SecBSD/src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync with OpenBSD -current

Browse Source
This commit is contained in:
purplerain 2024-09-13 01:47:06 +00:00
parent a55d737f6e
commit b63dabf6e1
Signed by: purplerain
GPG Key ID: F42C07F07E2E35B7
68 changed files with 1299 additions and 226 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
regress/bin/ps/command.sh
View File

@ -142,7 +142,6 @@ test_ps "E=1 L=very_long_var" "" "-cewwo command" \
"E=1 L=very_long_var shortsleep"
# test vis(3)ing
test_ps "x$(printf \\000)x" "" "-o command" "./shortsleep xx"
test_ps "" "" "-o command" "./shortsleep \\^A\\^B\\^C"
test_ps "" "" "-o command" "./shortsleep \\^D\\^E\\^F\\a"
test_ps " x

4
regress/lib/libssl/tlsext/tlsexttest.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tlsexttest.c,v 1.91 2024/07/22 14:50:45 jsing Exp $ */
/* $OpenBSD: tlsexttest.c,v 1.92 2024/09/11 15:04:16 tb Exp $ */
/*
* Copyright (c) 2017 Joel Sing <jsing@openbsd.org>
* Copyright (c) 2017 Doug Hogan <doug@openbsd.org>
@ -2073,7 +2073,7 @@ test_tlsext_quic_transport_parameters_client(void)
if (!SSL_set_quic_transport_params(ssl,
tlsext_quic_transport_data, sizeof(tlsext_quic_transport_data))) {
FAIL("client failed to set QUIC parametes\n");
FAIL("client failed to set QUIC parameters\n");
goto err;
}

37
regress/usr.sbin/bgpd/integrationtests/exabgp.attr.in
View File

@ -56,5 +56,42 @@ neighbor 10.12.57.1 {
route 10.12.6.0/24 next-hop self attribute [ 0x20 0xc0 0x02 ];
# OTC
route 10.12.7.0/24 next-hop self attribute [ 0x23 0xc0 0x02 ];
# cluster_list
route 10.12.8.0/24 next-hop self attribute [ 0x0a 0x80 0x02 ];
}
}
neighbor 10.12.57.1 {
router-id 10.12.57.4;
local-address 10.12.57.4;
local-as 64500;
peer-as 64500;
group-updates;
adj-rib-in false;
passive false;
family {
ipv4 unicast;
}
static {
route 10.13.0.0/24 next-hop self;
# aggregator
route 10.13.1.0/24 next-hop self attribute [ 0x07 0xc0 0x02 ];
# communities
route 10.13.2.0/24 next-hop self attribute [ 0x08 0xc0 0x02 ];
# ext communities
route 10.13.3.0/24 next-hop self attribute [ 0x10 0xc0 0x02 ];
# as4-path
route 10.13.4.0/24 next-hop self attribute [ 0x11 0xc0 0x02 ];
# as4-aggregator
route 10.13.5.0/24 next-hop self attribute [ 0x12 0xc0 0x02 ];
# large communities
route 10.13.6.0/24 next-hop self attribute [ 0x20 0xc0 0x02 ];
# OTC
route 10.13.7.0/24 next-hop self attribute [ 0x23 0xc0 0x02 ];
# cluster_list
route 10.13.8.0/24 next-hop self attribute [ 0x0a 0x80 0x02 ];
}
}

10
regress/usr.sbin/bgpd/integrationtests/exabgp.attr.ok
View File

@ -13,3 +13,13 @@ E N-? 10.12.3.0/24 10.12.57.3 100 0 64502 i
N-? 10.12.5.0/24 10.12.57.3 100 0 64502 i
E N-? 10.12.6.0/24 10.12.57.3 100 0 64502 i
E N-? 10.12.7.0/24 10.12.57.3 100 0 64502 i
N-? 10.12.8.0/24 10.12.57.3 100 0 64502 i
I N-? 10.13.0.0/24 10.12.57.4 100 0 i
I N-? 10.13.1.0/24 10.12.57.4 100 0 i
EI N-? 10.13.2.0/24 10.12.57.4 100 0 i
EI N-? 10.13.3.0/24 10.12.57.4 100 0 i
I N-? 10.13.4.0/24 10.12.57.4 100 0 i
I N-? 10.13.5.0/24 10.12.57.4 100 0 i
EI N-? 10.13.6.0/24 10.12.57.4 100 0 i
EI N-? 10.13.7.0/24 10.12.57.4 100 0 i
EI N-? 10.13.8.0/24 10.12.57.4 100 0 i

4
sbin/iked/radius.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radius.c,v 1.11 2024/09/09 23:38:29 yasuoka Exp $ */
/* $OpenBSD: radius.c,v 1.12 2024/09/11 00:41:51 yasuoka Exp $ */
/*
* Copyright (c) 2024 Internet Initiative Japan Inc.
@ -262,7 +262,7 @@ iked_radius_on_event(int fd, short ev, void *ctx)
strcmp(username, req->rr_user) != 0) {
/*
* The Access-Accept might have a User-Name. It
* should be used for Accouting (RFC 2865 5.1).
* should be used for Accounting (RFC 2865 5.1).
*/
free(req->rr_user);
req->rr_sa->sa_eapid = strdup(username);

6
sbin/sysctl/sysctl.8
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: sysctl.8,v 1.215 2024/09/09 05:36:17 kn Exp $
.\" $OpenBSD: sysctl.8,v 1.216 2024/09/10 05:33:32 jmc Exp $
.\" $NetBSD: sysctl.8,v 1.4 1995/09/30 07:12:49 thorpej Exp $
.\"
.\" Copyright (c) 1993
@ -30,7 +30,7 @@
.\"
.\" @(#)sysctl.8 8.2 (Berkeley) 5/9/95
.\"
.Dd $Mdocdate: September 9 2024 $
.Dd $Mdocdate: September 10 2024 $
.Dt SYSCTL 8
.Os
.Sh NAME
@ -39,7 +39,7 @@
.Sh SYNOPSIS
.Nm sysctl
.Op Fl Aanq
.Op Ar name Ns Oo = Ns Ar value Oc ...
.Op Ar name Ns Oo = Ns Ar value Oc Ar ...
.Sh DESCRIPTION
The
.Nm

6
share/man/man4/man4.amd64/cpu.4
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: cpu.4,v 1.9 2024/05/11 20:35:13 jmc Exp $
.\" $OpenBSD: cpu.4,v 1.10 2024/09/10 17:01:09 tb Exp $
.\"
.\" Copyright (c) 2004 Ted Unangst
.\" All rights reserved.
@ -23,7 +23,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 11 2024 $
.Dd $Mdocdate: September 10 2024 $
.Dt CPU 4 amd64
.Os
.Sh NAME
@ -62,8 +62,6 @@ The presence of extended instruction sets can be determined by the sysctl
.Bl -tag -width "tenletters"
.It xcrypt
Supports the VIA AES encryption instruction set.
If this is supported,
the libcrypto EVP AES functions automatically use this support.
.El
.Pp
The sysctl

6
share/man/man4/man4.i386/cpu.4
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: cpu.4,v 1.19 2024/05/11 20:35:13 jmc Exp $
.\" $OpenBSD: cpu.4,v 1.20 2024/09/10 17:01:09 tb Exp $
.\"
.\" Copyright (c) 2004 Ted Unangst
.\" All rights reserved.
@ -23,7 +23,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: May 11 2024 $
.Dd $Mdocdate: September 10 2024 $
.Dt CPU 4 i386
.Os
.Sh NAME
@ -83,8 +83,6 @@ Supports the SSE instruction set.
Supports the SSE2 instruction set.
.It xcrypt
Supports the VIA AES encryption instruction set.
If this is supported,
the libcrypto EVP AES functions automatically use this support.
.El
.Pp
The sysctl

15
sys/dev/pci/drm/amd/amdgpu/amdgpu_cs.c
View File

@ -1098,6 +1098,21 @@ static int amdgpu_cs_vm_handling(struct amdgpu_cs_parser *p)
unsigned int i;
int r;
/*
* We can't use gang submit on with reserved VMIDs when the VM changes
* can't be invalidated by more than one engine at the same time.
*/
if (p->gang_size > 1 && !p->adev->vm_manager.concurrent_flush) {
for (i = 0; i < p->gang_size; ++i) {
struct drm_sched_entity *entity = p->entities[i];
struct drm_gpu_scheduler *sched = entity->rq->sched;
struct amdgpu_ring *ring = to_amdgpu_ring(sched);
if (amdgpu_vmid_uses_reserved(vm, ring->vm_hub))
return -EINVAL;
}
}
r = amdgpu_vm_clear_freed(adev, vm, NULL);
if (r)
return r;

30
sys/dev/pci/drm/amd/amdgpu/amdgpu_display.c
View File

@ -909,8 +909,7 @@ static int check_tiling_flags_gfx6(struct amdgpu_framebuffer *afb)
{
u64 micro_tile_mode;
/* Zero swizzle mode means linear */
if (AMDGPU_TILING_GET(afb->tiling_flags, SWIZZLE_MODE) == 0)
if (AMDGPU_TILING_GET(afb->tiling_flags, ARRAY_MODE) == 1) /* LINEAR_ALIGNED */
return 0;
micro_tile_mode = AMDGPU_TILING_GET(afb->tiling_flags, MICRO_TILE_MODE);
@ -1034,6 +1033,30 @@ static int amdgpu_display_verify_sizes(struct amdgpu_framebuffer *rfb)
block_width = 256 / format_info->cpp[i];
block_height = 1;
block_size_log2 = 8;
} else if (AMD_FMT_MOD_GET(TILE_VERSION, modifier) >= AMD_FMT_MOD_TILE_VER_GFX12) {
int swizzle = AMD_FMT_MOD_GET(TILE, modifier);
switch (swizzle) {
case AMD_FMT_MOD_TILE_GFX12_256B_2D:
block_size_log2 = 8;
break;
case AMD_FMT_MOD_TILE_GFX12_4K_2D:
block_size_log2 = 12;
break;
case AMD_FMT_MOD_TILE_GFX12_64K_2D:
block_size_log2 = 16;
break;
case AMD_FMT_MOD_TILE_GFX12_256K_2D:
block_size_log2 = 18;
break;
default:
drm_dbg_kms(rfb->base.dev,
"Gfx12 swizzle mode with unknown block size: %d\n", swizzle);
return -EINVAL;
}
get_block_dimensions(block_size_log2, format_info->cpp[i],
&block_width, &block_height);
} else {
int swizzle = AMD_FMT_MOD_GET(TILE, modifier);
@ -1069,7 +1092,8 @@ static int amdgpu_display_verify_sizes(struct amdgpu_framebuffer *rfb)
return ret;
}
if (AMD_FMT_MOD_GET(DCC, modifier)) {
if (AMD_FMT_MOD_GET(TILE_VERSION, modifier) <= AMD_FMT_MOD_TILE_VER_GFX11 &&
AMD_FMT_MOD_GET(DCC, modifier)) {
if (AMD_FMT_MOD_GET(DCC_RETILE, modifier)) {
block_size_log2 = get_dcc_block_size(modifier, false, false);
get_block_dimensions(block_size_log2 + 8, format_info->cpp[0],

15
sys/dev/pci/drm/amd/amdgpu/amdgpu_ids.c
View File

@ -409,7 +409,7 @@ int amdgpu_vmid_grab(struct amdgpu_vm *vm, struct amdgpu_ring *ring,
if (r || !idle)
goto error;
if (vm->reserved_vmid[vmhub] || (enforce_isolation && (vmhub == AMDGPU_GFXHUB(0)))) {
if (amdgpu_vmid_uses_reserved(vm, vmhub)) {
r = amdgpu_vmid_grab_reserved(vm, ring, job, &id, fence);
if (r || !id)
goto error;
@ -459,6 +459,19 @@ error:
return r;
}
/*
* amdgpu_vmid_uses_reserved - check if a VM will use a reserved VMID
* @vm: the VM to check
* @vmhub: the VMHUB which will be used
*
* Returns: True if the VM will use a reserved VMID.
*/
bool amdgpu_vmid_uses_reserved(struct amdgpu_vm *vm, unsigned int vmhub)
{
return vm->reserved_vmid[vmhub] ||
(enforce_isolation && (vmhub == AMDGPU_GFXHUB(0)));
}
int amdgpu_vmid_alloc_reserved(struct amdgpu_device *adev,
unsigned vmhub)
{

1
sys/dev/pci/drm/amd/amdgpu/amdgpu_ids.h
View File

@ -78,6 +78,7 @@ void amdgpu_pasid_free_delayed(struct dma_resv *resv,
bool amdgpu_vmid_had_gpu_reset(struct amdgpu_device *adev,
struct amdgpu_vmid *id);
bool amdgpu_vmid_uses_reserved(struct amdgpu_vm *vm, unsigned int vmhub);
int amdgpu_vmid_alloc_reserved(struct amdgpu_device *adev,
unsigned vmhub);
void amdgpu_vmid_free_reserved(struct amdgpu_device *adev,

4
sys/dev/pci/drm/amd/amdgpu/amdgpu_virt.c
View File

@ -137,8 +137,10 @@ int amdgpu_virt_request_full_gpu(struct amdgpu_device *adev, bool init)
if (virt->ops && virt->ops->req_full_gpu) {
r = virt->ops->req_full_gpu(adev, init);
if (r)
if (r) {
adev->no_hw_access = true;
return r;
}
adev->virt.caps &= ~AMDGPU_SRIOV_CAPS_RUNTIME;
}

8
sys/dev/pci/drm/amd/amdgpu/gfx_v11_0.c
View File

@ -4269,11 +4269,11 @@ static int gfx_v11_0_hw_init(void *handle)
/* RLC autoload sequence 1: Program rlc ram */
if (adev->gfx.imu.funcs->program_rlc_ram)
adev->gfx.imu.funcs->program_rlc_ram(adev);
/* rlc autoload firmware */
r = gfx_v11_0_rlc_backdoor_autoload_enable(adev);
if (r)
return r;
}
/* rlc autoload firmware */
r = gfx_v11_0_rlc_backdoor_autoload_enable(adev);
if (r)
return r;
} else {
if (adev->firmware.load_type == AMDGPU_FW_LOAD_DIRECT) {
if (adev->gfx.imu.funcs && (amdgpu_dpm > 0)) {

28
sys/dev/pci/drm/amd/amdgpu/ih_v6_0.c
View File

@ -135,6 +135,34 @@ static int ih_v6_0_toggle_ring_interrupts(struct amdgpu_device *adev,
tmp = RREG32(ih_regs->ih_rb_cntl);
tmp = REG_SET_FIELD(tmp, IH_RB_CNTL, RB_ENABLE, (enable ? 1 : 0));
if (enable) {
/* Unset the CLEAR_OVERFLOW bit to make sure the next step
* is switching the bit from 0 to 1
*/
tmp = REG_SET_FIELD(tmp, IH_RB_CNTL, WPTR_OVERFLOW_CLEAR, 0);
if (amdgpu_sriov_vf(adev) && amdgpu_sriov_reg_indirect_ih(adev)) {
if (psp_reg_program(&adev->psp, ih_regs->psp_reg_id, tmp))
return -ETIMEDOUT;
} else {
WREG32_NO_KIQ(ih_regs->ih_rb_cntl, tmp);
}
/* Clear RB_OVERFLOW bit */
tmp = REG_SET_FIELD(tmp, IH_RB_CNTL, WPTR_OVERFLOW_CLEAR, 1);
if (amdgpu_sriov_vf(adev) && amdgpu_sriov_reg_indirect_ih(adev)) {
if (psp_reg_program(&adev->psp, ih_regs->psp_reg_id, tmp))
return -ETIMEDOUT;
} else {
WREG32_NO_KIQ(ih_regs->ih_rb_cntl, tmp);
}
/* Unset the CLEAR_OVERFLOW bit immediately so new overflows
* can be detected.
*/
tmp = REG_SET_FIELD(tmp, IH_RB_CNTL, WPTR_OVERFLOW_CLEAR, 0);
}
/* enable_intr field is only valid in ring0 */
if (ih == &adev->irq.ih)
tmp = REG_SET_FIELD(tmp, IH_RB_CNTL, ENABLE_INTR, (enable ? 1 : 0));

2
sys/dev/pci/drm/amd/display/amdgpu_dm/amdgpu_dm.c
View File

@ -6941,7 +6941,7 @@ static int dm_update_mst_vcpi_slots_for_dsc(struct drm_atomic_state *state,
}
}
if (j == dc_state->stream_count)
if (j == dc_state->stream_count || pbn_div == 0)
continue;
slot_num = DIV_ROUND_UP(pbn, pbn_div);

6
sys/dev/pci/drm/amd/display/dc/link/link_factory.c
View File

@ -629,14 +629,14 @@ static bool construct_phy(struct dc_link *link,
link->link_enc =
link->dc->res_pool->funcs->link_enc_create(dc_ctx, &enc_init_data);
DC_LOG_DC("BIOS object table - DP_IS_USB_C: %d", link->link_enc->features.flags.bits.DP_IS_USB_C);
DC_LOG_DC("BIOS object table - IS_DP2_CAPABLE: %d", link->link_enc->features.flags.bits.IS_DP2_CAPABLE);
if (!link->link_enc) {
DC_ERROR("Failed to create link encoder!\n");
goto link_enc_create_fail;
}
DC_LOG_DC("BIOS object table - DP_IS_USB_C: %d", link->link_enc->features.flags.bits.DP_IS_USB_C);
DC_LOG_DC("BIOS object table - IS_DP2_CAPABLE: %d", link->link_enc->features.flags.bits.IS_DP2_CAPABLE);
/* Update link encoder tracking variables. These are used for the dynamic
* assignment of link encoders to streams.
*/

15
sys/dev/pci/drm/amd/display/modules/hdcp/hdcp1_execution.c
View File

@ -433,17 +433,20 @@ static enum mod_hdcp_status authenticated_dp(struct mod_hdcp *hdcp,
}
if (status == MOD_HDCP_STATUS_SUCCESS)
mod_hdcp_execute_and_set(mod_hdcp_read_bstatus,
if (!mod_hdcp_execute_and_set(mod_hdcp_read_bstatus,
&input->bstatus_read, &status,
hdcp, "bstatus_read");
hdcp, "bstatus_read"))
goto out;
if (status == MOD_HDCP_STATUS_SUCCESS)
mod_hdcp_execute_and_set(check_link_integrity_dp,
if (!mod_hdcp_execute_and_set(check_link_integrity_dp,
&input->link_integrity_check, &status,
hdcp, "link_integrity_check");
hdcp, "link_integrity_check"))
goto out;
if (status == MOD_HDCP_STATUS_SUCCESS)
mod_hdcp_execute_and_set(check_no_reauthentication_request_dp,
if (!mod_hdcp_execute_and_set(check_no_reauthentication_request_dp,
&input->reauth_request_check, &status,
hdcp, "reauth_request_check");
hdcp, "reauth_request_check"))
goto out;
out:
return status;
}

6
sys/dev/pci/drm/amd/pm/swsmu/amdgpu_smu.c
View File

@ -1883,7 +1883,8 @@ static int smu_adjust_power_state_dynamic(struct smu_context *smu,
smu_dpm_ctx->dpm_level = level;
}
if (smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_PERF_DETERMINISM) {
if (smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_MANUAL &&
smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_PERF_DETERMINISM) {
index = fls(smu->workload_mask);
index = index > 0 && index <= WORKLOAD_POLICY_MAX ? index - 1 : 0;
workload[0] = smu->workload_setting[index];
@ -1962,7 +1963,8 @@ static int smu_switch_power_profile(void *handle,
workload[0] = smu->workload_setting[index];
}
if (smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_PERF_DETERMINISM)
if (smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_MANUAL &&
smu_dpm_ctx->dpm_level != AMD_DPM_FORCED_LEVEL_PERF_DETERMINISM)
smu_bump_power_profile_mode(smu, workload, 0);
return 0;

2
sys/dev/pci/drm/i915/gt/uc/intel_gsc_uc.c
View File

@ -304,7 +304,7 @@ void intel_gsc_uc_load_start(struct intel_gsc_uc *gsc)
{
struct intel_gt *gt = gsc_uc_to_gt(gsc);
if (!intel_uc_fw_is_loadable(&gsc->fw))
if (!intel_uc_fw_is_loadable(&gsc->fw) || intel_uc_fw_is_in_error(&gsc->fw))
return;
if (intel_gsc_uc_fw_init_done(gsc))

5
sys/dev/pci/drm/i915/gt/uc/intel_uc_fw.h
View File

@ -258,6 +258,11 @@ static inline bool intel_uc_fw_is_running(struct intel_uc_fw *uc_fw)
return __intel_uc_fw_status(uc_fw) == INTEL_UC_FIRMWARE_RUNNING;
}
static inline bool intel_uc_fw_is_in_error(struct intel_uc_fw *uc_fw)
{
return intel_uc_fw_status_to_error(__intel_uc_fw_status(uc_fw)) != 0;
}
static inline bool intel_uc_fw_is_overridden(const struct intel_uc_fw *uc_fw)
{
return uc_fw->user_overridden;

8
sys/dev/pci/drm/i915/i915_sw_fence.c
View File

@ -51,7 +51,7 @@ static inline void debug_fence_init(struct i915_sw_fence *fence)
debug_object_init(fence, &i915_sw_fence_debug_descr);
}
static inline void debug_fence_init_onstack(struct i915_sw_fence *fence)
static inline __maybe_unused void debug_fence_init_onstack(struct i915_sw_fence *fence)
{
debug_object_init_on_stack(fence, &i915_sw_fence_debug_descr);
}
@ -77,7 +77,7 @@ static inline void debug_fence_destroy(struct i915_sw_fence *fence)
debug_object_destroy(fence, &i915_sw_fence_debug_descr);
}
static inline void debug_fence_free(struct i915_sw_fence *fence)
static inline __maybe_unused void debug_fence_free(struct i915_sw_fence *fence)
{
debug_object_free(fence, &i915_sw_fence_debug_descr);
smp_wmb(); /* flush the change in state before reallocation */
@ -94,7 +94,7 @@ static inline void debug_fence_init(struct i915_sw_fence *fence)
{
}
static inline void debug_fence_init_onstack(struct i915_sw_fence *fence)
static inline __maybe_unused void debug_fence_init_onstack(struct i915_sw_fence *fence)
{
}
@ -115,7 +115,7 @@ static inline void debug_fence_destroy(struct i915_sw_fence *fence)
{
}
static inline void debug_fence_free(struct i915_sw_fence *fence)
static inline __maybe_unused void debug_fence_free(struct i915_sw_fence *fence)
{
}

4
sys/dev/pci/drm/include/linux/device.h
View File

@ -14,12 +14,10 @@
#include <linux/kobject.h>
#include <linux/ratelimit.h> /* dev_printk.h -> ratelimit.h */
#include <linux/module.h> /* via device/driver.h */
#include <linux/device/bus.h>
struct device_node;
struct bus_type {
};
struct device_driver {
struct device *dev;
};

18
sys/dev/pci/drm/include/linux/device/bus.h
View File

@ -3,7 +3,21 @@
#ifndef _LINUX_DEVICE_BUS_H
#define _LINUX_DEVICE_BUS_H
#define bus_register_notifier(a, b) 0
#define bus_unregister_notifier(a, b) 0
struct bus_type {
};
struct notifier_block;
static inline int
bus_register_notifier(const struct bus_type *bt, struct notifier_block *nb)
{
return 0;
}
static inline int
bus_unregister_notifier(const struct bus_type *bt, struct notifier_block *nb)
{
return 0;
}
#endif

18
sys/dev/pci/drm/include/uapi/drm/drm_fourcc.h
View File

@ -1474,6 +1474,7 @@ drm_fourcc_canonicalize_nvidia_format_mod(__u64 modifier)
#define AMD_FMT_MOD_TILE_VER_GFX10 2
#define AMD_FMT_MOD_TILE_VER_GFX10_RBPLUS 3
#define AMD_FMT_MOD_TILE_VER_GFX11 4
#define AMD_FMT_MOD_TILE_VER_GFX12 5
/*
* 64K_S is the same for GFX9/GFX10/GFX10_RBPLUS and hence has GFX9 as canonical
@ -1484,6 +1485,8 @@ drm_fourcc_canonicalize_nvidia_format_mod(__u64 modifier)
/*
* 64K_D for non-32 bpp is the same for GFX9/GFX10/GFX10_RBPLUS and hence has
* GFX9 as canonical version.
*
* 64K_D_2D on GFX12 is identical to 64K_D on GFX11.
*/
#define AMD_FMT_MOD_TILE_GFX9_64K_D 10
#define AMD_FMT_MOD_TILE_GFX9_64K_S_X 25
@ -1491,6 +1494,21 @@ drm_fourcc_canonicalize_nvidia_format_mod(__u64 modifier)
#define AMD_FMT_MOD_TILE_GFX9_64K_R_X 27
#define AMD_FMT_MOD_TILE_GFX11_256K_R_X 31
/* Gfx12 swizzle modes:
* 0 - LINEAR
* 1 - 256B_2D - 2D block dimensions
* 2 - 4KB_2D
* 3 - 64KB_2D
* 4 - 256KB_2D
* 5 - 4KB_3D - 3D block dimensions
* 6 - 64KB_3D
* 7 - 256KB_3D
*/
#define AMD_FMT_MOD_TILE_GFX12_256B_2D 1
#define AMD_FMT_MOD_TILE_GFX12_4K_2D 2
#define AMD_FMT_MOD_TILE_GFX12_64K_2D 3
#define AMD_FMT_MOD_TILE_GFX12_256K_2D 4
#define AMD_FMT_MOD_DCC_BLOCK_64B 0
#define AMD_FMT_MOD_DCC_BLOCK_128B 1
#define AMD_FMT_MOD_DCC_BLOCK_256B 2

7
sys/isofs/cd9660/cd9660_vnops.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: cd9660_vnops.c,v 1.95 2023/09/08 20:00:28 mvs Exp $ */
/* $OpenBSD: cd9660_vnops.c,v 1.96 2024/09/12 09:04:51 claudio Exp $ */
/* $NetBSD: cd9660_vnops.c,v 1.42 1997/10/16 23:56:57 christos Exp $ */
/*-
@ -317,6 +317,11 @@ iso_uiodir(struct isoreaddir *idp, struct dirent *dp, off_t off)
dp->d_name[dp->d_namlen] = 0;
dp->d_reclen = DIRENT_SIZE(dp);
if (memchr(dp->d_name, '/', dp->d_namlen) != NULL) {
/* illegal file name */
return (EINVAL);
}
if (idp->uio->uio_resid < dp->d_reclen) {
idp->eofflag = 0;
return (-1);

8
sys/isofs/udf/udf_vnops.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: udf_vnops.c,v 1.72 2024/05/13 11:17:40 semarie Exp $ */
/* $OpenBSD: udf_vnops.c,v 1.73 2024/09/12 09:04:51 claudio Exp $ */
/*
* Copyright (c) 2001, 2002 Scott Long <scottl@freebsd.org>
@ -565,6 +565,12 @@ udf_uiodir(struct udf_uiodir *uiodir, struct uio *uio, long off)
uiodir->dirent->d_off = off;
uiodir->dirent->d_reclen = de_size;
if (memchr(uiodir->dirent->d_name, '/',
uiodir->dirent->d_namlen) != NULL) {
/* illegal file name */
return (EINVAL);
}
return (uiomove(uiodir->dirent, de_size, uio));
}

4
sys/kern/uipc_mbuf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: uipc_mbuf.c,v 1.293 2024/09/09 11:27:03 bluhm Exp $ */
/* $OpenBSD: uipc_mbuf.c,v 1.294 2024/09/10 14:52:42 bluhm Exp $ */
/* $NetBSD: uipc_mbuf.c,v 1.15.4.1 1996/06/13 17:11:44 cgd Exp $ */
/*
@ -1569,7 +1569,7 @@ m_print_chain(void *v, int deep,
if (m->m_flags & M_EXT)
(*pr)(", clsize %u", m->m_ext.ext_size);
else
(*pr)(", size %u",
(*pr)(", size %zu",
m->m_flags & M_PKTHDR ? MHLEN : MLEN);
(*pr)("\n");
indent = deep ? "|+-" : " +-";

33
sys/miscfs/fuse/fuse_vnops.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: fuse_vnops.c,v 1.69 2024/05/13 11:17:40 semarie Exp $ */
/* $OpenBSD: fuse_vnops.c,v 1.70 2024/09/12 09:10:46 claudio Exp $ */
/*
* Copyright (c) 2012-2013 Sylvestre Gallon <ccna.syl@gmail.com>
*
@ -752,6 +752,8 @@ fusefs_readdir(void *v)
struct fusefs_node *ip;
struct fusefs_mnt *fmp;
struct fusebuf *fbuf;
struct dirent *dp;
char *edp;
struct vnode *vp;
struct proc *p;
struct uio *uio;
@ -806,6 +808,35 @@ fusefs_readdir(void *v)
break;
}
/* validate the returned dirents */
dp = (struct dirent *)fbuf->fb_dat;
edp = fbuf->fb_dat + fbuf->fb_len;
while ((char *)dp < edp) {
if ((char *)dp + offsetof(struct dirent, d_name) >= edp
|| dp->d_reclen <= offsetof(struct dirent, d_name)
|| (char *)dp + dp->d_reclen > edp) {
error = EINVAL;
break;
}
if (dp->d_namlen + offsetof(struct dirent, d_name) >=
dp->d_reclen) {
error = EINVAL;
break;
}
memset(dp->d_name + dp->d_namlen, 0, dp->d_reclen -
dp->d_namlen - offsetof(struct dirent, d_name));
if (memchr(dp->d_name, '/', dp->d_namlen) != NULL) {
error = EINVAL;
break;
}
dp = (struct dirent *)((char *)dp + dp->d_reclen);
}
if (error) {
fb_delete(fbuf);
break;
}
if ((error = uiomove(fbuf->fb_dat, fbuf->fb_len, uio))) {
fb_delete(fbuf);
break;

6
sys/msdosfs/msdosfs_conv.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: msdosfs_conv.c,v 1.21 2024/04/14 03:26:25 jsg Exp $ */
/* $OpenBSD: msdosfs_conv.c,v 1.22 2024/09/12 09:07:28 claudio Exp $ */
/* $NetBSD: msdosfs_conv.c,v 1.24 1997/10/17 11:23:54 ws Exp $ */
/*-
@ -274,7 +274,7 @@ dos2unix[256] = {
0x3f, 0x3f, 0x3f, 0x3f, 0x3f, 0x3f, 0x3f, 0x3f, /* 10-17 */
0x3f, 0x3f, 0x3f, 0x3f, 0x3f, 0x3f, 0x3f, 0x3f, /* 18-1f */
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, /* 20-27 */
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, /* 28-2f */
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x3f, /* 28-2f */
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 30-37 */
0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, /* 38-3f */
0x40, 0x41, 0x42, 0x43, 0x44, 0x45, 0x46, 0x47, /* 40-47 */
@ -310,7 +310,7 @@ u2l[256] = {
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, /* 10-17 */
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, /* 18-1f */
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, /* 20-27 */
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, /* 28-2f */
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x3f, /* 28-2f */
0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, /* 30-37 */
0x38, 0x39, 0x3a, 0x3b, 0x3c, 0x3d, 0x3e, 0x3f, /* 38-3f */
0x40, 0x61, 0x62, 0x63, 0x64, 0x65, 0x66, 0x67, /* 40-47 */

97
sys/nfs/nfs_serv.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: nfs_serv.c,v 1.127 2024/08/17 07:02:13 jsg Exp $ */
/* $OpenBSD: nfs_serv.c,v 1.129 2024/09/11 12:22:34 claudio Exp $ */
/* $NetBSD: nfs_serv.c,v 1.34 1997/05/12 23:37:12 fvdl Exp $ */
/*
@ -94,10 +94,8 @@ nfsm_reply(struct nfsm_info *infop, struct nfsrv_descript *nfsd,
statuslen = 0;
(void)nfs_rephead(statuslen, nfsd, slp, error,
&infop->nmi_mreq, &infop->nmi_mb);
if (infop->nmi_mrep != NULL) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
}
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*mrq = infop->nmi_mreq;
if (error && (!infop->nmi_v3 || error == EBADRPC))
return error;
@ -424,11 +422,13 @@ nfsm_srvnamesiz(struct nfsm_info *infop, int *lenp)
if (tl == NULL)
return 1;
len = fxdr_unsigned(int32_t, *tl);
if (len > NFS_MAXNAMLEN)
if (len > NFS_MAXNAMLEN) {
*infop->nmi_errorp = NFSERR_NAMETOL;
else if (len <= 0)
*lenp = 0;
} else if (len <= 0) {
*infop->nmi_errorp = EBADRPC;
else {
*lenp = 0;
} else {
*infop->nmi_errorp = 0;
*lenp = len;
}
@ -471,8 +471,13 @@ nfsrv_lookup(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
goto nfsmout;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, LOOKUP, LOCKLEAF | SAVESTART, UIO_SYSSPACE, NULL, procp);
@ -1045,8 +1050,13 @@ nfsrv_create(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
return error;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, CREATE, LOCKPARENT | LOCKLEAF | SAVESTART, UIO_SYSSPACE,
@ -1332,8 +1342,13 @@ nfsrv_mknod(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
return error;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, CREATE, LOCKPARENT | LOCKLEAF | SAVESTART, UIO_SYSSPACE,
@ -1509,8 +1524,13 @@ nfsrv_remove(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
goto nfsmout;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF, UIO_SYSSPACE, NULL, procp);
@ -1605,8 +1625,13 @@ nfsrv_rename(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
return error;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
/*
@ -1816,8 +1841,13 @@ nfsrv_link(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
goto nfsmout;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
error = nfsrv_fhtovp(fhp, 0, &vp, cred, slp, nam, &rdonly);
@ -1929,8 +1959,13 @@ nfsrv_symlink(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
return error;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, CREATE, LOCKPARENT | SAVESTART, UIO_SYSSPACE, NULL, procp);
@ -2089,8 +2124,13 @@ nfsrv_mkdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
return error;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, CREATE, LOCKPARENT, UIO_SYSSPACE, NULL, procp);
@ -2218,8 +2258,13 @@ nfsrv_rmdir(struct nfsrv_descript *nfsd, struct nfssvc_sock *slp,
if (nfsm_srvnamesiz(&info, &len) != 0)
goto nfsmout;
if (error) {
if (nfsm_reply(&info, nfsd, slp, mrq, error, 0) != 0)
return 0;
/*
* nfsm_reply would return zero if v3 and an error different
* from EBADRPC. But it does not make sense to continue
* anyway if the error set in nfsm_srvnamesiz is NFSERR_NAMETOL.
*/
(void)nfsm_reply(&info, nfsd, slp, mrq, error, 0);
return 0;
}
NDINIT(&nd, DELETE, LOCKPARENT | LOCKLEAF, UIO_SYSSPACE, NULL, procp);

3
sys/nfs/nfs_socket.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: nfs_socket.c,v 1.152 2024/09/04 07:54:53 mglocker Exp $ */
/* $OpenBSD: nfs_socket.c,v 1.153 2024/09/11 12:22:34 claudio Exp $ */
/* $NetBSD: nfs_socket.c,v 1.27 1996/04/15 20:20:00 thorpej Exp $ */
/*
@ -1020,6 +1020,7 @@ tryagain:
if ((nmp->nm_flag & NFSMNT_NFSV3) &&
error == NFSERR_TRYLATER) {
m_freem(info.nmi_mrep);
info.nmi_mrep = NULL;
error = 0;
tsleep_nsec(&nowake, PSOCK, "nfsretry",
SEC_TO_NSEC(trylater_delay));

10
sys/nfs/nfs_vnops.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: nfs_vnops.c,v 1.201 2024/07/06 09:53:25 jsg Exp $ */
/* $OpenBSD: nfs_vnops.c,v 1.203 2024/09/12 09:04:51 claudio Exp $ */
/* $NetBSD: nfs_vnops.c,v 1.62.4.1 1996/07/08 20:26:52 jtc Exp $ */
/*
@ -540,6 +540,7 @@ nfsm_loadattr(struct nfsm_info *infop, struct vnode **vpp, struct vattr *vap)
error = nfs_loadattrcache(&ttvp, &infop->nmi_md, &infop->nmi_dpos, vap);
if (error != 0) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = error;
return error;
}
@ -781,6 +782,7 @@ nfsm_getfh(struct nfsm_info *infop, int *sizep, int v3)
size = fxdr_unsigned(int, *tl);
if (size <= 0 || size > NFSX_V3FHMAX) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = EBADRPC;
return NULL;
}
@ -1400,6 +1402,7 @@ nfsm_mtofh(struct nfsm_info *infop, struct vnode *dvp, struct vnode **vpp,
error = nfs_nget(dvp->v_mount, ttfhp, ttfhsize, &ttnp);
if (error != 0) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = error;
return error;
}
@ -2260,6 +2263,11 @@ nfs_readdir(void *v)
dp->d_reclen -= NFS_DIRENT_OVERHEAD;
dp->d_off = fxdr_hyper(&ndp->cookie[0]);
if (memchr(dp->d_name, '/', dp->d_namlen) != NULL) {
error = EBADRPC;
break;
}
if (uio->uio_resid < dp->d_reclen) {
eof = 0;
done = 1;

8
sys/nfs/nfsm_subs.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: nfsm_subs.h,v 1.48 2024/04/30 17:04:23 miod Exp $ */
/* $OpenBSD: nfsm_subs.h,v 1.49 2024/09/11 12:22:34 claudio Exp $ */
/* $NetBSD: nfsm_subs.h,v 1.10 1996/03/20 21:59:56 fvdl Exp $ */
/*
@ -72,6 +72,7 @@ nfsm_dissect(struct nfsm_info *infop, int s)
error = nfsm_disct(&infop->nmi_md, &infop->nmi_dpos, s, avail, &ret);
if (error != 0) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = error;
return NULL;
} else {
@ -95,6 +96,7 @@ nfsm_adv(struct nfsm_info *infop, int s)
error = nfs_adv(&infop->nmi_md, &infop->nmi_dpos, s, avail);
if (error != 0) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = error;
return error;
}
@ -121,6 +123,7 @@ nfsm_postop_attr(struct nfsm_info *infop, struct vnode **vpp, int *attrflagp)
&infop->nmi_dpos, NULL);
if (error != 0) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = error;
return error;
}
@ -140,6 +143,7 @@ nfsm_strsiz(struct nfsm_info *infop, int *lenp, int maxlen)
len = fxdr_unsigned(int32_t, *tl);
if (len < 0 || len > maxlen) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = EBADRPC;
return 1;
}
@ -158,6 +162,7 @@ nfsm_mtouio(struct nfsm_info *infop, struct uio *uiop, int len)
error = nfsm_mbuftouio(&infop->nmi_md, uiop, len, &infop->nmi_dpos);
if (error != 0) {
m_freem(infop->nmi_mrep);
infop->nmi_mrep = NULL;
*infop->nmi_errorp = error;
return error;
}
@ -169,6 +174,7 @@ nfsm_strtom(struct nfsm_info *infop, char *str, size_t len, size_t maxlen)
{
if (len > maxlen) {
m_freem(infop->nmi_mreq);
infop->nmi_mreq = NULL;
*infop->nmi_errorp = ENAMETOOLONG;
return 1;
}

6
sys/ntfs/ntfs_vnops.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ntfs_vnops.c,v 1.49 2024/05/13 11:17:40 semarie Exp $ */
/* $OpenBSD: ntfs_vnops.c,v 1.50 2024/09/12 09:04:51 claudio Exp $ */
/* $NetBSD: ntfs_vnops.c,v 1.6 2003/04/10 21:57:26 jdolecek Exp $ */
/*
@ -489,6 +489,10 @@ ntfs_readdir(void *v)
"flag: %u, ",
num, cde.d_name, iep->ie_fnametype, iep->ie_flag);
cde.d_namlen = fname - (char *) cde.d_name;
if (memchr(cde.d_name, '/', cde.d_namlen) != NULL) {
error = EINVAL;
goto out;
}
cde.d_fileno = iep->ie_number;
cde.d_type = (iep->ie_fflag & NTFS_FFLAG_DIR) ? DT_DIR : DT_REG;
cde.d_reclen = sizeof(struct dirent);

7
sys/tmpfs/tmpfs_subr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tmpfs_subr.c,v 1.26 2022/11/15 17:16:44 mvs Exp $ */
/* $OpenBSD: tmpfs_subr.c,v 1.27 2024/09/12 09:04:51 claudio Exp $ */
/* $NetBSD: tmpfs_subr.c,v 1.79 2012/03/13 18:40:50 elad Exp $ */
/*
@ -820,6 +820,11 @@ tmpfs_dir_getdents(tmpfs_node_t *node, struct uio *uio)
dent.d_name[de->td_namelen] = '\0';
dent.d_reclen = DIRENT_SIZE(&dent);
if (memchr(dent.d_name, '/', dent.d_namlen) != NULL) {
error = EINVAL;
break;
}
next_de = TAILQ_NEXT(de, td_entries);
if (next_de == NULL)
dent.d_off = TMPFS_DIRSEQ_EOF;

8
sys/ufs/ext2fs/ext2fs_lookup.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ext2fs_lookup.c,v 1.46 2022/01/11 03:13:59 jsg Exp $ */
/* $OpenBSD: ext2fs_lookup.c,v 1.47 2024/09/12 09:04:51 claudio Exp $ */
/* $NetBSD: ext2fs_lookup.c,v 1.16 2000/08/03 20:29:26 thorpej Exp $ */
/*
@ -173,7 +173,11 @@ ext2fs_readdir(void *v)
break;
}
ext2fs_dirconv2ffs(dp, &dstd);
if(dstd.d_reclen > uio->uio_resid) {
if (memchr(dstd.d_name, '/', dstd.d_namlen) != NULL) {
error = EINVAL;
break;
}
if (dstd.d_reclen > uio->uio_resid) {
break;
}
dstd.d_off = off + e2d_reclen;

24
sys/ufs/ufs/ufs_ihash.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ufs_ihash.c,v 1.28 2024/09/04 17:00:08 beck Exp $ */
/* $OpenBSD: ufs_ihash.c,v 1.30 2024/09/11 08:29:55 claudio Exp $ */
/* $NetBSD: ufs_ihash.c,v 1.3 1996/02/09 22:36:04 christos Exp $ */
/*
@ -42,6 +42,7 @@
#include <ufs/ufs/inode.h>
#include <ufs/ufs/ufs_extern.h>
#include <ufs/ufs/ufsmount.h>
#include <ufs/ext2fs/ext2fs_extern.h>
#include <crypto/siphash.h>
@ -108,8 +109,27 @@ loop:
* the previously committed vdoom() or this should be
* dealt with so this can't happen.
*/
#ifdef FUSE
/*
* XXX for whatever stupid reason fuse decided to
* use ufs inodes and with this ufs_ihashget.
* fuse needs to grow up and use its own inode
* structure and hash.
*/
if (vp->v_tag == VT_FUSEFS)
return (vp);
#endif
if (VTOI(vp) != ip ||
(DIP(ip, nlink) <= 0 &&
((
#ifdef EXT2FS
/*
* XXX DIP does not cover ext2fs so hack
* around this for now since this is using
* ufs_ihashget as well.
*/
IS_EXT2_VNODE(vp) ? ip->i_e2fs_nlink <= 0 :
#endif
DIP(ip, nlink) <= 0) &&
(vp->v_mount->mnt_flag & MNT_RDONLY) == 0)) {
/*
* This should recycle the inode immediately,

7
sys/ufs/ufs/ufs_vnops.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ufs_vnops.c,v 1.162 2024/05/13 11:17:41 semarie Exp $ */
/* $OpenBSD: ufs_vnops.c,v 1.163 2024/09/12 09:04:51 claudio Exp $ */
/* $NetBSD: ufs_vnops.c,v 1.18 1996/05/11 18:28:04 mycroft Exp $ */
/*
@ -1395,6 +1395,11 @@ ufs_readdir(void *v)
memset(u.dn.d_name + u.dn.d_namlen, 0, u.dn.d_reclen
- u.dn.d_namlen - offsetof(struct dirent, d_name));
if (memchr(u.dn.d_name, '/', u.dn.d_namlen) != NULL) {
error = EINVAL;
break;
}
error = uiomove(&u.dn, u.dn.d_reclen, uio);
dp = (struct direct *)((char *)dp + dp->d_reclen);
}

4
usr.bin/ssh/sshd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: sshd.c,v 1.610 2024/08/17 08:09:50 djm Exp $ */
/* $OpenBSD: sshd.c,v 1.611 2024/09/12 00:36:27 djm Exp $ */
/*
* Copyright (c) 2000, 2001, 2002 Markus Friedl. All rights reserved.
* Copyright (c) 2002 Niels Provos. All rights reserved.
@ -1277,7 +1277,7 @@ main(int ac, char **av)
break;
}
}
if (!test_flag && !do_dump_cfg && !path_absolute(av[0]))
if (!test_flag && !inetd_flag && !do_dump_cfg && !path_absolute(av[0]))
fatal("sshd requires execution with an absolute path");
closefrom(STDERR_FILENO + 1);

16
usr.bin/tmux/server-client.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: server-client.c,v 1.407 2024/08/27 07:25:27 nicm Exp $ */
/* $OpenBSD: server-client.c,v 1.408 2024/09/11 19:12:33 nicm Exp $ */
/*
* Copyright (c) 2009 Nicholas Marriott <nicholas.marriott@gmail.com>
@ -2024,7 +2024,19 @@ try_again:
}
/*
* No match in this table. If not in the root table or if repeating,
* Binding movement keys is useless since we only turn them on when the
* application requests, so don't let them exit the prefix table.
*/
if (key == KEYC_MOUSEMOVE_PANE ||
key == KEYC_MOUSEMOVE_STATUS ||
key == KEYC_MOUSEMOVE_STATUS_LEFT ||
key == KEYC_MOUSEMOVE_STATUS_RIGHT ||
key == KEYC_MOUSEMOVE_STATUS_DEFAULT ||
key == KEYC_MOUSEMOVE_BORDER)
goto forward_key;
/*
* No match in this table. If not in the root table or if repeating
* switch the client back to the root table and try again.
*/
log_debug("not found in key table %s", table->name);

6
usr.bin/wc/wc.1
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: wc.1,v 1.27 2016/10/24 13:46:58 schwarze Exp $
.\" $OpenBSD: wc.1,v 1.28 2024/09/11 03:57:14 guenther Exp $
.\"
.\" Copyright (c) 1991, 1993
.\" The Regents of the University of California. All rights reserved.
@ -32,7 +32,7 @@
.\"
.\" from: @(#)wc.1 8.2 (Berkeley) 4/19/94
.\"
.Dd $Mdocdate: October 24 2016 $
.Dd $Mdocdate: September 11 2024 $
.Dt WC 1
.Os
.Sh NAME
@ -125,7 +125,7 @@ has the same effect as
The
.Nm
utility is compliant with the
.St -p1003.1-2008
.St -p1003.1-2024
specification.
.Pp
The flag

14
usr.bin/wc/wc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: wc.c,v 1.31 2022/12/04 23:50:50 cheloha Exp $ */
/* $OpenBSD: wc.c,v 1.32 2024/09/11 03:57:14 guenther Exp $ */
/*
* Copyright (c) 1980, 1987, 1991, 1993
@ -193,23 +193,19 @@ cnt(const char *path)
}
/*
* If all we need is the number of characters and
* it's a directory or a regular or linked file, just
* stat the puppy. We avoid testing for it not being
* it's a directory or a regular file, just stat
* our handle. We avoid testing for it not being
* a special device in case someone adds a new type
* of inode.
*/
else if (dochar) {
mode_t ifmt;
if (fstat(fd, &sbuf)) {
warn("%s", file);
rval = 1;
} else {
ifmt = sbuf.st_mode & S_IFMT;
if (ifmt == S_IFREG || ifmt == S_IFLNK
|| ifmt == S_IFDIR) {
if (S_ISREG(sbuf.st_mode) || S_ISDIR(sbuf.st_mode))
charct = sbuf.st_size;
} else {
else {
while ((len = read(fd, buf, _MAXBSIZE)) > 0)
charct += len;
if (len == -1) {

6
usr.sbin/bgpd/rde.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rde.c,v 1.632 2024/09/09 15:00:45 claudio Exp $ */
/* $OpenBSD: rde.c,v 1.633 2024/09/10 09:38:45 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@ -1123,7 +1123,9 @@ rde_dispatch_imsg_parent(struct imsgbuf *imsgbuf)
sizeof(uint32_t));
break;
case IMSG_RECONF_AS_SET_ITEMS:
if (imsg_get_ibuf(&imsg, &ibuf) == -1)
if (imsg_get_ibuf(&imsg, &ibuf) == -1 ||
ibuf_size(&ibuf) == 0 ||
ibuf_size(&ibuf) % sizeof(uint32_t) != 0)
fatalx("IMSG_RECONF_AS_SET_ITEMS bad len");
nmemb = ibuf_size(&ibuf) / sizeof(uint32_t);
if (set_add(last_as_set->set, ibuf_data(&ibuf),

23
usr.sbin/bgpd/rde_attr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rde_attr.c,v 1.134 2023/07/12 14:45:43 claudio Exp $ */
/* $OpenBSD: rde_attr.c,v 1.135 2024/09/10 09:38:45 claudio Exp $ */
/*
* Copyright (c) 2004 Claudio Jeker <claudio@openbsd.org>
@ -357,7 +357,8 @@ aspath_get(void *data, uint16_t len)
aspath->len = len;
aspath->ascnt = aspath_count(data, len);
aspath->source_as = aspath_extract_origin(data, len);
memcpy(aspath->data, data, len);
if (len != 0)
memcpy(aspath->data, data, len);
return (aspath);
}
@ -396,7 +397,7 @@ aspath_put(struct aspath *aspath)
u_char *
aspath_deflate(u_char *data, uint16_t *len, int *flagnew)
{
uint8_t *seg, *nseg, *ndata;
uint8_t *seg, *nseg, *ndata = NULL;
uint32_t as;
int i;
uint16_t seg_size, olen, nlen;
@ -415,6 +416,9 @@ aspath_deflate(u_char *data, uint16_t *len, int *flagnew)
fatalx("%s: would overflow", __func__);
}
if (nlen == 0)
goto done;
if ((ndata = malloc(nlen)) == NULL)
fatal("%s", __func__);
@ -437,6 +441,7 @@ aspath_deflate(u_char *data, uint16_t *len, int *flagnew)
}
}
done:
*len = nlen;
return (ndata);
}
@ -791,6 +796,10 @@ aspath_prepend(struct aspath *asp, uint32_t as, int quantum, uint16_t *len)
fatalx("aspath_prepend: preposterous prepend");
if (quantum == 0) {
/* no change needed but return a copy */
if (asp->len == 0) {
*len = 0;
return (NULL);
}
p = malloc(asp->len);
if (p == NULL)
fatal("%s", __func__);
@ -834,7 +843,8 @@ aspath_prepend(struct aspath *asp, uint32_t as, int quantum, uint16_t *len)
wpos += sizeof(uint32_t);
}
}
memcpy(p + wpos, asp->data + shift, asp->len - shift);
if (asp->len > shift)
memcpy(p + wpos, asp->data + shift, asp->len - shift);
*len = l;
return (p);
@ -852,6 +862,11 @@ aspath_override(struct aspath *asp, uint32_t neighbor_as, uint32_t local_as,
uint16_t l, seg_size;
uint8_t i, seg_len, seg_type;
if (asp->len == 0) {
*len = 0;
return (NULL);
}
p = malloc(asp->len);
if (p == NULL)
fatal("%s", __func__);

9
usr.sbin/bgpd/rde_community.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rde_community.c,v 1.15 2024/01/24 14:51:12 claudio Exp $ */
/* $OpenBSD: rde_community.c,v 1.16 2024/09/10 08:53:20 claudio Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
@ -715,18 +715,19 @@ communities_copy(struct rde_community *to, struct rde_community *from)
memset(to, 0, sizeof(*to));
/* ignore from->size and allocate the perfect amount */
to->size = from->size;
to->size = from->nentries;
to->nentries = from->nentries;
to->flags = from->flags;
if (to->nentries == 0)
return;
if ((to->communities = reallocarray(NULL, to->size,
sizeof(struct community))) == NULL)
fatal(__func__);
memcpy(to->communities, from->communities,
to->nentries * sizeof(struct community));
memset(to->communities + to->nentries, 0, sizeof(struct community) *
(to->size - to->nentries));
}
/*

6
usr.sbin/bgpd/rde_prefix.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rde_prefix.c,v 1.51 2024/06/25 13:21:18 claudio Exp $ */
/* $OpenBSD: rde_prefix.c,v 1.52 2024/09/10 08:47:51 claudio Exp $ */
/*
* Copyright (c) 2003, 2004 Claudio Jeker <claudio@openbsd.org>
@ -225,6 +225,8 @@ pt_fill(struct bgpd_addr *prefix, int prefixlen)
pte_vpn4.prefixlen = prefixlen;
pte_vpn4.rd = prefix->rd;
pte_vpn4.labellen = prefix->labellen;
if (prefix->labellen == 0)
fatalx("pt_fill: no MPLS label in VPN addr");
memcpy(pte_vpn4.labelstack, prefix->labelstack,
prefix->labellen);
return ((struct pt_entry *)&pte_vpn4);
@ -239,6 +241,8 @@ pt_fill(struct bgpd_addr *prefix, int prefixlen)
pte_vpn6.prefixlen = prefixlen;
pte_vpn6.rd = prefix->rd;
pte_vpn6.labellen = prefix->labellen;
if (prefix->labellen == 0)
fatalx("pt_fill: no MPLS label in VPN addr");
memcpy(pte_vpn6.labelstack, prefix->labelstack,
prefix->labellen);
return ((struct pt_entry *)&pte_vpn6);

5
usr.sbin/bgpd/rde_sets.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rde_sets.c,v 1.12 2022/07/28 13:11:51 deraadt Exp $ */
/* $OpenBSD: rde_sets.c,v 1.13 2024/09/10 09:38:45 claudio Exp $ */
/*
* Copyright (c) 2018 Claudio Jeker <claudio@openbsd.org>
@ -149,6 +149,9 @@ set_free(struct set_table *set)
int
set_add(struct set_table *set, void *elms, size_t nelms)
{
if (nelms == 0) /* nothing todo */
return 0;
if (set->max < nelms || set->max - nelms < set->nmemb) {
uint32_t *s;
size_t new_size;

4
usr.sbin/bgpd/rtr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rtr.c,v 1.22 2024/08/12 09:04:23 claudio Exp $ */
/* $OpenBSD: rtr.c,v 1.23 2024/09/10 08:37:52 claudio Exp $ */
/*
* Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
@ -143,7 +143,7 @@ aspa_set_entry(struct aspa_set *aspa, uint32_t asnum)
}
num = aspa->num + 1;
newtas = recallocarray(aspa->tas, aspa->num, num, sizeof(uint32_t));
newtas = reallocarray(aspa->tas, num, sizeof(uint32_t));
if (newtas == NULL)
fatal("aspa_set merge");

20
usr.sbin/bgpd/rtr_proto.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rtr_proto.c,v 1.39 2024/08/20 11:59:39 claudio Exp $ */
/* $OpenBSD: rtr_proto.c,v 1.40 2024/09/10 08:41:13 claudio Exp $ */
/*
* Copyright (c) 2020 Claudio Jeker <claudio@openbsd.org>
@ -110,8 +110,6 @@ struct rtr_routerkey {
/* followed by Subject Public Key Info */
} __packed;
#define FLAG_AFI_V6 0x1
#define FLAG_AFI_MASK FLAG_AFI_V6
struct rtr_aspa {
struct rtr_header hdr;
uint32_t cas;
@ -191,7 +189,6 @@ struct rtr_session {
char descr[PEER_DESCR_LEN];
struct roa_tree roa_set;
struct aspa_tree aspa;
struct aspa_tree aspa_oldv6;
struct ibuf_read r;
struct msgbuf w;
struct timer_head timers;
@ -277,7 +274,6 @@ rtr_reset_cache(struct rtr_session *rs)
timer_stop(&rs->timers, Timer_Rtr_Expire);
free_roatree(&rs->roa_set);
free_aspatree(&rs->aspa);
free_aspatree(&rs->aspa_oldv6);
}
static struct ibuf *
@ -761,6 +757,17 @@ rtr_parse_aspa(struct rtr_session *rs, struct ibuf *pdu)
flags = rtr_aspa.hdr.flags;
cnt = ibuf_size(pdu) / sizeof(uint32_t);
if ((flags & FLAG_ANNOUNCE) && cnt == 0) {
rtr_send_error(rs, pdu, CORRUPT_DATA, "%s: "
"announce with empty SPAS", log_rtr_type(ASPA));
return -1;
}
if ((flags & FLAG_ANNOUNCE) == 0 && cnt != 0) {
rtr_send_error(rs, pdu, CORRUPT_DATA, "%s: "
"withdraw with non-empty SPAS", log_rtr_type(ASPA));
return -1;
}
if (rs->state != RTR_STATE_EXCHANGE) {
rtr_send_error(rs, pdu, CORRUPT_DATA, "%s: out of context",
log_rtr_type(ASPA));
@ -1398,7 +1405,6 @@ rtr_new(uint32_t id, struct rtr_config_msg *conf)
RB_INIT(&rs->roa_set);
RB_INIT(&rs->aspa);
RB_INIT(&rs->aspa_oldv6);
TAILQ_INIT(&rs->timers);
msgbuf_init(&rs->w);
@ -1518,8 +1524,6 @@ rtr_aspa_merge(struct aspa_tree *at)
TAILQ_FOREACH(rs, &rtrs, entry) {
RB_FOREACH(aspa, aspa_tree, &rs->aspa)
rtr_aspa_insert(at, aspa);
RB_FOREACH(aspa, aspa_tree, &rs->aspa_oldv6)
rtr_aspa_insert(at, aspa);
}
}

39
usr.sbin/rpki-client/crl.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: crl.c,v 1.42 2024/06/17 18:52:50 tb Exp $ */
/* $OpenBSD: crl.c,v 1.43 2024/09/12 10:33:25 tb Exp $ */
/*
* Copyright (c) 2024 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -26,30 +26,37 @@
#include "extern.h"
/*
* Check that the CRL number extension is present and that it is non-critical.
* Check CRL Number is present, non-critical and in [0, 2^159-1].
* Otherwise ignore it per draft-spaghetti-sidrops-rpki-crl-numbers.
*/
static int
crl_has_crl_number(const char *fn, const X509_CRL *x509_crl)
crl_check_crl_number(const char *fn, const X509_CRL *x509_crl)
{
const X509_EXTENSION *ext;
int idx;
ASN1_INTEGER *aint = NULL;
int crit;
int ret = 0;
if ((idx = X509_CRL_get_ext_by_NID(x509_crl, NID_crl_number, -1)) < 0) {
warnx("%s: RFC 6487, section 5: missing CRL number", fn);
return 0;
aint = X509_CRL_get_ext_d2i(x509_crl, NID_crl_number, &crit, NULL);
if (aint == NULL) {
if (crit != -1)
warnx("%s: RFC 6487, section 5: "
"failed to parse CRL number", fn);
else
warnx("%s: RFC 6487, section 5: missing CRL number",
fn);
goto out;
}
if ((ext = X509_CRL_get_ext(x509_crl, idx)) == NULL) {
warnx("%s: RFC 6487, section 5: failed to get CRL number", fn);
return 0;
}
if (X509_EXTENSION_get_critical(ext) != 0) {
if (crit != 0) {
warnx("%s: RFC 6487, section 5: CRL number not non-critical",
fn);
return 0;
goto out;
}
return 1;
ret = x509_valid_seqnum(fn, "CRL number", aint);
out:
ASN1_INTEGER_free(aint);
return ret;
}
/*
@ -222,7 +229,7 @@ crl_parse(const char *fn, const unsigned char *der, size_t len)
"%d != 2", fn, count);
goto out;
}
if (!crl_has_crl_number(fn, crl->x509_crl))
if (!crl_check_crl_number(fn, crl->x509_crl))
goto out;
if ((crl->aki = crl_get_aki(fn, crl->x509_crl)) == NULL)
goto out;

7
usr.sbin/rpki-client/extern.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: extern.h,v 1.227 2024/08/29 09:53:04 job Exp $ */
/* $OpenBSD: extern.h,v 1.228 2024/09/12 10:33:25 tb Exp $ */
/*
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
*
@ -916,7 +916,10 @@ char *x509_get_pubkey(X509 *, const char *);
char *x509_pubkey_get_ski(X509_PUBKEY *, const char *);
enum cert_purpose x509_get_purpose(X509 *, const char *);
int x509_get_time(const ASN1_TIME *, time_t *);
char *x509_convert_seqnum(const char *, const ASN1_INTEGER *);
char *x509_convert_seqnum(const char *, const char *,
const ASN1_INTEGER *);
int x509_valid_seqnum(const char *, const char *,
const ASN1_INTEGER *);
int x509_location(const char *, const char *, GENERAL_NAME *,
char **);
int x509_inherits(X509 *);

5
usr.sbin/rpki-client/mft.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: mft.c,v 1.118 2024/09/08 07:23:36 tb Exp $ */
/* $OpenBSD: mft.c,v 1.119 2024/09/12 10:33:25 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -333,7 +333,8 @@ mft_parse_econtent(const char *fn, struct mft *mft, const unsigned char *d,
if (!valid_econtent_version(fn, mft_asn1->version, 0))
goto out;
mft->seqnum = x509_convert_seqnum(fn, mft_asn1->manifestNumber);
mft->seqnum = x509_convert_seqnum(fn, "manifest number",
mft_asn1->manifestNumber);
if (mft->seqnum == NULL)
goto out;

39
usr.sbin/rpki-client/print.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: print.c,v 1.55 2024/06/08 13:30:35 tb Exp $ */
/* $OpenBSD: print.c,v 1.56 2024/09/12 10:33:25 tb Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -159,7 +159,8 @@ x509_print(const X509 *x)
goto out;
}
if ((serial = x509_convert_seqnum(__func__, xserial)) == NULL)
if ((serial = x509_convert_seqnum(__func__, "serial number",
xserial)) == NULL)
goto out;
if (outformats & FORMAT_JSON) {
@ -342,45 +343,33 @@ cert_print(const struct cert *p)
json_do_end();
}
/*
* XXX - dedup with x509_convert_seqnum()?
*/
static char *
crl_parse_number(const X509_CRL *x509_crl)
{
ASN1_INTEGER *aint = NULL;
int crit;
BIGNUM *seqnum = NULL;
char *s = NULL;
aint = X509_CRL_get_ext_d2i(x509_crl, NID_crl_number, &crit, NULL);
if (aint == NULL) {
if (crit != -1)
warnx("failed to parse CRL Number");
warnx("%s: RFC 6487, section 5: "
"failed to parse CRL number", __func__);
else
warnx("CRL Number missing");
warnx("%s: RFC 6487, section 5: missing CRL number",
__func__);
goto out;
}
if (crit != 0) {
warnx("%s: RFC 6487, section 5: CRL number not non-critical",
__func__);
goto out;
}
if (ASN1_STRING_length(aint) > 20)
warnx("CRL Number should fit in 20 octets");
seqnum = ASN1_INTEGER_to_BN(aint, NULL);
if (seqnum == NULL) {
warnx("CRL Number: ASN1_INTEGER_to_BN error");
goto out;
}
if (BN_is_negative(seqnum))
warnx("CRL Number should be positive");
s = BN_bn2hex(seqnum);
if (s == NULL)
warnx("CRL Number: BN_bn2hex error");
s = x509_convert_seqnum(__func__, "CRL Number", aint);
out:
ASN1_INTEGER_free(aint);
BN_free(seqnum);
return s;
}
@ -435,7 +424,7 @@ crl_print(const struct crl *p)
revlist = X509_CRL_get_REVOKED(p->x509_crl);
for (i = 0; i < sk_X509_REVOKED_num(revlist); i++) {
rev = sk_X509_REVOKED_value(revlist, i);
serial = x509_convert_seqnum(__func__,
serial = x509_convert_seqnum(__func__, "serial number",
X509_REVOKED_get0_serialNumber(rev));
x509_get_time(X509_REVOKED_get0_revocationDate(rev), &t);
if (serial != NULL) {

10
usr.sbin/rpki-client/rpki-client.8
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: rpki-client.8,v 1.109 2024/09/04 15:46:43 job Exp $
.\" $OpenBSD: rpki-client.8,v 1.111 2024/09/10 18:37:42 tb Exp $
.\"
.\" Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
.\"
@ -14,7 +14,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: September 4 2024 $
.Dd $Mdocdate: September 10 2024 $
.Dt RPKI-CLIENT 8
.Os
.Sh NAME
@ -458,6 +458,12 @@ agreement regarding ARIN service restrictions.
.Re
.Pp
.Rs
.%T RPKI Manifest Number Handling
.%U https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-manifest-numbers
.%D June, 2024
.Re
.Pp
.Rs
.%T Same-Origin Policy for RRDP
.%U https://datatracker.ietf.org/doc/html/draft-ietf-sidrops-rrdp-same-origin
.%D June, 2024

73
usr.sbin/rpki-client/x509.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: x509.c,v 1.100 2024/07/08 16:11:47 tb Exp $ */
/* $OpenBSD: x509.c,v 1.101 2024/09/12 10:33:25 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
@ -1014,47 +1014,74 @@ x509_valid_name(const char *fn, const char *descr, const X509_NAME *xn)
return 1;
}
/*
* Check ASN1_INTEGER is non-negative and fits in 20 octets.
* Returns allocated BIGNUM if true, NULL otherwise.
*/
static BIGNUM *
x509_seqnum_to_bn(const char *fn, const char *descr, const ASN1_INTEGER *i)
{
BIGNUM *bn = NULL;
if (ASN1_STRING_length(i) > 20) {
warnx("%s: %s should fit in 20 octets", fn, descr);
goto out;
}
if ((bn = ASN1_INTEGER_to_BN(i, NULL)) == NULL) {
warnx("%s: %s: ASN1_INTEGER_to_BN error", fn, descr);
goto out;
}
if (BN_is_negative(bn)) {
warnx("%s: %s should be non-negative", fn, descr);
goto out;
}
return bn;
out:
BN_free(bn);
return NULL;
}
/*
* Convert an ASN1_INTEGER into a hexstring, enforcing that it is non-negative
* and representable by at most 20 octets (RFC 5280, section 4.1.2.2).
* Returned string needs to be freed by the caller.
*/
char *
x509_convert_seqnum(const char *fn, const ASN1_INTEGER *i)
x509_convert_seqnum(const char *fn, const char *descr, const ASN1_INTEGER *i)
{
BIGNUM *seqnum = NULL;
BIGNUM *bn = NULL;
char *s = NULL;
if (i == NULL)
goto out;
if (ASN1_STRING_length(i) > 20) {
warnx("%s: %s: want 20 octets or fewer, have more.",
__func__, fn);
if ((bn = x509_seqnum_to_bn(fn, descr, i)) == NULL)
goto out;
}
seqnum = ASN1_INTEGER_to_BN(i, NULL);
if (seqnum == NULL) {
warnx("%s: ASN1_INTEGER_to_BN error", fn);
goto out;
}
if (BN_is_negative(seqnum)) {
warnx("%s: %s: want positive integer, have negative.",
__func__, fn);
goto out;
}
s = BN_bn2hex(seqnum);
if (s == NULL)
warnx("%s: BN_bn2hex error", fn);
if ((s = BN_bn2hex(bn)) == NULL)
warnx("%s: %s: BN_bn2hex error", fn, descr);
out:
BN_free(seqnum);
BN_free(bn);
return s;
}
int
x509_valid_seqnum(const char *fn, const char *descr, const ASN1_INTEGER *i)
{
BIGNUM *bn;
if ((bn = x509_seqnum_to_bn(fn, descr, i)) == NULL)
return 0;
BN_free(bn);
return 1;
}
/*
* Find the closest expiry moment by walking the chain of authorities.
*/

3
usr.sbin/vmd/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.30 2024/07/10 09:27:33 dv Exp $
# $OpenBSD: Makefile,v 1.31 2024/09/11 15:42:52 bluhm Exp $
.if ${MACHINE} == "amd64" || ${MACHINE} == "arm64"
@ -11,6 +11,7 @@ SRCS+= vionet.c
.if ${MACHINE} == "amd64"
SRCS+= i8253.c i8259.c fw_cfg.c loadfile_elf.c mc146818.c ns8250.c
SRCS+= x86_vm.c x86_mmio.c
SRCS+= psp.c sev.c
.endif # amd64
.if ${MACHINE} == "arm64"
SRCS+= arm64_vm.c

50
usr.sbin/vmd/arm64_vm.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: arm64_vm.c,v 1.1 2024/07/10 10:41:19 dv Exp $ */
/* $OpenBSD: arm64_vm.c,v 1.2 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2024 Dave Voutila <dv@openbsd.org>
*
@ -160,3 +160,51 @@ vcpu_exit_pci(struct vm_run_params *vrp)
/* NOTREACHED */
return (0xff);
}
void
set_return_data(struct vm_exit *vei, uint32_t data)
{
fatalx("%s: unimplemented", __func__);
/* NOTREACHED */
return;
}
void
get_input_data(struct vm_exit *vei, uint32_t *data)
{
fatalx("%s: unimplemented", __func__);
/* NOTREACHED */
return;
}
int
sev_init(struct vmd_vm *vm)
{
fatalx("%s: unimplemented", __func__);
/* NOTREACHED */
return (-1);
}
int
sev_shutdown(struct vmd_vm *vm)
{
fatalx("%s: unimplemented", __func__);
/* NOTREACHED */
return (-1);
}
int
sev_activate(struct vmd_vm *vm, int vcpu_id)
{
fatalx("%s: unimplemented", __func__);
/* NOTREACHED */
return (-1);
}
int
sev_encrypt_memory(struct vmd_vm *vm)
{
fatalx("%s: unimplemented", __func__);
/* NOTREACHED */
return (-1);
}

35
usr.sbin/vmd/loadfile_elf.c
View File

@ -1,5 +1,5 @@
/* $NetBSD: loadfile.c,v 1.10 2000/12/03 02:53:04 tsutsui Exp $ */
/* $OpenBSD: loadfile_elf.c,v 1.48 2024/07/09 09:31:37 dv Exp $ */
/* $OpenBSD: loadfile_elf.c,v 1.49 2024/09/11 15:42:52 bluhm Exp $ */
/*-
* Copyright (c) 1997 The NetBSD Foundation, Inc.
@ -130,6 +130,8 @@ static void mbcopy(void *, paddr_t, int);
extern char *__progname;
extern int vm_id;
uint64_t pg_crypt = 0;
/*
* setsegment
*
@ -194,6 +196,7 @@ push_gdt(void)
setsegment(&sd[2], 0, 0xffffffff, SDT_MEMRWA, SEL_KPL, 1, 1);
write_mem(GDT_PAGE, gdtpage, PAGE_SIZE);
sev_register_encryption(GDT_PAGE, PAGE_SIZE);
}
/*
@ -229,20 +232,24 @@ push_pt_64(void)
/* PDPDE0 - first 1GB */
memset(ptes, 0, sizeof(ptes));
ptes[0] = PG_V | PML3_PAGE;
ptes[0] = pg_crypt | PG_V | PML3_PAGE;
write_mem(PML4_PAGE, ptes, PAGE_SIZE);
sev_register_encryption(PML4_PAGE, PAGE_SIZE);
/* PDE0 - first 1GB */
memset(ptes, 0, sizeof(ptes));
ptes[0] = PG_V | PG_RW | PG_u | PML2_PAGE;
ptes[0] = pg_crypt | PG_V | PG_RW | PG_u | PML2_PAGE;
write_mem(PML3_PAGE, ptes, PAGE_SIZE);
sev_register_encryption(PML3_PAGE, PAGE_SIZE);
/* First 1GB (in 2MB pages) */
memset(ptes, 0, sizeof(ptes));
for (i = 0 ; i < 512; i++) {
ptes[i] = PG_V | PG_RW | PG_u | PG_PS | ((2048 * 1024) * i);
ptes[i] = pg_crypt | PG_V | PG_RW | PG_u | PG_PS |
((2048 * 1024) * i);
}
write_mem(PML2_PAGE, ptes, PAGE_SIZE);
sev_register_encryption(PML2_PAGE, PAGE_SIZE);
}
/*
@ -300,8 +307,18 @@ loadfile_elf(gzFile fp, struct vmd_vm *vm, struct vcpu_reg_state *vrs,
vrs->vrs_crs[VCPU_REGS_CR4] = CR4_PSE;
vrs->vrs_msrs[VCPU_REGS_EFER] = 0ULL;
}
else
else {
if (vcp->vcp_sev) {
if (vcp->vcp_poscbit == 0) {
log_warnx("SEV enabled but no C-bit reported");
return 1;
}
pg_crypt = (1ULL << vcp->vcp_poscbit);
log_debug("%s: poscbit %d pg_crypt 0x%016llx",
__func__, vcp->vcp_poscbit, pg_crypt);
}
push_pt_64();
}
if (bootdevice == VMBOOTDEV_NET) {
bootmac = &bm;
@ -413,6 +430,7 @@ push_bootargs(bios_memmap_t *memmap, size_t n, bios_bootmac_t *bootmac)
ba[i++] = 0xFFFFFFFF; /* BOOTARG_END */
write_mem(BOOTARGS_PAGE, ba, PAGE_SIZE);
sev_register_encryption(BOOTARGS_PAGE, PAGE_SIZE);
return (i * sizeof(uint32_t));
}
@ -463,6 +481,7 @@ push_stack(uint32_t bootargsz, uint32_t end)
stack[--loc] = 0;
write_mem(STACK_PAGE, &stack, PAGE_SIZE);
sev_register_encryption(STACK_PAGE, PAGE_SIZE);
return (1024 - (loc - 1)) * sizeof(uint32_t);
}
@ -490,6 +509,8 @@ mread(gzFile fp, paddr_t addr, size_t sz)
size_t i, osz;
char buf[PAGE_SIZE];
sev_register_encryption(addr, sz);
/*
* break up the 'sz' bytes into PAGE_SIZE chunks for use with
* write_mem
@ -565,6 +586,8 @@ marc4random_buf(paddr_t addr, int sz)
int i, ct;
char buf[PAGE_SIZE];
sev_register_encryption(addr, sz);
/*
* break up the 'sz' bytes into PAGE_SIZE chunks for use with
* write_mem
@ -614,6 +637,7 @@ mbzero(paddr_t addr, int sz)
{
if (write_mem(addr, NULL, sz))
return;
sev_register_encryption(addr, sz);
}
/*
@ -633,6 +657,7 @@ static void
mbcopy(void *src, paddr_t dst, int sz)
{
write_mem(dst, src, sz);
sev_register_encryption(dst, sz);
}
/*

12
usr.sbin/vmd/parse.y
View File

@ -1,4 +1,4 @@
/* $OpenBSD: parse.y,v 1.69 2024/07/09 09:31:37 dv Exp $ */
/* $OpenBSD: parse.y,v 1.70 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2007-2016 Reyk Floeter <reyk@openbsd.org>
@ -126,7 +126,7 @@ typedef struct {
%token FORMAT GROUP
%token INET6 INSTANCE INTERFACE LLADDR LOCAL LOCKED MEMORY NET NIFS OWNER
%token PATH PREFIX RDOMAIN SIZE SOCKET SWITCH UP VM VMID STAGGERED START
%token PARALLEL DELAY
%token PARALLEL DELAY SEV
%token <v.number> NUMBER
%token <v.string> STRING
%type <v.lladdr> lladdr
@ -140,6 +140,7 @@ typedef struct {
%type <v.string> optstring
%type <v.string> string
%type <v.string> vm_instance
%type <v.number> sev;
%%
@ -414,6 +415,9 @@ vm_opts_l : vm_opts_l vm_opts nl
vm_opts : disable {
vmc_disable = $1;
}
| sev {
vcp->vcp_sev = 1;
}
| DISK string image_format {
if (parse_disk($2, $3) != 0) {
yyerror("failed to parse disks: %s", $2);
@ -757,6 +761,9 @@ disable : ENABLE { $$ = 0; }
| DISABLE { $$ = 1; }
;
sev : SEV { $$ = 1; }
;
bootdevice : CDROM { $$ = VMBOOTDEV_CDROM; }
| DISK { $$ = VMBOOTDEV_DISK; }
| NET { $$ = VMBOOTDEV_NET; }
@ -841,6 +848,7 @@ lookup(char *s)
{ "path", PATH },
{ "prefix", PREFIX },
{ "rdomain", RDOMAIN },
{ "sev", SEV },
{ "size", SIZE },
{ "socket", SOCKET },
{ "staggered", STAGGERED },

272
usr.sbin/vmd/psp.c Normal file
View File

@ -0,0 +1,272 @@
/* $OpenBSD: psp.c,v 1.1 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2023, 2024 Hans-Joerg Hoexer <hshoexer@genua.de>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/types.h>
#include <sys/device.h>
#include <sys/ioctl.h>
#include <sys/rwlock.h>
#include <machine/bus.h>
#include <dev/ic/pspvar.h>
#include <string.h>
#include "vmd.h"
extern struct vmd *env;
/* Guest policy */
#define GPOL_NODBG (1ULL << 0) /* no debuggin */
#define GPOL_NOKS (1ULL << 1) /* no key sharing */
#define GPOL_ES (1ULL << 2) /* SEV-ES required */
#define GPOL_NOSEND (1ULL << 3) /* no guest migration */
#define GPOL_DOMAIN (1ULL << 4) /* no migration to other domain */
#define GPOL_SEV (1ULL << 5) /* no migration to non-SEV platform */
/*
* Retrieve platform state.
*/
int
psp_get_pstate(uint16_t *state)
{
struct psp_platform_status pst;
if (ioctl(env->vmd_psp_fd, PSP_IOC_GET_PSTATUS, &pst) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
if (state)
*state = pst.state;
return (0);
}
/*
* Flush data fabrics of all cores.
*
* This ensures all data of a SEV enabled guest is committed to
* memory. This needs to be done before an ASID is assigend to
* guest using psp_activate().
*/
int
psp_df_flush(void)
{
if (ioctl(env->vmd_psp_fd, PSP_IOC_DF_FLUSH) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
return (0);
}
/*
* Retrieve guest state.
*/
int
psp_get_gstate(uint32_t handle, uint32_t *policy, uint32_t *asid,
uint8_t *state)
{
struct psp_guest_status gst;
memset(&gst, 0, sizeof(gst));
gst.handle = handle;
if (ioctl(env->vmd_psp_fd, PSP_IOC_GET_GSTATUS, &gst) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
if (policy)
*policy = gst.policy;
if (asid)
*asid = gst.asid;
if (state)
*state = gst.state;
return (0);
}
/*
* Start the launch sequence of a guest.
*/
int
psp_launch_start(uint32_t *handle)
{
struct psp_launch_start ls;
memset(&ls, 0, sizeof(ls));
/* Set guest policy. */
ls.policy = (GPOL_NODBG | GPOL_NOKS | GPOL_NOSEND | GPOL_DOMAIN |
GPOL_SEV);
if (ioctl(env->vmd_psp_fd, PSP_IOC_LAUNCH_START, &ls) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
if (handle)
*handle = ls.handle;
return (0);
}
/*
* Encrypt and measure a memory range.
*/
int
psp_launch_update(uint32_t handle, vaddr_t v, size_t len)
{
struct psp_launch_update_data lud;
memset(&lud, 0, sizeof(lud));
lud.handle = handle;
lud.paddr = v; /* will be converted to paddr */
lud.length = len;
if (ioctl(env->vmd_psp_fd, PSP_IOC_LAUNCH_UPDATE_DATA, &lud) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
return (0);
}
/*
* Finalize and return memory measurement.
*
* We ask the PSP to provide a measurement (HMAC) over the encrypted
* memory. As we do not yet negotiate a shared integrity key with
* the PSP, the measurement is not really meaningful. Thus we just
* log it for now.
*/
int
psp_launch_measure(uint32_t handle)
{
struct psp_launch_measure lm;
char *p, buf[256];
size_t len;
unsigned int i;
memset(&lm, 0, sizeof(lm));
lm.handle = handle;
lm.measure_len = sizeof(lm.psp_measure);
memset(lm.measure, 0, sizeof(lm.measure));
memset(lm.measure_nonce, 0, sizeof(lm.measure_nonce));
if (ioctl(env->vmd_psp_fd, PSP_IOC_LAUNCH_MEASURE, &lm) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
/*
* We can not verify the measurement, yet. Therefore just
* log it.
*/
len = sizeof(buf);
memset(buf, 0, len);
p = buf;
for (i = 0; i < sizeof(lm.measure) && len >= 2;
i++, p += 2, len -= 2) {
snprintf(p, len, "%02x", lm.measure[i]);
}
log_info("%s: measurement\t0x%s", __func__, buf);
len = sizeof(buf);
memset(buf, 0, len);
p = buf;
for (i = 0; i < sizeof(lm.measure_nonce) && len >= 2;
i++, p += 2, len -= 2) {
snprintf(p, len, "%02x", lm.measure_nonce[i]);
}
log_info("%s: nonce\t0x%s", __func__, buf);
return (0);
}
/*
* Finalize launch sequence.
*/
int
psp_launch_finish(uint32_t handle)
{
struct psp_launch_finish lf;
lf.handle = handle;
if (ioctl(env->vmd_psp_fd, PSP_IOC_LAUNCH_FINISH, &lf) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
return (0);
}
/*
* Activate a guest.
*
* This associates the guest's ASID with the handle used to identify
* crypto contexts managed by the PSP.
*/
int
psp_activate(uint32_t handle, uint32_t asid)
{
struct psp_activate act;
act.handle = handle;
act.asid = asid;
if (ioctl(env->vmd_psp_fd, PSP_IOC_ACTIVATE, &act) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
return (0);
}
/*
* Deactivate and decommission a guest.
*
* This deassociates the guest's ASID from the crypto contexts in
* the PSP. Then the PSP releases the crypto contexts (i.e. deletes
* keys).
*/
int
psp_guest_shutdown(uint32_t handle)
{
struct psp_guest_shutdown gshutdown;
gshutdown.handle = handle;
if (ioctl(env->vmd_psp_fd, PSP_IOC_GUEST_SHUTDOWN, &gshutdown) < 0) {
log_warn("%s: ioctl", __func__);
return (-1);
}
return (0);
}

247
usr.sbin/vmd/sev.c Normal file
View File

@ -0,0 +1,247 @@
/* $OpenBSD: sev.c,v 1.1 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2023, 2024 Hans-Joerg Hoexer <hshoexer@genua.de>
*
* Permission to use, copy, modify, and distribute this software for any
* purpose with or without fee is hereby granted, provided that the above
* copyright notice and this permission notice appear in all copies.
*
* THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
* WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
* MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
* ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
* WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
* ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
* OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
*/
#include <sys/types.h>
#include <sys/device.h>
#include <sys/param.h>
#include <sys/rwlock.h>
#include <machine/bus.h>
#include <crypto/xform.h>
#include <dev/ic/pspvar.h>
#include <string.h>
#include "vmd.h"
extern struct vmd_vm *current_vm;
/*
* Prepare guest to use SEV.
*
* This asks the PSP to create a new crypto context including a
* memory encryption key and assign a handle to the context.
*
* When the PSP driver psp(4) attaches, it initializes the platform.
* If this fails for whatever reason we can not run a guest using SEV.
*/
int
sev_init(struct vmd_vm *vm)
{
struct vmop_create_params *vmc = &vm->vm_params;
struct vm_create_params *vcp = &vmc->vmc_params;
uint32_t handle;
uint16_t pstate;
uint8_t gstate;
if (!vcp->vcp_sev)
return (0);
if (psp_get_pstate(&pstate)) {
log_warnx("%s: failed to get platform state", __func__);
return (-1);
}
if (pstate == PSP_PSTATE_UNINIT) {
log_warnx("%s: platform uninitialized", __func__);
return (-1);
}
if (psp_launch_start(&handle) < 0) {
log_warnx("%s: launch failed", __func__);
return (-1);
};
vm->vm_sev_handle = handle;
if (psp_get_gstate(vm->vm_sev_handle, NULL, NULL, &gstate)) {
log_warnx("%s: failed to get guest state", __func__);
return (-1);
}
if (gstate != PSP_GSTATE_LUPDATE) {
log_warnx("%s: invalid guest state: 0x%hx", __func__, gstate);
return (-1);
}
return (0);
}
/*
* Record memory segments to be encrypted for SEV.
*/
int
sev_register_encryption(vaddr_t addr, size_t size)
{
struct vmop_create_params *vmc;
struct vm_create_params *vcp;
struct vm_mem_range *vmr;
size_t off;
int i;
vmc = &current_vm->vm_params;
vcp = &vmc->vmc_params;
if (!vcp->vcp_sev)
return (0);
if (size == 0)
return (0);
/* Adjust address and size to be aligend to AES_XTS_BLOCKSIZE. */
if (addr & (AES_XTS_BLOCKSIZE - 1)) {
size += (addr & (AES_XTS_BLOCKSIZE - 1));
addr &= ~(AES_XTS_BLOCKSIZE - 1);
}
vmr = find_gpa_range(&current_vm->vm_params.vmc_params, addr, size);
if (vmr == NULL) {
log_warnx("%s: failed - invalid memory range addr = 0x%lx, "
"len = 0x%zx", __func__, addr, size);
return (-1);
}
if (current_vm->vm_sev_nmemsegments ==
nitems(current_vm->vm_sev_memsegments)) {
log_warnx("%s: failed - out of SEV memory segments", __func__);
return (-1);
}
i = current_vm->vm_sev_nmemsegments++;
off = addr - vmr->vmr_gpa;
current_vm->vm_sev_memsegments[i].vmr_va = vmr->vmr_va + off;
current_vm->vm_sev_memsegments[i].vmr_size = size;
current_vm->vm_sev_memsegments[i].vmr_gpa = vmr->vmr_gpa + off;
log_debug("%s: i %d addr 0x%lx size 0x%lx vmr_va 0x%lx vmr_gpa 0x%lx "
"vmr_size 0x%lx", __func__, i, addr, size,
current_vm->vm_sev_memsegments[i].vmr_va,
current_vm->vm_sev_memsegments[i].vmr_gpa,
current_vm->vm_sev_memsegments[i].vmr_size);
return (0);
}
/*
* Encrypt and measure previously recorded memroy segments.
*
* This encrypts the memory initially used by the guest. This
* includes the kernel or BIOS image, initial stack, boot arguments
* and page tables.
*
* We also ask the PSP to provide a measurement. However, right
* now we can not really verify it.
*/
int
sev_encrypt_memory(struct vmd_vm *vm)
{
struct vmop_create_params *vmc = &vm->vm_params;
struct vm_create_params *vcp = &vmc->vmc_params;
struct vm_mem_range *vmr;
size_t i;
uint8_t gstate;
if (!vcp->vcp_sev)
return (0);
for (i = 0; i < vm->vm_sev_nmemsegments; i++) {
vmr = &vm->vm_sev_memsegments[i];
/* tell PSP to encrypt this range */
if (psp_launch_update(vm->vm_sev_handle, vmr->vmr_va,
roundup(vmr->vmr_size, AES_XTS_BLOCKSIZE))) {
log_warnx("%s: failed to launch update page "
"%zu:0x%lx", __func__, i, vmr->vmr_va);
return (-1);
}
log_debug("%s: encrypted %zu:0x%lx size 0x%lx", __func__, i,
vmr->vmr_va, vmr->vmr_size);
}
if (psp_launch_measure(vm->vm_sev_handle)) {
log_warnx("%s: failed to launch measure", __func__);
return (-1);
}
if (psp_launch_finish(vm->vm_sev_handle)) {
log_warnx("%s: failed to launch finish", __func__);
return (-1);
}
if (psp_get_gstate(vm->vm_sev_handle, NULL, NULL, &gstate)) {
log_warnx("%s: failed to get guest state", __func__);
return (-1);
}
if (gstate != PSP_GSTATE_RUNNING) {
log_warnx("%s: invalid guest state: 0x%hx", __func__, gstate);
return (-1);
}
return (0);
}
/*
* Activate a guest's SEV crypto state.
*/
int
sev_activate(struct vmd_vm *vm, int vcpu_id)
{
struct vmop_create_params *vmc = &vm->vm_params;
struct vm_create_params *vcp = &vmc->vmc_params;
uint8_t gstate;
if (!vcp->vcp_sev)
return (0);
if (psp_df_flush() ||
psp_activate(vm->vm_sev_handle, vm->vm_sev_asid[vcpu_id])) {
log_warnx("%s: failed to activate guest: 0x%x:0x%x", __func__,
vm->vm_sev_handle, vm->vm_sev_asid[vcpu_id]);
return (-1);
}
if (psp_get_gstate(vm->vm_sev_handle, NULL, NULL, &gstate)) {
log_warnx("%s: failed to get guest state", __func__);
return (-1);
}
if (gstate != PSP_GSTATE_LUPDATE) {
log_warnx("%s: invalid guest state: 0x%hx", __func__, gstate);
return (-1);
}
return (0);
}
/*
* Deactivate and decommission a guest's SEV crypto state.
*/
int
sev_shutdown(struct vmd_vm *vm)
{
struct vmop_create_params *vmc = &vm->vm_params;
struct vm_create_params *vcp = &vmc->vmc_params;
if (!vcp->vcp_sev)
return (0);
if (psp_guest_shutdown(vm->vm_sev_handle)) {
log_warnx("failed to deactivate guest");
return (-1);
}
vm->vm_sev_handle = 0;
return (0);
}

38
usr.sbin/vmd/vm.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: vm.c,v 1.104 2024/07/10 09:27:33 dv Exp $ */
/* $OpenBSD: vm.c,v 1.105 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@ -48,6 +48,7 @@
#include <util.h>
#include "atomicio.h"
#include "loadfile.h"
#include "mmio.h"
#include "pci.h"
#include "virtio.h"
@ -163,6 +164,11 @@ vm_main(int fd, int fd_vmm)
}
}
if (vcp->vcp_sev && env->vmd_psp_fd < 0) {
log_warnx("%s not available", PSP_NODE);
_exit(EINVAL);
}
ret = start_vm(&vm, fd);
_exit(ret);
}
@ -230,6 +236,13 @@ start_vm(struct vmd_vm *vm, int fd)
return (ret);
}
/* Setup SEV. */
ret = sev_init(vm);
if (ret) {
log_warnx("could not initialize SEV");
return (ret);
}
/*
* Some of vmd currently relies on global state (current_vm, con_fd).
*/
@ -318,6 +331,10 @@ start_vm(struct vmd_vm *vm, int fd)
*/
ret = run_vm(&vm->vm_params, &vrs);
/* Shutdown SEV. */
if (sev_shutdown(vm))
log_warnx("%s: could not shutdown SEV", __func__);
/* Ensure that any in-flight data is written back */
virtio_shutdown(vm);
@ -456,6 +473,9 @@ vm_shutdown(unsigned int cmd)
}
imsg_flush(&current_vm->vm_iev.ibuf);
if (sev_shutdown(current_vm))
log_warnx("%s: could not shutdown SEV", __func__);
_exit(0);
}
@ -820,6 +840,7 @@ static int
vmm_create_vm(struct vmd_vm *vm)
{
struct vm_create_params *vcp = &vm->vm_params.vmc_params;
size_t i;
/* Sanity check arguments */
if (vcp->vcp_ncpus > VMM_MAX_VCPUS_PER_VM)
@ -838,6 +859,9 @@ vmm_create_vm(struct vmd_vm *vm)
if (ioctl(env->vmd_fd, VMM_IOC_CREATE, vcp) == -1)
return (errno);
for (i = 0; i < vcp->vcp_ncpus; i++)
vm->vm_sev_asid[i] = vcp->vcp_asid[i];
return (0);
}
@ -920,6 +944,18 @@ run_vm(struct vmop_create_params *vmc, struct vcpu_reg_state *vrs)
return (EIO);
}
if (sev_activate(current_vm, i)) {
log_warnx("%s: SEV activatation failed for VCPU "
"%zu failed - exiting.", __progname, i);
return (EIO);
}
if (sev_encrypt_memory(current_vm)) {
log_warnx("%s: memory encryption failed for VCPU "
"%zu failed - exiting.", __progname, i);
return (EIO);
}
/* once more because reset_cpu changes regs */
if (current_vm->vm_state & VM_STATE_RECEIVED) {
vregsp.vrwp_vm_id = vcp->vcp_id;

6
usr.sbin/vmd/vm.conf.5
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: vm.conf.5,v 1.63 2023/05/12 00:06:53 kn Exp $
.\" $OpenBSD: vm.conf.5,v 1.64 2024/09/11 15:42:52 bluhm Exp $
.\"
.\" Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
.\" Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@ -15,7 +15,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: May 12 2023 $
.Dd $Mdocdate: September 11 2024 $
.Dt VM.CONF 5
.Os
.Sh NAME
@ -323,6 +323,8 @@ If only
.Pf : Ar group
is given,
only the group is set.
.It Ic sev
Enables SEV for guest.
.El
.Sh VM INSTANCES
It is possible to use configured or running VMs as a template for

25
usr.sbin/vmd/vmd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: vmd.c,v 1.159 2024/07/10 09:27:33 dv Exp $ */
/* $OpenBSD: vmd.c,v 1.160 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2015 Reyk Floeter <reyk@openbsd.org>
@ -661,7 +661,7 @@ main(int argc, char **argv)
int ch;
enum privsep_procid proc_id = PROC_PARENT;
int proc_instance = 0, vm_launch = 0;
int vmm_fd = -1, vm_fd = -1;
int vmm_fd = -1, vm_fd = -1, psp_fd = -1;
const char *errp, *title = NULL;
int argc0 = argc;
char dev_type = '\0';
@ -673,7 +673,7 @@ main(int argc, char **argv)
env->vmd_fd = -1;
env->vmd_fd6 = -1;
while ((ch = getopt(argc, argv, "D:P:I:V:X:df:i:nt:vp:")) != -1) {
while ((ch = getopt(argc, argv, "D:P:I:V:X:df:i:j:nt:vp:")) != -1) {
switch (ch) {
case 'D':
if (cmdline_symset(optarg) < 0)
@ -735,6 +735,12 @@ main(int argc, char **argv)
if (errp)
fatalx("invalid vmm fd");
break;
case 'j':
/* -1 means no PSP available */
psp_fd = strtonum(optarg, -1, 128, &errp);
if (errp)
fatalx("invalid psp fd");
break;
default:
usage();
}
@ -763,6 +769,7 @@ main(int argc, char **argv)
ps = &env->vmd_ps;
ps->ps_env = env;
env->vmd_psp_fd = psp_fd;
if (config_init(env) == -1)
fatal("failed to initialize configuration");
@ -837,6 +844,12 @@ main(int argc, char **argv)
if (!env->vmd_noaction)
proc_connect(ps);
if (env->vmd_noaction == 0 && proc_id == PROC_PARENT) {
env->vmd_psp_fd = open(PSP_NODE, O_RDWR);
if (env->vmd_psp_fd == -1)
log_debug("%s: failed to open %s", __func__, PSP_NODE);
}
if (vmd_configure() == -1)
fatalx("configuration failed");
@ -917,6 +930,12 @@ vmd_configure(void)
proc_compose_imsg(&env->vmd_ps, PROC_VMM, -1,
IMSG_VMDOP_RECEIVE_VMM_FD, -1, env->vmd_fd, NULL, 0);
/* Send PSP device fd to vmm proc. */
if (env->vmd_psp_fd != -1) {
proc_compose_imsg(&env->vmd_ps, PROC_VMM, -1,
IMSG_VMDOP_RECEIVE_PSP_FD, -1, env->vmd_psp_fd, NULL, 0);
}
/* Send shared global configuration to all children */
if (config_setconfig(env) == -1)
return (-1);

32
usr.sbin/vmd/vmd.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: vmd.h,v 1.127 2024/07/10 09:27:33 dv Exp $ */
/* $OpenBSD: vmd.h,v 1.128 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@ -50,6 +50,7 @@
#define VMD_CONF "/etc/vm.conf"
#define SOCKET_NAME "/var/run/vmd.sock"
#define VMM_NODE "/dev/vmm"
#define PSP_NODE "/dev/psp"
#define VM_DEFAULT_BIOS "/etc/firmware/vmm-bios"
#define VM_DEFAULT_KERNEL "/bsd"
#define VM_DEFAULT_DEVICE "hd0a"
@ -131,6 +132,7 @@ enum imsg_type {
IMSG_VMDOP_GET_INFO_VM_END_DATA,
IMSG_VMDOP_LOAD,
IMSG_VMDOP_RECEIVE_VMM_FD,
IMSG_VMDOP_RECEIVE_PSP_FD,
IMSG_VMDOP_RELOAD,
IMSG_VMDOP_PRIV_IFDESCR,
IMSG_VMDOP_PRIV_IFADD,
@ -305,6 +307,12 @@ struct vmd_vm {
struct vmop_create_params vm_params;
pid_t vm_pid;
uint32_t vm_vmid;
uint32_t vm_sev_handle;
uint32_t vm_sev_asid[VMM_MAX_VCPUS_PER_VM];
#define VM_SEV_NSEGMENTS 128
size_t vm_sev_nmemsegments;
struct vm_mem_range vm_sev_memsegments[VM_SEV_NSEGMENTS];
int vm_kernel;
char *vm_kernel_path; /* Used by vm.conf. */
@ -398,6 +406,7 @@ struct vmd {
int vmd_fd;
int vmd_fd6;
int vmd_ptmfd;
int vmd_psp_fd;
};
struct vm_dev_pipe {
@ -508,6 +517,8 @@ void unpause_vm_md(struct vmd_vm *);
int dump_devs(int);
int dump_send_header(int);
void *hvaddr_mem(paddr_t, size_t);
struct vm_mem_range *
find_gpa_range(struct vm_create_params *, paddr_t, size_t);
int write_mem(paddr_t, const void *, size_t);
int read_mem(paddr_t, void *, size_t);
int intr_ack(struct vmd_vm *);
@ -538,6 +549,7 @@ void vm_pipe_init2(struct vm_dev_pipe *, void (*)(int, short, void *),
void *);
void vm_pipe_send(struct vm_dev_pipe *, enum pipe_msg_type);
enum pipe_msg_type vm_pipe_recv(struct vm_dev_pipe *);
int write_mem(paddr_t, const void *buf, size_t);
int remap_guest_mem(struct vmd_vm *, int);
__dead void vm_shutdown(unsigned int);
@ -573,4 +585,22 @@ __dead void vionet_main(int, int);
/* vioblk.c */
__dead void vioblk_main(int, int);
/* psp.c */
int psp_get_pstate(uint16_t *);
int psp_df_flush(void);
int psp_get_gstate(uint32_t, uint32_t *, uint32_t *, uint8_t *);
int psp_launch_start(uint32_t *);
int psp_launch_update(uint32_t, vaddr_t, size_t);
int psp_launch_measure(uint32_t);
int psp_launch_finish(uint32_t);
int psp_activate(uint32_t, uint32_t);
int psp_guest_shutdown(uint32_t);
/* sev.c */
int sev_init(struct vmd_vm *);
int sev_register_encryption(vaddr_t, size_t);
int sev_encrypt_memory(struct vmd_vm *);
int sev_activate(struct vmd_vm *, int);
int sev_shutdown(struct vmd_vm *);
#endif /* VMD_H */

26
usr.sbin/vmd/vmm.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: vmm.c,v 1.121 2024/07/10 09:27:33 dv Exp $ */
/* $OpenBSD: vmm.c,v 1.122 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
@ -325,6 +325,11 @@ vmm_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
/* Get and terminate all running VMs */
get_info_vm(ps, NULL, 1);
break;
case IMSG_VMDOP_RECEIVE_PSP_FD:
if (env->vmd_psp_fd > -1)
fatalx("already received psp fd");
env->vmd_psp_fd = imsg->fd;
break;
default:
return (-1);
}
@ -645,7 +650,7 @@ vmm_start_vm(struct imsg *imsg, uint32_t *id, pid_t *pid)
{
struct vm_create_params *vcp;
struct vmd_vm *vm;
char *nargv[8], num[32], vmm_fd[32];
char *nargv[10], num[32], vmm_fd[32], psp_fd[32];
int fd, ret = EINVAL;
int fds[2];
pid_t vm_pid;
@ -760,6 +765,9 @@ vmm_start_vm(struct imsg *imsg, uint32_t *id, pid_t *pid)
close(fd);
}
if (env->vmd_psp_fd > 0)
fcntl(env->vmd_psp_fd, F_SETFD, 0); /* psp device fd */
/*
* Prepare our new argv for execvp(2) with the fd of our open
* pipe to the parent/vmm process as an argument.
@ -769,6 +777,8 @@ vmm_start_vm(struct imsg *imsg, uint32_t *id, pid_t *pid)
snprintf(num, sizeof(num), "%d", fds[1]);
memset(vmm_fd, 0, sizeof(vmm_fd));
snprintf(vmm_fd, sizeof(vmm_fd), "%d", env->vmd_fd);
memset(psp_fd, 0, sizeof(psp_fd));
snprintf(psp_fd, sizeof(psp_fd), "%d", env->vmd_psp_fd);
nargv[0] = env->argv0;
nargv[1] = "-V";
@ -776,14 +786,16 @@ vmm_start_vm(struct imsg *imsg, uint32_t *id, pid_t *pid)
nargv[3] = "-n";
nargv[4] = "-i";
nargv[5] = vmm_fd;
nargv[6] = NULL;
nargv[6] = "-j";
nargv[7] = psp_fd;
nargv[8] = NULL;
if (env->vmd_verbose == 1) {
nargv[6] = VMD_VERBOSE_1;
nargv[7] = NULL;
nargv[8] = VMD_VERBOSE_1;
nargv[9] = NULL;
} else if (env->vmd_verbose > 1) {
nargv[6] = VMD_VERBOSE_2;
nargv[7] = NULL;
nargv[8] = VMD_VERBOSE_2;
nargv[9] = NULL;
}
/* Control resumes in vmd main(). */

6
usr.sbin/vmd/x86_vm.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: x86_vm.c,v 1.2 2024/07/12 13:51:12 dv Exp $ */
/* $OpenBSD: x86_vm.c,v 1.3 2024/09/11 15:42:52 bluhm Exp $ */
/*
* Copyright (c) 2015 Mike Larkin <mlarkin@openbsd.org>
*
@ -52,8 +52,6 @@ extern char *__progname;
void create_memory_map(struct vm_create_params *);
int translate_gva(struct vm_exit*, uint64_t, uint64_t *, int);
static struct vm_mem_range *find_gpa_range(struct vm_create_params *, paddr_t,
size_t);
static int loadfile_bios(gzFile, off_t, struct vcpu_reg_state *);
static int vcpu_exit_eptviolation(struct vm_run_params *);
static void vcpu_exit_inout(struct vm_run_params *);
@ -792,7 +790,7 @@ vcpu_exit_pci(struct vm_run_params *vrp)
* NULL: on failure if there is no memory range as described by the parameters
* Pointer to vm_mem_range that contains the start of the range otherwise.
*/
static struct vm_mem_range *
struct vm_mem_range *
find_gpa_range(struct vm_create_params *vcp, paddr_t gpa, size_t len)
{
size_t i, n;