Browse Source

Merge branch 'freebsd/current/master' into hardened/current/master

* freebsd/current/master:
  Set a "kernbase" symbol in 32-bit arm locore.S and use it with ldscript.arm.
  Add warning printf w.r.t. removal of sys/nfs/nfs_lock.c.
  Formatting fixes for tables, no content changes.
  sh: Test that executing various binary files is rejected
  Determine whether the MMU hardware is capable of updating a page table entry's access flag and dirty state, and enable this feature when it's available.
  linux(4): implement copy_file_range(2)
hardened/current/master
HardenedBSD Sync Service 6 months ago
parent
commit
5aabfb51f7
18 changed files with 157 additions and 23 deletions
  1. +4
    -0
      bin/sh/tests/execution/Makefile
  2. +18
    -0
      bin/sh/tests/execution/shellproc2.0
  3. +14
    -0
      bin/sh/tests/execution/shellproc3.0
  4. +14
    -0
      bin/sh/tests/execution/shellproc4.0
  5. +14
    -0
      bin/sh/tests/execution/shellproc5.0
  6. +18
    -8
      share/man/man7/arch.7
  7. +0
    -2
      sys/amd64/linux/linux_dummy.c
  8. +0
    -2
      sys/amd64/linux32/linux32_dummy.c
  9. +4
    -2
      sys/arm/arm/locore-v4.S
  10. +3
    -0
      sys/arm/arm/locore-v6.S
  11. +17
    -1
      sys/arm64/arm64/locore.S
  12. +1
    -2
      sys/arm64/arm64/pmap.c
  13. +5
    -0
      sys/arm64/include/armreg.h
  14. +0
    -2
      sys/arm64/linux/linux_dummy.c
  15. +41
    -0
      sys/compat/linux/linux_file.c
  16. +2
    -2
      sys/conf/Makefile.arm
  17. +0
    -2
      sys/i386/linux/linux_dummy.c
  18. +2
    -0
      sys/nfs/nfs_lock.c

+ 4
- 0
bin/sh/tests/execution/Makefile View File

@@ -55,6 +55,10 @@ ${PACKAGE}FILES+= set-x2.0
${PACKAGE}FILES+= set-x3.0
${PACKAGE}FILES+= set-x4.0
${PACKAGE}FILES+= shellproc1.0
${PACKAGE}FILES+= shellproc2.0
${PACKAGE}FILES+= shellproc3.0
${PACKAGE}FILES+= shellproc4.0
${PACKAGE}FILES+= shellproc5.0
${PACKAGE}FILES+= subshell1.0 subshell1.0.stdout
${PACKAGE}FILES+= subshell2.0
${PACKAGE}FILES+= subshell3.0

+ 18
- 0
bin/sh/tests/execution/shellproc2.0 View File

@@ -0,0 +1,18 @@
# $FreeBSD$
# This tests a quality of implementation issue.
# Shells are not required to reject executing binary files as shell scripts
# but executing, for example, ELF files for a different architecture as
# shell scripts may have annoying side effects.

T=`mktemp -d "${TMPDIR:-/tmp}/sh-test.XXXXXXXX"` || exit
trap 'rm -rf "${T}"' 0
printf '\0' >"$T/testshellproc"
chmod 755 "$T/testshellproc"
if [ ! -s "$T/testshellproc" ]; then
printf "printf did not write a NUL character\n" >&2
exit 2
fi
PATH=$T:$PATH
errout=`testshellproc 3>&2 2>&1 >&3 3>&-`
r=$?
[ "$r" = 126 ] && [ -n "$errout" ]

+ 14
- 0
bin/sh/tests/execution/shellproc3.0 View File

@@ -0,0 +1,14 @@
# $FreeBSD$
# This tests a quality of implementation issue.
# Shells are not required to reject executing binary files as shell scripts
# but executing, for example, ELF files for a different architecture as
# shell scripts may have annoying side effects.

T=`mktemp -d "${TMPDIR:-/tmp}/sh-test.XXXXXXXX"` || exit
trap 'rm -rf "${T}"' 0
printf '\177ELF\001!!\011\0\0\0\0\0\0\0\0' >"$T/testshellproc"
chmod 755 "$T/testshellproc"
PATH=$T:$PATH
errout=`testshellproc 3>&2 2>&1 >&3 3>&-`
r=$?
[ "$r" = 126 ] && [ -n "$errout" ]

+ 14
- 0
bin/sh/tests/execution/shellproc4.0 View File

@@ -0,0 +1,14 @@
# $FreeBSD$
# This tests a quality of implementation issue.
# Shells are not required to reject executing binary files as shell scripts
# but executing, for example, ELF files for a different architecture as
# shell scripts may have annoying side effects.

T=`mktemp -d "${TMPDIR:-/tmp}/sh-test.XXXXXXXX"` || exit
trap 'rm -rf "${T}"' 0
printf '\211PNG\015\012\032\012\0\0\0\015IHDR' >"$T/testshellproc"
chmod 755 "$T/testshellproc"
PATH=$T:$PATH
errout=`testshellproc 3>&2 2>&1 >&3 3>&-`
r=$?
[ "$r" = 126 ] && [ -n "$errout" ]

+ 14
- 0
bin/sh/tests/execution/shellproc5.0 View File

@@ -0,0 +1,14 @@
# $FreeBSD$
# This tests a quality of implementation issue.
# Shells are not required to reject executing binary files as shell scripts
# but executing, for example, ELF files for a different architecture as
# shell scripts may have annoying side effects.

T=`mktemp -d "${TMPDIR:-/tmp}/sh-test.XXXXXXXX"` || exit
trap 'rm -rf "${T}"' 0
printf '\177ELF\001!!\012\0\0\0\0\0\0\0\0' >"$T/testshellproc"
chmod 755 "$T/testshellproc"
PATH=$T:$PATH
errout=`testshellproc 3>&2 2>&1 >&3 3>&-`
r=$?
[ "$r" = 126 ] && [ -n "$errout" ]

+ 18
- 8
share/man/man7/arch.7 View File

@@ -139,6 +139,7 @@ and
.Vt void *
are 8 bytes.
.El
.Pp
Compilers define the
.Dv _LP64
symbol when compiling for an
@@ -163,6 +164,7 @@ Examples are:
.It Dv mips64* Ta Dv mips*
.It Dv aarch64 Ta Dv armv6/armv7
.El
.Pp
.Dv aarch64
will support execution of
.Dv armv6
@@ -184,6 +186,7 @@ On all supported architectures:
.It float Ta 4
.It double Ta 8
.El
.Pp
Integers are represented in two's complement.
Alignment of integer and pointer types is natural, that is,
the address of the variable must be congruent to zero modulo the type size.
@@ -421,8 +424,9 @@ Most of the externally settable variables are defined in the
man page.
These variables are not otherwise documented and are used extensively
in the build system.
.Bl -column -offset indent "Sy Variable" "Sy Meaning and usage"
.It Dv MACHINE Represent the hardware platform.
.Bl -tag -width "MACHINE_CPUARCH"
.It Dv MACHINE
Represent the hardware platform.
This is the same as the native platform's
.Xr uname 1
.Fl m
@@ -457,7 +461,8 @@ Generally,
.Dv MACHINE
should only be used in src/sys and src/stand or in system imagers or
installers.
.It Dv MACHINE_ARCH Represents the CPU processor architecture.
.It Dv MACHINE_ARCH
Represents the CPU processor architecture.
This is the same as the native platforms
.Xr uname 1
.Fl p
@@ -488,7 +493,8 @@ It is unfortunate that amd64 specifies the 64-bit evolution of the x86
platform (it matches the 'first rule') as everybody else uses x86_64.
There is no standard name for the processor: each OS selects its own
conventions.
.It Dv MACHINE_CPUARCH Represents the source location for a given
.It Dv MACHINE_CPUARCH
Represents the source location for a given
.Dv MACHINE_ARCH .
It is generally the common prefix for all the MACHINE_ARCH that
share the same implementation, though 'riscv' breaks this rule.
@@ -502,25 +508,29 @@ The FreeBSD source base supports amd64 and i386 with two
distinct source bases living in subdirectories named amd64 and i386
(though behind the scenes there's some sharing that fits into this
framework).
.It Dv CPUTYPE Sets the flavor of
.It Dv CPUTYPE
Sets the flavor of
.Dv MACHINE_ARCH
to build.
It is used to optimize the build for a specific CPU / core that the
binaries run on.
Generally, this does not change the ABI, though it can be a fine line
between optimization for specific cases.
.It Dv TARGET Used to set
.It Dv TARGET
Used to set
.Dv MACHINE
in the top level Makefile for cross building.
Unused outside of that scope.
It is not passed down to the rest of the build.
Makefiles outside of the top level should not use it at all (though
some have their own private copy for hysterical raisons).
.It Dv TARGET_ARCH Used to set
.It Dv TARGET_ARCH
Used to set
.Dv MACHINE_ARCH
by the top level Makefile for cross building.
Like
.Dv TARGET , it is unused outside of that scope.
.Dv TARGET ,
it is unused outside of that scope.
.El
.Sh SEE ALSO
.Xr src.conf 5 ,

+ 0
- 2
sys/amd64/linux/linux_dummy.c View File

@@ -144,8 +144,6 @@ DUMMY(userfaultfd);
DUMMY(membarrier);
/* Linux 4.4: */
DUMMY(mlock2);
/* Linux 4.5: */
DUMMY(copy_file_range);
/* Linux 4.6: */
DUMMY(preadv2);
DUMMY(pwritev2);

+ 0
- 2
sys/amd64/linux32/linux32_dummy.c View File

@@ -148,8 +148,6 @@ DUMMY(userfaultfd);
DUMMY(membarrier);
/* Linux 4.4: */
DUMMY(mlock2);
/* Linux 4.5: */
DUMMY(copy_file_range);
/* Linux 4.6: */
DUMMY(preadv2);
DUMMY(pwritev2);

+ 4
- 2
sys/arm/arm/locore-v4.S View File

@@ -62,9 +62,11 @@ __FBSDID("$FreeBSD$");
*/
.text
.align 2

.globl kernbase
.set kernbase,KERNVIRTADDR

#ifdef PHYSADDR
.globl kernbase
.set kernbase,KERNBASE
.globl physaddr
.set physaddr,PHYSADDR
#endif

+ 3
- 0
sys/arm/arm/locore-v6.S View File

@@ -59,6 +59,9 @@ __FBSDID("$FreeBSD$");
.text
.align 2

.globl kernbase
.set kernbase,KERNVIRTADDR

#if __ARM_ARCH >= 7
#define HANDLE_HYP \
/* Leave HYP mode */ ;\

+ 17
- 1
sys/arm64/arm64/locore.S View File

@@ -683,7 +683,8 @@ start_mmu:

/*
* Setup TCR according to the PARange and ASIDBits fields
* from ID_AA64MMFR0_EL1. More precisely, set TCR_EL1.AS
* from ID_AA64MMFR0_EL1 and the HAFDBS field from the
* ID_AA64MMFR1_EL1. More precisely, set TCR_EL1.AS
* to 1 only if the ASIDBits field equals 0b0010.
*/
ldr x2, tcr
@@ -700,6 +701,21 @@ start_mmu:
/* Set TCR.AS with x3 */
bfi x2, x3, #(TCR_ASID_SHIFT), #(TCR_ASID_WIDTH)

/*
* Check if the HW supports access flag and dirty state updates,
* and set TCR_EL1.HA and TCR_EL1.HD accordingly.
*/
mrs x3, id_aa64mmfr1_el1
and x3, x3, #(ID_AA64MMFR1_HAFDBS_MASK)
cmp x3, #1
b.ne 1f
orr x2, x2, #(TCR_HA)
b 2f
1:
cmp x3, #2
b.ne 2f
orr x2, x2, #(TCR_HA | TCR_HD)
2:
msr tcr_el1, x2

/*

+ 1
- 2
sys/arm64/arm64/pmap.c View File

@@ -3511,8 +3511,7 @@ validate:
KASSERT(opa == pa, ("pmap_enter: invalid update"));
if ((orig_l3 & ~ATTR_AF) != (new_l3 & ~ATTR_AF)) {
/* same PA, different attributes */
/* XXXMJ need to reload orig_l3 for hardware DBM. */
pmap_load_store(l3, new_l3);
orig_l3 = pmap_load_store(l3, new_l3);
pmap_invalidate_page(pmap, va);
if ((orig_l3 & ATTR_SW_MANAGED) != 0 &&
pmap_pte_dirty(orig_l3))

+ 5
- 0
sys/arm64/include/armreg.h View File

@@ -619,6 +619,11 @@
#define PSR_FLAGS 0xf0000000

/* TCR_EL1 - Translation Control Register */
#define TCR_HD_SHIFT 40
#define TCR_HD (0x1UL << TCR_HD_SHIFT)
#define TCR_HA_SHIFT 39
#define TCR_HA (0x1UL << TCR_HA_SHIFT)

#define TCR_ASID_SHIFT 36
#define TCR_ASID_WIDTH 1
#define TCR_ASID_16 (0x1UL << TCR_ASID_SHIFT)

+ 0
- 2
sys/arm64/linux/linux_dummy.c View File

@@ -142,8 +142,6 @@ DUMMY(userfaultfd);
DUMMY(membarrier);
/* Linux 4.4: */
DUMMY(mlock2);
/* Linux 4.5: */
DUMMY(copy_file_range);
/* Linux 4.6: */
DUMMY(preadv2);
DUMMY(pwritev2);

+ 41
- 0
sys/compat/linux/linux_file.c View File

@@ -1565,3 +1565,44 @@ linux_fallocate(struct thread *td, struct linux_fallocate_args *args)
return (kern_posix_fallocate(td, args->fd, args->offset,
args->len));
}

int
linux_copy_file_range(struct thread *td, struct linux_copy_file_range_args
*args)
{
l_loff_t inoff, outoff, *inoffp, *outoffp;
int error, flags;

/*
* copy_file_range(2) on Linux doesn't define any flags (yet), so is
* the native implementation. Enforce it.
*/
if (args->flags != 0) {
linux_msg(td, "copy_file_range unsupported flags 0x%x",
args->flags);
return (EINVAL);
}
flags = 0;
inoffp = outoffp = NULL;
if (args->off_in != NULL) {
error = copyin(args->off_in, &inoff, sizeof(l_loff_t));
if (error != 0)
return (error);
inoffp = &inoff;
}
if (args->off_out != NULL) {
error = copyin(args->off_out, &outoff, sizeof(l_loff_t));
if (error != 0)
return (error);
outoffp = &outoff;
}

error = kern_copy_file_range(td, args->fd_in, inoffp, args->fd_out,
outoffp, args->len, flags);
if (error == 0 && args->off_in != NULL)
error = copyout(inoffp, args->off_in, sizeof(l_loff_t));
if (error == 0 && args->off_out != NULL)
error = copyout(outoffp, args->off_out, sizeof(l_loff_t));
return (error);
}


+ 2
- 2
sys/conf/Makefile.arm View File

@@ -61,7 +61,7 @@ KERNVIRTADDR= 0xc0000000
# "ELF for the ARM architecture" for more info on the mapping symbols.
SYSTEM_LD= \
${SYSTEM_LD_BASECMD} \
--defsym='text_start=${KERNVIRTADDR} + SIZEOF_HEADERS' \
--defsym='text_start=kernbase + SIZEOF_HEADERS' \
-o ${.TARGET} ${SYSTEM_OBJS} vers.o; \
$(OBJCOPY) \
--wildcard \
@@ -77,7 +77,7 @@ KERNEL_EXTRA_INSTALL+= ${KERNEL_KO}.bin
${KERNEL_KO}.bin: ${SYSTEM_DEP} vers.o
@echo "linking ${.TARGET}"
@${SYSTEM_LD_BASECMD} \
--defsym='text_start=${KERNVIRTADDR}' \
--defsym='text_start=kernbase' \
-o ${.TARGET} ${SYSTEM_OBJS} vers.o
${SIZE} ${.TARGET}
@${OBJCOPY} \

+ 0
- 2
sys/i386/linux/linux_dummy.c View File

@@ -144,8 +144,6 @@ DUMMY(userfaultfd);
DUMMY(membarrier);
/* Linux 4.4: */
DUMMY(mlock2);
/* Linux 4.5: */
DUMMY(copy_file_range);
/* Linux 4.6: */
DUMMY(preadv2);
DUMMY(pwritev2);

+ 2
- 0
sys/nfs/nfs_lock.c View File

@@ -89,6 +89,8 @@ nfslock_open(struct cdev *dev, int oflags, int devtype, struct thread *td)
{
int error;

printf("WARNING: uses Giant and will be removed before FreeBSD 13\n"
"\tuse the kernel NFSLOCKD/nfslockd.ko\n");
error = priv_check(td, PRIV_NFS_LOCKD);
if (error)
return (error);

Loading…
Cancel
Save