Re: CVS commit: src/lib/libc
> Date: Sat, 14 Sep 2024 22:26:37 - (UTC) > From: chris...@astron.com (Christos Zoulas) > > In article , > Thomas Klausner wrote: > >On Wed, Sep 11, 2024 at 09:50:35AM -0400, Christos Zoulas wrote: > >> POSIX.1-2024 removes asctime_r and ctime_r and does not let > >> libraries define them, so remove them except when needed to > >> conform to earlier POSIX. These functions are dangerous as they > >> can overrun user buffers. If you still need them, add > >> -DSUPPORT_POSIX2008 to CFLAGS. > > > >Hm, that sounds like we should hide asctime_r and ctime_r? > > I think that it will break stuff in pkgsrc... We could, I guess. We have to continue defining the symbols in libc. We can put the declarations in time.h under #if (_POSIX_C_SOURCE - 0 < 202405L) || defined(_NETBSD_SOURCE) ... #endif in addition to whatever conditions are already there. The _POSIX_C_SOURCE part is mandatory for POSIX.1-2024 compliance. The _NETBSD_SOURCE part is up to us and we could choose to remove it later (or invent a date system for _NETBSD_SOURCE like _POSIX_C_SOURCE), or, rather, replace it by __LIBC12_SOURCE__ so the libc definitions still work.
CVS commit: src/distrib/sets/lists/base
Module Name:src Committed By: riastradh Date: Thu Sep 12 09:43:56 UTC 2024 Modified Files: src/distrib/sets/lists/base: mi Log Message: distrib/sets/lists/base/mi: Un-obsolete certSIGN_ROOT_CA.pem file. The CA is still kosher for TLS servers, so the original file /usr/share/certs/mozilla/all/certSIGN_ROOT_CA.pem and the symlink /usr/share/certs/mozilla/server/certSIGN_ROOT_CA.pem should still be there. It was only removed from S/MIME email trust, so only the symlink /usr/share/certs/mozilla/email/certSIGN_ROOT_CA.pem is obsolete. PR misc/58667 To generate a diff of this commit: cvs rdiff -u -r1.1352 -r1.1353 src/distrib/sets/lists/base/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/base/mi diff -u src/distrib/sets/lists/base/mi:1.1352 src/distrib/sets/lists/base/mi:1.1353 --- src/distrib/sets/lists/base/mi:1.1352 Sun Sep 8 22:35:02 2024 +++ src/distrib/sets/lists/base/mi Thu Sep 12 09:43:56 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1352 2024/09/08 22:35:02 kre Exp $ +# $NetBSD: mi,v 1.1353 2024/09/12 09:43:56 riastradh Exp $ # # Note: Don't delete entries from here - mark them as "obsolete" instead, # unless otherwise stated below. @@ -2069,7 +2069,7 @@ ./usr/share/certs/mozilla/all/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem base-obsolete obsolete ./usr/share/certs/mozilla/all/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem base-obsolete obsolete ./usr/share/certs/mozilla/all/XRamp_Global_CA_Root.pem base-mozcerts-share share -./usr/share/certs/mozilla/all/certSIGN_ROOT_CA.pem base-obsolete obsolete +./usr/share/certs/mozilla/all/certSIGN_ROOT_CA.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/certSIGN_Root_CA_G2.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/e-Szigno_Root_CA_2017.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/ePKI_Root_Certification_Authority.pem base-mozcerts-share share
CVS commit: src/distrib/sets/lists/base
Module Name:src Committed By: riastradh Date: Thu Sep 12 09:43:56 UTC 2024 Modified Files: src/distrib/sets/lists/base: mi Log Message: distrib/sets/lists/base/mi: Un-obsolete certSIGN_ROOT_CA.pem file. The CA is still kosher for TLS servers, so the original file /usr/share/certs/mozilla/all/certSIGN_ROOT_CA.pem and the symlink /usr/share/certs/mozilla/server/certSIGN_ROOT_CA.pem should still be there. It was only removed from S/MIME email trust, so only the symlink /usr/share/certs/mozilla/email/certSIGN_ROOT_CA.pem is obsolete. PR misc/58667 To generate a diff of this commit: cvs rdiff -u -r1.1352 -r1.1353 src/distrib/sets/lists/base/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Re: CVS commit: src/sys/sys
> Date: Thu, 12 Sep 2024 00:05:24 +0900 > From: Ryo ONODERA > > "Taylor R Campbell" writes: > > > sys/endian.h: Hide le32enc/be32enc/... under _NETBSD_SOURCE. > > > > These are non-standard extensions, so they should not be exposed by, > > e.g., _XOPEN_SOURCE=700. > > > > PR standards/57807: #include spuriously defines > > le32enc/be32enc/... under _XOPEN_SOURCE=700 > > After this change, -current build on -current is broken, > because tools/libctf defines _NETBSD_SOURCE and le32dec and so on > cause conflicts. > > I think HAVE_NBTOOLS_CONFIG_H part in external/cddl/osnet/sys/sys/types.h > may be problematic. However it is not clear how to fix properly. > > Could you take a look at this problem? christos was looking at this yesterday -- christos, did you make progress after our discussion? > P.S. > I feel that HAVE_NBTOOLS_CONFIG_H should be HAVE_NBTOOL_CONFIG_H. Yes, except I think that whole stanza under HAVE_NBTOOL[S]_CONFIG_H is wrong and should be replaced by an _unconditional_ #include_next #include_next without any _NETBSD_SOURCE games (which the tools build should never play; we go out of our way to use _XOPEN_SOURCE=600 in compat_defs.h so that _NETBSD_SOURCE does not get used everywhere else in the tools build, in order to keep the tools build clean and portable).
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 11 15:01:11 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nvlist.c Log Message: libnv: Fix pointer/struct confusion in bounds check. No impact to NetBSD because the path where this bounds check matters is not used in NetBSD. Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45287 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/sys/external/bsd/libnv/dist/nvlist.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 11 15:01:11 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nvlist.c Log Message: libnv: Fix pointer/struct confusion in bounds check. No impact to NetBSD because the path where this bounds check matters is not used in NetBSD. Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45287 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/sys/external/bsd/libnv/dist/nvlist.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/external/bsd/libnv/dist/nvlist.c diff -u src/sys/external/bsd/libnv/dist/nvlist.c:1.10 src/sys/external/bsd/libnv/dist/nvlist.c:1.11 --- src/sys/external/bsd/libnv/dist/nvlist.c:1.10 Wed Sep 4 12:57:00 2024 +++ src/sys/external/bsd/libnv/dist/nvlist.c Wed Sep 11 15:01:11 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: nvlist.c,v 1.10 2024/09/04 12:57:00 riastradh Exp $ */ +/* $NetBSD: nvlist.c,v 1.11 2024/09/11 15:01:11 riastradh Exp $ */ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD @@ -36,7 +36,7 @@ #ifdef __FreeBSD__ __FBSDID("$FreeBSD: head/sys/contrib/libnv/nvlist.c 335347 2018-06-18 22:57:32Z oshogbo $"); #else -__RCSID("$NetBSD: nvlist.c,v 1.10 2024/09/04 12:57:00 riastradh Exp $"); +__RCSID("$NetBSD: nvlist.c,v 1.11 2024/09/11 15:01:11 riastradh Exp $"); #endif #include @@ -1074,7 +1074,7 @@ static bool nvlist_check_header(struct nvlist_header *nvlhdrp) { - if (nvlhdrp->nvlh_size > SIZE_MAX - sizeof(nvlhdrp)) { + if (nvlhdrp->nvlh_size > SIZE_MAX - sizeof(*nvlhdrp)) { ERRNO_SET(EINVAL); return (false); }
CVS commit: src/tests/lib/libm
Module Name:src Committed By: riastradh Date: Tue Sep 10 17:36:12 UTC 2024 Modified Files: src/tests/lib/libm: t_errhandling.c Log Message: libm/t_errhandling.c: Put __TEST_FENV before any #includes. This pattern avoids any potential problem with transitive inclusions of fenv.h. (No change here because nothing else this file includes transitively pulls in fenv.h, but being in the habit of doing it this way avoids a class of problems.) PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/tests/lib/libm/t_errhandling.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/lib/libm
Module Name:src Committed By: riastradh Date: Tue Sep 10 17:36:12 UTC 2024 Modified Files: src/tests/lib/libm: t_errhandling.c Log Message: libm/t_errhandling.c: Put __TEST_FENV before any #includes. This pattern avoids any potential problem with transitive inclusions of fenv.h. (No change here because nothing else this file includes transitively pulls in fenv.h, but being in the habit of doing it this way avoids a class of problems.) PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/tests/lib/libm/t_errhandling.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/tests/lib/libm/t_errhandling.c diff -u src/tests/lib/libm/t_errhandling.c:1.2 src/tests/lib/libm/t_errhandling.c:1.3 --- src/tests/lib/libm/t_errhandling.c:1.2 Mon Sep 9 17:03:08 2024 +++ src/tests/lib/libm/t_errhandling.c Tue Sep 10 17:36:12 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: t_errhandling.c,v 1.2 2024/09/09 17:03:08 jakllsch Exp $ */ +/* $NetBSD: t_errhandling.c,v 1.3 2024/09/10 17:36:12 riastradh Exp $ */ /*- * Copyright (c) 2024 The NetBSD Foundation, Inc. @@ -26,12 +26,13 @@ * POSSIBILITY OF SUCH DAMAGE. */ +#define __TEST_FENV + #include -__RCSID("$NetBSD: t_errhandling.c,v 1.2 2024/09/09 17:03:08 jakllsch Exp $"); +__RCSID("$NetBSD: t_errhandling.c,v 1.3 2024/09/10 17:36:12 riastradh Exp $"); #include #include -#define __TEST_FENV #include #include
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Tue Sep 10 17:11:19 UTC 2024 Modified Files: src/lib/libc/gen: readdir.c Log Message: readdir(3): Preserve errno on end-of-directory. PR pkg/57145: gmake: *** INTERNAL: readdir: Operation not supported. Stop. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/lib/libc/gen/readdir.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/readdir.c diff -u src/lib/libc/gen/readdir.c:1.26 src/lib/libc/gen/readdir.c:1.27 --- src/lib/libc/gen/readdir.c:1.26 Mon Jun 25 22:32:43 2012 +++ src/lib/libc/gen/readdir.c Tue Sep 10 17:11:19 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: readdir.c,v 1.26 2012/06/25 22:32:43 abs Exp $ */ +/* $NetBSD: readdir.c,v 1.27 2024/09/10 17:11:19 riastradh Exp $ */ /* * Copyright (c) 1983, 1993 @@ -34,7 +34,7 @@ #if 0 static char sccsid[] = "@(#)readdir.c 8.3 (Berkeley) 9/29/94"; #else -__RCSID("$NetBSD: readdir.c,v 1.26 2012/06/25 22:32:43 abs Exp $"); +__RCSID("$NetBSD: readdir.c,v 1.27 2024/09/10 17:11:19 riastradh Exp $"); #endif #endif /* LIBC_SCCS and not lint */ @@ -56,35 +56,50 @@ __RCSID("$NetBSD: readdir.c,v 1.26 2012/ struct dirent * _readdir_unlocked(DIR *dirp, int skipdeleted) { + const int saved_errno = errno; struct dirent *dp; for (;;) { if (dirp->dd_loc >= dirp->dd_size) { if (dirp->dd_flags & __DTF_READALL) -return (NULL); +break; dirp->dd_loc = 0; } if (dirp->dd_loc == 0 && !(dirp->dd_flags & __DTF_READALL)) { dirp->dd_seek = lseek(dirp->dd_fd, (off_t)0, SEEK_CUR); dirp->dd_size = getdents(dirp->dd_fd, dirp->dd_buf, (size_t)dirp->dd_len); - if (dirp->dd_size <= 0) -return (NULL); + if (dirp->dd_size == 0) /* end of directory */ +break; + if (dirp->dd_size == -1) /* getdents sets errno */ +return NULL; + if (dirp->dd_size < 0) { /* paranoia */ +errno = EIO; +return NULL; + } } dp = (struct dirent *) (void *)(dirp->dd_buf + (size_t)dirp->dd_loc); - if ((intptr_t)dp & _DIRENT_ALIGN(dp))/* bogus pointer check */ - return (NULL); + /* bogus pointer check */ + if ((intptr_t)dp & _DIRENT_ALIGN(dp)) { + errno = EIO; + return NULL; + } /* d_reclen is unsigned; no need to compare it <= 0 */ - if (dp->d_reclen > dirp->dd_len + 1 - dirp->dd_loc) - return (NULL); + if (dp->d_reclen > dirp->dd_len + 1 - dirp->dd_loc) { + errno = EIO; + return NULL; + } dirp->dd_loc += dp->d_reclen; if (dp->d_ino == 0 && skipdeleted) continue; if (dp->d_type == DT_WHT && (dirp->dd_flags & DTF_HIDEW)) continue; - return (dp); + return dp; } + + errno = saved_errno; + return NULL; } struct dirent *
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Tue Sep 10 17:11:19 UTC 2024 Modified Files: src/lib/libc/gen: readdir.c Log Message: readdir(3): Preserve errno on end-of-directory. PR pkg/57145: gmake: *** INTERNAL: readdir: Operation not supported. Stop. To generate a diff of this commit: cvs rdiff -u -r1.26 -r1.27 src/lib/libc/gen/readdir.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 18:17:14 UTC 2024 Modified Files: src/sys/sys: endian.h Log Message: sys/endian.h: Hide le32enc/be32enc/... under _NETBSD_SOURCE. These are non-standard extensions, so they should not be exposed by, e.g., _XOPEN_SOURCE=700. PR standards/57807: #include spuriously defines le32enc/be32enc/... under _XOPEN_SOURCE=700 To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/sys/sys/endian.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/sys/endian.h diff -u src/sys/sys/endian.h:1.33 src/sys/sys/endian.h:1.34 --- src/sys/sys/endian.h:1.33 Mon Sep 9 15:22:50 2024 +++ src/sys/sys/endian.h Mon Sep 9 18:17:14 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: endian.h,v 1.33 2024/09/09 15:22:50 riastradh Exp $ */ +/* $NetBSD: endian.h,v 1.34 2024/09/09 18:17:14 riastradh Exp $ */ /* * Copyright (c) 1987, 1991, 1993 @@ -192,6 +192,8 @@ __END_DECLS * to/from an octet stream. */ +#ifdef _NETBSD_SOURCE + #if __GNUC_PREREQ__(2, 95) #define __GEN_ENDIAN_ENC(bits, endian) \ @@ -337,6 +339,8 @@ le64dec(const void *buf) #endif /* GCC >= 2.95 */ +#endif /* _NETBSD_SOURCE */ + #endif /* !_LOCORE */ #endif /* _XOPEN_SOURCE || _NETBSD_SOURCE */ #endif /* !_SYS_ENDIAN_H_ */
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 18:17:14 UTC 2024 Modified Files: src/sys/sys: endian.h Log Message: sys/endian.h: Hide le32enc/be32enc/... under _NETBSD_SOURCE. These are non-standard extensions, so they should not be exposed by, e.g., _XOPEN_SOURCE=700. PR standards/57807: #include spuriously defines le32enc/be32enc/... under _XOPEN_SOURCE=700 To generate a diff of this commit: cvs rdiff -u -r1.33 -r1.34 src/sys/sys/endian.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:22:50 UTC 2024 Modified Files: src/sys/sys: endian.h Log Message: arpa/inet.h: Define htonl &c. under _POSIX_C_SOURCE >= 200112L too. These do not require _XOPEN_SOURCE as of POSIX 2001: https://pubs.opengroup.org/onlinepubs/009696799/functions/htonl.html XXX Since this change is actually sys/endian.h, in principle it might bleed into header files than just arpa/inet.h. But sys/endian.h is not used by anything that looks especially risky to me. PR standards/57806: #include fails to define htonl/htons/ntohl/ntohs under _POSIX_C_SOURCE=200809L To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/sys/sys/endian.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/sys/endian.h diff -u src/sys/sys/endian.h:1.32 src/sys/sys/endian.h:1.33 --- src/sys/sys/endian.h:1.32 Wed Jan 3 18:43:52 2024 +++ src/sys/sys/endian.h Mon Sep 9 15:22:50 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: endian.h,v 1.32 2024/01/03 18:43:52 christos Exp $ */ +/* $NetBSD: endian.h,v 1.33 2024/09/09 15:22:50 riastradh Exp $ */ /* * Copyright (c) 1987, 1991, 1993 @@ -45,7 +45,9 @@ #define _PDP_ENDIAN 3412 /* LSB first in word, MSW first in long */ -#if defined(_XOPEN_SOURCE) || defined(_NETBSD_SOURCE) +#if defined(_XOPEN_SOURCE) || \ +(_POSIX_C_SOURCE - 0) >= 200112L || \ +defined(_NETBSD_SOURCE) #ifndef _LOCORE /* C-family endian-ness definitions */ @@ -72,7 +74,7 @@ uint16_t ntohs(uint16_t) __constfunc; __END_DECLS #endif /* !_LOCORE */ -#endif /* _XOPEN_SOURCE || _NETBSD_SOURCE */ +#endif /* _XOPEN_SOURCE || _POSIX_C_SOURCE >= 200809L || _NETBSD_SOURCE */ #include
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:22:50 UTC 2024 Modified Files: src/sys/sys: endian.h Log Message: arpa/inet.h: Define htonl &c. under _POSIX_C_SOURCE >= 200112L too. These do not require _XOPEN_SOURCE as of POSIX 2001: https://pubs.opengroup.org/onlinepubs/009696799/functions/htonl.html XXX Since this change is actually sys/endian.h, in principle it might bleed into header files than just arpa/inet.h. But sys/endian.h is not used by anything that looks especially risky to me. PR standards/57806: #include fails to define htonl/htons/ntohl/ntohs under _POSIX_C_SOURCE=200809L To generate a diff of this commit: cvs rdiff -u -r1.32 -r1.33 src/sys/sys/endian.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/include
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:15:24 UTC 2024 Modified Files: src/include: stdlib.h Log Message: stdlib.h: Use same test for def. of lldiv_t as for decl. of lldiv(3). The !_ANSI_SOURCE conditional was a leftover from before we had _NETBSD_SOURCE in sys/featuretest.h already defined conditionally on !_ANSI_SOURCE. So just nix the !_ANSI_SOURCE part -- and while here, reorder and reformat the conditional around lldiv_t so it matches the conditional around lldiv(3) byte-for-byte, just to make it more obvious. PR standards/56402: Definition of lldiv_t with ANSI_SOURCE and POSIX_SOURCE To generate a diff of this commit: cvs rdiff -u -r1.125 -r1.126 src/include/stdlib.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/include/stdlib.h diff -u src/include/stdlib.h:1.125 src/include/stdlib.h:1.126 --- src/include/stdlib.h:1.125 Fri Oct 28 09:43:59 2022 +++ src/include/stdlib.h Mon Sep 9 15:15:24 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: stdlib.h,v 1.125 2022/10/28 09:43:59 wiz Exp $ */ +/* $NetBSD: stdlib.h,v 1.126 2024/09/09 15:15:24 riastradh Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -63,9 +63,8 @@ typedef struct { long rem; /* remainder */ } ldiv_t; -#if !defined(_ANSI_SOURCE) && \ -(defined(_ISOC99_SOURCE) || (__STDC_VERSION__ - 0) >= 199901L || \ - (__cplusplus - 0) >= 201103L || defined(_NETBSD_SOURCE)) +#if defined(_ISOC99_SOURCE) || (__STDC_VERSION__ - 0) >= 199901L || \ +defined(_NETBSD_SOURCE) || (__cplusplus - 0) >= 201103L typedef struct { /* LONGLONG */ long long int quot; /* quotient */
CVS commit: src/include
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:15:24 UTC 2024 Modified Files: src/include: stdlib.h Log Message: stdlib.h: Use same test for def. of lldiv_t as for decl. of lldiv(3). The !_ANSI_SOURCE conditional was a leftover from before we had _NETBSD_SOURCE in sys/featuretest.h already defined conditionally on !_ANSI_SOURCE. So just nix the !_ANSI_SOURCE part -- and while here, reorder and reformat the conditional around lldiv_t so it matches the conditional around lldiv(3) byte-for-byte, just to make it more obvious. PR standards/56402: Definition of lldiv_t with ANSI_SOURCE and POSIX_SOURCE To generate a diff of this commit: cvs rdiff -u -r1.125 -r1.126 src/include/stdlib.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/lib/libm
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:08:23 UTC 2024 Added Files: src/tests/lib/libm: t_errhandling.c Log Message: math.h: Add missing file for math_errhandling test. PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/tests/lib/libm/t_errhandling.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/lib/libm
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:08:23 UTC 2024 Added Files: src/tests/lib/libm: t_errhandling.c Log Message: math.h: Add missing file for math_errhandling test. PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r0 -r1.1 src/tests/lib/libm/t_errhandling.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Added files: Index: src/tests/lib/libm/t_errhandling.c diff -u /dev/null src/tests/lib/libm/t_errhandling.c:1.1 --- /dev/null Mon Sep 9 15:08:23 2024 +++ src/tests/lib/libm/t_errhandling.c Mon Sep 9 15:08:23 2024 @@ -0,0 +1,95 @@ +/* $NetBSD: t_errhandling.c,v 1.1 2024/09/09 15:08:23 riastradh Exp $ */ + +/*- + * Copyright (c) 2024 The NetBSD Foundation, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#include +__RCSID("$NetBSD: t_errhandling.c,v 1.1 2024/09/09 15:08:23 riastradh Exp $"); + +#include +#include +#include +#include + +ATF_TC(log); +ATF_TC_HEAD(log, tc) +{ + atf_tc_set_md_var(tc, "descr", "log of invalid"); +} +ATF_TC_BODY(log, tc) +{ + static const struct { +#ifdef __HAVE_FENV + double x; + int e; +#define C(x, e) { x, e } +#else + double x; +#define C(x, e) { x } +#endif + } cases[] = { + C(0, FE_DIVBYZERO), + C(-0., FE_DIVBYZERO), + C(-1, FE_INVALID), + C(-HUGE_VAL, FE_INVALID), + }; + volatile double y; +#ifdef __HAVE_FENV + int except; +#endif + unsigned i; + + for (i = 0; i < __arraycount(cases); i++) { + const volatile double x = cases[i].x; + +#ifdef __HAVE_FENV + feclearexcept(FE_ALL_EXCEPT); +#endif + errno = 0; + y = log(x); + if (math_errhandling & MATH_ERREXCEPT) { +#ifdef __HAVE_FENV + ATF_CHECK_MSG(((except = fetestexcept(FE_ALL_EXCEPT)) & +cases[i].e) != 0, + "expected=0x%x actual=0x%x", cases[i].e, except); +#else + atf_tc_fail_nonfatal("MATH_ERREXCEPT but no fenv.h"); +#endif + } + if (math_errhandling & MATH_ERRNO) + ATF_CHECK_EQ_MSG(errno, EDOM, "errno=%d", errno); + } + + __USE(y); +} + +ATF_TP_ADD_TCS(tp) +{ + + ATF_TP_ADD_TC(tp, log); + + return atf_no_error(); +}
CVS commit: src
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:06:29 UTC 2024 Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/include: math.h src/tests/lib/libm: Makefile Log Message: math.h: Add math_errhandling, MATH_ERRNO, MATH_ERREXCEPT. XXX Should maybe put a __math_errhandling in machine/math.h, but only VAX uses MATH_ERRNO and that's not likely to change any time soon, so this will serve for now with less churn. PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r1.447 -r1.448 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.1336 -r1.1337 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.71 -r1.72 src/include/math.h cvs rdiff -u -r1.49 -r1.50 src/tests/lib/libm/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/include
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:05:51 UTC 2024 Modified Files: src/include: math.h Log Message: math.h: Define FP_FAST_FMA, FP_FAST_FMAF, FP_FAST_FMAL. These are not strictly necessary to define, really, so we haven't exactly been nonconformant. But they tell programs when they can enable fast paths by using the fma(3) family of functions. PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r1.70 -r1.71 src/include/math.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:05:39 UTC 2024 Modified Files: src/sys/sys: featuretest.h Log Message: sys/featuretest.h: Define _POSIX_C_SOURCE according to _XOPEN_SOURCE. If _XOPEN_SOURCE is defined but _POSIX_C_SOURCE is not, there is a corresponding value of _POSIX_C_SOURCE that _XOPEN_SOURCE is supposed to be equivalent to. We could sprinkle conditionals for _XOPEN_SOURCE everywhere we already have conditionals for _POSIX_C_SOURCE, like in , but it's simpler and more reliable to simply define _POSIX_C_SOURCE based on _XOPEN_SOURCE in one place. PR standards/55577: locale_t not defined if _XOPEN_SOURCE is defined To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/sys/featuretest.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/sys/featuretest.h diff -u src/sys/sys/featuretest.h:1.12 src/sys/sys/featuretest.h:1.13 --- src/sys/sys/featuretest.h:1.12 Thu Aug 15 20:42:59 2024 +++ src/sys/sys/featuretest.h Mon Sep 9 15:05:39 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: featuretest.h,v 1.12 2024/08/15 20:42:59 riastradh Exp $ */ +/* $NetBSD: featuretest.h,v 1.13 2024/09/09 15:05:39 riastradh Exp $ */ /* * Written by Klaus Klein , February 2, 1998. @@ -92,3 +92,61 @@ !defined(_REENTRANT) #define _REENTRANT #endif + +/* + * The _XOPEN_SOURCE namespaces are supersets of corresponding + * _POSIX_C_SOURCE namespaces, so to keep the namespace tests in header + * files simpler, if _XOPEN_SOURCE is defined but _POSIX_C_SOURCE is + * not, define _POSIX_C_SOURCE to the corresponding value. + */ +#if defined(_XOPEN_SOURCE) && !defined(_POSIX_C_SOURCE) + +/* + * `[I]f _XOPEN_SOURCE is set equal to 800 and _POSIX_C_SOURCE is set + * equal to 202405L, the behavior is the same as if only _XOPEN_SOURCE + * is defined and set equal to 800. + * + * IEEE Std 1003.1-2024, 2.2.1.2 `The _XOPEN_SOURCE Feature Test Macro' + * https://pubs.opengroup.org/onlinepubs/9799919799.2024edition/functions/V2_chap02.html#tag_16_02_01_02 + */ +#if (_XOPEN_SOURCE - 0) == 800 +#define _POSIX_C_SOURCE 202405L + +/* + * `[I]f _XOPEN_SOURCE is set equal to 700 and _POSIX_C_SOURCE is set + * equal to 200809L, the behavior is the same as if only _XOPEN_SOURCE + * is defined and set equal to 700.' + * + * IEEE Std 1003.1-2008, 2.2.1 `POSIX.1 Symbols', subsection `The + * _XOPEN_SOURCE Feature Test Macro' + * https://pubs.opengroup.org/onlinepubs/9699919799.2018edition/functions/V2_chap02.html + */ +#elif (_XOPEN_SOURCE - 0) == 700 +#define _POSIX_C_SOURCE 200809L + +/* + * `[I]f _XOPEN_SOURCE is set equal to 600 and _POSIX_C_SOURCE is set + * equal to 200112L, the behavior is the same as if only _XOPEN_SOURCE + * is defined and set equal to 600.' + * + * IEEE Std 1003.1-2001, 2.2.1 `POSIX.1 Symbols', subsection `The + * _XOPEN_SOURCE Feature Test Macro' + * https://pubs.opengroup.org/onlinepubs/007904875/functions/xsh_chap02_02.html + */ +#elif (_XOPEN_SOURCE - 0) == 600 +#define _POSIX_C_SOURCE 200112L + +/* + * `[I]f _XOPEN_SOURCE is set equal to 500 and _POSIX_SOURCE is + * defined, or _POSIX_C_SOURCE is set greater than zero and less than + * or equal to 199506L, the behaviour is the same as if only + * _XOPEN_SOURCE is defined and set equal to 500.' + * + * Single UNIX Specification, Version 2, `The Compilation Environment' + * https://pubs.opengroup.org/onlinepubs/007908799/xsh/compilation.html + */ +#elif (_XOPEN_SOURCE - 0) == 500 +#define _POSIX_C_SOURCE 199506L +#endif + +#endif
CVS commit: src
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:06:29 UTC 2024 Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/include: math.h src/tests/lib/libm: Makefile Log Message: math.h: Add math_errhandling, MATH_ERRNO, MATH_ERREXCEPT. XXX Should maybe put a __math_errhandling in machine/math.h, but only VAX uses MATH_ERRNO and that's not likely to change any time soon, so this will serve for now with less churn. PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r1.447 -r1.448 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.1336 -r1.1337 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.71 -r1.72 src/include/math.h cvs rdiff -u -r1.49 -r1.50 src/tests/lib/libm/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/debug/mi diff -u src/distrib/sets/lists/debug/mi:1.447 src/distrib/sets/lists/debug/mi:1.448 --- src/distrib/sets/lists/debug/mi:1.447 Mon Sep 2 05:17:45 2024 +++ src/distrib/sets/lists/debug/mi Mon Sep 9 15:06:29 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.447 2024/09/02 05:17:45 ozaki-r Exp $ +# $NetBSD: mi,v 1.448 2024/09/09 15:06:29 riastradh Exp $ # ./etc/mtree/set.debug comp-sys-root ./usr/lib comp-sys-usr compatdir @@ -2321,6 +2321,7 @@ ./usr/libdata/debug/usr/tests/lib/libm/t_cos.debug tests-lib-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/lib/libm/t_cosh.debug tests-lib-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/lib/libm/t_erf.debug tests-lib-debug debug,atf,compattestfile +./usr/libdata/debug/usr/tests/lib/libm/t_errhandling.debug tests-lib-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/lib/libm/t_exp.debug tests-lib-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/lib/libm/t_fe_round.debug tests-lib-debug debug,atf,compattestfile ./usr/libdata/debug/usr/tests/lib/libm/t_fenv.debug tests-lib-debug debug,atf,compattestfile Index: src/distrib/sets/lists/tests/mi diff -u src/distrib/sets/lists/tests/mi:1.1336 src/distrib/sets/lists/tests/mi:1.1337 --- src/distrib/sets/lists/tests/mi:1.1336 Tue Sep 3 08:02:39 2024 +++ src/distrib/sets/lists/tests/mi Mon Sep 9 15:06:29 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1336 2024/09/03 08:02:39 ozaki-r Exp $ +# $NetBSD: mi,v 1.1337 2024/09/09 15:06:29 riastradh Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -3965,6 +3965,7 @@ ./usr/tests/lib/libm/t_costests-lib-tests compattestfile,atf ./usr/tests/lib/libm/t_coshtests-lib-tests compattestfile,atf ./usr/tests/lib/libm/t_erftests-lib-tests compattestfile,atf +./usr/tests/lib/libm/t_errhandling tests-lib-tests compattestfile,atf ./usr/tests/lib/libm/t_exptests-lib-tests compattestfile,atf ./usr/tests/lib/libm/t_fe_roundtests-lib-tests compattestfile,atf ./usr/tests/lib/libm/t_fenvtests-lib-tests compattestfile,atf Index: src/include/math.h diff -u src/include/math.h:1.71 src/include/math.h:1.72 --- src/include/math.h:1.71 Mon Sep 9 15:05:51 2024 +++ src/include/math.h Mon Sep 9 15:06:29 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: math.h,v 1.71 2024/09/09 15:05:51 riastradh Exp $ */ +/* $NetBSD: math.h,v 1.72 2024/09/09 15:06:29 riastradh Exp $ */ /* * @@ -21,13 +21,6 @@ #include #include -/* - * Missing for C99 support: - * - MATH_ERRNO - * - MATH_ERREXCEPT - * - math_errhandling - */ - union __float_u { unsigned char __dummy[sizeof(float)]; float __val; @@ -157,6 +150,15 @@ extern const union __float_u __nanf; #define FP_ILOGB0 INT_MIN #define FP_ILOGBNAN INT_MAX +/* 7.12#9 error handling (__math_errhandling from machine/math.h) */ +#define MATH_ERRNO 1 +#define MATH_ERREXCEPT 2 +#ifdef __vax__ /* XXX !__HAVE_FENV */ +#define math_errhandling MATH_ERRNO +#else +#define math_errhandling MATH_ERREXCEPT +#endif + #endif /* C99 || _XOPEN_SOURCE >= 600 */ /* Index: src/tests/lib/libm/Makefile diff -u src/tests/lib/libm/Makefile:1.49 src/tests/lib/libm/Makefile:1.50 --- src/tests/lib/libm/Makefile:1.49 Sun May 5 02:53:02 2024 +++ src/tests/lib/libm/Makefile Mon Sep 9 15:06:29 2024 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.49 2024/05/05 02:53:02 riastradh Exp $ +# $NetBSD: Makefile,v 1.50 2024/09/09 15:06:29 riastradh Exp $ .include @@ -25,6 +25,7 @@ TESTS_C+= t_ceil TESTS_C+= t_cos TESTS_C+= t_cosh TESTS_C+= t_erf +TESTS_C+= t_errhandling TESTS_C+= t_exp TESTS_C+= t_fenv TESTS_C+= t_fe_round
CVS commit: src/include
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:05:51 UTC 2024 Modified Files: src/include: math.h Log Message: math.h: Define FP_FAST_FMA, FP_FAST_FMAF, FP_FAST_FMAL. These are not strictly necessary to define, really, so we haven't exactly been nonconformant. But they tell programs when they can enable fast paths by using the fma(3) family of functions. PR standards/56234: missing C99 frobs in To generate a diff of this commit: cvs rdiff -u -r1.70 -r1.71 src/include/math.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/include/math.h diff -u src/include/math.h:1.70 src/include/math.h:1.71 --- src/include/math.h:1.70 Tue May 7 15:17:35 2024 +++ src/include/math.h Mon Sep 9 15:05:51 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: math.h,v 1.70 2024/05/07 15:17:35 riastradh Exp $ */ +/* $NetBSD: math.h,v 1.71 2024/09/09 15:05:51 riastradh Exp $ */ /* * @@ -25,9 +25,6 @@ * Missing for C99 support: * - MATH_ERRNO * - MATH_ERREXCEPT - * - FP_FAST_FMA - * - FP_FAST_FMAF - * - FP_FAST_FMAL * - math_errhandling */ @@ -143,6 +140,20 @@ extern const union __float_u __nanf; #define _FP_LOMD 0x80 /* range for machine-specific classes */ #define _FP_HIMD 0xff +/* 7.12#7 fast fma(3) feature test macros */ +#if __GNUC_PREREQ__(4, 4) +# ifdef __FP_FAST_FMA +#define FP_FAST_FMA 1 +# endif +# ifdef __FP_FAST_FMAF +#define FP_FAST_FMAF 1 +# endif +# ifdef __FP_FAST_FMAL +#define FP_FAST_FMAL 1 +# endif +#endif + +/* 7.12#8 ilogb exceptional input result value macros */ #define FP_ILOGB0 INT_MIN #define FP_ILOGBNAN INT_MAX
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 15:05:39 UTC 2024 Modified Files: src/sys/sys: featuretest.h Log Message: sys/featuretest.h: Define _POSIX_C_SOURCE according to _XOPEN_SOURCE. If _XOPEN_SOURCE is defined but _POSIX_C_SOURCE is not, there is a corresponding value of _POSIX_C_SOURCE that _XOPEN_SOURCE is supposed to be equivalent to. We could sprinkle conditionals for _XOPEN_SOURCE everywhere we already have conditionals for _POSIX_C_SOURCE, like in , but it's simpler and more reliable to simply define _POSIX_C_SOURCE based on _XOPEN_SOURCE in one place. PR standards/55577: locale_t not defined if _XOPEN_SOURCE is defined To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/sys/featuretest.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 12:01:16 UTC 2024 Modified Files: src/sys/sys: signal.h Log Message: signal.h: Fix namespacing for various SA_* constants. References: POSIX 2001 (items labeled XSI are restricted by _XOPEN_SOURCE): https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html POSIX 2008 (items no longer labeled XSI are available if _POSIX_C_SOURCE >= 200809L): https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/signal.h.html PR standards/55429: SA_RESTART not available if -D_POSIX_C_SOURCE=200809L To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/sys/sys/signal.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/sys/signal.h diff -u src/sys/sys/signal.h:1.75 src/sys/sys/signal.h:1.76 --- src/sys/sys/signal.h:1.75 Tue Nov 2 20:12:26 2021 +++ src/sys/sys/signal.h Mon Sep 9 12:01:16 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: signal.h,v 1.75 2021/11/02 20:12:26 christos Exp $ */ +/* $NetBSD: signal.h,v 1.76 2024/09/09 12:01:16 riastradh Exp $ */ /* * Copyright (c) 1982, 1986, 1989, 1991, 1993 @@ -215,17 +215,18 @@ struct sigaction { #endif #if (defined(_XOPEN_SOURCE) && defined(_XOPEN_SOURCE_EXTENDED)) || \ -(_XOPEN_SOURCE - 0) >= 500 || defined(_NETBSD_SOURCE) +(_XOPEN_SOURCE - 0) >= 500 || (_POSIX_C_SOURCE - 0) >= 200809L || \ +defined(_NETBSD_SOURCE) #define SA_ONSTACK 0x0001 /* take signal on signal stack */ #define SA_RESTART 0x0002 /* restart system call on signal return */ #define SA_RESETHAND 0x0004 /* reset to SIG_DFL when taking signal */ #define SA_NODEFER 0x0010 /* don't mask the signal we're delivering */ -#endif /* _XOPEN_SOURCE_EXTENDED || XOPEN_SOURCE >= 500 || _NETBSD_SOURCE */ +#endif /* _XOPEN_SOURCE_EXTENDED || _XOPEN_SOURCE >= 500 || _POSIX_C_SOURCE >= 200809L || _NETBSD_SOURCE */ /* Only valid for SIGCHLD. */ #define SA_NOCLDSTOP 0x0008 /* do not generate SIGCHLD on child stop */ -#define SA_NOCLDWAIT 0x0020 /* do not generate zombies on unwaited child */ #if (_POSIX_C_SOURCE - 0) >= 199309L || (_XOPEN_SOURCE - 0) >= 500 || \ defined(_NETBSD_SOURCE) +#define SA_NOCLDWAIT 0x0020 /* do not generate zombies on unwaited child */ #define SA_SIGINFO 0x0040 /* take sa_sigaction handler */ #endif /* (_POSIX_C_SOURCE - 0) >= 199309L || ... */ #if defined(_NETBSD_SOURCE)
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 12:01:16 UTC 2024 Modified Files: src/sys/sys: signal.h Log Message: signal.h: Fix namespacing for various SA_* constants. References: POSIX 2001 (items labeled XSI are restricted by _XOPEN_SOURCE): https://pubs.opengroup.org/onlinepubs/009695399/basedefs/signal.h.html POSIX 2008 (items no longer labeled XSI are available if _POSIX_C_SOURCE >= 200809L): https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/signal.h.html PR standards/55429: SA_RESTART not available if -D_POSIX_C_SOURCE=200809L To generate a diff of this commit: cvs rdiff -u -r1.75 -r1.76 src/sys/sys/signal.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/include
Module Name:src Committed By: riastradh Date: Mon Sep 9 12:01:01 UTC 2024 Modified Files: src/include: limits.h Log Message: limits.h: Define PTHREAD_STACK_MIN and tidy up comments. Define this to be 4096, which is (as far as I can tell) the smallest possible page size on any architecture NetBSD supports. This should be MIN_PAGE_SIZE instead, but I don't think that is exposed in any way that doesn't badly pollute the namespace. We should maybe have a __MIN_PAGE_SIZE defined in some header file exposed to userland. Of course, applications actually need to allocate at least sysconf(_SC_THREAD_STACK_MIN) = getpagesize() bytes, which may be larger than PTHREAD_STACK_MIN. The various feature flags (dates) like _POSIX_THREAD_ATTR_STACKADDR are defined (or not defined) by unistd.h, not by limits.h, so there's no value in mentioning them here -- and the comment is wrong about most of them (we have implemented _POSIX_THREAD_ATTR_STACKADDR, for example). PR standards/45435: PTHREAD_KEYS_MAX et al. missing in To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/include/limits.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/include/limits.h diff -u src/include/limits.h:1.44 src/include/limits.h:1.45 --- src/include/limits.h:1.44 Thu Aug 15 23:44:49 2024 +++ src/include/limits.h Mon Sep 9 12:01:01 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: limits.h,v 1.44 2024/08/15 23:44:49 riastradh Exp $ */ +/* $NetBSD: limits.h,v 1.45 2024/09/09 12:01:01 riastradh Exp $ */ /* * Copyright (c) 1988, 1993 @@ -61,35 +61,23 @@ #define _POSIX_SYMLOOP_MAX 8 /* - * We have not implemented these yet - * - * _POSIX_THREAD_ATTR_STACKADDR - * _POSIX_THREAD_ATTR_STACKSIZE - * _POSIX_THREAD_CPUTIME - * _POSIX_THREAD_PRIORITY_SCHEDULING - * _POSIX_THREAD_PRIO_INHERIT - * _POSIX_THREAD_PRIO_PROTECT - * _POSIX_THREAD_PROCESS_SHARED - * _POSIX_THREAD_SAFE_FUNCTIONS - * _POSIX_THREAD_SPORADIC_SERVER - */ - -/* - * The following 3 are defined in + * Exact minimum values prescribed by: * Open Group Base Specifications Issue 7 + * https://pubs.opengroup.org/onlinepubs/9699919799/basedefs/limits.h.html */ #define _POSIX_THREAD_DESTRUCTOR_ITERATIONS 4 #define _POSIX_THREAD_KEYS_MAX 128 #define _POSIX_THREAD_THREADS_MAX 64 /* - * These are the correct names, defined in terms of the above - * except for PTHREAD_KEYS_MAX which is bigger than standard - * mandated minimum value _POSIX_THREAD_KEYS_MAX. + * Actual values used by libpthread, defined in terms of the above + * except for PTHREAD_KEYS_MAX which is bigger than standard mandated + * minimum value _POSIX_THREAD_KEYS_MAX, and PTHREAD_STACK_MIN which + * doesn't have a defined name for the minimum value of zero. */ #define PTHREAD_DESTRUCTOR_ITERATIONS _POSIX_THREAD_DESTRUCTOR_ITERATIONS #define PTHREAD_KEYS_MAX 256 -/* Not yet: PTHREAD_STACK_MIN */ +#define PTHREAD_STACK_MIN 4096 /* XXX MIN_PAGE_SIZE */ #define PTHREAD_THREADS_MAX _POSIX_THREAD_THREADS_MAX #define _POSIX_TIMER_MAX 32
CVS commit: src/include
Module Name:src Committed By: riastradh Date: Mon Sep 9 12:01:01 UTC 2024 Modified Files: src/include: limits.h Log Message: limits.h: Define PTHREAD_STACK_MIN and tidy up comments. Define this to be 4096, which is (as far as I can tell) the smallest possible page size on any architecture NetBSD supports. This should be MIN_PAGE_SIZE instead, but I don't think that is exposed in any way that doesn't badly pollute the namespace. We should maybe have a __MIN_PAGE_SIZE defined in some header file exposed to userland. Of course, applications actually need to allocate at least sysconf(_SC_THREAD_STACK_MIN) = getpagesize() bytes, which may be larger than PTHREAD_STACK_MIN. The various feature flags (dates) like _POSIX_THREAD_ATTR_STACKADDR are defined (or not defined) by unistd.h, not by limits.h, so there's no value in mentioning them here -- and the comment is wrong about most of them (we have implemented _POSIX_THREAD_ATTR_STACKADDR, for example). PR standards/45435: PTHREAD_KEYS_MAX et al. missing in To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/include/limits.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: riastradh Date: Mon Sep 9 11:30:06 UTC 2024 Modified Files: src/distrib/sets/lists/comp: mi src/lib/libc/locale: Makefile.inc mbsrtowcs.3 wcsrtombs.3 Log Message: mbsnrtowcs(3), wcsnrtombs(3): Add man pages for these mouthfuls. Based on patch drafted by abhinav@, with a little additional tidying by me. PR standards/52343: wcsnrtombs missing man-page To generate a diff of this commit: cvs rdiff -u -r1.2472 -r1.2473 src/distrib/sets/lists/comp/mi cvs rdiff -u -r1.67 -r1.68 src/lib/libc/locale/Makefile.inc cvs rdiff -u -r1.12 -r1.13 src/lib/libc/locale/mbsrtowcs.3 cvs rdiff -u -r1.13 -r1.14 src/lib/libc/locale/wcsrtombs.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/comp/mi diff -u src/distrib/sets/lists/comp/mi:1.2472 src/distrib/sets/lists/comp/mi:1.2473 --- src/distrib/sets/lists/comp/mi:1.2472 Sun Aug 25 22:10:40 2024 +++ src/distrib/sets/lists/comp/mi Mon Sep 9 11:30:05 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.2472 2024/08/25 22:10:40 christos Exp $ +# $NetBSD: mi,v 1.2473 2024/09/09 11:30:05 riastradh Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. ./etc/mtree/set.compcomp-sys-root @@ -9213,6 +9213,7 @@ ./usr/share/man/cat3/mbrtoc8.0 comp-c-catman .cat ./usr/share/man/cat3/mbrtowc.0 comp-c-catman .cat ./usr/share/man/cat3/mbsinit.0 comp-c-catman .cat +./usr/share/man/cat3/mbsnrtowcs.0 comp-c-catman .cat ./usr/share/man/cat3/mbsrtowcs.0 comp-c-catman .cat ./usr/share/man/cat3/mbstowcs.0 comp-c-catman .cat ./usr/share/man/cat3/mbtowc.0 comp-c-catman .cat @@ -11286,6 +11287,7 @@ ./usr/share/man/cat3/wcsncmp.0 comp-c-catman .cat ./usr/share/man/cat3/wcsncpy.0 comp-c-catman .cat ./usr/share/man/cat3/wcsnlen.0 comp-c-catman .cat +./usr/share/man/cat3/wcsnrtombs.0 comp-c-catman .cat ./usr/share/man/cat3/wcspbrk.0 comp-c-catman .cat ./usr/share/man/cat3/wcsrchr.0 comp-c-catman .cat ./usr/share/man/cat3/wcsrtombs.0 comp-c-catman .cat @@ -17713,6 +17715,7 @@ ./usr/share/man/html3/mbrtoc8.html comp-c-htmlman html ./usr/share/man/html3/mbrtowc.html comp-c-htmlman html ./usr/share/man/html3/mbsinit.html comp-c-htmlman html +./usr/share/man/html3/mbsnrtowcs.html comp-c-htmlman html ./usr/share/man/html3/mbsrtowcs.html comp-c-htmlman html ./usr/share/man/html3/mbstowcs.html comp-c-htmlman html ./usr/share/man/html3/mbtowc.html comp-c-htmlman html @@ -19764,6 +19767,7 @@ ./usr/share/man/html3/wcsncmp.html comp-c-htmlman html ./usr/share/man/html3/wcsncpy.html comp-c-htmlman html ./usr/share/man/html3/wcsnlen.html comp-c-htmlman html +./usr/share/man/html3/wcsnrtombs.html comp-c-htmlman html ./usr/share/man/html3/wcspbrk.html comp-c-htmlman html ./usr/share/man/html3/wcsrchr.html comp-c-htmlman html ./usr/share/man/html3/wcsrtombs.html comp-c-htmlman html @@ -26220,6 +26224,7 @@ ./usr/share/man/man3/mbrtoc8.3 comp-c-man .man ./usr/share/man/man3/mbrtowc.3 comp-c-man .man ./usr/share/man/man3/mbsinit.3 comp-c-man .man +./usr/share/man/man3/mbsnrtowcs.3 comp-c-man .man ./usr/share/man/man3/mbsrtowcs.3 comp-c-man .man ./usr/share/man/man3/mbstowcs.3 comp-c-man .man ./usr/share/man/man3/mbtowc.3 comp-c-man .man @@ -28312,6 +28317,7 @@ ./usr/share/man/man3/wcsncmp.3 comp-c-man .man ./usr/share/man/man3/wcsncpy.3 comp-c-man .man ./usr/share/man/man3/wcsnlen.3 comp-c-man .man +./usr/share/man/man3/wcsnrtombs.3 comp-c-man .man ./usr/share/man/man3/wcspbrk.3 comp-c-man .man ./usr/share/man/man3/wcsrchr.3 comp-c-man .man ./usr/share/man/man3/wcsrtombs.3 comp-c-man .man Index: src/lib/libc/locale/Makefile.inc diff -u src/lib/libc/locale/Makefile.inc:1.67 src/lib/libc/locale/Makefile.inc:1.68 --- src/lib/libc/locale/Makefile.inc:1.67 Thu Aug 15 21:19:45 2024 +++ src/lib/libc/locale/Makefile.inc Mon Sep 9 11:30:05 2024 @@ -1,5 +1,5 @@ # from: @(#)Makefile.inc 5.1 (Berkeley) 2/18/91 -# $NetBSD: Makefile.inc,v 1.67 2024/08/15 21:19:45 riastradh Exp $ +# $NetBSD: Makefile.inc,v 1.68 2024/09/09 11:30:05 riastradh Exp $ # locale sources .PATH: ${ARCHDIR}/locale ${.CURDIR}/locale @@ -68,4 +68,7 @@ MLINKS+=wcstod.3 wcstof.3 wcstod.3 wcsto MLINKS+=wcstol.3 wcstoll.3 wcstol.3 wcstoimax.3 \ wcstol.3 wcstoul.3 wcstol.3 wcstoull.3 wcstol.3 wcstoumax.3 +MLINKS+=mbsrtowcs.3 mbsnrtowcs.3 +MLINKS+=wcsrtombs.3 wcsnrtombs.3 + COPTS.wcsftime.c = -Wno-format-nonliteral Index: src/lib/libc/locale/mbsrtowcs.3 diff -u src/lib/libc/locale/mbsrtowcs.3:1.12 src/lib/libc/locale/mbsrtowcs.3:1.13 --- src/lib/libc/locale/mbsrtowcs.3:1.12 Thu Dec 16 17:42:27 2010 +++ src/lib/libc/locale/mbsrtowcs.3 Mon Sep 9 11:30:05 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: mbsrtowcs.3,v 1.12 2010/12/16 17:42:27 wiz Exp $ +.\" $NetBSD: mbsrtowcs.3,v 1.13 2024/09/09 11:30:05 riastradh Exp $ .\" .\" Copyright (c)
CVS commit: src
Module Name:src Committed By: riastradh Date: Mon Sep 9 11:30:06 UTC 2024 Modified Files: src/distrib/sets/lists/comp: mi src/lib/libc/locale: Makefile.inc mbsrtowcs.3 wcsrtombs.3 Log Message: mbsnrtowcs(3), wcsnrtombs(3): Add man pages for these mouthfuls. Based on patch drafted by abhinav@, with a little additional tidying by me. PR standards/52343: wcsnrtombs missing man-page To generate a diff of this commit: cvs rdiff -u -r1.2472 -r1.2473 src/distrib/sets/lists/comp/mi cvs rdiff -u -r1.67 -r1.68 src/lib/libc/locale/Makefile.inc cvs rdiff -u -r1.12 -r1.13 src/lib/libc/locale/mbsrtowcs.3 cvs rdiff -u -r1.13 -r1.14 src/lib/libc/locale/wcsrtombs.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 01:20:20 UTC 2024 Modified Files: src/lib/libc/sys: select.2 Log Message: select(2): Cite standards conformance in man page. (Should we cite the earliest standard, or the most recent standard, if they're the same as far as anyone has noticed?) PR standards/4: the history and standards conformance of pselect(2) is not documented To generate a diff of this commit: cvs rdiff -u -r1.45 -r1.46 src/lib/libc/sys/select.2 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/sys/select.2 diff -u src/lib/libc/sys/select.2:1.45 src/lib/libc/sys/select.2:1.46 --- src/lib/libc/sys/select.2:1.45 Tue Aug 1 23:33:04 2023 +++ src/lib/libc/sys/select.2 Mon Sep 9 01:20:20 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: select.2,v 1.45 2023/08/01 23:33:04 gutteridge Exp $ +.\" $NetBSD: select.2,v 1.46 2024/09/09 01:20:20 riastradh Exp $ .\" .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. @@ -29,7 +29,7 @@ .\" .\" @(#)select.2 8.2 (Berkeley) 3/25/94 .\" -.Dd August 1, 2023 +.Dd September 9, 2024 .Dt SELECT 2 .Os .Sh NAME @@ -268,6 +268,21 @@ One of its components is negative or too .Xr send 2 , .Xr write 2 , .Xr getdtablesize 3 +.Sh STANDARDS +The +.Fn select +function, along with +.Fn FD_CLR , +.Fn FD_ISSET , +.Fn FD_SET , and +.Fn FD_ZERO , +conforms to +.St -xpg4.2 . +.Pp +The +.Fn pselect +function conforms to +.St -p1003.1-2004 . .Sh HISTORY The .Fn select
CVS commit: src/lib/libc/sys
Module Name:src Committed By: riastradh Date: Mon Sep 9 01:20:20 UTC 2024 Modified Files: src/lib/libc/sys: select.2 Log Message: select(2): Cite standards conformance in man page. (Should we cite the earliest standard, or the most recent standard, if they're the same as far as anyone has noticed?) PR standards/4: the history and standards conformance of pselect(2) is not documented To generate a diff of this commit: cvs rdiff -u -r1.45 -r1.46 src/lib/libc/sys/select.2 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/doc
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:26:46 UTC 2024 Modified Files: src/doc: 3RDPARTY Log Message: doc/3RDPARTY: mozilla-certdata is up-to-date. To generate a diff of this commit: cvs rdiff -u -r1.2039 -r1.2040 src/doc/3RDPARTY Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/3RDPARTY diff -u src/doc/3RDPARTY:1.2039 src/doc/3RDPARTY:1.2040 --- src/doc/3RDPARTY:1.2039 Sun Sep 8 15:11:48 2024 +++ src/doc/3RDPARTY Sun Sep 8 15:26:46 2024 @@ -1,4 +1,4 @@ -# $NetBSD: 3RDPARTY,v 1.2039 2024/09/08 15:11:48 riastradh Exp $ +# $NetBSD: 3RDPARTY,v 1.2040 2024/09/08 15:26:46 riastradh Exp $ # # This file contains a list of the software that has been integrated into # NetBSD where we are not the primary maintainer. @@ -2353,7 +2353,7 @@ Location: share/wscons/fonts Notes: Package: mozilla-certdata -Version: 2024-02-12 (a6efd358880291357a62d58586f9a218d47ad98b) +Version: 2024-08-23 (872bd5fefe12bc48a9c65e9ea7f189df243d835a) Current Vers: 2024-08-23 (872bd5fefe12bc48a9c65e9ea7f189df243d835a) Maintainer: Mozilla Archive Site: https://hg.mozilla.org/projects/nss/log/tip/lib/ckfw/builtins/certdata.txt
CVS commit: src/doc
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:26:46 UTC 2024 Modified Files: src/doc: 3RDPARTY Log Message: doc/3RDPARTY: mozilla-certdata is up-to-date. To generate a diff of this commit: cvs rdiff -u -r1.2039 -r1.2040 src/doc/3RDPARTY Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/distrib/sets/lists/base
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:25:09 UTC 2024 Modified Files: src/distrib/sets/lists/base: mi Log Message: mozilla-certdata: Update set lists. To generate a diff of this commit: cvs rdiff -u -r1.1350 -r1.1351 src/distrib/sets/lists/base/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/base/mi diff -u src/distrib/sets/lists/base/mi:1.1350 src/distrib/sets/lists/base/mi:1.1351 --- src/distrib/sets/lists/base/mi:1.1350 Mon Sep 2 05:17:45 2024 +++ src/distrib/sets/lists/base/mi Sun Sep 8 15:25:09 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1350 2024/09/02 05:17:45 ozaki-r Exp $ +# $NetBSD: mi,v 1.1351 2024/09/08 15:25:09 riastradh Exp $ # # Note: Don't delete entries from here - mark them as "obsolete" instead, # unless otherwise stated below. @@ -1963,6 +1963,7 @@ ./usr/share/certs/mozilla/all/Entrust_Root_Certification_Authority_-_G2.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Entrust_Root_Certification_Authority_-_G4.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Explicitly_Distrust_DigiNotar_Root_CA.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/GDCA_TrustAUTH_R5_ROOT.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/GLOBALTRUST_2020.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/GTS_Root_R1.pem base-mozcerts-share share @@ -2022,6 +2023,9 @@ ./usr/share/certs/mozilla/all/Sectigo_Public_Server_Authentication_Root_E46.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Sectigo_Public_Server_Authentication_Root_R46.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/SecureSign_RootCA11.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/SecureSign_Root_CA12.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/SecureSign_Root_CA14.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/SecureSign_Root_CA15.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/SecureTrust_CA.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Secure_Global_CA.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Security_Communication_ECC_RootCA1.pem base-mozcerts-share share @@ -2039,7 +2043,9 @@ ./usr/share/certs/mozilla/all/T-TeleSec_GlobalRoot_Class_2.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/T-TeleSec_GlobalRoot_Class_3.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/TUBITAK_Kamu_SM_SSL_Kok_Sertifikasi_-_Surum_1.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/TWCA_CYBER_Root_CA.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/TWCA_Global_Root_CA.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/TWCA_Global_Root_CA_G2.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/TWCA_Root_Certification_Authority.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Telekom_Security_SMIME_ECC_Root_2021.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/Telekom_Security_SMIME_RSA_Root_2023.pem base-mozcerts-share share @@ -2063,7 +2069,7 @@ ./usr/share/certs/mozilla/all/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem base-obsolete obsolete ./usr/share/certs/mozilla/all/Verisign_Class_2_Public_Primary_Certification_Authority_-_G3.pem base-obsolete obsolete ./usr/share/certs/mozilla/all/XRamp_Global_CA_Root.pem base-mozcerts-share share -./usr/share/certs/mozilla/all/certSIGN_ROOT_CA.pem base-mozcerts-share share +./usr/share/certs/mozilla/all/certSIGN_ROOT_CA.pem base-obsolete obsolete ./usr/share/certs/mozilla/all/certSIGN_Root_CA_G2.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/e-Szigno_Root_CA_2017.pem base-mozcerts-share share ./usr/share/certs/mozilla/all/ePKI_Root_Certification_Authority.pem base-mozcerts-share share @@ -2075,7 +2081,7 @@ ./usr/share/certs/mozilla/all/vTrus_Root_CA.pem base-mozcerts-share share ./usr/share/certs/mozilla/code base-mozcerts-share share ./usr/share/certs/mozilla/email base-mozcerts-share share -./usr/share/certs/mozilla/email/ACCVRAIZ1.pem base-mozcerts-share share +./usr/share/certs/mozilla/email/ACCVRAIZ1.pem base-obsolete obsolete ./usr/share/certs/mozilla/email/Actalis_Authentication_Root_CA.pem base-mozcerts-share share ./usr/share/certs/mozilla/email/Amazon_Root_CA_1.pem base-mozcerts-share share ./usr/share/certs/mozilla/email/Amazon_Root_CA_2.pem base-mozcerts-share share @@ -2121,7 +2127,7 @@ ./usr/share/certs/mozilla/email/Entrust_Root_Certification_Authority_-_EC1.pem base-mozcerts-share share ./usr/share/certs/mozilla/email/Entrust_Root_Certification_Authority_-_G2.pem base-mozcerts-share share ./usr/share/certs/mozilla/email/Entrust_Root_Certification_Authority_-_G4.pem base-mozcerts-share share -./usr/share/certs/mozilla/email/GLOBALTRUST_2020.pem base
CVS commit: src/distrib/sets/lists/base
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:25:09 UTC 2024 Modified Files: src/distrib/sets/lists/base: mi Log Message: mozilla-certdata: Update set lists. To generate a diff of this commit: cvs rdiff -u -r1.1350 -r1.1351 src/distrib/sets/lists/base/mi Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/mozilla-certdata/share
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:24:37 UTC 2024 Modified Files: src/external/mpl/mozilla-certdata/share: email.trust server.trust Added Files: src/external/mpl/mozilla-certdata/share/certs: FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem SecureSign_Root_CA12.pem SecureSign_Root_CA14.pem SecureSign_Root_CA15.pem TWCA_CYBER_Root_CA.pem TWCA_Global_Root_CA_G2.pem Log Message: mozilla-certdata: regen To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/mpl/mozilla-certdata/share/email.trust \ src/external/mpl/mozilla-certdata/share/server.trust cvs rdiff -u -r0 -r1.1 \ src/external/mpl/mozilla-certdata/share/certs/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem \ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA12.pem \ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA14.pem \ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA15.pem \ src/external/mpl/mozilla-certdata/share/certs/TWCA_CYBER_Root_CA.pem \ src/external/mpl/mozilla-certdata/share/certs/TWCA_Global_Root_CA_G2.pem Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/mpl/mozilla-certdata/share/email.trust diff -u src/external/mpl/mozilla-certdata/share/email.trust:1.2 src/external/mpl/mozilla-certdata/share/email.trust:1.3 --- src/external/mpl/mozilla-certdata/share/email.trust:1.2 Sun Mar 3 04:26:19 2024 +++ src/external/mpl/mozilla-certdata/share/email.trust Sun Sep 8 15:24:37 2024 @@ -19,7 +19,6 @@ COMODO_ECC_Certification_Authority OISTE_WISeKey_Global_Root_GA_CA Certigna ePKI_Root_Certification_Authority -certSIGN_ROOT_CA NetLock_Arany_Class_Gold Microsec_e-Szigno_Root_CA_2009 GlobalSign_Root_CA_-_R3 @@ -28,7 +27,6 @@ TWCA_Root_Certification_Authority Security_Communication_RootCA2 Actalis_Authentication_Root_CA CA_Disig_Root_R2 -ACCVRAIZ1 TWCA_Global_Root_CA TeliaSonera_Root_CA_v1 T-TeleSec_GlobalRoot_Class_2 @@ -75,7 +73,6 @@ Trustwave_Global_ECC_P256_Certification_ Trustwave_Global_ECC_P384_Certification_Authority GlobalSign_Secure_Mail_Root_R45 GlobalSign_Secure_Mail_Root_E45 -GLOBALTRUST_2020 Certum_EC-384_CA Certum_Trusted_Root_CA HARICA_Client_RSA_Root_CA_2021 @@ -107,3 +104,4 @@ D-Trust_SBR_Root_CA_1_2022 D-Trust_SBR_Root_CA_2_2022 Telekom_Security_SMIME_ECC_Root_2021 Telekom_Security_SMIME_RSA_Root_2023 +TWCA_Global_Root_CA_G2 Index: src/external/mpl/mozilla-certdata/share/server.trust diff -u src/external/mpl/mozilla-certdata/share/server.trust:1.2 src/external/mpl/mozilla-certdata/share/server.trust:1.3 --- src/external/mpl/mozilla-certdata/share/server.trust:1.2 Sun Mar 3 04:26:19 2024 +++ src/external/mpl/mozilla-certdata/share/server.trust Sun Sep 8 15:24:37 2024 @@ -102,7 +102,6 @@ NAVER_Global_Root_Certification_Authorit AC_RAIZ_FNMT-RCM_SERVIDORES_SEGUROS GlobalSign_Root_R46 GlobalSign_Root_E46 -GLOBALTRUST_2020 ANF_Secure_Server_Root_CA Certum_EC-384_CA Certum_Trusted_Root_CA @@ -144,3 +143,8 @@ CommScope_Public_Trust_RSA_Root-01 CommScope_Public_Trust_RSA_Root-02 Telekom_Security_TLS_ECC_Root_2020 Telekom_Security_TLS_RSA_Root_2023 +FIRMAPROFESIONAL_CA_ROOT-A_WEB +TWCA_CYBER_Root_CA +SecureSign_Root_CA12 +SecureSign_Root_CA14 +SecureSign_Root_CA15 Added files: Index: src/external/mpl/mozilla-certdata/share/certs/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem diff -u /dev/null src/external/mpl/mozilla-certdata/share/certs/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem:1.1 --- /dev/null Sun Sep 8 15:24:37 2024 +++ src/external/mpl/mozilla-certdata/share/certs/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem Sun Sep 8 15:24:36 2024 @@ -0,0 +1,16 @@ +-BEGIN CERTIFICATE- +MIICejCCAgCgAwIBAgIQMZch7a+JQn81QYehZ1ZMbTAKBggqhkjOPQQDAzBuMQsw +CQYDVQQGEwJFUzEcMBoGA1UECgwTRmlybWFwcm9mZXNpb25hbCBTQTEYMBYGA1UE +YQwPVkFURVMtQTYyNjM0MDY4MScwJQYDVQQDDB5GSVJNQVBST0ZFU0lPTkFMIENB +IFJPT1QtQSBXRUIwHhcNMjIwNDA2MDkwMTM2WhcNNDcwMzMxMDkwMTM2WjBuMQsw +CQYDVQQGEwJFUzEcMBoGA1UECgwTRmlybWFwcm9mZXNpb25hbCBTQTEYMBYGA1UE +YQwPVkFURVMtQTYyNjM0MDY4MScwJQYDVQQDDB5GSVJNQVBST0ZFU0lPTkFMIENB +IFJPT1QtQSBXRUIwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAARHU+osEaR3xyrq89Zf +e9MEkVz6iMYiuYMQYneEMy3pA4jU4DP37XcsSmDq5G+tbbT4TIqk5B/K6k84Si6C +cyvHZpsKjECcfIr28jlgst7L7Ljkb+qbXbdTkBgyVcUgt5SjYzBhMA8GA1UdEwEB +/wQFMAMBAf8wHwYDVR0jBBgwFoAUk+FDY1w8ndYn81LsF7Kpryz3dvgwHQYDVR0O +BBYEFJPhQ2NcPJ3WJ/NS7Beyqa8s93b4MA4GA1UdDwEB/wQEAwIBBjAKBggqhkjO +PQQDAwNoADBlAjAdfKR7w4l1M+E7qUW/Runpod3JIha3RxEL2Jq68cgLcFBTApFw +hVmpHqTm6iMxoAACMQD94vizrxa5HnPEluPBMBnYfubDl94cT7iJLzPrSA8Z94dG +XSaQpYXFuXqUPoeovQA= +-END CERTIFICATE- Index: src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA12.pem diff -u /dev/null src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA12.pem:1.1 --- /dev/null Sun Sep 8 15:24:37 2024 +++ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA12.pem Sun Sep 8 15:24:36 2024
CVS commit: src/external/mpl/mozilla-certdata/share
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:24:37 UTC 2024 Modified Files: src/external/mpl/mozilla-certdata/share: email.trust server.trust Added Files: src/external/mpl/mozilla-certdata/share/certs: FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem SecureSign_Root_CA12.pem SecureSign_Root_CA14.pem SecureSign_Root_CA15.pem TWCA_CYBER_Root_CA.pem TWCA_Global_Root_CA_G2.pem Log Message: mozilla-certdata: regen To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 src/external/mpl/mozilla-certdata/share/email.trust \ src/external/mpl/mozilla-certdata/share/server.trust cvs rdiff -u -r0 -r1.1 \ src/external/mpl/mozilla-certdata/share/certs/FIRMAPROFESIONAL_CA_ROOT-A_WEB.pem \ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA12.pem \ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA14.pem \ src/external/mpl/mozilla-certdata/share/certs/SecureSign_Root_CA15.pem \ src/external/mpl/mozilla-certdata/share/certs/TWCA_CYBER_Root_CA.pem \ src/external/mpl/mozilla-certdata/share/certs/TWCA_Global_Root_CA_G2.pem Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/external/mpl/mozilla-certdata/share
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:23:55 UTC 2024 Modified Files: src/external/mpl/mozilla-certdata/share: Makefile Log Message: mozilla-certdata: Update reference in Makefile. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/mpl/mozilla-certdata/share/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/external/mpl/mozilla-certdata/share/Makefile diff -u src/external/mpl/mozilla-certdata/share/Makefile:1.4 src/external/mpl/mozilla-certdata/share/Makefile:1.5 --- src/external/mpl/mozilla-certdata/share/Makefile:1.4 Sun Mar 3 04:24:41 2024 +++ src/external/mpl/mozilla-certdata/share/Makefile Sun Sep 8 15:23:55 2024 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.4 2024/03/03 04:24:41 riastradh Exp $ +# $NetBSD: Makefile,v 1.5 2024/09/08 15:23:55 riastradh Exp $ # MOZCERTS= /usr/share/certs/mozilla @@ -57,9 +57,9 @@ SYMLINKS+= ../all/$C.pem ${MOZCERTS}/$D/ # any new files and cvs rm any deleted files under certs/, # and commit certs/ and *.trust. # -# Latest revision, from 2024-02-12: +# Latest revision, from 2024-08-23: # -# https://hg.mozilla.org/projects/nss/raw-file/c17a3709bdd6e706040ac268a1d2b488c2fab5d8/lib/ckfw/builtins/certdata.txt +# https://hg.mozilla.org/projects/nss/raw-file/872bd5fefe12bc48a9c65e9ea7f189df243d835a/lib/ckfw/builtins/certdata.txt # regen: .PHONY rm -f certs/*.pem
CVS commit: src/external/mpl/mozilla-certdata/share
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:23:55 UTC 2024 Modified Files: src/external/mpl/mozilla-certdata/share: Makefile Log Message: mozilla-certdata: Update reference in Makefile. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.5 src/external/mpl/mozilla-certdata/share/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS import: src/external/mpl/mozilla-certdata/dist
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:21:50 UTC 2024 Update of /cvsroot/src/external/mpl/mozilla-certdata/dist In directory ivanova.netbsd.org:/tmp/cvs-serv19721 Log Message: mozilla-certdata: Update Mozilla certdata.txt. nss hg date: 2024-08-23 nss hg revision: 872bd5fefe12bc48a9c65e9ea7f189df243d835a Status: Vendor Tag: MOZILLA-CERTDATA Release Tags: mozilla-certdata-20240823 U src/external/mpl/mozilla-certdata/dist/certdata.txt No conflicts created by this import
CVS import: src/external/mpl/mozilla-certdata/dist
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:21:50 UTC 2024 Update of /cvsroot/src/external/mpl/mozilla-certdata/dist In directory ivanova.netbsd.org:/tmp/cvs-serv19721 Log Message: mozilla-certdata: Update Mozilla certdata.txt. nss hg date: 2024-08-23 nss hg revision: 872bd5fefe12bc48a9c65e9ea7f189df243d835a Status: Vendor Tag: MOZILLA-CERTDATA Release Tags: mozilla-certdata-20240823 U src/external/mpl/mozilla-certdata/dist/certdata.txt No conflicts created by this import
CVS commit: src/doc
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:11:49 UTC 2024 Modified Files: src/doc: 3RDPARTY Log Message: doc/3RDPARTY: Fix mozilla-certdata date and revision. Use the nss revision, not the mozilla-central revision, for consistency. To generate a diff of this commit: cvs rdiff -u -r1.2038 -r1.2039 src/doc/3RDPARTY Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/3RDPARTY diff -u src/doc/3RDPARTY:1.2038 src/doc/3RDPARTY:1.2039 --- src/doc/3RDPARTY:1.2038 Sun Sep 8 13:11:59 2024 +++ src/doc/3RDPARTY Sun Sep 8 15:11:48 2024 @@ -1,4 +1,4 @@ -# $NetBSD: 3RDPARTY,v 1.2038 2024/09/08 13:11:59 christos Exp $ +# $NetBSD: 3RDPARTY,v 1.2039 2024/09/08 15:11:48 riastradh Exp $ # # This file contains a list of the software that has been integrated into # NetBSD where we are not the primary maintainer. @@ -2354,11 +2354,11 @@ Notes: Package: mozilla-certdata Version: 2024-02-12 (a6efd358880291357a62d58586f9a218d47ad98b) -Current Vers: 2024-08-27 (9727cd2f7983d01cc4fd3b5ef21b72fc8f6a052a) +Current Vers: 2024-08-23 (872bd5fefe12bc48a9c65e9ea7f189df243d835a) Maintainer: Mozilla Archive Site: https://hg.mozilla.org/projects/nss/log/tip/lib/ckfw/builtins/certdata.txt Home Page: https://wiki.mozilla.org/CA -Date: 2024-08-27 +Date: 2024-08-23 Mailing List: License: MPL Responsible: riastradh, security-team
CVS commit: src/doc
Module Name:src Committed By: riastradh Date: Sun Sep 8 15:11:49 UTC 2024 Modified Files: src/doc: 3RDPARTY Log Message: doc/3RDPARTY: Fix mozilla-certdata date and revision. Use the nss revision, not the mozilla-central revision, for consistency. To generate a diff of this commit: cvs rdiff -u -r1.2038 -r1.2039 src/doc/3RDPARTY Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 4 12:57:10 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nvpair.c Log Message: libnv: Check for NUL within bounds when unpacking string arrays. This avoids buffer overrun in the subsequent nv_strdup, which can be triggered by root at securelevel 1 via ioctl(IOC_NPF_*) on /dev/npf. Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45288 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/external/bsd/libnv/dist/nvpair.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/external/bsd/libnv/dist/nvpair.c diff -u src/sys/external/bsd/libnv/dist/nvpair.c:1.12 src/sys/external/bsd/libnv/dist/nvpair.c:1.13 --- src/sys/external/bsd/libnv/dist/nvpair.c:1.12 Wed Sep 4 12:57:00 2024 +++ src/sys/external/bsd/libnv/dist/nvpair.c Wed Sep 4 12:57:10 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: nvpair.c,v 1.12 2024/09/04 12:57:00 riastradh Exp $ */ +/* $NetBSD: nvpair.c,v 1.13 2024/09/04 12:57:10 riastradh Exp $ */ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD @@ -36,7 +36,7 @@ #ifdef __FreeBSD__ __FBSDID("$FreeBSD: head/sys/contrib/libnv/nvpair.c 335382 2018-06-19 18:43:02Z lwhsu $"); #else -__RCSID("$NetBSD: nvpair.c,v 1.12 2024/09/04 12:57:00 riastradh Exp $"); +__RCSID("$NetBSD: nvpair.c,v 1.13 2024/09/04 12:57:10 riastradh Exp $"); #endif #include @@ -1008,6 +1008,10 @@ nvpair_unpack_string_array(bool isbe __u for (ii = 0; ii < nvp->nvp_nitems; ii++) { len = strnlen(tmp, size - 1) + 1; size -= len; + if (tmp[len - 1] != '\0') { + ERRNO_SET(EINVAL); + return (NULL); + } if (size < 0) { ERRNO_SET(EINVAL); return (NULL);
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 4 12:57:10 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nvpair.c Log Message: libnv: Check for NUL within bounds when unpacking string arrays. This avoids buffer overrun in the subsequent nv_strdup, which can be triggered by root at securelevel 1 via ioctl(IOC_NPF_*) on /dev/npf. Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45288 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/external/bsd/libnv/dist/nvpair.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 4 12:57:00 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nv_kern_netbsd.c nvlist.c nvpair.c Log Message: libnv: Avoid arithmetic overflow in array allocation. 1. Teach nv_calloc and nv_strdup to detect arithmetic overflow. 2. Convert nv_malloc(sizeof(...) * N) to nv_calloc(N, sizeof(...)). I reviewed all the remaining nv_malloc calls, because some of them have the multiplication separated from the nv_malloc call. Of the remaining callers: - nv_calloc (now) checks for overflow - nv_strdup (now) checks for overflow - nvlist_create uses a fixed sizeof(...) without arithmetic - nvlist_xpack doesn't directly check bounds, but as long as the wire format is smaller than the in-memory size, that's not a problem - nvlist_recv checks for sizeof(nvlhdr) + nvlhdr.nvlh_size overflow - nvpair_unpack_binary uses nvp->nvp_datasize without arithmetic - nvpair_unpack_bool_array checks for unsigned overflow - nvpair_unpack_number_array checks for unsigned overflow - nvpair_unpack_descriptor_array checks for unsigned overflow - nvpair_create_binary uses caller-supplied size without arithmetic Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45287 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c cvs rdiff -u -r1.9 -r1.10 src/sys/external/bsd/libnv/dist/nvlist.c cvs rdiff -u -r1.11 -r1.12 src/sys/external/bsd/libnv/dist/nvpair.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 4 12:57:00 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nv_kern_netbsd.c nvlist.c nvpair.c Log Message: libnv: Avoid arithmetic overflow in array allocation. 1. Teach nv_calloc and nv_strdup to detect arithmetic overflow. 2. Convert nv_malloc(sizeof(...) * N) to nv_calloc(N, sizeof(...)). I reviewed all the remaining nv_malloc calls, because some of them have the multiplication separated from the nv_malloc call. Of the remaining callers: - nv_calloc (now) checks for overflow - nv_strdup (now) checks for overflow - nvlist_create uses a fixed sizeof(...) without arithmetic - nvlist_xpack doesn't directly check bounds, but as long as the wire format is smaller than the in-memory size, that's not a problem - nvlist_recv checks for sizeof(nvlhdr) + nvlhdr.nvlh_size overflow - nvpair_unpack_binary uses nvp->nvp_datasize without arithmetic - nvpair_unpack_bool_array checks for unsigned overflow - nvpair_unpack_number_array checks for unsigned overflow - nvpair_unpack_descriptor_array checks for unsigned overflow - nvpair_create_binary uses caller-supplied size without arithmetic Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45287 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c cvs rdiff -u -r1.9 -r1.10 src/sys/external/bsd/libnv/dist/nvlist.c cvs rdiff -u -r1.11 -r1.12 src/sys/external/bsd/libnv/dist/nvpair.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c diff -u src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c:1.6 src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c:1.7 --- src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c:1.6 Tue Oct 16 13:18:25 2018 +++ src/sys/external/bsd/libnv/dist/nv_kern_netbsd.c Wed Sep 4 12:57:00 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: nv_kern_netbsd.c,v 1.6 2018/10/16 13:18:25 maxv Exp $ */ +/* $NetBSD: nv_kern_netbsd.c,v 1.7 2024/09/04 12:57:00 riastradh Exp $ */ /*- * Copyright (c) 2018 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__RCSID("$NetBSD: nv_kern_netbsd.c,v 1.6 2018/10/16 13:18:25 maxv Exp $"); +__RCSID("$NetBSD: nv_kern_netbsd.c,v 1.7 2024/09/04 12:57:00 riastradh Exp $"); #if !defined(_KERNEL) && !defined(_STANDALONE) #include @@ -209,10 +209,14 @@ nvlist_recv_ioctl(int fd, unsigned long #endif void * -nv_calloc(size_t n, size_t s) +nv_calloc(size_t nelem, size_t elemsize) { - const size_t len = n * s; - void *buf = nv_malloc(len); + + if (nelem > SIZE_MAX/elemsize) + return NULL; + + const size_t len = nelem * elemsize; + void *const buf = nv_malloc(len); if (buf == NULL) return NULL; memset(buf, 0, len); @@ -222,9 +226,13 @@ nv_calloc(size_t n, size_t s) char * nv_strdup(const char *s1) { - size_t len = strlen(s1) + 1; + size_t len = strlen(s1); char *s2; + if (len == SIZE_MAX) + return NULL; + len += 1; /* NUL terminator */ + s2 = nv_malloc(len); if (s2) { memcpy(s2, s1, len); Index: src/sys/external/bsd/libnv/dist/nvlist.c diff -u src/sys/external/bsd/libnv/dist/nvlist.c:1.9 src/sys/external/bsd/libnv/dist/nvlist.c:1.10 --- src/sys/external/bsd/libnv/dist/nvlist.c:1.9 Wed Sep 4 12:56:47 2024 +++ src/sys/external/bsd/libnv/dist/nvlist.c Wed Sep 4 12:57:00 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: nvlist.c,v 1.9 2024/09/04 12:56:47 riastradh Exp $ */ +/* $NetBSD: nvlist.c,v 1.10 2024/09/04 12:57:00 riastradh Exp $ */ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD @@ -36,7 +36,7 @@ #ifdef __FreeBSD__ __FBSDID("$FreeBSD: head/sys/contrib/libnv/nvlist.c 335347 2018-06-18 22:57:32Z oshogbo $"); #else -__RCSID("$NetBSD: nvlist.c,v 1.9 2024/09/04 12:56:47 riastradh Exp $"); +__RCSID("$NetBSD: nvlist.c,v 1.10 2024/09/04 12:57:00 riastradh Exp $"); #endif #include @@ -803,7 +803,7 @@ nvlist_descriptors(const nvlist_t *nvl, int *fds; nitems = nvlist_ndescriptors(nvl); - fds = nv_malloc(sizeof(fds[0]) * (nitems + 1)); + fds = nv_calloc(nitems + 1, sizeof(fds[0])); if (fds == NULL) return (NULL); if (nitems > 0) @@ -1351,7 +1351,7 @@ nvlist_recv(int sock, int flags) goto out; if (nfds > 0) { - fds = nv_malloc(nfds * sizeof(fds[0])); + fds = nv_calloc(nfds, sizeof(fds[0])); if (fds == NULL) goto out; if (fd_recv(sock, fds, nfds) == -1) Index: src/sys/external/bsd/libnv/dist/nvpair.c diff -u src/sys/external/bsd/libnv/dist/nvpair.c:1.11 src/sys/external/bsd/libnv/dist/nvpair.c:1.12 --- src/sys/external/bsd/libnv/dist/nvpair.c:1.11 Wed Jul 24 14:25:56 2019 +++ src/sys/external/bsd/libnv/dist/nvpair.c Wed Sep 4 12:57:00 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: nvpair.c,v 1.11 2019/07/24 14:25:56 martin Exp $ */ +/* $NetBSD: nvpair.c,v 1.12 2024/09/04 12:57:00 riastradh Exp $ */ /*- * SPDX-License-I
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 4 12:56:47 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nvlist.c Log Message: libnv: Refuse nonsensically large header size in nvlist_check_header. This avoids potential integer overflow in nvlist_recv, which is not used in NetBSD. The only other user of nvlist_check_header is nvlist_unpack_header, which verifies the header sizes matches the framing and so is not affected by integer overflow. Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45287 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/sys/external/bsd/libnv/dist/nvlist.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/external/bsd/libnv/dist/nvlist.c diff -u src/sys/external/bsd/libnv/dist/nvlist.c:1.8 src/sys/external/bsd/libnv/dist/nvlist.c:1.9 --- src/sys/external/bsd/libnv/dist/nvlist.c:1.8 Tue Jul 23 00:49:16 2019 +++ src/sys/external/bsd/libnv/dist/nvlist.c Wed Sep 4 12:56:47 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: nvlist.c,v 1.8 2019/07/23 00:49:16 rmind Exp $ */ +/* $NetBSD: nvlist.c,v 1.9 2024/09/04 12:56:47 riastradh Exp $ */ /*- * SPDX-License-Identifier: BSD-2-Clause-FreeBSD @@ -36,7 +36,7 @@ #ifdef __FreeBSD__ __FBSDID("$FreeBSD: head/sys/contrib/libnv/nvlist.c 335347 2018-06-18 22:57:32Z oshogbo $"); #else -__RCSID("$NetBSD: nvlist.c,v 1.8 2019/07/23 00:49:16 rmind Exp $"); +__RCSID("$NetBSD: nvlist.c,v 1.9 2024/09/04 12:56:47 riastradh Exp $"); #endif #include @@ -1074,6 +1074,10 @@ static bool nvlist_check_header(struct nvlist_header *nvlhdrp) { + if (nvlhdrp->nvlh_size > SIZE_MAX - sizeof(nvlhdrp)) { + ERRNO_SET(EINVAL); + return (false); + } if (nvlhdrp->nvlh_magic != NVLIST_HEADER_MAGIC) { ERRNO_SET(EINVAL); return (false);
CVS commit: src/sys/external/bsd/libnv/dist
Module Name:src Committed By: riastradh Date: Wed Sep 4 12:56:47 UTC 2024 Modified Files: src/sys/external/bsd/libnv/dist: nvlist.c Log Message: libnv: Refuse nonsensically large header size in nvlist_check_header. This avoids potential integer overflow in nvlist_recv, which is not used in NetBSD. The only other user of nvlist_check_header is nvlist_unpack_header, which verifies the header sizes matches the framing and so is not affected by integer overflow. Matches upstream FreeBSD change by Mariusz Zaborski . CVE-2024-45287 PR security/58652: libnv: Integer overflow and buffer overrun vulnerabilities To generate a diff of this commit: cvs rdiff -u -r1.8 -r1.9 src/sys/external/bsd/libnv/dist/nvlist.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Thu Aug 29 13:39:42 UTC 2024 Modified Files: src/lib/libc/gen: Makefile.inc arc4random.c Log Message: arc4random(3): Pacify some of lint's complaints. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.218 -r1.219 src/lib/libc/gen/Makefile.inc cvs rdiff -u -r1.37 -r1.38 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/Makefile.inc diff -u src/lib/libc/gen/Makefile.inc:1.218 src/lib/libc/gen/Makefile.inc:1.219 --- src/lib/libc/gen/Makefile.inc:1.218 Mon Jul 8 22:14:31 2024 +++ src/lib/libc/gen/Makefile.inc Thu Aug 29 13:39:42 2024 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile.inc,v 1.218 2024/07/08 22:14:31 christos Exp $ +# $NetBSD: Makefile.inc,v 1.219 2024/08/29 13:39:42 riastradh Exp $ # from: @(#)Makefile.inc 8.6 (Berkeley) 5/4/95 # gen sources @@ -39,6 +39,8 @@ SRCS+= alarm.c alphasort.c arc4random.c warnx.c warnc.c wordexp.c xsyslog.c \ vwarn.c vwarnx.c vwarnc.c verr.c verrx.c verrc.c +LINTFLAGS.arc4random.c+=-Ac11 # stdatomic.h + # uses alloca COPTS.execvp.c = -Wno-stack-protector COPTS.execl.c = -Wno-stack-protector Index: src/lib/libc/gen/arc4random.c diff -u src/lib/libc/gen/arc4random.c:1.37 src/lib/libc/gen/arc4random.c:1.38 --- src/lib/libc/gen/arc4random.c:1.37 Tue Aug 27 13:43:02 2024 +++ src/lib/libc/gen/arc4random.c Thu Aug 29 13:39:42 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: arc4random.c,v 1.37 2024/08/27 13:43:02 riastradh Exp $ */ +/* $NetBSD: arc4random.c,v 1.38 2024/08/29 13:39:42 riastradh Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -52,7 +52,7 @@ */ #include -__RCSID("$NetBSD: arc4random.c,v 1.37 2024/08/27 13:43:02 riastradh Exp $"); +__RCSID("$NetBSD: arc4random.c,v 1.38 2024/08/29 13:39:42 riastradh Exp $"); #include "namespace.h" #include "reentrant.h" @@ -422,7 +422,7 @@ entropy_epoch(void) static atomic_int mib0[3]; static atomic_bool initialized = false; int mib[3]; - unsigned epoch = -1; + unsigned epoch = (unsigned)-1; size_t epochlen = sizeof(epoch); /* @@ -438,9 +438,9 @@ entropy_epoch(void) size_t nmib = __arraycount(mib); if (sysctlnametomib("kern.entropy.epoch", mib, &nmib) == -1) - return -1; + return (unsigned)-1; if (nmib != __arraycount(mib)) - return -1; + return (unsigned)-1; atomic_store_explicit(&mib0[0], mib[0], memory_order_relaxed); atomic_store_explicit(&mib0[1], mib[1], memory_order_relaxed); atomic_store_explicit(&mib0[2], mib[2], memory_order_relaxed); @@ -449,9 +449,9 @@ entropy_epoch(void) } if (sysctl(mib, __arraycount(mib), &epoch, &epochlen, NULL, 0) == -1) - return -1; + return (unsigned)-1; if (epochlen != sizeof(epoch)) - return -1; + return (unsigned)-1; return epoch; }
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Thu Aug 29 13:39:42 UTC 2024 Modified Files: src/lib/libc/gen: Makefile.inc arc4random.c Log Message: arc4random(3): Pacify some of lint's complaints. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.218 -r1.219 src/lib/libc/gen/Makefile.inc cvs rdiff -u -r1.37 -r1.38 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: riastradh Date: Wed Aug 28 14:39:16 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.3 src/share/man/man4: acpivmgenid.4 rnd.4 Log Message: Bump dates on man pages recently updated to mention VM clones. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/lib/libc/gen/arc4random.3 cvs rdiff -u -r1.2 -r1.3 src/share/man/man4/acpivmgenid.4 cvs rdiff -u -r1.43 -r1.44 src/share/man/man4/rnd.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
Module Name:src Committed By: riastradh Date: Wed Aug 28 14:39:16 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.3 src/share/man/man4: acpivmgenid.4 rnd.4 Log Message: Bump dates on man pages recently updated to mention VM clones. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.22 -r1.23 src/lib/libc/gen/arc4random.3 cvs rdiff -u -r1.2 -r1.3 src/share/man/man4/acpivmgenid.4 cvs rdiff -u -r1.43 -r1.44 src/share/man/man4/rnd.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/arc4random.3 diff -u src/lib/libc/gen/arc4random.3:1.22 src/lib/libc/gen/arc4random.3:1.23 --- src/lib/libc/gen/arc4random.3:1.22 Tue Aug 27 11:55:16 2024 +++ src/lib/libc/gen/arc4random.3 Wed Aug 28 14:39:16 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: arc4random.3,v 1.22 2024/08/27 11:55:16 riastradh Exp $ +.\" $NetBSD: arc4random.3,v 1.23 2024/08/28 14:39:16 riastradh Exp $ .\" .\" Copyright (c) 2014 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd November 16, 2014 +.Dd August 27, 2024 .Dt ARC4RANDOM 3 .Os .Sh NAME Index: src/share/man/man4/acpivmgenid.4 diff -u src/share/man/man4/acpivmgenid.4:1.2 src/share/man/man4/acpivmgenid.4:1.3 --- src/share/man/man4/acpivmgenid.4:1.2 Mon Aug 26 15:28:58 2024 +++ src/share/man/man4/acpivmgenid.4 Wed Aug 28 14:39:16 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: acpivmgenid.4,v 1.2 2024/08/26 15:28:58 riastradh Exp $ +.\" $NetBSD: acpivmgenid.4,v 1.3 2024/08/28 14:39:16 riastradh Exp $ .\" .\" Copyright (c) 2024 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -24,7 +24,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd August 25, 2024 +.Dd August 26, 2024 .Dt ACPIVMGENID 4 .Os .\" Index: src/share/man/man4/rnd.4 diff -u src/share/man/man4/rnd.4:1.43 src/share/man/man4/rnd.4:1.44 --- src/share/man/man4/rnd.4:1.43 Tue Aug 27 17:38:52 2024 +++ src/share/man/man4/rnd.4 Wed Aug 28 14:39:16 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: rnd.4,v 1.43 2024/08/27 17:38:52 uwe Exp $ +.\" $NetBSD: rnd.4,v 1.44 2024/08/28 14:39:16 riastradh Exp $ .\" .\" Copyright (c) 2014-2020 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd August 7, 2023 +.Dd August 27, 2024 .Dt RND 4 .Os .\"
CVS commit: src/share/man/man3
Module Name:src Committed By: riastradh Date: Wed Aug 28 14:36:19 UTC 2024 Modified Files: src/share/man/man3: tm.3 Log Message: tm(3): Fix types in man page. PR lib/58651: tm(3): wrong type in man page for tm_gmtoff To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/share/man/man3/tm.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man3/tm.3 diff -u src/share/man/man3/tm.3:1.5 src/share/man/man3/tm.3:1.6 --- src/share/man/man3/tm.3:1.5 Sun Oct 23 15:43:40 2022 +++ src/share/man/man3/tm.3 Wed Aug 28 14:36:19 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: tm.3,v 1.5 2022/10/23 15:43:40 jschauma Exp $ +.\" $NetBSD: tm.3,v 1.6 2024/08/28 14:36:19 riastradh Exp $ .\" .\" Copyright (c) 2011 Jukka Ruohonen .\" All rights reserved. @@ -68,8 +68,8 @@ In addition, the following NetBSD-specif .Bl -column -offset indent \ "Type " "Field " "Months since January 1" .It Sy Type Ta Sy Field Ta Sy Represents -.It Vt int Ta Va tm_gmtoff Ta Offset from UTC in seconds -.It Vt __aconst char Ta Va tm_zone Ta Timezone abbreviation +.It Vt long Ta Va tm_gmtoff Ta Offset from UTC in seconds +.It Vt char Ta Va tm_zone Ta Timezone abbreviation .El .Pp The
CVS commit: src/share/man/man3
Module Name:src Committed By: riastradh Date: Wed Aug 28 14:36:19 UTC 2024 Modified Files: src/share/man/man3: tm.3 Log Message: tm(3): Fix types in man page. PR lib/58651: tm(3): wrong type in man page for tm_gmtoff To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/share/man/man3/tm.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Wed Aug 28 14:08:48 UTC 2024 Modified Files: src/lib/libc/gen: getentropy.3 Log Message: getentropy(3): Note intent to reseed on VM clone, and caveats. Tidy markup and pacify some mandoc -Tlint complaints while here. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/lib/libc/gen/getentropy.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/getentropy.3 diff -u src/lib/libc/gen/getentropy.3:1.7 src/lib/libc/gen/getentropy.3:1.8 --- src/lib/libc/gen/getentropy.3:1.7 Thu Aug 15 23:44:49 2024 +++ src/lib/libc/gen/getentropy.3 Wed Aug 28 14:08:48 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: getentropy.3,v 1.7 2024/08/15 23:44:49 riastradh Exp $ $ +.\" $NetBSD: getentropy.3,v 1.8 2024/08/28 14:08:48 riastradh Exp $ $ .\" .\" Copyright (c) 2020 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -27,7 +27,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 28, 2023 +.Dd August 28, 2024 .Dt GETENTROPY 3 .Os .Sh NAME @@ -41,9 +41,8 @@ .Fn getentropy "void *buf" "size_t buflen" .In limits.h .Pp -.Li #define GETENTROPY_MAX 256 +.Li #define GETENTROPY_MAX 256 .Sh DESCRIPTION -.Pp The .Nm function fills @@ -99,6 +98,21 @@ However, the interface alone can make no security guarantees without a physical system configuration that includes random number generation hardware or secret seed material from such hardware on another machine. +.Pp +.Nx +attempts to reseed the system entropy pool when it has detected the +system has been cloned as a guest in a virtual machine, so that +subsequent calls to +.Nm +in the clones yield independent outputs. +However, this relies on the virtual machine host to notify the guest, +e.g. through the +.Xr acpivmgenid 4 +device, and even so there is an unavoidable small window of time +between when the virtual machine is actually cloned and when the system +is reseeded during which +.Nm +may yield identical outputs in the clones. .Sh SEE ALSO .Xr arc4random 3 , .Xr rnd 4 ,
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Wed Aug 28 14:08:48 UTC 2024 Modified Files: src/lib/libc/gen: getentropy.3 Log Message: getentropy(3): Note intent to reseed on VM clone, and caveats. Tidy markup and pacify some mandoc -Tlint complaints while here. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.7 -r1.8 src/lib/libc/gen/getentropy.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src
ES - crypto_prng_SEEDBYTES) -struct crypto_prng { - uint8_t state[crypto_prng_SEEDBYTES]; -}; +__CTASSERT(sizeof(struct crypto_prng) == crypto_prng_SEEDBYTES); static void crypto_prng_seed(struct crypto_prng *prng, const void *seed) @@ -457,11 +458,6 @@ entropy_epoch(void) /* arc4random state: per-thread, per-process (zeroed in child on fork) */ -struct arc4random_prng { - struct crypto_prng arc4_prng; - unsigned arc4_epoch; -}; - static void arc4random_prng_addrandom(struct arc4random_prng *prng, const void *data, size_t datalen) @@ -531,14 +527,7 @@ arc4random_prng_destroy(struct arc4rando /* Library state */ -static struct arc4random_global { -#ifdef _REENTRANT - mutex_t lock; - thread_key_t thread_key; -#endif - struct arc4random_prng prng; - bool initialized; -} arc4random_global = { +struct arc4random_global_state arc4random_global = { #ifdef _REENTRANT .lock = MUTEX_INITIALIZER, #endif Index: src/lib/libc/include/reentrant.h diff -u src/lib/libc/include/reentrant.h:1.21 src/lib/libc/include/reentrant.h:1.22 --- src/lib/libc/include/reentrant.h:1.21 Wed Dec 8 20:11:54 2021 +++ src/lib/libc/include/reentrant.h Tue Aug 27 13:43:02 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: reentrant.h,v 1.21 2021/12/08 20:11:54 andvar Exp $ */ +/* $NetBSD: reentrant.h,v 1.22 2024/08/27 13:43:02 riastradh Exp $ */ /*- * Copyright (c) 1997, 1998, 2003 The NetBSD Foundation, Inc. @@ -91,6 +91,9 @@ * is. */ +#ifndef _LIBC_REENTRANT_H_ +#define _LIBC_REENTRANT_H_ + #include #include @@ -326,3 +329,5 @@ thr_once(once_t *once_control, void (*ro #define FUNLOCKFILE(fp) __nothing #endif /* _REENTRANT */ + +#endif /* _LIBC_REENTRANT_H_ */ Index: src/tests/lib/libc/gen/Makefile diff -u src/tests/lib/libc/gen/Makefile:1.55 src/tests/lib/libc/gen/Makefile:1.56 --- src/tests/lib/libc/gen/Makefile:1.55 Tue May 31 13:42:59 2022 +++ src/tests/lib/libc/gen/Makefile Tue Aug 27 13:43:02 2024 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.55 2022/05/31 13:42:59 riastradh Exp $ +# $NetBSD: Makefile,v 1.56 2024/08/27 13:43:02 riastradh Exp $ .include @@ -8,6 +8,7 @@ TESTS_SUBDIRS+= execve TESTS_SUBDIRS+= posix_spawn TESTS_C+= t_alarm +TESTS_C+= t_arc4random TESTS_C+= t_assert TESTS_C+= t_basedirname TESTS_C+= t_closefrom @@ -44,6 +45,7 @@ TESTS_C+= t_vis COPTS.t_siginfo.c+= -DENABLE_TESTS .endif +CPPFLAGS.t_arc4random.c+=-I${NETBSDSRCDIR}/lib/libc/include CPPFLAGS.t_siginfo.c+=-D__TEST_FENV COPTS.t_fpsetround.c+=${${ACTIVE_CC} == "gcc":? -frounding-math :} @@ -54,6 +56,8 @@ DPADD.t_fpclassify+= ${LIBM} LDADD.t_fpsetround+= -lm DPADD.t_fpsetround+= ${LIBM} +LDADD.t_arc4random+= -lpthread +DPADD.t_arc4random+= ${LIBPTHREAD} LDADD.t_nice+= -lpthread DPADD.t_nice+= ${LIBPTHREAD} LDADD.t_syslog+= -lpthread Added files: Index: src/lib/libc/include/arc4random.h diff -u /dev/null src/lib/libc/include/arc4random.h:1.1 --- /dev/null Tue Aug 27 13:43:02 2024 +++ src/lib/libc/include/arc4random.h Tue Aug 27 13:43:02 2024 @@ -0,0 +1,60 @@ +/* $NetBSD: arc4random.h,v 1.1 2024/08/27 13:43:02 riastradh Exp $ */ + +/*- + * Copyright (c) 2014 The NetBSD Foundation, Inc. + * All rights reserved. + * + * This code is derived from software contributed to The NetBSD Foundation + * by Taylor R. Campbell. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS + * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED + * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR + * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS + * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR + * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _LIBC_GEN_ARC4RANDOM_H_ +#define _LIBC_GEN_ARC4RANDOM_H_ + +#include +#include + +#include "reentrant.h" + +struct crypto_prng { + uint8_t state[32]; +}; + +struct arc4random_prng { + struct crypto_prng arc4_prng; + unsigned arc4_epoch; +}; + +struct arc4random_global_state { + mutex_t lock; + thread_key_t thread_key; + struct arc4random_p
CVS commit: src
Module Name:src Committed By: riastradh Date: Tue Aug 27 13:43:02 UTC 2024 Modified Files: src/distrib/sets/lists/debug: mi src/distrib/sets/lists/tests: mi src/lib/libc/gen: arc4random.c src/lib/libc/include: reentrant.h src/tests/lib/libc/gen: Makefile Added Files: src/lib/libc/include: arc4random.h src/tests/lib/libc/gen: t_arc4random.c Log Message: arc4random(3): Add automatic tests. This verifies that: - arc4random zeroes its state and reseeds itself on fork - arc4random reseeds itself on entropy consolidation (e.g., VM clone) - arc4random falls back to global state if it can't allocate local state because address space limits cause mmap to fail NOTE: This adds a new libc symbol __arc4random_global, but it's in the reserved namespace and only used by t_arc4random, so no libc minor bump. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.445 -r1.446 src/distrib/sets/lists/debug/mi cvs rdiff -u -r1.1333 -r1.1334 src/distrib/sets/lists/tests/mi cvs rdiff -u -r1.36 -r1.37 src/lib/libc/gen/arc4random.c cvs rdiff -u -r0 -r1.1 src/lib/libc/include/arc4random.h cvs rdiff -u -r1.21 -r1.22 src/lib/libc/include/reentrant.h cvs rdiff -u -r1.55 -r1.56 src/tests/lib/libc/gen/Makefile cvs rdiff -u -r0 -r1.1 src/tests/lib/libc/gen/t_arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Tue Aug 27 11:55:16 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.3 Log Message: arc4random(3): Note that arc4random respects kern.entropy.epoch. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/lib/libc/gen/arc4random.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/arc4random.3 diff -u src/lib/libc/gen/arc4random.3:1.21 src/lib/libc/gen/arc4random.3:1.22 --- src/lib/libc/gen/arc4random.3:1.21 Fri Jul 15 21:19:19 2016 +++ src/lib/libc/gen/arc4random.3 Tue Aug 27 11:55:16 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: arc4random.3,v 1.21 2016/07/15 21:19:19 wiz Exp $ +.\" $NetBSD: arc4random.3,v 1.22 2024/08/27 11:55:16 riastradh Exp $ .\" .\" Copyright (c) 2014 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -233,6 +233,15 @@ and .Fn arc4random_addrandom may abort the process in the highly unlikely event that the operating system fails to provide entropy. +.Pp +If +.Nm +detects that the sysctl variable +.Li kern.entropy.epoch +.Pq see Xr rnd 4 +has changed since its last output, it reseeds itself with additional +data from the system entropy pool again before generating its next +output. .Sh SEE ALSO .Xr rand 3 , .Xr random 3 , @@ -252,7 +261,7 @@ for testing purposes. .Pp The name .Sq arc4random -was chosen for hysterical raisins -- it was originally implemented +was chosen for hysterical raisins \(em it was originally implemented using the RC4 stream cipher, which has been known since shortly after it was published in 1994 to have observable biases in the output, and is now known to be broken badly enough to admit practical attacks in
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Tue Aug 27 11:55:16 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.3 Log Message: arc4random(3): Note that arc4random respects kern.entropy.epoch. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.21 -r1.22 src/lib/libc/gen/arc4random.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/man/man4
Module Name:src Committed By: riastradh Date: Tue Aug 27 11:21:02 UTC 2024 Modified Files: src/share/man/man4: rnd.4 Log Message: rnd(4): Document kern.entropy.epoch is unprivileged and elaborate. Cross-reference acpivmgenid(4). PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.41 -r1.42 src/share/man/man4/rnd.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man4/rnd.4 diff -u src/share/man/man4/rnd.4:1.41 src/share/man/man4/rnd.4:1.42 --- src/share/man/man4/rnd.4:1.41 Mon Aug 7 06:27:37 2023 +++ src/share/man/man4/rnd.4 Tue Aug 27 11:21:02 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: rnd.4,v 1.41 2023/08/07 06:27:37 riastradh Exp $ +.\" $NetBSD: rnd.4,v 1.42 2024/08/27 11:21:02 riastradh Exp $ .\" .\" Copyright (c) 2014-2020 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -457,18 +457,37 @@ Number of bits of entropy pending in per This is the amount of entropy that will be contributed to the global pool at the next consolidation, such as from triggering .Dv kern.entropy.consolidate . +.El +.Pp +The following read-only +.Xr sysctl 8 +variables provide information to any users, privileged or unprivileged: +.Bl -tag -width abcd .It Dv kern.entropy.epoch Pq Vt unsigned int -Number of times system has reached full entropy, or entropy has been -consolidated with -.Dv kern.entropy.consolidate , -as an unsigned 32-bit integer. -Consulted inside the kernel by subsystems such as -.Xr cprng 9 +An integer that changes whenever the system determines applications +should reseed from the system entropy pool. +This can happen for various reasons: +.Bl -dash -compact +.It +The system has reached full entropy for the first time. +.It +A virtual machine clone has been detected +.Pq e.g., by Xr acpivmgenid 4 . +.It +An operator has set +.Li kern.entropy.consolidate . +.El +.Pp +Consulted by +.Xr arc4random 3 , +and inside the kernel by subsystems such as +.Xr cprng 9 , to decide whether to reseed. +.Pp Initially set to 2^32 \- 1 .Pq i.e., Li "(unsigned)\-1" -meaning the system has never reached full entropy and the entropy has -never been consolidated; never again set to 2^32 \- 1. +meaning the system has never reached full entropy; never again set to +2^32 \- 1. Never zero, so applications can initialize a cache of the epoch to zero to ensure they reseed the next time they check whether it is different from the stored epoch. @@ -625,6 +644,7 @@ The system has full entropy for the firs .\" .Sh SEE ALSO .Xr arc4random 3 , +.Xr acpivmgenid 4 , .Xr entropy 7 , .Xr rndctl 8 , .Xr cprng 9 ,
CVS commit: src/share/man/man4
Module Name:src Committed By: riastradh Date: Tue Aug 27 11:21:02 UTC 2024 Modified Files: src/share/man/man4: rnd.4 Log Message: rnd(4): Document kern.entropy.epoch is unprivileged and elaborate. Cross-reference acpivmgenid(4). PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.41 -r1.42 src/share/man/man4/rnd.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Tue Aug 27 00:57:35 UTC 2024 Modified Files: src/sys/sys: param.h Log Message: sys/param.h: Welcome to 10.99.12! Courtesy of entropy_consolidate's new return value, telling the caller whether it was interrupted by a signal or not. To generate a diff of this commit: cvs rdiff -u -r1.734 -r1.735 src/sys/sys/param.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/sys/param.h diff -u src/sys/sys/param.h:1.734 src/sys/sys/param.h:1.735 --- src/sys/sys/param.h:1.734 Sat Jun 29 13:04:20 2024 +++ src/sys/sys/param.h Tue Aug 27 00:57:35 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: param.h,v 1.734 2024/06/29 13:04:20 riastradh Exp $ */ +/* $NetBSD: param.h,v 1.735 2024/08/27 00:57:35 riastradh Exp $ */ /*- * Copyright (c) 1982, 1986, 1989, 1993 @@ -67,7 +67,7 @@ * 2.99.9 (299000900) */ -#define __NetBSD_Version__ 1099001100 /* NetBSD 10.99.11 */ +#define __NetBSD_Version__ 1099001200 /* NetBSD 10.99.12 */ #define __NetBSD_Prereq__(M,m,p) (M) * 1) + \ (m) * 100) + (p) * 100) <= __NetBSD_Version__)
CVS commit: src/sys/sys
Module Name:src Committed By: riastradh Date: Tue Aug 27 00:57:35 UTC 2024 Modified Files: src/sys/sys: param.h Log Message: sys/param.h: Welcome to 10.99.12! Courtesy of entropy_consolidate's new return value, telling the caller whether it was interrupted by a signal or not. To generate a diff of this commit: cvs rdiff -u -r1.734 -r1.735 src/sys/sys/param.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Tue Aug 27 00:56:47 UTC 2024 Modified Files: src/sys/dev: random.c src/sys/dev/acpi: acpi_vmgenid.c src/sys/kern: kern_entropy.c src/sys/sys: entropy.h Log Message: entropy(9): Merge entropy_consolidate, entropy_consolidate_sig. entropy_consolidate can already be interrupted by a signal -- it just doesn't tell the caller this happened. So make it return the error code, and delete entropy_consolidate_sig. NOTE: This changes the semantics of an existing symbol, so it can't be pulled up. (It might in principle be ABI-compatible because the old symbol returned void and the new one returns int, so the caller can just ignore the return value register in most if not all ABIs, but I organized the relevant changes so we can pull up bug fixes without thinking about this.) This is just tidying the kernel API after all the previous fixes which can be pulled up. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/sys/dev/random.c cvs rdiff -u -r1.2 -r1.3 src/sys/dev/acpi/acpi_vmgenid.c cvs rdiff -u -r1.71 -r1.72 src/sys/kern/kern_entropy.c cvs rdiff -u -r1.6 -r1.7 src/sys/sys/entropy.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/random.c diff -u src/sys/dev/random.c:1.11 src/sys/dev/random.c:1.12 --- src/sys/dev/random.c:1.11 Mon Aug 26 13:46:51 2024 +++ src/sys/dev/random.c Tue Aug 27 00:56:47 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: random.c,v 1.11 2024/08/26 13:46:51 riastradh Exp $ */ +/* $NetBSD: random.c,v 1.12 2024/08/27 00:56:47 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -47,7 +47,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: random.c,v 1.11 2024/08/26 13:46:51 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: random.c,v 1.12 2024/08/27 00:56:47 riastradh Exp $"); #include #include @@ -299,7 +299,7 @@ random_write(dev_t dev, struct uio *uio, /* If we added anything, consolidate entropy now. */ if (any && error == 0) - error = entropy_consolidate_sig(); + error = entropy_consolidate(); return error; } Index: src/sys/dev/acpi/acpi_vmgenid.c diff -u src/sys/dev/acpi/acpi_vmgenid.c:1.2 src/sys/dev/acpi/acpi_vmgenid.c:1.3 --- src/sys/dev/acpi/acpi_vmgenid.c:1.2 Mon Aug 26 13:53:22 2024 +++ src/sys/dev/acpi/acpi_vmgenid.c Tue Aug 27 00:56:46 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: acpi_vmgenid.c,v 1.2 2024/08/26 13:53:22 riastradh Exp $ */ +/* $NetBSD: acpi_vmgenid.c,v 1.3 2024/08/27 00:56:46 riastradh Exp $ */ /*- * Copyright (c) 2024 The NetBSD Foundation, Inc. @@ -44,7 +44,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: acpi_vmgenid.c,v 1.2 2024/08/26 13:53:22 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: acpi_vmgenid.c,v 1.3 2024/08/27 00:56:46 riastradh Exp $"); #include #include @@ -306,9 +306,11 @@ acpivmgenid_reset(void *cookie) * Grab the current VM generation ID to put it into the entropy * pool; then force consolidation so it affects all subsequent * draws from the entropy pool and the entropy epoch advances. + * Again we can't be interrupted by a signal so ignore return + * value. */ acpivmgenid_set(sc, "cloned"); - entropy_consolidate(); + (void)entropy_consolidate(); } static int Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.71 src/sys/kern/kern_entropy.c:1.72 --- src/sys/kern/kern_entropy.c:1.71 Mon Aug 26 15:50:15 2024 +++ src/sys/kern/kern_entropy.c Tue Aug 27 00:56:47 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.71 2024/08/26 15:50:15 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.72 2024/08/27 00:56:47 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.71 2024/08/26 15:50:15 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.72 2024/08/27 00:56:47 riastradh Exp $"); #include #include @@ -1355,19 +1355,6 @@ entropy_notify(void) * entropy_consolidate() * * Trigger entropy consolidation and wait for it to complete, or - * return early if interrupted by a signal. - */ -void -entropy_consolidate(void) -{ - - (void)entropy_consolidate_sig(); -} - -/* - * entropy_consolidate_sig() - * - * Trigger entropy consolidation and wait for it to complete, or * return EINTR if interrupted by a signal. * * This should be used sparingly, not periodically -- requiring @@ -1377,7 +1364,7 @@ entropy_consolidate(void) * transition to full entropy. */ int -entropy_consolidate_sig(void) +entropy_consolidate(void) { uint64_t ticket; int error; @@ -1420,7 +1407,7 @@ sysctl_entropy_consolidate(SYSCTLFN_ARGS if (error || newp == NULL) return error; if (arg) - error = entropy_consolidate_sig(); + error = entropy_consolidate(); return error; } @@ -2818,7 +2805,7 @@ e
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Tue Aug 27 00:56:47 UTC 2024 Modified Files: src/sys/dev: random.c src/sys/dev/acpi: acpi_vmgenid.c src/sys/kern: kern_entropy.c src/sys/sys: entropy.h Log Message: entropy(9): Merge entropy_consolidate, entropy_consolidate_sig. entropy_consolidate can already be interrupted by a signal -- it just doesn't tell the caller this happened. So make it return the error code, and delete entropy_consolidate_sig. NOTE: This changes the semantics of an existing symbol, so it can't be pulled up. (It might in principle be ABI-compatible because the old symbol returned void and the new one returns int, so the caller can just ignore the return value register in most if not all ABIs, but I organized the relevant changes so we can pull up bug fixes without thinking about this.) This is just tidying the kernel API after all the previous fixes which can be pulled up. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.11 -r1.12 src/sys/dev/random.c cvs rdiff -u -r1.2 -r1.3 src/sys/dev/acpi/acpi_vmgenid.c cvs rdiff -u -r1.71 -r1.72 src/sys/kern/kern_entropy.c cvs rdiff -u -r1.6 -r1.7 src/sys/sys/entropy.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch
Module Name:src Committed By: riastradh Date: Tue Aug 27 00:56:16 UTC 2024 Modified Files: src/sys/arch/amd64/conf: GENERIC src/sys/arch/evbarm/conf: GENERIC64 src/sys/arch/i386/conf: GENERIC Log Message: amd64, evbarm, i386: Add acpivmgenid(4) to GENERIC. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.613 -r1.614 src/sys/arch/amd64/conf/GENERIC cvs rdiff -u -r1.218 -r1.219 src/sys/arch/evbarm/conf/GENERIC64 cvs rdiff -u -r1.1257 -r1.1258 src/sys/arch/i386/conf/GENERIC Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/amd64/conf/GENERIC diff -u src/sys/arch/amd64/conf/GENERIC:1.613 src/sys/arch/amd64/conf/GENERIC:1.614 --- src/sys/arch/amd64/conf/GENERIC:1.613 Tue Jul 16 12:01:18 2024 +++ src/sys/arch/amd64/conf/GENERIC Tue Aug 27 00:56:16 2024 @@ -1,4 +1,4 @@ -# $NetBSD: GENERIC,v 1.613 2024/07/16 12:01:18 riastradh Exp $ +# $NetBSD: GENERIC,v 1.614 2024/08/27 00:56:16 riastradh Exp $ # # GENERIC machine description file # @@ -22,7 +22,7 @@ include "arch/amd64/conf/std.amd64" options INCLUDE_CONFIG_FILE # embed config file in kernel binary -#ident "GENERIC-$Revision: 1.613 $" +#ident "GENERIC-$Revision: 1.614 $" maxusers 64 # estimated number of users @@ -341,6 +341,7 @@ acpilid* at acpi? # ACPI Lid Switch acpitz* at acpi? # ACPI Thermal Zone acpivga* at acpi? # ACPI Display Adapter acpiout* at acpivga? # ACPI Display Output Device +acpivmgenid* at acpi? # ACPI Virtual Machine Generation ID acpiwdrt* at acpi? # ACPI Watchdog Resource Table acpiwmi* at acpi? # ACPI WMI Mapper apei* at apeibus? # ACPI Platform Error Interfaces Index: src/sys/arch/evbarm/conf/GENERIC64 diff -u src/sys/arch/evbarm/conf/GENERIC64:1.218 src/sys/arch/evbarm/conf/GENERIC64:1.219 --- src/sys/arch/evbarm/conf/GENERIC64:1.218 Tue Jul 16 12:01:19 2024 +++ src/sys/arch/evbarm/conf/GENERIC64 Tue Aug 27 00:56:16 2024 @@ -1,5 +1,5 @@ # -# $NetBSD: GENERIC64,v 1.218 2024/07/16 12:01:19 riastradh Exp $ +# $NetBSD: GENERIC64,v 1.219 2024/08/27 00:56:16 riastradh Exp $ # # GENERIC ARM (aarch64) kernel # @@ -127,6 +127,7 @@ acpifan* at acpi? acpiged* at acpi? acpilid* at acpi? acpitz* at acpi? +acpivmgenid* at acpi? # CPUs cpus* at fdt? pass 0 Index: src/sys/arch/i386/conf/GENERIC diff -u src/sys/arch/i386/conf/GENERIC:1.1257 src/sys/arch/i386/conf/GENERIC:1.1258 --- src/sys/arch/i386/conf/GENERIC:1.1257 Tue Jul 16 12:01:19 2024 +++ src/sys/arch/i386/conf/GENERIC Tue Aug 27 00:56:16 2024 @@ -1,4 +1,4 @@ -# $NetBSD: GENERIC,v 1.1257 2024/07/16 12:01:19 riastradh Exp $ +# $NetBSD: GENERIC,v 1.1258 2024/08/27 00:56:16 riastradh Exp $ # # GENERIC machine description file # @@ -22,7 +22,7 @@ include "arch/i386/conf/std.i386" options INCLUDE_CONFIG_FILE # embed config file in kernel binary -#ident "GENERIC-$Revision: 1.1257 $" +#ident "GENERIC-$Revision: 1.1258 $" maxusers 64 # estimated number of users @@ -324,6 +324,7 @@ acpilid* at acpi? # ACPI Lid Switch acpitz* at acpi? # ACPI Thermal Zone acpivga* at acpi? # ACPI Display Adapter acpiout* at acpivga? # ACPI Display Output Device +acpivmgenid* at acpi? # ACPI Virtual Machine Generation ID acpiwdrt* at acpi? # ACPI Watchdog Resource Table acpiwmi* at acpi? # ACPI WMI Mapper apei* at apeibus? # ACPI Platform Error Interfaces
CVS commit: src/sys/arch
Module Name:src Committed By: riastradh Date: Tue Aug 27 00:56:16 UTC 2024 Modified Files: src/sys/arch/amd64/conf: GENERIC src/sys/arch/evbarm/conf: GENERIC64 src/sys/arch/i386/conf: GENERIC Log Message: amd64, evbarm, i386: Add acpivmgenid(4) to GENERIC. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.613 -r1.614 src/sys/arch/amd64/conf/GENERIC cvs rdiff -u -r1.218 -r1.219 src/sys/arch/evbarm/conf/GENERIC64 cvs rdiff -u -r1.1257 -r1.1258 src/sys/arch/i386/conf/GENERIC Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/tests/net/if_wg
Module Name:src Committed By: riastradh Date: Mon Aug 26 17:52:46 UTC 2024 Modified Files: src/tests/net/if_wg: t_misc.sh Log Message: tests/net/if_wg/t_misc: Add some diagnostics. PR kern/55729: net/if_wg/t_misc:wg_rekey test case fails To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/tests/net/if_wg/t_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/tests/net/if_wg/t_misc.sh diff -u src/tests/net/if_wg/t_misc.sh:1.15 src/tests/net/if_wg/t_misc.sh:1.16 --- src/tests/net/if_wg/t_misc.sh:1.15 Sun Jul 28 14:47:05 2024 +++ src/tests/net/if_wg/t_misc.sh Mon Aug 26 17:52:46 2024 @@ -1,4 +1,4 @@ -# $NetBSD: t_misc.sh,v 1.15 2024/07/28 14:47:05 riastradh Exp $ +# $NetBSD: t_misc.sh,v 1.16 2024/08/26 17:52:46 riastradh Exp $ # # Copyright (c) 2018 Ryota Ozaki # All rights reserved. @@ -55,9 +55,13 @@ wg_rekey_body() export RUMP_SERVER=$SOCK_LOCAL atf_check -s exit:0 -o ignore \ rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time + $DEBUG && atf_check -s exit:0 -o ignore \ + rump.sysctl -w net.wg.debug=-1 export RUMP_SERVER=$SOCK_PEER atf_check -s exit:0 -o ignore \ rump.sysctl -w net.wg.rekey_after_time=$rekey_after_time + $DEBUG && atf_check -s exit:0 -o ignore \ + rump.sysctl -w net.wg.debug=-1 # It sets key_priv_local key_pub_local key_priv_peer key_pub_peer generate_keys @@ -76,6 +80,7 @@ wg_rekey_body() export RUMP_SERVER=$SOCK_LOCAL + echo ping1time=$(date) $ping $ip_wg_peer latest_handshake=$($HIJACKING wgconfig wg0 show peer peer0 \ @@ -84,6 +89,7 @@ wg_rekey_body() sleep 1 + echo ping2time=$(date) $ping $ip_wg_peer # No reinitiation is performed @@ -93,6 +99,7 @@ wg_rekey_body() # Wait for a reinitiation to be performed sleep $rekey_after_time + echo ping3time=$(date) $ping $ip_wg_peer # A reinitiation should be performed @@ -106,6 +113,7 @@ wg_rekey_body() # Wait for a reinitiation to be performed again sleep $((rekey_after_time+1)) + echo ping4time=$(date) $ping $ip_wg_peer # A reinitiation should be performed
CVS commit: src/tests/net/if_wg
Module Name:src Committed By: riastradh Date: Mon Aug 26 17:52:46 UTC 2024 Modified Files: src/tests/net/if_wg: t_misc.sh Log Message: tests/net/if_wg/t_misc: Add some diagnostics. PR kern/55729: net/if_wg/t_misc:wg_rekey test case fails To generate a diff of this commit: cvs rdiff -u -r1.15 -r1.16 src/tests/net/if_wg/t_misc.sh Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:50:26 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.c Log Message: arc4random.c: Fix test program. This isn't wired up anywhere, but let's reduce the bitrot. It was helpful in reminding me that kern.entropy.epoch was, for reasons I can't remember, restricted to privileged access. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/arc4random.c diff -u src/lib/libc/gen/arc4random.c:1.35 src/lib/libc/gen/arc4random.c:1.36 --- src/lib/libc/gen/arc4random.c:1.35 Mon Aug 26 15:19:22 2024 +++ src/lib/libc/gen/arc4random.c Mon Aug 26 15:50:26 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: arc4random.c,v 1.35 2024/08/26 15:19:22 riastradh Exp $ */ +/* $NetBSD: arc4random.c,v 1.36 2024/08/26 15:50:26 riastradh Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -52,7 +52,7 @@ */ #include -__RCSID("$NetBSD: arc4random.c,v 1.35 2024/08/26 15:19:22 riastradh Exp $"); +__RCSID("$NetBSD: arc4random.c,v 1.36 2024/08/26 15:50:26 riastradh Exp $"); #include "namespace.h" #include "reentrant.h" @@ -810,8 +810,18 @@ main(int argc __unused, char **argv __un switch (pid) { case -1: err(1, "fork"); - case 0: - _exit(arc4random_prng_get()->arc4_seeded); + case 0: { + /* + * Verify the epoch has been set to zero by fork. + */ + struct arc4random_prng *prng = NULL; +#ifdef _REENTRANT + prng = thr_getspecific(arc4random_global.thread_key); +#endif + if (prng == NULL) + prng = &arc4random_global.prng; + _exit(prng->arc4_epoch != 0); + } default: rpid = waitpid(pid, &status, 0); if (rpid == -1)
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:50:26 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.c Log Message: arc4random.c: Fix test program. This isn't wired up anywhere, but let's reduce the bitrot. It was helpful in reminding me that kern.entropy.epoch was, for reasons I can't remember, restricted to privileged access. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.35 -r1.36 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:50:15 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c Log Message: entropy(9): Allow unprivileged reads of sysctl kern.entropy.epoch. Applications need this in order to know when to reseed. (We should also expose it through a page shared read-only with userland for cheaper access, but until we do, let's let applications get at it through sysctl.) PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.70 -r1.71 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.70 src/sys/kern/kern_entropy.c:1.71 --- src/sys/kern/kern_entropy.c:1.70 Mon Aug 26 13:52:56 2024 +++ src/sys/kern/kern_entropy.c Mon Aug 26 15:50:15 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.70 2024/08/26 13:52:56 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.71 2024/08/26 15:50:15 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.70 2024/08/26 13:52:56 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.71 2024/08/26 15:50:15 riastradh Exp $"); #include #include @@ -400,7 +400,7 @@ entropy_init(void) SYSCTL_DESCR("Number of samples pending on CPUs"), NULL, 0, &E->samplespending, 0, CTL_CREATE, CTL_EOL); sysctl_createv(&entropy_sysctllog, 0, &entropy_sysctlroot, NULL, - CTLFLAG_PERMANENT|CTLFLAG_READONLY|CTLFLAG_PRIVATE, CTLTYPE_INT, + CTLFLAG_PERMANENT|CTLFLAG_READONLY, CTLTYPE_INT, "epoch", SYSCTL_DESCR("Entropy epoch"), NULL, 0, &E->epoch, 0, CTL_CREATE, CTL_EOL);
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:50:15 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c Log Message: entropy(9): Allow unprivileged reads of sysctl kern.entropy.epoch. Applications need this in order to know when to reseed. (We should also expose it through a page shared read-only with userland for cheaper access, but until we do, let's let applications get at it through sysctl.) PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.70 -r1.71 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/share/man/man4
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:28:58 UTC 2024 Modified Files: src/share/man/man4: acpivmgenid.4 Log Message: acpivmgenid(4): Nix BUGS that have been squashed. Reference kern.entropy.epoch for the remaining bug (which is a performance issue, not a security issue). PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/share/man/man4/acpivmgenid.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man4/acpivmgenid.4 diff -u src/share/man/man4/acpivmgenid.4:1.1 src/share/man/man4/acpivmgenid.4:1.2 --- src/share/man/man4/acpivmgenid.4:1.1 Mon Aug 26 13:38:28 2024 +++ src/share/man/man4/acpivmgenid.4 Mon Aug 26 15:28:58 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: acpivmgenid.4,v 1.1 2024/08/26 13:38:28 riastradh Exp $ +.\" $NetBSD: acpivmgenid.4,v 1.2 2024/08/26 15:28:58 riastradh Exp $ .\" .\" Copyright (c) 2024 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -57,7 +57,12 @@ will reseed system random number generat .Pa /dev/urandom and .Xr getentropy 3 -will be independent in the two clones. +will be independent in the two clones, and the +.Xr sysctl 7 +variable +.Li kern.entropy.epoch +will advance to notify applications that they should reseed random +number generators from the system entropy pool. .\" .Sh SYSCTLS The following @@ -94,19 +99,10 @@ driver first appeared in .Nx 11.0 . .\" .Sh BUGS -Currently -.Nx -does not request fresh samples from all on-demand entropy sources when -the VM generation ID changes, so although the outputs of the system -entropy pool appear independent to an outside observer, disclosing the -kernel memory of one VM clone to an adversary may allow the adversary -to predict another VM clone's -.Pa /dev/urandom -outputs. -.Pp -Currently -.Xr arc4random 3 -is not reseeded when the VM generation ID changes. -.Pp Currently there is no cheaper way to detect VM generation ID changes than to query sysctl. +(Applications deciding whether to reseed random number generators +should generally query +.Li kern.entropy.epoch , +not +.Li "hw.acpivmgenid" Ns Va N Ns Li ".id" . )
CVS commit: src/share/man/man4
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:28:58 UTC 2024 Modified Files: src/share/man/man4: acpivmgenid.4 Log Message: acpivmgenid(4): Nix BUGS that have been squashed. Reference kern.entropy.epoch for the remaining bug (which is a performance issue, not a security issue). PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/share/man/man4/acpivmgenid.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:19:22 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.c Log Message: arc4random(3): Reseed if system entropy epoch changes. This can happen, for example, if the system is a VM instance, and the VM is cloned. This incurs the cost of a system call on every arc4random call, which is unfortunate, but 1. we don't currently have a (machine-independent) mechanism for exposing a read-only page to userland shared by the kernel to enable a cheaper access path to the entropy epoch; and 2. the algorithm here -- a simple application of ChaCha -- is likely also a bottleneck and could be much cheaper by (a) using sys/crypto/chacha for machine-dependent vectorized ChaCha code, and (b) filling a buffer (somewhere between a cipher block and a page) in a batch at a time, instead of running ChaCha to generate only 32 bytes at a time. So although this might be a performance hit, the security benefit is worthwhile and we have a clear path to do better than reversing the performance hit later. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/gen/arc4random.c diff -u src/lib/libc/gen/arc4random.c:1.34 src/lib/libc/gen/arc4random.c:1.35 --- src/lib/libc/gen/arc4random.c:1.34 Sat Jan 20 14:52:47 2024 +++ src/lib/libc/gen/arc4random.c Mon Aug 26 15:19:22 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: arc4random.c,v 1.34 2024/01/20 14:52:47 christos Exp $ */ +/* $NetBSD: arc4random.c,v 1.35 2024/08/26 15:19:22 riastradh Exp $ */ /*- * Copyright (c) 2014 The NetBSD Foundation, Inc. @@ -52,7 +52,7 @@ */ #include -__RCSID("$NetBSD: arc4random.c,v 1.34 2024/01/20 14:52:47 christos Exp $"); +__RCSID("$NetBSD: arc4random.c,v 1.35 2024/08/26 15:19:22 riastradh Exp $"); #include "namespace.h" #include "reentrant.h" @@ -65,6 +65,7 @@ __RCSID("$NetBSD: arc4random.c,v 1.34 20 #include #include +#include #include #include #include @@ -398,11 +399,67 @@ crypto_onetimestream(const void *seed, v (void)explicit_memset(block, 0, sizeof block); } +/* + * entropy_epoch() + * + * Return the current entropy epoch, from the sysctl node + * kern.entropy.epoch. + * + * The entropy epoch is never zero. Initially, or on error, it is + * (unsigned)-1. It may wrap around but it skips (unsigned)-1 and + * 0 when it does. Changes happen less than once per second, so + * wraparound will only affect systems after 136 years of uptime. + * + * XXX This should get it from a page shared read-only by kernel + * with userland, but until we implement such a mechanism, this + * sysctl -- incurring the cost of a syscall -- will have to + * serve. + */ +static unsigned +entropy_epoch(void) +{ + static atomic_int mib0[3]; + static atomic_bool initialized = false; + int mib[3]; + unsigned epoch = -1; + size_t epochlen = sizeof(epoch); + + /* + * Resolve kern.entropy.epoch if we haven't already. Cache it + * for the next caller. Initialization is idempotent, so it's + * OK if two threads do it at once. + */ + if (atomic_load_explicit(&initialized, memory_order_acquire)) { + mib[0] = atomic_load_explicit(&mib0[0], memory_order_relaxed); + mib[1] = atomic_load_explicit(&mib0[1], memory_order_relaxed); + mib[2] = atomic_load_explicit(&mib0[2], memory_order_relaxed); + } else { + size_t nmib = __arraycount(mib); + + if (sysctlnametomib("kern.entropy.epoch", mib, &nmib) == -1) + return -1; + if (nmib != __arraycount(mib)) + return -1; + atomic_store_explicit(&mib0[0], mib[0], memory_order_relaxed); + atomic_store_explicit(&mib0[1], mib[1], memory_order_relaxed); + atomic_store_explicit(&mib0[2], mib[2], memory_order_relaxed); + atomic_store_explicit(&initialized, true, + memory_order_release); + } + + if (sysctl(mib, __arraycount(mib), &epoch, &epochlen, NULL, 0) == -1) + return -1; + if (epochlen != sizeof(epoch)) + return -1; + + return epoch; +} + /* arc4random state: per-thread, per-process (zeroed in child on fork) */ struct arc4random_prng { struct crypto_prng arc4_prng; - bool arc4_seeded; + unsigned arc4_epoch; }; static void @@ -413,6 +470,7 @@ arc4random_prng_addrandom(struct arc4ran SHA256_CTX ctx; uint8_t buf[crypto_prng_SEEDBYTES]; size_t buflen = sizeof buf; + unsigned epoch = entropy_epoch(); __CTASSERT(sizeof buf == SHA256_DIGEST_LENGTH); @@ -436,7 +494,7 @@ arc4random_prng_addrandom(struct arc4ran /* reseed(SHA256(prng() || sysctl(KERN_ARND) || data)) */ crypto_prng_seed(&prng->arc4_prng, buf); (void)explicit_memset(buf, 0, sizeof buf); - prng->arc4_seeded = true; + prng->arc4_epoch = epoch; } #ifdef _REENTRANT @@ -567,7 +625,7 @@ arc4random_prng_get(void) } /* Guarantee the PRNG
CVS commit: src/lib/libc/gen
Module Name:src Committed By: riastradh Date: Mon Aug 26 15:19:22 UTC 2024 Modified Files: src/lib/libc/gen: arc4random.c Log Message: arc4random(3): Reseed if system entropy epoch changes. This can happen, for example, if the system is a VM instance, and the VM is cloned. This incurs the cost of a system call on every arc4random call, which is unfortunate, but 1. we don't currently have a (machine-independent) mechanism for exposing a read-only page to userland shared by the kernel to enable a cheaper access path to the entropy epoch; and 2. the algorithm here -- a simple application of ChaCha -- is likely also a bottleneck and could be much cheaper by (a) using sys/crypto/chacha for machine-dependent vectorized ChaCha code, and (b) filling a buffer (somewhere between a cipher block and a page) in a batch at a time, instead of running ChaCha to generate only 32 bytes at a time. So although this might be a performance hit, the security benefit is worthwhile and we have a clear path to do better than reversing the performance hit later. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.34 -r1.35 src/lib/libc/gen/arc4random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/acpi
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:53:22 UTC 2024 Modified Files: src/sys/dev/acpi: acpi_vmgenid.c Log Message: acpivmgenid(4): Reset and gather entropy on VM clone notification. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/dev/acpi/acpi_vmgenid.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev/acpi
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:53:22 UTC 2024 Modified Files: src/sys/dev/acpi: acpi_vmgenid.c Log Message: acpivmgenid(4): Reset and gather entropy on VM clone notification. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 src/sys/dev/acpi/acpi_vmgenid.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/acpi/acpi_vmgenid.c diff -u src/sys/dev/acpi/acpi_vmgenid.c:1.1 src/sys/dev/acpi/acpi_vmgenid.c:1.2 --- src/sys/dev/acpi/acpi_vmgenid.c:1.1 Mon Aug 26 13:38:28 2024 +++ src/sys/dev/acpi/acpi_vmgenid.c Mon Aug 26 13:53:22 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: acpi_vmgenid.c,v 1.1 2024/08/26 13:38:28 riastradh Exp $ */ +/* $NetBSD: acpi_vmgenid.c,v 1.2 2024/08/26 13:53:22 riastradh Exp $ */ /*- * Copyright (c) 2024 The NetBSD Foundation, Inc. @@ -44,7 +44,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: acpi_vmgenid.c,v 1.1 2024/08/26 13:38:28 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: acpi_vmgenid.c,v 1.2 2024/08/26 13:53:22 riastradh Exp $"); #include #include @@ -293,13 +293,19 @@ acpivmgenid_reset(void *cookie) struct acpivmgenid_softc *const sc = cookie; /* + * Reset the system entropy pool's measure of entropy (not the + * data, just the system's assessment of whether it has + * entropy), and gather more entropy from any synchronous + * sources we have available like CPU RNG instructions. We + * can't be interrupted by a signal so ignore return value. + */ + entropy_reset(); + (void)entropy_gather(); + + /* * Grab the current VM generation ID to put it into the entropy * pool; then force consolidation so it affects all subsequent * draws from the entropy pool and the entropy epoch advances. - * - * XXX This should also reset the entropy count and request new - * samples from all sources, but there currently isn't a good - * way to do that after boot. */ acpivmgenid_set(sc, "cloned"); entropy_consolidate();
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:52:56 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c src/sys/sys: entropy.h Log Message: entropy(9): Factor out subroutines to reset and gather entropy. `Reset' means we keep the data in the pool, but assume it had zero entropy. `Gather' means we request samples from all on-demand sources and wait for the synchronous ones to complete. No functional change intended, other than to expose new symbols -- just preparation to expose these to acpivmgenid(4), so it can use these when the VM host notifies us that we, the guest, have been cloned. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/sys/kern/kern_entropy.c cvs rdiff -u -r1.5 -r1.6 src/sys/sys/entropy.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.69 src/sys/kern/kern_entropy.c:1.70 --- src/sys/kern/kern_entropy.c:1.69 Mon Aug 26 13:48:04 2024 +++ src/sys/kern/kern_entropy.c Mon Aug 26 13:52:56 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.69 2024/08/26 13:48:04 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.70 2024/08/26 13:52:56 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.69 2024/08/26 13:48:04 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.70 2024/08/26 13:52:56 riastradh Exp $"); #include #include @@ -1426,6 +1426,26 @@ sysctl_entropy_consolidate(SYSCTLFN_ARGS } /* + * entropy_gather() + * + * Trigger gathering entropy from all on-demand sources, and, if + * requested, wait for synchronous sources (but not asynchronous + * sources) to complete, or fail with EINTR if interrupted by a + * signal. + */ +int +entropy_gather(void) +{ + int error; + + mutex_enter(&E->lock); + error = entropy_request(ENTROPY_CAPACITY, ENTROPY_WAIT|ENTROPY_SIG); + mutex_exit(&E->lock); + + return error; +} + +/* * sysctl -w kern.entropy.gather=1 * * Trigger gathering entropy from all on-demand sources, and wait @@ -1443,12 +1463,8 @@ sysctl_entropy_gather(SYSCTLFN_ARGS) error = sysctl_lookup(SYSCTLFN_CALL(&node)); if (error || newp == NULL) return error; - if (arg) { - mutex_enter(&E->lock); - error = entropy_request(ENTROPY_CAPACITY, - ENTROPY_WAIT|ENTROPY_SIG); - mutex_exit(&E->lock); - } + if (arg) + error = entropy_gather(); return error; } @@ -2451,6 +2467,27 @@ entropy_reset_xc(void *arg1 __unused, vo } /* + * entropy_reset() + * + * Assume the entropy pool has been exposed, e.g. because the VM + * has been cloned. Nix all the pending entropy and set the + * needed to maximum. + */ +void +entropy_reset(void) +{ + + xc_broadcast(0, &entropy_reset_xc, NULL, NULL); + mutex_enter(&E->lock); + E->bitspending = 0; + E->samplespending = 0; + atomic_store_relaxed(&E->bitsneeded, MINENTROPYBITS); + atomic_store_relaxed(&E->samplesneeded, MINSAMPLES); + E->consolidate = false; + mutex_exit(&E->lock); +} + +/* * entropy_ioctl(cmd, data) * * Handle various /dev/random ioctl queries. @@ -2728,16 +2765,8 @@ entropy_ioctl(unsigned long cmd, void *d * If we disabled estimation or collection, nix all the * pending entropy and set needed to the maximum. */ - if (reset) { - xc_broadcast(0, &entropy_reset_xc, NULL, NULL); - mutex_enter(&E->lock); - E->bitspending = 0; - E->samplespending = 0; - atomic_store_relaxed(&E->bitsneeded, MINENTROPYBITS); - atomic_store_relaxed(&E->samplesneeded, MINSAMPLES); - E->consolidate = false; - mutex_exit(&E->lock); - } + if (reset) + entropy_reset(); /* * If we changed any of the estimation or collection @@ -2750,12 +2779,8 @@ entropy_ioctl(unsigned long cmd, void *d * we have committed side effects, because this ioctl * command is idempotent, so repeating it is safe. */ - if (request) { - mutex_enter(&E->lock); - error = entropy_request(ENTROPY_CAPACITY, - ENTROPY_WAIT|ENTROPY_SIG); - mutex_exit(&E->lock); - } + if (request) + error = entropy_gather(); break; } case RNDADDDATA: { /* Enter seed into entropy pool. */ Index: src/sys/sys/entropy.h diff -u src/sys/sys/entropy.h:1.5 src/sys/sys/entropy.h:1.6 --- src/sys/sys/entropy.h:1.5 Mon Aug 26 13:46:03 2024 +++ src/sys/sys/entropy.h Mon Aug 26 13:52:56 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: entropy.h,v 1.5 2024/08/26 13:46:03 riastradh Exp $ */ +/* $NetBSD: entropy.h,v 1.6 2024/08/26 13:52:56 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -49,6 +49,8 @@ struct knote; #define ENTROPY_HARDFAIL 0x04 void entropy_bootrequest(void); +void entropy_reset(void); +int entropy_gather(void); void entropy_consolidate(void); int entropy_consolidate_sig(void); unsig
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:52:56 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c src/sys/sys: entropy.h Log Message: entropy(9): Factor out subroutines to reset and gather entropy. `Reset' means we keep the data in the pool, but assume it had zero entropy. `Gather' means we request samples from all on-demand sources and wait for the synchronous ones to complete. No functional change intended, other than to expose new symbols -- just preparation to expose these to acpivmgenid(4), so it can use these when the VM host notifies us that we, the guest, have been cloned. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.69 -r1.70 src/sys/kern/kern_entropy.c cvs rdiff -u -r1.5 -r1.6 src/sys/sys/entropy.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:48:04 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c Log Message: kern.entropy.gather: Fail with EINTR on signal. Just don't throw away the error code we already have! PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.68 -r1.69 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.68 src/sys/kern/kern_entropy.c:1.69 --- src/sys/kern/kern_entropy.c:1.68 Mon Aug 26 13:47:52 2024 +++ src/sys/kern/kern_entropy.c Mon Aug 26 13:48:04 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.68 2024/08/26 13:47:52 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.69 2024/08/26 13:48:04 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.68 2024/08/26 13:47:52 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.69 2024/08/26 13:48:04 riastradh Exp $"); #include #include @@ -1450,7 +1450,7 @@ sysctl_entropy_gather(SYSCTLFN_ARGS) mutex_exit(&E->lock); } - return 0; + return error; } /*
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:48:04 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c Log Message: kern.entropy.gather: Fail with EINTR on signal. Just don't throw away the error code we already have! PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.68 -r1.69 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:47:52 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c Log Message: kern.entropy.consolidate, ioctl(RNDCTL): Fail with EINTR on signal. This can happen if another thread is currently running consolidation and has the entropy source lock held. Use the new function entropy_consolidate_sig to get at EINTR. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.67 src/sys/kern/kern_entropy.c:1.68 --- src/sys/kern/kern_entropy.c:1.67 Mon Aug 26 13:46:03 2024 +++ src/sys/kern/kern_entropy.c Mon Aug 26 13:47:52 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.67 2024/08/26 13:46:03 riastradh Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.68 2024/08/26 13:47:52 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.67 2024/08/26 13:46:03 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.68 2024/08/26 13:47:52 riastradh Exp $"); #include #include @@ -1420,7 +1420,7 @@ sysctl_entropy_consolidate(SYSCTLFN_ARGS if (error || newp == NULL) return error; if (arg) - entropy_consolidate(); + error = entropy_consolidate_sig(); return error; } @@ -2793,7 +2793,7 @@ entropy_ioctl(unsigned long cmd, void *d /* Enter the data and consolidate entropy. */ rnd_add_data(&seed_rndsource, rdata->data, rdata->len, entropybits); - entropy_consolidate(); + error = entropy_consolidate_sig(); break; } default:
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:47:52 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c Log Message: kern.entropy.consolidate, ioctl(RNDCTL): Fail with EINTR on signal. This can happen if another thread is currently running consolidation and has the entropy source lock held. Use the new function entropy_consolidate_sig to get at EINTR. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.67 -r1.68 src/sys/kern/kern_entropy.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:46:51 UTC 2024 Modified Files: src/sys/dev: random.c Log Message: /dev/random: Fix two signal bugs. 1. If a long write to /dev/random is interrupted by a signal, it may proceed to sleep on the entropy source lock instead of returning promptly. => Don't try to consolidate entropy if we've already been interrupted by a signal. 2. If a write to /dev/random is interrupted by a signal while sleeping on the entropy source lock, it may fail to report EINTR. => Pass through EINTR from entropy consolidation via new entropy_consolidate_sig function. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/sys/dev/random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/dev
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:46:51 UTC 2024 Modified Files: src/sys/dev: random.c Log Message: /dev/random: Fix two signal bugs. 1. If a long write to /dev/random is interrupted by a signal, it may proceed to sleep on the entropy source lock instead of returning promptly. => Don't try to consolidate entropy if we've already been interrupted by a signal. 2. If a write to /dev/random is interrupted by a signal while sleeping on the entropy source lock, it may fail to report EINTR. => Pass through EINTR from entropy consolidation via new entropy_consolidate_sig function. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.10 -r1.11 src/sys/dev/random.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/random.c diff -u src/sys/dev/random.c:1.10 src/sys/dev/random.c:1.11 --- src/sys/dev/random.c:1.10 Tue Dec 28 13:22:43 2021 +++ src/sys/dev/random.c Mon Aug 26 13:46:51 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: random.c,v 1.10 2021/12/28 13:22:43 riastradh Exp $ */ +/* $NetBSD: random.c,v 1.11 2024/08/26 13:46:51 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -47,7 +47,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: random.c,v 1.10 2021/12/28 13:22:43 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: random.c,v 1.11 2024/08/26 13:46:51 riastradh Exp $"); #include #include @@ -298,8 +298,8 @@ random_write(dev_t dev, struct uio *uio, kmem_free(buf, RANDOM_BUFSIZE); /* If we added anything, consolidate entropy now. */ - if (any) - entropy_consolidate(); + if (any && error == 0) + error = entropy_consolidate_sig(); return error; }
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:46:03 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c src/sys/sys: entropy.h Log Message: entropy(9): New function entropy_consolidate_sig. This is the same as entropy_consolidate, but it returns EINTR if interrupted by a signal and 0 otherwise. (entropy_consolidate can already be interrupted by a signal -- it just doesn't tell you if it was.) Eventually these will be merged into a single entropy_consolidate that returns the error code, but adding a new symbol first makes it safe for pullup-10. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.66 -r1.67 src/sys/kern/kern_entropy.c cvs rdiff -u -r1.4 -r1.5 src/sys/sys/entropy.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:46:03 UTC 2024 Modified Files: src/sys/kern: kern_entropy.c src/sys/sys: entropy.h Log Message: entropy(9): New function entropy_consolidate_sig. This is the same as entropy_consolidate, but it returns EINTR if interrupted by a signal and 0 otherwise. (entropy_consolidate can already be interrupted by a signal -- it just doesn't tell you if it was.) Eventually these will be merged into a single entropy_consolidate that returns the error code, but adding a new symbol first makes it safe for pullup-10. PR kern/58646: /dev/random, kern.entropy.*: signal bugs To generate a diff of this commit: cvs rdiff -u -r1.66 -r1.67 src/sys/kern/kern_entropy.c cvs rdiff -u -r1.4 -r1.5 src/sys/sys/entropy.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_entropy.c diff -u src/sys/kern/kern_entropy.c:1.66 src/sys/kern/kern_entropy.c:1.67 --- src/sys/kern/kern_entropy.c:1.66 Wed Oct 4 20:28:06 2023 +++ src/sys/kern/kern_entropy.c Mon Aug 26 13:46:03 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_entropy.c,v 1.66 2023/10/04 20:28:06 ad Exp $ */ +/* $NetBSD: kern_entropy.c,v 1.67 2024/08/26 13:46:03 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -77,7 +77,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.66 2023/10/04 20:28:06 ad Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_entropy.c,v 1.67 2024/08/26 13:46:03 riastradh Exp $"); #include #include @@ -1354,7 +1354,21 @@ entropy_notify(void) /* * entropy_consolidate() * - * Trigger entropy consolidation and wait for it to complete. + * Trigger entropy consolidation and wait for it to complete, or + * return early if interrupted by a signal. + */ +void +entropy_consolidate(void) +{ + + (void)entropy_consolidate_sig(); +} + +/* + * entropy_consolidate_sig() + * + * Trigger entropy consolidation and wait for it to complete, or + * return EINTR if interrupted by a signal. * * This should be used sparingly, not periodically -- requiring * conscious intervention by the operator or a clear policy @@ -1362,8 +1376,8 @@ entropy_notify(void) * when enough entropy has been gathered into per-CPU pools to * transition to full entropy. */ -void -entropy_consolidate(void) +int +entropy_consolidate_sig(void) { uint64_t ticket; int error; @@ -1381,6 +1395,8 @@ entropy_consolidate(void) break; } mutex_exit(&E->lock); + + return error; } /* Index: src/sys/sys/entropy.h diff -u src/sys/sys/entropy.h:1.4 src/sys/sys/entropy.h:1.5 --- src/sys/sys/entropy.h:1.4 Fri Aug 14 00:53:16 2020 +++ src/sys/sys/entropy.h Mon Aug 26 13:46:03 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: entropy.h,v 1.4 2020/08/14 00:53:16 riastradh Exp $ */ +/* $NetBSD: entropy.h,v 1.5 2024/08/26 13:46:03 riastradh Exp $ */ /*- * Copyright (c) 2019 The NetBSD Foundation, Inc. @@ -50,6 +50,7 @@ struct knote; void entropy_bootrequest(void); void entropy_consolidate(void); +int entropy_consolidate_sig(void); unsigned entropy_epoch(void); bool entropy_ready(void); int entropy_extract(void *, size_t, int);
CVS commit: src
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:38:29 UTC 2024 Modified Files: src/distrib/sets/lists/man: mi src/distrib/sets/lists/manhtml: mi src/distrib/sets/lists/modules: md.amd64 md.i386 src/share/man/man4: Makefile src/sys/arch/amd64/conf: ALL src/sys/arch/i386/conf: ALL src/sys/dev/acpi: files.acpi src/sys/modules: Makefile Added Files: src/share/man/man4: acpivmgenid.4 src/sys/dev/acpi: acpi_vmgenid.c src/sys/modules/acpivmgenid: Makefile acpivmgenid.ioconf Log Message: acpivmgenid(4): New driver for virtual machine generation ID. Added to amd64/ALL and i386/ALL kernel configurations, and made available as a loadable module acpivmgenid.kmod on x86, for now. TBD: Add to all ACPI-supporting GENERIC kernels. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.1785 -r1.1786 src/distrib/sets/lists/man/mi cvs rdiff -u -r1.7 -r1.8 src/distrib/sets/lists/manhtml/mi cvs rdiff -u -r1.102 -r1.103 src/distrib/sets/lists/modules/md.amd64 cvs rdiff -u -r1.99 -r1.100 src/distrib/sets/lists/modules/md.i386 cvs rdiff -u -r1.734 -r1.735 src/share/man/man4/Makefile cvs rdiff -u -r0 -r1.1 src/share/man/man4/acpivmgenid.4 cvs rdiff -u -r1.189 -r1.190 src/sys/arch/amd64/conf/ALL cvs rdiff -u -r1.520 -r1.521 src/sys/arch/i386/conf/ALL cvs rdiff -u -r0 -r1.1 src/sys/dev/acpi/acpi_vmgenid.c cvs rdiff -u -r1.132 -r1.133 src/sys/dev/acpi/files.acpi cvs rdiff -u -r1.291 -r1.292 src/sys/modules/Makefile cvs rdiff -u -r0 -r1.1 src/sys/modules/acpivmgenid/Makefile \ src/sys/modules/acpivmgenid/acpivmgenid.ioconf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/man/mi diff -u src/distrib/sets/lists/man/mi:1.1785 src/distrib/sets/lists/man/mi:1.1786 --- src/distrib/sets/lists/man/mi:1.1785 Mon Aug 19 15:04:05 2024 +++ src/distrib/sets/lists/man/mi Mon Aug 26 13:38:27 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.1785 2024/08/19 15:04:05 riastradh Exp $ +# $NetBSD: mi,v 1.1786 2024/08/26 13:38:27 riastradh Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. ./etc/mtree/set.manman-sys-root @@ -834,6 +834,7 @@ ./usr/share/man/cat4/acpismbus.0 man-sys-catman .cat ./usr/share/man/cat4/acpitz.0 man-sys-catman .cat ./usr/share/man/cat4/acpivga.0 man-sys-catman .cat +./usr/share/man/cat4/acpivmgenid.0 man-sys-catman .cat ./usr/share/man/cat4/acpiwdrt.0 man-sys-catman .cat ./usr/share/man/cat4/acpiwmi.0 man-sys-catman .cat ./usr/share/man/cat4/adb.0 man-sys-catman .cat @@ -4391,6 +4392,7 @@ ./usr/share/man/man4/acpismbus.4 man-sys-man .man ./usr/share/man/man4/acpitz.4 man-sys-man .man ./usr/share/man/man4/acpivga.4 man-sys-man .man +./usr/share/man/man4/acpivmgenid.4 man-sys-man .man ./usr/share/man/man4/acpiwdrt.4 man-sys-man .man ./usr/share/man/man4/acpiwmi.4 man-sys-man .man ./usr/share/man/man4/adb.4 man-sys-man .man Index: src/distrib/sets/lists/manhtml/mi diff -u src/distrib/sets/lists/manhtml/mi:1.7 src/distrib/sets/lists/manhtml/mi:1.8 --- src/distrib/sets/lists/manhtml/mi:1.7 Mon Aug 19 15:04:05 2024 +++ src/distrib/sets/lists/manhtml/mi Mon Aug 26 13:38:28 2024 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.7 2024/08/19 15:04:05 riastradh Exp $ +# $NetBSD: mi,v 1.8 2024/08/26 13:38:28 riastradh Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -755,6 +755,7 @@ ./usr/share/man/html4/acpismbus.html man-sys-htmlman html ./usr/share/man/html4/acpitz.html man-sys-htmlman html ./usr/share/man/html4/acpivga.html man-sys-htmlman html +./usr/share/man/html4/acpivmgenid.html man-sys-htmlman html ./usr/share/man/html4/acpiwdrt.html man-sys-htmlman html ./usr/share/man/html4/acpiwmi.html man-sys-htmlman html ./usr/share/man/html4/adb.html man-sys-htmlman html Index: src/distrib/sets/lists/modules/md.amd64 diff -u src/distrib/sets/lists/modules/md.amd64:1.102 src/distrib/sets/lists/modules/md.amd64:1.103 --- src/distrib/sets/lists/modules/md.amd64:1.102 Thu Mar 21 02:36:01 2024 +++ src/distrib/sets/lists/modules/md.amd64 Mon Aug 26 13:38:28 2024 @@ -1,4 +1,4 @@ -# $NetBSD: md.amd64,v 1.102 2024/03/21 02:36:01 riastradh Exp $ +# $NetBSD: md.amd64,v 1.103 2024/08/26 13:38:28 riastradh Exp $ # ./@MODULEDIR@/acpiacadmodules-base-kernel kmod ./@MODULEDIR@/acpiacad/acpiacad.kmod modules-base-kernel kmod @@ -24,6 +24,8 @@ ./@MODULEDIR@/acpiverbose/acpiverbose.kmod modules-base-kernel kmod ./@MODULEDIR@/acpivgamodules-base-kernel kmod ./@MODULEDIR@/acpivga/acpivga.kmod modules-base-kernel kmod +./@MODULEDIR@/acpivmgenid modules-base-kernel kmod +./@MODULEDIR@/acpivmgenid/acpivmgenid.kmod modules-base-kernel kmod ./@MODULEDIR@/acpiwdrtmodules-base-kernel kmod ./@MODULEDIR@/acpiwdrt/acpiwdrt
CVS commit: src
Module Name:src Committed By: riastradh Date: Mon Aug 26 13:38:29 UTC 2024 Modified Files: src/distrib/sets/lists/man: mi src/distrib/sets/lists/manhtml: mi src/distrib/sets/lists/modules: md.amd64 md.i386 src/share/man/man4: Makefile src/sys/arch/amd64/conf: ALL src/sys/arch/i386/conf: ALL src/sys/dev/acpi: files.acpi src/sys/modules: Makefile Added Files: src/share/man/man4: acpivmgenid.4 src/sys/dev/acpi: acpi_vmgenid.c src/sys/modules/acpivmgenid: Makefile acpivmgenid.ioconf Log Message: acpivmgenid(4): New driver for virtual machine generation ID. Added to amd64/ALL and i386/ALL kernel configurations, and made available as a loadable module acpivmgenid.kmod on x86, for now. TBD: Add to all ACPI-supporting GENERIC kernels. PR kern/58632: getentropy(2) and arc4random(3) do not reseed on VM fork To generate a diff of this commit: cvs rdiff -u -r1.1785 -r1.1786 src/distrib/sets/lists/man/mi cvs rdiff -u -r1.7 -r1.8 src/distrib/sets/lists/manhtml/mi cvs rdiff -u -r1.102 -r1.103 src/distrib/sets/lists/modules/md.amd64 cvs rdiff -u -r1.99 -r1.100 src/distrib/sets/lists/modules/md.i386 cvs rdiff -u -r1.734 -r1.735 src/share/man/man4/Makefile cvs rdiff -u -r0 -r1.1 src/share/man/man4/acpivmgenid.4 cvs rdiff -u -r1.189 -r1.190 src/sys/arch/amd64/conf/ALL cvs rdiff -u -r1.520 -r1.521 src/sys/arch/i386/conf/ALL cvs rdiff -u -r0 -r1.1 src/sys/dev/acpi/acpi_vmgenid.c cvs rdiff -u -r1.132 -r1.133 src/sys/dev/acpi/files.acpi cvs rdiff -u -r1.291 -r1.292 src/sys/modules/Makefile cvs rdiff -u -r0 -r1.1 src/sys/modules/acpivmgenid/Makefile \ src/sys/modules/acpivmgenid/acpivmgenid.ioconf Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sun Aug 25 01:14:01 UTC 2024 Modified Files: src/sys/kern: kern_heartbeat.c Log Message: heartbeat(9): Use the cheaper and equally safe time_uptime32. Since we cache this every 15sec, and check it within a tick, there's no way for this to wrap around without first triggering a heartbeat panic. So just use time_uptime32, the low 32 bits of the number of seconds of uptime -- cheaper on LP32 platforms. PR kern/58633: heartbeat(9) makes unnecessary use of time_uptime To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/kern/kern_heartbeat.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_heartbeat.c diff -u src/sys/kern/kern_heartbeat.c:1.13 src/sys/kern/kern_heartbeat.c:1.14 --- src/sys/kern/kern_heartbeat.c:1.13 Fri Mar 8 23:34:03 2024 +++ src/sys/kern/kern_heartbeat.c Sun Aug 25 01:14:01 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_heartbeat.c,v 1.13 2024/03/08 23:34:03 riastradh Exp $ */ +/* $NetBSD: kern_heartbeat.c,v 1.14 2024/08/25 01:14:01 riastradh Exp $ */ /*- * Copyright (c) 2023 The NetBSD Foundation, Inc. @@ -82,7 +82,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_heartbeat.c,v 1.13 2024/03/08 23:34:03 riastradh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_heartbeat.c,v 1.14 2024/08/25 01:14:01 riastradh Exp $"); #ifdef _KERNEL_OPT #include "opt_ddb.h" @@ -170,7 +170,7 @@ heartbeat_resume_cpu(struct cpu_info *ci /* XXX KASSERT IPL_SCHED */ ci->ci_heartbeat_count = 0; - ci->ci_heartbeat_uptime_cache = time_uptime; + ci->ci_heartbeat_uptime_cache = time_uptime32; ci->ci_heartbeat_uptime_stamp = 0; } @@ -283,7 +283,7 @@ set_max_period(unsigned max_period) /* * If we're enabling heartbeat checks, make sure we have a - * reasonably up-to-date time_uptime cache on all CPUs so we + * reasonably up-to-date time_uptime32 cache on all CPUs so we * don't think we had an instant heart attack. */ if (heartbeat_max_period_secs == 0 && max_period != 0) { @@ -406,7 +406,7 @@ static void heartbeat_intr(void *cookie) { unsigned count = atomic_load_relaxed(&curcpu()->ci_heartbeat_count); - unsigned uptime = time_uptime; + unsigned uptime = time_uptime32; atomic_store_relaxed(&curcpu()->ci_heartbeat_uptime_stamp, count); atomic_store_relaxed(&curcpu()->ci_heartbeat_uptime_cache, uptime); @@ -420,7 +420,15 @@ heartbeat_intr(void *cookie) void heartbeat_start(void) { - const unsigned max_period = HEARTBEAT_MAX_PERIOD_DEFAULT; + enum { max_period = HEARTBEAT_MAX_PERIOD_DEFAULT }; + + /* + * Ensure the maximum period is small enough that we never have + * to worry about 32-bit wraparound even if there's a lot of + * slop. (In fact this is required to be less than + * UINT_MAX/4/hz, but that's not a compile-time constant.) + */ + __CTASSERT(max_period < UINT_MAX/4); /* * Establish a softint so we can schedule it once ready. This @@ -433,7 +441,7 @@ heartbeat_start(void) /* * Now that the softint is established, kick off heartbeat * monitoring with the default period. This will initialize - * the per-CPU state to an up-to-date cache of time_uptime. + * the per-CPU state to an up-to-date cache of time_uptime32. */ mutex_enter(&heartbeat_lock); set_max_period(max_period); @@ -651,7 +659,7 @@ heartbeat(void) * changed, and stop here -- we only do the cross-CPU work once * per second. */ - uptime = time_uptime; + uptime = time_uptime32; cache = atomic_load_relaxed(&curcpu()->ci_heartbeat_uptime_cache); if (__predict_true(cache == uptime)) { /* @@ -661,7 +669,7 @@ heartbeat(void) * suspended too. * * Our own heartbeat count can't roll back, and - * time_uptime should be updated before it wraps + * time_uptime32 should be updated before it wraps * around, so d should never go negative; hence no * check for d < UINT_MAX/2. */ @@ -679,8 +687,10 @@ heartbeat(void) /* * If the uptime has changed, make sure that it hasn't changed * so much that softints must be stuck on this CPU. Since - * time_uptime is monotonic, this can't go negative, hence no - * check for d < UINT_MAX/2. + * time_uptime32 is monotonic and our cache of it is updated at + * most every UINT_MAX/4/hz sec (hence no concern about + * wraparound even after 68 or 136 years), this can't go + * negative, hence no check for d < UINT_MAX/2. * * This uses the hard timer interrupt handler on the current * CPU to ensure soft interrupts at all priority levels have
CVS commit: src/sys/kern
Module Name:src Committed By: riastradh Date: Sun Aug 25 01:14:01 UTC 2024 Modified Files: src/sys/kern: kern_heartbeat.c Log Message: heartbeat(9): Use the cheaper and equally safe time_uptime32. Since we cache this every 15sec, and check it within a tick, there's no way for this to wrap around without first triggering a heartbeat panic. So just use time_uptime32, the low 32 bits of the number of seconds of uptime -- cheaper on LP32 platforms. PR kern/58633: heartbeat(9) makes unnecessary use of time_uptime To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.14 src/sys/kern/kern_heartbeat.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/sys/arch/i386/stand/lib
Module Name:src Committed By: riastradh Date: Sat Aug 24 20:23:12 UTC 2024 Modified Files: src/sys/arch/i386/stand/lib: biosmemx.S bootinfo_memmap.c getextmemx.c Log Message: i386/stand/lib: Nix trailing whitespace and tidy comments a bit. No functional change intended. PR port-amd64/49470: NetBSD 7 BETA reboots after bootloader (HP 2133) To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/arch/i386/stand/lib/biosmemx.S cvs rdiff -u -r1.7 -r1.8 src/sys/arch/i386/stand/lib/bootinfo_memmap.c cvs rdiff -u -r1.11 -r1.12 src/sys/arch/i386/stand/lib/getextmemx.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/i386/stand/lib/biosmemx.S diff -u src/sys/arch/i386/stand/lib/biosmemx.S:1.12 src/sys/arch/i386/stand/lib/biosmemx.S:1.13 --- src/sys/arch/i386/stand/lib/biosmemx.S:1.12 Sat Aug 17 08:38:31 2024 +++ src/sys/arch/i386/stand/lib/biosmemx.S Sat Aug 24 20:23:11 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: biosmemx.S,v 1.12 2024/08/17 08:38:31 andvar Exp $ */ +/* $NetBSD: biosmemx.S,v 1.13 2024/08/24 20:23:11 riastradh Exp $ */ /* * Copyright (c) 1997, 1999 @@ -91,18 +91,23 @@ ENTRY(getextmem2) * buffer[2]: length (bytes) * buffer[4]: type * buffer[5]: ACPI 3.0 Extended Attributes bitfield (unused) + * * Some buggy BIOSes may write to 24 bytes even if only 20 were requested. * Therefore, the buffer is defined for 6 elements to avoid stack buffer * overruns. See PR install/49470. * - * More details can be found in the - * Advanced Configuration and Power Interface (ACPI) Specification, Release 6.5, - * 2022-08-29, UEFI Forum, Inc., - * Sec. 15.1 `INT 15H E820H - Query System Address Map', pp. 756-757 - * https://uefi.org/sites/default/files/resources/ACPI_Spec_6_5_Aug29.pdf#page=824 - * https://uefi.org/specs/ACPI/6.5/15_System_Address_Map_Interfaces.html#int-15h-e820h-query-system-address-map - * as well as OSDev.org wiki page - * https://wiki.osdev.org/Detecting_Memory_(x86)#BIOS_Function:_INT_0x15,_EAX_=_0xE820. + * More details can be found in the: + * + * Advanced Configuration and Power Interface (ACPI) + * Specification, Release 6.5, 2022-08-29, UEFI Forum, Inc., + * Sec. 15.1 `INT 15H E820H - Query System Address Map', + * pp. 756-757 + * https://uefi.org/sites/default/files/resources/ACPI_Spec_6_5_Aug29.pdf#page=824 + * https://uefi.org/specs/ACPI/6.5/15_System_Address_Map_Interfaces.html#int-15h-e820h-query-system-address-map + * + * as well as this OSDev.org wiki page: + * + * https://wiki.osdev.org/Detecting_Memory_(x86)#BIOS_Function:_INT_0x15,_EAX_=_0xE820 */ ENTRY(getmementry) pushl %ebp Index: src/sys/arch/i386/stand/lib/bootinfo_memmap.c diff -u src/sys/arch/i386/stand/lib/bootinfo_memmap.c:1.7 src/sys/arch/i386/stand/lib/bootinfo_memmap.c:1.8 --- src/sys/arch/i386/stand/lib/bootinfo_memmap.c:1.7 Sat Aug 17 08:38:31 2024 +++ src/sys/arch/i386/stand/lib/bootinfo_memmap.c Sat Aug 24 20:23:11 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: bootinfo_memmap.c,v 1.7 2024/08/17 08:38:31 andvar Exp $ */ +/* $NetBSD: bootinfo_memmap.c,v 1.8 2024/08/24 20:23:11 riastradh Exp $ */ /* * Copyright (c) 1999 @@ -37,9 +37,9 @@ extern int getmementry(int *, int *); void bi_getmemmap(void) { - /* - * Allocate 6 words, not 5, to work around buggy firmware -- see comment - * on getmementry in biosmemx.S. + /* + * Allocate 6 words, not 5, to work around buggy firmware -- + * see comment on getmementry in biosmemx.S. */ int buf[6], i, nranges, n; Index: src/sys/arch/i386/stand/lib/getextmemx.c diff -u src/sys/arch/i386/stand/lib/getextmemx.c:1.11 src/sys/arch/i386/stand/lib/getextmemx.c:1.12 --- src/sys/arch/i386/stand/lib/getextmemx.c:1.11 Sat Aug 17 08:38:31 2024 +++ src/sys/arch/i386/stand/lib/getextmemx.c Sat Aug 24 20:23:11 2024 @@ -1,4 +1,4 @@ -/* $NetBSD: getextmemx.c,v 1.11 2024/08/17 08:38:31 andvar Exp $ */ +/* $NetBSD: getextmemx.c,v 1.12 2024/08/24 20:23:11 riastradh Exp $ */ /* * Copyright (c) 1997, 1999 @@ -39,8 +39,8 @@ int getextmemx(void) { /* - * Allocate 6 words, not 5, to work around buggy firmware -- see comment - * on getmementry in biosmemx.S. + * Allocate 6 words, not 5, to work around buggy firmware -- + * see comment on getmementry in biosmemx.S. */ int buf[6], i; int extmem = getextmem1();
CVS commit: src/sys/arch/i386/stand/lib
Module Name:src Committed By: riastradh Date: Sat Aug 24 20:23:12 UTC 2024 Modified Files: src/sys/arch/i386/stand/lib: biosmemx.S bootinfo_memmap.c getextmemx.c Log Message: i386/stand/lib: Nix trailing whitespace and tidy comments a bit. No functional change intended. PR port-amd64/49470: NetBSD 7 BETA reboots after bootloader (HP 2133) To generate a diff of this commit: cvs rdiff -u -r1.12 -r1.13 src/sys/arch/i386/stand/lib/biosmemx.S cvs rdiff -u -r1.7 -r1.8 src/sys/arch/i386/stand/lib/bootinfo_memmap.c cvs rdiff -u -r1.11 -r1.12 src/sys/arch/i386/stand/lib/getextmemx.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
CVS commit: src/lib/libc/locale
Module Name:src Committed By: riastradh Date: Fri Aug 23 12:59:49 UTC 2024 Modified Files: src/lib/libc/locale: mbrtoc16.3 mbrtoc32.3 mbrtoc8.3 Log Message: mbrtoc8(3), mbrtoc16(3), mbrtoc32(3): Say 0 for zero code unit. Rather than deal with differences between C11 and C23 in notation, '\0' vs L'\0' vs u8'\0' vs u'\0' vs U'\0'. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/lib/libc/locale/mbrtoc16.3 cvs rdiff -u -r1.8 -r1.9 src/lib/libc/locale/mbrtoc32.3 cvs rdiff -u -r1.6 -r1.7 src/lib/libc/locale/mbrtoc8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/locale/mbrtoc16.3 diff -u src/lib/libc/locale/mbrtoc16.3:1.9 src/lib/libc/locale/mbrtoc16.3:1.10 --- src/lib/libc/locale/mbrtoc16.3:1.9 Sat Aug 17 12:37:05 2024 +++ src/lib/libc/locale/mbrtoc16.3 Fri Aug 23 12:59:49 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: mbrtoc16.3,v 1.9 2024/08/17 12:37:05 riastradh Exp $ +.\" $NetBSD: mbrtoc16.3,v 1.10 2024/08/23 12:59:49 riastradh Exp $ .\" .\" Copyright (c) 2024 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -245,8 +245,8 @@ while (n) { len = mbrtoc16(&c16, s, n, &mbs); switch (len) { -case 0: /* null terminator */ -assert(c16 == L'\e0'); +case 0: /* NUL terminator */ +assert(c16 == 0); goto out; default:/* scalar value or high surrogate */ printf("U+%04"PRIx16"\en", (uint16_t)c16); Index: src/lib/libc/locale/mbrtoc32.3 diff -u src/lib/libc/locale/mbrtoc32.3:1.8 src/lib/libc/locale/mbrtoc32.3:1.9 --- src/lib/libc/locale/mbrtoc32.3:1.8 Sat Aug 17 01:52:51 2024 +++ src/lib/libc/locale/mbrtoc32.3 Fri Aug 23 12:59:49 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: mbrtoc32.3,v 1.8 2024/08/17 01:52:51 riastradh Exp $ +.\" $NetBSD: mbrtoc32.3,v 1.9 2024/08/23 12:59:49 riastradh Exp $ .\" .\" Copyright (c) 2024 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -216,8 +216,8 @@ while (n) { len = mbrtoc32(&c32, s, n, &mbs); switch (len) { -case 0: /* null terminator */ -assert(c32 == L'\e0'); +case 0: /* NUL terminator */ +assert(c32 == 0); goto out; default:/* scalar value */ printf("U+%04"PRIx32"\en", (uint32_t)c32); Index: src/lib/libc/locale/mbrtoc8.3 diff -u src/lib/libc/locale/mbrtoc8.3:1.6 src/lib/libc/locale/mbrtoc8.3:1.7 --- src/lib/libc/locale/mbrtoc8.3:1.6 Sat Aug 17 12:37:29 2024 +++ src/lib/libc/locale/mbrtoc8.3 Fri Aug 23 12:59:49 2024 @@ -1,4 +1,4 @@ -.\" $NetBSD: mbrtoc8.3,v 1.6 2024/08/17 12:37:29 riastradh Exp $ +.\" $NetBSD: mbrtoc8.3,v 1.7 2024/08/23 12:59:49 riastradh Exp $ .\" .\" Copyright (c) 2024 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -244,8 +244,8 @@ while (n) { len = mbrtoc8(&c8, s, n, &mbs); switch (len) { -case 0: /* null terminator */ -assert(c8 == '\e0'); +case 0: /* NUL terminator */ +assert(c8 == 0); goto out; default:/* consumed input and yielded a byte c8 */ printf("0x%02hhx\en", c8);
CVS commit: src/lib/libc/locale
Module Name:src Committed By: riastradh Date: Fri Aug 23 12:59:49 UTC 2024 Modified Files: src/lib/libc/locale: mbrtoc16.3 mbrtoc32.3 mbrtoc8.3 Log Message: mbrtoc8(3), mbrtoc16(3), mbrtoc32(3): Say 0 for zero code unit. Rather than deal with differences between C11 and C23 in notation, '\0' vs L'\0' vs u8'\0' vs u'\0' vs U'\0'. To generate a diff of this commit: cvs rdiff -u -r1.9 -r1.10 src/lib/libc/locale/mbrtoc16.3 cvs rdiff -u -r1.8 -r1.9 src/lib/libc/locale/mbrtoc32.3 cvs rdiff -u -r1.6 -r1.7 src/lib/libc/locale/mbrtoc8.3 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.