cinap_lenrek [Sun, 27 May 2018 21:03:38 +0000 (23:03 +0200)]
9boot: detect SYSLINUX "memdisk" and pass to kernel via ramdisk0= parameter
this makes virtual "memdisk" from SYSLINUX accessible to
the kernel, allowing the iso to be loaded via TFTP and
started without any ethernet or disk drivers available.
cinap_lenrek [Sun, 27 May 2018 20:59:19 +0000 (22:59 +0200)]
sdram: experimental ramdisk driver
this driver makes regions of physical memory accessible as a disk.
to use it, ramdiskinit() has to be called before confinit(), so
that conf.mem[] banks can be reserved. currently, only pc and pc64
kernel use it, but otherwise the implementation is portable.
ramdisks are not zeroed when allocated, so that the contents are
preserved across warm reboots.
to not waste memory, physical segments do not allocate Page structures
or populate the segment pte's anymore. theres also a new SG_CHACHED
attribute.
cinap_lenrek [Mon, 21 May 2018 17:23:54 +0000 (19:23 +0200)]
pc64: fix fpu bug
fpurestore() unconditionally changed fpstate to FPinactive when
the kernel used the FPU. but in the FPinit case, the registers are
not saved by mathemu(), resulting in all zero initialized registers
being loaded once userspace uses the FPU so the process would have
wrong MXCR value.
the index overflow check was wrong with using shifted value.
cinap_lenrek [Sun, 20 May 2018 20:49:24 +0000 (22:49 +0200)]
separate MSCHAP(v2) and NTLM(v2) authentication
due to linux omiting the final Z(4) in the NTLMv2 reply, and
the need for the windom for LMv2 authentication, here is a new
AuthNTLM ticket request now with length and dom fields.
cinap_lenrek [Sat, 19 May 2018 14:40:01 +0000 (16:40 +0200)]
cifsd: fix ntlmv2 authentication
in ntlmv2, the client will retry the challenge response trying a bunch
of different domain names assuming the same server challenge. so we have
to make retries work with factotum and the auth server.
also, windows 7 with compatlevel=4 sends all zeros LM response.
cinap_lenrek [Wed, 16 May 2018 19:41:42 +0000 (21:41 +0200)]
ndb/cs: prevent deadlock with ndb/cs by mounting /srv/dns *AFTER* /net
the dnsquery() library function should not start mouting /srv/dns on
its own. this problem arrises only for ndb/cs as it is started before
ndb/dns.
the issue with mounting /srv/dns before /net is when ndb/cs attempts
to read the list of interfaces, accessing /net/ipifc, which triggers
a rpc to ndb/dns as it is ontop of the mount. this can yield a deadlock
when ndb/dns blocks its 9p loop waiting for requests to complete on
a refresh and the requests are stuck waiting for ndb/cs to translate
a dial string for announce().
cinap_lenrek [Fri, 11 May 2018 20:37:28 +0000 (22:37 +0200)]
ndb/dns: lookup *all* entries in dblookup(), v4 and v6 queries in parallel, remove weigthed timeouts
dblookup() used to only return the first matching entry. in
case of ipv6, we want all entries returned to get both v4
and v6 addresses... and these might not neccesarily be in
the same entry (see /lib/ndb/common). note also this makes
it behave the same as in cachedb mode which reads in the
whole database.
we do not know if v4 or v6 routing works, so the simplest
is just to query v4 and v6 nameservers in parallel. this is
done by changing serveraddrs() to return one address type,
and we make sure to get at least one v4 and one v6 address
each round.
get rid of the weigthed timeout code... there where too many
assumptions. instead, we give a round 500ms timeout (or 1 second
in patient mode) and honor the maximum query time.
cinap_lenrek [Tue, 1 May 2018 21:32:28 +0000 (23:32 +0200)]
ip/ipconfig: populate /net/ndb from v6 router advertisements, configure multiple addresses in ndbconfig()
we now update /net/ndb with the following information gathered
from router advertisements (rfc6106 and plan9 specific options):
- recursive dns servers (option 25, ndb: dns=)
- dns search list (option 31, ndb: dnsdomain=)
- plan9 fileserver (option 250, ndb: fs=)
- plan9 authserver (option 251, ndb: auth=)
note the plan9 specific options can be disabled with the -G flag.
for ndbconfig (-N flag), we now collect all ip addresses in ndb
belonging to the devices mac address and configue them all. v6
addresses are getting added when a link local address exists
or the -6 flag has been specified to automatically configure one.
move the dhcp code in its own dhcp.c file and make symbols static
that are not used across modules.
cinap_lenrek [Tue, 1 May 2018 20:17:27 +0000 (22:17 +0200)]
ndb/cs: fix crash in ndbredorder due to ndbnew() not maintaining the ->line ring
we have to maintain the ->line chain for ndbreorder() to work, so add
a little helper: ndbline() which replicates the ->entry chain and links
the last tuple to the first; makeing the whole list into a single line.
there appears to be confusion about the refresh flag of arpenter().
when we get an arp reply, it makes more sense to just refresh
waiting/existing entries instead creating a new one as we do not
know if we are going to communicate with the remote host in the future.
when we see an arp request for ourselfs however, we want to always
enter the senders address into the arp cache as it is likely the sender
attempts to communicate with us and with the arp entry, we can reply
immidiately.
reject senders from multicast/broadcast mac addresses. thats just silly.
we can get rid of the multicast/broadcast ip checks in ethermedium and
do it in arpenter() instead, checking the route type for the target to
see if its a non unicast target.
enforce strict separation of interface's arp entries by passing a
rlock'd ifc explicitely to arpenter, which we compare against the route
target interface. this makes sure arp/ndp replies only affect entries for
the receiving interface.
handle neighbor solicitation retransmission in nbsendsol() only. that is,
both ethermedium and the rxmitproc just call nbsendsol() which maintains
the timers and counters and handles the rotation on the re-transmission
chain.
devip: verify ifcid on routehint check, check Route.ref for free'd routes
v4lookup() and v6lookup() do not acquire the routelock, so it is
possible to hit routes that are on the freelist. to detect these,
we set ref to 0 and check for this case, avoiding overriding the ifc.
re-evaluate routes when the ifcid on the route hint doesnt match.