SecBSD
/
src
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

sync with OpenBSD -current

This commit is contained in:
purplerain 2024-02-15 21:52:17 +00:00
parent be76e7e421
commit f093fb79c9
Signed by: purplerain
GPG Key ID: F42C07F07E2E35B7
45 changed files with 620 additions and 360 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
distrib/sets/lists/man/mi
View File

@ -1861,6 +1861,7 @@
./usr/share/man/man4/qle.4
./usr/share/man/man4/qlw.4
./usr/share/man/man4/qsphy.4
./usr/share/man/man4/qwx.4
./usr/share/man/man4/radio.4
./usr/share/man/man4/ral.4
./usr/share/man/man4/random.4

11
lib/libcrypto/bio/b_dump.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: b_dump.c,v 1.28 2024/02/02 10:53:48 tb Exp $ */
/* $OpenBSD: b_dump.c,v 1.29 2024/02/15 10:34:30 tb Exp $ */
/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
* All rights reserved.
*
@ -56,6 +56,7 @@
* [including the GNU Public Licence.]
*/
#include <limits.h>
#include <stdint.h>
#include <stdio.h>
#include <string.h>
@ -134,6 +135,8 @@ BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
if ((written = BIO_printf(bio, "%*s%04x - ", indent, "",
dumped)) < 0)
goto err;
if (printed > INT_MAX - written)
goto err;
printed += written;
/*
@ -154,6 +157,8 @@ BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
sep = '-';
if ((written = BIO_printf(bio, "%02x%c", u8, sep)) < 0)
goto err;
if (printed > INT_MAX - written)
goto err;
printed += written;
/* Locale-independent version of !isprint(u8). */
@ -173,6 +178,8 @@ BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
if ((written = BIO_printf(bio, "%*s%.*s\n", 3 * missing + 2, "",
row_bytes, ascii_dump)) < 0)
goto err;
if (printed > INT_MAX - written)
goto err;
printed += written;
dumped += row_bytes;
@ -182,6 +189,8 @@ BIO_dump_indent(BIO *bio, const char *s, int len, int indent)
if ((written = BIO_printf(bio, "%*s%04x - <SPACES/NULS>\n",
indent, "", dumped + trailing)) < 0)
goto err;
if (printed > INT_MAX - written)
goto err;
printed += written;
}

6
regress/usr.sbin/bgpd/unittests/rde_trie_test.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rde_trie_test.c,v 1.13 2022/02/07 09:31:21 claudio Exp $ */
/* $OpenBSD: rde_trie_test.c,v 1.14 2024/02/14 07:56:23 claudio Exp $ */
/*
* Copyright (c) 2018 Claudio Jeker <claudio@openbsd.org>
@ -100,10 +100,10 @@ print_prefix(struct bgpd_addr *p)
static char buf[48];
if (p->aid == AID_INET) {
if (inet_ntop(AF_INET, &p->ba, buf, sizeof(buf)) == NULL)
if (inet_ntop(AF_INET, &p->v4, buf, sizeof(buf)) == NULL)
return "?";
} else if (p->aid == AID_INET6) {
if (inet_ntop(AF_INET6, &p->ba, buf, sizeof(buf)) == NULL)
if (inet_ntop(AF_INET6, &p->v6, buf, sizeof(buf)) == NULL)
return "?";
} else {
return "???";

17
sbin/iked/config.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: config.c,v 1.96 2024/02/13 12:25:11 tobhe Exp $ */
/* $OpenBSD: config.c,v 1.97 2024/02/15 19:11:00 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -651,11 +651,24 @@ config_getsocket(struct iked *env, struct imsg *imsg,
event_set(&sock->sock_ev, sock->sock_fd,
EV_READ|EV_PERSIST, cb, sock);
event_add(&sock->sock_ev, NULL);
return (0);
}
void
config_enablesocket(struct iked *env)
{
struct iked_socket *sock;
size_t i;
for (i = 0; i < nitems(env->sc_sock4); i++)
if ((sock = env->sc_sock4[i]) != NULL)
event_add(&sock->sock_ev, NULL);
for (i = 0; i < nitems(env->sc_sock6); i++)
if ((sock = env->sc_sock6[i]) != NULL)
event_add(&sock->sock_ev, NULL);
}
int
config_setpfkey(struct iked *env)
{

3
sbin/iked/iked.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: iked.c,v 1.68 2024/02/13 12:25:11 tobhe Exp $ */
/* $OpenBSD: iked.c,v 1.69 2024/02/15 19:04:12 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -170,7 +170,6 @@ main(int argc, char *argv[])
ps = &env->sc_ps;
ps->ps_env = env;
TAILQ_INIT(&ps->ps_rcsocks);
if (strlcpy(env->sc_conffile, conffile, PATH_MAX) >= PATH_MAX)
errx(1, "config file exceeds PATH_MAX");

7
sbin/iked/iked.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: iked.h,v 1.226 2024/01/24 10:09:07 tobhe Exp $ */
/* $OpenBSD: iked.h,v 1.228 2024/02/15 19:11:00 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -89,10 +89,7 @@ struct control_sock {
int cs_fd;
int cs_restricted;
void *cs_env;
TAILQ_ENTRY(control_sock) cs_entry;
};
TAILQ_HEAD(control_socks, control_sock);
struct ctl_conn {
TAILQ_ENTRY(ctl_conn) entry;
@ -719,7 +716,6 @@ struct privsep {
int ps_noaction;
struct control_sock ps_csock;
struct control_socks ps_rcsocks;
unsigned int ps_instances[PROC_MAX];
unsigned int ps_ninstances;
@ -929,6 +925,7 @@ int config_setsocket(struct iked *, struct sockaddr_storage *, in_port_t,
enum privsep_procid);
int config_getsocket(struct iked *env, struct imsg *,
void (*cb)(int, short, void *));
void config_enablesocket(struct iked *env);
int config_setpfkey(struct iked *);
int config_getpfkey(struct iked *, struct imsg *);
int config_setuser(struct iked *, struct iked_user *, enum privsep_procid);

3
sbin/iked/ikev2.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ikev2.c,v 1.383 2024/01/24 10:09:07 tobhe Exp $ */
/* $OpenBSD: ikev2.c,v 1.384 2024/02/15 19:11:00 tobhe Exp $ */
/*
* Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de>
@ -248,6 +248,7 @@ ikev2_dispatch_parent(int fd, struct privsep_proc *p, struct imsg *imsg)
case IMSG_CTL_PASSIVE:
if (config_getmode(env, imsg->hdr.type) == -1)
return (0); /* ignore error */
config_enablesocket(env);
timer_del(env, &env->sc_inittmr);
TAILQ_FOREACH(pol, &env->sc_policies, pol_entry) {
if (policy_generate_ts(pol) == -1)

9
sbin/iked/proc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: proc.c,v 1.40 2024/01/17 08:25:02 claudio Exp $ */
/* $OpenBSD: proc.c,v 1.41 2024/02/15 19:04:12 tobhe Exp $ */
/*
* Copyright (c) 2010 - 2016 Reyk Floeter <reyk@openbsd.org>
@ -516,7 +516,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
{
struct passwd *pw;
const char *root;
struct control_sock *rcs;
log_procinit(p->p_title);
@ -526,9 +525,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
if (p->p_id == PROC_CONTROL && ps->ps_instance == 0) {
if (control_init(ps, &ps->ps_csock) == -1)
fatalx("%s: control_init", __func__);
TAILQ_FOREACH(rcs, &ps->ps_rcsocks, cs_entry)
if (control_init(ps, rcs) == -1)
fatalx("%s: control_init", __func__);
}
/* Use non-standard user */
@ -578,9 +574,6 @@ proc_run(struct privsep *ps, struct privsep_proc *p,
if (p->p_id == PROC_CONTROL && ps->ps_instance == 0) {
if (control_listen(&ps->ps_csock) == -1)
fatalx("%s: control_listen", __func__);
TAILQ_FOREACH(rcs, &ps->ps_rcsocks, cs_entry)
if (control_listen(rcs) == -1)
fatalx("%s: control_listen", __func__);
}
#if DEBUG

4
share/man/man4/Makefile
View File

@ -1,4 +1,4 @@
# $OpenBSD: Makefile,v 1.845 2023/09/27 07:50:46 phessler Exp $
# $OpenBSD: Makefile,v 1.846 2024/02/15 15:07:55 deraadt Exp $
MAN= aac.4 abcrtc.4 abl.4 ac97.4 acphy.4 acrtc.4 \
acpi.4 acpiac.4 acpials.4 acpiasus.4 acpibat.4 \
@ -75,7 +75,7 @@ MAN= aac.4 abcrtc.4 abl.4 ac97.4 acphy.4 acrtc.4 \
pvclock.4 pwdog.4 pwmbl.4 pwmfan.4 pwmleds.4 pwmreg.4 \
qccpu.4 qcdwusb.4 qcgpio.4 qciic.4 qcpdc.4 qcpmic.4 qcpmicgpio.4 \
qcpon.4 qcpwm.4 qcrng.4 qcrtc.4 qcspmi.4 \
qla.4 qle.4 qlw.4 qsphy.4 \
qla.4 qle.4 qlw.4 qsphy.4 qwx.4 \
radio.4 ral.4 random.4 rdomain.4 rd.4 rdac.4 re.4 rdcphy.4 rgephy.4 \
rge.4 ricohrtc.4 rkanxdp.4 rkclock.4 rkcomphy.4 \
rkdrm.4 rkdwhdmi.4 rkdwusb.4 \

6
share/man/man4/pci.4
View File

@ -1,4 +1,4 @@
.\" $OpenBSD: pci.4,v 1.403 2023/10/14 06:29:11 jmc Exp $
.\" $OpenBSD: pci.4,v 1.405 2024/02/15 15:42:16 jmc Exp $
.\" $NetBSD: pci.4,v 1.29 2000/04/01 00:32:23 tsarna Exp $
.\"
.\" Copyright (c) 2000 Theo de Raadt. All rights reserved.
@ -31,7 +31,7 @@
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd $Mdocdate: October 14 2023 $
.Dd $Mdocdate: February 15 2024 $
.Dt PCI 4
.Os
.Sh NAME
@ -326,6 +326,8 @@ Intel AX200/AX201/AX210/AX211 IEEE 802.11a/ac/ax/b/g/n wireless network device
Marvell Libertas IEEE 802.11b/g wireless network device
.It Xr pgt 4
Conexant/Intersil Prism GT Full-MAC IEEE 802.11a/b/g wireless network device
.It Xr qwx 4
Qualcomm IEEE 802.11a/ac/ax/b/g/n wireless network device
.It Xr ral 4
Ralink Technology/MediaTek IEEE 802.11a/b/g/n wireless network device
.It Xr rtw 4

90
share/man/man4/qwx.4 Normal file
View File

@ -0,0 +1,90 @@
.\" $OpenBSD: qwx.4,v 1.3 2024/02/15 15:42:57 jmc Exp $
.\"
.\" Copyright (c) 2022 Martin Pieuchot <mpi@openbsd.org>
.\" Copyright (c) 2024 Stefan Sperling <stsp@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.Dd $Mdocdate: February 15 2024 $
.Dt QWX 4
.Os
.Sh NAME
.Nm qwx
.Nd Qualcomm IEEE 802.11a/ac/ax/b/g/n wireless network device
.Sh SYNOPSIS
.Cd "qwx* at pci?"
.Sh DESCRIPTION
The
.Nm
driver provides support for Qualcomm Technologies QCNFA765
802.11ax devices.
.Pp
The
.Nm
driver can be configured at runtime with
.Xr ifconfig 8
or on boot with
.Xr hostname.if 5 .
.Sh FILES
The driver needs the following firmware files,
which are loaded when an interface is brought up:
.Pp
.Bl -tag -width Ds -offset indent -compact
.It Pa /etc/firmware/qwx-wcn6855-hw2.0-amms
.It Pa /etc/firmware/qwx-wcn6855-hw2.0-board-2
.It Pa /etc/firmware/qwx-wcn6855-hw2.0-m3
.It Pa /etc/firmware/qwx-wcn6855-hw2.0-regdb
.It Pa /etc/firmware/qwx-wcn6855-hw2.1-amms
.It Pa /etc/firmware/qwx-wcn6855-hw2.1-board-2
.It Pa /etc/firmware/qwx-wcn6855-hw2.1-m3
.It Pa /etc/firmware/qwx-wcn6855-hw2.1-regdb
.El
.Pp
These firmware files are not free because Qualcomm refuses to grant
distribution rights without contractual obligations.
As a result, even though
.Ox
includes the driver, the firmware files cannot be included and
users have to download these files on their own.
.Pp
A prepackaged version of the firmware can be installed using
.Xr fw_update 8 .
.Sh EXAMPLES
The following example scans for available networks:
.Pp
.Dl # ifconfig qwx0 scan
.Pp
The following
.Xr hostname.if 5
example configures qwx0 to join network
.Dq mynwid ,
using WPA key
.Dq mywpakey ,
obtaining an IP address using DHCP:
.Bd -literal -offset indent
join mynwid wpakey mywpakey
inet autoconf
.Ed
.Sh SEE ALSO
.Xr arp 4 ,
.Xr ifmedia 4 ,
.Xr intro 4 ,
.Xr netintro 4 ,
.Xr pci 4 ,
.Xr hostname.if 5 ,
.Xr ifconfig 8
.Sh HISTORY
The
.Nm
driver first appeared in
.Ox 7.5 .

4
sys/arch/amd64/conf/GENERIC
View File

@ -1,4 +1,4 @@
# $OpenBSD: GENERIC,v 1.521 2023/12/28 17:36:28 stsp Exp $
# $OpenBSD: GENERIC,v 1.522 2024/02/15 16:33:56 deraadt Exp $
#
# For further information on compiling SecBSD kernels, see the config(8)
# man page.
@ -586,7 +586,7 @@ wpi* at pci? # Intel PRO/Wireless 3945ABG
iwn* at pci? # Intel WiFi Link 4965/5000/1000/6000
iwm* at pci? # Intel WiFi Link 7xxx
iwx* at pci? # Intel WiFi Link 22xxx
#qwx* at pci? # Qualcomm 802.11ax
qwx* at pci? # Qualcomm 802.11ax
ral* at pci? # Ralink RT2500/RT2501/RT2600
ral* at cardbus? # Ralink RT2500/RT2501/RT2600
rtw* at pci? # Realtek 8180

4
sys/arch/amd64/conf/RAMDISK_CD
View File

@ -1,4 +1,4 @@
# $OpenBSD: RAMDISK_CD,v 1.204 2023/12/28 17:36:28 stsp Exp $
# $OpenBSD: RAMDISK_CD,v 1.205 2024/02/15 16:33:56 deraadt Exp $
machine amd64
maxusers 4
@ -287,7 +287,7 @@ wpi* at pci? # Intel PRO/Wireless 3945ABG
iwn* at pci? # Intel Wireless WiFi Link 4965AGN
iwm* at pci? # Intel WiFi Link 7xxx
iwx* at pci? # Intel WiFi Link 22xxx
#qwx* at pci? # Qualcomm 802.11ax
qwx* at pci? # Qualcomm 802.11ax
ral* at pci? # Ralink RT2500/RT2501/RT2600
ral* at cardbus? # Ralink RT2500/RT2501/RT2600
rtw* at pci? # Realtek 8180

4
sys/arch/arm64/conf/GENERIC
View File

@ -1,4 +1,4 @@
# $OpenBSD: GENERIC,v 1.282 2024/01/24 07:36:52 kevlo Exp $
# $OpenBSD: GENERIC,v 1.283 2024/02/15 16:33:54 deraadt Exp $
#
# GENERIC machine description file
#
@ -400,7 +400,7 @@ bwfm* at pci? # Broadcom FullMAC
iwn* at pci? # Intel WiFi Link 4965/5000/1000/6000
iwm* at pci? # Intel WiFi Link 7xxx
iwx* at pci? # Intel WiFi Link 22xxx
#qwx* at pci? # Qualcomm 802.11ax
qwx* at pci? # Qualcomm 802.11ax
# PCI SCSI
ahci* at pci? flags 0x0000 # AHCI SATA controllers

4
sys/arch/arm64/conf/RAMDISK
View File

@ -1,4 +1,4 @@
# $OpenBSD: RAMDISK,v 1.212 2023/12/28 17:36:29 stsp Exp $
# $OpenBSD: RAMDISK,v 1.213 2024/02/15 16:33:54 deraadt Exp $
machine arm64
maxusers 4
@ -315,7 +315,7 @@ vmx* at pci? # VMware VMXNET3 virtual interface
athn* at pci? # Atheros AR9k (802.11a/g/n)
bwfm* at pci? # Broadcom FullMAC
iwx* at pci? # Intel WiFi Link 22xxx
#qwx* at pci? # Qualcomm 802.11ax
qwx* at pci? # Qualcomm 802.11ax
# PCI SCSI
ahci* at pci? flags 0x0000 # AHCI SATA controllers

4
sys/dev/fdt/rkdrm.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rkdrm.c,v 1.20 2024/01/19 17:51:15 kettenis Exp $ */
/* $OpenBSD: rkdrm.c,v 1.21 2024/02/15 09:48:03 jsg Exp $ */
/* $NetBSD: rk_drm.c,v 1.3 2019/12/15 01:00:58 mrg Exp $ */
/*-
* Copyright (c) 2019 Jared D. McNeill <jmcneill@invisible.ca>
@ -528,7 +528,7 @@ rkdrm_fb_probe(struct drm_fb_helper *helper, struct drm_fb_helper_surface_size *
info = drm_fb_helper_alloc_info(helper);
if (IS_ERR(info)) {
DRM_ERROR("Failed to allocate fb_info\n");
return error;
return PTR_ERR(info);
}
info->par = helper;
return 0;

21
sys/dev/ic/oosiop.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: oosiop.c,v 1.36 2022/04/16 19:19:59 naddy Exp $ */
/* $OpenBSD: oosiop.c,v 1.37 2024/02/13 17:51:17 miod Exp $ */
/* $NetBSD: oosiop.c,v 1.4 2003/10/29 17:45:55 tsutsui Exp $ */
/*
@ -726,8 +726,6 @@ oosiop_scsicmd(struct scsi_xfer *xs)
sc = xs->sc_link->bus->sb_adapter_softc;
s = splbio();
cb = xs->io;
cb->xs = xs;
@ -747,7 +745,6 @@ oosiop_scsicmd(struct scsi_xfer *xs)
if (err) {
printf("%s: unable to load cmd DMA map: %d",
sc->sc_dev.dv_xname, err);
splx(s);
xs->error = XS_DRIVER_STUFFUP;
scsi_done(xs);
return;
@ -769,7 +766,6 @@ oosiop_scsicmd(struct scsi_xfer *xs)
printf("%s: unable to load data DMA map: %d",
sc->sc_dev.dv_xname, err);
bus_dmamap_unload(sc->sc_dmat, cb->cmddma);
splx(s);
xs->error = XS_DRIVER_STUFFUP;
scsi_done(xs);
return;
@ -787,6 +783,12 @@ oosiop_scsicmd(struct scsi_xfer *xs)
*/
timeout_set(&xs->stimeout, oosiop_timeout, cb);
oosiop_setup(sc, cb);
s = splbio();
TAILQ_INSERT_TAIL(&sc->sc_cbq, cb, chain);
if (xs->flags & SCSI_POLL)
dopoll = 1;
else {
@ -795,16 +797,13 @@ oosiop_scsicmd(struct scsi_xfer *xs)
timeout_add_msec(&xs->stimeout, xs->timeout);
}
splx(s);
oosiop_setup(sc, cb);
TAILQ_INSERT_TAIL(&sc->sc_cbq, cb, chain);
if (!sc->sc_active) {
/* Abort script to start selection */
oosiop_write_1(sc, OOSIOP_ISTAT, OOSIOP_ISTAT_ABRT);
}
splx(s);
if (dopoll)
oosiop_poll(sc, cb);
}

121
sys/dev/ic/qwx.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: qwx.c,v 1.36 2024/02/09 14:11:00 stsp Exp $ */
/* $OpenBSD: qwx.c,v 1.40 2024/02/15 16:29:45 stsp Exp $ */
/*
* Copyright 2023 Stefan Sperling <stsp@openbsd.org>
@ -592,6 +592,14 @@ next_scan:
printf("%s: %s -> %s\n", ifp->if_xname,
ieee80211_state_name[ic->ic_state],
ieee80211_state_name[IEEE80211_S_SCAN]);
#if 0
if ((sc->sc_flags & QWX_FLAG_BGSCAN) == 0) {
#endif
ieee80211_set_link_state(ic, LINK_STATE_DOWN);
ieee80211_node_cleanup(ic, ic->ic_bss);
#if 0
}
#endif
ic->ic_state = IEEE80211_S_SCAN;
refcnt_rele_wake(&sc->task_refs);
splx(s);
@ -7734,7 +7742,7 @@ qwx_qmi_mem_seg_send(struct qwx_softc *sc)
sc->fwmem_ready = 0;
while (sc->sc_req_mem_ind == NULL) {
ret = tsleep_nsec(&sc->qmi_resp, 0, "qwxfwmem",
ret = tsleep_nsec(&sc->sc_req_mem_ind, 0, "qwxfwmem",
SEC_TO_NSEC(10));
if (ret) {
printf("%s: fw memory request timeout\n",
@ -14018,7 +14026,7 @@ qwx_dp_rxdma_buf_ring_free(struct qwx_softc *sc, struct dp_rxdma_ring *rx_ring)
sizeof(rx_ring->rx_data[0]) * rx_ring->bufs_max);
rx_ring->rx_data = NULL;
rx_ring->bufs_max = 0;
rx_ring->cur = 0;
memset(rx_ring->freemap, 0xff, sizeof(rx_ring->freemap));
}
void
@ -14067,7 +14075,20 @@ qwx_hal_rx_buf_addr_info_get(void *desc, uint64_t *paddr, uint32_t *cookie,
*rbm = FIELD_GET(BUFFER_ADDR_INFO1_RET_BUF_MGR, binfo->info1);
}
/* Returns number of Rx buffers replenished */
int
qwx_next_free_rxbuf_idx(struct dp_rxdma_ring *rx_ring)
{
int i, idx;
for (i = 0; i < nitems(rx_ring->freemap); i++) {
idx = ffs(rx_ring->freemap[i]);
if (idx > 0)
return ((idx - 1) + (i * 8));
}
return -1;
}
int
qwx_dp_rxbufs_replenish(struct qwx_softc *sc, int mac_id,
struct dp_rxdma_ring *rx_ring, int req_entries,
@ -14078,7 +14099,7 @@ qwx_dp_rxbufs_replenish(struct qwx_softc *sc, int mac_id,
struct mbuf *m;
int num_free;
int num_remain;
int ret;
int ret, idx;
uint32_t cookie;
uint64_t paddr;
struct qwx_rx_data *rx_data;
@ -14113,10 +14134,12 @@ qwx_dp_rxbufs_replenish(struct qwx_softc *sc, int mac_id,
goto fail_free_mbuf;
m->m_len = m->m_pkthdr.len = size;
rx_data = &rx_ring->rx_data[rx_ring->cur];
if (rx_data->m != NULL)
idx = qwx_next_free_rxbuf_idx(rx_ring);
if (idx == -1)
goto fail_free_mbuf;
rx_data = &rx_ring->rx_data[idx];
if (rx_data->map == NULL) {
ret = bus_dmamap_create(sc->sc_dmat, size, 1,
size, 0, BUS_DMA_NOWAIT, &rx_data->map);
@ -14137,11 +14160,12 @@ qwx_dp_rxbufs_replenish(struct qwx_softc *sc, int mac_id,
goto fail_dma_unmap;
rx_data->m = m;
m = NULL;
cookie = FIELD_PREP(DP_RXDMA_BUF_COOKIE_PDEV_ID, mac_id) |
FIELD_PREP(DP_RXDMA_BUF_COOKIE_BUF_ID, rx_ring->cur);
FIELD_PREP(DP_RXDMA_BUF_COOKIE_BUF_ID, idx);
rx_ring->cur = (rx_ring->cur + 1) % rx_ring->bufs_max;
clrbit(rx_ring->freemap, idx);
num_remain--;
paddr = rx_data->map->dm_segs[0].ds_addr;
@ -14183,7 +14207,7 @@ qwx_dp_rxdma_ring_buf_setup(struct qwx_softc *sc,
return ENOMEM;
rx_ring->bufs_max = num_entries;
rx_ring->cur = 0;
memset(rx_ring->freemap, 0xff, sizeof(rx_ring->freemap));
return qwx_dp_rxbufs_replenish(sc, dp->mac_id, rx_ring, num_entries,
sc->hw_params.hal_params->rx_buf_rbm);
@ -15196,16 +15220,14 @@ qwx_dp_process_rx_err_buf(struct qwx_softc *sc, uint32_t *ring_desc,
uint16_t msdu_len;
uint32_t hal_rx_desc_sz = sc->hw_params.hal_desc_sz;
if (buf_id >= rx_ring->bufs_max)
if (buf_id >= rx_ring->bufs_max || isset(rx_ring->freemap, buf_id))
return;
rx_data = &rx_ring->rx_data[buf_id];
if (rx_data->m == NULL)
return;
bus_dmamap_unload(sc->sc_dmat, rx_data->map);
m = rx_data->m;
rx_data->m = NULL;
setbit(rx_ring->freemap, buf_id);
if (drop) {
m_freem(m);
@ -15524,13 +15546,14 @@ qwx_dp_rx_process_wbm_err(struct qwx_softc *sc)
continue;
rx_ring = &sc->pdev_dp.rx_refill_buf_ring;
if (idx >= rx_ring->bufs_max)
if (idx >= rx_ring->bufs_max || isset(rx_ring->freemap, idx))
continue;
rx_data = &rx_ring->rx_data[idx];
rx_data = &rx_ring->rx_data[idx];
bus_dmamap_unload(sc->sc_dmat, rx_data->map);
m = rx_data->m;
rx_data->m = NULL;
setbit(rx_ring->freemap, idx);
num_buffs_reaped[mac_id]++;
total_num_buffs_reaped++;
@ -16075,16 +16098,14 @@ try_again:
continue;
rx_ring = &pdev_dp->rx_refill_buf_ring;
if (idx >= rx_ring->bufs_max)
if (idx >= rx_ring->bufs_max || isset(rx_ring->freemap, idx))
continue;
rx_data = &rx_ring->rx_data[idx];
if (rx_data->m == NULL)
continue;
bus_dmamap_unload(sc->sc_dmat, rx_data->map);
m = rx_data->m;
rx_data->m = NULL;
setbit(rx_ring->freemap, idx);
num_buffs_reaped[mac_id]++;
@ -16166,7 +16187,7 @@ qwx_dp_rx_alloc_mon_status_buf(struct qwx_softc *sc,
struct mbuf *m;
struct qwx_rx_data *rx_data;
const size_t size = DP_RX_BUFFER_SIZE;
int ret;
int ret, idx;
m = m_gethdr(M_DONTWAIT, MT_DATA);
if (m == NULL)
@ -16180,7 +16201,11 @@ qwx_dp_rx_alloc_mon_status_buf(struct qwx_softc *sc,
goto fail_free_mbuf;
m->m_len = m->m_pkthdr.len = size;
rx_data = &rx_ring->rx_data[rx_ring->cur];
idx = qwx_next_free_rxbuf_idx(rx_ring);
if (idx == -1)
goto fail_free_mbuf;
rx_data = &rx_ring->rx_data[idx];
if (rx_data->m != NULL)
goto fail_free_mbuf;
@ -16199,8 +16224,9 @@ qwx_dp_rx_alloc_mon_status_buf(struct qwx_softc *sc,
goto fail_free_mbuf;
}
*buf_idx = rx_ring->cur;
*buf_idx = idx;
rx_data->m = m;
clrbit(rx_ring->freemap, idx);
return m;
fail_free_mbuf:
@ -16250,25 +16276,20 @@ qwx_dp_rx_reap_mon_status_ring(struct qwx_softc *sc, int mac_id,
&cookie, &rbm);
if (paddr) {
buf_idx = FIELD_GET(DP_RXDMA_BUF_COOKIE_BUF_ID, cookie);
rx_data = &rx_ring->rx_data[buf_idx];
if (rx_data->m == NULL) {
printf("%s: rx monitor status with invalid "
"buf_idx %d\n", __func__, buf_idx);
if (buf_idx >= rx_ring->bufs_max ||
isset(rx_ring->freemap, buf_idx)) {
pmon->buf_state = DP_MON_STATUS_REPLINISH;
goto move_next;
}
rx_data = &rx_ring->rx_data[buf_idx];
bus_dmamap_sync(sc->sc_dmat, rx_data->map, 0,
rx_data->m->m_pkthdr.len, BUS_DMASYNC_POSTREAD);
tlv = mtod(rx_data->m, struct hal_tlv_hdr *);
if (FIELD_GET(HAL_TLV_HDR_TAG, tlv->tl) !=
HAL_RX_STATUS_BUFFER_DONE) {
printf("%s: mon status DONE not set %lx, "
"buf_idx %d\n", __func__,
FIELD_GET(HAL_TLV_HDR_TAG, tlv->tl),
buf_idx);
HAL_RX_STATUS_BUFFER_DONE) {
/* If done status is missing, hold onto status
* ring until status is done for this status
* ring buffer.
@ -16283,6 +16304,7 @@ qwx_dp_rx_reap_mon_status_ring(struct qwx_softc *sc, int mac_id,
bus_dmamap_unload(sc->sc_dmat, rx_data->map);
m = rx_data->m;
rx_data->m = NULL;
setbit(rx_ring->freemap, buf_idx);
#if 0
if (ab->hw_params.full_monitor_mode) {
ath11k_dp_rx_mon_update_status_buf_state(pmon, tlv);
@ -16304,7 +16326,6 @@ move_next:
break;
}
rx_data = &rx_ring->rx_data[buf_idx];
KASSERT(rx_data->m == NULL);
cookie = FIELD_PREP(DP_RXDMA_BUF_COOKIE_PDEV_ID, mac_id) |
FIELD_PREP(DP_RXDMA_BUF_COOKIE_BUF_ID, buf_idx);
@ -16491,7 +16512,8 @@ qwx_dp_process_rxdma_err(struct qwx_softc *sc, int mac_id)
for (i = 0; i < num_msdus; i++) {
idx = FIELD_GET(DP_RXDMA_BUF_COOKIE_BUF_ID,
msdu_cookies[i]);
if (idx >= rx_ring->bufs_max)
if (idx >= rx_ring->bufs_max ||
isset(rx_ring->freemap, idx))
continue;
rx_data = &rx_ring->rx_data[idx];
@ -16499,6 +16521,7 @@ qwx_dp_process_rxdma_err(struct qwx_softc *sc, int mac_id)
bus_dmamap_unload(sc->sc_dmat, rx_data->map);
m_freem(rx_data->m);
rx_data->m = NULL;
setbit(rx_ring->freemap, idx);
num_buf_freed++;
}
@ -16868,15 +16891,18 @@ qwx_dp_service_srng(struct qwx_softc *sc, int grp_id)
for (j = 0; j < sc->hw_params.num_rxmda_per_pdev; j++) {
int id = i * sc->hw_params.num_rxmda_per_pdev + j;
if ((sc->hw_params.ring_mask->rxdma2host[grp_id] &
(1 << (id))) == 0)
continue;
if (sc->hw_params.ring_mask->rxdma2host[grp_id] &
(1 << (id))) {
if (qwx_dp_process_rxdma_err(sc, id))
ret = 1;
}
if (qwx_dp_process_rxdma_err(sc, id))
ret = 1;
qwx_dp_rxbufs_replenish(sc, id, &dp->rx_refill_buf_ring,
0, sc->hw_params.hal_params->rx_buf_rbm);
if (sc->hw_params.ring_mask->host2rxdma[grp_id] &
(1 << id)) {
qwx_dp_rxbufs_replenish(sc, id,
&dp->rx_refill_buf_ring, 0,
sc->hw_params.hal_params->rx_buf_rbm);
}
}
}
@ -21517,6 +21543,7 @@ int
qwx_mac_op_start(struct qwx_pdev *pdev)
{
struct qwx_softc *sc = pdev->sc;
struct ieee80211com *ic = &sc->sc_ic;
int ret;
ret = qwx_wmi_pdev_set_param(sc, WMI_PDEV_PARAM_PMF_QOS, 1,
@ -21536,7 +21563,7 @@ qwx_mac_op_start(struct qwx_pdev *pdev)
}
if (isset(sc->wmi.svc_map, WMI_TLV_SERVICE_SPOOF_MAC_SUPPORT)) {
ret = qwx_wmi_scan_prob_req_oui(sc, sc->mac_addr,
ret = qwx_wmi_scan_prob_req_oui(sc, ic->ic_myaddr,
pdev->pdev_id);
if (ret) {
printf("%s: failed to set prob req oui for "
@ -22050,17 +22077,17 @@ qwx_mac_op_add_interface(struct qwx_pdev *pdev)
goto err;
}
ret = qwx_wmi_vdev_create(sc, sc->mac_addr, &vdev_param);
ret = qwx_wmi_vdev_create(sc, ic->ic_myaddr, &vdev_param);
if (ret) {
printf("%s: failed to create WMI vdev %d %s: %d\n",
sc->sc_dev.dv_xname, arvif->vdev_id,
ether_sprintf(sc->mac_addr), ret);
ether_sprintf(ic->ic_myaddr), ret);
goto err;
}
sc->num_created_vdevs++;
DNPRINTF(QWX_D_MAC, "%s: vdev %s created, vdev_id %d\n", __func__,
ether_sprintf(sc->mac_addr), arvif->vdev_id);
ether_sprintf(ic->ic_myaddr), arvif->vdev_id);
sc->allocated_vdev_map |= 1U << arvif->vdev_id;
sc->free_vdev_map &= ~(1U << arvif->vdev_id);
#ifdef notyet

4
sys/dev/ic/qwxvar.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: qwxvar.h,v 1.18 2024/02/09 14:09:19 stsp Exp $ */
/* $OpenBSD: qwxvar.h,v 1.19 2024/02/15 11:57:38 stsp Exp $ */
/*
* Copyright (c) 2018-2019 The Linux Foundation.
@ -1435,8 +1435,8 @@ struct dp_rxdma_ring {
#else
struct qwx_rx_data *rx_data;
#endif
int cur;
int bufs_max;
uint8_t freemap[howmany(DP_RXDMA_BUF_RING_SIZE, 8)];
};
enum hal_rx_mon_status {

8
sys/dev/pci/if_bnxt.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_bnxt.c,v 1.46 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_bnxt.c,v 1.47 2024/02/14 22:41:48 bluhm Exp $ */
/*-
* Broadcom NetXtreme-C/E network driver.
*
@ -1432,10 +1432,8 @@ bnxt_start(struct ifqueue *ifq)
if (ext.tcp) {
lflags |= TX_BD_LONG_LFLAGS_LSO;
hdrsize = sizeof(*ext.eh);
if (ext.ip4)
hdrsize += ext.ip4hlen;
else if (ext.ip6)
hdrsize += sizeof(*ext.ip6);
if (ext.ip4 || ext.ip6)
hdrsize += ext.iphlen;
else
tcpstat_inc(tcps_outbadtso);

11
sys/dev/pci/if_em.c
View File

@ -31,7 +31,7 @@ POSSIBILITY OF SUCH DAMAGE.
***************************************************************************/
/* $OpenBSD: if_em.c,v 1.372 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_em.c,v 1.373 2024/02/14 22:41:48 bluhm Exp $ */
/* $FreeBSD: if_em.c,v 1.46 2004/09/29 18:28:28 mlaier Exp $ */
#include <dev/pci/if_em.h>
@ -2413,7 +2413,6 @@ em_tx_ctx_setup(struct em_queue *que, struct mbuf *mp, u_int head,
struct e1000_adv_tx_context_desc *TD;
uint32_t vlan_macip_lens = 0, type_tucmd_mlhl = 0, mss_l4len_idx = 0;
int off = 0;
uint8_t iphlen;
*olinfo_status = 0;
*cmd_type_len = 0;
@ -2433,8 +2432,6 @@ em_tx_ctx_setup(struct em_queue *que, struct mbuf *mp, u_int head,
vlan_macip_lens |= (sizeof(*ext.eh) << E1000_ADVTXD_MACLEN_SHIFT);
if (ext.ip4) {
iphlen = ext.ip4hlen;
type_tucmd_mlhl |= E1000_ADVTXD_TUCMD_IPV4;
if (ISSET(mp->m_pkthdr.csum_flags, M_IPV4_CSUM_OUT)) {
*olinfo_status |= E1000_TXD_POPTS_IXSM << 8;
@ -2442,18 +2439,14 @@ em_tx_ctx_setup(struct em_queue *que, struct mbuf *mp, u_int head,
}
#ifdef INET6
} else if (ext.ip6) {
iphlen = sizeof(*ext.ip6);
type_tucmd_mlhl |= E1000_ADVTXD_TUCMD_IPV6;
#endif
} else {
iphlen = 0;
}
*cmd_type_len |= E1000_ADVTXD_DTYP_DATA | E1000_ADVTXD_DCMD_IFCS;
*cmd_type_len |= E1000_ADVTXD_DCMD_DEXT;
*olinfo_status |= mp->m_pkthdr.len << E1000_ADVTXD_PAYLEN_SHIFT;
vlan_macip_lens |= iphlen;
vlan_macip_lens |= ext.iphlen;
type_tucmd_mlhl |= E1000_ADVTXD_DCMD_DEXT | E1000_ADVTXD_DTYP_CTXT;
if (ext.tcp) {

9
sys/dev/pci/if_igc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_igc.c,v 1.16 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_igc.c,v 1.17 2024/02/14 22:41:48 bluhm Exp $ */
/*-
* SPDX-License-Identifier: BSD-2-Clause
*
@ -2005,7 +2005,6 @@ igc_tx_ctx_setup(struct tx_ring *txr, struct mbuf *mp, int prod,
struct igc_adv_tx_context_desc *txdesc;
uint32_t type_tucmd_mlhl = 0;
uint32_t vlan_macip_lens = 0;
uint32_t iphlen;
int off = 0;
vlan_macip_lens |= (sizeof(*ext.eh) << IGC_ADVTXD_MACLEN_SHIFT);
@ -2028,8 +2027,6 @@ igc_tx_ctx_setup(struct tx_ring *txr, struct mbuf *mp, int prod,
ether_extract_headers(mp, &ext);
if (ext.ip4) {
iphlen = ext.ip4hlen;
type_tucmd_mlhl |= IGC_ADVTXD_TUCMD_IPV4;
if (ISSET(mp->m_pkthdr.csum_flags, M_IPV4_CSUM_OUT)) {
*olinfo_status |= IGC_TXD_POPTS_IXSM << 8;
@ -2037,15 +2034,13 @@ igc_tx_ctx_setup(struct tx_ring *txr, struct mbuf *mp, int prod,
}
#ifdef INET6
} else if (ext.ip6) {
iphlen = sizeof(*ext.ip6);
type_tucmd_mlhl |= IGC_ADVTXD_TUCMD_IPV6;
#endif
} else {
return 0;
}
vlan_macip_lens |= iphlen;
vlan_macip_lens |= ext.iphlen;
type_tucmd_mlhl |= IGC_ADVTXD_DCMD_DEXT | IGC_ADVTXD_DTYP_CTXT;
if (ext.tcp) {

44
sys/dev/pci/if_ix.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_ix.c,v 1.207 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_ix.c,v 1.209 2024/02/15 10:56:53 mglocker Exp $ */
/******************************************************************************
@ -2494,16 +2494,12 @@ ixgbe_tx_offload(struct mbuf *mp, uint32_t *vlan_macip_lens,
{
struct ether_extracted ext;
int offload = 0;
uint32_t ethlen, iphlen;
ether_extract_headers(mp, &ext);
ethlen = sizeof(*ext.eh);
*vlan_macip_lens |= (ethlen << IXGBE_ADVTXD_MACLEN_SHIFT);
*vlan_macip_lens |= (sizeof(*ext.eh) << IXGBE_ADVTXD_MACLEN_SHIFT);
if (ext.ip4) {
iphlen = ext.ip4hlen;
if (ISSET(mp->m_pkthdr.csum_flags, M_IPV4_CSUM_OUT)) {
*olinfo_status |= IXGBE_TXD_POPTS_IXSM << 8;
offload = 1;
@ -2512,8 +2508,6 @@ ixgbe_tx_offload(struct mbuf *mp, uint32_t *vlan_macip_lens,
*type_tucmd_mlhl |= IXGBE_ADVTXD_TUCMD_IPV4;
#ifdef INET6
} else if (ext.ip6) {
iphlen = sizeof(*ext.ip6);
*type_tucmd_mlhl |= IXGBE_ADVTXD_TUCMD_IPV6;
#endif
} else {
@ -2522,7 +2516,7 @@ ixgbe_tx_offload(struct mbuf *mp, uint32_t *vlan_macip_lens,
return offload;
}
*vlan_macip_lens |= iphlen;
*vlan_macip_lens |= ext.iphlen;
if (ext.tcp) {
*type_tucmd_mlhl |= IXGBE_ADVTXD_TUCMD_L4T_TCP;
@ -2548,7 +2542,7 @@ ixgbe_tx_offload(struct mbuf *mp, uint32_t *vlan_macip_lens,
*mss_l4len_idx |= outlen << IXGBE_ADVTXD_MSS_SHIFT;
*mss_l4len_idx |= thlen << IXGBE_ADVTXD_L4LEN_SHIFT;
hdrlen = ethlen + iphlen + thlen;
hdrlen = sizeof(*ext.eh) + ext.iphlen + thlen;
paylen = mp->m_pkthdr.len - hdrlen;
CLR(*olinfo_status, IXGBE_ADVTXD_PAYLEN_MASK
<< IXGBE_ADVTXD_PAYLEN_SHIFT);
@ -3266,22 +3260,24 @@ ixgbe_rxeof(struct rx_ring *rxr)
if (pkts > 1) {
struct ether_extracted ext;
uint32_t hdrlen, paylen;
uint32_t paylen;
/* Calculate header size. */
/*
* Calculate the payload size:
*
* The packet length returned by the NIC
* (sendmp->m_pkthdr.len) can contain
* padding, which we don't want to count
* in to the payload size. Therefore, we
* calculate the real payload size based
* on the total ip length field (ext.iplen).
*/
ether_extract_headers(sendmp, &ext);
hdrlen = sizeof(*ext.eh);
#if NVLAN > 0
if (ISSET(sendmp->m_flags, M_VLANTAG) ||
ext.evh)
hdrlen += ETHER_VLAN_ENCAP_LEN;
#endif
if (ext.ip4)
hdrlen += ext.ip4hlen;
if (ext.ip6)
hdrlen += sizeof(*ext.ip6);
paylen = ext.iplen;
if (ext.ip4 || ext.ip6)
paylen -= ext.iphlen;
if (ext.tcp) {
hdrlen += ext.tcphlen;
paylen -= ext.tcphlen;
tcpstat_inc(tcps_inhwlro);
tcpstat_add(tcps_inpktlro, pkts);
} else {
@ -3293,8 +3289,6 @@ ixgbe_rxeof(struct rx_ring *rxr)
* mark it as TSO, set a correct mss,
* and recalculate the TCP checksum.
*/
paylen = sendmp->m_pkthdr.len > hdrlen ?
sendmp->m_pkthdr.len - hdrlen : 0;
if (ext.tcp && paylen >= pkts) {
SET(sendmp->m_pkthdr.csum_flags,
M_TCP_TSO);

17
sys/dev/pci/if_ixl.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_ixl.c,v 1.95 2024/01/07 21:01:45 bluhm Exp $ */
/* $OpenBSD: if_ixl.c,v 1.97 2024/02/14 22:41:48 bluhm Exp $ */
/*
* Copyright (c) 2013-2015, Intel Corporation
@ -2826,28 +2826,27 @@ ixl_tx_setup_offload(struct mbuf *m0, struct ixl_tx_ring *txr,
offload |= ISSET(m0->m_pkthdr.csum_flags, M_IPV4_CSUM_OUT) ?
IXL_TX_DESC_CMD_IIPT_IPV4_CSUM :
IXL_TX_DESC_CMD_IIPT_IPV4;
hlen = ext.ip4->ip_hl << 2;
#ifdef INET6
} else if (ext.ip6) {
offload |= IXL_TX_DESC_CMD_IIPT_IPV6;
hlen = sizeof(*ext.ip6);
#endif
} else {
panic("CSUM_OUT set for non-IP packet");
/* NOTREACHED */
}
hlen = ext.iphlen;
offload |= (ETHER_HDR_LEN >> 1) << IXL_TX_DESC_MACLEN_SHIFT;
offload |= (hlen >> 2) << IXL_TX_DESC_IPLEN_SHIFT;
if (ext.tcp && ISSET(m0->m_pkthdr.csum_flags, M_TCP_CSUM_OUT)) {
offload |= IXL_TX_DESC_CMD_L4T_EOFT_TCP;
offload |= (uint64_t)ext.tcp->th_off << IXL_TX_DESC_L4LEN_SHIFT;
offload |= (uint64_t)(ext.tcphlen >> 2)
<< IXL_TX_DESC_L4LEN_SHIFT;
} else if (ext.udp && ISSET(m0->m_pkthdr.csum_flags, M_UDP_CSUM_OUT)) {
offload |= IXL_TX_DESC_CMD_L4T_EOFT_UDP;
offload |= (sizeof(*ext.udp) >> 2) << IXL_TX_DESC_L4LEN_SHIFT;
offload |= (uint64_t)(sizeof(*ext.udp) >> 2)
<< IXL_TX_DESC_L4LEN_SHIFT;
}
if (ISSET(m0->m_pkthdr.csum_flags, M_TCP_TSO)) {
@ -2855,7 +2854,7 @@ ixl_tx_setup_offload(struct mbuf *m0, struct ixl_tx_ring *txr,
struct ixl_tx_desc *ring, *txd;
uint64_t cmd = 0, paylen, outlen;
hlen += ext.tcp->th_off << 2;
hlen += ext.tcphlen;
outlen = m0->m_pkthdr.ph_mss;
paylen = m0->m_pkthdr.len - ETHER_HDR_LEN - hlen;
@ -3285,7 +3284,7 @@ ixl_rxeof(struct ixl_softc *sc, struct ixl_rx_ring *rxr)
bus_dmamap_sync(sc->sc_dmat, map, 0, map->dm_mapsize,
BUS_DMASYNC_POSTREAD);
bus_dmamap_unload(sc->sc_dmat, map);
m = rxm->rxm_m;
rxm->rxm_m = NULL;

67
sys/dev/pci/if_vmx.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_vmx.c,v 1.80 2024/02/09 15:22:41 jan Exp $ */
/* $OpenBSD: if_vmx.c,v 1.81 2024/02/15 13:24:45 jan Exp $ */
/*
* Copyright (c) 2013 Tsubai Masanari
@ -400,10 +400,12 @@ vmxnet3_attach(struct device *parent, struct device *self, void *aux)
ifp->if_watchdog = vmxnet3_watchdog;
ifp->if_hardmtu = VMXNET3_MAX_MTU;
ifp->if_capabilities = IFCAP_VLAN_MTU;
#if 0
if (sc->sc_ds->upt_features & UPT1_F_CSUM)
if (sc->sc_ds->upt_features & UPT1_F_CSUM) {
ifp->if_capabilities |= IFCAP_CSUM_TCPv4 | IFCAP_CSUM_UDPv4;
#endif
ifp->if_capabilities |= IFCAP_CSUM_TCPv6 | IFCAP_CSUM_UDPv6;
}
#if NVLAN > 0
if (sc->sc_ds->upt_features & UPT1_F_VLAN)
ifp->if_capabilities |= IFCAP_VLAN_HWTAGGING;
@ -1397,6 +1399,55 @@ vmx_load_mbuf(bus_dma_tag_t dmat, bus_dmamap_t map, struct mbuf *m)
BUS_DMA_STREAMING | BUS_DMA_NOWAIT));
}
void
vmxnet3_tx_offload(struct vmxnet3_txdesc *sop, struct mbuf *m)
{
struct ether_extracted ext;
uint32_t offset = 0;
uint32_t hdrlen;
/*
* VLAN Offload
*/
#if NVLAN > 0
if (ISSET(m->m_flags, M_VLANTAG)) {
sop->tx_word3 |= htole32(VMXNET3_TX_VTAG_MODE);
sop->tx_word3 |= htole32((m->m_pkthdr.ether_vtag &
VMXNET3_TX_VLANTAG_M) << VMXNET3_TX_VLANTAG_S);
}
#endif
/*
* Checksum Offload
*/
if (!ISSET(m->m_pkthdr.csum_flags, M_TCP_CSUM_OUT) &&
!ISSET(m->m_pkthdr.csum_flags, M_UDP_CSUM_OUT))
return;
ether_extract_headers(m, &ext);
hdrlen = sizeof(*ext.eh);
if (ext.evh)
hdrlen = sizeof(*ext.evh);
if (ext.ip4 || ext.ip6)
hdrlen += ext.iphlen;
if (ext.tcp)
offset = hdrlen + offsetof(struct tcphdr, th_sum);
else if (ext.udp)
offset = hdrlen + offsetof(struct udphdr, uh_sum);
hdrlen &= VMXNET3_TX_HLEN_M;
offset &= VMXNET3_TX_OP_M;
sop->tx_word3 |= htole32(VMXNET3_OM_CSUM << VMXNET3_TX_OM_S);
sop->tx_word3 |= htole32(hdrlen << VMXNET3_TX_HLEN_S);
sop->tx_word2 |= htole32(offset << VMXNET3_TX_OP_S);
}
void
vmxnet3_start(struct ifqueue *ifq)
{
@ -1469,13 +1520,7 @@ vmxnet3_start(struct ifqueue *ifq)
}
txd->tx_word3 = htole32(VMXNET3_TX_EOP | VMXNET3_TX_COMPREQ);
#if NVLAN > 0
if (ISSET(m->m_flags, M_VLANTAG)) {
sop->tx_word3 |= htole32(VMXNET3_TX_VTAG_MODE);
sop->tx_word3 |= htole32((m->m_pkthdr.ether_vtag &
VMXNET3_TX_VLANTAG_M) << VMXNET3_TX_VLANTAG_S);
}
#endif
vmxnet3_tx_offload(sop, m);
ring->prod = prod;
/* Change the ownership by flipping the "generation" bit */

10
sys/dev/pv/if_vio.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_vio.c,v 1.30 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_vio.c,v 1.31 2024/02/14 22:41:48 bluhm Exp $ */
/*
* Copyright (c) 2012 Stefan Fritsch, Alexander Fiveg.
@ -764,12 +764,8 @@ again:
else
hdr->csum_offset = offsetof(struct udphdr, uh_sum);
if (ext.ip4)
hdr->csum_start += ext.ip4hlen;
#ifdef INET6
else if (ext.ip6)
hdr->csum_start += sizeof(*ext.ip6);
#endif
if (ext.ip4 || ext.ip6)
hdr->csum_start += ext.iphlen;
hdr->flags = VIRTIO_NET_HDR_F_NEEDS_CSUM;
}

4
sys/kern/init_main.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: init_main.c,v 1.324 2024/01/01 07:00:18 jsg Exp $ */
/* $OpenBSD: init_main.c,v 1.325 2024/02/14 06:17:51 miod Exp $ */
/* $NetBSD: init_main.c,v 1.84.4.1 1996/06/02 09:08:06 mrg Exp $ */
/*
@ -537,7 +537,7 @@ main(void *framep)
/*
* Start the idle pool page garbage collector
*/
#if !(defined(__m88k__) && defined(MULTIPROCESSOR)) /* XXX */
#if defined(MULTIPROCESSOR)
pool_gc_pages(NULL);
#endif

40
sys/net/if_ethersubr.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_ethersubr.c,v 1.292 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_ethersubr.c,v 1.293 2024/02/14 22:41:48 bluhm Exp $ */
/* $NetBSD: if_ethersubr.c,v 1.19 1996/05/07 02:40:30 thorpej Exp $ */
/*
@ -1051,7 +1051,7 @@ void
ether_extract_headers(struct mbuf *m0, struct ether_extracted *ext)
{
struct mbuf *m;
size_t hlen;
size_t hlen, iplen;
int hoff;
uint8_t ipproto;
uint16_t ether_type;
@ -1143,7 +1143,19 @@ ether_extract_headers(struct mbuf *m0, struct ether_extracted *ext)
ext->ip4 = NULL;
return;
}
ext->ip4hlen = hlen;
iplen = ntohs(ext->ip4->ip_len);
if (ext->paylen < iplen) {
DPRINTF("paylen %u, ip4len %zu", ext->paylen, iplen);
ext->ip4 = NULL;
return;
}
if (iplen < hlen) {
DPRINTF("ip4len %zu, ip4hlen %zu", iplen, hlen);
ext->ip4 = NULL;
return;
}
ext->iplen = iplen;
ext->iphlen = hlen;
ext->paylen -= hlen;
ipproto = ext->ip4->ip_p;
@ -1166,6 +1178,14 @@ ether_extract_headers(struct mbuf *m0, struct ether_extracted *ext)
ext->ip6 = NULL;
return;
}
iplen = hlen + ntohs(ext->ip6->ip6_plen);
if (ext->paylen < iplen) {
DPRINTF("paylen %u, ip6len %zu", ext->paylen, iplen);
ext->ip6 = NULL;
return;
}
ext->iplen = iplen;
ext->iphlen = hlen;
ext->paylen -= hlen;
ipproto = ext->ip6->ip6_nxt;
break;
@ -1192,8 +1212,9 @@ ether_extract_headers(struct mbuf *m0, struct ether_extracted *ext)
ext->tcp = NULL;
return;
}
if (ext->paylen < hlen) {
DPRINTF("paylen %u, tcphlen %zu", ext->paylen, hlen);
if (ext->iplen - ext->iphlen < hlen) {
DPRINTF("iplen %u, iphlen %u, tcphlen %zu",
ext->iplen, ext->iphlen, hlen);
ext->tcp = NULL;
return;
}
@ -1211,17 +1232,18 @@ ether_extract_headers(struct mbuf *m0, struct ether_extracted *ext)
ext->udp = (struct udphdr *)(mtod(m, caddr_t) + hoff);
hlen = sizeof(*ext->udp);
if (ext->paylen < hlen) {
DPRINTF("paylen %u, udphlen %zu", ext->paylen, hlen);
if (ext->iplen - ext->iphlen < hlen) {
DPRINTF("iplen %u, iphlen %u, udphlen %zu",
ext->iplen, ext->iphlen, hlen);
ext->udp = NULL;
return;
}
break;
}
DNPRINTF(2, "%s%s%s%s%s%s ip4h %u, tcph %u, payl %u",
DNPRINTF(2, "%s%s%s%s%s%s ip %u, iph %u, tcph %u, payl %u",
ext->eh ? "eh," : "", ext->evh ? "evh," : "",
ext->ip4 ? "ip4," : "", ext->ip6 ? "ip6," : "",
ext->tcp ? "tcp," : "", ext->udp ? "udp," : "",
ext->ip4hlen, ext->tcphlen, ext->paylen);
ext->iplen, ext->iphlen, ext->tcphlen, ext->paylen);
}

4
sys/net80211/ieee80211.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ieee80211.c,v 1.88 2022/03/19 10:25:09 stsp Exp $ */
/* $OpenBSD: ieee80211.c,v 1.89 2024/02/15 15:40:56 stsp Exp $ */
/* $NetBSD: ieee80211.c,v 1.19 2004/06/06 05:45:29 dyoung Exp $ */
/*-
@ -1125,7 +1125,7 @@ ieee80211_next_mode(struct ifnet *ifp)
* Indicate a wrap-around if we're running in a fixed, user-specified
* phy mode.
*/
if (IFM_MODE(ic->ic_media.ifm_cur->ifm_media) != IFM_AUTO)
if (IFM_SUBTYPE(ic->ic_media.ifm_cur->ifm_media) != IFM_AUTO)
return (IEEE80211_MODE_AUTO);
/*

5
sys/netinet/if_ether.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: if_ether.h,v 1.91 2024/02/13 13:58:19 bluhm Exp $ */
/* $OpenBSD: if_ether.h,v 1.92 2024/02/14 22:41:48 bluhm Exp $ */
/* $NetBSD: if_ether.h,v 1.22 1996/05/11 13:00:00 mycroft Exp $ */
/*
@ -307,7 +307,8 @@ struct ether_extracted {
struct ip6_hdr *ip6;
struct tcphdr *tcp;
struct udphdr *udp;
u_int ip4hlen;
u_int iplen;
u_int iphlen;
u_int tcphlen;
u_int paylen;
};

130
sys/netinet6/ip6_var.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: ip6_var.h,v 1.113 2024/02/13 12:22:09 bluhm Exp $ */
/* $OpenBSD: ip6_var.h,v 1.114 2024/02/14 13:18:21 claudio Exp $ */
/* $KAME: ip6_var.h,v 1.33 2000/06/11 14:59:20 jinmei Exp $ */
/*
@ -64,6 +64,70 @@
#ifndef _NETINET6_IP6_VAR_H_
#define _NETINET6_IP6_VAR_H_
struct ip6stat {
u_int64_t ip6s_total; /* total packets received */
u_int64_t ip6s_tooshort; /* packet too short */
u_int64_t ip6s_toosmall; /* not enough data */
u_int64_t ip6s_fragments; /* fragments received */
u_int64_t ip6s_fragdropped; /* frags dropped(dups, out of space) */
u_int64_t ip6s_fragtimeout; /* fragments timed out */
u_int64_t ip6s_fragoverflow; /* fragments that exceeded limit */
u_int64_t ip6s_forward; /* packets forwarded */
u_int64_t ip6s_cantforward; /* packets rcvd for unreachable dest */
u_int64_t ip6s_redirectsent; /* packets forwarded on same net */
u_int64_t ip6s_delivered; /* datagrams delivered to upper level*/
u_int64_t ip6s_localout; /* total ip packets generated here */
u_int64_t ip6s_odropped; /* lost output due to nobufs, etc. */
u_int64_t ip6s_reassembled; /* total packets reassembled ok */
u_int64_t ip6s_fragmented; /* datagrams successfully fragmented */
u_int64_t ip6s_ofragments; /* output fragments created */
u_int64_t ip6s_cantfrag; /* don't fragment flag was set, etc. */
u_int64_t ip6s_badoptions; /* error in option processing */
u_int64_t ip6s_noroute; /* packets discarded due to no route */
u_int64_t ip6s_badvers; /* ip6 version != 6 */
u_int64_t ip6s_rawout; /* total raw ip packets generated */
u_int64_t ip6s_badscope; /* scope error */
u_int64_t ip6s_notmember; /* don't join this multicast group */
u_int64_t ip6s_nxthist[256]; /* next header history */
u_int64_t ip6s_m1; /* one mbuf */
u_int64_t ip6s_m2m[32]; /* two or more mbuf */
u_int64_t ip6s_mext1; /* one ext mbuf */
u_int64_t ip6s_mext2m; /* two or more ext mbuf */
u_int64_t ip6s_nogif; /* no match gif found */
u_int64_t ip6s_toomanyhdr; /* discarded due to too many headers */
/*
* statistics for improvement of the source address selection
* algorithm:
* XXX: hardcoded 16 = # of ip6 multicast scope types + 1
*/
/* number of times that address selection fails */
u_int64_t ip6s_sources_none;
/* number of times that an address on the outgoing I/F is chosen */
u_int64_t ip6s_sources_sameif[16];
/* number of times that an address on a non-outgoing I/F is chosen */
u_int64_t ip6s_sources_otherif[16];
/*
* number of times that an address that has the same scope
* from the destination is chosen.
*/
u_int64_t ip6s_sources_samescope[16];
/*
* number of times that an address that has a different scope
* from the destination is chosen.
*/
u_int64_t ip6s_sources_otherscope[16];
/* number of times that an deprecated address is chosen */
u_int64_t ip6s_sources_deprecated[16];
u_int64_t ip6s_rtcachehit; /* valid route found in cache */
u_int64_t ip6s_rtcachemiss; /* route cache with new destination */
u_int64_t ip6s_wrongif; /* packet received on wrong interface */
u_int64_t ip6s_idropped; /* lost input due to nobufs, etc. */
};
#ifdef _KERNEL
/*
* IP6 reassembly queue structure. Each fragment
* being reassembled is attached to one of these structures.
@ -140,70 +204,6 @@ struct ip6_pktopts {
#define IP6PO_DONTFRAG 0x04 /* disable fragmentation (IPV6_DONTFRAG) */
};
struct ip6stat {
u_int64_t ip6s_total; /* total packets received */
u_int64_t ip6s_tooshort; /* packet too short */
u_int64_t ip6s_toosmall; /* not enough data */
u_int64_t ip6s_fragments; /* fragments received */
u_int64_t ip6s_fragdropped; /* frags dropped(dups, out of space) */
u_int64_t ip6s_fragtimeout; /* fragments timed out */
u_int64_t ip6s_fragoverflow; /* fragments that exceeded limit */
u_int64_t ip6s_forward; /* packets forwarded */
u_int64_t ip6s_cantforward; /* packets rcvd for unreachable dest */
u_int64_t ip6s_redirectsent; /* packets forwarded on same net */
u_int64_t ip6s_delivered; /* datagrams delivered to upper level*/
u_int64_t ip6s_localout; /* total ip packets generated here */
u_int64_t ip6s_odropped; /* lost output due to nobufs, etc. */
u_int64_t ip6s_reassembled; /* total packets reassembled ok */
u_int64_t ip6s_fragmented; /* datagrams successfully fragmented */
u_int64_t ip6s_ofragments; /* output fragments created */
u_int64_t ip6s_cantfrag; /* don't fragment flag was set, etc. */
u_int64_t ip6s_badoptions; /* error in option processing */
u_int64_t ip6s_noroute; /* packets discarded due to no route */
u_int64_t ip6s_badvers; /* ip6 version != 6 */
u_int64_t ip6s_rawout; /* total raw ip packets generated */
u_int64_t ip6s_badscope; /* scope error */
u_int64_t ip6s_notmember; /* don't join this multicast group */
u_int64_t ip6s_nxthist[256]; /* next header history */
u_int64_t ip6s_m1; /* one mbuf */
u_int64_t ip6s_m2m[32]; /* two or more mbuf */
u_int64_t ip6s_mext1; /* one ext mbuf */
u_int64_t ip6s_mext2m; /* two or more ext mbuf */
u_int64_t ip6s_nogif; /* no match gif found */
u_int64_t ip6s_toomanyhdr; /* discarded due to too many headers */
/*
* statistics for improvement of the source address selection
* algorithm:
* XXX: hardcoded 16 = # of ip6 multicast scope types + 1
*/
/* number of times that address selection fails */
u_int64_t ip6s_sources_none;
/* number of times that an address on the outgoing I/F is chosen */
u_int64_t ip6s_sources_sameif[16];
/* number of times that an address on a non-outgoing I/F is chosen */
u_int64_t ip6s_sources_otherif[16];
/*
* number of times that an address that has the same scope
* from the destination is chosen.
*/
u_int64_t ip6s_sources_samescope[16];
/*
* number of times that an address that has a different scope
* from the destination is chosen.
*/
u_int64_t ip6s_sources_otherscope[16];
/* number of times that an deprecated address is chosen */
u_int64_t ip6s_sources_deprecated[16];
u_int64_t ip6s_rtcachehit; /* valid route found in cache */
u_int64_t ip6s_rtcachemiss; /* route cache with new destination */
u_int64_t ip6s_wrongif; /* packet received on wrong interface */
u_int64_t ip6s_idropped; /* lost input due to nobufs, etc. */
};
#ifdef _KERNEL
#include <sys/percpu.h>
enum ip6stat_counters {

18
usr.bin/doas/doas.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: doas.c,v 1.98 2022/12/22 19:53:22 kn Exp $ */
/* $OpenBSD: doas.c,v 1.99 2024/02/15 18:57:58 tedu Exp $ */
/*
* Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
*
@ -145,8 +145,10 @@ permit(uid_t uid, gid_t *groups, int ngroups, const struct rule **lastr,
*lastr = rules[i];
}
if (!*lastr)
return -1;
if ((*lastr)->action == PERMIT)
return 0;
return (*lastr)->action == PERMIT;
return -1;
}
static void
@ -181,6 +183,7 @@ checkconfig(const char *confpath, int argc, char **argv,
uid_t uid, gid_t *groups, int ngroups, uid_t target)
{
const struct rule *rule;
int rv;
setresuid(uid, uid, uid);
if (pledge("stdio rpath getpw", NULL) == -1)
@ -188,9 +191,9 @@ checkconfig(const char *confpath, int argc, char **argv,
parseconfig(confpath, 0);
if (!argc)
exit(0);
if (permit(uid, groups, ngroups, &rule, target, argv[0],
(const char **)argv + 1)) {
rv = permit(uid, groups, ngroups, &rule, target, argv[0],
(const char **)argv + 1);
if (rv == 0) {
printf("permit%s\n", (rule->options & NOPASS) ? " nopass" : "");
exit(0);
} else {
@ -412,8 +415,9 @@ main(int argc, char **argv)
}
cmd = argv[0];
if (!permit(uid, groups, ngroups, &rule, target, cmd,
(const char **)argv + 1)) {
rv = permit(uid, groups, ngroups, &rule, target, cmd,
(const char **)argv + 1);
if (rv != 0) {
syslog(LOG_AUTHPRIV | LOG_NOTICE,
"command not permitted for %s: %s", mypw->pw_name, cmdline);
errc(1, EPERM, NULL);

4
usr.bin/doas/doas.h
View File

@ -1,4 +1,4 @@
/* $OpenBSD: doas.h,v 1.19 2021/11/30 20:08:15 tobias Exp $ */
/* $OpenBSD: doas.h,v 1.20 2024/02/15 18:57:58 tedu Exp $ */
/*
* Copyright (c) 2015 Ted Unangst <tedu@openbsd.org>
*
@ -36,7 +36,7 @@ struct passwd;
char **prepenv(const struct rule *, const struct passwd *,
const struct passwd *);
#define PERMIT 1
#define PERMIT -1
#define DENY 2
#define NOPASS 0x1

3
usr.bin/fgen/fgen.l
View File

@ -1,5 +1,5 @@
%{
/* $OpenBSD: fgen.l,v 1.16 2023/11/10 16:02:47 jasper Exp $ */
/* $OpenBSD: fgen.l,v 1.17 2024/02/14 02:40:02 jsg Exp $ */
/* $NetBSD: fgen.l,v 1.37 2016/03/08 20:13:44 christos Exp $ */
/* FLEX input for FORTH input file scanner */
/*
@ -1264,6 +1264,7 @@ tokenize(YY_BUFFER_STATE yinput)
token->text);
free((void *)fcode->name);
free(fcode);
break;
}
if (debug)
printf("Adding %s to dictionary\n", token->text);

17
usr.bin/vi/common/exf.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: exf.c,v 1.48 2021/10/25 14:17:24 dv Exp $ */
/* $OpenBSD: exf.c,v 1.50 2024/02/15 00:55:01 jsg Exp $ */
/*-
* Copyright (c) 1992, 1993, 1994
@ -207,6 +207,7 @@ file_init(SCR *sp, FREF *frp, char *rcv_name, int flags)
if ((frp->tname = strdup(tname)) == NULL ||
(frp->name == NULL && (frp->name = strdup(tname)) == NULL)) {
free(frp->tname);
frp->tname = NULL;
msgq(sp, M_SYSERR, NULL);
(void)unlink(tname);
goto err;
@ -666,6 +667,7 @@ file_end(SCR *sp, EXF *ep, int force)
TAILQ_REMOVE(&sp->gp->frefq, frp, q);
free(frp->name);
free(frp);
frp = NULL;
}
sp->frp = NULL;
}
@ -676,7 +678,10 @@ file_end(SCR *sp, EXF *ep, int force)
* Close the db structure.
*/
if (ep->db->close != NULL && ep->db->close(ep->db) && !force) {
msgq_str(sp, M_SYSERR, frp->name, "%s: close");
if (frp)
msgq_str(sp, M_SYSERR, frp->name, "%s: close");
else
msgq(sp, M_SYSERR, "close");
++ep->refcnt;
return (1);
}
@ -848,8 +853,10 @@ file_write(SCR *sp, MARK *fm, MARK *tm, char *name, int flags)
from.lno = 1;
from.cno = 0;
fm = &from;
if (db_last(sp, &to.lno))
if (db_last(sp, &to.lno)) {
(void)fclose(fp);
return (1);
}
to.cno = 0;
tm = &to;
}
@ -1012,8 +1019,10 @@ file_backup(SCR *sp, char *name, char *bname)
++bname;
} else
version = 0;
if (argv_exp2(sp, &cmd, bname, strlen(bname)))
if (argv_exp2(sp, &cmd, bname, strlen(bname))) {
(void)close(rfd);
return (1);
}
/*
* 0 args: impossible.

3
usr.sbin/radiusd/radiusd.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: radiusd.c,v 1.35 2024/02/09 07:46:32 yasuoka Exp $ */
/* $OpenBSD: radiusd.c,v 1.36 2024/02/14 02:44:58 jsg Exp $ */
/*
* Copyright (c) 2013, 2023 Internet Initiative Japan Inc.
@ -1286,6 +1286,7 @@ radiusd_module_imsg(struct radiusd_module *module, struct imsg *imsg)
log_warn("q=%u wrong pkt from module",
q->id);
radiusd_access_request_aborted(q);
break;
}
q->res = radpkt;
radiusd_access_request_answer(q);

4
usr.sbin/rpki-client/aspa.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: aspa.c,v 1.25 2024/02/05 19:23:58 job Exp $ */
/* $OpenBSD: aspa.c,v 1.26 2024/02/13 22:44:21 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@ -46,6 +46,8 @@ extern ASN1_OBJECT *aspa_oid;
* Types and templates for ASPA eContent draft-ietf-sidrops-aspa-profile-15
*/
ASN1_ITEM_EXP ASProviderAttestation_it;
typedef struct {
ASN1_INTEGER *version;
ASN1_INTEGER *customerASID;

83
usr.sbin/rpki-client/mft.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: mft.c,v 1.106 2024/02/05 19:23:58 job Exp $ */
/* $OpenBSD: mft.c,v 1.108 2024/02/15 07:01:33 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -49,6 +49,9 @@ extern ASN1_OBJECT *mft_oid;
* Types and templates for the Manifest eContent, RFC 6486, section 4.2.
*/
ASN1_ITEM_EXP FileAndHash_it;
ASN1_ITEM_EXP Manifest_it;
typedef struct {
ASN1_IA5STRING *file;
ASN1_BIT_STRING *hash;
@ -57,8 +60,13 @@ typedef struct {
DECLARE_STACK_OF(FileAndHash);
#ifndef DEFINE_STACK_OF
#define sk_FileAndHash_dup(sk) SKM_sk_dup(FileAndHash, (sk))
#define sk_FileAndHash_free(sk) SKM_sk_free(FileAndHash, (sk))
#define sk_FileAndHash_num(sk) SKM_sk_num(FileAndHash, (sk))
#define sk_FileAndHash_value(sk, i) SKM_sk_value(FileAndHash, (sk), (i))
#define sk_FileAndHash_sort(sk) SKM_sk_sort(FileAndHash, (sk))
#define sk_FileAndHash_set_cmp_func(sk, cmp) \
SKM_sk_set_cmp_func(FileAndHash, (sk), (cmp))
#endif
typedef struct {
@ -225,6 +233,76 @@ mft_parse_filehash(struct parse *p, const FileAndHash *fh)
return rc;
}
static int
mft_fh_cmp_name(const FileAndHash *const *a, const FileAndHash *const *b)
{
if ((*a)->file->length < (*b)->file->length)
return -1;
if ((*a)->file->length > (*b)->file->length)
return 1;
return memcmp((*a)->file->data, (*b)->file->data, (*b)->file->length);
}
static int
mft_fh_cmp_hash(const FileAndHash *const *a, const FileAndHash *const *b)
{
assert((*a)->hash->length == SHA256_DIGEST_LENGTH);
assert((*b)->hash->length == SHA256_DIGEST_LENGTH);
return memcmp((*a)->hash->data, (*b)->hash->data, (*b)->hash->length);
}
/*
* Assuming that the hash lengths are validated, this checks that all file names
* and hashes in a manifest are unique. Returns 1 on success, 0 on failure.
*/
static int
mft_has_unique_names_and_hashes(const char *fn, const Manifest *mft)
{
STACK_OF(FileAndHash) *fhs;
int i, ret = 0;
if ((fhs = sk_FileAndHash_dup(mft->fileList)) == NULL)
err(1, NULL);
(void)sk_FileAndHash_set_cmp_func(fhs, mft_fh_cmp_name);
sk_FileAndHash_sort(fhs);
for (i = 0; i < sk_FileAndHash_num(fhs) - 1; i++) {
const FileAndHash *curr = sk_FileAndHash_value(fhs, i);
const FileAndHash *next = sk_FileAndHash_value(fhs, i + 1);
if (mft_fh_cmp_name(&curr, &next) == 0) {
warnx("%s: duplicate name: %.*s", fn,
curr->file->length, curr->file->data);
goto err;
}
}
(void)sk_FileAndHash_set_cmp_func(fhs, mft_fh_cmp_hash);
sk_FileAndHash_sort(fhs);
for (i = 0; i < sk_FileAndHash_num(fhs) - 1; i++) {
const FileAndHash *curr = sk_FileAndHash_value(fhs, i);
const FileAndHash *next = sk_FileAndHash_value(fhs, i + 1);
if (mft_fh_cmp_hash(&curr, &next) == 0) {
warnx("%s: duplicate hash for %.*s and %.*s", fn,
curr->file->length, curr->file->data,
next->file->length, next->file->data);
goto err;
}
}
ret = 1;
err:
sk_FileAndHash_free(fhs);
return ret;
}
/*
* Handle the eContent of the manifest object, RFC 6486 sec. 4.2.
* Returns 0 on failure and 1 on success.
@ -313,6 +391,9 @@ mft_parse_econtent(const unsigned char *d, size_t dsz, struct parse *p)
goto out;
}
if (!mft_has_unique_names_and_hashes(p->fn, mft))
goto out;
rc = 1;
out:
Manifest_free(mft);

5
usr.sbin/rpki-client/output-json.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: output-json.c,v 1.41 2024/02/03 14:30:47 job Exp $ */
/* $OpenBSD: output-json.c,v 1.42 2024/02/13 20:41:22 job Exp $ */
/*
* Copyright (c) 2019 Claudio Jeker <claudio@openbsd.org>
*
@ -77,9 +77,6 @@ outputheader_json(struct stats *st)
json_do_int("cachedir_del_superfluous_files",
st->repo_stats.del_extra_files);
/* XXX: remove in rpki-client 9.0 */
json_do_int("stalemanifests", 0);
json_do_end();
}

6
usr.sbin/rpki-client/output-ometric.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: output-ometric.c,v 1.6 2024/02/03 14:30:47 job Exp $ */
/* $OpenBSD: output-ometric.c,v 1.7 2024/02/13 20:41:22 job Exp $ */
/*
* Copyright (c) 2022 Claudio Jeker <claudio@openbsd.org>
*
@ -48,10 +48,6 @@ set_common_stats(const struct repotalstats *in, struct ometric *metric,
ometric_set_int_with_labels(metric, in->mfts_fail,
OKV("type", "state"), OKV("manifest", "failed parse"), ol);
/* XXX: remove in rpki-client 9.0 */
ometric_set_int_with_labels(metric, 0,
OKV("type", "state"), OKV("manifest", "stale"), ol);
ometric_set_int_with_labels(metric, in->roas,
OKV("type", "state"), OKV("roa", "valid"), ol);
ometric_set_int_with_labels(metric, in->roas_fail,

42
usr.sbin/rpki-client/print.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: print.c,v 1.46 2024/02/01 15:11:38 tb Exp $ */
/* $OpenBSD: print.c,v 1.48 2024/02/13 20:40:17 job Exp $ */
/*
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -83,27 +83,26 @@ void
tal_print(const struct tal *p)
{
char *ski;
EVP_PKEY *pk;
RSA *r;
const unsigned char *der;
unsigned char *rder = NULL;
const unsigned char *der, *pkey_der;
X509_PUBKEY *pubkey;
ASN1_OBJECT *obj;
unsigned char md[SHA_DIGEST_LENGTH];
int rder_len;
int nid, der_len;
size_t i;
der = p->pkey;
pk = d2i_PUBKEY(NULL, &der, p->pkeysz);
if (pk == NULL)
errx(1, "d2i_PUBKEY failed in %s", __func__);
pkey_der = p->pkey;
if ((pubkey = d2i_X509_PUBKEY(NULL, &pkey_der, p->pkeysz)) == NULL)
errx(1, "d2i_X509_PUBKEY failed");
r = EVP_PKEY_get0_RSA(pk);
if (r == NULL)
errx(1, "EVP_PKEY_get0_RSA failed in %s", __func__);
if ((rder_len = i2d_RSAPublicKey(r, &rder)) <= 0)
errx(1, "i2d_RSAPublicKey failed in %s", __func__);
if (!X509_PUBKEY_get0_param(&obj, &der, &der_len, NULL, pubkey))
errx(1, "X509_PUBKEY_get0_param failed");
if (!EVP_Digest(rder, rder_len, md, NULL, EVP_sha1(), NULL))
errx(1, "EVP_Digest failed in %s", __func__);
if ((nid = OBJ_obj2nid(obj)) != NID_rsaEncryption)
errx(1, "RFC 7935: wrong signature algorithm %s, want %s",
nid2str(nid), LN_rsaEncryption);
if (!EVP_Digest(der, der_len, md, NULL, EVP_sha1(), NULL))
errx(1, "EVP_Digest failed");
ski = hex_encode(md, SHA_DIGEST_LENGTH);
@ -126,8 +125,7 @@ tal_print(const struct tal *p)
}
}
EVP_PKEY_free(pk);
free(rder);
X509_PUBKEY_free(pubkey);
free(ski);
}
@ -699,9 +697,11 @@ takey_print(char *name, const struct takey *t)
for (i = 0; i < t->commentsz; i++)
printf("\t# %s\n", t->comments[i]);
printf("\n");
if (t->commentsz > 0)
printf("\n");
for (i = 0; i < t->urisz; i++)
printf("\t%s\n\t", t->uris[i]);
printf("\t%s\n", t->uris[i]);
printf("\n\t");
for (i = 0; i < strlen(spki); i++) {
printf("%c", spki[i]);
if ((++j % 64) == 0)

6
usr.sbin/rpki-client/roa.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: roa.c,v 1.73 2024/02/05 19:23:58 job Exp $ */
/* $OpenBSD: roa.c,v 1.74 2024/02/13 22:44:21 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2019 Kristaps Dzonsons <kristaps@bsd.lv>
@ -45,6 +45,10 @@ extern ASN1_OBJECT *roa_oid;
* Types and templates for the ROA eContent, RFC 6482, section 3.
*/
ASN1_ITEM_EXP ROAIPAddress_it;
ASN1_ITEM_EXP ROAIPAddressFamily_it;
ASN1_ITEM_EXP RouteOriginAttestation_it;
typedef struct {
ASN1_BIT_STRING *address;
ASN1_INTEGER *maxLength;

9
usr.sbin/rpki-client/rsc.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: rsc.c,v 1.30 2024/02/05 19:23:58 job Exp $ */
/* $OpenBSD: rsc.c,v 1.31 2024/02/13 22:44:21 job Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2022 Job Snijders <job@fastly.com>
@ -45,6 +45,13 @@ extern ASN1_OBJECT *rsc_oid;
* Types and templates for RSC eContent - RFC 9323
*/
ASN1_ITEM_EXP ConstrainedASIdentifiers_it;
ASN1_ITEM_EXP ConstrainedIPAddressFamily_it;
ASN1_ITEM_EXP ConstrainedIPAddrBlocks_it;
ASN1_ITEM_EXP FileNameAndHash_it;
ASN1_ITEM_EXP ResourceBlock_it;
ASN1_ITEM_EXP RpkiSignedChecklist_it;
typedef struct {
ASIdOrRanges *asnum;
} ConstrainedASIdentifiers;

64
usr.sbin/rpki-client/tak.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: tak.c,v 1.14 2024/02/05 19:23:58 job Exp $ */
/* $OpenBSD: tak.c,v 1.16 2024/02/13 22:44:21 job Exp $ */
/*
* Copyright (c) 2022 Job Snijders <job@fastly.com>
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
@ -45,6 +45,9 @@ extern ASN1_OBJECT *tak_oid;
* ASN.1 templates for Trust Anchor Keys (draft-ietf-sidrops-signed-tal-12)
*/
ASN1_ITEM_EXP TAKey_it;
ASN1_ITEM_EXP TAK_it;
DECLARE_STACK_OF(ASN1_IA5STRING);
#ifndef DEFINE_STACK_OF
@ -90,13 +93,14 @@ parse_takey(const char *fn, const TAKey *takey)
{
const ASN1_UTF8STRING *comment;
const ASN1_IA5STRING *certURI;
EVP_PKEY *pkey;
RSA *r;
X509_PUBKEY *pkey;
ASN1_OBJECT *obj;
struct takey *res = NULL;
unsigned char *der = NULL, *rder = NULL;
const unsigned char *der;
unsigned char *pkey_der = NULL;
unsigned char md[SHA_DIGEST_LENGTH];
size_t i;
int rdersz, rc = 0;
int der_len, nid, pkey_der_len;
if ((res = calloc(1, sizeof(struct takey))) == NULL)
err(1, NULL);
@ -118,7 +122,7 @@ parse_takey(const char *fn, const TAKey *takey)
res->urisz = sk_ASN1_IA5STRING_num(takey->certificateURIs);
if (res->urisz == 0) {
warnx("%s: Signed TAL requires at least 1 CertificateURI", fn);
goto out;
goto err;
}
if ((res->uris = calloc(res->urisz, sizeof(char *))) == NULL)
err(1, NULL);
@ -127,7 +131,7 @@ parse_takey(const char *fn, const TAKey *takey)
certURI = sk_ASN1_IA5STRING_value(takey->certificateURIs, i);
if (!valid_uri(certURI->data, certURI->length, NULL)) {
warnx("%s: invalid TA URI", fn);
goto out;
goto err;
}
/* XXX: enforce that protocol is rsync or https. */
@ -137,44 +141,36 @@ parse_takey(const char *fn, const TAKey *takey)
err(1, NULL);
}
if ((pkey = X509_PUBKEY_get0(takey->subjectPublicKeyInfo)) == NULL) {
warnx("%s: X509_PUBKEY_get0 failed", fn);
goto out;
pkey = takey->subjectPublicKeyInfo;
if (!X509_PUBKEY_get0_param(&obj, &der, &der_len, NULL, pkey)) {
warnx("%s: X509_PUBKEY_get0_param failed", fn);
goto err;
}
if ((r = EVP_PKEY_get0_RSA(pkey)) == NULL) {
warnx("%s: EVP_PKEY_get0_RSA failed", fn);
goto out;
if ((nid = OBJ_obj2nid(obj)) != NID_rsaEncryption) {
warnx("%s: RFC 7935: wrong signature algorithm %s, want %s",
fn, nid2str(nid), LN_rsaEncryption);
goto err;
}
if ((rdersz = i2d_RSAPublicKey(r, &rder)) <= 0) {
warnx("%s: i2d_RSAPublicKey failed", fn);
goto out;
}
if (!EVP_Digest(rder, rdersz, md, NULL, EVP_sha1(), NULL)) {
if (!EVP_Digest(der, der_len, md, NULL, EVP_sha1(), NULL)) {
warnx("%s: EVP_Digest failed", fn);
goto out;
goto err;
}
res->ski = hex_encode(md, SHA_DIGEST_LENGTH);
if ((res->pubkeysz = i2d_PUBKEY(pkey, &der)) <= 0) {
warnx("%s: i2d_PUBKEY failed", fn);
goto out;
if ((pkey_der_len = i2d_X509_PUBKEY(pkey, &pkey_der)) <= 0) {
warnx("%s: i2d_X509_PUBKEY failed", fn);
goto err;
}
res->pubkey = pkey_der;
res->pubkeysz = pkey_der_len;
res->pubkey = der;
der = NULL;
rc = 1;
out:
if (rc == 0) {
takey_free(res);
res = NULL;
}
free(der);
free(rder);
return res;
err:
takey_free(res);
return NULL;
}
/*

44
usr.sbin/rpki-client/x509.c
View File

@ -1,4 +1,4 @@
/* $OpenBSD: x509.c,v 1.77 2024/02/01 15:11:38 tb Exp $ */
/* $OpenBSD: x509.c,v 1.79 2024/02/14 10:49:00 tb Exp $ */
/*
* Copyright (c) 2022 Theo Buehler <tb@openbsd.org>
* Copyright (c) 2021 Claudio Jeker <claudio@openbsd.org>
@ -191,18 +191,18 @@ out:
}
/*
* Parse X509v3 subject key identifier (SKI), RFC 6487 sec. 4.8.2.
* The SKI must be the SHA1 hash of the Subject Public Key.
* Validate the X509v3 subject key identifier (SKI), RFC 6487 section 4.8.2:
* "The SKI is a SHA-1 hash of the value of the DER-encoded ASN.1 BIT STRING of
* the Subject Public Key, as described in Section 4.2.1.2 of RFC 5280."
* Returns the SKI formatted as hex string, or NULL if it couldn't be parsed.
*/
int
x509_get_ski(X509 *x, const char *fn, char **ski)
{
const unsigned char *d, *spk;
ASN1_OCTET_STRING *os;
X509_PUBKEY *pubkey;
unsigned char spkd[SHA_DIGEST_LENGTH];
int crit, dsz, spkz, rc = 0;
unsigned char md[EVP_MAX_MD_SIZE];
unsigned int md_len = EVP_MAX_MD_SIZE;
int crit, rc = 0;
*ski = NULL;
os = X509_get_ext_d2i(x, NID_subject_key_identifier, &crit, NULL);
@ -220,36 +220,24 @@ x509_get_ski(X509 *x, const char *fn, char **ski)
goto out;
}
d = os->data;
dsz = os->length;
if (!X509_pubkey_digest(x, EVP_sha1(), md, &md_len)) {
warnx("%s: X509_pubkey_digest", fn);
goto out;
}
if (dsz != SHA_DIGEST_LENGTH) {
if (os->length < 0 || md_len != (size_t)os->length) {
warnx("%s: RFC 6487 section 4.8.2: SKI: "
"want %d bytes SHA1 hash, have %d bytes",
fn, SHA_DIGEST_LENGTH, dsz);
"want %u bytes SHA1 hash, have %d bytes",
fn, md_len, os->length);
goto out;
}
if ((pubkey = X509_get_X509_PUBKEY(x)) == NULL) {
warnx("%s: X509_get_X509_PUBKEY", fn);
goto out;
}
if (!X509_PUBKEY_get0_param(NULL, &spk, &spkz, NULL, pubkey)) {
warnx("%s: X509_PUBKEY_get0_param", fn);
goto out;
}
if (!EVP_Digest(spk, spkz, spkd, NULL, EVP_sha1(), NULL)) {
warnx("%s: EVP_Digest failed", fn);
goto out;
}
if (memcmp(spkd, d, dsz) != 0) {
if (memcmp(os->data, md, md_len) != 0) {
warnx("%s: SKI does not match SHA1 hash of SPK", fn);
goto out;
}
*ski = hex_encode(d, dsz);
*ski = hex_encode(md, md_len);
rc = 1;
out:
ASN1_OCTET_STRING_free(os);