tb [Thu, 30 Jun 2022 11:25:52 +0000 (11:25 +0000)]
Rename variable from tls_version to version since it could also be
a DTLS version at this point.
tb [Thu, 30 Jun 2022 11:18:38 +0000 (11:18 +0000)]
Check whether the security level allows session tickets.
ok beck jsing
tb [Thu, 30 Jun 2022 11:17:49 +0000 (11:17 +0000)]
Add checks to ensure we do not initiate or negotiate handshakes with
versions below the minimum required by the security level.
input & ok jsing
tb [Thu, 30 Jun 2022 11:14:47 +0000 (11:14 +0000)]
Replace obj_mac.h with object.h
Pointed out by and ok jsing
florian [Thu, 30 Jun 2022 10:49:39 +0000 (10:49 +0000)]
Update to nsd 4.6.0; OK sthen
job [Thu, 30 Jun 2022 10:27:52 +0000 (10:27 +0000)]
zap whitespace
nicm [Thu, 30 Jun 2022 09:55:53 +0000 (09:55 +0000)]
Add support for OSC 8 hyperlinks (a VTE extension now supported by other
terminals such as iTerm2). Originally written by me then extended and
completed by first Will Noble and later Jeff Chiang. GitHub issues 911,
2621, 2890, 3240.
martijn [Thu, 30 Jun 2022 09:42:19 +0000 (09:42 +0000)]
Rewrite smi_print_element to be more concise and complete.
Keep the old implementation around as smi_print_element_legacy for the
trap handler scripts, so these don't break.
Should help with request tracing.
OK sthen@
mlarkin [Thu, 30 Jun 2022 09:38:22 +0000 (09:38 +0000)]
amd64 pmap: Zero out the EPTP on pmap_create
Non-EPT pmaps were picking up old EPTPs from previous owners.
This doesn't cause any problems but makes debugging harder.
ok dv@
beck [Thu, 30 Jun 2022 09:13:49 +0000 (09:13 +0000)]
Add valid time test from ruby regress, and check ASN1_time_to_tm
against recorded time value.
tb [Thu, 30 Jun 2022 09:08:35 +0000 (09:08 +0000)]
Rename use_* to ssl_use_* for consistency.
discussed with jsing
beck [Thu, 30 Jun 2022 08:41:01 +0000 (08:41 +0000)]
add valid utc time that should fail to parse as generalized
beck [Thu, 30 Jun 2022 08:32:26 +0000 (08:32 +0000)]
Add tests for times missing seconds, and to be able to test
invalid generalized times specifically
tb [Thu, 30 Jun 2022 08:25:56 +0000 (08:25 +0000)]
whitespace nit
florian [Thu, 30 Jun 2022 08:21:37 +0000 (08:21 +0000)]
Track doc/README, makes merging new releases easier.
OK sthen
job [Thu, 30 Jun 2022 07:55:48 +0000 (07:55 +0000)]
Fix err()
OK claudio@
claudio [Thu, 30 Jun 2022 07:42:50 +0000 (07:42 +0000)]
Fix interval timers by forcing TZ to UTC, else some strftime formats
print strange offsets.
While there rework the main loop to only use localtime and now.
Calculate the relative time offset for -m mode just once at startup.
OK sthen@ job@
tb [Thu, 30 Jun 2022 07:28:38 +0000 (07:28 +0000)]
With recent a_time_tm.c changes, we also need the bytestring API.
tb [Thu, 30 Jun 2022 07:09:45 +0000 (07:09 +0000)]
Remove obj_mac.h include. Requested by jsing
bluhm [Wed, 29 Jun 2022 22:45:24 +0000 (22:45 +0000)]
Pass a pointer to mbuf pointer further down into ip6_process_hopopts()
and ip6_unknown_opt(). Instead of having dangling pointer in caller,
use m_freemp() to set mbuf to NULL.
OK sashan@
bluhm [Wed, 29 Jun 2022 22:20:47 +0000 (22:20 +0000)]
Between the calls to art_match() and SRPL_FIRST() another CPU may
remove the route from the list. In rtable_match() check if the
route entry is NULL.
discussed with mpi@ jmatthew@ claudio@; OK mpi@
tb [Wed, 29 Jun 2022 21:19:21 +0000 (21:19 +0000)]
Don't check the signature if a cert is self signed.
ok beck jsing
tb [Wed, 29 Jun 2022 21:18:04 +0000 (21:18 +0000)]
Make ssl_cert_add{0,1}_chain_cert() take ssl/ctx
ok beck jsing
tb [Wed, 29 Jun 2022 21:17:22 +0000 (21:17 +0000)]
ssl_cert_set{0,1}_chain() take ssl/ctx
ok beck jsing
tb [Wed, 29 Jun 2022 21:16:30 +0000 (21:16 +0000)]
Add a security check to ssl_set_cert()
ok beck jsing
tb [Wed, 29 Jun 2022 21:13:34 +0000 (21:13 +0000)]
Make ssl_set_{cert,pkey} take an ssl/ctx
ok beck jsing
tb [Wed, 29 Jun 2022 21:12:19 +0000 (21:12 +0000)]
Refactor use_certificate_chain_* to take ssl/ctx instead of a cert
ok beck jsing
tb [Wed, 29 Jun 2022 21:10:20 +0000 (21:10 +0000)]
Add functions that check security level in certs and cert chains.
ok beck jsing
tb [Wed, 29 Jun 2022 21:08:07 +0000 (21:08 +0000)]
Make sure the verifier checks the security level in cert chains
ok beck jsing
tb [Wed, 29 Jun 2022 20:06:55 +0000 (20:06 +0000)]
Remove a confusing comment
discussed with jsing
tb [Wed, 29 Jun 2022 20:04:28 +0000 (20:04 +0000)]
Parse the @SECLEVEL=n annotation in cipher strings
To this end, hand the SSL_CERT through about 5 levels of indirection to
set an integer on it.
ok beck jsing
job [Wed, 29 Jun 2022 18:57:30 +0000 (18:57 +0000)]
Manual page improvements from Leon Fischer
yep jmc@
dv [Wed, 29 Jun 2022 17:39:54 +0000 (17:39 +0000)]
vmd(8): fix off by one in vm memory range check
When inspecting if a gpa falls into a known memory range, vmd was
considering it valid 1 byte past the end resulting in selecting the
wrong starting range for the search.
ok mlarkin@
beck [Wed, 29 Jun 2022 17:39:20 +0000 (17:39 +0000)]
Add support for sending QUIC transport parameters
This is the start of adding the boringssl API for QUIC support,
and the TLS extensions necessary to send and receive QUIC transport
data.
Inspired by boringssl's https://boringssl-review.googlesource.com/24464
ok jsing@ tb@
job [Wed, 29 Jun 2022 17:35:44 +0000 (17:35 +0000)]
sync
job [Wed, 29 Jun 2022 16:06:22 +0000 (16:06 +0000)]
Clarify the shorter default format string only applies to -i and -s
mvs [Wed, 29 Jun 2022 16:04:49 +0000 (16:04 +0000)]
Remove switch(4) remains.
ok claudio@ mpi@
job [Wed, 29 Jun 2022 16:01:10 +0000 (16:01 +0000)]
Add -m option to ts(1)
OK claudio@
tb [Wed, 29 Jun 2022 15:06:18 +0000 (15:06 +0000)]
Use relative paths so beck can run regress in his git tree and have
the correct ssl_local.h etc be picked up.
dv [Wed, 29 Jun 2022 14:24:29 +0000 (14:24 +0000)]
remove archaic comment from original import of i386 pmap
This comment hasn't been relevant for at least 11 years as there's
no such lock. NetBSD removed the comment 11 years ago. No functional
change.
Discussed with mlarkin@
jca [Wed, 29 Jun 2022 13:07:19 +0000 (13:07 +0000)]
Regen syscalls files as they were meant to be, correcting the "created from:" info
Cluebat from miod@
jca [Wed, 29 Jun 2022 12:17:31 +0000 (12:17 +0000)]
Unlock the pledge(2) system call
Protect the ps_pledge/ps_execpledge fields with ps_mtx. Shuffle the
code to call unveil_destroy() outside the critical section. Only writes
to those fields are protected. Since we may only remove bits from those
fields, garbage values should do no harm even when a read crosses
a write on 32 bits systems.
Input claudio@ kettenis@ deraadt@, ok deraadt@
jca [Wed, 29 Jun 2022 12:06:11 +0000 (12:06 +0000)]
Simplify the locking dance around pledge_syscall()
It doesn't make sense to wrap this function with the kernel lock only
when the syscall to be executed is itself locked. Instead
pledge_syscall() should be always safe to execute without the kernel
lock.
"looks good" kettenis@, ok deraadt@
tb [Wed, 29 Jun 2022 12:03:38 +0000 (12:03 +0000)]
whitespace nit
jca [Wed, 29 Jun 2022 12:01:22 +0000 (12:01 +0000)]
Use READ_ONCE() when saving pr->ps_pledge to a local variable
This prevents the compiler from reloading a possibly different value
from memory. Even if it doesn't matter in this code it's just better
practice. Discussed with kettenis@ and deraadt@, ok deraadt@
tb [Wed, 29 Jun 2022 11:59:23 +0000 (11:59 +0000)]
missing blank line
bluhm [Wed, 29 Jun 2022 11:22:10 +0000 (11:22 +0000)]
Pass down the pointer to mbuf pointer into ip6_hbhchcheck(). This
allows to set the mbuf to NULL and keep it consistent in the caller,
instead of having dangling pointer after free.
OK sashan@
claudio [Wed, 29 Jun 2022 10:48:22 +0000 (10:48 +0000)]
Move the deep check back into the loop. There are ways that even though
we're deep the code will SSTOP and sleep and then on wakeup we need to
recheck the deep conditions.
Issue analyzed and OK by mpi@
Reported-by: syzbot+f7634539e73108238c2a@syzkaller.appspotmail.com
jsg [Wed, 29 Jun 2022 10:04:22 +0000 (10:04 +0000)]
drm/i915: Implement w/a
22010492432 for adl-s
From Ville Syrjala
0895a2235bae6671077c2de94268cccc346005d6 in linux 5.15.y/5.15.51
13bd259b64bb58ae130923ada42ebc19bf3f2fa2 in mainline linux
jsg [Wed, 29 Jun 2022 09:52:23 +0000 (09:52 +0000)]
correct vararg use in kasprintf/kvasprintf
fixes names of some encoders
sthen [Wed, 29 Jun 2022 09:33:18 +0000 (09:33 +0000)]
sync
martijn [Wed, 29 Jun 2022 09:10:13 +0000 (09:10 +0000)]
Use strncasecmp instead of strncmp when comparing the password scheme.
This change could theoretically affect some people who actually have one
of the scheme's in lower case in their password, but this is extremely
unlikely in the real world.
Pointed out by David Diggles (david <at> elven <dot> com <dot> au)
OK sthen@
mvs [Wed, 29 Jun 2022 09:08:07 +0000 (09:08 +0000)]
ether_input() called with shared netlock, but pppoe(4) wants it to be
exclusive. Do the pppoe(4) input within netisr handler with exclusive
netlok held and remove kernel lock hack from ether_input().
This is the step back, but it makes ether_input() path better then it
is now.
Tested by Hrvoje Popovski.
ok bluhm@ claudio@
mvs [Wed, 29 Jun 2022 09:01:48 +0000 (09:01 +0000)]
Nullify `ipsecflowinfo' when mbuf(9) has no ipsec flowinfo data.
Otherwise we use `ipsecflowinfo' obtained from previous packet.
ok claudio@
beck [Wed, 29 Jun 2022 08:56:44 +0000 (08:56 +0000)]
Refactor asn1 time parsing to use CBS - enforce valid times in ASN.1 parsing.
While we're here enforce valid days for months and leap years.
Inspired by same in boringssl.
ok jsing@
job [Wed, 29 Jun 2022 08:39:49 +0000 (08:39 +0000)]
Import ts(1) - a timestamp utility
A from scratch & pledged implementation of the perl 'ts' utility found
in the moreutils collection.
With help from florian@, tb@, and deraadt@
OK deraadt@
tb [Wed, 29 Jun 2022 08:39:08 +0000 (08:39 +0000)]
Also check the security level in SSL_get1_supported_ciphers
ok beck jsing
tb [Wed, 29 Jun 2022 08:38:01 +0000 (08:38 +0000)]
Check security level when convertin a cipher list to bytes
ok beck jsing
tb [Wed, 29 Jun 2022 08:37:18 +0000 (08:37 +0000)]
Also check the security level when choosing a shared cipher
ok beck jsing
tb [Wed, 29 Jun 2022 08:34:04 +0000 (08:34 +0000)]
There's tentacles, tentacles everywhere
ok beck jsing
tb [Wed, 29 Jun 2022 08:30:04 +0000 (08:30 +0000)]
Also check the security level of the 'tmp dh'
ok beck jsing
tb [Wed, 29 Jun 2022 08:27:51 +0000 (08:27 +0000)]
Check the security of DH key shares
ok beck, looks good to jsing
tb [Wed, 29 Jun 2022 07:59:14 +0000 (07:59 +0000)]
Rename one s to ssl for consistency
tb [Wed, 29 Jun 2022 07:55:59 +0000 (07:55 +0000)]
Check sigalg security level when selecting them.
ok beck jsing
tb [Wed, 29 Jun 2022 07:54:54 +0000 (07:54 +0000)]
Check the security bits of the sigalgs' pkey
ok beck jsing
tb [Wed, 29 Jun 2022 07:53:58 +0000 (07:53 +0000)]
Check the security level when building sigalgs
ok beck jsing
tb [Wed, 29 Jun 2022 07:53:00 +0000 (07:53 +0000)]
Annotate sigalgs with their security level.
ok beck jsing
kettenis [Wed, 29 Jun 2022 07:51:54 +0000 (07:51 +0000)]
Add support for using non-standard UARTs (such as the Synopsys DesignWare
UART found on AMD's Ryzen Embedded V1000 family) as an early console.
This requires additional parameters to be passed by the bootloader to the
kernel so it changes the struct for the BOOTARG_CONSDEV boot argument.
The old struct will still be supported until OpenBSD 7.3 has been released
such that new kernels boot with the old bootloader.
ok anton@, deraadt@
kettenis [Wed, 29 Jun 2022 07:44:10 +0000 (07:44 +0000)]
Make bus_space_map(9) work before the pmap is initialized for addresses
below 4G by using the direct map.
ok anton@, deraadt@
anton [Wed, 29 Jun 2022 04:49:51 +0000 (04:49 +0000)]
cope with rtentry refcnt changes
jsg [Wed, 29 Jun 2022 01:05:18 +0000 (01:05 +0000)]
match on Alder Lake-P
ok deraadt@ kettenis@
naddy [Tue, 28 Jun 2022 23:43:12 +0000 (23:43 +0000)]
constify miscellaneous arm64 pin and clock tables
ok miod@
tb [Tue, 28 Jun 2022 21:14:32 +0000 (21:14 +0000)]
Add prototypes for ssl{_ctx,}_security()
ok beck jsing sthen
kettenis [Tue, 28 Jun 2022 21:02:14 +0000 (21:02 +0000)]
Add support for the Synopsys DesignWare UART found on the Ryzen Embedded
V1000 SoCs.
ok anton@
tb [Tue, 28 Jun 2022 20:57:33 +0000 (20:57 +0000)]
Add error code defins
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:54:16 +0000 (20:54 +0000)]
Add a period to a comment
Pointed out by jsing
tb [Tue, 28 Jun 2022 20:53:32 +0000 (20:53 +0000)]
Security level >= 3 requires a ciphersuite with PFS
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:49:16 +0000 (20:49 +0000)]
Add a secop handler for tmp_dh
This disallows DHE keys weaker than 1024 bits at level 0 to match
OpenSSL behavior.
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:46:45 +0000 (20:46 +0000)]
Add security level related error codes.
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:46:05 +0000 (20:46 +0000)]
Sort error strings
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:44:49 +0000 (20:44 +0000)]
Implement ssl{,_ctx}_security()
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:43:21 +0000 (20:43 +0000)]
Copy the security level stuff in ssl_cert_dup()
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:42:22 +0000 (20:42 +0000)]
Set up the default callback in SSL_CERT
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:40:24 +0000 (20:40 +0000)]
Implement the default security level callback
And here is where the fun starts. The tentacles will grow everywhere.
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:36:55 +0000 (20:36 +0000)]
Provide OPENSSL_TLS_SECURITY_LEVEL define
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:34:17 +0000 (20:34 +0000)]
Implement SSL_{CTX_}_{g,s}et_security_level(3)
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:31:43 +0000 (20:31 +0000)]
Add security callback, level and ex_data fields to SSL_CERT
ok beck jsing sthen
tb [Tue, 28 Jun 2022 20:29:27 +0000 (20:29 +0000)]
Add #defines and prototypes for security level API
This marks the start of one of the worst API additions in the history of
this library. And as everybody knows the bar is high. Very high.
ok beck jsing sthen
claudio [Tue, 28 Jun 2022 20:13:03 +0000 (20:13 +0000)]
Add missing colon. Noticed by jmc@
kettenis [Tue, 28 Jun 2022 19:55:22 +0000 (19:55 +0000)]
On the x13s, using the EfiLoaderData memory type for the memory block
that we load the kernel into doesn't work. But changing it to EfiLoaderCode
makes it work. Presumably the firmware creates a mapping with executable
permissions in that case, which is obviously needed for executing kernel
code.
ok patrick@, mlarkin@
kettenis [Tue, 28 Jun 2022 19:50:40 +0000 (19:50 +0000)]
The x13s uses Memory32Fixed() to describe the windows forwarded by the
host bridges. Add support for this.
ok mlarkin@, patrick@
jsing [Tue, 28 Jun 2022 19:44:28 +0000 (19:44 +0000)]
Negate unsigned then cast to signed.
Avoid undefined behaviour by negating the unsigned value, before casting
to int64_t, rather than casting to int64_t then negating.
Fixes oss-fuzz #48499
ok tb@
mpi [Tue, 28 Jun 2022 19:39:54 +0000 (19:39 +0000)]
Make sure uvm_swap_get() always sleep and do not return and error.
If no memory was immediately available to decrypt (bounce) a page from swap
an error was returned to the fault handler which would result in processes
dying when a lot of memory pressure was applied to a system.
Note that reading from swap is always done synchronously.
ok beck@, kettenis@
mpi [Tue, 28 Jun 2022 19:31:30 +0000 (19:31 +0000)]
Consider pmemrange regions when trying to free pages from the inactive list.
Instead of starting with the first page on the inactive list pick the first
one that fits in the range of a given pmemrange region.
Fix an issue where the page daemon would be hogging a CPU without freeing any
page because the global limits are satisfied.
The algorithm could certainly be revisited, the LRU is not really working and
there is a huge delay before recovering when the first pages need to be swapped and the system is in OOM situation but at least there is no starvation and the
system now recovers.
ok beck@, kettenis@
mpi [Tue, 28 Jun 2022 19:23:08 +0000 (19:23 +0000)]
Use new & shiny define for the maximum number of pages of a swap cluster.
ok beck@, kettenis@
mpi [Tue, 28 Jun 2022 19:19:34 +0000 (19:19 +0000)]
Pre-allocate pages in DMA-reachable region to ensure progress in the swapper.
Currently swap encryption is not done in place and some architectures need to
bounce pages into a DMA-reachable region for I/Os, for that uvm_swap_io() needs
to allocate at most 64K to write a swap cluster to disk. Pre-allocate such
amount of memory to be sure the page daemon can make progress in OOM situation.
Also introduce a sleeping point to wait for the previous asynchronous I/O
holding the pre-allocated pages, there's no point in building clusters if no
progress can be made.
ok beck@, kettenis@
mpi [Tue, 28 Jun 2022 19:07:40 +0000 (19:07 +0000)]
Reserve a second segment for the page daemon.
This ensures uvm_swap_io() can succeeds even in OOM situations because two
uvm_pagermapin() allocations, requiring a segment each, are needed to bounce
or encrypt a swap cluster.
ok beck@, kettenis@
claudio [Tue, 28 Jun 2022 18:47:54 +0000 (18:47 +0000)]
Hook up bgplgd into the build
claudio [Tue, 28 Jun 2022 18:46:00 +0000 (18:46 +0000)]
Hook up bgplgd. Uses _bgplgd user with id 71:71 add a rc.d script and
all the other rc plumbing.
OK deraadt@
claudio [Tue, 28 Jun 2022 16:56:29 +0000 (16:56 +0000)]
Fix manpage from jmc@ but also fix the privdrop user to _bgplgd