From nobody Wed Feb 09 23:58:16 2022
X-Original-To: dev-commits-src-branches@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4BEAD19C5A5E;
	Wed,  9 Feb 2022 23:58:19 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4JvGzY6Jcdz4kN4;
	Wed,  9 Feb 2022 23:58:17 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1644451099;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=30CTpXSW19ohw/zHgQu2jwaLljaO976VNdlnerL0GRg=;
	b=k+YQK+Y+dmtcVk3LrwkwszR2q5M6ko6oFOdvz8ei9ris6L8OiwaDEwTs2ikelXYzTzGVIQ
	JDcJxtlOp6dnKm3fbra8DnpbzsM9fD2GIfzjtSalpu3GRQEqSNSD0UK8uX1i6jPcabhJu6
	J8hz8cZC9KoSjSoo0T43mEvtlgx4SSUUBhzrx+gMMQwi1BbMpu778KJLsX2iyJMzGujypj
	j+bE7CX1aTOojectgCV/Gipr/Vy1TuvpnYh5LSILN3Z2QZ6lateGPFkXFG8dC1/LMPHyv+
	xTjQa9yNEysYEpy+zG+aysQpqk/LSukaOrv87xzVibH/0wsQD9hlnoIosVUjsg==
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 9B71316A01;
	Wed,  9 Feb 2022 23:58:16 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 219NwGq9043680;
	Wed, 9 Feb 2022 23:58:16 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 219NwGTG043679;
	Wed, 9 Feb 2022 23:58:16 GMT
	(envelope-from git)
Date: Wed, 9 Feb 2022 23:58:16 GMT
Message-Id: <202202092358.219NwGTG043679@gitrepo.freebsd.org>
To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org,
        dev-commits-src-branches@FreeBSD.org
From: Ed Maste <emaste@FreeBSD.org>
Subject: git: 5d14c1d0f421 - stable/13 - libfido2: Address CHERI compatibility
List-Id: Commits to the stable branches of the FreeBSD src repository <dev-commits-src-branches.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-src-branches
List-Help: <mailto:dev-commits-src-branches+help@freebsd.org>
List-Post: <mailto:dev-commits-src-branches@freebsd.org>
List-Subscribe: <mailto:dev-commits-src-branches+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-src-branches+unsubscribe@freebsd.org>
Sender: owner-dev-commits-src-branches@freebsd.org
X-BeenThere: dev-commits-src-branches@freebsd.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: emaste
X-Git-Repository: src
X-Git-Refname: refs/heads/stable/13
X-Git-Reftype: branch
X-Git-Commit: 5d14c1d0f4214f0f23cc6e5df4b729f94a022908
Auto-Submitted: auto-generated
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1644451099;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=30CTpXSW19ohw/zHgQu2jwaLljaO976VNdlnerL0GRg=;
	b=qPxlJJUCDZA3wJ/bYPWD//39fq6hEAWT5u8JFdafUxRziY5avaCRMjQI1OYOzCz3gW22ke
	g+HUH8GLM6PsiKQ/5/wS8lKCn3KNTReTdLYlzCckktEqkhspbiZZ/EzF/uCR3SG21/y83e
	z2BufDxtJUzscsHXOJBLXLXcTxlSqO3o4OZTLzutwwWKsxUQ3Gpt9M3phjV8UfM2LJVSI0
	dnfISvXJTfIXwImUJzw4ggI1TCtkNAiFRVHqeQv+m8D68EXBVv7JQv510XyveBQX0hhuzb
	jQhNDm+qOUMJfIqQrDWooeSFQRpoL3GBXdSGHB5wYZu+pL2YhEjtxsQ0Vu3Qow==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1644451099; a=rsa-sha256; cv=none;
	b=ZD4jY+QQb8ojCqtvAt8bn7bqHEMTsXXKB6rD2kuC2LnG30zQfMjHnqm6qlcrJhv+s3ZkIp
	qDW/r5MHik68XSRyRhlQ6ZiBiBVNqdsYaDBajQL2GTG6PS8fB9aZR4eZDS+I0x18BhAhyg
	7n8N4JUhMqYTq7jpOEPrBWA+H+GcbmCGlDWFaQD+fdaMWelo1NQMmj4wpfXol/QF2Sa5JK
	5SdGMVqghzcXSw+Ci6F5CtXhyyo2jwCVVZQuOZT/jW7tkKOwMWXuYetfq8MyXzP7yC9yNU
	1yAs+6ckEoW7Xn4jj+puaslJwkZvzrj6Tx/vKPPHGwPEzqnmKr9sdADwQ9264A==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
X-ThisMailContainsUnwantedMimeParts: N

The branch stable/13 has been updated by emaste:

URL: https://cgit.FreeBSD.org/src/commit/?id=5d14c1d0f4214f0f23cc6e5df4b729f94a022908

commit 5d14c1d0f4214f0f23cc6e5df4b729f94a022908
Author:     Jessica Clarke <jrtc27@jrtc27.com>
AuthorDate: 2021-10-02 15:51:38 +0000
Commit:     Ed Maste <emaste@FreeBSD.org>
CommitDate: 2022-02-09 21:23:53 +0000

    libfido2: Address CHERI compatibility
    
    Cherry-picked from libfido2 upstream f20a735c0a6f:
    
    iso7816: Avoid storing pointers in a packed structure
    
    On CHERI, and thus Arm's experimental Morello prototype architecture,
    pointers are represented as capabilities, which are unforgeable bounded
    pointers, providing always-on fine-grained spatial memory safety. The
    unforgeability is enforced through the use of tagged memory, with one
    validity tag bit per capability-sized-and-aligned word in memory. This
    means that storing a pointer to an unaligned location, which is not
    guaranteed to work per the C standard, either traps or results in the
    capability losing its tag (and thus never being dereferenceable again),
    depending on how exactly the store is done (specifically, whether a
    capability store or memcpy is used).
    
    However, iso7816 itself does not need to be packed, and doing so likely
    causes inefficiencies on existing architectures. The iso7816_header_t
    member is packed, and the flexible payload array is a uint8_t (which by
    definition has no padding bits and is exactly 8 bits in size and, since
    CHAR_BITS must be at least 8, its existence implies that it has the same
    representation as unsigned char, and that it has size and alignment 1)
    so there will never be any padding inserted between header and payload
    (but payload may overlap with padding at the end of the struct due to
    how flexible arrays work, which means we need to be careful about our
    calculations).
    
    Co-authored-by: pedro martelletto <pedro@yubico.com>
    (cherry picked from commit 224a95f124270275ddd7ab9f8f87dd47bad7c282)
---
 contrib/libfido2/src/iso7816.c | 4 ++--
 contrib/libfido2/src/iso7816.h | 5 ++---
 2 files changed, 4 insertions(+), 5 deletions(-)

diff --git a/contrib/libfido2/src/iso7816.c b/contrib/libfido2/src/iso7816.c
index a11aae3e99d1..a4902277c6d8 100644
--- a/contrib/libfido2/src/iso7816.c
+++ b/contrib/libfido2/src/iso7816.c
@@ -59,6 +59,6 @@ iso7816_ptr(const iso7816_apdu_t *apdu)
 size_t
 iso7816_len(const iso7816_apdu_t *apdu)
 {
-	return apdu->alloc_len - sizeof(apdu->alloc_len) -
-	    sizeof(apdu->payload_len) - sizeof(apdu->payload_ptr);
+	return apdu->alloc_len - offsetof(iso7816_apdu_t, header) -
+	    (sizeof(iso7816_apdu_t) - offsetof(iso7816_apdu_t, payload));
 }
diff --git a/contrib/libfido2/src/iso7816.h b/contrib/libfido2/src/iso7816.h
index 5f5363a63a56..9bfad1fbab9d 100644
--- a/contrib/libfido2/src/iso7816.h
+++ b/contrib/libfido2/src/iso7816.h
@@ -27,14 +27,13 @@ struct iso7816_header {
 	uint8_t lc3;
 })
 
-PACKED_TYPE(iso7816_apdu_t,
-struct iso7816_apdu {
+typedef struct iso7816_apdu {
 	size_t            alloc_len;
 	uint16_t          payload_len;
 	uint8_t          *payload_ptr;
 	iso7816_header_t  header;
 	uint8_t           payload[];
-})
+} iso7816_apdu_t;
 
 const unsigned char *iso7816_ptr(const iso7816_apdu_t *);
 int iso7816_add(iso7816_apdu_t *, const void *, size_t);