Return arc4_i = arc4_j = 0; line from previous backing out since
just found it in OpenBSD, see their sys/crypto/arc4.c, function
rc4_keysetup, line ctx->x = ctx->y = 0;
Per rwatson's request:
"If you don't get a review within a day or two, I would firmly recommend
backing out the changes"
back out all my changes, i.e. not comes from merging from OpenBSD as
unreviewed by secteam@ yet.
(OpenBSD changes stays in assumption they are reviewd by OpenBSD)
Yes, it means some old bugs returned, like not setted rs_stired = 1 in
arc4random_stir(3) causing double stirring.
Ed Schouten [Fri, 25 Jul 2008 14:31:00 +0000 (14:31 +0000)]
Move ttyinfo() into its own C file.
The ttyinfo() routine generates the fancy output when pressing ^T. Right
now it is stored in tty.c. In the MPSAFE TTY code it is already stored
in tty_info.c. To make integration of the MPSAFE TTY code a little
easier, take the same approach.
This makes the TTY code a little bit more readable, because having the
proc_*/thread_* routines in tty.c is very distractful.
Ed Schouten [Fri, 25 Jul 2008 12:37:46 +0000 (12:37 +0000)]
Remove <sgtty.h> now it has no practical usage.
When I turned sgtty into a binary-only interface (last month), I added
this explicit #error to the header file, to make sure nobody forgot to
remove the header file after updating world.
I think it is now a good moment to remove this header file.
Try again not to use a userspace pointer in the kernel when trying to record
the hostname which we need for NLM requests. The previous patch was incomplete.
Ed Schouten [Thu, 24 Jul 2008 09:54:10 +0000 (09:54 +0000)]
Don't include <sys/tty.h> in non-TTY drivers.
The kbd, kbdmux, ugen and uhid drivers included <sys/tty.h>, because
they needed clists, which have been moved to <sys/clist.h> some time
ago. In the MPSAFE TTY branch, <sys/tty.h> does not include
<sys/clist.h>, which means we have to teach these drivers to include
this header file directly.
Ed Schouten [Wed, 23 Jul 2008 17:47:44 +0000 (17:47 +0000)]
Add TIOCPKT and TIOCSPTLCK to the Linuxolator.
We're very lucky, because the flags used by our TIOCPKT implementation
are the same as flags used by Linux. We can safely enable TIOCPKT,
assuming EXTPROC is not used.
TIOCSPTLCK is used by unlockpt(). Because we don't need unlockpt() in
our implementation, make this ioctl a no-op.
Approved by: philip (mentor, implicit), rdivacky
Obtained from: P4 (//depot/projects/mpsafetty/...)
pjd@'s r180759 was intended to revert r180755 due to ipfilter breakage,
but removed too much, breaking the build in other places instead. Now
that the ipfilter issue has been fixed (or hacked around), address the
second issue by restoring r180755, with one small change. I don't feel
comfortable using assert(3) in a header that will be included in userland
code that may or may not already have an assertion mechanism in place,
so KASSERT() evaluates to a no-op in the !_KERNEL case.
For unfathomable reasons, ipfilter abuses kernel data structures for its
own purposes. To pull this off, it defines _KERNEL before including the
headers where these structures are defined. This leads to no end of
trouble when some of these headers, or other headers that they include,
change, as demonstrated by r180755.
The quick fix in this particular case is to define _WANT_FILE instead of
_KERNEL, conditional on __FreeBSD__. A better long-term fix is left as
an exercise to the reader.
John Baldwin [Wed, 23 Jul 2008 15:13:06 +0000 (15:13 +0000)]
Further refine the probe order of devices to more closely match the previous
behavior. Specifically, probe Host-PCI bridges in the order they are
encountered in the tree. For CPUs, just use an order of 100000 and assume
that no Host-PCI bridges will be more than 10000 levels deep in the
namespace. This fixes an issue on some boxes where the HPET timer stopped
attaching.
The ffs_balloc_ufs{1,2} functions call bdwrite() while having several
vnode buffers locked at once. In particular, there are indirect buffers
among locked ones. The bdwrite() may start the flushing to keep dirty
buffer list at the bounds. If any buffer on the dirty list requires
translation from logical to physical block number, code may ends up
trying to lock an indirect buffer already locked in ffs_balloc_ufsX.
Prevent the bdflush() activity when several buffers are locked at once
by setting the TDP_INBDFUSH for the problematic code blocks.
Reported and tested by: pho, Josef Buchsteiner at Juniper
In collaboration with: kan
MFC after: 1 month
Unbreak cc -pg support on i386. In gcc 4.2, %ecx is used as the arg pointer
when stack realignment is turned on (it is ALWAYS on for main), however
in a profiling build %ecx would be clobbered by mcount(), this would lead
to a segmentation fault when the code tries to reference any argument.
This fix changes mcount() to preserve %ecx.
when NDIS framework try to query/set informations NDIS drivers can
return NDIS_STATUS_PENDING. In this case, it's waiting for 5 secs to
get the response from drivers now. However, some NDIS drivers can send
the response before NDIS framework gets ready to receive it so we might
always be blocked for 5 secs in current implementation. NDIS framework
should reset the event before calling NDIS driver's callback not after.
SATA device on some nForce based boards could get confused if MSI is not
used but MSI to HyperTransport IRQ mapping is enabled, and would act as
if MSI is turned on, resulting in interrupt loss.
This commit will,
1. enable MSI mapping on a device only when MSI is enabled for that
device and the MSI address matches the HT mapping window.
2. enable MSI mapping on a bridge only when a downstream device is
allocated an MSI address in the mapping window
Do the pargs_hold() on the copy of the pointer to the p_args of the
child process immediately after bulk bcopy() without dropping the
process lock.
Since process is not single-threaded when forking, dropping and
reacquiring the lock allows an other thread to change the process title
of the parent in between, and results in hold being done on the invalid
pointer. The problem manifested itself as the double free of the old
p_args.
Ed Schouten [Tue, 22 Jul 2008 21:27:22 +0000 (21:27 +0000)]
Move the NFS/RPC code away from lbolt.
The kernel has a special wchan called `lbolt', which is triggered each
second. It doesn't seem to be used a lot and it seems pretty redundant,
because we can specify a timeout value to the *sleep() routines. In an
attempt to eventually remove lbolt, make the NFS/RPC code use a timeout
of `hz' when trying to reconnect.
Only the TTY code (not MPSAFE TTY) and the VFS syncer seem to use lbolt
now.
Reviewed by: attilio, jhb
Approved by: philip (mentor), alfred, dfr
Fixes based on bde's feedback.
1) Unindent and sort variables.
2) Indent struct members.
3) Remove _packed, use guaranteed >128 bytes size and only first 128
bytes from the structure.
4) Reword comment.
Robert Watson [Tue, 22 Jul 2008 15:29:48 +0000 (15:29 +0000)]
In preparation to sync Apple and FreeBSD versions of security audit,
pick up the Apple Computer -> Apple change in their copyright and
license templates.
Increase initially dropped bytes from 512 to 768 (768 is also
suggested in the Ilya Mironov's article). 768 taken from another
research where it treats as default for RC4-drop(768):
http://www.users.zetnet.co.uk/hopwood/crypto/scan/cs.html#RC4-drop
Trying to fix compilation bustage:
- removing 'const' qualifier from an input parameter to conform to the type
required by rw_assert();
- using in_addr->s_addr to retrive 32 bits address value.
- Disallow XFS mounting in write mode. The write support never worked really
and there is no need to maintain it.
- Fix vn_get() in order to let it call vget(9) with a valid locking
request. vget(9) returns the vnode locked in order to prevent recycling,
but in this case internal XFS locks alredy prevent it from happening, so
it is safe to drop the vnode lock before to return by vn_get().
- Add a VNASSERT() in vget(9) in order to catch malformed locking requests.
1) Use __packed attr on rdat structure to make it exact 128 bytes.
2) Use gettimeofday() and getpid() only if reading from /dev/urandom
fails or impossible.
3) Discard N bytes on very first initialization only (i.e. don't
discard on re-stir).
4) Reduce N from 1024 to 512 as really suggested in the
"(Not So) Random Shuffles of RC4" paper:
http://research.microsoft.com/users/mironov/papers/rc4full.pdf
1) Update copyright notice.
2) Eliminate "struct arc4_stream *as" arg since only single arg is
possible.
3) Set rs.j = rs.i after arc4random key schedule to be more like arc4
stream cipher.
John Baldwin [Mon, 21 Jul 2008 18:43:02 +0000 (18:43 +0000)]
Allocate a single CCB at the start of the main loop of the RAID monitoring
kthread of the mpt(4) driver that hangs around for the entire lifetime of
the thread. Previously the driver would allocate a new CCB using M_WAITOK
with a lock held each time it updated its state. While here, use the
CAM API for allocating a CCB rather than raw malloc(9).