svn commit: r344691 - head/sys/netpfil/pf
Author: kp
Date: Fri Mar 1 07:37:45 2019
New Revision: 344691
URL: https://svnweb.freebsd.org/changeset/base/344691
Log:
pf: IPv6 fragments with malformed extension headers could be erroneously
passed by pf or cause a panic
We mistakenly used the extoff value from the last packet to patch the
next_header field. If a malicious host sends a chain of fragmented packets
where the first packet and the final packet have different lengths or number
of
extension headers we'd patch the next_header at the wrong offset.
This can potentially lead to panics or rule bypasses.
Security: CVE-2019-5597
Obtained from: OpenBSD
Reported by:Corentin Bayet, Nicolas Collignon, Luca Moro at Synacktiv
Modified:
head/sys/netpfil/pf/pf_norm.c
Modified: head/sys/netpfil/pf/pf_norm.c
==
--- head/sys/netpfil/pf/pf_norm.c Fri Mar 1 05:54:13 2019
(r344690)
+++ head/sys/netpfil/pf/pf_norm.c Fri Mar 1 07:37:45 2019
(r344691)
@@ -836,11 +836,11 @@ pf_reassemble6(struct mbuf **m0, struct ip6_hdr *ip6,
}
/* We have all the data. */
+ frent = TAILQ_FIRST(&frag->fr_queue);
+ KASSERT(frent != NULL, ("frent != NULL"));
extoff = frent->fe_extoff;
maxlen = frag->fr_maxlen;
frag_id = frag->fr_id;
- frent = TAILQ_FIRST(&frag->fr_queue);
- KASSERT(frent != NULL, ("frent != NULL"));
total = TAILQ_LAST(&frag->fr_queue, pf_fragq)->fe_off +
TAILQ_LAST(&frag->fr_queue, pf_fragq)->fe_len;
hdrlen = frent->fe_hdrlen - sizeof(struct ip6_frag);
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344692 - head/tests/sys/netpfil/pf
Author: kp
Date: Fri Mar 1 07:39:55 2019
New Revision: 344692
URL: https://svnweb.freebsd.org/changeset/base/344692
Log:
pf tests: Test CVE-2019-5597
Generate a fragmented packet with different header chains, to provoke
the incorrect behaviour of pf.
Without the fix this will trigger a panic.
Obtained from:Corentin Bayet, Nicolas Collignon, Luca Moro at
Synacktiv
Added:
head/tests/sys/netpfil/pf/CVE-2019-5597.py (contents, props changed)
Modified:
head/tests/sys/netpfil/pf/Makefile
head/tests/sys/netpfil/pf/fragmentation.sh
Added: head/tests/sys/netpfil/pf/CVE-2019-5597.py
==
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/tests/sys/netpfil/pf/CVE-2019-5597.py Fri Mar 1 07:39:55 2019
(r344692)
@@ -0,0 +1,35 @@
+#!/usr/local/bin/python2.7
+
+import random
+import scapy.all as sp
+import sys
+
+UDP_PROTO = 17
+AH_PROTO = 51
+FRAG_PROTO = 44
+
+def main():
+intf = sys.argv[1]
+ipv6_src = sys.argv[2]
+ipv6_dst = sys.argv[3]
+
+ipv6_main = sp.IPv6(dst=ipv6_dst, src=ipv6_src)
+
+padding = 8
+fid = random.randint(0,10)
+frag_0 = sp.IPv6ExtHdrFragment(id=fid, nh=UDP_PROTO, m=1, offset=0)
+frag_1 = sp.IPv6ExtHdrFragment(id=fid, nh=UDP_PROTO, m=0, offset=padding/8)
+
+pkt1_opts = sp.AH(nh=AH_PROTO, payloadlen=200) \
+/ sp.Raw('' * 199) \
+/ sp.AH(nh=FRAG_PROTO, payloadlen=1) \
+/ frag_1
+
+pkt0 = sp.Ether() / ipv6_main / frag_0 / sp.Raw('A' * padding)
+pkt1 = sp.Ether() / ipv6_main / pkt1_opts / sp.Raw('B' * padding)
+
+sp.sendp(pkt0, iface=intf, verbose=False)
+sp.sendp(pkt1, iface=intf, verbose=False)
+
+if __name__ == '__main__':
+ main()
Modified: head/tests/sys/netpfil/pf/Makefile
==
--- head/tests/sys/netpfil/pf/Makefile Fri Mar 1 07:37:45 2019
(r344691)
+++ head/tests/sys/netpfil/pf/Makefile Fri Mar 1 07:39:55 2019
(r344692)
@@ -20,8 +20,10 @@ ATF_TESTS_SH+= anchor \
${PACKAGE}FILES+= utils.subr \
echo_inetd.conf \
- pft_ping.py
+ pft_ping.py \
+ CVE-2019-5597.py
${PACKAGE}FILESMODE_pft_ping.py= 0555
+${PACKAGE}FILESMODE_CVE-2019-5597.py= 0555
.include
Modified: head/tests/sys/netpfil/pf/fragmentation.sh
==
--- head/tests/sys/netpfil/pf/fragmentation.sh Fri Mar 1 07:37:45 2019
(r344691)
+++ head/tests/sys/netpfil/pf/fragmentation.sh Fri Mar 1 07:39:55 2019
(r344692)
@@ -104,6 +104,11 @@ v6_body()
atf_check -s exit:0 -o ignore\
ping6 -c 1 -b 7 -s 65000 2001:db8:43::3
+
+ $(atf_get_srcdir)/CVE-2019-5597.py \
+ ${epair_send}a \
+ 2001:db8:42::1 \
+ 2001:db8:43::3
}
v6_cleanup()
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344696 - head/tools/tools/netmap
Author: vmaffione
Date: Fri Mar 1 09:10:16 2019
New Revision: 344696
URL: https://svnweb.freebsd.org/changeset/base/344696
Log:
netmap: pkt-gen: fix bug in send_packets()
The send_packets() function was using ring->cur as index to scan
the transmit ring. This function may also set ring->cur ahead of
ring->head, in case no more slots are available. However, the function
also uses nm_ring_space() which looks at ring->head to check how many
slots are available. If ring->head and ring->cur are different, this
results in pkt-gen advancing ring->cur beyond ring->tail.
This patch fixes send_packets() (and similar source locations) to
use ring->head as a index, rather than using ring->cur.
MFC after:1 week
Modified:
head/tools/tools/netmap/pkt-gen.c
Modified: head/tools/tools/netmap/pkt-gen.c
==
--- head/tools/tools/netmap/pkt-gen.c Fri Mar 1 08:06:23 2019
(r344695)
+++ head/tools/tools/netmap/pkt-gen.c Fri Mar 1 09:10:16 2019
(r344696)
@@ -626,10 +626,10 @@ parse_nmr_config(const char* conf, struct nmreq *nmr)
char *w, *tok;
int i, v;
- nmr->nr_tx_rings = nmr->nr_rx_rings = 0;
- nmr->nr_tx_slots = nmr->nr_rx_slots = 0;
if (conf == NULL || ! *conf)
return 0;
+ nmr->nr_tx_rings = nmr->nr_rx_rings = 0;
+ nmr->nr_tx_slots = nmr->nr_rx_slots = 0;
w = strdup(conf);
for (i = 0, tok = strtok(w, ","); tok; i++, tok = strtok(NULL, ",")) {
v = atoi(tok);
@@ -1158,22 +1158,22 @@ static int
send_packets(struct netmap_ring *ring, struct pkt *pkt, void *frame,
int size, struct targ *t, u_int count, int options)
{
- u_int n, sent, cur = ring->cur;
+ u_int n, sent, head = ring->head;
u_int frags = t->frags;
u_int frag_size = t->frag_size;
- struct netmap_slot *slot = &ring->slot[cur];
+ struct netmap_slot *slot = &ring->slot[head];
n = nm_ring_space(ring);
#if 0
if (options & (OPT_COPY | OPT_PREFETCH) ) {
for (sent = 0; sent < count; sent++) {
- struct netmap_slot *slot = &ring->slot[cur];
+ struct netmap_slot *slot = &ring->slot[head];
char *p = NETMAP_BUF(ring, slot->buf_idx);
__builtin_prefetch(p);
- cur = nm_ring_next(ring, cur);
+ head = nm_ring_next(ring, head);
}
- cur = ring->cur;
+ head = ring->head;
}
#endif
for (sent = 0; sent < count && n >= frags; sent++, n--) {
@@ -1181,7 +1181,7 @@ send_packets(struct netmap_ring *ring, struct pkt *pkt
int buf_changed;
u_int tosend = size;
- slot = &ring->slot[cur];
+ slot = &ring->slot[head];
p = NETMAP_BUF(ring, slot->buf_idx);
buf_changed = slot->flags & NS_BUF_CHANGED;
@@ -1200,11 +1200,11 @@ send_packets(struct netmap_ring *ring, struct pkt *pkt
slot->len = frag_size;
slot->flags = NS_MOREFRAG;
if (options & OPT_DUMP)
- dump_payload(fp, frag_size, ring, cur);
+ dump_payload(fp, frag_size, ring, head);
tosend -= frag_size;
f += frag_size;
- cur = nm_ring_next(ring, cur);
- slot = &ring->slot[cur];
+ head = nm_ring_next(ring, head);
+ slot = &ring->slot[head];
fp = NETMAP_BUF(ring, slot->buf_idx);
}
n -= (frags - 1);
@@ -1223,12 +1223,12 @@ send_packets(struct netmap_ring *ring, struct pkt *pkt
}
slot->len = tosend;
if (options & OPT_DUMP)
- dump_payload(p, tosend, ring, cur);
- cur = nm_ring_next(ring, cur);
+ dump_payload(p, tosend, ring, head);
+ head = nm_ring_next(ring, head);
}
if (sent) {
slot->flags |= NS_REPORT;
- ring->head = ring->cur = cur;
+ ring->head = ring->cur = head;
}
if (sent < count) {
/* tell netmap that we need more slots */
@@ -1329,7 +1329,7 @@ ping_body(void *data)
if (n > 0 && n - sent < limit)
limit = n - sent;
for (m = 0; (unsigned)m < limit; m++) {
- slot = &ring->slot[ring->cur];
+ slot = &ring->slot[ring->head];
slot->len = size;
p = NETMAP_BUF(ring, slot-
svn commit: r344699 - head/sys/arm64/rockchip/clk
Author: manu
Date: Fri Mar 1 13:05:37 2019
New Revision: 344699
URL: https://svnweb.freebsd.org/changeset/base/344699
Log:
arm64: rockchip: rk3399_pll: Fix the recalc function
The plls frequency are now correctly calculated in fractional mode
and integer mode.
While here add some debug printfs (disabled by default)
Tested with powerd on the little cluster on a RockPro64.
MFC after:1 week
Modified:
head/sys/arm64/rockchip/clk/rk_clk_pll.c
Modified: head/sys/arm64/rockchip/clk/rk_clk_pll.c
==
--- head/sys/arm64/rockchip/clk/rk_clk_pll.cFri Mar 1 11:30:19 2019
(r344698)
+++ head/sys/arm64/rockchip/clk/rk_clk_pll.cFri Mar 1 13:05:37 2019
(r344699)
@@ -359,43 +359,56 @@ static int
rk3399_clk_pll_recalc(struct clknode *clk, uint64_t *freq)
{
struct rk_clk_pll_sc *sc;
- uint64_t rate;
uint32_t dsmpd, refdiv, fbdiv;
- uint32_t postdiv1, postdiv2, frac;
- uint32_t raw1, raw2, raw3, raw4;
+ uint32_t postdiv1, postdiv2, fracdiv;
+ uint32_t con1, con2, con3, con4;
+ uint64_t foutvco;
sc = clknode_get_softc(clk);
DEVICE_LOCK(clk);
- READ4(clk, sc->base_offset, &raw1);
- READ4(clk, sc->base_offset + 4, &raw2);
- READ4(clk, sc->base_offset + 8, &raw3);
- READ4(clk, sc->base_offset + 0xC, &raw4);
+ READ4(clk, sc->base_offset, &con1);
+ READ4(clk, sc->base_offset + 4, &con2);
+ READ4(clk, sc->base_offset + 8, &con3);
+ READ4(clk, sc->base_offset + 0xC, &con4);
DEVICE_UNLOCK(clk);
- fbdiv = (raw1 & RK3399_CLK_PLL_FBDIV_MASK) >>
RK3399_CLK_PLL_FBDIV_SHIFT;
+ dprintf("con0: %x\n", con1);
+ dprintf("con1: %x\n", con2);
+ dprintf("con2: %x\n", con3);
+ dprintf("con3: %x\n", con4);
- postdiv1 = (raw2 & RK3399_CLK_PLL_POSTDIV1_MASK) >>
RK3399_CLK_PLL_POSTDIV1_SHIFT;
- postdiv2 = (raw2 & RK3399_CLK_PLL_POSTDIV2_MASK) >>
RK3399_CLK_PLL_POSTDIV2_SHIFT;
- refdiv = (raw2 & RK3399_CLK_PLL_REFDIV_MASK) >>
RK3399_CLK_PLL_REFDIV_SHIFT;
+ fbdiv = (con1 & RK3399_CLK_PLL_FBDIV_MASK) >>
RK3399_CLK_PLL_FBDIV_SHIFT;
- frac = (raw3 & RK3399_CLK_PLL_FRAC_MASK) >> RK3399_CLK_PLL_FRAC_SHIFT;
+ postdiv1 = (con2 & RK3399_CLK_PLL_POSTDIV1_MASK) >>
RK3399_CLK_PLL_POSTDIV1_SHIFT;
+ postdiv2 = (con2 & RK3399_CLK_PLL_POSTDIV2_MASK) >>
RK3399_CLK_PLL_POSTDIV2_SHIFT;
+ refdiv = (con2 & RK3399_CLK_PLL_REFDIV_MASK) >>
RK3399_CLK_PLL_REFDIV_SHIFT;
- dsmpd = (raw4 & RK3399_CLK_PLL_DSMPD_MASK) >>
RK3399_CLK_PLL_DSMPD_SHIFT;
+ fracdiv = (con3 & RK3399_CLK_PLL_FRAC_MASK) >>
RK3399_CLK_PLL_FRAC_SHIFT;
+ fracdiv >>= 24;
- rate = *freq * fbdiv / refdiv;
+ dsmpd = (con4 & RK3399_CLK_PLL_DSMPD_MASK) >>
RK3399_CLK_PLL_DSMPD_SHIFT;
+
+ dprintf("fbdiv: %d\n", fbdiv);
+ dprintf("postdiv1: %d\n", postdiv1);
+ dprintf("postdiv2: %d\n", postdiv2);
+ dprintf("refdiv: %d\n", refdiv);
+ dprintf("fracdiv: %d\n", fracdiv);
+ dprintf("dsmpd: %d\n", dsmpd);
+
+ dprintf("parent freq=%lu\n", *freq);
+
if (dsmpd == 0) {
/* Fractional mode */
- uint64_t frac_rate;
-
- frac_rate = *freq * frac / refdiv;
- rate += frac_rate >> 24;
+ foutvco = *freq / refdiv * (fbdiv + fracdiv);
+ } else {
+ /* Integer mode */
+ foutvco = *freq / refdiv * fbdiv;
}
+ dprintf("foutvco: %lu\n", foutvco);
- *freq = rate / postdiv1 / postdiv2;
-
- if (*freq % 2)
- *freq = *freq + 1;
+ *freq = foutvco / postdiv1 / postdiv2;
+ dprintf("freq: %lu\n", *freq);
return (0);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344700 - head/sys/compat/linuxkpi/common/include/linux
Author: bz Date: Fri Mar 1 14:33:20 2019 New Revision: 344700 URL: https://svnweb.freebsd.org/changeset/base/344700 Log: Add ushort and ulong to linux/types.h. When porting code once written for Linux we find not only uints but also ushort and ulong. Provide central typedefs as part of the linuxkpi for those as well. Reviewed by: hselasky, emaste MFC after:3 days Sponsored by: The FreeBSD Foundation Differential Revision:https://reviews.freebsd.org/D19405 Modified: head/sys/compat/linuxkpi/common/include/linux/types.h Modified: head/sys/compat/linuxkpi/common/include/linux/types.h == --- head/sys/compat/linuxkpi/common/include/linux/types.h Fri Mar 1 13:05:37 2019(r344699) +++ head/sys/compat/linuxkpi/common/include/linux/types.h Fri Mar 1 14:33:20 2019(r344700) @@ -53,7 +53,9 @@ typedef uint32_t __be32; typedef uint64_t __le64; typedef uint64_t __be64; +typedef unsigned short ushort; typedef unsigned intuint; +typedef unsigned long ulong; typedef unsigned gfp_t; typedef off_t loff_t; typedef vm_paddr_t resource_size_t; ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344701 - head/sbin/camcontrol
Author: smh Date: Fri Mar 1 14:39:15 2019 New Revision: 344701 URL: https://svnweb.freebsd.org/changeset/base/344701 Log: Fix incorrect / unused sector_count for identify requests Fix incorrect / unused sector_count for identify requests from camcontrol. Submitted by: Alexey Dokuchaev Reported by: Alexey Dokuchaev MFC after:1 week Sponsored by: Multiplay Differential Revision:https://reviews.freebsd.org/D19408 Modified: head/sbin/camcontrol/camcontrol.c Modified: head/sbin/camcontrol/camcontrol.c == --- head/sbin/camcontrol/camcontrol.c Fri Mar 1 14:33:20 2019 (r344700) +++ head/sbin/camcontrol/camcontrol.c Fri Mar 1 14:39:15 2019 (r344701) @@ -2292,7 +2292,7 @@ ata_do_identify(struct cam_device *device, int retry_c /*command*/command, /*features*/0, /*lba*/0, -/*sector_count*/(u_int8_t)sizeof(struct ata_params), +/*sector_count*/0, /*data_ptr*/(u_int8_t *)ptr, /*dxfer_len*/sizeof(struct ata_params), /*timeout*/timeout ? timeout : 30 * 1000, @@ -2312,8 +2312,7 @@ ata_do_identify(struct cam_device *device, int retry_c /*command*/retry_command, /*features*/0, /*lba*/0, -/*sector_count*/(u_int8_t) -sizeof(struct ata_params), +/*sector_count*/0, /*data_ptr*/(u_int8_t *)ptr, /*dxfer_len*/sizeof(struct ata_params), /*timeout*/timeout ? timeout : 30 * 1000, ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344702 - head/sys/conf
Author: mav Date: Fri Mar 1 15:00:13 2019 New Revision: 344702 URL: https://svnweb.freebsd.org/changeset/base/344702 Log: There is no `device atacard` but there is `device atapccard`. Reported by: Dmitry Luhtionov MFC after:1 week Modified: head/sys/conf/NOTES Modified: head/sys/conf/NOTES == --- head/sys/conf/NOTES Fri Mar 1 14:39:15 2019(r344701) +++ head/sys/conf/NOTES Fri Mar 1 15:00:13 2019(r344702) @@ -1727,7 +1727,7 @@ deviceata # Modular ATA #deviceatacore # Core ATA functionality -#deviceatacard # CARDBUS support +#deviceatapccard # CARDBUS support #deviceataisa # ISA bus support #deviceatapci # PCI bus support; only generic chipset support ___ svn-src-head@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-head To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344704 - head/sys/netinet
Author: tuexen
Date: Fri Mar 1 15:57:55 2019
New Revision: 344704
URL: https://svnweb.freebsd.org/changeset/base/344704
Log:
Improve consistency, not functional change.
MFC after:3 days
Modified:
head/sys/netinet/sctp_usrreq.c
Modified: head/sys/netinet/sctp_usrreq.c
==
--- head/sys/netinet/sctp_usrreq.c Fri Mar 1 15:49:11 2019
(r344703)
+++ head/sys/netinet/sctp_usrreq.c Fri Mar 1 15:57:55 2019
(r344704)
@@ -1128,10 +1128,10 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
actual += sizeof(struct
sockaddr_in6);
} else {
#endif
- memcpy(sas, sin,
sizeof(*sin));
+ memcpy(sas, sin,
sizeof(struct sockaddr_in));
((struct sockaddr_in
*)sas)->sin_port = inp->sctp_lport;
- sas = (struct
sockaddr_storage *)((caddr_t)sas + sizeof(*sin));
- actual += sizeof(*sin);
+ sas = (struct
sockaddr_storage *)((caddr_t)sas + sizeof(struct sockaddr_in));
+ actual += sizeof(struct
sockaddr_in);
#ifdef INET6
}
#endif
@@ -1182,10 +1182,10 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
(IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr))) {
continue;
}
- memcpy(sas, sin6,
sizeof(*sin6));
+ memcpy(sas, sin6, sizeof(struct
sockaddr_in6));
((struct sockaddr_in6
*)sas)->sin6_port = inp->sctp_lport;
- sas = (struct sockaddr_storage
*)((caddr_t)sas + sizeof(*sin6));
- actual += sizeof(*sin6);
+ sas = (struct sockaddr_storage
*)((caddr_t)sas + sizeof(struct sockaddr_in6));
+ actual += sizeof(struct
sockaddr_in6);
if (actual >= limit) {
return (actual);
}
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344705 - in head/sys: amd64/amd64 amd64/cloudabi32 amd64/cloudabi64 amd64/linux amd64/linux32 arm/arm arm/cloudabi32 arm64/arm64 arm64/cloudabi32 arm64/cloudabi64 arm64/linux compat/ia...
Author: trasz
Date: Fri Mar 1 16:16:38 2019
New Revision: 344705
URL: https://svnweb.freebsd.org/changeset/base/344705
Log:
Remove sv_pagesize, originally introduced with r100384.
In all of the architectures we have today, we always use PAGE_SIZE.
While in theory one could define different things, none of the
current architectures do, even the ones that have transitioned from
32-bit to 64-bit like i386 and arm. Some ancient mips binaries on
other systems used 8k instead of 4k, but we don't support running
those and likely never will due to their age and obscurity.
Reviewed by: imp (who also contributed the commit message)
Sponsored by: DARPA, AFRL
Differential Revision:https://reviews.freebsd.org/D19280
Modified:
head/sys/amd64/amd64/elf_machdep.c
head/sys/amd64/cloudabi32/cloudabi32_sysvec.c
head/sys/amd64/cloudabi64/cloudabi64_sysvec.c
head/sys/amd64/linux/linux_sysvec.c
head/sys/amd64/linux32/linux32_sysvec.c
head/sys/arm/arm/elf_machdep.c
head/sys/arm/cloudabi32/cloudabi32_sysvec.c
head/sys/arm64/arm64/elf32_machdep.c
head/sys/arm64/arm64/elf_machdep.c
head/sys/arm64/cloudabi32/cloudabi32_sysvec.c
head/sys/arm64/cloudabi64/cloudabi64_sysvec.c
head/sys/arm64/linux/linux_sysvec.c
head/sys/compat/ia32/ia32_sysvec.c
head/sys/i386/cloudabi32/cloudabi32_sysvec.c
head/sys/i386/i386/elf_machdep.c
head/sys/i386/linux/linux_sysvec.c
head/sys/kern/imgact_aout.c
head/sys/kern/imgact_elf.c
head/sys/kern/init_main.c
head/sys/mips/mips/elf_machdep.c
head/sys/mips/mips/freebsd32_machdep.c
head/sys/powerpc/powerpc/elf32_machdep.c
head/sys/powerpc/powerpc/elf64_machdep.c
head/sys/riscv/riscv/elf_machdep.c
head/sys/sparc64/sparc64/elf_machdep.c
head/sys/sys/sysent.h
Modified: head/sys/amd64/amd64/elf_machdep.c
==
--- head/sys/amd64/amd64/elf_machdep.c Fri Mar 1 15:57:55 2019
(r344704)
+++ head/sys/amd64/amd64/elf_machdep.c Fri Mar 1 16:16:38 2019
(r344705)
@@ -63,7 +63,6 @@ struct sysentvec elf64_freebsd_sysvec = {
.sv_coredump= __elfN(coredump),
.sv_imgact_try = NULL,
.sv_minsigstksz = MINSIGSTKSZ,
- .sv_pagesize= PAGE_SIZE,
.sv_minuser = VM_MIN_ADDRESS,
.sv_maxuser = VM_MAXUSER_ADDRESS,
.sv_usrstack= USRSTACK,
Modified: head/sys/amd64/cloudabi32/cloudabi32_sysvec.c
==
--- head/sys/amd64/cloudabi32/cloudabi32_sysvec.c Fri Mar 1 15:57:55
2019(r344704)
+++ head/sys/amd64/cloudabi32/cloudabi32_sysvec.c Fri Mar 1 16:16:38
2019(r344705)
@@ -210,7 +210,6 @@ static struct sysentvec cloudabi32_elf_sysvec = {
.sv_fixup = cloudabi32_fixup_tcb,
.sv_name= "CloudABI ELF32",
.sv_coredump= elf32_coredump,
- .sv_pagesize= IA32_PAGE_SIZE,
.sv_minuser = FREEBSD32_MINUSER,
.sv_maxuser = FREEBSD32_MAXUSER,
.sv_stackprot = VM_PROT_READ | VM_PROT_WRITE,
Modified: head/sys/amd64/cloudabi64/cloudabi64_sysvec.c
==
--- head/sys/amd64/cloudabi64/cloudabi64_sysvec.c Fri Mar 1 15:57:55
2019(r344704)
+++ head/sys/amd64/cloudabi64/cloudabi64_sysvec.c Fri Mar 1 16:16:38
2019(r344705)
@@ -197,7 +197,6 @@ static struct sysentvec cloudabi64_elf_sysvec = {
.sv_fixup = cloudabi64_fixup_tcb,
.sv_name= "CloudABI ELF64",
.sv_coredump= elf64_coredump,
- .sv_pagesize= PAGE_SIZE,
.sv_minuser = VM_MIN_ADDRESS,
/* Keep top page reserved to work around AMD Ryzen stability issues. */
.sv_maxuser = VM_MAXUSER_ADDRESS - PAGE_SIZE,
Modified: head/sys/amd64/linux/linux_sysvec.c
==
--- head/sys/amd64/linux/linux_sysvec.c Fri Mar 1 15:57:55 2019
(r344704)
+++ head/sys/amd64/linux/linux_sysvec.c Fri Mar 1 16:16:38 2019
(r344705)
@@ -722,7 +722,6 @@ struct sysentvec elf_linux_sysvec = {
.sv_coredump= elf64_coredump,
.sv_imgact_try = linux_exec_imgact_try,
.sv_minsigstksz = LINUX_MINSIGSTKSZ,
- .sv_pagesize= PAGE_SIZE,
.sv_minuser = VM_MIN_ADDRESS,
.sv_maxuser = VM_MAXUSER_ADDRESS,
.sv_usrstack= USRSTACK,
Modified: head/sys/amd64/linux32/linux32_sysvec.c
==
--- head/sys/amd64/linux32/linux32_sysvec.c Fri Mar 1 15:57:55 2019
(r344704)
+++ head/sys/amd64/linux32/linux32_sysvec.c Fri Mar 1 16:16:38 2019
(r344705)
@@ -920,7 +920,6 @@ struct sysentvec elf_linux_sysvec = {
svn commit: r344708 - head/sys/netinet
Author: tuexen
Date: Fri Mar 1 18:47:41 2019
New Revision: 344708
URL: https://svnweb.freebsd.org/changeset/base/344708
Log:
Honor the memory limits provided when processing the IPPROTO_SCTP
level socket option SCTP_GET_LOCAL_ADDRESSES in a getsockopt() call.
Thanks to Thomas Barabosch for reporting the issue which was found by
running syzkaller.
MFC after:3 days
Modified:
head/sys/netinet/sctp_usrreq.c
Modified: head/sys/netinet/sctp_usrreq.c
==
--- head/sys/netinet/sctp_usrreq.c Fri Mar 1 18:12:07 2019
(r344707)
+++ head/sys/netinet/sctp_usrreq.c Fri Mar 1 18:47:41 2019
(r344708)
@@ -1122,12 +1122,18 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
}
#ifdef INET6
if (sctp_is_feature_on(inp,
SCTP_PCB_FLAGS_NEEDS_MAPPED_V4)) {
+ if (actual +
sizeof(struct sockaddr_in6) > limit) {
+ return (actual);
+ }
in6_sin_2_v4mapsin6(sin, (struct sockaddr_in6 *)sas);
((struct sockaddr_in6
*)sas)->sin6_port = inp->sctp_lport;
sas = (struct
sockaddr_storage *)((caddr_t)sas + sizeof(struct sockaddr_in6));
actual += sizeof(struct
sockaddr_in6);
} else {
#endif
+ if (actual +
sizeof(struct sockaddr_in) > limit) {
+ return (actual);
+ }
memcpy(sas, sin,
sizeof(struct sockaddr_in));
((struct sockaddr_in
*)sas)->sin_port = inp->sctp_lport;
sas = (struct
sockaddr_storage *)((caddr_t)sas + sizeof(struct sockaddr_in));
@@ -1135,9 +1141,6 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
#ifdef INET6
}
#endif
- if (actual >= limit) {
- return (actual);
- }
} else {
continue;
}
@@ -1182,13 +1185,13 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
(IN6_IS_ADDR_SITELOCAL(&sin6->sin6_addr))) {
continue;
}
+ if (actual + sizeof(struct
sockaddr_in6) > limit) {
+ return (actual);
+ }
memcpy(sas, sin6, sizeof(struct
sockaddr_in6));
((struct sockaddr_in6
*)sas)->sin6_port = inp->sctp_lport;
sas = (struct sockaddr_storage
*)((caddr_t)sas + sizeof(struct sockaddr_in6));
actual += sizeof(struct
sockaddr_in6);
- if (actual >= limit) {
- return (actual);
- }
} else {
continue;
}
@@ -1202,6 +1205,7 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
}
} else {
struct sctp_laddr *laddr;
+ size_t sa_len;
LIST_FOREACH(laddr, &inp->sctp_addr_list, sctp_nxt_addr) {
if (stcb) {
@@ -1209,6 +1213,10 @@ sctp_fill_up_addresses_vrf(struct sctp_inpcb *inp,
continue;
}
}
+ sa_len = laddr->ifa->address.sa.sa_len;
+ if (actual + sa_len > limit) {
+ return (actual);
+ }
if (sctp_fill_user_address(sas,
&laddr->ifa->address.sa))
continue;
switch (laddr->ifa->address.sa.sa_family) {
@@ -1226,12 +1234,8
svn commit: r344709 - head/sbin/ipfw
Author: ygy (doc committer)
Date: Fri Mar 1 19:06:13 2019
New Revision: 344709
URL: https://svnweb.freebsd.org/changeset/base/344709
Log:
Fix typos and caps for ipfw(8) man page.
MFC after:3 days
PR: 236030
Submitted by: olgeni
Modified:
head/sbin/ipfw/ipfw.8
Modified: head/sbin/ipfw/ipfw.8
==
--- head/sbin/ipfw/ipfw.8 Fri Mar 1 18:47:41 2019(r344708)
+++ head/sbin/ipfw/ipfw.8 Fri Mar 1 19:06:13 2019(r344709)
@@ -1,7 +1,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd December 4, 2018
+.Dd March 1, 2019
.Dt IPFW 8
.Os
.Sh NAME
@@ -1329,11 +1329,11 @@ its use is discouraged.
.Brc
.Bl -tag -width indent
.It Cm any
-matches any IP address.
+Matches any IP address.
.It Cm me
-matches any IP address configured on an interface in the system.
+Matches any IP address configured on an interface in the system.
.It Cm me6
-matches any IPv6 address configured on an interface in the system.
+Matches any IPv6 address configured on an interface in the system.
The address list is evaluated at the time the packet is
analysed.
.It Cm table Ns Pq Ar name Ns Op , Ns Ar value
@@ -2083,7 +2083,7 @@ The following table types are supported:
.It Ar flow-spec : Ar flow-field Ns Op , Ns Ar flow-spec
.It Ar flow-field : src-ip | proto | src-port | dst-ip | dst-port
.It Cm addr
-matches IPv4 or IPv6 address.
+Matches IPv4 or IPv6 address.
Each entry is represented by an
.Ar addr Ns Op / Ns Ar masklen
and will match all addresses with base
@@ -2097,11 +2097,11 @@ is not specified, it defaults to 32 for IPv4 and 128 f
When looking up an IP address in a table, the most specific
entry will match.
.It Cm iface
-matches interface names.
+Matches interface names.
Each entry is represented by string treated as interface name.
Wildcards are not supported.
.It Cm number
-maches protocol ports, uids/gids or jail IDs.
+Matches protocol ports, uids/gids or jail IDs.
Each entry is represented by 32-bit unsigned integer.
Ranges are not supported.
.It Cm flow
@@ -2792,7 +2792,7 @@ specifies the quantum (credit) of the scheduler.
.Ar m
is the number of bytes a queue can serve before being moved to the tail
of old queues list.
-The default is 1514 bytes, and the maximum accepable value
+The default is 1514 bytes, and the maximum acceptable value
is 9000 bytes.
.It Cm limit
.Ar m
@@ -2800,14 +2800,14 @@ specifies the hard size limit (in unit of packets) of
instance of the scheduler.
The default value of
.Ar m
-is 10240 packets, and the maximum accepable value is 20480 packets.
+is 10240 packets, and the maximum acceptable value is 20480 packets.
.It Cm flows
.Ar m
specifies the total number of flow queues (sub-queues) that fq_*
creates and manages.
By default, 1024 sub-queues are created when an instance
of the fq_{codel/pie} scheduler is created.
-The maximum accepable value is
+The maximum acceptable value is
65536.
.El
.Pp
@@ -2906,7 +2906,7 @@ is the typical queue size for Ethernet devices.
Note that for slow speed links you should keep the queue
size short or your traffic might be affected by a significant
queueing delay.
-E.g., 50 max-sized ethernet packets (1500 bytes) mean 600Kbit
+E.g., 50 max-sized Ethernet packets (1500 bytes) mean 600Kbit
or 20s of queue on a 30Kbit/s pipe.
Even worse effects can result if you get packets from an
interface with a much larger MTU, e.g.\& the loopback interface
@@ -3053,7 +3053,7 @@ De-randomisation is enabled by default.
.It Cm onoff
enable turning PIE on and off depending on queue load.
If this option is enabled,
-PIE turnes on when over 1/3 of queue becomes full.
+PIE turns on when over 1/3 of queue becomes full.
This option is disabled by
default.
.It Cm dre | ts
@@ -4089,7 +4089,7 @@ by adding the following to the appropriate place in ru
If your network has network traffic analyzer
connected to your host directly via dedicated interface
or remotely via RSPAN vlan, you can selectively mirror
-some ethernet layer2 frames to the analyzer.
+some Ethernet layer2 frames to the analyzer.
.Pp
First, make sure your firewall is already configured and runs.
Then, enable layer2 processing if not already enabled:
@@ -4434,7 +4434,7 @@ or it could be split in:
.Dl "ipfw nat 5 config redirect_port tcp"
.Dl " 192.168.0.1:80,192.168.0.10:22,192.168.0.20:25 500"
.Pp
-Sometimes you may want to mix NAT and dynamic rules. It could be achived with
+Sometimes you may want to mix NAT and dynamic rules. It could be achieved with
.Cm record-state
and
.Cm defer-action
@@ -4447,8 +4447,8 @@ rule will be performed as soon as rule is matched. In
.Cm allow
rule packet need to be passed to NAT, not allowed as soon is possible.
.Pp
-There is example of set of rules to achive this. Bear in mind that this
-is exmaple only and it is not very usefult by itself.
+There is example of set of rules to achieve this. Bear in mind that thi
svn commit: r344710 - head/sys/dev/random
Author: cem
Date: Fri Mar 1 19:21:45 2019
New Revision: 344710
URL: https://svnweb.freebsd.org/changeset/base/344710
Log:
Fortuna: push CTR-mode loop down into randomdev hash.h interface
As a step towards adding other potential streaming ciphers. As well as just
pushing the loop down into the rijndael APIs (basically 128-bit wide AES-ICM
mode) to eliminate some excess explicit_bzero().
No functional change intended.
Reviewed by: delphij, markm
Approved by: secteam (delphij)
Sponsored by: Dell EMC Isilon
Differential Revision:https://reviews.freebsd.org/D19411
Modified:
head/sys/dev/random/fortuna.c
head/sys/dev/random/hash.c
head/sys/dev/random/hash.h
Modified: head/sys/dev/random/fortuna.c
==
--- head/sys/dev/random/fortuna.c Fri Mar 1 19:06:13 2019
(r344709)
+++ head/sys/dev/random/fortuna.c Fri Mar 1 19:21:45 2019
(r344710)
@@ -308,20 +308,16 @@ random_fortuna_reseed_internal(uint32_t *entropy_data,
static __inline void
random_fortuna_genblocks(uint8_t *buf, u_int blockcount)
{
- u_int i;
RANDOM_RESEED_ASSERT_LOCK_OWNED();
KASSERT(!uint128_is_zero(fortuna_state.fs_counter), ("FS&K: C != 0"));
- for (i = 0; i < blockcount; i++) {
- /*-
-* FS&K - r = r|E(K,C)
-* - C = C + 1
-*/
- randomdev_encrypt(&fortuna_state.fs_key,
&fortuna_state.fs_counter, buf, RANDOM_BLOCKSIZE);
- buf += RANDOM_BLOCKSIZE;
- uint128_increment(&fortuna_state.fs_counter);
- }
+ /*
+* Fills buf with RANDOM_BLOCKSIZE * blockcount bytes of keystream.
+* Increments fs_counter as it goes.
+*/
+ randomdev_keystream(&fortuna_state.fs_key, &fortuna_state.fs_counter,
+ buf, blockcount);
}
/*-
Modified: head/sys/dev/random/hash.c
==
--- head/sys/dev/random/hash.c Fri Mar 1 19:06:13 2019(r344709)
+++ head/sys/dev/random/hash.c Fri Mar 1 19:21:45 2019(r344710)
@@ -88,13 +88,26 @@ randomdev_encrypt_init(struct randomdev_key *context,
rijndael_makeKey(&context->key, DIR_ENCRYPT, RANDOM_KEYSIZE*8, data);
}
-/* Encrypt the supplied data using the key schedule preset in the context.
- * bytes are encrypted from <*d_in> to <*d_out>. must be
- * a multiple of RANDOM_BLOCKSIZE.
+/*
+ * Create a psuedorandom output stream of 'blockcount' blocks using a CTR-mode
+ * cipher or similar. The 128-bit counter is supplied in the in-out parmeter
+ * 'ctr.' The output stream goes to 'd_out.' 'blockcount' RANDOM_BLOCKSIZE
+ * bytes are generated.
*/
void
-randomdev_encrypt(struct randomdev_key *context, const void *d_in, void
*d_out, u_int length)
+randomdev_keystream(struct randomdev_key *context, uint128_t *ctr,
+void *d_out, u_int blockcount)
{
+ u_int i;
- rijndael_blockEncrypt(&context->cipher, &context->key, d_in, length*8,
d_out);
+ for (i = 0; i < blockcount; i++) {
+ /*-
+* FS&K - r = r|E(K,C)
+* - C = C + 1
+*/
+ rijndael_blockEncrypt(&context->cipher, &context->key,
+ (void *)ctr, RANDOM_BLOCKSIZE * 8, d_out);
+ d_out = (char *)d_out + RANDOM_BLOCKSIZE;
+ uint128_increment(ctr);
+ }
}
Modified: head/sys/dev/random/hash.h
==
--- head/sys/dev/random/hash.h Fri Mar 1 19:06:13 2019(r344709)
+++ head/sys/dev/random/hash.h Fri Mar 1 19:21:45 2019(r344710)
@@ -29,6 +29,8 @@
#ifndef SYS_DEV_RANDOM_HASH_H_INCLUDED
#defineSYS_DEV_RANDOM_HASH_H_INCLUDED
+#include
+
/* Keys are formed from cipher blocks */
#defineRANDOM_KEYSIZE 32 /* (in bytes) == 256 bits */
#defineRANDOM_KEYSIZE_WORDS(RANDOM_KEYSIZE/sizeof(uint32_t))
@@ -52,6 +54,6 @@ void randomdev_hash_init(struct randomdev_hash *);
void randomdev_hash_iterate(struct randomdev_hash *, const void *, size_t);
void randomdev_hash_finish(struct randomdev_hash *, void *);
void randomdev_encrypt_init(struct randomdev_key *, const void *);
-void randomdev_encrypt(struct randomdev_key *context, const void *, void *,
u_int);
+void randomdev_keystream(struct randomdev_key *context, uint128_t *, void *,
u_int);
#endif /* SYS_DEV_RANDOM_HASH_H_INCLUDED */
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344711 - head/sys/amd64/vmm/intel
Author: jhb
Date: Fri Mar 1 20:43:48 2019
New Revision: 344711
URL: https://svnweb.freebsd.org/changeset/base/344711
Log:
Fix missed posted interrupts in VT-x in bhyve.
When a vCPU is HLTed, interrupts with a priority below the processor
priority (PPR) should not resume the vCPU while interrupts at or above
the PPR should. With posted interrupts, bhyve maintains a bitmap of
pending interrupts in PIR descriptor along with a single 'pending'
bit. This bit is checked by a CPU running in guest mode at various
places to determine if it should be checked. In addition, another CPU
can force a CPU in guest mode to check for pending interrupts by
sending an IPI to a special IDT vector reserved for this purpose.
bhyve had a bug in that it would only notify a guest vCPU of an
interrupt (e.g. by sending the special IPI or by resuming it if it was
idle due to HLT) if an interrupt arrived that was higher priority than
PPR and no interrupts were currently pending. This assumed that if
the 'pending' bit was set, any needed notification was already in
progress. However, if the first interrupt sent to a HLTed vCPU was
lower priority than PPR and the second was higher than PPR, the first
interrupt would set 'pending' but not notify the vCPU, and the second
interrupt would not notify the vCPU because 'pending' was already set.
To fix this, track the priority of pending interrupts in a separate
per-vCPU bitmask and notify a vCPU anytime an interrupt arrives that
is above PPR and higher than any previously-received interrupt.
This was found and debugged in the bhyve port to SmartOS maintained by
Joyent. Relevant SmartOS bugs with more background:
https://smartos.org/bugview/OS-6829
https://smartos.org/bugview/OS-6930
https://smartos.org/bugview/OS-7354
Submitted by: Patrick Mooney
Reviewed by: tychon, rgrimes
Obtained from:SmartOS / Joyent
MFC after:2 weeks
Differential Revision:https://reviews.freebsd.org/D19299
Modified:
head/sys/amd64/vmm/intel/vmx.c
Modified: head/sys/amd64/vmm/intel/vmx.c
==
--- head/sys/amd64/vmm/intel/vmx.c Fri Mar 1 19:21:45 2019
(r344710)
+++ head/sys/amd64/vmm/intel/vmx.c Fri Mar 1 20:43:48 2019
(r344711)
@@ -3,6 +3,7 @@
*
* Copyright (c) 2011 NetApp, Inc.
* All rights reserved.
+ * Copyright (c) 2018 Joyent, Inc.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
@@ -3402,8 +3403,11 @@ struct vlapic_vtx {
struct vlapic vlapic;
struct pir_desc *pir_desc;
struct vmx *vmx;
+ u_int pending_prio;
};
+#define VPR_PRIO_BIT(vpr) (1 << ((vpr) >> 4))
+
#defineVMX_CTR_PIR(vm, vcpuid, pir_desc, notify, vector, level, msg)
\
do { \
VCPU_CTR2(vm, vcpuid, msg " assert %s-triggered vector %d", \
@@ -3425,7 +3429,7 @@ vmx_set_intr_ready(struct vlapic *vlapic, int vector,
struct vlapic_vtx *vlapic_vtx;
struct pir_desc *pir_desc;
uint64_t mask;
- int idx, notify;
+ int idx, notify = 0;
vlapic_vtx = (struct vlapic_vtx *)vlapic;
pir_desc = vlapic_vtx->pir_desc;
@@ -3438,8 +3442,38 @@ vmx_set_intr_ready(struct vlapic *vlapic, int vector,
idx = vector / 64;
mask = 1UL << (vector % 64);
atomic_set_long(&pir_desc->pir[idx], mask);
- notify = atomic_cmpset_long(&pir_desc->pending, 0, 1);
+ /*
+* A notification is required whenever the 'pending' bit makes a
+* transition from 0->1.
+*
+* Even if the 'pending' bit is already asserted, notification about
+* the incoming interrupt may still be necessary. For example, if a
+* vCPU is HLTed with a high PPR, a low priority interrupt would cause
+* the 0->1 'pending' transition with a notification, but the vCPU
+* would ignore the interrupt for the time being. The same vCPU would
+* need to then be notified if a high-priority interrupt arrived which
+* satisfied the PPR.
+*
+* The priorities of interrupts injected while 'pending' is asserted
+* are tracked in a custom bitfield 'pending_prio'. Should the
+* to-be-injected interrupt exceed the priorities already present, the
+* notification is sent. The priorities recorded in 'pending_prio' are
+* cleared whenever the 'pending' bit makes another 0->1 transition.
+*/
+ if (atomic_cmpset_long(&pir_desc->pending, 0, 1) != 0) {
+ notify = 1;
+ vlapic_vtx->pending_prio = 0;
+ } else {
+ const u_int old_prio = vlapic_vtx->pending_prio;
+ const u_int prio_bit = VPR_PRIO_BIT(vector & APIC_TPR_INT);
+
+
svn commit: r344713 - head/sys/dev/random
Author: cem
Date: Fri Mar 1 22:51:45 2019
New Revision: 344713
URL: https://svnweb.freebsd.org/changeset/base/344713
Log:
fortuna: Deduplicate kernel vs user includes
No functional change.
Reviewed by: markj, markm
Approved by: secteam (delphij), core (brooks)
Sponsored by: Dell EMC Isilon
Differential Revision:https://reviews.freebsd.org/D19409
Modified:
head/sys/dev/random/fortuna.c
Modified: head/sys/dev/random/fortuna.c
==
--- head/sys/dev/random/fortuna.c Fri Mar 1 22:33:24 2019
(r344712)
+++ head/sys/dev/random/fortuna.c Fri Mar 1 22:51:45 2019
(r344713)
@@ -35,10 +35,10 @@
#include
__FBSDID("$FreeBSD$");
+#include
#include
#ifdef _KERNEL
-#include
#include
#include
#include
@@ -50,17 +50,7 @@ __FBSDID("$FreeBSD$");
#include
#include
-
-#include
-#include
-
-#include
-#include
-#include
-#include
-#include
#else /* !_KERNEL */
-#include
#include
#include
#include
@@ -69,15 +59,18 @@ __FBSDID("$FreeBSD$");
#include
#include "unit_test.h"
+#endif /* _KERNEL */
#include
#include
#include
#include
+#ifdef _KERNEL
+#include
+#endif
#include
#include
-#endif /* _KERNEL */
/* Defined in FS&K */
#defineRANDOM_FORTUNA_NPOOLS 32/* The number of
accumulation pools */
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344714 - head/sys/crypto/chacha20
Author: cem
Date: Fri Mar 1 23:30:23 2019
New Revision: 344714
URL: https://svnweb.freebsd.org/changeset/base/344714
Log:
Embedded chacha: Add 0-bit iv + 128-bit counter mode
This mode might be suitable for a Fortuna keystream primitive.
Reviewed by: markm
Sponsored by: Dell EMC Isilon
Differential Revision:https://reviews.freebsd.org/D19410
Modified:
head/sys/crypto/chacha20/chacha.c
head/sys/crypto/chacha20/chacha.h
Modified: head/sys/crypto/chacha20/chacha.c
==
--- head/sys/crypto/chacha20/chacha.c Fri Mar 1 22:51:45 2019
(r344713)
+++ head/sys/crypto/chacha20/chacha.c Fri Mar 1 23:30:23 2019
(r344714)
@@ -84,13 +84,33 @@ chacha_keysetup(chacha_ctx *x,const u8 *k,u32 kbits)
LOCAL void
chacha_ivsetup(chacha_ctx *x, const u8 *iv, const u8 *counter)
{
+#ifndef CHACHA_NONCE0_CTR128
x->input[12] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 0);
x->input[13] = counter == NULL ? 0 : U8TO32_LITTLE(counter + 4);
x->input[14] = U8TO32_LITTLE(iv + 0);
x->input[15] = U8TO32_LITTLE(iv + 4);
+#else
+ // CHACHA_STATELEN
+ (void)iv;
+ x->input[12] = U8TO32_LITTLE(counter + 0);
+ x->input[13] = U8TO32_LITTLE(counter + 4);
+ x->input[14] = U8TO32_LITTLE(counter + 8);
+ x->input[15] = U8TO32_LITTLE(counter + 12);
+#endif
}
+#ifdef CHACHA_NONCE0_CTR128
LOCAL void
+chacha_ctrsave(const chacha_ctx *x, u8 *counter)
+{
+U32TO8_LITTLE(counter + 0, x->input[12]);
+U32TO8_LITTLE(counter + 4, x->input[13]);
+U32TO8_LITTLE(counter + 8, x->input[14]);
+U32TO8_LITTLE(counter + 12, x->input[15]);
+}
+#endif
+
+LOCAL void
chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u32 bytes)
{
u32 x0, x1, x2, x3, x4, x5, x6, x7, x8, x9, x10, x11, x12, x13, x14, x15;
@@ -192,7 +212,16 @@ chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u
j12 = PLUSONE(j12);
if (!j12) {
j13 = PLUSONE(j13);
+#ifndef CHACHA_NONCE0_CTR128
/* stopping at 2^70 bytes per nonce is user's responsibility */
+#else
+ if (!j13) {
+j14 = PLUSONE(j14);
+if (!j14) {
+ j15 = PLUSONE(j15);
+}
+ }
+#endif
}
U32TO8_LITTLE(c + 0,x0);
@@ -218,6 +247,10 @@ chacha_encrypt_bytes(chacha_ctx *x,const u8 *m,u8 *c,u
}
x->input[12] = j12;
x->input[13] = j13;
+#ifdef CHACHA_NONCE0_CTR128
+ x->input[14] = j14;
+ x->input[15] = j15;
+#endif
return;
}
bytes -= 64;
Modified: head/sys/crypto/chacha20/chacha.h
==
--- head/sys/crypto/chacha20/chacha.h Fri Mar 1 22:51:45 2019
(r344713)
+++ head/sys/crypto/chacha20/chacha.h Fri Mar 1 23:30:23 2019
(r344714)
@@ -26,10 +26,19 @@ Public domain.
#define LOCAL
#endif
+#ifdef CHACHA_NONCE0_CTR128
+#define CHACHA_UNUSED __unused
+#else
+#define CHACHA_UNUSED
+#endif
+
LOCAL void chacha_keysetup(struct chacha_ctx *x, const u_char *k, u_int kbits);
-LOCAL void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv, const u_char
*ctr);
+LOCAL void chacha_ivsetup(struct chacha_ctx *x, const u_char *iv CHACHA_UNUSED,
+const u_char *ctr);
LOCAL void chacha_encrypt_bytes(struct chacha_ctx *x, const u_char *m,
u_char *c, u_int bytes);
+
+#undef CHACHA_UNUSED
#endif /* CHACHA_H */
___
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
svn commit: r344716 - in head/sys: powerpc/powerpc sys
Author: jhibbits
Date: Sat Mar 2 01:51:41 2019
New Revision: 344716
URL: https://svnweb.freebsd.org/changeset/base/344716
Log:
powerpc: Scale intrcnt by mp_ncpus
On very large powerpc64 systems (2x22x4 power9) it's very easy to run out of
available IRQs and crash the system at boot. Scale the count by mp_ncpus,
similar to x86, so this doesn't happen. Further work can be done in the
future
to scale the I/O IRQs as well, but that's left for the future.
Submitted by: mmacy
MFC after:3 weeks
Modified:
head/sys/powerpc/powerpc/intr_machdep.c
head/sys/sys/interrupt.h
Modified: head/sys/powerpc/powerpc/intr_machdep.c
==
--- head/sys/powerpc/powerpc/intr_machdep.c Fri Mar 1 23:53:05 2019
(r344715)
+++ head/sys/powerpc/powerpc/intr_machdep.c Sat Mar 2 01:51:41 2019
(r344716)
@@ -119,7 +119,7 @@ struct pic {
static u_int intrcnt_index = 0;
static struct mtx intr_table_lock;
-static struct powerpc_intr *powerpc_intrs[INTR_VECTORS];
+static struct powerpc_intr **powerpc_intrs;
static struct pic piclist[MAX_PICS];
static u_int nvectors; /* Allocated vectors */
static u_int npics;/* PICs registered */
@@ -130,11 +130,21 @@ static u_int nirqs = 0; /* Allocated IRQs. */
#endif
static u_int stray_count;
-u_long intrcnt[INTR_VECTORS];
-char intrnames[INTR_VECTORS * (MAXCOMLEN + 1)];
+u_long *intrcnt;
+char *intrnames;
size_t sintrcnt = sizeof(intrcnt);
size_t sintrnames = sizeof(intrnames);
+int nintrcnt;
+/*
+ * Just to start
+ */
+#ifdef __powerpc64__
+u_int num_io_irqs = 768;
+#else
+u_int num_io_irqs = 256;
+#endif
+
device_t root_pic;
#ifdef SMP
@@ -142,6 +152,14 @@ static void *ipi_cookie;
#endif
static void
+intrcnt_setname(const char *name, int index)
+{
+
+ snprintf(intrnames + (MAXCOMLEN + 1) * index, MAXCOMLEN + 1, "%-*s",
+ MAXCOMLEN, name);
+}
+
+static void
intr_init(void *dummy __unused)
{
@@ -149,6 +167,32 @@ intr_init(void *dummy __unused)
}
SYSINIT(intr_init, SI_SUB_INTR, SI_ORDER_FIRST, intr_init, NULL);
+static void
+intr_init_sources(void *arg __unused)
+{
+
+ powerpc_intrs = mallocarray(num_io_irqs, sizeof(*powerpc_intrs),
+ M_INTR, M_WAITOK | M_ZERO);
+ nintrcnt = 1 + num_io_irqs * 2 + mp_ncpus * 2;
+#ifdef COUNT_IPIS
+ if (mp_ncpus > 1)
+ nintrcnt += 8 * mp_ncpus;
+#endif
+ intrcnt = mallocarray(nintrcnt, sizeof(u_long), M_INTR, M_WAITOK |
+ M_ZERO);
+ intrnames = mallocarray(nintrcnt, MAXCOMLEN + 1, M_INTR, M_WAITOK |
+ M_ZERO);
+ sintrcnt = nintrcnt * sizeof(u_long);
+ sintrnames = nintrcnt * (MAXCOMLEN + 1);
+
+ intrcnt_setname("???", 0);
+ intrcnt_index = 1;
+}
+/*
+ * This needs to happen before SI_SUB_CPU
+ */
+SYSINIT(intr_init_sources, SI_SUB_KLD, SI_ORDER_ANY, intr_init_sources, NULL);
+
#ifdef SMP
static void
smp_intr_init(void *dummy __unused)
@@ -165,26 +209,19 @@ smp_intr_init(void *dummy __unused)
SYSINIT(smp_intr_init, SI_SUB_SMP, SI_ORDER_ANY, smp_intr_init, NULL);
#endif
-static void
-intrcnt_setname(const char *name, int index)
-{
-
- snprintf(intrnames + (MAXCOMLEN + 1) * index, MAXCOMLEN + 1, "%-*s",
- MAXCOMLEN, name);
-}
-
void
intrcnt_add(const char *name, u_long **countp)
{
int idx;
idx = atomic_fetchadd_int(&intrcnt_index, 1);
- KASSERT(idx < INTR_VECTORS, ("intrcnt_add: Interrupt counter index "
- "reached INTR_VECTORS"));
+ KASSERT(idx < nintrcnt, ("intrcnt_add: Interrupt counter index %d/%d"
+ "reached nintrcnt : %d", intrcnt_index, idx, nintrcnt));
*countp = &intrcnt[idx];
intrcnt_setname(name, idx);
}
+extern void kdb_backtrace(void);
static struct powerpc_intr *
intr_lookup(u_int irq)
{
@@ -224,7 +261,7 @@ intr_lookup(u_int irq)
CPU_SETOF(0, &i->cpu);
#endif
- for (vector = 0; vector < INTR_VECTORS && vector <= nvectors;
+ for (vector = 0; vector < num_io_irqs && vector <= nvectors;
vector++) {
iscan = powerpc_intrs[vector];
if (iscan != NULL && iscan->irq == irq)
Modified: head/sys/sys/interrupt.h
==
--- head/sys/sys/interrupt.hFri Mar 1 23:53:05 2019(r344715)
+++ head/sys/sys/interrupt.hSat Mar 2 01:51:41 2019(r344716)
@@ -156,7 +156,7 @@ extern struct intr_event *clk_intr_event;
extern void*vm_ih;
/* Counts and names for statistics (defined in MD code). */
-#if defined(__amd64__) || defined(__i386__)
+#if defined(__amd64__) || defined(__i386__) || defined(__powerpc__)
extern u_long *intrcnt; /* counts for for each device and stray */
extern char*intrnames; /* string table containing device names */
#else
___
svn-src-hea
