From owner-freebsd-audit Sun Jul 8 6:52:31 2001 Delivered-To: freebsd-audit@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id A00D637B403 for ; Sun, 8 Jul 2001 06:52:20 -0700 (PDT) (envelope-from des@ofug.org) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id PAA51815; Sun, 8 Jul 2001 15:52:19 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: audit@freebsd.org Subject: fetch(1) const/static cleanup From: Dag-Erling Smorgrav Date: 08 Jul 2001 15:52:19 +0200 Message-ID: Lines: 13 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="=-=-=" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --=-=-= Could somebody please test the attached patch on an Alpha? It staticicizes all the functions in fetch(1) except main(), constifies a bunch of strings, and replaces the CFLAGS spammage with WARNS?=2. (the patch looks weird because it was generated with 'cvs diff -Bb' from reindented sources - just ignore that) DES -- Dag-Erling Smorgrav - des@ofug.org --=-=-= Content-Type: text/x-patch Content-Disposition: attachment; filename=fetch-warns.diff Index: Makefile =================================================================== RCS file: /home/ncvs/src/usr.bin/fetch/Makefile,v retrieving revision 1.4 diff -u -B -b -r1.4 Makefile --- Makefile 2000/06/28 16:55:09 1.4 +++ Makefile 2001/07/08 13:40:40 @@ -2,8 +2,7 @@ MAINTAINER= des@freebsd.org PROG= fetch -CFLAGS+= -Wall -pedantic -SRCS= fetch.c +WARNS?= 2 DPADD= ${LIBFETCH} LDADD= -lfetch Index: fetch.c =================================================================== RCS file: /home/ncvs/src/usr.bin/fetch/fetch.c,v retrieving revision 1.31 diff -u -B -b -r1.31 fetch.c --- fetch.c 2001/06/01 10:24:58 1.31 +++ fetch.c 2001/07/08 13:44:16 @@ -87,7 +87,7 @@ u_char *buf; /* transfer buffer */ -void +static void sig_handler(int sig) { switch (sig) { @@ -113,7 +113,7 @@ off_t rcvd; }; -void +static void stat_display(struct xferstat *xs, int force) { struct timeval now; @@ -134,8 +134,8 @@ (int)((100.0 * xs->rcvd) / xs->size)); } -void -stat_start(struct xferstat *xs, char *name, off_t size, off_t offset) +static void +stat_start(struct xferstat *xs, const char *name, off_t size, off_t offset) { snprintf(xs->name, sizeof xs->name, "%s", name); gettimeofday(&xs->start, NULL); @@ -147,14 +147,14 @@ stat_display(xs, 1); } -void -stat_update(struct xferstat *xs, off_t rcvd, int force) +static void +stat_update(struct xferstat *xs, off_t rcvd) { xs->rcvd = rcvd; stat_display(xs, 0); } -void +static void stat_end(struct xferstat *xs) { double delta; @@ -180,7 +180,7 @@ fprintf(stderr, "(%.2f Bps)\n", bps); } -int +static int query_auth(struct url *URL) { struct termios tios; @@ -219,8 +219,8 @@ return 0; } -int -fetch(char *URL, char *path) +static int +fetch(char *URL, const char *path) { struct url *url; struct url_stat us; @@ -303,16 +303,17 @@ } /* - * If the -r flag was specified, we have to compare the local and - * remote files, so we should really do a fetchStat() first, but I - * know of at least one HTTP server that only sends the content - * size in response to GET requests, and leaves it out of replies - * to HEAD requests. Also, in the (frequent) case that the local - * and remote files match but the local file is truncated, we have - * sufficient information *before* the compare to issue a correct - * request. Therefore, we always issue a GET request as if we were - * sure the local file was a truncated copy of the remote file; we - * can drop the connection later if we change our minds. + * If the -r flag was specified, we have to compare the local + * and remote files, so we should really do a fetchStat() + * first, but I know of at least one HTTP server that only + * sends the content size in response to GET requests, and + * leaves it out of replies to HEAD requests. Also, in the + * (frequent) case that the local and remote files match but + * the local file is truncated, we have sufficient information + * before the compare to issue a correct request. Therefore, + * we always issue a GET request as if we were sure the local + * file was a truncated copy of the remote file; we can drop + * the connection later if we change our minds. */ if ((r_flag || m_flag) && !o_stdout && stat(path, &sb) != -1) { if (r_flag) @@ -372,8 +373,8 @@ fclose(f); /* if precious, warn the user and give up */ if (R_flag) { - warnx("%s: local modification time does not match remote", - path); + warnx("%s: local modification time " + "does not match remote", path); goto failure_keep; } url->offset = 0; @@ -394,10 +395,11 @@ path, sb.st_size, us.size); goto failure; } - /* we got through, open local file and seek to offset */ + /* we got it, open local file and seek to offset */ /* - * XXX there's a race condition here - the file we open is not - * necessarily the same as the one we stat()'ed earlier... + * XXX there's a race condition here - the + * file we open is not necessarily the same as + * the one we stat()'ed earlier... */ if ((of = fopen(path, "a")) == NULL) { warn("%s: fopen()", path); @@ -416,9 +418,9 @@ } if (!of) { /* - * We don't yet have an output file; either this is a vanilla - * run with no special flags, or the local and remote files - * didn't match. + * We don't yet have an output file; either this is a + * vanilla run with no special flags, or the local and + * remote files didn't match. */ if ((of = fopen(path, "w")) == NULL) { warn("%s: open()", path); @@ -453,10 +455,11 @@ } if (timeout) alarm(0); - stat_update(&xs, count += size, 0); + stat_update(&xs, count += size); for (ptr = buf; size > 0; ptr += wr, size -= wr) if ((wr = fwrite(ptr, 1, size, of)) < size) { - if (ferror(of) && errno == EINTR && !sigalrm && !sigint) + if (ferror(of) && errno == EINTR && + !sigalrm && !sigint) clearerr(of); else break; @@ -539,20 +542,19 @@ return r; } -void +static void usage(void) { - fprintf(stderr, - "Usage: fetch [-146AFMPRUadlmnpqrsv] [-o outputfile] [-S bytes]\n" - " [-B bytes] [-T seconds] [-w seconds]\n" - " [-h host -f file [-c dir] | URL ...]\n" - ); + fprintf(stderr, "%s\n%s\n%s\n", + "Usage: fetch [-146AFMPRUadlmnpqrsv] [-o outputfile] [-S bytes]", + " [-B bytes] [-T seconds] [-w seconds]", + " [-h host -f file [-c dir] | URL ...]"); } #define PARSENUM(NAME, TYPE) \ -int \ -NAME(char *s, TYPE *v) \ +static int \ +NAME(const char *s, TYPE *v) \ { \ *v = 0; \ for (*v = 0; *s; s++) \ @@ -572,7 +574,8 @@ { struct stat sb; struct sigaction sa; - char *p, *q, *s; + const char *p, *s; + char *q; int c, e, r; while ((c = getopt(argc, argv, @@ -614,7 +617,8 @@ f_filename = optarg; break; case 'H': - warnx("The -H option is now implicit, use -U to disable\n"); + warnx("The -H option is now implicit, " + "use -U to disable"); break; case 'h': h_hostname = optarg; @@ -629,7 +633,8 @@ case 'M': case 'm': if (r_flag) - errx(1, "the -m and -r flags are mutually exclusive"); + errx(1, "the -m and -r flags " + "are mutually exclusive"); m_flag = 1; break; case 'n': @@ -647,7 +652,8 @@ break; case 'r': if (m_flag) - errx(1, "the -m and -r flags are mutually exclusive"); + errx(1, "the -m and -r flags " + "are mutually exclusive"); r_flag = 1; break; case 'S': @@ -739,7 +745,8 @@ } else if (stat(o_filename, &sb) == -1) { if (errno == ENOENT) { if (argc > 1) - errx(EX_USAGE, "%s is not a directory", o_filename); + errx(EX_USAGE, "%s is not a directory", + o_filename); } else { err(EX_IOERR, "%s", o_filename); } @@ -796,12 +803,11 @@ && fetchLastErrCode != FETCH_URL && fetchLastErrCode != FETCH_RESOLV && fetchLastErrCode != FETCH_UNKNOWN)) { - if (w_secs) { - if (v_level) - fprintf(stderr, "Waiting %d seconds before retrying\n", - w_secs); + if (w_secs && v_level) + fprintf(stderr, "Waiting %d seconds " + "before retrying\n", w_secs); + if (w_secs) sleep(w_secs); - } if (a_flag) continue; } --=-=-=-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 8 13:28:40 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 5EED537B408 for ; Sun, 8 Jul 2001 13:28:34 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f68KhZh17468; Sun, 8 Jul 2001 16:43:35 -0400 (EDT) (envelope-from mike) Date: Sun, 8 Jul 2001 16:43:35 -0400 (EDT) Message-Id: <200107082043.f68KhZh17468@coffee.q9media.com> To: audit@FreeBSD.org From: Mike Barcroft Cc: Dima Dorfman Subject: updated src/lib and src/sbin warns patches Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I've updated my src/lib and src/sbin warns patches. On the lib patch, I removed some changes where I had added WARNS?=2 to programs that didn't have any C code. On the sbin patch, I removed some changes where I had added WARNS?=2 to programs that don't compile cleanly on Alphas. Both patches have been tested on i386 and alpha. Would someone mind committing them? Both patches are available at the end of this message, also available at: http://testbed.q9media.net/freebsd/lib.20010708.patch & http://testbed.q9media.net/freebsd/sbin.20010708.patch Best regards, Mike Barcroft ----------------------------------------------------------------------- lib.20010708.patch o Set WARNS?=2 on Makefiles that should have it. o Tested on i386 and alpha. Index: libcalendar/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libcalendar/Makefile,v retrieving revision 1.5 diff -u -r1.5 Makefile --- libcalendar/Makefile 2001/03/27 17:26:57 1.5 +++ libcalendar/Makefile 2001/07/03 03:15:03 @@ -1,6 +1,7 @@ # $FreeBSD: src/lib/libcalendar/Makefile,v 1.5 2001/03/27 17:26:57 ru Exp $ LIB= calendar +WARNS?= 2 SRCS= calendar.c easter.c INCS= calendar.h @@ -12,6 +13,6 @@ calendar.3 ndaysg.3 calendar.3 ndaysj.3 \ calendar.3 week.3 calendar.3 weekday.3 -CFLAGS+=-I. -I${.CURDIR} -Wall +CFLAGS+=-I. -I${.CURDIR} .include Index: libnetgraph/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libnetgraph/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- libnetgraph/Makefile 2001/03/27 17:27:09 1.6 +++ libnetgraph/Makefile 2001/07/03 03:15:03 @@ -2,6 +2,7 @@ # $Whistle: Makefile,v 1.4 1999/01/17 03:41:02 julian Exp $ LIB= netgraph +WARNS?= 2 MAN= netgraph.3 SHLIB_MAJOR= 1 @@ -9,8 +10,6 @@ SRCS= sock.c msg.c debug.c INCS= netgraph.h - -CFLAGS+= -Wall MLINKS+= netgraph.3 NgMkSockNode.3 MLINKS+= netgraph.3 NgNameNode.3 ----------------------------------------------------------------------- sbin.20010708.patch o Set WARNS?=2 on Makefiles that should have it. o Tested on i386 and alpha. Index: clri/Makefile =================================================================== RCS file: /home/ncvs/src/sbin/clri/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- clri/Makefile 2001/03/26 14:32:58 1.4 +++ clri/Makefile 2001/06/29 02:03:23 @@ -2,6 +2,7 @@ # $FreeBSD: src/sbin/clri/Makefile,v 1.4 2001/03/26 14:32:58 ru Exp $ PROG= clri +WARNS?= 2 MAN= clri.8 .include Index: kldload/Makefile =================================================================== RCS file: /home/ncvs/src/sbin/kldload/Makefile,v retrieving revision 1.7 diff -u -r1.7 Makefile --- kldload/Makefile 2001/05/18 13:41:26 1.7 +++ kldload/Makefile 2001/06/29 02:03:23 @@ -27,6 +27,7 @@ # PROG= kldload +WARNS?= 2 MAN= kldload.8 .include Index: spppcontrol/Makefile =================================================================== RCS file: /home/ncvs/src/sbin/spppcontrol/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- spppcontrol/Makefile 2001/03/26 14:33:25 1.4 +++ spppcontrol/Makefile 2001/06/29 02:03:23 @@ -1,6 +1,7 @@ # $FreeBSD: src/sbin/spppcontrol/Makefile,v 1.4 2001/03/26 14:33:25 ru Exp $ PROG= spppcontrol +WARNS?= 2 MAN= spppcontrol.8 .include Index: swapon/Makefile =================================================================== RCS file: /home/ncvs/src/sbin/swapon/Makefile,v retrieving revision 1.4 diff -u -r1.4 Makefile --- swapon/Makefile 2001/03/26 14:33:25 1.4 +++ swapon/Makefile 2001/06/29 02:03:23 @@ -2,6 +2,7 @@ # $FreeBSD: src/sbin/swapon/Makefile,v 1.4 2001/03/26 14:33:25 ru Exp $ PROG= swapon +WARNS?= 2 MAN= swapon.8 .include To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 8 14: 5: 4 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id B1B8937B401 for ; Sun, 8 Jul 2001 14:05:01 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f68LK8q17541; Sun, 8 Jul 2001 17:20:08 -0400 (EDT) (envelope-from mike) Date: Sun, 8 Jul 2001 17:20:08 -0400 (EDT) Message-Id: <200107082120.f68LK8q17541@coffee.q9media.com> To: Dag-Erling Smorgrav From: Mike Barcroft Cc: audit@freebsd.org Subject: Re: fetch(1) const/static cleanup Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav writes: > Could somebody please test the attached patch on an Alpha? It > staticicizes all the functions in fetch(1) except main(), constifies a > bunch of strings, and replaces the CFLAGS spammage with WARNS?=2. cc -O -pipe -mcpu=ev4 -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Wno-uninitialized -Werror -Wreturn-type -Wcast-qual -Wwrite-strings -Wswitch -Wshadow -c fetch.c cc1: warnings being treated as errors fetch.c: In function `stat_display': fetch.c:131: warning: long long int format, off_t arg (arg 3) fetch.c:134: warning: long long int format, off_t arg (arg 3) fetch.c: In function `stat_end': fetch.c:173: warning: long long int format, off_t arg (arg 3) fetch.c: In function `fetch': fetch.c:301: warning: long long int format, off_t arg (arg 2) fetch.c:340: warning: long long int format, off_t arg (arg 3) fetch.c:340: warning: long long int format, off_t arg (arg 4) fetch.c:359: warning: long long int format, off_t arg (arg 3) fetch.c:362: warning: long long int format, off_t arg (arg 3) fetch.c:395: warning: long long int format, off_t arg (arg 3) fetch.c:395: warning: long long int format, off_t arg (arg 4) fetch.c:440: warning: comparison between signed and unsigned fetch.c:512: warning: long long int format, off_t arg (arg 3) fetch.c:512: warning: long long int format, off_t arg (arg 4) *** Error code 1 Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jul 8 17: 3:15 2001 Delivered-To: freebsd-audit@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id CAAEC37B401 for ; Sun, 8 Jul 2001 17:03:12 -0700 (PDT) (envelope-from des@ofug.org) Received: (from des@localhost) by flood.ping.uio.no (8.9.3/8.9.3) id CAA54518; Mon, 9 Jul 2001 02:03:06 +0200 (CEST) (envelope-from des@ofug.org) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Mike Barcroft Cc: audit@FreeBSD.ORG, Dima Dorfman Subject: Re: updated src/lib and src/sbin warns patches References: <200107082043.f68KhZh17468@coffee.q9media.com> From: Dag-Erling Smorgrav Date: 09 Jul 2001 02:03:05 +0200 In-Reply-To: <200107082043.f68KhZh17468@coffee.q9media.com> Message-ID: Lines: 16 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Mike Barcroft writes: > @@ -12,6 +13,6 @@ > calendar.3 ndaysg.3 calendar.3 ndaysj.3 \ > calendar.3 week.3 calendar.3 weekday.3 > > -CFLAGS+=-I. -I${.CURDIR} -Wall > +CFLAGS+=-I. -I${.CURDIR} > > .include I don't think libcalendar needs the -I stuff, you can remove CFLAGS altogether. Test it in a world build first though. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jul 9 14:15:57 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 9393E37B401 for ; Mon, 9 Jul 2001 14:15:53 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f69LV1H19027; Mon, 9 Jul 2001 17:31:01 -0400 (EDT) (envelope-from mike) Date: Mon, 9 Jul 2001 17:31:01 -0400 (EDT) Message-Id: <200107092131.f69LV1H19027@coffee.q9media.com> To: Dag-Erling Smorgrav From: Mike Barcroft Cc: audit@FreeBSD.org, Dima Dorfman Subject: Re: updated src/lib and src/sbin warns patches Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Dag-Erling Smorgrav > Mike Barcroft writes: > > @@ -12,6 +13,6 @@ > > calendar.3 ndaysg.3 calendar.3 ndaysj.3 \ > > calendar.3 week.3 calendar.3 weekday.3 > > > > -CFLAGS+=-I. -I${.CURDIR} -Wall > > +CFLAGS+=-I. -I${.CURDIR} > > > > .include > > I don't think libcalendar needs the -I stuff, you can remove CFLAGS > altogether. Test it in a world build first though. Quite correct. Patch updated; world builds without those extra include paths. The updated patch is available at the end of this message and also at: http://testbed.q9media.net/freebsd/lib.20010709.patch Best regards, Mike Barcroft ----------------------------------------------------------------------- lib.20010709.patch o Set WARNS?=2 on Makefiles that should have it. o Remove some useless include paths in libcalendar. o Tested on i386 and alpha. Index: libcalendar/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libcalendar/Makefile,v retrieving revision 1.5 diff -u -r1.5 Makefile --- libcalendar/Makefile 2001/03/27 17:26:57 1.5 +++ libcalendar/Makefile 2001/07/09 21:04:19 @@ -1,6 +1,7 @@ # $FreeBSD: src/lib/libcalendar/Makefile,v 1.5 2001/03/27 17:26:57 ru Exp $ LIB= calendar +WARNS?= 2 SRCS= calendar.c easter.c INCS= calendar.h @@ -11,7 +12,5 @@ calendar.3 gdate.3 calendar.3 jdate.3 \ calendar.3 ndaysg.3 calendar.3 ndaysj.3 \ calendar.3 week.3 calendar.3 weekday.3 - -CFLAGS+=-I. -I${.CURDIR} -Wall .include Index: libnetgraph/Makefile =================================================================== RCS file: /home/ncvs/src/lib/libnetgraph/Makefile,v retrieving revision 1.6 diff -u -r1.6 Makefile --- libnetgraph/Makefile 2001/03/27 17:27:09 1.6 +++ libnetgraph/Makefile 2001/07/09 21:04:19 @@ -2,6 +2,7 @@ # $Whistle: Makefile,v 1.4 1999/01/17 03:41:02 julian Exp $ LIB= netgraph +WARNS?= 2 MAN= netgraph.3 SHLIB_MAJOR= 1 @@ -9,8 +10,6 @@ SRCS= sock.c msg.c debug.c INCS= netgraph.h - -CFLAGS+= -Wall MLINKS+= netgraph.3 NgMkSockNode.3 MLINKS+= netgraph.3 NgNameNode.3 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 12 3: 9: 7 2001 Delivered-To: freebsd-audit@freebsd.org Received: from ringworld.nanolink.com (ringworld.nanolink.com [195.24.48.13]) by hub.freebsd.org (Postfix) with SMTP id EBE8B37B418 for ; Thu, 12 Jul 2001 03:08:52 -0700 (PDT) (envelope-from roam@orbitel.bg) Received: (qmail 584 invoked by uid 1000); 12 Jul 2001 10:13:06 -0000 Date: Thu, 12 Jul 2001 13:13:06 +0300 From: Peter Pentchev To: arch@FreeBSD.org Cc: audit@FreeBSD.org Subject: Re: A slight improvement of the rc system Message-ID: <20010712131306.A554@ringworld.oblivion.bg> Mail-Followup-To: arch@FreeBSD.org, audit@FreeBSD.org References: <20010704124334.F653@ringworld.oblivion.bg> <20010705174409.A15136@dragon.nuxi.com> <20010706092624.A3782@ringworld.oblivion.bg> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010706092624.A3782@ringworld.oblivion.bg>; from roam@orbitel.bg on Fri, Jul 06, 2001 at 09:26:24AM +0300 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, Jul 06, 2001 at 09:26:24AM +0300, Peter Pentchev wrote: > On Thu, Jul 05, 2001 at 05:44:10PM -0700, David O'Brien wrote: > > On Wed, Jul 04, 2001 at 12:43:34PM +0300, Peter Pentchev wrote: > > > +script_name_sep=" " # Change if your startup scripts' names contain spaces > > > > Uh... ever heard of "over engineering"? I think we can assume scripts > > don't have spaces in their names. Anyone trying and has the ability to > > change this knob knows enought to just not use spaces in a script's name. > > This is UNIX. > > Yep, this is Unix, and Unix has no arbitrary restrictions on filenames. > It does not have a 8.3 restriction, or a caps-only restriction; so why > should a *part* of the system place a no-spaces restriction on filenames? > Just about all the filesystems supported by FreeBSD allow filenames to > contain spaces; it's only logical to give the user the ability to use > them, if she so desires. > > It's not overcomplicating the code, either - the IFS shell variable > is standardized and used, which means that the shell was written with > this in mind; not allowing it is just that - not using the shell's > capabilities the way they were meant to be used. OK, so - does anyone have any other comments on the patch that a) allows specifying a script name separator != ' ', and b) runs the shutdown scripts in reverse order, so dependent services are shut down before the services they depend on? G'luck, Peter -- "yields falsehood, when appended to its quotation." yields falsehood, when appended to its quotation. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jul 12 21:59:15 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 6D94B37B403 for ; Thu, 12 Jul 2001 21:59:07 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6D5Enl24103; Fri, 13 Jul 2001 01:14:49 -0400 (EDT) (envelope-from mike) Date: Fri, 13 Jul 2001 01:14:49 -0400 (EDT) Message-Id: <200107130514.f6D5Enl24103@coffee.q9media.com> To: audit@FreeBSD.org From: Mike Barcroft Subject: nohup(1) enhancements patch Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I would appreciate comments on the patch at the end of this message, also available at: http://testbed.q9media.net/freebsd/nohup.20010713.patch Best regards, Mike Barcroft ----------------------------------------------------------------------- nohup.20010713.patch o Integrate security enhancements from OpenBSD. - Don't assume environment variable HOME is not NULL. o Integrate standards compliance from NetBSD. - Allow -- before the command. - Blocking SIGQUIT isn't standards compliant. - Proper exit(3) levels. o Remove some FreeBSD specific access(2) cruft. o Constify; Set WARNS?=2 o Tested on i386, and alpha. Index: nohup/Makefile =================================================================== RCS file: /home/ncvs/src/usr.bin/nohup/Makefile,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 Makefile --- nohup/Makefile 1994/05/27 12:32:27 1.1.1.1 +++ nohup/Makefile 2001/07/13 04:31:33 @@ -1,5 +1,6 @@ # @(#)Makefile 8.1 (Berkeley) 6/6/93 PROG= nohup +WARNS?= 2 .include Index: nohup/nohup.1 =================================================================== RCS file: /home/ncvs/src/usr.bin/nohup/nohup.1,v retrieving revision 1.8 diff -u -r1.8 nohup.1 --- nohup/nohup.1 2000/11/20 19:21:00 1.8 +++ nohup/nohup.1 2001/07/13 04:31:33 @@ -43,6 +43,7 @@ .Nd invoke a command immune to hangups .Sh SYNOPSIS .Nm +.Op Ar -- .Ar command .Op Ar arguments .Sh DESCRIPTION @@ -50,16 +51,11 @@ .Nm utility invokes .Ar command -with -its +with its .Ar arguments and at this time sets the signal .Dv SIGHUP to be ignored. -The signal -.Dv SIGQUIT -may also be set -to be ignored. If the standard output is a terminal, the standard output is appended to the file .Pa nohup.out @@ -67,10 +63,6 @@ If standard error is a terminal, it is directed to the same place as the standard output. .Pp -.Nm Nohup -exits 1 if an error occurs, otherwise the exit status is that of -.Ar command . -.Pp Some shells may provide a builtin .Nm command which is similar or identical to this utility. @@ -90,6 +82,26 @@ .Ev HOME to create the file. .El +.Sh DIAGNOSTICS +The +.Nm +utility exits with one of the following values: +.Bl -tag -width Ds +.It 126 +The +.Ar command +was found, but could not be invoked. +.It 127 +The +.Ar command +could not be found or an error occurred in +.Nm . +.El +.Pp +Otherwise, the exit status of +.Nm +will be that of +.Ar command . .Sh SEE ALSO .Xr builtin 1 , .Xr csh 1 , Index: nohup/nohup.c =================================================================== RCS file: /home/ncvs/src/usr.bin/nohup/nohup.c,v retrieving revision 1.5 diff -u -r1.5 nohup.c --- nohup/nohup.c 2000/03/26 14:46:41 1.5 +++ nohup/nohup.c 2001/07/13 04:31:33 @@ -60,64 +60,85 @@ void dofile __P((void)); static void usage __P((void)); +#define FILENAME "nohup.out" +/* nohup shall exit with one of the following values: + 126 - The utility was found, but could not be invoked. + 127 - An error occurred in the nohup utility, or the utility could + not be found. */ +#define EXIT_NOEXEC 126 +#define EXIT_NOTFOUND 127 +#define EXIT_MISC 127 + int main(argc, argv) int argc; char *argv[]; { - if (argc < 2) + int exit_status; + + while (getopt(argc, argv, "") != -1) + usage(); + argc -= optind; + argv += optind; + + if (argc < 1) usage(); if (isatty(STDOUT_FILENO)) dofile(); - if (isatty(STDERR_FILENO) && dup2(STDOUT_FILENO, STDERR_FILENO) == -1) { + if (isatty(STDERR_FILENO) && dup2(STDOUT_FILENO, STDERR_FILENO) == -1) /* may have just closed stderr */ - (void)fprintf(stdin, "nohup: %s\n", strerror(errno)); - exit(1); - } + err(EXIT_MISC, "%s", argv[0]); + /* The nohup utility shall take the standard action for all signals + except that SIGHUP shall be ignored. */ (void)signal(SIGHUP, SIG_IGN); - (void)signal(SIGQUIT, SIG_IGN); - execvp(argv[1], &argv[1]); - err(1, "%s", argv[1]); + execvp(argv[0], &argv[0]); + exit_status = (errno == ENOENT) ? EXIT_NOTFOUND : EXIT_NOEXEC; + err(1, "%s", argv[0]); + exit(exit_status); } void dofile() { - int append; int fd; - char *p, path[MAXPATHLEN]; + char path[MAXPATHLEN]; + const char *p; -#define FILENAME "nohup.out" + /* If the standard output is a terminal, all output written to + its standard output shall be appended to the end of the file + nohup.out in the current directory. If nohup.out cannot be + created or opened for appending, the output shall be appended + to the end of the file nohup.out in the directory specified + by the HOME environment variable. + + If a file is created, the file's permission bits shall be + set to S_IRUSR | S_IWUSR. */ + p = FILENAME; - append = !access(p, F_OK); - if ((fd = open(p, O_RDWR|O_CREAT, S_IRUSR | S_IWUSR)) >= 0) + if ((fd = open(p, O_RDWR|O_CREAT|O_APPEND, S_IRUSR|S_IWUSR)) != -1) goto dupit; - if ((p = getenv("HOME"))) { - (void)strcpy(path, p); - (void)strcat(path, "/"); - (void)strcat(path, FILENAME); - append = !access(path, F_OK); - if ((fd = open(p = path, - O_RDWR|O_CREAT, S_IRUSR | S_IWUSR)) >= 0) + if ((p = getenv("HOME")) != NULL && *p != '\0' && + (strlen(p) + strlen(FILENAME) + 1) < sizeof(path)) { + (void)snprintf(path, sizeof(path), "%s/%s", p, FILENAME); + if ((fd = open(p = path, O_RDWR|O_CREAT|O_APPEND, + S_IRUSR|S_IWUSR)) != -1) goto dupit; } - errx(1, "can't open a nohup.out file"); + errx(EXIT_MISC, "can't open a nohup.out file"); -dupit: (void)lseek(fd, (off_t)0, SEEK_END); +dupit: + (void)lseek(fd, (off_t)0, SEEK_END); if (dup2(fd, STDOUT_FILENO) == -1) - err(1, NULL); - if (append) - (void)fprintf(stderr, "appending output to existing %s\n", p); - else - (void)fprintf(stderr, "sending output to %s\n", p); + err(EXIT_MISC, NULL); + (void)fprintf(stderr, "sending output to %s\n", p); } void usage() { - (void)fprintf(stderr, "usage: nohup command [arguments]\n"); - exit(1); + (void)fprintf(stderr, "usage: nohup [--] command [arguments]\n"); + exit(EXIT_MISC); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 13 7:34:52 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id 3775E37B401 for ; Fri, 13 Jul 2001 07:34:42 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6DEoXF24866; Fri, 13 Jul 2001 10:50:33 -0400 (EDT) (envelope-from mike) Date: Fri, 13 Jul 2001 10:50:33 -0400 (EDT) Message-Id: <200107131450.f6DEoXF24866@coffee.q9media.com> From: Mike Barcroft To: Bruce Evans Cc: audit@FreeBSD.org Subject: Re: nohup(1) enhancements patch Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Bruce Evans writes: > > I would appreciate comments on the patch at the end of this > > message, also available at: > > http://testbed.q9media.net/freebsd/nohup.20010713.patch > >... > > o Remove some FreeBSD specific access(2) cruft. > > This summarily blows away rev.1.2. Do you mean rev 1.3? If so, yes, access(2) suffers from a race, so you can't guarantee that your appending and not creating a new file. I even thought about doing a series of open(2)s, one without O_CREAT and one with it, but that too is a race because you can't guarentee that the file wasn't created between your first and second open(2). Better to be less discriptive, than lie to the user IMO. [snipped diff] > Non-KNF-formatted comment. > Hand-formatted comment without indent(1) protection. NetBSD and OpenBSD were both using those exact formats, but you are entirely correct. Comments fixed. [snipped diff] > Excessive vertical whitespace. All excessive vertical whitespace removed. > >... > > + execvp(argv[0], &argv[0]); > > + exit_status = (errno == ENOENT) ? EXIT_NOTFOUND : EXIT_NOEXEC; > > + err(1, "%s", argv[0]); > > + exit(exit_status); > > Last 2 lines should be "err(exit_status, argv[0]);". Good spot. Fixed. [snipped diff] > Non-KNF-formatted comment. > May violate POSIX's copyright. NetBSD and OpenBSD already have these POSIX requirements in their source trees. What's the correct solution? Contact IEEE and see if we can obtain permission, just leave it in, or pull it out? > > - if ((p = getenv("HOME"))) { > > - (void)strcpy(path, p); > > - (void)strcat(path, "/"); > > - (void)strcat(path, FILENAME); > > - append = !access(path, F_OK); > > - if ((fd = open(p = path, > > - O_RDWR|O_CREAT, S_IRUSR | S_IWUSR)) >= 0) > > + if ((p = getenv("HOME")) != NULL && *p != '\0' && > > + (strlen(p) + strlen(FILENAME) + 1) < sizeof(path)) { > > + (void)snprintf(path, sizeof(path), "%s/%s", p, FILENAME); > > Why both check that the string fits and use snprintf()? I thought it was a bit easier to read, but it isn't very useful. Reverted back to strcpy/strcat. > > + if ((fd = open(p = path, O_RDWR|O_CREAT|O_APPEND, > > + S_IRUSR|S_IWUSR)) != -1) > > Even more missing spaces arund binary operators than before. Sorry, trying to keep in sync with NetBSD and OpenBSD again. Horizontal space added. New patch at the end of this message, also available at: http://testbed.q9media.net/freebsd/nohup.20010714.patch Best regards, Mike Barcroft ---------------------------------------------------------------------- nohup.20010714.patch o Integrate security enhancements from OpenBSD. - Don't assume environment variable HOME is not NULL. o Integrate standards compliance from NetBSD. - Allow -- before the command. - Blocking SIGQUIT isn't standards compliant. - Proper exit(3) levels. o Remove some FreeBSD specific access(2) cruft. o Constify; Staticize functions; Set WARNS?=2 o Tested on i386, and alpha. Index: nohup/Makefile =================================================================== RCS file: /home/ncvs/src/usr.bin/nohup/Makefile,v retrieving revision 1.1.1.1 diff -u -r1.1.1.1 Makefile --- nohup/Makefile 1994/05/27 12:32:27 1.1.1.1 +++ nohup/Makefile 2001/07/13 14:00:51 @@ -1,5 +1,6 @@ # @(#)Makefile 8.1 (Berkeley) 6/6/93 PROG= nohup +WARNS?= 2 .include Index: nohup/nohup.1 =================================================================== RCS file: /home/ncvs/src/usr.bin/nohup/nohup.1,v retrieving revision 1.8 diff -u -r1.8 nohup.1 --- nohup/nohup.1 2000/11/20 19:21:00 1.8 +++ nohup/nohup.1 2001/07/13 14:00:51 @@ -43,6 +43,7 @@ .Nd invoke a command immune to hangups .Sh SYNOPSIS .Nm +.Op Ar -- .Ar command .Op Ar arguments .Sh DESCRIPTION @@ -50,16 +51,11 @@ .Nm utility invokes .Ar command -with -its +with its .Ar arguments and at this time sets the signal .Dv SIGHUP to be ignored. -The signal -.Dv SIGQUIT -may also be set -to be ignored. If the standard output is a terminal, the standard output is appended to the file .Pa nohup.out @@ -67,10 +63,6 @@ If standard error is a terminal, it is directed to the same place as the standard output. .Pp -.Nm Nohup -exits 1 if an error occurs, otherwise the exit status is that of -.Ar command . -.Pp Some shells may provide a builtin .Nm command which is similar or identical to this utility. @@ -90,6 +82,26 @@ .Ev HOME to create the file. .El +.Sh DIAGNOSTICS +The +.Nm +utility exits with one of the following values: +.Bl -tag -width Ds +.It 126 +The +.Ar command +was found, but could not be invoked. +.It 127 +The +.Ar command +could not be found or an error occurred in +.Nm . +.El +.Pp +Otherwise, the exit status of +.Nm +will be that of +.Ar command . .Sh SEE ALSO .Xr builtin 1 , .Xr csh 1 , Index: nohup/nohup.c =================================================================== RCS file: /home/ncvs/src/usr.bin/nohup/nohup.c,v retrieving revision 1.5 diff -u -r1.5 nohup.c --- nohup/nohup.c 2000/03/26 14:46:41 1.5 +++ nohup/nohup.c 2001/07/13 14:00:51 @@ -57,67 +57,92 @@ #include #include -void dofile __P((void)); +static void dofile __P((void)); static void usage __P((void)); +#define FILENAME "nohup.out" +/* + * nohup shall exit with one of the following values: + * 126 - The utility was found, but could not be invoked. + * 127 - An error occurred in the nohup utility, or the utility could + * not be found. + */ +#define EXIT_NOEXEC 126 +#define EXIT_NOTFOUND 127 +#define EXIT_MISC 127 + int main(argc, argv) int argc; char *argv[]; { - if (argc < 2) + int exit_status; + + while (getopt(argc, argv, "") != -1) usage(); + argc -= optind; + argv += optind; + if (argc < 1) + usage(); if (isatty(STDOUT_FILENO)) dofile(); - if (isatty(STDERR_FILENO) && dup2(STDOUT_FILENO, STDERR_FILENO) == -1) { + if (isatty(STDERR_FILENO) && dup2(STDOUT_FILENO, STDERR_FILENO) == -1) /* may have just closed stderr */ - (void)fprintf(stdin, "nohup: %s\n", strerror(errno)); - exit(1); - } + err(EXIT_MISC, "%s", argv[0]); + /* The nohup utility shall take the standard action for all signals + except that SIGHUP shall be ignored. */ (void)signal(SIGHUP, SIG_IGN); - (void)signal(SIGQUIT, SIG_IGN); - execvp(argv[1], &argv[1]); - err(1, "%s", argv[1]); + execvp(argv[0], &argv[0]); + exit_status = (errno == ENOENT) ? EXIT_NOTFOUND : EXIT_NOEXEC; + err(exit_status, "%s", argv[0]); } -void +static void dofile() { - int append; int fd; - char *p, path[MAXPATHLEN]; + char path[MAXPATHLEN]; + const char *p; -#define FILENAME "nohup.out" + /* If the standard output is a terminal, all output written to + * its standard output shall be appended to the end of the file + * nohup.out in the current directory. If nohup.out cannot be + * created or opened for appending, the output shall be appended + * to the end of the file nohup.out in the directory specified + * by the HOME environment variable. + * + * If a file is created, the file's permission bits shall be + * set to S_IRUSR | S_IWUSR. + */ p = FILENAME; - append = !access(p, F_OK); - if ((fd = open(p, O_RDWR|O_CREAT, S_IRUSR | S_IWUSR)) >= 0) + fd = open(p, O_RDWR | O_CREAT | O_APPEND, S_IRUSR | S_IWUSR); + if (fd != -1) goto dupit; - if ((p = getenv("HOME"))) { + if ((p = getenv("HOME")) != NULL && *p != '\0' && + (strlen(p) + strlen(FILENAME) + 1) < sizeof(path)) { (void)strcpy(path, p); (void)strcat(path, "/"); (void)strcat(path, FILENAME); - append = !access(path, F_OK); - if ((fd = open(p = path, - O_RDWR|O_CREAT, S_IRUSR | S_IWUSR)) >= 0) + fd = open(p = path, O_RDWR | O_CREAT | O_APPEND, + S_IRUSR | S_IWUSR); + if (fd != -1) goto dupit; } - errx(1, "can't open a nohup.out file"); + errx(EXIT_MISC, "can't open a nohup.out file"); -dupit: (void)lseek(fd, (off_t)0, SEEK_END); +dupit: + (void)lseek(fd, (off_t)0, SEEK_END); if (dup2(fd, STDOUT_FILENO) == -1) - err(1, NULL); - if (append) - (void)fprintf(stderr, "appending output to existing %s\n", p); - else - (void)fprintf(stderr, "sending output to %s\n", p); + err(EXIT_MISC, NULL); + (void)fprintf(stderr, "sending output to %s\n", p); } -void +static void usage() { - (void)fprintf(stderr, "usage: nohup command [arguments]\n"); - exit(1); + (void)fprintf(stderr, "usage: nohup [--] command [arguments]\n"); + exit(EXIT_MISC); } To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 13 11:54:53 2001 Delivered-To: freebsd-audit@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id 7EFD537B406 for ; Fri, 13 Jul 2001 11:54:49 -0700 (PDT) (envelope-from nectar@nectar.com) Received: from madman.nectar.com (madman.nectar.com [10.0.1.111]) by gw.nectar.com (Postfix) with ESMTP id E6995AF4B9 for ; Fri, 13 Jul 2001 13:54:48 -0500 (CDT) Received: (from nectar@localhost) by madman.nectar.com (8.11.3/8.11.3) id f6DIsmM67761 for freebsd-audit@freebsd.org; Fri, 13 Jul 2001 13:54:48 -0500 (CDT) (envelope-from nectar) Date: Fri, 13 Jul 2001 13:54:48 -0500 From: "Jacques A. Vidrine" To: freebsd-audit@freebsd.org Subject: syslogd: bind to localhost only Message-ID: <20010713135448.A67153@madman.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-audit@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Url: http://www.nectar.com/ Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG The following patch adds a "-L" option to syslogd to force binding to localhost only. This is useful for running syslogd in a chroot'd environment, where the log socket will not be available. -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org *** syslogd.c.orig Wed Jul 11 16:41:06 2001 --- syslogd.c Thu Jul 12 12:20:38 2001 *************** *** 265,270 **** --- 265,271 ---- int MarkInterval = 20 * 60; /* interval between marks in seconds */ int MarkSeq = 0; /* mark sequence number */ int SecureMode = 0; /* when true, receive only unix domain socks */ + int LocalHostOnly = 0; /* when true, bind to only localhost */ #ifdef INET6 int family = PF_UNSPEC; /* protocol family (IPv4, IPv6 or both) */ #else *************** *** 325,331 **** pid_t ppid = 1; socklen_t len; ! while ((ch = getopt(argc, argv, "46Aa:df:kl:m:np:suv")) != -1) switch (ch) { case '4': family = PF_INET; --- 326,332 ---- pid_t ppid = 1; socklen_t len; ! while ((ch = getopt(argc, argv, "46ALa:df:kl:m:np:suv")) != -1) switch (ch) { case '4': family = PF_INET; *************** *** 338,343 **** --- 339,347 ---- case 'A': send_to_all++; break; + case 'L': + LocalHostOnly++; + break; case 'a': /* allow specific network addresses only */ if (allowaddr(optarg) == -1) usage(); *************** *** 2235,2241 **** hints.ai_flags = AI_PASSIVE; hints.ai_family = af; hints.ai_socktype = SOCK_DGRAM; ! error = getaddrinfo(NULL, "syslog", &hints, &res); if (error) { logerror(gai_strerror(error)); errno = 0; --- 2239,2248 ---- hints.ai_flags = AI_PASSIVE; hints.ai_family = af; hints.ai_socktype = SOCK_DGRAM; ! if (LocalHostOnly) ! error = getaddrinfo("localhost", "syslog", &hints, &res); ! else ! error = getaddrinfo(NULL, "syslog", &hints, &res); if (error) { logerror(gai_strerror(error)); errno = 0; *** syslogd.8.orig Thu Jul 12 12:30:08 2001 --- syslogd.8 Thu Jul 12 12:35:36 2001 *************** *** 40,46 **** .Nd log systems messages .Sh SYNOPSIS .Nm ! .Op Fl 46Adknsuv .Op Fl a Ar allowed_peer .Op Fl f Ar config_file .Op Fl m Ar mark_interval --- 40,46 ---- .Nd log systems messages .Sh SYNOPSIS .Nm ! .Op Fl 46ALdknsuv .Op Fl a Ar allowed_peer .Op Fl f Ar config_file .Op Fl m Ar mark_interval *************** *** 69,74 **** --- 69,78 ---- If this option is specified, .Nm tries to send the message to all addresses. + .It Fl L + Forces + .Nm + to bind to localhost only. .It Fl a Ar allowed_peer Allow .Ar allowed_peer To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 13 13:40:12 2001 Delivered-To: freebsd-audit@freebsd.org Received: from gw.nectar.com (gw.nectar.com [208.42.49.153]) by hub.freebsd.org (Postfix) with ESMTP id B718B37B401 for ; Fri, 13 Jul 2001 13:39:53 -0700 (PDT) (envelope-from nectar@nectar.com) Received: from madman.nectar.com (madman.nectar.com [10.0.1.111]) by gw.nectar.com (Postfix) with ESMTP id 1735EAF4BF for ; Fri, 13 Jul 2001 15:39:53 -0500 (CDT) Received: (from nectar@localhost) by madman.nectar.com (8.11.3/8.11.3) id f6DKdqY68031 for freebsd-audit@freebsd.org; Fri, 13 Jul 2001 15:39:52 -0500 (CDT) (envelope-from nectar) Date: Fri, 13 Jul 2001 15:39:46 -0500 From: "Jacques A. Vidrine" To: freebsd-audit@freebsd.org Subject: Add `ServerPrincipalFromSocket' option to sshd Message-ID: <20010713153946.G67153@madman.nectar.com> Mail-Followup-To: "Jacques A. Vidrine" , freebsd-audit@freebsd.org Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i X-Url: http://www.nectar.com/ Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Our sshd very annoyingly uses the hostname to form the principal it uses for Kerberos authentication. This is especially a problem on machines with multiple IP addresses. The following patch adds a `ServerPrincipalFromSocket' option (which defaults to `no'). When this option is set, sshd will behave as most other Kerberized daemons and use getsockname() to determine what principal name to use. Incidently, I also added a debug message which displays what principal will be used. Index: auth-krb5.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/auth-krb5.c,v retrieving revision 1.8 diff -u -r1.8 auth-krb5.c --- auth-krb5.c 2001/06/12 03:43:47 1.8 +++ auth-krb5.c 2001/07/13 20:26:24 @@ -11,7 +11,7 @@ #include "xmalloc.h" #ifdef KRB5 - +extern ServerOptions options; krb5_context ssh_context = NULL; krb5_auth_context auth_context; krb5_ccache mem_ccache = NULL; /* Credential cache for acquired ticket */ @@ -50,9 +50,14 @@ ret = 0; goto err; } - + + if (options.server_principal_from_socket) { + problem = krb5_sock_to_principal(ssh_context, fd, "host", + KRB5_NT_SRV_HST, &server); + } else { problem = krb5_sname_to_principal(ssh_context, NULL, NULL , KRB5_NT_SRV_HST, &server); + } if (problem) { ret = 0; goto err; Index: servconf.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/servconf.c,v retrieving revision 1.22 diff -u -r1.22 servconf.c --- servconf.c 2001/05/04 04:14:22 1.22 +++ servconf.c 2001/07/13 20:29:55 @@ -80,6 +80,7 @@ #endif #ifdef KRB5 options->krb5_tgt_passing = -1; + options->server_principal_from_socket = -1; #endif /* KRB5 */ #ifdef AFS options->krb4_tgt_passing = -1; @@ -195,6 +196,8 @@ #ifdef KRB5 if (options->krb5_tgt_passing == -1) options->krb5_tgt_passing = 1; + if (options->server_principal_from_socket == -1) + options->server_principal_from_socket = 0; #endif /* KRB5 */ #ifdef AFS if (options->krb4_tgt_passing == -1) @@ -244,6 +247,7 @@ #endif #ifdef KRB5 sKrb5TgtPassing, + sServerPrincipalFromSocket, #endif /* KRB5 */ #ifdef AFS sKrb4TgtPassing, sAFSTokenPassing, @@ -293,6 +297,7 @@ #endif #ifdef KRB5 { "kerberos5tgtpassing", sKrb5TgtPassing }, + { "serverprincipalfromsocket", sServerPrincipalFromSocket }, #endif /* KRB5 */ #ifdef AFS { "kerberos4tgtpassing", sKrb4TgtPassing }, @@ -620,6 +625,10 @@ #ifdef KRB5 case sKrb5TgtPassing: intptr = &options->krb5_tgt_passing; + goto parse_flag; + + case sServerPrincipalFromSocket: + intptr = &options->server_principal_from_socket; goto parse_flag; #endif /* KRB5 */ Index: servconf.h =================================================================== RCS file: /home/ncvs/src/crypto/openssh/servconf.h,v retrieving revision 1.9 diff -u -r1.9 servconf.h --- servconf.h 2001/05/04 04:14:22 1.9 +++ servconf.h 2001/07/13 20:27:28 @@ -88,6 +88,10 @@ #endif #ifdef KRB5 int krb5_tgt_passing; + int server_principal_from_socket; /* If true, use the socket name + instead of the hostname for + the server principal. */ + #endif /* KRB5 */ #ifdef AFS Index: sshconnect.c =================================================================== RCS file: /home/ncvs/src/crypto/openssh/sshconnect.c,v retrieving revision 1.17 diff -u -r1.17 sshconnect.c --- sshconnect.c 2001/05/04 04:37:49 1.17 +++ sshconnect.c 2001/07/13 20:31:22 @@ -739,6 +739,10 @@ int type, payload_len; krb5_ap_rep_enc_part *reply = NULL; int ret; + char **realms; + char *real_hostname; + krb5_principal server; + char sname[128]; memset(&ap, 0, sizeof(ap)); @@ -765,9 +769,29 @@ } remotehost = get_canonical_hostname(1); - - problem = krb5_mk_req(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, - "host", remotehost, NULL, ccache, &ap); + problem = krb5_expand_hostname_realms(*context, remotehost, &real_hostname, + &realms); + if (problem) { + ret = 0; + goto out; + } + problem = krb5_build_principal(*context, &server, strlen(*realms), *realms, + "host", real_hostname, NULL); + free(real_hostname); + krb5_free_host_realm(*context, realms); + if (problem) { + ret = 0; + goto out; + } + problem = krb5_unparse_name_fixed(*context, server, sname, sizeof(sname)); + if (problem) { + fatal("krb5_unparse_name_fixed failed: %s", + krb5_get_err_text(*context, problem)); + } + debug("Kerberos V5: trying %s.", sname); + + problem = krb5_mk_req_exact(*context, auth_context, AP_OPTS_MUTUAL_REQUIRED, + server, NULL, ccache, &ap); if (problem) { ret = 0; goto out; Index: sshd_config =================================================================== RCS file: /home/ncvs/src/crypto/openssh/sshd_config,v retrieving revision 1.17 diff -u -r1.17 sshd_config --- sshd_config 2001/05/18 18:10:02 1.17 +++ sshd_config 2001/07/13 20:26:24 @@ -56,6 +56,9 @@ #KerberosOrLocalPasswd yes #AFSTokenPassing no #KerberosTicketCleanup no +# Set the following in order to use the socket name rather than the hostname +# for the Kerberos server principal. +#ServerPrincipalFromSocket no # Kerberos TGT Passing does only work with the AFS kaserver #KerberosTgtPassing yes -- Jacques Vidrine / n@nectar.com / jvidrine@verio.net / nectar@FreeBSD.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Fri Jul 13 19: 7:22 2001 Delivered-To: freebsd-audit@freebsd.org Received: from hermes.dialup.ru (hermes.dialup.ru [194.87.16.230]) by hub.freebsd.org (Postfix) with ESMTP id 5AD9C37B403; Fri, 13 Jul 2001 19:07:07 -0700 (PDT) (envelope-from ache@hermes.dialup.ru) Received: (from ache@localhost) by hermes.dialup.ru (8.11.4/8.11.4) id f6E276O08156; Sat, 14 Jul 2001 06:07:06 +0400 (MSD) (envelope-from ache) Date: Sat, 14 Jul 2001 06:07:06 +0400 From: "Andrey A. Chernov" To: jkh@freebsd.org, audit@freebsd.org Subject: CFR: add /etc/ttys console tuning to sysinstall Message-ID: <20010714060706.A8133@nagual.pp.ru> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --- /dev/null Sat Jul 14 05:55:00 2001 +++ ttys.c Sat Jul 14 05:20:29 2001 @@ -0,0 +1,155 @@ +/* + * The new sysinstall program. + * + * This is probably the last program in the `sysinstall' line - the next + * generation being essentially a complete rewrite. + * + * $FreeBSD$ + * + * Copyright (c) 2001 + * Andrey A. Chernov. All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer, + * verbatim and that no modifications are made prior to this + * point in the file. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY ANDREY A. CHERNOV ``AS IS'' AND + * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE + * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE + * ARE DISCLAIMED. IN NO EVENT SHALL JORDAN HUBBARD OR HIS PETS BE LIABLE + * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL + * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS + * OR SERVICES; LOSS OF USE, DATA, LIFE OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT + * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY + * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF + * SUCH DAMAGE. + * + */ + +#include "sysinstall.h" +#include +#include +#include + +void +configTtys(void) +{ + int len, t, tlen, changed; + FILE *fp, *np; + char sq, *line, *p, *q, *cp, *tptr; + char templ[20]; + struct ttyent *tnam; + + if ((cp = variable_get(VAR_CONSTERM)) == NULL || + strcmp(cp, "NO") == 0) + return; + if (!file_readable(_PATH_TTYS)) { + msgConfirm("%s not exist or not readable", _PATH_TTYS); + return; + } + if ((fp = fopen(_PATH_TTYS, "r")) == NULL) { + msgConfirm("Can't open %s for read: %s", _PATH_TTYS, + strerror(errno)); + return; + } + strcpy(templ, _PATH_TTYS ".XXXXXX"); + if ((t = mkstemp(templ)) < 0) { + msgConfirm("Can't create %s: %s", templ, strerror(errno)); + (void)fclose(fp); + return; + } + if (fchmod(t, 0644)) { + msgConfirm("Can't fchmod %s: %s", templ, strerror(errno)); + (void)fclose(fp); + return; + } + if ((np = fdopen(t, "w")) == NULL) { + msgConfirm("Can't fdopen %s: %s", templ, strerror(errno)); + (void)close(t); + (void)fclose(fp); + (void)unlink(templ); + return; + } + changed = 0; + while ((line = fgetln(fp, &len)) != NULL) { + p = line; + while (p < (line + len) && isspace((unsigned char)*p)) + ++p; + if (strncmp(p, "ttyv", 4) != 0) { + dump: + if (fwrite(line, len, 1, np) != 1) { + wrerr: + msgConfirm("%s: write error: %s", templ, strerror(errno)); + (void)fclose(fp); + (void)fclose(np); + (void)unlink(templ); + return; + } + } else { + q = p; + while(q < (line + len) && !isspace((unsigned char)*q)) + ++q; + if (!isspace((unsigned char)*q)) + goto dump; + sq = *q; + *q = '\0'; + tnam = getttynam(p); + *q = sq; + if (tnam == NULL || tnam->ty_type == NULL || + strcmp(tnam->ty_type, cp) == 0 || + strncmp(tnam->ty_type, "cons", 4) != 0 || + !isdigit((unsigned char)tnam->ty_type[4]) + ) + goto dump; + tlen = strlen(tnam->ty_type); + tptr = NULL; + p = ++q; + while(p < (line + len)) { + if (strncmp(p, tnam->ty_type, tlen) == 0) { + tptr = p; + break; + } + ++p; + } + if (tptr == NULL) + goto dump; + changed = 1; + if (fwrite(line, tptr - line, 1, np) != 1 || + fputs(cp, np) || + fwrite(tptr + tlen, + len - (tptr + tlen - line), 1, np) != 1) + goto wrerr; + } + } + if (!feof(fp)) { + msgConfirm("%s: read error: %s", _PATH_TTYS, strerror(errno)); + (void)fclose(fp); + (void)fclose(np); + (void)unlink(templ); + return; + } + (void)fclose(fp); + if (fclose(np)) { + if (changed) + msgConfirm("%s: close error: %s", templ, strerror(errno)); + (void)unlink(templ); + return; + } + if (!changed) { + (void)unlink(templ); + return; + } + if (rename(templ, _PATH_TTYS)) { + msgConfirm("Can't rename %s to %s: %s", templ, _PATH_TTYS, + strerror(errno)); + return; + } +} --- menus.c.old Fri Jul 13 23:01:28 2001 +++ menus.c Sat Jul 14 05:03:38 2001 @@ -264,6 +264,7 @@ { " Syscons, Keyrate", "The console key rate configuration menu.", NULL, dmenuSubmenu, NULL, &MenuSysconsKeyrate }, { " Syscons, Saver", "The console screen saver configuration menu.", NULL, dmenuSubmenu, NULL, &MenuSysconsSaver }, { " Syscons, Screenmap", "The console screenmap configuration menu.", NULL, dmenuSubmenu, NULL, &MenuSysconsScrnmap }, + { " Syscons, Ttys", "The console terminal type menu.", NULL, dmenuSubmenu, NULL, &MenuSysconsTtys }, { " Time Zone", "Set the system's time zone.", NULL, dmenuSystemCommand, NULL, "tzsetup" }, { " Upgrade", "Upgrade an existing system.", NULL, installUpgrade }, { " Usage", "Quick start - How to use this menu system.", NULL, dmenuDisplayFile, NULL, "usage" }, @@ -1431,6 +1432,7 @@ { "4 Repeat", "Set the rate at which keys repeat", NULL, dmenuSubmenu, NULL, &MenuSysconsKeyrate }, { "5 Saver", "Configure the screen saver", NULL, dmenuSubmenu, NULL, &MenuSysconsSaver }, { "6 Screenmap", "Choose an alternate screenmap", NULL, dmenuSubmenu, NULL, &MenuSysconsScrnmap }, + { "7 Ttys", "Choose console terminal type", NULL, dmenuSubmenu, NULL, &MenuSysconsTtys }, { NULL } }, }; @@ -1585,6 +1587,25 @@ { "KOI8-R to IBM866", "Russian KOI8-R to IBM 866 screenmap", dmenuVarCheck, dmenuSetVariable, NULL, "scrnmap=koi8-r2cp866" }, { "KOI8-U to IBM866u", "Ukrainian KOI8-U to IBM 866u screenmap", dmenuVarCheck, dmenuSetVariable, NULL, "scrnmap=koi8-u2cp866u" }, { "ISO 8859-1 to IBM437", "W-Europe ISO 8859-1 to IBM 437 screenmap", dmenuVarCheck, dmenuSetVariable, NULL, "scrnmap=iso-8859-1_to_cp437" }, + { NULL } }, +}; + +DMenu MenuSysconsTtys = { + DMENU_RADIO_TYPE | DMENU_SELECTION_RETURNS, + "System Console Terminal Type", + "For various console encodings corresponding terminal type\n" + "must be choosed in /etc/ttys.\n" + "WARNING: due to compatibility reasons, only entries started with\n" + "ttyv and with terminal type started with cons[0-9] can be changed\n" + "via this menu.\n", + "Choose a terminal type", + NULL, + { { "1 None", "Don't touch anything", dmenuVarCheck, dmenuSetVariable, NULL, VAR_CONSTERM "=NO" }, + { "2 US-ASCII or IBM437", "cons25", dmenuVarCheck, dmenuSetVariable, NULL, VAR_CONSTERM "=cons25" }, + { "3 ISO 8859-1", "cons25l1", dmenuVarCheck, dmenuSetVariable, NULL, VAR_CONSTERM "=cons25l1" }, + { "4 ISO 8859-2", "cons25l2", dmenuVarCheck, dmenuSetVariable, NULL, VAR_CONSTERM "=cons25l2" }, + { "5 KOI8-R", "cons25r", dmenuVarCheck, dmenuSetVariable, NULL, VAR_CONSTERM "=cons25r" }, + { "6 KOI8-U", "cons25u", dmenuVarCheck, dmenuSetVariable, NULL, VAR_CONSTERM "=cons25u" }, { NULL } }, }; --- Makefile.old Mon Jun 18 06:01:11 2001 +++ Makefile Sat Jul 14 04:06:56 2001 @@ -11,8 +11,8 @@ ftp.c globals.c http.c index.c install.c installUpgrade.c keymap.c \ label.c main.c makedevs.c media.c menus.c misc.c modules.c \ mouse.c msg.c network.c nfs.c options.c package.c pccard.c \ - system.c tape.c tcpip.c termcap.c ufs.c usb.c user.c variable.c \ - wizard.c keymap.h + system.c tape.c tcpip.c termcap.c ttys.c ufs.c usb.c user.c \ + variable.c wizard.c keymap.h CFLAGS+= -Wall -I${.CURDIR}/../../gnu/lib/libdialog -I. .if ${MACHINE} == "pc98" --- install.c.old Fri Jul 13 23:01:27 2001 +++ install.c Sat Jul 14 04:29:39 2001 @@ -1075,6 +1075,7 @@ else variable_set2(SYSTEM_STATE, "init", 0); variable_set2(VAR_NEWFS_ARGS, "-b 8192 -f 1024 -c 22", 0); + variable_set2(VAR_CONSTERM, "NO", 0); return DITEM_SUCCESS; } --- sysinstall.h.old Fri Jul 13 23:01:28 2001 +++ sysinstall.h Sat Jul 14 04:40:27 2001 @@ -176,6 +176,7 @@ #define VAR_VAR_SIZE "varSize" #define VAR_XF86_CONFIG "_xf86config" #define VAR_TERM "TERM" +#define VAR_CONSTERM "_consterm" #define DEFAULT_TAPE_BLOCKSIZE "20" @@ -386,6 +387,7 @@ extern DMenu MenuSysconsKeyrate; /* System console keyrate configuration menu */ extern DMenu MenuSysconsSaver; /* System console saver configuration menu */ extern DMenu MenuSysconsScrnmap; /* System console screenmap configuration menu */ +extern DMenu MenuSysconsTtys; /* System console terminal type menu */ extern DMenu MenuNetworking; /* Network configuration menu */ extern DMenu MenuInstallCustom; /* Custom Installation menu */ extern DMenu MenuDistributions; /* Distribution menu */ @@ -744,6 +746,9 @@ /* termcap.c */ extern int set_termcap(void); + +/* ttys.c */ +extern void configTtys(void); /* ufs.c */ extern void mediaShutdownUFS(Device *dev); --- config.c.old Sat Jul 14 04:06:32 2001 +++ config.c Sat Jul 14 04:40:27 2001 @@ -383,6 +383,7 @@ char *cp; static int did_marker = 0; + configTtys(); write_header = !file_readable("/etc/rc.conf"); rcSite = fopen("/etc/rc.conf", "a"); if (!rcSite) -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 8:52:41 2001 Delivered-To: freebsd-audit@freebsd.org Received: from coffee.q9media.com (coffee.q9media.com [216.94.229.19]) by hub.freebsd.org (Postfix) with ESMTP id A59B537B407; Sat, 14 Jul 2001 08:52:39 -0700 (PDT) (envelope-from mike@coffee.q9media.com) Received: (from mike@localhost) by coffee.q9media.com (8.11.2/8.11.2) id f6EG8bh28861; Sat, 14 Jul 2001 12:08:37 -0400 (EDT) (envelope-from mike) Date: Sat, 14 Jul 2001 12:08:37 -0400 (EDT) Message-Id: <200107141608.f6EG8bh28861@coffee.q9media.com> From: Mike Barcroft To: "Andrey A. Chernov" Cc: jkh@freebsd.org, audit@freebsd.org Subject: Re: CFR: add /etc/ttys console tuning to sysinstall Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG In configTtys(): [...] > + char templ[20]; [...] > + strcpy(templ, _PATH_TTYS ".XXXXXX"); [...] This makes the assumption that _PATH_TTYS is < 13. Maybe you should do something like: #define _X_EXTENTION ".XXXXXX" char templ[sizeof(_PATH_TTYS) + sizeof(_X_EXTENTION) - 1]; strcpy(templ, _PATH_TTYS _X_EXTENTION); Or you could use strlcpy(3) to be paranoid. Best regards, Mike Barcroft To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 10:15: 0 2001 Delivered-To: freebsd-audit@freebsd.org Received: from nagual.pp.ru (pobrecita.freebsd.ru [194.87.13.42]) by hub.freebsd.org (Postfix) with ESMTP id EEF2C37B405; Sat, 14 Jul 2001 10:14:56 -0700 (PDT) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.11.4/8.11.4) id f6EHEk188232; Sat, 14 Jul 2001 21:14:46 +0400 (MSD) (envelope-from ache) Date: Sat, 14 Jul 2001 21:14:44 +0400 From: "Andrey A. Chernov" To: Mike Barcroft Cc: jkh@freebsd.org, audit@freebsd.org Subject: Re: CFR: add /etc/ttys console tuning to sysinstall Message-ID: <20010714211443.A88133@nagual.pp.ru> References: <200107141608.f6EG8bh28861@coffee.q9media.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200107141608.f6EG8bh28861@coffee.q9media.com> User-Agent: Mutt/1.3.19i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sat, Jul 14, 2001 at 12:08:37 -0400, Mike Barcroft wrote: > In configTtys(): > [...] > > + char templ[20]; > [...] > > + strcpy(templ, _PATH_TTYS ".XXXXXX"); > [...] > > This makes the assumption that _PATH_TTYS is < 13. Maybe you should > do something like: > > #define _X_EXTENTION ".XXXXXX" > char templ[sizeof(_PATH_TTYS) + sizeof(_X_EXTENTION) - 1]; > strcpy(templ, _PATH_TTYS _X_EXTENTION); Ok. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 11:26: 3 2001 Delivered-To: freebsd-audit@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id 206E937B403; Sat, 14 Jul 2001 11:25:48 -0700 (PDT) (envelope-from mjacob@feral.com) Received: from beppo (mjacob@beppo [192.67.166.79]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f6EIPlS87903; Sat, 14 Jul 2001 11:25:47 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Sat, 14 Jul 2001 11:25:46 -0700 (PDT) From: Matthew Jacob X-Sender: mjacob@beppo Reply-To: mjacob@feral.com To: smp@freebsd.org, audit@freebsd.org Subject: planned change to mbinit code and minor changes to mp startup In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Problem: the MB init and alloc code assumes that in the SMP case that there is a dense array of CPU ids for the CPUs present and reported via mp_ncpus. This is not true and cannot be true for a number of reasons: a) CPUids don't always start at 0 (e.g, Alpha 8200) b) CPUs may be disabled, leaving holes in the map. c) CPUs may (eventually) want to come and go while we're running. I thought about making cpuid a 'virtual' construct. We may eventually want to do this, but this only solves #a/#b- it will not move us toward #c. And it can get somewhat dicey for the amount of code to check and change by doing this. Below is a partial solution that takes the approach of just checking who is 'absent' when mbinit is called. It requires that all_cpus be set sensibly whether there are more than one cpu or not (which makes sense too). Making this change allows the ALpha 8200s to work again and also allows disabling arbitrary CPUs leaving holes in the CPU map to work without getting out of sync. -matt Index: kern/subr_mbuf.c =================================================================== RCS file: /home/ncvs/src/sys/kern/subr_mbuf.c,v retrieving revision 1.2 diff -u -r1.2 subr_mbuf.c --- kern/subr_mbuf.c 2001/06/22 16:03:23 1.2 +++ kern/subr_mbuf.c 2001/07/14 18:14:30 @@ -48,7 +48,12 @@ /* * Maximum number of PCPU containers. If you know what you're doing you could * explicitly define MBALLOC_NCPU to be exactly the number of CPUs on your - * system during compilation, and thus prevent kernel structure bloats. + * system during compilation, and thus prevent kernel structure bloat. + * + * SMP and non-SMP kernels clearly have a different number of possible cpus, + * but because we cannot assume a dense array of CPUs, we always allocate + * and traverse PCPU containers up to NCPU amount and merely check for + * CPU availability. */ #ifdef MBALLOC_NCPU #define NCPU MBALLOC_NCPU @@ -57,12 +62,11 @@ #endif /* - * SMP and non-SMP kernels clearly have a different number of possible cpus. */ #ifdef SMP -#define NCPU_PRESENT mp_ncpus +#define CPU_ABSENT(x) ((all_cpus & (1 << x)) == 0) #else -#define NCPU_PRESENT 1 +#define CPU_ABSENT(x) 0 #endif /* @@ -388,7 +392,10 @@ /* * Allocate and initialize PCPU containers. */ - for (i = 0; i < NCPU_PRESENT; i++) { + for (i = 0; i < NCPU; i++) { + if (CPU_ABSENT(i)) { + continue; + } mb_list_mbuf.ml_cntlst[i] = malloc(sizeof(struct mb_pcpu_list), M_MBUF, M_NOWAIT); mb_list_clust.ml_cntlst[i] = malloc(sizeof(struct mb_pcpu_list), @@ -626,7 +633,9 @@ * Cycle all the PCPU containers. Increment starved counts if found * empty. */ - for (i = 0; i < NCPU_PRESENT; i++) { + for (i = 0; i < NCPU; i++) { + if (CPU_ABSENT(i)) + continue; cnt_lst = MB_GET_PCPU_LIST_NUM(mb_list, i); MB_LOCK_CONT(cnt_lst); Index: powerpc/powerpc/mp_machdep.c =================================================================== RCS file: /home/ncvs/src/sys/powerpc/powerpc/mp_machdep.c,v retrieving revision 1.8 diff -u -r1.8 mp_machdep.c --- powerpc/powerpc/mp_machdep.c 2001/06/16 07:14:07 1.8 +++ powerpc/powerpc/mp_machdep.c 2001/07/14 18:15:14 @@ -51,6 +51,7 @@ int cpu_mp_probe(void) { + all_cpus = 1; /* needed for MB init code */ return 0; } Index: ia64/ia64/mp_machdep.c =================================================================== RCS file: /home/ncvs/src/sys/ia64/ia64/mp_machdep.c,v retrieving revision 1.17 diff -u -r1.17 mp_machdep.c --- ia64/ia64/mp_machdep.c 2001/05/15 23:22:24 1.17 +++ ia64/ia64/mp_machdep.c 2001/07/14 18:15:14 @@ -71,6 +71,7 @@ int cpu_mp_probe() { + all_cpus = 1; /* Needed for MB init code */ return (0); } Index: i386/i386/mp_machdep.c =================================================================== RCS file: /home/ncvs/src/sys/i386/i386/mp_machdep.c,v retrieving revision 1.160 diff -u -r1.160 mp_machdep.c --- i386/i386/mp_machdep.c 2001/07/12 06:32:50 1.160 +++ i386/i386/mp_machdep.c 2001/07/14 18:15:15 @@ -406,6 +406,12 @@ int cpu_mp_probe(void) { + /* + * Record BSP in CPU map + * This is done here so that MBUF init code works correctly. + */ + all_cpus = 1; + return (mp_capable); } @@ -1928,9 +1934,6 @@ outb(CMOS_REG, BIOS_RESET); mpbiosreason = inb(CMOS_DATA); #endif - - /* record BSP in CPU map */ - all_cpus = 1; /* set up temporary P==V mapping for AP boot */ /* XXX this is a hack, we should boot the AP on its own stack/PTD */ Index: alpha/alpha/mp_machdep.c =================================================================== RCS file: /home/ncvs/src/sys/alpha/alpha/mp_machdep.c,v retrieving revision 1.22 diff -u -r1.22 mp_machdep.c --- alpha/alpha/mp_machdep.c 2001/06/29 11:10:25 1.22 +++ alpha/alpha/mp_machdep.c 2001/07/14 18:15:47 @@ -301,6 +303,11 @@ /* XXX: Need to check for valid platforms here. */ + boot_cpu_id = PCPU_GET(cpuid); + KASSERT(boot_cpu_id == hwrpb->rpb_primary_cpu_id, + ("cpu_mp_probe() called on non-primary CPU")); + all_cpus = 1 << boot_cpu_id; + mp_ncpus = 1; /* Make sure we have at least one secondary CPU. */ @@ -324,17 +331,14 @@ } void -cpu_mp_start() +cpu_mp_start(void) { int i; mtx_init(&ap_boot_mtx, "ap boot", MTX_SPIN); - boot_cpu_id = PCPU_GET(cpuid); - KASSERT(boot_cpu_id == hwrpb->rpb_primary_cpu_id, - ("mp_start() called on non-primary CPU")); - all_cpus = 1 << boot_cpu_id; for (i = 0; i < hwrpb->rpb_pcs_cnt; i++) { struct pcs *pcsp; if (i == boot_cpu_id) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 13:19:22 2001 Delivered-To: freebsd-audit@freebsd.org Received: from sneakerz.org (sneakerz.org [216.33.66.254]) by hub.freebsd.org (Postfix) with ESMTP id 30FA437B401; Sat, 14 Jul 2001 13:19:13 -0700 (PDT) (envelope-from bright@sneakerz.org) Received: by sneakerz.org (Postfix, from userid 1092) id B2D395D010; Sat, 14 Jul 2001 15:19:02 -0500 (CDT) Date: Sat, 14 Jul 2001 15:19:02 -0500 From: Alfred Perlstein To: Matthew Jacob Cc: smp@freebsd.org, audit@freebsd.org Subject: Re: planned change to mbinit code and minor changes to mp startup Message-ID: <20010714151902.A15299@sneakerz.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from mjacob@feral.com on Sat, Jul 14, 2001 at 11:25:46AM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Matthew Jacob [010714 13:26] wrote: > > Problem: the MB init and alloc code assumes that in the SMP case that there is > a dense array of CPU ids for the CPUs present and reported via mp_ncpus. > > This is not true and cannot be true for a number of reasons: > > a) CPUids don't always start at 0 (e.g, Alpha 8200) > b) CPUs may be disabled, leaving holes in the map. > c) CPUs may (eventually) want to come and go while we're running. > > I thought about making cpuid a 'virtual' construct. We may eventually want to > do this, but this only solves #a/#b- it will not move us toward #c. And it can > get somewhat dicey for the amount of code to check and change by doing this. > > Below is a partial solution that takes the approach of just checking who is > 'absent' when mbinit is called. It requires that all_cpus be set sensibly > whether there are more than one cpu or not (which makes sense too). > > Making this change allows the ALpha 8200s to work again and also allows > disabling arbitrary CPUs leaving holes in the CPU map to work without getting > out of sync. No, this patch is a very bad idea for the simple reason that it makes the mbuf allocator figure out which cpus are absent. The mbuf subsystem shouldn't look for holes/sparseness in the number of cpus. The correct thing is to make "mp_ncpus" equal to the max amount of CPUs in the system, then everything will work properly, not onlt that but if you ever get a machine with hot swap cpus you can easily spin up another CPU while running without issues. Lastly, the functions to set mp_ncpus to 1 should be in machine independant code for non-SMP boxes. -- -Alfred Perlstein [alfred@freebsd.org] Ok, who wrote this damn function called '??'? And why do my programs keep crashing in it? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 13:23:13 2001 Delivered-To: freebsd-audit@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id D9BB737B401; Sat, 14 Jul 2001 13:23:07 -0700 (PDT) (envelope-from mjacob@feral.com) Received: from wonky.feral.com (wonky.feral.com [192.67.166.7]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f6EKN6S89387; Sat, 14 Jul 2001 13:23:06 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Sat, 14 Jul 2001 13:22:53 -0700 (PDT) From: Matthew Jacob Reply-To: To: Alfred Perlstein Cc: , Subject: Re: planned change to mbinit code and minor changes to mp startup In-Reply-To: <20010714151902.A15299@sneakerz.org> Message-ID: <20010714132021.G29314-100000@wonky.feral.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > > No, this patch is a very bad idea for the simple reason that it > makes the mbuf allocator figure out which cpus are absent. > > The mbuf subsystem shouldn't look for holes/sparseness in the > number of cpus. > > The correct thing is to make "mp_ncpus" equal to the max amount > of CPUs in the system, then everything will work properly, not > onlt that but if you ever get a machine with hot swap cpus you > can easily spin up another CPU while running without issues. Okay. Thanks for the review! I like your approach better except for the fact it consumes more resources by creating resource maps and locks for non-existent CPUs. > Lastly, the functions to set mp_ncpus to 1 should be in > machine independant code for non-SMP boxes. Can you say a bit more about what you mean here? -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 13:28: 7 2001 Delivered-To: freebsd-audit@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id 6453437B406; Sat, 14 Jul 2001 13:27:58 -0700 (PDT) (envelope-from mjacob@feral.com) Received: from wonky.feral.com (wonky.feral.com [192.67.166.7]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f6EKRvS89464; Sat, 14 Jul 2001 13:27:57 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Sat, 14 Jul 2001 13:27:43 -0700 (PDT) From: Matthew Jacob Reply-To: To: Alfred Perlstein Cc: , Subject: Re: planned change to mbinit code and minor changes to mp startup In-Reply-To: <20010714151902.A15299@sneakerz.org> Message-ID: <20010714132629.D29314-100000@wonky.feral.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG One other note: > The mbuf subsystem shouldn't look for holes/sparseness in the > number of cpus. I'm not sure you understood the dense/sparse issue. CPUID != #cpus, so in order to keep your semantics of mp_ncpus equal the maxmimum possible # cpus, mp_ncpus will equal, perforce, the highest possible cpuid. -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 13:42:15 2001 Delivered-To: freebsd-audit@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id C73A537B405; Sat, 14 Jul 2001 13:42:07 -0700 (PDT) (envelope-from mjacob@feral.com) Received: from wonky.feral.com (wonky.feral.com [192.67.166.7]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f6EKg6S89645; Sat, 14 Jul 2001 13:42:06 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Sat, 14 Jul 2001 13:41:53 -0700 (PDT) From: Matthew Jacob Reply-To: To: Alfred Perlstein Cc: , Subject: Re: planned change to mbinit code and minor changes to mp startup In-Reply-To: <20010714132629.D29314-100000@wonky.feral.com> Message-ID: <20010714134008.F29314-100000@wonky.feral.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG The more I look at the resource wastage for allocating for CPUs that aren't active, the more I think that this is not right. You're going to suck down not only maps but filled buckets. I would appreciate further discussion on this. -matt On Sat, 14 Jul 2001, Matthew Jacob wrote: > > One other note: > > > The mbuf subsystem shouldn't look for holes/sparseness in the > > number of cpus. > > I'm not sure you understood the dense/sparse issue. > > CPUID != #cpus, so in order to keep your semantics of mp_ncpus equal the > maxmimum possible # cpus, mp_ncpus will equal, perforce, the highest possible > cpuid. > > -matt > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-smp" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 14:43: 9 2001 Delivered-To: freebsd-audit@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id D392237B401; Sat, 14 Jul 2001 14:41:47 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6ELflx27984; Sat, 14 Jul 2001 14:41:47 -0700 Date: Sat, 14 Jul 2001 14:41:47 -0700 From: Brooks Davis To: net@freebsd.org, audit@freebsd.org Subject: review request: if_faith modernization Message-ID: <20010714144147.A27610@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="KsGdsel6WgEHnImy" Content-Disposition: inline User-Agent: Mutt/1.2.5i Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --KsGdsel6WgEHnImy Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Please review the following patch. It makes the faith interface loadable, unloadable, and clonable. It also converts it from a count device to an option device. A copy is also available at: http://people.freebsd.org/~brooks/patches/faith.diff Thanks, Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 Index: sys/conf/files =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/conf/files,v retrieving revision 1.551 diff -u -r1.551 files --- sys/conf/files 2001/07/14 08:25:18 1.551 +++ sys/conf/files 2001/07/14 21:21:45 @@ -892,7 +892,7 @@ net/if_disc.c optional disc net/if_ef.c optional ef net/if_ethersubr.c optional ether -net/if_faith.c count faith +net/if_faith.c optional faith net/if_fddisubr.c optional fddi net/if_gif.c optional gif net/if_iso88025subr.c optional token @@ -1018,6 +1018,7 @@ netgraph/ng_echo.c optional netgraph_echo netgraph/ng_ether.c optional netgraph_ether netgraph/ng_frame_relay.c optional netgraph_frame_relay +netgraph/ng_gif.c optional netgraph_gif netgraph/ng_hole.c optional netgraph_hole netgraph/ng_iface.c optional netgraph_iface netgraph/ng_ksocket.c optional netgraph_ksocket Index: sys/modules/Makefile =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/modules/Makefile,v retrieving revision 1.190 diff -u -r1.190 Makefile --- sys/modules/Makefile 2001/07/08 04:17:26 1.190 +++ sys/modules/Makefile 2001/07/13 23:10:49 @@ -6,21 +6,122 @@ _random=3D random .endif =20 -SUBDIR=3D 3dfx accf_data accf_http agp aha amr an aue \ - cam ccd cd9660 coda cue dc de digi ed fdescfs fdc fs fxp \ - if_disc if_ef if_gif if_ppp if_sl if_stf if_tap if_tun \ - ip6fw ipfilter ipfw ispfw joy kue lge \ - libmchain linux lnc md mii mlx msdosfs ncp netgraph nfs nge nmdm ntfs \ - nullfs nwfs pcn portalfs procfs ${_random} \ - rl rp sf sis sk sn snp sound sppp ste sym syscons sysvipc ti tl twe \ - tx udbp ugen uhid ukbd ulpt umapfs umass umodem ums unionfs urio usb \ +SUBDIR=3D 3dfx \ + accf_data \ + accf_http \ + agp \ + aha \ + amr \ + an \ + aue \ + cam \ + ccd \ + cd9660 \ + coda \ + cue \ + dc \ + de \ + digi \ + ed \ + fdescfs \ + fdc \ + fs \ + fxp \ + if_disc \ + if_ef \ + if_gif \ + if_ppp \ + if_sl \ + if_stf \ + if_tap \ + if_tun \ + ip6fw \ + ipfilter \ + ipfw \ + ispfw \ + joy \ + kue \ + lge \ + linux \ + lnc \ + md \ + mii \ + mlx \ + msdosfs \ + ncp \ + netgraph \ + nfs \ + nge \ + nmdm \ + ntfs \ + nullfs \ + nwfs \ + pcn \ + portalfs \ + procfs \ + ${_random} \ + rl \ + rp \ + sf \ + sis \ + sk \ + sn \ + snp \ + sound \ + sppp \ + ste \ + sym \ + syscons \ + sysvipc \ + ti \ + tl \ + twe \ + tx \ + udbp \ + ugen \ + uhid \ + ukbd \ + ulpt \ + umapfs \ + umass \ + umodem \ + ums \ + unionfs \ + urio \ + usb \ uscanner \ - vinum vpo vr vx wb wx xl + vinum \ + vpo \ + vr \ + vx \ + wb \ + wx \ + xl =20 # XXX some of these can move to the general case when de-i386'ed .if ${MACHINE_ARCH} =3D=3D "i386" -SUBDIR+=3Daac aic ar asr atspeaker bktr coff el fpu gnufpu ibcs2 mly \ - oltr pecoff ray s3 smbfs splash sr streams vesa wi +SUBDIR+=3Daac \ + aic \ + ar \ + asr \ + atspeaker \ + bktr \ + coff \ + el \ + fpu \ + gnufpu \ + ibcs2 \ + mly \ + oltr \ + pecoff \ + ray \ + s3 \ + smbfs \ + splash \ + sr \ + streams \ + vesa \ + wi .endif =20 .if ${MACHINE} =3D=3D "pc98" Index: sys/net/if_faith.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/net/if_faith.c,v retrieving revision 1.6 diff -u -r1.6 if_faith.c --- sys/net/if_faith.c 2001/07/05 14:42:54 1.6 +++ sys/net/if_faith.c 2001/07/14 01:21:02 @@ -46,9 +46,6 @@ #include "opt_inet.h" #include "opt_inet6.h" =20 -#include "faith.h" -#if NFAITH > 0 - #include #include #include @@ -58,13 +55,16 @@ #include #include #include +#include +#include +#include /* XXX: Shouldn't really be required! */ +#include =20 #include #include #include #include #include -#include =20 #ifdef INET #include @@ -82,56 +82,159 @@ #include #endif =20 -#include "bpf.h" -#define NBPFILTER NBPF - #include =20 +#define FAITHNAME "faith" +#define FAITH_MAXUNIT 0x7fff /* ifp->if_unit is only 15 bits */ + +struct faith_softc { + struct ifnet sc_if; /* must be first */ + struct resource *r_unit; + LIST_ENTRY(faith_softc) sc_list; +}; + static int faithioctl __P((struct ifnet *, u_long, caddr_t)); int faithoutput __P((struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *)); static void faithrtrequest __P((int, struct rtentry *, struct sockaddr *)); +static int faithprefix __P((struct in6_addr *)); + +static int faithmodevent __P((module_t, int, void *)); + +static MALLOC_DEFINE(M_FAITH, FAITHNAME, "Firewall Assisted Tunnel Interfa= ce"); +static struct rman faithunits[1]; +LIST_HEAD(, faith_softc) faith_softc_list; =20 -void faithattach __P((void *)); -PSEUDO_SET(faithattach, if_faith); +int faith_clone_create __P((struct if_clone *, int *)); +void faith_clone_destroy __P((struct ifnet *)); =20 -static struct ifnet faithif[NFAITH]; +struct if_clone faith_cloner =3D + IF_CLONE_INITIALIZER(FAITHNAME, faith_clone_create, faith_clone_destro= y); =20 #define FAITHMTU 1500 =20 -/* ARGSUSED */ -void -faithattach(faith) - void *faith; +static int +faithmodevent(mod, type, data) + module_t mod; + int type; + void *data; { - struct ifnet *ifp; - int i; + int err; + + switch (type) { + case MOD_LOAD: + faithunits->rm_type =3D RMAN_ARRAY; + faithunits->rm_descr =3D "configurable if_faith units"; + err =3D rman_init(faithunits); + if (err !=3D 0) + return (err); + err =3D rman_manage_region(faithunits, 0, FAITH_MAXUNIT); + if (err !=3D 0) { + printf("%s: faithunits: rman_manage_region: " + "Failed %d\n", FAITHNAME, err); + rman_fini(faithunits); + return (err); + } + LIST_INIT(&faith_softc_list); + if_clone_attach(&faith_cloner); =20 - for (i =3D 0; i < NFAITH; i++) { - ifp =3D &faithif[i]; - bzero(ifp, sizeof(faithif[i])); - ifp->if_name =3D "faith"; - ifp->if_unit =3D i; - ifp->if_mtu =3D FAITHMTU; - /* LOOPBACK commented out to announce IPv6 routes to faith */ - ifp->if_flags =3D /* IFF_LOOPBACK | */ IFF_MULTICAST; - ifp->if_ioctl =3D faithioctl; - ifp->if_output =3D faithoutput; - ifp->if_type =3D IFT_FAITH; - ifp->if_snd.ifq_maxlen =3D ifqmaxlen; - ifp->if_hdrlen =3D 0; - ifp->if_addrlen =3D 0; - if_attach(ifp); -#if NBPFILTER > 0 -#ifdef HAVE_OLD_BPF - bpfattach(ifp, DLT_NULL, sizeof(u_int)); -#else - bpfattach(&ifp->if_bpf, ifp, DLT_NULL, sizeof(u_int)); +#ifdef INET6 + faithprefix_p =3D faithprefix; #endif + + break; + case MOD_UNLOAD: +#ifdef INET6 + faithprefix_p =3D NULL; #endif + + if_clone_detach(&faith_cloner); + + while (!LIST_EMPTY(&faith_softc_list)) + faith_clone_destroy( + &LIST_FIRST(&faith_softc_list)->sc_if); + + err =3D rman_fini(faithunits); + if (err !=3D 0) + return (err); + + break; + } + return 0; +} + +static moduledata_t faith_mod =3D { + "if_faith", + faithmodevent, + 0 +}; + +DECLARE_MODULE(if_faith, faith_mod, SI_SUB_PSEUDO, SI_ORDER_ANY); +MODULE_VERSION(if_faith, 1); + +int +faith_clone_create(ifc, unit) + struct if_clone *ifc; + int *unit; +{ + struct resource *r; + struct faith_softc *sc; + + if (*unit > FAITH_MAXUNIT) + return (ENXIO); + + if (*unit < 0) { + r =3D rman_reserve_resource(faithunits, 0, FAITH_MAXUNIT, 1, + RF_ALLOCATED | RF_ACTIVE, NULL); + if (r =3D=3D NULL) + return (ENOSPC); + *unit =3D rman_get_start(r); + } else { + r =3D rman_reserve_resource(faithunits, *unit, *unit, 1, + RF_ALLOCATED | RF_ACTIVE, NULL); + if (r =3D=3D NULL) + return (ENOSPC); } + + sc =3D malloc(sizeof(struct faith_softc), M_FAITH, M_WAITOK); + bzero(sc, sizeof(struct faith_softc)); + + sc->sc_if.if_softc =3D sc; + sc->sc_if.if_name =3D FAITHNAME; + sc->sc_if.if_unit =3D *unit; + sc->r_unit =3D r; + + sc->sc_if.if_mtu =3D FAITHMTU; + /* Change to BROADCAST experimentaly to announce its prefix. */ + sc->sc_if.if_flags =3D /* IFF_LOOPBACK */ IFF_BROADCAST | IFF_MULTICAST; + sc->sc_if.if_ioctl =3D faithioctl; + sc->sc_if.if_output =3D faithoutput; + sc->sc_if.if_type =3D IFT_FAITH; + sc->sc_if.if_hdrlen =3D 0; + sc->sc_if.if_addrlen =3D 0; + if_attach(&sc->sc_if); + bpfattach(&sc->sc_if, DLT_NULL, sizeof(u_int)); + LIST_INSERT_HEAD(&faith_softc_list, sc, sc_list); + return (0); } =20 +void +faith_clone_destroy(ifp) + struct ifnet *ifp; +{ + int err; + struct faith_softc *sc =3D (void *) ifp; + + LIST_REMOVE(sc, sc_list); + bpfdetach(ifp); + if_detach(ifp); + + err =3D rman_release_resource(sc->r_unit); + KASSERT(err =3D=3D 0, ("Unexpected error freeing resource")); + + free(sc, M_FAITH); +} + int faithoutput(ifp, m, dst, rt) struct ifnet *ifp; @@ -144,7 +247,7 @@ =20 if ((m->m_flags & M_PKTHDR) =3D=3D 0) panic("faithoutput no HDR"); -#if NBPFILTER > 0 + /* BPF write needs to be handled specially */ if (dst->sa_family =3D=3D AF_UNSPEC) { dst->sa_family =3D *(mtod(m, int *)); @@ -168,13 +271,8 @@ m0.m_len =3D 4; m0.m_data =3D (char *)⁡ =20 -#ifdef HAVE_OLD_BPF bpf_mtap(ifp, &m0); -#else - bpf_mtap(ifp->if_bpf, &m0); -#endif } -#endif =20 if (rt && rt->rt_flags & (RTF_REJECT|RTF_BLACKHOLE)) { m_freem(m); @@ -297,7 +395,7 @@ * XXX could be slow * XXX could be layer violation to call sys/net from sys/netinet6 */ -int +static int faithprefix(in6) struct in6_addr *in6; { @@ -323,4 +421,3 @@ return ret; } #endif -#endif /* NFAITH > 0 */ Index: sys/netinet/in_pcb.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/in_pcb.c,v retrieving revision 1.85 diff -u -r1.85 in_pcb.c --- sys/netinet/in_pcb.c 2001/06/29 12:07:29 1.85 +++ sys/netinet/in_pcb.c 2001/07/13 22:28:51 @@ -67,8 +67,6 @@ #include #endif /* INET6 */ =20 -#include "faith.h" - #ifdef IPSEC #include #include @@ -870,11 +868,9 @@ #endif if (inp->inp_faddr.s_addr =3D=3D INADDR_ANY && inp->inp_lport =3D=3D lport) { -#if defined(NFAITH) && NFAITH > 0 if (ifp && ifp->if_type =3D=3D IFT_FAITH && (inp->inp_flags & INP_FAITH) =3D=3D 0) continue; -#endif if (inp->inp_laddr.s_addr =3D=3D laddr.s_addr) return (inp); else if (inp->inp_laddr.s_addr =3D=3D INADDR_ANY) { Index: sys/netinet/ip_icmp.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/ip_icmp.c,v retrieving revision 1.58 diff -u -r1.58 ip_icmp.c --- sys/netinet/ip_icmp.c 2001/06/23 17:17:58 1.58 +++ sys/netinet/ip_icmp.c 2001/07/13 21:10:23 @@ -46,6 +46,7 @@ #include =20 #include +#include #include =20 #define _IP_VHL @@ -62,11 +63,6 @@ #include #endif =20 -#include "faith.h" -#if defined(NFAITH) && NFAITH > 0 -#include -#endif - #include =20 /* @@ -275,7 +271,6 @@ m->m_len +=3D hlen; m->m_data -=3D hlen; =20 -#if defined(NFAITH) && 0 < NFAITH if (m->m_pkthdr.rcvif && m->m_pkthdr.rcvif->if_type =3D=3D IFT_FAITH) { /* * Deliver very specific ICMP type only. @@ -288,7 +283,6 @@ goto freeit; } } -#endif =20 #ifdef ICMPPRINTFS if (icmpprintfs) Index: sys/netinet/ip_input.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/ip_input.c,v retrieving revision 1.174 diff -u -r1.174 ip_input.c --- sys/netinet/ip_input.c 2001/06/23 17:17:58 1.174 +++ sys/netinet/ip_input.c 2001/07/13 21:12:18 @@ -60,6 +60,7 @@ =20 #include #include +#include #include #include #include @@ -86,11 +87,6 @@ #include #endif =20 -#include "faith.h" -#if defined(NFAITH) && NFAITH > 0 -#include -#endif - #ifdef DUMMYNET #include #endif @@ -636,7 +632,6 @@ if (ip->ip_dst.s_addr =3D=3D INADDR_ANY) goto ours; =20 -#if defined(NFAITH) && 0 < NFAITH /* * FAITH(Firewall Aided Internet Translator) */ @@ -648,7 +643,7 @@ m_freem(m); return; } -#endif + /* * Not for us; forward if possible and desirable. */ Index: sys/netinet/ip_output.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet/ip_output.c,v retrieving revision 1.127 diff -u -r1.127 ip_output.c --- sys/netinet/ip_output.c 2001/06/11 18:38:11 1.127 +++ sys/netinet/ip_output.c 2001/07/13 21:13:53 @@ -63,8 +63,6 @@ #include #include =20 -#include "faith.h" - #include =20 static MALLOC_DEFINE(M_IPMOPTS, "ip_moptions", "internet multicast options= "); @@ -1158,9 +1156,7 @@ case IP_RECVRETOPTS: case IP_RECVDSTADDR: case IP_RECVIF: -#if defined(NFAITH) && NFAITH > 0 case IP_FAITH: -#endif error =3D sooptcopyin(sopt, &optval, sizeof optval, sizeof optval); if (error) @@ -1196,11 +1192,9 @@ OPTSET(INP_RECVIF); break; =20 -#if defined(NFAITH) && NFAITH > 0 case IP_FAITH: OPTSET(INP_FAITH); break; -#endif } break; #undef OPTSET @@ -1292,9 +1286,7 @@ case IP_RECVDSTADDR: case IP_RECVIF: case IP_PORTRANGE: -#if defined(NFAITH) && NFAITH > 0 case IP_FAITH: -#endif switch (sopt->sopt_name) { =20 case IP_TOS: @@ -1332,11 +1324,9 @@ optval =3D 0; break; =20 -#if defined(NFAITH) && NFAITH > 0 case IP_FAITH: optval =3D OPTBIT(INP_FAITH); break; -#endif } error =3D sooptcopyout(sopt, &optval, sizeof optval); break; Index: sys/netinet6/in6.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/in6.c,v retrieving revision 1.13 diff -u -r1.13 in6.c --- sys/netinet6/in6.c 2001/07/02 21:02:08 1.13 +++ sys/netinet6/in6.c 2001/07/13 22:58:31 @@ -138,6 +138,8 @@ =20 struct in6_multihead in6_multihead; /* XXX BSS initialization */ =20 +int (*faithprefix_p)(struct in6_addr *); + /* * Subroutine for in6_ifaddloop() and in6_ifremloop(). * This routine does actual work. Index: sys/netinet6/in6.h =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/in6.h,v retrieving revision 1.14 diff -u -r1.14 in6.h --- sys/netinet6/in6.h 2001/06/24 20:43:01 1.14 +++ sys/netinet6/in6.h 2001/07/13 22:58:22 @@ -600,6 +600,8 @@ #define satosin6(sa) ((struct sockaddr_in6 *)(sa)) #define sin6tosa(sin6) ((struct sockaddr *)(sin6)) #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) + +extern int (*faithprefix_p)(struct in6_addr *); #endif /* _KERNEL */ =20 __BEGIN_DECLS Index: sys/netinet6/icmp6.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/icmp6.c,v retrieving revision 1.13 diff -u -r1.13 icmp6.c --- sys/netinet6/icmp6.c 2001/07/03 11:54:07 1.13 +++ sys/netinet6/icmp6.c 2001/07/13 23:00:30 @@ -103,11 +103,6 @@ #include #endif =20 -#include "faith.h" -#if defined(NFAITH) && 0 < NFAITH -#include -#endif - #include =20 #ifdef HAVE_NRL_INPCB @@ -439,8 +434,7 @@ goto freeit; } =20 -#if defined(NFAITH) && 0 < NFAITH - if (faithprefix(&ip6->ip6_dst)) { + if (faithprefix_p !=3D NULL && (*faithprefix_p)(&ip6->ip6_dst)) { /* * Deliver very specific ICMP6 type only. * This is important to deilver TOOBIG. Otherwise PMTUD @@ -455,7 +449,6 @@ goto freeit; } } -#endif =20 icmp6stat.icp6s_inhist[icmp6->icmp6_type]++; icmp6_ifstat_inc(m->m_pkthdr.rcvif, ifs6_in_msg); Index: sys/netinet6/in6_pcb.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/in6_pcb.c,v retrieving revision 1.15 diff -u -r1.15 in6_pcb.c --- sys/netinet6/in6_pcb.c 2001/06/11 12:39:05 1.15 +++ sys/netinet6/in6_pcb.c 2001/07/13 23:01:21 @@ -100,11 +100,6 @@ #include #include =20 -#include "faith.h" -#if defined(NFAITH) && NFAITH > 0 -#include -#endif - #ifdef IPSEC #include #ifdef INET6 @@ -1001,11 +996,10 @@ u_short fport =3D fport_arg, lport =3D lport_arg; int faith; =20 -#if defined(NFAITH) && NFAITH > 0 - faith =3D faithprefix(laddr); -#else - faith =3D 0; -#endif + if (faithprefix_p !=3D NULL) + faith =3D (*faithprefix_p)(laddr); + else + faith =3D 0; =20 /* * First look for an exact match. Index: sys/netinet6/ip6_input.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/ip6_input.c,v retrieving revision 1.28 diff -u -r1.28 ip6_input.c --- sys/netinet6/ip6_input.c 2001/07/02 21:02:09 1.28 +++ sys/netinet6/ip6_input.c 2001/07/13 21:19:34 @@ -120,8 +120,6 @@ =20 #include =20 -#include "faith.h" - #include =20 extern struct domain inet6domain; @@ -632,7 +630,6 @@ /* * FAITH(Firewall Aided Internet Translator) */ -#if defined(NFAITH) && 0 < NFAITH if (ip6_keepfaith) { if (ip6_forward_rt.ro_rt && ip6_forward_rt.ro_rt->rt_ifp && ip6_forward_rt.ro_rt->rt_ifp->if_type =3D=3D IFT_FAITH) { @@ -642,7 +639,6 @@ goto hbhcheck; } } -#endif =20 /* * Now there is no reason to process the packet if it's not our own Index: sys/netinet6/raw_ip6.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/raw_ip6.c,v retrieving revision 1.11 diff -u -r1.11 raw_ip6.c --- sys/netinet6/raw_ip6.c 2001/06/11 12:39:06 1.11 +++ sys/netinet6/raw_ip6.c 2001/07/13 23:01:32 @@ -104,11 +104,6 @@ =20 #include =20 -#include "faith.h" -#if defined(NFAITH) && 0 < NFAITH -#include -#endif - #define satosin6(sa) ((struct sockaddr_in6 *)(sa)) #define ifatoia6(ifa) ((struct in6_ifaddr *)(ifa)) =20 @@ -142,13 +137,11 @@ =20 rip6stat.rip6s_ipackets++; =20 -#if defined(NFAITH) && 0 < NFAITH - if (faithprefix(&ip6->ip6_dst)) { + if (faithprefix_p !=3D NULL && (*faithprefix_p)(&ip6->ip6_dst)) { /* XXX send icmp6 host/port unreach? */ m_freem(m); return IPPROTO_DONE; } -#endif =20 init_sin6(&rip6src, m); /* general init */ =20 Index: sys/netinet6/udp6_output.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/udp6_output.c,v retrieving revision 1.3 diff -u -r1.3 udp6_output.c --- sys/netinet6/udp6_output.c 2001/06/11 12:39:06 1.3 +++ sys/netinet6/udp6_output.c 2001/07/13 22:30:30 @@ -106,8 +106,6 @@ #endif #endif /*IPSEC*/ =20 -#include "faith.h" - #include =20 /* Index: sys/netinet6/udp6_usrreq.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/sys/netinet6/udp6_usrreq.c,v retrieving revision 1.15 diff -u -r1.15 udp6_usrreq.c --- sys/netinet6/udp6_usrreq.c 2001/06/11 12:39:06 1.15 +++ sys/netinet6/udp6_usrreq.c 2001/07/13 23:01:40 @@ -106,11 +106,6 @@ #include #endif /*IPSEC*/ =20 -#include "faith.h" -#if defined(NFAITH) && NFAITH > 0 -#include -#endif - /* * UDP protocol inplementation. * Per RFC 768, August, 1980. @@ -161,13 +156,11 @@ =20 ip6 =3D mtod(m, struct ip6_hdr *); =20 -#if defined(NFAITH) && 0 < NFAITH - if (faithprefix(&ip6->ip6_dst)) { + if (faithprefix_p !=3D NULL && (*faithprefix_p)(&ip6->ip6_dst)) { /* XXX send icmp6 host/port unreach? */ m_freem(m); return IPPROTO_DONE; } -#endif =20 udpstat.udps_ipackets++; =20 Index: share/man/man4/faith.4 =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D RCS file: /home/ncvs/src/share/man/man4/faith.4,v retrieving revision 1.10 diff -u -r1.10 faith.4 --- share/man/man4/faith.4 2001/06/11 12:38:48 1.10 +++ share/man/man4/faith.4 2001/07/14 02:14:28 @@ -36,7 +36,7 @@ .Nm faith .Nd IPv6-to-IPv4 TCP relay capturing interface .Sh SYNOPSIS -.Cd "device faith" Op Ar count +.Cd "device faith" .Sh DESCRIPTION The .Nm --- sys/modules/if_faith/Makefile.orig Fri Jul 13 19:55:29 2001 +++ sys/modules/if_faith/Makefile Fri Jul 13 16:06:52 2001 @@ -0,0 +1,15 @@ +# $FreeBSD$ + +.PATH: ${.CURDIR}/../../net + +KMOD=3D if_faith +SRCS=3D if_faith.c opt_inet.h opt_inet6.h +NOMAN=3D + +opt_inet.h: + echo "#define INET 1" > ${.TARGET} + +opt_inet6.h: + echo "#define INET6 1" > ${.TARGET} + +.include --KsGdsel6WgEHnImy Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7ULyaXY6L6fI4GtQRAhDLAKCuFUiaM2iTma0zV7W2CPg97JiEqQCcCgdm qOqdITYEPraWYbIs3eqgSPQ= =Ci8Q -----END PGP SIGNATURE----- --KsGdsel6WgEHnImy-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 14:59:30 2001 Delivered-To: freebsd-audit@freebsd.org Received: from sneakerz.org (sneakerz.org [216.33.66.254]) by hub.freebsd.org (Postfix) with ESMTP id 9B48037B403; Sat, 14 Jul 2001 14:59:22 -0700 (PDT) (envelope-from bright@sneakerz.org) Received: by sneakerz.org (Postfix, from userid 1092) id E12825D010; Sat, 14 Jul 2001 16:59:11 -0500 (CDT) Date: Sat, 14 Jul 2001 16:59:11 -0500 From: Alfred Perlstein To: Matthew Jacob Cc: smp@freebsd.org, audit@freebsd.org Subject: Re: planned change to mbinit code and minor changes to mp startup Message-ID: <20010714165911.B15299@sneakerz.org> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from mjacob@feral.com on Sat, Jul 14, 2001 at 11:25:46AM -0700 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG * Matthew Jacob [010714 13:26] wrote: > > Problem: the MB init and alloc code assumes that in the SMP case that there is > a dense array of CPU ids for the CPUs present and reported via mp_ncpus. > > This is not true and cannot be true for a number of reasons: > > a) CPUids don't always start at 0 (e.g, Alpha 8200) > b) CPUs may be disabled, leaving holes in the map. > c) CPUs may (eventually) want to come and go while we're running. > > I thought about making cpuid a 'virtual' construct. We may eventually want to > do this, but this only solves #a/#b- it will not move us toward #c. And it can > get somewhat dicey for the amount of code to check and change by doing this. > > Below is a partial solution that takes the approach of just checking who is > 'absent' when mbinit is called. It requires that all_cpus be set sensibly > whether there are more than one cpu or not (which makes sense too). > > Making this change allows the ALpha 8200s to work again and also allows > disabling arbitrary CPUs leaving holes in the CPU map to work without getting > out of sync. Ok, on second thought, the patch isn't that bad of an idea, however: > Index: kern/subr_mbuf.c > =================================================================== > RCS file: /home/ncvs/src/sys/kern/subr_mbuf.c,v > retrieving revision 1.2 > diff -u -r1.2 subr_mbuf.c > --- kern/subr_mbuf.c 2001/06/22 16:03:23 1.2 > +++ kern/subr_mbuf.c 2001/07/14 18:14:30 > @@ -57,12 +62,11 @@ > #endif > > /* > - * SMP and non-SMP kernels clearly have a different number of possible cpus. > */ > #ifdef SMP > -#define NCPU_PRESENT mp_ncpus > +#define CPU_ABSENT(x) ((all_cpus & (1 << x)) == 0) > #else > -#define NCPU_PRESENT 1 > +#define CPU_ABSENT(x) 0 > #endif > > /* This should be in some file where other "per cpu" systems can get at it, duplicating it everywhere is gross. (for instance, my cpu affinity patches). Also, since it looks like this would break if we suddently started up another CPU I really don't agree with not populating the pools if 'CPU_ABSENT(i)'. -Alfred To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 16: 1: 0 2001 Delivered-To: freebsd-audit@freebsd.org Received: from mail6.speakeasy.net (mail6.speakeasy.net [216.254.0.206]) by hub.freebsd.org (Postfix) with SMTP id 97A5837B403 for ; Sat, 14 Jul 2001 16:00:47 -0700 (PDT) (envelope-from jhb@FreeBSD.org) Received: (qmail 58288 invoked from network); 14 Jul 2001 23:00:46 -0000 Received: from unknown (HELO laptop.baldwin.cx) ([64.81.54.73]) (envelope-sender ) by mail6.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 14 Jul 2001 23:00:46 -0000 Message-ID: X-Mailer: XFMail 1.4.0 on FreeBSD X-Priority: 3 (Normal) Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: <20010714165911.B15299@sneakerz.org> Date: Sat, 14 Jul 2001 16:00:50 -0700 (PDT) From: John Baldwin To: Alfred Perlstein Subject: Re: planned change to mbinit code and minor changes to mp startu Cc: audit@FreeBSD.ORG, smp@FreeBSD.ORG, Matthew Jacob Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 14-Jul-01 Alfred Perlstein wrote: > * Matthew Jacob [010714 13:26] wrote: >> =================================================================== >> RCS file: /home/ncvs/src/sys/kern/subr_mbuf.c,v >> retrieving revision 1.2 >> diff -u -r1.2 subr_mbuf.c >> --- kern/subr_mbuf.c 2001/06/22 16:03:23 1.2 >> +++ kern/subr_mbuf.c 2001/07/14 18:14:30 >> @@ -57,12 +62,11 @@ >> #endif >> >> /* >> - * SMP and non-SMP kernels clearly have a different number of possible >> cpus. >> */ >> #ifdef SMP >> -#define NCPU_PRESENT mp_ncpus >> +#define CPU_ABSENT(x) ((all_cpus & (1 << x)) == 0) >> #else >> -#define NCPU_PRESENT 1 >> +#define CPU_ABSENT(x) 0 >> #endif >> >> /* > > This should be in some file where other "per cpu" systems can get at it, > duplicating it everywhere is gross. (for instance, my cpu affinity > patches). Agreed. sys/pcpu.h is one possibility. > Also, since it looks like this would break if we suddently started > up another CPU I really don't agree with not populating the pools > if 'CPU_ABSENT(i)'. Well, I think what we will want in that case is to have the equivalent of cpu attach/detach routines that also have a list of handlers that other subsystems can register to be called when a CPU is added/removed. For example, the mbuf system would add handlers to allocate and teardown the per-CPU counters. > -Alfred -- John Baldwin -- http://www.FreeBSD.org/~jhb/ PGP Key: http://www.baldwin.cx/~john/pgpkey.asc "Power Users Use the Power to Serve!" - http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 16:11:27 2001 Delivered-To: freebsd-audit@freebsd.org Received: from kawoserv.kawo2.rwth-aachen.de (kawoserv.kawo2.RWTH-Aachen.DE [134.130.180.1]) by hub.freebsd.org (Postfix) with ESMTP id EE19537B403; Sat, 14 Jul 2001 16:11:18 -0700 (PDT) (envelope-from alex@fump.kawo2.rwth-aachen.de) Received: from fump.kawo2.rwth-aachen.de (root@fump.kawo2.rwth-aachen.de [134.130.181.148]) by kawoserv.kawo2.rwth-aachen.de (8.9.3/8.9.3) with ESMTP id BAA05623; Sun, 15 Jul 2001 01:11:17 +0200 Received: (from alex@localhost) by fump.kawo2.rwth-aachen.de (8.11.3/8.11.3) id f6ENBiu97487; Sun, 15 Jul 2001 01:11:44 +0200 (CEST) (envelope-from alex) Date: Sun, 15 Jul 2001 01:11:44 +0200 From: Alexander Langer To: Brooks Davis Cc: net@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: review request: if_faith modernization Message-ID: <20010715011143.A97334@fump.kawo2.rwth-aachen.de> References: <20010714144147.A27610@Odin.AC.HMC.Edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010714144147.A27610@Odin.AC.HMC.Edu>; from brooks@one-eyed-alien.net on Sat, Jul 14, 2001 at 02:41:47PM -0700 X-PGP-Fingerprint: 44 28 CA 4C 46 5B D3 A8 A8 E3 BA F3 4E 60 7D 7F X-PGP-at: finger alex@big.endian.de X-Verwirrung: Dieser Header dient der allgemeinen Verwirrung. Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Thus spake Brooks Davis (brooks@one-eyed-alien.net): People. This is a good example why style fixes shouldn't happen with content fixes. I can't figure out what changed in this file: > RCS file: /home/ncvs/src/sys/modules/Makefile,v > retrieving revision 1.190 > diff -u -r1.190 Makefile > --- sys/modules/Makefile 2001/07/08 04:17:26 1.190 > +++ sys/modules/Makefile 2001/07/13 23:10:49 > diff -u -r1.6 if_faith.c > --- sys/net/if_faith.c 2001/07/05 14:42:54 1.6 > +++ sys/net/if_faith.c 2001/07/14 01:21:02 I'm just curious: Why don't you need to include sys/module.h? You don't include any other file that itself includes it, but module.h defines DECLARE_MODULE and friends, which you are using. I'm a little bit confused :-) > +#include /* XXX: Shouldn't really be required! */ Why do you include it then? :-) Haven't looked at the other stuff. Thanks Alex To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 16:17:37 2001 Delivered-To: freebsd-audit@freebsd.org Received: from beppo.feral.com (beppo.feral.com [192.67.166.79]) by hub.freebsd.org (Postfix) with ESMTP id 8CFA437B405; Sat, 14 Jul 2001 16:17:32 -0700 (PDT) (envelope-from mjacob@feral.com) Received: from wonky.feral.com (wonky.feral.com [192.67.166.7]) by beppo.feral.com (8.11.3/8.11.3) with ESMTP id f6ENHQS91614; Sat, 14 Jul 2001 16:17:26 -0700 (PDT) (envelope-from mjacob@feral.com) Date: Sat, 14 Jul 2001 16:17:13 -0700 (PDT) From: Matthew Jacob Reply-To: To: John Baldwin Cc: Alfred Perlstein , , Subject: Re: planned change to mbinit code and minor changes to mp startu In-Reply-To: Message-ID: <20010714161650.K29535-100000@wonky.feral.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > >> /* > > > > This should be in some file where other "per cpu" systems can get at it, > > duplicating it everywhere is gross. (for instance, my cpu affinity > > patches). > > Agreed. sys/pcpu.h is one possibility. > > > Also, since it looks like this would break if we suddently started > > up another CPU I really don't agree with not populating the pools > > if 'CPU_ABSENT(i)'. > > Well, I think what we will want in that case is to have the equivalent of cpu > attach/detach routines that also have a list of handlers that other subsystems > can register to be called when a CPU is added/removed. For example, the mbuf > system would add handlers to allocate and teardown the per-CPU counters. > yes, that's probably right. What shall we do for the short term? -matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sat Jul 14 21:29:10 2001 Delivered-To: freebsd-audit@freebsd.org Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by hub.freebsd.org (Postfix) with ESMTP id 2E1DF37B401; Sat, 14 Jul 2001 21:29:04 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.11.0/8.11.0) id f6F4St226647; Sat, 14 Jul 2001 21:28:55 -0700 Date: Sat, 14 Jul 2001 21:28:55 -0700 From: Brooks Davis To: Alexander Langer Cc: net@FreeBSD.ORG, audit@FreeBSD.ORG Subject: Re: review request: if_faith modernization Message-ID: <20010714212855.B26269@Odin.AC.HMC.Edu> References: <20010714144147.A27610@Odin.AC.HMC.Edu> <20010715011143.A97334@fump.kawo2.rwth-aachen.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="Bn2rw/3z4jIqBvZU" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20010715011143.A97334@fump.kawo2.rwth-aachen.de>; from alex@big.endian.de on Sun, Jul 15, 2001 at 01:11:44AM +0200 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG --Bn2rw/3z4jIqBvZU Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jul 15, 2001 at 01:11:44AM +0200, Alexander Langer wrote: > Thus spake Brooks Davis (brooks@one-eyed-alien.net): >=20 > People. This is a good example why style fixes shouldn't happen > with content fixes. I can't figure out what changed in this file: >=20 > > RCS file: /home/ncvs/src/sys/modules/Makefile,v > > retrieving revision 1.190 > > diff -u -r1.190 Makefile > > --- sys/modules/Makefile 2001/07/08 04:17:26 1.190 > > +++ sys/modules/Makefile 2001/07/13 23:10:49 dd pointed this out too. I just forgot that I had patched that. I'll commit it seperatly. (The actual change is adding if_faith.) > > diff -u -r1.6 if_faith.c > > --- sys/net/if_faith.c 2001/07/05 14:42:54 1.6 > > +++ sys/net/if_faith.c 2001/07/14 01:21:02 >=20 > I'm just curious: Why don't you need to include sys/module.h? > You don't include any other file that itself includes it, but > module.h defines DECLARE_MODULE and friends, which you are using. > I'm a little bit confused :-) I'm not sure. Things worked, so I didn't add more includes. > > +#include /* XXX: Shouldn't really be required! */ >=20 > Why do you include it then? :-) Because sys/rman.h bogusly contains refrences to bus_space_tag_t and bus_space_handle_t. The comment is actually brain's since that code is pretty much copyed from the cloning code for tun(4). Thanks, Brooks --=20 Any statement of the form "X is the one, true Y" is FALSE. PGP fingerprint 655D 519C 26A7 82E7 2529 9BF0 5D8E 8BE9 F238 1AD4 --Bn2rw/3z4jIqBvZU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE7URwFXY6L6fI4GtQRAr5QAJ9leEH0XDe3IVcUu/OXZtPHXLT3OwCfTEWo bfSvZKIoOWTgF+g2DQDi/i4= =epJb -----END PGP SIGNATURE----- --Bn2rw/3z4jIqBvZU-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message