openbsd
21 months agoAdd a flag to display-menu to select the manu item chosen first, GitHub
nicm [Fri, 20 Jan 2023 21:36:00 +0000 (21:36 +0000)]
Add a flag to display-menu to select the manu item chosen first, GitHub
issue 3442.

21 months agoeditor_name() and get_mp() don't change the disklabel so
krw [Fri, 20 Jan 2023 17:47:07 +0000 (17:47 +0000)]
editor_name() and get_mp() don't change the disklabel so
const'ify some parameters and local variables.

21 months agoRemove various #ifndef BN_SQR_COMBA.
jsing [Fri, 20 Jan 2023 17:34:52 +0000 (17:34 +0000)]
Remove various #ifndef BN_SQR_COMBA.

bn_sqr_comba{4,8}() is now always available.

ok tb@

21 months agoMove bn_{mul,sqr}_comba{4,8}() from bn_asm.c to bn_mul.c/bn_sqr.c.
jsing [Fri, 20 Jan 2023 17:31:52 +0000 (17:31 +0000)]
Move bn_{mul,sqr}_comba{4,8}() from bn_asm.c to bn_mul.c/bn_sqr.c.

Wrap these in HAVE_BN_{MUL,SQR}_COMBA{4,8} defines. Add these defines to
bn_arch.h where the architecture currently provides its own version.

ok tb@

21 months agoMove {mul,sqr}_add_c{,2} macros from bn_asm.c to bn_local.h.
jsing [Fri, 20 Jan 2023 17:26:03 +0000 (17:26 +0000)]
Move {mul,sqr}_add_c{,2} macros from bn_asm.c to bn_local.h.

These depend on other macros that are in already in bn_local.h and this
makes them available to other source files. A lot more clean up will be
needed in the future.

Of course x86_64-gcc.c makes use of the same macro names - sprinkle some
undef in there for the time being.

ok tb@

21 months agoThe locale is ignored on OpenBSD, match the wording used in isalpha.3.
millert [Fri, 20 Jan 2023 17:21:12 +0000 (17:21 +0000)]
The locale is ignored on OpenBSD, match the wording used in isalpha.3.
OK schwarze@

21 months agohppa: simplify itmr_rearm()
cheloha [Fri, 20 Jan 2023 17:18:08 +0000 (17:18 +0000)]
hppa: simplify itmr_rearm()

The nest of branches in itmr_rearm() can be simplified to:

if (cycles <= t1 - t0) {
/* we probably missed */
}

We're doing modular unsigned 32-bit, so the rollover case in the
current code is superfluous.

Tested by miod@.

"Works for me." miod@

21 months agoSync usage with SYNOPSIS, mention that -x may use stdout
kn [Fri, 20 Jan 2023 17:15:22 +0000 (17:15 +0000)]
Sync usage with SYNOPSIS, mention that -x may use stdout

Feedback from jmc and Crystal Kolipe
OK jmc

21 months agoamd64 now has xonly support via the PKU feature. Marking ld.so exec-only
deraadt [Fri, 20 Jan 2023 16:03:14 +0000 (16:03 +0000)]
amd64 now has xonly support via the PKU feature.  Marking ld.so exec-only
is no longer a NOP on those systems, let's do it.

21 months agoOn cpu with the PKU feature, prot=PROT_EXEC pages now create pte which
deraadt [Fri, 20 Jan 2023 16:01:04 +0000 (16:01 +0000)]
On cpu with the PKU feature, prot=PROT_EXEC pages now create pte which
contain PG_XO, which is PKU key1.  On every exit from kernel to userland,
force the PKU register to inhibit data read against key1 memory.  On
(some) traps into the kernel if the PKU register is changed, abort the
process (processes have no reason to change the PKU register).  This
provides us with viable xonly functionality on most modern intel & AMD
cpus.  I started with a xsave-based diff from dv@, but discovered the
fpu save/restore logic wasn't a good fit and went to direct register management.
Disabled on HV (vm) systems until we know they handle PKU correctly.
ok kettenis, dv, guenther, etc

21 months agoUpdate config regress test now that aspa-set syntax changed.
claudio [Fri, 20 Jan 2023 15:43:25 +0000 (15:43 +0000)]
Update config regress test now that aspa-set syntax changed.
OK tb@

21 months agoRemove 'allow' from aspa-set provider-set lists. That keyword is no longer
claudio [Fri, 20 Jan 2023 15:42:34 +0000 (15:42 +0000)]
Remove 'allow' from aspa-set provider-set lists. That keyword is no longer
needed.
OK tb@

21 months agoDocument the aspa-set table. While there remove the superfluous 'allow'
claudio [Fri, 20 Jan 2023 15:41:33 +0000 (15:41 +0000)]
Document the aspa-set table. While there remove the superfluous 'allow'
keyword.
OK tb@

21 months agoWhen ppb(4) detaches, make its bus range available again even if it was
kettenis [Fri, 20 Jan 2023 15:11:44 +0000 (15:11 +0000)]
When ppb(4) detaches, make its bus range available again even if it was
configured by the firmware and pre-allocated by our parent pci(4) bus.

Fixes unplugging and replugging thunderbolt devices that were plugged in
when the machine was booted.

ok mlarkin@, deraadt@, miod@

21 months agochar * -> const char * parameters where clang doesn't complain.
krw [Fri, 20 Jan 2023 14:35:43 +0000 (14:35 +0000)]
char * -> const char * parameters where clang doesn't complain.

21 months agoRemove unused code.
jsing [Fri, 20 Jan 2023 12:16:46 +0000 (12:16 +0000)]
Remove unused code.

ok tb@

21 months agocomma space not space comma
claudio [Fri, 20 Jan 2023 10:30:41 +0000 (10:30 +0000)]
comma space not space comma

21 months agoBad indent
claudio [Fri, 20 Jan 2023 10:28:22 +0000 (10:28 +0000)]
Bad indent

21 months agoReplace BN_DIV3W with HAVE_BN_DIV_3_WORDS (in bn_arch.h).
jsing [Fri, 20 Jan 2023 10:07:52 +0000 (10:07 +0000)]
Replace BN_DIV3W with HAVE_BN_DIV_3_WORDS (in bn_arch.h).

ok tb@

21 months agoProvide a per machine bn_arch.h.
jsing [Fri, 20 Jan 2023 10:04:33 +0000 (10:04 +0000)]
Provide a per machine bn_arch.h.

This will provide a location for machine specific defines, prototypes and
inline functions.

ok tb@

21 months agoReorder functions.
jsing [Fri, 20 Jan 2023 10:00:51 +0000 (10:00 +0000)]
Reorder functions.

No functional change.

21 months agoremove extra tab
claudio [Fri, 20 Jan 2023 09:54:43 +0000 (09:54 +0000)]
remove extra tab

21 months agoReorder functions for easier maintenance.
jsing [Fri, 20 Jan 2023 04:49:48 +0000 (04:49 +0000)]
Reorder functions for easier maintenance.

No functional change.

21 months agoRevert previous commit (but leave the man page around); llvm-strip behaves
kettenis [Thu, 19 Jan 2023 22:54:45 +0000 (22:54 +0000)]
Revert previous commit (but leave the man page around); llvm-strip behaves
differently on files that are hardlinked and this is tripping up ports.

requested by naddy@

21 months agoRevise implementation of pmap_protect(9) in preparation for execute-only
kettenis [Thu, 19 Jan 2023 20:17:11 +0000 (20:17 +0000)]
Revise implementation of pmap_protect(9) in preparation for execute-only
support.  The current implementation doesn't handle the transition from
RWX to RW correctly.  Also generalize the pmap_write_protect() function
in recognition of the fact that execute permission, write permission,
and in the future read permission on executable pages, are handled by
separate bits.

ok deraadt@, mpi@

21 months agoRestrict vmm(4) exposed cpuid extended feature flags.
dv [Thu, 19 Jan 2023 15:52:51 +0000 (15:52 +0000)]
Restrict vmm(4) exposed cpuid extended feature flags.

We don't emulate or support most of the EAX=7,ECX=0 feature bits,
so restrict the mask further to just UMIP.

ok deraadt@

21 months agoDo not use unsupported __attribute__((warn_unused_result)) on gcc3.
aoyama [Thu, 19 Jan 2023 10:59:24 +0000 (10:59 +0000)]
Do not use unsupported __attribute__((warn_unused_result)) on gcc3.

This prevents building libfido2 stops with error on luna88k because it
is compiled with -Werror option.

ok, and better #if condition by miod@

21 months agoCheck if we can copy sshd or need to use sudo to do so during reexec
dtucker [Thu, 19 Jan 2023 07:53:45 +0000 (07:53 +0000)]
Check if we can copy sshd or need to use sudo to do so during reexec
test. Skip test if neither can work.  Patch from anton@, tweaks from me.

21 months agoRemove more unused assembly generation scripts.
jsing [Thu, 19 Jan 2023 04:51:31 +0000 (04:51 +0000)]
Remove more unused assembly generation scripts.

21 months agoRemove various unused assembly files and assembly generation scripts.
jsing [Thu, 19 Jan 2023 04:43:24 +0000 (04:43 +0000)]
Remove various unused assembly files and assembly generation scripts.

These are just creating clutter and cause grep noise.

ok miod@

21 months agodrm/i915: Fix CFI violations in gt_sysfs
jsg [Thu, 19 Jan 2023 00:36:23 +0000 (00:36 +0000)]
drm/i915: Fix CFI violations in gt_sysfs

From Nathan Chancellor
3925336af00f79fb7f3a390b6ab30d455d32d863 in linux-6.1.y/6.1.7
a8a4f0467d706fc22d286dfa973946e5944b793c in mainline linux

21 months agodrm/amdgpu: Fix potential NULL dereference
jsg [Thu, 19 Jan 2023 00:32:55 +0000 (00:32 +0000)]
drm/amdgpu: Fix potential NULL dereference

From Luben Tuikov
f2faf0699af78968a27ca154bf76e94247f8c471 in linux-6.1.y/6.1.7
0be7ed8e7eb15282b5d0f6fdfea884db594ea9bf in mainline linux

21 months agodrm/amdgpu: enable VCN DPG for GC IP v11.0.4
jsg [Thu, 19 Jan 2023 00:31:30 +0000 (00:31 +0000)]
drm/amdgpu: enable VCN DPG for GC IP v11.0.4

From Saleemkhan Jamadar
309278736f35f0937d6338d5986a6a4a48e90d2f in linux-6.1.y/6.1.7
e1d900df63adcb748905131dd6258e570e11aed1 in mainline linux

21 months agodrm/amdgpu: Enable pg/cg flags on GC11_0_4 for VCN
jsg [Thu, 19 Jan 2023 00:29:55 +0000 (00:29 +0000)]
drm/amdgpu: Enable pg/cg flags on GC11_0_4 for VCN

From Saleemkhan Jamadar
e30be0ada6e2a55e8581aa55860afc6cf5183300 in linux-6.1.y/6.1.7
2a0fe2ca6e9c9bf9c47a9f9f0d67c13281a13f8c in mainline linux

21 months agodrm/amdgpu: add soc21 common ip block support for GC 11.0.4
jsg [Thu, 19 Jan 2023 00:28:00 +0000 (00:28 +0000)]
drm/amdgpu: add soc21 common ip block support for GC 11.0.4

From Yifan Zhang
6ef4543f1f3b21b108021f3dec9bd02bf9f200ee in linux-6.1.y/6.1.7
311d52367d0a7985ee1132662bad46f09169eed2 in mainline linux

21 months agodrm/amd/pm: enable GPO dynamic control support for SMU13.0.7
jsg [Thu, 19 Jan 2023 00:26:25 +0000 (00:26 +0000)]
drm/amd/pm: enable GPO dynamic control support for SMU13.0.7

From Evan Quan
d90de26bdc97a51a195116428fbb4776394f79a7 in linux-6.1.y/6.1.7
62b9f835a6c60171845642afec4ce4b44865f10f in mainline linux

21 months agodrm/amd/pm: enable GPO dynamic control support for SMU13.0.0
jsg [Thu, 19 Jan 2023 00:24:35 +0000 (00:24 +0000)]
drm/amd/pm: enable GPO dynamic control support for SMU13.0.0

From Evan Quan
d167ce6c47db12de69d2c2e7bdde9e608183d2a1 in linux-6.1.y/6.1.7
1794f6a9535bb5234c2b747d1bc6dad03249245a in mainline linux

21 months agodrm/amd/pm: Enable bad memory page/channel recording support for smu v13_0_0
jsg [Thu, 19 Jan 2023 00:22:50 +0000 (00:22 +0000)]
drm/amd/pm: Enable bad memory page/channel recording support for smu v13_0_0

From Candice Li
5e594dbf6e76cf0b75ab4cff2e5d42a3f63963a5 in linux-6.1.y/6.1.7
48aa62f07467c8fcd4b4ec7851e13c83e89a1558 in mainline linux

21 months agodrm/amd/pm: enable mode1 reset on smu_v13_0_10
jsg [Thu, 19 Jan 2023 00:20:35 +0000 (00:20 +0000)]
drm/amd/pm: enable mode1 reset on smu_v13_0_10

From Kenneth Feng
e59d46eed1d930318f36a90138898f7fa7730389 in linux-6.1.y/6.1.7
60cfad329ab877cb62975ea78ed442c2496990ba in mainline linux

21 months agoThe binutils strip damages GNU_RELRO on binaries linked by ld.lld on at
kettenis [Thu, 19 Jan 2023 00:18:19 +0000 (00:18 +0000)]
The binutils strip damages GNU_RELRO on binaries linked by ld.lld on at
least amd64.  Fix this by switching to the llvm strip on architectures
that use ld.lld.

ok deraadt@

21 months agodrm/i915/gt: Cleanup partial engine discovery failures
jsg [Thu, 19 Jan 2023 00:17:47 +0000 (00:17 +0000)]
drm/i915/gt: Cleanup partial engine discovery failures

From Chris Wilson
5c855bcc730656c4b7d30aaddcd0eafc7003e112 in linux-6.1.y/6.1.7
78a033433a5ae4fee85511ee075bc9a48312c79e in mainline linux

21 months agoRevert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10 properly""
jsg [Thu, 19 Jan 2023 00:15:38 +0000 (00:15 +0000)]
Revert "drm/amdgpu: Revert "drm/amdgpu: getting fan speed pwm for vega10 properly""

From Alex Deucher
f905e03c8ff65d80c24f42d8b93df3cec5a7ab12 in linux-6.1.y/6.1.7
30b8e7b8ee3be003e0df85c857c5cd0e0bd58b82 in mainline linux

21 months agodrm/amd/display: move remaining FPU code to dml folder
jsg [Thu, 19 Jan 2023 00:08:33 +0000 (00:08 +0000)]
drm/amd/display: move remaining FPU code to dml folder

From Ao Zhong
69a75087cd1f10d5be07527f7ed7ed38db429d7e in linux-6.1.y/6.1.7
58ddbecb14c792b7fe0d92ae5e25c9179d62ff25 in mainline linux

21 months agodrm/amd/pm: add the missing mapping for PPT feature on SMU13.0.0 and 13.0.7
jsg [Thu, 19 Jan 2023 00:05:52 +0000 (00:05 +0000)]
drm/amd/pm: add the missing mapping for PPT feature on SMU13.0.0 and 13.0.7

From Evan Quan
363781f72d46c3762d7c0fd8fc13f27dce47f5cf in linux-6.1.y/6.1.7
318ca20893c19ead02845a08204c3f9249bb74cd in mainline linux

21 months agodrm/amd/pm: correct the reference clock for fan speed(rpm) calculation
jsg [Thu, 19 Jan 2023 00:03:51 +0000 (00:03 +0000)]
drm/amd/pm: correct the reference clock for fan speed(rpm) calculation

From Evan Quan
b435f68e415ca5e17e3425893ea991720a43b595 in linux-6.1.y/6.1.7
6fea87637bf36bd285227f490132e83582ab7513 in mainline linux

21 months agodrm/amdgpu: Fixed bug on error when unloading amdgpu
jsg [Thu, 19 Jan 2023 00:01:58 +0000 (00:01 +0000)]
drm/amdgpu: Fixed bug on error when unloading amdgpu

From YiPeng Chai
9196eb7c52e55749a332974f0081f77d53d60199 in linux-6.1.y/6.1.7
99f1a36c90a7524972be5a028424c57fa17753ee in mainline linux

21 months agodrm/amd: Delay removal of the firmware framebuffer
jsg [Thu, 19 Jan 2023 00:00:06 +0000 (00:00 +0000)]
drm/amd: Delay removal of the firmware framebuffer

From Mario Limonciello
dcfeba477b3e3df526e0f543b58fa71c045dff8b in linux-6.1.y/6.1.7
1923bc5a56daeeabd7e9093bad2febcd6af2416a in mainline linux

21 months agodrm/i915: Fix potential context UAFs
jsg [Wed, 18 Jan 2023 23:58:45 +0000 (23:58 +0000)]
drm/i915: Fix potential context UAFs

From Rob Clark
b696c627b3f56e173f7f70b8487d66da8ff22506 in linux-6.1.y/6.1.7
afce71ff6daa9c0f852df0727fe32c6fb107f0fa in mainline linux

21 months agodrm/i915: Reserve enough fence slot for i915_vma_unbind_async
jsg [Wed, 18 Jan 2023 23:56:45 +0000 (23:56 +0000)]
drm/i915: Reserve enough fence slot for i915_vma_unbind_async

From Nirmoy Das
8874730ecefe295931a681a0ae749cda53653078 in linux-6.1.y/6.1.7
476fdcdaaae7b06c780cdfc234c704107f16c529 in mainline linux

21 months agodrm/i915/gt: Reset twice
jsg [Wed, 18 Jan 2023 23:55:06 +0000 (23:55 +0000)]
drm/i915/gt: Reset twice

From Chris Wilson
4009502c091c1543ae8708a12d1a97583ae411ac in linux-6.1.y/6.1.7
d3de5616d36462a646f5b360ba82d3b09ff668eb in mainline linux

21 months agodrm: Optimize drm buddy top-down allocation method
jsg [Wed, 18 Jan 2023 23:53:43 +0000 (23:53 +0000)]
drm: Optimize drm buddy top-down allocation method

From Arunpravin Paneer Selvam
42526442fe3ed9c2487a2a475cb4a6f463ce2eaf in linux-6.1.y/6.1.7
5640e81607152d7f2d2558227c0f6cb78b8f39cf in mainline linux

21 months agodrm/amd/pm/smu13: BACO is supported when it's in BACO state
jsg [Wed, 18 Jan 2023 23:51:35 +0000 (23:51 +0000)]
drm/amd/pm/smu13: BACO is supported when it's in BACO state

From Guchun Chen
b8e6fc445990dce368950bd9553b31f46b50285e in linux-6.1.y/6.1.7
972fb53d3605eb6cdf0d6ae9a52e910626a91ff7 in mainline linux

21 months agoadd __list_add() for 6.1.7 drm
jsg [Wed, 18 Jan 2023 23:47:25 +0000 (23:47 +0000)]
add __list_add() for 6.1.7 drm

21 months agoThese days bge_stop() calls intr_barrier(9). So in bge_detach() we need
kettenis [Wed, 18 Jan 2023 23:31:37 +0000 (23:31 +0000)]
These days bge_stop() calls intr_barrier(9).  So in bge_detach() we need
to disestablish the interrupt *after* calling bge_stop().

ok deraadt@

21 months agochange BIOSF_SMBIOS bit flag from 6 to 8
jsg [Wed, 18 Jan 2023 23:25:32 +0000 (23:25 +0000)]
change BIOSF_SMBIOS bit flag from 6 to 8
matches tom@'s i386 rev 1.47 change

21 months agoremove redundant SIOCS80211JOIN ioctl call in ifconfig delifjoinlist()
stsp [Wed, 18 Jan 2023 21:57:10 +0000 (21:57 +0000)]
remove redundant SIOCS80211JOIN ioctl call in ifconfig delifjoinlist()
Found by Mathias Koehler, thanks!

21 months agodelete useless dependency
deraadt [Wed, 18 Jan 2023 20:56:36 +0000 (20:56 +0000)]
delete useless dependency

21 months agosync
deraadt [Wed, 18 Jan 2023 20:45:25 +0000 (20:45 +0000)]
sync

21 months agoprocess the sshd random-relink kit if it is found. sshd's text segment
deraadt [Wed, 18 Jan 2023 20:44:40 +0000 (20:44 +0000)]
process the sshd random-relink kit if it is found.  sshd's text segment
is now garbled, and in the future xonly univirse you'll have poor success
downloading it or libc to know where gadgets are.
ok djm

21 months agoCreate and install sshd random relink kit.
deraadt [Wed, 18 Jan 2023 20:43:15 +0000 (20:43 +0000)]
Create and install sshd random relink kit.
../Makefile.inc and Makfile are concatenated for reuse, which hopefully won't
be too fragile, we'll see if we need a different approach.
The resulting sshd binary is tested with the new sshd -V option before
installation.  As the binary layout is now semi-unknown (meaning
relative, fixed, and gadget offsets are not precisely known), change
the filesystem permissions to 511 to prevent what I call "logged in BROP".
I have ideas for improving this further but this is a first step
ok djm

21 months agoAdd xonly tests, initially written by deraadt@. Tweaked by me to fit and
anton [Wed, 18 Jan 2023 19:18:49 +0000 (19:18 +0000)]
Add xonly tests, initially written by deraadt@. Tweaked by me to fit and
the regress framework and allowing the expected outcome to be enumerated
per architecture. Currently limited to amd64 and arm64.

21 months agomips64: simplify cp0_rearm_int5(), cp0_trigger_int5_masked()
cheloha [Wed, 18 Jan 2023 19:12:43 +0000 (19:12 +0000)]
mips64: simplify cp0_rearm_int5(), cp0_trigger_int5_masked()

The tangle of branches in cp0_rearm_int5() can be simplified to:

if cycles <= t1 - t0, we missed

We can simplify cp0_trigger_int5_masked() in the same way.

ok visa@

21 months agoRequire version 4 UUIDs as RRDP session IDs
job [Wed, 18 Jan 2023 18:12:20 +0000 (18:12 +0000)]
Require version 4 UUIDs as RRDP session IDs

OK tb@

21 months agoUse the vstate of the filterstate struct instead of passing an extra copy
claudio [Wed, 18 Jan 2023 17:40:17 +0000 (17:40 +0000)]
Use the vstate of the filterstate struct instead of passing an extra copy
to the various prefix update functions.
While there fix a filterstate leak in up_generate_updates().
With and OK tb@

21 months agoImprove pending checks in poll loop by ordering them by trigger frequency
claudio [Wed, 18 Jan 2023 13:20:00 +0000 (13:20 +0000)]
Improve pending checks in poll loop by ordering them by trigger frequency
and by making peer_imsg_pending() a true O(1) function.
OK tb@

21 months agoUse ROUNDDOWN() to round down to cylinder boundary.
krw [Wed, 18 Jan 2023 12:59:16 +0000 (12:59 +0000)]
Use ROUNDDOWN() to round down to cylinder boundary.

21 months agoInstead of mapping WSEMUL_UNDERLINE to a different bit in rasops, use
nicm [Wed, 18 Jan 2023 11:08:49 +0000 (11:08 +0000)]
Instead of mapping WSEMUL_UNDERLINE to a different bit in rasops, use
the same bit and the define. rom Crystal Kolipe kolipe.c at
exoticsilicon dot com.

ok miod

21 months agoTypofix array length syntax, spotted by afresh1
kn [Wed, 18 Jan 2023 10:30:20 +0000 (10:30 +0000)]
Typofix array length syntax, spotted by afresh1

21 months agoAdjust how gcc4 handles the "missing braces around initializer" warning.
claudio [Wed, 18 Jan 2023 10:27:05 +0000 (10:27 +0000)]
Adjust how gcc4 handles the "missing braces around initializer" warning.

In c99 any value can be initalised using a { 0 } constructor independent
of the type. Now if a struct's first member is another struct then gcc4
issues the above warning but it should not do that.

Move the warning check from push_init_level() to pop_init_level() and
check if either { 0 } or { } was used. If additional implicit braces
were added surpress the warning.

Inspired by gcc PR#64709
OK deraadt@ miod@

21 months agoThe default output format is -o (openbgpd) but it now includes both
claudio [Wed, 18 Jan 2023 10:13:46 +0000 (10:13 +0000)]
The default output format is -o (openbgpd) but it now includes both
roa-set and aspa-set by default. So make the man page less specific.
OK tb@ job@ kn@

21 months agotweak previous; ok djm
jmc [Wed, 18 Jan 2023 06:55:32 +0000 (06:55 +0000)]
tweak previous; ok djm

21 months agoBring in a description of bn_words_3_div().
jsing [Wed, 18 Jan 2023 05:29:48 +0000 (05:29 +0000)]
Bring in a description of bn_words_3_div().

This comes from OpenSSL commit 3da2e9c4ee45989a426ff513dc6c6250d1e460de.

ok tb@

21 months agoStart cleaning up BN_div_internal().
jsing [Wed, 18 Jan 2023 05:27:30 +0000 (05:27 +0000)]
Start cleaning up BN_div_internal().

Always provide a bn_div_3_words() function, rather than having deeply
nested compiler conditionals. Use readable variable names, clean up
formatting and use a single exit path.

Tested on various platforms by miod@

ok tb@

21 months agoDo on i386 as we do on amd64. This is done on variable cpu_pae, which
deraadt [Wed, 18 Jan 2023 05:06:44 +0000 (05:06 +0000)]
Do on i386 as we do on amd64.  This is done on variable cpu_pae, which
indicates the "PAE" pmap is being used, which only happens if the cpu
has both PAE and NX.
On i386 machines without the NX feature enabled, we can't distinguish
between page faults as a result of instruction fetches or normal data
access.  Handle this in the same way as we do on landisk: if handling
the fault with access type PROT_READ fails, retry with PROT_EXEC.
Fortunately we know whether NX is enabled or nor so only do this when
it isn't.
ok kettenis, jsg

21 months agowhen restoring non-blocking mode to stdio fds, restore exactly
djm [Wed, 18 Jan 2023 02:00:10 +0000 (02:00 +0000)]
when restoring non-blocking mode to stdio fds, restore exactly
the flags that ssh started with and don't just clobber them with
zero, as this could also remove the append flag from the set;

bz3523; ok dtucker@

21 months agoAdd a -V (version) option to sshd like the ssh client has.
millert [Wed, 18 Jan 2023 01:50:21 +0000 (01:50 +0000)]
Add a -V (version) option to sshd like the ssh client has.
OK markus@ deraadt@

21 months agoUse ROUNDUP() to round up to cylinder boundary.
krw [Wed, 18 Jan 2023 00:48:14 +0000 (00:48 +0000)]
Use ROUNDUP() to round up to cylinder boundary.

21 months agorpki-client: explicitly enable policy checks
tb [Wed, 18 Jan 2023 00:27:10 +0000 (00:27 +0000)]
rpki-client: explicitly enable policy checks

In x509_verify.c r1.62, beck disabled policy checks by default in the new
X.509 verifier to match the behavior of the legacy validator and OpenSSL.
In order to keep policy checks as mandated by RFC 7318, we need to opt
into them explicitly.

ok beck

21 months agoNuke unused MAXIMUM(). Add ROUNDUP() and ROUNDDOWN().
krw [Tue, 17 Jan 2023 23:56:51 +0000 (23:56 +0000)]
Nuke unused MAXIMUM(). Add ROUNDUP() and ROUNDDOWN().

21 months agoDon't do policy checking unless we were asked to do so.
beck [Tue, 17 Jan 2023 23:49:28 +0000 (23:49 +0000)]
Don't do policy checking unless we were asked to do so.

ok tb@

21 months agoinclude isadma.h not isa.h
jsg [Tue, 17 Jan 2023 23:39:30 +0000 (23:39 +0000)]
include isadma.h not isa.h
missed in rev 1.5 when #if NISA became #if NISADMA
not a problem in practice as isavar.h includes isadma.h

ok miod@ deraadt@ millert@

21 months agotest NSDMMC not SDMMC
jsg [Tue, 17 Jan 2023 23:12:37 +0000 (23:12 +0000)]
test NSDMMC not SDMMC
ok miod@ deraadt@

21 months agosync
deraadt [Tue, 17 Jan 2023 19:51:37 +0000 (19:51 +0000)]
sync

21 months agoSimplify and clarify the implementation of the pmap_page_protect(9) API.
kettenis [Tue, 17 Jan 2023 19:29:09 +0000 (19:29 +0000)]
Simplify and clarify the implementation of the pmap_page_protect(9) API.
This function is only ever called with PROT_NONE or PROT_READ where
PROT_NONE removes the mapping from the page tables and PROT_READ takes
away write permission.  Add a KASSERT to make sure no other values are
passed.  This KASSERT should be optimized away by any decent compiler.

ok deraadt@, mpi@, guenther@

21 months agoFor "ssh -V" always exit 0, there is no need to check opt again.
millert [Tue, 17 Jan 2023 18:52:44 +0000 (18:52 +0000)]
For "ssh -V" always exit 0, there is no need to check opt again.
This was missed when the fallthrough in the switch case above it
was removed.  OK deraadt@

21 months agoAdd debug FUNCS_ONLY knob
kn [Tue, 17 Jan 2023 16:22:56 +0000 (16:22 +0000)]
Add debug FUNCS_ONLY knob

Hacking on the installer while running it is a lot easier when you can
inspect or run functions directly without paging the whole script or
poking around in it with ed.

install.sub is already structured so that all functions come first,
then MD code, then actual commands.

Copy FUNCS_ONLY from rc.subr(8) so you can drop out any time and hack around
more conveniently:

Available disks are: sd0 sd1.
Which disk is the root disk? ('?' for details) [sd0] !
Type 'exit' to return to install.
test# FUNCS_ONLY=1 . /install.sub
test# typeset -f get_dkdevs
get_dkdevs() {
    echo $(scan_disknames "${MDDKDEVS:-/^[sw]d[0-9][0-9]* /s/ .*//p}")
}
test# get_dkdevs
sd0 sd1
test#

This requires the sourcing shell to be ksh(1) or sh(1) with 'strict Bourne
shell mode' disabled.  '!' is ksh now, but the initial (S)hell answer still
lands in a strict (default) sh(1) -- that can/should be fixed separately.

OK deraadt

21 months agopax: Switch a function definition from K&R to ANSI.
tb [Tue, 17 Jan 2023 16:20:28 +0000 (16:20 +0000)]
pax: Switch a function definition from K&R to ANSI.

21 months agoSkip all interface config questions when there are none
kn [Tue, 17 Jan 2023 16:14:23 +0000 (16:14 +0000)]
Skip all interface config questions when there are none

Even without any interfaces the installer still asks for one and only
continues when the only possible answer 'done' is provided.

That means one mandatory but useless answer during installations like
# vmctl start -c -d ./install72.img -d ./disk.img test
...
System hostname? (short form, e.g. 'foo') test

Available network interfaces are:  .
Network interface to configure? (name, lladdr, '?', or 'done')
A response is required.
Network interface to configure? (name, lladdr, '?', or 'done') ?
Available network interfaces are:  .
Network interface to configure? (name, lladdr, '?', or 'done') done
DNS domain name? (e.g. 'example.com') [my.domain]
...

Skip it when there is no viable answer:
# vmctl start -c -d ./install72.img -d ./disk.img test
...
System hostname? (short form, e.g. 'foo') test

DNS domain name? (e.g. 'example.com') [my.domain]
...

OK deraadt

21 months agoAdd a dummy stub for getmonotime(). Reminded by tb@
claudio [Tue, 17 Jan 2023 16:11:52 +0000 (16:11 +0000)]
Add a dummy stub for getmonotime(). Reminded by tb@

21 months agoTeach bgpctl about ASPA tables.
claudio [Tue, 17 Jan 2023 16:09:34 +0000 (16:09 +0000)]
Teach bgpctl about ASPA tables.
OK tb@

21 months agoAdd the needed logic to load the ASPA table from the rtr process into the
claudio [Tue, 17 Jan 2023 16:09:01 +0000 (16:09 +0000)]
Add the needed logic to load the ASPA table from the rtr process into the
RDE. The actual reload logic is missing to keep the diff small.
OK tb@

21 months agoRemove non-visible and unused OPENSSL_wipe_cpu and OPENSSL_atomic_add
miod [Tue, 17 Jan 2023 15:04:27 +0000 (15:04 +0000)]
Remove non-visible and unused OPENSSL_wipe_cpu and OPENSSL_atomic_add
interfaces, and remove empty assembly OPENSSL_cpuid_setup routines - the
default empty C fallback will work as good.

ok jsing@

21 months agoArguments may contain more than one variable assignment
kn [Tue, 17 Jan 2023 13:03:22 +0000 (13:03 +0000)]
Arguments may contain more than one variable assignment

`make FOO=1 BAR=2 ...' works as expected and lots of things wouldn't work
if make only accepted a single assignment, as currently documented.

Fix SYNOPSIS and usage to match reality and POSIX spec (thanks jmc).

OK jmc

21 months agoSupport -1 without -N for list-keys.
nicm [Tue, 17 Jan 2023 10:40:51 +0000 (10:40 +0000)]
Support -1 without -N for list-keys.

21 months agoalso check that an active session inhibits UnusedConnectionTimeout
djm [Tue, 17 Jan 2023 10:15:10 +0000 (10:15 +0000)]
also check that an active session inhibits UnusedConnectionTimeout
idea markus@

21 months agoremove elansc(4) driver for AMD Elan SC520 System Controller
jsg [Tue, 17 Jan 2023 10:10:10 +0000 (10:10 +0000)]
remove elansc(4) driver for AMD Elan SC520 System Controller

AMD Elan SC520 has a Am5x86, 486-class processor.  We require a
586-class processor.

feedback from jmc@ ok miod@

21 months agoregression test for UnusedConnectionTimeout
djm [Tue, 17 Jan 2023 10:02:34 +0000 (10:02 +0000)]
regression test for UnusedConnectionTimeout

21 months agoAdd a sshd_config UnusedConnectionTimeout option to terminate
djm [Tue, 17 Jan 2023 09:44:48 +0000 (09:44 +0000)]
Add a sshd_config UnusedConnectionTimeout option to terminate
client connections that have no open channels for some length
of time. This complements the recently-added ChannelTimeout
option that terminates inactive channels after a timeout.

ok markus@

21 months agoOn amd64 machines without the NX feature enabled, we can't distinguish
kettenis [Tue, 17 Jan 2023 08:03:51 +0000 (08:03 +0000)]
On amd64 machines without the NX feature enabled, we can't distinguish
between page faults as a result of instruction fetches or normal data
access.  Handle this in the same way as we do on landisk: if handling
the fault with access type PROT_READ fails, retry with PROT_EXEC.
Fortunately we know whether NX is enabled or nor so only do this when
it isn't.  Nobody should be running an amd64 machine without NX!

ok deraadt@, miod@

21 months agoUpdate palette when moving a pane, GitHub issue 3437.
nicm [Tue, 17 Jan 2023 06:50:55 +0000 (06:50 +0000)]
Update palette when moving a pane, GitHub issue 3437.