From ecb53bfacfe29b0c60cc3a583d4921e4e4e4a9e8 Mon Sep 17 00:00:00 2001 From: purplerain Date: Thu, 31 Aug 2023 18:59:48 +0000 Subject: [PATCH] sync code with last improvements from OpenBSD --- distrib/sets/lists/comp/mi | 3 + lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 | 260 +++++++++++ lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 | 228 +++++++++ lib/libcrypto/man/EVP_CIPHER_nid.3 | 215 +++++++++ lib/libcrypto/man/EVP_EncryptInit.3 | 463 +------------------ lib/libcrypto/man/Makefile | 5 +- lib/libcrypto/man/evp.3 | 7 +- regress/sbin/bioctl/Makefile | 24 +- sys/dev/fdt/if_dwqe_fdt.c | 41 +- sys/dev/pci/drm/drm_aperture.c | 11 +- sys/dev/pci/drm/i915/gt/gen8_engine_cs.c | 95 ++-- sys/dev/pci/drm/i915/gt/gen8_engine_cs.h | 3 +- sys/dev/pci/drm/i915/gt/intel_gpu_commands.h | 1 + sys/dev/pci/drm/i915/gt/intel_lrc.c | 17 +- sys/dev/pci/drm/i915/i915_driver.c | 35 +- sys/dev/pci/drm/include/drm/display/drm_dp.h | 2 +- sys/dev/pci/drm/include/drm/drm_aperture.h | 7 +- usr.bin/make/cmd_exec.c | 96 +++- usr.bin/make/cmd_exec.h | 4 +- usr.bin/make/engine.c | 101 +--- usr.bin/make/init.c | 4 +- usr.sbin/fw_update/fw_update.sh | 322 +++++++++---- 22 files changed, 1201 insertions(+), 743 deletions(-) create mode 100644 lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 create mode 100644 lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 create mode 100644 lib/libcrypto/man/EVP_CIPHER_nid.3 diff --git a/distrib/sets/lists/comp/mi b/distrib/sets/lists/comp/mi index eac590c5d..445331dbc 100644 --- a/distrib/sets/lists/comp/mi +++ b/distrib/sets/lists/comp/mi @@ -1917,9 +1917,12 @@ ./usr/share/man/man3/ESS_SIGNING_CERT_new.3 ./usr/share/man/man3/EVP_AEAD_CTX_init.3 ./usr/share/man/man3/EVP_BytesToKey.3 +./usr/share/man/man3/EVP_CIPHER_CTX_ctrl.3 ./usr/share/man/man3/EVP_CIPHER_CTX_get_cipher_data.3 +./usr/share/man/man3/EVP_CIPHER_CTX_set_flags.3 ./usr/share/man/man3/EVP_CIPHER_do_all.3 ./usr/share/man/man3/EVP_CIPHER_meth_new.3 +./usr/share/man/man3/EVP_CIPHER_nid.3 ./usr/share/man/man3/EVP_DigestInit.3 ./usr/share/man/man3/EVP_DigestSignInit.3 ./usr/share/man/man3/EVP_DigestVerifyInit.3 diff --git a/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 b/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 new file mode 100644 index 000000000..40ed524ff --- /dev/null +++ b/lib/libcrypto/man/EVP_CIPHER_CTX_ctrl.3 @@ -0,0 +1,260 @@ +.\" $OpenBSD: EVP_CIPHER_CTX_ctrl.3,v 1.1 2023/08/31 17:27:41 schwarze Exp $ +.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 +.\" +.\" This file is a derived work. +.\" The changes are covered by the following Copyright and license: +.\" +.\" Copyright (c) 2018, 2023 Ingo Schwarze +.\" Copyright (c) 2018 Damien Miller +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.\" The original file was written by Dr. Stephen Henson . +.\" Copyright (c) 2000, 2001, 2016 The OpenSSL Project. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in +.\" the documentation and/or other materials provided with the +.\" distribution. +.\" +.\" 3. All advertising materials mentioning features or use of this +.\" software must display the following acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" +.\" +.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +.\" endorse or promote products derived from this software without +.\" prior written permission. For written permission, please contact +.\" openssl-core@openssl.org. +.\" +.\" 5. Products derived from this software may not be called "OpenSSL" +.\" nor may "OpenSSL" appear in their names without prior written +.\" permission of the OpenSSL Project. +.\" +.\" 6. Redistributions of any form whatsoever must retain the following +.\" acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY +.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR +.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +.\" OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd $Mdocdate: August 31 2023 $ +.Dt EVP_CIPHER_CTX_CTRL 3 +.Os +.Sh NAME +.Nm EVP_CIPHER_CTX_ctrl , +.Nm EVP_CIPHER_CTX_set_padding , +.Nm EVP_CIPHER_CTX_set_key_length , +.Nm EVP_CIPHER_CTX_key_length , +.Nm EVP_CIPHER_key_length , +.Nm EVP_CIPHER_CTX_iv_length , +.Nm EVP_CIPHER_iv_length , +.Nm EVP_CIPHER_CTX_set_iv , +.Nm EVP_CIPHER_CTX_get_iv +.Nd configure EVP cipher contexts +.Sh SYNOPSIS +.In openssl/evp.h +.Ft int +.Fo EVP_CIPHER_CTX_ctrl +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int type" +.Fa "int arg" +.Fa "void *ptr" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_set_padding +.Fa "EVP_CIPHER_CTX *x" +.Fa "int padding" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_set_key_length +.Fa "EVP_CIPHER_CTX *x" +.Fa "int keylen" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_key_length +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft int +.Fo EVP_CIPHER_key_length +.Fa "const EVP_CIPHER *e" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_iv_length +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft int +.Fo EVP_CIPHER_iv_length +.Fa "const EVP_CIPHER *e" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_set_iv +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "const unsigned char *iv" +.Fa "size_t len" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_get_iv +.Fa "const EVP_CIPHER_CTX *ctx" +.Fa "unsigned char *iv" +.Fa "size_t len" +.Fc +.Sh DESCRIPTION +.Fn EVP_CIPHER_CTX_ctrl +allows various cipher specific parameters to be determined and set. +Currently only the RC2 effective key length can be set. +.Pp +.Fn EVP_CIPHER_CTX_set_padding +enables or disables padding. +This function should be called after the context is set up for +encryption or decryption with +.Xr EVP_EncryptInit_ex 3 , +.Xr EVP_DecryptInit_ex 3 , +or +.Xr EVP_CipherInit_ex 3 . +By default encryption operations are padded using standard block padding +and the padding is checked and removed when decrypting. +If the +.Fa padding +parameter is zero, then no padding is performed, the total amount of data +encrypted or decrypted must then be a multiple of the block size or an +error will occur. +.Pp +.Fn EVP_CIPHER_CTX_set_key_length +sets the key length of the cipher ctx. +If the cipher is a fixed length cipher, then attempting to set the key +length to any value other than the fixed value is an error. +.Pp +.Fn EVP_CIPHER_CTX_key_length +and +.Fn EVP_CIPHER_key_length +return the key length of a cipher when passed an +.Vt EVP_CIPHER_CTX +or +.Vt EVP_CIPHER +structure. +The constant +.Dv EVP_MAX_KEY_LENGTH +is the maximum key length for all ciphers. +Note: although +.Fn EVP_CIPHER_key_length +is fixed for a given cipher, the value of +.Fn EVP_CIPHER_CTX_key_length +may be different for variable key length ciphers. +.Pp +.Fn EVP_CIPHER_CTX_iv_length +and +.Fn EVP_CIPHER_iv_length +return the IV length of a cipher when passed an +.Vt EVP_CIPHER_CTX +or +.Vt EVP_CIPHER . +It will return zero if the cipher does not use an IV. +The constant +.Dv EVP_MAX_IV_LENGTH +is the maximum IV length for all ciphers. +.Pp +.Fn EVP_CIPHER_CTX_set_iv +and +.Fn EVP_CIPHER_CTX_get_iv +set and retrieve the IV for an +.Vt EVP_CIPHER_CTX , +respectively. +In both cases, the specified IV length must exactly equal the expected +IV length for the context as returned by +.Fn EVP_CIPHER_CTX_iv_length . +.Sh RETURN VALUES +.Fn EVP_CIPHER_CTX_ctrl +usually returns 1 for success, 0 for failure, or \-1 if the +.Fa type +is not supported by the +.Fa ctx , +but there may be exceptions for some +.Fa type +arguments. +.Pp +.Fn EVP_CIPHER_CTX_set_padding +always returns 1. +.Pp +.Fn EVP_CIPHER_CTX_set_key_length , +.Fn EVP_CIPHER_CTX_set_iv , +and +.Fn EVP_CIPHER_CTX_get_iv +return 1 for success or 0 for failure. +.Pp +.Fn EVP_CIPHER_CTX_key_length +and +.Fn EVP_CIPHER_key_length +return the key length. +.Pp +.Fn EVP_CIPHER_CTX_iv_length +and +.Fn EVP_CIPHER_iv_length +return the IV length or zero if the cipher does not use an IV. +.Sh SEE ALSO +.Xr evp 3 , +.Xr EVP_CIPHER_nid 3 , +.Xr EVP_EncryptInit 3 +.Sh HISTORY +.Fn EVP_CIPHER_CTX_key_length , +.Fn EVP_CIPHER_key_length , +.Fn EVP_CIPHER_CTX_iv_length , +and +.Fn EVP_CIPHER_iv_length +first appeared in SSLeay 0.6.5 and have been available since +.Ox 2.4 . +.Pp +.Fn EVP_CIPHER_CTX_ctrl +and +.Fn EVP_CIPHER_CTX_set_key_length +first appeared in OpenSSL 0.9.6 and have been available since +.Ox 2.9 . +.Pp +.Fn EVP_CIPHER_CTX_set_padding +first appeared in OpenSSL 0.9.7 and has been available since +.Ox 3.2 . +.Pp +.Fn EVP_CIPHER_CTX_set_iv +and +.Fn EVP_CIPHER_CTX_get_iv +first appeared in LibreSSL 2.8.1 and have been available since +.Ox 6.4 . +.Sh BUGS +.Dv EVP_MAX_KEY_LENGTH +and +.Dv EVP_MAX_IV_LENGTH +only refer to the internal ciphers with default key lengths. +If custom ciphers exceed these values, the results are unpredictable. +This is because it has become standard practice to define a generic key +as a fixed unsigned char array containing +.Dv EVP_MAX_KEY_LENGTH +bytes. diff --git a/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 b/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 new file mode 100644 index 000000000..a8e32cdc5 --- /dev/null +++ b/lib/libcrypto/man/EVP_CIPHER_CTX_set_flags.3 @@ -0,0 +1,228 @@ +.\" $OpenBSD: EVP_CIPHER_CTX_set_flags.3,v 1.1 2023/08/31 17:27:41 schwarze Exp $ +.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 +.\" +.\" This file is a derived work. +.\" The changes are covered by the following Copyright and license: +.\" +.\" Copyright (c) 2019 Ingo Schwarze +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.\" The original file was written by Dr. Stephen Henson +.\" and Patrick Steuer . +.\" Copyright (c) 2000, 2017 The OpenSSL Project. +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in +.\" the documentation and/or other materials provided with the +.\" distribution. +.\" +.\" 3. All advertising materials mentioning features or use of this +.\" software must display the following acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" +.\" +.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +.\" endorse or promote products derived from this software without +.\" prior written permission. For written permission, please contact +.\" openssl-core@openssl.org. +.\" +.\" 5. Products derived from this software may not be called "OpenSSL" +.\" nor may "OpenSSL" appear in their names without prior written +.\" permission of the OpenSSL Project. +.\" +.\" 6. Redistributions of any form whatsoever must retain the following +.\" acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY +.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR +.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +.\" OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd $Mdocdate: August 31 2023 $ +.Dt EVP_CIPHER_CTX_SET_FLAGS 3 +.Os +.Sh NAME +.Nm EVP_CIPHER_CTX_set_flags , +.Nm EVP_CIPHER_CTX_clear_flags , +.Nm EVP_CIPHER_CTX_test_flags , +.Nm EVP_CIPHER_CTX_rand_key , +.Nm EVP_CIPHER_param_to_asn1 , +.Nm EVP_CIPHER_asn1_to_param , +.Nm EVP_CIPHER_CTX_get_app_data , +.Nm EVP_CIPHER_CTX_set_app_data +.Nd unusual EVP cipher context configuration +.Sh SYNOPSIS +.In openssl/evp.h +.Ft void +.Fo EVP_CIPHER_CTX_set_flags +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int flags" +.Fc +.Ft void +.Fo EVP_CIPHER_CTX_clear_flags +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int flags" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_test_flags +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "int flags" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_rand_key +.Fa "EVP_CIPHER_CTX *ctx" +.Fa "unsigned char *key" +.Fc +.Ft int +.Fo EVP_CIPHER_param_to_asn1 +.Fa "EVP_CIPHER_CTX *c" +.Fa "ASN1_TYPE *type" +.Fc +.Ft int +.Fo EVP_CIPHER_asn1_to_param +.Fa "EVP_CIPHER_CTX *c" +.Fa "ASN1_TYPE *type" +.Fc +.Ft void * +.Fo EVP_CIPHER_CTX_get_app_data +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft void +.Fo EVP_CIPHER_CTX_set_app_data +.Fa "const EVP_CIPHER_CTX *ctx" +.Fa "void *data" +.Fc +.Sh DESCRIPTION +.Fn EVP_CIPHER_CTX_set_flags +enables the given +.Fa flags +in +.Fa ctx . +.Fn EVP_CIPHER_CTX_clear_flags +disables the given +.Fa flags +in +.Fa ctx . +.Fn EVP_CIPHER_CTX_test_flags +checks whether any of the given +.Fa flags +are currently set in +.Fa ctx , +returning the subset of the +.Fa flags +that are set, or 0 if none of them are set. +Currently, the only supported cipher context flag is +.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW ; +see +.Xr EVP_aes_128_wrap 3 +for details. +.Pp +.Fn EVP_CIPHER_CTX_rand_key +generates a random key of the appropriate length based on the cipher +context. +The +.Vt EVP_CIPHER +can provide its own random key generation routine to support keys +of a specific form. +The +.Fa key +argument must point to a buffer at least as big as the value returned by +.Xr EVP_CIPHER_CTX_key_length 3 . +.Pp +.Fn EVP_CIPHER_param_to_asn1 +sets the ASN.1 +.Vt AlgorithmIdentifier +parameter based on the passed cipher. +This will typically include any parameters and an IV. +The cipher IV (if any) must be set when this call is made. +This call should be made before the cipher is actually "used" (before any +.Xr EVP_EncryptUpdate 3 +or +.Xr EVP_DecryptUpdate 3 +calls, for example). +This function may fail if the cipher does not have any ASN.1 support. +.Pp +.Fn EVP_CIPHER_asn1_to_param +sets the cipher parameters based on an ASN.1 +.Vt AlgorithmIdentifier +parameter. +The precise effect depends on the cipher. +In the case of RC2, for example, it will set the IV and effective +key length. +This function should be called after the base cipher type is set but +before the key is set. +For example +.Xr EVP_CipherInit 3 +will be called with the IV and key set to +.Dv NULL , +.Fn EVP_CIPHER_asn1_to_param +will be called and finally +.Xr EVP_CipherInit 3 +again with all parameters except the key set to +.Dv NULL . +It is possible for this function to fail if the cipher does not +have any ASN.1 support or the parameters cannot be set (for example +the RC2 effective key length is not supported). +.Sh RETURN VALUES +.Fn EVP_CIPHER_CTX_rand_key +return 1 for success or 0 for failure. +.Pp +.Fn EVP_CIPHER_param_to_asn1 +and +.Fn EVP_CIPHER_asn1_to_param +return greater than zero for success and zero or a negative number +for failure. +.Sh SEE ALSO +.Xr evp 3 , +.Xr EVP_CIPHER_CTX_ctrl 3 , +.Xr EVP_CIPHER_CTX_get_cipher_data 3 , +.Xr EVP_CIPHER_nid 3 , +.Xr EVP_EncryptInit 3 +.Sh HISTORY +.Fn EVP_CIPHER_CTX_set_app_data +and +.Fn EVP_CIPHER_CTX_get_app_data +first appeared in SSLeay 0.8.0. +.Fn EVP_CIPHER_param_to_asn1 +and +.Fn EVP_CIPHER_asn1_to_param +first appeared in SSLeay 0.9.0. +These functions have been available since +.Ox 2.4 . +.Pp +.Fn EVP_CIPHER_CTX_rand_key +first appeared in OpenSSL 0.9.8 and has been available since +.Ox 4.5 . +.Sh BUGS +The ASN.1 code is incomplete (and sometimes inaccurate). +It has only been tested for certain common S/MIME ciphers +(RC2, DES, triple DES) in CBC mode. diff --git a/lib/libcrypto/man/EVP_CIPHER_nid.3 b/lib/libcrypto/man/EVP_CIPHER_nid.3 new file mode 100644 index 000000000..3a3c42d0b --- /dev/null +++ b/lib/libcrypto/man/EVP_CIPHER_nid.3 @@ -0,0 +1,215 @@ +.\" $OpenBSD: EVP_CIPHER_nid.3,v 1.1 2023/08/31 17:27:41 schwarze Exp $ +.\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 +.\" +.\" This file is a derived work. +.\" The changes are covered by the following Copyright and license: +.\" +.\" Copyright (c) 2018 Ingo Schwarze +.\" +.\" Permission to use, copy, modify, and distribute this software for any +.\" purpose with or without fee is hereby granted, provided that the above +.\" copyright notice and this permission notice appear in all copies. +.\" +.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +.\" +.\" The original file was written by Dr. Stephen Henson . +.\" Copyright (c) 2000 The OpenSSL Project. All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in +.\" the documentation and/or other materials provided with the +.\" distribution. +.\" +.\" 3. All advertising materials mentioning features or use of this +.\" software must display the following acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit. (http://www.openssl.org/)" +.\" +.\" 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to +.\" endorse or promote products derived from this software without +.\" prior written permission. For written permission, please contact +.\" openssl-core@openssl.org. +.\" +.\" 5. Products derived from this software may not be called "OpenSSL" +.\" nor may "OpenSSL" appear in their names without prior written +.\" permission of the OpenSSL Project. +.\" +.\" 6. Redistributions of any form whatsoever must retain the following +.\" acknowledgment: +.\" "This product includes software developed by the OpenSSL Project +.\" for use in the OpenSSL Toolkit (http://www.openssl.org/)" +.\" +.\" THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY +.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR +.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR +.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT +.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) +.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, +.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED +.\" OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.Dd $Mdocdate: August 31 2023 $ +.Dt EVP_CIPHER_NID 3 +.Os +.Sh NAME +.Nm EVP_CIPHER_nid , +.Nm EVP_CIPHER_CTX_nid , +.Nm EVP_CIPHER_type , +.Nm EVP_CIPHER_CTX_type , +.Nm EVP_CIPHER_block_size , +.Nm EVP_CIPHER_CTX_block_size , +.Nm EVP_CIPHER_flags , +.Nm EVP_CIPHER_CTX_flags , +.Nm EVP_CIPHER_mode , +.Nm EVP_CIPHER_CTX_mode +.Nd inspect EVP_CIPHER objects +.Sh SYNOPSIS +.In openssl/evp.h +.Ft int +.Fo EVP_CIPHER_nid +.Fa "const EVP_CIPHER *e" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_nid +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft int +.Fo EVP_CIPHER_type +.Fa "const EVP_CIPHER *ctx" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_type +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft int +.Fo EVP_CIPHER_block_size +.Fa "const EVP_CIPHER *e" +.Fc +.Ft int +.Fo EVP_CIPHER_CTX_block_size +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft unsigned long +.Fo EVP_CIPHER_flags +.Fa "const EVP_CIPHER *e" +.Fc +.Ft unsigned long +.Fo EVP_CIPHER_CTX_flags +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Ft unsigned long +.Fo EVP_CIPHER_mode +.Fa "const EVP_CIPHER *e" +.Fc +.Ft unsigned long +.Fo EVP_CIPHER_CTX_mode +.Fa "const EVP_CIPHER_CTX *ctx" +.Fc +.Sh DESCRIPTION +.Fn EVP_CIPHER_nid +and +.Fn EVP_CIPHER_CTX_nid +return the NID of a cipher when passed an +.Vt EVP_CIPHER +or +.Vt EVP_CIPHER_CTX +structure. +The actual NID value is an internal value which may not have a +corresponding OBJECT IDENTIFIER. +.Pp +.Fn EVP_CIPHER_type +and +.Fn EVP_CIPHER_CTX_type +return the type of the passed cipher or context. +This "type" is the actual NID of the cipher OBJECT IDENTIFIER as such it +ignores the cipher parameters and 40-bit RC2 and 128-bit RC2 have the +same NID. +If the cipher does not have an object identifier or does not +have ASN.1 support, this function will return +.Dv NID_undef . +.Pp +.Fn EVP_CIPHER_block_size +and +.Fn EVP_CIPHER_CTX_block_size +return the block size of a cipher when passed an +.Vt EVP_CIPHER +or +.Vt EVP_CIPHER_CTX +structure. +The constant +.Dv EVP_MAX_BLOCK_LENGTH +is also the maximum block length for all ciphers. +.Pp +.Fn EVP_CIPHER_mode +and +.Fn EVP_CIPHER_CTX_mode +return the block cipher mode: +.Dv EVP_CIPH_ECB_MODE , +.Dv EVP_CIPH_CBC_MODE , +.Dv EVP_CIPH_CFB_MODE , +.Dv EVP_CIPH_OFB_MODE , +.Dv EVP_CIPH_CTR_MODE , +or +.Dv EVP_CIPH_XTS_MODE . +If the cipher is a stream cipher then +.Dv EVP_CIPH_STREAM_CIPHER +is returned. +.Sh RETURN VALUES +.Fn EVP_CIPHER_nid +and +.Fn EVP_CIPHER_CTX_nid +return a NID. +.Pp +.Fn EVP_CIPHER_type +and +.Fn EVP_CIPHER_CTX_type +return the NID of the cipher's OBJECT IDENTIFIER or +.Dv NID_undef +if it has no defined OBJECT IDENTIFIER. +.Pp +.Fn EVP_CIPHER_block_size +and +.Fn EVP_CIPHER_CTX_block_size +return the block size. +.Sh SEE ALSO +.Xr evp 3 , +.Xr EVP_CIPHER_CTX_ctrl 3 , +.Xr EVP_EncryptInit 3 +.Sh HISTORY +.Fn EVP_CIPHER_type , +.Fn EVP_CIPHER_CTX_type , +.Fn EVP_CIPHER_block_size , +and +.Fn EVP_CIPHER_CTX_block_size +first appeared in SSLeay 0.6.5. +.Fn EVP_CIPHER_nid +and +.Fn EVP_CIPHER_CTX_nid +first appeared in SSLeay 0.8.0. +All these functions have been available since +.Ox 2.4 . +.Pp +.Fn EVP_CIPHER_flags , +.Fn EVP_CIPHER_CTX_flags , +.Fn EVP_CIPHER_mode , +and +.Fn EVP_CIPHER_CTX_mode +first appeared in OpenSSL 0.9.6 and have been available since +.Ox 2.9 . diff --git a/lib/libcrypto/man/EVP_EncryptInit.3 b/lib/libcrypto/man/EVP_EncryptInit.3 index b6d9080be..ddec4e7e7 100644 --- a/lib/libcrypto/man/EVP_EncryptInit.3 +++ b/lib/libcrypto/man/EVP_EncryptInit.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: EVP_EncryptInit.3,v 1.47 2023/08/26 15:01:56 schwarze Exp $ +.\" $OpenBSD: EVP_EncryptInit.3,v 1.48 2023/08/31 17:27:41 schwarze Exp $ .\" full merge up to: OpenSSL 5211e094 Nov 11 14:39:11 2014 -0800 .\" EVP_bf_cbc.pod EVP_cast5_cbc.pod EVP_idea_cbc.pod EVP_rc2_cbc.pod .\" 7c6d372a Nov 20 13:20:01 2018 +0000 @@ -69,7 +69,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 26 2023 $ +.Dd $Mdocdate: August 31 2023 $ .Dt EVP_ENCRYPTINIT 3 .Os .Sh NAME @@ -96,37 +96,10 @@ .Nm EVP_CipherFinal , .Nm EVP_Cipher , .Nm EVP_CIPHER_CTX_encrypting , -.Nm EVP_CIPHER_CTX_set_flags , -.Nm EVP_CIPHER_CTX_clear_flags , -.Nm EVP_CIPHER_CTX_test_flags , -.Nm EVP_CIPHER_CTX_set_padding , -.Nm EVP_CIPHER_CTX_set_key_length , -.Nm EVP_CIPHER_CTX_ctrl , -.Nm EVP_CIPHER_CTX_rand_key , .Nm EVP_get_cipherbyname , .Nm EVP_get_cipherbynid , .Nm EVP_get_cipherbyobj , -.Nm EVP_CIPHER_nid , -.Nm EVP_CIPHER_block_size , -.Nm EVP_CIPHER_key_length , -.Nm EVP_CIPHER_iv_length , -.Nm EVP_CIPHER_flags , -.Nm EVP_CIPHER_mode , -.Nm EVP_CIPHER_type , .Nm EVP_CIPHER_CTX_cipher , -.Nm EVP_CIPHER_CTX_nid , -.Nm EVP_CIPHER_CTX_block_size , -.Nm EVP_CIPHER_CTX_key_length , -.Nm EVP_CIPHER_CTX_iv_length , -.Nm EVP_CIPHER_CTX_get_iv , -.Nm EVP_CIPHER_CTX_set_iv , -.Nm EVP_CIPHER_CTX_get_app_data , -.Nm EVP_CIPHER_CTX_set_app_data , -.Nm EVP_CIPHER_CTX_type , -.Nm EVP_CIPHER_CTX_flags , -.Nm EVP_CIPHER_CTX_mode , -.Nm EVP_CIPHER_param_to_asn1 , -.Nm EVP_CIPHER_asn1_to_param , .Nm EVP_enc_null , .Nm EVP_idea_cbc , .Nm EVP_idea_ecb , @@ -294,43 +267,6 @@ .Fo EVP_CIPHER_CTX_encrypting .Fa "const EVP_CIPHER_CTX *ctx" .Fc -.Ft void -.Fo EVP_CIPHER_CTX_set_flags -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int flags" -.Fc -.Ft void -.Fo EVP_CIPHER_CTX_clear_flags -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int flags" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_test_flags -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int flags" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_set_padding -.Fa "EVP_CIPHER_CTX *x" -.Fa "int padding" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_set_key_length -.Fa "EVP_CIPHER_CTX *x" -.Fa "int keylen" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_ctrl -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "int type" -.Fa "int arg" -.Fa "void *ptr" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_rand_key -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *key" -.Fc .Ft const EVP_CIPHER * .Fo EVP_get_cipherbyname .Fa "const char *name" @@ -343,97 +279,10 @@ .Fo EVP_get_cipherbyobj .Fa "const ASN1_OBJECT *a" .Fc -.Ft int -.Fo EVP_CIPHER_nid -.Fa "const EVP_CIPHER *e" -.Fc -.Ft int -.Fo EVP_CIPHER_block_size -.Fa "const EVP_CIPHER *e" -.Fc -.Ft int -.Fo EVP_CIPHER_key_length -.Fa "const EVP_CIPHER *e" -.Fc -.Ft int -.Fo EVP_CIPHER_iv_length -.Fa "const EVP_CIPHER *e" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_flags -.Fa "const EVP_CIPHER *e" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_mode -.Fa "const EVP_CIPHER *e" -.Fc -.Ft int -.Fo EVP_CIPHER_type -.Fa "const EVP_CIPHER *ctx" -.Fc .Ft const EVP_CIPHER * .Fo EVP_CIPHER_CTX_cipher .Fa "const EVP_CIPHER_CTX *ctx" .Fc -.Ft int -.Fo EVP_CIPHER_CTX_nid -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_block_size -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_key_length -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_iv_length -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_get_iv -.Fa "const EVP_CIPHER_CTX *ctx" -.Fa "unsigned char *iv" -.Fa "size_t len" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_set_iv -.Fa "EVP_CIPHER_CTX *ctx" -.Fa "const unsigned char *iv" -.Fa "size_t len" -.Fc -.Ft void * -.Fo EVP_CIPHER_CTX_get_app_data -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft void -.Fo EVP_CIPHER_CTX_set_app_data -.Fa "const EVP_CIPHER_CTX *ctx" -.Fa "void *data" -.Fc -.Ft int -.Fo EVP_CIPHER_CTX_type -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_CTX_flags -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft unsigned long -.Fo EVP_CIPHER_CTX_mode -.Fa "const EVP_CIPHER_CTX *ctx" -.Fc -.Ft int -.Fo EVP_CIPHER_param_to_asn1 -.Fa "EVP_CIPHER_CTX *c" -.Fa "ASN1_TYPE *type" -.Fc -.Ft int -.Fo EVP_CIPHER_asn1_to_param -.Fa "EVP_CIPHER_CTX *c" -.Fa "ASN1_TYPE *type" -.Fc .Sh DESCRIPTION The EVP cipher routines are a high level interface to certain symmetric ciphers. @@ -492,7 +341,7 @@ and objects used by .Fa in and any application specific data set with -.Fn EVP_CIPHER_CTX_set_app_data +.Xr EVP_CIPHER_CTX_set_app_data 3 are not copied and .Fa out will point to the same three objects. @@ -507,7 +356,7 @@ If the bit .Dv EVP_CIPH_CUSTOM_COPY has been set with .Xr EVP_CIPHER_meth_set_flags 3 , -.Fn EVP_CIPHER_CTX_ctrl +.Xr EVP_CIPHER_CTX_ctrl 3 is called at the end with arguments .Fa in , .Dv EVP_CTRL_COPY , @@ -690,123 +539,6 @@ structure when passed a cipher name, a NID or an .Vt ASN1_OBJECT structure. .Pp -.Fn EVP_CIPHER_nid -and -.Fn EVP_CIPHER_CTX_nid -return the NID of a cipher when passed an -.Vt EVP_CIPHER -or -.Vt EVP_CIPHER_CTX -structure. -The actual NID value is an internal value which may not have a -corresponding OBJECT IDENTIFIER. -.Pp -.Fn EVP_CIPHER_CTX_set_flags -enables the given -.Fa flags -in -.Fa ctx . -.Fn EVP_CIPHER_CTX_clear_flags -disables the given -.Fa flags -in -.Fa ctx . -.Fn EVP_CIPHER_CTX_test_flags -checks whether any of the given -.Fa flags -are currently set in -.Fa ctx , -returning the subset of the -.Fa flags -that are set, or 0 if none of them are set. -Currently, the only supported cipher context flag is -.Dv EVP_CIPHER_CTX_FLAG_WRAP_ALLOW ; -see -.Xr EVP_aes_128_wrap 3 -for details. -.Pp -.Fn EVP_CIPHER_CTX_set_padding -enables or disables padding. -This function should be called after the context is set up for -encryption or decryption with -.Fn EVP_EncryptInit_ex , -.Fn EVP_DecryptInit_ex , -or -.Fn EVP_CipherInit_ex . -By default encryption operations are padded using standard block padding -and the padding is checked and removed when decrypting. -If the -.Fa padding -parameter is zero, then no padding is performed, the total amount of data -encrypted or decrypted must then be a multiple of the block size or an -error will occur. -.Pp -.Fn EVP_CIPHER_key_length -and -.Fn EVP_CIPHER_CTX_key_length -return the key length of a cipher when passed an -.Vt EVP_CIPHER -or -.Vt EVP_CIPHER_CTX -structure. -The constant -.Dv EVP_MAX_KEY_LENGTH -is the maximum key length for all ciphers. -Note: although -.Fn EVP_CIPHER_key_length -is fixed for a given cipher, the value of -.Fn EVP_CIPHER_CTX_key_length -may be different for variable key length ciphers. -.Pp -.Fn EVP_CIPHER_CTX_set_key_length -sets the key length of the cipher ctx. -If the cipher is a fixed length cipher, then attempting to set the key -length to any value other than the fixed value is an error. -.Pp -.Fn EVP_CIPHER_iv_length -and -.Fn EVP_CIPHER_CTX_iv_length -return the IV length of a cipher when passed an -.Vt EVP_CIPHER -or -.Vt EVP_CIPHER_CTX . -It will return zero if the cipher does not use an IV. -The constant -.Dv EVP_MAX_IV_LENGTH -is the maximum IV length for all ciphers. -.Pp -.Fn EVP_CIPHER_CTX_get_iv -and -.Fn EVP_CIPHER_CTX_set_iv -will respectively retrieve and set the IV for an -.Vt EVP_CIPHER_CTX . -In both cases, the specified IV length must exactly equal the expected -IV length for the context as returned by -.Fn EVP_CIPHER_CTX_iv_length . -.Pp -.Fn EVP_CIPHER_block_size -and -.Fn EVP_CIPHER_CTX_block_size -return the block size of a cipher when passed an -.Vt EVP_CIPHER -or -.Vt EVP_CIPHER_CTX -structure. -The constant -.Dv EVP_MAX_BLOCK_LENGTH -is also the maximum block length for all ciphers. -.Pp -.Fn EVP_CIPHER_type -and -.Fn EVP_CIPHER_CTX_type -return the type of the passed cipher or context. -This "type" is the actual NID of the cipher OBJECT IDENTIFIER as such it -ignores the cipher parameters and 40-bit RC2 and 128-bit RC2 have the -same NID. -If the cipher does not have an object identifier or does not -have ASN.1 support, this function will return -.Dv NID_undef . -.Pp .Fn EVP_CIPHER_CTX_cipher returns the .Vt EVP_CIPHER @@ -814,72 +546,6 @@ structure when passed an .Vt EVP_CIPHER_CTX structure. .Pp -.Fn EVP_CIPHER_mode -and -.Fn EVP_CIPHER_CTX_mode -return the block cipher mode: -.Dv EVP_CIPH_ECB_MODE , -.Dv EVP_CIPH_CBC_MODE , -.Dv EVP_CIPH_CFB_MODE , -.Dv EVP_CIPH_OFB_MODE , -.Dv EVP_CIPH_CTR_MODE , -or -.Dv EVP_CIPH_XTS_MODE . -If the cipher is a stream cipher then -.Dv EVP_CIPH_STREAM_CIPHER -is returned. -.Pp -.Fn EVP_CIPHER_param_to_asn1 -sets the ASN.1 -.Vt AlgorithmIdentifier -parameter based on the passed cipher. -This will typically include any parameters and an IV. -The cipher IV (if any) must be set when this call is made. -This call should be made before the cipher is actually "used" (before any -.Fn EVP_EncryptUpdate -or -.Fn EVP_DecryptUpdate -calls, for example). -This function may fail if the cipher does not have any ASN.1 support. -.Pp -.Fn EVP_CIPHER_asn1_to_param -sets the cipher parameters based on an ASN.1 -.Vt AlgorithmIdentifier -parameter. -The precise effect depends on the cipher. -In the case of RC2, for example, it will set the IV and effective -key length. -This function should be called after the base cipher type is set but -before the key is set. -For example -.Fn EVP_CipherInit -will be called with the IV and key set to -.Dv NULL , -.Fn EVP_CIPHER_asn1_to_param -will be called and finally -.Fn EVP_CipherInit -again with all parameters except the key set to -.Dv NULL . -It is possible for this function to fail if the cipher does not -have any ASN.1 support or the parameters cannot be set (for example -the RC2 effective key length is not supported). -.Pp -.Fn EVP_CIPHER_CTX_ctrl -allows various cipher specific parameters to be determined and set. -Currently only the RC2 effective key length can be set. -.Pp -.Fn EVP_CIPHER_CTX_rand_key -generates a random key of the appropriate length based on the cipher -context. -The -.Vt EVP_CIPHER -can provide its own random key generation routine to support keys -of a specific form. -The -.Fa key -argument must point to a buffer at least as big as the value returned by -.Fn EVP_CIPHER_CTX_key_length . -.Pp Where possible the EVP interface to symmetric ciphers should be used in preference to the low level interfaces. This is because the code then becomes transparent to the cipher used and @@ -938,8 +604,6 @@ for failure. .Fn EVP_CIPHER_CTX_reset , .Fn EVP_CIPHER_CTX_cleanup , .Fn EVP_CIPHER_CTX_copy , -.Fn EVP_CIPHER_CTX_get_iv , -.Fn EVP_CIPHER_CTX_set_iv , .Fn EVP_EncryptInit_ex , .Fn EVP_EncryptUpdate , .Fn EVP_EncryptFinal_ex , @@ -955,10 +619,8 @@ for failure. .Fn EVP_DecryptFinal , .Fn EVP_CipherInit , .Fn EVP_CipherFinal , -.Fn EVP_Cipher , -.Fn EVP_CIPHER_CTX_set_key_length , and -.Fn EVP_CIPHER_CTX_rand_key +.Fn EVP_Cipher return 1 for success or 0 for failure. .Pp .Fn EVP_CIPHER_CTX_encrypting @@ -967,18 +629,6 @@ returns 1 if is initialized for encryption or 0 otherwise, in which case it may be uninitialized or initialized for decryption. .Pp -.Fn EVP_CIPHER_CTX_set_padding -always returns 1. -.Pp -.Fn EVP_CIPHER_CTX_ctrl -usually returns 1 for success, 0 for failure, or \-1 if the -.Fa type -is not supported by the -.Fa ctx , -but there may be exceptions for some -.Fa type -arguments. -.Pp .Fn EVP_get_cipherbyname , .Fn EVP_get_cipherbynid , and @@ -989,43 +639,10 @@ structure or .Dv NULL on error. .Pp -.Fn EVP_CIPHER_nid -and -.Fn EVP_CIPHER_CTX_nid -return a NID. -.Pp -.Fn EVP_CIPHER_block_size -and -.Fn EVP_CIPHER_CTX_block_size -return the block size. -.Pp -.Fn EVP_CIPHER_key_length -and -.Fn EVP_CIPHER_CTX_key_length -return the key length. -.Pp -.Fn EVP_CIPHER_iv_length -and -.Fn EVP_CIPHER_CTX_iv_length -return the IV length or zero if the cipher does not use an IV. -.Pp -.Fn EVP_CIPHER_type -and -.Fn EVP_CIPHER_CTX_type -return the NID of the cipher's OBJECT IDENTIFIER or -.Dv NID_undef -if it has no defined OBJECT IDENTIFIER. -.Pp .Fn EVP_CIPHER_CTX_cipher returns an .Vt EVP_CIPHER structure. -.Pp -.Fn EVP_CIPHER_param_to_asn1 -and -.Fn EVP_CIPHER_asn1_to_param -return greater than zero for success and zero or a negative number -for failure. .Sh CIPHER LISTING All algorithms have a fixed key length unless otherwise stated. .Bl -tag -width Ds @@ -1064,9 +681,9 @@ RC2 algorithm in CBC mode with a default key length and effective key length of 40 and 64 bits. These are obsolete and new code should use .Fn EVP_rc2_cbc , -.Fn EVP_CIPHER_CTX_set_key_length , +.Xr EVP_CIPHER_CTX_set_key_length 3 , and -.Fn EVP_CIPHER_CTX_ctrl +.Xr EVP_CIPHER_CTX_ctrl 3 to set the key length and effective key length. .It Xo .Fn EVP_bf_cbc , @@ -1310,7 +927,10 @@ do_crypt(FILE *in, FILE *out, int do_encrypt) .Xr EVP_aes_128_cbc 3 , .Xr EVP_camellia_128_cbc 3 , .Xr EVP_chacha20 3 , +.Xr EVP_CIPHER_CTX_ctrl 3 , .Xr EVP_CIPHER_CTX_get_cipher_data 3 , +.Xr EVP_CIPHER_CTX_set_flags 3 , +.Xr EVP_CIPHER_nid 3 , .Xr EVP_des_cbc 3 , .Xr EVP_OpenInit 3 , .Xr EVP_rc4 3 , @@ -1339,16 +959,7 @@ first appeared in SSLeay 0.5.1. and .Fn EVP_rc2_ofb first appeared in SSLeay 0.5.2. -.Fn EVP_Cipher , -.Fn EVP_CIPHER_block_size , -.Fn EVP_CIPHER_key_length , -.Fn EVP_CIPHER_iv_length , -.Fn EVP_CIPHER_type , -.Fn EVP_CIPHER_CTX_block_size , -.Fn EVP_CIPHER_CTX_key_length , -.Fn EVP_CIPHER_CTX_iv_length , -and -.Fn EVP_CIPHER_CTX_type +.Fn EVP_Cipher first appeared in SSLeay 0.6.5. .Fn EVP_bf_cbc , .Fn EVP_bf_ecb , @@ -1358,20 +969,13 @@ and first appeared in SSLeay 0.6.6. .Fn EVP_CIPHER_CTX_cleanup , .Fn EVP_get_cipherbyobj , -.Fn EVP_CIPHER_nid , .Fn EVP_CIPHER_CTX_cipher , -.Fn EVP_CIPHER_CTX_nid , -.Fn EVP_CIPHER_CTX_get_app_data , -.Fn EVP_CIPHER_CTX_set_app_data , and .Fn EVP_enc_null first appeared in SSLeay 0.8.0. .Fn EVP_get_cipherbynid first appeared in SSLeay 0.8.1. -.Fn EVP_CIPHER_CTX_init , -.Fn EVP_CIPHER_param_to_asn1 , -and -.Fn EVP_CIPHER_asn1_to_param +.Fn EVP_CIPHER_CTX_init first appeared in SSLeay 0.9.0. All these functions have been available since .Ox 2.4 . @@ -1379,30 +983,16 @@ All these functions have been available since .Fn EVP_rc2_40_cbc and .Fn EVP_rc2_64_cbc -first appeared in SSL_eay 0.9.1. -.Fn EVP_CIPHER_CTX_type -first appeared in OpenSSL 0.9.3. -These functions have been available since +first appeared in SSLeay 0.9.1 and have been available since .Ox 2.6 . .Pp -.Fn EVP_CIPHER_CTX_set_key_length , -.Fn EVP_CIPHER_CTX_ctrl , -.Fn EVP_CIPHER_flags , -.Fn EVP_CIPHER_mode , -.Fn EVP_CIPHER_CTX_flags , -and -.Fn EVP_CIPHER_CTX_mode -first appeared in OpenSSL 0.9.6 and have been available since -.Ox 2.9 . -.Pp .Fn EVP_EncryptInit_ex , .Fn EVP_EncryptFinal_ex , .Fn EVP_DecryptInit_ex , .Fn EVP_DecryptFinal_ex , .Fn EVP_CipherInit_ex , -.Fn EVP_CipherFinal_ex , and -.Fn EVP_CIPHER_CTX_set_padding +.Fn EVP_CipherFinal_ex first appeared in OpenSSL 0.9.7 and have been available since .Ox 3.2 . .Pp @@ -1414,13 +1004,10 @@ and first appeared in OpenSSL 0.9.7e and have been available since .Ox 3.8 . .Pp -.Fn EVP_CIPHER_CTX_rand_key -first appeared in OpenSSL 0.9.8. .Fn EVP_CIPHER_CTX_new and .Fn EVP_CIPHER_CTX_free -first appeared in OpenSSL 0.9.8b. -These functions have been available since +first appeared in OpenSSL 0.9.8b and have been available since .Ox 4.5 . .Pp .Fn EVP_CIPHER_CTX_copy @@ -1435,27 +1022,7 @@ first appeared in OpenSSL 1.1.0 and has been available since .Fn EVP_CIPHER_CTX_encrypting first appeared in OpenSSL 1.1.0 and has been available since .Ox 6.4 . -.Pp -.Fn EVP_CIPHER_CTX_get_iv -and -.Fn EVP_CIPHER_CTX_set_iv -first appeared in LibreSSL 2.8.1 and have been available since -.Ox 6.4 . .Sh BUGS -.Dv EVP_MAX_KEY_LENGTH -and -.Dv EVP_MAX_IV_LENGTH -only refer to the internal ciphers with default key lengths. -If custom ciphers exceed these values, the results are unpredictable. -This is because it has become standard practice to define a generic key -as a fixed unsigned char array containing -.Dv EVP_MAX_KEY_LENGTH -bytes. -.Pp -The ASN.1 code is incomplete (and sometimes inaccurate). -It has only been tested for certain common S/MIME ciphers -(RC2, DES, triple DES) in CBC mode. -.Pp .Fn EVP_CIPHER_CTX_copy may already have cleared the data in .Fa out diff --git a/lib/libcrypto/man/Makefile b/lib/libcrypto/man/Makefile index 4052638e0..654a4f02a 100644 --- a/lib/libcrypto/man/Makefile +++ b/lib/libcrypto/man/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.265 2023/08/30 00:58:57 tb Exp $ +# $OpenBSD: Makefile,v 1.266 2023/08/31 17:27:41 schwarze Exp $ .include @@ -164,9 +164,12 @@ MAN= \ ESS_SIGNING_CERT_new.3 \ EVP_AEAD_CTX_init.3 \ EVP_BytesToKey.3 \ + EVP_CIPHER_CTX_ctrl.3 \ EVP_CIPHER_CTX_get_cipher_data.3 \ + EVP_CIPHER_CTX_set_flags.3 \ EVP_CIPHER_do_all.3 \ EVP_CIPHER_meth_new.3 \ + EVP_CIPHER_nid.3 \ EVP_DigestInit.3 \ EVP_DigestSignInit.3 \ EVP_DigestVerifyInit.3 \ diff --git a/lib/libcrypto/man/evp.3 b/lib/libcrypto/man/evp.3 index 3b93d8ba6..d2b92ae6a 100644 --- a/lib/libcrypto/man/evp.3 +++ b/lib/libcrypto/man/evp.3 @@ -1,4 +1,4 @@ -.\" $OpenBSD: evp.3,v 1.21 2023/08/30 00:58:57 tb Exp $ +.\" $OpenBSD: evp.3,v 1.22 2023/08/31 17:27:41 schwarze Exp $ .\" full merge up to: OpenSSL man7/evp 24a535ea Sep 22 13:14:20 2020 +0100 .\" .\" This file was written by Ulf Moeller , @@ -51,7 +51,7 @@ .\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED .\" OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: August 30 2023 $ +.Dd $Mdocdate: August 31 2023 $ .Dt EVP 3 .Os .Sh NAME @@ -199,9 +199,12 @@ operations are more efficient using the high-level interfaces. .Xr EVP_BytesToKey 3 , .Xr EVP_camellia_128_cbc 3 , .Xr EVP_chacha20 3 , +.Xr EVP_CIPHER_CTX_ctrl 3 , .Xr EVP_CIPHER_CTX_get_cipher_data 3 , +.Xr EVP_CIPHER_CTX_set_flags 3 , .Xr EVP_CIPHER_do_all 3 , .Xr EVP_CIPHER_meth_new 3 , +.Xr EVP_CIPHER_nid 3 , .Xr EVP_des_cbc 3 , .Xr EVP_DigestInit 3 , .Xr EVP_DigestSignInit 3 , diff --git a/regress/sbin/bioctl/Makefile b/regress/sbin/bioctl/Makefile index 6bb572297..8b76ba15a 100644 --- a/regress/sbin/bioctl/Makefile +++ b/regress/sbin/bioctl/Makefile @@ -1,4 +1,4 @@ -# $OpenBSD: Makefile,v 1.7 2023/08/30 16:45:57 kn Exp $ +# $OpenBSD: Makefile,v 1.9 2023/08/30 17:40:08 kn Exp $ BIOCTL ?= /sbin/bioctl @@ -6,21 +6,27 @@ CHUNKFILE = disk.img CHUNKDEVFILE = chunk.txt VOLDEVFILE = vol.txt ROUNDSFILE = rounds.txt +PASSFILE = passphrase.txt OLDPW = oldsecret NEWPW = securenew NROUNDS ?= 17 -REGRESS_SETUP_ONCE = create-chunk +REGRESS_SETUP_ONCE = create-chunk create-passfile create-chunk: dd if=/dev/zero of=${CHUNKFILE} bs=512k count=0 seek=1 status=none ${SUDO} vnconfig -- ${CHUNKFILE} 1>${CHUNKDEVFILE} echo 'RAID *' | ${SUDO} disklabel -wAT- -- "$$(<${CHUNKDEVFILE})" +create-passfile: + ${SUDO} install -o root -m u=rw,go= /dev/null ${PASSFILE} + printf '%s\n' '${OLDPW}' | ${SUDO} tee ${PASSFILE} 1>/dev/null + SUCCESS_TESTS = scripted-create-volume \ scripted-recreate-volume \ + reopen-volume-with-passfile \ scripted-change-passphrase \ verify-increased-rounds REGRESS_TARGETS = ${SUCCESS_TESTS} @@ -36,6 +42,10 @@ scripted-recreate-volume: detach-volume ${SUDO} ${BIOCTL} -s -Cforce -r${NROUNDS} -cC -l"$$(<${CHUNKDEVFILE})a" -- softraid0 | \ grep -o 'sd[0-9]*$$' -- 1>${VOLDEVFILE} +reopen-volume-with-passfile: detach-volume + ${SUDO} ${BIOCTL} -p${PASSFILE} -cC -l"$$(<${CHUNKDEVFILE})a" -- softraid0 | \ + grep -o 'sd[0-9]*$$' -- 1>${VOLDEVFILE} + scripted-change-passphrase: printf '%s\n%s\n' '${OLDPW}' '${NEWPW}' | \ ${SUDO} ${BIOCTL} -s -P -v -- "$$(<${VOLDEVFILE})" | \ @@ -49,6 +59,8 @@ verify-increased-rounds: FAILURE_TESTS = reuse-active-chunk \ + use-public-passfile \ + use-foreign-passfile \ set-empty-passphrase REGRESS_EXPECTED_FAILURES += ${FAILURE_TESTS} REGRESS_TARGETS += ${FAILURE_TESTS} @@ -57,6 +69,14 @@ REGRESS_ROOT_TARGETS += ${FAILURE_TESTS} reuse-active-chunk: ${SUDO} ${BIOCTL} -cC -l"$$(<${CHUNKDEVFILE})a" -- softraid0 +use-public-passfile: + ${SUDO} chmod a=rwx ${PASSFILE} + ${SUDO} ${BIOCTL} -p${PASSFILE} -P -- "$$(<${VOLDEVFILE})" + +use-foreign-passfile: + ${SUDO} chown build ${PASSFILE} + ${SUDO} ${BIOCTL} -p${PASSFILE} -P -- "$$(<${VOLDEVFILE})" + set-empty-passphrase: printf '\n' | ${SUDO} ${BIOCTL} -s -P -- "$$(<${VOLDEVFILE})" diff --git a/sys/dev/fdt/if_dwqe_fdt.c b/sys/dev/fdt/if_dwqe_fdt.c index af0f4e470..c6e8fe3d3 100644 --- a/sys/dev/fdt/if_dwqe_fdt.c +++ b/sys/dev/fdt/if_dwqe_fdt.c @@ -1,4 +1,4 @@ -/* $OpenBSD: if_dwqe_fdt.c,v 1.14 2023/07/08 08:18:30 kettenis Exp $ */ +/* $OpenBSD: if_dwqe_fdt.c,v 1.15 2023/08/30 19:08:48 kettenis Exp $ */ /* * Copyright (c) 2008, 2019 Mark Kettenis * Copyright (c) 2017, 2022 Patrick Wildt @@ -64,6 +64,7 @@ int dwqe_fdt_match(struct device *, void *, void *); void dwqe_fdt_attach(struct device *, struct device *, void *); void dwqe_setup_jh7110(struct dwqe_softc *); +void dwqe_mii_statchg_jh7110(struct device *); void dwqe_setup_rk3568(struct dwqe_softc *); void dwqe_mii_statchg_rk3568(struct device *); void dwqe_mii_statchg_rk3588(struct device *); @@ -238,7 +239,10 @@ dwqe_fdt_attach(struct device *parent, struct device *self, void *aux) if (dwqe_attach(sc) != 0) return; - if (OF_is_compatible(faa->fa_node, "rockchip,rk3568-gmac")) + if (OF_is_compatible(faa->fa_node, "starfive,jh7110-dwmac") && + !OF_getpropbool(faa->fa_node, "starfive,tx-use-rgmii-clk")) + sc->sc_mii.mii_statchg = dwqe_mii_statchg_jh7110; + else if (OF_is_compatible(faa->fa_node, "rockchip,rk3568-gmac")) sc->sc_mii.mii_statchg = dwqe_mii_statchg_rk3568; else if (OF_is_compatible(faa->fa_node, "rockchip,rk3588-gmac")) sc->sc_mii.mii_statchg = dwqe_mii_statchg_rk3588; @@ -318,6 +322,7 @@ dwqe_reset_phy(struct dwqe_softc *sc, uint32_t phy) #define RK3568_GMAC_TXCLK_DLY_SET(_v) ((1 << 0) << 16 | ((_v) << 0)) #define RK3568_GMAC_RXCLK_DLY_SET(_v) ((1 << 1) << 16 | ((_v) << 1)) +void dwqe_mii_statchg_jh7110_task(void *); void dwqe_mii_statchg_rk3568_task(void *); void @@ -360,6 +365,38 @@ dwqe_setup_jh7110(struct dwqe_softc *sc) reg &= ~(((1U << 3) - 1) << shift); reg |= iface << shift; regmap_write_4(rm, offset, reg); + + task_set(&sc->sc_statchg_task, + dwqe_mii_statchg_jh7110_task, sc); +} + +void +dwqe_mii_statchg_jh7110_task(void *arg) +{ + struct dwqe_softc *sc = arg; + struct ifnet *ifp = &sc->sc_ac.ac_if; + + dwqe_mii_statchg(&sc->sc_dev); + + switch (ifp->if_baudrate) { + case IF_Mbps(10): + clock_set_frequency(sc->sc_node, "tx", 2500000); + break; + case IF_Mbps(100): + clock_set_frequency(sc->sc_node, "tx", 25000000); + break; + case IF_Mbps(1000): + clock_set_frequency(sc->sc_node, "tx", 125000000); + break; + } +} + +void +dwqe_mii_statchg_jh7110(struct device *self) +{ + struct dwqe_softc *sc = (void *)self; + + task_add(systq, &sc->sc_statchg_task); } void diff --git a/sys/dev/pci/drm/drm_aperture.c b/sys/dev/pci/drm/drm_aperture.c index 2dcbd2491..bb0922f86 100644 --- a/sys/dev/pci/drm/drm_aperture.c +++ b/sys/dev/pci/drm/drm_aperture.c @@ -32,17 +32,13 @@ * * static int remove_conflicting_framebuffers(struct pci_dev *pdev) * { - * bool primary = false; * resource_size_t base, size; * int ret; * * base = pci_resource_start(pdev, 0); * size = pci_resource_len(pdev, 0); - * #ifdef CONFIG_X86 - * primary = pdev->resource[PCI_ROM_RESOURCE].flags & IORESOURCE_ROM_SHADOW; - * #endif * - * return drm_aperture_remove_conflicting_framebuffers(base, size, primary, + * return drm_aperture_remove_conflicting_framebuffers(base, size, * &example_driver); * } * @@ -165,7 +161,6 @@ EXPORT_SYMBOL(devm_aperture_acquire_from_firmware); * drm_aperture_remove_conflicting_framebuffers - remove existing framebuffers in the given range * @base: the aperture's base address in physical memory * @size: aperture size in bytes - * @primary: also kick vga16fb if present * @req_driver: requesting DRM driver * * This function removes graphics device drivers which use the memory range described by @@ -175,9 +170,9 @@ EXPORT_SYMBOL(devm_aperture_acquire_from_firmware); * 0 on success, or a negative errno code otherwise */ int drm_aperture_remove_conflicting_framebuffers(resource_size_t base, resource_size_t size, - bool primary, const struct drm_driver *req_driver) + const struct drm_driver *req_driver) { - return aperture_remove_conflicting_devices(base, size, primary, req_driver->name); + return aperture_remove_conflicting_devices(base, size, false, req_driver->name); } EXPORT_SYMBOL(drm_aperture_remove_conflicting_framebuffers); diff --git a/sys/dev/pci/drm/i915/gt/gen8_engine_cs.c b/sys/dev/pci/drm/i915/gt/gen8_engine_cs.c index b2838732a..cc8468536 100644 --- a/sys/dev/pci/drm/i915/gt/gen8_engine_cs.c +++ b/sys/dev/pci/drm/i915/gt/gen8_engine_cs.c @@ -165,14 +165,60 @@ static u32 preparser_disable(bool state) return MI_ARB_CHECK | 1 << 8 | state; } -u32 *gen12_emit_aux_table_inv(struct intel_gt *gt, u32 *cs, const i915_reg_t inv_reg) +static i915_reg_t gen12_get_aux_inv_reg(struct intel_engine_cs *engine) { - u32 gsi_offset = gt->uncore->gsi_offset; + switch (engine->id) { + case RCS0: + return GEN12_CCS_AUX_INV; + case BCS0: + return GEN12_BCS0_AUX_INV; + case VCS0: + return GEN12_VD0_AUX_INV; + case VCS2: + return GEN12_VD2_AUX_INV; + case VECS0: + return GEN12_VE0_AUX_INV; + case CCS0: + return GEN12_CCS0_AUX_INV; + default: + return INVALID_MMIO_REG; + } +} + +static bool gen12_needs_ccs_aux_inv(struct intel_engine_cs *engine) +{ + i915_reg_t reg = gen12_get_aux_inv_reg(engine); + + if (IS_PONTEVECCHIO(engine->i915)) + return false; + + /* + * So far platforms supported by i915 having flat ccs do not require + * AUX invalidation. Check also whether the engine requires it. + */ + return i915_mmio_reg_valid(reg) && !HAS_FLAT_CCS(engine->i915); +} + +u32 *gen12_emit_aux_table_inv(struct intel_engine_cs *engine, u32 *cs) +{ + i915_reg_t inv_reg = gen12_get_aux_inv_reg(engine); + u32 gsi_offset = engine->gt->uncore->gsi_offset; + + if (!gen12_needs_ccs_aux_inv(engine)) + return cs; *cs++ = MI_LOAD_REGISTER_IMM(1) | MI_LRI_MMIO_REMAP_EN; *cs++ = i915_mmio_reg_offset(inv_reg) + gsi_offset; *cs++ = AUX_INV; - *cs++ = MI_NOOP; + + *cs++ = MI_SEMAPHORE_WAIT_TOKEN | + MI_SEMAPHORE_REGISTER_POLL | + MI_SEMAPHORE_POLL | + MI_SEMAPHORE_SAD_EQ_SDD; + *cs++ = 0; + *cs++ = i915_mmio_reg_offset(inv_reg) + gsi_offset; + *cs++ = 0; + *cs++ = 0; return cs; } @@ -181,7 +227,11 @@ int gen12_emit_flush_rcs(struct i915_request *rq, u32 mode) { struct intel_engine_cs *engine = rq->engine; - if (mode & EMIT_FLUSH) { + /* + * On Aux CCS platforms the invalidation of the Aux + * table requires quiescing memory traffic beforehand + */ + if (mode & EMIT_FLUSH || gen12_needs_ccs_aux_inv(engine)) { u32 flags = 0; u32 *cs; @@ -236,10 +286,9 @@ int gen12_emit_flush_rcs(struct i915_request *rq, u32 mode) else if (engine->class == COMPUTE_CLASS) flags &= ~PIPE_CONTROL_3D_ENGINE_FLAGS; - if (!HAS_FLAT_CCS(rq->engine->i915)) - count = 8 + 4; - else - count = 8; + count = 8; + if (gen12_needs_ccs_aux_inv(rq->engine)) + count += 8; cs = intel_ring_begin(rq, count); if (IS_ERR(cs)) @@ -254,11 +303,7 @@ int gen12_emit_flush_rcs(struct i915_request *rq, u32 mode) cs = gen8_emit_pipe_control(cs, flags, LRC_PPHWSP_SCRATCH_ADDR); - if (!HAS_FLAT_CCS(rq->engine->i915)) { - /* hsdes: 1809175790 */ - cs = gen12_emit_aux_table_inv(rq->engine->gt, cs, - GEN12_CCS_AUX_INV); - } + cs = gen12_emit_aux_table_inv(engine, cs); *cs++ = preparser_disable(false); intel_ring_advance(rq, cs); @@ -269,21 +314,14 @@ int gen12_emit_flush_rcs(struct i915_request *rq, u32 mode) int gen12_emit_flush_xcs(struct i915_request *rq, u32 mode) { - intel_engine_mask_t aux_inv = 0; - u32 cmd, *cs; + u32 cmd = 4; + u32 *cs; - cmd = 4; if (mode & EMIT_INVALIDATE) { cmd += 2; - if (!HAS_FLAT_CCS(rq->engine->i915) && - (rq->engine->class == VIDEO_DECODE_CLASS || - rq->engine->class == VIDEO_ENHANCEMENT_CLASS)) { - aux_inv = rq->engine->mask & - ~GENMASK(_BCS(I915_MAX_BCS - 1), BCS0); - if (aux_inv) - cmd += 4; - } + if (gen12_needs_ccs_aux_inv(rq->engine)) + cmd += 8; } cs = intel_ring_begin(rq, cmd); @@ -314,14 +352,7 @@ int gen12_emit_flush_xcs(struct i915_request *rq, u32 mode) *cs++ = 0; /* upper addr */ *cs++ = 0; /* value */ - if (aux_inv) { /* hsdes: 1809175790 */ - if (rq->engine->class == VIDEO_DECODE_CLASS) - cs = gen12_emit_aux_table_inv(rq->engine->gt, - cs, GEN12_VD0_AUX_INV); - else - cs = gen12_emit_aux_table_inv(rq->engine->gt, - cs, GEN12_VE0_AUX_INV); - } + cs = gen12_emit_aux_table_inv(rq->engine, cs); if (mode & EMIT_INVALIDATE) *cs++ = preparser_disable(false); diff --git a/sys/dev/pci/drm/i915/gt/gen8_engine_cs.h b/sys/dev/pci/drm/i915/gt/gen8_engine_cs.h index e4d24c811..651eb786e 100644 --- a/sys/dev/pci/drm/i915/gt/gen8_engine_cs.h +++ b/sys/dev/pci/drm/i915/gt/gen8_engine_cs.h @@ -13,6 +13,7 @@ #include "intel_gt_regs.h" #include "intel_gpu_commands.h" +struct intel_engine_cs; struct intel_gt; struct i915_request; @@ -46,7 +47,7 @@ u32 *gen8_emit_fini_breadcrumb_rcs(struct i915_request *rq, u32 *cs); u32 *gen11_emit_fini_breadcrumb_rcs(struct i915_request *rq, u32 *cs); u32 *gen12_emit_fini_breadcrumb_rcs(struct i915_request *rq, u32 *cs); -u32 *gen12_emit_aux_table_inv(struct intel_gt *gt, u32 *cs, const i915_reg_t inv_reg); +u32 *gen12_emit_aux_table_inv(struct intel_engine_cs *engine, u32 *cs); static inline u32 * __gen8_emit_pipe_control(u32 *batch, u32 flags0, u32 flags1, u32 offset) diff --git a/sys/dev/pci/drm/i915/gt/intel_gpu_commands.h b/sys/dev/pci/drm/i915/gt/intel_gpu_commands.h index d4e9702d3..25ea5f8a4 100644 --- a/sys/dev/pci/drm/i915/gt/intel_gpu_commands.h +++ b/sys/dev/pci/drm/i915/gt/intel_gpu_commands.h @@ -120,6 +120,7 @@ #define MI_SEMAPHORE_TARGET(engine) ((engine)<<15) #define MI_SEMAPHORE_WAIT MI_INSTR(0x1c, 2) /* GEN8+ */ #define MI_SEMAPHORE_WAIT_TOKEN MI_INSTR(0x1c, 3) /* GEN12+ */ +#define MI_SEMAPHORE_REGISTER_POLL (1 << 16) #define MI_SEMAPHORE_POLL (1 << 15) #define MI_SEMAPHORE_SAD_GT_SDD (0 << 12) #define MI_SEMAPHORE_SAD_GTE_SDD (1 << 12) diff --git a/sys/dev/pci/drm/i915/gt/intel_lrc.c b/sys/dev/pci/drm/i915/gt/intel_lrc.c index 81ceb5ea6..4948ca154 100644 --- a/sys/dev/pci/drm/i915/gt/intel_lrc.c +++ b/sys/dev/pci/drm/i915/gt/intel_lrc.c @@ -1301,10 +1301,7 @@ gen12_emit_indirect_ctx_rcs(const struct intel_context *ce, u32 *cs) IS_DG2_G11(ce->engine->i915)) cs = gen8_emit_pipe_control(cs, PIPE_CONTROL_INSTRUCTION_CACHE_INVALIDATE, 0); - /* hsdes: 1809175790 */ - if (!HAS_FLAT_CCS(ce->engine->i915)) - cs = gen12_emit_aux_table_inv(ce->engine->gt, - cs, GEN12_CCS_AUX_INV); + cs = gen12_emit_aux_table_inv(ce->engine, cs); /* Wa_16014892111 */ if (IS_DG2(ce->engine->i915)) @@ -1327,17 +1324,7 @@ gen12_emit_indirect_ctx_xcs(const struct intel_context *ce, u32 *cs) PIPE_CONTROL_INSTRUCTION_CACHE_INVALIDATE, 0); - /* hsdes: 1809175790 */ - if (!HAS_FLAT_CCS(ce->engine->i915)) { - if (ce->engine->class == VIDEO_DECODE_CLASS) - cs = gen12_emit_aux_table_inv(ce->engine->gt, - cs, GEN12_VD0_AUX_INV); - else if (ce->engine->class == VIDEO_ENHANCEMENT_CLASS) - cs = gen12_emit_aux_table_inv(ce->engine->gt, - cs, GEN12_VE0_AUX_INV); - } - - return cs; + return gen12_emit_aux_table_inv(ce->engine, cs); } static void diff --git a/sys/dev/pci/drm/i915/i915_driver.c b/sys/dev/pci/drm/i915/i915_driver.c index 05d373cc8..28c3770a6 100644 --- a/sys/dev/pci/drm/i915/i915_driver.c +++ b/sys/dev/pci/drm/i915/i915_driver.c @@ -603,7 +603,6 @@ static int i915_pcode_init(struct drm_i915_private *i915) static int i915_driver_hw_probe(struct drm_i915_private *dev_priv) { struct pci_dev *pdev = dev_priv->drm.pdev; - struct pci_dev *root_pdev; int ret; if (i915_inject_probe_failure(dev_priv)) @@ -715,17 +714,6 @@ static int i915_driver_hw_probe(struct drm_i915_private *dev_priv) intel_bw_init_hw(dev_priv); - /* - * FIXME: Temporary hammer to avoid freezing the machine on our DGFX - * This should be totally removed when we handle the pci states properly - * on runtime PM and on s2idle cases. - */ -#ifdef notyet - root_pdev = pcie_find_root_port(pdev); - if (root_pdev) - pci_d3cold_disable(root_pdev); -#endif - return 0; err_msi: @@ -751,16 +739,11 @@ static void i915_driver_hw_remove(struct drm_i915_private *dev_priv) STUB(); #ifdef notyet struct pci_dev *pdev = dev_priv->drm.pdev; - struct pci_dev *root_pdev; i915_perf_fini(dev_priv); if (pdev->msi_enabled) pci_disable_msi(pdev); - - root_pdev = pcie_find_root_port(pdev); - if (root_pdev) - pci_d3cold_enable(root_pdev); #endif } @@ -1785,6 +1768,8 @@ static int intel_runtime_suspend(struct device *kdev) { struct drm_i915_private *dev_priv = kdev_to_i915(kdev); struct intel_runtime_pm *rpm = &dev_priv->runtime_pm; + struct pci_dev *pdev = to_pci_dev(dev_priv->drm.dev); + struct pci_dev *root_pdev; struct intel_gt *gt; int ret, i; @@ -1834,6 +1819,15 @@ static int intel_runtime_suspend(struct device *kdev) drm_err(&dev_priv->drm, "Unclaimed access detected prior to suspending\n"); + /* + * FIXME: Temporary hammer to avoid freezing the machine on our DGFX + * This should be totally removed when we handle the pci states properly + * on runtime PM. + */ + root_pdev = pcie_find_root_port(pdev); + if (root_pdev) + pci_d3cold_disable(root_pdev); + rpm->suspended = true; /* @@ -1872,6 +1866,8 @@ static int intel_runtime_resume(struct device *kdev) { struct drm_i915_private *dev_priv = kdev_to_i915(kdev); struct intel_runtime_pm *rpm = &dev_priv->runtime_pm; + struct pci_dev *pdev = to_pci_dev(dev_priv->drm.dev); + struct pci_dev *root_pdev; struct intel_gt *gt; int ret, i; @@ -1885,6 +1881,11 @@ static int intel_runtime_resume(struct device *kdev) intel_opregion_notify_adapter(dev_priv, PCI_D0); rpm->suspended = false; + + root_pdev = pcie_find_root_port(pdev); + if (root_pdev) + pci_d3cold_enable(root_pdev); + if (intel_uncore_unclaimed_mmio(&dev_priv->uncore)) drm_dbg(&dev_priv->drm, "Unclaimed access during suspend, bios?\n"); diff --git a/sys/dev/pci/drm/include/drm/display/drm_dp.h b/sys/dev/pci/drm/include/drm/display/drm_dp.h index 05f2cc03d..b235d6833 100644 --- a/sys/dev/pci/drm/include/drm/display/drm_dp.h +++ b/sys/dev/pci/drm/include/drm/display/drm_dp.h @@ -1525,7 +1525,7 @@ enum drm_dp_phy { #define DP_BRANCH_OUI_HEADER_SIZE 0xc #define DP_RECEIVER_CAP_SIZE 0xf -#define DP_DSC_RECEIVER_CAP_SIZE 0xf +#define DP_DSC_RECEIVER_CAP_SIZE 0x10 /* DSC Capabilities 0x60 through 0x6F */ #define EDP_PSR_RECEIVER_CAP_SIZE 2 #define EDP_DISPLAY_CTL_CAP_SIZE 3 #define DP_LTTPR_COMMON_CAP_SIZE 8 diff --git a/sys/dev/pci/drm/include/drm/drm_aperture.h b/sys/dev/pci/drm/include/drm/drm_aperture.h index 7096703c3..cbe33b49f 100644 --- a/sys/dev/pci/drm/include/drm/drm_aperture.h +++ b/sys/dev/pci/drm/include/drm/drm_aperture.h @@ -13,14 +13,13 @@ int devm_aperture_acquire_from_firmware(struct drm_device *dev, resource_size_t resource_size_t size); int drm_aperture_remove_conflicting_framebuffers(resource_size_t base, resource_size_t size, - bool primary, const struct drm_driver *req_driver); + const struct drm_driver *req_driver); int drm_aperture_remove_conflicting_pci_framebuffers(struct pci_dev *pdev, const struct drm_driver *req_driver); /** * drm_aperture_remove_framebuffers - remove all existing framebuffers - * @primary: also kick vga16fb if present * @req_driver: requesting DRM driver * * This function removes all graphics device drivers. Use this function on systems @@ -30,9 +29,9 @@ int drm_aperture_remove_conflicting_pci_framebuffers(struct pci_dev *pdev, * 0 on success, or a negative errno code otherwise */ static inline int -drm_aperture_remove_framebuffers(bool primary, const struct drm_driver *req_driver) +drm_aperture_remove_framebuffers(const struct drm_driver *req_driver) { - return drm_aperture_remove_conflicting_framebuffers(0, (resource_size_t)-1, primary, + return drm_aperture_remove_conflicting_framebuffers(0, (resource_size_t)-1, req_driver); } diff --git a/usr.bin/make/cmd_exec.c b/usr.bin/make/cmd_exec.c index ca0ecd25f..70e28f93f 100644 --- a/usr.bin/make/cmd_exec.c +++ b/usr.bin/make/cmd_exec.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cmd_exec.c,v 1.11 2020/01/16 16:07:18 espie Exp $ */ +/* $OpenBSD: cmd_exec.c,v 1.12 2023/08/31 06:53:28 espie Exp $ */ /* * Copyright (c) 2001 Marc Espie. * @@ -28,6 +28,7 @@ #include #include #include +#include #include #include "config.h" #include "defines.h" @@ -36,11 +37,93 @@ #include "memory.h" #include "pathnames.h" #include "job.h" +#include "str.h" + +/* The following array is used to make a fast determination of which + * characters are interpreted specially by the shell. If a command + * contains any of these characters, it is executed by the shell, not + * directly by us. */ +static char meta[256]; + +void +CmdExec_Init(void) +{ + char *p; + + for (p = "#=|^(){};&<>*?[]:$`\\\n~"; *p != '\0'; p++) + meta[(unsigned char) *p] = 1; + /* The null character serves as a sentinel in the string. */ + meta[0] = 1; +} + +static char ** +recheck_command_for_shell(char **av) +{ + char *runsh[] = { + "!", "alias", "cd", "eval", "exit", "read", "set", "ulimit", + "unalias", "unset", "wait", "umask", NULL + }; + + char **p; + + /* optimization: if exec cmd, we avoid the intermediate shell */ + if (strcmp(av[0], "exec") == 0) + av++; + + if (!av[0]) + return NULL; + + for (p = runsh; *p; p++) + if (strcmp(av[0], *p) == 0) + return NULL; + + return av; +} + +void +run_command(const char *cmd, bool errCheck) +{ + const char *p; + char *shargv[4]; + char **todo; + + shargv[0] = _PATH_BSHELL; + + shargv[1] = errCheck ? "-ec" : "-c"; + shargv[2] = (char *)cmd; + shargv[3] = NULL; + + todo = shargv; + + + /* Search for meta characters in the command. If there are no meta + * characters, there's no need to execute a shell to execute the + * command. */ + for (p = cmd; !meta[(unsigned char)*p]; p++) + continue; + if (*p == '\0') { + char *bp; + char **av; + int argc; + /* No meta-characters, so probably no need to exec a shell. + * Break the command into words to form an argument vector + * we can execute. */ + av = brk_string(cmd, &argc, &bp); + av = recheck_command_for_shell(av); + if (av != NULL) + todo = av; + } + execvp(todo[0], todo); + if (errno == ENOENT) + fprintf(stderr, "%s: not found\n", todo[0]); + else + perror(todo[0]); + _exit(1); +} char * Cmd_Exec(const char *cmd, char **err) { - char *args[4]; /* Args for invoking the shell */ int fds[2]; /* Pipe streams */ pid_t cpid; /* Child PID */ char *result; /* Result */ @@ -53,12 +136,6 @@ Cmd_Exec(const char *cmd, char **err) *err = NULL; - /* Set up arguments for the shell. */ - args[0] = "sh"; - args[1] = "-c"; - args[2] = (char *)cmd; - args[3] = NULL; - /* Open a pipe for retrieving shell's output. */ if (pipe(fds) == -1) { *err = "Couldn't create pipe for \"%s\""; @@ -82,8 +159,7 @@ Cmd_Exec(const char *cmd, char **err) (void)close(fds[1]); } - (void)execv(_PATH_BSHELL, args); - _exit(1); + run_command(cmd, false); /*NOTREACHED*/ case -1: diff --git a/usr.bin/make/cmd_exec.h b/usr.bin/make/cmd_exec.h index c7735b621..c1a99aab2 100644 --- a/usr.bin/make/cmd_exec.h +++ b/usr.bin/make/cmd_exec.h @@ -1,6 +1,6 @@ #ifndef CMD_EXEC_H #define CMD_EXEC_H -/* $OpenBSD: cmd_exec.h,v 1.4 2010/07/19 19:46:43 espie Exp $ */ +/* $OpenBSD: cmd_exec.h,v 1.5 2023/08/31 06:53:28 espie Exp $ */ /* * Copyright (c) 2001 Marc Espie. @@ -34,4 +34,6 @@ * The output result should always be freed by the caller. */ extern char *Cmd_Exec(const char *, char **); +extern void CmdExec_Init(void); +extern __dead void run_command(const char *, bool); #endif diff --git a/usr.bin/make/engine.c b/usr.bin/make/engine.c index 9af1de6f3..cc9ee3e6a 100644 --- a/usr.bin/make/engine.c +++ b/usr.bin/make/engine.c @@ -1,4 +1,4 @@ -/* $OpenBSD: engine.c,v 1.71 2023/05/30 04:42:21 espie Exp $ */ +/* $OpenBSD: engine.c,v 1.72 2023/08/31 06:53:28 espie Exp $ */ /* * Copyright (c) 2012 Marc Espie. * @@ -75,6 +75,7 @@ #include #include "config.h" #include "defines.h" +#include "cmd_exec.h" #include "dir.h" #include "engine.h" #include "arch.h" @@ -88,7 +89,6 @@ #include "make.h" #include "pathnames.h" #include "error.h" -#include "str.h" #include "memory.h" #include "buf.h" #include "job.h" @@ -96,9 +96,6 @@ static void MakeTimeStamp(void *, void *); static int rewrite_time(const char *); -static void setup_meta(void); -static void setup_engine(void); -static char **recheck_command_for_shell(char **); static void list_parents(GNode *, FILE *); /* XXX due to a bug in make's logic, targets looking like *.a or -l* @@ -508,88 +505,6 @@ Make_OODate(GNode *gn) return oodate; } -/* The following array is used to make a fast determination of which - * characters are interpreted specially by the shell. If a command - * contains any of these characters, it is executed by the shell, not - * directly by us. */ -static char meta[256]; - -void -setup_meta(void) -{ - char *p; - - for (p = "#=|^(){};&<>*?[]:$`\\\n~"; *p != '\0'; p++) - meta[(unsigned char) *p] = 1; - /* The null character serves as a sentinel in the string. */ - meta[0] = 1; -} - -static char ** -recheck_command_for_shell(char **av) -{ - char *runsh[] = { - "!", "alias", "cd", "eval", "exit", "read", "set", "ulimit", - "unalias", "unset", "wait", "umask", NULL - }; - - char **p; - - /* optimization: if exec cmd, we avoid the intermediate shell */ - if (strcmp(av[0], "exec") == 0) - av++; - - if (!av[0]) - return NULL; - - for (p = runsh; *p; p++) - if (strcmp(av[0], *p) == 0) - return NULL; - - return av; -} - -static void -run_command(const char *cmd, bool errCheck) -{ - const char *p; - char *shargv[4]; - char **todo; - - shargv[0] = _PATH_BSHELL; - - shargv[1] = errCheck ? "-ec" : "-c"; - shargv[2] = (char *)cmd; - shargv[3] = NULL; - - todo = shargv; - - - /* Search for meta characters in the command. If there are no meta - * characters, there's no need to execute a shell to execute the - * command. */ - for (p = cmd; !meta[(unsigned char)*p]; p++) - continue; - if (*p == '\0') { - char *bp; - char **av; - int argc; - /* No meta-characters, so probably no need to exec a shell. - * Break the command into words to form an argument vector - * we can execute. */ - av = brk_string(cmd, &argc, &bp); - av = recheck_command_for_shell(av); - if (av != NULL) - todo = av; - } - execvp(todo[0], todo); - - if (errno == ENOENT) - fprintf(stderr, "%s: not found\n", todo[0]); - else - perror(todo[0]); - _exit(1); -} void job_attach_node(Job *job, GNode *node) @@ -696,17 +611,6 @@ run_gnode(GNode *gn) } -static void -setup_engine(void) -{ - static int already_setup = 0; - - if (!already_setup) { - setup_meta(); - already_setup = 1; - } -} - static bool do_run_command(Job *job, const char *pre) { @@ -799,7 +703,6 @@ job_run_next(Job *job) bool started; GNode *gn = job->node; - setup_engine(); while (job->next_cmd != NULL) { struct command *command = Lst_Datum(job->next_cmd); diff --git a/usr.bin/make/init.c b/usr.bin/make/init.c index db5a224a1..ae8d68971 100644 --- a/usr.bin/make/init.c +++ b/usr.bin/make/init.c @@ -1,4 +1,4 @@ -/* $OpenBSD: init.c,v 1.8 2020/01/16 16:07:18 espie Exp $ */ +/* $OpenBSD: init.c,v 1.9 2023/08/31 06:53:28 espie Exp $ */ /* * Copyright (c) 2001 Marc Espie. @@ -37,11 +37,13 @@ #include "targ.h" #include "suff.h" #include "job.h" +#include "cmd_exec.h" void Init(void) { Sigset_Init(); + CmdExec_Init(); Init_Timestamp(); Init_Stats(); Targ_Init(); diff --git a/usr.sbin/fw_update/fw_update.sh b/usr.sbin/fw_update/fw_update.sh index dce81286b..76f63393c 100644 --- a/usr.sbin/fw_update/fw_update.sh +++ b/usr.sbin/fw_update/fw_update.sh @@ -1,7 +1,7 @@ #!/bin/ksh -# $OpenBSD: fw_update.sh,v 1.44 2022/12/12 02:30:51 afresh1 Exp $ +# $OpenBSD: fw_update.sh,v 1.45 2023/08/31 18:19:21 afresh1 Exp $ # -# Copyright (c) 2021 Andrew Hewus Fresh +# Copyright (c) 2021,2023 Andrew Hewus Fresh # # Permission to use, copy, modify, and distribute this software for any # purpose with or without fee is hereby granted, provided that the above @@ -40,18 +40,39 @@ DELETE=false DOWNLOAD=true INSTALL=true LOCALSRC= +ENABLE_SPINNER=false +[ -t 1 ] && ENABLE_SPINNER=true + +integer STATUS_FD=1 +integer WARN_FD=2 +FD_DIR= unset FTPPID unset LOCKPID unset FWPKGTMP REMOVE_LOCALSRC=false + +status() { echo -n "$*" >&"$STATUS_FD"; } +warn() { echo "$*" >&"$WARN_FD"; } + cleanup() { set +o errexit # ignore errors from killing ftp + + if [ -d "$FD_DIR" ]; then + echo "" >&"$STATUS_FD" + exec 4>&- + + [ -s "$FD_DIR/status" ] && cat "$FD_DIR/status" + [ -s "$FD_DIR/warn" ] && cat "$FD_DIR/warn" >&2 + + rm -rf "$FD_DIR" + fi + [ "${FTPPID:-}" ] && kill -TERM -"$FTPPID" 2>/dev/null [ "${LOCKPID:-}" ] && kill -TERM -"$LOCKPID" 2>/dev/null [ "${FWPKGTMP:-}" ] && rm -rf "$FWPKGTMP" "$REMOVE_LOCALSRC" && rm -rf "$LOCALSRC" - [ -e "${CFILE}" ] && [ ! -s "$CFILE" ] && rm -f "$CFILE" + [ -e "$CFILE" ] && [ ! -s "$CFILE" ] && rm -f "$CFILE" } trap cleanup EXIT @@ -70,6 +91,20 @@ tmpdir() { echo "$_dir" } +spin() { + if ! "$ENABLE_SPINNER"; then + sleep 1 + return 0 + fi + + { + for p in '/' '-' '\\' '|' '/' '-' '\\' '|'; do + echo -n "$p"'\010' + sleep 0.125 + done + }>/dev/tty +} + fetch() { local _src="${FWURL}/${1##*/}" _dst=$1 _user=_file _exit _error='' @@ -99,13 +134,13 @@ fetch() { if [[ $_last -ne $5 ]]; then _last=$5 SECONDS=0 - sleep 1 + spin else kill -INT -"$FTPPID" 2>/dev/null _error=" (timed out)" fi else - sleep 1 + spin fi done @@ -118,7 +153,7 @@ fetch() { if [ "$_exit" -ne 0 ]; then rm -f "$_dst" - echo "Cannot fetch $_src$_error" >&2 + warn "Cannot fetch $_src$_error" return 1 fi @@ -133,7 +168,7 @@ check_cfile() { [ -s "$CFILE" ] || return 1 return 0 fi - if ! fetch_cfile "$@"; then + if ! fetch_cfile; then echo -n > "$CFILE" return 1 fi @@ -146,10 +181,10 @@ fetch_cfile() { fetch "$CFILE" || return 1 set -o noclobber ! signify -qVep "$FWPUB_KEY" -x "$CFILE" -m "$CFILE" && - echo "Signature check of SHA256.sig failed" >&2 && + warn "Signature check of SHA256.sig failed" && rm -f "$CFILE" && return 1 elif [ ! -e "$CFILE" ]; then - echo "${0##*/}: $CFILE: No such file or directory" >&2 + warn "${0##*/}: $CFILE: No such file or directory" return 1 fi @@ -159,14 +194,25 @@ fetch_cfile() { verify() { check_cfile || return 1 # The installer sha256 lacks -C, do it by hand - if ! fgrep -qx "SHA256 (${1##*/}) = $( /bin/sha256 -qb "$1" )" "$CFILE"; then - ((VERBOSE != 1)) && echo "Checksum test for ${1##*/} failed." >&2 + if ! grep -Fqx "SHA256 (${1##*/}) = $( /bin/sha256 -qb "$1" )" "$CFILE" + then + ((VERBOSE != 1)) && warn "Checksum test for ${1##*/} failed." return 1 fi return 0 } +# When verifying existing files that we are going to re-download +# if VERBOSE is 0, don't show the checksum failure of an existing file. +verify_existing() { + local _v=$VERBOSE + check_cfile || return 1 + + ((_v == 0)) && "$DOWNLOAD" && _v=1 + ( VERBOSE=$_v verify "$@" ) +} + firmware_in_dmesg() { local IFS local _d _m _dmesgtail _last='' _nl=' @@ -187,7 +233,7 @@ firmware_in_dmesg() { case $# in 1|2|3) [[ $_dmesgtail = *$1*([!$_nl])${2-}*([!$_nl])${3-}* ]] || continue;; - *) echo "${0##*/}: Bad pattern '${_m#$_nl}' in $FWPATTERNS" >&2; exit 1 ;; + *) warn "${0##*/}: Bad pattern '${_m#$_nl}' in $FWPATTERNS"; exit 1 ;; esac echo "$_d" @@ -329,7 +375,7 @@ delete_firmware() { if [ ! -e "$_cwd/+CONTENTS" ] || ! grep -Fxq '@option firmware' "$_cwd/+CONTENTS"; then - echo "${0##*/}: $_pkg does not appear to be firmware" >&2 + warn "${0##*/}: $_pkg does not appear to be firmware" return 2 fi @@ -389,17 +435,20 @@ do p) LOCALSRC="$OPTARG" ;; v) ((++VERBOSE)) ;; :) - echo "${0##*/}: option requires an argument -- -$OPTARG" >&2 + warn "${0##*/}: option requires an argument -- -$OPTARG" usage ;; ?) - echo "${0##*/}: unknown option -- -$OPTARG" >&2 + warn "${0##*/}: unknown option -- -$OPTARG" usage ;; esac done shift $((OPTIND - 1)) +# Progress bars, not spinner When VERBOSE > 1 +((VERBOSE > 1)) && ENABLE_SPINNER=false + if [ "$LOCALSRC" ]; then if [[ $LOCALSRC = @(ftp|http?(s))://* ]]; then FWURL="${LOCALSRC}" @@ -407,7 +456,7 @@ if [ "$LOCALSRC" ]; then else LOCALSRC="${LOCALSRC#file:}" ! [ -d "$LOCALSRC" ] && - echo "The path must be a URL or an existing directory" >&2 && + warn "The path must be a URL or an existing directory" && exit 1 fi fi @@ -424,7 +473,7 @@ if [ "$OPT_F" ]; then rm -f "$LOCALSRC/$CFILE-OLD" else mv "$LOCALSRC/$CFILE-OLD" "$LOCALSRC/$CFILE" - echo "Using existing $CFILE" >&2 + warn "Using existing $CFILE" fi fi elif [ "$LOCALSRC" ]; then @@ -432,14 +481,34 @@ elif [ "$LOCALSRC" ]; then fi if [ -x /usr/bin/id ] && [ "$(/usr/bin/id -u)" != 0 ]; then - echo "need root privileges" >&2 + warn "need root privileges" exit 1 fi set -sA devices -- "$@" +# In the normal case, we output the status line piecemeal +# so we save warnings to output at the end to not disrupt +# the single line status. +# Actual errors from things like ftp will stil interrupt, +# but it's impossible to know if it's a message people need +# to see now or something that can wait. +# In the verbose case, we instead print out single lines +# or progress bars for each thing we are doing, +# so instead we save up the final status line for the end. +FD_DIR="$( tmpdir "${DESTDIR}/tmp/${0##*/}-fd" )" +if ((VERBOSE)); then + exec 4>"${FD_DIR}/status" + STATUS_FD=4 +else + exec 4>"${FD_DIR}/warn" + WARN_FD=4 +fi + +status "${0##*/}:" + if "$DELETE"; then - [ "$OPT_F" ] && echo "Cannot use -F and -d" >&2 && usage + [ "$OPT_F" ] && warn "Cannot use -F and -d" && usage lock_db # Show the "Uninstall" message when just deleting not upgrading @@ -447,7 +516,7 @@ if "$DELETE"; then set -A installed if [ "${devices[*]:-}" ]; then - "$ALL" && echo "Cannot use -a and devices/files" >&2 && usage + "$ALL" && warn "Cannot use -a and devices/files" && usage set -A installed -- $( for d in "${devices[@]}"; do @@ -460,7 +529,7 @@ if "$DELETE"; then if [ "${i[*]:-}" ]; then echo "${i[@]}" else - echo "No firmware found for '$d'" >&2 + warn "No firmware found for '$d'" fi done ) @@ -468,20 +537,22 @@ if "$DELETE"; then set -A installed -- $( installed_firmware '*' '-firmware-' '*' ) fi - deleted='' + status " delete " + + comma='' if [ "${installed:-}" ]; then for fw in "${installed[@]}"; do + status "$comma$( firmware_devicename "$fw" )" + comma=, if "$DRYRUN"; then ((VERBOSE)) && echo "Delete $fw" else delete_firmware "$fw" || continue fi - deleted="$deleted,$( firmware_devicename "$fw" )" done fi - deleted="${deleted#,}" - echo "${0:##*/}: deleted ${deleted:-none}"; + [ "$comma" ] || status none exit fi @@ -494,7 +565,7 @@ fi CFILE="$LOCALSRC/$CFILE" if [ "${devices[*]:-}" ]; then - "$ALL" && echo "Cannot use -a and devices/files" >&2 && usage + "$ALL" && warn "Cannot use -a and devices/files" && usage else ((VERBOSE > 1)) && echo -n "Detect firmware ..." set -sA devices -- $( detect_firmware ) @@ -503,10 +574,11 @@ else fi -added='' -updated='' +set -A add '' +set -A update '' kept='' unregister='' + if [ "${devices[*]:-}" ]; then lock_db for f in "${devices[@]}"; do @@ -519,44 +591,53 @@ if [ "${devices[*]:-}" ]; then if "$INSTALL" && unregister_firmware "$d"; then unregister="$unregister,$d" else - echo "Unable to find firmware for $d" >&2 + warn "Unable to find firmware for $d" fi continue fi f="$LOCALSRC/$f" elif ! "$INSTALL" && ! grep -Fq "($f)" "$CFILE" ; then - echo "Cannot download local file $f" >&2 + warn "Cannot download local file $f" exit 1 else # Don't verify files specified on the command-line verify_existing=false fi - set -A installed -- $( installed_firmware '' "$d-firmware-" '*' ) + set -A installed + if "$INSTALL"; then + set -A installed -- \ + $( installed_firmware '' "$d-firmware-" '*' ) - if "$INSTALL" && [ "${installed[*]:-}" ]; then - for i in "${installed[@]}"; do - if [ "${f##*/}" = "$i.tgz" ]; then - ((VERBOSE > 2)) && echo "Keep $i" - kept="$kept,$d" - continue 2 - fi - done + if [ "${installed[*]:-}" ]; then + for i in "${installed[@]}"; do + if [ "${f##*/}" = "$i.tgz" ]; then + ((VERBOSE > 2)) \ + && echo "Keep $i" + kept="$kept,$d" + continue 2 + fi + done + fi fi - pending_status=false if "$verify_existing" && [ -e "$f" ]; then + pending_status=false if ((VERBOSE == 1)); then echo -n "Verify ${f##*/} ..." pending_status=true elif ((VERBOSE > 1)) && ! "$INSTALL"; then - echo "Keep/Verify ${f##*/}" + echo "Keep/Verify ${f##*/}" fi - if "$DRYRUN" || verify "$f"; then - "$INSTALL" || kept="$kept,$d" + if "$DRYRUN" || verify_existing "$f"; then + "$pending_status" && echo " done." + if ! "$INSTALL"; then + kept="$kept,$d" + continue + fi elif "$DOWNLOAD"; then - ((VERBOSE == 1)) && echo " failed." + "$pending_status" && echo " failed." ((VERBOSE > 1)) && echo "Refetching $f" rm -f "$f" else @@ -565,67 +646,110 @@ if [ "${devices[*]:-}" ]; then fi fi - if [ -e "$f" ]; then - "$pending_status" && ! "$INSTALL" && echo " done." - elif "$DOWNLOAD"; then - if "$DRYRUN"; then - ((VERBOSE)) && echo "Get/Verify ${f##*/}" - else - if ((VERBOSE == 1)); then - echo -n "Get/Verify ${f##*/} ..." - pending_status=true - fi - fetch "$f" && - verify "$f" || { - "$pending_status" && echo " failed." - continue - } - "$pending_status" && ! "$INSTALL" && echo " done." - fi - "$INSTALL" || added="$added,$d" - elif "$INSTALL"; then - echo "Cannot install ${f##*/}, not found" >&2 - continue - fi - - "$INSTALL" || continue - - update="Install" if [ "${installed[*]:-}" ]; then - update="Update" - for i in "${installed[@]}"; do - "$DRYRUN" || delete_firmware "$i" - done + set -A update -- "${update[@]}" "$f" + else + set -A add -- "${add[@]}" "$f" fi - if "$DRYRUN"; then - ((VERBOSE)) && echo "$update $f" - else - if ((VERBOSE == 1)) && ! "$pending_status"; then - echo -n "Install ${f##*/} ..." - pending_status=true - fi - add_firmware "$f" "$update" - fi - - f="${f##*/}" - f="${f%.tgz}" - if [ "$update" = Install ]; then - "$pending_status" && echo " installed." - added="$added,$d" - else - "$pending_status" && echo " updated." - updated="$updated,$d" - fi done fi -added="${added:#,}" -updated="${updated:#,}" -kept="${kept:#,}" -[ "${unregister:-}" ] && unregister="; unregistered ${unregister:#,}" if "$INSTALL"; then - echo "${0##*/}: added ${added:-none}; updated ${updated:-none}; kept ${kept:-none}${unregister}" + status " add " + action=Install else - echo "${0##*/}: downloaded ${added:-none}; kept ${kept:-none}${unregister}" + status " download " + action=Download fi + +comma='' +[ "${add[*]}" ] || status none +for f in "${add[@]}" _update_ "${update[@]}"; do + [ "$f" ] || continue + if [ "$f" = _update_ ]; then + comma='' + "$INSTALL" || continue + action=Update + status "; update " + [ "${update[*]}" ] || status none + continue + fi + d="$( firmware_devicename "$f" )" + status "$comma$d" + comma=, + + pending_status=false + if [ -e "$f" ]; then + if "$DRYRUN"; then + ((VERBOSE)) && echo "$action ${f##*/}" + else + if ((VERBOSE == 1)); then + echo -n "Install ${f##*/} ..." + pending_status=true + fi + fi + elif "$DOWNLOAD"; then + if "$DRYRUN"; then + ((VERBOSE)) && echo "Get/Verify ${f##*/}" + else + if ((VERBOSE == 1)); then + echo -n "Get/Verify ${f##*/} ..." + pending_status=true + fi + fetch "$f" && + verify "$f" || { + if "$pending_status"; then + echo " failed." + elif ! ((VERBOSE)); then + status "failed (${f##*/})" + fi + continue + } + fi + elif "$INSTALL"; then + warn "Cannot install ${f##*/}, not found" + continue + fi + + if ! "$INSTALL"; then + "$pending_status" && echo " done." + continue + fi + + if ! "$DRYRUN"; then + if [ "$action" = Update ]; then + for i in $( installed_firmware '' "$d-firmware-" '*' ) + do + delete_firmware "$i" || { + if "$pending_status"; then + echo " failed." + elif ! ((VERBOSE)); then + status "failed ($i)" + fi + continue + } + done + fi + + add_firmware "$f" "$action" || { + if "$pending_status"; then + echo " failed." + elif ! ((VERBOSE)); then + status "failed (${f##*/})" + fi + continue + } + fi + + if "$pending_status"; then + if [ "$action" = Install ]; then + echo " installed." + else + echo " updated." + fi + fi +done + +[ "$unregister" ] && status "; unregister ${unregister:#,}" +[ "$kept" ] && status "; keep ${kept:#,}"