In a few places, we where using a fixed buffer of sizeof(Dir)+100
size for stat. This is not correct and fails if the name returned
in stat is long.
This results in being unable to seek to the end of file with a
long filename.
The kernel should do the same thing as dirfstat() from libc;
handling the conversion and buffer allocation and returning a
freeable Dir* pointer.
For this, a new dirchanstat() function was added.
The fstat syscall was not rewriting the name to the last path
element; fix it.
In addition, gracefully handle the mountfix case, reallocating
the buffer to accomidate the required stat length plus
size of the new name so dirsetname() does not fail.
this patch fixes bugs in tls extension handling:
1. if conn->serverName is an empty string, tlsClientExtensions
will generate a SNI with an empty hostname, which is forbidden
according to RFC 6066:
opaque HostName<1..2^16-1>;
check if conn->serverName has at least one char.
2. checkClientExtensions fail with clients that doesn't have
extensions, because it doesn't check if ext is nil. fix that
up.
3. rewrite checkClientExtensions. some parts of the code does
not check the length properly, and it could be simplified
heavily.
The standard states in section 19.5.93:
.... Notice that if this operation is performed
on an obeject reference such as one produced by
the Alias, Index, or RefOf statements, the obect
type of the base object is returned.
Do the debuglevel check before calling the print
function for _threaddebug, by making it a macro.
Do not waste cycles passing arguments.
Generalize the _threaddebug function into _threadprint()
and add a varargcheck pragma. This function can
also be used from _threadassert().
Fix missing arguments in one case, fix trailing
newlines in _threaddebug().
Make _threadgetproc()/_threadsetproc() a macro,
just dereferencing Proc**_threadprocp.
Simplify the mainjump, just call _threadsetproc()
directly without that mainp dance. Remove the
_schedinit() argument, it uses _threadgetproc() now.
Get rid of Mainarg struct, just have a global variable
for argc.
The timing loop is here for the case if the
controller doesnt produce an interrupt when
becoming broken. In normal case, we should
just get worken up from the interrupt.
In any case, 100 times a second polling is
not neccessary here, increase to 1 second.
The old strategy of wait and retry doesnt seem to
work very well as it keeps all the forking parents
stuck waiting in the kernel worsening the situation.
The idea with this change is to have rfork() return
error quickly; and without whining; as most callers
would just react with a sysfatal() which might be
better for surviving this.
It is a bit of a annoyance that kenc will try to expand
function like macros on any symbol with the same name
and then complain when it doesnt see the '(' in the
invocation.
test case below:
void
foo(int)
{
}
struct Bar
{
int baz; /* <- should not conflict */
};
void
main(void)
{
baz(123);
}
The current behaviour of the kernel to deadlock itself
instead of returning an error on fork.
This might change in the future, so prepare libthread
to handle this case.
For _schedfork(), we'r going to just retry forking
on every switch, while for _schedexec(), the exec
will fail and send ~0 down the pid channel.
The ipoput4() and ipoput6() functions can raise an error(),
which means before calling sndrst() or limbo() (from tcpiput()),
we have to get rid of our blist by calling freeblist(bp).
Makse sure to set the Block pointer to nil after freeing in
ipiput() to avoid accidents.
Fix wrong panic string in sndsynack, and make any sending
functions like sndrst(), sndsynack() and tcpsendka()
return the value of ipoput*(), so we can distinguish
"no route" error.
Add a Enoroute[] string constant.
Both htontcp4() and htontcp6() can never return nil,
as they will allocate new or resize the existing block.
Remove the misleading error handling code that assumes
that it can fail.
Unlock proto on error in limborexmit() which can
be raised from sndsynack() -> ipoput*() -> error().
Make sndsynack() pass a Routehint pointer to ipoput*()
as it already did the route lookup, so we dont have todo
it twice.
i'm not confident about mutating the route tree
pointers and have concurrent readers walking the
pointer chains.
given that most route lookups are bypassed now
for non-routing case and we are not building a
high performance router here, lets play it safe.
theres no structure in the lower 32 bits of an ipv6 address.
use the top bit to distinguish special stuff like multicast
and link-local addresses, and use the 16-bit subnet-id bits
for the rest.
Instead of having to do an arp hash table lookup for each
outgoing ip packet, forward the Routehint pointer to the
medium's bwrite() function and let it cache the arp entry
pointer.
This avoids route and arp hash table lookups for tcp, il
and connection oriented udp.
It also allows us to avoid multiple route and arp table
lookups for the retransmits once an arp/neighbour solicitation
response arrives.
The Mhead structures have two sources of references to them:
- from Pgrp.mnthash hash-table
- from a channels Chan.umh pointer as returned by namec() for a union directory
Unless one holds the Mhead.lock RWLock, the Mhead.mount chain
can be mutated by eigther cmount(), cunmount() or closepgrp().
Readers, skipping acquiering the lock where:
mountfix(): responsible for rewriting directory entries for
union directory reads; was walking the Mhead.mount chain to
detect if the passed channel itself appears in the mount list.
cmount(): had a check and copy when "new" chan was a union itself
and if the MCREATE flag is set and would copy the mount table.
All this needs to be done with Mhead read-locked while copying
the mount entries.
devproc(): in the handler for reading /proc/n/ns file.
namec(): while checking if the Chan->umh should be initialized.
In addition to this, cmount() is changed to do the mountfree()
of the original mount chain when MREPL is done after releasing
the locks.
Also, some cosmetic changes...
The IPv4 ARP cache used to indefinitely buffer packets in the Arpent hold list.
This is bad in case of a router, because it opens a 1 second
(retransmit time) window to leak all the to be forwarded packets.
This change makes the ipv4 arp code path similar to the IPv6 neighbour
solicitation path, using the retransmit process to time out old entries
(after 3 arp retransmits => 3 seconds).
A new function arpcontinue() has been added that unifies the point when
we schedule the (ipv6 sol retransmit) / (ipv4 arp timeout) and reduce
the hold queue to the last packet and unlock the cache.
As a bonus, we also now send a icmp host unreachable notification
for the dropped packets.
tlsbwrite() would call checkstate() before calling tlsrecwrite()
to make sure the channel is open. however, because checkstate()
only raises the error, the Block* passed wont be freed and
would result in a memory leak.
move the checkstate() call inside tlsrecwrite() to reuse the
error handling that frees the block on error.
in OpenBSD 6.9 and up, the kernel (bsd, bsd.mp) still has
the ostype symbols, but bsd.rd appears to have lost them,
even when decompressed.
so, as a result, we should use what we have, which isn't
much.
Due to the way LCA is defined, a using a strict LCA
on a graph like this:
<--a--b--c--d--e--f--g
\ /
+-----h-------
can lead to spurious requests to merge. This happens
because 'lca(b, g)' would return 'a', since it can be
reached in one step from 'b', and 2 steps from 'g', while
reaching 'b' from 'a' would be a longer path.
As a result, we need to implement an lca variant that
returns the starting node if one is reachable from the
other, even if it's already found the technically correct
least common ancestor.
This replaces our LCA algorithm with one based on the
painting we do while finding a twixt, making it give
the resutls we want.
git/query: fix spurious merge requests
Due to the way LCA is defined, a using a strict LCA
on a graph like this:
<--a--b--c--d--e--f--g
\ /
+-----h-------
can lead to spurious requests to merge. This happens
because 'lca(b, g)' would return 'a', since it can be
reached in one step from 'b', and 2 steps from 'g', while
reaching 'b' from 'a' would be a longer path.
As a result, we need to implement an lca variant that
returns the starting node if one is reachable from the
other, even if it's already found the technically correct
least common ancestor.
This replaces our LCA algorithm with one based on the
painting we do while finding a twixt.
directory entries cannot span sector boundaries, meaning
that the end of a sector would be zero padded until the
next sector.
we have to skip over these zero paddings to fully read
the directory.
Plumber both posts a service to /srv and sets a $plumbsrv environment
variable. Our libplumb no longer uses $plumbsrv and nothing else
does. It's a silly hack; rc doesn't update /env immediately, and
scripts, which for instance set up subrios, cannot rely on it to
clean up the plumber at the end.
Instead, add the option to specify a srvname, actually check for some
common errors and print a usage string.
Thanks to Ori for input and a preliminary patch.
- enforce same behaviour as cachedb server in dblookup():
- force Taaaa record type on ipv6= attributes, regardless of value
- return Taaaa records for ip= attributes containing ipv6 values
- return Ta records only for ip= attributes containing ipv4 values
- for compatibility, bring back support for txtrr= type, but handle consistently
Git has the ability to track the person who
creates a commit separately from the person
who wrote the commit. For git9, we ignored
this feature.
However, as we start using git/import more,
it will be useful to figure out who imported
a commit, as well as who wrote it.
This change adds support for seeing this
information in git, as well as setting the
author and committer separately in git/import.
Target generation is revised, split into $YTARG and $TARG.
$PROGS is inlined to the cmd target.
%.cpus is added to allow chaining: mk all.cpus
$POWERLESS is added, since dtracy doesn't build yet on ppc.
$DIRS regexp is simplified, simplifing $NOMK.
$cpuobjtype is replaced with cp's recipe for copying itself on $cputype.
$APEDIRS is removed.
The none target is renamed to usage, since it prints out usage.
The ape target is removed.
The dirs target is replaced by all.dirs
%.directories is replaced by %.dirs
The all target serializes directories after cmds to match the install target recipe.
All regexp rules are replaced with nonregexp versions for clarity.
The &:n: rule is removed. Just build the $O.$cmd file.
.y files now build .c files, not .tab.c files, and remove (bc|units|mpc|pc).c:R:
All safeinstall rules are removed.
The cleanfiles rule is renamed to cleancmds and simplified.
%.clean is removed. Just use mk cleancmds.
The install rule serializes cp and yacc before building anything else, avoiding races.
The installall recipe is simplified with the install.cpus prereq.
%.installall is removed. Just use mk $cmd.install.cpus
The $O.cj, %.update, and compilers rules are removed.
openssh now disables RSA/SHA-1 by default, so using RSA/SHA-1 will
eventually cause us problems:
https://undeadly.org/cgi?action=article;sid=20210830113413
in addition, github will disable RSA/SHA-1 for recently added RSA keys:
https://github.blog/2021-09-01-improving-git-protocol-security-github/
this patch modifies ssh.c to use RSA/SHA-256 (aka rsa-sha2-256)
instead of RSA/SHA-1 (aka ssh-rsa) as the public key algorithm.
NOTE: public rsa keys and thumbprints are ***NOT AFFECTED***
by this patch.
while we're here, remove the workaround for github.com. it seems
that github has fixed their implementation, and does not look into
macalgs when we're using an aead cipher.
---
remove old /sys/src/games/nes/joynes in favor of joy(1).
joy(1) has more buttons for the other emulators; there is
no longer a significance in the order of the keys.
document nusb/joy, add information in each emulator manpage.
> This patch enables use of the igfx controller rather than vesa on the
> eeepc1005ha netbook. This means using the full screen resolution of
> 1024x600.
> *Andrew Eggenberger*
Per the docs:
the sender SHOULD include a LF, but the
receiver MUST NOT complain if it is not
present.
I typoed away the SHOULD, and got missed the
MUST NOT.
thanks qbit.
the subst utility no longer supports a '-g'
flag, but this was left behind in commit;
this means that the lines listing modified
files were not correctly commented in the
commit header.
This is mostly harmless, but when using an
editor like sam to edit the commit message,
the modified lines would have to be removed
manually.
was testing out the git/import tweaks and accidentally
pushed this commit. No comment on whether we want it,
but it definitely wasn't ready for merge.
Oops.
Often, people (including myself) will write emails that
can almost be applied with git/import. This changes
git/diff and git/import so that things will generally
work even when assembling diffs by hand:
1. git/import becomes slightly more lax:
^diff ...
^--- ...
will both be detected as the start of a patch.
2. git/diff produces the same format of diff
as git/export, starting with paths:
--- a/path/to/file
+++ b/path/to/file
which means that the 'ape/patch -p1' used
within git/import will just work.
So with this, if you send an email to the mailing list,
write up a committable description, and append the
output of git/diff to the end of the email, git/import
should just work.
[this patch was send through the mailing list using the
above procedure, and will be committed with git/import
to verify that it works as advertised]
exportfs -d logs 9p traffic to /tmp/exportdb.
-f allows writing to a different file.
exportfs silently continues if it doesn't have
permissions to create or write to /tmp/exportdb.
These are poor behaviors.
A better default is to write to stderr, since it
is 9P debug info that is better immediately printed,
and not user info that is better handled by syslog().
As a result, -f is obsolete and thus removed.
Redirect responsibility is now on rc.
As a side effect, rc will fail if it doesn't
have permissions to write.
exportfs(4) is updated to reflect all changes
and with a better Synopsis.
oexportfs is changed to match exportfs.
oexportfs(4) is updated to reflect all changes.
The Synopsis is not changed due to the number of flags.
Removed -f from iostats.
iostats(4) is updated to reflect all changes.
---
http://fqa.9front.org/fqa1.html#1.2 states the supported archs.
However, clean and nuke also remove build files for 0 (spim) and q
(power). 'mk all' using those archs fails; 'mk kernels' also tries to
build all the kernels, even those which are not supported. For
example, I tried to build the power arch (qc, qa, ql) and without
surprise it failed (when building dtracy): ...
mk dtracy
qc -FTVw dtracy.c
yacc -v -d -D1 parse.y
qc -FTVw cgen.c
qc -FTVw act.c
qc -FTVw type.c
== regfree ==
REGISTER R0 <11> STRUCT DTAct cgen.c:302
== regfree ==
REGISTER R0 <11> STRUCT DTAct act.c:266
== regfree ==
qc -FTVw agg.c
cgen.c:299 unknown type in regalloc: STRUCT DTAct
cgen.c:299 bad opcode in gmove INT -> STRUCT DTAct
cgen.c:302 unknown type in regalloc: STRUCT DTAct
cgen.c:302 bad opcode in gmove INT -> STRUCT DTAct
cgen.c:302 error in regfree: 0 [0]
REGISTERmk: qc -FTVw cgen.c : exit status=rc 387386: qc 387392: error R0
<11> STRUCT DTAct act.c:269
act.c:250 unknown type in regalloc: STRUCT DTAct
act.c:250 bad opcode in gmove INT -> STRUCT DTAct
act.c:266 unknown type in regalloc: STRUCT DTAct
act.c:266 bad opcode in gmove INT -> STRUCT DTAct
act.c:266 error in regfree: 0 [0]
act.c:269 unknown type in regalloc: STRUCT DTAct
act.c:269 bad opcode in gmove INT -> STRUCT DTAct
act.c:269 error in regfree: 0 [0]
act.c:274 unknown type in regalloc: STRUCT DTAct
act.c:274 bad opcode in gmove INT -> STRUCT DTAct
act.c:274 error in regfree: 0 [0]
too many errors
mk: for(i in cc ... : exit status=rc 382748: rc 387379: mk 387381: error
mk: date for (i ... : exit status=rc 373781: rc 382226: mk 382227: error
cpu%
The patch below skips over non-supported architectures. Is that
something we want? This way, 'mk kernels' should work without a
problem (tested on amd64). Then if someone works on getting those
architectures supported again in the future, they can be added back
in.
snoopy shares ndb/dns's dns parser code, but has its own
copy of rralloc() function, which is responsible to allocating
auxiolary data structures on an RR depending on the type.
ndb/dns gained some support for some new types, but snoopy's
copy of rralloc() was not updated, resulting the auxiolary
structures to be nil, and the shared parsing routines crashes
when trying to dereference them.
this just syncs the copies, we might consider moving rralloc()
into its own file so it can be completely shared.
Git currently gets a bit confused if you try to
manipulate files by absolute path. There were also a
number of places where user-controlled file paths ended
up getting passed to regex interpretation, which could
confuse things.
This change mainly does 2 things:
- Adds a 'drop' function which drops
a non-regex prefix from a string, and uses
that to manipulate paths, simplifies 'subst',
and removes 'subst -g', which was only used
with fixed regexes; sed does this job fine.
- When getting a path from a user, we
make it absolute and then strip out the head
Along the way it cleans up a couple of stupids:
- 'for(f in $list) if(! ~ $#f 0) use $f:
$f can't be a nil list because of
list flattening.
- removes a useless substitution here:
all=`$nl{{git/query -c $1 $2; git/query -c $2 $3} | sed 's/^..//' | \
gsubst '^('$ourbr'|'$basebr'|'$theirbr')/*' | sort | uniq}
where git/query -c doesn't produce
paths prefixed with the query.
exportfs -d logs 9p traffic to /tmp/exportdb.
-f allows writing to a different file.
exportfs silently continues if it doesn't have
permissions to create or write to /tmp/exportdb.
These are poor behaviors.
A better default is to write to stderr, since it
is 9P debug info that is better immediately printed,
and not user info that is better handled by syslog().
As a result, -f is obsolete and thus removed.
Redirect responsibility is now on rc.
As a side effect, rc will fail if it doesn't
have permissions to write.
exportfs(4) is updated to reflect all changes
and with a better Synopsis.
Update tinc(8) man page to:
1. state the implementation aligns with 1.0.36 of tinc.org;
2. use same hostname as mentioned in usage line.
Fix typos in tinc.c.
The '-m' flag was added to date largely
to support git scripts. It predates the
tmdate code, which is why it exists, but
it's a recent enough addition that nothing
I'm aware of uses it, other than git.
As a result, it would be good to remove
it, so let's do that.