krw [Sat, 13 May 2023 18:13:42 +0000 (18:13 +0000)]
In the absence of the 'disktype' command line parameter always
use the d_type value provided by the kernel when creating,
editing or printing a disklabel.
i.e. treat d_type as disk geometry is treated, reflecting
current reality as opposed to historical data.
kn [Sat, 13 May 2023 16:36:40 +0000 (16:36 +0000)]
default path includes /usr/local/sbin
Improve markup while here.
Feedback tb jmc
OK millert
bluhm [Sat, 13 May 2023 16:27:59 +0000 (16:27 +0000)]
Finally remove the kernel lock from IPv6 neighbor discovery. ND6
entries in rt_llinfo are protected either by exclusive netlock or
the ND6 mutex. The performance critical lookup path in nd6_resolve()
uses shared netlock, but is not lockless. In contrast to ARP it
grabs the mutex also in the common case.
tested by Hrvoje Popovski; with and OK kn@
bluhm [Sat, 13 May 2023 13:35:17 +0000 (13:35 +0000)]
Instead of implementing IPv4 header checksum creation everywhere,
introduce in_hdr_cksum_out(). It is used like in_proto_cksum_out().
OK claudio@
mpi [Sat, 13 May 2023 09:24:59 +0000 (09:24 +0000)]
Put back in the simplification of the aiodone daemon.
Previous "breakage" of the swap on arm64 has been found to be an issue
on one machine the rockpro/arm64 related to a deadlock built into the
sdmmc(4) stack interacting with swapping code both running under
KERNEL_LOCK().
This issue is easily reproducible on -current and entering swap when
building LLVM on a rockpro crashes the machine by memory corruption.
Tested by mlarkin@ on octeon & i386, by myself on amd64 & arm64 and by
sthen@ on i386 port bulk.
ok beck@ some time ago.
Previous commit message:
Simplify the aiodone daemon which is only used for async writes.
- Remove unused support for asynchronous read, including error conditions
- Grab the proper lock for each page that has been written to swap. This
allows to enable an assertion in uvm_page_unbusy().
- Move the uvm_anon_release() call outside of uvm_page_unbusy() and
assert for the different anon cases.
ok beck@, kettenis@
tb [Sat, 13 May 2023 07:17:32 +0000 (07:17 +0000)]
Assert that test->want != NULL at this point
Should make coverity happier
uaa [Fri, 12 May 2023 21:32:49 +0000 (21:32 +0000)]
add axppmic support to RAMDISK,
to support ethernet on OrangePi One Plus (Allwinner H6).
ok kettenis@
tb [Fri, 12 May 2023 19:02:10 +0000 (19:02 +0000)]
Bob points out that one error should be an X509V3error()
tb [Fri, 12 May 2023 18:39:44 +0000 (18:39 +0000)]
x509_utl.c: fix some style nits.
jan [Fri, 12 May 2023 18:24:13 +0000 (18:24 +0000)]
Add interface names in front of error messages.
Suggested by Hrvoje Popovski.
ok phessler@
kettenis [Fri, 12 May 2023 16:43:00 +0000 (16:43 +0000)]
Fall back on loading the kernel from the EFI system partition if we're
booting from a disk without a BSD disklabel.
ok kn@, caspar@
dv [Fri, 12 May 2023 16:18:17 +0000 (16:18 +0000)]
vmd(8): fix segfault on vm creation.
vm_instance was using the wrong vm instance for checking the
vm_kernel_path member. Switch to using the value from the parent
vm instance in the check for if a kernel is known.
Issue reported by kn@. OK mlarkin@, kn@.
dv [Fri, 12 May 2023 14:42:30 +0000 (14:42 +0000)]
vmd(8): fix console attach from vmctl(8).
Adding in the ability to override the boot kernel created an edge
case in the ipc message handling logic for the parent process (vmd)
when receiving a "start vm" request. Result was incorrectly responding
to the control process, and as a result the vmctl client, with a
bogus "start vm response" reply with an empty tty name.
This commit rewrites the logic of how vmd goes about processing the
"start vm" request with the aim of making it simpler to understand
while addressing the edge case.
Issue reported by kn@. OK mlarkin@.
claudio [Fri, 12 May 2023 14:34:00 +0000 (14:34 +0000)]
Add example user profile btrace script.
With and OK mpi@
claudio [Fri, 12 May 2023 14:14:16 +0000 (14:14 +0000)]
btrace(8) support to symbolize utrace addresses.
This only works for a single static binary where everything was compiled
with -fno-omit-frame-pointer since the stack unwinder requires the
frame-pointer.
A possible btrace script to capture performace of a single process is:
profile:hz:100 / pid == $1 / {
@[ustack] = count();
}
Then using btrace -p program uprofile.bt `pgrep program` will collect
the information for program.
This is far from perfect but should allow other people to play with this
and hopefully improve work.
OK mpi@
tb [Fri, 12 May 2023 13:56:17 +0000 (13:56 +0000)]
Rewrite string_to_hex() and hex_to_string() using CBB/CBS
These helpers used to contain messy pointer bashing some with weird logic
for NUL termination. This can be written more safely and cleanly using
CBB/CBS, so do that. The result is nearly but not entirely identical to
code used elsewhere due to some strange semantics. Apart from errors pushed
on the stack due to out-of-memory conditions, care was taken to preserve
error codes.
ok jsing
bluhm [Fri, 12 May 2023 12:42:16 +0000 (12:42 +0000)]
Make access to rt_llinfo consistent and remove needless initialisation.
OK mvs@
bluhm [Fri, 12 May 2023 12:40:49 +0000 (12:40 +0000)]
Access rt_llinfo without checking RTF_LLINFO flag before. They are
always set together with ARP mutex.
OK mvs@
jsg [Fri, 12 May 2023 11:43:03 +0000 (11:43 +0000)]
regen
jsg [Fri, 12 May 2023 11:42:22 +0000 (11:42 +0000)]
match 6.1.28 drm and remove Intel 0x5698
previously DG2-G11, Intel have now decided it is reserved for future use
jsg [Fri, 12 May 2023 11:28:36 +0000 (11:28 +0000)]
drm/amd/display (gcc13): fix enum mismatch
From Jiri Slaby
010842e88269b00b58c6deced7049ff818d73834 in linux-6.1.y/6.1.28
545094d993f4639482018becda5f2a47d126f0ab in mainline linux
jsg [Fri, 12 May 2023 11:22:54 +0000 (11:22 +0000)]
drm/i915: Make intel_get_crtc_new_encoder() less oopsy
From Ville Syrjala
0fe6ef82e4f4764e8f556632e4cd93d78d448e99 in linux-6.1.y/6.1.28
631420b06597a33c72b6dcef78d1c2dea17f452d in mainline linux
jsg [Fri, 12 May 2023 11:21:13 +0000 (11:21 +0000)]
drm/amd/display: Fix potential null dereference
From Igor Artemiev
b75aaebac265e3f29863699d9a929fdfba13d0a4 in linux-6.1.y/6.1.28
52f1783ff4146344342422c1cd94fcb4ce39b6fe in mainline linux
jsg [Fri, 12 May 2023 11:19:12 +0000 (11:19 +0000)]
drm/ttm/pool: Fix ttm_pool_alloc error path
From Thomas Hellstrom
d2151c5d9dbe3f8fec4cae5f4784edce3ced3a7e in linux-6.1.y/6.1.28
379989e7cbdc7aa7496a00ee286ec146c7599cf0 in mainline linux
jsg [Fri, 12 May 2023 11:16:58 +0000 (11:16 +0000)]
drm/ttm: optimize pool allocations a bit v2
From Christian Koenig
5e5a4185c66f9478a8cb2f74eed1a5b5a5000b13 in linux-6.1.y/6.1.28
735c466465eba51deaee3012d8403c10fc7c8c03 in mainline linux
jsg [Fri, 12 May 2023 11:14:00 +0000 (11:14 +0000)]
drm/amdgpu: register a vga_switcheroo client for MacBooks with apple-gmux
From Orlando Chamberlain
78e32896ecc790994034a35a2edef0b6ae043537 in linux-6.1.y/6.1.28
d37a3929ca0363ed1dce02b2772cd5bc547ca66d in mainline linux
jsg [Fri, 12 May 2023 11:09:03 +0000 (11:09 +0000)]
drm/probe-helper: Cancel previous job before starting new one
From Dom Cobley
809a3fb8d8fce5801300ead8aaf52a4ee102e0db in linux-6.1.y/6.1.28
a8e47884f1906cd7440fafa056adc8817568e73e in mainline linux
jsg [Fri, 12 May 2023 11:06:39 +0000 (11:06 +0000)]
drm/i915/dg2: Drop one PCI ID
From Matt Roper
46473f3bd14a8d6887d2ee56c78aff682bf5d596 in linux-6.1.y/6.1.28
3a38be31ec82920a871963c086393bc0ba26a655 in mainline linux
jsg [Fri, 12 May 2023 11:03:19 +0000 (11:03 +0000)]
drm/amd/pm: re-enable the gfx imu when smu resume
From Tim Huang
f455c9cb9eed246e398977d0d14ac57cd34cefeb in linux-6.1.y/6.1.28
f7f28f268b861c29dd18086bb636abedf0ff59ff in mainline linux
jsg [Fri, 12 May 2023 11:01:48 +0000 (11:01 +0000)]
swsmu/amdgpu_smu: Fix the wrong if-condition
From Yu Songping
d78777c1d4de809d8bc9efc697cb636cbe8e32c2 in linux-6.1.y/6.1.28
484d7dcc709da46a5976c9530eeff931e9ecba82 in mainline linux
jsg [Fri, 12 May 2023 11:00:22 +0000 (11:00 +0000)]
drm/amd/display: fix a divided-by-zero error
From Alex Hung
e43cf7abece2efaebe0a757909d258212d01c404 in linux-6.1.y/6.1.28
0b5dfe12755f87ec014bb4cc1930485026167430 in mainline linux
jsg [Fri, 12 May 2023 10:57:58 +0000 (10:57 +0000)]
drm/amd/display: fix PSR-SU/DSC interoperability support
From Hamza Mahfooz
09c41688b6e5c038df5baacdb0f4e23c8a10ebdb in linux-6.1.y/6.1.28
13b90cf900ab69dd5cab3cc5035bc7614037e64e in mainline linux
jsg [Fri, 12 May 2023 10:55:23 +0000 (10:55 +0000)]
drm/amd/display: limit timing for single dimm memory
From Daniel Miess
2abff94db2c6d692772fc07f39b4f9ee894c7197 in linux-6.1.y/6.1.28
1e994cc0956b8dabd1b1fef315bbd722733b8aa8 in mainline linux
jsg [Fri, 12 May 2023 10:53:36 +0000 (10:53 +0000)]
drm/amd/display: Remove stutter only configurations
From Nasir Osman
5e1574aa0639abf811375aaba1d6799d035dc97b in linux-6.1.y/6.1.28
71c4ca2d3b079d0ba4d9b3033641fea906cebfb6 in mainline linux
jsg [Fri, 12 May 2023 10:50:22 +0000 (10:50 +0000)]
add apple-gmux.h for 6.1.28 drm
tb [Fri, 12 May 2023 10:43:28 +0000 (10:43 +0000)]
asn1oct: add a couple more tests
jsing [Fri, 12 May 2023 10:10:55 +0000 (10:10 +0000)]
Reduce the number of SHA-512 C implementations from three to one.
We currently have three C implementations for SHA-512 - a version that is
optimised for CPUs with minimal registers (specifically i386), a regular
implementation and a semi-unrolled implementation. Testing on a ~15 year
old i386 CPU, the fastest version is actually the semi-unrolled version
(not to mention that we still currently have an i586 assembly
implementation that is used on i386 instead...).
More decent architectures do not seem to care between the regular and
semi-unrolled version, presumably since they are effectively doing the
same thing in hardware during execution.
Remove all except the semi-unrolled version.
ok tb@
tb [Fri, 12 May 2023 08:56:05 +0000 (08:56 +0000)]
asn1oct: minor tweak in error message
tb [Fri, 12 May 2023 08:28:05 +0000 (08:28 +0000)]
Add regress coverage for {s2i,i2s}_ASN1_OCTET_STRING
jsg [Fri, 12 May 2023 08:18:13 +0000 (08:18 +0000)]
primility -> primality
ok tb@
tb [Fri, 12 May 2023 08:12:09 +0000 (08:12 +0000)]
Be a bit more precise on how s2i_ASN1_OCTET_STRING handles colons
djm [Fri, 12 May 2023 06:37:42 +0000 (06:37 +0000)]
test ChrootDirectory in Match block
djm [Fri, 12 May 2023 06:36:27 +0000 (06:36 +0000)]
better error messages
kn [Fri, 12 May 2023 00:06:53 +0000 (00:06 +0000)]
staggered deployment parallelism defaults to number of *online* CPUs
vmd looks at hw.ncpuonline not hw.ncpu[found], which can differ w/o SMT.
guenther [Thu, 11 May 2023 22:28:38 +0000 (22:28 +0000)]
Teach dump_tables about PKs and display non-readable pages as such
job [Thu, 11 May 2023 20:13:30 +0000 (20:13 +0000)]
Print the manifestNumber when warning about unrecoverable message digest mismatches
This makes it easier to understand "when" certain error conditions arose.
OK tb@
guenther [Thu, 11 May 2023 19:35:50 +0000 (19:35 +0000)]
Retguard addition in commit 72pYktDvmJhq7OyF was based on the understanding
that the removal of the off_t padding, amd64 syscalls no longer passed a 7th
or later argument. We overlooked that syscall(2) bumps the arg count by one,
so six argument calls like SYS_sysctl still pass an argument on the stack.
So, repush the 7th argument so it's at the expected stack offset after the
retguard register is pushed.
problem reported and ok bluhm@
stsp [Thu, 11 May 2023 16:55:46 +0000 (16:55 +0000)]
Stop sending a PHY context update in iwx_run_stop()
Fixes firmware error iwx0: 0x20101A28 | ADVANCED_SYSASSERT which would
occur while tearing down the state of our association to the AP.
The problem occurred when we were trying to reconfigure the PHY context
in a way that is incompatible with the TLC configuration. Since we will
always call iwx_deauth() next, which removes the AP station and related
data such as TLC from firmware before updating the PHY context yet again
we can simply skip the redundant PHY context update in iwx_run_stop() to
prevent this firmware error.
A reliable way to reproduce the problem is an attempt to connect to an
11ac access point on a 5GHz channel while the wrong WPA key is set which
happened to me because mpi@ uses a French WPA passphrase.
Problem confirmed fixed by me with this simple reproducer.
Helpful hints provided by Johannes Berg at Linux/Intel, thanks!
claudio [Thu, 11 May 2023 14:05:31 +0000 (14:05 +0000)]
In valid_cert() also skip the check for CERT_IP_INHERIT objects like
it is done for CERT_AS_INHERIT.
Without this inheritance of IP address resources does not work. Problem
noticed by Ties de Kock (tdekock (at) ripe.net)
OK job@ tb@ benno@
kn [Thu, 11 May 2023 12:36:22 +0000 (12:36 +0000)]
pools are always initialised, zap overcautious NULL check
All pools are init'd after pfattach(), none is ever destroyed,
so struct pf_pool_limit's .pp always points to valid pools.
Drop a check for the impossible from twenty years ago.
OK sashan dlg
bluhm [Thu, 11 May 2023 09:51:33 +0000 (09:51 +0000)]
mi_syscall() can add the KTRC_CODE_SYSCALL flag to the syscall code.
In ktrsyscall() mask the code, otherwise kdump(1) does not show the
correct mib of SYS_sysctl when called by syscall(2).
OK guenther@
tb [Thu, 11 May 2023 07:35:27 +0000 (07:35 +0000)]
tls_verify.c: give up on variable alignment in this file
The previous commit resulted in misalignment, which impacts my OCD worse
than no alignment at all. Alignment wasn't consistently done in this file
anyway. op tells me it won't affect current efforts in reducing the diff.
tb [Thu, 11 May 2023 05:45:33 +0000 (05:45 +0000)]
Document recent changes in primality testing
With input from beck and jsing
sashan [Wed, 10 May 2023 22:42:51 +0000 (22:42 +0000)]
nat-to may fail to insert state due to conflict on chosen source
port number. This is typically indicated by 'wire key attach failed on...'
message when pf(4) debugging is enabled. The problem is caused by
glitch in pf_get_sport() which fails to discover conflict in advance.
In order to fix it we must also calculate toeplitz hash in
pf_get_sport() to initialize look up key properly.
the bug has been kindly reported by joosepm _von_ gmail _dot_ com
OK dlg@
jmc [Wed, 10 May 2023 22:23:25 +0000 (22:23 +0000)]
sort the hardware list;
tb [Wed, 10 May 2023 21:05:24 +0000 (21:05 +0000)]
Use is_pseudoprime instead of is_prime in bn_bpsw.c
This is more accurate and improves readability a bit. Apart from a comment
tweak this is sed + knfmt (which resulted in four wrapped lines).
Discussed with beck and jsing
miod [Wed, 10 May 2023 18:28:04 +0000 (18:28 +0000)]
New udl(4) device, reported by "S V" on tech@
miod [Wed, 10 May 2023 18:26:43 +0000 (18:26 +0000)]
regen
miod [Wed, 10 May 2023 18:26:05 +0000 (18:26 +0000)]
New udl(4) device, reported by "S V" on tech@
krw [Wed, 10 May 2023 15:28:26 +0000 (15:28 +0000)]
Add flag SDEV_UFI so umass_scsi_attach() can provide information
sufficient to get sdgetdisklabel() to correctly set d_type to
DTYPE_FLOPPY in the default disklabel.
installboot(8) in particular likes to know it is dealing with a
floppy.
ok miod@
claudio [Wed, 10 May 2023 15:24:41 +0000 (15:24 +0000)]
Reset the io_time (io timeout value) when the timer expires. Without this
the next connect will immediatly timeout again which is not intended.
It does not matter in the other case since the connection is destroyed anyway.
Problem noticed by job@ and Jelle (jelle (at) luteijn.email)
OK job@ tb@
op [Wed, 10 May 2023 13:48:54 +0000 (13:48 +0000)]
switch two ASN1_STRING_data() to ASN1_STRING_get0_data()
and while here mark as const data.
This diff is actually from gilles@, in OpenSMTPD-portable bundled
libtls.
ok tb@, jsing@
krw [Wed, 10 May 2023 13:45:49 +0000 (13:45 +0000)]
Display correct type name for Microsoft basic data GPT
partitions. Inadvertantly lost in transition to new menu logic.
krw [Wed, 10 May 2023 12:59:47 +0000 (12:59 +0000)]
Microsoft GPT partition attributes can appear on partitions other
than Basic Data partitions. e.g. Windows Recovery and Windows
Reserved partitions.
So tweak verbiage to make clear they are MS attributes by
prepending 'MS' and always display them.
No functional change other than modified fdisk -v output.
tb [Wed, 10 May 2023 12:21:55 +0000 (12:21 +0000)]
Add Miller-Rabin test for random bases to BPSW
The behavior of the BPSW primality test for numbers > 2^64 is not very
well understood. While there is no known composite that passes the test,
there are heuristics that indicate that there are likely infinitely many.
Therefore it seems appropriate to harden the test. Having a settable
number of MR rounds before doing a version of BPSW is also the approach
taken by Go's primality check in math/big.
This adds a new implementation of the old MR test that runs before running
the strong Lucas test. I like to imagine that it's slightly cleaner code.
We're effectively at about twice the cost of what we had a year ago. In
addition, it adds some non-determinism in case there actually are false
positives for the BPSW test.
The implementation is straightforward. It could easily be tweaked to use
the additional gcds in the "enhanced" MR test of FIPS 186-5, but as long
as we are only going to throw away the additional info, that's not worth
much.
This is a first step towards incorporating some of the considerations in
"A performant misuse-resistant API for Primality Testing" by Massimo and
Paterson. Further work will happen in tree. In particular, there are plans
to crank the number of Miller-Rabin tests considerably so as to have a
guaranteed baseline. The manual will be updated shortly.
positive feedback beck
ok jsing
bluhm [Wed, 10 May 2023 12:07:16 +0000 (12:07 +0000)]
Implement TCP send offloading, for now in software only. This is
meant as a fallback if network hardware does not support TSO. Driver
support is still work in progress. TCP output generates large
packets. In IP output the packet is chopped to TCP maximum segment
size. This reduces the CPU cycles used by pf. The regular output
could be assisted by hardware later, but pf route-to and IPsec needs
the software fallback in general.
For performance comparison or to workaround possible bugs, sysctl
net.inet.tcp.tso=0 disables the feature. netstat -s -p tcp shows
TSO counter with chopped and generated packets.
based on work from jan@
tested by jmc@ jan@ Hrvoje Popovski
OK jan@ claudio@
dtucker [Wed, 10 May 2023 10:04:20 +0000 (10:04 +0000)]
Remove now-unused prototypes for ssh1 RSA functions. From lengyijun via
github PR#396.
op [Wed, 10 May 2023 08:03:49 +0000 (08:03 +0000)]
cast off_t to long long int for printing
reduces the diff with opensmtpd-portable.
ok tb@
op [Wed, 10 May 2023 08:02:10 +0000 (08:02 +0000)]
constify day, month and tz
spotted while diffing with -portable, where tz is marked as const.
ok tb@
otto [Wed, 10 May 2023 07:58:06 +0000 (07:58 +0000)]
As mmap(2) is no longer a LOCK syscall, do away with the extra
unlock-lock dance it serves no real purpose any more. Confirmed
by a small performance increase in tests. ok @tb
tb [Wed, 10 May 2023 07:34:57 +0000 (07:34 +0000)]
Add a hint on using letsencrypt-staging for testing
While florian rightly points out that this is likely to be overlooked, it
may help someone. Also doesn't affect the adjust-config-with-sed-ability
of the example file after input by a few.
no objection florian
ok espie millert
op [Wed, 10 May 2023 07:20:20 +0000 (07:20 +0000)]
cast time_t to long long for printf, reduces the diff with -portable
ok millert@
op [Wed, 10 May 2023 07:19:49 +0000 (07:19 +0000)]
add a few missing headers, reduces the diff with -portable
ok millert@
op [Wed, 10 May 2023 07:19:08 +0000 (07:19 +0000)]
remove trailing whitespace
jmc [Tue, 9 May 2023 19:44:06 +0000 (19:44 +0000)]
macro line fix;
otto [Tue, 9 May 2023 19:07:37 +0000 (19:07 +0000)]
Make malloc tests that set flags more robust against the user also
having flags set.
claudio [Tue, 9 May 2023 14:35:45 +0000 (14:35 +0000)]
Adjust bgplgd after renaming of the invalid option in bgpctl.
This does not change the query string argument. We may do this
at a later stage.
OK tb@
visa [Tue, 9 May 2023 14:22:17 +0000 (14:22 +0000)]
Don't return EPIPE from pipe kqfilter
Proceed with the registration of an EVFILT_WRITE filter even if the
pipe's other end has been closed, instead of failing with error EPIPE.
The filter will trigger immediately. This reduces the possible outcomes
when a kevent(2) call and a close(2) call race on the different ends
of a pipe.
This fixes a failure of lang/ghc unit test as reported by gnezdo@.
OK gnezdo@ mpi@
sthen [Tue, 9 May 2023 13:41:54 +0000 (13:41 +0000)]
update port-modules(5) with default font type changes
claudio [Tue, 9 May 2023 13:26:27 +0000 (13:26 +0000)]
Rename 'invalid' to 'disqualified' in the 'show rib' table.
'invalid' conflicts with the 'in' keyword and the parser is not smart
enough to handle this. As a secondary benefit the term 'invalid' is
less overloaded. There are various reasons why prefixes are not eligible
in the route decision process calling them all 'invalid' is a bit harsh.
job@, tb@ and benno@ agree
claudio [Tue, 9 May 2023 13:11:19 +0000 (13:11 +0000)]
Properly handle references for nexthops and labels in filterset_copy()
Up until recently filterset_copy() was only used in the parent process
where none of those references exist but by using filterset_copy() in
the RDE to populate per-peer output filters the code needs to handle
such references. Without this rules like 'match to any set nexthop X'
will cause internal corruption on config reloads and session resets.
Bug report from Marko Cupac (marko.cupac (at) mimar.rs)
OK tb@
kn [Tue, 9 May 2023 10:35:20 +0000 (10:35 +0000)]
Inline once-used variable to sync all uvm_map_clean() callers
OK mpi
tb [Tue, 9 May 2023 10:34:32 +0000 (10:34 +0000)]
rpki-client: use partial chains in certificate validation
The generally rather poor quality RFC 3779 code in libcrypto also performs
abysmally. Flame graphs show that nearly 20% of the parser process is spent
in addr_contains() alone. There is room for improvement in addr_contains()
itself - the containment check for prefixes could be optimized quite a bit.
We can avoid a lot of the most expensive work for certificates with tons of
resources close to the TA by using the verifier's partial chains flag.
More precisely, in the tree of already validated certs look for the first
one that has no inherited RFC 3779 resources and use that as 'trust anchor'
for our chains via the X509_V_FLAG_PARTIAL_CHAIN flag. This way we can be
sure that a leaf's delegated resources are properly covered and at the same
time significantly shorten most paths validated.
Job's and my testing indicates that this avoids 30-50% of overhead and works
equally well with LibreSSL and OpenSSL >= 1.1. The main bottlenecks in the
parser process now appear to be SHA-2 and RSA/BIGNUM, two well-known pain
points in libcrypto.
This is based on a hint by beck and was discussed extensively with beck,
claudio and job during and after m2k23.
ok claudio job
kettenis [Tue, 9 May 2023 10:13:23 +0000 (10:13 +0000)]
Apparently there is no need to set the PS2 field.
ok patrick@
tb [Tue, 9 May 2023 07:19:24 +0000 (07:19 +0000)]
Make failure mode of EVP_AEAD_CTX_new() more explicit
Pointed out and ok by dlg
tb [Tue, 9 May 2023 05:39:24 +0000 (05:39 +0000)]
Add regress coverage for -1 modulus as well.
tb [Tue, 9 May 2023 05:38:11 +0000 (05:38 +0000)]
bn_exp: also special case -1 modulus
Anything taken to the power of 0 is 1, and then reduced mod 1 or mod -1 it
will be 0. If "anything" includes 0 or not is a matter of convention, but
it should not depend on the sign of the modulus...
Reported by Guido Vranken
ok jsing (who had the same diff)
jsing [Tue, 9 May 2023 05:15:55 +0000 (05:15 +0000)]
Rewrite BN_bn2hex() using CBB/CBS.
ok tb@
jsing [Tue, 9 May 2023 05:12:49 +0000 (05:12 +0000)]
Rewrite BN_bn2dec() using CBB/CBS.
ok tb@
dlg [Tue, 9 May 2023 00:01:59 +0000 (00:01 +0000)]
switch pflogd from using a bpf read timeout to a wait timeout.
a bpf read timeout means every read will end after the timeout
expires. because pflogd has a half second read timeout it would sit
in a loop doing reads all the time even if there were no packets
to log.
the wait timeout means that when bpf catches a packet, it will wait
a bit for more packets to arrive before waking up the pending read.
pflogd now sits in the read syscall until packets are actually
available to log.
found by deraadt@ and ktrace
discussed with and ok sashan@
dlg [Mon, 8 May 2023 23:52:36 +0000 (23:52 +0000)]
fix up some formatting in the pf_state_list comment.
tobias [Mon, 8 May 2023 17:15:43 +0000 (17:15 +0000)]
Prevent signed integer overflow
A signed integer overflow could occur after INT_MAX bad password
attempts. Check for unlimited tries first and then increment the
counter. Also consider INT_MAX to be a valid upper limit.
ok millert@
tobias [Mon, 8 May 2023 16:11:41 +0000 (16:11 +0000)]
Improve error handling
Close pipe file descriptors if fork fails.
Also do not parse exit status of child if waitpid fails.
with input by and ok millert@
millert [Mon, 8 May 2023 15:18:31 +0000 (15:18 +0000)]
cron: bounds check the high and low bounds for in a random range.
The bounds are checked for normal ranges in set_element() but in
the case of random ranges this is too late. As a result, a random
range with an invalid high/low bounds would only result in a syntax
error if the randomized value was out of bounds. This means the
entry would be "randomly" rejected by cron or crontab. OK kn@
tb [Mon, 8 May 2023 14:51:00 +0000 (14:51 +0000)]
Rename the other_ctx in X509_STORE_CTX into trusted
The other_ctx is a strong contender for the worst name of a struct member
in OpenSSL. It's a void * member whose only purpose ever was to be set to a
STACK_OF(X509) * via X509_STORE_CTX_trusted_stack() (yes, this is obviously
a setter, why do you ask?) and then to be used by the get_issuer() callback
(which of course isn't there to find any old issuer, but only to look for
issuers among the 'trusted' certs).
Anyway, we may want to rename untrusted into intermediates and trusted into
roots later on, but for now let's match the lovely public API. While there
rename get_issuer_sk() into get_trusted_issuer() which is a more accurate
and slightly less silly name.
ok jsing
tb [Mon, 8 May 2023 13:53:26 +0000 (13:53 +0000)]
Add RCS tag
bluhm [Mon, 8 May 2023 13:22:13 +0000 (13:22 +0000)]
The call to in_proto_cksum_out() is only needed before the packet
is passed to ifp->if_output(). The fragment code has its own
checksum calculation and the other paths end in goto bad.
OK claudio@
bluhm [Mon, 8 May 2023 13:14:21 +0000 (13:14 +0000)]
To make ND6 mp-safe, the life time of struct llinfo_nd6 *ln =
rt->rt_llinfo has to be guaranteed. Replace the complicated logic
in nd6_rtrequest() case RTM_ADD with what we have in ARP. This
avoids accessing ln here.
Digging through histroy shows a lot of refactoring that makes
rt_expire handling in RTM_ADD obsolete. Just initialize it to 0.
Cloning and local routes should never expire. If RTF_LLINFO is
set, ln should not be NULL. So nd6_llinfo_settimer() was not reached
in this case.
While there, remove obsolete comments and #if 0 code that never
worked.
OK kn@ claudio@
gerhard [Mon, 8 May 2023 12:25:23 +0000 (12:25 +0000)]
Fix a potential mem-leak in usm_decrypt().
Spotted by hshoexer@
ok martijn@
bluhm [Mon, 8 May 2023 11:47:52 +0000 (11:47 +0000)]
As the nd6 mutex protects the lifetime of struct llinfo_nd6 ln,
nd6_mtx must be held longer in nd6_rtrequest() case RTM_RESOLVE.
OK kn@