openbsd
7 months agoAdd more regress coverage for lhash.
jsing [Wed, 8 May 2024 15:13:23 +0000 (15:13 +0000)]
Add more regress coverage for lhash.

7 months agofix iwx(4) monitor mode
stsp [Wed, 8 May 2024 14:03:54 +0000 (14:03 +0000)]
fix iwx(4) monitor mode

Monitor mode was broken by a recent firmware update. Two tweaks make
it work again:

1) The firmware does not like us sending the power-mode command while
in monitor mode and will panic, so simply don't do that.

2) We no longer add two queues while in monitor mode, just one queue
for frame injection. This queue's index will be 1, not 2. Make the
driver expect the correct index to prevent an error when monitor mode
is entered.

tested by jmc@ and myself on iwx ax200

7 months agodisable the regular ieee80211_encap() Tx path in monitor mode
stsp [Wed, 8 May 2024 14:02:59 +0000 (14:02 +0000)]
disable the regular ieee80211_encap() Tx path in monitor mode

Frames injected from user space carry the DLT_IEEE802_11_RADIO
mbuf tag, and are handled as a special case. Do not fall back
to regular encapsulation while we are in monitor mode and the
frame injected by userspace is found to be invalid.

This fixes an issue when iwx(4) runs in monitor mode with addresses
configured on the interface and leaving 11n/11ac mode directly for
monitor mode. In this case, traffic generated by userspace or the
kernel (such as ICMPv6) would trigger Tx attempts, which in turn
would trigger an attempt to set up a block ACK agreement and then
cause a firmware panic.

This points at a related issue where interface configuration state
is not properly cleaned up while switching into monitor mode.
The 11n/11ac interface config should ideally be cleared completely,
preventing block ack from being initiated.

But preventing the stack from trying to send frames down the regular
Tx path in monitor mode is a good idea in general because drivers may
not handle this very well for various reasons, block ack being just one.

tested by jmc@ and myself on iwx ax200

7 months agoRework how action SIG_HOLD is handled in ptsignal.
claudio [Wed, 8 May 2024 13:05:33 +0000 (13:05 +0000)]
Rework how action SIG_HOLD is handled in ptsignal.

Since we want to unlock sigsuspend, ptsignal needs to double check in the
SSLEEP case that the signal being delivered is still masked or unmasked.
Remove the early return for action SIG_HOLD so that the SSLEEP case can
properly recheck the sigmask.

On top of this update siglist only in one place at the end of ptsignal
this now includes the clearing of signals for the SA_CONT and SA_STOP
cases.

OK mpi@

7 months agoFix route leak in ip input.
bluhm [Wed, 8 May 2024 13:01:30 +0000 (13:01 +0000)]
Fix route leak in ip input.

In previous commit when refactoring the route cache, a rtfree() has
been forgotten.  For each forwarded packet the reference counter
of the route entry was increased.  This eventually leads to an
integer overflow and triggers kassert.

reported by and OK jan@

7 months agoAvoid OpenSSL SSL repetitions
tb [Wed, 8 May 2024 09:41:33 +0000 (09:41 +0000)]
Avoid OpenSSL SSL repetitions

with the help of jmc

7 months agoavoid various repetitions in the descriptions of libcrypto and libssl
tb [Wed, 8 May 2024 08:24:23 +0000 (08:24 +0000)]
avoid various repetitions in the descriptions of libcrypto and libssl

with/ok jmc

7 months agoSimplify X509_REQ_get_extensions()
tb [Wed, 8 May 2024 08:20:08 +0000 (08:20 +0000)]
Simplify X509_REQ_get_extensions()

Now that we know the two OIDs we need to look for when checking for the
extension list attribute in a certification request, we can simplify this
quite a bit. There is one change of behavior. Attribute value sets are not
supposed to be empty and it makes no sense to return an empty stack of
extensions in that case, return NULL instead, matching BoringSSL.

This removes last use of ext_nids and ext_nid_list[], so these two bits
of unprotected global mutable state can now join the party in the attic.

ok jsing

7 months agoSimplify X509_REQ_extension_nid()
tb [Wed, 8 May 2024 08:11:50 +0000 (08:11 +0000)]
Simplify X509_REQ_extension_nid()

Now that the global ext_nids[] array can no longer be modified by the
application, we can simplify this by returning the two possible NIDs
that we accept in the extension list attribute in PKCS#10 certification
requests.

The year is 2024. This API is entirely unused by the ecosystem. Well not
entirely! One small village of indomitable rare API use still holds out
against the cleansers. You may have guessed it: security/xca.

ok jsing

7 months agoDefang X509_REQ_{s,g}et_extension_nids()
tb [Wed, 8 May 2024 07:55:10 +0000 (07:55 +0000)]
Defang X509_REQ_{s,g}et_extension_nids()

These fiddle with unprotected global state, so aren't thread safe and
of course there was no good reason to have this API in the first place.
Nothing uses it, so it becomes a noop and will be removed in the next
major bump.

ok jsing

7 months agosymbols test: drop headers that don't define any symbols
tb [Wed, 8 May 2024 06:54:43 +0000 (06:54 +0000)]
symbols test: drop headers that don't define any symbols

7 months agoavoid memcpy(malloc(0), ..., 0), which is not portable.
djm [Tue, 7 May 2024 23:40:53 +0000 (23:40 +0000)]
avoid memcpy(malloc(0), ..., 0), which is not portable.
ok florian@

7 months agoopenssl: toolkit implementing the TLS v1 protocol is weird
tb [Tue, 7 May 2024 21:00:18 +0000 (21:00 +0000)]
openssl: toolkit implementing the TLS v1 protocol is weird

Well, it's a toolkit alright, and a terrible one at that, but TLS v1
(which is this beloved toolkit's name for TLS v1.0) is a thing firmly
from the past, so drop the v1.

7 months agoPEM_read_bio_PrivateKey: fix grammar
tb [Tue, 7 May 2024 20:40:07 +0000 (20:40 +0000)]
PEM_read_bio_PrivateKey: fix grammar

This old [...] routines use [...] -> These old [...] routines [...]

7 months agoAdditional check for TSO packets with 0 MSS.
jan [Tue, 7 May 2024 18:35:23 +0000 (18:35 +0000)]
Additional check for TSO packets with 0 MSS.

Tested by bluhm

ok bluhm@

7 months agorw_enter() with RW_NOSLEEP returns EBUSY and not the expected EWOULDBLOCK
claudio [Tue, 7 May 2024 15:54:23 +0000 (15:54 +0000)]
rw_enter() with RW_NOSLEEP returns EBUSY and not the expected EWOULDBLOCK

This fixes random gmake failures during ports builds caused by:
   gmake[2]: *** read jobs pipe: Device busy.  Stop.
Fix verified by tb@ on his bulk build box
OK mvs@ tb@

7 months agoClear MNT_LOCAL flag on FUSE file system. It can be local or remote, but
mvs [Tue, 7 May 2024 14:27:11 +0000 (14:27 +0000)]
Clear MNT_LOCAL flag on FUSE file system. It can be local or remote, but
kernel can't tell the difference.

From Kirill A. Korinsky

ok claudio mpi

7 months agodrop the MD byte-swap micro-optimizations on clang architectures
naddy [Tue, 7 May 2024 14:26:48 +0000 (14:26 +0000)]
drop the MD byte-swap micro-optimizations on clang architectures

The compiler already translates the generic code into arithmetic
byte-swap instructions or byte-swapping memory load and store
instructions if available on an architecture.

ok deraadt@ guenther@

7 months agoReorder functions and drop static function prototypes.
jsing [Tue, 7 May 2024 13:40:42 +0000 (13:40 +0000)]
Reorder functions and drop static function prototypes.

No functional change.

7 months agoadd smtpd-tables.7 for real; spotted by tb, thanks!
op [Tue, 7 May 2024 12:13:43 +0000 (12:13 +0000)]
add smtpd-tables.7 for real; spotted by tb, thanks!

7 months agochange the smtpd table protocol
op [Tue, 7 May 2024 12:10:06 +0000 (12:10 +0000)]
change the smtpd table protocol

Using imsg for the "proc" table (external programs) has proven quite
painful in practice since a lot of smtpd internals (structs, enums,
etc..) have to be kept in sync with the various tables implementations.

Instead, a filter-like protocol for tables decouples the implementations
and allows to write and test tables easily.

The new text-based transport protocol is documented in the (added)
smtpd-tables(7) manpage.

The old imsg protocol is no longer supported and existing tables have to
be converted.  In particular, users of opensmtpd-extras tables will need
install the new opensmtpd-table-* packages.

With lots of suggestions and improvements from gilles and a tweak
from Philipp (philipp+openbsd [at] bureaucracy [dot] de), thanks!

ok gilles

7 months agoIn Rev 1.296 the update of the siglist was moved to the end of ptsignal().
claudio [Tue, 7 May 2024 10:46:35 +0000 (10:46 +0000)]
In Rev 1.296 the update of the siglist was moved to the end of ptsignal().
One atomic_clearbits_int() hiding in SSTOP was missed when converting all
the exceptions that cleared the siglist again. Instead of clearing the bits
the mask needs to be set to 0 so that it is properly ignored.
OK mpi@

7 months agosync
op [Tue, 7 May 2024 09:10:58 +0000 (09:10 +0000)]
sync

7 months agoinstall smtpd-tables(7)
op [Tue, 7 May 2024 09:10:33 +0000 (09:10 +0000)]
install smtpd-tables(7)

7 months agosync
deraadt [Tue, 7 May 2024 00:44:02 +0000 (00:44 +0000)]
sync

7 months agoremove SSH1 leftovers
tobias [Mon, 6 May 2024 19:26:17 +0000 (19:26 +0000)]
remove SSH1 leftovers

Authored with Space Meyer <git at the-space dot agency>

ok djm

7 months agovmstat/dkstats.c: remove obfuscatory timerset() macro
cheloha [Mon, 6 May 2024 16:54:22 +0000 (16:54 +0000)]
vmstat/dkstats.c: remove obfuscatory timerset() macro

Using a macro to perform a plain struct assignment obfuscates the
obvious.  Delete the timerset() macro.

While here, remove some superfluous timerclear(3) calls.

Thread: https://marc.info/?l=openbsd-tech&m=171346446031940&w=2

ok millert@

7 months agotty(1): exit with status 2 if unveil(2) or pledge(2) fail
cheloha [Mon, 6 May 2024 16:49:46 +0000 (16:49 +0000)]
tty(1): exit with status 2 if unveil(2) or pledge(2) fail

tty(1) returns >1 on error, not 1.

Thread: https://marc.info/?l=openbsd-tech&m=171494082629111&w=2

ok deraadt@ guenther@

7 months agoFix function wrapping.
jsing [Mon, 6 May 2024 14:38:20 +0000 (14:38 +0000)]
Fix function wrapping.

7 months agoEnable lhash regress.
jsing [Mon, 6 May 2024 14:37:26 +0000 (14:37 +0000)]
Enable lhash regress.

7 months agoGuard call to contract() from doall_util_fn().
jsing [Mon, 6 May 2024 14:36:05 +0000 (14:36 +0000)]
Guard call to contract() from doall_util_fn().

It is not safe to unconditionally call contract() - when called repeatedly
it will shrink the bucket array to zero and then attempt to access that
allocation on the next call. Use the same guard that is used in
lh_delete().

Issue found when investigating haproxy crashes reported by wizard-it on
GitHub.

ok tb@

7 months agoProvide initial regress for lhash.
jsing [Mon, 6 May 2024 14:31:25 +0000 (14:31 +0000)]
Provide initial regress for lhash.

For now, this is very limited and only tests calling lh_doall_arg()
multiple times on an empty linked hash. This process currently triggers
a SIGSEGV, which will be soon fixed.

7 months agoAdd support for Tx checksum offloading to dwqe(4).
stsp [Mon, 6 May 2024 09:54:38 +0000 (09:54 +0000)]
Add support for Tx checksum offloading to dwqe(4).

Also improve our macros documenting Tx descriptor formats.

Tested:
RK3568: kettenis, jmatthew
Elkhart Lake: stsp

ok kettenis@, jmatthew@

7 months agosndiod: Ignore server.device settings to a non-working device
ratchov [Mon, 6 May 2024 05:37:26 +0000 (05:37 +0000)]
sndiod: Ignore server.device settings to a non-working device

7 months agomatch new Realtek RTL8192EU id; from Kyle Markley
jsg [Mon, 6 May 2024 05:02:25 +0000 (05:02 +0000)]
match new Realtek RTL8192EU id; from Kyle Markley

7 months agoregen
jsg [Mon, 6 May 2024 05:00:52 +0000 (05:00 +0000)]
regen

7 months agoanother Realtek RTL8192EU id; from Kyle Markley
jsg [Mon, 6 May 2024 05:00:19 +0000 (05:00 +0000)]
another Realtek RTL8192EU id; from Kyle Markley

7 months agoexpose hardware counters as kstats.
dlg [Mon, 6 May 2024 04:25:52 +0000 (04:25 +0000)]
expose hardware counters as kstats.

igc(4) counters are read to clear like em(4) counters, so this code
looks very much like em(4) but with less quirks so far.

ok bluhm@ bket@

7 months agodrm/amdgpu: Fix leak when GPU memory allocation fails
jsg [Mon, 6 May 2024 02:12:36 +0000 (02:12 +0000)]
drm/amdgpu: Fix leak when GPU memory allocation fails

From Mukul Joshi
d7d7284c2a7c67ea5f07eb28d8c2ea0f3ee4b86b in linux-6.6.y/6.6.30
25e9227c6afd200bed6774c866980b8e36d033af in mainline linux

7 months agodrm/amdgpu: Assign correct bits for SDMA HDP flush
jsg [Mon, 6 May 2024 02:09:51 +0000 (02:09 +0000)]
drm/amdgpu: Assign correct bits for SDMA HDP flush

From Lijo Lazar
65356a1cc49657b2fc833489d226053fa601334a in linux-6.6.y/6.6.30
aebd3eb9d3ae017e6260043f6bcace2f5ef60694 in mainline linux

7 months agodrm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3
jsg [Mon, 6 May 2024 02:07:15 +0000 (02:07 +0000)]
drm/amdgpu/sdma5.2: use legacy HDP flush for SDMA2/3

From Alex Deucher
b33d7aaa2d3d1bef20fd5d9ab0d1776376fc98b6 in linux-6.6.y/6.6.30
9792b7cc18aaa0c2acae6af5d0acf249bcb1ab0d in mainline linux

7 months agodrm/ttm: stop pooling cached NUMA pages v2
jsg [Mon, 6 May 2024 02:05:30 +0000 (02:05 +0000)]
drm/ttm: stop pooling cached NUMA pages v2

From Christian Koenig
ab65b0cf0324b6dae89cfc9c7d9625e591b24e43 in linux-6.6.y/6.6.30
b6976f323a8687cc0d55bc92c2086fd934324ed5 in mainline linux

7 months agomm, treewide: introduce NR_PAGE_ORDERS
jsg [Mon, 6 May 2024 01:59:03 +0000 (01:59 +0000)]
mm, treewide: introduce NR_PAGE_ORDERS

From Kirill A. Shutemov
ded1ffea52132e58eaaa7d4ea39477f911796a40 in linux-6.6.y/6.6.30
fd37721803c6e73619108f76ad2e12a9aa5fafaf in mainline linux

7 months agodrm/amdgpu: fix visible VRAM handling during faults
jsg [Mon, 6 May 2024 01:53:26 +0000 (01:53 +0000)]
drm/amdgpu: fix visible VRAM handling during faults

From Christian Koenig
4c5eaf0cad27a66c4788e0603b9f7a68df83a947 in linux-6.6.y/6.6.30
a6ff969fe9cbf369e3cd0ac54261fec1122682ec in mainline linux

7 months agodrm/amdgpu: add shared fdinfo stats
jsg [Mon, 6 May 2024 01:50:15 +0000 (01:50 +0000)]
drm/amdgpu: add shared fdinfo stats

From Alex Deucher
f85a55fb87c2ee58e957b9c828aa70306a759d8d in linux-6.6.y/6.6.30
ba1a58d5b907bdf1814f8f57434aebc86233430f in mainline linux

7 months agodrm: add drm_gem_object_is_shared_for_memory_stats() helper
jsg [Mon, 6 May 2024 01:46:20 +0000 (01:46 +0000)]
drm: add drm_gem_object_is_shared_for_memory_stats() helper

From Alex Deucher
a4ae24cd04a8e2c1f61586a2e129b1cbd44a78db in linux-6.6.y/6.6.30
b31f5eba32ae8cc28e7cfa5a55ec8670d8c718e2 in mainline linux

7 months agoadd NR_PAGE_ORDERS for 6.6.30 drm
jsg [Mon, 6 May 2024 01:42:05 +0000 (01:42 +0000)]
add NR_PAGE_ORDERS for 6.6.30 drm

7 months agostart documenting ioctls
kn [Sun, 5 May 2024 19:13:13 +0000 (19:13 +0000)]
start documenting ioctls

7 months agoremove unused 0-sized softdep files
jsg [Sun, 5 May 2024 13:33:04 +0000 (13:33 +0000)]
remove unused 0-sized softdep files
ok tb@

7 months agoDocument "ls rogue" exit status.
ajacoutot [Sun, 5 May 2024 08:16:45 +0000 (08:16 +0000)]
Document "ls rogue" exit status.

7 months agoStop building with and documenting FFS_SOFTUPDATES.
jsg [Sun, 5 May 2024 07:26:58 +0000 (07:26 +0000)]
Stop building with and documenting FFS_SOFTUPDATES.
Code that used it was removed in February.

7 months agoremove unneeded includes
jsg [Sun, 5 May 2024 06:14:37 +0000 (06:14 +0000)]
remove unneeded includes

7 months agoadd upstream change to fix the build
jsg [Sun, 5 May 2024 02:55:34 +0000 (02:55 +0000)]
add upstream change to fix the build
ok tb@ deraadt@

7 months agoUpdate awk to the May 4, 2024 version.
millert [Sat, 4 May 2024 22:59:21 +0000 (22:59 +0000)]
Update awk to the May 4, 2024 version.
Fixes a use-after-free bug with ARGV for "delete ARGV".

7 months agodma_free(9) just once in error case
kn [Sat, 4 May 2024 16:40:38 +0000 (16:40 +0000)]
dma_free(9) just once in error case

buf is free'd and NULL, don't do it again to avoid a panic.

OK krw

7 months agoAdd TSO capabilites.
mbuhl [Sat, 4 May 2024 13:35:26 +0000 (13:35 +0000)]
Add TSO capabilites.
Comments, suggestions and testing from bket@, jan@, and bluhm@

7 months agoremove prototypes for removed functions
jsg [Sat, 4 May 2024 11:25:24 +0000 (11:25 +0000)]
remove prototypes for removed functions

7 months agoremove some unused defines
jsg [Sat, 4 May 2024 10:53:37 +0000 (10:53 +0000)]
remove some unused defines
ok miod@

7 months agoadd -r to "show" command; ok mlarkin
jmc [Sat, 4 May 2024 07:51:21 +0000 (07:51 +0000)]
add -r to "show" command; ok mlarkin

7 months agoamd64 is guaranteed to have PAT and CLFLUSH; stop testing cpu flags
guenther [Sat, 4 May 2024 00:27:42 +0000 (00:27 +0000)]
amd64 is guaranteed to have PAT and CLFLUSH; stop testing cpu flags
for them on that arch.

ok jsg@

7 months agoRemove disgusting NULL checks in tm_to_{gentime,utctime}()
tb [Fri, 3 May 2024 18:33:27 +0000 (18:33 +0000)]
Remove disgusting NULL checks in tm_to_{gentime,utctime}()

The only caller that could potentially call these with NULL has been fixed.
This way an ugly hack that was needed to plug a memory leak can go away and
the functions again behave as intended without OpenSSL-style workarounds.

ok beck

7 months agoIntercept a NULL s early in ASN1_TIME_set_string_internal()
tb [Fri, 3 May 2024 18:29:43 +0000 (18:29 +0000)]
Intercept a NULL s early in ASN1_TIME_set_string_internal()

If s is NULL, the only thing the tm_to_*() functions do is a check that
a GeneralizedTime has a four digit year (between 0000 and 9999) and a
UTCTime has a year between 1950 and 2050. These checks are already done
in ASN1_TIME_parse() itself: the century is 100 times a two-digit value
(or 19 in the UTCTime case) plus another two-digit value.

ok beck

7 months agoSimplify type handling in ASN1_TIME_set_string_internal()
tb [Fri, 3 May 2024 18:22:26 +0000 (18:22 +0000)]
Simplify type handling in ASN1_TIME_set_string_internal()

ASN1_time_parse() takes a mode argument. If mode != 0, there is a check
that mode is the same as the time type returned by asn1_time_parse_cbs()
otherwise ASN1_time_parse() fails. Therefore the type == mode checks in
ASN1_set_string_internal() are redundant and can be removed.

ok beck

7 months agoSimplify tm handling in ASN1_time_parse()
tb [Fri, 3 May 2024 18:15:27 +0000 (18:15 +0000)]
Simplify tm handling in ASN1_time_parse()

The CBS version asn1_time_parse_cbs() handles a NULL tm gracefully, so
there is no need to avoid it by passing a pointer to a tm on the stack.

ok beck

7 months agoPush solock() down to sosend() and remove it from soreceive() paths fro
mvs [Fri, 3 May 2024 17:43:09 +0000 (17:43 +0000)]
Push solock() down to sosend() and remove it from soreceive() paths fro
unix(4) sockets.

Push solock() deep down to sosend() and remove it from soreceive() paths
for unix(4) sockets.

The transmission of unix(4) sockets already half-unlocked because
connected peer is not locked by solock() during sbappend*() call. Use
`sb_mtx' mutex(9) and `sb_lock' rwlock(9) to protect both `so_snd' and
`so_rcv'.

Since the `so_snd' is protected by `sb_mtx' mutex(9) the re-locking
is not required in uipc_rcvd().

Do direct `so_rcv' dispose and cleanup in sofree(). This sockets is
almost dead and unlinked from everywhere include spliced peer, so
concurrent sotask() thread will just exit. This required to keep locks
order between `i_lock' and `sb_lock'. Also this removes re-locking from
sofree() for all sockets.

SB_OWNLOCK became redundant with SB_MTXLOCK, so remove it. SB_MTXLOCK
was kept because checks against SB_MTXLOCK within sb*() routines are mor
consistent.

Feedback and ok bluhm

7 months agoaucat.1: Drop the number component of sndio descriptors
ratchov [Fri, 3 May 2024 16:48:41 +0000 (16:48 +0000)]
aucat.1: Drop the number component of sndio descriptors

ok jmc

7 months agosndiod.1: Drop the number component of sndio descriptors
ratchov [Fri, 3 May 2024 16:47:15 +0000 (16:47 +0000)]
sndiod.1: Drop the number component of sndio descriptors

7 months agoMake qwx(4) call into ifmedia more like iwx(4) does it.
stsp [Fri, 3 May 2024 14:32:11 +0000 (14:32 +0000)]
Make qwx(4) call into ifmedia more like iwx(4) does it.

Fixes weird media: lines in ifconfig which show a mix of 802.11 modes
after switching APs, such as:
media: IEEE802.11 autoselect mode 11a (OFDM18 mode 11g)

7 months agovmm: merge VMX and SVM vm initialization functions.
dv [Fri, 3 May 2024 13:48:29 +0000 (13:48 +0000)]
vmm: merge VMX and SVM vm initialization functions.

They do the same uvmspace/pmap dance, so just reduce to a single
function. Kernel lock is moved to the uvmspace_free call. In addition,
we should be using the pmap mutex in pmap_convert, called by the
vm initialization routine.

ok mlarkin@

7 months agowitness: Display lock cycles longer than two locks
visa [Fri, 3 May 2024 13:47:31 +0000 (13:47 +0000)]
witness: Display lock cycles longer than two locks

When a lock order reversal is found, perform a path search in the lock
order graph. This lets witness(4) display lock cycles that are longer
than two locks.

OK mpi@

7 months agowitness: Make "show witness" display lock subtypes
visa [Fri, 3 May 2024 13:45:42 +0000 (13:45 +0000)]
witness: Make "show witness" display lock subtypes

Display lock subtypes in "show witness" output to reduce ambiguity.

OK mpi@

7 months agoAdd support for Rx checksum offloading to dwqe(4).
stsp [Fri, 3 May 2024 13:02:18 +0000 (13:02 +0000)]
Add support for Rx checksum offloading to dwqe(4).

Tested by uwe@ and myself on Elkhart Lake, and kettenis@ on RK3566.

Joint work with uwe@
ok kettenis@

7 months agosndiod: Fix SIGHUP to reopen the devices in priority order
ratchov [Fri, 3 May 2024 05:18:09 +0000 (05:18 +0000)]
sndiod: Fix SIGHUP to reopen the devices in priority order

With this commit, SIGHUP makes sndiod discover new devices and if
there is a new device with higher priority (greater -F option number)
than the current one, sndiod switches to it.  If the current device is
already the one with the highest priority (i.e. last -F), then SIGHUP
does nothing.

7 months agoAlign CRL and CSR version printing with certs
tb [Fri, 3 May 2024 02:52:00 +0000 (02:52 +0000)]
Align CRL and CSR version printing with certs

Only print specified 0-based versions and print them with the 1-based
human interpretation. Use a colon and error check the BIO_printf()
calls. (There's a lot more to clean up in here, but that's for another
day).

Notably, X509_CRL_print_ex() is missing... I guess that's better than
having one with signature and semantics differing from X509_print_ex()
und X509_REQ_print_ex().

ok beck

7 months agoQuick fix previous one. socantrcvmore() should raise assertion if
mvs [Thu, 2 May 2024 21:26:52 +0000 (21:26 +0000)]
Quick fix previous one. socantrcvmore() should raise assertion if
`so_rcv' has SB_MTXLOCK flag clean, not SB_OWNLOCK.

ok bluhm

7 months agounbreak parsing of IPv6 addresses in file-backed table(5)s
op [Thu, 2 May 2024 18:14:33 +0000 (18:14 +0000)]
unbreak parsing of IPv6 addresses in file-backed table(5)s

The file parser splits the line on the ':' character too for key-value
tables, and so mis-parses IPv6 addresses.  The "::1 localhost" example
in table(5) is actually parsed as key "" and value ":1 localhost".

For list tables, the "# @list" marker can be used as a workaround, but
for key-valued the parser has to be fixed.

There are also some weird edge cases when splitting the lines.

Now the parser always splits on the first whitespace or colon, and then
strips the spaces.  For lines starting with '[' the parser will jump to
the matching ']' before attempting to split.  So, for example:

[::1]:localhost becomes "[::1]" -> "localhost"
[::1] example.org becomes "[::1]" -> "example.org"
foo: bar becomes "foo" -> "bar"
foo::bar becomes "foo" -> ":bar"
foo : bar becomes "foo" -> ": bar"

etc...

This only affects the parser for file table(5)s and makemap(8).  Inline
tables or "proc" tables are unaffected.

ok gilles@

7 months agoDon't re-lock sockets in uipc_shutdown().
mvs [Thu, 2 May 2024 17:10:55 +0000 (17:10 +0000)]
Don't re-lock sockets in uipc_shutdown().

No reason to lock peer. It can't be or became listening socket, both
sockets can't be in the middle of connecting or disconnecting.

ok bluhm

7 months agovmctl(8): Add 'vmctl status -r'
mlarkin [Thu, 2 May 2024 15:46:10 +0000 (15:46 +0000)]
vmctl(8): Add 'vmctl status -r'

The -r option can be used to limit the output of 'vmctl status' to only
running VMs. This is useful for machines that have a large number of
stopped VMs, as the running ones are printed at the top by default and
previously required scrolling back to see the list of running VMs, and/or
using 'grep RUNNING'.

There is no change for users not using -r.

ok dv

7 months agoRemove a useless OBJ_obj2nid() call from X509_CRL_print()
tb [Thu, 2 May 2024 15:33:59 +0000 (15:33 +0000)]
Remove a useless OBJ_obj2nid() call from X509_CRL_print()

ok beck (as part of a larger diff)

7 months agoPass `sosp' instead of `so' to sblock() when locking `so_snd' within
mvs [Thu, 2 May 2024 11:55:31 +0000 (11:55 +0000)]
Pass `sosp' instead of `so' to sblock() when locking `so_snd' within
sosplice().

ok bluhm

7 months agoDelete extra spaces, change spaces to tab.
aoyama [Thu, 2 May 2024 09:38:59 +0000 (09:38 +0000)]
Delete extra spaces, change spaces to tab.

No binary change.

7 months agoremove unneeded includes
jsg [Wed, 1 May 2024 13:15:59 +0000 (13:15 +0000)]
remove unneeded includes
ok miod@ mpi@

7 months agoAdd per-CPU caches to the pmemrange allocator.
mpi [Wed, 1 May 2024 12:54:27 +0000 (12:54 +0000)]
Add per-CPU caches to the pmemrange allocator.

The caches are used primarily to reduce contention on uvm_lock_fpageq() during
concurrent page faults.  For the moment only uvm_pagealloc() tries to get a
page from the current CPU's cache.  So on some architectures the caches are
also used by the pmap layer.

Each cache is composed of two magazines, design is borrowed from jeff bonwick
vmem's paper and the implementation is similar to the one of pool_cache from
dlg@.  However there is no depot layer and magazines are refilled directly by
the pmemrange allocator.

This version includes splvm()/splx() dances because the buffer cache flips
buffers in interrupt context.  So we have to prevent recursive accesses to
per-CPU magazines.

Tested by naddy@, solene@, krw@, robert@, claudio@ and Laurence Tratt.

ok claudio@, kettenis@

7 months agoadd return statements missed when adapting from FreeBSD
jsg [Wed, 1 May 2024 11:22:21 +0000 (11:22 +0000)]
add return statements missed when adapting from FreeBSD

Avoids segfaults with an argument of 0, NaN, or Inf.
Problem reported by Colin Ian King.  ok miod@ kettenis@

7 months agoRefactor receive offloading code in ix(4)
jan [Wed, 1 May 2024 10:43:42 +0000 (10:43 +0000)]
Refactor receive offloading code in ix(4)

 - reduce complexcity
 - avoid combination of TCP and UDP IN_OK mbuf annotaions

with tweaks from bluhm
tested by bluhm

ok bluhm@

7 months agoPush solock() down to sosend() for SOCK_RAW sockets.
mvs [Tue, 30 Apr 2024 17:59:15 +0000 (17:59 +0000)]
Push  solock() down to sosend() for SOCK_RAW sockets.

Raw sockets are the simplest inet sockets, so use them to start landing
`sb_mtx' mutex(9) protection for `so_snd' buffer. Now solock() is taken
only around pru_send*(), the rest of sosend() serialized by sblock() and
`sb_mtx'. The unlocked SS_ISCONNECTED check is fine, because
rip{,6}_send() check it. Also, previously the SS_ISCONNECTED could be
lost due to solock() release around following m_getuio().

ok bluhm

7 months agoAdd '\n' to DPRINTF() string that used to be a panic() string.
krw [Tue, 30 Apr 2024 17:12:19 +0000 (17:12 +0000)]
Add '\n' to DPRINTF() string that used to be a panic() string.

ok mlarkin@

7 months agoMake nfstov_mode() return mode_t rather than uint16_t.
miod [Tue, 30 Apr 2024 17:06:00 +0000 (17:06 +0000)]
Make nfstov_mode() return mode_t rather than uint16_t.
This is a no-op since we only care about the low 12 bits in NFS anyway.

ok jsg@ semarie@

7 months agoConstify NFS data whenever possible. Also make a few more const data static.
miod [Tue, 30 Apr 2024 17:05:20 +0000 (17:05 +0000)]
Constify NFS data whenever possible. Also make a few more const data static.

ok jsg@ semarie@

7 months agoConvert all the NFS macros (in nfsm_subs.h) into inline functions with the
miod [Tue, 30 Apr 2024 17:04:23 +0000 (17:04 +0000)]
Convert all the NFS macros (in nfsm_subs.h) into inline functions with the
appropriate extra arguments.

This (hopefully) completes the unmessyfication work started by thib@ a long,
long time ago (in a galaxy far away).

The conversion logic has been:
- nfsm_dissect has been turned into an rvalue expression, leaving the
  cast operation up to its caller.
- macros which had three different exit paths (return, goto nfsmout or
  fallthrough) have been split so that no macros have more than two exit paths.
- then they have been modified to return a value, which lets the caller
  figure out what exit path is needed.
- local variables abused by the macros are now local variables of the new
  inline functions.

This single commit is the sum of 25 intermediate diffs, which have all been
carefully reviewed by (at least) jsg@ and semarie@.

Tested with v2 and v3 servers and clients.

ok jsg@ semarie@

7 months agoadd typedefs for msgqnum_t and msglen_t, required by POSIX.
op [Tue, 30 Apr 2024 17:03:05 +0000 (17:03 +0000)]
add typedefs for msgqnum_t and msglen_t, required by POSIX.

improvements from kettenis and jca
ok millert, jca, guenther

7 months agoDo not cast off_t to u_long in uvm_vnp_setsize call (only misbehaves on 32-bit
miod [Tue, 30 Apr 2024 16:54:47 +0000 (16:54 +0000)]
Do not cast off_t to u_long in uvm_vnp_setsize call (only misbehaves on 32-bit
platforms.)

ok mpi@

7 months agonever close stdin
tobias [Tue, 30 Apr 2024 15:40:43 +0000 (15:40 +0000)]
never close stdin

The sanitise_stdfd call makes sure that standard file descriptors are
open (if they were closed, they are connected with /dev/null).

Do not close stdin in any case to prevent error messages when stdin is
read multiple times and to prevent later usage of fd 0 for connections,
e.g.

echo localhost | ssh-keyscan -f - -f -

While at it, make stdin-related error messages nicer.

Authored with Max Kunzelmann <maxdev at posteo dot de>

ok djm

7 months agoAllow parsing either RFC9557 timestamps (which wants explicit +00:00) or
sthen [Tue, 30 Apr 2024 14:26:50 +0000 (14:26 +0000)]
Allow parsing either RFC9557 timestamps (which wants explicit +00:00) or
the existing format (with Z). From espie.

7 months agofix home-directory extension implementation, it always returned
djm [Tue, 30 Apr 2024 06:23:51 +0000 (06:23 +0000)]
fix home-directory extension implementation, it always returned
the current user's home directory contrary to the spec.

Patch from Jakub Jelen via GHPR477

7 months agoflush stdout after writing "sftp>" prompt when not using editline.
djm [Tue, 30 Apr 2024 06:16:55 +0000 (06:16 +0000)]
flush stdout after writing "sftp>" prompt when not using editline.

From Alpine Linux via GHPR480

7 months agostricter validation of messaging socket fd number; disallow usage of
djm [Tue, 30 Apr 2024 05:53:03 +0000 (05:53 +0000)]
stricter validation of messaging socket fd number; disallow usage of
stderr. Based on GHPR492 by RealHurrison

7 months agoadd missing reserved fields to key constraint protocol documentation.
djm [Tue, 30 Apr 2024 05:45:56 +0000 (05:45 +0000)]
add missing reserved fields to key constraint protocol documentation.

from Wiktor Kwapisiewicz via GHPR487

7 months agoappeard -> appeared;
jmc [Tue, 30 Apr 2024 05:05:23 +0000 (05:05 +0000)]
appeard -> appeared;

7 months agocorrectly restore sigprocmask around ppoll()
djm [Tue, 30 Apr 2024 02:14:10 +0000 (02:14 +0000)]
correctly restore sigprocmask around ppoll()
reported by Tõivo Leedjärv; ok deraadt@