summaryrefslogtreecommitdiffstats
path: root/sys/lib/libsa (follow)
Commit message (Collapse)AuthorAgeFilesLines
* spellingjsg2021-03-123-6/+6
|
* Use daddr_t and not daddr32_t in boot media.krw2020-12-091-2/+2
| | | | | | | | | | At a minimum, amd64/i386 should now boot from 4TB GPT formatted disks. More daddr32_t terminations with extreme prejudice to follow. Tested by various, in snaps for a few days. ok deraadt@
* Remove an unneeded variable.visa2020-10-261-3/+3
| | | | OK kettenis@
* Fix a warning false positive from clang 10.millert2020-07-091-2/+2
| | | | | | | blf_enc() takes a number of 64-bit blocks to encrypt, but using sizeof(uint64_t) in the calculation triggers a warning from clang 10 because the actual data type is uint32_t. Pass BCRYPT_WORDS / 2 for the number of blocks like libc bcrypt(3) does. OK kettenis@
* If we pass a packet length larger than 2^16, we should panic() insteadpatrick2020-05-191-5/+3
| | | | | | | | | | of returning -1. With a return type of u_int16_t, -1 is not different to a valid checksum. For incoming packets, the header lengths don't exceed that size anyway, but for outgoing packets it's better to see if our bootloader crafts a broken one. Discussed with gerhard@ ok deraadt@ procter@
* Sync in_cksum.c to the same version ospfd has. This fixes problemspatrick2020-05-182-30/+29
| | | | | | | | | | with odd packet lengths, which can happen when using TFTP to load a file with an odd length. ospfd actually took dvmrpd's version in 2006 to fix the same issue, and both daemons implementations are the same. For the bootloader we keep the consts from the previous version and replace the fatal with a print and return. ok deraadt@
* Next step in prepping for ffs2 installs: introduce a new install script varotto2020-02-291-0/+1
| | | | MDFSOPT and add a missing prototype.
* Add an element to the marks array to store the virtual address of thekettenis2019-11-292-3/+5
| | | | | | entry point. ok mlarkin@, deraadt@
* Implement a hexdump command in the boot loader. This helps tobluhm2019-11-282-1/+54
| | | | | | inspect the memory layout that the firmware has created. It is especially useful for UEFI debugging. OK deraadt@ kettenis@
* Reduce BOOTRANDOM_MAX to 256. naddy pointed out there's no point havingderaadt2019-11-011-2/+2
| | | | | it larger than RC4STATE. A long discussion ensued. In conclusion all entropy inputs are either satisfactory enough, or just as shitty at 512.
* Use arc4 to bit-spread the 512-byte random buffer over the .openbsd.randomdataderaadt2019-10-291-9/+8
| | | | | | | | | section, which has grown a fair bit with the introduction of retguard. Mortimer discovered the repeated 512-byte sequence as retguard keys, and this resolves the issue. (Chacha does not fit on the media, so 1.5K early drop RC4 is hopefully sufficient in our KARL link universe) Version crank the bootblocks. sysupgrade -s will install new bootblocks. ok djm mortimer
* add arc4 cipher to the bootblocksderaadt2019-10-292-0/+118
| | | | ok djm mortimer
* In the bootblocks, after discovering and opening /bsd.upgrade, fchmod -xderaadt2019-08-036-6/+176
| | | | | | | | | | | | | | | | so the file cannot be re-executed upon the next boot. This provides a stronger one-shot-upgrade model than the upgrade script's rm /bsd.upgrade. Now various forms of upgrade failure will reboot into /bsd, which is probably more recoverable. Performing fchmod -x depends on (1) use of MI boot.c (not alpha/macppc/sparc64/sgi/octeon) and (2) "can write blocks" functionality in the IO layer. Most architectures have this support now. Two diagnostics "fchmod a-x %s: failed" and "/bsd.upgrade is not u+x" will remain in the tree while refinements happen for some of the laggard architectures. based upon a discussion florian tested in snapshots for more than a week without any complaints
* we have never built without %b supportderaadt2019-05-112-7/+2
|
* libsa's memcpy() is actually memmove(). make a proper memmove(), and givederaadt2019-04-204-13/+63
| | | | memcpy() correct behaviour. This also brings the bcopy() macro into line.
* change marks[] array to uint64_t, so the code can track full 64-bitderaadt2019-04-103-9/+9
| | | | | details from the ELF header instead of faking it. Proposal from mlarkin, tested on most architectures already
* Make the freelist best fit code a tiny bit smarter to not use a block ifotto2018-12-161-2/+2
| | | | | half or more would be wasted. Causes more effective re-use of blocks. ok jsing@
* Retry on incorrect passphrase for softraid crypto boot.jsing2018-08-102-72/+122
| | | | | | | | | | | | | | | | | | | Historically, the softraid crypto support in the boot loaders has only given one attempt to provide the correct passphrase. There were a few reasons for this, including the fact that pkcs5_pbkdf2() allows an empty passphrase and that returning EPERM allowed for another attempt. With the event of KARL and the need for bsd.booted with hibernate resumption, this becomes much more of an issue - if you get the passphrase wrong you fail to resume. There are also other situations like using /etc/boot.conf to switch serial console, but an incorrect passphrase results in the config not being read. Also, bcrypt_pbkdf() does not permit empty passphrases. This reworks the softraid crypto support in the boot loaders so that it loops requesting a valid passphrase until one is provided, or an empty passphrase is entered (at which point it will abort). ok mortimer@ tb@
* Align libsa ctime output with libc ctime output.cheloha2018-05-231-3/+2
| | | | | | | Use zero-padding to get double-digit HH:MM:SS and space-padding for the DOM. ok visa@
* Stop converting UDP and IP header values from network endianness to hostpatrick2018-03-311-10/+7
| | | | | | | | | | endianness for convenience reasons. Especially in code pathes like TFTP where the source port is read from the received UDP packet and used as destination port in a new UDP packet this can be very harmful. Luckily this issue has had no effect on our architectures since they never use any of the code paths that could be harmful. ok visa@
* Implement basic padding support in libsa so we can do zero-paddingpatrick2018-01-171-18/+55
| | | | | | in bootloader printfs. Feedback from and ok gerhard@
* "unknown KDF type 2" -> "keydisk not found".sunil2017-11-101-1/+4
| | | | Inputs and ok jsing@.
* Revert: libsa lacks memmove currently; a more thorough rename/change isguenther2017-10-081-2/+2
| | | | | | needed problem noted by naddy@
* bcopy() is expected to be overlap safe, so it implement it with memmove()guenther2017-10-071-2/+2
| | | | | | not memcpy(). 'oh oh' deraadt@
* If you use sys/param.h, you don't need sys/types.hderaadt2017-09-081-2/+1
|
* make the AES-XTS mode a little more constant-time, though the AESdjm2017-05-311-5/+4
| | | | | | implementation that it depends on currently isn't. ok mikeb tom
* move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@naddy2017-05-271-13/+13
|
* Guard debug printf with NFS_DEBUG ifdef like the other debug prints.patrick2017-05-081-1/+3
| | | | ok tom@
* Add missing OpenBSD CVS tagsreyk2016-11-272-0/+4
|
* Fix signedness warnings with careful casts and replace a re-defined variable.reyk2016-11-252-17/+17
| | | | OK krw@
* Add bcrypt pbkdf support to the softraid crypto boot loader code.jsing2016-09-181-5/+28
| | | | Based on a diff from djm@
* Correctly handle short read()s in the libsa gzip handling lseek(). Alsojsing2016-09-181-5/+8
| | | | | | avoid masking the errno from a failed read(). ok guenther@ tom@
* move the .SUNW_ctf section name definition to exec_elf.h and document it in elf(5)jasper2016-09-171-2/+2
| | | | | feedback from guenther@ ok guenther@ kettenis@
* unifdef SAVE_MEMORY which is no longer set nor usedjasper2016-09-161-9/+1
| | | | ok deraadt@ millert@
* when loading the kernel binary, also load the .SUNW_ctf section when present,jasper2016-09-131-2/+3
| | | | | | which holds the CTF data. ok mpi@
* Provide initial libsa softraid - this is currently just the data structuresjsing2016-09-112-0/+260
| | | | and softraid crypto key handling code.
* Add bcrypt_pbkdf to libsa, from libutil. This will soon allow the bootjsing2016-09-102-0/+189
| | | | loader to support softraid crypto volumes using bcrypt pbkdf.
* Add blowfish to libsa, taken from libc - needed for bcrypt_pbkdf.jsing2016-09-102-0/+767
|
* Add sha2 to libsa, taken from libc - needed for bcrypt_pbkdf.jsing2016-09-102-0/+1107
|
* Rename libsa pbkdf2.c to pkcs5_pbkdf2.c so that we match libutil.jsing2016-09-102-15/+13
|
* Sync libsa pkcs5_pbkdf2() with libutil.jsing2016-09-102-12/+14
|
* Declare lseek() instead of assuming it'll be provided elsewhereguenther2016-08-271-1/+2
| | | | ok deraadt@
* Change a bunch of (<blah> *)0 to NULL.krw2016-03-144-15/+15
| | | | ok beck@ deraadt@
* Replace unbounded gets() in libsa with getln() which takes a buffer size,miod2015-11-164-16/+22
| | | | | and convert all gets() users. ok deraadt@
* (char *)0 -> NULLmmcc2015-10-261-2/+2
| | | | ok tedu@
* Cast isdigit()'s argument to unsigned char.mmcc2015-10-261-2/+2
| | | | ok guenther@
* Remove orphaned files.miod2015-09-183-239/+1
|
* unify free(NULL,size) behaviour by allowing passing NULLsemarie2015-09-141-3/+7
| | | | ok millert@ jasper@
* Initial commit of uefi boot loader of OpenBSD.yasuoka2015-09-022-4/+4
| | | | ok deraadt yuo
* When sendrecv() returns -1, have rpc_call() return -1 as well. Otherwise, duemiod2015-08-151-2/+2
| | | | | to the cast to unsigned, it fails the error test and returns a bogus partial read to the caller, which is painful to debug.
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.