Commit graph

9022 commits

Author SHA1 Message Date
cinap_lenrek
c8507f428f ipconfig(8): add -t flag to enable source address translation 2022-03-13 17:29:16 +00:00
cinap_lenrek
6e4a1fda8c devip: allow setting the "trans" flag on a logical interface
This makes the interface route have the "t"-flag,
which causes packets routed to the interface to get
source translated.
2022-03-13 17:16:54 +00:00
cinap_lenrek
d2a7d88662 devip: implement network address translation routes
This adds a new route "t"-flag that enables network address translation,
replacing the source address (and local port) of a forwarded packet to
one of the outgoing interface.

The state for a translation is kept in a new Translation structure,
which contains two Iphash entries, so it can be inserted into the
per protocol 4-tuple hash table, requiering no extra lookups.

Translations have a low overhead (~200 bytes on amd64),
so we can have many of them. They get reused after 5 minutes
of inactivity or when the per protocol limit of 1000 entries
is reached (then the one with longest inactivity is reused).

The protocol needs to export a "forward" function that is responsible
for modifying the forwarded packet, and then handle translations in
its input function for iphash hits with Iphash.trans != 0.

This patch also fixes a few minor things found during development:

- Include the Iphash in the Conv structure, avoiding estra malloc
- Fix ttl exceeded check (ttl < 1 -> ttl <= 1)
- Router should not reply with ttl exceeded for multicast flows
- Extra checks for icmp advice to avoid protocol confusions.
2022-03-12 20:53:17 +00:00
cinap_lenrek
c14ea9fdd1 awk: fix off-by-one string buffer overflow from gsub
the bug happens when we did the fast exit thru "done" label,
where we would not make sure that theres space in the buffer
for the NUL terminator.

instead, avoid the fast exit and always do the final
adjbuf() that makes sure we have space for the NUL terminator.

remove the pointless pb checks, they'r wrong (should'v
been bp >= buf+bufsz) and adjbuf() already makes sure this
can never happen.
2022-03-12 12:29:15 +00:00
Alex Musolino
af6f03e528 hjfs: fix group ownership of home dirs created by newuser command 2022-03-08 13:25:52 +00:00
glenda
21b501c27f /lib/theo: Once you understand the mechanism you'll realize it will never work. 2022-03-06 02:25:23 +00:00
Michael Forney
0f890140f2 igfx: fix some typos in comments 2022-03-05 01:06:20 +00:00
Michael Forney
d52f25ecdc igfx: add TypeILK, since it differs slightly from SNB
ILK's LVDS transcoder select field only has 1 bit, like G45.
2022-03-02 10:26:37 +00:00
Michael Forney
a00957efee igfx: maintain single/double-channel LVDS mode from BIOS 2022-03-02 10:26:36 +00:00
Michael Forney
79c7e4514d igfx: fix FDI link training on ironlake
Ironlake uses bits 29:28 in the RX control register to select the
training pattern.
2022-03-02 10:26:38 +00:00
cinap_lenrek
9c02337fc3 merge 2022-03-02 18:54:36 +00:00
Michael Forney
954f9f1fcf aux/vga: return modes according to EDID timing priority order
EDID 1.3 section 5 gives a table describing the priority order of
timing information. Use this ordering when constructing the EDID
mode list.

Since aux/vga selects the first mode in the modelist that matches
the given size, it will now select the mode of that size with the
highest preference. Or, if you set vgasize=auto (or some other
string without an 'x'), aux/vga will select the Preferred Detailed
Timing.

This should make it unnecessary to modify vgadb in many cases.
2022-02-28 21:20:52 +00:00
cinap_lenrek
d082a8972f ether82563: add pci id for ethernet on dell optiplex 7090 micro (thanks leimy)
0.31.6: net  02.00.00 8086/15f9 255 0:70900000 131072
         Intel Corporation
2022-02-28 13:18:13 +00:00
cinap_lenrek
5886b999d5 devbridge: fix vlan range parsing 2022-02-27 13:32:58 +00:00
Ori Bernstein
840d16912a git/revert: update modification time on revert
when reverting files, 'cp -x' updates the mtime
to the time the file was committed. this prevents
'mk' from rebuilding the file, leading to stale
builds.

this change touches the file on revert, so that
we rebuild the file.
2022-02-27 04:27:56 +00:00
cinap_lenrek
fd1cfc824a snoopy: add vlan protocol (802.1q) 2022-02-27 03:33:01 +00:00
cinap_lenrek
9944e16b16 devbridge: improve locking, unbind ports automatically on read error and more...
Use an RWlock so readers can work in parallel in
the common case (no cache updates).

When a reader needs to update the cache to add
a new learned source mac address, it will drop
the rlock and aquire the wlock to do the update.

When we get a read error, we now unbind the
port to avoid further packets being forwarded
to it.

This is usefull for hotplug ethernet devices
like usb ones or tunnels.

Simplify the unbind, getting rid of the refcount,
by having only the reader proc call freeport().

Avoid holding the bridge lock while opening
and closing ethernet/tunnel device files during
bind and unbind.

Dont use smalloc() (especially when holding locks).

Allocate bridges dynamically, so we do not waste
the memory when we do not need them.

Reject non-hostowner from allocating new bridges.

Use consistent naming: port -> port

Use consistent comment style: // -> /* */
2022-02-26 22:05:32 +00:00
cinap_lenrek
be0a80faf3 nusb/disk: use setalt(), print argv0 in prints instead of "disk:" 2022-02-23 18:38:28 +00:00
cinap_lenrek
045936a778 nusb/cam: fix mistake (nil vs -1) 2022-02-23 18:13:00 +00:00
cinap_lenrek
8bf71adc94 nusb/audio: use setalt(), make sure endpoint has right direction. 2022-02-23 18:03:53 +00:00
cinap_lenrek
11e12ea0c0 nusb/cam: use setalt() 2022-02-23 18:02:02 +00:00
cinap_lenrek
67750a093f nusb/ether: use setalt() 2022-02-23 18:01:15 +00:00
cinap_lenrek
bea20cd152 nusb/lib: provide a setalt() function to set the interface to its altsetting 2022-02-23 18:00:34 +00:00
cinap_lenrek
9cd55a085d nusb/ether: remove csp check for rndis, already done in nusbrc 2022-02-23 17:59:13 +00:00
Sigrid Solveig Haflínudóttir
0e3a955652 libFLAC: update to 1.3.4 2022-02-21 21:11:19 +00:00
cinap_lenrek
065d601916 nusb: Fix handling of interface altsetting.
The altsetting was handled only for a single endpoint
(per interface number), but has to be handled for each
endpoint (per interface *AND* altsetting number).

A multi function device (like a disk) can have
multiple interfaces, all with the same interface number
but varying altsetting numbers and each of these
interfaces would list distict endpoint configurations.

Multiple interfaces can even share some endpoints (they
use the same endpoint addresses), but
we still have to duplicate them for each
interface+altsetting number (as they'r part of
actually distict interfaces with distict endpoint
configurations).

It is also important to *NOT* make endpoints bi-directional
(dir == Eboth) when only one direction is used in a
interface/altsetting and the other direction in another.
This was the case for nusb/disk with some seagate drive
where endpoints where shared between the UAS and
usb storage class interface (but with distict altsettings).

The duplicate endpoints (as in using the same endpoint address)
are chained together by a next pointer and the head
is stored in Usbdev.ep[addr], where addr is the endpoint
address. These Ep structures will have distinct endpoint
numbers Ep.id (when they have conflicting types), but all
will share the endpoint address (lower 4 bits of the
endpoint number).

The consequence is that all of the endpoints configuration
(attributes, interval) is now stored in the Ep struct and
no more Altc struct is present.

A pointer to the Ep struct has to be passed to openep()
for it to configure the endpoint.

For the Iface struct, we will now create multiple of them:
one for each interface *AND* altsetting nunber,
chained together on a next pointer and the head being
stored in conf->iface[ifaceid].

--
cinap
2022-02-21 19:50:16 +00:00
cinap_lenrek
14bb9734a6 usbxhci: endpoint address needs to be masked with Epmax from endpoint number 2022-02-21 18:46:47 +00:00
cinap_lenrek
4b637a24f9 devbridge: implement experimental vlan support 2022-02-16 22:38:03 +00:00
cinap_lenrek
7289f371a0 devip: dont hold ifc wlock during medium bind/unbind
Wlock()'ing the ifc causes a deadlock with Medium
bind/unbind as the routine can walk /net, while
ndb/dns or ndb/cs are currently blocked enumerating
/net/ipifc/*.

The fix is to have a fake medium, called "unbound",
that is set temporarily during the call of Medium
bind and unbind.

That way, the interface rwlock can be released while
bind/unbind is in progress.

The ipifcunbind() routine will refuse to unbind a
ifc that is currently assigned to the "unbound"
medium, preventing any accidents.
2022-02-16 22:31:31 +00:00
cinap_lenrek
755880b19f rc: fix globbing with lists (thanks qwx)
Pattern matching with lists no longer works:

	; ls /tmp/*.c
	/tmp/npage.c
	/tmp/pagedebug.c
	/tmp/pageold.c
	/tmp/scheduler.c
	/tmp/writeimagetest.c
	; ls /tmp/^(*.c)
	ls: /tmp/*.c: '/tmp/*.c' directory entry not found
	; 9fs dump
	; bind /n/dump/2021/1002/amd64/bin/rc /bin/rc
	; rc
	; ls /tmp/^(*.c)
	/tmp/npage.c
	/tmp/pagedebug.c
	/tmp/pageold.c
	/tmp/scheduler.c
	/tmp/writeimagetest.c

the fix:

we have to propagate the glob attribute thru lists
as well. before it was only handled for single words
and propagated thru concatenations...

the Xglob instruction now works on list, and we
propagate the glob attribute thru PAREN and WORDS
and ARGLIST nodes.

also, avoid using negative numbers for the Tree.glob
field as char might be unsigned on some targets.
2022-02-16 18:07:21 +00:00
Michael Forney
5c96a51f3a nusb/serial: fix pl2303 usbcmd error checks
Since e0087b2a, usbcmd with Rh2d returns the size of the data stage
(excluding the setup packet), so adjust the expected return values
accordingly.
2022-01-01 22:51:18 +00:00
Igor Böhm
5d69d42ee3 git(1): fix quotes in git/conf example 2021-12-15 22:45:59 +00:00
Tobias Heinicke
53fb93e64a delete import, oexportfs src 2021-12-14 19:39:59 +00:00
qwx
af561602ea aux/wacom: fix race in read queue
this fixes `no concurrent reads, please' errors when using
aux/wacom with aux/tablet on eg. x61t
2021-12-14 23:54:05 +00:00
Ori Bernstein
7efbea82c6 devssl, cpu, import, oexportfs: delete
SSL is implemented by devssl. It's extremely
obsolete by now, and is not used anywhere but
cpu, import, and oexportfs.

This change strips out the devssl bits, but
does not (yet) remove the code from libsec.
2021-12-13 02:17:02 +00:00
qwx
b4d4cf69be vga/igfx: add missing pci did's for hwblank for known mobile models 2021-12-08 09:52:07 +00:00
Ori Bernstein
3710ed60fd git: fully init objq
we were leaving objq.best uninitialized, and
would therefore read garbage if we didn't
find a best match.
2021-12-08 00:20:32 +00:00
cinap_lenrek
be0b39f9c5 acmed(8), rsa(8): add role=client attribute to rsa keys 2021-12-06 15:40:18 +00:00
Humm
69249e8313 troff: we are not htmlroff
If we don’t explicitly check for ‘h’ in troff, we can’t reliably check
for non-htmlroff well.

Consider the following:

	.if h \{\
	.	de M
	.		tm m
	..\}

Without this change, this will print m and not define macro M.
2021-11-24 19:56:44 +00:00
Ori Bernstein
f0adfb4ded git: improve pack cache heuristics
the pack cache was very stupid: it would close packs
as early as possible, which would prevent packs from
getting reused effectively. It would also select a
bad pack to close.

This picks the oldest pack, refcounts correctly, and
keeps up to Npackcache open at once (though it will
go over if more are in use).
2021-12-05 00:13:54 +00:00
cinap_lenrek
5465c4c01a netaudit: simplify 2021-12-01 21:59:22 +00:00
cinap_lenrek
efd4d75082 netaudio: fix auth check, can have multiple auth servers! 2021-12-01 21:53:18 +00:00
cinap_lenrek
43eb7eea62 netaudit: check for sys= attribute to be free of periods 2021-11-29 20:26:12 +00:00
cinap_lenrek
d3743d40c2 netaudit, ndb(6): the dom= attribute in ndb should be specified without the trailing period 2021-11-29 20:07:04 +00:00
cinap_lenrek
78c7ad88ff kernel: add extra negative and power-of-two check to pcibarsize() 2021-11-26 21:47:15 +00:00
cinap_lenrek
2a531d444c aux/vga: use vlong for pci bar size 2021-11-26 20:55:58 +00:00
cinap_lenrek
20ea113790 kernel: support large 64-bit pci membars, increase pc64 VMAPSIZE to 1TB
This makes vmap()/vunmap() take a vlong size argument,
and change the type of Pci.mem[].size to vlong as well.

Even if vmap() wont support large mappings, it is nice to
get the original unruncated value for error checking.

pc64 needs a bigger VMAP window, as system76 pangolin
puts the framebuffer at a physical address > 512GB.
2021-11-26 20:51:45 +00:00
Sigrid Solveig Haflínudóttir
add3a0a4da aescbc: flush before exit and report an error (if any) 2021-11-25 21:42:12 +00:00
glenda
e2a8d3493a /rc/bin/rc-httpd/{rc-httpd, handlers/error}: do some minimal sanitization on $SERVER_NAME before handing it off to select-handler. this prevents malformed Host: headers from retrieving arbitrary files from the file system. (thanks, Lightning) 2021-11-21 23:42:13 +00:00
Igor Böhm
a27afe904d prep(8): fix typos, wording, and formating 2021-11-21 22:45:51 +00:00