From 9d1bed226b6994e89ec50e1b608954a53f3d34c3 Mon Sep 17 00:00:00 2001 From: purplerain Date: Sat, 21 Sep 2024 19:08:31 +0000 Subject: [PATCH] sync with OpenBSD -current --- games/fortune/fortune/fortune.c | 5 +- gnu/usr.bin/binutils/gdb/cli/cli-cmds.c | 2 +- gnu/usr.bin/binutils/gdb/doc/gdb.texinfo | 2 +- regress/usr.bin/mandoc/mdoc/In/Makefile | 4 +- regress/usr.bin/mandoc/mdoc/In/parse.in | 13 + .../usr.bin/mandoc/mdoc/In/parse.out_ascii | 9 + .../usr.bin/mandoc/mdoc/In/parse.out_markdown | 15 ++ sys/arch/amd64/amd64/vmm_machdep.c | 252 +----------------- sys/arch/amd64/include/vmmvar.h | 13 +- sys/arch/arm64/stand/efiboot/efiboot.c | 6 +- usr.sbin/relayd/relayd.conf.5 | 18 +- usr.sbin/vmd/arm64_vm.c | 3 +- 12 files changed, 69 insertions(+), 273 deletions(-) create mode 100644 regress/usr.bin/mandoc/mdoc/In/parse.in create mode 100644 regress/usr.bin/mandoc/mdoc/In/parse.out_ascii create mode 100644 regress/usr.bin/mandoc/mdoc/In/parse.out_markdown diff --git a/games/fortune/fortune/fortune.c b/games/fortune/fortune/fortune.c index 6f17c4db6..652422839 100644 --- a/games/fortune/fortune/fortune.c +++ b/games/fortune/fortune/fortune.c @@ -1,4 +1,4 @@ -/* $OpenBSD: fortune.c,v 1.64 2024/05/21 05:00:47 jsg Exp $ */ +/* $OpenBSD: fortune.c,v 1.65 2024/09/20 12:52:37 tb Exp $ */ /* $NetBSD: fortune.c,v 1.8 1995/03/23 08:28:40 cgd Exp $ */ /*- @@ -413,6 +413,7 @@ add_file(int percent, char *file, char *dir, FILEDESC **head, FILEDESC **tail, if (was_malloc) free(path); path = offensive; + offensive = NULL; file = off_name(file); was_malloc = true; } @@ -430,9 +431,9 @@ over: * we'll pick up the -o file anyway. */ if (All_forts && offensive != NULL) { - path = offensive; if (was_malloc) free(path); + path = offensive; offensive = NULL; was_malloc = true; DPRINTF(1, (stderr, "\ttrying \"%s\"\n", path)); diff --git a/gnu/usr.bin/binutils/gdb/cli/cli-cmds.c b/gnu/usr.bin/binutils/gdb/cli/cli-cmds.c index fbe93c902..40ff739f7 100644 --- a/gnu/usr.bin/binutils/gdb/cli/cli-cmds.c +++ b/gnu/usr.bin/binutils/gdb/cli/cli-cmds.c @@ -625,7 +625,7 @@ edit_command (char *arg, int from_tty) } if ((editor = (char *) getenv ("EDITOR")) == NULL) - editor = "/bin/ex"; + editor = "/usr/bin/ex"; /* Approximate base-10 log of line to 1 unit for digit count */ for(log10=32, m=0x80000000; !(sal.line & m) && log10>0; log10--, m=m>>1); diff --git a/gnu/usr.bin/binutils/gdb/doc/gdb.texinfo b/gnu/usr.bin/binutils/gdb/doc/gdb.texinfo index 6af8d3789..3de22cbc6 100644 --- a/gnu/usr.bin/binutils/gdb/doc/gdb.texinfo +++ b/gnu/usr.bin/binutils/gdb/doc/gdb.texinfo @@ -32,7 +32,7 @@ @set EDITION Ninth @c !!set GDB edit command default editor -@set EDITOR /bin/ex +@set EDITOR /usr/bin/ex @c THIS MANUAL REQUIRES TEXINFO 4.0 OR LATER. diff --git a/regress/usr.bin/mandoc/mdoc/In/Makefile b/regress/usr.bin/mandoc/mdoc/In/Makefile index 3bb3b791c..9148e5f33 100644 --- a/regress/usr.bin/mandoc/mdoc/In/Makefile +++ b/regress/usr.bin/mandoc/mdoc/In/Makefile @@ -1,6 +1,6 @@ -# $OpenBSD: Makefile,v 1.9 2017/03/08 22:53:35 schwarze Exp $ +# $OpenBSD: Makefile,v 1.10 2024/09/21 11:56:36 schwarze Exp $ -REGRESS_TARGETS = break eos font noarg +REGRESS_TARGETS = break eos font noarg parse LINT_TARGETS = noarg .include diff --git a/regress/usr.bin/mandoc/mdoc/In/parse.in b/regress/usr.bin/mandoc/mdoc/In/parse.in new file mode 100644 index 000000000..79473a20e --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/In/parse.in @@ -0,0 +1,13 @@ +.\" $OpenBSD: parse.in,v 1.1 2024/09/21 11:56:36 schwarze Exp $ +.Dd $Mdocdate: September 21 2024 $ +.Dt IN-PARSE 2 +.Os +.Sh NAME +.Nm In-parse +.Nd parsing of include file macros +.Sh DESCRIPTION +first line +.Sy parent In arg1 arg2 Sy child +middle line +.In ( arg ) +last line diff --git a/regress/usr.bin/mandoc/mdoc/In/parse.out_ascii b/regress/usr.bin/mandoc/mdoc/In/parse.out_ascii new file mode 100644 index 000000000..ed05775d6 --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/In/parse.out_ascii @@ -0,0 +1,9 @@ +IN-PARSE(2) System Calls Manual IN-PARSE(2) + +NNAAMMEE + IInn--ppaarrssee - parsing of include file macros + +DDEESSCCRRIIPPTTIIOONN + first line ppaarreenntt <_a_r_g_1> arg2 cchhiilldd middle line (<_a_r_g>) last line + +OpenBSD September 21, 2024 OpenBSD diff --git a/regress/usr.bin/mandoc/mdoc/In/parse.out_markdown b/regress/usr.bin/mandoc/mdoc/In/parse.out_markdown new file mode 100644 index 000000000..d4ff68921 --- /dev/null +++ b/regress/usr.bin/mandoc/mdoc/In/parse.out_markdown @@ -0,0 +1,15 @@ +IN-PARSE(2) - System Calls Manual + +# NAME + +**In-parse** - parsing of include file macros + +# DESCRIPTION + +first line +**parent** <*arg1*> arg2 **child** +middle line +(<*arg*>) +last line + +OpenBSD - September 21, 2024 diff --git a/sys/arch/amd64/amd64/vmm_machdep.c b/sys/arch/amd64/amd64/vmm_machdep.c index 04944d513..c9a0531a6 100644 --- a/sys/arch/amd64/amd64/vmm_machdep.c +++ b/sys/arch/amd64/amd64/vmm_machdep.c @@ -1,4 +1,4 @@ -/* $OpenBSD: vmm_machdep.c,v 1.36 2024/09/04 16:12:40 dv Exp $ */ +/* $OpenBSD: vmm_machdep.c,v 1.37 2024/09/21 04:36:28 mlarkin Exp $ */ /* * Copyright (c) 2014 Mike Larkin * @@ -72,7 +72,6 @@ int vmm_quiesce_vmx(void); int vm_run(struct vm_run_params *); int vm_intr_pending(struct vm_intr_params *); int vm_rwregs(struct vm_rwregs_params *, int); -int vm_mprotect_ept(struct vm_mprotect_ept_params *); int vm_rwvmparams(struct vm_rwvmparams_params *, int); int vcpu_readregs_vmx(struct vcpu *, uint64_t, int, struct vcpu_reg_state *); int vcpu_readregs_svm(struct vcpu *, uint64_t, struct vcpu_reg_state *); @@ -125,7 +124,6 @@ int svm_fault_page(struct vcpu *, paddr_t); int vmx_fault_page(struct vcpu *, paddr_t); int vmx_handle_np_fault(struct vcpu *); int svm_handle_np_fault(struct vcpu *); -int vmx_mprotect_ept(struct vcpu *, vm_map_t, paddr_t, paddr_t, int); pt_entry_t *vmx_pmap_find_pte_ept(pmap_t, paddr_t); int vmm_alloc_vpid(uint16_t *); void vmm_free_vpid(uint16_t); @@ -440,9 +438,6 @@ vmmioctl_machdep(dev_t dev, u_long cmd, caddr_t data, int flag, struct proc *p) case VMM_IOC_INTR: ret = vm_intr_pending((struct vm_intr_params *)data); break; - case VMM_IOC_MPROTECT_EPT: - ret = vm_mprotect_ept((struct vm_mprotect_ept_params *)data); - break; default: DPRINTF("%s: unknown ioctl code 0x%lx\n", __func__, cmd); ret = ENOTTY; @@ -456,7 +451,6 @@ pledge_ioctl_vmm_machdep(struct proc *p, long com) { switch (com) { case VMM_IOC_INTR: - case VMM_IOC_MPROTECT_EPT: return (0); } @@ -624,250 +618,6 @@ out: return (ret); } -/* - * vm_mprotect_ept - * - * IOCTL handler to sets the access protections of the ept - * - * Parameters: - * vmep: describes the memory for which the protect will be applied.. - * - * Return values: - * 0: if successful - * ENOENT: if the VM defined by 'vmep' cannot be found - * EINVAL: if the sgpa or size is not page aligned, the prot is invalid, - * size is too large (512GB), there is wraparound - * (like start = 512GB-1 and end = 512GB-2), - * the address specified is not within the vm's mem range - * or the address lies inside reserved (MMIO) memory - */ -int -vm_mprotect_ept(struct vm_mprotect_ept_params *vmep) -{ - struct vm *vm; - struct vcpu *vcpu; - vaddr_t sgpa; - size_t size; - vm_prot_t prot; - uint64_t msr; - int ret = 0, memtype; - - /* If not EPT or RVI, nothing to do here */ - if (!(vmm_softc->mode == VMM_MODE_EPT - || vmm_softc->mode == VMM_MODE_RVI)) - return (0); - - /* Find the desired VM */ - ret = vm_find(vmep->vmep_vm_id, &vm); - - /* Not found? exit. */ - if (ret != 0) { - DPRINTF("%s: vm id %u not found\n", __func__, - vmep->vmep_vm_id); - return (ret); - } - - vcpu = vm_find_vcpu(vm, vmep->vmep_vcpu_id); - - if (vcpu == NULL) { - DPRINTF("%s: vcpu id %u of vm %u not found\n", __func__, - vmep->vmep_vcpu_id, vmep->vmep_vm_id); - ret = ENOENT; - goto out_nolock; - } - - rw_enter_write(&vcpu->vc_lock); - - if (vcpu->vc_state != VCPU_STATE_STOPPED) { - DPRINTF("%s: mprotect_ept %u on vm %u attempted " - "while vcpu was in state %u (%s)\n", __func__, - vmep->vmep_vcpu_id, vmep->vmep_vm_id, vcpu->vc_state, - vcpu_state_decode(vcpu->vc_state)); - ret = EBUSY; - goto out; - } - - /* Only proceed if the pmap is in the correct mode */ - KASSERT((vmm_softc->mode == VMM_MODE_EPT && - vm->vm_map->pmap->pm_type == PMAP_TYPE_EPT) || - (vmm_softc->mode == VMM_MODE_RVI && - vm->vm_map->pmap->pm_type == PMAP_TYPE_RVI)); - - sgpa = vmep->vmep_sgpa; - size = vmep->vmep_size; - prot = vmep->vmep_prot; - - /* No W^X permissions */ - if ((prot & PROT_MASK) != prot && - (prot & (PROT_WRITE | PROT_EXEC)) == (PROT_WRITE | PROT_EXEC)) { - DPRINTF("%s: W+X permission requested\n", __func__); - ret = EINVAL; - goto out; - } - - /* No Write only permissions */ - if ((prot & (PROT_READ | PROT_WRITE | PROT_EXEC)) == PROT_WRITE) { - DPRINTF("%s: No Write only permissions\n", __func__); - ret = EINVAL; - goto out; - } - - /* No empty permissions */ - if (prot == 0) { - DPRINTF("%s: No empty permissions\n", __func__); - ret = EINVAL; - goto out; - } - - /* No execute only on EPT CPUs that don't have that capability */ - if (vmm_softc->mode == VMM_MODE_EPT) { - msr = rdmsr(IA32_VMX_EPT_VPID_CAP); - if (prot == PROT_EXEC && - (msr & IA32_EPT_VPID_CAP_XO_TRANSLATIONS) == 0) { - DPRINTF("%s: Execute only permissions unsupported," - " adding read permission\n", __func__); - - prot |= PROT_READ; - } - } - - /* Must be page aligned */ - if ((sgpa & PAGE_MASK) || (size & PAGE_MASK) || size == 0) { - ret = EINVAL; - goto out; - } - - /* size must be less then 512GB */ - if (size >= NBPD_L4) { - ret = EINVAL; - goto out; - } - - /* no wraparound */ - if (sgpa + size < sgpa) { - ret = EINVAL; - goto out; - } - - /* - * Specifying addresses within the PCI MMIO space is forbidden. - * Disallow addresses that start inside the MMIO space: - * [VMM_PCI_MMIO_BAR_BASE .. VMM_PCI_MMIO_BAR_END] - */ - if (sgpa >= VMM_PCI_MMIO_BAR_BASE && sgpa <= VMM_PCI_MMIO_BAR_END) { - ret = EINVAL; - goto out; - } - - /* - * ... and disallow addresses that end inside the MMIO space: - * (VMM_PCI_MMIO_BAR_BASE .. VMM_PCI_MMIO_BAR_END] - */ - if (sgpa + size > VMM_PCI_MMIO_BAR_BASE && - sgpa + size <= VMM_PCI_MMIO_BAR_END) { - ret = EINVAL; - goto out; - } - - memtype = vmm_get_guest_memtype(vm, sgpa); - if (memtype == VMM_MEM_TYPE_UNKNOWN) { - ret = EINVAL; - goto out; - } - - if (vmm_softc->mode == VMM_MODE_EPT) - ret = vmx_mprotect_ept(vcpu, vm->vm_map, sgpa, sgpa + size, - prot); - else if (vmm_softc->mode == VMM_MODE_RVI) { - pmap_write_protect(vm->vm_map->pmap, sgpa, sgpa + size, prot); - /* XXX requires a invlpga */ - ret = 0; - } else - ret = EINVAL; -out: - if (vcpu != NULL) - rw_exit_write(&vcpu->vc_lock); -out_nolock: - refcnt_rele_wake(&vm->vm_refcnt); - return (ret); -} - -/* - * vmx_mprotect_ept - * - * apply the ept protections to the requested pages, faulting in the page if - * required. - */ -int -vmx_mprotect_ept(struct vcpu *vcpu, vm_map_t vm_map, paddr_t sgpa, paddr_t egpa, - int prot) -{ - struct vmx_invept_descriptor vid; - pmap_t pmap; - pt_entry_t *pte; - paddr_t addr; - int ret = 0; - - pmap = vm_map->pmap; - - KERNEL_LOCK(); - - for (addr = sgpa; addr < egpa; addr += PAGE_SIZE) { - pte = vmx_pmap_find_pte_ept(pmap, addr); - if (pte == NULL) { - ret = uvm_fault(vm_map, addr, VM_FAULT_WIRE, - PROT_READ | PROT_WRITE | PROT_EXEC); - if (ret) - printf("%s: uvm_fault returns %d, GPA=0x%llx\n", - __func__, ret, (uint64_t)addr); - - pte = vmx_pmap_find_pte_ept(pmap, addr); - if (pte == NULL) { - KERNEL_UNLOCK(); - return EFAULT; - } - } - - if (prot & PROT_READ) - *pte |= EPT_R; - else - *pte &= ~EPT_R; - - if (prot & PROT_WRITE) - *pte |= EPT_W; - else - *pte &= ~EPT_W; - - if (prot & PROT_EXEC) - *pte |= EPT_X; - else - *pte &= ~EPT_X; - } - - /* - * SDM 3C: 28.3.3.4 Guidelines for Use of the INVEPT Instruction - * the first bullet point seems to say we should call invept. - * - * Software should use the INVEPT instruction with the “single-context” - * INVEPT type after making any of the following changes to an EPT - * paging-structure entry (the INVEPT descriptor should contain an - * EPTP value that references — directly or indirectly - * — the modified EPT paging structure): - * — Changing any of the privilege bits 2:0 from 1 to 0. - * */ - if (pmap->eptp != 0) { - memset(&vid, 0, sizeof(vid)); - vid.vid_eptp = pmap->eptp; - DPRINTF("%s: flushing EPT TLB for EPTP 0x%llx\n", __func__, - vid.vid_eptp); - invept(vcpu->vc_vmx_invept_op, &vid); - } - - KERNEL_UNLOCK(); - - return ret; -} - /* * vmx_pmap_find_pte_ept * diff --git a/sys/arch/amd64/include/vmmvar.h b/sys/arch/amd64/include/vmmvar.h index f652bc1b8..c607c1d66 100644 --- a/sys/arch/amd64/include/vmmvar.h +++ b/sys/arch/amd64/include/vmmvar.h @@ -1,4 +1,4 @@ -/* $OpenBSD: vmmvar.h,v 1.105 2024/08/27 09:16:03 bluhm Exp $ */ +/* $OpenBSD: vmmvar.h,v 1.106 2024/09/21 04:36:28 mlarkin Exp $ */ /* * Copyright (c) 2014 Mike Larkin * @@ -492,19 +492,8 @@ struct vm_rwregs_params { struct vcpu_reg_state vrwp_regs; }; -struct vm_mprotect_ept_params { - /* Input parameters to VMM_IOC_MPROTECT_EPT */ - uint32_t vmep_vm_id; - uint32_t vmep_vcpu_id; - vaddr_t vmep_sgpa; - size_t vmep_size; - int vmep_prot; -}; - /* IOCTL definitions */ #define VMM_IOC_INTR _IOW('V', 6, struct vm_intr_params) /* Intr pending */ -/* Control the protection of ept pages*/ -#define VMM_IOC_MPROTECT_EPT _IOW('V', 11, struct vm_mprotect_ept_params) /* CPUID masks */ /* diff --git a/sys/arch/arm64/stand/efiboot/efiboot.c b/sys/arch/arm64/stand/efiboot/efiboot.c index 7d64c7f5d..063b6e445 100644 --- a/sys/arch/arm64/stand/efiboot/efiboot.c +++ b/sys/arch/arm64/stand/efiboot/efiboot.c @@ -1,4 +1,4 @@ -/* $OpenBSD: efiboot.c,v 1.58 2024/08/01 11:53:03 mglocker Exp $ */ +/* $OpenBSD: efiboot.c,v 1.59 2024/09/20 19:12:50 kettenis Exp $ */ /* * Copyright (c) 2015 YASUOKA Masahiko @@ -1121,6 +1121,10 @@ struct smbios_dtb { "qcom/sc8280xp-lenovo-thinkpad-x13s.dtb" }, { "LENOVO", "21BY", "qcom/sc8280xp-lenovo-thinkpad-x13s.dtb" }, + { "LENOVO", "21N1", + "qcom/x1e78100-lenovo-thinkpad-t14s.dtb" }, + { "LENOVO", "21N2", + "qcom/x1e78100-lenovo-thinkpad-t14s.dtb" }, { "LENOVO", "83ED", "qcom/x1e80100-lenovo-yoga-slim7x.dtb" }, { "SAMSUNG", "Galaxy Book4 Edge", diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5 index c5a380fc1..50c73cbec 100644 --- a/usr.sbin/relayd/relayd.conf.5 +++ b/usr.sbin/relayd/relayd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: relayd.conf.5,v 1.209 2024/07/14 03:58:49 jsg Exp $ +.\" $OpenBSD: relayd.conf.5,v 1.210 2024/09/21 05:37:26 aisha Exp $ .\" .\" Copyright (c) 2006 - 2016 Reyk Floeter .\" Copyright (c) 2006, 2007 Pierre-Yves Ritschard @@ -15,7 +15,7 @@ .\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. .\" -.Dd $Mdocdate: July 14 2024 $ +.Dd $Mdocdate: September 21 2024 $ .Dt RELAYD.CONF 5 .Os .Sh NAME @@ -1537,6 +1537,20 @@ redirect "dns" { } .Ed .Pp +To load balance an IP address over multiple backend servers using a +.Xr pf 4 +.Cm route-to +directive: +.Bd -literal -offset indent +table { 10.100.42.71 10.100.42.72 10.100.42.73 } + +redirect "xmpp" { + listen on 10.100.42.2 tcp port 5222 + + route to port 5222 check tcp interface em0 +} +.Ed +.Pp The following configuration would add a relay to forward secure HTTPS connections to a pool of HTTP webservers using the diff --git a/usr.sbin/vmd/arm64_vm.c b/usr.sbin/vmd/arm64_vm.c index 3515ed1c9..2eec85d6f 100644 --- a/usr.sbin/vmd/arm64_vm.c +++ b/usr.sbin/vmd/arm64_vm.c @@ -1,4 +1,4 @@ -/* $OpenBSD: arm64_vm.c,v 1.2 2024/09/11 15:42:52 bluhm Exp $ */ +/* $OpenBSD: arm64_vm.c,v 1.3 2024/09/21 04:12:18 mlarkin Exp $ */ /* * Copyright (c) 2024 Dave Voutila * @@ -17,6 +17,7 @@ #include #include "vmd.h" +#include "vmm.h" void create_memory_map(struct vm_create_params *vcp)