Re: svn commit: r363263 - in head/lib/csu: . common
On 2/26/21 6:02 AM, Kyle Evans wrote: On Thu, Jul 16, 2020 at 4:58 PM John Baldwin wrote: Author: jhb Date: Thu Jul 16 21:58:43 2020 New Revision: 363263 URL: https://svnweb.freebsd.org/changeset/base/363263 Log: Include ABI note tag in shared libraries. Split the ELF feature note into a separate file that is linked into *crt1.o the same as crtbrand.S was before. crtbrand.o is now linked into crti.o on all platforms in addition to *crt1.o. This is pretty handy; any chance we can backport this series for 12.3? So there is an issue I need to resolve in that the notes can get lost if you use --gc-sections which LLVM does when building the cross toolchain (so the trick of using .comdat for notes doesn't end up working out). Right now it only fully breaks RISC-V since all the other arches still have FreeBSD set as the ELF OSABI in the ELF header. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368789 - head/libexec/rtld-elf/rtld-libc
On 12/19/20 8:27 PM, Ryan Libby wrote: > On Sat, Dec 19, 2020 at 7:23 PM John Baldwin wrote: >> >> On 12/19/20 12:38 AM, Ryan Libby wrote: >>> Author: rlibby >>> Date: Sat Dec 19 08:38:31 2020 >>> New Revision: 368789 >>> URL: https://svnweb.freebsd.org/changeset/base/368789 >>> >>> Log: >>> rtld-elf: link udivmoddi4 from compiler_rt >>> >>> This fixes the gcc9 build of rtld-elf32 on amd64, which needed an >>> implementation of udivmoddi4. >>> >>> rtld-elf uses certain functions normally found in libc, and so it >>> includes certain files from libc in its own build. It has two >>> mechanisms to include files from libc: one that rebuilds source files in >>> the rtld-elf environment, and one that extracts object files from a >>> purpose-built no-SSP PIC archive. >>> >>> In addition to libc functions, rtld-elf may need to link functions >>> normally found in libcompiler_rt (formerly libgcc). Now, add an ability >>> to rebuild libcompiler_rt source files in the rtld-elf environment. We >>> don't yet have a need for an object file extraction mechanism. >>> >>> libcompiler_rt could also supply udivdi3 and umoddi3, but leave them >>> alone for now. >>> >>> Reviewed by:arichardson, kib >>> Sponsored by: Dell EMC Isilon >>> Differential Revision: https://reviews.freebsd.org/D27665 >> >> Hmm, I had just linked against libcompiler_rt directly as we do on arm: >> >> https://reviews.freebsd.org/D26199 >> >> It was stuck waiting for review feedback. >> >> Given libcompiler_rt is a static archive, we could probably safely link >> against it directly unlike libc where we have to pick specific object >> files. >> >> -- >> John Baldwin > > Sorry, I wasn't aware of your review. Do you want this backed out? No. I do have other patches you can see in that review stack that might be relevant for GCC 9. Some of them I should push as they've been reviewed, but not all of them are ok'd I think. > I did see the arm path. I think it is not quite right, because > libcompiler_rt is compiled with -fstack-protector-strong, which is not > compatible with rtld. However, it will work in practice if stack > protection doesn't actually get used on any linked function. Hmm, ok. I think it's fine to use the current approach then, and perhaps fix arm to match it and keep SSP out of rtld. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368789 - head/libexec/rtld-elf/rtld-libc
On 12/19/20 12:38 AM, Ryan Libby wrote: > Author: rlibby > Date: Sat Dec 19 08:38:31 2020 > New Revision: 368789 > URL: https://svnweb.freebsd.org/changeset/base/368789 > > Log: > rtld-elf: link udivmoddi4 from compiler_rt > > This fixes the gcc9 build of rtld-elf32 on amd64, which needed an > implementation of udivmoddi4. > > rtld-elf uses certain functions normally found in libc, and so it > includes certain files from libc in its own build. It has two > mechanisms to include files from libc: one that rebuilds source files in > the rtld-elf environment, and one that extracts object files from a > purpose-built no-SSP PIC archive. > > In addition to libc functions, rtld-elf may need to link functions > normally found in libcompiler_rt (formerly libgcc). Now, add an ability > to rebuild libcompiler_rt source files in the rtld-elf environment. We > don't yet have a need for an object file extraction mechanism. > > libcompiler_rt could also supply udivdi3 and umoddi3, but leave them > alone for now. > > Reviewed by:arichardson, kib > Sponsored by: Dell EMC Isilon > Differential Revision: https://reviews.freebsd.org/D27665 Hmm, I had just linked against libcompiler_rt directly as we do on arm: https://reviews.freebsd.org/D26199 It was stuck waiting for review feedback. Given libcompiler_rt is a static archive, we could probably safely link against it directly unlike libc where we have to pick specific object files. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368768 - in head/sys: amd64/amd64 arm64/arm64 i386/i386 riscv/riscv
Author: jhb Date: Fri Dec 18 20:41:23 2020 New Revision: 368768 URL: https://svnweb.freebsd.org/changeset/base/368768 Log: Skip the vm.pmap.kernel_maps sysctl by default. This sysctl node can generate very verbose output, so don't trigger it for sysctl -a or sysctl vm.pmap. Reviewed by: markj, kib Differential Revision:https://reviews.freebsd.org/D27504 Modified: head/sys/amd64/amd64/pmap.c head/sys/arm64/arm64/pmap.c head/sys/i386/i386/pmap_base.c head/sys/riscv/riscv/pmap.c Modified: head/sys/amd64/amd64/pmap.c == --- head/sys/amd64/amd64/pmap.c Fri Dec 18 20:10:30 2020(r368767) +++ head/sys/amd64/amd64/pmap.c Fri Dec 18 20:41:23 2020(r368768) @@ -11271,7 +11271,7 @@ restart: return (error); } SYSCTL_OID(_vm_pmap, OID_AUTO, kernel_maps, -CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, +CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_SKIP, NULL, 0, sysctl_kmaps, "A", "Dump kernel address layout"); Modified: head/sys/arm64/arm64/pmap.c == --- head/sys/arm64/arm64/pmap.c Fri Dec 18 20:10:30 2020(r368767) +++ head/sys/arm64/arm64/pmap.c Fri Dec 18 20:41:23 2020(r368768) @@ -7168,6 +7168,6 @@ sysctl_kmaps(SYSCTL_HANDLER_ARGS) return (error); } SYSCTL_OID(_vm_pmap, OID_AUTO, kernel_maps, -CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, +CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_SKIP, NULL, 0, sysctl_kmaps, "A", "Dump kernel address layout"); Modified: head/sys/i386/i386/pmap_base.c == --- head/sys/i386/i386/pmap_base.c Fri Dec 18 20:10:30 2020 (r368767) +++ head/sys/i386/i386/pmap_base.c Fri Dec 18 20:41:23 2020 (r368768) @@ -265,7 +265,7 @@ sysctl_kmaps(SYSCTL_HANDLER_ARGS) return (pmap_methods_ptr->pm_sysctl_kmaps(oidp, arg1, arg2, req)); } SYSCTL_OID(_vm_pmap, OID_AUTO, kernel_maps, -CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, +CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_SKIP, NULL, 0, sysctl_kmaps, "A", "Dump kernel address layout"); Modified: head/sys/riscv/riscv/pmap.c == --- head/sys/riscv/riscv/pmap.c Fri Dec 18 20:10:30 2020(r368767) +++ head/sys/riscv/riscv/pmap.c Fri Dec 18 20:41:23 2020(r368768) @@ -4638,6 +4638,6 @@ sysctl_kmaps(SYSCTL_HANDLER_ARGS) return (error); } SYSCTL_OID(_vm_pmap, OID_AUTO, kernel_maps, -CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE, +CTLTYPE_STRING | CTLFLAG_RD | CTLFLAG_MPSAFE | CTLFLAG_SKIP, NULL, 0, sysctl_kmaps, "A", "Dump kernel address layout"); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368741 - in head/sys/dev/usb: . controller
Author: jhb Date: Thu Dec 17 20:45:10 2020 New Revision: 368741 URL: https://svnweb.freebsd.org/changeset/base/368741 Log: Use __containerof() instead of home-rolled versions. Reviewed by: imp, hselasky Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27582 Modified: head/sys/dev/usb/controller/ehci.c head/sys/dev/usb/controller/ohci.c head/sys/dev/usb/controller/uhci.c head/sys/dev/usb/controller/xhci.c head/sys/dev/usb/usb_transfer.h Modified: head/sys/dev/usb/controller/ehci.c == --- head/sys/dev/usb/controller/ehci.c Thu Dec 17 20:31:45 2020 (r368740) +++ head/sys/dev/usb/controller/ehci.c Thu Dec 17 20:45:10 2020 (r368741) @@ -90,8 +90,7 @@ #include #defineEHCI_BUS2SC(bus) \ - ((ehci_softc_t *)(((uint8_t *)(bus)) - \ -((uint8_t *)&(((ehci_softc_t *)0)->sc_bus + __containerof(bus, ehci_softc_t, sc_bus) #ifdef USB_DEBUG static int ehcidebug = 0; Modified: head/sys/dev/usb/controller/ohci.c == --- head/sys/dev/usb/controller/ohci.c Thu Dec 17 20:31:45 2020 (r368740) +++ head/sys/dev/usb/controller/ohci.c Thu Dec 17 20:45:10 2020 (r368741) @@ -79,8 +79,7 @@ #include #defineOHCI_BUS2SC(bus) \ - ((ohci_softc_t *)(((uint8_t *)(bus)) - \ -((uint8_t *)&(((ohci_softc_t *)0)->sc_bus + __containerof(bus, ohci_softc_t, sc_bus) #ifdef USB_DEBUG static int ohcidebug = 0; Modified: head/sys/dev/usb/controller/uhci.c == --- head/sys/dev/usb/controller/uhci.c Thu Dec 17 20:31:45 2020 (r368740) +++ head/sys/dev/usb/controller/uhci.c Thu Dec 17 20:45:10 2020 (r368741) @@ -83,8 +83,7 @@ #definealt_next next #defineUHCI_BUS2SC(bus) \ - ((uhci_softc_t *)(((uint8_t *)(bus)) - \ -((uint8_t *)&(((uhci_softc_t *)0)->sc_bus + __containerof(bus, uhci_softc_t, sc_bus) #ifdef USB_DEBUG static int uhcidebug = 0; Modified: head/sys/dev/usb/controller/xhci.c == --- head/sys/dev/usb/controller/xhci.c Thu Dec 17 20:31:45 2020 (r368740) +++ head/sys/dev/usb/controller/xhci.c Thu Dec 17 20:45:10 2020 (r368741) @@ -86,8 +86,7 @@ #include #defineXHCI_BUS2SC(bus) \ - ((struct xhci_softc *)(((uint8_t *)(bus)) - \ -((uint8_t *)&(((struct xhci_softc *)0)->sc_bus + __containerof(bus, struct xhci_softc, sc_bus) static SYSCTL_NODE(_hw_usb, OID_AUTO, xhci, CTLFLAG_RW | CTLFLAG_MPSAFE, 0, "USB XHCI"); Modified: head/sys/dev/usb/usb_transfer.h == --- head/sys/dev/usb/usb_transfer.h Thu Dec 17 20:31:45 2020 (r368740) +++ head/sys/dev/usb/usb_transfer.h Thu Dec 17 20:45:10 2020 (r368741) @@ -153,9 +153,7 @@ struct usb_done_msg { }; #defineUSB_DMATAG_TO_XROOT(dpt)\ - ((struct usb_xfer_root *)( \ - ((uint8_t *)(dpt)) -\ - ((uint8_t *)&((struct usb_xfer_root *)0)->dma_parent_tag))) + __containerof(dpt, struct usb_xfer_root, dma_parent_tag) /* * The following structure is used to keep information about memory ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368739 - in head/sys: conf kern tools
Author: jhb Date: Thu Dec 17 20:31:17 2020 New Revision: 368739 URL: https://svnweb.freebsd.org/changeset/base/368739 Log: Use a template assembly file for firmware object files. Similar to r366897, this uses the .incbin directive to pull in a firmware file's contents into a .fwo file. The same scheme for computing symbol names from the filename is used as before to maximize compatiblity and not require rebuilding existing .fwo files for NO_CLEAN builds. Using ld -o binary requires extra hacks in linkers to either specify ABI options (e.g. soft- vs hard-float) or to ignore ABI incompatiblities when linking certain objects (e.g. object files with only data). Using the compiler driver avoids the need for these hacks as the compiler driver is able to set all the appropriate ABI options. Reviewed by: imp, markj Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27579 Added: head/sys/kern/firmw.S (contents, props changed) Modified: head/sys/conf/kern.pre.mk head/sys/conf/kmod.mk head/sys/tools/fw_stub.awk Modified: head/sys/conf/kern.pre.mk == --- head/sys/conf/kern.pre.mk Thu Dec 17 20:28:53 2020(r368738) +++ head/sys/conf/kern.pre.mk Thu Dec 17 20:31:17 2020(r368739) @@ -184,8 +184,9 @@ NORMAL_M= ${AWK} -f $S/tools/makeobjops.awk ${.IMPSRC} ${CC} -c ${CFLAGS} ${WERROR} ${PROF} ${.PREFIX}.c NORMAL_FW= uudecode -o ${.TARGET} ${.ALLSRC} -NORMAL_FWO= ${LD} -b binary --no-warn-mismatch -d -warn-common -r \ - -m ${LD_EMULATION} -o ${.TARGET} ${.ALLSRC:M*.fw} +NORMAL_FWO= ${CC:N${CCACHE_BIN}} -c ${ASM_CFLAGS} ${WERROR} -o ${.TARGET} \ + $S/kern/firmw.S -DFIRMW_FILE="${.ALLSRC:M*.fw}" \ + -DFIRMW_SYMBOL="${.ALLSRC:M*.fw:C/[-.\/]/_/g}" # for ZSTD in the kernel (include zstd/lib/freebsd before other CFLAGS) ZSTD_C= ${CC} -c -DZSTD_HEAPMODE=1 -I$S/contrib/zstd/lib/freebsd ${CFLAGS} -I$S/contrib/zstd/lib -I$S/contrib/zstd/lib/common ${WERROR} -Wno-inline -Wno-missing-prototypes ${PROF} -U__BMI__ ${.IMPSRC} Modified: head/sys/conf/kmod.mk == --- head/sys/conf/kmod.mk Thu Dec 17 20:28:53 2020(r368738) +++ head/sys/conf/kmod.mk Thu Dec 17 20:31:17 2020(r368739) @@ -187,19 +187,13 @@ SRCS+=${KMOD:S/$/.c/} CLEANFILES+= ${KMOD:S/$/.c/} .for _firmw in ${FIRMWS} -${_firmw:C/\:.*$/.fwo/:T}: ${_firmw:C/\:.*$//} +${_firmw:C/\:.*$/.fwo/:T}: ${_firmw:C/\:.*$//} ${SYSDIR}/kern/firmw.S @${ECHO} ${_firmw:C/\:.*$//} ${.ALLSRC:M*${_firmw:C/\:.*$//}} - @if [ -e ${_firmw:C/\:.*$//} ]; then\ - ${LD} -b binary --no-warn-mismatch ${_LDFLAGS} \ - -m ${LD_EMULATION} -r -d\ - -o ${.TARGET} ${_firmw:C/\:.*$//}; \ - else\ - ln -s ${.ALLSRC:M*${_firmw:C/\:.*$//}} ${_firmw:C/\:.*$//}; \ - ${LD} -b binary --no-warn-mismatch ${_LDFLAGS} \ - -m ${LD_EMULATION} -r -d\ - -o ${.TARGET} ${_firmw:C/\:.*$//}; \ - rm ${_firmw:C/\:.*$//}; \ - fi + ${CC:N${CCACHE_BIN}} -c -x assembler-with-cpp -DLOCORE \ + ${CFLAGS} ${WERROR} \ + -DFIRMW_FILE="${.ALLSRC:M*${_firmw:C/\:.*$//}}" \ + -DFIRMW_SYMBOL="${_firmw:C/\:.*$//:C/[-.\/]/_/g}" \ + ${SYSDIR}/kern/firmw.S -o ${.TARGET} OBJS+= ${_firmw:C/\:.*$/.fwo/:T} .endfor Added: head/sys/kern/firmw.S == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/sys/kern/firmw.S Thu Dec 17 20:31:17 2020(r368739) @@ -0,0 +1,49 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2020 John Baldwin + * + * This software was developed by SRI International and the University of + * Cambridge Computer Laboratory (Department of Computer Science and + * Technology) under DARPA contract HR0011-18-C-0016 ("ECATS"), as part of the + * DARPA SSITH research programme. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + *notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + *notice, this list of conditions and the following disclaimer in the + *documentation and/or other materials provided with the distribution. + * + * THIS S
svn commit: r368738 - head/sys/compat/linuxkpi/common/include/linux
Author: jhb Date: Thu Dec 17 20:28:53 2020 New Revision: 368738 URL: https://svnweb.freebsd.org/changeset/base/368738 Log: Cleanups to *ERR* compat shims. - Use [u]intptr_t casts to convert pointers to integers. - Change IS_ERR* to return bool instead of long. Reviewed by: manu Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27577 Modified: head/sys/compat/linuxkpi/common/include/linux/err.h Modified: head/sys/compat/linuxkpi/common/include/linux/err.h == --- head/sys/compat/linuxkpi/common/include/linux/err.h Thu Dec 17 20:11:31 2020(r368737) +++ head/sys/compat/linuxkpi/common/include/linux/err.h Thu Dec 17 20:28:53 2020(r368738) @@ -37,30 +37,30 @@ #define MAX_ERRNO 4095 -#define IS_ERR_VALUE(x) unlikely((x) >= (unsigned long)-MAX_ERRNO) +#define IS_ERR_VALUE(x) unlikely((x) >= (uintptr_t)-MAX_ERRNO) static inline void * ERR_PTR(long error) { - return (void *)error; + return (void *)(intptr_t)error; } static inline long PTR_ERR(const void *ptr) { - return (long)ptr; + return (intptr_t)ptr; } -static inline long +static inline bool IS_ERR(const void *ptr) { - return IS_ERR_VALUE((unsigned long)ptr); + return IS_ERR_VALUE((uintptr_t)ptr); } -static inline long +static inline bool IS_ERR_OR_NULL(const void *ptr) { - return !ptr || IS_ERR_VALUE((unsigned long)ptr); + return !ptr || IS_ERR_VALUE((uintptr_t)ptr); } static inline void * ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368667 - in head: . gnu/usr.bin gnu/usr.bin/binutils gnu/usr.bin/gdb tools/build/mk
On 12/16/20 9:41 AM, Ed Maste wrote: > On Tue, 15 Dec 2020 at 18:25, John Baldwin wrote: >> >> On 12/15/20 9:44 AM, Ed Maste wrote: >>> Author: emaste >>> Date: Tue Dec 15 17:44:19 2020 >>> New Revision: 368667 >>> URL: https://svnweb.freebsd.org/changeset/base/368667 >>> >>> Log: >>> Retire obsolete GDB 6.1.1 >> >> Are you going to remove the -gdwarf-2 bits from kern.mk now? > > Yes, soon. We probably need to change it to explicit -gdwarf-4 (not > just remove it and rely on the compiler's default) as we'll see DWARF5 > by default before long and will need to update ctfconvert again. We already don't bother doing that for userland, so I think I'd rather us just drop the option and fix ctfconvert once there is a need. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368688 - head/sys/dev/usb
Author: jhb Date: Wed Dec 16 00:27:28 2020 New Revision: 368688 URL: https://svnweb.freebsd.org/changeset/base/368688 Log: Use more standard types for manipulating pointers. - Use a uintptr_t cast to get the virtual address of a pointer in USB_P2U() instead of a ptrdiff_t. - Add offsets to a char * pointer directly without roundtripping the pointer through a ptrdiff_t in USB_ADD_BYTES(). Reviewed by: imp, hselasky Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27581 Modified: head/sys/dev/usb/usb_core.h Modified: head/sys/dev/usb/usb_core.h == --- head/sys/dev/usb/usb_core.h Wed Dec 16 00:17:54 2020(r368687) +++ head/sys/dev/usb/usb_core.h Wed Dec 16 00:27:28 2020(r368688) @@ -58,11 +58,11 @@ /* helper for converting pointers to integers */ #defineUSB_P2U(ptr) \ - (((const uint8_t *)(ptr)) - ((const uint8_t *)0)) + ((uintptr_t)(ptr)) /* helper for computing offsets */ #defineUSB_ADD_BYTES(ptr,size) \ - ((void *)(USB_P2U(ptr) + (size))) + ((void *)(__DECONST(char *, (ptr)) + (size))) /* debug macro */ #defineUSB_ASSERT KASSERT ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368687 - head/sys/dev/mxge
Author: jhb Date: Wed Dec 16 00:17:54 2020 New Revision: 368687 URL: https://svnweb.freebsd.org/changeset/base/368687 Log: Use uintptr_t instead of unsigned long for integers holding pointers. Reviewed by: imp, gallatin Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27580 Modified: head/sys/dev/mxge/if_mxge.c Modified: head/sys/dev/mxge/if_mxge.c == --- head/sys/dev/mxge/if_mxge.c Wed Dec 16 00:13:32 2020(r368686) +++ head/sys/dev/mxge/if_mxge.c Wed Dec 16 00:17:54 2020(r368687) @@ -772,7 +772,7 @@ mxge_dummy_rdma(mxge_softc_t *sc, int enable) uint32_t *buf, dma_low, dma_high; int i; - buf = (uint32_t *)((unsigned long)(buf_bytes + 7) & ~7UL); + buf = (uint32_t *)((uintptr_t)(buf_bytes + 7) & ~7UL); /* clear confirmation addr */ confirm = (volatile uint32_t *)sc->cmd; @@ -825,7 +825,7 @@ mxge_send_cmd(mxge_softc_t *sc, uint32_t cmd, mxge_cmd int err, sleep_total = 0; /* ensure buf is aligned to 8 bytes */ - buf = (mcp_cmd_t *)((unsigned long)(buf_bytes + 7) & ~7UL); + buf = (mcp_cmd_t *)((uintptr_t)(buf_bytes + 7) & ~7UL); buf->data0 = htobe32(data->data0); buf->data1 = htobe32(data->data1); @@ -944,7 +944,7 @@ mxge_load_firmware(mxge_softc_t *sc, int adopt) uint32_t *buf, size, dma_low, dma_high; int status, i; - buf = (uint32_t *)((unsigned long)(buf_bytes + 7) & ~7UL); + buf = (uint32_t *)((uintptr_t)(buf_bytes + 7) & ~7UL); size = sc->sram_size; status = mxge_load_firmware_helper(sc, ); @@ -3373,7 +3373,7 @@ mxge_alloc_slice_rings(struct mxge_slice_state *ss, in ss->tx.req_bytes = malloc(bytes, M_DEVBUF, M_WAITOK); /* ensure req_list entries are aligned to 8 bytes */ ss->tx.req_list = (mcp_kreq_ether_send_t *) - ((unsigned long)(ss->tx.req_bytes + 7) & ~7UL); + ((uintptr_t)(ss->tx.req_bytes + 7) & ~7UL); /* allocate the tx busdma segment list */ bytes = sizeof (*ss->tx.seg_list) * ss->tx.max_desc; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368686 - head/sys/dev/mrsas
Author: jhb Date: Wed Dec 16 00:13:32 2020 New Revision: 368686 URL: https://svnweb.freebsd.org/changeset/base/368686 Log: Use uintptr_t instead of unsigned long for pointers. The sense_ptr thing is quite broken. As near as I can tell, the driver tries to copyout to a physical address rather than whatever user address the sense buffer should be copied to. It is not immediately obvious what user address the sense buffer should be copied to. Reviewed by: imp Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27578 Modified: head/sys/dev/mrsas/mrsas_ioctl.c Modified: head/sys/dev/mrsas/mrsas_ioctl.c == --- head/sys/dev/mrsas/mrsas_ioctl.cWed Dec 16 00:11:30 2020 (r368685) +++ head/sys/dev/mrsas/mrsas_ioctl.cWed Dec 16 00:13:32 2020 (r368686) @@ -136,7 +136,7 @@ mrsas_passthru(struct mrsas_softc *sc, void *arg, u_lo * iocpacket itself. */ kern_sge32 = (struct mrsas_sge32 *) - ((unsigned long)cmd->frame + user_ioc->sgl_off); + ((uintptr_t)cmd->frame + user_ioc->sgl_off); memset(ioctl_data_tag, 0, (sizeof(bus_dma_tag_t) * MAX_IOCTL_SGE)); memset(ioctl_data_dmamap, 0, (sizeof(bus_dmamap_t) * MAX_IOCTL_SGE)); @@ -243,7 +243,7 @@ mrsas_passthru(struct mrsas_softc *sc, void *arg, u_lo goto out; } sense_ptr = - (unsigned long *)((unsigned long)cmd->frame + user_ioc->sense_off); + (unsigned long *)((uintptr_t)cmd->frame + user_ioc->sense_off); *sense_ptr = ioctl_sense_phys_addr; } /* @@ -290,9 +290,9 @@ mrsas_passthru(struct mrsas_softc *sc, void *arg, u_lo * sense_buff points to the location that has the user sense * buffer address */ - sense_ptr = (unsigned long *)((unsigned long)user_ioc->frame.raw + + sense_ptr = (unsigned long *)((uintptr_t)user_ioc->frame.raw + user_ioc->sense_off); - ret = copyout(ioctl_sense_mem, (unsigned long *)*sense_ptr, + ret = copyout(ioctl_sense_mem, (unsigned long *)(uintptr_t)*sense_ptr, user_ioc->sense_len); if (ret) { device_printf(sc->mrsas_dev, "IOCTL sense copyout failed!\n"); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368685 - head/sys/compat/linuxkpi/common/include/linux
Author: jhb Date: Wed Dec 16 00:11:30 2020 New Revision: 368685 URL: https://svnweb.freebsd.org/changeset/base/368685 Log: Use the 't' modifier to print a ptrdiff_t. Reviewed by: imp Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27576 Modified: head/sys/compat/linuxkpi/common/include/linux/printk.h Modified: head/sys/compat/linuxkpi/common/include/linux/printk.h == --- head/sys/compat/linuxkpi/common/include/linux/printk.h Tue Dec 15 22:37:03 2020(r368684) +++ head/sys/compat/linuxkpi/common/include/linux/printk.h Wed Dec 16 00:11:30 2020(r368685) @@ -68,7 +68,7 @@ print_hex_dump(const char *level, const char *prefix_s printf("[%p] ", buf); break; case DUMP_PREFIX_OFFSET: - printf("[%p] ", (const char *)((const char *)buf - + printf("[%#tx] ", ((const char *)buf - (const char *)buf_old)); break; default: ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368667 - in head: . gnu/usr.bin gnu/usr.bin/binutils gnu/usr.bin/gdb tools/build/mk
On 12/15/20 9:44 AM, Ed Maste wrote: > Author: emaste > Date: Tue Dec 15 17:44:19 2020 > New Revision: 368667 > URL: https://svnweb.freebsd.org/changeset/base/368667 > > Log: > Retire obsolete GDB 6.1.1 > > GDB 6.1.1 was released in June 2004 and is long obsolete. It does not > support all of the architectures that FreeBSD does, and imposes > limitations on the FreeBSD kernel build, such as the continued use of > DWARF2 debugging information. > > It was kept (in /usr/libexec/) only for use by crashinfo(8), which > extracts some basic information from a kernel core dump after a crash. > Crashinfo already prefers gdb from port/package if installed. > > Future work may add kernel debug support to LLDB or find another path > for crashinfo's needs, but in any case we do not want to ship the > excessively outdated GDB in FreeBSD 13. > > Sponsored by: The FreeBSD Foundation > Differential Revision: https://reviews.freebsd.org/D27610 Are you going to remove the -gdwarf-2 bits from kern.mk now? (Does ctfconvert support newer DWARF?) -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368642 - stable/12/sys/amd64/vmm/io
Author: jhb Date: Mon Dec 14 20:48:59 2020 New Revision: 368642 URL: https://svnweb.freebsd.org/changeset/base/368642 Log: MFC 368004: Pull the check for VM ownership into ppt_find(). This reduces some code duplication. One behavior change is that ppt_assign_device() will now only succeed if the device is unowned. Previously, a device could be assigned to the same VM multiple times, but each time it was assigned, the device's state was reset. Modified: stable/12/sys/amd64/vmm/io/ppt.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/amd64/vmm/io/ppt.c == --- stable/12/sys/amd64/vmm/io/ppt.cMon Dec 14 20:40:21 2020 (r368641) +++ stable/12/sys/amd64/vmm/io/ppt.cMon Dec 14 20:48:59 2020 (r368642) @@ -198,8 +198,8 @@ static devclass_t ppt_devclass; DEFINE_CLASS_0(ppt, ppt_driver, ppt_methods, sizeof(struct pptdev)); DRIVER_MODULE(ppt, pci, ppt_driver, ppt_devclass, NULL, NULL); -static struct pptdev * -ppt_find(int bus, int slot, int func) +static int +ppt_find(struct vm *vm, int bus, int slot, int func, struct pptdev **pptp) { device_t dev; struct pptdev *ppt; @@ -211,9 +211,15 @@ ppt_find(int bus, int slot, int func) s = pci_get_slot(dev); f = pci_get_function(dev); if (bus == b && slot == s && func == f) - return (ppt); + break; } - return (NULL); + + if (ppt == NULL) + return (ENOENT); + if (ppt->vm != vm) /* Make sure we own this device */ + return (EBUSY); + *pptp = ppt; + return (0); } static void @@ -377,50 +383,40 @@ int ppt_assign_device(struct vm *vm, int bus, int slot, int func) { struct pptdev *ppt; + int error; - ppt = ppt_find(bus, slot, func); - if (ppt != NULL) { - /* -* If this device is owned by a different VM then we -* cannot change its owner. -*/ - if (ppt->vm != NULL && ppt->vm != vm) - return (EBUSY); + /* Passing NULL requires the device to be unowned. */ + error = ppt_find(NULL, bus, slot, func, ); + if (error) + return (error); - pci_save_state(ppt->dev); - ppt_pci_reset(ppt->dev); - pci_restore_state(ppt->dev); - ppt->vm = vm; - iommu_add_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); - return (0); - } - return (ENOENT); + pci_save_state(ppt->dev); + ppt_pci_reset(ppt->dev); + pci_restore_state(ppt->dev); + ppt->vm = vm; + iommu_add_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); + return (0); } int ppt_unassign_device(struct vm *vm, int bus, int slot, int func) { struct pptdev *ppt; + int error; - ppt = ppt_find(bus, slot, func); - if (ppt != NULL) { - /* -* If this device is not owned by this 'vm' then bail out. -*/ - if (ppt->vm != vm) - return (EBUSY); + error = ppt_find(vm, bus, slot, func, ); + if (error) + return (error); - pci_save_state(ppt->dev); - ppt_pci_reset(ppt->dev); - pci_restore_state(ppt->dev); - ppt_unmap_mmio(vm, ppt); - ppt_teardown_msi(ppt); - ppt_teardown_msix(ppt); - iommu_remove_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); - ppt->vm = NULL; - return (0); - } - return (ENOENT); + pci_save_state(ppt->dev); + ppt_pci_reset(ppt->dev); + pci_restore_state(ppt->dev); + ppt_unmap_mmio(vm, ppt); + ppt_teardown_msi(ppt); + ppt_teardown_msix(ppt); + iommu_remove_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); + ppt->vm = NULL; + return (0); } int @@ -451,25 +447,22 @@ ppt_map_mmio(struct vm *vm, int bus, int slot, int fun struct pptseg *seg; struct pptdev *ppt; - ppt = ppt_find(bus, slot, func); - if (ppt != NULL) { - if (ppt->vm != vm) - return (EBUSY); + error = ppt_find(vm, bus, slot, func, ); + if (error) + return (error); - for (i = 0; i < MAX_MMIOSEGS; i++) { - seg = >mmio[i]; - if (seg->len == 0) { - error = vm_map_mmio(vm, gpa, len, hpa); - if (error == 0) { - seg->gpa = gpa; - seg->len = len; - } - return (error); + for (i = 0; i <
svn commit: r368641 - in stable/12: lib/libvmmapi sys/amd64/include sys/amd64/vmm sys/amd64/vmm/io usr.sbin/bhyve
Author: jhb Date: Mon Dec 14 20:40:21 2020 New Revision: 368641 URL: https://svnweb.freebsd.org/changeset/base/368641 Log: MFC 368003: Honor the disabled setting for MSI-X interrupts for passthrough devices. Add a new ioctl to disable all MSI-X interrupts for a PCI passthrough device and invoke it if a write to the MSI-X capability registers disables MSI-X. This avoids leaving MSI-X interrupts enabled on the host if a guest device driver has disabled them (e.g. as part of detaching a guest device driver). This was found by Chelsio QA when testing that a Linux guest could switch from MSI-X to MSI interrupts when using the cxgb4vf driver. While here, explicitly fail requests to enable MSI on a passthrough device if MSI-X is enabled and vice versa. Modified: stable/12/lib/libvmmapi/vmmapi.c stable/12/lib/libvmmapi/vmmapi.h stable/12/sys/amd64/include/vmm_dev.h stable/12/sys/amd64/vmm/io/ppt.c stable/12/sys/amd64/vmm/io/ppt.h stable/12/sys/amd64/vmm/vmm_dev.c stable/12/usr.sbin/bhyve/pci_passthru.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/libvmmapi/vmmapi.c == --- stable/12/lib/libvmmapi/vmmapi.cMon Dec 14 19:47:08 2020 (r368640) +++ stable/12/lib/libvmmapi/vmmapi.cMon Dec 14 20:40:21 2020 (r368641) @@ -952,6 +952,19 @@ vm_setup_pptdev_msix(struct vmctx *ctx, int vcpu, int return ioctl(ctx->fd, VM_PPTDEV_MSIX, ); } +int +vm_disable_pptdev_msix(struct vmctx *ctx, int bus, int slot, int func) +{ + struct vm_pptdev ppt; + + bzero(, sizeof(ppt)); + ppt.bus = bus; + ppt.slot = slot; + ppt.func = func; + + return ioctl(ctx->fd, VM_PPTDEV_DISABLE_MSIX, ); +} + uint64_t * vm_get_stats(struct vmctx *ctx, int vcpu, struct timeval *ret_tv, int *ret_entries) @@ -1552,7 +1565,8 @@ vm_get_ioctls(size_t *len) VM_ISA_DEASSERT_IRQ, VM_ISA_PULSE_IRQ, VM_ISA_SET_IRQ_TRIGGER, VM_SET_CAPABILITY, VM_GET_CAPABILITY, VM_BIND_PPTDEV, VM_UNBIND_PPTDEV, VM_MAP_PPTDEV_MMIO, VM_PPTDEV_MSI, - VM_PPTDEV_MSIX, VM_INJECT_NMI, VM_STATS, VM_STAT_DESC, + VM_PPTDEV_MSIX, VM_PPTDEV_DISABLE_MSIX, + VM_INJECT_NMI, VM_STATS, VM_STAT_DESC, VM_SET_X2APIC_STATE, VM_GET_X2APIC_STATE, VM_GET_HPET_CAPABILITIES, VM_GET_GPA_PMAP, VM_GLA2GPA, VM_GLA2GPA_NOFAULT, Modified: stable/12/lib/libvmmapi/vmmapi.h == --- stable/12/lib/libvmmapi/vmmapi.hMon Dec 14 19:47:08 2020 (r368640) +++ stable/12/lib/libvmmapi/vmmapi.hMon Dec 14 20:40:21 2020 (r368641) @@ -168,6 +168,7 @@ int vm_setup_pptdev_msi(struct vmctx *ctx, int vcpu, i intvm_setup_pptdev_msix(struct vmctx *ctx, int vcpu, int bus, int slot, int func, int idx, uint64_t addr, uint64_t msg, uint32_t vector_control); +intvm_disable_pptdev_msix(struct vmctx *ctx, int bus, int slot, int func); intvm_get_intinfo(struct vmctx *ctx, int vcpu, uint64_t *i1, uint64_t *i2); intvm_set_intinfo(struct vmctx *ctx, int vcpu, uint64_t exit_intinfo); Modified: stable/12/sys/amd64/include/vmm_dev.h == --- stable/12/sys/amd64/include/vmm_dev.h Mon Dec 14 19:47:08 2020 (r368640) +++ stable/12/sys/amd64/include/vmm_dev.h Mon Dec 14 20:40:21 2020 (r368641) @@ -281,6 +281,7 @@ enum { IOCNUM_MAP_PPTDEV_MMIO = 42, IOCNUM_PPTDEV_MSI = 43, IOCNUM_PPTDEV_MSIX = 44, + IOCNUM_PPTDEV_DISABLE_MSIX = 45, /* statistics */ IOCNUM_VM_STATS = 50, @@ -378,6 +379,8 @@ enum { _IOW('v', IOCNUM_PPTDEV_MSI, struct vm_pptdev_msi) #defineVM_PPTDEV_MSIX \ _IOW('v', IOCNUM_PPTDEV_MSIX, struct vm_pptdev_msix) +#defineVM_PPTDEV_DISABLE_MSIX \ + _IOW('v', IOCNUM_PPTDEV_DISABLE_MSIX, struct vm_pptdev) #define VM_INJECT_NMI \ _IOW('v', IOCNUM_INJECT_NMI, struct vm_nmi) #defineVM_STATS \ Modified: stable/12/sys/amd64/vmm/io/ppt.c == --- stable/12/sys/amd64/vmm/io/ppt.cMon Dec 14 19:47:08 2020 (r368640) +++ stable/12/sys/amd64/vmm/io/ppt.cMon Dec 14 20:40:21 2020 (r368641) @@ -517,6 +517,10 @@ ppt_setup_msi(struct vm *vm, int vcpu, int bus, int sl if (ppt->vm != vm) /* Make sure we own this device */ return (EBUSY); + /* Reject attempts to enable MSI while MSI-X is active. */ + if (ppt->msix.num_msgs != 0 && numvec != 0) + return (EBUSY); + /* Free any allocated resources */ ppt_teardown_msi(ppt); @@ -606,6 +610,10 @@ ppt_setup_msix(struct vm *vm, int vcpu, int bus, int s if
svn commit: r368584 - stable/12/sbin/sysctl
Author: jhb Date: Sat Dec 12 17:11:22 2020 New Revision: 368584 URL: https://svnweb.freebsd.org/changeset/base/368584 Log: MFC 367188: Use a dynamic buffer for the copy of a node's new value. This permits setting a node's value to a string longer than BUFSIZ. Modified: stable/12/sbin/sysctl/sysctl.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sbin/sysctl/sysctl.c == --- stable/12/sbin/sysctl/sysctl.c Sat Dec 12 17:07:33 2020 (r368583) +++ stable/12/sbin/sysctl/sysctl.c Sat Dec 12 17:11:22 2020 (r368584) @@ -344,13 +344,13 @@ parse_numeric(const char *newvalstr, const char *fmt, static int parse(const char *string, int lineno) { - int len, i, j; + int len, i, j, save_errno; const void *newval; char *newvalstr = NULL; void *newbuf; size_t newsize = Bflag; int mib[CTL_MAXNAME]; - char *cp, *bufp, buf[BUFSIZ], fmt[BUFSIZ], line[BUFSIZ]; + char *cp, *bufp, *buf, fmt[BUFSIZ], line[BUFSIZ]; u_int kind; if (lineno) @@ -365,11 +365,7 @@ parse(const char *string, int lineno) * Whitespace surrounding the delimiter is trimmed. * Quotes around the value are stripped. */ - cp = buf; - if (snprintf(buf, BUFSIZ, "%s", string) >= BUFSIZ) { - warnx("oid too long: '%s'%s", string, line); - return (1); - } + cp = buf = strdup(string); bufp = strsep(, "=:"); if (cp != NULL) { /* Tflag just lists tunables, do not allow assignment */ @@ -403,22 +399,24 @@ parse(const char *string, int lineno) */ len = name2oid(bufp, mib); if (len < 0) { - if (iflag) + if (iflag) { + free(buf); return (0); - if (qflag) - return (1); - else { + } + if (!qflag) { if (errno == ENOENT) { warnx("unknown oid '%s'%s", bufp, line); } else { warn("unknown oid '%s'%s", bufp, line); } - return (1); } + free(buf); + return (1); } if (oidfmt(mib, len, fmt, )) { warn("couldn't find format of oid '%s'%s", bufp, line); + free(buf); if (iflag) return (1); else @@ -430,6 +428,7 @@ parse(const char *string, int lineno) * show the node and its children. Otherwise, set the new value. */ if (newvalstr == NULL || dflag) { + free(buf); if ((kind & CTLTYPE) == CTLTYPE_NODE) { if (dflag) { i = show_var(mib, len, false); @@ -450,6 +449,7 @@ parse(const char *string, int lineno) */ if ((kind & CTLTYPE) == CTLTYPE_NODE) { warnx("oid '%s' isn't a leaf node%s", bufp, line); + free(buf); return (1); } @@ -459,6 +459,7 @@ parse(const char *string, int lineno) warnx("Tunable values are set in /boot/loader.conf"); } else warnx("oid '%s' is read only%s", bufp, line); + free(buf); return (1); } @@ -477,6 +478,7 @@ parse(const char *string, int lineno) case CTLTYPE_U64: if (strlen(newvalstr) == 0) { warnx("empty numeric value"); + free(buf); return (1); } /* FALLTHROUGH */ @@ -485,6 +487,7 @@ parse(const char *string, int lineno) default: warnx("oid '%s' is type %d, cannot set that%s", bufp, kind & CTLTYPE, line); + free(buf); return (1); } @@ -503,6 +506,7 @@ parse(const char *string, int lineno) warnx("invalid %s '%s'%s", ctl_typename[kind & CTLTYPE], cp, line); free(newbuf); + free(buf); return (1); } } @@ -515,10 +519,12 @@ parse(const char *string, int lineno) */ i = show_var(mib, len, false); if (sysctl(mib, len, 0, 0, newval, newsize) == -1) { + save_errno = errno; free(newbuf); + free(buf); if (!i && !bflag) putchar('\n'); - switch (errno) { + switch (save_errno) { case EOPNOTSUPP: warnx("%s: value is not
svn commit: r368583 - stable/12/sys/dev/cxgbe/tom
Author: jhb Date: Sat Dec 12 17:07:33 2020 New Revision: 368583 URL: https://svnweb.freebsd.org/changeset/base/368583 Log: MFC 367578: Clear tp->tod in t4_pcb_detach(). Otherwise, a socket can have a non-NULL tp->tod while TF_TOE is clear. In particular, if a newly accepted socket falls back to non-TOE due to an active open failure, the non-TOE socket will still have tp->tod set even though TF_TOE is clear. Modified: stable/12/sys/dev/cxgbe/tom/t4_tom.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/dev/cxgbe/tom/t4_tom.c == --- stable/12/sys/dev/cxgbe/tom/t4_tom.cSat Dec 12 17:04:54 2020 (r368582) +++ stable/12/sys/dev/cxgbe/tom/t4_tom.cSat Dec 12 17:07:33 2020 (r368583) @@ -381,6 +381,7 @@ t4_pcb_detach(struct toedev *tod __unused, struct tcpc } #endif + tp->tod = NULL; tp->t_toe = NULL; tp->t_flags &= ~TF_TOE; toep->flags &= ~TPF_ATTACHED; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368582 - stable/12/sys/dev/cxgbe/tom
Author: jhb Date: Sat Dec 12 17:04:54 2020 New Revision: 368582 URL: https://svnweb.freebsd.org/changeset/base/368582 Log: MFC 366955: Handle CPL_RX_DATA on active TLS sockets. In certain edge cases, the NIC might have only received a partial TLS record which it needs to return to the driver. For example, if the local socket was closed while data was still in flight, a partial TLS record might be pending when the connection is closed. Receiving a RST in the middle of a TLS record is another example. When this happens, the firmware returns the the partial TLS record as plain TCP data via CPL_RX_DATA. Handle these requests by returning an error to OpenSSL (via so_error for KTLS or via an error TLS record header for the older Chelsio OpenSSL interface). Modified: stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c stable/12/sys/dev/cxgbe/tom/t4_tls.c stable/12/sys/dev/cxgbe/tom/t4_tom.h Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c == --- stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c Sat Dec 12 16:55:23 2020 (r368581) +++ stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c Sat Dec 12 17:04:54 2020 (r368582) @@ -1550,6 +1550,15 @@ do_rx_data(struct sge_iq *iq, const struct rss_header tp = intotcpcb(inp); + if (__predict_false(ulp_mode(toep) == ULP_MODE_TLS && + toep->flags & TPF_TLS_RECEIVE)) { + /* Received "raw" data on a TLS socket. */ + CTR3(KTR_CXGBE, "%s: tid %u, raw TLS data (%d bytes)", + __func__, tid, len); + do_rx_data_tls(cpl, toep, m); + return (0); + } + if (__predict_false(tp->rcv_nxt != be32toh(cpl->seq))) ddp_placed = be32toh(cpl->seq) - tp->rcv_nxt; Modified: stable/12/sys/dev/cxgbe/tom/t4_tls.c == --- stable/12/sys/dev/cxgbe/tom/t4_tls.cSat Dec 12 16:55:23 2020 (r368581) +++ stable/12/sys/dev/cxgbe/tom/t4_tls.cSat Dec 12 17:04:54 2020 (r368582) @@ -691,6 +691,8 @@ program_key_context(struct tcpcb *tp, struct toepcb *t V_TCB_TLS_SEQ(M_TCB_TLS_SEQ), V_TCB_TLS_SEQ(0)); t4_clear_rx_quiesce(toep); + + toep->flags |= TPF_TLS_RECEIVE; } else { unsigned short pdus_per_ulp; @@ -1597,6 +1599,135 @@ do_rx_tls_cmp(struct sge_iq *iq, const struct rss_head INP_WUNLOCK(inp); CURVNET_RESTORE(); return (0); +} + +void +do_rx_data_tls(const struct cpl_rx_data *cpl, struct toepcb *toep, +struct mbuf *m) +{ + struct inpcb *inp = toep->inp; + struct tls_ofld_info *tls_ofld = >tls; + struct tls_hdr *hdr; + struct tcpcb *tp; + struct socket *so; + struct sockbuf *sb; + int error, len, rx_credits; + + len = m->m_pkthdr.len; + + INP_WLOCK_ASSERT(inp); + + so = inp_inpcbtosocket(inp); + tp = intotcpcb(inp); + sb = >so_rcv; + SOCKBUF_LOCK(sb); + CURVNET_SET(toep->vnet); + + tp->rcv_nxt += len; + KASSERT(tp->rcv_wnd >= len, ("%s: negative window size", __func__)); + tp->rcv_wnd -= len; + + /* Do we have a full TLS header? */ + if (len < sizeof(*hdr)) { + CTR3(KTR_CXGBE, "%s: tid %u len %d: too short for a TLS header", + __func__, toep->tid, len); + so->so_error = EMSGSIZE; + goto out; + } + hdr = mtod(m, struct tls_hdr *); + + /* Is the header valid? */ + if (be16toh(hdr->version) != tls_ofld->k_ctx.proto_ver) { + CTR3(KTR_CXGBE, "%s: tid %u invalid version %04x", + __func__, toep->tid, be16toh(hdr->version)); + error = EINVAL; + goto report_error; + } + if (be16toh(hdr->length) < sizeof(*hdr)) { + CTR3(KTR_CXGBE, "%s: tid %u invalid length %u", + __func__, toep->tid, be16toh(hdr->length)); + error = EBADMSG; + goto report_error; + } + + /* Did we get a truncated record? */ + if (len < be16toh(hdr->length)) { + CTR4(KTR_CXGBE, "%s: tid %u truncated TLS record (%d vs %u)", + __func__, toep->tid, len, be16toh(hdr->length)); + + error = EMSGSIZE; + goto report_error; + } + + /* Is the header type unknown? */ + switch (hdr->type) { + case CONTENT_TYPE_CCS: + case CONTENT_TYPE_ALERT: + case CONTENT_TYPE_APP_DATA: + case CONTENT_TYPE_HANDSHAKE: + break; + default: + CTR3(KTR_CXGBE, "%s: tid %u invalid TLS record type %u", + __func__, toep->tid, hdr->type); + error =
svn commit: r368581 - stable/12/sys/dev/cxgbe/tom
Author: jhb Date: Sat Dec 12 16:55:23 2020 New Revision: 368581 URL: https://svnweb.freebsd.org/changeset/base/368581 Log: MFC 366854: Re-enable receive flow control for TOE TLS sockets. Flow control was disabled during initial TOE TLS development to workaround a hang (and to match the Linux TOE TLS support for T6). The rest of the TOE TLS code maintained credits as if flow control was enabled which was inherited from before the workaround was added with the exception that the receive window was allowed to go negative. This negative receive window handling (rcv_over) was because I hadn't realized the full implications of disabling flow control. To clean this up, re-enable flow control on TOE TLS sockets. The existing TPF_FORCE_CREDITS workaround is sufficient for the original hang. Now that flow control is enabled, remove the rcv_over workaround and instead assert that the receive window never goes negative matching plain TCP TOE sockets. Modified: stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c stable/12/sys/dev/cxgbe/tom/t4_tls.c stable/12/sys/dev/cxgbe/tom/t4_tls.h stable/12/sys/dev/cxgbe/tom/t4_tom.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c == --- stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c Sat Dec 12 15:38:32 2020 (r368580) +++ stable/12/sys/dev/cxgbe/tom/t4_cpl_io.c Sat Dec 12 16:55:23 2020 (r368581) @@ -467,16 +467,6 @@ t4_rcvd_locked(struct toedev *tod, struct tcpcb *tp) SOCKBUF_LOCK_ASSERT(sb); rx_credits = sbspace(sb) > tp->rcv_wnd ? sbspace(sb) - tp->rcv_wnd : 0; - if (ulp_mode(toep) == ULP_MODE_TLS) { - if (toep->tls.rcv_over >= rx_credits) { - toep->tls.rcv_over -= rx_credits; - rx_credits = 0; - } else { - rx_credits -= toep->tls.rcv_over; - toep->tls.rcv_over = 0; - } - } - if (rx_credits > 0 && (tp->rcv_wnd <= 32 * 1024 || rx_credits >= 64 * 1024 || (rx_credits >= 16 * 1024 && tp->rcv_wnd <= 128 * 1024) || Modified: stable/12/sys/dev/cxgbe/tom/t4_tls.c == --- stable/12/sys/dev/cxgbe/tom/t4_tls.cSat Dec 12 15:38:32 2020 (r368580) +++ stable/12/sys/dev/cxgbe/tom/t4_tls.cSat Dec 12 16:55:23 2020 (r368581) @@ -1491,11 +1491,9 @@ do_rx_tls_cmp(struct sge_iq *iq, const struct rss_head #endif tp->rcv_nxt += pdu_length; - if (tp->rcv_wnd < pdu_length) { - toep->tls.rcv_over += pdu_length - tp->rcv_wnd; - tp->rcv_wnd = 0; - } else - tp->rcv_wnd -= pdu_length; + KASSERT(tp->rcv_wnd >= pdu_length, + ("%s: negative window size", __func__)); + tp->rcv_wnd -= pdu_length; /* XXX: Not sure what to do about urgent data. */ Modified: stable/12/sys/dev/cxgbe/tom/t4_tls.h == --- stable/12/sys/dev/cxgbe/tom/t4_tls.hSat Dec 12 15:38:32 2020 (r368580) +++ stable/12/sys/dev/cxgbe/tom/t4_tls.hSat Dec 12 16:55:23 2020 (r368581) @@ -268,7 +268,6 @@ struct tls_ofld_info { struct tls_scmd scmd0; u_int sb_off; struct callout handshake_timer; - u_int rcv_over; }; struct tls_key_req { Modified: stable/12/sys/dev/cxgbe/tom/t4_tom.c == --- stable/12/sys/dev/cxgbe/tom/t4_tom.cSat Dec 12 15:38:32 2020 (r368580) +++ stable/12/sys/dev/cxgbe/tom/t4_tom.cSat Dec 12 16:55:23 2020 (r368581) @@ -1021,8 +1021,6 @@ calc_options2(struct vi_info *vi, struct conn_params * if (cp->ulp_mode == ULP_MODE_TCPDDP) opt2 |= F_RX_FC_DDP; #endif - if (cp->ulp_mode == ULP_MODE_TLS) - opt2 |= F_RX_FC_DISABLE; return (htobe32(opt2)); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368545 - in stable/12/lib/csu/tests: . dynamic dynamicpie
Author: jhb Date: Fri Dec 11 01:06:49 2020 New Revision: 368545 URL: https://svnweb.freebsd.org/changeset/base/368545 Log: MFC 367576: Add C startup code tests for PIE binaries. - Force dynamic to be a non-PIE binary. - Add a dynamicpie test which uses a PIE binary. Added: stable/12/lib/csu/tests/dynamicpie/ - copied from r367576, head/lib/csu/tests/dynamicpie/ Modified: stable/12/lib/csu/tests/Makefile stable/12/lib/csu/tests/dynamic/Makefile Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/csu/tests/Makefile == --- stable/12/lib/csu/tests/MakefileFri Dec 11 01:04:36 2020 (r368544) +++ stable/12/lib/csu/tests/MakefileFri Dec 11 01:06:49 2020 (r368545) @@ -3,6 +3,7 @@ SUBDIR=dso TESTS_SUBDIRS= dynamic TESTS_SUBDIRS+=dynamiclib +TESTS_SUBDIRS+=dynamicpie TESTS_SUBDIRS+=static SUBDIR_DEPEND_dynamiclib=dso Modified: stable/12/lib/csu/tests/dynamic/Makefile == --- stable/12/lib/csu/tests/dynamic/MakefileFri Dec 11 01:04:36 2020 (r368544) +++ stable/12/lib/csu/tests/dynamic/MakefileFri Dec 11 01:06:49 2020 (r368545) @@ -2,5 +2,8 @@ .PATH: ${.CURDIR:H} +.include +MK_PIE=no + .include "../Makefile.tests" .include ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368544 - stable/12/lib/csu/tests
Author: jhb Date: Fri Dec 11 01:04:36 2020 New Revision: 368544 URL: https://svnweb.freebsd.org/changeset/base/368544 Log: MFC 367575: Fix dso_handle_check for PIE executables. PIE executables use crtbeginS.o and have a non-NULL dso_handle as a result. Modified: stable/12/lib/csu/tests/fini_test.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/csu/tests/fini_test.c == --- stable/12/lib/csu/tests/fini_test.c Fri Dec 11 01:00:07 2020 (r368543) +++ stable/12/lib/csu/tests/fini_test.c Fri Dec 11 01:04:36 2020 (r368544) @@ -141,9 +141,9 @@ dso_handle_check(void) { void *dso = __dso_handle; -#ifdef DSO_LIB +#if defined(DSO_LIB) || defined(__PIE__) ATF_REQUIRE_MSG(dso != NULL, - "Null __dso_handle in DSO"); + "Null __dso_handle in DSO/PIE"); #else ATF_REQUIRE_MSG(dso == NULL, "Invalid __dso_handle in non-DSO"); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368531 - stable/12/lib/csu/common
Author: jhb Date: Thu Dec 10 23:58:27 2020 New Revision: 368531 URL: https://svnweb.freebsd.org/changeset/base/368531 Log: MFC 367574: Rename __JCR_LIST__ to __JCR_END__ in crtend.c. This is more consistent with the names used for .ctor and .dtor symbols and better reflects __JCR_END__'s role. Modified: stable/12/lib/csu/common/crtend.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/csu/common/crtend.c == --- stable/12/lib/csu/common/crtend.c Thu Dec 10 23:43:29 2020 (r368530) +++ stable/12/lib/csu/common/crtend.c Thu Dec 10 23:58:27 2020 (r368531) @@ -28,7 +28,7 @@ __FBSDID("$FreeBSD$"); typedef void (*crt_func)(void); -static crt_func __JCR_LIST__[] __section(".jcr") __used = { +static crt_func __JCR_END__[] __section(".jcr") __used = { (crt_func)0 }; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368528 - stable/12/sys/kern
Author: jhb Date: Thu Dec 10 22:26:51 2020 New Revision: 368528 URL: https://svnweb.freebsd.org/changeset/base/368528 Log: MFC 366584: Don't invoke semunload() if seminit() fails during MOD_LOAD. The module handler code invokes a MOD_UNLOAD event immediately if MOD_LOAD fails. The result was that if seminit() failed, semunload() was invoked twice. semunload() is not idempotent however and would try to remove it's process_exit eventhandler twice resulting in a panic. Modified: stable/12/sys/kern/sysv_sem.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/kern/sysv_sem.c == --- stable/12/sys/kern/sysv_sem.c Thu Dec 10 22:20:20 2020 (r368527) +++ stable/12/sys/kern/sysv_sem.c Thu Dec 10 22:26:51 2020 (r368528) @@ -382,8 +382,6 @@ sysvsem_modload(struct module *module, int cmd, void * switch (cmd) { case MOD_LOAD: error = seminit(); - if (error != 0) - semunload(); break; case MOD_UNLOAD: error = semunload(); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368526 - in stable/12/sys: conf dev/md
Author: jhb Date: Thu Dec 10 21:12:25 2020 New Revision: 368526 URL: https://svnweb.freebsd.org/changeset/base/368526 Log: MFC 366897: Use a template assembly file to generate the embedded MFS. This uses the .incbin directive to pull in the MFS image contents. Using assembly directly ensures that symbols can be defined with the name and properties (such as .size) desired without having to rename symbols, etc. via a second objcopy invocation. Since it is compiled by the C compiler driver, it also avoids the need for all of the EMBEDFS* make variables. Added: stable/12/sys/dev/md/embedfs.S - copied unchanged from r366897, head/sys/dev/md/embedfs.S Modified: stable/12/sys/conf/kern.post.mk stable/12/sys/conf/kern.pre.mk Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/conf/kern.post.mk == --- stable/12/sys/conf/kern.post.mk Thu Dec 10 21:06:06 2020 (r368525) +++ stable/12/sys/conf/kern.post.mk Thu Dec 10 21:12:25 2020 (r368526) @@ -426,24 +426,9 @@ vnode_if_typedef.h: .if ${MFS_IMAGE:Uno} != "no" .if empty(MD_ROOT_SIZE_CONFIGURED) -# Generate an object file from the file system image to embed in the kernel -# via linking. Make sure the contents are in the mfs section and rename the -# start/end/size variables to __start_mfs, __stop_mfs, and mfs_size, -# respectively. -embedfs_${MFS_IMAGE:T:R}.o: ${MFS_IMAGE} - ${OBJCOPY} --input-target binary \ - --output-target ${EMBEDFS_FORMAT.${MACHINE_ARCH}} \ - --binary-architecture ${EMBEDFS_ARCH.${MACHINE_ARCH}} \ - ${MFS_IMAGE} ${.TARGET} - ${OBJCOPY} \ - --rename-section .data=mfs,contents,alloc,load,readonly,data \ - --redefine-sym \ - _binary_${MFS_IMAGE:C,[^[:alnum:]],_,g}_size=__mfs_root_size \ - --redefine-sym \ - _binary_${MFS_IMAGE:C,[^[:alnum:]],_,g}_start=mfs_root \ - --redefine-sym \ - _binary_${MFS_IMAGE:C,[^[:alnum:]],_,g}_end=mfs_root_end \ - ${.TARGET} +embedfs_${MFS_IMAGE:T:R}.o: ${MFS_IMAGE} $S/dev/md/embedfs.S + ${CC} ${CFLAGS} ${ACFLAGS} -DMFS_IMAGE="${MFS_IMAGE}" -c \ + $S/dev/md/embedfs.S -o ${.TARGET} .endif .endif Modified: stable/12/sys/conf/kern.pre.mk == --- stable/12/sys/conf/kern.pre.mk Thu Dec 10 21:06:06 2020 (r368525) +++ stable/12/sys/conf/kern.pre.mk Thu Dec 10 21:12:25 2020 (r368526) @@ -277,37 +277,6 @@ MKMODULESENV+= DEBUG_FLAGS="${DEBUG}" MKMODULESENV+= __MPATH="${__MPATH}" .endif -# Architecture and output format arguments for objcopy to convert image to -# object file - -.if ${MFS_IMAGE:Uno} != "no" -.if empty(MD_ROOT_SIZE_CONFIGURED) -.if !defined(EMBEDFS_FORMAT.${MACHINE_ARCH}) -EMBEDFS_FORMAT.${MACHINE_ARCH}!= awk -F'"' '/OUTPUT_FORMAT/ {print $$2}' ${LDSCRIPT} -.if empty(EMBEDFS_FORMAT.${MACHINE_ARCH}) -.undef EMBEDFS_FORMAT.${MACHINE_ARCH} -.endif -.endif - -.if !defined(EMBEDFS_ARCH.${MACHINE_ARCH}) -EMBEDFS_ARCH.${MACHINE_ARCH}!= sed -n '/OUTPUT_ARCH/s/.*(\(.*\)).*/\1/p' ${LDSCRIPT} -.if empty(EMBEDFS_ARCH.${MACHINE_ARCH}) -.undef EMBEDFS_ARCH.${MACHINE_ARCH} -.endif -.endif - -EMBEDFS_FORMAT.arm?= elf32-littlearm -EMBEDFS_FORMAT.armv6?= elf32-littlearm -EMBEDFS_FORMAT.armv7?= elf32-littlearm -EMBEDFS_FORMAT.aarch64?= elf64-littleaarch64 -EMBEDFS_FORMAT.mips?= elf32-tradbigmips -EMBEDFS_FORMAT.mipsel?=elf32-tradlittlemips -EMBEDFS_FORMAT.mips64?=elf64-tradbigmips -EMBEDFS_FORMAT.mips64el?= elf64-tradlittlemips -EMBEDFS_FORMAT.riscv64?= elf64-littleriscv -.endif -.endif - # Detect kernel config options that force stack frames to be turned on. DDB_ENABLED!= grep DDB opt_ddb.h || true ; echo DTR_ENABLED!= grep KDTRACE_FRAME opt_kdtrace.h || true ; echo Copied: stable/12/sys/dev/md/embedfs.S (from r366897, head/sys/dev/md/embedfs.S) == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ stable/12/sys/dev/md/embedfs.S Thu Dec 10 21:12:25 2020 (r368526, copy of r366897, head/sys/dev/md/embedfs.S) @@ -0,0 +1,46 @@ +/*- + * SPDX-License-Identifier: BSD-2-Clause + * + * Copyright (c) 2020 John Baldwin + * + * This software was developed by SRI International and the University of + * Cambridge Computer Laboratory (Department of Computer Science and + * Technology) under DARPA contract HR0011-18-C-0016 ("ECATS"), as part of the + * DARPA SSITH research programme. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of sou
svn commit: r368522 - stable/12/sys/dev/drm2
Author: jhb Date: Thu Dec 10 20:44:05 2020 New Revision: 368522 URL: https://svnweb.freebsd.org/changeset/base/368522 Log: MFC 366494: Don't permit DRM buffer mappings to be upgraded to executable. Modified: stable/12/sys/dev/drm2/drm_bufs.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/dev/drm2/drm_bufs.c == --- stable/12/sys/dev/drm2/drm_bufs.c Thu Dec 10 19:36:33 2020 (r368521) +++ stable/12/sys/dev/drm2/drm_bufs.c Thu Dec 10 20:44:05 2020 (r368522) @@ -1635,14 +1635,12 @@ int drm_mapbufs(struct drm_device *dev, void *data, goto done; } retcode = vm_mmap(>vm_map, , map->size, - VM_PROT_READ | VM_PROT_WRITE, VM_PROT_ALL, - MAP_SHARED | MAP_NOSYNC, OBJT_DEVICE, - file_priv->minor->device, token); + VM_PROT_RW, VM_PROT_RW, MAP_SHARED | MAP_NOSYNC, + OBJT_DEVICE, file_priv->minor->device, token); } else { retcode = vm_mmap(>vm_map, , dma->byte_count, - VM_PROT_READ | VM_PROT_WRITE, VM_PROT_ALL, - MAP_SHARED | MAP_NOSYNC, OBJT_DEVICE, - file_priv->minor->device, 0); + VM_PROT_RW, VM_PROT_RW, MAP_SHARED | MAP_NOSYNC, + OBJT_DEVICE, file_priv->minor->device, 0); } if (retcode) { /* Real error */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368455 - in head/sys: arm64/arm64 arm64/include cddl/dev/dtrace/aarch64 cddl/dev/fbt
Author: jhb Date: Tue Dec 8 18:00:58 2020 New Revision: 368455 URL: https://svnweb.freebsd.org/changeset/base/368455 Log: Check that the frame pointer is within the current stack. This same check is used on other architectures. Previously this would permit a stack frame to unwind into any arbitrary kernel address (including unmapped addresses). Reviewed by: andrew, markj Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27362 Modified: head/sys/arm64/arm64/db_trace.c head/sys/arm64/arm64/stack_machdep.c head/sys/arm64/arm64/unwind.c head/sys/arm64/include/csan.h head/sys/arm64/include/stack.h head/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c head/sys/cddl/dev/fbt/fbt.c Modified: head/sys/arm64/arm64/db_trace.c == --- head/sys/arm64/arm64/db_trace.c Tue Dec 8 17:57:18 2020 (r368454) +++ head/sys/arm64/arm64/db_trace.c Tue Dec 8 18:00:58 2020 (r368455) @@ -65,7 +65,7 @@ db_md_set_watchpoint(db_expr_t addr, db_expr_t size) } static void -db_stack_trace_cmd(struct unwind_state *frame) +db_stack_trace_cmd(struct thread *td, struct unwind_state *frame) { c_db_sym_t sym; const char *name; @@ -74,10 +74,8 @@ db_stack_trace_cmd(struct unwind_state *frame) while (1) { uintptr_t pc = frame->pc; - int ret; - ret = unwind_frame(frame); - if (ret < 0) + if (!unwind_frame(td, frame)) break; sym = db_search_symbol(pc, DB_STGY_ANY, ); @@ -112,7 +110,7 @@ db_trace_thread(struct thread *thr, int count) frame.sp = (uintptr_t)ctx->pcb_sp; frame.fp = (uintptr_t)ctx->pcb_x[29]; frame.pc = (uintptr_t)ctx->pcb_x[30]; - db_stack_trace_cmd(); + db_stack_trace_cmd(thr, ); } else db_trace_self(); return (0); @@ -129,5 +127,5 @@ db_trace_self(void) frame.sp = sp; frame.fp = (uintptr_t)__builtin_frame_address(0); frame.pc = (uintptr_t)db_trace_self; - db_stack_trace_cmd(); + db_stack_trace_cmd(curthread, ); } Modified: head/sys/arm64/arm64/stack_machdep.c == --- head/sys/arm64/arm64/stack_machdep.cTue Dec 8 17:57:18 2020 (r368454) +++ head/sys/arm64/arm64/stack_machdep.cTue Dec 8 18:00:58 2020 (r368455) @@ -43,15 +43,15 @@ __FBSDID("$FreeBSD$"); #include static void -stack_capture(struct stack *st, struct unwind_state *frame) +stack_capture(struct thread *td, struct stack *st, struct unwind_state *frame) { stack_zero(st); while (1) { - unwind_frame(frame); - if (!INKERNEL((vm_offset_t)frame->fp) || -!INKERNEL((vm_offset_t)frame->pc)) + if (!unwind_frame(td, frame)) break; + if (!INKERNEL((vm_offset_t)frame->pc)) + break; if (stack_put(st, frame->pc) == -1) break; } @@ -73,7 +73,7 @@ stack_save_td(struct stack *st, struct thread *td) frame.fp = td->td_pcb->pcb_x[29]; frame.pc = td->td_pcb->pcb_x[30]; - stack_capture(st, ); + stack_capture(td, st, ); return (0); } @@ -89,5 +89,5 @@ stack_save(struct stack *st) frame.fp = (uintptr_t)__builtin_frame_address(0); frame.pc = (uintptr_t)stack_save; - stack_capture(st, ); + stack_capture(curthread, st, ); } Modified: head/sys/arm64/arm64/unwind.c == --- head/sys/arm64/arm64/unwind.c Tue Dec 8 17:57:18 2020 (r368454) +++ head/sys/arm64/arm64/unwind.c Tue Dec 8 18:00:58 2020 (r368455) @@ -30,24 +30,26 @@ #include __FBSDID("$FreeBSD$"); #include +#include #include #include -int -unwind_frame(struct unwind_state *frame) +bool +unwind_frame(struct thread *td, struct unwind_state *frame) { uintptr_t fp; fp = frame->fp; - if (!INKERNEL(fp)) - return (-1); + if (!kstack_contains(td, fp, sizeof(uintptr_t) * 2)) + return (false); + frame->sp = fp + sizeof(uintptr_t) * 2; /* FP to previous frame (X29) */ frame->fp = ((uintptr_t *)fp)[0]; /* LR (X30) */ frame->pc = ((uintptr_t *)fp)[1] - 4; - return (0); + return (true); } Modified: head/sys/arm64/include/csan.h == --- head/sys/arm64/include/csan.h Tue Dec 8 17:57:18 2020 (r368454) +++ head/sys/arm64/include/csan.h Tue Dec 8 18:00:58 2020 (r368455) @@ -87,9 +87,9 @@
svn commit: r368454 - in head/sys: cddl/dev/dtrace/riscv cddl/dev/fbt riscv/include riscv/riscv
Author: jhb Date: Tue Dec 8 17:57:18 2020 New Revision: 368454 URL: https://svnweb.freebsd.org/changeset/base/368454 Log: Stack unwinding robustness fixes for RISC-V. - Push the kstack_contains check down into unwind_frame() so that it is honored by DDB and DTrace. - Check that the trapframe for an exception frame is contained in the traced thread's kernel stack for DDB traces. Reviewed by: markj Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27357 Modified: head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c head/sys/cddl/dev/fbt/fbt.c head/sys/riscv/include/stack.h head/sys/riscv/riscv/db_trace.c head/sys/riscv/riscv/stack_machdep.c head/sys/riscv/riscv/unwind.c Modified: head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c == --- head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c Tue Dec 8 17:44:34 2020 (r368453) +++ head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c Tue Dec 8 17:57:18 2020 (r368454) @@ -90,7 +90,7 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, in state.pc = (uintptr_t)dtrace_getpcstack; while (depth < pcstack_limit) { - if (unwind_frame()) + if (!unwind_frame(curthread, )) break; if (!INKERNEL(state.pc) || !INKERNEL(state.fp)) @@ -259,10 +259,10 @@ dtrace_getstackdepth(int aframes) int scp_offset; register_t sp; int depth; - int done; + bool done; depth = 1; - done = 0; + done = false; __asm __volatile("mv %0, sp" : "=" (sp)); @@ -271,7 +271,7 @@ dtrace_getstackdepth(int aframes) state.pc = (uintptr_t)dtrace_getstackdepth; do { - done = unwind_frame(); + done = !unwind_frame(curthread, ); if (!INKERNEL(state.pc) || !INKERNEL(state.fp)) break; depth++; Modified: head/sys/cddl/dev/fbt/fbt.c == --- head/sys/cddl/dev/fbt/fbt.c Tue Dec 8 17:44:34 2020(r368453) +++ head/sys/cddl/dev/fbt/fbt.c Tue Dec 8 17:57:18 2020(r368454) @@ -137,6 +137,15 @@ fbt_excluded(const char *name) return (1); /* +* Stack unwinders may be called from probe context on some +* platforms. +*/ +#if defined(__riscv) + if (strcmp(name, "unwind_frame") == 0) + return (1); +#endif + + /* * When DTrace is built into the kernel we need to exclude * the FBT functions from instrumentation. */ Modified: head/sys/riscv/include/stack.h == --- head/sys/riscv/include/stack.h Tue Dec 8 17:44:34 2020 (r368453) +++ head/sys/riscv/include/stack.h Tue Dec 8 17:57:18 2020 (r368454) @@ -46,6 +46,6 @@ struct unwind_state { uintptr_t pc; }; -int unwind_frame(struct unwind_state *); +bool unwind_frame(struct thread *, struct unwind_state *); #endif /* !_MACHINE_STACK_H_ */ Modified: head/sys/riscv/riscv/db_trace.c == --- head/sys/riscv/riscv/db_trace.c Tue Dec 8 17:44:34 2020 (r368453) +++ head/sys/riscv/riscv/db_trace.c Tue Dec 8 17:57:18 2020 (r368454) @@ -73,7 +73,7 @@ db_md_set_watchpoint(db_expr_t addr, db_expr_t size) } static void -db_stack_trace_cmd(struct unwind_state *frame) +db_stack_trace_cmd(struct thread *td, struct unwind_state *frame) { const char *name; db_expr_t offset; @@ -100,6 +100,11 @@ db_stack_trace_cmd(struct unwind_state *frame) struct trapframe *tf; tf = (struct trapframe *)(uintptr_t)frame->sp; + if (!kstack_contains(td, (vm_offset_t)tf, + sizeof(*tf))) { + db_printf("--- invalid trapframe %p\n", tf); + break; + } if ((tf->tf_scause & SCAUSE_INTR) != 0) db_printf("--- interrupt %ld\n", @@ -119,7 +124,7 @@ db_stack_trace_cmd(struct unwind_state *frame) if (strcmp(name, "fork_trampoline") == 0) break; - if (unwind_frame(frame) < 0) + if (!unwind_frame(td, frame)) break; } } @@ -135,7 +140,7 @@ db_trace_thread(struct thread *thr, int count) frame.sp = ctx->pcb_sp; frame.fp = ctx->pcb_s[0]; frame.pc = ctx->pcb_ra; - db_stack_trace_cmd(); + db_stack_trace_cmd(thr, ); return (0); } @@ -150,5 +155,5 @@ db_trace_self(void) frame.sp = sp; frame.fp =
Re: svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
On 12/7/20 12:37 PM, Kyle Evans wrote: > On Mon, Dec 7, 2020 at 2:36 PM John Baldwin wrote: >> >> qemu-user uses this flag? What on earth can it be using it for? >> > > It was faithfully responding that it wasn't implemented to any > target-application usage, apparently. :-) I mean, it is only a flag in the struct kinfo_file flags field. Even if it is doing some kind of compat shim for kinfo_file it should just copy the flags field across, not be checking any of the bits. Does it try to log the type of a file descriptor in debug traces perhaps? -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
On 12/7/20 11:11 AM, Kyle Evans wrote: > On Mon, Dec 7, 2020 at 12:58 PM John Baldwin wrote: >> >> On 12/6/20 8:51 PM, Steve Wills wrote: >>> Hi, >>> >>> On 11/24/20 7:10 PM, John Baldwin wrote: >>>> Author: jhb >>>> Date: Wed Nov 25 00:10:54 2020 >>>> New Revision: 368005 >>>> URL: https://svnweb.freebsd.org/changeset/base/368005 >>>> >>>> Log: >>>>Remove the cloned file descriptors for /dev/crypto. >>>> >>> >>> Would this change warrant a bump of __FreeBSD_version? I only noticed >>> because PR 251470 (radare2 not building due to KF_TYPE_CRYPTO). >> >> Hmm, perhaps so, though ports could also use #ifdef KF_TYPE_CRYPTO (and >> that is probably preferred for anything using C). Looks like we haven't >> yet had another bump of __FreeBSD_version so I can do that. >> > > There's surely a better way, but this version bump would've actually > been really handy for detecting the resulting qemu-user-static > fallout. The build was broken for about ~9 days, neither the official > builder or my local builder felt compelled to rebuild it absent the > bump because I had just built it a couple revisions prior. =-( > > I'm kind of leaning towards trying to shoehorn a qemu-user-static > build into ci.f.o somewhere, though, since it's used as a part of > producing some of the weekly snapshot images and digs pretty deeply in > other areas. I've got a Cirrus config for qemu-user-static and Cirrus > builds it regularly for me, but that's not so helpful when the image > it builds against is also tied to the weekly snapshot process. qemu-user uses this flag? What on earth can it be using it for? -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
On 12/6/20 8:51 PM, Steve Wills wrote: > Hi, > > On 11/24/20 7:10 PM, John Baldwin wrote: >> Author: jhb >> Date: Wed Nov 25 00:10:54 2020 >> New Revision: 368005 >> URL: https://svnweb.freebsd.org/changeset/base/368005 >> >> Log: >>Remove the cloned file descriptors for /dev/crypto. >> > > Would this change warrant a bump of __FreeBSD_version? I only noticed > because PR 251470 (radare2 not building due to KF_TYPE_CRYPTO). Hmm, perhaps so, though ports could also use #ifdef KF_TYPE_CRYPTO (and that is probably preferred for anything using C). Looks like we haven't yet had another bump of __FreeBSD_version so I can do that. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368417 - head/sys/sys
Author: jhb Date: Mon Dec 7 18:58:08 2020 New Revision: 368417 URL: https://svnweb.freebsd.org/changeset/base/368417 Log: Bump __FreeBSD_version for removal of crypto fd's in r368005. Requested by: swills Sponsored by: Chelsio Communications Modified: head/sys/sys/param.h Modified: head/sys/sys/param.h == --- head/sys/sys/param.hMon Dec 7 17:54:49 2020(r368416) +++ head/sys/sys/param.hMon Dec 7 18:58:08 2020(r368417) @@ -60,7 +60,7 @@ * in the range 5 to 9. */ #undef __FreeBSD_version -#define __FreeBSD_version 1300130 /* Master, propagated to newvers */ +#define __FreeBSD_version 1300131 /* Master, propagated to newvers */ /* * __FreeBSD_kernel__ indicates that this system uses the kernel of FreeBSD, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368347 - head/sys/mips/mips
Author: jhb Date: Fri Dec 4 20:14:25 2020 New Revision: 368347 URL: https://svnweb.freebsd.org/changeset/base/368347 Log: Various fixes for the MIPS DDB stack unwinder. - Fix kernel stack unwinding end-of-function false-positive The kernel stack unwinder assumes that any jr $ra indicates the end of the current function. However, modern compilers generate code that contains jr $ra at various places inside the function. - Handle LLD inter-function padding when looking for the start of a function. - Use call site for symbol name/offset when unwinding Currently we use the return address, which will normally just give an output that's off by 8 from the actual call site. However, for tail calls, this is particularly bad, as we end up printing the symbol name for the function that comes after the one that made the call. Instead we should go back two instructions from the return address for the unwound program counter. Submitted by: arichardson (1, 2), jrtc27 (3) Reviewed by: arichardson Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27363 Modified: head/sys/mips/mips/db_trace.c Modified: head/sys/mips/mips/db_trace.c == --- head/sys/mips/mips/db_trace.c Fri Dec 4 19:35:43 2020 (r368346) +++ head/sys/mips/mips/db_trace.c Fri Dec 4 20:14:25 2020 (r368347) @@ -67,11 +67,10 @@ extern char edata[]; || (((ins) & 0x8000) == 0x67bd8000)) /* - * MIPS ABI 3.0 requires that all functions return using the 'j ra' instruction - * - * XXX gcc doesn't do this for functions with __noreturn__ attribute. + * LLD will insert invalid instruction traps between functions. + * Currently this is 0xefefefef but it may change in the future. */ -#defineMIPS_END_OF_FUNCTION(ins) ((ins) == 0x03e8) +#defineMIPS_LLD_PADDING_BETWEEN_FUNCTIONS(ins) ((ins) == 0xefefefef) #if defined(__mips_n64) # define MIPS_IS_VALID_KERNELADDR(reg) reg) & 3) == 0) && \ @@ -183,27 +182,32 @@ loop: * subroutine. */ if (!subr) { - va = pc - sizeof(int); + va = pc; while (1) { instr = kdbpeek((int *)va); - if (MIPS_START_OF_FUNCTION(instr)) + /* LLD fills padding between functions with 0xefefefef */ + if (MIPS_LLD_PADDING_BETWEEN_FUNCTIONS(instr)) break; - if (MIPS_END_OF_FUNCTION(instr)) { - /* skip over branch-delay slot instruction */ - va += 2 * sizeof(int); + if (MIPS_START_OF_FUNCTION(instr)) break; - } va -= sizeof(int); } - /* skip over nulls which might separate .o files */ - while ((instr = kdbpeek((int *)va)) == 0) + /* +* Skip over nulls/trap padding which might separate +* object files or functions. +*/ + instr = kdbpeek((int *)va); + while (instr == 0 || MIPS_LLD_PADDING_BETWEEN_FUNCTIONS(instr)) { va += sizeof(int); + instr = kdbpeek((int *)va); + } subr = va; } + /* scan forwards to find stack size and any saved registers */ stksize = 0; more = 3; @@ -374,10 +378,16 @@ done: (uintmax_t)cause, (uintmax_t)badvaddr); goto loop; } else if (ra) { - if (pc == ra && stksize == 0) + /* +* We subtract two instructions from ra to convert it +* from a return address to a calling address, +* accounting for the delay slot. +*/ + register_t next_pc = ra - 2 * sizeof(int); + if (pc == next_pc && stksize == 0) db_printf("stacktrace: loop!\n"); else { - pc = ra; + pc = next_pc; sp += stksize; ra = next_ra; goto loop; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368320 - stable/12/tools/tools/crypto
Author: jhb Date: Fri Dec 4 01:11:09 2020 New Revision: 368320 URL: https://svnweb.freebsd.org/changeset/base/368320 Log: MFC 350813: tools/tools/crypto: cryptokeytest: Fix build with newer OpenSSL Also, drag into this decade. Modified: stable/12/tools/tools/crypto/cryptokeytest.c Directory Properties: stable/12/ (props changed) Modified: stable/12/tools/tools/crypto/cryptokeytest.c == --- stable/12/tools/tools/crypto/cryptokeytest.cFri Dec 4 01:09:51 2020(r368319) +++ stable/12/tools/tools/crypto/cryptokeytest.cFri Dec 4 01:11:09 2020(r368320) @@ -7,19 +7,21 @@ * --Jason L. Wright */ #include +#include #include -#include #include #include -#include -#include -#include #include +#include +#include +#include #include #include -#include +#include +#include + intcrid = CRYPTO_FLAG_HARDWARE; intverbose = 0; @@ -63,80 +65,64 @@ crfind(int crid) } /* - * Convert a little endian byte string in 'p' that - * is 'plen' bytes long to a BIGNUM. If 'dst' is NULL, - * a new BIGNUM is allocated. Returns NULL on failure. - * - * XXX there has got to be a more efficient way to do - * this, but I haven't figured out enough of the OpenSSL - * magic. + * Convert a little endian byte string in 'p' that is 'plen' bytes long to a + * BIGNUM. A new BIGNUM is allocated. Returns NULL on failure. */ -BIGNUM * -le_to_bignum(BIGNUM *dst, u_int8_t *p, int plen) +static BIGNUM * +le_to_bignum(BIGNUM *res, const void *p, int plen) { - u_int8_t *pd; - int i; - if (plen == 0) - return (NULL); + res = BN_lebin2bn(p, plen, res); + if (res == NULL) + ERR_print_errors_fp(stderr); - if ((pd = (u_int8_t *)malloc(plen)) == NULL) - return (NULL); - - for (i = 0; i < plen; i++) - pd[i] = p[plen - i - 1]; - - dst = BN_bin2bn(pd, plen, dst); - free(pd); - return (dst); + return (res); } /* - * Convert a BIGNUM to a little endian byte string. - * If 'rd' is NULL, allocate space for it, otherwise - * 'rd' is assumed to have room for BN_num_bytes(n) - * bytes. Returns NULL on failure. + * Convert a BIGNUM to a little endian byte string. Space for BN_num_bytes(n) + * is allocated. + * Returns NULL on failure. */ -u_int8_t * -bignum_to_le(BIGNUM *n, u_int8_t *rd) +static void * +bignum_to_le(const BIGNUM *n) { - int i, j, k; - int blen = BN_num_bytes(n); + int blen, error; + void *rd; + blen = BN_num_bytes(n); if (blen == 0) return (NULL); + + rd = malloc(blen); if (rd == NULL) - rd = (u_int8_t *)malloc(blen); - if (rd == NULL) return (NULL); - for (i = 0, j = 0; i < n->top; i++) { - for (k = 0; k < BN_BITS2 / 8; k++) { - if ((j + k) >= blen) - goto out; - rd[j + k] = n->d[i] >> (k * 8); - } - j += BN_BITS2 / 8; + error = BN_bn2lebinpad(n, rd, blen); + if (error < 0) { + ERR_print_errors_fp(stderr); + free(rd); + return (NULL); } -out: + return (rd); } -int -UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM *c, BN_CTX *ctx) +static int +UB_mod_exp(BIGNUM *res, const BIGNUM *a, const BIGNUM *b, const BIGNUM *c) { struct crypt_kop kop; - u_int8_t *ale, *ble, *cle; + void *ale, *ble, *cle; static int crypto_fd = -1; if (crypto_fd == -1 && ioctl(devcrypto(), CRIOGET, _fd) == -1) err(1, "CRIOGET"); - if ((ale = bignum_to_le(a, NULL)) == NULL) + if ((ale = bignum_to_le(a)) == NULL) err(1, "bignum_to_le, a"); - if ((ble = bignum_to_le(b, NULL)) == NULL) + if ((ble = bignum_to_le(b)) == NULL) err(1, "bignum_to_le, b"); - if ((cle = bignum_to_le(c, NULL)) == NULL) + if ((cle = bignum_to_le(c)) == NULL) err(1, "bignum_to_le, c"); bzero(, sizeof(kop)); @@ -158,19 +144,19 @@ UB_mod_exp(BIGNUM *res, BIGNUM *a, BIGNUM *b, BIGNUM * if (verbose) printf("device = %s\n", crfind(kop.crk_crid)); - bzero(ale, BN_num_bytes(a)); + explicit_bzero(ale, BN_num_bytes(a)); free(ale); - bzero(ble, BN_num_bytes(b)); + explicit_bzero(ble, BN_num_bytes(b)); free(ble); if (kop.crk_status != 0) { printf("error %d\n", kop.crk_status); - bzero(cle, BN_num_bytes(c)); + explicit_bzero(cle, BN_num_bytes(c)); free(cle); return (-1); } else { res = le_to_bignum(res, cle, BN_num_bytes(c)); - bzero(cle, BN_num_bytes(c)); +
svn commit: r368319 - in stable/12: share/man/man4 sys/opencrypto
Author: jhb Date: Fri Dec 4 01:09:51 2020 New Revision: 368319 URL: https://svnweb.freebsd.org/changeset/base/368319 Log: MFC 366844: Mark asymmetric cryptography via OCF deprecated for 14.0. Only one MIPS-specific driver implements support for one of the asymmetric operations. There are no in-kernel users besides /dev/crypto. The only known user of the /dev/crypto interface was the engine in OpenSSL releases before 1.1.0. 1.1.0 includes a rewritten engine that does not use the asymmetric operations due to lack of documentation. Modified: stable/12/share/man/man4/crypto.4 stable/12/sys/opencrypto/crypto.c stable/12/sys/opencrypto/cryptodev.c Directory Properties: stable/12/ (props changed) Modified: stable/12/share/man/man4/crypto.4 == --- stable/12/share/man/man4/crypto.4 Fri Dec 4 00:48:11 2020 (r368318) +++ stable/12/share/man/man4/crypto.4 Fri Dec 4 01:09:51 2020 (r368319) @@ -60,7 +60,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 17, 2019 +.Dd October 19, 2020 .Dt CRYPTO 4 .Os .Sh NAME @@ -108,6 +108,11 @@ both asymmetric-key (public-key/private-key) requests modular arithmetic (for Diffie-Hellman key exchange and other cryptographic protocols). The two modes are described separately below. +.Sh DEPRECATION NOTICE +The asymmetric-key operations supported by this interface will not be +present in +.Fx 14.0 +and later. .Sh THEORY OF OPERATION Regardless of whether symmetric-key or asymmetric-key operations are to be performed, use of the device requires a basic series of steps: Modified: stable/12/sys/opencrypto/crypto.c == --- stable/12/sys/opencrypto/crypto.c Fri Dec 4 00:48:11 2020 (r368318) +++ stable/12/sys/opencrypto/crypto.c Fri Dec 4 01:09:51 2020 (r368319) @@ -841,6 +841,7 @@ crypto_kregister(u_int32_t driverid, int kalg, u_int32 , kalg , flags ); + gone_in_dev(cap->cc_dev, 14, "asymmetric crypto"); err = 0; } else err = EINVAL; Modified: stable/12/sys/opencrypto/cryptodev.c == --- stable/12/sys/opencrypto/cryptodev.cFri Dec 4 00:48:11 2020 (r368318) +++ stable/12/sys/opencrypto/cryptodev.cFri Dec 4 01:09:51 2020 (r368319) @@ -374,6 +374,7 @@ cryptof_ioctl( struct ucred *active_cred, struct thread *td) { + static struct timeval keywarn, featwarn; #defineSES2(p) ((struct session2_op *)p) struct cryptoini cria, crie; struct fcrypt *fcr = fp->f_data; @@ -701,6 +702,10 @@ bail: case CIOCKEY32: case CIOCKEY232: #endif + if (ratecheck(, )) + gone_in(14, + "Asymmetric crypto operations via /dev/crypto"); + if (!crypto_userasymcrypto) { SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); return (EPERM); /* XXX compat? */ @@ -730,6 +735,10 @@ bail: #endif break; case CIOCASYMFEAT: + if (ratecheck(, )) + gone_in(14, + "Asymmetric crypto features via /dev/crypto"); + if (!crypto_userasymcrypto) { /* * NB: if user asym crypto operations are ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368316 - in head/sys/dev/cxgbe: . tom
Author: jhb Date: Thu Dec 3 22:06:08 2020 New Revision: 368316 URL: https://svnweb.freebsd.org/changeset/base/368316 Log: Clear TLS offload mode if a TLS socket hangs without receiving data. By default, if a TOE TLS socket stops receiving data for more than 5 seconds, revert the connection back to plain TOE mode. This provides a fallback if the userland SSL library does not support KTLS. In addition, for client TLS 1.3 sockets using connect(), the TOE socket blocks before the handshake has completed since the socket option is only invoked for the final handshake. The timeout defaults to 5 seconds, but can be changed at boot via the hw.cxgbe.toe.tls_rx_timeout tunable or for an individual interface via the dev..toe.tls_rx_timeout sysctl. Reviewed by: np MFC after:2 weeks Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27470 Modified: head/sys/dev/cxgbe/offload.h head/sys/dev/cxgbe/t4_main.c head/sys/dev/cxgbe/tom/t4_connect.c head/sys/dev/cxgbe/tom/t4_cpl_io.c head/sys/dev/cxgbe/tom/t4_tls.c head/sys/dev/cxgbe/tom/t4_tom.c head/sys/dev/cxgbe/tom/t4_tom.h Modified: head/sys/dev/cxgbe/offload.h == --- head/sys/dev/cxgbe/offload.hThu Dec 3 22:04:23 2020 (r368315) +++ head/sys/dev/cxgbe/offload.hThu Dec 3 22:06:08 2020 (r368316) @@ -225,6 +225,7 @@ struct tom_tunables { int ddp; int rx_coalesce; int tls; + int tls_rx_timeout; int *tls_rx_ports; int num_tls_rx_ports; int tx_align; Modified: head/sys/dev/cxgbe/t4_main.c == --- head/sys/dev/cxgbe/t4_main.cThu Dec 3 22:04:23 2020 (r368315) +++ head/sys/dev/cxgbe/t4_main.cThu Dec 3 22:06:08 2020 (r368316) @@ -403,6 +403,11 @@ SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 14, _toe_rexmt_backoff[14], 0, ""); SYSCTL_INT(_hw_cxgbe_toe_rexmt_backoff, OID_AUTO, 15, CTLFLAG_RDTUN, _toe_rexmt_backoff[15], 0, ""); + +static int t4_toe_tls_rx_timeout = 5; +SYSCTL_INT(_hw_cxgbe_toe, OID_AUTO, tls_rx_timeout, CTLFLAG_RDTUN, +_toe_tls_rx_timeout, 0, +"Timeout in seconds to downgrade TLS sockets to plain TOE"); #endif #ifdef DEV_NETMAP @@ -786,6 +791,7 @@ static int sysctl_cpus(SYSCTL_HANDLER_ARGS); #ifdef TCP_OFFLOAD static int sysctl_tls(SYSCTL_HANDLER_ARGS); static int sysctl_tls_rx_ports(SYSCTL_HANDLER_ARGS); +static int sysctl_tls_rx_timeout(SYSCTL_HANDLER_ARGS); static int sysctl_tp_tick(SYSCTL_HANDLER_ARGS); static int sysctl_tp_dack_timer(SYSCTL_HANDLER_ARGS); static int sysctl_tp_timer(SYSCTL_HANDLER_ARGS); @@ -6789,6 +6795,12 @@ t4_sysctls(struct adapter *sc) sysctl_tls_rx_ports, "I", "TCP ports that use inline TLS+TOE RX"); + sc->tt.tls_rx_timeout = t4_toe_tls_rx_timeout; + SYSCTL_ADD_PROC(ctx, children, OID_AUTO, "tls_rx_timeout", + CTLTYPE_INT | CTLFLAG_RW | CTLFLAG_MPSAFE, sc, 0, + sysctl_tls_rx_timeout, "I", + "Timeout in seconds to downgrade TLS sockets to plain TOE"); + sc->tt.tx_align = -1; SYSCTL_ADD_INT(ctx, children, OID_AUTO, "tx_align", CTLFLAG_RW, >tt.tx_align, 0, "chop and align payload"); @@ -10046,6 +10058,29 @@ sysctl_tls_rx_ports(SYSCTL_HANDLER_ARGS) return (rc); } +static int +sysctl_tls_rx_timeout(SYSCTL_HANDLER_ARGS) +{ + struct adapter *sc = arg1; + int v, rc; + + v = sc->tt.tls_rx_timeout; + rc = sysctl_handle_int(oidp, , 0, req); + if (rc != 0 || req->newptr == NULL) + return (rc); + + if (v < 0) + return (EINVAL); + + if (v != 0 && !(sc->cryptocaps & FW_CAPS_CONFIG_TLSKEYS)) + return (ENOTSUP); + + sc->tt.tls_rx_timeout = v; + + return (0); + +} + static void unit_conv(char *buf, size_t len, u_int val, u_int factor) { @@ -11287,6 +11322,9 @@ tweak_tunables(void) if (t4_pktc_idx_ofld < -1 || t4_pktc_idx_ofld >= SGE_NCOUNTERS) t4_pktc_idx_ofld = PKTC_IDX_OFLD; + + if (t4_toe_tls_rx_timeout < 0) + t4_toe_tls_rx_timeout = 0; #else if (t4_rdmacaps_allowed == -1) t4_rdmacaps_allowed = 0; Modified: head/sys/dev/cxgbe/tom/t4_connect.c == --- head/sys/dev/cxgbe/tom/t4_connect.c Thu Dec 3 22:04:23 2020 (r368315) +++ head/sys/dev/cxgbe/tom/t4_connect.c Thu Dec 3 22:06:08 2020 (r368316) @@ -105,9 +105,6 @@ do_act_establish(struct sge_iq *iq, const struct rss_h inp->inp_flowtype = M_HASHTYPE_OPAQUE; inp->inp_flowid = tid; - if (ulp_mode(toep) == ULP_MODE_TLS) -
svn commit: r368314 - head/sys/dev/cxgbe/tom
Author: jhb Date: Thu Dec 3 22:01:13 2020 New Revision: 368314 URL: https://svnweb.freebsd.org/changeset/base/368314 Log: Don't transmit mbufs that aren't yet ready on TOE sockets. This includes mbufs waiting for data from sendfile() I/O requests, or mbufs awaiting encryption for KTLS. Reviewed by: np MFC after:2 weeks Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27469 Modified: head/sys/dev/cxgbe/tom/t4_cpl_io.c Modified: head/sys/dev/cxgbe/tom/t4_cpl_io.c == --- head/sys/dev/cxgbe/tom/t4_cpl_io.c Thu Dec 3 22:00:41 2020 (r368313) +++ head/sys/dev/cxgbe/tom/t4_cpl_io.c Thu Dec 3 22:01:13 2020 (r368314) @@ -721,6 +721,8 @@ t4_push_frames(struct adapter *sc, struct toepcb *toep for (m = sndptr; m != NULL; m = m->m_next) { int n; + if ((m->m_flags & M_NOTAVAIL) != 0) + break; if (m->m_flags & M_EXTPG) { #ifdef KERN_TLS if (m->m_epg_tls != NULL) { @@ -803,8 +805,9 @@ t4_push_frames(struct adapter *sc, struct toepcb *toep /* nothing to send */ if (plen == 0) { - KASSERT(m == NULL, - ("%s: nothing to send, but m != NULL", __func__)); + KASSERT(m == NULL || (m->m_flags & M_NOTAVAIL) != 0, + ("%s: nothing to send, but m != NULL is ready", + __func__)); break; } @@ -892,7 +895,7 @@ t4_push_frames(struct adapter *sc, struct toepcb *toep toep->txsd_avail--; t4_l2t_send(sc, wr, toep->l2te); - } while (m != NULL); + } while (m != NULL && (m->m_flags & M_NOTAVAIL) == 0); /* Send a FIN if requested, but only if there's no more data to send */ if (m == NULL && toep->flags & TPF_SEND_FIN) ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368312 - head/sys/dev/cxgbe/tom
Author: jhb Date: Thu Dec 3 21:59:47 2020 New Revision: 368312 URL: https://svnweb.freebsd.org/changeset/base/368312 Log: Clear TLS offload mode for unsupported cipher suites and versions. If TOE TLS is requested for an unsupported cipher suite or TLS version, disable TLS processing and fall back to plain TOE. In addition, if an error occurs when saving the decryption keys in the card's memory, disable TLS processing and fall back to plain TOE. Reviewed by: np Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27468 Modified: head/sys/dev/cxgbe/tom/t4_tls.c Modified: head/sys/dev/cxgbe/tom/t4_tls.c == --- head/sys/dev/cxgbe/tom/t4_tls.c Thu Dec 3 21:49:20 2020 (r368311) +++ head/sys/dev/cxgbe/tom/t4_tls.c Thu Dec 3 21:59:47 2020 (r368312) @@ -986,7 +986,8 @@ tls_alloc_ktls(struct toepcb *toep, struct ktls_sessio case 256 / 8: break; default: - return (EINVAL); + error = EINVAL; + goto clr_ofld; } switch (tls->params.auth_algorithm) { case CRYPTO_SHA1_HMAC: @@ -994,30 +995,37 @@ tls_alloc_ktls(struct toepcb *toep, struct ktls_sessio case CRYPTO_SHA2_384_HMAC: break; default: - return (EPROTONOSUPPORT); + error = EPROTONOSUPPORT; + goto clr_ofld; } break; case CRYPTO_AES_NIST_GCM_16: - if (tls->params.iv_len != SALT_SIZE) - return (EINVAL); + if (tls->params.iv_len != SALT_SIZE) { + error = EINVAL; + goto clr_ofld; + } switch (tls->params.cipher_key_len) { case 128 / 8: case 192 / 8: case 256 / 8: break; default: - return (EINVAL); + error = EINVAL; + goto clr_ofld; } break; default: - return (EPROTONOSUPPORT); + error = EPROTONOSUPPORT; + goto clr_ofld; } /* Only TLS 1.1 and TLS 1.2 are currently supported. */ if (tls->params.tls_vmajor != TLS_MAJOR_VER_ONE || tls->params.tls_vminor < TLS_MINOR_VER_ONE || - tls->params.tls_vminor > TLS_MINOR_VER_TWO) - return (EPROTONOSUPPORT); + tls->params.tls_vminor > TLS_MINOR_VER_TWO) { + error = EPROTONOSUPPORT; + goto clr_ofld; + } /* Bail if we already have a key. */ if (direction == KTLS_TX) { @@ -1037,8 +1045,11 @@ tls_alloc_ktls(struct toepcb *toep, struct ktls_sessio init_ktls_key_context(tls, k_ctx, direction); error = tls_program_key_id(toep, k_ctx); - if (error) + if (error) { + if (direction == KTLS_RX) + goto clr_ofld; return (error); + } if (direction == KTLS_TX) { toep->tls.scmd0.seqno_numivs = @@ -1098,6 +1109,14 @@ tls_alloc_ktls(struct toepcb *toep, struct ktls_sessio toep->tls.mode = TLS_MODE_KTLS; return (0); + +clr_ofld: + if (ulp_mode(toep) == ULP_MODE_TLS) { + CTR2(KTR_CXGBE, "%s: tid %d clr_ofld_mode", __func__, + toep->tid); + tls_clr_ofld_mode(toep); + } + return (error); } #endif ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368311 - in head/sys/dev/cxgbe: . tom
Author: jhb Date: Thu Dec 3 21:49:20 2020 New Revision: 368311 URL: https://svnweb.freebsd.org/changeset/base/368311 Log: Fix downgrading of TOE TLS sockets to plain TOE. If a TOE TLS socket ends up using an unsupported TLS version or ciphersuite, it must be downgraded to a "plain" TOE socket with TLS encryption/decryption performed on the host. The previous implementation of this fallback was incomplete and resulted in hung connections. Reviewed by: np MFC after:2 weeks Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27467 Modified: head/sys/dev/cxgbe/t4_main.c head/sys/dev/cxgbe/tom/t4_tls.c Modified: head/sys/dev/cxgbe/t4_main.c == --- head/sys/dev/cxgbe/t4_main.cThu Dec 3 21:38:00 2020 (r368310) +++ head/sys/dev/cxgbe/t4_main.cThu Dec 3 21:49:20 2020 (r368311) @@ -4917,9 +4917,22 @@ set_params__post_init(struct adapter *sc) #endif #ifdef KERN_TLS - if (t4_kern_tls != 0 && sc->cryptocaps & FW_CAPS_CONFIG_TLSKEYS && - sc->toecaps & FW_CAPS_CONFIG_TOE) - t4_enable_kern_tls(sc); + if (sc->cryptocaps & FW_CAPS_CONFIG_TLSKEYS && + sc->toecaps & FW_CAPS_CONFIG_TOE) { + if (t4_kern_tls != 0) + t4_enable_kern_tls(sc); + else { + /* +* Limit TOE connections to 2 reassembly +* "islands". This is required for TOE TLS +* connections to downgrade to plain TOE +* connections if an unsupported TLS version +* or ciphersuite is used. +*/ + t4_tp_wr_bits_indirect(sc, A_TP_FRAG_CONFIG, + V_PASSMODE(M_PASSMODE), V_PASSMODE(2)); + } + } #endif return (0); } Modified: head/sys/dev/cxgbe/tom/t4_tls.c == --- head/sys/dev/cxgbe/tom/t4_tls.c Thu Dec 3 21:38:00 2020 (r368310) +++ head/sys/dev/cxgbe/tom/t4_tls.c Thu Dec 3 21:49:20 2020 (r368311) @@ -138,11 +138,19 @@ tls_clr_ofld_mode(struct toepcb *toep) tls_stop_handshake_timer(toep); - /* Operate in PDU extraction mode only. */ + KASSERT(toep->tls.rx_key_addr == -1, + ("%s: tid %d has RX key", __func__, toep->tid)); + + /* Switch to plain TOE mode. */ t4_set_tls_tcb_field(toep, W_TCB_ULP_RAW, - V_TCB_ULP_RAW(M_TCB_ULP_RAW), - V_TCB_ULP_RAW(V_TF_TLS_ENABLE(1))); + V_TCB_ULP_RAW(V_TF_TLS_ENABLE(1)), + V_TCB_ULP_RAW(V_TF_TLS_ENABLE(0))); + t4_set_tls_tcb_field(toep, W_TCB_ULP_TYPE, + V_TCB_ULP_TYPE(M_TCB_ULP_TYPE), V_TCB_ULP_TYPE(ULP_MODE_NONE)); t4_clear_rx_quiesce(toep); + + toep->flags &= ~TPF_FORCE_CREDITS; + toep->params.ulp_mode = ULP_MODE_NONE; } static void ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r366857 - head/libexec/rc/rc.d
On 10/19/20 1:37 PM, Cy Schubert wrote: > Author: cy > Date: Mon Oct 19 20:37:38 2020 > New Revision: 366857 > URL: https://svnweb.freebsd.org/changeset/base/366857 > > Log: > Destroy cloned interfaces at netif stop, netif restart and shutdown. > This is especially important during shutdown because a child interface > of lagg with WOL enabled will not enable WOL at interface shutdown and > thus no WOL to wake up the device (and machine). > > PR: 158734, 109980 > Reported by:Antonio Huete Jimenez > Marat N.Afanasyev > reviewed by:kp > MFC after: 1 week > Differential Revision: https://reviews.freebsd.org/D26797 This causes some rather weird breakage for me. Namely, after this change, if I'm logged into a host via ssh and reboot it (via shutdown -r now), I no longer get gracefully logged out by the shutdown process as the network connections are all killed before users are kicked off the system. Instead, my ssh connection hangs around forever until either it times out due to keep alives, or the host in question reboots and send back a RST. As I rather frequently use shutdown -r now or poweroff remotely via ssh, I've found this rather annoying as I have to use ~. to recover my shell again (and woe to me if it was a nested login and I forgot to add enough extra ~'s to escape the N levels). Probably if you only destroyed cloned interfaces during shutdown and not all interfaces that would be a happy-enough compromise that would still satisfy the original PR? -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368289 - stable/12/usr.sbin/bhyve
Author: jhb Date: Wed Dec 2 23:16:24 2020 New Revision: 368289 URL: https://svnweb.freebsd.org/changeset/base/368289 Log: MFC 355686: Fix a mismerge in r355683 and remove the local gdb_port from main. PR: 251501 Reported by: Yuichiro NAITO Modified: stable/12/usr.sbin/bhyve/bhyverun.c Directory Properties: stable/12/ (props changed) Modified: stable/12/usr.sbin/bhyve/bhyverun.c == --- stable/12/usr.sbin/bhyve/bhyverun.c Wed Dec 2 22:44:40 2020 (r368288) +++ stable/12/usr.sbin/bhyve/bhyverun.c Wed Dec 2 23:16:24 2020 (r368289) @@ -1003,7 +1003,7 @@ do_open(const char *vmname) int main(int argc, char *argv[]) { - int c, error, dbg_port, gdb_port, err, bvmcons; + int c, error, dbg_port, err, bvmcons; int max_vcpus, mptgen, memflags; int rtc_localtime; bool gdb_stop; @@ -1015,7 +1015,6 @@ main(int argc, char *argv[]) bvmcons = 0; progname = basename(argv[0]); dbg_port = 0; - gdb_port = 0; gdb_stop = false; guest_ncpus = 1; sockets = cores = threads = 1; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368263 - head/sys/cddl/dev/dtrace/amd64
On 12/1/20 2:44 PM, Konstantin Belousov wrote: > Author: kib > Date: Tue Dec 1 22:44:23 2020 > New Revision: 368263 > URL: https://svnweb.freebsd.org/changeset/base/368263 > > Log: > Fix syntax Thanks, my apologies. :( I had the same bug originally on other architectures (arm64, riscv, mips) in the patch series that had functional changes and fixed those while testing the functional changes. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368247 - head/share/man/man4
Author: jhb Date: Tue Dec 1 18:57:37 2020 New Revision: 368247 URL: https://svnweb.freebsd.org/changeset/base/368247 Log: Fix a couple of typos. Submitted by: rmacklem Modified: head/share/man/man4/ktls.4 Modified: head/share/man/man4/ktls.4 == --- head/share/man/man4/ktls.4 Tue Dec 1 18:24:06 2020(r368246) +++ head/share/man/man4/ktls.4 Tue Dec 1 18:57:37 2020(r368247) @@ -31,7 +31,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 25, 2020 +.Dd December 1, 2020 .Dt KTLS 4 .Os .Sh NAME @@ -78,13 +78,13 @@ is not enabled. .It Dv TCP_TLS_MODE_SW TLS records are encrypted or decrypted in the kernel in the socket layer. -Typically the encryption or decryption is performred in software, +Typically the encryption or decryption is performed in software, but it may also be performed by co-processors via .Xr crypto 9 . .It Dv TCP_TLS_MODE_IFNET TLS records are encrypted or decrypted by the network interface card (NIC). In this mode, the network stack does not work with encrypted data. -Instead, the NIC is encrypts TLS records as they are being transmitted, +Instead, the NIC encrypts TLS records as they are being transmitted, or decrypts received TLS records before providing them to the host. .Pp Network interfaces which support this feature will advertise the ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368245 - in head/sys: arm64/arm64 arm64/include cddl/dev/dtrace/aarch64
Author: jhb Date: Tue Dec 1 18:22:34 2020 New Revision: 368245 URL: https://svnweb.freebsd.org/changeset/base/368245 Log: Use uintptr_t instead of uint64_t for pointers in stack frames. Reviewed by: andrew Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27361 Modified: head/sys/arm64/arm64/db_trace.c head/sys/arm64/arm64/stack_machdep.c head/sys/arm64/arm64/unwind.c head/sys/arm64/include/csan.h head/sys/arm64/include/stack.h head/sys/cddl/dev/dtrace/aarch64/dtrace_isa.c Modified: head/sys/arm64/arm64/db_trace.c == --- head/sys/arm64/arm64/db_trace.c Tue Dec 1 18:13:57 2020 (r368244) +++ head/sys/arm64/arm64/db_trace.c Tue Dec 1 18:22:34 2020 (r368245) @@ -73,7 +73,7 @@ db_stack_trace_cmd(struct unwind_state *frame) db_expr_t offset; while (1) { - uint64_t pc = frame->pc; + uintptr_t pc = frame->pc; int ret; ret = unwind_frame(frame); @@ -109,9 +109,9 @@ db_trace_thread(struct thread *thr, int count) if (thr != curthread) { ctx = kdb_thr_ctx(thr); - frame.sp = (uint64_t)ctx->pcb_sp; - frame.fp = (uint64_t)ctx->pcb_x[29]; - frame.pc = (uint64_t)ctx->pcb_x[30]; + frame.sp = (uintptr_t)ctx->pcb_sp; + frame.fp = (uintptr_t)ctx->pcb_x[29]; + frame.pc = (uintptr_t)ctx->pcb_x[30]; db_stack_trace_cmd(); } else db_trace_self(); @@ -122,12 +122,12 @@ void db_trace_self(void) { struct unwind_state frame; - uint64_t sp; + uintptr_t sp; __asm __volatile("mov %0, sp" : "=" (sp)); frame.sp = sp; - frame.fp = (uint64_t)__builtin_frame_address(0); - frame.pc = (uint64_t)db_trace_self; + frame.fp = (uintptr_t)__builtin_frame_address(0); + frame.pc = (uintptr_t)db_trace_self; db_stack_trace_cmd(); } Modified: head/sys/arm64/arm64/stack_machdep.c == --- head/sys/arm64/arm64/stack_machdep.cTue Dec 1 18:13:57 2020 (r368244) +++ head/sys/arm64/arm64/stack_machdep.cTue Dec 1 18:22:34 2020 (r368245) @@ -81,13 +81,13 @@ void stack_save(struct stack *st) { struct unwind_state frame; - uint64_t sp; + uintptr_t sp; __asm __volatile("mov %0, sp" : "=" (sp)); frame.sp = sp; - frame.fp = (uint64_t)__builtin_frame_address(0); - frame.pc = (uint64_t)stack_save; + frame.fp = (uintptr_t)__builtin_frame_address(0); + frame.pc = (uintptr_t)stack_save; stack_capture(st, ); } Modified: head/sys/arm64/arm64/unwind.c == --- head/sys/arm64/arm64/unwind.c Tue Dec 1 18:13:57 2020 (r368244) +++ head/sys/arm64/arm64/unwind.c Tue Dec 1 18:22:34 2020 (r368245) @@ -37,17 +37,17 @@ __FBSDID("$FreeBSD$"); int unwind_frame(struct unwind_state *frame) { - uint64_t fp; + uintptr_t fp; fp = frame->fp; if (!INKERNEL(fp)) return (-1); - frame->sp = fp + 0x10; + frame->sp = fp + sizeof(uintptr_t) * 2; /* FP to previous frame (X29) */ - frame->fp = *(uint64_t *)(fp); + frame->fp = ((uintptr_t *)fp)[0]; /* LR (X30) */ - frame->pc = *(uint64_t *)(fp + 8) - 4; + frame->pc = ((uintptr_t *)fp)[1] - 4; return (0); } Modified: head/sys/arm64/include/csan.h == --- head/sys/arm64/include/csan.h Tue Dec 1 18:13:57 2020 (r368244) +++ head/sys/arm64/include/csan.h Tue Dec 1 18:22:34 2020 (r368245) @@ -76,14 +76,14 @@ kcsan_md_unwind(void) const char *symname; #endif struct unwind_state frame; - uint64_t sp; + uintptr_t sp; int nsym; __asm __volatile("mov %0, sp" : "=" (sp)); frame.sp = sp; - frame.fp = (uint64_t)__builtin_frame_address(0); - frame.pc = (uint64_t)kcsan_md_unwind; + frame.fp = (uintptr_t)__builtin_frame_address(0); + frame.pc = (uintptr_t)kcsan_md_unwind; nsym = 0; while (1) { Modified: head/sys/arm64/include/stack.h == --- head/sys/arm64/include/stack.h Tue Dec 1 18:13:57 2020 (r368244) +++ head/sys/arm64/include/stack.h Tue Dec 1 18:22:34 2020 (r368245) @@ -33,9 +33,9 @@ ((va) >= VM_MIN_KERNEL_ADDRESS && (va) <= VM_MAX_KERNEL_ADDRESS) struct unwind_state { - uint64_t fp; - uint64_t sp; - uint64_t pc; + uintptr_t fp; +
svn commit: r368242 - head/sys/cddl/dev/dtrace/riscv
Author: jhb Date: Tue Dec 1 18:08:22 2020 New Revision: 368242 URL: https://svnweb.freebsd.org/changeset/base/368242 Log: Use uintptr_t for pointers in stack frames. This catches up to the changes made to struct unwind_state in r364180. Reviewed by: mhorne Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27360 Modified: head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c Modified: head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c == --- head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c Tue Dec 1 17:17:22 2020 (r368241) +++ head/sys/cddl/dev/dtrace/riscv/dtrace_isa.c Tue Dec 1 18:08:22 2020 (r368242) @@ -85,9 +85,9 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, in __asm __volatile("mv %0, sp" : "=" (sp)); - state.fp = (uint64_t)__builtin_frame_address(0); + state.fp = (uintptr_t)__builtin_frame_address(0); state.sp = sp; - state.pc = (uint64_t)dtrace_getpcstack; + state.pc = (uintptr_t)dtrace_getpcstack; while (depth < pcstack_limit) { if (unwind_frame()) @@ -266,9 +266,9 @@ dtrace_getstackdepth(int aframes) __asm __volatile("mv %0, sp" : "=" (sp)); - state.fp = (uint64_t)__builtin_frame_address(0); + state.fp = (uintptr_t)__builtin_frame_address(0); state.sp = sp; - state.pc = (uint64_t)dtrace_getstackdepth; + state.pc = (uintptr_t)dtrace_getstackdepth; do { done = unwind_frame(); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368241 - head/sys/mips/mips
Author: jhb Date: Tue Dec 1 17:17:22 2020 New Revision: 368241 URL: https://svnweb.freebsd.org/changeset/base/368241 Log: Make stack_save*() more robust on MIPS. - Validate any stack addresses read from against td_kstack before reading. If an unwind operation would attempt to read outside the bounds of td_kstack, abort the unwind instead. - For stack_save_td(), don't use the PC and SP from the current thread, instead read the PC and SP from pcb_context[]. - For stack_save(), use the current PC and SP of the current thread, not the values from pcb_regs (the horribly named td_frame of the outermost trapframe). The result was that stack_trace() never logged _any_ kernel frames but only the frame from the saved userspace registers on entry from the kernel. - Inline the one use of stack_register_fetch(). - Add a VALID_PC() helper macro and simplify types to remove excessive casts in stack_capture(). - Fix stack_capture() to work on compilers written in this century. Don't treat function epilogues as function prologues by skipping additions to SP when searching for a function start. - Add some comments to stack_capture() and fix some style bugs. Reviewed by: arichardson Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27358 Modified: head/sys/mips/mips/stack_machdep.c Modified: head/sys/mips/mips/stack_machdep.c == --- head/sys/mips/mips/stack_machdep.c Tue Dec 1 17:04:46 2020 (r368240) +++ head/sys/mips/mips/stack_machdep.c Tue Dec 1 17:17:22 2020 (r368241) @@ -41,30 +41,33 @@ __FBSDID("$FreeBSD$"); #include #include -static u_register_t -stack_register_fetch(u_register_t sp, u_register_t stack_pos) -{ - u_register_t * stack = - ((u_register_t *)(intptr_t)sp + (size_t)stack_pos/sizeof(u_register_t)); +#defineVALID_PC(addr) ((addr) >= (uintptr_t)btext && (addr) % 4 == 0) - return *stack; -} - static void -stack_capture(struct stack *st, u_register_t pc, u_register_t sp) +stack_capture(struct stack *st, struct thread *td, uintptr_t pc, uintptr_t sp) { - u_register_t ra = 0, i, stacksize; - short ra_stack_pos = 0; + u_register_t ra; + uintptr_t i, ra_addr; + int ra_stack_pos, stacksize; InstFmt insn; stack_zero(st); for (;;) { - stacksize = 0; - if (pc <= (u_register_t)(intptr_t)btext) + if (!VALID_PC(pc)) break; - for (i = pc; i >= (u_register_t)(intptr_t)btext; i -= sizeof (insn)) { - bcopy((void *)(intptr_t)i, , sizeof insn); + + /* +* Walk backward from the PC looking for the function +* start. Assume a subtraction from SP is the start +* of a function. Hope that we find the store of RA +* into the stack frame along the way and save the +* offset of the saved RA relative to SP. +*/ + ra_stack_pos = -1; + stacksize = 0; + for (i = pc; VALID_PC(i); i -= sizeof(insn)) { + bcopy((void *)i, , sizeof(insn)); switch (insn.IType.op) { case OP_ADDI: case OP_ADDIU: @@ -72,6 +75,17 @@ stack_capture(struct stack *st, u_register_t pc, u_reg case OP_DADDIU: if (insn.IType.rs != SP || insn.IType.rt != SP) break; + + /* +* Ignore stack fixups in "early" +* returns in a function, or if the +* call was from an unlikely branch +* moved after the end of the normal +* return. +*/ + if ((short)insn.IType.imm > 0) + break; + stacksize = -(short)insn.IType.imm; break; @@ -85,36 +99,49 @@ stack_capture(struct stack *st, u_register_t pc, u_reg break; } - if (stacksize) + if (stacksize != 0) break; } if (stack_put(st, pc) == -1) break; - for (i = pc; !ra; i += sizeof (insn)) { - bcopy((void *)(intptr_t)i, , sizeof insn); + if (ra_stack_pos == -1) + break; + /* +* Walk forward from the PC to find
svn commit: r368240 - in head/sys: cddl/dev/dtrace/amd64 cddl/dev/dtrace/i386 ddb riscv/riscv sys x86/x86
Author: jhb Date: Tue Dec 1 17:04:46 2020 New Revision: 368240 URL: https://svnweb.freebsd.org/changeset/base/368240 Log: Add a kstack_contains() helper function. This is useful for stack unwinders which need to avoid out-of-bounds reads of a kernel stack which can trigger kernel faults. Reviewed by: kib, markj Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27356 Modified: head/sys/cddl/dev/dtrace/amd64/dtrace_isa.c head/sys/cddl/dev/dtrace/i386/dtrace_isa.c head/sys/ddb/db_ps.c head/sys/riscv/riscv/stack_machdep.c head/sys/sys/proc.h head/sys/x86/x86/stack_machdep.c Modified: head/sys/cddl/dev/dtrace/amd64/dtrace_isa.c == --- head/sys/cddl/dev/dtrace/amd64/dtrace_isa.c Tue Dec 1 16:44:36 2020 (r368239) +++ head/sys/cddl/dev/dtrace/amd64/dtrace_isa.c Tue Dec 1 17:04:46 2020 (r368240) @@ -73,14 +73,10 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, in frame = (struct amd64_frame *)rbp; td = curthread; while (depth < pcstack_limit) { - if (!INKERNEL((long) frame)) + if (!kstack_contains(curthread, (vm_offset_t)frame, + sizeof(*frame)) break; - if ((vm_offset_t)frame >= - td->td_kstack + ptoa(td->td_kstack_pages) || - (vm_offset_t)frame < td->td_kstack) - break; - callpc = frame->f_retaddr; if (!INKERNEL(callpc)) @@ -466,14 +462,11 @@ dtrace_getstackdepth(int aframes) frame = (struct amd64_frame *)rbp; depth++; for(;;) { - if (!INKERNEL((long) frame)) + if (!kstack_contains(curthread, (vm_offset_t)frame, + sizeof(*frame)) break; - if (!INKERNEL((long) frame->f_frame)) - break; depth++; - if (frame->f_frame <= frame || - (vm_offset_t)frame->f_frame >= curthread->td_kstack + - curthread->td_kstack_pages * PAGE_SIZE) + if (frame->f_frame <= frame) break; frame = frame->f_frame; } Modified: head/sys/cddl/dev/dtrace/i386/dtrace_isa.c == --- head/sys/cddl/dev/dtrace/i386/dtrace_isa.c Tue Dec 1 16:44:36 2020 (r368239) +++ head/sys/cddl/dev/dtrace/i386/dtrace_isa.c Tue Dec 1 17:04:46 2020 (r368240) @@ -73,7 +73,8 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, in frame = (struct i386_frame *)ebp; while (depth < pcstack_limit) { - if (!INKERNEL(frame)) + if (!kstack_contains(curthread, (vm_offset_t)frame, + sizeof(*frame)) break; callpc = frame->f_retaddr; @@ -91,9 +92,7 @@ dtrace_getpcstack(pc_t *pcstack, int pcstack_limit, in pcstack[depth++] = callpc; } - if (frame->f_frame <= frame || - (vm_offset_t)frame->f_frame >= curthread->td_kstack + - curthread->td_kstack_pages * PAGE_SIZE) + if (frame->f_frame <= frame) break; frame = frame->f_frame; } @@ -484,14 +483,10 @@ dtrace_getstackdepth(int aframes) frame = (struct i386_frame *)ebp; depth++; for(;;) { - if (!INKERNEL((long) frame)) + if (!kstack_contains((vm_offset_t)frame, sizeof(*frame)) break; - if (!INKERNEL((long) frame->f_frame)) - break; depth++; - if (frame->f_frame <= frame || - (vm_offset_t)frame->f_frame >= curthread->td_kstack + - curthread->td_kstack_pages * PAGE_SIZE) + if (frame->f_frame <= frame) break; frame = frame->f_frame; } Modified: head/sys/ddb/db_ps.c == --- head/sys/ddb/db_ps.cTue Dec 1 16:44:36 2020(r368239) +++ head/sys/ddb/db_ps.cTue Dec 1 17:04:46 2020(r368240) @@ -527,8 +527,7 @@ db_findstack_cmd(db_expr_t addr, bool have_addr, db_ex FOREACH_PROC_IN_SYSTEM(p) { FOREACH_THREAD_IN_PROC(p, td) { - if (td->td_kstack <= saddr && saddr < td->td_kstack + - PAGE_SIZE * td->td_kstack_pages) { + if (kstack_contains(td, saddr, 1)) { db_printf("Thread %p\n", td); return; } Modified:
Re: svn commit: r368187 - head/sys/dev/nvme
On 11/30/20 9:04 AM, Warner Losh wrote: > On Mon, Nov 30, 2020 at 9:56 AM Michal Meloun > wrote: > >> >> >> On 30.11.2020 17:02, Ian Lepore wrote: >>> On Mon, 2020-11-30 at 14:51 +, Michal Meloun wrote: >>>> Author: mmel >>>> Date: Mon Nov 30 14:51:48 2020 >>>> New Revision: 368187 >>>> URL: https://svnweb.freebsd.org/changeset/base/368187 >>>> >>>> Log: >>>>Unbreak r368167 in userland. Decorate unused arguments. >>>> >>>>Reported by: kp, tuexen, jenkins, and many others >>>>MFC with: r368167 >>>> >>>> Modified: >>>>head/sys/dev/nvme/nvme.h >>>> >>>> Modified: head/sys/dev/nvme/nvme.h >>>> = >>>> = >>>> --- head/sys/dev/nvme/nvme.h Mon Nov 30 14:49:13 2020(r368186) >>>> +++ head/sys/dev/nvme/nvme.h Mon Nov 30 14:51:48 2020(r368187) >>>> @@ -1728,9 +1728,15 @@ extern int nvme_use_nvd; >>>> >>>> #endif /* _KERNEL */ >>>> >>>> +#if _BYTE_ORDER != _LITTLE_ENDIAN >>>> +#define MODIF >>>> +#else >>>> +#define MODIF __unused >>>> +#endif >>>> + >>>> /* Endianess conversion functions for NVMe structs */ >>>> static inline >>>> -voidnvme_completion_swapbytes(struct nvme_completion *s) >>>> +voidnvme_completion_swapbytes(struct nvme_completion *s MODIF) >>> >>> IMO, this is pretty ugly, it causes the brain to screech to a halt when >>> you see it. Why not just add an unconditional __unused to the >>> functions? The unused attribute is defined as marking the variable as >>> "potentially unused" -- there is no penalty for having it there and >>> then actually using the variable. >>> >> >> I understand, (and I have significant tendency to agree) but I did not >> find more correct way how to do it. >> Are you sure that __unused is defined as *potentially* unused? I cannot >> find nothing about this and you known how are compiler guys creative >> with generating of new warnings... >> I known that C++17 have 'maybe_unused' attribute, but relationship to >> standard '__unused' looks unclear. >> >> In any case, I have not single problem to change this to the proposed >> style if we found that this is the optimal way. >> > > __unused means 'don't warn me if this is unused' elsewhere in the tree. > Better to use it here. Alternatively, given you already are using #ifdef's in all the function bodies, you could instead do something like this: #if _BYTE_ORDER != _LITTLE_ENDIAN /* Existing functions without #if */ #else #define nvme_completion_swapbytes(s) /* Empty macros for the rest */ #endif This gives only a single #if instead of duplicating them in each function, and it avoids the need for __unused. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368119 - head/usr.sbin/bhyve
Author: jhb Date: Sat Nov 28 04:21:22 2020 New Revision: 368119 URL: https://svnweb.freebsd.org/changeset/base/368119 Log: Suspend I/O on ahci-cd devices during a snapshot. Submitted by: Vitaliy Gusev Modified: head/usr.sbin/bhyve/snapshot.c Modified: head/usr.sbin/bhyve/snapshot.c == --- head/usr.sbin/bhyve/snapshot.c Sat Nov 28 04:06:09 2020 (r368118) +++ head/usr.sbin/bhyve/snapshot.c Sat Nov 28 04:21:22 2020 (r368119) @@ -154,7 +154,7 @@ const struct vm_snapshot_dev_info snapshot_devs[] = { { "e1000", pci_snapshot, NULL, NULL }, { "ahci", pci_snapshot, pci_pause, pci_resume }, { "ahci-hd",pci_snapshot, pci_pause, pci_resume }, - { "ahci-cd",pci_snapshot, NULL, NULL }, + { "ahci-cd",pci_snapshot, pci_pause, pci_resume }, }; const struct vm_snapshot_kern_info snapshot_kern_structs[] = { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368118 - head/usr.sbin/bhyve
Author: jhb Date: Sat Nov 28 04:06:09 2020 New Revision: 368118 URL: https://svnweb.freebsd.org/changeset/base/368118 Log: bhyve: Add snapshot support for virtio-rnd. This uses the same snapshot routine as other VirtIO devices. Submitted by: Vitaliy Gusev Differential Revision:https://reviews.freebsd.org/D26265 Modified: head/usr.sbin/bhyve/pci_virtio_rnd.c head/usr.sbin/bhyve/snapshot.c Modified: head/usr.sbin/bhyve/pci_virtio_rnd.c == --- head/usr.sbin/bhyve/pci_virtio_rnd.cSat Nov 28 03:54:48 2020 (r368117) +++ head/usr.sbin/bhyve/pci_virtio_rnd.cSat Nov 28 04:06:09 2020 (r368118) @@ -205,6 +205,9 @@ struct pci_devemu pci_de_vrnd = { .pe_emu = "virtio-rnd", .pe_init = pci_vtrnd_init, .pe_barwrite = vi_pci_write, - .pe_barread = vi_pci_read + .pe_barread = vi_pci_read, +#ifdef BHYVE_SNAPSHOT + .pe_snapshot = vi_pci_snapshot, +#endif }; PCI_EMUL_SET(pci_de_vrnd); Modified: head/usr.sbin/bhyve/snapshot.c == --- head/usr.sbin/bhyve/snapshot.c Sat Nov 28 03:54:48 2020 (r368117) +++ head/usr.sbin/bhyve/snapshot.c Sat Nov 28 04:06:09 2020 (r368118) @@ -147,6 +147,7 @@ const struct vm_snapshot_dev_info snapshot_devs[] = { { "atkbdc", atkbdc_snapshot,NULL, NULL }, { "virtio-net", pci_snapshot, pci_pause, pci_resume }, { "virtio-blk", pci_snapshot, pci_pause, pci_resume }, + { "virtio-rnd", pci_snapshot, NULL, NULL }, { "lpc",pci_snapshot, NULL, NULL }, { "fbuf", pci_snapshot, NULL, NULL }, { "xhci", pci_snapshot, NULL, NULL }, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368117 - head/usr.sbin/bhyve
Author: jhb Date: Sat Nov 28 03:54:48 2020 New Revision: 368117 URL: https://svnweb.freebsd.org/changeset/base/368117 Log: bhyve: 'xhci,tablet' snapshot fixes Permit suspend/resume of a XHCI device model that has not been attached to by a driver in a guest OS. Submitted by: Vitaliy Gusev Differential Revision:https://reviews.freebsd.org/D26264 Modified: head/usr.sbin/bhyve/pci_xhci.c Modified: head/usr.sbin/bhyve/pci_xhci.c == --- head/usr.sbin/bhyve/pci_xhci.c Sat Nov 28 01:21:11 2020 (r368116) +++ head/usr.sbin/bhyve/pci_xhci.c Sat Nov 28 03:54:48 2020 (r368117) @@ -2251,7 +2251,6 @@ pci_xhci_write(struct vmctx *ctx, int vcpu, struct pci assert(baridx == 0); - pthread_mutex_lock(>mtx); if (offset < XHCI_CAPLEN) /* read only registers */ WPRINTF(("pci_xhci: write RO-CAPs offset %ld", offset)); @@ -2981,11 +2980,11 @@ pci_xhci_snapshot(struct vm_snapshot_meta *meta) /* opregs.cr_p */ SNAPSHOT_GUEST2HOST_ADDR_OR_LEAVE(sc->opregs.cr_p, - XHCI_GADDR_SIZE(sc->opregs.cr_p), false, meta, ret, done); + XHCI_GADDR_SIZE(sc->opregs.cr_p), true, meta, ret, done); /* opregs.dcbaa_p */ SNAPSHOT_GUEST2HOST_ADDR_OR_LEAVE(sc->opregs.dcbaa_p, - XHCI_GADDR_SIZE(sc->opregs.dcbaa_p), false, meta, ret, done); + XHCI_GADDR_SIZE(sc->opregs.dcbaa_p), true, meta, ret, done); /* rtsregs */ SNAPSHOT_VAR_OR_LEAVE(sc->rtsregs.mfindex, meta, ret, done); @@ -3000,11 +2999,11 @@ pci_xhci_snapshot(struct vm_snapshot_meta *meta) /* rtsregs.erstba_p */ SNAPSHOT_GUEST2HOST_ADDR_OR_LEAVE(sc->rtsregs.erstba_p, - XHCI_GADDR_SIZE(sc->rtsregs.erstba_p), false, meta, ret, done); + XHCI_GADDR_SIZE(sc->rtsregs.erstba_p), true, meta, ret, done); /* rtsregs.erst_p */ SNAPSHOT_GUEST2HOST_ADDR_OR_LEAVE(sc->rtsregs.erst_p, - XHCI_GADDR_SIZE(sc->rtsregs.erst_p), false, meta, ret, done); + XHCI_GADDR_SIZE(sc->rtsregs.erst_p), true, meta, ret, done); SNAPSHOT_VAR_OR_LEAVE(sc->rtsregs.er_deq_seg, meta, ret, done); SNAPSHOT_VAR_OR_LEAVE(sc->rtsregs.er_enq_idx, meta, ret, done); @@ -3090,12 +3089,14 @@ pci_xhci_snapshot(struct vm_snapshot_meta *meta) continue; SNAPSHOT_GUEST2HOST_ADDR_OR_LEAVE(dev->dev_ctx, - XHCI_GADDR_SIZE(dev->dev_ctx), false, meta, ret, done); + XHCI_GADDR_SIZE(dev->dev_ctx), true, meta, ret, done); - for (j = 1; j < XHCI_MAX_ENDPOINTS; j++) { - ret = pci_xhci_snapshot_ep(sc, dev, j, meta); - if (ret != 0) - goto done; + if (dev->dev_ctx != NULL) { + for (j = 1; j < XHCI_MAX_ENDPOINTS; j++) { + ret = pci_xhci_snapshot_ep(sc, dev, j, meta); + if (ret != 0) + goto done; + } } SNAPSHOT_VAR_OR_LEAVE(dev->dev_slotstate, meta, ret, done); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368040 - head/share/man/man4
Author: jhb Date: Wed Nov 25 23:17:23 2020 New Revision: 368040 URL: https://svnweb.freebsd.org/changeset/base/368040 Log: Add a manpage for kernel TLS. This subsumes some of the content from tcp(4) describing the socket options but also adds additional notes. Reviewed by: gallatin, hselasky Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27272 Added: head/share/man/man4/ktls.4 (contents, props changed) Modified: head/share/man/man4/Makefile head/share/man/man4/tcp.4 Modified: head/share/man/man4/Makefile == --- head/share/man/man4/MakefileWed Nov 25 22:53:21 2020 (r368039) +++ head/share/man/man4/MakefileWed Nov 25 23:17:23 2020 (r368040) @@ -250,6 +250,7 @@ MAN=aac.4 \ kld.4 \ ksyms.4 \ ksz8995ma.4 \ + ktls.4 \ ktr.4 \ kue.4 \ lagg.4 \ Added: head/share/man/man4/ktls.4 == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/man/man4/ktls.4 Wed Nov 25 23:17:23 2020(r368040) @@ -0,0 +1,264 @@ +.\" Copyright (c) 2020, Chelsio Inc +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright notice, +.\"this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\"notice, this list of conditions and the following disclaimer in the +.\"documentation and/or other materials provided with the distribution. +.\" +.\" 3. Neither the name of the Chelsio Inc nor the names of its +.\"contributors may be used to endorse or promote products derived from +.\"this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +.\" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +.\" ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +.\" LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +.\" POSSIBILITY OF SUCH DAMAGE. +.\" +.\" * Other names and brands may be claimed as the property of others. +.\" +.\" $FreeBSD$ +.\" +.Dd November 25, 2020 +.Dt KTLS 4 +.Os +.Sh NAME +.Nm ktls +.Nd kernel Transport Layer Security +.Sh SYNOPSIS +.Cd options KERN_TLS +.Sh DESCRIPTION +The +.Nm +facility allows the kernel to perform Transport Layer Security (TLS) +framing on TCP sockets. +With +.Nm , +the initial handshake for a socket using TLS is performed in userland. +Once the session keys are negotiated, +they are provided to the kernel via the +.Dv TCP_TXTLS_ENABLE +and +.Dv TCP_RXTLS_ENABLE +socket options. +Both socket options accept a +.Vt struct tls_so_enable +structure as their argument. +The members of this structure describe the cipher suite used for the +TLS session and provide the session keys used for the respective +direction. +.Pp +.Nm +only permits the session keys to be set once in each direction. +As a result, +applications must disable rekeying when using +.Nm . +.Ss Modes +.Nm +can operate in different modes. +A given socket may use different modes for transmit and receive, +or a socket may only offload a single direction. +The available modes are: +.Bl -tag -width "Dv TCP_TLS_MODE_IFNET" +.It Dv TCP_TLS_MODE_NONE +.Nm +is not enabled. +.It Dv TCP_TLS_MODE_SW +TLS records are encrypted or decrypted in the kernel in the socket +layer. +Typically the encryption or decryption is performred in software, +but it may also be performed by co-processors via +.Xr crypto 9 . +.It Dv TCP_TLS_MODE_IFNET +TLS records are encrypted or decrypted by the network interface card (NIC). +In this mode, the network stack does not work with encrypted data. +Instead, the NIC is encrypts TLS records as they are being transmitted, +or decrypts received TLS records before providing them to the host. +.Pp +Network interfaces which support this feature will advertise the +.Dv TXTLS4 +(for IPv4) +and/or +.Dv TXTLS6 +(for IPv6) +capabilities as reported by +.Xr ifconfig 8 . +These capabilities can also be controlled by +.Xr ifconfig 8 . +.Pp +If a network interface supports rate limiting +(also known as
Re: svn commit: r368038 - head/sys/kern
On 11/25/20 1:41 PM, Mateusz Guzik wrote: > Author: mjg > Date: Wed Nov 25 21:41:23 2020 > New Revision: 368038 > URL: https://svnweb.freebsd.org/changeset/base/368038 > > Log: > pipe: drop spurious pipeunlock/pipelock cycle on write > > Modified: > head/sys/kern/sys_pipe.c > > Modified: head/sys/kern/sys_pipe.c > == > --- head/sys/kern/sys_pipe.c Wed Nov 25 21:25:17 2020(r368037) > +++ head/sys/kern/sys_pipe.c Wed Nov 25 21:41:23 2020(r368038) > @@ -997,10 +993,9 @@ retry: > pipeunlock(wpipe); > error = msleep(wpipe, PIPE_MTX(wpipe), > PRIBIO | PCATCH, "pipdww", 0); > + pipelock(wpipe, 0); > if (error) > goto error1; > - else > - goto retry; > } Hmm, what ensures that PIPE_EOF and PIPE_DIRECTW aren't still set once awakened that would permit removing the 'goto retry'? The goto is still present in the other case in this function, it was only removed from this one? > @@ -1282,12 +1270,13 @@ pipe_write(struct file *fp, struct uio *uio, struct uc > pipeunlock(wpipe); > error = msleep(wpipe, PIPE_MTX(rpipe), > PRIBIO | PCATCH, "pipewr", 0); > + pipelock(wpipe, 0); > if (error != 0) > break; > + continue; A continue as the last line of a while() loop seems spurious? -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368022 - head/lib/libsysdecode
On 11/25/20 8:30 AM, Pawel Biernacki wrote: > Author: kaktus > Date: Wed Nov 25 16:30:57 2020 > New Revision: 368022 > URL: https://svnweb.freebsd.org/changeset/base/368022 > > Log: > libsysdecode: correctly decode mmap flags > > r352913 added decoding of mmap PROT_MAX()'d flags but didn’t account for the > case where different values were specified for PROT_MAX and regular flags. > Fix it. > > Submitted by: sigsys_gmail.com > Reported by:sigsys_gmail.com > MFC after: 7 days > Differential Revision: https://reviews.freebsd.org/D27312 > > Modified: > head/lib/libsysdecode/flags.c > > Modified: head/lib/libsysdecode/flags.c > == > --- head/lib/libsysdecode/flags.c Wed Nov 25 15:45:20 2020 > (r368021) > +++ head/lib/libsysdecode/flags.c Wed Nov 25 16:30:57 2020 > (r368022) > @@ -662,11 +662,11 @@ sysdecode_mmap_prot(FILE *fp, int prot, int *rem) > > printed = false; > protm = PROT_MAX_EXTRACT(prot); > + prot = PROT_EXTRACT(prot); > if (protm != 0) { > fputs("PROT_MAX(", fp); > printed = print_mask_int(fp, mmapprot, protm, rem); > fputs(")|", fp); > - prot = protm; This was probably meant to be something more like 'prot &= ~PROT_MAX(protm);'. As it is, if there are any invalid bits set, those are now lost. The change to mask off only the PROT_MAX bits would preserve any invalid/unknown bits. (To test, try passing -1 or the like as a prot value and comparing the decoded output for kdump or truss.) -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368008 - in head: tests/sys/opencrypto tools/tools/crypto
Author: jhb Date: Wed Nov 25 01:31:00 2020 New Revision: 368008 URL: https://svnweb.freebsd.org/changeset/base/368008 Log: Remove uses of CRIOGET in OCF tests after r368005. Pointy hat to:jhb Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27367 Modified: head/tests/sys/opencrypto/blake2_test.c head/tests/sys/opencrypto/cryptodev.py head/tests/sys/opencrypto/poly1305_test.c head/tools/tools/crypto/cryptokeytest.c head/tools/tools/crypto/cryptotest.c Modified: head/tests/sys/opencrypto/blake2_test.c == --- head/tests/sys/opencrypto/blake2_test.c Wed Nov 25 01:09:58 2020 (r368007) +++ head/tests/sys/opencrypto/blake2_test.c Wed Nov 25 01:31:00 2020 (r368008) @@ -88,17 +88,10 @@ lookup_crid(int fd, const char *devname) static int get_handle_fd(void) { - int dc_fd, fd; + int fd; - dc_fd = open("/dev/crypto", O_RDWR); - - /* -* Why do we do this dance instead of just operating on /dev/crypto -* directly? I have no idea. -*/ - ATF_REQUIRE(dc_fd >= 0); - ATF_REQUIRE(ioctl(dc_fd, CRIOGET, ) != -1); - close(dc_fd); + fd = open("/dev/crypto", O_RDWR); + ATF_REQUIRE(fd >= 0); return (fd); } Modified: head/tests/sys/opencrypto/cryptodev.py == --- head/tests/sys/opencrypto/cryptodev.py Wed Nov 25 01:09:58 2020 (r368007) +++ head/tests/sys/opencrypto/cryptodev.py Wed Nov 25 01:31:00 2020 (r368008) @@ -115,7 +115,6 @@ class CryptAEAD(dpkt.Packet): ) # h2py.py can't handle multiarg macros -CRIOGET = 3221513060 CIOCGSESSION = 3224396645 CIOCFSESSION = 2147771238 CIOCKEY = 3230688104 @@ -131,17 +130,7 @@ else: CIOCCRYPT = 3223085927 CIOCCRYPTAEAD = 3223872365 -def _getdev(): -buf = array.array('I', [0]) -fd = os.open('/dev/crypto', os.O_RDWR) -try: -ioctl(fd, CRIOGET, buf, 1) -finally: -os.close(fd) - -return buf[0] - -_cryptodev = _getdev() +_cryptodev = os.open('/dev/crypto', os.O_RDWR) def str_to_ascii(val): if sys.version_info[0] >= 3: Modified: head/tests/sys/opencrypto/poly1305_test.c == --- head/tests/sys/opencrypto/poly1305_test.c Wed Nov 25 01:09:58 2020 (r368007) +++ head/tests/sys/opencrypto/poly1305_test.c Wed Nov 25 01:31:00 2020 (r368008) @@ -302,17 +302,10 @@ parse_vector(const struct poly1305_kat *kat, static int get_handle_fd(void) { - int dc_fd, fd; + int fd; - dc_fd = open("/dev/crypto", O_RDWR); - - /* -* Why do we do this dance instead of just operating on /dev/crypto -* directly? I have no idea. -*/ - ATF_REQUIRE(dc_fd >= 0); - ATF_REQUIRE(ioctl(dc_fd, CRIOGET, ) != -1); - close(dc_fd); + fd = open("/dev/crypto", O_RDWR); + ATF_REQUIRE(fd >= 0); return (fd); } Modified: head/tools/tools/crypto/cryptokeytest.c == --- head/tools/tools/crypto/cryptokeytest.c Wed Nov 25 01:09:58 2020 (r368007) +++ head/tools/tools/crypto/cryptokeytest.c Wed Nov 25 01:31:00 2020 (r368008) @@ -113,10 +113,7 @@ UB_mod_exp(BIGNUM *res, const BIGNUM *a, const BIGNUM { struct crypt_kop kop; void *ale, *ble, *cle; - static int crypto_fd = -1; - - if (crypto_fd == -1 && ioctl(devcrypto(), CRIOGET, _fd) == -1) - err(1, "CRIOGET"); + int crypto_fd = devcrypto(); if ((ale = bignum_to_le(a)) == NULL) err(1, "bignum_to_le, a"); Modified: head/tools/tools/crypto/cryptotest.c == --- head/tools/tools/crypto/cryptotest.cWed Nov 25 01:09:58 2020 (r368007) +++ head/tools/tools/crypto/cryptotest.cWed Nov 25 01:31:00 2020 (r368008) @@ -229,23 +229,11 @@ crfind(int crid) bzero(, sizeof(find)); find.crid = crid; - if (ioctl(devcrypto(), CRIOFINDDEV, ) == -1) + if (ioctl(devcrypto(), CIOCFINDDEV, ) == -1) err(1, "ioctl(CIOCFINDDEV): crid %d", crid); return find.name; } -int -crget(void) -{ - int fd; - - if (ioctl(devcrypto(), CRIOGET, ) == -1) - err(1, "ioctl(CRIOGET)"); - if (fcntl(fd, F_SETFD, 1) == -1) - err(1, "fcntl(F_SETFD) (crget)"); - return fd; -} - char rdigit(void) { @@ -259,7 +247,7 @@ rdigit(void) void runtest(struct alg *ealg, struct alg *alg, int count, int size, u_long cmd, struct timeval *tv) { - int i, fd = crget(); + int i, fd = devcrypto(); struct timeval start, stop, dt; char
Re: svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
On 11/24/20 4:10 PM, John Baldwin wrote: > Author: jhb > Date: Wed Nov 25 00:10:54 2020 > New Revision: 368005 > URL: https://svnweb.freebsd.org/changeset/base/368005 > > Log: > Remove the cloned file descriptors for /dev/crypto. > > Crypto file descriptors were added in the original OCF import as a way > to provide per-open data (specifically the list of symmetric > sessions). However, this gives a bit of a confusing API where one has > to open /dev/crypto and then invoke an ioctl to obtain a second file > descriptor. This also does not match the API used with /dev/crypto on > other BSDs or with Linux's /dev/crypto driver. > > Character devices have gained support for per-open data via cdevpriv > since OCF was imported, so use cdevpriv to simplify the userland API > by permitting ioctls directly on /dev/crypto descriptors. > > To provide backwards compatibility, CRIOGET now opens another > /dev/crypto descriptor via kern_openat() rather than dup'ing the > existing file descriptor. This preserves prior semantics in case > CRIOGET is invoked multiple times on a single file descriptor. Oof, I missed updating some tests that were still using CRIOGET. I have a patch at D27367 that I'm working on testing now. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368007 - head/share/man/man4
Author: jhb Date: Wed Nov 25 01:09:58 2020 New Revision: 368007 URL: https://svnweb.freebsd.org/changeset/base/368007 Log: Remove a reference to CRIOGET missed in r368005. Modified: head/share/man/man4/crypto.4 Modified: head/share/man/man4/crypto.4 == --- head/share/man/man4/crypto.4Wed Nov 25 01:08:57 2020 (r368006) +++ head/share/man/man4/crypto.4Wed Nov 25 01:09:58 2020 (r368007) @@ -171,11 +171,6 @@ and .\" .Bl -tag -width CIOCGSESSION .\" -.It Dv CRIOGET Fa int *fd -Clone the fd argument to -.Xr ioctl 2 , -yielding a new file descriptor for the creation of sessions. -.\" .It Dv CIOCFINDDEV Fa struct crypt_find_op *fop .Bd -literal struct crypt_find_op { ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
On 11/24/20 4:10 PM, John Baldwin wrote: > Author: jhb > Date: Wed Nov 25 00:10:54 2020 > New Revision: 368005 > URL: https://svnweb.freebsd.org/changeset/base/368005 > > Log: > Remove the cloned file descriptors for /dev/crypto. > > Crypto file descriptors were added in the original OCF import as a way > to provide per-open data (specifically the list of symmetric > sessions). However, this gives a bit of a confusing API where one has > to open /dev/crypto and then invoke an ioctl to obtain a second file > descriptor. This also does not match the API used with /dev/crypto on > other BSDs or with Linux's /dev/crypto driver. > > Character devices have gained support for per-open data via cdevpriv > since OCF was imported, so use cdevpriv to simplify the userland API > by permitting ioctls directly on /dev/crypto descriptors. > > To provide backwards compatibility, CRIOGET now opens another > /dev/crypto descriptor via kern_openat() rather than dup'ing the > existing file descriptor. This preserves prior semantics in case > CRIOGET is invoked multiple times on a single file descriptor. > > Reviewed by:markj > Relnotes: yes > Sponsored by: Chelsio Communications > Differential Revision: https://reviews.freebsd.org/D27302 This also allows the devcrypto engine in OpenSSL 1.1.1 to work since it doesn't know about CRIOGET at all (though I have an open PR to teach OpenSSL about CRIOGET so that it will work again on older branches here: https://github.com/openssl/openssl/pull/13468 -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367945 - head
On 11/22/20 8:39 PM, Eitan Adler wrote: > Author: eadler > Date: Mon Nov 23 04:39:29 2020 > New Revision: 367945 > URL: https://svnweb.freebsd.org/changeset/base/367945 > > Log: > arcconfig: add callsign again > > Problem > > When using git-svn or other non-pure-svn tooling the original subversion > URL is not present. This causes arcanist/phabricator to be unable to > determine which repository is being modified. > > Solution > > Restore callsign to .arcconfig to enable exact repository matching even > with git-svn. > > Reported By:jhb > > Modified: > head/.arcconfig In my case I wasn't using git svn, just using arc with git branches from the GH mirror. Thanks for fixing! -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r368005 - in head: lib/libprocstat share/man/man4 sys/opencrypto sys/sys tools/tools/crypto usr.bin/procstat
Author: jhb Date: Wed Nov 25 00:10:54 2020 New Revision: 368005 URL: https://svnweb.freebsd.org/changeset/base/368005 Log: Remove the cloned file descriptors for /dev/crypto. Crypto file descriptors were added in the original OCF import as a way to provide per-open data (specifically the list of symmetric sessions). However, this gives a bit of a confusing API where one has to open /dev/crypto and then invoke an ioctl to obtain a second file descriptor. This also does not match the API used with /dev/crypto on other BSDs or with Linux's /dev/crypto driver. Character devices have gained support for per-open data via cdevpriv since OCF was imported, so use cdevpriv to simplify the userland API by permitting ioctls directly on /dev/crypto descriptors. To provide backwards compatibility, CRIOGET now opens another /dev/crypto descriptor via kern_openat() rather than dup'ing the existing file descriptor. This preserves prior semantics in case CRIOGET is invoked multiple times on a single file descriptor. Reviewed by: markj Relnotes: yes Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27302 Modified: head/lib/libprocstat/libprocstat.c head/lib/libprocstat/libprocstat.h head/share/man/man4/crypto.4 head/sys/opencrypto/cryptodev.c head/sys/opencrypto/cryptodev.h head/sys/sys/user.h head/tools/tools/crypto/cryptocheck.c head/usr.bin/procstat/procstat.1 head/usr.bin/procstat/procstat_files.c Modified: head/lib/libprocstat/libprocstat.c == --- head/lib/libprocstat/libprocstat.c Tue Nov 24 23:56:33 2020 (r368004) +++ head/lib/libprocstat/libprocstat.c Wed Nov 25 00:10:54 2020 (r368005) @@ -708,7 +708,6 @@ kinfo_type2fst(int kftype) int fst_type; } kftypes2fst[] = { { KF_TYPE_PROCDESC, PS_FST_TYPE_PROCDESC }, - { KF_TYPE_CRYPTO, PS_FST_TYPE_CRYPTO }, { KF_TYPE_DEV, PS_FST_TYPE_DEV }, { KF_TYPE_FIFO, PS_FST_TYPE_FIFO }, { KF_TYPE_KQUEUE, PS_FST_TYPE_KQUEUE }, Modified: head/lib/libprocstat/libprocstat.h == --- head/lib/libprocstat/libprocstat.h Tue Nov 24 23:56:33 2020 (r368004) +++ head/lib/libprocstat/libprocstat.h Wed Nov 25 00:10:54 2020 (r368005) @@ -64,7 +64,7 @@ #definePS_FST_TYPE_PIPE4 #definePS_FST_TYPE_PTS 5 #definePS_FST_TYPE_KQUEUE 6 -#definePS_FST_TYPE_CRYPTO 7 +/* was PS_FST_TYPE_CRYPTO 7 */ #definePS_FST_TYPE_MQUEUE 8 #definePS_FST_TYPE_SHM 9 #definePS_FST_TYPE_SEM 10 Modified: head/share/man/man4/crypto.4 == --- head/share/man/man4/crypto.4Tue Nov 24 23:56:33 2020 (r368004) +++ head/share/man/man4/crypto.4Wed Nov 25 00:10:54 2020 (r368005) @@ -60,7 +60,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 6, 2020 +.Dd November 24, 2020 .Dt CRYPTO 4 .Os .Sh NAME @@ -122,19 +122,11 @@ Open the .Pa /dev/crypto device. .It -Create a new cryptography file descriptor via -.Dv CRIOGET -to use for all subsequent -.Xr ioctl 2 -commands. -.It -Close the -.Pa /dev/crypto -device. -.It If any symmetric-keyed cryptographic or digest operations will be performed, create a session with -.Dv CIOCGSESSION . +.Dv CIOCGSESSION +or +.Dv CIOCGSESSION2 . Most applications will require at least one symmetric session. Since cipher and MAC keys are tied to sessions, many applications will require more. @@ -152,8 +144,9 @@ or Optionally destroy a session with .Dv CIOCFSESSION . .It -Close the cryptography file descriptor with -.Xr close 2 . +Close the +.Pa /dev/crypto +device. This will automatically close any remaining sessions associated with the file desriptor. .El @@ -458,11 +451,3 @@ session: if you request a algorithm, you must supply a suitably-sized buffer. .Pp The scheme for passing arguments for asymmetric requests is baroque. -.Pp -.Dv CRIOGET -should not exist. -It should be possible to use the -.Dv CIOC Ns \&* -commands directly on a -.Pa /dev/crypto -file descriptor. Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Tue Nov 24 23:56:33 2020 (r368004) +++ head/sys/opencrypto/cryptodev.c Wed Nov 25 00:10:54 2020 (r368005) @@ -47,9 +47,8 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include -#include -#include #include #include #include @@ -57,8 +56,8 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include +#include #include #include @@ -67,6 +66,17 @@
svn commit: r368004 - head/sys/amd64/vmm/io
Author: jhb Date: Tue Nov 24 23:56:33 2020 New Revision: 368004 URL: https://svnweb.freebsd.org/changeset/base/368004 Log: Pull the check for VM ownership into ppt_find(). This reduces some code duplication. One behavior change is that ppt_assign_device() will now only succeed if the device is unowned. Previously, a device could be assigned to the same VM multiple times, but each time it was assigned, the device's state was reset. Reviewed by: markj, grehan MFC after:2 weeks Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27301 Modified: head/sys/amd64/vmm/io/ppt.c Modified: head/sys/amd64/vmm/io/ppt.c == --- head/sys/amd64/vmm/io/ppt.c Tue Nov 24 23:18:52 2020(r368003) +++ head/sys/amd64/vmm/io/ppt.c Tue Nov 24 23:56:33 2020(r368004) @@ -199,8 +199,8 @@ static devclass_t ppt_devclass; DEFINE_CLASS_0(ppt, ppt_driver, ppt_methods, sizeof(struct pptdev)); DRIVER_MODULE(ppt, pci, ppt_driver, ppt_devclass, NULL, NULL); -static struct pptdev * -ppt_find(int bus, int slot, int func) +static int +ppt_find(struct vm *vm, int bus, int slot, int func, struct pptdev **pptp) { device_t dev; struct pptdev *ppt; @@ -212,9 +212,15 @@ ppt_find(int bus, int slot, int func) s = pci_get_slot(dev); f = pci_get_function(dev); if (bus == b && slot == s && func == f) - return (ppt); + break; } - return (NULL); + + if (ppt == NULL) + return (ENOENT); + if (ppt->vm != vm) /* Make sure we own this device */ + return (EBUSY); + *pptp = ppt; + return (0); } static void @@ -378,50 +384,40 @@ int ppt_assign_device(struct vm *vm, int bus, int slot, int func) { struct pptdev *ppt; + int error; - ppt = ppt_find(bus, slot, func); - if (ppt != NULL) { - /* -* If this device is owned by a different VM then we -* cannot change its owner. -*/ - if (ppt->vm != NULL && ppt->vm != vm) - return (EBUSY); + /* Passing NULL requires the device to be unowned. */ + error = ppt_find(NULL, bus, slot, func, ); + if (error) + return (error); - pci_save_state(ppt->dev); - ppt_pci_reset(ppt->dev); - pci_restore_state(ppt->dev); - ppt->vm = vm; - iommu_add_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); - return (0); - } - return (ENOENT); + pci_save_state(ppt->dev); + ppt_pci_reset(ppt->dev); + pci_restore_state(ppt->dev); + ppt->vm = vm; + iommu_add_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); + return (0); } int ppt_unassign_device(struct vm *vm, int bus, int slot, int func) { struct pptdev *ppt; + int error; - ppt = ppt_find(bus, slot, func); - if (ppt != NULL) { - /* -* If this device is not owned by this 'vm' then bail out. -*/ - if (ppt->vm != vm) - return (EBUSY); + error = ppt_find(vm, bus, slot, func, ); + if (error) + return (error); - pci_save_state(ppt->dev); - ppt_pci_reset(ppt->dev); - pci_restore_state(ppt->dev); - ppt_unmap_mmio(vm, ppt); - ppt_teardown_msi(ppt); - ppt_teardown_msix(ppt); - iommu_remove_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); - ppt->vm = NULL; - return (0); - } - return (ENOENT); + pci_save_state(ppt->dev); + ppt_pci_reset(ppt->dev); + pci_restore_state(ppt->dev); + ppt_unmap_mmio(vm, ppt); + ppt_teardown_msi(ppt); + ppt_teardown_msix(ppt); + iommu_remove_device(vm_iommu_domain(vm), pci_get_rid(ppt->dev)); + ppt->vm = NULL; + return (0); } int @@ -452,25 +448,22 @@ ppt_map_mmio(struct vm *vm, int bus, int slot, int fun struct pptseg *seg; struct pptdev *ppt; - ppt = ppt_find(bus, slot, func); - if (ppt != NULL) { - if (ppt->vm != vm) - return (EBUSY); + error = ppt_find(vm, bus, slot, func, ); + if (error) + return (error); - for (i = 0; i < MAX_MMIOSEGS; i++) { - seg = >mmio[i]; - if (seg->len == 0) { - error = vm_map_mmio(vm, gpa, len, hpa); - if (error == 0) { - seg->gpa = gpa; - seg->len = len; - } -
svn commit: r368003 - in head: lib/libvmmapi sys/amd64/include sys/amd64/vmm sys/amd64/vmm/io usr.sbin/bhyve
Author: jhb Date: Tue Nov 24 23:18:52 2020 New Revision: 368003 URL: https://svnweb.freebsd.org/changeset/base/368003 Log: Honor the disabled setting for MSI-X interrupts for passthrough devices. Add a new ioctl to disable all MSI-X interrupts for a PCI passthrough device and invoke it if a write to the MSI-X capability registers disables MSI-X. This avoids leaving MSI-X interrupts enabled on the host if a guest device driver has disabled them (e.g. as part of detaching a guest device driver). This was found by Chelsio QA when testing that a Linux guest could switch from MSI-X to MSI interrupts when using the cxgb4vf driver. While here, explicitly fail requests to enable MSI on a passthrough device if MSI-X is enabled and vice versa. Reported by: Sony Arpita Das @ Chelsio Reviewed by: grehan, markj MFC after:2 weeks Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27212 Modified: head/lib/libvmmapi/vmmapi.c head/lib/libvmmapi/vmmapi.h head/sys/amd64/include/vmm_dev.h head/sys/amd64/vmm/io/ppt.c head/sys/amd64/vmm/io/ppt.h head/sys/amd64/vmm/vmm_dev.c head/usr.sbin/bhyve/pci_passthru.c Modified: head/lib/libvmmapi/vmmapi.c == --- head/lib/libvmmapi/vmmapi.c Tue Nov 24 22:52:12 2020(r368002) +++ head/lib/libvmmapi/vmmapi.c Tue Nov 24 23:18:52 2020(r368003) @@ -1017,6 +1017,19 @@ vm_setup_pptdev_msix(struct vmctx *ctx, int vcpu, int return ioctl(ctx->fd, VM_PPTDEV_MSIX, ); } +int +vm_disable_pptdev_msix(struct vmctx *ctx, int bus, int slot, int func) +{ + struct vm_pptdev ppt; + + bzero(, sizeof(ppt)); + ppt.bus = bus; + ppt.slot = slot; + ppt.func = func; + + return ioctl(ctx->fd, VM_PPTDEV_DISABLE_MSIX, ); +} + uint64_t * vm_get_stats(struct vmctx *ctx, int vcpu, struct timeval *ret_tv, int *ret_entries) @@ -1641,7 +1654,8 @@ vm_get_ioctls(size_t *len) VM_ISA_DEASSERT_IRQ, VM_ISA_PULSE_IRQ, VM_ISA_SET_IRQ_TRIGGER, VM_SET_CAPABILITY, VM_GET_CAPABILITY, VM_BIND_PPTDEV, VM_UNBIND_PPTDEV, VM_MAP_PPTDEV_MMIO, VM_PPTDEV_MSI, - VM_PPTDEV_MSIX, VM_INJECT_NMI, VM_STATS, VM_STAT_DESC, + VM_PPTDEV_MSIX, VM_PPTDEV_DISABLE_MSIX, + VM_INJECT_NMI, VM_STATS, VM_STAT_DESC, VM_SET_X2APIC_STATE, VM_GET_X2APIC_STATE, VM_GET_HPET_CAPABILITIES, VM_GET_GPA_PMAP, VM_GLA2GPA, VM_GLA2GPA_NOFAULT, Modified: head/lib/libvmmapi/vmmapi.h == --- head/lib/libvmmapi/vmmapi.h Tue Nov 24 22:52:12 2020(r368002) +++ head/lib/libvmmapi/vmmapi.h Tue Nov 24 23:18:52 2020(r368003) @@ -181,6 +181,7 @@ int vm_setup_pptdev_msi(struct vmctx *ctx, int vcpu, i intvm_setup_pptdev_msix(struct vmctx *ctx, int vcpu, int bus, int slot, int func, int idx, uint64_t addr, uint64_t msg, uint32_t vector_control); +intvm_disable_pptdev_msix(struct vmctx *ctx, int bus, int slot, int func); intvm_get_intinfo(struct vmctx *ctx, int vcpu, uint64_t *i1, uint64_t *i2); intvm_set_intinfo(struct vmctx *ctx, int vcpu, uint64_t exit_intinfo); Modified: head/sys/amd64/include/vmm_dev.h == --- head/sys/amd64/include/vmm_dev.hTue Nov 24 22:52:12 2020 (r368002) +++ head/sys/amd64/include/vmm_dev.hTue Nov 24 23:18:52 2020 (r368003) @@ -301,6 +301,7 @@ enum { IOCNUM_MAP_PPTDEV_MMIO = 42, IOCNUM_PPTDEV_MSI = 43, IOCNUM_PPTDEV_MSIX = 44, + IOCNUM_PPTDEV_DISABLE_MSIX = 45, /* statistics */ IOCNUM_VM_STATS = 50, @@ -413,6 +414,8 @@ enum { _IOW('v', IOCNUM_PPTDEV_MSI, struct vm_pptdev_msi) #defineVM_PPTDEV_MSIX \ _IOW('v', IOCNUM_PPTDEV_MSIX, struct vm_pptdev_msix) +#defineVM_PPTDEV_DISABLE_MSIX \ + _IOW('v', IOCNUM_PPTDEV_DISABLE_MSIX, struct vm_pptdev) #define VM_INJECT_NMI \ _IOW('v', IOCNUM_INJECT_NMI, struct vm_nmi) #defineVM_STATS \ Modified: head/sys/amd64/vmm/io/ppt.c == --- head/sys/amd64/vmm/io/ppt.c Tue Nov 24 22:52:12 2020(r368002) +++ head/sys/amd64/vmm/io/ppt.c Tue Nov 24 23:18:52 2020(r368003) @@ -518,6 +518,10 @@ ppt_setup_msi(struct vm *vm, int vcpu, int bus, int sl if (ppt->vm != vm) /* Make sure we own this device */ return (EBUSY); + /* Reject attempts to enable MSI while MSI-X is active. */ + if (ppt->msix.num_msgs != 0 && numvec != 0) + return (EBUSY); + /* Free any allocated resources */ ppt_teardown_msi(ppt); @@ -607,6 +611,10 @@ ppt_setup_msix(struct vm *vm, int vcpu, int bus, int s
svn commit: r368002 - head
Author: jhb Date: Tue Nov 24 22:52:12 2020 New Revision: 368002 URL: https://svnweb.freebsd.org/changeset/base/368002 Log: Correct entries for manpages removed in r359374. Reported by: Yuri Pankov Sponsored by: Chelsio Communications Modified: head/ObsoleteFiles.inc Modified: head/ObsoleteFiles.inc == --- head/ObsoleteFiles.inc Tue Nov 24 22:43:27 2020(r368001) +++ head/ObsoleteFiles.inc Tue Nov 24 22:52:12 2020(r368002) @@ -914,9 +914,9 @@ OLD_FILES+=usr/share/man/man1/gdbserver.1.gz OLD_FILES+=usr/share/man/man1/kgdb.1.gz # 20200327: OCF refactoring -OLD_FILES+=usr/share/man/man9/crypto_find_driver.9 -OLD_FILES+=usr/share/man/man9/crypto_register.9 -OLD_FILES+=usr/share/man/man9/crypto_unregister.9 +OLD_FILES+=usr/share/man/man9/crypto_find_driver.9.gz +OLD_FILES+=usr/share/man/man9/crypto_register.9.gz +OLD_FILES+=usr/share/man/man9/crypto_unregister.9.gz # 20200323: INTERNALLIB don't install headers anymore OLD_FILES+=usr/include/libelftc.h ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367530 - in head/sys/netinet: . tcp_stacks
On 11/19/20 2:55 PM, John Baldwin wrote: > On 11/9/20 1:49 PM, Michael Tuexen wrote: >> Author: tuexen >> Date: Mon Nov 9 21:49:40 2020 >> New Revision: 367530 >> URL: https://svnweb.freebsd.org/changeset/base/367530 >> >> Log: >> RFC 7323 specifies that: >> * TCP segments without timestamps should be dropped when support for >> the timestamp option has been negotiated. >> * TCP segments with timestamps should be processed normally if support >> for the timestamp option has not been negotiated. >> This patch enforces the above. >> >> PR:250499 >> Reviewed by: gnn, rrs >> MFC after: 1 week >> Sponsored by: Netflix, Inc >> Differential Revision: https://reviews.freebsd.org/D27148 >> >> Modified: >> head/sys/netinet/tcp_input.c >> head/sys/netinet/tcp_stacks/bbr.c >> head/sys/netinet/tcp_stacks/rack.c >> head/sys/netinet/tcp_syncache.c >> head/sys/netinet/tcp_timewait.c >> >> Modified: head/sys/netinet/tcp_timewait.c >> == >> --- head/sys/netinet/tcp_timewait.c Mon Nov 9 21:19:17 2020 >> (r367529) >> +++ head/sys/netinet/tcp_timewait.c Mon Nov 9 21:49:40 2020 >> (r367530) >> @@ -376,7 +376,7 @@ tcp_twstart(struct tcpcb *tp) >> * looking for a pcb in the listen state. Returns 0 otherwise. >> */ >> int >> -tcp_twcheck(struct inpcb *inp, struct tcpopt *to __unused, struct tcphdr >> *th, >> +tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, >> struct mbuf *m, int tlen) >> { >> struct tcptw *tw; >> @@ -410,6 +410,16 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to __unu >> */ >> if (thflags & TH_RST) >> goto drop; >> + >> +/* >> + * If timestamps were negotiated during SYN/ACK and a >> + * segment without a timestamp is received, silently drop >> + * the segment. >> + * See section 3.2 of RFC 7323. >> + */ >> +if (((to->to_flags & TOF_TS) == 0) && (tw->t_recent != 0)) { >> +goto drop; >> +} > > This causes an insta-panic with TOE because toe_4tuple_check() passes in a > NULL > pointer for 'to'. I'm working on a fix for that, but perhaps wait to MFC > until > the fix is ready so they can be merged together? > > That said, TOE only calls this in the case that it has gotten a new SYN, so I > wonder if it makes sense to apply this check on a new SYN. For a new SYN, > shouldn't we not care if the new connection is using a different timestamp > option from the old connection? The language in RFC 7323 3.2 is all about > segments on an existing connection, not segments from a new connection I > think? > > That is, I think we should perhaps move this check after the TH_SYN check so > that a mismatch doesn't prevent recycling? Actually, we move the check below requiring TH_ACK, I think this would fix the TOE case and also DTRT for plain SYNs for non-TOE: diff --git a/sys/netinet/tcp_timewait.c b/sys/netinet/tcp_timewait.c index c52eab956303..85f1ccbe40f9 100644 --- a/sys/netinet/tcp_timewait.c +++ b/sys/netinet/tcp_timewait.c @@ -411,16 +411,6 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, if (thflags & TH_RST) goto drop; - /* -* If timestamps were negotiated during SYN/ACK and a -* segment without a timestamp is received, silently drop -* the segment. -* See section 3.2 of RFC 7323. -*/ - if (((to->to_flags & TOF_TS) == 0) && (tw->t_recent != 0)) { - goto drop; - } - #if 0 /* PAWS not needed at the moment */ /* @@ -455,6 +445,16 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, if ((thflags & TH_ACK) == 0) goto drop; + /* +* If timestamps were negotiated during SYN/ACK and a +* segment without a timestamp is received, silently drop +* the segment. +* See section 3.2 of RFC 7323. +*/ + if (((to->to_flags & TOF_TS) == 0) && (tw->t_recent != 0)) { + goto drop; + } + /* * Reset the 2MSL timer if this is a duplicate FIN. */ The commented out PAWS bits would also seem to not be relevant for SYN-only packets? However, I'm less sure of if that bit should be moved later as well. (Or perhaps it should just be removed. It has been #if 0'd since the timewait structure was first added back in 2003 by jlemon@) -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367530 - in head/sys/netinet: . tcp_stacks
On 11/9/20 1:49 PM, Michael Tuexen wrote: > Author: tuexen > Date: Mon Nov 9 21:49:40 2020 > New Revision: 367530 > URL: https://svnweb.freebsd.org/changeset/base/367530 > > Log: > RFC 7323 specifies that: > * TCP segments without timestamps should be dropped when support for > the timestamp option has been negotiated. > * TCP segments with timestamps should be processed normally if support > for the timestamp option has not been negotiated. > This patch enforces the above. > > PR: 250499 > Reviewed by:gnn, rrs > MFC after: 1 week > Sponsored by: Netflix, Inc > Differential Revision: https://reviews.freebsd.org/D27148 > > Modified: > head/sys/netinet/tcp_input.c > head/sys/netinet/tcp_stacks/bbr.c > head/sys/netinet/tcp_stacks/rack.c > head/sys/netinet/tcp_syncache.c > head/sys/netinet/tcp_timewait.c > > Modified: head/sys/netinet/tcp_timewait.c > == > --- head/sys/netinet/tcp_timewait.c Mon Nov 9 21:19:17 2020 > (r367529) > +++ head/sys/netinet/tcp_timewait.c Mon Nov 9 21:49:40 2020 > (r367530) > @@ -376,7 +376,7 @@ tcp_twstart(struct tcpcb *tp) > * looking for a pcb in the listen state. Returns 0 otherwise. > */ > int > -tcp_twcheck(struct inpcb *inp, struct tcpopt *to __unused, struct tcphdr *th, > +tcp_twcheck(struct inpcb *inp, struct tcpopt *to, struct tcphdr *th, > struct mbuf *m, int tlen) > { > struct tcptw *tw; > @@ -410,6 +410,16 @@ tcp_twcheck(struct inpcb *inp, struct tcpopt *to __unu >*/ > if (thflags & TH_RST) > goto drop; > + > + /* > + * If timestamps were negotiated during SYN/ACK and a > + * segment without a timestamp is received, silently drop > + * the segment. > + * See section 3.2 of RFC 7323. > + */ > + if (((to->to_flags & TOF_TS) == 0) && (tw->t_recent != 0)) { > + goto drop; > + } This causes an insta-panic with TOE because toe_4tuple_check() passes in a NULL pointer for 'to'. I'm working on a fix for that, but perhaps wait to MFC until the fix is ready so they can be merged together? That said, TOE only calls this in the case that it has gotten a new SYN, so I wonder if it makes sense to apply this check on a new SYN. For a new SYN, shouldn't we not care if the new connection is using a different timestamp option from the old connection? The language in RFC 7323 3.2 is all about segments on an existing connection, not segments from a new connection I think? That is, I think we should perhaps move this check after the TH_SYN check so that a mismatch doesn't prevent recycling? -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367695 - in head/sys: kern sys
On 11/18/20 8:52 PM, Mark Johnston wrote: > On Wed, Nov 18, 2020 at 03:37:36PM -0800, John Baldwin wrote: >> On 11/18/20 2:16 PM, Mateusz Guzik wrote: >>> On 11/17/20, John Baldwin wrote: >>>> On 11/14/20 11:22 AM, Mateusz Guzik wrote: >>> Interested parties can check the consumer (also seen in the diff) to >>> see this is for consistency. I don't think any comments are warranted >>> in the header. >> >> I did read the consumer, and there didn't seem tremendous value in the >> extra line there. >> >>>> These changes would benefit from review. >>>> >>> >>> I don't think it's feasible to ask for review for everything lest it >>> degardes to rubber stamping and I don't think this change warranted >>> it, regardless of the cosmetic issues which can always show up. >> >> That is not consistent with the direction the project is moving. If you >> check the commit logs of other high-volume committers such as markj@, >> kib@, or myself, you will find that a substantial number of those commits >> are reviewed (typically in phabricator) without preventing us from >> making useful progress. Also, while the previous core did not mandate >> reviews, we moved closer to it when the Pre-Commit Review chapter was >> added to the Committer's Guide: >> >> https://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/pre-commit-review.html >> >> In the related thread on developers@ we indicated that while weren't yet >> making pre-commit review mandatory, we collectively want to move in that >> direction. > > With regard to the future direction of src development, I would propose > a middle ground. Most, if not all, changes should get a Phabricator > review. There should be some minimum period between creation of that > review and a commit. The developer should make some effort to cc active > committers to the code. Some areas of the tree will have stricter > rules, but in general absence of feedback means that it's ok to commit. > Exceptions might apply to build fixes, etc.. This still imposes some > friction on the development process, but I have trouble seeing why > someone's contibution might be gated on their ability to commit at a > moment's notice. Mmm, I think I agree fully with this, and that perhaps the terminology is not clear as different folks have different perceptions of what "mandatory reviews" means perhaps. I know that some projects I work with have a fully "mandatory" requirement (OpenSSL seems to), and others have some exceptions (the "obvious" rule in FSF projects like GDB which the note in the committers guide does include a variant of). It is true though that in practice sometimes changes just time out due to lack of review (the OCF refactor is one of those in which I was able to get some partial review of some pieces or some of the concepts, but not the change as a whole). I do think we want to be in a place where we do at least seek review for most changes with an understanding that a change can "timeout" on review and be merged without always having review approval. > There are some technical issues around Phabricator that would need to be > ironed out before this is really doable. For me, the main one is that > email notifications are all-or-nothing: I would very much like to be > able to get email for each new review without automatically being > subscribed. That would indeed be interesting. In all of the Projects I've worked with using GH or e-mail, it does seem to be all-or-nothing if you are on the notify list. Hmm, looks like you can create a Herald rule to do this btw. Let's see if this works: https://reviews.freebsd.org/H138 -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367695 - in head/sys: kern sys
On 11/18/20 2:16 PM, Mateusz Guzik wrote: > On 11/17/20, John Baldwin wrote: >> On 11/14/20 11:22 AM, Mateusz Guzik wrote: > Interested parties can check the consumer (also seen in the diff) to > see this is for consistency. I don't think any comments are warranted > in the header. I did read the consumer, and there didn't seem tremendous value in the extra line there. >> These changes would benefit from review. >> > > I don't think it's feasible to ask for review for everything lest it > degardes to rubber stamping and I don't think this change warranted > it, regardless of the cosmetic issues which can always show up. That is not consistent with the direction the project is moving. If you check the commit logs of other high-volume committers such as markj@, kib@, or myself, you will find that a substantial number of those commits are reviewed (typically in phabricator) without preventing us from making useful progress. Also, while the previous core did not mandate reviews, we moved closer to it when the Pre-Commit Review chapter was added to the Committer's Guide: https://www.freebsd.org/doc/en_US.ISO8859-1/articles/committers-guide/pre-commit-review.html In the related thread on developers@ we indicated that while weren't yet making pre-commit review mandatory, we collectively want to move in that direction. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367806 - head/sys/kern
Author: jhb Date: Wed Nov 18 16:21:37 2020 New Revision: 367806 URL: https://svnweb.freebsd.org/changeset/base/367806 Log: Fix a few nits in vn_printf(). - Mask out recently added VV_* bits to avoid printing them twice. - Keep VI_LOCKed on the same line as the rest of the flags. Reviewed by: kib Obtained from:CheriBSD Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27261 Modified: head/sys/kern/vfs_subr.c Modified: head/sys/kern/vfs_subr.c == --- head/sys/kern/vfs_subr.cWed Nov 18 15:25:38 2020(r367805) +++ head/sys/kern/vfs_subr.cWed Nov 18 16:21:37 2020(r367806) @@ -4080,8 +4080,9 @@ vn_printf(struct vnode *vp, const char *fmt, ...) if (vp->v_vflag & VV_READLINK) strlcat(buf, "|VV_READLINK", sizeof(buf)); flags = vp->v_vflag & ~(VV_ROOT | VV_ISTTY | VV_NOSYNC | VV_ETERNALDEV | - VV_CACHEDLABEL | VV_COPYONWRITE | VV_SYSTEM | VV_PROCDEP | - VV_NOKNOTE | VV_DELETED | VV_MD | VV_FORCEINSMQ); + VV_CACHEDLABEL | VV_VMSIZEVNLOCK | VV_COPYONWRITE | VV_SYSTEM | + VV_PROCDEP | VV_NOKNOTE | VV_DELETED | VV_MD | VV_FORCEINSMQ | + VV_READLINK); if (flags != 0) { snprintf(buf2, sizeof(buf2), "|VV(0x%lx)", flags); strlcat(buf, buf2, sizeof(buf)); @@ -4109,9 +4110,10 @@ vn_printf(struct vnode *vp, const char *fmt, ...) snprintf(buf2, sizeof(buf2), "|VMP(0x%lx)", flags); strlcat(buf, buf2, sizeof(buf)); } - printf("flags (%s)\n", buf + 1); + printf("flags (%s)", buf + 1); if (mtx_owned(VI_MTX(vp))) printf(" VI_LOCKed"); + printf("\n"); if (vp->v_object != NULL) printf("v_object %p ref %d pages %d " "cleanbuf %d dirtybuf %d\n", ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367692 - head/sys/sys
On 11/17/20 2:37 PM, Warner Losh wrote: > On Tue, Nov 17, 2020 at 3:18 PM John Baldwin wrote: > >> On 11/14/20 2:34 PM, Warner Losh wrote: >>> true, but a version bump forces that and versions are cheap enough... >> >> Strictly speaking, version bumps don't force anything to recompile, they >> just ensure that newer modules won't load on older kernels. In this case, >> the change to sys/ucred.h will result in sys/ucred.h's mtime changing so >> that any kernel modules being built via NO_CLEAN=yes will rebuild ok. >> >> I'm not quite sure where this mantra that version bumps force rebuilds >> came from, but they don't. It's true that since it lives in >> and most things include that, it mostly forces a rebuild, but that's >> mostly a side effect, not due to explicit magic around __FreeBSD_version. >> > > It's more that modules stop loading when there's a version bump. This is > both good and bad. It's good when there's a legit, KBI change that's likely > to affect modules. This one seems on the edge. ZFS is affected, but most > drivers are not. > > It's bad when there's not really a problem since the last bump and you have > to rebuild your kernel + modules to be a matched set. For production, you > always want this, but sometimes you want to be able to run slightly newer > modules than the kernel and that's oftentimes OK because some bumps don't > affect KBI. To be clear, it only blocks loading modules newer than the running kernel. This still doesn't "force" recompilation in that nothing in the base build system (I'm not counting ports here, but things in src/sys) compares __FreeBSD_version values and forces a clean if there is a mismatch. Only header mtimes force rebuilds. That is, you build by hand instead of using buildkernel, or you go ahead and run 'make reinstallkernel' and then load, or run 'make installkernel' and then go mess with the sysctl to undo the changes to rewrite your module path so you can load an old module. If you build a kernel from your development tree and boot that, then the module will load fine (it's what I generally do except in cases where I'm already running a kernel from said tree and have a module I can unload/load in which case I do the reinstallkernel route). -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367692 - head/sys/sys
On 11/14/20 2:34 PM, Warner Losh wrote: > true, but a version bump forces that and versions are cheap enough... Strictly speaking, version bumps don't force anything to recompile, they just ensure that newer modules won't load on older kernels. In this case, the change to sys/ucred.h will result in sys/ucred.h's mtime changing so that any kernel modules being built via NO_CLEAN=yes will rebuild ok. I'm not quite sure where this mantra that version bumps force rebuilds came from, but they don't. It's true that since it lives in and most things include that, it mostly forces a rebuild, but that's mostly a side effect, not due to explicit magic around __FreeBSD_version. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367695 - in head/sys: kern sys
On 11/14/20 11:22 AM, Mateusz Guzik wrote: > Author: mjg > Date: Sat Nov 14 19:22:02 2020 > New Revision: 367695 > URL: https://svnweb.freebsd.org/changeset/base/367695 > > Log: > thread: batch credential freeing > > Modified: > head/sys/kern/kern_prot.c > head/sys/kern/kern_thread.c > head/sys/sys/ucred.h > > Modified: head/sys/kern/kern_prot.c > == > --- head/sys/kern/kern_prot.c Sat Nov 14 19:21:46 2020(r367694) > +++ head/sys/kern/kern_prot.c Sat Nov 14 19:22:02 2020(r367695) > @@ -2007,6 +2071,17 @@ crfree(struct ucred *cr) > mtx_unlock(>cr_mtx); > return; > } > + crfree_final(cr); > +} > + > +static void > +crfree_final(struct ucred *cr) > +{ > + > + KASSERT(cr->cr_users == 0, ("%s: users %d not == 0 on cred %p", > + __func__, cr->cr_users, cr)); > + KASSERT(cr->cr_ref == 0, ("%s: ref %d not == 0 on cred %p", > + __func__, cr->cr_ref, cr)); > /* Please add blank lines before comments. It's in style(9) and I've noticed a pattern in your changes of not including them. > Modified: head/sys/sys/ucred.h > == > --- head/sys/sys/ucred.h Sat Nov 14 19:21:46 2020(r367694) > +++ head/sys/sys/ucred.h Sat Nov 14 19:22:02 2020(r367695) > @@ -114,6 +114,28 @@ struct xucred { > struct proc; > struct thread; > > +struct credbatch { > + struct ucred *cred; > + int users; > + int ref; > +}; > + > +static inline void > +credbatch_prep(struct credbatch *crb) > +{ > + crb->cred = NULL; > + crb->users = 0; > + crb->ref = 0; > +} > +void credbatch_add(struct credbatch *crb, struct thread *td); > +static inline void > +credbatch_process(struct credbatch *crb) > +{ > + > +} > +void credbatch_add(struct credbatch *crb, struct thread *td); > +void credbatch_final(struct credbatch *crb); > + Do not mix prototypes and inlines, especially without spaces around the prototype in the middle. Also, the kernel uses __inline rather than inline (for better or for worse). Better would be: static __inline void credbatch_prep() { ... } static __inline void credbatch_process() { ... } void credbatch_add(); void credbatch_final(); It seems you just have a duplicate credbatch_add() in fact. Also, why have an empty inline function? These changes would benefit from review. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
Re: svn commit: r367694 - in head/sys: kern sys
On 11/14/20 11:21 AM, Mateusz Guzik wrote: > Author: mjg > Date: Sat Nov 14 19:21:46 2020 > New Revision: 367694 > URL: https://svnweb.freebsd.org/changeset/base/367694 > > Log: > thread: batch resource limit free calls > > Modified: > head/sys/kern/kern_resource.c > head/sys/kern/kern_thread.c > head/sys/sys/resourcevar.h > > Modified: head/sys/kern/kern_resource.c > == > --- head/sys/kern/kern_resource.c Sat Nov 14 19:20:58 2020 > (r367693) > +++ head/sys/kern/kern_resource.c Sat Nov 14 19:21:46 2020 > (r367694) > @@ -1236,6 +1236,14 @@ lim_free(struct plimit *limp) > free((void *)limp, M_PLIMIT); > } > > +void > +lim_freen(struct plimit *limp, int n) > +{ > + > + if (refcount_releasen(>pl_refcnt, n)) > + free((void *)limp, M_PLIMIT); You don't need this cast. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367578 - head/sys/dev/cxgbe/tom
Author: jhb Date: Tue Nov 10 19:54:39 2020 New Revision: 367578 URL: https://svnweb.freebsd.org/changeset/base/367578 Log: Clear tp->tod in t4_pcb_detach(). Otherwise, a socket can have a non-NULL tp->tod while TF_TOE is clear. In particular, if a newly accepted socket falls back to non-TOE due to an active open failure, the non-TOE socket will still have tp->tod set even though TF_TOE is clear. Reviewed by: np MFC after:2 weeks Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27028 Modified: head/sys/dev/cxgbe/tom/t4_tom.c Modified: head/sys/dev/cxgbe/tom/t4_tom.c == --- head/sys/dev/cxgbe/tom/t4_tom.c Tue Nov 10 19:15:13 2020 (r367577) +++ head/sys/dev/cxgbe/tom/t4_tom.c Tue Nov 10 19:54:39 2020 (r367578) @@ -382,6 +382,7 @@ t4_pcb_detach(struct toedev *tod __unused, struct tcpc } #endif + tp->tod = NULL; tp->t_toe = NULL; tp->t_flags &= ~TF_TOE; toep->flags &= ~TPF_ATTACHED; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367576 - in head/lib/csu/tests: . dynamic dynamicpie
Author: jhb Date: Tue Nov 10 19:09:35 2020 New Revision: 367576 URL: https://svnweb.freebsd.org/changeset/base/367576 Log: Add C startup code tests for PIE binaries. - Force dynamic to be a non-PIE binary. - Add a dynamicpie test which uses a PIE binary. Reviewed by: andrew Obtained from:CheriBSD MFC after:2 weeks Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27127 Added: head/lib/csu/tests/dynamicpie/ head/lib/csu/tests/dynamicpie/Makefile - copied, changed from r367573, head/lib/csu/tests/dynamic/Makefile Modified: head/lib/csu/tests/Makefile head/lib/csu/tests/dynamic/Makefile Modified: head/lib/csu/tests/Makefile == --- head/lib/csu/tests/Makefile Tue Nov 10 19:07:30 2020(r367575) +++ head/lib/csu/tests/Makefile Tue Nov 10 19:09:35 2020(r367576) @@ -3,6 +3,7 @@ SUBDIR=dso TESTS_SUBDIRS= dynamic TESTS_SUBDIRS+=dynamiclib +TESTS_SUBDIRS+=dynamicpie TESTS_SUBDIRS+=static SUBDIR_DEPEND_dynamiclib=dso Modified: head/lib/csu/tests/dynamic/Makefile == --- head/lib/csu/tests/dynamic/Makefile Tue Nov 10 19:07:30 2020 (r367575) +++ head/lib/csu/tests/dynamic/Makefile Tue Nov 10 19:09:35 2020 (r367576) @@ -2,5 +2,8 @@ .PATH: ${.CURDIR:H} +.include +MK_PIE=no + .include "../Makefile.tests" .include Copied and modified: head/lib/csu/tests/dynamicpie/Makefile (from r367573, head/lib/csu/tests/dynamic/Makefile) == --- head/lib/csu/tests/dynamic/Makefile Tue Nov 10 18:12:09 2020 (r367573, copy source) +++ head/lib/csu/tests/dynamicpie/Makefile Tue Nov 10 19:09:35 2020 (r367576) @@ -2,5 +2,8 @@ .PATH: ${.CURDIR:H} +.include +MK_PIE=yes + .include "../Makefile.tests" .include ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367575 - head/lib/csu/tests
Author: jhb Date: Tue Nov 10 19:07:30 2020 New Revision: 367575 URL: https://svnweb.freebsd.org/changeset/base/367575 Log: Fix dso_handle_check for PIE executables. PIE executables use crtbeginS.o and have a non-NULL dso_handle as a result. Reviewed by: andrew, emaste MFC after:2 weeks Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27126 Modified: head/lib/csu/tests/fini_test.c Modified: head/lib/csu/tests/fini_test.c == --- head/lib/csu/tests/fini_test.c Tue Nov 10 19:04:54 2020 (r367574) +++ head/lib/csu/tests/fini_test.c Tue Nov 10 19:07:30 2020 (r367575) @@ -141,9 +141,9 @@ dso_handle_check(void) { void *dso = __dso_handle; -#ifdef DSO_LIB +#if defined(DSO_LIB) || defined(__PIE__) ATF_REQUIRE_MSG(dso != NULL, - "Null __dso_handle in DSO"); + "Null __dso_handle in DSO/PIE"); #else ATF_REQUIRE_MSG(dso == NULL, "Invalid __dso_handle in non-DSO"); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367574 - head/lib/csu/common
Author: jhb Date: Tue Nov 10 19:04:54 2020 New Revision: 367574 URL: https://svnweb.freebsd.org/changeset/base/367574 Log: Rename __JCR_LIST__ to __JCR_END__ in crtend.c. This is more consistent with the names used for .ctor and .dtor symbols and better reflects __JCR_END__'s role. Reviewed by: andrew Obtained from:CheriBSD MFC after:2 weeks Sponsored by: DARPA Differential Revision:https://reviews.freebsd.org/D27125 Modified: head/lib/csu/common/crtend.c Modified: head/lib/csu/common/crtend.c == --- head/lib/csu/common/crtend.cTue Nov 10 18:12:09 2020 (r367573) +++ head/lib/csu/common/crtend.cTue Nov 10 19:04:54 2020 (r367574) @@ -28,7 +28,7 @@ __FBSDID("$FreeBSD$"); typedef void (*crt_func)(void); -static crt_func __JCR_LIST__[] __section(".jcr") __used = { +static crt_func __JCR_END__[] __section(".jcr") __used = { (crt_func)0 }; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367449 - in stable: 11/sys/kern 12/sys/kern
Author: jhb Date: Sat Nov 7 16:20:37 2020 New Revision: 367449 URL: https://svnweb.freebsd.org/changeset/base/367449 Log: MFC 366296: Avoid a dubious assignment to bio_data in aio_qbio(). A user pointer is not a suitable value for bio_data and the next block of code always overwrites bio_data anyway. Just use cb->aio_buf directly in the call to vm_fault_quick_hold_pages(). Modified: stable/12/sys/kern/vfs_aio.c Directory Properties: stable/12/ (props changed) Changes in other areas also in this revision: Modified: stable/11/sys/kern/vfs_aio.c Directory Properties: stable/11/ (props changed) Modified: stable/12/sys/kern/vfs_aio.c == --- stable/12/sys/kern/vfs_aio.cSat Nov 7 15:38:01 2020 (r367448) +++ stable/12/sys/kern/vfs_aio.cSat Nov 7 16:20:37 2020 (r367449) @@ -1278,7 +1278,6 @@ aio_qbio(struct proc *p, struct kaiocb *job) bp->bio_length = cb->aio_nbytes; bp->bio_bcount = cb->aio_nbytes; bp->bio_done = aio_biowakeup; - bp->bio_data = (void *)(uintptr_t)cb->aio_buf; bp->bio_offset = cb->aio_offset; bp->bio_cmd = cb->aio_lio_opcode == LIO_WRITE ? BIO_WRITE : BIO_READ; bp->bio_dev = dev; @@ -1288,7 +1287,7 @@ aio_qbio(struct proc *p, struct kaiocb *job) if (cb->aio_lio_opcode == LIO_READ) prot |= VM_PROT_WRITE; /* Less backwards than it looks */ job->npages = vm_fault_quick_hold_pages(>p_vmspace->vm_map, - (vm_offset_t)bp->bio_data, bp->bio_length, prot, job->pages, + (vm_offset_t)cb->aio_buf, bp->bio_length, prot, job->pages, nitems(job->pages)); if (job->npages < 0) { error = EFAULT; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367449 - in stable: 11/sys/kern 12/sys/kern
Author: jhb Date: Sat Nov 7 16:20:37 2020 New Revision: 367449 URL: https://svnweb.freebsd.org/changeset/base/367449 Log: MFC 366296: Avoid a dubious assignment to bio_data in aio_qbio(). A user pointer is not a suitable value for bio_data and the next block of code always overwrites bio_data anyway. Just use cb->aio_buf directly in the call to vm_fault_quick_hold_pages(). Modified: stable/11/sys/kern/vfs_aio.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/sys/kern/vfs_aio.c Directory Properties: stable/12/ (props changed) Modified: stable/11/sys/kern/vfs_aio.c == --- stable/11/sys/kern/vfs_aio.cSat Nov 7 15:38:01 2020 (r367448) +++ stable/11/sys/kern/vfs_aio.cSat Nov 7 16:20:37 2020 (r367449) @@ -1280,7 +1280,6 @@ aio_qbio(struct proc *p, struct kaiocb *job) bp->bio_length = cb->aio_nbytes; bp->bio_bcount = cb->aio_nbytes; bp->bio_done = aio_biowakeup; - bp->bio_data = (void *)(uintptr_t)cb->aio_buf; bp->bio_offset = cb->aio_offset; bp->bio_cmd = cb->aio_lio_opcode == LIO_WRITE ? BIO_WRITE : BIO_READ; bp->bio_dev = dev; @@ -1290,7 +1289,7 @@ aio_qbio(struct proc *p, struct kaiocb *job) if (cb->aio_lio_opcode == LIO_READ) prot |= VM_PROT_WRITE; /* Less backwards than it looks */ job->npages = vm_fault_quick_hold_pages(>p_vmspace->vm_map, - (vm_offset_t)bp->bio_data, bp->bio_length, prot, job->pages, + (vm_offset_t)cb->aio_buf, bp->bio_length, prot, job->pages, nitems(job->pages)); if (job->npages < 0) { error = EFAULT; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367437 - head/share/man/man4
Author: jhb Date: Fri Nov 6 23:37:59 2020 New Revision: 367437 URL: https://svnweb.freebsd.org/changeset/base/367437 Log: Update copies of ioctl structures to match recent changes in head. - Update for C99 types and void pointers. - Update example algorithms to not use removed algorithms. Modified: head/share/man/man4/crypto.4 Modified: head/share/man/man4/crypto.4 == --- head/share/man/man4/crypto.4Fri Nov 6 22:58:31 2020 (r367436) +++ head/share/man/man4/crypto.4Fri Nov 6 23:37:59 2020 (r367437) @@ -60,7 +60,7 @@ .\" .\" $FreeBSD$ .\" -.Dd October 19, 2020 +.Dd November 6, 2020 .Dt CRYPTO 4 .Os .Sh NAME @@ -209,15 +209,15 @@ is returned. .It Dv CIOCGSESSION Fa struct session_op *sessp .Bd -literal struct session_op { -u_int32_t cipher; /* e.g. CRYPTO_DES_CBC */ -u_int32_t mac; /* e.g. CRYPTO_MD5_HMAC */ +uint32_t cipher; /* e.g. CRYPTO_AES_CBC */ +uint32_t mac; /* e.g. CRYPTO_SHA2_256_HMAC */ -u_int32_t keylen; /* cipher key */ +uint32_t keylen; /* cipher key */ const void *key; int mackeylen; /* mac key */ const void *mackey; -u_int32_t ses; /* returns: ses # */ +uint32_t ses; /* returns: ses # */ }; .Ed @@ -267,15 +267,15 @@ stand-alone non-fused operation. .It Dv CIOCGSESSION2 Fa struct session2_op *sessp .Bd -literal struct session2_op { -u_int32_t cipher; /* e.g. CRYPTO_DES_CBC */ -u_int32_t mac; /* e.g. CRYPTO_MD5_HMAC */ +uint32_t cipher; /* e.g. CRYPTO_AES_CBC */ +uint32_t mac; /* e.g. CRYPTO_SHA2_256_HMAC */ -u_int32_t keylen; /* cipher key */ +uint32_t keylen; /* cipher key */ const void *key; int mackeylen; /* mac key */ const void *mackey; -u_int32_t ses; /* returns: ses # */ +uint32_t ses; /* returns: ses # */ intcrid; /* driver id + flags (rw) */ intpad[4]; /* for future expansion */ }; @@ -291,13 +291,14 @@ field must be initialized to zero. .It Dv CIOCCRYPT Fa struct crypt_op *cr_op .Bd -literal struct crypt_op { -u_int32_t ses; -u_int16_t op; /* e.g. COP_ENCRYPT */ -u_int16_t flags; +uint32_t ses; +uint16_t op; /* e.g. COP_ENCRYPT */ +uint16_t flags; u_int len; -caddr_t src, dst; -caddr_t mac; /* must be large enough for result */ -caddr_t iv; +const void *src; +void *dst; +void *mac; /* must be large enough for result */ +const void *iv; }; .Ed @@ -330,16 +331,17 @@ and the output buffer will remain unchanged. .It Dv CIOCCRYPTAEAD Fa struct crypt_aead *cr_aead .Bd -literal struct crypt_aead { -u_int32_t ses; -u_int16_t op; /* e.g. COP_ENCRYPT */ -u_int16_t flags; +uint32_t ses; +uint16_t op; /* e.g. COP_ENCRYPT */ +uint16_t flags; u_int len; u_int aadlen; u_int ivlen; -caddr_t src, dst; -caddr_t aad; -caddr_t tag; /* must be large enough for result */ -caddr_t iv; +const void *src; +void *dst; +const void *aad; /* additional authenticated data */ +void *tag; /* must fit for chosen TAG length */ +const void *iv; }; .Ed ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367426 - head/sys/opencrypto
Author: jhb Date: Fri Nov 6 18:09:52 2020 New Revision: 367426 URL: https://svnweb.freebsd.org/changeset/base/367426 Log: Use void * in place of caddr_t. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27065 Modified: head/sys/opencrypto/cryptodev.h Modified: head/sys/opencrypto/cryptodev.h == --- head/sys/opencrypto/cryptodev.h Fri Nov 6 18:05:29 2020 (r367425) +++ head/sys/opencrypto/cryptodev.h Fri Nov 6 18:09:52 2020 (r367426) @@ -220,9 +220,9 @@ struct session_op { uint32_tmac;/* ie. CRYPTO_SHA2_256_HMAC */ uint32_tkeylen; /* cipher key */ - c_caddr_t key; + const void *key; int mackeylen; /* mac key */ - c_caddr_t mackey; + const void *mackey; uint32_tses;/* returns: session # */ }; @@ -237,9 +237,9 @@ struct session2_op { uint32_tmac;/* ie. CRYPTO_SHA2_256_HMAC */ uint32_tkeylen; /* cipher key */ - c_caddr_t key; + const void *key; int mackeylen; /* mac key */ - c_caddr_t mackey; + const void *mackey; uint32_tses;/* returns: session # */ int crid; /* driver id + flags (rw) */ @@ -255,10 +255,10 @@ struct crypt_op { #defineCOP_F_CIPHER_FIRST 0x0001 /* Cipher before MAC. */ #defineCOP_F_BATCH 0x0008 /* Batch op if possible */ u_int len; - c_caddr_t src;/* become iov[] inside kernel */ - caddr_t dst; - caddr_t mac;/* must be big enough for chosen MAC */ - c_caddr_t iv; + const void *src; /* become iov[] inside kernel */ + void*dst; + void*mac; /* must be big enough for chosen MAC */ + const void *iv; }; /* op and flags the same as crypt_op */ @@ -269,11 +269,11 @@ struct crypt_aead { u_int len; u_int aadlen; u_int ivlen; - c_caddr_t src;/* become iov[] inside kernel */ - caddr_t dst; - c_caddr_t aad;/* additional authenticated data */ - caddr_t tag;/* must fit for chosen TAG length */ - c_caddr_t iv; + const void *src; /* become iov[] inside kernel */ + void*dst; + const void *aad; /* additional authenticated data */ + void*tag; /* must fit for chosen TAG length */ + const void *iv; }; /* @@ -288,7 +288,7 @@ struct crypt_find_op { /* bignum parameter, in packed bytes, ... */ struct crparam { - caddr_t crp_p; + void*crp_p; u_int crp_nbits; }; ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367425 - head/sys/opencrypto
Author: jhb Date: Fri Nov 6 18:05:29 2020 New Revision: 367425 URL: https://svnweb.freebsd.org/changeset/base/367425 Log: Group session management routines together before first use. - Rename cse*() to cse_*() to more closely match other local APIs in this file. - Merge the old csecreate() into cryptodev_create_session() and rename the new function to cse_create(). Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27070 Modified: head/sys/opencrypto/cryptodev.c Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Fri Nov 6 17:52:04 2020 (r367424) +++ head/sys/opencrypto/cryptodev.c Fri Nov 6 18:05:29 2020 (r367425) @@ -374,13 +374,6 @@ static struct fileops cryptofops = { .fo_fill_kinfo = cryptof_fill_kinfo, }; -static struct csession *csefind(struct fcrypt *, u_int); -static bool csedelete(struct fcrypt *, u_int); -static struct csession *csecreate(struct fcrypt *, crypto_session_t, -struct crypto_session_params *, struct enc_xform *, void *, -struct auth_hash *, void *); -static void csefree(struct csession *); - /* * Check a crypto identifier to see if it requested * a software device/driver. This can be done either @@ -409,7 +402,7 @@ checkforsoftware(int *cridp) } static int -cryptodev_create_session(struct fcrypt *fcr, struct session2_op *sop) +cse_create(struct fcrypt *fcr, struct session2_op *sop) { struct crypto_session_params csp; struct csession *cse; @@ -685,15 +678,27 @@ cryptodev_create_session(struct fcrypt *fcr, struct se goto bail; } - cse = csecreate(fcr, cses, , txform, key, thash, mackey); + cse = malloc(sizeof(struct csession), M_XDATA, M_WAITOK | M_ZERO); + mtx_init(>lock, "cryptodev", "crypto session lock", MTX_DEF); + refcount_init(>refs, 1); + cse->key = key; + cse->mackey = mackey; + cse->mode = csp.csp_mode; + cse->cses = cses; + cse->txform = txform; + if (thash != NULL) + cse->hashsize = thash->hashsize; + else if (csp.csp_cipher_alg == CRYPTO_AES_NIST_GCM_16) + cse->hashsize = AES_GMAC_HASH_LEN; + else if (csp.csp_cipher_alg == CRYPTO_AES_CCM_16) + cse->hashsize = AES_CBC_MAC_HASH_LEN; + cse->ivsize = csp.csp_ivlen; - if (cse == NULL) { - crypto_freesession(cses); - error = EINVAL; - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - CRYPTDEB("csecreate"); - goto bail; - } + mtx_lock(>lock); + TAILQ_INSERT_TAIL(>csessions, cse, next); + cse->ses = fcr->sesn++; + mtx_unlock(>lock); + sop->ses = cse->ses; /* return hardware/driver id */ @@ -706,6 +711,56 @@ bail: return (error); } +static struct csession * +cse_find(struct fcrypt *fcr, u_int ses) +{ + struct csession *cse; + + mtx_lock(>lock); + TAILQ_FOREACH(cse, >csessions, next) { + if (cse->ses == ses) { + refcount_acquire(>refs); + mtx_unlock(>lock); + return (cse); + } + } + mtx_unlock(>lock); + return (NULL); +} + +static void +cse_free(struct csession *cse) +{ + + if (!refcount_release(>refs)) + return; + crypto_freesession(cse->cses); + mtx_destroy(>lock); + if (cse->key) + free(cse->key, M_XDATA); + if (cse->mackey) + free(cse->mackey, M_XDATA); + free(cse, M_XDATA); +} + +static bool +cse_delete(struct fcrypt *fcr, u_int ses) +{ + struct csession *cse; + + mtx_lock(>lock); + TAILQ_FOREACH(cse, >csessions, next) { + if (cse->ses == ses) { + TAILQ_REMOVE(>csessions, cse, next); + mtx_unlock(>lock); + cse_free(cse); + return (true); + } + } + mtx_unlock(>lock); + return (false); +} + static struct cryptop_data * cod_alloc(struct csession *cse, size_t aad_len, size_t len, struct thread *td) { @@ -1383,26 +1438,26 @@ cryptof_ioctl(struct file *fp, u_long cmd, void *data, } else sop = (struct session2_op *)data; - error = cryptodev_create_session(fcr, sop); + error = cse_create(fcr, sop); if (cmd == CIOCGSESSION && error == 0) session2_op_to_op(sop, data); break; case CIOCFSESSION: ses = *(uint32_t *)data; - if (!csedelete(fcr, ses)) { + if (!cse_delete(fcr, ses)) { SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__);
svn commit: r367424 - in stable/12/sys: amd64/amd64 x86/include
Author: jhb Date: Fri Nov 6 17:52:04 2020 New Revision: 367424 URL: https://svnweb.freebsd.org/changeset/base/367424 Log: MFC 365642: Add constant for the DE_CFG MSR on AMD CPUs. Modified: stable/12/sys/amd64/amd64/initcpu.c stable/12/sys/x86/include/specialreg.h Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/amd64/amd64/initcpu.c == --- stable/12/sys/amd64/amd64/initcpu.c Fri Nov 6 16:33:42 2020 (r367423) +++ stable/12/sys/amd64/amd64/initcpu.c Fri Nov 6 17:52:04 2020 (r367424) @@ -103,7 +103,7 @@ init_amd(void) case 0x10: case 0x12: if ((cpu_feature2 & CPUID2_HV) == 0) - wrmsr(0xc0011029, rdmsr(0xc0011029) | 1); + wrmsr(MSR_DE_CFG, rdmsr(MSR_DE_CFG) | 1); break; } @@ -152,9 +152,9 @@ init_amd(void) if (CPUID_TO_FAMILY(cpu_id) == 0x17 && CPUID_TO_MODEL(cpu_id) == 0x1 && (cpu_feature2 & CPUID2_HV) == 0) { /* 1021 */ - msr = rdmsr(0xc0011029); + msr = rdmsr(MSR_DE_CFG); msr |= 0x2000; - wrmsr(0xc0011029, msr); + wrmsr(MSR_DE_CFG, msr); /* 1033 */ msr = rdmsr(MSR_LS_CFG); Modified: stable/12/sys/x86/include/specialreg.h == --- stable/12/sys/x86/include/specialreg.h Fri Nov 6 16:33:42 2020 (r367423) +++ stable/12/sys/x86/include/specialreg.h Fri Nov 6 17:52:04 2020 (r367424) @@ -1091,6 +1091,7 @@ #defineMSR_EXTFEATURES 0xc0011005 /* Extended CPUID Features override */ #defineMSR_LS_CFG 0xc0011020 #defineMSR_IC_CFG 0xc0011021 /* Instruction Cache Configuration */ +#defineMSR_DE_CFG 0xc0011029 /* Decode Configuration */ /* MSR_VM_CR related */ #defineVM_CR_SVMDIS0x10/* SVM: disabled by BIOS */ ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367410 - head/sys/opencrypto
Author: jhb Date: Fri Nov 6 00:15:52 2020 New Revision: 367410 URL: https://svnweb.freebsd.org/changeset/base/367410 Log: Move cryptof_ioctl() below the routines it calls. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27069 Modified: head/sys/opencrypto/cryptodev.c Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Fri Nov 6 00:10:58 2020 (r367409) +++ head/sys/opencrypto/cryptodev.c Fri Nov 6 00:15:52 2020 (r367410) @@ -381,13 +381,6 @@ static struct csession *csecreate(struct fcrypt *, cry struct auth_hash *, void *); static void csefree(struct csession *); -static int cryptodev_op(struct csession *, const struct crypt_op *, -struct ucred *, struct thread *); -static int cryptodev_aead(struct csession *, struct crypt_aead *, -struct ucred *, struct thread *); -static int cryptodev_key(struct crypt_kop *); -static int cryptodev_find(struct crypt_find_op *); - /* * Check a crypto identifier to see if it requested * a software device/driver. This can be done either @@ -713,194 +706,6 @@ bail: return (error); } -/* ARGSUSED */ -static int -cryptof_ioctl(struct file *fp, u_long cmd, void *data, -struct ucred *active_cred, struct thread *td) -{ - static struct timeval keywarn, featwarn; - struct fcrypt *fcr = fp->f_data; - struct csession *cse; - struct session2_op *sop; - struct crypt_op *cop; - struct crypt_aead *caead; - struct crypt_kop *kop; - uint32_t ses; - int error = 0; - union { - struct session2_op sopc; -#ifdef COMPAT_FREEBSD32 - struct crypt_op copc; - struct crypt_aead aeadc; - struct crypt_kop kopc; -#endif - } thunk; -#ifdef COMPAT_FREEBSD32 - u_long cmd32; - void *data32; - - cmd32 = 0; - data32 = NULL; - switch (cmd) { - case CIOCGSESSION32: - cmd32 = cmd; - data32 = data; - cmd = CIOCGSESSION; - data = - session_op_from_32((struct session_op32 *)data32, ); - break; - case CIOCGSESSION232: - cmd32 = cmd; - data32 = data; - cmd = CIOCGSESSION2; - data = - session2_op_from_32((struct session2_op32 *)data32, - ); - break; - case CIOCCRYPT32: - cmd32 = cmd; - data32 = data; - cmd = CIOCCRYPT; - data = - crypt_op_from_32((struct crypt_op32 *)data32, ); - break; - case CIOCCRYPTAEAD32: - cmd32 = cmd; - data32 = data; - cmd = CIOCCRYPTAEAD; - data = - crypt_aead_from_32((struct crypt_aead32 *)data32, ); - break; - case CIOCKEY32: - case CIOCKEY232: - cmd32 = cmd; - data32 = data; - if (cmd == CIOCKEY32) - cmd = CIOCKEY; - else - cmd = CIOCKEY2; - data = - crypt_kop_from_32((struct crypt_kop32 *)data32, ); - break; - } -#endif - - switch (cmd) { - case CIOCGSESSION: - case CIOCGSESSION2: - if (cmd == CIOCGSESSION) { - session2_op_from_op(data, ); - sop = - } else - sop = (struct session2_op *)data; - - error = cryptodev_create_session(fcr, sop); - if (cmd == CIOCGSESSION && error == 0) - session2_op_to_op(sop, data); - break; - case CIOCFSESSION: - ses = *(uint32_t *)data; - if (!csedelete(fcr, ses)) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - } - break; - case CIOCCRYPT: - cop = (struct crypt_op *)data; - cse = csefind(fcr, cop->ses); - if (cse == NULL) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EINVAL); - } - error = cryptodev_op(cse, cop, active_cred, td); - csefree(cse); - break; - case CIOCKEY: - case CIOCKEY2: - if (ratecheck(, )) - gone_in(14, - "Asymmetric crypto operations via /dev/crypto"); - - if (!crypto_userasymcrypto) { - SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); - return (EPERM); /* XXX compat? */ - } -
svn commit: r367409 - head/sys/opencrypto
Author: jhb Date: Fri Nov 6 00:10:58 2020 New Revision: 367409 URL: https://svnweb.freebsd.org/changeset/base/367409 Log: Split logic to create new sessions into a separate function. This simplifies cryptof_ioctl as it now a wrapper around functions that contain the bulk of the per-ioctl logic. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27068 Modified: head/sys/opencrypto/cryptodev.c Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Fri Nov 6 00:07:46 2020 (r367408) +++ head/sys/opencrypto/cryptodev.c Fri Nov 6 00:10:58 2020 (r367409) @@ -415,26 +415,318 @@ checkforsoftware(int *cridp) return 0; } +static int +cryptodev_create_session(struct fcrypt *fcr, struct session2_op *sop) +{ + struct crypto_session_params csp; + struct csession *cse; + struct enc_xform *txform; + struct auth_hash *thash; + void *key = NULL; + void *mackey = NULL; + crypto_session_t cses; + int crid, error; + + switch (sop->cipher) { + case 0: + txform = NULL; + break; + case CRYPTO_AES_CBC: + txform = _xform_rijndael128; + break; + case CRYPTO_AES_XTS: + txform = _xform_aes_xts; + break; + case CRYPTO_NULL_CBC: + txform = _xform_null; + break; + case CRYPTO_CAMELLIA_CBC: + txform = _xform_camellia; + break; + case CRYPTO_AES_ICM: + txform = _xform_aes_icm; + break; + case CRYPTO_AES_NIST_GCM_16: + txform = _xform_aes_nist_gcm; + break; + case CRYPTO_CHACHA20: + txform = _xform_chacha20; + break; + case CRYPTO_AES_CCM_16: + txform = _xform_ccm; + break; + default: + CRYPTDEB("invalid cipher"); + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + return (EINVAL); + } + + switch (sop->mac) { + case 0: + thash = NULL; + break; + case CRYPTO_POLY1305: + thash = _hash_poly1305; + break; + case CRYPTO_SHA1_HMAC: + thash = _hash_hmac_sha1; + break; + case CRYPTO_SHA2_224_HMAC: + thash = _hash_hmac_sha2_224; + break; + case CRYPTO_SHA2_256_HMAC: + thash = _hash_hmac_sha2_256; + break; + case CRYPTO_SHA2_384_HMAC: + thash = _hash_hmac_sha2_384; + break; + case CRYPTO_SHA2_512_HMAC: + thash = _hash_hmac_sha2_512; + break; + case CRYPTO_RIPEMD160_HMAC: + thash = _hash_hmac_ripemd_160; + break; +#ifdef COMPAT_FREEBSD12 + case CRYPTO_AES_128_NIST_GMAC: + case CRYPTO_AES_192_NIST_GMAC: + case CRYPTO_AES_256_NIST_GMAC: + /* Should always be paired with GCM. */ + if (sop->cipher != CRYPTO_AES_NIST_GCM_16) { + CRYPTDEB("GMAC without GCM"); + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + return (EINVAL); + } + break; +#endif + case CRYPTO_AES_NIST_GMAC: + switch (sop->mackeylen * 8) { + case 128: + thash = _hash_nist_gmac_aes_128; + break; + case 192: + thash = _hash_nist_gmac_aes_192; + break; + case 256: + thash = _hash_nist_gmac_aes_256; + break; + default: + CRYPTDEB("invalid GMAC key length"); + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + return (EINVAL); + } + break; + case CRYPTO_AES_CCM_CBC_MAC: + switch (sop->mackeylen) { + case 16: + thash = _hash_ccm_cbc_mac_128; + break; + case 24: + thash = _hash_ccm_cbc_mac_192; + break; + case 32: + thash = _hash_ccm_cbc_mac_256; + break; + default: + CRYPTDEB("Invalid CBC MAC key size %d", sop->keylen); + SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); + return (EINVAL); + } + break; + case CRYPTO_SHA1: + thash = _hash_sha1; + break; + case CRYPTO_SHA2_224: + thash =
svn commit: r367408 - in stable: 11/usr.sbin/bhyvectl 12/usr.sbin/bhyvectl
Author: jhb Date: Fri Nov 6 00:07:46 2020 New Revision: 367408 URL: https://svnweb.freebsd.org/changeset/base/367408 Log: MFC 365842,365844: Remove support for setting some obscure fields. 365842: Remove support for setting some obscure fields. Don't permit setting the exception bitmap or VMCS entry interrupt information. These are not generally useful to set. If it is needed in the future, dedicated pseudo registers can be added for these that would be used with vm_set_register(). 365844: Remove no longer used variable. Modified: stable/12/usr.sbin/bhyvectl/bhyvectl.c Directory Properties: stable/12/ (props changed) Changes in other areas also in this revision: Modified: stable/11/usr.sbin/bhyvectl/bhyvectl.c Directory Properties: stable/11/ (props changed) Modified: stable/12/usr.sbin/bhyvectl/bhyvectl.c == --- stable/12/usr.sbin/bhyvectl/bhyvectl.c Thu Nov 5 23:42:36 2020 (r367407) +++ stable/12/usr.sbin/bhyvectl/bhyvectl.c Fri Nov 6 00:07:46 2020 (r367408) @@ -299,11 +299,11 @@ static int get_vmcb_virq, get_avic_table; */ static int get_pinbased_ctls, get_procbased_ctls, get_procbased_ctls2; static int get_eptp, get_io_bitmap, get_tsc_offset; -static int get_vmcs_entry_interruption_info, set_vmcs_entry_interruption_info; +static int get_vmcs_entry_interruption_info; static int get_vmcs_interruptibility; uint32_t vmcs_entry_interruption_info; static int get_vmcs_gpa, get_vmcs_gla; -static int get_exception_bitmap, set_exception_bitmap, exception_bitmap; +static int get_exception_bitmap; static int get_cr0_mask, get_cr0_shadow; static int get_cr4_mask, get_cr4_shadow; static int get_cr3_targets; @@ -528,13 +528,6 @@ vm_get_vmcs_field(struct vmctx *ctx, int vcpu, int fie } static int -vm_set_vmcs_field(struct vmctx *ctx, int vcpu, int field, uint64_t val) -{ - - return (vm_set_register(ctx, vcpu, VMCS_IDENT(field), val)); -} - -static int vm_get_vmcb_field(struct vmctx *ctx, int vcpu, int off, int bytes, uint64_t *ret_val) { @@ -542,14 +535,6 @@ vm_get_vmcb_field(struct vmctx *ctx, int vcpu, int off return (vm_get_register(ctx, vcpu, VMCB_ACCESS(off, bytes), ret_val)); } -static int -vm_set_vmcb_field(struct vmctx *ctx, int vcpu, int off, int bytes, - uint64_t val) -{ - - return (vm_set_register(ctx, vcpu, VMCB_ACCESS(off, bytes), val)); -} - enum { VMNAME = 1000, /* avoid collision with return values from getopt */ VCPU, @@ -581,8 +566,6 @@ enum { SET_TR, SET_LDTR, SET_X2APIC_STATE, - SET_EXCEPTION_BITMAP, - SET_VMCS_ENTRY_INTERRUPTION_INFO, SET_CAP, CAPNAME, UNASSIGN_PPTDEV, @@ -1361,8 +1344,6 @@ setup_options(bool cpu_intel) { "set-tr", REQ_ARG,0, SET_TR }, { "set-ldtr", REQ_ARG,0, SET_LDTR }, { "set-x2apic-state",REQ_ARG, 0, SET_X2APIC_STATE }, - { "set-exception-bitmap", - REQ_ARG,0, SET_EXCEPTION_BITMAP }, { "capname",REQ_ARG,0, CAPNAME }, { "unassign-pptdev", REQ_ARG, 0, UNASSIGN_PPTDEV }, { "setcap", REQ_ARG,0, SET_CAP }, @@ -1492,8 +1473,6 @@ setup_options(bool cpu_intel) { "get-vmcs-host-pat", NO_ARG, _host_pat, 1 }, { "get-vmcs-host-cr0", NO_ARG, _host_cr0, 1 }, - { "set-vmcs-entry-interruption-info", - REQ_ARG, 0, SET_VMCS_ENTRY_INTERRUPTION_INFO }, { "get-vmcs-exit-qualification", NO_ARG, _vmcs_exit_qualification, 1 }, { "get-vmcs-exit-inst-length", @@ -1822,14 +1801,6 @@ main(int argc, char *argv[]) x2apic_state = strtol(optarg, NULL, 0); set_x2apic_state = 1; break; - case SET_EXCEPTION_BITMAP: - exception_bitmap = strtoul(optarg, NULL, 0); - set_exception_bitmap = 1; - break; - case SET_VMCS_ENTRY_INTERRUPTION_INFO: - vmcs_entry_interruption_info = strtoul(optarg, NULL, 0); - set_vmcs_entry_interruption_info = 1; - break; case SET_CAP: capval = strtoul(optarg, NULL, 0); setcap = 1; @@ -2012,22 +1983,6 @@ main(int argc, char *argv[]) if (!error && unassign_pptdev) error = vm_unassign_pptdev(ctx, bus, slot, func); - - if (!error && set_exception_bitmap) { - if (cpu_intel) - error = vm_set_vmcs_field(ctx, vcpu, -
svn commit: r367408 - in stable: 11/usr.sbin/bhyvectl 12/usr.sbin/bhyvectl
Author: jhb Date: Fri Nov 6 00:07:46 2020 New Revision: 367408 URL: https://svnweb.freebsd.org/changeset/base/367408 Log: MFC 365842,365844: Remove support for setting some obscure fields. 365842: Remove support for setting some obscure fields. Don't permit setting the exception bitmap or VMCS entry interrupt information. These are not generally useful to set. If it is needed in the future, dedicated pseudo registers can be added for these that would be used with vm_set_register(). 365844: Remove no longer used variable. Modified: stable/11/usr.sbin/bhyvectl/bhyvectl.c Directory Properties: stable/11/ (props changed) Changes in other areas also in this revision: Modified: stable/12/usr.sbin/bhyvectl/bhyvectl.c Directory Properties: stable/12/ (props changed) Modified: stable/11/usr.sbin/bhyvectl/bhyvectl.c == --- stable/11/usr.sbin/bhyvectl/bhyvectl.c Thu Nov 5 23:42:36 2020 (r367407) +++ stable/11/usr.sbin/bhyvectl/bhyvectl.c Fri Nov 6 00:07:46 2020 (r367408) @@ -299,11 +299,11 @@ static int get_vmcb_virq, get_avic_table; */ static int get_pinbased_ctls, get_procbased_ctls, get_procbased_ctls2; static int get_eptp, get_io_bitmap, get_tsc_offset; -static int get_vmcs_entry_interruption_info, set_vmcs_entry_interruption_info; +static int get_vmcs_entry_interruption_info; static int get_vmcs_interruptibility; uint32_t vmcs_entry_interruption_info; static int get_vmcs_gpa, get_vmcs_gla; -static int get_exception_bitmap, set_exception_bitmap, exception_bitmap; +static int get_exception_bitmap; static int get_cr0_mask, get_cr0_shadow; static int get_cr4_mask, get_cr4_shadow; static int get_cr3_targets; @@ -528,13 +528,6 @@ vm_get_vmcs_field(struct vmctx *ctx, int vcpu, int fie } static int -vm_set_vmcs_field(struct vmctx *ctx, int vcpu, int field, uint64_t val) -{ - - return (vm_set_register(ctx, vcpu, VMCS_IDENT(field), val)); -} - -static int vm_get_vmcb_field(struct vmctx *ctx, int vcpu, int off, int bytes, uint64_t *ret_val) { @@ -542,14 +535,6 @@ vm_get_vmcb_field(struct vmctx *ctx, int vcpu, int off return (vm_get_register(ctx, vcpu, VMCB_ACCESS(off, bytes), ret_val)); } -static int -vm_set_vmcb_field(struct vmctx *ctx, int vcpu, int off, int bytes, - uint64_t val) -{ - - return (vm_set_register(ctx, vcpu, VMCB_ACCESS(off, bytes), val)); -} - enum { VMNAME = 1000, /* avoid collision with return values from getopt */ VCPU, @@ -581,8 +566,6 @@ enum { SET_TR, SET_LDTR, SET_X2APIC_STATE, - SET_EXCEPTION_BITMAP, - SET_VMCS_ENTRY_INTERRUPTION_INFO, SET_CAP, CAPNAME, UNASSIGN_PPTDEV, @@ -1359,8 +1342,6 @@ setup_options(bool cpu_intel) { "set-tr", REQ_ARG,0, SET_TR }, { "set-ldtr", REQ_ARG,0, SET_LDTR }, { "set-x2apic-state",REQ_ARG, 0, SET_X2APIC_STATE }, - { "set-exception-bitmap", - REQ_ARG,0, SET_EXCEPTION_BITMAP }, { "capname",REQ_ARG,0, CAPNAME }, { "unassign-pptdev", REQ_ARG, 0, UNASSIGN_PPTDEV }, { "setcap", REQ_ARG,0, SET_CAP }, @@ -1490,8 +1471,6 @@ setup_options(bool cpu_intel) { "get-vmcs-host-pat", NO_ARG, _host_pat, 1 }, { "get-vmcs-host-cr0", NO_ARG, _host_cr0, 1 }, - { "set-vmcs-entry-interruption-info", - REQ_ARG, 0, SET_VMCS_ENTRY_INTERRUPTION_INFO }, { "get-vmcs-exit-qualification", NO_ARG, _vmcs_exit_qualification, 1 }, { "get-vmcs-exit-inst-length", @@ -1820,14 +1799,6 @@ main(int argc, char *argv[]) x2apic_state = strtol(optarg, NULL, 0); set_x2apic_state = 1; break; - case SET_EXCEPTION_BITMAP: - exception_bitmap = strtoul(optarg, NULL, 0); - set_exception_bitmap = 1; - break; - case SET_VMCS_ENTRY_INTERRUPTION_INFO: - vmcs_entry_interruption_info = strtoul(optarg, NULL, 0); - set_vmcs_entry_interruption_info = 1; - break; case SET_CAP: capval = strtoul(optarg, NULL, 0); setcap = 1; @@ -2010,22 +1981,6 @@ main(int argc, char *argv[]) if (!error && unassign_pptdev) error = vm_unassign_pptdev(ctx, bus, slot, func); - - if (!error && set_exception_bitmap) { - if (cpu_intel) - error = vm_set_vmcs_field(ctx, vcpu, -
svn commit: r367407 - head/sys/opencrypto
Author: jhb Date: Thu Nov 5 23:42:36 2020 New Revision: 367407 URL: https://svnweb.freebsd.org/changeset/base/367407 Log: Move cryptodev_cb earlier before it is used. This is consistent with cryptodevkey_cb being defined before it is used and removes a prototype in the middle of the file. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27067 Modified: head/sys/opencrypto/cryptodev.c Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Thu Nov 5 23:31:58 2020 (r367406) +++ head/sys/opencrypto/cryptodev.c Thu Nov 5 23:42:36 2020 (r367407) @@ -904,8 +904,6 @@ bail: return (error); } -static int cryptodev_cb(struct cryptop *); - static struct cryptop_data * cod_alloc(struct csession *cse, size_t aad_len, size_t len, struct thread *td) { @@ -936,6 +934,23 @@ cod_free(struct cryptop_data *cod) } static int +cryptodev_cb(struct cryptop *crp) +{ + struct cryptop_data *cod = crp->crp_opaque; + + /* +* Lock to ensure the wakeup() is not missed by the loops +* waiting on cod->done in cryptodev_op() and +* cryptodev_aead(). +*/ + mtx_lock(>cse->lock); + cod->done = true; + mtx_unlock(>cse->lock); + wakeup(cod); + return (0); +} + +static int cryptodev_op(struct csession *cse, const struct crypt_op *cop, struct ucred *active_cred, struct thread *td) { @@ -1338,23 +1353,6 @@ bail: cod_free(cod); return (error); -} - -static int -cryptodev_cb(struct cryptop *crp) -{ - struct cryptop_data *cod = crp->crp_opaque; - - /* -* Lock to ensure the wakeup() is not missed by the loops -* waiting on cod->done in cryptodev_op() and -* cryptodev_aead(). -*/ - mtx_lock(>cse->lock); - cod->done = true; - mtx_unlock(>cse->lock); - wakeup(cod); - return (0); } static void ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367406 - head/sys/crypto/aesni
Author: jhb Date: Thu Nov 5 23:31:58 2020 New Revision: 367406 URL: https://svnweb.freebsd.org/changeset/base/367406 Log: Check cipher key lengths during probesession. OCF drivers in general should perform as many session parameter checks as possible during probesession rather than when creating a new session. I got this wrong for aesni(4) in r359374. In addition, aesni(4) was performing the check for digest-only requests and failing to create digest-only sessions as a result. Reported by: jkim Tested by:jkim Sponsored by: Chelsio Communications Modified: head/sys/crypto/aesni/aesni.c Modified: head/sys/crypto/aesni/aesni.c == --- head/sys/crypto/aesni/aesni.c Thu Nov 5 23:28:46 2020 (r367405) +++ head/sys/crypto/aesni/aesni.c Thu Nov 5 23:31:58 2020 (r367406) @@ -237,16 +237,35 @@ aesni_cipher_supported(struct aesni_softc *sc, switch (csp->csp_cipher_alg) { case CRYPTO_AES_CBC: case CRYPTO_AES_ICM: + switch (csp->csp_cipher_klen * 8) { + case 128: + case 192: + case 256: + break; + default: + CRYPTDEB("invalid CBC/ICM key length"); + return (false); + } if (csp->csp_ivlen != AES_BLOCK_LEN) return (false); - return (sc->has_aes); + break; case CRYPTO_AES_XTS: + switch (csp->csp_cipher_klen * 8) { + case 256: + case 512: + break; + default: + CRYPTDEB("invalid XTS key length"); + return (false); + } if (csp->csp_ivlen != AES_XTS_IV_LEN) return (false); - return (sc->has_aes); + break; default: return (false); } + + return (true); } #define SUPPORTED_SES (CSP_F_SEPARATE_OUTPUT | CSP_F_SEPARATE_AAD | CSP_F_ESN) @@ -271,6 +290,15 @@ aesni_probesession(device_t dev, const struct crypto_s case CSP_MODE_AEAD: switch (csp->csp_cipher_alg) { case CRYPTO_AES_NIST_GCM_16: + switch (csp->csp_cipher_klen * 8) { + case 128: + case 192: + case 256: + break; + default: + CRYPTDEB("invalid GCM key length"); + return (EINVAL); + } if (csp->csp_auth_mlen != 0 && csp->csp_auth_mlen != GMAC_DIGEST_LEN) return (EINVAL); @@ -279,6 +307,15 @@ aesni_probesession(device_t dev, const struct crypto_s return (EINVAL); break; case CRYPTO_AES_CCM_16: + switch (csp->csp_cipher_klen * 8) { + case 128: + case 192: + case 256: + break; + default: + CRYPTDEB("invalid CCM key length"); + return (EINVAL); + } if (csp->csp_auth_mlen != 0 && csp->csp_auth_mlen != AES_CBC_MAC_HASH_LEN) return (EINVAL); @@ -519,41 +556,6 @@ aesni_authprepare(struct aesni_session *ses, int klen) } static int -aesni_cipherprepare(const struct crypto_session_params *csp) -{ - - switch (csp->csp_cipher_alg) { - case CRYPTO_AES_ICM: - case CRYPTO_AES_NIST_GCM_16: - case CRYPTO_AES_CCM_16: - case CRYPTO_AES_CBC: - switch (csp->csp_cipher_klen * 8) { - case 128: - case 192: - case 256: - break; - default: - CRYPTDEB("invalid CBC/ICM/GCM key length"); - return (EINVAL); - } - break; - case CRYPTO_AES_XTS: - switch (csp->csp_cipher_klen * 8) { - case 256: - case 512: - break; - default: - CRYPTDEB("invalid XTS key length"); - return (EINVAL); - } - break; - default: - return (EINVAL); - } - return (0); -} - -static int aesni_cipher_setup(struct aesni_session *ses, const struct crypto_session_params *csp) { @@ -600,10 +602,6 @@ aesni_cipher_setup(struct aesni_session *ses, if (error != 0) return (error);
svn commit: r367405 - stable/12/lib/libc/tests/sys
Author: jhb Date: Thu Nov 5 23:28:46 2020 New Revision: 367405 URL: https://svnweb.freebsd.org/changeset/base/367405 Log: MFC 365280: Pass a valid mode with O_CREATE to open(2). CheriABI is pickier about the arguments to open(2) and crashes with a fault if a mode isn't passed to an open() when O_CREATE is specified. Modified: stable/12/lib/libc/tests/sys/sendfile_test.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/libc/tests/sys/sendfile_test.c == --- stable/12/lib/libc/tests/sys/sendfile_test.cThu Nov 5 23:28:05 2020(r367404) +++ stable/12/lib/libc/tests/sys/sendfile_test.cThu Nov 5 23:28:46 2020(r367405) @@ -781,7 +781,7 @@ hdtr_negative_bad_pointers_test(int domain) hdtr3.trl_cnt = 1; hdtr3.trailers = (struct iovec*)-1; - fd = open(SOURCE_FILE, O_CREAT|O_RDWR); + fd = open(SOURCE_FILE, O_CREAT|O_RDWR, 0600); ATF_REQUIRE_MSG(fd != -1, "open failed: %s", strerror(errno)); server_sock = setup_tcp_server(domain, port); @@ -836,7 +836,7 @@ offset_negative_value_less_than_zero_test(int domain) server_sock = setup_tcp_server(domain, port); client_sock = setup_tcp_client(domain, port); - fd = open(SOURCE_FILE, O_CREAT|O_RDWR); + fd = open(SOURCE_FILE, O_CREAT|O_RDWR, 0600); ATF_REQUIRE_MSG(fd != -1, "open failed: %s", strerror(errno)); error = sendfile(fd, client_sock, -1, 0, NULL, NULL, SF_FLAGS(0, 0)); @@ -985,7 +985,7 @@ s_negative_not_connected_socket_test(int domain) port = generate_random_port(__LINE__ + domain); client_sock = setup_tcp_server(domain, port); - fd = open(SOURCE_FILE, O_CREAT|O_RDWR); + fd = open(SOURCE_FILE, O_CREAT|O_RDWR, 0600); ATF_REQUIRE_MSG(fd != -1, "open failed: %s", strerror(errno)); error = sendfile(fd, client_sock, 0, 0, NULL, NULL, SF_FLAGS(0, 0)); @@ -1037,7 +1037,7 @@ ATF_TC_BODY(s_negative_not_descriptor, tc) client_sock = -1; - fd = open(SOURCE_FILE, O_CREAT|O_RDWR); + fd = open(SOURCE_FILE, O_CREAT|O_RDWR, 0600); ATF_REQUIRE_MSG(fd != -1, "open failed: %s", strerror(errno)); error = sendfile(fd, client_sock, 0, 0, NULL, NULL, SF_FLAGS(0, 0)); @@ -1058,7 +1058,7 @@ ATF_TC_BODY(s_negative_not_socket_file_descriptor, tc) { int client_sock, error, fd; - fd = open(SOURCE_FILE, O_CREAT|O_RDWR); + fd = open(SOURCE_FILE, O_CREAT|O_RDWR, 0600); ATF_REQUIRE_MSG(fd != -1, "open failed: %s", strerror(errno)); client_sock = open(_PATH_DEVNULL, O_WRONLY); @@ -1079,7 +1079,7 @@ s_negative_udp_socket_test(int domain) port = generate_random_port(__LINE__ + domain); client_sock = setup_client(domain, SOCK_DGRAM, port); - fd = open(SOURCE_FILE, O_CREAT|O_RDWR); + fd = open(SOURCE_FILE, O_CREAT|O_RDWR, 0600); ATF_REQUIRE_MSG(fd != -1, "open failed: %s", strerror(errno)); error = sendfile(fd, client_sock, 0, 0, NULL, NULL, SF_FLAGS(0, 0)); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367404 - head/sys/opencrypto
Author: jhb Date: Thu Nov 5 23:28:05 2020 New Revision: 367404 URL: https://svnweb.freebsd.org/changeset/base/367404 Log: Style fixes for function prototypes and definitions. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27066 Modified: head/sys/opencrypto/crypto.c head/sys/opencrypto/cryptodev.c Modified: head/sys/opencrypto/crypto.c == --- head/sys/opencrypto/crypto.cThu Nov 5 23:26:02 2020 (r367403) +++ head/sys/opencrypto/crypto.cThu Nov 5 23:28:05 2020 (r367404) @@ -286,7 +286,9 @@ keybuf_init(void) } /* It'd be nice if we could store these in some kind of secure memory... */ -struct keybuf * get_keybuf(void) { +struct keybuf * +get_keybuf(void) +{ return (keybuf); } Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Thu Nov 5 23:26:02 2020 (r367403) +++ head/sys/opencrypto/cryptodev.c Thu Nov 5 23:28:05 2020 (r367404) @@ -351,13 +351,13 @@ SYSCTL_TIMEVAL_SEC(_kern, OID_AUTO, cryptodev_warn_int , "Delay in seconds between warnings of deprecated /dev/crypto algorithms"); -static int cryptof_ioctl(struct file *, u_long, void *, - struct ucred *, struct thread *); -static int cryptof_stat(struct file *, struct stat *, - struct ucred *, struct thread *); -static int cryptof_close(struct file *, struct thread *); -static int cryptof_fill_kinfo(struct file *, struct kinfo_file *, - struct filedesc *); +static int cryptof_ioctl(struct file *, u_long, void *, struct ucred *, +struct thread *); +static int cryptof_stat(struct file *, struct stat *, struct ucred *, +struct thread *); +static int cryptof_close(struct file *, struct thread *); +static int cryptof_fill_kinfo(struct file *, struct kinfo_file *, +struct filedesc *); static struct fileops cryptofops = { .fo_read = invfo_rdwr, @@ -381,12 +381,12 @@ static struct csession *csecreate(struct fcrypt *, cry struct auth_hash *, void *); static void csefree(struct csession *); -static int cryptodev_op(struct csession *, const struct crypt_op *, - struct ucred *, struct thread *td); -static int cryptodev_aead(struct csession *, struct crypt_aead *, - struct ucred *, struct thread *); -static int cryptodev_key(struct crypt_kop *); -static int cryptodev_find(struct crypt_find_op *); +static int cryptodev_op(struct csession *, const struct crypt_op *, +struct ucred *, struct thread *); +static int cryptodev_aead(struct csession *, struct crypt_aead *, +struct ucred *, struct thread *); +static int cryptodev_key(struct crypt_kop *); +static int cryptodev_find(struct crypt_find_op *); /* * Check a crypto identifier to see if it requested @@ -417,12 +417,8 @@ checkforsoftware(int *cridp) /* ARGSUSED */ static int -cryptof_ioctl( - struct file *fp, - u_long cmd, - void *data, - struct ucred *active_cred, - struct thread *td) +cryptof_ioctl(struct file *fp, u_long cmd, void *data, +struct ucred *active_cred, struct thread *td) { static struct timeval keywarn, featwarn; struct crypto_session_params csp; @@ -940,11 +936,8 @@ cod_free(struct cryptop_data *cod) } static int -cryptodev_op( - struct csession *cse, - const struct crypt_op *cop, - struct ucred *active_cred, - struct thread *td) +cryptodev_op(struct csession *cse, const struct crypt_op *cop, +struct ucred *active_cred, struct thread *td) { struct cryptop_data *cod = NULL; struct cryptop *crp = NULL; @@ -1154,11 +1147,8 @@ bail: } static int -cryptodev_aead( - struct csession *cse, - struct crypt_aead *caead, - struct ucred *active_cred, - struct thread *td) +cryptodev_aead(struct csession *cse, struct crypt_aead *caead, +struct ucred *active_cred, struct thread *td) { struct cryptop_data *cod = NULL; struct cryptop *crp = NULL; @@ -1515,11 +1505,8 @@ cryptodev_find(struct crypt_find_op *find) /* ARGSUSED */ static int -cryptof_stat( - struct file *fp, - struct stat *sb, - struct ucred *active_cred, - struct thread *td) +cryptof_stat(struct file *fp, struct stat *sb, struct ucred *active_cred, +struct thread *td) { return (EOPNOTSUPP); @@ -1545,7 +1532,8 @@ cryptof_close(struct file *fp, struct thread *td) } static int -cryptof_fill_kinfo(struct file *fp, struct kinfo_file *kif, struct filedesc *fdp) +cryptof_fill_kinfo(struct file *fp, struct kinfo_file *kif, +struct filedesc *fdp) { kif->kf_type = KF_TYPE_CRYPTO; @@ -1634,7 +1622,8 @@ csefree(struct csession *cse) } static int -cryptoioctl(struct cdev
svn commit: r367403 - head/sys/opencrypto
Author: jhb Date: Thu Nov 5 23:26:02 2020 New Revision: 367403 URL: https://svnweb.freebsd.org/changeset/base/367403 Log: Don't modify the destination pointer in ioctl requests. This breaks the case where the original pointer was NULL but an in-line IV was used. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27064 Modified: head/sys/opencrypto/cryptodev.c Modified: head/sys/opencrypto/cryptodev.c == --- head/sys/opencrypto/cryptodev.c Thu Nov 5 22:41:54 2020 (r367402) +++ head/sys/opencrypto/cryptodev.c Thu Nov 5 23:26:02 2020 (r367403) @@ -381,7 +381,7 @@ static struct csession *csecreate(struct fcrypt *, cry struct auth_hash *, void *); static void csefree(struct csession *); -static int cryptodev_op(struct csession *, struct crypt_op *, +static int cryptodev_op(struct csession *, const struct crypt_op *, struct ucred *, struct thread *td); static int cryptodev_aead(struct csession *, struct crypt_aead *, struct ucred *, struct thread *); @@ -942,12 +942,13 @@ cod_free(struct cryptop_data *cod) static int cryptodev_op( struct csession *cse, - struct crypt_op *cop, + const struct crypt_op *cop, struct ucred *active_cred, struct thread *td) { struct cryptop_data *cod = NULL; struct cryptop *crp = NULL; + char *dst; int error; if (cop->len > 256*1024-4) { @@ -980,6 +981,7 @@ cryptodev_op( } cod = cod_alloc(cse, 0, cop->len + cse->hashsize, td); + dst = cop->dst; crp = crypto_getreq(cse->cses, M_WAITOK); @@ -1082,7 +1084,7 @@ cryptodev_op( crp->crp_iv_start = 0; crp->crp_payload_start += cse->ivsize; crp->crp_payload_length -= cse->ivsize; - cop->dst += cse->ivsize; + dst += cse->ivsize; } if (cop->mac != NULL && crp->crp_op & CRYPTO_OP_VERIFY_DIGEST) { @@ -1127,7 +1129,7 @@ again: if (cop->dst != NULL) { error = copyout(cod->obuf != NULL ? cod->obuf : - cod->buf + crp->crp_payload_start, cop->dst, + cod->buf + crp->crp_payload_start, dst, crp->crp_payload_length); if (error) { SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); @@ -1160,6 +1162,7 @@ cryptodev_aead( { struct cryptop_data *cod = NULL; struct cryptop *crp = NULL; + char *dst; int error; if (caead->len > 256*1024-4 || caead->aadlen > 256*1024-4) { @@ -1186,6 +1189,7 @@ cryptodev_aead( } cod = cod_alloc(cse, caead->aadlen, caead->len + cse->hashsize, td); + dst = caead->dst; crp = crypto_getreq(cse->cses, M_WAITOK); @@ -1277,7 +1281,7 @@ cryptodev_aead( crp->crp_iv_start = crp->crp_payload_start; crp->crp_payload_start += cse->ivsize; crp->crp_payload_length -= cse->ivsize; - caead->dst += cse->ivsize; + dst += cse->ivsize; } if (crp->crp_op & CRYPTO_OP_VERIFY_DIGEST) { @@ -1322,7 +1326,7 @@ again: if (caead->dst != NULL) { error = copyout(cod->obuf != NULL ? cod->obuf : - cod->buf + crp->crp_payload_start, caead->dst, + cod->buf + crp->crp_payload_start, dst, crp->crp_payload_length); if (error) { SDT_PROBE1(opencrypto, dev, ioctl, error, __LINE__); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367401 - stable/12/lib/libc/tests/resolv
Author: jhb Date: Thu Nov 5 22:35:45 2020 New Revision: 367401 URL: https://svnweb.freebsd.org/changeset/base/367401 Log: MFC 365055: Fix a buffer overrun. getln() returns 'len' valid characters. line[len] is out of bounds. Modified: stable/12/lib/libc/tests/resolv/resolv_test.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/libc/tests/resolv/resolv_test.c == --- stable/12/lib/libc/tests/resolv/resolv_test.c Thu Nov 5 21:44:58 2020(r367400) +++ stable/12/lib/libc/tests/resolv/resolv_test.c Thu Nov 5 22:35:45 2020(r367401) @@ -77,15 +77,15 @@ load(const char *fname) if ((fp = fopen(fname, "r")) == NULL) ATF_REQUIRE(fp != NULL); while ((line = fgetln(fp, )) != NULL) { - char c = line[len]; + char c = line[len - 1]; char *ptr; - line[len] = '\0'; + line[len - 1] = '\0'; for (ptr = strtok(line, WS); ptr; ptr = strtok(NULL, WS)) { if (ptr == '\0' || ptr[0] == '#') continue; sl_add(hosts, strdup(ptr)); } - line[len] = c; + line[len - 1] = c; } (void)fclose(fp); ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367396 - in stable/12: lib/libipsec sbin/setkey sys/net usr.bin/netstat
Author: jhb Date: Thu Nov 5 19:37:56 2020 New Revision: 367396 URL: https://svnweb.freebsd.org/changeset/base/367396 Log: MFC 361810: Refer to AES-CBC as "aes-cbc" rather than "rijndael-cbc" for IPsec. At this point, AES is the more common name for Rijndael128. setkey(8) will still accept the old name, and old constants remain for compatiblity. Modified: stable/12/lib/libipsec/pfkey_dump.c stable/12/sbin/setkey/setkey.8 stable/12/sbin/setkey/token.l stable/12/sys/net/pfkeyv2.h stable/12/usr.bin/netstat/ipsec.c Directory Properties: stable/12/ (props changed) Modified: stable/12/lib/libipsec/pfkey_dump.c == --- stable/12/lib/libipsec/pfkey_dump.c Thu Nov 5 19:30:31 2020 (r367395) +++ stable/12/lib/libipsec/pfkey_dump.c Thu Nov 5 19:37:56 2020 (r367396) @@ -181,8 +181,8 @@ static struct val2str str_alg_enc[] = { #endif { SADB_X_EALG_CAST128CBC, "cast128-cbc", }, { SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", }, -#ifdef SADB_X_EALG_RIJNDAELCBC - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, +#ifdef SADB_X_EALG_AESCBC + { SADB_X_EALG_AESCBC, "aes-cbc", }, #endif #ifdef SADB_X_EALG_TWOFISHCBC { SADB_X_EALG_TWOFISHCBC, "twofish-cbc", }, Modified: stable/12/sbin/setkey/setkey.8 == --- stable/12/sbin/setkey/setkey.8 Thu Nov 5 19:30:31 2020 (r367395) +++ stable/12/sbin/setkey/setkey.8 Thu Nov 5 19:37:56 2020 (r367396) @@ -29,7 +29,7 @@ .\" .\" $FreeBSD$ .\" -.Dd May 04, 2020 +.Dd June 4, 2020 .Dt SETKEY 8 .Os .\" @@ -625,7 +625,7 @@ null0 to 2048 rfc2410 blowfish-cbc 40 to 448 rfc2451 cast128-cbc40 to 128 rfc2451 des-deriv 64 ipsec-ciph-des-derived-01 -rijndael-cbc 128/192/256 rfc3602 +aes-cbc128/192/256 rfc3602 aes-ctr160/224/288 rfc3686 aes-gcm-16 160/224/288 rfc4106 camellia-cbc 128/192/256 rfc4312 Modified: stable/12/sbin/setkey/token.l == --- stable/12/sbin/setkey/token.l Thu Nov 5 19:30:31 2020 (r367395) +++ stable/12/sbin/setkey/token.l Thu Nov 5 19:37:56 2020 (r367396) @@ -169,7 +169,8 @@ tcp { yylval.num = 0; return(PR_TCP); } cast128-cbc { yylval.num = SADB_X_EALG_CAST128CBC; BEGIN INITIAL; return(ALG_ENC); } des-deriv{ yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DESDERIV); } des-32iv { yylval.num = SADB_EALG_DESCBC; BEGIN INITIAL; return(ALG_ENC_DES32IV); } -rijndael-cbc { yylval.num = SADB_X_EALG_RIJNDAELCBC; BEGIN INITIAL; return(ALG_ENC); } +rijndael-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } +aes-cbc { yylval.num = SADB_X_EALG_AESCBC; BEGIN INITIAL; return(ALG_ENC); } aes-ctr { yylval.num = SADB_X_EALG_AESCTR; BEGIN INITIAL; return(ALG_ENC_SALT); } camellia-cbc { yylval.num = SADB_X_EALG_CAMELLIACBC; BEGIN INITIAL; return(ALG_ENC); } aes-gcm-16 { yylval.num = SADB_X_EALG_AESGCM16; BEGIN INITIAL; return(ALG_ENC_SALT); } Modified: stable/12/sys/net/pfkeyv2.h == --- stable/12/sys/net/pfkeyv2.h Thu Nov 5 19:30:31 2020(r367395) +++ stable/12/sys/net/pfkeyv2.h Thu Nov 5 19:37:56 2020(r367396) @@ -383,6 +383,7 @@ _Static_assert(sizeof(struct sadb_x_sa_replay) == 8, " #define SADB_EALG_NULL 11 #define SADB_X_EALG_RIJNDAELCBC12 #define SADB_X_EALG_AES12 +#defineSADB_X_EALG_AESCBC 12 #define SADB_X_EALG_AESCTR 13 #define SADB_X_EALG_AESGCM818 /* RFC4106 */ #define SADB_X_EALG_AESGCM12 19 Modified: stable/12/usr.bin/netstat/ipsec.c == --- stable/12/usr.bin/netstat/ipsec.c Thu Nov 5 19:30:31 2020 (r367395) +++ stable/12/usr.bin/netstat/ipsec.c Thu Nov 5 19:37:56 2020 (r367396) @@ -147,7 +147,7 @@ static struct val2str ipsec_espnames[] = { { SADB_EALG_NULL, "null", }, { SADB_X_EALG_CAST128CBC, "cast128-cbc", }, { SADB_X_EALG_BLOWFISHCBC, "blowfish-cbc", }, - { SADB_X_EALG_RIJNDAELCBC, "rijndael-cbc", }, + { SADB_X_EALG_AESCBC, "aes-cbc", }, { SADB_X_EALG_CAMELLIACBC, "camellia-cbc", }, { SADB_X_EALG_AESCTR, "aes-ctr", }, { SADB_X_EALG_AESGCM16, "aes-gcm-16", }, ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367336 - stable/12/sys/geom/eli
Author: jhb Date: Wed Nov 4 17:22:12 2020 New Revision: 367336 URL: https://svnweb.freebsd.org/changeset/base/367336 Log: MFC 359263: Use the newer EINTEGRITY error when authentication fails. GELI used to fail with EINVAL when a read request spanned a disk sector whose contents did not match the sector's authentication tag. The recently-added EINTEGRITY more closely matches to the error in this case. Modified: stable/12/sys/geom/eli/g_eli_integrity.c Directory Properties: stable/12/ (props changed) Modified: stable/12/sys/geom/eli/g_eli_integrity.c == --- stable/12/sys/geom/eli/g_eli_integrity.cWed Nov 4 16:42:20 2020 (r367335) +++ stable/12/sys/geom/eli/g_eli_integrity.cWed Nov 4 17:22:12 2020 (r367336) @@ -231,7 +231,7 @@ g_eli_auth_read_done(struct cryptop *crp) bp->bio_driver2 = NULL; if (bp->bio_error != 0) { if (bp->bio_error == -1) - bp->bio_error = EINVAL; + bp->bio_error = EINTEGRITY; else { G_ELI_LOGREQ(0, bp, "Crypto READ request failed (error=%d).", ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367311 - head/tools/tools/crypto
Author: jhb Date: Tue Nov 3 22:53:23 2020 New Revision: 367311 URL: https://svnweb.freebsd.org/changeset/base/367311 Log: Remove unnecessary __DECONST(). Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27063 Modified: head/tools/tools/crypto/cryptocheck.c Modified: head/tools/tools/crypto/cryptocheck.c == --- head/tools/tools/crypto/cryptocheck.c Tue Nov 3 22:32:30 2020 (r367310) +++ head/tools/tools/crypto/cryptocheck.c Tue Nov 3 22:53:23 2020 (r367311) @@ -492,7 +492,7 @@ ocf_hash(const struct alg *alg, const char *buffer, si ocf_init_cop(, ); cop.op = 0; cop.len = size; - cop.src = __DECONST(char *, buffer); + cop.src = buffer; cop.mac = digest; if (ioctl(ses.fd, CIOCCRYPT, ) < 0) { @@ -596,7 +596,7 @@ ocf_hmac(const struct alg *alg, const char *buffer, si ocf_init_sop(); sop.mackeylen = key_len; - sop.mackey = __DECONST(char *, key); + sop.mackey = key; sop.mac = alg->mac; if (!ocf_init_session(, "HMAC", alg->name, )) return (false); @@ -604,7 +604,7 @@ ocf_hmac(const struct alg *alg, const char *buffer, si ocf_init_cop(, ); cop.op = 0; cop.len = size; - cop.src = __DECONST(char *, buffer); + cop.src = buffer; cop.mac = digest; if (ioctl(ses.fd, CIOCCRYPT, ) < 0) { @@ -709,7 +709,7 @@ ocf_init_cipher_session(const struct alg *alg, const c ocf_init_sop(); sop.keylen = key_len; - sop.key = __DECONST(char *, key); + sop.key = key; sop.cipher = alg->cipher; return (ocf_init_session(, "cipher", alg->name, ses)); } @@ -723,9 +723,9 @@ ocf_cipher(const struct ocf_session *ses, const struct ocf_init_cop(ses, ); cop.op = op; cop.len = size; - cop.src = __DECONST(char *, input); + cop.src = input; cop.dst = output; - cop.iv = __DECONST(char *, iv); + cop.iv = iv; if (ioctl(ses->fd, CIOCCRYPT, ) < 0) { warn("cryptodev %s (%zu) cipher failed for device %s", @@ -841,10 +841,10 @@ ocf_init_eta_session(const struct alg *alg, const char ocf_init_sop(); sop.keylen = cipher_key_len; - sop.key = __DECONST(char *, cipher_key); + sop.key = cipher_key; sop.cipher = alg->cipher; sop.mackeylen = auth_key_len; - sop.mackey = __DECONST(char *, auth_key); + sop.mackey = auth_key; sop.mac = alg->mac; return (ocf_init_session(, "ETA", alg->name, ses)); } @@ -864,11 +864,11 @@ ocf_eta(const struct ocf_session *ses, const char *iv, caead.len = size; caead.aadlen = aad_len; caead.ivlen = iv_len; - caead.src = __DECONST(char *, input); + caead.src = input; caead.dst = output; - caead.aad = __DECONST(char *, aad); + caead.aad = aad; caead.tag = digest; - caead.iv = __DECONST(char *, iv); + caead.iv = iv; ret = ioctl(ses->fd, CIOCCRYPTAEAD, ); } else { @@ -877,10 +877,10 @@ ocf_eta(const struct ocf_session *ses, const char *iv, ocf_init_cop(ses, ); cop.op = op; cop.len = size; - cop.src = __DECONST(char *, input); + cop.src = input; cop.dst = output; cop.mac = digest; - cop.iv = __DECONST(char *, iv); + cop.iv = iv; ret = ioctl(ses->fd, CIOCCRYPT, ); } @@ -1078,7 +1078,7 @@ ocf_gmac(const struct alg *alg, const char *input, siz ocf_init_sop(); sop.mackeylen = key_len; - sop.mackey = __DECONST(char *, key); + sop.mackey = key; sop.mac = alg->mac; if (!ocf_init_session(, "GMAC", alg->name, )) return (false); @@ -1086,7 +1086,7 @@ ocf_gmac(const struct alg *alg, const char *input, siz ocf_init_cop(, ); cop.op = 0; cop.len = size; - cop.src = __DECONST(char *, input); + cop.src = input; cop.mac = tag; cop.iv = iv; @@ -1298,7 +1298,7 @@ ocf_init_aead_session(const struct alg *alg, const cha ocf_init_sop(); sop.keylen = key_len; - sop.key = __DECONST(char *, key); + sop.key = key; sop.cipher = alg->cipher; return (ocf_init_session(, "AEAD", alg->name, ses)); } @@ -1315,11 +1315,11 @@ ocf_aead(const struct ocf_session *ses, const char *iv caead.len = size; caead.aadlen = aad_len; caead.ivlen = iv_len; - caead.src = __DECONST(char *, input); + caead.src = input; caead.dst = output; - caead.aad = __DECONST(char *, aad); +
svn commit: r367310 - in head/sys: crypto opencrypto
Author: jhb Date: Tue Nov 3 22:32:30 2020 New Revision: 367310 URL: https://svnweb.freebsd.org/changeset/base/367310 Log: Replace some K function definitions with ANSI C. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27062 Modified: head/sys/crypto/sha1.c head/sys/opencrypto/cryptodeflate.c head/sys/opencrypto/xform_deflate.c Modified: head/sys/crypto/sha1.c == --- head/sys/crypto/sha1.c Tue Nov 3 22:27:54 2020(r367309) +++ head/sys/crypto/sha1.c Tue Nov 3 22:32:30 2020(r367310) @@ -91,8 +91,7 @@ static uint32_t _K[] = { 0x5a827999, 0x6ed9eba1, 0x8f1 static void sha1_step(struct sha1_ctxt *); static void -sha1_step(ctxt) - struct sha1_ctxt *ctxt; +sha1_step(struct sha1_ctxt *ctxt) { uint32_ta, b, c, d, e; size_t t, s; @@ -176,8 +175,7 @@ sha1_step(ctxt) /**/ void -sha1_init(ctxt) - struct sha1_ctxt *ctxt; +sha1_init(struct sha1_ctxt *ctxt) { bzero(ctxt, sizeof(struct sha1_ctxt)); H(0) = 0x67452301; @@ -188,8 +186,7 @@ sha1_init(ctxt) } void -sha1_pad(ctxt) - struct sha1_ctxt *ctxt; +sha1_pad(struct sha1_ctxt *ctxt) { size_t padlen; /*pad length in bytes*/ size_t padstart; @@ -223,10 +220,7 @@ sha1_pad(ctxt) } void -sha1_loop(ctxt, input, len) - struct sha1_ctxt *ctxt; - const uint8_t *input; - size_t len; +sha1_loop(struct sha1_ctxt *ctxt, const uint8_t *input, size_t len) { size_t gaplen; size_t gapstart; Modified: head/sys/opencrypto/cryptodeflate.c == --- head/sys/opencrypto/cryptodeflate.c Tue Nov 3 22:27:54 2020 (r367309) +++ head/sys/opencrypto/cryptodeflate.c Tue Nov 3 22:32:30 2020 (r367310) @@ -82,11 +82,7 @@ crypto_zfree(void *nil, void *ptr) */ uint32_t -deflate_global(data, size, decomp, out) - uint8_t *data; - uint32_t size; - int decomp; - uint8_t **out; +deflate_global(uint8_t *data, uint32_t size, int decomp, uint8_t **out) { /* decomp indicates whether we compress (0) or decompress (1) */ Modified: head/sys/opencrypto/xform_deflate.c == --- head/sys/opencrypto/xform_deflate.c Tue Nov 3 22:27:54 2020 (r367309) +++ head/sys/opencrypto/xform_deflate.c Tue Nov 3 22:32:30 2020 (r367310) @@ -68,19 +68,13 @@ struct comp_algo comp_algo_deflate = { */ static uint32_t -deflate_compress(data, size, out) - uint8_t *data; - uint32_t size; - uint8_t **out; +deflate_compress(uint8_t *data, uint32_t size, uint8_t **out) { return deflate_global(data, size, 0, out); } static uint32_t -deflate_decompress(data, size, out) - uint8_t *data; - uint32_t size; - uint8_t **out; +deflate_decompress(uint8_t *data, uint32_t size, uint8_t **out) { return deflate_global(data, size, 1, out); } ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
svn commit: r367309 - in head/sys: crypto crypto/chacha20 crypto/des crypto/rijndael crypto/skein opencrypto
Author: jhb Date: Tue Nov 3 22:27:54 2020 New Revision: 367309 URL: https://svnweb.freebsd.org/changeset/base/367309 Log: Consistently use C99 fixed-width types in the in-kernel crypto code. Reviewed by: markj Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27061 Modified: head/sys/crypto/chacha20/chacha-sw.c head/sys/crypto/des/des.h head/sys/crypto/rijndael/rijndael-api-fst.c head/sys/crypto/rijndael/rijndael.h head/sys/crypto/rijndael/rijndael_local.h head/sys/crypto/sha1.c head/sys/crypto/sha1.h head/sys/crypto/skein/skein_port.h head/sys/opencrypto/crypto.c head/sys/opencrypto/cryptodeflate.c head/sys/opencrypto/cryptodev.c head/sys/opencrypto/cryptodev.h head/sys/opencrypto/cryptosoft.c head/sys/opencrypto/deflate.h head/sys/opencrypto/rmd160.c head/sys/opencrypto/rmd160.h head/sys/opencrypto/xform_auth.h head/sys/opencrypto/xform_comp.h head/sys/opencrypto/xform_deflate.c head/sys/opencrypto/xform_enc.h head/sys/opencrypto/xform_null.c head/sys/opencrypto/xform_rijndael.c head/sys/opencrypto/xform_sha1.c head/sys/opencrypto/xform_sha2.c Modified: head/sys/crypto/chacha20/chacha-sw.c == --- head/sys/crypto/chacha20/chacha-sw.cTue Nov 3 22:13:16 2020 (r367308) +++ head/sys/crypto/chacha20/chacha-sw.cTue Nov 3 22:27:54 2020 (r367309) @@ -18,7 +18,7 @@ chacha20_xform_setkey(void *ctx, const uint8_t *key, i } static void -chacha20_xform_reinit(void *ctx, const u_int8_t *iv) +chacha20_xform_reinit(void *ctx, const uint8_t *iv) { chacha_ivsetup(ctx, iv + 8, iv); Modified: head/sys/crypto/des/des.h == --- head/sys/crypto/des/des.h Tue Nov 3 22:13:16 2020(r367308) +++ head/sys/crypto/des/des.h Tue Nov 3 22:27:54 2020(r367309) @@ -56,7 +56,7 @@ extern "C" { #endif /* must be 32bit quantity */ -#define DES_LONG u_int32_t +#define DES_LONG uint32_t typedef unsigned char des_cblock[8]; typedef struct des_ks_struct Modified: head/sys/crypto/rijndael/rijndael-api-fst.c == --- head/sys/crypto/rijndael/rijndael-api-fst.c Tue Nov 3 22:13:16 2020 (r367308) +++ head/sys/crypto/rijndael/rijndael-api-fst.c Tue Nov 3 22:27:54 2020 (r367309) @@ -32,7 +32,7 @@ __FBSDID("$FreeBSD$"); #define TRUE 1 #endif -typedef u_int8_t BYTE; +typedef uint8_tBYTE; int rijndael_makeKey(keyInstance *key, BYTE direction, int keyLen, const char *keyMaterial) { @@ -84,7 +84,7 @@ int rijndael_cipherInit(cipherInstance *cipher, BYTE m int rijndael_blockEncrypt(cipherInstance *cipher, keyInstance *key, const BYTE *input, int inputLen, BYTE *outBuffer) { int i, k, numBlocks; - u_int8_t block[16], iv[4][4]; + uint8_t block[16], iv[4][4]; if (cipher == NULL || key == NULL || @@ -110,15 +110,15 @@ int rijndael_blockEncrypt(cipherInstance *cipher, keyI #if 1 /*STRICT_ALIGN*/ memcpy(block, cipher->IV, 16); memcpy(iv, input, 16); - ((u_int32_t*)block)[0] ^= ((u_int32_t*)iv)[0]; - ((u_int32_t*)block)[1] ^= ((u_int32_t*)iv)[1]; - ((u_int32_t*)block)[2] ^= ((u_int32_t*)iv)[2]; - ((u_int32_t*)block)[3] ^= ((u_int32_t*)iv)[3]; + ((uint32_t*)block)[0] ^= ((uint32_t*)iv)[0]; + ((uint32_t*)block)[1] ^= ((uint32_t*)iv)[1]; + ((uint32_t*)block)[2] ^= ((uint32_t*)iv)[2]; + ((uint32_t*)block)[3] ^= ((uint32_t*)iv)[3]; #else - ((u_int32_t*)block)[0] = ((u_int32_t*)cipher->IV)[0] ^ ((u_int32_t*)input)[0]; - ((u_int32_t*)block)[1] = ((u_int32_t*)cipher->IV)[1] ^ ((u_int32_t*)input)[1]; - ((u_int32_t*)block)[2] = ((u_int32_t*)cipher->IV)[2] ^ ((u_int32_t*)input)[2]; - ((u_int32_t*)block)[3] = ((u_int32_t*)cipher->IV)[3] ^ ((u_int32_t*)input)[3]; + ((uint32_t*)block)[0] = ((uint32_t*)cipher->IV)[0] ^ ((uint32_t*)input)[0]; + ((uint32_t*)block)[1] = ((uint32_t*)cipher->IV)[1] ^ ((uint32_t*)input)[1]; + ((uint32_t*)block)[2] = ((uint32_t*)cipher->IV)[2] ^ ((uint32_t*)input)[2]; + ((uint32_t*)block)[3] = ((uint32_t*)cipher->IV)[3] ^ ((uint32_t*)input)[3]; #endif rijndaelEncrypt(key->rk, key->Nr, block, outBuffer); input += 16; @@ -126,15 +126,15 @@ int rijndael_blockEncrypt(cipherInstance *cipher, keyI #if 1 /*STRICT_ALIGN*/ memcpy(block, outBuffer, 16); memcpy(iv, input, 16); - ((u_int32_t*)block)[0] ^= ((u_int32_t*)iv)[0]; - ((u_int32_t*)block)[1] ^=
svn commit: r367305 - in stable/12: libexec/tftpd libexec/tftpd/tests usr.bin/tftp
Author: jhb Date: Tue Nov 3 20:43:01 2020 New Revision: 367305 URL: https://svnweb.freebsd.org/changeset/base/367305 Log: MFC 358556,360167: Add support for the TFTP windowsize option. 358556: Add support for the TFTP windowsize option described in RFC 7440. The windowsize option permits multiple blocks to be transmitted before the receiver sends an ACK improving throughput for larger files. 360167: Abort transfer if fseeko() fails. Modified: stable/12/libexec/tftpd/tests/functional.c stable/12/libexec/tftpd/tftp-file.c stable/12/libexec/tftpd/tftp-file.h stable/12/libexec/tftpd/tftp-options.c stable/12/libexec/tftpd/tftp-options.h stable/12/libexec/tftpd/tftp-transfer.c stable/12/libexec/tftpd/tftp-utils.c stable/12/libexec/tftpd/tftp-utils.h stable/12/libexec/tftpd/tftpd.8 stable/12/usr.bin/tftp/main.c stable/12/usr.bin/tftp/tftp.1 Directory Properties: stable/12/ (props changed) Modified: stable/12/libexec/tftpd/tests/functional.c == --- stable/12/libexec/tftpd/tests/functional.c Tue Nov 3 19:57:28 2020 (r367304) +++ stable/12/libexec/tftpd/tests/functional.c Tue Nov 3 20:43:01 2020 (r367305) @@ -38,6 +38,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -89,6 +90,13 @@ recv_ack(uint16_t blocknum) RECV(hdr, NULL, 0); } +static void +recv_oack(const char *options, size_t options_len) +{ + char hdr[] = {0, 6}; + RECV(hdr, options, options_len); +} + /* * Receive a data packet from tftpd * @param blocknumExpected block number to be received @@ -159,6 +167,11 @@ send_ack(uint16_t blocknum) } +/* + * build an option string + */ +#define OPTION_STR(name, value)name "\000" value "\000" + /* * send a read request to tftpd. * @param filenamefilename as a string, absolute or relative @@ -166,6 +179,11 @@ send_ack(uint16_t blocknum) */ #define SEND_RRQ(filename, mode) SEND_STR("\0\001" filename "\0" mode "\0") +/* + * send a read request with options + */ +#define SEND_RRQ_OPT(filename, mode, options) SEND_STR("\0\001" filename "\0" mode "\000" options) + /* * send a write request to tftpd. * @param filenamefilename as a string, absolute or relative @@ -173,6 +191,11 @@ send_ack(uint16_t blocknum) */ #define SEND_WRQ(filename, mode) SEND_STR("\0\002" filename "\0" mode "\0") +/* + * send a write request with options + */ +#define SEND_WRQ_OPT(filename, mode, options) SEND_STR("\0\002" filename "\0" mode "\000" options) + /* Define a test case, for both IPv4 and IPv6 */ #define TFTPD_TC_DEFINE(name, head, ...) \ static void \ @@ -573,6 +596,32 @@ TFTPD_TC_DEFINE(rrq_medium,) } /* + * Read a medium file with a window size of 2. + */ +TFTPD_TC_DEFINE(rrq_medium_window,) +{ + int fd; + size_t i; + uint32_t contents[192]; + char options[] = OPTION_STR("windowsize", "2"); + + for (i = 0; i < nitems(contents); i++) + contents[i] = i; + + fd = open("medium.txt", O_RDWR | O_CREAT, 0644); + ATF_REQUIRE(fd >= 0); + write_all(fd, contents, sizeof(contents)); + close(fd); + + SEND_RRQ_OPT("medium.txt", "octet", OPTION_STR("windowsize", "2")); + recv_oack(options, sizeof(options) - 1); + send_ack(0); + recv_data(1, (const char*)[0], 512); + recv_data(2, (const char*)[128], 256); + send_ack(2); +} + +/* * Read a file in netascii format */ TFTPD_TC_DEFINE(rrq_netascii,) @@ -652,6 +701,59 @@ TFTPD_TC_DEFINE(rrq_small,) } /* + * Read a file following the example in RFC 7440. + */ +TFTPD_TC_DEFINE(rrq_window_rfc7440,) +{ + int fd; + size_t i; + char options[] = OPTION_STR("windowsize", "4"); + alignas(uint32_t) char contents[13 * 512 - 4]; + uint32_t *u32p; + + u32p = (uint32_t *)contents; + for (i = 0; i < sizeof(contents) / sizeof(uint32_t); i++) + u32p[i] = i; + + fd = open("rfc7440.txt", O_RDWR | O_CREAT, 0644); + ATF_REQUIRE(fd >= 0); + write_all(fd, contents, sizeof(contents)); + close(fd); + + SEND_RRQ_OPT("rfc7440.txt", "octet", OPTION_STR("windowsize", "4")); + recv_oack(options, sizeof(options) - 1); + send_ack(0); + recv_data(1, [0 * 512], 512); + recv_data(2, [1 * 512], 512); + recv_data(3, [2 * 512], 512); + recv_data(4, [3 * 512], 512); + send_ack(4); + recv_data(5, [4 * 512], 512); + recv_data(6, [5 * 512], 512); + recv_data(7, [6 * 512], 512); + recv_data(8, [7 * 512], 512); + + /* ACK 5 as if 6-8 were dropped. */ + send_ack(5); + recv_data(6, [5 * 512], 512); + recv_data(7, [6 * 512], 512); + recv_data(8, [7 * 512], 512); + recv_data(9, [8 * 512], 512); + send_ack(9); + recv_data(10, [9 * 512], 512); +
svn commit: r367188 - head/sbin/sysctl
Author: jhb Date: Fri Oct 30 21:13:05 2020 New Revision: 367188 URL: https://svnweb.freebsd.org/changeset/base/367188 Log: Use a dynamic buffer for the copy of a node's new value. This permits setting a node's value to a string longer than BUFSIZ. Reported by: Sony Arpita Das @ Chelsio Reviewed by: freqlabs MFC after:1 week Sponsored by: Chelsio Communications Differential Revision:https://reviews.freebsd.org/D27027 Modified: head/sbin/sysctl/sysctl.c Modified: head/sbin/sysctl/sysctl.c == --- head/sbin/sysctl/sysctl.c Fri Oct 30 21:05:50 2020(r367187) +++ head/sbin/sysctl/sysctl.c Fri Oct 30 21:13:05 2020(r367188) @@ -344,13 +344,13 @@ parse_numeric(const char *newvalstr, const char *fmt, static int parse(const char *string, int lineno) { - int len, i, j; + int len, i, j, save_errno; const void *newval; char *newvalstr = NULL; void *newbuf; size_t newsize = Bflag; int mib[CTL_MAXNAME]; - char *cp, *bufp, buf[BUFSIZ], fmt[BUFSIZ], line[BUFSIZ]; + char *cp, *bufp, *buf, fmt[BUFSIZ], line[BUFSIZ]; u_int kind; if (lineno) @@ -365,11 +365,7 @@ parse(const char *string, int lineno) * Whitespace surrounding the delimiter is trimmed. * Quotes around the value are stripped. */ - cp = buf; - if (snprintf(buf, BUFSIZ, "%s", string) >= BUFSIZ) { - warnx("oid too long: '%s'%s", string, line); - return (1); - } + cp = buf = strdup(string); bufp = strsep(, "=:"); if (cp != NULL) { /* Tflag just lists tunables, do not allow assignment */ @@ -403,22 +399,24 @@ parse(const char *string, int lineno) */ len = name2oid(bufp, mib); if (len < 0) { - if (iflag) + if (iflag) { + free(buf); return (0); - if (qflag) - return (1); - else { + } + if (!qflag) { if (errno == ENOENT) { warnx("unknown oid '%s'%s", bufp, line); } else { warn("unknown oid '%s'%s", bufp, line); } - return (1); } + free(buf); + return (1); } if (oidfmt(mib, len, fmt, )) { warn("couldn't find format of oid '%s'%s", bufp, line); + free(buf); if (iflag) return (1); else @@ -430,6 +428,7 @@ parse(const char *string, int lineno) * show the node and its children. Otherwise, set the new value. */ if (newvalstr == NULL || dflag) { + free(buf); if ((kind & CTLTYPE) == CTLTYPE_NODE) { if (dflag) { i = show_var(mib, len, false); @@ -450,6 +449,7 @@ parse(const char *string, int lineno) */ if ((kind & CTLTYPE) == CTLTYPE_NODE) { warnx("oid '%s' isn't a leaf node%s", bufp, line); + free(buf); return (1); } @@ -459,6 +459,7 @@ parse(const char *string, int lineno) warnx("Tunable values are set in /boot/loader.conf"); } else warnx("oid '%s' is read only%s", bufp, line); + free(buf); return (1); } @@ -477,6 +478,7 @@ parse(const char *string, int lineno) case CTLTYPE_U64: if (strlen(newvalstr) == 0) { warnx("empty numeric value"); + free(buf); return (1); } /* FALLTHROUGH */ @@ -485,6 +487,7 @@ parse(const char *string, int lineno) default: warnx("oid '%s' is type %d, cannot set that%s", bufp, kind & CTLTYPE, line); + free(buf); return (1); } @@ -503,6 +506,7 @@ parse(const char *string, int lineno) warnx("invalid %s '%s'%s", ctl_typename[kind & CTLTYPE], cp, line); free(newbuf); + free(buf); return (1); } } @@ -515,10 +519,12 @@ parse(const char *string, int lineno) */ i = show_var(mib, len, false); if (sysctl(mib, len, 0, 0, newval, newsize) == -1) { + save_errno = errno; free(newbuf); + free(buf); if (!i && !bflag) putchar('\n'); - switch (errno) { +
svn commit: r367187 - head/sys/dev/mlx5/mlx5_en
Author: jhb Date: Fri Oct 30 21:05:50 2020 New Revision: 367187 URL: https://svnweb.freebsd.org/changeset/base/367187 Log: Remove IF_SND_TAG_TYPE_TLS_RATE_LIMIT conditionals. Support for TLS rate limit tags is now in the tree, so this macro is always defined. Reviewed by: hselasky Sponsored by: Netflix Differential Revision:https://reviews.freebsd.org/D27020 Modified: head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c head/sys/dev/mlx5/mlx5_en/mlx5_en_main.c head/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c Modified: head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c == --- head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c Fri Oct 30 20:02:32 2020 (r367186) +++ head/sys/dev/mlx5/mlx5_en/mlx5_en_hw_tls.c Fri Oct 30 21:05:50 2020 (r367187) @@ -380,7 +380,7 @@ mlx5e_tls_snd_tag_alloc(struct ifnet *ifp, memset(_params, 0, sizeof(rl_params)); rl_params.hdr = params->hdr; switch (params->hdr.type) { -#if defined(RATELIMIT) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef RATELIMIT case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: rl_params.hdr.type = IF_SND_TAG_TYPE_RATE_LIMIT; rl_params.rate_limit.max_rate = params->tls_rate_limit.max_rate; @@ -416,7 +416,7 @@ failure: int mlx5e_tls_snd_tag_modify(struct m_snd_tag *pmt, union if_snd_tag_modify_params *params) { -#if defined(RATELIMIT) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef RATELIMIT union if_snd_tag_modify_params rl_params; struct mlx5e_tls_tag *ptag = container_of(pmt, struct mlx5e_tls_tag, tag); @@ -424,7 +424,7 @@ mlx5e_tls_snd_tag_modify(struct m_snd_tag *pmt, union #endif switch (pmt->type) { -#if defined(RATELIMIT) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef RATELIMIT case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: memset(_params, 0, sizeof(rl_params)); rl_params.rate_limit.max_rate = params->tls_rate_limit.max_rate; @@ -445,7 +445,7 @@ mlx5e_tls_snd_tag_query(struct m_snd_tag *pmt, union i int error; switch (pmt->type) { -#if defined(RATELIMIT) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef RATELIMIT case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: #endif case IF_SND_TAG_TYPE_TLS: @@ -690,7 +690,7 @@ mlx5e_sq_tls_xmit(struct mlx5e_sq *sq, struct mlx5e_xm ptag = mb->m_pkthdr.snd_tag; if ( -#if defined(RATELIMIT) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef RATELIMIT ptag->type != IF_SND_TAG_TYPE_TLS_RATE_LIMIT && #endif ptag->type != IF_SND_TAG_TYPE_TLS) Modified: head/sys/dev/mlx5/mlx5_en/mlx5_en_main.c == --- head/sys/dev/mlx5/mlx5_en/mlx5_en_main.cFri Oct 30 20:02:32 2020 (r367186) +++ head/sys/dev/mlx5/mlx5_en/mlx5_en_main.cFri Oct 30 21:05:50 2020 (r367187) @@ -4126,7 +4126,7 @@ mlx5e_snd_tag_alloc(struct ifnet *ifp, #ifdef RATELIMIT case IF_SND_TAG_TYPE_RATE_LIMIT: return (mlx5e_rl_snd_tag_alloc(ifp, params, ppmt)); -#if defined(KERN_TLS) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef KERN_TLS case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: return (mlx5e_tls_snd_tag_alloc(ifp, params, ppmt)); #endif @@ -4150,7 +4150,7 @@ mlx5e_snd_tag_modify(struct m_snd_tag *pmt, union if_s #ifdef RATELIMIT case IF_SND_TAG_TYPE_RATE_LIMIT: return (mlx5e_rl_snd_tag_modify(pmt, params)); -#if defined(KERN_TLS) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef KERN_TLS case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: return (mlx5e_tls_snd_tag_modify(pmt, params)); #endif @@ -4172,7 +4172,7 @@ mlx5e_snd_tag_query(struct m_snd_tag *pmt, union if_sn #ifdef RATELIMIT case IF_SND_TAG_TYPE_RATE_LIMIT: return (mlx5e_rl_snd_tag_query(pmt, params)); -#if defined(KERN_TLS) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef KERN_TLS case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: return (mlx5e_tls_snd_tag_query(pmt, params)); #endif @@ -4241,7 +4241,7 @@ mlx5e_snd_tag_free(struct m_snd_tag *pmt) case IF_SND_TAG_TYPE_RATE_LIMIT: mlx5e_rl_snd_tag_free(pmt); break; -#if defined(KERN_TLS) && defined(IF_SND_TAG_TYPE_TLS_RATE_LIMIT) +#ifdef KERN_TLS case IF_SND_TAG_TYPE_TLS_RATE_LIMIT: mlx5e_tls_snd_tag_free(pmt); break; Modified: head/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c == --- head/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c Fri Oct 30 20:02:32 2020 (r367186) +++ head/sys/dev/mlx5/mlx5_en/mlx5_en_tx.c Fri Oct 30 21:05:50 2020 (r367187) @@ -104,7 +104,7 @@ top: sq = container_of(mb_tag, struct mlx5e_rl_channel, tag)->sq; break; -#if
Re: svn commit: r367185 - head/tests/sys/opencrypto
On 10/30/20 12:53 PM, Jung-uk Kim wrote: > Author: jkim > Date: Fri Oct 30 19:53:16 2020 > New Revision: 367185 > URL: https://svnweb.freebsd.org/changeset/base/367185 > > Log: > Add ossl(4) to cryptotest. Thanks! My bad for missing this. -- John Baldwin ___ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"