jsing [Thu, 2 Feb 2023 18:39:26 +0000 (18:39 +0000)]
Refactor BN_uadd() and BN_usub().
Unlike bn_add_words()/bn_sub_words(), the s2n-bignum bignum_add() and
bignum_sub() functions correctly handle inputs with differing word
lengths. This means that they can be called directly, without needing to
fix up any remaining words manually.
Split BN_uadd() in two - the default bn_add() implementation calls
bn_add_words(), before handling the carry for any remaining words.
Likewise split BN_usub() in two - the default bn_sub() implementation
calls bn_sub_words(), before handling the borrow for any remaining words.
On amd64, provide an implementation of bn_add() that calls s2n-bignum's
bignum_add() directly, similarly with an implementation of bn_sub() that
calls s2n-bignum's bignum_sub() directly.
ok tb@
jsing [Thu, 2 Feb 2023 18:19:27 +0000 (18:19 +0000)]
Unbreak vpaes-x86 implementation.
Remove remnants of previous PIC handling.
ok miod@
krw [Thu, 2 Feb 2023 14:33:38 +0000 (14:33 +0000)]
Tweak restored code chunk to eliminate duplicate checks.
claudio [Thu, 2 Feb 2023 13:37:24 +0000 (13:37 +0000)]
Do not endian swap the ether_vtag before stuffing it into the control word.
The endian swap to little endian happens later for the full control word.
Fixes vlans on em(4) on sparc64 systems.
OK kn@ naddy@
kn [Thu, 2 Feb 2023 13:29:16 +0000 (13:29 +0000)]
Move existing softraid check into reusable function
No behaviour change, but get_softraid_chunks() reads much clearer.
The root disk is checked to be a softraid volume; if so, devices for each
chunks are created to make installboot work later.
bioctl accepts "sd1" and "softraid0", the latter prints all volumes.
Output is identical if sd1 is the only volume.
OK afresh1
claudio [Thu, 2 Feb 2023 13:28:31 +0000 (13:28 +0000)]
Use binary or to set the ether_vtag which makes the code the same
as in the other case as argument to vlan_inject(). Result is the same.
OK dlg@ kn@ mvs@
miod [Thu, 2 Feb 2023 13:03:50 +0000 (13:03 +0000)]
Move all data blocks from .text to .rodata and cleanup up and homogeneize code
responsible from getting the proper address of those blocks.
anton [Thu, 2 Feb 2023 12:37:14 +0000 (12:37 +0000)]
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
anton [Thu, 2 Feb 2023 12:36:52 +0000 (12:36 +0000)]
Sync function prototypes and declarations to satisfy clang 15.
ok jsing@
djm [Thu, 2 Feb 2023 12:12:52 +0000 (12:12 +0000)]
test compat_kex_proposal(); by dtucker@
djm [Thu, 2 Feb 2023 12:10:22 +0000 (12:10 +0000)]
openssh-9.2
djm [Thu, 2 Feb 2023 12:10:05 +0000 (12:10 +0000)]
fix double-free caused by compat_kex_proposal(); bz3522
by dtucker@, ok me
mvs [Thu, 2 Feb 2023 09:35:07 +0000 (09:35 +0000)]
Move the rest of common socket initialization within soalloc().
ok visa@
mvs [Thu, 2 Feb 2023 09:34:17 +0000 (09:34 +0000)]
Deny "pipex no" tunnel setting for pppx(4) interfaces. They are useless
with disabled pipex(4), because in such case npppd(8) successfully
establishes connection, but doesn't create corresponding interface, so
the traffic doesn't flow.
This is not applicable for pppac(4) interfaces, they work with disabled
pipex(4).
ok yasuoka@
nicm [Thu, 2 Feb 2023 09:24:59 +0000 (09:24 +0000)]
Add a missing error message which causes an invalid layout name to crash.
nicm [Thu, 2 Feb 2023 09:06:44 +0000 (09:06 +0000)]
Tweak note for D key binding, from Clark Wang.
jsg [Thu, 2 Feb 2023 04:24:59 +0000 (04:24 +0000)]
amdgpu: fix build on non-DCN platforms.
From Dave Airlie
432ddb5765c45e12339f2980463c89b21c96b504 in linux-6.1.y/6.1.9
f439a959dcfb6b39d6fd4b85ca1110a1d1de1587 in mainline linux
jsg [Thu, 2 Feb 2023 04:23:33 +0000 (04:23 +0000)]
drm/i915/selftest: fix intel_selftest_modify_policy argument types
From Arnd Bergmann
2e3539d34b8e3b6e77d47b681819e134d463108c in linux-6.1.y/6.1.9
2255bbcdc39d5b0311968f86614ae4f25fdd465d in mainline linux
jsg [Thu, 2 Feb 2023 04:21:45 +0000 (04:21 +0000)]
drm/i915: Fix a memory leak with reused mmap_offset
From Nirmoy Das
0bdc4b4ba7206c452ee81c82fa66e39d0e1780fb in linux-6.1.y/6.1.9
0220e4fe178c3390eb0291cdb34912d66972db8a in mainline linux
jsg [Thu, 2 Feb 2023 04:20:13 +0000 (04:20 +0000)]
drm/drm_vma_manager: Add drm_vma_node_allow_once()
From Nirmoy Das
67444f8ca31cdaf45e0b761241ad49b1ae04bcf9 in linux-6.1.y/6.1.9
899d3a3c19ac0e5da013ce34833dccb97d19b5e4 in mainline linux
jsg [Thu, 2 Feb 2023 04:16:36 +0000 (04:16 +0000)]
drm/amdgpu/display/mst: update mst_mgr relevant variable when long HPD
From Wayne Lin
af8e87f72f9ea4c6915506098e506c4e08d3d49c in linux-6.1.y/6.1.9
f85c5e25fd28fe0bf6d6d0563cf83758a4e05c8f in mainline linux
jsg [Thu, 2 Feb 2023 04:15:05 +0000 (04:15 +0000)]
drm/amdgpu/display/mst: limit payload to be updated one by one
From Wayne Lin
be6bf2321343592f879176f8a02bfbea2b615826 in linux-6.1.y/6.1.9
cb1e0b015f56b8f3c7f5ce33ff4b782ee5674512 in mainline linux
jsg [Thu, 2 Feb 2023 04:13:11 +0000 (04:13 +0000)]
drm/amdgpu/display/mst: Fix mst_state->pbn_div and slot count assignments
From Lyude Paul
5891a419031d2d319623ee2a92db536bdda75d92 in linux-6.1.y/6.1.9
1119e1f9636b76aef14068c7fd0b4d55132b86b8 in mainline linux
jsg [Thu, 2 Feb 2023 04:11:15 +0000 (04:11 +0000)]
drm/amdgpu: remove unconditional trap enable on add gfx11 queues
From Jonathan Kim
60cd9bb28b973764b43dfa836fc0ac26745d54bd in linux-6.1.y/6.1.9
2de3769830346e68b3de0f4abc0d8e2625ad9dac in mainline linux
jsg [Thu, 2 Feb 2023 04:09:36 +0000 (04:09 +0000)]
drm/amd/pm: add missing AllowIHInterrupt message mapping for SMU13.0.0
From Evan Quan
076f7a8798f5d87037ff6bc9aa077f854b6459fa in linux-6.1.y/6.1.9
15b207d0abdcbb2271774aa99d9a290789159e75 in mainline linux
jsg [Thu, 2 Feb 2023 04:07:54 +0000 (04:07 +0000)]
drm/display/dp_mst: Correct the kref of port.
From Wayne Lin
335ef7d0777c5609d5fadb5b73b96c538fa8fc93 in linux-6.1.y/6.1.9
d8bf2df715bb8ac964f91fe8bf67c37c5d916463 in mainline linux
jsg [Thu, 2 Feb 2023 04:05:08 +0000 (04:05 +0000)]
drm/amdgpu: complete gfxoff allow signal during suspend without delay
From Harsh Jain
3964b0c2e843334858da99db881859faa4df241d in linux-6.1.y/6.1.9
4b31b92b143f7d209f3d494c56d4c4673e9fc53d in mainline linux
jsg [Thu, 2 Feb 2023 04:02:33 +0000 (04:02 +0000)]
drm/i915: Allow alternate fixed modes always for eDP
From Ville Syrjala
2c8fb41ed0e64fd58b9381843106fb9ae8e0dc27 in linux-6.1.y/6.1.9
55cfeecc2197de68e9cc30f77c711dcbcdf27510 in mainline linux
jsg [Thu, 2 Feb 2023 04:00:20 +0000 (04:00 +0000)]
drm/i915: Allow panel fixed modes to have differing sync polarities
From Ville Syrjala
7fa092a05791b17414e8888a07b1e3ef3f86633e in linux-6.1.y/6.1.9
2bd0db4b3f0bd529f75b32538fc5a3775e3591c0 in mainline linux
jsg [Thu, 2 Feb 2023 03:58:04 +0000 (03:58 +0000)]
drm/amdkfd: Fix NULL pointer error for GC 11.0.1 on mGPU
From Eric Huang
ca6263dc22acafc04c0d164900e5662a0e920a8a in linux-6.1.y/6.1.9
a6941f89d7c6a6ba49316bbd7da2fb2f719119a7 in mainline linux
jsg [Thu, 2 Feb 2023 03:56:28 +0000 (03:56 +0000)]
drm/amdkfd: Add sync after creating vram bo
From Eric Huang
92af2d3b57a1afdfdcafb1c6a07ffd89cf3e98fb in linux-6.1.y/6.1.9
ba029e9991d9be90a28b6a0ceb25e9a6fb348829 in mainline linux
jsg [Thu, 2 Feb 2023 03:54:42 +0000 (03:54 +0000)]
drm: Add orientation quirk for Lenovo ideapad D330-10IGL
From Patrick Thompson
68f5d286aa3def44086d8f4e59f8e950dd1f2075 in linux-6.1.y/6.1.9
0688773f0710528e1ab302c3d6317e269f2e2e6e in mainline linux
jsg [Thu, 2 Feb 2023 03:51:52 +0000 (03:51 +0000)]
drm/amd/display: fix issues with driver unload
From Hamza Mahfooz
b0b029ee04ef3dd6c7da0922204fb9e47a0b9010 in linux-6.1.y/6.1.9
e433adc60f7f847e734c56246b09291532f29b6d in mainline linux
jsg [Thu, 2 Feb 2023 03:49:58 +0000 (03:49 +0000)]
drm/i915/selftests: Unwind hugepages to drop wakeref on error
From Chris Wilson
d5fb544b4ce56316bdfd542511dcd34c5798c3b8 in linux-6.1.y/6.1.9
93eea624526fc7d070cdae463408665824075f54 in mainline linux
deraadt [Thu, 2 Feb 2023 00:44:08 +0000 (00:44 +0000)]
unify spacing for LOAD FLAGS lines
deraadt [Thu, 2 Feb 2023 00:43:08 +0000 (00:43 +0000)]
i386 and alpha ld.so also work with X-only text LOAD. There is no
hardware enforcement for this, but uvm can some of it's own tricks
on occasion.
krw [Thu, 2 Feb 2023 00:20:49 +0000 (00:20 +0000)]
Restore incorrectly deleted test for default partitions intruding
into the OpenBSD area that is about to be auto-allocated.
Fixes resizing partitions on an auto-allocated disk that had a
boot partition.
Found by dv@
miod [Wed, 1 Feb 2023 20:56:23 +0000 (20:56 +0000)]
Despite only testing the low-order bit of its operand, the blbc and blbs
instructions always fetch a 32-bit word when operand is a memory address.
This works unless the address is within the last 3 bytes of a page, with
the next page being invalid, something which can happen with small malloc'ed
structures (I'm looking at you, perl).
Work around the problem by requiring a register operand in all cases; the
register load will be a zero-extension load of the right width.
This is my entry into the "fix a 30-year old bug" contest of 2023.
miod [Wed, 1 Feb 2023 20:45:04 +0000 (20:45 +0000)]
Move all data blocks from .text to .rodata and cleanup up and homogeneize code
responsible from getting the proper address of those blocks.
ok tb@ jsing@
miod [Wed, 1 Feb 2023 20:34:10 +0000 (20:34 +0000)]
Backport gnu/gcc/gcc/c-typeck.c r1.3 to the gcc 3 code base:
Adjust how gcc3 handles the "missing braces around initializer" warning.
In c99 any value can be initalised using a { 0 } constructor independent
of the type. Now if a struct's first member is another struct then gcc4
issues the above warning but it should not do that.
Move the warning check from push_init_level() to pop_init_level() and
check if either { 0 } or { } was used. If additional implicit braces
were added surpress the warning.
Inspired by gcc PR#64709
light testing by me, serious testing by aoyama@
gkoehler [Wed, 1 Feb 2023 19:02:50 +0000 (19:02 +0000)]
For xonly, move sha512-ppc.pl's table from text to rodata
OpenBSD/macppc will enforce xonly on PowerPC G5, then libcrypto's
sha256 would crash by SIGSEGV, because it can't read text.
Use ELF relocations "@ha" and "@l" to find the table in rodata. This
might break the PowerPC asm on a not-ELF platform (like AIX or Mac OS)
if someone would try it there.
ok kettenis@ deraadt@
tb [Wed, 1 Feb 2023 16:03:47 +0000 (16:03 +0000)]
Don't run session tests with openssl 3.0 - these tests aren't TLSv1.3 ready
tb [Wed, 1 Feb 2023 15:59:50 +0000 (15:59 +0000)]
Hopefully the last one.
tb [Wed, 1 Feb 2023 15:58:20 +0000 (15:58 +0000)]
One more openssl 1.0.2 thing missed.
tb [Wed, 1 Feb 2023 15:38:57 +0000 (15:38 +0000)]
Switch from eopenssl to eopenssl30. Missed in both previous commits
for some reason.
job [Wed, 1 Feb 2023 15:37:34 +0000 (15:37 +0000)]
Fix spelling
tb [Wed, 1 Feb 2023 14:39:09 +0000 (14:39 +0000)]
Retire OpenSSL 1.0.2 interop
Now that the OpenSSL 1.0.2 port is gone, there's no need to keep the
interop tests anymore. anton's and bluhm's regress tests will switch
to testing interoperability with OpenSSL 3.0.
jsing [Wed, 1 Feb 2023 06:23:13 +0000 (06:23 +0000)]
Pull the MONT_WORD define to the top.
Reordering functions with defines hiding in the middle leads to fun
outcomes... and apparently the non-MONT_WORD code is broken, at least on
aarch64.
jsing [Wed, 1 Feb 2023 04:48:08 +0000 (04:48 +0000)]
Move BN_MONT_CTX_* functions to the top of the file.
No functional change.
bluhm [Wed, 1 Feb 2023 00:03:38 +0000 (00:03 +0000)]
Print the pid in lastcomm(1) output for post mortem analysis. Put
it in brackets after the command name, like syslogd does it in log
files. A while ago the process id was added to process accounting
in the kernel, so no ABI break this time.
OK deraadt@
ratchov [Tue, 31 Jan 2023 21:38:01 +0000 (21:38 +0000)]
Fix a typo in a comment and spacing
from weerd@
tb [Tue, 31 Jan 2023 20:37:16 +0000 (20:37 +0000)]
Remove "deletetunnel" command (marked as "remove during 6.4-current").
The "-tunnel" command of course remains.
cheloha [Tue, 31 Jan 2023 19:11:47 +0000 (19:11 +0000)]
amd64: lapic_timer_trigger: disable interrupts while configuring timer
lapic_timer_oneshot() does three writes. We need to disable
interrupts to ensure the timer lands in a valid state.
Link: https://marc.info/?l=openbsd-tech&m=167482851403841&w=2
ok mlarkin@
claudio [Tue, 31 Jan 2023 17:14:27 +0000 (17:14 +0000)]
Not only reset the connection when a fatal error is received (or sent)
but also reset the cache and start totally fresh. The RFC is exceptionally
vague about error handling but in most cases the cache state is enough
off after an error that a fresh restart makes most sense.
With and OK job@
deraadt [Tue, 31 Jan 2023 15:18:51 +0000 (15:18 +0000)]
On systems without xonly mmu hardware-enforcement, we can still mitigate
against classic BROP with a range-checking wrapper in front of copyin() and
copyinstr() which ensures the userland source doesn't overlap the main program
text, ld.so text, signal tramp text (it's mapping is hard to distinguish
so it comes along for the ride), or libc.so text. ld.so tells the kernel
libc.so text range with msyscall(2). The range checking for 2-4 elements is
done without locking (because all 4 ranges are immutable!) and is inexpensive.
write(sock, &open, 400) now fails with EFAULT. No programs have been
discovered which require reading their own text segments with a system call.
On a machine without mmu enforcement, a test program reports the following:
userland kernel
ld.so readable unreadable
mmap xz unreadable unreadable
mmap x readable readable
mmap nrx readable readable
mmap nwx readable readable
mmap xnwx readable readable
main readable unreadable
libc unmapped? readable unreadable
libc mapped readable unreadable
ok kettenis, additional help from miod
job [Tue, 31 Jan 2023 14:38:43 +0000 (14:38 +0000)]
Fix RTR error reporting: length fields in Error Reports are 32 bits
OK claudio@
job [Tue, 31 Jan 2023 14:32:43 +0000 (14:32 +0000)]
Improve whitespace alignment of RTR error reports
OK claudio@
espie [Tue, 31 Jan 2023 13:53:49 +0000 (13:53 +0000)]
typo, fix variable name
mvs [Tue, 31 Jan 2023 13:41:54 +0000 (13:41 +0000)]
Remove the last ones route lock references from comments.
No functional change.
mvs [Tue, 31 Jan 2023 11:47:35 +0000 (11:47 +0000)]
Route lock was reverted, adjust forgotten commentary.
No functional changes.
jsing [Tue, 31 Jan 2023 06:17:10 +0000 (06:17 +0000)]
Remove the now empty bn_asm.c.
This rather misnamed file (bn_asm.c) previously contained the C code that
was needed to build libcrypto bignum on platforms that did not have
assembly implementations of the functions it contained.
jsing [Tue, 31 Jan 2023 06:08:23 +0000 (06:08 +0000)]
Simplify bn_div_3_words().
Make use of bn_umul_hilo() and remove the tangle of preprocessor directives
that implement different code paths depending on what defines exist.
ok tb@
jsing [Tue, 31 Jan 2023 05:57:08 +0000 (05:57 +0000)]
Provide inline assembly bn_umul_hilo() for alpha/powerpc64/riscv64.
These should work, but are currently untested and disabled.
ok tb@
jsing [Tue, 31 Jan 2023 05:53:49 +0000 (05:53 +0000)]
Provide inline assembly versions of bn_umul_hilo() for aarch64/amd64/i386.
ok tb@
jsing [Tue, 31 Jan 2023 05:48:39 +0000 (05:48 +0000)]
Provide bn_umul_hilo().
The bignum code needs to be able to multiply two words, producing a
double word result. Some architectures do not have native support for
this, hence a pure C version is required. bn_umul_hilo() provides this
functionality.
There are currently two implementations, both of which are branch free.
The first uses bitwise operations for the carry, while the second uses
accumulators. The accumulator version uses fewer instructions, however
requires more variables/registers and seems to be slower, at least on
amd64/i386. The accumulator version may be faster on architectures that
have more registers available. Further testing can be performed and one
of the two implementations can be removed at a later date.
ok tb@
jsing [Tue, 31 Jan 2023 05:16:52 +0000 (05:16 +0000)]
Correctly detect b < a in BN_usub().
BN_usub() requires that a >= b and should return an error in the case that
b < a. This is currently only detected by checking the number of words in
a versus b - if they have the same number of words, the top word is not
checked and b < a, which then succeeds and produces an incorrect result.
Fix this by checking for the case where a and b have an equal number of
words, yet there is a borrow returned from bn_sub_words().
ok miod@ tb@
jsing [Tue, 31 Jan 2023 05:13:28 +0000 (05:13 +0000)]
Add bn/arch/${MACHINE_CPU} to the include path.
This will be needed once headers pull in bn_arch.h.
jsing [Tue, 31 Jan 2023 05:12:16 +0000 (05:12 +0000)]
Add more regress tests for BN_usub().
This adds more tests for BN_usub(), particularly where b > a, which should
be an error condition. One of these currently succeeds and produces
incorrect results.
jsing [Tue, 31 Jan 2023 05:09:34 +0000 (05:09 +0000)]
Remove sparc related files from libcrypto.
The sparc platform got retired a while back, however some parts remained
hiding in libcrypto. Mop these up (along with the bn_arch.h that I
introduced).
Spotted by and ok tb@
gkoehler [Tue, 31 Jan 2023 01:27:58 +0000 (01:27 +0000)]
Execute-only for macppc G5
The G5 PowerPC 970 has a Data Address Compare mechanism that can trap
loads and stores to pages with PTE_AC_64, while allowing instruction
fetches. Use this for execute-only mappings, like we do on powerpc64.
Add a check to pte_spill_v for execute-only mappings. Without this,
we would forever retry reading an execute-only page.
In altivec_assist, copyin would fail to read the instruction from an
execute-only page. Add copyinsn to bypass x-only, like sparc64.
with help from abieber@ deraadt@ kettenis@
ok deraadt@
deraadt [Tue, 31 Jan 2023 00:50:17 +0000 (00:50 +0000)]
powerpc xonly for G5 is coming. ld.so can have xonly text.
ok gkoehler
dv [Mon, 30 Jan 2023 21:43:12 +0000 (21:43 +0000)]
vmd(8): fix an interrupt storm in ns8250.
On slower hosts, such as those in a nested virtualization scenario
of OpenBSD guest inside OpenBSD atop Linux KVM, ns8250 can cause a
race between the kevent firing and the vcpu being kicked by an
assert/deassert of the irq.
The end user experiences a "stuck" serial console and the host will
see a vmd process peg the cpu.
This change only toggles the irq if we were in a position of being
ready to receive data on the device so while the kevent might
continuously fire, the vcpu will not be kicked repeatedly.
OK mlarkin@
kettenis [Mon, 30 Jan 2023 20:05:31 +0000 (20:05 +0000)]
Rework cpu_init_secondary() such that it can be used for both the initial
powerup and for wakeup from deeper sleep states.
Adjust cpu_suspen_primary() to use pmap_extract() to find the physical
address of the entry point and struct cpu_info.
ok phessler@
miod [Mon, 30 Jan 2023 19:26:16 +0000 (19:26 +0000)]
Fix logic of picmeup() to only produce one set of statements on OpenBSD; this
got accidentally lost in 1.4.
claudio [Mon, 30 Jan 2023 17:02:48 +0000 (17:02 +0000)]
Extend community unittests to cover more bits
sthen [Mon, 30 Jan 2023 16:54:56 +0000 (16:54 +0000)]
sync --execute-only archs described in the manual with current code
ok deraadt
claudio [Mon, 30 Jan 2023 16:53:24 +0000 (16:53 +0000)]
Same parseextvalue() change as in parse.y rev 1.441
Use 2-byte ASnum encoding as a default when local-as/neighbor-as is used.
claudio [Mon, 30 Jan 2023 16:51:34 +0000 (16:51 +0000)]
Alter the way extended communities are matched when part of the value
is auto-expanded or masked off.
Try to match against both 2- and 4-byte AS encoding and on insertion
check if expansion is actually possible and deny communities where both
community values are > USHRT_MAX.
OK tb@
jcs [Mon, 30 Jan 2023 14:43:29 +0000 (14:43 +0000)]
The APM_IOC_NEXTEVENT ioctl was removed in the mickey era, remove
documentation about it
ok deraadt, miod
dv [Mon, 30 Jan 2023 14:05:36 +0000 (14:05 +0000)]
vmm(4): expose PKU cpuid bit if in use on host.
We are using {rd,wr}pkru instructions for saving and restoring the
PKRU, so tie the exposure of PKU feature bit to vmm having the
ability to properly handle the guest state.
deraadt [Mon, 30 Jan 2023 11:21:26 +0000 (11:21 +0000)]
part of a future diff snuck into the previous commit
jsg [Mon, 30 Jan 2023 10:49:04 +0000 (10:49 +0000)]
remove unneeded includes in arch/i386
ok krw@ miod@
visa [Mon, 30 Jan 2023 03:31:59 +0000 (03:31 +0000)]
Replace selwakeup() with KNOTE() in pppac(4) and pppx(4)
Use the same mutex for read and write side klists. It would be overkill
to have dedicated locks.
Remove klist_invalidate() from pppacclose() because pppac(4) does not
have forced device detach. When the close routine gets called, there
should be no open file descriptors pointing the device, and consequently
the klists should be empty.
OK mvs@
dv [Mon, 30 Jan 2023 02:32:01 +0000 (02:32 +0000)]
vmm(4): save and restore guest pkru.
Take a simple approach for saving and restoring PKRU if the host
has PKE support enabled. Uses explicit rdpkru/wrpkru instructions
for now instead of xsave.
This functionality is still gated behind amd64 pmap checking for
operation under a hypervisor as well as vmm masking the cpuid bit
for PKU.
"if your diff is good, then commit it" -deraadt@
deraadt [Mon, 30 Jan 2023 00:10:39 +0000 (00:10 +0000)]
We have determined that enough HV have correct PKU handling now,
so don't be paranoid about it anymore. What does this mean? If the HV
above you is broken, userland programs in the guest could crash, the guest
might even be quite unusable. So fix the hypervisor. The best way to
raise the bar on hypervisor quality is for guests to behave like they
are on a real machine, and then sucky hypervisors have to get fixed.
ps. if using vmd as your hypervisor, use syspatch...
gnezdo [Sun, 29 Jan 2023 20:30:56 +0000 (20:30 +0000)]
Accumulate intermediate imutables locally before applying
OK deraadt
gnezdo [Sun, 29 Jan 2023 20:30:21 +0000 (20:30 +0000)]
Unite all nitems copies in ld.so/util.h
OK deraadt
deraadt [Sun, 29 Jan 2023 16:23:15 +0000 (16:23 +0000)]
sign another typo
deraadt [Sun, 29 Jan 2023 16:09:32 +0000 (16:09 +0000)]
32-bit powerpc should also allow the --exec-only flag.
but it isn't the default yet
jsing [Sun, 29 Jan 2023 15:51:26 +0000 (15:51 +0000)]
Use utime in order to make benchmarks less noisy and more consistent.
jsing [Sun, 29 Jan 2023 15:33:43 +0000 (15:33 +0000)]
Set BN_FLG_CONSTTIME on benchmark inputs.
The public APIs still change behaviour based on BN_FLG_CONSTTIME - set it
to avoid benchmark noise.
jsing [Sun, 29 Jan 2023 15:26:55 +0000 (15:26 +0000)]
Add benchmarks for BN_div()
jsing [Sun, 29 Jan 2023 15:22:12 +0000 (15:22 +0000)]
Correct setup for BN_mul/BN_sqr benchmarks.
BN_rand() takes a bit length, not the top bit.
jsing [Sun, 29 Jan 2023 15:18:49 +0000 (15:18 +0000)]
Rename bn_mul.c regress to bn_mul_div.c.
jsing [Sun, 29 Jan 2023 14:06:58 +0000 (14:06 +0000)]
Remove the now empty/unused bn_depr.c.
jsing [Sun, 29 Jan 2023 14:00:41 +0000 (14:00 +0000)]
Use s2n-bignum assembly implementations for libcrypto bignum on amd64.
This switches the core bignum assembly implementations from x86_64-gcc.c to
s2n-bignum for amd64.
ok miod@ tb@
otto [Sun, 29 Jan 2023 09:28:57 +0000 (09:28 +0000)]
Fix ^^D and 0^D description; pointed out by Tomas Rippl; ok jmc@
deraadt [Sun, 29 Jan 2023 07:37:34 +0000 (07:37 +0000)]
powerpc64 xonly works; ld.so can be switched over
tb [Sat, 28 Jan 2023 21:24:40 +0000 (21:24 +0000)]
sync
deraadt [Sat, 28 Jan 2023 21:17:58 +0000 (21:17 +0000)]
sync
projects / openbsd / log