openbsd
2 years agoregen
jsg [Tue, 23 Aug 2022 08:11:01 +0000 (08:11 +0000)]
regen

2 years agoadd SIMCom SIM5320 (same id used by Option iCON 210)
jsg [Tue, 23 Aug 2022 08:10:35 +0000 (08:10 +0000)]
add SIMCom SIM5320 (same id used by Option iCON 210)
from jon@elytron.openbsd.amsterdam

2 years agoRework random(6)
tb [Tue, 23 Aug 2022 06:35:53 +0000 (06:35 +0000)]
Rework random(6)

Fix putchar(3) handling and a number of other issues in the random(6)
code. In -e mode, avoid bias due to truncation of the return code to
8 bits. In default mode, actually treat the denominator as a floating
point number and print the line with a probability of 1 / denominator.
This allows e.g. printing 2/3 of stdin with 'random 1.5'.

Includes code for uniform random floats by Taylor R. Campbell from
https://mumble.net/~campbell/2014/04/28/uniform-random-float
and clz64() by me.

From lucic71 () bronze ! ctrl-c ! club, thanks.

ok deraadt

2 years agolog a warning if we can't resolve the ldap server hostname
jmatthew [Tue, 23 Aug 2022 02:57:27 +0000 (02:57 +0000)]
log a warning if we can't resolve the ldap server hostname

2 years agoMove PRU_SHUTDOWN request to (*pru_shutdown)().
mvs [Mon, 22 Aug 2022 21:18:48 +0000 (21:18 +0000)]
Move PRU_SHUTDOWN request to (*pru_shutdown)().

ok bluhm@

2 years agoDocument that igmp_timers_are_running and mld6_timers_are_running
bluhm [Mon, 22 Aug 2022 21:02:44 +0000 (21:02 +0000)]
Document that igmp_timers_are_running and mld6_timers_are_running
are protected by netlock.  They are only used as shortcut in fast
timer.
Common prefix in mld6.c is mld6.
OK mvs@

2 years agoProtect pf_reassemble() with pf fragment lock. When the pool limit
bluhm [Mon, 22 Aug 2022 20:35:39 +0000 (20:35 +0000)]
Protect pf_reassemble() with pf fragment lock.  When the pool limit
for fragment entries was reached, pf_create_fragment() called
pf_flush_fragments() without lock.  This could result in a crash.
Let PF_FRAG_LOCK() cover the whole pf_reassemble() function as
pf_nfrents++ was also missing the lock.
crash found and fix tested by Hrvoje Popovski;  OK sashan@

2 years agoMove PRU_DISCONNECT request to (*pru_disconnect).
mvs [Mon, 22 Aug 2022 13:23:06 +0000 (13:23 +0000)]
Move PRU_DISCONNECT request to (*pru_disconnect).

ok bluhm@

2 years agoGet number of interrupt cells from device tree instead of guessing based
tobhe [Mon, 22 Aug 2022 12:34:55 +0000 (12:34 +0000)]
Get number of interrupt cells from device tree instead of guessing based
on version.  Fixes M2 Macbook Air 2022 which reports version 2 but only
uses 3 cells.

ok kettenis@

2 years agoSimplify locking by using an intermediate lock variable.
mpi [Mon, 22 Aug 2022 12:03:32 +0000 (12:03 +0000)]
Simplify locking by using an intermediate lock variable.

While here get rid of the unused returned value of uvmpd_scan_inactive().

ok jsg@, kn@

2 years agoUse rwlock per inpcb table to protect notify list. The notify
bluhm [Mon, 22 Aug 2022 10:37:27 +0000 (10:37 +0000)]
Use rwlock per inpcb table to protect notify list.  The notify
function may sleep, so holding a mutex is not possible.  The same
list entry and rwlock is used for UDP multicast and raw IP delivery.
By adding a write lock, exclusive netlock is no longer necessary
for PCB notify and UDP and raw IP input.
OK mvs@

2 years agoAn RSC's EE cert mustn't have a SIA extension
tb [Mon, 22 Aug 2022 10:25:58 +0000 (10:25 +0000)]
An RSC's EE cert mustn't have a SIA extension

Explicitly forbidden in sections 2 and 5 of draft-ietf-sidrops-rpki-rsc-10.

looks good to claudio

2 years agolog connect, TLS and bind errors more prominently
jmatthew [Mon, 22 Aug 2022 10:10:59 +0000 (10:10 +0000)]
log connect, TLS and bind errors more prominently

2 years agoremove locore.s bzero and use libkern bzero on i386
jsg [Mon, 22 Aug 2022 09:33:40 +0000 (09:33 +0000)]
remove locore.s bzero and use libkern bzero on i386
libkern bzero doesn't have the 486 path but is otherwise the same
ok mlarkin@ deraadt@

2 years agoremove extern for cpu var removed in 2015
jsg [Mon, 22 Aug 2022 08:57:54 +0000 (08:57 +0000)]
remove extern for cpu var removed in 2015
ok daniel@

2 years agoremove cpu var from i386; removed from amd64 in 2015
jsg [Mon, 22 Aug 2022 08:53:55 +0000 (08:53 +0000)]
remove cpu var from i386; removed from amd64 in 2015
ok daniel@

2 years agoMove PRU_ACCEPT request to (*pru_accept)().
mvs [Mon, 22 Aug 2022 08:08:46 +0000 (08:08 +0000)]
Move PRU_ACCEPT request to (*pru_accept)().

ok bluhm@

2 years agoremove extra newlines from log messages
jmatthew [Mon, 22 Aug 2022 08:02:02 +0000 (08:02 +0000)]
remove extra newlines from log messages

2 years agouse Ic for all config options, and Xr ypldap 8 instead of Nm when talking
jmatthew [Mon, 22 Aug 2022 07:07:45 +0000 (07:07 +0000)]
use Ic for all config options, and Xr ypldap 8 instead of Nm when talking
about operations the daemon performs.

2 years agomips64, octeon, loonson: trigger deferred clock interrupts from splx(9)
cheloha [Mon, 22 Aug 2022 00:35:06 +0000 (00:35 +0000)]
mips64, octeon, loonson: trigger deferred clock interrupts from splx(9)

As with powerpc, powerpc64, and riscv64, on mips64 platforms we need
to isolate the clock interrupt schedule from the MD clock interrupt
code.  To do this, we need to stop deferring clock interrupt work
until the next tick and instead defer the work until we logically
unmask the clock interrupt from splx(9).

Add a boolean (ci_clock_deferred) to the cpu_info struct to note
whether we need to trigger the clock interrupt by hand, and then
do so from splx(9) by calling md_triggerclock().

Currently md_triggerclock is only ever set to cp0_trigger_int5().  The
routine takes great care to ensure that INT5 has fired or will fire
before returning.

There are some loongson machines that use glxclk instead of CP0.  They
can be switched to use CP0 later.

With input and advice from visa@ and miod@.

Compiled and extensively tested by visa@ and miod@ on various octeon
and loongson machines.  No issues seen on octeon machines.  miod@ saw
some odd things on loongsoon, but suggests that all issues are
probably unrelated to this patch.

Link: https://marc.info/?l=openbsd-tech&m=165929192702632&w=2
ok visa@, miod@

2 years agoOnly grab netlock in igmp and mdl6 fast timer when necessary. There
bluhm [Sun, 21 Aug 2022 23:04:45 +0000 (23:04 +0000)]
Only grab netlock in igmp and mdl6 fast timer when necessary.  There
are status variables that can be used to avoid locking if timers
are not running.  This should reduce contention on exclusive netlock.
OK kn@ mvs@

2 years agoMove PRU_CONNECT request to (*pru_connect)() handler.
mvs [Sun, 21 Aug 2022 22:45:55 +0000 (22:45 +0000)]
Move PRU_CONNECT request to (*pru_connect)() handler.

ok bluhm@

2 years agoRevise regress now that SSL_QUIC_METHOD exists.
jsing [Sun, 21 Aug 2022 19:46:19 +0000 (19:46 +0000)]
Revise regress now that SSL_QUIC_METHOD exists.

2 years agoProvide the remaining QUIC API.
jsing [Sun, 21 Aug 2022 19:42:15 +0000 (19:42 +0000)]
Provide the remaining QUIC API.

While more work is still required, this is sufficient to get ngtcp2 to
compile with QUIC and for curl to be able to make HTTP/3 requests.

ok tb@

2 years agoWire up SSL_QUIC_METHOD callbacks to the record layer callbacks for QUIC.
jsing [Sun, 21 Aug 2022 19:39:44 +0000 (19:39 +0000)]
Wire up SSL_QUIC_METHOD callbacks to the record layer callbacks for QUIC.

ok tb@

2 years agoProvide SSL_QUIC_METHOD.
jsing [Sun, 21 Aug 2022 19:32:38 +0000 (19:32 +0000)]
Provide SSL_QUIC_METHOD.

This provides SSL_QUIC_METHOD (aka ssl_quic_method_st), which allows for
QUIC callback hooks to be passed to an SSL_CTX or SSL. This is largely
ported/adapted from BoringSSL.

It is worth noting that this struct is not opaque and the original
interface exposed by BoringSSL differs to the one they now use. The
original interface was copied by quictls and it appears that this API
will not be updated to match BoringSSL.

To make things even more challenging, at least one consumer does not use
named initialisers, making code completely dependent on the order in
which the function pointers are defined as struct members. In order to
try to support both variants, the set_read_secret/set_write_secret
functions are included, however they have to go at the end.

ok tb@

2 years agoProvide and use QUIC specific error reasons.
jsing [Sun, 21 Aug 2022 19:18:57 +0000 (19:18 +0000)]
Provide and use QUIC specific error reasons.

ok tb@

2 years agoEnsure that SSL_{peek,read,write}() are not called if QUIC is in use.
jsing [Sun, 21 Aug 2022 18:17:11 +0000 (18:17 +0000)]
Ensure that SSL_{peek,read,write}() are not called if QUIC is in use.

ok tb@

2 years agoPrepare to provide SSL_ERROR_WANT_{ASYNC,ASYNC_JOB,CLIENT_HELLO_CB}
jsing [Sun, 21 Aug 2022 17:54:38 +0000 (17:54 +0000)]
Prepare to provide SSL_ERROR_WANT_{ASYNC,ASYNC_JOB,CLIENT_HELLO_CB}

LibreSSL will not return these values, however software is starting to
check for these as return values from SSL_get_error().

ok tb@

2 years agoMove PRU_LISTEN request to (*pru_listen)() handler.
mvs [Sun, 21 Aug 2022 17:30:21 +0000 (17:30 +0000)]
Move PRU_LISTEN request to (*pru_listen)() handler.

ok bluhm@

2 years agoAdd initial installboot(8) tests
kn [Sun, 21 Aug 2022 17:03:18 +0000 (17:03 +0000)]
Add initial installboot(8) tests

For now they all run on softraid(4) on vnd(4) and do not require any
setup up-front, making it easy to spot bugs in MD code.

amd64 passes, sparc64 passes with the exception of "-r/mnt" usage,
as is done by the installer, when the softraid volume contains
more than one chunk.  arm64 needs more love, still.

Will be hooked up per-arch soon.

OK anton

2 years agoChange soabort() return value to void. We never interesting on it.
mvs [Sun, 21 Aug 2022 16:22:17 +0000 (16:22 +0000)]
Change soabort() return value to void. We never interesting on it.

ok bluhm@

2 years agoRemove ip_local() and ip6_local(). After moving the IPv4 fragment
bluhm [Sun, 21 Aug 2022 14:15:55 +0000 (14:15 +0000)]
Remove ip_local() and ip6_local().  After moving the IPv4 fragment
reassembly and IPv6 hob-by-hob header chain processing out of
ip_local() and ip6_local(), they are almost empty stubs.  The check
for local deliver loop in ip_ours() and ip6_ours() is sufficient.
Recover mbuf offset and next protocol directly in ipintr() and
ip6intr().
OK mvs@

2 years agoprevent buffer overflow in OF_getpropint64array()
jasper [Sun, 21 Aug 2022 12:52:10 +0000 (12:52 +0000)]
prevent buffer overflow in OF_getpropint64array()
just like -r1.28 did for OF_getpropintarray()

ok kettenis@

2 years agoIntroduce a mutex per inpcb to serialize access to socket receive
bluhm [Sun, 21 Aug 2022 11:44:53 +0000 (11:44 +0000)]
Introduce a mutex per inpcb to serialize access to socket receive
buffer.  Later it may be used to protect more of the PCB or socket.
In divert input replace the kernel lock with this mutex.
OK mvs@

2 years agofix indent and zap trailing whitespace
tb [Sun, 21 Aug 2022 10:47:09 +0000 (10:47 +0000)]
fix indent and zap trailing whitespace

2 years agoA couple of minor changes for rtl8192eu:
kevlo [Sun, 21 Aug 2022 07:56:31 +0000 (07:56 +0000)]
A couple of minor changes for rtl8192eu:

- enable Tx/Rx aggregations of individual 802.11 frames on the USB bus
- in urtwn_fw_loadpage(), the maximum block size is 254 bytes rather than
  196 bytes
- clear the interrupt status register
- no need to disable BAR for USB devices and set NAV limit

ok stsp@, jmatthew@

2 years agoregen
daniel [Sun, 21 Aug 2022 04:04:53 +0000 (04:04 +0000)]
regen

2 years agoimprove some Transmeta pci device names
daniel [Sun, 21 Aug 2022 04:03:47 +0000 (04:03 +0000)]
improve some Transmeta pci device names

Mem1 -> SDRAM
Mem2 -> BIOS

These show up in pcidump as "Class: 05 Memory, Subclass: 00 RAM" which is
probably the reason for the Mem1/Mem2 names.

From NetBSD with tweaks from jsg@; also confirmed in the Transmeta BIOS
Programmer's Guide.

ok jsg@

2 years agoupdate a few German airports; from Thomas Wager
daniel [Sun, 21 Aug 2022 03:08:52 +0000 (03:08 +0000)]
update a few German airports; from Thomas Wager

2 years agoMove PRU_BIND request to (*pru_bind)() handler.
mvs [Sat, 20 Aug 2022 23:48:57 +0000 (23:48 +0000)]
Move PRU_BIND request to (*pru_bind)() handler.

For the protocols which don't support request, leave handler NULL. Do the
NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in
such case. This will be done for all upcoming user request handlers.

ok bluhm@ guenther@

2 years agodrop detection code for Cyrix CPUs older than the Cyrix M2
daniel [Sat, 20 Aug 2022 23:33:53 +0000 (23:33 +0000)]
drop detection code for Cyrix CPUs older than the Cyrix M2

The 486DLC is a 486-class CPU which we no longer support on i386.

The 6x86 (also known as the M1) did not support CPUID by default[*]
so extra support code is needed to differentiate between these early
Cyrix processors in order to apply some errata that the M1 needs.
However the 6x86 doesn't implement the RDTSC instruction so we can
remove support code for this CPU at this point.

Cyrix implemented RDTSC in the 6x86MX (also known as the M2). So
this is likely the earliest Cyrix CPU that we can support on i386.

We keep the support code in "cyrix6x86_cpu_setup" because early
6x86MX CPUs would continue to benefit from this fixup code.

[*]: CPUID can be enabled on the Cyrix 6x86 by setting bit 7 of
CCR4

ok mlarkin@, jsg@

2 years agozap a tab
tb [Sat, 20 Aug 2022 21:48:25 +0000 (21:48 +0000)]
zap a tab

2 years agoremove Cyrix 486DLC register defines from amd64
daniel [Sat, 20 Aug 2022 19:26:00 +0000 (19:26 +0000)]
remove Cyrix 486DLC register defines from amd64

Cyrix CPUs don't support amd64. These defines were probably carried
over from i386 accidentally when the amd64 code was first imported.

ok mlarkin@, jsg@

2 years agoTest EVP_chacha20_poly1305() (linking statically for now)
jsing [Sat, 20 Aug 2022 19:25:14 +0000 (19:25 +0000)]
Test EVP_chacha20_poly1305() (linking statically for now)

2 years agoProvide EVP_chacha20_poly1305()
jsing [Sat, 20 Aug 2022 19:22:28 +0000 (19:22 +0000)]
Provide EVP_chacha20_poly1305()

EVP_chacha20_poly1305() is an EVP_CIPHER implementation of the
ChaCha20-Poly1305 AEAD. This is potentially used to provide encryption for
the QUIC transport layer.

Where possible, this should be avoided in favour of the significantly saner
EVP_AEAD interface.

ok tb@

2 years agoRemove bogus length checks from EVP_aead_chacha20_poly1305()
jsing [Sat, 20 Aug 2022 18:51:09 +0000 (18:51 +0000)]
Remove bogus length checks from EVP_aead_chacha20_poly1305()

The length checks for EVP_aead_chacha20_poly1305() seal/open were incorrect
and are no longer necessary (not to mention that the comment failed to
match the code). Remove these since the underlying ChaCha implementation
will now handle the same sized inputs at these functions can.

Issue flagged by and ok tb@

2 years agoRemove UINT32_MAX limitation on ChaCha() and CRYPTO_chacha_20().
jsing [Sat, 20 Aug 2022 18:44:58 +0000 (18:44 +0000)]
Remove UINT32_MAX limitation on ChaCha() and CRYPTO_chacha_20().

We can avoid this unnecessary limitation by calling chacha_encrypt_bytes()
multiple times internally. In the case of ChaCha(), the caller still needs
to ensure that the same IV is not used for more than 2^70 bytes.

ok tb@

2 years agoRewrite i2c_ASN1_INTEGER() using CBB/CBS.
jsing [Sat, 20 Aug 2022 18:17:33 +0000 (18:17 +0000)]
Rewrite i2c_ASN1_INTEGER() using CBB/CBS.

This gives us cleaner and safer code, although it is worth noting that we
now generate the encoding even when called with NULL as the output pointer
(and then discard it, returning just the length).

Resolves oss-fuzz #49963.

ok tb@

2 years agoMake it possible to signal an error from an i2c_* function.
jsing [Sat, 20 Aug 2022 17:55:08 +0000 (17:55 +0000)]
Make it possible to signal an error from an i2c_* function.

In asn1_i2d_ex_primitive(), asn1_ex_i2c() returning -1 is used to indicate
that the object is optional and should be skipped, while -2 is used to
indicate that indefinite length encoding should be used. Any other negative
value was treated as success, resulting in the out pointer being walked
backwards. Avoid this by treating any negative value (aside from -1 and -2)
as a failure, propagating it up the stack.

Additionally, check the return value of the second asn1_ex_i2c() call to
ensure that it matches the value returned by the first call. This makes
sure that the length of the encoded object is correct, plus it detects the
case where a failure occurs during the second call.

Discussed with tb@ (who also flagged the negative value issue).

2 years agoAdd #define for RTLD_NOLOAD missed in last ld.so commit.
tb [Sat, 20 Aug 2022 17:39:22 +0000 (17:39 +0000)]
Add #define for RTLD_NOLOAD missed in last ld.so commit.

2 years agodocument RTLD_NOLOAD, from FreeBSD via guenther@
sthen [Sat, 20 Aug 2022 14:14:24 +0000 (14:14 +0000)]
document RTLD_NOLOAD, from FreeBSD via guenther@

2 years agoadd ld.so RTLD_NOLOAD regress tests, ok jca@ guenther@
sthen [Sat, 20 Aug 2022 14:13:48 +0000 (14:13 +0000)]
add ld.so RTLD_NOLOAD regress tests, ok jca@ guenther@

2 years agoSupport RTLD_NOLOAD in ld.so. From guenther@. OK jca@ guenther@
sthen [Sat, 20 Aug 2022 14:11:31 +0000 (14:11 +0000)]
Support RTLD_NOLOAD in ld.so. From guenther@. OK jca@ guenther@

2 years agoRestore the exemption from start/size checks that OpenBSD (A6)
krw [Sat, 20 Aug 2022 13:10:45 +0000 (13:10 +0000)]
Restore the exemption from start/size checks that OpenBSD (A6)
MBR partitions previously enjoyed.

Found and fix tested by matthieu@

2 years agoUnhook vmd for i386
kn [Sat, 20 Aug 2022 11:10:50 +0000 (11:10 +0000)]
Unhook vmd for i386

OK sthen

2 years agoAdd an empty pkcs12_local.h and include it where it will soon be needed.
tb [Sat, 20 Aug 2022 09:16:18 +0000 (09:16 +0000)]
Add an empty pkcs12_local.h and include it where it will soon be needed.

2 years agoAlign description of -g and -u with mount_tmpfs.8
tb [Sat, 20 Aug 2022 07:03:24 +0000 (07:03 +0000)]
Align description of -g and -u with mount_tmpfs.8

"Reads better indeed" otto

2 years ago-k and -K are mutually exclusive, make usage match manual
kn [Sat, 20 Aug 2022 06:39:24 +0000 (06:39 +0000)]
-k and -K are mutually exclusive, make usage match manual

OK millert

2 years agoAccept both names and ids for -g and -u and implement missing error
otto [Sat, 20 Aug 2022 05:59:57 +0000 (05:59 +0000)]
Accept both names and ids for -g and -u and implement missing error
handling. Code from mount_msdos (which got it from chmod/chown).
ok tb@ deraadt@

2 years agoZap useless cast
kn [Fri, 19 Aug 2022 18:56:26 +0000 (18:56 +0000)]
Zap useless cast

opendev(3) takes a const char * (since 2012, thanks tb),
just what getinfo() provides.
No amd64 object change.

OK millert tb

2 years agoImprove RAID level parsing
kn [Fri, 19 Aug 2022 17:49:10 +0000 (17:49 +0000)]
Improve RAID level parsing

Check for numeric levels before checking for single-character ones
("c" and "C") such that a) invalid synopsis (no "-l") is detected as such
# bioctl -c 10 vnd0 softraid0
bioctl: Invalid RAID level
# ./obj/bioctl -c 10 vnd0 softraid0
usage: bioctl ...

and b) ten is correctly treated as valid but unsupported level:
# bioctl -c 10 -l vnd0a softraid0
bioctl: Invalid RAID level
# ./obj/bioctl -c 10 -l vnd0a softraid0
bioctl: unsupported RAID level

Uppercase the abbreviation while here.

Feedback OK tb

2 years agoUp to version 1.22.4, groff_mdoc(7) only considered the first word
schwarze [Fri, 19 Aug 2022 12:49:36 +0000 (12:49 +0000)]
Up to version 1.22.4, groff_mdoc(7) only considered the first word
when comparing section headers.  For example, ".Sh SEE ELSEWHERE"
and ".Sh SEE Em ALSO" were considered instances of a SEE ALSO
section.  In groff-current, exact matches with no sub-macros are
required.  Adjust mandoc behaviour.

While here, also fix a very minor mandoc bug, even though no
detrimental effect of the bug on formatting is known.  While using
sub-macros in the .Sh HEAD is bad style, the parsers accept it, so
setting the section attribute on the HEAD needs to act recursively.

2 years agoCheck the resources in ROAs and RSCs against EE certs
tb [Fri, 19 Aug 2022 12:45:53 +0000 (12:45 +0000)]
Check the resources in ROAs and RSCs against EE certs

The resources delegated in the RFC 3779 extensions of the EE cert for
ROAs or RSCs can be a subset of the resources in the auth chain. So far
we compared that the resources of ROAs and RSCs are covered by the auth
chain, which is not entirely correct. Extract the necessary data from
the EE cert into rpki-client's own data structures, then verify that
the EE cert's resources cover the ones claimed in the ROA or RSC.

Do this as part or ROA and RSC parsing, that the EE cert's resources are
covered by the auth chain is checked in valid_x509() later on.

All this is a bit more annoying and intrusive than it should be...

ok claudio job

2 years agoFix nexthop lookup for connected routes.
claudio [Fri, 19 Aug 2022 09:11:18 +0000 (09:11 +0000)]
Fix nexthop lookup for connected routes.

In knexthop_true_nexthop() connected routes need to be handled specially.
If a nexthop is directly reachable the gateway needs to remain the same.
There is no nexthop set for F_CONNECTED kroutes. A very similar trick
is used in rde_rib.c::nexthop_update() but was forgotten here.

Regression noticed by Daniel Jakots (danj at chown.me).
OK tb@

2 years agoSplit -p into own synopsis
kn [Fri, 19 Aug 2022 08:27:48 +0000 (08:27 +0000)]
Split -p into own synopsis

Platform-dependent preparation of the filesystem required by the boot loader
only ever creates a new fileystem without instaling using any bootstrap files.

To reflect reality, turn
# installboot -nvp vnd0
Using / as root
would install bootstrap on /dev/rvnd0c
using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot
would newfs 545c9bdf92aa18f9.i

into
# ./obj/installboot -nvp vnd0
would newfs 4db2c0e89e0d3268.i

and error out if -p is combined with -r or stages:
$ man -hl./installboot.8
installboot [-nv] [-r root] disk [stage1 [stage2]]
installboot [-nv] -p disk

Feedback OK millert

2 years agoDocument lease files
kn [Fri, 19 Aug 2022 08:09:42 +0000 (08:09 +0000)]
Document lease files

Feedback OK jmc

2 years agoattemp FIDO key signing without PIN and use the error code returned
djm [Fri, 19 Aug 2022 06:07:47 +0000 (06:07 +0000)]
attemp FIDO key signing without PIN and use the error code returned
to fall back only if necessary. Avoids PIN prompts for FIDO tokens
that don't require them; part of GHPR#302

2 years agoremove incorrect check that can break enrolling a resident key
djm [Fri, 19 Aug 2022 05:53:28 +0000 (05:53 +0000)]
remove incorrect check that can break enrolling a resident key
(introduced in r1.40)

2 years agoGrab the mutex before iterating on the global list.
mpi [Fri, 19 Aug 2022 05:53:19 +0000 (05:53 +0000)]
Grab the mutex before iterating on the global list.

Prevent race reported some months ago.

ok mlarkin@, jsg@, kn@

2 years agospelling;
jmc [Fri, 19 Aug 2022 05:47:32 +0000 (05:47 +0000)]
spelling;

2 years agoStrictly enforce the maximum allowed SSH2 banner size in ssh-keyscan
dtucker [Fri, 19 Aug 2022 04:02:46 +0000 (04:02 +0000)]
Strictly enforce the maximum allowed SSH2 banner size in ssh-keyscan
and prevent a one-byte buffer overflow.  Patch from Qualys, ok djm@

2 years agoAdd local bind mode, where ypldap manages the YP binding file itself
jmatthew [Fri, 19 Aug 2022 03:50:32 +0000 (03:50 +0000)]
Add local bind mode, where ypldap manages the YP binding file itself
rather than relying on ypbind to do it, which also means you don't need
portmap running.  In this mode, ypldap binds its rpc sockets to loopback,
so YP services are only available to the host it's running on.  The
previous behaviour, now called portmap bind mode, is still the default.

encouragement from deraadt@ and dlg@

2 years agodouble free() in error path; from Eusgor via GHPR333
djm [Fri, 19 Aug 2022 03:06:30 +0000 (03:06 +0000)]
double free() in error path; from Eusgor via GHPR333

2 years agoAdjust signatures of BIO_ctrl functions
tb [Thu, 18 Aug 2022 18:42:13 +0000 (18:42 +0000)]
Adjust signatures of BIO_ctrl functions

In bio.h r1.54, the signature of BIO_callback_ctrl() was changed from
bio_info_cb to BIO_info_cb. Adjust manual to reflect this change.

At the moment, bio_info_cb and BIO_info_cb are still distinct types with
our BIO_info_cb matching OpenSSL's definition. Historically, bio_info_cb
had a different type, but that leads to issues with casting function
pointers. The ecosystem has moved on to embrace the new type and several
ports confuse the two types because OpenSSL decided to "solve" the issues
with "typedef BIO_info_cb bio_info_cb; /* backward compatibilty */". We
will align with this in the next bump.

ok jsing

2 years agoIn kroute_insert() fix the check for multipath routes. Use a helper variable
claudio [Thu, 18 Aug 2022 17:02:42 +0000 (17:02 +0000)]
In kroute_insert() fix the check for multipath routes. Use a helper variable
since krm is only set for IPv4 routes but not for IPv6 ones.
OK tb@

2 years agoAllow empty attribute sets in CSRs
tb [Thu, 18 Aug 2022 16:26:33 +0000 (16:26 +0000)]
Allow empty attribute sets in CSRs

While each attribute must contain at least one extension, it is not
required that a CSR have attributes at all. Instead of signalling an
error by returning NULL if no extensions are found, return an empty
stack of extensions.

Via OpenSSL 1f02ca2d

ok jsing

2 years agoRemove dangling ASPA references until we land real support
job [Thu, 18 Aug 2022 15:20:27 +0000 (15:20 +0000)]
Remove dangling ASPA references until we land real support

OK tb@

2 years agorepair printing of cpu class after machdep.c 1.652
jsg [Thu, 18 Aug 2022 13:05:43 +0000 (13:05 +0000)]
repair printing of cpu class after machdep.c 1.652
ok daniel@ mlarkin@

2 years agoThere is no need to pass the fd to send_rtmsg(), the fd is always the
claudio [Thu, 18 Aug 2022 12:14:00 +0000 (12:14 +0000)]
There is no need to pass the fd to send_rtmsg(), the fd is always the
one from kr_state and removing this argument helps portability.
OK tb@

2 years agoTweak prototype to match function definition (n -> index)
tb [Thu, 18 Aug 2022 07:00:59 +0000 (07:00 +0000)]
Tweak prototype to match function definition (n -> index)

2 years agoMove recomputation of hz and stathz from glk to glkclk, lets a kernel with
miod [Thu, 18 Aug 2022 06:31:36 +0000 (06:31 +0000)]
Move recomputation of hz and stathz from glk to glkclk, lets a kernel with
glkclk disabled keep correct values of those. NFC

2 years agodrm/bridge: Move devm_drm_of_get_bridge to bridge/panel.c
jsg [Thu, 18 Aug 2022 01:04:54 +0000 (01:04 +0000)]
drm/bridge: Move devm_drm_of_get_bridge to bridge/panel.c

From Maxime Ripard
f2725951579701420879c29e87043e77537ac0c6 in linux 5.15.y/5.15.61
d4ae66f10c8b9959dce1766d9a87070e567236eb in mainline linux

2 years agodrm/dp/mst: Read the extended DPCD capabilities during system resume
jsg [Thu, 18 Aug 2022 01:02:22 +0000 (01:02 +0000)]
drm/dp/mst: Read the extended DPCD capabilities during system resume

From Imre Deak
4a54c13786c5a596b4e072b36e245029e11a565c in linux 5.15.y/5.15.61
7a710a8bc909313951eb9252d8419924c771d7c2 in mainline linux

2 years agodrm/bridge: Add a function to abstract away panels
jsg [Thu, 18 Aug 2022 00:59:23 +0000 (00:59 +0000)]
drm/bridge: Add a function to abstract away panels

From Maxime Ripard
ed486d15084f7429298ca4c577e5647a3fdca934 in linux 5.15.y/5.15.61
87ea95808d53e56b03e620e8f8f3add48899a88d in mainline linux

2 years agoadd empty drm_of.h for 5.15.61 drm_bridge.c
jsg [Thu, 18 Aug 2022 00:55:32 +0000 (00:55 +0000)]
add empty drm_of.h for 5.15.61 drm_bridge.c

2 years agodrm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()
jsg [Thu, 18 Aug 2022 00:48:40 +0000 (00:48 +0000)]
drm/radeon: fix potential buffer overflow in ni_set_mc_special_registers()

From Alexey Kodanev
deb603c5928e546609c0d5798e231d0205748943 in linux 5.15.y/5.15.61
136f614931a2bb73616b292cf542da3a18daefd5 in mainline linux

2 years agodrm/amdgpu: Remove one duplicated ef removal
jsg [Thu, 18 Aug 2022 00:46:01 +0000 (00:46 +0000)]
drm/amdgpu: Remove one duplicated ef removal

From xinhui pan
e45491556e2ae96d02eb4ccf18a5cc6ff2d30edc in linux 5.15.y/5.15.61
e1aadbab445b06e072013a1365fd0cf2aa25e843 in mainline linux

2 years agodrm/amdgpu: fix check in fbdev init
jsg [Thu, 18 Aug 2022 00:43:54 +0000 (00:43 +0000)]
drm/amdgpu: fix check in fbdev init

From Alex Deucher
27f8f5219fe4658537ba28fd01657e1062ac3960 in linux 5.15.y/5.15.61

2 years agodrm/amdgpu: Check BO's requested pinning domains against its preferred_domains
jsg [Thu, 18 Aug 2022 00:41:20 +0000 (00:41 +0000)]
drm/amdgpu: Check BO's requested pinning domains against its preferred_domains

From Leo Li
eb3c69c7c777d9d3c016568cb062ef02197a5a4e in linux 5.15.y/5.15.61
f5ba14043621f4afdf3ad5f92ee2d8dbebbe4340 in mainline linux

2 years agodrm/gem: Properly annotate WW context on drm_gem_lock_reservations() error
jsg [Thu, 18 Aug 2022 00:38:21 +0000 (00:38 +0000)]
drm/gem: Properly annotate WW context on drm_gem_lock_reservations() error

From Dmitry Osipenko
da2a1aa058acd7eb2cccd9de74df0809cbe4f1f8 in linux 5.15.y/5.15.61
2939deac1fa220bc82b89235f146df1d9b52e876 in mainline linux

2 years agoImplement the SSL_CTRL_GET_SHARED_GROUP control
tb [Wed, 17 Aug 2022 18:51:47 +0000 (18:51 +0000)]
Implement the SSL_CTRL_GET_SHARED_GROUP control

This implements SSL_get_shared_{curve,group}() in a bug-compatible
fashion with OpenSSL.

This is your average OpenSSL-style overloaded parameter API where n >= 0
means "return the n-th shared group's NID" (as if anyone possibly ever
cared about the case n > 0) and n == -1 means "return the number of
shared groups". There is also an undocumented case n == -2 for Suite B
profile support which falls back to n == 0 in case Suite B profile
support is disabled, so n == -2 is the same as n == 0 in LibreSSL.

The API also returns 0 for error, which is indistinguishable from a
count of 0 shared groups but coincides with NID_undef. Contrary to claims
in the documentation, the API doesn't actually return -1 for clients,
rather it returns 0.

Obviously this entire exercise is pretty useless, but since somebody
exposed it because they could and someone else used it because they could
we need to provide it.

ok jsing

2 years agoMention support for booting off RAID 1C
kn [Wed, 17 Aug 2022 18:50:11 +0000 (18:50 +0000)]
Mention support for booting off RAID 1C

2 years agoRefactor tls1_get_supported_group()
tb [Wed, 17 Aug 2022 18:45:25 +0000 (18:45 +0000)]
Refactor tls1_get_supported_group()

This splits tls1_get_supported_group() into a few helper functions to
be able to count shared groups and to return the n-th shared group since
someone thought it is a great idea to expose that in a single API and
some others thought it is useful to add this info to log noise.

This is all made a bit more complicated thanks to the security level
having its tentacles everywhere and because a user-provided security
callback can influence the list of groups shared by the peers.

ok jsing

2 years agoAdd SSL_get_shared_{curve,group}()
tb [Wed, 17 Aug 2022 18:43:17 +0000 (18:43 +0000)]
Add SSL_get_shared_{curve,group}()

These are wrappers of SSL_ctrl() using the SSL_CTRL_GET_SHARED_GROUP
control. Do not provide SSL_CTRL_GET_SHARED_CURVE since that is only
mentioned in Net::SSLeay docs according to codesearch.debian.net.

ok jsing

2 years agoMake tls1_get_{format,group_}list() take a const SSL
tb [Wed, 17 Aug 2022 18:42:13 +0000 (18:42 +0000)]
Make tls1_get_{format,group_}list() take a const SSL

ok jsing

2 years agoProvide ssl_security_shared_group()
tb [Wed, 17 Aug 2022 18:41:17 +0000 (18:41 +0000)]
Provide ssl_security_shared_group()

Refactor ssl_security_supported_group() into a wrapper of a new internal
ssl_security_group() which takes a secop as an argument. This allows
adding ssl_security_shared_group() which will be needed in upcoming
commits.

ok jsing

2 years agoVisited this airport in 2019
job [Wed, 17 Aug 2022 18:12:16 +0000 (18:12 +0000)]
Visited this airport in 2019

2 years agoFix vldc(4) event filters
visa [Wed, 17 Aug 2022 15:26:56 +0000 (15:26 +0000)]
Fix vldc(4) event filters

Indicate non-activeness when the device is not ready for reading
or writing. This should make the event filters behave more like
the old poll code.

"makes sense to me" mpi@

2 years agoUse memset() instead of bzero().
claudio [Wed, 17 Aug 2022 15:16:12 +0000 (15:16 +0000)]
Use memset() instead of bzero().
OK tb@ deraadt@