Commit Graph

1833 Commits

Author SHA1 Message Date
comex
8e703e08df Implement SSL service
This implements some missing network APIs including a large chunk of the SSL
service, enough for Mario Maker (with an appropriate mod applied) to connect to
the fan server [Open Course World](https://opencourse.world/).

Connecting to first-party servers is out of scope of this PR and is a
minefield I'd rather not step into.

 ## TLS

TLS is implemented with multiple backends depending on the system's 'native'
TLS library.  Currently there are two backends: Schannel for Windows, and
OpenSSL for Linux.  (In reality Linux is a bit of a free-for-all where there's
no one 'native' library, but OpenSSL is the closest it gets.)  On macOS the
'native' library is SecureTransport but that isn't implemented in this PR.
(Instead, all non-Windows OSes will use OpenSSL unless disabled with
`-DENABLE_OPENSSL=OFF`.)

Why have multiple backends instead of just using a single library, especially
given that Yuzu already embeds mbedtls for cryptographic algorithms?  Well, I
tried implementing this on mbedtls first, but the problem is TLS policies -
mainly trusted certificate policies, and to a lesser extent trusted algorithms,
SSL versions, etc.

...In practice, the chance that someone is going to conduct a man-in-the-middle
attack on a third-party game server is pretty low, but I'm a security nerd so I
like to do the right security things.

My base assumption is that we want to use the host system's TLS policies.  An
alternative would be to more closely emulate the Switch's TLS implementation
(which is based on NSS).  But for one thing, I don't feel like reverse
engineering it.  And I'd argue that for third-party servers such as Open Course
World, it's theoretically preferable to use the system's policies rather than
the Switch's, for two reasons

1. Someday the Switch will stop being updated, and the trusted cert list,
   algorithms, etc. will start to go stale, but users will still want to
   connect to third-party servers, and there's no reason they shouldn't have
   up-to-date security when doing so.  At that point, homebrew users on actual
   hardware may patch the TLS implementation, but for emulators it's simpler to
   just use the host's stack.

2. Also, it's good to respect any custom certificate policies the user may have
   added systemwide.  For example, they may have added custom trusted CAs in
   order to use TLS debugging tools or pass through corporate MitM middleboxes.
   Or they may have removed some CAs that are normally trusted out of paranoia.

Note that this policy wouldn't work as-is for connecting to first-party
servers, because some of them serve certificates based on Nintendo's own CA
rather than a publicly trusted one.  However, this could probably be solved
easily by using appropriate APIs to adding Nintendo's CA as an alternate
trusted cert for Yuzu's connections.  That is not implemented in this PR
because, again, first-party servers are out of scope.

(If anything I'd rather have an option to _block_ connections to Nintendo
servers, but that's not implemented here.)

To use the host's TLS policies, there are three theoretical options:

a) Import the host's trusted certificate list into a cross-platform TLS
   library (presumably mbedtls).

b) Use the native TLS library to verify certificates but use a cross-platform
   TLS library for everything else.

c) Use the native TLS library for everything.

Two problems with option a).  First, importing the trusted certificate list at
minimum requires a bunch of platform-specific code, which mbedtls does not have
built in.  Interestingly, OpenSSL recently gained the ability to import the
Windows certificate trust store... but that leads to the second problem, which
is that a list of trusted certificates is [not expressive
enough](https://bugs.archlinux.org/task/41909) to express a modern certificate
trust policy.  For example, Windows has the concept of [explicitly distrusted
certificates](https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/dn265983(v=ws.11)),
and macOS requires Certificate Transparency validation for some certificates
with complex rules for when it's required.

Option b) (using native library just to verify certs) is probably feasible, but
it would miss aspects of TLS policy other than trusted certs (like allowed
algorithms), and in any case it might well require writing more code, not less,
compared to using the native library for everything.

So I ended up at option c), using the native library for everything.

What I'd *really* prefer would be to use a third-party library that does option
c) for me.  Rust has a good library for this,
[native-tls](https://docs.rs/native-tls/latest/native_tls/).  I did search, but
I couldn't find a good option in the C or C++ ecosystem, at least not any that
wasn't part of some much larger framework.  I was surprised - isn't this a
pretty common use case?  Well, many applications only need TLS for HTTPS, and they can
use libcurl, which has a TLS abstraction layer internally but doesn't expose
it.  Other applications only support a single TLS library, or use one of the
aforementioned larger frameworks, or are platform-specific to begin with, or of
course are written in a non-C/C++ language, most of which have some canonical
choice for TLS.  But there are also many applications that have a set of TLS
backends just like this; it's just that nobody has gone ahead and abstracted
the pattern into a library, at least not a widespread one.

Amusingly, there is one TLS abstraction layer that Yuzu already bundles: the
one in ffmpeg.  But it is missing some features that would be needed to use it
here (like reusing an existing socket rather than managing the socket itself).
Though, that does mean that the wiki's build instructions for Linux (and macOS
for some reason?) already recommend installing OpenSSL, so no need to update
those.

 ## Other APIs implemented

- Sockets:
    - GetSockOpt(`SO_ERROR`)
    - SetSockOpt(`SO_NOSIGPIPE`) (stub, I have no idea what this does on Switch)
    - `DuplicateSocket` (because the SSL sysmodule calls it internally)
    - More `PollEvents` values

- NSD:
    - `Resolve` and `ResolveEx` (stub, good enough for Open Course World and
      probably most third-party servers, but not first-party)

- SFDNSRES:
    - `GetHostByNameRequest` and `GetHostByNameRequestWithOptions`
    - `ResolverSetOptionRequest` (stub)

 ## Fixes

- Parts of the socket code were previously allocating a `sockaddr` object on
  the stack when calling functions that take a `sockaddr*` (e.g. `accept`).
  This might seem like the right thing to do to avoid illegal aliasing, but in
  fact `sockaddr` is not guaranteed to be large enough to hold any particular
  type of address, only the header.  This worked in practice because in
  practice `sockaddr` is the same size as `sockaddr_in`, but it's not how the
  API is meant to be used.  I changed this to allocate an `sockaddr_in` on the
  stack and `reinterpret_cast` it.  I could try to do something cleverer with
  `aligned_storage`, but casting is the idiomatic way to use these particular
  APIs, so it's really the system's responsibility to avoid any aliasing
  issues.

- I rewrote most of the `GetAddrInfoRequest[WithOptions]` implementation.  The
  old implementation invoked the host's getaddrinfo directly from sfdnsres.cpp,
  and directly passed through the host's socket type, protocol, etc. values
  rather than looking up the corresponding constants on the Switch.  To be
  fair, these constants don't tend to actually vary across systems, but
  still... I added a wrapper for `getaddrinfo` in
  `internal_network/network.cpp` similar to the ones for other socket APIs, and
  changed the `GetAddrInfoRequest` implementation to use it.  While I was at
  it, I rewrote the serialization to use the same approach I used to implement
  `GetHostByNameRequest`, because it reduces the number of size calculations.
  While doing so I removed `AF_INET6` support because the Switch doesn't
  support IPv6; it might be nice to support IPv6 anyway, but that would have to
  apply to all of the socket APIs.

  I also corrected the IPC wrappers for `GetAddrInfoRequest` and
  `GetAddrInfoRequestWithOptions` based on reverse engineering and hardware
  testing.  Every call to `GetAddrInfoRequestWithOptions` returns *four*
  different error codes (IPC status, getaddrinfo error code, netdb error code,
  and errno), and `GetAddrInfoRequest` returns three of those but in a
  different order, and it doesn't really matter but the existing implementation
  was a bit off, as I discovered while testing `GetHostByNameRequest`.

  - The new serialization code is based on two simple helper functions:

    ```cpp
    template <typename T> static void Append(std::vector<u8>& vec, T t);
    void AppendNulTerminated(std::vector<u8>& vec, std::string_view str);
    ```

    I was thinking there must be existing functions somewhere that assist with
    serialization/deserialization of binary data, but all I could find was the
    helper methods in `IOFile` and `HLERequestContext`, not anything that could
    be used with a generic byte buffer.  If I'm not missing something, then
    maybe I should move the above functions to a new header in `common`...
    right now they're just sitting in `sfdnsres.cpp` where they're used.

- Not a fix, but `SocketBase::Recv`/`Send` is changed to use `std::span<u8>`
  rather than `std::vector<u8>&` to avoid needing to copy the data to/from a
  vector when those methods are called from the TLS implementation.
2023-06-25 12:53:31 -07:00
bunnei
5384fa4998 android: fs: Fix Exists / IsFile for SAF. 2023-06-15 17:20:56 -07:00
bunnei
698a3eda50
Merge pull request #10603 from lat9nq/tz-more-complete
core,common: Implement missing time zone data/computations
2023-06-13 13:28:45 -07:00
liamwhite
b3e2c9f9f1
Merge pull request #10623 from german77/backup
service: nfc: Add backup support
2023-06-08 21:54:12 -04:00
liamwhite
2a1acbfb4d
Merge pull request #10666 from liamwhite/my-framerate-is-fine
nvnflinger: allow locking framerate during video playback
2023-06-08 21:53:57 -04:00
Tokarev Artem
007c3fa7df Fix potentially uninitialized local variable warning 2023-06-09 05:12:22 +05:00
Liam
6c34adb1de nvnflinger: allow locking framerate during video playback 2023-06-08 01:15:51 -04:00
german77
107aa52cdb service: nfc: Add backup support 2023-06-06 17:06:21 -06:00
bunnei
cb95d7fe1b
Merge pull request #10508 from yuzu-emu/lime
Project Lime - yuzu Android Port
2023-06-05 21:43:43 -07:00
lat9nq
de1fe66d81 time_zone: Handle offset time zones
time_zone: Remove maybe_unused

time_zone: Use s64 storages

time_zone: Catch by reference
2023-06-05 15:15:23 -04:00
lat9nq
3979c7daa4 common: Move system time zone string detection
Moves it from Settings to Common::TimeZone, since this algorithm doesn't
depend on the setting. It also lets us use it in other libraries.

common: Various fixes

time_zone: Don't double up the std::abs

Too many absolute values were causing mirrored time zones to resolve
as the same.
2023-06-05 15:15:11 -04:00
lat9nq
3e68a284ae settings: Always report a valid time zone
Prevents needing to deduce the non-Switch setting in core. Instead, we
deduce the meaning of this setting where the heresy is committed, in
common.

settings: Remove strftime usage

GetTimeZoneString: Use standard features

Also forces GMT on MinGW due to broken strftime.
2023-06-05 15:15:11 -04:00
Narr the Reg
3f35b34515 Use yuzu as category instead of citra 2023-06-03 00:05:44 -07:00
Liam
b19754c73f common: link libandroid on android 2023-06-03 00:05:43 -07:00
bunnei
32cf6beee3 common: dynamic_library: Add ctor for existing handle. 2023-06-03 00:05:31 -07:00
bunnei
ef605f7d8f android: Implement SAF support & migrate to SDK 31. (#4) 2023-06-03 00:05:29 -07:00
bunnei
cdbab60bbb common: error: Fix for Android. 2023-06-03 00:05:27 -07:00
bunnei
f8b87e6fab common: fs: Implement for Android. 2023-06-03 00:05:27 -07:00
bunnei
99296a1510 common: logging: Implement Android logcat backend. 2023-06-03 00:05:26 -07:00
bunnei
afdee9abea common: host_memory: Implement for Android. 2023-06-03 00:05:26 -07:00
kkoniuszy
584e8b5c52 host_memory: merge adjacent placeholder mappings on Linux
Track the private anonymous placeholder mappings created by Unmap() and
wherever possible, replace existing placeholders with larger ones
instead of creating many small ones.

This helps with the buildup of mappings in /proc/YUZU_PID/maps after a
longer gaming session, improving stability without having to increase
vm.max_map_count to a ridiculous value. The amount of placeholder
mappings will no longer outgrow the amount of actual memfd mappings in
cases of high memory fragmentation.
2023-06-01 22:57:27 +02:00
Morph
9950a388d2 externals: Update to fmt 10 and add format_as formatter for BitField
Implicit conversions are now disallowed in fmt 10. Use format_as to convert to the underlying type.
2023-05-28 15:05:55 -04:00
Liam
415c78b87c textures: add BC1 and BC3 compressors and recompression setting 2023-05-23 12:54:40 -04:00
liamwhite
bbb6b58aa4
Merge pull request #10181 from lat9nq/intel-compute-toggle
configure_graphics: Add option to enable compute pipelines for Intel proprietary
2023-05-15 12:05:24 -04:00
liamwhite
182221b9ff
Merge pull request #10132 from Kelebek1/fermi_blit2
Allow Fermi blit accelerate to work without images in cache
2023-05-11 10:45:59 -04:00
Kelebek1
bf08bc3c0f Allow Fermi blit accelerate to add src/dst to the cache if they don't exist already. Use ScratchBuffers in the software blit path. 2023-05-11 06:42:38 +01:00
german77
1968cc7b10 service: nfp: Allow to load with a different amiibo id 2023-05-09 17:51:59 -06:00
Fernando Sahmkow
92da86290c Settings: add option to enable / disable reactive flushing 2023-05-07 23:46:12 +02:00
Kelebek1
6fed48b3a4 Fix address space allocator slow path to avoid OOB 2023-05-07 15:11:16 +01:00
lat9nq
725aacb4bc settings: Add enable compute pipelines
For the Intel proprietary driver's deficiencies.

settings: Restore compute option global state
2023-05-07 01:06:20 -04:00
bunnei
3547248ec2
Merge pull request #10125 from lat9nq/vsync-select
configuration: Expose separate swap present modes
2023-05-06 21:55:39 -07:00
liamwhite
9c9b4616c3
Merge pull request #10167 from german77/motion_preview
yuzu: Add motion preview to controller input
2023-05-06 23:09:55 -04:00
Roni Kirla
a13fd5f7cc Fix read access violation 2023-05-07 00:13:33 +03:00
Narr the Reg
f017335fef input_common: Add property to invert an axis button 2023-05-05 17:18:35 -06:00
Narr the Reg
46e835f2d6 yuzu: Add motion preview to controller input 2023-05-05 13:53:38 -06:00
Liam
ae59ffc56c settings: remove pessimistic flushing 2023-05-03 18:52:42 -04:00
Morph
627022bef9
Merge pull request #10124 from liamwhite/pebkac
settings: rename extended memory layout to unsafe, move from general to system
2023-05-03 10:52:45 -04:00
lat9nq
2528cf7c54 settings: Enable FIFO relaxed
Not entirely sure if we need this, but there's also no reason not to
support it.

settings: Give VSyncMode values
2023-05-02 21:51:30 -04:00
lat9nq
6f0929df82 configuration: Expose separate swap present modes
Previously, yuzu would try and guess which vsync mode to use given
different scenarios, but apparently we didn't always get it right. This
exposes the separate modes in a drop-down the user can select.

If a mode isn't available in Vulkan, it defaults to FIFO.
2023-05-02 21:51:29 -04:00
GPUCode
f403d27941 vk_present_manager: Add toggle for async presentation 2023-05-01 23:13:24 +03:00
Liam
2cd9e1ecb6 settings: rename extended memory layout to unsafe, move from general to system 2023-04-30 14:24:22 -04:00
Liam
2afaa7aed7 common: add intrusive list type 2023-04-29 17:46:26 -04:00
Liam
a9623d5f55 general: fixes for gcc 13 2023-04-02 19:02:04 -04:00
Max Dunbar
e446f368d7 Fixes 'Continous' typo 2023-03-29 19:26:12 -07:00
Morph
cdc846677c telemetry: Add waitpkg instruction 2023-03-27 17:45:22 -04:00
Morph
981bc8aa1c x64: Simplify RDTSC on non-MSVC compilers
Co-Authored-By: liamwhite <liamwhite@users.noreply.github.com>
2023-03-27 17:45:22 -04:00
Morph
27c33ab73f x64: Add MicroSleep
MicroSleep allows the processor to pause for a "short" amount of time (in the microsecond range). This is useful for spin-waiting that does not require nanosecond precision.
This uses the new TPAUSE instruction introduced on Intel's newest processors as part of the waitpkg instructions. For CPUs that do not support waitpkg instructions, this is equivalent to yield().

Co-Authored-By: liamwhite <liamwhite@users.noreply.github.com>
2023-03-27 17:45:22 -04:00
Morph
d2cfe25b07 x64: cpu_detect: Add detection of waitpkg instructions
waitpkg introduces 3 instructions, UMONITOR, UMWAIT and TPAUSE.
2023-03-27 17:45:22 -04:00
Liam
7017f04ee8 container_hash: use climits 2023-03-26 10:24:33 -04:00
Morph
9971cd1d55 common: Port boost's hash_value implementation
Ports a small subset of boost's hash_value implementation (<= 1.80.0).
2023-03-25 23:52:25 -04:00