be used to run ROM code inside the kernel without having to setup vm86
and without having a x86 CPU at hand.
This code was originally written by SciTech and released under MIT/X11
license for XFree86. It has been refactored be less than half of the
original size, the compiled code being around a third of the former
size. The interface was changed to be a real library, e.g. no global
variables are used.
defined by the C library for the various m68k ports by borrowing
some #ifs from the i386 port.
Also, align sun2 with the other m68k ports as to whether they
define __bswap{16,32} or bswap{16,32} in their C library (all
now define the __ variants).
This should make the m68k ports build sys/rump again, except
for sun2 which hits another problem later on.
by using a dynamic stack as well. Reorder arguments for the internalizer
as the iteration is always present and should go before possibly
NULL arguments.
Reviewed by mjf@ and adrianp@
userland, deeply nested arrays and dictionaries can easily overflow
the kernel stack and thereby force a panic.
Fix the internalizer and prop_object_release to use a separate call
stack and alter the dictionary and array handling to not recurse on
the C stack. The default stack has an inline depth of 16 elements,
which should keep the overhead reasonable.
This issue was found by Pavel Cahyna and Jachym Holecek.
Additionally add a limit for prop_object_copyin_ioctl to prevent user
programs from temporary allocating unbound amount of kernel memory.
Allow malloc to fail so that tight loops of userland processes can't
force panics by exhausting the kernel map.
Tested with the sample exploit of Jachym, his test suite and reviewed
by himself (initial patch), Christos Zoulas and Jason Thorpe.
as the data pointer to RMD160_Update doesn't have to be aligned.
In SHA256_Update and SHA512_Update, only operate directly on the passed
in data if no left-over in the context exists and the data is correctly
aligned. The problem was exposed by the audit-packages rewrite in C
and reported for the libnbcompat version in PR pkg/36662.
This prevents a possible prefetch past the end of the source buffer.
Note that the semantics of the pld instruction mean that it is unlikely
that this would have caused any problems except in very specific
circumstances in some types of device drivers.
used by uvm_mmap() as a hint for the virtual address to map memory to. As
a consequence, it tended to fail a lot on some architectures.
We cannot use 0, so instead use the value that would have been used if we
were calling mmap(2) with 0 as the first argument.
Fixes PR#34639 by xtraeme@.
To avoid code duplication, move strsep.c to the kernel/userland
common files.
Soon I will commit source-address selection (options IPSELSRC).
It will use strsep(3).
keys and returns them in an array. This effectively allows a caller
to mutate a dictionary while iterating over it (really, you iterate
over the array of keys instead of the dictionary itself).
- Add a slew of utility functions that make it more convenient (in some
circumstances, anyway) to get/set values in a dictionary.
definition of struct rb_ndoe on the endianess is the only explanation I have
why nobody complained about this on i386 - I don't understand why it makes a
difference for gcc though)
the data structure is internally consistent in the face of multiple threads
accessing it concurrently. This is not designed to provide application-
level semantic consistency; applications are responsible for that locking
protocol should it be necessary.
- Rename _PROP_MUTEX_DECL() to _PROP_MUTEX_DECL_STATIC().
plist-based messages and to eliminate looping previously required to
receive a plist from the kernel:
- prop_dictionary_copyin_ioctl() and prop_dictionary_copyout_ioctl()
now take the cmd argument rather than the file open flag. The
read-ness or write-ness of an ioctl command is checked by these
routines to ensure that information is being passed to/from the
userland component properly.
- prop_dictionary_copyout_ioctl() now allocates the memory for the
XML plist on behalf of the userland component by way of uvm_mmap().
The XML plist is copied out to the newly-mapped anonymous region,
and the pointer returned via the plistref.
- prop_dictionary_recv_ioctl() is responsible for munmap()'ing the
region after parsing the XML plist into internal represenatation.
- A new prop_dictionary_sendrecv_ioctl() is added, allowing user space
code to send a dictionary to the kernel and receive one back as a
reply.
Update users of prop_kern for the API changes (Bluetooth).
This constitutes an ABI / protocol change -- but this will also be put
into NetBSD 4.0 so that the first proplib release will implement the new
scheme.