subject:"svn commit\: r358744 \- in head\: lib\/libsecureboot lib\/libsecureboot\/h lib\/libsecureboot\/tests share\/mk stand stand\/common stand\/efi\/loader stand\/efi\/loader\/arch\/i386 stand\/ficl stand\/i386\/libi386 s"

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

2020-03-09 Thread Simon J. Gerraty via svn-src-all

O. Hartmann  wrote:
> > To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
> [... deleted ...]
> 
> 
> buildworld seems to be broken on this commit:

Ah! I did a buildworld, but build the 4th version of loader.
Sorry, will fix.

> 
> [...]
> --- all_subdir_stand ---
> --- lstd.o ---
> /usr/src/stand/liblua/lstd.c:86:44: error: too few arguments to function call,
> expected 5, have 4 if (verify_file(fd, filename, 0, VE_GUESS) < 0) {
> ~~~  ^
> /usr/src/lib/libsecureboot/h/verify_file.h:50:1: note: 'verify_file' declared
> here int verify_file(int, const char *, off_t, int, const char *);
> ^
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

2020-03-09 Thread O. Hartmann

On Mon, 9 Mar 2020 07:05:46 +0100
"O. Hartmann"  wrote:

> On Sun, 8 Mar 2020 17:42:43 + (UTC)
> "Simon J. Gerraty"  wrote:
>
> > Author: sjg
> > Date: Sun Mar  8 17:42:42 2020
> > New Revision: 358744
> > URL: https://svnweb.freebsd.org/changeset/base/358744
> >
> > Log:
> >   veloader use vectx API for kernel and modules
> >
> >   The vectx API, computes the hash for verifying a file as it is read.
> >   This avoids the overhead of reading files twice - once to verify, then
> >   again to load.
> >
> >   For doing an install via loader, avoiding the need to rewind
> >   large files is critical.
> >
> >   This API is only used for modules, kernel and mdimage as these are the
> >   biggest files read by the loader.
> >   The reduction in boot time depends on how expensive the I/O is
> >   on any given platform.  On a fast VM we see 6% improvement.
> >
> >   For install via loader the first file to be verified is likely to be the
> >   kernel, so some of the prep work (finding manifest etc) done by
> >   verify_file() needs to be factored so it can be reused for
> >   vectx_open().
> >
> >   For missing or unrecognized fingerprint entries, we fail
> >   in vectx_open() unless verifying is disabled.
> >
> >   Otherwise fingerprint check happens in vectx_close() and
> >   since this API is only used for files which must be verified
> >   (VE_MUST) we panic if we get an incorrect hash.
> >
> >   Reviewed by:  imp,tsoome
> >   MFC after:1 week
> >   Sponsored by: Juniper Networks
> >   Differential Revision:https://reviews.freebsd.org//D23827
> >
> > Modified:
> >   head/lib/libsecureboot/h/libsecureboot.h
> >   head/lib/libsecureboot/h/verify_file.h
> >   head/lib/libsecureboot/tests/tvo.c
> >   head/lib/libsecureboot/vectx.c
> >   head/lib/libsecureboot/verify_file.c
> >   head/share/mk/src.opts.mk
> >   head/stand/common/bootstrap.h
> >   head/stand/common/interp_forth.c
> >   head/stand/common/interp_simple.c
> >   head/stand/common/load_elf.c
> >   head/stand/common/load_elf_obj.c
> >   head/stand/common/misc.c
> >   head/stand/common/module.c
> >   head/stand/efi/loader/arch/i386/i386_copy.c
> >   head/stand/efi/loader/copy.c
> >   head/stand/efi/loader/loader_efi.h
> >   head/stand/efi/loader/main.c
> >   head/stand/ficl/loader.c
> >   head/stand/i386/libi386/i386_copy.c
> >   head/stand/i386/libi386/libi386.h
> >   head/stand/i386/loader/chain.c
> >   head/stand/libofw/libofw.h
> >   head/stand/libofw/ofw_copy.c
> >   head/stand/loader.mk
> >   head/stand/mips/beri/loader/arch.c
> >   head/stand/powerpc/kboot/main.c
> >   head/stand/uboot/lib/copy.c
> >   head/stand/uboot/lib/libuboot.h
> >   head/stand/userboot/userboot/copy.c
> >   head/stand/userboot/userboot/libuserboot.h
> >
> > To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
> [... deleted ...]
>
>
> buildworld seems to be broken on this commit:
>
> [...]
> --- all_subdir_stand ---
> --- lstd.o ---
> /usr/src/stand/liblua/lstd.c:86:44: error: too few arguments to function call,
> expected 5, have 4 if (verify_file(fd, filename, 0, VE_GUESS) < 0) {
> ~~~  ^
> /usr/src/lib/libsecureboot/h/verify_file.h:50:1: note: 'verify_file' declared
> here int verify_file(int, const char *, off_t, int, const char *);
> ^
> 1 error generated.
> [...]
>
> Building host is CURRENT, FreeBSD 13.0-CURRENT #118 r358695: Fri Mar  6
> 12:48:00 CET 2020 amd64:
>
> kind regards,
>
> oh
> ___
> svn-src-h...@freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/svn-src-head
> To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"

The problem reported seems to occur when WITH_BEARSSL=YES is enabled in
/etc/src.conf.
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

2020-03-09 Thread O. Hartmann

On Sun, 8 Mar 2020 17:42:43 + (UTC)
"Simon J. Gerraty"  wrote:

> Author: sjg
> Date: Sun Mar  8 17:42:42 2020
> New Revision: 358744
> URL: https://svnweb.freebsd.org/changeset/base/358744
>
> Log:
>   veloader use vectx API for kernel and modules
>
>   The vectx API, computes the hash for verifying a file as it is read.
>   This avoids the overhead of reading files twice - once to verify, then
>   again to load.
>
>   For doing an install via loader, avoiding the need to rewind
>   large files is critical.
>
>   This API is only used for modules, kernel and mdimage as these are the
>   biggest files read by the loader.
>   The reduction in boot time depends on how expensive the I/O is
>   on any given platform.  On a fast VM we see 6% improvement.
>
>   For install via loader the first file to be verified is likely to be the
>   kernel, so some of the prep work (finding manifest etc) done by
>   verify_file() needs to be factored so it can be reused for
>   vectx_open().
>
>   For missing or unrecognized fingerprint entries, we fail
>   in vectx_open() unless verifying is disabled.
>
>   Otherwise fingerprint check happens in vectx_close() and
>   since this API is only used for files which must be verified
>   (VE_MUST) we panic if we get an incorrect hash.
>
>   Reviewed by:imp,tsoome
>   MFC after:  1 week
>   Sponsored by:   Juniper Networks
>   Differential Revision:  https://reviews.freebsd.org//D23827
>
> Modified:
>   head/lib/libsecureboot/h/libsecureboot.h
>   head/lib/libsecureboot/h/verify_file.h
>   head/lib/libsecureboot/tests/tvo.c
>   head/lib/libsecureboot/vectx.c
>   head/lib/libsecureboot/verify_file.c
>   head/share/mk/src.opts.mk
>   head/stand/common/bootstrap.h
>   head/stand/common/interp_forth.c
>   head/stand/common/interp_simple.c
>   head/stand/common/load_elf.c
>   head/stand/common/load_elf_obj.c
>   head/stand/common/misc.c
>   head/stand/common/module.c
>   head/stand/efi/loader/arch/i386/i386_copy.c
>   head/stand/efi/loader/copy.c
>   head/stand/efi/loader/loader_efi.h
>   head/stand/efi/loader/main.c
>   head/stand/ficl/loader.c
>   head/stand/i386/libi386/i386_copy.c
>   head/stand/i386/libi386/libi386.h
>   head/stand/i386/loader/chain.c
>   head/stand/libofw/libofw.h
>   head/stand/libofw/ofw_copy.c
>   head/stand/loader.mk
>   head/stand/mips/beri/loader/arch.c
>   head/stand/powerpc/kboot/main.c
>   head/stand/uboot/lib/copy.c
>   head/stand/uboot/lib/libuboot.h
>   head/stand/userboot/userboot/copy.c
>   head/stand/userboot/userboot/libuserboot.h
>
> To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
[... deleted ...]


buildworld seems to be broken on this commit:

[...]
--- all_subdir_stand ---
--- lstd.o ---
/usr/src/stand/liblua/lstd.c:86:44: error: too few arguments to function call,
expected 5, have 4 if (verify_file(fd, filename, 0, VE_GUESS) < 0) {
~~~  ^
/usr/src/lib/libsecureboot/h/verify_file.h:50:1: note: 'verify_file' declared
here int verify_file(int, const char *, off_t, int, const char *);
^
1 error generated.
[...]

Building host is CURRENT, FreeBSD 13.0-CURRENT #118 r358695: Fri Mar  6
12:48:00 CET 2020 amd64:

kind regards,

oh
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

2020-03-08 Thread Simon J. Gerraty via svn-src-all

Sorry, this header was in the diff I checked just before commit,
but somehow it got left behind.

Should be fixed now.
r358767

Ed Maste  wrote:

> On Sun, 8 Mar 2020 at 13:42, Simon J. Gerraty  wrote:
> >
> > Author: sjg
> > Date: Sun Mar  8 17:42:42 2020
> > New Revision: 358744
> > URL: 
> > https://urldefense.com/v3/__https://svnweb.freebsd.org/changeset/base/358744__;!!NEt6yMaO-gk!UN1BS-3MIiR9SzEXAP4CaXw9L8Y3jVsZwKB6fbjrjIiZGgrRXFp5uE0oPx-XgA$
> >  
> >
> > Log:
> >   veloader use vectx API for kernel and modules
> 
> CI reports the build is now broken:
> 18:12:46 --- geliboot.o ---
> 18:12:46 In file included from /usr/src/stand/libsa/geli/geliboot.c:33:
> 18:12:46 In file included from 
> /usr/src/stand/libsa/geli/geliboot_internal.h:43:
> 18:12:46 /usr/src/stand/common/bootstrap.h:36:10: fatal error:
> 'readin.h' file not found
> 18:12:46 #include "readin.h"
> 18:12:46  ^~
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

2020-03-08 Thread Ed Maste

On Sun, 8 Mar 2020 at 13:42, Simon J. Gerraty  wrote:
>
> Author: sjg
> Date: Sun Mar  8 17:42:42 2020
> New Revision: 358744
> URL: https://svnweb.freebsd.org/changeset/base/358744
>
> Log:
>   veloader use vectx API for kernel and modules

CI reports the build is now broken:
18:12:46 --- geliboot.o ---
18:12:46 In file included from /usr/src/stand/libsa/geli/geliboot.c:33:
18:12:46 In file included from /usr/src/stand/libsa/geli/geliboot_internal.h:43:
18:12:46 /usr/src/stand/common/bootstrap.h:36:10: fatal error:
'readin.h' file not found
18:12:46 #include "readin.h"
18:12:46  ^~
___
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

Re: svn commit: r358744 - in head: lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests share/mk stand stand/common stand/efi/loader stand/efi/loader/arch/i386 stand/ficl stand/i386/libi386 s

5 matches

Site Navigation

Mail list logo

Footer information