From owner-svn-src-head@freebsd.org  Thu Aug 20 01:14:40 2020
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5F1873CD85B;
 Thu, 20 Aug 2020 01:14:40 +0000 (UTC) (envelope-from bdragon@imap.cc)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com
 [66.111.4.26])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4BX6BS0NyDz4mbd;
 Thu, 20 Aug 2020 01:14:39 +0000 (UTC) (envelope-from bdragon@imap.cc)
Received: from compute3.internal (compute3.nyi.internal [10.202.2.43])
 by mailout.nyi.internal (Postfix) with ESMTP id 0AA265C00BD;
 Wed, 19 Aug 2020 21:14:39 -0400 (EDT)
Received: from imap1 ([10.202.2.51])
 by compute3.internal (MEProxy); Wed, 19 Aug 2020 21:14:39 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=imap.cc; h=
 mime-version:message-id:in-reply-to:references:date:from:to
 :subject:content-type; s=fm1; bh=SLI3Y3g7E0HpvDOBIEOccj6f2FY9LCB
 7jhlKemFGR0Y=; b=skJ9lNqJLPZwiInVS/ZR5XEKSuTwJLZjl3G2ClQG50UIBqk
 hx9U6zwXp41oeRXKUCPmAlURXu+t+KLw9ZS3GCTmT7OFqRPbHcUL0Y55NiMvwr/b
 mqQg0xtjTj29E2TgdlAuXlGlMIK4WttL29VNXFSek5FZO8brasXTpdHpuF0NpMxS
 Ny0+VL9FYeR1UoXtZq8neabl/UXEPrIxTqx/KT/PmeJs+jFacp0NJ4D//cxRXS36
 joTCa/Fy2mp/9cX1Poo3S2vRS8KXGJtTRZ8S1OxCqqtEUTG9vNMYbygToqsD5l7V
 BJnV34IN2ZERSKlhOsYKlPCJuOAf26vIFT1rnng==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=content-type:date:from:in-reply-to
 :message-id:mime-version:references:subject:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm3; bh=SLI3Y3
 g7E0HpvDOBIEOccj6f2FY9LCB7jhlKemFGR0Y=; b=rHGGnC0wtY2+kCkdgOHpkP
 uhbAGLt3UxJtb/pC8pfQvB7iRFxod2ZQGtv4w34DsnZCl9eOyHIhT0+glZQdwoI6
 aHuxx3UVHD7MpldJuoIwYCJZkCKmVCOK1hIS2qgEnXC9iaQwho/2J9dicVyKrg3G
 gOO7L68CFUplykA+C9RvX99Y4znISj94ZDxUd9FjhuquDZpp4Qvw6BdUX/IjGOz4
 wgNFjbJ6jP6DXpXKF+KUcRHhwQCxHyLAcblYCY+y35qG+0g14c++mMuncA43L3bW
 ieRQtrMAahjJ8s/tMXvqeSU64dQUTmht0cbRzJNIRcRek0Ix9RxKAJ3PXqq6MgSA
 ==
X-ME-Sender: <xms:fs49X6yv92smfQoUQbDNR99xj9oQ9PLHvEihXvWHSfQhoToYuKPDSw>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduiedruddtledgfeeiucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 gfrhhlucfvnfffucdluddtmdenucfjughrpefofgggkfgjfhffhffvufgtsehttdertder
 redtnecuhfhrohhmpedfuehrrghnughonhcuuegvrhhgrhgvnhdfuceosggurhgrghhonh
 esihhmrghprdgttgeqnecuggftrfgrthhtvghrnhepueevkefhgffhtdeijeduhfejgfel
 jefhffdtheekjedvfeehiefhudfhteeltdehnecuffhomhgrihhnpehfrhgvvggsshgurd
 horhhgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhep
 sggurhgrghhonhesihhmrghprdgttg
X-ME-Proxy: <xmx:fs49X2Rw0OJ5NzZIMwRUPT3DkdGZ7BtAmMWyLwCi1CUAEp4dX03fDw>
 <xmx:fs49X8UKSiNTLyCEVgmC2gwde8j7z0ENr-GLJc-02L_h1RmVT8u2Uw>
 <xmx:fs49XwgAs5Q_DvA6M5-RYAb8qARQqro3e34wttQu0Alc02TI0W1pTw>
 <xmx:f849X3rbAZu9XQNHjJknyWvvRnghRXcc7MENqHdYufyMEUZxYl5o_w>
Received: by mailuser.nyi.internal (Postfix, from userid 501)
 id D4B92C200A4; Wed, 19 Aug 2020 21:14:38 -0400 (EDT)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.0-191-gef79d59-fm-20200818.001-gef79d590
Mime-Version: 1.0
Message-Id: <6659148c-b4c4-4f07-a2ae-9ff52dba62ed@www.fastmail.com>
In-Reply-To: <202008192342.07JNgXKj056987@repo.freebsd.org>
References: <202008192342.07JNgXKj056987@repo.freebsd.org>
Date: Wed, 19 Aug 2020 20:14:17 -0500
From: "Brandon Bergren" <bdragon@imap.cc>
To: "Rick Macklem" <rmacklem@FreeBSD.org>, src-committers@freebsd.org,
 svn-src-all@freebsd.org, svn-src-head@freebsd.org
Subject: Re: svn commit: r364409 - in head/sys: kern sys
Content-Type: text/plain
X-Rspamd-Queue-Id: 4BX6BS0NyDz4mbd
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
	none
X-Spamd-Result: default: False [-4.00 / 15.00];
 ASN(0.00)[asn:11403, ipnet:66.111.4.0/24, country:US];
 REPLY(-4.00)[]
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 20 Aug 2020 01:14:40 -0000

This broke world build.

Please update the blacklist in lib/sysdecode/mktables.

On Wed, Aug 19, 2020, at 6:42 PM, Rick Macklem wrote:
> Author: rmacklem
> Date: Wed Aug 19 23:42:33 2020
> New Revision: 364409
> URL: https://svnweb.freebsd.org/changeset/base/364409
> 
> Log:
>   Add the MSG_TLSAPPDATA flag to indicate "return ENXIO" for non-application TLS
>   data records.
>   
>   The kernel RPC cannot process non-application data records when
>   using TLS. It must to an upcall to a userspace daemon that will
>   call SSL_read() to process them.
>   
>   This patch adds a new flag called MSG_TLSAPPDATA that the kernel
>   RPC can use to tell sorecieve() to return ENXIO instead of a non-application
>   data record, when that is what is at the top of the receive queue.
>   I put the code in #ifdef KERN_TLS/#endif, although it will build without
>   that, so that it is recognized as only useful when KERN_TLS is enabled.
>   The alternative to doing this is to have the kernel RPC re-queue the
>   non-application data message after receiving it, but that seems more
>   complicated and might introduce message ordering issues when there
>   are multiple non-application data records one after another.
>   
>   I do not know what, if any, changes will be required to support TLS1.3.
>   
>   Reviewed by:	glebius
>   Differential Revision:	https://reviews.freebsd.org/D25923
> 
> Modified:
>   head/sys/kern/uipc_socket.c
>   head/sys/sys/socket.h
> 
> Modified: head/sys/kern/uipc_socket.c
> ==============================================================================
> --- head/sys/kern/uipc_socket.c	Wed Aug 19 20:41:22 2020	(r364408)
> +++ head/sys/kern/uipc_socket.c	Wed Aug 19 23:42:33 2020	(r364409)
> @@ -2056,6 +2056,32 @@ dontblock:
>  	if (m != NULL && m->m_type == MT_CONTROL) {
>  		struct mbuf *cm = NULL, *cmn;
>  		struct mbuf **cme = &cm;
> +#ifdef KERN_TLS
> +		struct cmsghdr *cmsg;
> +		struct tls_get_record tgr;
> +
> +		/*
> +		 * For MSG_TLSAPPDATA, check for a non-application data
> +		 * record.  If found, return ENXIO without removing
> +		 * it from the receive queue.  This allows a subsequent
> +		 * call without MSG_TLSAPPDATA to receive it.
> +		 * Note that, for TLS, there should only be a single
> +		 * control mbuf with the TLS_GET_RECORD message in it.
> +		 */
> +		if (flags & MSG_TLSAPPDATA) {
> +			cmsg = mtod(m, struct cmsghdr *);
> +			if (cmsg->cmsg_type == TLS_GET_RECORD &&
> +			    cmsg->cmsg_len == CMSG_LEN(sizeof(tgr))) {
> +				memcpy(&tgr, CMSG_DATA(cmsg), sizeof(tgr));
> +				/* This will need to change for TLS 1.3. */
> +				if (tgr.tls_type != TLS_RLTYPE_APP) {
> +					SOCKBUF_UNLOCK(&so->so_rcv);
> +					error = ENXIO;
> +					goto release;
> +				}
> +			}
> +		}
> +#endif
>  
>  		do {
>  			if (flags & MSG_PEEK) {
> 
> Modified: head/sys/sys/socket.h
> ==============================================================================
> --- head/sys/sys/socket.h	Wed Aug 19 20:41:22 2020	(r364408)
> +++ head/sys/sys/socket.h	Wed Aug 19 23:42:33 2020	(r364409)
> @@ -468,6 +468,7 @@ struct msghdr {
>  #endif
>  #ifdef _KERNEL
>  #define	MSG_MORETOCOME	 0x00100000	/* additional data pending */
> +#define	MSG_TLSAPPDATA	 0x00200000	/* only soreceive() app. data (TLS) */
>  #endif
>  
>  /*
>

-- 
  Brandon Bergren
  bdragon@imap.cc