mirror of
https://github.com/opnsense/src.git
synced 2026-04-21 06:07:31 -04:00
OPNsense - FreeBSD source
29863d1eff
Currently, to support 64-byte contexts, xhci_ctx_[gs]et_le(32|64) take a pointer to the field within a 32-byte context and, if 64-byte contexts are in use, compute where the 64-byte context field is and use that instead by deriving a pointer from the 32-byte field pointer. This is done by exploiting a combination of 64-byte contexts being the same layout as their 32-byte counterparts, just with 32 bytes of padding at the end, and that all individual contexts are either in a device context or an input context which itself is page-aligned. By masking out the low 4 bits (which is the offset of the field within the 32-byte contxt) of the offset within the page, the offset of the invididual context within the containing device/input context can be determined, which is itself 32 times the number of preceding contexts. Thus, adding this value to the pointer again gets 64 times the number of preceding contexts plus the field offset, which gives the offset of the 64-byte context plus the field offset, which is the address of the field in the 64-byte context. However, this involves a fair amount of lying to the compiler when constructing these intermediate pointers, and is rather difficult to reason about. In particular, this is problematic for CHERI, where we compile the kernel with subobject bounds enabled; that is, unless annotated to opt out (e.g. for C struct inheritance reasons where you need to be able to downcast, or containerof idioms), a pointer to a member of a struct is a capability whose bounds only cover that field, and any attempt to dereference outside those bounds will fault, protecting against intra-object buffer overflows. Thus the pointer given to xhci_ctx_[gs]et_le(32|64) is a capability whose bounds only cover the field in the 32-byte context, and computing the pointer to the 64-byte context field takes the address out of bounds, resulting in a fault when later dereferenced. This can be cleaned up by using a different abstraction. Instead of doing the 32-byte to 64-byte conversion on access to the field, we can do the conversion when getting a pointer to the context itself, and define proper 64-byte versions of contexts in order to let the compiler do all the necessary arithmetic rather than do it manually ourselves. This provides a cleaner implementation, works for CHERI and may even be slightly more performant as it avoids the need to mess with masking pointers (which cannot in the general case be optimised by compilers to be reused across accesses to different fields within the same context, since it does not know that the contexts are over-aligned compared with the C ABI requirements). Reviewed by: hselasky Differential Revision: https://reviews.freebsd.org/D32554 |
||
|---|---|---|
| .cirrus-ci | ||
| .github | ||
| bin | ||
| cddl | ||
| contrib | ||
| crypto | ||
| etc | ||
| gnu | ||
| include | ||
| kerberos5 | ||
| lib | ||
| libexec | ||
| release | ||
| rescue | ||
| sbin | ||
| secure | ||
| share | ||
| stand | ||
| sys | ||
| targets | ||
| tests | ||
| tools | ||
| usr.bin | ||
| usr.sbin | ||
| .arcconfig | ||
| .arclint | ||
| .cirrus.yml | ||
| .clang-format | ||
| .gitattributes | ||
| .gitignore | ||
| COPYRIGHT | ||
| LOCKS | ||
| MAINTAINERS | ||
| Makefile | ||
| Makefile.inc1 | ||
| Makefile.libcompat | ||
| Makefile.sys.inc | ||
| ObsoleteFiles.inc | ||
| README.md | ||
| RELNOTES | ||
| UPDATING | ||
FreeBSD Source:
This is the top level of the FreeBSD source directory.
FreeBSD is an operating system used to power modern servers, desktops, and embedded platforms. A large community has continually developed it for more than thirty years. Its advanced networking, security, and storage features have made FreeBSD the platform of choice for many of the busiest web sites and most pervasive embedded networking and storage devices.
For copyright information, please see the file COPYRIGHT in this directory. Additional copyright information also exists for some sources in this tree - please see the specific source directories for more information.
The Makefile in this directory supports a number of targets for building components (or all) of the FreeBSD source tree. See build(7), config(8), FreeBSD handbook on building userland, and Handbook for kernels for more information, including setting make(1) variables.
Source Roadmap:
| Directory | Description |
|---|---|
| bin | System/user commands. |
| cddl | Various commands and libraries under the Common Development and Distribution License. |
| contrib | Packages contributed by 3rd parties. |
| crypto | Cryptography stuff (see crypto/README). |
| etc | Template files for /etc. |
| gnu | Various commands and libraries under the GNU Public License. Please see gnu/COPYING and gnu/COPYING.LIB for more information. |
| include | System include files. |
| kerberos5 | Kerberos5 (Heimdal) package. |
| lib | System libraries. |
| libexec | System daemons. |
| release | Release building Makefile & associated tools. |
| rescue | Build system for statically linked /rescue utilities. |
| sbin | System commands. |
| secure | Cryptographic libraries and commands. |
| share | Shared resources. |
| stand | Boot loader sources. |
| sys | Kernel sources. |
sys/arch/conf |
Kernel configuration files. GENERIC is the configuration used in release builds. NOTES contains documentation of all possible entries. |
| tests | Regression tests which can be run by Kyua. See tests/README for additional information. |
| tools | Utilities for regression testing and miscellaneous tasks. |
| usr.bin | User commands. |
| usr.sbin | System administration commands. |
For information on synchronizing your source tree with one or more of the FreeBSD Project's development branches, please see FreeBSD Handbook.