jsing [Sat, 26 Mar 2022 15:00:51 +0000 (15:00 +0000)]
Remove the minimum record length checks from dtls1_read_bytes()
The code that handles each record type already has appropriate length
checks. Furthermore, the handling of application data here is likely
incorrect and bypasses the normal state checks at the end of this function.
ok inoguchi@ tb@
jsing [Sat, 26 Mar 2022 14:54:58 +0000 (14:54 +0000)]
Convert c2i_ASN1_OBJECT() and d2i_ASN1_OBJECT to CBS.
Along the way, rather than having yet another piece of code that parses
OID arcs, reuse oid_parse_arc(). Always allocate a new ASN1_OBJECT rather
than doing a crazy dance with ASN1_OBJECT_FLAG_DYNAMIC and trying to free
parts of an ASN1_OBJECT if one is passed in.
ok inoguchi@ tb@
jsing [Sat, 26 Mar 2022 14:47:58 +0000 (14:47 +0000)]
Provide asn1_get_primitive()
This takes a CBS, gets the ASN.1 identifier and length, ensures the
resulting identifier is a valid primitive, then returns the tag number and
the content as a CBS.
ok inoguchi@ tb@
deraadt [Sat, 26 Mar 2022 14:26:44 +0000 (14:26 +0000)]
grow i386 media
stsp [Sat, 26 Mar 2022 14:25:14 +0000 (14:25 +0000)]
Enable mtw(4) on i386, macppc, and arm64.
Testing by hastings@ and myself.
i386 has a media size issue, deraadt@ will sort it out.
tb [Sat, 26 Mar 2022 12:43:11 +0000 (12:43 +0000)]
typo: currents -> current
jmatthew [Sat, 26 Mar 2022 06:04:20 +0000 (06:04 +0000)]
Expand tx dma maps to allow packets up to the MTU limit to be transmitted.
Don't clear TPB_TX_BUF_EN when taking the interface down, as somehow that
causes transmission to fail when the interface comes up again if any large
packets had been sent.
Handle packets received into multiple rx buffers using the same approach as
ixl(4), with the addition that a receive error can be signaled on any of
the buffers rather than just the last one. Set the low water mark on the
rx ring so there are always enough buffers to receive the largest packet
supported by the interface, and fix the calculation of the data pointer
in rx buffers so there's actually MCLBYTES space available.
ok dlg@
robert [Fri, 25 Mar 2022 17:42:07 +0000 (17:42 +0000)]
use the new CPU_ID_AA64ISAR0 sysctl to determine CPU features on arm64
ok tb@, deraadt@, kettenis@
robert [Fri, 25 Mar 2022 17:40:59 +0000 (17:40 +0000)]
add an exception to the CPU_ID_AA64ISAR0 in pledged applications so that
libcrypto can access this sysctl on arm64 without restrictions to determine
cpu features
ok deraadt@, kettenis@
tb [Fri, 25 Mar 2022 16:14:55 +0000 (16:14 +0000)]
Savecore uses its own private copy of compress, so it should
not include <zlib.h>
discussed with deraadt
kettenis [Fri, 25 Mar 2022 15:52:03 +0000 (15:52 +0000)]
Implement reboot/powerdown support based on nvmem cells. This works on
M1 Pro/Max machines and will hopefully continue to work on future models
by abstracting the magic flag that needs to be set using device tree
properties.
ok patrick@
kettenis [Fri, 25 Mar 2022 15:49:29 +0000 (15:49 +0000)]
Implement support for the "bits" property for nvmem cells.
ok patrick@
bluhm [Fri, 25 Mar 2022 14:15:10 +0000 (14:15 +0000)]
Now that syslogd(8) supports SSL shutdown when the TLS connection
terminates, do SSL shutdown in the test client. This will detect
SSL handshake errors also with TLS 1.3 if the CA of the client
certificate is invalid.
test races reported by anton@; debugged with Carsten Arzig
bluhm [Fri, 25 Mar 2022 11:38:11 +0000 (11:38 +0000)]
Build Perl module Compress::Raw::Zlib with zlib from /usr/lib/libz.so
instead of the sources that are packaged with Perl. This allows
us to apply security fixes for userland base in one place. Zlib.so
is used with dlopen(3) and gets a new library dependency to libz.
Before zlib objects from zlib-src were linked statically.
OK tb@
tb [Fri, 25 Mar 2022 10:59:59 +0000 (10:59 +0000)]
Sync with userland libz (memory-corruption + followup).
ok mbuhl millert
tb [Fri, 25 Mar 2022 10:58:39 +0000 (10:58 +0000)]
Improve error checking in deflatePrime()
This is a small follow-up commit to the previous commit.
ok mbuhl millert
commit
4346a16853e19b45787ce933666026903fb8f3f8
Author: Mark Adler <madler@alumni.caltech.edu>
Date: Tue Apr 17 22:44:41 2018 -0700
Assure that the number of bits for deflatePrime() is valid.
https://github.com/madler/zlib/commit/
4346a16853e19b45787ce933666026903fb8f3f8
tb [Fri, 25 Mar 2022 10:54:27 +0000 (10:54 +0000)]
Fix memory corruption bug in zlib
zlib has a crashing bug. The bug fix has been sitting in the
unreleased develop branch for nearly four years. Pull in this fix.
ok mbuhl millert
Reported by Tavis Ormandy on oss-security:
https://marc.info/?l=oss-security&m=
164809382107156&w=2
commit
5c44459c3b28a9bd3283aaceab7c615f8020c531
Author: Mark Adler <madler@alumni.caltech.edu>
Date: Tue Apr 17 22:09:22 2018 -0700
Fix a bug that can crash deflate on some input when using Z_FIXED.
This bug was reported by Danilo Ramos of Eideticom, Inc. It has
lain in wait 13 years before being found! The bug was introduced
in zlib 1.2.2.2, with the addition of the Z_FIXED option. That
option forces the use of fixed Huffman codes. For rare inputs with
a large number of distant matches, the pending buffer into which
the compressed data is written can overwrite the distance symbol
table which it overlays. That results in corrupted output due to
invalid distances, and can result in out-of-bound accesses,
crashing the application.
The fix here combines the distance buffer and literal/length
buffers into a single symbol buffer. Now three bytes of pending
buffer space are opened up for each literal or length/distance
pair consumed, instead of the previous two bytes. This assures
that the pending buffer cannot overwrite the symbol table, since
the maximum fixed code compressed length/distance is 31 bits, and
since there are four bytes of pending space for every three bytes
of symbol space.
https://github.com/madler/zlib/commit/
5c44459c3b28a9bd3283aaceab7c615f8020c531
claudio [Fri, 25 Mar 2022 08:19:04 +0000 (08:19 +0000)]
Implement most of the CMS related checks required by RFC 6488 section 3
Verify that SignerInfo and Signed Attributes are set according to the RFC.
Especially enforce that the right attributes are signed. Check that there
are no unsigned attributes, no CRL and that the correct content-type,
digest and signature algorithm are used.
The OpenSSL API makes it impossible to verify the versions and some other
more suttle differences like detecting signle attributes vs a SET OF one.
Similarly OpenSSL accepts both DER and BER encoding in the payload.
These smaller differences to the RFC are not optimal but not a risk.
Lots of feedback and OK tb@
nicm [Fri, 25 Mar 2022 06:14:42 +0000 (06:14 +0000)]
Fix exit message if creating socket fails.
tb [Fri, 25 Mar 2022 00:42:27 +0000 (00:42 +0000)]
Sync zlib with userland
Backport zlib fix for the multi line CLEAR_HASH macro. There is
an else branch where only half of the macro is executed conditionally.
Acording to upstream comment this has only little impact.
https://github.com/madler/zlib/commit/
38e8ce32afbaa82f67d992b9f3056f281fe69259
ok bluhm (who had the same diff)
bluhm [Thu, 24 Mar 2022 22:11:11 +0000 (22:11 +0000)]
Link libz into regress build.
bluhm [Thu, 24 Mar 2022 22:04:27 +0000 (22:04 +0000)]
Backport zlib fix for the multi line CLEAR_HASH macro. There is
an else branch where only half of the macro is executed conditionally.
Acording to upstream comment this has only little impact.
https://github.com/madler/zlib/commit/
38e8ce32afbaa82f67d992b9f3056f281fe69259
OK deraadt@ tb@
krw [Thu, 24 Mar 2022 20:46:56 +0000 (20:46 +0000)]
The installer no longer runs dhclient(8).
New verbiage suggested by deraadt@.
bluhm [Thu, 24 Mar 2022 19:41:06 +0000 (19:41 +0000)]
Import upstream madler/zlib test files and run them with our libz.
kettenis [Thu, 24 Mar 2022 18:42:05 +0000 (18:42 +0000)]
Add $OpenBSD$ tag and declare that this file is in the public domain.
requested by miod@
tb [Thu, 24 Mar 2022 15:58:57 +0000 (15:58 +0000)]
Adjust the signer test to link statically and work with hidden tls_signer
API.
tb [Thu, 24 Mar 2022 15:57:44 +0000 (15:57 +0000)]
sync
tb [Thu, 24 Mar 2022 15:57:04 +0000 (15:57 +0000)]
Crank major after symbol removal.
tb [Thu, 24 Mar 2022 15:56:34 +0000 (15:56 +0000)]
Hide the tls_signer from public visibility. It's not ready yet and
should not be used. It will be revisited after release.
ok beck inoguchi jsing
deraadt [Thu, 24 Mar 2022 14:39:08 +0000 (14:39 +0000)]
whitespace niggle noticed during review
inoguchi [Thu, 24 Mar 2022 14:07:08 +0000 (14:07 +0000)]
Check function return value
inoguchi [Thu, 24 Mar 2022 13:47:55 +0000 (13:47 +0000)]
Compare pointer value with NULL
nicm [Thu, 24 Mar 2022 12:07:25 +0000 (12:07 +0000)]
Add unit (milliseconds) to escape-time, show unset colours as "none"
rather than "invalid" and don't show the same text twice for user
options in customize mode.
inoguchi [Thu, 24 Mar 2022 12:00:17 +0000 (12:00 +0000)]
Wrap long lines
inoguchi [Thu, 24 Mar 2022 11:40:07 +0000 (11:40 +0000)]
Remove space between asterisk and variable name
inoguchi [Thu, 24 Mar 2022 11:27:45 +0000 (11:27 +0000)]
Convert openssl(1) ts option handling
Apply new option handling to openssl(1) ts, and there is no functional
changes here.
usage strings are comes from manual page.
comments and ok jsing@
nicm [Thu, 24 Mar 2022 09:05:57 +0000 (09:05 +0000)]
Add a capability for OSC 7 and use it similarly to how the title is set
(and controlled by the same set-titles option). GitHub issue 3127.
otto [Thu, 24 Mar 2022 07:37:19 +0000 (07:37 +0000)]
Plus a small leak found by jmatthew; ok millert@
krw [Thu, 24 Mar 2022 00:30:51 +0000 (00:30 +0000)]
Revert previous. Breaks probing native IDE devices.
Problem reported by jungle Boogie via bugs@
jca [Wed, 23 Mar 2022 23:48:30 +0000 (23:48 +0000)]
Trapping a riscv illegal instruction shouldn't print a console message
"Old debugging code obviously" deraadt@
kettenis [Wed, 23 Mar 2022 23:36:35 +0000 (23:36 +0000)]
Export the ID_AA64ISARn_EL1 registers to userspace through sysctl(2) such
that we can detect which instruction set extensions are supported without
relying in catching SIGILL.
ok deraadt@
deraadt [Wed, 23 Mar 2022 22:44:01 +0000 (22:44 +0000)]
Do not forget to install ar.1; ok robert
bluhm [Wed, 23 Mar 2022 22:34:51 +0000 (22:34 +0000)]
Add subdir gnu/lib to regress.
bluhm [Wed, 23 Mar 2022 22:32:08 +0000 (22:32 +0000)]
Simplify logic for skipping libexecinfo unwind test. It works on
clang archs except armv7.
bluhm [Wed, 23 Mar 2022 22:07:10 +0000 (22:07 +0000)]
Ensure that pf regress anchor exists before clearing it.
bluhm [Wed, 23 Mar 2022 17:36:09 +0000 (17:36 +0000)]
Use goto fail consistently to leave the giant switch in pfioctl().
To terminate inner switches and loops, break is used. This makes
it easier to reason whereto the code jumps.
no binary change; OK millert@ sashan@
bluhm [Wed, 23 Mar 2022 17:22:28 +0000 (17:22 +0000)]
Move global variable ripsrc onto stack, it is only used once within
rip_input().
from dhill@
florian [Wed, 23 Mar 2022 15:26:08 +0000 (15:26 +0000)]
Rate limit router advertisements according to RFC 4861 6.2.6. In
particular make sure to send at most one multicast advertisement every
three seconds.
input & OK deraadt
tb [Wed, 23 Mar 2022 15:16:59 +0000 (15:16 +0000)]
openssl cms: avoid NULL derefs on option parsing
Two missing initializations in the new option handling cause a
segfault when -nodetach or -noindef is passed to openssl cms.
ok inoguchi jsing miod
tb [Wed, 23 Mar 2022 15:13:31 +0000 (15:13 +0000)]
Start disentangling armv7 and aarch64 code
arm_arch.h and armcap.c are shared between armv7 and aarch64 which
results in an inscrutable #ifdef maze. Move copies of these files
into arch/{arm,aarch64}/ with appropriate names and some trivial
minor adjustments.
ok deraadt inoguchi kettenis
millert [Wed, 23 Mar 2022 14:52:25 +0000 (14:52 +0000)]
Remove extra space at EOL in last commit.
millert [Wed, 23 Mar 2022 14:51:42 +0000 (14:51 +0000)]
Expand the description of the LOGIN_SET* bits.
Specifically, describe the default behavior if the corresponding
login.conf fields are not present. OK deraadt@
millert [Wed, 23 Mar 2022 14:39:52 +0000 (14:39 +0000)]
setclasscontext: support LOGIN_SETRTABLE too
Do not clear LOGIN_SETRTABLE if it is set in flags.
OK deraadt@
krw [Wed, 23 Mar 2022 14:36:01 +0000 (14:36 +0000)]
When configuring a scsi_link that has passed dev_probe() but
fallen at one of the subsequent hurdles of scsi_probe_link()
don't partially replicate scsi_discard_link(). Just
call scsi_discard_link(). It now handles such partially configured
scsi_link's.
robert [Wed, 23 Mar 2022 14:23:44 +0000 (14:23 +0000)]
use llvm-ranlib where llvm-ar is used so that they are in line with each
other
jsg [Wed, 23 Mar 2022 13:03:36 +0000 (13:03 +0000)]
KASSERT() that an id read from a descriptor is valid before using it
as an index into an array.
Reported by Demi Marie Obenour of Invisible Things Lab.
feedback and ok jmatthew@
stsp [Wed, 23 Mar 2022 09:22:49 +0000 (09:22 +0000)]
Improve 802.11ac throughput on iwm(4) at a distance to the access point.
iwm(4) didn't attribute retries to the correct MCS, resulting in lower
MCS being punished unfairly when a higher MCS kept failing.
Tested by bket, florian, Uwe Werler, and myself.
ok bket
stsp [Wed, 23 Mar 2022 09:21:47 +0000 (09:21 +0000)]
Fix a few bugs in the net80211 VHT rate adaptation code.
Actually set rn->best_nss after deciding on a new best rate.
We are now switching between SISO and MIMO rates as intended.
When switching between ratesets, avoid switching directly to the highest
rate in the new rateset, which might be MCS 9 and not work at all from a
distance. Instead, use the most recently determined best rate in the set.
The bit which corresponds to the current best MS will not be set in the
rn->probed_rates[] array while we are probing an MCS other than the best.
Checking for this bit was simply wrong and prevented us from probing the
next rateset unless we managed to successfully probe up all the way
to the highest MCS in the current set.
Also fix errors in debug output.
Tested by bket, florian, Uwe Werler, and myself.
ok bket@
sashan [Wed, 23 Mar 2022 09:01:59 +0000 (09:01 +0000)]
resurrect pf_consistency_lock as pfioctl_rw this time. pfioctl_rw
serializes access to pf(4) from concurrent processes which
change/read firewall configuration.
OK bluhm@
deraadt [Wed, 23 Mar 2022 02:18:22 +0000 (02:18 +0000)]
Now that libc setusercontext() handling of setrtable is repaired, su(8)
can set LOGIN_SETRTABLE once again.
ok millert
bluhm [Wed, 23 Mar 2022 00:16:07 +0000 (00:16 +0000)]
For raw IPv6 packets rip6_input() traverses the loop of all PCBs.
From there it calls sbappendaddr() while holding the raw6 table
mutex. This ends in sorwakeup() where we finally grab the kernel
lock while holding a mutex. Witness detects this misuse.
Use the same solution as for PCB notify. Collect the affected PCBs
in a temporary list. The list is protected by exclusive net lock.
Reported-by: syzbot+5b2679ee9be0895d26f9@syzkaller.appspotmail.com
OK claudio@
bluhm [Tue, 22 Mar 2022 22:58:00 +0000 (22:58 +0000)]
Call tls_close() in libevent TLS wrapper of syslogd when the other
side terminates the TLS connection. It results in a proper shutdown
and the TLS peer has a chance to detect errors. This is expecially
important for the client side. Due to the reduced TLS 1.3 handshake,
errors might be undetected and log messages dropped silently. By
doing a matching TLS shutdown on his side, the client can receive
the error.
Instead of checking socket writability and calling tls_close()
repeatedly, syslogd calls it only once. As the other side has
closed the connection anyway it is our turn to write the shutdown
message. Do not care about errors here and avoid complexity.
OK tb@
deraadt [Tue, 22 Mar 2022 20:36:49 +0000 (20:36 +0000)]
minor KNF cleanups during a re-read
bluhm [Tue, 22 Mar 2022 18:27:21 +0000 (18:27 +0000)]
Extract the type from the ICMP6 header before looping over Raw IPv6
PCBs. This make mutex and error handling easier.
OK claudio@
bluhm [Tue, 22 Mar 2022 18:17:30 +0000 (18:17 +0000)]
For raw IP packets rip_input() traverses the loop of all PCBs. From
there it calls sbappendaddr() while holding the raw table mutex.
This ends in sorwakeup() where we finally grab the kernel lock while
holding a mutex. Witness detects this misuse.
Use the same solution as for PCB notify. Collect the affected PCBs
in a temporary list. The list is protected by exclusive net lock.
syzbot+
ebe3f03a472fecf5e42e@syzkaller.appspotmail.com
OK claudio@
bluhm [Tue, 22 Mar 2022 18:02:54 +0000 (18:02 +0000)]
Fix whitespace.
krw [Tue, 22 Mar 2022 16:29:58 +0000 (16:29 +0000)]
Nuke increasingly pointless comment. Shorten a line and
compare pointer to NULL instead of 0.
No functional change.
kettenis [Tue, 22 Mar 2022 15:38:27 +0000 (15:38 +0000)]
Polish the bits that copy the firmware in place on Apple systems a bit more.
This mostly adds some checks to make sure that if for some reason the firmware
files aren't present on the EFI System Partition the users doesn't see
several error messages.
ok deraadt@
claudio [Tue, 22 Mar 2022 10:57:08 +0000 (10:57 +0000)]
Adjust test after the change to TAILQ in struct prefix.
claudio [Tue, 22 Mar 2022 10:53:08 +0000 (10:53 +0000)]
Switch from a LIST to TAILQ for the structure to store prefixes on a
rib_entry. Mostly mechanical, this simplifies prefix_insert() and
prefix_remove() since the redo queue can now just use TAILQ_INSERT_TAIL().
rde_softreconfig_sync_reeval() needs to use TAILQ_CONCAT() to move
the list of prefixes over to the local TAILQ_HEAD to reapply them later.
OK tb@
kettenis [Tue, 22 Mar 2022 10:33:50 +0000 (10:33 +0000)]
Copy the FDT into a larger buffer such that we have space to add additional
nodes and properties to it like we do on arm64 and armv7.
ok patrick@
kettenis [Tue, 22 Mar 2022 10:32:10 +0000 (10:32 +0000)]
After copying the FDT into a new larger buffer, adjust the FDT size to
reflect the size of the new buffer like we do on arm64.
ok patrick@
miod [Tue, 22 Mar 2022 06:51:12 +0000 (06:51 +0000)]
Make sure kernel longjmp always returns 1 rather than what turns out to be
in a register at call-time.
with & ok jsg@
miod [Tue, 22 Mar 2022 06:49:25 +0000 (06:49 +0000)]
Fix wrong comment in sendsig(), and remove unused dumpframe()
ok jsg@
miod [Tue, 22 Mar 2022 06:48:36 +0000 (06:48 +0000)]
Do not bother initializing a0 with a special value in setregs, that's a
FreeBSDism we have no need for.
ok jsg@
miod [Tue, 22 Mar 2022 06:47:38 +0000 (06:47 +0000)]
Change VM_MIN_ADDRESS to PAGE_SIZE to forbid mapping anything at virtual
address zero, as done on all other platforms.
ok deraadt@ kettenis@
miod [Tue, 22 Mar 2022 06:46:45 +0000 (06:46 +0000)]
Do not pretend there exist MD code for byte swapping yet provide copies
of the MI fallback code; ok deraadt@ jsg@
bluhm [Mon, 21 Mar 2022 23:37:09 +0000 (23:37 +0000)]
For multicast and broadcast packets udp_input() traverses the loop
of all UDP PCBs. From there it calls udp_sbappend() while holding
the UDP table mutex. This ends in sorwakeup() where we finally
grab the kernel lock while holding a mutex. Witness detects this
misuse.
Use the same solution as for PCB notify. Collect the affected PCBs
in a temporary list. The list is protected by exclusive net lock.
Reported-by: syzbot+7596cb96fb9f3c9d6f4f@syzkaller.appspotmail.com
OK sashan@
kettenis [Mon, 21 Mar 2022 19:46:56 +0000 (19:46 +0000)]
Reduce dmesg spam by nor printing the "Apple" firmware name.
ok patrick@
bluhm [Mon, 21 Mar 2022 19:39:56 +0000 (19:39 +0000)]
Fix whitespace. Wrap long lines. Adjust outdated comment.
miod [Mon, 21 Mar 2022 19:22:39 +0000 (19:22 +0000)]
Constify struct {audio,midi,radio,video}_hw_if. No functional change.
ok mpi@ ratchov@ "More const is good" deraadt@
claudio [Mon, 21 Mar 2022 17:35:56 +0000 (17:35 +0000)]
Remove the active prefix cache in struct rib_entry. I need the space
and it also makes less sense to track this with ECMP or add-path.
Replace the re->active access with prefix_best(re) which does the
check on the spot.
Feedback and OK tb@
florian [Mon, 21 Mar 2022 16:25:47 +0000 (16:25 +0000)]
Prevent crash of unprivileged engine process (pledged stdio).
The length field of a DNS label in the DNS search list option is an 8
bit unsigned value. parse_dnssl() treats the search list option as an
array of char, which are signed on most archs. When we read this value
into an int variable it gets sign extended, allowing it to bypass
sanity checks and eventually we pass it as the length to memcpy which
treats it as a huge unsigned value leading to a heap overflow.
An easy fix would be change the signature of parse_dnssl to
parse_dnssl(uint8_t* data, int datalen).
However, the DNS search list option is unused and the function fails
to check if the parsed value is a valid domain name. The function is
also getting in the way of future work so it's best to just delete it.
The problem was found and reported by qualys, thanks!
OK bluhm
miod [Mon, 21 Mar 2022 14:56:16 +0000 (14:56 +0000)]
Display the supported media list in a similar way to the other drivers,
without angle brackets.
ok jmc@
kettenis [Mon, 21 Mar 2022 13:38:34 +0000 (13:38 +0000)]
Update hw.power whenever we refresh the AC state. This makes sure the state
doesn't get out of sync with what apm(8) reports if power is plugged or
unplugged when a machine is suspended. Which in turn makes sure the machine
properly goes into a low CPU P-state when requested.
ok deraadt@, florian@
claudio [Mon, 21 Mar 2022 13:33:20 +0000 (13:33 +0000)]
Adjust how RIB are reloaded when their flags (esp. no evaluate) changes.
First flush all affected Adj-RIB-Out and then in a second step re-evaluate
the RIB itself. The no evaluate case becomes simpler. Fix the way
prefixes are re-evaluated, the list remove needs to be explict and not
part of prefix_evaluate() as in most other cases since this list is not
part of the rib_entry.
OK tb@
krw [Mon, 21 Mar 2022 12:57:46 +0000 (12:57 +0000)]
Whitespace tweaks.
thfr [Mon, 21 Mar 2022 12:18:52 +0000 (12:18 +0000)]
Add support for XBox One gamecontroller, including report descriptor.
Based on previous XBox 360 controller code and NetBSD's implementation.
Tested by me and solene@.
Input by solene@ and stsp@.
ok stsp@ phessler@
ok solene@ for an earlier version.
claudio [Mon, 21 Mar 2022 10:39:51 +0000 (10:39 +0000)]
Make sure that the string generated by pretty_key_id() is always properly
NUL terminated.
Diff by Martin Vahlensieck <openbsd () academicsolutions ! ch>
OK tb@
claudio [Mon, 21 Mar 2022 10:16:23 +0000 (10:16 +0000)]
Adjust to renaming of F_CTL_ACTIVE/F_PREF_ACTIVE to F_CTL_ACTIVE/F_PREF_BEST
OK tb@
claudio [Mon, 21 Mar 2022 10:15:34 +0000 (10:15 +0000)]
Rename F_CTL_ACTIVE and F_PREF_ACTIVE to the more correct
F_CTL_BEST and F_PREF_BEST. This is used to mark the one
best path in bgpctl. When ECMP support is added then more
then one path can be active.
OK tb@
bluhm [Mon, 21 Mar 2022 09:12:34 +0000 (09:12 +0000)]
Header netinet/in_pcb.h includes sys/mutex.h now. Recommit mutex
for PCB tables. It does not break userland build anymore.
pf_socket_lookup() calls in_pcbhashlookup() in the PCB layer. To
run pf in parallel, make parts of the stack MP safe. Protect the
list and hashes in the PCB tables with a mutex.
Note that the protocol notify functions may call pf via tcp_output().
As the pf lock is a sleeping rw_lock, we must not hold a mutex. To
solve this for now, collect these PCBs in inp_notify list and protect
it with exclusive netlock.
OK sashan@
miod [Mon, 21 Mar 2022 06:48:00 +0000 (06:48 +0000)]
Remove unused files which serve no purpose in OpenBSD; with and ok jsg@
(works better with `cvs rm' prior to commit...)
miod [Mon, 21 Mar 2022 06:45:50 +0000 (06:45 +0000)]
Remove unused files which serve no purpose in OpenBSD; with and ok jsg@
visa [Mon, 21 Mar 2022 05:45:52 +0000 (05:45 +0000)]
Remove data dependency barrier from atomic_load_* functions
This makes the atomic_load_* functions relaxed in terms of memory
ordering. Now it should be acceptable to use these functions in
assertions.
The need of the data dependency barrier is conditioned to usage.
The barrier is unnecessary for the control decisions that cond_wait()
and refcnt_finalize() make. READ_ONCE() and SMR_PTR_GET() use the
barrier so that loaded pointers would work as excepted in lock-free
contexts (some Alpha CPUs have a data cache design that can cause
unusual load-load reordering if not synchronized properly).
OK bluhm@
dlg [Mon, 21 Mar 2022 04:35:41 +0000 (04:35 +0000)]
default the conffile variable to the default file name instead of NULL.
this avoids having to test for NULL and swap the right name in place
in a bunch of places. it also avoids having NULL passed to format
strings in the parser.
the only place where it actually matters if we're using the default
or not is when we're parsing the config. if you don't specify a
config, and the default file doesnt exist, that's ok.
ok florian@
dlg [Mon, 21 Mar 2022 04:00:56 +0000 (04:00 +0000)]
call in_pcbselsrc from rip_output so route sourceaddr can take effect.
previously things that used sendto or similar with raw sockets would
ignore any configured sourceaddr. this made it inconsistent with
other traffic, which in turn makes things confusing to debug if
you're using ping or traceroute (which use raw sockets) to figure
out what's happening to other packets.
the ipv6 equiv already does this too.
ok sthen@ claudio@
dlg [Mon, 21 Mar 2022 03:51:09 +0000 (03:51 +0000)]
treat 255.255.255.255 like an mcast address in in_pcbselsrc.
this allows the IP_MULTICAST_IF sockopt to specify which address
you want to send a limited broadcast (255.255.255.255) packet out
of.
requested by and ok claudio@
krw [Mon, 21 Mar 2022 00:20:40 +0000 (00:20 +0000)]
No point in calling scsi_link_shutdown() if link->pool is NULL.
Ditto config_detach() if link->device_softc is NULL.
Currently just some extra paranoia, but will allow simplification
of exit logic in scsi_probe_link() and other future uses of
scsi_detach_link() on partially configured links.
No intentional functional change.
millert [Sun, 20 Mar 2022 23:24:03 +0000 (23:24 +0000)]
setusercontext: only call setrtable(2) if "rtable" set explicitly.
When LOGIN_SETRTABLE is set in flags, only call setrtable(2) if
there is an "rtable" entry in login.conf. Previously, a default
value of 0 was used if the capability was missing. That had the
effect of resetting the rtable for every program that uses
setusercontext(3), even if a different rtable was chosen by, e.g.,
"route -T exec command". OK deraadt@ matthieu@