From 5f899da0da7c8aa7979db7e23b0fa48ca9e755e7 Mon Sep 17 00:00:00 2001 From: purplerain Date: Fri, 18 Oct 2024 17:00:07 +0000 Subject: [PATCH] sync with OpenBSD -current --- lib/libcrypto/Makefile | 4 +- lib/libcrypto/arch/amd64/Makefile.inc | 12 +- lib/libcrypto/arch/amd64/crypto_arch.h | 4 +- lib/libcrypto/arch/amd64/crypto_cpu_caps.c | 114 ++++ lib/libcrypto/arch/i386/Makefile.inc | 12 +- lib/libcrypto/arch/i386/crypto_arch.h | 4 +- lib/libcrypto/arch/i386/crypto_cpu_caps.c | 114 ++++ lib/libcrypto/conf/conf_local.h | 4 +- lib/libcrypto/conf/conf_mall.c | 69 --- lib/libcrypto/conf/conf_sap.c | 7 +- lib/libcrypto/cryptlib.c | 16 +- lib/libcrypto/crypto_init.c | 7 +- lib/libcrypto/crypto_internal.h | 4 +- lib/libcrypto/ec/ec_asn1.c | 242 +++++---- lib/libcrypto/ec/ec_cvt.c | 103 ---- lib/libcrypto/ec/ec_lib.c | 23 +- lib/libcrypto/x86_64cpuid.pl | 147 ------ lib/libcrypto/x86_arch.h | 7 +- lib/libssl/ssl_seclevel.c | 52 +- regress/lib/libcrypto/ec/ec_asn1_test.c | 492 ++++++++++++++---- sys/arch/arm64/arm64/cpuswitch.S | 4 +- sys/dev/fdt/bcm2835_dmac.c | 4 +- sys/dev/fdt/qciic_fdt.c | 5 +- sys/dev/i2c/ihidev.c | 19 +- .../pci/drm/amd/display/dc/core/amdgpu_dc.c | 2 +- .../display/modules/hdcp/hdcp1_execution.c | 27 +- sys/dev/pci/drm/drm_crtc.c | 1 + sys/dev/pci/drm/i915/display/intel_hdcp.c | 10 +- sys/dev/pci/pcidevs | 37 +- sys/dev/pci/pcidevs.h | 37 +- sys/dev/pci/pcidevs_data.h | 94 +++- sys/dev/pci/vga_pci_common.c | 20 +- sys/isofs/cd9660/cd9660_vnops.c | 4 +- sys/isofs/udf/udf_vnops.c | 4 +- sys/kern/kern_sig.c | 21 +- sys/kern/kern_synch.c | 4 +- sys/kern/spec_vnops.c | 4 +- sys/kern/vfs_subr.c | 9 +- sys/kern/vfs_sync.c | 4 +- sys/kern/vfs_vops.c | 4 +- sys/miscfs/deadfs/dead_vnops.c | 4 +- sys/miscfs/fifofs/fifo_vnops.c | 6 +- sys/miscfs/fuse/fuse_vnops.c | 4 +- sys/msdosfs/msdosfs_vfsops.c | 4 +- sys/msdosfs/msdosfs_vnops.c | 4 +- sys/net/if.c | 4 +- sys/netinet6/nd6.h | 4 +- sys/nfs/nfs_vnops.c | 4 +- sys/ntfs/ntfs_vnops.c | 4 +- sys/sys/signalvar.h | 4 +- sys/tmpfs/tmpfs_vnops.c | 4 +- sys/ufs/mfs/mfs_vfsops.c | 4 +- sys/ufs/mfs/mfs_vnops.c | 4 +- sys/ufs/ufs/ufs_vnops.c | 7 +- usr.bin/ssh/addr.c | 22 +- usr.bin/ssh/addr.h | 11 - usr.bin/ssh/ssh-keygen.c | 10 +- usr.bin/ssh/ssh-keyscan.c | 16 +- usr.bin/ssh/ssh-keyscan/Makefile | 4 +- usr.bin/ssh/ssh.c | 4 +- usr.bin/ssh/ssh_api.c | 25 +- usr.bin/ssh/ssh_config.5 | 27 +- usr.bin/ssh/sshconnect2.c | 8 +- usr.bin/ssh/sshd_config.5 | 8 +- usr.bin/tmux/menu.c | 3 +- usr.bin/tmux/tmux.1 | 21 +- usr.bin/xinstall/xinstall.c | 12 +- 67 files changed, 1194 insertions(+), 789 deletions(-) create mode 100644 lib/libcrypto/arch/amd64/crypto_cpu_caps.c create mode 100644 lib/libcrypto/arch/i386/crypto_cpu_caps.c delete mode 100644 lib/libcrypto/conf/conf_mall.c delete mode 100644 lib/libcrypto/ec/ec_cvt.c delete mode 100644 lib/libcrypto/x86_64cpuid.pl diff --git a/lib/libcrypto/Makefile b/lib/libcrypto/Makefile index dfbb38b84..d3be27ade 100644 --- a/lib/libcrypto/Makefile +++ b/lib/libcrypto/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.211 2024/08/31 15:56:09 jsing Exp $ +# $OpenBSD: Makefile,v 1.213 2024/10/18 11:12:10 tb Exp $ LIB= crypto LIBREBUILD=y @@ -230,7 +230,6 @@ SRCS+= conf_api.c SRCS+= conf_def.c SRCS+= conf_err.c SRCS+= conf_lib.c -SRCS+= conf_mall.c SRCS+= conf_mod.c SRCS+= conf_sap.c @@ -284,7 +283,6 @@ SRCS+= ec_ameth.c SRCS+= ec_asn1.c SRCS+= ec_check.c SRCS+= ec_curve.c -SRCS+= ec_cvt.c SRCS+= ec_err.c SRCS+= ec_key.c SRCS+= ec_kmeth.c diff --git a/lib/libcrypto/arch/amd64/Makefile.inc b/lib/libcrypto/arch/amd64/Makefile.inc index dd136f76a..2f41f4438 100644 --- a/lib/libcrypto/arch/amd64/Makefile.inc +++ b/lib/libcrypto/arch/amd64/Makefile.inc @@ -1,10 +1,12 @@ -# $OpenBSD: Makefile.inc,v 1.29 2024/08/11 13:02:39 jsing Exp $ +# $OpenBSD: Makefile.inc,v 1.30 2024/10/18 13:36:24 jsing Exp $ # amd64-specific libcrypto build rules # all amd64 code generators use this EXTRA_PL = ${LCRYPTO_SRC}/perlasm/x86_64-xlate.pl +SRCS += crypto_cpu_caps.c + # aes CFLAGS+= -DAES_ASM SSLASM+= aes aes-x86_64 @@ -69,12 +71,4 @@ ${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl ${EXTRA_PL} /usr/bin/perl ./asm/${f}.pl openbsd) > ${.TARGET} .endfor -CFLAGS+= -DOPENSSL_CPUID_OBJ -SRCS+= x86_64cpuid.S -GENERATED+=x86_64cpuid.S - -x86_64cpuid.S: ${LCRYPTO_SRC}/x86_64cpuid.pl ${EXTRA_PL} - (cd ${LCRYPTO_SRC}/${dir} ; \ - /usr/bin/perl ./x86_64cpuid.pl) > ${.TARGET} - CFLAGS+=-fret-clean diff --git a/lib/libcrypto/arch/amd64/crypto_arch.h b/lib/libcrypto/arch/amd64/crypto_arch.h index 8e91c2552..6feeaa209 100644 --- a/lib/libcrypto/arch/amd64/crypto_arch.h +++ b/lib/libcrypto/arch/amd64/crypto_arch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_arch.h,v 1.1 2024/08/11 13:02:39 jsing Exp $ */ +/* $OpenBSD: crypto_arch.h,v 1.2 2024/10/18 13:36:24 jsing Exp $ */ /* * Copyright (c) 2024 Joel Sing * @@ -18,6 +18,8 @@ #ifndef HEADER_CRYPTO_ARCH_H #define HEADER_CRYPTO_ARCH_H +#define HAVE_CRYPTO_CPU_CAPS_INIT + #ifndef OPENSSL_NO_ASM #define HAVE_AES_CBC_ENCRYPT_INTERNAL diff --git a/lib/libcrypto/arch/amd64/crypto_cpu_caps.c b/lib/libcrypto/arch/amd64/crypto_cpu_caps.c new file mode 100644 index 000000000..8cbf24edb --- /dev/null +++ b/lib/libcrypto/arch/amd64/crypto_cpu_caps.c @@ -0,0 +1,114 @@ +/* $OpenBSD: crypto_cpu_caps.c,v 1.1 2024/10/18 13:36:24 jsing Exp $ */ +/* + * Copyright (c) 2024 Joel Sing + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include + +#include "x86_arch.h" + +/* Legacy architecture specific capabilities, used by perlasm. */ +extern uint64_t OPENSSL_ia32cap_P; + +/* Machine independent CPU capabilities. */ +extern uint64_t crypto_cpu_caps; + +static inline void +cpuid(uint32_t eax, uint32_t *out_eax, uint32_t *out_ebx, uint32_t *out_ecx, + uint32_t *out_edx) +{ + uint32_t ebx = 0, ecx = 0, edx = 0; + +#ifndef OPENSSL_NO_ASM + __asm__ ("cpuid": "+a"(eax), "+b"(ebx), "+c"(ecx), "+d"(edx)); +#else + eax = 0; +#endif + + if (out_eax != NULL) + *out_eax = eax; + if (out_ebx != NULL) + *out_ebx = ebx; + if (out_ebx != NULL) + *out_ecx = ecx; + if (out_edx != NULL) + *out_edx = edx; +} + +static inline void +xgetbv(uint32_t ecx, uint32_t *out_eax, uint32_t *out_edx) +{ + uint32_t eax = 0, edx = 0; + +#ifndef OPENSSL_NO_ASM + __asm__ ("xgetbv": "+a"(eax), "+c"(ecx), "+d"(edx)); +#endif + + if (out_eax != NULL) + *out_eax = eax; + if (out_edx != NULL) + *out_edx = edx; +} + +void +crypto_cpu_caps_init(void) +{ + uint32_t eax, ebx, ecx, edx; + uint64_t caps = 0; + + cpuid(0, &eax, &ebx, &ecx, &edx); + + /* "GenuineIntel" in little endian. */ + if (ebx == 0x756e6547 && edx == 0x49656e69 && ecx == 0x6c65746e) + caps |= CPUCAP_MASK_INTEL; + + if (eax < 1) + return; + + cpuid(1, &eax, &ebx, &ecx, &edx); + + if ((edx & IA32CAP_MASK0_FXSR) != 0) + caps |= CPUCAP_MASK_FXSR; + if ((edx & IA32CAP_MASK0_HT) != 0) + caps |= CPUCAP_MASK_HT; + if ((edx & IA32CAP_MASK0_MMX) != 0) + caps |= CPUCAP_MASK_MMX; + if ((edx & IA32CAP_MASK0_SSE) != 0) + caps |= CPUCAP_MASK_SSE; + if ((edx & IA32CAP_MASK0_SSE2) != 0) + caps |= CPUCAP_MASK_SSE2; + + if ((ecx & IA32CAP_MASK1_AESNI) != 0) + caps |= CPUCAP_MASK_AESNI; + if ((ecx & IA32CAP_MASK1_PCLMUL) != 0) + caps |= CPUCAP_MASK_PCLMUL; + if ((ecx & IA32CAP_MASK1_SSSE3) != 0) + caps |= CPUCAP_MASK_SSSE3; + + /* AVX requires OSXSAVE and XMM/YMM state to be enabled. */ + if ((ecx & IA32CAP_MASK1_OSXSAVE) != 0) { + xgetbv(0, &eax, NULL); + if (((eax >> 1) & 3) == 3 && (ecx & IA32CAP_MASK1_AVX) != 0) + caps |= CPUCAP_MASK_AVX; + } + + /* Set machine independent CPU capabilities. */ + if ((caps & CPUCAP_MASK_AESNI) != 0) + crypto_cpu_caps |= CRYPTO_CPU_CAPS_ACCELERATED_AES; + + OPENSSL_ia32cap_P = caps; +} diff --git a/lib/libcrypto/arch/i386/Makefile.inc b/lib/libcrypto/arch/i386/Makefile.inc index eeaed44f8..210130470 100644 --- a/lib/libcrypto/arch/i386/Makefile.inc +++ b/lib/libcrypto/arch/i386/Makefile.inc @@ -1,10 +1,12 @@ -# $OpenBSD: Makefile.inc,v 1.25 2024/08/11 13:02:39 jsing Exp $ +# $OpenBSD: Makefile.inc,v 1.26 2024/10/18 14:44:02 jsing Exp $ # i386-specific libcrypto build rules # all i386 code generators use these EXTRA_PL = ${LCRYPTO_SRC}/perlasm/x86gas.pl ${LCRYPTO_SRC}/perlasm/x86asm.pl +SRCS += crypto_cpu_caps.c + # aes CFLAGS+= -DAES_ASM SSLASM+= aes aes-586 @@ -41,11 +43,3 @@ ${f}.S: ${LCRYPTO_SRC}/${dir}/asm/${f}.pl ${EXTRA_PL} ${LCRYPTO_SRC}/${dir}/asm/${f}.pl \ openbsd-elf ${CFLAGS} 386 ${PICFLAG} > ${.TARGET} .endfor - -CFLAGS+= -DOPENSSL_CPUID_OBJ -SRCS+= x86cpuid.S -GENERATED+=x86cpuid.S - -x86cpuid.S: ${LCRYPTO_SRC}/x86cpuid.pl ${EXTRA_PL} - /usr/bin/perl -I${LCRYPTO_SRC}/perlasm ${LCRYPTO_SRC}/x86cpuid.pl \ - openbsd-elf ${CFLAGS} 386 ${PICFLAG} > ${.TARGET} diff --git a/lib/libcrypto/arch/i386/crypto_arch.h b/lib/libcrypto/arch/i386/crypto_arch.h index 8e91c2552..d566d8064 100644 --- a/lib/libcrypto/arch/i386/crypto_arch.h +++ b/lib/libcrypto/arch/i386/crypto_arch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_arch.h,v 1.1 2024/08/11 13:02:39 jsing Exp $ */ +/* $OpenBSD: crypto_arch.h,v 1.2 2024/10/18 14:44:02 jsing Exp $ */ /* * Copyright (c) 2024 Joel Sing * @@ -18,6 +18,8 @@ #ifndef HEADER_CRYPTO_ARCH_H #define HEADER_CRYPTO_ARCH_H +#define HAVE_CRYPTO_CPU_CAPS_INIT + #ifndef OPENSSL_NO_ASM #define HAVE_AES_CBC_ENCRYPT_INTERNAL diff --git a/lib/libcrypto/arch/i386/crypto_cpu_caps.c b/lib/libcrypto/arch/i386/crypto_cpu_caps.c new file mode 100644 index 000000000..e5b36a15c --- /dev/null +++ b/lib/libcrypto/arch/i386/crypto_cpu_caps.c @@ -0,0 +1,114 @@ +/* $OpenBSD: crypto_cpu_caps.c,v 1.1 2024/10/18 14:44:02 jsing Exp $ */ +/* + * Copyright (c) 2024 Joel Sing + * + * Permission to use, copy, modify, and distribute this software for any + * purpose with or without fee is hereby granted, provided that the above + * copyright notice and this permission notice appear in all copies. + * + * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES + * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF + * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR + * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES + * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN + * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF + * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + */ + +#include + +#include + +#include "x86_arch.h" + +/* Legacy architecture specific capabilities, used by perlasm. */ +extern uint64_t OPENSSL_ia32cap_P; + +/* Machine independent CPU capabilities. */ +extern uint64_t crypto_cpu_caps; + +static inline void +cpuid(uint32_t eax, uint32_t *out_eax, uint32_t *out_ebx, uint32_t *out_ecx, + uint32_t *out_edx) +{ + uint32_t ebx = 0, ecx = 0, edx = 0; + +#ifndef OPENSSL_NO_ASM + __asm__ ("cpuid": "+a"(eax), "+b"(ebx), "+c"(ecx), "+d"(edx)); +#else + eax = 0; +#endif + + if (out_eax != NULL) + *out_eax = eax; + if (out_ebx != NULL) + *out_ebx = ebx; + if (out_ebx != NULL) + *out_ecx = ecx; + if (out_edx != NULL) + *out_edx = edx; +} + +static inline void +xgetbv(uint32_t ecx, uint32_t *out_eax, uint32_t *out_edx) +{ + uint32_t eax = 0, edx = 0; + +#ifndef OPENSSL_NO_ASM + __asm__ ("xgetbv": "+a"(eax), "+c"(ecx), "+d"(edx)); +#endif + + if (out_eax != NULL) + *out_eax = eax; + if (out_edx != NULL) + *out_edx = edx; +} + +void +crypto_cpu_caps_init(void) +{ + uint32_t eax, ebx, ecx, edx; + uint64_t caps = 0; + + cpuid(0, &eax, &ebx, &ecx, &edx); + + /* "GenuineIntel" in little endian. */ + if (ebx == 0x756e6547 && edx == 0x49656e69 && ecx == 0x6c65746e) + caps |= CPUCAP_MASK_INTEL; + + if (eax < 1) + return; + + cpuid(1, &eax, &ebx, &ecx, &edx); + + if ((edx & IA32CAP_MASK0_FXSR) != 0) + caps |= CPUCAP_MASK_FXSR; + if ((edx & IA32CAP_MASK0_HT) != 0) + caps |= CPUCAP_MASK_HT; + if ((edx & IA32CAP_MASK0_MMX) != 0) + caps |= CPUCAP_MASK_MMX; + if ((edx & IA32CAP_MASK0_SSE) != 0) + caps |= CPUCAP_MASK_SSE; + if ((edx & IA32CAP_MASK0_SSE2) != 0) + caps |= CPUCAP_MASK_SSE2; + + if ((ecx & IA32CAP_MASK1_AESNI) != 0) + caps |= CPUCAP_MASK_AESNI; + if ((ecx & IA32CAP_MASK1_PCLMUL) != 0) + caps |= CPUCAP_MASK_PCLMUL; + if ((ecx & IA32CAP_MASK1_SSSE3) != 0) + caps |= CPUCAP_MASK_SSSE3; + + /* AVX requires OSXSAVE and XMM/YMM state to be enabled. */ + if ((ecx & IA32CAP_MASK1_OSXSAVE) != 0) { + xgetbv(0, &eax, NULL); + if (((eax >> 1) & 3) == 3 && (ecx & IA32CAP_MASK1_AVX) != 0) + caps |= CPUCAP_MASK_AVX; + } + + /* Set machine independent CPU capabilities. */ + if ((caps & CPUCAP_MASK_AESNI) != 0) + crypto_cpu_caps |= CRYPTO_CPU_CAPS_ACCELERATED_AES; + + OPENSSL_ia32cap_P = caps; +} diff --git a/lib/libcrypto/conf/conf_local.h b/lib/libcrypto/conf/conf_local.h index e22c1180b..c3c6b2292 100644 --- a/lib/libcrypto/conf/conf_local.h +++ b/lib/libcrypto/conf/conf_local.h @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_local.h,v 1.8 2024/10/10 06:51:22 tb Exp $ */ +/* $OpenBSD: conf_local.h,v 1.9 2024/10/18 11:12:10 tb Exp $ */ /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) * All rights reserved. * @@ -98,8 +98,6 @@ char *_CONF_get_string(const CONF *conf, const char *section, int _CONF_new_data(CONF *conf); void _CONF_free_data(CONF *conf); -void OPENSSL_load_builtin_modules(void); - __END_HIDDEN_DECLS #endif /* HEADER_CONF_LOCAL_H */ diff --git a/lib/libcrypto/conf/conf_mall.c b/lib/libcrypto/conf/conf_mall.c deleted file mode 100644 index dd1bb6797..000000000 --- a/lib/libcrypto/conf/conf_mall.c +++ /dev/null @@ -1,69 +0,0 @@ -/* $OpenBSD: conf_mall.c,v 1.13 2024/08/31 09:54:31 tb Exp $ */ -/* Written by Stephen Henson (steve@openssl.org) for the OpenSSL - * project 2001. - */ -/* ==================================================================== - * Copyright (c) 2001 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * licensing@OpenSSL.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ - -#include - -/* Load all OpenSSL builtin modules */ -void ASN1_add_oid_module(void); - -void -OPENSSL_load_builtin_modules(void) -{ - /* Add builtin modules here */ - ASN1_add_oid_module(); -} diff --git a/lib/libcrypto/conf/conf_sap.c b/lib/libcrypto/conf/conf_sap.c index 59c90dab4..695171876 100644 --- a/lib/libcrypto/conf/conf_sap.c +++ b/lib/libcrypto/conf/conf_sap.c @@ -1,4 +1,4 @@ -/* $OpenBSD: conf_sap.c,v 1.17 2024/08/31 09:54:31 tb Exp $ */ +/* $OpenBSD: conf_sap.c,v 1.18 2024/10/18 11:12:10 tb Exp $ */ /* Written by Stephen Henson (steve@openssl.org) for the OpenSSL * project 2001. */ @@ -78,11 +78,12 @@ static pthread_once_t openssl_configured = PTHREAD_ONCE_INIT; static const char *openssl_config_name; +void ASN1_add_oid_module(void); + static void OPENSSL_config_internal(void) { - OPENSSL_load_builtin_modules(); - /* Add others here? */ + ASN1_add_oid_module(); ERR_clear_error(); if (CONF_modules_load_file(NULL, openssl_config_name, diff --git a/lib/libcrypto/cryptlib.c b/lib/libcrypto/cryptlib.c index 59e6456bb..60f14eba1 100644 --- a/lib/libcrypto/cryptlib.c +++ b/lib/libcrypto/cryptlib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptlib.c,v 1.54 2024/09/06 09:57:32 tb Exp $ */ +/* $OpenBSD: cryptlib.c,v 1.56 2024/10/17 14:27:57 jsing Exp $ */ /* ==================================================================== * Copyright (c) 1998-2006 The OpenSSL Project. All rights reserved. * @@ -124,6 +124,8 @@ #include #include +#include "cryptlib.h" +#include "crypto_internal.h" #include "crypto_local.h" #include "x86_arch.h" @@ -345,12 +347,8 @@ crypto_cpu_caps_ia32(void) void OPENSSL_cpuid_setup(void) { - static int trigger = 0; uint64_t OPENSSL_ia32_cpuid(void); - if (trigger) - return; - trigger = 1; OPENSSL_ia32cap_P = OPENSSL_ia32_cpuid(); if ((OPENSSL_ia32cap_P & CPUCAP_MASK_AESNI) != 0) @@ -373,6 +371,14 @@ OPENSSL_cpuid_setup(void) } #endif +#ifndef HAVE_CRYPTO_CPU_CAPS_INIT +void +crypto_cpu_caps_init(void) +{ + OPENSSL_cpuid_setup(); +} +#endif + uint64_t OPENSSL_cpu_caps(void) { diff --git a/lib/libcrypto/crypto_init.c b/lib/libcrypto/crypto_init.c index d2d06f87d..6016d1ae4 100644 --- a/lib/libcrypto/crypto_init.c +++ b/lib/libcrypto/crypto_init.c @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_init.c,v 1.21 2024/04/10 14:51:02 beck Exp $ */ +/* $OpenBSD: crypto_init.c,v 1.22 2024/10/17 14:27:57 jsing Exp $ */ /* * Copyright (c) 2018 Bob Beck * @@ -27,7 +27,7 @@ #include #include -#include "cryptlib.h" +#include "crypto_internal.h" #include "x509_issuer_cache.h" int OpenSSL_config(const char *); @@ -48,7 +48,8 @@ OPENSSL_init_crypto_internal(void) { crypto_init_thread = pthread_self(); - OPENSSL_cpuid_setup(); + crypto_cpu_caps_init(); + ERR_load_crypto_strings(); } diff --git a/lib/libcrypto/crypto_internal.h b/lib/libcrypto/crypto_internal.h index fc617472a..2c2e63cc0 100644 --- a/lib/libcrypto/crypto_internal.h +++ b/lib/libcrypto/crypto_internal.h @@ -1,4 +1,4 @@ -/* $OpenBSD: crypto_internal.h,v 1.12 2024/09/06 09:57:32 tb Exp $ */ +/* $OpenBSD: crypto_internal.h,v 1.13 2024/10/17 14:27:57 jsing Exp $ */ /* * Copyright (c) 2023 Joel Sing * @@ -220,6 +220,8 @@ crypto_ror_u64(uint64_t v, size_t shift) } #endif +void crypto_cpu_caps_init(void); + uint64_t crypto_cpu_caps_ia32(void); #endif diff --git a/lib/libcrypto/ec/ec_asn1.c b/lib/libcrypto/ec/ec_asn1.c index 02609606f..289bc3b27 100644 --- a/lib/libcrypto/ec/ec_asn1.c +++ b/lib/libcrypto/ec/ec_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_asn1.c,v 1.73 2024/10/15 06:35:59 tb Exp $ */ +/* $OpenBSD: ec_asn1.c,v 1.74 2024/10/17 14:34:06 tb Exp $ */ /* * Written by Nils Larsch for the OpenSSL project. */ @@ -818,99 +818,98 @@ ec_asn1_group2pkparameters(const EC_GROUP *group) return NULL; } -static EC_GROUP * -ec_asn1_parameters2group(const ECPARAMETERS *params) +static int +ec_asn1_is_prime_field(const X9_62_FIELDID *fieldid) { - int ok = 0, tmp; - EC_GROUP *ret = NULL; - BIGNUM *p = NULL, *a = NULL, *b = NULL, *order = NULL, *cofactor = NULL; - EC_POINT *point = NULL; - int field_bits; + int nid; - if (!params->fieldID || !params->fieldID->fieldType || - !params->fieldID->p.ptr) { + if (fieldid == NULL) { ECerror(EC_R_ASN1_ERROR); - goto err; + return 0; } - /* now extract the curve parameters a and b */ - if (!params->curve || !params->curve->a || - !params->curve->a->data || !params->curve->b || - !params->curve->b->data) { - ECerror(EC_R_ASN1_ERROR); - goto err; + if ((nid = OBJ_obj2nid(fieldid->fieldType)) == NID_undef) { + ECerror(EC_R_INVALID_FIELD); + return 0; } - a = BN_bin2bn(params->curve->a->data, params->curve->a->length, NULL); - if (a == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - b = BN_bin2bn(params->curve->b->data, params->curve->b->length, NULL); - if (b == NULL) { - ECerror(ERR_R_BN_LIB); - goto err; - } - /* get the field parameters */ - tmp = OBJ_obj2nid(params->fieldID->fieldType); - if (tmp == NID_X9_62_characteristic_two_field) { + if (nid == NID_X9_62_characteristic_two_field) { ECerror(EC_R_GF2M_NOT_SUPPORTED); + return 0; + } + if (nid != NID_X9_62_prime_field) { + ECerror(EC_R_UNSUPPORTED_FIELD); + return 0; + } + + /* We can't check that this is actually a prime due to DoS risk. */ + if (fieldid->p.prime == NULL) { + ECerror(EC_R_INVALID_FIELD); + return 0; + } + + return 1; +} + +static int +ec_asn1_parameters_curve2group(const X9_62_CURVE *curve, + const ASN1_INTEGER *prime, EC_GROUP **out_group) +{ + EC_GROUP *group = NULL; + BIGNUM *p = NULL, *a = NULL, *b = NULL; + int ret = 0; + + if (*out_group != NULL) goto err; - } else if (tmp == NID_X9_62_prime_field) { - /* we have a curve over a prime field */ - /* extract the prime number */ - if (!params->fieldID->p.prime) { - ECerror(EC_R_ASN1_ERROR); - goto err; - } - p = ASN1_INTEGER_to_BN(params->fieldID->p.prime, NULL); - if (p == NULL) { - ECerror(ERR_R_ASN1_LIB); - goto err; - } - if (BN_is_negative(p) || BN_is_zero(p)) { - ECerror(EC_R_INVALID_FIELD); - goto err; - } - field_bits = BN_num_bits(p); - if (field_bits > OPENSSL_ECC_MAX_FIELD_BITS) { - ECerror(EC_R_FIELD_TOO_LARGE); - goto err; - } - /* create the EC_GROUP structure */ - ret = EC_GROUP_new_curve_GFp(p, a, b, NULL); - } else { + + if ((p = ASN1_INTEGER_to_BN(prime, NULL)) == NULL) + goto err; + if ((a = BN_bin2bn(curve->a->data, curve->a->length, NULL)) == NULL) + goto err; + if ((b = BN_bin2bn(curve->b->data, curve->b->length, NULL)) == NULL) + goto err; + + /* + * XXX - move these checks to ec_GFp_simple_group_set_curve()? + * What about checking 0 <= a, b < p? + */ + if (BN_is_zero(p) || BN_is_negative(p)) { ECerror(EC_R_INVALID_FIELD); goto err; } - - if (ret == NULL) { - ECerror(ERR_R_EC_LIB); + if (BN_num_bits(p) > OPENSSL_ECC_MAX_FIELD_BITS) { + ECerror(EC_R_FIELD_TOO_LARGE); goto err; } - /* extract seed (optional) */ - if (params->curve->seed != NULL) { - free(ret->seed); - if (!(ret->seed = malloc(params->curve->seed->length))) { - ECerror(ERR_R_MALLOC_FAILURE); - goto err; - } - memcpy(ret->seed, params->curve->seed->data, - params->curve->seed->length); - ret->seed_len = params->curve->seed->length; - } - if (!params->order || !params->base || !params->base->data) { - ECerror(EC_R_ASN1_ERROR); - goto err; - } - if ((point = EC_POINT_new(ret)) == NULL) + + if ((group = EC_GROUP_new_curve_GFp(p, a, b, NULL)) == NULL) goto err; - /* set the point conversion form */ - EC_GROUP_set_point_conversion_form(ret, (point_conversion_form_t) - (params->base->data[0] & ~0x01)); + *out_group = group; + group = NULL; - /* extract the ec point */ - if (!EC_POINT_oct2point(ret, point, params->base->data, - params->base->length, NULL)) { + ret = 1; + + err: + BN_free(p); + BN_free(a); + BN_free(b); + EC_GROUP_free(group); + + return ret; +} + +static int +ec_asn1_set_group_parameters(const ECPARAMETERS *params, EC_GROUP *group) +{ + EC_POINT *generator; + BIGNUM *order = NULL, *cofactor = NULL; + const ASN1_BIT_STRING *seed; + point_conversion_form_t form; + int ret = 0; + + if ((generator = EC_POINT_new(group)) == NULL) + goto err; + if (!EC_POINT_oct2point(group, generator, + params->base->data, params->base->length, NULL)) { ECerror(ERR_R_EC_LIB); goto err; } @@ -918,14 +917,6 @@ ec_asn1_parameters2group(const ECPARAMETERS *params) ECerror(ERR_R_ASN1_LIB); goto err; } - if (BN_is_negative(order) || BN_is_zero(order)) { - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } - if (BN_num_bits(order) > field_bits + 1) { /* Hasse bound */ - ECerror(EC_R_INVALID_GROUP_ORDER); - goto err; - } if (params->cofactor != NULL) { if ((cofactor = ASN1_INTEGER_to_BN(params->cofactor, NULL)) == NULL) { @@ -933,27 +924,84 @@ ec_asn1_parameters2group(const ECPARAMETERS *params) goto err; } } - if (!EC_GROUP_set_generator(ret, point, order, cofactor)) { + + /* Checks the Hasse bound and sets the cofactor if possible or fails. */ + if (!EC_GROUP_set_generator(group, generator, order, cofactor)) { ECerror(ERR_R_EC_LIB); goto err; } - ok = 1; + + if ((seed = params->curve->seed) != NULL) { + if (EC_GROUP_set_seed(group, seed->data, seed->length) == 0) { + ECerror(ERR_R_MALLOC_FAILURE); + goto err; + } + } + + /* oct2point has ensured that to be compressed, uncompressed, or hybrid. */ + form = params->base->data[0] & ~1U; + EC_GROUP_set_point_conversion_form(group, form); + + ret = 1; err: - if (!ok) { - EC_GROUP_free(ret); - ret = NULL; - } - BN_free(p); - BN_free(a); - BN_free(b); + EC_POINT_free(generator); BN_free(order); BN_free(cofactor); - EC_POINT_free(point); return ret; } +static int +ec_asn1_parameters_extract_prime_group(const ECPARAMETERS *params, + EC_GROUP **out_group) +{ + EC_GROUP *group = NULL; + int ret = 0; + + if (*out_group != NULL) + goto err; + + if (!ec_asn1_is_prime_field(params->fieldID)) + goto err; + if (!ec_asn1_parameters_curve2group(params->curve, + params->fieldID->p.prime, &group)) + goto err; + if (!ec_asn1_set_group_parameters(params, group)) + goto err; + + *out_group = group; + group = NULL; + + ret = 1; + + err: + EC_GROUP_free(group); + + return ret; +} + +static EC_GROUP * +ec_asn1_parameters2group(const ECPARAMETERS *params) +{ + EC_GROUP *group = NULL; + + if (params == NULL) { + ECerror(EC_R_ASN1_ERROR); + goto err; + } + + if (!ec_asn1_parameters_extract_prime_group(params, &group)) + goto err; + + return group; + + err: + EC_GROUP_free(group); + + return NULL; +} + EC_GROUP * ec_asn1_pkparameters2group(const ECPKPARAMETERS *params) { diff --git a/lib/libcrypto/ec/ec_cvt.c b/lib/libcrypto/ec/ec_cvt.c deleted file mode 100644 index 5b196dd67..000000000 --- a/lib/libcrypto/ec/ec_cvt.c +++ /dev/null @@ -1,103 +0,0 @@ -/* $OpenBSD: ec_cvt.c,v 1.12 2023/07/07 13:54:45 beck Exp $ */ -/* - * Originally written by Bodo Moeller for the OpenSSL project. - */ -/* ==================================================================== - * Copyright (c) 1998-2002 The OpenSSL Project. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * 1. Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in - * the documentation and/or other materials provided with the - * distribution. - * - * 3. All advertising materials mentioning features or use of this - * software must display the following acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit. (http://www.openssl.org/)" - * - * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to - * endorse or promote products derived from this software without - * prior written permission. For written permission, please contact - * openssl-core@openssl.org. - * - * 5. Products derived from this software may not be called "OpenSSL" - * nor may "OpenSSL" appear in their names without prior written - * permission of the OpenSSL Project. - * - * 6. Redistributions of any form whatsoever must retain the following - * acknowledgment: - * "This product includes software developed by the OpenSSL Project - * for use in the OpenSSL Toolkit (http://www.openssl.org/)" - * - * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY - * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE - * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR - * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR - * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, - * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT - * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; - * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * ==================================================================== - * - * This product includes cryptographic software written by Eric Young - * (eay@cryptsoft.com). This product includes software written by Tim - * Hudson (tjh@cryptsoft.com). - * - */ -/* ==================================================================== - * Copyright 2002 Sun Microsystems, Inc. ALL RIGHTS RESERVED. - * - * Portions of the attached software ("Contribution") are developed by - * SUN MICROSYSTEMS, INC., and are contributed to the OpenSSL project. - * - * The Contribution is licensed pursuant to the OpenSSL open source - * license provided above. - * - * The elliptic curve binary polynomial software is originally written by - * Sheueling Chang Shantz and Douglas Stebila of Sun Microsystems Laboratories. - * - */ - -#include - -#include -#include "ec_local.h" - -static EC_GROUP * -ec_group_new_curve(const EC_METHOD *method, const BIGNUM *p, const BIGNUM *a, - const BIGNUM *b, BN_CTX *ctx) -{ - EC_GROUP *group; - - if ((group = EC_GROUP_new(method)) == NULL) - goto err; - - if (!EC_GROUP_set_curve(group, p, a, b, ctx)) - goto err; - - return group; - - err: - EC_GROUP_free(group); - - return NULL; -} - -EC_GROUP * -EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, - BN_CTX *ctx) -{ - return ec_group_new_curve(EC_GFp_mont_method(), p, a, b, ctx); -} -LCRYPTO_ALIAS(EC_GROUP_new_curve_GFp); diff --git a/lib/libcrypto/ec/ec_lib.c b/lib/libcrypto/ec/ec_lib.c index 11d09b65c..0e5897da9 100644 --- a/lib/libcrypto/ec/ec_lib.c +++ b/lib/libcrypto/ec/ec_lib.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_lib.c,v 1.69 2024/10/15 17:44:43 tb Exp $ */ +/* $OpenBSD: ec_lib.c,v 1.70 2024/10/18 10:57:26 tb Exp $ */ /* * Originally written by Bodo Moeller for the OpenSSL project. */ @@ -544,6 +544,27 @@ EC_GROUP_get_curve_GFp(const EC_GROUP *group, BIGNUM *p, BIGNUM *a, BIGNUM *b, } LCRYPTO_ALIAS(EC_GROUP_get_curve_GFp); +EC_GROUP * +EC_GROUP_new_curve_GFp(const BIGNUM *p, const BIGNUM *a, const BIGNUM *b, + BN_CTX *ctx) +{ + EC_GROUP *group; + + if ((group = EC_GROUP_new(EC_GFp_mont_method())) == NULL) + goto err; + + if (!EC_GROUP_set_curve(group, p, a, b, ctx)) + goto err; + + return group; + + err: + EC_GROUP_free(group); + + return NULL; +} +LCRYPTO_ALIAS(EC_GROUP_new_curve_GFp); + int EC_GROUP_get_degree(const EC_GROUP *group) { diff --git a/lib/libcrypto/x86_64cpuid.pl b/lib/libcrypto/x86_64cpuid.pl deleted file mode 100644 index a735a97f6..000000000 --- a/lib/libcrypto/x86_64cpuid.pl +++ /dev/null @@ -1,147 +0,0 @@ -#!/usr/bin/env perl - -$flavour = shift; -$output = shift; -if ($flavour =~ /\./) { $output = $flavour; undef $flavour; } - -$0 =~ m/(.*[\/\\])[^\/\\]+$/; $dir=$1; -( $xlate="${dir}x86_64-xlate.pl" and -f $xlate ) or -( $xlate="${dir}perlasm/x86_64-xlate.pl" and -f $xlate) or -die "can't locate x86_64-xlate.pl"; - -open OUT,"| \"$^X\" $xlate $flavour $output"; -*STDOUT=*OUT; - -($arg1,$arg2,$arg3,$arg4)=("%rdi","%rsi","%rdx","%rcx"); # Unix order - -print<<___; -.text -.globl OPENSSL_ia32_cpuid -.type OPENSSL_ia32_cpuid,\@abi-omnipotent -.align 16 -OPENSSL_ia32_cpuid: - _CET_ENDBR - mov %rbx,%r8 # save %rbx - - xor %eax,%eax - cpuid - mov %eax,%r11d # max value for standard query level - - xor %eax,%eax - cmp \$0x756e6547,%ebx # "Genu" - setne %al - mov %eax,%r9d - cmp \$0x49656e69,%edx # "ineI" - setne %al - or %eax,%r9d - cmp \$0x6c65746e,%ecx # "ntel" - setne %al - or %eax,%r9d # 0 indicates Intel CPU - jz .Lintel - - cmp \$0x68747541,%ebx # "Auth" - setne %al - mov %eax,%r10d - cmp \$0x69746E65,%edx # "enti" - setne %al - or %eax,%r10d - cmp \$0x444D4163,%ecx # "cAMD" - setne %al - or %eax,%r10d # 0 indicates AMD CPU - jnz .Lintel - - # AMD specific - mov \$0x80000000,%eax - cpuid - cmp \$0x80000001,%eax - jb .Lintel - mov %eax,%r10d - mov \$0x80000001,%eax - cpuid - or %ecx,%r9d - and \$IA32CAP_MASK1_AMD_XOP,%r9d # isolate AMD XOP bit - or \$1,%r9d # make sure %r9d is not zero - - cmp \$0x80000008,%r10d - jb .Lintel - - mov \$0x80000008,%eax - cpuid - movzb %cl,%r10 # number of cores - 1 - inc %r10 # number of cores - - mov \$1,%eax - cpuid - bt \$IA32CAP_BIT0_HT,%edx # test hyper-threading bit - jnc .Lgeneric - shr \$16,%ebx # number of logical processors - cmp %r10b,%bl - ja .Lgeneric - xor \$IA32CAP_MASK0_HT,%edx - jmp .Lgeneric - -.Lintel: - cmp \$4,%r11d - mov \$-1,%r10d - jb .Lnocacheinfo - - mov \$4,%eax - mov \$0,%ecx # query L1D - cpuid - mov %eax,%r10d - shr \$14,%r10d - and \$0xfff,%r10d # number of cores -1 per L1D - -.Lnocacheinfo: - mov \$1,%eax - cpuid - # force reserved bits to 0 - and \$(~(IA32CAP_MASK0_INTELP4 | IA32CAP_MASK0_INTEL)),%edx - cmp \$0,%r9d - jne .Lnotintel - # set reserved bit#30 on Intel CPUs - or \$IA32CAP_MASK0_INTEL,%edx - and \$15,%ah - cmp \$15,%ah # examine Family ID - jne .Lnotintel - # set reserved bit#20 to engage RC4_CHAR - or \$IA32CAP_MASK0_INTELP4,%edx -.Lnotintel: - bt \$IA32CAP_BIT0_HT,%edx # test hyper-threading bit - jnc .Lgeneric - xor \$IA32CAP_MASK0_HT,%edx - cmp \$0,%r10d - je .Lgeneric - - or \$IA32CAP_MASK0_HT,%edx - shr \$16,%ebx - cmp \$1,%bl # see if cache is shared - ja .Lgeneric - xor \$IA32CAP_MASK0_HT,%edx # clear hyper-threading bit if not - -.Lgeneric: - and \$IA32CAP_MASK1_AMD_XOP,%r9d # isolate AMD XOP flag - and \$(~IA32CAP_MASK1_AMD_XOP),%ecx - or %ecx,%r9d # merge AMD XOP flag - - mov %edx,%r10d # %r9d:%r10d is copy of %ecx:%edx - bt \$IA32CAP_BIT1_OSXSAVE,%r9d # check OSXSAVE bit - jnc .Lclear_avx - xor %ecx,%ecx # XCR0 - .byte 0x0f,0x01,0xd0 # xgetbv - and \$6,%eax # isolate XMM and YMM state support - cmp \$6,%eax - je .Ldone -.Lclear_avx: - mov \$(~(IA32CAP_MASK1_AVX | IA32CAP_MASK1_FMA3 | IA32CAP_MASK1_AMD_XOP)),%eax - and %eax,%r9d # clear AVX, FMA and AMD XOP bits -.Ldone: - shl \$32,%r9 - mov %r10d,%eax - mov %r8,%rbx # restore %rbx - or %r9,%rax - ret -.size OPENSSL_ia32_cpuid,.-OPENSSL_ia32_cpuid -___ - -close STDOUT; # flush diff --git a/lib/libcrypto/x86_arch.h b/lib/libcrypto/x86_arch.h index 5b2cf9754..e9e9d4896 100644 --- a/lib/libcrypto/x86_arch.h +++ b/lib/libcrypto/x86_arch.h @@ -1,4 +1,4 @@ -/* $OpenBSD: x86_arch.h,v 1.1 2016/11/04 17:30:30 miod Exp $ */ +/* $OpenBSD: x86_arch.h,v 1.2 2024/10/18 13:36:24 jsing Exp $ */ /* * Copyright (c) 2016 Miodrag Vallat. * @@ -76,15 +76,20 @@ #define IA32CAP_MASK1_SSSE3 (1 << IA32CAP_BIT1_SSSE3) #define IA32CAP_MASK1_FMA3 (1 << IA32CAP_BIT1_FMA3) #define IA32CAP_MASK1_AESNI (1 << IA32CAP_BIT1_AESNI) +#define IA32CAP_MASK1_OSXSAVE (1 << IA32CAP_BIT1_OSXSAVE) #define IA32CAP_MASK1_AVX (1 << IA32CAP_BIT1_AVX) #define IA32CAP_MASK1_AMD_XOP (1 << IA32CAP_BIT1_AMD_XOP) /* bit masks for OPENSSL_cpu_caps() */ +#define CPUCAP_MASK_HT IA32CAP_MASK0_HT #define CPUCAP_MASK_MMX IA32CAP_MASK0_MMX #define CPUCAP_MASK_FXSR IA32CAP_MASK0_FXSR #define CPUCAP_MASK_SSE IA32CAP_MASK0_SSE +#define CPUCAP_MASK_SSE2 IA32CAP_MASK0_SSE2 +#define CPUCAP_MASK_INTEL IA32CAP_MASK0_INTEL #define CPUCAP_MASK_INTELP4 IA32CAP_MASK0_INTELP4 #define CPUCAP_MASK_PCLMUL (1ULL << (32 + IA32CAP_BIT1_PCLMUL)) #define CPUCAP_MASK_SSSE3 (1ULL << (32 + IA32CAP_BIT1_SSSE3)) #define CPUCAP_MASK_AESNI (1ULL << (32 + IA32CAP_BIT1_AESNI)) +#define CPUCAP_MASK_AVX (1ULL << (32 + IA32CAP_BIT1_AVX)) diff --git a/lib/libssl/ssl_seclevel.c b/lib/libssl/ssl_seclevel.c index 6a5d16bfa..1448368e7 100644 --- a/lib/libssl/ssl_seclevel.c +++ b/lib/libssl/ssl_seclevel.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_seclevel.c,v 1.28 2024/05/09 07:12:03 tb Exp $ */ +/* $OpenBSD: ssl_seclevel.c,v 1.29 2024/10/17 06:19:06 tb Exp $ */ /* * Copyright (c) 2020-2022 Theo Buehler * @@ -331,45 +331,49 @@ ssl_security_cert_key(const SSL_CTX *ctx, const SSL *ssl, X509 *x509, int secop) } static int -ssl_cert_signature_md_nid(X509 *x509) +ssl_security_cert_sig_security_bits(X509 *x509, int *out_md_nid) { - int md_nid, signature_nid; + int pkey_nid, security_bits; + uint32_t flags; - if ((signature_nid = X509_get_signature_nid(x509)) == NID_undef) - return NID_undef; + *out_md_nid = NID_undef; - if (!OBJ_find_sigid_algs(signature_nid, &md_nid, NULL)) - return NID_undef; - - return md_nid; -} - -static int -ssl_cert_md_nid_security_bits(int md_nid) -{ - const EVP_MD *md; - - if (md_nid == NID_undef) + /* + * Returning -1 security bits makes the default security callback fail + * to match bonkers behavior in OpenSSL. This in turn lets a security + * callback override such failures. + */ + if (!X509_get_signature_info(x509, out_md_nid, &pkey_nid, &security_bits, + &flags)) + return -1; + /* + * OpenSSL doesn't check flags. Test RSA-PSS certs we were provided have + * a salt length distinct from hash length and thus fail this check. + */ + if ((flags & X509_SIG_INFO_TLS) == 0) return -1; - if ((md = EVP_get_digestbynid(md_nid)) == NULL) - return -1; + /* Weird OpenSSL behavior only relevant for EdDSA certs in LibreSSL. */ + if (*out_md_nid == NID_undef) + *out_md_nid = pkey_nid; - /* Assume 4 bits of collision resistance for each hash octet. */ - return EVP_MD_size(md) * 4; + return security_bits; } static int ssl_security_cert_sig(const SSL_CTX *ctx, const SSL *ssl, X509 *x509, int secop) { - int md_nid, security_bits; + int md_nid = NID_undef, security_bits = -1; /* Don't check signature if self signed. */ if ((X509_get_extension_flags(x509) & EXFLAG_SS) != 0) return 1; - md_nid = ssl_cert_signature_md_nid(x509); - security_bits = ssl_cert_md_nid_security_bits(md_nid); + /* + * The default security callback fails on -1 security bits. It ignores + * the md_nid (aka version) argument we pass from here. + */ + security_bits = ssl_security_cert_sig_security_bits(x509, &md_nid); if (ssl != NULL) return ssl_security(ssl, secop, security_bits, md_nid, x509); diff --git a/regress/lib/libcrypto/ec/ec_asn1_test.c b/regress/lib/libcrypto/ec/ec_asn1_test.c index 171014bda..e5e899264 100644 --- a/regress/lib/libcrypto/ec/ec_asn1_test.c +++ b/regress/lib/libcrypto/ec/ec_asn1_test.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ec_asn1_test.c,v 1.6 2024/10/16 23:58:25 tb Exp $ */ +/* $OpenBSD: ec_asn1_test.c,v 1.10 2024/10/18 10:40:31 tb Exp $ */ /* * Copyright (c) 2017, 2021 Joel Sing * Copyright (c) 2024 Theo Buehler @@ -24,12 +24,12 @@ #include #include -const uint8_t ec_secp256r1_pkparameters_named_curve[] = { +static const uint8_t ec_secp256r1_pkparameters_named_curve[] = { 0x06, 0x08, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x03, 0x01, 0x07, }; -const uint8_t ec_secp256r1_pkparameters_parameters[] = { +static const uint8_t ec_secp256r1_pkparameters_parameters[] = { 0x30, 0x81, 0xf7, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, @@ -64,7 +64,7 @@ const uint8_t ec_secp256r1_pkparameters_parameters[] = { 0x01, 0x01, }; -const uint8_t ec_secp256k1_pkparameters_parameters[] = { +static const uint8_t ec_secp256k1_pkparameters_parameters[] = { 0x30, 0x81, 0xe0, 0x02, 0x01, 0x01, 0x30, 0x2c, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, @@ -340,11 +340,8 @@ ec_group_roundtrip_builtin_curves(void) return failed; } -/* - * From draft-ietf-lwig-curve-representation-23, Appendix E.3 - */ - -static const struct { +struct curve { + const char *descr; const char *oid; const char *sn; const char *ln; @@ -355,29 +352,22 @@ static const struct { const char *cofactor; const char *x; const char *y; -} wei25519 = { - .oid = "1.3.101.108", - .sn = "Wei25519", - .p = "7fffffff" "ffffffff" "ffffffff" "ffffffff" - "ffffffff" "ffffffff" "ffffffff" "ffffffed", - .a = "2aaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaa98" "4914a144", - .b = "7b425ed0" "97b425ed" "097b425e" "d097b425" - "ed097b42" "5ed097b4" "260b5e9c" "7710c864", - .x = "2aaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" - "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaad245a", - .y = "20ae19a1" "b8a086b4" "e01edd2c" "7748d14c" - "923d4d7e" "6d7c61b2" "29e9c5a2" "7eced3d9", - .order = "10000000" "00000000" "00000000" "00000000" - "14def9de" "a2f79cd6" "5812631a" "5cf5d3ed", - .cofactor = "8", + int known_named_curve; + const char *named; + size_t named_len; + const char *param; + size_t param_len; }; -const uint8_t ec_wei25519_pkparameters_named_curve[] = { +/* + * From draft-ietf-lwig-curve-representation-23, Appendix E.3 + */ + +static const uint8_t ec_wei25519_pkparameters_named_curve[] = { 0x06, 0x03, 0x2b, 0x65, 0x6c, }; -const uint8_t ec_wei25519_pkparameters_parameters[] = { +static const uint8_t ec_wei25519_pkparameters_parameters[] = { 0x30, 0x81, 0xde, 0x02, 0x01, 0x01, 0x30, 0x2b, 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, 0x01, 0x02, 0x20, 0x7f, 0xff, 0xff, 0xff, 0xff, @@ -409,100 +399,328 @@ const uint8_t ec_wei25519_pkparameters_parameters[] = { 0x08, }; -static int -ec_weierstrass25519(void) +static const struct curve wei25519 = { + .descr = "short Weierstrass 25519", + .oid = "1.3.101.108", + .sn = "Wei25519", + .p = "7fffffff" "ffffffff" "ffffffff" "ffffffff" + "ffffffff" "ffffffff" "ffffffff" "ffffffed", + .a = "2aaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" + "aaaaaaaa" "aaaaaaaa" "aaaaaa98" "4914a144", + .b = "7b425ed0" "97b425ed" "097b425e" "d097b425" + "ed097b42" "5ed097b4" "260b5e9c" "7710c864", + .x = "2aaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" + "aaaaaaaa" "aaaaaaaa" "aaaaaaaa" "aaad245a", + .y = "20ae19a1" "b8a086b4" "e01edd2c" "7748d14c" + "923d4d7e" "6d7c61b2" "29e9c5a2" "7eced3d9", + .order = "10000000" "00000000" "00000000" "00000000" + "14def9de" "a2f79cd6" "5812631a" "5cf5d3ed", + .cofactor = "8", + .named = ec_wei25519_pkparameters_named_curve, + .named_len = sizeof(ec_wei25519_pkparameters_named_curve), + .param = ec_wei25519_pkparameters_parameters, + .param_len = sizeof(ec_wei25519_pkparameters_parameters), +}; + +/* + * From draft-ietf-lwig-curve-representation-23, Appendix G.3 + */ + +static const uint8_t ec_wei25519_2_pkparameters_parameters[] = { + 0x30, 0x81, 0xde, 0x02, 0x01, 0x01, 0x30, 0x2b, + 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, + 0x01, 0x02, 0x20, 0x7f, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xed, 0x30, 0x44, 0x04, 0x20, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x02, 0x04, + 0x20, 0x1a, 0xc1, 0xda, 0x05, 0xb5, 0x5b, 0xc1, + 0x46, 0x33, 0xbd, 0x39, 0xe4, 0x7f, 0x94, 0x30, + 0x2e, 0xf1, 0x98, 0x43, 0xdc, 0xf6, 0x69, 0x91, + 0x6f, 0x6a, 0x5d, 0xfd, 0x01, 0x65, 0x53, 0x8c, + 0xd1, 0x04, 0x41, 0x04, 0x17, 0xcf, 0xea, 0xc3, + 0x78, 0xae, 0xd6, 0x61, 0x31, 0x8e, 0x86, 0x34, + 0x58, 0x22, 0x75, 0xb6, 0xd9, 0xad, 0x4d, 0xef, + 0x07, 0x2e, 0xa1, 0x93, 0x5e, 0xe3, 0xc4, 0xe8, + 0x7a, 0x94, 0x0f, 0xfa, 0x0c, 0x08, 0xa9, 0x52, + 0xc5, 0x5d, 0xfa, 0xd6, 0x2c, 0x4f, 0x13, 0xf1, + 0xa8, 0xf6, 0x8d, 0xca, 0xdc, 0x5c, 0x33, 0x1d, + 0x29, 0x7a, 0x37, 0xb6, 0xf0, 0xd7, 0xfd, 0xcc, + 0x51, 0xe1, 0x6b, 0x4d, 0x02, 0x20, 0x10, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0xde, + 0xf9, 0xde, 0xa2, 0xf7, 0x9c, 0xd6, 0x58, 0x12, + 0x63, 0x1a, 0x5c, 0xf5, 0xd3, 0xed, 0x02, 0x01, + 0x08, +}; + +static const struct curve wei25519_2 = { + .descr = "short Weierstrass 25519.2", + .oid = "1.3.101.108", + .sn = "Wei25519", + .p = "7fffffff" "ffffffff" "ffffffff" "ffffffff" + "ffffffff" "ffffffff" "ffffffff" "ffffffed", + .a = "02", + .b = "1ac1da05" "b55bc146" "33bd39e4" "7f94302e" + "f19843dc" "f669916f" "6a5dfd01" "65538cd1", + .x = "17cfeac3" "78aed661" "318e8634" "582275b6" + "d9ad4def" "072ea193" "5ee3c4e8" "7a940ffa", + .y = "0c08a952" "c55dfad6" "2c4f13f1" "a8f68dca" + "dc5c331d" "297a37b6" "f0d7fdcc" "51e16b4d", + .order = "10000000" "00000000" "00000000" "00000000" + "14def9de" "a2f79cd6" "5812631a" "5cf5d3ed", + .cofactor = "8", + .named = ec_wei25519_pkparameters_named_curve, + .named_len = sizeof(ec_wei25519_pkparameters_named_curve), + .param = ec_wei25519_2_pkparameters_parameters, + .param_len = sizeof(ec_wei25519_2_pkparameters_parameters), +}; + +static const uint8_t ec_wei25519_3_pkparameters_parameters[] = { + 0x30, 0x81, 0xde, 0x02, 0x01, 0x01, 0x30, 0x2b, + 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, + 0x01, 0x02, 0x20, 0x7f, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xed, 0x30, 0x44, 0x04, 0x20, 0x7f, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xea, 0x04, + 0x20, 0x41, 0xa3, 0xb6, 0xbf, 0xc6, 0x68, 0x77, + 0x8e, 0xbe, 0x29, 0x54, 0xa4, 0xb1, 0xdf, 0x36, + 0xd1, 0x48, 0x5e, 0xce, 0xf1, 0xea, 0x61, 0x42, + 0x95, 0x79, 0x6e, 0x10, 0x22, 0x40, 0x89, 0x1f, + 0xaa, 0x04, 0x41, 0x04, 0x77, 0x06, 0xc3, 0x7b, + 0x5a, 0x84, 0x12, 0x8a, 0x38, 0x84, 0xa5, 0xd7, + 0x18, 0x11, 0xf1, 0xb5, 0x5d, 0xa3, 0x23, 0x0f, + 0xfb, 0x17, 0xa8, 0xab, 0x0b, 0x32, 0xe4, 0x8d, + 0x31, 0xa6, 0x68, 0x5c, 0x0f, 0x60, 0x48, 0x0c, + 0x7a, 0x5c, 0x0e, 0x11, 0x40, 0x34, 0x0a, 0xdc, + 0x79, 0xd6, 0xa2, 0xbf, 0x0c, 0xb5, 0x7a, 0xd0, + 0x49, 0xd0, 0x25, 0xdc, 0x38, 0xd8, 0x0c, 0x77, + 0x98, 0x5f, 0x03, 0x29, 0x02, 0x20, 0x10, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14, 0xde, + 0xf9, 0xde, 0xa2, 0xf7, 0x9c, 0xd6, 0x58, 0x12, + 0x63, 0x1a, 0x5c, 0xf5, 0xd3, 0xed, 0x02, 0x01, + 0x08, +}; + +static const struct curve wei25519_3 = { + .descr = "short Weierstrass 25519.-3", + .oid = "1.3.101.108", + .sn = "Wei25519", + .p = "7fffffff" "ffffffff" "ffffffff" "ffffffff" + "ffffffff" "ffffffff" "ffffffff" "ffffffed", +/* XXX - change this if we are going to enforce 0 <= a,b < p. */ +#if 0 + .a = "7fffffff" "ffffffff" "ffffffff" "ffffffff" + "ffffffff" "ffffffff" "ffffffff" "ffffffea", +#else + .a = "-03", +#endif + .b = "41a3b6bf" "c668778e" "be2954a4" "b1df36d1" + "485ecef1" "ea614295" "796e1022" "40891faa", + .x = "7706c37b" "5a84128a" "3884a5d7" "1811f1b5" + "5da3230f" "fb17a8ab" "0b32e48d" "31a6685c", + .y = "0f60480c" "7a5c0e11" "40340adc" "79d6a2bf" + "0cb57ad0" "49d025dc" "38d80c77" "985f0329", + .order = "10000000" "00000000" "00000000" "00000000" + "14def9de" "a2f79cd6" "5812631a" "5cf5d3ed", + .cofactor = "8", + .named = ec_wei25519_pkparameters_named_curve, + .named_len = sizeof(ec_wei25519_pkparameters_named_curve), + .param = ec_wei25519_3_pkparameters_parameters, + .param_len = sizeof(ec_wei25519_3_pkparameters_parameters), +}; + +/* + * From draft-ietf-lwig-curve-representation-23, Appendix L.3 + */ + +static const uint8_t ec_secp256k1_m_pkparameters_named_curve[] = { + 0x06, 0x05, 0x2b, 0x81, 0x04, 0x00, 0x0a, +}; + +static const uint8_t ec_secp256k1_m_pkparameters_parameters[] = { + 0x30, 0x81, 0xe0, 0x02, 0x01, 0x01, 0x30, 0x2c, + 0x06, 0x07, 0x2a, 0x86, 0x48, 0xce, 0x3d, 0x01, + 0x01, 0x02, 0x21, 0x00, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, + 0xff, 0xff, 0xfc, 0x2f, 0x30, 0x44, 0x04, 0x20, + 0xcf, 0xcd, 0x5c, 0x21, 0x75, 0xe2, 0xef, 0x7d, + 0xcc, 0xdc, 0xe7, 0x37, 0x77, 0x0b, 0x73, 0x81, + 0x5a, 0x2f, 0x13, 0xc5, 0x09, 0x03, 0x5c, 0xa2, + 0x54, 0xa1, 0x4a, 0xc9, 0xf0, 0x89, 0x74, 0xaf, + 0x04, 0x20, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x06, 0xeb, 0x04, 0x41, 0x04, 0x3a, 0xca, 0x53, + 0x00, 0x95, 0x9f, 0xa1, 0xd0, 0xba, 0xf7, 0x8d, + 0xcf, 0xf7, 0x7a, 0x61, 0x6f, 0x39, 0x5e, 0x58, + 0x6d, 0x67, 0xac, 0xed, 0x0a, 0x88, 0x79, 0x81, + 0x29, 0x0c, 0x27, 0x91, 0x45, 0x95, 0x80, 0xfc, + 0xe5, 0x3a, 0x17, 0x0f, 0x4f, 0xb7, 0x44, 0x57, + 0x9f, 0xf3, 0xd6, 0x20, 0x86, 0x12, 0xcd, 0x6a, + 0x23, 0x3e, 0x2d, 0xe2, 0x37, 0xf9, 0x76, 0xc6, + 0xa7, 0x86, 0x11, 0xc8, 0x00, 0x02, 0x21, 0x00, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, + 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xff, 0xfe, + 0xba, 0xae, 0xdc, 0xe6, 0xaf, 0x48, 0xa0, 0x3b, + 0xbf, 0xd2, 0x5e, 0x8c, 0xd0, 0x36, 0x41, 0x41, + 0x02, 0x01, 0x01, +}; + +static const struct curve secp256k1_m = { + .descr = "short Weierstrass secp256k1.m", + .oid = "1.3.132.0.10", + .sn = SN_secp256k1, + .p = "ffffffff" "ffffffff" "ffffffff" "ffffffff" + "ffffffff" "ffffffff" "fffffffe" "fffffc2f", + .a = "cfcd5c21" "75e2ef7d" "ccdce737" "770b7381" + "5a2f13c5" "09035ca2" "54a14ac9" "f08974af", + .b = "06eb", + .x = "3aca5300" "959fa1d0" "baf78dcf" "f77a616f" + "395e586d" "67aced0a" "88798129" "0c279145", + .y = "9580fce5" "3a170f4f" "b744579f" "f3d62086" + "12cd6a23" "3e2de237" "f976c6a7" "8611c800", + .order = "ffffffff" "ffffffff" "ffffffff" "fffffffe" + "baaedce6" "af48a03b" "bfd25e8c" "d0364141", + .cofactor = "1", + .known_named_curve = 1, + .named = ec_secp256k1_m_pkparameters_named_curve, + .named_len = sizeof(ec_secp256k1_m_pkparameters_named_curve), + .param = ec_secp256k1_m_pkparameters_parameters, + .param_len = sizeof(ec_secp256k1_m_pkparameters_parameters), +}; + +static EC_GROUP * +ec_group_from_curve_method(const struct curve *curve, const EC_METHOD *method, + BN_CTX *ctx) { - EC_GROUP *group = NULL, *new_group = NULL; + EC_GROUP *group; EC_POINT *generator = NULL; - BN_CTX *ctx = NULL; BIGNUM *p, *a, *b; - BIGNUM *order, *cofactor, *guessed_cofactor, *x, *y; - const unsigned char *pder; - unsigned char *der = NULL; - long error; - int der_len = 0; - int nid; - int failed = 1; + BIGNUM *order, *x, *y; - ERR_clear_error(); - if ((ctx = BN_CTX_new()) == NULL) - goto err; BN_CTX_start(ctx); - if ((nid = OBJ_create(wei25519.oid, wei25519.sn, NULL)) == NID_undef) { - fprintf(stderr, "FAIL: %s OBJ_create(wei25519)\n", __func__); - goto err; - } - if ((p = BN_CTX_get(ctx)) == NULL) errx(1, "BN_CTX_get"); if ((a = BN_CTX_get(ctx)) == NULL) errx(1, "BN_CTX_get"); if ((b = BN_CTX_get(ctx)) == NULL) errx(1, "BN_CTX_get"); + if ((order = BN_CTX_get(ctx)) == NULL) errx(1, "BN_CTX_get"); - if ((cofactor = BN_CTX_get(ctx)) == NULL) - errx(1, "BN_CTX_get"); - if ((guessed_cofactor = BN_CTX_get(ctx)) == NULL) - errx(1, "BN_CTX_get"); if ((x = BN_CTX_get(ctx)) == NULL) errx(1, "BN_CTX_get"); if ((y = BN_CTX_get(ctx)) == NULL) errx(1, "BN_CTX_get"); - if (BN_hex2bn(&p, wei25519.p) == 0) + if (BN_hex2bn(&p, curve->p) == 0) errx(1, "BN_hex2bn(p)"); - if (BN_hex2bn(&a, wei25519.a) == 0) + if (BN_hex2bn(&a, curve->a) == 0) errx(1, "BN_hex2bn(a)"); - if (BN_hex2bn(&b, wei25519.b) == 0) + if (BN_hex2bn(&b, curve->b) == 0) errx(1, "BN_hex2bn(b)"); - /* - * XXX - this uses the Montgomery method. Consider exercising the - * simple method as well. - */ - if ((group = EC_GROUP_new_curve_GFp(p, a, b, ctx)) == NULL) { - fprintf(stderr, "FAIL: %s EC_GROUP_new_curve_GFp", __func__); - goto err; - } + if ((group = EC_GROUP_new(method)) == NULL) + errx(1, "EC_GROUP_new"); - if (BN_hex2bn(&x, wei25519.x) == 0) + if (!EC_GROUP_set_curve(group, p, a, b, ctx)) + errx(1, "EC_GROUP_set_curve"); + + if (BN_hex2bn(&x, curve->x) == 0) errx(1, "BN_hex2bn(x)"); - if (BN_hex2bn(&x, wei25519.x) == 0) + if (BN_hex2bn(&x, curve->x) == 0) errx(1, "BN_hex2bn(x)"); - if (BN_hex2bn(&y, wei25519.y) == 0) + if (BN_hex2bn(&y, curve->y) == 0) errx(1, "BN_hex2bn(y)"); if ((generator = EC_POINT_new(group)) == NULL) errx(1, "EC_POINT_new()"); if (!EC_POINT_set_affine_coordinates(group, generator, x, y, ctx)) { - fprintf(stderr, "FAIL: %s EC_POINT_set_affine_coordinates", __func__); + fprintf(stderr, "FAIL: %s EC_POINT_set_affine_coordinates\n", + curve->descr); ERR_print_errors_fp(stderr); goto err; } - if (BN_hex2bn(&order, wei25519.order) == 0) + if (BN_hex2bn(&order, curve->order) == 0) errx(1, "BN_hex2bn(order)"); - if (BN_hex2bn(&cofactor, wei25519.cofactor) == 0) - errx(1, "BN_hex2bn(cofactor)"); /* Don't set cofactor to exercise the cofactor guessing code. */ if (!EC_GROUP_set_generator(group, generator, order, NULL)) { - fprintf(stderr, "FAIL: %s EC_GROUP_set_generator\n", __func__); + fprintf(stderr, "FAIL: %s EC_GROUP_set_generator\n", curve->descr); + ERR_print_errors_fp(stderr); + goto err; + } + + EC_POINT_free(generator); + + BN_CTX_end(ctx); + + return group; + + err: + BN_CTX_end(ctx); + + EC_POINT_free(generator); + EC_GROUP_free(group); + + return NULL; +} + +static EC_GROUP * +ec_group_new(const struct curve *curve, const EC_METHOD *method, BN_CTX *ctx) +{ + EC_GROUP *group = NULL; + BIGNUM *cofactor, *guessed_cofactor; + int nid; + + BN_CTX_start(ctx); + + if ((nid = OBJ_txt2nid(curve->oid)) == NID_undef) + nid = OBJ_create(curve->oid, curve->sn, curve->ln); + if (nid == NID_undef) { + fprintf(stderr, "FAIL: OBJ_create(%s)\n", curve->descr); + goto err; + } + + if ((cofactor = BN_CTX_get(ctx)) == NULL) + errx(1, "BN_CTX_get"); + if ((guessed_cofactor = BN_CTX_get(ctx)) == NULL) + errx(1, "BN_CTX_get"); + + if (BN_hex2bn(&cofactor, curve->cofactor) == 0) + errx(1, "BN_hex2bn(cofactor)"); + + if ((group = ec_group_from_curve_method(curve, method, ctx)) == NULL) { + fprintf(stderr, "FAIL: %s ec_group_from_curve_method\n", curve->descr); ERR_print_errors_fp(stderr); goto err; } if (!EC_GROUP_get_cofactor(group, guessed_cofactor, ctx)) { - fprintf(stderr, "FAIL: %s EC_GROUP_get_cofactor\n", __func__); + fprintf(stderr, "FAIL: %s EC_GROUP_get_cofactor\n", curve->descr); ERR_print_errors_fp(stderr); goto err; } if (BN_cmp(cofactor, guessed_cofactor) != 0) { - fprintf(stderr, "FAIL: %s cofactor: want ", __func__); + fprintf(stderr, "FAIL: %s cofactor: want ", curve->descr); BN_print_fp(stderr, cofactor); fprintf(stderr, ", got "); BN_print_fp(stderr, guessed_cofactor); @@ -511,49 +729,79 @@ ec_weierstrass25519(void) } if (!EC_GROUP_check(group, ctx)) { - fprintf(stderr, "FAIL: %s EC_GROUP_check\n", __func__); + fprintf(stderr, "FAIL: %s EC_GROUP_check\n", curve->descr); ERR_print_errors_fp(stderr); goto err; } - /* Explicit curve parameter encoding should work without NID set. */ - if (EC_GROUP_get_curve_name(group) != NID_undef) { - fprintf(stderr, "FAIL: %s unexpected curve name %d\n", __func__, - EC_GROUP_get_curve_name(group)); - ERR_print_errors_fp(stderr); + EC_GROUP_set_curve_name(group, nid); + + BN_CTX_end(ctx); + + return group; + + err: + BN_CTX_end(ctx); + + EC_GROUP_free(group); + + return NULL; +} + +static int +ec_group_non_builtin_curve(const struct curve *curve, const EC_METHOD *method, + BN_CTX *ctx) +{ + EC_GROUP *group = NULL, *new_group = NULL; + const unsigned char *pder; + unsigned char *der = NULL; + long error; + int der_len = 0; + int nid; + int failed = 1; + + ERR_clear_error(); + BN_CTX_start(ctx); + + if ((group = ec_group_new(curve, method, ctx)) == NULL) + goto err; + + if ((nid = EC_GROUP_get_curve_name(group)) == NID_undef) { + fprintf(stderr, "FAIL: no curve name set for %s\n", curve->descr); goto err; } - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); der = NULL; if ((der_len = i2d_ECPKParameters(group, &der)) <= 0) { - fprintf(stderr, "FAIL: %s i2d_ECPKParameters (explicit)\n", __func__); + fprintf(stderr, "FAIL: %s i2d_ECPKParameters (named)\n", + curve->descr); ERR_print_errors_fp(stderr); goto err; } - if (compare_data("Weierstrass 25519 explicit", der, der_len, - ec_wei25519_pkparameters_parameters, - sizeof(ec_wei25519_pkparameters_parameters)) == -1) + if (compare_data(curve->descr, der, der_len, + curve->named, curve->named_len) == -1) goto err; freezero(der, der_len); der = NULL; - EC_GROUP_set_curve_name(group, nid); - EC_GROUP_set_asn1_flag(group, OPENSSL_EC_NAMED_CURVE); + /* Explicit curve parameter encoding should work without NID set. */ + EC_GROUP_set_curve_name(group, NID_undef); + EC_GROUP_set_asn1_flag(group, OPENSSL_EC_EXPLICIT_CURVE); der = NULL; if ((der_len = i2d_ECPKParameters(group, &der)) <= 0) { - fprintf(stderr, "FAIL: %s i2d_ECPKParameters (named)\n", __func__); + fprintf(stderr, "FAIL: i2d_ECPKParameters (explicit) %s\n", + curve->descr); ERR_print_errors_fp(stderr); goto err; } - if (compare_data("Weierstrass 25519 named curve", der, der_len, - ec_wei25519_pkparameters_named_curve, - sizeof(ec_wei25519_pkparameters_named_curve)) == -1) + if (compare_data(curve->descr, der, der_len, + curve->param, curve->param_len) == -1) goto err; freezero(der, der_len); @@ -561,51 +809,55 @@ ec_weierstrass25519(void) /* At this point we should have no error on the stack. */ if (ERR_peek_last_error() != 0) { - fprintf(stderr, "FAIL: %s unexpected error %lu\n", __func__, + fprintf(stderr, "FAIL: %s unexpected error %lu\n", curve->descr, ERR_peek_last_error()); goto err; } - pder = ec_wei25519_pkparameters_named_curve; - der_len = sizeof(ec_wei25519_pkparameters_named_curve); - if ((new_group = d2i_ECPKParameters(NULL, &pder, der_len)) != NULL) { - fprintf(stderr, "FAIL: %s managed to decode unknown named curve\n", - __func__); + pder = curve->named; + der_len = curve->named_len; + new_group = d2i_ECPKParameters(NULL, &pder, der_len); + if (!curve->known_named_curve && new_group != NULL) { + fprintf(stderr, "FAIL: managed to decode unknown named curve %s\n", + curve->descr); goto err; } + EC_GROUP_free(new_group); + new_group = NULL; error = ERR_get_error(); - if (ERR_GET_REASON(error) != EC_R_UNKNOWN_GROUP) { + if (!curve->known_named_curve && + ERR_GET_REASON(error) != EC_R_UNKNOWN_GROUP) { fprintf(stderr, "FAIL: %s unexpected error: want %d, got %d\n", - __func__, EC_R_UNKNOWN_GROUP, ERR_GET_REASON(error)); + curve->descr, EC_R_UNKNOWN_GROUP, ERR_GET_REASON(error)); goto err; } ERR_clear_error(); - pder = ec_wei25519_pkparameters_parameters; - der_len = sizeof(ec_wei25519_pkparameters_parameters); - + pder = curve->param; + der_len = curve->param_len; #if 0 if ((new_group = d2i_ECPKParameters(NULL, &pder, der_len)) != NULL) { - fprintf(stderr, "FAIL: %s managed to decode non-builtin parameters\n", - __func__); + fprintf(stderr, "FAIL: managed to decode non-builtin parameters %s\n", + curve->descr); goto err; } error = ERR_peek_last_error(); if (ERR_GET_REASON(error) != EC_R_PKPARAMETERS2GROUP_FAILURE) { fprintf(stderr, "FAIL: %s unexpected error: want %d, got %d\n", - __func__, EC_R_UNKNOWN_GROUP, ERR_GET_REASON(error)); + curve->descr, EC_R_UNKNOWN_GROUP, ERR_GET_REASON(error)); goto err; } #else if ((new_group = d2i_ECPKParameters(NULL, &pder, der_len)) == NULL) { - fprintf(stderr, "FAIL: %s d2i_ECPKParameters(Wei25519)\n", __func__); + fprintf(stderr, "FAIL: d2i_ECPKParameters(%s)\n", curve->descr); goto err; } - if (EC_GROUP_cmp(group, new_group, ctx) != 0) { + if (method == EC_GFp_mont_method() && + EC_GROUP_cmp(group, new_group, ctx) != 0) { fprintf(stderr, "FAIL: %s Weierstrass groups do not match!\n", - __func__); + curve->descr); goto err; } #endif @@ -614,17 +866,41 @@ ec_weierstrass25519(void) err: BN_CTX_end(ctx); - BN_CTX_free(ctx); EC_GROUP_free(group); EC_GROUP_free(new_group); - EC_POINT_free(generator); freezero(der, der_len); return failed; } +static int +ec_group_non_builtin_curves(void) +{ + BN_CTX *ctx; + int failed = 0; + + if ((ctx = BN_CTX_new()) == NULL) + errx(1, "BN_CTX_new"); + + failed |= ec_group_non_builtin_curve(&wei25519, EC_GFp_mont_method(), ctx); + failed |= ec_group_non_builtin_curve(&wei25519, EC_GFp_simple_method(), ctx); + + failed |= ec_group_non_builtin_curve(&wei25519_2, EC_GFp_mont_method(), ctx); + failed |= ec_group_non_builtin_curve(&wei25519_2, EC_GFp_simple_method(), ctx); + + failed |= ec_group_non_builtin_curve(&wei25519_3, EC_GFp_mont_method(), ctx); + failed |= ec_group_non_builtin_curve(&wei25519_3, EC_GFp_simple_method(), ctx); + + failed |= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_mont_method(), ctx); + failed |= ec_group_non_builtin_curve(&secp256k1_m, EC_GFp_simple_method(), ctx); + + BN_CTX_free(ctx); + + return failed; +} + int main(int argc, char **argv) { @@ -634,7 +910,7 @@ main(int argc, char **argv) failed |= ec_group_pkparameters_parameters_test(); failed |= ec_group_pkparameters_correct_padding_test(); failed |= ec_group_roundtrip_builtin_curves(); - failed |= ec_weierstrass25519(); + failed |= ec_group_non_builtin_curves(); return (failed); } diff --git a/sys/arch/arm64/arm64/cpuswitch.S b/sys/arch/arm64/arm64/cpuswitch.S index bc95fce90..68943c938 100644 --- a/sys/arch/arm64/arm64/cpuswitch.S +++ b/sys/arch/arm64/arm64/cpuswitch.S @@ -1,4 +1,4 @@ -/* $OpenBSD: cpuswitch.S,v 1.7 2023/10/24 13:20:09 claudio Exp $ */ +/* $OpenBSD: cpuswitch.S,v 1.8 2024/10/17 02:20:53 jsg Exp $ */ /* * Copyright (c) 2015 Dale Rahn * @@ -15,7 +15,7 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include "machine/asm.h" +#include #include "assym.h" /* diff --git a/sys/dev/fdt/bcm2835_dmac.c b/sys/dev/fdt/bcm2835_dmac.c index ccf4f839c..49959e619 100644 --- a/sys/dev/fdt/bcm2835_dmac.c +++ b/sys/dev/fdt/bcm2835_dmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bcm2835_dmac.c,v 1.4 2022/08/10 20:19:22 mglocker Exp $ */ +/* $OpenBSD: bcm2835_dmac.c,v 1.5 2024/10/17 05:10:53 jsg Exp $ */ /* * Copyright (c) 2020 Tobias Heider @@ -56,7 +56,7 @@ #include #include -#include "dev/ic/bcm2835_dmac.h" +#include #define BCMDMAC_CHANNELMASK ((1 << 12) - 1) #define DEVNAME(sc) ((sc)->sc_dev.dv_xname) diff --git a/sys/dev/fdt/qciic_fdt.c b/sys/dev/fdt/qciic_fdt.c index acafcc677..588d7c961 100644 --- a/sys/dev/fdt/qciic_fdt.c +++ b/sys/dev/fdt/qciic_fdt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: qciic_fdt.c,v 1.1 2022/11/06 15:36:13 patrick Exp $ */ +/* $OpenBSD: qciic_fdt.c,v 1.2 2024/10/17 17:58:58 kettenis Exp $ */ /* * Copyright (c) 2022 Mark Kettenis * @@ -25,6 +25,7 @@ #include #include +#include #include #define _I2C_PRIVATE @@ -109,6 +110,8 @@ qciic_fdt_attach(struct device *parent, struct device *self, void *aux) printf("\n"); + pinctrl_byname(sc->sc_node, "default"); + sc->sc_ic.ic_cookie = sc; sc->sc_ic.ic_acquire_bus = qciic_fdt_acquire_bus; sc->sc_ic.ic_release_bus = qciic_fdt_release_bus; diff --git a/sys/dev/i2c/ihidev.c b/sys/dev/i2c/ihidev.c index b676ae700..681a3fcc3 100644 --- a/sys/dev/i2c/ihidev.c +++ b/sys/dev/i2c/ihidev.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ihidev.c,v 1.32 2024/08/19 09:26:58 kettenis Exp $ */ +/* $OpenBSD: ihidev.c,v 1.33 2024/10/18 12:53:49 tobhe Exp $ */ /* * HID-over-i2c driver * @@ -67,6 +67,7 @@ int ihidev_activate(struct device *, int); int ihidev_hid_command(struct ihidev_softc *, int, void *); int ihidev_intr(void *); +int ihidev_poweron(struct ihidev_softc *); int ihidev_reset(struct ihidev_softc *); int ihidev_hid_desc_parse(struct ihidev_softc *); @@ -248,7 +249,7 @@ ihidev_activate(struct device *self, int act) sc->sc_dev.dv_xname); break; case DVACT_WAKEUP: - ihidev_reset(sc); + ihidev_poweron(sc); sc->sc_dying = 0; if (sc->sc_poll && timeout_initialized(&sc->sc_timer)) timeout_add(&sc->sc_timer, 2000); @@ -525,7 +526,7 @@ ihidev_hid_command(struct ihidev_softc *sc, int hidcmd, void *arg) } int -ihidev_reset(struct ihidev_softc *sc) +ihidev_poweron(struct ihidev_softc *sc) { DPRINTF(("%s: resetting\n", sc->sc_dev.dv_xname)); @@ -536,6 +537,16 @@ ihidev_reset(struct ihidev_softc *sc) ihidev_sleep(sc, 100); + return 0; +} + + +int +ihidev_reset(struct ihidev_softc *sc) +{ + if (ihidev_poweron(sc)) + return (1); + if (ihidev_hid_command(sc, I2C_HID_CMD_RESET, 0)) { printf("%s: failed to reset hardware\n", sc->sc_dev.dv_xname); @@ -784,7 +795,7 @@ ihidev_open(struct ihidev *scd) return (0); /* power on */ - ihidev_reset(sc); + ihidev_poweron(sc); if (sc->sc_poll) { if (!timeout_initialized(&sc->sc_timer)) diff --git a/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c b/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c index a7a6f6c5c..c2efe18ce 100644 --- a/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c +++ b/sys/dev/pci/drm/amd/display/dc/core/amdgpu_dc.c @@ -1691,7 +1691,7 @@ bool dc_validate_boot_timing(const struct dc *dc, if (crtc_timing->pix_clk_100hz != pix_clk_100hz) return false; - if (!se->funcs->dp_get_pixel_format) + if (!se || !se->funcs->dp_get_pixel_format) return false; if (!se->funcs->dp_get_pixel_format( diff --git a/sys/dev/pci/drm/amd/display/modules/hdcp/hdcp1_execution.c b/sys/dev/pci/drm/amd/display/modules/hdcp/hdcp1_execution.c index 93c045576..cee5e9e64 100644 --- a/sys/dev/pci/drm/amd/display/modules/hdcp/hdcp1_execution.c +++ b/sys/dev/pci/drm/amd/display/modules/hdcp/hdcp1_execution.c @@ -432,21 +432,18 @@ static enum mod_hdcp_status authenticated_dp(struct mod_hdcp *hdcp, goto out; } - if (status == MOD_HDCP_STATUS_SUCCESS) - if (!mod_hdcp_execute_and_set(mod_hdcp_read_bstatus, - &input->bstatus_read, &status, - hdcp, "bstatus_read")) - goto out; - if (status == MOD_HDCP_STATUS_SUCCESS) - if (!mod_hdcp_execute_and_set(check_link_integrity_dp, - &input->link_integrity_check, &status, - hdcp, "link_integrity_check")) - goto out; - if (status == MOD_HDCP_STATUS_SUCCESS) - if (!mod_hdcp_execute_and_set(check_no_reauthentication_request_dp, - &input->reauth_request_check, &status, - hdcp, "reauth_request_check")) - goto out; + mod_hdcp_execute_and_set(mod_hdcp_read_bstatus, + &input->bstatus_read, &status, + hdcp, "bstatus_read"); + + mod_hdcp_execute_and_set(check_link_integrity_dp, + &input->link_integrity_check, &status, + hdcp, "link_integrity_check"); + + mod_hdcp_execute_and_set(check_no_reauthentication_request_dp, + &input->reauth_request_check, &status, + hdcp, "reauth_request_check"); + out: return status; } diff --git a/sys/dev/pci/drm/drm_crtc.c b/sys/dev/pci/drm/drm_crtc.c index ee349e64a..6b9b4441d 100644 --- a/sys/dev/pci/drm/drm_crtc.c +++ b/sys/dev/pci/drm/drm_crtc.c @@ -904,6 +904,7 @@ out: connector_set = NULL; fb = NULL; mode = NULL; + num_connectors = 0; DRM_MODESET_LOCK_ALL_END(dev, ctx, ret); diff --git a/sys/dev/pci/drm/i915/display/intel_hdcp.c b/sys/dev/pci/drm/i915/display/intel_hdcp.c index 453d49ef7..242d3a0c1 100644 --- a/sys/dev/pci/drm/i915/display/intel_hdcp.c +++ b/sys/dev/pci/drm/i915/display/intel_hdcp.c @@ -1005,7 +1005,8 @@ static void intel_hdcp_update_value(struct intel_connector *connector, hdcp->value = value; if (update_property) { drm_connector_get(&connector->base); - queue_work(i915->unordered_wq, &hdcp->prop_work); + if (!queue_work(i915->unordered_wq, &hdcp->prop_work)) + drm_connector_put(&connector->base); } } @@ -2491,7 +2492,8 @@ void intel_hdcp_update_pipe(struct intel_atomic_state *state, mutex_lock(&hdcp->mutex); hdcp->value = DRM_MODE_CONTENT_PROTECTION_DESIRED; drm_connector_get(&connector->base); - queue_work(i915->unordered_wq, &hdcp->prop_work); + if (!queue_work(i915->unordered_wq, &hdcp->prop_work)) + drm_connector_put(&connector->base); mutex_unlock(&hdcp->mutex); } @@ -2508,7 +2510,9 @@ void intel_hdcp_update_pipe(struct intel_atomic_state *state, */ if (!desired_and_not_enabled && !content_protection_type_changed) { drm_connector_get(&connector->base); - queue_work(i915->unordered_wq, &hdcp->prop_work); + if (!queue_work(i915->unordered_wq, &hdcp->prop_work)) + drm_connector_put(&connector->base); + } } diff --git a/sys/dev/pci/pcidevs b/sys/dev/pci/pcidevs index a5ac0f4e1..9d38a16ff 100644 --- a/sys/dev/pci/pcidevs +++ b/sys/dev/pci/pcidevs @@ -1,4 +1,4 @@ -$OpenBSD: pcidevs,v 1.2090 2024/09/23 03:59:03 jsg Exp $ +$OpenBSD: pcidevs,v 1.2092 2024/10/17 08:22:34 dlg Exp $ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ /* @@ -1105,14 +1105,32 @@ product AMI MEGARAID428 0x9010 MegaRAID Series 428 product AMI MEGARAID434 0x9060 MegaRAID Series 434 /* Ampere Computing */ -product AMPERE EMAG_PCIE_1 0xe005 eMAG PCIE -product AMPERE EMAG_PCIE_2 0xe006 eMAG PCIE -product AMPERE EMAG_PCIE_3 0xe007 eMAG PCIE -product AMPERE EMAG_PCIE_4 0xe008 eMAG PCIE -product AMPERE EMAG_PCIE_5 0xe009 eMAG PCIE -product AMPERE EMAG_PCIE_6 0xe00a eMAG PCIE -product AMPERE EMAG_PCIE_7 0xe00b eMAG PCIE -product AMPERE EMAG_PCIE_8 0xe00c eMAG PCIE +product AMPERE EMAG_PCIE_1 0xe005 eMAG PCIe +product AMPERE EMAG_PCIE_2 0xe006 eMAG PCIe +product AMPERE EMAG_PCIE_3 0xe007 eMAG PCIe +product AMPERE EMAG_PCIE_4 0xe008 eMAG PCIe +product AMPERE EMAG_PCIE_5 0xe009 eMAG PCIe +product AMPERE EMAG_PCIE_6 0xe00a eMAG PCIe +product AMPERE EMAG_PCIE_7 0xe00b eMAG PCIe +product AMPERE EMAG_PCIE_8 0xe00c eMAG PCIe +product AMPERE ALTRA_PCIE_A 0xe100 Altra PCIe Root +product AMPERE ALTRA_PCIE_A0 0xe101 Altra PCIe +product AMPERE ALTRA_PCIE_A1 0xe102 Altra PCIe +product AMPERE ALTRA_PCIE_A2 0xe103 Altra PCIe +product AMPERE ALTRA_PCIE_A3 0xe104 Altra PCIe +product AMPERE ALTRA_PCIE_A4 0xe105 Altra PCIe +product AMPERE ALTRA_PCIE_A5 0xe106 Altra PCIe +product AMPERE ALTRA_PCIE_A6 0xe107 Altra PCIe +product AMPERE ALTRA_PCIE_A7 0xe108 Altra PCIe +product AMPERE ALTRA_PCIE_B 0xe110 Altra PCIe Root +product AMPERE ALTRA_PCIE_B0 0xe111 Altra PCIe +product AMPERE ALTRA_PCIE_B1 0xe112 Altra PCIe +product AMPERE ALTRA_PCIE_B2 0xe113 Altra PCIe +product AMPERE ALTRA_PCIE_B3 0xe114 Altra PCIe +product AMPERE ALTRA_PCIE_B4 0xe115 Altra PCIe +product AMPERE ALTRA_PCIE_B5 0xe116 Altra PCIe +product AMPERE ALTRA_PCIE_B6 0xe117 Altra PCIe +product AMPERE ALTRA_PCIE_B7 0xe118 Altra PCIe /* Antares Microsystems products */ product ANTARES TC9021 0x1021 TC9021 @@ -7411,6 +7429,7 @@ product JMICRON XD_2 0x2394 xD /* Kingston */ product KINGSTON A2000 0x2263 A2000 product KINGSTON KC3000 0x5013 KC3000 +product KINGSTON SNV2S 0x5017 SNV2S product KINGSTON NV2 0x5019 NV2 /* Kioxia */ diff --git a/sys/dev/pci/pcidevs.h b/sys/dev/pci/pcidevs.h index aa1cdad7b..28b56f64c 100644 --- a/sys/dev/pci/pcidevs.h +++ b/sys/dev/pci/pcidevs.h @@ -2,7 +2,7 @@ * THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT. * * generated from: - * OpenBSD: pcidevs,v 1.2090 2024/09/23 03:59:03 jsg Exp + * OpenBSD: pcidevs,v 1.2092 2024/10/17 08:22:34 dlg Exp */ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ @@ -1110,14 +1110,32 @@ #define PCI_PRODUCT_AMI_MEGARAID434 0x9060 /* MegaRAID Series 434 */ /* Ampere Computing */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_1 0xe005 /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_2 0xe006 /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_3 0xe007 /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_4 0xe008 /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_5 0xe009 /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_6 0xe00a /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_7 0xe00b /* eMAG PCIE */ -#define PCI_PRODUCT_AMPERE_EMAG_PCIE_8 0xe00c /* eMAG PCIE */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_1 0xe005 /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_2 0xe006 /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_3 0xe007 /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_4 0xe008 /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_5 0xe009 /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_6 0xe00a /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_7 0xe00b /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_EMAG_PCIE_8 0xe00c /* eMAG PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A 0xe100 /* Altra PCIe Root */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A0 0xe101 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A1 0xe102 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A2 0xe103 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A3 0xe104 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A4 0xe105 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A5 0xe106 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A6 0xe107 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_A7 0xe108 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B 0xe110 /* Altra PCIe Root */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B0 0xe111 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B1 0xe112 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B2 0xe113 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B3 0xe114 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B4 0xe115 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B5 0xe116 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B6 0xe117 /* Altra PCIe */ +#define PCI_PRODUCT_AMPERE_ALTRA_PCIE_B7 0xe118 /* Altra PCIe */ /* Antares Microsystems products */ #define PCI_PRODUCT_ANTARES_TC9021 0x1021 /* TC9021 */ @@ -7416,6 +7434,7 @@ /* Kingston */ #define PCI_PRODUCT_KINGSTON_A2000 0x2263 /* A2000 */ #define PCI_PRODUCT_KINGSTON_KC3000 0x5013 /* KC3000 */ +#define PCI_PRODUCT_KINGSTON_SNV2S 0x5017 /* SNV2S */ #define PCI_PRODUCT_KINGSTON_NV2 0x5019 /* NV2 */ /* Kioxia */ diff --git a/sys/dev/pci/pcidevs_data.h b/sys/dev/pci/pcidevs_data.h index 46ef4bbf3..0ed3cdb9b 100644 --- a/sys/dev/pci/pcidevs_data.h +++ b/sys/dev/pci/pcidevs_data.h @@ -2,7 +2,7 @@ * THIS FILE AUTOMATICALLY GENERATED. DO NOT EDIT. * * generated from: - * OpenBSD: pcidevs,v 1.2090 2024/09/23 03:59:03 jsg Exp + * OpenBSD: pcidevs,v 1.2092 2024/10/17 08:22:34 dlg Exp */ /* $NetBSD: pcidevs,v 1.30 1997/06/24 06:20:24 thorpej Exp $ */ @@ -2645,35 +2645,107 @@ static const struct pci_known_product pci_known_products[] = { }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_1, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_2, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_3, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_4, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_5, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_6, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_7, - "eMAG PCIE", + "eMAG PCIe", }, { PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_EMAG_PCIE_8, - "eMAG PCIE", + "eMAG PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A, + "Altra PCIe Root", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A0, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A1, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A2, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A3, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A4, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A5, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A6, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_A7, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B, + "Altra PCIe Root", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B0, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B1, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B2, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B3, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B4, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B5, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B6, + "Altra PCIe", + }, + { + PCI_VENDOR_AMPERE, PCI_PRODUCT_AMPERE_ALTRA_PCIE_B7, + "Altra PCIe", }, { PCI_VENDOR_ANTARES, PCI_PRODUCT_ANTARES_TC9021, @@ -26919,6 +26991,10 @@ static const struct pci_known_product pci_known_products[] = { PCI_VENDOR_KINGSTON, PCI_PRODUCT_KINGSTON_KC3000, "KC3000", }, + { + PCI_VENDOR_KINGSTON, PCI_PRODUCT_KINGSTON_SNV2S, + "SNV2S", + }, { PCI_VENDOR_KINGSTON, PCI_PRODUCT_KINGSTON_NV2, "NV2", diff --git a/sys/dev/pci/vga_pci_common.c b/sys/dev/pci/vga_pci_common.c index ef3f04338..6d6a3c7ee 100644 --- a/sys/dev/pci/vga_pci_common.c +++ b/sys/dev/pci/vga_pci_common.c @@ -1,3 +1,4 @@ +/* $OpenBSD: vga_pci_common.c,v 1.12 2024/10/17 15:52:30 miod Exp $ */ /* * Copyright (c) 2008 Owain G. Ainsworth * @@ -14,33 +15,16 @@ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. */ -#include "vga.h" -#if defined(__i386__) || defined(__amd64__) -#include "acpi.h" -#endif - +#ifdef RAMDISK_HOOKS #include -#include -#include - -#include #include #include -#include -#include -#include - -#include -#include -#include - #include #include #include -#ifdef RAMDISK_HOOKS static const struct pci_matchid aperture_blacklist[] = { /* server adapters found in mga200 drm driver */ { PCI_VENDOR_MATROX, PCI_PRODUCT_MATROX_G200E_SE }, diff --git a/sys/isofs/cd9660/cd9660_vnops.c b/sys/isofs/cd9660/cd9660_vnops.c index 2444a385e..c157ccfc7 100644 --- a/sys/isofs/cd9660/cd9660_vnops.c +++ b/sys/isofs/cd9660/cd9660_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cd9660_vnops.c,v 1.96 2024/09/12 09:04:51 claudio Exp $ */ +/* $OpenBSD: cd9660_vnops.c,v 1.97 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: cd9660_vnops.c,v 1.42 1997/10/16 23:56:57 christos Exp $ */ /*- @@ -743,7 +743,9 @@ cd9660_strategy(void *v) int cd9660_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) printf("tag VT_ISOFS, isofs vnode\n"); +#endif return (0); } diff --git a/sys/isofs/udf/udf_vnops.c b/sys/isofs/udf/udf_vnops.c index 7b847f1c3..904422a2a 100644 --- a/sys/isofs/udf/udf_vnops.c +++ b/sys/isofs/udf/udf_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: udf_vnops.c,v 1.74 2024/09/20 02:00:46 jsg Exp $ */ +/* $OpenBSD: udf_vnops.c,v 1.75 2024/10/18 05:52:32 miod Exp $ */ /* * Copyright (c) 2001, 2002 Scott Long @@ -944,6 +944,7 @@ udf_islocked(void *v) int udf_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct vnode *vp = ap->a_vp; struct unode *up = VTOU(vp); @@ -954,6 +955,7 @@ udf_print(void *v) printf("tag VT_UDF, hash id %u\n", up->u_ino); #ifdef DIAGNOSTIC printf("\n"); +#endif #endif return (0); } diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c index 595fed1e2..4db30445e 100644 --- a/sys/kern/kern_sig.c +++ b/sys/kern/kern_sig.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_sig.c,v 1.342 2024/10/15 13:49:26 claudio Exp $ */ +/* $OpenBSD: kern_sig.c,v 1.343 2024/10/17 09:11:35 claudio Exp $ */ /* $NetBSD: kern_sig.c,v 1.54 1996/04/22 01:38:32 christos Exp $ */ /* @@ -1302,14 +1302,14 @@ setsigctx(struct proc *p, int signum, struct sigctx *sctx) * they aren't returned. This is checked after each entry to the system for * a syscall or trap. The normal call sequence is * - * while (signum = cursig(curproc, &ctx)) + * while (signum = cursig(curproc, &ctx, 0)) * postsig(signum, &ctx); * * Assumes that if the P_SINTR flag is set, we're holding both the * kernel and scheduler locks. */ int -cursig(struct proc *p, struct sigctx *sctx) +cursig(struct proc *p, struct sigctx *sctx, int deep) { struct process *pr = p->p_p; int signum, mask, prop; @@ -1344,6 +1344,15 @@ cursig(struct proc *p, struct sigctx *sctx) if (sctx->sig_ignore && (pr->ps_flags & PS_TRACED) == 0) continue; + /* + * If cursig is called while going to sleep, abort now + * and stop the sleep. When the call unwinded to userret + * cursig is called again and there the signal can be + * handled cleanly. + */ + if (deep) + goto keep; + /* * If traced, always stop, and stay stopped until released * by the debugger. If our parent process is waiting for @@ -1915,7 +1924,7 @@ sys___thrsigdivert(struct proc *p, void *v, register_t *retval) dosigsuspend(p, p->p_sigmask &~ mask); for (;;) { - si.si_signo = cursig(p, &ctx); + si.si_signo = cursig(p, &ctx, 0); if (si.si_signo != 0) { sigset_t smask = sigmask(si.si_signo); if (smask & mask) { @@ -2006,7 +2015,7 @@ userret(struct proc *p) } if (SIGPENDING(p) != 0) { - while ((signum = cursig(p, &ctx)) != 0) + while ((signum = cursig(p, &ctx, 0)) != 0) postsig(p, signum, &ctx); } @@ -2020,7 +2029,7 @@ userret(struct proc *p) p->p_sigmask = p->p_oldmask; atomic_clearbits_int(&p->p_flag, P_SIGSUSPEND); - while ((signum = cursig(p, &ctx)) != 0) + while ((signum = cursig(p, &ctx, 0)) != 0) postsig(p, signum, &ctx); } diff --git a/sys/kern/kern_synch.c b/sys/kern/kern_synch.c index cbbb473df..dda123c1d 100644 --- a/sys/kern/kern_synch.c +++ b/sys/kern/kern_synch.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kern_synch.c,v 1.206 2024/07/23 08:38:02 claudio Exp $ */ +/* $OpenBSD: kern_synch.c,v 1.207 2024/10/17 09:11:35 claudio Exp $ */ /* $NetBSD: kern_synch.c,v 1.37 1996/04/22 01:38:37 christos Exp $ */ /* @@ -458,7 +458,7 @@ sleep_signal_check(struct proc *p) if ((err = single_thread_check(p, 1)) != 0) return err; - if ((sig = cursig(p, &ctx)) != 0) { + if ((sig = cursig(p, &ctx, 1)) != 0) { if (ctx.sig_intr) return EINTR; else diff --git a/sys/kern/spec_vnops.c b/sys/kern/spec_vnops.c index 48a06164b..d24cf4edd 100644 --- a/sys/kern/spec_vnops.c +++ b/sys/kern/spec_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spec_vnops.c,v 1.112 2024/02/03 18:51:58 beck Exp $ */ +/* $OpenBSD: spec_vnops.c,v 1.113 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: spec_vnops.c,v 1.29 1996/04/22 01:42:38 christos Exp $ */ /* @@ -608,10 +608,12 @@ spec_access(void *v) int spec_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; printf("tag VT_NON, dev %d, %d\n", major(ap->a_vp->v_rdev), minor(ap->a_vp->v_rdev)); +#endif return 0; } diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index 201fcac8c..a7554d54c 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_subr.c,v 1.322 2024/07/13 14:37:55 beck Exp $ */ +/* $OpenBSD: vfs_subr.c,v 1.324 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: vfs_subr.c,v 1.53 1996/04/22 01:39:13 christos Exp $ */ /* @@ -246,10 +246,7 @@ vfs_unbusy(struct mount *mp) int vfs_isbusy(struct mount *mp) { - if (RWLOCK_OWNER(&mp->mnt_lock) > 0) - return (1); - else - return (0); + return (rw_status(&mp->mnt_lock) != 0); } /* @@ -982,7 +979,7 @@ vflush_vnode(struct vnode *vp, void *arg) if (empty) return (0); -#ifdef DEBUG_SYSCTL +#if defined(DEBUG_SYSCTL) && (defined(DEBUG) || defined(DIAGNOSTIC)) if (busyprt) vprint("vflush: busy vnode", vp); #endif diff --git a/sys/kern/vfs_sync.c b/sys/kern/vfs_sync.c index a97a5b49f..b487ea342 100644 --- a/sys/kern/vfs_sync.c +++ b/sys/kern/vfs_sync.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_sync.c,v 1.72 2024/05/13 11:17:40 semarie Exp $ */ +/* $OpenBSD: vfs_sync.c,v 1.73 2024/10/18 05:52:32 miod Exp $ */ /* * Portions of this code are: @@ -363,7 +363,9 @@ sync_inactive(void *v) int sync_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) printf("syncer vnode\n"); +#endif return (0); } diff --git a/sys/kern/vfs_vops.c b/sys/kern/vfs_vops.c index a7f181f5b..3447bd26c 100644 --- a/sys/kern/vfs_vops.c +++ b/sys/kern/vfs_vops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vfs_vops.c,v 1.36 2024/05/13 11:17:40 semarie Exp $ */ +/* $OpenBSD: vfs_vops.c,v 1.37 2024/10/18 05:52:32 miod Exp $ */ /* * Copyright (c) 2010 Thordur I. Bjornsson * @@ -555,6 +555,7 @@ VOP_BMAP(struct vnode *vp, daddr_t bn, struct vnode **vpp, return ((vp->v_op->vop_bmap)(&a)); } +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) int VOP_PRINT(struct vnode *vp) { @@ -566,6 +567,7 @@ VOP_PRINT(struct vnode *vp) return ((vp->v_op->vop_print)(&a)); } +#endif int VOP_PATHCONF(struct vnode *vp, int name, register_t *retval) diff --git a/sys/miscfs/deadfs/dead_vnops.c b/sys/miscfs/deadfs/dead_vnops.c index 9711f1618..26a1a58f1 100644 --- a/sys/miscfs/deadfs/dead_vnops.c +++ b/sys/miscfs/deadfs/dead_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: dead_vnops.c,v 1.42 2023/03/08 04:43:08 guenther Exp $ */ +/* $OpenBSD: dead_vnops.c,v 1.43 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: dead_vnops.c,v 1.16 1996/02/13 13:12:48 mycroft Exp $ */ /* @@ -233,7 +233,9 @@ dead_bmap(void *v) int dead_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) printf("tag VT_NON, dead vnode\n"); +#endif return 0; } diff --git a/sys/miscfs/fifofs/fifo_vnops.c b/sys/miscfs/fifofs/fifo_vnops.c index a381fc454..e71585865 100644 --- a/sys/miscfs/fifofs/fifo_vnops.c +++ b/sys/miscfs/fifofs/fifo_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fifo_vnops.c,v 1.107 2024/07/12 17:20:18 mvs Exp $ */ +/* $OpenBSD: fifo_vnops.c,v 1.108 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: fifo_vnops.c,v 1.18 1996/03/16 23:52:42 christos Exp $ */ /* @@ -397,14 +397,17 @@ fifo_reclaim(void *v) int fifo_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; printf("tag VT_NON"); fifo_printinfo(ap->a_vp); printf("\n"); +#endif return 0; } +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) /* * Print out internal contents of a fifo vnode. */ @@ -416,6 +419,7 @@ fifo_printinfo(struct vnode *vp) printf(", fifo with %ld readers and %ld writers", fip->fi_readers, fip->fi_writers); } +#endif /* * Return POSIX pathconf information applicable to fifo's. diff --git a/sys/miscfs/fuse/fuse_vnops.c b/sys/miscfs/fuse/fuse_vnops.c index ea2962ee5..1ed9b8db1 100644 --- a/sys/miscfs/fuse/fuse_vnops.c +++ b/sys/miscfs/fuse/fuse_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fuse_vnops.c,v 1.70 2024/09/12 09:10:46 claudio Exp $ */ +/* $OpenBSD: fuse_vnops.c,v 1.71 2024/10/18 05:52:32 miod Exp $ */ /* * Copyright (c) 2012-2013 Sylvestre Gallon * @@ -990,6 +990,7 @@ fusefs_reclaim(void *v) int fusefs_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct vnode *vp = ap->a_vp; struct fusefs_node *ip = VTOI(vp); @@ -997,6 +998,7 @@ fusefs_print(void *v) /* Complete the information given by vprint(). */ printf("tag VT_FUSE, hash id %u ", ip->ufs_ino.i_number); printf("\n"); +#endif return (0); } diff --git a/sys/msdosfs/msdosfs_vfsops.c b/sys/msdosfs/msdosfs_vfsops.c index 5b27bb778..c876319e3 100644 --- a/sys/msdosfs/msdosfs_vfsops.c +++ b/sys/msdosfs/msdosfs_vfsops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msdosfs_vfsops.c,v 1.97 2023/07/17 09:41:20 semarie Exp $ */ +/* $OpenBSD: msdosfs_vfsops.c,v 1.98 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: msdosfs_vfsops.c,v 1.48 1997/10/18 02:54:57 briggs Exp $ */ /*- @@ -577,7 +577,7 @@ msdosfs_unmount(struct mount *mp, int mntflags,struct proc *p) pmp = VFSTOMSDOSFS(mp); pmp->pm_devvp->v_specmountpoint = NULL; vp = pmp->pm_devvp; -#ifdef MSDOSFS_DEBUG +#if defined(MSDOSFS_DEBUG) && (defined(DEBUG) || defined(DIAGNOSTIC)) vprint("msdosfs_umount(): just before calling VOP_CLOSE()\n", vp); #endif vn_lock(vp, LK_EXCLUSIVE | LK_RETRY); diff --git a/sys/msdosfs/msdosfs_vnops.c b/sys/msdosfs/msdosfs_vnops.c index 5e4373c07..54605addf 100644 --- a/sys/msdosfs/msdosfs_vnops.c +++ b/sys/msdosfs/msdosfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: msdosfs_vnops.c,v 1.142 2024/09/04 07:54:52 mglocker Exp $ */ +/* $OpenBSD: msdosfs_vnops.c,v 1.143 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: msdosfs_vnops.c,v 1.63 1997/10/17 11:24:19 ws Exp $ */ /*- @@ -1802,6 +1802,7 @@ msdosfs_strategy(void *v) int msdosfs_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct denode *dep = VTODE(ap->a_vp); @@ -1813,6 +1814,7 @@ msdosfs_print(void *v) VOP_ISLOCKED(ap->a_vp) ? "(LOCKED)" : ""); #ifdef DIAGNOSTIC printf("\n"); +#endif #endif return (0); diff --git a/sys/net/if.c b/sys/net/if.c index 75247d5ac..bfbac8c43 100644 --- a/sys/net/if.c +++ b/sys/net/if.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if.c,v 1.720 2024/07/14 18:53:39 bluhm Exp $ */ +/* $OpenBSD: if.c,v 1.721 2024/10/17 05:02:12 jsg Exp $ */ /* $NetBSD: if.c,v 1.35 1996/05/07 05:26:04 thorpej Exp $ */ /* @@ -66,10 +66,8 @@ #include "carp.h" #include "ether.h" #include "pf.h" -#include "pfsync.h" #include "ppp.h" #include "pppoe.h" -#include "if_wg.h" #include #include diff --git a/sys/netinet6/nd6.h b/sys/netinet6/nd6.h index b65fad009..dd5b08a13 100644 --- a/sys/netinet6/nd6.h +++ b/sys/netinet6/nd6.h @@ -1,4 +1,4 @@ -/* $OpenBSD: nd6.h,v 1.100 2024/07/14 18:53:39 bluhm Exp $ */ +/* $OpenBSD: nd6.h,v 1.101 2024/10/17 05:37:54 jsg Exp $ */ /* $KAME: nd6.h,v 1.95 2002/06/08 11:31:06 itojun Exp $ */ /* @@ -33,8 +33,6 @@ #ifndef _NETINET6_ND6_H_ #define _NETINET6_ND6_H_ -#include - #define ND6_LLINFO_PURGE -3 #define ND6_LLINFO_NOSTATE -2 #define ND6_LLINFO_INCOMPLETE 0 diff --git a/sys/nfs/nfs_vnops.c b/sys/nfs/nfs_vnops.c index 01476828a..c141205a2 100644 --- a/sys/nfs/nfs_vnops.c +++ b/sys/nfs/nfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: nfs_vnops.c,v 1.204 2024/09/18 05:21:19 jsg Exp $ */ +/* $OpenBSD: nfs_vnops.c,v 1.205 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: nfs_vnops.c,v 1.62.4.1 1996/07/08 20:26:52 jtc Exp $ */ /* @@ -3287,6 +3287,7 @@ nfs_advlock(void *v) int nfs_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct vnode *vp = ap->a_vp; struct nfsnode *np = VTONFS(vp); @@ -3298,6 +3299,7 @@ nfs_print(void *v) fifo_printinfo(vp); #endif printf("\n"); +#endif return (0); } diff --git a/sys/ntfs/ntfs_vnops.c b/sys/ntfs/ntfs_vnops.c index a0a39ab19..47399c08d 100644 --- a/sys/ntfs/ntfs_vnops.c +++ b/sys/ntfs/ntfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ntfs_vnops.c,v 1.50 2024/09/12 09:04:51 claudio Exp $ */ +/* $OpenBSD: ntfs_vnops.c,v 1.51 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: ntfs_vnops.c,v 1.6 2003/04/10 21:57:26 jdolecek Exp $ */ /* @@ -234,11 +234,13 @@ ntfs_reclaim(void *v) int ntfs_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct ntnode *ip = VTONT(ap->a_vp); printf("tag VT_NTFS, ino %u, flag %#x, usecount %d, nlink %ld\n", ip->i_number, ip->i_flag, ip->i_usecount, ip->i_nlink); +#endif return (0); } diff --git a/sys/sys/signalvar.h b/sys/sys/signalvar.h index a8c6168f7..c207cff21 100644 --- a/sys/sys/signalvar.h +++ b/sys/sys/signalvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: signalvar.h,v 1.55 2024/10/09 08:39:49 claudio Exp $ */ +/* $OpenBSD: signalvar.h,v 1.56 2024/10/17 09:11:35 claudio Exp $ */ /* $NetBSD: signalvar.h,v 1.17 1996/04/22 01:23:31 christos Exp $ */ /* @@ -109,7 +109,7 @@ struct sigctx { */ int coredump(struct proc *p); void execsigs(struct proc *p); -int cursig(struct proc *p, struct sigctx *); +int cursig(struct proc *p, struct sigctx *, int); void pgsigio(struct sigio_ref *sir, int sig, int checkctty); void pgsignal(struct pgrp *pgrp, int sig, int checkctty); void psignal(struct proc *p, int sig); diff --git a/sys/tmpfs/tmpfs_vnops.c b/sys/tmpfs/tmpfs_vnops.c index bed42030e..3ee7d59c8 100644 --- a/sys/tmpfs/tmpfs_vnops.c +++ b/sys/tmpfs/tmpfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tmpfs_vnops.c,v 1.55 2024/05/13 11:17:41 semarie Exp $ */ +/* $OpenBSD: tmpfs_vnops.c,v 1.56 2024/10/18 05:52:32 miod Exp $ */ /* $NetBSD: tmpfs_vnops.c,v 1.100 2012/11/05 17:27:39 dholland Exp $ */ /* @@ -1126,6 +1126,7 @@ tmpfs_advlock(void *v) int tmpfs_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args /* { struct vnode *a_vp; } */ *ap = v; @@ -1141,6 +1142,7 @@ tmpfs_print(void *v) fifo_printinfo(vp); #endif printf("\n"); +#endif return 0; } diff --git a/sys/ufs/mfs/mfs_vfsops.c b/sys/ufs/mfs/mfs_vfsops.c index ecdad0566..fcc6f7669 100644 --- a/sys/ufs/mfs/mfs_vfsops.c +++ b/sys/ufs/mfs/mfs_vfsops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mfs_vfsops.c,v 1.62 2022/02/14 11:26:05 claudio Exp $ */ +/* $OpenBSD: mfs_vfsops.c,v 1.63 2024/10/17 09:11:35 claudio Exp $ */ /* $NetBSD: mfs_vfsops.c,v 1.10 1996/02/09 22:31:28 christos Exp $ */ /* @@ -189,7 +189,7 @@ mfs_start(struct mount *mp, int flags, struct proc *p) * EINTR/ERESTART. */ if (sleepreturn != 0) { - sig = cursig(p, &ctx); + sig = cursig(p, &ctx, 0); if (vfs_busy(mp, VB_WRITE|VB_NOWAIT) || dounmount(mp, (sig == SIGKILL) ? MNT_FORCE : 0, p)) atomic_clearbits_int(&p->p_siglist, diff --git a/sys/ufs/mfs/mfs_vnops.c b/sys/ufs/mfs/mfs_vnops.c index f238af203..cd724eb59 100644 --- a/sys/ufs/mfs/mfs_vnops.c +++ b/sys/ufs/mfs/mfs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: mfs_vnops.c,v 1.61 2024/04/16 10:04:41 claudio Exp $ */ +/* $OpenBSD: mfs_vnops.c,v 1.62 2024/10/18 05:52:33 miod Exp $ */ /* $NetBSD: mfs_vnops.c,v 1.8 1996/03/17 02:16:32 christos Exp $ */ /* @@ -252,10 +252,12 @@ mfs_reclaim(void *v) int mfs_print(void *v) { +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct mfsnode *mfsp = VTOMFS(ap->a_vp); printf("tag VT_MFS, tid %d, base %p, size %ld\n", mfsp->mfs_tid, mfsp->mfs_baseoff, mfsp->mfs_size); +#endif return (0); } diff --git a/sys/ufs/ufs/ufs_vnops.c b/sys/ufs/ufs/ufs_vnops.c index 41fc585d0..1fa39aea5 100644 --- a/sys/ufs/ufs/ufs_vnops.c +++ b/sys/ufs/ufs/ufs_vnops.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ufs_vnops.c,v 1.163 2024/09/12 09:04:51 claudio Exp $ */ +/* $OpenBSD: ufs_vnops.c,v 1.164 2024/10/18 05:52:33 miod Exp $ */ /* $NetBSD: ufs_vnops.c,v 1.18 1996/05/11 18:28:04 mycroft Exp $ */ /* @@ -1521,7 +1521,7 @@ ufs_strategy(void *v) int ufs_print(void *v) { -#ifdef DIAGNOSTIC +#if defined(DEBUG) || defined(DIAGNOSTIC) || defined(VFSLCKDEBUG) struct vop_print_args *ap = v; struct vnode *vp = ap->a_vp; @@ -1539,8 +1539,7 @@ ufs_print(void *v) fifo_printinfo(vp); #endif /* FIFO */ printf("\n"); - -#endif /* DIAGNOSTIC */ +#endif return (0); } diff --git a/usr.bin/ssh/addr.c b/usr.bin/ssh/addr.c index e83c1cfc2..9ed122aaa 100644 --- a/usr.bin/ssh/addr.c +++ b/usr.bin/ssh/addr.c @@ -1,4 +1,4 @@ -/* $OpenBSD: addr.c,v 1.8 2024/04/02 09:29:31 deraadt Exp $ */ +/* $OpenBSD: addr.c,v 1.9 2024/10/18 04:30:09 djm Exp $ */ /* * Copyright (c) 2004-2008 Damien Miller @@ -31,7 +31,7 @@ #define _SA(x) ((struct sockaddr *)(x)) -int +static int addr_unicast_masklen(int af) { switch (af) { @@ -57,7 +57,7 @@ masklen_valid(int af, u_int masklen) } } -int +static int addr_xaddr_to_sa(const struct xaddr *xa, struct sockaddr *sa, socklen_t *len, u_int16_t port) { @@ -134,7 +134,7 @@ addr_sa_to_xaddr(struct sockaddr *sa, socklen_t slen, struct xaddr *xa) return 0; } -int +static int addr_invert(struct xaddr *n) { int i; @@ -189,7 +189,7 @@ addr_netmask(int af, u_int l, struct xaddr *n) } } -int +static int addr_hostmask(int af, u_int l, struct xaddr *n) { if (addr_netmask(af, l, n) == -1 || addr_invert(n) == -1) @@ -224,7 +224,7 @@ addr_and(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b) } } -int +static int addr_or(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b) { int i; @@ -279,7 +279,7 @@ addr_cmp(const struct xaddr *a, const struct xaddr *b) } } -int +static int addr_is_all0s(const struct xaddr *a) { int i; @@ -326,7 +326,7 @@ addr_increment(struct xaddr *a) * Returns 0 if host portion of address is all-zeros, * -1 if not all zeros or on failure. */ -int +static int addr_host_is_all0s(const struct xaddr *a, u_int masklen) { struct xaddr tmp_addr, tmp_mask, tmp_result; @@ -340,7 +340,7 @@ addr_host_is_all0s(const struct xaddr *a, u_int masklen) } #if 0 -int +static int addr_host_to_all0s(struct xaddr *a, u_int masklen) { struct xaddr tmp_mask; @@ -398,7 +398,8 @@ addr_pton(const char *p, struct xaddr *n) return 0; } -int +#if 0 +static int addr_sa_pton(const char *h, const char *s, struct sockaddr *sa, socklen_t slen) { struct addrinfo hints, *ai; @@ -428,6 +429,7 @@ addr_sa_pton(const char *h, const char *s, struct sockaddr *sa, socklen_t slen) freeaddrinfo(ai); return 0; } +#endif int addr_ntop(const struct xaddr *n, char *p, size_t len) diff --git a/usr.bin/ssh/addr.h b/usr.bin/ssh/addr.h index 180e9fdc6..29438dfec 100644 --- a/usr.bin/ssh/addr.h +++ b/usr.bin/ssh/addr.h @@ -39,24 +39,13 @@ struct xaddr { #define addr32 xa.addr32 }; -int addr_unicast_masklen(int af); -int addr_xaddr_to_sa(const struct xaddr *xa, struct sockaddr *sa, - socklen_t *len, u_int16_t port); int addr_sa_to_xaddr(struct sockaddr *sa, socklen_t slen, struct xaddr *xa); int addr_netmask(int af, u_int l, struct xaddr *n); -int addr_hostmask(int af, u_int l, struct xaddr *n); -int addr_invert(struct xaddr *n); int addr_pton(const char *p, struct xaddr *n); -int addr_sa_pton(const char *h, const char *s, struct sockaddr *sa, - socklen_t slen); int addr_pton_cidr(const char *p, struct xaddr *n, u_int *l); int addr_ntop(const struct xaddr *n, char *p, size_t len); int addr_and(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b); -int addr_or(struct xaddr *dst, const struct xaddr *a, const struct xaddr *b); int addr_cmp(const struct xaddr *a, const struct xaddr *b); -int addr_is_all0s(const struct xaddr *n); -int addr_host_is_all0s(const struct xaddr *n, u_int masklen); -int addr_host_to_all0s(struct xaddr *a, u_int masklen); int addr_host_to_all1s(struct xaddr *a, u_int masklen); int addr_netmatch(const struct xaddr *host, const struct xaddr *net, u_int masklen); diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c index e384ccca6..8806c1577 100644 --- a/usr.bin/ssh/ssh-keygen.c +++ b/usr.bin/ssh/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.475 2024/09/15 00:47:01 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.476 2024/10/18 05:37:24 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -3005,7 +3005,9 @@ do_moduli_gen(const char *out_file, char **opts, size_t nopts) } } - if ((out = fopen(out_file, "w")) == NULL) { + if (strcmp(out_file, "-") == 0) + out = stdout; + else if ((out = fopen(out_file, "w")) == NULL) { fatal("Couldn't open modulus candidate file \"%s\": %s", out_file, strerror(errno)); } @@ -3070,7 +3072,9 @@ do_moduli_screen(const char *out_file, char **opts, size_t nopts) } } - if ((out = fopen(out_file, "a")) == NULL) { + if (strcmp(out_file, "-") == 0) + out = stdout; + else if ((out = fopen(out_file, "a")) == NULL) { fatal("Couldn't open moduli file \"%s\": %s", out_file, strerror(errno)); } diff --git a/usr.bin/ssh/ssh-keyscan.c b/usr.bin/ssh/ssh-keyscan.c index 76e8c12ae..e1579b63c 100644 --- a/usr.bin/ssh/ssh-keyscan.c +++ b/usr.bin/ssh/ssh-keyscan.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keyscan.c,v 1.162 2024/09/20 02:00:46 jsg Exp $ */ +/* $OpenBSD: ssh-keyscan.c,v 1.164 2024/10/18 05:32:51 djm Exp $ */ /* * Copyright 1995, 1996 by David Mazieres . * @@ -562,7 +562,7 @@ conloop(void) for (i = 0; i < maxfd; i++) { if (read_wait[i].revents & (POLLHUP|POLLERR|POLLNVAL)) confree(i); - else if (read_wait[i].revents & (POLLIN|POLLHUP)) + else if (read_wait[i].revents & (POLLIN)) conread(i); } @@ -628,18 +628,6 @@ do_host(char *host) } } -void -sshfatal(const char *file, const char *func, int line, int showfunc, - LogLevel level, const char *suffix, const char *fmt, ...) -{ - va_list args; - - va_start(args, fmt); - sshlogv(file, func, line, showfunc, level, suffix, fmt, args); - va_end(args); - cleanup_exit(255); -} - static void usage(void) { diff --git a/usr.bin/ssh/ssh-keyscan/Makefile b/usr.bin/ssh/ssh-keyscan/Makefile index 28e5fba2b..49981aace 100644 --- a/usr.bin/ssh/ssh-keyscan/Makefile +++ b/usr.bin/ssh/ssh-keyscan/Makefile @@ -1,9 +1,9 @@ -# $OpenBSD: Makefile,v 1.16 2020/01/23 10:24:30 dtucker Exp $ +# $OpenBSD: Makefile,v 1.17 2024/10/18 05:32:51 djm Exp $ .PATH: ${.CURDIR}/.. SRCS= ssh-keyscan.c -SRCS+= atomicio.c cleanup.c compat.c hostfile.c ssh_api.c dns.c +SRCS+= atomicio.c cleanup.c compat.c hostfile.c ssh_api.c dns.c fatal.c SRCS+= ${SRCS_BASE} ${SRCS_KEX} ${SRCS_KEXC} ${SRCS_KEXS} ${SRCS_KEY} \ ${SRCS_PKT} ${SRCS_UTL} ${SRCS_SK_CLIENT} PROG= ssh-keyscan diff --git a/usr.bin/ssh/ssh.c b/usr.bin/ssh/ssh.c index 65fb522d5..74a68e31b 100644 --- a/usr.bin/ssh/ssh.c +++ b/usr.bin/ssh/ssh.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh.c,v 1.600 2024/01/11 01:45:36 djm Exp $ */ +/* $OpenBSD: ssh.c,v 1.601 2024/10/18 05:03:34 djm Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -939,7 +939,7 @@ main(int ac, char **av) options.log_level = SYSLOG_LEVEL_QUIET; break; case 'e': - if (optarg[0] == '^' && optarg[2] == 0 && + if (strlen(optarg) == 2 && optarg[0] == '^' && (u_char) optarg[1] >= 64 && (u_char) optarg[1] < 128) options.escape_char = (u_char) optarg[1] & 31; diff --git a/usr.bin/ssh/ssh_api.c b/usr.bin/ssh/ssh_api.c index 1a83880de..fd02d706b 100644 --- a/usr.bin/ssh/ssh_api.c +++ b/usr.bin/ssh/ssh_api.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh_api.c,v 1.31 2024/09/09 02:39:57 djm Exp $ */ +/* $OpenBSD: ssh_api.c,v 1.32 2024/10/18 05:14:51 djm Exp $ */ /* * Copyright (c) 2012 Markus Friedl. All rights reserved. * @@ -526,7 +526,7 @@ _ssh_order_hostkeyalgs(struct ssh *ssh) char *orig, *avail, *oavail = NULL, *alg, *replace = NULL; char **proposal; size_t maxlen; - int ktype, r; + int ktype, nid, r; /* XXX we de-serialize ssh->kex->my, modify it, and change it */ if ((r = kex_buf2prop(ssh->kex->my, NULL, &proposal)) != 0) @@ -545,15 +545,20 @@ _ssh_order_hostkeyalgs(struct ssh *ssh) while ((alg = strsep(&avail, ",")) && *alg != '\0') { if ((ktype = sshkey_type_from_name(alg)) == KEY_UNSPEC) continue; + nid = sshkey_ecdsa_nid_from_name(alg); TAILQ_FOREACH(k, &ssh->public_keys, next) { - if (k->key->type == ktype || - (sshkey_is_cert(k->key) && k->key->type == - sshkey_type_plain(ktype))) { - if (*replace != '\0') - strlcat(replace, ",", maxlen); - strlcat(replace, alg, maxlen); - break; - } + if (k->key->type != ktype && + (!sshkey_is_cert(k->key) || + k->key->type != sshkey_type_plain(ktype))) + continue; + if (sshkey_type_plain(k->key->type) == KEY_ECDSA && + k->key->ecdsa_nid != nid) + continue; + /* Candidate */ + if (*replace != '\0') + strlcat(replace, ",", maxlen); + strlcat(replace, alg, maxlen); + break; } } if (*replace != '\0') { diff --git a/usr.bin/ssh/ssh_config.5 b/usr.bin/ssh/ssh_config.5 index 020651338..04b499178 100644 --- a/usr.bin/ssh/ssh_config.5 +++ b/usr.bin/ssh/ssh_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: ssh_config.5,v 1.403 2024/09/25 06:13:01 jmc Exp $ -.Dd $Mdocdate: September 25 2024 $ +.\" $OpenBSD: ssh_config.5,v 1.404 2024/10/18 05:53:26 djm Exp $ +.Dd $Mdocdate: October 18 2024 $ .Dt SSH_CONFIG 5 .Os .Sh NAME @@ -1345,9 +1345,11 @@ This directive is ignored unless .Cm PermitLocalCommand has been enabled. .It Cm LocalForward -Specifies that a TCP port on the local machine be forwarded over -the secure channel to the specified host and port from the remote machine. -The first argument specifies the listener and may be +Specifies that a TCP port or Unix-domain socket on the local machine +be forwarded over +the secure channel to the specified host and port (or Unix-domain socket) +from the remote machine. +For a TCP port, the first argument must be .Sm off .Oo Ar bind_address : Oc Ar port .Sm on @@ -1357,6 +1359,11 @@ The second argument is the destination and may be or a Unix domain socket path if the remote host supports it. .Pp IPv6 addresses can be specified by enclosing addresses in square brackets. +.Pp +If either argument contains a '/' in it, that argument will be +interpreted as a Unix-domain socket (on the corresponding host) rather +than a TCP port. +.Pp Multiple forwardings may be specified, and additional forwardings can be given on the command line. Only the superuser can forward privileged ports. @@ -1706,9 +1713,10 @@ accept the tokens described in the .Sx TOKENS section. .It Cm RemoteForward -Specifies that a TCP port on the remote machine be forwarded over -the secure channel. +Specifies that a TCP port or Unix-domain socket on the remote machine +be forwarded over the secure channel. The remote port may either be forwarded to a specified host and port +or Unix-domain socket from the local machine, or may act as a SOCKS 4/5 proxy that allows a remote client to connect to arbitrary destinations from the local machine. The first argument is the listening specification and may be @@ -1726,6 +1734,11 @@ restricted by .Cm PermitRemoteOpen . .Pp IPv6 addresses can be specified by enclosing addresses in square brackets. +.Pp +If either argument contains a '/' in it, that argument will be +interpreted as a Unix-domain socket (on the corresponding host) rather +than a TCP port. +.Pp Multiple forwardings may be specified, and additional forwardings can be given on the command line. Privileged ports can be forwarded only when diff --git a/usr.bin/ssh/sshconnect2.c b/usr.bin/ssh/sshconnect2.c index 5ad2ac4a7..994083359 100644 --- a/usr.bin/ssh/sshconnect2.c +++ b/usr.bin/ssh/sshconnect2.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshconnect2.c,v 1.375 2024/09/09 02:39:57 djm Exp $ */ +/* $OpenBSD: sshconnect2.c,v 1.376 2024/10/18 05:45:40 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * Copyright (c) 2008 Damien Miller. All rights reserved. @@ -1878,10 +1878,8 @@ userauth_pubkey(struct ssh *ssh) debug("Trying private key: %s", id->filename); id->key = load_identity_file(id); if (id->key != NULL) { - if (id->key != NULL) { - id->isprivate = 1; - sent = sign_and_send_pubkey(ssh, id); - } + id->isprivate = 1; + sent = sign_and_send_pubkey(ssh, id); sshkey_free(id->key); id->key = NULL; id->isprivate = 0; diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index 62e4266e9..e246f2fc1 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -33,8 +33,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.376 2024/10/14 23:53:34 naddy Exp $ -.Dd $Mdocdate: October 14 2024 $ +.\" $OpenBSD: sshd_config.5,v 1.377 2024/10/18 04:11:54 djm Exp $ +.Dd $Mdocdate: October 18 2024 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -251,7 +251,7 @@ If no arguments are specified then the username of the target user is used. .Pp The program should produce on standard output zero or more lines of authorized_keys output (see -.Sx AUTHORIZED_KEYS +.Cm AUTHORIZED_KEYS in .Xr sshd 8 ) . .Cm AuthorizedKeysCommand @@ -340,7 +340,7 @@ When using certificates signed by a key listed in this file lists names, one of which must appear in the certificate for it to be accepted for authentication. Names are listed one per line preceded by key options (as described in -.Sx AUTHORIZED_KEYS FILE FORMAT +.Cm AUTHORIZED_KEYS FILE FORMAT in .Xr sshd 8 ) . Empty lines and comments starting with diff --git a/usr.bin/tmux/menu.c b/usr.bin/tmux/menu.c index 10ad66469..d16e38144 100644 --- a/usr.bin/tmux/menu.c +++ b/usr.bin/tmux/menu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: menu.c,v 1.53 2024/08/21 04:17:09 nicm Exp $ */ +/* $OpenBSD: menu.c,v 1.54 2024/10/17 17:10:41 nicm Exp $ */ /* * Copyright (c) 2019 Nicholas Marriott @@ -453,7 +453,6 @@ menu_set_style(struct client *c, struct grid_cell *gc, const char *style, gc->bg = sytmp.gc.bg; } } - gc->attr = 0; } struct menu_data * diff --git a/usr.bin/tmux/tmux.1 b/usr.bin/tmux/tmux.1 index 99e4f0311..6e7aebfbe 100644 --- a/usr.bin/tmux/tmux.1 +++ b/usr.bin/tmux/tmux.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: tmux.1,v 1.965 2024/10/10 10:41:33 nicm Exp $ +.\" $OpenBSD: tmux.1,v 1.967 2024/10/17 17:22:01 nicm Exp $ .\" .\" Copyright (c) 2007 Nicholas Marriott .\" @@ -14,7 +14,7 @@ .\" IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING .\" OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: October 10 2024 $ +.Dd $Mdocdate: October 17 2024 $ .Dt TMUX 1 .Os .Sh NAME @@ -4476,21 +4476,18 @@ See the .Sx STYLES section on how to specify .Ar style . -Attributes are ignored. .It Ic menu-selected-style Ar style Set the selected menu item style. See the .Sx STYLES section on how to specify .Ar style . -Attributes are ignored. .It Ic menu-border-style Ar style Set the menu border style. See the .Sx STYLES section on how to specify .Ar style . -Attributes are ignored. .It Ic menu-border-lines Ar type Set the type of characters used for drawing menu borders. See @@ -5164,13 +5161,6 @@ visible before the application starts reappears unchanged after it exits. .It Ic cursor-colour Ar colour Set the colour of the cursor. .Pp -.It Ic pane-colours[] Ar colour -The default colour palette. -Each entry in the array defines the colour -.Nm -uses when the colour with that index is requested. -The index may be from zero to 255. -.Pp .It Ic cursor-style Ar style Set the style of the cursor. Available styles are: @@ -5182,6 +5172,13 @@ Available styles are: .Ic blinking-bar , .Ic bar . .Pp +.It Ic pane-colours[] Ar colour +The default colour palette. +Each entry in the array defines the colour +.Nm +uses when the colour with that index is requested. +The index may be from zero to 255. +.Pp .It Xo Ic remain-on-exit .Op Ic on | off | failed .Xc diff --git a/usr.bin/xinstall/xinstall.c b/usr.bin/xinstall/xinstall.c index 6183347f2..dccb178e5 100644 --- a/usr.bin/xinstall/xinstall.c +++ b/usr.bin/xinstall/xinstall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: xinstall.c,v 1.77 2022/12/04 23:50:50 cheloha Exp $ */ +/* $OpenBSD: xinstall.c,v 1.78 2024/10/17 15:38:38 millert Exp $ */ /* $NetBSD: xinstall.c,v 1.9 1995/12/20 10:25:17 jonathan Exp $ */ /* @@ -621,13 +621,19 @@ create_tempfile(char *path, char *temp, size_t tsize) { char *p; - strlcpy(temp, path, tsize); + if (strlcpy(temp, path, tsize) >= tsize) { + errno = ENAMETOOLONG; + return(-1); + } if ((p = strrchr(temp, '/')) != NULL) p++; else p = temp; *p = '\0'; - strlcat(p, "INS@XXXXXXXXXX", tsize); + if (strlcat(temp, "INS@XXXXXXXXXX", tsize) >= tsize) { + errno = ENAMETOOLONG; + return(-1); + } return(mkstemp(temp)); }