from /n/sources/patch/blowfish/readme:
Blowfish is broken. The order of the bytes in the ciphertext
is wrong. The problem is the conversion from the ciphertext
plaintext block to the array of u32int used by the core funcions
and vice versa.
This code has been tested on big endian and little endian
machines.
A test program is also included, bftets.c. It uses the
test vectors of blowfish available at
https://www.schneier.com/code/vectors.txt
amd64 passes first argument in RARG (BP) register
which has the be preserved duing _profin() and
_profout() calls. to handle this we introduce
_saveret() and _savearg(). _saveret() returns
AX, _savearg() returns RARG (BP). for archs other
and amd64, _saveret() and _savearg() are the
same function, doing nothing.
restoing works with dummy function:
uintptr
_restore(uintptr, uintptr ret)
{
return ret;
}
...
ret = _saveret();
arg = _savearg();
...
return _restore(arg, ret);
as we pass arg as the first argument, RARG (BP) is
restored.
we did the utf-8 to unicode conversion in pl_nextc(),
but the plaintext handler uses pl_readc() which only
translates newlines but otherwise returns bytes.
move unicode conversion in pl_readc() fixes it.
modifying the kernel pdp (CPU0PDP) hangs vmware. so
we initialize the pdp with KZERO and KZERO+1GB map
in l.s and never change it. (except when removing
the zero double map which seems to work).
VMAP has its own pdp now allowing to map 512GB of
physical address space. this simplifies the code
a bit and gives nice virtual addresses.
to make it easier to write portable acid code, we
introduce 'A' format in the same meaning as in db(1):
A Print the value of dot in hexadecimal. Dot is
unaffected.
both 'a' (symbolic) and 'A' will both have 64 or 32 bit
size depending on the mach, so pointer array indexing
works the same.
we cannot call gc() in execute() because it will gc
anonyous intermediate results which happens when we
construct a list and the elements are calculated by
calling a function thru ocall() which calls execute().
also, the _thiscmd symbol; which is used to keep
a reference to a statement so it wont get garbage
collected; does not work as yyparse() is recursive
(include statements).
we add execrec() function which *only* gets called from
yyparse() when evaluating a statement. it will
keep a stack on the _thiscmd symbol handling the yyparse()
recursion.
we also only call gc() in execrec() before calling
execute(). so execute() will never gc() while evaluating
a statement which prevents the intermediate results
from getting collected.
file offset is 64 bit signed integer, negative offsets
are invalid and rejected by the kernel. to still access
kernel memory on amd64, we unconditionally clear the sign
bit of the 64 bit offset in libmach and devproc sign
extends the offset back to a 64 bit address.
when using the jpg(1) programs interactively, draw the
image in the center of it. this avoids wasting space
with always on borders on small windows and looks better
when used in fullscreen.
on intel processors, a general protection exception is fired if a non-canonical address is loaded into PC during SYSRET. this will cause the kernel to panic.
see http://www.kb.cert.org/vuls/id/649219 and the intel software developer manual for more information.
