diff --git a/sbin/unwind/libunbound/util/data/msgencode.c b/sbin/unwind/libunbound/util/data/msgencode.c index 2cbc5fc5e..4c81f9102 100644 --- a/sbin/unwind/libunbound/util/data/msgencode.c +++ b/sbin/unwind/libunbound/util/data/msgencode.c @@ -62,6 +62,10 @@ #define RETVAL_TRUNC -4 /** return code that means all is peachy keen. Equal to DNS rcode NOERROR */ #define RETVAL_OK 0 +/** Max compressions we are willing to perform; more than that will result + * in semi-compressed messages, or truncated even on TCP for huge messages, to + * avoid locking the CPU for long */ +#define MAX_COMPRESSION_PER_MESSAGE 120 /** * Data structure to help domain name compression in outgoing messages. @@ -286,13 +290,15 @@ write_compressed_dname(sldns_buffer* pkt, uint8_t* dname, int labs, static int compress_owner(struct ub_packed_rrset_key* key, sldns_buffer* pkt, struct regional* region, struct compress_tree_node** tree, - size_t owner_pos, uint16_t* owner_ptr, int owner_labs) + size_t owner_pos, uint16_t* owner_ptr, int owner_labs, + size_t* compress_count) { struct compress_tree_node* p; struct compress_tree_node** insertpt = NULL; if(!*owner_ptr) { /* compress first time dname */ - if((p = compress_tree_lookup(tree, key->rk.dname, + if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && + (p = compress_tree_lookup(tree, key->rk.dname, owner_labs, &insertpt))) { if(p->labs == owner_labs) /* avoid ptr chains, since some software is @@ -301,6 +307,7 @@ compress_owner(struct ub_packed_rrset_key* key, sldns_buffer* pkt, if(!write_compressed_dname(pkt, key->rk.dname, owner_labs, p)) return RETVAL_TRUNC; + (*compress_count)++; /* check if typeclass+4 ttl + rdatalen is available */ if(sldns_buffer_remaining(pkt) < 4+4+2) return RETVAL_TRUNC; @@ -313,7 +320,8 @@ compress_owner(struct ub_packed_rrset_key* key, sldns_buffer* pkt, if(owner_pos <= PTR_MAX_OFFSET) *owner_ptr = htons(PTR_CREATE(owner_pos)); } - if(!compress_tree_store(key->rk.dname, owner_labs, + if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && + !compress_tree_store(key->rk.dname, owner_labs, owner_pos, region, p, insertpt)) return RETVAL_OUTMEM; } else { @@ -334,19 +342,23 @@ compress_owner(struct ub_packed_rrset_key* key, sldns_buffer* pkt, /** compress any domain name to the packet, return RETVAL_* */ static int compress_any_dname(uint8_t* dname, sldns_buffer* pkt, int labs, - struct regional* region, struct compress_tree_node** tree) + struct regional* region, struct compress_tree_node** tree, + size_t* compress_count) { struct compress_tree_node* p; struct compress_tree_node** insertpt = NULL; size_t pos = sldns_buffer_position(pkt); - if((p = compress_tree_lookup(tree, dname, labs, &insertpt))) { + if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && + (p = compress_tree_lookup(tree, dname, labs, &insertpt))) { if(!write_compressed_dname(pkt, dname, labs, p)) return RETVAL_TRUNC; + (*compress_count)++; } else { if(!dname_buffer_write(pkt, dname)) return RETVAL_TRUNC; } - if(!compress_tree_store(dname, labs, pos, region, p, insertpt)) + if(*compress_count < MAX_COMPRESSION_PER_MESSAGE && + !compress_tree_store(dname, labs, pos, region, p, insertpt)) return RETVAL_OUTMEM; return RETVAL_OK; } @@ -366,7 +378,7 @@ type_rdata_compressable(struct ub_packed_rrset_key* key) static int compress_rdata(sldns_buffer* pkt, uint8_t* rdata, size_t todolen, struct regional* region, struct compress_tree_node** tree, - const sldns_rr_descriptor* desc) + const sldns_rr_descriptor* desc, size_t* compress_count) { int labs, r, rdf = 0; size_t dname_len, len, pos = sldns_buffer_position(pkt); @@ -381,7 +393,7 @@ compress_rdata(sldns_buffer* pkt, uint8_t* rdata, size_t todolen, case LDNS_RDF_TYPE_DNAME: labs = dname_count_size_labels(rdata, &dname_len); if((r=compress_any_dname(rdata, pkt, labs, region, - tree)) != RETVAL_OK) + tree, compress_count)) != RETVAL_OK) return r; rdata += dname_len; todolen -= dname_len; @@ -449,7 +461,8 @@ static int packed_rrset_encode(struct ub_packed_rrset_key* key, sldns_buffer* pkt, uint16_t* num_rrs, time_t timenow, struct regional* region, int do_data, int do_sig, struct compress_tree_node** tree, - sldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset) + sldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset, + size_t* compress_count) { size_t i, j, owner_pos; int r, owner_labs; @@ -478,8 +491,8 @@ packed_rrset_encode(struct ub_packed_rrset_key* key, sldns_buffer* pkt, /* rrset roundrobin */ j = (i + rr_offset) % data->count; if((r=compress_owner(key, pkt, region, tree, - owner_pos, &owner_ptr, owner_labs)) - != RETVAL_OK) + owner_pos, &owner_ptr, owner_labs, + compress_count)) != RETVAL_OK) return r; sldns_buffer_write(pkt, &key->rk.type, 2); sldns_buffer_write(pkt, &key->rk.rrset_class, 2); @@ -489,8 +502,8 @@ packed_rrset_encode(struct ub_packed_rrset_key* key, sldns_buffer* pkt, else sldns_buffer_write_u32(pkt, data->rr_ttl[j]-adjust); if(c) { if((r=compress_rdata(pkt, data->rr_data[j], - data->rr_len[j], region, tree, c)) - != RETVAL_OK) + data->rr_len[j], region, tree, c, + compress_count)) != RETVAL_OK) return r; } else { if(sldns_buffer_remaining(pkt) < data->rr_len[j]) @@ -511,8 +524,8 @@ packed_rrset_encode(struct ub_packed_rrset_key* key, sldns_buffer* pkt, sldns_buffer_write(pkt, &owner_ptr, 2); } else { if((r=compress_any_dname(key->rk.dname, - pkt, owner_labs, region, tree)) - != RETVAL_OK) + pkt, owner_labs, region, tree, + compress_count)) != RETVAL_OK) return r; if(sldns_buffer_remaining(pkt) < 4+4+data->rr_len[i]) @@ -544,7 +557,8 @@ static int insert_section(struct reply_info* rep, size_t num_rrsets, uint16_t* num_rrs, sldns_buffer* pkt, size_t rrsets_before, time_t timenow, struct regional* region, struct compress_tree_node** tree, - sldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset) + sldns_pkt_section s, uint16_t qtype, int dnssec, size_t rr_offset, + size_t* compress_count) { int r; size_t i, setstart; @@ -560,7 +574,7 @@ insert_section(struct reply_info* rep, size_t num_rrsets, uint16_t* num_rrs, setstart = sldns_buffer_position(pkt); if((r=packed_rrset_encode(rep->rrsets[rrsets_before+i], pkt, num_rrs, timenow, region, 1, 1, tree, - s, qtype, dnssec, rr_offset)) + s, qtype, dnssec, rr_offset, compress_count)) != RETVAL_OK) { /* Bad, but if due to size must set TC bit */ /* trim off the rrset neatly. */ @@ -573,7 +587,7 @@ insert_section(struct reply_info* rep, size_t num_rrsets, uint16_t* num_rrs, setstart = sldns_buffer_position(pkt); if((r=packed_rrset_encode(rep->rrsets[rrsets_before+i], pkt, num_rrs, timenow, region, 1, 0, tree, - s, qtype, dnssec, rr_offset)) + s, qtype, dnssec, rr_offset, compress_count)) != RETVAL_OK) { sldns_buffer_set_position(pkt, setstart); return r; @@ -584,7 +598,7 @@ insert_section(struct reply_info* rep, size_t num_rrsets, uint16_t* num_rrs, setstart = sldns_buffer_position(pkt); if((r=packed_rrset_encode(rep->rrsets[rrsets_before+i], pkt, num_rrs, timenow, region, 0, 1, tree, - s, qtype, dnssec, rr_offset)) + s, qtype, dnssec, rr_offset, compress_count)) != RETVAL_OK) { sldns_buffer_set_position(pkt, setstart); return r; @@ -677,6 +691,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, struct compress_tree_node* tree = 0; int r; size_t rr_offset; + size_t compress_count=0; sldns_buffer_clear(buffer); if(udpsize < sldns_buffer_limit(buffer)) @@ -723,7 +738,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, arep.rrsets = &qinfo->local_alias->rrset; if((r=insert_section(&arep, 1, &ancount, buffer, 0, timezero, region, &tree, LDNS_SECTION_ANSWER, - qinfo->qtype, dnssec, rr_offset)) != RETVAL_OK) { + qinfo->qtype, dnssec, rr_offset, &compress_count)) != RETVAL_OK) { if(r == RETVAL_TRUNC) { /* create truncated message */ sldns_buffer_write_u16_at(buffer, 6, ancount); @@ -738,7 +753,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, /* insert answer section */ if((r=insert_section(rep, rep->an_numrrsets, &ancount, buffer, 0, timenow, region, &tree, LDNS_SECTION_ANSWER, qinfo->qtype, - dnssec, rr_offset)) != RETVAL_OK) { + dnssec, rr_offset, &compress_count)) != RETVAL_OK) { if(r == RETVAL_TRUNC) { /* create truncated message */ sldns_buffer_write_u16_at(buffer, 6, ancount); @@ -756,7 +771,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, if((r=insert_section(rep, rep->ns_numrrsets, &nscount, buffer, rep->an_numrrsets, timenow, region, &tree, LDNS_SECTION_AUTHORITY, qinfo->qtype, - dnssec, rr_offset)) != RETVAL_OK) { + dnssec, rr_offset, &compress_count)) != RETVAL_OK) { if(r == RETVAL_TRUNC) { /* create truncated message */ sldns_buffer_write_u16_at(buffer, 8, nscount); @@ -773,7 +788,7 @@ reply_info_encode(struct query_info* qinfo, struct reply_info* rep, if((r=insert_section(rep, rep->ar_numrrsets, &arcount, buffer, rep->an_numrrsets + rep->ns_numrrsets, timenow, region, &tree, LDNS_SECTION_ADDITIONAL, qinfo->qtype, - dnssec, rr_offset)) != RETVAL_OK) { + dnssec, rr_offset, &compress_count)) != RETVAL_OK) { if(r == RETVAL_TRUNC) { /* no need to set TC bit, this is the additional */ sldns_buffer_write_u16_at(buffer, 10, arcount); diff --git a/sys/arch/amd64/amd64/identcpu.c b/sys/arch/amd64/amd64/identcpu.c index 755e0eeaa..18ecbc8f4 100644 --- a/sys/arch/amd64/amd64/identcpu.c +++ b/sys/arch/amd64/amd64/identcpu.c @@ -1,4 +1,4 @@ -/* $OpenBSD: identcpu.c,v 1.147 2024/08/27 09:16:03 bluhm Exp $ */ +/* $OpenBSD: identcpu.c,v 1.148 2024/10/07 20:30:17 dv Exp $ */ /* $NetBSD: identcpu.c,v 1.1 2003/04/26 18:39:28 fvdl Exp $ */ /* @@ -952,11 +952,6 @@ cpu_check_vmm_cap(struct cpu_info *ci) /* EPT available? */ if (msr & (IA32_VMX_ENABLE_EPT) << 32) ci->ci_vmm_flags |= CI_VMM_EPT; - /* VM Functions available? */ - if (msr & (IA32_VMX_ENABLE_VM_FUNCTIONS) << 32) { - ci->ci_vmm_cap.vcc_vmx.vmx_vm_func = - rdmsr(IA32_VMX_VMFUNC); - } } } diff --git a/sys/arch/amd64/amd64/vmm_machdep.c b/sys/arch/amd64/amd64/vmm_machdep.c index 7c898fb55..1f76ac4e0 100644 --- a/sys/arch/amd64/amd64/vmm_machdep.c +++ b/sys/arch/amd64/amd64/vmm_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vmm_machdep.c,v 1.38 2024/09/26 13:18:25 dv Exp $ */ +/* $OpenBSD: vmm_machdep.c,v 1.39 2024/10/07 20:30:17 dv Exp $ */ /* * Copyright (c) 2014 Mike Larkin * @@ -7156,16 +7156,6 @@ vmx_dump_vmcs(struct vcpu *vcpu) DPRINTF("\n"); } - if (vcpu_vmx_check_cap(vcpu, IA32_VMX_PROCBASED2_CTLS, - IA32_VMX_ENABLE_VM_FUNCTIONS, 1)) { - /* We assume all CPUs have the same VMFUNC caps */ - if (curcpu()->ci_vmm_cap.vcc_vmx.vmx_vm_func & 0x1) { - vmx_dump_vmcs_field(VMCS_EPTP_LIST_ADDRESS, - "EPTP List Addr"); - DPRINTF("\n"); - } - } - if (vcpu_vmx_check_cap(vcpu, IA32_VMX_PROCBASED2_CTLS, IA32_VMX_VMCS_SHADOWING, 1)) { vmx_dump_vmcs_field(VMCS_VMREAD_BITMAP_ADDRESS, diff --git a/sys/arch/amd64/include/cpu.h b/sys/arch/amd64/include/cpu.h index 34ba78776..3a902a9aa 100644 --- a/sys/arch/amd64/include/cpu.h +++ b/sys/arch/amd64/include/cpu.h @@ -1,4 +1,4 @@ -/* $OpenBSD: cpu.h,v 1.177 2024/09/26 13:18:25 dv Exp $ */ +/* $OpenBSD: cpu.h,v 1.178 2024/10/07 20:30:17 dv Exp $ */ /* $NetBSD: cpu.h,v 1.1 2003/04/26 18:39:39 fvdl Exp $ */ /*- @@ -73,7 +73,6 @@ struct vmx { uint32_t vmx_vmxon_revision; uint32_t vmx_msr_table_size; uint32_t vmx_cr3_tgt_count; - uint64_t vmx_vm_func; uint8_t vmx_has_l1_flush_msr; uint64_t vmx_invept_mode; }; diff --git a/sys/dev/acpi/ufshci_acpi.c b/sys/dev/acpi/ufshci_acpi.c index 804247ef8..4df7060b7 100644 --- a/sys/dev/acpi/ufshci_acpi.c +++ b/sys/dev/acpi/ufshci_acpi.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ufshci_acpi.c,v 1.2 2024/01/06 17:47:43 mglocker Exp $ */ +/* $OpenBSD: ufshci_acpi.c,v 1.3 2024/10/08 00:46:29 jsg Exp $ */ /* * Copyright (c) 2022 Marcus Glocker * @@ -45,7 +45,8 @@ int ufshci_acpi_match(struct device *, void *, void *); void ufshci_acpi_attach(struct device *, struct device *, void *); const struct cfattach ufshci_acpi_ca = { - sizeof(struct ufshci_acpi_softc), ufshci_acpi_match, ufshci_acpi_attach + sizeof(struct ufshci_acpi_softc), ufshci_acpi_match, ufshci_acpi_attach, + NULL, ufshci_activate }; const char *ufshci_hids[] = { diff --git a/sys/dev/fdt/ufshci_fdt.c b/sys/dev/fdt/ufshci_fdt.c index 92ea5ca4c..88742d441 100644 --- a/sys/dev/fdt/ufshci_fdt.c +++ b/sys/dev/fdt/ufshci_fdt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ufshci_fdt.c,v 1.1 2024/07/31 10:07:33 mglocker Exp $ */ +/* $OpenBSD: ufshci_fdt.c,v 1.2 2024/10/08 00:46:29 jsg Exp $ */ /* * Copyright (c) 2024 Marcus Glocker * @@ -36,7 +36,9 @@ void ufshci_fdt_attach(struct device *, struct device *, void *); const struct cfattach ufshci_fdt_ca = { sizeof(struct ufshci_softc), ufshci_fdt_match, - ufshci_fdt_attach + ufshci_fdt_attach, + NULL, + ufshci_activate }; int diff --git a/sys/dev/ic/ufshci.c b/sys/dev/ic/ufshci.c index 108013d2a..9e8e0112e 100644 --- a/sys/dev/ic/ufshci.c +++ b/sys/dev/ic/ufshci.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ufshci.c,v 1.41 2024/08/30 18:22:41 mglocker Exp $ */ +/* $OpenBSD: ufshci.c,v 1.42 2024/10/08 00:46:29 jsg Exp $ */ /* * Copyright (c) 2022 Marcus Glocker @@ -1380,8 +1380,9 @@ ufshci_xfer_complete(struct ufshci_softc *sc) } int -ufshci_activate(struct ufshci_softc *sc, int act) +ufshci_activate(struct device *self, int act) { + struct ufshci_softc *sc = (struct ufshci_softc *)self; int rv = 0; switch (act) { diff --git a/sys/dev/ic/ufshcivar.h b/sys/dev/ic/ufshcivar.h index bdd7a2101..d41e58f55 100644 --- a/sys/dev/ic/ufshcivar.h +++ b/sys/dev/ic/ufshcivar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: ufshcivar.h,v 1.9 2024/05/29 00:48:15 jsg Exp $ */ +/* $OpenBSD: ufshcivar.h,v 1.10 2024/10/08 00:46:29 jsg Exp $ */ /* * Copyright (c) 2022 Marcus Glocker @@ -83,4 +83,4 @@ struct ufshci_softc { int ufshci_intr(void *); int ufshci_attach(struct ufshci_softc *); -int ufshci_activate(struct ufshci_softc *, int); +int ufshci_activate(struct device *, int); diff --git a/sys/dev/pci/ufshci_pci.c b/sys/dev/pci/ufshci_pci.c index f265d2064..a44232f6c 100644 --- a/sys/dev/pci/ufshci_pci.c +++ b/sys/dev/pci/ufshci_pci.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ufshci_pci.c,v 1.4 2024/05/24 09:51:13 mglocker Exp $ */ +/* $OpenBSD: ufshci_pci.c,v 1.5 2024/10/08 00:46:29 jsg Exp $ */ /* * Copyright (c) 2024 Marcus Glocker @@ -41,14 +41,13 @@ struct ufshci_pci_softc { int ufshci_pci_match(struct device *, void *, void *); void ufshci_pci_attach(struct device *, struct device *, void *); int ufshci_pci_detach(struct device *, int); -int ufshci_pci_activate(struct device *, int); const struct cfattach ufshci_pci_ca = { sizeof(struct ufshci_pci_softc), ufshci_pci_match, ufshci_pci_attach, ufshci_pci_detach, - ufshci_pci_activate + ufshci_activate }; int @@ -108,11 +107,3 @@ ufshci_pci_detach(struct device *self, int flags) { return 0; } - -int -ufshci_pci_activate(struct device *self, int act) -{ - struct ufshci_pci_softc *psc = (struct ufshci_pci_softc *)self; - - return ufshci_activate(&psc->psc_ufshci, act); -} diff --git a/sys/uvm/uvm_extern.h b/sys/uvm/uvm_extern.h index 6b3ba14ce..f10630fcb 100644 --- a/sys/uvm/uvm_extern.h +++ b/sys/uvm/uvm_extern.h @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_extern.h,v 1.177 2024/08/24 10:46:43 mpi Exp $ */ +/* $OpenBSD: uvm_extern.h,v 1.178 2024/10/08 02:29:10 jsg Exp $ */ /* $NetBSD: uvm_extern.h,v 1.57 2001/03/09 01:02:12 chs Exp $ */ /* @@ -280,7 +280,6 @@ int uvm_vslock_device(struct proc *, void *, size_t, vm_prot_t, void **); void uvm_vsunlock_device(struct proc *, void *, size_t, void *); -void uvm_pause(void); void uvm_init(void); void uvm_init_percpu(void); int uvm_io(vm_map_t, struct uio *, int); diff --git a/sys/uvm/uvm_glue.c b/sys/uvm/uvm_glue.c index fb7fe6b27..c2f207a23 100644 --- a/sys/uvm/uvm_glue.c +++ b/sys/uvm/uvm_glue.c @@ -1,4 +1,4 @@ -/* $OpenBSD: uvm_glue.c,v 1.84 2022/09/10 20:35:29 miod Exp $ */ +/* $OpenBSD: uvm_glue.c,v 1.85 2024/10/08 02:29:10 jsg Exp $ */ /* $NetBSD: uvm_glue.c,v 1.44 2001/02/06 19:54:44 eeh Exp $ */ /* @@ -71,11 +71,9 @@ #include #include #include -#include #ifdef SYSVSHM #include #endif -#include #include @@ -435,18 +433,6 @@ uvm_atopg(vaddr_t kva) return (pg); } -void -uvm_pause(void) -{ - static unsigned int toggle; - if (toggle++ > 128) { - toggle = 0; - KERNEL_UNLOCK(); - KERNEL_LOCK(); - } - sched_pause(preempt); -} - #ifndef SMALL_KERNEL int fill_vmmap(struct process *pr, struct kinfo_vmentry *kve, diff --git a/usr.sbin/acme-client/netproc.c b/usr.sbin/acme-client/netproc.c index 3b53ccfe5..79dcadf38 100644 --- a/usr.sbin/acme-client/netproc.c +++ b/usr.sbin/acme-client/netproc.c @@ -1,4 +1,4 @@ -/* $Id: netproc.c,v 1.35 2024/04/28 10:09:25 tb Exp $ */ +/* $Id: netproc.c,v 1.36 2024/10/07 23:47:00 sthen Exp $ */ /* * Copyright (c) 2016 Kristaps Dzonsons * @@ -359,7 +359,7 @@ donewacc(struct conn *c, const struct capaths *p, const char *contact) { struct jsmnn *j = NULL; int rc = 0; - char *req, *detail, *error = NULL; + char *req, *detail, *error = NULL, *accturi = NULL; long lc; if ((req = json_fmt_newacc(contact)) == NULL) @@ -384,6 +384,12 @@ donewacc(struct conn *c, const struct capaths *p, const char *contact) else rc = 1; + if (c->kid != NULL) { + if (stravis(&accturi, c->kid, VIS_SAFE) != -1) + dodbg("account key: %s", accturi); + free(accturi); + } + if (rc == 0 || verbose > 1) buf_dump(&c->buf); free(req); @@ -399,7 +405,7 @@ static int dochkacc(struct conn *c, const struct capaths *p, const char *contact) { int rc = 0; - char *req; + char *req, *accturi = NULL; long lc; if ((req = json_fmt_chkacc()) == NULL) @@ -417,6 +423,11 @@ dochkacc(struct conn *c, const struct capaths *p, const char *contact) if (c->kid == NULL) rc = 0; + else { + if (stravis(&accturi, c->kid, VIS_SAFE) != -1) + dodbg("account key: %s", accturi); + free(accturi); + } if (rc == 0 || verbose > 1) buf_dump(&c->buf);