CVS commit: src/sys/dev/pci
Module Name:src Committed By: mrg Date: Thu Apr 11 05:06:54 UTC 2019 Modified Files: src/sys/dev/pci: pcidevs.h pcidevs_data.h Log Message: regen. To generate a diff of this commit: cvs rdiff -u -r1.1356 -r1.1357 src/sys/dev/pci/pcidevs.h cvs rdiff -u -r1.1355 -r1.1356 src/sys/dev/pci/pcidevs_data.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. diffs are larger than 1MB and have been omitted
CVS commit: src/sys/dev/pci
Module Name:src Committed By: mrg Date: Thu Apr 11 04:59:49 UTC 2019 Modified Files: src/sys/dev/pci: pcidevs Log Message: fix a couple of errors in the previous. To generate a diff of this commit: cvs rdiff -u -r1.1368 -r1.1369 src/sys/dev/pci/pcidevs Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pcidevs diff -u src/sys/dev/pci/pcidevs:1.1368 src/sys/dev/pci/pcidevs:1.1369 --- src/sys/dev/pci/pcidevs:1.1368 Thu Apr 11 04:56:54 2019 +++ src/sys/dev/pci/pcidevs Thu Apr 11 04:59:49 2019 @@ -1,4 +1,4 @@ -$NetBSD: pcidevs,v 1.1368 2019/04/11 04:56:54 mrg Exp $ +$NetBSD: pcidevs,v 1.1369 2019/04/11 04:59:49 mrg Exp $ /* * Copyright (c) 1995, 1996 Christopher G. Demetriou @@ -1755,7 +1755,7 @@ product ATI RADEON_RX_460_HDA 0xaae0 Rad product ATI RADEON_RX_550_HDA 0xaae8 Radeon R9 Nano, FURY HD Audio Controller product ATI RADEON_RX_470_HDA 0xaaf0 Radeon RX 470/480/570/580/590 HD Audio Controller product ATI RADEON_VEGA56_HDA 0xaaf8 Radeon Vega 56/64 -product ATI RADEON_RX_550_HDA 0xab00 Radeon RX 550/640SP/560/560X HD Audio Controller +product ATI RADEON_RX_550_HDA2 0xab00 Radeon RX 550/640SP/560/560X HD Audio Controller /* Auravision products */ product AURAVISION VXP524 0x01f7 VxP524 PCI Video Processor @@ -2789,7 +2789,7 @@ product MARVELL2 88SE9172_2 0x917a 88SE9 product MARVELL2 88SE9182 0x9182 88SE9182 SATA Controller product MARVELL2 88SE9183 0x9183 88SE9183 SATA Controller product MARVELL2 88SE91XX 0x91a3 88SE91XX SATA Controller -product MARVELL2 88SE912X 0x91a4 88SE912X IDE Controller +product MARVELL2 88SE912X_2 0x91a4 88SE912X IDE Controller product MARVELL2 88SE9215 0x9215 88SE9215 SATA Controller product MARVELL2 88SE9220 0x9220 88SE9220 SATA Controller product MARVELL2 88SE9230 0x9230 88SE9230 SATA Controller @@ -4401,7 +4401,7 @@ product INTEL XE5_V3_RQPI_PM_2 0x2f37 Xe product INTEL XE7_V4_QPI_LINK2 0x2f40 Xeon E7 v4 QPI Link 2 product INTEL XE7_V4_RQPI_RING 0x2f41 Xeon E7 v4 QPI Ring Interface product INTEL XE5_V3_IMC1_MAIN 0x2f68 Xeon E5 v3 IMC Main -product INTEL XE5_V3_HA0 0x2f60 Xeon E7 v3/Xeon E5 v3/Core i7 Home Agent 1 +product INTEL XE5_V3_HA1 0x2f60 Xeon E7 v3/Xeon E5 v3/Core i7 Home Agent 1 product INTEL XE5_V3_ICM1_TATRR 0x2f68 Xeon E7 v3/Xeon E5 v3/Core i7 Integrated Memory Controller 1 Target Address, Thermal & RAS Registers product INTEL XE5_V3_IMC1_TADR1 0x2f6a Xeon E5 v3 IMC Ch 0-1 Target Address Decode Registers product INTEL XE5_V3_IMC1_TADR2 0x2f6b Xeon E5 v3 IMC Ch 0-1 Target Address Decode Registers @@ -4470,7 +4470,7 @@ product INTEL XE5_V3_UC_REG3 0x2fe2 Xeo product INTEL XE5_V3_UC_REG4 0x2fe3 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers product INTEL XE5_V3_UC_REG5 0x2fe4 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers product INTEL XE5_V3_UC_REG6 0x2fe5 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers -product INTEL XE5_V3_UC_REG8 0x2fe6 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers +product INTEL XE5_V3_UC_REG7 0x2fe6 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers product INTEL XE5_V3_UC_REG8 0x2fe7 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers product INTEL XE5_V3_UC_REG9 0x2fe8 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers product INTEL XE5_V3_UC_REG10 0x2fe9 Xeon E7 v3/Xeon E5 v3/Core i7 Unicast Registers
CVS commit: src/sys/dev/pci
Module Name:src Committed By: mrg Date: Thu Apr 11 04:56:54 UTC 2019 Modified Files: src/sys/dev/pci: pcidevs Log Message: add a bunch of PCI devices on my systems, and a bunch of similar ones found in the same sources online (mostly, Intel, AMD, Nvidia and ASMedia web sites.) this includes: - bunch of xeon e5 v3 devices - bunch of radeon chipsets - bunch of nvidia chipsets - bunch of marvell chipsets - bunch of asmedia chipsets be more consistent with device naming within some groups. To generate a diff of this commit: cvs rdiff -u -r1.1367 -r1.1368 src/sys/dev/pci/pcidevs Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pcidevs diff -u src/sys/dev/pci/pcidevs:1.1367 src/sys/dev/pci/pcidevs:1.1368 --- src/sys/dev/pci/pcidevs:1.1367 Fri Mar 8 03:44:19 2019 +++ src/sys/dev/pci/pcidevs Thu Apr 11 04:56:54 2019 @@ -1,4 +1,4 @@ -$NetBSD: pcidevs,v 1.1367 2019/03/08 03:44:19 msaitoh Exp $ +$NetBSD: pcidevs,v 1.1368 2019/04/11 04:56:54 mrg Exp $ /* * Copyright (c) 1995, 1996 Christopher G. Demetriou @@ -1291,7 +1291,11 @@ product ASMEDIA ASM1061_12 0x0612 ASM106 product ASMEDIA ASM1042 0x1042 ASM1042 USB 3.0 Host Controller product ASMEDIA ASM1083 0x1080 ASM1083/1085 PCIe-PCI Bridge product ASMEDIA ASM1042A 0x1142 ASM1042A USB 3.0 Host Controller +product ASMEDIA ASM1182 0x1182 ASM1182E PCIE Bridge Controller +product ASMEDIA ASM1184 0x1184 ASM1184E PCIE Bridge Controller product ASMEDIA ASM1142 0x1242 ASM1142 USB 3.1 Host Controller +product ASMEDIA ASM1143 0x1343 ASM1143 USB 3.1 Host Controller +product ASMEDIA ASM2142 0x2142 ASM2142 USB 3.1 Host Controller /* Asustek products */ product ASUSTEK HFCPCI 0x0675 ISDN @@ -1725,14 +1729,33 @@ product ATI RADEON_HD6320 0x9806 Radeon product ATI RADEON_HD7340 0x9808 Radeon HD7340 Graphics product ATI RADEON_HDMI_DP_AUDIO 0x9840 HDMI/DP Audio product ATI RADEON_R2_R3_R3E_R4 0x9854 Radeon R2/R3/R4 Graphics -product ATI RADEON_HD2600_HD 0xaa08 Radeon HD2600 HD Audio Controller +product ATI RADEON_HD2900_HDA 0xaa00 Radeon HD 2900 HD Audio Controller +product ATI RADEON_HD3650_HDA 0xaa01 Radeon HD 3650/3730/3750 HD Audio Controller +product ATI RADEON_HD2600_HDA 0xaa08 Radeon HD 2600 HD Audio Controller +product ATI RADEON_HD2350_HDA 0xaa10 Radeon HD 2350PRO/2400PRO/2400XT/3410 HD Audio Controller +product ATI RADEON_HD3690_HDA 0xaa18 Radeon HD 3690/3800 HD Audio Controller +product ATI RADEON_HD36XX_HDA 0xaa20 Radeon HD 3650/3730/3750 HD Audio Controller product ATI RADEON_HD34XX_HDA 0xaa28 Radeon HD 34xx HD Audio Controller -product ATI RADEON_HD4350_HD 0xaa38 Radeon HD4350 HD Audio Controller -product ATI RADEON_HD5600_HDMI 0xaa60 Redwood HDMI Audio -product ATI RADEON_HD54XX_HDA 0xaa68 Radeon HD 54xx Audio -product ATI RADEON_HD7700_HDA 0xaab0 Radeon HD 7700 HD Audio -product ATI RADEON_RX460_HDA 0xaae0 Radeon RX460 HD Audio -product ATI RADEON_RX470_HDA 0xaaf0 Radeon RX470 HD Audio +product ATI RADEON_HD4850_HDA 0xaa30 Radeon HD 4850 HD Audio Controller +product ATI RADEON_HD4350_HDA 0xaa38 Radeon HD 4350 HD Audio Controller +product ATI RADEON_HD5830_HDA 0xaa50 Radeon HD 5830/5850/5870/6850/6870 HD Audio Controller +product ATI RADEON_HD5700_HDA 0xaa58 Radeon HD 5700 HD Audio Controller +product ATI RADEON_HD5000_HDA 0xaa60 Radeon HD 5000 HD Audio Controller +product ATI RADEON_HD68XX_HDA 0xaa68 Radeon HD 5400/6300/7300 HD Audio Controller +product ATI RADEON_HD6930_HDA 0xaa80 Radeon HD 6930/6950/6970/6990 HD Audio Controller +product ATI RADEON_HD6790_HDA 0xaa88 Radeon HD 6790/6850/6870/7720 HD Audio Controller +product ATI RADEON_HD6500_HDA 0xaa90 Radeon HD 6500/6600/6700M HD Audio Controller +product ATI RADEON_HD6450_HDA 0xaa98 Radeon HD 6450/7450/8450/8490, R5 230/235/235X HD Audio Controller +product ATI RADEON_HD7870_HDA 0xaaa0 Radeon HD 7870XT/7950/7970 HD Audio Controller +product ATI RADEON_HD7700_HDA 0xaab0 Radeon HD 7700 HD Audio Controller +product ATI RADEON_R7_360_HDA 0xaac0 Radeon R7 360, R9 360 HD Audio Controller +product ATI RADEON_R9_290_HDA 0xaac8 Radeon R9 290/290X, 390/390X HD Audio Controller +product ATI RADEON_R9_285_HDA 0xaad8 Radeon R9 285/380 HD Audio Controller +product ATI RADEON_RX_460_HDA 0xaae0 Radeon RX 460/550/640SP, RX 560/560X HD Audio Controller +product ATI RADEON_RX_550_HDA 0xaae8 Radeon R9 Nano, FURY HD Audio Controller +product ATI RADEON_RX_470_HDA 0xaaf0 Radeon RX 470/480/570/580/590 HD Audio Controller +product ATI RADEON_VEGA56_HDA 0xaaf8 Radeon Vega 56/64 +product ATI RADEON_RX_550_HDA 0xab00 Radeon RX 550/640SP/560/560X HD Audio Controller /* Auravision products */ product AURAVISION VXP524 0x01f7 VxP524 PCI Video Processor @@ -2755,17 +2778,25 @@ product MARVELL MV78260 0x7826 MV78260 product MARVELL MV78460 0x7846 MV78460 SoC Armada XP product MARVELL 88W8660 0x8660 88W8660 SoC Orion1 -product MARVELL2 88SE9120 0x9120 88SE9120 SATA -product
CVS commit: src/sys/dev/ic
Module Name:src Committed By: msaitoh Date: Thu Apr 11 04:50:47 UTC 2019 Modified Files: src/sys/dev/ic: gem.c Log Message: Fix yet another fiber mediachange fix. Not tested. - Don't clear bits other than IFM_[FH]DX. - Always reset PCS when any IFM_[FH]DX bit is changed. To generate a diff of this commit: cvs rdiff -u -r1.115 -r1.116 src/sys/dev/ic/gem.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/ic/gem.c diff -u src/sys/dev/ic/gem.c:1.115 src/sys/dev/ic/gem.c:1.116 --- src/sys/dev/ic/gem.c:1.115 Tue Apr 9 07:23:41 2019 +++ src/sys/dev/ic/gem.c Thu Apr 11 04:50:47 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: gem.c,v 1.115 2019/04/09 07:23:41 msaitoh Exp $ */ +/* $NetBSD: gem.c,v 1.116 2019/04/11 04:50:47 msaitoh Exp $ */ /* * @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: gem.c,v 1.115 2019/04/09 07:23:41 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: gem.c,v 1.116 2019/04/11 04:50:47 msaitoh Exp $"); #include "opt_inet.h" @@ -2570,22 +2570,22 @@ gem_ser_mediachange(struct ifnet *ifp) return 0; } if (s == IFM_1000_SX) { - t = IFM_OPTIONS(sc->sc_mii.mii_media.ifm_media); - if (t == IFM_FDX || t == IFM_HDX) { - if (sc->sc_mii_media != t) { -sc->sc_mii_media = t; -#ifdef GEM_DEBUG -aprint_debug_dev(sc->sc_dev, -"setting media to 1000baseSX-%s\n", -t == IFM_FDX ? "FDX" : "HDX"); + t = IFM_OPTIONS(sc->sc_mii.mii_media.ifm_media) + & (IFM_FDX | IFM_HDX); + if ((sc->sc_mii_media & (IFM_FDX | IFM_HDX)) != t) { + sc->sc_mii_media &= ~(IFM_FDX | IFM_HDX); + sc->sc_mii_media |= t; +#ifdef GEM_DEBUG + aprint_debug_dev(sc->sc_dev, + "setting media to 1000baseSX-%s\n", + t == IFM_FDX ? "FDX" : "HDX"); #endif -if (ifp->if_flags & IFF_UP) { - gem_pcs_stop(sc, 0); - gem_pcs_start(sc); -} + if (ifp->if_flags & IFF_UP) { +gem_pcs_stop(sc, 0); +gem_pcs_start(sc); } - return 0; } + return 0; } return EINVAL; }
CVS commit: src/sys/compat/sys
Module Name:src Committed By: msaitoh Date: Thu Apr 11 04:43:40 UTC 2019 Modified Files: src/sys/compat/sys: sockio.h Log Message: Restore sys/ioccom.h. To generate a diff of this commit: cvs rdiff -u -r1.16 -r1.17 src/sys/compat/sys/sockio.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/sys/sockio.h diff -u src/sys/compat/sys/sockio.h:1.16 src/sys/compat/sys/sockio.h:1.17 --- src/sys/compat/sys/sockio.h:1.16 Thu Apr 11 04:42:08 2019 +++ src/sys/compat/sys/sockio.h Thu Apr 11 04:43:40 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sockio.h,v 1.16 2019/04/11 04:42:08 msaitoh Exp $ */ +/* $NetBSD: sockio.h,v 1.17 2019/04/11 04:43:40 msaitoh Exp $ */ /*- * Copyright (c) 1982, 1986, 1990, 1993, 1994 @@ -32,6 +32,8 @@ #ifndef _COMPAT_SYS_SOCKIO_H_ #define _COMPAT_SYS_SOCKIO_H_ +#include + #define OIFNAMSIZ 16 struct oifreq {
CVS commit: src/sys/compat/sys
Module Name:src Committed By: msaitoh Date: Thu Apr 11 04:42:08 UTC 2019 Modified Files: src/sys/compat/sys: socket.h sockio.h Log Message: Remove unused macro definitions. OK'd by pgoyette. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/sys/compat/sys/socket.h cvs rdiff -u -r1.15 -r1.16 src/sys/compat/sys/sockio.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/sys/socket.h diff -u src/sys/compat/sys/socket.h:1.17 src/sys/compat/sys/socket.h:1.18 --- src/sys/compat/sys/socket.h:1.17 Sun Jan 27 02:08:41 2019 +++ src/sys/compat/sys/socket.h Thu Apr 11 04:42:08 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: socket.h,v 1.17 2019/01/27 02:08:41 pgoyette Exp $ */ +/* $NetBSD: socket.h,v 1.18 2019/04/11 04:42:08 msaitoh Exp $ */ /* * Copyright (c) 1982, 1985, 1986, 1988, 1993, 1994 @@ -46,10 +46,6 @@ #define COMPAT_OSOCK #endif -#ifdef COMPAT_70 -#define COMPAT_SOCKCRED70 -#endif - #else #define COMPAT_OSOCK #endif Index: src/sys/compat/sys/sockio.h diff -u src/sys/compat/sys/sockio.h:1.15 src/sys/compat/sys/sockio.h:1.16 --- src/sys/compat/sys/sockio.h:1.15 Wed Apr 10 04:37:00 2019 +++ src/sys/compat/sys/sockio.h Thu Apr 11 04:42:08 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sockio.h,v 1.15 2019/04/10 04:37:00 msaitoh Exp $ */ +/* $NetBSD: sockio.h,v 1.16 2019/04/11 04:42:08 msaitoh Exp $ */ /*- * Copyright (c) 1982, 1986, 1990, 1993, 1994 @@ -32,30 +32,6 @@ #ifndef _COMPAT_SYS_SOCKIO_H_ #define _COMPAT_SYS_SOCKIO_H_ -#ifdef _KERNEL_OPT - -#include "opt_compat_netbsd.h" -#include "opt_modular.h" - -#include - -#if defined(COMPAT_09) || defined(COMPAT_10) || defined(COMPAT_11) || \ -defined(COMPAT_12) || defined(COMPAT_13) || defined(COMPAT_14) || \ -defined(COMPAT_15) || defined(COMPAT_16) || defined(COMPAT_20) || \ -defined(COMPAT_30) || defined(COMPAT_40) || defined(MODULAR) -#define COMPAT_OIFREQ -#endif - -#if defined(COMPAT_09) || defined(COMPAT_10) || defined(COMPAT_11) || \ -defined(COMPAT_12) || defined(COMPAT_13) || defined(COMPAT_14) || \ -defined(COMPAT_15) || defined(COMPAT_16) || defined(COMPAT_20) || \ -defined(COMPAT_30) || defined(COMPAT_40) || defined(COMPAT_50) || \ -defined(MODULAR) -#define COMPAT_OIFDATA -#endif - -#endif /* _KERNEL_OPT */ - #define OIFNAMSIZ 16 struct oifreq {
CVS commit: src/sys/arch/evbmips/conf
Module Name:src Committed By: simonb Date: Thu Apr 11 04:28:17 UTC 2019 Modified Files: src/sys/arch/evbmips/conf: std.malta Log Message: Generate SREC kernels that YAMON can load. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/sys/arch/evbmips/conf/std.malta Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/evbmips/conf/std.malta diff -u src/sys/arch/evbmips/conf/std.malta:1.8 src/sys/arch/evbmips/conf/std.malta:1.9 --- src/sys/arch/evbmips/conf/std.malta:1.8 Sun Feb 20 07:48:34 2011 +++ src/sys/arch/evbmips/conf/std.malta Thu Apr 11 04:28:17 2019 @@ -1,4 +1,4 @@ -# $NetBSD: std.malta,v 1.8 2011/02/20 07:48:34 matt Exp $ +# $NetBSD: std.malta,v 1.9 2019/04/11 04:28:17 simonb Exp $ machine evbmips mips include "conf/std" # MI standard options @@ -15,6 +15,7 @@ makeoptions CFLAGS+="-mips64" makeoptions AFLAGS+="-mips64" makeoptions DEFTEXTADDR="0x8010" makeoptions BOARDTYPE="malta" +makeoptions NEED_SREC=yes include "arch/evbmips/conf/files.malta"
CVS commit: src/sys/net
Module Name:src Committed By: msaitoh Date: Thu Apr 11 03:07:11 UTC 2019 Modified Files: src/sys/net: if.c Log Message: Remove inclusion of compat/sys/socket.h. It's not required anymore. To generate a diff of this commit: cvs rdiff -u -r1.447 -r1.448 src/sys/net/if.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if.c diff -u src/sys/net/if.c:1.447 src/sys/net/if.c:1.448 --- src/sys/net/if.c:1.447 Sat Mar 23 09:48:04 2019 +++ src/sys/net/if.c Thu Apr 11 03:07:11 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if.c,v 1.447 2019/03/23 09:48:04 pgoyette Exp $ */ +/* $NetBSD: if.c,v 1.448 2019/04/11 03:07:11 msaitoh Exp $ */ /*- * Copyright (c) 1999, 2000, 2001, 2008 The NetBSD Foundation, Inc. @@ -90,7 +90,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.447 2019/03/23 09:48:04 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if.c,v 1.448 2019/04/11 03:07:11 msaitoh Exp $"); #if defined(_KERNEL_OPT) #include "opt_inet.h" @@ -162,7 +162,6 @@ __KERNEL_RCSID(0, "$NetBSD: if.c,v 1.447 #endif #include -#include MALLOC_DEFINE(M_IFADDR, "ifaddr", "interface address"); MALLOC_DEFINE(M_IFMADDR, "ether_multi", "link-level multicast address");
CVS commit: src/sys/arch/evbmips/conf
Module Name:src Committed By: simonb Date: Thu Apr 11 02:01:53 UTC 2019 Modified Files: src/sys/arch/evbmips/conf: files.sbmips Log Message: Be consistent with file^I and include^I. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/arch/evbmips/conf/files.sbmips Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/evbmips/conf/files.sbmips diff -u src/sys/arch/evbmips/conf/files.sbmips:1.2 src/sys/arch/evbmips/conf/files.sbmips:1.3 --- src/sys/arch/evbmips/conf/files.sbmips:1.2 Mon Jul 24 09:56:45 2017 +++ src/sys/arch/evbmips/conf/files.sbmips Thu Apr 11 02:01:53 2019 @@ -1,20 +1,20 @@ -# $NetBSD: files.sbmips,v 1.2 2017/07/24 09:56:45 mrg Exp $ +# $NetBSD: files.sbmips,v 1.3 2019/04/11 02:01:53 simonb Exp $ maxpartitions 8 #maxusers 1 8 64 -file arch/evbmips/sbmips/autoconf.c -file arch/evbmips/sbmips/machdep.c -file arch/evbmips/sbmips/console.c -file arch/evbmips/sbmips/disksubr.c -file arch/evbmips/sbmips/systemsw.c - -file arch/evbmips/sbmips/sb1250_icu.c - -file arch/mips/cfe/cfe_api.c -file arch/mips/mips/mips3_clock.c -file arch/mips/mips/bus_dma.c +file arch/evbmips/sbmips/autoconf.c +file arch/evbmips/sbmips/machdep.c +file arch/evbmips/sbmips/console.c +file arch/evbmips/sbmips/disksubr.c +file arch/evbmips/sbmips/systemsw.c + +file arch/evbmips/sbmips/sb1250_icu.c + +file arch/mips/cfe/cfe_api.c +file arch/mips/mips/mips3_clock.c +file arch/mips/mips/bus_dma.c ### ### MI device inclusion @@ -24,24 +24,24 @@ file arch/mips/mips/bus_dma.c include "external/bsd/sljit/conf/files.sljit" # Machine-independent I2O drivers. -include "dev/i2o/files.i2o" +include "dev/i2o/files.i2o" # Machine-independent SCSI drivers -include "dev/scsipi/files.scsipi" +include "dev/scsipi/files.scsipi" # Machine-independent ATA drivers -include "dev/ata/files.ata" +include "dev/ata/files.ata" # Memory Disk file dev/md_root.c memory_disk_hooks # ISA Bus support -include "dev/pci/files.pci" # XXX some ISA devs are 'at pci' too. -include "dev/isa/files.isa" +include "dev/pci/files.pci" # XXX some ISA devs are 'at pci' too. +include "dev/isa/files.isa" # XXXCGD machdep isa files # PC Keyboard Controller support -include "dev/pckbport/files.pckbport" +include "dev/pckbport/files.pckbport" # XXXCGD lots of junk isa devices, e.g. fd @@ -78,7 +78,7 @@ attach pcic at pci with pcic_pci file dev/pci/i82365_pci.c pcic_pci # PCIC pcmcia controller on PnP board -attach pcic at isapnp with pcic_isapnp +attach pcic at isapnp with pcic_isapnp file dev/isapnp/i82365_isapnp.c pcic_isapnp # Code common to ISA and ISAPnP attachments @@ -93,7 +93,7 @@ file dev/isa/i82365_isasubr.c pcic_isa | # # Machine-independent USB device support # -include "dev/usb/files.usb" +include "dev/usb/files.usb" ### ### SBMIPS DEVICES
CVS commit: src/sys/arch/evbmips/sbmips
Module Name:src Committed By: simonb Date: Thu Apr 11 01:53:41 UTC 2019 Modified Files: src/sys/arch/evbmips/sbmips: sb1250_icu.c Log Message: Force all devices to IPL_VM. For some reason serial interrupts at SPL_SERIAL (SPL_HIGH) wedge. Gets sbmips to ~multiuser (usually with a bunch of segfaults). Possibly a gross hack, but not sure the current code ever worked... To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/arch/evbmips/sbmips/sb1250_icu.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/evbmips/sbmips/sb1250_icu.c diff -u src/sys/arch/evbmips/sbmips/sb1250_icu.c:1.2 src/sys/arch/evbmips/sbmips/sb1250_icu.c:1.3 --- src/sys/arch/evbmips/sbmips/sb1250_icu.c:1.2 Mon Jul 24 09:56:45 2017 +++ src/sys/arch/evbmips/sbmips/sb1250_icu.c Thu Apr 11 01:53:41 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sb1250_icu.c,v 1.2 2017/07/24 09:56:45 mrg Exp $ */ +/* $NetBSD: sb1250_icu.c,v 1.3 2019/04/11 01:53:41 simonb Exp $ */ /* * Copyright 2000, 2001 @@ -33,7 +33,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sb1250_icu.c,v 1.2 2017/07/24 09:56:45 mrg Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sb1250_icu.c,v 1.3 2019/04/11 01:53:41 simonb Exp $"); #define __INTR_PRIVATE @@ -339,6 +339,16 @@ sb1250_intr_establish(u_int num, u_int i struct sb1250_ihand * const ih = _ihands[num]; const int s = splhigh(); + /* + * XXX simonb + * The swarm wedges hard on first serial interrupt when + * we try to map IPL_SERIAL at a higher priority than + * other device interrupts. For now, just force all + * devices to interrupt at IPL_VM. + * + */ + ipl = IPL_VM; /* XXX */ + if (num >= K_INT_SOURCES) panic("%s: invalid interrupt number (0x%x)", __func__, num); if (ipl >= _IPL_N || ipl < IPL_VM)
CVS commit: src/external/gpl3/gcc/dist/gcc/config/i386
Module Name:src Committed By: mrg Date: Thu Apr 11 00:17:44 UTC 2019 Modified Files: src/external/gpl3/gcc/dist/gcc/config/i386: netbsd-elf.h netbsd64.h Log Message: be sure to keep cc1_cpu the CC1*_SPEC. fixes x86 -mtune=native without killing -cxx-isystem. To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 \ src/external/gpl3/gcc/dist/gcc/config/i386/netbsd-elf.h \ src/external/gpl3/gcc/dist/gcc/config/i386/netbsd64.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/gpl3/gcc/dist/gcc/config/i386/netbsd-elf.h diff -u src/external/gpl3/gcc/dist/gcc/config/i386/netbsd-elf.h:1.10 src/external/gpl3/gcc/dist/gcc/config/i386/netbsd-elf.h:1.11 --- src/external/gpl3/gcc/dist/gcc/config/i386/netbsd-elf.h:1.10 Sat Jan 19 12:10:06 2019 +++ src/external/gpl3/gcc/dist/gcc/config/i386/netbsd-elf.h Thu Apr 11 00:17:44 2019 @@ -41,6 +41,16 @@ along with GCC; see the file COPYING3. #define CPP_SPEC "%(netbsd_cpp_spec)" +/* Provide C11_SPEC/CC1PLUS_SPEC appropriate for NetBSD/i386. */ +#define NETBSD_CC1_CPU_SPEC " %(cc1_cpu) " + +#undef CC1_SPEC +#define CC1_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC NETBSD_CC1_CPU_SPEC + +#undef CC1PLUS_SPEC +#define CC1PLUS_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC NETBSD_CC1_CPU_SPEC + + /* Make gcc agree with */ #undef SIZE_TYPE Index: src/external/gpl3/gcc/dist/gcc/config/i386/netbsd64.h diff -u src/external/gpl3/gcc/dist/gcc/config/i386/netbsd64.h:1.10 src/external/gpl3/gcc/dist/gcc/config/i386/netbsd64.h:1.11 --- src/external/gpl3/gcc/dist/gcc/config/i386/netbsd64.h:1.10 Sat Jan 19 12:10:06 2019 +++ src/external/gpl3/gcc/dist/gcc/config/i386/netbsd64.h Thu Apr 11 00:17:44 2019 @@ -44,6 +44,16 @@ along with GCC; see the file COPYING3. #define CPP_SPEC "%(netbsd_cpp_spec)" +/* Provide C11_SPEC/CC1PLUS_SPEC appropriate for NetBSD/x86-64. */ +#define NETBSD_CC1_CPU_SPEC " %(cc1_cpu) " + +#undef CC1_SPEC +#define CC1_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC NETBSD_CC1_CPU_SPEC + +#undef CC1PLUS_SPEC +#define CC1PLUS_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC NETBSD_CC1_CPU_SPEC + + /* Output assembler code to FILE to call the profiler. */ #undef FUNCTION_PROFILER
CVS commit: src/sys/arch/arm/dts
Module Name:src Committed By: jakllsch Date: Wed Apr 10 23:30:28 UTC 2019 Modified Files: src/sys/arch/arm/dts: rk3399-rockpro64.dts Log Message: Revert RockPro64 dts changes made for rk3399_pcie. This will need to be re-done differently so as to avoid contention between dts upstream and our driver. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/sys/arch/arm/dts/rk3399-rockpro64.dts Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/arm/dts/rk3399-rockpro64.dts diff -u src/sys/arch/arm/dts/rk3399-rockpro64.dts:1.2 src/sys/arch/arm/dts/rk3399-rockpro64.dts:1.3 --- src/sys/arch/arm/dts/rk3399-rockpro64.dts:1.2 Thu Mar 7 00:35:22 2019 +++ src/sys/arch/arm/dts/rk3399-rockpro64.dts Wed Apr 10 23:30:28 2019 @@ -85,18 +85,6 @@ regulator-max-microvolt = <1200>; }; - vcc3v3_pcie: vcc3v3-pcie-regulator { - compatible = "regulator-fixed"; - regulator-min-microvolt = <330>; - regulator-max-microvolt = <330>; - enable-active-high; - gpio = < RK_PD0 GPIO_ACTIVE_HIGH>; - pinctrl-names = "default"; - pinctrl-0 = <_pwr_en>; - regulator-name = "vcc3v3_pcie"; - vin-supply = <_12v>; - }; - vcc1v8_s0: vcc1v8-s0 { compatible = "regulator-fixed"; regulator-name = "vcc1v8_s0"; @@ -864,18 +852,6 @@ <1 14 RK_FUNC_GPIO _pull_down>; }; }; - - pcie { - pcie_pwr_en: pcie-pwr-en { - rockchip,pins = -<1 RK_PD0 RK_FUNC_GPIO _pull_none>; - }; - - pcie_clkreqn: pci-clkreqn { - rockchip,pins = -<2 RK_PD2 RK_FUNC_2 _pull_none>; - }; - }; }; _opp { @@ -896,30 +872,6 @@ }; }; -_phy { - status = "okay"; -}; - - { - assigned-clocks = < SCLK_PCIEPHY_REF>; - assigned-clock-parents = < SCLK_PCIEPHY_REF100M>; - assigned-clock-rates = <1>; - ep-gpios = < RK_PD4 GPIO_ACTIVE_HIGH>; - num-lanes = <4>; - max-link-speed = <2>; - pinctrl-names = "default"; - pinctrl-0 = <_clkreqn>; - vpcie3v3-supply = <_pcie>; - status = "okay"; - bus-range = <0 3>; - ranges = < - 0xc300 0x0 0xf800 0x0 0xf800 0x0 0x200 /* 32M region 0, prefmem */ - 0x8200 0x0 0xfa00 0x0 0xfa00 0x0 0x1c0 /* 28M regions 1-28, mem */ - 0x8100 0x0 0x 0x0 0xfbc0 0x0 0x010 /* 1M region 29, i/o */ - 0x0001 0x0 0x 0x0 0xfbd0 0x0 0x030 /* 3M regions 30-32, config */ - >; -}; - { status = "okay";
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Wed Apr 10 23:14:46 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: typo To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/examples/npf/soho_gw-npf.conf diff -u src/share/examples/npf/soho_gw-npf.conf:1.9 src/share/examples/npf/soho_gw-npf.conf:1.10 --- src/share/examples/npf/soho_gw-npf.conf:1.9 Wed Apr 10 23:13:02 2019 +++ src/share/examples/npf/soho_gw-npf.conf Wed Apr 10 23:14:46 2019 @@ -1,4 +1,4 @@ -# $NetBSD: soho_gw-npf.conf,v 1.9 2019/04/10 23:13:02 sevan Exp $ +# $NetBSD: soho_gw-npf.conf,v 1.10 2019/04/10 23:14:46 sevan Exp $ # # SOHO border # @@ -48,10 +48,10 @@ group "external" on $ext_if { # Passive FTP pass stateful in final proto tcp to $ext_addrs port 49151-65535 - pass stateful in final family inet6 proto tcp to $ext_addrs port 49151-65535 + pass stateful in final family inet6 proto tcp to $ext_addrs6 port 49151-65535 # Traceroute pass stateful in final proto udp to $ext_addrs port 33434-33600 - pass stateful in final family inet6 proto udp to $ext_addrs port 33434-33600 + pass stateful in final family inet6 proto udp to $ext_addrs6 port 33434-33600 } group "internal" on $int_if {
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Wed Apr 10 23:13:02 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Use a separate variable for IPv6. Found with npfctl validate. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/examples/npf/soho_gw-npf.conf diff -u src/share/examples/npf/soho_gw-npf.conf:1.8 src/share/examples/npf/soho_gw-npf.conf:1.9 --- src/share/examples/npf/soho_gw-npf.conf:1.8 Wed Apr 10 23:00:43 2019 +++ src/share/examples/npf/soho_gw-npf.conf Wed Apr 10 23:13:02 2019 @@ -1,4 +1,4 @@ -# $NetBSD: soho_gw-npf.conf,v 1.8 2019/04/10 23:00:43 sevan Exp $ +# $NetBSD: soho_gw-npf.conf,v 1.9 2019/04/10 23:13:02 sevan Exp $ # # SOHO border # @@ -8,7 +8,8 @@ $ext_if = "wm0" $ext_v4 = inet4(wm0) -$ext_addrs = { inet4(wm0), inet6(wm0) } +$ext_addrs = inet4(wm0) +$ext_addrs6 = inet6(wm0) $int_if = "wm1" @@ -42,11 +43,15 @@ group "external" on $ext_if { apply "log" pass stateful in final proto tcp to $ext_addrs port $services_tcp pass stateful in final proto udp to $ext_addrs port $services_udp + pass stateful in final family inet6 proto tcp to $ext_addrs6 port $services_tcp + pass stateful in final family inet6 proto udp to $ext_addrs6 port $services_udp # Passive FTP pass stateful in final proto tcp to $ext_addrs port 49151-65535 + pass stateful in final family inet6 proto tcp to $ext_addrs port 49151-65535 # Traceroute pass stateful in final proto udp to $ext_addrs port 33434-33600 + pass stateful in final family inet6 proto udp to $ext_addrs port 33434-33600 } group "internal" on $int_if {
CVS commit: src/share/examples/npf
Module Name:src Committed By: sevan Date: Wed Apr 10 23:00:43 UTC 2019 Modified Files: src/share/examples/npf: soho_gw-npf.conf Log Message: Switch out deprecated keywords. Found with npfctl validate. To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/share/examples/npf/soho_gw-npf.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/examples/npf/soho_gw-npf.conf diff -u src/share/examples/npf/soho_gw-npf.conf:1.7 src/share/examples/npf/soho_gw-npf.conf:1.8 --- src/share/examples/npf/soho_gw-npf.conf:1.7 Mon Aug 20 20:45:52 2018 +++ src/share/examples/npf/soho_gw-npf.conf Wed Apr 10 23:00:43 2019 @@ -1,4 +1,4 @@ -# $NetBSD: soho_gw-npf.conf,v 1.7 2018/08/20 20:45:52 rjs Exp $ +# $NetBSD: soho_gw-npf.conf,v 1.8 2019/04/10 23:00:43 sevan Exp $ # # SOHO border # @@ -13,9 +13,9 @@ $ext_addrs = { inet4(wm0), inet6(wm0) } $int_if = "wm1" # a table to house e.g. block candidates in -table type hash file "/usr/share/examples/npf/hashtablefile" +table type ipset file "/usr/share/examples/npf/hashtablefile" # feed this using e.g.: npfctl table "int-block" add 198.51.100.16/29 -table type tree dynamic +table type lpm $services_tcp = { http, https, smtp, domain, 6000, 9022 } $services_udp = { domain, ntp, 6000 }
CVS commit: src/lib/librefuse
Module Name:src Committed By: maya Date: Wed Apr 10 21:42:52 UTC 2019 Modified Files: src/lib/librefuse: refuse.c Log Message: Use the equivalent FUSE_VERSION. Probably a more adequately named macro for this To generate a diff of this commit: cvs rdiff -u -r1.99 -r1.100 src/lib/librefuse/refuse.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/librefuse/refuse.c diff -u src/lib/librefuse/refuse.c:1.99 src/lib/librefuse/refuse.c:1.100 --- src/lib/librefuse/refuse.c:1.99 Wed Apr 10 21:38:02 2019 +++ src/lib/librefuse/refuse.c Wed Apr 10 21:42:52 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: refuse.c,v 1.99 2019/04/10 21:38:02 maya Exp $ */ +/* $NetBSD: refuse.c,v 1.100 2019/04/10 21:42:52 maya Exp $ */ /* * Copyright © 2007 Alistair Crooks. All rights reserved. @@ -31,7 +31,7 @@ #include #if !defined(lint) -__RCSID("$NetBSD: refuse.c,v 1.99 2019/04/10 21:38:02 maya Exp $"); +__RCSID("$NetBSD: refuse.c,v 1.100 2019/04/10 21:42:52 maya Exp $"); #endif /* !lint */ #include @@ -1377,5 +1377,5 @@ fuse_unmount_compat22(const char *mp) int fuse_version(void) { - return FUSE_USE_VERSION; + return FUSE_VERSION; }
CVS commit: src/lib/librefuse
Module Name:src Committed By: maya Date: Wed Apr 10 21:38:02 UTC 2019 Modified Files: src/lib/librefuse: fuse.h refuse.3 refuse.c Log Message: provide fuse_version To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/lib/librefuse/fuse.h cvs rdiff -u -r1.13 -r1.14 src/lib/librefuse/refuse.3 cvs rdiff -u -r1.98 -r1.99 src/lib/librefuse/refuse.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/librefuse/fuse.h diff -u src/lib/librefuse/fuse.h:1.22 src/lib/librefuse/fuse.h:1.23 --- src/lib/librefuse/fuse.h:1.22 Sun Nov 20 13:28:32 2016 +++ src/lib/librefuse/fuse.h Wed Apr 10 21:38:02 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: fuse.h,v 1.22 2016/11/20 13:28:32 pho Exp $ */ +/* $NetBSD: fuse.h,v 1.23 2019/04/10 21:38:02 maya Exp $ */ /* * Copyright © 2007 Alistair Crooks. All rights reserved. @@ -163,6 +163,7 @@ int fuse_loop(struct fuse *); struct fuse_context *fuse_get_context(void); void fuse_exit(struct fuse *); void fuse_destroy(struct fuse *); +int fuse_version(void); #if FUSE_USE_VERSION == 22 #define fuse_unmount fuse_unmount_compat22 Index: src/lib/librefuse/refuse.3 diff -u src/lib/librefuse/refuse.3:1.13 src/lib/librefuse/refuse.3:1.14 --- src/lib/librefuse/refuse.3:1.13 Sun Nov 20 13:28:32 2016 +++ src/lib/librefuse/refuse.3 Wed Apr 10 21:38:02 2019 @@ -1,4 +1,4 @@ -.\" $NetBSD: refuse.3,v 1.13 2016/11/20 13:28:32 pho Exp $ +.\" $NetBSD: refuse.3,v 1.14 2019/04/10 21:38:02 maya Exp $ .\" .\" Copyright © 2007 Alistair Crooks. All rights reserved. .\" @@ -26,7 +26,7 @@ .\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS .\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd November 15, 2016 +.Dd April 11, 2019 .Dt REFUSE 3 .Os .Sh NAME @@ -100,6 +100,10 @@ .Fa "struct fuse *fuse" .Fc .Ft int +.Fo fuse_version +.Fa "struct fuse *fuse" +.Fc +.Ft int .Fo puffs_fuse_node_getattr .Fa "const char *path" "struct stat *attrs" .Fc Index: src/lib/librefuse/refuse.c diff -u src/lib/librefuse/refuse.c:1.98 src/lib/librefuse/refuse.c:1.99 --- src/lib/librefuse/refuse.c:1.98 Sun Nov 20 13:28:32 2016 +++ src/lib/librefuse/refuse.c Wed Apr 10 21:38:02 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: refuse.c,v 1.98 2016/11/20 13:28:32 pho Exp $ */ +/* $NetBSD: refuse.c,v 1.99 2019/04/10 21:38:02 maya Exp $ */ /* * Copyright © 2007 Alistair Crooks. All rights reserved. @@ -31,7 +31,7 @@ #include #if !defined(lint) -__RCSID("$NetBSD: refuse.c,v 1.98 2016/11/20 13:28:32 pho Exp $"); +__RCSID("$NetBSD: refuse.c,v 1.99 2019/04/10 21:38:02 maya Exp $"); #endif /* !lint */ #include @@ -1373,3 +1373,9 @@ fuse_unmount_compat22(const char *mp) return; } + +int +fuse_version(void) +{ + return FUSE_USE_VERSION; +}
CVS commit: src/external
Module Name:src Committed By: joerg Date: Wed Apr 10 20:32:56 UTC 2019 Modified Files: src/external/bsd/llvm: link.mk src/external/mit/xorg/lib/gallium: Makefile Log Message: Extend LLVM link.mk to handle librt. Use it in Gallium. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/external/bsd/llvm/link.mk cvs rdiff -u -r1.22 -r1.23 src/external/mit/xorg/lib/gallium/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/llvm/link.mk diff -u src/external/bsd/llvm/link.mk:1.5 src/external/bsd/llvm/link.mk:1.6 --- src/external/bsd/llvm/link.mk:1.5 Sun Sep 29 12:11:59 2013 +++ src/external/bsd/llvm/link.mk Wed Apr 10 20:32:56 2019 @@ -1,7 +1,9 @@ -# $NetBSD: link.mk,v 1.5 2013/09/29 12:11:59 joerg Exp $ +# $NetBSD: link.mk,v 1.6 2019/04/10 20:32:56 joerg Exp $ .include +LLVM_TOPLEVEL:= ${.PARSEDIR} + .if defined(HOSTPROG) LIB_BASE= ${NETBSDSRCDIR}/tools/llvm-lib .else @@ -38,6 +40,12 @@ LDADD+= -L${LLVM_OBJDIR.${l}} -lLLVM${l} DPADD+= ${LLVM_OBJDIR.${l}}/libLLVM${l}.a .endfor +.for l in ${LLVMRT_LIBS} +LLVMRT_OBJDIR.${l}!= cd ${LLVM_TOPLEVEL}/librt/libLLVM${l} && ${PRINTOBJDIR} +LDADD+= ${LLVMRT_OBJDIR.${l}}/libLLVM${l}_pic.a +DPADD+= ${LLVMRT_OBJDIR.${l}}/libLLVM${l}_pic.a +.endfor + .if defined(HOSTPROG) LDADD_NEED_DL= cat ${LLVM_TOOLCONF_OBJDIR}/need-dl 2> /dev/null LDADD_NEED_TERMINFO= cat ${LLVM_TOOLCONF_OBJDIR}/need-terminfo 2> /dev/null Index: src/external/mit/xorg/lib/gallium/Makefile diff -u src/external/mit/xorg/lib/gallium/Makefile:1.22 src/external/mit/xorg/lib/gallium/Makefile:1.23 --- src/external/mit/xorg/lib/gallium/Makefile:1.22 Sun Apr 7 17:31:32 2019 +++ src/external/mit/xorg/lib/gallium/Makefile Wed Apr 10 20:32:56 2019 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.22 2019/04/07 17:31:32 christos Exp $ +# $NetBSD: Makefile,v 1.23 2019/04/10 20:32:56 joerg Exp $ # Link the gallium mega driver. @@ -961,9 +961,7 @@ LIBDPLIBS+= execinfo ${.CURDIR}/../../.. # gallium drivers requiring LLVM .if ${BUILD_LLVMPIPE} == 1 || ${BUILD_RADEON} == 1 -LLVM_LIB_DIR!= cd ${.CURDIR}/../../../../../external/bsd/llvm/librt; ${PRINTOBJDIR} - -LLVM_LIBS= \ +LLVMRT_LIBS= \ TransformsCoroutines \ Passes \ MCJIT \ @@ -971,7 +969,7 @@ LLVM_LIBS= \ RuntimeDyld .if ${BUILD_RADEON} == 1 -LLVM_LIBS+= \ +LLVMRT_LIBS+= \ AMDGPUCodeGen \ AMDGPUMCTargetDesc \ AMDGPUAsmPrinter \ @@ -982,7 +980,7 @@ LLVM_LIBS+= \ .if ${MACHINE_ARCH} == "i386" || ${MACHINE_ARCH} == "x86_64" # XXX duplicates -LLVM_LIBS+= \ +LLVMRT_LIBS+= \ X86Disassembler \ X86CodeGen \ X86MCTargetDesc \ @@ -992,7 +990,7 @@ LLVM_LIBS+= \ X86TargetInfo \ X86Utils .endif -LLVM_LIBS+= \ +LLVMRT_LIBS+= \ GlobalISel \ MCDisassembler \ SelectionDAG \ @@ -1020,12 +1018,7 @@ LLVM_LIBS+= \ TransformsUtils \ Support -.for llvm_library in ${LLVM_LIBS} -dir!= cd ${LLVM_LIB_DIR}/libLLVM${llvm_library}; ${PRINTOBJDIR} -lib= ${dir}/libLLVM${llvm_library}_pic.a -DPADD+= ${lib} -LDADD+= ${lib} -.endfor +.include "${NETBSDSRCDIR}/external/bsd/llvm/link.mk" .endif # ${BUILD_LLVM_PIPE} == 1 || ${BUILD_RADEON} == 1
CVS commit: src/external/gpl3/gcc/dist/gcc/config
Module Name:src Committed By: maya Date: Wed Apr 10 20:06:26 UTC 2019 Modified Files: src/external/gpl3/gcc/dist/gcc/config: netbsd.h src/external/gpl3/gcc/dist/gcc/config/rs6000: netbsd64.h src/external/gpl3/gcc/dist/gcc/config/sparc: netbsd-elf.h Log Message: revert previous To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/external/gpl3/gcc/dist/gcc/config/netbsd.h cvs rdiff -u -r1.20 -r1.21 \ src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h cvs rdiff -u -r1.14 -r1.15 \ src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/gpl3/gcc/dist/gcc/config/netbsd.h diff -u src/external/gpl3/gcc/dist/gcc/config/netbsd.h:1.29 src/external/gpl3/gcc/dist/gcc/config/netbsd.h:1.30 --- src/external/gpl3/gcc/dist/gcc/config/netbsd.h:1.29 Wed Apr 10 16:11:06 2019 +++ src/external/gpl3/gcc/dist/gcc/config/netbsd.h Wed Apr 10 20:06:26 2019 @@ -153,6 +153,16 @@ along with GCC; see the file COPYING3. #define NETBSD_LIBGCC_SPEC "-lgcc" #endif +/* Pass -cxx-isystem to cc1/cc1plus. */ +#define NETBSD_CC1_AND_CC1PLUS_SPEC \ + "%{cxx-isystem}" + +#undef CC1_SPEC +#define CC1_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC + +#undef CC1PLUS_SPEC +#define CC1PLUS_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC + #if defined(HAVE_LD_EH_FRAME_HDR) #define LINK_EH_SPEC "%{!static:--eh-frame-hdr} " #endif Index: src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h diff -u src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h:1.20 src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h:1.21 --- src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h:1.20 Wed Apr 10 16:15:11 2019 +++ src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h Wed Apr 10 20:06:26 2019 @@ -89,6 +89,7 @@ extern int dot_symbols; #undef CC1_OS_NETBSD_SPEC #define CC1_OS_NETBSD_SPEC \ + NETBSD_CC1_AND_CC1PLUS_SPEC \ "%{!m32: %{!mrelocatable: %{!fno-pie: %{!fno-pic: \ %{!fpie: %{!fpic: \ %{!fPIE: %{!fPIC:-fPIC" Index: src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h diff -u src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h:1.14 src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h:1.15 --- src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h:1.14 Wed Apr 10 16:15:11 2019 +++ src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h Wed Apr 10 20:06:26 2019 @@ -142,7 +142,8 @@ along with GCC; see the file COPYING3. %{!mcpu*:%{!mv8plus:-mcpu=ultrasparc}} \ %{!mno-vis:%{!mcpu=v9:-mvis}} \ %{p:-mcmodel=medlow} \ -%{pg:-mcmodel=medlow}} " +%{pg:-mcmodel=medlow}} " \ + NETBSD_CC1_AND_CC1PLUS_SPEC #define CC1_SPEC64 \ "%{m32:%{m64:%emay not use both -m32 and -m64}} \ @@ -152,7 +153,8 @@ along with GCC; see the file COPYING3. %{!mcpu*:%{!mv8plus:-mcpu=cypress}}} \ %{!m32: \ %{p:-mcmodel=medlow} \ - %{pg:-mcmodel=medlow}} " + %{pg:-mcmodel=medlow}} " \ + NETBSD_CC1_AND_CC1PLUS_SPEC #if defined(SPARC_BI_ARCH) || defined(__arch64__) /* add code model specific object to the link line for 64bit */
CVS commit: src/sys/stand/efiboot
Module Name:src Committed By: skrll Date: Wed Apr 10 19:36:04 UTC 2019 Modified Files: src/sys/stand/efiboot: boot.c Log Message: Print bootargs from the environment Pass the enironment boot args if none are provided by the boot command To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/sys/stand/efiboot/boot.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/stand/efiboot/boot.c diff -u src/sys/stand/efiboot/boot.c:1.15 src/sys/stand/efiboot/boot.c:1.16 --- src/sys/stand/efiboot/boot.c:1.15 Fri Jan 18 19:41:03 2019 +++ src/sys/stand/efiboot/boot.c Wed Apr 10 19:36:04 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: boot.c,v 1.15 2019/01/18 19:41:03 skrll Exp $ */ +/* $NetBSD: boot.c,v 1.16 2019/04/10 19:36:04 skrll Exp $ */ /*- * Copyright (c) 2016 Kimihiro Nonaka @@ -137,6 +137,9 @@ command_boot(char *arg) if (!kernel || !*kernel) kernel = DEFFILENAME; + if (!*bootargs) + bootargs = netbsd_args; + exec_netbsd(kernel, bootargs); } @@ -415,7 +418,8 @@ boot(void) for (; currname < (int)NUMNAMES; currname++) { if (currname >= 0) set_bootfile(names[currname]); - printf("booting %s - starting in ", netbsd_path); + printf("booting %s%s%s - starting in ", netbsd_path, + netbsd_args[0] != '\0' ? " " : "", netbsd_args); c = awaitkey(DEFTIMEOUT, 1); if (c != '\r' && c != '\n' && c != '\0')
CVS commit: src/sys/stand/efiboot
Module Name:src Committed By: skrll Date: Wed Apr 10 19:11:42 UTC 2019 Modified Files: src/sys/stand/efiboot: efiboot.c Log Message: Fixup EFIBOT_DEBUG output for non-_LP64 case To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/stand/efiboot/efiboot.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/stand/efiboot/efiboot.c diff -u src/sys/stand/efiboot/efiboot.c:1.13 src/sys/stand/efiboot/efiboot.c:1.14 --- src/sys/stand/efiboot/efiboot.c:1.13 Sat Mar 30 12:47:53 2019 +++ src/sys/stand/efiboot/efiboot.c Wed Apr 10 19:11:42 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: efiboot.c,v 1.13 2019/03/30 12:47:53 jmcneill Exp $ */ +/* $NetBSD: efiboot.c,v 1.14 2019/04/10 19:11:42 skrll Exp $ */ /*- * Copyright (c) 2018 Jared McNeill @@ -42,6 +42,14 @@ EFI_LOADED_IMAGE *efi_li; int howto = 0; +#ifdef _LP64 +#define PRIxEFIPTR "lX" +#define PRIxEFISIZE "lX" +#else +#define PRIxEFIPTR "X" +#define PRIxEFISIZE "X" +#endif + static EFI_PHYSICAL_ADDRESS heap_start; static UINTN heap_size = 8 * 1024 * 1024; static EFI_EVENT delay_ev = 0; @@ -75,10 +83,10 @@ efi_main(EFI_HANDLE imageHandle, EFI_SYS efi_bootdp = NULL; #ifdef EFIBOOT_DEBUG - Print(L"Loaded image : 0x%lX\n", efi_li); - Print(L"FilePath : 0x%lX\n", efi_li->FilePath); - Print(L"ImageBase : 0x%lX\n", efi_li->ImageBase); - Print(L"ImageSize : 0x%lX\n", efi_li->ImageSize); + Print(L"Loaded image : 0x%" PRIxEFIPTR "\n", efi_li); + Print(L"FilePath : 0x%" PRIxEFIPTR "\n", efi_li->FilePath); + Print(L"ImageBase : 0x%" PRIxEFIPTR "\n", efi_li->ImageBase); + Print(L"ImageSize : 0x%" PRIxEFISIZE "\n", efi_li->ImageSize); Print(L"Image file: %s\n", DevicePathToStr(efi_li->FilePath)); #endif
CVS commit: src
Module Name:src Committed By: maxv Date: Wed Apr 10 18:49:04 UTC 2019 Modified Files: src/lib/libnvmm: libnvmm.c nvmm.h src/sys/dev/nvmm: nvmm.c nvmm_internal.h nvmm_ioctl.h src/sys/secmodel/suser: secmodel_suser.c src/sys/sys: kauth.h Log Message: Add the NVMM_CTL ioctl, always privileged regardless of the permissions of /dev/nvmm. We'll use it to provide a way for an admin to control the registered VMs in the kernel. Add an associated wrapper in libnvmm. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/lib/libnvmm/libnvmm.c cvs rdiff -u -r1.7 -r1.8 src/lib/libnvmm/nvmm.h cvs rdiff -u -r1.16 -r1.17 src/sys/dev/nvmm/nvmm.c cvs rdiff -u -r1.8 -r1.9 src/sys/dev/nvmm/nvmm_internal.h cvs rdiff -u -r1.4 -r1.5 src/sys/dev/nvmm/nvmm_ioctl.h cvs rdiff -u -r1.49 -r1.50 src/sys/secmodel/suser/secmodel_suser.c cvs rdiff -u -r1.81 -r1.82 src/sys/sys/kauth.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libnvmm/libnvmm.c diff -u src/lib/libnvmm/libnvmm.c:1.8 src/lib/libnvmm/libnvmm.c:1.9 --- src/lib/libnvmm/libnvmm.c:1.8 Thu Apr 4 17:33:47 2019 +++ src/lib/libnvmm/libnvmm.c Wed Apr 10 18:49:04 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: libnvmm.c,v 1.8 2019/04/04 17:33:47 maxv Exp $ */ +/* $NetBSD: libnvmm.c,v 1.9 2019/04/10 18:49:04 maxv Exp $ */ /* * Copyright (c) 2018 The NetBSD Foundation, Inc. @@ -520,3 +520,24 @@ nvmm_callbacks_register(const struct nvm { memcpy(&__callbacks, cbs, sizeof(__callbacks)); } + +int +nvmm_ctl(int op, void *data, size_t size) +{ + struct nvmm_ioc_ctl args; + int ret; + + if (nvmm_init() == -1) { + return -1; + } + + args.op = op; + args.data = data; + args.size = size; + + ret = ioctl(nvmm_fd, NVMM_IOC_CTL, ); + if (ret == -1) + return -1; + + return 0; +} Index: src/lib/libnvmm/nvmm.h diff -u src/lib/libnvmm/nvmm.h:1.7 src/lib/libnvmm/nvmm.h:1.8 --- src/lib/libnvmm/nvmm.h:1.7 Thu Apr 4 17:33:47 2019 +++ src/lib/libnvmm/nvmm.h Wed Apr 10 18:49:04 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: nvmm.h,v 1.7 2019/04/04 17:33:47 maxv Exp $ */ +/* $NetBSD: nvmm.h,v 1.8 2019/04/10 18:49:04 maxv Exp $ */ /* * Copyright (c) 2018 The NetBSD Foundation, Inc. @@ -99,6 +99,8 @@ int nvmm_assist_io(struct nvmm_machine * int nvmm_assist_mem(struct nvmm_machine *, nvmm_cpuid_t, struct nvmm_exit *); void nvmm_callbacks_register(const struct nvmm_callbacks *); +int nvmm_ctl(int, void *, size_t); + int nvmm_vcpu_dump(struct nvmm_machine *, nvmm_cpuid_t); #endif /* _LIBNVMM_H_ */ Index: src/sys/dev/nvmm/nvmm.c diff -u src/sys/dev/nvmm/nvmm.c:1.16 src/sys/dev/nvmm/nvmm.c:1.17 --- src/sys/dev/nvmm/nvmm.c:1.16 Mon Apr 8 18:30:54 2019 +++ src/sys/dev/nvmm/nvmm.c Wed Apr 10 18:49:04 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: nvmm.c,v 1.16 2019/04/08 18:30:54 maxv Exp $ */ +/* $NetBSD: nvmm.c,v 1.17 2019/04/10 18:49:04 maxv Exp $ */ /* * Copyright (c) 2018-2019 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: nvmm.c,v 1.16 2019/04/08 18:30:54 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: nvmm.c,v 1.17 2019/04/10 18:49:04 maxv Exp $"); #include #include @@ -44,6 +44,7 @@ __KERNEL_RCSID(0, "$NetBSD: nvmm.c,v 1.1 #include #include #include +#include #include #include @@ -64,6 +65,8 @@ static const struct nvmm_impl *nvmm_impl static const struct nvmm_impl *nvmm_impl = NULL; +static struct nvmm_owner root_owner; + /* -- */ static int @@ -82,6 +85,7 @@ nvmm_machine_alloc(struct nvmm_machine * } mach->present = true; + mach->time = time_second; *ret = mach; atomic_inc_uint(); return 0; @@ -116,7 +120,7 @@ nvmm_machine_get(struct nvmm_owner *owne rw_exit(>lock); return ENOENT; } - if (mach->owner != owner) { + if (owner != _owner && mach->owner != owner) { rw_exit(>lock); return EPERM; } @@ -816,6 +820,65 @@ out: /* -- */ static int +nvmm_ctl_mach_info(struct nvmm_ioc_ctl *args) +{ + struct nvmm_ctl_mach_info ctl; + struct nvmm_machine *mach; + struct nvmm_cpu *vcpu; + int error; + size_t i; + + if (args->size != sizeof(ctl)) + return EINVAL; + error = copyin(args->data, , sizeof(ctl)); + if (error) + return error; + + error = nvmm_machine_get(_owner, ctl.machid, , true); + if (error) + return error; + + ctl.nvcpus = 0; + for (i = 0; i < NVMM_MAX_VCPUS; i++) { + error = nvmm_vcpu_get(mach, i, ); + if (error) + continue; + ctl.nvcpus++; + nvmm_vcpu_put(vcpu); + } + ctl.pid = mach->owner->pid; + ctl.time = mach->time; + + nvmm_machine_put(mach); + + error = copyout(, args->data, sizeof(ctl)); + if (error) + return error; + + return 0; +} + +static int +nvmm_ctl(struct nvmm_owner *owner, struct nvmm_ioc_ctl *args) +{ + int error; + + error = kauth_authorize_device(curlwp->l_cred,
CVS commit: src/external/bsd/wpa/dist/src/common
Module Name:src Committed By: christos Date: Wed Apr 10 18:01:08 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/common: sae.c Log Message: Try to avoid showing externally visible timing or memory access differences regardless of whether the derived pwd-value is smaller than the group prime. This is related to CVE-2019-9494. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/bsd/wpa/dist/src/common/sae.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/common/sae.c diff -u src/external/bsd/wpa/dist/src/common/sae.c:1.6 src/external/bsd/wpa/dist/src/common/sae.c:1.7 --- src/external/bsd/wpa/dist/src/common/sae.c:1.6 Wed Apr 10 14:00:45 2019 +++ src/external/bsd/wpa/dist/src/common/sae.c Wed Apr 10 14:01:08 2019 @@ -311,14 +311,17 @@ static int sae_test_pwd_seed_ecc(struct } +/* Returns -1 on fatal failure, 0 if PWE cannot be derived from the provided + * pwd-seed, or 1 if a valid PWE was derived from pwd-seed. */ static int sae_test_pwd_seed_ffc(struct sae_data *sae, const u8 *pwd_seed, struct crypto_bignum *pwe) { u8 pwd_value[SAE_MAX_PRIME_LEN]; size_t bits = sae->tmp->prime_len * 8; u8 exp[1]; - struct crypto_bignum *a, *b; - int res; + struct crypto_bignum *a, *b = NULL; + int res, is_val; + u8 pwd_value_valid; wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN); @@ -330,16 +333,29 @@ static int sae_test_pwd_seed_ffc(struct wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", pwd_value, sae->tmp->prime_len); - if (os_memcmp(pwd_value, sae->tmp->dh->prime, sae->tmp->prime_len) >= 0) - { - wpa_printf(MSG_DEBUG, "SAE: pwd-value >= p"); - return 0; - } + /* Check whether pwd-value < p */ + res = const_time_memcmp(pwd_value, sae->tmp->dh->prime, +sae->tmp->prime_len); + /* pwd-value >= p is invalid, so res is < 0 for the valid cases and + * the negative sign can be used to fill the mask for constant time + * selection */ + pwd_value_valid = const_time_fill_msb(res); + + /* If pwd-value >= p, force pwd-value to be < p and perform the + * calculations anyway to hide timing difference. The derived PWE will + * be ignored in that case. */ + pwd_value[0] = const_time_select_u8(pwd_value_valid, pwd_value[0], 0); /* PWE = pwd-value^((p-1)/r) modulo p */ + res = -1; a = crypto_bignum_init_set(pwd_value, sae->tmp->prime_len); + if (!a) + goto fail; + /* This is an optimization based on the used group that does not depend + * on the password in any way, so it is fine to use separate branches + * for this step without constant time operations. */ if (sae->tmp->dh->safe_prime) { /* * r = (p-1)/2 for the group used here, so this becomes: @@ -353,33 +369,34 @@ static int sae_test_pwd_seed_ffc(struct b = crypto_bignum_init_set(exp, sizeof(exp)); if (b == NULL || crypto_bignum_sub(sae->tmp->prime, b, b) < 0 || - crypto_bignum_div(b, sae->tmp->order, b) < 0) { - crypto_bignum_deinit(b, 0); - b = NULL; - } + crypto_bignum_div(b, sae->tmp->order, b) < 0) + goto fail; } - if (a == NULL || b == NULL) - res = -1; - else - res = crypto_bignum_exptmod(a, b, sae->tmp->prime, pwe); - - crypto_bignum_deinit(a, 0); - crypto_bignum_deinit(b, 0); + if (!b) + goto fail; - if (res < 0) { - wpa_printf(MSG_DEBUG, "SAE: Failed to calculate PWE"); - return -1; - } + res = crypto_bignum_exptmod(a, b, sae->tmp->prime, pwe); + if (res < 0) + goto fail; - /* if (PWE > 1) --> found */ - if (crypto_bignum_is_zero(pwe) || crypto_bignum_is_one(pwe)) { - wpa_printf(MSG_DEBUG, "SAE: PWE <= 1"); - return 0; - } + /* There were no fatal errors in calculations, so determine the return + * value using constant time operations. We get here for number of + * invalid cases which are cleared here after having performed all the + * computation. PWE is valid if pwd-value was less than prime and + * PWE > 1. Start with pwd-value check first and then use constant time + * operations to clear res to 0 if PWE is 0 or 1. + */ + res = const_time_select_u8(pwd_value_valid, 1, 0); + is_val = crypto_bignum_is_zero(pwe); + res = const_time_select_u8(const_time_is_zero(is_val), res, 0); + is_val = crypto_bignum_is_one(pwe); + res = const_time_select_u8(const_time_is_zero(is_val), res, 0); - wpa_printf(MSG_DEBUG, "SAE: PWE found"); - return 1; +fail: + crypto_bignum_deinit(a, 1); + crypto_bignum_deinit(b, 1); + return res; }
CVS commit: src/external/bsd/wpa/dist/src/common
Module Name:src Committed By: christos Date: Wed Apr 10 18:00:45 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/common: sae.c Log Message: This is an initial step towards making the FFC case use strictly constant time operations similarly to the ECC case. sae_test_pwd_seed_ffc() does not yet have constant time behavior, though. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/external/bsd/wpa/dist/src/common/sae.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/common/sae.c diff -u src/external/bsd/wpa/dist/src/common/sae.c:1.5 src/external/bsd/wpa/dist/src/common/sae.c:1.6 --- src/external/bsd/wpa/dist/src/common/sae.c:1.5 Wed Apr 10 14:00:21 2019 +++ src/external/bsd/wpa/dist/src/common/sae.c Wed Apr 10 14:00:45 2019 @@ -589,17 +589,28 @@ static int sae_derive_pwe_ffc(struct sae const u8 *addr2, const u8 *password, size_t password_len, const char *identifier) { - u8 counter, k; + u8 counter, k, sel_counter = 0; u8 addrs[2 * ETH_ALEN]; const u8 *addr[3]; size_t len[3]; size_t num_elem; - int found = 0; - struct crypto_bignum *pwe = NULL; + u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* + * mask */ + u8 mask; + struct crypto_bignum *pwe; + size_t prime_len = sae->tmp->prime_len * 8; + u8 *pwe_buf; crypto_bignum_deinit(sae->tmp->pwe_ffc, 1); sae->tmp->pwe_ffc = NULL; + /* Allocate a buffer to maintain selected and candidate PWE for constant + * time selection. */ + pwe_buf = os_zalloc(prime_len * 2); + pwe = crypto_bignum_init(); + if (!pwe_buf || !pwe) + goto fail; + wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", password, password_len); @@ -638,27 +649,33 @@ static int sae_derive_pwe_ffc(struct sae if (hmac_sha256_vector(addrs, sizeof(addrs), num_elem, addr, len, pwd_seed) < 0) break; - if (!pwe) { - pwe = crypto_bignum_init(); - if (!pwe) -break; - } res = sae_test_pwd_seed_ffc(sae, pwd_seed, pwe); + /* res is -1 for fatal failure, 0 if a valid PWE was not found, + * or 1 if a valid PWE was found. */ if (res < 0) break; - if (res > 0) { - found = 1; - if (!sae->tmp->pwe_ffc) { -wpa_printf(MSG_DEBUG, "SAE: Use this PWE"); -sae->tmp->pwe_ffc = pwe; -pwe = NULL; - } - } + /* Store the candidate PWE into the second half of pwe_buf and + * the selected PWE in the beginning of pwe_buf using constant + * time selection. */ + if (crypto_bignum_to_bin(pwe, pwe_buf + prime_len, prime_len, + prime_len) < 0) + break; + const_time_select_bin(found, pwe_buf, pwe_buf + prime_len, + prime_len, pwe_buf); + sel_counter = const_time_select_u8(found, sel_counter, counter); + mask = const_time_eq_u8(res, 1); + found = const_time_select_u8(found, found, mask); } - crypto_bignum_deinit(pwe, 1); + if (!found) + goto fail; - return found ? 0 : -1; + wpa_printf(MSG_DEBUG, "SAE: Use PWE from counter = %02u", sel_counter); + sae->tmp->pwe_ffc = crypto_bignum_init_set(pwe_buf, prime_len); +fail: + crypto_bignum_deinit(pwe, 1); + bin_clear_free(pwe_buf, prime_len * 2); + return sae->tmp->pwe_ffc ? 0 : -1; }
CVS commit: src/external/bsd/wpa/dist/src/common
Module Name:src Committed By: christos Date: Wed Apr 10 18:00:21 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/common: sae.c Log Message: These groups have significant probability of coming up with pwd-value that is equal or greater than the prime and as such, need for going through the PWE derivation loop multiple times. This can result in sufficient timing different to allow an external observer to determine how many rounds are needed and that can leak information about the used password. Force at least 40 loop rounds for these MODP groups similarly to the ECC group design to mask timing. This behavior is not described in IEEE Std 802.11-2016 for SAE, but it does not result in different values (i.e., only different timing), so such implementation specific countermeasures can be done without breaking interoperability with other implementation. Note: These MODP groups 22, 23, and 24 are not considered sufficiently strong to be used with SAE (or more or less anything else). As such, they should never be enabled in runtime configuration for any production use cases. These changes to introduce additional protection to mask timing is only for completeness of implementation and not an indication that these groups should be used. This is related to CVE-2019-9494. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/bsd/wpa/dist/src/common/sae.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/common/sae.c diff -u src/external/bsd/wpa/dist/src/common/sae.c:1.4 src/external/bsd/wpa/dist/src/common/sae.c:1.5 --- src/external/bsd/wpa/dist/src/common/sae.c:1.4 Wed Apr 10 13:59:35 2019 +++ src/external/bsd/wpa/dist/src/common/sae.c Wed Apr 10 14:00:21 2019 @@ -578,22 +578,27 @@ fail: } +static int sae_modp_group_require_masking(int group) +{ + /* Groups for which pwd-value is likely to be >= p frequently */ + return group == 22 || group == 23 || group == 24; +} + + static int sae_derive_pwe_ffc(struct sae_data *sae, const u8 *addr1, const u8 *addr2, const u8 *password, size_t password_len, const char *identifier) { - u8 counter; + u8 counter, k; u8 addrs[2 * ETH_ALEN]; const u8 *addr[3]; size_t len[3]; size_t num_elem; int found = 0; + struct crypto_bignum *pwe = NULL; - if (sae->tmp->pwe_ffc == NULL) { - sae->tmp->pwe_ffc = crypto_bignum_init(); - if (sae->tmp->pwe_ffc == NULL) - return -1; - } + crypto_bignum_deinit(sae->tmp->pwe_ffc, 1); + sae->tmp->pwe_ffc = NULL; wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", password, password_len); @@ -617,7 +622,9 @@ static int sae_derive_pwe_ffc(struct sae len[num_elem] = sizeof(counter); num_elem++; - for (counter = 1; !found; counter++) { + k = sae_modp_group_require_masking(sae->group) ? 40 : 1; + + for (counter = 1; counter <= k || !found; counter++) { u8 pwd_seed[SHA256_MAC_LEN]; int res; @@ -627,19 +634,30 @@ static int sae_derive_pwe_ffc(struct sae break; } - wpa_printf(MSG_DEBUG, "SAE: counter = %u", counter); + wpa_printf(MSG_DEBUG, "SAE: counter = %02u", counter); if (hmac_sha256_vector(addrs, sizeof(addrs), num_elem, addr, len, pwd_seed) < 0) break; - res = sae_test_pwd_seed_ffc(sae, pwd_seed, sae->tmp->pwe_ffc); + if (!pwe) { + pwe = crypto_bignum_init(); + if (!pwe) +break; + } + res = sae_test_pwd_seed_ffc(sae, pwd_seed, pwe); if (res < 0) break; if (res > 0) { - wpa_printf(MSG_DEBUG, "SAE: Use this PWE"); found = 1; + if (!sae->tmp->pwe_ffc) { +wpa_printf(MSG_DEBUG, "SAE: Use this PWE"); +sae->tmp->pwe_ffc = pwe; +pwe = NULL; + } } } + crypto_bignum_deinit(pwe, 1); + return found ? 0 : -1; }
CVS commit: src/external/bsd/wpa/dist/src/common
Module Name:src Committed By: christos Date: Wed Apr 10 17:59:35 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/common: sae.c Log Message: Make the non-failure path in the function proceed without branches based on r_odd and in constant time to minimize risk of observable differences in timing or cache use. (CVE-2019-9494) To generate a diff of this commit: cvs rdiff -u -r1.3 -r1.4 src/external/bsd/wpa/dist/src/common/sae.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/common/sae.c diff -u src/external/bsd/wpa/dist/src/common/sae.c:1.3 src/external/bsd/wpa/dist/src/common/sae.c:1.4 --- src/external/bsd/wpa/dist/src/common/sae.c:1.3 Wed Apr 10 13:59:07 2019 +++ src/external/bsd/wpa/dist/src/common/sae.c Wed Apr 10 13:59:35 2019 @@ -209,12 +209,14 @@ get_rand_1_to_p_1(const u8 *prime, size_ static int is_quadratic_residue_blind(struct sae_data *sae, const u8 *prime, size_t bits, - const struct crypto_bignum *qr, - const struct crypto_bignum *qnr, + const u8 *qr, const u8 *qnr, const struct crypto_bignum *y_sqr) { - struct crypto_bignum *r, *num; + struct crypto_bignum *r, *num, *qr_or_qnr = NULL; int r_odd, check, res = -1; + u8 qr_or_qnr_bin[SAE_MAX_ECC_PRIME_LEN]; + size_t prime_len = sae->tmp->prime_len; + unsigned int mask; /* * Use the blinding technique to mask y_sqr while determining @@ -225,7 +227,7 @@ static int is_quadratic_residue_blind(st * r = a random number between 1 and p-1, inclusive * num = (v * r * r) modulo p */ - r = get_rand_1_to_p_1(prime, sae->tmp->prime_len, bits, _odd); + r = get_rand_1_to_p_1(prime, prime_len, bits, _odd); if (!r) return -1; @@ -235,41 +237,45 @@ static int is_quadratic_residue_blind(st crypto_bignum_mulmod(num, r, sae->tmp->prime, num) < 0) goto fail; - if (r_odd) { - /* - * num = (num * qr) module p - * LGR(num, p) = 1 ==> quadratic residue - */ - if (crypto_bignum_mulmod(num, qr, sae->tmp->prime, num) < 0) - goto fail; - check = 1; - } else { - /* - * num = (num * qnr) module p - * LGR(num, p) = -1 ==> quadratic residue - */ - if (crypto_bignum_mulmod(num, qnr, sae->tmp->prime, num) < 0) - goto fail; - check = -1; - } + /* + * Need to minimize differences in handling different cases, so try to + * avoid branches and timing differences. + * + * If r_odd: + * num = (num * qr) module p + * LGR(num, p) = 1 ==> quadratic residue + * else: + * num = (num * qnr) module p + * LGR(num, p) = -1 ==> quadratic residue + */ + mask = const_time_is_zero(r_odd); + const_time_select_bin(mask, qnr, qr, prime_len, qr_or_qnr_bin); + qr_or_qnr = crypto_bignum_init_set(qr_or_qnr_bin, prime_len); + if (!qr_or_qnr || + crypto_bignum_mulmod(num, qr_or_qnr, sae->tmp->prime, num) < 0) + goto fail; + /* r_odd is 0 or 1; branchless version of check = r_odd ? 1 : -1, */ + check = const_time_select_int(mask, -1, 1); res = crypto_bignum_legendre(num, sae->tmp->prime); if (res == -2) { res = -1; goto fail; } - res = res == check; + /* branchless version of res = res == check + * (res is -1, 0, or 1; check is -1 or 1) */ + mask = const_time_eq(res, check); + res = const_time_select_int(mask, 1, 0); fail: crypto_bignum_deinit(num, 1); crypto_bignum_deinit(r, 1); + crypto_bignum_deinit(qr_or_qnr, 1); return res; } static int sae_test_pwd_seed_ecc(struct sae_data *sae, const u8 *pwd_seed, - const u8 *prime, - const struct crypto_bignum *qr, - const struct crypto_bignum *qnr, + const u8 *prime, const u8 *qr, const u8 *qnr, u8 *pwd_value) { struct crypto_bignum *y_sqr, *x_cand; @@ -429,6 +435,8 @@ static int sae_derive_pwe_ecc(struct sae struct crypto_bignum *x = NULL, *qr = NULL, *qnr = NULL; u8 x_bin[SAE_MAX_ECC_PRIME_LEN]; u8 x_cand_bin[SAE_MAX_ECC_PRIME_LEN]; + u8 qr_bin[SAE_MAX_ECC_PRIME_LEN]; + u8 qnr_bin[SAE_MAX_ECC_PRIME_LEN]; size_t bits; int res = -1; u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* @@ -453,7 +461,9 @@ static int sae_derive_pwe_ecc(struct sae * (qnr) modulo p for blinding purposes during the loop. */ if (get_random_qr_qnr(prime, prime_len, sae->tmp->prime, bits, - , ) < 0) + , ) < 0 || + crypto_bignum_to_bin(qr, qr_bin, sizeof(qr_bin), prime_len) < 0 || + crypto_bignum_to_bin(qnr, qnr_bin, sizeof(qnr_bin), prime_len) < 0) goto fail; wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", @@ -504,7 +514,7 @@ static int sae_derive_pwe_ecc(struct sae break; res = sae_test_pwd_seed_ecc(sae, pwd_seed, - prime, qr, qnr, x_cand_bin); + prime, qr_bin, qnr_bin, x_cand_bin); const_time_select_bin(found, x_bin, x_cand_bin, prime_len, x_bin); pwd_seed_odd = const_time_select_u8(
CVS commit: src/external/bsd/wpa/dist/src/common
Module Name:src Committed By: christos Date: Wed Apr 10 17:59:07 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/common: sae.c Log Message: The QR test result can provide information about the password to an attacker, so try to minimize differences in how the sae_test_pwd_seed_ecc() result is used. (CVE-2019-9494) Use heap memory for the dummy password to allow the same password length to be used even with long passwords. Use constant time selection functions to track the real vs. dummy variables so that the exact same operations can be performed for both QR test results. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/bsd/wpa/dist/src/common/sae.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/common/sae.c diff -u src/external/bsd/wpa/dist/src/common/sae.c:1.2 src/external/bsd/wpa/dist/src/common/sae.c:1.3 --- src/external/bsd/wpa/dist/src/common/sae.c:1.2 Wed Apr 10 13:52:46 2019 +++ src/external/bsd/wpa/dist/src/common/sae.c Wed Apr 10 13:59:07 2019 @@ -9,6 +9,7 @@ #include "includes.h" #include "common.h" +#include "utils/const_time.h" #include "crypto/crypto.h" #include "crypto/sha256.h" #include "crypto/random.h" @@ -269,15 +270,12 @@ static int sae_test_pwd_seed_ecc(struct const u8 *prime, const struct crypto_bignum *qr, const struct crypto_bignum *qnr, - struct crypto_bignum **ret_x_cand) + u8 *pwd_value) { - u8 pwd_value[SAE_MAX_ECC_PRIME_LEN]; struct crypto_bignum *y_sqr, *x_cand; int res; size_t bits; - *ret_x_cand = NULL; - wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-seed", pwd_seed, SHA256_MAC_LEN); /* pwd-value = KDF-z(pwd-seed, "SAE Hunting and Pecking", p) */ @@ -286,7 +284,7 @@ static int sae_test_pwd_seed_ecc(struct prime, sae->tmp->prime_len, pwd_value, bits) < 0) return -1; if (bits % 8) - buf_shift_right(pwd_value, sizeof(pwd_value), 8 - bits % 8); + buf_shift_right(pwd_value, sae->tmp->prime_len, 8 - bits % 8); wpa_hexdump_key(MSG_DEBUG, "SAE: pwd-value", pwd_value, sae->tmp->prime_len); @@ -297,20 +295,13 @@ static int sae_test_pwd_seed_ecc(struct if (!x_cand) return -1; y_sqr = crypto_ec_point_compute_y_sqr(sae->tmp->ec, x_cand); - if (!y_sqr) { - crypto_bignum_deinit(x_cand, 1); + crypto_bignum_deinit(x_cand, 1); + if (!y_sqr) return -1; - } res = is_quadratic_residue_blind(sae, prime, bits, qr, qnr, y_sqr); crypto_bignum_deinit(y_sqr, 1); - if (res <= 0) { - crypto_bignum_deinit(x_cand, 1); - return res; - } - - *ret_x_cand = x_cand; - return 1; + return res; } @@ -431,25 +422,30 @@ static int sae_derive_pwe_ecc(struct sae const u8 *addr[3]; size_t len[3]; size_t num_elem; - u8 dummy_password[32]; - size_t dummy_password_len; + u8 *dummy_password, *tmp_password; int pwd_seed_odd = 0; u8 prime[SAE_MAX_ECC_PRIME_LEN]; size_t prime_len; - struct crypto_bignum *x = NULL, *qr, *qnr; + struct crypto_bignum *x = NULL, *qr = NULL, *qnr = NULL; + u8 x_bin[SAE_MAX_ECC_PRIME_LEN]; + u8 x_cand_bin[SAE_MAX_ECC_PRIME_LEN]; size_t bits; - int res; - - dummy_password_len = password_len; - if (dummy_password_len > sizeof(dummy_password)) - dummy_password_len = sizeof(dummy_password); - if (random_get_bytes(dummy_password, dummy_password_len) < 0) - return -1; + int res = -1; + u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* + * mask */ + + os_memset(x_bin, 0, sizeof(x_bin)); + + dummy_password = os_malloc(password_len); + tmp_password = os_malloc(password_len); + if (!dummy_password || !tmp_password || + random_get_bytes(dummy_password, password_len) < 0) + goto fail; prime_len = sae->tmp->prime_len; if (crypto_bignum_to_bin(sae->tmp->prime, prime, sizeof(prime), prime_len) < 0) - return -1; + goto fail; bits = crypto_ec_prime_len_bits(sae->tmp->ec); /* @@ -458,7 +454,7 @@ static int sae_derive_pwe_ecc(struct sae */ if (get_random_qr_qnr(prime, prime_len, sae->tmp->prime, bits, , ) < 0) - return -1; + goto fail; wpa_hexdump_ascii_key(MSG_DEBUG, "SAE: password", password, password_len); @@ -474,7 +470,7 @@ static int sae_derive_pwe_ecc(struct sae */ sae_pwd_seed_key(addr1, addr2, addrs); - addr[0] = password; + addr[0] = tmp_password; len[0] = password_len; num_elem = 1; if (identifier) { @@ -491,9 +487,8 @@ static int sae_derive_pwe_ecc(struct sae * attacks that attempt to determine the number of iterations required * in the loop. */ - for (counter = 1; counter <= k || !x; counter++) { + for (counter = 1; counter <= k || !found; counter++) { u8 pwd_seed[SHA256_MAC_LEN]; - struct crypto_bignum *x_cand; if (counter > 200) { /* This should not happen in practice */ @@ -501,40 +496,49 @@ static int sae_derive_pwe_ecc(struct sae break; } - wpa_printf(MSG_DEBUG, "SAE: counter = %u",
CVS commit: src/external/bsd/wpa/dist/src/eap_common
Module Name:src Committed By: christos Date: Wed Apr 10 17:57:15 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/eap_common: eap_pwd_common.c Log Message: This algorithm could leak information to external observers in form of timing differences or memory access patterns (cache use). While the previous implementation had protection against the most visible timing differences (looping 40 rounds and masking the legendre operation), it did not protect against memory access patterns between the two possible code paths in the masking operations. That might be sufficient to allow an unprivileged process running on the same device to be able to determine which path is being executed through a cache attack and based on that, determine information about the used password. Convert the PWE finding loop to use constant time functions and identical memory access path without different branches for the QR/QNR cases to minimize possible side-channel information similarly to the changes done for SAE authentication. (CVE-2019-9495) To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c diff -u src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c:1.2 src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c:1.3 --- src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c:1.2 Wed Apr 10 13:50:27 2019 +++ src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c Wed Apr 10 13:57:15 2019 @@ -8,11 +8,15 @@ #include "includes.h" #include "common.h" +#include "utils/const_time.h" #include "crypto/sha256.h" #include "crypto/crypto.h" #include "eap_defs.h" #include "eap_pwd_common.h" +#define MAX_ECC_PRIME_LEN 66 + + /* The random function H(x) = HMAC-SHA256(0^32, x) */ struct crypto_hash * eap_pwd_h_init(void) { @@ -102,6 +106,15 @@ EAP_PWD_group * get_eap_pwd_group(u16 nu } +static void buf_shift_right(u8 *buf, size_t len, size_t bits) +{ + size_t i; + for (i = len - 1; i > 0; i--) + buf[i] = (buf[i - 1] << (8 - bits)) | (buf[i] >> bits); + buf[0] >>= bits; +} + + /* * compute a "random" secret point on an elliptic curve based * on the password and identities. @@ -113,17 +126,27 @@ int compute_password_element(EAP_PWD_gro const u8 *token) { struct crypto_bignum *qr = NULL, *qnr = NULL, *one = NULL; + struct crypto_bignum *qr_or_qnr = NULL; + u8 qr_bin[MAX_ECC_PRIME_LEN]; + u8 qnr_bin[MAX_ECC_PRIME_LEN]; + u8 qr_or_qnr_bin[MAX_ECC_PRIME_LEN]; + u8 x_bin[MAX_ECC_PRIME_LEN]; struct crypto_bignum *tmp1 = NULL, *tmp2 = NULL, *pm1 = NULL; struct crypto_hash *hash; unsigned char pwe_digest[SHA256_MAC_LEN], *prfbuf = NULL, ctr; - int is_odd, ret = 0, check, found = 0; - size_t primebytelen, primebitlen; - struct crypto_bignum *x_candidate = NULL, *rnd = NULL, *cofactor = NULL; + int ret = 0, check, res; + u8 found = 0; /* 0 (false) or 0xff (true) to be used as const_time_* + * mask */ + size_t primebytelen = 0, primebitlen; + struct crypto_bignum *x_candidate = NULL, *cofactor = NULL; const struct crypto_bignum *prime; + u8 mask, found_ctr = 0, is_odd = 0; if (grp->pwe) return -1; + os_memset(x_bin, 0, sizeof(x_bin)); + prime = crypto_ec_get_prime(grp->group); cofactor = crypto_bignum_init(); grp->pwe = crypto_ec_point_init(grp->group); @@ -152,8 +175,6 @@ int compute_password_element(EAP_PWD_gro /* get a random quadratic residue and nonresidue */ while (!qr || !qnr) { - int res; - if (crypto_bignum_rand(tmp1, prime) < 0) goto fail; res = crypto_bignum_legendre(tmp1, prime); @@ -167,6 +188,11 @@ int compute_password_element(EAP_PWD_gro if (!tmp1) goto fail; } + if (crypto_bignum_to_bin(qr, qr_bin, sizeof(qr_bin), + primebytelen) < 0 || + crypto_bignum_to_bin(qnr, qnr_bin, sizeof(qnr_bin), + primebytelen) < 0) + goto fail; os_memset(prfbuf, 0, primebytelen); ctr = 0; @@ -194,17 +220,16 @@ int compute_password_element(EAP_PWD_gro eap_pwd_h_update(hash, , sizeof(ctr)); eap_pwd_h_final(hash, pwe_digest); - crypto_bignum_deinit(rnd, 1); - rnd = crypto_bignum_init_set(pwe_digest, SHA256_MAC_LEN); - if (!rnd) { - wpa_printf(MSG_INFO, "EAP-pwd: unable to create rnd"); - goto fail; - } + is_odd = const_time_select_u8( + found, is_odd, pwe_digest[SHA256_MAC_LEN - 1] & 0x01); if (eap_pwd_kdf(pwe_digest, SHA256_MAC_LEN, (u8 *) "EAP-pwd Hunting And Pecking", os_strlen("EAP-pwd Hunting And Pecking"), prfbuf, primebitlen) < 0) goto fail; + if (primebitlen % 8) + buf_shift_right(prfbuf, primebytelen, + 8 - primebitlen % 8); crypto_bignum_deinit(x_candidate, 1); x_candidate = crypto_bignum_init_set(prfbuf, primebytelen); @@ -214,24 +239,13 @@ int compute_password_element(EAP_PWD_gro
CVS commit: src/external/bsd/wpa/dist/src/crypto
Module Name:src Committed By: christos Date: Wed Apr 10 17:56:43 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/crypto: crypto_openssl.c Log Message: Get rid of the branches that depend on the result of the Legendre operation. This is needed to avoid leaking information about different temporary results in blinding mechanisms. This is related to CVE-2019-9494 and CVE-2019-9495. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 \ src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c diff -u src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c:1.2 src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c:1.3 --- src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c:1.2 Wed Apr 10 13:55:31 2019 +++ src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c Wed Apr 10 13:56:43 2019 @@ -24,6 +24,7 @@ #endif /* CONFIG_ECC */ #include "common.h" +#include "utils/const_time.h" #include "wpabuf.h" #include "dh_group5.h" #include "sha1.h" @@ -1435,6 +1436,7 @@ int crypto_bignum_legendre(const struct BN_CTX *bnctx; BIGNUM *exp = NULL, *tmp = NULL; int res = -2; + unsigned int mask; if (TEST_FAIL()) return -2; @@ -1453,12 +1455,13 @@ int crypto_bignum_legendre(const struct (const BIGNUM *) p, bnctx, NULL)) goto fail; - if (BN_is_word(tmp, 1)) - res = 1; - else if (BN_is_zero(tmp)) - res = 0; - else - res = -1; + /* Return 1 if tmp == 1, 0 if tmp == 0, or -1 otherwise. Need to use + * constant time selection to avoid branches here. */ + res = -1; + mask = const_time_eq(BN_is_word(tmp, 1), 1); + res = const_time_select_int(mask, 1, res); + mask = const_time_eq(BN_is_zero(tmp), 1); + res = const_time_select_int(mask, 0, res); fail: BN_clear_free(tmp);
CVS commit: src/external/bsd/wpa/dist/src/utils
Module Name:src Committed By: christos Date: Wed Apr 10 17:56:13 UTC 2019 Added Files: src/external/bsd/wpa/dist/src/utils: const_time.h Log Message: These functions can be used to help implement constant time operations for various cryptographic operations that must minimize externally observable differences in processing (both in timing and also in internal cache use, etc.). This is related to CVE-2019-9494 and CVE-2019-9495. To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/external/bsd/wpa/dist/src/utils/const_time.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/external/bsd/wpa/dist/src/utils/const_time.h diff -u /dev/null src/external/bsd/wpa/dist/src/utils/const_time.h:1.1 --- /dev/null Wed Apr 10 13:56:13 2019 +++ src/external/bsd/wpa/dist/src/utils/const_time.h Wed Apr 10 13:56:13 2019 @@ -0,0 +1,191 @@ +/* + * Helper functions for constant time operations + * Copyright (c) 2019, The Linux Foundation + * + * This software may be distributed under the terms of the BSD license. + * See README for more details. + * + * These helper functions can be used to implement logic that needs to minimize + * externally visible differences in execution path by avoiding use of branches, + * avoiding early termination or other time differences, and forcing same memory + * access pattern regardless of values. + */ + +#ifndef CONST_TIME_H +#define CONST_TIME_H + + +#if defined(__clang__) +#define NO_UBSAN_UINT_OVERFLOW \ + __attribute__((no_sanitize("unsigned-integer-overflow"))) +#else +#define NO_UBSAN_UINT_OVERFLOW +#endif + + +/** + * const_time_fill_msb - Fill all bits with MSB value + * @val: Input value + * Returns: Value with all the bits set to the MSB of the input val + */ +static inline unsigned int const_time_fill_msb(unsigned int val) +{ + /* Move the MSB to LSB and multiple by -1 to fill in all bits. */ + return (val >> (sizeof(val) * 8 - 1)) * ~0U; +} + + +/* Returns: -1 if val is zero; 0 if val is not zero */ +static inline unsigned int const_time_is_zero(unsigned int val) + NO_UBSAN_UINT_OVERFLOW +{ + /* Set MSB to 1 for 0 and fill rest of bits with the MSB value */ + return const_time_fill_msb(~val & (val - 1)); +} + + +/* Returns: -1 if a == b; 0 if a != b */ +static inline unsigned int const_time_eq(unsigned int a, unsigned int b) +{ + return const_time_is_zero(a ^ b); +} + + +/* Returns: -1 if a == b; 0 if a != b */ +static inline u8 const_time_eq_u8(unsigned int a, unsigned int b) +{ + return (u8) const_time_eq(a, b); +} + + +/** + * const_time_eq_bin - Constant time memory comparison + * @a: First buffer to compare + * @b: Second buffer to compare + * @len: Number of octets to compare + * Returns: -1 if buffers are equal, 0 if not + * + * This function is meant for comparing passwords or hash values where + * difference in execution time or memory access pattern could provide external + * observer information about the location of the difference in the memory + * buffers. The return value does not behave like memcmp(), i.e., + * const_time_eq_bin() cannot be used to sort items into a defined order. Unlike + * memcmp(), the execution time of const_time_eq_bin() does not depend on the + * contents of the compared memory buffers, but only on the total compared + * length. + */ +static inline unsigned int const_time_eq_bin(const void *a, const void *b, + size_t len) +{ + const u8 *aa = a; + const u8 *bb = b; + size_t i; + u8 res = 0; + + for (i = 0; i < len; i++) + res |= aa[i] ^ bb[i]; + + return const_time_is_zero(res); +} + + +/** + * const_time_select - Constant time unsigned int selection + * @mask: 0 (false) or -1 (true) to identify which value to select + * @true_val: Value to select for the true case + * @false_val: Value to select for the false case + * Returns: true_val if mask == -1, false_val if mask == 0 + */ +static inline unsigned int const_time_select(unsigned int mask, + unsigned int true_val, + unsigned int false_val) +{ + return (mask & true_val) | (~mask & false_val); +} + + +/** + * const_time_select_int - Constant time int selection + * @mask: 0 (false) or -1 (true) to identify which value to select + * @true_val: Value to select for the true case + * @false_val: Value to select for the false case + * Returns: true_val if mask == -1, false_val if mask == 0 + */ +static inline int const_time_select_int(unsigned int mask, int true_val, + int false_val) +{ + return (int) const_time_select(mask, (unsigned int) true_val, + (unsigned int) false_val); +} + + +/** + * const_time_select_u8 - Constant time u8 selection + * @mask: 0 (false) or -1 (true) to identify which value to select + * @true_val: Value to select for the true case + * @false_val: Value to select for the false case + * Returns: true_val if mask == -1, false_val if mask == 0 + */ +static inline u8 const_time_select_u8(u8 mask, u8 true_val, u8
CVS commit: src/external/bsd/wpa/dist/src/crypto
Module Name:src Committed By: christos Date: Wed Apr 10 17:55:31 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/crypto: crypto_openssl.c Log Message: This helps in reducing measurable timing differences in operations involving private information. BoringSSL has removed BN_FLG_CONSTTIME and expects specific constant time functions to be called instead, so a bit different approach is needed depending on which library is used. The main operation that needs protection against side channel attacks is BN_mod_exp() that depends on private keys (the public key validation step in crypto_dh_derive_secret() is an exception that can use the faster version since it does not depend on private keys). crypto_bignum_div() is currently used only in SAE FFC case with not safe-prime groups and only with values that do not depend on private keys, so it is not critical to protect it. crypto_bignum_inverse() is currently used only in SAE FFC PWE derivation. The additional protection here is targeting only OpenSSL. BoringSSL may need conversion to using BN_mod_inverse_blinded(). This is related to CVE-2019-9494 and CVE-2019-9495. To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.2 \ src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c diff -u src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c:1.1.1.7 src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c:1.2 --- src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c:1.1.1.7 Fri Jan 4 14:29:19 2019 +++ src/external/bsd/wpa/dist/src/crypto/crypto_openssl.c Wed Apr 10 13:55:31 2019 @@ -549,7 +549,8 @@ int crypto_mod_exp(const u8 *base, size_ bn_result == NULL) goto error; - if (BN_mod_exp(bn_result, bn_base, bn_exp, bn_modulus, ctx) != 1) + if (BN_mod_exp_mont_consttime(bn_result, bn_base, bn_exp, bn_modulus, + ctx, NULL) != 1) goto error; *result_len = BN_bn2bin(bn_result, result); @@ -1295,8 +1296,9 @@ int crypto_bignum_exptmod(const struct c bnctx = BN_CTX_new(); if (bnctx == NULL) return -1; - res = BN_mod_exp((BIGNUM *) d, (const BIGNUM *) a, (const BIGNUM *) b, - (const BIGNUM *) c, bnctx); + res = BN_mod_exp_mont_consttime((BIGNUM *) d, (const BIGNUM *) a, + (const BIGNUM *) b, (const BIGNUM *) c, + bnctx, NULL); BN_CTX_free(bnctx); return res ? 0 : -1; @@ -1315,6 +1317,11 @@ int crypto_bignum_inverse(const struct c bnctx = BN_CTX_new(); if (bnctx == NULL) return -1; +#ifdef OPENSSL_IS_BORINGSSL + /* TODO: use BN_mod_inverse_blinded() ? */ +#else /* OPENSSL_IS_BORINGSSL */ + BN_set_flags((BIGNUM *) a, BN_FLG_CONSTTIME); +#endif /* OPENSSL_IS_BORINGSSL */ res = BN_mod_inverse((BIGNUM *) c, (const BIGNUM *) a, (const BIGNUM *) b, bnctx); BN_CTX_free(bnctx); @@ -1348,6 +1355,9 @@ int crypto_bignum_div(const struct crypt bnctx = BN_CTX_new(); if (bnctx == NULL) return -1; +#ifndef OPENSSL_IS_BORINGSSL + BN_set_flags((BIGNUM *) a, BN_FLG_CONSTTIME); +#endif /* OPENSSL_IS_BORINGSSL */ res = BN_div((BIGNUM *) c, NULL, (const BIGNUM *) a, (const BIGNUM *) b, bnctx); BN_CTX_free(bnctx); @@ -1439,8 +1449,8 @@ int crypto_bignum_legendre(const struct /* exp = (p-1) / 2 */ !BN_sub(exp, (const BIGNUM *) p, BN_value_one()) || !BN_rshift1(exp, exp) || - !BN_mod_exp(tmp, (const BIGNUM *) a, exp, (const BIGNUM *) p, - bnctx)) + !BN_mod_exp_mont_consttime(tmp, (const BIGNUM *) a, exp, + (const BIGNUM *) p, bnctx, NULL)) goto fail; if (BN_is_word(tmp, 1))
CVS commit: src/external/bsd/wpa/dist/src/common
Module Name:src Committed By: christos Date: Wed Apr 10 17:52:46 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/common: sae.c Log Message: Explicitly verify that own and peer commit scalar/element are available when trying to check SAE confirm message. It could have been possible to hit a NULL pointer dereference if the peer element could not have been parsed. (CVE-2019-9496) To generate a diff of this commit: cvs rdiff -u -r1.1.1.4 -r1.2 src/external/bsd/wpa/dist/src/common/sae.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/common/sae.c diff -u src/external/bsd/wpa/dist/src/common/sae.c:1.1.1.4 src/external/bsd/wpa/dist/src/common/sae.c:1.2 --- src/external/bsd/wpa/dist/src/common/sae.c:1.1.1.4 Fri Jan 4 14:29:17 2019 +++ src/external/bsd/wpa/dist/src/common/sae.c Wed Apr 10 13:52:46 2019 @@ -1394,23 +1394,31 @@ int sae_check_confirm(struct sae_data *s wpa_printf(MSG_DEBUG, "SAE: peer-send-confirm %u", WPA_GET_LE16(data)); - if (sae->tmp == NULL) { + if (!sae->tmp || !sae->peer_commit_scalar || + !sae->tmp->own_commit_scalar) { wpa_printf(MSG_DEBUG, "SAE: Temporary data not yet available"); return -1; } - if (sae->tmp->ec) + if (sae->tmp->ec) { + if (!sae->tmp->peer_commit_element_ecc || + !sae->tmp->own_commit_element_ecc) + return -1; sae_cn_confirm_ecc(sae, data, sae->peer_commit_scalar, sae->tmp->peer_commit_element_ecc, sae->tmp->own_commit_scalar, sae->tmp->own_commit_element_ecc, verifier); - else + } else { + if (!sae->tmp->peer_commit_element_ffc || + !sae->tmp->own_commit_element_ffc) + return -1; sae_cn_confirm_ffc(sae, data, sae->peer_commit_scalar, sae->tmp->peer_commit_element_ffc, sae->tmp->own_commit_scalar, sae->tmp->own_commit_element_ffc, verifier); + } if (os_memcmp_const(verifier, data + 2, SHA256_MAC_LEN) != 0) { wpa_printf(MSG_DEBUG, "SAE: Confirm mismatch");
CVS commit: src/external/bsd/wpa/dist/src
Module Name:src Committed By: christos Date: Wed Apr 10 17:50:28 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/eap_common: eap_pwd_common.c eap_pwd_common.h src/external/bsd/wpa/dist/src/eap_peer: eap_pwd.c src/external/bsd/wpa/dist/src/eap_server: eap_server_pwd.c Log Message: This adds an explicit check for 0 < x,y < prime based on RFC 5931, 2.8.5.2.2 requirement. The earlier checks might have covered this implicitly, but it is safer to avoid any dependency on implicit checks and specific crypto library behavior. (CVE-2019-9498 and CVE-2019-9499) Furthermore, this moves the EAP-pwd element and scalar parsing and validation steps into shared helper functions so that there is no need to maintain two separate copies of this common functionality between the server and peer implementations. To generate a diff of this commit: cvs rdiff -u -r1.1.1.6 -r1.2 \ src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c cvs rdiff -u -r1.1.1.5 -r1.2 \ src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h cvs rdiff -u -r1.7 -r1.8 src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c cvs rdiff -u -r1.7 -r1.8 \ src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c diff -u src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c:1.1.1.6 src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c:1.2 --- src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c:1.1.1.6 Fri Jan 4 14:29:19 2019 +++ src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.c Wed Apr 10 13:50:27 2019 @@ -416,3 +416,109 @@ int compute_keys(EAP_PWD_group *grp, con return 1; } + + +static int eap_pwd_element_coord_ok(const struct crypto_bignum *prime, +const u8 *buf, size_t len) +{ + struct crypto_bignum *val; + int ok = 1; + + val = crypto_bignum_init_set(buf, len); + if (!val || crypto_bignum_is_zero(val) || + crypto_bignum_cmp(val, prime) >= 0) + ok = 0; + crypto_bignum_deinit(val, 0); + return ok; +} + + +struct crypto_ec_point * eap_pwd_get_element(EAP_PWD_group *group, + const u8 *buf) +{ + struct crypto_ec_point *element; + const struct crypto_bignum *prime; + size_t prime_len; + struct crypto_bignum *cofactor = NULL; + + prime = crypto_ec_get_prime(group->group); + prime_len = crypto_ec_prime_len(group->group); + + /* RFC 5931, 2.8.5.2.2: 0 < x,y < p */ + if (!eap_pwd_element_coord_ok(prime, buf, prime_len) || + !eap_pwd_element_coord_ok(prime, buf + prime_len, prime_len)) { + wpa_printf(MSG_INFO, "EAP-pwd: Invalid coordinate in element"); + return NULL; + } + + element = crypto_ec_point_from_bin(group->group, buf); + if (!element) { + wpa_printf(MSG_INFO, "EAP-pwd: EC point from element failed"); + return NULL; + } + + /* RFC 5931, 2.8.5.2.2: on curve and not the point at infinity */ + if (!crypto_ec_point_is_on_curve(group->group, element) || + crypto_ec_point_is_at_infinity(group->group, element)) { + wpa_printf(MSG_INFO, "EAP-pwd: Invalid element"); + goto fail; + } + + cofactor = crypto_bignum_init(); + if (!cofactor || crypto_ec_cofactor(group->group, cofactor) < 0) { + wpa_printf(MSG_INFO, + "EAP-pwd: Unable to get cofactor for curve"); + goto fail; + } + + if (!crypto_bignum_is_one(cofactor)) { + struct crypto_ec_point *point; + int ok = 1; + + /* check to ensure peer's element is not in a small sub-group */ + point = crypto_ec_point_init(group->group); + if (!point || + crypto_ec_point_mul(group->group, element, + cofactor, point) != 0 || + crypto_ec_point_is_at_infinity(group->group, point)) + ok = 0; + crypto_ec_point_deinit(point, 0); + + if (!ok) { + wpa_printf(MSG_INFO, + "EAP-pwd: Small sub-group check on peer element failed"); + goto fail; + } + } + +out: + crypto_bignum_deinit(cofactor, 0); + return element; +fail: + crypto_ec_point_deinit(element, 0); + element = NULL; + goto out; +} + + +struct crypto_bignum * eap_pwd_get_scalar(EAP_PWD_group *group, const u8 *buf) +{ + struct crypto_bignum *scalar; + const struct crypto_bignum *order; + size_t order_len; + + order = crypto_ec_get_order(group->group); + order_len = crypto_ec_order_len(group->group); + + /* RFC 5931, 2.8.5.2: 1 < scalar < r */ + scalar = crypto_bignum_init_set(buf, order_len); + if (!scalar || crypto_bignum_is_zero(scalar) || + crypto_bignum_is_one(scalar) || + crypto_bignum_cmp(scalar, order) >= 0) { + wpa_printf(MSG_INFO, "EAP-pwd: received scalar is invalid"); + crypto_bignum_deinit(scalar, 0); + scalar = NULL; + } + + return scalar; +} Index: src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h diff -u src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h:1.1.1.5 src/external/bsd/wpa/dist/src/eap_common/eap_pwd_common.h:1.2 ---
CVS commit: src/external/bsd/wpa/dist/src/eap_peer
Module Name:src Committed By: christos Date: Wed Apr 10 17:49:59 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/eap_peer: eap_pwd.c Log Message: When processing an EAP-pwd Commit frame, the server's scalar and element (elliptic curve point) were not validated. This allowed an adversary to bypass authentication, and act as a rogue Access Point (AP) if the crypto implementation did not verify the validity of the EC point. Fix this vulnerability by assuring the received scalar lies within the valid range, and by checking that the received element is not the point at infinity and lies on the elliptic curve being used. (CVE-2019-9499) The vulnerability is only exploitable if OpenSSL version 1.0.2 or lower is used, or if LibreSSL or wolfssl is used. Newer versions of OpenSSL (and also BoringSSL) implicitly validate the elliptic curve point in EC_POINT_set_affine_coordinates_GFp(), preventing the attack. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c diff -u src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c:1.6 src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c:1.7 --- src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c:1.6 Fri Jan 4 16:22:20 2019 +++ src/external/bsd/wpa/dist/src/eap_peer/eap_pwd.c Wed Apr 10 13:49:59 2019 @@ -594,6 +594,26 @@ eap_pwd_perform_commit_exchange(struct e goto fin; } + /* verify received scalar */ + if (crypto_bignum_is_zero(data->server_scalar) || + crypto_bignum_is_one(data->server_scalar) || + crypto_bignum_cmp(data->server_scalar, + crypto_ec_get_order(data->grp->group)) >= 0) { + wpa_printf(MSG_INFO, + "EAP-PWD (peer): received scalar is invalid"); + goto fin; + } + + /* verify received element */ + if (!crypto_ec_point_is_on_curve(data->grp->group, + data->server_element) || + crypto_ec_point_is_at_infinity(data->grp->group, + data->server_element)) { + wpa_printf(MSG_INFO, + "EAP-PWD (peer): received element is invalid"); + goto fin; + } + /* check to ensure server's element is not in a small sub-group */ if (!crypto_bignum_is_one(cofactor)) { if (crypto_ec_point_mul(data->grp->group, data->server_element,
CVS commit: src/external/bsd/wpa/dist/src/eap_server
Module Name:src Committed By: christos Date: Wed Apr 10 17:49:26 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/eap_server: eap_server_pwd.c Log Message: When processing an EAP-pwd Commit frame, verify that the peer's scalar and elliptic curve element differ from the one sent by the server. This prevents reflection attacks where the adversary reflects the scalar and element sent by the server. (CVE-2019-9497) The vulnerability allows an adversary to complete the EAP-pwd handshake as any user. However, the adversary does not learn the negotiated session key, meaning the subsequent 4-way handshake would fail. As a result, this cannot be abused to bypass authentication unless EAP-pwd is used in non-WLAN cases without any following key exchange that would require the attacker to learn the MSK. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 \ src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c diff -u src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c:1.6 src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c:1.7 --- src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c:1.6 Wed Apr 10 13:48:07 2019 +++ src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c Wed Apr 10 13:49:26 2019 @@ -753,6 +753,15 @@ eap_pwd_process_commit_resp(struct eap_s } } + /* detect reflection attacks */ + if (crypto_bignum_cmp(data->my_scalar, data->peer_scalar) == 0 || + crypto_ec_point_cmp(data->grp->group, data->my_element, +data->peer_element) == 0) { + wpa_printf(MSG_INFO, + "EAP-PWD (server): detected reflection attack!"); + goto fin; + } + /* compute the shared key, k */ if ((crypto_ec_point_mul(data->grp->group, data->grp->pwe, data->peer_scalar, K) < 0) ||
CVS commit: src/external/bsd/wpa/dist/src
Module Name:src Committed By: christos Date: Wed Apr 10 17:48:08 UTC 2019 Modified Files: src/external/bsd/wpa/dist/src/drivers: driver_bsd.c src/external/bsd/wpa/dist/src/eap_server: eap_server_pwd.c Log Message: CVE-2019-9498 (EAP-pwd server missing commit validation for scalar/element) When processing an EAP-pwd Commit frame, the peer's scalar and element (elliptic curve point) were not validated. This allowed an adversary to bypass authentication, and impersonate any user if the crypto implementation did not verify the validity of the EC point. Fix this vulnerability by assuring the received scalar lies within the valid range, and by checking that the received element is not the point at infinity and lies on the elliptic curve being used. (CVE-2019-9498) The vulnerability is only exploitable if OpenSSL version 1.0.2 or lower is used, or if LibreSSL or wolfssl is used. Newer versions of OpenSSL (and also BoringSSL) implicitly validate the elliptic curve point in EC_POINT_set_affine_coordinates_GFp(), preventing the attack. To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/external/bsd/wpa/dist/src/drivers/driver_bsd.c cvs rdiff -u -r1.5 -r1.6 \ src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/bsd/wpa/dist/src/drivers/driver_bsd.c diff -u src/external/bsd/wpa/dist/src/drivers/driver_bsd.c:1.29 src/external/bsd/wpa/dist/src/drivers/driver_bsd.c:1.30 --- src/external/bsd/wpa/dist/src/drivers/driver_bsd.c:1.29 Tue Apr 11 10:15:08 2017 +++ src/external/bsd/wpa/dist/src/drivers/driver_bsd.c Wed Apr 10 13:48:07 2019 @@ -334,6 +334,8 @@ bsd_send_mlme_param(void *priv, const u8 mlme.im_op = op; mlme.im_reason = reason; os_memcpy(mlme.im_macaddr, addr, IEEE80211_ADDR_LEN); + wpa_printf(MSG_DEBUG, "%s: op=%d reason=%d addr=" MACSTR, __func__, + op, reason, MAC2STR(addr)); return set80211var(priv, IEEE80211_IOC_MLME, , sizeof(mlme)); } Index: src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c diff -u src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c:1.5 src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c:1.6 --- src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c:1.5 Fri Jan 4 16:22:20 2019 +++ src/external/bsd/wpa/dist/src/eap_server/eap_server_pwd.c Wed Apr 10 13:48:07 2019 @@ -718,6 +718,26 @@ eap_pwd_process_commit_resp(struct eap_s goto fin; } + /* verify received scalar */ + if (crypto_bignum_is_zero(data->peer_scalar) || + crypto_bignum_is_one(data->peer_scalar) || + crypto_bignum_cmp(data->peer_scalar, + crypto_ec_get_order(data->grp->group)) >= 0) { + wpa_printf(MSG_INFO, + "EAP-PWD (server): received scalar is invalid"); + goto fin; + } + + /* verify received element */ + if (!crypto_ec_point_is_on_curve(data->grp->group, + data->peer_element) || + crypto_ec_point_is_at_infinity(data->grp->group, + data->peer_element)) { + wpa_printf(MSG_INFO, + "EAP-PWD (server): received element is invalid"); + goto fin; + } + /* check to ensure peer's element is not in a small sub-group */ if (!crypto_bignum_is_one(cofactor)) { if (crypto_ec_point_mul(data->grp->group, data->peer_element,
CVS commit: src/external/gpl3/gcc/dist/gcc/config
Module Name:src Committed By: maya Date: Wed Apr 10 16:15:11 UTC 2019 Modified Files: src/external/gpl3/gcc/dist/gcc/config/rs6000: netbsd64.h src/external/gpl3/gcc/dist/gcc/config/sparc: netbsd-elf.h Log Message: Remove lingering references to NETBSD_CC1_AND_CC1PLUS_SPEC. Not actually tested. To generate a diff of this commit: cvs rdiff -u -r1.19 -r1.20 \ src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h cvs rdiff -u -r1.13 -r1.14 \ src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h diff -u src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h:1.19 src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h:1.20 --- src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h:1.19 Wed Apr 3 08:31:57 2019 +++ src/external/gpl3/gcc/dist/gcc/config/rs6000/netbsd64.h Wed Apr 10 16:15:11 2019 @@ -89,7 +89,6 @@ extern int dot_symbols; #undef CC1_OS_NETBSD_SPEC #define CC1_OS_NETBSD_SPEC \ - NETBSD_CC1_AND_CC1PLUS_SPEC \ "%{!m32: %{!mrelocatable: %{!fno-pie: %{!fno-pic: \ %{!fpie: %{!fpic: \ %{!fPIE: %{!fPIC:-fPIC" Index: src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h diff -u src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h:1.13 src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h:1.14 --- src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h:1.13 Sat Jan 19 12:10:07 2019 +++ src/external/gpl3/gcc/dist/gcc/config/sparc/netbsd-elf.h Wed Apr 10 16:15:11 2019 @@ -142,8 +142,7 @@ along with GCC; see the file COPYING3. %{!mcpu*:%{!mv8plus:-mcpu=ultrasparc}} \ %{!mno-vis:%{!mcpu=v9:-mvis}} \ %{p:-mcmodel=medlow} \ -%{pg:-mcmodel=medlow}} " \ - NETBSD_CC1_AND_CC1PLUS_SPEC +%{pg:-mcmodel=medlow}} " #define CC1_SPEC64 \ "%{m32:%{m64:%emay not use both -m32 and -m64}} \ @@ -153,8 +152,7 @@ along with GCC; see the file COPYING3. %{!mcpu*:%{!mv8plus:-mcpu=cypress}}} \ %{!m32: \ %{p:-mcmodel=medlow} \ - %{pg:-mcmodel=medlow}} " \ - NETBSD_CC1_AND_CC1PLUS_SPEC + %{pg:-mcmodel=medlow}} " #if defined(SPARC_BI_ARCH) || defined(__arch64__) /* add code model specific object to the link line for 64bit */
CVS commit: src/external/gpl3/gcc/dist/gcc/config
Module Name:src Committed By: maya Date: Wed Apr 10 16:11:06 UTC 2019 Modified Files: src/external/gpl3/gcc/dist/gcc/config: netbsd.h Log Message: remove bogus specs redefinition. fixes the use of -march=native To generate a diff of this commit: cvs rdiff -u -r1.28 -r1.29 src/external/gpl3/gcc/dist/gcc/config/netbsd.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/gpl3/gcc/dist/gcc/config/netbsd.h diff -u src/external/gpl3/gcc/dist/gcc/config/netbsd.h:1.28 src/external/gpl3/gcc/dist/gcc/config/netbsd.h:1.29 --- src/external/gpl3/gcc/dist/gcc/config/netbsd.h:1.28 Sun Apr 7 14:11:23 2019 +++ src/external/gpl3/gcc/dist/gcc/config/netbsd.h Wed Apr 10 16:11:06 2019 @@ -153,16 +153,6 @@ along with GCC; see the file COPYING3. #define NETBSD_LIBGCC_SPEC "-lgcc" #endif -/* Pass -cxx-isystem to cc1/cc1plus. */ -#define NETBSD_CC1_AND_CC1PLUS_SPEC \ - "%{cxx-isystem}" - -#undef CC1_SPEC -#define CC1_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC - -#undef CC1PLUS_SPEC -#define CC1PLUS_SPEC NETBSD_CC1_AND_CC1PLUS_SPEC - #if defined(HAVE_LD_EH_FRAME_HDR) #define LINK_EH_SPEC "%{!static:--eh-frame-hdr} " #endif
CVS commit: src/sys/dev/dkwedge
Module Name:src Committed By: mlelstv Date: Wed Apr 10 15:19:15 UTC 2019 Modified Files: src/sys/dev/dkwedge: dkwedge_gpt.c Log Message: add types for windows and linux partitions. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/sys/dev/dkwedge/dkwedge_gpt.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/dkwedge/dkwedge_gpt.c diff -u src/sys/dev/dkwedge/dkwedge_gpt.c:1.21 src/sys/dev/dkwedge/dkwedge_gpt.c:1.22 --- src/sys/dev/dkwedge/dkwedge_gpt.c:1.21 Tue Nov 6 04:04:33 2018 +++ src/sys/dev/dkwedge/dkwedge_gpt.c Wed Apr 10 15:19:15 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: dkwedge_gpt.c,v 1.21 2018/11/06 04:04:33 mrg Exp $ */ +/* $NetBSD: dkwedge_gpt.c,v 1.22 2019/04/10 15:19:15 mlelstv Exp $ */ /*- * Copyright (c) 2004 The NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: dkwedge_gpt.c,v 1.21 2018/11/06 04:04:33 mrg Exp $"); +__KERNEL_RCSID(0, "$NetBSD: dkwedge_gpt.c,v 1.22 2019/04/10 15:19:15 mlelstv Exp $"); #include #include @@ -76,6 +76,8 @@ static const struct { { GPT_ENT_TYPE_VMWARE_VMKCORE, DKW_PTYPE_VMKCORE }, { GPT_ENT_TYPE_VMWARE_VMFS, DKW_PTYPE_VMFS }, { GPT_ENT_TYPE_VMWARE_RESERVED, DKW_PTYPE_VMWRESV }, + { GPT_ENT_TYPE_MS_BASIC_DATA, DKW_PTYPE_NTFS }, + { GPT_ENT_TYPE_LINUX_DATA, DKW_PTYPE_EXT2FS }, }; static const char *
CVS commit: src/sys/arch/evbmips/conf
Module Name:src Committed By: roy Date: Wed Apr 10 15:19:09 UTC 2019 Modified Files: src/sys/arch/evbmips/conf: ERLITE Log Message: ELRITE is a router enable gif(4) by default. To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/sys/arch/evbmips/conf/ERLITE Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/evbmips/conf/ERLITE diff -u src/sys/arch/evbmips/conf/ERLITE:1.21 src/sys/arch/evbmips/conf/ERLITE:1.22 --- src/sys/arch/evbmips/conf/ERLITE:1.21 Sun Dec 30 14:51:36 2018 +++ src/sys/arch/evbmips/conf/ERLITE Wed Apr 10 15:19:09 2019 @@ -1,11 +1,11 @@ -# $NetBSD: ERLITE,v 1.21 2018/12/30 14:51:36 sevan Exp $ +# $NetBSD: ERLITE,v 1.22 2019/04/10 15:19:09 roy Exp $ include "arch/mips/conf/std.octeon" include "arch/evbmips/conf/files.octeon" #options INCLUDE_CONFIG_FILE # embed config file in kernel binary -#ident "ERLITE-$Revision: 1.21 $" +#ident "ERLITE-$Revision: 1.22 $" maxusers 32 @@ -159,7 +159,7 @@ pseudo-device tun# network tunneling pseudo-device tap# virtual Ethernet #pseudo-device gre# generic L3 over IP tunnel #pseudo-device ipip# RFC 2003 IP Encapsulation -#pseudo-device gif# RFC1933 tunnel +pseudo-device gif# RFC1933 tunnel #pseudo-device faith# IPv[46] tcp relay translation #pseudo-device stf# 6to4 IPv6 over IPv4 encapsulation pseudo-device vlan# IEEE 802.1q encapsulation
CVS commit: src/distrib
Module Name:src Committed By: christos Date: Wed Apr 10 14:52:53 UTC 2019 Modified Files: src/distrib/amiga/miniroot: install.md src/distrib/atari/floppies/prepare: install.md src/distrib/hp300/miniroot: install.md src/distrib/mac68k/miniroot: install.md src/distrib/miniroot: install.sub src/distrib/mvme68k/miniroot: install.md src/distrib/sparc: install.md src/distrib/sun2/miniroot: install.md src/distrib/sun3/miniroot: install.md Log Message: adjust miniroot scripts to deal with the time prefix in dmesg To generate a diff of this commit: cvs rdiff -u -r1.29 -r1.30 src/distrib/amiga/miniroot/install.md cvs rdiff -u -r1.5 -r1.6 src/distrib/atari/floppies/prepare/install.md cvs rdiff -u -r1.16 -r1.17 src/distrib/hp300/miniroot/install.md cvs rdiff -u -r1.4 -r1.5 src/distrib/mac68k/miniroot/install.md cvs rdiff -u -r1.47 -r1.48 src/distrib/miniroot/install.sub cvs rdiff -u -r1.7 -r1.8 src/distrib/mvme68k/miniroot/install.md cvs rdiff -u -r1.23 -r1.24 src/distrib/sparc/install.md cvs rdiff -u -r1.4 -r1.5 src/distrib/sun2/miniroot/install.md cvs rdiff -u -r1.4 -r1.5 src/distrib/sun3/miniroot/install.md Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/amiga/miniroot/install.md diff -u src/distrib/amiga/miniroot/install.md:1.29 src/distrib/amiga/miniroot/install.md:1.30 --- src/distrib/amiga/miniroot/install.md:1.29 Thu Apr 4 17:00:19 2019 +++ src/distrib/amiga/miniroot/install.md Wed Apr 10 10:52:53 2019 @@ -1,4 +1,4 @@ -# $NetBSD: install.md,v 1.29 2019/04/04 21:00:19 christos Exp $ +# $NetBSD: install.md,v 1.30 2019/04/10 14:52:53 christos Exp $ # # # Copyright (c) 1996,2006 The NetBSD Foundation, Inc. @@ -46,20 +46,10 @@ md_set_term() { export TERM } -__mount_kernfs() { - # - # Force kern_fs to be mounted - # - if [ ! -d /kern ] || [ ! -e /kern/msgbuf ]; then - mkdir /kern > /dev/null 2>&1 - /sbin/mount_kernfs /kern /kern >/dev/null 2>&1 - fi -} - md_makerootwritable() { # Mount root rw for convenience of the tester ;-) if ! cp /dev/null /tmp/.root_writable >/dev/null 2>&1; then - __mount_kernfs + mi_mount_kernfs # XXX: Use /kern/rootdev instead? mount -t ffs -u /kern/rootdev / > /dev/null 2>&1 fi @@ -67,16 +57,14 @@ md_makerootwritable() { md_get_diskdevs() { # return available disk devices - __mount_kernfs - sed -n -e '/^[sw]d[0-9] /s/ .*//p' \ - < /kern/msgbuf | sort -u + mi_mount_kernfs + mi_filter_msgbuf | sed -ne '/^[sw]d[0-9] /s/ .*//p' } md_get_cddevs() { # return available CDROM devices - __mount_kernfs - sed -n -e '/^cd[0-9] /s/ .*//p' \ - < /kern/msgbuf | sort -u + mi_mount_kernfs + mi_filter_msgbuf | sed -ne '/^cd[0-9] /s/ .*//p' } md_get_partition_range() { Index: src/distrib/atari/floppies/prepare/install.md diff -u src/distrib/atari/floppies/prepare/install.md:1.5 src/distrib/atari/floppies/prepare/install.md:1.6 --- src/distrib/atari/floppies/prepare/install.md:1.5 Thu Apr 4 17:00:19 2019 +++ src/distrib/atari/floppies/prepare/install.md Wed Apr 10 10:52:53 2019 @@ -1,4 +1,4 @@ -# $NetBSD: install.md,v 1.5 2019/04/04 21:00:19 christos Exp $ +# $NetBSD: install.md,v 1.6 2019/04/10 14:52:53 christos Exp $ # # # Copyright (c) 1996 The NetBSD Foundation, Inc. @@ -46,14 +46,6 @@ md_set_term() { export TERM } -__mount_kernfs() { - # Make sure kernfs is mounted. - if [ ! -d /kern ] || [ ! -e /kern/msgbuf ]; then - mkdir /kern > /dev/null 2>&1 - /sbin/mount_kernfs /kern /kern - fi -} - md_makerootwritable() { # Mount root rw for convenience of the tester ;-) if [ ! -e /tmp/.root_writable ]; then @@ -65,10 +57,8 @@ md_makerootwritable() { md_get_diskdevs() { # return available disk devices - __mount_kernfs - sed -n -e '/^sd[0-9] /s/ .*//p' \ - -e '/^wd[0-9] /s/ .*//p' \ - < /kern/msgbuf | sort -u + mi_mount_kernfs + mi_filter_msgbuf | sed -ne '/^[sw]d[0-9] /s/ .*//p' } md_prep_disklabel() Index: src/distrib/hp300/miniroot/install.md diff -u src/distrib/hp300/miniroot/install.md:1.16 src/distrib/hp300/miniroot/install.md:1.17 --- src/distrib/hp300/miniroot/install.md:1.16 Thu Apr 4 17:00:19 2019 +++ src/distrib/hp300/miniroot/install.md Wed Apr 10 10:52:53 2019 @@ -1,6 +1,6 @@ #!/bin/sh # -# $NetBSD: install.md,v 1.16 2019/04/04 21:00:19 christos Exp $ +# $NetBSD: install.md,v 1.17 2019/04/10 14:52:53 christos Exp $ # # Copyright (c) 1996 The NetBSD Foundation, Inc. # All rights reserved. @@ -69,18 +69,18 @@ __mfs_failed_1 md_get_diskdevs() { # return available disk devices - dmesg | awk -F : '/^rd[0-9]*:./ { print $1; }' | sort -u - dmesg | awk -F : '/^sd[0-9]*:.*sectors/ { print $1; }' | sort -u + mi_filter_dmesg | awk -F : '/^rd[0-9]*:./ { print $1; }' | sort -u + mi_filter_dmesg | awk -F : '/^sd[0-9]*:.*sectors/ { print $1; }' | sort -u } md_get_cddevs() { # return available CD-ROM devices - dmesg | awk -F :
CVS commit: src/share/misc
Module Name:src Committed By: sevan Date: Wed Apr 10 10:57:51 UTC 2019 Modified Files: src/share/misc: acronyms.comp Log Message: Add LLD & LLDD To generate a diff of this commit: cvs rdiff -u -r1.242 -r1.243 src/share/misc/acronyms.comp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/misc/acronyms.comp diff -u src/share/misc/acronyms.comp:1.242 src/share/misc/acronyms.comp:1.243 --- src/share/misc/acronyms.comp:1.242 Fri Apr 5 15:07:42 2019 +++ src/share/misc/acronyms.comp Wed Apr 10 10:57:51 2019 @@ -1,4 +1,4 @@ -$NetBSD: acronyms.comp,v 1.242 2019/04/05 15:07:42 sevan Exp $ +$NetBSD: acronyms.comp,v 1.243 2019/04/10 10:57:51 sevan Exp $ 3WHS three-way handshake 8VSB 8-state vestigial side band modulation AA anti-aliasing @@ -785,6 +785,8 @@ LKML Linux kernel mailing list LL load linked LL/SC load linked/store conditional LLC logical link control +LLD low-level design +LLDD low-level design document LLDP link layer discovery protocol LLF low level format LLMNR link-local multicast name resolution
CVS commit: src/doc
Module Name:src Committed By: sevan Date: Wed Apr 10 10:47:23 UTC 2019 Modified Files: src/doc: TODO.npf Log Message: npf_boot rc script loads npf.boot.conf to address that issue. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/doc/TODO.npf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/TODO.npf diff -u src/doc/TODO.npf:1.6 src/doc/TODO.npf:1.7 --- src/doc/TODO.npf:1.6 Tue Apr 2 11:43:50 2019 +++ src/doc/TODO.npf Wed Apr 10 10:47:23 2019 @@ -19,8 +19,6 @@ Another TODO list is available here: this is what it does. It does not "start" because like an engine with no fuel, an npf with no configuration does not do much. --- npf starts up too late (after traffic can go through) - -- although the framework checks the file for consistency, returning EINVAL for system failures is probably not good enough. For example if a module failed to autoload, it is probably an error and it should be reported
CVS commit: src/share/man/man4
Module Name:src Committed By: wiz Date: Wed Apr 10 10:09:23 UTC 2019 Modified Files: src/share/man/man4: options.4 Log Message: Bump date for previous. To generate a diff of this commit: cvs rdiff -u -r1.499 -r1.500 src/share/man/man4/options.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man4/options.4 diff -u src/share/man/man4/options.4:1.499 src/share/man/man4/options.4:1.500 --- src/share/man/man4/options.4:1.499 Wed Apr 10 10:08:01 2019 +++ src/share/man/man4/options.4 Wed Apr 10 10:09:23 2019 @@ -1,4 +1,4 @@ -.\" $NetBSD: options.4,v 1.499 2019/04/10 10:08:01 tpaul Exp $ +.\" $NetBSD: options.4,v 1.500 2019/04/10 10:09:23 wiz Exp $ .\" .\" Copyright (c) 1996 .\" Perry E. Metzger. All rights reserved. @@ -30,7 +30,7 @@ .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" .\" -.Dd March 25, 2019 +.Dd April 10, 2019 .Dt OPTIONS 4 .Os .Sh NAME
CVS commit: src/share/man/man4
Module Name:src Committed By: tpaul Date: Wed Apr 10 10:08:01 UTC 2019 Modified Files: src/share/man/man4: options.4 Log Message: Remove mention of SPLASHSCREEN_PROGRESS option. It was (mostly) removed from the codebase in 2011. To generate a diff of this commit: cvs rdiff -u -r1.498 -r1.499 src/share/man/man4/options.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man4/options.4 diff -u src/share/man/man4/options.4:1.498 src/share/man/man4/options.4:1.499 --- src/share/man/man4/options.4:1.498 Mon Mar 25 19:24:30 2019 +++ src/share/man/man4/options.4 Wed Apr 10 10:08:01 2019 @@ -1,4 +1,4 @@ -.\" $NetBSD: options.4,v 1.498 2019/03/25 19:24:30 maxv Exp $ +.\" $NetBSD: options.4,v 1.499 2019/04/10 10:08:01 tpaul Exp $ .\" .\" Copyright (c) 1996 .\" Perry E. Metzger. All rights reserved. @@ -2511,10 +2511,6 @@ See for more information. .It Cd options SPLASHSCREEN Display a splash screen during boot. -.It Cd options SPLASHSCREEN_PROGRESS -Display a progress bar at the splash screen during boot. -This option requires -.Em SPLASHSCREEN . .El .Ss isa-specific Options Options specific to
CVS commit: src/sys
Module Name:src Committed By: pgoyette Date: Wed Apr 10 10:03:50 UTC 2019 Modified Files: src/sys/kern: sysv_ipc.c sysv_msg.c sysv_sem.c sysv_shm.c src/sys/sys: msg.h sem.h shm.h Log Message: Replace some "panic()" calls with simple "printf() ; return error" There's no good reason for these build-time parameters to be allowed to panic the kernel when it is easy to simply disable the module code and fail gracefully. While we're at it, similarly replace panic() when malloc fails to also fail gracefully. To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.39 src/sys/kern/sysv_ipc.c cvs rdiff -u -r1.73 -r1.74 src/sys/kern/sysv_msg.c cvs rdiff -u -r1.96 -r1.97 src/sys/kern/sysv_sem.c cvs rdiff -u -r1.133 -r1.134 src/sys/kern/sysv_shm.c cvs rdiff -u -r1.26 -r1.27 src/sys/sys/msg.h cvs rdiff -u -r1.32 -r1.33 src/sys/sys/sem.h cvs rdiff -u -r1.51 -r1.52 src/sys/sys/shm.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/sysv_ipc.c diff -u src/sys/kern/sysv_ipc.c:1.38 src/sys/kern/sysv_ipc.c:1.39 --- src/sys/kern/sysv_ipc.c:1.38 Tue Apr 9 22:05:27 2019 +++ src/sys/kern/sysv_ipc.c Wed Apr 10 10:03:50 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sysv_ipc.c,v 1.38 2019/04/09 22:05:27 pgoyette Exp $ */ +/* $NetBSD: sysv_ipc.c,v 1.39 2019/04/10 10:03:50 pgoyette Exp $ */ /*- * Copyright (c) 1998, 2007 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sysv_ipc.c,v 1.38 2019/04/09 22:05:27 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sysv_ipc.c,v 1.39 2019/04/10 10:03:50 pgoyette Exp $"); #ifdef _KERNEL_OPT #include "opt_sysv.h" @@ -180,13 +180,30 @@ sysv_ipc_modcmd(modcmd_t cmd, void *arg) * sysctl data */ #ifdef SYSVSHM - shminit(_sysvipc_clog); + error = shminit(_sysvipc_clog); + if (error != 0) + return error; #endif #ifdef SYSVSEM - seminit(_sysvipc_clog); + error = seminit(_sysvipc_clog); + if (error != 0) { +#ifdef SYSVSHM + shmfini(); +#endif + return error; + } #endif #ifdef SYSVMSG - msginit(_sysvipc_clog); + error = msginit(_sysvipc_clog); + if (error != 0) { +#ifdef SYSVSEM + semfini(); +#endif +#ifdef SYSVSHM + shmfini(); +#endif + return error; + } #endif #ifdef _MODULE Index: src/sys/kern/sysv_msg.c diff -u src/sys/kern/sysv_msg.c:1.73 src/sys/kern/sysv_msg.c:1.74 --- src/sys/kern/sysv_msg.c:1.73 Thu Feb 21 03:37:19 2019 +++ src/sys/kern/sysv_msg.c Wed Apr 10 10:03:50 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sysv_msg.c,v 1.73 2019/02/21 03:37:19 mrg Exp $ */ +/* $NetBSD: sysv_msg.c,v 1.74 2019/04/10 10:03:50 pgoyette Exp $ */ /*- * Copyright (c) 1999, 2006, 2007 The NetBSD Foundation, Inc. @@ -50,7 +50,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sysv_msg.c,v 1.73 2019/02/21 03:37:19 mrg Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sysv_msg.c,v 1.74 2019/04/10 10:03:50 pgoyette Exp $"); #ifdef _KERNEL_OPT #include "opt_sysv.h" @@ -93,7 +93,7 @@ extern int kern_has_sysvmsg; SYSCTL_SETUP_PROTO(sysctl_ipc_msg_setup); -void +int msginit(struct sysctllog **clog) { int i, sz; @@ -109,12 +109,14 @@ msginit(struct sysctllog **clog) while (i < 1024 && i != msginfo.msgssz) i <<= 1; if (i != msginfo.msgssz) { - panic("msginfo.msgssz = %d, not a small power of 2", + printf("msginfo.msgssz = %d, not a small power of 2", msginfo.msgssz); + return EINVAL; } if (msginfo.msgseg > 32767) { - panic("msginfo.msgseg = %d > 32767", msginfo.msgseg); + printf("msginfo.msgseg = %d > 32767", msginfo.msgseg); + return EINVAL; } /* Allocate the wired memory for our structures */ @@ -124,8 +126,10 @@ msginit(struct sysctllog **clog) ALIGN(msginfo.msgmni * sizeof(kmsq_t)); sz = round_page(sz); v = uvm_km_alloc(kernel_map, sz, 0, UVM_KMF_WIRED|UVM_KMF_ZERO); - if (v == 0) - panic("sysv_msg: cannot allocate memory"); + if (v == 0) { + printf("sysv_msg: cannot allocate memory"); + return ENOMEM; + } msgpool = (void *)v; msgmaps = (void *)((uintptr_t)msgpool + ALIGN(msginfo.msgmax)); msghdrs = (void *)((uintptr_t)msgmaps + @@ -167,6 +171,7 @@ msginit(struct sysctllog **clog) if (clog) sysctl_ipc_msg_setup(clog); #endif + return 0; } int Index: src/sys/kern/sysv_sem.c diff -u src/sys/kern/sysv_sem.c:1.96 src/sys/kern/sysv_sem.c:1.97 --- src/sys/kern/sysv_sem.c:1.96 Thu Feb 21 03:37:19 2019 +++ src/sys/kern/sysv_sem.c Wed Apr 10 10:03:50 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: sysv_sem.c,v 1.96 2019/02/21 03:37:19 mrg Exp $ */ +/* $NetBSD: sysv_sem.c,v 1.97 2019/04/10 10:03:50 pgoyette Exp $ */ /*- * Copyright (c) 1999, 2007 The NetBSD Foundation, Inc. @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: sysv_sem.c,v 1.96 2019/02/21 03:37:19 mrg Exp $"); +__KERNEL_RCSID(0, "$NetBSD: sysv_sem.c,v 1.97 2019/04/10 10:03:50 pgoyette Exp $"); #ifdef _KERNEL_OPT #include "opt_sysv.h" @@ -101,7 +101,7 @@ void semundo_clear(int, int);
CVS commit: src/sys/net
Module Name:src Committed By: msaitoh Date: Wed Apr 10 08:23:46 UTC 2019 Modified Files: src/sys/net: if_media.c Log Message: KNF. No functional change. To generate a diff of this commit: cvs rdiff -u -r1.39 -r1.40 src/sys/net/if_media.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_media.c diff -u src/sys/net/if_media.c:1.39 src/sys/net/if_media.c:1.40 --- src/sys/net/if_media.c:1.39 Wed Apr 10 08:22:18 2019 +++ src/sys/net/if_media.c Wed Apr 10 08:23:46 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_media.c,v 1.39 2019/04/10 08:22:18 msaitoh Exp $ */ +/* $NetBSD: if_media.c,v 1.40 2019/04/10 08:23:46 msaitoh Exp $ */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -76,7 +76,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_media.c,v 1.39 2019/04/10 08:22:18 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_media.c,v 1.40 2019/04/10 08:23:46 msaitoh Exp $"); #include #include @@ -91,8 +91,10 @@ __KERNEL_RCSID(0, "$NetBSD: if_media.c,v #include -static void ifmedia_status(struct ifmedia *, struct ifnet *, struct ifmediareq *); -static int _ifmedia_ioctl(struct ifnet *, struct ifreq *, struct ifmedia *, u_long); +static void ifmedia_status(struct ifmedia *, struct ifnet *, +struct ifmediareq *); +static int _ifmedia_ioctl(struct ifnet *, struct ifreq *, +struct ifmedia *, u_long); /* * Compile-time options: @@ -350,9 +352,8 @@ _ifmedia_ioctl(struct ifnet *ifp, struct ? (size_t)ifmr->ifm_count : nwords; int *kptr = malloc(minwords * sizeof(int), M_TEMP, M_WAITOK); - /* - * Get the media words from the interface's list. - */ + + /* Get the media words from the interface's list. */ ep = TAILQ_FIRST(>ifm_list); for (count = 0; ep != NULL && count < minwords; ep = TAILQ_NEXT(ep, ifm_list), count++)
CVS commit: src/sys/net
Module Name:src Committed By: msaitoh Date: Wed Apr 10 08:22:19 UTC 2019 Modified Files: src/sys/net: if_media.c Log Message: Fix a bug that OSIOCSIFMEDIA can't treat. Add missing inclusion of compat/sys/sockio.h. To generate a diff of this commit: cvs rdiff -u -r1.38 -r1.39 src/sys/net/if_media.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/net/if_media.c diff -u src/sys/net/if_media.c:1.38 src/sys/net/if_media.c:1.39 --- src/sys/net/if_media.c:1.38 Thu Feb 28 05:40:58 2019 +++ src/sys/net/if_media.c Wed Apr 10 08:22:18 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: if_media.c,v 1.38 2019/02/28 05:40:58 msaitoh Exp $ */ +/* $NetBSD: if_media.c,v 1.39 2019/04/10 08:22:18 msaitoh Exp $ */ /*- * Copyright (c) 1998 The NetBSD Foundation, Inc. @@ -76,7 +76,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: if_media.c,v 1.38 2019/02/28 05:40:58 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: if_media.c,v 1.39 2019/04/10 08:22:18 msaitoh Exp $"); #include #include @@ -89,6 +89,8 @@ __KERNEL_RCSID(0, "$NetBSD: if_media.c,v #include #include +#include + static void ifmedia_status(struct ifmedia *, struct ifnet *, struct ifmediareq *); static int _ifmedia_ioctl(struct ifnet *, struct ifreq *, struct ifmedia *, u_long); @@ -260,8 +262,8 @@ _ifmedia_ioctl(struct ifnet *ifp, struct #ifdef OSIOCSIFMEDIA case OSIOCSIFMEDIA: ifr->ifr_media = oifr->ifr_media; - /*FALLTHROUGH*/ #endif + /* FALLTHROUGH */ /* * Set the current media. */
CVS commit: src
Module Name:src Committed By: kre Date: Wed Apr 10 08:13:11 UTC 2019 Modified Files: src/bin/sh: expand.c src/tests/bin/sh: t_expand.sh Log Message: PR bin/54112 Fix handling of "$@" (that is, double quoted dollar at), when it appears in a string which will be subject to field splitting. Eg: ${0+"$@" } More common usages, like the simple "$@" or ${0+"$@"} end up being entirely quoted, so no field splitting happens, and the problem was avoided. See the PR for more details. This ends up making a bunch of old hack code (and some that was relatively new) vanish - for now it is just #if 0'd or commented out. Cleanups of that stuff will happen later. That some of the worst $@ hacks are now gone does not mean that processing of "$@" does not retain a very special place in every hackers heart. RIP extreme ugliness - long live the merely ordinary ugly. Added a new bin/sh ATF test case to verify that all this remains fixed. To generate a diff of this commit: cvs rdiff -u -r1.131 -r1.132 src/bin/sh/expand.c cvs rdiff -u -r1.20 -r1.21 src/tests/bin/sh/t_expand.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/bin/sh/expand.c diff -u src/bin/sh/expand.c:1.131 src/bin/sh/expand.c:1.132 --- src/bin/sh/expand.c:1.131 Wed Feb 27 04:10:56 2019 +++ src/bin/sh/expand.c Wed Apr 10 08:13:11 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: expand.c,v 1.131 2019/02/27 04:10:56 kre Exp $ */ +/* $NetBSD: expand.c,v 1.132 2019/04/10 08:13:11 kre Exp $ */ /*- * Copyright (c) 1991, 1993 @@ -37,7 +37,7 @@ #if 0 static char sccsid[] = "@(#)expand.c 8.5 (Berkeley) 5/15/95"; #else -__RCSID("$NetBSD: expand.c,v 1.131 2019/02/27 04:10:56 kre Exp $"); +__RCSID("$NetBSD: expand.c,v 1.132 2019/04/10 08:13:11 kre Exp $"); #endif #endif /* not lint */ @@ -97,6 +97,8 @@ struct ifsregion ifsfirst; /* first stru struct ifsregion *ifslastp; /* last struct in list */ struct arglist exparg; /* holds expanded arg list */ +static int empty_dollar_at; /* have expanded "$@" to nothing */ + STATIC const char *argstr(const char *, int); STATIC const char *exptilde(const char *, int); STATIC void expbackq(union node *, int, int); @@ -180,6 +182,7 @@ expandarg(union node *arg, struct arglis if (fflag) /* no filename expandsion */ flag &= ~EXP_GLOB; + empty_dollar_at = 0; argbackq = arg->narg.backquote; STARTSTACKSTR(expdest); ifsfirst.next = NULL; @@ -243,6 +246,8 @@ argstr(const char *p, int flag) char c; const int quotes = flag & EXP_QNEEDED; /* do CTLESC */ int firsteq = 1; + int had_dol_at = 0; + int startoff; const char *ifs = NULL; int ifs_split = EXP_IFS_SPLIT; @@ -251,6 +256,7 @@ argstr(const char *p, int flag) CTRACE(DBG_EXPAND, ("argstr(\"%s\", %#x) quotes=%#x\n", p,flag,quotes)); + startoff = expdest - stackblock(); if (*p == '~' && (flag & (EXP_TILDE | EXP_VARTILDE))) p = exptilde(p, flag); for (;;) { @@ -262,6 +268,8 @@ argstr(const char *p, int flag) return p - 1; case CTLENDVAR: /* end of expanding yyy in ${xxx-yyy} */ case CTLENDARI: /* end of a $(( )) string */ + if (had_dol_at && (*p&0xFF) == CTLQUOTEEND) +p++; NULLTERM_4_TRACE(expdest); VTRACE(DBG_EXPAND, ("argstr returning at \"%.6s\"..." " after %2.2X; added \"%s\" to expdest\n", @@ -270,8 +278,12 @@ argstr(const char *p, int flag) case CTLQUOTEMARK: /* "$@" syntax adherence hack */ if (p[0] == CTLVAR && p[1] & VSQUOTE && - p[2] == '@' && p[3] == '=') + p[2] == '@' && p[3] == '=') { +had_dol_at = 1; break; + } + had_dol_at = 0; + empty_dollar_at = 0; if ((flag & EXP_SPLIT) != 0) STPUTC(c, expdest); ifs_split = 0; @@ -285,9 +297,14 @@ argstr(const char *p, int flag) STPUTC('\n', expdest); /* no line_number++ */ break; case CTLQUOTEEND: - if ((flag & EXP_SPLIT) != 0) + if (empty_dollar_at && + expdest - stackblock() > startoff && + expdest[-1] == CTLQUOTEMARK) +expdest--; + else if (!had_dol_at && (flag & EXP_SPLIT) != 0) STPUTC(c, expdest); ifs_split = EXP_IFS_SPLIT; + had_dol_at = 0; break; case CTLESC: if (quotes || ISCTL(*p)) @@ -890,6 +907,8 @@ evalvar(const char *p, int flag) } else if (special) { set = varisset(var, varflags & VSNUL); val = NULL; + if (!set && *var == '@') + empty_dollar_at = 1; } else { val = lookupvar(var); if (val == NULL || ((varflags & VSNUL) && val[0] == '\0')) { @@ -916,9 +935,11 @@ evalvar(const char *p, int flag) } } +#if 0 /* no longer need this $@ evil ... */ if (!set && subtype != VSPLUS && special && *var == '@') if (startloc > 0 && expdest[-1] == CTLQUOTEMARK) expdest--, startloc--; +#endif if (set && subtype != VSPLUS) { /* insert the value of the variable */ @@ -1202,13 +1223,23 @@ varvalue(const char *name, int quoted, i if (flag & EXP_SPLIT && quoted) { VTRACE(DBG_EXPAND, (":
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: martin Date: Wed Apr 10 07:40:36 UTC 2019 Modified Files: src/doc [netbsd-8]: CHANGES-8.1 Log Message: Ticket #1229 To generate a diff of this commit: cvs rdiff -u -r1.1.2.126 -r1.1.2.127 src/doc/CHANGES-8.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.1 diff -u src/doc/CHANGES-8.1:1.1.2.126 src/doc/CHANGES-8.1:1.1.2.127 --- src/doc/CHANGES-8.1:1.1.2.126 Sun Apr 7 13:48:23 2019 +++ src/doc/CHANGES-8.1 Wed Apr 10 07:40:36 2019 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-8.1,v 1.1.2.126 2019/04/07 13:48:23 martin Exp $ +# $NetBSD: CHANGES-8.1,v 1.1.2.127 2019/04/10 07:40:36 martin Exp $ A complete list of changes from the NetBSD 8.0 release to the NetBSD 8.1 release: @@ -2827,3 +2827,10 @@ sys/dev/pci/if_bge.c1.328 Fix ASIC revision check. [bouyer, ticket #1228] +sys/conf/files 1.1233 +sys/conf/param.c1.68 +sys/kern/sysv_ipc.c1.38 + + defparam all of the config variables associated with SYSV IPC stuff. + [pgoyette, ticket #1229] +
CVS commit: [netbsd-8] src/sys
Module Name:src Committed By: martin Date: Wed Apr 10 07:39:31 UTC 2019 Modified Files: src/sys/conf [netbsd-8]: files param.c src/sys/kern [netbsd-8]: sysv_ipc.c Log Message: Pull up following revision(s) (requested by pgoyette in ticket #1229): sys/kern/sysv_ipc.c: revision 1.38 sys/conf/files: revision 1.1233 sys/conf/param.c: revision 1.68 defparam all of the config variables associated with SYSV IPC stuff. The variables were removed from sys/conf/param.c and moved into the SYSV IPC code, but config options were never propagated via any opt_* file. This should fix an issue reported on netbsd-users list from Dima Veselov. Note that this does not address other parameters included in that report, including CHILD_MAX and NOFILE; this commit only affects items related to the SYSV IPC code. Also note that this does not affect non-built-in sysv_ipc modules, for which you need to update the Makefile to use any non-standard config values - just like any other non-built-in modules which have config params. XXX Pull-up to -8 and -8-0 XXX Note that there are a couple of panic() calls in msginit() which XXX really should be changed to simple printf() and then result in XXX msginit failure. Unfortunately msginit() currently doesn't return XXX a value so we cannot indicate failure to the caller. I will fix XXX this is a future commit. To generate a diff of this commit: cvs rdiff -u -r1.1173.2.6 -r1.1173.2.7 src/sys/conf/files cvs rdiff -u -r1.67 -r1.67.10.1 src/sys/conf/param.c cvs rdiff -u -r1.32 -r1.32.10.1 src/sys/kern/sysv_ipc.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/conf/files diff -u src/sys/conf/files:1.1173.2.6 src/sys/conf/files:1.1173.2.7 --- src/sys/conf/files:1.1173.2.6 Wed Oct 31 09:30:10 2018 +++ src/sys/conf/files Wed Apr 10 07:39:31 2019 @@ -1,4 +1,4 @@ -# $NetBSD: files,v 1.1173.2.6 2018/10/31 09:30:10 martin Exp $ +# $NetBSD: files,v 1.1173.2.7 2019/04/10 07:39:31 martin Exp $ # @(#)files.newconf 7.5 (Berkeley) 5/10/93 version 20170615 @@ -69,7 +69,10 @@ defflagCPU_IN_CKSUM defflag opt_dtrace.h KDTRACE_HOOKS defflag opt_sysv.h SYSVMSG SYSVSEM SYSVSHM -defparam opt_sysvparam.h SHMMAXPGS SEMMNI SEMMNS SEMUME SEMMNU +defparam opt_sysvparam.h MSGMAX MSGMNI MSGMNB MSGTQL MSGSSZ MSGSEG +defparam opt_sysvparam.h SEMMAP SEMMNI SEMMNS SEMMNU SEMMSL SEMOPM +defparam opt_sysvparam.h SEMUME SEMUSZ SEMVMX SEMAEM +defparam opt_sysvparam.h SHMMAX SHMMIN SHMMNI SHMSEG SHMMAXPGS defflag opt_ntp.h PPS_SYNC PPS_DEBUG NTP Index: src/sys/conf/param.c diff -u src/sys/conf/param.c:1.67 src/sys/conf/param.c:1.67.10.1 --- src/sys/conf/param.c:1.67 Mon Nov 9 01:21:18 2015 +++ src/sys/conf/param.c Wed Apr 10 07:39:31 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: param.c,v 1.67 2015/11/09 01:21:18 pgoyette Exp $ */ +/* $NetBSD: param.c,v 1.67.10.1 2019/04/10 07:39:31 martin Exp $ */ /* * Copyright (c) 1980, 1986, 1989 Regents of the University of California. @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: param.c,v 1.67 2015/11/09 01:21:18 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: param.c,v 1.67.10.1 2019/04/10 07:39:31 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_hz.h" @@ -149,69 +149,6 @@ int mblowat = MBLOWAT; #endif int mcllowat = MCLLOWAT; -#if XXX_PRG -/* - * Values in support of System V compatible shared memory. XXX - */ -#ifdef SYSVSHM -#if !defined(SHMMAX) && defined(SHMMAXPGS) -#define SHMMAX SHMMAXPGS /* shminit() performs a `*= PAGE_SIZE' */ -#elif !defined(SHMMAX) -#define SHMMAX 0 -#endif -#ifndef SHMMIN -#define SHMMIN 1 -#endif -#ifndef SHMMNI -#define SHMMNI 128 /* <64k, see IPCID_TO_IX in ipc.h */ -#endif -#ifndef SHMSEG -#define SHMSEG 128 -#endif - -struct shminfo shminfo = { - SHMMAX, - SHMMIN, - SHMMNI, - SHMSEG, - 0 -}; -#endif - -/* - * Values in support of System V compatible semaphores. - */ -#ifdef SYSVSEM -struct seminfo seminfo = { - SEMMAP, /* # of entries in semaphore map */ - SEMMNI, /* # of semaphore identifiers */ - SEMMNS, /* # of semaphores in system */ - SEMMNU, /* # of undo structures in system */ - SEMMSL, /* max # of semaphores per id */ - SEMOPM, /* max # of operations per semop call */ - SEMUME, /* max # of undo entries per process */ - SEMUSZ, /* size in bytes of undo structure */ - SEMVMX, /* semaphore maximum value */ - SEMAEM /* adjust on exit max value */ -}; -#endif - -/* - * Values in support of System V compatible messages. - */ -#ifdef SYSVMSG -struct msginfo msginfo = { - MSGMAX, /* max chars in a message */ - MSGMNI, /* # of message queue identifiers */ - MSGMNB, /* max chars in a queue */ - MSGTQL, /* max messages in system */ - MSGSSZ, /* size of a message segment */ - /* (must be small power of 2 greater than 4) */ - MSGSEG /* number of message segments */ -}; -#endif -#endif /* XXX_PRG */ - /* * Actual network mbuf sizes
CVS commit: src/sys/arch/aarch64/aarch64
Module Name:src Committed By: ryo Date: Wed Apr 10 06:58:12 UTC 2019 Modified Files: src/sys/arch/aarch64/aarch64: TODO Log Message: some items are already done. update and sync with reality. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/sys/arch/aarch64/aarch64/TODO Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/aarch64/aarch64/TODO diff -u src/sys/arch/aarch64/aarch64/TODO:1.4 src/sys/arch/aarch64/aarch64/TODO:1.5 --- src/sys/arch/aarch64/aarch64/TODO:1.4 Sat Apr 6 03:06:24 2019 +++ src/sys/arch/aarch64/aarch64/TODO Wed Apr 10 06:58:12 2019 @@ -1,15 +1,8 @@ -$NetBSD: TODO,v 1.4 2019/04/06 03:06:24 thorpej Exp $ +$NetBSD: TODO,v 1.5 2019/04/10 06:58:12 ryo Exp $ TODO list for NetBSD/aarch64 - -- known bugs - - __thread attributed variables fail to work (ld_elf.so issue?) - - C++ stack unwinding (libunwind?) - -- not yet - kernel preemption - Implement __HAVE_UCAS_FULL or __HAVE_UCAS_MP (don't use full generic impl) - - crash(8), savecore(8) and libkvm (cpu_kcore_hdr_t) - - pmap should be work even if PID_MAX >= 65536 + - pmap should be work even if PID_MAX >= 65536 (don't depend 16bit ASID) - TLB ASID in pmap should be randomized - - COMPAT_NETBSD32 + - COMPAT_NETBSD32 for thumb mode
CVS commit: src/sys/arch/aarch64/aarch64
Module Name:src Committed By: ryo Date: Wed Apr 10 06:30:05 UTC 2019 Modified Files: src/sys/arch/aarch64/aarch64: syscall.c Log Message: add missing userret() at the end of md_child_return(). this change make some ATF to pass. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/sys/arch/aarch64/aarch64/syscall.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/aarch64/aarch64/syscall.c diff -u src/sys/arch/aarch64/aarch64/syscall.c:1.5 src/sys/arch/aarch64/aarch64/syscall.c:1.6 --- src/sys/arch/aarch64/aarch64/syscall.c:1.5 Sat Apr 6 11:54:19 2019 +++ src/sys/arch/aarch64/aarch64/syscall.c Wed Apr 10 06:30:05 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: syscall.c,v 1.5 2019/04/06 11:54:19 kamil Exp $ */ +/* $NetBSD: syscall.c,v 1.6 2019/04/10 06:30:05 ryo Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -61,7 +61,7 @@ #define EMULNAME(x) (x) #define EMULNAMEU(x) (x) -__KERNEL_RCSID(0, "$NetBSD: syscall.c,v 1.5 2019/04/06 11:54:19 kamil Exp $"); +__KERNEL_RCSID(0, "$NetBSD: syscall.c,v 1.6 2019/04/10 06:30:05 ryo Exp $"); void cpu_spawn_return(struct lwp *l) @@ -79,6 +79,8 @@ md_child_return(struct lwp *l) tf->tf_reg[1] = 1; tf->tf_spsr &= ~NZCV_C; l->l_md.md_cpacr = CPACR_FPEN_NONE; + + userret(l); } #endif
CVS commit: src/tests/dev/cgd
Module Name:src Committed By: kre Date: Wed Apr 10 06:13:21 UTC 2019 Modified Files: src/tests/dev/cgd: t_cgd.sh Log Message: Fix quoting (quotes really do not nest...) and remove a bunch of it that is harmless, but also pointless (in sh, quotes do not make strings, everything is a string, rather they hide characters which would have some other meaning unquoted (like spaces) - quotes are not needed around strings like "descr" so remove them... Be more consistent with line wrap style, try to avoid wrapping in the middle of a (sh) word where possible. Avoid \ use when it is not needed. Un-KNF (C style) - sh has no declarations, there is no need to leave blank lines at the head of a function to mark the end of the declarations. This should be a NFC - but the quoting really was broken before, just was probably harmless breakage. To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/tests/dev/cgd/t_cgd.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/tests/dev/cgd/t_cgd.sh diff -u src/tests/dev/cgd/t_cgd.sh:1.12 src/tests/dev/cgd/t_cgd.sh:1.13 --- src/tests/dev/cgd/t_cgd.sh:1.12 Wed Apr 10 06:09:39 2019 +++ src/tests/dev/cgd/t_cgd.sh Wed Apr 10 06:13:21 2019 @@ -1,4 +1,4 @@ -# $NetBSD: t_cgd.sh,v 1.12 2019/04/10 06:09:39 kre Exp $ +# $NetBSD: t_cgd.sh,v 1.13 2019/04/10 06:13:21 kre Exp $ # # Copyright (c) 2010 The NetBSD Foundation, Inc. # All rights reserved. @@ -34,13 +34,12 @@ atf_test_case basic cleanup basic_head() { - atf_set "descr" "Tests that encrypt/decrypt works" - atf_set "require.progs" "rump_server" + atf_set descr "Tests that encrypt/decrypt works" + atf_set require.progs rump_server } basic_body() { - d=$(atf_get_srcdir) atf_check -s exit:0 \ ${cgdserver} -d key=/dev/dk,hostpath=dk.img,size=1m unix://csock @@ -57,7 +56,6 @@ basic_body() basic_cleanup() { - env RUMP_SERVER=unix://csock rump.halt || true } @@ -65,28 +63,27 @@ atf_test_case wrongpass cleanup wrongpass_head() { - atf_set "descr" "Tests that wrong password does not give original " \ - "plaintext" - atf_set "require.progs" "rump_server" + atf_set descr \ + "Tests that wrong password does not give original plaintext" + atf_set require.progs rump_server } wrongpass_body() { - d=$(atf_get_srcdir) atf_check -s exit:0 \ ${cgdserver} -d key=/dev/dk,hostpath=dk.img,size=1m unix://csock export RUMP_SERVER=unix://csock - atf_check -s exit:0 -x "echo 12345 | \ - rump.cgdconfig -p cgd0 /dev/dk ${d}/paramsfile" + atf_check -s exit:0 -x \ + "echo 12345 | rump.cgdconfig -p cgd0 /dev/dk ${d}/paramsfile" atf_check -s exit:0 -e ignore -x \ "dd if=${d}/t_cgd | rump.dd of=${rawcgd} count=2" # unconfig and reconfig cgd atf_check -s exit:0 rump.cgdconfig -u cgd0 - atf_check -s exit:0 -x "echo 54321 | \ - rump.cgdconfig -p cgd0 /dev/dk ${d}/paramsfile" + atf_check -s exit:0 -x \ + "echo 54321 | rump.cgdconfig -p cgd0 /dev/dk ${d}/paramsfile" atf_check -s exit:0 -e ignore dd if=${d}/t_cgd of=testfile count=2 atf_check -s exit:0 -e ignore -o not-file:testfile \ @@ -95,7 +92,6 @@ wrongpass_body() wrongpass_cleanup() { - env RUMP_SERVER=unix://csock rump.halt || true } @@ -103,9 +99,8 @@ wrongpass_cleanup() atf_test_case unaligned_write cleanup unaligned_write_head() { - - atf_set "descr" "Attempt unaligned writes to a raw cgd device" - atf_set "require.progs" "rump_server" + atf_set descr "Attempt unaligned writes to a raw cgd device" + atf_set require.progs rump_server } unaligned_write_body() @@ -115,8 +110,8 @@ unaligned_write_body() ${cgdserver} -d key=/dev/dk,hostpath=dk.img,size=1m unix://csock export RUMP_SERVER=unix://csock - atf_check -s exit:0 -x "echo 12345 | \ - rump.cgdconfig -p cgd0 /dev/dk ${d}/paramsfile" + atf_check -s exit:0 -x \ + "echo 12345 | rump.cgdconfig -p cgd0 /dev/dk ${d}/paramsfile" # Check that cgd rejects writes of totally bogus lengths. atf_check -s not-exit:0 -e ignore -x \ @@ -133,8 +128,8 @@ unaligned_write_body() # packetizing the input on bogus boundaries and using the # bizarre behaviour of `bs=N' in dd. atf_check -s not-exit:0 -e ignore -x \ - "(echo -n x && sleep 1 && head -c 511 /dev/null ; \ - env RUMP_SERVER=unix://csock rump.halt || true ; \ + eval "${name}_cleanup() { + rump.cgdconfig -u cgd0 2>/dev/null + env RUMP_SERVER=unix://csock rump.halt || true }" } @@ -191,7 +186,6 @@ test_case_vmeth_failure mbr atf_init_test_cases() { - atf_add_test_case basic atf_add_test_case wrongpass atf_add_test_case unaligned_write
CVS commit: src/sbin/cgdconfig
Module Name:src Committed By: kre Date: Wed Apr 10 06:11:37 UTC 2019 Modified Files: src/sbin/cgdconfig: cgdconfig.c Log Message: KNF, 80 column police, a few other tidy ups (use if (ret == 0) rather than if (!ret) when ret is not a boolean, and test fopen result against NULL, for example). NFCI. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 src/sbin/cgdconfig/cgdconfig.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sbin/cgdconfig/cgdconfig.c diff -u src/sbin/cgdconfig/cgdconfig.c:1.49 src/sbin/cgdconfig/cgdconfig.c:1.50 --- src/sbin/cgdconfig/cgdconfig.c:1.49 Wed Apr 10 06:09:39 2019 +++ src/sbin/cgdconfig/cgdconfig.c Wed Apr 10 06:11:37 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: cgdconfig.c,v 1.49 2019/04/10 06:09:39 kre Exp $ */ +/* $NetBSD: cgdconfig.c,v 1.50 2019/04/10 06:11:37 kre Exp $ */ /*- * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #ifndef lint __COPYRIGHT("@(#) Copyright (c) 2002, 2003\ The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: cgdconfig.c,v 1.49 2019/04/10 06:09:39 kre Exp $"); +__RCSID("$NetBSD: cgdconfig.c,v 1.50 2019/04/10 06:11:37 kre Exp $"); #endif #include @@ -629,7 +629,7 @@ configure(int argc, char **argv, struct (void)unconfigure_fd(fd); goto bail_err; } - if (!ret) + if (ret == 0) /* success */ break; (void)unconfigure_fd(fd); @@ -646,7 +646,8 @@ configure(int argc, char **argv, struct params_free(p); (void)prog_close(fd); return 0; -bail_err: + + bail_err:; params_free(p); (void)prog_close(fd); return -1; @@ -703,7 +704,7 @@ opendisk_werror(const char *cgd, char *b { int fd; - VPRINTF(3, ("opendisk_werror(%s, %s, %zu) called.\n", cgd, buf, buflen)); + VPRINTF(3, ("opendisk_werror(%s, %s, %zu) called.\n", cgd,buf,buflen)); /* sanity */ if (!cgd || !buf) @@ -919,14 +920,14 @@ verify_gpt(int fd) } ret = 1; - for (blksize=DEV_BSIZE; - (off = blksize * GPT_HDR_BLKNO) <= SCANSIZE - sizeof(hdr); + for (blksize = DEV_BSIZE; + (off = (blksize * GPT_HDR_BLKNO)) <= SCANSIZE - sizeof(hdr); blksize <<= 1) { memcpy(, [off], sizeof(hdr)); - if (memcmp(hdr.hdr_sig, GPT_HDR_SIG, sizeof(hdr.hdr_sig)) == 0 && - le32toh(hdr.hdr_revision) == GPT_HDR_REVISION && - le32toh(hdr.hdr_size) == GPT_HDR_SIZE) { + if (memcmp(hdr.hdr_sig, GPT_HDR_SIG, sizeof(hdr.hdr_sig)) == 0 + && le32toh(hdr.hdr_revision) == GPT_HDR_REVISION + && le32toh(hdr.hdr_size) == GPT_HDR_SIZE) { hdr.hdr_crc_self = 0; if (crc32(, sizeof(hdr))) { @@ -993,7 +994,9 @@ verify_reenter(struct params *p) /* add a compat flag till the _OLD method goes away */ key = getkey_pkcs5_pbkdf2("re-enter device", kg, - bits_len(orig_key), kg->kg_method == KEYGEN_PKCS5_PBKDF2_OLD); + bits_len(orig_key), + kg->kg_method == KEYGEN_PKCS5_PBKDF2_OLD); + ret = !bits_match(key, orig_key); bits_free(key); @@ -1113,7 +1116,7 @@ generate_convert(struct params *p, int a } return params_cput(p, outfile); -bail: + bail:; params_free(oldp); return -1; } @@ -1141,7 +1144,7 @@ do_all(const char *cfile, int argc, char fn = cfile; f = fopen(fn, "r"); - if (!f) { + if (f == NULL) { warn("could not open config file \"%s\"", fn); return -1; } @@ -1222,7 +1225,7 @@ show(const char *dev) { printf("%s ", iv_method(cgu.cgu_mode)); } -out: + out:; putchar('\n'); close(fd); }
CVS commit: src
Module Name:src Committed By: kre Date: Wed Apr 10 06:09:39 UTC 2019 Modified Files: src/sbin/cgdconfig: cgdconfig.c src/tests/dev/cgd: t_cgd.sh Log Message: PR bin/53999 from rudolf (eq.cz) Fix cgdconfig to report verification failures with gpt and mbr verification methods (and not treat them as silent hard errors). This also causes the cgd to be unconfigured when one of those verification methods fails. Add ATF tests to check that bad verification is reported, and does not leave the cgd configured. Patches from the PR applied. To generate a diff of this commit: cvs rdiff -u -r1.48 -r1.49 src/sbin/cgdconfig/cgdconfig.c cvs rdiff -u -r1.11 -r1.12 src/tests/dev/cgd/t_cgd.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sbin/cgdconfig/cgdconfig.c diff -u src/sbin/cgdconfig/cgdconfig.c:1.48 src/sbin/cgdconfig/cgdconfig.c:1.49 --- src/sbin/cgdconfig/cgdconfig.c:1.48 Wed May 9 19:38:46 2018 +++ src/sbin/cgdconfig/cgdconfig.c Wed Apr 10 06:09:39 2019 @@ -1,4 +1,4 @@ -/* $NetBSD: cgdconfig.c,v 1.48 2018/05/09 19:38:46 alnsn Exp $ */ +/* $NetBSD: cgdconfig.c,v 1.49 2019/04/10 06:09:39 kre Exp $ */ /*- * Copyright (c) 2002, 2003 The NetBSD Foundation, Inc. @@ -33,7 +33,7 @@ #ifndef lint __COPYRIGHT("@(#) Copyright (c) 2002, 2003\ The NetBSD Foundation, Inc. All rights reserved."); -__RCSID("$NetBSD: cgdconfig.c,v 1.48 2018/05/09 19:38:46 alnsn Exp $"); +__RCSID("$NetBSD: cgdconfig.c,v 1.49 2019/04/10 06:09:39 kre Exp $"); #endif #include @@ -625,8 +625,10 @@ configure(int argc, char **argv, struct goto bail_err; ret = verify(p, fd); - if (ret == -1) + if (ret == -1) { + (void)unconfigure_fd(fd); goto bail_err; + } if (!ret) break; @@ -830,7 +832,7 @@ verify_mbr(int fd) memcpy(, buf, sizeof(mbr)); if (le16toh(mbr.mbr_magic) != MBR_MAGIC) - return -1; + return 1; return 0; } @@ -916,7 +918,7 @@ verify_gpt(int fd) return -1; } - ret = -1; + ret = 1; for (blksize=DEV_BSIZE; (off = blksize * GPT_HDR_BLKNO) <= SCANSIZE - sizeof(hdr); blksize <<= 1) { Index: src/tests/dev/cgd/t_cgd.sh diff -u src/tests/dev/cgd/t_cgd.sh:1.11 src/tests/dev/cgd/t_cgd.sh:1.12 --- src/tests/dev/cgd/t_cgd.sh:1.11 Tue Feb 19 21:08:24 2013 +++ src/tests/dev/cgd/t_cgd.sh Wed Apr 10 06:09:39 2019 @@ -1,4 +1,4 @@ -# $NetBSD: t_cgd.sh,v 1.11 2013/02/19 21:08:24 joerg Exp $ +# $NetBSD: t_cgd.sh,v 1.12 2019/04/10 06:09:39 kre Exp $ # # Copyright (c) 2010 The NetBSD Foundation, Inc. # All rights reserved. @@ -150,10 +150,53 @@ unaligned_write_cleanup() env RUMP_SERVER=unix://csock rump.halt || true } +vmeth_failure_body() +{ + + local vmeth="$1" + local d=$(atf_get_srcdir) + + atf_check -s exit:0 \ + ${cgdserver} -d key=/dev/dk,hostpath=dk.img,size=1m unix://csock + export RUMP_SERVER=unix://csock + atf_check -s not-exit:0 -e ignore -x "echo 12345 | \ + rump.cgdconfig -V "${vmeth}" -p cgd0 /dev/dk ${d}/paramsfile" + atf_check -s exit:0 -o not-match:"(^| )cgd0( |$)" rump.sysctl -n hw.disknames +} + +test_case_vmeth_failure() +{ + + local vmeth="${1}" + local name="vmeth_failure_${vmeth}" + + atf_test_case "${name}" cleanup + eval "${name}_head() { \ + atf_set "descr" "Tests verification method \"${vmeth}\" failure" ; \ + atf_set "require.progs" "rump_server" ; \ + }" + eval "${name}_body() { \ + vmeth_failure_body "${vmeth}" ; \ + }" + eval "${name}_cleanup() { \ + rump.cgdconfig -u cgd0 2>/dev/null ; \ + env RUMP_SERVER=unix://csock rump.halt || true ; \ + }" +} + +test_case_vmeth_failure disklabel +test_case_vmeth_failure ffs +test_case_vmeth_failure gpt +test_case_vmeth_failure mbr + atf_init_test_cases() { atf_add_test_case basic atf_add_test_case wrongpass atf_add_test_case unaligned_write + atf_add_test_case vmeth_failure_disklabel + atf_add_test_case vmeth_failure_ffs + atf_add_test_case vmeth_failure_gpt + atf_add_test_case vmeth_failure_mbr }