Fix overflow handling in dd(1)
This diff fixes the overflow handling in dd(1). Before, if provided an argument of SIZE_T_MAX, dd(1) would exit with dd: count: Undefined error: 0 since strtoul(3) doesn't set errno when its argument is equal to ULONG_MAX. Now, dd(1) handles SIZE_T_MAX gracefully. Index: args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- args.c 21 May 2014 06:23:02 - 1.25 +++ args.c 14 Jun 2014 04:02:51 - @@ -196,8 +196,7 @@ static void f_count(char *arg) { - if ((cpy_cnt = get_bsz(arg)) == 0) - cpy_cnt = (size_t)-1; + cpy_cnt = get_bsz(arg); } static void @@ -323,8 +322,9 @@ get_bsz(char *val) size_t num, t; char *expr; + errno = 0; num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper); Index: dd.c === RCS file: /cvs/src/bin/dd/dd.c,v retrieving revision 1.18 diff -u -b -w -p -r1.18 dd.c --- dd.c1 Jun 2013 16:46:49 - 1.18 +++ dd.c14 Jun 2014 04:02:51 - @@ -77,7 +77,7 @@ main(int argc, char *argv[]) atexit(summary); - if (cpy_cnt != (size_t)-1) { + if (cpy_cnt != 0) { while (files_cnt--) dd_in(); }
Re: diff: Fix overflow handling in dd(1)
Any interest in this? I’ve made a slight addition, to check for negative numbers in get_bsz. Index: args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- args.c 21 May 2014 06:23:02 - 1.25 +++ args.c 22 Jun 2014 06:33:29 - @@ -196,8 +196,7 @@ static void f_count(char *arg) { - if ((cpy_cnt = get_bsz(arg)) == 0) - cpy_cnt = (size_t)-1; + cpy_cnt = get_bsz(arg); } static void @@ -323,8 +322,12 @@ get_bsz(char *val) size_t num, t; char *expr; + if (val[0] == '-') + errx(1, %s: cannot be negative, oper); + + errno = 0; num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper); Index: dd.c === RCS file: /cvs/src/bin/dd/dd.c,v retrieving revision 1.18 diff -u -b -w -p -r1.18 dd.c --- dd.c1 Jun 2013 16:46:49 - 1.18 +++ dd.c22 Jun 2014 06:33:29 - @@ -77,7 +77,7 @@ main(int argc, char *argv[]) atexit(summary); - if (cpy_cnt != (size_t)-1) { + if (cpy_cnt != 0) { while (files_cnt--) dd_in(); } On Jun 13, 2014, at 9:26 PM, William Orr w...@worrbase.com wrote: This diff fixes the overflow handling in dd(1). Before, if provided an argument of SIZE_T_MAX, dd(1) would exit with dd: count: Undefined error: 0 since strtoul(3) doesn't set errno when its argument is equal to ULONG_MAX. Now, dd(1) handles SIZE_T_MAX gracefully. Index: args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- args.c21 May 2014 06:23:02 - 1.25 +++ args.c14 Jun 2014 04:02:51 - @@ -196,8 +196,7 @@ static void f_count(char *arg) { - if ((cpy_cnt = get_bsz(arg)) == 0) - cpy_cnt = (size_t)-1; + cpy_cnt = get_bsz(arg); } static void @@ -323,8 +322,9 @@ get_bsz(char *val) size_t num, t; char *expr; + errno = 0; num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper); Index: dd.c === RCS file: /cvs/src/bin/dd/dd.c,v retrieving revision 1.18 diff -u -b -w -p -r1.18 dd.c --- dd.c 1 Jun 2013 16:46:49 - 1.18 +++ dd.c 14 Jun 2014 04:02:51 - @@ -77,7 +77,7 @@ main(int argc, char *argv[]) atexit(summary); - if (cpy_cnt != (size_t)-1) { + if (cpy_cnt != 0) { while (files_cnt--) dd_in(); } signature.asc Description: Message signed with OpenPGP using GPGMail
Undefined symbol in ld.so
ld.so in -current isn't building right now, due to an undefined reference to _dl_realloc caused by the recent addition of _dl_reallocarray. The following diff implements _dl_realloc, largely copied from the implementation in lib/libc/stdlib/malloc.c. tested on amd64 Index: malloc.c === RCS file: /cvs/src/libexec/ld.so/malloc.c,v retrieving revision 1.1 diff -u -b -w -p -r1.1 malloc.c --- malloc.c5 Jun 2014 08:39:07 - 1.1 +++ malloc.c24 Jun 2014 08:24:43 - @@ -78,6 +78,12 @@ #define MMAP(sz) _dl_mmap(NULL, (size_t)(sz), PROT_READ | PROT_WRITE, \ MAP_ANON | MAP_PRIVATE, -1, (off_t) 0) +#define MMAPA(a,sz)_dl_mmap((a), (size_t)(sz), PROT_READ | PROT_WRITE, \ +MAP_ANON | MAP_PRIVATE, -1, (off_t) 0) + +#define MQUERY(a, sz) _dl_mquery((a), (size_t)(sz), PROT_READ | PROT_WRITE, \ +MAP_ANON | MAP_PRIVATE | MAP_FIXED, -1, (off_t)0) + #define MMAP_ERROR(p) (_dl_mmap_error(p) ? MAP_FAILED : (p)) struct region_info { @@ -277,6 +283,26 @@ unmap(struct dir_info *d, void *p, size_ wrterror(malloc cache overflow); } +static void +zapcacheregion(struct dir_info *d, void *p, size_t len) +{ + u_int i; + struct region_info *r; + size_t rsz; + + for (i = 0; i mopts.malloc_cache; i++) { + r = d-free_regions[i]; + if (r-p = p r-p = (void *)((char *)p + len)) { + rsz = r-size MALLOC_PAGESHIFT; + if (_dl_munmap(r-p, rsz)) + wrterror(munmap); + r-p = NULL; + d-free_regions_size -= r-size; + r-size = 0; + } + } +} + static void * map(struct dir_info *d, size_t sz, int zero_fill) { @@ -987,6 +1013,119 @@ _dl_free(void *ptr) malloc_active--; } +static void * +orealloc(void *p, size_t newsz) +{ + struct region_info *r; + size_t oldsz, goldsz, gnewsz; + void *q; + + if (p == NULL) + return omalloc(newsz, 0); + + r = find(g_pool, p); + if (r == NULL) { + wrterror(bogus pointer (double free?)); + return NULL; + } + if (newsz = SIZE_MAX - mopts.malloc_guard - MALLOC_PAGESIZE) + return NULL; + + REALSIZE(oldsz, r); + goldsz = oldsz; + if (oldsz MALLOC_MAXCHUNK) { + if (oldsz mopts.malloc_guard) + wrterror(guard size); + oldsz -= mopts.malloc_guard; + } + + gnewsz = newsz; + if (gnewsz MALLOC_MAXCHUNK) + gnewsz += mopts.malloc_guard; + + if (newsz MALLOC_MAXCHUNK oldsz MALLOC_MAXCHUNK p == r-p) { + size_t roldsz = PAGEROUND(goldsz); + size_t rnewsz = PAGEROUND(gnewsz); + + if (rnewsz roldsz) { + if (!mopts.malloc_guard) { + void *hint = (char *)p + roldsz; + size_t needed = rnewsz - roldsz; + + zapcacheregion(g_pool, hint, needed); + q = MQUERY(hint, needed); + if (q == hint) + q = MMAPA(hint, needed); + else + q = MAP_FAILED; + if (q == hint) { + if (mopts.malloc_junk == 2) + _dl_memset(q, SOME_JUNK, needed); + r-size = newsz; + return p; + } else if (q != MAP_FAILED) { + if (_dl_munmap(q, needed)) + wrterror(munmap); + } + } + } else if (rnewsz roldsz) { + if (mopts.malloc_guard) { + if (_dl_mprotect((char *)p + roldsz - + mopts.malloc_guard, mopts.malloc_guard, + PROT_READ | PROT_WRITE)) + wrterror(mprotect); + if (_dl_mprotect((char *)p + rnewsz - + mopts.malloc_guard, mopts.malloc_guard, + PROT_NONE)) + wrterror(mprotect); + } + unmap(g_pool, (char *)p + rnewsz, roldsz - rnewsz); + r-size = gnewsz; + return p; + } else { + if (newsz oldsz mopts.malloc_junk == 2) + _dl_memset((char *)p + newsz, SOME_JUNK, +
Re: Undefined symbol in ld.so
Whoops! Sorry for the confusion; disregard. On Jun 24, 2014, at 3:31 AM, Otto Moerbeek o...@drijf.net wrote: On Tue, Jun 24, 2014 at 01:30:55AM -0700, William Orr wrote: ld.so in -current isn't building right now, due to an undefined reference to _dl_realloc caused by the recent addition of _dl_reallocarray. The following diff implements _dl_realloc, largely copied from the implementation in lib/libc/stdlib/malloc.c. There are cvssync problems. The code in curent compiles fine. -Otto tested on amd64 Index: malloc.c === RCS file: /cvs/src/libexec/ld.so/malloc.c,v retrieving revision 1.1 diff -u -b -w -p -r1.1 malloc.c --- malloc.c 5 Jun 2014 08:39:07 - 1.1 +++ malloc.c 24 Jun 2014 08:24:43 - @@ -78,6 +78,12 @@ #define MMAP(sz) _dl_mmap(NULL, (size_t)(sz), PROT_READ | PROT_WRITE, \ MAP_ANON | MAP_PRIVATE, -1, (off_t) 0) +#define MMAPA(a,sz) _dl_mmap((a), (size_t)(sz), PROT_READ | PROT_WRITE, \ +MAP_ANON | MAP_PRIVATE, -1, (off_t) 0) + +#define MQUERY(a, sz) _dl_mquery((a), (size_t)(sz), PROT_READ | PROT_WRITE, \ +MAP_ANON | MAP_PRIVATE | MAP_FIXED, -1, (off_t)0) + #define MMAP_ERROR(p)(_dl_mmap_error(p) ? MAP_FAILED : (p)) struct region_info { @@ -277,6 +283,26 @@ unmap(struct dir_info *d, void *p, size_ wrterror(malloc cache overflow); } +static void +zapcacheregion(struct dir_info *d, void *p, size_t len) +{ +u_int i; +struct region_info *r; +size_t rsz; + +for (i = 0; i mopts.malloc_cache; i++) { +r = d-free_regions[i]; +if (r-p = p r-p = (void *)((char *)p + len)) { +rsz = r-size MALLOC_PAGESHIFT; +if (_dl_munmap(r-p, rsz)) +wrterror(munmap); +r-p = NULL; +d-free_regions_size -= r-size; +r-size = 0; +} +} +} + static void * map(struct dir_info *d, size_t sz, int zero_fill) { @@ -987,6 +1013,119 @@ _dl_free(void *ptr) malloc_active--; } +static void * +orealloc(void *p, size_t newsz) +{ +struct region_info *r; +size_t oldsz, goldsz, gnewsz; +void *q; + +if (p == NULL) +return omalloc(newsz, 0); + +r = find(g_pool, p); +if (r == NULL) { +wrterror(bogus pointer (double free?)); +return NULL; +} +if (newsz = SIZE_MAX - mopts.malloc_guard - MALLOC_PAGESIZE) +return NULL; + +REALSIZE(oldsz, r); +goldsz = oldsz; +if (oldsz MALLOC_MAXCHUNK) { +if (oldsz mopts.malloc_guard) +wrterror(guard size); +oldsz -= mopts.malloc_guard; +} + +gnewsz = newsz; +if (gnewsz MALLOC_MAXCHUNK) +gnewsz += mopts.malloc_guard; + +if (newsz MALLOC_MAXCHUNK oldsz MALLOC_MAXCHUNK p == r-p) { +size_t roldsz = PAGEROUND(goldsz); +size_t rnewsz = PAGEROUND(gnewsz); + +if (rnewsz roldsz) { +if (!mopts.malloc_guard) { +void *hint = (char *)p + roldsz; +size_t needed = rnewsz - roldsz; + +zapcacheregion(g_pool, hint, needed); +q = MQUERY(hint, needed); +if (q == hint) +q = MMAPA(hint, needed); +else +q = MAP_FAILED; +if (q == hint) { +if (mopts.malloc_junk == 2) +_dl_memset(q, SOME_JUNK, needed); +r-size = newsz; +return p; +} else if (q != MAP_FAILED) { +if (_dl_munmap(q, needed)) +wrterror(munmap); +} +} +} else if (rnewsz roldsz) { +if (mopts.malloc_guard) { +if (_dl_mprotect((char *)p + roldsz - +mopts.malloc_guard, mopts.malloc_guard, +PROT_READ | PROT_WRITE)) +wrterror(mprotect); +if (_dl_mprotect((char *)p + rnewsz - +mopts.malloc_guard, mopts.malloc_guard, +PROT_NONE)) +wrterror(mprotect); +} +unmap(g_pool, (char *)p + rnewsz, roldsz - rnewsz); +r-size = gnewsz; +return p; +} else
Re: lynx: disable old protocols
On Jul 10, 2014, at 8:05 PM, Daniel Dickman didick...@gmail.com wrote: Patch below turns off the following ancient protocols built into lynx: bibp, finger, gopher, and news. For some urls, lynx will invoke an external command. Turn off telnet, rlogin and tn3270 urls by defining them to false(1) as documented in the lynx manual. Finally, turn off the file editor which can be accessed with g.enter using the --disable-dired switch. ok to commit? Index: Makefile.bsd-wrapper === RCS file: /home/cvs/src/gnu/usr.bin/lynx/Makefile.bsd-wrapper,v retrieving revision 1.24 diff -u -p -u -r1.24 Makefile.bsd-wrapper --- Makefile.bsd-wrapper 15 Apr 2014 20:55:42 - 1.24 +++ Makefile.bsd-wrapper 11 Jul 2014 02:47:31 - @@ -5,7 +5,10 @@ CLEANFILES+= lynx.1 DPADD=${LIBSSL} ${LIBCRYPTO} GNUCFLAGS=CC=${CC} CFLAGS=${CFLAGS} ${COPTS} ${OPT} LDFLAGS=${LDFLAGS} -CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug +CONFIGURE_ARGS= --with-ssl=/usr --enable-widec --enable-ipv6 --enable-debug \ + --disable-bibp-urls --disable-finger --disable-gopher --disable-news \ + --disable-dired + HTMLDIR= /usr/share/doc/html HELPFILES=keystrokes/alt_edit_help.html keystrokes/bookmark_help.html \ keystrokes/cookie_help.html keystrokes/dired_help.html \ @@ -39,12 +42,18 @@ config: .FORCE PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} config.status: PATH=/bin:/usr/bin:/sbin:/usr/sbin \ ${GNUCFLAGS} \ INSTALL_PROGRAM=${INSTALL} ${INSTALL_COPY} ${INSTALL_STRIP} \ + TELNET=/usr/bin/false \ + RLOGIN=/usr/bin/false \ + TN3270=/usr/bin/false \ sh ${.CURDIR}/configure --prefix=/usr --sysconfdir=/etc --disable-color-style ${CONFIGURE_ARGS} ${CF} lynx.1: ${.CURDIR}/lynx.man I too use gopher in lynx regularly, and would miss support. There is still a surprisingly active community using gopher. (floodgap, et al.) signature.asc Description: Message signed with OpenPGP using GPGMail
Re: lynx: disable old protocols
On 7/11/2014 2:03 AM, Theo de Raadt wrote: If lynx was removed from base, and only available in ports... how many of you would even know of it's existance and use it? I absolutely would use it if it were only available in ports. I only complain about gopher support being removed because lynx has the best gopher browsing experience around, and in OpenBSD-land, there's no alternative other than building it and installing it out-of-band. I would happily use a package, be it instead of or in addition to a stripped-down lynx in base. wrt. auditing it, should we send patches here? Or upstream?
[PATCH] fix overflow handling in dd(1)
Hey, I sent a patch similar to this almost a month ago with no response. Feedback? Interest? This patch fixes the following: - Takes negative values - When SIZE_T_MAX was passed, returns undefined error Index: bin/dd/args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- bin/dd/args.c 21 May 2014 06:23:02 - 1.25 +++ bin/dd/args.c 13 Jul 2014 07:43:07 - @@ -37,6 +37,7 @@ #include sys/types.h #include sys/time.h +#include ctype.h #include err.h #include errno.h #include limits.h @@ -196,8 +197,7 @@ static void f_count(char *arg) { - if ((cpy_cnt = get_bsz(arg)) == 0) - cpy_cnt = (size_t)-1; + cpy_cnt = get_bsz(arg); } static void @@ -322,9 +322,16 @@ get_bsz(char *val) { size_t num, t; char *expr; + char *vp = val; - num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + while (isspace(vp[0])) + vp++; + if (vp[0] == '-') + errx(1, %s: cannot be negative, oper); + + errno = 0; + num = strtoul(vp, expr, 0); + if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper); Index: bin/dd/dd.c === RCS file: /cvs/src/bin/dd/dd.c,v retrieving revision 1.18 diff -u -b -w -p -r1.18 dd.c --- bin/dd/dd.c 1 Jun 2013 16:46:49 - 1.18 +++ bin/dd/dd.c 13 Jul 2014 07:43:07 - @@ -77,7 +77,7 @@ main(int argc, char *argv[]) atexit(summary); - if (cpy_cnt != (size_t)-1) { + if (cpy_cnt != 0) { while (files_cnt--) dd_in(); } Index: lib/libssl/src/crypto/conf/conf_api.c === RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v retrieving revision 1.11 diff -u -b -w -p -r1.11 conf_api.c --- lib/libssl/src/crypto/conf/conf_api.c 23 Jun 2014 22:19:02 - 1.11 +++ lib/libssl/src/crypto/conf/conf_api.c 13 Jul 2014 07:43:09 - @@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char if ((v-section = malloc(i)) == NULL) goto err; - memcpy(v-section, section, i); + memmove(v-section, section, i); v-name = NULL; v-value = (char *)sk;
Re: [PATCH] fix overflow handling in dd(1)
Sorry, the libssl patch was unintentional. I forgot to cvs up -C that one. On 7/13/2014 2:05 AM, Ted Unangst wrote: On Sun, Jul 13, 2014 at 01:52, William Orr wrote: Hey, I sent a patch similar to this almost a month ago with no response. Feedback? Interest? Yes. - num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + while (isspace(vp[0])) + vp++; + if (vp[0] == '-') + errx(1, %s: cannot be negative, oper); + + errno = 0; + num = strtoul(vp, expr, 0); + if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ I think you can just use strchr to look for a - anywhere in the string. It shouldn't be anywhere, right? And use ULONG_MAX to match strtoul. Index: lib/libssl/src/crypto/conf/conf_api.c === RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v retrieving revision 1.11 diff -u -b -w -p -r1.11 conf_api.c --- lib/libssl/src/crypto/conf/conf_api.c 23 Jun 2014 22:19:02 - 1.11 +++ lib/libssl/src/crypto/conf/conf_api.c 13 Jul 2014 07:43:09 - @@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char if ((v-section = malloc(i)) == NULL) goto err; - memcpy(v-section, section, i); + memmove(v-section, section, i); v-name = NULL; v-value = (char *)sk; Unrelated, but also unnecessary. The malloc above makes it clear v-section is a unique pointer not aliased with section. memcpy is fine.
Re: [PATCH] fix overflow handling in dd(1)
Here is the latest diff with the bullshit removed and the loop replaced with strchr. Index: bin/dd/args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- bin/dd/args.c 21 May 2014 06:23:02 - 1.25 +++ bin/dd/args.c 13 Jul 2014 09:13:18 - @@ -196,8 +196,7 @@ static void f_count(char *arg) { - if ((cpy_cnt = get_bsz(arg)) == 0) - cpy_cnt = (size_t)-1; + cpy_cnt = get_bsz(arg); } static void @@ -323,8 +322,12 @@ get_bsz(char *val) size_t num, t; char *expr; - num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + if (strchr(val, '-')) + errx(1, %s: illegal numeric value, oper); + + errno = 0; + num = strtoul(val, expr, 0); + if (num == ULONG_MAX errno == ERANGE)/* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper); Index: bin/dd/dd.c === RCS file: /cvs/src/bin/dd/dd.c,v retrieving revision 1.18 diff -u -b -w -p -r1.18 dd.c --- bin/dd/dd.c 1 Jun 2013 16:46:49 - 1.18 +++ bin/dd/dd.c 13 Jul 2014 09:13:18 - @@ -77,7 +77,7 @@ main(int argc, char *argv[]) atexit(summary); - if (cpy_cnt != (size_t)-1) { + if (cpy_cnt != 0) { while (files_cnt--) dd_in(); } On 7/13/2014 2:08 AM, William Orr wrote: Sorry, the libssl patch was unintentional. I forgot to cvs up -C that one. On 7/13/2014 2:05 AM, Ted Unangst wrote: On Sun, Jul 13, 2014 at 01:52, William Orr wrote: Hey, I sent a patch similar to this almost a month ago with no response. Feedback? Interest? Yes. -num = strtoul(val, expr, 0); -if (num == SIZE_T_MAX)/* Overflow. */ +while (isspace(vp[0])) +vp++; +if (vp[0] == '-') +errx(1, %s: cannot be negative, oper); + +errno = 0; +num = strtoul(vp, expr, 0); +if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ I think you can just use strchr to look for a - anywhere in the string. It shouldn't be anywhere, right? And use ULONG_MAX to match strtoul. Index: lib/libssl/src/crypto/conf/conf_api.c === RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v retrieving revision 1.11 diff -u -b -w -p -r1.11 conf_api.c --- lib/libssl/src/crypto/conf/conf_api.c23 Jun 2014 22:19:02 -1.11 +++ lib/libssl/src/crypto/conf/conf_api.c13 Jul 2014 07:43:09 - @@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char if ((v-section = malloc(i)) == NULL) goto err; -memcpy(v-section, section, i); +memmove(v-section, section, i); v-name = NULL; v-value = (char *)sk; Unrelated, but also unnecessary. The malloc above makes it clear v-section is a unique pointer not aliased with section. memcpy is fine.
Re: [PATCH] fix overflow handling in dd(1)
Hey, Sorry to bring this up again, but are there any other changes that need to be made to this patch? I've fixed all of the major complaints. Thanks, William Orr On 07/13/2014 02:19 AM, William Orr wrote: Here is the latest diff with the bullshit removed and the loop replaced with strchr. Index: bin/dd/args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- bin/dd/args.c21 May 2014 06:23:02 -1.25 +++ bin/dd/args.c13 Jul 2014 09:13:18 - @@ -196,8 +196,7 @@ static void f_count(char *arg) { -if ((cpy_cnt = get_bsz(arg)) == 0) -cpy_cnt = (size_t)-1; +cpy_cnt = get_bsz(arg); } static void @@ -323,8 +322,12 @@ get_bsz(char *val) size_t num, t; char *expr; -num = strtoul(val, expr, 0); -if (num == SIZE_T_MAX)/* Overflow. */ +if (strchr(val, '-')) +errx(1, %s: illegal numeric value, oper); + +errno = 0; +num = strtoul(val, expr, 0); +if (num == ULONG_MAX errno == ERANGE)/* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper); Index: bin/dd/dd.c === RCS file: /cvs/src/bin/dd/dd.c,v retrieving revision 1.18 diff -u -b -w -p -r1.18 dd.c --- bin/dd/dd.c1 Jun 2013 16:46:49 -1.18 +++ bin/dd/dd.c13 Jul 2014 09:13:18 - @@ -77,7 +77,7 @@ main(int argc, char *argv[]) atexit(summary); -if (cpy_cnt != (size_t)-1) { +if (cpy_cnt != 0) { while (files_cnt--) dd_in(); } On 7/13/2014 2:08 AM, William Orr wrote: Sorry, the libssl patch was unintentional. I forgot to cvs up -C that one. On 7/13/2014 2:05 AM, Ted Unangst wrote: On Sun, Jul 13, 2014 at 01:52, William Orr wrote: Hey, I sent a patch similar to this almost a month ago with no response. Feedback? Interest? Yes. -num = strtoul(val, expr, 0); -if (num == SIZE_T_MAX)/* Overflow. */ +while (isspace(vp[0])) +vp++; +if (vp[0] == '-') +errx(1, %s: cannot be negative, oper); + +errno = 0; +num = strtoul(vp, expr, 0); +if (num == SIZE_T_MAX errno == ERANGE) /* Overflow. */ I think you can just use strchr to look for a - anywhere in the string. It shouldn't be anywhere, right? And use ULONG_MAX to match strtoul. Index: lib/libssl/src/crypto/conf/conf_api.c === RCS file: /cvs/src/lib/libssl/src/crypto/conf/conf_api.c,v retrieving revision 1.11 diff -u -b -w -p -r1.11 conf_api.c --- lib/libssl/src/crypto/conf/conf_api.c23 Jun 2014 22:19:02 -1.11 +++ lib/libssl/src/crypto/conf/conf_api.c13 Jul 2014 07:43:09 - @@ -295,7 +295,7 @@ _CONF_new_section(CONF *conf, const char if ((v-section = malloc(i)) == NULL) goto err; -memcpy(v-section, section, i); +memmove(v-section, section, i); v-name = NULL; v-value = (char *)sk; Unrelated, but also unnecessary. The malloc above makes it clear v-section is a unique pointer not aliased with section. memcpy is fine. signature.asc Description: OpenPGP digital signature
[PATCH] fix overflow handling in dd(1)
Hey, I'm resubmitting this patch since the source tree was locked last time I submitted. Any thoughts? Thanks, William Orr Index: bin/dd/args.c === RCS file: /cvs/src/bin/dd/args.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 args.c --- bin/dd/args.c 21 May 2014 06:23:02 - 1.25 +++ bin/dd/args.c 12 Sep 2014 04:51:07 - @@ -323,8 +323,12 @@ get_bsz(char *val) size_t num, t; char *expr; + if (strchr(val, '-')) + errx(1, %s: illegal numeric value, oper); + + errno = 0; num = strtoul(val, expr, 0); - if (num == SIZE_T_MAX) /* Overflow. */ + if (num == ULONG_MAX errno == ERANGE)/* Overflow. */ err(1, %s, oper); if (expr == val)/* No digits. */ errx(1, %s: illegal numeric value, oper);
[PATCH] Add -d flag to du(1)
Hey, This diff adds a flag to du(1) to limit the depth of results that are displayed to the user. The semantics are equivalent to FreeBSD's, where it is mutually exclusive with -a and -s, and du -d 0 is equivalent to du -s. Thoughts? William Orr Index: usr.bin/du/du.1 === RCS file: /cvs/src/usr.bin/du/du.1,v retrieving revision 1.31 diff -u -b -w -p -r1.31 du.1 --- usr.bin/du/du.1 14 Feb 2014 18:17:50 - 1.31 +++ usr.bin/du/du.1 16 Sep 2014 05:39:39 - @@ -38,7 +38,7 @@ .Nd display disk usage statistics .Sh SYNOPSIS .Nm du -.Op Fl a | s +.Op Fl a | s | d Ar depth .Op Fl chkrx .Op Fl H | L | P .Op Ar @@ -61,6 +61,10 @@ The options are as follows: Display an entry for each file in the file hierarchy. .It Fl c Display the grand total after all the arguments have been processed. +.It Fl d Ar depth +Display an entry for each file and directory up to +.Ar depth +levels .It Fl H Symbolic links on the command line are followed. Symbolic links encountered in the tree traversal are not followed. Index: usr.bin/du/du.c === RCS file: /cvs/src/usr.bin/du/du.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 du.c --- usr.bin/du/du.c 20 May 2014 01:25:23 - 1.25 +++ usr.bin/du/du.c 16 Sep 2014 05:39:39 - @@ -40,6 +40,7 @@ #include err.h #include errno.h #include fts.h +#include limits.h #include stdio.h #include stdlib.h #include string.h @@ -60,15 +61,17 @@ main(int argc, char *argv[]) long blocksize; quad_t totalblocks; int ftsoptions, listdirs, listfiles; - int Hflag, Lflag, aflag, cflag, hflag, kflag, sflag; + int Hflag, Lflag, aflag, cflag, hflag, kflag, sflag, dflag; int ch, notused, rval; + int maxdepth = -1; char **save; + const char *errstr = NULL; save = argv; - Hflag = Lflag = aflag = cflag = hflag = kflag = sflag = 0; + Hflag = Lflag = aflag = cflag = hflag = kflag = sflag = dflag = 0; totalblocks = 0; ftsoptions = FTS_PHYSICAL; - while ((ch = getopt(argc, argv, HLPachksxr)) != -1) + while ((ch = getopt(argc, argv, HLPachksxrd:)) != -1) switch (ch) { case 'H': Hflag = 1; @@ -103,6 +106,14 @@ main(int argc, char *argv[]) case 'x': ftsoptions |= FTS_XDEV; break; + case 'd': + maxdepth = (int)strtonum(optarg, 0, INT_MAX, errstr); + if (errstr) { + warnx(max depth %s invalid: %s, optarg, errstr); + usage(); + } + dflag = 1; + break; case '?': default: usage(); @@ -129,11 +140,12 @@ main(int argc, char *argv[]) ftsoptions |= FTS_LOGICAL; } - if (aflag) { - if (sflag) + if (aflag + sflag + dflag 1) usage(); + + if (aflag) listdirs = listfiles = 1; - } else if (sflag) + else if (sflag || dflag) listdirs = listfiles = 0; else { listfiles = 0; @@ -172,7 +184,8 @@ main(int argc, char *argv[]) * root of a traversal, display the total. */ if (listdirs || - (!listfiles p-fts_level == FTS_ROOTLEVEL)) { + (!listfiles p-fts_level == FTS_ROOTLEVEL) || + p-fts_level = maxdepth) { prtout((quad_t)howmany(p-fts_number, (unsigned long)blocksize), p-fts_path, hflag); @@ -193,7 +206,7 @@ main(int argc, char *argv[]) * If listing each file, or a non-directory file was * the root of a traversal, display the total. */ - if (listfiles || p-fts_level == FTS_ROOTLEVEL) + if (listfiles || p-fts_level == FTS_ROOTLEVEL || p-fts_level = maxdepth) prtout(howmany(p-fts_statp-st_blocks, blocksize), p-fts_path, hflag); p-fts_parent-fts_number += p-fts_statp-st_blocks;
Re: [PATCH] Add -d flag to du(1)
-u -b -w -p -r1.31 du.1 --- usr.bin/du/du.1 14 Feb 2014 18:17:50 - 1.31 +++ usr.bin/du/du.1 16 Sep 2014 06:20:11 - @@ -38,7 +38,7 @@ .Nd display disk usage statistics .Sh SYNOPSIS .Nm du -.Op Fl a | s +.Op Fl a | s | d Ar depth .Op Fl chkrx .Op Fl H | L | P .Op Ar @@ -61,6 +61,10 @@ The options are as follows: Display an entry for each file in the file hierarchy. .It Fl c Display the grand total after all the arguments have been processed. +.It Fl d Ar depth +Display an entry for each file and directory up to +.Ar depth +levels .It Fl H Symbolic links on the command line are followed. Symbolic links encountered in the tree traversal are not followed. Index: usr.bin/du/du.c === RCS file: /cvs/src/usr.bin/du/du.c,v retrieving revision 1.25 diff -u -b -w -p -r1.25 du.c --- usr.bin/du/du.c 20 May 2014 01:25:23 - 1.25 +++ usr.bin/du/du.c 16 Sep 2014 06:20:11 - @@ -40,6 +40,7 @@ #include err.h #include errno.h #include fts.h +#include limits.h #include stdio.h #include stdlib.h #include string.h @@ -60,15 +61,17 @@ main(int argc, char *argv[]) long blocksize; quad_t totalblocks; int ftsoptions, listdirs, listfiles; - int Hflag, Lflag, aflag, cflag, hflag, kflag, sflag; + int Hflag, Lflag, aflag, cflag, hflag, kflag, sflag, dflag; int ch, notused, rval; + int maxdepth = -1; char **save; + const char *errstr = NULL; save = argv; - Hflag = Lflag = aflag = cflag = hflag = kflag = sflag = 0; + Hflag = Lflag = aflag = cflag = hflag = kflag = sflag = dflag = 0; totalblocks = 0; ftsoptions = FTS_PHYSICAL; - while ((ch = getopt(argc, argv, HLPachksxr)) != -1) + while ((ch = getopt(argc, argv, HLPachksxrd:)) != -1) switch (ch) { case 'H': Hflag = 1; @@ -103,6 +106,14 @@ main(int argc, char *argv[]) case 'x': ftsoptions |= FTS_XDEV; break; + case 'd': + maxdepth = (int)strtonum(optarg, 0, INT_MAX, errstr); + if (errstr) { + warnx(max depth %s invalid: %s, optarg, errstr); + usage(); + } + dflag = 1; + break; case '?': default: usage(); @@ -129,11 +140,12 @@ main(int argc, char *argv[]) ftsoptions |= FTS_LOGICAL; } - if (aflag) { - if (sflag) + if (aflag + sflag + dflag 1) usage(); + + if (aflag) listdirs = listfiles = 1; - } else if (sflag) + else if (sflag || dflag) listdirs = listfiles = 0; else { listfiles = 0; @@ -172,7 +184,8 @@ main(int argc, char *argv[]) * root of a traversal, display the total. */ if (listdirs || - (!listfiles p-fts_level == FTS_ROOTLEVEL)) { + (!listfiles p-fts_level == FTS_ROOTLEVEL) || + p-fts_level = maxdepth) { prtout((quad_t)howmany(p-fts_number, (unsigned long)blocksize), p-fts_path, hflag); @@ -193,7 +206,7 @@ main(int argc, char *argv[]) * If listing each file, or a non-directory file was * the root of a traversal, display the total. */ - if (listfiles || p-fts_level == FTS_ROOTLEVEL) + if (listfiles || p-fts_level == FTS_ROOTLEVEL || p-fts_level = maxdepth) prtout(howmany(p-fts_statp-st_blocks, blocksize), p-fts_path, hflag); p-fts_parent-fts_number += p-fts_statp-st_blocks; @@ -315,6 +328,6 @@ usage(void) { (void)fprintf(stderr, - usage: du [-a | -s] [-chkrx] [-H | -L | -P] [file ...]\n); + usage: du [-a | -s | -d depth] [-chkrx] [-H | -L | -P] [file ...]\n); exit(1); } On 9/15/2014 10:58 PM, William Orr wrote: Hey, This diff adds a flag to du(1) to limit the depth of results that are displayed to the user. The semantics are equivalent to FreeBSD's, where it is mutually exclusive with -a and -s, and du -d 0 is equivalent to du -s. Thoughts? William Orr Index: usr.bin/du/du.1 === RCS file: /cvs/src/usr.bin/du/du.1,v retrieving revision 1.31 diff -u -b -w -p -r1.31 du.1 --- usr.bin/du/du.1 14 Feb 2014 18:17:50 - 1.31 +++ usr.bin/du/du.1 16 Sep 2014 05
Re: [PATCH] Add -d flag to du(1)
On 9/16/2014 4:00 PM, Ingo Schwarze wrote: Hi, On 9/15/2014 10:58 PM, William Orr wrote: This diff adds a flag to du(1) to limit the depth of results that are displayed to the user. The semantics are equivalent to FreeBSD's, where it is mutually exclusive with -a and -s, and du -d 0 is equivalent to du -s. Thoughts? I think it's a bad idea and i'd prefer to not have this flag. It complicates the manual and code for almost no gain. Unix tools are supposed to do one thing each, and do it well. Selecting files out of a file hierarchy and providing options for selection is the task of find(1), not du(1). Doing what you want is trivial combining find and -exec du, or find | xargs du. What next? du --flags --group --name --user? However: * FreeBSD has it since 1996 (John-Mark Gurney is to blame for the bloat) * GNU coreutils has --max-depth since 1997 (Jim Meyering is to blame) * consequently, DragonFly has it forever (since 2003) * NetBSD has it since 2006 (Elad Efrat committed) * GNU coreutils has -d as an alias for --max-depth it since 2010 * illumos (and OpenSolaris before it) has different semantics: illumos du -d is the same as BSD du -x That may be a Sun invention, i have no idea. * Neither SysV nor 4.4BSD had a -d option. * POSIX does not have it. Even though it is not standardized, it seems so widespread by now that i think we better follow, given that it's not actively harmful and the bloat is relatively little: In my version of the patch, the actual prtout() tests become *simpler* instead of more complicated. I polished the diff in the following ways: * The meaning of the depth argument is much easier to understand when we explicitly say that -d 0 is the same as -s. * Grand total is used in two different senses; downgrade the smaller one to just total to reduce potential for confusion. * Mention that -d is a POSIX extension. * Correct HISTORY: du is v1, not v3; and add missing history of options. We are adding a new option, so it's a good time to do that. HISTORY can be checked here: http://mdocml.bsd.lv/cgi-bin/man.cgi/history/man1/du.1 * Simplify option handling: Delete two *flag variables instead of adding one. * Do not mix declarations and initialization. * Sort options in getopt(3). * Detect option clashes right away. That's better because it also catches duplicate -d options. * No need to cast the strtonum(3) return value. * Avoid duplicate invalid in error message. * Avoid a few excessively long lines. OK? Ingo This seems to work the same in all of my test cases, and is *much* better than my original patch. Thanks for the polish! P.S. William, whitespace was mangled in your patch. Serves me right for hurriedly copying the patch from a putty session when I realized I forgot to update usage().
Tiny fixes to spamd
Loop variables are declared as ints when they're compared to size_ts. This only becomes an issue when the config file or the output buffer becomes unreasonably large. Index: libexec/spamd/grey.c === RCS file: /cvs/src/libexec/spamd/grey.c,v retrieving revision 1.52 diff -u -b -w -p -r1.52 grey.c --- libexec/spamd/grey.c2 Oct 2012 15:26:17 -1.52 +++ libexec/spamd/grey.c17 Aug 2013 22:36:43 - @@ -362,7 +362,7 @@ bad: void freeaddrlists(void) { -int i; +size_t i; if (whitelist != NULL) for (i = 0; i whitecount; i++) { Index: libexec/spamd/spamd.c === RCS file: /cvs/src/libexec/spamd/spamd.c,v retrieving revision 1.112 diff -u -b -w -p -r1.112 spamd.c --- libexec/spamd/spamd.c19 Jun 2012 17:43:40 -1.112 +++ libexec/spamd/spamd.c17 Aug 2013 22:36:43 - @@ -265,7 +265,7 @@ void parse_configs(void) { char *start, *end; -int i; +size_t i; if (cbu == cbs) { char *tmp; @@ -371,7 +371,7 @@ append_error_string(struct con *cp, size char *c = cp-obuf + off; char *s = fmt; size_t len = cp-osize - off; -int i = 0; +size_t i = 0; if (off == 0) lastcont = 0;
Re: Tiny fixes to spamd
William Orr mailto:w...@worrbase.com August 17, 2013 3:51 PM Loop variables are declared as ints when they're compared to size_ts. This only becomes an issue when the config file or the output buffer becomes unreasonably large. Index: libexec/spamd/grey.c === RCS file: /cvs/src/libexec/spamd/grey.c,v retrieving revision 1.52 diff -u -b -w -p -r1.52 grey.c --- libexec/spamd/grey.c2 Oct 2012 15:26:17 -1.52 +++ libexec/spamd/grey.c17 Aug 2013 22:36:43 - @@ -362,7 +362,7 @@ bad: void freeaddrlists(void) { -int i; +size_t i; if (whitelist != NULL) for (i = 0; i whitecount; i++) { Index: libexec/spamd/spamd.c === RCS file: /cvs/src/libexec/spamd/spamd.c,v retrieving revision 1.112 diff -u -b -w -p -r1.112 spamd.c --- libexec/spamd/spamd.c19 Jun 2012 17:43:40 -1.112 +++ libexec/spamd/spamd.c17 Aug 2013 22:36:43 - @@ -265,7 +265,7 @@ void parse_configs(void) { char *start, *end; -int i; +size_t i; if (cbu == cbs) { char *tmp; @@ -371,7 +371,7 @@ append_error_string(struct con *cp, size char *c = cp-obuf + off; char *s = fmt; size_t len = cp-osize - off; -int i = 0; +size_t i = 0; if (off == 0) lastcont = 0; Whoops, missed the downcast of time_t to int in the sscanfs. Here's a revised patch. Index: src/libexec/spamd/grey.c === RCS file: /cvs/src/libexec/spamd/grey.c,v retrieving revision 1.52 diff -u -b -w -p -r1.52 grey.c --- src/libexec/spamd/grey.c2 Oct 2012 15:26:17 -1.52 +++ src/libexec/spamd/grey.c18 Aug 2013 02:02:00 - @@ -362,7 +362,7 @@ bad: void freeaddrlists(void) { -int i; +size_t i; if (whitelist != NULL) for (i = 0; i whitecount; i++) { Index: src/libexec/spamd/spamd.c === RCS file: /cvs/src/libexec/spamd/spamd.c,v retrieving revision 1.112 diff -u -b -w -p -r1.112 spamd.c --- src/libexec/spamd/spamd.c19 Jun 2012 17:43:40 -1.112 +++ src/libexec/spamd/spamd.c18 Aug 2013 02:02:00 - @@ -265,7 +265,7 @@ void parse_configs(void) { char *start, *end; -int i; +size_t i; if (cbu == cbs) { char *tmp; @@ -371,7 +371,7 @@ append_error_string(struct con *cp, size char *c = cp-obuf + off; char *s = fmt; size_t len = cp-osize - off; -int i = 0; +size_t i = 0; if (off == 0) lastcont = 0; @@ -1114,7 +1114,7 @@ main(int argc, char *argv[]) greylist = 0; break; case 'G': -if (sscanf(optarg, %d:%d:%d, passtime, greyexp, +if (sscanf(optarg, %lld:%lld:%lld, passtime, greyexp, whiteexp) != 3) usage(); /* convert to seconds from minutes */
bump time_t/other type fixes to spamd
Bump William Orr mailto:w...@worrbase.com August 17, 2013 7:03 PM Whoops, missed the downcast of time_t to int in the sscanfs. Here's a revised patch. Index: src/libexec/spamd/grey.c === RCS file: /cvs/src/libexec/spamd/grey.c,v retrieving revision 1.52 diff -u -b -w -p -r1.52 grey.c --- src/libexec/spamd/grey.c2 Oct 2012 15:26:17 -1.52 +++ src/libexec/spamd/grey.c18 Aug 2013 02:02:00 - @@ -362,7 +362,7 @@ bad: void freeaddrlists(void) { -int i; +size_t i; if (whitelist != NULL) for (i = 0; i whitecount; i++) { Index: src/libexec/spamd/spamd.c === RCS file: /cvs/src/libexec/spamd/spamd.c,v retrieving revision 1.112 diff -u -b -w -p -r1.112 spamd.c --- src/libexec/spamd/spamd.c19 Jun 2012 17:43:40 -1.112 +++ src/libexec/spamd/spamd.c18 Aug 2013 02:02:00 - @@ -265,7 +265,7 @@ void parse_configs(void) { char *start, *end; -int i; +size_t i; if (cbu == cbs) { char *tmp; @@ -371,7 +371,7 @@ append_error_string(struct con *cp, size char *c = cp-obuf + off; char *s = fmt; size_t len = cp-osize - off; -int i = 0; +size_t i = 0; if (off == 0) lastcont = 0; @@ -1114,7 +1114,7 @@ main(int argc, char *argv[]) greylist = 0; break; case 'G': -if (sscanf(optarg, %d:%d:%d, passtime, greyexp, +if (sscanf(optarg, %lld:%lld:%lld, passtime, greyexp, whiteexp) != 3) usage(); /* convert to seconds from minutes */
Re: bump time_t/other type fixes to spamd
William Orr mailto:w...@worrbase.com August 20, 2013 7:40 PM Bump Theo pointed out that it would be better to change whitecount to an int, so as to match the call to configure_pf(). Since trapcount is logically similar, and uses the same iterator variable in freeaddrlists(), I changed that to an int as well. This still includes the sscanf time_t fix. Ok ? Index: libexec/spamd/grey.c === RCS file: /cvs/src/libexec/spamd/grey.c,v retrieving revision 1.52 diff -u -b -w -p -r1.52 grey.c --- libexec/spamd/grey.c2 Oct 2012 15:26:17 -1.52 +++ libexec/spamd/grey.c21 Aug 2013 03:31:03 - @@ -61,8 +61,8 @@ int server_lookup4(struct sockaddr_in *, int server_lookup6(struct sockaddr_in6 *, struct sockaddr_in6 *, struct sockaddr_in6 *); -size_t whitecount, whitealloc; -size_t trapcount, trapalloc; +int whitecount, whitealloc; +int trapcount, trapalloc; char **whitelist; char **traplist; @@ -122,9 +122,9 @@ sig_term_chld(int sig) * host hits. */ void -configure_spamd(char **addrs, size_t count, FILE *sdc) +configure_spamd(char **addrs, int count, FILE *sdc) { -size_t i; +int i; fprintf(sdc, %s;, traplist_name); if (count != 0) { Index: libexec/spamd/spamd.c === RCS file: /cvs/src/libexec/spamd/spamd.c,v retrieving revision 1.112 diff -u -b -w -p -r1.112 spamd.c --- libexec/spamd/spamd.c19 Jun 2012 17:43:40 -1.112 +++ libexec/spamd/spamd.c21 Aug 2013 03:31:03 - @@ -265,7 +265,7 @@ void parse_configs(void) { char *start, *end; -int i; +size_t i; if (cbu == cbs) { char *tmp; @@ -371,7 +371,7 @@ append_error_string(struct con *cp, size char *c = cp-obuf + off; char *s = fmt; size_t len = cp-osize - off; -int i = 0; +size_t i = 0; if (off == 0) lastcont = 0; @@ -1114,7 +1114,7 @@ main(int argc, char *argv[]) greylist = 0; break; case 'G': -if (sscanf(optarg, %d:%d:%d, passtime, greyexp, +if (sscanf(optarg, %lld:%lld:%lld, passtime, greyexp, whiteexp) != 3) usage(); /* convert to seconds from minutes */
PATCH: Octeon RNG support
Hey tech@ Here's a patch that adds octeon's onboard rng chip as a source of entropy. Currently I fire this off every second, which neither seemed to increase the load on my ERL or produce duplicate outputs. This patch also maps out the rnm register which controls the status of the rng and entropy. Ok? Index: conf/GENERIC === RCS file: /cvs/src/sys/arch/octeon/conf/GENERIC,v retrieving revision 1.10 diff -u -b -w -p -r1.10 GENERIC --- conf/GENERIC19 Sep 2013 00:15:59 - 1.10 +++ conf/GENERIC22 Oct 2013 02:55:23 - @@ -51,3 +51,6 @@ pciide* at pci? flags 0x # IDE hard drives wd*at pciide? flags 0x + +# RNG +octrng0at iobus0 Index: conf/files.octeon === RCS file: /cvs/src/sys/arch/octeon/conf/files.octeon,v retrieving revision 1.14 diff -u -b -w -p -r1.14 files.octeon --- conf/files.octeon 15 Aug 2013 06:54:35 - 1.14 +++ conf/files.octeon 22 Oct 2013 02:55:23 - @@ -90,3 +90,8 @@ file arch/octeon/dev/octeon_pcibus.c p file arch/octeon/dev/octeon_bus_space.c file arch/octeon/octeon/pciide_machdep.c pciide + +# Onboard rng +device octrng +attach octrng at iobus +file arch/octeon/dev/octrng.coctrng Index: dev/cn30xxrnmreg.h === RCS file: dev/cn30xxrnmreg.h diff -N dev/cn30xxrnmreg.h --- /dev/null 1 Jan 1970 00:00:00 - +++ dev/cn30xxrnmreg.h 22 Oct 2013 02:55:23 - @@ -0,0 +1,50 @@ +/* $OpenBSD$ */ +/* + * Copyright (c) 2013 William Orr w...@worrbase.com + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + */ + +#ifndef _CN30XXPKOREG_H_ +#define _CN30XXPKOREG_H_ + +#define RNM_REG_BASE 0x000118004000ULL +#define RNM_REG_SIZE 0xFULL + +#define RNM_REG_CTL0x000118004000ULL +#define RNM_REG_BIST 0x000118004008ULL + +#define RNM_CTL_ENT_EN 0x0001ULL +#define RNM_CTL_RNG_EN 0x0002ULL +#define RNM_CTL_RNM_RST0x0004ULL +#define RNM_CTL_RNG_RST0x0008ULL +#define RNM_CTL_ENT_SEL0x00F0ULL +#define RNM_CTL_EER_VAL0x0100ULL +#define RNM_CTL_EER_LCK0x0200ULL +#define RNM_CTL_DIS_MAK0x0400ULL + +#define RNM_BIST_MEM 0x0001ULL +#define RNM_BIST_RRC 0x0002ULL + +#endif + Index: dev/octeon_iobus.c === RCS file: /cvs/src/sys/arch/octeon/dev/octeon_iobus.c,v retrieving revision 1.4 diff -u -b -w -p -r1.4 octeon_iobus.c --- dev/octeon_iobus.c 2 Jun 2013 20:29:36 - 1.4 +++ dev/octeon_iobus.c 22 Oct 2013 02:55:23 - @@ -154,12 +154,14 @@ struct machine_bus_dma_tag iobus_bus_dma const struct iobus_unit iobus_units[] = { { OCTEON_CF_BASE, 0 }, /* octcf */ { 0, 0 }, /* pcibus */ - { GMX0_BASE_PORT0, CIU_INT_GMX_DRP0 } /* cn30xxgmx */ + { GMX0_BASE_PORT0, CIU_INT_GMX_DRP0 }, /* cn30xxgmx */ + { OCTEON_RNG_BASE, 0 } /* octrng */ }; struct iobus_attach_args iobus_children[] = { IOBUSDEV(octcf, 0, iobus_units[0]), IOBUSDEV(pcibus, 0, iobus_units[1]), - IOBUSDEV(cn30xxgmx, 0, iobus_units[2]) + IOBUSDEV(cn30xxgmx, 0, iobus_units[2]), + IOBUSDEV(octrng, 0, iobus_units[3]) }; #undef IOBUSDEV Index: dev/octrng.c === RCS file: dev
PATCH: Round 2 of octeon rng
Hi again tech@ This is my second attempt at a patch to add support for the octeon's onboard rng. I've fixed all of the concerns (ISC license, wrong #define, comment removal) and I've also come bearing statistics on the quality of the entropy. I dd'd 512M of /dev/random and ran the ent from http://www.fourmilab.ch/random/ 512M of /dev/random With octrng: # sysctl kern.random kern.random=tot: 232802 used: 2560 read: 326918 stirs: 5 enqs: 12575 deqs: 791 drops: 0 ledrops: 704 ed: 198 188 280 385 487 666 786 790 901 698 496 207 163 76 35 29 20 13 3 4 5 1 2 0 0 0 0 0 0 0 2 6140 sc: 6140 27 0 49 0 6359 0 0 sb: 190340 0 0 779 0 42140 0 0 # uptime 10:12PM 36 secs, 1 user, load averages: 0.48, 0.12, 0.04 # ./ent Entropy = 8.00 bits per byte. Optimum compression would reduce the size of this 536870912 byte file by 0 percent. Chi square distribution for 536870912 samples is 240.04, and randomly would exceed this value 74.09 percent of the times. Arithmetic mean value of data bytes is 127.5021 (127.5 = random). Monte Carlo value for Pi is 3.141322610 (error 0.01 percent). Serial correlation coefficient is -0.13 (totally uncorrelated = 0.0). Without octrng: # sysctl kern.random kern.random=tot: 43283 used: 2560 read: 328224 stirs: 5 enqs: 6439 deqs: 405 drops: 0 ledrops: 542 ed: 194 169 270 370 567 715 729 748 865 683 479 206 160 111 62 42 28 17 4 6 7 2 3 0 0 0 0 0 0 0 2 0 sc: 0 27 0 73 0 6339 0 0 sb: 0 0 0 1112 0 42375 0 0 # uptime 10:13PM 52 secs, 1 user, load averages: 0.61, 0.19, 0.07 # ./ent Entropy = 8.00 bits per byte. Optimum compression would reduce the size of this 536870912 byte file by 0 percent. Chi square distribution for 536870912 samples is 270.87, and randomly would exceed this value 23.64 percent of the times. Arithmetic mean value of data bytes is 127.4949 (127.5 = random). Monte Carlo value for Pi is 3.141474244 (error 0.00 percent). Serial correlation coefficient is 0.15 (totally uncorrelated = 0.0). You'll notice that there's no significant difference between the output of the two rngs. However, with octrng the dd completed in under a minute (more entropy in pool). Without, it took several minutes. If you want time output, I can add that as well. So the addition of hardware entropy has no meaningful negative effect on the quality of the entropy, and greatly increases the size of the entropy pool. Ok? Index: conf/GENERIC === RCS file: /cvs/src/sys/arch/octeon/conf/GENERIC,v retrieving revision 1.10 diff -u -b -w -p -r1.10 GENERIC --- conf/GENERIC19 Sep 2013 00:15:59 - 1.10 +++ conf/GENERIC23 Oct 2013 01:22:06 - @@ -51,3 +51,6 @@ pciide* at pci? flags 0x # IDE hard drives wd*at pciide? flags 0x + +# RNG +octrng0at iobus0 Index: conf/files.octeon === RCS file: /cvs/src/sys/arch/octeon/conf/files.octeon,v retrieving revision 1.14 diff -u -b -w -p -r1.14 files.octeon --- conf/files.octeon 15 Aug 2013 06:54:35 - 1.14 +++ conf/files.octeon 23 Oct 2013 01:22:06 - @@ -90,3 +90,8 @@ file arch/octeon/dev/octeon_pcibus.c p file arch/octeon/dev/octeon_bus_space.c file arch/octeon/octeon/pciide_machdep.c pciide + +# Onboard rng +device octrng +attach octrng at iobus +file arch/octeon/dev/octrng.coctrng Index: dev/cn30xxrnmreg.h === RCS file: dev/cn30xxrnmreg.h diff -N dev/cn30xxrnmreg.h --- /dev/null 1 Jan 1970 00:00:00 - +++ dev/cn30xxrnmreg.h 23 Oct 2013 01:22:06 - @@ -0,0 +1,40 @@ +/* $OpenBSD$ */ +/* + * Copyright (c) 2013 William Orr w...@worrbase.com + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED AS IS AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#ifndef _CN30XXRNMREG_H_ +#define _CN30XXRNMREG_H_ + +#define RNM_REG_BASE 0x000118004000ULL +#define RNM_REG_SIZE 0xFULL + +#define RNM_REG_CTL0x000118004000ULL +#define RNM_REG_BIST 0x000118004008ULL + +#define RNM_CTL_ENT_EN 0x0001ULL +#define RNM_CTL_RNG_EN 0x0002ULL +#define RNM_CTL_RNM_RST
Re: PATCH: Round 2 of octeon rng
On Oct 22, 2013, at 9:06 PM, Ted Unangst t...@tedunangst.com wrote: On Tue, Oct 22, 2013 at 18:31, William Orr wrote: You'll notice that there's no significant difference between the output of the two rngs. However, with octrng the dd completed in under a minute (more entropy in pool). Without, it took several minutes. If you want time output, I can add that as well. This doesn't make sense, because that's not how the random device works. The bits userland reads come from a stream cipher (rc4). Always. Regardless of any entropy calculations. The cipher is reseeded from time to time, again regardless of the amount of entropy. No matter how much entropy there is, a lot or a little or none at all, the device always produces output at the same speed. I guess I misunderstood, as I thought that /dev/random dumped the entropy pool, and that /dev/arandom put the random data through a stream cipher so that grabbing random data would never block. I can do this again with time, but pulling data from /dev/random took significantly longer without my patch than with it. signature.asc Description: Message signed with OpenPGP using GPGMail
Re: PATCH: Round 2 of octeon rng
On Oct 23, 2013, at 4:38 AM, Paul Irofti p...@irofti.net wrote: Hi William, I have an almost identical diff in my tree for a driver for octeon's RNG. On which machines did you test this? I wrote mine for DSR-500. But I remember the reads had some hick-ups. Since why I did not commit the diff until now. I tested this on the Edge Router Lite. I experienced no such issue with it being slow on reads. signature.asc Description: Message signed with OpenPGP using GPGMail
Re: PATCH: Round 2 of octeon rng
On Oct 22, 2013, at 11:54 PM, Ted Unangst t...@tedunangst.com wrote: On Tue, Oct 22, 2013 at 22:05, William Orr wrote: I guess I misunderstood, as I thought that /dev/random dumped the entropy pool, and that /dev/arandom put the random data through a stream cipher so that grabbing random data would never block. That was true some time ago, but since at least 2011 everything behaves identically to what was once /dev/arandom. Assorted other names are kept in /dev for compatibility, their behavior is not different. Thanks for the heads up, guess I'm still thinking in terms of Solaris and Linux. Sorry for the confusion. That doesn't change that there was a significant time difference between writing out entropy with and without my driver: With octrng: # time dd if=/dev/random of=random/out count=1M 1048576+0 records in 1048576+0 records out 536870912 bytes transferred in 354.696 secs (1513605 bytes/sec) 5m59.52s real 0m3.30s user 2m50.23s system Without octrng: # time dd if=/dev/random of=random/out count=1M 1048576+0 records in 1048576+0 records out 536870912 bytes transferred in 1187.522 secs (452093 bytes/sec) 19m49.70s real 0m2.55s user 1m48.99s system signature.asc Description: Message signed with OpenPGP using GPGMail
small acpiac(4) update
This is a small documentation update for acpiac(4). The implmentation no longer seems to poll every 10 seconds, so I've removed it from the manpage. Index: share/man/man4/acpiac.4 === RCS file: /cvs/src/share/man/man4/acpiac.4,v retrieving revision 1.6 diff -u -p -r1.6 acpiac.4 --- share/man/man4/acpiac.4 16 Jul 2013 16:05:48 - 1.6 +++ share/man/man4/acpiac.4 8 Dec 2014 06:28:20 - @@ -28,9 +28,9 @@ The driver supports ACPI AC Adapters. Information about AC power source status (connected or disconnected) is available through this driver as a sensor. -AC power source status is updated every 10 seconds or, -if the implementation supports it, -via an event when a change happens. +AC power source status is updated +via an event when a change happens, +if the implementation supports it. The sensors provided by .Nm can be monitored using
ukbd.c update for older macbook airs
Hey, On some macbook airs, the function keys have different functionality when the Fn key is pressed. I've added an additional munge function to handle these particular cases. Thanks, William Orr Index: sys/dev/usb/ukbd.c === RCS file: /cvs/src/sys/dev/usb/ukbd.c,v retrieving revision 1.69 diff -u -b -w -p -r1.69 ukbd.c --- sys/dev/usb/ukbd.c 11 Dec 2014 18:39:27 - 1.69 +++ sys/dev/usb/ukbd.c 13 Dec 2014 04:18:55 - @@ -180,6 +180,7 @@ struct ukbd_translation { void ukbd_gdium_munge(void *, uint8_t *, u_int); #endif void ukbd_apple_munge(void *, uint8_t *, u_int); +void ukbd_apple_mba_munge(void *, uint8_t *, u_int); void ukbd_apple_iso_munge(void *, uint8_t *, u_int); uint8_tukbd_translate(const struct ukbd_translation *, size_t, uint8_t); @@ -244,13 +245,29 @@ ukbd_attach(struct device *parent, struc if (hid_locate(desc, dlen, HID_USAGE2(HUP_APPLE, HUG_FN_KEY), uha-reportid, hid_input, sc-sc_apple_fn, qflags)) { if (qflags HIO_VARIABLE) { + /* Older Macbook Air's have different fn key layouts */ if (iso) sc-sc_munge = ukbd_apple_iso_munge; - else + else { + switch (uha-uaa-product) { + case USB_PRODUCT_APPLE_WELLSPRING4A_ANSI: + case USB_PRODUCT_APPLE_WELLSPRING4A_ISO: + case USB_PRODUCT_APPLE_WELLSPRING4A_JIS: + case USB_PRODUCT_APPLE_WELLSPRING4_ANSI: + case USB_PRODUCT_APPLE_WELLSPRING4_ISO: + case USB_PRODUCT_APPLE_WELLSPRING4_JIS: + case USB_PRODUCT_APPLE_WELLSPRING_ANSI: + case USB_PRODUCT_APPLE_WELLSPRING_ISO: + case USB_PRODUCT_APPLE_WELLSPRING_JIS: + sc-sc_munge = ukbd_apple_mba_munge; + break; + default: sc-sc_munge = ukbd_apple_munge; } } } + } + } if (uha-uaa-vendor == USB_VENDOR_TOPRE uha-uaa-product == USB_PRODUCT_TOPRE_HHKB) { @@ -478,6 +495,52 @@ ukbd_apple_munge(void *vsc, uint8_t *ibu { 67, 127 },/* F10 - audio mute */ { 68, 129 },/* F11 - audio lower */ { 69, 128 },/* F12 - audio raise */ +#endif + { 79, 77 }, /* right - end */ + { 80, 74 }, /* left - home */ + { 81, 78 }, /* down - page down */ + { 82, 75 } /* up - page up */ + }; + + if (!hid_get_data(ibuf, ilen, sc-sc_apple_fn)) + return; + + spos = ibuf + kbd-sc_keycodeloc.pos / 8; + epos = spos + kbd-sc_nkeycode; + + for (pos = spos; pos != epos; pos++) { + xlat = ukbd_translate(apple_fn_trans, + nitems(apple_fn_trans), *pos); + if (xlat != 0) + *pos = xlat; + } +} + +void +ukbd_apple_mba_munge(void *vsc, uint8_t *ibuf, u_int ilen) +{ + struct ukbd_softc *sc = vsc; + struct hidkbd *kbd = sc-sc_kbd; + uint8_t *pos, *spos, *epos, xlat; + + static const struct ukbd_translation apple_fn_trans[] = { + { 40, 73 }, /* return - insert */ + { 42, 76 }, /* backspace - delete */ +#ifdef notyet + { 58, 0 }, /* F1 - screen brightness down */ + { 59, 0 }, /* F2 - screen brightness up */ + { 60, 0 }, /* F3 */ + { 61, 0 }, /* F4 */ + { 62, 0 }, /* F5 */ + { 63, 0 }, /* F6 - audio back */ + { 64, 0 }, /* F7 - audio pause/play */ + { 65, 0 }, /* F8 - audio next */ +#endif + { 66, 127 },/* F9 - audio mute */ + { 67, 129 },/* F10 - audio lower */ + { 68, 128 },/* F11 - audio raise */ +#ifdef notyet + { 69, 0 }, /* F12 - eject */ #endif { 79, 77 }, /* right - end */ { 80, 74 }, /* left - home */
[PATCH] ukbd.c cleanup and mba iso support
Hey, This implements some of Alexey's comments as well as munging the grave key for macbook airs. Tested on a mba with a WELLSPRING ANSI keyboard. Thanks, William Orr Index: sys/dev/usb/ukbd.c === RCS file: /cvs/src/sys/dev/usb/ukbd.c,v retrieving revision 1.70 diff -u -b -w -p -r1.70 ukbd.c --- sys/dev/usb/ukbd.c 19 Jan 2015 20:16:10 - 1.70 +++ sys/dev/usb/ukbd.c 4 Feb 2015 05:18:47 - @@ -182,6 +182,11 @@ void ukbd_gdium_munge(void *, uint8_t *, void ukbd_apple_munge(void *, uint8_t *, u_int); void ukbd_apple_mba_munge(void *, uint8_t *, u_int); void ukbd_apple_iso_munge(void *, uint8_t *, u_int); +void ukbd_apple_iso_mba_munge(void *, uint8_t *, u_int); + +void ukbd_apple_translate(void *, uint8_t *, u_int, + const struct ukbd_translation *, u_int); + uint8_tukbd_translate(const struct ukbd_translation *, size_t, uint8_t); int @@ -244,14 +249,16 @@ ukbd_attach(struct device *parent, struc case USB_PRODUCT_APPLE_GEYSER_ISO: sc-sc_munge = ukbd_apple_iso_munge; break; - case USB_PRODUCT_APPLE_WELLSPRING4A_ANSI: case USB_PRODUCT_APPLE_WELLSPRING4A_ISO: + case USB_PRODUCT_APPLE_WELLSPRING4_ISO: + case USB_PRODUCT_APPLE_WELLSPRING_ISO: + sc-sc_munge = ukbd_apple_iso_mba_munge; + break; + case USB_PRODUCT_APPLE_WELLSPRING4A_ANSI: case USB_PRODUCT_APPLE_WELLSPRING4A_JIS: case USB_PRODUCT_APPLE_WELLSPRING4_ANSI: - case USB_PRODUCT_APPLE_WELLSPRING4_ISO: case USB_PRODUCT_APPLE_WELLSPRING4_JIS: case USB_PRODUCT_APPLE_WELLSPRING_ANSI: - case USB_PRODUCT_APPLE_WELLSPRING_ISO: case USB_PRODUCT_APPLE_WELLSPRING_JIS: sc-sc_munge = ukbd_apple_mba_munge; break; @@ -461,12 +468,28 @@ ukbd_translate(const struct ukbd_transla } void -ukbd_apple_munge(void *vsc, uint8_t *ibuf, u_int ilen) +ukbd_apple_translate(void *vsc, uint8_t *ibuf, u_int ilen, +const struct ukbd_translation* trans, u_int tlen) { struct ukbd_softc *sc = vsc; struct hidkbd *kbd = sc-sc_kbd; uint8_t *pos, *spos, *epos, xlat; + spos = ibuf + kbd-sc_keycodeloc.pos / 8; + epos = spos + kbd-sc_nkeycode; + + for (pos = spos; pos != epos; pos++) { + xlat = ukbd_translate(trans, tlen, *pos); + if (xlat != 0) + *pos = xlat; + } +} + +void +ukbd_apple_munge(void *vsc, uint8_t *ibuf, u_int ilen) +{ + struct ukbd_softc *sc = vsc; + static const struct ukbd_translation apple_fn_trans[] = { { 40, 73 }, /* return - insert */ { 42, 76 }, /* backspace - delete */ @@ -499,23 +522,14 @@ ukbd_apple_munge(void *vsc, uint8_t *ibu if (!hid_get_data(ibuf, ilen, sc-sc_apple_fn)) return; - spos = ibuf + kbd-sc_keycodeloc.pos / 8; - epos = spos + kbd-sc_nkeycode; - - for (pos = spos; pos != epos; pos++) { - xlat = ukbd_translate(apple_fn_trans, - nitems(apple_fn_trans), *pos); - if (xlat != 0) - *pos = xlat; - } + ukbd_apple_translate(vsc, ibuf, ilen, apple_fn_trans, +nitems(apple_fn_trans)); } void ukbd_apple_mba_munge(void *vsc, uint8_t *ibuf, u_int ilen) { struct ukbd_softc *sc = vsc; - struct hidkbd *kbd = sc-sc_kbd; - uint8_t *pos, *spos, *epos, xlat; static const struct ukbd_translation apple_fn_trans[] = { { 40, 73 }, /* return - insert */ @@ -545,40 +559,34 @@ ukbd_apple_mba_munge(void *vsc, uint8_t if (!hid_get_data(ibuf, ilen, sc-sc_apple_fn)) return; - spos = ibuf + kbd-sc_keycodeloc.pos / 8; - epos = spos + kbd-sc_nkeycode; - - for (pos = spos; pos != epos; pos++) { - xlat = ukbd_translate(apple_fn_trans, - nitems(apple_fn_trans), *pos); - if (xlat != 0) - *pos = xlat; - } + ukbd_apple_translate(vsc, ibuf, ilen, apple_fn_trans, +nitems(apple_fn_trans)); } void ukbd_apple_iso_munge(void *vsc, uint8_t *ibuf, u_int ilen) { - struct ukbd_softc *sc = vsc; - struct hidkbd *kbd = sc-sc_kbd; - uint8_t *pos, *spos, *epos, xlat; - static const struct ukbd_translation
Re: [PATCH] ukbd.c cleanup and mba iso support
Hey, Any interest? Thanks, William Orr On 2/4/15 9:37 AM, William Orr wrote: Hey, This implements some of Alexey's comments as well as munging the grave key for macbook airs. Tested on a mba with a WELLSPRING ANSI keyboard. Thanks, William Orr Index: sys/dev/usb/ukbd.c === RCS file: /cvs/src/sys/dev/usb/ukbd.c,v retrieving revision 1.70 diff -u -b -w -p -r1.70 ukbd.c --- sys/dev/usb/ukbd.c19 Jan 2015 20:16:10 - 1.70 +++ sys/dev/usb/ukbd.c4 Feb 2015 05:18:47 - @@ -182,6 +182,11 @@ void ukbd_gdium_munge(void *, uint8_t *, void ukbd_apple_munge(void *, uint8_t *, u_int); void ukbd_apple_mba_munge(void *, uint8_t *, u_int); void ukbd_apple_iso_munge(void *, uint8_t *, u_int); +void ukbd_apple_iso_mba_munge(void *, uint8_t *, u_int); + +void ukbd_apple_translate(void *, uint8_t *, u_int, + const struct ukbd_translation *, u_int); + uint8_t ukbd_translate(const struct ukbd_translation *, size_t, uint8_t); int @@ -244,14 +249,16 @@ ukbd_attach(struct device *parent, struc case USB_PRODUCT_APPLE_GEYSER_ISO: sc-sc_munge = ukbd_apple_iso_munge; break; - case USB_PRODUCT_APPLE_WELLSPRING4A_ANSI: case USB_PRODUCT_APPLE_WELLSPRING4A_ISO: + case USB_PRODUCT_APPLE_WELLSPRING4_ISO: + case USB_PRODUCT_APPLE_WELLSPRING_ISO: + sc-sc_munge = ukbd_apple_iso_mba_munge; + break; + case USB_PRODUCT_APPLE_WELLSPRING4A_ANSI: case USB_PRODUCT_APPLE_WELLSPRING4A_JIS: case USB_PRODUCT_APPLE_WELLSPRING4_ANSI: - case USB_PRODUCT_APPLE_WELLSPRING4_ISO: case USB_PRODUCT_APPLE_WELLSPRING4_JIS: case USB_PRODUCT_APPLE_WELLSPRING_ANSI: - case USB_PRODUCT_APPLE_WELLSPRING_ISO: case USB_PRODUCT_APPLE_WELLSPRING_JIS: sc-sc_munge = ukbd_apple_mba_munge; break; @@ -461,12 +468,28 @@ ukbd_translate(const struct ukbd_transla } void -ukbd_apple_munge(void *vsc, uint8_t *ibuf, u_int ilen) +ukbd_apple_translate(void *vsc, uint8_t *ibuf, u_int ilen, +const struct ukbd_translation* trans, u_int tlen) { struct ukbd_softc *sc = vsc; struct hidkbd *kbd = sc-sc_kbd; uint8_t *pos, *spos, *epos, xlat; + spos = ibuf + kbd-sc_keycodeloc.pos / 8; + epos = spos + kbd-sc_nkeycode; + + for (pos = spos; pos != epos; pos++) { + xlat = ukbd_translate(trans, tlen, *pos); + if (xlat != 0) + *pos = xlat; + } +} + +void +ukbd_apple_munge(void *vsc, uint8_t *ibuf, u_int ilen) +{ + struct ukbd_softc *sc = vsc; + static const struct ukbd_translation apple_fn_trans[] = { { 40, 73 }, /* return - insert */ { 42, 76 }, /* backspace - delete */ @@ -499,23 +522,14 @@ ukbd_apple_munge(void *vsc, uint8_t *ibu if (!hid_get_data(ibuf, ilen, sc-sc_apple_fn)) return; - spos = ibuf + kbd-sc_keycodeloc.pos / 8; - epos = spos + kbd-sc_nkeycode; - - for (pos = spos; pos != epos; pos++) { - xlat = ukbd_translate(apple_fn_trans, - nitems(apple_fn_trans), *pos); - if (xlat != 0) - *pos = xlat; - } + ukbd_apple_translate(vsc, ibuf, ilen, apple_fn_trans, + nitems(apple_fn_trans)); } void ukbd_apple_mba_munge(void *vsc, uint8_t *ibuf, u_int ilen) { struct ukbd_softc *sc = vsc; - struct hidkbd *kbd = sc-sc_kbd; - uint8_t *pos, *spos, *epos, xlat; static const struct ukbd_translation apple_fn_trans[] = { { 40, 73 }, /* return - insert */ @@ -545,40 +559,34 @@ ukbd_apple_mba_munge(void *vsc, uint8_t if (!hid_get_data(ibuf, ilen, sc-sc_apple_fn)) return; - spos = ibuf + kbd-sc_keycodeloc.pos / 8; - epos = spos + kbd-sc_nkeycode; - - for (pos = spos; pos != epos; pos++) { - xlat = ukbd_translate(apple_fn_trans, - nitems(apple_fn_trans), *pos); - if (xlat != 0) - *pos = xlat; - } + ukbd_apple_translate(vsc, ibuf, ilen, apple_fn_trans, + nitems(apple_fn_trans)); } void ukbd_apple_iso_munge(void *vsc, uint8_t *ibuf, u_int ilen) { - struct ukbd_softc *sc = vsc; - struct hidkbd *kbd = sc-sc_kbd; - uint8_t
Re: [PATCH] ukbd.c update for older macbook airs
Hey, any interest? On 12/12/2014 08:29 PM, William Orr wrote: Hey, On some macbook airs, the function keys have different functionality when the Fn key is pressed. I've added an additional munge function to handle these particular cases. Thanks, William Orr Index: sys/dev/usb/ukbd.c === RCS file: /cvs/src/sys/dev/usb/ukbd.c,v retrieving revision 1.69 diff -u -b -w -p -r1.69 ukbd.c --- sys/dev/usb/ukbd.c11 Dec 2014 18:39:27 - 1.69 +++ sys/dev/usb/ukbd.c13 Dec 2014 04:18:55 - @@ -180,6 +180,7 @@ struct ukbd_translation { void ukbd_gdium_munge(void *, uint8_t *, u_int); #endif void ukbd_apple_munge(void *, uint8_t *, u_int); +void ukbd_apple_mba_munge(void *, uint8_t *, u_int); void ukbd_apple_iso_munge(void *, uint8_t *, u_int); uint8_t ukbd_translate(const struct ukbd_translation *, size_t, uint8_t); @@ -244,13 +245,29 @@ ukbd_attach(struct device *parent, struc if (hid_locate(desc, dlen, HID_USAGE2(HUP_APPLE, HUG_FN_KEY), uha-reportid, hid_input, sc-sc_apple_fn, qflags)) { if (qflags HIO_VARIABLE) { + /* Older Macbook Air's have different fn key layouts */ if (iso) sc-sc_munge = ukbd_apple_iso_munge; - else + else { + switch (uha-uaa-product) { + case USB_PRODUCT_APPLE_WELLSPRING4A_ANSI: + case USB_PRODUCT_APPLE_WELLSPRING4A_ISO: + case USB_PRODUCT_APPLE_WELLSPRING4A_JIS: + case USB_PRODUCT_APPLE_WELLSPRING4_ANSI: + case USB_PRODUCT_APPLE_WELLSPRING4_ISO: + case USB_PRODUCT_APPLE_WELLSPRING4_JIS: + case USB_PRODUCT_APPLE_WELLSPRING_ANSI: + case USB_PRODUCT_APPLE_WELLSPRING_ISO: + case USB_PRODUCT_APPLE_WELLSPRING_JIS: + sc-sc_munge = ukbd_apple_mba_munge; + break; + default: sc-sc_munge = ukbd_apple_munge; } } } + } + } if (uha-uaa-vendor == USB_VENDOR_TOPRE uha-uaa-product == USB_PRODUCT_TOPRE_HHKB) { @@ -478,6 +495,52 @@ ukbd_apple_munge(void *vsc, uint8_t *ibu { 67, 127 },/* F10 - audio mute */ { 68, 129 },/* F11 - audio lower */ { 69, 128 },/* F12 - audio raise */ +#endif + { 79, 77 }, /* right - end */ + { 80, 74 }, /* left - home */ + { 81, 78 }, /* down - page down */ + { 82, 75 } /* up - page up */ + }; + + if (!hid_get_data(ibuf, ilen, sc-sc_apple_fn)) + return; + + spos = ibuf + kbd-sc_keycodeloc.pos / 8; + epos = spos + kbd-sc_nkeycode; + + for (pos = spos; pos != epos; pos++) { + xlat = ukbd_translate(apple_fn_trans, + nitems(apple_fn_trans), *pos); + if (xlat != 0) + *pos = xlat; + } +} + +void +ukbd_apple_mba_munge(void *vsc, uint8_t *ibuf, u_int ilen) +{ + struct ukbd_softc *sc = vsc; + struct hidkbd *kbd = sc-sc_kbd; + uint8_t *pos, *spos, *epos, xlat; + + static const struct ukbd_translation apple_fn_trans[] = { + { 40, 73 }, /* return - insert */ + { 42, 76 }, /* backspace - delete */ +#ifdef notyet + { 58, 0 }, /* F1 - screen brightness down */ + { 59, 0 }, /* F2 - screen brightness up */ + { 60, 0 }, /* F3 */ + { 61, 0 }, /* F4 */ + { 62, 0 }, /* F5 */ + { 63, 0 }, /* F6 - audio back */ + { 64, 0 }, /* F7 - audio pause/play */ + { 65, 0 }, /* F8 - audio next */ +#endif + { 66, 127 },/* F9 - audio mute */ + { 67, 129 },/* F10 - audio lower */ + { 68, 128 },/* F11 - audio raise */ +#ifdef notyet + { 69, 0 }, /* F12 - eject */ #endif { 79, 77 }, /* right - end */ { 80, 74 }, /* left - home */ signature.asc Description: OpenPGP digital signature
Re: Multiple cmsghdrs in msghdr
On 4/15/15 5:37 AM, Otto Moerbeek wrote: On Wed, Apr 15, 2015 at 11:32:11AM +0200, Mark Kettenis wrote: Date: Tue, 14 Apr 2015 21:26:25 -0400 From: William Orr w...@worrbase.com Hey, I was debugging a few CPython test failures yesterday, and I noticed that attaching multiple cmsg structures causes unp_internalize to return EINVAL. I've looked in unix(4) and sendmsg(2), and this caveat isn't documented anywhere. I looked at other OSes, and Linux supports this, FreeBSD fails in interesting ways and OS X returns E2BIG. Is this behavior intentional, and the documentation is missing this failure mode? Or is the behavior unintentional? I'm happy to submit a patch for either, I just want to know which behavior is intended. The behaviour is intentional. The additional complexity of supporting multiple cmsghdrs has caused many bugs (and associated security issues) in the past. The alignment fuckups in various OSes make it hard to use this functionality in a portable way anyway. And we only support SCM_RIGHTS, so there is no real reason to use multiple cmsghdrs in your code. Plus it *is* possible to send multiple fd's in one message. -Otto Yeah, I was wondering why this was allowed on some OSes in the first place, since it seems redundant. Once I'm not in an airport, I'll submit a docs patch just so that it's clear. re: CPython's test suite, I have a patch in the queue that only enables this behavior on Linux. Thanks, William Orr signature.asc Description: OpenPGP digital signature
[PATCH] Re: Multiple cmsghdrs in msghdr
This documents the error code when passing multiple cmsg structs. Let me know if the wording needs to be improved. Index: lib/libc/sys/send.2 === RCS file: /cvs/src/lib/libc/sys/send.2,v retrieving revision 1.31 diff -u -p -r1.31 send.2 --- lib/libc/sys/send.2 9 Sep 2014 06:32:37 - 1.31 +++ lib/libc/sys/send.2 16 Apr 2015 12:48:32 - @@ -223,6 +223,17 @@ values in the .Fa msg_iov array overflowed an .Em ssize_t . +.It Bq Er EINVAL +The socket +.Fa s +is a +.Xr unix 4 +socket, and +.Em controlmsg +is an invalid size or multiple +.Em controlmsg +structures were passed as part of +.Fa msg . .It Bq Er EMSGSIZE The .Fa msg_iovlen signature.asc Description: OpenPGP digital signature
Multiple cmsghdrs in msghdr
Hey, I was debugging a few CPython test failures yesterday, and I noticed that attaching multiple cmsg structures causes unp_internalize to return EINVAL. I've looked in unix(4) and sendmsg(2), and this caveat isn't documented anywhere. I looked at other OSes, and Linux supports this, FreeBSD fails in interesting ways and OS X returns E2BIG. Is this behavior intentional, and the documentation is missing this failure mode? Or is the behavior unintentional? I'm happy to submit a patch for either, I just want to know which behavior is intended. For reference, the code that returns EINVAL follows: int unp_internalize(struct mbuf *control, struct proc *p) { struct filedesc *fdp = p-p_fd; struct cmsghdr *cm = mtod(control, struct cmsghdr *); struct file **rp, *fp; int i, error; int nfds, *ip, fd, neededspace; /* * Check for two potential msg_controllen values because * IETF stuck their nose in a place it does not belong. */ if (cm-cmsg_type != SCM_RIGHTS || cm-cmsg_level != SOL_SOCKET || !(cm-cmsg_len == control-m_len || control-m_len == CMSG_ALIGN(cm-cmsg_len))) return (EINVAL); ... My super-awful test, also follows: #include sys/socket.h #include sys/types.h #include stdio.h #include stdlib.h #include unistd.h #include err.h #include string.h void child(int sock) { struct msghdr msg; memset(msg, 0, sizeof(msg)); recvmsg(sock, msg, 0); printf(controllen: %zu\n, msg.msg_controllen); printf(control: %p\n, msg.msg_control); } void parent(int sock) { int fds[] = { -1, -1 }; struct msghdr msg; struct cmsghdr *cmsg; union { struct cmsghdr hdr; unsigned charbuf[2 * CMSG_SPACE(sizeof(int))]; } cmsgbuf; char sfn[30]; memset(msg, 0, sizeof(msg)); for (int i = 0; i sizeof(fds); i++) { (void)strlcpy(sfn, /tmp/worrtest.XX, sizeof(sfn)); if ((fds[i] = mkstemp(sfn)) == -1) { err(1, mkstemp); } } msg.msg_control = cmsgbuf.buf; msg.msg_controllen = sizeof(cmsgbuf.buf); cmsg = CMSG_FIRSTHDR(msg); cmsg-cmsg_len = CMSG_LEN(sizeof(int)); cmsg-cmsg_level = SOL_SOCKET; cmsg-cmsg_type = SCM_RIGHTS; *(int *)CMSG_DATA(cmsg) = fds[0]; cmsg = CMSG_NXTHDR(msg, cmsg); cmsg-cmsg_len = CMSG_LEN(sizeof(int)); cmsg-cmsg_level = SOL_SOCKET; cmsg-cmsg_type = SCM_RIGHTS; *(int *)CMSG_DATA(cmsg) = fds[1]; if (sendmsg(sock, msg, 10240) == -1) err(1, sendmsg); } int main(void) { int sock[] = {-1, -1}; if (socketpair(AF_UNIX, SOCK_STREAM, 0, sock) == -1) err(1, socket); switch (fork()) { case 0: child(sock[0]); exit(0); case -1: err(1, fork); default: parent(sock[1]); exit(0); } } Thanks, William Orr signature.asc Description: OpenPGP digital signature
[PATCH] Additional pledge(2) documentation
Hey, I was working on an application that uses pledge, and without diving into the source, I found it difficult to figure out what sysctl's are permitted at different pledge levels. This documents the set of different sysctl ops that are allowed at different pledge levels, and adds some additional documentation around ioctl's as well. Thanks! Index: lib/libc/sys/pledge.2 === RCS file: /cvs/src/lib/libc/sys/pledge.2,v retrieving revision 1.48 diff -u -b -w -p -r1.48 pledge.2 --- lib/libc/sys/pledge.2 12 Dec 2017 11:11:18 - 1.48 +++ lib/libc/sys/pledge.2 4 Jan 2018 08:51:41 - @@ -141,6 +141,25 @@ support: .Xr getifaddrs 3 , .Xr uname 3 , system sensor readings. +Specifically: +.Va hw.sensors.* , +.Va kern.domainname , +.Va kern.hostname , +.Va net.route.0.0.rt_ifnames , +.Va kern.ostype , +.Va kern.osrelease , +.Va kern.osversion , +.Va kern.clockrate , +.Va kern.argmax , +.Va kern.ngroups , +.Va kern.sysvshm , +.Va kern.posix1version , +.Va hw.machine , +.Va hw.pagesize , +.Va vm.psstrings , +.Va hw.ncpu , +and +.Va vm.loadavg . .Pp .It Fn pledge Can only reduce permissions for @@ -322,6 +341,14 @@ domains: .Xr setsockopt 2 , .Xr getsockopt 2 . .Pp +The following +.Xr sysctl 2 +operations are allowed: +.Pp +.Va net.route.0.0.rt_iflist , +.Va net.route.0.inet.rt_iflist , +.Va net.route.0.inet6.rt_iflist +.Pp .Xr setsockopt 2 has been reduced in functionality substantially. .It Va mcast @@ -390,6 +417,15 @@ a few system calls become able to allow .Xr recvfrom 2 , .Xr socket 2 , .Xr connect 2 . +.Pp +The following +.Xr sysctl 2 +operations are allowed: +.Pp +.Va net.route.0.0.rt_iflist , +.Va net.route.0.inet.rt_iflist , +.Va net.route.0.inet6.rt_iflist +.Pp .It Va getpw This allows read-only opening of files in .Pa /etc @@ -491,19 +527,39 @@ and .Xr adjfreq 2 system calls. .It Va ps -Allows enough +Allows the following .Xr sysctl 3 interfaces to allow inspection of processes operating on the system using programs like -.Xr ps 1 . +.Xr ps 1 : +.Pp +.Va kern.fscale , +.Va kern.boottime , +.Va kern.consdev , +.Va kern.cptime , +.Va kern.cptime2 , +.Va kern.procargs.* , +.Va kern.proc.* , +.Va kern.proc_cwd.* , +.Va kern.physmem , +.Va kern.ccpu , +.Va vm.maxslp .It Va vminfo -Allows enough +Allows the following .Xr sysctl 3 interfaces to allow inspection of the system's virtual memory by programs like .Xr top 1 and -.Xr vmstat 8 . +.Xr vmstat 8 : +.Pp +.Va vm.uvmexp , +.Va vfs.generic.bcachestat , +.Va kern.fscale , +.Va kern.boottime , +.Va kern.consdev , +.Va kern.cptime , +.Va kern.cptime2 .It Va id Allows the following system calls which can change the rights of a process: @@ -562,6 +618,85 @@ Allow operation for statistics collection from a .Xr bpf 4 device. +.It Va disklabel +Allows a subset of +.Xr ioctl 2 +operations on +.Xr diskmap 4 +devices: +.Pp +.Dv DIOCGDINFO , +.Dv DIOCGPDINFO , +.Dv DIOCRLDINFO , +.Dv DIOCWDINFO , +.Dv BIOCDISK , +.Dv BIOCINQ , +.Dv BIOCINSTALLBOOT , +.Dv BIOCVOL , +.Dv DIOCMAP . +.Pp +Also enables the use of the following +.Xr sysctl 2 +operations: +.Pp +.Va kern.rawpartition , +.Va kern.maxpartitions , +.Va machdep.chr2blk . +.It Va route +Allows a subset of read-only +.Xr ioctl 2 +operations on network interfaces: +.Pp +.Dv SIOCGIFADDR , +.Dv SIOCGIFAFLAG_IN6 , +.Dv SIOCGIFALIFETIME_IN6 , +.Dv SIOCGIFDESCR , +.Dv SIOCGIFFLAGS , +.Dv SIOCGIFMETRIC , +.Dv SIOCGIFGMEMB , +.Dv SIOCGIFRDOMAIN , +.Dv SIOCGIFDSTADDR_IN6 , +.Dv SIOCGIFNETMASK_IN6 , +.Dv SIOCGIFXFLAGS , +.Dv SIOCGNBRINFO_IN6 , +.Dv SIOCGIFINFO_IN6 , +.Dv SIOCGIFMEDIA . +.Pp +Also allows the following +.Xr sysctl 2 +operations: +.Pp +.Va net.route.0.*.dump , +.Va net.route.0.0.rt_table , +.Va net.route.0.inet.rt_table , +.Va net.route.0.inet6.rt_table , +.Va net.route.0.0.flags.llinfo , +.Va net.route.0.inet.flags.llinfo , +.Va net.route.0.inet6.flags.llinfo , +.Va net.route.0.0.rt_iflist , +.Va net.route.0.inet.rt_iflist , +.Va net.route.0.inet6.rt_iflist . +.It Va vmm +Allows the following +.Xr ioctl 2 +operations on the +.Xr vmm 4 +device: +.Pp +.Dv VMM_IOC_TERM , +.Dv VMM_IOC_RUN , +.Dv VMM_IOC_RESETCPU , +.Dv VMM_IOC_INTR , +.Dv VMM_IOC_READREGS , +.Dv VMM_IOC_WRITEREGS . +.Pp +In combination with +.Va proc , +it additionally allows: +.Pp +.Dv VMM_IOC_CREATE +and +.Dv VMM_IOC_INFO . .It Va error Rather than killing the process upon violation, indicate error with .Er ENOSYS .
Re: [patch] remove uuid implementation in ldapd
William Orr writes: > Hey, > > In looking through uuid generation situations on various > bsd's, I noticed that there's an additional implemetation > of uuid generation in ldapd. This one appears to generate > version 1 uuid's, which afaict from reading RFC 4530 isn't > a requirement for a compliant ldap implementation. > > The following replaces it with the implementation in libc. > > I tested by loading up ldapd, adding entries, then querying > for their `entryUUID` fields and verifying that they were > version 4 uuids instead of version 1. > > Thanks!! My bad, there was a missing `free(3)`. Correct patch follows. Index: Makefile === RCS file: /cvs/src/usr.sbin/ldapd/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile20 Jan 2017 11:55:08 - 1.15 +++ Makefile3 Oct 2018 01:42:25 - @@ -6,7 +6,7 @@ SRCS= ber.c log.c logmsg.c control.c \ util.c ldapd.c ldape.c conn.c attributes.c namespace.c \ btree.c filter.c search.c parse.y \ auth.c modify.c index.c evbuffer_tls.c \ - validate.c uuid.c schema.c imsgev.c syntax.c matching.c + validate.c schema.c imsgev.c syntax.c matching.c LDADD= -levent -ltls -lssl -lcrypto -lz -lutil DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} ${LIBZ} ${LIBUTIL} Index: modify.c === RCS file: /cvs/src/usr.sbin/ldapd/modify.c,v retrieving revision 1.21 diff -u -p -r1.21 modify.c --- modify.c14 May 2018 07:53:47 - 1.21 +++ modify.c3 Oct 2018 01:42:25 - @@ -23,10 +23,10 @@ #include #include #include +#include #include "ldapd.h" #include "log.h" -#include "uuid.h" int ldap_delete(struct request *req) @@ -123,8 +123,9 @@ done: int ldap_add(struct request *req) { - char uuid_str[64]; - struct uuid uuid; + char*uuid_str = NULL; + uuid_t uuid; + uint32_tuuid_status; char*dn, *s; struct attr_type*at; struct ber_element *attrs, *attr, *elm, *set = NULL; @@ -204,8 +205,12 @@ ldap_add(struct request *req) if (ldap_add_attribute(attrs, "createTimestamp", set) == NULL) goto fail; - uuid_create(); - uuid_to_string(, uuid_str, sizeof(uuid_str)); + uuid_create(, _status); + if (uuid_status != uuid_s_ok) + goto fail; + uuid_to_string(, _str, _status); + if (uuid_status != uuid_s_ok) + goto fail; if ((set = ber_add_set(NULL)) == NULL) goto fail; if (ber_add_string(set, uuid_str) == NULL) @@ -223,9 +228,11 @@ ldap_add(struct request *req) } else if (namespace_commit(ns) != 0) rc = LDAP_OTHER; + free(uuid_str); return ldap_respond(req, rc); fail: + free(uuid_str); if (set != NULL) ber_free_elements(set); namespace_abort(ns); Index: syntax.c === RCS file: /cvs/src/usr.sbin/ldapd/syntax.c,v retrieving revision 1.5 diff -u -p -r1.5 syntax.c --- syntax.c28 May 2017 15:48:49 - 1.5 +++ syntax.c3 Oct 2018 01:42:25 - @@ -26,7 +26,6 @@ #include #include "schema.h" -#include "uuid.h" #define SYNTAX_DECL(TYPE) \ static int syntax_is_##TYPE(struct schema *schema, char *value, size_t len) Index: uuid.c === RCS file: uuid.c diff -N uuid.c --- uuid.c 26 Apr 2018 12:42:51 - 1.6 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,257 +0,0 @@ -/* $OpenBSD: uuid.c,v 1.6 2018/04/26 12:42:51 guenther Exp $ */ -/* - * Copyright (c) 2002, Stockholms Universitet - * (Stockholm University, Stockholm Sweden) - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - *notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - *notice, this list of conditions and the following disclaimer in the - *documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the university nor the names of its contributors - *may be used to endorse or promote products derived from this software - *without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - *
[patch] remove uuid implementation in ldapd
Hey, In looking through uuid generation situations on various bsd's, I noticed that there's an additional implemetation of uuid generation in ldapd. This one appears to generate version 1 uuid's, which afaict from reading RFC 4530 isn't a requirement for a compliant ldap implementation. The following replaces it with the implementation in libc. I tested by loading up ldapd, adding entries, then querying for their `entryUUID` fields and verifying that they were version 4 uuids instead of version 1. Thanks!! Index: Makefile === RCS file: /cvs/src/usr.sbin/ldapd/Makefile,v retrieving revision 1.15 diff -u -p -r1.15 Makefile --- Makefile20 Jan 2017 11:55:08 - 1.15 +++ Makefile3 Oct 2018 01:02:03 - @@ -6,7 +6,7 @@ SRCS= ber.c log.c logmsg.c control.c \ util.c ldapd.c ldape.c conn.c attributes.c namespace.c \ btree.c filter.c search.c parse.y \ auth.c modify.c index.c evbuffer_tls.c \ - validate.c uuid.c schema.c imsgev.c syntax.c matching.c + validate.c schema.c imsgev.c syntax.c matching.c LDADD= -levent -ltls -lssl -lcrypto -lz -lutil DPADD= ${LIBEVENT} ${LIBTLS} ${LIBSSL} ${LIBCRYPTO} ${LIBZ} ${LIBUTIL} Index: modify.c === RCS file: /cvs/src/usr.sbin/ldapd/modify.c,v retrieving revision 1.21 diff -u -p -r1.21 modify.c --- modify.c14 May 2018 07:53:47 - 1.21 +++ modify.c3 Oct 2018 01:02:03 - @@ -23,10 +23,10 @@ #include #include #include +#include #include "ldapd.h" #include "log.h" -#include "uuid.h" int ldap_delete(struct request *req) @@ -123,8 +123,9 @@ done: int ldap_add(struct request *req) { - char uuid_str[64]; - struct uuid uuid; + char*uuid_str = NULL; + uuid_t uuid; + uint32_tuuid_status; char*dn, *s; struct attr_type*at; struct ber_element *attrs, *attr, *elm, *set = NULL; @@ -204,8 +205,12 @@ ldap_add(struct request *req) if (ldap_add_attribute(attrs, "createTimestamp", set) == NULL) goto fail; - uuid_create(); - uuid_to_string(, uuid_str, sizeof(uuid_str)); + uuid_create(, _status); + if (uuid_status != uuid_s_ok) + goto fail; + uuid_to_string(, _str, _status); + if (uuid_status != uuid_s_ok) + goto fail; if ((set = ber_add_set(NULL)) == NULL) goto fail; if (ber_add_string(set, uuid_str) == NULL) @@ -226,6 +231,7 @@ ldap_add(struct request *req) return ldap_respond(req, rc); fail: + free(uuid_str); if (set != NULL) ber_free_elements(set); namespace_abort(ns); Index: syntax.c === RCS file: /cvs/src/usr.sbin/ldapd/syntax.c,v retrieving revision 1.5 diff -u -p -r1.5 syntax.c --- syntax.c28 May 2017 15:48:49 - 1.5 +++ syntax.c3 Oct 2018 01:02:03 - @@ -26,7 +26,6 @@ #include #include "schema.h" -#include "uuid.h" #define SYNTAX_DECL(TYPE) \ static int syntax_is_##TYPE(struct schema *schema, char *value, size_t len) Index: uuid.c === RCS file: uuid.c diff -N uuid.c --- uuid.c 26 Apr 2018 12:42:51 - 1.6 +++ /dev/null 1 Jan 1970 00:00:00 - @@ -1,257 +0,0 @@ -/* $OpenBSD: uuid.c,v 1.6 2018/04/26 12:42:51 guenther Exp $ */ -/* - * Copyright (c) 2002, Stockholms Universitet - * (Stockholm University, Stockholm Sweden) - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - *notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - *notice, this list of conditions and the following disclaimer in the - *documentation and/or other materials provided with the distribution. - * - * 3. Neither the name of the university nor the names of its contributors - *may be used to endorse or promote products derived from this software - *without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" - * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE - * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE - * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR - * CONSEQUENTIAL DAMAGES (INCLUDING,
[PATCH] Documentation clarification for uuid_create(3)
Hey, I've added a small clarification around uuid's generated by `uuid_create`, since DCE 1.1 doesn't explicitly specify version 4 UUIDs. This implementation differs from FreeBSD's and bitrig's as they generate version 1 UUIDs, which warrants this clarfication. Thanks Index: lib/libc/uuid/uuid.3 === RCS file: /cvs/src/lib/libc/uuid/uuid.3,v retrieving revision 1.5 diff -u -p -r1.5 uuid.3 --- lib/libc/uuid/uuid.320 Nov 2015 21:05:52 - 1.5 +++ lib/libc/uuid/uuid.31 Oct 2018 02:07:42 - @@ -204,3 +204,6 @@ The and .Fn uuid_to_string functions are compatible with the DCE 1.1 RPC specification. +The UUIDs generated by +.Fn uuid_create +are Version 4 UUIDs, specified by section 4.4 of RFC 4122.