The NetBSD Project

CVS log for src/external/cddl/osnet/dev/fbt/x86/fbt_isa.c

[BACK] Up to [] / src / external / cddl / osnet / dev / fbt / x86

Request diff between arbitrary revisions

Default branch: MAIN

Revision 1.6 / (download) - annotate - [select for diffs], Wed Aug 18 11:26:17 2021 UTC (21 months, 2 weeks ago) by riastradh
Branch: MAIN
CVS Tags: netbsd-10-base, netbsd-10, HEAD
Changes since 1.5: +2 -2 lines
Diff to previous 1.5 (colored)

PR/56355: Exclude the symbol trap, not all symbols other than trap.

Revision 1.5 / (download) - annotate - [select for diffs], Sun Aug 15 16:33:57 2021 UTC (21 months, 3 weeks ago) by christos
Branch: MAIN
Changes since 1.4: +4 -4 lines
Diff to previous 1.4 (colored)

PR/56355: Taylor Campbell: restore strcmp() over strncmp()

Revision 1.4 / (download) - annotate - [select for diffs], Wed Aug 11 11:16:49 2021 UTC (21 months, 3 weeks ago) by christos
Branch: MAIN
Changes since 1.3: +4 -3 lines
Diff to previous 1.3 (colored)

PR/56355: Brad Harder: dtrace triggers double-fault in supervisor mode

Revision 1.3 / (download) - annotate - [select for diffs], Sat May 2 11:37:17 2020 UTC (3 years, 1 month ago) by maxv
Branch: MAIN
CVS Tags: cjep_sun2x-base1, cjep_sun2x-base, cjep_sun2x, cjep_staticlib_x-base1, cjep_staticlib_x-base, cjep_staticlib_x
Changes since 1.2: +25 -3 lines
Diff to previous 1.2 (colored)

Modify the hotpatch mechanism, in order to make it much less ROP-friendly.

Currently x86_patch_window_open is a big problem, because it is a perfect
function to inject/modify executable code with ROP.

 - Remove x86_patch_window_open(), along with its x86_patch_window_close()
 - Introduce a read-only link-set of hotpatch descriptor structures,
   which reference a maximum of two read-only hotpatch sources.
 - Modify x86_hotpatch() to open a window and call the new
   x86_hotpatch_apply() function in a hard-coded manner.
 - Modify x86_hotpatch() to take a name and a selector, and have
   x86_hotpatch_apply() resolve the descriptor from the name and the
   source from the selector, before hotpatching.
 - Move the error handling in a separate x86_hotpatch_cleanup() function,
   that gets called after we closed the window.

The resulting implementation is a bit complex and non-obvious. But it
gains the following properties: the code executed in the hotpatch window
is strictly hard-coded (no callback and no possibility to execute your own
code in the window) and the pointers this code accesses are strictly
read-only (no possibility to forge pointers to hotpatch an area that was
not designated as hotpatchable at compile-time, and no possibility to
choose what bytes to write other than the maximum of two read-only
templates that were designated as valid for the given destination at

With current CPUs this slightly improves a situation that is already
pretty bad by definition on x86. Assuming CET however, this change closes
a big hole and is kinda great.

The only ~problem there is, is that dtrace-fbt tries to hotpatch random
places with random bytes, and there is just no way to make it safe.
However dtrace is only in a module, that is rarely used and never compiled
into the kernel, so it's not a big problem; add a shitty & vulnerable
independent hotpatch window in it, and leave big XXXs. It looks like fbt
is going to collapse soon anyway.

Revision / (download) - annotate - [select for diffs], Mon Apr 13 07:56:36 2020 UTC (3 years, 1 month ago) by martin
Branch: phil-wifi
Changes since 1.1: +3 -16 lines
Diff to previous 1.1 (colored) next main 1.2 (colored)

Mostly merge changes from HEAD upto 20200411

Revision 1.2 / (download) - annotate - [select for diffs], Wed Nov 13 10:13:41 2019 UTC (3 years, 6 months ago) by maxv
Branch: MAIN
CVS Tags: phil-wifi-20200421, phil-wifi-20200411, phil-wifi-20200406, phil-wifi-20191119, is-mlppp-base, is-mlppp
Changes since 1.1: +4 -17 lines
Diff to previous 1.1 (colored)

Use x86_patch_window_{open,close}. This also fixes a bug: the CR0/PSL
reloads were inverted.

Revision / (download) - annotate - [select for diffs], Mon Jun 25 07:25:14 2018 UTC (4 years, 11 months ago) by pgoyette
Branch: pgoyette-compat
CVS Tags: pgoyette-compat-merge-20190127
Changes since +425 -0 lines
Diff to previous (colored) to branchpoint 1.1 (colored) next main 1.2 (colored)

Sync with HEAD

Revision, Mon May 28 23:47:39 2018 UTC (5 years ago) by pgoyette
Branch: pgoyette-compat
Changes since 1.1: +0 -425 lines

file fbt_isa.c was added on branch pgoyette-compat on 2018-06-25 07:25:14 +0000

Revision 1.1 / (download) - annotate - [select for diffs], Mon May 28 23:47:39 2018 UTC (5 years ago) by chs
Branch: MAIN
CVS Tags: phil-wifi-base, phil-wifi-20190609, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, netbsd-9-base, netbsd-9-3-RELEASE, netbsd-9-2-RELEASE, netbsd-9-1-RELEASE, netbsd-9-0-RELEASE, netbsd-9-0-RC2, netbsd-9-0-RC1, netbsd-9
Branch point for: phil-wifi, pgoyette-compat

add some new files missed by my script:
merge a new version of the CDDL dtrace and ZFS code.
this changes the upstream vendor from OpenSolaris to FreeBSD,
and this version is based on FreeBSD svn r315983.

in addition to the 10 years of improvements from upstream,
this version also has these NetBSD-specific enhancements:
 - dtrace FBT probes can now be placed in kernel modules.
 - ZFS now supports mmap().

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>