the assert fails for regcompnl(".") as TANY is compiled to
one instruction instead of two when nl == 0.
its not a problem when we end up with less instructions, so
changing the assert condition from == to <= to make sure we
didnt overrun the buffer.
--
cinap
the kernel will automatically timeout the eap blocked state
for us and reassociate for us, so there is no need to provoke
the ap to start the wpa/eap handshake.
make the polling faster changing the sleep time from 500 to
100 ms.
- add some milisecond timestamps to the status change debug printing
- flush the packets in the queue on deassoc to avoid processing old pae
packets on next association.
- make roaming timeout shorter (60 -> 20 seconds)
- automatically timeout and restart wpa/pae blocked state
- fix printing race when essid gets changed underneath seprint
from openbsd driver, it seems the Centrino Advanced-N 6030 and 6235
cards share the same device revision as the 6205 (Type6005). Also
changing the device revision field from 4 to 5 bits.
- drivers enable short preamble and sort timeslot depending
on the ap beacon capinfo field (bss->cap)
- wifi sets short preamble bit in capinfo on association request
- wifi sets short timeslot bit when ap advertized it in beacon
reverting asn1mpint() as all users really just expect
unsigned integers here. also openssl seems to interpret
rsa modulus as unsigned no matter what... so keeping
it as it was before.
handle nil cipher bytes in factotum_rsa_decrypt() due
to pkcs1padbuf() failing.
apply some lessions from intels berzerk paper:
instead of parsing the decrypted digest info blob, we
generate the *expected* blob's for all digest algorithms
that match the digest size and compare the results.
provide pkcs1 pad and unpad functions that consistently
enforce minimum padding size and handles block types 1
and 2.
quick fix is to bias the rounding so the msb will always
be zero. should write proper conversion code to actually
deal with signed mpints... also for asn1mpint()... -- cinap
Make the logic around who has priority over the final
match simpler by merging the priority generation and
match fields in a smarter way. Move the creation of
new thread matches up to the top to avoid jumping all
over the place.
don't deadlock when cwgrow() detects we'r out of worm space
by releasing the cache superblock buffer.
don't allocate space beyond the worm device when dumping by
having slit() check. after cwrecur(), we check if there are
enougth blocks remaining to write the dump date directories
and superblocks.
- no need to splhi() in timerset, always called with
interrupts off.
- make timerset always update the period (next == 0)
- remove period update in fastticks(), simplify
delta calculation.
given that we only pass uchar* with constant offsets
to the s and d arguments of ENCRYPT(), we do not need
the temporary variables sp/dp and the compiler is
smart enougth to combine the const offset with the ones
from GET4() and PUT4() and emit single load and store
instructions for the byte accesses.
introducing new ctrunc() function that invalidates any caches
for the passed in chan, invoked when handling wstat with a
specified file length or on file creation/truncation.
test program to reproduce the problem:
#include <u.h>
#include <libc.h>
#include <libsec.h>
void
main(int argc, char *argv[])
{
int fd;
Dir *d, nd;
fd = create("xxx", ORDWR, 0666);
write(fd, "1234", 4);
d = dirstat("xxx");
assert(d->length == 4);
nulldir(&nd);
nd.length = 0;
dirwstat("xxx", &nd);
d = dirstat("xxx");
assert(d->length == 0);
fd = open("xxx", OREAD);
assert(read(fd, (void*)&d, 4) == 0);
}
allocating AX,CX,DX last improves 64-bit multiplication-add
chains like a*b + c*d as the multiplication does not need to save
and restore AX and DX registers in most cases. reserving CX for
shifts also helps.
encode printable characters litteraly, use D() macro to
reduce DATA instruction overhead.
this halves the time spend assembling $CONF.root.s for
the kernel build.
the root fileserver is mounted with the mount cache enabled
causing the contents of the cfsctl file to be cached as well
leading to wrong results. so after we generated the new stat
buffer, we increment the qid.vers so the cache starts out
clean.
given that the igfx driver doesnt provide any acceleration functions
and drawing is usually faster with double buffering as it eleminates
reads over the pci bus, enable softscreen by default.
don't use rand() and scale it to 0..1, instead call
native frand() which produces uniform random number.
instead of seeding the rng with time(0), use truerand().
on 386 kernel, each processor has its own pdb where the primary
pdb for kernel mappings is on cpu0 and other cpu's lazily pull
pdb entries from cpu0 when they fault in vmapsync().
so we have to edit the table tables in the pdb of cpu0 and not
the current processor.
on some modern machines like the x250, the bios arranges the mtrr's
and the framebuffer membar in a way that doesnt allow us to mark
the framebuffer pages as write combining, leading to slow graphics.
since the pentium III, the processor interprets the page table bit
combinations of the WT, CD and bit7 bits as an index into the
page attribute table (PAT).
to not change the semantics of the WT and CD bits, we preserve
the bit patterns 0-3 and use the last entry 7 for write combining.
(done in mmuinit() for each core).
the new patwc() function takes virtual address range and changes
the page table marking the range as write combining. no attempt
is made on invalidating tlb's. doesnt matter in our case as the
following mtrr() call in screen.c does it for us.
the assumption of only one producer ((abs)moustratrack()) is not true
for external mouse events from /dev/mousein, so protect the mouse state
and queue with ilock().
get rid of mousecreate(), just use devcreate().
reset cursor when all instances of /dev/mouse and /dev/cursor got closed,
instead of also considering /dev/mousectl. the reason is that kbdfs keeps
the mousectl file open. so exiting a program that has the cursor changed
will properly reset the cursor to arrow.
don't access user buffer while holding cursor spinlock! the memory access
can fault. theres also no lock needed there, we'r just copying *from* the
cursor memory.
fix use of strtol(), p will always be set, check for end of string.
keep pointer coordinates onscreen (off by one).
make lastms() function to get the last millisecond delta of last
call for resynchronization.
fix msg[3] buffer overflow in m5mouseputc().
get rid of mouseshifted logic, it is not used.
theres a bug is in sclose() where it doesnt check if wp is beyond
the buffer. also wp was not updated after realloc().
bug was reported by porlock on 9fans:
Plan 9's implementation of the standard C functions snprintf and
vsnprintf have a buffer overrun bug.
If the buffer length equals the output length (without the terminating
null), then one too many characters is written to the buffer.
For example,
snprintf(buf, 4, "ABCD");
will write 5 characters to buf.
remove bl2mem(), it is broken. a fault while copying to memory
yields a partially freed block list. it can be simply replaced
by readblist() and freeblist(), which we also use for qcopy()
now.
remove mem2bl(), and handle putting back remainer from a short
read internally (splitblock()) avoiding the releasing and re-
acquiering of the ilock.
always attempt to free blocks outside of the ilock.
have qaddlist() return the number of bytes enqueued, which
avoids walking the block list twice.
remove unneeded waserror() block, loopoput is alled from
loopbackbwrite only so we will always get called with a
*single* block, so the concatblock() is not needed.
the convention for Dev.bwrite() is that it accepts a *single* block,
and not a block chain. so we never have concatblock here.
to keep stuff consistent, we also guarantee thet Medium.bwrite()
will get a *single* block passed as well, as the callers are
few in number.
to avoid copying in padblock() when adding cryptographics macs to a block
in devtls/devssl/esp we reserve 16 extra bytes to the allocation.
remove qio ixsummary() function and add acid function qiostats() to
/sys/lib/acid/kernel
simplify iallocb(), remove iallocsummary() statitics.
given that devmnt will almost always write into a pipe
or a network connection, which supports te bwrite routine,
we can avoid the memory copy that would have been done by
devbwrite(). this also means the i/o buffer for writes
will get freed sooner without having to wait for the 9p
rpc to get a response, saving memory.
theres one case where we have to keep the rpc arround and
that is when we write to a cached file, as we want to update
the cache with the data that was written, but the user buffer
cannot be trusted to stay the same during the rpc.
sugen() calls cgen64() speculatively so that when cgen64() returns
zero, it will fall back and compile 64-bit copy.
the bug was that cgen64() compiled the left hand side and then recursively
called cgen64() again, which didnt handle the memory copy so it returned
zero and sugen() would compile the left hand side again resulting in two
function calls being emited.
some code that reproduced the issue:
#include <u.h>
#include <libc.h>
typedef struct
{
char x[10];
vlong a;
} X;
X a;
X *f(void) { return &a; }
void
main(int argc, char *argv[])
{
f()->a = a.a;
}
producing:
TEXT f+0(SB),0,$0
MOVL $a+0(SB),AX
RET ,
RET ,
TEXT main+0(SB),0,$0
CALL ,f+0(SB)
CALL ,f+0(SB) <- bug
MOVL AX,CX
LEAL a+12(SB),DX
MOVL (DX),AX
MOVL AX,12(CX)
MOVL 4(DX),AX
MOVL AX,16(CX)
RET ,
GLOBL a+0(SB),$20
END ,
devfs:
- fix memory leak in devfs leaking the aes key
- allocate aes-xts cipher state in secure memory
- actually check if the hexkey got fully parsed
cryptsetup:
- get rid of stupid "type YES" prompt
- use genrandom() to generate salts and keys
- rewrite cryptsetup to use common pbkdf2 and readcons routines
- fix alot of error handling and simplify the code
- move cryptsetup command to disk/cryptsetup
- update cryptsetup(8) manual page
get rid of _INI and _REG method calls, this is not full acpi environment
anyway and all we really want todo at kernel boot time is figuring out
the interrupt routing. aux/acpi can try to enable more stuff if it needs
to later when battery status desired.
dont snoop memory space regions in amlmapio(), this is just wrong as
amlmapio() is *lazily* mapping regions as they are accessed, so the
range table would never be really complete. instead, we provide generic
access to the physical address space, excluding kernel and user memory
with acpimem file.
we cannot retry posts and we do not know for sure if a
post had any side effect when we got no status, so always
make a new connection for a post request.
when dragging a window edge, allow one to slide to a corner
or slide from corner to corner (usefull when inverting).
also make sure the right or bottom of the rectangle returned
by whichrect() is not outside of the screen (which makes
drawing slow).
we can encrypt the 256 bit chacha key on each invocation
making it hard to reconstruct previous outputs of the
generator given the current state (backtracking resiatance).
the kernels custom rand() and nrand() functions where not working
as specified in rand(2). now we just use libc's rand() and nrand()
functions but provide a custom lrand() impelmenting the xoroshiro128+
algorithm as proposed by aiju.
we now access the user buffer in randomread() outside of the lock,
only copying and advancing the chacha state under the lock. this
means we can use randomread() within the fault handling path now
without fearing deadlock. this also allows multiple readers to
generate random numbers in parallel.
we might wake up on a different cpu after the sleep so
delta from machX->ticks - machY->ticks can become negative
giving spurious timeouts. to avoid this always use the
same mach 0 tick counter for the delta.
the manpage states that capabilities time out after a minute,
so we add ticks field into the Caphash struct and record the
time when the capability was inserted. freeing old capabilities
is handled in trimcaps(), which makes room for one extra cap
and frees timed out ones.
we also limit the capuse write size to less than 1024 bytes to
prevent denial of service as we have to copy the user buffer.
(memory exhaustion).
we have to check the from user *before* attempting to remove
the capability! the wrong user shouldnt be able to change any
state. this fixes the memory leak of the caphash.
do the hash comparsion with tsmemcmp(), avoiding timing
side channels.
allocate the capabilities in secret memory pool to prevent
debugger access.
previously, right shift >>0 resulted in >>32 being emited. this
is especially problematic when the shift count comes from a macro
expansion.
we now handle constant shift >>0 as <<0 (no shift) and allow
shift by 32 be specified.
this applies to logical right shift (>>) arithmetic right shift (->)
and right rotate (@>).
the prior implementation was unneccesarily complicated for
no good reason due to me misunderstanding how libc's nrand()
works. in contrast to libc, we already generate the *closest*
power-of-2 random number with mprand() in the sampling loop.
The kernel needs to keep cryptographic keys and cipher states
confidential. secalloc() allocates memory from the secret pool
which is protected from debuggers reading the memory thru devproc.
secfree() releases the memory, overriding the data with garbage.
drawterm, factotum, secstore and the auth commands
all had ther own implementation of readcons. we
want to have one common function for this to avoid
the duplication, so putting that in libauthsrv.
introduce PASSWDLEN which makes the use more explicit
than ANAMELEN.
when we get eof, stop the loop immidiately and do not
rely on the read to eventually return an error.
when convM2S() fails to decode the message, error out
and stop the loop. there is no point in continuing.
given that the memory leaks have been fixed, theres no need
for the obscure restart feature which is not reliable anyway.
remove the code updating procname on each 9p request.
handle convM2S error by exiting the service loop, dont read
9p channel after eof.
we used to not sign extend if the destination was unsigned
uvlong, which is wrong. we have to sign extend only based
on the signedness of the source (it gets propagated to vlong)
this bug hit in hjfs in the newentry() function, causing file
creation to fail with "create -- phase error":
newentry(...)
{
uvlong sj;
int si;
...
sj = si = -1;
...
}
usually, the plan9 partition table is contained in
the first 9fat partition after the pbs/fat header,
but when no 9fat partition is requested, we have
to make sure partitions wont overlap the partition
table (start at sector offset >= 2).
the pause function is different from just accessing the menu: it pauses both
single and multiplayer games, stops music and sound, and is recorded in demos
(does not cause a desync, unlike menu access).
this uses Kprint rather than Kbreak because Kbreak is e.g. Kctl+pause on some
keyboards.
