Re: NMI handler
On Fri, Mar 03, 2017 at 01:11:21PM -0700, Theo de Raadt wrote:
> Completely agree.
>
+1 , although I don't think we should be dropping to ddb. But that's a
different discussion.
> > Whan an amd64 machine gets an NMI, the current process in user land
> > is signalled with SIGBUS. That does not make sense, the machine
> > should drop to ddb regardless wether a user process is currently
> > scheduled or not. NMI signals hardware failure or a debugging
> > button.
> >
> > The code in i386 has always been that way.
> >
> > Then the switch in db_ktrap() should also not depend on the fact
> > wether kernel or user land was runing.
> >
> > ok?
> >
> > bluhm
> >
> > Index: arch/amd64/amd64/db_interface.c
> > ===
> > RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/db_interface.c,v
> > retrieving revision 1.25
> > diff -u -p -r1.25 db_interface.c
> > --- arch/amd64/amd64/db_interface.c 14 Mar 2016 23:08:05 - 1.25
> > +++ arch/amd64/amd64/db_interface.c 3 Mar 2017 19:37:40 -
> > @@ -118,6 +118,7 @@ db_ktrap(int type, int code, db_regs_t *
> > case T_BPTFLT: /* breakpoint */
> > case T_TRCTRAP: /* single_step */
> > case T_NMI: /* NMI */
> > + case T_NMI|T_USER:
> > case -1:/* keyboard interrupt */
> > break;
> > default:
> > Index: arch/amd64/amd64/trap.c
> > ===
> > RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/trap.c,v
> > retrieving revision 1.52
> > diff -u -p -r1.52 trap.c
> > --- arch/amd64/amd64/trap.c 21 Jan 2017 05:42:03 - 1.52
> > +++ arch/amd64/amd64/trap.c 3 Mar 2017 19:37:40 -
> > @@ -242,7 +242,6 @@ copyfault:
> > case T_TSSFLT|T_USER:
> > case T_SEGNPFLT|T_USER:
> > case T_STKFLT|T_USER:
> > - case T_NMI|T_USER:
> > #ifdef TRAP_SIGDEBUG
> > printf("pid %d (%s): %s at rip %llx addr %llx\n",
> > p->p_p->ps_pid, p->p_p->ps_comm, "BUS",
> > @@ -425,8 +424,9 @@ faultcommon:
> > KERNEL_UNLOCK();
> > break;
> >
> > -#ifNISA > 0
> > +#if NISA > 0
> > case T_NMI:
> > + case T_NMI|T_USER:
> > #if defined(KGDB) || defined(DDB)
> > /* NMI can be hooked up to a pushbutton for debugging */
> > printf ("NMI ... going to debugger\n");
> > Index: arch/i386/i386/db_interface.c
> > ===
> > RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/db_interface.c,v
> > retrieving revision 1.33
> > diff -u -p -r1.33 db_interface.c
> > --- arch/i386/i386/db_interface.c 14 Mar 2016 23:08:05 - 1.33
> > +++ arch/i386/i386/db_interface.c 3 Mar 2017 19:37:40 -
> > @@ -113,6 +113,7 @@ db_ktrap(int type, int code, db_regs_t *
> > case T_BPTFLT: /* breakpoint */
> > case T_TRCTRAP: /* single_step */
> > case T_NMI: /* NMI */
> > + case T_NMI|T_USER:
> > case -1:/* keyboard interrupt */
> > break;
> > default:
> > Index: arch/i386/i386/trap.c
> > ===
> > RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/trap.c,v
> > retrieving revision 1.126
> > diff -u -p -r1.126 trap.c
> > --- arch/i386/i386/trap.c 8 Oct 2016 05:49:08 - 1.126
> > +++ arch/i386/i386/trap.c 3 Mar 2017 19:37:40 -
> > @@ -483,7 +483,7 @@ trap(struct trapframe *frame)
> > KERNEL_UNLOCK();
> > break;
> >
> > -#ifNISA > 0
> > +#if NISA > 0
> > case T_NMI:
> > case T_NMI|T_USER:
> > #if defined(DDB) || defined(KGDB)
> >
>
Re: NMI handler
Completely agree.
> Whan an amd64 machine gets an NMI, the current process in user land
> is signalled with SIGBUS. That does not make sense, the machine
> should drop to ddb regardless wether a user process is currently
> scheduled or not. NMI signals hardware failure or a debugging
> button.
>
> The code in i386 has always been that way.
>
> Then the switch in db_ktrap() should also not depend on the fact
> wether kernel or user land was runing.
>
> ok?
>
> bluhm
>
> Index: arch/amd64/amd64/db_interface.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/db_interface.c,v
> retrieving revision 1.25
> diff -u -p -r1.25 db_interface.c
> --- arch/amd64/amd64/db_interface.c 14 Mar 2016 23:08:05 - 1.25
> +++ arch/amd64/amd64/db_interface.c 3 Mar 2017 19:37:40 -
> @@ -118,6 +118,7 @@ db_ktrap(int type, int code, db_regs_t *
> case T_BPTFLT: /* breakpoint */
> case T_TRCTRAP: /* single_step */
> case T_NMI: /* NMI */
> + case T_NMI|T_USER:
> case -1:/* keyboard interrupt */
> break;
> default:
> Index: arch/amd64/amd64/trap.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/trap.c,v
> retrieving revision 1.52
> diff -u -p -r1.52 trap.c
> --- arch/amd64/amd64/trap.c 21 Jan 2017 05:42:03 - 1.52
> +++ arch/amd64/amd64/trap.c 3 Mar 2017 19:37:40 -
> @@ -242,7 +242,6 @@ copyfault:
> case T_TSSFLT|T_USER:
> case T_SEGNPFLT|T_USER:
> case T_STKFLT|T_USER:
> - case T_NMI|T_USER:
> #ifdef TRAP_SIGDEBUG
> printf("pid %d (%s): %s at rip %llx addr %llx\n",
> p->p_p->ps_pid, p->p_p->ps_comm, "BUS",
> @@ -425,8 +424,9 @@ faultcommon:
> KERNEL_UNLOCK();
> break;
>
> -#if NISA > 0
> +#if NISA > 0
> case T_NMI:
> + case T_NMI|T_USER:
> #if defined(KGDB) || defined(DDB)
> /* NMI can be hooked up to a pushbutton for debugging */
> printf ("NMI ... going to debugger\n");
> Index: arch/i386/i386/db_interface.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/db_interface.c,v
> retrieving revision 1.33
> diff -u -p -r1.33 db_interface.c
> --- arch/i386/i386/db_interface.c 14 Mar 2016 23:08:05 - 1.33
> +++ arch/i386/i386/db_interface.c 3 Mar 2017 19:37:40 -
> @@ -113,6 +113,7 @@ db_ktrap(int type, int code, db_regs_t *
> case T_BPTFLT: /* breakpoint */
> case T_TRCTRAP: /* single_step */
> case T_NMI: /* NMI */
> + case T_NMI|T_USER:
> case -1:/* keyboard interrupt */
> break;
> default:
> Index: arch/i386/i386/trap.c
> ===
> RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/trap.c,v
> retrieving revision 1.126
> diff -u -p -r1.126 trap.c
> --- arch/i386/i386/trap.c 8 Oct 2016 05:49:08 - 1.126
> +++ arch/i386/i386/trap.c 3 Mar 2017 19:37:40 -
> @@ -483,7 +483,7 @@ trap(struct trapframe *frame)
> KERNEL_UNLOCK();
> break;
>
> -#if NISA > 0
> +#if NISA > 0
> case T_NMI:
> case T_NMI|T_USER:
> #if defined(DDB) || defined(KGDB)
>
NMI handler
Hi,
Whan an amd64 machine gets an NMI, the current process in user land
is signalled with SIGBUS. That does not make sense, the machine
should drop to ddb regardless wether a user process is currently
scheduled or not. NMI signals hardware failure or a debugging
button.
The code in i386 has always been that way.
Then the switch in db_ktrap() should also not depend on the fact
wether kernel or user land was runing.
ok?
bluhm
Index: arch/amd64/amd64/db_interface.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/db_interface.c,v
retrieving revision 1.25
diff -u -p -r1.25 db_interface.c
--- arch/amd64/amd64/db_interface.c 14 Mar 2016 23:08:05 - 1.25
+++ arch/amd64/amd64/db_interface.c 3 Mar 2017 19:37:40 -
@@ -118,6 +118,7 @@ db_ktrap(int type, int code, db_regs_t *
case T_BPTFLT: /* breakpoint */
case T_TRCTRAP: /* single_step */
case T_NMI: /* NMI */
+ case T_NMI|T_USER:
case -1:/* keyboard interrupt */
break;
default:
Index: arch/amd64/amd64/trap.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/amd64/amd64/trap.c,v
retrieving revision 1.52
diff -u -p -r1.52 trap.c
--- arch/amd64/amd64/trap.c 21 Jan 2017 05:42:03 - 1.52
+++ arch/amd64/amd64/trap.c 3 Mar 2017 19:37:40 -
@@ -242,7 +242,6 @@ copyfault:
case T_TSSFLT|T_USER:
case T_SEGNPFLT|T_USER:
case T_STKFLT|T_USER:
- case T_NMI|T_USER:
#ifdef TRAP_SIGDEBUG
printf("pid %d (%s): %s at rip %llx addr %llx\n",
p->p_p->ps_pid, p->p_p->ps_comm, "BUS",
@@ -425,8 +424,9 @@ faultcommon:
KERNEL_UNLOCK();
break;
-#ifNISA > 0
+#if NISA > 0
case T_NMI:
+ case T_NMI|T_USER:
#if defined(KGDB) || defined(DDB)
/* NMI can be hooked up to a pushbutton for debugging */
printf ("NMI ... going to debugger\n");
Index: arch/i386/i386/db_interface.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/db_interface.c,v
retrieving revision 1.33
diff -u -p -r1.33 db_interface.c
--- arch/i386/i386/db_interface.c 14 Mar 2016 23:08:05 - 1.33
+++ arch/i386/i386/db_interface.c 3 Mar 2017 19:37:40 -
@@ -113,6 +113,7 @@ db_ktrap(int type, int code, db_regs_t *
case T_BPTFLT: /* breakpoint */
case T_TRCTRAP: /* single_step */
case T_NMI: /* NMI */
+ case T_NMI|T_USER:
case -1:/* keyboard interrupt */
break;
default:
Index: arch/i386/i386/trap.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/arch/i386/i386/trap.c,v
retrieving revision 1.126
diff -u -p -r1.126 trap.c
--- arch/i386/i386/trap.c 8 Oct 2016 05:49:08 - 1.126
+++ arch/i386/i386/trap.c 3 Mar 2017 19:37:40 -
@@ -483,7 +483,7 @@ trap(struct trapframe *frame)
KERNEL_UNLOCK();
break;
-#ifNISA > 0
+#if NISA > 0
case T_NMI:
case T_NMI|T_USER:
#if defined(DDB) || defined(KGDB)
-current relayd TLS interception and SNI?
Hi folks,
It *appears* that relayd doesn't speak SNI when used as a transparent
intercepting proxy ala
http://www.reykfloeter.com/post/41814177050/relayd-ssl-interception
What did & what I saw:
Set up the proxy as per Reyk's article. Configs below. Running today's
amd64 snapshot on vmware.
# uname -a
OpenBSD r2.mwlucas.org 6.0 GENERIC#204 amd64
Call up wapo.st from a client with my private CA installed. There's a
cert error. The site identifies itself as bit.ly. https://bit.ly works
fine.
Hit my blog, https://blather.michaelwlucas.com. Works fine.
Call up any of my other TLS sites on that IP: https://mwl.io,
https://michaelwlucas.com, https://michaelwarrenlucas.com,
https://tiltedwindmillpress.com. All get identified as blather.
System setup:
# openssl req -x509 -days 365 -newkey rsa:2048 -keyout /etc/ssl/private/ca.key
-out /etc/ssl/ca.crt
# openssl req -nodes -x509 -days 365 -newkey rsa:2048 -keyout
/etc/ssl/private/127.0.0.1:8443.key -out /etc/ssl/127.0.0.1:8443.crt
relayd.conf:
--
log all
http protocol "intercept" {
tls ca cert "/etc/ssl/ca.crt"
tls ca key "/etc/ssl/private/ca.key" password "komodia"
pass url log
}
http protocol "wtf" {
return error
}
relay "tlsintercept" {
listen on 127.0.0.1 port 8443 tls
protocol intercept
forward with tls to destination
}
relay "proxy" {
listen on 127.0.0.1 port 8080
protocol wtf
forward to destination
}
--
Am I screwing up here? Or is it a real bug?
Thanks,
==ml
--
Michael W. LucasTwitter @mwlauthor
nonfiction: https://www.michaelwlucas.com/
fiction: https://www.michaelwarrenlucas.com/
blog: http://blather.michaelwlucas.com/
Re: pr_output variable arguments
Much easier to read as well. OK
On Fri, Mar 03, 2017 at 03:49:08PM +0100, Alexander Bluhm wrote:
> Hi,
>
> I prefer compiler checks over variable argument lists.
> So lets convert the pr_output functions.
>
> ok?
>
> bluhm
>
> Index: net/pfkey.c
> ===
> RCS file: /cvs/src/sys/net/pfkey.c,v
> retrieving revision 1.38
> diff -u -p -r1.38 pfkey.c
> --- net/pfkey.c 2 Mar 2017 08:58:24 - 1.38
> +++ net/pfkey.c 3 Mar 2017 14:45:48 -
> @@ -90,10 +90,10 @@ static struct pfkey_version *pfkey_versi
>
> struct sockaddr pfkey_addr = { 2, PF_KEY, };
>
> -/* static struct domain pfkeydomain; */
> -static int pfkey_usrreq(struct socket *socket, int req, struct mbuf *mbuf,
> -struct mbuf *nam, struct mbuf *control, struct proc *);
> -static int pfkey_output(struct mbuf *mbuf, struct socket *socket);
> +int pfkey_usrreq(struct socket *, int , struct mbuf *, struct mbuf *,
> +struct mbuf *, struct proc *);
> +int pfkey_output(struct mbuf *, struct socket *, struct sockaddr *,
> +struct mbuf *);
>
> void pfkey_init(void);
> int pfkey_buildprotosw(void);
> @@ -154,8 +154,9 @@ pfkey_sendup(struct socket *socket, stru
> return (0);
> }
>
> -static int
> -pfkey_output(struct mbuf *mbuf, struct socket *socket)
> +int
> +pfkey_output(struct mbuf *mbuf, struct socket *socket, struct sockaddr
> *dstaddr,
> +struct mbuf *control)
> {
> void *message;
> int error = 0;
> @@ -230,7 +231,7 @@ pfkey_detach(struct socket *socket, stru
> return (rval);
> }
>
> -static int
> +int
> pfkey_usrreq(struct socket *socket, int req, struct mbuf *mbuf,
> struct mbuf *nam, struct mbuf *control, struct proc *p)
> {
> @@ -266,7 +267,7 @@ static struct protosw pfkey_protosw_temp
>.pr_domain = ,
>.pr_protocol = -1,
>.pr_flags = PR_ATOMIC | PR_ADDR,
> - .pr_output = (void *) pfkey_output,
> + .pr_output = pfkey_output,
>.pr_usrreq = pfkey_usrreq
> };
>
> Index: net/raw_usrreq.c
> ===
> RCS file: /cvs/src/sys/net/raw_usrreq.c,v
> retrieving revision 1.28
> diff -u -p -r1.28 raw_usrreq.c
> --- net/raw_usrreq.c 23 Jan 2017 16:31:24 - 1.28
> +++ net/raw_usrreq.c 3 Mar 2017 14:45:48 -
> @@ -139,7 +139,7 @@ raw_usrreq(struct socket *so, int req, s
> error = ENOTCONN;
> break;
> }
> - error = (*so->so_proto->pr_output)(m, so);
> + error = (*so->so_proto->pr_output)(m, so, NULL, NULL);
> m = NULL;
> if (nam)
> rp->rcb_faddr = 0;
> Index: net/route.h
> ===
> RCS file: /cvs/src/sys/net/route.h,v
> retrieving revision 1.157
> diff -u -p -r1.157 route.h
> --- net/route.h 2 Mar 2017 17:09:21 - 1.157
> +++ net/route.h 3 Mar 2017 14:45:49 -
> @@ -417,7 +417,8 @@ struct sockaddr_in6;
> struct bfd_config;
>
> void route_init(void);
> -int route_output(struct mbuf *, ...);
> +int route_output(struct mbuf *, struct socket *, struct sockaddr *,
> + struct mbuf *);
> int route_usrreq(struct socket *, int, struct mbuf *,
> struct mbuf *, struct mbuf *, struct proc *);
> void rt_ifmsg(struct ifnet *);
> Index: net/rtsock.c
> ===
> RCS file: /cvs/src/sys/net/rtsock.c,v
> retrieving revision 1.227
> diff -u -p -r1.227 rtsock.c
> --- net/rtsock.c 3 Mar 2017 14:22:40 - 1.227
> +++ net/rtsock.c 3 Mar 2017 14:45:49 -
> @@ -528,7 +528,8 @@ rt_report(struct rtentry *rt, u_char typ
> }
>
> int
> -route_output(struct mbuf *m, ...)
> +route_output(struct mbuf *m, struct socket *so, struct sockaddr *dstaddr,
> +struct mbuf *control)
> {
> struct rt_msghdr*rtm = NULL;
> struct rtentry *rt = NULL;
> @@ -536,19 +537,13 @@ route_output(struct mbuf *m, ...)
> int plen, len, seq, newgate = 0, error = 0;
> struct ifnet*ifp = NULL;
> struct ifaddr *ifa = NULL;
> - struct socket *so;
> struct rawcb*rp = NULL;
> #ifdef MPLS
> struct sockaddr_mpls*psa_mpls;
> #endif
> - va_list ap;
> u_inttableid;
> u_int8_t prio;
> u_char vers, type;
> -
> - va_start(ap, m);
> - so = va_arg(ap, struct socket *);
> - va_end(ap);
>
> if (m == NULL || ((m->m_len < sizeof(int32_t)) &&
> (m = m_pullup(m, sizeof(int32_t))) == 0))
> Index: netinet/ip_var.h
> ===
> RCS file: /cvs/src/sys/netinet/ip_var.h,v
> retrieving revision 1.68
> diff -u -p -r1.68 ip_var.h
> --- netinet/ip_var.h 1
Re: pr_output variable arguments
On Fri, Mar 03, 2017 at 03:49:08PM +0100, Alexander Bluhm wrote:
> Hi,
>
> I prefer compiler checks over variable argument lists.
> So lets convert the pr_output functions.
>
> ok?
Please yes. OK claudio
> bluhm
>
> Index: net/pfkey.c
> ===
> RCS file: /cvs/src/sys/net/pfkey.c,v
> retrieving revision 1.38
> diff -u -p -r1.38 pfkey.c
> --- net/pfkey.c 2 Mar 2017 08:58:24 - 1.38
> +++ net/pfkey.c 3 Mar 2017 14:45:48 -
> @@ -90,10 +90,10 @@ static struct pfkey_version *pfkey_versi
>
> struct sockaddr pfkey_addr = { 2, PF_KEY, };
>
> -/* static struct domain pfkeydomain; */
> -static int pfkey_usrreq(struct socket *socket, int req, struct mbuf *mbuf,
> -struct mbuf *nam, struct mbuf *control, struct proc *);
> -static int pfkey_output(struct mbuf *mbuf, struct socket *socket);
> +int pfkey_usrreq(struct socket *, int , struct mbuf *, struct mbuf *,
> +struct mbuf *, struct proc *);
> +int pfkey_output(struct mbuf *, struct socket *, struct sockaddr *,
> +struct mbuf *);
>
> void pfkey_init(void);
> int pfkey_buildprotosw(void);
> @@ -154,8 +154,9 @@ pfkey_sendup(struct socket *socket, stru
> return (0);
> }
>
> -static int
> -pfkey_output(struct mbuf *mbuf, struct socket *socket)
> +int
> +pfkey_output(struct mbuf *mbuf, struct socket *socket, struct sockaddr
> *dstaddr,
> +struct mbuf *control)
> {
> void *message;
> int error = 0;
> @@ -230,7 +231,7 @@ pfkey_detach(struct socket *socket, stru
> return (rval);
> }
>
> -static int
> +int
> pfkey_usrreq(struct socket *socket, int req, struct mbuf *mbuf,
> struct mbuf *nam, struct mbuf *control, struct proc *p)
> {
> @@ -266,7 +267,7 @@ static struct protosw pfkey_protosw_temp
>.pr_domain = ,
>.pr_protocol = -1,
>.pr_flags = PR_ATOMIC | PR_ADDR,
> - .pr_output = (void *) pfkey_output,
> + .pr_output = pfkey_output,
>.pr_usrreq = pfkey_usrreq
> };
>
> Index: net/raw_usrreq.c
> ===
> RCS file: /cvs/src/sys/net/raw_usrreq.c,v
> retrieving revision 1.28
> diff -u -p -r1.28 raw_usrreq.c
> --- net/raw_usrreq.c 23 Jan 2017 16:31:24 - 1.28
> +++ net/raw_usrreq.c 3 Mar 2017 14:45:48 -
> @@ -139,7 +139,7 @@ raw_usrreq(struct socket *so, int req, s
> error = ENOTCONN;
> break;
> }
> - error = (*so->so_proto->pr_output)(m, so);
> + error = (*so->so_proto->pr_output)(m, so, NULL, NULL);
> m = NULL;
> if (nam)
> rp->rcb_faddr = 0;
> Index: net/route.h
> ===
> RCS file: /cvs/src/sys/net/route.h,v
> retrieving revision 1.157
> diff -u -p -r1.157 route.h
> --- net/route.h 2 Mar 2017 17:09:21 - 1.157
> +++ net/route.h 3 Mar 2017 14:45:49 -
> @@ -417,7 +417,8 @@ struct sockaddr_in6;
> struct bfd_config;
>
> void route_init(void);
> -int route_output(struct mbuf *, ...);
> +int route_output(struct mbuf *, struct socket *, struct sockaddr *,
> + struct mbuf *);
> int route_usrreq(struct socket *, int, struct mbuf *,
> struct mbuf *, struct mbuf *, struct proc *);
> void rt_ifmsg(struct ifnet *);
> Index: net/rtsock.c
> ===
> RCS file: /cvs/src/sys/net/rtsock.c,v
> retrieving revision 1.227
> diff -u -p -r1.227 rtsock.c
> --- net/rtsock.c 3 Mar 2017 14:22:40 - 1.227
> +++ net/rtsock.c 3 Mar 2017 14:45:49 -
> @@ -528,7 +528,8 @@ rt_report(struct rtentry *rt, u_char typ
> }
>
> int
> -route_output(struct mbuf *m, ...)
> +route_output(struct mbuf *m, struct socket *so, struct sockaddr *dstaddr,
> +struct mbuf *control)
> {
> struct rt_msghdr*rtm = NULL;
> struct rtentry *rt = NULL;
> @@ -536,19 +537,13 @@ route_output(struct mbuf *m, ...)
> int plen, len, seq, newgate = 0, error = 0;
> struct ifnet*ifp = NULL;
> struct ifaddr *ifa = NULL;
> - struct socket *so;
> struct rawcb*rp = NULL;
> #ifdef MPLS
> struct sockaddr_mpls*psa_mpls;
> #endif
> - va_list ap;
> u_inttableid;
> u_int8_t prio;
> u_char vers, type;
> -
> - va_start(ap, m);
> - so = va_arg(ap, struct socket *);
> - va_end(ap);
>
> if (m == NULL || ((m->m_len < sizeof(int32_t)) &&
> (m = m_pullup(m, sizeof(int32_t))) == 0))
> Index: netinet/ip_var.h
> ===
> RCS file: /cvs/src/sys/netinet/ip_var.h,v
> retrieving revision 1.68
> diff -u -p -r1.68 ip_var.h
> --- netinet/ip_var.h 1 Feb 2017
Re: arm cpu.h rev 1.44 broken
Fixed, thanks
>>> Markus Hennecke 3-Mar-17 14:29 >>>
>
> There is a comma missing in rev 1.44:
>
> Index: cpu.h
> ===
> RCS file: /cvs/src/sys/arch/arm/include/cpu.h,v
> retrieving revision 1.44
> diff -u -p -r1.44 cpu.h
> --- cpu.h 2 Mar 2017 10:38:10 - 1.44
> +++ cpu.h 3 Mar 2017 14:26:27 -
> @@ -82,7 +82,7 @@
> { 0, 0 }, \
> { 0, 0 }, \
> { "maxspeed", CTLTYPE_INT }, \
> - { "lidsuspend", CTLTYPE_INT } \
> + { "lidsuspend", CTLTYPE_INT }, \
> { "lidaction", CTLTYPE_INT } \
> }
>
pr_output variable arguments
Hi,
I prefer compiler checks over variable argument lists.
So lets convert the pr_output functions.
ok?
bluhm
Index: net/pfkey.c
===
RCS file: /cvs/src/sys/net/pfkey.c,v
retrieving revision 1.38
diff -u -p -r1.38 pfkey.c
--- net/pfkey.c 2 Mar 2017 08:58:24 - 1.38
+++ net/pfkey.c 3 Mar 2017 14:45:48 -
@@ -90,10 +90,10 @@ static struct pfkey_version *pfkey_versi
struct sockaddr pfkey_addr = { 2, PF_KEY, };
-/* static struct domain pfkeydomain; */
-static int pfkey_usrreq(struct socket *socket, int req, struct mbuf *mbuf,
-struct mbuf *nam, struct mbuf *control, struct proc *);
-static int pfkey_output(struct mbuf *mbuf, struct socket *socket);
+int pfkey_usrreq(struct socket *, int , struct mbuf *, struct mbuf *,
+struct mbuf *, struct proc *);
+int pfkey_output(struct mbuf *, struct socket *, struct sockaddr *,
+struct mbuf *);
void pfkey_init(void);
int pfkey_buildprotosw(void);
@@ -154,8 +154,9 @@ pfkey_sendup(struct socket *socket, stru
return (0);
}
-static int
-pfkey_output(struct mbuf *mbuf, struct socket *socket)
+int
+pfkey_output(struct mbuf *mbuf, struct socket *socket, struct sockaddr
*dstaddr,
+struct mbuf *control)
{
void *message;
int error = 0;
@@ -230,7 +231,7 @@ pfkey_detach(struct socket *socket, stru
return (rval);
}
-static int
+int
pfkey_usrreq(struct socket *socket, int req, struct mbuf *mbuf,
struct mbuf *nam, struct mbuf *control, struct proc *p)
{
@@ -266,7 +267,7 @@ static struct protosw pfkey_protosw_temp
.pr_domain = ,
.pr_protocol = -1,
.pr_flags= PR_ATOMIC | PR_ADDR,
- .pr_output = (void *) pfkey_output,
+ .pr_output = pfkey_output,
.pr_usrreq = pfkey_usrreq
};
Index: net/raw_usrreq.c
===
RCS file: /cvs/src/sys/net/raw_usrreq.c,v
retrieving revision 1.28
diff -u -p -r1.28 raw_usrreq.c
--- net/raw_usrreq.c23 Jan 2017 16:31:24 - 1.28
+++ net/raw_usrreq.c3 Mar 2017 14:45:48 -
@@ -139,7 +139,7 @@ raw_usrreq(struct socket *so, int req, s
error = ENOTCONN;
break;
}
- error = (*so->so_proto->pr_output)(m, so);
+ error = (*so->so_proto->pr_output)(m, so, NULL, NULL);
m = NULL;
if (nam)
rp->rcb_faddr = 0;
Index: net/route.h
===
RCS file: /cvs/src/sys/net/route.h,v
retrieving revision 1.157
diff -u -p -r1.157 route.h
--- net/route.h 2 Mar 2017 17:09:21 - 1.157
+++ net/route.h 3 Mar 2017 14:45:49 -
@@ -417,7 +417,8 @@ struct sockaddr_in6;
struct bfd_config;
voidroute_init(void);
-int route_output(struct mbuf *, ...);
+int route_output(struct mbuf *, struct socket *, struct sockaddr *,
+ struct mbuf *);
int route_usrreq(struct socket *, int, struct mbuf *,
struct mbuf *, struct mbuf *, struct proc *);
voidrt_ifmsg(struct ifnet *);
Index: net/rtsock.c
===
RCS file: /cvs/src/sys/net/rtsock.c,v
retrieving revision 1.227
diff -u -p -r1.227 rtsock.c
--- net/rtsock.c3 Mar 2017 14:22:40 - 1.227
+++ net/rtsock.c3 Mar 2017 14:45:49 -
@@ -528,7 +528,8 @@ rt_report(struct rtentry *rt, u_char typ
}
int
-route_output(struct mbuf *m, ...)
+route_output(struct mbuf *m, struct socket *so, struct sockaddr *dstaddr,
+struct mbuf *control)
{
struct rt_msghdr*rtm = NULL;
struct rtentry *rt = NULL;
@@ -536,19 +537,13 @@ route_output(struct mbuf *m, ...)
int plen, len, seq, newgate = 0, error = 0;
struct ifnet*ifp = NULL;
struct ifaddr *ifa = NULL;
- struct socket *so;
struct rawcb*rp = NULL;
#ifdef MPLS
struct sockaddr_mpls*psa_mpls;
#endif
- va_list ap;
u_inttableid;
u_int8_t prio;
u_char vers, type;
-
- va_start(ap, m);
- so = va_arg(ap, struct socket *);
- va_end(ap);
if (m == NULL || ((m->m_len < sizeof(int32_t)) &&
(m = m_pullup(m, sizeof(int32_t))) == 0))
Index: netinet/ip_var.h
===
RCS file: /cvs/src/sys/netinet/ip_var.h,v
retrieving revision 1.68
diff -u -p -r1.68 ip_var.h
--- netinet/ip_var.h1 Feb 2017 20:59:47 - 1.68
+++ netinet/ip_var.h3 Mar 2017 14:45:49 -
@@ -253,7 +253,8 @@ void ip_forward(struct mbuf *, struct i
int rip_ctloutput(int, struct socket *, int, int, struct mbuf *);
voidrip_init(void);
int rip_input(struct mbuf **, int *, int);
-int
arm cpu.h rev 1.44 broken
There is a comma missing in rev 1.44:
Index: cpu.h
===
RCS file: /cvs/src/sys/arch/arm/include/cpu.h,v
retrieving revision 1.44
diff -u -p -r1.44 cpu.h
--- cpu.h 2 Mar 2017 10:38:10 - 1.44
+++ cpu.h 3 Mar 2017 14:26:27 -
@@ -82,7 +82,7 @@
{ 0, 0 }, \
{ 0, 0 }, \
{ "maxspeed", CTLTYPE_INT }, \
- { "lidsuspend", CTLTYPE_INT } \
+ { "lidsuspend", CTLTYPE_INT }, \
{ "lidaction", CTLTYPE_INT } \
}
Re: Kill global list of IPv6 addresses
On Fri, Mar 03, 2017 at 10:36:19AM +0100, Martin Pieuchot wrote:
> It's now unused and can die, ok?
OK bluhm@
>
> Index: netinet/in_pcb.c
> ===
> RCS file: /cvs/src/sys/netinet/in_pcb.c,v
> retrieving revision 1.216
> diff -u -p -r1.216 in_pcb.c
> --- netinet/in_pcb.c 6 Oct 2016 19:09:08 - 1.216
> +++ netinet/in_pcb.c 3 Mar 2017 08:03:23 -
> @@ -316,8 +316,6 @@ in_pcbbind(struct inpcb *inp, struct mbu
> switch (sotopf(so)) {
> #ifdef INET6
> case PF_INET6:
> - if (TAILQ_EMPTY(_ifaddr))
> - return (EADDRNOTAVAIL);
> if (!IN6_IS_ADDR_UNSPECIFIED(>inp_laddr6))
> return (EINVAL);
> wild |= INPLOOKUP_IPV6;
> Index: netinet6/in6.c
> ===
> RCS file: /cvs/src/sys/netinet6/in6.c,v
> retrieving revision 1.199
> diff -u -p -r1.199 in6.c
> --- netinet6/in6.c16 Feb 2017 10:15:12 - 1.199
> +++ netinet6/in6.c3 Mar 2017 08:03:07 -
> @@ -614,7 +614,6 @@ in6_update_ifa(struct ifnet *ifp, struct
> ia6->ia_ifa.ifa_netmask = sin6tosa(>ia_prefixmask);
>
> ia6->ia_ifp = ifp;
> - TAILQ_INSERT_TAIL(_ifaddr, ia6, ia_list);
> ia6->ia_addr = ifra->ifra_addr;
> ifa_add(ifp, >ia_ifa);
> }
> @@ -896,8 +895,6 @@ in6_unlink_ifa(struct in6_ifaddr *ia6, s
> int plen;
>
> splsoftassert(IPL_SOFTNET);
> -
> - TAILQ_REMOVE(_ifaddr, ia6, ia_list);
>
> /* Release the reference to the base prefix. */
> if (ia6->ia6_ndpr == NULL) {
> Index: netinet6/in6_var.h
> ===
> RCS file: /cvs/src/sys/netinet6/in6_var.h,v
> retrieving revision 1.65
> diff -u -p -r1.65 in6_var.h
> --- netinet6/in6_var.h9 Feb 2017 15:23:35 - 1.65
> +++ netinet6/in6_var.h3 Mar 2017 08:02:35 -
> @@ -332,9 +332,6 @@ structin6_aliasreq {
> #define IN6_ARE_SCOPE_CMP(a,b) ((a)-(b))
> #define IN6_ARE_SCOPE_EQUAL(a,b) ((a)==(b))
>
> -TAILQ_HEAD(in6_ifaddrhead, in6_ifaddr);
> -extern struct in6_ifaddrhead in6_ifaddr;
> -
> /*
> * Multi-cast membership entry. One for each group/ifp that a PCB
> * belongs to.
> Index: netinet6/ip6_input.c
> ===
> RCS file: /cvs/src/sys/netinet6/ip6_input.c,v
> retrieving revision 1.180
> diff -u -p -r1.180 ip6_input.c
> --- netinet6/ip6_input.c 28 Feb 2017 09:59:34 - 1.180
> +++ netinet6/ip6_input.c 3 Mar 2017 08:02:52 -
> @@ -114,7 +114,6 @@
> #include
> #endif
>
> -struct in6_ifaddrhead in6_ifaddr;
> struct niqueue ip6intrq = NIQUEUE_INITIALIZER(IFQ_MAXLEN, NETISR_IPV6);
>
> struct cpumem *ip6counters;
> @@ -152,7 +151,6 @@ ip6_init(void)
> pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW &&
> pr->pr_protocol < IPPROTO_MAX)
> ip6_protox[pr->pr_protocol] = pr - inet6sw;
> - TAILQ_INIT(_ifaddr);
> ip6_randomid_init();
> nd6_init();
> frag6_init();
Kill global list of IPv6 addresses
It's now unused and can die, ok?
Index: netinet/in_pcb.c
===
RCS file: /cvs/src/sys/netinet/in_pcb.c,v
retrieving revision 1.216
diff -u -p -r1.216 in_pcb.c
--- netinet/in_pcb.c6 Oct 2016 19:09:08 - 1.216
+++ netinet/in_pcb.c3 Mar 2017 08:03:23 -
@@ -316,8 +316,6 @@ in_pcbbind(struct inpcb *inp, struct mbu
switch (sotopf(so)) {
#ifdef INET6
case PF_INET6:
- if (TAILQ_EMPTY(_ifaddr))
- return (EADDRNOTAVAIL);
if (!IN6_IS_ADDR_UNSPECIFIED(>inp_laddr6))
return (EINVAL);
wild |= INPLOOKUP_IPV6;
Index: netinet6/in6.c
===
RCS file: /cvs/src/sys/netinet6/in6.c,v
retrieving revision 1.199
diff -u -p -r1.199 in6.c
--- netinet6/in6.c 16 Feb 2017 10:15:12 - 1.199
+++ netinet6/in6.c 3 Mar 2017 08:03:07 -
@@ -614,7 +614,6 @@ in6_update_ifa(struct ifnet *ifp, struct
ia6->ia_ifa.ifa_netmask = sin6tosa(>ia_prefixmask);
ia6->ia_ifp = ifp;
- TAILQ_INSERT_TAIL(_ifaddr, ia6, ia_list);
ia6->ia_addr = ifra->ifra_addr;
ifa_add(ifp, >ia_ifa);
}
@@ -896,8 +895,6 @@ in6_unlink_ifa(struct in6_ifaddr *ia6, s
int plen;
splsoftassert(IPL_SOFTNET);
-
- TAILQ_REMOVE(_ifaddr, ia6, ia_list);
/* Release the reference to the base prefix. */
if (ia6->ia6_ndpr == NULL) {
Index: netinet6/in6_var.h
===
RCS file: /cvs/src/sys/netinet6/in6_var.h,v
retrieving revision 1.65
diff -u -p -r1.65 in6_var.h
--- netinet6/in6_var.h 9 Feb 2017 15:23:35 - 1.65
+++ netinet6/in6_var.h 3 Mar 2017 08:02:35 -
@@ -332,9 +332,6 @@ struct in6_aliasreq {
#define IN6_ARE_SCOPE_CMP(a,b) ((a)-(b))
#define IN6_ARE_SCOPE_EQUAL(a,b) ((a)==(b))
-TAILQ_HEAD(in6_ifaddrhead, in6_ifaddr);
-extern struct in6_ifaddrhead in6_ifaddr;
-
/*
* Multi-cast membership entry. One for each group/ifp that a PCB
* belongs to.
Index: netinet6/ip6_input.c
===
RCS file: /cvs/src/sys/netinet6/ip6_input.c,v
retrieving revision 1.180
diff -u -p -r1.180 ip6_input.c
--- netinet6/ip6_input.c28 Feb 2017 09:59:34 - 1.180
+++ netinet6/ip6_input.c3 Mar 2017 08:02:52 -
@@ -114,7 +114,6 @@
#include
#endif
-struct in6_ifaddrhead in6_ifaddr;
struct niqueue ip6intrq = NIQUEUE_INITIALIZER(IFQ_MAXLEN, NETISR_IPV6);
struct cpumem *ip6counters;
@@ -152,7 +151,6 @@ ip6_init(void)
pr->pr_protocol && pr->pr_protocol != IPPROTO_RAW &&
pr->pr_protocol < IPPROTO_MAX)
ip6_protox[pr->pr_protocol] = pr - inet6sw;
- TAILQ_INIT(_ifaddr);
ip6_randomid_init();
nd6_init();
frag6_init();
Introduce rtm_output()
On 03/03/17(Fri) 01:47, Alexander Bluhm wrote:
> On Thu, Mar 02, 2017 at 10:55:41AM +0100, Martin Pieuchot wrote:
> > Sleeping here is completely ok. The NET_LOCK() in this function is only
> > taken to make sure no other thread will try to do a route lookup in
> > ip_output() while we're messing with the routing table.
>
> Then I think your change is ok. The kernel lock in route_input()
> should protect us. But please resend the diff after merging with
> krw@'s rtm proposal commit.
I need to refactor this spaghetti code to avoid multiple gotos. So
let's move the guts of route_output() to a function that will need
the NET_LOCK().
I'd also like to rename all functions playing with routing messages
to have the rtm_ prefix, because it is quite confusing to see more
and more rt_* popping around.
ok?
Index: net/rtsock.c
===
RCS file: /cvs/src/sys/net/rtsock.c,v
retrieving revision 1.226
diff -u -p -r1.226 rtsock.c
--- net/rtsock.c2 Mar 2017 17:09:21 - 1.226
+++ net/rtsock.c3 Mar 2017 07:52:46 -
@@ -103,6 +103,8 @@ voidroute_input(struct mbuf *m0, sa_fam
introute_arp_conflict(struct rtentry *, struct rt_addrinfo *);
introute_cleargateway(struct rtentry *, void *, unsigned int);
+intrtm_ouput(struct rt_msghdr *, struct rtentry **, struct rt_addrinfo *,
+ uint8_t, unsigned int);
struct mbuf*rt_msg1(int, struct rt_addrinfo *);
int rt_msg2(int, int, struct rt_addrinfo *, caddr_t,
struct walkarg *);
@@ -536,18 +538,13 @@ route_output(struct mbuf *m, ...)
struct rt_msghdr*rtm = NULL;
struct rtentry *rt = NULL;
struct rt_addrinfo info;
- int plen, len, seq, newgate = 0, error = 0;
- struct ifnet*ifp = NULL;
- struct ifaddr *ifa = NULL;
+ int len, seq, error = 0;
struct socket *so;
struct rawcb*rp = NULL;
-#ifdef MPLS
- struct sockaddr_mpls*psa_mpls;
-#endif
va_list ap;
u_inttableid;
- u_int8_t prio;
u_char vers, type;
+ u_int8_t prio;
va_start(ap, m);
so = va_arg(ap, struct socket *);
@@ -690,21 +687,82 @@ route_output(struct mbuf *m, ...)
error = EINVAL;
goto fail;
}
- goto flush;
+ } else {
+ error = rtm_ouput(rtm, , , prio, tableid);
+ if (!error) {
+ type = rtm->rtm_type;
+ seq = rtm->rtm_seq;
+ free(rtm, M_RTABLE, 0);
+ rtm = rt_report(rt, type, seq, tableid);
+ }
+ }
+
+ rtfree(rt);
+ if (rtm == NULL) {
+ error = ENOBUFS;
+ goto fail;
+ } else if (error) {
+ rtm->rtm_errno = error;
+ } else {
+ rtm->rtm_flags |= RTF_DONE;
}
+ /*
+* Check to see if we don't want our own messages.
+*/
+ if (!(so->so_options & SO_USELOOPBACK)) {
+ if (route_cb.any_count <= 1) {
+ /* no other listener and no loopback of messages */
+fail:
+ free(rtm, M_RTABLE, 0);
+ m_freem(m);
+ return (error);
+ }
+ /* There is another listener, so construct message */
+ rp = sotorawcb(so);
+ rp->rcb_proto.sp_family = 0; /* Avoid us */
+ }
+ if (rtm) {
+ if (m_copyback(m, 0, rtm->rtm_msglen, rtm, M_NOWAIT)) {
+ m_freem(m);
+ m = NULL;
+ } else if (m->m_pkthdr.len > rtm->rtm_msglen)
+ m_adj(m, rtm->rtm_msglen - m->m_pkthdr.len);
+ free(rtm, M_RTABLE, 0);
+ }
+ if (m)
+ route_input(m, info.rti_info[RTAX_DST] ?
+ info.rti_info[RTAX_DST]->sa_family : AF_UNSPEC);
+ if (rp)
+ rp->rcb_proto.sp_family = PF_ROUTE; /* Readd us */
+
+ return (error);
+}
+
+int
+rtm_ouput(struct rt_msghdr *rtm, struct rtentry **prt,
+struct rt_addrinfo *info, uint8_t prio, unsigned int tableid)
+{
+ struct rtentry *rt = *prt;
+ struct ifnet*ifp = NULL;
+ struct ifaddr *ifa = NULL;
+#ifdef MPLS
+ struct sockaddr_mpls*psa_mpls;
+#endif
+ int plen, newgate = 0, error = 0;
+
switch (rtm->rtm_type) {
case RTM_ADD:
- if (info.rti_info[RTAX_GATEWAY] == NULL) {
+ if (info->rti_info[RTAX_GATEWAY] == NULL) {
error = EINVAL;
- goto flush;
+
