| Age | Commit message (Collapse) | Author |
|---|
|
make exec() clear the per process error string
to avoid spurious errors and confusion.
the errstr() syscall used to always swap the
maximum buffer size with memmove(), which is
problematic as this gives access to the garbage
beyond the NUL byte. worse, newproc(), werrstr()
and rerrstr() only clear the first byte of the
input buffer. so random stack rubble could be
leaked across processes.
we change the errstr() syscall to not copy
beyond the NUL byte.
the manpage also documents that errstr() should
truncate on a utf8 boundary so we use utfecpy()
to ensure proper NUL termination.
|
|
|
|
kvik writes:
dnsquery(8) prints the interactive prompt on stdout together with
query results, making scripted usage unnecessarily difficult.
A straightforward solution is prompting on stderr instead: as
practiced by rc(1), among many others -- promptly taking care of
the issue:
; echo 9front.org mx | ndb/dnsquery >[2]/dev/null
|
|
|
|
kvik writes:
I needed to convert the RSA private key that was laying around in
secstore into a format understood by UNIX® tools like SSH.
With asn12rsa(8) we can go from the ASN.1/DER to Plan 9 format, but not
back - so I wrote the libsec function asn1encodeRSApriv(2) and used it in
rsa2asn1(8) by adding the -a flag which causes the full private key to be
encoded and output.
|
|
the idea is to catch bugs and make kernel exploitation
harder by mapping the kernel text section readonly
and everything else no-execute.
l.s maps the KZERO address space using 2MB pages so
to get the 4K granularity for the text section we use
the new ptesplit() function to split that mapping up.
we need to set EFER no-execute enable bit early
in apbootstrap so secondary application processors
will understand the NX bit in our shared kernel page
tables. also APBOOTSTRAP needs to be kept executable.
rebootjump() needs to mark REBOOTADDR page executable.
|
|
mischief reports:
this assembler input assembles with 6a but makes 6l crash.
// 6a l.s
// 6l l.6
// _intrr: unknown relation: TEXT in _intrr
// 6l 511: suicide: sys: trap: fault write addr=0x18 pc=0x20789c
TEXT noteret(SB), 1, $-4
CLI
JMP _intrestore // works when commented
TEXT _intrr(SB), 1, $-4
_intrestore:
RET
TEXT _main(SB), 1, $-4
RET
|
|
segattach(), set SG_RONLY in data2txt()
the user should not be able to change the cache
attributes for a segment in segattach() as this
can cause the same memory to be mapped with
conflicting attributes in the cache.
SG_TEXT should always be mapped with SG_RONLY
attribute. so fix data2txt() to follow the rules.
|
|
|
|
|
|
|
|
fault() now has an additional pc argument that is
used to detect fault on a non-executable segment.
that is, we check on read fault if the segment
has the SG_NOEXEC attribute and the program counter
is within faulting page.
|
|
add PTECACHED bits
a portable SG_NOEXEC segment attribute was added to allow
non-executable (physical) segments. which will set the
PTENOEXEC bits for putmmu().
in the future, this can be used to make non-executable
stack / bss segments.
the SG_DEVICE attribute was added to distinguish between
mmio regions and uncached memory. only matterns on arm64.
on arm, theres the issue that PTEUNCACHED would have
no bits set when using the hardware bit definitions.
this is the reason bcm, kw, teg2 and omap kernels use
arteficial PTE constants. on zynq, the XN bit was used
as a hack to give PTEUNCACHED a non-zero value and when
the bit is clear then cache attributes where added to
the pte.
to fix this, PTECACHED constant was added.
the portable mmu code in fault.c will now explicitely set
PTECACHED bits for cached memory and PTEUNCACHED for
uncached memory. that way the hardware bit definitions
can be used everywhere.
|
|
fix never updating p when snarf is reallocated,
resulting in memory corruption.
|
|
|
|
the new driver supports 50MHz highspeed bus mode
and uses ADMA instead of SDMA.
|
|
|
|
|
|
aliasing, implement vmap() proper
on the 2GB and 4GB raspberry pi 4 variants, there are two
memory regions for ram:
[0x00000000..0x3e600000)
[0x40000000..0xfc000000)
the framebuffer is somewhere at the end of the first
GB of memory.
to handle these, we append the region base and limit
of the second region to *maxmem= like:
*maxmem=0x3e600000 0x40000000 0xfc000000
the mmu code has been changed to have non-existing
ram unmapped and mmukmap() now uses small 64K pages
instead of 512GB pages to avoid aliasing (framebuffer).
the VIRTPCI mapping has been removed as we now have
a proper vmap() implementation which assigns vritual
addresses automatically.
|
|
|
|
make early boot messages available by writing out
kmesg.buf after uart and screen initialization.
|
|
bcm/bcm64
|
|
|
|
richard miller)
the register does not seem to be accessible on the Rpi 3b.
so instead hardcode oscfreq in the Soc structure.
|
|
|
|
|
|
|
|
this adds a 4GB KMAP window into the kernel address space
so we can access all physical ram on raspberry pi 4 for
user pages.
note that kernel memory above KZERO is still limited
to 1GB because of DMA restrictions.
|
|
|
|
|
|
|
|
the hangs where caused by missing NX bits on the mmio mappings,
so the debug code is not needed anymore.
|
|
|
|
|
|
|
|
|
|
according to the following linux change, BCM2711 uses a different
method for changing pullup/down mode:
https://github.com/raspberrypi/linux/commit/abcfd092860760087b87acbdda0963fe7906839c#diff-cf078559c38543ac72c5db99323e236d
gpiomeminit() was broken, using virtual address for the gpio physseg
instead of the physical one.
cleanup the code, avoid repetition by declaring static u32int *regs
variable. make local variable names consistent.
|
|
the raspberry pi 4 uses 54 instead of 19.2 MHz crystal.
detect which frequency is used by reading OTP bootmode
register:
https://www.raspberrypi.org/documentation/hardware/raspberrypi/otpbits.md
Bit 1: sets the oscillator frequency to 19.2MHz
|
|
|
|
cache-line-size aligned buffer
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
the raspberry pi 4 has a new interrupt controller and
pci support, so get rid of intrenable() macro and
properly make intrenable function with tbdf argument.
|
|
the raspberry pi4 firmware refuses to enable the GIC interrup controller
for arm64 when the .img file is not a multiple of 4 bytes. yes, this
is insane and nowhere documented.
|
|
configurable in Soc.virtio and Soc.iosize
|
