CVS commit: src/sys
Module Name:src Committed By: christos Date: Sat Mar 31 23:12:01 UTC 2018 Modified Files: src/sys/kern: subr_log.c subr_prf.c src/sys/miscfs/kernfs: kernfs_vnops.c src/sys/sys: msgbuf.h Log Message: factor out some repeated code and simplify the logputchar function. To generate a diff of this commit: cvs rdiff -u -r1.56 -r1.57 src/sys/kern/subr_log.c cvs rdiff -u -r1.162 -r1.163 src/sys/kern/subr_prf.c cvs rdiff -u -r1.158 -r1.159 src/sys/miscfs/kernfs/kernfs_vnops.c cvs rdiff -u -r1.15 -r1.16 src/sys/sys/msgbuf.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/subr_log.c diff -u src/sys/kern/subr_log.c:1.56 src/sys/kern/subr_log.c:1.57 --- src/sys/kern/subr_log.c:1.56 Wed Oct 25 04:12:39 2017 +++ src/sys/kern/subr_log.c Sat Mar 31 19:12:01 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_log.c,v 1.56 2017/10/25 08:12:39 maya Exp $ */ +/* $NetBSD: subr_log.c,v 1.57 2018/03/31 23:12:01 christos Exp $ */ /*- * Copyright (c) 2007, 2008 The NetBSD Foundation, Inc. @@ -65,7 +65,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: subr_log.c,v 1.56 2017/10/25 08:12:39 maya Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_log.c,v 1.57 2018/03/31 23:12:01 christos Exp $"); #include #include @@ -382,6 +382,28 @@ logioctl(dev_t dev, u_long com, void *da return (0); } +static void +logskip(struct kern_msgbuf *mbp) +{ + /* + * Move forward read pointer to the next line + * in the buffer. Note that the buffer is + * a ring buffer so we should reset msg_bufr + * to 0 when msg_bufr exceeds msg_bufs. + * + * To prevent to loop forever, give up if we + * cannot find a newline in mbp->msg_bufs + * characters (the max size of the buffer). + */ + for (int i = 0; i < mbp->msg_bufs; i++) { + char c0 = mbp->msg_bufc[mbp->msg_bufr]; + if (++mbp->msg_bufr >= mbp->msg_bufs) + mbp->msg_bufr = 0; + if (c0 == '\n') + break; + } +} + void logputchar(int c) { @@ -389,48 +411,35 @@ logputchar(int c) if (!cold) mutex_spin_enter(_lock); - if (msgbufenabled) { - mbp = msgbufp; - if (mbp->msg_magic != MSG_MAGIC) { - /* - * Arguably should panic or somehow notify the - * user... but how? Panic may be too drastic, - * and would obliterate the message being kicked - * out (maybe a panic itself), and printf - * would invoke us recursively. Silently punt - * for now. If syslog is running, it should - * notice. - */ - msgbufenabled = 0; - } else { - mbp->msg_bufc[mbp->msg_bufx++] = c; - if (mbp->msg_bufx < 0 || mbp->msg_bufx >= mbp->msg_bufs) -mbp->msg_bufx = 0; - /* If the buffer is full, keep the most recent data. */ - if (mbp->msg_bufr == mbp->msg_bufx) { -char c0; -int i; - -/* - * Move forward read pointer to the next line - * in the buffer. Note that the buffer is - * a ring buffer so we should reset msg_bufr - * to 0 when msg_bufr exceeds msg_bufs. - * - * To prevent to loop forever, give up if we - * cannot find a newline in mbp->msg_bufs - * characters (the max size of the buffer). - */ -for (i = 0; i < mbp->msg_bufs; i++) { - c0 = mbp->msg_bufc[mbp->msg_bufr]; - if (++mbp->msg_bufr >= mbp->msg_bufs) - mbp->msg_bufr = 0; - if (c0 == '\n') - break; -} - } - } + + if (!msgbufenabled) + goto out; + + mbp = msgbufp; + if (mbp->msg_magic != MSG_MAGIC) { + /* + * Arguably should panic or somehow notify the + * user... but how? Panic may be too drastic, + * and would obliterate the message being kicked + * out (maybe a panic itself), and printf + * would invoke us recursively. Silently punt + * for now. If syslog is running, it should + * notice. + */ + msgbufenabled = 0; + goto out; + } + + mbp->msg_bufc[mbp->msg_bufx++] = c; + if (mbp->msg_bufx < 0 || mbp->msg_bufx >= mbp->msg_bufs) + mbp->msg_bufx = 0; + + /* If the buffer is full, keep the most recent data. */ + if (mbp->msg_bufr == mbp->msg_bufx) + logskip(mbp); + +out: if (!cold) mutex_spin_exit(_lock); } @@ -449,7 +458,7 @@ sysctl_msgbuf(SYSCTLFN_ARGS) extern kmutex_t log_lock; int error; - if (!msgbufenabled || msgbufp->msg_magic != MSG_MAGIC) { + if (!logenabled(msgbufp)) { msgbufenabled = 0; return (ENXIO); } Index: src/sys/kern/subr_prf.c diff -u src/sys/kern/subr_prf.c:1.162 src/sys/kern/subr_prf.c:1.163 --- src/sys/kern/subr_prf.c:1.162 Fri Oct 27 08:25:15 2017 +++ src/sys/kern/subr_prf.c Sat Mar 31 19:12:01 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: subr_prf.c,v 1.162 2017/10/27 12:25:15 joerg Exp $ */ +/* $NetBSD: subr_prf.c,v 1.163 2018/03/31 23:12:01 christos Exp $ */ /*- * Copyright (c) 1986, 1988, 1991, 1993 @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: subr_prf.c,v 1.162 2017/10/27 12:25:15 joerg Exp $"); +__KERNEL_RCSID(0, "$NetBSD: subr_prf.c,v 1.163 2018/03/31 23:12:01 christos Exp $"); #ifdef _KERNEL_OPT
CVS commit: src/sys/netipsec
Module Name:src Committed By: maxv Date: Sat Mar 31 19:27:14 UTC 2018 Modified Files: src/sys/netipsec: ipsec.c Log Message: typo in comments To generate a diff of this commit: cvs rdiff -u -r1.151 -r1.152 src/sys/netipsec/ipsec.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netipsec/ipsec.c diff -u src/sys/netipsec/ipsec.c:1.151 src/sys/netipsec/ipsec.c:1.152 --- src/sys/netipsec/ipsec.c:1.151 Sat Mar 3 09:54:55 2018 +++ src/sys/netipsec/ipsec.c Sat Mar 31 19:27:14 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec.c,v 1.151 2018/03/03 09:54:55 maxv Exp $ */ +/* $NetBSD: ipsec.c,v 1.152 2018/03/31 19:27:14 maxv Exp $ */ /* $FreeBSD: src/sys/netipsec/ipsec.c,v 1.2.2.2 2003/07/01 01:38:13 sam Exp $ */ /* $KAME: ipsec.c,v 1.103 2001/05/24 07:14:18 sakane Exp $ */ @@ -32,7 +32,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.151 2018/03/03 09:54:55 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipsec.c,v 1.152 2018/03/31 19:27:14 maxv Exp $"); /* * IPsec controller part. @@ -391,7 +391,7 @@ key_get_default_sp(int af, const char *w /* * For OUTBOUND packet having a socket. Searching SPD for packet, * and return a pointer to SP. - * OUT: NULL: no apropreate SP found, the following value is set to error. + * OUT: NULL: no appropriate SP found, the following value is set to error. * 0 : bypass * EACCES : discard packet. * ENOENT : ipsec_acquire() in progress, maybe. @@ -520,7 +520,7 @@ ipsec_getpolicybysock(struct mbuf *m, u_ * For FORWARDING packet or OUTBOUND without a socket. Searching SPD for packet, * and return a pointer to SP. * OUT: positive: a pointer to the entry for security policy leaf matched. - * NULL: no apropreate SP found, the following value is set to error. + * NULL: no appropriate SP found, the following value is set to error. * 0 : bypass * EACCES : discard packet. * ENOENT : ipsec_acquire() in progress, maybe.
CVS commit: src/sys/dev/pci
Module Name:src Committed By: sevan Date: Sat Mar 31 17:54:54 UTC 2018 Modified Files: src/sys/dev/pci: fwohci_pci.c Log Message: There was only one G3 PowerBook with Firewire support, the Pismo. Issue is not exclusive to the Pismo, confirmed on a G4 Titanium PowerBook. Chip is a Texas Instruments TSB41AB1. To generate a diff of this commit: cvs rdiff -u -r1.45 -r1.46 src/sys/dev/pci/fwohci_pci.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/fwohci_pci.c diff -u src/sys/dev/pci/fwohci_pci.c:1.45 src/sys/dev/pci/fwohci_pci.c:1.46 --- src/sys/dev/pci/fwohci_pci.c:1.45 Sat Mar 31 15:14:47 2018 +++ src/sys/dev/pci/fwohci_pci.c Sat Mar 31 17:54:53 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: fwohci_pci.c,v 1.45 2018/03/31 15:14:47 sevan Exp $ */ +/* $NetBSD: fwohci_pci.c,v 1.46 2018/03/31 17:54:53 sevan Exp $ */ /*- * Copyright (c) 2000 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: fwohci_pci.c,v 1.45 2018/03/31 15:14:47 sevan Exp $"); +__KERNEL_RCSID(0, "$NetBSD: fwohci_pci.c,v 1.46 2018/03/31 17:54:53 sevan Exp $"); #include #include @@ -75,9 +75,11 @@ fwohci_pci_match(device_t parent, cfdata /* * XXX - * Firewire controllers used in some G3 PowerBooks hang the system + * UniNorth Firewire controller commonly found in Pismo G3 PowerBooks, + * G4 Titanium PowerBooks and some iMac G3s, hang the system * when trying to discover devices - don't attach to those for now - * until someone with the right hardware can investigate + * until someone with the right hardware can investigate. + * These controllers are based on the Ti TSB41AB1 chipset. */ if ((PCI_VENDOR(pa->pa_id) == PCI_VENDOR_APPLE) && (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_APPLE_UNINORTH_FW))
CVS commit: src/sys/dev/ieee1394
Module Name:src Committed By: sevan Date: Sat Mar 31 14:50:45 UTC 2018 Modified Files: src/sys/dev/ieee1394: fwohcireg.h Log Message: Listed UniNorth device is in fact the UniNorth 2 interface, rename. https://pci-ids.ucw.cz/read/PC/106b/0031 To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.19 src/sys/dev/ieee1394/fwohcireg.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/ieee1394/fwohcireg.h diff -u src/sys/dev/ieee1394/fwohcireg.h:1.18 src/sys/dev/ieee1394/fwohcireg.h:1.19 --- src/sys/dev/ieee1394/fwohcireg.h:1.18 Mon Mar 29 03:05:27 2010 +++ src/sys/dev/ieee1394/fwohcireg.h Sat Mar 31 14:50:45 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: fwohcireg.h,v 1.18 2010/03/29 03:05:27 kiyohara Exp $ */ +/* $NetBSD: fwohcireg.h,v 1.19 2018/03/31 14:50:45 sevan Exp $ */ /*- * Copyright (c) 2003 Hidetoshi Shimokawa @@ -77,7 +77,7 @@ #define FW_DEVICE_R5C551 (0x0551 << 16) #define FW_DEVICE_R5C552 (0x0552 << 16) #define FW_DEVICE_PANGEA (0x0030 << 16) -#define FW_DEVICE_UNINORTH (0x0031 << 16) +#define FW_DEVICE_UNINORTH2 (0x0031 << 16) #define FW_DEVICE_AIC5800 (0x5800 << 16) #define FW_DEVICE_FW322 (0x5811 << 16) #define FW_DEVICE_7007 (0x7007 << 16)
CVS commit: src/sys/dev/pci
Module Name:src Committed By: sevan Date: Sat Mar 31 15:14:47 UTC 2018 Modified Files: src/sys/dev/pci: fwohci_pci.c Log Message: PG3_FW device has been renamed UNINORTH_FW in pcidevs. To generate a diff of this commit: cvs rdiff -u -r1.44 -r1.45 src/sys/dev/pci/fwohci_pci.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/fwohci_pci.c diff -u src/sys/dev/pci/fwohci_pci.c:1.44 src/sys/dev/pci/fwohci_pci.c:1.45 --- src/sys/dev/pci/fwohci_pci.c:1.44 Wed May 10 02:46:33 2017 +++ src/sys/dev/pci/fwohci_pci.c Sat Mar 31 15:14:47 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: fwohci_pci.c,v 1.44 2017/05/10 02:46:33 msaitoh Exp $ */ +/* $NetBSD: fwohci_pci.c,v 1.45 2018/03/31 15:14:47 sevan Exp $ */ /*- * Copyright (c) 2000 The NetBSD Foundation, Inc. @@ -30,7 +30,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: fwohci_pci.c,v 1.44 2017/05/10 02:46:33 msaitoh Exp $"); +__KERNEL_RCSID(0, "$NetBSD: fwohci_pci.c,v 1.45 2018/03/31 15:14:47 sevan Exp $"); #include #include @@ -80,7 +80,7 @@ fwohci_pci_match(device_t parent, cfdata * until someone with the right hardware can investigate */ if ((PCI_VENDOR(pa->pa_id) == PCI_VENDOR_APPLE) && - (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_APPLE_PBG3_FW)) + (PCI_PRODUCT(pa->pa_id) == PCI_PRODUCT_APPLE_UNINORTH_FW)) return 0; if (PCI_CLASS(pa->pa_class) == PCI_CLASS_SERIALBUS && PCI_SUBCLASS(pa->pa_class) == PCI_SUBCLASS_SERIALBUS_FIREWIRE &&
CVS commit: src/sys/dev/pci
Module Name:src Committed By: sevan Date: Sat Mar 31 14:39:47 UTC 2018 Modified Files: src/sys/dev/pci: pcidevs Log Message: What we have listed as the PowerBook G3 Firwire device is actually the UniNorth Firwire interface which is not exclusive to the PowerBook G3. It can be found in the G3 iMac DV for example http://dmesgd.nycbug.org/index.cgi?do=view=1124 Rename the PBG3_FW device UNINORTH_FW & set the previously listed UNINORTH_FW to UNINORTH2_FW which is what the device actually is. Verified using https://pci-ids.ucw.cz/read/PC/106b To generate a diff of this commit: cvs rdiff -u -r1.1322 -r1.1323 src/sys/dev/pci/pcidevs Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/dev/pci/pcidevs diff -u src/sys/dev/pci/pcidevs:1.1322 src/sys/dev/pci/pcidevs:1.1323 --- src/sys/dev/pci/pcidevs:1.1322 Mon Mar 26 02:56:45 2018 +++ src/sys/dev/pci/pcidevs Sat Mar 31 14:39:47 2018 @@ -1,4 +1,4 @@ -$NetBSD: pcidevs,v 1.1322 2018/03/26 02:56:45 msaitoh Exp $ +$NetBSD: pcidevs,v 1.1323 2018/03/31 14:39:47 sevan Exp $ /* * Copyright (c) 1995, 1996 Christopher G. Demetriou @@ -1150,7 +1150,7 @@ product APPLE OHARE 0x0007 OHare I/O Co product APPLE BANDIT2 0x0008 Bandit Host-PCI Bridge product APPLE HEATHROW 0x0010 Heathrow I/O Controller product APPLE PADDINGTON 0x0017 Paddington I/O Controller -product APPLE PBG3_FW 0x0018 PowerBook G3 Firewire +product APPLE UNINORTH_FW 0x0018 UniNorth Firewire product APPLE KEYLARGO_USB 0x0019 KeyLargo USB Controller product APPLE UNINORTH1 0x001e UniNorth Host-PCI Bridge product APPLE UNINORTH2 0x001f UniNorth Host-PCI Bridge @@ -1167,7 +1167,7 @@ product APPLE UNINORTH_AGP2 0x002d UniNo product APPLE UNINORTH3 0x002e UniNorth Host-PCI Bridge product APPLE UNINORTH4 0x002f UniNorth Host-PCI Bridge product APPLE PANGEA_FW 0x0030 Pangea Firewire -product APPLE UNINORTH_FW 0x0031 UniNorth Firewire +product APPLE UNINORTH2_FW 0x0031 UniNorth Firewire product APPLE GMAC3 0x0032 GMAC Ethernet product APPLE UNINORTH_ATA 0x0033 UniNorth ATA/100 Controller product APPLE UNINORTH_AGP3 0x0034 UniNorth AGP Bridge
CVS commit: src
Module Name:src Committed By: kamil Date: Sat Mar 31 14:24:54 UTC 2018 Modified Files: src/lib/libc: Makefile src/share/mk: bsd.own.mk Log Message: Drop the USE_LIBTRE build option libtre cannot be used any more as a replacement for regex(3). Tt does not build and the library development is stalled in upstream. Proposed on mailing list. Sponsored by To generate a diff of this commit: cvs rdiff -u -r1.169 -r1.170 src/lib/libc/Makefile cvs rdiff -u -r1.1051 -r1.1052 src/share/mk/bsd.own.mk Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libc/Makefile diff -u src/lib/libc/Makefile:1.169 src/lib/libc/Makefile:1.170 --- src/lib/libc/Makefile:1.169 Mon Jun 15 14:24:01 2015 +++ src/lib/libc/Makefile Sat Mar 31 14:24:54 2018 @@ -1,4 +1,4 @@ -# $NetBSD: Makefile,v 1.169 2015/06/15 14:24:01 christos Exp $ +# $NetBSD: Makefile,v 1.170 2018/03/31 14:24:54 kamil Exp $ # @(#)Makefile 8.2 (Berkeley) 2/3/94 # # All library objects contain sccsid strings by default; they may be @@ -76,11 +76,7 @@ CPPFLAGS+= -D__BUILD_LEGACY .include "${.CURDIR}/net/Makefile.inc" .include "${.CURDIR}/nameser/Makefile.inc" .include "${.CURDIR}/nls/Makefile.inc" -.if (${USE_LIBTRE} == "yes") -.include "${NETBSDSRCDIR}/external/bsd/tre/Makefile.inc" -.else .include "${.CURDIR}/regex/Makefile.inc" -.endif .include "${.CURDIR}/resolv/Makefile.inc" .include "${.CURDIR}/rpc/Makefile.inc" .include "${.CURDIR}/ssp/Makefile.inc" Index: src/share/mk/bsd.own.mk diff -u src/share/mk/bsd.own.mk:1.1051 src/share/mk/bsd.own.mk:1.1052 --- src/share/mk/bsd.own.mk:1.1051 Thu Mar 15 13:44:45 2018 +++ src/share/mk/bsd.own.mk Sat Mar 31 14:24:54 2018 @@ -1,4 +1,4 @@ -# $NetBSD: bsd.own.mk,v 1.1051 2018/03/15 13:44:45 christos Exp $ +# $NetBSD: bsd.own.mk,v 1.1052 2018/03/31 14:24:54 kamil Exp $ # This needs to be before bsd.init.mk .if defined(BSD_MK_COMPAT_FILE) @@ -1339,7 +1339,7 @@ ${var}?= yes # USE_* options which default to "no". # # For now, disable pigz as compressor by default -.for var in USE_PIGZGZIP USE_LIBTRE +.for var in USE_PIGZGZIP ${var}?= no .endfor
CVS commit: [pgoyette-compat] src/sys/compat/common
Module Name:src Committed By: pgoyette Date: Sat Mar 31 11:45:33 UTC 2018 Modified Files: src/sys/compat/common [pgoyette-compat]: vfs_syscalls_43.c Log Message: Only need to #include sysctl.h once To generate a diff of this commit: cvs rdiff -u -r1.62 -r1.62.2.1 src/sys/compat/common/vfs_syscalls_43.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/common/vfs_syscalls_43.c diff -u src/sys/compat/common/vfs_syscalls_43.c:1.62 src/sys/compat/common/vfs_syscalls_43.c:1.62.2.1 --- src/sys/compat/common/vfs_syscalls_43.c:1.62 Sun Dec 3 15:23:30 2017 +++ src/sys/compat/common/vfs_syscalls_43.c Sat Mar 31 11:45:33 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: vfs_syscalls_43.c,v 1.62 2017/12/03 15:23:30 christos Exp $ */ +/* $NetBSD: vfs_syscalls_43.c,v 1.62.2.1 2018/03/31 11:45:33 pgoyette Exp $ */ /* * Copyright (c) 1989, 1993 @@ -37,7 +37,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_43.c,v 1.62 2017/12/03 15:23:30 christos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: vfs_syscalls_43.c,v 1.62.2.1 2018/03/31 11:45:33 pgoyette Exp $"); #if defined(_KERNEL_OPT) #include "opt_compat_netbsd.h" @@ -62,7 +62,6 @@ __KERNEL_RCSID(0, "$NetBSD: vfs_syscalls #include #include #include -#include #include #include
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: bouyer Date: Sat Mar 31 11:22:06 UTC 2018 Modified Files: src/doc [netbsd-8]: CHANGES-8.0 Log Message: Better entry for 659 To generate a diff of this commit: cvs rdiff -u -r1.1.2.157 -r1.1.2.158 src/doc/CHANGES-8.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.0 diff -u src/doc/CHANGES-8.0:1.1.2.157 src/doc/CHANGES-8.0:1.1.2.158 --- src/doc/CHANGES-8.0:1.1.2.157 Sat Mar 31 11:21:10 2018 +++ src/doc/CHANGES-8.0 Sat Mar 31 11:22:06 2018 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-8.0,v 1.1.2.157 2018/03/31 11:21:10 bouyer Exp $ +# $NetBSD: CHANGES-8.0,v 1.1.2.158 2018/03/31 11:22:06 bouyer Exp $ A complete list of changes from the initial NetBSD 8.0 branch on 2017-06-04 until the 8.0 release: @@ -10739,7 +10739,7 @@ sys/arch/x86/include/specialreg.h 1.115 lib/libm/src/s_scalbn.c1.19 - Add missing alias for ldexpl on ! __HAVE_LONG_DOUBLE architectures. - Pointed out by Hal Murray on port-arm. + Add ldexpl(3) for architectures where double has the same + size as long double. [martin, ticket #659]
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: bouyer Date: Sat Mar 31 11:21:10 UTC 2018 Modified Files: src/doc [netbsd-8]: CHANGES-8.0 Log Message: ticket 659 To generate a diff of this commit: cvs rdiff -u -r1.1.2.156 -r1.1.2.157 src/doc/CHANGES-8.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.0 diff -u src/doc/CHANGES-8.0:1.1.2.156 src/doc/CHANGES-8.0:1.1.2.157 --- src/doc/CHANGES-8.0:1.1.2.156 Sat Mar 31 10:52:34 2018 +++ src/doc/CHANGES-8.0 Sat Mar 31 11:21:10 2018 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-8.0,v 1.1.2.156 2018/03/31 10:52:34 martin Exp $ +# $NetBSD: CHANGES-8.0,v 1.1.2.157 2018/03/31 11:21:10 bouyer Exp $ A complete list of changes from the initial NetBSD 8.0 branch on 2017-06-04 until the 8.0 release: @@ -10737,3 +10737,9 @@ sys/arch/x86/include/specialreg.h 1.115 Add various spectre/meltdown related cpu MSRs and bits. [maxv, ticket #678] +lib/libm/src/s_scalbn.c1.19 + + Add missing alias for ldexpl on ! __HAVE_LONG_DOUBLE architectures. + Pointed out by Hal Murray on port-arm. + [martin, ticket #659] +
CVS commit: [netbsd-8] src/lib/libm/src
Module Name:src Committed By: bouyer Date: Sat Mar 31 11:20:46 UTC 2018 Modified Files: src/lib/libm/src [netbsd-8]: s_scalbn.c Log Message: Pull up following revision(s) (requested by martin in ticket #659): lib/libm/src/s_scalbn.c: revision 1.19 Add missing alias for ldexpl on ! __HAVE_LONG_DOUBLE architectures. Pointed out by Hal Murray on port-arm. To generate a diff of this commit: cvs rdiff -u -r1.18 -r1.18.20.1 src/lib/libm/src/s_scalbn.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/lib/libm/src/s_scalbn.c diff -u src/lib/libm/src/s_scalbn.c:1.18 src/lib/libm/src/s_scalbn.c:1.18.20.1 --- src/lib/libm/src/s_scalbn.c:1.18 Mon May 20 19:40:09 2013 +++ src/lib/libm/src/s_scalbn.c Sat Mar 31 11:20:46 2018 @@ -12,7 +12,7 @@ #include #if defined(LIBM_SCCS) && !defined(lint) -__RCSID("$NetBSD: s_scalbn.c,v 1.18 2013/05/20 19:40:09 joerg Exp $"); +__RCSID("$NetBSD: s_scalbn.c,v 1.18.20.1 2018/03/31 11:20:46 bouyer Exp $"); #endif /* @@ -35,6 +35,7 @@ __strong_alias(_scalbnl, _scalbn) __strong_alias(_scalblnl, _scalbln) __weak_alias(scalbnl, _scalbnl) __weak_alias(scalblnl, _scalblnl) +__weak_alias(ldexpl, _scalblnl) #endif #ifdef __weak_alias
CVS commit: [netbsd-8] src/doc
Module Name:src Committed By: martin Date: Sat Mar 31 10:52:35 UTC 2018 Modified Files: src/doc [netbsd-8]: CHANGES-8.0 Log Message: Tickets #665, #674 - #678 To generate a diff of this commit: cvs rdiff -u -r1.1.2.155 -r1.1.2.156 src/doc/CHANGES-8.0 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/doc/CHANGES-8.0 diff -u src/doc/CHANGES-8.0:1.1.2.155 src/doc/CHANGES-8.0:1.1.2.156 --- src/doc/CHANGES-8.0:1.1.2.155 Fri Mar 30 12:11:07 2018 +++ src/doc/CHANGES-8.0 Sat Mar 31 10:52:34 2018 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-8.0,v 1.1.2.155 2018/03/30 12:11:07 martin Exp $ +# $NetBSD: CHANGES-8.0,v 1.1.2.156 2018/03/31 10:52:34 martin Exp $ A complete list of changes from the initial NetBSD 8.0 branch on 2017-06-04 until the 8.0 release: @@ -10632,6 +10632,15 @@ sys/netinet6/dest6.c1.21 Fix the calculation of the ICMP6 error pointer. [maxv, ticket #664] +sys/netinet6/icmp6.c1.215 + + Remove the (disabled) IPPROTO_ESP check. + Memory leaks in icmp6_error2. + Fix miscomputation in _icmp6_input, the ICMP6 header is not guaranteed + to be located right after the IP6 header. + Memory leak in _icmp6_input. + [maxv, ticket #665] + sys/netinet6/raw_ip6.c1.161 Fix use-after-free. @@ -10699,3 +10708,32 @@ sys/dev/pci/ixgbe/ixv.c1.88-1.89 - Whitespace fix. [msaitoh, ticket #673] +share/man/man4/man4.macppc/snapper.4 1.5 + + Add email addresses to author names. + Remove obsolete bug section. + [sevan, ticket #674] + +sys/netinet/ip_icmp.c1.168 + + Fix a possible buffer overflow in the IPv4 _ctlinput functions. + [maxv, ticket #675] + +sys/netinet/in_proto.c1.127 +sys/netinet6/in6_proto.c 1.122 + + Add the PR_LASTHDR flag on the PFsync and CARP entries. Otherwise a + "require" IPsec policy is not enforced on them, and unauthenticated + packets will be accepted. + [maxv, ticket #676] + +sys/netipsec/ipsec_input.c 1.55 + + Fix the iteration over IPPROTO_FRAGMENT options. + [maxv, ticket #677] + +sys/arch/x86/include/specialreg.h 1.115-1.117,1.120 + + Add various spectre/meltdown related cpu MSRs and bits. + [maxv, ticket #678] +
CVS commit: [netbsd-8] src/sys/arch/x86/include
Module Name:src Committed By: martin Date: Sat Mar 31 10:51:05 UTC 2018 Modified Files: src/sys/arch/x86/include [netbsd-8]: specialreg.h Log Message: Pull up following revision(s) (requested by maxv in ticket #678): sys/arch/x86/include/specialreg.h: revision 1.115-1.117,1.120 Add IC_CFG.DIS_IND: "Disable Indirect Branch Predictor". Available (at least) on AMD Families 10h, 12h and 16h. Add the IBRS and STIBP MSRs. ... and also add IBPB ... Add RDCL_NO and IBRS_ALL. To generate a diff of this commit: cvs rdiff -u -r1.98.2.2 -r1.98.2.3 src/sys/arch/x86/include/specialreg.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/include/specialreg.h diff -u src/sys/arch/x86/include/specialreg.h:1.98.2.2 src/sys/arch/x86/include/specialreg.h:1.98.2.3 --- src/sys/arch/x86/include/specialreg.h:1.98.2.2 Fri Mar 16 13:05:31 2018 +++ src/sys/arch/x86/include/specialreg.h Sat Mar 31 10:51:05 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: specialreg.h,v 1.98.2.2 2018/03/16 13:05:31 martin Exp $ */ +/* $NetBSD: specialreg.h,v 1.98.2.3 2018/03/31 10:51:05 martin Exp $ */ /*- * Copyright (c) 1991 The Regents of the University of California. @@ -630,7 +630,10 @@ #define MSR_EBC_FREQUENCY_ID 0x02c /* PIV only */ #define MSR_TEST_CTL 0x033 #define MSR_IA32_SPEC_CTRL 0x048 +#define IA32_SPEC_CTRL_IBRS 0x01 +#define IA32_SPEC_CTRL_STIBP 0x02 #define MSR_IA32_PRED_CMD 0x049 +#define IA32_PRED_CMD_IBPB 0x01 #define MSR_BIOS_UPDT_TRIG 0x079 #define MSR_BBL_CR_D0 0x088 /* PII+ only */ #define MSR_BBL_CR_D1 0x089 /* PII+ only */ @@ -644,6 +647,8 @@ #define MSR_IA32_EXT_CONFIG 0x0ee /* Undocumented. Core Solo/Duo only */ #define MSR_MTRRcap 0x0fe #define MSR_IA32_ARCH_CAPABILITIES 0x10a +#define IA32_ARCH_RDCL_NO 0x01 +#define IA32_ARCH_IBRS_ALL 0x02 #define MSR_BBL_CR_ADDR 0x116 /* PII+ only */ #define MSR_BBL_CR_DECC 0x118 /* PII+ only */ #define MSR_BBL_CR_CTL 0x119 /* PII+ only */ @@ -842,6 +847,7 @@ #define MSR_IC_CFG 0xc0011021 #define IC_CFG_DIS_SEQ_PREFETCH 0x0800 +#define IC_CFG_DIS_IND 0x4000 #define MSR_DC_CFG 0xc0011022 #define DC_CFG_DIS_CNV_WC_SSO 0x0008
CVS commit: [netbsd-8] src/sys/netipsec
Module Name:src Committed By: martin Date: Sat Mar 31 10:46:20 UTC 2018 Modified Files: src/sys/netipsec [netbsd-8]: ipsec_input.c Log Message: Pull up following revision(s) (requested by maxv in ticket #677): sys/netipsec/ipsec_input.c: revision 1.55 Fix the iteration: IPPROTO_FRAGMENT options are special, in the sense that they don't have a 'length' field. It is therefore incorrect to read ip6e.ip6e_len, it contains garbage. I'm not sure whether this an exploitable vulnerability. Because of this bug you could theoretically craft 'protoff', which means that you can have the kernel patch the nxt value at the wrong place once the packet is decrypted. Perhaps it can be used in some unusual MITM - a router that happens to be between two IPsec hosts adds a frag6 option in the outer IPv6 header to trigger the bug in the receiver -, but I couldn't come up with anything worrying. To generate a diff of this commit: cvs rdiff -u -r1.43.2.4 -r1.43.2.5 src/sys/netipsec/ipsec_input.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netipsec/ipsec_input.c diff -u src/sys/netipsec/ipsec_input.c:1.43.2.4 src/sys/netipsec/ipsec_input.c:1.43.2.5 --- src/sys/netipsec/ipsec_input.c:1.43.2.4 Fri Mar 30 11:45:58 2018 +++ src/sys/netipsec/ipsec_input.c Sat Mar 31 10:46:20 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ipsec_input.c,v 1.43.2.4 2018/03/30 11:45:58 martin Exp $ */ +/* $NetBSD: ipsec_input.c,v 1.43.2.5 2018/03/31 10:46:20 martin Exp $ */ /* $FreeBSD: /usr/local/www/cvsroot/FreeBSD/src/sys/netipsec/ipsec_input.c,v 1.2.4.2 2003/03/28 20:32:53 sam Exp $ */ /* $OpenBSD: ipsec_input.c,v 1.63 2003/02/20 18:35:43 deraadt Exp $ */ @@ -39,7 +39,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.43.2.4 2018/03/30 11:45:58 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ipsec_input.c,v 1.43.2.5 2018/03/31 10:46:20 martin Exp $"); /* * IPsec input processing. @@ -507,6 +507,8 @@ ipsec6_common_input(struct mbuf **mp, in if (nxt == IPPROTO_AH) l = (ip6e.ip6e_len + 2) << 2; + else if (nxt == IPPROTO_FRAGMENT) +l = sizeof(struct ip6_frag); else l = (ip6e.ip6e_len + 1) << 3; KASSERT(l > 0);
CVS commit: [netbsd-8] src/sys
Module Name:src Committed By: martin Date: Sat Mar 31 10:41:06 UTC 2018 Modified Files: src/sys/netinet [netbsd-8]: in_proto.c src/sys/netinet6 [netbsd-8]: in6_proto.c Log Message: Pull up following revision(s) (requested by maxv in ticket #676): sys/netinet/in_proto.c: revision 1.127 sys/netinet6/in6_proto.c: revision 1.122 Add the PR_LASTHDR flag on the PFsync and CARP entries. Otherwise a "require" IPsec policy is not enforced on them, and unauthenticated packets will be accepted. Tested with a require-AH configuration. Sent on tech-net@, no comment. To generate a diff of this commit: cvs rdiff -u -r1.123.4.2 -r1.123.4.3 src/sys/netinet/in_proto.c cvs rdiff -u -r1.117.4.3 -r1.117.4.4 src/sys/netinet6/in6_proto.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netinet/in_proto.c diff -u src/sys/netinet/in_proto.c:1.123.4.2 src/sys/netinet/in_proto.c:1.123.4.3 --- src/sys/netinet/in_proto.c:1.123.4.2 Tue Oct 24 08:55:55 2017 +++ src/sys/netinet/in_proto.c Sat Mar 31 10:41:06 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: in_proto.c,v 1.123.4.2 2017/10/24 08:55:55 snj Exp $ */ +/* $NetBSD: in_proto.c,v 1.123.4.3 2018/03/31 10:41:06 martin Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -61,7 +61,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: in_proto.c,v 1.123.4.2 2017/10/24 08:55:55 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: in_proto.c,v 1.123.4.3 2018/03/31 10:41:06 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_mrouting.h" @@ -432,7 +432,7 @@ const struct protosw inetsw[] = { { .pr_type = SOCK_RAW, .pr_domain = , .pr_protocol = IPPROTO_CARP, - .pr_flags = PR_ATOMIC|PR_ADDR, + .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = carp_proto_input, .pr_ctloutput = rip_ctloutput, .pr_usrreqs = _usrreqs, @@ -453,7 +453,7 @@ const struct protosw inetsw[] = { { .pr_type = SOCK_RAW, .pr_domain = , .pr_protocol = IPPROTO_PFSYNC, - .pr_flags = PR_ATOMIC|PR_ADDR, + .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = pfsync_input, .pr_ctloutput = rip_ctloutput, .pr_usrreqs = _usrreqs, Index: src/sys/netinet6/in6_proto.c diff -u src/sys/netinet6/in6_proto.c:1.117.4.3 src/sys/netinet6/in6_proto.c:1.117.4.4 --- src/sys/netinet6/in6_proto.c:1.117.4.3 Fri Mar 30 12:01:30 2018 +++ src/sys/netinet6/in6_proto.c Sat Mar 31 10:41:06 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: in6_proto.c,v 1.117.4.3 2018/03/30 12:01:30 martin Exp $ */ +/* $NetBSD: in6_proto.c,v 1.117.4.4 2018/03/31 10:41:06 martin Exp $ */ /* $KAME: in6_proto.c,v 1.66 2000/10/10 15:35:47 itojun Exp $ */ /* @@ -62,7 +62,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: in6_proto.c,v 1.117.4.3 2018/03/30 12:01:30 martin Exp $"); +__KERNEL_RCSID(0, "$NetBSD: in6_proto.c,v 1.117.4.4 2018/03/31 10:41:06 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_gateway.h" @@ -453,7 +453,7 @@ const struct ip6protosw inet6sw[] = { { .pr_type = SOCK_RAW, .pr_domain = , .pr_protocol = IPPROTO_CARP, - .pr_flags = PR_ATOMIC|PR_ADDR, + .pr_flags = PR_ATOMIC|PR_ADDR|PR_LASTHDR, .pr_input = carp6_proto_input, .pr_ctloutput = rip6_ctloutput, .pr_usrreqs = _usrreqs,
CVS commit: [netbsd-8] src/sys/netinet
Module Name:src Committed By: martin Date: Sat Mar 31 10:38:53 UTC 2018 Modified Files: src/sys/netinet [netbsd-8]: ip_icmp.c Log Message: Pull up following revision(s) (requested by maxv in ticket #675): sys/netinet/ip_icmp.c: revision 1.168 Fix a possible buffer overflow in the IPv4 _ctlinput functions. In _icmp_input we are guaranteeing that the ICMP_ADVLENMIN-byte area starting from 'icp' is contiguous. ICMP_ADVLENMIN = 8 + sizeof(struct ip) + 8 = 36 But the _ctlinput functions (eg udp_ctlinput) expect the area to be larger. These functions read at: (uint8_t *)icp + 8 + (icp->icmp_ip.ip_hl << 2) which can be crafted to be: (uint8_t *)icp + 68 So we end up reading 'icp+68' while the valid area ended at 'icp+36'. Having said that, it seems pretty complicated to trigger this bug; it would have to be a fragmented packet with half of the ICMP header in the first fragment, and we would need to have a driver that did not allocate a cluster for the first mbuf of the chain. The check of icmplen against ICMP_ADVLEN(icp) was not sufficient: while it did guarantee that the ICMP header fit the chain, it did not guarantee that it fit 'm'. Fix this bug by pulling up to hlen+ICMP_ADVLEN(icp). No need to log an error. Rebase the pointers afterwards. To generate a diff of this commit: cvs rdiff -u -r1.161 -r1.161.6.1 src/sys/netinet/ip_icmp.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netinet/ip_icmp.c diff -u src/sys/netinet/ip_icmp.c:1.161 src/sys/netinet/ip_icmp.c:1.161.6.1 --- src/sys/netinet/ip_icmp.c:1.161 Fri Mar 31 06:49:44 2017 +++ src/sys/netinet/ip_icmp.c Sat Mar 31 10:38:53 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: ip_icmp.c,v 1.161 2017/03/31 06:49:44 ozaki-r Exp $ */ +/* $NetBSD: ip_icmp.c,v 1.161.6.1 2018/03/31 10:38:53 martin Exp $ */ /* * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. @@ -94,7 +94,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: ip_icmp.c,v 1.161 2017/03/31 06:49:44 ozaki-r Exp $"); +__KERNEL_RCSID(0, "$NetBSD: ip_icmp.c,v 1.161.6.1 2018/03/31 10:38:53 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_ipsec.h" @@ -541,6 +541,14 @@ _icmp_input(struct mbuf *m, int hlen, in ICMP_STATINC(ICMP_STAT_BADLEN); goto freeit; } + if (m->m_len < hlen + ICMP_ADVLEN(icp)) { + m = m_pullup(m, hlen + ICMP_ADVLEN(icp)); + if (m == NULL) +goto freeit; + } + ip = mtod(m, struct ip *); + icp = (struct icmp *)(mtod(m, uint8_t *) + hlen); + if (IN_MULTICAST(icp->icmp_ip.ip_dst.s_addr)) goto badcode; #ifdef ICMPPRINTFS
CVS commit: [netbsd-8] src/share/man/man4/man4.macppc
Module Name:src Committed By: martin Date: Sat Mar 31 10:32:05 UTC 2018 Modified Files: src/share/man/man4/man4.macppc [netbsd-8]: snapper.4 Log Message: Pull up following revision(s) (requested by sevan in ticket #674): share/man/man4/man4.macppc/snapper.4: revision 1.5 Add email addresses to author names. snapper(4) was enabled by default in r1.208 of GENERIC over 12 years ago, drop the bugs section about needing more testing. To generate a diff of this commit: cvs rdiff -u -r1.4 -r1.4.4.1 src/share/man/man4/man4.macppc/snapper.4 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/share/man/man4/man4.macppc/snapper.4 diff -u src/share/man/man4/man4.macppc/snapper.4:1.4 src/share/man/man4/man4.macppc/snapper.4:1.4.4.1 --- src/share/man/man4/man4.macppc/snapper.4:1.4 Fri Feb 17 22:24:47 2017 +++ src/share/man/man4/man4.macppc/snapper.4 Sat Mar 31 10:32:05 2018 @@ -1,4 +1,4 @@ -.\" $NetBSD: snapper.4,v 1.4 2017/02/17 22:24:47 christos Exp $ +.\" $NetBSD: snapper.4,v 1.4.4.1 2018/03/31 10:32:05 martin Exp $ .\" .\" Copyright (c) 2006 The NetBSD Foundation, Inc. .\" All rights reserved. @@ -24,7 +24,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE .\" POSSIBILITY OF SUCH DAMAGE. .\" -.Dd February 17, 2017 +.Dd March 30, 2018 .Dt SNAPPER 4 macppc .Os .Sh NAME @@ -63,8 +63,6 @@ device driver appeared in The .Nm driver was written by -.An Tsubai Masanari +.An Tsubai Masanari Aq Mt tsu...@netbsd.org with modifications by -.An Jared D. McNeill . -.Sh BUGS -This driver needs more testing. +.An Jared D. McNeill Aq Mt jmcne...@netbsd.org .
CVS commit: [netbsd-8] src/sys/netinet6
Module Name:src Committed By: martin Date: Sat Mar 31 10:27:40 UTC 2018 Modified Files: src/sys/netinet6 [netbsd-8]: icmp6.c Log Message: Pull up following revision(s) (requested by maxv in ticket #665): sys/netinet6/icmp6.c: revision 1.215 Style, and four fixes: * Remove the (disabled) IPPROTO_ESP check. If the packet was decrypted it will have M_DECRYPTED, and this is already checked. * Memory leaks in icmp6_error2. They seem hardly triggerable. * Fix miscomputation in _icmp6_input, the ICMP6 header is not guaranteed to be located right after the IP6 header. ok mlelstv@ * Memory leak in _icmp6_input. This one seems to be impossible to trigger. To generate a diff of this commit: cvs rdiff -u -r1.211.6.3 -r1.211.6.4 src/sys/netinet6/icmp6.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/netinet6/icmp6.c diff -u src/sys/netinet6/icmp6.c:1.211.6.3 src/sys/netinet6/icmp6.c:1.211.6.4 --- src/sys/netinet6/icmp6.c:1.211.6.3 Wed Nov 8 22:24:55 2017 +++ src/sys/netinet6/icmp6.c Sat Mar 31 10:27:40 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: icmp6.c,v 1.211.6.3 2017/11/08 22:24:55 snj Exp $ */ +/* $NetBSD: icmp6.c,v 1.211.6.4 2018/03/31 10:27:40 martin Exp $ */ /* $KAME: icmp6.c,v 1.217 2001/06/20 15:03:29 jinmei Exp $ */ /* @@ -62,7 +62,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.211.6.3 2017/11/08 22:24:55 snj Exp $"); +__KERNEL_RCSID(0, "$NetBSD: icmp6.c,v 1.211.6.4 2018/03/31 10:27:40 martin Exp $"); #ifdef _KERNEL_OPT #include "opt_inet.h" @@ -292,8 +292,7 @@ icmp6_error2(struct mbuf *m, int type, i { struct ip6_hdr *ip6; - if (ifp == NULL) - return; + KASSERT(ifp != NULL); if (m->m_len < sizeof(struct ip6_hdr)) { m = m_pullup(m, sizeof(struct ip6_hdr)); @@ -304,11 +303,15 @@ icmp6_error2(struct mbuf *m, int type, i ip6 = mtod(m, struct ip6_hdr *); if (in6_setscope(>ip6_src, ifp, NULL) != 0) - return; + goto out; if (in6_setscope(>ip6_dst, ifp, NULL) != 0) - return; + goto out; icmp6_error(m, type, code, param); + return; + +out: + m_freem(m); } /* @@ -344,7 +347,7 @@ icmp6_error(struct mbuf *m, int type, in * we should basically suppress sending an error (RFC 2463, Section * 2.4). * We have two exceptions (the item e.2 in that section): - * - the Pakcet Too Big message can be sent for path MTU discovery. + * - the Packet Too Big message can be sent for path MTU discovery. * - the Parameter Problem Message that can be allowed an icmp6 error * in the option type field. This check has been done in * ip6_unknown_opt(), so we can just check the type and code. @@ -391,18 +394,7 @@ icmp6_error(struct mbuf *m, int type, in } else { /* ICMPv6 informational - send the error */ } - } -#if 0 /* controversial */ - else if (off >= 0 && nxt == IPPROTO_ESP) { - /* - * It could be ICMPv6 error inside ESP. Take a safer side, - * don't respond. - */ - ICMP6_STATINC(ICMP6_STAT_CANTERROR); - goto freeit; - } -#endif - else { + } else { /* non-ICMPv6 - send the error */ } @@ -452,11 +444,13 @@ icmp6_error(struct mbuf *m, int type, in m_reset_rcvif(m); ICMP6_STATINC(ICMP6_STAT_OUTHIST + type); - icmp6_reflect(m, sizeof(struct ip6_hdr)); /* header order: IPv6 - ICMPv6 */ + + /* header order: IPv6 - ICMPv6 */ + icmp6_reflect(m, sizeof(struct ip6_hdr)); return; - freeit: +freeit: /* * If we can't tell whether or not we can generate ICMP6, free it. */ @@ -473,7 +467,7 @@ _icmp6_input(struct mbuf *m, int off, in struct ip6_hdr *ip6, *nip6; struct icmp6_hdr *icmp6, *nicmp6; int icmp6len = m->m_pkthdr.len - off; - int code, sum, noff; + int code, sum; struct ifnet *rcvif; struct psref psref; char ip6buf[INET6_ADDRSTRLEN], ip6buf2[INET6_ADDRSTRLEN]; @@ -513,6 +507,7 @@ _icmp6_input(struct mbuf *m, int off, in icmp6_ifstat_inc(rcvif, ifs6_in_error); goto freeit; } + /* * Enforce alignment requirements that are violated in * some cases, see kern/50766 for details. @@ -525,7 +520,7 @@ _icmp6_input(struct mbuf *m, int off, in goto freeit; } ip6 = mtod(m, struct ip6_hdr *); - icmp6 = (struct icmp6_hdr *)(ip6 + 1); + icmp6 = (struct icmp6_hdr *)(mtod(m, char *) + off); } KASSERT(IP6_HDR_ALIGNED_P(icmp6)); @@ -739,8 +734,6 @@ _icmp6_input(struct mbuf *m, int off, in n = m_copym(m, 0, M_COPYALL, M_DONTWAIT); if (n) n = ni6_input(n, off); - /* XXX meaningless if n == NULL */ - noff = sizeof(struct ip6_hdr); } else { u_char *p; int maxhlen; @@ -765,34 +758,36 @@ _icmp6_input(struct mbuf *m, int off, in m_reset_rcvif(n); n->m_len = 0; maxhlen = M_TRAILINGSPACE(n) - ICMP6_MAXLEN; - if (maxhlen < 0) + if (maxhlen < 0) { +m_free(n); break; + } if (maxhlen > hostnamelen) maxhlen = hostnamelen; /* * Copy IPv6 and ICMPv6 only. */ nip6 = mtod(n, struct ip6_hdr *);
CVS commit: [pgoyette-compat] src/sys/compat/common
Module Name:src Committed By: pgoyette Date: Sat Mar 31 10:01:58 UTC 2018 Modified Files: src/sys/compat/common [pgoyette-compat]: compat_mod.c Log Message: Add compat_12 to the alias list, and add compat_80 entry points to the init-fini list. To generate a diff of this commit: cvs rdiff -u -r1.24.14.30 -r1.24.14.31 src/sys/compat/common/compat_mod.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/compat/common/compat_mod.c diff -u src/sys/compat/common/compat_mod.c:1.24.14.30 src/sys/compat/common/compat_mod.c:1.24.14.31 --- src/sys/compat/common/compat_mod.c:1.24.14.30 Sat Mar 31 09:17:35 2018 +++ src/sys/compat/common/compat_mod.c Sat Mar 31 10:01:58 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: compat_mod.c,v 1.24.14.30 2018/03/31 09:17:35 pgoyette Exp $ */ +/* $NetBSD: compat_mod.c,v 1.24.14.31 2018/03/31 10:01:58 pgoyette Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: compat_mod.c,v 1.24.14.30 2018/03/31 09:17:35 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: compat_mod.c,v 1.24.14.31 2018/03/31 10:01:58 pgoyette Exp $"); #ifdef _KERNEL_OPT #include "opt_compat_netbsd.h" @@ -79,7 +79,7 @@ static struct sysctllog *compat_clog = N static const char * const compat_includes[] = { "compat_80", "compat_70", "compat_60", "compat_50", "compat_40", "compat_30", "compat_20", "compat_16", "compat_14", "compat_13", - NULL + "compat_12", NULL }; MODULE_WITH_ALIASES(MODULE_CLASS_EXEC, compat, NULL, _includes); @@ -137,6 +137,9 @@ struct compat_init_fini { int (*init)(void); int (*fini)(void); } init_fini_list[] = { +#ifdef COMPAT_80 + { compat_80_init, compat_80_fini }, +#endif #ifdef COMPAT_70 { compat_70_init, compat_70_fini }, #endif
CVS commit: [pgoyette-compat] src
Module Name:src Committed By: pgoyette Date: Sat Mar 31 09:17:35 UTC 2018 Modified Files: src/distrib/sets/lists/modules [pgoyette-compat]: mi src/sys/compat/common [pgoyette-compat]: compat_mod.c compat_mod.h files.common kern_xxx_12.c vfs_syscalls_12.c vm_12.c src/sys/modules [pgoyette-compat]: Makefile Added Files: src/sys/compat/common [pgoyette-compat]: compat_12_mod.c src/sys/modules/compat_12 [pgoyette-compat]: Makefile Log Message: create the compat_12 module To generate a diff of this commit: cvs rdiff -u -r1.114.2.13 -r1.114.2.14 src/distrib/sets/lists/modules/mi cvs rdiff -u -r0 -r1.1.2.1 src/sys/compat/common/compat_12_mod.c cvs rdiff -u -r1.24.14.29 -r1.24.14.30 src/sys/compat/common/compat_mod.c cvs rdiff -u -r1.1.42.16 -r1.1.42.17 src/sys/compat/common/compat_mod.h cvs rdiff -u -r1.1.2.28 -r1.1.2.29 src/sys/compat/common/files.common cvs rdiff -u -r1.15 -r1.15.56.1 src/sys/compat/common/kern_xxx_12.c cvs rdiff -u -r1.35 -r1.35.2.1 src/sys/compat/common/vfs_syscalls_12.c cvs rdiff -u -r1.20 -r1.20.56.1 src/sys/compat/common/vm_12.c cvs rdiff -u -r1.202.2.17 -r1.202.2.18 src/sys/modules/Makefile cvs rdiff -u -r0 -r1.1.2.1 src/sys/modules/compat_12/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/distrib/sets/lists/modules/mi diff -u src/distrib/sets/lists/modules/mi:1.114.2.13 src/distrib/sets/lists/modules/mi:1.114.2.14 --- src/distrib/sets/lists/modules/mi:1.114.2.13 Fri Mar 30 23:57:59 2018 +++ src/distrib/sets/lists/modules/mi Sat Mar 31 09:17:35 2018 @@ -1,4 +1,4 @@ -# $NetBSD: mi,v 1.114.2.13 2018/03/30 23:57:59 pgoyette Exp $ +# $NetBSD: mi,v 1.114.2.14 2018/03/31 09:17:35 pgoyette Exp $ # # Note: don't delete entries from here - mark them as "obsolete" instead. # @@ -70,6 +70,8 @@ ./@MODULEDIR@/compat/compat.kmod base-kernel-modules kmod ./@MODULEDIR@/compat_util base-kernel-modules kmod ./@MODULEDIR@/compat_util/compat_util.kmod base-kernel-modules kmod +./@MODULEDIR@/compat_12base-kernel-modules kmod +./@MODULEDIR@/compat_12/compat_12.kmod base-kernel-modules kmod ./@MODULEDIR@/compat_13base-kernel-modules kmod ./@MODULEDIR@/compat_13/compat_13.kmod base-kernel-modules kmod ./@MODULEDIR@/compat_14base-kernel-modules kmod Index: src/sys/compat/common/compat_mod.c diff -u src/sys/compat/common/compat_mod.c:1.24.14.29 src/sys/compat/common/compat_mod.c:1.24.14.30 --- src/sys/compat/common/compat_mod.c:1.24.14.29 Fri Mar 30 11:29:53 2018 +++ src/sys/compat/common/compat_mod.c Sat Mar 31 09:17:35 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: compat_mod.c,v 1.24.14.29 2018/03/30 11:29:53 pgoyette Exp $ */ +/* $NetBSD: compat_mod.c,v 1.24.14.30 2018/03/31 09:17:35 pgoyette Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: compat_mod.c,v 1.24.14.29 2018/03/30 11:29:53 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: compat_mod.c,v 1.24.14.30 2018/03/31 09:17:35 pgoyette Exp $"); #ifdef _KERNEL_OPT #include "opt_compat_netbsd.h" @@ -130,16 +130,6 @@ static const struct syscall_package comp { SYS_compat_09_ouname, 0, (sy_call_t *)compat_09_sys_uname }, #endif -#if defined(COMPAT_12) - { SYS_compat_12_fstat12, 0, (sy_call_t *)compat_12_sys_fstat }, - { SYS_compat_12_getdirentries, 0, (sy_call_t *)compat_12_sys_getdirentries }, - { SYS_compat_12_lstat12, 0, (sy_call_t *)compat_12_sys_lstat }, - { SYS_compat_12_msync, 0, (sy_call_t *)compat_12_sys_msync }, - { SYS_compat_12_oreboot, 0, (sy_call_t *)compat_12_sys_reboot }, - { SYS_compat_12_oswapon, 0, (sy_call_t *)compat_12_sys_swapon }, - { SYS_compat_12_stat12, 0, (sy_call_t *)compat_12_sys_stat }, -#endif - { 0, 0, NULL }, }; @@ -174,10 +164,10 @@ struct compat_init_fini { #ifdef COMPAT_13 { compat_13_init, compat_13_fini }, #endif -#if 0 /* NOT YET */ #ifdef COMPAT_12 { compat_12_init, compat_12_fini }, #endif +#if 0 /* NOT YET */ #ifdef COMPAT_10 { compat_10_init, compat_10_fini }, #endif Index: src/sys/compat/common/compat_mod.h diff -u src/sys/compat/common/compat_mod.h:1.1.42.16 src/sys/compat/common/compat_mod.h:1.1.42.17 --- src/sys/compat/common/compat_mod.h:1.1.42.16 Fri Mar 30 11:18:34 2018 +++ src/sys/compat/common/compat_mod.h Sat Mar 31 09:17:35 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: compat_mod.h,v 1.1.42.16 2018/03/30 11:18:34 pgoyette Exp $ */ +/* $NetBSD: compat_mod.h,v 1.1.42.17 2018/03/31 09:17:35 pgoyette Exp $ */ /*- * Copyright (c) 2013 The NetBSD Foundation, Inc. @@ -139,4 +139,15 @@ void uvm_13_init(void); void uvm_13_fini(void); #endif +#ifdef COMPAT_12 +int compat_12_init(void); +int compat_12_fini(void); +int kern_xxx_12_init(void); +int kern_xxx_12_fini(void); +int vm_12_init(void); +int vm_12_fini(void); +int vfs_syscalls_12_init(void); +int vfs_syscalls_12_fini(void); +#endif + #endif /* !_COMPAT_MOD_H_ */ Index:
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: maxv Date: Sat Mar 31 08:43:52 UTC 2018 Modified Files: src/sys/arch/x86/x86: x86_machdep.c Log Message: Rename spectreV2 -> spectre_v2, and introduce spectre_v1 (which defaults to not-mitigated). This gives the user an easy way to find out whether the system is vulnerable: machdep.spectre_v1.mitigated machdep.spectre_v2.mitigated They are also available on i386. To generate a diff of this commit: cvs rdiff -u -r1.109 -r1.110 src/sys/arch/x86/x86/x86_machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/x86_machdep.c diff -u src/sys/arch/x86/x86/x86_machdep.c:1.109 src/sys/arch/x86/x86/x86_machdep.c:1.110 --- src/sys/arch/x86/x86/x86_machdep.c:1.109 Wed Mar 14 17:40:41 2018 +++ src/sys/arch/x86/x86/x86_machdep.c Sat Mar 31 08:43:52 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: x86_machdep.c,v 1.109 2018/03/14 17:40:41 maxv Exp $ */ +/* $NetBSD: x86_machdep.c,v 1.110 2018/03/31 08:43:52 maxv Exp $ */ /*- * Copyright (c) 2002, 2006, 2007 YAMAMOTO Takashi, @@ -31,7 +31,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.109 2018/03/14 17:40:41 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: x86_machdep.c,v 1.110 2018/03/31 08:43:52 maxv Exp $"); #include "opt_modular.h" #include "opt_physmem.h" @@ -1274,10 +1274,27 @@ SYSCTL_SETUP(sysctl_machdep_setup, "sysc #ifndef XEN int sysctl_machdep_spectreV2_mitigated(SYSCTLFN_ARGS); extern bool spec_mitigation_enabled; - const struct sysctlnode *spec_rnode = NULL; + const struct sysctlnode *spec_rnode; + + /* SpectreV1 */ + spec_rnode = NULL; + sysctl_createv(clog, 0, NULL, _rnode, + CTLFLAG_PERMANENT, + CTLTYPE_NODE, "spectre_v1", NULL, + NULL, 0, NULL, 0, + CTL_MACHDEP, CTL_CREATE); + sysctl_createv(clog, 0, _rnode, _rnode, + CTLFLAG_PERMANENT | CTLFLAG_IMMEDIATE, + CTLTYPE_BOOL, "mitigated", + SYSCTL_DESCR("Whether Spectre Variant 1 is mitigated"), + NULL, 0 /* mitigated=0 */, NULL, 0, + CTL_CREATE, CTL_EOL); + + /* SpectreV2 */ + spec_rnode = NULL; sysctl_createv(clog, 0, NULL, _rnode, CTLFLAG_PERMANENT, - CTLTYPE_NODE, "spectreV2", NULL, + CTLTYPE_NODE, "spectre_v2", NULL, NULL, 0, NULL, 0, CTL_MACHDEP, CTL_CREATE); sysctl_createv(clog, 0, _rnode, _rnode,
CVS commit: [pgoyette-compat] src/sys/kern
Module Name:src Committed By: pgoyette Date: Sat Mar 31 08:34:17 UTC 2018 Modified Files: src/sys/kern [pgoyette-compat]: kern_module.c Log Message: Rather than allocating and freeing the recursion stack entry from the pool, just use an entry allocated on the procedure's stack. The recursion entry is very short-lived anyway, and always gets freed before the procedure exits. To generate a diff of this commit: cvs rdiff -u -r1.130.2.5 -r1.130.2.6 src/sys/kern/kern_module.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/kern/kern_module.c diff -u src/sys/kern/kern_module.c:1.130.2.5 src/sys/kern/kern_module.c:1.130.2.6 --- src/sys/kern/kern_module.c:1.130.2.5 Fri Mar 30 23:49:42 2018 +++ src/sys/kern/kern_module.c Sat Mar 31 08:34:17 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: kern_module.c,v 1.130.2.5 2018/03/30 23:49:42 pgoyette Exp $ */ +/* $NetBSD: kern_module.c,v 1.130.2.6 2018/03/31 08:34:17 pgoyette Exp $ */ /*- * Copyright (c) 2008 The NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.130.2.5 2018/03/30 23:49:42 pgoyette Exp $"); +__KERNEL_RCSID(0, "$NetBSD: kern_module.c,v 1.130.2.6 2018/03/31 08:34:17 pgoyette Exp $"); #define _MODULE_INTERNAL @@ -913,7 +913,7 @@ module_do_load(const char *name, bool is struct pend_entry { SLIST_ENTRY(pend_entry) pe_entry; struct pending_t *pe_pending; - } *my_pend_entry; + } my_pend_entry; modinfo_t *mi; module_t *mod, *mod2, *prev_active; @@ -942,9 +942,8 @@ module_do_load(const char *name, bool is pending = SLIST_FIRST(_stack)->pe_pending; } else pending = _pending; - my_pend_entry = kmem_zalloc(sizeof(*my_pend_entry), KM_SLEEP); - my_pend_entry->pe_pending = pending; - SLIST_INSERT_HEAD(_stack, my_pend_entry, pe_entry); + my_pend_entry.pe_pending = pending; + SLIST_INSERT_HEAD(_stack, _pend_entry, pe_entry); /* * Search the list of disabled builtins first. @@ -962,11 +961,9 @@ module_do_load(const char *name, bool is "builtin module `%s'", name); } SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); return EPERM; } else { SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); error = module_do_builtin(mod, name, modp, props); return error; } @@ -996,7 +993,6 @@ module_do_load(const char *name, bool is module_print("%s module `%s' already loaded", isdep ? "dependent" : "requested", name); SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); return EEXIST; } @@ -1004,7 +1000,6 @@ module_do_load(const char *name, bool is if (mod == NULL) { module_error("out of memory for `%s'", name); SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); return ENOMEM; } @@ -1025,7 +1020,6 @@ module_do_load(const char *name, bool is #endif kmem_free(mod, sizeof(*mod)); SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); return error; } TAILQ_INSERT_TAIL(pending, mod, mod_chain); @@ -1241,7 +1235,6 @@ module_do_load(const char *name, bool is module_thread_kick(); } SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); module_print("module `%s' loaded successfully", mi->mi_name); return 0; @@ -1257,7 +1250,6 @@ module_do_load(const char *name, bool is TAILQ_REMOVE(pending, mod, mod_chain); kmem_free(mod, sizeof(*mod)); SLIST_REMOVE_HEAD(_stack, pe_entry); - kmem_free(my_pend_entry, sizeof(*my_pend_entry)); return error; }
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: maxv Date: Sat Mar 31 08:30:01 UTC 2018 Modified Files: src/sys/arch/x86/x86: spectre.c Log Message: Reorganize to simplify. To generate a diff of this commit: cvs rdiff -u -r1.6 -r1.7 src/sys/arch/x86/x86/spectre.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/spectre.c diff -u src/sys/arch/x86/x86/spectre.c:1.6 src/sys/arch/x86/x86/spectre.c:1.7 --- src/sys/arch/x86/x86/spectre.c:1.6 Sat Mar 31 07:15:47 2018 +++ src/sys/arch/x86/x86/spectre.c Sat Mar 31 08:30:01 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: spectre.c,v 1.6 2018/03/31 07:15:47 maxv Exp $ */ +/* $NetBSD: spectre.c,v 1.7 2018/03/31 08:30:01 maxv Exp $ */ /* * Copyright (c) 2018 NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: spectre.c,v 1.6 2018/03/31 07:15:47 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: spectre.c,v 1.7 2018/03/31 08:30:01 maxv Exp $"); #include #include @@ -129,10 +129,10 @@ speculation_detect_method(void) /* -- */ -#ifdef __x86_64__ static volatile unsigned long ibrs_cpu_barrier1 __cacheline_aligned; static volatile unsigned long ibrs_cpu_barrier2 __cacheline_aligned; +#ifdef __x86_64__ static void ibrs_disable_hotpatch(void) { @@ -176,187 +176,137 @@ ibrs_enable_hotpatch(void) x86_patch_window_close(psl, cr0); } - +#else +/* IBRS not supported on i386 */ static void -ibrs_change_cpu(void *arg1, void *arg2) -{ - struct cpu_info *ci = curcpu(); - bool enabled = (bool)arg1; - u_long psl; - - psl = x86_read_psl(); - x86_disable_intr(); - - atomic_dec_ulong(_cpu_barrier1); - while (atomic_cas_ulong(_cpu_barrier1, 0, 0) != 0) { - x86_pause(); - } - - /* cpu0 is the one that does the hotpatch job */ - if (ci == _info_primary) { - if (enabled) { - ibrs_enable_hotpatch(); - } else { - ibrs_disable_hotpatch(); - } - } - - if (!enabled) { - wrmsr(MSR_IA32_SPEC_CTRL, 0); - } - - atomic_dec_ulong(_cpu_barrier2); - while (atomic_cas_ulong(_cpu_barrier2, 0, 0) != 0) { - x86_pause(); - } - - /* Write back and invalidate cache, flush pipelines. */ - wbinvd(); - x86_flush(); - - x86_write_psl(psl); -} - -static int -ibrs_change(bool enabled) +ibrs_disable_hotpatch(void) { - struct cpu_info *ci = NULL; - CPU_INFO_ITERATOR cii; - uint64_t xc; - - mutex_enter(_lock); - - /* - * We expect all the CPUs to be online. - */ - for (CPU_INFO_FOREACH(cii, ci)) { - struct schedstate_percpu *spc = >ci_schedstate; - if (spc->spc_flags & SPCF_OFFLINE) { - printf("[!] cpu%d offline, IBRS not changed\n", - cpu_index(ci)); - mutex_exit(_lock); - return EOPNOTSUPP; - } - } - - ibrs_cpu_barrier1 = ncpu; - ibrs_cpu_barrier2 = ncpu; - - printf("[+] %s SpectreV2 Mitigation (IBRS)...", - (enabled == true) ? "Enabling" : "Disabling"); - xc = xc_broadcast(0, ibrs_change_cpu, (void *)enabled, NULL); - xc_wait(xc); - printf(" done!\n"); - - mutex_exit(_lock); - - return 0; + panic("%s: impossible", __func__); } -#else -/* - * TODO: i386 - */ -static int -ibrs_change(bool enabled) +static void +ibrs_enable_hotpatch(void) { - panic("not supported"); + panic("%s: impossible", __func__); } #endif /* -- */ static void -mitigation_disable_cpu(void *arg1, void *arg2) +mitigation_apply_cpu(struct cpu_info *ci, bool enabled) { uint64_t msr; switch (mitigation_method) { case MITIGATION_NONE: - case MITIGATION_INTEL_IBRS: panic("impossible"); + case MITIGATION_INTEL_IBRS: + /* cpu0 is the one that does the hotpatch job */ + if (ci == _info_primary) { + if (enabled) { +ibrs_enable_hotpatch(); + } else { +ibrs_disable_hotpatch(); + } + } + if (!enabled) { + wrmsr(MSR_IA32_SPEC_CTRL, 0); + } break; case MITIGATION_AMD_DIS_IND: msr = rdmsr(MSR_IC_CFG); - msr &= ~IC_CFG_DIS_IND; + if (enabled) { + msr |= IC_CFG_DIS_IND; + } else { + msr &= ~IC_CFG_DIS_IND; + } wrmsr(MSR_IC_CFG, msr); break; } } +/* + * Note: IBRS requires hotpatching, so we need barriers. + */ static void -mitigation_enable_cpu(void *arg1, void *arg2) +mitigation_change_cpu(void *arg1, void *arg2) { - uint64_t msr; + struct cpu_info *ci = curcpu(); + bool enabled = (bool)arg1; + u_long psl = 0; - switch (mitigation_method) { - case MITIGATION_NONE: - case MITIGATION_INTEL_IBRS: - panic("impossible"); - break; - case MITIGATION_AMD_DIS_IND: - msr = rdmsr(MSR_IC_CFG); - msr |= IC_CFG_DIS_IND; - wrmsr(MSR_IC_CFG, msr); - break; + /* Rendez-vous 1 (IBRS only). */ + if (mitigation_method == MITIGATION_INTEL_IBRS) { + psl = x86_read_psl(); + x86_disable_intr(); + + atomic_dec_ulong(_cpu_barrier1); + while (atomic_cas_ulong(_cpu_barrier1, 0, 0) != 0) { + x86_pause(); + } } -} -static int -mitigation_disable(void) -{ - uint64_t xc; - int
CVS commit: src/sys/arch/x86/x86
Module Name:src Committed By: maxv Date: Sat Mar 31 07:15:47 UTC 2018 Modified Files: src/sys/arch/x86/x86: spectre.c Log Message: Add #ifdef, for i386 not to panic. To generate a diff of this commit: cvs rdiff -u -r1.5 -r1.6 src/sys/arch/x86/x86/spectre.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/x86/x86/spectre.c diff -u src/sys/arch/x86/x86/spectre.c:1.5 src/sys/arch/x86/x86/spectre.c:1.6 --- src/sys/arch/x86/x86/spectre.c:1.5 Thu Mar 29 07:21:24 2018 +++ src/sys/arch/x86/x86/spectre.c Sat Mar 31 07:15:47 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: spectre.c,v 1.5 2018/03/29 07:21:24 maxv Exp $ */ +/* $NetBSD: spectre.c,v 1.6 2018/03/31 07:15:47 maxv Exp $ */ /* * Copyright (c) 2018 NetBSD Foundation, Inc. @@ -34,7 +34,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: spectre.c,v 1.5 2018/03/29 07:21:24 maxv Exp $"); +__KERNEL_RCSID(0, "$NetBSD: spectre.c,v 1.6 2018/03/31 07:15:47 maxv Exp $"); #include #include @@ -94,7 +94,12 @@ speculation_detect_method(void) x86_cpuid(7, descs); if (descs[3] & CPUID_SEF_IBRS) { /* descs[3] = %edx */ +#ifdef __x86_64__ mitigation_method = MITIGATION_INTEL_IBRS; +#else +/* IBRS not supported on i386. */ +mitigation_method = MITIGATION_NONE; +#endif return; } }
CVS commit: src/sys/arch/vax/include
Module Name:src Committed By: ragge Date: Sat Mar 31 06:34:51 UTC 2018 Modified Files: src/sys/arch/vax/include: vmparam.h Log Message: Shrink MAXDSIZ to 512MB. XXX this should be depending of amount of physical memory. To generate a diff of this commit: cvs rdiff -u -r1.50 -r1.51 src/sys/arch/vax/include/vmparam.h Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/vax/include/vmparam.h diff -u src/sys/arch/vax/include/vmparam.h:1.50 src/sys/arch/vax/include/vmparam.h:1.51 --- src/sys/arch/vax/include/vmparam.h:1.50 Sun Jan 26 03:18:39 2014 +++ src/sys/arch/vax/include/vmparam.h Sat Mar 31 06:34:51 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: vmparam.h,v 1.50 2014/01/26 03:18:39 christos Exp $ */ +/* $NetBSD: vmparam.h,v 1.51 2018/03/31 06:34:51 ragge Exp $ */ /*- * Copyright (c) 1990 The Regents of the University of California. @@ -68,7 +68,7 @@ #define DFLDSIZ (128*1024*1024) /* initial data size limit */ #endif #ifndef MAXDSIZ -#define MAXDSIZ (1024*1024*1024) /* max data size */ +#define MAXDSIZ (512*1024*1024) /* max data size */ #endif #ifndef DFLSSIZ #define DFLSSIZ (512*1024) /* initial stack size limit */
CVS commit: src/sys/arch/vax/vax
Module Name:src Committed By: ragge Date: Sat Mar 31 06:32:48 UTC 2018 Modified Files: src/sys/arch/vax/vax: machdep.c Log Message: Set max/dfl size for vm a process may have to the same as for data. This avoids a problem where mmap may lock processes in the system, and solves PR port-vax/28379. To generate a diff of this commit: cvs rdiff -u -r1.191 -r1.192 src/sys/arch/vax/vax/machdep.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. Modified files: Index: src/sys/arch/vax/vax/machdep.c diff -u src/sys/arch/vax/vax/machdep.c:1.191 src/sys/arch/vax/vax/machdep.c:1.192 --- src/sys/arch/vax/vax/machdep.c:1.191 Tue Dec 16 11:23:11 2014 +++ src/sys/arch/vax/vax/machdep.c Sat Mar 31 06:32:47 2018 @@ -1,4 +1,4 @@ -/* $NetBSD: machdep.c,v 1.191 2014/12/16 11:23:11 jklos Exp $ */ +/* $NetBSD: machdep.c,v 1.192 2018/03/31 06:32:47 ragge Exp $ */ /* * Copyright (c) 1982, 1986, 1990 The Regents of the University of California. @@ -83,7 +83,7 @@ */ #include -__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.191 2014/12/16 11:23:11 jklos Exp $"); +__KERNEL_RCSID(0, "$NetBSD: machdep.c,v 1.192 2018/03/31 06:32:47 ragge Exp $"); #include "opt_ddb.h" #include "opt_compat_netbsd.h" @@ -765,3 +765,14 @@ mm_md_readwrite(dev_t dev, struct uio *u return ENXIO; } } + +/* + * Set max virtual size a process may allocate. + * This could be tuned based on amount of physical memory. + */ +void +machdep_init(void) +{ + proc0.p_rlimit[RLIMIT_AS].rlim_cur = DFLDSIZ; + proc0.p_rlimit[RLIMIT_AS].rlim_max = MAXDSIZ; +}