Re: openssh: update ed25519 and squash into a single file
On Fri, 13 Jan 2023, Damien Miller wrote:
> Hi,
>
> Forewarning: this is a big, noisy diff. Also on Github at
> https://github.com/djmdjm/openssh-wip/pull/18
>
> This updates the ED25519 code to the latest version of SUPERCOP (20221122),
> but the real motivation for this is to move the ED25519 code to the same
> approach we use for the Streamlined NTRUPrime code: using a shell-script
> to extract the bits we want from SUPERCOP and squish them all into a
> single file.
>
> This removes a bunch of exported function names, a bit of unused
> code and means that all the ED25519 code is in a single file rather
> than eight.
>
> To review this, it's probably best to run the shellscript locally
> (use sh ed25519.sh /path/to/directory/with/supercop) and inspect the
> output. Apart from the original ed25519.c (assembled from the keypair.c,
> sign.c and open.c files in SUPERCOP) there are no substantial changes.
Here's a better way to look at the substantive changes:
1. Assemble the existing ed25519 code in the same order as how this
patch arranges things:
cat verify.c fe25519.h fe25519.c sc25519.h sc25519.c \
ge25519.h ge25519.c ed25519.c | \
sed -e '/#include "ge25519_base.data"/r ge25519_base.data' \
-e '/#include.*/d' > ed25519.c.old
2. Apply the patch
3. Diff the original and new code (below)
This isn't completely without noise, but it lets you see the substantive
changes clearly.
-d
--- /tmp/ed25519.c Sat Jan 14 16:25:09 2023
+++ ed25519.c Sat Jan 14 16:25:41 2023
@@ -1,12 +1,30 @@
-/* $OpenBSD: verify.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */
+/* $OpenBSD: $ */
/*
- * Public Domain, Author: Daniel J. Bernstein
- * Copied from nacl-20110221/crypto_verify/32/ref/verify.c
+ * Public Domain, Authors:
+ * - Daniel J. Bernstein
+ * - Niels Duif
+ * - Tanja Lange
+ * - lead: Peter Schwabe
+ * - Bo-Yin Yang
*/
+#include
-int crypto_verify_32(const unsigned char *x,const unsigned char *y)
+#include "crypto_api.h"
+
+#define int8 crypto_int8
+#define uint8 crypto_uint8
+#define int16 crypto_int16
+#define uint16 crypto_uint16
+#define int32 crypto_int32
+#define uint32 crypto_uint32
+#define int64 crypto_int64
+#define uint64 crypto_uint64
+
+/* from supercop-20221122/crypto_verify/32/ref/verify.c */
+
+static int crypto_verify_32(const unsigned char *x,const unsigned char *y)
{
unsigned int differentbits = 0;
#define F(i) differentbits |= x[i] ^ y[i];
@@ -44,14 +62,7 @@
F(31)
return (1 & ((differentbits - 1) >> 8)) - 1;
}
-/* $OpenBSD: fe25519.h,v 1.3 2013/12/09 11:03:45 markus Exp $ */
-
-/*
- * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange,
- * Peter Schwabe, Bo-Yin Yang.
- * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.h
- */
-
+/* from supercop-20221122/crypto_sign/ed25519/ref/fe25519.h */
#ifndef FE25519_H
#define FE25519_H
@@ -80,52 +91,45 @@
}
fe25519;
-void fe25519_freeze(fe25519 *r);
+static void fe25519_freeze(fe25519 *r);
-void fe25519_unpack(fe25519 *r, const unsigned char x[32]);
+static void fe25519_unpack(fe25519 *r, const unsigned char x[32]);
-void fe25519_pack(unsigned char r[32], const fe25519 *x);
+static void fe25519_pack(unsigned char r[32], const fe25519 *x);
-int fe25519_iszero(const fe25519 *x);
+static int fe25519_iszero(const fe25519 *x);
-int fe25519_iseq_vartime(const fe25519 *x, const fe25519 *y);
+static int fe25519_iseq_vartime(const fe25519 *x, const fe25519 *y);
-void fe25519_cmov(fe25519 *r, const fe25519 *x, unsigned char b);
+static void fe25519_cmov(fe25519 *r, const fe25519 *x, unsigned char b);
-void fe25519_setone(fe25519 *r);
+static void fe25519_setone(fe25519 *r);
-void fe25519_setzero(fe25519 *r);
+static void fe25519_setzero(fe25519 *r);
-void fe25519_neg(fe25519 *r, const fe25519 *x);
+static void fe25519_neg(fe25519 *r, const fe25519 *x);
unsigned char fe25519_getparity(const fe25519 *x);
-void fe25519_add(fe25519 *r, const fe25519 *x, const fe25519 *y);
+static void fe25519_add(fe25519 *r, const fe25519 *x, const fe25519 *y);
-void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y);
+static void fe25519_sub(fe25519 *r, const fe25519 *x, const fe25519 *y);
-void fe25519_mul(fe25519 *r, const fe25519 *x, const fe25519 *y);
+static void fe25519_mul(fe25519 *r, const fe25519 *x, const fe25519 *y);
-void fe25519_square(fe25519 *r, const fe25519 *x);
+static void fe25519_square(fe25519 *r, const fe25519 *x);
-void fe25519_invert(fe25519 *r, const fe25519 *x);
+static void fe25519_invert(fe25519 *r, const fe25519 *x);
-void fe25519_pow2523(fe25519 *r, const fe25519 *x);
+static void fe25519_pow2523(fe25519 *r, const fe25519 *x);
#endif
-/* $OpenBSD: fe25519.c,v 1.3 2013/12/09 11:03:45 markus Exp $ */
-
-/*
- * Public Domain, Authors: Daniel J. Bernstein, Niels Duif, Tanja Lange,
- * Peter Schwabe, Bo-Yin Yang.
- * Copied from supercop-20130419/crypto_sign/ed25519/ref/fe25519.c
- */
-
+/* from
Re: ifconfig.c redundancy the second
Ehm well it should look like this, sorry:
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.460
diff -u -p -u -p -r1.460 ifconfig.c
--- ifconfig.c 18 Dec 2022 18:56:38 - 1.460
+++ ifconfig.c 13 Jan 2023 18:52:48 -
@@ -1907,12 +1907,14 @@ delifjoinlist(const char *val, int d)
memset(, 0, sizeof(join));
join.i_flags |= (IEEE80211_JOIN_DEL | IEEE80211_JOIN_DEL_ALL);
+ /*
if (d == -1) {
ifr.ifr_data = (caddr_t)
if (ioctl(sock, SIOCS80211JOIN, (caddr_t)) == -1)
err(1, "SIOCS80211JOIN");
return;
}
+ */
ifr.ifr_data = (caddr_t)
Re: ifconfig.c redundancy the second
On Fri, Jan 13, 2023 at 08:04:36PM +0100, Mathias Koehler wrote:
> I hope the following message is a format more helpful for you
> guys. (Thanks to Otto Moerbeek who gave me a hint.)
/% ... %./ is not a comment marker in C.
-Otto
> Again my question is how should that code look like?
> Because I can remove the 'if' and the code still does the same.
>
> ===
> RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
> retrieving revision 1.460
> diff -u -p -u -p -r1.460 ifconfig.c
> --- ifconfig.c 18 Dec 2022 18:56:38 - 1.460
> +++ ifconfig.c 13 Jan 2023 18:52:48 -
> @@ -1907,12 +1907,14 @@ delifjoinlist(const char *val, int d)
> memset(, 0, sizeof(join));
> join.i_flags |= (IEEE80211_JOIN_DEL | IEEE80211_JOIN_DEL_ALL);
>
> + /%
> if (d == -1) {
> ifr.ifr_data = (caddr_t)
> if (ioctl(sock, SIOCS80211JOIN, (caddr_t)) == -1)
> err(1, "SIOCS80211JOIN");
> return;
> }
> + %/
>
> ifr.ifr_data = (caddr_t)
> if (ioctl(sock, SIOCS80211JOIN, (caddr_t)) == -1)
>
ifconfig.c redundancy the second
I hope the following message is a format more helpful for you
guys. (Thanks to Otto Moerbeek who gave me a hint.)
Again my question is how should that code look like?
Because I can remove the 'if' and the code still does the same.
===
RCS file: /cvs/src/sbin/ifconfig/ifconfig.c,v
retrieving revision 1.460
diff -u -p -u -p -r1.460 ifconfig.c
--- ifconfig.c 18 Dec 2022 18:56:38 - 1.460
+++ ifconfig.c 13 Jan 2023 18:52:48 -
@@ -1907,12 +1907,14 @@ delifjoinlist(const char *val, int d)
memset(, 0, sizeof(join));
join.i_flags |= (IEEE80211_JOIN_DEL | IEEE80211_JOIN_DEL_ALL);
+ /%
if (d == -1) {
ifr.ifr_data = (caddr_t)
if (ioctl(sock, SIOCS80211JOIN, (caddr_t)) == -1)
err(1, "SIOCS80211JOIN");
return;
}
+ %/
ifr.ifr_data = (caddr_t)
if (ioctl(sock, SIOCS80211JOIN, (caddr_t)) == -1)
[updated] console enhancement patchset
Another update to the console enhancement patchset.
Some of the code from previous versions is now in -current, but if you want
the full experience, (256 colours, extra text attributes, etc), you'll still
need to apply the following diff.
This is against -current as of an hour or so ago.
NEW - Rasops code converted to use WSATTR bit assignments directly instead of
moving the underline flag to bit 0.
NEW - Support for 256 colours on 16bpp framebuffers.
NEW - Byteswapped framebuffers should now work properly with 256 colours.
--- dev/wscons/wsemul_vt100_keys.c.dist Sat Mar 14 00:38:50 2015
+++ dev/wscons/wsemul_vt100_keys.c Mon Jan 2 16:01:42 2023
@@ -37,11 +37,9 @@
#include
#include
+#define vt100_fkeys_len(x) (5+(x>=8)+(x>=12))
+
static const u_char *vt100_fkeys[] = {
- "\033[11~", /* F1 */
- "\033[12~",
- "\033[13~", /* F1-F5 normally don't send codes */
- "\033[14~",
"\033[15~", /* F5 */
"\033[17~", /* F6 */
"\033[18~",
@@ -50,18 +48,18 @@
"\033[21~",
"\033[23~", /* VT100: ESC */
"\033[24~", /* VT100: BS */
- "\033[25~", /* VT100: LF */
- "\033[26~",
- "\033[28~", /* help */
- "\033[29~", /* do */
- "\033[31~",
- "\033[32~",
- "\033[33~",
- "\033[34~", /* F20 */
- "\033[35~",
- "\033[36~",
- "\033[37~",
- "\033[38~"
+ "\033[1;2P",/* VT100: LF */
+ "\033[1;2Q",
+ "\033[1;2R",/* help */
+ "\033[1;2S",/* do */
+ "\033[15;2~",
+ "\033[17;2~",
+ "\033[18;2~",
+ "\033[19;2~", /* F20 */
+ "\033[20;2~",
+ "\033[21;2~",
+ "\033[23;2~",
+ "\033[24;2~"
};
static const u_char *vt100_pfkeys[] = {
@@ -96,14 +94,22 @@
edp->translatebuf, edp->flags & VTFL_UTF8));
}
- if (in >= KS_f1 && in <= KS_f24) {
- *out = vt100_fkeys[in - KS_f1];
- return (5);
+ if (in >= KS_f1 && in <= KS_f4) {
+ *out = vt100_pfkeys[in - KS_f1];
+ return (3);
}
- if (in >= KS_F1 && in <= KS_F24) {
- *out = vt100_fkeys[in - KS_F1];
- return (5);
+ if (in >= KS_F1 && in <= KS_F4) {
+ *out = vt100_pfkeys[in - KS_F1];
+ return (3);
}
+ if (in >= KS_f5 && in <= KS_f24) {
+ *out = vt100_fkeys[in - KS_f5];
+ return vt100_fkeys_len(in - KS_f5);
+ }
+ if (in >= KS_F5 && in <= KS_F24) {
+ *out = vt100_fkeys[in - KS_F5];
+ return vt100_fkeys_len(in - KS_F5);
+ }
if (in >= KS_KP_F1 && in <= KS_KP_F4) {
*out = vt100_pfkeys[in - KS_KP_F1];
return (3);
@@ -148,12 +154,12 @@
}
switch (in) {
case KS_Help:
- *out = vt100_fkeys[15 - 1];
+ *out = vt100_fkeys[15 - 1 + 4]; /* vt100_fkeys starts at F5 */
return (5);
case KS_Execute: /* "Do" */
- *out = vt100_fkeys[16 - 1];
+ *out = vt100_fkeys[16 - 1 + 4]; /* vt100_fkeys starts at F5 */
return (5);
- case KS_Find:
+ case KS_Find: /* Not defined in xterm
terminfo */
*out = "\033[1~";
return (4);
case KS_Insert:
@@ -163,7 +169,7 @@
case KS_KP_Delete:
*out = "\033[3~";
return (4);
- case KS_Select:
+ case KS_Select: /* Not defined in xterm
terminfo */
*out = "\033[4~";
return (4);
case KS_Prior:
@@ -174,14 +180,27 @@
case KS_KP_Next:
*out = "\033[6~";
return (4);
+ case KS_Backtab:
+ *out = "\033[Z";
+ return (3);
+ /*
+* Unlike insert, delete, page up, and page down, we purposely don't
+* send the same sequence of \033OE for the non-keypad 'begin' key.
+*
+* This is because the terminfo xterm entry is mapping this to kb2,
+* which is defined as 'centre of keypad'.
+*/
+ case KS_KP_Begin:
+ *out = "\033OE";
+ return (3);
case KS_Home:
case KS_KP_Home:
- *out = "\033[7~";
- return (4);
+ *out = "\033OH";
+ return (3);
case KS_End:
case KS_KP_End:
- *out = "\033[8~";
- return (4);
+ *out = "\033OF";
+ return (3);
case KS_Up:
case KS_KP_Up:
if (edp->flags & VTFL_APPLCURSOR)
--- dev/wscons/wsemul_vt100_subr.c.current Fri Jan 13 13:12:01 2023
+++ dev/wscons/wsemul_vt100_subr.c Fri Jan 13
Re: vmm: Relock the kernel on ioctl error
Christian Ludwig writes:
> [[S/MIME Signed Part:Undecided]]
> The vmm(4) ioctl handler unlocks the kernel, but misses to relock it in
> case of an error.
Thanks! Committed.
> ---
> sys/arch/amd64/amd64/vmm.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/sys/arch/amd64/amd64/vmm.c b/sys/arch/amd64/amd64/vmm.c
> index 13cf7643cb4..0ddea3ead7e 100644
> --- a/sys/arch/amd64/amd64/vmm.c
> +++ b/sys/arch/amd64/amd64/vmm.c
> @@ -651,13 +651,13 @@ vmmioctl(dev_t dev, u_long cmd, caddr_t data, int
> flag, struct proc *p)
>
> ret = rw_enter(_softc->sc_slock, RW_READ | RW_INTR);
> if (ret != 0)
> - return (ret);
> + goto out;
> while (vmm_softc->sc_status != VMM_ACTIVE) {
> ret = rwsleep_nsec(_softc->sc_status, _softc-
>>sc_slock,
> PWAIT | PCATCH, "vmmresume", INFSLP);
> if (ret != 0) {
> rw_exit(_softc->sc_slock);
> - return (ret);
> + goto out;
> }
> }
> refcnt_take(_softc->sc_refcnt);
> @@ -709,8 +709,8 @@ vmmioctl(dev_t dev, u_long cmd, caddr_t data, int
> flag, struct proc *p)
>
> refcnt_rele_wake(_softc->sc_refcnt);
>
> +out:
> KERNEL_LOCK();
> -
> return (ret);
> }
vmm: Relock the kernel on ioctl error
The vmm(4) ioctl handler unlocks the kernel, but misses to relock it in
case of an error.
---
sys/arch/amd64/amd64/vmm.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/sys/arch/amd64/amd64/vmm.c b/sys/arch/amd64/amd64/vmm.c
index 13cf7643cb4..0ddea3ead7e 100644
--- a/sys/arch/amd64/amd64/vmm.c
+++ b/sys/arch/amd64/amd64/vmm.c
@@ -651,13 +651,13 @@ vmmioctl(dev_t dev, u_long cmd, caddr_t data, int
flag, struct proc *p)
ret = rw_enter(_softc->sc_slock, RW_READ | RW_INTR);
if (ret != 0)
- return (ret);
+ goto out;
while (vmm_softc->sc_status != VMM_ACTIVE) {
ret = rwsleep_nsec(_softc->sc_status, _softc-
>sc_slock,
PWAIT | PCATCH, "vmmresume", INFSLP);
if (ret != 0) {
rw_exit(_softc->sc_slock);
- return (ret);
+ goto out;
}
}
refcnt_take(_softc->sc_refcnt);
@@ -709,8 +709,8 @@ vmmioctl(dev_t dev, u_long cmd, caddr_t data, int
flag, struct proc *p)
refcnt_rele_wake(_softc->sc_refcnt);
+out:
KERNEL_LOCK();
-
return (ret);
}
--
2.35.1
smime.p7s
Description: S/MIME cryptographic signature
