i386: i8254_initclocks: set IPL_MPSAFE for clock, rtc IRQs

[Scott Cheloha]

pOn amd64 we lie about the interrupts established during
i8254_initclocks().  We claim they are MP-safe in order to mollify a
KASSERT in intr_establish() and continue booting.

See amd64/isa/clock.c:
   279  void
   280  i8254_initclocks(void)
   281  {
   282  i8254_inittimecounter();/* hook the interrupt-based 
i8254 tc */
   283
   284  stathz = 128;
   285  profhz = 1024;  /* XXX does not divide into 1 billion */
   286  clockintr_init(0);
   287
   288  clockintr_cpu_init(NULL);
   289
   290  /*
   291   * While the clock interrupt handler isn't really MPSAFE, the
   292   * i8254 can't really be used as a clock on a true MP system.
   293   */
   294  isa_intr_establish(NULL, 0, IST_PULSE, IPL_CLOCK | IPL_MPSAFE,
   295  clockintr, 0, "clock");
   296  isa_intr_establish(NULL, 8, IST_PULSE, IPL_STATCLOCK | 
IPL_MPSAFE,
   297  rtcintr, 0, "rtc");

and amd64/amd64/intr.c:

   332  void *
   333  intr_establish(int legacy_irq, struct pic *pic, int pin, int type, int 
level,
   334  struct cpu_info *ci, int (*handler)(void *), void *arg, const char 
*what)
   335  {
   336  struct intrhand **p, *q, *ih;
   337  int slot, error, idt_vec;
   338  struct intrsource *source;
   339  struct intrstub *stubp;
   340  int flags;
   341
   342  #ifdef DIAGNOSTIC
   343  if (legacy_irq != -1 && (legacy_irq < 0 || legacy_irq > 15))
   344  panic("intr_establish: bad legacy IRQ value");
   345
   346  if (legacy_irq == -1 && pic == _pic)
   347  panic("intr_establish: non-legacy IRQ on i8259");
   348  #endif
   349
   350  flags = level & IPL_MPSAFE;
   351  level &= ~IPL_MPSAFE;
   352
   353  KASSERT(level <= IPL_TTY || level >= IPL_CLOCK || flags & 
IPL_MPSAFE);

Can we do the same on i386?  I'm trying to test the i8254 path on
modern hardware and I'm tripping the equivalent KASSERT in
apic_intr_establish().

See i386/i386/ioapic.c:

   661  void *
   662  apic_intr_establish(int irq, int type, int level, int (*ih_fun)(void *),
   663  void *ih_arg, const char *ih_what)
   664  {
   665  unsigned int ioapic = APIC_IRQ_APIC(irq);
   666  unsigned int intr = APIC_IRQ_PIN(irq);
   667  struct ioapic_softc *sc = ioapic_find(ioapic);
   668  struct ioapic_pin *pin;
   669  struct intrhand **p, *q, *ih;
   670  extern int cold;
   671  int minlevel, maxlevel;
   672  extern void intr_calculatemasks(void); /* XXX */
   673  int flags;
   674
   675  flags = level & IPL_MPSAFE;
   676  level &= ~IPL_MPSAFE;
   677
   678  KASSERT(level <= IPL_TTY || flags & IPL_MPSAFE);

The patch below lets me test the i8254 clockintr path on modern
hardware in 32-bit mode without needing to rototill the GENERIC
config to delete all the things that implicitly depend upon the
ioapic.

I don't think lying in this case is harmful.  We can only get to
i8254_initclocks() if we have no local APIC, or if
lapic_calibrate_timer() fails.

ok?

Index: clock.c
===
RCS file: /cvs/src/sys/arch/i386/isa/clock.c,v
retrieving revision 1.65
diff -u -p -r1.65 clock.c
--- clock.c 25 Jul 2023 18:16:20 -  1.65
+++ clock.c 21 Aug 2023 03:26:39 -
@@ -431,9 +431,9 @@ i8254_initclocks(void)
clockintr_cpu_init(NULL);
 
/* When using i8254 for clock, we also use the rtc for profclock */
-   (void)isa_intr_establish(NULL, 0, IST_PULSE, IPL_CLOCK,
+   (void)isa_intr_establish(NULL, 0, IST_PULSE, IPL_CLOCK | IPL_MPSAFE,
clockintr, 0, "clock");
-   (void)isa_intr_establish(NULL, 8, IST_PULSE, IPL_STATCLOCK,
+   (void)isa_intr_establish(NULL, 8, IST_PULSE, IPL_STATCLOCK | IPL_MPSAFE,
rtcintr, 0, "rtc");
 
rtcstart(); /* start the mc146818 clock */

Re: Have sysupgrade run fw_update -vv

[Andrew Hewus Fresh]

On Sat, Aug 19, 2023 at 03:11:46PM -0700, Andrew Hewus Fresh wrote:
> On Sun, Aug 13, 2023 at 04:42:49PM -0600, Theo de Raadt wrote:
> > Stuart Henderson  wrote:
> > 
> > > On 2023/08/13 11:44, Andrew Hewus Fresh wrote:
> > > > My laptop doesn't have the fastest wifi and sysupgrade already uses a
> > > > progress bar to show what it's doing, so I'd really like to provide more
> > > > feedback on what it is doing:
> > > 
> > > Does a single -v give enough feedback?
> > 
> > As shown below, -vv is ridiculously verbose.
> > 
> > I think -v is also too verbose.
> 
> That makes sense to me.  Here's a fairly intrusive patch that in the
> normal case prints the status line "as we go" so you can see that it is
> doing something.  Errors from ftp are not super friendly, although I'm
> not entirely sure what it should do yet, so right now I do nothing.

Some additional detail on this.  One example is if the ftp process fails
to download a file, for example it is killed or times out or something
which results in (in the case of a SIGTERM):

$ doas ksh ./fw_update.sh 
fw_update.sh: add intel /Terminated 
Terminated 
,inteldrm,iwm,uvideo,vmm; update none
Cannot fetch 
http://firmware.openbsd.org/firmware/snapshots/intel-firmware-20230808v0.tgz

Would it be an improvement to provide more detail?

$ doas ksh ./fw_update.sh 
fw_update.sh: add intel /Terminated 
Terminated 
(intel-firmware-20230808v0.tgz download failed),inteldrm,iwm,uvideo,vmm; update 
none
Cannot fetch 
http://firmware.openbsd.org/firmware/snapshots/intel-firmware-20230808v0.tgz

Since I don't know what, if anything, was printed by the failure,
it's hard to know how much would be helpful.


> In the normal and single -v case, it also adds a spinner while it is
> downloading if there STDOUT is a tty.
> 
> We now go in two phases for install/update where we first detect what
> needs to be done and then do it so we can separate install from
> download.
> 
> In any case, I think this is ready for wider testing.
> 
> Comments, suggestions, OK?
> 
-- 
andrew

Full-time system administration is a delicate balance 
between proactiveness and laziness.
  --  jhorwitz from use.perl.org

Add Intel Optane P1600X to pcidevs

[Andreas Bartelt]

Hi,

Intel Optane P1600X Series SSDs are not yet identified in CURRENT (e.g., 
https://www.intel.com/content/www/us/en/products/sku/211867/intel-optane-ssd-p1600x-series-118gb-m-2-80mm-pcie-3-0-x4-3d-xpoint/specifications.html 
).


The following patch adds a suitable description (tested with 118GB model).

Index: src/sys/dev/pci/pcidevs
===
RCS file: /cvs/src/sys/dev/pci/pcidevs,v
retrieving revision 1.2045
diff -u -p -r1.2045 pcidevs
--- src/sys/dev/pci/pcidevs 9 Aug 2023 21:27:47 -   1.2045
+++ src/sys/dev/pci/pcidevs 20 Aug 2023 11:53:01 -
@@ -4566,6 +4566,7 @@ product INTEL WL_8265_1   0x24fd  Dual Ban
 product INTEL 82820_HB 0x2501  82820 Host
 product INTEL 82820_AGP0x250f  82820 AGP
 product INTEL OPTANE   0x2522  Optane
+product INTEL P1600X   0x2525  P1600X
 product INTEL WL_9260_10x2526  Dual Band Wireless-AC 9260
 product INTEL 82850_HB 0x2530  82850 Host
 product INTEL 82860_HB 0x2531  82860 Host

Re: Virtio fix for testing

[Stefan Fritsch]

Am 13.08.23 um 17:38 schrieb Tobias Heider:

On Sun, Aug 13, 2023 at 08:33:54AM -0400, Andrew Cagney wrote:

Hi Andrew,

can you share the qemu cmd you are using in your tests?
I'd like to see if I can reproduce this.


Here's pretty much everything.  Thanks for looking at it.


Thank you, I managed to reproduce your crash.
I am not yet sure what the exact problem is but you could try using install73.img > instead of install73.iso. It looks like only the iso triggers the bug 

for me.

-cdrom makes qemu add an ATA cdrom drive. This issue has nothing to do 
with the virtio scsi issue / fix from May.


The "wdc_atapi_start" here

>> --:-- ETAwdc_atapi_start: not ready, st = 50

also points to the problem being related to ATA.

You could try something like

-device virtio-scsi-pci,id=scsi
-drive file=install73.iso,format=raw,id=cdinst,if=none
-device scsi-cd,drive=cdinst

That depends on your seabios having support for virtio cdroms. Not sure 
if that is the default by now.


Or maybe try a SATA cdrom, but you would need to figure out the qemu 
options for that yourself.


Oh, and the exact qemu version you used may be interesting for people 
trying to debug this.


Cheers,
Stefan






virt-install \
--connect=qemu:///system \
  --check=path_in_use=off \
  --graphics=none \
  --virt-type=kvm \
  --noreboot \
  --console=pty,target_type=serial \
  --cpu=host-passthrough \
  --network=network:swandefault,model=virtio \
  --rng=type=random,device=/dev/random \
  --security=type=static,model=dac,label='1000:107',relabel=yes \
--vcpus=1 \
--memory=2048 \
--name=w.openbsd-base \
--os-variant=openbsd7.3 \
--disk=path=/home/libreswan/pool/w.openbsd-base.qcow2,size=10,bus=virtio,format=qcow2
\
--filesystem=target=pool,type=mount,accessmode=squash,source=/home/libreswan/pool
\
--cdrom=/home/libreswan/pool/w.openbsd-base.iso

base.conf which gets added to the iso looks like:

#install.conf file for OpenBSD
Terminal type? = com0
System hostname = openbsd
Which network interface do you wish to configure? = vio0
IPv4 address for = dhcp
DNS Domain name = testing.libreswan.org
Password for root account? =
$2a$12$YZ8bMn19IHPQpBoD6Xf/re/4pp2kbJtVkIl/Mc4G3WA96qyG7/6qW
Start sshd(8) by default = yes
Start ntpd(8) by default? = no
NTP server? (hostname or 'default') = default
Do you expect to run the X Window System? = no
Do you want the X Window System to be started by xdm(1)? = no
Which speed should com0 use? (or 'done') = 19200
What timezone are you in? = EST
Change the default console to com0? = yes
Setup a user? = no
Allow root ssh login = yes
Use (W)hole disk or (E)dit the MBR? = W
URL to autopartitioning template for disklabel? = file:/base.disk
Which disk is the root disk? = sd0
Use DUIDs rather than device names in fstab? = yes
Which disk do you wish to initialize? = done
Set name(s)? = all
Location of sets? = cd0
oPathname to the sets = 7.1/amd64
Directory does not contain SHA256.sig. Continue without verification? = yes

this is the console log, part way through pexpect feeds the VM
commands to start the installer:

cannot open cd0a:/etc/random.seed: No such file or directory
booting cd0a:/7.3/amd64/bsd.rd: 3973828+1655808+3882568+0+708608
[109+444720+297256]=0xa76648
entry point at 0x81001000
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California.  All rights reserved.
Copyright (c) 1995-2023 OpenBSD. All rights reserved.  https://www.OpenBSD.org

OpenBSD 7.3-current (RAMDISK_CD) #1262: Sat Aug 12 11:54:24 MDT 2023
 dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/RAMDISK_CD
real mem = 2130542592 (2031MB)
avail mem = 2062016512 (1966MB)
random: good seed from bootblocks
mainbus0 at root
bios0 at mainbus0: SMBIOS rev. 2.8 @ 0xf59a0 (9 entries)
bios0: vendor SeaBIOS version "1.16.2-1.fc38" date 04/01/2014
bios0: QEMU Standard PC (i440FX + PIIX, 1996)
acpi0 at bios0: ACPI 1.0
acpi0: tables DSDT FACP APIC WAET
acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
cpu0 at mainbus0: apid 0 (boot processor)
cpu0: AMD Ryzen 9 3950X 16-Core Processor, 3500.43 MHz, 17-71-00
cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,MMX,FXSR,SSE,SSE2,SSE3,PCLMUL,SSSE3,FMA3,CX16,SSE4.1,SSE4.2,x2APIC,MOVBE,POPCNT,DEADLINE,AES,XSAVE,AVX,F16C,RDRAND,HV,NXE,MMXX,FFXSR,PAGE1GB,RDTSCP,LONG,LAHF,CMPLEG,SVM,AMCR8,ABM,SSE4A,MASSE,3DNOWP,OSVW,CPCTR,FSGSBASE,TSC_ADJUST,BMI1,AVX2,SMEP,BMI2,RDSEED,ADX,SMAP,CLFLUSHOPT,CLWB,SHA,UMIP,STIBP,SSBD,IBPB,STIBP,SSBD,VIRTSSBD,XSAVEOPT,XSAVEC,XGETBV1
cpu0: 64KB 64b/line 2-way D-cache, 64KB 64b/line 2-way I-cache
cpu0: 512KB 64b/line 16-way L2 cache
cpu0: apic clock running at 1000MHz
ioapic0 at mainbus0: apid 0 pa 0xfec0, version 11, 24 pins
acpiprt0 at acpi0: bus 0 (PCI0)
"ACPI0006" at acpi0 not configured
acpipci0 at acpi0 PCI0
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"PNP0A06" at acpi0 not configured
"QEMU0002" at acpi0 not configured
com0 at acpi0 COM1 addr 0x3f8/0x8 irq 4: ns16550a, 16 byte 

Re: sshd: reduce preauth log verbosity

[Damien Miller]

On Fri, 18 Aug 2023, Tobias Heider wrote:

> Hi,
> 
> I was looking at my authlog today and as expected on a server exposed on the
> public internet it is filled with random scanners and brute force attacks.
> One thing I noticed is that there is a lot of information we log multiple
> times for a each failed connection.
> 
> Some examples below:
> 
> sshd[6216]: error: kex_exchange_identification: banner line contains invalid 
> characters
> sshd[6216]: banner exchange: Connection from xx.97.73.149 port 64744: invalid 
> format 
> sshd[68416]: error: kex_exchange_identification: banner line contains invalid 
> characters
> sshd[68416]: banner exchange: Connection from xx.97.73.149 port 63955: 
> invalid format 
> 
> There are a few more parsing errors like this that result in a print of the 
> exact
> issue error followed by 'goto invalid' which causes the more general "invalid 
> format"
> message. I think "invalid format" is enough information in most cases.
> 
> sshd[50752]: error: kex_exchange_identification: Connection closed by remote 
> host 
> sshd[50752]: Connection closed by xx.94.81.243 port 61000
> 
> Same as above, the kex_exchange_identification doesn't really add anything.
> 
> sshd[51579]: Invalid user tom from xx.134.191.142 port 35480
> sshd[51579]: Received disconnect from xx.134.191.142 port 35480:11: Bye Bye 
> [preauth]
> sshd[51579]: Disconnected from invalid user tom xx.134.191.142 port 35480 
> [preauth]
> sshd[94857]: Invalid user long from xx.97.173.1 port 51140
> sshd[94857]: Received disconnect from xx.97.173.1 port 51140:11: Bye Bye 
> [preauth]
> sshd[94857]: Disconnected from invalid user long xx.97.173.1 port 51140 
> [preauth]
> 
> Here the "Disconnected" line contains all the info from "Invalid user" line.
> Those invalid user messages make up the largest part of my log file,
> so deduplicating them makes a huge difference.
> 
> Below is a diff to make some of those log to debug if the same information
> is also logged elsewhere.
> Is there some general interest in diffs to clean this up a bit?

ok to the kex.c ones, but no to the auth.c one. There are other exit
paths that sshd can take that might lose the "Invalid user" message and
then that information would be lost.

> Index: auth.c
> ===
> RCS file: /cvs/src/usr.bin/ssh/auth.c,v
> retrieving revision 1.160
> diff -u -p -r1.160 auth.c
> --- auth.c5 Mar 2023 05:34:09 -   1.160
> +++ auth.c18 Aug 2023 14:22:55 -
> @@ -431,7 +431,7 @@ getpwnamallow(struct ssh *ssh, const cha
>  
>   pw = getpwnam(user);
>   if (pw == NULL) {
> - logit("Invalid user %.100s from %.100s port %d",
> + debug("Invalid user %.100s from %.100s port %d",
>   user, ssh_remote_ipaddr(ssh), ssh_remote_port(ssh));
>   return (NULL);
>   }
> Index: kex.c
> ===
> RCS file: /cvs/src/usr.bin/ssh/kex.c,v
> retrieving revision 1.179
> diff -u -p -r1.179 kex.c
> --- kex.c 18 Aug 2023 01:37:41 -  1.179
> +++ kex.c 18 Aug 2023 14:22:55 -
> @@ -1336,7 +1336,7 @@ kex_exchange_identification(struct ssh *
>   len = atomicio(read, ssh_packet_get_connection_in(ssh),
>   , 1);
>   if (len != 1 && errno == EPIPE) {
> - error_f("Connection closed by remote host");
> + debug_f("Connection closed by remote host");
>   r = SSH_ERR_CONN_CLOSED;
>   goto out;
>   } else if (len != 1) {
> @@ -1352,7 +1352,7 @@ kex_exchange_identification(struct ssh *
>   if (c == '\n')
>   break;
>   if (c == '\0' || expect_nl) {
> - error_f("banner line contains invalid "
> + debug_f("banner line contains invalid "
>   "characters");
>   goto invalid;
>   }
> @@ -1362,7 +1362,7 @@ kex_exchange_identification(struct ssh *
>   goto out;
>   }
>   if (sshbuf_len(peer_version) > SSH_MAX_BANNER_LEN) {
> - error_f("banner line too long");
> + debug_f("banner line too long");
>   goto invalid;
>   }
>   }
> @@ -1378,7 +1378,7 @@ kex_exchange_identification(struct ssh *
>   }
>   /* Do not accept lines before the SSH ident from a client */
>   if (ssh->kex->server) {
> - error_f("client sent invalid protocol identifier "
> + debug_f("client sent invalid protocol identifier "
>   "\"%.256s\"",