openbsd
8 months agoRemove documentation of no longer available API
tb [Sun, 14 Apr 2024 10:56:18 +0000 (10:56 +0000)]
Remove documentation of no longer available API

8 months agoImplement support for AVX-512. This required some fixes to the so-far
kettenis [Sun, 14 Apr 2024 09:59:04 +0000 (09:59 +0000)]
Implement support for AVX-512.  This required some fixes to the so-far
unused Skylake AVX-512 MDS handler and increases the ci_mds_tmp array to
64 bytes.  With help from guenther@

ok deraadt@, guenther@

8 months agoless: escape newlines in file names
tb [Sun, 14 Apr 2024 08:34:00 +0000 (08:34 +0000)]
less: escape newlines in file names

Newlines in a filename can lead to arbitrary code execution
https://marc.info/?l=oss-security&m=171292433330233&w=2
via LESSOPEN.  The diff is a straightforward adaptation of
https://github.com/gwsw/less/commit/007521ac3c95bc76

The better fix is deleting the misfeatures that are LESSOPEN
and LESSCLOSE which will happen in a separate commit.

diff looks good to guenther

8 months agowith empty body loops, put final semicolon on a new line for readability
jsg [Sun, 14 Apr 2024 03:26:25 +0000 (03:26 +0000)]
with empty body loops, put final semicolon on a new line for readability
ok bluhm@ jca@

8 months agoput loop body on a new line
jsg [Sun, 14 Apr 2024 03:23:13 +0000 (03:23 +0000)]
put loop body on a new line
ok bluhm@ jca@

8 months agoavoid uninitialised var use
jsg [Sun, 14 Apr 2024 00:38:26 +0000 (00:38 +0000)]
avoid uninitialised var use
found by smatch, ok miod@

8 months agocorrect indentation
jsg [Sat, 13 Apr 2024 23:44:11 +0000 (23:44 +0000)]
correct indentation

no functional change, found by smatch warnings
ok miod@ bluhm@

8 months agovmm: protect vmm activation with the vmm_softc rwlock.
dv [Sat, 13 Apr 2024 21:57:22 +0000 (21:57 +0000)]
vmm: protect vmm activation with the vmm_softc rwlock.

Syzbot found a race when enabling vmm mode on multiprocessor systems.

Protect the vmm start/stop lifecycle by taking the write lock used
for protecting the status of the vmm device.

Reported-by: syzbot+6ae9cec00bbe45fd7782@syzkaller.appspotmail.com
ok gnezdo@

8 months agocheck group and world permissions of iked psk files
jrick [Sat, 13 Apr 2024 15:58:10 +0000 (15:58 +0000)]
check group and world permissions of iked psk files

Similar to the permission checks performed on iked.conf(5) due to the
possibility of it containing inline psk strings, require psk files to not be
group writable or world read-writable.

ok tobhe@

8 months agoReadd FFS_MAX_SOFTDEPS define
jca [Sat, 13 Apr 2024 15:08:37 +0000 (15:08 +0000)]
Readd FFS_MAX_SOFTDEPS define

For consistency with other removed indexes which are still around.
No functional change except for the new define.  ok tb@

8 months agoZap unused sd_* softdep sysctl names
jca [Sat, 13 Apr 2024 15:07:10 +0000 (15:07 +0000)]
Zap unused sd_* softdep sysctl names

ok tb@

8 months agoRenove unused function and prototype.
kettenis [Sat, 13 Apr 2024 14:20:48 +0000 (14:20 +0000)]
Renove unused function and prototype.

ok jsg@

8 months agoSplit out Spectre-V2 and Spectre-BHB mitigation code like I did for
kettenis [Sat, 13 Apr 2024 14:19:39 +0000 (14:19 +0000)]
Split out Spectre-V2 and Spectre-BHB mitigation code like I did for
Spectre-V4 a few weeks ago.  Treat Qualcomm Kryo 400 Silver like Cortex-A55
for Spectre-V2 since that is what is is.

ok jsg@

8 months agoError check X509_ALGOR_set0() in {dsa,ec}_pkey_ctrl()
tb [Sat, 13 Apr 2024 14:02:51 +0000 (14:02 +0000)]
Error check X509_ALGOR_set0() in {dsa,ec}_pkey_ctrl()

These are four versions of near identical code: PKCS#7 and CMS controls
for DSA and EC. The checks are rather incomplete and should probably be
merged somehow (see the Ed25519 version in ecx_methods(). For now, only
replace X509_ALGOR_set0() with its internal by_nid() version and, while
there, spell NULL correctly.

ok jca

8 months agosync to unbound 1.19.3
florian [Sat, 13 Apr 2024 13:58:34 +0000 (13:58 +0000)]
sync to unbound 1.19.3

heavy lifting by & OK sthen

8 months agoUnwrap a line for consistency with other copy-pasted versions
tb [Sat, 13 Apr 2024 13:57:54 +0000 (13:57 +0000)]
Unwrap a line for consistency with other copy-pasted versions

8 months agomerge unbound 1.19.3
sthen [Sat, 13 Apr 2024 12:24:57 +0000 (12:24 +0000)]
merge unbound 1.19.3

8 months agoimport unbound 1.19.3, ok florian
sthen [Sat, 13 Apr 2024 12:23:45 +0000 (12:23 +0000)]
import unbound 1.19.3, ok florian

8 months agodocument "psk file path" notation; from josh rickmar
jmc [Sat, 13 Apr 2024 12:11:08 +0000 (12:11 +0000)]
document "psk file path" notation; from josh rickmar
ok tobhe

8 months agoremove useless includes of ip.h and ip6.h
jan [Fri, 12 Apr 2024 19:27:43 +0000 (19:27 +0000)]
remove useless includes of ip.h and ip6.h

ok bluhm

8 months agoSplit single TCP inpcb table into IPv4 and IPv6 parts.
bluhm [Fri, 12 Apr 2024 16:07:09 +0000 (16:07 +0000)]
Split single TCP inpcb table into IPv4 and IPv6 parts.

With two separate TCP hash tables, each one becomes smaller.  When
we remove the exclusive net lock from TCP, contention on internet
PCB table mutex will be reduced.  UDP has been split earlier into
IPv4 and IPv6.  Replace branch conditions based on INP_IPV6 with
assertions.

OK mvs@

8 months agoUpdate to nsd 4.9.1
florian [Fri, 12 Apr 2024 15:53:34 +0000 (15:53 +0000)]
Update to nsd 4.9.1

sparc64 built test by tb
OK tb, sthen

8 months agomerge unbound update
sthen [Fri, 12 Apr 2024 15:45:24 +0000 (15:45 +0000)]
merge unbound update

8 months agoimport unbound 1.19.2, reminded by florian@
sthen [Fri, 12 Apr 2024 15:44:27 +0000 (15:44 +0000)]
import unbound 1.19.2, reminded by florian@
(yes I know there is a newer one, I'll update on top)

8 months agoIn snmpd_metrics process keep file descriptors 0 1 2 open.
bluhm [Fri, 12 Apr 2024 14:17:42 +0000 (14:17 +0000)]
In snmpd_metrics process keep file descriptors 0 1 2 open.

stdin, stdout, stderr are reserverd.  They should point to a terminal,
a redirect file or pipe, or /dev/null.  Closing them and allocating
arbitrary files in those places is not good.  Call closefrom with
4 to keep /dev/null open in snmpd_metrics.

OK martijn@

8 months agoAvoid snprintf() of NULL when _nc_get_source() returns NULL.
millert [Fri, 12 Apr 2024 14:10:28 +0000 (14:10 +0000)]
Avoid snprintf() of NULL when _nc_get_source() returns NULL.
The filename buffer is not actually used in this case but it is
safer to set it to the empty string than to leave it uninitialized.
OK tb@

8 months agoFix race between rip_input() and soisdisconnected().
bluhm [Fri, 12 Apr 2024 12:25:58 +0000 (12:25 +0000)]
Fix race between rip_input() and soisdisconnected().

Setting SS_CANTRCVMORE is protected by mutex of receive socket
buffer.  The raw inpcb loop in rip_input() does a lockless access.
Protect it with READ_ONCE(), although it is not perfect.  Check the
socket buffer state again when the mutex is held.  Drop and count
the packet that is processed between the checks.

Currently soisdisconnected() is called with exclusive net lock.
The new code also works without net lock.

OK mvs@

8 months agoFix warning about delta element issues in the Update Notification File XML
job [Fri, 12 Apr 2024 11:50:29 +0000 (11:50 +0000)]
Fix warning about delta element issues in the Update Notification File XML

OK tb@

8 months agobio_enc: various basic cleanup
tb [Fri, 12 Apr 2024 11:10:34 +0000 (11:10 +0000)]
bio_enc: various basic cleanup

Call a BIO bio rather than bi, a, or b; don't cast when assigning from
or to a (void *). Drop loads of silly redundant parentheses, use better
order of variable declarations.

No change in the generated assembly

8 months agocorrect loop in channel set function
jsg [Fri, 12 Apr 2024 09:56:39 +0000 (09:56 +0000)]
correct loop in channel set function
found by smatch indent warning
ok kevlo@ stsp@

8 months agoGarbage collect various *_init() pmeths
tb [Fri, 12 Apr 2024 09:41:39 +0000 (09:41 +0000)]
Garbage collect various *_init() pmeths

It's unclear whether the functions these support were ever really
used for anything else than kicking off an overenginerred state
machine.

ok jsing

8 months agoFix a potential NULL-deref in EVP_PKEY_keygen()
tb [Fri, 12 Apr 2024 02:56:15 +0000 (02:56 +0000)]
Fix a potential NULL-deref in EVP_PKEY_keygen()

After a EVP_PKEY_new() failure, a NULL pointer would be passed to the
keygen pmeth, which could result in tears.

ok beck jsing

8 months agognu/cvs: avoid a harmless configure warning
tb [Fri, 12 Apr 2024 02:51:52 +0000 (02:51 +0000)]
gnu/cvs: avoid a harmless configure warning

Ever since the prehistoric zlib was removed last fall, the configure script
would complain because of a missing file:
sed: 0: /usr/src/gnu/usr.bin/cvs/zlib/Makefile.in: No such file or directory

noticed by deraadt
ok bluhm

8 months agofix non-auto setting of extended media type bits
jsg [Fri, 12 Apr 2024 01:54:21 +0000 (01:54 +0000)]
fix non-auto setting of extended media type bits
found by smatch warning about uninitialised var use
ok jmatthew@

8 months agoRegen
kevlo [Fri, 12 Apr 2024 00:44:07 +0000 (00:44 +0000)]
Regen

8 months agoAdd support for CH343 uart.
kevlo [Fri, 12 Apr 2024 00:43:32 +0000 (00:43 +0000)]
Add support for CH343 uart.
The CH343 devices support any baud rate up to 6 Mbps.

ok miod@

8 months agocorrect value of XFEATURE_AMX
jsg [Thu, 11 Apr 2024 23:00:13 +0000 (23:00 +0000)]
correct value of XFEATURE_AMX
ok miod@ guenther@

8 months agoStop making <machine/pmap.h> include <machine/pte.h>, and fix the very few
miod [Thu, 11 Apr 2024 18:58:44 +0000 (18:58 +0000)]
Stop making <machine/pmap.h> include <machine/pte.h>, and fix the very few
files which really need <machine/pte.h> guts.

8 months agoRemove repeated type declaration that makes bison unhappy
tb [Thu, 11 Apr 2024 18:07:55 +0000 (18:07 +0000)]
Remove repeated type declaration that makes bison unhappy

Fixes: https://github.com/openbgpd-portable/openbgpd-portable/issues/77

ok claudio

8 months agoFix previous: it should not have removed the "max_softdeps" entry
otto [Thu, 11 Apr 2024 16:31:30 +0000 (16:31 +0000)]
Fix previous: it should not have removed the "max_softdeps" entry
to keep the indexes consistent. ok deraadt@

8 months agoPrevent changing interface loopback flag from userland.
bluhm [Thu, 11 Apr 2024 15:08:18 +0000 (15:08 +0000)]
Prevent changing interface loopback flag from userland.

IFF_LOOPBACK is telling userland the behaviour of a specific driver,
it is supposed to be static and permanent.  Clearing the loopback
flag on lo0 could lead to a kernel crash due to inconsistent multicast
igmp group.

Reported-by: syzbot+2f24ed6c8ddb2d6bb22c@syzkaller.appspotmail.com
OK claudio@ deraadt@

8 months agoDon't take solock() in soreceive() for SOCK_RAW inet sockets.
mvs [Thu, 11 Apr 2024 13:32:51 +0000 (13:32 +0000)]
Don't take solock() in soreceive() for SOCK_RAW inet sockets.

For inet sockets solock() is the netlock wrapper, so soreceive() could
be performed simultaneous with exclusively locked code paths.

These sockets are not connection oriented, they don't call pru_rcvd(),
they can't be spliced, they don't set `so_error'. Nothing to protect
with solock() in soreceive() path.

`so_rcv' buffer protected by `sb_mtx' mutex(9), but since it released,
sblock() required to serialize concurrent soreceive() and sorflush()
threads. Current sblock() is some kind of rwlock(9) implementation, so
introduce `sb_lock' rwlock(9) and use it directly for that purpose.

The sorflush() and callers were refactored to avoid solock() for raw
inet sockets. This was done to avoid packet processing stop.

Tested and ok bluhm.

8 months agoTake solock_shared() in soo_stat().
mvs [Thu, 11 Apr 2024 08:33:37 +0000 (08:33 +0000)]
Take solock_shared() in soo_stat().

Only unix(4) and tcp(4) sockets set (*pru_sence)() handler. The rest of
soo_stat() is the read only access.

ok bluhm

8 months agoUse != NULL for pointer check. No binary change.
claudio [Thu, 11 Apr 2024 08:33:15 +0000 (08:33 +0000)]
Use != NULL for pointer check. No binary change.

8 months agoRemove parentheses after return
tb [Thu, 11 Apr 2024 06:49:19 +0000 (06:49 +0000)]
Remove parentheses after return

This file was very undecided what style to choose and often changed its
mind in the middle of a function. No change in the generated assembly.

8 months agoMatch on ConnectX-6 virtual functions too, since they don't seem to be
jmatthew [Thu, 11 Apr 2024 06:42:12 +0000 (06:42 +0000)]
Match on ConnectX-6 virtual functions too, since they don't seem to be
any different to earlier revisions.

from Brad

8 months agoRework internal tm_to_*() converters
tb [Thu, 11 Apr 2024 06:42:09 +0000 (06:42 +0000)]
Rework internal tm_to_*() converters

Make them static. Don't make them allocate if passed a NULL ASN1_TIME to
avoid leaks. This currently means that we accept a NULL and succeed. That's
very ugly but better than what we have now.

Simplify ASN1_TIME_set_string_internal() accordingly and allocate an
ASN1_TIME at the API boundary of ASN1_TIME_adj_internal() and of
ASN1_TIME_to_generalized_time().

ok beck (after a lot of squealing and distress)

8 months agoAdd support for media types from the extended ethernet capabilities fields.
jmatthew [Thu, 11 Apr 2024 05:30:55 +0000 (05:30 +0000)]
Add support for media types from the extended ethernet capabilities fields.
If none of the regular ethernet capabilities are present, check the extended
capabilities.  Since we only report that the link is active if there's a
detected media type, this isn't just a cosmetic change.

Joerg Streckfuss reported that a gigabit SFP didn't work in a ConnectX-6 Lx,
and tested that this change makes it work.

ok dlg@

8 months agodrm/i915/gt: Enable only one CCS for compute workload
jsg [Thu, 11 Apr 2024 03:40:05 +0000 (03:40 +0000)]
drm/i915/gt: Enable only one CCS for compute workload

From Andi Shyti
a7ff84a6fe5ae8889a5f1c97008358836bd7f947 in linux-6.6.y/6.6.26
6db31251bb265813994bfb104eb4b4d0f44d64fb in mainline linux

8 months agodrm/i915/gt: Do not generate the command streamer for all the CCS
jsg [Thu, 11 Apr 2024 03:35:18 +0000 (03:35 +0000)]
drm/i915/gt: Do not generate the command streamer for all the CCS

From Andi Shyti
726ff623869ddc3de887d99296cac3c849061b21 in linux-6.6.y/6.6.26
ea315f98e5d6d3191b74beb0c3e5fc16081d517c in mainline linux

8 months agodrm/i915/gt: Disable HW load balancing for CCS
jsg [Thu, 11 Apr 2024 03:33:42 +0000 (03:33 +0000)]
drm/i915/gt: Disable HW load balancing for CCS

From Andi Shyti
c1f7ce2a11a945044d9d5556e638efdca70fb321 in linux-6.6.y/6.6.26
bc9a1ec01289e6e7259dc5030b413a9c6654a99a in mainline linux

8 months agodrm/prime: Unbreak virtgpu dma-buf export
jsg [Thu, 11 Apr 2024 03:31:39 +0000 (03:31 +0000)]
drm/prime: Unbreak virtgpu dma-buf export

From Rob Clark
cc4d9f0597ee1f1f94323611ae5d7473ddf2a99a in linux-6.6.y/6.6.26
a4ec240f6b7c21cf846d10017c3ce423a0eae92c in mainline linux

8 months agodrm/amd: Flush GFXOFF requests in prepare stage
jsg [Thu, 11 Apr 2024 03:29:26 +0000 (03:29 +0000)]
drm/amd: Flush GFXOFF requests in prepare stage

From Mario Limonciello
3da10e91ecd24c49dd80e73f5ca86166f90dcfe1 in linux-6.6.y/6.6.26
ca299b4512d4b4f516732a48ce9aa19d91f4473e in mainline linux

8 months agodrm/amd: Add concept of running prepare_suspend() sequence for IP blocks
jsg [Thu, 11 Apr 2024 03:27:39 +0000 (03:27 +0000)]
drm/amd: Add concept of running prepare_suspend() sequence for IP blocks

From Mario Limonciello
da67a1139f054fc59c9c18f135729bc16aef93d4 in linux-6.6.y/6.6.26
cb11ca3233aa3303dc11dca25977d2e7f24be00f in mainline linux

8 months agodrm/amd: Evict resources during PM ops prepare() callback
jsg [Thu, 11 Apr 2024 03:24:40 +0000 (03:24 +0000)]
drm/amd: Evict resources during PM ops prepare() callback

From Mario Limonciello
8b5f720486ca87e102ee722a73ae0894c12f1e7a in linux-6.6.y/6.6.26
5095d5418193eb2748c7d8553c7150b8f1c44696 in mainline linux

8 months agodrm/amd/display: Prevent crash when disable stream
jsg [Thu, 11 Apr 2024 03:20:22 +0000 (03:20 +0000)]
drm/amd/display: Prevent crash when disable stream

From Chris Park
4356a2c3f296503c8b420ae8adece053960a9f06 in linux-6.6.y/6.6.26
72d72e8fddbcd6c98e1b02d32cf6f2b04e10bd1c in mainline linux

8 months agodrm/amd/display: Fix DPSTREAM CLK on and off sequence
jsg [Thu, 11 Apr 2024 03:18:45 +0000 (03:18 +0000)]
drm/amd/display: Fix DPSTREAM CLK on and off sequence

From Dmytro Laktyushkin
8dc9a27589a9bf5f0a7eb517543411adc185e957 in linux-6.6.y/6.6.26
e8d131285c98927554cd007f47cedc4694bfedde in mainline linux

8 months agodrm/i915/mtl: Update workaround 14018575942
jsg [Thu, 11 Apr 2024 03:16:35 +0000 (03:16 +0000)]
drm/i915/mtl: Update workaround 14018575942

From Tejas Upadhyay
2564623ee0da92ed7f8a87aa3758cbf2c46257bb in linux-6.6.y/6.6.26
186bce682772e7346bf7ced5325b5f4ff050ccfb in mainline linux

8 months agodrm/i915/xelpg: Extend some workarounds/tuning to gfx version 12.74
jsg [Thu, 11 Apr 2024 03:15:02 +0000 (03:15 +0000)]
drm/i915/xelpg: Extend some workarounds/tuning to gfx version 12.74

From Matt Roper
798781b43194c6d2bdea0c4ded660f3135c484d3 in linux-6.6.y/6.6.26
c44d4ef47fdad0a33966de89f9064e19736bb52f in mainline linux

8 months agodrm/i915/mtl: Update workaround 14016712196
jsg [Thu, 11 Apr 2024 03:13:06 +0000 (03:13 +0000)]
drm/i915/mtl: Update workaround 14016712196

From Tejas Upadhyay
338db8193cb2dd93544ac445a7b4b4a7f77094ad in linux-6.6.y/6.6.26
7467e1da906468bcbd311023b30708193103ecf9 in mainline linux

8 months agodrm/i915: Replace several IS_METEORLAKE with proper IP version checks
jsg [Thu, 11 Apr 2024 03:11:25 +0000 (03:11 +0000)]
drm/i915: Replace several IS_METEORLAKE with proper IP version checks

From Matt Roper
ec84b2a44b057b2c51ed9f670b92690904e1106c in linux-6.6.y/6.6.26
14128d64090fa88445376cb8ccf91c50c08bd410 in mainline linux

8 months agodrm/i915: Eliminate IS_MTL_GRAPHICS_STEP
jsg [Thu, 11 Apr 2024 03:09:31 +0000 (03:09 +0000)]
drm/i915: Eliminate IS_MTL_GRAPHICS_STEP

From Matt Roper
b3749611a5e51188d17b4898eed8ecea571bc539 in linux-6.6.y/6.6.26
5a213086a025349361b5cf75c8fd4591d96a7a99 in mainline linux

8 months agodrm/i915/xelpg: Call Xe_LPG workaround functions based on IP version
jsg [Thu, 11 Apr 2024 03:06:59 +0000 (03:06 +0000)]
drm/i915/xelpg: Call Xe_LPG workaround functions based on IP version

From Matt Roper
18e77951e14a73f75d269e54b90c648b1e18b66e in linux-6.6.y/6.6.26
f7696ded7c9e358670dae1801660f442f059c7db in mainline linux

8 months agodrm/i915: Consolidate condition for Wa_22011802037
jsg [Thu, 11 Apr 2024 03:04:44 +0000 (03:04 +0000)]
drm/i915: Consolidate condition for Wa_22011802037

From Matt Roper
67f7fba8a08608cfd42ab354b79df56e9fee8856 in linux-6.6.y/6.6.26
28c46feec7f8760683ef08f12746630a3598173e in mainline linux

8 months agodrm/i915: Tidy workaround definitions
jsg [Thu, 11 Apr 2024 03:02:42 +0000 (03:02 +0000)]
drm/i915: Tidy workaround definitions

From Matt Roper
6b25099eea4b65ba3b750ce49fa1a9a13d158046 in linux-6.6.y/6.6.26
f1c805716516f9e648e13f0108cea8096e0c7023 in mainline linux

8 months agodrm/i915/dg2: Drop pre-production GT workarounds
jsg [Thu, 11 Apr 2024 03:01:04 +0000 (03:01 +0000)]
drm/i915/dg2: Drop pre-production GT workarounds

From Matt Roper
0a9901fdb7bb785ec4975aeeebc1428e3abae172 in linux-6.6.y/6.6.26
eaeb4b3614529bfa8a7edfdd7ecf6977b27f18b2 in mainline linux

8 months agodrm/i915: Pre-populate the cursor physical dma address
jsg [Thu, 11 Apr 2024 02:58:50 +0000 (02:58 +0000)]
drm/i915: Pre-populate the cursor physical dma address

From Ville Syrjala
cc696ce93089e3e1bc28d749aee321a37cabe4bd in linux-6.6.y/6.6.26
582dc04b0658ef3b90aeb49cbdd9747c2f1eccc3 in mainline linux

8 months agodrm/i915/display: Use i915_gem_object_get_dma_address to get dma address
jsg [Thu, 11 Apr 2024 02:56:48 +0000 (02:56 +0000)]
drm/i915/display: Use i915_gem_object_get_dma_address to get dma address

From Maarten Lankhorst
2c07e2437a3e98027c049ca560e4b6e39a975089 in linux-6.6.y/6.6.26
7054b551de18e9875fbdf8d4f3baade428353545 in mainline linux

8 months agoMake TCP debug code MP safe.
bluhm [Wed, 10 Apr 2024 22:24:07 +0000 (22:24 +0000)]
Make TCP debug code MP safe.

Protect the global variables in TCP debug code with global mutex.
Add a missing include and also fix the -Wunused-but-set-variable
warning.

OK mvs@

8 months agoMove global variables for TCP debug onto the tcp_input() stack.
bluhm [Wed, 10 Apr 2024 22:10:03 +0000 (22:10 +0000)]
Move global variables for TCP debug onto the tcp_input() stack.

OK mvs@

8 months agoImplement TCP Segmentation Offload for vio(4)
jan [Wed, 10 Apr 2024 19:55:50 +0000 (19:55 +0000)]
Implement TCP Segmentation Offload for vio(4)

Tested by Brian Conway and bluhm
With tweaks from bluhm

ok bluhm

8 months agoWhen rewriting an ELF header (i.e. in strip and objcopy), keep the
miod [Wed, 10 Apr 2024 19:43:16 +0000 (19:43 +0000)]
When rewriting an ELF header (i.e. in strip and objcopy), keep the
.openbsd.syscalls section with the PT_OPENBSD_SYSCALLS phdr, even though is
does not have the ALLOC flag; otherwise the phdr gets rewritten with a size
of zero, which prevents the binary from working.

ok kettenis@

8 months agosymbols test: Remove a few things that are long gone
tb [Wed, 10 Apr 2024 16:12:10 +0000 (16:12 +0000)]
symbols test: Remove a few things that are long gone

8 months agoUse km_alloc(9) to allocate USPACE instead of uvm_pglistalloc(9).
mpi [Wed, 10 Apr 2024 15:38:11 +0000 (15:38 +0000)]
Use km_alloc(9) to allocate USPACE instead of uvm_pglistalloc(9).

ok miod@

8 months agoUse uvmpd_dropswap() in the case of swap shortage.
mpi [Wed, 10 Apr 2024 15:26:18 +0000 (15:26 +0000)]
Use uvmpd_dropswap() in the case of swap shortage.

ok kn@, kettenis@, miod@

8 months agoCall uao_dropswap() instead of rerolling it.
mpi [Wed, 10 Apr 2024 15:25:14 +0000 (15:25 +0000)]
Call uao_dropswap() instead of rerolling it.

ok kn@, kettenis@, miod@

8 months agoRe-guard the crypto_malloc macros.
beck [Wed, 10 Apr 2024 15:13:23 +0000 (15:13 +0000)]
Re-guard the crypto_malloc macros.

accidentally not included in crypto.h commit

requested and ok tb@

8 months agoRemove the prototype of BN_gcd_nonct()
tb [Wed, 10 Apr 2024 15:09:03 +0000 (15:09 +0000)]
Remove the prototype of BN_gcd_nonct()

8 months agoHide deprecated functions in ec.h
beck [Wed, 10 Apr 2024 15:01:31 +0000 (15:01 +0000)]
Hide deprecated functions in ec.h

use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard

ok tb@

8 months agoHide deprecated functions in evp.h
beck [Wed, 10 Apr 2024 15:00:38 +0000 (15:00 +0000)]
Hide deprecated functions in evp.h

use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard around them.

ok tb@

8 months agoAdd HMAC_init and HMAC_CTX_reset to Symbols.namespace.
beck [Wed, 10 Apr 2024 14:59:39 +0000 (14:59 +0000)]
Add HMAC_init and HMAC_CTX_reset to Symbols.namespace.

ok tb@

8 months agoHide symbols in bn.h
beck [Wed, 10 Apr 2024 14:58:06 +0000 (14:58 +0000)]
Hide symbols in bn.h

Mark them LCRYPTO_UNUSED appropriately and remove the LIBRESSL_INTERNAL
guards around them

ok tb@

8 months agoHide a couple of LCRYPTO_UNUSED in asn1.h
beck [Wed, 10 Apr 2024 14:55:12 +0000 (14:55 +0000)]
Hide a couple of LCRYPTO_UNUSED in asn1.h

and remove the LIBRESSL_INTERNAL guards around them

ok tb@

8 months agoAdd RC2 symbols to Symbols.namespace.
beck [Wed, 10 Apr 2024 14:54:13 +0000 (14:54 +0000)]
Add RC2 symbols to Symbols.namespace.

These got missed when they were hidden

ok tb@

8 months agoFinish hiding symbols in rand.h
beck [Wed, 10 Apr 2024 14:53:01 +0000 (14:53 +0000)]
Finish hiding symbols in rand.h

This removes the LIBRESSL_INTERNAL guards and marks
the functions within as LCRYPTO_UNUSED

8 months agoFinish Hiding symbols in crypto.h
beck [Wed, 10 Apr 2024 14:51:02 +0000 (14:51 +0000)]
Finish Hiding symbols in crypto.h

crypto.h already had the symbols not hidden behind LIBRESSL_INTERNAL
hidden - This now picks up the reset of them marking them as
LCRYPTO_UNUSED, and removes the LIBRESSL_INTERNAL guard.

These symbols will now be hidden, but if we use them inside
the library in a namespaced build we will get a deprecation
warning. use outside the library will be as with any other hidden
symbol, so fine.

ok tb@

8 months agoremove unused hton[ls] functions from libkern
naddy [Wed, 10 Apr 2024 13:59:05 +0000 (13:59 +0000)]
remove unused hton[ls] functions from libkern

These have been superseded by inlines from endian.h.

ok miod@ mpi@

8 months agovmctl: fix incorrect scaling when converting disk images.
dv [Wed, 10 Apr 2024 13:03:41 +0000 (13:03 +0000)]
vmctl: fix incorrect scaling when converting disk images.

ctl_convert still had old logic assuming disk sizes were in MiB and
not bytes, causing an attempt to create a new disk using the '-i'
argument to generate impossibly large output disk images (e.g. 1 MiB
ends up 1 TiB).

Reported by and diff from Jesper Wallin.

8 months agoRemove `head' socket re-locking in sonewconn().
mvs [Wed, 10 Apr 2024 12:04:41 +0000 (12:04 +0000)]
Remove `head' socket re-locking in sonewconn().

uipc_attach() releases solock() because it should be taken after
`unp_gc_lock' rwlock(9) which protects the `unp_link' list. For this
reason, the listening `head' socket should be unlocked too while
sonewconn() calls uipc_attach(). This could be reworked because now
`so_rcv' sockbuf relies on `sb_mtx' mutex(9).

The last one `unp_link' foreach loop within unp_gc() discards sockets
previously marked as UNP_GCDEAD. These sockets are not accessed from the
userland. The only exception is the sosend() threads of connected
sending peers, but they only sbappend*() mbuf(9) to `so_rcv'. So it's
enough to unlink mbuf(9) chain with `sb_mtx' held and discard lockless.

Please note, the existing SS_NEWCONN_WAIT logic was never used because
the listening unix(4) socket protected from concurrent unp_detach() by
vnode(9) lock, however `head' re-locked all times.

ok bluhm

8 months agoRemove obsolete headers.
mglocker [Wed, 10 Apr 2024 10:40:27 +0000 (10:40 +0000)]
Remove obsolete headers.

Spotted by jsg@

8 months agoUnlock dosigsuspend() and with that some aspects of ppoll and pselect
claudio [Wed, 10 Apr 2024 10:05:26 +0000 (10:05 +0000)]
Unlock dosigsuspend() and with that some aspects of ppoll and pselect

Change p_sigmask from atomic back to non-atomic updates. All changes to
p_sigmask are only allowed by curproc (the owner). There is no need for
atomic instructions here.

p_sigmask is mostly accessed by curproc with the exception of ptsignal().
In ptsignal() p_sigmask is now only read once unless a SSLEEP proc gets
the signal. In that case recheck the p_sigmask before wakeup to ensure
that no unnecessary wakeup happens.

Add some KASSERT(p == curproc) to ensure this precondition.
sigabort() is special since it is also called by ddb but apart from that
only works for curproc.

With and OK mvs@ OK mpi@

8 months agoRework the logic to not send double notifications in session_notification().
claudio [Wed, 10 Apr 2024 09:05:32 +0000 (09:05 +0000)]
Rework the logic to not send double notifications in session_notification().

last_sent_errcode is now cleared late (when state changes to ESTABLISHED)
and so notifications sent in the OPEN phase would be dropped after the
first incident. Using the session state to know if sending a message is
possible seems more robust and is what session_stop() uses as well.
For now log the notification which are not sent as 'dropping' to see how
often this happens.

OK tb@

8 months agoAdd an option allow-set-title to forbid applications from changing the
nicm [Wed, 10 Apr 2024 07:36:25 +0000 (07:36 +0000)]
Add an option allow-set-title to forbid applications from changing the
pane title, from someone in GitHub issue 3930.

8 months agoCorrect handling of mouse up events (don't ignore all but the last
nicm [Wed, 10 Apr 2024 07:29:15 +0000 (07:29 +0000)]
Correct handling of mouse up events (don't ignore all but the last
released button), and always process down event for double click. From
Rudy Dellomas III in GitHub issue 3919.

8 months agoDo not get muddled and crash if focusing a pane that is exiting,
nicm [Wed, 10 Apr 2024 07:15:21 +0000 (07:15 +0000)]
Do not get muddled and crash if focusing a pane that is exiting,
reported by Saul Nogueras in GitHub issue 3776.

8 months agovmm/vmd: add exception injection and refactor inject api.
dv [Tue, 9 Apr 2024 21:55:16 +0000 (21:55 +0000)]
vmm/vmd: add exception injection and refactor inject api.

In order to continue work on mmio and other instruction emulation,
vmd(8) needs the ability to inject exceptions (like page faults)
from userland.

Refactor the way events are injected from userland, cleaning up how
hardware (external) interrupts are injected in the process.

ok mlarkin@

8 months agoAdd ufshci(4) to pci(4). While there, add ahci(4) to acpi(4).
mglocker [Tue, 9 Apr 2024 20:18:37 +0000 (20:18 +0000)]
Add ufshci(4) to pci(4).  While there, add ahci(4) to acpi(4).

Suggested and ok jmc@

8 months agowhirlpool_test: avoid calling arc4random_uniform(0)
tb [Tue, 9 Apr 2024 18:12:11 +0000 (18:12 +0000)]
whirlpool_test: avoid calling arc4random_uniform(0)

This causes a SIGFPE on solaris
Fixes https://github.com/libressl/portable/issues/1042

8 months agowhirlpool_test: zap lots of trailing whitespace
tb [Tue, 9 Apr 2024 18:08:43 +0000 (18:08 +0000)]
whirlpool_test: zap lots of trailing whitespace

8 months agobn_convert: plug leak spotted by ASAN
tb [Tue, 9 Apr 2024 16:06:01 +0000 (16:06 +0000)]
bn_convert: plug leak spotted by ASAN