CVS commit: src/sys/nfs
Module Name:src
Committed By: andvar
Date: Tue Feb 13 21:40:02 UTC 2024
Modified Files:
src/sys/nfs: nfs_bio.c
Log Message:
s/Enque/Enqueue/ in comment.
To generate a diff of this commit:
cvs rdiff -u -r1.201 -r1.202 src/sys/nfs/nfs_bio.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/nfs/nfs_bio.c
diff -u src/sys/nfs/nfs_bio.c:1.201 src/sys/nfs/nfs_bio.c:1.202
--- src/sys/nfs/nfs_bio.c:1.201 Fri Jun 24 16:50:00 2022
+++ src/sys/nfs/nfs_bio.c Tue Feb 13 21:40:02 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: nfs_bio.c,v 1.201 2022/06/24 16:50:00 hannken Exp $ */
+/* $NetBSD: nfs_bio.c,v 1.202 2024/02/13 21:40:02 andvar Exp $ */
/*
* Copyright (c) 1989, 1993
@@ -35,7 +35,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: nfs_bio.c,v 1.201 2022/06/24 16:50:00 hannken Exp $");
+__KERNEL_RCSID(0, "$NetBSD: nfs_bio.c,v 1.202 2024/02/13 21:40:02 andvar Exp $");
#ifdef _KERNEL_OPT
#include "opt_nfs.h"
@@ -799,7 +799,7 @@ again:
* Ensure that the queue never grows too large.
*/
if (curlwp == uvm.pagedaemon_lwp) {
- /* Enque for later, to avoid free-page deadlock */
+ /* Enqueue for later, to avoid free-page deadlock */
} else while (nmp->nm_bufqlen >= 2 * nmp->nm_bufqiods) {
if (catch_p) {
error = cv_timedwait_sig(>nm_aiocv,
CVS commit: src/sys/nfs
Module Name:src Committed By: andvar Date: Tue Feb 13 21:40:02 UTC 2024 Modified Files: src/sys/nfs: nfs_bio.c Log Message: s/Enque/Enqueue/ in comment. To generate a diff of this commit: cvs rdiff -u -r1.201 -r1.202 src/sys/nfs/nfs_bio.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: andvar Date: Tue Feb 13 21:39:03 UTC 2024 Modified Files: src/sys/arch/atari/atari: machdep.c src/sys/arch/mmeye/dev: mmeyepcmcia.c src/sys/coda: coda_psdev.c src/sys/dev/ic: i82365.c tcic2.c Log Message: s/enqueing/enqueuing/ in debug messages (took a bait from recent Nick's commit) s/occaision/occasion/ in comment. To generate a diff of this commit: cvs rdiff -u -r1.189 -r1.190 src/sys/arch/atari/atari/machdep.c cvs rdiff -u -r1.26 -r1.27 src/sys/arch/mmeye/dev/mmeyepcmcia.c cvs rdiff -u -r1.63 -r1.64 src/sys/coda/coda_psdev.c cvs rdiff -u -r1.118 -r1.119 src/sys/dev/ic/i82365.c cvs rdiff -u -r1.41 -r1.42 src/sys/dev/ic/tcic2.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src
Committed By: andvar
Date: Tue Feb 13 21:39:03 UTC 2024
Modified Files:
src/sys/arch/atari/atari: machdep.c
src/sys/arch/mmeye/dev: mmeyepcmcia.c
src/sys/coda: coda_psdev.c
src/sys/dev/ic: i82365.c tcic2.c
Log Message:
s/enqueing/enqueuing/ in debug messages (took a bait from recent Nick's commit)
s/occaision/occasion/ in comment.
To generate a diff of this commit:
cvs rdiff -u -r1.189 -r1.190 src/sys/arch/atari/atari/machdep.c
cvs rdiff -u -r1.26 -r1.27 src/sys/arch/mmeye/dev/mmeyepcmcia.c
cvs rdiff -u -r1.63 -r1.64 src/sys/coda/coda_psdev.c
cvs rdiff -u -r1.118 -r1.119 src/sys/dev/ic/i82365.c
cvs rdiff -u -r1.41 -r1.42 src/sys/dev/ic/tcic2.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/atari/atari/machdep.c
diff -u src/sys/arch/atari/atari/machdep.c:1.189 src/sys/arch/atari/atari/machdep.c:1.190
--- src/sys/arch/atari/atari/machdep.c:1.189 Thu Dec 7 16:56:09 2023
+++ src/sys/arch/atari/atari/machdep.c Tue Feb 13 21:39:02 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: machdep.c,v 1.189 2023/12/07 16:56:09 thorpej Exp $ */
+/* $NetBSD: machdep.c,v 1.190 2024/02/13 21:39:02 andvar Exp $ */
/*
* Copyright (c) 1988 University of Utah.
@@ -39,7 +39,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.189 2023/12/07 16:56:09 thorpej Exp $");
+__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.190 2024/02/13 21:39:02 andvar Exp $");
#include "opt_ddb.h"
#include "opt_compat_netbsd.h"
@@ -795,7 +795,7 @@ module_init_md(void)
* Currently the only source of NMI interrupts on the Milan is the PLX9080.
* On access errors to the PCI bus, an NMI is generated. This NMI is shorted
* in locore in case of a PCI config cycle to a non-existing address to allow
- * for probes. On other occaisions, it ShouldNotHappen(TM).
+ * for probes. On other occasions, it ShouldNotHappen(TM).
* Note: The handler in locore clears the errors, to make further PCI access
* possible.
*/
Index: src/sys/arch/mmeye/dev/mmeyepcmcia.c
diff -u src/sys/arch/mmeye/dev/mmeyepcmcia.c:1.26 src/sys/arch/mmeye/dev/mmeyepcmcia.c:1.27
--- src/sys/arch/mmeye/dev/mmeyepcmcia.c:1.26 Fri Sep 29 21:23:33 2023
+++ src/sys/arch/mmeye/dev/mmeyepcmcia.c Tue Feb 13 21:39:02 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: mmeyepcmcia.c,v 1.26 2023/09/29 21:23:33 andvar Exp $ */
+/* $NetBSD: mmeyepcmcia.c,v 1.27 2024/02/13 21:39:02 andvar Exp $ */
/*
* Copyright (c) 1997 Marc Horowitz. All rights reserved.
@@ -37,7 +37,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: mmeyepcmcia.c,v 1.26 2023/09/29 21:23:33 andvar Exp $");
+__KERNEL_RCSID(0, "$NetBSD: mmeyepcmcia.c,v 1.27 2024/02/13 21:39:02 andvar Exp $");
#include
#include
@@ -550,7 +550,7 @@ mmeyepcmcia_intr_socket(struct mmeyepcmc
if ((statreg & MMEYEPCMCIA_IF_STATUS_CARDDETECT_MASK) ==
MMEYEPCMCIA_IF_STATUS_CARDDETECT_PRESENT) {
if (h->laststate != MMEYEPCMCIA_LASTSTATE_PRESENT) {
-DPRINTF(("%s: enqueing INSERTION event\n",
+DPRINTF(("%s: enqueuing INSERTION event\n",
device_xname(h->sc->dev)));
mmeyepcmcia_queue_event(h, MMEYEPCMCIA_EVENT_INSERTION);
}
@@ -562,7 +562,7 @@ mmeyepcmcia_intr_socket(struct mmeyepcmc
device_xname(h->sc->dev)));
mmeyepcmcia_deactivate_card(h);
-DPRINTF(("%s: enqueing REMOVAL event\n",
+DPRINTF(("%s: enqueuing REMOVAL event\n",
device_xname(h->sc->dev)));
mmeyepcmcia_queue_event(h, MMEYEPCMCIA_EVENT_REMOVAL);
}
Index: src/sys/coda/coda_psdev.c
diff -u src/sys/coda/coda_psdev.c:1.63 src/sys/coda/coda_psdev.c:1.64
--- src/sys/coda/coda_psdev.c:1.63 Thu Aug 3 03:10:23 2023
+++ src/sys/coda/coda_psdev.c Tue Feb 13 21:39:02 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: coda_psdev.c,v 1.63 2023/08/03 03:10:23 rin Exp $ */
+/* $NetBSD: coda_psdev.c,v 1.64 2024/02/13 21:39:02 andvar Exp $ */
/*
*
@@ -54,7 +54,7 @@
/* These routines are the device entry points for Venus. */
#include
-__KERNEL_RCSID(0, "$NetBSD: coda_psdev.c,v 1.63 2023/08/03 03:10:23 rin Exp $");
+__KERNEL_RCSID(0, "$NetBSD: coda_psdev.c,v 1.64 2024/02/13 21:39:02 andvar Exp $");
extern int coda_nc_initialized;/* Set if cache has been initialized */
@@ -702,7 +702,7 @@ coda_call(struct coda_mntinfo *mntinfo,
/*??? rvb */ svmp->vm_outSize = sizeof (struct coda_in_hdr);
if (codadebug)
- myprintf(("coda_call: enqueing signal msg (%d, %d)\n",
+ myprintf(("coda_call: enqueuing signal msg (%d, %d)\n",
svmp->vm_opcode, svmp->vm_unique));
/* insert at head of queue */
Index: src/sys/dev/ic/i82365.c
diff -u src/sys/dev/ic/i82365.c:1.118 src/sys/dev/ic/i82365.c:1.119
--- src/sys/dev/ic/i82365.c:1.118 Sat Aug 7 16:19:12 2021
+++ src/sys/dev/ic/i82365.c Tue Feb 13 21:39:02 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: i82365.c,v 1.118 2021/08/07 16:19:12 thorpej Exp $ */
+/* $NetBSD: i82365.c,v 1.119 2024/02/13 21:39:02 andvar Exp $ */
/*
*
CVS commit: src/sys/arch/evbarm/conf
Module Name:src
Committed By: skrll
Date: Tue Feb 13 19:07:42 UTC 2024
Modified Files:
src/sys/arch/evbarm/conf: std.bcm53xx
Log Message:
Define KERNEL_VOFFSET_RUNTIME=1 to fix build of BCM5301X and BCM56340
To generate a diff of this commit:
cvs rdiff -u -r1.20 -r1.21 src/sys/arch/evbarm/conf/std.bcm53xx
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/evbarm/conf/std.bcm53xx
diff -u src/sys/arch/evbarm/conf/std.bcm53xx:1.20 src/sys/arch/evbarm/conf/std.bcm53xx:1.21
--- src/sys/arch/evbarm/conf/std.bcm53xx:1.20 Sat May 18 08:49:23 2019
+++ src/sys/arch/evbarm/conf/std.bcm53xx Tue Feb 13 19:07:42 2024
@@ -1,4 +1,4 @@
-# $NetBSD: std.bcm53xx,v 1.20 2019/05/18 08:49:23 skrll Exp $
+# $NetBSD: std.bcm53xx,v 1.21 2024/02/13 19:07:42 skrll Exp $
#
# standard NetBSD/evbarm for BCM5301X options
@@ -28,5 +28,10 @@ options __HAVE_PCI_CONF_HOOK
makeoptions BOARDMKFRAG="${THISARM}/conf/mk.bcm53xx"
makeoptions BOARDTYPE="bcm53xx"
+
+# Prevent the addition of a command line -DKERNEL_BASE_VOFFSET= as it
+# is done at runtime.
+makeoptions KERNEL_VOFFSET_RUNTIME=1
+
makeoptions KERNEL_BASE_VIRT="0x8010"
makeoptions LOADADDRESS="0x0010"
CVS commit: src/sys/arch/evbarm/conf
Module Name:src Committed By: skrll Date: Tue Feb 13 19:07:42 UTC 2024 Modified Files: src/sys/arch/evbarm/conf: std.bcm53xx Log Message: Define KERNEL_VOFFSET_RUNTIME=1 to fix build of BCM5301X and BCM56340 To generate a diff of this commit: cvs rdiff -u -r1.20 -r1.21 src/sys/arch/evbarm/conf/std.bcm53xx Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/wpa/dist
Module Name:src Committed By: christos Date: Tue Feb 13 18:43:45 UTC 2024 Modified Files: src/external/bsd/wpa/dist/src/eap_peer: eap_config.h eap_peap.c eap_tls_common.c eap_tls_common.h src/external/bsd/wpa/dist/wpa_supplicant: wpa_supplicant.conf Log Message: https://www.phoronix.com/news/IWD-WPA-WiFi-Auth-Vulns https://www.top10vpn.com/research/wifi-vulnerabilities/ PEAP client: Update Phase 2 authentication requirements The previous PEAP client behavior allowed the server to skip Phase 2 authentication with the expectation that the server was authenticated during Phase 1 through TLS server certificate validation. Various PEAP specifications are not exactly clear on what the behavior on this front is supposed to be and as such, this ended up being more flexible than the TTLS/FAST/TEAP cases. However, this is not really ideal when unfortunately common misconfiguration of PEAP is used in deployed devices where the server trust root (ca_cert) is not configured or the user has an easy option for allowing this validation step to be skipped. Change the default PEAP client behavior to be to require Phase 2 authentication to be successfully completed for cases where TLS session resumption is not used and the client certificate has not been configured. Those two exceptions are the main cases where a deployed authentication server might skip Phase 2 and as such, where a more strict default behavior could result in undesired interoperability issues. Requiring Phase 2 authentication will end up disabling TLS session resumption automatically to avoid interoperability issues. Allow Phase 2 authentication behavior to be configured with a new phase1 configuration parameter option: 'phase2_auth' option can be used to control Phase 2 (i.e., within TLS tunnel) behavior for PEAP: * 0 = do not require Phase 2 authentication * 1 = require Phase 2 authentication when client certificate (private_key/client_cert) is no used and TLS session resumption was not used (default) * 2 = require Phase 2 authentication in all cases To generate a diff of this commit: cvs rdiff -u -r1.1.1.7 -r1.2 \ src/external/bsd/wpa/dist/src/eap_peer/eap_config.h \ src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h cvs rdiff -u -r1.1.1.8 -r1.2 \ src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c \ src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.c cvs rdiff -u -r1.1.1.8 -r1.2 \ src/external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.conf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/bsd/wpa/dist
Module Name:src
Committed By: christos
Date: Tue Feb 13 18:43:45 UTC 2024
Modified Files:
src/external/bsd/wpa/dist/src/eap_peer: eap_config.h eap_peap.c
eap_tls_common.c eap_tls_common.h
src/external/bsd/wpa/dist/wpa_supplicant: wpa_supplicant.conf
Log Message:
https://www.phoronix.com/news/IWD-WPA-WiFi-Auth-Vulns
https://www.top10vpn.com/research/wifi-vulnerabilities/
PEAP client: Update Phase 2 authentication requirements
The previous PEAP client behavior allowed the server to skip Phase 2
authentication with the expectation that the server was authenticated
during Phase 1 through TLS server certificate validation. Various PEAP
specifications are not exactly clear on what the behavior on this front
is supposed to be and as such, this ended up being more flexible than
the TTLS/FAST/TEAP cases. However, this is not really ideal when
unfortunately common misconfiguration of PEAP is used in deployed
devices where the server trust root (ca_cert) is not configured or the
user has an easy option for allowing this validation step to be skipped.
Change the default PEAP client behavior to be to require Phase 2
authentication to be successfully completed for cases where TLS session
resumption is not used and the client certificate has not been
configured. Those two exceptions are the main cases where a deployed
authentication server might skip Phase 2 and as such, where a more
strict default behavior could result in undesired interoperability
issues. Requiring Phase 2 authentication will end up disabling TLS
session resumption automatically to avoid interoperability issues.
Allow Phase 2 authentication behavior to be configured with a new phase1
configuration parameter option:
'phase2_auth' option can be used to control Phase 2 (i.e., within TLS
tunnel) behavior for PEAP:
* 0 = do not require Phase 2 authentication
* 1 = require Phase 2 authentication when client certificate
(private_key/client_cert) is no used and TLS session resumption was
not used (default)
* 2 = require Phase 2 authentication in all cases
To generate a diff of this commit:
cvs rdiff -u -r1.1.1.7 -r1.2 \
src/external/bsd/wpa/dist/src/eap_peer/eap_config.h \
src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h
cvs rdiff -u -r1.1.1.8 -r1.2 \
src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c \
src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.c
cvs rdiff -u -r1.1.1.8 -r1.2 \
src/external/bsd/wpa/dist/wpa_supplicant/wpa_supplicant.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/bsd/wpa/dist/src/eap_peer/eap_config.h
diff -u src/external/bsd/wpa/dist/src/eap_peer/eap_config.h:1.1.1.7 src/external/bsd/wpa/dist/src/eap_peer/eap_config.h:1.2
--- src/external/bsd/wpa/dist/src/eap_peer/eap_config.h:1.1.1.7 Sun Feb 28 20:37:57 2021
+++ src/external/bsd/wpa/dist/src/eap_peer/eap_config.h Tue Feb 13 13:43:45 2024
@@ -470,6 +470,14 @@ struct eap_peer_config {
* 1 = use cryptobinding if server supports it
* 2 = require cryptobinding
*
+ * phase2_auth option can be used to control Phase 2 (i.e., within TLS
+ * tunnel) behavior for PEAP:
+ * 0 = do not require Phase 2 authentication
+ * 1 = require Phase 2 authentication when client certificate
+ * (private_key/client_cert) is no used and TLS session resumption was
+ * not used (default)
+ * 2 = require Phase 2 authentication in all cases
+ *
* EAP-WSC (WPS) uses following options: pin=Device_Password and
* uuid=Device_UUID
*
Index: src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h
diff -u src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h:1.1.1.7 src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h:1.2
--- src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h:1.1.1.7 Sun Feb 28 20:37:57 2021
+++ src/external/bsd/wpa/dist/src/eap_peer/eap_tls_common.h Tue Feb 13 13:43:45 2024
@@ -79,6 +79,11 @@ struct eap_ssl_data {
* tls_v13 - Whether TLS v1.3 or newer is used
*/
int tls_v13;
+
+ /**
+ * client_cert_conf: Whether client certificate has been configured
+ */
+ bool client_cert_conf;
};
Index: src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c
diff -u src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c:1.1.1.8 src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c:1.2
--- src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c:1.1.1.8 Sun Feb 28 20:37:57 2021
+++ src/external/bsd/wpa/dist/src/eap_peer/eap_peap.c Tue Feb 13 13:43:45 2024
@@ -67,6 +67,7 @@ struct eap_peap_data {
u8 cmk[20];
int soh; /* Whether IF-TNCCS-SOH (Statement of Health; Microsoft NAP)
* is enabled. */
+ enum { NO_AUTH, FOR_INITIAL, ALWAYS } phase2_auth;
};
@@ -114,6 +115,19 @@ static void eap_peap_parse_phase1(struct
wpa_printf(MSG_DEBUG, "EAP-PEAP: Require cryptobinding");
}
+ if (os_strstr(phase1, "phase2_auth=0")) {
+ data->phase2_auth = NO_AUTH;
+ wpa_printf(MSG_DEBUG,
+
CVS commit: src/share/mk
Module Name:src Committed By: christos Date: Tue Feb 13 16:15:59 UTC 2024 Modified Files: src/share/mk: bsd.sys.mk Log Message: Allow overriding the language standard to something newer. To generate a diff of this commit: cvs rdiff -u -r1.315 -r1.316 src/share/mk/bsd.sys.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/mk
Module Name:src
Committed By: christos
Date: Tue Feb 13 16:15:59 UTC 2024
Modified Files:
src/share/mk: bsd.sys.mk
Log Message:
Allow overriding the language standard to something newer.
To generate a diff of this commit:
cvs rdiff -u -r1.315 -r1.316 src/share/mk/bsd.sys.mk
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/share/mk/bsd.sys.mk
diff -u src/share/mk/bsd.sys.mk:1.315 src/share/mk/bsd.sys.mk:1.316
--- src/share/mk/bsd.sys.mk:1.315 Mon Nov 6 17:35:48 2023
+++ src/share/mk/bsd.sys.mk Tue Feb 13 11:15:59 2024
@@ -1,4 +1,4 @@
-# $NetBSD: bsd.sys.mk,v 1.315 2023/11/06 22:35:48 christos Exp $
+# $NetBSD: bsd.sys.mk,v 1.316 2024/02/13 16:15:59 christos Exp $
#
# Build definitions used for NetBSD source tree builds.
@@ -57,7 +57,7 @@ CXXFLAGS+= ${REPROFLAGS}
# NetBSD sources use C99 style, with some GCC extensions.
# Coverity does not like -std=gnu99
-.if !defined(COVERITY_TOP_CONFIG)
+.if !defined(COVERITY_TOP_CONFIG) && empty(CFLAGS:M*-std=*)
CFLAGS+= ${${ACTIVE_CC} == "clang":? -std=gnu99 :}
CFLAGS+= ${${ACTIVE_CC} == "gcc":? -std=gnu99 :}
CFLAGS+= ${${ACTIVE_CC} == "pcc":? -std=gnu99 :}
CVS commit: src/doc
Module Name:src Committed By: christos Date: Tue Feb 13 15:40:29 UTC 2024 Modified Files: src/doc: CHANGES Log Message: Mention bind security patches To generate a diff of this commit: cvs rdiff -u -r1.3035 -r1.3036 src/doc/CHANGES Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES diff -u src/doc/CHANGES:1.3035 src/doc/CHANGES:1.3036 --- src/doc/CHANGES:1.3035 Tue Feb 13 10:28:41 2024 +++ src/doc/CHANGES Tue Feb 13 10:40:28 2024 @@ -1,4 +1,4 @@ -# LIST OF CHANGES FROM LAST RELEASE: <$Revision: 1.3035 $> +# LIST OF CHANGES FROM LAST RELEASE: <$Revision: 1.3036 $> # # # [Note: This file does not mention every change made to the NetBSD source tree. @@ -276,3 +276,5 @@ Changes from NetBSD 10.0 to NetBSD 11.0: [kre 20240210] hppa: Add gftfb(4), an initial driver for PCI Visualize EG cards. [macallan 20240213] + bind: Apply bind security patches: CVE-2023-4408 CVE-2023-5517 + CVE-2023-5679 CVE-2023-6516 CVE-2023-50387 CVE-2023-50868
CVS commit: src/doc
Module Name:src Committed By: christos Date: Tue Feb 13 15:40:29 UTC 2024 Modified Files: src/doc: CHANGES Log Message: Mention bind security patches To generate a diff of this commit: cvs rdiff -u -r1.3035 -r1.3036 src/doc/CHANGES Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist/lib/isc/netmgr
Module Name:src Committed By: christos Date: Tue Feb 13 15:34:22 UTC 2024 Modified Files: src/external/mpl/bind/dist/lib/isc/netmgr: netmgr.c Log Message: make things compile again. To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist/lib/isc/netmgr
Module Name:src
Committed By: christos
Date: Tue Feb 13 15:34:22 UTC 2024
Modified Files:
src/external/mpl/bind/dist/lib/isc/netmgr: netmgr.c
Log Message:
make things compile again.
To generate a diff of this commit:
cvs rdiff -u -r1.11 -r1.12 src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c
diff -u src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c:1.11 src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c:1.12
--- src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c:1.11 Tue Feb 13 10:27:20 2024
+++ src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c Tue Feb 13 10:34:22 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: netmgr.c,v 1.11 2024/02/13 15:27:20 christos Exp $ */
+/* $NetBSD: netmgr.c,v 1.12 2024/02/13 15:34:22 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -360,7 +360,7 @@ isc__netmgr_create(isc_mem_t *mctx, uint
mgr->workers_running++;
isc_thread_create(nm_thread, >workers[i], >thread);
- snprintf(name, sizeof(name), "net-%zu", i);
+ snprintf(name, sizeof(name), "net-%d", i);
isc_thread_setname(worker->thread, name);
}
CVS commit: src/doc
Module Name:src Committed By: nia Date: Tue Feb 13 15:28:42 UTC 2024 Modified Files: src/doc: CHANGES Log Message: doc: Changes since 20/01 To generate a diff of this commit: cvs rdiff -u -r1.3034 -r1.3035 src/doc/CHANGES Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: nia Date: Tue Feb 13 15:28:42 UTC 2024 Modified Files: src/doc: CHANGES Log Message: doc: Changes since 20/01 To generate a diff of this commit: cvs rdiff -u -r1.3034 -r1.3035 src/doc/CHANGES Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES diff -u src/doc/CHANGES:1.3034 src/doc/CHANGES:1.3035 --- src/doc/CHANGES:1.3034 Mon Feb 5 21:57:00 2024 +++ src/doc/CHANGES Tue Feb 13 15:28:41 2024 @@ -1,4 +1,4 @@ -# LIST OF CHANGES FROM LAST RELEASE: <$Revision: 1.3034 $> +# LIST OF CHANGES FROM LAST RELEASE: <$Revision: 1.3035 $> # # # [Note: This file does not mention every change made to the NetBSD source tree. @@ -256,4 +256,23 @@ Changes from NetBSD 10.0 to NetBSD 11.0: libm: Import more long double functions from FreeBSD. [christos 20240121] terminfo: Import 20231209 [christos 20240127] + evbppc: Add support for the PAL 576i video mode to wiifb(4). + [hgutch 20240127] + stat(1): Add symbolic flags printing from FreeBSD via Ricardo Branco. + [christos 20240129] + next68k: Add WSDISPLAY_GINFO, LINEBYTES, and SMODE ioctl(2)s and + mmap(2) support to nextdisplay(4). [tsutsui 20240202] + mount_cd9660(8): Add support for mount options mask,dirmask,uid,gid + (from Ricardo Branco) [christos 20240202] tzdata: Updated to 2024a (using 2024agtz) [kre 20240205] + riscv: Add a driver for the StarFive JH7100 pin controller. + [skrll 20240207] + touch(1): Properly implement the POSIX format -d option. [kre 20240208] + touch(1): Add -R option, which is identical to -r, except that if the + reference file is a symbolic link, the times to use are taken + from those of the symbolic link itself. [kre 20240209] + touch(1): Add -D option, which causes the operation to be a no-op if no + change would be made (avoiding updating the file's ctime). + [kre 20240210] + hppa: Add gftfb(4), an initial driver for PCI Visualize EG cards. + [macallan 20240213]
CVS commit: src/external/mpl/bind/dist/lib
Module Name:src Committed By: christos Date: Tue Feb 13 15:27:21 UTC 2024 Modified Files: src/external/mpl/bind/dist/lib/dns: dst_api.c resolver.c validator.c src/external/mpl/bind/dist/lib/dns/include/dns: validator.h src/external/mpl/bind/dist/lib/dns/include/dst: dst.h src/external/mpl/bind/dist/lib/isc/include/isc: netmgr.h src/external/mpl/bind/dist/lib/isc/netmgr: netmgr-int.h netmgr.c tcp.c tcpdns.c udp.c Log Message: Apply patch for CVE-2023-50387 and CVE-2023-50868: No public information has been posted (that I can find) To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/dst_api.c \ src/external/mpl/bind/dist/lib/dns/validator.c cvs rdiff -u -r1.17 -r1.18 src/external/mpl/bind/dist/lib/dns/resolver.c cvs rdiff -u -r1.7 -r1.8 \ src/external/mpl/bind/dist/lib/dns/include/dns/validator.h cvs rdiff -u -r1.9 -r1.10 \ src/external/mpl/bind/dist/lib/dns/include/dst/dst.h cvs rdiff -u -r1.7 -r1.8 \ src/external/mpl/bind/dist/lib/isc/include/isc/netmgr.h cvs rdiff -u -r1.8 -r1.9 \ src/external/mpl/bind/dist/lib/isc/netmgr/netmgr-int.h \ src/external/mpl/bind/dist/lib/isc/netmgr/tcp.c \ src/external/mpl/bind/dist/lib/isc/netmgr/tcpdns.c cvs rdiff -u -r1.10 -r1.11 src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c cvs rdiff -u -r1.11 -r1.12 src/external/mpl/bind/dist/lib/isc/netmgr/udp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist/lib
Module Name:src
Committed By: christos
Date: Tue Feb 13 15:27:21 UTC 2024
Modified Files:
src/external/mpl/bind/dist/lib/dns: dst_api.c resolver.c validator.c
src/external/mpl/bind/dist/lib/dns/include/dns: validator.h
src/external/mpl/bind/dist/lib/dns/include/dst: dst.h
src/external/mpl/bind/dist/lib/isc/include/isc: netmgr.h
src/external/mpl/bind/dist/lib/isc/netmgr: netmgr-int.h netmgr.c tcp.c
tcpdns.c udp.c
Log Message:
Apply patch for CVE-2023-50387 and CVE-2023-50868:
No public information has been posted (that I can find)
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/dst_api.c \
src/external/mpl/bind/dist/lib/dns/validator.c
cvs rdiff -u -r1.17 -r1.18 src/external/mpl/bind/dist/lib/dns/resolver.c
cvs rdiff -u -r1.7 -r1.8 \
src/external/mpl/bind/dist/lib/dns/include/dns/validator.h
cvs rdiff -u -r1.9 -r1.10 \
src/external/mpl/bind/dist/lib/dns/include/dst/dst.h
cvs rdiff -u -r1.7 -r1.8 \
src/external/mpl/bind/dist/lib/isc/include/isc/netmgr.h
cvs rdiff -u -r1.8 -r1.9 \
src/external/mpl/bind/dist/lib/isc/netmgr/netmgr-int.h \
src/external/mpl/bind/dist/lib/isc/netmgr/tcp.c \
src/external/mpl/bind/dist/lib/isc/netmgr/tcpdns.c
cvs rdiff -u -r1.10 -r1.11 src/external/mpl/bind/dist/lib/isc/netmgr/netmgr.c
cvs rdiff -u -r1.11 -r1.12 src/external/mpl/bind/dist/lib/isc/netmgr/udp.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/bind/dist/lib/dns/dst_api.c
diff -u src/external/mpl/bind/dist/lib/dns/dst_api.c:1.13 src/external/mpl/bind/dist/lib/dns/dst_api.c:1.14
--- src/external/mpl/bind/dist/lib/dns/dst_api.c:1.13 Wed Jan 25 16:43:30 2023
+++ src/external/mpl/bind/dist/lib/dns/dst_api.c Tue Feb 13 10:27:20 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: dst_api.c,v 1.13 2023/01/25 21:43:30 christos Exp $ */
+/* $NetBSD: dst_api.c,v 1.14 2024/02/13 15:27:20 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -166,7 +166,8 @@ computeid(dst_key_t *key);
static isc_result_t
frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags,
unsigned int protocol, dns_rdataclass_t rdclass,
- isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp);
+ isc_buffer_t *source, isc_mem_t *mctx, bool no_rdata,
+ dst_key_t **keyp);
static isc_result_t
algorithm_status(unsigned int alg);
@@ -782,6 +783,13 @@ dst_key_todns(const dst_key_t *key, isc_
isc_result_t
dst_key_fromdns(const dns_name_t *name, dns_rdataclass_t rdclass,
isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) {
+ return (dst_key_fromdns_ex(name, rdclass, source, mctx, false, keyp));
+}
+
+isc_result_t
+dst_key_fromdns_ex(const dns_name_t *name, dns_rdataclass_t rdclass,
+ isc_buffer_t *source, isc_mem_t *mctx, bool no_rdata,
+ dst_key_t **keyp) {
uint8_t alg, proto;
uint32_t flags, extflags;
dst_key_t *key = NULL;
@@ -812,7 +820,7 @@ dst_key_fromdns(const dns_name_t *name,
}
result = frombuffer(name, alg, flags, proto, rdclass, source, mctx,
- );
+ no_rdata, );
if (result != ISC_R_SUCCESS) {
return (result);
}
@@ -833,7 +841,7 @@ dst_key_frombuffer(const dns_name_t *nam
REQUIRE(dst_initialized);
result = frombuffer(name, alg, flags, protocol, rdclass, source, mctx,
- );
+ false, );
if (result != ISC_R_SUCCESS) {
return (result);
}
@@ -2339,7 +2347,8 @@ computeid(dst_key_t *key) {
static isc_result_t
frombuffer(const dns_name_t *name, unsigned int alg, unsigned int flags,
unsigned int protocol, dns_rdataclass_t rdclass,
- isc_buffer_t *source, isc_mem_t *mctx, dst_key_t **keyp) {
+ isc_buffer_t *source, isc_mem_t *mctx, bool no_rdata,
+ dst_key_t **keyp) {
dst_key_t *key;
isc_result_t ret;
@@ -2364,10 +2373,12 @@ frombuffer(const dns_name_t *name, unsig
return (DST_R_UNSUPPORTEDALG);
}
- ret = key->func->fromdns(key, source);
- if (ret != ISC_R_SUCCESS) {
- dst_key_free();
- return (ret);
+ if (!no_rdata) {
+ ret = key->func->fromdns(key, source);
+ if (ret != ISC_R_SUCCESS) {
+dst_key_free();
+return (ret);
+ }
}
}
Index: src/external/mpl/bind/dist/lib/dns/validator.c
diff -u src/external/mpl/bind/dist/lib/dns/validator.c:1.13 src/external/mpl/bind/dist/lib/dns/validator.c:1.14
--- src/external/mpl/bind/dist/lib/dns/validator.c:1.13 Mon Jun 26 18:03:00 2023
+++ src/external/mpl/bind/dist/lib/dns/validator.c Tue Feb 13 10:27:20 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: validator.c,v 1.13 2023/06/26 22:03:00 christos Exp $ */
+/* $NetBSD: validator.c,v 1.14 2024/02/13 15:27:20 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -1106,8 +1106,8 @@ create_validator(dns_validator_t *val, d
* 'rdataset'. If found, build a dst_key_t for it and point val->key at
* it.
*
- * If val->key is already
CVS commit: src/external/mpl/bind/dist/lib/dns
Module Name:src
Committed By: christos
Date: Tue Feb 13 15:24:47 UTC 2024
Modified Files:
src/external/mpl/bind/dist/lib/dns: mapapi rbt.c rbtdb.c
src/external/mpl/bind/dist/lib/dns/include/dns: rbt.h
Log Message:
Apply patch for CVE-2023-6516:
To keep its cache database efficient, `named` running as a recursive
resolver occasionally attempts to clean up the database. It uses
several methods, including some that are asynchronous: a small
chunk of memory pointing to the cache element that can be cleaned
up is first allocated and then queued for later processing. It was
discovered that if the resolver is continuously processing query
patterns triggering this type of cache-database maintenance, `named`
may not be able to handle the cleanup events in a timely manner.
This in turn enables the list of queued cleanup events to grow
infinitely large over time, allowing the configured `max-cache-size`
limit to be significantly exceeded. This issue affects BIND 9
versions 9.16.0 through 9.16.45 and 9.16.8-S1 through 9.16.45-S1.
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 src/external/mpl/bind/dist/lib/dns/mapapi
cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/rbt.c
cvs rdiff -u -r1.17 -r1.18 src/external/mpl/bind/dist/lib/dns/rbtdb.c
cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/dns/include/dns/rbt.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/bind/dist/lib/dns/mapapi
diff -u src/external/mpl/bind/dist/lib/dns/mapapi:1.2 src/external/mpl/bind/dist/lib/dns/mapapi:1.3
--- src/external/mpl/bind/dist/lib/dns/mapapi:1.2 Fri Aug 20 09:20:28 2021
+++ src/external/mpl/bind/dist/lib/dns/mapapi Tue Feb 13 10:24:47 2024
@@ -13,4 +13,4 @@
# Whenever releasing a new major release of BIND9, set this value
# back to 1.0 when releasing the first alpha. Map files are *never*
# compatible across major releases.
-MAPAPI=3.0
+MAPAPI=4.0
Index: src/external/mpl/bind/dist/lib/dns/rbt.c
diff -u src/external/mpl/bind/dist/lib/dns/rbt.c:1.13 src/external/mpl/bind/dist/lib/dns/rbt.c:1.14
--- src/external/mpl/bind/dist/lib/dns/rbt.c:1.13 Mon Jun 26 18:03:00 2023
+++ src/external/mpl/bind/dist/lib/dns/rbt.c Tue Feb 13 10:24:47 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: rbt.c,v 1.13 2023/06/26 22:03:00 christos Exp $ */
+/* $NetBSD: rbt.c,v 1.14 2024/02/13 15:24:47 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -2310,6 +2310,7 @@ create_node(isc_mem_t *mctx, const dns_n
HASHVAL(node) = 0;
ISC_LINK_INIT(node, deadlink);
+ ISC_LINK_INIT(node, prunelink);
LOCKNUM(node) = 0;
WILD(node) = 0;
Index: src/external/mpl/bind/dist/lib/dns/rbtdb.c
diff -u src/external/mpl/bind/dist/lib/dns/rbtdb.c:1.17 src/external/mpl/bind/dist/lib/dns/rbtdb.c:1.18
--- src/external/mpl/bind/dist/lib/dns/rbtdb.c:1.17 Mon Jun 26 18:03:00 2023
+++ src/external/mpl/bind/dist/lib/dns/rbtdb.c Tue Feb 13 10:24:47 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: rbtdb.c,v 1.17 2023/06/26 22:03:00 christos Exp $ */
+/* $NetBSD: rbtdb.c,v 1.18 2024/02/13 15:24:47 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -523,6 +523,10 @@ struct dns_rbtdb {
*/
rbtnodelist_t *deadnodes;
+ /* List of nodes from which recursive tree pruning can be started from.
+ * Locked by tree_lock. */
+ rbtnodelist_t prunenodes;
+
/*
* Heaps. These are used for TTL based expiry in a cache,
* or for zone resigning in a zone DB. hmctx is the memory
@@ -1069,6 +1073,7 @@ free_rbtdb(dns_rbtdb_t *rbtdb, bool log,
unsigned int i;
isc_result_t result;
char buf[DNS_NAME_FORMATSIZE];
+ dns_rbtnode_t *node = NULL;
dns_rbt_t **treep;
isc_time_t start;
@@ -1094,8 +1099,6 @@ free_rbtdb(dns_rbtdb_t *rbtdb, bool log,
* the overhead of unlinking all nodes here should be negligible.
*/
for (i = 0; i < rbtdb->node_lock_count; i++) {
- dns_rbtnode_t *node;
-
node = ISC_LIST_HEAD(rbtdb->deadnodes[i]);
while (node != NULL) {
ISC_LIST_UNLINK(rbtdb->deadnodes[i], node, deadlink);
@@ -1103,6 +1106,12 @@ free_rbtdb(dns_rbtdb_t *rbtdb, bool log,
}
}
+ node = ISC_LIST_HEAD(rbtdb->prunenodes);
+ while (node != NULL) {
+ ISC_LIST_UNLINK(rbtdb->prunenodes, node, prunelink);
+ node = ISC_LIST_HEAD(rbtdb->prunenodes);
+ }
+
if (event == NULL) {
rbtdb->quantum = (rbtdb->task != NULL) ? 100 : 0;
}
@@ -1937,19 +1946,32 @@ is_leaf(dns_rbtnode_t *node) {
node->left == NULL && node->right == NULL);
}
+/*%
+ * The tree lock must be held when this function is called as it reads and
+ * updates rbtdb->prunenodes.
+ */
static void
send_to_prune_tree(dns_rbtdb_t *rbtdb, dns_rbtnode_t *node,
isc_rwlocktype_t locktype) {
- isc_event_t *ev;
- dns_db_t *db;
+ bool pruning_queued = (ISC_LIST_HEAD(rbtdb->prunenodes) != NULL);
+
+ INSIST(locktype == isc_rwlocktype_write);
- ev = isc_event_allocate(rbtdb->common.mctx,
CVS commit: src/external/mpl/bind/dist/lib/dns
Module Name:src Committed By: christos Date: Tue Feb 13 15:24:47 UTC 2024 Modified Files: src/external/mpl/bind/dist/lib/dns: mapapi rbt.c rbtdb.c src/external/mpl/bind/dist/lib/dns/include/dns: rbt.h Log Message: Apply patch for CVE-2023-6516: To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chunk of memory pointing to the cache element that can be cleaned up is first allocated and then queued for later processing. It was discovered that if the resolver is continuously processing query patterns triggering this type of cache-database maintenance, `named` may not be able to handle the cleanup events in a timely manner. This in turn enables the list of queued cleanup events to grow infinitely large over time, allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.16.0 through 9.16.45 and 9.16.8-S1 through 9.16.45-S1. To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/mpl/bind/dist/lib/dns/mapapi cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/rbt.c cvs rdiff -u -r1.17 -r1.18 src/external/mpl/bind/dist/lib/dns/rbtdb.c cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/dns/include/dns/rbt.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist/lib/ns
Module Name:src Committed By: christos Date: Tue Feb 13 15:23:16 UTC 2024 Modified Files: src/external/mpl/bind/dist/lib/ns: query.c Log Message: Apply patch for CVE-2023-5679: A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/external/mpl/bind/dist/lib/ns/query.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist/lib/ns
Module Name:src
Committed By: christos
Date: Tue Feb 13 15:23:16 UTC 2024
Modified Files:
src/external/mpl/bind/dist/lib/ns: query.c
Log Message:
Apply patch for CVE-2023-5679:
A bad interaction between DNS64 and serve-stale may cause `named`
to crash with an assertion failure during recursive resolution,
when both of these features are enabled. This issue affects BIND
9 versions 9.16.12 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0
through 9.19.19, 9.16.12-S1 through 9.16.45-S1, and 9.18.11-S1
through 9.18.21-S1.
To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 src/external/mpl/bind/dist/lib/ns/query.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/bind/dist/lib/ns/query.c
diff -u src/external/mpl/bind/dist/lib/ns/query.c:1.18 src/external/mpl/bind/dist/lib/ns/query.c:1.19
--- src/external/mpl/bind/dist/lib/ns/query.c:1.18 Tue Feb 13 10:22:03 2024
+++ src/external/mpl/bind/dist/lib/ns/query.c Tue Feb 13 10:23:15 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: query.c,v 1.18 2024/02/13 15:22:03 christos Exp $ */
+/* $NetBSD: query.c,v 1.19 2024/02/13 15:23:15 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -6102,6 +6102,13 @@ query_lookup_stale(ns_client_t *client)
query_ctx_t qctx;
qctx_init(client, NULL, client->query.qtype, );
+ if (DNS64(client)) {
+ qctx.qtype = qctx.type = dns_rdatatype_a;
+ qctx.dns64 = true;
+ }
+ if (DNS64EXCLUDE(client)) {
+ qctx.dns64_exclude = true;
+ }
dns_db_attach(client->view->cachedb, );
client->query.attributes &= ~NS_QUERYATTR_RECURSIONOK;
client->query.dboptions |= DNS_DBFIND_STALETIMEOUT;
CVS commit: src/external/mpl/bind/dist/lib/ns
Module Name:src
Committed By: christos
Date: Tue Feb 13 15:22:03 UTC 2024
Modified Files:
src/external/mpl/bind/dist/lib/ns: query.c
Log Message:
Apply patch for CVE-2023-5517:
A flaw in query-handling code can cause `named` to exit prematurely
with an assertion failure when: - `nxdomain-redirect ;` is
configured, and - the resolver receives a PTR query for an RFC 1918
address that would normally result in an authoritative NXDOMAIN
response. This issue affects BIND 9 versions 9.12.0 through 9.16.45,
9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through
9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1.
To generate a diff of this commit:
cvs rdiff -u -r1.17 -r1.18 src/external/mpl/bind/dist/lib/ns/query.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/bind/dist/lib/ns/query.c
diff -u src/external/mpl/bind/dist/lib/ns/query.c:1.17 src/external/mpl/bind/dist/lib/ns/query.c:1.18
--- src/external/mpl/bind/dist/lib/ns/query.c:1.17 Mon Jun 26 18:03:01 2023
+++ src/external/mpl/bind/dist/lib/ns/query.c Tue Feb 13 10:22:03 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: query.c,v 1.17 2023/06/26 22:03:01 christos Exp $ */
+/* $NetBSD: query.c,v 1.18 2024/02/13 15:22:03 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -459,10 +459,10 @@ static void
query_addnxrrsetnsec(query_ctx_t *qctx);
static isc_result_t
-query_nxdomain(query_ctx_t *qctx, bool empty_wild);
+query_nxdomain(query_ctx_t *qctx, isc_result_t result);
static isc_result_t
-query_redirect(query_ctx_t *qctx);
+query_redirect(query_ctx_t *qctx, isc_result_t result);
static isc_result_t
query_ncache(query_ctx_t *qctx, isc_result_t result);
@@ -7352,8 +7352,7 @@ query_usestale(query_ctx_t *qctx, isc_re
* result from the search.
*/
static isc_result_t
-query_gotanswer(query_ctx_t *qctx, isc_result_t res) {
- isc_result_t result = res;
+query_gotanswer(query_ctx_t *qctx, isc_result_t result) {
char errmsg[256];
CCTRACE(ISC_LOG_DEBUG(3), "query_gotanswer");
@@ -7423,16 +7422,16 @@ root_key_sentinel:
return (query_nodata(qctx, DNS_R_NXRRSET));
case DNS_R_EMPTYWILD:
- return (query_nxdomain(qctx, true));
+ return (query_nxdomain(qctx, DNS_R_EMPTYWILD));
case DNS_R_NXDOMAIN:
- return (query_nxdomain(qctx, false));
+ return (query_nxdomain(qctx, DNS_R_NXDOMAIN));
case DNS_R_COVERINGNSEC:
return (query_coveringnsec(qctx));
case DNS_R_NCACHENXDOMAIN:
- result = query_redirect(qctx);
+ result = query_redirect(qctx, result);
if (result != ISC_R_COMPLETE) {
return (result);
}
@@ -9250,10 +9249,10 @@ query_addnxrrsetnsec(query_ctx_t *qctx)
* Handle NXDOMAIN and empty wildcard responses.
*/
static isc_result_t
-query_nxdomain(query_ctx_t *qctx, bool empty_wild) {
+query_nxdomain(query_ctx_t *qctx, isc_result_t result) {
dns_section_t section;
uint32_t ttl;
- isc_result_t result;
+ bool empty_wild = (result == DNS_R_EMPTYWILD);
CCTRACE(ISC_LOG_DEBUG(3), "query_nxdomain");
@@ -9262,7 +9261,7 @@ query_nxdomain(query_ctx_t *qctx, bool e
INSIST(qctx->is_zone || REDIRECT(qctx->client));
if (!empty_wild) {
- result = query_redirect(qctx);
+ result = query_redirect(qctx, result);
if (result != ISC_R_COMPLETE) {
return (result);
}
@@ -9350,7 +9349,7 @@ cleanup:
* redirecting, so query processing should continue past it.
*/
static isc_result_t
-query_redirect(query_ctx_t *qctx) {
+query_redirect(query_ctx_t *qctx, isc_result_t saved_result) {
isc_result_t result;
CCTRACE(ISC_LOG_DEBUG(3), "query_redirect");
@@ -9391,7 +9390,7 @@ query_redirect(query_ctx_t *qctx) {
SAVE(qctx->client->query.redirect.rdataset, qctx->rdataset);
SAVE(qctx->client->query.redirect.sigrdataset,
qctx->sigrdataset);
- qctx->client->query.redirect.result = DNS_R_NCACHENXDOMAIN;
+ qctx->client->query.redirect.result = saved_result;
dns_name_copynf(qctx->fname,
qctx->client->query.redirect.fname);
qctx->client->query.redirect.authoritative =
@@ -10006,7 +10005,7 @@ query_coveringnsec(query_ctx_t *qctx) {
* We now have the proof that we have an NXDOMAIN. Apply
* NXDOMAIN redirection if configured.
*/
- result = query_redirect(qctx);
+ result = query_redirect(qctx, DNS_R_COVERINGNSEC);
if (result != ISC_R_COMPLETE) {
redirected = true;
goto cleanup;
CVS commit: src/external/mpl/bind/dist/lib/ns
Module Name:src Committed By: christos Date: Tue Feb 13 15:22:03 UTC 2024 Modified Files: src/external/mpl/bind/dist/lib/ns: query.c Log Message: Apply patch for CVE-2023-5517: A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect ;` is configured, and - the resolver receives a PTR query for an RFC 1918 address that would normally result in an authoritative NXDOMAIN response. This issue affects BIND 9 versions 9.12.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1. To generate a diff of this commit: cvs rdiff -u -r1.17 -r1.18 src/external/mpl/bind/dist/lib/ns/query.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist
Module Name:src Committed By: christos Date: Tue Feb 13 15:21:10 UTC 2024 Modified Files: src/external/mpl/bind/dist/bin/plugins: filter-.c src/external/mpl/bind/dist/lib/dns: catz.c message.c name.c rpz.c src/external/mpl/bind/dist/lib/dns/include/dns: message.h name.h src/external/mpl/bind/dist/lib/dns/win32: libdns.def.in src/external/mpl/bind/dist/lib/isc: ht.c src/external/mpl/bind/dist/lib/isc/include/isc: ht.h src/external/mpl/bind/dist/lib/isc/tests: ht_test.c Log Message: Apply patch for CVE-2023-4408: The DNS message parsing code in `named` includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected `named` instance by exploiting this flaw. This issue affects both authoritative servers and recursive resolvers. This issue affects BIND 9 versions 9.0.0 through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19, 9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and 9.18.11-S1 through 9.18.21-S1. To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/external/mpl/bind/dist/bin/plugins/filter-.c cvs rdiff -u -r1.10 -r1.11 src/external/mpl/bind/dist/lib/dns/catz.c cvs rdiff -u -r1.15 -r1.16 src/external/mpl/bind/dist/lib/dns/message.c cvs rdiff -u -r1.12 -r1.13 src/external/mpl/bind/dist/lib/dns/name.c cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/rpz.c cvs rdiff -u -r1.11 -r1.12 \ src/external/mpl/bind/dist/lib/dns/include/dns/message.h cvs rdiff -u -r1.9 -r1.10 \ src/external/mpl/bind/dist/lib/dns/include/dns/name.h cvs rdiff -u -r1.1.1.12 -r1.2 \ src/external/mpl/bind/dist/lib/dns/win32/libdns.def.in cvs rdiff -u -r1.8 -r1.9 src/external/mpl/bind/dist/lib/isc/ht.c cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/isc/include/isc/ht.h cvs rdiff -u -r1.9 -r1.10 src/external/mpl/bind/dist/lib/isc/tests/ht_test.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/bind/dist
Module Name:src
Committed By: christos
Date: Tue Feb 13 15:21:10 UTC 2024
Modified Files:
src/external/mpl/bind/dist/bin/plugins: filter-.c
src/external/mpl/bind/dist/lib/dns: catz.c message.c name.c rpz.c
src/external/mpl/bind/dist/lib/dns/include/dns: message.h name.h
src/external/mpl/bind/dist/lib/dns/win32: libdns.def.in
src/external/mpl/bind/dist/lib/isc: ht.c
src/external/mpl/bind/dist/lib/isc/include/isc: ht.h
src/external/mpl/bind/dist/lib/isc/tests: ht_test.c
Log Message:
Apply patch for CVE-2023-4408:
The DNS message parsing code in `named` includes a section whose
computational complexity is overly high. It does not cause problems
for typical DNS traffic, but crafted queries and responses may
cause excessive CPU load on the affected `named` instance by
exploiting this flaw. This issue affects both authoritative servers
and recursive resolvers. This issue affects BIND 9 versions 9.0.0
through 9.16.45, 9.18.0 through 9.18.21, 9.19.0 through 9.19.19,
9.9.3-S1 through 9.11.37-S1, 9.16.8-S1 through 9.16.45-S1, and
9.18.11-S1 through 9.18.21-S1.
To generate a diff of this commit:
cvs rdiff -u -r1.8 -r1.9 src/external/mpl/bind/dist/bin/plugins/filter-.c
cvs rdiff -u -r1.10 -r1.11 src/external/mpl/bind/dist/lib/dns/catz.c
cvs rdiff -u -r1.15 -r1.16 src/external/mpl/bind/dist/lib/dns/message.c
cvs rdiff -u -r1.12 -r1.13 src/external/mpl/bind/dist/lib/dns/name.c
cvs rdiff -u -r1.13 -r1.14 src/external/mpl/bind/dist/lib/dns/rpz.c
cvs rdiff -u -r1.11 -r1.12 \
src/external/mpl/bind/dist/lib/dns/include/dns/message.h
cvs rdiff -u -r1.9 -r1.10 \
src/external/mpl/bind/dist/lib/dns/include/dns/name.h
cvs rdiff -u -r1.1.1.12 -r1.2 \
src/external/mpl/bind/dist/lib/dns/win32/libdns.def.in
cvs rdiff -u -r1.8 -r1.9 src/external/mpl/bind/dist/lib/isc/ht.c
cvs rdiff -u -r1.6 -r1.7 src/external/mpl/bind/dist/lib/isc/include/isc/ht.h
cvs rdiff -u -r1.9 -r1.10 src/external/mpl/bind/dist/lib/isc/tests/ht_test.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/external/mpl/bind/dist/bin/plugins/filter-.c
diff -u src/external/mpl/bind/dist/bin/plugins/filter-.c:1.8 src/external/mpl/bind/dist/bin/plugins/filter-.c:1.9
--- src/external/mpl/bind/dist/bin/plugins/filter-.c:1.8 Wed Jan 25 16:43:24 2023
+++ src/external/mpl/bind/dist/bin/plugins/filter-.c Tue Feb 13 10:21:09 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: filter-.c,v 1.8 2023/01/25 21:43:24 christos Exp $ */
+/* $NetBSD: filter-.c,v 1.9 2024/02/13 15:21:09 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -352,7 +352,7 @@ plugin_register(const char *parameters,
cfg_line, mctx, lctx, actx));
}
- isc_ht_init(>ht, mctx, 16);
+ isc_ht_init(>ht, mctx, 16, ISC_HT_CASE_SENSITIVE);
isc_mutex_init(>hlock);
/*
Index: src/external/mpl/bind/dist/lib/dns/catz.c
diff -u src/external/mpl/bind/dist/lib/dns/catz.c:1.10 src/external/mpl/bind/dist/lib/dns/catz.c:1.11
--- src/external/mpl/bind/dist/lib/dns/catz.c:1.10 Mon Jun 26 18:03:00 2023
+++ src/external/mpl/bind/dist/lib/dns/catz.c Tue Feb 13 10:21:09 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: catz.c,v 1.10 2023/06/26 22:03:00 christos Exp $ */
+/* $NetBSD: catz.c,v 1.11 2024/02/13 15:21:09 christos Exp $ */
/*
* Copyright (C) Internet Systems Consortium, Inc. ("ISC")
@@ -425,9 +425,9 @@ dns_catz_zones_merge(dns_catz_zone_t *ta
dns_name_format(>name, czname, DNS_NAME_FORMATSIZE);
- isc_ht_init(, target->catzs->mctx, 16);
+ isc_ht_init(, target->catzs->mctx, 16, ISC_HT_CASE_SENSITIVE);
- isc_ht_init(, target->catzs->mctx, 16);
+ isc_ht_init(, target->catzs->mctx, 16, ISC_HT_CASE_SENSITIVE);
isc_ht_iter_create(newzone->entries, );
@@ -612,7 +612,7 @@ dns_catz_new_zones(dns_catz_zones_t **ca
isc_refcount_init(_zones->refs, 1);
- isc_ht_init(_zones->zones, mctx, 4);
+ isc_ht_init(_zones->zones, mctx, 4, ISC_HT_CASE_SENSITIVE);
isc_mem_attach(mctx, _zones->mctx);
new_zones->zmm = zmm;
@@ -664,7 +664,7 @@ dns_catz_new_zone(dns_catz_zones_t *catz
dns_name_init(_zone->name, NULL);
dns_name_dup(name, catzs->mctx, _zone->name);
- isc_ht_init(_zone->entries, catzs->mctx, 16);
+ isc_ht_init(_zone->entries, catzs->mctx, 16, ISC_HT_CASE_SENSITIVE);
new_zone->updatetimer = NULL;
result = isc_timer_create(catzs->timermgr, isc_timertype_inactive, NULL,
Index: src/external/mpl/bind/dist/lib/dns/message.c
diff -u src/external/mpl/bind/dist/lib/dns/message.c:1.15 src/external/mpl/bind/dist/lib/dns/message.c:1.16
--- src/external/mpl/bind/dist/lib/dns/message.c:1.15 Wed Jan 25 16:43:30 2023
+++ src/external/mpl/bind/dist/lib/dns/message.c Tue Feb 13 10:21:09 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: message.c,v 1.15 2023/01/25 21:43:30 christos Exp $ */
+/* $NetBSD: message.c,v 1.16 2024/02/13 15:21:09 christos Exp $ */
/*
* Copyright (C) Internet Systems
CVS commit: src/sys/dev
Module Name:src
Committed By: msaitoh
Date: Tue Feb 13 14:56:52 UTC 2024
Modified Files:
src/sys/dev/ic: mfireg.h
src/sys/dev/pci: mfii.c
Log Message:
mfii(4): Apply two changes from OpenBSD to fix an unknown firmware state.
My own MegaRAID 946N-8i 2G", firmware 50.5.0-2594 failed to attach.
mfii0: unknown firmware state 1879048192
1879048192 equals to 0x7000(== MFI_STATE_FW_INIT_2).
Apply following two OpenBSD commits to resolve this problem.
sys/dev/pci/mfii.c OpenBSD rev. 1.86
sys/dev/ic/mfireg.h OpenBSD rev. 1.52
Make mfii(4) recover from firmware FAULT state on startup.
In case firmware initially comes up in FAULT state, reset the device and
give it one more chance to attach successfully. The Linux megaraid_sas
driver applies the same workaround in this case. There seems to be a bug
in some firmware versions which can trigger this behaviour; see mainline
Linux commit 6431f5d7c6025f8b007af06ea090de308f7e6881
Problem observed by me with mfii(4) attached via KVM PCI-passthrough:
mfii0 at pci0 dev 2 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi
mfii0: firmware fault
With this workaround in place, attachment succeeds and the device works:
mfii0 at pci0 dev 2 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi
mfii0: firmware fault; attempting full device reset, this can take some time
mfii0: "RAID Ctrl SAS 6G 1GB (D3116C)", firmware 23.29.0-0019, 1024MB cache
Tested for regressions on bare metal by Hrvoje with two different adapters:
mfii0 at pci1 dev 0 function 0 "Symbios Logic MegaRAID SAS3508" rev 0x01: msi
mfii0: "PERC H740P Mini ", firmware 51.16.0-4076, 8192MB cache
mfii0 at pci4 dev 0 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi
mfii0: "ServeRAID M5110", firmware 23.34.0-0023, 512MB cache
ok jmatthew@
sys/dev/pci/mfii.c OpenBSD rev. 1.87
Give mfii(4) firmware more time to transition out of UNDEFINED state.
Prevents occasional failure to recover from firmware FAULT state where
the driver gave up too early: mfii0: firmware stuck in state 0
ok deraadt@
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/sys/dev/ic/mfireg.h
cvs rdiff -u -r1.31 -r1.32 src/sys/dev/pci/mfii.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/ic/mfireg.h
diff -u src/sys/dev/ic/mfireg.h:1.24 src/sys/dev/ic/mfireg.h:1.25
--- src/sys/dev/ic/mfireg.h:1.24 Sat Jul 16 06:52:40 2022
+++ src/sys/dev/ic/mfireg.h Tue Feb 13 14:56:52 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: mfireg.h,v 1.24 2022/07/16 06:52:40 msaitoh Exp $ */
+/* $NetBSD: mfireg.h,v 1.25 2024/02/13 14:56:52 msaitoh Exp $ */
/* $OpenBSD: mfireg.h,v 1.24 2006/06/19 19:05:45 marco Exp $ */
/*
* Copyright (c) 2006 Marco Peereboom
@@ -110,6 +110,7 @@
#define MFI_STATE_WAIT_HANDSHAKE 0x6000
#define MFI_STATE_FW_INIT_2 0x7000
#define MFI_STATE_DEVICE_SCAN 0x8000
+#define MFI_STATE_BOOT_MESSAGE_PENDING 0x9000
#define MFI_STATE_FLUSH_CACHE 0xa000
#define MFI_STATE_READY 0xb000
#define MFI_STATE_OPERATIONAL 0xc000
@@ -135,6 +136,7 @@
#define MFI_INIT_READY 0x0002
#define MFI_INIT_MFIMODE 0x0004
#define MFI_INIT_CLEAR_HANDSHAKE 0x0008
+#define MFI_INIT_HOTPLUG 0x0010
#define MFI_RESET_FLAGS MFI_INIT_READY | MFI_INIT_MFIMODE | \
MFI_INIT_ABORT
#define MFI_INIT_HOTPLUG 0x0010
Index: src/sys/dev/pci/mfii.c
diff -u src/sys/dev/pci/mfii.c:1.31 src/sys/dev/pci/mfii.c:1.32
--- src/sys/dev/pci/mfii.c:1.31 Thu Oct 5 21:41:00 2023
+++ src/sys/dev/pci/mfii.c Tue Feb 13 14:56:52 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: mfii.c,v 1.31 2023/10/05 21:41:00 christos Exp $ */
+/* $NetBSD: mfii.c,v 1.32 2024/02/13 14:56:52 msaitoh Exp $ */
/* $OpenBSD: mfii.c,v 1.58 2018/08/14 05:22:21 jmatthew Exp $ */
/*
@@ -19,7 +19,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: mfii.c,v 1.31 2023/10/05 21:41:00 christos Exp $");
+__KERNEL_RCSID(0, "$NetBSD: mfii.c,v 1.32 2024/02/13 14:56:52 msaitoh Exp $");
#include "bio.h"
@@ -440,6 +440,7 @@ static void mfii_put_ccb(struct mfii_so
static int mfii_init_ccb(struct mfii_softc *);
static void mfii_scrub_ccb(struct mfii_ccb *);
+static int mfii_reset_hard(struct mfii_softc *);
static int mfii_transition_firmware(struct mfii_softc *);
static int mfii_initialise_firmware(struct mfii_softc *);
static int mfii_get_info(struct mfii_softc *);
@@ -1489,11 +1490,58 @@ mfii_aen_unregister(struct mfii_softc *s
/* XXX */
}
+int
+mfii_reset_hard(struct mfii_softc *sc)
+{
+ uint16_t i;
+
+ mfii_write(sc, MFI_OSTS, 0);
+
+ /* enable diagnostic register */
+ mfii_write(sc, MPII_WRITESEQ, MPII_WRITESEQ_FLUSH);
+ mfii_write(sc, MPII_WRITESEQ, MPII_WRITESEQ_1);
+ mfii_write(sc, MPII_WRITESEQ, MPII_WRITESEQ_2);
+ mfii_write(sc, MPII_WRITESEQ, MPII_WRITESEQ_3);
+ mfii_write(sc, MPII_WRITESEQ, MPII_WRITESEQ_4);
+
CVS commit: src/sys/dev
Module Name:src Committed By: msaitoh Date: Tue Feb 13 14:56:52 UTC 2024 Modified Files: src/sys/dev/ic: mfireg.h src/sys/dev/pci: mfii.c Log Message: mfii(4): Apply two changes from OpenBSD to fix an unknown firmware state. My own MegaRAID 946N-8i 2G", firmware 50.5.0-2594 failed to attach. mfii0: unknown firmware state 1879048192 1879048192 equals to 0x7000(== MFI_STATE_FW_INIT_2). Apply following two OpenBSD commits to resolve this problem. sys/dev/pci/mfii.c OpenBSD rev. 1.86 sys/dev/ic/mfireg.h OpenBSD rev. 1.52 Make mfii(4) recover from firmware FAULT state on startup. In case firmware initially comes up in FAULT state, reset the device and give it one more chance to attach successfully. The Linux megaraid_sas driver applies the same workaround in this case. There seems to be a bug in some firmware versions which can trigger this behaviour; see mainline Linux commit 6431f5d7c6025f8b007af06ea090de308f7e6881 Problem observed by me with mfii(4) attached via KVM PCI-passthrough: mfii0 at pci0 dev 2 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi mfii0: firmware fault With this workaround in place, attachment succeeds and the device works: mfii0 at pci0 dev 2 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi mfii0: firmware fault; attempting full device reset, this can take some time mfii0: "RAID Ctrl SAS 6G 1GB (D3116C)", firmware 23.29.0-0019, 1024MB cache Tested for regressions on bare metal by Hrvoje with two different adapters: mfii0 at pci1 dev 0 function 0 "Symbios Logic MegaRAID SAS3508" rev 0x01: msi mfii0: "PERC H740P Mini ", firmware 51.16.0-4076, 8192MB cache mfii0 at pci4 dev 0 function 0 "Symbios Logic MegaRAID SAS2208" rev 0x05: msi mfii0: "ServeRAID M5110", firmware 23.34.0-0023, 512MB cache ok jmatthew@ sys/dev/pci/mfii.c OpenBSD rev. 1.87 Give mfii(4) firmware more time to transition out of UNDEFINED state. Prevents occasional failure to recover from firmware FAULT state where the driver gave up too early: mfii0: firmware stuck in state 0 ok deraadt@ To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/sys/dev/ic/mfireg.h cvs rdiff -u -r1.31 -r1.32 src/sys/dev/pci/mfii.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/sun
Module Name:src Committed By: thorpej Date: Tue Feb 13 13:46:14 UTC 2024 Modified Files: src/sys/dev/sun: sireg.h Log Message: Add the Sun3 obio flavor's DMA controller access registers. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/dev/sun/sireg.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/sun
Module Name:src
Committed By: thorpej
Date: Tue Feb 13 13:46:14 UTC 2024
Modified Files:
src/sys/dev/sun: sireg.h
Log Message:
Add the Sun3 obio flavor's DMA controller access registers.
To generate a diff of this commit:
cvs rdiff -u -r1.1 -r1.2 src/sys/dev/sun/sireg.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/sun/sireg.h
diff -u src/sys/dev/sun/sireg.h:1.1 src/sys/dev/sun/sireg.h:1.2
--- src/sys/dev/sun/sireg.h:1.1 Tue Feb 13 05:35:13 2024
+++ src/sys/dev/sun/sireg.h Tue Feb 13 13:46:14 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: sireg.h,v 1.1 2024/02/13 05:35:13 thorpej Exp $ */
+/* $NetBSD: sireg.h,v 1.2 2024/02/13 13:46:14 thorpej Exp $ */
/*-
* Copyright (c) 2000 The NetBSD Foundation, Inc.
@@ -54,7 +54,9 @@ struct si_regs {
u_short dma_counth; /* DMA count (VME only) */
u_short dma_countl; /* (high word, low word) */
- u_int pad0; /* no-existent register */
+ /* AMD 9516 regs (OBIO only) see am9516.h */
+ u_short udc_data; /* Am9516, reg data (OBIO only) */
+ u_short udc_addr; /* Am9516, reg addr (OBIO only) */
u_short fifo_data; /* fifo data register */
u_short fifo_count; /* fifo count register */
@@ -83,6 +85,8 @@ struct si_regs {
#define SIREG_DMA_ADDRL (NCR5380REGS_SZ + 2) /* DMA address, low word */
#define SIREG_DMA_CNTH (NCR5380REGS_SZ + 4) /* DMA count, high word */
#define SIREG_DMA_CNTL (NCR5380REGS_SZ + 6) /* DMA count, low word */
+#define SIREG_UDC_DATA (NCR5380REGS_SZ + 8) /* UDC reg data */
+#define SIREG_UDC_ADDR (NCR5380REGS_SZ + 10) /* UDC reg addr */
#define SIREG_FIFO_DATA (NCR5380REGS_SZ + 12) /* FIFO data */
#define SIREG_FIFO_CNT (NCR5380REGS_SZ + 14) /* FIFO count, low word */
#define SIREG_CSR (NCR5380REGS_SZ + 16) /* Control/status register */
CVS commit: src/sys/arch/hppa
Module Name:src
Committed By: macallan
Date: Tue Feb 13 13:40:13 UTC 2024
Modified Files:
src/sys/arch/hppa/conf: files.hppa
Added Files:
src/sys/arch/hppa/dev: gftfb.c
Log Message:
crude beginning of a native driver for PCI Visualize EG cards
so far it supports:
- colour
- virtual consoles
todo:
- mmap
- hardware acceleration
- STI refactoring
To generate a diff of this commit:
cvs rdiff -u -r1.24 -r1.25 src/sys/arch/hppa/conf/files.hppa
cvs rdiff -u -r0 -r1.1 src/sys/arch/hppa/dev/gftfb.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/arch/hppa/conf/files.hppa
diff -u src/sys/arch/hppa/conf/files.hppa:1.24 src/sys/arch/hppa/conf/files.hppa:1.25
--- src/sys/arch/hppa/conf/files.hppa:1.24 Wed Mar 23 17:35:41 2022
+++ src/sys/arch/hppa/conf/files.hppa Tue Feb 13 13:40:13 2024
@@ -1,4 +1,4 @@
-# $NetBSD: files.hppa,v 1.24 2022/03/23 17:35:41 macallan Exp $
+# $NetBSD: files.hppa,v 1.25 2024/02/13 13:40:13 macallan Exp $
#
# $OpenBSD: files.hppa,v 1.31 2001/06/26 02:41:25 mickey Exp $
#
@@ -271,6 +271,10 @@ file arch/hppa/gsc/com_harmony.c com_har
#attach myri at pci
#file dev/pci/myri.c myri
+# PCI Visualize EG
+device gftfb: wsemuldisplaydev, rasops8, vcons, glyphcache, sti_pci, sti
+attach gftfb at pci
+file arch/hppa/dev/gftfb.c gftfb
# Memory Disk
file dev/md_root.c memory_disk_hooks
Added files:
Index: src/sys/arch/hppa/dev/gftfb.c
diff -u /dev/null src/sys/arch/hppa/dev/gftfb.c:1.1
--- /dev/null Tue Feb 13 13:40:13 2024
+++ src/sys/arch/hppa/dev/gftfb.c Tue Feb 13 13:40:13 2024
@@ -0,0 +1,895 @@
+/* $NetBSD: gftfb.c,v 1.1 2024/02/13 13:40:13 macallan Exp $ */
+
+/* $OpenBSD: sti_pci.c,v 1.7 2009/02/06 22:51:04 miod Exp $ */
+
+/*
+ * Copyright (c) 2006, 2007 Miodrag Vallat.
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice, this permission notice, and the disclaimer below
+ * appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include
+#include
+#include
+#include
+
+#include
+#include
+#include
+#include
+
+#include
+#include
+#include
+#include
+#include
+#include
+#include
+
+#include
+#include
+
+#ifdef STIDEBUG
+#define DPRINTF(s) do { \
+ if (stidebug) \
+ printf s; \
+} while(0)
+
+extern int stidebug;
+#else
+#define DPRINTF(s) /* */
+#endif
+
+int gftfb_match(device_t, cfdata_t, void *);
+void gftfb_attach(device_t, device_t, void *);
+
+struct gftfb_softc {
+ device_t sc_dev;
+ pci_chipset_tag_t sc_pc;
+ pcitag_t sc_tag;
+
+ /* stuff we need in order to use the STI ROM */
+ struct sti_softc sc_base;
+ struct sti_screen sc_scr;
+ bus_space_handle_t sc_romh;
+
+ int sc_width, sc_height;
+ int sc_locked;
+ struct vcons_screen sc_console_screen;
+ struct wsscreen_descr sc_defaultscreen_descr;
+ const struct wsscreen_descr *sc_screens[1];
+ struct wsscreen_list sc_screenlist;
+ struct vcons_data vd;
+ int sc_mode;
+ u_char sc_cmap_red[256];
+ u_char sc_cmap_green[256];
+ u_char sc_cmap_blue[256];
+ glyphcache sc_gc;
+};
+
+CFATTACH_DECL_NEW(gftfb, sizeof(struct gftfb_softc),
+gftfb_match, gftfb_attach, NULL, NULL);
+
+int gftfb_readbar(struct sti_softc *, struct pci_attach_args *, u_int, int);
+int gftfb_check_rom(struct gftfb_softc *, struct pci_attach_args *);
+void gftfb_enable_rom(struct sti_softc *);
+void gftfb_disable_rom(struct sti_softc *);
+void gftfb_enable_rom_internal(struct gftfb_softc *);
+void gftfb_disable_rom_internal(struct gftfb_softc *);
+
+void gftfb_setup(struct gftfb_softc *);
+void gftfb_wait(struct gftfb_softc *);
+
+#define ngle_bt458_write(memt, memh, r, v) \
+ bus_space_write_stream_4(memt, memh, NGLE_REG_RAMDAC + ((r) << 2), (v) << 24)
+
+void gftfb_setup_fb(struct gftfb_softc *);
+
+/* XXX these really need o go into their own header */
+int sti_pci_is_console(struct pci_attach_args *, bus_addr_t *);
+int sti_rom_setup(struct sti_rom *, bus_space_tag_t, bus_space_tag_t,
+ bus_space_handle_t, bus_addr_t *, u_int);
+int sti_screen_setup(struct sti_screen *, int);
+void sti_describe_screen(struct sti_softc *, struct sti_screen *);
+
+#define PCI_ROM_SIZE(mr)\
+(PCI_MAPREG_ROM_ADDR(mr) & -PCI_MAPREG_ROM_ADDR(mr))
+
+/* wsdisplay stuff */
+static int gftfb_ioctl(void *, void *, u_long, void *, int,
+ struct lwp *);
CVS commit: src/sys/arch/hppa
Module Name:src Committed By: macallan Date: Tue Feb 13 13:40:13 UTC 2024 Modified Files: src/sys/arch/hppa/conf: files.hppa Added Files: src/sys/arch/hppa/dev: gftfb.c Log Message: crude beginning of a native driver for PCI Visualize EG cards so far it supports: - colour - virtual consoles todo: - mmap - hardware acceleration - STI refactoring To generate a diff of this commit: cvs rdiff -u -r1.24 -r1.25 src/sys/arch/hppa/conf/files.hppa cvs rdiff -u -r0 -r1.1 src/sys/arch/hppa/dev/gftfb.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/ic
Module Name:src
Committed By: macallan
Date: Tue Feb 13 13:17:51 UTC 2024
Modified Files:
src/sys/dev/ic: sti.c
Log Message:
in sti_screen_setup() don't bother looking for fonts if STI_FBMODE is requested
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 src/sys/dev/ic/sti.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/sys/dev/ic/sti.c
diff -u src/sys/dev/ic/sti.c:1.34 src/sys/dev/ic/sti.c:1.35
--- src/sys/dev/ic/sti.c:1.34 Thu Feb 1 06:50:36 2024
+++ src/sys/dev/ic/sti.c Tue Feb 13 13:17:51 2024
@@ -1,4 +1,4 @@
-/* $NetBSD: sti.c,v 1.34 2024/02/01 06:50:36 skrll Exp $ */
+/* $NetBSD: sti.c,v 1.35 2024/02/13 13:17:51 macallan Exp $ */
/* $OpenBSD: sti.c,v 1.61 2009/09/05 14:09:35 miod Exp $ */
@@ -35,7 +35,7 @@
*/
#include
-__KERNEL_RCSID(0, "$NetBSD: sti.c,v 1.34 2024/02/01 06:50:36 skrll Exp $");
+__KERNEL_RCSID(0, "$NetBSD: sti.c,v 1.35 2024/02/13 13:17:51 macallan Exp $");
#include "wsdisplay.h"
@@ -556,6 +556,12 @@ sti_screen_setup(struct sti_screen *scr,
scr->owidth = cfg.owidth;
memcpy(scr->name, cfg.name, sizeof(scr->name));
+ if (flags & STI_FBMODE) {
+ /* we're done here */
+ sti_init(scr, STI_FBMODE);
+ return 0;
+ }
+
if ((error = sti_init(scr, STI_TEXTMODE | flags))) {
aprint_error(": cannot initialize (%d)\n", error);
goto fail;
CVS commit: src/sys/dev/ic
Module Name:src Committed By: macallan Date: Tue Feb 13 13:17:51 UTC 2024 Modified Files: src/sys/dev/ic: sti.c Log Message: in sti_screen_setup() don't bother looking for fonts if STI_FBMODE is requested To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/sys/dev/ic/sti.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
