Re: powerpc*: make EXC_LAST less awkward

2022-05-18 Thread Alexander Bluhm
On Tue, May 17, 2022 at 07:20:49PM +, Miod Vallat wrote: > As seen in sys/arch/powerpc64/include/trap.h, not-so-ancient PowerPC and > POWER processors define exception addresses past EXC_LAST. > > The following diff changes EXC_LAST to no longer be the last > "traditional" (0x100 bytes long)

kernel lock in arp

2022-05-18 Thread Alexander Bluhm
Hi, For parallel IP forwarding I had put kernel lock around arpresolve() as a quick workaround for crashes. Moving the kernel lock inside the function makes the hot path lock free. I see slight prerformace increase in my test and no lock contention in kstack flamegraph.

Re: start unlocking kbind(2)

2022-05-18 Thread Alexander Bluhm
On Tue, May 17, 2022 at 10:44:54AM +1000, David Gwynne wrote: > + cookie = SCARG(uap, proc_cookie); > + if (pr->ps_kbind_addr == pc) { > + membar_datadep_consumer(); > + if (pr->ps_kbind_cookie != cookie) > + goto sigill; > + } else { You

Re: pf: remove unused include files

2022-05-17 Thread Alexander Bluhm
On Tue, May 17, 2022 at 06:40:12PM +, Miod Vallat wrote: > sys/net/pf.c r1.968 added a call to m_print() #ifdef DDB in a > troublesome situation. > > Once the root cause of the problem was fixed, the DDB-specific code path > was removed in r1.970, but the added includes were kept, although >

Re: have in6_pcbselsrc copy the selected ip to the caller instead of a reference

2022-05-15 Thread Alexander Bluhm
On Sun, May 15, 2022 at 08:19:47PM +1000, David Gwynne wrote: > this is basically the same as what i did for in_pcbselsrc, and > completely mechanical. im too tired to figure out if there's a smarter > way to do it. > > lightly tested, and more eyes are welcome because of the tiredness > thing.

OpenBSD Errata: May 16, 2022 (kqueue asn1 pppoe)

2022-05-15 Thread Alexander Bluhm
Errata patches for kqueue in the kernel and asn1 in libcrypto have been released for OpenBSD 7.1. Errata patches for pppoe in the kernel have been released for OpenBSD 7.1 and 7.0. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code

Re: Lock kernel in nfsrv_rcv()

2022-05-13 Thread Alexander Bluhm
On Fri, May 13, 2022 at 04:05:15PM +, Visa Hankala wrote: > The NFS subsystem is not MP-safe yet. Take this into account > in the NFS server socket upcall by locking the kernel. > > This might help with the NFS server hanging that was seen recently > as a result of the now-reverted

Re: Unlock umask(2)

2022-05-12 Thread Alexander Bluhm
On Wed, May 11, 2022 at 11:20:15AM +0300, Vitaliy Makkoveev wrote: > sys_umask() only modifies `fd_cmask', which modification is already > protected by `fd_lock' rwlock(9). I did run full regress on amd64. OK bluhm@ > Index: sys/kern/syscalls.master >

Re: Unlock umask(2)

2022-05-12 Thread Alexander Bluhm
On Wed, May 11, 2022 at 11:41:18PM +0300, Vitaliy Makkoveev wrote: > > Both of the resizes should happen first, in case there is fallout in > > userland which isn't visible yet. > > No problem. OK bluhm@ > Index: sys/sys/filedesc.h >

Re: Unlock umask(2)

2022-05-11 Thread Alexander Bluhm
On Wed, May 11, 2022 at 11:20:15AM +0300, Vitaliy Makkoveev wrote: > sys_umask() only modifies `fd_cmask', which modification is already > protected by `fd_lock' rwlock(9). I found this in sys/filedesc.h u_short fd_cmask; /* [f/w] mask for file creation */ u_short

Re: [External] : Re: move memory allocation in pfr_add_tables() outside of NET_LOCK()/PF_LOCK()

2022-05-10 Thread Alexander Bluhm
On Tue, May 10, 2022 at 12:40:39AM +0200, Alexandr Nedvedicky wrote: > updated diff is below. Although this makes the code more complex, I see no simple solution. We must get the sleeps out of the pf lock. As seen from the mail on bugs@, sleeping in pf is not a good thing. Also mbuhl@ is

Re: [External] : Re: move memory allocation in pfr_add_tables() outside of NET_LOCK()/PF_LOCK()

2022-05-09 Thread Alexander Bluhm
On Mon, May 09, 2022 at 11:11:03PM +0200, Alexandr Nedvedicky wrote: > > ... and then we insert a destroyed p > > yes. you are right. new diff addresses that with change as follows: > > @@ -1542,9 +1542,8 @@ pfr_add_tables(struct pfr_table ...) >

Re: [External] : Re: pf.conf(5) clarify ICMP sloppy state handling

2022-05-09 Thread Alexander Bluhm
On Mon, May 09, 2022 at 10:08:24PM +0100, Stuart Henderson wrote: > This is helpful, but because it's so surprising that "pass proto icmp" > doesn't pass all icmp traffic, I think it would help to mention it where > "proto icmp" is described too. > > Also, the top of the text about "sloppy" just

Re: move memory allocation in pfr_add_tables() outside of NET_LOCK()/PF_LOCK()

2022-05-09 Thread Alexander Bluhm
On Sun, May 08, 2022 at 06:15:49PM +0200, Alexandr Nedvedicky wrote: > OK ? 3 comments inline > 8<---8<---8<--8< > diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c > index 8315b115474..1f036e1368f 100644 > --- a/sys/net/pf_ioctl.c > +++

Re: [External] : net lock priority

2022-05-09 Thread Alexander Bluhm
On Sun, May 08, 2022 at 10:54:01PM +0200, Alexandr Nedvedicky wrote: > what bothers me is the situation where there are > more than one reader. The line 350 is executed by > the first reader which drops the lock. So the process > woken up by wakeup(rwl) are going to find out the >

Re: [External] : net lock priority

2022-05-08 Thread Alexander Bluhm
On Sun, May 08, 2022 at 09:19:23PM +0200, Alexander Bluhm wrote: > I will run my tests with the diff below. With the third chunk reboot hangs during reordering libraries in vmmaplk. So this needs more thought. > Index: kern/kern_rw

Re: [External] : Re: pf.conf(5) clarify ICMP sloppy state handling

2022-05-08 Thread Alexander Bluhm
On Sun, May 08, 2022 at 09:58:47PM +0200, Alexandr Nedvedicky wrote: > Hello, > > On Sun, May 08, 2022 at 08:06:57PM +0200, Alexander Bluhm wrote: > > On Sun, May 08, 2022 at 06:37:57PM +0200, Alexandr Nedvedicky wrote: > > > this tiny update to pf.conf(5) has been promp

Re: [External] : net lock priority

2022-05-08 Thread Alexander Bluhm
On Sun, May 08, 2022 at 07:55:44PM +0200, Alexandr Nedvedicky wrote: > my question is why do we reset RWLOCK_WAIT and RWLOCK_WRWANT flags? This is a very good question. > I think those flags should be reset the last reader gone. Perhaps > the else branch for reader requires this: >

Re: pf.conf(5) clarify ICMP sloppy state handling

2022-05-08 Thread Alexander Bluhm
On Sun, May 08, 2022 at 06:37:57PM +0200, Alexandr Nedvedicky wrote: > this tiny update to pf.conf(5) has been prompted here [1] on > pf mailing list. By default only ICMP queries are allowed > to create state in pf(4). The sloppy option relaxes that > so also ICMP replies can create a state. I

Re: divert packet kernel lock

2022-05-06 Thread Alexander Bluhm
On Fri, May 06, 2022 at 10:16:35PM +0200, Mark Kettenis wrote: > > Date: Fri, 6 May 2022 14:48:59 +0200 > > From: Alexander Bluhm > > > > On Thu, May 05, 2022 at 11:10:54PM +0200, Mark Kettenis wrote: > > > > Date: Thu, 5 May 2022 22:41:01 +0200 > > >

net lock priority

2022-05-06 Thread Alexander Bluhm
Hi, When creating network load by forwarding packets, SSH gets unusable and ping time gets above 10 seconds. Problem is that while multiple forwarding threads are running with shared net lock, the exclusive lock cannot be acquired. This is unfair. Diff below prevents that a read lock is

Re: divert packet kernel lock

2022-05-06 Thread Alexander Bluhm
On Thu, May 05, 2022 at 11:10:54PM +0200, Mark Kettenis wrote: > > Date: Thu, 5 May 2022 22:41:01 +0200 > > From: Alexander Bluhm > > > > Hi, > > > > The easiest way to make divert_packet() MP safe for now, is to > > protect sbappendaddr() wi

divert packet kernel lock

2022-05-05 Thread Alexander Bluhm
Hi, The easiest way to make divert_packet() MP safe for now, is to protect sbappendaddr() with kernel lock. ok? bluhm Index: netinet/ip_divert.c === RCS file: /data/mirror/openbsd/cvs/src/sys/netinet/ip_divert.c,v retrieving

Re: Use static allocation for rt_timer_queue

2022-05-05 Thread Alexander Bluhm
On Thu, May 05, 2022 at 03:08:39PM +0200, Claudio Jeker wrote: > In total there are 6 rt_timer_queues in our kernel. 3 IPv4 and 3 IPv6. > That number may be increased to 8 if arp and nd would use these timers as > well. Because of this allocation the queue heads via pool(9) is overkill. > >

OpenBSD Errata: May 5, 2022 (ipsec)

2022-05-05 Thread Alexander Bluhm
Errata patch for kernel IPsec has been released for OpenBSD 7.1. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata71.html

Re: kbd set error message

2022-05-05 Thread Alexander Bluhm
anyone? On Sun, Apr 17, 2022 at 08:20:40PM +0200, Alexander Bluhm wrote: > Hi, > > After fixing the kbd -l error handling, kbd set needs the same diff. > While there, shorten long lines and avoid v--; v++; logic. > > $ ./kbd de > kbd: /dev/wskbd0: Permission denie

Re: Reserved address behavior (alternate broadcast and 240/4)

2022-05-05 Thread Alexander Bluhm
On Wed, May 04, 2022 at 06:48:14PM -0700, Seth David Schoen wrote: > This has some odd consequences. For instance, if an OpenBSD system > has an interface numbered with an address in 240/4, it can initiate > and receive TCP connections using that address, and it can ping other > hosts using that

divert packet mutex

2022-05-04 Thread Alexander Bluhm
Hi, I missed that pf divert packet is not MP safe yet. The problem is that divert_packet() is called from pf with shared net lock and sbappendaddr() needs exclusive net lock. The direct call from pf in IP layer to divert in protocol layer is not nice. I not sure how to address that. As a

Re: [External] : Re: another syzkaller problem in pf

2022-05-04 Thread Alexander Bluhm
On Wed, May 04, 2022 at 02:21:11PM +0200, Alexandr Nedvedicky wrote: > I'm not sure flipping a flag is a right change. In general we don't want > to hold NET_LOCK()/PF_LOCK() while waiting for memory. - We must not wait for memory when in the packet processing hot path. Drop the packet

Re: ratecheck mutex

2022-05-04 Thread Alexander Bluhm
On Wed, May 04, 2022 at 04:42:21AM -0500, Scott Cheloha wrote: > > On May 3, 2022, at 17:16, Alexander Bluhm wrote: > > > > ???Hi, > > > > We have one comment that locking for ratecheck(9) is missing. In > > all other places locking status of the str

ratecheck mutex

2022-05-03 Thread Alexander Bluhm
Hi, We have one comment that locking for ratecheck(9) is missing. In all other places locking status of the struct timeval *lasttime is unclear. The easiest fix is a global mutex for all lasttime in ratecheck(). This covers the usual usecase of the function. Same for ppsratecheck(9), lasttime

Re: another syzkaller problem in pf

2022-05-03 Thread Alexander Bluhm
On Tue, May 03, 2022 at 07:42:34PM +0200, Moritz Buhl wrote: > commit 4b3977248902c22d96aaebdb5784840debc2631c > Author: mikeb > Date: Mon Nov 24 13:22:09 2008 + > > Fix splasserts seen in pr 5987 by propagating a flag that discribes > whether we're called from the interrupt

Re: rttimer move callback to the queue struct

2022-05-03 Thread Alexander Bluhm
On Tue, May 03, 2022 at 11:30:13AM +0200, Claudio Jeker wrote: > Next stage of rttimer cleanup. Move the callback from the rttimer to the > rttimer_queue struct. The callback is always the same for a queue so there > is no need to define it on every call. > > On top of that replace

Re: [External] : Re: add sanity checks to IGMP/MLD

2022-05-03 Thread Alexander Bluhm
On Tue, May 03, 2022 at 10:10:23AM +0200, Alexandr Nedvedicky wrote: > updated diff is below. > thanks for taking a look at it. OK bluhm@ > 8<---8<---8<--8< > diff --git a/sys/net/pf.c b/sys/net/pf.c > index f15e1ead8c0..bf9593952ec 100644

Re: [External] : Re: add sanity checks to IGMP/MLD

2022-05-03 Thread Alexander Bluhm
On Tue, May 03, 2022 at 12:26:52AM +0200, Alexandr Nedvedicky wrote: > OK ? or should I also drop a check for link-local source address > in IPv6? The link-local check makes sense. > 8<---8<---8<--8< > diff --git a/sys/net/pf.c

Re: kstat(1): implement wait with setitimer(2)

2022-05-03 Thread Alexander Bluhm
On Mon, May 02, 2022 at 08:39:07PM -0500, Scott Cheloha wrote: > On Sat, Apr 30, 2022 at 01:27:44AM +0200, Alexander Bluhm wrote: > > otherwise diff looks good to me > > Still look good? OK bluhm@ > Index: kstat.c > =

Re: add sanity checks to IGMP/MLD

2022-05-02 Thread Alexander Bluhm
On Mon, May 02, 2022 at 11:30:58PM +0200, Alexandr Nedvedicky wrote: > hello, > > bluhm@ has committed a fix [1] which makes pf to accept IGMP/MLD messages. > If I remember correct pf(4) was dropping those messages because > of Router Alert IP option being present. The IP option is mandatory >

Re: install btrace scripts

2022-04-30 Thread Alexander Bluhm
On Sat, Apr 30, 2022 at 02:03:28PM -0600, Theo de Raadt wrote: > >On 2022-04-30, Alexander Bluhm wrote: > >> Hi, > >> > >> Can we install the btrace scripts to /usr/share/btrace/ ? The > >> directory already exists, only the Makefile is not linked to t

install btrace scripts

2022-04-30 Thread Alexander Bluhm
Hi, Can we install the btrace scripts to /usr/share/btrace/ ? The directory already exists, only the Makefile is not linked to the build. And I would like to use #! to make them executable. ok? bluhm Index: share/Makefile ===

Re: simplify rttimer api

2022-04-29 Thread Alexander Bluhm
On Fri, Apr 29, 2022 at 11:58:52AM +0200, Claudio Jeker wrote: > The callback currently uses struct rttimer as an argument but the code > only needs the rtt_tableid element from there. Change the callbacks to > be of the form void (*rtt_callback)(struct rtentry *r, u_int rtableid) > > Also change

Re: kstat(1): implement wait with setitimer(2)

2022-04-29 Thread Alexander Bluhm
On Thu, Apr 28, 2022 at 08:54:02PM -0500, Scott Cheloha wrote: > On Thu, Sep 17, 2020 at 06:29:48PM -0500, Scott Cheloha wrote: > > [...] > > > > Using nanosleep(2) to print the stats periodically causes the period > > to drift. If you use setitimer(2) it won't drift. > > > > ok? > > 19 month

Re: [External] : Re: pf igmp icmp6 multicast router alert

2022-04-28 Thread Alexander Bluhm
On Thu, Apr 28, 2022 at 08:15:20AM +0200, Alexandr Nedvedicky wrote: > Hello, > > On Thu, Apr 28, 2022 at 12:36:40AM +0200, Alexander Bluhm wrote: > > On Wed, Apr 27, 2022 at 11:47:45PM +0200, Alexander Bluhm wrote: > > > New diff: > > > - make off and end rel

Re: router timer mutex

2022-04-28 Thread Alexander Bluhm
I still need an ok for this diff. It is the final step before we can run IP forwaring in parallel. bluhm On Thu, Apr 21, 2022 at 05:44:17PM +0200, Alexander Bluhm wrote: > On Wed, Apr 20, 2022 at 08:12:51PM +0200, Alexander Bluhm wrote: > > mvs@ reminded me of a crash I have seen in

Re: cleanup multicast rttimer queues

2022-04-28 Thread Alexander Bluhm
On Wed, Apr 27, 2022 at 12:10:59PM +0200, Claudio Jeker wrote: > There is no need to have a rttimer queue per rdomain. The rttimer itself > is rdomain aware and so this just make everything more complicated for no > gain. > > This diff just drops back to a single queue and initializes the queues

Re: pf igmp icmp6 multicast router alert

2022-04-27 Thread Alexander Bluhm
On Wed, Apr 27, 2022 at 11:47:45PM +0200, Alexander Bluhm wrote: > New diff: > - make off and end relative to opts array > - check length of IPv4 options > - fix call to pf_walk_option > - add case IP6OPT_PADN > - add case MLDV2_LISTENER_REPORT - pf_pull_hdr() before pf_walk_opt

Re: [External] : Re: pf igmp icmp6 multicast router alert

2022-04-27 Thread Alexander Bluhm
On Fri, Apr 22, 2022 at 07:40:17PM +0200, Alexandr Nedvedicky wrote: > > + case IPPROTO_ICMPV6: > > + if (!pf_pull_hdr(pd->m, pd->off, , sizeof(icmp6), > > + NULL, reason, AF_INET6)) { > > + DPFPRINTF(LOG_NOTICE, "IPv6

Re: pf igmp icmp6 multicast router alert

2022-04-27 Thread Alexander Bluhm
On Fri, Apr 22, 2022 at 09:03:45PM +0200, Otto Moerbeek wrote: > On Fri, Apr 22, 2022 at 05:59:18PM +0200, Alexander Bluhm wrote: > > > On Thu, Apr 21, 2022 at 09:10:02PM +0200, Alexander Bluhm wrote: > > > The option I have ever seen in the wild is router alert. So i

Re: vers.c: make kernel date in UTC

2022-04-25 Thread Alexander Bluhm
On Sat, Apr 23, 2022 at 09:20:06AM +0200, Sebastien Marie wrote: > Does such diff to force UTC timezone in kernel buildate would be acceptable ? I always convert Canada Mountain time to UTC in my head to estimate whether a commit may be in a snapshot used in regress testing. Having everything in

Re: Provide memory barriers in refcnt_rele() and refcnt_finalize()

2022-04-25 Thread Alexander Bluhm
On Mon, Apr 25, 2022 at 02:52:08PM +, Visa Hankala wrote: > > The patch uses membar_sync(), and not membar_enter(), after the loop > in refcnt_finalize() because subsequent memory operations should hinge > on the load of r_refs. > > membar_enter() is usable when the reference point is a

Re: pf igmp icmp6 multicast router alert

2022-04-22 Thread Alexander Bluhm
On Thu, Apr 21, 2022 at 09:10:02PM +0200, Alexander Bluhm wrote: > The option I have ever seen in the wild is router alert. So it may > be better to allow IGMP and ICMP6 multicast if router alert is the > only option in the packet. This diff implements exactly that. I have only compi

OpenBSD Errata: April 22, 2022 (wifi)

2022-04-22 Thread Alexander Bluhm
Errata patch for wireless drivers in the kernel has been released for OpenBSD 7.1. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata71.html

Re: refcount btrace

2022-04-21 Thread Alexander Bluhm
I still think it is worth to have refcount debugging in generic kernel dt(4). Having tools is easier than first adding printf to hunt a bug. I see no downside. ok? bluhm Index: dev/dt/dt_prov_static.c === RCS file:

Re: Provide memory barriers in refcnt_rele() and refcnt_finalize()

2022-04-21 Thread Alexander Bluhm
On Mon, Apr 18, 2022 at 08:33:06AM +, Visa Hankala wrote: > I think the sanest solution is to add the release and acquire barriers > in refcnt_rele(). Getting memory barriers right is too complicated for developers doing MP stuff. The existing locking and refcount primitives have to

Re: pf igmp icmp6 multicast router alert

2022-04-21 Thread Alexander Bluhm
On Thu, Apr 21, 2022 at 08:56:07PM +0200, Otto Moerbeek wrote: > > Currently it allows all options. Should I make it specific to > > router alert with IGMP or ICMP6? > > To me it looks like the icmp6 case already is limited to MLD? The question is the other way around. My current diff allows

pf igmp icmp6 multicast router alert

2022-04-21 Thread Alexander Bluhm
Hi, IGMP and ICMP6 for multicast packets have router alert options. Per default pf drops all IP packets with options. Usually people ask what is wrong until someone points out that they have to use a pf rule with allow-opts. As this is normal behavior and our kernel generates such packets, the

Re: router timer mutex

2022-04-21 Thread Alexander Bluhm
On Wed, Apr 20, 2022 at 08:12:51PM +0200, Alexander Bluhm wrote: > mvs@ reminded me of a crash I have seen in December. Route timers > are not MP safe, but I think this can be fixed with a mutex. The > idea is to protect the global lists with a mutex and move the rttimer > into a te

router timer kernel lock

2022-04-21 Thread Alexander Bluhm
Hi, As claudio@ wants to refactor router timer before making them MP safe, I would like to protect them with kernel lock. It should fix this panic. https://marc.info/?l=openbsd-tech=164038527425440=2 I hope this is the final step before running IP forwarding in parallel. ok? bluhm Index:

Re: [External] : Re: pfsync(4) snapshot lists must have dedicated link element

2022-04-21 Thread Alexander Bluhm
On Wed, Apr 20, 2022 at 11:22:27PM +0200, Alexandr Nedvedicky wrote: > updated diff is below OK bluhm@ You have to merge again, as I removed #ifdef PFSYNC_DEBUG and added a #ifdef DIAGNOSTIC. Sorry. > 8<---8<---8<--8< > diff --git

router timer mutex

2022-04-20 Thread Alexander Bluhm
Hi, mvs@ reminded me of a crash I have seen in December. Route timers are not MP safe, but I think this can be fixed with a mutex. The idea is to protect the global lists with a mutex and move the rttimer into a temporary list. Then the callback and pool put can be called later without mutex.

pfsync debug bye-bye

2022-04-20 Thread Alexander Bluhm
Hi, In pfsync there are some KASSERT hidden behind #ifdef PFSYNC_DEBUG. That does not make sense to me. Either they are correct, then they should actively check in production. Or they got wrong over time, then they should not make debugging harder. Some basic testing did not show problems.

Re: [External] : Re: pfsync(4) snapshot lists must have dedicated link element

2022-04-20 Thread Alexander Bluhm
On Sat, Apr 09, 2022 at 01:51:05AM +0200, Alexandr Nedvedicky wrote: > updated diff is below. I am not sure what Hrvoje actually did test and what not. My impression was, that he got a panic with the previous version of this diff, but the machine was stable with the code in current. But maybe I

route timer queues

2022-04-19 Thread Alexander Bluhm
Hi, I had a look in route timer queues in netinet and netinet6 and found some inconsistencies. - Timeout was a mixture of int, u_int and long. Make timeout int with sysctl bounds checking and make absolute time time_t. - Some code assumes that ..._timeout_q can be NULL and at some places

Re: route timer pool

2022-04-19 Thread Alexander Bluhm
On Tue, Apr 19, 2022 at 08:59:25AM +0200, Claudio Jeker wrote: > On Tue, Apr 19, 2022 at 01:44:40AM +0200, Alexander Bluhm wrote: > > Hi, > > > > Can we use a pool for rttimer_queue_pool? > > Another option would be to use static rttimer_queues instead of allocating &

Re: route timer init

2022-04-19 Thread Alexander Bluhm
On Tue, Apr 19, 2022 at 08:46:06AM +0200, Claudio Jeker wrote: > On Tue, Apr 19, 2022 at 12:07:49AM +0200, Alexander Bluhm wrote: > > Hi, > > > > Instead of using a MP unsafe global variable, just call rt_timer_init() > > from route_init(). > > > >

Re: rate limit uvn_flush warning

2022-04-18 Thread Alexander Bluhm
On Thu, Apr 14, 2022 at 11:44:42AM -0600, Theo de Raadt wrote: > > If I understand correctly, the problem is that writing to memory > > of an mmap(2)ed file has no error handling. If the file system is > > full, userland cannot be informed. So someone invented this message > > in the kernel. >

route timer pool

2022-04-18 Thread Alexander Bluhm
Hi, Can we use a pool for rttimer_queue_pool? As we run without kernel lock, these pools should have IPL_MPFLOOR protection. ok? bluhm Index: net/route.c === RCS file: /data/mirror/openbsd/cvs/src/sys/net/route.c,v retrieving

route timer init

2022-04-18 Thread Alexander Bluhm
Hi, Instead of using a MP unsafe global variable, just call rt_timer_init() from route_init(). ok? bluhm Index: net/route.c === RCS file: /data/mirror/openbsd/cvs/src/sys/net/route.c,v retrieving revision 1.402 diff -u -p -r1.402

Re: parallel IP forwarding

2022-04-18 Thread Alexander Bluhm
On Mon, Apr 18, 2022 at 12:27:23PM +0200, Hrvoje Popovski wrote: > On 8.4.2022. 12:56, Alexander Bluhm wrote: > > I now the right time to commit the parallel forwarding diff? > > > > Known limitiations are: > > - Hrvoje has seen a crash with both pfsync and ipsec on h

kbd set error message

2022-04-17 Thread Alexander Bluhm
Hi, After fixing the kbd -l error handling, kbd set needs the same diff. While there, shorten long lines and avoid v--; v++; logic. $ ./kbd de kbd: /dev/wskbd0: Permission denied ok? bluhm Index: sbin/kbd/kbd_wscons.c === RCS

Re: rate limit uvn_flush warning

2022-04-14 Thread Alexander Bluhm
On Wed, Apr 13, 2022 at 02:22:00PM -0600, Theo de Raadt wrote: > I think we should fix the bug and/or DELETE the message entirely I don't see the bug. The message was added in the initial NetBSD uvm commit. http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/uvm/uvm_vnode.c?annotate=1.1 With a major

Re: kbd -l error message

2022-04-14 Thread Alexander Bluhm
On Thu, Apr 14, 2022 at 04:44:10PM +0200, Marc Espie wrote: > I'm not quite fond of the error reports, though... they could be more specific > - we keep track of the first error, so it should probably talk > about /dev/wskbd0 directly ? I wanted to show that more than one device is envolved. But

kbd -l error message

2022-04-14 Thread Alexander Bluhm
Hi, When kbd -l is executed as regular user, it fails silently. $ kbd -l $ echo $? 0 Error handling is a bit tricky. We want the first error if no device is available. $ ./kbd -l kbd: open /dev/wskbd[0-9]: Permission denied $ echo $? 1 ok? bluhm Index: sbin/kbd/kbd_wscons.c

pfsync mutex mpfloor

2022-04-13 Thread Alexander Bluhm
Hi, Hrvoje has hit a witness issue in pfsync. panic: acquiring blockable sleep lock with spinlock or critical section held (kernel_lock) _lock panic(81f45bb7) at panic+0xbf witness_checkorder(8246e970,9,0) at witness_checkorder+0xb61 __mp_lock(8246e768) at __mp_lock+0x5f

rate limit uvn_flush warning

2022-04-13 Thread Alexander Bluhm
Hi, If /usr fills up during relinking kernel, the console spits out masses of these warnings. uvn_flush: obj=0x0, offset=0x476. error during pageout. uvn_flush: WARNING: changes to page may be lost! uvn_flush: obj=0x0, offset=0x476. error during pageout. uvn_flush: WARNING: changes to

Re: refcount btrace

2022-04-12 Thread Alexander Bluhm
On Mon, Apr 11, 2022 at 07:19:00PM +0200, Martin Pieuchot wrote: > On 08/04/22(Fri) 12:16, Alexander Bluhm wrote: > > On Fri, Apr 08, 2022 at 02:39:34AM +, Visa Hankala wrote: > > > On Thu, Apr 07, 2022 at 07:55:11PM +0200, Alexander Bluhm wrote: > > > > On W

OpenBSD Errata: April 11, 2022 (rpki)

2022-04-10 Thread Alexander Bluhm
Errata patches for rpki-client have been released for OpenBSD 6.9 and 7.0. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata69.html

parallel IP forwarding

2022-04-08 Thread Alexander Bluhm
Hi, I now the right time to commit the parallel forwarding diff? Known limitiations are: - Hrvoje has seen a crash with both pfsync and ipsec on his production machine. But he cannot reproduce it in his lab. - TCP processing gets slower as we have an additional queue between IP and protocol

Re: refcount btrace

2022-04-08 Thread Alexander Bluhm
On Fri, Apr 08, 2022 at 02:39:34AM +, Visa Hankala wrote: > On Thu, Apr 07, 2022 at 07:55:11PM +0200, Alexander Bluhm wrote: > > On Wed, Mar 23, 2022 at 06:13:27PM +0100, Alexander Bluhm wrote: > > > In my opinion tracepoints give insight at minimal cost. It is wort

Re: refcount btrace

2022-04-07 Thread Alexander Bluhm
On Wed, Mar 23, 2022 at 06:13:27PM +0100, Alexander Bluhm wrote: > In my opinion tracepoints give insight at minimal cost. It is worth > it to have it in GENERIC to make it easy to use. After release I want to revive the btrace of refcounts discussion. As mpi@ mentioned the idea o

Re: pfsync(4) snapshot lists must have dedicated link element

2022-04-07 Thread Alexander Bluhm
On Wed, Apr 06, 2022 at 05:01:55PM +0200, Alexandr Nedvedicky wrote: > Hello, > > Hrvoje was testing pf(4) and pfsync(4) with parallel forwarding diff > which bluhm@ has shared sometime ago. > > Hrvoje found a bug in my very naive implementation of 'snapshots': > > 1573 void > 1574

OpenBSD Errata: April 5, 2022 (syszlib)

2022-04-04 Thread Alexander Bluhm
Errata patches for zlib in the kernel have been released for OpenBSD 6.9 and 7.0. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata69.html

OpenBSD Errata: April 1, 2022 (zlib)

2022-04-01 Thread Alexander Bluhm
Errata patches for zlib have been released for OpenBSD 6.9 and 7.0. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata69.html

Re: refcount btrace

2022-03-23 Thread Alexander Bluhm
On Mon, Mar 21, 2022 at 01:22:22PM +0100, Martin Pieuchot wrote: > On 20/03/22(Sun) 05:39, Visa Hankala wrote: > > On Sat, Mar 19, 2022 at 12:10:11AM +0100, Alexander Bluhm wrote: > > > On Thu, Mar 17, 2022 at 07:25:27AM +, Visa Hankala wrote: > > > > On Thu, Ma

Re: fix very small ntpd leak

2022-03-23 Thread Alexander Bluhm
On Wed, Mar 23, 2022 at 09:09:01PM +1000, Jonathan Matthew wrote: > We noticed that the ntpd engine process was getting a bit big on some boxes > that we'd accidentally cut off from the ntp servers (routing is hard). > Reading through the code, I noticed the 'query' member of struct ntp_peer > is

pfioctl goto fail

2022-03-23 Thread Alexander Bluhm
Hi, pfioctl() is inconsistent when to use break or goto fail. There is a big switch and when looking at a break you need more context to see where it jumps to. I would like to use goto fail consistently to leave the big switch. break is used for inner switches and loops. No binary diff. ok?

Re: introduce pfioctl_rw

2022-03-22 Thread Alexander Bluhm
On Mon, Mar 21, 2022 at 11:48:48PM +0100, Alexandr Nedvedicky wrote: > OK? I did a regress run with witness. OK bluhm@ > 8<---8<---8<--8< > diff --git a/sys/net/pf_ioctl.c b/sys/net/pf_ioctl.c > index dbbc79c0a0e..329284ce6a6 100644 > ---

Re: rip sbappendaddr() with inpcb table mutex

2022-03-22 Thread Alexander Bluhm
On Tue, Mar 22, 2022 at 04:42:45PM +0100, Claudio Jeker wrote: > No but you push this layer into a specifc direction and by that make it > harder to fix the PCB tables in a different way. I just see people > changing the NET_ASSERT_WLOCKED() without realizing the actual reason for > the exclusive

Re: if_get NULL race arp, nd6, igmp

2022-03-22 Thread Alexander Bluhm
anyone? On Fri, Mar 04, 2022 at 12:09:03PM +0100, Alexander Bluhm wrote: > Hi, > > syzkaller has found this race in arp. > > https://syzkaller.appspot.com/bug?id=e3dc94533ddee95b6d69c2e7049360022f4190d3 > > The assumption of the code is that either the arp entry or the &

Re: rip sbappendaddr() with inpcb table mutex

2022-03-22 Thread Alexander Bluhm
On Tue, Mar 22, 2022 at 02:25:08PM +0100, Claudio Jeker wrote: > On Tue, Mar 22, 2022 at 02:09:51PM +0100, Alexander Bluhm wrote: > > Hi, > > > > syzkaller and witness found the same bug I introduced in UDP also > > for Raw IP. Fix it the same was for r

rip sbappendaddr() with inpcb table mutex

2022-03-22 Thread Alexander Bluhm
Hi, syzkaller and witness found the same bug I introduced in UDP also for Raw IP. Fix it the same was for rip and rip6. https://syzkaller.appspot.com/bug?extid=9bac6356a881dc644265 https://syzkaller.appspot.com/bug?extid=5b2679ee9be0895d26f9 ok? bluhm Index: netinet/raw_ip.c

OpenBSD Errata: March 22, 2022 (slaacd)

2022-03-21 Thread Alexander Bluhm
Errata patches for slaacd have been released for OpenBSD 6.9 and 7.0. Binary updates for the amd64, i386 and arm64 platform are available via the syspatch utility. Source code patches can be found on the respective errata page: https://www.openbsd.org/errata69.html

udp_sbappend() with inpcb table mutex

2022-03-21 Thread Alexander Bluhm
Hi, syzkaller and witness found a bug in my pcb table mutex commit. https://syzkaller.appspot.com/bug?id=90a4811c99d6a2df7b252971b754612ca632894d For multicast and broadcast packets udp_input() traverses the loop of all UDP PCBs. There it calls udp_sbappend() while holding the UDB table mutex.

Re: have in_pcbselsrc copy the selected ip to the caller instead of a reference to it

2022-03-21 Thread Alexander Bluhm
On Mon, Mar 21, 2022 at 11:13:24AM +0100, Claudio Jeker wrote: > On Mon, Mar 21, 2022 at 02:17:21PM +1000, David Gwynne wrote: > > in_pcbselsrc has this: > > > > ifp = if_get(mopts->imo_ifidx); > > if (ifp != NULL) { > > if (ifp->if_rdomain ==

Re: pcb mutex userland

2022-03-18 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 12:47:15AM +0100, Alexander Bluhm wrote: > My previous atempt to add a mutex to in_pcb.h was reverted as it > broke userland build. This diff passes make release and regress test. I would like to commit it to proceed with pcb locking. Generally fixing sysctl in

Re: refcount btrace

2022-03-18 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 07:25:27AM +, Visa Hankala wrote: > On Thu, Mar 17, 2022 at 12:42:13AM +0100, Alexander Bluhm wrote: > > I would like to use btrace to debug refernce counting. The idea > > is to a a tracepoint for every type of refcnt we have. When it > > chan

Re: refcount btrace

2022-03-17 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 07:25:27AM +, Visa Hankala wrote: > On Thu, Mar 17, 2022 at 12:42:13AM +0100, Alexander Bluhm wrote: > > I would like to use btrace to debug refernce counting. The idea > > is to a a tracepoint for every type of refcnt we have. When it > > chan

Re: Use refcnt API with struct plimit

2022-03-17 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 04:07:24PM +, Visa Hankala wrote: > Use the refcnt API with struct plimit. > > OK? OK bluhm@ > Index: kern/kern_resource.c > === > RCS file: src/sys/kern/kern_resource.c,v > retrieving revision 1.71 >

Re: pcb mutex userland

2022-03-17 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 02:09:39PM +0100, Mark Kettenis wrote: > I fear the fundamental problem is that we should not expose data > structures internal to the kernel to userland. What I don't > understand though is how that happens. The sysctl code doesn't seem > to export "struct inpcb"

Re: pcb mutex userland

2022-03-17 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 08:24:10AM +0100, Claudio Jeker wrote: > On Thu, Mar 17, 2022 at 12:47:15AM +0100, Alexander Bluhm wrote: > > Hi, > > > > My previous atempt to add a mutex to in_pcb.h was reverted as it > > broke userland build. > > > > Is the corr

Re: Remove data dependency barrier from atomic_load_*

2022-03-17 Thread Alexander Bluhm
On Thu, Mar 17, 2022 at 07:12:16AM +, Visa Hankala wrote: > On Wed, Mar 16, 2022 at 11:09:12PM +0100, Alexander Bluhm wrote: > > On Tue, Mar 15, 2022 at 09:15:34AM +, Visa Hankala wrote: > > > However, some DEC Alpha CPUs have their data caches divided into cache >

  1   2   3   4   5   6   7   8   9   10   >