claudio [Mon, 13 Mar 2023 16:52:41 +0000 (16:52 +0000)]
Add F_CTL_LEAKED and F_CTL_INELIGIBLE flags for bgpctl to show leaked
and ineligible paths.
While there rename F_PREF_OTC_LOOP to F_PREF_OTC_LEAK since this indicates
that a route leak was detected.
OK tb@
claudio [Mon, 13 Mar 2023 16:39:29 +0000 (16:39 +0000)]
Try to explain that the neighor role is required to enable both
ASPA validation and RFC9234 OTC leak detection and role capability.
The role on iBGP peers is forced to 'none' since it makes no sense there.
After input from benno@
job [Mon, 13 Mar 2023 15:50:40 +0000 (15:50 +0000)]
Merge calling print_certification_path() into adjacent else branch
OK tb@
mbuhl [Mon, 13 Mar 2023 14:58:01 +0000 (14:58 +0000)]
Fix potential underflow when printing STP data.
Reported by Peter J. Philipp
ok claudio
job [Mon, 13 Mar 2023 13:42:01 +0000 (13:42 +0000)]
Refactor whats printed when in filemode
OK tb@
claudio [Mon, 13 Mar 2023 13:36:56 +0000 (13:36 +0000)]
Fix usbpcap handler to properly detect overflows using TCHECK macros.
OK mpi@ mbuhl@
aoyama [Mon, 13 Mar 2023 11:59:39 +0000 (11:59 +0000)]
Add "machine poweroff" command on luna88k bootloader.
ok miod@
tb [Mon, 13 Mar 2023 10:39:03 +0000 (10:39 +0000)]
Revert accidental change from explicit to implicit tagging in r1.86.
ok job
job [Mon, 13 Mar 2023 09:24:37 +0000 (09:24 +0000)]
Rename some data fields to closer match their provenance
OK tb@
tb [Mon, 13 Mar 2023 07:31:09 +0000 (07:31 +0000)]
Stop confusing out and asn_bio in BIO_new_NDEF()
BIO_new_NDEF() sets up an ASN.1 BIO to the output chain and then adds even
more BIOs. Since BIO_push(bio, new_tail) returns bio on success, after the
if ((out = BIO_push(asn_bio, out)) != NULL) the 'out' BIO and the 'asn_bio'
are the same. The code then goes on and uses one or the other. This is very
confusing. Simply stop using out once it's appended to asn_bio.
ok jsing
kettenis [Mon, 13 Mar 2023 07:30:44 +0000 (07:30 +0000)]
regen
kettenis [Mon, 13 Mar 2023 07:30:11 +0000 (07:30 +0000)]
Add Kingston NV2 NVMe drive.
deraadt [Mon, 13 Mar 2023 04:15:44 +0000 (04:15 +0000)]
sync
cheloha [Sun, 12 Mar 2023 22:18:58 +0000 (22:18 +0000)]
sh, landisk: set HZ=64 again
The addition of HZ to sys/kernel.h in v1.26 overrides the default
definition of HZ in sh/clock.c, changing landisk from HZ=64 to HZ=100.
Explicitly set HZ=64 in the GENERIC and RAMDISK config(8) files to can
change it from 100 back to 64.
Not sure if this is the best thing, but it does fix the problem.
Problem confirmed by, and fix tested by, miod@.
ok miod@
jmc [Sun, 12 Mar 2023 20:14:41 +0000 (20:14 +0000)]
correct macro request (.nm -> .Nm);
kettenis [Sun, 12 Mar 2023 19:02:34 +0000 (19:02 +0000)]
rkcomphy(4)
tb [Sun, 12 Mar 2023 17:29:02 +0000 (17:29 +0000)]
pk7_cb() and cms_cb()
Add and fix FALLTHROUGH statement. I was confused for way too long since
I hadn't noticed that this case fell through to the next. Also add and
move some empty lines in the cms_cb() to make this resemble KNF more.
kettenis [Sun, 12 Mar 2023 14:29:50 +0000 (14:29 +0000)]
Add rkcomphy(3), a driver for the "naneng" combo PHY found on the RK356x
(and RK3588). This is a PIPE PHY with support for PCIe, SATA, USB3, SGMII
and QSGMII. For now only PCIe, SATA and USB3 support are implemented.
SATA support has not been tested.
Also add the refernce clocks needed by the PHYs to rkclock(4).
ok mlarkin@
tb [Sun, 12 Mar 2023 13:31:39 +0000 (13:31 +0000)]
zap a tab
job [Sun, 12 Mar 2023 12:11:45 +0000 (12:11 +0000)]
Alphabetically sort various bits and pieces - mechanical change
Might make later refactors easier to follow
OK tb@
job [Sun, 12 Mar 2023 11:55:34 +0000 (11:55 +0000)]
Add crl.c in various places to gain access to the new helper
job [Sun, 12 Mar 2023 11:54:56 +0000 (11:54 +0000)]
Refactor expiration calculation
Unify common code paths which find the exact expiry moment into a new
helper function. Additionally, the new helper offers more accuracy by
checking more applicable CRLs whether their 'nextupdate' is 'sooner'.
tb@ noted: The helper adds a multiplier of log(#crls), but that's
certainly acceptable as it is still very cheap.
OK tb@
tb [Sun, 12 Mar 2023 11:49:02 +0000 (11:49 +0000)]
Avoid an 1 byte out-of-bounds read in ASN1_PRINTABLE_type()
In case the input is not NUL terminated, the reversed check for length
and terminating NUL results in a one-byte overread. The documentation
says that the input should be a string, but in ASN.1 land you never
know...
Reported by Guido Vranken a while back
ok beck
tb [Sun, 12 Mar 2023 11:46:35 +0000 (11:46 +0000)]
Initialize the local signtime variable in the individual *_parse()
functions
ok job
tb [Sun, 12 Mar 2023 11:45:52 +0000 (11:45 +0000)]
Invalidate the signtime output parameter in cms_parse_validate_internal()
and in cms_get_signtime().
ok job
jmatthew [Sun, 12 Mar 2023 10:50:06 +0000 (10:50 +0000)]
Enable mvtemp(4)
jmatthew [Sun, 12 Mar 2023 10:49:05 +0000 (10:49 +0000)]
Update supported hardware list and fix spelling of Marvell while I'm here
jmatthew [Sun, 12 Mar 2023 10:46:27 +0000 (10:46 +0000)]
Match on the Armada 380 temperature sensor, which works the same as the
CP110 sensor.
ok kettenis@
dtucker [Sun, 12 Mar 2023 10:40:39 +0000 (10:40 +0000)]
Put upper bound on number of entries in SSH2_MSG_EXT_INFO request.
This is already constrained by the maximum SSH packet size but this
makes it explicit. Prompted by Coverity CID 291868, ok djm@ markus@
dtucker [Sun, 12 Mar 2023 09:41:18 +0000 (09:41 +0000)]
calloc can return NULL but xcalloc cannot. From Coverity CID 291881,
ok djm@
tb [Sat, 11 Mar 2023 21:14:26 +0000 (21:14 +0000)]
Remove a few extra spaces
miod [Sat, 11 Mar 2023 20:56:01 +0000 (20:56 +0000)]
New alpha secondary boot blocks using the MI code base. Not linked to the
build yet.
miod [Sat, 11 Mar 2023 20:52:02 +0000 (20:52 +0000)]
Remove long dead "tool".
miod [Sat, 11 Mar 2023 20:49:33 +0000 (20:49 +0000)]
Allow strip and objcopy to be overrridden, for easier cross-buildability. NFC
tb [Sat, 11 Mar 2023 16:29:48 +0000 (16:29 +0000)]
Switch an early return into goto err
tb [Sat, 11 Mar 2023 16:02:06 +0000 (16:02 +0000)]
Tiny cleanup for readability
Turn a malloc() into calloc() and check two function calls directly
forever instead of a combined check afterward.
tb [Sat, 11 Mar 2023 15:56:03 +0000 (15:56 +0000)]
Use "if (ptr == NULL)" instead of "if (!ptr)"
Requested by jsing
tb [Sat, 11 Mar 2023 15:50:13 +0000 (15:50 +0000)]
Fix double free after BIO_new_NDEF()
Once the asn_bio is prepended to the out chain, and before the asn1_cb()
has done its thing, asn_bio needs to be popped off again on error. Failing
to do this can cause write after frees or double frees when the out BIO
is used after the function returned.
Based on a very complicated diff by Matt Caswell and Viktor Dukhovni.
This was part of the fixes in OpenSSL 1.1.1t.
ok jsing
tb [Sat, 11 Mar 2023 15:29:03 +0000 (15:29 +0000)]
Fix an off-by-one in dsa_check_key()
The private key is a random number in [1, q-1], so 1 must be allowed.
Since q is at least an 160-bit prime and 2^159 + 1 is not prime (159
is not a power of 2), the probability that this is hit is < 2^-159,
but a tiny little bit wrong is still wrong.
Found while investigating a report by bluhm
ok jsing
jsing [Sat, 11 Mar 2023 14:29:02 +0000 (14:29 +0000)]
Call CRYPTO_cleanup_all_ex_data() from OPENSSL_cleanup().
Issue reported by Graham Percival (@gperciva)
ok tb@
jsing [Sat, 11 Mar 2023 14:27:37 +0000 (14:27 +0000)]
Add OPENSSL_cleanup() calls to some regress.
This gets us some minimal test coverage.
jsing [Sat, 11 Mar 2023 14:14:54 +0000 (14:14 +0000)]
Avoid -0 in BN_div_word().
Currently, the use of BN_div_word() can result in -0 - avoid this by
setting negative again, at the end of the computation.
Should fix oss-fuzz 56667.
ok tb@
jsing [Sat, 11 Mar 2023 14:13:11 +0000 (14:13 +0000)]
Correct sign handling in BN_add_word().
A sign handling bug was introduced to BN_add_word() in bn_word.c r1.18.
When handling addition to a negative bignum, the BN_sub_word() call can
result in the sign being flipped, which we need to account for. Use the
same code in BN_sub_word() - while not technically needed here it keeps
the code consistent.
Issue discovered by tb@
ok tb@
jsing [Sat, 11 Mar 2023 14:05:02 +0000 (14:05 +0000)]
Remove a pesky space.
jsing [Sat, 11 Mar 2023 14:04:21 +0000 (14:04 +0000)]
Add regress coverage for BN_{add,sub,mul,div,mod}_word().
This also provides some indirect coverage for BN_hex2bn(), BN_bn2hex() and
BN_get_word().
Two of these tests are currently failing and will be fixed shortly.
jsing [Sat, 11 Mar 2023 14:02:26 +0000 (14:02 +0000)]
Mark test table as static const.
aoyama [Sat, 11 Mar 2023 10:33:27 +0000 (10:33 +0000)]
Add missing $OpenBSD$ tag.
claudio [Sat, 11 Mar 2023 10:06:17 +0000 (10:06 +0000)]
Bump version to 7.8
claudio [Sat, 11 Mar 2023 10:04:59 +0000 (10:04 +0000)]
Factor out the cache reset logic into rtr_reset_cache() and use it
consitently in all places where the cache should be reset.
Additionally adjust the FSM to handle a connection close event in the
protocol negotiation phase as a protocol mismatch. Some caches fail
to send an error PDU and this allows them to work. A drawback is that
if the connection is closed because of a different reason the system
will fall back to a lower then necessary version. The RFC and draft
mandates this behaviour.
OK tb@
bluhm [Fri, 10 Mar 2023 23:02:30 +0000 (23:02 +0000)]
btrace(8) retrieves the types of the arguments of each tracepoint
from the kernel. Add them to a cache when needed, and print them
with btrace -l. If the argument is of type int, print the value
as %d signed integer. This gives pretty output for refcnt changes.
All other types still use %ul.
The probe and argument number can be used as array index. Remove
the qsort and search for probe number to simplify the code. Use
array index for both probes and argument types.
OK mpi@
bluhm [Fri, 10 Mar 2023 22:14:32 +0000 (22:14 +0000)]
Add new dt(4) ioctl DTIOCGARGS to get the types of probe arguments.
They are already tracked as strings in the kernel. Export them to
userland using one ioctl(2) for all arguments of each probe.
OK mpi@
krw [Fri, 10 Mar 2023 20:16:53 +0000 (20:16 +0000)]
Remove unused make variables FSTYPE (=install360) and FSDISKTYPE
(=mini34). Preparatory to removing some obsolete/unused disktab
entries.
tobhe [Fri, 10 Mar 2023 19:26:06 +0000 (19:26 +0000)]
Fix possible leak of spibuf and flowbuf in error case.
ok patrick@ bluhm@
tb [Fri, 10 Mar 2023 16:47:36 +0000 (16:47 +0000)]
sync
tb [Fri, 10 Mar 2023 16:45:50 +0000 (16:45 +0000)]
Crankl libcrypto/libssl/libtls minors after symbol addition
tb [Fri, 10 Mar 2023 16:44:43 +0000 (16:44 +0000)]
Update Symbols.list
tb [Fri, 10 Mar 2023 16:44:07 +0000 (16:44 +0000)]
Expose various X509_STORE_*check_issued()
tb [Fri, 10 Mar 2023 16:43:02 +0000 (16:43 +0000)]
Expose X509_CRL_get0_sigalg() and X509_get0_uids
tb [Fri, 10 Mar 2023 16:41:32 +0000 (16:41 +0000)]
Expose UI_null()
tb [Fri, 10 Mar 2023 16:41:07 +0000 (16:41 +0000)]
Expose the EVP_CIPHER_meth_* API (setter only) in evp.h
job [Fri, 10 Mar 2023 12:44:56 +0000 (12:44 +0000)]
mechanical change, rename struct members to match the original X509 names
OK tb@
job [Fri, 10 Mar 2023 12:02:11 +0000 (12:02 +0000)]
Show the X.509 notBefore in filemode
OK tb@
tb [Fri, 10 Mar 2023 11:55:38 +0000 (11:55 +0000)]
ASN.1 BIO: properly wire up prefix_free and suffix_free
If something goes wrong before the ASN.1 BIO state machine has passed
both flushing states, asn1_bio_free() forgets to free the ndef_aux
and the ex_arg since the prefix_free() and suffix_free callbacks are
not called.
This can lead to leaks, notably in streaming bios.
Part of https://github.com/openssl/openssl/pull/15999
I have a regress covering this but it is not yet ready to land.
ok beck jsing
claudio [Fri, 10 Mar 2023 11:04:26 +0000 (11:04 +0000)]
Add the necessary stack offsets for macppc so dt(4).
Tested on a G5 and G4 macppc.
OK miod@
claudio [Fri, 10 Mar 2023 11:01:52 +0000 (11:01 +0000)]
Update the stack offset for the profile probe to account for the clockintr
API functions. Fixes flamegraphs on archs I could test.
OK bluhm@ miod@
kettenis [Fri, 10 Mar 2023 10:54:29 +0000 (10:54 +0000)]
Implement setting the parent clock for RK356x. This includes code for
setting external parent clocks, which is needed to switch to the clock
provided by the Ethernet PHY.
ok patrick@
kn [Fri, 10 Mar 2023 10:33:40 +0000 (10:33 +0000)]
Fix error on installer abort/exit
^C during questiong yields
/install: /tmp/cppid: cannot open $(<) input
The trap handler must first test existence, then read the PID file.
Quote like other PID file constructs in install.sub do.
Use newlines to make the trap function readable.
OK miod
kettenis [Fri, 10 Mar 2023 10:22:55 +0000 (10:22 +0000)]
Take controller out of reset; makes it work on rk356x.
ok patrick@, mlarkin@
tb [Fri, 10 Mar 2023 09:56:09 +0000 (09:56 +0000)]
Return the correct type for ASN.1 BOOLEANs
ASN.1 BOOLEANs and ASN.1 NULL are handled specially in the ASN.1 sausage
factory and they are special in that they don't have a->value.ptr set.
Both need to be special cased here since they fail the a->type.ptr != NULL
check.
Apart from fixing an obvious bug in ASN1_TYPE_get(), this fixes another
crash in openssl(1) asn1parse. There is more to do in the vicinity, but
that is more complex and will have to wait for OpenBSD 7.3-current.
with/ok jsing
tb [Fri, 10 Mar 2023 09:44:54 +0000 (09:44 +0000)]
openssl(1) asn1parse: avoid crash with ASN.1 BOOLEANS
When pointing openssl asn1parse -strparse at DER octets 01 01, it crashes:
$ printf '<\x01\x01>' | openssl asn1parse -inform der -strparse 1
Refuse to parse BOOLEAN types instead, which avoids a crash in hensonian
/* hmm... this is a little evil, but it works */ code.
Found while poking at CMS timestamps to understand one of job's diffs.
with/ok jsing
claudio [Fri, 10 Mar 2023 07:57:15 +0000 (07:57 +0000)]
Compile the output filter rules into per peer filter rules.
especially on route-servers the output filters are in the hot path so
reducing the number of rules to check has a big impact. I have seen a
25% to 30% speedup in my big IXP testbench.
The output ruleset is applied and copied for each peer during config reload
and when a peer is initially added.
OK tb@
dtucker [Fri, 10 Mar 2023 07:17:08 +0000 (07:17 +0000)]
Explicitly ignore return from fcntl(... FD_CLOEXEC) here too.
Coverity CID 291853.
dtucker [Fri, 10 Mar 2023 04:06:21 +0000 (04:06 +0000)]
Plug mem leak on error path. Coverity CID 405026, ok djm@.
dtucker [Fri, 10 Mar 2023 03:01:51 +0000 (03:01 +0000)]
Expliticly ignore return code from fcntl(.. FD_CLOEXEC) since there's
not much we can do anyway. From Coverity CID 291857, ok djm@
djm [Fri, 10 Mar 2023 02:32:04 +0000 (02:32 +0000)]
Like sshd_config, some ssh_config options are not first-match-wins.
sshd_config.5 was fixed in r1.348, this is the same for this file
dtucker [Fri, 10 Mar 2023 02:24:56 +0000 (02:24 +0000)]
Remove no-op (int) > INT_MAX checks since they can never be true.
From Coverity CID 405031, ok djm@
jcs [Thu, 9 Mar 2023 21:06:24 +0000 (21:06 +0000)]
modify parentheses in conditionals to make it clearer what is being
assigned and what is being checked
ok djm dtucker
naddy [Thu, 9 Mar 2023 19:49:57 +0000 (19:49 +0000)]
remove obsolete libLLVM.so.[0-6].0 during upgrade
ok kn@ deraadt@
kettenis [Thu, 9 Mar 2023 19:48:42 +0000 (19:48 +0000)]
Check that a PCIe port isn't disabled in the device tree.
ok patrick@
tb [Thu, 9 Mar 2023 18:53:24 +0000 (18:53 +0000)]
Unwrap a few lines and zap a tab
tb [Thu, 9 Mar 2023 18:20:10 +0000 (18:20 +0000)]
Add missing error checking in PKCS7
Check the return value of BIO_set_md(). Prompted by OpenSSL's fix for
CVE-2023-0401 (the crash in that bug is an OpenSSL 3-only problem due
to provider design).
ok beck jsing
claudio [Thu, 9 Mar 2023 17:21:21 +0000 (17:21 +0000)]
Implement ASPA support in RTR by following draft-ietf-sidrops-8210bis-10.
In rtr.c renamed rtr_aspa_merge_set() to rtr_aspa_insert() and move it
close to rtr_roa_insert().
In rtr_proto.c most complexity comes from the version negotiation. The
ASPA parser is reasonably streight forward. The version negotiation is
fragile but that is mostly because of the protocol specification and the
fact that RTR cache daemons sometimes fail to send errors.
OK tb@
job [Thu, 9 Mar 2023 15:48:51 +0000 (15:48 +0000)]
Fix segfault in filemode for TAK objects
job [Thu, 9 Mar 2023 15:40:41 +0000 (15:40 +0000)]
Fix segfault in filemode for RSC objects
jsg [Thu, 9 Mar 2023 13:17:28 +0000 (13:17 +0000)]
workaround Intel Braswell/Cherry Trail mwait hang
dlg has a Dell Wyse 3040 with
cpu0: Intel(R) Atom(TM) x5-Z8350 CPU @ 1.44GHz, 480.02 MHz, 06-4c-04
cpu0: mwait min=64, max=64, C-substates=0.2.0.0.0.0.3.3, IBE
which hangs soon after the login prompt with MP kernels
This is a hardware bug described in:
Intel Atom Z8000 Processor Series Specification Update
Document Number: 332067-012
"CHT45 Processor May Not Wake From C6 or Deeper Sleep State"
tested by dlg@, ok guenther@
claudio [Thu, 9 Mar 2023 13:13:14 +0000 (13:13 +0000)]
Add role output to bgpctl, also adjust the capability output.
Note, this changes the JSON output of neighbors a bit.
Part of the large RFC9234 rework in bgpd.
OK tb@
claudio [Thu, 9 Mar 2023 13:12:19 +0000 (13:12 +0000)]
Major rework of RFC9234 support. My initial interpretation of the RFC was
too conservative. Fixes and changes include:
- add role output to bgpctl, also adjust the capability output.
Note, this changes the JSON output of neighbors a bit.
- adjust the config parser to enable the RFC9234 role capability when
there is a role set. iBGP and sessions with no role will not announce
the role capability.
- adjust the role capability announcement to be only on sessions that
use either AFI IPv4 or IPv6 and SAFI 1 (AID_INET, AID_INET6).
- if there is an OPEN notification indicating that the role capability
is bad only disable the capability if it is not enforced.
- Adjust capability negotiation, store remote_role on the peer since
the neighbors role is no longer needed by the RDE.
- inject the OTC attribute on ingress only for AID_INET and AID_INET6.
For other AIDs clear the F_ATTR_OTC_LOOP flag.
- Adjust the role logic in the RDE and use the peer->role (local role of
the system) for all checks. Also remove the check if the role capability
was negotiated between peers.
- In prefix_eligible() check also if the F_ATTR_OTC_LOOP flag is set.
The RFC requires that prefixes must be considered ineligible (and not
treat as withdraw as done before)
- When generating an UPDATE include the OTC attribute unless the AID is
neither AID_INET or AID_INET6.
Fixes https://github.com/openbgpd-portable/openbgpd-portable/issues/51
Reported by Pier Carlo Chiodi
OK tb@
job [Thu, 9 Mar 2023 12:54:28 +0000 (12:54 +0000)]
In filmode also show 'Not After' for GBR records
OK tb@
claudio [Thu, 9 Mar 2023 10:29:04 +0000 (10:29 +0000)]
Improve vnet(4) to work better in busy conditions.
No longer limit the ifq size to a low number, increase the slots on the
DMA Ring a bit and abstract the VNET buffer size into a define.
Enqueue packets on the ring but mark the initial packet ready at the end.
This way the other ldom is not able to rush ahead and overconsume packets.
The dring indexes are passed between ldoms and can get out of sync with
causes the TX ring to stall.
Tested by myself and jan@
OK kettenis@ jan@ kn@
job [Thu, 9 Mar 2023 09:46:21 +0000 (09:46 +0000)]
Show CMS signing-time signed attribute in filemode
OK tb@
dtucker [Thu, 9 Mar 2023 07:11:05 +0000 (07:11 +0000)]
Re-split the merge of the reorder-hostkeys test.
In the kex_proposal_populate_entries change I merged the the check for
reordering hostkeys with the actual reordering, but kex_assemble_names
mutates options.hostkeyalgorithms which renders the check ineffective.
Put the check back where it was. Spotted and tested by jsg@, ok djm@
djm [Thu, 9 Mar 2023 06:58:26 +0000 (06:58 +0000)]
include destination constraints for smartcard keys too.
Spotted by Luci Stanescu; ok deraadt@ markus@
anton [Thu, 9 Mar 2023 06:22:40 +0000 (06:22 +0000)]
Cope with recent changes to alignment of command column.
dlg [Thu, 9 Mar 2023 06:01:40 +0000 (06:01 +0000)]
document BIOC[SGD]WTIMEOUT
dlg [Thu, 9 Mar 2023 05:56:58 +0000 (05:56 +0000)]
add a timeout between capturing a packet and making the buffer readable.
before this, there were three reasons that a bpf read will finish.
the first is the obvious one: the bpf packet buffer in the kernel
fills up. by default this is about 32k, so if you're only capturing
a small packet packet every few seconds, it can take a long time
for the buffer to fill up before you can read them.
the second is if bpf has been configured to enable immediate mode with
ioctl(BIOCIMMEDIATE). this means that when any packet is written into
the bpf buffer, the buffer is immediately readable. this is fine
if the packet rate is low, but if the packet rate is high you don't
get the benefit of buffering many packets that bpf is supposed to
provide.
the third mechanism is if bpf has been configured with the BIOCSRTIMEOUT
ioctl, which sets a maximum wait time on a bpf read. BIOCSRTIMEOUT
means than a clock starts ticking down when a program (eg pflogd)
reads from bpf. when the clock reaches zero then the read returns
with whatever is in the bpf packet buffer. however, there could be
nothing in the buffer, and the read will still complete.
deraadt@ noticed this behaviour with pflogd. it wants packets logged
by pf to end up on disk in a timely fashion, but it's fine with
tolerating a bit of delay so it can take advantatage of buffering
to amortise the cost of the reads per packet. it currently does
this with BIOCSRTIMEOUT set to half a second, which means it's
always waking up every half second even if there's nothing to log.
this diff adds BIOCSWTIMEOUT, which specifies a timeout from when
bpf first puts a packet in the capture buffer, and when the buffer
becomes readable.
by default this wait timeout is infinite, meaning the buffer has
to be filled before it becomes readable. BIOCSWTIMEOUT can be set
to enable the new functionality. BIOCIMMEDIATE is turned into a
variation of BIOCSWTIMEOUT with the wait time set to 0, ie, wait 0
seconds between when a packet is written to the buffer and when the
buffer becomes readable. combining BIOCSWTIMEOUT and
BIOCIMMEDIATE simplifies the code a lot.
for pflogd, this means if there are no packets to capture, pflogd
won't wake up every half second to do nothing. however, when a
packet is logged by pf, bpf will wait another half second to see
if any more packets arrive (or the buffer fills up) before the read
fires.
discussed a lot with deraadt@ and sashan@
ok sashan@
cheloha [Thu, 9 Mar 2023 03:50:38 +0000 (03:50 +0000)]
clockintr: add a priority queue
- Add cq_pend to struct clockintr_queue. cq_pend is the list of clock
interrupts pending to run, sorted in ascending order by cl_expiration
(earliest deadline first; EDF). If the cl_expiration of two
clockintrs is equal, the first clock interrupt scheduled has priority
(FIFO).
We may need to switch to an RB tree or a min-heap in the future.
For now, there are only three clock interrupts, so a linked list
is fine.
- Add cl_flags to struct clockintr. We have one flag, CLST_PENDING.
It indicates whether the given clockintr is enqueued on cq_pend.
- Rewrite clockintr_dispatch() to operate on cq_pend. Clock
interrupts are run in EDF order until the most imminent clockintr
expires in the future.
- Add code to clockintr_establish(), clockintr_advance() and
clockintr_schedule() to enqueue/dequeue the given clockintr
on cq_est and cq_pend as needed.
- Add cq_est to struct clockintr_queue. cq_est is the list of all
clockintrs established on a clockintr_queue.
- Add a new counter, cs_spurious, to clockintr_stat. A dispatch is
"spurious" if no clockintrs are on cq_pend when we call
clockintr_dispatch().
With input from aisha@. Heavily tested by mlarkin@. Shared with
hackers@.
ok aisha@ mlarkin@
chris [Thu, 9 Mar 2023 00:13:47 +0000 (00:13 +0000)]
Fix comment to reflect the disabled status of Energy Efficient Ethernet.
Intel just disabled EEE for 1Gbps and 2.5Gbps modes on both i225 and i226
chips due to bugs. We already had it this way.
ok patrick@ kevlo@
bluhm [Wed, 8 Mar 2023 23:17:02 +0000 (23:17 +0000)]
An invalid source routing IP option could overwrite kernel memory
by using a bad option length. This bug is only reachable if both
pf IP option check is disabled and IP source routing is enabled.
reported by @fuzzingrf Erg Noor
OK claudio@ deraadt@
stsp [Wed, 8 Mar 2023 22:25:52 +0000 (22:25 +0000)]
update the list of firmware files in the iwx(4) man page
cheloha [Wed, 8 Mar 2023 18:05:05 +0000 (18:05 +0000)]
amd64: lapic_timer_rearm: don't reset mode, mask, divisor
The apic timer mode, mask, and divisor are set during lapic_timer_trigger().
We don't need to reset them when rearming the timer. On physical hardware
the difference is too small to measure, but skipping two apic writes may be
a bit faster when we're running in a VM.
Bochs also likes to log when the apic divisor is changed:
38569516308i[APIC0 ] set timer divide factor to 1
38569517335i[APIC0 ] set timer divide factor to 1
38569518042i[APIC0 ] set timer divide factor to 1
[...]
With this change, Bochs is a lot less noisy.
Idea from mlarkin@.
ok mlarkin@