svn commit: r346346 - in head/stand/efi: include libefi
Author: imp Date: Thu Apr 18 05:40:50 2019 New Revision: 346346 URL: https://svnweb.freebsd.org/changeset/base/346346 Log: Add efi_delenv Add an interface to remove / delete UEFI variables. Modified: head/stand/efi/include/efilib.h head/stand/efi/libefi/efienv.c Modified: head/stand/efi/include/efilib.h == --- head/stand/efi/include/efilib.h Thu Apr 18 05:37:18 2019 (r346345) +++ head/stand/efi/include/efilib.h Thu Apr 18 05:40:50 2019 (r346346) @@ -122,6 +122,7 @@ void cpy16to8(const CHAR16 *, char *, size_t); * the loader setting / getting FreeBSD specific variables. */ +EFI_STATUS efi_delenv(EFI_GUID *guid, const char *varname); EFI_STATUS efi_freebsd_getenv(const char *v, void *data, __size_t *len); EFI_STATUS efi_getenv(EFI_GUID *g, const char *v, void *data, __size_t *len); EFI_STATUS efi_global_getenv(const char *v, void *data, __size_t *len); Modified: head/stand/efi/libefi/efienv.c == --- head/stand/efi/libefi/efienv.c Thu Apr 18 05:37:18 2019 (r346345) +++ head/stand/efi/libefi/efienv.c Thu Apr 18 05:40:50 2019 (r346346) @@ -103,3 +103,21 @@ efi_setenv_freebsd_wcs(const char *varname, CHAR16 *va return (rv); } +/* + * efi_delenv -- deletes the specified env variable + */ +EFI_STATUS +efi_delenv(EFI_GUID *guid, const char *name) +{ + CHAR16 *var; + size_t len; + EFI_STATUS rv; + + var = NULL; + if (utf8_to_ucs2(name, , ) != 0) + return (EFI_OUT_OF_RESOURCES); + + rv = RS->SetVariable(var, guid, 0, 0, NULL); + free(var); + return rv; +} ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346345 - in head/stand/efi: include libefi
Author: imp Date: Thu Apr 18 05:37:18 2019 New Revision: 346345 URL: https://svnweb.freebsd.org/changeset/base/346345 Log: Add a more generic efi_setenv function. efi_setenv allows any UEFI variable to be set. Modified: head/stand/efi/include/efilib.h head/stand/efi/libefi/efienv.c Modified: head/stand/efi/include/efilib.h == --- head/stand/efi/include/efilib.h Thu Apr 18 02:54:07 2019 (r346344) +++ head/stand/efi/include/efilib.h Thu Apr 18 05:37:18 2019 (r346345) @@ -125,6 +125,7 @@ void cpy16to8(const CHAR16 *, char *, size_t); EFI_STATUS efi_freebsd_getenv(const char *v, void *data, __size_t *len); EFI_STATUS efi_getenv(EFI_GUID *g, const char *v, void *data, __size_t *len); EFI_STATUS efi_global_getenv(const char *v, void *data, __size_t *len); +EFI_STATUS efi_setenv(EFI_GUID *guid, const char *varname, UINT32 attr, void *data, __size_t len); EFI_STATUS efi_setenv_freebsd_wcs(const char *varname, CHAR16 *valstr); /* guids and names */ Modified: head/stand/efi/libefi/efienv.c == --- head/stand/efi/libefi/efienv.c Thu Apr 18 02:54:07 2019 (r346344) +++ head/stand/efi/libefi/efienv.c Thu Apr 18 05:37:18 2019 (r346345) @@ -68,6 +68,25 @@ efi_freebsd_getenv(const char *v, void *data, size_t * return (efi_getenv(, v, data, len)); } +/* + * efi_setenv -- Sets an env variable. + */ +EFI_STATUS +efi_setenv(EFI_GUID *guid, const char *varname, UINT32 attr, void *data, __size_t len) +{ + EFI_STATUS rv; + CHAR16 *uv; + size_t ul; + + uv = NULL; + if (utf8_to_ucs2(varname, , ) != 0) + return (EFI_OUT_OF_RESOURCES); + + rv = RS->SetVariable(uv, guid, attr, len, data); + free(uv); + return (rv); +} + EFI_STATUS efi_setenv_freebsd_wcs(const char *varname, CHAR16 *valstr) { ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346341 - head/tools/build
In message , Ian Le pore writes: > On Wed, 2019-04-17 at 20:32 -0700, Cy Schubert wrote: > > In message <201904180107.x3i17qdc002...@gndrsh.dnsmgr.net>, "Rodney > > W. > > Grimes" > > writes: > > > > Author: cy > > > > Date: Thu Apr 18 01:02:00 2019 > > > > New Revision: 346341 > > > > URL: https://svnweb.freebsd.org/changeset/base/346341 > > > > > > > > Log: > > > > As an interim measure until a more permanent solution is > > > > implemented > > > > workaround the following error: > > > > > > > > /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: > > > > use of > > > > undeclared identifier > > > > 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , > > > > FA_OPEN); > > > > > > > > Reported by: O. Hartmann > > > > Reported by: Michael Butler > > > > Reported by: gjb@ & cy@ (implicit) > > > > Reviewed by: emaste@ > > > > Noted by: rgrimes@ > > > > > > > > Modified: > > > > head/tools/build/Makefile > > > > > > > > Modified: head/tools/build/Makefile > > > > = > > > > == > > > > > > === > > > > --- head/tools/build/Makefile Thu Apr 18 00:38:54 2019( > > > > r34634 > > > > > > 0) > > > > +++ head/tools/build/Makefile Thu Apr 18 01:02:00 2019( > > > > r34634 > > > > > > 1) > > > > @@ -59,9 +59,7 @@ INCS+=capsicum_helpers.h > > > > INCS+= libcasper.h > > > > .endif > > > > > > > > -.if !exists(/usr/include/casper/cap_fileargs.h) > > > > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/c > > > > ap_filea > > > > > > rgs.h > > > > -.endif > > > > > > As a further note, we should probably hunt for any thing > > > that is explicity looking at /usr/include/... in a Makefile, > > > as that is minimally missing a ${DESTDIR} argument. > > > > > > The above may of actually worked if it had been written: > > > .if !exists(${DESTDIR}/usr/include/casper/cap_fileargs.h) > > > someone may wish to test that. > > > > > > Also a pathname rooted at / without ${DESTDIR} is almost certainly > > > a mistake. > > > > This is a better solution. I tested this in a tree with a duplicated > > environment: Problem solved. Before this is committed it should be > > tested on one of the universe machines. > > > > > > I'm having a hard time understanding how adding $DESTDIR is any kind of > solution to something that happens at build time as opposed to install > time. I typically run buildworld/kernel without DESTDIR defined. $DESTDIR is also used as a destination for the temporary build directory $WORLDTMP, i.e. /usr/obj/${ARCH}/tmp, also known as $SYSROOT. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346341 - head/tools/build
On Wed, 2019-04-17 at 20:32 -0700, Cy Schubert wrote: > In message <201904180107.x3i17qdc002...@gndrsh.dnsmgr.net>, "Rodney > W. > Grimes" > writes: > > > Author: cy > > > Date: Thu Apr 18 01:02:00 2019 > > > New Revision: 346341 > > > URL: https://svnweb.freebsd.org/changeset/base/346341 > > > > > > Log: > > > As an interim measure until a more permanent solution is > > > implemented > > > workaround the following error: > > > > > > /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: > > > use of > > > undeclared identifier > > > 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , > > > FA_OPEN); > > > > > > Reported by:O. Hartmann > > > Reported by:Michael Butler > > > Reported by:gjb@ & cy@ (implicit) > > > Reviewed by:emaste@ > > > Noted by: rgrimes@ > > > > > > Modified: > > > head/tools/build/Makefile > > > > > > Modified: head/tools/build/Makefile > > > = > > > == > > > > === > > > --- head/tools/build/Makefile Thu Apr 18 00:38:54 2019( > > > r34634 > > > > 0) > > > +++ head/tools/build/Makefile Thu Apr 18 01:02:00 2019( > > > r34634 > > > > 1) > > > @@ -59,9 +59,7 @@ INCS+= capsicum_helpers.h > > > INCS+= libcasper.h > > > .endif > > > > > > -.if !exists(/usr/include/casper/cap_fileargs.h) > > > CASPERINC+= ${SRCTOP}/lib/libcasper/services/cap_fileargs/c > > > ap_filea > > > > rgs.h > > > -.endif > > > > As a further note, we should probably hunt for any thing > > that is explicity looking at /usr/include/... in a Makefile, > > as that is minimally missing a ${DESTDIR} argument. > > > > The above may of actually worked if it had been written: > > .if !exists(${DESTDIR}/usr/include/casper/cap_fileargs.h) > > someone may wish to test that. > > > > Also a pathname rooted at / without ${DESTDIR} is almost certainly > > a mistake. > > This is a better solution. I tested this in a tree with a duplicated > environment: Problem solved. Before this is committed it should be > tested on one of the universe machines. > > I'm having a hard time understanding how adding $DESTDIR is any kind of solution to something that happens at build time as opposed to install time. I typically run buildworld/kernel without DESTDIR defined. -- Ian ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346341 - head/tools/build
In message <201904180107.x3i17qdc002...@gndrsh.dnsmgr.net>, "Rodney W. Grimes" writes: > > Author: cy > > Date: Thu Apr 18 01:02:00 2019 > > New Revision: 346341 > > URL: https://svnweb.freebsd.org/changeset/base/346341 > > > > Log: > > As an interim measure until a more permanent solution is implemented > > workaround the following error: > > > > /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: use of > > undeclared identifier > > 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > > > > Reported by: O. Hartmann > > Reported by: Michael Butler > > Reported by: gjb@ & cy@ (implicit) > > Reviewed by: emaste@ > > Noted by: rgrimes@ > > > > Modified: > > head/tools/build/Makefile > > > > Modified: head/tools/build/Makefile > > === > === > > --- head/tools/build/Makefile Thu Apr 18 00:38:54 2019(r34634 > 0) > > +++ head/tools/build/Makefile Thu Apr 18 01:02:00 2019(r34634 > 1) > > @@ -59,9 +59,7 @@ INCS+=capsicum_helpers.h > > INCS+= libcasper.h > > .endif > > > > -.if !exists(/usr/include/casper/cap_fileargs.h) > > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_filea > rgs.h > > -.endif > > As a further note, we should probably hunt for any thing > that is explicity looking at /usr/include/... in a Makefile, > as that is minimally missing a ${DESTDIR} argument. > > The above may of actually worked if it had been written: > .if !exists(${DESTDIR}/usr/include/casper/cap_fileargs.h) > someone may wish to test that. > > Also a pathname rooted at / without ${DESTDIR} is almost certainly a mistake. This is a better solution. I tested this in a tree with a duplicated environment: Problem solved. Before this is committed it should be tested on one of the universe machines. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346295 - in head/sys: arm/allwinner arm/altera/socfpga arm/amlogic/aml8726 arm/annapurna/alpine arm/broadcom/bcm2835 arm/freescale/imx arm/freescale/vybrid arm/mv arm/nvidia/tegra124
On Wed, Apr 17, 2019 at 12:06 PM Andrew Turner wrote: > > > On 17 Apr 2019, at 17:52, Ian Lepore wrote: > > On Wed, 2019-04-17 at 11:23 +0200, Andrew Turner wrote: > > On 16 Apr 2019, at 22:04, Emmanuel Vadot wrote: > > Author: manu > Date: Tue Apr 16 20:04:22 2019 > New Revision: 346295 > URL: https://svnweb.freebsd.org/changeset/base/346295 > > Log: > arm: Add kern_clocksource.c directly in files.arm > > This files is needed and included in all our config so move it to > a common > location. > > MFC after: 2 weeks > > > ... > > Modified: head/sys/conf/files.arm > === > === > --- head/sys/conf/files.arm Tue Apr 16 19:46:02 2019 (r346294) > +++ head/sys/conf/files.arm Tue Apr 16 20:04:22 2019 (r346295) > @@ -11,6 +11,9 @@ cloudabi32_vdso_blob.o optional com > pat_cloudabi32 \ > no-implicit-rule \ > clean "cloudabi32_vdso_blob.o" > # > + > +kern/kern_clocksource.c standard > > > Could this be moved from the various files.* to files? It seems we > define it as standard on all architectures. > > > > I thought mips still had some variants that didn't implement event > timers. That's why this stuff was ever in arch-specific files, arm and > mips had some flavors without ET support. > > > I think it used to be the case on arm. A grep seems to think it’s enabled > on all architectures now: > > grep kern_clocksource files.* > files.amd64:kern/kern_clocksource.c standard > files.arm:kern/kern_clocksource.c standard > files.arm64:kern/kern_clocksource.c standard > files.i386:kern/kern_clocksource.c standard > files.mips:kern/kern_clocksource.c standard > files.powerpc:kern/kern_clocksource.c standard > files.riscv:kern/kern_clocksource.c standard > files.sparc64:kern/kern_clocksource.c standard > Looks like it can be hoisted and required for all new architectures. Warner ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
On Wed, 17 Apr 2019 at 21:17, Cy Schubert wrote: > > This only tests for the FA_OPEN. It will miss any new macro definitions > should there be any at some point in the future. Yes, this should be replaced with a more holistic approach to addressing includes. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
In message , Ed Maste writes: > On Wed, 17 Apr 2019 at 20:50, Ed Maste wrote: > > > > On Wed, 17 Apr 2019 at 15:42, Cy Schubert wrote > : > > > > > > -.if !exists(/usr/include/casper/cap_fileargs.h) > > > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_filearg > s. > > > h > > > -.endif > > > > Yes I think this change is correct as an immediate workaround for this > > issue (until we sort out header bootstrapping in a more holistic way). > > Please commit it, or I will if you don't get to it soon. > > Or maybe this, similar to the existing tests in tools/build/Makefile: > > Index: tools/build/Makefile > === > --- tools/build/Makefile(revision 346340) > +++ tools/build/Makefile(working copy) > @@ -59,7 +59,10 @@ > INCS+= libcasper.h > .endif > > -.if !exists(/usr/include/casper/cap_fileargs.h) > +.if exists(/usr/include/casper/cap_fileargs.h) > +_WITH_FA_OPEN!= grep -c FA_OPEN /usr/include/casper/cap_fileargs.h || true > +.endif > +.if !defined(_WITH_FA_OPEN) || ${_WITH_FA_OPEN} == 0 > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs.h > .endif This only tests for the FA_OPEN. It will miss any new macro definitions should there be any at some point in the future. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
On Wed, 17 Apr 2019 at 20:50, Ed Maste wrote: > > On Wed, 17 Apr 2019 at 15:42, Cy Schubert wrote: > > > > -.if !exists(/usr/include/casper/cap_fileargs.h) > > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs. > > h > > -.endif > > Yes I think this change is correct as an immediate workaround for this > issue (until we sort out header bootstrapping in a more holistic way). > Please commit it, or I will if you don't get to it soon. Or maybe this, similar to the existing tests in tools/build/Makefile: Index: tools/build/Makefile === --- tools/build/Makefile(revision 346340) +++ tools/build/Makefile(working copy) @@ -59,7 +59,10 @@ INCS+= libcasper.h .endif -.if !exists(/usr/include/casper/cap_fileargs.h) +.if exists(/usr/include/casper/cap_fileargs.h) +_WITH_FA_OPEN!= grep -c FA_OPEN /usr/include/casper/cap_fileargs.h || true +.endif +.if !defined(_WITH_FA_OPEN) || ${_WITH_FA_OPEN} == 0 CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs.h .endif ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346341 - head/tools/build
> Author: cy > Date: Thu Apr 18 01:02:00 2019 > New Revision: 346341 > URL: https://svnweb.freebsd.org/changeset/base/346341 > > Log: > As an interim measure until a more permanent solution is implemented > workaround the following error: > > /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: use of > undeclared identifier > 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > > Reported by:O. Hartmann > Reported by:Michael Butler > Reported by:gjb@ & cy@ (implicit) > Reviewed by:emaste@ > Noted by: rgrimes@ > > Modified: > head/tools/build/Makefile > > Modified: head/tools/build/Makefile > == > --- head/tools/build/Makefile Thu Apr 18 00:38:54 2019(r346340) > +++ head/tools/build/Makefile Thu Apr 18 01:02:00 2019(r346341) > @@ -59,9 +59,7 @@ INCS+= capsicum_helpers.h > INCS+= libcasper.h > .endif > > -.if !exists(/usr/include/casper/cap_fileargs.h) > CASPERINC+= ${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs.h > -.endif As a further note, we should probably hunt for any thing that is explicity looking at /usr/include/... in a Makefile, as that is minimally missing a ${DESTDIR} argument. The above may of actually worked if it had been written: .if !exists(${DESTDIR}/usr/include/casper/cap_fileargs.h) someone may wish to test that. Also a pathname rooted at / without ${DESTDIR} is almost certainly a mistake. > .if empty(SRCS) > SRCS=dummy.c -- Rod Grimes rgri...@freebsd.org ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
In message , Ed Maste writes: > On Wed, 17 Apr 2019 at 15:42, Cy Schubert wrote: > > > > -.if !exists(/usr/include/casper/cap_fileargs.h) > > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs. > > h > > -.endif > > Yes I think this change is correct as an immediate workaround for this > issue (until we sort out header bootstrapping in a more holistic way). > Please commit it, or I will if you don't get to it soon. Committed. -- Cheers, Cy Schubert FreeBSD UNIX: Web: http://www.FreeBSD.org The need of the many outweighs the greed of the few. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346341 - head/tools/build
Author: cy Date: Thu Apr 18 01:02:00 2019 New Revision: 346341 URL: https://svnweb.freebsd.org/changeset/base/346341 Log: As an interim measure until a more permanent solution is implemented workaround the following error: /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: use of undeclared identifier 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); Reported by: O. Hartmann Reported by: Michael Butler Reported by: gjb@ & cy@ (implicit) Reviewed by: emaste@ Noted by: rgrimes@ Modified: head/tools/build/Makefile Modified: head/tools/build/Makefile == --- head/tools/build/Makefile Thu Apr 18 00:38:54 2019(r346340) +++ head/tools/build/Makefile Thu Apr 18 01:02:00 2019(r346341) @@ -59,9 +59,7 @@ INCS+=capsicum_helpers.h INCS+= libcasper.h .endif -.if !exists(/usr/include/casper/cap_fileargs.h) CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs.h -.endif .if empty(SRCS) SRCS= dummy.c ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
On Wed, 17 Apr 2019 at 15:42, Cy Schubert wrote: > > -.if !exists(/usr/include/casper/cap_fileargs.h) > CASPERINC+=${SRCTOP}/lib/libcasper/services/cap_fileargs/cap_fileargs. > h > -.endif Yes I think this change is correct as an immediate workaround for this issue (until we sort out header bootstrapping in a more holistic way). Please commit it, or I will if you don't get to it soon. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
> In message <20190417195145.6824c...@thor.intern.walstatt.dynvpn.de>, > "O. Hartma > nn" writes: > > -BEGIN PGP SIGNED MESSAGE- > > Hash: SHA256 > > > > Am Wed, 17 Apr 2019 16:18:14 + (UTC) > > Ed Maste schrieb: > > > > > Author: emaste > > > Date: Wed Apr 17 16:18:14 2019 > > > New Revision: 346316 > > > URL: https://svnweb.freebsd.org/changeset/base/346316 > > > > > > Log: > > > cap_fileargs: chase r346315, update fileargs_init in consumers > > > > > > Reported by:ci.freebsd.org (8 times so far) > > > MFC after: 3 weeks > > > MFC with: r346315 > > > Sponsored by: The FreeBSD Foundation > > > > > > Modified: > > > head/contrib/elftoolchain/strings/strings.c > > > head/sbin/savecore/savecore.c > > > head/usr.bin/brandelf/brandelf.c > > > head/usr.bin/head/head.c > > > head/usr.bin/wc/wc.c > > > > > > Modified: head/contrib/elftoolchain/strings/strings.c > > > === > > === > > > --- head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:02:57 201 > > 9 > > > (r346315) +++ head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:1 > > 8:14 > > > 2019 (r346316) @@ -195,7 +195,7 @@ main(int argc, char **argv) > > > argv += optind; > > > > > > cap_rights_init(, CAP_READ, CAP_SEEK, CAP_FSTAT, CAP_FCNTL); > > > - fa = fileargs_init(argc, argv, O_RDONLY, 0, ); > > > + fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > > > if (fa == NULL) > > > err(1, "Unable to initialize casper fileargs"); > > > > > > > > > Modified: head/sbin/savecore/savecore.c > > > === > > === > > > --- head/sbin/savecore/savecore.c Wed Apr 17 16:02:57 2019(r34631 > > 5) > > > +++ head/sbin/savecore/savecore.c Wed Apr 17 16:18:14 2019(r34631 > > 6) > > > @@ -1030,7 +1030,7 @@ init_caps(int argc, char **argv) > > >*/ > > > (void)cap_rights_init(, CAP_PREAD, CAP_WRITE, CAP_IOCTL); > > > capfa = fileargs_init(argc, argv, checkfor || keep ? O_RDONLY : O_RDWR, > > > - 0, ); > > > + 0, , FA_OPEN); > > > if (capfa == NULL) { > > > logmsg(LOG_ERR, "fileargs_init(): %m"); > > > exit(1); > > > > > > Modified: head/usr.bin/brandelf/brandelf.c > > > === > > === > > > --- head/usr.bin/brandelf/brandelf.c Wed Apr 17 16:02:57 2019 > > (r346315) > > > +++ head/usr.bin/brandelf/brandelf.c Wed Apr 17 16:18:14 2019 > > (r346316) > > > @@ -133,7 +133,7 @@ main(int argc, char **argv) > > > if (flags == O_RDWR) > > > cap_rights_set(, CAP_WRITE); > > > > > > - fa = fileargs_init(argc, argv, flags, 0, ); > > > + fa = fileargs_init(argc, argv, flags, 0, , FA_OPEN); > > > if (fa == NULL) > > > errx(1, "unable to init casper"); > > > > > > > > > Modified: head/usr.bin/head/head.c > > > === > > === > > > --- head/usr.bin/head/head.c Wed Apr 17 16:02:57 2019(r34631 > > 5) > > > +++ head/usr.bin/head/head.c Wed Apr 17 16:18:14 2019(r34631 > > 6) > > > @@ -115,7 +115,7 @@ main(int argc, char *argv[]) > > > argv += optind; > > > > > > fa = fileargs_init(argc, argv, O_RDONLY, 0, > > > - cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL)); > > > + cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL), FA_OPEN); > > > if (fa == NULL) > > > errx(1, "unable to init casper"); > > > > > > > > > Modified: head/usr.bin/wc/wc.c > > > === > > === > > > --- head/usr.bin/wc/wc.c Wed Apr 17 16:02:57 2019(r346315) > > > +++ head/usr.bin/wc/wc.c Wed Apr 17 16:18:14 2019(r346316) > > > @@ -133,7 +133,7 @@ main(int argc, char *argv[]) > > > (void)signal(SIGINFO, siginfo_handler); > > > > > > fa = fileargs_init(argc, argv, O_RDONLY, 0, > > > - cap_rights_init(, CAP_READ, CAP_FSTAT)); > > > + cap_rights_init(, CAP_READ, CAP_FSTAT), FA_OPEN); > > > if (fa == NULL) { > > > xo_warn("Unable to init casper"); > > > exit(1); > > > ___ > > > svn-src-head@freebsd.org mailing list > > > https://lists.freebsd.org/mailman/listinfo/svn-src-head > > > To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org" > > > > This commit seems to break buildworld on my installations: > > > > [...] > > Building > > /usr/obj/usr/src/amd64.amd64/tmp/obj-tools/usr.bin/strings/strings.o > > - --- strings.o --- > > /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: use of > > undecla > > red identifier > > 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > > ^ > > 1 error generated. > > *** [strings.o] Error code 1 > > Try
Re: svn commit: r346319 - head/sys/netpfil/pf
On 17 Apr 2019, at 22:17, Gleb Smirnoff wrote: Kristof, On Wed, Apr 17, 2019 at 04:42:54PM +, Kristof Provost wrote: K> Modified: head/sys/netpfil/pf/pf_ioctl.c K> == K> --- head/sys/netpfil/pf/pf_ioctl.c Wed Apr 17 16:31:30 2019 (r346318) K> +++ head/sys/netpfil/pf/pf_ioctl.c Wed Apr 17 16:42:54 2019 (r346319) K> @@ -3103,24 +3103,24 @@ DIOCCHANGEADDR_error: K> break; K> } K> K> - PF_RULES_WLOCK(); K> + PF_RULES_RLOCK(); K> n = pfr_table_count(>pfrio_table, io->pfrio_flags); K> io->pfrio_size = min(io->pfrio_size, n); K> + PF_RULES_RUNLOCK(); K> K> totlen = io->pfrio_size * sizeof(struct pfr_table); K> pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table), K> M_TEMP, M_NOWAIT); K> if (pfrts == NULL) { K> error = ENOMEM; K> - PF_RULES_WUNLOCK(); K> break; K> } K> error = copyin(io->pfrio_buffer, pfrts, totlen); K> if (error) { K> free(pfrts, M_TEMP); K> - PF_RULES_WUNLOCK(); K> break; K> } K> + PF_RULES_WLOCK(); K> error = pfr_set_tflags(pfrts, io->pfrio_size, K> io->pfrio_setflag, io->pfrio_clrflag, >pfrio_nchange, K> >pfrio_ndel, io->pfrio_flags | PFR_FLAG_USERIOCTL); Couple comments: 1) Now we can malloc with M_WAITOK. That’s a good point. I’ll see about changing that tomorrow. 2) Are we sure that table count won't change while we dropped the lock? No, the table count can indeed change while we’re unlocked. It doesn’t really matter though. The initial count only serves to limit the memory allocation to something sane. pfr_set_tflags() still does appropriate checks. It’s always been possible for the table count to change between user space preparing its request and it being handled in the kernel, so that was always a possibility. Regards, Kristof ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346334 - head/sys/arm/allwinner
Author: manu Date: Wed Apr 17 21:45:19 2019 New Revision: 346334 URL: https://svnweb.freebsd.org/changeset/base/346334 Log: arm: allwinner: Fix audio for Allwinner H3/H5 Due to three conditions the codec driver for Allwinner A10/A20 and H3/H5 did not work properly here: Wrong bit position for the analog audio reset Hardware Reset of codec was not de-asserted correctly Linux DTS file did not contain the address of the analog register the way as the driver was expecting it. This patch proposes fixes for those three parts. Submitted by: freebsdnew...@freenet.de (Manuel Stühn) MFC after:1 month Differential Revision:https://reviews.freebsd.org/D19910 Modified: head/sys/arm/allwinner/a10_codec.c Modified: head/sys/arm/allwinner/a10_codec.c == --- head/sys/arm/allwinner/a10_codec.c Wed Apr 17 20:16:48 2019 (r346333) +++ head/sys/arm/allwinner/a10_codec.c Wed Apr 17 21:45:19 2019 (r346334) @@ -164,7 +164,7 @@ struct a10codec_chinfo { struct a10codec_info { device_tdev; - struct resource *res[3]; + struct resource *res[2]; struct mtx *lock; bus_dma_tag_t dmat; unsigneddmasize; @@ -178,11 +178,12 @@ struct a10codec_info { static struct resource_spec a10codec_spec[] = { { SYS_RES_MEMORY, 0, RF_ACTIVE }, - { SYS_RES_MEMORY, 1, RF_ACTIVE | RF_OPTIONAL }, - { SYS_RES_IRQ, 0, RF_ACTIVE }, { -1, 0 } }; +#defineCODEC_ANALOG_READ(sc, reg) bus_read_4((sc)->res[1], (reg)) +#defineCODEC_ANALOG_WRITE(sc, reg, val) bus_write_4((sc)->res[1], (reg), (val)) + #defineCODEC_READ(sc, reg) bus_read_4((sc)->res[0], (reg)) #defineCODEC_WRITE(sc, reg, val) bus_write_4((sc)->res[0], (reg), (val)) @@ -372,7 +373,7 @@ MIXER_DECLARE(a10_mixer); */ #defineH3_PR_CFG 0x00 -#define H3_AC_PR_RST (1 << 18) +#define H3_AC_PR_RST (1 << 28) #define H3_AC_PR_RW(1 << 24) #define H3_AC_PR_ADDR_SHIFT16 #define H3_AC_PR_ADDR_MASK (0x1f << H3_AC_PR_ADDR_SHIFT) @@ -424,23 +425,23 @@ h3_pr_read(struct a10codec_info *sc, u_int addr) uint32_t val; /* Read current value */ - val = bus_read_4(sc->res[1], H3_PR_CFG); + val = CODEC_ANALOG_READ(sc, H3_PR_CFG); /* De-assert reset */ val |= H3_AC_PR_RST; - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); /* Read mode */ val &= ~H3_AC_PR_RW; - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); /* Set address */ val &= ~H3_AC_PR_ADDR_MASK; val |= (addr << H3_AC_PR_ADDR_SHIFT); - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); /* Read data */ - return (bus_read_4(sc->res[1], H3_PR_CFG) & H3_ACDA_PR_RDAT_MASK); + return (CODEC_ANALOG_READ(sc , H3_PR_CFG) & H3_ACDA_PR_RDAT_MASK); } static void @@ -449,25 +450,25 @@ h3_pr_write(struct a10codec_info *sc, u_int addr, u_in uint32_t val; /* Read current value */ - val = bus_read_4(sc->res[1], H3_PR_CFG); + val = CODEC_ANALOG_READ(sc, H3_PR_CFG); /* De-assert reset */ val |= H3_AC_PR_RST; - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); /* Set address */ val &= ~H3_AC_PR_ADDR_MASK; val |= (addr << H3_AC_PR_ADDR_SHIFT); - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); /* Write data */ val &= ~H3_ACDA_PR_WDAT_MASK; val |= (data << H3_ACDA_PR_WDAT_SHIFT); - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); /* Write mode */ val |= H3_AC_PR_RW; - bus_write_4(sc->res[1], H3_PR_CFG, val); + CODEC_ANALOG_WRITE(sc, H3_PR_CFG, val); } static void @@ -483,8 +484,28 @@ h3_pr_set_clear(struct a10codec_info *sc, u_int addr, static int h3_mixer_init(struct snd_mixer *m) { + int rid=1; + pcell_t reg[2]; + phandle_t analogref; struct a10codec_info *sc = mix_getdevinfo(m); + if (OF_getencprop(ofw_bus_get_node(sc->dev), "allwinner,codec-analog-controls", + , sizeof(analogref)) <= 0) { + return (ENXIO); + } + + if (OF_getencprop(OF_node_from_xref(analogref), "reg", + reg, sizeof(reg)) <= 0) { + return (ENXIO); + } + + sc->res[1] = bus_alloc_resource(sc->dev, SYS_RES_MEMORY, , reg[0], + reg[0]+reg[1], reg[1], RF_ACTIVE ); + + if
Re: svn commit: r346319 - head/sys/netpfil/pf
Kristof, On Wed, Apr 17, 2019 at 04:42:54PM +, Kristof Provost wrote: K> Modified: head/sys/netpfil/pf/pf_ioctl.c K> == K> --- head/sys/netpfil/pf/pf_ioctl.c Wed Apr 17 16:31:30 2019 (r346318) K> +++ head/sys/netpfil/pf/pf_ioctl.c Wed Apr 17 16:42:54 2019 (r346319) K> @@ -3103,24 +3103,24 @@ DIOCCHANGEADDR_error: K> break; K> } K> K> -PF_RULES_WLOCK(); K> +PF_RULES_RLOCK(); K> n = pfr_table_count(>pfrio_table, io->pfrio_flags); K> io->pfrio_size = min(io->pfrio_size, n); K> +PF_RULES_RUNLOCK(); K> K> totlen = io->pfrio_size * sizeof(struct pfr_table); K> pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table), K> M_TEMP, M_NOWAIT); K> if (pfrts == NULL) { K> error = ENOMEM; K> -PF_RULES_WUNLOCK(); K> break; K> } K> error = copyin(io->pfrio_buffer, pfrts, totlen); K> if (error) { K> free(pfrts, M_TEMP); K> -PF_RULES_WUNLOCK(); K> break; K> } K> +PF_RULES_WLOCK(); K> error = pfr_set_tflags(pfrts, io->pfrio_size, K> io->pfrio_setflag, io->pfrio_clrflag, >pfrio_nchange, K> >pfrio_ndel, io->pfrio_flags | PFR_FLAG_USERIOCTL); Couple comments: 1) Now we can malloc with M_WAITOK. 2) Are we sure that table count won't change while we dropped the lock? -- Gleb Smirnoff ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346332 - in head: share/man/man9 sys/conf sys/dev/ofw
Author: manu Date: Wed Apr 17 20:09:01 2019 New Revision: 346332 URL: https://svnweb.freebsd.org/changeset/base/346332 Log: ofw_graph: Add functions for graph bindings Those functions are helpers to work on graph bindings. graphs are mostly use with video related devices. See https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/devicetree/bindings/graph.txt?id=4436a3711e3249840e0679e92d3c951bcaf25515 MFC after:1 month Differential Revision:https://reviews.freebsd.org/D19877 Added: head/share/man/man9/ofw_graph.9 (contents, props changed) head/sys/dev/ofw/ofw_graph.c (contents, props changed) head/sys/dev/ofw/ofw_graph.h (contents, props changed) Modified: head/sys/conf/files Added: head/share/man/man9/ofw_graph.9 == --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/share/man/man9/ofw_graph.9 Wed Apr 17 20:09:01 2019 (r346332) @@ -0,0 +1,106 @@ +.\" Copyright (c) 2019 Emmanuel Vadot +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\"notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\"notice, this list of conditions and the following disclaimer in the +.\"documentation and/or other materials provided with the distribution. +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE DEVELOPERS ``AS IS'' AND ANY EXPRESS OR +.\" IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES +.\" OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. +.\" IN NO EVENT SHALL THE DEVELOPERS BE LIABLE FOR ANY DIRECT, INDIRECT, +.\" INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +.\" DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +.\" THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF +.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $FreeBSD$ +.\" +.Dd April 10, 2019 +.Dt ofw_graph 9 +.Os +.Sh NAME +.Nm ofw_graph , +.Nm ofw_graph_get_port_by_idx , +.Nm ofw_graph_port_get_num_endpoints , +.Nm ofw_graph_get_endpoint_by_idx , +.Nm ofw_graph_get_remote_endpoint , +.Nm ofw_graph_get_remote_parent , +.Nm ofw_graph_get_device_by_port_ep , +.Nd Helpers for the graph bindings +.Sh SYNOPSIS +.In dev/ofw/openfirm.h +.In dev/ofw/ofw_graph.h +.Ft phandle_t +.Fn ofw_graph_get_port_by_idx "phandle_t node" "uint32_t idx" +.Ft size_t +.Fn ofw_graph_port_get_num_endpoints "phandle_t port" +.Ft phandle_t +.Fn ofw_graph_get_endpoint_by_idx "phandle_t port" "uint32_t idx" +.Ft phandle_t +.Fn ofw_graph_get_remote_endpoint "phandle_t endpoint" +.Ft phandle_t +.Fn ofw_graph_get_remote_parent "phandle_t remote" +.Ft device_t +.Fn ofw_graph_get_device_by_port_ep "phandle_t node" "uint32_t port_id" "uin32_t ep_id" +.Sh DESCRIPTION +.Pp +The ofw_graph functions are helpers to parse the DTS graph bindings +.Pp +.Fn ofw_graph_get_port_by_idx +return the port with id +.Fa idx . +It will first check node named +.Fa port@idx +and then fallback on checking the +.Fa ports +child for a child node matching the id. If no ports matching +.Fa idx +is found the function return 0. +.Pp +.Fn ofw_graph_port_get_num_endpoints +returns the number of endpoints a port node have. +.Pp +.Fn ofw_graph_get_endpoint_by_idx +return the endpoint with id +.Fa idx . +It will first check if there is a single child named +.Fa endpoint +and returns it if there is. If there is multiple endpoints it will check +the +.Fa reg +property and returns the correct +.Fa phandle_t +or 0 if none match. +.Pp +.Fn ofw_graph_get_remote_endpoint +returns the +.Fa remote-endpoint +property if it exists or 0. +.Pp +.Fn ofw_graph_get_remote_parent +returns the device node corresponding to the +.Fa remote-endpoint +phandle or 0 if none. +.Fn ofw_graph_get_device_by_port_ep +returns the device associated with the port and endpoint or +.Fa NULL +if none. The device driver should have called +.Fn OF_device_register_xref +before. +.Fn +.Sh HISTORY +The +.Nm ofw_graph +functions first appeared in +.Fx 13.0 . +The +.Nm ofw_graph +functions and manual page were written by +.An Emmanuel Vadot Aq Mt m...@freebsd.org . Modified: head/sys/conf/files == --- head/sys/conf/files Wed Apr 17 20:08:01 2019(r346331) +++ head/sys/conf/files Wed Apr 17 20:09:01 2019(r346332) @@ -2536,6 +2536,7 @@ dev/ofw/ofw_bus_subr.coptional fdt dev/ofw/ofw_cpu.c optional
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On Mon, Apr 15, 2019 at 11:40 AM Conrad Meyer wrote: > > Author: cem > Date: Mon Apr 15 18:40:36 2019 > New Revision: 346250 > URL: https://svnweb.freebsd.org/changeset/base/346250 > > Log: > random(4): Block read_random(9) on initial seeding Hi, For anyone interested in a change to restore the previous behavior (optionally, but on by default for now), please see https://reviews.freebsd.org/D19944 . Thanks, Conrad ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
In message <20190417195145.6824c...@thor.intern.walstatt.dynvpn.de>, "O. Hartma nn" writes: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Am Wed, 17 Apr 2019 16:18:14 + (UTC) > Ed Maste schrieb: > > > Author: emaste > > Date: Wed Apr 17 16:18:14 2019 > > New Revision: 346316 > > URL: https://svnweb.freebsd.org/changeset/base/346316 > > > > Log: > > cap_fileargs: chase r346315, update fileargs_init in consumers > > > > Reported by: ci.freebsd.org (8 times so far) > > MFC after:3 weeks > > MFC with: r346315 > > Sponsored by: The FreeBSD Foundation > > > > Modified: > > head/contrib/elftoolchain/strings/strings.c > > head/sbin/savecore/savecore.c > > head/usr.bin/brandelf/brandelf.c > > head/usr.bin/head/head.c > > head/usr.bin/wc/wc.c > > > > Modified: head/contrib/elftoolchain/strings/strings.c > > === > === > > --- head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:02:57 201 > 9 > > (r346315) +++ head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:1 > 8:14 > > 2019(r346316) @@ -195,7 +195,7 @@ main(int argc, char **argv) > > argv += optind; > > > > cap_rights_init(, CAP_READ, CAP_SEEK, CAP_FSTAT, CAP_FCNTL); > > - fa = fileargs_init(argc, argv, O_RDONLY, 0, ); > > + fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > > if (fa == NULL) > > err(1, "Unable to initialize casper fileargs"); > > > > > > Modified: head/sbin/savecore/savecore.c > > === > === > > --- head/sbin/savecore/savecore.c Wed Apr 17 16:02:57 2019(r34631 > 5) > > +++ head/sbin/savecore/savecore.c Wed Apr 17 16:18:14 2019(r34631 > 6) > > @@ -1030,7 +1030,7 @@ init_caps(int argc, char **argv) > > */ > > (void)cap_rights_init(, CAP_PREAD, CAP_WRITE, CAP_IOCTL); > > capfa = fileargs_init(argc, argv, checkfor || keep ? O_RDONLY : O_RDWR, > > - 0, ); > > + 0, , FA_OPEN); > > if (capfa == NULL) { > > logmsg(LOG_ERR, "fileargs_init(): %m"); > > exit(1); > > > > Modified: head/usr.bin/brandelf/brandelf.c > > === > === > > --- head/usr.bin/brandelf/brandelf.cWed Apr 17 16:02:57 2019 > (r346315) > > +++ head/usr.bin/brandelf/brandelf.cWed Apr 17 16:18:14 2019 > (r346316) > > @@ -133,7 +133,7 @@ main(int argc, char **argv) > > if (flags == O_RDWR) > > cap_rights_set(, CAP_WRITE); > > > > - fa = fileargs_init(argc, argv, flags, 0, ); > > + fa = fileargs_init(argc, argv, flags, 0, , FA_OPEN); > > if (fa == NULL) > > errx(1, "unable to init casper"); > > > > > > Modified: head/usr.bin/head/head.c > > === > === > > --- head/usr.bin/head/head.cWed Apr 17 16:02:57 2019(r34631 > 5) > > +++ head/usr.bin/head/head.cWed Apr 17 16:18:14 2019(r34631 > 6) > > @@ -115,7 +115,7 @@ main(int argc, char *argv[]) > > argv += optind; > > > > fa = fileargs_init(argc, argv, O_RDONLY, 0, > > - cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL)); > > + cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL), FA_OPEN); > > if (fa == NULL) > > errx(1, "unable to init casper"); > > > > > > Modified: head/usr.bin/wc/wc.c > > === > === > > --- head/usr.bin/wc/wc.cWed Apr 17 16:02:57 2019(r346315) > > +++ head/usr.bin/wc/wc.cWed Apr 17 16:18:14 2019(r346316) > > @@ -133,7 +133,7 @@ main(int argc, char *argv[]) > > (void)signal(SIGINFO, siginfo_handler); > > > > fa = fileargs_init(argc, argv, O_RDONLY, 0, > > - cap_rights_init(, CAP_READ, CAP_FSTAT)); > > + cap_rights_init(, CAP_READ, CAP_FSTAT), FA_OPEN); > > if (fa == NULL) { > > xo_warn("Unable to init casper"); > > exit(1); > > ___ > > svn-src-head@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/svn-src-head > > To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org" > > This commit seems to break buildworld on my installations: > > [...] > Building /usr/obj/usr/src/amd64.amd64/tmp/obj-tools/usr.bin/strings/strings.o > - --- strings.o --- > /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: use of undecla > red identifier > 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > ^ > 1 error generated. > *** [strings.o] Error code 1 Try this. We shouldn't use headers in /usr/include, only the ones in src/. Index: tools/build/Makefile === ---
svn commit: r346330 - head/tools/boot
Author: emaste Date: Wed Apr 17 19:24:41 2019 New Revision: 346330 URL: https://svnweb.freebsd.org/changeset/base/346330 Log: Put QEMU CI smoke test boot log in /tmp if TMPDIR not set Sponsored by: The FreeBSD Foundation Modified: head/tools/boot/ci-qemu-test.sh Modified: head/tools/boot/ci-qemu-test.sh == --- head/tools/boot/ci-qemu-test.sh Wed Apr 17 19:16:26 2019 (r346329) +++ head/tools/boot/ci-qemu-test.sh Wed Apr 17 19:24:41 2019 (r346330) @@ -95,7 +95,7 @@ trap tempdir_cleanup EXIT SIGINT SIGHUP SIGTERM SIGQUI ( cd ${SRCTOP} && tempdir_setup ) # And, boot in QEMU. -: ${BOOTLOG:=${TMPDIR}/ci-qemu-test-boot.log} +: ${BOOTLOG:=${TMPDIR:-/tmp}/ci-qemu-test-boot.log} timeout 300 \ qemu-system-x86_64 -m 256M -bios ${OVMF} \ -serial stdio -vga none -nographic -monitor none \ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346329 - head/tools/boot
Author: emaste Date: Wed Apr 17 19:16:26 2019 New Revision: 346329 URL: https://svnweb.freebsd.org/changeset/base/346329 Log: Install some entropy for QEMU CI smoke test See r346250 and followup commits and mailing list discussion. We currently fail to boot properly in the absense of boot-time entropy. Sponsored by: The FreeBSD Foundation Modified: head/tools/boot/ci-qemu-test.sh Modified: head/tools/boot/ci-qemu-test.sh == --- head/tools/boot/ci-qemu-test.sh Wed Apr 17 18:08:28 2019 (r346328) +++ head/tools/boot/ci-qemu-test.sh Wed Apr 17 19:16:26 2019 (r346329) @@ -68,6 +68,9 @@ echo "Hello world." /sbin/shutdown -p now EOF + # Entropy needed to boot, see r346250 and followup commits/discussion. + dd if=/dev/random of=${ROOTDIR}/boot/entropy bs=4k count=1 + # Remove unnecessary files to keep FAT filesystem size down. rm -rf ${ROOTDIR}/METALOG ${ROOTDIR}/usr/lib } ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
Hey Adrian, As discussed with John and Warner upthread, I hope to have a patch out for review later today to give folks a knob to disable this. It may even make sense to default it on, at least for !x86. I am happy to CC you on review if you like. Take care, Conrad On Wed, Apr 17, 2019 at 11:22 AM Adrian Chadd wrote: > > > > On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote: >> >> Author: cem >> Date: Mon Apr 15 18:40:36 2019 >> New Revision: 346250 >> URL: https://svnweb.freebsd.org/changeset/base/346250 >> >> Log: >> random(4): Block read_random(9) on initial seeding > > > Sniffle, this broke on my mips boards whilst debugging why I'm seeing > transmit crashes and other bad behaviours. if_arge has some hacks to randomly > allocate mac addresses if the board doesn't supply them. This is going to be > a common thing to deal with during board bring-up before you do things like, > I dunno, make storage work. I'm going to fix if_arge to use the new API to > generate MAC addresses but there'll be other places where this will bite you. > > Please reconsider this a bit. I know people are trying to improve our > security and cryptography support. But some of us are trying to use FreeBSD > code in fun places and maybe occasionally do some more porting work. :-) > > > -adrian > > ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On Mon, 15 Apr 2019 at 11:40, Conrad Meyer wrote: > Author: cem > Date: Mon Apr 15 18:40:36 2019 > New Revision: 346250 > URL: https://svnweb.freebsd.org/changeset/base/346250 > > Log: > random(4): Block read_random(9) on initial seeding > Sniffle, this broke on my mips boards whilst debugging why I'm seeing transmit crashes and other bad behaviours. if_arge has some hacks to randomly allocate mac addresses if the board doesn't supply them. This is going to be a common thing to deal with during board bring-up before you do things like, I dunno, make storage work. I'm going to fix if_arge to use the new API to generate MAC addresses but there'll be other places where this will bite you. Please reconsider this a bit. I know people are trying to improve our security and cryptography support. But some of us are trying to use FreeBSD code in fun places and maybe occasionally do some more porting work. :-) -adrian ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346328 - head/sys/conf
Author: kevans Date: Wed Apr 17 18:08:28 2019 New Revision: 346328 URL: https://svnweb.freebsd.org/changeset/base/346328 Log: Compile sha1.c when ether support is included sha1 is used by ether_gen_addr after r346324. Perhaps in an ideal world we could detect that the kernel's been compiled without sha1_* bits included and silently fallback to arc4random instead because these platforms/kernel configs are far and few between. It's fairly lightweight, though, so just include it for now. Modified: head/sys/conf/files Modified: head/sys/conf/files == --- head/sys/conf/files Wed Apr 17 17:50:44 2019(r346327) +++ head/sys/conf/files Wed Apr 17 18:08:28 2019(r346328) @@ -680,8 +680,8 @@ crypto/rijndael/rijndael-alg-fst.c optional crypto | e crypto/rijndael/rijndael-api-fst.c optional ekcd | geom_bde | random !random_loadable crypto/rijndael/rijndael-api.c optional crypto | ipsec | ipsec_support | \ wlan_ccmp -crypto/sha1.c optional carp | crypto | ipsec | \ - ipsec_support | netgraph_mppc_encryption | sctp +crypto/sha1.c optional carp | crypto | ether | ipsec | \ + ipsec_support | netgraph_mppc_encryption | sctp crypto/sha2/sha256c.c optional crypto | ekcd | geom_bde | ipsec | \ ipsec_support | random !random_loadable | sctp | zfs crypto/sha2/sha512c.c optional crypto | geom_bde | ipsec | \ ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
Hi John, On Wed, Apr 17, 2019 at 9:01 AM John Baldwin wrote: > You're missing the point which is that you've added potential blocking in a > lot of > places by changing the semantics of arc4random. I get it. The thing is, it's a weird blocking semantic. It's not the same as any other blocking semantic we have elsewhere in the kernel. It can't happen in any particular call. Once it unblocks, it's nonblocking forever after. So if the caller a priori knows that random is seeded, it's not a blocking operation. > Unless you're intending to > hand-audit all of them (as well as future uses), I think having the existing > API be "safe" (and blocking) but use WITNESS_WARN is a way to catch existing > and future locking problems. This would essentially just force auditing, no? I guess it helps highlight instances that are (a) actually inside a locked region and (b) run by users. I'm on board with this approach. My only concern is that we will have false positives (and continue to have false positives after true positives are made safe). One thing we could do is teach WITNESS about random's seeded/not status. Let's take away: I'll owe you a differential implementing some version of this proposal, as well as a separate one for the giant unsafe-random knob, and we can discuss the technical details offline. Expect something today, if at all possible. > The EWOULDBLOCK API is something a developer > would choose and it means they would be aware of the constraint and need to > deal with it, either by handling EWOULDBLOCK in some way, or deferring use > until seeded, etc. Ok; if it is attached to a specific need, and it has '__attribute__((warn_unused_result))' attached to it, I'm tentatively ok with the idea. I don't want to add additional interfaces that don't get used, or make it easy to accidentally get non-results. Best regards, Conrad ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346295 - in head/sys: arm/allwinner arm/altera/socfpga arm/amlogic/aml8726 arm/annapurna/alpine arm/broadcom/bcm2835 arm/freescale/imx arm/freescale/vybrid arm/mv arm/nvidia/tegra124
> On 17 Apr 2019, at 17:52, Ian Lepore wrote: > > On Wed, 2019-04-17 at 11:23 +0200, Andrew Turner wrote: >>> On 16 Apr 2019, at 22:04, Emmanuel Vadot wrote: >>> >>> Author: manu >>> Date: Tue Apr 16 20:04:22 2019 >>> New Revision: 346295 >>> URL: https://svnweb.freebsd.org/changeset/base/346295 >>> >>> Log: >>> arm: Add kern_clocksource.c directly in files.arm >>> >>> This files is needed and included in all our config so move it to >>> a common >>> location. >>> >>> MFC after: 2 weeks >> >> ... >>> Modified: head/sys/conf/files.arm >>> === >>> === >>> --- head/sys/conf/files.arm Tue Apr 16 19:46:02 2019(r346294) >>> +++ head/sys/conf/files.arm Tue Apr 16 20:04:22 2019(r346295) >>> @@ -11,6 +11,9 @@ cloudabi32_vdso_blob.ooptionalcom >>> pat_cloudabi32 \ >>> no-implicit-rule\ >>> clean "cloudabi32_vdso_blob.o" >>> # >>> + >>> +kern/kern_clocksource.cstandard >> >> Could this be moved from the various files.* to files? It seems we >> define it as standard on all architectures. >> >> > > I thought mips still had some variants that didn't implement event > timers. That's why this stuff was ever in arch-specific files, arm and > mips had some flavors without ET support. I think it used to be the case on arm. A grep seems to think it’s enabled on all architectures now: grep kern_clocksource files.* files.amd64:kern/kern_clocksource.c standard files.arm:kern/kern_clocksource.c standard files.arm64:kern/kern_clocksource.c standard files.i386:kern/kern_clocksource.c standard files.mips:kern/kern_clocksource.c standard files.powerpc:kern/kern_clocksource.c standard files.riscv:kern/kern_clocksource.c standard files.sparc64:kern/kern_clocksource.c standard Andrew ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Am Wed, 17 Apr 2019 16:18:14 + (UTC) Ed Maste schrieb: > Author: emaste > Date: Wed Apr 17 16:18:14 2019 > New Revision: 346316 > URL: https://svnweb.freebsd.org/changeset/base/346316 > > Log: > cap_fileargs: chase r346315, update fileargs_init in consumers > > Reported by:ci.freebsd.org (8 times so far) > MFC after: 3 weeks > MFC with: r346315 > Sponsored by: The FreeBSD Foundation > > Modified: > head/contrib/elftoolchain/strings/strings.c > head/sbin/savecore/savecore.c > head/usr.bin/brandelf/brandelf.c > head/usr.bin/head/head.c > head/usr.bin/wc/wc.c > > Modified: head/contrib/elftoolchain/strings/strings.c > == > --- head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:02:57 2019 > (r346315) +++ head/contrib/elftoolchain/strings/strings.c Wed Apr 17 > 16:18:14 > 2019 (r346316) @@ -195,7 +195,7 @@ main(int argc, char **argv) > argv += optind; > > cap_rights_init(, CAP_READ, CAP_SEEK, CAP_FSTAT, CAP_FCNTL); > - fa = fileargs_init(argc, argv, O_RDONLY, 0, ); > + fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); > if (fa == NULL) > err(1, "Unable to initialize casper fileargs"); > > > Modified: head/sbin/savecore/savecore.c > == > --- head/sbin/savecore/savecore.c Wed Apr 17 16:02:57 2019 > (r346315) > +++ head/sbin/savecore/savecore.c Wed Apr 17 16:18:14 2019 > (r346316) > @@ -1030,7 +1030,7 @@ init_caps(int argc, char **argv) >*/ > (void)cap_rights_init(, CAP_PREAD, CAP_WRITE, CAP_IOCTL); > capfa = fileargs_init(argc, argv, checkfor || keep ? O_RDONLY : O_RDWR, > - 0, ); > + 0, , FA_OPEN); > if (capfa == NULL) { > logmsg(LOG_ERR, "fileargs_init(): %m"); > exit(1); > > Modified: head/usr.bin/brandelf/brandelf.c > == > --- head/usr.bin/brandelf/brandelf.c Wed Apr 17 16:02:57 2019 > (r346315) > +++ head/usr.bin/brandelf/brandelf.c Wed Apr 17 16:18:14 2019 > (r346316) > @@ -133,7 +133,7 @@ main(int argc, char **argv) > if (flags == O_RDWR) > cap_rights_set(, CAP_WRITE); > > - fa = fileargs_init(argc, argv, flags, 0, ); > + fa = fileargs_init(argc, argv, flags, 0, , FA_OPEN); > if (fa == NULL) > errx(1, "unable to init casper"); > > > Modified: head/usr.bin/head/head.c > == > --- head/usr.bin/head/head.c Wed Apr 17 16:02:57 2019(r346315) > +++ head/usr.bin/head/head.c Wed Apr 17 16:18:14 2019(r346316) > @@ -115,7 +115,7 @@ main(int argc, char *argv[]) > argv += optind; > > fa = fileargs_init(argc, argv, O_RDONLY, 0, > - cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL)); > + cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL), FA_OPEN); > if (fa == NULL) > errx(1, "unable to init casper"); > > > Modified: head/usr.bin/wc/wc.c > == > --- head/usr.bin/wc/wc.c Wed Apr 17 16:02:57 2019(r346315) > +++ head/usr.bin/wc/wc.c Wed Apr 17 16:18:14 2019(r346316) > @@ -133,7 +133,7 @@ main(int argc, char *argv[]) > (void)signal(SIGINFO, siginfo_handler); > > fa = fileargs_init(argc, argv, O_RDONLY, 0, > - cap_rights_init(, CAP_READ, CAP_FSTAT)); > + cap_rights_init(, CAP_READ, CAP_FSTAT), FA_OPEN); > if (fa == NULL) { > xo_warn("Unable to init casper"); > exit(1); > ___ > svn-src-head@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/svn-src-head > To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org" This commit seems to break buildworld on my installations: [...] Building /usr/obj/usr/src/amd64.amd64/tmp/obj-tools/usr.bin/strings/strings.o - --- strings.o --- /usr/src/contrib/elftoolchain/strings/strings.c:198:55: error: use of undeclared identifier 'FA_OPEN' fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); ^ 1 error generated. *** [strings.o] Error code 1 Kind regards, O. Hartmann - -- O. Hartmann Ich widerspreche der Nutzung oder Übermittlung meiner Daten für Werbezwecke oder für die Markt- oder Meinungsforschung (§ 28 Abs. 4 BDSG). -BEGIN PGP SIGNATURE- iHUEARYIAB0WIQSy8IBxAPDkqVBaTJ44N1ZZPba5RwUCXLdnsQAKCRA4N1ZZPba5 R2HSAP4keSSyPL/kFLfJFYIgaSSS3xcCW6tHju2TM+508sZQmAEAv3HyUTybla7d v8ixpbphQ9P0oOMhPTdqGqhsieAnOwc= =a+Yt -END PGP SIGNATURE- ___
svn commit: r346327 - head/contrib/elftoolchain/readelf
Author: emaste Date: Wed Apr 17 17:50:44 2019 New Revision: 346327 URL: https://svnweb.freebsd.org/changeset/base/346327 Log: readelf: use size_t for object counts PR: 212539 Reported by: cem Sponsored by: The FreeBSD Foundation Modified: head/contrib/elftoolchain/readelf/readelf.c Modified: head/contrib/elftoolchain/readelf/readelf.c == --- head/contrib/elftoolchain/readelf/readelf.c Wed Apr 17 17:19:54 2019 (r346326) +++ head/contrib/elftoolchain/readelf/readelf.c Wed Apr 17 17:50:44 2019 (r346327) @@ -370,7 +370,7 @@ static void readelf_usage(int status); static void readelf_version(void); static void search_loclist_at(struct readelf *re, Dwarf_Die die, Dwarf_Unsigned lowpc, struct loc_at **la_list, -unsigned int *la_list_len, unsigned int *la_list_cap); +size_t *la_list_len, size_t *la_list_cap); static void search_ver(struct readelf *re); static const char *section_type(unsigned int mach, unsigned int stype); static void set_cu_context(struct readelf *re, Dwarf_Half psize, @@ -6063,8 +6063,7 @@ loc_at_comparator(const void *la1, const void *la2) static void search_loclist_at(struct readelf *re, Dwarf_Die die, Dwarf_Unsigned lowpc, -struct loc_at **la_list, unsigned int *la_list_len, -unsigned int *la_list_cap) +struct loc_at **la_list, size_t *la_list_len, size_t *la_list_cap) { struct loc_at *la; Dwarf_Attribute *attr_list; @@ -6438,7 +6437,8 @@ dump_dwarf_loclist(struct readelf *re) Dwarf_Half tag, version, pointer_size, off_size; Dwarf_Error de; struct loc_at *la_list, *left, *right, *la; - unsigned int la_list_len, la_list_cap, duplicates, k; + size_t la_list_len, la_list_cap; + unsigned int duplicates, k; int i, j, ret, has_content; la_list_len = 0; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On Wed, 2019-04-17 at 11:16 -0600, Warner Losh wrote: > On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote: > > > On 4/16/19 4:48 PM, Conrad Meyer wrote: > > > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote: > > > > bhyveload is effectively the loader in this case. It runs the normal > > > > loader > > > > scripts and logic and so would load the guests's /boot/entropy and pass > > > > it > > > > to the guest kernel as metadata just like the regular loader. > > > > > > Right, except it doesn't seem to do things like nuke /boot/nextboot.conf > > > > :-(. > > > > It just needs a disk write method I think for that to work, but I'm not > > sure > > that's currently in the userboot interface. > > > > It isn't. Write support was added to the boot loader after bhyveload was > forked. It hasn't been updated. > > > > > > In addition, bhyve also supports virtio-rng which is another way to > > > > provide > > > > entropy to guest OS's. That's why in my reply I focused on qemu for > > > > mips > > > > (or riscv) as for x86 hypervisors there are existing, > > > > somewhat-standarized > > > > solutions for the hypervisor to provide entropy to the guest. > > > > > > Perhaps cryptographically random stack-protector cookies are simply > > > inappropriate for MIPS or RISCV. Do we have any other examples of > > > kernel random consumers blocking after that immediate hiccup is > > > overcome? > > > > There may be MIPS and RISCV designs that do have suitable entropy available > > (especially I would expect future RISCV designs to have them), so I think > > blacklisting stack protector wholesale on those architectures is overboard. > > I think some sort of off-by-default knob (even a compile option) is fine > > for > > people who need fast and loose vs safe as you already agreed to earlier. > > > > Also, for development testing we still want coverage of using stack cookies > > on MIPS and RISCV even if the simulator environment gives not-very-strong > > cookie values. > > > I'm going to put a very fine point on this: any hard-requirement of entropy > sources is a non-starter. If you require that, your commit will be backed > out and/or hacked around by the addition of a nob in the future. It will > happen. Don't pretend you can say 'but things weren't random enough' will > carry the day. It will not. > > That's why I specifically requested a MD routine to be called when there's > no source of entropy: that will let special needs folks do the right thing. > It's also why I asked for a way to say "don't ever block waiting for > entropy, soldier on the best you can, but set some variable that can be > exposed to userland so that early in /etc/rc automation can be written to > decide what to do when that condition exists: generate entropy and reboot, > report it to some central control, nothing" since that will give the tools > for different reactions. > > For our application it is *NEVER* OK to block the boot because there's not > enough randomness. We'd rather solider on with crappy randomness and want > the boot to proceed not matter what. We want the information that we had to > make compromises along the way to make it happen so we can decide the right > course of action for our appliances. > > Warner I'll add a big +1 to all of that, it all directly applies to our embedded products at $work as well, and would give us the control we need to handle things in an application-specific way. -- Ian ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
Hi Warner, On Wed, Apr 17, 2019 at 10:16 AM Warner Losh wrote: > I'm going to put a very fine point on this: any hard-requirement of entropy > sources is a non-starter. If you require that, your commit will be backed out > and/or hacked around by the addition of a nob in the future. It will happen. > Don't pretend you can say 'but things weren't random enough' will carry the > day. It will not. > > That's why I specifically requested a MD routine to be called when there's no > source of entropy: that will let special needs folks do the right thing. It's > also why I asked for a way to say "don't ever block waiting for entropy, > soldier on the best you can, but set some variable that can be exposed to > userland so that early in /etc/rc automation can be written to decide what to > do when that condition exists: generate entropy and reboot, report it to some > central control, nothing" since that will give the tools for different > reactions. > > For our application it is *NEVER* OK to block the boot because there's not > enough randomness. We'd rather solider on with crappy randomness and want the > boot to proceed not matter what. We want the information that we had to make > compromises along the way to make it happen so we can decide the right course > of action for our appliances. I think John's proposed big knob to disable hard-requirement of entropy, and a warning on dmesg, pretty much covers your applications' needs. Do you agree? The random framework has already got ways to register random sources; special needs MD folks can always register their own fako fast random source. I.e., the randomdev entropy intake framework is already general with room for MD-specific drivers (of which several exist today). Take care, Conrad ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On Wed, Apr 17, 2019 at 9:06 AM John Baldwin wrote: > > On 4/16/19 4:48 PM, Conrad Meyer wrote: > > Perhaps cryptographically random stack-protector cookies are simply > > inappropriate for MIPS or RISCV. Do we have any other examples of > > kernel random consumers blocking after that immediate hiccup is > > overcome? > > There may be MIPS and RISCV designs that do have suitable entropy available > (especially I would expect future RISCV designs to have them), so I think > blacklisting stack protector wholesale on those architectures is overboard. The difficulty is how early __stack_chk_init runs vs when entropy might be available. If some MIPS or RISCV design shows up with a fast HWRNG source, great! > I think some sort of off-by-default knob (even a compile option) is fine for > people who need fast and loose vs safe as you already agreed to earlier. > > Also, for development testing we still want coverage of using stack cookies > on MIPS and RISCV even if the simulator environment gives not-very-strong > cookie values. Right. There's a difference between removing random stack cookies and removing stack cookies entirely; I agree some benefit remains for development. Best, Conrad ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346326 - head/sys/net
Author: kevans Date: Wed Apr 17 17:19:54 2019 New Revision: 346326 URL: https://svnweb.freebsd.org/changeset/base/346326 Log: iflib: Use new ether_gen_addr, restricting addresses to that subset Differential Revision:https://reviews.freebsd.org/D19587 Modified: head/sys/net/iflib.c Modified: head/sys/net/iflib.c == --- head/sys/net/iflib.cWed Apr 17 17:19:19 2019(r346325) +++ head/sys/net/iflib.cWed Apr 17 17:19:54 2019(r346326) @@ -37,15 +37,12 @@ __FBSDID("$FreeBSD$"); #include #include #include -#include #include #include -#include #include #include #include #include -#include #include #include #include @@ -207,7 +204,7 @@ struct iflib_ctx { #define isc_legacy_intr ifc_txrx.ift_legacy_intr eventhandler_tag ifc_vlan_attach_event; eventhandler_tag ifc_vlan_detach_event; - uint8_t ifc_mac[ETHER_ADDR_LEN]; + struct ether_addr ifc_mac; char ifc_mtx_name[16]; }; @@ -250,7 +247,7 @@ void iflib_set_mac(if_ctx_t ctx, uint8_t mac[ETHER_ADDR_LEN]) { - bcopy(mac, ctx->ifc_mac, ETHER_ADDR_LEN); + bcopy(mac, ctx->ifc_mac.octet, ETHER_ADDR_LEN); } if_softc_ctx_t @@ -1276,38 +1273,6 @@ prefetch2cachelines(void *x) #endif static void -iflib_gen_mac(if_ctx_t ctx) -{ - struct thread *td; - MD5_CTX mdctx; - char uuid[HOSTUUIDLEN+1]; - char buf[HOSTUUIDLEN+16]; - uint8_t *mac; - unsigned char digest[16]; - - td = curthread; - mac = ctx->ifc_mac; - uuid[HOSTUUIDLEN] = 0; - bcopy(td->td_ucred->cr_prison->pr_hostuuid, uuid, HOSTUUIDLEN); - snprintf(buf, HOSTUUIDLEN+16, "%s-%s", uuid, device_get_nameunit(ctx->ifc_dev)); - /* -* Generate a pseudo-random, deterministic MAC -* address based on the UUID and unit number. -* The FreeBSD Foundation OUI of 58-9C-FC is used. -*/ - MD5Init(); - MD5Update(, buf, strlen(buf)); - MD5Final(digest, ); - - mac[0] = 0x58; - mac[1] = 0x9C; - mac[2] = 0xFC; - mac[3] = digest[0]; - mac[4] = digest[1]; - mac[5] = digest[2]; -} - -static void iru_init(if_rxd_update_t iru, iflib_rxq_t rxq, uint8_t flid) { iflib_fl_t fl; @@ -4579,7 +4544,7 @@ iflib_device_register(device_t dev, void *sc, if_share } } - ether_ifattach(ctx->ifc_ifp, ctx->ifc_mac); + ether_ifattach(ctx->ifc_ifp, ctx->ifc_mac.octet); if ((err = IFDI_ATTACH_POST(ctx)) != 0) { device_printf(dev, "IFDI_ATTACH_POST failed %d\n", err); @@ -4668,7 +4633,7 @@ iflib_pseudo_register(device_t dev, if_shared_ctx_t sc goto fail_unlock; } if (sctx->isc_flags & IFLIB_GEN_MAC) - iflib_gen_mac(ctx); + ether_gen_addr(ifp, >ifc_mac); if ((err = IFDI_CLONEATTACH(ctx, clctx->cc_ifc, clctx->cc_name, clctx->cc_params)) != 0) { device_printf(dev, "IFDI_CLONEATTACH failed %d\n", err); @@ -4689,7 +4654,7 @@ iflib_pseudo_register(device_t dev, if_shared_ctx_t sc ifp->if_flags |= IFF_NOGROUP; if (sctx->isc_flags & IFLIB_PSEUDO) { - ether_ifattach(ctx->ifc_ifp, ctx->ifc_mac); + ether_ifattach(ctx->ifc_ifp, ctx->ifc_mac.octet); if ((err = IFDI_ATTACH_POST(ctx)) != 0) { device_printf(dev, "IFDI_ATTACH_POST failed %d\n", err); @@ -4796,7 +4761,7 @@ iflib_pseudo_register(device_t dev, if_shared_ctx_t sc /* * XXX What if anything do we want to do about interrupts? */ - ether_ifattach(ctx->ifc_ifp, ctx->ifc_mac); + ether_ifattach(ctx->ifc_ifp, ctx->ifc_mac.octet); if ((err = IFDI_ATTACH_POST(ctx)) != 0) { device_printf(dev, "IFDI_ATTACH_POST failed %d\n", err); goto fail_detach; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346324 - head/sys/net
Author: kevans Date: Wed Apr 17 17:18:43 2019 New Revision: 346324 URL: https://svnweb.freebsd.org/changeset/base/346324 Log: net: adjust randomized address bits Give devices that need a MAC a 16-bit allocation out of the FreeBSD Foundation OUI range. Change the name ether_fakeaddr to ether_gen_addr now that we're dealing real MAC addresses with a real OUI rather than random locally-administered addresses. Reviewed by: bz, rgrimes Differential Revision:https://reviews.freebsd.org/D19587 Modified: head/sys/net/ethernet.h head/sys/net/ieee_oui.h head/sys/net/if_bridge.c head/sys/net/if_ethersubr.c head/sys/net/if_vxlan.c Modified: head/sys/net/ethernet.h == --- head/sys/net/ethernet.h Wed Apr 17 17:00:16 2019(r346323) +++ head/sys/net/ethernet.h Wed Apr 17 17:18:43 2019(r346324) @@ -422,7 +422,7 @@ voidether_vlan_mtap(struct bpf_if *, struct mbuf *, struct mbuf *ether_vlanencap(struct mbuf *, uint16_t); bool ether_8021q_frame(struct mbuf **mp, struct ifnet *ife, struct ifnet *p, uint16_t vid, uint8_t pcp); -void ether_fakeaddr(struct ether_addr *hwaddr); +void ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr); #ifdef _SYS_EVENTHANDLER_H_ /* new ethernet interface attached event */ Modified: head/sys/net/ieee_oui.h == --- head/sys/net/ieee_oui.h Wed Apr 17 17:00:16 2019(r346323) +++ head/sys/net/ieee_oui.h Wed Apr 17 17:18:43 2019(r346324) @@ -67,3 +67,14 @@ /* Allocate 20 bits to bhyve */ #define OUI_FREEBSD_BHYVE_LOW OUI_FREEBSD(0x01) #define OUI_FREEBSD_BHYVE_HIGH OUI_FREEBSD(0x0f) + +/* + * Allocate 16 bits for a pool to give to various interfaces that need a + * generated address, but don't quite need to slice off a whole section of + * the OUI (e.g. cloned interfaces, one-off NICs of various vendors). + * + * ether_gen_addr should be used to generate an address from this pool. + */ +#defineOUI_FREEBSD_GENERATED_MASK 0x10 +#defineOUI_FREEBSD_GENERATED_LOW OUI_FREEBSD(0x10) +#defineOUI_FREEBSD_GENERATED_HIGH OUI_FREEBSD(OU_FREEBSD_GENERATED_MASK) Modified: head/sys/net/if_bridge.c == --- head/sys/net/if_bridge.cWed Apr 17 17:00:16 2019(r346323) +++ head/sys/net/if_bridge.cWed Apr 17 17:18:43 2019(r346324) @@ -671,7 +671,7 @@ bridge_clone_create(struct if_clone *ifc, int unit, ca getcredhostid(curthread->td_ucred, ); do { if (fb || hostid == 0) { - ether_fakeaddr(>sc_defaddr); + ether_gen_addr(ifp, >sc_defaddr); } else { sc->sc_defaddr.octet[0] = 0x2; sc->sc_defaddr.octet[1] = (hostid >> 24) & 0xff; Modified: head/sys/net/if_ethersubr.c == --- head/sys/net/if_ethersubr.c Wed Apr 17 17:00:16 2019(r346323) +++ head/sys/net/if_ethersubr.c Wed Apr 17 17:18:43 2019(r346324) @@ -42,11 +42,13 @@ #include #include #include +#include #include #include #include #include #include +#include #include #include #include @@ -54,6 +56,7 @@ #include #include +#include #include #include #include @@ -85,6 +88,8 @@ #endif #include +#include + #ifdef CTASSERT CTASSERT(sizeof (struct ether_header) == ETHER_ADDR_LEN * 2 + 2); CTASSERT(sizeof (struct ether_addr) == ETHER_ADDR_LEN); @@ -1401,19 +1406,37 @@ ether_8021q_frame(struct mbuf **mp, struct ifnet *ife, return (true); } +/* + * Allocate an address from the FreeBSD Foundation OUI. This uses a + * cryptographic hash function on the containing jail's UUID and the interface + * name to attempt to provide a unique but stable address. Pseudo-interfaces + * which require a MAC address should use this function to allocate + * non-locally-administered addresses. + */ void -ether_fakeaddr(struct ether_addr *hwaddr) +ether_gen_addr(struct ifnet *ifp, struct ether_addr *hwaddr) { +#defineETHER_GEN_ADDR_BUFSIZ HOSTUUIDLEN + IFNAMSIZ + 2 + SHA1_CTX ctx; + char buf[ETHER_GEN_ADDR_BUFSIZ]; + char uuid[HOSTUUIDLEN + 1]; + uint64_t addr; + int i, sz; + char digest[SHA1_RESULTLEN]; - /* -* Generate a convenient locally administered address, -* 'bsd' + random 24 low-order bits. 'b' is 0x62, which has the locally -* assigned bit set, and the broadcast/multicast bit clear. -*/ - arc4rand(hwaddr->octet, ETHER_ADDR_LEN, 1); - hwaddr->octet[0] = 'b'; - hwaddr->octet[1] = 's'; - hwaddr->octet[2] = 'd'; + getcredhostuuid(curthread->td_ucred, uuid,
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On Wed, Apr 17, 2019 at 10:06 AM John Baldwin wrote: > On 4/16/19 4:48 PM, Conrad Meyer wrote: > > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote: > >> bhyveload is effectively the loader in this case. It runs the normal > loader > >> scripts and logic and so would load the guests's /boot/entropy and pass > it > >> to the guest kernel as metadata just like the regular loader. > > > > Right, except it doesn't seem to do things like nuke /boot/nextboot.conf > :-(. > > It just needs a disk write method I think for that to work, but I'm not > sure > that's currently in the userboot interface. > It isn't. Write support was added to the boot loader after bhyveload was forked. It hasn't been updated. > >> In addition, bhyve also supports virtio-rng which is another way to > provide > >> entropy to guest OS's. That's why in my reply I focused on qemu for > mips > >> (or riscv) as for x86 hypervisors there are existing, > somewhat-standarized > >> solutions for the hypervisor to provide entropy to the guest. > > > > Perhaps cryptographically random stack-protector cookies are simply > > inappropriate for MIPS or RISCV. Do we have any other examples of > > kernel random consumers blocking after that immediate hiccup is > > overcome? > > There may be MIPS and RISCV designs that do have suitable entropy available > (especially I would expect future RISCV designs to have them), so I think > blacklisting stack protector wholesale on those architectures is overboard. > I think some sort of off-by-default knob (even a compile option) is fine > for > people who need fast and loose vs safe as you already agreed to earlier. > > Also, for development testing we still want coverage of using stack cookies > on MIPS and RISCV even if the simulator environment gives not-very-strong > cookie values. I'm going to put a very fine point on this: any hard-requirement of entropy sources is a non-starter. If you require that, your commit will be backed out and/or hacked around by the addition of a nob in the future. It will happen. Don't pretend you can say 'but things weren't random enough' will carry the day. It will not. That's why I specifically requested a MD routine to be called when there's no source of entropy: that will let special needs folks do the right thing. It's also why I asked for a way to say "don't ever block waiting for entropy, soldier on the best you can, but set some variable that can be exposed to userland so that early in /etc/rc automation can be written to decide what to do when that condition exists: generate entropy and reboot, report it to some central control, nothing" since that will give the tools for different reactions. For our application it is *NEVER* OK to block the boot because there's not enough randomness. We'd rather solider on with crappy randomness and want the boot to proceed not matter what. We want the information that we had to make compromises along the way to make it happen so we can decide the right course of action for our appliances. Warner ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On Tue, Apr 16, 2019, 4:51 PM Rodney W. Grimes wrote: > > On 4/15/19 11:40 AM, Conrad Meyer wrote: > > > Author: cem > > > Date: Mon Apr 15 18:40:36 2019 > > > New Revision: 346250 > > > URL: https://svnweb.freebsd.org/changeset/base/346250 > > > > > > Log: > > > random(4): Block read_random(9) on initial seeding > > > > > > read_random() is/was used, mostly without error checking, in a lot of > > > very sensitive places in the kernel -- including seeding the widely > used > > > arc4random(9). > > > > > > Most uses, especially arc4random(9), should block until the device > is seeded > > > rather than proceeding with a bogus or empty seed. I did not spy any > > > obvious kernel consumers where blocking would be inappropriate (in > the > > > sense that lack of entropy would be ok -- I did not investigate > locking > > > angle thoroughly). In many instances, arc4random_buf(9) or that > family > > > of APIs would be more appropriate anyway; that work was done in > r345865. > > > > There are definitely places arc4random is used where sleeping is not > allowed. > > ipsec generating nonces for AES-CBC is one example I can think of off the > > top of my head. I think it might be useful to add an explicit > WITNESS_WARN > > in arc4random to catch these cases so they can be found and reasoned > about. > > > > > This change primarily impacts the behavior of /dev/random on embedded > > > systems with read-only media that do not configure "nodevice > random". We > > > toggle the default from 'charge on blindly with no entropy' to 'block > > > indefinitely.' This default is safer, but may cause frustration. > Embedded > > > system designers using FreeBSD have several options. The most > obvious is to > > > plan to have a small writable NVRAM or NAND to persist entropy, like > larger > > > systems. Early entropy can be fed from any loader, or by writing > directly > > > to /dev/random during boot. Some embedded SoCs now provide a fast > hardware > > > entropy source; this would also work for quickly seeding Fortuna. A > 3rd > > > option would be creating an embedded-specific, more simplistic random > > > module, like that designed by DJB in [1] (this design still requires > a small > > > rewritable media for forward secrecy). Finally, the least preferred > option > > > might be "nodevice random", although I plan to remove this in a > subsequent > > > revision. > > > > Note that I actually often run into unseeded systems when doing > development > > using qemu for non-x86 architectures. For example, when booting mips > from > > qemu, there is no loader, the kernel just starts, and since the endian is > > opposite, I frequently regenerate the filesystem using makefs. > > Isnt this also the case for bhyveload? We do not go through the loader > there when we are starting a FreeBSD guest, correct? > Bhyveload is a copy of the boot loader and runs userboot to make it happen. Warner > John Baldwin > -- > Rod Grimes > rgri...@freebsd.org > > ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346323 - head/contrib/elftoolchain/readelf
Author: emaste Date: Wed Apr 17 17:00:16 2019 New Revision: 346323 URL: https://svnweb.freebsd.org/changeset/base/346323 Log: readelf: speed up readelf -wo Use an array instead of STAILQ, and sort at the end instead of while adding new elements. PR: 212539 Submitted by: Bora Özarslan Reviewed by: markj MFC after:2 weeks Sponsored by: The FreeBSD Foundation Modified: head/contrib/elftoolchain/readelf/readelf.c Modified: head/contrib/elftoolchain/readelf/readelf.c == --- head/contrib/elftoolchain/readelf/readelf.c Wed Apr 17 16:58:38 2019 (r346322) +++ head/contrib/elftoolchain/readelf/readelf.c Wed Apr 17 17:00:16 2019 (r346323) @@ -225,6 +225,15 @@ struct flag_desc { const char *desc; }; +struct loc_at { + Dwarf_Attribute la_at; + Dwarf_Unsigned la_off; + Dwarf_Unsigned la_lowpc; + Dwarf_Half la_cu_psize; + Dwarf_Half la_cu_osize; + Dwarf_Half la_cu_ver; +}; + static void add_dumpop(struct readelf *re, size_t si, const char *sn, int op, int t); static const char *aeabi_adv_simd_arch(uint64_t simd); @@ -341,6 +350,7 @@ static const char *get_string(struct readelf *re, int static const char *get_symbol_name(struct readelf *re, int symtab, int i); static uint64_t get_symbol_value(struct readelf *re, int symtab, int i); static void load_sections(struct readelf *re); +static int loc_at_comparator(const void *la1, const void *la2); static const char *mips_abi_fp(uint64_t fp); static const char *note_type(const char *note_name, unsigned int et, unsigned int nt); @@ -359,7 +369,8 @@ static const char *ppc_abi_vector(uint64_t vec); static void readelf_usage(int status); static void readelf_version(void); static void search_loclist_at(struct readelf *re, Dwarf_Die die, -Dwarf_Unsigned lowpc); +Dwarf_Unsigned lowpc, struct loc_at **la_list, +unsigned int *la_list_len, unsigned int *la_list_cap); static void search_ver(struct readelf *re); static const char *section_type(unsigned int mach, unsigned int stype); static void set_cu_context(struct readelf *re, Dwarf_Half psize, @@ -6034,21 +6045,28 @@ dump_dwarf_str(struct readelf *re) } } -struct loc_at { - Dwarf_Attribute la_at; - Dwarf_Unsigned la_off; - Dwarf_Unsigned la_lowpc; - Dwarf_Half la_cu_psize; - Dwarf_Half la_cu_osize; - Dwarf_Half la_cu_ver; - TAILQ_ENTRY(loc_at) la_next; -}; +static int +loc_at_comparator(const void *la1, const void *la2) +{ + const struct loc_at *left, *right; -static TAILQ_HEAD(, loc_at) lalist = TAILQ_HEAD_INITIALIZER(lalist); + left = (const struct loc_at *)la1; + right = (const struct loc_at *)la2; + if (left->la_off > right->la_off) + return (1); + else if (left->la_off < right->la_off) + return (-1); + else + return (0); +} + static void -search_loclist_at(struct readelf *re, Dwarf_Die die, Dwarf_Unsigned lowpc) +search_loclist_at(struct readelf *re, Dwarf_Die die, Dwarf_Unsigned lowpc, +struct loc_at **la_list, unsigned int *la_list_len, +unsigned int *la_list_cap) { + struct loc_at *la; Dwarf_Attribute *attr_list; Dwarf_Die ret_die; Dwarf_Unsigned off; @@ -6057,7 +6075,6 @@ search_loclist_at(struct readelf *re, Dwarf_Die die, D Dwarf_Half attr, form; Dwarf_Bool is_info; Dwarf_Error de; - struct loc_at *la, *nla; int i, ret; is_info = dwarf_get_die_infotypes_flag(die); @@ -6105,33 +6122,21 @@ search_loclist_at(struct readelf *re, Dwarf_Die die, D } else continue; - TAILQ_FOREACH(la, , la_next) { - if (off == la->la_off) - break; - if (off < la->la_off) { - if ((nla = malloc(sizeof(*nla))) == NULL) - err(EXIT_FAILURE, "malloc failed"); - nla->la_at = attr_list[i]; - nla->la_off = off; - nla->la_lowpc = lowpc; - nla->la_cu_psize = re->cu_psize; - nla->la_cu_osize = re->cu_osize; - nla->la_cu_ver = re->cu_ver; - TAILQ_INSERT_BEFORE(la, nla, la_next); - break; - } + if (*la_list_cap == *la_list_len) { + *la_list = realloc(*la_list, + *la_list_cap * 2 * sizeof(**la_list)); + if (la_list == NULL) + errx(EXIT_FAILURE, "realloc failed"); + *la_list_cap *= 2; } - if (la == NULL) { -
svn commit: r346322 - head/lib/libcasper/services/cap_fileargs
Author: adrian Date: Wed Apr 17 16:58:38 2019 New Revision: 346322 URL: https://svnweb.freebsd.org/changeset/base/346322 Log: [casper] fix compilation when casper is disabled. This triggers an error in gcc-mips 6.4.0 complaining about unused arguments. Tested: * compiled/run on mips32; nothing complained. Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.h Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.h == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.h Wed Apr 17 16:45:42 2019(r346321) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.h Wed Apr 17 16:58:38 2019(r346322) @@ -108,8 +108,12 @@ fileargs_cinitnv(cap_channel_t *cas __unused, nvlist_t lstat(name, sb) #definefileargs_open(fa, name) \ open(name, fa->fa_flags, fa->fa_mode) -#definefileargs_fopen(fa, name, mode) \ - fopen(name, mode) +static inline +FILE *fileargs_fopen(fileargs_t *fa, const char *name, const char *mode) +{ + (void) fa; + return (fopen(name, mode)); +} #definefileargs_free(fa) (free(fa)) #endif ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r345875 - in head: contrib/elftoolchain/strings usr.bin/strings
not yet? I'm still debugging other issues; this just pissed off gcc. :) -a On Sun, 14 Apr 2019 at 19:42, Mariusz Zaborski wrote: > On Sun, Apr 14, 2019 at 08:19:22AM -0700, Adrian Chadd wrote: > > This exposed a fun bug - gcc mips 6.4.0 complains about an unused arg > (fa) > > in fileargs_fopen() in the strings change when you compile without casper > > support. I do that on mips. > > > > I have a local change that converts the #define to an inline function so > > the unused arg can be (void)'ed away. Mind if I commit it? > Sounds good to me. > Although you don't have an issue with others services? > > -- > Mariusz Zaborski > oshogbo//vx | http://oshogbo.vexillium.org > FreeBSD committer | https://freebsd.org > Software developer | http://wheelsystems.com > If it's not broken, let's fix it till it is!!1 > > > > > On Thu, 4 Apr 2019 at 09:32, Mariusz Zaborski > wrote: > > > > > Author: oshogbo > > > Date: Thu Apr 4 16:32:27 2019 > > > New Revision: 345875 > > > URL: https://svnweb.freebsd.org/changeset/base/345875 > > > > > > Log: > > > strings: capsicumize it > > > > > > Reviewed by: cem > > > Discussed with: emaste > > > Differential Revision:https://reviews.freebsd.org/D18038 > > > > > > Modified: > > > head/contrib/elftoolchain/strings/strings.c > > > head/usr.bin/strings/Makefile > > > > > > Modified: head/contrib/elftoolchain/strings/strings.c > > > > > > > == > > > --- head/contrib/elftoolchain/strings/strings.c Thu Apr 4 12:02:48 > 2019 > > > (r345874) > > > +++ head/contrib/elftoolchain/strings/strings.c Thu Apr 4 16:32:27 > 2019 > > > (r345875) > > > @@ -25,8 +25,10 @@ > > > */ > > > > > > #include > > > +#include > > > #include > > > > > > +#include > > > #include > > > #include > > > #include > > > @@ -44,6 +46,9 @@ > > > #include > > > #include > > > > > > +#include > > > +#include > > > + > > > #include "_elftc.h" > > > > > > ELFTC_VCSID("$Id: strings.c 3648 2018-11-22 23:26:43Z emaste $"); > > > @@ -85,7 +90,7 @@ static struct option strings_longopts[] = { > > > }; > > > > > > intgetcharacter(FILE *, long *); > > > -inthandle_file(const char *); > > > +inthandle_file(fileargs_t *fa, const char *); > > > inthandle_elf(const char *, FILE *); > > > inthandle_binary(const char *, FILE *, size_t); > > > intfind_strings(const char *, FILE *, off_t, off_t); > > > @@ -99,6 +104,8 @@ void usage(void); > > > int > > > main(int argc, char **argv) > > > { > > > + fileargs_t *fa; > > > + cap_rights_t rights; > > > int ch, rc; > > > > > > rc = 0; > > > @@ -187,27 +194,41 @@ main(int argc, char **argv) > > > argc -= optind; > > > argv += optind; > > > > > > + cap_rights_init(, CAP_READ, CAP_SEEK, CAP_FSTAT, > CAP_FCNTL); > > > + fa = fileargs_init(argc, argv, O_RDONLY, 0, ); > > > + if (fa == NULL) > > > + err(1, "Unable to initialize casper fileargs"); > > > + > > > + caph_cache_catpages(); > > > + if (caph_limit_stdio() < 0 && caph_enter_casper() < 0) { > > > + fileargs_free(fa); > > > + err(1, "Unable to enter capability mode"); > > > + } > > > + > > > if (min_len == 0) > > > min_len = 4; > > > if (*argv == NULL) > > > rc = find_strings("{standard input}", stdin, 0, 0); > > > else while (*argv != NULL) { > > > - if (handle_file(*argv) != 0) > > > + if (handle_file(fa, *argv) != 0) > > > rc = 1; > > > argv++; > > > } > > > + > > > + fileargs_free(fa); > > > + > > > return (rc); > > > } > > > > > > int > > > -handle_file(const char *name) > > > +handle_file(fileargs_t *fa, const char *name) > > > { > > > FILE *pfile; > > > int rt; > > > > > > if (name == NULL) > > > return (1); > > > - pfile = fopen(name, "rb"); > > > + pfile = fileargs_fopen(fa, name, "rb"); > > > if (pfile == NULL) { > > > warnx("'%s': %s", name, strerror(errno)); > > > return (1); > > > > > > Modified: head/usr.bin/strings/Makefile > > > > > > > == > > > --- head/usr.bin/strings/Makefile Thu Apr 4 12:02:48 2019 > > > (r345874) > > > +++ head/usr.bin/strings/Makefile Thu Apr 4 16:32:27 2019 > > > (r345875) > > > @@ -10,6 +10,12 @@ PROG=strings > > > > > > LIBADD=elftc elf > > > > > > +.if ${MK_CASPER} != "no" && !defined(BOOTSTRAPPING) > > > +LIBADD+= casper > > > +LIBADD+= cap_fileargs > > > +CFLAGS+= -DWITH_CASPER > > > +.endif > > > + > > > CFLAGS+=-I${ELFTCDIR}/libelftc -I${ELFTCDIR}/common > > > > > > .include > > > > > > >
svn commit: r346321 - head/lib/libcasper/services/cap_fileargs
Author: emaste Date: Wed Apr 17 16:45:42 2019 New Revision: 346321 URL: https://svnweb.freebsd.org/changeset/base/346321 Log: cap_fileargs: fix test after r346318 Reported by: danfe, mjg MFC after:3 weeks MFC with: r346315 Sponsored by: The FreeBSD Foundation Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.c == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Wed Apr 17 16:45:35 2019(r346320) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Wed Apr 17 16:45:42 2019(r346321) @@ -579,7 +579,7 @@ fileargs_command_lstat(const nvlist_t *limits, nvlist_ name = nvlist_get_string(nvlin, "name"); error = lstat(name, ); - if (stat < 0) + if (error < 0) return (errno); if (!allcached && (lastname == NULL || ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346320 - head/tests/sys/netpfil/pf/ioctl
Author: kp Date: Wed Apr 17 16:45:35 2019 New Revision: 346320 URL: https://svnweb.freebsd.org/changeset/base/346320 Log: pf tests: Try to provoke the panic with invalid DIOCRSETTFLAGS There was an issue with copyin() on DIOCRSETTFLAGS, which would panic if pfrio_buffer was NULL. Test for the issue fixed in r346319. MFC after:1 week Event:Aberdeen hackathon 2019 Modified: head/tests/sys/netpfil/pf/ioctl/validation.c Modified: head/tests/sys/netpfil/pf/ioctl/validation.c == --- head/tests/sys/netpfil/pf/ioctl/validation.cWed Apr 17 16:42:54 2019(r346319) +++ head/tests/sys/netpfil/pf/ioctl/validation.cWed Apr 17 16:45:35 2019(r346320) @@ -305,6 +305,11 @@ ATF_TC_BODY(settflags, tc) io.pfrio_size = 1 << 28; if (ioctl(dev, DIOCRSETTFLAGS, ) != 0) atf_tc_fail("Request with size 1 << 24 failed"); + + /* NULL buffer */ + io.pfrio_buffer = NULL; + if (ioctl(dev, DIOCRSETTFLAGS, ) != -1) + atf_tc_fail("Request with NULL buffer succeeded"); } ATF_TC_CLEANUP(settflags, tc) ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346318 - head/lib/libcasper/services/cap_fileargs
On Wed, Apr 17, 2019 at 04:31:30PM +, Ed Maste wrote: > New Revision: 346318 > URL: https://svnweb.freebsd.org/changeset/base/346318 > > Log: > cap_fileargs: fix GCC build, don't shadow 'stat' > > @@ -566,7 +566,7 @@ static int > fileargs_command_lstat(const nvlist_t *limits, nvlist_t *nvlin, > nvlist_t *nvlout) > { > - int stat; > + int error; > const char *name; > struct stat sb; > > @@ -578,7 +578,7 @@ fileargs_command_lstat(const nvlist_t *limits, nvlist_ > > name = nvlist_get_string(nvlin, "name"); > > - stat = lstat(name, ); > + error = lstat(name, ); > if (stat < 0) > return (errno); Looks like "if (stat < 0)" is wrong now. ./danfe ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346319 - head/sys/netpfil/pf
Author: kp Date: Wed Apr 17 16:42:54 2019 New Revision: 346319 URL: https://svnweb.freebsd.org/changeset/base/346319 Log: pf: Fix panic on invalid DIOCRSETTFLAGS If during DIOCRSETTFLAGS pfrio_buffer is NULL copyin() will fault, which we're not allowed to do with a lock held. We must count the number of entries in the table and release the lock during copyin(). Only then can we re-acquire the lock. Note that this is safe, because pfr_set_tflags() will check if the table and entries exist. This was discovered by a local syzcaller instance. MFC after:1 week Event:Aberdeen hackathon 2019 Modified: head/sys/netpfil/pf/pf_ioctl.c Modified: head/sys/netpfil/pf/pf_ioctl.c == --- head/sys/netpfil/pf/pf_ioctl.c Wed Apr 17 16:31:30 2019 (r346318) +++ head/sys/netpfil/pf/pf_ioctl.c Wed Apr 17 16:42:54 2019 (r346319) @@ -3103,24 +3103,24 @@ DIOCCHANGEADDR_error: break; } - PF_RULES_WLOCK(); + PF_RULES_RLOCK(); n = pfr_table_count(>pfrio_table, io->pfrio_flags); io->pfrio_size = min(io->pfrio_size, n); + PF_RULES_RUNLOCK(); totlen = io->pfrio_size * sizeof(struct pfr_table); pfrts = mallocarray(io->pfrio_size, sizeof(struct pfr_table), M_TEMP, M_NOWAIT); if (pfrts == NULL) { error = ENOMEM; - PF_RULES_WUNLOCK(); break; } error = copyin(io->pfrio_buffer, pfrts, totlen); if (error) { free(pfrts, M_TEMP); - PF_RULES_WUNLOCK(); break; } + PF_RULES_WLOCK(); error = pfr_set_tflags(pfrts, io->pfrio_size, io->pfrio_setflag, io->pfrio_clrflag, >pfrio_nchange, >pfrio_ndel, io->pfrio_flags | PFR_FLAG_USERIOCTL); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346318 - head/lib/libcasper/services/cap_fileargs
Author: emaste Date: Wed Apr 17 16:31:30 2019 New Revision: 346318 URL: https://svnweb.freebsd.org/changeset/base/346318 Log: cap_fileargs: fix GCC build, don't shadow 'stat' Reported by: ci.freebsd.org MFC after:3 weeks MFC with: r346315 Sponsored by: The FreeBSD Foundation Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.c == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Wed Apr 17 16:27:43 2019(r346317) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Wed Apr 17 16:31:30 2019(r346318) @@ -566,7 +566,7 @@ static int fileargs_command_lstat(const nvlist_t *limits, nvlist_t *nvlin, nvlist_t *nvlout) { - int stat; + int error; const char *name; struct stat sb; @@ -578,7 +578,7 @@ fileargs_command_lstat(const nvlist_t *limits, nvlist_ name = nvlist_get_string(nvlin, "name"); - stat = lstat(name, ); + error = lstat(name, ); if (stat < 0) return (errno); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346317 - head/tools/boot
Author: ian Date: Wed Apr 17 16:27:43 2019 New Revision: 346317 URL: https://svnweb.freebsd.org/changeset/base/346317 Log: Allow this test script to be run from within src/tools/boot dir, and create the temporary image in $TMPDIR. Allow the script to be run from the src/tools/boot directory by using make -V SRCTOP to find the top of the tree, because this script is handy for quick smoke-testing of loader changes, as well as being useful in CI testing. Also, use a temp directory in $TMPDIR to assemble the boot image, and write the boot log file to $TMPDIR. Arrange to have the temporary image clean itself up, but leave the log file in $TMPDIR for post-mortem analysis of failures when the script is run interactively. Differential Revision:https://reviews.freebsd.org/D19876 Modified: head/tools/boot/ci-qemu-test.sh Modified: head/tools/boot/ci-qemu-test.sh == --- head/tools/boot/ci-qemu-test.sh Wed Apr 17 16:18:14 2019 (r346316) +++ head/tools/boot/ci-qemu-test.sh Wed Apr 17 16:27:43 2019 (r346317) @@ -2,62 +2,105 @@ # Install loader, kernel, and enough of userland to boot in QEMU and echo # "Hello world." from init, as a very quick smoke test for CI. Uses QEMU's -# virtual FAT filesystem to avoid the need to create a disk image. +# virtual FAT filesystem to avoid the need to create a disk image. While +# designed for CI automated testing, this script can also be run by hand as +# a quick smoke-test. The rootgen.sh and related scripts generate much more +# extensive tests for many combinations of boot env (ufs, zfs, geli, etc). # # $FreeBSD$ set -e -# Root directory for minimal FreeBSD installation. -ROOTDIR=$(pwd)/fat-root +die() +{ + echo "$*" 1>&2 + exit 1 +} -# Create minimal directory structure. -rm -f $ROOTDIR/efi/boot/BOOTx64.EFI -for dir in dev bin efi/boot etc lib libexec sbin usr/libexec; do - mkdir -p $ROOTDIR/$dir -done +tempdir_cleanup() +{ + trap - EXIT SIGINT SIGHUP SIGTERM SIGQUIT + rm -rf ${ROOTDIR} +} -# Install kernel, loader and minimal userland. -make -DNO_ROOT DESTDIR=$ROOTDIR \ -MODULES_OVERRIDE= \ -WITHOUT_DEBUG_FILES=yes \ -WITHOUT_KERNEL_SYMBOLS=yes \ -installkernel -for dir in stand \ -lib/libc lib/libedit lib/ncurses \ -libexec/rtld-elf \ -bin/sh sbin/init sbin/shutdown; do - make -DNO_ROOT DESTDIR=$ROOTDIR INSTALL="install -U" \ - WITHOUT_MAN= \ - WITHOUT_PROFILE= \ - WITHOUT_TESTS= \ - WITHOUT_TOOLCHAIN= \ - -C $dir install -done +tempdir_setup() +{ + # Create minimal directory structure and populate it. + # Caller must cd ${SRCTOP} before calling this function. -# Put loader in standard EFI location. -mv $ROOTDIR/boot/loader.efi $ROOTDIR/efi/boot/BOOTx64.EFI + for dir in dev bin efi/boot etc lib libexec sbin usr/lib usr/libexec; do + mkdir -p ${ROOTDIR}/${dir} + done -# Configuration files. -cat > $ROOTDIR/boot/loader.conf < ${ROOTDIR}/boot/loader.conf < $ROOTDIR/etc/rc < ${ROOTDIR}/etc/rc <&1 | tee boot.log -grep -q 'Hello world.' boot.log -echo OK +qemu-system-x86_64 -m 256M -bios ${OVMF} \ +-serial stdio -vga none -nographic -monitor none \ +-snapshot -hda fat:${ROOTDIR} 2>&1 | tee ${BOOTLOG} + +# Check whether we succesfully booted... +if grep -q 'Hello world.' ${BOOTLOG}; then + echo "OK" +else + die "Did not boot successfully, see ${BOOTLOG}" +fi ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346316 - in head: contrib/elftoolchain/strings sbin/savecore usr.bin/brandelf usr.bin/head usr.bin/wc
Author: emaste Date: Wed Apr 17 16:18:14 2019 New Revision: 346316 URL: https://svnweb.freebsd.org/changeset/base/346316 Log: cap_fileargs: chase r346315, update fileargs_init in consumers Reported by: ci.freebsd.org (8 times so far) MFC after:3 weeks MFC with: r346315 Sponsored by: The FreeBSD Foundation Modified: head/contrib/elftoolchain/strings/strings.c head/sbin/savecore/savecore.c head/usr.bin/brandelf/brandelf.c head/usr.bin/head/head.c head/usr.bin/wc/wc.c Modified: head/contrib/elftoolchain/strings/strings.c == --- head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:02:57 2019 (r346315) +++ head/contrib/elftoolchain/strings/strings.c Wed Apr 17 16:18:14 2019 (r346316) @@ -195,7 +195,7 @@ main(int argc, char **argv) argv += optind; cap_rights_init(, CAP_READ, CAP_SEEK, CAP_FSTAT, CAP_FCNTL); - fa = fileargs_init(argc, argv, O_RDONLY, 0, ); + fa = fileargs_init(argc, argv, O_RDONLY, 0, , FA_OPEN); if (fa == NULL) err(1, "Unable to initialize casper fileargs"); Modified: head/sbin/savecore/savecore.c == --- head/sbin/savecore/savecore.c Wed Apr 17 16:02:57 2019 (r346315) +++ head/sbin/savecore/savecore.c Wed Apr 17 16:18:14 2019 (r346316) @@ -1030,7 +1030,7 @@ init_caps(int argc, char **argv) */ (void)cap_rights_init(, CAP_PREAD, CAP_WRITE, CAP_IOCTL); capfa = fileargs_init(argc, argv, checkfor || keep ? O_RDONLY : O_RDWR, - 0, ); + 0, , FA_OPEN); if (capfa == NULL) { logmsg(LOG_ERR, "fileargs_init(): %m"); exit(1); Modified: head/usr.bin/brandelf/brandelf.c == --- head/usr.bin/brandelf/brandelf.cWed Apr 17 16:02:57 2019 (r346315) +++ head/usr.bin/brandelf/brandelf.cWed Apr 17 16:18:14 2019 (r346316) @@ -133,7 +133,7 @@ main(int argc, char **argv) if (flags == O_RDWR) cap_rights_set(, CAP_WRITE); - fa = fileargs_init(argc, argv, flags, 0, ); + fa = fileargs_init(argc, argv, flags, 0, , FA_OPEN); if (fa == NULL) errx(1, "unable to init casper"); Modified: head/usr.bin/head/head.c == --- head/usr.bin/head/head.cWed Apr 17 16:02:57 2019(r346315) +++ head/usr.bin/head/head.cWed Apr 17 16:18:14 2019(r346316) @@ -115,7 +115,7 @@ main(int argc, char *argv[]) argv += optind; fa = fileargs_init(argc, argv, O_RDONLY, 0, - cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL)); + cap_rights_init(, CAP_READ, CAP_FSTAT, CAP_FCNTL), FA_OPEN); if (fa == NULL) errx(1, "unable to init casper"); Modified: head/usr.bin/wc/wc.c == --- head/usr.bin/wc/wc.cWed Apr 17 16:02:57 2019(r346315) +++ head/usr.bin/wc/wc.cWed Apr 17 16:18:14 2019(r346316) @@ -133,7 +133,7 @@ main(int argc, char *argv[]) (void)signal(SIGINFO, siginfo_handler); fa = fileargs_init(argc, argv, O_RDONLY, 0, - cap_rights_init(, CAP_READ, CAP_FSTAT)); + cap_rights_init(, CAP_READ, CAP_FSTAT), FA_OPEN); if (fa == NULL) { xo_warn("Unable to init casper"); exit(1); ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On 4/16/19 4:48 PM, Conrad Meyer wrote: > On Tue, Apr 16, 2019 at 4:31 PM John Baldwin wrote: >> bhyveload is effectively the loader in this case. It runs the normal loader >> scripts and logic and so would load the guests's /boot/entropy and pass it >> to the guest kernel as metadata just like the regular loader. > > Right, except it doesn't seem to do things like nuke /boot/nextboot.conf :-(. It just needs a disk write method I think for that to work, but I'm not sure that's currently in the userboot interface. >> In addition, bhyve also supports virtio-rng which is another way to provide >> entropy to guest OS's. That's why in my reply I focused on qemu for mips >> (or riscv) as for x86 hypervisors there are existing, somewhat-standarized >> solutions for the hypervisor to provide entropy to the guest. > > Perhaps cryptographically random stack-protector cookies are simply > inappropriate for MIPS or RISCV. Do we have any other examples of > kernel random consumers blocking after that immediate hiccup is > overcome? There may be MIPS and RISCV designs that do have suitable entropy available (especially I would expect future RISCV designs to have them), so I think blacklisting stack protector wholesale on those architectures is overboard. I think some sort of off-by-default knob (even a compile option) is fine for people who need fast and loose vs safe as you already agreed to earlier. Also, for development testing we still want coverage of using stack cookies on MIPS and RISCV even if the simulator environment gives not-very-strong cookie values. -- John Baldwin ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346315 - head/lib/libcasper/services/cap_fileargs
Author: emaste Date: Wed Apr 17 16:02:57 2019 New Revision: 346315 URL: https://svnweb.freebsd.org/changeset/base/346315 Log: cap_fileargs: add fileargs_lstat service Add fileargs_lstat function to cap_fileargs casper service to be able to lstat files while in capability mode. It can only lstat files given in fileargs_init. Submitted by: Bora Özarslan Reviewed by: oshogbo, cem (partial) MFC after:3 weeks Relnotes: Yes Sponsored by: The FreeBSD Foundation Differential Revision:https://reviews.freebsd.org/D19548 Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 head/lib/libcasper/services/cap_fileargs/cap_fileargs.c head/lib/libcasper/services/cap_fileargs/cap_fileargs.h Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Wed Apr 17 16:00:33 2019(r346314) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Wed Apr 17 16:02:57 2019(r346315) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd November 12, 2018 +.Dd April 17, 2019 .Dt CAP_FILEARGS 3 .Os .Sh NAME @@ -33,6 +33,7 @@ .Nm fileargs_init , .Nm fileargs_initnv , .Nm fileargs_free , +.Nm fileargs_lstat , .Nm fileargs_open , .Nm fileargs_fopen .Nd "library for handling files in capability mode" @@ -43,9 +44,9 @@ .In libcasper.h .In casper/cap_fileargs.h .Ft "fileargs_t *" -.Fn fileargs_init "int argc" "char *argv[]" "int flags" "mode_t mode" "cap_rights_t *rightsp" +.Fn fileargs_init "int argc" "char *argv[]" "int flags" "mode_t mode" "cap_rights_t *rightsp" "int operations" .Ft "fileargs_t *" -.Fn fileargs_cinit "cap_channel_t *cas" "int argc" "char *argv[]" "int flags" "mode_t mode" "cap_rights_t *rightsp" +.Fn fileargs_cinit "cap_channel_t *cas" "int argc" "char *argv[]" "int flags" "mode_t mode" "cap_rights_t *rightsp" "int operations" .Ft "fileargs_t *" .Fn fileargs_cinitnv "cap_channel_t *cas" "nvlist_t *limits" .Ft "fileargs_t *" @@ -53,6 +54,8 @@ .Ft "void" .Fn fileargs_free "fileargs_t *fa" .Ft "int" +.Fn fileargs_lstat "fileargs_t *fa" "const char *path" "struct stat *sb" +.Ft "int" .Fn fileargs_open "fileargs_t *fa" "const char *name" .Ft "FILE *" .Fn fileargs_fopen "fileargs_t *fa" "const char *name" "const char *mode" @@ -97,6 +100,22 @@ The argument contains a list of the capability rights which file should be limited to. For more details of the capability rights see .Xr cap_rights_init 3 . +The +.Fa operations +argument limits the operations that are available using +.Nm system.fileargs . +.Fa operations +is a combination of: +.Bl -ohang -offset indent +.It FA_OPEN +Allow +.Fn fileargs_open +and +.Fn fileargs_fopen . +.It FA_LSTAT +Allow +.Fn fileargs_lstat . +.El .Pp The function .Fn fileargs_cinit @@ -126,6 +145,11 @@ The function handle .Dv NULL argument. .Pp +The function +.Fn fileargs_lstat +is equivalent to +.Xr lstat 2 . +.Pp The functions .Fn fileargs_open and @@ -165,6 +189,15 @@ must contain the The .Va mode argument tells which what mode file should be created. +.It operations (NV_TYPE_NUMBER) +The +.Va operations +limits the usable operations for +.Fa system.fileargs . +The possible values are explained as +.Va operations +argument with +.Fn fileargs_init . .El .Pp The @@ -201,7 +234,7 @@ argv += optind; /* Create capability to the system.fileargs service. */ fa = fileargs_init(argc, argv, O_RDONLY, 0, -cap_rights_init(, CAP_READ)); +cap_rights_init(, CAP_READ), FA_OPEN); if (fa == NULL) err(1, "unable to open system.fileargs service"); @@ -222,6 +255,7 @@ fileargs_free(fa); .Ed .Sh SEE ALSO .Xr cap_enter 2 , +.Xr lstat 2 , .Xr open 2 , .Xr cap_rights_init 3 , .Xr err 3 , Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.c == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Wed Apr 17 16:00:33 2019(r346314) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.c Wed Apr 17 16:02:57 2019(r346315) @@ -35,6 +35,7 @@ __FBSDID("$FreeBSD$"); #include #include #include +#include #include #include @@ -59,8 +60,37 @@ struct fileargs { }; static int -fileargs_get_cache(fileargs_t *fa, const char *name) +fileargs_get_lstat_cache(fileargs_t *fa, const char *name, struct stat *sb) { + const nvlist_t *nvl; + size_t size; + const void *buf; + + assert(fa != NULL); + assert(fa->fa_magic == FILEARGS_MAGIC); + assert(name != NULL); + + if (fa->fa_cache == NULL) + return (-1); + + nvl = dnvlist_get_nvlist(fa->fa_cache, name, NULL); + if (nvl == NULL) + return (-1); + + if (!nvlist_exists_binary(nvl, "stat")) { + return (-1); + } + + buf = nvlist_get_binary(nvl,
Re: svn commit: r346250 - in head: share/man/man4 share/man/man9 sys/dev/random sys/kern sys/libkern sys/sys
On 4/16/19 4:43 PM, Conrad Meyer wrote: > On Tue, Apr 16, 2019 at 4:28 PM John Baldwin wrote: >> Still, what I would suggest is to have the existing arc4random() use >> WITNESS_WARN. >> We could provide an alternative API that is non-blocking and returns >> EWOULDBLOCK. > > I think the alternative EWOULDBLOCK proposal is worse than > WITNESS_WARN. But I highlighted some problems with WITNESS_WARN in my > earlier email; how would you resolve them? > >> Code that trips over the warning would have to be changed to use the >> non-blocking >> API and then deal with EWOULDBLOCK. > > Or it could just check that the random device is seeded, prior to > using arc4random? You're missing the point which is that you've added potential blocking in a lot of places by changing the semantics of arc4random. Unless you're intending to hand-audit all of them (as well as future uses), I think having the existing API be "safe" (and blocking) but use WITNESS_WARN is a way to catch existing and future locking problems. The EWOULDBLOCK API is something a developer would choose and it means they would be aware of the constraint and need to deal with it, either by handling EWOULDBLOCK in some way, or deferring use until seeded, etc. >> One way of dealing with that would be to >> check the is_random_seeded() flag earlier in the function, subsystem, >> whatever >> and then the code could assert that the non-blocking API never failed. > > That's more or less the status quo with no-error arc4random, no? Except that we don't know which existing or future uses of arc4random need this unless you manually audit all of them (which doesn't help future uses). -- John Baldwin ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346314 - head/lib/libcasper/services/cap_fileargs
Author: emaste Date: Wed Apr 17 16:00:33 2019 New Revision: 346314 URL: https://svnweb.freebsd.org/changeset/base/346314 Log: cap_fileargs.3: typo and markup corrections Submitted by: Bora Özarslan" MFC after:1 week MFC with: r346313 Sponsored by: The FreeBSD Foundation Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Wed Apr 17 15:48:33 2019(r346313) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Wed Apr 17 16:00:33 2019(r346314) @@ -105,9 +105,9 @@ is equivalent to except that the connection to the Casper needs to be provided. .Pp The functions -.Fn fileargs_ininv +.Fn fileargs_initnv and -.Fn fileargs_cininv +.Fn fileargs_cinitnv are respectively equivalent to .Fn fileargs_init and @@ -141,9 +141,9 @@ structure. This section describe which values and types should be used to pass arguments to the .Fa system.fileargs through the -.Fn fileargs_ininv +.Fn fileargs_initnv and -.Fn fileargs_cinit +.Fn fileargs_cinitnv functions. The .Xr nvlist 9 @@ -225,8 +225,8 @@ fileargs_free(fa); .Xr open 2 , .Xr cap_rights_init 3 , .Xr err 3 , -.Xr fopen 3, -.Xr getopt 3, +.Xr fopen 3 , +.Xr getopt 3 , .Xr capsicum 4 , .Xr nv 9 .Sh BUGS ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346295 - in head/sys: arm/allwinner arm/altera/socfpga arm/amlogic/aml8726 arm/annapurna/alpine arm/broadcom/bcm2835 arm/freescale/imx arm/freescale/vybrid arm/mv arm/nvidia/tegra124
On Wed, 2019-04-17 at 11:23 +0200, Andrew Turner wrote: > > On 16 Apr 2019, at 22:04, Emmanuel Vadot wrote: > > > > Author: manu > > Date: Tue Apr 16 20:04:22 2019 > > New Revision: 346295 > > URL: https://svnweb.freebsd.org/changeset/base/346295 > > > > Log: > > arm: Add kern_clocksource.c directly in files.arm > > > > This files is needed and included in all our config so move it to > > a common > > location. > > > > MFC after: 2 weeks > > ... > > Modified: head/sys/conf/files.arm > > === > > === > > --- head/sys/conf/files.arm Tue Apr 16 19:46:02 2019(r346294) > > +++ head/sys/conf/files.arm Tue Apr 16 20:04:22 2019(r346295) > > @@ -11,6 +11,9 @@ cloudabi32_vdso_blob.ooptionalcom > > pat_cloudabi32 \ > > no-implicit-rule\ > > clean "cloudabi32_vdso_blob.o" > > # > > + > > +kern/kern_clocksource.cstandard > > Could this be moved from the various files.* to files? It seems we > define it as standard on all architectures. > > I thought mips still had some variants that didn't implement event timers. That's why this stuff was ever in arch-specific files, arm and mips had some flavors without ET support. If we no longer have any platforms that need to run without event timers, there is some more extensive cleanup that could be done beyond just moving this entry to sys/conf/files (and I'd be up for doing that work, if I can find time). -- Ian ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346313 - head/lib/libcasper/services/cap_fileargs
Author: emaste Date: Wed Apr 17 15:48:33 2019 New Revision: 346313 URL: https://svnweb.freebsd.org/changeset/base/346313 Log: cap_fileargs.3: correct 'filerags' typo Submitted by: Bora Özarslan" MFC after:1 week Sponsored by: The FreeBSD Foundation Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Modified: head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 == --- head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Wed Apr 17 15:27:11 2019(r346312) +++ head/lib/libcasper/services/cap_fileargs/cap_fileargs.3 Wed Apr 17 15:48:33 2019(r346313) @@ -120,7 +120,7 @@ For details see The .Fa fileargs_free close connection to the -.Nm system.filerags +.Nm system.fileargs service and free are structures. The function handle .Dv NULL @@ -139,7 +139,7 @@ expect that all arguments are fetched from the structure. .Sh LIMITS This section describe which values and types should be used to pass arguments to the -.Fa system.filerags +.Fa system.fileargs through the .Fn fileargs_ininv and @@ -181,7 +181,7 @@ Any number of where the name of the element is name of the file which can be opened. .Sh EXAMPLES The following example first parse some options and then create the -.Nm system.filerags +.Nm system.fileargs service with remaining arguments. .Bd -literal int ch, fd, i; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346312 - head/sys/arm/arm
Author: ian Date: Wed Apr 17 15:27:11 2019 New Revision: 346312 URL: https://svnweb.freebsd.org/changeset/base/346312 Log: Only set up the interrupts that will actually be used in arm generic_timer. The code previously set up interrupt handlers for all the interrupt resources available, including for timers that are not in use. That could lead to interrupt storms. For example, if boot firmware enabled the virtual timer but the kernel is using the physical timer, it could get flooded with interrupts on the virtual timer which it cannot shut off. By only setting up an interrupt handler for the hardware that will actually be used, any interrupts from other timer units will remain masked in the interrupt controller. Differential Revision:https://reviews.freebsd.org/D19871 Modified: head/sys/arm/arm/generic_timer.c Modified: head/sys/arm/arm/generic_timer.c == --- head/sys/arm/arm/generic_timer.cWed Apr 17 14:20:55 2019 (r346311) +++ head/sys/arm/arm/generic_timer.cWed Apr 17 15:27:11 2019 (r346312) @@ -393,7 +393,7 @@ arm_tmr_attach(device_t dev) pcell_t clock; #endif int error; - int i; + int i, first_timer, last_timer; sc = device_get_softc(dev); if (arm_tmr_sc) @@ -433,17 +433,25 @@ arm_tmr_attach(device_t dev) return (ENXIO); } -#ifdef __arm__ - sc->physical = true; -#else /* __aarch64__ */ - /* If we do not have a virtual timer use the physical. */ - sc->physical = (sc->res[2] == NULL) ? true : false; +#ifdef __aarch64__ + /* Use the virtual timer if we have one. */ + if (sc->res[2] != NULL) { + sc->physical = false; + first_timer = 2; + last_timer = 2; + } else #endif + /* Otherwise set up the secure and non-secure physical timers. */ + { + sc->physical = true; + first_timer = 0; + last_timer = 1; + } arm_tmr_sc = sc; /* Setup secure, non-secure and virtual IRQs handler */ - for (i = 0; i < 3; i++) { + for (i = first_timer; i <= last_timer; i++) { /* If we do not have the interrupt, skip it. */ if (sc->res[i] == NULL) continue; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346310 - head/share/misc
On 2019-04-17 09:12, Pedro F. Giffuni wrote: Author: pfg Date: Wed Apr 17 14:12:11 2019 New Revision: 346310 URL: https://svnweb.freebsd.org/changeset/base/346310 Log: Add myself to ports committers. Approved by: pfg (mentor) Oops: I meant thierry (mentor) yikes! Pedro. ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346311 - head/share/misc
Author: pfg Date: Wed Apr 17 14:20:55 2019 New Revision: 346311 URL: https://svnweb.freebsd.org/changeset/base/346311 Log: Add orphan mentee. Modified: head/share/misc/committers-src.dot Modified: head/share/misc/committers-src.dot == --- head/share/misc/committers-src.dot Wed Apr 17 14:12:11 2019 (r346310) +++ head/share/misc/committers-src.dot Wed Apr 17 14:20:55 2019 (r346311) @@ -743,6 +743,7 @@ obrien -> gshapiro obrien -> kan obrien -> sam +pfg -> pstef pfg -> fsu peter -> asmodai ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r346310 - head/share/misc
Author: pfg Date: Wed Apr 17 14:12:11 2019 New Revision: 346310 URL: https://svnweb.freebsd.org/changeset/base/346310 Log: Add myself to ports committers. Approved by: pfg (mentor) Modified: head/share/misc/committers-ports.dot Modified: head/share/misc/committers-ports.dot == --- head/share/misc/committers-ports.dotWed Apr 17 12:34:37 2019 (r346309) +++ head/share/misc/committers-ports.dotWed Apr 17 14:12:11 2019 (r346310) @@ -213,6 +213,7 @@ pat [label="Patrick Li\n...@freebsd.org\n2001/11/14"] pav [label="Pav Lucistnik\n...@freebsd.org\n2003/11/12"] pawel [label="Pawel Pekala\npa...@freebsd.org\n2011/03/11"] pclin [label="Po-Chien Lin\npc...@freebsd.org\n2013/02/11"] +pfg [label="Pedro Giffuni\n...@freebsd.org\n2019/04/14"] pgj [label="Gabor Pali\n...@freebsd.org\n2009/04/12"] pgollucci [label="Philip M. Gollucci\npgollu...@freebsd.org\n2008/07/21"] philip [label="Philip Paeps\nphi...@freebsd.org\n2005/10/19"] @@ -727,6 +728,7 @@ tcberner -> pkubaj thierry -> jadawin thierry -> riggs +thierry -> pfg timur -> kbowling ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
Re: svn commit: r346295 - in head/sys: arm/allwinner arm/altera/socfpga arm/amlogic/aml8726 arm/annapurna/alpine arm/broadcom/bcm2835 arm/freescale/imx arm/freescale/vybrid arm/mv arm/nvidia/tegra124
> On 16 Apr 2019, at 22:04, Emmanuel Vadot wrote: > > Author: manu > Date: Tue Apr 16 20:04:22 2019 > New Revision: 346295 > URL: https://svnweb.freebsd.org/changeset/base/346295 > > Log: > arm: Add kern_clocksource.c directly in files.arm > > This files is needed and included in all our config so move it to a common > location. > > MFC after: 2 weeks ... > Modified: head/sys/conf/files.arm > == > --- head/sys/conf/files.arm Tue Apr 16 19:46:02 2019(r346294) > +++ head/sys/conf/files.arm Tue Apr 16 20:04:22 2019(r346295) > @@ -11,6 +11,9 @@ cloudabi32_vdso_blob.o optional > compat_cloudabi32 \ > no-implicit-rule\ > clean "cloudabi32_vdso_blob.o" > # > + > +kern/kern_clocksource.c standard Could this be moved from the various files.* to files? It seems we define it as standard on all architectures. Andrew ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"