279 Commits

Author SHA1 Message Date
markm
d586165577 Huge cleanup of random(4) code.
* GENERAL
- Update copyright.
- Make kernel options for RANDOM_YARROW and RANDOM_DUMMY. Set
  neither to ON, which means we want Fortuna
- If there is no 'device random' in the kernel, there will be NO
  random(4) device in the kernel, and the KERN_ARND sysctl will
  return nothing. With RANDOM_DUMMY there will be a random(4) that
  always blocks.
- Repair kern.arandom (KERN_ARND sysctl). The old version went
  through arc4random(9) and was a bit weird.
- Adjust arc4random stirring a bit - the existing code looks a little
  suspect.
- Fix the nasty pre- and post-read overloading by providing explictit
  functions to do these tasks.
- Redo read_random(9) so as to duplicate random(4)'s read internals.
  This makes it a first-class citizen rather than a hack.
- Move stuff out of locked regions when it does not need to be
  there.
- Trim RANDOM_DEBUG printfs. Some are excess to requirement, some
  behind boot verbose.
- Use SYSINIT to sequence the startup.
- Fix init/deinit sysctl stuff.
- Make relevant sysctls also tunables.
- Add different harvesting "styles" to allow for different requirements
  (direct, queue, fast).
- Add harvesting of FFS atime events. This needs to be checked for
  weighing down the FS code.
- Add harvesting of slab allocator events. This needs to be checked for
  weighing down the allocator code.
- Fix the random(9) manpage.
- Loadable modules are not present for now. These will be re-engineered
  when the dust settles.
- Use macros for locks.
- Fix comments.

* src/share/man/...
- Update the man pages.

* src/etc/...
- The startup/shutdown work is done in D2924.

* src/UPDATING
- Add UPDATING announcement.

* src/sys/dev/random/build.sh
- Add copyright.
- Add libz for unit tests.

* src/sys/dev/random/dummy.c
- Remove; no longer needed. Functionality incorporated into randomdev.*.

* live_entropy_sources.c live_entropy_sources.h
- Remove; content moved.
- move content to randomdev.[ch] and optimise.

* src/sys/dev/random/random_adaptors.c src/sys/dev/random/random_adaptors.h
- Remove; plugability is no longer used. Compile-time algorithm
  selection is the way to go.

* src/sys/dev/random/random_harvestq.c src/sys/dev/random/random_harvestq.h
- Add early (re)boot-time randomness caching.

* src/sys/dev/random/randomdev_soft.c src/sys/dev/random/randomdev_soft.h
- Remove; no longer needed.

* src/sys/dev/random/uint128.h
- Provide a fake uint128_t; if a real one ever arrived, we can use
  that instead. All that is needed here is N=0, N++, N==0, and some
  localised trickery is used to manufacture a 128-bit 0ULLL.

* src/sys/dev/random/unit_test.c src/sys/dev/random/unit_test.h
- Improve unit tests; previously the testing human needed clairvoyance;
  now the test will do a basic check of compressibility. Clairvoyant
  talent is still a good idea.
- This is still a long way off a proper unit test.

* src/sys/dev/random/fortuna.c src/sys/dev/random/fortuna.h
- Improve messy union to just uint128_t.
- Remove unneeded 'static struct fortuna_start_cache'.
- Tighten up up arithmetic.
- Provide a method to allow eternal junk to be introduced; harden
  it against blatant by compress/hashing.
- Assert that locks are held correctly.
- Fix the nasty pre- and post-read overloading by providing explictit
  functions to do these tasks.
- Turn into self-sufficient module (no longer requires randomdev_soft.[ch])

* src/sys/dev/random/yarrow.c src/sys/dev/random/yarrow.h
- Improve messy union to just uint128_t.
- Remove unneeded 'staic struct start_cache'.
- Tighten up up arithmetic.
- Provide a method to allow eternal junk to be introduced; harden
  it against blatant by compress/hashing.
- Assert that locks are held correctly.
- Fix the nasty pre- and post-read overloading by providing explictit
  functions to do these tasks.
- Turn into self-sufficient module (no longer requires randomdev_soft.[ch])
- Fix some magic numbers elsewhere used as FAST and SLOW.

Differential Revision: https://reviews.freebsd.org/D2025
Reviewed by: vsevolod,delphij,rwatson,trasz,jmg
Approved by: so (delphij)
2015-06-30 17:00:45 +00:00
hselasky
cf94a1d327 Ensure the result from signed subtraction under modulus does not
become negative.

Submitted by:		Oliver Pinter <oliver.pinter@hardenedbsd.org>
MFC after:		3 days
2015-05-10 17:11:04 +00:00
hselasky
3fe2bf52c1 The "SYSCTL_INT()" default value is only used for read only SYSCTLs
and is not applicable unless the integer pointer is NULL. Set it to
zero to avoid confusion. While at it remove extra semicolon at the end
of the "VT_SYSCTL_INT()" macro.

MFC after:		1 week
2015-05-08 16:37:40 +00:00
hselasky
d0e1b4c12c Prevent switching to NULL or own window in the "vt_proc_window_switch"
function. This fixes an issue where X11 keyboard input can appear
stuck. The cause of the problem is a duplicate TTY device window
switch IOCTL during boot, which leaves the "vt_switch_timer" running,
because the current window is already selected. While at it factor out
some NULL checks.

PR:			200032
Differential Revision:	https://reviews.freebsd.org/D2480
Reported by:		several people
MFC after:		1 week
Reviewed by:		emaste
2015-05-08 16:19:01 +00:00
emaste
40a5e702ec vt: fix vt_fb_bitblt_bitmap mask corruption
Previously the mask wrapped when one or more of the mask bytes extended
past the right edge of the window. Simplify the logic and use the same
byte offset and bit in both the pattern and mask.

PR:		199648
Sponsored by:	The FreeBSD Foundation
Differential Revision:	https://reviews.freebsd.org/D2360
2015-04-29 20:30:11 +00:00
royger
9b52653614 vt_vga: add a timeout while waiting for vertical retrace
On one of my systems FreeBSD will fail to boot because vt_vga gets stuck
waiting for the vertical retrace if there's no monitor attached. Fix this by
adding a timeout and exiting if the vertical retrace times out.

Sponsored by: Citrix Systems R&D
Reviewed by: emaste, dumbbell
Differential Revision: https://reviews.freebsd.org/D2397
2015-04-29 12:53:41 +00:00
emaste
148b62f61c vt(4): Simplify mouse area detection
vt_is_cursor_in_area needs to return true if any part of the mouse
cursor is visible in the rectangle area. Replace the existing test with
a simpler version of a test for overlapping rectangles.

Differential Revision:	https://reviews.freebsd.org/D2356
Reviewed by:	ray
Sponsored by:	The FreeBSD Foundation
2015-04-24 17:36:26 +00:00
emaste
7b318600dd Increase vt font limits to allow use of GNU Unifont
PR:		199438
Submitted by:	Ting-Wei Lan <lantw44@gmail.com>
MFC after:	1 week
Sponsored by:	The FreeBSD Foundation
2015-04-14 19:18:34 +00:00
nwhitehorn
9f2a127dec Let unchangeable 8-bit frame buffers have vaguely correct colors.
MFC after:	2 weeks
2015-03-10 17:04:11 +00:00
hselasky
786e5032a7 Add support for USB display link adapters to the FB and VT drivers.
The vtophys() function is used to get the physical page address for
the virtually allocated frame buffers when a physically continuous
memory area is not available. This change also allows removing the
masking of the FB_FLAG_NOMMAP flag in the PS3 syscons driver.

The FB and VT drivers were tested using X.org/xf86-video-scfb and
syscons.
2015-03-07 20:45:15 +00:00
dumbbell
df193d50d1 vt(4): Add support to "downgrade" from eg. vt_fb to vt_vga
The main purpose of this feature is to be able to unload a KMS driver.

When going back from the current vt(4) backend to the previous backend,
the previous backend is reinitialized with the special VDF_DOWNGRADE
flag set. Then the current driver is terminated with the new "vd_fini"
callback.

In the case of vt_fb and vt_vga, this allows the former to pass the
vgapci device vt_fb used to vt_vga so the device can be rePOSTed.

Differential Revision:	https://reviews.freebsd.org/D687
2015-03-01 12:54:22 +00:00
avg
aad5e37cfe vt: move suspend/resume event handlers registration outside of mutex scope
This is to avoid a witness warning about a waiting memory allocation in
the evnt hanlder registration code.

Reported by:	markj
MFC after:	3 days
X-MFC with:	r277795
2015-02-16 13:02:00 +00:00
danfe
1abfcfef5e Improve vt(4) default mouse pointer image. Previous one looked rather ugly,
especially on native monitor resolutions.  This one essentially matches X11
default pointer.

Differential Revision:	https://reviews.freebsd.org/D1801
No objection from:	emaste
Approved by:		adrian, dumbbell
2015-02-13 13:55:38 +00:00
rpaulo
0163c66507 vtvga: improve the device description. 2015-02-05 19:36:29 +00:00
delphij
1ff092273d Use unsigned int for index value.
Without this change a local attacker could trigger a panic by
tricking the kernel into accessing undefined kernel memory.

We would like to acknowledge Francisco Falcon from CORE Security
Technologies who discovered the issue and reported to the
FreeBSD Security Team.

More information can be found at CORE Security's advisory at:
http://www.coresecurity.com/content/freebsd-kernel-multiple-vulnerabilities

This is an errata candidate for releng/10.1 and releng/9.3.  Earlier
releases are not affected.

Reported by:	Francisco Falcon from CORE Security Technologies
Security:	CVE-2014-0998
Reviewed by:	dumbbell
MFC after:	3 days
2015-01-27 19:35:41 +00:00
avg
2a1f5c1f69 hook userland threads suspend + resume into acpi suspend code
Also, split power_suspend into power_suspend and power_suspend_early.

power_suspend_early is called before the userland is frozen.
power_suspend is called after the userland is frozen.

Currently only VT switching is hooked to power_suspend_early.
This is needed because switching away from X server requires its
cooperation, so obviously X server must not be frozen when that happens.

Freezing userland during ACPI suspend is useful because not all drivers
correctly handle suspension concurrent with other activity.  This is
especially applicable to drivers ported from other operating systems
that suspend all software activity between placing drivers and hardware
into suspended state.
In particular drm2/radeon (radeonkms) depends on the described
procedure.  The driver does not have any internal synchronization
between suspension activities and processing of userland requests.

Many thanks to kib for the code that allows to freeze and thaw all
userland threads.

Note that ideally we also need to park / inhibit (non-special) kernel
threads as well to ensure that they do not call into drivers.

MFC after:	17 days
2015-01-27 17:33:18 +00:00
avg
feecf521e9 vt(4): Use power_{suspend,resume} event handlers to implement
suspend/resume

The goal is to avoid that the vt(4) resume happens before the video
display is resumed. The original patch was provided by Andriy Gapon.

This new patch registers the handlers in vt_upgrade(). This is done
once, thanks to the VDF_ASYNC flag. I abused this flag because it was
already abused by the keyboard allocation. The event handlers then call
the backend if it provides callbacks for suspend/resume.

Differential Revision:	https://reviews.freebsd.org/D1004
On behalf of:	dumbbell
MFC after:	2 weeks
2015-01-27 15:28:46 +00:00
nwhitehorn
2269211bb1 Make PS3 work with the userspace kboot loader. loader.ps3 will disappear
from the tree in the near future.

Done at:	Hackathon
2015-01-05 00:50:16 +00:00
hselasky
e25dfbc312 The "vt_suspend_flush_timer()" function is sometimes called locked
which prevents us from doing a "callout_drain()" call. The callout in
question has a lock associated with it and we are not freeing the
callout. That means we can use the "callout_stop()" function to
atomically stop the callback iff the "callout_stop()" function is
called locked. This patch applies proper locking to "callout_stop()"
and replaces a "callout_drain()" with a "callout_stop()".

MFC after:    1 week
2015-01-02 13:35:10 +00:00
royger
39f06d536b vt_vga: fix an off-by-one error
This correctly sets the end of the memory region registered by vt_vga.

Reported by:	marius
2014-12-30 08:50:50 +00:00
royger
7a97a79c00 Partially revert "vt: register the memory regions used by the vt drivers"
Revert the EFI part of r276064 until I can test it properly on a real EFI
system. This was causing problems to people booting using UEFI and vt.

Reported by:	O. Hartmann <ohartman@zedat.fu-berlin.de>
2014-12-30 08:50:07 +00:00
emaste
ec5ce2742e Support ALT_BREAK_TO_DEBUGGER in vt(4)
Submitted by:	Andre Albsmeier on -hackers
2014-12-27 04:21:24 +00:00
royger
52c278b462 vt: register the memory regions used by the vt drivers
Current VT drivers don't register the memory regions they use with the
nexus. This patch makes vt_vga and vt_efifb register the memory regions they
use.

This is needed (at least) for Xen support, since the FreeBSD kernel will try
to use the holes in the memory map to map memory from other domains and
setup it's grant table.

Sponsored by:		Citrix Systems R&D
Reported by:		sbruno
Tested by:		emaste
Reviewed by:		ray
PR:			195537
Differential Revision:	https://reviews.freebsd.org/D1291
2014-12-22 16:46:07 +00:00
dumbbell
744533d61e vt(4): Support syscons' SC_HISTORY_SIZE to configure history size
Therefore, to set histry size to 2000 lines, add the following line to
your kernel configuration file:
    options SC_HISTORY_SIZE=2000

The default history remains at 500 lines.

MFC after:	1 week
2014-11-04 23:51:35 +00:00
dumbbell
fd23c34364 vt(4): Fix keyboard allocation when kbdmux(4) isn't used
The problem was that only the kbdmux keyboard index was saved in
vd->vd_keyboard. This index is -1 when kbdmux isn't used. In this
case, the keyboard was correctly allocated, but the returned index was
discarded.

PR:		194718
MFC after:	1 week
2014-11-02 16:04:48 +00:00
dumbbell
035cb01fbb vt(4): Adjust the cursor position after changing the window size
A new terminal_set_cursor() is added: it wraps the existing
teken_set_cursor() function.

In vtbuf_grow(), the cursor position is adjusted at the end of the
function. In vt_change_font(), we call terminal_set_cursor() just after
terminal_set_winsize_blank(), while the terminal is mute.

This fixes a bug where, after loading a kernel video driver which
increases the terminal window size, the cursor remains at its old
position, in other words, in the middle of the display content.

PR:		194421
MFC after:	1 week
2014-11-01 17:05:15 +00:00
dumbbell
525706da87 vt(4): Add PIO_VFONT_DEFAULT ioctl to restore the default builtin font
To restore the default font using vidcontrol(1), use the "-f" flag
without an argument:
    vidcontrol -f < /dev/ttyv0

PR:		193910
Differential Revision:	https://reviews.freebsd.org/D971
Submitted by:	Marcin Cieslak <saper@saper.info>
Reviewed by:	ray@, emaste@
Approved by:	ray@
MFC after:	1 week
2014-10-23 12:38:05 +00:00
dumbbell
c08eaa2d43 vt(4): Refuse to load a font if hw.vga.textmode is selected
Before, the font was loaded and the window size recalculated, giving an
unusable terminal, even if the actual font didn't change.

Reported by:	beeessdee@ruggedinbox.com
MFC after:	3 days
2014-10-20 14:25:23 +00:00
emaste
7b498b51a1 Do nothing in vt_upgrade if there is no vt driver
Previously, if no drivers attached at boot we would panic with
"vtbuf_fill_locked begin.tp_row 0 must be < screen height 0".

PR:		192248
Reviewed by:	ray
MFC after:	3 days
Sponsored by:	DARPA, AFRL
Differential Revision: https://reviews.freebsd.org/D954
2014-10-17 13:55:45 +00:00
ray
919850542e Allow vt(4) to disable terminal bell with sysctl kern.vt.bell_enable=0,
similar as syscons(4) do.

Submitted by:	Tiwei Bie <btw@mail.ustc.edu.cn>
MFC after:	2 weeks
Sponsored by:	The FreeBSD Foundation
2014-10-07 18:47:53 +00:00
dumbbell
fefe763abb vt(4): Don't recalculate buffer size if we don't know screen size
When the screen size is unknown, it's set to 0x0. We can't use that as
the buffer size, otherwise, functions such as vtbuf_fill() will fail.

This fixes a panic on RaspberryPi, where there's no vt(4) backend
configured early in boot.

PR:		193981
Tested by:	danilo@
MFC after:	3 days
2014-10-04 18:40:40 +00:00
dumbbell
83fc5b7af7 vt(4): Save/restore keyboard mode & LED states when switching window
Add new functions to manipulate these mode & state, instead of calling
kbdd_ioctl() everyhere.

This fixes at least two bugs:

    1. The state of the Scroll Lock LED and the state of scroll mode
       could be out-of-sync. For instance, if one enables scroll mode on
       window #1 and switches to window #2, the LED would remain on, but
       the window wouldn't be in scroll mode.

       Similarily, when switching between a console and an X.Org
       session, the LED states could be inconsistent with the real
       state.

    2. When exiting from an X.Org session, the user could be unable to
       type anything. The workaround was to switch to another console
       window and come back.

Differential Revision:	https://reviews.freebsd.org/D821
Reviewed by:	ray@
Approved by:	ray@
Tested by:	kwm@
MFC after:	3 days
2014-10-02 16:36:37 +00:00
bz
95348c7323 Make gcc happy by initialising the variable only set in a couple of
case statements without a default.

MFC after:	2 days
X-MFC with:	r271871
2014-09-20 08:18:48 +00:00
dumbbell
b87fdb7ac9 vt(4): Remove superfluous word in comment
Submitted by:	brueffer@
MFC after:	3 days
MFC with:	271871
2014-09-19 12:38:43 +00:00
dumbbell
bd0370dde7 vt(4): Rewrite history scrolling
It's now possible to scroll up the 500 hard-coded lines of history, not
just a fraction of them. For instance, one can reach the top of the boot
process.

Sometimes, when scrolling or when changing the screen size (by changing
the font or loading a KMS driver for instance), one could see the
history cycling (old content appeared below latest lines). This is
fixed.

Now, when the resolution changes are more lines can be shown, the
displayed area is adjusted so that, if the screen was filled with
content before, it's filled with content after as well: more history
is visible, instead of having blank lines below the previously visible
content.

MFC after:	3 days
2014-09-19 12:20:43 +00:00
dumbbell
2e7b781164 vt(4): Remove vt_buf->vb_dirtymask
This structure and the associated functions were unused since the
implementation of vd_bitblt_text_t callbacks.

MFC after:	3 days
2014-09-19 11:02:44 +00:00
dumbbell
ec4f1f2cda vt(4): Use strncpy() to copy into a fixed-size buffer
CID:		1230007
MFC after:	3 days
2014-09-18 13:24:06 +00:00
dumbbell
8e237ebee1 vt(4): Fix out-of-bounds array access in VT_ACTIVATE ioctl handling
CID:		1229964
MFC after:	3 days
2014-09-18 12:20:19 +00:00
dumbbell
6336cc05d0 vt(4): Use vt_fb_drawrect() and vt_fb_setpixel() in all vt_fb-derivative
Review:		https://reviews.freebsd.org/D789
Reviewed by:	nwhitehorn
Approved by:	nwhitehorn
MFC after:	2 days
2014-09-16 18:02:24 +00:00
dumbbell
a491c5b76d vt(4): Fix a LOR which occurs during a call to vt_upgrade()
Reported by:	kib@
Review:		https://reviews.freebsd.org/D785
Reviewed by:	ray@
Approved by:	ray@
MFC after:	2 days
2014-09-16 17:42:37 +00:00
dumbbell
73abeee97f vt(4): Enclose vt_mouse_paste() prototype inside #ifndef SC_NO_CUTPASTE/#endif
This fixes the build with sparc64 LINT for instance.

Reported by:	bz@
MFC after:	3 days
2014-09-13 09:33:37 +00:00
ray
e90947bb7b Fix 'function declaration isn't a prototype' warning.
Pointed by:	ian
MFC after:	1 week
2014-09-12 20:55:17 +00:00
ray
b2dcc83c3f Fix stray char on paste.
Tested by:	dumbbell and me
MFC after:	1 week
2014-09-12 14:17:09 +00:00
ray
70ee622dbb Switch vt(4) to traditional behaviour with copy-paste same as syscons(4) do.
(forgetted in last commit)

Reviewed by:	dumbbell (as D755)
MFC after:	1 week
2014-09-12 14:16:10 +00:00
ray
a1fffb488b Switch vt(4) to traditional behaviour with copy-paste same as syscons(4) do.
Reviewed by:	dumbbell (as D755)
MFC after:	1 week
2014-09-12 14:14:50 +00:00
ray
0a975edfe6 Remove stray whitespaces. 2014-09-12 14:07:20 +00:00
ray
7c22eb535c Fix one more spelling mistake.
Pointed by:	danfe
2014-09-10 11:48:13 +00:00
ray
25f116b73a spelling fixes
Submitted by:	"Sam Fourman Jr." <sfourman@gmail.com>
MFC after:	1 week
2014-09-10 11:27:33 +00:00
ray
a95d8f6006 o Add sysctls to enable/disable potentially dengerous key combinations, like
reboot/halt/debug.
o Add support for most key combinations supported by syscons(4).

Reviewed by:	dumbbell, emaste (prev revision of D747)
MFC after:	5 days
Sponsored by:	The FreeBSD Foundation
2014-09-10 11:13:13 +00:00
ray
4f2d1acf2c Revert r269474. Special keyboard combinations should be handled by separate
sysctls.
2014-09-09 14:18:56 +00:00