| Age | Commit message (Collapse) | Author |
|---|
|
we can encrypt the 256 bit chacha key on each invocation
making it hard to reconstruct previous outputs of the
generator given the current state (backtracking resiatance).
|
|
the "halt" command written to /dev/reboot just causes the
machine to crash... its also undocumented... removing it.
--
cinap
|
|
leave the block counter to chacha_encrypt() and increment the 96 bit
iv instead.
|
|
the kernels custom rand() and nrand() functions where not working
as specified in rand(2). now we just use libc's rand() and nrand()
functions but provide a custom lrand() impelmenting the xoroshiro128+
algorithm as proposed by aiju.
|
|
we now access the user buffer in randomread() outside of the lock,
only copying and advancing the chacha state under the lock. this
means we can use randomread() within the fault handling path now
without fearing deadlock. this also allows multiple readers to
generate random numbers in parallel.
|
|
to prng()
|
|
|
|
|
|
and rebalance(), handle ticks wrap arround in hzsched()
|
|
this code isnt time critical and process TReal delta can become
very long, so use tk2ms() which is less prone to overflow.
|
|
we might wake up on a different cpu after the sleep so
delta from machX->ticks - machY->ticks can become negative
giving spurious timeouts. to avoid this always use the
same mach 0 tick counter for the delta.
|
|
the manpage states that capabilities time out after a minute,
so we add ticks field into the Caphash struct and record the
time when the capability was inserted. freeing old capabilities
is handled in trimcaps(), which makes room for one extra cap
and frees timed out ones.
we also limit the capuse write size to less than 1024 bytes to
prevent denial of service as we have to copy the user buffer.
(memory exhaustion).
we have to check the from user *before* attempting to remove
the capability! the wrong user shouldnt be able to change any
state. this fixes the memory leak of the caphash.
do the hash comparsion with tsmemcmp(), avoiding timing
side channels.
allocate the capabilities in secret memory pool to prevent
debugger access.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
The kernel needs to keep cryptographic keys and cipher states
confidential. secalloc() allocates memory from the secret pool
which is protected from debuggers reading the memory thru devproc.
secfree() releases the memory, overriding the data with garbage.
|
|
|
|
mntrahread() had the prefetch window condition wrong so
it would very agressively prefetch ignoring the prefetch
window.
|
|
|
|
fdtochan()
|
|
|
|
when fd 2 (stderr) points to a mount channel, dont
cause protocol confusion by dumping error strings
into it.
|
|
|
|
the first time rtl8169link is called (from rtl8169pnp), the link isn't up, so
setting edev->mbps based on Phystatus register is skipped. edev->mbps is then
still set at the default 100, and that ends up being what devether uses.
this is why some rtl8169 cards are misprinted as 100Mbps in kmesg.
later, after rtl8169link is called again from rtl8169interrupt, the link is up
and edev->mbps is set to the correct value (as shown by e.g. /net/ether0/stats).
so instead, set speed regardless of link status.
|
|
the arm compiler can lift long->vlong casts on multiplcation
and convert 64x64->64 multiplication into a 32x32->64 one
with optional 64 bit accumulate.
|
|
|
|
|
|
for g35 (thanks kenji)
|
|
|
|
to the file server
|
|
forsyth)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
http://www.9legacy.org/9legacy/patch/pc-ether82563-i210.diff (thanks k0ga)
This patch is only an adaptation for 9front of the patch located in
http://www.9legacy.org/9legacy/patch/pc-ether82563-i210.diff. The
major difference is that this patch ignores errors in checksum of
eeprom, because in my system the checksum was wrong. After 3 months,
I didn't have problems, and I think the patch can be used. although
it has some things that need to be fixed. If the link is inactive
when the system boots then it will remain inactive forever.
|
|
|
|
|
|
- return distinct error message when attempting to create Globalseg with physseg name
- copy directory name to up->genbuf so it stays valid after we unlock(&glogalseglock)
- cleanup wstat() handling, allow changing uid
- make sure global segment size is below SEGMAXSIZE
- move isoverlap() check from globalsegattach() into segattach()
- remove Proc* argument from globalsegattach(), segattach() and isoverlap()
- make Physseg.attr and segattach attr parameter an int for consistency
|
