Re: remove twm(1) from xenocara ?

2022-07-18 Thread gwes 

I use it, have used it, and will continue to use it full time.
It is simple, low resource use and works on any system I have.
I don't need any more functionality in a window manager.
Anything else can be added on.

The argument presented is something like "why would anyone want to do that".

geoff steckel

On 7/18/22 23:49, Andrei wrote:

I would support this. Nobody uses twm for anything other than system rescue, 
and cwm works great for that.

--- Original Message ---
On Sunday, July 17th, 2022 at 8:38 AM, Matthieu Herrb  
wrote:

Re: IPv6 hop-by-hop check in parallel

2022-08-14 Thread gwes 




On 8/13/22 15:08, Alexander Bluhm wrote:

Hi,

While running forwarding in parallel, I have introduced a hard
barrier for parallel local protocol processing.  The packets are
requeued from shared to exclusive netlock.

Unless we unlock all protocol input routines at once, we need some
mechanism from to move from one queue to the other.  The problem
is, that we have to remember next protocol field and offset of the
parsed header chain.

A simple example is IPv6 hop-by-hop options precessing.  This code
is MP safe and can be moved from ip6_local() to ip6_ours() to run
in parallel.  If there were any options, the offset and next protocol
are stored in a mbuf tag.  Without tag we know that it is a regular
IPv6 header.

Of course mbuf tags kill performance, but who uses hop-by-hop options
anyway?  pf drops such packets per default.

ok?

bluhm


This may be totally irrelevant. I may not understand the problem at all.

The problem of locking queue-to-queue transfers in a multiprocessor system
was addressed at Alliant Computer a very long time ago.
Other people probably invented other solutions.

They implemented a lock for the queue links only in each type of queue
at a higher lock priority than the lock on the data.

The sending thread already held a lock on the packet data.
It took the queue field lock, transferred the packet and released both 
locks.

I can't be sure which lock(s) the receiving thread held.
The point was that neither thread needed to lock both queues.

geoff steckel

Re: autopledge

2023-06-02 Thread gwes 


Theo de Raadt wrote:
After pledge, 80% of the base programs were converted to pledge-assisted
priv-drop, because it was really obvious that "initialization code" 
could
and should be moved earlier in the program, so that pledge (or multiple
pledge calls dropping permissions further) could be added to the
program.

Inside the group, we called this moving of initialization code to
earlier "hoisting".

Hoisting and cleanup can have very large benefits independent of implementing 
pledge
or other security features.
I have seen programs shrink by almost 90% and gain functionality as a result.

In one case it -was- a program which ran with privileges equivalent to root.
As a byproduct of the cleanup we were later able to assure ourselves that the 
result
needed no more changes to be as secure as we could make it.

geoff steckel

newlines and #comments in httpd parse.y

2020-03-04 Thread gwes 
An accidentally unterminated string in httpd.conf results in
the famed yacc "syntax error" message.
For instance:
 root "/
}
}


#   "hi" <- line xx: syntax error

The loop starting at line 1515 in httpd parse.y
 }

switch (c) {
case '\'':
case '"':
quotec = c;
will uncomplainingly eat -anything- up to the matching quote
character even in a comment line.

The resulting error message usually a very long way from
the actual mistake.

Would a change to terminate the string with an error at the
next newline be appropriate? Should quoted newlines be allowed?
Should # comments be allowed and elided, included verbatim,
or cause an error?

I can provide a patch for any of those cases.

geoff steckel

Re: Mention /etc/examples/ in those config files manpages + FILES short description

2020-05-02 Thread gwes 




On 5/1/20 9:13 AM, Theo de Raadt wrote:

I think there's a bit of drama going on here.

Once a person uses one example in the examples directory, they
will become aware of the directory and see it has other files.
And possibly use them in the future.

It is not clear to me that example discovery has to come via
each and every manual page.



[snip]
Perhaps something like:
Index: root.mail
===
RCS file: /cvs/src/etc/root/root.mail,v
retrieving revision 1.137
diff -u -p -u -r1.137 root.mail
--- root.mail   5 Apr 2020 16:15:39 -   1.137
+++ root.mail   3 May 2020 01:37:20 -
@@ -40,6 +40,8 @@ has been centralized in the file /etc/rc
 edit the file /etc/rc.   The files /etc/rc.securelevel and 
/etc/rc.local exist

 for this purpose; the first is run before the system has gone into secure
 mode; the second is run afterwards (if in doubt, add your tools to 
rc.local).

+The directory /etc/examples contains some sample configuration files
+which you can modify to suit your configuration.

 Please refer to our web pages for any other questions you might have.
    https://www.OpenBSD.org

Geoff Steckel

Re: panic(9): set panicstr atomically

2021-05-25 Thread gwes 

On 5/25/21 10:26 AM, Theo de Raadt wrote:

Alexander Bluhm  wrote:


On Tue, May 25, 2021 at 04:15:26PM +0200, Mark Kettenis wrote:

Wouldn't be too hard.  But unless you're on a serial console, that
will probably be more than a screenful of information, so not terribly
useful.

The most important things must fit on the first VGA screen.  Then
user can make a photo.  We ship products to customers who only
understand this simple step.  And when the machine panics, the admin
might also panic.

Matches my experience.

It will be very difficult to show state of multiple cpus on a small
screen.  On the other hand, only showing the first-panic can hide so
much.  These garbled reports are actually highlighting a not-simple
case.  There is big information in the garble.


Jumping in, sorry,

Some sort of pseudo-ordering where each CPU -mostly- gets to put out
more than one character at a time - 2, 3, ... one line max?
No guaranteed separation/ordering but might make decipherment easier.

No communication or dependence between CPUs needed.

Each CPU backs off for a -very- short time after N characters.
Nanoseconds or microseconds should work. Initial delay M * CPU ?
Spin after N? If clock is ticking, spin for x ticks?
Formatting/output time per burst could (maybe) give a little fairness.

Apologies if this is nonsense or has been covered already.

Geoff Steckel

Re: head(1): fully support the legacy -count syntax

2021-10-10 Thread gwes 

On 10/10/21 5:03 PM, Scott Cheloha wrote:

On Sun, Oct 10, 2021 at 02:36:32PM -0600, Theo de Raadt wrote:

Stuart Henderson  wrote:

x1> On 2021/10/10 14:26, Scott Cheloha wrote:

On Sun, Oct 10, 2021 at 12:31:22PM -0600, Theo de Raadt wrote:

Bryan Steele  wrote:


On Sun, Oct 10, 2021 at 12:18:55PM -0500, Scott Cheloha wrote:

On Sun, Oct 10, 2021 at 10:51:29AM -0600, Theo de Raadt wrote:

did anyone ever use it this way, or are you getting ahead of yourself.

I don't understand the question.

I've only ever seen it used with -count as the first argument, can't
say it's every occoured to me to type "head file -10".

That is not what I proposed.  Reread my first message:

https://marc.info/?l=openbsd-tech&m=163388435528203&w=2

i.e. "head -2 -3 somefile" is taken as -3.

This is unportable syntax, GNU head doesn't support it, current OpenBSD head
doesn't support it,

... obviously. That's why I posted the patch. :)


and it doesn't seem to be really meaningful.
Additionally I don't think we've ever had a problem with this in ports.
I think we would be better served to keep things as-is and not support it.
Seems that FreeBSD is the odd one out here?

If we're only going to support it as the first argument then we've
created a "gotcha", a special exception to the expected behavior.  We
claim to support the legacy syntax but we don't actually fully support
it.  The requirement that the legacy syntax be the first option
argument to head(1) in order to work as expected is undocumented.

So we could document this peculiarity...

... or we could just use my tiny patch and fully support it and
everything will work as documented today.


Indeed, the problem is our code supports this

but noone else supports it

NetBSD and FreeBSD support it.  It was a standard part of the syntax
in SUSv2.  I showed you in a private mail that it was supported in
1BSD through 4.3BSD, and then again in 4.4BSD some time in 1992.
Somewhere along the way between CSRG and NetBSD and our repository
the support was removed.


well, someone might accidentally use it in a script they write on OpenBSD

and... it is unportable, the behaviour is either different, or an error
condition

So who benefits?  Noone, the way I see it.

If we want to have the unportable legacy syntax then it should work
like other option arguments.  Option arguments can be respecified
multiple times in most other utilities.  The last such appearance of
an option argument is the one the utility uses.  That's how option
arguments work, for the most part.

We could remove the legacy syntax and shave a couple lines of code.

OTOH, supporting it fully is super easy.  I've provided a patch.


The man page says  head [-count | -n count] [file ...]
There are only two valid switches.
One, the other, or none.
Using more than one is -undefined-.
I doubt it ever has been defined.
It could be asserted that any more than 1 switch is an error.
If you have an old man page that says {[ -count | -n count ] ...}
then your argument has some merit.

geoff steckel

Re: tee(1): increase read buffer to MAXBSIZE bytes

2021-11-21 Thread gwes 



On 11/21/21 10:36 PM, Theo de Raadt wrote:

Scott Cheloha  wrote:


The point of diminishing returns on my machine is 128K.

...

So, is 128K ok?  Any objections?

Many of us have forgotten that our testing machines are at the fast end
of the curve.

I recommend 64K.  I suspect that is still the sweet spot for userland.
Above 64K, I think you are hogging the layers of dcache against other
processes.  Testing this program in isolation is a micro-benchmark.


On my slow, small machines transfers > 64K definitely run slower
than -exactly- 64K. Any transfer > MAXPHYS needs 2 i/o ops.
Anything less wastes time in system calls.

My machines are 1.5-2GHz 8GB 2-4 core low end Intel CPUs

Re: scan_ffs(8) and FFS2 filesystems

2019-02-08 Thread gwes 




On 02/08/19 15:35, Jeremie Courreges-Anglas wrote:


I think it's fair to give the user a chance to understand why
scan_ffs(8) won't help in this case.

ok?


--- scan_ffs.8.~1.16.~  Mon Mar 24 00:28:46 2008
+++ scan_ffs.8  Fri Feb  8 21:31:10 2019
@@ -136,6 +136,7 @@ you out of a jam when they happen.
  .Sh SEE ALSO
  .Xr disklabel 8
  .Sh BUGS
-It is not perfect, and could do a lot more things with date/time information
+It is not perfect, does not support FFS2 filesystems,
+and could do a lot more things with date/time information
  in the superblocks it finds, but this program has saved more than one butt,
  more than once.


Scan_ffs checks for the the magic number of the superblock.


--- scan_ffs.c  23 Nov 2015 19:19:30 -  1.21
+++ scan_ffs.c  9 Feb 2019 02:13:48 -
@@ -67,7 +67,8 @@ ufsscan(int fd, daddr_t beg, daddr_t end

    for (n = 0; n < (SBSIZE * SBCOUNT); n += 512){
    sb = (struct fs*)(&buf[n]);
-   if (sb->fs_magic == FS_MAGIC) {
+   if (sb->fs_magic == FS_UFS1_MAGIC ||
+   sb->fs_magic == FS_UFS2_MAGIC) {
    if (flags & FLAG_VERBOSE)
    printf("block %lld id %x,%x 
size %d\n",

    (long long)(blk + (n/512)),
   sb->fs_magic == FS_UFS2_MAGIC) {
fixes it.

scan_ffs w/UFS2

2019-02-13 Thread gwes 
This is a patch for scan_ffs to make it find UFS2 partitions.
The following test data represents a sample of the various disks
available to me at this time. All of the tests are on 6.3 amd64.
I haven't updated to 6.4 or snapshots on this machine.

By design, scan_ffs can only find intact first superblocks.
Backup superblocks do not contain enough data to find
the partition start.
Deducing partition start addresses from backup superblocks
requires interpreting cylinder group data which would be a
separate project.

The standard warning: if this code melts your machine or makes
you turn purple, I told you so.

geoff steckel

store:gwes:10512$ fdisk sd0 
Disk: sd0   geometry: 7783/255/63 [125045424 Sectors]
Offset: 0   Signature: 0xAA55
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
 1: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
*3: A6  0   1   2 -   7782 254  63 [  64:   125033831 ] OpenBSD 
store:gwes:10513$ disklabel sd0
# /dev/rsd0c:
type: SCSI
disk: SCSI disk
label: SanDisk SDSSDP06
duid: 2a081791fe686cf5
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 7783
total sectors: 125045424
boundstart: 64
boundend: 125033895
drivedata: 0 

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
  a:  2097152   64  4.2BSD   2048 16384 1 # /
  b: 11199210  2097216swap# none
  c:1250454240  unused
  d:  8388576 13296448  4.2BSD   2048 16384 1 # /tmp
  e: 14509792 21685024  4.2BSD   2048 16384 1 # /var
  f:  4194304 36194816  4.2BSD   2048 16384 1 # /usr
  g:  2097152 40389120  4.2BSD   2048 16384 1 # /usr/X11R6
  h: 15229664 42486272  4.2BSD   2048 16384 1 # /usr/local
  i:  4194304 57715936  4.2BSD   2048 16384 1 # /usr/src
  j:  8390200 61910240  4.2BSD   2048 16384 12958 # /usr/obj
  k: 54733440 70300448  4.2BSD   2048 16384 12958 # /home
store:gwes:10517$ obj/scan_ffs -s sd0c 
ffs at 64 size 2097152 (1.0G) mount / time Wed Feb 13 03:55:34 2019
ffs at 13296448 size 8388576 (4.0G) mount /tmp time Wed Feb 13 03:55:57 2019
ffs at 21685024 size 14509792 (6.9G) mount /var time Wed Feb 13 03:55:51 2019
ffs at 36194816 size 4194304 (2.0G) mount /usr time Wed Feb 13 03:55:42 2019
ffs at 40389120 size 2097152 (1.0G) mount /usr/X11R6 time Wed Feb 13 03:55:53 
2019
ffs at 42486272 size 15229664 (7.3G) mount /usr/local time Wed Feb 13 03:55:30 
2019
ffs at 57715936 size 4194304 (2.0G) mount /usr/src time Wed Feb 13 03:55:46 2019
ffs at 61910240 size 8390200 (4.0G) mount /usr/obj time Wed Feb 13 03:55:38 2019
ffs at 70300448 size 54733440 (26.1G) mount /home time Wed Feb 13 03:55:55 2019
scan_ffs: read: Invalid argument
store:gwes:10518$ fdisk sd5
Disk: sd5   geometry: 267349/255/63 [4294961685 Sectors]
Offset: 0   Signature: 0x0
Starting Ending LBA Info:
 #: id  C   H   S -  C   H   S [   start:size ]
---
 0: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
 1: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
 2: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
 3: 00  0   0   0 -  0   0   0 [   0:   0 ] unused  
store:gwes:10519$ disklabel sd5
# /dev/rsd5c:
type: SCSI
disk: SCSI disk
label: SR RAID 1
duid: 3a724c18e7cf99de
flags:
bytes/sector: 512
sectors/track: 63
tracks/cylinder: 255
sectors/cylinder: 16065
cylinders: 729340
total sectors: 11716848576
boundstart: 0
boundend: 11716848576
drivedata: 0 

16 partitions:
#size   offset  fstype [fsize bsize   cpg]
  a:   5242892928  128  4.2BSD   8192 65536 52270 # /music
  c:  117168485760  unused
  d:   5452589440   5242893056  4.2BSD   8192 65536 52270 # /dwar
  e:   1021366080  10695482496  4.2BSD   4096 32768 26062 # /const
store:gwes:10520$ dumpfs -m sd5a
# newfs command for sd5a
newfs -O 2 -b 65536 -e 8192 -f 8192 -g 2000 -h 64 -m 5 -o time -s 
5242892928 sd5a 
store:gwes:10521$ dumpfs -m sd5d
# newfs command for sd5d
newfs -O 2 -b 65536 -e 8192 -f 8192 -g 2000 -h 64 -m 5 -o time -s 
5452589440 sd5d 
store:gwes:10522$ dumpfs -m sd5e
# newfs command for sd5e
newfs -O 1 -b 32768 -e 8192 -f 4096 -g 4 -h 64 -m 5 -o time -s 10213660

scan_ffs, take 2

2019-02-16 Thread gwes 
This is an update to scan_ffs to (a) identify UFS2 superblocks
and (b) output a great deal of information about what it finds.

It distinguishes primary superblocks from alternate ones.
It does its best to give enough information to untangle
good partitions from remnants of obsolete partitions.
It deduces enough information from alternate superblocks
to recreate a disklabel even if the primany superblock is absent.

If alternate superblocks carried their own logical block
number as a back-reference this program would be a lot simpler.

It works on the disks on my systems which are
either 6.3 or 6.4 amd64 with both UFS1 and UFS2 partitions.
Test data (voluminous) available on request.

geoff steckel


Index: scan_ffs.c
===
RCS file: /cvs/src/sbin/scan_ffs/scan_ffs.c,v
retrieving revision 1.21
diff -u -p -u -r1.21 scan_ffs.c
--- scan_ffs.c  23 Nov 2015 19:19:30 -  1.21
+++ scan_ffs.c  17 Feb 2019 02:07:28 -
@@ -1,7 +1,6 @@
-/* $OpenBSD: scan_ffs.c,v 1.21 2015/11/23 19:19:30 deraadt Exp $   */
-
 /*
  * Copyright (c) 1998 Niklas Hallqvist, Tobias Weingartner
+ * Copyright (c) 2019 Geoff Steckel
  * All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
@@ -25,6 +24,7 @@
  * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
+#include 
 #include 
 #include 
 #include 
@@ -37,95 +37,188 @@
 #include 
 #include 
 
-#define SBCOUNT 64 /* XXX - Should be configurable */
+#define RDCOUNT 64 /* XXX - Should be configurable */
 
 /* Flags to control ourselves... */
 #define FLAG_VERBOSE   1
 #define FLAG_SMART 2
 #define FLAG_LABELS4
 
+#define is_ufs1(fs) ((fs)->fs_magic == FS_UFS1_MAGIC)
+#define is_ufs2(fs) ((fs)->fs_magic == FS_UFS2_MAGIC)
+
+#define x_strof(x) #x
+#define s_strof(y) x_strof(y)
+#define S_MAXMNTLEN s_strof(MAXMNTLEN)
+
+#define NFSIDS 20
+
+struct fsident {
+   int32_t fsi_id[2];  /* id from 1st sb seen */
+   off_t   fsi_end;/* last block for this sb */
+   off_t   fsi_beg;/* base for this sb */
+   charfsi_mnt[MAXMNTLEN + 1]; /* name of last mount */
+} fsidtab[NFSIDS];
+
+intnfsident ;
+
 static void usage(void);
+static void ffs1_compat_read(struct fs *);
+static int is_sblock(const struct fs *);
+static int is_cg(const struct cg *);
+static int ufsscan(daddr_t, daddr_t);
+static daddr_t check_block(struct fs *, daddr_t);
+static int try_find_base(struct fs *, daddr_t, daddr_t *);
+static struct fsident *find_end_id(daddr_t, int *);
+static int find_enter_id(struct fs *, daddr_t, daddr_t);
+static void remove_id(struct fsident *);
+
+int flags;
+int disk_fd;
 
 static int
-ufsscan(int fd, daddr_t beg, daddr_t end, int flags)
+ufsscan(daddr_t beg_blkno, daddr_t end_blkno)
 {
-   static char lastmount[MAXMNTLEN];
-   static u_int8_t buf[SBSIZE * SBCOUNT];
+   static u_int8_t buf[SBSIZE * (RDCOUNT + 1)];
struct fs *sb;
-   daddr_t blk, lastblk;
+   daddr_t blk;
int n;
+   ssize_t nread;
+   daddr_t blkno;
+   daddr_t jump;
 
-   lastblk = -1;
-   memset(lastmount, 0, MAXMNTLEN);
-
-   for (blk = beg; blk <= ((end<0)?blk:end); blk += (SBCOUNT*SBSIZE/512)){
-   memset(buf, 0, SBSIZE * SBCOUNT);
-   if (lseek(fd, (off_t)blk * 512, SEEK_SET) < 0)
+   for (blk = beg_blkno; blk <= end_blkno; blk += (RDCOUNT * SBSIZE / 
DEV_BSIZE)) {
+   if (lseek(disk_fd, (off_t)blk * DEV_BSIZE, SEEK_SET) < 0)
err(1, "lseek");
-   if (read(fd, buf, SBSIZE * SBCOUNT) < 0)
+   /* read 1 sblock-size extra to prevent running off end of buf */
+   nread = read(disk_fd, buf, SBSIZE * (RDCOUNT + 1)) ;
+   if (nread == -1)
err(1, "read");
+   nread -= SBSIZE;
 
-   for (n = 0; n < (SBSIZE * SBCOUNT); n += 512){
-   sb = (struct fs*)(&buf[n]);
-   if (sb->fs_magic == FS_MAGIC) {
-   if (flags & FLAG_VERBOSE)
-   printf("block %lld id %x,%x size %d\n",
-   (long long)(blk + (n/512)),
-   sb->fs_id[0], sb->fs_id[1],
-   sb->fs_ffs1_size);
-
-   if (((blk+(n/512)) - lastblk) == (SBSIZE/512)) {
-   if (flags & FLAG_LABELS ) {
-   printf("X: %lld %lld 4.2BSD %d 
%d %d # %s\n",
-   ((off_t)sb->fs_ffs1_size *
-   sb->fs_fsize / 512),
-   (long long)(blk + (n/512) -
-

scan_ffs minimal ufs2

2019-02-17 Thread gwes 


Fixed 2 bugs:
   size output was in bytes not DEV_BSIZE blocks
   would not find fs with fs_frag == 4096
Added:
   recognize UFS2

Index: scan_ffs.c
===
RCS file: /cvs/src/sbin/scan_ffs/scan_ffs.c,v
retrieving revision 1.21
diff -u -p -u -r1.21 scan_ffs.c
--- scan_ffs.c  23 Nov 2015 19:19:30 -  1.21
+++ scan_ffs.c  18 Feb 2019 02:02:37 -
@@ -45,6 +45,7 @@
 #define FLAG_LABELS4
 
 static void usage(void);
+static void ffs1_compat_read(struct fs *);
 
 static int
 ufsscan(int fd, daddr_t beg, daddr_t end, int flags)
@@ -66,39 +67,49 @@ ufsscan(int fd, daddr_t beg, daddr_t end
err(1, "read");
 
for (n = 0; n < (SBSIZE * SBCOUNT); n += 512){
+   long long sboff;
sb = (struct fs*)(&buf[n]);
-   if (sb->fs_magic == FS_MAGIC) {
+   if (sb->fs_magic == FS_UFS1_MAGIC ||
+   sb->fs_magic == FS_UFS2_MAGIC) {
+   ffs1_compat_read(sb);
if (flags & FLAG_VERBOSE)
-   printf("block %lld id %x,%x size %d\n",
+   printf("block %lld id %x,%x size 
%lld\n",
(long long)(blk + (n/512)),
sb->fs_id[0], sb->fs_id[1],
-   sb->fs_ffs1_size);
+   sb->fs_size * sb->fs_fsize / 512);
 
-   if (((blk+(n/512)) - lastblk) == (SBSIZE/512)) {
+   if (sb->fs_magic == FS_UFS1_MAGIC)
+   sboff = SBLOCK_UFS1;
+   else
+   sboff = SBLOCK_UFS2;
+   if ((blk+(n/512) - lastblk) ==
+   (fsbtodb(sb, cgsblock(sb, 0)) -
+   sboff / 512)) {
if (flags & FLAG_LABELS ) {
printf("X: %lld %lld 4.2BSD %d 
%d %d # %s\n",
-   ((off_t)sb->fs_ffs1_size *
+   ((off_t)sb->fs_size *
sb->fs_fsize / 512),
(long long)(blk + (n/512) -
-   (2*SBSIZE/512)),
+   fsbtodb(sb, cgsblock(sb, 
0))),
sb->fs_fsize, sb->fs_bsize,
sb->fs_cpg, lastmount);
} else {
/* XXX 2038 */
-   time_t t = sb->fs_ffs1_time;
+   time_t t = sb->fs_time;
 
printf("ffs at %lld size %lld "
"mount %s time %s",
(long long)(blk+(n/512) -
-   (2*SBSIZE/512)),
-   (long 
long)(off_t)sb->fs_ffs1_size *
-   sb->fs_fsize,
+   fsbtodb(sb, cgsblock(sb, 
0))),
+   (long 
long)(off_t)sb->fs_size *
+   sb->fs_fsize / 512,
lastmount, ctime(&t));
}
 
if (flags & FLAG_SMART) {
-   off_t size = 
(off_t)sb->fs_ffs1_size *
-   sb->fs_fsize;
+   off_t size = (off_t)sb->fs_size 
*
+   sb->fs_fsize -
+   fsbtodb(sb, cgsblock(sb, 
0)) * 512;
 
if ((n + size) < (SBSIZE * 
SBCOUNT))
n += size;
@@ -181,3 +192,22 @@ main(int argc, char *argv[])
 
return (ufsscan(fd, beg, end, flags));
 }
+
+static void
+ffs1_compat_read(struct fs *fs)
+{
+   if (fs->fs_magic == FS_UFS2_MAGIC)
+   return; /* UFS2 */
+   if (fs->fs_sblockloc == 0)
+   fs->fs_sblockloc = SBLOCK_UFS1;
+   fs->fs_flags = fs->fs_ffs1_flags;
+   fs->fs_maxbsize = fs->fs_bsize;
+   fs->fs_time = fs->fs_ffs1

bug in locate

2010-05-21 Thread gwes 
In the 4.7 release of locate there's a bug where

locate -i 'old'

matches Old OLD olD etc

but

locate -i '*old*'

only matches old

There is a missing conditional in fastfind.c:

BEGIN diff -u HERE - fastfind.c 1.10
--- fastfind.c.old  Mon Jun  8 16:18:57 2009
+++ fastfind.c  Fri May 21 22:17:35 2010
@@ -305,7 +305,11 @@
shortpath = basename(path);
 
if ((!f_basename && (!globflag ||
+#ifdef FF_ICASE
+   !fnmatch(pathpart, shortpath, 
FNM_CASEFOLD)))
+#else /* FF_ICASE */
!fnmatch(pathpart, shortpath, 0)))
+#endif /* FF_ICASE */
|| (strstr(shortpath, pathpart) !=
NULL)) {
if (f_silent)
END diff -u HERE

Thanks!

geoff steckel

thanks for vether

2010-06-13 Thread gwes 
Thank you, Theo (and everyone else who worked on it) for vether.
It works beautifully. My firewall now can run with two interfaces
where it needed three before and my pf.conf is 30 lines shorter with
simpler rules.

The configuration iswan <-> sk0 <-> bridge <-> re0 <-> lan
  ^
  |
vether0 <-> firewall internal
where sk0 and re0 have no IP assigned
and vether0 has all of the firewall's IP addresses.

This is necessary because Verizon assigned me xxx.178 through 181
routing through .1 - there is no "transit" subnet between the
firewall and the remote router, so the firewall IP must be visible
both on the WAN and LAN.

This is one more step which makes OpenBSD cleaner & easier to use
as a network gateway.

   geoff steckel
   curmudgeon for hire
   gwes at oat dot com

Re: Scheduler hack for multi-threaded processes

2016-03-23 Thread gwes 



On 03/23/2016 18:58, Alexandre Ratchov wrote:

On Wed, Mar 23, 2016 at 09:35:50PM +0100, Mark Kettenis wrote:

This doesn't only change the sched_yield() behaviour, but also
modifies how in-kernel yield() calls behave for threaded processes.
That is probably not right.

So here is a diff that keeps yield() the same and adds the code in the
sched_yield(2) implementation instead.  It also changes the logic that
picks the priority to walk the complete threads listand pick the
highest priotity of all the threads.  That should be enough to make
sure the calling thread is scheduled behind all other threads from the
same process.  That does require us to grab the kernel lock though.
So this removes NOLOCK from sched_yield(2).  I don't think that is a
big issue.

I used to think that this is a hack, but now i think this is
necessary.

Even if one day we fix the "browsers problem" in the thread
library, I think this diff will remain necessary to handle
processes calling sched_yield() in a loop, i.e.  processes that are
spinning.


Complete and utter hack: penalize processes or threads on
#system calls/time period. Syscalls are more expensive than
normal execution because of locking which blocks other
processes. Reset the counter when process transitions from
inactive->active.

I know that some systems have implemented this type of
input to scheduling according to use of intangible resources.

Geoff Steckel

Re: reloading pf through ansible easy hook

2016-11-22 Thread gwes 

On 11/22/16 15:36, John Boeske wrote:

On Tue, Nov 22, 2016 at 10:46 AM, John Boeske wrote



I don't understand this philosophical point - why wouldn't you want
the rc.d framework to manage pf, quota, etc. whenever it's natural.
With pf, for example, it surely is.

One of the reasons I loved AIX's System Resource Controller (SRC)
was that it did present a unified management interface to all
system resources whether daemon or built in.



Using a consistent rc.d/rcctl framework to manage system services
and daemons - even pkg_add daemons - seems a good idea. Consistent
interfaces, fewer interfaces, less special-casing all simplify
management, thus minimize the chance of error and enhance security.

This is true whether management is local or through a remote tool
like ansible. Or?


Oops.  Meant "pkg_script daemons" above...

John


I designed a single-point-of-control management system for
AIX clusters. It was five software layers - three on the control
two on the controlled system. All of the layers were necessary
for reliable and reconfigurable operation.

As you may think it wasn't easy. It *did* work very well and
was configurable. It had to be since it rode on top of all
the normal Unix-like system control programs. It *was*
reconfigurable so it could track AIX updates (and IBM
requirement changes).

Before you advocate adding layers consider all the possible
error paths including hangs. Consider tracking interactions
between subsystems. Consider how you'll report
errors and status. To do it right isn't simple.

Geoff Steckel

Re: pair(4) (was: connect routing domains on layer 2)

2015-10-26 Thread gwes 



On 10/24/15 06:46, Reyk Floeter wrote:

vether doesn't help as it is not transmitting any traffic.
in other words, "vether is a bridge endpoint" "pair is a bridge link"
This may be a dead topic, but doesn't bridge_output() transmit for 
vether(4)?

Or am I missing the point entirely?

pair(4) does look very useful as a "cable". I just wonder why bridge(4)
doesn't act more like a physical switch which would accept the single
endpoint of a vether(4)

Geoff Steckel

restricting DNS to port 53

2015-11-04 Thread gwes 

Will unbound and nsd be restricted to port 53 only?

Restricting unbound and nsd to port 53 would be
a flag day for me.

I am simulating bind's views for my split horizon by
using two copies of nsd, one of which serves external
queries and one which unbound queries for internal
zones. They share some zone files. The internal and
external views are split into separate zone files
by a script when one or the other changes.

The internal nsd serves from port 10053 so that
it isn't visible to random programs expecting
a recursive server. Note that port options are
explicit in release versions of man unbound.conf and
nsd.conf.

I am using stub-zone in unbound pointing to my
internal nsd on port 10053. Using local-data is
both ugly and impractical since my internal zone
changes frequently.

The solutions I see are:

Ideally, implement views in nsd. There is no mention
  of "split horizon" or "views" in the nsd archive.
  I haven't looked at their repository to see if
  there is WIP.

My probable solution:
  add a loopback interface on (say) 127.0.1.1
  make unbound and nsd communicate there on port 53

Ugly and philosophically bad:
  generate unbound.conf from zone files
 or
  modify unbound to read zone files

Comments?

Geoff Steckel

Re: restricting DNS to port 53

2015-11-04 Thread gwes 

Apologies... I found a set of how-tos on the web.
They suggest the "use a separate address for the
internal nsd". I will change my setup accordingly.

On 11/04/15 09:31, gwes wrote:

Will unbound and nsd be restricted to port 53 only?

Restricting unbound and nsd to port 53 would be
a flag day for me.

I am simulating bind's views for my split horizon by
using two copies of nsd, one of which serves external
queries and one which unbound queries for internal
zones. They share some zone files. The internal and
external views are split into separate zone files
by a script when one or the other changes.

The internal nsd serves from port 10053 so that
it isn't visible to random programs expecting
a recursive server. Note that port options are
explicit in release versions of man unbound.conf and
nsd.conf.

I am using stub-zone in unbound pointing to my
internal nsd on port 10053. Using local-data is
both ugly and impractical since my internal zone
changes frequently.

The solutions I see are:

Ideally, implement views in nsd. There is no mention
  of "split horizon" or "views" in the nsd archive.
  I haven't looked at their repository to see if
  there is WIP.

My probable solution:
  add a loopback interface on (say) 127.0.1.1
  make unbound and nsd communicate there on port 53

Ugly and philosophically bad:
  generate unbound.conf from zone files
 or
  modify unbound to read zone files

Comments?

Geoff Steckel

Thanks for pair(4)

2015-11-10 Thread gwes 

Thanks very much to reyk@ and everyone else who helped
create pair(4). It makes my configuration much simpler
and (more) maintainable.

Geoff Steckel

proposed speedup for diff -q

2014-05-15 Thread gwes 
Proposed enhancement to diff:

diff of two very different files can take a very long time
and a lot of memory.
diff -q uses the same algorithm even though the status is
known at the first difference.

I propose ending the comparison at the first difference if
  diff is invoked with -q
  diff is not invoked with -w, -i, or -b

The changes pass the regression tests and all the tests I've tried.
I believe the changes are not machine dependent.
I invite criticism and counterexamples.

Example:

$ ls -l trash.120403 trash.120711
-rw---  1 gwes  users  249686538 Apr  3  2012 trash.120403
-rw-r--r--  1 gwes  users  142356923 Jul 11  2012 trash.120711

$ time diff -q trash.120403 trash.120711
diff: 
1m51.52s real 1m47.66s user 0m2.46s system

top output:

load averages:  1.02,  0.91,  0.58.oat.com 15:41:54
49 processes: 47 idle, 2 on processor
CPU0 states:  0.0% user,  0.0% nice,  0.0% system,  0.0% interrupt,  100% idle
CPU1 states: 98.4% user,  0.0% nice,  1.6% system,  0.0% interrupt,  0.0% idle
Memory: Real: 403M/785M act/tot Free: 796M Cache: 312M Swap: 0K/1248M

  PID USERNAME PRI NICE  SIZE   RES STATE WAIT  TIMECPU COMMAND
18740 gwes  570  362M  333M onproc/1  biowait   1:05 95.61% diff


$ time work/newdiff/diff -q trash.120403 trash.120711
Files trash.120403 and trash.120711 differ
0m0.00s real 0m0.00s user 0m0.00s system

The code changes

$ diff -u diff.h work/newdiff/diff.h
--- diff.h  Thu May 15 16:29:15 2014
+++ work/newdiff/diff.h Thu May 15 15:57:30 2014
@@ -64,6 +64,10 @@
 #define D_PROTOTYPE0x080   /* Display C function prototype */
 #define D_EXPANDTABS   0x100   /* Expand tabs to spaces */
 #define D_IGNOREBLANKS 0x200   /* Ignore white space changes */
+   /* test for possible return at first difference 
*/
+#define CANBRIEFRETURN(flags) (((flags) & (D_FOLDBLANKS | D_IGNORECASE \
+   | D_IGNOREBLANKS \
+   )) == 0)
 
 /*
  * Status values for print_status() and diffreg() return values

$ diff -u diffreg.c work/newdiff/diffreg.c 
--- diffreg.c   Thu May 15 16:29:15 2014
+++ work/newdiff/diffreg.c  Thu May 15 16:31:19 2014
@@ -366,6 +366,15 @@
status |= 1;
goto closem;
}
+   if ((diff_format == D_BRIEF) && CANBRIEFRETURN(flags)) {
+   anychange = 1;
+   if (flags & D_HEADER) {
+   diff_output("%s %s %s\n", \
+   diffargs, file1, file2);
+   flags &= ~D_HEADER;
+   }
+   goto closem;
+   }
if (lflag) {
/* redirect stdout to pr */
int pfd[2];

kernel crash operating USB device programmer

2017-03-10 Thread gwes 
I'm trying to operate an Atmel AVRISP mkII device programmer
using the "avrdude" program.

The kernel crashes identically running either 6.0 release
or 6.1 snapshot.
Is this a known problem?

Here is the ddb output and the dmesg. I will try to
produce any other useful data or to use ddb to examine the kernel.
If a crash dump is useful I can put one on the web
for download.

I can try to trace the program execution prior to the
crash. I don't think ktrace would help unless it does
fsync after every entry...

Thanks
Geoff Steckel

Mar 10 19:58:48 store /bsd: panic: ehci_device_clear_toggle: queue active
Mar 10 19:58:48 store /bsd: Stopped at  Debugger+0x9:   leave   
Mar 10 19:58:48 store /bsd:TIDPIDUID PRFLAGS PFLAGS  CPU  
COMMAND
Mar 10 19:58:48 store /bsd: * 2171   2171  0 0x3  00  
avrdude
Mar 10 19:58:48 store /bsd: Debugger() at Debugger+0x9
Mar 10 19:58:48 store /bsd: panic() at panic+0xfe
Mar 10 19:58:48 store /bsd: ehci_device_clear_toggle() at 
ehci_device_clear_toggle+0x2b
Mar 10 19:58:48 store /bsd: usbd_clear_endpoint_stall() at 
usbd_clear_endpoint_stall+0x24
Mar 10 19:58:48 store /bsd: ugen_do_read() at ugen_do_read+0x4e6
Mar 10 19:58:48 store /bsd: ugenread() at ugenread+0x48
Mar 10 19:58:48 store /bsd: spec_read() at spec_read+0x2c5
Mar 10 19:58:48 store /bsd: VOP_READ() at VOP_READ+0x3f
Mar 10 19:58:48 store /bsd: vn_read() at vn_read+0xa1
Mar 10 19:58:48 store /bsd: dofilereadv() at dofilereadv+0x204
Mar 10 19:58:48 store /bsd: sys_read() at sys_read+0x89
Mar 10 19:58:48 store /bsd: syscall() at syscall+0x27b
Mar 10 19:58:48 store /bsd: --- syscall (number 3) ---
Mar 10 19:58:48 store /bsd: end trace frame: 0x0, count: 3
Mar 10 19:58:48 store /bsd: 0x108592d58a1a:


Mar 10 20:26:39 store /bsd: OpenBSD 6.1-beta (GENERIC.MP) #224: Thu Mar  9 
18:50:15 MST 2017
Mar 10 20:26:39 store /bsd: 
dera...@amd64.openbsd.org:/usr/src/sys/arch/amd64/compile/GENERIC.MP
Mar 10 20:26:39 store /bsd: real mem = 8466022400 (8073MB)
Mar 10 20:26:39 store /bsd: avail mem = 8204775424 (7824MB)
Mar 10 20:26:39 store /bsd: mpath0 at root
Mar 10 20:26:39 store /bsd: scsibus0 at mpath0: 256 targets
Mar 10 20:26:39 store /bsd: mainbus0 at root
Mar 10 20:26:39 store /bsd: bios0 at mainbus0: SMBIOS rev. 2.7 @ 0xeb450 (20 
entries)
Mar 10 20:26:39 store /bsd: bios0: vendor American Megatrends Inc. version 
"4.6.5" date 06/05/2013
Mar 10 20:26:39 store /bsd: bios0: BIOSTAR Group NM70I-1037U
Mar 10 20:26:39 store /bsd: acpi0 at bios0: rev 2
Mar 10 20:26:39 store /bsd: acpi0: sleep states S0 S1 S4 S5
Mar 10 20:26:39 store /bsd: acpi0: tables DSDT FACP APIC FPDT MCFG HPET SSDT 
SSDT SSDT
Mar 10 20:26:39 store /bsd: acpi0: wakeup devices PS2K(S4) UAR1(S4) P0P1(S4) 
USB1(S4) USB2(S4) USB3(S4) USB4(S4) USB5(S4) USB6(S4) USB7(S4) PXSX(S4) 
RP01(S4) PXSX(S4) RP02(S4) PXSX(S4) RP03(S4) [...]
Mar 10 20:26:39 store /bsd: acpitimer0 at acpi0: 3579545 Hz, 24 bits
Mar 10 20:26:39 store /bsd: acpimadt0 at acpi0 addr 0xfee0: PC-AT compat
Mar 10 20:26:39 store /bsd: cpu0 at mainbus0: apid 0 (boot processor)
Mar 10 20:26:39 store /bsd: cpu0: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz, 
1796.21 MHz
Mar 10 20:26:39 store /bsd: cpu0: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
Mar 10 20:26:39 store /bsd: cpu0: 256KB 64b/line 8-way L2 cache
Mar 10 20:26:39 store /bsd: cpu0: TSC frequency 1796209080 Hz
Mar 10 20:26:39 store /bsd: cpu0: smt 0, core 0, package 0
Mar 10 20:26:39 store /bsd: mtrr: Pentium Pro MTRR support, 10 var ranges, 88 
fixed ranges
Mar 10 20:26:39 store /bsd: cpu0: apic clock running at 99MHz
Mar 10 20:26:39 store /bsd: cpu0: mwait min=64, max=64, C-substates=0.2.1.1.2, 
IBE
Mar 10 20:26:39 store /bsd: cpu1 at mainbus0: apid 2 (application processor)
Mar 10 20:26:39 store /bsd: cpu1: Intel(R) Celeron(R) CPU 1037U @ 1.80GHz, 
1795.92 MHz
Mar 10 20:26:39 store /bsd: cpu1: 
FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,PCLMUL,DTES64,MWAIT,DS-CPL,VMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,PCID,SSE4.1,SSE4.2,x2APIC,POPCNT,DEADLINE,XSAVE,NXE,LONG,LAHF,PERF,ITSC,FSGSBASE,SMEP,ERMS,SENSOR,ARAT
Mar 10 20:26:39 store /bsd: cpu1: 256KB 64b/line 8-way L2 cache
Mar 10 20:26:39 store /bsd: cpu1: smt 0, core 1, package 0
Mar 10 20:26:39 store /bsd: ioapic0 at mainbus0: apid 2 pa 0xfec0, version 
20, 24 pins
Mar 10 20:26:39 store /bsd: acpimcfg0 at acpi0 addr 0xf800, bus 0-63
Mar 10 20:26:39 store /bsd: acpihpet0 at acpi0: 14318179 Hz
Mar 10 20:26:39 store /bsd: acpiprt0 at acpi0: bus 0 (PCI0)
Mar 10 20:26:39 store /bsd: acpiprt1 at acpi0: bus -1 (P0P1)
Mar 10 20:26:39 store /bsd: acpiprt2 at acpi0: bus 2 (RP01)
Mar 10 20:26:39 st