SecBSD
/
src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync with OpenBSD -current

This commit is contained in:
purplerain 2024-02-09 22:30:40 +00:00
parent d68c02c8a8
commit 550dd57439
Signed by: purplerain
GPG Key ID: F42C07F07E2E35B7
39 changed files with 1599 additions and 402 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
lib/libcrypto/sm2/sm2_crypt.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sm2_crypt.c,v 1.2 2022/11/26 16:08:54 tb Exp $ */
/* $OpenBSD: sm2_crypt.c,v 1.3 2024/02/09 07:43:52 tb Exp $ */
/*
* Copyright (c) 2017, 2019 Ribose Inc
*
@ -203,7 +203,6 @@ sm2_kdf(uint8_t *key, size_t key_len, uint8_t *secret, size_t secret_len,
goto err;
}
EVP_MD_CTX_init(hash);
while ((key_len > 0) && (ctr != 0)) {
if (!EVP_DigestInit_ex(hash, digest, NULL)) {
SM2error(ERR_R_EVP_LIB);

39
lib/libradius/radius_eapmsk.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radius_eapmsk.c,v 1.2 2023/07/08 08:53:26 yasuoka Exp $ */
/* $OpenBSD: radius_eapmsk.c,v 1.3 2024/02/09 11:59:23 yasuoka Exp $ */
/*-
* Copyright (c) 2013 Internet Initiative Japan Inc.
@ -34,35 +34,32 @@
#include "radius_local.h"
int
radius_get_eap_msk(const RADIUS_PACKET * packet, void *buf, size_t * len,
radius_get_eap_msk(const RADIUS_PACKET * packet, void *buf, size_t *len,
const char *secret)
{
/*
* Unfortunately, the way to pass EAP MSK/EMSK over RADIUS
* is not standardized.
*/
uint8_t buf0[256];
uint8_t buf1[256];
size_t len0, len1;
size_t len0, len1, msklen;
/*
* EAP MSK via MPPE keys
*
* MSK = MPPE-Recv-Key + MPPE-Send-Key + 32byte zeros
* http://msdn.microsoft.com/en-us/library/cc224635.aspx
*/
/* RFC 3748 defines the MSK minimum size is 64 bytes */
if (*len < 64)
return (-1);
len0 = sizeof(buf0);
len1 = sizeof(buf1);
if (radius_get_mppe_recv_key_attr(packet, buf0, &len0, secret) == 0 &&
radius_get_mppe_send_key_attr(packet, buf1, &len1, secret) == 0) {
if (len0 < 16 || len1 < 16)
return (-1);
if (*len < 64)
return (-1);
memcpy(buf, buf0, 16);
memcpy(((char *)buf) + 16, buf1, 16);
memset(((char *)buf) + 32, 0, 32);
*len = 64;
/* addition cannot overflow since len{0,1} are limited to 256 */
msklen = len0 + len1;
if (msklen > *len)
return (-1); /* not enougth */
memcpy(buf, buf0, len0);
memcpy(((char *)buf) + len0, buf1, len1);
/* zero padding to the minimum size, 64 bytes. */
if (msklen < 64) {
memset(((char *)buf) + msklen, 0, 64 - msklen);
msklen = 64;
}
*len = msklen;
return (0);
}

10
lib/libz/gzguts.h
View File

@ -17,6 +17,10 @@
# define ZLIB_INTERNAL
#endif
#if defined(_WIN32) && !defined(_CRT_SECURE_NO_WARNINGS)
# define _CRT_SECURE_NO_WARNINGS
#endif
#include <stdio.h>
#include "zlib.h"
#ifdef STDC
@ -36,13 +40,15 @@
#if defined(__TURBOC__) || defined(_MSC_VER) || defined(_WIN32)
# include <io.h>
# include <share.h>
# include <sys/stat.h>
#endif
#if defined(_WIN32)
#if defined(_WIN32) && !defined(WIDECHAR)
# define WIDECHAR
#endif
#ifdef WINAPI_FAMILY
#if defined(_WIN32) || defined(WINAPI_FAMILY)
# define open _open
# define read _read
# define write _write

17
lib/libz/gzlib.c
View File

@ -52,7 +52,8 @@ char ZLIB_INTERNAL *gz_strwinerror(DWORD error) {
msgbuf[chars] = 0;
}
wcstombs(buf, msgbuf, chars + 1);
z_size_t len;
wcstombs_s(&len, buf, sizeof(buf), msgbuf, chars + 1);
LocalFree(msgbuf);
}
else {
@ -180,8 +181,7 @@ local gzFile gz_open(const void *path, int fd, const char *mode) {
/* save the path name for error messages */
#ifdef WIDECHAR
if (fd == -2) {
len = wcstombs(NULL, path, 0);
if (len == (z_size_t)-1)
if (wcstombs_s(&len, NULL, 0, path, 0) != 0)
len = 0;
}
else
@ -195,7 +195,7 @@ local gzFile gz_open(const void *path, int fd, const char *mode) {
#ifdef WIDECHAR
if (fd == -2)
if (len)
wcstombs(state->path, path, len + 1);
wcstombs_s(&len, state->path, len + 1, path, len + 1);
else
*(state->path) = 0;
else
@ -228,11 +228,14 @@ local gzFile gz_open(const void *path, int fd, const char *mode) {
O_APPEND)));
/* open the file with the appropriate flags (or just use fd) */
state->fd = fd > -1 ? fd : (
if (fd == -1)
state->fd = open((const char *)path, oflag, 0666);
#ifdef WIDECHAR
fd == -2 ? _wopen(path, oflag, 0666) :
else if (fd == -2)
_wsopen_s(&state->fd, path, oflag, _SH_DENYNO, _S_IREAD | _S_IWRITE);
#endif
open((const char *)path, oflag, 0666));
else
state->fd = fd;
if (state->fd == -1) {
free(state->path);
free(state);

60
regress/lib/libcrypto/bio/bio_dump.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: bio_dump.c,v 1.3 2024/02/02 06:47:21 tb Exp $ */
/* $OpenBSD: bio_dump.c,v 1.4 2024/02/09 12:48:32 tb Exp $ */
/*
* Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
*
@ -55,6 +55,42 @@ const uint8_t dump[] = {
};
#define DUMP_LEN (sizeof(dump) / sizeof(dump[0]))
const uint8_t bytes[] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37,
0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f,
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47,
0x48, 0x49, 0x4a, 0x4b, 0x4c, 0x4d, 0x4e, 0x4f,
0x50, 0x51, 0x52, 0x53, 0x54, 0x55, 0x56, 0x57,
0x58, 0x59, 0x5a, 0x5b, 0x5c, 0x5d, 0x5e, 0x5f,
0x60, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67,
0x68, 0x69, 0x6a, 0x6b, 0x6c, 0x6d, 0x6e, 0x6f,
0x70, 0x71, 0x72, 0x73, 0x74, 0x75, 0x76, 0x77,
0x78, 0x79, 0x7a, 0x7b, 0x7c, 0x7d, 0x7e, 0x7f,
0x80, 0x81, 0x82, 0x83, 0x84, 0x85, 0x86, 0x87,
0x88, 0x89, 0x8a, 0x8b, 0x8c, 0x8d, 0x8e, 0x8f,
0x90, 0x91, 0x92, 0x93, 0x94, 0x95, 0x96, 0x97,
0x98, 0x99, 0x9a, 0x9b, 0x9c, 0x9d, 0x9e, 0x9f,
0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
0xa8, 0xa9, 0xaa, 0xab, 0xac, 0xad, 0xae, 0xaf,
0xb0, 0xb1, 0xb2, 0xb3, 0xb4, 0xb5, 0xb6, 0xb7,
0xb8, 0xb9, 0xba, 0xbb, 0xbc, 0xbd, 0xbe, 0xbf,
0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf,
0xd0, 0xd1, 0xd2, 0xd3, 0xd4, 0xd5, 0xd6, 0xd7,
0xd8, 0xd9, 0xda, 0xdb, 0xdc, 0xdd, 0xde, 0xdf,
0xe0, 0xe1, 0xe2, 0xe3, 0xe4, 0xe5, 0xe6, 0xe7,
0xe8, 0xe9, 0xea, 0xeb, 0xec, 0xed, 0xee, 0xef,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd, 0xfe, 0xff,
};
#define BYTES_LEN (sizeof(bytes) / sizeof(bytes[0]))
static const struct bio_dump_testcase {
int indent;
const char *input;
@ -726,6 +762,28 @@ static const struct bio_dump_testcase {
" 00d3 - 1a .\n"
" 00f6 - <SPACES/NULS>\n",
},
{
.indent = 4,
.input = bytes,
.inlen = BYTES_LEN,
.output =
" 0000 - 00 01 02 03 04 05 06 07-08 09 0a 0b 0c 0d 0e 0f ................\n"
" 0010 - 10 11 12 13 14 15 16 17-18 19 1a 1b 1c 1d 1e 1f ................\n"
" 0020 - 20 21 22 23 24 25 26 27-28 29 2a 2b 2c 2d 2e 2f !\"#$%&'()*+,-./\n"
" 0030 - 30 31 32 33 34 35 36 37-38 39 3a 3b 3c 3d 3e 3f 0123456789:;<=>?\n"
" 0040 - 40 41 42 43 44 45 46 47-48 49 4a 4b 4c 4d 4e 4f @ABCDEFGHIJKLMNO\n"
" 0050 - 50 51 52 53 54 55 56 57-58 59 5a 5b 5c 5d 5e 5f PQRSTUVWXYZ[\\]^_\n"
" 0060 - 60 61 62 63 64 65 66 67-68 69 6a 6b 6c 6d 6e 6f `abcdefghijklmno\n"
" 0070 - 70 71 72 73 74 75 76 77-78 79 7a 7b 7c 7d 7e 7f pqrstuvwxyz{|}~.\n"
" 0080 - 80 81 82 83 84 85 86 87-88 89 8a 8b 8c 8d 8e 8f ................\n"
" 0090 - 90 91 92 93 94 95 96 97-98 99 9a 9b 9c 9d 9e 9f ................\n"
" 00a0 - a0 a1 a2 a3 a4 a5 a6 a7-a8 a9 aa ab ac ad ae af ................\n"
" 00b0 - b0 b1 b2 b3 b4 b5 b6 b7-b8 b9 ba bb bc bd be bf ................\n"
" 00c0 - c0 c1 c2 c3 c4 c5 c6 c7-c8 c9 ca cb cc cd ce cf ................\n"
" 00d0 - d0 d1 d2 d3 d4 d5 d6 d7-d8 d9 da db dc dd de df ................\n"
" 00e0 - e0 e1 e2 e3 e4 e5 e6 e7-e8 e9 ea eb ec ed ee ef ................\n"
" 00f0 - f0 f1 f2 f3 f4 f5 f6 f7-f8 f9 fa fb fc fd fe ff ................\n",
},
};
#define N_TESTS (sizeof(bio_dump_testcases) / sizeof(bio_dump_testcases[0]))

51
regress/usr.bin/ssh/putty-ciphers.sh
View File

@ -1,24 +1,47 @@
# $OpenBSD: putty-ciphers.sh,v 1.11 2021/09/01 03:16:06 dtucker Exp $
# $OpenBSD: putty-ciphers.sh,v 1.13 2024/02/09 08:56:59 dtucker Exp $
# Placed in the Public Domain.
tid="putty ciphers"
if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
skip "putty interop tests not enabled"
fi
puttysetup
# Re-enable ssh-rsa on older PuTTY versions.
oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
if [ "x$oldver" = "xyes" ]; then
echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
fi
cp ${OBJ}/sshd_proxy ${OBJ}/sshd_proxy_bak
for c in aes 3des aes128-ctr aes192-ctr aes256-ctr chacha20 ; do
verbose "$tid: cipher $c"
# Since there doesn't seem to be a way to set MACs on the PuTTY client side,
# we force each in turn on the server side, omitting the ones PuTTY doesn't
# support. Grepping the binary is pretty janky, but AFAIK there's no way to
# query for supported algos.
macs=""
for m in `${SSH} -Q MACs`; do
if strings "${PLINK}" | grep -E "^${m}$" >/dev/null; then
macs="${macs} ${m}"
else
trace "omitting unsupported MAC ${m}"
fi
done
ciphers=""
for c in `${SSH} -Q Ciphers`; do
if strings "${PLINK}" | grep -E "^${c}$" >/dev/null; then
ciphers="${ciphers} ${c}"
else
trace "omitting unsupported cipher ${c}"
fi
done
for c in default $ciphers; do
for m in default ${macs}; do
verbose "$tid: cipher $c mac $m"
cp ${OBJ}/.putty/sessions/localhost_proxy \
${OBJ}/.putty/sessions/cipher_$c
echo "Cipher=$c" >> ${OBJ}/.putty/sessions/cipher_$c
if [ "${c}" != "default" ]; then
echo "Cipher=$c" >> ${OBJ}/.putty/sessions/cipher_$c
fi
cp ${OBJ}/sshd_proxy_bak ${OBJ}/sshd_proxy
if [ "${m}" != "default" ]; then
echo "MACs $m" >> ${OBJ}/sshd_proxy
fi
rm -f ${COPY}
env HOME=$PWD ${PLINK} -load cipher_$c -batch -i ${OBJ}/putty.rsa2 \
@ -27,6 +50,6 @@ for c in aes 3des aes128-ctr aes192-ctr aes256-ctr chacha20 ; do
fail "ssh cat $DATA failed"
fi
cmp ${DATA} ${COPY} || fail "corrupted copy"
done
done
rm -f ${COPY}

44
regress/usr.bin/ssh/putty-kex.sh
View File

@ -1,28 +1,36 @@
# $OpenBSD: putty-kex.sh,v 1.9 2021/09/01 03:16:06 dtucker Exp $
# $OpenBSD: putty-kex.sh,v 1.11 2024/02/09 08:56:59 dtucker Exp $
# Placed in the Public Domain.
tid="putty KEX"
if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
skip "putty interop tests not enabled"
fi
puttysetup
# Re-enable ssh-rsa on older PuTTY versions.
oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
if [ "x$oldver" = "xyes" ]; then
echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
fi
cp ${OBJ}/sshd_proxy ${OBJ}/sshd_proxy_bak
for k in dh-gex-sha1 dh-group1-sha1 dh-group14-sha1 ecdh ; do
verbose "$tid: kex $k"
cp ${OBJ}/.putty/sessions/localhost_proxy \
${OBJ}/.putty/sessions/kex_$k
echo "KEX=$k" >> ${OBJ}/.putty/sessions/kex_$k
# Enable group1, which PuTTY now disables by default
echo "KEX=dh-group1-sha1" >>${OBJ}/.putty/sessions/localhost_proxy
env HOME=$PWD ${PLINK} -load kex_$k -batch -i ${OBJ}/putty.rsa2 true
if [ $? -ne 0 ]; then
fail "KEX $k failed"
# Grepping algos out of the binary is pretty janky, but AFAIK there's no way
# to query supported algos.
kex=""
for k in `$SSH -Q kex`; do
if strings "${PLINK}" | grep -E "^${k}$" >/dev/null; then
kex="${kex} ${k}"
else
trace "omitting unsupported KEX ${k}"
fi
done
for k in ${kex}; do
verbose "$tid: kex $k"
cp ${OBJ}/sshd_proxy_bak ${OBJ}/sshd_proxy
echo "KexAlgorithms ${k}" >>${OBJ}/sshd_proxy
env HOME=$PWD ${PLINK} -v -load localhost_proxy -batch -i ${OBJ}/putty.rsa2 true \
2>${OBJ}/log/putty-kex-$k.log
if [ $? -ne 0 ]; then
fail "KEX $k failed"
fi
kexmsg=`grep -E '^Doing.* key exchange' ${OBJ}/log/putty-kex-$k.log`
trace putty: ${kexmsg}
done

13
regress/usr.bin/ssh/putty-transfer.sh
View File

@ -1,18 +1,9 @@
# $OpenBSD: putty-transfer.sh,v 1.11 2021/09/01 03:16:06 dtucker Exp $
# $OpenBSD: putty-transfer.sh,v 1.12 2024/02/09 08:47:42 dtucker Exp $
# Placed in the Public Domain.
tid="putty transfer data"
if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
skip "putty interop tests not enabled"
fi
# Re-enable ssh-rsa on older PuTTY versions.
oldver="`${PLINK} --version | awk '/plink: Release/{if ($3<0.76)print "yes"}'`"
if [ "x$oldver" = "xyes" ]; then
echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
fi
puttysetup
if [ "`${SSH} -Q compression`" = "none" ]; then
comp="0"

24
regress/usr.bin/ssh/test-exec.sh
View File

@ -1,4 +1,4 @@
# $OpenBSD: test-exec.sh,v 1.105 2023/10/31 04:15:40 dtucker Exp $
# $OpenBSD: test-exec.sh,v 1.106 2024/02/09 08:47:42 dtucker Exp $
# Placed in the Public Domain.
#SUDO=sudo
@ -571,6 +571,11 @@ case "$SCRIPT" in
esac
if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
puttysetup() {
if test "x$REGRESS_INTEROP_PUTTY" != "xyes" ; then
skip "putty interop tests not enabled"
fi
mkdir -p ${OBJ}/.putty
# Add a PuTTY key to authorized_keys
@ -602,6 +607,23 @@ if test "$REGRESS_INTEROP_PUTTY" = "yes" ; then
echo "ProxyMethod=5" >> ${OBJ}/.putty/sessions/localhost_proxy
echo "ProxyTelnetCommand=${OBJ}/sshd-log-wrapper.sh -i -f $OBJ/sshd_proxy" >> ${OBJ}/.putty/sessions/localhost_proxy
echo "ProxyLocalhost=1" >> ${OBJ}/.putty/sessions/localhost_proxy
PUTTYVER="`${PLINK} --version | awk '/plink: Release/{print $3}'`"
PUTTYMINORVER="`echo ${PUTTYVER} | cut -f2 -d.`"
verbose "plink version ${PUTTYVER} minor ${PUTTYMINORVER}"
# Re-enable ssh-rsa on older PuTTY versions since they don't do newer
# key types.
if [ "$PUTTYMINORVER" -lt "76" ]; then
echo "HostKeyAlgorithms +ssh-rsa" >> ${OBJ}/sshd_proxy
echo "PubkeyAcceptedKeyTypes +ssh-rsa" >> ${OBJ}/sshd_proxy
fi
if [ "$PUTTYMINORVER" -le "64" ]; then
echo "KexAlgorithms +diffie-hellman-group14-sha1" \
>>${OBJ}/sshd_proxy
fi
}
fi
REGRESS_INTEROP_DROPBEAR=no

24
sys/dev/dt/dt_dev.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dt_dev.c,v 1.29 2024/01/02 16:32:48 bluhm Exp $ */
/* $OpenBSD: dt_dev.c,v 1.30 2024/02/09 17:42:18 cheloha Exp $ */
/*
* Copyright (c) 2019 Martin Pieuchot <mpi@openbsd.org>
@ -19,6 +19,7 @@
#include <sys/types.h>
#include <sys/systm.h>
#include <sys/param.h>
#include <sys/clockintr.h>
#include <sys/device.h>
#include <sys/exec_elf.h>
#include <sys/malloc.h>
@ -56,13 +57,13 @@
* proc_trampoline+0x1c
*/
#if defined(__amd64__)
#define DT_FA_PROFILE 7
#define DT_FA_PROFILE 5
#define DT_FA_STATIC 2
#elif defined(__i386__)
#define DT_FA_PROFILE 8
#define DT_FA_PROFILE 5
#define DT_FA_STATIC 2
#elif defined(__macppc__)
#define DT_FA_PROFILE 7
#define DT_FA_PROFILE 5
#define DT_FA_STATIC 2
#elif defined(__octeon__)
#define DT_FA_PROFILE 6
@ -492,6 +493,14 @@ dt_ioctl_record_start(struct dt_softc *sc)
SMR_SLIST_INSERT_HEAD_LOCKED(&dtp->dtp_pcbs, dp, dp_pnext);
dtp->dtp_recording++;
dtp->dtp_prov->dtpv_recording++;
if (dp->dp_nsecs != 0) {
clockintr_bind(&dp->dp_clockintr, dp->dp_cpu, dt_clock,
dp);
clockintr_stagger(&dp->dp_clockintr, dp->dp_nsecs,
CPU_INFO_UNIT(dp->dp_cpu), MAXCPUS);
clockintr_advance(&dp->dp_clockintr, dp->dp_nsecs);
}
}
rw_exit_write(&dt_lock);
@ -518,6 +527,13 @@ dt_ioctl_record_stop(struct dt_softc *sc)
TAILQ_FOREACH(dp, &sc->ds_pcbs, dp_snext) {
struct dt_probe *dtp = dp->dp_dtp;
/*
* Set an execution barrier to ensure the shared
* reference to dp is inactive.
*/
if (dp->dp_nsecs != 0)
clockintr_unbind(&dp->dp_clockintr, CL_BARRIER);
dtp->dtp_recording--;
dtp->dtp_prov->dtpv_recording--;
SMR_SLIST_REMOVE_LOCKED(&dtp->dtp_pcbs, dp, dt_pcb, dp_pnext);

66
sys/dev/dt/dt_prov_profile.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dt_prov_profile.c,v 1.5 2023/04/26 16:53:59 claudio Exp $ */
/* $OpenBSD: dt_prov_profile.c,v 1.6 2024/02/09 17:42:18 cheloha Exp $ */
/*
* Copyright (c) 2019 Martin Pieuchot <mpi@openbsd.org>
@ -20,6 +20,7 @@
#include <sys/systm.h>
#include <sys/param.h>
#include <sys/atomic.h>
#include <sys/clockintr.h>
#include <dev/dt/dtvar.h>
@ -31,13 +32,11 @@ struct dt_probe *dtpp_interval; /* global periodic probe */
int dt_prov_profile_alloc(struct dt_probe *, struct dt_softc *,
struct dt_pcb_list *, struct dtioc_req *);
int dt_prov_profile_enter(struct dt_provider *, ...);
int dt_prov_interval_enter(struct dt_provider *, ...);
struct dt_provider dt_prov_profile = {
.dtpv_name = "profile",
.dtpv_alloc = dt_prov_profile_alloc,
.dtpv_enter = dt_prov_profile_enter,
.dtpv_enter = NULL,
.dtpv_leave = NULL,
.dtpv_dealloc = NULL,
};
@ -45,7 +44,7 @@ struct dt_provider dt_prov_profile = {
struct dt_provider dt_prov_interval = {
.dtpv_name = "interval",
.dtpv_alloc = dt_prov_profile_alloc,
.dtpv_enter = dt_prov_interval_enter,
.dtpv_enter = NULL,
.dtpv_leave = NULL,
.dtpv_dealloc = NULL,
};
@ -90,8 +89,8 @@ dt_prov_profile_alloc(struct dt_probe *dtp, struct dt_softc *sc,
return ENOMEM;
}
dp->dp_maxtick = hz / dtrq->dtrq_rate;
dp->dp_cpuid = ci->ci_cpuid;
dp->dp_nsecs = SEC_TO_NSEC(1) / dtrq->dtrq_rate;
dp->dp_cpu = ci;
dp->dp_filter = dtrq->dtrq_filter;
dp->dp_evtflags = dtrq->dtrq_evtflags & DTEVT_PROV_PROFILE;
@ -101,51 +100,18 @@ dt_prov_profile_alloc(struct dt_probe *dtp, struct dt_softc *sc,
return 0;
}
static inline void
dt_prov_profile_fire(struct dt_pcb *dp)
void
dt_clock(struct clockrequest *cr, void *cf, void *arg)
{
uint64_t count, i;
struct dt_evt *dtev;
struct dt_pcb *dp = arg;
if (++dp->dp_nticks < dp->dp_maxtick)
return;
dtev = dt_pcb_ring_get(dp, 1);
if (dtev == NULL)
return;
dt_pcb_ring_consume(dp, dtev);
dp->dp_nticks = 0;
}
int
dt_prov_profile_enter(struct dt_provider *dtpv, ...)
{
struct cpu_info *ci = curcpu();
struct dt_pcb *dp;
KASSERT(dtpv == &dt_prov_profile);
smr_read_enter();
SMR_SLIST_FOREACH(dp, &dtpp_profile->dtp_pcbs, dp_pnext) {
if (dp->dp_cpuid != ci->ci_cpuid)
continue;
dt_prov_profile_fire(dp);
count = clockrequest_advance(cr, dp->dp_nsecs);
for (i = 0; i < count; i++) {
dtev = dt_pcb_ring_get(dp, 1);
if (dtev == NULL)
return;
dt_pcb_ring_consume(dp, dtev);
}
smr_read_leave();
return 0;
}
int
dt_prov_interval_enter(struct dt_provider *dtpv, ...)
{
struct dt_pcb *dp;
KASSERT(dtpv == &dt_prov_interval);
smr_read_enter();
SMR_SLIST_FOREACH(dp, &dtpp_interval->dtp_pcbs, dp_pnext) {
dt_prov_profile_fire(dp);
}
smr_read_leave();
return 0;
}

10
sys/dev/dt/dtvar.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: dtvar.h,v 1.17 2023/04/26 16:53:59 claudio Exp $ */
/* $OpenBSD: dtvar.h,v 1.18 2024/02/09 17:42:18 cheloha Exp $ */
/*
* Copyright (c) 2019 Martin Pieuchot <mpi@openbsd.org>
@ -175,6 +175,7 @@ int dtioc_req_isvalid(struct dtioc_req *);
* userland read(2)s them.
*
* Locks used to protect struct members in this file:
* D dt_lock
* I immutable after creation
* K kernel lock
* K,S kernel lock for writing and SMR for reading
@ -197,9 +198,9 @@ struct dt_pcb {
struct dt_filter dp_filter; /* [I] filter to match */
/* Provider specific fields. */
unsigned int dp_cpuid; /* [I] on which CPU */
unsigned int dp_maxtick; /* [I] freq. of profiling */
unsigned int dp_nticks; /* [c] current tick count */
struct clockintr dp_clockintr; /* [D] profiling handle */
uint64_t dp_nsecs; /* [I] profiling period */
struct cpu_info *dp_cpu; /* [I] on which CPU */
/* Counters */
uint64_t dp_dropevt; /* [m] # dropped event */
@ -270,6 +271,7 @@ struct dt_probe *dt_dev_alloc_probe(const char *, const char *,
struct dt_provider *);
void dt_dev_register_probe(struct dt_probe *);
void dt_clock(struct clockrequest *, void *, void *);
extern volatile uint32_t dt_tracing; /* currently tracing? */

1012
sys/dev/ic/qwx.c
View File

File diff suppressed because it is too large Load Diff

108
sys/dev/ic/qwxvar.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: qwxvar.h,v 1.14 2024/02/08 14:35:07 stsp Exp $ */
/* $OpenBSD: qwxvar.h,v 1.18 2024/02/09 14:09:19 stsp Exp $ */
/*
* Copyright (c) 2018-2019 The Linux Foundation.
@ -662,6 +662,100 @@ struct hal_srng_config {
#define QWX_NUM_SRNG_CFG 21
struct hal_reo_status_header {
uint16_t cmd_num;
enum hal_reo_cmd_status cmd_status;
uint16_t cmd_exe_time;
uint32_t timestamp;
};
struct hal_reo_status_queue_stats {
uint16_t ssn;
uint16_t curr_idx;
uint32_t pn[4];
uint32_t last_rx_queue_ts;
uint32_t last_rx_dequeue_ts;
uint32_t rx_bitmap[8]; /* Bitmap from 0-255 */
uint32_t curr_mpdu_cnt;
uint32_t curr_msdu_cnt;
uint16_t fwd_due_to_bar_cnt;
uint16_t dup_cnt;
uint32_t frames_in_order_cnt;
uint32_t num_mpdu_processed_cnt;
uint32_t num_msdu_processed_cnt;
uint32_t total_num_processed_byte_cnt;
uint32_t late_rx_mpdu_cnt;
uint32_t reorder_hole_cnt;
uint8_t timeout_cnt;
uint8_t bar_rx_cnt;
uint8_t num_window_2k_jump_cnt;
};
struct hal_reo_status_flush_queue {
bool err_detected;
};
enum hal_reo_status_flush_cache_err_code {
HAL_REO_STATUS_FLUSH_CACHE_ERR_CODE_SUCCESS,
HAL_REO_STATUS_FLUSH_CACHE_ERR_CODE_IN_USE,
HAL_REO_STATUS_FLUSH_CACHE_ERR_CODE_NOT_FOUND,
};
struct hal_reo_status_flush_cache {
bool err_detected;
enum hal_reo_status_flush_cache_err_code err_code;
bool cache_controller_flush_status_hit;
uint8_t cache_controller_flush_status_desc_type;
uint8_t cache_controller_flush_status_client_id;
uint8_t cache_controller_flush_status_err;
uint8_t cache_controller_flush_status_cnt;
};
enum hal_reo_status_unblock_cache_type {
HAL_REO_STATUS_UNBLOCK_BLOCKING_RESOURCE,
HAL_REO_STATUS_UNBLOCK_ENTIRE_CACHE_USAGE,
};
struct hal_reo_status_unblock_cache {
bool err_detected;
enum hal_reo_status_unblock_cache_type unblock_type;
};
struct hal_reo_status_flush_timeout_list {
bool err_detected;
bool list_empty;
uint16_t release_desc_cnt;
uint16_t fwd_buf_cnt;
};
enum hal_reo_threshold_idx {
HAL_REO_THRESHOLD_IDX_DESC_COUNTER0,
HAL_REO_THRESHOLD_IDX_DESC_COUNTER1,
HAL_REO_THRESHOLD_IDX_DESC_COUNTER2,
HAL_REO_THRESHOLD_IDX_DESC_COUNTER_SUM,
};
struct hal_reo_status_desc_thresh_reached {
enum hal_reo_threshold_idx threshold_idx;
uint32_t link_desc_counter0;
uint32_t link_desc_counter1;
uint32_t link_desc_counter2;
uint32_t link_desc_counter_sum;
};
struct hal_reo_status {
struct hal_reo_status_header uniform_hdr;
uint8_t loop_cnt;
union {
struct hal_reo_status_queue_stats queue_stats;
struct hal_reo_status_flush_queue flush_queue;
struct hal_reo_status_flush_cache flush_cache;
struct hal_reo_status_unblock_cache unblock_cache;
struct hal_reo_status_flush_timeout_list timeout_list;
struct hal_reo_status_desc_thresh_reached desc_thresh_reached;
} u;
};
/* HAL context to be used to access SRNG APIs (currently used by data path
* and transport (CE) modules)
*/
@ -777,6 +871,7 @@ struct qwx_rx_data {
};
struct qwx_tx_data {
struct ieee80211_node *ni;
struct mbuf *m;
bus_dmamap_t map;
uint8_t eid;
@ -1380,6 +1475,15 @@ struct hal_rx_user_status {
uint32_t mpdu_err_byte_count;
};
struct hal_rx_wbm_rel_info {
uint32_t cookie;
enum hal_wbm_rel_src_module err_rel_src;
enum hal_reo_dest_ring_push_reason push_reason;
uint32_t err_code;
int first_msdu;
int last_msdu;
};
#define HAL_INVALID_PEERID 0xffff
#define VHT_SIG_SU_NSS_MASK 0x7
@ -1772,7 +1876,6 @@ struct qwx_softc {
struct qmi_wlanfw_request_mem_ind_msg_v01 *sc_req_mem_ind;
#if NBPFILTER > 0
caddr_t sc_drvbpf;
union {
@ -1788,7 +1891,6 @@ struct qwx_softc {
} sc_txtapu;
#define sc_txtap sc_txtapu.th
int sc_txtap_len;
#endif
};
int qwx_ce_intr(void *);

5
sys/dev/pci/if_qwx_pci.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_qwx_pci.c,v 1.6 2024/02/05 10:45:47 kettenis Exp $ */
/* $OpenBSD: if_qwx_pci.c,v 1.8 2024/02/09 14:57:36 bluhm Exp $ */
/*
* Copyright 2023 Stefan Sperling <stsp@openbsd.org>
@ -50,10 +50,13 @@
* ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "bpfilter.h"
#include <sys/param.h>
#include <sys/sockio.h>
#include <sys/mbuf.h>
#include <sys/kernel.h>
#include <sys/lock.h>
#include <sys/socket.h>
#include <sys/systm.h>
#include <sys/malloc.h>

13
sys/dev/pci/if_vmx.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_vmx.c,v 1.79 2023/11/10 15:51:24 bluhm Exp $ */
/* $OpenBSD: if_vmx.c,v 1.80 2024/02/09 15:22:41 jan Exp $ */
/*
* Copyright (c) 2013 Tsubai Masanari
@ -404,8 +404,10 @@ vmxnet3_attach(struct device *parent, struct device *self, void *aux)
if (sc->sc_ds->upt_features & UPT1_F_CSUM)
ifp->if_capabilities |= IFCAP_CSUM_TCPv4 | IFCAP_CSUM_UDPv4;
#endif
#if NVLAN > 0
if (sc->sc_ds->upt_features & UPT1_F_VLAN)
ifp->if_capabilities |= IFCAP_VLAN_HWTAGGING;
#endif
ifq_init_maxlen(&ifp->if_snd, NTXDESC);
@ -503,7 +505,10 @@ vmxnet3_dma_init(struct vmxnet3_softc *sc)
#endif
ds->vmxnet3_revision = 1;
ds->upt_version = 1;
ds->upt_features = UPT1_F_CSUM | UPT1_F_VLAN;
ds->upt_features = UPT1_F_CSUM;
#if NVLAN > 0
ds->upt_features |= UPT1_F_VLAN;
#endif
ds->driver_data = ~0ULL;
ds->driver_data_len = 0;
ds->queue_shared = qs_pa;
@ -1117,11 +1122,13 @@ vmxnet3_rxintr(struct vmxnet3_softc *sc, struct vmxnet3_rxqueue *rq)
m->m_pkthdr.len = m->m_len = len;
vmxnet3_rx_csum(rxcd, m);
#if NVLAN > 0
if (letoh32(rxcd->rxc_word2 & VMXNET3_RXC_VLAN)) {
m->m_flags |= M_VLANTAG;
m->m_pkthdr.ether_vtag = letoh32((rxcd->rxc_word2 >>
VMXNET3_RXC_VLANTAG_S) & VMXNET3_RXC_VLANTAG_M);
}
#endif
if (((letoh32(rxcd->rxc_word0) >> VMXNET3_RXC_RSSTYPE_S) &
VMXNET3_RXC_RSSTYPE_M) != VMXNET3_RXC_RSSTYPE_NONE) {
m->m_pkthdr.ph_flowid = letoh32(rxcd->rxc_word1);
@ -1462,11 +1469,13 @@ vmxnet3_start(struct ifqueue *ifq)
}
txd->tx_word3 = htole32(VMXNET3_TX_EOP | VMXNET3_TX_COMPREQ);
#if NVLAN > 0
if (ISSET(m->m_flags, M_VLANTAG)) {
sop->tx_word3 |= htole32(VMXNET3_TX_VTAG_MODE);
sop->tx_word3 |= htole32((m->m_pkthdr.ether_vtag &
VMXNET3_TX_VLANTAG_M) << VMXNET3_TX_VLANTAG_S);
}
#endif
ring->prod = prod;
/* Change the ownership by flipping the "generation" bit */

13
sys/kern/kern_clock.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kern_clock.c,v 1.121 2023/10/17 00:04:02 cheloha Exp $ */
/* $OpenBSD: kern_clock.c,v 1.122 2024/02/09 17:42:18 cheloha Exp $ */
/* $NetBSD: kern_clock.c,v 1.34 1996/06/09 04:51:03 briggs Exp $ */
/*-
@ -50,11 +50,6 @@
#include <sys/sched.h>
#include <sys/timetc.h>
#include "dt.h"
#if NDT > 0
#include <dev/dt/dtvar.h>
#endif
/*
* Clock handling routines.
*
@ -145,12 +140,6 @@ initclocks(void)
void
hardclock(struct clockframe *frame)
{
#if NDT > 0
DT_ENTER(profile, NULL);
if (CPU_IS_PRIMARY(curcpu()))
DT_ENTER(interval, NULL);
#endif
/*
* If we are not the primary CPU, we're not allowed to do
* any more work.

53
sys/kern/kern_clockintr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: kern_clockintr.c,v 1.64 2024/01/24 19:23:38 cheloha Exp $ */
/* $OpenBSD: kern_clockintr.c,v 1.66 2024/02/09 16:52:58 cheloha Exp $ */
/*
* Copyright (c) 2003 Dale Rahn <drahn@openbsd.org>
* Copyright (c) 2020 Mark Kettenis <kettenis@openbsd.org>
@ -31,6 +31,7 @@
#include <sys/sysctl.h>
#include <sys/time.h>
void clockintr_cancel_locked(struct clockintr *);
void clockintr_hardclock(struct clockrequest *, void *, void *);
void clockintr_schedule_locked(struct clockintr *, uint64_t);
void clockqueue_intrclock_install(struct clockintr_queue *,
@ -226,6 +227,12 @@ clockintr_dispatch(void *frame)
CLR(request->cr_flags, CR_RESCHEDULE);
clockqueue_pend_insert(cq, cl, request->cr_expiration);
}
if (ISSET(cq->cq_flags, CQ_NEED_WAKEUP)) {
CLR(cq->cq_flags, CQ_NEED_WAKEUP);
mtx_leave(&cq->cq_mtx);
wakeup(&cq->cq_running);
mtx_enter(&cq->cq_mtx);
}
run++;
}
@ -317,9 +324,20 @@ void
clockintr_cancel(struct clockintr *cl)
{
struct clockintr_queue *cq = cl->cl_queue;
int was_next;
mtx_enter(&cq->cq_mtx);
clockintr_cancel_locked(cl);
mtx_leave(&cq->cq_mtx);
}
void
clockintr_cancel_locked(struct clockintr *cl)
{
struct clockintr_queue *cq = cl->cl_queue;
int was_next;
MUTEX_ASSERT_LOCKED(&cq->cq_mtx);
if (ISSET(cl->cl_flags, CLST_PENDING)) {
was_next = cl == TAILQ_FIRST(&cq->cq_pend);
clockqueue_pend_delete(cq, cl);
@ -332,7 +350,6 @@ clockintr_cancel(struct clockintr *cl)
}
if (cl == cq->cq_running)
SET(cq->cq_flags, CQ_IGNORE_REQUEST);
mtx_leave(&cq->cq_mtx);
}
void
@ -341,15 +358,41 @@ clockintr_bind(struct clockintr *cl, struct cpu_info *ci,
{
struct clockintr_queue *cq = &ci->ci_queue;
splassert(IPL_NONE);
KASSERT(cl->cl_queue == NULL);
mtx_enter(&cq->cq_mtx);
cl->cl_arg = arg;
cl->cl_func = func;
cl->cl_queue = cq;
mtx_enter(&cq->cq_mtx);
TAILQ_INSERT_TAIL(&cq->cq_all, cl, cl_alink);
mtx_leave(&cq->cq_mtx);
}
void
clockintr_unbind(struct clockintr *cl, uint32_t flags)
{
struct clockintr_queue *cq = cl->cl_queue;
KASSERT(!ISSET(flags, ~CL_FLAG_MASK));
mtx_enter(&cq->cq_mtx);
clockintr_cancel_locked(cl);
cl->cl_arg = NULL;
cl->cl_func = NULL;
cl->cl_queue = NULL;
TAILQ_REMOVE(&cq->cq_all, cl, cl_alink);
if (ISSET(flags, CL_BARRIER) && cl == cq->cq_running) {
SET(cq->cq_flags, CQ_NEED_WAKEUP);
msleep_nsec(&cq->cq_running, &cq->cq_mtx, PWAIT | PNORELOCK,
"clkbar", INFSLP);
} else
mtx_leave(&cq->cq_mtx);
}
void
clockintr_schedule(struct clockintr *cl, uint64_t expiration)
{

14
sys/net/route.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: route.c,v 1.430 2024/02/07 23:52:20 bluhm Exp $ */
/* $OpenBSD: route.c,v 1.431 2024/02/09 14:02:11 bluhm Exp $ */
/* $NetBSD: route.c,v 1.14 1996/02/13 22:00:46 christos Exp $ */
/*
@ -201,7 +201,7 @@ route_init(void)
#endif
}
void
int
route_cache(struct route *ro, struct in_addr addr, u_int rtableid)
{
u_long gen;
@ -215,7 +215,7 @@ route_cache(struct route *ro, struct in_addr addr, u_int rtableid)
ro->ro_dst.sa_family == AF_INET &&
satosin(&ro->ro_dst)->sin_addr.s_addr == addr.s_addr) {
ipstat_inc(ips_rtcachehit);
return;
return (0);
}
ipstat_inc(ips_rtcachemiss);
@ -228,10 +228,12 @@ route_cache(struct route *ro, struct in_addr addr, u_int rtableid)
satosin(&ro->ro_dst)->sin_family = AF_INET;
satosin(&ro->ro_dst)->sin_len = sizeof(struct sockaddr_in);
satosin(&ro->ro_dst)->sin_addr = addr;
return (ESRCH);
}
#ifdef INET6
void
int
route6_cache(struct route_in6 *ro, const struct in6_addr *addr,
u_int rtableid)
{
@ -246,7 +248,7 @@ route6_cache(struct route_in6 *ro, const struct in6_addr *addr,
ro->ro_dst.sin6_family == AF_INET6 &&
IN6_ARE_ADDR_EQUAL(&ro->ro_dst.sin6_addr, addr)) {
ip6stat_inc(ip6s_rtcachehit);
return;
return (0);
}
ip6stat_inc(ip6s_rtcachemiss);
@ -259,6 +261,8 @@ route6_cache(struct route_in6 *ro, const struct in6_addr *addr,
ro->ro_dst.sin6_family = AF_INET6;
ro->ro_dst.sin6_len = sizeof(struct sockaddr_in6);
ro->ro_dst.sin6_addr = *addr;
return (ESRCH);
}
#endif

4
sys/netinet/in.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: in.h,v 1.146 2024/02/05 12:52:11 aoyama Exp $ */
/* $OpenBSD: in.h,v 1.147 2024/02/09 14:02:11 bluhm Exp $ */
/* $NetBSD: in.h,v 1.20 1996/02/13 23:41:47 christos Exp $ */
/*
@ -789,7 +789,7 @@ void in_len2mask(struct in_addr *, int);
int in_nam2sin(const struct mbuf *, struct sockaddr_in **);
int in_sa2sin(struct sockaddr *, struct sockaddr_in **);
void route_cache(struct route *, struct in_addr, u_int);
int route_cache(struct route *, struct in_addr, u_int);
char *inet_ntoa(struct in_addr);
int inet_nat64(int, const void *, void *, const void *, u_int8_t);

25
sys/netinet/in_pcb.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: in_pcb.c,v 1.290 2024/02/07 23:40:40 bluhm Exp $ */
/* $OpenBSD: in_pcb.c,v 1.291 2024/02/09 14:02:11 bluhm Exp $ */
/* $NetBSD: in_pcb.c,v 1.25 1996/02/13 23:41:53 christos Exp $ */
/*
@ -918,8 +918,7 @@ in_pcbrtentry(struct inpcb *inp)
if (inp->inp_faddr.s_addr == INADDR_ANY)
return (NULL);
route_cache(ro, inp->inp_faddr, inp->inp_rtableid);
if (ro->ro_rt == NULL) {
if (route_cache(ro, inp->inp_faddr, inp->inp_rtableid)) {
ro->ro_rt = rtalloc_mpath(&ro->ro_dst,
&inp->inp_laddr.s_addr, ro->ro_tableid);
}
@ -941,8 +940,6 @@ in_pcbselsrc(struct in_addr *insrc, struct sockaddr_in *sin,
const struct in_addr *laddr = &inp->inp_laddr;
u_int rtableid = inp->inp_rtableid;
struct sockaddr *ip4_source = NULL;
struct sockaddr_in *sin2;
struct in_ifaddr *ia = NULL;
/*
@ -984,25 +981,9 @@ in_pcbselsrc(struct in_addr *insrc, struct sockaddr_in *sin,
* If route is known or can be allocated now,
* our src addr is taken from the i/f, else punt.
*/
if (!rtisvalid(ro->ro_rt) || (ro->ro_tableid != rtableid) ||
(satosin(&ro->ro_dst)->sin_addr.s_addr != sin->sin_addr.s_addr)) {
rtfree(ro->ro_rt);
ro->ro_rt = NULL;
}
if (ro->ro_rt == NULL) {
if (route_cache(ro, sin->sin_addr, rtableid)) {
/* No route yet, so try to acquire one */
ro->ro_dst.sa_family = AF_INET;
ro->ro_dst.sa_len = sizeof(struct sockaddr_in);
satosin(&ro->ro_dst)->sin_addr = sin->sin_addr;
ro->ro_tableid = rtableid;
ro->ro_rt = rtalloc_mpath(&ro->ro_dst, NULL, ro->ro_tableid);
/*
* It is important to zero out the rest of the
* struct sockaddr_in when mixing v6 & v4!
*/
sin2 = satosin(&ro->ro_dst);
memset(sin2->sin_zero, 0, sizeof(sin2->sin_zero));
}
/*

4
sys/netinet6/in6.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: in6.h,v 1.114 2024/02/07 23:40:40 bluhm Exp $ */
/* $OpenBSD: in6.h,v 1.115 2024/02/09 14:02:12 bluhm Exp $ */
/* $KAME: in6.h,v 1.83 2001/03/29 02:55:07 jinmei Exp $ */
/*
@ -428,7 +428,7 @@ int in6_mask2len(struct in6_addr *, u_char *);
int in6_nam2sin6(const struct mbuf *, struct sockaddr_in6 **);
int in6_sa2sin6(struct sockaddr *, struct sockaddr_in6 **);
void route6_cache(struct route_in6 *, const struct in6_addr *, u_int);
int route6_cache(struct route_in6 *, const struct in6_addr *, u_int);
struct ip6_pktopts;
struct ip6_moptions;

5
sys/netinet6/in6_pcb.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: in6_pcb.c,v 1.135 2024/02/07 23:40:40 bluhm Exp $ */
/* $OpenBSD: in6_pcb.c,v 1.136 2024/02/09 14:02:12 bluhm Exp $ */
/*
* Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project.
@ -568,8 +568,7 @@ in6_pcbrtentry(struct inpcb *inp)
if (IN6_IS_ADDR_UNSPECIFIED(&inp->inp_faddr6))
return (NULL);
route6_cache(ro, &inp->inp_faddr6, inp->inp_rtableid);
if (ro->ro_rt == NULL) {
if (route6_cache(ro, &inp->inp_faddr6, inp->inp_rtableid)) {
ro->ro_rt = rtalloc_mpath(sin6tosa(&ro->ro_dst),
&inp->inp_laddr6.s6_addr32[0], ro->ro_tableid);
}

8
sys/netinet6/in6_src.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: in6_src.c,v 1.92 2024/02/07 23:40:40 bluhm Exp $ */
/* $OpenBSD: in6_src.c,v 1.93 2024/02/09 14:02:12 bluhm Exp $ */
/* $KAME: in6_src.c,v 1.36 2001/02/06 04:08:17 itojun Exp $ */
/*
@ -179,8 +179,7 @@ in6_pcbselsrc(const struct in6_addr **in6src, struct sockaddr_in6 *dstsock,
* If route is known or can be allocated now,
* our src addr is taken from the i/f, else punt.
*/
route6_cache(ro, dst, rtableid);
if (ro->ro_rt == NULL) {
if (route6_cache(ro, dst, rtableid)) {
ro->ro_rt = rtalloc(sin6tosa(&ro->ro_dst),
RT_RESOLVE, ro->ro_tableid);
}
@ -306,8 +305,7 @@ in6_selectroute(const struct in6_addr *dst, struct ip6_pktopts *opts,
* a new one.
*/
if (ro) {
route6_cache(ro, dst, rtableid);
if (ro->ro_rt == NULL) {
if (route6_cache(ro, dst, rtableid)) {
/* No route yet, so try to acquire one */
ro->ro_rt = rtalloc_mpath(sin6tosa(&ro->ro_dst),
NULL, ro->ro_tableid);

9
sys/sys/clockintr.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: clockintr.h,v 1.25 2024/01/24 19:23:38 cheloha Exp $ */
/* $OpenBSD: clockintr.h,v 1.26 2024/02/09 16:52:58 cheloha Exp $ */
/*
* Copyright (c) 2020-2022 Scott Cheloha <cheloha@openbsd.org>
*
@ -113,7 +113,8 @@ struct clockintr_queue {
#define CQ_INIT 0x00000001 /* clockintr_cpu_init() done */
#define CQ_INTRCLOCK 0x00000002 /* intrclock installed */
#define CQ_IGNORE_REQUEST 0x00000004 /* ignore callback requests */
#define CQ_STATE_MASK 0x00000007
#define CQ_NEED_WAKEUP 0x00000008 /* caller at barrier */
#define CQ_STATE_MASK 0x0000000f
void clockintr_cpu_init(const struct intrclock *);
int clockintr_dispatch(void *);
@ -123,12 +124,16 @@ void clockintr_trigger(void);
* Kernel API
*/
#define CL_BARRIER 0x00000001 /* block if callback is running */
#define CL_FLAG_MASK 0x00000001
uint64_t clockintr_advance(struct clockintr *, uint64_t);
void clockintr_bind(struct clockintr *, struct cpu_info *,
void (*)(struct clockrequest *, void *, void *), void *);
void clockintr_cancel(struct clockintr *);
void clockintr_schedule(struct clockintr *, uint64_t);
void clockintr_stagger(struct clockintr *, uint64_t, uint32_t, uint32_t);
void clockintr_unbind(struct clockintr *, uint32_t);
uint64_t clockrequest_advance(struct clockrequest *, uint64_t);
uint64_t clockrequest_advance_random(struct clockrequest *, uint64_t, uint32_t);
void clockqueue_init(struct clockintr_queue *);

16
usr.bin/bgplg/bgplg.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: bgplg.c,v 1.19 2018/03/05 10:53:37 denis Exp $ */
/* $OpenBSD: bgplg.c,v 1.20 2024/02/09 12:56:53 claudio Exp $ */
/*
* Copyright (c) 2005, 2006 Reyk Floeter <reyk@openbsd.org>
@ -260,17 +260,15 @@ main(void)
printf("Content-Type: %s\n"
"Cache-Control: no-cache\n\n"
"<?xml version=\"1.0\" encoding=\"ISO-8859-1\"?>\n"
"<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" "
"\"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\n"
"<html xmlns=\"http://www.w3.org/1999/xhtml\">\n"
"<!doctype html>\n"
"<html>\n"
"<head>\n"
"<title>%s</title>\n",
CONTENT_TYPE, myname);
if (stat(INC_STYLE, &st) == 0) {
printf("<style type='text/css'><!--\n");
printf("<style>\n");
lg_incl(INC_STYLE);
printf("--></style>\n");
printf("</style>\n");
}
if (stat(INC_HEAD, &st) != 0 || lg_incl(INC_HEAD) != 0) {
printf("</head>\n"
@ -308,8 +306,8 @@ main(void)
}
printf("</select>\n"
"<input type='text' value='%s' name='req'/>\n"
"<input type='submit' value='submit'/>\n"
"<input type='text' value='%s' name='req'>\n"
"<input type='submit' value='submit'>\n"
"</div>\n"
"</form>\n"
"<pre>\n", req ? req : "");

2
usr.bin/bgplg/bgplg.foot
View File

@ -1,2 +1,2 @@
</div>
<hr/>
<hr>

2
usr.bin/bgplg/bgplg.head
View File

@ -2,5 +2,5 @@
<body style="text-align: center">
<div style="margin: 0px auto; text-align: left; width: 800px;">
<a href="http://www.openbgp.org/">
<img src="/bgplg/openbgpd.gif" alt="OpenBGPD"/>
<img src="/bgplg/openbgpd.gif" alt="OpenBGPD">
</a>

7
usr.bin/bgplg/index.html
View File

@ -1,9 +1,8 @@
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<!doctype html>
<html>
<head>
<title>bgplg...</title>
<meta http-equiv="refresh" content="1; URL=/cgi-bin/bgplg"/>
<meta http-equiv="refresh" content="1; URL=/cgi-bin/bgplg">
</head>
<body>
<h1><a href="/cgi-bin/bgplg">bgplg...</a></h1>

272
usr.sbin/radiusd/radiusd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd.c,v 1.34 2024/01/08 04:16:48 yasuoka Exp $ */
/* $OpenBSD: radiusd.c,v 1.35 2024/02/09 07:46:32 yasuoka Exp $ */
/*
* Copyright (c) 2013, 2023 Internet Initiative Japan Inc.
@ -54,12 +54,14 @@ static int radiusd_start(struct radiusd *);
static void radiusd_stop(struct radiusd *);
static void radiusd_free(struct radiusd *);
static void radiusd_listen_on_event(int, short, void *);
static void radiusd_listen_handle_packet(struct radiusd_listen *,
RADIUS_PACKET *, struct sockaddr *, socklen_t);
static void radiusd_on_sigterm(int, short, void *);
static void radiusd_on_sigint(int, short, void *);
static void radiusd_on_sighup(int, short, void *);
static void radiusd_on_sigchld(int, short, void *);
static void radius_query_request(struct radius_query *);
static void radius_query_response(struct radius_query *);
static void raidus_query_access_request(struct radius_query *);
static void radius_query_access_response(struct radius_query *);
static const char *radius_code_string(int);
static int radiusd_access_response_fixup (struct radius_query *);
@ -350,19 +352,12 @@ radiusd_free(struct radiusd *radiusd)
static void
radiusd_listen_on_event(int fd, short evmask, void *ctx)
{
int i, sz, req_id, req_code;
struct radiusd_listen *listn = ctx;
static u_char buf[65535];
static char username[256];
int sz;
RADIUS_PACKET *packet = NULL;
struct sockaddr_storage peer;
socklen_t peersz;
RADIUS_PACKET *packet = NULL;
char peerstr[NI_MAXHOST + NI_MAXSERV + 30];
struct radiusd_authentication *authen;
struct radiusd_client *client;
struct radius_query *q;
#define in(_x) (((struct sockaddr_in *)_x)->sin_addr)
#define in6(_x) (((struct sockaddr_in6 *)_x)->sin6_addr)
struct radiusd_listen *listn = ctx;
static u_char buf[65535];
if (evmask & EV_READ) {
peersz = sizeof(peer);
@ -371,115 +366,128 @@ radiusd_listen_on_event(int fd, short evmask, void *ctx)
if (errno == EAGAIN)
return;
log_warn("%s: recvfrom() failed", __func__);
goto on_error;
return;
}
RADIUSD_ASSERT(peer.ss_family == AF_INET ||
peer.ss_family == AF_INET6);
/* prepare some information about this messages */
if (addrport_tostring((struct sockaddr *)&peer, peersz,
peerstr, sizeof(peerstr)) == NULL) {
log_warn("%s: getnameinfo() failed", __func__);
goto on_error;
}
if ((packet = radius_convert_packet(buf, sz)) == NULL) {
if ((packet = radius_convert_packet(buf, sz)) == NULL)
log_warn("%s: radius_convert_packet() failed",
__func__);
goto on_error;
}
req_id = radius_get_id(packet);
req_code = radius_get_code(packet);
else
radiusd_listen_handle_packet(listn, packet,
(struct sockaddr *)&peer, peersz);
}
}
/*
* Find a matching `client' entry
*/
TAILQ_FOREACH(client, &listn->radiusd->client, next) {
if (client->af != peer.ss_family)
continue;
if (peer.ss_family == AF_INET &&
IPv4_cmp(&((struct sockaddr_in *)&peer)->sin_addr,
&client->addr, &client->mask))
break;
else if (peer.ss_family == AF_INET6 &&
IPv6_cmp(&((struct sockaddr_in6 *)&peer)->sin6_addr,
&client->addr, &client->mask))
break;
}
if (client == NULL) {
log_warnx("Received %s(code=%d) from %s id=%d: "
"no `client' matches", radius_code_string(req_code),
req_code, peerstr, req_id);
goto on_error;
}
static void
radiusd_listen_handle_packet(struct radiusd_listen *listn,
RADIUS_PACKET *packet, struct sockaddr *peer, socklen_t peerlen)
{
int i, req_id, req_code;
static char username[256];
char peerstr[NI_MAXHOST + NI_MAXSERV + 30];
struct radiusd_authentication *authen;
struct radiusd_client *client;
struct radius_query *q = NULL;
#define in(_x) (((struct sockaddr_in *)_x)->sin_addr)
#define in6(_x) (((struct sockaddr_in6 *)_x)->sin6_addr)
/* Check the client's Message-Authenticator */
if (client->msgauth_required &&
!radius_has_attr(packet,
RADIUS_TYPE_MESSAGE_AUTHENTICATOR)) {
log_warnx("Received %s(code=%d) from %s id=%d: "
"no message authenticator",
radius_code_string(req_code), req_code, peerstr,
req_id);
goto on_error;
}
req_id = radius_get_id(packet);
req_code = radius_get_code(packet);
/* prepare some information about this messages */
if (addrport_tostring(peer, peerlen, peerstr, sizeof(peerstr)) ==
NULL) {
log_warn("%s: getnameinfo() failed", __func__);
goto on_error;
}
if (radius_has_attr(packet,
RADIUS_TYPE_MESSAGE_AUTHENTICATOR) &&
radius_check_message_authenticator(packet, client->secret)
!= 0) {
log_warnx("Received %s(code=%d) from %s id=%d: "
"bad message authenticator",
radius_code_string(req_code), req_code, peerstr,
req_id);
goto on_error;
}
/*
* Find a matching `client' entry
*/
TAILQ_FOREACH(client, &listn->radiusd->client, next) {
if (client->af != peer->sa_family)
continue;
if (peer->sa_family == AF_INET && IPv4_cmp(
&in(peer), &client->addr, &client->mask))
break;
else if (peer->sa_family == AF_INET6 && IPv6_cmp(
&in6(peer), &client->addr, &client->mask))
break;
}
if (client == NULL) {
log_warnx("Received %s(code=%d) from %s id=%d: no `client' "
"matches", radius_code_string(req_code), req_code, peerstr,
req_id);
goto on_error;
}
/*
* Find a duplicate request. In RFC 2865, it has the same
* source IP address and source UDP port and Identifier.
*/
TAILQ_FOREACH(q, &listn->radiusd->query, next) {
if (peer.ss_family == q->clientaddr.ss_family &&
((peer.ss_family == AF_INET &&
in(&q->clientaddr).s_addr ==
in(&peer).s_addr) ||
(peer.ss_family == AF_INET6 &&
IN6_ARE_ADDR_EQUAL(
&in6(&q->clientaddr), &in6(&peer)))) &&
((struct sockaddr_in *)&q->clientaddr)->sin_port ==
((struct sockaddr_in *)&peer)->sin_port &&
req_id == q->req_id)
break; /* found it */
}
if (q != NULL) {
log_info("Received %s(code=%d) from %s id=%d: "
"duplicate request by q=%u",
radius_code_string(req_code), req_code, peerstr,
req_id, q->id);
/* XXX RFC 5080 suggests to answer the cached result */
goto on_error;
}
/* Check the client's Message-Authenticator */
if (client->msgauth_required && !radius_has_attr(packet,
RADIUS_TYPE_MESSAGE_AUTHENTICATOR)) {
log_warnx("Received %s(code=%d) from %s id=%d: no message "
"authenticator", radius_code_string(req_code), req_code,
peerstr, req_id);
goto on_error;
}
/* FIXME: we can support other request codes */
if (req_code != RADIUS_CODE_ACCESS_REQUEST) {
log_info("Received %s(code=%d) from %s id=%d: %s "
"is not supported in this implementation",
radius_code_string(req_code), req_code, peerstr,
req_id, radius_code_string(req_code));
goto on_error;
}
if (radius_has_attr(packet, RADIUS_TYPE_MESSAGE_AUTHENTICATOR) &&
radius_check_message_authenticator(packet, client->secret) != 0) {
log_warnx("Received %s(code=%d) from %s id=%d: bad message "
"authenticator", radius_code_string(req_code), req_code,
peerstr, req_id);
goto on_error;
}
/*
* Find a duplicate request. In RFC 2865, it has the same source IP
* address and source UDP port and Identifier.
*/
TAILQ_FOREACH(q, &listn->radiusd->query, next) {
if (peer->sa_family == q->clientaddr.ss_family &&
((peer->sa_family == AF_INET && in(&q->clientaddr).s_addr ==
in(peer).s_addr) || (peer->sa_family == AF_INET6 &&
IN6_ARE_ADDR_EQUAL(&in6(&q->clientaddr), &in6(peer)))) &&
((struct sockaddr_in *)&q->clientaddr)->sin_port ==
((struct sockaddr_in *)peer)->sin_port &&
req_id == q->req_id)
break; /* found it */
}
if (q != NULL) {
log_info("Received %s(code=%d) from %s id=%d: duplicate "
"request by q=%u", radius_code_string(req_code), req_code,
peerstr, req_id, q->id);
/* XXX RFC 5080 suggests to answer the cached result */
goto on_error;
}
if ((q = calloc(1, sizeof(struct radius_query))) == NULL) {
log_warn("%s: Out of memory", __func__);
goto on_error;
}
if (radius_get_string_attr(packet, RADIUS_TYPE_USER_NAME, username,
sizeof(username)) != 0) {
log_info("Received %s(code=%d) from %s id=%d: no User-Name "
"attribute", radius_code_string(req_code), req_code,
peerstr, req_id);
} else
strlcpy(q->username, username, sizeof(q->username));
q->id = ++radius_query_id_seq;
q->clientaddrlen = peerlen;
memcpy(&q->clientaddr, peer, peerlen);
q->listen = listn;
q->req = packet;
q->client = client;
q->req_id = req_id;
radius_get_authenticator(packet, q->req_auth);
packet = NULL;
TAILQ_INSERT_TAIL(&listn->radiusd->query, q, next);
switch (req_code) {
case RADIUS_CODE_ACCESS_REQUEST:
/*
* Find a matching `authenticate' entry
*/
if (radius_get_string_attr(packet, RADIUS_TYPE_USER_NAME,
username, sizeof(username)) != 0) {
log_info("Received %s(code=%d) from %s id=%d: "
"no User-Name attribute",
radius_code_string(req_code), req_code, peerstr,
req_id);
goto on_error;
}
TAILQ_FOREACH(authen, &listn->radiusd->authen, next) {
for (i = 0; authen->username[i] != NULL; i++) {
if (fnmatch(authen->username[i], username, 0)
@ -487,7 +495,7 @@ radiusd_listen_on_event(int fd, short evmask, void *ctx)
goto found;
}
}
found:
found:
if (authen == NULL) {
log_warnx("Received %s(code=%d) from %s id=%d "
"username=%s: no `authenticate' matches.",
@ -495,7 +503,7 @@ found:
req_id, username);
goto on_error;
}
RADIUSD_ASSERT(authen->auth != NULL);
q->authen = authen;
if (!MODULE_DO_USERPASS(authen->auth->module) &&
!MODULE_DO_ACCSREQ(authen->auth->module)) {
@ -505,42 +513,32 @@ found:
req_id, username, authen->auth->module->name);
goto on_error;
}
if ((q = calloc(1, sizeof(struct radius_query))) == NULL) {
log_warn("%s: Out of memory", __func__);
goto on_error;
}
memcpy(&q->clientaddr, &peer, peersz);
strlcpy(q->username, username, sizeof(q->username));
q->id = ++radius_query_id_seq;
q->clientaddrlen = peersz;
q->authen = authen;
q->listen = listn;
q->req = packet;
q->client = client;
q->req_id = req_id;
radius_get_authenticator(packet, q->req_auth);
log_info("Received %s(code=%d) from %s id=%d username=%s "
"q=%u: `%s' authentication is starting",
radius_code_string(req_code), req_code, peerstr, q->req_id,
q->username, q->id, q->authen->auth->module->name);
TAILQ_INSERT_TAIL(&listn->radiusd->query, q, next);
radius_query_request(q);
raidus_query_access_request(q);
return;
default:
log_info("Received %s(code=%d) from %s id=%d: %s is not "
"supported in this implementation", radius_code_string(
req_code), req_code, peerstr, req_id, radius_code_string(
req_code));
break;
}
on_error:
if (packet != NULL)
radius_delete_packet(packet);
if (q != NULL)
radiusd_access_request_aborted(q);
#undef in
#undef in6
return;
}
static void
radius_query_request(struct radius_query *q)
raidus_query_access_request(struct radius_query *q)
{
struct radiusd_authentication *authen = q->authen;
@ -566,7 +564,7 @@ radius_query_request(struct radius_query *q)
}
static void
radius_query_response(struct radius_query *q)
radius_query_access_response(struct radius_query *q)
{
int sz, res_id, res_code;
char buf[NI_MAXHOST + NI_MAXSERV + 30];
@ -609,7 +607,6 @@ radius_query_response(struct radius_query *q)
log_warn("Sending a RADIUS response failed");
on_error:
radiusd_access_request_aborted(q);
}
/***********************************************************************
@ -643,7 +640,7 @@ radiusd_access_request_answer(struct radius_query *q)
}
RADIUSD_ASSERT(q->deco == NULL);
radius_query_response(q);
radius_query_access_response(q);
return;
on_error:
@ -957,7 +954,8 @@ radiusd_module_load(struct radiusd *radiusd, const char *path, const char *name)
goto on_error;
}
if (fcntl(module->fd, F_SETFL, ival | O_NONBLOCK) == -1) {
log_warn("Could not load module `%s': fcntl(F_SETFL,O_NONBLOCK)",
log_warn(
"Could not load module `%s': fcntl(F_SETFL,O_NONBLOCK)",
name);
goto on_error;
}
@ -1281,7 +1279,7 @@ radiusd_module_imsg(struct radiusd_module *module, struct imsg *imsg)
radius_delete_packet(q->req);
q->req = radpkt;
}
radius_query_request(q);
raidus_query_access_request(q);
break;
case IMSG_RADIUSD_MODULE_ACCSREQ_ANSWER:
if (radpkt == NULL) {
@ -1299,7 +1297,7 @@ radiusd_module_imsg(struct radiusd_module *module, struct imsg *imsg)
q->req);
q->res = radpkt;
}
radius_query_response(q);
radius_query_access_response(q);
break;
}
}

4
usr.sbin/radiusd/radiusd_bsdauth.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd_bsdauth.c,v 1.15 2023/08/18 06:12:27 yasuoka Exp $ */
/* $OpenBSD: radiusd_bsdauth.c,v 1.16 2024/02/09 07:41:32 yasuoka Exp $ */
/*
* Copyright (c) 2015 YASUOKA Masahiko <yasuoka@yasuoka.net>
@ -247,7 +247,7 @@ module_bsdauth_main(void)
&module_bsdauth_handlers)) == NULL)
err(1, "Could not create a module instance");
module_drop_privilege(module_bsdauth.base);
module_drop_privilege(module_bsdauth.base, 0);
module_load(module_bsdauth.base);
imsg_init(&module_bsdauth.ibuf, 3);

6
usr.sbin/radiusd/radiusd_module.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd_module.c,v 1.15 2024/01/08 04:16:48 yasuoka Exp $ */
/* $OpenBSD: radiusd_module.c,v 1.16 2024/02/09 07:41:32 yasuoka Exp $ */
/*
* Copyright (c) 2015 YASUOKA Masahiko <yasuoka@yasuoka.net>
@ -162,7 +162,7 @@ module_load(struct module_base *base)
}
void
module_drop_privilege(struct module_base *base)
module_drop_privilege(struct module_base *base, int nochroot)
{
struct passwd *pw;
@ -171,7 +171,7 @@ module_drop_privilege(struct module_base *base)
/* Drop the privilege */
if ((pw = getpwnam(RADIUSD_USER)) == NULL)
goto on_fail;
if (chroot(pw->pw_dir) == -1)
if (nochroot == 0 && chroot(pw->pw_dir) == -1)
goto on_fail;
if (chdir("/") == -1)
goto on_fail;

2
usr.sbin/radiusd/radiusd_module.h
View File

@ -60,7 +60,7 @@ void module_stop(struct module_base *);
int module_run(struct module_base *);
void module_destroy(struct module_base *);
void module_load(struct module_base *);
void module_drop_privilege(struct module_base *);
void module_drop_privilege(struct module_base *, int);
int module_notify_secret(struct module_base *,
const char *);
int module_send_message(struct module_base *, uint32_t,

4
usr.sbin/radiusd/radiusd_radius.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd_radius.c,v 1.19 2023/09/04 10:49:20 yasuoka Exp $ */
/* $OpenBSD: radiusd_radius.c,v 1.20 2024/02/09 07:41:32 yasuoka Exp $ */
/*
* Copyright (c) 2013 Internet Initiative Japan Inc.
@ -125,7 +125,7 @@ main(int argc, char *argv[])
if ((module_radius.base = module_create(
STDIN_FILENO, &module_radius, &module_radius_handlers)) == NULL)
err(1, "Could not create a module instance");
module_drop_privilege(module_radius.base);
module_drop_privilege(module_radius.base, 0);
setproctitle("[main]");
module_load(module_radius.base);

4
usr.sbin/radiusd/radiusd_standard.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd_standard.c,v 1.3 2024/02/06 10:53:20 yasuoka Exp $ */
/* $OpenBSD: radiusd_standard.c,v 1.4 2024/02/09 07:41:32 yasuoka Exp $ */
/*
* Copyright (c) 2013, 2023 Internet Initiative Japan Inc.
@ -74,7 +74,7 @@ main(int argc, char *argv[])
STDIN_FILENO, &module_standard, &handlers)) == NULL)
err(1, "Could not create a module instance");
module_drop_privilege(module_standard.base);
module_drop_privilege(module_standard.base, 0);
if (pledge("stdio", NULL) == -1)
err(1, "pledge");

4
usr.sbin/rpki-client/version.h
View File

@ -1,3 +1,3 @@
/* $OpenBSD: version.h,v 1.20 2023/12/29 18:52:11 tb Exp $ */
/* $OpenBSD: version.h,v 1.21 2024/02/09 13:49:41 job Exp $ */
#define RPKI_VERSION "8.8"
#define RPKI_VERSION "8.9"

6
usr.sbin/vmd/i8253.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: i8253.c,v 1.38 2023/10/25 12:44:28 dv Exp $ */
/* $OpenBSD: i8253.c,v 1.39 2024/02/09 14:35:47 dv Exp $ */
/*
* Copyright (c) 2016 Mike Larkin <mlarkin@openbsd.org>
*
@ -298,8 +298,8 @@ vcpu_exit_i8253(struct vm_run_params *vrp)
if (i8253_channel[sel].start == 0)
i8253_channel[sel].start = 0xffff;
log_debug("%s: channel %d reset, mode=%d, "
"start=%d", __func__,
DPRINTF("%s: channel %d reset, mode=%d, "
"start=%d\n", __func__,
sel, i8253_channel[sel].mode,
i8253_channel[sel].start);

12
usr.sbin/vmd/vionet.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: vionet.c,v 1.10 2024/02/05 21:58:09 dv Exp $ */
/* $OpenBSD: vionet.c,v 1.12 2024/02/10 02:19:12 dv Exp $ */
/*
* Copyright (c) 2023 Dave Voutila <dv@openbsd.org>
@ -514,8 +514,9 @@ vionet_rx_copy(struct vionet_dev *dev, int fd, const struct iovec *iov,
/* If reading the tap(4), we should get valid ethernet. */
log_warnx("%s: invalid packet size", __func__);
return (0);
} else if (sz != sizeof(struct packet)) {
log_warnx("%s: invalid injected packet object", __func__);
} else if (fd == pipe_inject[READ] && sz != sizeof(struct packet)) {
log_warnx("%s: invalid injected packet object (sz=%ld)",
__func__, sz);
return (0);
}
@ -764,8 +765,9 @@ vionet_notify_tx(struct virtio_dev *dev)
if (vionet->local) {
dhcpsz = dhcp_request(dev, iov->iov_base, iov->iov_len,
&dhcppkt);
log_debug("%s: detected dhcp request of %zu bytes",
__func__, dhcpsz);
if (dhcpsz > 0)
log_debug("%s: detected dhcp request of %zu bytes",
__func__, dhcpsz);
}
/* Write our packet to the tap(4). */

26
usr.sbin/vmd/virtio.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: virtio.c,v 1.111 2024/02/05 21:58:09 dv Exp $ */
/* $OpenBSD: virtio.c,v 1.112 2024/02/10 02:10:41 dv Exp $ */
/*
* Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@ -1301,8 +1301,8 @@ virtio_dev_launch(struct vmd_vm *vm, struct virtio_dev *dev)
{
char *nargv[12], num[32], vmm_fd[32], vm_name[VM_NAME_MAX], t[2];
pid_t dev_pid;
int data_fds[VM_MAX_BASE_PER_DISK], sync_fds[2], async_fds[2], ret = 0;
size_t i, data_fds_sz, sz = 0;
int sync_fds[2], async_fds[2], ret = 0;
size_t sz = 0;
struct viodev_msg msg;
struct virtio_dev *dev_entry;
struct imsg imsg;
@ -1310,14 +1310,10 @@ virtio_dev_launch(struct vmd_vm *vm, struct virtio_dev *dev)
switch (dev->dev_type) {
case VMD_DEVTYPE_NET:
data_fds[0] = dev->vionet.data_fd;
data_fds_sz = 1;
log_debug("%s: launching vionet%d",
vm->vm_params.vmc_params.vcp_name, dev->vionet.idx);
break;
case VMD_DEVTYPE_DISK:
memcpy(&data_fds, dev->vioblk.disk_fd, sizeof(data_fds));
data_fds_sz = dev->vioblk.ndisk_fd;
log_debug("%s: launching vioblk%d",
vm->vm_params.vmc_params.vcp_name, dev->vioblk.idx);
break;
@ -1359,10 +1355,6 @@ virtio_dev_launch(struct vmd_vm *vm, struct virtio_dev *dev)
dev->sync_fd = sync_fds[1];
dev->async_fd = async_fds[1];
/* Close data fds. Only the child device needs them now. */
for (i = 0; i < data_fds_sz; i++)
close_fd(data_fds[i]);
/* 1. Send over our configured device. */
log_debug("%s: sending '%c' type device struct", __func__,
dev->dev_type);
@ -1373,6 +1365,13 @@ virtio_dev_launch(struct vmd_vm *vm, struct virtio_dev *dev)
goto err;
}
/* Close data fds. Only the child device needs them now. */
if (virtio_dev_closefds(dev) == -1) {
log_warnx("%s: failed to close device data fds",
__func__);
goto err;
}
/* 2. Send over details on the VM (including memory fds). */
log_debug("%s: sending vm message for '%s'", __func__,
vm->vm_params.vmc_params.vcp_name);
@ -1775,5 +1774,10 @@ virtio_dev_closefds(struct virtio_dev *dev)
return (-1);
}
close_fd(dev->async_fd);
dev->async_fd = -1;
close_fd(dev->sync_fd);
dev->sync_fd = -1;
return (0);
}