Re: bpf proto filter sign

2017-05-24 Thread Todd C. Miller
On Wed, 24 May 2017 18:00:22 +0200, Alexander Bluhm wrote: > When using "tcpdump proto 128" the filter never matches. Protocols > up to 127 work fine. It is a sign extension bug in bpf. m_data > is signed. OK millert@ - todd

bpf proto filter sign

2017-05-24 Thread Alexander Bluhm
Hi, When using "tcpdump proto 128" the filter never matches. Protocols up to 127 work fine. It is a sign extension bug in bpf. m_data is signed. ok? bluhm Index: net/bpf.c === RCS file: /data/mirror/openbsd/cvs/src/sys/net/bpf.c

Re: EFI header file for kernel

2017-05-24 Thread Mike Larkin
On Wed, May 24, 2017 at 11:14:43AM +0200, Mark Kettenis wrote: > We're going to need some EFI/UEFI support code in the kernel, i.e. to > parse the EFI memory map and to call runtime services to get/set the > RTC. I don't think we want to use the full set of headers that we use > for the bootloader

pf IPv4 authentication header

2017-05-24 Thread Alexander Bluhm
Hi, In pf IPv4 and IPv6 behave differently regarding AH extension headers. pf_walk_header6() steps over it and detects the real protocol. So my idea is to implement a minimal header walking function pf_walk_header() for IPv4. It does the header checks and jumps over AH. Then pf does not unders

Re: tcpdump -vi pflog0 now prints [uid 4294967295, pid 100000]

2017-05-24 Thread Alexander Bluhm
On Wed, May 24, 2017 at 01:02:03PM +0200, Matthias Pitzl wrote: > Just noticed that the messages a tcpdump -nvi pflog0 prints contain [uid > 4294967295, pid 10]. Cause is a change to NO_PID in sys/proc.h by > guenther@ > which was not synced to tcpdump's print-pflog.c. > The follwoing patch fi

tcpdump -vi pflog0 now prints [uid 4294967295, pid 100000]

2017-05-24 Thread Matthias Pitzl
Hello, Just noticed that the messages a tcpdump -nvi pflog0 prints contain [uid 4294967295, pid 10]. Cause is a change to NO_PID in sys/proc.h by guenther@ which was not synced to tcpdump's print-pflog.c. The follwoing patch fixes the problem. -- Matthias Index: print-pflog.c ===

EFI header file for kernel

2017-05-24 Thread Mark Kettenis
We're going to need some EFI/UEFI support code in the kernel, i.e. to parse the EFI memory map and to call runtime services to get/set the RTC. I don't think we want to use the full set of headers that we use for the bootloaders. Instead I propose we add a header that just defines the few bits we

freezero(3) for encrypt(1)

2017-05-24 Thread Ricardo Mestre
Hi, Use freezero instead of explicit_bzero+free on encrypt. OK? Index: encrypt.c === RCS file: /cvs/src/usr.bin/encrypt/encrypt.c,v retrieving revision 1.46 diff -u -p -u -r1.46 encrypt.c --- encrypt.c 3 May 2017 09:51:39 -

Enable pledge(2) on pflogd(8)'s priv proc

2017-05-24 Thread Ricardo Mestre
Hi, pledge(2) bpf has been in use for some time now on tcpdump(8), this will enable it also for pflogd(8)'s priv proc. OK? Index: privsep.c === RCS file: /cvs/src/sbin/pflogd/privsep.c,v retrieving revision 1.24 diff -u -p -u -r1.24