Re: Add note about example dhclient.conf
On Fri, Feb 07, 2020 at 08:46:05PM -0700, Aaron Bieber wrote: > On Fri, 07 Feb 2020 at 17:49:41 -0800, Kyle Isom wrote: > > I was looking through the dhclient.conf man page and missed that there was > > an example config in /etc/examples, so I added this to the man page. I'm > > also happy to go through the rest of man pages for the examples and add > > them if there's interest. > > > > Cheers, > > Kyle > > > > > > Index: sbin/dhclient/dhclient.conf.5 > > === > > RCS file: /cvs/src/sbin/dhclient/dhclient.conf.5,v > > retrieving revision 1.49 > > diff -u -p -u -p -r1.49 dhclient.conf.5 > > --- sbin/dhclient/dhclient.conf.5 17 Dec 2019 14:21:54 - 1.49 > > +++ sbin/dhclient/dhclient.conf.5 8 Feb 2020 00:22:38 - > > @@ -288,6 +288,11 @@ instead of the > > .Ic sname > > field of the DHCP offer when binding a lease. > > .El > > +.Sh EXAMPLE > > +There is an example > > +.Pa dhclient.conf > > +in > > +.Pa /etc/examples/dhclient.conf . > > .Sh SEE ALSO > > .Xr dhclient.leases 5 , > > .Xr dhcp-options 5 , > > > > IMO this is worth doing. acme-client.1 and httpd.conf.5 have reference to > /etc/examples, and I have run into a number of people that are unaware of the > existence of the examples. > > Maybe something a bit more similar to what's in acme-client(1) which uses a > more standard EXAMPLES section: > > .Sh EXAMPLES > Example configuration files for > .Nm > and > .Xr httpd 8 > are provided in > .Pa /etc/examples/acme-client.conf > > I talked with tj@ about this as well, he suggested another route would be to > add full examples in the lacking pages. IMO both approaches would probably be > beneficial but I think directing more attention to /etc/examples is a good > start. > > Anyone else have any thoughts? > hi. i forget the logic, but i think the aim was to have a potential config somewhere helpful, without clogging the man pages. to that end, i'm not sure it'd make sense to effectively move the files back into the man pages. the best thing is probably for everyone to know there is such a thing as /etc/examples. i accept that's maybe unlikely. if we do reference these config files from the man pages, i guess that should be correctly done from a FILES section, since EXAMPLES is really showing how to use the tool, rather than how to configure it. it is a fine line though. i wouldn;t be against adding to FILES - it'd be very brief, make sense, and provide the reminder being asked for. jmc
piixpm(4) support for AMD FCH watchdog
The diff below adds support for the watchdog as found in the embedded
AMD FCH (fusion controller hub) as found on APU2.
Index: sys/dev/pci/piixpm.c
===
RCS file: /cvs/src/sys/dev/pci/piixpm.c,v
retrieving revision 1.42
diff -u -p -r1.42 piixpm.c
--- sys/dev/pci/piixpm.c21 Jan 2020 06:37:24 - 1.42
+++ sys/dev/pci/piixpm.c8 Feb 2020 04:44:42 -
@@ -54,8 +54,10 @@ struct piixpm_softc {
struct device sc_dev;
bus_space_tag_t sc_iot;
+ bus_space_tag_t sc_memt;
bus_space_handle_t sc_ioh;
bus_space_handle_t sc_sb800_ioh;
+ bus_space_handle_t sc_wdt_mh;
void * sc_ih;
int sc_poll;
int sc_is_sb800;
@@ -83,6 +85,8 @@ int piixpm_i2c_exec(void *, i2c_op_t, i2
intpiixpm_intr(void *);
+intpiixpm_wdt_cb(void *arg, int period);
+
struct cfattach piixpm_ca = {
sizeof(struct piixpm_softc),
piixpm_match,
@@ -127,7 +131,7 @@ piixpm_attach(struct device *parent, str
struct piixpm_softc *sc = (struct piixpm_softc *)self;
struct pci_attach_args *pa = aux;
bus_space_handle_t ioh;
- u_int16_t val, smb0en;
+ u_int16_t val, smb0en, wdten = 0;
bus_addr_t base;
pcireg_t conf;
pci_intr_handle_t ih;
@@ -136,6 +140,7 @@ piixpm_attach(struct device *parent, str
int numbusses, i;
sc->sc_iot = pa->pa_iot;
+ sc->sc_memt = pa->pa_memt;
numbusses = 1;
if ((PCI_VENDOR(pa->pa_id) == PCI_VENDOR_AMD &&
@@ -160,7 +165,7 @@ piixpm_attach(struct device *parent, str
/*
* AMD Bolton matches PCI_PRODUCT_AMD_HUDSON2_SMB but
-* uses old register layout. Therefor check PCI_REVISION.
+* uses old register layout. Therefore check PCI_REVISION.
*/
if (PCI_VENDOR(pa->pa_id) == PCI_VENDOR_AMD &&
((PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_AMD_HUDSON2_SMB &&
@@ -170,6 +175,7 @@ piixpm_attach(struct device *parent, str
AMDFCH41_PM_DECODE_EN);
val = bus_space_read_1(sc->sc_iot, ioh, 1);
smb0en = val & AMDFCH41_SMBUS_EN;
+ wdten = val & AMDFCH41_WDT_EN;
bus_space_write_1(sc->sc_iot, ioh, 0,
AMDFCH41_PM_DECODE_EN + 1);
@@ -282,7 +288,59 @@ piixpm_attach(struct device *parent, str
config_found(self, &iba, iicbus_print);
}
+ /* Register watchdog */
+ if (wdten && bus_space_map(sc->sc_memt, AMDFCH41_WDTREG_BASE,
+ AMDFCH41_WDTREG_SIZE, 0, &sc->sc_wdt_mh) == 0) {
+ val = bus_space_read_1(sc->sc_memt, sc->sc_wdt_mh,
+ AMDFCH41_WDTREG_CTL);
+ if (val & AMDFCH41_WDTREG_CTL_FIRED) {
+ printf("%s watchdog caused previous restart\n",
+ sc->sc_dev.dv_xname);
+ bus_space_write_1(sc->sc_memt, sc->sc_wdt_mh,
+ AMDFCH41_WDTREG_CTL,
+ val | AMDFCH41_WDTREG_CTL_FIRED);
+ }
+
+ if (val & AMDFCH41_WDTREG_CTL_DISABLED)
+ printf("%s watchdog disabled\n", sc->sc_dev.dv_xname);
+ else {
+ printf("%s watchdog found\n", sc->sc_dev.dv_xname);
+
+ /* Set 1 second counter period */
+ bus_space_write_1(sc->sc_iot, sc->sc_sb800_ioh, 0,
+ AMDFCH41_PM_DECODE_EN + 3);
+ val = bus_space_read_1(sc->sc_iot, sc->sc_sb800_ioh, 1);
+ val = (val & ~AMDFCH41_WDT_MASK) | AMDFCH41_WDT_1S;
+ bus_space_write_1(sc->sc_iot, sc->sc_sb800_ioh, 1, val);
+
+ wdog_register(piixpm_wdt_cb, sc);
+ }
+ }
+
return;
+}
+
+int
+piixpm_wdt_cb(void *arg, int period)
+{
+ struct piixpm_softc *sc = (struct piixpm_softc *)arg;
+ u_int16_t val;
+
+ val = bus_space_read_1(sc->sc_memt, sc->sc_wdt_mh, AMDFCH41_WDTREG_CTL);
+
+ if (period > 0x)
+ period = 0x;
+ if (period > 0) {
+ bus_space_write_2(sc->sc_memt, sc->sc_wdt_mh,
+ AMDFCH41_WDTREG_COUNT, period);
+ val |= AMDFCH41_WDTREG_CTL_RUN | AMDFCH41_WDTREG_CTL_TRIGGER;
+ }
+ else
+ val &= ~AMDFCH41_WDTREG_CTL_RUN;
+
+ bus_space_write_1(sc->sc_memt, sc->sc_wdt_mh, AMDFCH41_WDTREG_CTL, val);
+
+ return period;
}
int
Index: sys/dev/pci/piixreg.h
===
RCS file: /cvs/src/sys/dev/pci/piixreg.h,v
retrieving revision 1.6
diff -u -p -r1.6 piixreg.h
--- sys/dev/pci/
Re: Add note about example dhclient.conf
On Fri, 07 Feb 2020 at 17:49:41 -0800, Kyle Isom wrote: > I was looking through the dhclient.conf man page and missed that there was an > example config in /etc/examples, so I added this to the man page. I'm also > happy to go through the rest of man pages for the examples and add them if > there's interest. > > Cheers, > Kyle > > > Index: sbin/dhclient/dhclient.conf.5 > === > RCS file: /cvs/src/sbin/dhclient/dhclient.conf.5,v > retrieving revision 1.49 > diff -u -p -u -p -r1.49 dhclient.conf.5 > --- sbin/dhclient/dhclient.conf.5 17 Dec 2019 14:21:54 - 1.49 > +++ sbin/dhclient/dhclient.conf.5 8 Feb 2020 00:22:38 - > @@ -288,6 +288,11 @@ instead of the > .Ic sname > field of the DHCP offer when binding a lease. > .El > +.Sh EXAMPLE > +There is an example > +.Pa dhclient.conf > +in > +.Pa /etc/examples/dhclient.conf . > .Sh SEE ALSO > .Xr dhclient.leases 5 , > .Xr dhcp-options 5 , > IMO this is worth doing. acme-client.1 and httpd.conf.5 have reference to /etc/examples, and I have run into a number of people that are unaware of the existence of the examples. Maybe something a bit more similar to what's in acme-client(1) which uses a more standard EXAMPLES section: .Sh EXAMPLES Example configuration files for .Nm and .Xr httpd 8 are provided in .Pa /etc/examples/acme-client.conf I talked with tj@ about this as well, he suggested another route would be to add full examples in the lacking pages. IMO both approaches would probably be beneficial but I think directing more attention to /etc/examples is a good start. Anyone else have any thoughts? -- PGP: 0x1F81112D62A9ADCE / 3586 3350 BFEA C101 DB1A 4AF0 1F81 112D 62A9 ADCE
Add note about example dhclient.conf
I was looking through the dhclient.conf man page and missed that there was an example config in /etc/examples, so I added this to the man page. I'm also happy to go through the rest of man pages for the examples and add them if there's interest. Cheers, Kyle Index: sbin/dhclient/dhclient.conf.5 === RCS file: /cvs/src/sbin/dhclient/dhclient.conf.5,v retrieving revision 1.49 diff -u -p -u -p -r1.49 dhclient.conf.5 --- sbin/dhclient/dhclient.conf.5 17 Dec 2019 14:21:54 - 1.49 +++ sbin/dhclient/dhclient.conf.5 8 Feb 2020 00:22:38 - @@ -288,6 +288,11 @@ instead of the .Ic sname field of the DHCP offer when binding a lease. .El +.Sh EXAMPLE +There is an example +.Pa dhclient.conf +in +.Pa /etc/examples/dhclient.conf . .Sh SEE ALSO .Xr dhclient.leases 5 , .Xr dhcp-options 5 ,
Re: Add mprotect_ept ioctl to vmm(4)
On Fri, Feb 07, 2020 at 01:25:38PM -0800, Mike Larkin wrote:
> On Fri, Feb 07, 2020 at 04:20:16AM +, Adam Steen wrote:
> > Hi
> >
> > Please see the attached patch to add an 'IOCTL handler to sets the access
> > protections of the ept'
> >
> > vmd(8) does not make use of this change, but solo5, which uses vmm(4) as
> > a backend hypervisor. The code calling 'VMM_IOC_MPROTECT_EPT' is
> > available here
> > https://github.com/Solo5/solo5/compare/master...adamsteen:wnox
> >
> > there are changes to vmd too, but this is just to ensure completeness,
> > if mprotect ept is called in the future, we would want the vm to be
> > stopped if we get a protection fault.
> >
> > I was unsure what todo if called with execute only permissions on a cpu that
> > does not support it. I went with add read permissions and logging the
> > fact, instead of returning EINVAL.
> >
> > Cheers
> > Adam
> >
>
> I have been giving Adam feedback on this diff for a while. There are a few
> minor comments below, but I think this is ok if someone wants to commit it
> after
> the fixes below are incorporated.
>
> -ml
>
See updated comment below.
-ml
> > ? div
> > Index: sys/arch/amd64/amd64/vmm.c
> > ===
> > RCS file: /cvs/src/sys/arch/amd64/amd64/vmm.c,v
> > retrieving revision 1.258
> > diff -u -p -u -p -r1.258 vmm.c
> > --- sys/arch/amd64/amd64/vmm.c 31 Jan 2020 01:51:27 - 1.258
> > +++ sys/arch/amd64/amd64/vmm.c 7 Feb 2020 03:15:16 -
> > @@ -124,6 +124,7 @@ int vm_get_info(struct vm_info_params *)
> > int vm_resetcpu(struct vm_resetcpu_params *);
> > int vm_intr_pending(struct vm_intr_params *);
> > int vm_rwregs(struct vm_rwregs_params *, int);
> > +int vm_mprotect_ept(struct vm_mprotect_ept_params *);
> > int vm_rwvmparams(struct vm_rwvmparams_params *, int);
> > int vm_find(uint32_t, struct vm **);
> > int vcpu_readregs_vmx(struct vcpu *, uint64_t, struct vcpu_reg_state *);
> > @@ -186,6 +187,8 @@ int svm_fault_page(struct vcpu *, paddr_
> > int vmx_fault_page(struct vcpu *, paddr_t);
> > int vmx_handle_np_fault(struct vcpu *);
> > int svm_handle_np_fault(struct vcpu *);
> > +int vmx_mprotect_ept(vm_map_t, paddr_t, paddr_t, int);
> > +pt_entry_t *vmx_pmap_find_pte_ept(pmap_t, paddr_t);
> > int vmm_alloc_vpid(uint16_t *);
> > void vmm_free_vpid(uint16_t);
> > const char *vcpu_state_decode(u_int);
> > @@ -493,6 +496,9 @@ vmmioctl(dev_t dev, u_long cmd, caddr_t
> > case VMM_IOC_WRITEREGS:
> > ret = vm_rwregs((struct vm_rwregs_params *)data, 1);
> > break;
> > + case VMM_IOC_MPROTECT_EPT:
> > + ret = vm_mprotect_ept((struct vm_mprotect_ept_params *)data);
> > + break;
> > case VMM_IOC_READVMPARAMS:
> > ret = vm_rwvmparams((struct vm_rwvmparams_params *)data, 0);
> > break;
> > @@ -531,6 +537,7 @@ pledge_ioctl_vmm(struct proc *p, long co
> > case VMM_IOC_INTR:
> > case VMM_IOC_READREGS:
> > case VMM_IOC_WRITEREGS:
> > + case VMM_IOC_MPROTECT_EPT:
> > case VMM_IOC_READVMPARAMS:
> > case VMM_IOC_WRITEVMPARAMS:
> > return (0);
> > @@ -806,6 +813,288 @@ vm_rwregs(struct vm_rwregs_params *vrwp,
> > }
> >
> > /*
> > + * vm_mprotect_ept
> > + *
> > + * IOCTL handler to sets the access protections of the ept
> > + *
> > + * Parameters:
> > + * vmep: decribes the memory for which the protect will be applied..
> > + *
> > + * Return values:
> > + * 0: if successful
> > + * ENOENT: if the VM defined by 'vmep' cannot be found
> > + * EINVAL: if the sgpa or size is not page aligned, the prot is invalid,
> > + * size is too large (512GB), there is wraparound
> > + * (like start = 512GB-1 and end = 512GB-2),
> > + * the address specified is not within the vm's mem range
> > + * or the address lies inside reserved (MMIO) memory
> > + */
> > +int
> > +vm_mprotect_ept(struct vm_mprotect_ept_params *vmep)
> > +{
> > + struct vm *vm;
> > + struct vcpu *vcpu;
> > + vaddr_t sgpa;
> > + size_t size;
> > + vm_prot_t prot;
> > + uint64_t msr;
> > + int ret, memtype;
> > +
> > + /* If not EPT or RVI, nothing to do here */
> > + if (!(vmm_softc->mode == VMM_MODE_EPT
> > + || vmm_softc->mode == VMM_MODE_RVI))
> > + return (0);
> > +
> > + /* Find the desired VM */
> > + rw_enter_read(&vmm_softc->vm_lock);
> > + ret = vm_find(vmep->vmep_vm_id, &vm);
> > + rw_exit_read(&vmm_softc->vm_lock);
> > +
> > + /* Not found? exit. */
> > + if (ret != 0) {
> > + DPRINTF("%s: vm id %u not found\n", __func__,
> > + vmep->vmep_vm_id);
> > + return (ret);
> > + }
> > +
> > + rw_enter_read(&vm->vm_vcpu_lock);
> > + SLIST_FOREACH(vcpu, &vm->vm_vcpu_list, vc_vcpu_link) {
> > + if (vcpu->vc_id == vmep->vmep_vcpu_id)
> > + break;
> > + }
> > + rw_exit_read(&vm->vm_vcpu_lock);
> > +
> > + if (vcpu ==
vmm(4): wrong comment
Free commit for someone. Noticed last night by my student team that is working on vmm(4) virtio memory ballooning support as we were adding the viomb(4) stats queue. -ml Index: vmm.c === RCS file: /cvs/src/sys/arch/amd64/amd64/vmm.c,v retrieving revision 1.257 diff -u -p -a -u -r1.257 vmm.c --- vmm.c 13 Dec 2019 03:38:15 - 1.257 +++ vmm.c 7 Feb 2020 21:27:46 - @@ -3666,7 +3666,6 @@ vcpu_vmx_compute_ctrl(uint64_t ctrlval, /* * vm_get_info * - * Returns information about the VM indicated by 'vip'. * Returns information about the VM indicated by 'vip'. The 'vip_size' field * in the 'vip' parameter is used to indicate the size of the caller's buffer. * If insufficient space exists in that buffer, the required size needed is
Re: Add mprotect_ept ioctl to vmm(4)
On Fri, Feb 07, 2020 at 04:20:16AM +, Adam Steen wrote:
> Hi
>
> Please see the attached patch to add an 'IOCTL handler to sets the access
> protections of the ept'
>
> vmd(8) does not make use of this change, but solo5, which uses vmm(4) as
> a backend hypervisor. The code calling 'VMM_IOC_MPROTECT_EPT' is
> available here https://github.com/Solo5/solo5/compare/master...adamsteen:wnox
>
> there are changes to vmd too, but this is just to ensure completeness,
> if mprotect ept is called in the future, we would want the vm to be
> stopped if we get a protection fault.
>
> I was unsure what todo if called with execute only permissions on a cpu that
> does not support it. I went with add read permissions and logging the
> fact, instead of returning EINVAL.
>
> Cheers
> Adam
>
I have been giving Adam feedback on this diff for a while. There are a few
minor comments below, but I think this is ok if someone wants to commit it after
the fixes below are incorporated.
-ml
> ? div
> Index: sys/arch/amd64/amd64/vmm.c
> ===
> RCS file: /cvs/src/sys/arch/amd64/amd64/vmm.c,v
> retrieving revision 1.258
> diff -u -p -u -p -r1.258 vmm.c
> --- sys/arch/amd64/amd64/vmm.c31 Jan 2020 01:51:27 - 1.258
> +++ sys/arch/amd64/amd64/vmm.c7 Feb 2020 03:15:16 -
> @@ -124,6 +124,7 @@ int vm_get_info(struct vm_info_params *)
> int vm_resetcpu(struct vm_resetcpu_params *);
> int vm_intr_pending(struct vm_intr_params *);
> int vm_rwregs(struct vm_rwregs_params *, int);
> +int vm_mprotect_ept(struct vm_mprotect_ept_params *);
> int vm_rwvmparams(struct vm_rwvmparams_params *, int);
> int vm_find(uint32_t, struct vm **);
> int vcpu_readregs_vmx(struct vcpu *, uint64_t, struct vcpu_reg_state *);
> @@ -186,6 +187,8 @@ int svm_fault_page(struct vcpu *, paddr_
> int vmx_fault_page(struct vcpu *, paddr_t);
> int vmx_handle_np_fault(struct vcpu *);
> int svm_handle_np_fault(struct vcpu *);
> +int vmx_mprotect_ept(vm_map_t, paddr_t, paddr_t, int);
> +pt_entry_t *vmx_pmap_find_pte_ept(pmap_t, paddr_t);
> int vmm_alloc_vpid(uint16_t *);
> void vmm_free_vpid(uint16_t);
> const char *vcpu_state_decode(u_int);
> @@ -493,6 +496,9 @@ vmmioctl(dev_t dev, u_long cmd, caddr_t
> case VMM_IOC_WRITEREGS:
> ret = vm_rwregs((struct vm_rwregs_params *)data, 1);
> break;
> + case VMM_IOC_MPROTECT_EPT:
> + ret = vm_mprotect_ept((struct vm_mprotect_ept_params *)data);
> + break;
> case VMM_IOC_READVMPARAMS:
> ret = vm_rwvmparams((struct vm_rwvmparams_params *)data, 0);
> break;
> @@ -531,6 +537,7 @@ pledge_ioctl_vmm(struct proc *p, long co
> case VMM_IOC_INTR:
> case VMM_IOC_READREGS:
> case VMM_IOC_WRITEREGS:
> + case VMM_IOC_MPROTECT_EPT:
> case VMM_IOC_READVMPARAMS:
> case VMM_IOC_WRITEVMPARAMS:
> return (0);
> @@ -806,6 +813,288 @@ vm_rwregs(struct vm_rwregs_params *vrwp,
> }
>
> /*
> + * vm_mprotect_ept
> + *
> + * IOCTL handler to sets the access protections of the ept
> + *
> + * Parameters:
> + * vmep: decribes the memory for which the protect will be applied..
> + *
> + * Return values:
> + * 0: if successful
> + * ENOENT: if the VM defined by 'vmep' cannot be found
> + * EINVAL: if the sgpa or size is not page aligned, the prot is invalid,
> + * size is too large (512GB), there is wraparound
> + * (like start = 512GB-1 and end = 512GB-2),
> + * the address specified is not within the vm's mem range
> + * or the address lies inside reserved (MMIO) memory
> + */
> +int
> +vm_mprotect_ept(struct vm_mprotect_ept_params *vmep)
> +{
> + struct vm *vm;
> + struct vcpu *vcpu;
> + vaddr_t sgpa;
> + size_t size;
> + vm_prot_t prot;
> + uint64_t msr;
> + int ret, memtype;
> +
> + /* If not EPT or RVI, nothing to do here */
> + if (!(vmm_softc->mode == VMM_MODE_EPT
> + || vmm_softc->mode == VMM_MODE_RVI))
> + return (0);
> +
> + /* Find the desired VM */
> + rw_enter_read(&vmm_softc->vm_lock);
> + ret = vm_find(vmep->vmep_vm_id, &vm);
> + rw_exit_read(&vmm_softc->vm_lock);
> +
> + /* Not found? exit. */
> + if (ret != 0) {
> + DPRINTF("%s: vm id %u not found\n", __func__,
> + vmep->vmep_vm_id);
> + return (ret);
> + }
> +
> + rw_enter_read(&vm->vm_vcpu_lock);
> + SLIST_FOREACH(vcpu, &vm->vm_vcpu_list, vc_vcpu_link) {
> + if (vcpu->vc_id == vmep->vmep_vcpu_id)
> + break;
> + }
> + rw_exit_read(&vm->vm_vcpu_lock);
> +
> + if (vcpu == NULL) {
> + DPRINTF("%s: vcpu id %u of vm %u not found\n", __func__,
> + vmep->vmep_vcpu_id, vmep->vmep_vm_id);
> + return (ENOENT);
> + }
> +
> + if (vcpu->vc_state != VCPU_STATE_STOPPED) {
> + DPRINTF("%
Re: httpd(8): patch to allow FastCGI chroots in sub-directories
Slightly tweaked diff by me, fixing "new sentence new line" in the man
page.
This is OK florian@ if someone wants to commit it or I can commit it
if someone OKs it.
diff --git httpd.conf.5 httpd.conf.5
index f4ea2e55766..494271672ea 100644
--- httpd.conf.5
+++ httpd.conf.5
@@ -300,6 +300,12 @@ Alternatively if
the FastCGI handler is listening on a TCP socket,
.Ar socket
starts with a colon followed by the TCP port number.
+.It Ic strip Ar number
+Strip
+.Ar number
+path components from the beginning of DOCUMENT_ROOT and
+SCRIPT_FILENAME before sending them to the FastCGI server.
+This allows FastCGI server chroot to be a directory under httpd chroot.
.It Ic param Ar variable value
Sets a variable that will be sent to the FastCGI server.
Each statement defines one variable.
diff --git httpd.h httpd.h
index b1f17af8cd7..b22586974a5 100644
--- httpd.h
+++ httpd.h
@@ -547,6 +547,7 @@ struct server_config {
uint8_t hsts_flags;
struct server_fcgiparams fcgiparams;
+ int fcgistrip;
TAILQ_ENTRY(server_config) entry;
};
diff --git parse.y parse.y
index 054302269f4..109efd36a9f 100644
--- parse.y
+++ parse.y
@@ -689,6 +689,13 @@ fcgiflags : SOCKET STRING {
param->name, param->value);
TAILQ_INSERT_HEAD(&srv_conf->fcgiparams, param, entry);
}
+ | STRIP NUMBER {
+ if ($2 < 0 || $2 > INT_MAX) {
+ yyerror("invalid fastcgi strip number");
+ YYERROR;
+ }
+ srv_conf->fcgistrip = $2;
+ }
;
connection : CONNECTION '{' optnl conflags_l '}'
diff --git server_fcgi.c server_fcgi.c
index 864ce6b16d5..a85b5b44804 100644
--- server_fcgi.c
+++ server_fcgi.c
@@ -241,7 +241,8 @@ server_fcgi(struct httpd *env, struct client *clt)
errstr = "failed to encode param";
goto fail;
}
- if (fcgi_add_param(¶m, "SCRIPT_FILENAME", script, clt) == -1) {
+ if (fcgi_add_param(¶m, "SCRIPT_FILENAME", server_root_strip(script,
+ srv_conf->fcgistrip), clt) == -1) {
errstr = "failed to encode param";
goto fail;
}
@@ -257,8 +258,8 @@ server_fcgi(struct httpd *env, struct client *clt)
goto fail;
}
- if (fcgi_add_param(¶m, "DOCUMENT_ROOT", srv_conf->root,
- clt) == -1) {
+ if (fcgi_add_param(¶m, "DOCUMENT_ROOT", server_root_strip(
+ srv_conf->root, srv_conf->fcgistrip), clt) == -1) {
errstr = "failed to encode param";
goto fail;
}
On Sat, Jan 18, 2020 at 07:19:33AM +0100, Nazar Zhuk wrote:
> On Tue, Jan 14, 2020 at 03:07:05PM +0100, Florian Obser wrote:
> > I like the idea. Unfortunately the diff does not apply.
> Looks like I had formatting issues there. This should apply cleanly now.
>
>
> Index: usr.sbin/httpd/httpd.conf.5
> ===
> RCS file: /cvs/src/usr.sbin/httpd/httpd.conf.5,v
> retrieving revision 1.107
> diff -u -p -u -r1.107 httpd.conf.5
> --- usr.sbin/httpd/httpd.conf.5 8 May 2019 21:46:56 - 1.107
> +++ usr.sbin/httpd/httpd.conf.5 17 Jan 2020 06:20:14 -
> @@ -300,6 +300,10 @@ Alternatively if
> the FastCGI handler is listening on a TCP socket,
> .Ar socket
> starts with a colon followed by the TCP port number.
> +.It Ic strip Ar number
> +Strip
> +.Ar number
> +path components from the beginning of DOCUMENT_ROOT and SCRIPT_FILENAME
> before sending them to the FastCGI server. This allows FastCGI server chroot
> to be a directory under httpd chroot.
> .It Ic param Ar variable value
> Sets a variable that will be sent to the FastCGI server.
> Each statement defines one variable.
> Index: usr.sbin/httpd/httpd.h
> ===
> RCS file: /cvs/src/usr.sbin/httpd/httpd.h,v
> retrieving revision 1.145
> diff -u -p -u -r1.145 httpd.h
> --- usr.sbin/httpd/httpd.h8 May 2019 19:57:45 - 1.145
> +++ usr.sbin/httpd/httpd.h17 Jan 2020 06:20:14 -
> @@ -547,6 +547,7 @@ struct server_config {
> uint8_t hsts_flags;
>
> struct server_fcgiparams fcgiparams;
> + int fcgistrip;
>
> TAILQ_ENTRY(server_config) entry;
> };
> Index: usr.sbin/httpd/parse.y
> ===
> RCS file: /cvs/src/usr.sbin/httpd/parse.y,v
> retrieving revision 1.113
> diff -u -p -u -r1.113 parse.y
> --- usr.sbin/httpd/parse.y28 Jun 2019 13:32:47 - 1.113
> +++ usr.sbin/httpd/parse.y17 Jan 2020 06:20:15 -
> @@ -689,6 +689,13 @@ fcgiflags: SOCKET STRING {
> param->name, param->value);
>
Re: mg: fix problems found by gcc 10
Moving from misc to tech. This is effectively Ulrich's diff from github with a bit of whitespace shuffling. OK? diff --git def.h def.h index d4f00e84e59..0db023973e0 100644 --- def.h +++ def.h @@ -337,7 +337,7 @@ void ttnowindow(void); voidttcolor(int); voidttresize(void); -volatile sig_atomic_t winch_flag; +extern volatile sig_atomic_t winch_flag; /* ttyio.c */ voidttopen(void); @@ -752,11 +752,7 @@ extern char cinfo[]; extern char*keystrings[]; extern char pat[NPAT]; extern char prompt[]; - -/* - * Globals. - */ -int tceeol; -int tcinsl; -int tcdell; -int rptcount; /* successive invocation count */ +extern int tceeol; +extern int tcinsl; +extern int tcdell; +extern int rptcount; /* successive invocation count */ diff --git kbd.c kbd.c index 06d6c9fcf48..5f9b0a9efa6 100644 --- kbd.c +++ kbd.c @@ -26,13 +26,13 @@ char prompt[PROMPTL] = "", *promptp = prompt; static int mgwrap(PF, int, int); -static int use_metakey = TRUE; -static int pushed = FALSE; -static int pushedc; +static int use_metakey = TRUE; +static int pushed = FALSE; +static int pushedc; struct map_element *ele; - -struct key key; +struct key key; +int rptcount; /* * Toggle the value of use_metakey diff --git tty.c tty.c index 0b64c4b5453..c378cb240dd 100644 --- tty.c +++ tty.c @@ -45,6 +45,11 @@ static const char*scroll_fwd;/* How to scroll forward. */ static void winchhandler(int); +volatile sig_atomic_t winch_flag; +int tceeol; +int tcinsl; +int tcdell; + /* ARGSUSED */ static void winchhandler(int sig) On Tue, Feb 04, 2020 at 12:51:46AM +0100, Han Boetes wrote: > The latest version of gcc is more picky about global variables resulting in > this bug report for my portable version of mg: > https://github.com/hboetes/mg/issues/12 > > To which Ulrich Müller created a pull request which fixed the problem: > https://github.com/hboetes/mg/pull/13/files > > Is this worth applying to the upstream branch? -- I'm not entirely sure you are real.
Re: acme-client: prevent duplicate definitions of global variables
committed, thanks!
On Sat, Feb 01, 2020 at 01:54:11PM +0100, Jeremie Courreges-Anglas wrote:
> On Fri, Jan 31 2020, Michael Forney wrote:
> > Every source file that includes extern.h will have its own definition
> > of these variables. Since many compilers allocate the variables with
> > .comm, they end up getting merged by the linker without error.
> > However, ISO C requires exactly one definition of objects with
> > external linkage.
>
> LGTM, ok jca@.
>
> I'll commit it if none of the usual suspects show up soon.
>
> > gcc 10 will enable -fno-common by default, which will put
> > zero-initialized data in .bss, causing linking errors when multiple
> > definitions are present.
>
> Good to know, thanks.
>
> > ---
> > usr.sbin/acme-client/extern.h | 4 ++--
> > usr.sbin/acme-client/main.c | 5 +++--
> > 2 files changed, 5 insertions(+), 4 deletions(-)
> >
> > diff --git a/usr.sbin/acme-client/extern.h b/usr.sbin/acme-client/extern.h
> > index e6b7af0d05b..f280b3e279e 100644
> > --- a/usr.sbin/acme-client/extern.h
> > +++ b/usr.sbin/acme-client/extern.h
> > @@ -277,12 +277,12 @@ char *json_fmt_signed(const char *, const
> > char *, const char *);
> > /*
> > * Should we print debugging messages?
> > */
> > -int verbose;
> > +extern int verbose;
> >
> > /*
> > * What component is the process within (COMP__MAX for none)?
> > */
> > -enum comp proccomp;
> > +extern enum comp proccomp;
> >
> > __END_DECLS
> >
> > diff --git a/usr.sbin/acme-client/main.c b/usr.sbin/acme-client/main.c
> > index 7cbeeb7de03..1f59e6c755d 100644
> > --- a/usr.sbin/acme-client/main.c
> > +++ b/usr.sbin/acme-client/main.c
> > @@ -32,6 +32,9 @@
> > #define WWW_DIR "/var/www/acme"
> > #define CONF_FILE "/etc/acme-client.conf"
> >
> > +int verbose;
> > +enum comp proccomp;
> > +
> > int
> > main(int argc, char *argv[])
> > {
> > @@ -46,8 +49,6 @@ main(int argc, char *argv[])
> > int c, rc, revocate = 0;
> > int popts = 0;
> > pid_t pids[COMP__MAX];
> > - extern intverbose;
> > - extern enum comp proccomp;
> > size_ti, altsz, ne;
> >
> > struct acme_conf*conf = NULL;
>
> --
> jca | PGP : 0x1524E7EE / 5135 92C1 AD36 5293 2BDF DDCC 0DFA 74AE 1524 E7EE
>
--
I'm not entirely sure you are real.
rtsx(4): tsleep(9) -> tsleep_nsec(9)
Ticks to seconds.
ok?
Index: ic/rtsx.c
===
RCS file: /cvs/src/sys/dev/ic/rtsx.c,v
retrieving revision 1.21
diff -u -p -r1.21 rtsx.c
--- ic/rtsx.c 9 Oct 2017 20:06:36 - 1.21
+++ ic/rtsx.c 7 Feb 2020 14:13:40 -
@@ -1008,7 +1008,7 @@ rtsx_xfer_exec(struct rtsx_softc *sc, bu
splx(s);
/* Wait for completion. */
- return rtsx_wait_intr(sc, RTSX_TRANS_OK_INT, 10*hz);
+ return rtsx_wait_intr(sc, RTSX_TRANS_OK_INT, 10);
}
int
@@ -1315,7 +1315,7 @@ rtsx_exec_command(sdmmc_chipset_handle_t
/* Run the command queue and wait for completion. */
error = rtsx_hostcmd_send(sc, ncmd);
if (error == 0)
- error = rtsx_wait_intr(sc, RTSX_TRANS_OK_INT, hz);
+ error = rtsx_wait_intr(sc, RTSX_TRANS_OK_INT, 1);
if (error)
goto unload_cmdbuf;
@@ -1381,7 +1381,7 @@ rtsx_soft_reset(struct rtsx_softc *sc)
}
int
-rtsx_wait_intr(struct rtsx_softc *sc, int mask, int timo)
+rtsx_wait_intr(struct rtsx_softc *sc, int mask, int secs)
{
int status;
int error = 0;
@@ -1392,8 +1392,8 @@ rtsx_wait_intr(struct rtsx_softc *sc, in
s = splsdmmc();
status = sc->intr_status & mask;
while (status == 0) {
- if (tsleep(&sc->intr_status, PRIBIO, "rtsxintr", timo)
- == EWOULDBLOCK) {
+ if (tsleep_nsec(&sc->intr_status, PRIBIO, "rtsxintr",
+ SEC_TO_NSEC(secs)) == EWOULDBLOCK) {
rtsx_soft_reset(sc);
error = ETIMEDOUT;
break;
ipmi(4): tsleep(9) -> tsleep_nsec(9)
Ticks to seconds. Easy.
There's a polling sleep earlier in the code that I'm going to
leave as-is for now.
ok?
Index: ipmi.c
===
RCS file: /cvs/src/sys/dev/ipmi.c,v
retrieving revision 1.108
diff -u -p -r1.108 ipmi.c
--- ipmi.c 11 Jan 2020 18:51:54 - 1.108
+++ ipmi.c 7 Feb 2020 14:08:28 -
@@ -55,7 +55,7 @@ struct ipmi_sensor {
intipmi_enabled = 0;
-#define SENSOR_REFRESH_RATE (5 * hz)
+#define SENSOR_REFRESH_RATE 5 /* seconds */
#define DEVNAME(s) ((s)->sc_dev.dv_xname)
@@ -1498,7 +1498,8 @@ ipmi_poll_thread(void *arg)
while (thread->running) {
ipmi_refresh_sensors(sc);
- tsleep(thread, PWAIT, "ipmi_poll", SENSOR_REFRESH_RATE);
+ tsleep_nsec(thread, PWAIT, "ipmi_poll",
+ SEC_TO_NSEC(SENSOR_REFRESH_RATE));
}
done:
Re: sdhc(4): tsleep(9) -> tsleep_nsec(9)
On Fri, Jan 10, 2020 at 05:55:14PM -0600, Scott Cheloha wrote:
> Here the timeout constants are all in terms of seconds. We can change
> the input unit of the wait functions from hz to seconds and then
> convert as needed.
>
> sdhc_wait_intr_cold() uses delay(9), so convert to microseconds.
>
> sdhc_wait_intr() (now) uses tsleep_nsec(9), so convert to nanoseconds.
>
> I've sprinkled in some name changes and intermediate variables to make
> the units in use more obvious.
>
> ok?
Bump.
Index: sdmmc/sdhc.c
===
RCS file: /cvs/src/sys/dev/sdmmc/sdhc.c,v
retrieving revision 1.63
diff -u -p -r1.63 sdhc.c
--- sdmmc/sdhc.c22 Jan 2020 07:52:37 - 1.63
+++ sdmmc/sdhc.c7 Feb 2020 14:00:23 -
@@ -35,10 +35,11 @@
#include
#include
-#define SDHC_COMMAND_TIMEOUT hz
-#define SDHC_BUFFER_TIMEOUThz
-#define SDHC_TRANSFER_TIMEOUT hz
-#define SDHC_DMA_TIMEOUT (hz*3)
+/* Timeouts in seconds */
+#define SDHC_COMMAND_TIMEOUT 1
+#define SDHC_BUFFER_TIMEOUT1
+#define SDHC_TRANSFER_TIMEOUT 1
+#define SDHC_DMA_TIMEOUT 3
struct sdhc_host {
struct sdhc_softc *sc; /* host controller device */
@@ -1103,12 +1104,12 @@ sdhc_soft_reset(struct sdhc_host *hp, in
}
int
-sdhc_wait_intr_cold(struct sdhc_host *hp, int mask, int timo)
+sdhc_wait_intr_cold(struct sdhc_host *hp, int mask, int secs)
{
- int status;
+ int status, usecs;
mask |= SDHC_ERROR_INTERRUPT;
- timo = timo * tick;
+ usecs = secs * 100;
status = hp->intr_status;
while ((status & mask) == 0) {
@@ -1142,7 +1143,7 @@ sdhc_wait_intr_cold(struct sdhc_host *hp
}
delay(1);
- if (timo-- == 0) {
+ if (usecs-- == 0) {
status |= SDHC_ERROR_INTERRUPT;
break;
}
@@ -1153,20 +1154,22 @@ sdhc_wait_intr_cold(struct sdhc_host *hp
}
int
-sdhc_wait_intr(struct sdhc_host *hp, int mask, int timo)
+sdhc_wait_intr(struct sdhc_host *hp, int mask, int secs)
{
+ uint64_t nsecs;
int status;
int s;
if (cold)
- return (sdhc_wait_intr_cold(hp, mask, timo));
+ return (sdhc_wait_intr_cold(hp, mask, secs));
mask |= SDHC_ERROR_INTERRUPT;
+ nsecs = SEC_TO_NSEC(secs);
s = splsdmmc();
status = hp->intr_status & mask;
while (status == 0) {
- if (tsleep(&hp->intr_status, PWAIT, "hcintr", timo)
+ if (tsleep_nsec(&hp->intr_status, PWAIT, "hcintr", nsecs)
== EWOULDBLOCK) {
status |= SDHC_ERROR_INTERRUPT;
break;
sdmmc(4): tsleep(9) -> tsleep_nsec(9)
This one is a bit odd.
We tsleep(9) if !cold *and* usecs is a duration longer than a tick.
Otherwise we delay(9).
I am reluctant to leave the "usecs > tick" comparison here, but I am
even more reluctant to remove it and introduce latency where there
wasn't any before.
I'm going to leave the comparison and circle back to try to remove it
later.
... unless someone familiar with the driver thinks otherwise.
ok?
Index: sdmmc/sdmmc.c
===
RCS file: /cvs/src/sys/dev/sdmmc/sdmmc.c,v
retrieving revision 1.54
diff -u -p -r1.54 sdmmc.c
--- sdmmc/sdmmc.c 31 Dec 2019 10:05:33 - 1.54
+++ sdmmc/sdmmc.c 7 Feb 2020 13:43:09 -
@@ -577,10 +577,8 @@ sdmmc_init(struct sdmmc_softc *sc)
void
sdmmc_delay(u_int usecs)
{
- int nticks = usecs / (100 / hz);
-
- if (!cold && nticks > 0)
- tsleep(&sdmmc_delay, PWAIT, "mmcdly", nticks);
+ if (!cold && usecs > tick)
+ tsleep_nsec(&sdmmc_delay, PWAIT, "mmcdly", USEC_TO_NSEC(usecs));
else
delay(usecs);
}
