when a virtio device gets reset, we have to also reset the device
shadow indices: availableidx and usedidx. for extra safetly,
we also reset the buffer descriptor table addresses.
this is accomplished by adding a vioqreset(VIOQueue*) function
that brings the queue to its initial reset state.
this fixes non functional ethernet after reboot(8).
The new interface uses pci capability structures to locate the
registers in a rather fine granular way making it more complicated
as they can be located anywhere in any pci bar at any offset.
As far as i can see, qemu (6.0.50) never uses i/o bars in
non-legacy mode, so only mmio is implemented for now.
The previous virtio drivers implemented the legacy interface only
which uses i/o ports for all register accesses. This is still
the preferred method (and also qemu default) as it is easier to
emulate and most likely faster.
However, some vps providers like vultr force the legacy interface
to disabled with qemu -device option "disable-legacy=on" resulting
on a system without a disk and ethernet.
This used to be a internal function, but virtio
uses multiple structures with the same cap type
to indicate the location of various register
blocks in the pci bars so export it.
fn foo @{bar} is now equivalent to
fn foo {@{bar}}. As a side effect,
this disallows creating functions
named after keywords without first
quoting them.
We need a way to parse a rsa certificate request and return the public
key and subject names. The new function X509reqtoRSApub() works the
same way as X509toRSApub() but on a certificate request.
We also need to support certificates that are valid for multiple domain
names (as tlshand does not support certificate selection). For this
reason, a comma separated list is returned as the certificate subject,
making it symmetric to X509rsareq() handling.
A little helper is provided with this change (auth/x5092pub) that takes
a certificate (or a certificate request when -r flag is provided) and
outputs the RSA public key in plan 9 format appended with the subject
attribute.
git/export *almost* produces output that can be
emailed with upas using
git/export $commit | mail maintainer@site.com
but, the
From: commit-id date
line that git generates trips it up. Luckily,
'git am' doesn't seem to care much if that line
is missing, so we can simply omit it with no issue.
There are a number of alphabets in common use for base32
and base64 encoding, such as url-safe encodings.
This adds support for passing a function to encode into
arbitary alphabets.
Authsrv(6) used to be called auth(6) before
the fourth edition and was preprocessed by
eqn(6) before the third edition. The mkfile
was never updated to reflect the changes.
All other files are accounted for:
% cd /sys/man
% for(i in TS EQ PS G1) echo $i `{grep -l '^\.'$i ?/[0-9a-z]*}
TS 1/tbl
EQ 1/eqn 3/usb
PS 1/pic
G1 1/grap
%
When resizing windows, vt would signal ssh by updating
the window size and sending an interrupt. Ssh reacted
by forwarding both the winch and an interrupt.
This change adds a WINCH generation counter so that
ssh can differentiate between resizes and interrupts.
If an interrupt comes in, and the WINCH generation
changes, then the interrupt is taken as signalling a
WINCH.
The change to "assignment not used" breaks symmetry with
"used and not set" and removes the reference to the
specific warning mentioned in /sys/doc/comp.ms.
Also, the patch was half-assed as that it left some typos
in like "used an not set", which this change also fixed.
We weren't correctly skipping the location operators
in codefree. This would mostly be work, but sometimes
you'd get unlucky and have one of the argmuents mismatch,
and that would lead to an invalid free.
This correctly skips the args in codefree.
Since we now store /dist/plan9front in git, the
initial assumption that the owner of the repo
is the person touching it is not always true.
This change gives us a better heuristic for the
file permissions we should have in the files we
copy around, basing it off of the permissions of
the .git directory.
When loading a file using ".", we could
end up with our line numbers thrown off
due to the mutation of lexline. Putting
lexline into the runq beside the file
that we're reading from causes it to get
pushed and popped correctly, so that we
no longer lose track of our location.
when trying to request certificates from letsencrypt,
their test api would reject our csr because of
"tuncated sequence" unless we force subectAltName
by passing multiple domains (as comma separated list).
apparently, we need to provide the context specific tag
"cont [ 0 ]" for the extensions even when we do have
any extensions for the csr (triggered when we need to
have subjectAltNames).
for this, we change mkcont() to take a Elist* instead,
which then can be nil when not used. also put the tag
number argument first, which makes it easier to read.
As checking for all zero has to be done in a timing-safe
way to avoid a side channel, it is best todo this here
instead of letting the caller deal with it.
This adds a return type of int to curve25519_dh_finish()
where returning 0 means we got a all zero shared key.
RFC7748 states:
The check for the all-zero value results from the fact
that the X25519 function produces that value if it
operates on an input corresponding to a point with small
order, where the order divides the cofactor of the curve.
1. add the curve x25519 to tls, both client and server.
it's more faster, immune to timing attacks by design,
does not require verifying if the public key is valid,
etc etc. server-side has to check if the client supports
the curve, so a new function has been introduced to parse
the client's extensions.
2. reject weak dhe primes that can be easily cracked with
the number field sieve algorithm. this avoids attacks like
logjam.
3. stop putting unix time to the first 4 bytes of client/
server random. it can allow fingerprinting, tls 1.3 doesn't
recommend it any more and there was a draft to deprecate
this behaviour earlier.[1]
4. simply prf code, remove useless cipher enums.
[1] https://datatracker.ietf.org/doc/html/draft-mathewson-no-gmtunixtime-00
term% cal -s1 2021
2021
Jan Feb Mar
M Tu W Th F Sa Su M Tu W Th F Sa Su M Tu W Th F Sa Su
1 2 3 1 2 3 4 5 6 7 1 2 3 4 5 6 7
4 5 6 7 8 9 10 8 9 10 11 12 13 14 8 9 10 11 12 13 14
11 12 13 14 15 16 17 15 16 17 18 19 20 21 15 16 17 18 19 20 21
18 19 20 21 22 23 24 22 23 24 25 26 27 28 22 23 24 25 26 27 28
25 26 27 28 29 30 31 29 30 31
…
Note how the days (i.e. ' M Tu W Th F Sa Su') for Feb and Mar
do not align with the day numbers.
This is because an extra space is left *before* adding the terminating
'\0' via the pointer `dayw`.
With the patch applied the calendar aligns nicely for the year view:
term% cal -s1 2021
2021
Jan Feb Mar
M Tu W Th F Sa Su M Tu W Th F Sa Su M Tu W Th F Sa Su
1 2 3 1 2 3 4 5 6 7 1 2 3 4 5 6 7
4 5 6 7 8 9 10 8 9 10 11 12 13 14 8 9 10 11 12 13 14
11 12 13 14 15 16 17 15 16 17 18 19 20 21 15 16 17 18 19 20 21
18 19 20 21 22 23 24 22 23 24 25 26 27 28 22 23 24 25 26 27 28
25 26 27 28 29 30 31 29 30 31
…
When switching a branch implicitly -- ie, creating a local
branch off of a remote branch -- we would get the list of
changed files before we would resolve the implicit branch
switch, leading to an empty list of changes.
All of these files appear to have been imported from sources in a
case-insensitive manner and consequently lost their original content.
- Hx, Hb, and Hi fonts should be narrow versions of Helvetica
- c[1-3] fonts should be condensed versions of Century Old Style
- the lH character should be a filled left hand symbol
- the rh character should be a stroked right hand symbol
- the rc character should be the right ceiling symbol
I've verified that these are the only files that collide with others
when ignoring case (aside from rc/bin/[Kk]ill but those are correct).
git/import expected a patch, however upas/fs serves
either a raw file without any of the mime decoding
and line joining, or a directory, with the headers
and body split out.
This makes it a pain to apply some mails.
So, here we teach git to import upas dirs natively,
making it easy to handle all patches that come in
as emails.
git/push died within a subshell, which prevented the
whole program from exiting, and lead to an incorrect
ref update line that confused people.
git/send would eventually error out, but would push
all the data before that happened; this was annoying.
It's not fatal for someone else to push a branch
with objects that we don't have. We should deal
with it gracefully, and act as though it doesn't
exist.
In showlist, call bwindata instead of bwinopen in order to use a
pre-existing fd to write to the data file. This existing fd will
properly honour any address set by a previous write to the addr file.
Specifically, the redraw function sets addr to "," before calling
showlist in order to overwrite the entire contents of the window.
This is implemented by checking first if the uri is
a directory containing the .git/ subdirectory.
If this is the case, we fork git/serve serving the
repository on a pipe.
We weren't giving all objects to the twixt() function, and
it was making bad life choices -- gambling, smoking, drinking,
and packing in too much data.
With more information, it doesn't do the last.
For 64-bit architectures, the a.out header has the HDR_MAGIC flag set
in the magic and is expanded by 8 bytes containing the 64-bit virtual
address of the programs entry point. While Exec.entry contains physical
address for kernel images.
Our sysexec() would always use Exec.entry, even for 64-bit a.out binaries,
which worked because PADDR(entry) == entry for userspace pointers.
This change fixes it, having the kernel use the 64-bit entry point
and document the behaviour in the manpage.
The 9p debug server was broken as it assumed the first
tree file added would have a qid of 0 (it has a qid
of 1 as the root directory is using 0 already).
Instead, just compare File* pointers and get rid of
the table (less code).
When passing 64-bit unsigned addresses as 64-bit signed
file offsets, we have to make sure to not pass negative
offsets (filtered out by kernel and lib9p)!
This is solved by clearing and sign bit in encoding and
63-bit sign extension on decoding.
Make the mem file writable (needed for acid).
The 9p debug server provided a single directory containing
mem and regs files. This patch renames the regs file
(which is in vmx specific text format) to "xregs" and
adds "regs" and "kregs" file which use the same format
as exported by the kernels /proc filesystem.
This allows one to bind the vmx directory over a proc
directory and attach acid to a running system like:
mount -b /srv/vmx /proc/1
acid -k -lkernel 1 /sys/src/9/pc64/9pc64
If we tokenize the register file contents in a static buffer,
we can avoid having to duplicate the register names.
All callers to rpoke() provide constant register arguments
so they also do not need to be duplicated.
games/dmid uses the same sample rate as the chip for music, but other
applications do not. opl3 and its older version opl2 (not in 9front)
read an input stream of commands in basically IMF format, something
used in other id Software games and some others, which assumes a
given input sampling rate: 700 Hz for Wolfenstein 3D music, 560 Hz
for Commander Keen, 60 Hz for Ultima 6, etc.
The opl3 emulation on the other hand is not really intended to run at
a sampling rate different that the chip's 49.716 kHz sampling rate.
Previously, we assumed it runs at 44.1 kHz and just used the input
rate as a divisor to get the number of samples per delay tic.
From what I understand, the correct way to use it for accurate
emulation is to run the opl chip emulator at its intended sampling
frequency, then downsample to 44.1 kHz. This means better output
but more code. The alternative is to basically do the same as
before rev 8433, except with no buffering, but at accuracy/quality
loss. This change implements the former and just forks pcmconv to
deal with resampling.
Now that we have these new functions,
we can also make them return an error
instead of calling sysfatal() like
postmountsrv().
Remove the confusing Srv.srvfd, as it
is only temporarily used and return
it from postsrv() instead.
To use srvrease()/srvaquire() we need to have a way to spawn
new processes to handle the service loop. This functionality
was provided by the internal _forker() function which was
eigther rfork or libthread based implementation depending on
if postmountsrv() or threadpostmountsrv() where called.
For servers who want to use srv() directly, _forker would not
be initialized so srvrelease() could not be used.
To untangle this, we get rid of the global _forker handler
and put the handler in the Srv structure. Which will get
initialized (when nil) to eigther srvforker() or threadsrvforker()
depending on if the thread or non-thread entry points where used.
For symmetry, we provde new threadsrv() and threadpostsrv()
functions which handle the default initialization of Srv.forker.
This also allows a user to provide his own forker function,
maybe to conserve stack space.
To avoid dead code, we put each of these function in their
own object file. Note, this also allows a user to define its
own srvforker() symbol.
this fixes real-time applications.
-n previously specified a rate divisor rather than the rate itself,
which was used for specific applications outside of 9front. instead,
just set the rate directly, more useful and straightforward.
Remove unused fields and factor common fields into a
new PMach struct in port/portdat.h.
The fields machno, splpc and proc are not moved to
PMach as they are part of the known offsets from
assembly (l.s).
Resample is well known for taking a long time to resize an image. This
patch brings an important performance boost (in my test image, time
was reduced from ~2850ms to ~500ms). It does that by extracting FP
multiplication and division out of the innermost loop of
resamplex/resampley.
The results differ slightly from the current implementation: in my
test: ~0.3% of the bytes had a ±2 difference in their value, which I
attribute to rounding errors. I'm personally not concerned with that
deviation, given the performance gains. However, I recommend testing
it just to be sure I didn't overlook anything.
José Miguel Sánchez García
The patch does the following:
1. Adds recognition of executable script (shebang) files.
2. Returns correct MIME type for mbox files (RFC 4155).
3. Returns XML instead of HTML type in some cases.
changeset: 8411:19f6a88ea241
branch: mbp-2011
user: Romano <unobe@cpan.org>
date: Sat Apr 17 14:35:21 2021 -0700
files: sys/src/cmd/upas/fs/imap.c
description:
When an imap fetch fails, it's helpful at times to know the underlying
cause. This provides more details by providing the underlying error
message.
unlike other tools like iconv(1), a crop(1) without arguments or with
ones resulting in a no-op, like `-t 0 0', errors out. other options
like `-i 0' do not error. this breaks assumptions and results in
tedious intermediary steps or hacks like:
foo | {crop -t $1 $2 >[2]/null || cat} > baz.bit
instead, just ignore the check. subsequent code doesn't make
assumptions on that.
/sys/src/cmd/mksyslib uses `{basename $stem .$objtype}^.c to get the
source file name for *.acid files. /sys/lib/acid/thread expects
sched.$objtype.acid. This lets /sys/src/libthread/mkfile generate
that file.
This patch adds dirmodefmt from fcall.h to pretty-print file
permissions, similarly to ls -l. I didn't notice any performance
degradation.
I hope no-one relied on the old behaviour.
i have found one bug. when i put glenda in a position like this
i somehow win, but the glenda can escape from there.
in addition, i have changed the games manpage to include more info about glendy.
We can take advantage of the fact that xinit() allocates
kernel memory from conf.mem[] banks always at the beginning
of a bank, so the separate palloc.mem[] array can be eleminated
as we can calculate the amount of non-kernel memory like:
upages = cm->npage - (PGROUND(cm->klimit - cm->kbase)/BY2PG)
for the number of reserved kernel pages,
we provide the new function: ulong nkpages(Confmem*)
This eleminates the error case of running out of slots in
the array and avoids wasting memory in ports that have simple
memory configurations (compared to pc/pc64).
To reproduce the suicide try running the following in acme:
• 'Edit B <ls lib'
by select and middle clicking in a window that is in your $home.
There is a very high chance acme will commit suicide like this:
<snip>
cpu% broke
echo kill>/proc/333310/ctl # acme
cpu% acid 333310
/proc/333310/text:amd64 plan 9 executable
/sys/lib/acid/port
/sys/lib/acid/amd64
acid: lstk()
edittext(nr=0x31,q=0x0,r=0x45aa10)+0x8 /sys/src/cmd/acme/ecmd.c:135
xfidwrite(x=0x461230)+0x28a /sys/src/cmd/acme/xfid.c:479
w=0x0
qid=0x5
fc=0x461390
t=0x1
nr=0x100000031
r=0x45aa10
eval=0x3100000000
a=0x405621
nb=0x500000001
err=0x419310
q0=0x100000000
tq0=0x80
tq1=0x8000000000
buf=0x41e8d800000000
xfidctl(arg=0x461230)+0x35 /sys/src/cmd/acme/xfid.c:52
x=0x461230
launcheramd64(arg=0x461230,f=0x22357e)+0x10 /sys/src/libthread/amd64.c:11
0xfefefefefefefefe ?file?:0
</snap>
The suicide issue is caused by the following chain of events:
• /sys/src/cmd/acme/ecmd.c:/^edittext is called at
/sys/src/cmd/acme/xfid.c:479 passing nil as its first parameter:
<snip>
...
case QWeditout:
r = fullrunewrite(x, &nr);
if(w)
err = edittext(w, w->wrselrange.q1, r, nr);
else
err = edittext(nil, 0, r, nr);
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
</snap>
...and /sys/src/cmd/acme/ecmd.c:/^edittext dereferences the
first parameter that is *nil* at the first statement:
<snip>
char*
edittext(Window *w, int q, Rune *r, int nr)
{
File *f;
f = w->body.file;
^^^^^^^^^^^^^^^^^^^^^
This will crash if 'w' is *nil*
switch(editing){
...
</snap>
Moving the the derefernce of 'w' into the case where it is
needed (see above patch) fixes the suicude.
The memory leak is fixed in /sys/src/cmd/acme/ecmd.c:/^filelist. The
current implementation of filelist(...) breaks its contract with its
caller, thereby leading to a memory leak in /sys/src/cmd/acme/ecmd.c:/^B_cmd
and /sys/src/cmd/acme/ecmd.c:/^D_cmd.
The contract /sys/src/cmd/acme/ecmd.c:/^filelist seems to have with
its callers is that in case of success it fills up a 'collection' that
callers can then clear with a call to clearcollection(...).
The fix above honours this contract and thereby removes the leak.
After you apply the patch the following two tests should succeed:
• Execute by select and middle click in a Tag:
'Edit B lib/profile'
• Execute by select and middle click in a Tag:
'Edit B <ls lib'
The former lead to a resource leak that is now fixed.
The latter lead to a suicide that is now fixed by moving the statement
that dereferences the parameter to the location where it is needed,
which is not the path used in the case of 'Edit B <ls'.
Cheers,
Igor
The confstr was shared between readers so seprintconf() could
write concurrently to that buffer which is not safe.
This replaces the shared static confstr[Maxconf] buffer with a
pointer that is initially nil and a buffer that is alloced on
demand.
The new confstr pointer (and buffer) is now only updated while
wlock()ed from the new setconfstr() function.
This is now done by mconfig() / mdelctl() just before releasing
the wlock.
Now, rdconf() will check if confstr has been initialized, and
test for it again while wlock()ed; making sure the configuration
is read only once.
Also, rdconf() used to check for a undocumented "fsdev:\n" string
at the beginning of config data tho that was never documented.
This changes mconfig() to ignore that particular signature so
the example from the manpage will work as documented.
The sunStringUnpack() routine was miscompiled by 7c, as
pointer arithmetic is done in 64 bit but the constant -1
offset got expended to a unsigned 32 bit integer.
The expression value of the assignment operation was
returned implicitely by relying on regalloc() on the
right hand side "nod" borrowing the register from nn.
But this only works if nn is a register.
In case of 6c, it can also be a ONAME from a .safe
rathole returned by regsalloc().
This change adds explicit gmove() calls to assign the
expression value. Note that gmove() checks if source
and destination are the same register so it wont emit
redundant move operations in the common case.
The same is applied also to OPREINC and OPOSTINC operations.
Mutating lists that are being iterated is needlessly error
prone, and we were removing the wrong message in some cases
if it the dummy got inserted in the right place.
Separating deletion into a redraw/relink and zap phase
simplifies the problem.
Switching window focus used to be non deterministic
as the current window in focus (Window *input) was set
concurrently while processing window messages such as
Resized and Topped.
This implements a new approach where wcurrent() and
wuncurrent() are responsible for the synchronization
and switch of the input.
It is implemented by sending a Repaint message to the
old input window first, neccesarily waiting until that
window releases the focus and then input is updated
and then a Topped or Reshaped message is send to the
new input window.
Note, that when the whole screen is resized that no
input changes need to happening anymore.
This change makes the text window be focused on startup when using
default riostart (e.g: when using the release ISO). This little change
makes you able to immediately reach the rc shell without clicking the
window, which at the very least is more convenient, and if you have
problems to use your mouse but want to install the system, you also
can (I had to stop profile from running at boot to patch it in my VPS
KVM console because the mouse wasn't working properly. Could install
and setup it to connect through drawterm).
let pci.c deal with the special cardbus controller bar0 and
expansion roms.
handle apic interrupt routing for devices behind a cardbus slot.
do not free the pcidev on card removal, as the drivers
most certanly are not prepared to handle this yet.
instead, we provide a pcidevfree() function that just unlinks
the device from pcilist and the parent bridge.
When deleting messages that came in just
the right order, we would end up stuck in
a loop deleting and reinserting a dummy
parent, rather than the messages we wanted
to remove.
p.kosyh writes:
Hello! I finally bought rpi4 4Gb specially for 9front. It seems,
that default bpp of framebuffer is 16. I changed it to 24 (via
cmdline.txt and config.txt) and found, that rendering is much faster!
(May be due removing overheads in 16->24 conversions?)
But on rpi4 r and b channels are swapped. So, i changed BGR24 to
RGB24 in bcm/screen.c and now it works fine!