openssl - Mirror of https://github.com/openssl/openssl

Age	Commit message (Expand)	Author
2020-05-01	Add SSL_new_session_ticket() API	Benjamin Kaduk
2020-04-24	In OpenSSL builds, declare STACK for datatypes ...	Rich Salz
2020-04-23	Update copyright year	Matt Caswell
2020-04-09	Ensure libssl uses the new library context aware CT code	Matt Caswell
2020-03-27	Ignore some fetch failures	Matt Caswell
2020-02-14	Fix coverity issues	Shane Lontis
2020-02-13	Fix a mem leak in libssl	Matt Caswell
2020-02-07	Fix no-engine	Matt Caswell
2020-02-06	Explicitly fetch ciphers and digests in libssl	Matt Caswell
2020-01-30	Fix SSL_get_servername() and SNI behaviour	Matt Caswell
2020-01-24	Make sure we use RAND_bytes_ex and RAND_priv_bytes_ex in libssl	Matt Caswell
2020-01-22	Introduce SSL_CTX_new_with_libex()	Matt Caswell
2019-11-07	Update source files for pre-3.0 deprecation	Richard Levitte
2019-11-03	X509_LOOKUP_store: new X509_LOOKUP_METHOD that works by OSSL_STORE URI	Richard Levitte
2019-10-31	Simplify NO_KTLS path in SSL_sendfile.	John Baldwin
2019-10-21	Fix leak with no-ec config	raja-ashok
2019-10-09	Explicitly test against NULL; do not use !p or similar	Rich Salz
2019-09-28	Reorganize local header files	Dr. Matthias St. Pierre
2019-08-02	Replace FUNCerr with ERR_raise_data	Rich Salz
2019-07-22	Deprecate SYSerr, add new FUNCerr macro	Rich Salz
2019-07-22	Add ERR_put_func_error, and use it.	Rich Salz
2019-07-16	Fix SSL_CTX_set_session_id_context() docs	Todd Short
2019-06-26	Move 'shared_sigalgs' from cert_st to ssl_st	Benjamin Kaduk
2019-06-18	Following the previous 2 commits also move ecpointformats out of session	Matt Caswell
2019-06-18	Fix a race condition in ciphers handling	Matt Caswell
2019-06-18	Fix a race condition in supported groups handling	Matt Caswell
2019-06-17	Allow TLSv1.3 in a no-ec build	Matt Caswell
2019-06-11	Change cipher default strings to a function	Todd Short
2019-05-21	Change SSL parameter SSL_session_reused const	Arne Schwabe
2019-05-07	ssl: Add SSL_sendfile	Boris Pismenny
2019-04-29	Collapse ssl3_state_st (s3) into ssl_st	Todd Short
2019-04-19	Check if num is 0 before trying to malloc memory. Otherwise for client hellos...	dyrock
2019-03-06	Adapt CIPHER_DEBUG to the new generic trace API	Richard Levitte
2019-02-14	Ignore cipher suites when setting cipher list	Sam Roberts
2019-02-05	Make some simple getters take const SSL/SSL_CTX	Sam Roberts
2019-01-27	add an additional async notification communication method based on callback	Ping Yu
2018-12-07	ssl: Linux TLS Tx Offload	Boris Pismenny
2018-12-06	Following the license change, modify the boilerplates in ssl/	Richard Levitte
2018-12-06	Refactor the computation of API version limits	Richard Levitte
2018-11-12	Separate ca_names handling for client and server	Matt Caswell
2018-11-06	Fix return formatting.	Pauli
2018-11-06	Cleanse the key log buffer.	Pauli
2018-10-03	Remove SSL_version_str	Richard Levitte
2018-09-19	Reset TLS 1.3 ciphers in SSL_CTX_set_ssl_version()	Benjamin Kaduk
2018-09-07	Do not reset SNI data in SSL_do_handshake()	Matt Caswell
2018-09-07	Simplify SSL_get_servername() to avoid session references	Ben Kaduk
2018-08-20	Add support for SSL_CTX_set_post_handshake_auth()	Matt Caswell
2018-08-20	Change Post Handshake auth so that it is opt-in	Matt Caswell
2018-08-07	ssl/*: switch to switch to Thread-Sanitizer-friendly primitives.	Andy Polyakov
2018-07-26	Improve backwards compat for SSL_get_servername()	Benjamin Kaduk

/* * High memory handling common code and variables. * * (C) 1999 Andrea Arcangeli, SuSE GmbH, andrea@suse.de * Gerhard Wichert, Siemens AG, Gerhard.Wichert@pdb.siemens.de * * * Redesigned the x86 32-bit VM architecture to deal with * 64-bit physical space. With current x86 CPUs this * means up to 64 Gigabytes physical RAM. * * Rewrote high memory support to move the page cache into * high memory. Implemented permanent (schedulable) kmaps * based on Linus' idea. * * Copyright (C) 1999 Ingo Molnar <mingo@redhat.com> */ #include <linux/mm.h> #include <linux/export.h> #include <linux/swap.h> #include <linux/bio.h> #include <linux/pagemap.h> #include <linux/mempool.h> #include <linux/blkdev.h> #include <linux/init.h> #include <linux/hash.h> #include <linux/highmem.h> #include <linux/kgdb.h> #include <asm/tlbflush.h> #if defined(CONFIG_HIGHMEM) || defined(CONFIG_X86_32) DEFINE_PER_CPU(int, __kmap_atomic_idx); #endif /* * Virtual_count is not a pure "count". * 0 means that it is not mapped, and has not been mapped * since a TLB flush - it is usable. * 1 means that there are no users, but it has been mapped * since the last TLB flush - so we can't use it. * n means that there are (n-1) current users of it. */ #ifdef CONFIG_HIGHMEM /* * Architecture with aliasing data cache may define the following family of * helper functions in its asm/highmem.h to control cache color of virtual * addresses where physical memory pages are mapped by kmap. */ #ifndef get_pkmap_color /* * Determine color of virtual address where the page should be mapped. */ static inline unsigned int get_pkmap_color(struct page *page) { return 0; } #define get_pkmap_color get_pkmap_color /* * Get next index for mapping inside PKMAP region for page with given color. */ static inline unsigned int get_next_pkmap_nr(unsigned int color) { static unsigned int last_pkmap_nr; last_pkmap_nr = (last_pkmap_nr + 1) & LAST_PKMAP_MASK; return last_pkmap_nr; } /* * Determine if page index inside PKMAP region (pkmap_nr) of given color * has wrapped around PKMAP region end. When this happens an attempt to * flush all unused PKMAP slots is made. */ static inline int no_more_pkmaps(unsigned int pkmap_nr, unsigned int color) { return pkmap_nr == 0; } /* * Get the number of PKMAP entries of the given color. If no free slot is * found after checking that many entries, kmap will sleep waiting for * someone to call kunmap and free PKMAP slot. */ static inline int get_pkmap_entries_count(unsigned int color) { return LAST_PKMAP; } /* * Get head of a wait queue for PKMAP entries of the given color. * Wait queues for different mapping colors should be independent to avoid * unnecessary wakeups caused by freeing of slots of other colors. */ static inline wait_queue_head_t *get_pkmap_wait_queue_head(unsigned int color) { static DECLARE_WAIT_QUEUE_HEAD(pkmap_map_wait); return &pkmap_map_wait; } #endif unsigned long totalhigh_pages __read_mostly; EXPORT_SYMBOL(totalhigh_pages); EXPORT_PER_CPU_SYMBOL(__kmap_atomic_idx); unsigned int nr_free_highpages (void) { pg_data_t *pgdat; unsigned int pages = 0; for_each_online_pgdat(pgdat) { pages += zone_page_state(&pgdat->node_zones[ZONE_HIGHMEM], NR_FREE_PAGES); if (zone_movable_is_highmem()) pages += zone_page_state( &pgdat->node_zones[ZONE_MOVABLE], NR_FREE_PAGES); } return pages; } static int pkmap_count[LAST_PKMAP]; static __cacheline_aligned_in_smp DEFINE_SPINLOCK(kmap_lock); pte_t * pkmap_page_table; /* * Most architectures have no use for kmap_high_get(), so let's abstract * the disabling of IRQ out of the locking in that case to save on a * potential useless overhead. */ #ifdef ARCH_NEEDS_KMAP_HIGH_GET #define lock_kmap() spin_lock_irq(&kmap_lock) #define unlock_kmap() spin_unlock_irq(&kmap_lock) #define lock_kmap_any(flags) spin_lock_irqsave(&kmap_lock, flags) #define unlock_kmap_any(flags) spin_unlock_irqrestore(&kmap_lock, flags) #else #define lock_kmap() spin_lock(&kmap_lock) #define unlock_kmap() spin_unlock(&kmap_lock) #define lock_kmap_any(flags) \ do { spin_lock(&kmap_lock); (void)(flags); } while (0) #define unlock_kmap_any(flags) \ do { spin_unlock(&kmap_lock); (void)(flags); } while (0) #endif struct page *kmap_to_page(void *vaddr) { unsigned long addr = (unsigned long)vaddr; if (addr >= PKMAP_ADDR(0) && addr < PKMAP_ADDR(LAST_PKMAP)) { int i = PKMAP_NR(addr); return pte_page(pkmap_page_table[i]); } return virt_to_page(addr); } EXPORT_SYMBOL(kmap_to_page); static void flush_all_zero_pkmaps(void) { int i; int need_flush = 0; flush_cache_kmaps(); for (i = 0; i < LAST_PKMAP; i++) { struct page *page; /* * zero means we don't have anything to do, * >1 means that it is still in use. Only * a count of 1 means that it is free but * needs to be unmapped */ if (pkmap_count[i] != 1) continue; pkmap_count[i] = 0; /* sanity check */ BUG_ON(pte_none(pkmap_page_table[i])); /* * Don't need an atomic fetch-and-clear op here; * no-one has the page mapped, and cannot get at * its virtual address (and hence PTE) without first * getting the kmap_lock (which is held here). * So no dangers, even with speculative execution. */ page = pte_page(pkmap_page_table[i]); pte_clear(&init_mm, PKMAP_ADDR(i), &pkmap_page_table[i]); set_page_address(page, NULL); need_flush = 1; } if (need_flush) flush_tlb_kernel_range(PKMAP_ADDR(0), PKMAP_ADDR(LAST_PKMAP)); } /** * kmap_flush_unused - flush all unused kmap mappings in order to remove stray mappings */ void kmap_flush_unused(void) { lock_kmap(); flush_all_zero_pkmaps(); unlock_kmap(); } static inline unsigned long map_new_virtual(struct page *page) { unsigned long vaddr; int count; unsigned int last_pkmap_nr; unsigned int color = get_pkmap_color(page); start: count = get_pkmap_entries_count(color); /* Find an empty entry */ for (;;) { last_pkmap_nr = get_next_pkmap_nr(color); if (no_more_pkmaps(last_pkmap_nr, color)) { flush_all_zero_pkmaps(); count = get_pkmap_entries_count(color); } if (!pkmap_count[last_pkmap_nr]) break; /* Found a usable entry */ if (--count) continue; /* * Sleep for somebody else to unmap their entries */ { DECLARE_WAITQUEUE(wait, current); wait_queue_head_t *pkmap_map_wait = get_pkmap_wait_queue_head(color); __set_current_state(TASK_UNINTERRUPTIBLE); add_wait_queue(pkmap_map_wait, &wait); unlock_kmap(); schedule(); remove_wait_queue(pkmap_map_wait, &wait); lock_kmap(); /* Somebody else might have mapped it while we slept */ if (page_address(page)) return (unsigned long)page_address(page); /* Re-start */ goto start; } } vaddr = PKMAP_ADDR(last_pkmap_nr); set_pte_at(&init_mm, vaddr, &(pkmap_page_table[last_pkmap_nr]), mk_pte(page, kmap_prot)); pkmap_count[last_pkmap_nr] = 1; set_page_address(page, (void *)vaddr); return vaddr; } /** * kmap_high - map a highmem page into memory * @page: &struct page to map * * Returns the page's virtual memory address. * * We cannot call this from interrupts, as it may block. */ void *kmap_high(struct page *page) { unsigned long vaddr; /* * For highmem pages, we can't trust "virtual" until * after we have the lock. */ lock_kmap(); vaddr = (unsigned long)page_address(page); if (!vaddr) vaddr = map_new_virtual(page); pkmap_count[PKMAP_NR(vaddr)]++; BUG_ON(pkmap_count[PKMAP_NR(vaddr)] < 2); unlock_kmap(); return (void*) vaddr; } EXPORT_SYMBOL(kmap_high); #ifdef ARCH_NEEDS_KMAP_HIGH_GET /** * kmap_high_get - pin a highmem page into memory * @page: &struct page to pin * * Returns the page's current virtual memory address, or NULL if no mapping * exists. If and only if a non null address is returned then a * matching call to kunmap_high() is necessary. * * This can be called from any context. */ void *kmap_high_get(struct page *page) { unsigned long vaddr, flags; lock_kmap_any(flags); vaddr = (unsigned long)page_address(page); if (vaddr) { BUG_ON(pkmap_count[PKMAP_NR(vaddr)] < 1); pkmap_count[PKMAP_NR(vaddr)]++; } unlock_kmap_any(flags); return (void*) vaddr; } #endif /** * kunmap_high - unmap a highmem page into memory * @page: &struct page to unmap * * If ARCH_NEEDS_KMAP_HIGH_GET is not defined then this may be called * only from user context. */ void kunmap_high(struct page *page) { unsigned long vaddr; unsigned long nr; unsigned long flags; int need_wakeup; unsigned int color = get_pkmap_color(page); wait_queue_head_t *pkmap_map_wait; lock_kmap_any(flags); vaddr = (unsigned long)page_address(page); BUG_ON(!vaddr); nr = PKMAP_NR(vaddr); /* * A count must never go down to zero * without a TLB flush! */ need_wakeup = 0; switch (--pkmap_count[nr]) { case 0: BUG(); case 1: /* * Avoid an unnecessary wake_up() function call. * The common case is pkmap_count[] == 1, but * no waiters. * The tasks queued in the wait-queue are guarded * by both the lock in the wait-queue-head and by * the kmap_lock. As the kmap_lock is held here, * no need for the wait-queue-head's lock. Simply * test if the queue is empty. */ pkmap_map_wait = get_pkmap_wait_queue_head(color); need_wakeup