randomid();
dnsreq->id = req->reqid;
+   if (ntohs(dnsreq->qdcount) == 1) {
+   strlcpy(req->origname, dnsreq->qname, sizeof(req->origname));
+   randomcase(dnsreq->qname);
+   strlcpy(req->newname, dnsreq->qname, sizeof(req->newname));
+
+   hit = calloc(1, sizeof(*hit));
+   if (hit) {
+   hit->req = malloc(r);
+   if (hit->req) {
+   memcpy(hit->req, dnsreq, r);
+   hit->reqlen = r;
+   hit->req->id = 0;
+   lowercase(hit->req->qname);
+   } else {
+   free(hit);
+   hit = NULL;
 
-   hit = calloc(1, sizeof(*hit));
-   if (hit) {
-   hit->req = malloc(r);
-   if (hit->req) {
-   memcpy(hit->req, dnsreq, r);
-   hit->reqlen = r;
-   hit->req->id = 0;
-   } else {
-   free(hit);
-   hit = NULL;
-
+   }
}
+   req->cacheent = hit;
}
-   req->cacheent = hit;
 
req->s = socket(remoteaddr->sa_family, SOCK_DGRAM, 0);
if (req->s == -1)
@@ -359,6 +407,11 @@ sendreply(int ud, struct request *req)
if (resp->id != req->reqid)
return;
resp->id = req->clientid;
+   if (ntohs(resp->qdcount) == 1) {
+   if (strcmp(resp->qname, 

Re: user(8): Don't create default config file

[Matthew Martin]

On Thu, Oct 06, 2016 at 10:36:48PM -0500, Matthew Martin wrote:
> There doesn't seem to be any reason for user to write out a config file
> with the defaults if none exists. I've never seen anything else in base
> do this, so kill it.

Ping. With man pages fixes this time.

- Matthew Martin


Index: user.c
===
RCS file: /cvs/src/usr.sbin/user/user.c,v
retrieving revision 1.112
diff -u -p -r1.112 user.c
--- user.c  10 Aug 2016 20:30:34 -  1.112
+++ user.c  14 Oct 2016 03:26:16 -
@@ -742,7 +742,6 @@ setdefaults(user_t *up)
 static void
 read_defaults(user_t *up)
 {
-   struct stat st;
size_t  lineno;
size_t  len;
FILE*fp;
@@ -761,13 +760,7 @@ read_defaults(user_t *up)
err(1, NULL);
up->u_inactive = DEF_INACTIVE;
up->u_expire = DEF_EXPIRE;
-   if ((fp = fopen(CONFFILE, "r")) == NULL) {
-   if (stat(CONFFILE, ) < 0 && !setdefaults(up)) {
-   warn("can't create `%s' defaults file", CONFFILE);
-   }
-   fp = fopen(CONFFILE, "r");
-   }
-   if (fp != NULL) {
+   if ((fp = fopen(CONFFILE, "r")) != NULL) {
while ((s = fparseln(fp, , , NULL, 0)) != NULL) {
if (strncmp(s, "group", 5) == 0) {
for (cp = s + 5 ; isspace((unsigned char)*cp); 
cp++) {
Index: useradd.8
===
RCS file: /cvs/src/usr.sbin/user/useradd.8,v
retrieving revision 1.34
diff -u -p -r1.34 useradd.8
--- useradd.8   14 Aug 2016 09:52:08 -  1.34
+++ useradd.8   14 Oct 2016 03:26:16 -
@@ -85,8 +85,7 @@ the range from which the UID will be all
 and default login shell
 can be provided in the
 .Pa /etc/usermgmt.conf
-file, which, if running as root, is created using the built-in defaults if
-it does not exist.
+file.
 .Pp
 The first form of the command shown above (using the
 .Fl D
Index: userdel.8
===
RCS file: /cvs/src/usr.sbin/user/userdel.8,v
retrieving revision 1.17
diff -u -p -r1.17 userdel.8
--- userdel.8   13 Mar 2015 19:58:41 -  1.17
+++ userdel.8   14 Oct 2016 03:26:16 -
@@ -53,8 +53,7 @@ removing that user's home directory and 
 .Pp
 Default values are taken from the information provided in the
 .Pa /etc/usermgmt.conf
-file, which, if running as root, is created using the built-in defaults if
-it does not exist.
+file.
 .Pp
 The first form of the command shown above (using the
 .Fl D
Index: usermod.8
===
RCS file: /cvs/src/usr.sbin/user/usermod.8,v
retrieving revision 1.33
diff -u -p -r1.33 usermod.8
--- usermod.8   16 Aug 2016 11:33:07 -  1.33
+++ usermod.8   14 Oct 2016 03:26:16 -
@@ -60,8 +60,7 @@ utility modifies user login information 
 .Pp
 Default values are taken from the information provided in the
 .Pa /etc/usermgmt.conf
-file, which, if running as root, is created using the built-in defaults if
-it does not exist.
+file.
 .Pp
 After setting any defaults, and then reading values from
 .Pa /etc/usermgmt.conf ,

rebound case randomization

[Ted Unangst]

16 bit IDs don't offer much security. This is well known. A trick to encode
more bits into the query is to vary the case of the query name. It's case
insensitive, but all known servers echo it back exactly, case preserving. Thus
we can twiddle the query on the way out and verify we get exactly the right
reply.

In theory a dns packet can contain more than one query, but in practice it's
only one, so this also adds a few checks for that to avoid some more
complicated parsing.

Index: rebound.c
===
RCS file: /cvs/src/usr.sbin/rebound/rebound.c,v
retrieving revision 1.74
diff -u -p -r1.74 rebound.c
--- rebound.c   8 Oct 2016 06:33:59 -   1.74
+++ rebound.c   14 Oct 2016 02:40:15 -
@@ -32,6 +32,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 #include 
 #include 
@@ -63,8 +64,10 @@ struct dnspacket {
uint16_t ancount;
uint16_t nscount;
uint16_t arcount;
+   char qname[];
/* ... */
 };
+#define NAMELEN 256
 
 /*
  * requests will point to cache entries until a response is received.
@@ -102,6 +105,8 @@ struct request {
uint16_t clientid;
uint16_t reqid;
struct dnscache *cacheent;
+   char origname[NAMELEN];
+   char newname[NAMELEN];
 };
 static TAILQ_HEAD(, request) reqfifo;
 
@@ -157,12 +162,46 @@ cachecmp(struct dnscache *c1, struct dns
 }
 RB_GENERATE_STATIC(cachetree, dnscache, cachenode, cachecmp)
 
+static void
+lowercase(unsigned char *s)
+{
+   while (*s) {
+   *s = tolower(*s);
+   s++;
+   }
+}
+
+static void
+randomcase(unsigned char *s)
+{
+   unsigned char bits[NAMELEN / 8], *b;
+   u_int i = 0;
+
+   arc4random_buf(bits, strlen(s));
+   b = bits;
+   while (*s) {
+   *s = (*b & (1 << i)) ? toupper(*s) : tolower(*s);
+   s++;
+   b++;
+   i++;
+   if (i == 8)
+   i = 0;
+   }
+}
+
 static struct dnscache *
 cachelookup(struct dnspacket *dnsreq, size_t reqlen)
 {
struct dnscache *hit, key;
+   unsigned char origname[NAMELEN];
uint16_t origid;
 
+   if (ntohs(dnsreq->qdcount) != 1)
+   return NULL;
+
+   strlcpy(origname, dnsreq->qname, sizeof(origname));
+   lowercase(dnsreq->qname);
+
origid = dnsreq->id;
dnsreq->id = 0;
 
@@ -172,6 +211,7 @@ cachelookup(struct dnspacket *dnsreq, si
if (hit)
cachehits += 1;
 
+   strlcpy(dnsreq->qname, origname, sizeof(origname));
dnsreq->id = origid;
return hit;
 }
@@ -241,6 +281,7 @@ newrequest(int ud, struct sockaddr *remo
conntotal += 1;
if ((hit = cachelookup(dnsreq, r))) {
hit->resp->id = dnsreq->id;
+   strlcpy(hit->resp->qname, dnsreq->qname, 
strlen(hit->resp->qname) + 1);
sendto(ud, hit->resp, hit->resplen, 0, , fromlen);
return NULL;
}
@@ -260,21 +301,27 @@ newrequest(int ud, struct sockaddr *remo
req->clientid = dnsreq->id;
req->reqid = randomid();
dnsreq->id = req->reqid;
+   if (ntohs(dnsreq->qdcount) == 1) {
+   strlcpy(req->origname, dnsreq->qname, sizeof(req->origname));
+   randomcase(dnsreq->qname);
+   strlcpy(req->newname, dnsreq->qname, sizeof(req->newname));
+
+   hit = calloc(1, sizeof(*hit));
+   if (hit) {
+   hit->req = malloc(r);
+   if (hit->req) {
+   memcpy(hit->req, dnsreq, r);
+   hit->reqlen = r;
+   hit->req->id = 0;
+   lowercase(hit->req->qname);
+   } else {
+   free(hit);
+   hit = NULL;
 
-   hit = calloc(1, sizeof(*hit));
-   if (hit) {
-   hit->req = malloc(r);
-   if (hit->req) {
-   memcpy(hit->req, dnsreq, r);
-   hit->reqlen = r;
-   hit->req->id = 0;
-   } else {
-   free(hit);
-   hit = NULL;
-
+   }
}
+   req->cacheent = hit;
}
-   req->cacheent = hit;
 
req->s = socket(remoteaddr->sa_family, SOCK_DGRAM, 0);
if (req->s == -1)
@@ -359,6 +406,11 @@ sendreply(int ud, struct request *req)
if (resp->id != req->reqid)
return;
resp->id = req->clientid;
+   if (ntohs(resp->qdcount) == 1) {
+   if (strcmp(resp->qname, req->newname) != 0)
+   return;
+   strlcpy(resp->qname, req->origname, strlen(resp->qname) + 1);
+   }
sendto(ud, buf, r, 0, >from.a, req->fromlen);
if ((ent = req->cacheent)) {
/*

Re: vmm: experimentation with networking on wifi interfaces

[Mike Larkin]

On Thu, Oct 13, 2016 at 11:38:46PM +0100, Edd Barrett wrote:
> Hey,
> 
> As we saw earlier on misc@, getting a vmm host on the internet when the
> host is using a wireless interface is not as straightforward as with
> wired interfaces.
> 
> Specifically, a bridge won't work on a wireless interface, which in turn (I
> think) means virtual switches don't work either (although I did not try
> that).
> 
> Some mentioned that it's possible to use a nat with a vether bridge.
> 
> Striving for a simpler working setup, after some thinking, and a
> discussion with mlarkin@, I decided to find out:
> 
>  1) If you really need the vether interface in the equation.
>  2) If you could use dhcpd on the tap interface of a vm.
> 
> Mike asked me to write to tech@ reporting the outcome of 2.

... snip ...

> When I ran dhclient in the guest this time:
> 
> ---8<---
> # dhclient vio0   
> DHCPDISCOVER on vio0 - interval 3
> panic: kernel diagnostic assertion "m != NULL" failed: file 
> "../../../../dev/pci/if_vio.c", line 1008
> Stopped at  Debugger+0x9:   leave
>TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
> *45447  45447 770x100013  00  dhclient
> Debugger() at Debugger+0x9
> panic() at panic+0xfe
> __assert() at __assert+0x25
> vio_rxeof() at vio_rxeof+0x1db
> vio_rx_intr() at vio_rx_intr+0x28
> virtio_check_vqs() at virtio_check_vqs+0x8c
> virtio_pci_legacy_intr() at virtio_pci_legacy_intr+0x6b
> intr_handler() at intr_handler+0x28
> Xintr_legacy7() at Xintr_legacy7+0xdd
> --- interrupt ---
> Xspllower() at Xspllower+0xc
> if_enqueue() at if_enqueue+0x69
> ether_output() at ether_output+0x1b0
> bpfwrite() at bpfwrite+0x153
> spec_write() at spec_write+0xb5
> end trace frame: 0x8e3a8c60, count: 0
> http://www.openbsd.org/ddb.html describes the minimum info required in bug
> reports.  Insufficient info makes it difficult to find and fix bugs.
> --->8---

I know about this panic, it's on my list of things to fix, but I haven't
got around to investigating. My gut tells me this is a membar issue because
it's trying to reuse an already-used descriptor. But I could be wrong.

-ml

Re: m_resethdr() in if_input_local()

[Alexandr Nedvedicky]

Hello,

looks O.K. to me.

can you also do s/destinated/designated, when you are touching the
if_input_local() function already?

thanks and
regards
sasha

> ok?
> 
> bluhm
> 
> Index: net/if.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/net/if.c,v
> retrieving revision 1.454
> diff -u -p -r1.454 if.c
> --- net/if.c  9 Oct 2016 20:05:10 -   1.454
> +++ net/if.c  13 Oct 2016 12:29:30 -
> @@ -665,7 +665,9 @@ if_input_local(struct ifnet *ifp, struct
>   bpf_mtap_af(if_bpf, af, m, BPF_DIRECTION_OUT);
>   }
>  #endif
> + m_resethdr(m);
>   m->m_pkthdr.ph_ifidx = ifp->if_index;
> + m->m_pkthdr.ph_rtableid = ifp->if_rdomain;
>  
>   ifp->if_opackets++;
>   ifp->if_obytes += m->m_pkthdr.len;
> 

Re: vmm: experimentation with networking on wifi interfaces

[Mike Belopuhov]

On 14 October 2016 at 00:38, Edd Barrett  wrote:
> Hey,
>
> As we saw earlier on misc@, getting a vmm host on the internet when the
> host is using a wireless interface is not as straightforward as with
> wired interfaces.
>
> Specifically, a bridge won't work on a wireless interface, which in turn (I
> think) means virtual switches don't work either (although I did not try
> that).
>
> Some mentioned that it's possible to use a nat with a vether bridge.
>
> Striving for a simpler working setup, after some thinking, and a
> discussion with mlarkin@, I decided to find out:
>
>  1) If you really need the vether interface in the equation.
>  2) If you could use dhcpd on the tap interface of a vm.
>
> Mike asked me to write to tech@ reporting the outcome of 2.
>
> Starting with 1, if all you want is to get a VM on the internet, you
> don't need a vether.
>
> On the host:
> ---8<---
> # ifconfig tap0 192.168.10.1
> # echo "pass out on iwn0 inet from tap0:network to any nat-to (iwn0)" >> 
> /etc/pf.conf
> # pfctl -f /etc/pf.conf
> # sysctl net.inet.ip.forwarding=1
> --->8---
>
> On the guest:
>
> ---8<---
> # ifconfig vio 192.168.10.2
> # route add default 192.168.10.1
> --->8---
>
> (Or enter those parameters into the installer)
>
> And you are good to go. I managed to install a guest via this method.
>
> There are a couple of quirks though. First, you can't boot with that line in
> pf.conf, as pf comes up before vmd, so the tap interface will not exist as pf
> starts, causing pf to not parse its config file. Second, if you halt/reboot 
> the
> guest (I notice reboot actually halts), then the tap interface is deleted and
> the IP is lost. If you want to bring the host back up, you need to set the IP
> on the tap device again.
>

Just put a pair of parenthesis around "tap0:network" to indicate the dynamic
nature of your configuration.

Re: vmm: experimentation with networking on wifi interfaces

[Reyk Floeter]

> Am 14.10.2016 um 00:38 schrieb Edd Barrett :
> 
> Hey,
> 
> As we saw earlier on misc@, getting a vmm host on the internet when the
> host is using a wireless interface is not as straightforward as with
> wired interfaces.
> 
> Specifically, a bridge won't work on a wireless interface, which in turn (I
> think) means virtual switches don't work either (although I did not try
> that).
> 
> Some mentioned that it's possible to use a nat with a vether bridge.
> 
> Striving for a simpler working setup, after some thinking, and a
> discussion with mlarkin@, I decided to find out:
> 

What do you mean with simpler?

The vether approach is straightforward.

> 1) If you really need the vether interface in the equation.
> 2) If you could use dhcpd on the tap interface of a vm.
> 

Of course you can.

But you will need -current to specify the name of the tap interface or rely on 
the fact that you only have one vm that coincidentally always picks tap0.

Using vether in a bridge with the tap allows you to preconfigure a fixed 
interface on the host that doesn't depend on the vm state. The tapX unit 
doesn't matter as it will be added to the bridge, your configuration is only 
done in vether0. Automatically, no scripting required when starting the vm - I 
think that's a lot easier :)

switch "foo" {
add vether0
}

vm "bar" {
interface { switch "foo" }
}

I will also add an option for setting the switch in vmctl start.

Now go ahead and configure vether0 as you configure tap0 below... I'm usually 
running dhcpd on vether0, but you can also use fixed IPs of course.

> Mike asked me to write to tech@ reporting the outcome of 2.
> 
> Starting with 1, if all you want is to get a VM on the internet, you
> don't need a vether.
> 
> On the host:
> ---8<---
> # ifconfig tap0 192.168.10.1
> # echo "pass out on iwn0 inet from tap0:network to any nat-to (iwn0)" >> 
> /etc/pf.conf
> # pfctl -f /etc/pf.conf
> # sysctl net.inet.ip.forwarding=1
> --->8---
> 
> On the guest:
> 
> ---8<---
> # ifconfig vio 192.168.10.2
> # route add default 192.168.10.1
> --->8---
> 
> (Or enter those parameters into the installer)
> 
> And you are good to go. I managed to install a guest via this method.
> 
> There are a couple of quirks though. First, you can't boot with that line in
> pf.conf, as pf comes up before vmd, so the tap interface will not exist as pf
> starts, causing pf to not parse its config file. Second, if you halt/reboot 
> the
> guest (I notice reboot actually halts), then the tap interface is deleted and
> the IP is lost. If you want to bring the host back up, you need to set the IP
> on the tap device again.
> 
> As for 2, DHCP over tap, this did not work for me.
> 
> On the host, in dhcpd.conf:
> 
> ---8<---
> subnet 192.168.10.0 netmask 255.255.255.0 {
>option routers 192.168.1.1;
>option domain-name-servers 192.168.1.1;
>option domain-name "home";
>range 192.168.10.2 192.168.10.10;
> }
> --->8---
> 
> Start with: doas dhcpd -df -c /etc/dhcpd.conf tap0
> 
> Then in the guest:
> 
> ---8<---
> Listening on tap0 (192.168.10.1).
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> already acking lease 192.168.10.2
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> already acking lease 192.168.10.2
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> already acking lease 192.168.10.2
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> already acking lease 192.168.10.2
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> already acking lease 192.168.10.2
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> already acking lease 192.168.10.2
> ...
> already acking lease 192.168.10.2
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> --->8---
> 
> The guest at this point is saying:
> 
> ---8<---
> # dhcpd -df -c /etc/dhcpd.conf tap0
> DHCPDISCOVER on vio0 - interval 3
> DHCPDISCOVER on vio0 - interval 8
> DHCPDISCOVER on vio0 - interval 14
> ...
> --->8---
> 
> An address is never acquired.
> 
> When I tried once more:
> 
> ---8<---
> # dhcpd -df -c /etc/dhcpd.conf tap0
> Listening on tap0 (192.168.10.1).
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
> DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
> ...
> --->8---
> 
> When I ran dhclient in the guest this time:
> 
> ---8<---
> # dhclient vio0   
> DHCPDISCOVER on 

Re: acpiec on acer aspire S7 with CURRENT

[Ilya Kaliman]

Hi!

Thanks for looking into this. I've tried the patch and the "found GPIO
port" printf is not triggered because sc->sc_acpi->sc_hw_reduced is 0
for me.

Which acpi table should I attach?

Thanks,
Ilya


RSD PTR: Checksum=188, OEMID=ACRSYS, RsdtAddress=0x9aafe124


RSDT: Length=112, Revision=1, Checksum=171,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=, Creator Revision=0x113


Entries={ 0x9aaf7000, 0x9aafd000, 0x9aafc000, 0x9aafa000,
0x9aaf9000, 0x9aaf8000, 0x9aaf6000, 0x9aaf5000, 0x9aaf4000,
0x9aae2000, 0x9aae, 0x9aade000, 0x9aadd000, 0x9aada000,
0x9aad9000, 0x9aad5000, 0x9aad4000, 0x9aad3000, 0x9aae3000 }


DSDT=0x9aae4000
INT_MODEL=APIC
SCI_INT=9
SMI_CMD=0xb2, ACPI_ENABLE=0xa0, ACPI_DISABLE=0xa1, S4BIOS_REQ=0x0
PM1a_EVT_BLK=0x1800-0x1803
PM1a_CNT_BLK=0x1804-0x1805
PM2_CNT_BLK=0x1850-0x1850
PM2_TMR_BLK=0x1808-0x180b
PM2_GPE0_BLK=0x1880-0x189f
P_LVL2_LAT=101ms, P_LVL3_LAT=57ms
FLUSH_SIZE=1024, FLUSH_STRIDE=16
DUTY_OFFSET=1, DUTY_WIDTH=3
DAY_ALRM=13, MON_ALRM=0, CENTURY=0
Flags={WBINVD,PROC_C1,SLP_BUTTON,RTC_S4}


DSDT: Length=61736, Revision=1, Checksum=95,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x0,
Creator ID=1025, Creator Revision=0x4


TCPA: Length=50, Revision=2, Checksum=139,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x0,
Creator ID=1025, Creator Revision=0x4


UEFI: Length=566, Revision=1, Checksum=189,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


FPDT: Length=68, Revision=1, Checksum=181,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


MSDM: Length=85, Revision=3, Checksum=230,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


ASF!: Length=165, Revision=32, Checksum=231,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


HPET: Length=56, Revision=1, Checksum=170,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


APIC: Length=140, Revision=3, Checksum=12,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


MCFG: Length=60, Revision=1, Checksum=210,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


SSDT: Length=2101, Revision=1, Checksum=93,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1000,
Creator ID=1025, Creator Revision=0x4


BOOT: Length=40, Revision=1, Checksum=106,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


ASPT: Length=52, Revision=7, Checksum=152,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


DBGP: Length=52, Revision=1, Checksum=172,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4


SSDT: Length=1337, Revision=1, Checksum=105,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x3000,
Creator ID=1025, Creator Revision=0x4


SSDT: Length=2776, Revision=1, Checksum=140,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x3000,
Creator ID=1025, Creator Revision=0x4


SSDT: Length=12958, Revision=1, Checksum=91,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x3000,
Creator ID=1025, Creator Revision=0x4


SSDT: Length=824, Revision=1, Checksum=146,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1000,
Creator ID=1025, Creator Revision=0x4


SSDT: Length=1593, Revision=1, Checksum=58,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1000,
Creator ID=1025, Creator Revision=0x4


DMAR: Length=136, Revision=1, Checksum=227,
OEMID=ACRSYS, OEM Table ID=ACRPRDCT, OEM Revision=0x1,
Creator ID=1025, Creator Revision=0x4






On Thu, Oct 13, 2016 at 1:19 AM, Paul Irofti  wrote:
>> The diff you sent simply ignores the issue which obviously can not be
>> used in the tree.
>
> The following diff starts working in the right direction, but there is
> probably more to do in order to support machines like yours.
>
> It would be interesting to see if that printf gets triggered though, so
> please test and let me know. Also, send that acpidump.
>
>
> Index: acpiec.c
> ===
> RCS file: /cvs/src/sys/dev/acpi/acpiec.c,v
> retrieving revision 1.54
> diff -u -p -u -p -r1.54 acpiec.c
> --- acpiec.c23 Aug 2016 18:26:21 -  1.54
> +++ acpiec.c13 Oct 2016 08:16:52 -
> @@ -410,8 +410,8 @@ int
> 

vmm: experimentation with networking on wifi interfaces

[Edd Barrett]

Hey,

As we saw earlier on misc@, getting a vmm host on the internet when the
host is using a wireless interface is not as straightforward as with
wired interfaces.

Specifically, a bridge won't work on a wireless interface, which in turn (I
think) means virtual switches don't work either (although I did not try
that).

Some mentioned that it's possible to use a nat with a vether bridge.

Striving for a simpler working setup, after some thinking, and a
discussion with mlarkin@, I decided to find out:

 1) If you really need the vether interface in the equation.
 2) If you could use dhcpd on the tap interface of a vm.

Mike asked me to write to tech@ reporting the outcome of 2.

Starting with 1, if all you want is to get a VM on the internet, you
don't need a vether.

On the host:
---8<---
# ifconfig tap0 192.168.10.1
# echo "pass out on iwn0 inet from tap0:network to any nat-to (iwn0)" >> 
/etc/pf.conf
# pfctl -f /etc/pf.conf
# sysctl net.inet.ip.forwarding=1
--->8---

On the guest:

---8<---
# ifconfig vio 192.168.10.2
# route add default 192.168.10.1
--->8---

(Or enter those parameters into the installer)

And you are good to go. I managed to install a guest via this method.

There are a couple of quirks though. First, you can't boot with that line in
pf.conf, as pf comes up before vmd, so the tap interface will not exist as pf
starts, causing pf to not parse its config file. Second, if you halt/reboot the
guest (I notice reboot actually halts), then the tap interface is deleted and
the IP is lost. If you want to bring the host back up, you need to set the IP
on the tap device again.

As for 2, DHCP over tap, this did not work for me.

On the host, in dhcpd.conf:

---8<---
subnet 192.168.10.0 netmask 255.255.255.0 {
option routers 192.168.1.1;
option domain-name-servers 192.168.1.1;
option domain-name "home";
range 192.168.10.2 192.168.10.10;
}
--->8---

Start with: doas dhcpd -df -c /etc/dhcpd.conf tap0

Then in the guest:

---8<---
Listening on tap0 (192.168.10.1).
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
already acking lease 192.168.10.2
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
already acking lease 192.168.10.2
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
already acking lease 192.168.10.2
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
already acking lease 192.168.10.2
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
already acking lease 192.168.10.2
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
already acking lease 192.168.10.2
...
already acking lease 192.168.10.2
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
--->8---

The guest at this point is saying:

---8<---
# dhcpd -df -c /etc/dhcpd.conf tap0
DHCPDISCOVER on vio0 - interval 3
DHCPDISCOVER on vio0 - interval 8
DHCPDISCOVER on vio0 - interval 14
...
--->8---

An address is never acquired.

When I tried once more:

---8<---
# dhcpd -df -c /etc/dhcpd.conf tap0
Listening on tap0 (192.168.10.1).
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
DHCPDISCOVER from fe:e1:ba:d0:95:d1 via tap0
DHCPOFFER on 192.168.10.2 to fe:e1:ba:d0:95:d1 via tap0
...
--->8---

When I ran dhclient in the guest this time:

---8<---
# dhclient vio0   
DHCPDISCOVER on vio0 - interval 3
panic: kernel diagnostic assertion "m != NULL" failed: file 
"../../../../dev/pci/if_vio.c", line 1008
Stopped at  Debugger+0x9:   leave
   TIDPIDUID PRFLAGS PFLAGS  CPU  COMMAND
*45447  45447 770x100013  00  dhclient
Debugger() at Debugger+0x9
panic() at panic+0xfe
__assert() at __assert+0x25
vio_rxeof() at vio_rxeof+0x1db
vio_rx_intr() at vio_rx_intr+0x28
virtio_check_vqs() at virtio_check_vqs+0x8c
virtio_pci_legacy_intr() at virtio_pci_legacy_intr+0x6b
intr_handler() at intr_handler+0x28
Xintr_legacy7() at Xintr_legacy7+0xdd
--- interrupt ---
Xspllower() at Xspllower+0xc
if_enqueue() at if_enqueue+0x69
ether_output() at ether_output+0x1b0
bpfwrite() at bpfwrite+0x153
spec_write() at spec_write+0xb5
end trace frame: 0x8e3a8c60, count: 0
http://www.openbsd.org/ddb.html describes the minimum info required in bug
reports.  Insufficient info makes it difficult to find and fix bugs.
--->8---

Oops. Well, please don't take that as a bug report, as the guest is running
vanilla 6.0-release. If someone wants more info, I can mail it, but I should
try to reproduce that on 6.0-stable or -current.

Cheers

-- 
Best Regards
Edd 

rebound double checking

[Ted Unangst]

Currently rebound ignores packets with bad IDs. we should log them.

But while we're at it, we should do something a little sneakier. Leave the
socket open and listen for additional replies. Ordinarily that shouldn't
happen, but it can mean that somebody is trying to mess with us. A local
attacker can see our queries and try to beat the dns server sending replies.

To prevent dos, log messages are ratelimited.

There are some more sophisticated antipoison techniques, but this is a good
starting point.


Index: rebound.c
===
RCS file: /cvs/src/usr.sbin/rebound/rebound.c,v
retrieving revision 1.74
diff -u -p -r1.74 rebound.c
--- rebound.c   8 Oct 2016 06:33:59 -   1.74
+++ rebound.c   13 Oct 2016 21:40:28 -
@@ -94,16 +94,18 @@ static uint64_t cachehits;
 struct request {
int s;
int client;
-   int tcp;
+   uint16_t tcp;
+   uint16_t zombie;
+   uint16_t clientid;
+   uint16_t reqid;
union sockun from;
socklen_t fromlen;
struct timespec ts;
TAILQ_ENTRY(request) fifo;
-   uint16_t clientid;
-   uint16_t reqid;
struct dnscache *cacheent;
 };
 static TAILQ_HEAD(, request) reqfifo;
+static TAILQ_HEAD(, request) zombielist;
 
 static int conncount;
 static int connmax;
@@ -181,14 +183,26 @@ freerequest(struct request *req)
 {
struct dnscache *ent;
 
+   if (req->s != -1) {
+   /* zombify live UDP sockets; free everything else */
+   if (req->tcp == 0) {
+   if (req->zombie == 0) {
+   req->zombie = 1;
+   TAILQ_REMOVE(, req, fifo);
+   TAILQ_INSERT_TAIL(, req, fifo);
+   return;
+   } else {
+   TAILQ_REMOVE(, req, fifo);
+   }
+   } else {
+   TAILQ_REMOVE(, req, fifo);
+   }
+   close(req->s);
+   }
if (req->tcp)
conncount -= 2;
else
conncount -= 1;
-   if (req->s != -1) {
-   TAILQ_REMOVE(, req, fifo);
-   close(req->s);
-   }
if (req->client != -1)
close(req->client);
if ((ent = req->cacheent) && !ent->resp) {
@@ -343,6 +357,44 @@ minttl(struct dnspacket *resp, size_t rl
 }
 
 static void
+secondreply(void)
+{
+   static uint64_t count;
+   static struct timespec ts;
+
+   if (ts.tv_sec < now.tv_sec + 10) {
+   if (count) {
+   logmsg(LOG_ALERT, "another %llu duplicate replies", 
count);
+   count = 0;
+   }
+   ts = now;
+   }
+   if (count == 0)
+   logmsg(LOG_ALERT, "received a second reply!");
+   else
+   count++;
+}
+
+static void
+badid(void)
+{
+   static uint64_t count;
+   static struct timespec ts;
+
+   if (ts.tv_sec < now.tv_sec + 10) {
+   if (count) {
+   logmsg(LOG_ALERT, "another %llu bad ID replies", count);
+   count = 0;
+   }
+   ts = now;
+   }
+   if (count == 0)
+   logmsg(LOG_ALERT, "received reply with a bad ID!");
+   else
+   count++;
+}
+
+static void
 sendreply(int ud, struct request *req)
 {
uint8_t buf[65536];
@@ -356,8 +408,14 @@ sendreply(int ud, struct request *req)
r = recv(req->s, buf, sizeof(buf), 0);
if (r == 0 || r == -1 || r < sizeof(struct dnspacket))
return;
-   if (resp->id != req->reqid)
+   if (resp->id != req->reqid) {
+   badid();
+   return;
+   }
+   if (req->zombie) {
+   secondreply();
return;
+   }
resp->id = req->clientid;
sendto(ud, buf, r, 0, >from.a, req->fromlen);
if ((ent = req->cacheent)) {
@@ -624,6 +682,8 @@ launch(int conffd, int ud, int ld)
timeout = 
}
 
+   while (conncount > connmax - 20 && !TAILQ_EMPTY())
+   freerequest(TAILQ_FIRST());
while (conncount > connmax)
freerequest(TAILQ_FIRST());
while (cachecount > cachemax)
@@ -648,6 +708,13 @@ launch(int conffd, int ud, int ld)
else
break;
}
+   /* bury the zombies */
+   while ((req = TAILQ_FIRST())) {
+   if (timespeccmp(>ts, , <=))
+   freerequest(req);
+   else
+   break;
+   }
if (req && (!ent || timespeccmp(>ts, >ts, <=))) {
timespecsub(>ts, , );
timeout = 
@@ -742,6 

opencvs: quiet sign warnings

[Todd C. Miller]

Quiet some sign warnings from the compiler.  The common "st.st_size
> SIZE_MAX" check causes many of them.  To avoid this we need to
cast st_size (which is off_t) to a large unsigned type.  I think
uintmax_t makes the most sense for this.

 - todd

Index: buf.c
===
RCS file: /cvs/src/usr.bin/cvs/buf.c,v
retrieving revision 1.83
diff -u -p -u -r1.83 buf.c
--- buf.c   5 Nov 2015 09:48:21 -   1.83
+++ buf.c   12 Oct 2016 18:18:38 -
@@ -106,7 +106,7 @@ buf_load_fd(int fd)
if (lseek(fd, 0, SEEK_SET) == -1)
fatal("buf_load_fd: lseek: %s", strerror(errno));
 
-   if (st.st_size > SIZE_MAX)
+   if ((uintmax_t)st.st_size > SIZE_MAX)
fatal("buf_load_fd: file size too big");
buf = buf_alloc(st.st_size);
if (atomicio(read, fd, buf->cb_buf, buf->cb_size) != buf->cb_size)
Index: buf.h
===
RCS file: /cvs/src/usr.bin/cvs/buf.h,v
retrieving revision 1.28
diff -u -p -u -r1.28 buf.h
--- buf.h   1 Aug 2010 09:55:40 -   1.28
+++ buf.h   12 Oct 2016 18:10:34 -
@@ -30,6 +30,7 @@
 #include 
 
 typedef struct buf BUF;
+struct timeval;
 
 BUF*buf_alloc(size_t);
 BUF*buf_load(const char *);
Index: diff3.c
===
RCS file: /cvs/src/usr.bin/cvs/diff3.c,v
retrieving revision 1.59
diff -u -p -u -r1.59 diff3.c
--- diff3.c 5 Nov 2015 09:48:21 -   1.59
+++ diff3.c 12 Oct 2016 18:21:38 -
@@ -295,7 +295,8 @@ diff3_internal(int argc, char **argv, co
free(overlap);
free(de);
 
-   de = d13 = d23 = overlap = NULL;
+   de = d13 = d23 = NULL;
+   overlap = NULL;
 
increase();
 
@@ -793,7 +794,7 @@ edscript(int n)
(void)fseek(fp[2], (long)de[n].new.from, SEEK_SET);
for (k = de[n].new.to-de[n].new.from; k > 0; k-= j) {
j = k > BUFSIZ ? BUFSIZ : k;
-   if (fread(block, 1, j, fp[2]) != j)
+   if (fread(block, 1, j, fp[2]) != (size_t)j)
return (-1);
block[j] = '\0';
diff_output("%s", block);
Index: diff_internals.c
===
RCS file: /cvs/src/usr.bin/cvs/diff_internals.c,v
retrieving revision 1.38
diff -u -p -u -r1.38 diff_internals.c
--- diff_internals.c5 Nov 2015 09:48:21 -   1.38
+++ diff_internals.c12 Oct 2016 18:22:48 -
@@ -455,13 +455,13 @@ prepare(int i, FILE *fd, off_t filesize,
 
rewind(fd);
 
-   sz = (filesize <= SIZE_MAX ? filesize : SIZE_MAX) / 25;
+   sz = ((uintmax_t)filesize <= SIZE_MAX ? (size_t)filesize : SIZE_MAX) / 
25;
if (sz < 100)
sz = 100;
 
p = xcalloc(sz + 3, sizeof(*p));
for (j = 0; (h = readhash(fd, flags));) {
-   if (j == sz) {
+   if ((size_t)j == sz) {
sz = sz * 3 / 2;
p = xreallocarray(p, sz + 3, sizeof(*p));
}
Index: file.c
===
RCS file: /cvs/src/usr.bin/cvs/file.c,v
retrieving revision 1.267
diff -u -p -u -r1.267 file.c
--- file.c  5 Nov 2015 09:48:21 -   1.267
+++ file.c  12 Oct 2016 18:25:47 -
@@ -461,12 +461,13 @@ cvs_file_walkdir(struct cvs_file *cf, st
fatal("cvs_file_walkdir: %s %s", cf->file_path,
strerror(errno));
 
-   if (st.st_size > SIZE_MAX)
+   if ((uintmax_t)st.st_size > SIZE_MAX)
fatal("cvs_file_walkdir: %s: file size too big", cf->file_name);
 
-   bufsize = st.st_size;
-   if (bufsize < st.st_blksize)
+   if (st.st_size < st.st_blksize)
bufsize = st.st_blksize;
+   else
+   bufsize = st.st_size;
 
buf = xmalloc(bufsize);
RB_INIT();
@@ -1032,7 +1033,7 @@ cvs_file_cmp(const char *file1, const ch
if (S_ISREG(stb1.st_mode)) {
void *p1, *p2;
 
-   if (stb1.st_size > SIZE_MAX) {
+   if ((uintmax_t)stb1.st_size > SIZE_MAX) {
ret = 1;
goto out;
}
@@ -1089,7 +1090,7 @@ cvs_file_copy(const char *from, const ch
char *p;
int saved_errno;
 
-   if (st.st_size > SIZE_MAX) {
+   if ((uintmax_t)st.st_size > SIZE_MAX) {
ret = -1;
goto out;
}
@@ -1108,7 +1109,7 @@ cvs_file_copy(const char *from, const ch
 
madvise(p, st.st_size, MADV_SEQUENTIAL);
 
-   if (atomicio(vwrite, dst, p, st.st_size) != st.st_size) {
+   if (atomicio(vwrite, dst, p, st.st_size) != (size_t)st.st_size) 
{
  

Re: [patch] opencvs rcsnum_free()

[Frederic Cambus]

On Fri, Jun 24, 2016 at 11:22:06AM +0200, Joris Vink wrote:
> On Fri, Jun 24, 2016 at 01:58:20PM +0800, Michael W. Bombardieri wrote:

> > If people are interested in opencvs diffs again, sharing a 
> > rcsnum_free()->free()
> > clean-up item. Note that rcs(1) also has a version of rcsnum_free() which 
> > does more
> > than simply call free().
> 
> This is good. Eventually the rcs(1) rcsnum code should get the same
> simplification as opencvs got regarding how it deals with rn_id as well.

Looks good to me, with a caveat though: there is a missing include on
stdlib.h in getlog.c, which breaks compilation.

With the missing include this is OK fcambus@ if anyone wants to commit.

Re: bgpd draft-ietf-idr-large-community

[Peter Hessler]

On 2016 Oct 11 (Tue) at 00:00:53 +0200 (+0200), Peter Hessler wrote:
:Here is an initial implementation of draft-ietf-idr-large-community for
:OpenBGPD.  I can connect and exchange routes with these attributes
:against exabgp.
:
:Normal communities are two 16bit numbers.  With the addition of
:32bit ASNs, those will not work if you wish to control one of
:them.
:
:Large Communities are 32bit:32bit:32bit.  It seems the convention will be
:::, with  and  being locally
:defined.
:
:RFC status: currently accepted by the IDR-WG, is at version -02, the
:wire format is set, the attribute codepoint is assigned by IANA, and it
:seems that only trivial details need to be addressed.  Very likely to be
:accepted.
:
:This was based on a partial implementation from Job Snijders, many
:thanks!
:
:Comments?  OK?
:

Updated diff:
 - assert copyright for the non-trivial changes
 - since the magic ASN matching canaries use valid bits, seperate the
filter storage and a wire storage
 - clean up warnings
 - fix a few printing issues

OK?


Index: usr.sbin/bgpctl/bgpctl.8
===
RCS file: /cvs/openbsd/src/usr.sbin/bgpctl/bgpctl.8,v
retrieving revision 1.69
diff -u -p -u -p -r1.69 bgpctl.8
--- usr.sbin/bgpctl/bgpctl.825 May 2016 14:15:59 -  1.69
+++ usr.sbin/bgpctl/bgpctl.85 Sep 2016 13:41:29 -
@@ -300,6 +300,9 @@ anywhere in the AS path.
 .It Cm community Ar community
 Show all entries with community
 .Ar community .
+.It Cm large-community Ar large-community
+Show all entries with large-community
+.Ar large-community .
 .It Cm empty-as
 Show all entries that are internal routes with no AS's in the AS path.
 .It Cm memory
Index: usr.sbin/bgpctl/bgpctl.c
===
RCS file: /cvs/openbsd/src/usr.sbin/bgpctl/bgpctl.c,v
retrieving revision 1.188
diff -u -p -u -p -r1.188 bgpctl.c
--- usr.sbin/bgpctl/bgpctl.c3 Jun 2016 17:36:37 -   1.188
+++ usr.sbin/bgpctl/bgpctl.c13 Oct 2016 15:32:30 -
@@ -2,6 +2,8 @@
 
 /*
  * Copyright (c) 2003 Henning Brauer 
+ * Copyright (c) 2016 Job Snijders 
+ * Copyright (c) 2016 Peter Hessler 
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -82,6 +84,7 @@ void   show_rib_brief(struct ctl_show_ri
 voidshow_rib_detail(struct ctl_show_rib *, u_char *, int);
 voidshow_attr(void *, u_int16_t);
 voidshow_community(u_char *, u_int16_t);
+voidshow_large_community(u_char *, u_int16_t);
 voidshow_ext_community(u_char *, u_int16_t);
 char   *fmt_mem(int64_t);
 int show_rib_memory_msg(struct imsg *);
@@ -254,6 +257,13 @@ main(int argc, char *argv[])
sizeof(res->community));
type = IMSG_CTL_SHOW_RIB_COMMUNITY;
}
+   if (res->large_community.as != COMMUNITY_UNSET &&
+   res->large_community.ld1 != COMMUNITY_UNSET &&
+   res->large_community.ld2 != COMMUNITY_UNSET) {
+   memcpy(_community, >large_community,
+   sizeof(res->large_community));
+   type = IMSG_CTL_SHOW_RIB_LARGECOMMUNITY;
+   }
memcpy(, , sizeof(ribreq.neighbor));
strlcpy(ribreq.rib, res->rib, sizeof(ribreq.rib));
ribreq.aid = res->aid;
@@ -275,6 +285,11 @@ main(int argc, char *argv[])
res->community.type != COMMUNITY_UNSET)
memcpy(, >community,
sizeof(res->community));
+   if (res->large_community.as != COMMUNITY_UNSET &&
+   res->large_community.ld1 != COMMUNITY_UNSET &&
+   res->large_community.ld2 != COMMUNITY_UNSET)
+   memcpy(_community, >large_community,
+   sizeof(res->large_community));
memcpy(, , sizeof(ribreq.neighbor));
ribreq.aid = res->aid;
ribreq.flags = res->flags;
@@ -377,6 +392,11 @@ main(int argc, char *argv[])
res->community.type != COMMUNITY_UNSET)
memcpy(, >community,
sizeof(res->community));
+   if (res->large_community.as != COMMUNITY_UNSET &&
+   res->large_community.ld1 != COMMUNITY_UNSET &&
+   res->large_community.ld2 != COMMUNITY_UNSET)
+   memcpy(_community, >large_community,
+   sizeof(res->large_community));
memcpy(, , sizeof(ribreq.neighbor));
ribreq.aid = res->aid;
ribreq.flags = res->flags;
@@ -1424,6 +1444,11 @@ show_attr(void *b, u_int16_t len)

Re: signify(1): make comments optional

[Ivan Markin]

Ivan Markin:
> Yes, you're absolutely right about purpose of this comment.
> This patch doesn't stop signify(1) from embedding a comment string
> before signature. It just makes it possible to verify signatures even if
> there is no 'untrusted comment: ' string in them.

Sorry that it is not clear from the patch description. Actually it
doesn't break compatibility since it still produces signatures as before.

--
Ivan Markin

m_resethdr() in if_input_local()

[Alexander Bluhm]

Hi,

m_resethdr() exists to clear information attached to a mbuf that
has been accumulated during processing.  Especially pf(4) data is
removed.  This feature used by pair(4) when a new input is started.

patrick@ has seen a mbuf going though lo(4) with an old inp attached.
I think this should be fixed in a more general way.  When a packet
is reinserted to local input processing, start from scratch.

Also the packet has to be in the routing doamin of the interface
where it is insertet.  I think was the case anyway, as the callers
of if_input_local() do not change the interface.  But as m_resethdr()
clears the field, set the rtableid to the input interface.

ok?

bluhm

Index: net/if.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/net/if.c,v
retrieving revision 1.454
diff -u -p -r1.454 if.c
--- net/if.c9 Oct 2016 20:05:10 -   1.454
+++ net/if.c13 Oct 2016 12:29:30 -
@@ -665,7 +665,9 @@ if_input_local(struct ifnet *ifp, struct
bpf_mtap_af(if_bpf, af, m, BPF_DIRECTION_OUT);
}
 #endif
+   m_resethdr(m);
m->m_pkthdr.ph_ifidx = ifp->if_index;
+   m->m_pkthdr.ph_rtableid = ifp->if_rdomain;
 
ifp->if_opackets++;
ifp->if_obytes += m->m_pkthdr.len;

Re: signify(1): make comments optional

[Ivan Markin]

Hi Marc,

Marc Espie:
> It is slightly warped: it says "untrusted comment" because it's outside
> of the signed area and shouldn't be taken at face value, BUT if you have
> the right public key, AND manage to validate the signature with it, then
> it means that it *was* the right key, so in retrospect, you are assured that
> it was the right key.
> 
> So it says exactly what it means "hey, try that key, you can't be sure it's
> the right one, but in retrospect, if it works then you can be sure it WAS
> the right key".
> 
> Of course, it doesn't say so in so many words.  But it is a very accurate
> message.
>
> So it should stay, 100% of the time.

Yes, you're absolutely right about purpose of this comment.
This patch doesn't stop signify(1) from embedding a comment string
before signature. It just makes it possible to verify signatures even if
there is no 'untrusted comment: ' string in them.

--
Ivan Markin

Re: signify(1): make comments optional

[Marc Espie]

The comments are a necessary feature these days, actually.

It is slightly warped: it says "untrusted comment" because it's outside
of the signed area and shouldn't be taken at face value, BUT if you have
the right public key, AND manage to validate the signature with it, then
it means that it *was* the right key, so in retrospect, you are assured that
it was the right key.

So it says exactly what it means "hey, try that key, you can't be sure it's
the right one, but in retrospect, if it works then you can be sure it WAS
the right key".

Of course, it doesn't say so in so many words.  But it is a very accurate
message.

So it should stay, 100% of the time.

Re: remove locale from logname(1)

[Ingo Schwarze]

Hi,

Jan Stary wrote on Wed, Oct 12, 2016 at 10:36:12AM +0200:

> Why does logname(1) need to setlocale?

Because at some point in history, people thought doing as much work
as you can, even when it has no effect, brings you closer to
perfection (some may still labour in that vein).

Anyway, i just committed a cleanup diff based on earlier
work by tedu@ - a bit less intrusive than tedu@'s turd
polishing, a bit larger than this minimal diff.

Thanks for the reminder,
  Ingo


> Index: logname.c
> ===
> RCS file: /cvs/src/usr.bin/logname/logname.c,v
> retrieving revision 1.9
> diff -u -p -r1.9 logname.c
> --- logname.c 9 Oct 2015 01:37:08 -   1.9
> +++ logname.c 12 Oct 2016 08:35:11 -
> @@ -32,7 +32,6 @@
>  
>  #include 
>  #include 
> -#include 
>  #include 
>  #include 
>  
> @@ -43,8 +42,6 @@ main(int argc, char *argv[])
>  {
>   int ch;
>   char *p;
> -
> - setlocale(LC_ALL, "");
>  
>   if (pledge("stdio", NULL) == -1)
>   err(1, "pledge");

Re: systat(1) hostname

[Ted Unangst]

Otto Moerbeek wrote:
> On Thu, Oct 13, 2016 at 08:20:52AM +0200, Otto Moerbeek wrote:
> 
> > On Thu, Oct 13, 2016 at 08:01:22AM +0200, Otto Moerbeek wrote:
> > 
> > > On Thu, Oct 13, 2016 at 12:15:34AM -0400, Ted Unangst wrote:
> > > 
> > > > Theo de Raadt wrote:
> > > > > > On Wed, Oct 12, 2016 at 03:20:00PM +0200, Otto Moerbeek wrote:
> > > > > > > simple diff to show the hostname on the second line. OK?
> > > > > > 
> > > > > > OK bluhm@
> > > > > > 
> > > > > > > 
> > > > > > > BTW, batch mode doesn't function here as expected. Need to look 
> > > > > > > into that,
> > > > > 
> > > > > I hoped this would look more like top(1) so I did it a different way.
> > > > > This does not work quite right for long hostnames, but then.. neither
> > > > > does top.
> > > > 
> > > > this truncates hostname to always display time.
> > > 
> > > If the line grows (because of multiple pages and/or PAUSED mode), the
> > > line wraps now Also, we have hostname already available in a
> > > buffer. 
> > > 
> > >   -Otto
> > > 
> > 
> 
> And squeeze the users/Load info a bit.

that looks good

> 
>   -Otto
> 
> Index: main.c
> ===
> RCS file: /cvs/src/usr.bin/systat/main.c,v
> retrieving revision 1.65
> diff -u -p -r1.65 main.c
> --- main.c13 Oct 2016 05:46:20 -  1.65
> +++ main.c13 Oct 2016 09:05:40 -
> @@ -52,7 +52,7 @@
>  #include "engine.h"
>  #include "systat.h"
>  
> -#define TIMEPOS 55
> +#define TIMEPOS (80 - 8 - 20 - 1)
>  
>  double   dellave;
>  
> @@ -67,7 +67,6 @@ int ut, hz, stathz;
>  charhostname[HOST_NAME_MAX+1];
>  WINDOW  *wnd;
>  int  CMDLINE;
> -char hostbuf[26];
>  char timebuf[26];
>  char uloadbuf[TIMEPOS];
>  
> @@ -107,11 +106,9 @@ print_header(void)
>   getloadavg(avenrun, sizeof(avenrun) / sizeof(avenrun[0]));
>  
>   snprintf(uloadbuf, sizeof(uloadbuf),
> - "%5d usersLoad %.2f %.2f %.2f", 
> + "%4d users Load %.2f %.2f %.2f", 
>   ucount(), avenrun[0], avenrun[1], avenrun[2]);
>  
> - gethostname(hostbuf, sizeof hostbuf);
> -
>   time();
>   ctim = ctime();
>   ctim[11+8] = '\0';
> @@ -127,7 +124,8 @@ print_header(void)
>   "%s %s", uloadbuf,
>   paused ? "PAUSED" : "");
>   
> - snprintf(header, sizeof(header), "%-45s%25.25s %s", tmpbuf, hostbuf, 
> timebuf);
> + snprintf(header, sizeof(header), "%-*s %19.19s %s", TIMEPOS - 1,
> + tmpbuf, hostname, timebuf);
>  
>   if (rawmode)
>   printf("\n\n%s\n", header);
> 

Re: systat(1) hostname

[Otto Moerbeek]

On Thu, Oct 13, 2016 at 08:20:52AM +0200, Otto Moerbeek wrote:

> On Thu, Oct 13, 2016 at 08:01:22AM +0200, Otto Moerbeek wrote:
> 
> > On Thu, Oct 13, 2016 at 12:15:34AM -0400, Ted Unangst wrote:
> > 
> > > Theo de Raadt wrote:
> > > > > On Wed, Oct 12, 2016 at 03:20:00PM +0200, Otto Moerbeek wrote:
> > > > > > simple diff to show the hostname on the second line. OK?
> > > > > 
> > > > > OK bluhm@
> > > > > 
> > > > > > 
> > > > > > BTW, batch mode doesn't function here as expected. Need to look 
> > > > > > into that,
> > > > 
> > > > I hoped this would look more like top(1) so I did it a different way.
> > > > This does not work quite right for long hostnames, but then.. neither
> > > > does top.
> > > 
> > > this truncates hostname to always display time.
> > 
> > If the line grows (because of multiple pages and/or PAUSED mode), the
> > line wraps now Also, we have hostname already available in a
> > buffer. 
> > 
> > -Otto
> > 
> 

And squeeze the users/Load info a bit.

-Otto

Index: main.c
===
RCS file: /cvs/src/usr.bin/systat/main.c,v
retrieving revision 1.65
diff -u -p -r1.65 main.c
--- main.c  13 Oct 2016 05:46:20 -  1.65
+++ main.c  13 Oct 2016 09:05:40 -
@@ -52,7 +52,7 @@
 #include "engine.h"
 #include "systat.h"
 
-#define TIMEPOS 55
+#define TIMEPOS (80 - 8 - 20 - 1)
 
 double dellave;
 
@@ -67,7 +67,6 @@ int   ut, hz, stathz;
 charhostname[HOST_NAME_MAX+1];
 WINDOW  *wnd;
 intCMDLINE;
-char   hostbuf[26];
 char   timebuf[26];
 char   uloadbuf[TIMEPOS];
 
@@ -107,11 +106,9 @@ print_header(void)
getloadavg(avenrun, sizeof(avenrun) / sizeof(avenrun[0]));
 
snprintf(uloadbuf, sizeof(uloadbuf),
-   "%5d usersLoad %.2f %.2f %.2f", 
+   "%4d users Load %.2f %.2f %.2f", 
ucount(), avenrun[0], avenrun[1], avenrun[2]);
 
-   gethostname(hostbuf, sizeof hostbuf);
-
time();
ctim = ctime();
ctim[11+8] = '\0';
@@ -127,7 +124,8 @@ print_header(void)
"%s %s", uloadbuf,
paused ? "PAUSED" : "");

-   snprintf(header, sizeof(header), "%-45s%25.25s %s", tmpbuf, hostbuf, 
timebuf);
+   snprintf(header, sizeof(header), "%-*s %19.19s %s", TIMEPOS - 1,
+   tmpbuf, hostname, timebuf);
 
if (rawmode)
printf("\n\n%s\n", header);

Re: acpiec on acer aspire S7 with CURRENT

[Paul Irofti]

> The diff you sent simply ignores the issue which obviously can not be
> used in the tree.

The following diff starts working in the right direction, but there is
probably more to do in order to support machines like yours.

It would be interesting to see if that printf gets triggered though, so
please test and let me know. Also, send that acpidump.


Index: acpiec.c
===
RCS file: /cvs/src/sys/dev/acpi/acpiec.c,v
retrieving revision 1.54
diff -u -p -u -p -r1.54 acpiec.c
--- acpiec.c23 Aug 2016 18:26:21 -  1.54
+++ acpiec.c13 Oct 2016 08:16:52 -
@@ -410,8 +410,8 @@ int
 acpiec_getcrs(struct acpiec_softc *sc, struct acpi_attach_args *aa)
 {
struct aml_valueres;
-   bus_size_t  ec_sc, ec_data;
-   int dtype, ctype;
+   bus_size_t  ec_sc, ec_data, ec_gpio;
+   int dtype, ctype, iotype;
char*buf;
int size, ret;
int64_t gpe;
@@ -480,6 +480,20 @@ acpiec_getcrs(struct acpiec_softc *sc, s
 
buf += ret;
size -= ret;
+
+   if (sc->sc_acpi->sc_hw_reduced) {
+   ret = acpiec_getregister(buf, size, , _gpio);
+   if (ret <= 0) {
+   dnprintf(10, "%s: failed to read GPIO from _CRS\n",
+   DEVNAME(sc));
+   aml_freevalue();
+   return (1);
+   }
+   printf("%s: found GPIO port\n", DEVNAME(sc));
+
+   buf += ret;
+   size -= ret;
+   }
 
if (size != 2 || *buf != RES_TYPE_ENDTAG) {
dnprintf(10, "%s: no _CRS end tag\n", DEVNAME(sc));

Re: acpiec on acer aspire S7 with CURRENT

[Paul Irofti]

On Mon, Oct 10, 2016 at 03:04:33PM -0700, Ilya Kaliman wrote:
> Hi tech,
> 
> while trying the latest snapshot I've noticed that the following
> warning is printed to a console several times a second (this does not
> happen in 6.0):
> 
> acpi0: WARNING EC not initialized
> 
> The investigation shows that the acpiec initialization fails in
> acpiec.c line 484:
> 
> if (size != 2 || *buf != RES_TYPE_ENDTAG)
> 
> On my system at this point the size value is 22 and the *buf is 0x47
> (RES_TYPE_IOPORT).
> 
> I am not sure what the proper fix is, but removing the whole _CRS
> ENDTAG check solves the problem (see attached patch).
> 
> Thanks,
> Ilya

Hi,

I think you are running on a hardware reduced ACPI machine, but I can
not tell for sure without a proper bug report (i.e. at least acpidump).

The diff you sent simply ignores the issue which obviously can not be
used in the tree.

Paul

> 
> ===
> RCS file: /cvs/src/sys/dev/acpi/acpiec.c,v
> retrieving revision 1.54
> diff -u -p -r1.54 acpiec.c
> --- acpiec.c23 Aug 2016 18:26:21 -  1.54
> +++ acpiec.c10 Oct 2016 21:55:59 -
> @@ -477,15 +477,6 @@ acpiec_getcrs(struct acpiec_softc *sc, s
> aml_freevalue();
> return (1);
> }
> -
> -   buf += ret;
> -   size -= ret;
> -
> -   if (size != 2 || *buf != RES_TYPE_ENDTAG) {
> -   dnprintf(10, "%s: no _CRS end tag\n", DEVNAME(sc));
> -   aml_freevalue();
> -   return (1);
> -   }
> aml_freevalue();

Re: ddb: implement x /m

[Paul Irofti]

> Do we want this?  I don't know what else people use to look at,
> say, network packets in memory:

I like this and the diff is OK by me.

> 
> ddb{3}> show mbuf $rax
> mbuf 0xff00dfa9d200
> m_type: 1   m_flags: 2
> m_next: 0xff00dfa9df00  m_nextpkt: 0x0
> m_data: 0xff00dfa9d2b0  m_len: 64
> m_dat: 0xff00dfa9d220   m_pktdat: 0xff00dfa9d268
> m_ptkhdr.ph_ifidx: 0m_pkthdr.len: 136
> m_ptkhdr.ph_tags: 0x0   m_pkthdr.ph_tagsset: 0
> m_pkthdr.ph_flowid: 0   m_pkthdr.ph_loopcnt: 0
> m_pkthdr.csum_flags: 0
> m_pkthdr.ether_vtag: 0  m_ptkhdr.ph_rtableid: 0
> m_pkthdr.pf.statekey: 0x0   m_pkthdr.pf.inp 0x0
> m_pkthdr.pf.qid: 0  m_pkthdr.pf.tag: 0
> m_pkthdr.pf.flags: 80
> m_pkthdr.pf.routed: 0   m_pkthdr.pf.prio: 3
> ddb{3}> x /bm 0xff00dfa9d2b0,0t64
> 0xff00dfa9d2b0: 6000 00482940 200106f8 124a  `H)@ J..
> 0xff00dfa9d2c0:  0002 200106f8 124a   J..
> 0xff00dfa9d2d0:  0004 6000 00203a40  ` :@
> 0xff00dfa9d2e0: 200106f8 124a  0002   J..
> ddb{3}> 
> 
> Index: db_examine.c
> ===
> RCS file: /cvs/src/sys/ddb/db_examine.c,v
> retrieving revision 1.22
> diff -u -p -r1.22 db_examine.c
> --- db_examine.c  7 Jun 2016 01:31:54 -   1.22
> +++ db_examine.c  10 Oct 2016 17:39:17 -
> @@ -72,10 +72,11 @@ db_examine_cmd(db_expr_t addr, int have_
>  void
>  db_examine(db_addr_t addr, char *fmt, int count)
>  {
> - int c;
> + int i, c;
>   db_expr_t   value;
>   int size;
>   int width;
> + int bytes;
>   char *  fp;
>   db_addr_t   incr;
>   int dis;
> @@ -130,6 +131,42 @@ db_examine(db_addr_t addr, char *fmt, in
>   case 'x':   /* unsigned hex */
>   value = db_get_value(addr, size, FALSE);
>   db_printf("%-*lx", width, (long)value);
> + break;
> + case 'm':   /* hex dump */
> + /*
> +  * Print off in chunks of size. Try to print 16
> +  * bytes at a time into 4 columns. This
> +  * loops modify's count extra times in order
> +  * to get the nicely formatted lines.
> +  */
> + incr = 0;
> + bytes = 0;
> + do {
> + for (i = 0; i < size; i++) {
> + value =
> + db_get_value(addr+bytes, 1,
> + FALSE);
> + db_printf("%02lx",
> + (long)value);
> + bytes++;
> + if (!(bytes % 4))
> + db_printf(" ");
> + }
> + } while ((bytes != 16) && count--);
> + /* True up the columns before continuing */
> + db_printf("%-*s",
> + (16-bytes)*2 + (4 - bytes/4) + 1, " ");
> + /* Print chars, use . for non-printables */
> + while (bytes--) {
> + value = db_get_value(addr + incr, 1,
> + FALSE);
> + incr++;
> + if (value >= ' ' && value <= '~')
> + db_printf("%c", (int)value);
> + else
> + db_printf(".");
> + }
> + db_printf("\n");
>   break;
>   case 'z':   /* signed hex */
>   value = db_get_value(addr, size, TRUE);
> -- 
> Christian "naddy" Weisgerber  na...@mips.inka.de

Re: systat(1) hostname

[Otto Moerbeek]

On Thu, Oct 13, 2016 at 12:15:34AM -0400, Ted Unangst wrote:

> Theo de Raadt wrote:
> > > On Wed, Oct 12, 2016 at 03:20:00PM +0200, Otto Moerbeek wrote:
> > > > simple diff to show the hostname on the second line. OK?
> > > 
> > > OK bluhm@
> > > 
> > > > 
> > > > BTW, batch mode doesn't function here as expected. Need to look into 
> > > > that,
> > 
> > I hoped this would look more like top(1) so I did it a different way.
> > This does not work quite right for long hostnames, but then.. neither
> > does top.
> 
> this truncates hostname to always display time.

If the line grows (because of multiple pages and/or PAUSED mode), the
line wraps now Also, we have hostname already available in a
buffer. 

-Otto

Index: main.c
===
RCS file: /cvs/src/usr.bin/systat/main.c,v
retrieving revision 1.64
diff -u -p -r1.64 main.c
--- main.c  2 Jan 2016 15:02:05 -   1.64
+++ main.c  13 Oct 2016 05:59:32 -
@@ -101,6 +101,8 @@ print_header(void)
tb_start();
 
if (!paused) {
+   char *ctim;
+
getloadavg(avenrun, sizeof(avenrun) / sizeof(avenrun[0]));
 
snprintf(uloadbuf, sizeof(uloadbuf),
@@ -108,7 +110,9 @@ print_header(void)
ucount(), avenrun[0], avenrun[1], avenrun[2]);
 
time();
-   strlcpy(timebuf, ctime(), sizeof(timebuf));
+   ctim = ctime();
+   ctim[11+8] = '\0';
+   strlcpy(timebuf, ctim + 11, sizeof(timebuf));
}
 
if (num_disp && (start > 1 || end != num_disp))
@@ -120,7 +124,8 @@ print_header(void)
"%s %s", uloadbuf,
paused ? "PAUSED" : "");

-   snprintf(header, sizeof(header), "%-55s%s", tmpbuf, timebuf);
+   snprintf(header, sizeof(header), "%-44s %.15s %s", tmpbuf, hostname,
+   timebuf);
 
if (rawmode)
printf("\n\n%s\n", header);