sbrk(0) returns the current end address of the BSS segment,
not the base. This might have been confused with the behaviour
of segbrk(), which when given a zero address returns the base.
screenlock: don't poll to top window (thanks Stuart Morrow)
> String becomes stringbg so we have guaranteed max contrast in case the
> user changes the picture. (If you don't change the picture, it's
> white-on-black-on-black (sic) and you would never notice the change.)
Ori Bernstein [Sat, 17 Jul 2021 00:10:44 +0000 (00:10 +0000)]
git/fetch: ensure we clean packfiles on failure
When pulling into a git repository that is group
writable as a non-owner, the pack file is left
in place because we do not have permission to
remove it.
We also leave it behind if we bail out early due
to an error, or due to only listing the changes.
This pushes down the creation of the file, and
cleans it up on error.
thanks to Anthony Martin for spotting the bug.
git/fetch: ensure we clean packfiles on failure
When pulling into a git repository that is group
writable as a non-owner, the pack file is left
in place because we do not have permission to
remove it.
We also leave it behind if we bail out early due
to an error, or due to only listing the changes.
This pushes down the creation of the file, and
cleans it up on error.
Also, while we're here, clean up index caching,
and ensure we close the fd in all cases.
libaml: fix gc bug, need to amltake()/amldrop() temporary buffer
we have to protect the temporary buffer allocated by rwfield()
as rwreg() calls amlmapio() which might cause further aml code
execution causing gc() which frees it under us (as it is not
referenced from the interpreter state).
this fixes a panic on boot of a
Lenovo Thinkpad P17 Gen1 Professional Mobile Workstation
when a virtio device gets reset, we have to also reset the device
shadow indices: availableidx and usedidx. for extra safetly,
we also reset the buffer descriptor table addresses.
this is accomplished by adding a vioqreset(VIOQueue*) function
that brings the queue to its initial reset state.
this fixes non functional ethernet after reboot(8).
virtio: add non-legacy virtio 1.0 drivers for disk and ethernet
The new interface uses pci capability structures to locate the
registers in a rather fine granular way making it more complicated
as they can be located anywhere in any pci bar at any offset.
As far as i can see, qemu (6.0.50) never uses i/o bars in
non-legacy mode, so only mmio is implemented for now.
The previous virtio drivers implemented the legacy interface only
which uses i/o ports for all register accesses. This is still
the preferred method (and also qemu default) as it is easier to
emulate and most likely faster.
However, some vps providers like vultr force the legacy interface
to disabled with qemu -device option "disable-legacy=on" resulting
on a system without a disk and ethernet.
kernel: export pcienumcaps() for custom capability enumeration in drivers (virtio)
This used to be a internal function, but virtio
uses multiple structures with the same cap type
to indicate the location of various register
blocks in the pci bars so export it.
Ori Bernstein [Thu, 8 Jul 2021 21:35:34 +0000 (21:35 +0000)]
rc: add subshell-function syntax
fn foo @{bar} is now equivalent to
fn foo {@{bar}}. As a side effect,
this disallows creating functions
named after keywords without first
quoting them.
libsec: add X509reqtoRSApub() function and return subject alt names in X509to*pub() name buffer
We need a way to parse a rsa certificate request and return the public
key and subject names. The new function X509reqtoRSApub() works the
same way as X509toRSApub() but on a certificate request.
We also need to support certificates that are valid for multiple domain
names (as tlshand does not support certificate selection). For this
reason, a comma separated list is returned as the certificate subject,
making it symmetric to X509rsareq() handling.
A little helper is provided with this change (auth/x5092pub) that takes
a certificate (or a certificate request when -r flag is provided) and
outputs the RSA public key in plan 9 format appended with the subject
attribute.
Anthony Martin [Sun, 27 Jun 2021 00:13:58 +0000 (00:13 +0000)]
manual: don't match nonexistent file while preprocessing
Authsrv(6) used to be called auth(6) before
the fourth edition and was preprocessed by
eqn(6) before the third edition. The mkfile
was never updated to reflect the changes.
Ori Bernstein [Sat, 26 Jun 2021 17:29:27 +0000 (17:29 +0000)]
vt, ssh: don't send interrupts on window resize
When resizing windows, vt would signal ssh by updating
the window size and sending an interrupt. Ssh reacted
by forwarding both the winch and an interrupt.
This change adds a WINCH generation counter so that
ssh can differentiate between resizes and interrupts.
If an interrupt comes in, and the WINCH generation
changes, then the interrupt is taken as signalling a
WINCH.
cinap_lenrek [Sat, 26 Jun 2021 13:16:36 +0000 (13:16 +0000)]
kencc: revert back to "set but not used"
The change to "assignment not used" breaks symmetry with
"used and not set" and removes the reference to the
specific warning mentioned in /sys/doc/comp.ms.
Also, the patch was half-assed as that it left some typos
in like "used an not set", which this change also fixed.
Ori Bernstein [Fri, 25 Jun 2021 23:10:07 +0000 (23:10 +0000)]
rc: skip arguments to Xsrcline, Xsrcfile in codefree
We weren't correctly skipping the location operators
in codefree. This would mostly be work, but sometimes
you'd get unlucky and have one of the argmuents mismatch,
and that would lead to an invalid free.
Ori Bernstein [Tue, 22 Jun 2021 23:55:54 +0000 (23:55 +0000)]
git/fs: use a better heuristic for permissions.
Since we now store /dist/plan9front in git, the
initial assumption that the owner of the repo
is the person touching it is not always true.
This change gives us a better heuristic for the
file permissions we should have in the files we
copy around, basing it off of the permissions of
the .git directory.
Ori Bernstein [Tue, 22 Jun 2021 23:40:11 +0000 (23:40 +0000)]
rc: correct line numbers
When loading a file using ".", we could
end up with our line numbers thrown off
due to the mutation of lexline. Putting
lexline into the runq beside the file
that we're reading from causes it to get
pushed and popped correctly, so that we
no longer lose track of our location.
cinap_lenrek [Sun, 20 Jun 2021 23:33:13 +0000 (23:33 +0000)]
libsec: emulate openssl asn1 when generating x509 csr
when trying to request certificates from letsencrypt,
their test api would reject our csr because of
"tuncated sequence" unless we force subectAltName
by passing multiple domains (as comma separated list).
apparently, we need to provide the context specific tag
"cont [ 0 ]" for the extensions even when we do have
any extensions for the csr (triggered when we need to
have subjectAltNames).
for this, we change mkcont() to take a Elist* instead,
which then can be nil when not used. also put the tag
number argument first, which makes it easier to read.
cinap_lenrek [Sun, 20 Jun 2021 14:41:26 +0000 (14:41 +0000)]
libsec: move zero check to curve25519_dh_finish()
As checking for all zero has to be done in a timing-safe
way to avoid a side channel, it is best todo this here
instead of letting the caller deal with it.
This adds a return type of int to curve25519_dh_finish()
where returning 0 means we got a all zero shared key.
RFC7748 states:
The check for the all-zero value results from the fact
that the X25519 function produces that value if it
operates on an input corresponding to a point with small
order, where the order divides the cofactor of the curve.
kemal [Fri, 18 Jun 2021 19:12:44 +0000 (19:12 +0000)]
libsec: various changes to tls
1. add the curve x25519 to tls, both client and server.
it's more faster, immune to timing attacks by design,
does not require verifying if the public key is valid,
etc etc. server-side has to check if the client supports
the curve, so a new function has been introduced to parse
the client's extensions.
2. reject weak dhe primes that can be easily cracked with
the number field sieve algorithm. this avoids attacks like
logjam.
3. stop putting unix time to the first 4 bytes of client/
server random. it can allow fingerprinting, tls 1.3 doesn't
recommend it any more and there was a draft to deprecate
this behaviour earlier.[1]
Ori Bernstein [Wed, 16 Jun 2021 15:25:02 +0000 (15:25 +0000)]
git/branch: resolve implicit branch switch before using it
When switching a branch implicitly -- ie, creating a local
branch off of a remote branch -- we would get the list of
changed files before we would resolve the implicit branch
switch, leading to an empty list of changes.
Anthony Martin [Tue, 15 Jun 2021 16:13:59 +0000 (16:13 +0000)]
troff: fix mangled fonts and character files
All of these files appear to have been imported from sources in a
case-insensitive manner and consequently lost their original content.
- Hx, Hb, and Hi fonts should be narrow versions of Helvetica
- c[1-3] fonts should be condensed versions of Century Old Style
- the lH character should be a filled left hand symbol
- the rh character should be a stroked right hand symbol
- the rc character should be the right ceiling symbol
I've verified that these are the only files that collide with others
when ignoring case (aside from rc/bin/[Kk]ill but those are correct).
Ori Bernstein [Tue, 15 Jun 2021 21:29:22 +0000 (21:29 +0000)]
git/import: handle mails with line wrapping and mime
git/import expected a patch, however upas/fs serves
either a raw file without any of the mime decoding
and line joining, or a directory, with the headers
and body split out.
This makes it a pain to apply some mails.
So, here we teach git to import upas dirs natively,
making it easy to handle all patches that come in
as emails.
Ori Bernstein [Sat, 12 Jun 2021 18:03:26 +0000 (18:03 +0000)]
B: expand path when plumbing files
When we plumb a file, we open it in the current working
directory if it exists. However, if it doesn't exist,
we end up opening it relative to the editor's working
directory.