From owner-svn-src-projects@freebsd.org Tue Mar 10 07:04:09 2020 Return-Path: Delivered-To: svn-src-projects@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7F92525A97D for ; Tue, 10 Mar 2020 07:04:09 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 48c5fx3Wqfz4nYj; Tue, 10 Mar 2020 07:04:09 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 72EAD1FBDC; Tue, 10 Mar 2020 07:04:09 +0000 (UTC) (envelope-from dim@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id 02A749WO048872; Tue, 10 Mar 2020 07:04:09 GMT (envelope-from dim@FreeBSD.org) Received: (from dim@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id 02A745HS048851; Tue, 10 Mar 2020 07:04:05 GMT (envelope-from dim@FreeBSD.org) Message-Id: <202003100704.02A745HS048851@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: dim set sender to dim@FreeBSD.org using -f From: Dimitry Andric Date: Tue, 10 Mar 2020 07:04:05 +0000 (UTC) To: src-committers@freebsd.org, svn-src-projects@freebsd.org Subject: svn commit: r358832 - in projects/clang1000-import: . contrib/amd lib/libprocstat lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests libexec/rc/rc.d release share/man/man5 share/man/man7... X-SVN-Group: projects X-SVN-Commit-Author: dim X-SVN-Commit-Paths: in projects/clang1000-import: . contrib/amd lib/libprocstat lib/libsecureboot lib/libsecureboot/h lib/libsecureboot/tests libexec/rc/rc.d release share/man/man5 share/man/man7 share/mk share/vt/fonts ... X-SVN-Commit-Revision: 358832 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-projects@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: "SVN commit messages for the src " projects" tree" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Mar 2020 07:04:09 -0000 Author: dim Date: Tue Mar 10 07:04:05 2020 New Revision: 358832 URL: https://svnweb.freebsd.org/changeset/base/358832 Log: Merge ^/head r358731 through r358831. Added: projects/clang1000-import/stand/common/readin.h - copied unchanged from r358831, head/stand/common/readin.h projects/clang1000-import/sys/dev/iicbus/acpi_iicbus.c - copied unchanged from r358831, head/sys/dev/iicbus/acpi_iicbus.c projects/clang1000-import/sys/powerpc/booke/pmap_32.c - copied unchanged from r358831, head/sys/powerpc/booke/pmap_32.c projects/clang1000-import/sys/powerpc/booke/pmap_64.c - copied unchanged from r358831, head/sys/powerpc/booke/pmap_64.c Deleted: projects/clang1000-import/contrib/amd/ projects/clang1000-import/libexec/rc/rc.d/amd projects/clang1000-import/tools/build/options/WITHOUT_AMD projects/clang1000-import/tools/build/options/WITH_AMD projects/clang1000-import/usr.sbin/amd/ Modified: projects/clang1000-import/Makefile.inc1 projects/clang1000-import/ObsoleteFiles.inc projects/clang1000-import/UPDATING projects/clang1000-import/lib/libprocstat/libprocstat.c projects/clang1000-import/lib/libsecureboot/h/libsecureboot.h projects/clang1000-import/lib/libsecureboot/h/verify_file.h projects/clang1000-import/lib/libsecureboot/tests/tvo.c projects/clang1000-import/lib/libsecureboot/vectx.c projects/clang1000-import/lib/libsecureboot/verify_file.c projects/clang1000-import/libexec/rc/rc.d/Makefile projects/clang1000-import/release/Makefile projects/clang1000-import/share/man/man5/src.conf.5 projects/clang1000-import/share/man/man7/arch.7 projects/clang1000-import/share/mk/src.opts.mk projects/clang1000-import/share/vt/fonts/INDEX.fonts projects/clang1000-import/stand/common/bootstrap.h projects/clang1000-import/stand/common/interp_forth.c projects/clang1000-import/stand/common/interp_simple.c projects/clang1000-import/stand/common/load_elf.c projects/clang1000-import/stand/common/load_elf_obj.c projects/clang1000-import/stand/common/misc.c projects/clang1000-import/stand/common/module.c projects/clang1000-import/stand/efi/loader/arch/i386/i386_copy.c projects/clang1000-import/stand/efi/loader/copy.c projects/clang1000-import/stand/efi/loader/loader_efi.h projects/clang1000-import/stand/efi/loader/main.c projects/clang1000-import/stand/ficl/fileaccess.c projects/clang1000-import/stand/ficl/loader.c projects/clang1000-import/stand/i386/libi386/i386_copy.c projects/clang1000-import/stand/i386/libi386/libi386.h projects/clang1000-import/stand/i386/loader/chain.c projects/clang1000-import/stand/liblua/lstd.c projects/clang1000-import/stand/libofw/libofw.h projects/clang1000-import/stand/libofw/ofw_copy.c projects/clang1000-import/stand/loader.mk projects/clang1000-import/stand/mips/beri/loader/arch.c projects/clang1000-import/stand/powerpc/kboot/main.c projects/clang1000-import/stand/uboot/lib/copy.c projects/clang1000-import/stand/uboot/lib/libuboot.h projects/clang1000-import/stand/userboot/userboot/copy.c projects/clang1000-import/stand/userboot/userboot/libuserboot.h projects/clang1000-import/sys/arm64/rockchip/rk_pcie.c projects/clang1000-import/sys/conf/files projects/clang1000-import/sys/dev/aacraid/aacraid.c projects/clang1000-import/sys/dev/acpica/acpi.c projects/clang1000-import/sys/dev/acpica/acpivar.h projects/clang1000-import/sys/dev/cpufreq/cpufreq_dt.c projects/clang1000-import/sys/dev/ichiic/ig4_iic.c projects/clang1000-import/sys/dev/iicbus/iicbus.c projects/clang1000-import/sys/dev/iicbus/iicbus.h projects/clang1000-import/sys/dev/usb/controller/xhci.c projects/clang1000-import/sys/dev/usb/input/wmt.c projects/clang1000-import/sys/dev/usb/usb_hub.c projects/clang1000-import/sys/fs/fifofs/fifo_vnops.c projects/clang1000-import/sys/fs/fuse/fuse_internal.c projects/clang1000-import/sys/kern/kern_descrip.c projects/clang1000-import/sys/kern/kern_linker.c projects/clang1000-import/sys/kern/sys_pipe.c projects/clang1000-import/sys/kern/uipc_ktls.c projects/clang1000-import/sys/modules/i2c/iicbus/Makefile projects/clang1000-import/sys/net/ieee8023ad_lacp.c projects/clang1000-import/sys/net/ieee8023ad_lacp.h projects/clang1000-import/sys/net/if_lagg.c projects/clang1000-import/sys/net/if_var.h projects/clang1000-import/sys/netinet/in_pcb.c projects/clang1000-import/sys/netinet/tcp_ratelimit.c projects/clang1000-import/sys/powerpc/booke/pmap.c projects/clang1000-import/sys/riscv/sifive/fu540_spi.c projects/clang1000-import/sys/sys/filedesc.h projects/clang1000-import/sys/sys/pipe.h projects/clang1000-import/sys/sys/seqc.h projects/clang1000-import/sys/ufs/ffs/ffs_alloc.c projects/clang1000-import/sys/ufs/ffs/ffs_suspend.c projects/clang1000-import/sys/vm/uma_core.c projects/clang1000-import/sys/vm/uma_int.h projects/clang1000-import/tests/sys/fs/fusefs/fsync.cc projects/clang1000-import/tests/sys/fs/fusefs/notify.cc projects/clang1000-import/tests/sys/net/if_bridge_test.sh projects/clang1000-import/tools/build/mk/OptionalObsoleteFiles.inc projects/clang1000-import/usr.bin/posixshmcontrol/posixshmcontrol.c projects/clang1000-import/usr.sbin/Makefile projects/clang1000-import/usr.sbin/newsyslog/newsyslog.conf.d/Makefile Directory Properties: projects/clang1000-import/ (props changed) Modified: projects/clang1000-import/Makefile.inc1 ============================================================================== --- projects/clang1000-import/Makefile.inc1 Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/Makefile.inc1 Tue Mar 10 07:04:05 2020 (r358832) @@ -2284,11 +2284,6 @@ _basic_bootstrap_tools+=sbin/sysctl bin/chflags # mkfifo is used by sys/conf/newvers.sh _basic_bootstrap_tools+=usr.bin/mkfifo -.if ${MK_AMD} != "no" -# unifdef is only used by usr.sbin/amd/libamu/Makefile -_basic_bootstrap_tools+=usr.bin/unifdef -.endif - .if ${MK_BOOT} != "no" _basic_bootstrap_tools+=bin/dd # xz/unxz is used by EFI Modified: projects/clang1000-import/ObsoleteFiles.inc ============================================================================== --- projects/clang1000-import/ObsoleteFiles.inc Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/ObsoleteFiles.inc Tue Mar 10 07:04:05 2020 (r358832) @@ -273,6 +273,28 @@ OLD_DIRS+=usr/lib/clang/9.0.1/lib/freebsd OLD_DIRS+=usr/lib/clang/9.0.1/lib OLD_DIRS+=usr/lib/clang/9.0.1 +# 20200309: amd(8) retired +OLD_FILES+=etc/amd.map +OLD_FILES+=etc/newsyslog.conf.d/amd.conf +OLD_FILES+=etc/rc.d/amd +OLD_FILES+=usr/bin/pawd +OLD_FILES+=usr/sbin/amd +OLD_FILES+=usr/sbin/amq +OLD_FILES+=usr/sbin/fixmount +OLD_FILES+=usr/sbin/fsinfo +OLD_FILES+=usr/sbin/hlfsd +OLD_FILES+=usr/sbin/mk-amd-map +OLD_FILES+=usr/sbin/wire-test +OLD_FILES+=usr/share/examples/etc/amd.map +OLD_FILES+=usr/share/man/man1/pawd.1.gz +OLD_FILES+=usr/share/man/man5/amd.conf.5.gz +OLD_FILES+=usr/share/man/man8/amd.8.gz +OLD_FILES+=usr/share/man/man8/amq.8.gz +OLD_FILES+=usr/share/man/man8/fixmount.8.gz +OLD_FILES+=usr/share/man/man8/fsinfo.8.gz +OLD_FILES+=usr/share/man/man8/hlfsd.8.gz +OLD_FILES+=usr/share/man/man8/mk-amd-map.8.gz +OLD_FILES+=usr/share/man/man8/wire-test.8.gz # 20200301: bktr removed OLD_DIRS+=usr/include/dev/bktr OLD_FILES+=usr/include/dev/bktr/ioctl_bktr.h Modified: projects/clang1000-import/UPDATING ============================================================================== --- projects/clang1000-import/UPDATING Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/UPDATING Tue Mar 10 07:04:05 2020 (r358832) @@ -32,6 +32,11 @@ NOTE TO PEOPLE WHO THINK THAT FreeBSD 13.x IS SLOW: information about prerequisites and upgrading, if you are not already using clang 3.5.0 or higher. +20200309: + The amd(8) automount daemon has been removed from the source tree. + As of FreeBSD 10.1 autofs(5) is the preferred tool for automounting. + amd is still available in the sysutils/am-utils port. + 20200301: Removed brooktree driver (bktr.4) from the tree. Modified: projects/clang1000-import/lib/libprocstat/libprocstat.c ============================================================================== --- projects/clang1000-import/lib/libprocstat/libprocstat.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/lib/libprocstat/libprocstat.c Tue Mar 10 07:04:05 2020 (r358832) @@ -460,6 +460,7 @@ procstat_getfiles_kvm(struct procstat *procstat, struc struct file file; struct filedesc filed; struct pwd pwd; + unsigned long pwd_addr; struct vm_map_entry vmentry; struct vm_object object; struct vmspace vmspace; @@ -488,10 +489,10 @@ procstat_getfiles_kvm(struct procstat *procstat, struc return (NULL); } haspwd = false; - if (filed.fd_pwd != NULL) { - if (!kvm_read_all(kd, (unsigned long)filed.fd_pwd, &pwd, - sizeof(pwd))) { - warnx("can't read fd_pwd at %p", (void *)filed.fd_pwd); + pwd_addr = (unsigned long)(FILEDESC_KVM_LOAD_PWD(&filed)); + if (pwd_addr != 0) { + if (!kvm_read_all(kd, pwd_addr, &pwd, sizeof(pwd))) { + warnx("can't read fd_pwd at %p", (void *)pwd_addr); return (NULL); } haspwd = true; Modified: projects/clang1000-import/lib/libsecureboot/h/libsecureboot.h ============================================================================== --- projects/clang1000-import/lib/libsecureboot/h/libsecureboot.h Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/lib/libsecureboot/h/libsecureboot.h Tue Mar 10 07:04:05 2020 (r358832) @@ -69,12 +69,6 @@ void fingerprint_info_add(const char *, const char *, int ve_check_hash(br_hash_compat_context *, const br_hash_class *, const char *, const char *, size_t); -struct vectx; -struct vectx* vectx_open(int, const char *, off_t, struct stat *, int *); -ssize_t vectx_read(struct vectx *, void *, size_t); -off_t vectx_lseek(struct vectx *, off_t, int); -int vectx_close(struct vectx *); - char * hexdigest(char *, size_t, unsigned char *, size_t); int verify_fd(int, const char *, off_t, struct stat *); int verify_open(const char *, int); Modified: projects/clang1000-import/lib/libsecureboot/h/verify_file.h ============================================================================== --- projects/clang1000-import/lib/libsecureboot/h/verify_file.h Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/lib/libsecureboot/h/verify_file.h Tue Mar 10 07:04:05 2020 (r358832) @@ -39,13 +39,21 @@ struct stat; -void ve_debug_set(int); -int ve_status_get(int); -void ve_efi_init(void); -int load_manifest(const char *, const char *, const char *, struct stat *); -int pass_manifest(const char *, const char *); -int pass_manifest_export_envs(void); -int verify_file(int, const char *, off_t, int); -void verify_pcr_export(void); +int verify_prep(int, const char *, off_t, struct stat *, const char *); +void ve_debug_set(int); +char *ve_error_get(void); +void ve_efi_init(void); +int ve_status_get(int); +int load_manifest(const char *, const char *, const char *, struct stat *); +int pass_manifest(const char *, const char *); +int pass_manifest_export_envs(void); +int verify_file(int, const char *, off_t, int, const char *); +void verify_pcr_export(void); + +struct vectx; +struct vectx* vectx_open(int, const char *, off_t, struct stat *, int *, const char *); +ssize_t vectx_read(struct vectx *, void *, size_t); +off_t vectx_lseek(struct vectx *, off_t, int); +int vectx_close(struct vectx *, int, const char *); #endif /* _VERIFY_FILE_H_ */ Modified: projects/clang1000-import/lib/libsecureboot/tests/tvo.c ============================================================================== --- projects/clang1000-import/lib/libsecureboot/tests/tvo.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/lib/libsecureboot/tests/tvo.c Tue Mar 10 07:04:05 2020 (r358832) @@ -31,6 +31,8 @@ __FBSDID("$FreeBSD$"); #include #include +size_t DestdirLen; +char *Destdir; char *Skip; int @@ -42,7 +44,10 @@ main(int argc, char *argv[]) int Vflag; char *cp; char *prefix; + char *destdir; + Destdir = NULL; + DestdirLen = 0; prefix = NULL; Skip = NULL; @@ -50,8 +55,12 @@ main(int argc, char *argv[]) printf("Trust %d\n", n); Vflag = 0; - while ((c = getopt(argc, argv, "dp:s:T:V")) != -1) { + while ((c = getopt(argc, argv, "D:dp:s:T:V")) != -1) { switch (c) { + case 'D': + Destdir = optarg; + DestdirLen = strlen(optarg); + break; case 'd': DebugVe++; break; @@ -92,7 +101,7 @@ main(int argc, char *argv[]) */ int x; - x = verify_file(fd, argv[optind], 0, VE_GUESS); + x = verify_file(fd, argv[optind], 0, VE_GUESS, __func__); printf("verify_file(%s) = %d\n", argv[optind], x); close(fd); } @@ -147,7 +156,7 @@ main(int argc, char *argv[]) lseek(fd, 0, SEEK_SET); off = st.st_size % 512; vp = vectx_open(fd, argv[optind], off, - &st, &error); + &st, &error, __func__); if (!vp) { printf("vectx_open(%s) failed: %d %s\n", argv[optind], error, @@ -155,7 +164,8 @@ main(int argc, char *argv[]) } else { off = vectx_lseek(vp, (st.st_size % 1024), SEEK_SET); - + /* we can seek backwards! */ + off = vectx_lseek(vp, off/2, SEEK_SET); if (off < st.st_size) { n = vectx_read(vp, buf, sizeof(buf)); @@ -165,7 +175,7 @@ main(int argc, char *argv[]) off = vectx_lseek(vp, 0, SEEK_END); /* repeating that should be harmless */ off = vectx_lseek(vp, 0, SEEK_END); - error = vectx_close(vp); + error = vectx_close(vp, VE_MUST, __func__); if (error) { printf("vectx_close(%s) == %d %s\n", argv[optind], error, Modified: projects/clang1000-import/lib/libsecureboot/vectx.c ============================================================================== --- projects/clang1000-import/lib/libsecureboot/vectx.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/lib/libsecureboot/vectx.c Tue Mar 10 07:04:05 2020 (r358832) @@ -33,6 +33,7 @@ __FBSDID("$FreeBSD$"); #endif #include "libsecureboot-priv.h" +#include /** * @file vectx.c @@ -50,12 +51,14 @@ struct vectx { const char *vec_path; /* path we are verifying */ const char *vec_want; /* hash value we want */ off_t vec_off; /* current offset */ + off_t vec_hashed; /* where we have hashed to */ size_t vec_size; /* size of path */ size_t vec_hashsz; /* size of hash */ int vec_fd; /* file descriptor */ int vec_status; /* verification status */ }; + /** * @brief * verify an open file as we read it @@ -86,24 +89,31 @@ struct vectx { * NULL is only returned for non-files or out-of-memory. */ struct vectx * -vectx_open(int fd, const char *path, off_t off, struct stat *stp, int *error) +vectx_open(int fd, const char *path, off_t off, struct stat *stp, + int *error, const char *caller) { struct vectx *ctx; struct stat st; size_t hashsz; char *cp; + int rc; - if (!stp) { - if (fstat(fd, &st) == 0) - stp = &st; - } + if (!stp) + stp = &st; - /* we *should* only get called for files */ - if (stp && !S_ISREG(stp->st_mode)) { - *error = 0; + rc = verify_prep(fd, path, off, stp, __func__); + + DEBUG_PRINTF(2, + ("vectx_open: caller=%s,name='%s',prep_rc=%d\n", + caller,path, rc)); + + switch (rc) { + case VE_FINGERPRINT_NONE: + case VE_FINGERPRINT_UNKNOWN: + case VE_FINGERPRINT_WRONG: + *error = rc; return (NULL); } - ctx = malloc(sizeof(struct vectx)); if (!ctx) goto enomem; @@ -111,10 +121,16 @@ vectx_open(int fd, const char *path, off_t off, struct ctx->vec_path = path; ctx->vec_size = stp->st_size; ctx->vec_off = 0; + ctx->vec_hashed = 0; ctx->vec_want = NULL; ctx->vec_status = 0; - hashsz = 0; + ctx->vec_hashsz = hashsz = 0; + if (rc == 0) { + /* we are not verifying this */ + *error = 0; + return (ctx); + } cp = fingerprint_info_lookup(fd, path); if (!cp) { ctx->vec_status = VE_FINGERPRINT_NONE; @@ -161,6 +177,10 @@ vectx_open(int fd, const char *path, off_t off, struct vectx_lseek(ctx, off, SEEK_SET); } } + DEBUG_PRINTF(2, + ("vectx_open: caller=%s,name='%s',hashsz=%lu,status=%d\n", + caller, path, (unsigned long)ctx->vec_hashsz, + ctx->vec_status)); return (ctx); enomem: /* unlikely */ @@ -175,6 +195,8 @@ enomem: /* unlikely */ * * It is critical that all file I/O comes through here. * We keep track of current offset. + * We also track what offset we have hashed to, + * so we won't replay data if we seek backwards. * * @param[in] pctx * pointer to ctx @@ -190,6 +212,8 @@ vectx_read(struct vectx *ctx, void *buf, size_t nbytes { unsigned char *bp = buf; int n; + int delta; + int x; size_t off; if (ctx->vec_hashsz == 0) /* nothing to do */ @@ -201,9 +225,20 @@ vectx_read(struct vectx *ctx, void *buf, size_t nbytes if (n < 0) return (n); if (n > 0) { - ctx->vec_md->update(&ctx->vec_ctx.vtable, &bp[off], n); - off += n; - ctx->vec_off += n; + /* we may have seeked backwards! */ + delta = ctx->vec_hashed - ctx->vec_off; + if (delta > 0) { + x = MIN(delta, n); + off += x; + n -= x; + ctx->vec_off += x; + } + if (n > 0) { + ctx->vec_md->update(&ctx->vec_ctx.vtable, &bp[off], n); + off += n; + ctx->vec_off += n; + ctx->vec_hashed += n; + } } } while (n > 0 && off < nbytes); return (off); @@ -213,10 +248,10 @@ vectx_read(struct vectx *ctx, void *buf, size_t nbytes * @brief * vectx equivalent of lseek * - * We do not actually, seek, but call vectx_read + * When seeking forwards we actually call vectx_read * to reach the desired offset. * - * We do not support seeking backwards. + * We support seeking backwards. * * @param[in] pctx * pointer to ctx @@ -225,6 +260,8 @@ vectx_read(struct vectx *ctx, void *buf, size_t nbytes * desired offset * * @param[in] whence + * We try to convert whence to ``SEEK_SET``. + * We do not support ``SEEK_DATA`` or ``SEEK_HOLE``. * * @return offset or error. */ @@ -239,22 +276,26 @@ vectx_lseek(struct vectx *ctx, off_t off, int whence) return (lseek(ctx->vec_fd, off, whence)); /* - * Try to convert whence to SEEK_SET - * but we cannot support seeking backwards! - * Nor beyond end of file. + * Convert whence to SEEK_SET */ if (whence == SEEK_END && off <= 0) { whence = SEEK_SET; off += ctx->vec_size; - } else if (whence == SEEK_CUR && off >= 0) { + } else if (whence == SEEK_CUR) { whence = SEEK_SET; off += ctx->vec_off; } - if (whence != SEEK_SET || off < ctx->vec_off || + if (whence != SEEK_SET || (size_t)off > ctx->vec_size) { - printf("ERROR: %s: unsupported operation\n", __func__); + printf("ERROR: %s: unsupported operation: whence=%d off=%lld -> %lld\n", + __func__, whence, (long long)ctx->vec_off, (long long)off); return (-1); } + if (off < ctx->vec_hashed) { + /* seeking backwards! just do it */ + ctx->vec_off = lseek(ctx->vec_fd, off, whence); + return (ctx->vec_off); + } n = 0; do { delta = off - ctx->vec_off; @@ -281,16 +322,35 @@ vectx_lseek(struct vectx *ctx, off_t off, int whence) * @return 0 or an error. */ int -vectx_close(struct vectx *ctx) +vectx_close(struct vectx *ctx, int severity, const char *caller) { int rc; if (ctx->vec_hashsz == 0) { rc = ctx->vec_status; } else { +#ifdef VE_PCR_SUPPORT + /* + * Only update pcr with things that must verify + * these tend to be processed in a more deterministic + * order, which makes our pseudo pcr more useful. + */ + ve_pcr_updating_set((severity == VE_MUST)); +#endif rc = ve_check_hash(&ctx->vec_ctx, ctx->vec_md, ctx->vec_path, ctx->vec_want, ctx->vec_hashsz); } + DEBUG_PRINTF(2, + ("vectx_close: caller=%s,name='%s',rc=%d,severity=%d\n", + caller,ctx->vec_path, rc, severity)); + if (severity > VE_WANT || rc == VE_FINGERPRINT_WRONG) + printf("%serified %s\n", (rc <= 0) ? "Unv" : "V", + ctx->vec_path); +#if !defined(UNIT_TEST) && !defined(DEBUG_VECTX) + /* we are generally called with VE_MUST */ + if (severity > VE_WANT && rc == VE_FINGERPRINT_WRONG) + panic("cannot continue"); +#endif free(ctx); return ((rc < 0) ? rc : 0); } Modified: projects/clang1000-import/lib/libsecureboot/verify_file.c ============================================================================== --- projects/clang1000-import/lib/libsecureboot/verify_file.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/lib/libsecureboot/verify_file.c Tue Mar 10 07:04:05 2020 (r358832) @@ -43,6 +43,8 @@ __FBSDID("$FreeBSD$"); * define MANIFEST_SKIP to Skip - in tests/tvo.c so that * tvo can control the value we use in find_manifest() */ +extern char *Destdir; +extern size_t DestdirLen; extern char *Skip; # undef MANIFEST_SKIP # define MANIFEST_SKIP Skip @@ -167,12 +169,21 @@ load_manifest(const char *name, const char *prefix, ve_utc_set(stp->st_mtime); content = (char *)verify_signed(name, VEF_VERBOSE); if (content) { +#ifdef UNIT_TEST + if (DestdirLen > 0 && + strncmp(name, Destdir, DestdirLen) == 0) { + name += DestdirLen; + if (prefix && + strncmp(prefix, Destdir, DestdirLen) == 0) + prefix += DestdirLen; + } +#endif fingerprint_info_add(name, prefix, skip, content, stp); add_verify_status(stp, VE_VERIFIED); loaded_manifests = 1; /* we are verifying! */ DEBUG_PRINTF(3, ("loaded: %s %s %s\n", name, prefix, skip)); - rc = 0; + rc = VE_VERIFIED; } else { rc = VE_FINGERPRINT_WRONG; add_verify_status(stp, rc); /* remember */ @@ -245,13 +256,15 @@ severity_guess(const char *filename) return (VE_WANT); } +static int Verifying = -1; /* 0 if not verifying */ + static void verify_tweak(int fd, off_t off, struct stat *stp, char *tweak, int *accept_no_fp, - int *verbose, int *verifying) + int *verbose) { if (strcmp(tweak, "off") == 0) { - *verifying = 0; + Verifying = 0; } else if (strcmp(tweak, "strict") == 0) { /* anything caller wants verified must be */ *accept_no_fp = VE_WANT; @@ -314,7 +327,59 @@ getenv_int(const char *var, int def) return (int)val; } + /** + * @brief prepare to verify an open file + * + * @param[in] fd + * open descriptor + * + * @param[in] filename + * path we opened and will use to lookup fingerprint + * + * @param[in] stp + * stat pointer so we can check file type + */ +int +verify_prep(int fd, const char *filename, off_t off, struct stat *stp, + const char *caller) +{ + int rc; + + if (Verifying < 0) { + Verifying = ve_trust_init(); +#ifndef UNIT_TEST + ve_debug_set(getenv_int("VE_DEBUG_LEVEL", VE_DEBUG_LEVEL)); +#endif + /* initialize ve_status with default result */ + rc = Verifying ? VE_NOT_CHECKED : VE_NOT_VERIFYING; + ve_status_set(0, rc); + ve_status_state = VE_STATUS_NONE; + if (Verifying) { + ve_self_tests(); + ve_anchor_verbose_set(1); + } + } + if (!Verifying || fd < 0) + return (0); + if (stp) { + if (fstat(fd, stp) < 0 || !S_ISREG(stp->st_mode)) + return (0); + } + DEBUG_PRINTF(2, + ("caller=%s,fd=%d,name='%s',off=%lld,dev=%lld,ino=%lld\n", + caller, fd, filename, (long long)off, (long long)stp->st_dev, + (long long)stp->st_ino)); + rc = is_verified(stp); + if (rc == VE_NOT_CHECKED) { + rc = find_manifest(filename); + } else { + ve_status_set(fd, rc); + } + return (rc); +} + +/** * @brief verify an open file * * @param[in] fd @@ -342,45 +407,26 @@ getenv_int(const char *var, int def) * @return >= 0 on success < 0 on failure */ int -verify_file(int fd, const char *filename, off_t off, int severity) +verify_file(int fd, const char *filename, off_t off, int severity, + const char *caller) { - static int verifying = -1; + static int once; static int accept_no_fp = ACCEPT_NO_FP_DEFAULT; static int verbose = VE_VERBOSE_DEFAULT; struct stat st; char *cp; int rc; - if (verifying < 0) { - verifying = ve_trust_init(); - verbose = getenv_int("VE_VERBOSE", VE_VERBOSE_DEFAULT); - ve_debug_set(getenv_int("VE_DEBUG_LEVEL", VE_DEBUG_LEVEL)); - /* initialize ve_status with default result */ - rc = verifying ? VE_NOT_CHECKED : VE_NOT_VERIFYING; - ve_status_set(0, rc); - ve_status_state = VE_STATUS_NONE; - if (verifying) { - ve_self_tests(); - ve_anchor_verbose_set(1); - } - } - if (!verifying) - return (0); + rc = verify_prep(fd, filename, off, &st, caller); - if (fd < 0 || fstat(fd, &st) < 0 || !S_ISREG(st.st_mode)) + if (!rc) return (0); - DEBUG_PRINTF(3, ("fd=%d,name='%s',off=%lld,dev=%lld,ino=%lld\n", - fd, filename, (long long)off, (long long)st.st_dev, - (long long)st.st_ino)); - - - rc = is_verified(&st); - if (rc != VE_NOT_CHECKED) { - ve_status_set(fd, rc); - return (rc); + if (!once) { + once++; + verbose = getenv_int("VE_VERBOSE", VE_VERBOSE_DEFAULT); } - rc = find_manifest(filename); + if (rc != VE_FINGERPRINT_WRONG && loaded_manifests) { if (severity <= VE_GUESS) severity = severity_guess(filename); @@ -392,6 +438,12 @@ verify_file(int fd, const char *filename, off_t off, i */ ve_pcr_updating_set((severity == VE_MUST)); #endif +#ifdef UNIT_TEST + if (DestdirLen > 0 && + strncmp(filename, Destdir, DestdirLen) == 0) { + filename += DestdirLen; + } +#endif if ((rc = verify_fd(fd, filename, off, &st)) >= 0) { if (verbose || severity > VE_WANT) { #if defined(VE_DEBUG_LEVEL) && VE_DEBUG_LEVEL > 0 @@ -412,8 +464,7 @@ verify_file(int fd, const char *filename, off_t off, i if (strncmp(cp, "loader.ve.", 10) == 0) { cp += 10; verify_tweak(fd, off, &st, cp, - &accept_no_fp, &verbose, - &verifying); + &accept_no_fp, &verbose); } } } Modified: projects/clang1000-import/libexec/rc/rc.d/Makefile ============================================================================== --- projects/clang1000-import/libexec/rc/rc.d/Makefile Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/libexec/rc/rc.d/Makefile Tue Mar 10 07:04:05 2020 (r358832) @@ -141,12 +141,6 @@ ACPIPACKAGE= acpi CONFS+= powerd .endif -.if ${MK_AMD} != "no" -CONFGROUPS+= AMD -AMD+= amd -AMDPACKAGE= amd -.endif - .if ${MK_APM} != "no" CONFGROUPS+= APM APM+= apm Modified: projects/clang1000-import/release/Makefile ============================================================================== --- projects/clang1000-import/release/Makefile Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/release/Makefile Tue Mar 10 07:04:05 2020 (r358832) @@ -192,7 +192,7 @@ disc1: packagesystem # Install system mkdir -p ${.TARGET} cd ${WORLDDIR} && ${IMAKE} installkernel installworld distribution \ - DESTDIR=${.OBJDIR}/${.TARGET} MK_AMD=no MK_AT=no \ + DESTDIR=${.OBJDIR}/${.TARGET} MK_AT=no \ MK_INSTALLLIB=no MK_LIB32=no MK_MAIL=no \ MK_TOOLCHAIN=no MK_PROFILE=no \ MK_RESCUE=no MK_DICT=no \ @@ -221,7 +221,7 @@ bootonly: packagesystem # Install system mkdir -p ${.TARGET} cd ${WORLDDIR} && ${IMAKE} installkernel installworld distribution \ - DESTDIR=${.OBJDIR}/${.TARGET} MK_AMD=no MK_AT=no \ + DESTDIR=${.OBJDIR}/${.TARGET} MK_AT=no \ MK_GAMES=no \ MK_INSTALLLIB=no MK_LIB32=no MK_MAIL=no \ MK_TOOLCHAIN=no MK_PROFILE=no \ Modified: projects/clang1000-import/share/man/man5/src.conf.5 ============================================================================== --- projects/clang1000-import/share/man/man5/src.conf.5 Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/share/man/man5/src.conf.5 Tue Mar 10 07:04:05 2020 (r358832) @@ -1,6 +1,6 @@ .\" DO NOT EDIT-- this file is @generated by tools/build/options/makeman. .\" $FreeBSD$ -.Dd February 29, 2020 +.Dd March 9, 2020 .Dt SRC.CONF 5 .Os .Sh NAME @@ -100,13 +100,6 @@ Set to not build .Xr acpiconf 8 , .Xr acpidump 8 and related programs. -.It Va WITH_AMD -Set to build the legacy -.Xr amd 8 -automount daemon and related programs. -Note that -.Xr autofs 5 -is the preferred automount technique. .It Va WITHOUT_APM Set to not build .Xr apm 8 , @@ -162,6 +155,10 @@ is set explicitly) (unless .Va WITHOUT_LOADER_VERIEXEC is set explicitly) +.It Va WITH_LOADER_VERIEXEC_VECTX +(unless +.Va WITHOUT_LOADER_VERIEXEC_VECTX +is set explicitly) .It Va WITH_VERIEXEC (unless .Va WITHOUT_VERIEXEC @@ -1105,6 +1102,10 @@ When set, these options are also in effect: .It Va WITH_LOADER_EFI_SECUREBOOT (unless .Va WITHOUT_LOADER_EFI_SECUREBOOT +is set explicitly) +.It Va WITH_LOADER_VERIEXEC_VECTX +(unless +.Va WITHOUT_LOADER_VERIEXEC_VECTX is set explicitly) .El .It Va WITH_LOADER_VERIEXEC_PASS_MANIFEST Modified: projects/clang1000-import/share/man/man7/arch.7 ============================================================================== --- projects/clang1000-import/share/man/man7/arch.7 Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/share/man/man7/arch.7 Tue Mar 10 07:04:05 2020 (r358832) @@ -26,7 +26,7 @@ .\" .\" $FreeBSD$ .\" -.Dd January 8, 2020 +.Dd March 8, 2020 .Dt ARCH 7 .Os .Sh NAME @@ -69,7 +69,6 @@ and should be avoided. .Pp On some architectures, e.g., -.Dv sparc64 , .Dv powerpc and AIM variants of .Dv powerpc64 , @@ -210,7 +209,6 @@ Machine-dependent type sizes: .It powerpc64 Ta 8 Ta 8 Ta 8 .It riscv64 Ta 8 Ta 16 Ta 8 .It riscv64sf Ta 8 Ta 16 Ta 8 -.It sparc64 Ta 8 Ta 16 Ta 8 .El .Pp .Sy time_t @@ -237,7 +235,6 @@ is 8 bytes on all supported architectures except i386. .It powerpc64 Ta big Ta unsigned .It riscv64 Ta little Ta signed .It riscv64sf Ta little Ta signed -.It sparc64 Ta big Ta signed .El .Ss Page Size .Bl -column -offset indent "Sy Architecture" "Sy Page Sizes" @@ -261,7 +258,6 @@ is 8 bytes on all supported architectures except i386. .It powerpc64 Ta 4K .It riscv64 Ta 4K .It riscv64sf Ta 4K -.It sparc64 Ta 8K .El .Ss Floating Point .Bl -column -offset indent "Sy Architecture" "Sy float, double" "Sy long double" @@ -285,7 +281,6 @@ is 8 bytes on all supported architectures except i386. .It powerpc64 Ta hard Ta hard, double precision .It riscv64 Ta hard Ta hard, double precision .It riscv64sf Ta soft Ta soft, double precision -.It sparc64 Ta hard Ta hard, quad precision .El .Ss Default Tool Chain .Fx uses a variety of tool chain components for the supported CPU @@ -321,18 +316,9 @@ This table shows the default tool chain for each archi .It powerpc64 Ta Clang Ta lld .It riscv64 Ta Clang Ta lld .It riscv64sf Ta Clang Ta lld -.It sparc64 Ta GCC(1) Ta GNU ld(1) .El .Pp (1) External toolchain provided by ports/packages. -.Pp -Note that GCC 4.2.1 is deprecated, and scheduled for removal on 2020-03-31. -Any CPU architectures not migrated by then -(to either base system Clang or external toolchain) -may be removed from the tree after that date. -make universe will not build mips or sparc64 -architectures unless the xtoolchain binaries have been installed for -the architecture. .Ss MACHINE_ARCH vs MACHINE_CPUARCH vs MACHINE .Dv MACHINE_CPUARCH should be preferred in Makefiles when the generic @@ -353,7 +339,6 @@ or similar things like boot sequences. .It mips Ta mips Ta mips, mipsel, mips64, mips64el, mipshf, mipselhf, mips64elhf, mipsn32 .It powerpc Ta powerpc Ta powerpc, powerpcspe, powerpc64 .It riscv Ta riscv Ta riscv64, riscv64sf -.It sparc64 Ta sparc64 Ta sparc64 .El .Ss Predefined Macros The compiler provides a number of predefined macros. @@ -399,7 +384,6 @@ Architecture-specific macros: .It powerpc64 Ta Dv __powerpc__, Dv __powerpc64__ .It riscv64 Ta Dv __riscv, Dv __riscv_xlen == 64 .It riscv64sf Ta Dv __riscv, Dv __riscv_xlen == 64 -.It sparc64 Ta Dv __sparc64__ .El .Pp Compilers may define additional variants of architecture-specific macros. Modified: projects/clang1000-import/share/mk/src.opts.mk ============================================================================== --- projects/clang1000-import/share/mk/src.opts.mk Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/share/mk/src.opts.mk Tue Mar 10 07:04:05 2020 (r358832) @@ -194,7 +194,6 @@ __DEFAULT_YES_OPTIONS = \ ZONEINFO __DEFAULT_NO_OPTIONS = \ - AMD \ BEARSSL \ BSD_GREP \ CLANG_EXTRAS \ @@ -222,6 +221,7 @@ __DEFAULT_DEPENDENT_OPTIONS= \ CLANG_FULL/CLANG \ LOADER_VERIEXEC/BEARSSL \ LOADER_EFI_SECUREBOOT/LOADER_VERIEXEC \ + LOADER_VERIEXEC_VECTX/LOADER_VERIEXEC \ VERIEXEC/BEARSSL \ # MK_*_SUPPORT options which default to "yes" unless their corresponding Modified: projects/clang1000-import/share/vt/fonts/INDEX.fonts ============================================================================== --- projects/clang1000-import/share/vt/fonts/INDEX.fonts Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/share/vt/fonts/INDEX.fonts Tue Mar 10 07:04:05 2020 (r358832) @@ -34,9 +34,9 @@ MENU:fr:Choisissez votre fonte écran FONT:en:vgarom-8x14.fnt # -gallant.fnt:en:Gallant Character set, 8x16 -gallant.fnt:da:Gallant-tegnsæt, 8x16 -gallant.fnt:de:Gallant Zeichensatz, 8x16 +gallant.fnt:en:Gallant Character set, 12x22 +gallant.fnt:da:Gallant-tegnsæt, 12x22 +gallant.fnt:de:Gallant Zeichensatz, 12x22 terminus-b32.fnt:en:Terminus BSD Console, size 32 terminus-b32.fnt:da:Terminus BSD-konsol, størrelse 32 Modified: projects/clang1000-import/stand/common/bootstrap.h ============================================================================== --- projects/clang1000-import/stand/common/bootstrap.h Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/stand/common/bootstrap.h Tue Mar 10 07:04:05 2020 (r358832) @@ -33,6 +33,8 @@ #include #include +#include "readin.h" + /* Commands and return values; nonzero return sets command_errmsg != NULL */ typedef int (bootblk_cmd_t)(int argc, char *argv[]); #define COMMAND_ERRBUFSZ (256) @@ -70,8 +72,8 @@ void hexdump(caddr_t region, size_t len); size_t strlenout(vm_offset_t str); char *strdupout(vm_offset_t str); void kern_bzero(vm_offset_t dest, size_t len); -int kern_pread(int fd, vm_offset_t dest, size_t len, off_t off); -void *alloc_pread(int fd, off_t off, size_t len); +int kern_pread(readin_handle_t fd, vm_offset_t dest, size_t len, off_t off); +void *alloc_pread(readin_handle_t fd, off_t off, size_t len); /* bcache.c */ void bcache_init(size_t nblks, size_t bsize); @@ -303,7 +305,7 @@ struct arch_switch ssize_t (*arch_copyout)(const vm_offset_t src, void *dest, const size_t len); /* Read from file to module address space, same semantics as read() */ - ssize_t (*arch_readin)(const int fd, vm_offset_t dest, + ssize_t (*arch_readin)(readin_handle_t fd, vm_offset_t dest, const size_t len); /* Perform ISA byte port I/O (only for systems with ISA) */ int (*arch_isainb)(int port); @@ -347,10 +349,6 @@ time_t time(time_t *tloc); #ifndef CTASSERT #define CTASSERT(x) _Static_assert(x, "compile-time assertion failed") -#endif - -#ifdef LOADER_VERIEXEC -#include #endif #endif /* !_BOOTSTRAP_H_ */ Modified: projects/clang1000-import/stand/common/interp_forth.c ============================================================================== --- projects/clang1000-import/stand/common/interp_forth.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/stand/common/interp_forth.c Tue Mar 10 07:04:05 2020 (r358832) @@ -284,7 +284,7 @@ bf_init(void) /* try to load and run init file if present */ if ((fd = open("/boot/boot.4th", O_RDONLY)) != -1) { #ifdef LOADER_VERIEXEC - if (verify_file(fd, "/boot/boot.4th", 0, VE_GUESS) < 0) { + if (verify_file(fd, "/boot/boot.4th", 0, VE_GUESS, __func__) < 0) { close(fd); return; } @@ -386,7 +386,7 @@ interp_include(const char *filename) } #ifdef LOADER_VERIEXEC - if (verify_file(fd, filename, 0, VE_GUESS) < 0) { + if (verify_file(fd, filename, 0, VE_GUESS, __func__) < 0) { close(fd); sprintf(command_errbuf,"can't verify '%s'", filename); return(CMD_ERROR); Modified: projects/clang1000-import/stand/common/interp_simple.c ============================================================================== --- projects/clang1000-import/stand/common/interp_simple.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/stand/common/interp_simple.c Tue Mar 10 07:04:05 2020 (r358832) @@ -97,7 +97,7 @@ interp_include(const char *filename) } #ifdef LOADER_VERIEXEC - if (verify_file(fd, filename, 0, VE_GUESS) < 0) { + if (verify_file(fd, filename, 0, VE_GUESS, __func__) < 0) { close(fd); sprintf(command_errbuf,"can't verify '%s'", filename); return(CMD_ERROR); Modified: projects/clang1000-import/stand/common/load_elf.c ============================================================================== --- projects/clang1000-import/stand/common/load_elf.c Tue Mar 10 06:49:43 2020 (r358831) +++ projects/clang1000-import/stand/common/load_elf.c Tue Mar 10 07:04:05 2020 (r358832) @@ -71,8 +71,17 @@ typedef struct elf_file { size_t firstlen; int kernel; uint64_t off; +#ifdef LOADER_VERIEXEC_VECTX + struct vectx *vctx; +#endif } *elf_file_t; +#ifdef LOADER_VERIEXEC_VECTX +#define VECTX_HANDLE(ef) (ef)->vctx +#else +#define VECTX_HANDLE(ef) (ef)->fd +#endif + static int __elfN(loadimage)(struct preloaded_file *mp, elf_file_t ef, uint64_t loadaddr); static int __elfN(lookup_symbol)(struct preloaded_file *mp, elf_file_t ef, @@ -214,7 +223,20 @@ __elfN(load_elf_header)(char *filename, elf_file_t ef) close(ef->fd); return (ENOMEM); } - bytes_read = read(ef->fd, ef->firstpage, PAGE_SIZE); +#ifdef LOADER_VERIEXEC_VECTX + { + int verror; + + ef->vctx = vectx_open(ef->fd, filename, 0L, NULL, &verror, __func__); + if (verror) { + printf("Unverified %s: %s\n", filename, ve_error_get()); + close(ef->fd); + free(ef->vctx); + return (EAUTH); + } + } +#endif + bytes_read = VECTX_READ(VECTX_HANDLE(ef), ef->firstpage, PAGE_SIZE); ef->firstlen = (size_t)bytes_read; if (bytes_read < 0 || ef->firstlen <= sizeof(Elf_Ehdr)) { err = EFTYPE; /* could be EIO, but may be small file */ @@ -245,10 +267,10 @@ __elfN(load_elf_header)(char *filename, elf_file_t ef) goto error; } -#ifdef LOADER_VERIEXEC - if (verify_file(ef->fd, filename, bytes_read, VE_MUST) < 0) { - err = EAUTH; - goto error; +#if defined(LOADER_VERIEXEC) && !defined(LOADER_VERIEXEC_VECTX) + if (verify_file(ef->fd, filename, bytes_read, VE_MUST, __func__) < 0) { + err = EAUTH; + goto error; } #endif return (0); @@ -259,6 +281,9 @@ error: ef->firstpage = NULL; } if (ef->fd != -1) { +#ifdef LOADER_VERIEXEC_VECTX + free(ef->vctx); +#endif close(ef->fd); ef->fd = -1; } @@ -415,8 +440,20 @@ oerr: out: if (ef.firstpage) free(ef.firstpage); - if (ef.fd != -1) + if (ef.fd != -1) { +#ifdef LOADER_VERIEXEC_VECTX + if (!err && ef.vctx) { + int verror; + + verror = vectx_close(ef.vctx, VE_MUST, __func__); + if (verror) { + err = EAUTH; + file_discard(fp); + } + } +#endif close(ef.fd); + } return (err); } @@ -562,7 +599,8 @@ __elfN(loadimage)(struct preloaded_file *fp, elf_file_ phdr[i].p_vaddr + off, fpcopy); } if (phdr[i].p_filesz > fpcopy) { - if (kern_pread(ef->fd, phdr[i].p_vaddr + off + fpcopy, + if (kern_pread(VECTX_HANDLE(ef), + phdr[i].p_vaddr + off + fpcopy, phdr[i].p_filesz - fpcopy, phdr[i].p_offset + fpcopy) != 0) { printf("\nelf" __XSTRING(__ELF_WORD_SIZE) @@ -606,7 +644,7 @@ __elfN(loadimage)(struct preloaded_file *fp, elf_file_ chunk = (size_t)ehdr->e_shnum * (size_t)ehdr->e_shentsize; if (chunk == 0 || ehdr->e_shoff == 0) goto nosyms; - shdr = alloc_pread(ef->fd, ehdr->e_shoff, chunk); *** DIFF OUTPUT TRUNCATED AT 1000 LINES ***