Commit Graph

3638 Commits

Author SHA1 Message Date
tb eb5c631ead upstream OpenBSD: arc4random: fix indent 2022-09-10 21:00:38 +02:00
djm 52a410f9bd upstream OpenBSD: arc4random: Randomise the rekey interval a little.
Previously, the chacha20 instance would be rekeyed every 1.6MB. This
makes it happen at a random point somewhere in the 1-2MB range.

Feedback deraadt@ visa@, ok tb@ visa@

newlib port: Make REKEY_BASE depend on SIZE_MAX
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2022-09-10 20:59:01 +02:00
dtucker f5fece2838 upstream OpenBSD: arc4random: Remove unused ivbits argument from chacha_keysetup
to match other instances in the tree. ok deraadt@
2022-09-10 20:58:03 +02:00
deraadt db5e07368c upstream OpenBSD: arc4random: replace abort() with _exit()
In the incredibly unbelievable circumstance where _rs_init() fails to
allocate pages, don't call abort() because of corefile data leakage
concerns, but simply _exit(). The reasoning is _rs_init() will only fail
if someone finds a way to apply specific pressure against this failure
point, for the purpose of leaking information into a core which they can
read. We don't need a corefile in this instance to debug that. So take
this "lever" away from whoever in the future wants to do that.
2022-09-10 20:58:03 +02:00
Corinna Vinschen dd22053fee upstream OpenBSD: arc4random: bump file versions
This hides a patch not required in newlib
2022-09-10 20:58:01 +02:00
bcook ef76759d7f upstream OpenBSD: arc4random: Add support for building arc4random with MSVC.
By default, MSVC's stdlib.h defines min(), so we need to spell out something
less common to avoid picking it up.

ok deraadt@ beck@ miod@
2022-09-10 20:56:25 +02:00
Torbjörn SVENSSON a68e99f883 Don't allocate another header when merging chunks
In the nano version of malloc, when the last chunk is to be extended,
there is no need to acount for the header again as it's already taken
into account in the overall "alloc_size" at the beginning of the
function.

Contributed by STMicroelectronics

Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@foss.st.com>
2022-09-01 15:39:10 -04:00
Torbjörn SVENSSON 0455ea28ce Used chunk needs to be removed from free_list
When using nano malloc and the remaning heap space is not big enough to
fullfill the allocation, malloc will attempt to merge the last chunk in
the free list with a new allocation in order to create a bigger chunk.
This is successful, but the chunk still remains in the free_list, so
any later call to malloc can give out the same region without it first
being freed.

Possible sequence to verify:

void *p1 = malloc(3000);
void *p2 = malloc(4000);
void *p3 = malloc(5000);
void *p4 = malloc(6000);
void *p5 = malloc(7000);
free(p2);
free(p4);
void *p6 = malloc(35000);
free(p6);
void *p7 = malloc(42000);
void *p8 = malloc(32000);

Without the change, p7 and p8 points to the same address.
Requirement, after malloc(35000), there is less than 42000 bytes
available on the heap.

Contributed by STMicroelectronics

Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@foss.st.com>
2022-09-01 14:40:27 -04:00
Jeff Johnston d92d3a3c4a Fix some Coverity Scan errors. 2022-08-31 15:18:08 -04:00
Torbjörn SVENSSON dd1122e21c Restore _lock initialization in non-single threaded mode
When __SINGLE_THREAD__ is not defined, stdin, stdout and stderr needs
to have their _lock instance initialized. The __sfp() method is not
invoked for the 3 mentioned fds thus, the std() method needs to handle
the initialization of the lock.

This is more or less a revert of 382550072b

Contributed by STMicroelectronics

Signed-off-by: Torbjörn SVENSSON <torbjorn.svensson@foss.st.com>
2022-08-31 10:02:53 +02:00
Jeff Johnston 64a11fded1 Fix problem with _newlib_version.h not being filled in correctly 2022-08-22 17:55:23 -04:00
Yilin Sun via Newlib b7109cf82e SH: Do not build syscalls if option provided
This patch makes syscalls for SH architecture respecting the global option
"--disable-newlib-supplied-syscalls". This is useful when a bare-metal
toolchain is needed.

Signed-off-by: Yilin Sun <imi415@imi.moe>
2022-08-15 15:12:19 -04:00
Corinna Vinschen 85be74f295 newlocale: fix crash when trying to write to __C_locale
This simple testcase:

  locale_t st = newlocale(LC_ALL_MASK, "C", (locale_t)0);
  locale_t st2 = newlocale(LC_CTYPE_MASK, "en_US.UTF-8", st);

is sufficient to reproduce a crash in _newlocale_r.  After the first call
to newlocale, `st' points to __C_locale, which is const.  When using `st'
as locale base in the second call, _newlocale_r tries to set pointers
inside base to NULL.  This is bad if base is __C_locale, obviously.

Add a test to avoid trying to overwrite pointer values inside base if
base is __C_locale.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2022-08-12 12:29:26 +02:00
Corinna Vinschen 2902b3a09e Cygwin: drop requirement to build newlib's stdio64
Given that 64 bit Cygwin defines all file access types (off_t,
fpos_t, and derived types) as 64 bit anyway, there's no reason
left to rely on the stdio64 part of newlib.  Use base functions
and base types.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2022-08-03 13:41:35 +02:00
Matt Joyce ea99f21ce6 Add --enable-newlib-reent-thread-local option
By default, Newlib uses a huge object of type struct _reent to store
thread-specific data.  This object is returned by __getreent() if the
__DYNAMIC_REENT__ Newlib configuration option is defined.

The reentrancy structure contains for example errno and the standard input,
output, and error file streams.  This means that if an application only uses
errno it has a dependency on the file stream support even if it does not use
it.  This is an issue for lower end targets and applications which need to
qualify the software according to safety standards (for example ECSS-E-ST-40C,
ECSS-Q-ST-80C, IEC 61508, ISO 26262, DO-178, DO-330, DO-333).

If the new _REENT_THREAD_LOCAL configuration option is enabled, then struct
_reent is replaced by dedicated thread-local objects for each struct _reent
member.  The thread-local objects are defined in translation units which use
the corresponding object.
2022-07-13 06:55:46 +02:00
Matt Joyce 1a09082036 Add _REENT_IS_NULL()
In a follow up patch, struct _reent is optionally replaced by dedicated
thread-local objects.  In this case,_REENT is optionally defined to NULL.  Add
the _REENT_IS_NULL() macro to disable this check on demand.
2022-07-13 06:55:46 +02:00
Matt Joyce db2123caf8 Add _REENT_SIG_FUNC(ptr)
Add a _REENT_SIG_FUNC() macro to encapsulate access to the
_sig_func member of struct reent. This will help to replace the
struct member with a thread-local storage object in a follow up
patch.
2022-07-13 06:55:46 +02:00
Matt Joyce 81352a9df9 Add _REENT_CVTBUF(ptr)
Add a _REENT_CVTBUF() macro to encapsulate access to the _cvtbuf
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce 315c420e1b Add _REENT_CVTLEN(ptr)
Add a _REENT_CVTLEN() macro to encapsulate access to the _cvtlen
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow-up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce f89ce35d83 Add _REENT_CLEANUP(ptr)
Add a _REENT_CLEANUP() macro to encapsulate access to the
__cleanup member of struct reent. This will help to replace the
struct member with a thread-local storage object in a follow up
patch.
2022-07-13 06:55:46 +02:00
Matt Joyce 50f078b48c Add _REENT_LOCALE(ptr)
Add a _REENT_LOCALE() macro to encapsulate access to the _locale
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce 0985d418cb Add _REENT_INC(ptr)
Add a _REENT_INC() macro to encapsulate access to the _inc member
of struct reent. This will help to replace the struct member with
a thread-local storage object in a follow up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce e56801f34d Add _REENT_STDERR(ptr)
Add a _REENT_STDERR() macro to encapsulate access to the _stderr
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce 3266a46327 Add _REENT_STDOUT(ptr)
Add a _REENT_STDOUT() macro to encapsulate access to the _stdout
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce 627a5cb413 Add _REENT_STDIN(ptr)
Add a _REENT_STDIN() macro to encapsulate access to the _stdin
member of struct reent. This will help to replace the struct
member with a thread-local storage object in a follow up patch.
2022-07-13 06:55:46 +02:00
Matt Joyce f3b8138239 Add _REENT_ERRNO(ptr)
Add a _REENT_ERRNO() macro to encapsulate the access to the
_errno member of struct reent. This will help to replace the
structure member with a thread-local storage object in a follow
up patch.

Replace uses of __errno_r() with _REENT_ERRNO().  Keep __errno_r() macro for
potential users outside of Newlib.
2022-07-13 06:55:41 +02:00
Matt Joyce d0d78e96eb Define _REENT_EMERGENCY(ptr) only once
Use this macro to access the _emergency member of struct _reent.  This macro
will help to replace the _emergency member of struct _reent with a thread-local
storage object in a follow up patch.
2022-07-13 06:50:25 +02:00
Sebastian Huber a3fe1ed573 Move content in <sys/reent.h>
Move definitions not directly related to struct _reent to the bottom of the
file.  This allows a contiguous #ifndef _REENT_THREAD_LOCAL_STORAGE block.
2022-07-13 06:50:25 +02:00
Sebastian Huber 1db7cf5ce6 RTEMS: Add README 2022-07-11 13:19:29 +02:00
Gleb Smirnoff c1abc93988 libc/syslog: fully deprecate and don't try to open "/dev/log"
The "/dev/log" socket existed in pre-FreeBSD times.  Later it was
substituted to a compatibility symlink.  The symlink creation was
deprecated in FreeBSD 10.2 and 9-STABLE.

Reviewed by:		markj
Differential revision:	https://reviews.freebsd.org/D35304
2022-07-11 13:19:29 +02:00
Konrad Sewiłło-Jopek cf2ba7d7f8 arp: Implement sticky ARP mode for interfaces.
Provide sticky ARP flag for network interface which marks it as the
"sticky" one similarly to what we have for bridges. Once interface is
marked sticky, any address resolved using the ARP will be saved as a
static one in the ARP table. Such functionality may be used to prevent
ARP spoofing or to decrease latencies in Ethernet networks.

The drawbacks include potential limitations in usage of ARP-based
load-balancers and high-availability solutions such as carp(4).

The implemented option is disabled by default, therefore should not
impact the default behaviour of the networking stack.

Sponsored by:		Conclusive Engineering sp. z o.o.
Reviewed By:		melifaro, pauamma_gundo.com
Differential Revision: https://reviews.freebsd.org/D35314
MFC after:		2 weeks
2022-07-11 13:19:29 +02:00
Alan Somers 27dfb5f33f Correctly measure system load averages > 1024
The old fixed-point arithmetic used for calculating load averages had an
overflow at 1024.  So on systems with extremely high load, the observed
load average would actually fall back to 0 and shoot up again, creating
a kind of sawtooth graph.

Fix this by using 64-bit math internally, while still reporting the load
average to userspace as a 32-bit number.

Sponsored by:	Axcient
Reviewed by:	imp
Differential Revision: https://reviews.freebsd.org/D35134
2022-07-11 13:19:29 +02:00
Konstantin Belousov 0ed668df2c Add ifcap2 names for RXTLS4 and RXTLS6 interface capabilities
and corresponding nvlist capabilities name strings.

Reviewed by:	hselasky, jhb, kp (previous version)
Sponsored by:	NVIDIA Networking
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D32551
2022-07-11 13:19:29 +02:00
Konstantin Belousov 361bd82a1f Kernel-side infrastructure to implement nvlist-based set/get ifcaps
Reviewed by:	hselasky, jhb, kp (previous version)
Sponsored by:	NVIDIA Networking
MFC after:	3 weeks
Differential revision:	https://reviews.freebsd.org/D32551
2022-07-11 13:19:29 +02:00
Richard Scheffenegger aeced2f48a tcp: LRO code to deal with all 12 TCP header flags
TCP per RFC793 has 4 reserved flag bits for future use. One
of those bits may be used for Accurate ECN.
This patch is to include these bits in the LRO code to ease
the extensibility if/when these bits are used.

Reviewed By: hselasky, rrs, #transport
Sponsored by:        NetApp, Inc.
Differential Revision: https://reviews.freebsd.org/D34127
2022-07-11 13:19:29 +02:00
Mike Karels a9a87c1921 kernel: deprecate Internet Class A/B/C
Hide historical Class A/B/C macros unless IN_HISTORICAL_NETS is defined;
define it for user level.  Define IN_MULTICAST separately from IN_CLASSD,
and use it in pf instead of IN_CLASSD.  Stop using class for setting
default masks when not specified; instead, define new default mask
(24 bits).  Warn when an Internet address is set without a mask.

MFC after:	1 month
Reviewed by:	cy
Differential Revision: https://reviews.freebsd.org/D32708
2022-07-11 13:19:29 +02:00
Peter Lei 73784208e3 tcp: socket option to get stack alias name
TCP stack sysctl nodes are currently inserted using the stack
name alias. Allow the user to get the current stack's alias to
allow for programatic sysctl access.

Obtained from:	Netflix
2022-07-11 13:19:29 +02:00
Randall Stewart 0464f26db0 tcp: Add hystart-plus to cc_newreno and rack.
TCP Hystart draft version -03:
https://datatracker.ietf.org/doc/html/draft-ietf-tcpm-hystartplusplus

Is a new version of hystart that allows one to carefully exit slow start if the RTT
spikes too much. The newer version has a slower-slow-start so to speak that then
kicks in for five round trips. To see if you exited too early, if not into congestion avoidance.
This commit will add that feature to our newreno CC and add the needed bits in rack to
be able to enable it.

Reviewed by: tuexen
Sponsored by: Netflix Inc.
Differential Revision:	https://reviews.freebsd.org/D32373
2022-07-11 13:19:29 +02:00
Randall Stewart 57703f72c8 tcp: Add support for DSACK based reordering window to rack.
The rack stack, with respect to the rack bits in it, was originally built based
on an early I-D of rack. In fact at that time the TLP bits were in a separate
I-D. The dynamic reordering window based on DSACK events was not present
in rack at that time. It is now part of the RFC and we need to update our stack
to include these features. However we want to have a way to control the feature
so that we can, if the admin decides, make it stay the same way system wide as
well as via socket option. The new sysctl and socket option has the following
meaning for setting:

00 (0) - Keep the old way, i.e. reordering window is 1 and do not use DSACK bytes to add to reorder window
01 (1) - Change the Reordering window to 1/4 of an RTT but do not use DSACK bytes to add to reorder window
10 (2) - Keep the reordering window as 1, but do use SACK bytes to add additional 1/4 RTT delay to the reorder window
11 (3) - reordering window is 1/4 of an RTT and add additional DSACK bytes to increase the reordering window (RFC behavior)

The default currently in the sysctl is 3 so we get standards based behavior.
Reviewed by: tuexen
Sponsored by: Netflix Inc.
Differential Revision: https://reviews.freebsd.org/D31506
2022-07-11 13:19:29 +02:00
Andrew Gallatin 4bf5c259d3 tsleep: Add a PNOLOCK flag
Add a PNOLOCK flag so that, in the race circumstance where
wakeup races are externally mitigated, tsleep() can be
called with a sleep time of 0 without triggering an
an assertion.

Reviewed by: jhb
Sponsored by: Netflix
2022-07-11 13:19:29 +02:00
Roy Marples 356891f5e0 socket: Implement SO_RERROR
SO_RERROR indicates that receive buffer overflows should be handled as
errors. Historically receive buffer overflows have been ignored and
programs could not tell if they missed messages or messages had been
truncated because of overflows. Since programs historically do not
expect to get receive overflow errors, this behavior is not the
default.

This is really really important for programs that use route(4) to keep
in sync with the system. If we loose a message then we need to reload
the full system state, otherwise the behaviour from that point is
undefined and can lead to chasing bogus bug reports.

Reviewed by:	philip (network), kbowling (transport), gbe (manpages)
MFC after:	2 weeks
Differential Revision:	https://reviews.freebsd.org/D26652
2022-07-11 13:19:29 +02:00
Kristof Provost 5260d10c98 pf: syncookie support
Import OpenBSD's syncookie support for pf. This feature help pf resist
TCP SYN floods by only creating states once the remote host completes
the TCP handshake rather than when the initial SYN packet is received.

This is accomplished by using the initial sequence numbers to encode a
cookie (hence the name) in the SYN+ACK response and verifying this on
receipt of the client ACK.

Reviewed by:	kbowling
Obtained from:	OpenBSD
MFC after:	1 week
Sponsored by:	Modirum MDPay
Differential Revision:	https://reviews.freebsd.org/D31138
2022-07-11 13:19:29 +02:00
Randall Stewart b89c5a3e88 tcp: Add a socket option to rack
so we can test various changes to the slop value in timers.

Timer_slop, in TCP, has been 200ms for a long time. This value dates back
a long time when delayed ack timers were longer and links were slower. A
200ms timer slop allows 1 MSS to be sent over a 60kbps link. Its possible that
lowering this value to something more in line with todays delayed ack values (40ms)
might improve TCP. This bit of code makes it so rack can, via a socket option,
adjust the timer slop.

Reviewed by: mtuexen
Sponsered by: Netflix Inc
Differential Revision:	https://reviews.freebsd.org/D30249
2022-07-11 13:19:29 +02:00
Richard Scheffenegger d4971b6464 tcp: SACK Lost Retransmission Detection (LRD)
Recover from excessive losses without reverting to a
retransmission timeout (RTO). Disabled by default, enable
with sysctl net.inet.tcp.do_lrd=1

Reviewed By: #transport, rrs, tuexen, #manpages
Sponsored by: Netapp, Inc.
Differential Revision: https://reviews.freebsd.org/D28931
2022-07-11 13:19:29 +02:00
Randall Stewart a00ca7bd54 This brings into sync FreeBSD with the netflix
versions of rack and bbr. This fixes several breakages (panics) since the
tcp_lro code was committed that have been reported. Quite a few new features
are now in rack (prefecting of DGP -- Dynamic Goodput Pacing among the
largest). There is also support for ack-war prevention. Documents comming soon
on rack..

Sponsored by:           Netflix
Reviewed by:		rscheff, mtuexen
Differential Revision:	https://reviews.freebsd.org/D30036
2022-07-11 13:19:29 +02:00
John Baldwin 8424d5c949 Use thunks for compat ioctls using struct ifgroupreq.
Reviewed by:	brooks, kib
Obtained from:	CheriBSD
Sponsored by:	DARPA
Differential Revision:	https://reviews.freebsd.org/D29893
2022-07-11 13:19:29 +02:00
Konstantin Belousov 19a627f3a4 ioccom: define ioctl cmd value that can never be valid
Its use is for cases where some filler is needed for cmd, or we need an
indication that there were no cmd supplied, and so on.

Reviewed by:	jhb
Sponsored by:	The FreeBSD Foundation
MFC after:	1 week
Differential revision:	https://reviews.freebsd.org/D29935
2022-07-11 13:19:29 +02:00
Thomas Munro 363527bb03 poll(2): Add POLLRDHUP.
Teach poll(2) to support Linux-style POLLRDHUP events for sockets, if
requested.  Triggered when the remote peer shuts down writing or closes
its end.

Reviewed by:	kib
MFC after:	1 month
Differential Revision:	https://reviews.freebsd.org/D29757
2022-07-11 13:19:29 +02:00
Michael Tuexen 85140fb378 tcp: add support for TCP over UDP
Adding support for TCP over UDP allows communication with
TCP stacks which can be implemented in userspace without
requiring special priviledges or specific support by the OS.
This is joint work with rrs.

Reviewed by:		rrs
Sponsored by:		Netflix, Inc.
MFC after:		1 week
Differential Revision:	https://reviews.freebsd.org/D29469
2022-07-11 13:19:29 +02:00
Bjoern A. Zeeb defb5ffed4 termios: add more speeds
A lot of small arm64 gadgets are using 1500000 as console speed.
While cu can perfectly deal with this some 3rd party software, e.g.,
comms/conserver-con add speeds based on B<n> being defined.
Having it defined here simplifies enhancing other software.

Obtained-from:	NetBSD sys/sys/termios.h 1.36
MFC-after:	2 weeks
Reviewed-by:	philip (,okayed by imp)
Differential Revision:	https://reviews.freebsd.org/D29209
2022-07-11 13:19:29 +02:00