CVS commit: src
Module Name:src Committed By: riastradh Date: Tue Nov 21 00:09:19 UTC 2023 Modified Files: src/sys/kern: exec_subr.c src/tests/lib/libc/sys: t_setrlimit.c Log Message: exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE. This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when increasing the stack size. PR kern/57711 XXX pullup-10 XXX pullup-9 XXX pullup-8 To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 src/sys/kern/exec_subr.c cvs rdiff -u -r1.8 -r1.9 src/tests/lib/libc/sys/t_setrlimit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: riastradh Date: Tue Nov 21 00:09:19 UTC 2023 Modified Files: src/sys/kern: exec_subr.c src/tests/lib/libc/sys: t_setrlimit.c Log Message: exec: Map noaccess part of stack with prot=NONE, maxprot=READ|WRITE. This way, setrlimit(RLIMT_STACK) can grant READ|WRITE access when increasing the stack size. PR kern/57711 XXX pullup-10 XXX pullup-9 XXX pullup-8 To generate a diff of this commit: cvs rdiff -u -r1.85 -r1.86 src/sys/kern/exec_subr.c cvs rdiff -u -r1.8 -r1.9 src/tests/lib/libc/sys/t_setrlimit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/exec_subr.c diff -u src/sys/kern/exec_subr.c:1.85 src/sys/kern/exec_subr.c:1.86 --- src/sys/kern/exec_subr.c:1.85 Sun Apr 9 09:18:09 2023 +++ src/sys/kern/exec_subr.c Tue Nov 21 00:09:18 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: exec_subr.c,v 1.85 2023/04/09 09:18:09 riastradh Exp $ */ +/* $NetBSD: exec_subr.c,v 1.86 2023/11/21 00:09:18 riastradh Exp $ */ /* * Copyright (c) 1993, 1994, 1996 Christopher G. Demetriou @@ -31,7 +31,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.85 2023/04/09 09:18:09 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: exec_subr.c,v 1.86 2023/11/21 00:09:18 riastradh Exp $"); #include "opt_pax.h" @@ -162,9 +162,10 @@ static int vmcmd_get_prot(struct lwp *l, const struct exec_vmcmd *cmd, vm_prot_t *prot, vm_prot_t *maxprot) { + vm_prot_t extraprot = PROT_MPROTECT_EXTRACT(cmd->ev_prot); - *prot = cmd->ev_prot; - *maxprot = PAX_MPROTECT_MAXPROTECT(l, *prot, 0, UVM_PROT_ALL); + *prot = cmd->ev_prot & UVM_PROT_ALL; + *maxprot = PAX_MPROTECT_MAXPROTECT(l, *prot, extraprot, UVM_PROT_ALL); if ((*prot & *maxprot) != *prot) return EACCES; @@ -458,7 +459,9 @@ exec_setup_stack(struct lwp *l, struct e } if (noaccess_size > 0 && noaccess_size <= MAXSSIZ) { NEW_VMCMD2(>ep_vmcmds, vmcmd_map_zero, noaccess_size, - noaccess_linear_min, NULL, 0, VM_PROT_NONE, VMCMD_STACK); + noaccess_linear_min, NULL, 0, + VM_PROT_NONE | PROT_MPROTECT(VM_PROT_READ | VM_PROT_WRITE), + VMCMD_STACK); } KASSERT(access_size > 0); KASSERT(access_size <= MAXSSIZ); Index: src/tests/lib/libc/sys/t_setrlimit.c diff -u src/tests/lib/libc/sys/t_setrlimit.c:1.8 src/tests/lib/libc/sys/t_setrlimit.c:1.9 --- src/tests/lib/libc/sys/t_setrlimit.c:1.8 Mon Nov 20 13:05:17 2023 +++ src/tests/lib/libc/sys/t_setrlimit.c Tue Nov 21 00:09:18 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: t_setrlimit.c,v 1.8 2023/11/20 13:05:17 riastradh Exp $ */ +/* $NetBSD: t_setrlimit.c,v 1.9 2023/11/21 00:09:18 riastradh Exp $ */ /*- * Copyright (c) 2011 The NetBSD Foundation, Inc. @@ -29,7 +29,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__RCSID("$NetBSD: t_setrlimit.c,v 1.8 2023/11/20 13:05:17 riastradh Exp $"); +__RCSID("$NetBSD: t_setrlimit.c,v 1.9 2023/11/21 00:09:18 riastradh Exp $"); #include #include @@ -634,9 +634,6 @@ ATF_TC_BODY(setrlimit_stack_growshrink, res.rlim_cur = 2*n; RL(setrlimit(RLIMIT_STACK, )); - atf_tc_expect_fail("PR kern/57711:" - " setrlimit(RLIMIT_STACK) fails to increase usable stack size"); - /* * Verify that we can now get at pages past the end of the new * stack but not beyond that.
CVS commit: src/sys/dev/pci
Module Name:src Committed By: thorpej Date: Mon Nov 20 21:59:38 UTC 2023 Modified Files: src/sys/dev/pci: pciide_common.c Log Message: pciide_dma_dmamap_setup(): If we end up with a DMA segment with an odd length or odd starting address, unload the map and return EINVAL. Some controllers get really upset if a DMA segment has an odd address or length. This can happen if a physio user performs a virtually-contiguous I/O that starts at an odd address and spans a page boundary where the resulting physical pages are discontiguous. The EINVAL return will cause the upper layers in the ATA code to re-try the I/O using PIO, which should (will in all of my tests) succeed. PR port-alpha/56434 To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/sys/dev/pci/pciide_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pciide_common.c diff -u src/sys/dev/pci/pciide_common.c:1.69 src/sys/dev/pci/pciide_common.c:1.70 --- src/sys/dev/pci/pciide_common.c:1.69 Mon Nov 20 21:45:34 2023 +++ src/sys/dev/pci/pciide_common.c Mon Nov 20 21:59:38 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: pciide_common.c,v 1.69 2023/11/20 21:45:34 thorpej Exp $ */ +/* $NetBSD: pciide_common.c,v 1.70 2023/11/20 21:59:38 thorpej Exp $ */ /* @@ -70,7 +70,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: pciide_common.c,v 1.69 2023/11/20 21:45:34 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pciide_common.c,v 1.70 2023/11/20 21:59:38 thorpej Exp $"); #include @@ -721,25 +721,51 @@ pciide_dma_dmamap_setup(struct pciide_so BUS_DMASYNC_PREREAD : BUS_DMASYNC_PREWRITE); for (seg = 0; seg < dma_maps->dmamap_xfer->dm_nsegs; seg++) { + bus_addr_t phys = dma_maps->dmamap_xfer->dm_segs[seg].ds_addr; + bus_size_t len = dma_maps->dmamap_xfer->dm_segs[seg].ds_len; + #ifdef DIAGNOSTIC /* A segment must not cross a 64k boundary */ { - u_long phys = dma_maps->dmamap_xfer->dm_segs[seg].ds_addr; - u_long len = dma_maps->dmamap_xfer->dm_segs[seg].ds_len; if ((phys & ~IDEDMA_BYTE_COUNT_MASK) != ((phys + len - 1) & ~IDEDMA_BYTE_COUNT_MASK)) { - printf("pciide_dma: segment %d physical addr 0x%lx" - " len 0x%lx not properly aligned\n", - seg, phys, len); + printf("pciide_dma: seg %d addr 0x%" PRIx64 + " len 0x%" PRIx64 " not properly aligned\n", + seg, (uint64_t)phys, (uint64_t)len); panic("pciide_dma: buf align"); } } #endif - dma_maps->dma_table[seg].base_addr = - htole32(dma_maps->dmamap_xfer->dm_segs[seg].ds_addr); + /* + * Some controllers get really upset if the length + * of any DMA segment is odd. This isn't something + * that's going to happen in normal steady-state + * operation (reading VM pages, etc.), but physio users + * don't have as many guard rails. + * + * Consider an 8K read request that starts at an odd + * offset within a page. At first blush, all of the + * checks pass because it's a sector-rounded size, but + * unless the buffer spans 2 physically contiguous pages, + * it's going to result in 2 odd-length DMA segments. + * + * Odd start addresses are also frowned upon, so we + * catch those here, too. + * + * Returning EINVAL here will cause the upper layers to + * fall back onto PIO. + */ + if ((phys & 1) != 0 || (len & 1) != 0) { + aprint_verbose_dev(sc->sc_wdcdev.sc_atac.atac_dev, + "Invalid DMA segment: " + "seg %d addr 0x%" PRIx64 " len 0x%" PRIx64 "\n", + seg, (uint64_t)phys, (uint64_t)len); + bus_dmamap_unload(sc->sc_dmat, dma_maps->dmamap_xfer); + return EINVAL; + } + dma_maps->dma_table[seg].base_addr = htole32(phys); dma_maps->dma_table[seg].byte_count = - htole32(dma_maps->dmamap_xfer->dm_segs[seg].ds_len & - IDEDMA_BYTE_COUNT_MASK); + htole32(len & IDEDMA_BYTE_COUNT_MASK); ATADEBUG_PRINT(("\t seg %d len %d addr 0x%x\n", seg, le32toh(dma_maps->dma_table[seg].byte_count), le32toh(dma_maps->dma_table[seg].base_addr)), DEBUG_DMA);
CVS commit: src/sys/dev/pci
Module Name:src Committed By: thorpej Date: Mon Nov 20 21:59:38 UTC 2023 Modified Files: src/sys/dev/pci: pciide_common.c Log Message: pciide_dma_dmamap_setup(): If we end up with a DMA segment with an odd length or odd starting address, unload the map and return EINVAL. Some controllers get really upset if a DMA segment has an odd address or length. This can happen if a physio user performs a virtually-contiguous I/O that starts at an odd address and spans a page boundary where the resulting physical pages are discontiguous. The EINVAL return will cause the upper layers in the ATA code to re-try the I/O using PIO, which should (will in all of my tests) succeed. PR port-alpha/56434 To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/sys/dev/pci/pciide_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/pci
Module Name:src Committed By: thorpej Date: Mon Nov 20 21:45:34 UTC 2023 Modified Files: src/sys/dev/pci: pciide_common.c Log Message: Revert previous. I'm going to make a slight change to the patch, and want it collapsed into a single commit to make it easier to pull into netbsd-10. To generate a diff of this commit: cvs rdiff -u -r1.68 -r1.69 src/sys/dev/pci/pciide_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/pci
Module Name:src Committed By: thorpej Date: Mon Nov 20 21:45:34 UTC 2023 Modified Files: src/sys/dev/pci: pciide_common.c Log Message: Revert previous. I'm going to make a slight change to the patch, and want it collapsed into a single commit to make it easier to pull into netbsd-10. To generate a diff of this commit: cvs rdiff -u -r1.68 -r1.69 src/sys/dev/pci/pciide_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pciide_common.c diff -u src/sys/dev/pci/pciide_common.c:1.68 src/sys/dev/pci/pciide_common.c:1.69 --- src/sys/dev/pci/pciide_common.c:1.68 Mon Nov 20 15:16:46 2023 +++ src/sys/dev/pci/pciide_common.c Mon Nov 20 21:45:34 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: pciide_common.c,v 1.68 2023/11/20 15:16:46 thorpej Exp $ */ +/* $NetBSD: pciide_common.c,v 1.69 2023/11/20 21:45:34 thorpej Exp $ */ /* @@ -70,7 +70,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: pciide_common.c,v 1.68 2023/11/20 15:16:46 thorpej Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pciide_common.c,v 1.69 2023/11/20 21:45:34 thorpej Exp $"); #include @@ -735,31 +735,6 @@ pciide_dma_dmamap_setup(struct pciide_so } } #endif - /* - * Some controllers get really upset if the length - * of any DMA segment is odd. This isn't something - * that's going to happen in normal steady-state - * operation (reading VM pages, etc.), but physio users - * don't have as many guard rails. - * - * Consider an 8K read request that starts at an odd - * offset within a page. At first blush, all of the - * checks pass because it's a sector-rounded size, but - * unless the buffer spans 2 physically contiguous pages, - * it's going to result in 2 odd-length DMA segments. - */ - if (dma_maps->dmamap_xfer->dm_segs[seg].ds_len & 1) { - unsigned long long phys = - dma_maps->dmamap_xfer->dm_segs[seg].ds_addr; - unsigned long long len = - dma_maps->dmamap_xfer->dm_segs[seg].ds_len; - aprint_verbose_dev(sc->sc_wdcdev.sc_atac.atac_dev, - "ODD segment length: " - "seg %d addr 0x%llx len 0x%llx\n", - seg, phys, len); - bus_dmamap_unload(sc->sc_dmat, dma_maps->dmamap_xfer); - return EIO; - } dma_maps->dma_table[seg].base_addr = htole32(dma_maps->dmamap_xfer->dm_segs[seg].ds_addr); dma_maps->dma_table[seg].byte_count =
CVS commit: src/share/misc
Module Name:src Committed By: jschauma Date: Mon Nov 20 21:16:42 UTC 2023 Modified Files: src/share/misc: acronyms.comp Log Message: sort To generate a diff of this commit: cvs rdiff -u -r1.379 -r1.380 src/share/misc/acronyms.comp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/misc/acronyms.comp diff -u src/share/misc/acronyms.comp:1.379 src/share/misc/acronyms.comp:1.380 --- src/share/misc/acronyms.comp:1.379 Mon Nov 20 21:11:20 2023 +++ src/share/misc/acronyms.comp Mon Nov 20 21:16:41 2023 @@ -1,4 +1,4 @@ -$NetBSD: acronyms.comp,v 1.379 2023/11/20 21:11:20 jschauma Exp $ +$NetBSD: acronyms.comp,v 1.380 2023/11/20 21:16:41 jschauma Exp $ 3WHS three-way handshake 8VSB 8-state vestigial side band modulation AA anti-aliasing @@ -68,19 +68,19 @@ AOS add or subtract AOT ahead of time AP access point AP application processor +APEI ACPI platform error interface APFS Apple file system API application programming interface -APEI ACPI platform error interface APIC advanced programmable interrupt controller APIPA automatic private IP addressing APM advanced power management APM application performance management -APU accelerated processing unit APT advanced persistent threat +APU accelerated processing unit AQM active queue management ARAT always running APIC timer -ARC adaptive replacement cache ARC Advanced RISC Computing +ARC adaptive replacement cache ARC automatic reference counting ARM Advanced RISC Machines ARP Address Resolution Protocol @@ -104,8 +104,8 @@ ASP active server pages ASP auxiliary storage pool ASPM active state power management ASQ automated software quality -ASR address space register ASR Apple software restore +ASR address space register AST abstract syntax tree AST asynchronous system trap AT access time @@ -159,9 +159,9 @@ BLE Bluetooth low energy BLOB binary large object BM bus master BMC baseboard management controller +BMIC bus master interface controller BMP basic multilingual plane BMP bitmap image file -BMIC bus master interface controller BN boundary neutral BNF Backus-Naur form BO binary output @@ -202,9 +202,9 @@ BTM bus transport mechanism BTR bit test [and] reset BTS bit test [and] set BTS bug tracking system +BUAG big ugly ASCII graphic BW bandwidth BWM block-write mode -BUAG big ugly ASCII graphic CA certificate authority CAC cryptographic access control CACLS change access control lists @@ -236,9 +236,9 @@ CDMA code division multiple access CDN content delivery network CDP Cisco Discovery Protocol CDRAM cache dynamic random access memory +CE customer edge CER canonical encoding rules CERT computer emergency response team -CE customer edge CET control flow enforcement technology CF compact flash CFB cipher feedback @@ -273,15 +273,15 @@ CLUT color look-up table CLV constant linear velocity CM configuration management CMA concert multithread architecture +CMC certificate management over CMS CMC chassis management controller CMC corrected machine check -CMC certificate management over CMS -CMS {configuration,content,course} management system -CMS cryptographic message syntax CMI control {management,method} interface CMOS complementary metal-oxide-semiconductor CMP chip multi-processing CMS content management system +CMS cryptographic message syntax +CMS {configuration,content,course} management system CMYK cyan magenta yellow black CN {common,canonical} name CNA CVE Numbering Authority @@ -318,12 +318,8 @@ CR carriage return CRC cyclic redundancy check CRDT conflict-free replicated data type CRL carrier recovery loop -CRQC cryptanalytically relevant quantum computer CRLF carriage return line feed -CSIRT computer security incident response team -CSPM cloud security posture management -CSRF cross-site request forgery -CSU C start up +CRQC cryptanalytically relevant quantum computer CRT cathode ray tube CRTP curiously recurring template pattern CRUD create, read, update, and delete @@ -334,17 +330,21 @@ CS computer science CSDL {common,conceptual} schema definition language CSI channel state information CSI common system interface +CSIRT computer security incident response team CSMA carrier sense multiple access CSMA/CA carrier sense multiple access with collision avoidance CSMA/CD carrier sense multiple access with collision detection CSP communicating sequential processes -CSP content security policy CSP constrain satisfaction problems +CSP content security policy CSP cryptographic service provider +CSPM cloud security posture management CSR control [and] status registers +CSRF cross-site request forgery CSRG Computer Systems Research Group CSS cascading style sheets CST common spanning tree +CSU C start up CSV comma-separated values CTF compact c type format CTM close to metal @@ -418,8 +418,8 @@ DFSAN Data Flow Sanitizer DFT diagnostic function test DFT discrete
CVS commit: src/share/misc
Module Name:src Committed By: jschauma Date: Mon Nov 20 21:16:42 UTC 2023 Modified Files: src/share/misc: acronyms.comp Log Message: sort To generate a diff of this commit: cvs rdiff -u -r1.379 -r1.380 src/share/misc/acronyms.comp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/misc
Module Name:src Committed By: jschauma Date: Mon Nov 20 21:11:20 UTC 2023 Modified Files: src/share/misc: acronyms.comp Log Message: +ML-KEM module-lattice based key-encapsulation mechanism (I previously added "KEM", but now that Kyber is ML-KEM it comes up frequently enough that 'wtf ml; 'wtf kem' doesn't help folks find the answer.) To generate a diff of this commit: cvs rdiff -u -r1.378 -r1.379 src/share/misc/acronyms.comp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/misc
Module Name:src Committed By: jschauma Date: Mon Nov 20 21:11:20 UTC 2023 Modified Files: src/share/misc: acronyms.comp Log Message: +ML-KEM module-lattice based key-encapsulation mechanism (I previously added "KEM", but now that Kyber is ML-KEM it comes up frequently enough that 'wtf ml; 'wtf kem' doesn't help folks find the answer.) To generate a diff of this commit: cvs rdiff -u -r1.378 -r1.379 src/share/misc/acronyms.comp Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/misc/acronyms.comp diff -u src/share/misc/acronyms.comp:1.378 src/share/misc/acronyms.comp:1.379 --- src/share/misc/acronyms.comp:1.378 Wed Nov 15 14:03:19 2023 +++ src/share/misc/acronyms.comp Mon Nov 20 21:11:20 2023 @@ -1,4 +1,4 @@ -$NetBSD: acronyms.comp,v 1.378 2023/11/15 14:03:19 jschauma Exp $ +$NetBSD: acronyms.comp,v 1.379 2023/11/20 21:11:20 jschauma Exp $ 3WHS three-way handshake 8VSB 8-state vestigial side band modulation AA anti-aliasing @@ -1026,6 +1026,7 @@ ML machine learning ML mailing list ML markup language ML maximum likelihood +ML-KEM module-lattice based key-encapsulation mechanism MLAG multi-chassis link aggregation group MLC multi-level cell MLD multicast listener discovery
CVS commit: src/usr.sbin/sysinst
Module Name:src Committed By: martin Date: Mon Nov 20 18:03:55 UTC 2023 Modified Files: src/usr.sbin/sysinst: label.c util.c Log Message: Force alignment of disk buffers to at least 8 byte. Fixes PR 56434. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 src/usr.sbin/sysinst/label.c cvs rdiff -u -r1.73 -r1.74 src/usr.sbin/sysinst/util.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/usr.sbin/sysinst
Module Name:src Committed By: martin Date: Mon Nov 20 18:03:55 UTC 2023 Modified Files: src/usr.sbin/sysinst: label.c util.c Log Message: Force alignment of disk buffers to at least 8 byte. Fixes PR 56434. To generate a diff of this commit: cvs rdiff -u -r1.49 -r1.50 src/usr.sbin/sysinst/label.c cvs rdiff -u -r1.73 -r1.74 src/usr.sbin/sysinst/util.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/usr.sbin/sysinst/label.c diff -u src/usr.sbin/sysinst/label.c:1.49 src/usr.sbin/sysinst/label.c:1.50 --- src/usr.sbin/sysinst/label.c:1.49 Tue Oct 31 14:03:33 2023 +++ src/usr.sbin/sysinst/label.c Mon Nov 20 18:03:55 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: label.c,v 1.49 2023/10/31 14:03:33 martin Exp $ */ +/* $NetBSD: label.c,v 1.50 2023/11/20 18:03:55 martin Exp $ */ /* * Copyright 1997 Jonathan Stone @@ -36,7 +36,7 @@ #include #if defined(LIBC_SCCS) && !defined(lint) -__RCSID("$NetBSD: label.c,v 1.49 2023/10/31 14:03:33 martin Exp $"); +__RCSID("$NetBSD: label.c,v 1.50 2023/11/20 18:03:55 martin Exp $"); #endif #include @@ -1967,7 +1967,7 @@ const char * get_last_mounted(int fd, daddr_t partstart, uint *fs_type, uint *fs_sub_type, uint flags) { - static char sblk[SBLOCKSIZE]; /* is this enough? */ + static char sblk[SBLOCKSIZE] __aligned(8); /* is this enough? */ struct fs *SB = (struct fs *)sblk; static const off_t sblocks[] = SBLOCKSEARCH; const off_t *sbp; Index: src/usr.sbin/sysinst/util.c diff -u src/usr.sbin/sysinst/util.c:1.73 src/usr.sbin/sysinst/util.c:1.74 --- src/usr.sbin/sysinst/util.c:1.73 Thu Sep 7 16:38:08 2023 +++ src/usr.sbin/sysinst/util.c Mon Nov 20 18:03:55 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: util.c,v 1.73 2023/09/07 16:38:08 riastradh Exp $ */ +/* $NetBSD: util.c,v 1.74 2023/11/20 18:03:55 martin Exp $ */ /* * Copyright 1997 Piermont Information Systems Inc. @@ -398,7 +398,7 @@ static int get_iso9660_volname(int dev, int sess, char *volname, size_t volnamelen) { int blkno, error, last; - char buf[ISO_BLKSIZE]; + static char buf[ISO_BLKSIZE] __aligned(8); struct iso_volume_descriptor *vd = NULL; struct iso_primary_descriptor *pd = NULL;
CVS commit: src/sys/dev/pci
Module Name:src Committed By: thorpej Date: Mon Nov 20 15:16:46 UTC 2023 Modified Files: src/sys/dev/pci: pciide_common.c Log Message: pciide_dma_dmamap_setup(): If we end up with a DMA segment with an odd length, unload the map and return EIO. Some controllers get really upset if a DMA segment has an odd length. This can happen if a physio user performs a virtually-contiguous I/O that starts at an odd address and spans a page boundary where the resulting physical pages are discontiguous. Ultimately, it's up to the physio user to paint inside the lines, but this will prevent the disk controller from wandering off into the weeds, at least. PR port-alpha/56434 To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 src/sys/dev/pci/pciide_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pciide_common.c diff -u src/sys/dev/pci/pciide_common.c:1.67 src/sys/dev/pci/pciide_common.c:1.68 --- src/sys/dev/pci/pciide_common.c:1.67 Mon Aug 24 05:37:41 2020 +++ src/sys/dev/pci/pciide_common.c Mon Nov 20 15:16:46 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: pciide_common.c,v 1.67 2020/08/24 05:37:41 msaitoh Exp $ */ +/* $NetBSD: pciide_common.c,v 1.68 2023/11/20 15:16:46 thorpej Exp $ */ /* @@ -70,7 +70,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: pciide_common.c,v 1.67 2020/08/24 05:37:41 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: pciide_common.c,v 1.68 2023/11/20 15:16:46 thorpej Exp $"); #include @@ -735,6 +735,31 @@ pciide_dma_dmamap_setup(struct pciide_so } } #endif + /* + * Some controllers get really upset if the length + * of any DMA segment is odd. This isn't something + * that's going to happen in normal steady-state + * operation (reading VM pages, etc.), but physio users + * don't have as many guard rails. + * + * Consider an 8K read request that starts at an odd + * offset within a page. At first blush, all of the + * checks pass because it's a sector-rounded size, but + * unless the buffer spans 2 physically contiguous pages, + * it's going to result in 2 odd-length DMA segments. + */ + if (dma_maps->dmamap_xfer->dm_segs[seg].ds_len & 1) { + unsigned long long phys = + dma_maps->dmamap_xfer->dm_segs[seg].ds_addr; + unsigned long long len = + dma_maps->dmamap_xfer->dm_segs[seg].ds_len; + aprint_verbose_dev(sc->sc_wdcdev.sc_atac.atac_dev, + "ODD segment length: " + "seg %d addr 0x%llx len 0x%llx\n", + seg, phys, len); + bus_dmamap_unload(sc->sc_dmat, dma_maps->dmamap_xfer); + return EIO; + } dma_maps->dma_table[seg].base_addr = htole32(dma_maps->dmamap_xfer->dm_segs[seg].ds_addr); dma_maps->dma_table[seg].byte_count =
CVS commit: src/sys/dev/pci
Module Name:src Committed By: thorpej Date: Mon Nov 20 15:16:46 UTC 2023 Modified Files: src/sys/dev/pci: pciide_common.c Log Message: pciide_dma_dmamap_setup(): If we end up with a DMA segment with an odd length, unload the map and return EIO. Some controllers get really upset if a DMA segment has an odd length. This can happen if a physio user performs a virtually-contiguous I/O that starts at an odd address and spans a page boundary where the resulting physical pages are discontiguous. Ultimately, it's up to the physio user to paint inside the lines, but this will prevent the disk controller from wandering off into the weeds, at least. PR port-alpha/56434 To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 src/sys/dev/pci/pciide_common.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/lib/libc/sys
Module Name:src Committed By: riastradh Date: Mon Nov 20 13:05:17 UTC 2023 Modified Files: src/tests/lib/libc/sys: t_setrlimit.c Log Message: t_setrlimit: Verify changing RLIMIT_STACK affects access to stack. PR kern/57711 XXX pullup-10 XXX pullup-9 XXX pullup-8 To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/tests/lib/libc/sys/t_setrlimit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/lib/libc/sys
Module Name:src Committed By: riastradh Date: Mon Nov 20 13:05:17 UTC 2023 Modified Files: src/tests/lib/libc/sys: t_setrlimit.c Log Message: t_setrlimit: Verify changing RLIMIT_STACK affects access to stack. PR kern/57711 XXX pullup-10 XXX pullup-9 XXX pullup-8 To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/tests/lib/libc/sys/t_setrlimit.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/tests/lib/libc/sys/t_setrlimit.c diff -u src/tests/lib/libc/sys/t_setrlimit.c:1.7 src/tests/lib/libc/sys/t_setrlimit.c:1.8 --- src/tests/lib/libc/sys/t_setrlimit.c:1.7 Tue Oct 13 06:58:57 2020 +++ src/tests/lib/libc/sys/t_setrlimit.c Mon Nov 20 13:05:17 2023 @@ -1,4 +1,4 @@ -/* $NetBSD: t_setrlimit.c,v 1.7 2020/10/13 06:58:57 rin Exp $ */ +/* $NetBSD: t_setrlimit.c,v 1.8 2023/11/20 13:05:17 riastradh Exp $ */ /*- * Copyright (c) 2011 The NetBSD Foundation, Inc. @@ -29,7 +29,7 @@ * POSSIBILITY OF SUCH DAMAGE. */ #include -__RCSID("$NetBSD: t_setrlimit.c,v 1.7 2020/10/13 06:58:57 rin Exp $"); +__RCSID("$NetBSD: t_setrlimit.c,v 1.8 2023/11/20 13:05:17 riastradh Exp $"); #include #include @@ -48,6 +48,8 @@ __RCSID("$NetBSD: t_setrlimit.c,v 1.7 20 #include #include +#include "h_macros.h" + static void sighandler(int); static const char path[] = "setrlimit"; @@ -524,6 +526,134 @@ ATF_TC_BODY(setrlimit_stack, tc) } +ATF_TC(setrlimit_stack_growshrink); +ATF_TC_HEAD(setrlimit_stack_growshrink, tc) +{ + atf_tc_set_md_var(tc, "descr", + "Test that setrlimit(2), RLIMIT_STACK, grows & shrinks the stack"); +} + +/* + * checkstack(n, ok) + * + * Check whether we can allocate an array of size n on the stack. + * + * - If expectsegv, verify that access fails with SIGSEGV. + * - If not expectsegv, verify that access succeeds. + * + * Do this in a subprocess rather than with a SIGSEGV handler, + * because once we've allocated an array of size n on the stack, + * in the case where the stack is inaccessible, we have just + * trashed the stack pointer so badly we can't make function calls + * like to a SIGSEGV handler. + * + * (We could use an alternate signal stack, but I already wrote it + * this way, and this is a little simpler and more robust than + * juggling signals, setjmp/longjmp, and sigaltstack.) + */ +static void +checkstack(size_t n, int expectsegv) +{ + pid_t forked, waited; + size_t i; + int status; + + RL(forked = fork()); + if (forked == 0) { /* child */ + volatile char *const x = alloca(n); + for (i = 0; i < n; i++) + x[i] = 0x1a; + _exit(expectsegv); + } + + /* parent */ + RL(waited = waitpid(forked, , 0)); + ATF_REQUIRE_EQ_MSG(waited, forked, "waited=%jd forked=%jd", + (intmax_t)waited, (intmax_t)forked); + if (expectsegv) { + ATF_REQUIRE_MSG(!WIFEXITED(status), + "expected signal but exited normally with status %d", + WEXITSTATUS(status)); + ATF_REQUIRE_MSG(WIFSIGNALED(status), "status=0x%x", status); + ATF_REQUIRE_EQ_MSG(WTERMSIG(status), SIGSEGV, "termsig=%d", + WTERMSIG(status)); + } else { + ATF_REQUIRE_MSG(!WIFSIGNALED(status), + "expected normal exit but termintaed on signal %d", + WTERMSIG(status)); + ATF_REQUIRE_MSG(WIFEXITED(status), "status=0x%x", status); + ATF_REQUIRE_EQ_MSG(WEXITSTATUS(status), 0, "exitstatus=%d", + WEXITSTATUS(status)); + } +} + +ATF_TC_BODY(setrlimit_stack_growshrink, tc) +{ + struct rlimit res; + size_t n; + + /* + * Disable core dumps -- we're going to deliberately cause + * SIGSEGV to test stack accessibility (which breaks even + * calling a function so we can't just use a SIGSEGV handler), + * so let's not waste time dumping core. + */ + res = (struct rlimit){ .rlim_cur = 0, .rlim_max = 0 }; + RL(setrlimit(RLIMIT_CORE, )); + + /* + * Get the current stack size and hard limit. + */ + RL(getrlimit(RLIMIT_STACK, )); + n = res.rlim_cur; + + /* + * Verify that we can't get at pages past the end of the stack + * right now. + */ + checkstack(n, /*expectsegv*/1); + + /* + * Stop if the hard limit is too small to test. Not sure + * exactly how much more space we need to verify that setrlimit + * actually expands the stack without examining the current + * stack pointer relative to the process's stack base, so we'll + * just double the stack size -- definitely enough to test + * stack growth -- and hope the hard rlimit is big enough to + * let us double it. + */ + if (n > res.rlim_max/2) + atf_tc_skip("hard stack rlimit is too small"); + + /* + * Double the stack size. This way we can allocate an array of + * length equal to the current stack size and be guaranteed + * that (a) it can be allocated, and (b) access to it requires + * the stack to have grown. + */ + res.rlim_cur = 2*n; + RL(setrlimit(RLIMIT_STACK, )); + + atf_tc_expect_fail("PR kern/57711:" + " setrlimit(RLIMIT_STACK) fails to increase usable stack size"); + + /* + * Verify that we