be used to run ROM code inside the kernel without having to setup vm86
and without having a x86 CPU at hand.
This code was originally written by SciTech and released under MIT/X11
license for XFree86. It has been refactored be less than half of the
original size, the compiled code being around a third of the former
size. The interface was changed to be a real library, e.g. no global
variables are used.
defined by the C library for the various m68k ports by borrowing
some #ifs from the i386 port.
Also, align sun2 with the other m68k ports as to whether they
define __bswap{16,32} or bswap{16,32} in their C library (all
now define the __ variants).
This should make the m68k ports build sys/rump again, except
for sun2 which hits another problem later on.
by using a dynamic stack as well. Reorder arguments for the internalizer
as the iteration is always present and should go before possibly
NULL arguments.
Reviewed by mjf@ and adrianp@
in its own header file to be included by dkio.h. Fixes breakage due to
pollution from proplib.h in programs which include ioctl.h. Tested and OK
by dogcow@.
userland, deeply nested arrays and dictionaries can easily overflow
the kernel stack and thereby force a panic.
Fix the internalizer and prop_object_release to use a separate call
stack and alter the dictionary and array handling to not recurse on
the C stack. The default stack has an inline depth of 16 elements,
which should keep the overhead reasonable.
This issue was found by Pavel Cahyna and Jachym Holecek.
Additionally add a limit for prop_object_copyin_ioctl to prevent user
programs from temporary allocating unbound amount of kernel memory.
Allow malloc to fail so that tight loops of userland processes can't
force panics by exhausting the kernel map.
Tested with the sample exploit of Jachym, his test suite and reviewed
by himself (initial patch), Christos Zoulas and Jason Thorpe.
as the data pointer to RMD160_Update doesn't have to be aligned.
In SHA256_Update and SHA512_Update, only operate directly on the passed
in data if no left-over in the context exists and the data is correctly
aligned. The problem was exposed by the audit-packages rewrite in C
and reported for the libnbcompat version in PR pkg/36662.
This prevents a possible prefetch past the end of the source buffer.
Note that the semantics of the pld instruction mean that it is unlikely
that this would have caused any problems except in very specific
circumstances in some types of device drivers.