| created | 2020-01-31T14:58:43Z |
|---|---|
| begin | 2020-01-25T00:00:00Z |
| end | 2020-01-26T00:00:00Z |
| path | src/sys |
| commits | 12 |
| date | 2020-01-25T01:28:38Z | |||
|---|---|---|---|---|
| author | deraadt | |||
| files | src/sys/kern/exec_elf.c | log | diff | annotate |
| message |
The ELF NOTE parser would only inspect the first NOTE for 'OpenBSD'. Furthermore the parser was unaware a NOTE could contain multiple records. The scanner has been rewritten. Another bonus bug: if the binary was labelled as OPENBSD ABI, NOTE parsing was completely skipped so WXNEEDED wasn't learned either... Now that NOTEs are scanned correctly, search for the 'Go' NOTE. (During this work found the Go linker produces slightly broken NOTEs - Go team will probably fix that). Work is happening for our Go dynamic-binaries to use libc syscall stubs, but the change isn't ready. Go (and reportedly free-pascal also?) binaries are the only dynamic programs which require syscalls in the main-program. Since Go binaries are now identifiable, we can disable syscalls in all other regular dynamic-main-programs, gaining the strict enforcement we want. When the the Go-libc-stub change arrives we'll delete the Go NOTE scan and treat Go binaries same as regular binaries. This change probably breaks free-pascal, a lower priority item to repair. some discussion with jsing, ok kettenis |
|||
| date | 2020-01-25T05:10:53Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_tun.c | log | diff | annotate |
| message |
rework the driver to better manage lifetimes and device lifetimes. i want to make tun_dev_read and tun_dev_write safe to run without the kernel lock. the problem with that is you need a way to prevent the tun_softc from going away while it's being used by those syscall paths rather than relying on the big lock to serialise them. blocking reads sleep, and this was coped with by checking if the interface went away or changed by looking up the ifindex after every sleep and seeing if the ifp changed. i wanted to simplify this by just refusing to let an interface get destroyed while the device side is open. everyone i asked at a2k20 about whether this was acceptable said this is wrong and i was a terrible person for trying to make my life easier for myself. so i ended up going down this rabbit hole. the code now keeps track of the actual device node (ie, both the major and minor) which is open, and when the interface is destroyed it calls VOP_REVOKE against it. this basically calls tun_dev_close immediately, and wires the fd/vfs stuff up against some deadfs thing which makes subsequent operations fail as if the device was pulled. this is good. previously if a tun/tap interface was destroyed while it was open, and then got recreated, userland wouldnt notice and would just go ahead and use the newly created device as if it always had it open. now it actually has access revoked, and access to a newly created tun/tap interface has to have a new tun_dev_open call against it. im putting this in now so people can have a go at it. claudio@ and i have been hitting it pretty hard, but more testing is welcome. ok claudio@ |
|||
| date | 2020-01-25T05:28:31Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_tun.c | log | diff | annotate |
| message | use SMRs to find the right tun_softc on syscall entries. | |||
| date | 2020-01-25T05:38:02Z | |||
|---|---|---|---|---|
| author | jmatthew | |||
| files | src/sys/dev/pci/mfii.c | log | diff | annotate |
| message |
use SMR rather than SRP to protect the device handle array ok dlg@ |
|||
| date | 2020-01-25T06:31:32Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_tun.c | log | diff | annotate |
| src/sys/net/ifq.c | log | diff | annotate | |
| src/sys/net/ifq.h | log | diff | annotate | |
| message |
tweaks sleeping for an mbuf so it's more mpsafe. the stack puts an mbuf on the tun ifq, and ifqs protect themselves with a mutex. rather than invent another lock that tun can wrap these ifq ops with and also coordinate it's conditionals (reading and dying) with, try and reuse the ifq mtx for the tun stuff too. because ifqs are more special than tun, this adds a special ifq_deq_sleep to ifq code that tun can call. tun just passes the reading and dying variables to ifq to check, but the tricky stuff about ifqs are kept in the right place. with this, tun_dev_read should be callable without the kernel lock. |
|||
| date | 2020-01-25T10:56:43Z | |||
|---|---|---|---|---|
| author | dlg | |||
| files | src/sys/net/if_tun.c | log | diff | annotate |
| message |
move the SMR_LIST_REMOVE and smr_barrier up in tun_clone_destroy. without this the tun_softc is still available on the list for the syscalls to get to, even though the device is dead and should no longer be referenced. by leaving it in the list after the refcnt_finalize, it was still be found and was used. found by claudio@ jmatthew@ agrees with the change |
|||
| date | 2020-01-25T12:52:10Z | |||
|---|---|---|---|---|
| author | patrick | |||
| files | src/sys/arch/arm64/conf/GENERIC | log | diff | annotate |
| message | Enable umt(4) | |||
| date | 2020-01-25T21:40:34Z | |||
|---|---|---|---|---|
| author | krw | |||
| files | src/sys/scsi/cd.c | log | diff | annotate |
| message |
Ensure scsi_minphys() is always called on the physio() path. Will allow simplification of individual driver *minphys() functions. ok jmatthew@ as part of larger diff |
|||
| date | 2020-01-25T21:40:35Z | |||
|---|---|---|---|---|
| author | krw | |||
| files | src/sys/scsi/sd.c | log | diff | annotate |
| src/sys/scsi/st.c | log | diff | annotate | |
| message |
Ensure scsi_minphys() is always called on the physio() path. Will allow simplification of individual driver *minphys() functions. ok jmatthew@ as part of larger diff |
|||
| date | 2020-01-25T21:48:42Z | |||
|---|---|---|---|---|
| author | krw | |||
| files | src/sys/dev/softraid.c | log | diff | annotate |
| src/sys/dev/atapiscsi/atapiscsi.c | log | diff | annotate | |
| src/sys/dev/ic/adv.c | log | diff | annotate | |
| src/sys/dev/ic/adw.c | log | diff | annotate | |
| src/sys/dev/ic/aic79xx_openbsd.c | log | diff | annotate | |
| src/sys/dev/ic/aic7xxx_openbsd.c | log | diff | annotate | |
| src/sys/dev/ic/ami.c | log | diff | annotate | |
| src/sys/dev/ic/cac.c | log | diff | annotate | |
| src/sys/dev/ic/ciss.c | log | diff | annotate | |
| src/sys/dev/ic/gdt_common.c | log | diff | annotate | |
| src/sys/dev/ic/iha.c | log | diff | annotate | |
| src/sys/dev/ic/mfi.c | log | diff | annotate | |
| src/sys/dev/ic/mpi.c | log | diff | annotate | |
| src/sys/dev/ic/oosiop.c | log | diff | annotate | |
| src/sys/dev/ic/osiop.c | log | diff | annotate | |
| src/sys/dev/ic/siop_common.c | log | diff | annotate | |
| src/sys/dev/ic/trm.c | log | diff | annotate | |
| src/sys/dev/ic/twe.c | log | diff | annotate | |
| src/sys/dev/ic/uha.c | log | diff | annotate | |
| src/sys/dev/isa/wds.c | log | diff | annotate | |
| src/sys/dev/pci/arc.c | log | diff | annotate | |
| message |
Drivers that implement their own *minphys() don't need to call the system minphys(). scsi_minphys() will do that and cd/sd/st will call scsi_minphys(). ok jmatthew@ as part of larger diff |
|||
| date | 2020-01-25T21:48:43Z | |||
|---|---|---|---|---|
| author | krw | |||
| files | src/sys/dev/sdmmc/sdmmc_scsi.c | log | diff | annotate |
| src/sys/dev/usb/umass_scsi.c | log | diff | annotate | |
| message |
Drivers that implement their own *minphys() don't need to call the system minphys(). scsi_minphys() will do that and cd/sd/st will call scsi_minphys(). ok jmatthew@ as part of larger diff |
|||
| date | 2020-01-25T21:56:49Z | |||
|---|---|---|---|---|
| author | krw | |||
| files | src/sys/kern/kern_physio.c | log | diff | annotate |
| message |
physio() just needs to check for b_bcount overflow. Let the provided minphys() function check for MAXPHYS. Feedback from tedu@ kettenis@ dlg@ ok cheloha@, robert@, jmatthew@ as part of larger diff |
|||