CVS commit: src/sys/netinet6
Module Name:src
Committed By: ozaki-r
Date: Wed Mar 22 03:17:18 UTC 2023
Modified Files:
src/sys/netinet6: raw_ip6.c
Log Message:
in6: make sure a user-specified checksum field is within a packet
>From OpenBSD
To generate a diff of this commit:
cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/raw_ip6.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/netinet6/raw_ip6.c
diff -u src/sys/netinet6/raw_ip6.c:1.182 src/sys/netinet6/raw_ip6.c:1.183
--- src/sys/netinet6/raw_ip6.c:1.182 Fri Nov 4 09:01:53 2022
+++ src/sys/netinet6/raw_ip6.c Wed Mar 22 03:17:18 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: raw_ip6.c,v 1.182 2022/11/04 09:01:53 ozaki-r Exp $ */
+/* $NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $ */
/* $KAME: raw_ip6.c,v 1.82 2001/07/23 18:57:56 jinmei Exp $ */
/*
@@ -62,7 +62,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.182 2022/11/04 09:01:53 ozaki-r Exp $");
+__KERNEL_RCSID(0, "$NetBSD: raw_ip6.c,v 1.183 2023/03/22 03:17:18 ozaki-r Exp $");
#ifdef _KERNEL_OPT
#include "opt_ipsec.h"
@@ -202,7 +202,16 @@ rip6_input(struct mbuf **mp, int *offp,
continue;
if (in6p_cksum(inp) != -1) {
RIP6_STATINC(RIP6_STAT_ISUM);
- if (in6_cksum(m, proto, *offp,
+ /*
+ * Although in6_cksum() does not need the position of
+ * the checksum field for verification, enforce that it
+ * is located within the packet. Userland has given
+ * a checksum offset, a packet too short for that is
+ * invalid. Avoid overflow with user supplied offset.
+ */
+ if (m->m_pkthdr.len < *offp + 2 ||
+ m->m_pkthdr.len - *offp - 2 < in6p_cksum(inp) ||
+ in6_cksum(m, proto, *offp,
m->m_pkthdr.len - *offp)) {
RIP6_STATINC(RIP6_STAT_BADSUM);
continue;
@@ -470,7 +479,7 @@ rip6_output(struct mbuf *m, struct socke
off = offsetof(struct icmp6_hdr, icmp6_cksum);
else
off = in6p_cksum(inp);
- if (plen < off + 1) {
+ if (plen < 2 || plen - 2 < off) {
error = EINVAL;
goto bad;
}
CVS commit: src/sys/netinet6
Module Name:src Committed By: ozaki-r Date: Wed Mar 22 03:17:18 UTC 2023 Modified Files: src/sys/netinet6: raw_ip6.c Log Message: in6: make sure a user-specified checksum field is within a packet >From OpenBSD To generate a diff of this commit: cvs rdiff -u -r1.182 -r1.183 src/sys/netinet6/raw_ip6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/mips/cavium/dev
Module Name:src Committed By: riastradh Date: Tue Mar 21 22:07:29 UTC 2023 Modified Files: src/sys/arch/mips/cavium/dev: octeon_rnm.c Log Message: octrnm(4): Raise delay on startup. According to CN50XX-HRM-V0.99E and CN78XX-HM-0.99E: The entropy is provided by the jitter of 125 of 128 free-running oscillators XORed into a 128-bit LFSR. The LFSR accumulates entropy over 81 cycles, after which it is fed into a SHA-1 engine. [...] The SHA-1 engine runs once every 81 cycles. [...] The hardware produces new 64-bit random number every 81 cycles. The last sentence means that we only need to wait 81 cycles _between_ consecutive SHA-1 outputs (which isn't relevant anyway because we reconfigure it into raw mode later), but the first two quotes might mean that we need to wait 81+81 cycles for the _first_ output to be produced on boot when running the self-test. Now, in this case, the self-test is run with the LFSR unhooked, by clearing the RNM_CTL_STATUS[ENT_EN] bit, so that SHA-1 is computed from a known input -- this is really just paranoia to make sure that _some_ functions of the device (which is conjured out of thin air at a fixed virtual address, with no firmware bindings to guide us) behave as we expect. And it's not clear if it really does take 81+81 cycles for the first SHA-1 output to appear when the LFSR isn't feeding into it anyway. But experimentally, delay of 81+81 cycles seems to work whereas a delay of only 81 cycles crashes. PR kern/57280 XXX pullup-10 XXX pullup-9 To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/sys/arch/mips/cavium/dev/octeon_rnm.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/mips/cavium/dev
Module Name:src Committed By: riastradh Date: Tue Mar 21 22:07:29 UTC 2023 Modified Files: src/sys/arch/mips/cavium/dev: octeon_rnm.c Log Message: octrnm(4): Raise delay on startup. According to CN50XX-HRM-V0.99E and CN78XX-HM-0.99E: The entropy is provided by the jitter of 125 of 128 free-running oscillators XORed into a 128-bit LFSR. The LFSR accumulates entropy over 81 cycles, after which it is fed into a SHA-1 engine. [...] The SHA-1 engine runs once every 81 cycles. [...] The hardware produces new 64-bit random number every 81 cycles. The last sentence means that we only need to wait 81 cycles _between_ consecutive SHA-1 outputs (which isn't relevant anyway because we reconfigure it into raw mode later), but the first two quotes might mean that we need to wait 81+81 cycles for the _first_ output to be produced on boot when running the self-test. Now, in this case, the self-test is run with the LFSR unhooked, by clearing the RNM_CTL_STATUS[ENT_EN] bit, so that SHA-1 is computed from a known input -- this is really just paranoia to make sure that _some_ functions of the device (which is conjured out of thin air at a fixed virtual address, with no firmware bindings to guide us) behave as we expect. And it's not clear if it really does take 81+81 cycles for the first SHA-1 output to appear when the LFSR isn't feeding into it anyway. But experimentally, delay of 81+81 cycles seems to work whereas a delay of only 81 cycles crashes. PR kern/57280 XXX pullup-10 XXX pullup-9 To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/sys/arch/mips/cavium/dev/octeon_rnm.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/mips/cavium/dev/octeon_rnm.c diff -u src/sys/arch/mips/cavium/dev/octeon_rnm.c:1.15 src/sys/arch/mips/cavium/dev/octeon_rnm.c:1.16 --- src/sys/arch/mips/cavium/dev/octeon_rnm.c:1.15 Sat Mar 19 11:55:03 2022 +++ src/sys/arch/mips/cavium/dev/octeon_rnm.c Tue Mar 21 22:07:29 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: octeon_rnm.c,v 1.15 2022/03/19 11:55:03 riastradh Exp $ */ +/* $NetBSD: octeon_rnm.c,v 1.16 2023/03/21 22:07:29 riastradh Exp $ */ /* * Copyright (c) 2007 Internet Initiative Japan, Inc. @@ -99,7 +99,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: octeon_rnm.c,v 1.15 2022/03/19 11:55:03 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: octeon_rnm.c,v 1.16 2023/03/21 22:07:29 riastradh Exp $"); #include #include @@ -119,7 +119,8 @@ __KERNEL_RCSID(0, "$NetBSD: octeon_rnm.c //#define OCTRNM_DEBUG #define ENT_DELAY_CLOCK 8 /* cycles for each 64-bit RO sample batch */ -#define RNG_DELAY_CLOCK 81 /* cycles for each SHA-1 output */ +#define LFSR_DELAY_CLOCK 81 /* cycles to fill LFSR buffer */ +#define SHA1_DELAY_CLOCK 81 /* cycles to compute SHA-1 output */ #define NROGROUPS 16 #define RNG_FIFO_WORDS (512/sizeof(uint64_t)) @@ -193,7 +194,7 @@ octrnm_attach(device_t parent, device_t */ octrnm_reset(sc); octrnm_conditioned_deterministic(sc); - octrnm_delay(RNG_DELAY_CLOCK*1); + octrnm_delay(LFSR_DELAY_CLOCK + SHA1_DELAY_CLOCK); sample = octrnm_load(sc); if (sample != expected) aprint_error_dev(self, "self-test: read %016"PRIx64","
CVS commit: src/sys/nfs
Module Name:src
Committed By: christos
Date: Tue Mar 21 15:47:46 UTC 2023
Modified Files:
src/sys/nfs: nfs_clntsubs.c nfs_iod.c nfs_vfsops.c
Log Message:
PR/57279: Izumi Tsutsui: Fix some {int,long} -> time_t. Still things will
break eventually because parts of the nfs protocol assume time_t will fit
in 32 bits.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/sys/nfs/nfs_clntsubs.c
cvs rdiff -u -r1.8 -r1.9 src/sys/nfs/nfs_iod.c
cvs rdiff -u -r1.244 -r1.245 src/sys/nfs/nfs_vfsops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/nfs/nfs_clntsubs.c
diff -u src/sys/nfs/nfs_clntsubs.c:1.6 src/sys/nfs/nfs_clntsubs.c:1.7
--- src/sys/nfs/nfs_clntsubs.c:1.6 Mon Feb 28 03:45:36 2022
+++ src/sys/nfs/nfs_clntsubs.c Tue Mar 21 11:47:46 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: nfs_clntsubs.c,v 1.6 2022/02/28 08:45:36 hannken Exp $ */
+/* $NetBSD: nfs_clntsubs.c,v 1.7 2023/03/21 15:47:46 christos Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -70,7 +70,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nfs_clntsubs.c,v 1.6 2022/02/28 08:45:36 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nfs_clntsubs.c,v 1.7 2023/03/21 15:47:46 christos Exp $");
#ifdef _KERNEL_OPT
#include "opt_nfs.h"
@@ -390,7 +390,7 @@ nfs_check_wccdata(struct nfsnode *np, co
if (docheck) {
struct vnode *vp = NFSTOV(np);
struct nfsmount *nmp;
- long now = time_second;
+ time_t now = time_second;
const struct timespec *omtime = >n_vattr->va_mtime;
const struct timespec *octime = >n_vattr->va_ctime;
const char *reason = NULL; /* XXX: gcc */
Index: src/sys/nfs/nfs_iod.c
diff -u src/sys/nfs/nfs_iod.c:1.8 src/sys/nfs/nfs_iod.c:1.9
--- src/sys/nfs/nfs_iod.c:1.8 Mon Sep 3 12:29:36 2018
+++ src/sys/nfs/nfs_iod.c Tue Mar 21 11:47:46 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: nfs_iod.c,v 1.8 2018/09/03 16:29:36 riastradh Exp $ */
+/* $NetBSD: nfs_iod.c,v 1.9 2023/03/21 15:47:46 christos Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -35,7 +35,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nfs_iod.c,v 1.8 2018/09/03 16:29:36 riastradh Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nfs_iod.c,v 1.9 2023/03/21 15:47:46 christos Exp $");
#include
#include
@@ -409,7 +409,8 @@ nfs_savenickauth(struct nfsmount *nmp, k
struct timeval ktvin, ktvout;
u_int32_t nick;
char *dpos = *dposp, *cp2;
- int deltasec, error = 0;
+ time_t deltasec;
+ int error = 0;
memset(, 0, sizeof ktvout); /* XXX gcc */
Index: src/sys/nfs/nfs_vfsops.c
diff -u src/sys/nfs/nfs_vfsops.c:1.244 src/sys/nfs/nfs_vfsops.c:1.245
--- src/sys/nfs/nfs_vfsops.c:1.244 Thu Mar 16 20:46:35 2023
+++ src/sys/nfs/nfs_vfsops.c Tue Mar 21 11:47:46 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: nfs_vfsops.c,v 1.244 2023/03/17 00:46:35 mlelstv Exp $ */
+/* $NetBSD: nfs_vfsops.c,v 1.245 2023/03/21 15:47:46 christos Exp $ */
/*
* Copyright (c) 1989, 1993, 1995
@@ -35,7 +35,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nfs_vfsops.c,v 1.244 2023/03/17 00:46:35 mlelstv Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nfs_vfsops.c,v 1.245 2023/03/21 15:47:46 christos Exp $");
#if defined(_KERNEL_OPT)
#include "opt_nfs.h"
@@ -323,7 +323,7 @@ nfs_mountroot(void)
struct mount *mp;
struct vnode *vp;
struct lwp *l;
- long n;
+ time_t n;
int error;
l = curlwp; /* XXX */
@@ -378,7 +378,7 @@ nfs_mountroot(void)
panic("nfs_mountroot: getattr for root");
n = attr.va_atime.tv_sec;
#ifdef DEBUG
- printf("root time: 0x%lx\n", n);
+ printf("root time: 0x%jx\n", (intmax_t)n);
#endif
setrootfstime(n);
CVS commit: src/sys/nfs
Module Name:src
Committed By: christos
Date: Tue Mar 21 15:47:46 UTC 2023
Modified Files:
src/sys/nfs: nfs_clntsubs.c nfs_iod.c nfs_vfsops.c
Log Message:
PR/57279: Izumi Tsutsui: Fix some {int,long} -> time_t. Still things will
break eventually because parts of the nfs protocol assume time_t will fit
in 32 bits.
To generate a diff of this commit:
cvs rdiff -u -r1.6 -r1.7 src/sys/nfs/nfs_clntsubs.c
cvs rdiff -u -r1.8 -r1.9 src/sys/nfs/nfs_iod.c
cvs rdiff -u -r1.244 -r1.245 src/sys/nfs/nfs_vfsops.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
CVS commit: src/bin/sh
Module Name:src
Committed By: hannken
Date: Tue Mar 21 08:31:30 UTC 2023
Modified Files:
src/bin/sh: error.h
Log Message:
Use "sigjmp_buf loc" after switch to sigsetjmp()/siglongjmp().
Fixes errors and aborts on sparc at least.
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/bin/sh/error.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/bin/sh/error.h
diff -u src/bin/sh/error.h:1.24 src/bin/sh/error.h:1.25
--- src/bin/sh/error.h:1.24 Sun Mar 19 17:47:48 2023
+++ src/bin/sh/error.h Tue Mar 21 08:31:30 2023
@@ -1,4 +1,4 @@
-/* $NetBSD: error.h,v 1.24 2023/03/19 17:47:48 kre Exp $ */
+/* $NetBSD: error.h,v 1.25 2023/03/21 08:31:30 hannken Exp $ */
/*-
* Copyright (c) 1991, 1993
@@ -58,7 +58,7 @@
#include
struct jmploc {
- jmp_buf loc;
+ sigjmp_buf loc;
};
extern volatile int errors_suppressed;
CVS commit: src/bin/sh
Module Name:src Committed By: hannken Date: Tue Mar 21 08:31:30 UTC 2023 Modified Files: src/bin/sh: error.h Log Message: Use "sigjmp_buf loc" after switch to sigsetjmp()/siglongjmp(). Fixes errors and aborts on sparc at least. To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/bin/sh/error.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
