openbsd
9 months agoMove ctype.h defines to the _CTYPE_ prefix, avoids clashes with identifiers in ports
jca [Sun, 4 Feb 2024 13:03:18 +0000 (13:03 +0000)]
Move ctype.h defines to the _CTYPE_ prefix, avoids clashes with identifiers in ports

Even if those _[BCNLPSUX] defines are in the reserved namespace, some
ports make use of those identifiers and thus need pointless
headscratching and patches.  Just use a longer reserved prefix.
We can't just #undef those defines as they are used in libc.

Change similar to what NetBSD did around 2010.  Went through base builds
and an amd64 bulk build, the only fallout was lib(e)stdc++ base_ctype.h.
"make includes" will install the latest ctype.h and libstdc++ ctype_base.h.

"makes sense" deraadt@, ok sthen@ tb@

9 months agoChange rune-specific #defines from _CTYPE_ prefix to _RUNETYPE_ prefix
jca [Sun, 4 Feb 2024 12:46:01 +0000 (12:46 +0000)]
Change rune-specific #defines from _CTYPE_ prefix to _RUNETYPE_ prefix

Similar to what NetBSD did around 2010, this lets us move some defines
in ctype.h to the _CTYPE_ prefix.  No functional change.

"makes sense" deraadt, ok sthen@ tb@

9 months agoSplit X509_get_ext_count() out of for loop again
tb [Sun, 4 Feb 2024 07:43:27 +0000 (07:43 +0000)]
Split X509_get_ext_count() out of for loop again

The compiler can't know that the count doesn't change, so avoid evaluating
X509_get_ext_count() in each iteration. Also use a separate loop variable
in the ASid non-inheritance check to avoid a silly cast.

ok claudio

9 months agoUse x509_get_time() to get the Manifest thisUpdate / nextUpdate
job [Sun, 4 Feb 2024 00:53:27 +0000 (00:53 +0000)]
Use x509_get_time() to get the Manifest thisUpdate / nextUpdate

From the moment d2i_Manifest() was introduced, it was automatically
checked whether the thisUpdate/nextUpdate are ASN1_GENERALIZEDTIME.

Unfortunately, an additional check is needed, because OpenSSL doesn't
require RFC 5280 conformance for GeneralizedTime DER encoding.

OK tb@

9 months agoRework socket buffers locking for shared netlock.
mvs [Sat, 3 Feb 2024 22:50:08 +0000 (22:50 +0000)]
Rework socket buffers locking for shared netlock.

Shared netlock is not sufficient to call so{r,w}wakeup(). The following
sowakeup() modifies `sb_flags' and knote(9) stuff. Unfortunately, we
can't call so{r,w}wakeup() with `inp_mtx' mutex(9) because sowakeup()
also calls pgsigio() which grabs kernel lock.

However, `so*_filtops' callbacks only perform read-only access to the
socket stuff, so it is enough to hold shared netlock only, but the klist
stuff needs to be protected.

This diff introduces `sb_mtx' mutex(9) to protect sockbuf. This time
`sb_mtx' used to protect only `sb_flags' and `sb_klist'.

Now we have soassertlocked_readonly() and soassertlocked(). The first
one is happy if only shared netlock is held, meanwhile the second wants
`so_lock' or pru_lock() be held together with shared netlock.

To keep soassertlocked*() assertions soft, we need to know mutex(9)
state, so new mtx_owned() macro was introduces. Also, the new optional
(*pru_locked)() handler brings the state of pru_lock().

Tests and ok from bluhm.

9 months agoAdd tap(4) read events after rx virtqueue notification.
dv [Sat, 3 Feb 2024 21:41:35 +0000 (21:41 +0000)]
Add tap(4) read events after rx virtqueue notification.

The recent vmd(8) vionet refactor caused cpu spinning when the
device would be activated by a driver but before virtqueues were
provided. (e.g. booting a ramdisk kernel and not running `ifconfig
vio0 up`)

Defer adding the tap and packet injection read events until after
the first RX queue notification from the driver.

ok mlarkin@

9 months agomissing "s" after apostrophe;
jmc [Sat, 3 Feb 2024 20:46:57 +0000 (20:46 +0000)]
missing "s" after apostrophe;

9 months agoTry to fetch the board variant from the device tree on platforms that have
kettenis [Sat, 3 Feb 2024 20:07:19 +0000 (20:07 +0000)]
Try to fetch the board variant from the device tree on platforms that have
one (e.g. on arm64).  Needed to extract the right information from the
qwx(4) firmware on the x13s.

ok stsp@

9 months agoRework the exit path of tls13_handshake_recv_action()
tb [Sat, 3 Feb 2024 19:57:14 +0000 (19:57 +0000)]
Rework the exit path of tls13_handshake_recv_action()

If an error occurs in action->recv() for a handshake that needs to
downgrade to legacy TLS, the artistic exit path led to hiding the
error under TLS13_IO_USE_LEGACY. Rework the exit path to be easier
to follow, preserving behavior except that the error can no longer
be masked.

Detailed analysis and initial diff by Masaru Masuda.
Fixes https://github.com/libressl/openbsd/issues/146

ok beck

9 months agoRemove Softdep.
beck [Sat, 3 Feb 2024 18:51:57 +0000 (18:51 +0000)]
Remove Softdep.

Softdep has been a no-op for some time now, this removes it to get
it out of the way.

Flensing mostly done in Talinn, with some help from krw@

ok deraadt@

9 months agoStop spamming syslog when the network does something silly.
florian [Sat, 3 Feb 2024 18:30:17 +0000 (18:30 +0000)]
Stop spamming syslog when the network does something silly.
From Stefan R. Filipek, thanks!

9 months agoRemove last peeking at TLS1_FLAGS_SKIP_CERT_VERIFY
tb [Sat, 3 Feb 2024 18:03:49 +0000 (18:03 +0000)]
Remove last peeking at TLS1_FLAGS_SKIP_CERT_VERIFY

This was used for some GOST weirdness. The flag is unused in ports and
there is no user in Debian's codesearch.

ok beck

9 months agoZap a trailing blank that snuck into ssl3_get_client_hello()
tb [Sat, 3 Feb 2024 17:39:17 +0000 (17:39 +0000)]
Zap a trailing blank that snuck into ssl3_get_client_hello()

9 months agoAdd new amd64-only sysctl machdep.retpoline which says whether the cpu
deraadt [Sat, 3 Feb 2024 16:21:20 +0000 (16:21 +0000)]
Add new amd64-only sysctl machdep.retpoline which says whether the cpu
requires retpoline.  If 0, we should do everything in our power to avoid
pure retpoline (replacing it with a simple thunk where possible), because
by it's nature retpoline converts an indirect-branch into a direct branch
(push to stack & ret), and therefore it is an IBT (endbr64) bypass method.
This sysctl leverages guenther's decision-making logic in the kernel, which
already uses codepatch to fix the kernel retpoline thunk.
In my opinion, the retpoline-using logic really should be flipped; ROP
execution bypassing IBT to re-enter regular control flow is more dangerous
than spectre.
ok kettenis

9 months agoRemove GOST and STREEBOG support from libssl.
beck [Sat, 3 Feb 2024 15:58:33 +0000 (15:58 +0000)]
Remove GOST and STREEBOG support from libssl.

This version of GOST is old and not anywhere close to compliant with
modern GOST standards. It is also very intrusive in libssl and
makes a mess everywhere.  Efforts to entice a suitably minded anyone
to care about it have been unsuccessful.

At this point it is probably best to remove this, and if someone
ever showed up who truly needed a working version, it should be
a clean implementation from scratch, and have it use something
closer to the typical API in libcrypto so it would integrate less
painfully here.

This removes it from libssl in preparation for it's removal from
libcrypto with a future major bump

ok tb@

9 months agoleave the command for mbox delivery unset
op [Sat, 3 Feb 2024 15:50:00 +0000 (15:50 +0000)]
leave the command for mbox delivery unset

The mbox delivery is handled apart from the other delivery methods.
Since the mda is already hardcoded in mda_mbox(), there's no need to
fill the command string in parse.y.  While here also assess that for
mbox deliveries the command is unset at delivery time too.

based on a diff by gilles

ok gilles@, millert@

9 months agodocument that when an alternate delivery user is provided in a
op [Sat, 3 Feb 2024 15:41:02 +0000 (15:41 +0000)]
document that when an alternate delivery user is provided in a
dispatcher, no .forward file except that of the alternate delivery user
is processed.

ok gilles@, millert@

9 months agoFix X509_get_ext_count() usage
tb [Sat, 3 Feb 2024 14:43:15 +0000 (14:43 +0000)]
Fix X509_get_ext_count() usage

It doesn't return a value < 0. If it did, someone could feed rpki-client
a bad cert that makes it error out, which is bad. There are various checks
that will reject a cert without extensions, so we don't need to check this
explicitly.

ok job

9 months agoRefactor handling of stale manifests
job [Sat, 3 Feb 2024 14:30:47 +0000 (14:30 +0000)]
Refactor handling of stale manifests

No need to hoist a staleness indicator through the whole process and
count it explicitly.

OK tb@

9 months agoproc_parser_mft: simplify logic slightly
tb [Sat, 3 Feb 2024 11:27:55 +0000 (11:27 +0000)]
proc_parser_mft: simplify logic slightly

This aligns the mft2 case with mft1. There's still a bunch of cleanup
needed in here, but the logic seems to converge to something mere mortals
can follow.

ok job

9 months agoOn OpenBSD we always want IBT-compatible PLT entries. Currently we use
kettenis [Sat, 3 Feb 2024 11:03:48 +0000 (11:03 +0000)]
On OpenBSD we always want IBT-compatible PLT entries.  Currently we use
repoline PLT entries that were changed to include the necessary endbr64
instructions.  But with -Wl,-znoretpolineplt we would still emit non-BIT
PLT entries under certain circumstances.  Fix this.

ok deraadt@, guenther@

9 months agoImplement Multiple Message MSI support on arm64. As on amd64 this is
kettenis [Sat, 3 Feb 2024 10:37:25 +0000 (10:37 +0000)]
Implement Multiple Message MSI support on arm64.  As on amd64 this is
experimental code to assis qwx(4) development.  Currently this only works
on systems that use agintcmsi(4) as the MSI controller combined with the
dwpcie(4) Hots/PCIe bridge.

ok patrick@

9 months agoimplement qwx_tx()
stsp [Sat, 3 Feb 2024 10:03:18 +0000 (10:03 +0000)]
implement qwx_tx()

This gets the 4-way handshake working. Unfortunately, no traffic is
passing yet, apparently because of CCMP decryption errors in Rx.

9 months agonot enough bits for L1 cache size to be >= 1M
jsg [Sat, 3 Feb 2024 09:53:15 +0000 (09:53 +0000)]
not enough bits for L1 cache size to be >= 1M

found by "mask and shift to zero: expr='totalsize >> 10'" smatch warning

9 months agofix off-by-one in bounds check
jsg [Sat, 3 Feb 2024 09:26:52 +0000 (09:26 +0000)]
fix off-by-one in bounds check

found by "buffer overflow 'peer->capa.add_path' 7 <= 7" smatch error
ok claudio@

9 months agoreturn early if malloc fails to avoid use after free
jsg [Sat, 3 Feb 2024 09:15:57 +0000 (09:15 +0000)]
return early if malloc fails to avoid use after free

found by "passing freed memory 'edid'" smatch warning

9 months agofix off-by-one in bounds test
jsg [Sat, 3 Feb 2024 00:54:14 +0000 (00:54 +0000)]
fix off-by-one in bounds test

found by "buffer overflow 'peerxfs' 6 <= 6" smatch error

tobhe@ had a remote peer attempt a transform type of 6 and it is caught
by earlier checks before getting here.

ok tobhe@

9 months agocorrect buffer size argument to snprintf in print_proto()
jsg [Sat, 3 Feb 2024 00:38:08 +0000 (00:38 +0000)]
correct buffer size argument to snprintf in print_proto()

found by "snprintf() is printing too much 8192 vs 1024" smatch error
ok tobhe@ stsp@

9 months agofix vmd vioblk fd closing bounds test
jsg [Sat, 3 Feb 2024 00:28:07 +0000 (00:28 +0000)]
fix vmd vioblk fd closing bounds test

found by "buffer overflow 'vioblk->disk_fd' 4 <= 15" smatch error
ok dv@

9 months agofix off-by-one in bounds check
jsg [Sat, 3 Feb 2024 00:20:21 +0000 (00:20 +0000)]
fix off-by-one in bounds check

found by "buffer overflow 'ContextVarbind' 3 <= 3" smatch error
ok miod@ stsp@

9 months agoadd missing fatal() call in rde_peer_send_rrefresh()
jsg [Sat, 3 Feb 2024 00:11:34 +0000 (00:11 +0000)]
add missing fatal() call in rde_peer_send_rrefresh()

found by "if statement not indented" smatch warning
ok claudio@

9 months agowhen an alternate delivery user is provided in a dispatcher, do not process
gilles [Fri, 2 Feb 2024 23:33:42 +0000 (23:33 +0000)]
when an alternate delivery user is provided in a dispatcher, do not process
any recipient .forward file except that of the alternate delivery user.

ok millert@

9 months agoRework proc_parser_mft() further
tb [Fri, 2 Feb 2024 22:09:56 +0000 (22:09 +0000)]
Rework proc_parser_mft() further

By making proc_parser_mft_check() fail on a NULL manifest, we can
simplify the manifest selection logic further. This way we can see if
the new manifest has all the files it lists with correct hashes and
fall back to mft2 if not. This is still more complicated and uglier
than it should be, but far les convoluted and mind-bending than a day
ago.

ok job

9 months agothere's no good reason to allow smtpd to execute custom command set by root
gilles [Fri, 2 Feb 2024 22:02:12 +0000 (22:02 +0000)]
there's no good reason to allow smtpd to execute custom command set by root
in a .forward file so disallow custom commands and file reading, only allow
setting forward addresses and users.

as root is no longer allowed to run any MDA but mbox, we can be stricter on
the setup of the MDA process and refuse to exec anything that's not an mbox
dispatcher.

tested by op@ who edited a root envelope to simulate an exploit injecting a
custom command in a root envelope, smtpd refused to exec.

ok millert@ and op@

9 months agoFix vector number check.
kettenis [Fri, 2 Feb 2024 21:13:35 +0000 (21:13 +0000)]
Fix vector number check.

ok kevlo@, patrick@

9 months agoRun lmtp deliveries as the recipient user, not SMTPD_USER (_smtpd).
millert [Fri, 2 Feb 2024 20:54:27 +0000 (20:54 +0000)]
Run lmtp deliveries as the recipient user, not SMTPD_USER (_smtpd).
This is a backout of revision 1.278.  Delivery via lmtp is not
limited to running mail.lmtp, it may also be modified by a user's
.forward file (if any).  OK gilles@

9 months agoUpdate the comment
job [Fri, 2 Feb 2024 19:31:59 +0000 (19:31 +0000)]
Update the comment

9 months agoRemove old comment
job [Fri, 2 Feb 2024 19:26:49 +0000 (19:26 +0000)]
Remove old comment

OK tb@

9 months agono longer check staleness in proc_parser_mft
job [Fri, 2 Feb 2024 19:26:26 +0000 (19:26 +0000)]
no longer check staleness in proc_parser_mft

invert logic for readability

OK tb@

9 months agoparser: inline last call to proc_parser_mft_post()
tb [Fri, 2 Feb 2024 18:59:35 +0000 (18:59 +0000)]
parser: inline last call to proc_parser_mft_post()

with and ok job

9 months agofix previous: a *mp = mft1 got lost
tb [Fri, 2 Feb 2024 18:22:45 +0000 (18:22 +0000)]
fix previous: a *mp = mft1 got lost

ok job

9 months agorefactor: don't call proc_parser_mft_post for the first mft
job [Fri, 2 Feb 2024 18:11:12 +0000 (18:11 +0000)]
refactor: don't call proc_parser_mft_post for the first mft

should be exact same behaviour as before

OK tb@

9 months agoparser: no need to overload err1 twice.
tb [Fri, 2 Feb 2024 16:41:41 +0000 (16:41 +0000)]
parser: no need to overload err1 twice.

err2 is only used in the second call to proc_parser_mft_proc() and
right before it there is already an error overload.

ok job

9 months agorefactor: populate mft->path in the pre parser
job [Fri, 2 Feb 2024 16:15:08 +0000 (16:15 +0000)]
refactor: populate mft->path in the pre parser

OK tb@

9 months agoaspath_inflate() can be called with an empty ASPATH.
claudio [Fri, 2 Feb 2024 16:14:51 +0000 (16:14 +0000)]
aspath_inflate() can be called with an empty ASPATH.

In this case ibuf_size(in) is 0 and the ibuf_open() fails because
right now 0 sized ibufs are not allowed. Add + 1 to the size calculation
as a workaround.
OK tb@

9 months agoCleanup a couple of fatal messages to be less bad.
claudio [Fri, 2 Feb 2024 16:10:33 +0000 (16:10 +0000)]
Cleanup a couple of fatal messages to be less bad.

9 months agoImplement basics of the qwx(4) data frame Rx path.
stsp [Fri, 2 Feb 2024 15:44:19 +0000 (15:44 +0000)]
Implement basics of the qwx(4) data frame Rx path.

Port enough ath11k dp_rx code in order to let our net80211 stack
see the initial WPA handshake packet sent by the AP.

9 months agoIn in_pcbrtentry() add missing return of in6_pcbrtentry() value.
bluhm [Fri, 2 Feb 2024 15:39:23 +0000 (15:39 +0000)]
In in_pcbrtentry() add missing return of in6_pcbrtentry() value.

Reported-by: syzbot+5f2286d5962355f0cfd8@syzkaller.appspotmail.com
OK kn@

9 months agoExplain missing group on getgrnam(3) failure.
dv [Fri, 2 Feb 2024 14:58:02 +0000 (14:58 +0000)]
Explain missing group on getgrnam(3) failure.

vmd's use of agentx requires the agentx group, but if unavailable,
no details were given to the user.

Zap some whitespace whitespace while here.

"that is better", deraadt@

9 months agorefactor: no longer needed to pass loc to the mft preparser
job [Fri, 2 Feb 2024 14:13:58 +0000 (14:13 +0000)]
refactor: no longer needed to pass loc to the mft preparser

OK tb@

9 months agoIgnore EVP_MD_CTX_reset() return value
tb [Fri, 2 Feb 2024 14:13:11 +0000 (14:13 +0000)]
Ignore EVP_MD_CTX_reset() return value

Also drop now unnecessary NULL checks before it.

9 months agoIgnore EVP_CIPHER_CTX_reset() return value, it can't fail
tb [Fri, 2 Feb 2024 14:11:45 +0000 (14:11 +0000)]
Ignore EVP_CIPHER_CTX_reset() return value, it can't fail

9 months agorefactor: move parse_filepath() to avoid pointer indirection
job [Fri, 2 Feb 2024 13:40:50 +0000 (13:40 +0000)]
refactor: move parse_filepath() to avoid pointer indirection

OK tb@

9 months agorefactoring: move time validity window checks out of proc_parser_mft_post()
job [Fri, 2 Feb 2024 12:35:15 +0000 (12:35 +0000)]
refactoring: move time validity window checks out of proc_parser_mft_post()

OK tb@

9 months agoRework error messages a bit
job [Fri, 2 Feb 2024 12:23:16 +0000 (12:23 +0000)]
Rework error messages a bit

OK tb@

9 months agoEnable sximmc(4)
kettenis [Fri, 2 Feb 2024 12:09:18 +0000 (12:09 +0000)]
Enable sximmc(4)

9 months agoAdd Allwinner D1 support.
kettenis [Fri, 2 Feb 2024 12:02:26 +0000 (12:02 +0000)]
Add Allwinner D1 support.

ok jca@, patrick@

9 months agoAdd a few more Allwinner D1 clocks.
kettenis [Fri, 2 Feb 2024 12:01:49 +0000 (12:01 +0000)]
Add a few more Allwinner D1 clocks.

ok patrick@

9 months agoReimplement BIO_dump_indent() with CBS/CBB and BIO_printf()
tb [Fri, 2 Feb 2024 10:53:48 +0000 (10:53 +0000)]
Reimplement BIO_dump_indent() with CBS/CBB and BIO_printf()

Instead of heaps of unchecked strlcpy/strlcat/snprintf doing hard to follow
gymnastics, use a byte string, a somewhat comprehensible computation of the
number of bytes to dump per output line and write using checked BIO_printf()
directly to the BIO.

Longer strings will still overflow the terminal width of 80 and even longer
strings will still overflow the return value (undefined behavior). I don't
care much about the former but the latter should be fixed in a later pass.

ok beck

9 months agoThe fix to pfctl_kill_src_nodes() comes from Olivier Croquin.
sashan [Fri, 2 Feb 2024 08:23:29 +0000 (08:23 +0000)]
The fix to pfctl_kill_src_nodes() comes from Olivier Croquin.
bluhm@ pointed out pfctl_net_kill_states() suffers from the
same copy'n'paste typo. Commit combines both fixes.

OK @bluhm, OK @kn

9 months agobio_dump: fix indent
tb [Fri, 2 Feb 2024 06:47:21 +0000 (06:47 +0000)]
bio_dump: fix indent

9 months agobio_dump: add one more testcase
tb [Fri, 2 Feb 2024 06:39:58 +0000 (06:39 +0000)]
bio_dump: add one more testcase

This one covers the silly minuses between the hexdump and the ASCII dump
when dumping eight bytes per line.

9 months agoAdd regress coverage for BIO_dump()
tb [Fri, 2 Feb 2024 06:22:01 +0000 (06:22 +0000)]
Add regress coverage for BIO_dump()

9 months agodrm/amdgpu/gfx11: set UNORD_DISPATCH in compute MQDs
jsg [Fri, 2 Feb 2024 03:41:53 +0000 (03:41 +0000)]
drm/amdgpu/gfx11: set UNORD_DISPATCH in compute MQDs

From Alex Deucher
5ff487d180dc25138d2261dda9e3b2d46ef3051a in linux-6.6.y/6.6.15
3380fcad2c906872110d31ddf7aa1fdea57f9df6 in mainline linux

9 months agodrm/amdgpu/gfx10: set UNORD_DISPATCH in compute MQDs
jsg [Fri, 2 Feb 2024 03:39:56 +0000 (03:39 +0000)]
drm/amdgpu/gfx10: set UNORD_DISPATCH in compute MQDs

From Alex Deucher
b59ea95e72e051fe53a5c978222d65b80ca2ef96 in linux-6.6.y/6.6.15
03ff6d7238b77e5fb2b85dc5fe01d2db9eb893bd in mainline linux

9 months agodrm/i915/psr: Only allow PSR in LPSP mode on HSW non-ULT
jsg [Fri, 2 Feb 2024 03:38:12 +0000 (03:38 +0000)]
drm/i915/psr: Only allow PSR in LPSP mode on HSW non-ULT

From Ville Syrjala
02cfae7d62783614b433ec93b2ccf9d9fba212ff in linux-6.6.y/6.6.15
f9f031dd21a7ce13a13862fa5281d32e1029c70f in mainline linux

9 months agodrm/i915/lnl: Remove watchdog timers for PSR
jsg [Fri, 2 Feb 2024 03:36:29 +0000 (03:36 +0000)]
drm/i915/lnl: Remove watchdog timers for PSR

From Mika Kahola
e017ec3807d40a196dd328ca25b3219e0f97c9cc in linux-6.6.y/6.6.15
a2cd15c2411624a7a97bad60d98d7e0a1e5002a6 in mainline linux

9 months agodrm/amd/display: Fix uninitialized variable usage in core_link_ 'read_dpcd() & write_...
jsg [Fri, 2 Feb 2024 03:34:24 +0000 (03:34 +0000)]
drm/amd/display: Fix uninitialized variable usage in core_link_ 'read_dpcd() & write_dpcd()' functions

From Srinivasan Shanmugam
b565f41b9f20ed65d73660ffa6d8e495bc839789 in linux-6.6.y/6.6.15
a58371d632ebab9ea63f10893a6b6731196b6f8d in mainline linux

9 months agodrm/amdgpu/pm: Fix the power source flag error
jsg [Fri, 2 Feb 2024 03:32:46 +0000 (03:32 +0000)]
drm/amdgpu/pm: Fix the power source flag error

From Ma Jun
dcda362dc5b4d5aa0df9d1511cb9427df04d2d11 in linux-6.6.y/6.6.15
ca1ffb174f16b699c536734fc12a4162097c49f4 in mainline linux

9 months agodrm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()'
jsg [Fri, 2 Feb 2024 03:30:24 +0000 (03:30 +0000)]
drm/amd/display: Fix late derefrence 'dsc' check in 'link_set_dsc_pps_packet()'

From Srinivasan Shanmugam
6aa5ede6665122f4c8abce3c6eba06b49e54d25c in linux-6.6.y/6.6.15
3bb9b1f958c3d986ed90a3ff009f1e77e9553207 in mainline linux

9 months agodrm/amd/display: Align the returned error code with legacy DP
jsg [Fri, 2 Feb 2024 03:27:33 +0000 (03:27 +0000)]
drm/amd/display: Align the returned error code with legacy DP

From Wayne Lin
d3af41be094a39e1a1392d1d42cdf3eb90922476 in linux-6.6.y/6.6.15
bfe79f5fff1300d96203383582b078c7b0aec80a in mainline linux

9 months agodrm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A
jsg [Fri, 2 Feb 2024 03:25:14 +0000 (03:25 +0000)]
drm/amd/display: Port DENTIST hang and TDR fixes to OTG disable W/A

From Nicholas Kazlauskas
fbc4ee5ca79bcdb8010e7209c0a8d48333b324a2 in linux-6.6.y/6.6.15
4b56f7d47be87cde5f368b67bc7fac53a2c3e8d2 in mainline linux

9 months agodrm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()
jsg [Fri, 2 Feb 2024 03:23:33 +0000 (03:23 +0000)]
drm/amd/display: Fix variable deferencing before NULL check in edp_setup_replay()

From Srinivasan Shanmugam
22ae604aea14756954e1c00ae653e34d2afd2935 in linux-6.6.y/6.6.15
7073934f5d73f8b53308963cee36f0d389ea857c in mainline linux

9 months agodrm/amdgpu: correct the cu count for gfx v11
jsg [Fri, 2 Feb 2024 03:21:27 +0000 (03:21 +0000)]
drm/amdgpu: correct the cu count for gfx v11

From Likun Gao
b788696f9ed01019b10b1a2d7e92b4f8c61434d6 in linux-6.6.y/6.6.15
f4a94dbb6dc0bed10a5fc63718d00f1de45b12c0 in mainline linux

9 months agodrm: Allow drivers to indicate the damage helpers to ignore damage clips
jsg [Fri, 2 Feb 2024 03:15:11 +0000 (03:15 +0000)]
drm: Allow drivers to indicate the damage helpers to ignore damage clips

From Javier Martinez Canillas
45aafb5075754bbe6458a6b3e8ad02b408c35211 in linux-6.6.y/6.6.15
35ed38d58257336c1df26b14fd5110b026e2adde in mainline linux

9 months agodrm: Disable the cursor plane on atomic contexts with virtualized drivers
jsg [Fri, 2 Feb 2024 03:11:16 +0000 (03:11 +0000)]
drm: Disable the cursor plane on atomic contexts with virtualized drivers

From Zack Rusin
87b3b45ce7b4dd745506f9437b968c5e35b87dda in linux-6.6.y/6.6.15
4e3b70da64a53784683cfcbac2deda5d6e540407 in mainline linux

9 months agodrm: Don't unref the same fb many times by mistake due to deadlock handling
jsg [Fri, 2 Feb 2024 03:07:10 +0000 (03:07 +0000)]
drm: Don't unref the same fb many times by mistake due to deadlock handling

From Ville Syrjala
d7afdf360f4ac142832b098b4de974e867cc063c in linux-6.6.y/6.6.15
cb4daf271302d71a6b9a7c01bd0b6d76febd8f0c in mainline linux

9 months agoRevert "drm/i915/dsi: Do display on sequence later on icl+"
jsg [Fri, 2 Feb 2024 03:05:16 +0000 (03:05 +0000)]
Revert "drm/i915/dsi: Do display on sequence later on icl+"

From Ville Syrjala
0d87d67f447da783ef3bd9c46e5f6ffe214a0aa1 in linux-6.6.y/6.6.15
6992eb815d087858f8d7e4020529c2fe800456b3 in mainline linux

9 months agodrm/amdgpu: Fix the null pointer when load rlc firmware
jsg [Fri, 2 Feb 2024 03:03:16 +0000 (03:03 +0000)]
drm/amdgpu: Fix the null pointer when load rlc firmware

From Ma Jun
8b5bacce2d13dbe648f0bfd3f738ecce8db4978c in linux-6.6.y/6.6.15
bc03c02cc1991a066b23e69bbcc0f66e8f1f7453 in mainline linux

9 months agowhitespace
djm [Fri, 2 Feb 2024 00:13:34 +0000 (00:13 +0000)]
whitespace

9 months agoFix the verifier to use the trust store
beck [Thu, 1 Feb 2024 23:16:38 +0000 (23:16 +0000)]
Fix the verifier to use the trust store

the trust store is yet another obscure way to add a trust anchor

9 months agoPrint information about (legacy) Multiple Message MSIs.
kettenis [Thu, 1 Feb 2024 18:26:45 +0000 (18:26 +0000)]
Print information about (legacy) Multiple Message MSIs.

ok kevlo@, dlg@

9 months agoInline EVP_PBE_find() in its last two callers
tb [Thu, 1 Feb 2024 17:11:58 +0000 (17:11 +0000)]
Inline EVP_PBE_find() in its last two callers

This API was already cleaned up quite a bit, but it is unused in the
ecosystem and the two internal callers can be simplified a lot when
inlining the lookups.

EVP_PBE_CipherInit() can walk the table of "outer" PBEs and reach into
the matching pbe for its cipher_nid, md_nid and keygen().

PKCS5_v2_PBKDF2_keyivgen() uses EVP_PBE_find() as a way to mapping a
PRF (given by the nid of an HMAC with some digest) to the digest's nid.
This can be done by a simple switch. Move MD5 to the top and GOST to
the end in that switch and wrap the latter in OPENSSL_NO_GOST, so it
will go away once we define OPENSSL_NO_GOST.

ok beck

9 months agoPrepare to remove the _cb() and _fp() versions of BIO_dump()
tb [Thu, 1 Feb 2024 17:04:09 +0000 (17:04 +0000)]
Prepare to remove the _cb() and _fp() versions of BIO_dump()

apache-httpd uses BIO_dump(), libssl uses BIO_dump_indent(), and the
openssl(1) app uses both. Otherwise this is unused. This is horribly
bad code even by libcrypto standards.

By doing away with the callbacks fixes incorrect error checking for
fwrite() but there is a lot more wrong in here. This can be cleaned
up in a later pass, the only concern here is to be able to remove the
unused variants in the next major bump.

ok beck

9 months agoNormalize the nid printing
tb [Thu, 1 Feb 2024 15:11:38 +0000 (15:11 +0000)]
Normalize the nid printing

OBJ_nid2* can return NULL if the gloriously consistent objects.txt
database doesn't specify a long or a short name. So try the long name
first, fall back to the short name, and if both fail, use "unknown".
Always include the nid as a decimal.

ok claudio

9 months agoConvert the mrtparser to use ibufs in many places.
claudio [Thu, 1 Feb 2024 11:37:10 +0000 (11:37 +0000)]
Convert the mrtparser to use ibufs in many places.

More is possible but for now this covers most of the message parsers.
OK tb@

9 months agoproc_parser_mft_pre: tweak a warning message
tb [Thu, 1 Feb 2024 09:50:15 +0000 (09:50 +0000)]
proc_parser_mft_pre: tweak a warning message

discussed with job

9 months agoaucat: Fix MIDI control of the levels of individual files
ratchov [Thu, 1 Feb 2024 05:28:54 +0000 (05:28 +0000)]
aucat: Fix MIDI control of the levels of individual files

Change the order of slot_list to match the order of the -io options on
the command-line and fix the way slot_list searched using the MIDI
channel number of the CC-07 message.

Reported and analysed by Dirk-Wilhelm Peters <peters at schwertfisch.de>

Thanks!

9 months agowhitespace
djm [Thu, 1 Feb 2024 02:37:33 +0000 (02:37 +0000)]
whitespace

9 months agothe clang binary never shrinks, especially since it is statically
deraadt [Thu, 1 Feb 2024 00:39:57 +0000 (00:39 +0000)]
the clang binary never shrinks, especially since it is statically
linked (for performance).  in this case, it grew larger than the
maximum text segment size; increase that size.

9 months agoAdd reference to RRDP Session Desynchronization draft
job [Wed, 31 Jan 2024 17:19:02 +0000 (17:19 +0000)]
Add reference to RRDP Session Desynchronization draft

9 months agoMake the error a bit easier to read
job [Wed, 31 Jan 2024 15:01:13 +0000 (15:01 +0000)]
Make the error a bit easier to read

OK tb@

9 months agoAdd route generation number to route cache.
bluhm [Wed, 31 Jan 2024 14:56:42 +0000 (14:56 +0000)]
Add route generation number to route cache.

The outgoing route is cached at the inpcb.  This cache was only
invalidated when the socket closes or if the route gets invalid.
More specific routes were not detected.  Especially with dynamic
routing protocols, sockets must be closed and reopened to use the
correct route.  Running ping during a route change shows the problem.

To solve this, add a route generation number that is updated whenever
the routing table changes.  The lookup in struct route is put into
the route_cache() function.  If the generation number is too old,
the cached route gets discarded.

Implement route_cache() for ip_output() and ip_forward() first.
IPv6 and more places will follow.

OK claudio@

9 months agoSplit in_pcbrtentry() and in6_pcbrtentry() based on INP_IPV6.
bluhm [Wed, 31 Jan 2024 12:27:57 +0000 (12:27 +0000)]
Split in_pcbrtentry() and in6_pcbrtentry() based on INP_IPV6.

Splitting the IPv6 code into a separate function results in less
#ifdef INET6.  Also struct route_in6 *ro in in6_pcbrtentry() is of
the correct type and in_pcbrtentry() does not rely on the fact that
inp_route and inp_route6 are pointers to the same union.

OK kn@ claudio@

9 months agoConvert IMSG_CTL_SHOW_RIB_ATTR over to the new ibuf API.
claudio [Wed, 31 Jan 2024 11:23:19 +0000 (11:23 +0000)]
Convert IMSG_CTL_SHOW_RIB_ATTR over to the new ibuf API.

This converts show_attr() and json_attr() and with that also the
community specific functions. This removes some hacks inside of
show_attr() that where added before.

OK tb@

9 months agoMerge OBJ_NAME_do_all*(3) into EVP_CIPHER_do_all(3)
tb [Wed, 31 Jan 2024 08:02:53 +0000 (08:02 +0000)]
Merge OBJ_NAME_do_all*(3) into EVP_CIPHER_do_all(3)

This is the only OBJ_NAME API that will remain after the next major bump.
The API is misnamed and really is about EVP, so move it to an EVP manual
documenting another API doing essentially the same thing. Remove most cross
references to OBJ_NAME_*.

9 months agoIntroduce and use mft_compare_issued()
tb [Wed, 31 Jan 2024 06:57:21 +0000 (06:57 +0000)]
Introduce and use mft_compare_issued()

Newly issued manifests should not only have a higher manifestNumber,
their issuance time should also be later. Add corresponding checks
and warnings when comparing a newly fetched manifest to a manifest
from the cache.

ok job (who noticed that such a check was missing)

9 months agoRename mft_compare() to mft_compare_seqnum()
tb [Wed, 31 Jan 2024 06:54:43 +0000 (06:54 +0000)]
Rename mft_compare() to mft_compare_seqnum()

This makes it clearer what exactly this function compares. Also drop some
NULL checks that made the semantics of this function tricky.

ok job

9 months agoPull mft comparison into proc_parser_mft_pre()
tb [Wed, 31 Jan 2024 06:53:21 +0000 (06:53 +0000)]
Pull mft comparison into proc_parser_mft_pre()

This way we can be sure more easily that both manifests are non-NULL,
thus avoiding some NULL checks and risk of use-after-free. This also
makes it clearer which manifest is the "older" one and will simplify
an upcoming commit doing issuance time comparison.

This adds a bit of a hack to proc_parser_mft_pre() to ensure we don't
look into DIR_TEMP in noop mode.

ok job

9 months agothe maxupd example was removed in -r.1.15, so do not refer to it;
jmc [Wed, 31 Jan 2024 06:50:16 +0000 (06:50 +0000)]
the maxupd example was removed in -r.1.15, so do not refer to it;
from janne johansson

with that removal the surrounding text becomes simpler, so trim it;