sec(4): route based ipsec vpns
tl;dr: this adds sec(4) p2p ip interfaces. Traffic in and out of these
interfaces is protected by IPsec security associations (SAs), but
there's no flows (security policy database (SPD) entries) associated
with these SAs. The policy for using the sec(4) interfaces and their
SAs is route-based instead.
Longer version:
I was going to use "make ipsec great again^W" as the subject line,
but thought better of it. The reason I started on this was to better
interoperate with "site-to-site" vpns, in particular AWS Site-to-Site
VPNs, and the Auto-Discovery VPN (ADVPN) stuff on fortinet fortigate
appliances. Both of these negotiate IPsec tunnels that can carry any
traffic at the IPsec level, but use BGP and routes to direct traffic
into those tunnels.
sec(4) is equivalent to a gif(4) interface with its encapsulated
packets protected by ESP in transport mode. You route packets into the
interface (sec or gif), and it gets encrypted and sent to the peer,
which decaspulates the traffic. The main difference is in how the
SAs for these connections are negotiated.
Neither of these things want to negotiate esp transport mode to protect
gif(4) packets, they want to negotiate esp tunnel mode for 0.0.0.0/0 to
0.0.0.0/0. The fact that IPsec in tunnel mode and gif both use the same
ip protocol number also causes a lot of confusion in the kernel in the
SPD.
After trying a bunch of different configurations out, and then trying to
hack up ipsecctl and isakmpd, and then talking to markus@, tobhe@, and
sthen@, we came up with sec(4). The idea isn't unique to us though. It
has been mooted in RFC3884 section 4.1.1, Cisco has VTI, Juniper has
st0, Linux has vti and xfrm interfaces, FreeBSD has ipsec_if, NetBSD has
ipsecif...
The kernel has been modified so ike daemons can inject a SA with
an iface extention message attached which specifies which sec(4)
the SA is for, and which direction it should be processing traffic
for. If a SA has this iface config on it, the ipsp code skips the
SPD side of things and instead makes these SAs available to sec(4)
for it to use.
I've tweaked isakmpd and ipsecctl so they support new config options
that let you configure SAs for sec(4). Most of the changes in isakmpd
are so it can continue to negotiate the right stuff with the peer,
but then short circuits the kernel config so only the SAs with the
iface extension are injected, none of the flows get inserted.
tobhe@ has done the same for iked, but he's reused the "iface"
config and special cased the handling of sec interfaces.
For ipsecctl and isakmpd, config looks like this in ipsec.conf:
h_self="130.102.96.46"
h_s2s1="52.65.9.248"
h_s2s1_key="one"
h_s2s2="54.153.175.223"
h_s2s2_key="two"
ike interface sec0 local $h_self peer $h_s2s1 \
main auth hmac-sha2-256 enc aes-256 group modp3072 lifetime 28800 \
quick auth hmac-sha2-256 enc aes-256 group modp3072 lifetime 3600 \
psk $h_s2s1_key
ike interface sec1 local $h_self peer $h_s2s2 \
main auth hmac-sha2-256 enc aes-256 group modp3072 lifetime 28800 \
quick auth hmac-sha2-256 enc aes-256 group modp3072 lifetime 3600 \
psk $h_s2s2_key
sec interface config:
dlg@ix ~$ sudo cat /etc/hostname.sec0
inet 169.254.64.94 255.255.255.252 169.254.64.93
up
dlg@ix ~$ sudo cat /etc/hostname.sec1
inet 169.254.105.134 255.255.255.252 169.254.105.133
up
aws s2s says we can then talk bgp:
dlg@ix ~$ sudo cat /etc/bgpd.conf
AS 65001
router-id 130.102.96.46
group aws {
remote-as 64512
neighbor 169.254.64.93
neighbor 169.254.105.133
}
with isakmpd running and ipsecctl having injected its config into
it, it then sets up SAs:
dlg@ix ~$ sudo ipsecctl -sa
FLOWS:
No flows
SAD:
esp tunnel from 54.153.175.223 to 130.102.96.46 spi 0x13ca145b auth
hmac-sha2-256 enc aes-256
esp tunnel from 52.65.9.248 to 130.102.96.46 spi 0x8e5fec4b auth hmac-sha2-256
enc aes-256
esp tunnel from 130.102.96.46 to 54.153.175.223 spi 0xc9d2adc1 auth
hmac-sha2-256 enc aes-256
esp tunnel from 130.102.96.46 to 52.65.9.248 spi 0xca1adc30 auth hmac-sha2-256
enc aes-256
dlg@ix ~$ sudo ipsecctl -sa -v
FLOWS:
No flows
SAD:
esp tunnel from 54.153.175.223 to 130.102.96.46 spi 0x13ca145b auth
hmac-sha2-256 enc aes-256
sa: spi 0x13ca145b auth hmac-sha2-256 enc aes
state mature replay 16 flags 0x204
lifetime_cur: alloc 0 bytes 752 add 1684451878 first 1684451880
lifetime_hard: alloc 0 bytes 0 add 3600 first 0
lifetime_soft: alloc 0 bytes 0 add 3240 first 0
address_src: 54.153.175.223
address_dst: 130.102.96.46
identity_src: type prefix id 0: 54.153.175.223/32
identity_dst: type prefix id 0: 130.102.96.46/32
src_mask: 0.0.0.0
dst_mask: 0.0.0.0
protocol: proto 0 flags 0
flow_type: type use direction in
src_flow: 0.0.0.0
dst_flow: 0.0.0.0
udpencap: udpencap port 4500
lifetime_lastuse: alloc 0 bytes 0 add 0 first 1684451888
Add ethernet type check in ifsetlro()
Hi,
bluhm pointed out that the ether_brport_isset() check it just allowed on
ethernet devices. Thus, I put an additional ethernet check in the
condition. This also fixes EBUSY errors of "ifconfig lo0 tcplro" calls
in my setup.
ok?
bye,
Jan
Index: net/if.c
===
RCS file: /cvs/src/sys/net/if.c,v
retrieving revision 1.702
diff -u -p -r1.702 if.c
--- net/if.c2 Jul 2023 19:59:15 - 1.702
+++ net/if.c3 Jul 2023 20:58:32 -
@@ -3206,7 +3206,7 @@ ifsetlro(struct ifnet *ifp, int on)
KERNEL_ASSERT_LOCKED(); /* for if_flags */
if (on && !ISSET(ifp->if_xflags, IFXF_LRO)) {
- if (ether_brport_isset(ifp)) {
+ if (ifp->if_type == IFT_ETHER && ether_brport_isset(ifp)) {
error = EBUSY;
goto out;
}
tcp lro tso path mtu
Hi,
As final step before making LRO (Large Receive Offload) the default,
we have to fix path MTU discovery when forwarding.
The drivers, currently ix(4) and lo(4) only, record an upper bound
of the size of the original packets in ph_mss. When sending we
must chop the packets with TSO (TCP Segmentation Offload) to that
size. That means we have to call tcp_if_output_tso() before
ifp->if_output(). I have put that logic into if_output_tso() to
avoid code duplication.
ok?
bluhm
Index: net/if.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/net/if.c,v
retrieving revision 1.702
diff -u -p -r1.702 if.c
--- net/if.c2 Jul 2023 19:59:15 - 1.702
+++ net/if.c3 Jul 2023 10:28:30 -
@@ -109,6 +109,9 @@
#include
#include
#include
+#include
+#include
+#include
#ifdef INET6
#include
@@ -883,6 +886,57 @@ if_output_ml(struct ifnet *ifp, struct m
ml_purge(ml);
return error;
+}
+
+int
+if_output_tso(struct ifnet *ifp, struct mbuf **mp, struct sockaddr *dst,
+struct rtentry *rt, u_int mtu)
+{
+ uint32_t ifcap;
+ int error;
+
+ switch (dst->sa_family) {
+ case AF_INET:
+ ifcap = IFCAP_TSOv4;
+ break;
+#ifdef INET6
+ case AF_INET6:
+ ifcap = IFCAP_TSOv6;
+ break;
+#endif
+ default:
+ unhandled_af(dst->sa_family);
+ }
+
+ /*
+* Try to send with TSO first. When forwarding LRO may set
+* maximium segment size in mbuf header. Chop TCP segment
+* even if it would fit interface MTU to preserve maximum
+* path MTU.
+*/
+ error = tcp_if_output_tso(ifp, mp, dst, rt, ifcap, mtu);
+ if (error || *mp == NULL)
+ return error;
+
+ if ((*mp)->m_pkthdr.len <= mtu) {
+ switch (dst->sa_family) {
+ case AF_INET:
+ in_hdr_cksum_out(*mp, ifp);
+ in_proto_cksum_out(*mp, ifp);
+ break;
+#ifdef INET6
+ case AF_INET6:
+ in6_proto_cksum_out(*mp, ifp);
+ break;
+#endif
+ }
+ error = ifp->if_output(ifp, *mp, dst, rt);
+ *mp = NULL;
+ return error;
+ }
+
+ /* mp still contains mbuf that has to be fragmented or dropped. */
+ return 0;
}
int
Index: net/if_var.h
===
RCS file: /data/mirror/openbsd/cvs/src/sys/net/if_var.h,v
retrieving revision 1.128
diff -u -p -r1.128 if_var.h
--- net/if_var.h28 Jun 2023 11:49:49 - 1.128
+++ net/if_var.h3 Jul 2023 10:04:17 -
@@ -329,6 +329,8 @@ int if_output_ml(struct ifnet *, struct
struct sockaddr *, struct rtentry *);
intif_output_mq(struct ifnet *, struct mbuf_queue *, unsigned int *,
struct sockaddr *, struct rtentry *);
+intif_output_tso(struct ifnet *, struct mbuf **, struct sockaddr *,
+ struct rtentry *, u_int);
intif_output_local(struct ifnet *, struct mbuf *, sa_family_t);
void if_rtrequest_dummy(struct ifnet *, int, struct rtentry *);
void p2p_rtrequest(struct ifnet *, int, struct rtentry *);
Index: net/pf.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/net/pf.c,v
retrieving revision 1.1181
diff -u -p -r1.1181 pf.c
--- net/pf.c5 Jun 2023 08:37:27 - 1.1181
+++ net/pf.c3 Jul 2023 10:04:17 -
@@ -6551,15 +6551,8 @@ pf_route(struct pf_pdesc *pd, struct pf_
ip = mtod(m0, struct ip *);
}
- if (ntohs(ip->ip_len) <= ifp->if_mtu) {
- in_hdr_cksum_out(m0, ifp);
- in_proto_cksum_out(m0, ifp);
- ifp->if_output(ifp, m0, sintosa(dst), rt);
- goto done;
- }
-
- if (tcp_if_output_tso(ifp, , sintosa(dst), rt,
- IFCAP_TSOv4, ifp->if_mtu) || m0 == NULL)
+ if (if_output_tso(ifp, , sintosa(dst), rt, ifp->if_mtu) ||
+ m0 == NULL)
goto done;
/*
@@ -6686,14 +6679,8 @@ pf_route6(struct pf_pdesc *pd, struct pf
goto done;
}
- if (m0->m_pkthdr.len <= ifp->if_mtu) {
- in6_proto_cksum_out(m0, ifp);
- ifp->if_output(ifp, m0, sin6tosa(dst), rt);
- goto done;
- }
-
- if (tcp_if_output_tso(ifp, , sin6tosa(dst), rt,
- IFCAP_TSOv6, ifp->if_mtu) || m0 == NULL)
+ if (if_output_tso(ifp, , sin6tosa(dst), rt, ifp->if_mtu) ||
+ m0 == NULL)
goto done;
ip6stat_inc(ip6s_cantfrag);
Index: netinet/ip_output.c
===
RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_output.c,v
retrieving revision 1.388
diff -u -p -r1.388 ip_output.c
---
Re: Diff for evaluation (WACOM tablet driver)
On Mon, Jul 03, 2023 at 03:20:33PM +0300, Matthieu Herrb wrote: > > Index: dev/usb/usbdevs.h > > === > > RCS file: /cvs/src/sys/dev/usb/usbdevs.h,v > > retrieving revision 1.769 > > diff -u -p -r1.769 usbdevs.h > > --- dev/usb/usbdevs.h 12 Jun 2023 11:26:54 - 1.769 > > +++ dev/usb/usbdevs.h 3 Jul 2023 09:04:50 - > > @@ -1,4 +1,4 @@ > > -/* $OpenBSD: usbdevs.h,v 1.769 2023/06/12 11:26:54 jsg Exp $ */ > > +/* $OpenBSD$ */ > > > > /* > > * THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT. > > @@ -2117,6 +2117,8 @@ > > #defineUSB_PRODUCT_GARMIN_DAKOTA20 0x23c0 /* Dakota 20 */ > > #defineUSB_PRODUCT_GARMIN_GPSMAP62S0x2459 /* GPSmap 62s */ > > > > +/* Gaomon */ > > + > > Strange... looks like you edited the file instead of re-generating it. Nah, I just forgot to re-regenerate after removing the Gaomon comment ;) Since the commit has to be staged in twos, that's not a bother
Re: Diff for evaluation (WACOM tablet driver)
On Mon, Jul 03, 2023 at 11:22:45AM +0200, Marc Espie wrote:
> I hope Vladimir will find the time to complete this answer.
>
> As far as Vlad's work goes, he did a presentation last week-end:
> https://www.lre.epita.fr/news_content/SS_summer_week_pres/Vladimir_Driver_OpenBSD.pptx
>
> (sorry for the medium, fortunately we have libreoffice)
>
> In the mean time, here is an updated diff.
>
> I removed the Gaomon stuff, which if anything should be a different patch.
>
> And I cleaned up the 20+ minor style violations I could find...
> (tabs instead of +4 spaces for continued lines, a few non-style compliant
> function declarations and/or code blocks, oh well)
>
> plus an extra malloc.h that snuck in and is not at all needed.
>
> And some typos in comments.
> And a C++ style comment. Oh well
>
> I would really for some version of this to get in soonish.
A few nits below.
I can't really comment on the HID parser logic although I find it a
bit strange to need quirk to attach uwacom.
> Index: dev/hid/hidms.c
> ===
> RCS file: /cvs/src/sys/dev/hid/hidms.c,v
> retrieving revision 1.9
> diff -u -p -r1.9 hidms.c
> --- dev/hid/hidms.c 16 Jun 2022 20:52:38 - 1.9
> +++ dev/hid/hidms.c 3 Jul 2023 09:04:50 -
> @@ -61,6 +61,210 @@ int hidmsdebug = 0;
> #define MOUSE_FLAGS_MASK (HIO_CONST | HIO_RELATIVE)
> #define NOTMOUSE(f) (((f) & MOUSE_FLAGS_MASK) != HIO_RELATIVE)
>
> +
> +int
> +stylus_hid_parse(struct hidms *ms, struct hid_data *d, uint32_t *flags)
> +{
> + /* Define stylus reported usages: (maybe macros?) */
> + const uint32_t stylus_usage_tip
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_TIP_SWITCH);
> + const uint32_t stylus_usage_barrel
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_BARREL_SWITCH);
> + const uint32_t stylus_usage_sec_barrel = HID_USAGE2(
> + HUP_WACOM | HUP_DIGITIZERS, HUD_SECONDARY_BARREL_SWITCH);
> + const uint32_t stylus_usage_in_range
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_IN_RANGE);
> + const uint32_t stylus_usage_quality
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_QUALITY);
> + const uint32_t stylus_usage_x
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_WACOM_X);
> + const uint32_t stylus_usage_y
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_WACOM_Y);
> + const uint32_t stylus_usage_pressure
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_TIP_PRESSURE);
> + const uint32_t stylus_usage_distance
> + = HID_USAGE2(HUP_WACOM | HUP_DIGITIZERS, HUD_WACOM_DISTANCE);
> +
> + struct hid_item h;
> +
> + while (hid_get_item(d, )) {
> + if (h.kind == hid_input && !(h.flags & HIO_CONST)) {
> + /* All the possible stylus reported usages go here */
> +#ifdef HIDMS_DEBUG
> + printf("stylus usage: 0x%x\n", h.usage);
> +#endif
> + switch (h.usage) {
> + /* Buttons */
> + case stylus_usage_tip:
> + DPRINTF("Stylus usage tip set\n");
> + ms->sc_loc_stylus_btn
> + [ms->sc_num_stylus_buttons++] = h.loc;
> + ms->sc_flags |= HIDMS_TIP;
> + break;
> + case stylus_usage_barrel:
> + DPRINTF("Stylus usage barrel set\n");
> + ms->sc_loc_stylus_btn
> + [ms->sc_num_stylus_buttons++] = h.loc;
> + ms->sc_flags |= HIDMS_BARREL;
> + break;
> + case stylus_usage_sec_barrel:
> + DPRINTF("Stylus usage secondary barrel set\n");
> + ms->sc_loc_stylus_btn
> + [ms->sc_num_stylus_buttons++] = h.loc;
> + ms->sc_flags |= HIDMS_SEC_BARREL;
> + break;
> + case stylus_usage_in_range:
> + DPRINTF("Stylus usage in range set\n");
> + ms->sc_loc_stylus_btn
> + [ms->sc_num_stylus_buttons++] = h.loc;
> + break;
> + case stylus_usage_quality:
> + DPRINTF("Stylus usage quality set\n");
> + ms->sc_loc_stylus_btn
> + [ms->sc_num_stylus_buttons++] = h.loc;
> + break;
> + /* Axes */
> + case stylus_usage_x:
> + DPRINTF("Stylus usage x set\n");
> + ms->sc_loc_x = h.loc;
> +
Re: ldpd: use new ibuf api
On Mon, Jul 03, 2023 at 12:42:49PM +0200, Claudio Jeker wrote:
> On Mon, Jun 26, 2023 at 06:14:30PM +0200, Claudio Jeker wrote:
> > Adjust ldpd to follow the new ibuf API.
> > Diff is simple but as usual I could not test it out so please test.
>
> This is still open. I will commit this later today.
Missed this.
ok tb
>
> > --
> > :wq Claudio
> >
> > Index: hello.c
> > ===
> > RCS file: /cvs/src/usr.sbin/ldpd/hello.c,v
> > retrieving revision 1.58
> > diff -u -p -r1.58 hello.c
> > --- hello.c 12 Dec 2019 00:10:29 - 1.58
> > +++ hello.c 12 Jun 2023 07:27:51 -
> > @@ -139,7 +139,7 @@ send_hello(enum hello_type type, struct
> > return (-1);
> > }
> >
> > - send_packet(fd, af, , ia, buf->buf, buf->wpos);
> > + send_packet(fd, af, , ia, ibuf_data(buf), ibuf_size(buf));
> > ibuf_free(buf);
> >
> > return (0);
> > Index: labelmapping.c
> > ===
> > RCS file: /cvs/src/usr.sbin/ldpd/labelmapping.c,v
> > retrieving revision 1.68
> > diff -u -p -r1.68 labelmapping.c
> > --- labelmapping.c 4 Mar 2017 00:15:35 - 1.68
> > +++ labelmapping.c 22 Jun 2023 08:49:55 -
> > @@ -22,6 +22,7 @@
> > #include
> > #include
> > #include
> > +#include
> > #include
> > #include
> >
> > @@ -39,10 +40,8 @@ static void log_msg_mapping(int, uint16
> > static void
> > enqueue_pdu(struct nbr *nbr, struct ibuf *buf, uint16_t size)
> > {
> > - struct ldp_hdr *ldp_hdr;
> > -
> > - ldp_hdr = ibuf_seek(buf, 0, sizeof(struct ldp_hdr));
> > - ldp_hdr->length = htons(size);
> > + if (ibuf_set_n16(buf, offsetof(struct ldp_hdr, length), size) == -1)
> > + fatal(__func__);
> > evbuf_enqueue(>tcp->wbuf, buf);
> > }
> >
> >
>
> --
> :wq Claudio
>
Re: ldpd: use new ibuf api
On Mon, Jun 26, 2023 at 06:14:30PM +0200, Claudio Jeker wrote:
> Adjust ldpd to follow the new ibuf API.
> Diff is simple but as usual I could not test it out so please test.
This is still open. I will commit this later today.
> --
> :wq Claudio
>
> Index: hello.c
> ===
> RCS file: /cvs/src/usr.sbin/ldpd/hello.c,v
> retrieving revision 1.58
> diff -u -p -r1.58 hello.c
> --- hello.c 12 Dec 2019 00:10:29 - 1.58
> +++ hello.c 12 Jun 2023 07:27:51 -
> @@ -139,7 +139,7 @@ send_hello(enum hello_type type, struct
> return (-1);
> }
>
> - send_packet(fd, af, , ia, buf->buf, buf->wpos);
> + send_packet(fd, af, , ia, ibuf_data(buf), ibuf_size(buf));
> ibuf_free(buf);
>
> return (0);
> Index: labelmapping.c
> ===
> RCS file: /cvs/src/usr.sbin/ldpd/labelmapping.c,v
> retrieving revision 1.68
> diff -u -p -r1.68 labelmapping.c
> --- labelmapping.c4 Mar 2017 00:15:35 - 1.68
> +++ labelmapping.c22 Jun 2023 08:49:55 -
> @@ -22,6 +22,7 @@
> #include
> #include
> #include
> +#include
> #include
> #include
>
> @@ -39,10 +40,8 @@ static void log_msg_mapping(int, uint16
> static void
> enqueue_pdu(struct nbr *nbr, struct ibuf *buf, uint16_t size)
> {
> - struct ldp_hdr *ldp_hdr;
> -
> - ldp_hdr = ibuf_seek(buf, 0, sizeof(struct ldp_hdr));
> - ldp_hdr->length = htons(size);
> + if (ibuf_set_n16(buf, offsetof(struct ldp_hdr, length), size) == -1)
> + fatal(__func__);
> evbuf_enqueue(>tcp->wbuf, buf);
> }
>
>
--
:wq Claudio
Re: eigrpd more ibuf cleanup
On Mon, Jul 03, 2023 at 12:28:44PM +0200, Claudio Jeker wrote: > Same change as done in other daemons, use ibuf_data() and ibuf_size(). ok
Re: ripd more ibuf cleanup
On Mon, Jul 03, 2023 at 12:27:46PM +0200, Claudio Jeker wrote: > Similar to the other daemons use ibuf_data() and ibuf_size() instead of > direct access. ok tb
eigrpd more ibuf cleanup
Same change as done in other daemons, use ibuf_data() and ibuf_size().
--
:wq Claudio
Index: packet.c
===
RCS file: /cvs/src/usr.sbin/eigrpd/packet.c,v
retrieving revision 1.21
diff -u -p -r1.21 packet.c
--- packet.c26 Jun 2023 14:07:19 - 1.21
+++ packet.c30 Jun 2023 08:10:37 -
@@ -97,7 +97,7 @@ send_packet_v4(struct iface *iface, stru
memset(, 0, sizeof(msg));
iov[0].iov_base = _hdr;
iov[0].iov_len = sizeof(ip_hdr);
- iov[1].iov_base = buf->buf;
+ iov[1].iov_base = ibuf_data(buf);
iov[1].iov_len = ibuf_size(buf);
msg.msg_name =
msg.msg_namelen = sizeof(dst);
@@ -144,7 +144,7 @@ send_packet_v6(struct iface *iface, stru
return (-1);
}
- if (sendto(global.eigrp_socket_v6, buf->buf, buf->wpos, 0,
+ if (sendto(global.eigrp_socket_v6, ibuf_data(buf), ibuf_size(buf), 0,
(struct sockaddr *), sizeof(sa6)) == -1) {
log_warn("%s: error sending packet on interface %s",
__func__, iface->name);
ripd more ibuf cleanup
Similar to the other daemons use ibuf_data() and ibuf_size() instead of direct access. -- :wq Claudio Index: message.c === RCS file: /cvs/src/usr.sbin/ripd/message.c,v retrieving revision 1.16 diff -u -p -r1.16 message.c --- message.c 8 Mar 2023 04:43:14 - 1.16 +++ message.c 19 Apr 2023 13:13:02 - @@ -134,7 +134,7 @@ send_triggered_update(struct iface *ifac ibuf_add(buf, , sizeof(nexthop)); ibuf_add(buf, , sizeof(metric)); - send_packet(iface, buf->buf, buf->wpos, ); + send_packet(iface, ibuf_data(buf), ibuf_size(buf), ); ibuf_free(buf); return (0); @@ -210,7 +210,7 @@ send_request(struct packet_head *r_list, delete_entry(entry->rr); free(entry); } - send_packet(iface, buf->buf, buf->wpos, ); + send_packet(iface, ibuf_data(buf), ibuf_size(buf), ); ibuf_free(buf); } @@ -305,7 +305,7 @@ free: if (iface->auth_type == AUTH_CRYPT) auth_add_trailer(buf, iface); - send_packet(iface, buf->buf, buf->wpos, ); + send_packet(iface, ibuf_data(buf), ibuf_size(buf), ); ibuf_free(buf); }
apldcms: enable mtbuttons
This diff optionally enables the new multi touch mouse button behaviour
for apldcms.
ok?
diff f3d7c2e4ca7de4e46cc3e888ef8fbfe71829307f
63e5d5edf5e8315206aa117b1d3a6be78e7fdd94
commit - f3d7c2e4ca7de4e46cc3e888ef8fbfe71829307f
commit + 63e5d5edf5e8315206aa117b1d3a6be78e7fdd94
blob - 7f4d8fb56f0b979976cf0d841801b332d6d6926e
blob + f50fe203685c610696266f346829d8db1346c275
--- sys/arch/arm64/dev/apldc.c
+++ sys/arch/arm64/dev/apldc.c
@@ -1289,6 +1289,10 @@ const struct wsmouse_accessops apldcms_accessops = {
void apldcms_disable(void *);
intapldcms_ioctl(void *, u_long, caddr_t, int, struct proc *);
+static struct wsmouse_param apldcms_wsmousecfg[] = {
+ { WSMOUSECFG_MTBTN_MAXDIST, 0 }, /* 0: Compute a default value. */
+};
+
const struct wsmouse_accessops apldcms_accessops = {
.enable = apldcms_enable,
.disable = apldcms_disable,
@@ -1350,7 +1354,8 @@ apldcms_configure(struct apldcms_softc *sc)
hw->mt_slots = UBCMTP_MAX_FINGERS;
hw->flags = WSMOUSEHW_MT_TRACKING;
- return wsmouse_configure(sc->sc_wsmousedev, NULL, 0);
+ return wsmouse_configure(sc->sc_wsmousedev, apldcms_wsmousecfg,
+ nitems(apldcms_wsmousecfg));
}
void
Re: bge(4) kstats
On Mon, Jul 03, 2023 at 04:48:36PM +1000, Jonathan Matthew wrote:
> This adds kstats for the hardware counters available in bge(4) devices,
> BCM5705
> and newer. The main complication is that some of the counters are already
> used
> in bge_stats_update_regs() as part of a hardware bug workaround, some are
> affected
> by hardware bugs themselves, and some are read to update interface counters.
> I decided to leave that as-is as much as possible.
>
> The main changes to bge_stats_update_regs() are to always read the outgoing
> ucast/mcast/bcast packet counters (instead of just when we're working around
> the
> RDMA bug) and to accumulate any counters read into the kstat buffer, so
> bge_kstat_read() doesn't have to touch them. All the hardware counters reset
> on
> read, so avoiding double handling keeps things simple. This means
> bge_stats_update_regs() also has to be called with bge_kstat_mtx held, so to
> decrease the number of '#if NKSTAT > 0' the mutex is compiled in even in
> kernels
> without kstat.
>
> On a lightly used machine that sees a lot of multicast and broadcast due to
> being
> near Windows desktops, the stats look like this:
>
> ok?
Tested with BCM5720 and BCM5704.
OK bluhm@
> bge0:0:bge-stats:0
> out octets: 738725 bytes
> collisions: 0
> xon sent: 0
>xoff sent: 0
> xmit errors: 0
> coll frames: 0 packets
> multicoll frame: 0 packets
>deferred xmit: 0
> excess coll: 0
>late coll: 0
> out ucast pkts: 1495 packets
> out mcast pkts: 0 packets
> out bcast pkts: 5 packets
>in octets: 10192782 bytes
>fragments: 0
>in ucast pkts: 1736 packets
>in mcast pkts: 27251 packets
>in bcast pkts: 42984 packets
> FCS errors: 0
> align errors: 0
> xon rcvd: 0
>xoff rcvd: 0
> ctrlframes rcvd: 0
> xoff entered: 0
> too long frames: 0
> jabbers: 0
> too short pkts: 0
> DMA RQ full: 0
>DMA HPRQ full: 0
> SDC queue full: 0
> sendprod set: 0
>stats updated: 0
> irqs: 0
> avoided irqs: 0
>tx thresh hit: 0
> filtdrop: 0
> DMA WRQ full: 0
> DMA HPWRQ full: 0
> out of BDs: 10
> if in drops: 0
> if in errors: 0
>rx thresh hit: 0
>
>
>
> Index: if_bge.c
> ===
> RCS file: /cvs/src/sys/dev/pci/if_bge.c,v
> retrieving revision 1.400
> diff -u -p -u -p -r1.400 if_bge.c
> --- if_bge.c 18 Jan 2023 23:31:37 - 1.400
> +++ if_bge.c 3 Jul 2023 06:09:42 -
> @@ -74,6 +74,7 @@
>
> #include "bpfilter.h"
> #include "vlan.h"
> +#include "kstat.h"
>
> #include
> #include
> @@ -85,6 +86,7 @@
> #include
> #include
> #include
> +#include
>
> #include
> #include
> @@ -203,6 +205,58 @@ void bge_ape_unlock(struct bge_softc *,
> void bge_ape_send_event(struct bge_softc *, uint32_t);
> void bge_ape_driver_state_change(struct bge_softc *, int);
>
> +#if NKSTAT > 0
> +void bge_kstat_attach(struct bge_softc *);
> +
> +enum {
> + bge_stat_out_octets = 0,
> + bge_stat_collisions,
> + bge_stat_xon_sent,
> + bge_stat_xoff_sent,
> + bge_stat_xmit_errors,
> + bge_stat_coll_frames,
> + bge_stat_multicoll_frames,
> + bge_stat_deferred_xmit,
> + bge_stat_excess_coll,
> + bge_stat_late_coll,
> + bge_stat_out_ucast_pkt,
> + bge_stat_out_mcast_pkt,
> + bge_stat_out_bcast_pkt,
> + bge_stat_in_octets,
> + bge_stat_fragments,
> + bge_stat_in_ucast_pkt,
> + bge_stat_in_mcast_pkt,
> + bge_stat_in_bcast_pkt,
> + bge_stat_fcs_errors,
> + bge_stat_align_errors,
> + bge_stat_xon_rcvd,
> + bge_stat_xoff_rcvd,
> + bge_stat_ctrl_frame_rcvd,
> + bge_stat_xoff_entered,
> + bge_stat_too_long_frames,
> + bge_stat_jabbers,
> + bge_stat_too_short_pkts,
> +
> + bge_stat_dma_rq_full,
> + bge_stat_dma_hprq_full,
> + bge_stat_sdc_queue_full,
> + bge_stat_nic_sendprod_set,
> + bge_stat_status_updated,
> + bge_stat_irqs,
> + bge_stat_avoided_irqs,
> + bge_stat_tx_thresh_hit,
> +
> + bge_stat_filtdrop,
> + bge_stat_dma_wrq_full,
> + bge_stat_dma_hpwrq_full,
> + bge_stat_out_of_bds,
> + bge_stat_if_in_drops,
> + bge_stat_if_in_errors,
> + bge_stat_rx_thresh_hit,
> +};
> +
> +#endif
> +
> #ifdef BGE_DEBUG
> #define DPRINTF(x) do { if (bgedebug) printf x; } while (0)
> #define DPRINTFN(n,x)do { if (bgedebug >= (n)) printf x; } while (0)
> @@ -2993,6 +3047,12 @@ bge_attach(struct device *parent, struct
> else
> sc->bge_return_ring_cnt = BGE_RETURN_RING_CNT_5705;
>
> + mtx_init(>bge_kstat_mtx, IPL_SOFTCLOCK);
> +#if NKSTAT > 0
> + if (BGE_IS_5705_PLUS(sc))
> + bge_kstat_attach(sc);
> +#endif
> +
> /* Set up ifnet structure */
> ifp = >arpcom.ac_if;
> ifp->if_softc = sc;
> @@ -3767,9 +3827,11 @@ bge_tick(void *xsc)
>
>
Re: ospf6d ibuf cleanup
On Mon, Jul 03, 2023 at 11:31:45AM +0200, Claudio Jeker wrote: > Like ospfd use ibuf_data() consistently, also use ibuf_size() instead of > ibuf->wpos and ibuf_left() to check if there is enough space left. ok tb
ospf6d ibuf cleanup
Like ospfd use ibuf_data() consistently, also use ibuf_size() instead of
ibuf->wpos and ibuf_left() to check if there is enough space left.
--
:wq Claudio
Index: lsreq.c
===
RCS file: /cvs/src/usr.sbin/ospf6d/lsreq.c,v
retrieving revision 1.14
diff -u -p -r1.14 lsreq.c
--- lsreq.c 8 Mar 2023 04:43:14 - 1.14
+++ lsreq.c 19 Apr 2023 13:13:01 -
@@ -59,8 +59,9 @@ send_ls_req(struct nbr *nbr)
goto fail;
/* LSA header(s) */
- for (le = TAILQ_FIRST(>ls_req_list); le != NULL &&
- buf->wpos + sizeof(struct ls_req_hdr) < buf->max; le = nle) {
+ for (le = TAILQ_FIRST(>ls_req_list);
+ le != NULL && sizeof(ls_req_hdr) < ibuf_left(buf);
+ le = nle) {
nbr->ls_req = nle = TAILQ_NEXT(le, entry);
ls_req_hdr.zero = 0;
ls_req_hdr.type = le->le_lsa->type;
Index: lsupdate.c
===
RCS file: /cvs/src/usr.sbin/ospf6d/lsupdate.c,v
retrieving revision 1.23
diff -u -p -r1.23 lsupdate.c
--- lsupdate.c 21 Jun 2023 07:45:47 - 1.23
+++ lsupdate.c 30 Jun 2023 08:10:37 -
@@ -194,7 +194,7 @@ add_ls_update(struct ibuf *buf, struct i
size_t ageoff;
u_int16_t age;
- if (buf->wpos + len >= buf->max)
+ if (len >= ibuf_left(buf))
return (0);
ageoff = ibuf_size(buf);
Index: ospfe.c
===
RCS file: /cvs/src/usr.sbin/ospf6d/ospfe.c,v
retrieving revision 1.69
diff -u -p -r1.69 ospfe.c
--- ospfe.c 21 Jun 2023 07:45:47 - 1.69
+++ ospfe.c 30 Jun 2023 08:58:37 -
@@ -954,18 +954,18 @@ orig_rtr_lsa(struct area *area)
lsa_hdr.ls_id = 0;
lsa_hdr.adv_rtr = oeconf->rtr_id.s_addr;
lsa_hdr.seq_num = htonl(INIT_SEQ_NUM);
- lsa_hdr.len = htons(buf->wpos);
+ lsa_hdr.len = htons(ibuf_size(buf));
lsa_hdr.ls_chksum = 0; /* updated later */
if (ibuf_set(buf, 0, _hdr, sizeof(lsa_hdr)) == -1)
fatal("orig_rtr_lsa: ibuf_set failed");
- chksum = iso_cksum(buf->buf, buf->wpos, LS_CKSUM_OFFSET);
+ chksum = iso_cksum(ibuf_data(buf), ibuf_size(buf), LS_CKSUM_OFFSET);
if (ibuf_set_n16(buf, LS_CKSUM_OFFSET, chksum) == -1)
fatal("orig_rtr_lsa: ibuf_set_n16 failed");
if (self)
imsg_compose_event(iev_rde, IMSG_LS_UPD, self->peerid, 0,
- -1, buf->buf, buf->wpos);
+ -1, ibuf_data(buf), ibuf_size(buf));
else
log_warnx("orig_rtr_lsa: empty area %s",
inet_ntoa(area->id));
@@ -1018,7 +1018,7 @@ orig_net_lsa(struct iface *iface)
lsa_hdr.ls_id = htonl(iface->ifindex);
lsa_hdr.adv_rtr = oeconf->rtr_id.s_addr;
lsa_hdr.seq_num = htonl(INIT_SEQ_NUM);
- lsa_hdr.len = htons(buf->wpos);
+ lsa_hdr.len = htons(ibuf_size(buf));
lsa_hdr.ls_chksum = 0; /* updated later */
if (ibuf_set(buf, 0, _hdr, sizeof(lsa_hdr)) == -1)
fatal("orig_net_lsa: ibuf_set failed");
@@ -1027,12 +1027,12 @@ orig_net_lsa(struct iface *iface)
if (ibuf_set(buf, sizeof(lsa_hdr), _net, sizeof(lsa_net)) == -1)
fatal("orig_net_lsa: ibuf_set failed");
- chksum = iso_cksum(buf->buf, buf->wpos, LS_CKSUM_OFFSET);
+ chksum = iso_cksum(ibuf_data(buf), ibuf_size(buf), LS_CKSUM_OFFSET);
if (ibuf_set_n16(buf, LS_CKSUM_OFFSET, chksum) == -1)
fatal("orig_net_lsa: ibuf_set_n16 failed");
imsg_compose_event(iev_rde, IMSG_LS_UPD, iface->self->peerid, 0,
- -1, buf->buf, buf->wpos);
+ -1, ibuf_data(buf), ibuf_size(buf));
ibuf_free(buf);
}
@@ -1116,17 +1116,17 @@ orig_link_lsa(struct iface *iface)
lsa_hdr.ls_id = htonl(iface->ifindex);
lsa_hdr.adv_rtr = oeconf->rtr_id.s_addr;
lsa_hdr.seq_num = htonl(INIT_SEQ_NUM);
- lsa_hdr.len = htons(buf->wpos);
+ lsa_hdr.len = htons(ibuf_size(buf));
lsa_hdr.ls_chksum = 0; /* updated later */
if (ibuf_set(buf, 0, _hdr, sizeof(lsa_hdr)) == -1)
fatal("orig_link_lsa: ibuf_set failed");
- chksum = iso_cksum(buf->buf, buf->wpos, LS_CKSUM_OFFSET);
+ chksum = iso_cksum(ibuf_data(buf), ibuf_size(buf), LS_CKSUM_OFFSET);
if (ibuf_set_n16(buf, LS_CKSUM_OFFSET, chksum) == -1)
fatal("orig_link_lsa: ibuf_set_n16 failed");
imsg_compose_event(iev_rde, IMSG_LS_UPD, iface->self->peerid, 0,
- -1, buf->buf, buf->wpos);
+ -1, ibuf_data(buf), ibuf_size(buf));
ibuf_free(buf);
}
Index: packet.c
===
RCS file: /cvs/src/usr.sbin/ospf6d/packet.c,v
retrieving revision 1.21
diff -u -p -r1.21 packet.c
---
Re: ospfd more ibuf cleanup
On Mon, Jul 03, 2023 at 11:28:44AM +0200, Claudio Jeker wrote: > Similar to the relayd diff use ibuf_data instead of ibuf->buf. ok tb
Re: more relayd ibuf cleanup
On Mon, Jul 03, 2023 at 11:26:34AM +0200, Claudio Jeker wrote:
> This is just some additional ibuf cleanup in relayd.
> Mostly use ibuf_data() instead of direct access to ibuf->buf.
ok tb
>
> --
> :wq Claudio
>
> Index: check_tcp.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/check_tcp.c,v
> retrieving revision 1.60
> diff -u -p -r1.60 check_tcp.c
> --- check_tcp.c 21 Jun 2023 07:54:54 - 1.60
> +++ check_tcp.c 30 Jun 2023 08:52:36 -
> @@ -214,7 +214,7 @@ tcp_send_req(int s, short event, void *a
> req = ibuf_data(cte->table->sendbinbuf);
> log_debug("%s: table %s sending binary", __func__,
> cte->table->conf.name);
> - print_hex(cte->table->sendbinbuf->buf, 0, len);
> + print_hex(req, 0, len);
> } else {
> len = strlen(cte->table->sendbuf);
> req = cte->table->sendbuf;
> @@ -323,7 +323,7 @@ check_send_expect(struct ctl_tcp_event *
> /*
>* ensure string is nul-terminated.
>*/
> - b = strndup(cte->buf->buf, ibuf_size(cte->buf));
> + b = strndup(ibuf_data(cte->buf), ibuf_size(cte->buf));
> if (b == NULL)
> fatal("out of memory");
> if (fnmatch(cte->table->conf.exbuf, b, 0) == 0) {
> Index: check_tls.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/check_tls.c,v
> retrieving revision 1.2
> diff -u -p -r1.2 check_tls.c
> --- check_tls.c 15 Sep 2019 19:23:29 - 1.2
> +++ check_tls.c 3 Sep 2021 15:58:41 -
> @@ -104,10 +104,10 @@ check_tls_write(int s, short event, void
>
> if (cte->table->sendbinbuf != NULL) {
> len = ibuf_size(cte->table->sendbinbuf);
> - buf = cte->table->sendbinbuf->buf;
> + buf = ibuf_data(cte->table->sendbinbuf);
> log_debug("%s: table %s sending binary", __func__,
> cte->table->conf.name);
> - print_hex(cte->table->sendbinbuf->buf, 0, len);
> + print_hex(buf, 0, len);
> } else {
> len = strlen(cte->table->sendbuf);
> buf = cte->table->sendbuf;
> Index: parse.y
> ===
> RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
> retrieving revision 1.253
> diff -u -p -r1.253 parse.y
> --- parse.y 15 Oct 2021 15:01:28 - 1.253
> +++ parse.y 23 Oct 2021 15:16:33 -
> @@ -996,7 +996,7 @@ tablecheck: ICMP {
> table->conf.check
> free($5);
> YYERROR;
> }
> - memcpy(table->conf.exbinbuf, ibuf->buf,
> + memcpy(table->conf.exbinbuf, ibuf_data(ibuf),
> ibuf_size(ibuf));
> ibuf_free(ibuf);
> free($5);
>
ospfd more ibuf cleanup
Similar to the relayd diff use ibuf_data instead of ibuf->buf.
--
:wq Claudio
Index: auth.c
===
RCS file: /cvs/src/usr.sbin/ospfd/auth.c,v
retrieving revision 1.21
diff -u -p -r1.21 auth.c
--- auth.c 20 Jun 2023 15:19:55 - 1.21
+++ auth.c 30 Jun 2023 08:56:56 -
@@ -154,13 +154,13 @@ auth_gen(struct ibuf *buf, struct iface
switch (iface->auth_type) {
case AUTH_NONE:
- chksum = in_cksum(buf->buf, ibuf_size(buf));
+ chksum = in_cksum(ibuf_data(buf), ibuf_size(buf));
if (ibuf_set(buf, offsetof(struct ospf_hdr, chksum),
, sizeof(chksum)) == -1)
fatalx("auth_gen: ibuf_set failed");
break;
case AUTH_SIMPLE:
- chksum = in_cksum(buf->buf, ibuf_size(buf));
+ chksum = in_cksum(ibuf_data(buf), ibuf_size(buf));
if (ibuf_set(buf, offsetof(struct ospf_hdr, chksum),
, sizeof(chksum)) == -1)
fatalx("auth_gen: ibuf_set failed");
@@ -193,7 +193,7 @@ auth_gen(struct ibuf *buf, struct iface
/* calculate MD5 digest */
MD5Init();
- MD5Update(, buf->buf, ibuf_size(buf));
+ MD5Update(, ibuf_data(buf), ibuf_size(buf));
MD5Update(, digest, MD5_DIGEST_LENGTH);
MD5Final(digest, );
Index: ospfe.c
===
RCS file: /cvs/src/usr.sbin/ospfd/ospfe.c,v
retrieving revision 1.112
diff -u -p -r1.112 ospfe.c
--- ospfe.c 20 Jun 2023 15:19:55 - 1.112
+++ ospfe.c 30 Jun 2023 08:55:44 -
@@ -1099,13 +1099,13 @@ orig_rtr_lsa(struct area *area)
if (ibuf_set(buf, 0, _hdr, sizeof(lsa_hdr)) == -1)
fatal("orig_rtr_lsa: ibuf_set failed");
- chksum = iso_cksum(buf->buf, ibuf_size(buf), LS_CKSUM_OFFSET);
+ chksum = iso_cksum(ibuf_data(buf), ibuf_size(buf), LS_CKSUM_OFFSET);
if (ibuf_set_n16(buf, LS_CKSUM_OFFSET, chksum) == -1)
fatal("orig_rtr_lsa: ibuf_set_n16 failed");
if (self && num_links)
imsg_compose_event(iev_rde, IMSG_LS_UPD, self->peerid, 0,
- -1, buf->buf, ibuf_size(buf));
+ -1, ibuf_data(buf), ibuf_size(buf));
else
log_warnx("orig_rtr_lsa: empty area %s",
inet_ntoa(area->id));
@@ -1165,12 +1165,12 @@ orig_net_lsa(struct iface *iface)
if (ibuf_set(buf, 0, _hdr, sizeof(lsa_hdr)) == -1)
fatal("orig_net_lsa: ibuf_set failed");
- chksum = iso_cksum(buf->buf, ibuf_size(buf), LS_CKSUM_OFFSET);
+ chksum = iso_cksum(ibuf_data(buf), ibuf_size(buf), LS_CKSUM_OFFSET);
if (ibuf_set_n16(buf, LS_CKSUM_OFFSET, chksum) == -1)
fatal("orig_net_lsa: ibuf_set_n16 failed");
imsg_compose_event(iev_rde, IMSG_LS_UPD, iface->self->peerid, 0,
- -1, buf->buf, ibuf_size(buf));
+ -1, ibuf_data(buf), ibuf_size(buf));
ibuf_free(buf);
}
Index: packet.c
===
RCS file: /cvs/src/usr.sbin/ospfd/packet.c,v
retrieving revision 1.36
diff -u -p -r1.36 packet.c
--- packet.c3 Nov 2021 21:40:03 - 1.36
+++ packet.c7 Nov 2021 11:14:35 -
@@ -85,7 +85,7 @@ send_packet(struct iface *iface, struct
bzero(, sizeof(msg));
iov[0].iov_base = _hdr;
iov[0].iov_len = sizeof(ip_hdr);
- iov[1].iov_base = buf->buf;
+ iov[1].iov_base = ibuf_data(buf);
iov[1].iov_len = ibuf_size(buf);
msg.msg_name = dst;
msg.msg_namelen = sizeof(*dst);
more relayd ibuf cleanup
This is just some additional ibuf cleanup in relayd.
Mostly use ibuf_data() instead of direct access to ibuf->buf.
--
:wq Claudio
Index: check_tcp.c
===
RCS file: /cvs/src/usr.sbin/relayd/check_tcp.c,v
retrieving revision 1.60
diff -u -p -r1.60 check_tcp.c
--- check_tcp.c 21 Jun 2023 07:54:54 - 1.60
+++ check_tcp.c 30 Jun 2023 08:52:36 -
@@ -214,7 +214,7 @@ tcp_send_req(int s, short event, void *a
req = ibuf_data(cte->table->sendbinbuf);
log_debug("%s: table %s sending binary", __func__,
cte->table->conf.name);
- print_hex(cte->table->sendbinbuf->buf, 0, len);
+ print_hex(req, 0, len);
} else {
len = strlen(cte->table->sendbuf);
req = cte->table->sendbuf;
@@ -323,7 +323,7 @@ check_send_expect(struct ctl_tcp_event *
/*
* ensure string is nul-terminated.
*/
- b = strndup(cte->buf->buf, ibuf_size(cte->buf));
+ b = strndup(ibuf_data(cte->buf), ibuf_size(cte->buf));
if (b == NULL)
fatal("out of memory");
if (fnmatch(cte->table->conf.exbuf, b, 0) == 0) {
Index: check_tls.c
===
RCS file: /cvs/src/usr.sbin/relayd/check_tls.c,v
retrieving revision 1.2
diff -u -p -r1.2 check_tls.c
--- check_tls.c 15 Sep 2019 19:23:29 - 1.2
+++ check_tls.c 3 Sep 2021 15:58:41 -
@@ -104,10 +104,10 @@ check_tls_write(int s, short event, void
if (cte->table->sendbinbuf != NULL) {
len = ibuf_size(cte->table->sendbinbuf);
- buf = cte->table->sendbinbuf->buf;
+ buf = ibuf_data(cte->table->sendbinbuf);
log_debug("%s: table %s sending binary", __func__,
cte->table->conf.name);
- print_hex(cte->table->sendbinbuf->buf, 0, len);
+ print_hex(buf, 0, len);
} else {
len = strlen(cte->table->sendbuf);
buf = cte->table->sendbuf;
Index: parse.y
===
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.253
diff -u -p -r1.253 parse.y
--- parse.y 15 Oct 2021 15:01:28 - 1.253
+++ parse.y 23 Oct 2021 15:16:33 -
@@ -996,7 +996,7 @@ tablecheck : ICMP { table->conf.check
free($5);
YYERROR;
}
- memcpy(table->conf.exbinbuf, ibuf->buf,
+ memcpy(table->conf.exbinbuf, ibuf_data(ibuf),
ibuf_size(ibuf));
ibuf_free(ibuf);
free($5);
Re: Diff for evaluation (WACOM tablet driver)
I hope Vladimir will find the time to complete this answer.
As far as Vlad's work goes, he did a presentation last week-end:
https://www.lre.epita.fr/news_content/SS_summer_week_pres/Vladimir_Driver_OpenBSD.pptx
(sorry for the medium, fortunately we have libreoffice)
In the mean time, here is an updated diff.
I removed the Gaomon stuff, which if anything should be a different patch.
And I cleaned up the 20+ minor style violations I could find...
(tabs instead of +4 spaces for continued lines, a few non-style compliant
function declarations and/or code blocks, oh well)
plus an extra malloc.h that snuck in and is not at all needed.
And some typos in comments.
And a C++ style comment. Oh well
I would really for some version of this to get in soonish.
I can vouch that my tablet "works" with it (well, as good as it can work
within the limitations of wscons not allowing it to be easily differentiated
from the normal mouse, which is really a pain for programs like gimp)
dmesg for the tablet with the diff
| uhidev1 at uhub1 port 4 configuration 1 interface 0 "Wacom Co.,Ltd. Intuos S"
rev 2.00/1.07 addr 6
| uhidev1: iclass 3/0, 228 report ids
| uwacom0 at uhidev1: 9 buttons, Z and W dir, tip, barrel
| wsmouse5 at uwacom0 mux 0
| uwacom1 at uhidev1: 9 buttons, Z and W dir, tip, barrel
| wsmouse6 at uwacom1 mux 0
| uwacom2 at uhidev1: 9 buttons, Z and W dir, tip, barrel
| wsmouse7 at uwacom2 mux 0
as far as I understand, it appears as several mice because the stylus
acts as totally different devices depending on the mode/end used
(stuff that wscons completely hides from us).
Without the patch, that tablet appears as 42 different uhid devices (!)
The idea is that the parser for collections was really primitive. The
debug stuff can show the details of various collection. There is the actual
tablet mechanisms (which becomes one device) including scale, stylus, etc,
and some other wacky collections (!): a debug collection that the wacom guys
told us "oh some of our hw team needs that, but don't ever touch" and
some other stuff we can't support yet (like battery support for some
advanced models of stylus)
Index: dev/hid/hid.c
===
RCS file: /cvs/src/sys/dev/hid/hid.c,v
retrieving revision 1.5
diff -u -p -r1.5 hid.c
--- dev/hid/hid.c 20 May 2022 05:03:45 - 1.5
+++ dev/hid/hid.c 3 Jul 2023 09:04:50 -
@@ -657,3 +657,51 @@ hid_is_collection(const void *desc, int
hid_end_parse(hd);
return (0);
}
+
+struct hid_data *
+hid_get_collection_data(const void *desc, int size, int32_t usage,
+uint32_t collection)
+{
+ struct hid_data *hd;
+ struct hid_item hi;
+
+ hd = hid_start_parse(desc, size, hid_all);
+
+ DPRINTF("%s: usage=0x%x\n", __func__, usage);
+ while (hid_get_item(hd, )) {
+ DPRINTF("%s: kind=%d id=%d usage=0x%x(0x%x)\n", __func__,
+ hi.kind, hi.report_ID, hi.usage, usage);
+ if (hi.kind == hid_collection &&
+ hi.collection == collection && hi.usage == usage){
+ DPRINTF("%s: found\n", __func__);
+ return hd;
+ }
+ }
+ DPRINTF("%s: not found\n", __func__);
+ hid_end_parse(hd);
+ return NULL;
+}
+
+int
+hid_get_id_of_collection(const void *desc, int size, int32_t usage,
+uint32_t collection)
+{
+ struct hid_data *hd;
+ struct hid_item hi;
+
+ hd = hid_start_parse(desc, size, hid_all);
+
+ DPRINTF("%s: id=%d usage=0x%x\n", __func__, id, usage);
+ while (hid_get_item(hd, )) {
+ DPRINTF("%s: kind=%d id=%d usage=0x%x(0x%x)\n", __func__,
+ hi.kind, hi.report_ID, hi.usage, usage);
+ if (hi.kind == hid_collection &&
+ hi.collection == collection && hi.usage == usage){
+ DPRINTF("%s: found\n", __func__);
+ return hi.report_ID;
+ }
+ }
+ DPRINTF("%s: not found\n", __func__);
+ hid_end_parse(hd);
+ return 0;
+}
Index: dev/hid/hid.h
===
RCS file: /cvs/src/sys/dev/hid/hid.h,v
retrieving revision 1.10
diff -u -p -r1.10 hid.h
--- dev/hid/hid.h 20 May 2022 05:03:45 - 1.10
+++ dev/hid/hid.h 3 Jul 2023 09:04:50 -
@@ -93,6 +93,10 @@ int hid_locate(const void *, int, int32_
int32_thid_get_data(const uint8_t *buf, int, struct hid_location *);
uint32_t hid_get_udata(const uint8_t *buf, int, struct hid_location *);
inthid_is_collection(const void *, int, uint8_t, int32_t);
+struct hid_data * hid_get_collection_data(const void *, int, int32_t,
+ uint32_t);
+inthid_get_id_of_collection(const void *desc, int size, int32_t usage,
+ uint32_t collection);
#endif /* _KERNEL */
@@ -353,6 +357,7 @@ int
Re: huge pfsync rewrite
Hello, I went through the recent diff one more time. I could not spot anything wrong. Also my home router was happy with it for quite some time. Unfortunately I'm not using pfsync. However I'm sure hrvoje@ done his best to try to make it to crash and no luck diff survived. Having said earlier it would be more risky if dlg@ will slice this chunk to smaller diffs it is the best to commit the whole change. OK sashan
bge(4) kstats
This adds kstats for the hardware counters available in bge(4) devices, BCM5705
and newer. The main complication is that some of the counters are already used
in bge_stats_update_regs() as part of a hardware bug workaround, some are
affected
by hardware bugs themselves, and some are read to update interface counters.
I decided to leave that as-is as much as possible.
The main changes to bge_stats_update_regs() are to always read the outgoing
ucast/mcast/bcast packet counters (instead of just when we're working around the
RDMA bug) and to accumulate any counters read into the kstat buffer, so
bge_kstat_read() doesn't have to touch them. All the hardware counters reset on
read, so avoiding double handling keeps things simple. This means
bge_stats_update_regs() also has to be called with bge_kstat_mtx held, so to
decrease the number of '#if NKSTAT > 0' the mutex is compiled in even in kernels
without kstat.
On a lightly used machine that sees a lot of multicast and broadcast due to
being
near Windows desktops, the stats look like this:
ok?
bge0:0:bge-stats:0
out octets: 738725 bytes
collisions: 0
xon sent: 0
xoff sent: 0
xmit errors: 0
coll frames: 0 packets
multicoll frame: 0 packets
deferred xmit: 0
excess coll: 0
late coll: 0
out ucast pkts: 1495 packets
out mcast pkts: 0 packets
out bcast pkts: 5 packets
in octets: 10192782 bytes
fragments: 0
in ucast pkts: 1736 packets
in mcast pkts: 27251 packets
in bcast pkts: 42984 packets
FCS errors: 0
align errors: 0
xon rcvd: 0
xoff rcvd: 0
ctrlframes rcvd: 0
xoff entered: 0
too long frames: 0
jabbers: 0
too short pkts: 0
DMA RQ full: 0
DMA HPRQ full: 0
SDC queue full: 0
sendprod set: 0
stats updated: 0
irqs: 0
avoided irqs: 0
tx thresh hit: 0
filtdrop: 0
DMA WRQ full: 0
DMA HPWRQ full: 0
out of BDs: 10
if in drops: 0
if in errors: 0
rx thresh hit: 0
Index: if_bge.c
===
RCS file: /cvs/src/sys/dev/pci/if_bge.c,v
retrieving revision 1.400
diff -u -p -u -p -r1.400 if_bge.c
--- if_bge.c18 Jan 2023 23:31:37 - 1.400
+++ if_bge.c3 Jul 2023 06:09:42 -
@@ -74,6 +74,7 @@
#include "bpfilter.h"
#include "vlan.h"
+#include "kstat.h"
#include
#include
@@ -85,6 +86,7 @@
#include
#include
#include
+#include
#include
#include
@@ -203,6 +205,58 @@ void bge_ape_unlock(struct bge_softc *,
void bge_ape_send_event(struct bge_softc *, uint32_t);
void bge_ape_driver_state_change(struct bge_softc *, int);
+#if NKSTAT > 0
+void bge_kstat_attach(struct bge_softc *);
+
+enum {
+ bge_stat_out_octets = 0,
+ bge_stat_collisions,
+ bge_stat_xon_sent,
+ bge_stat_xoff_sent,
+ bge_stat_xmit_errors,
+ bge_stat_coll_frames,
+ bge_stat_multicoll_frames,
+ bge_stat_deferred_xmit,
+ bge_stat_excess_coll,
+ bge_stat_late_coll,
+ bge_stat_out_ucast_pkt,
+ bge_stat_out_mcast_pkt,
+ bge_stat_out_bcast_pkt,
+ bge_stat_in_octets,
+ bge_stat_fragments,
+ bge_stat_in_ucast_pkt,
+ bge_stat_in_mcast_pkt,
+ bge_stat_in_bcast_pkt,
+ bge_stat_fcs_errors,
+ bge_stat_align_errors,
+ bge_stat_xon_rcvd,
+ bge_stat_xoff_rcvd,
+ bge_stat_ctrl_frame_rcvd,
+ bge_stat_xoff_entered,
+ bge_stat_too_long_frames,
+ bge_stat_jabbers,
+ bge_stat_too_short_pkts,
+
+ bge_stat_dma_rq_full,
+ bge_stat_dma_hprq_full,
+ bge_stat_sdc_queue_full,
+ bge_stat_nic_sendprod_set,
+ bge_stat_status_updated,
+ bge_stat_irqs,
+ bge_stat_avoided_irqs,
+ bge_stat_tx_thresh_hit,
+
+ bge_stat_filtdrop,
+ bge_stat_dma_wrq_full,
+ bge_stat_dma_hpwrq_full,
+ bge_stat_out_of_bds,
+ bge_stat_if_in_drops,
+ bge_stat_if_in_errors,
+ bge_stat_rx_thresh_hit,
+};
+
+#endif
+
#ifdef BGE_DEBUG
#define DPRINTF(x) do { if (bgedebug) printf x; } while (0)
#define DPRINTFN(n,x) do { if (bgedebug >= (n)) printf x; } while (0)
@@ -2993,6 +3047,12 @@ bge_attach(struct device *parent, struct
else
sc->bge_return_ring_cnt = BGE_RETURN_RING_CNT_5705;
+ mtx_init(>bge_kstat_mtx, IPL_SOFTCLOCK);
+#if NKSTAT > 0
+ if (BGE_IS_5705_PLUS(sc))
+ bge_kstat_attach(sc);
+#endif
+
/* Set up ifnet structure */
ifp = >arpcom.ac_if;
ifp->if_softc = sc;
@@ -3767,9 +3827,11 @@ bge_tick(void *xsc)
s = splnet();
- if (BGE_IS_5705_PLUS(sc))
+ if (BGE_IS_5705_PLUS(sc)) {
+ mtx_enter(>bge_kstat_mtx);
bge_stats_update_regs(sc);
- else
+ mtx_leave(>bge_kstat_mtx);
+ } else
bge_stats_update(sc);
if (sc->bge_flags & BGE_FIBER_TBI) {
@@ -3799,12 +3861,16
