sync with OpenBSD -current

sys/arch/amd64/amd64/bus_dma.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: bus_dma.c,v 1.56 2024/08/20 15:30:29 bluhm Exp $	*/
+/*	$OpenBSD: bus_dma.c,v 1.57 2024/08/22 11:36:24 bluhm Exp $	*/
 /*	$NetBSD: bus_dma.c,v 1.3 2003/05/07 21:33:58 fvdl Exp $	*/
 
 /*-
@@ -499,7 +499,7 @@ _bus_dmamap_sync(bus_dma_tag_t t, bus_dmamap_t map, bus_addr_t addr,
 	if (!use_bounce_buffer)
 		return;
 
-	for (i = map->_dm_segcnt, sg = map->dm_segs; size && i--; sg++) {
+	for (i = map->_dm_segcnt, sg = map->dm_segs; size && i; i--, sg++) {
 		if (off >= sg->ds_len) {
 			off -= sg->ds_len;
 			continue;
@@ -767,9 +767,11 @@ _bus_dmamap_load_buffer(bus_dma_tag_t t, bus_dmamap_t map, void *buf,
 			     map->_dm_maxsegsz &&
 			    (map->_dm_boundary == 0 ||
 			     (map->dm_segs[seg].ds_addr & bmask) ==
-			     (curaddr & bmask)))
+			     (curaddr & bmask)) &&
+			    (!use_bounce_buffer || (map->dm_segs[seg]._ds_va +
+			     map->dm_segs[seg].ds_len) == vaddr)) {
 				map->dm_segs[seg].ds_len += sgsize;
-			else {
+			} else {
 				if (++seg >= map->_dm_segcnt)
 					break;
 				map->dm_segs[seg].ds_addr = curaddr;

sys/dev/dt/dt_dev.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: dt_dev.c,v 1.35 2024/08/21 09:27:37 mpi Exp $ */
+/*	$OpenBSD: dt_dev.c,v 1.36 2024/08/22 10:08:25 mvs Exp $ */
 
 /*
  * Copyright (c) 2019 Martin Pieuchot <mpi@openbsd.org>
@@ -88,6 +88,7 @@
  * to keep track of enabled PCBs.
  *
  *  Locks used to protect struct members in this file:
+ *	a	atomic
  *	m	per-softc mutex
  *	K	kernel lock
  */
@@ -119,7 +120,7 @@ SIMPLEQ_HEAD(, dt_probe)	dt_probe_list;	/* [I] list of probes */
 struct rwlock			dt_lock = RWLOCK_INITIALIZER("dtlk");
 volatile uint32_t		dt_tracing = 0;	/* [K] # of processes tracing */
 
-int allowdt;
+int allowdt;					/* [a] */
 
 void	dtattach(struct device *, struct device *, void *);
 int	dtopen(dev_t, int, int, struct proc *);
@@ -162,7 +163,7 @@ dtopen(dev_t dev, int flags, int mode, struct proc *p)
 	struct dt_softc *sc;
 	int unit = minor(dev);
 
-	if (!allowdt)
+	if (atomic_load_int(&allowdt) == 0)
 		return EPERM;
 
 	sc = malloc(sizeof(*sc), M_DEVBUF, M_WAITOK|M_CANFAIL|M_ZERO);

sys/kern/kern_sysctl.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: kern_sysctl.c,v 1.442 2024/08/20 13:29:25 mvs Exp $	*/
+/*	$OpenBSD: kern_sysctl.c,v 1.444 2024/08/23 01:31:04 mvs Exp $	*/
 /*	$NetBSD: kern_sysctl.c,v 1.17 1996/05/20 17:49:05 mrg Exp $	*/
 
 /*-
@@ -134,6 +134,7 @@ extern int autoconf_serial;
 
 int allowkmem;
 
+int sysctl_securelevel(void *, size_t *, void *, size_t, struct proc *);
 int sysctl_diskinit(int, struct proc *);
 int sysctl_proc_args(int *, u_int, void *, size_t *, struct proc *);
 int sysctl_proc_cwd(int *, u_int, void *, size_t *, struct proc *);
@@ -486,7 +487,7 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
 		switch (name[0]) {
 #if NAUDIO > 0
 		case KERN_AUDIO:
-			return (sysctl_audio(name, namelen, oldp, oldlenp,
+			return (sysctl_audio(name + 1, namelen - 1, oldp, oldlenp,
 			    newp, newlen));
 #endif
 		default:
@@ -513,6 +514,11 @@ kern_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
 		return (sysctl_rdstring(oldp, oldlenp, newp, version));
 	case KERN_NUMVNODES:  /* XXX numvnodes is a long */
 		return (sysctl_rdint(oldp, oldlenp, newp, numvnodes));
+#if NDT > 0
+	case KERN_ALLOWDT:
+		return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
+		    &allowdt));
+#endif
 	case KERN_HOSTID:
 		return (sysctl_int(oldp, oldlenp, newp, newlen, &hostid));
 	case KERN_CLOCKRATE:
@@ -596,26 +602,13 @@ int
 kern_sysctl_locked(int *name, u_int namelen, void *oldp, size_t *oldlenp,
     void *newp, size_t newlen, struct proc *p)
 {
-	int error, level, stackgap;
+	int error, stackgap;
 	dev_t dev;
 	extern int pool_debug;
 
 	switch (name[0]) {
 	case KERN_SECURELVL:
-		level = securelevel;
-		if ((error = sysctl_int(oldp, oldlenp, newp, newlen, &level)) ||
-		    newp == NULL)
-			return (error);
-		if ((securelevel > 0 || level < -1) &&
-		    level < securelevel && p->p_p->ps_pid != 1)
-			return (EPERM);
-		securelevel = level;
-		return (0);
-#if NDT > 0
-	case KERN_ALLOWDT:
-		return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
-		    &allowdt));
-#endif
+		return (sysctl_securelevel(oldp, oldlenp, newp, newlen, p));
 	case KERN_ALLOWKMEM:
 		return (sysctl_securelevel_int(oldp, oldlenp, newp, newlen,
 		    &allowkmem));
@@ -1123,6 +1116,45 @@ sysctl_rdint(void *oldp, size_t *oldlenp, void *newp, int val)
 	return (error);
 }
 
+int
+sysctl_securelevel(void *oldp, size_t *oldlenp, void *newp, size_t newlen,
+    struct proc *p)
+{
+	int oldval, newval;
+	int error;
+
+	if (oldp && *oldlenp < sizeof(int))
+		return (ENOMEM);
+	if (newp && newlen != sizeof(int))
+		return (EINVAL);
+	*oldlenp = sizeof(int);
+
+	if (newp) {
+		if ((error = copyin(newp, &newval, sizeof(int))))
+			return (error);
+		do {
+			oldval = atomic_load_int(&securelevel);
+			if ((oldval > 0 || newval < -1) && newval < oldval &&
+			    p->p_p->ps_pid != 1)
+				return (EPERM);
+		} while (atomic_cas_uint(&securelevel, oldval, newval) !=
+		    oldval);
+
+		if (oldp) {
+			/* new value has been set although user gets error */
+			if ((error = copyout(&oldval, oldp, sizeof(int))))
+				return (error);
+		}
+	} else if (oldp) {
+		oldval = atomic_load_int(&securelevel);
+
+		if ((error = copyout(&oldval, oldp, sizeof(int))))
+			return (error);	
+	}
+
+	return (0);
+}
+
 /*
  * Selects between sysctl_rdint and sysctl_int according to securelevel.
  */
@@ -1130,7 +1162,7 @@ int
 sysctl_securelevel_int(void *oldp, size_t *oldlenp, void *newp, size_t newlen,
     int *valp)
 {
-	if (securelevel > 0)
+	if (atomic_load_int(&securelevel) > 0)
 		return (sysctl_rdint(oldp, oldlenp, newp, *valp));
 	return (sysctl_int(oldp, oldlenp, newp, newlen, valp));
 }

sys/netinet/in_proto.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: in_proto.c,v 1.112 2024/08/21 12:53:36 mvs Exp $	*/
+/*	$OpenBSD: in_proto.c,v 1.113 2024/08/22 10:58:31 mvs Exp $	*/
 /*	$NetBSD: in_proto.c,v 1.14 1996/02/18 18:58:32 christos Exp $	*/
 
 /*
@@ -230,7 +230,7 @@ const struct protosw inetsw[] = {
   .pr_type	= SOCK_RAW,
   .pr_domain	= &inetdomain,
   .pr_protocol	= IPPROTO_IPV4,
-  .pr_flags	= PR_ATOMIC|PR_ADDR|PR_MPSOCKET,
+  .pr_flags	= PR_ATOMIC|PR_ADDR|PR_MPSOCKET|PR_MPSYSCTL,
 #if NGIF > 0
   .pr_input	= in_gif_input,
 #else

sys/netinet/ip_ipip.c

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ipip.c,v 1.104 2024/08/21 12:53:36 mvs Exp $ */
+/*	$OpenBSD: ip_ipip.c,v 1.105 2024/08/22 10:58:31 mvs Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -72,6 +72,11 @@
 #include <net/pfvar.h>
 #endif
 
+/*
+ * Locks used to protect data:
+ *	a	atomic
+ */
+
 #ifdef ENCDEBUG
 #define DPRINTF(fmt, args...)						\
 	do {								\
@@ -87,7 +92,7 @@
  * We can control the acceptance of IP4 packets by altering the sysctl
  * net.inet.ipip.allow value.  Zero means drop them, all else is acceptance.
  */
-int ipip_allow = 0;
+int ipip_allow = 0;	/* [a] */
 
 struct cpumem *ipipcounters;
 
@@ -104,9 +109,10 @@ int
 ipip_input(struct mbuf **mp, int *offp, int nxt, int af)
 {
 	struct ifnet *ifp;
+	int ipip_allow_local = atomic_load_int(&ipip_allow);
 
 	/* If we do not accept IP-in-IP explicitly, drop.  */
-	if (!ipip_allow && ((*mp)->m_flags & (M_AUTH|M_CONF)) == 0) {
+	if (ipip_allow_local == 0 && ((*mp)->m_flags & (M_AUTH|M_CONF)) == 0) {
 		DPRINTF("dropped due to policy");
 		ipipstat_inc(ipips_pdrops);
 		m_freemp(mp);
@@ -118,7 +124,7 @@ ipip_input(struct mbuf **mp, int *offp, int nxt, int af)
 		m_freemp(mp);
 		return IPPROTO_DONE;
 	}
-	nxt = ipip_input_if(mp, offp, nxt, af, ifp);
+	nxt = ipip_input_if(mp, offp, nxt, af, ipip_allow_local, ifp);
 	if_put(ifp);
 
 	return nxt;
@@ -133,7 +139,7 @@ ipip_input(struct mbuf **mp, int *offp, int nxt, int af)
  */
 
 int
-ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf,
+ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf, int allow,
     struct ifnet *ifp)
 {
 	struct mbuf *m = *mp;
@@ -271,7 +277,7 @@ ipip_input_if(struct mbuf **mp, int *offp, int proto, int oaf,
 	}
 
 	/* Check for local address spoofing. */
-	if (!(ifp->if_flags & IFF_LOOPBACK) && ipip_allow != 2) {
+	if (!(ifp->if_flags & IFF_LOOPBACK) && allow != 2) {
 		struct sockaddr_storage ss;
 		struct rtentry *rt;
 
@@ -584,19 +590,14 @@ int
 ipip_sysctl(int *name, u_int namelen, void *oldp, size_t *oldlenp, void *newp,
     size_t newlen)
 {
-	int error;
-
 	/* All sysctl names at this level are terminal. */
 	if (namelen != 1)
 		return (ENOTDIR);
 
 	switch (name[0]) {
 	case IPIPCTL_ALLOW:
-		NET_LOCK();
-		error = sysctl_int_bounded(oldp, oldlenp, newp, newlen,
-		    &ipip_allow, 0, 2);
-		NET_UNLOCK();
-		return (error);
+		return (sysctl_int_bounded(oldp, oldlenp, newp, newlen,
+		    &ipip_allow, 0, 2));
 	case IPIPCTL_STATS:
 		return (ipip_sysctl_ipipstat(oldp, oldlenp, newp));
 	default:

sys/netinet/ip_ipip.h

@@ -1,4 +1,4 @@
-/*	$OpenBSD: ip_ipip.h,v 1.13 2021/10/13 14:36:31 bluhm Exp $ */
+/*	$OpenBSD: ip_ipip.h,v 1.14 2024/08/22 10:58:31 mvs Exp $ */
 /*
  * The authors of this code are John Ioannidis (ji@tla.org),
  * Angelos D. Keromytis (kermit@csd.uch.gr) and
@@ -114,7 +114,7 @@ struct tdb;
 
 void	ipip_init(void);
 int	ipip_input(struct mbuf **, int *, int, int);
-int	ipip_input_if(struct mbuf **, int *, int, int, struct ifnet *);
+int	ipip_input_if(struct mbuf **, int *, int, int, int, struct ifnet *);
 int	ipip_output(struct mbuf **, struct tdb *);
 int	ipip_sysctl(int *, u_int, void *, size_t *, void *, size_t);