tb [Wed, 13 Dec 2023 05:57:37 +0000 (05:57 +0000)]
x509_asn1: avoid lookup table that makes some compilers whine
djm [Wed, 13 Dec 2023 03:28:19 +0000 (03:28 +0000)]
when invoking KnownHostsCommand to determine the order of host key
algorithms to request, ensure that the hostname passed to the command
is decorated with the port number for ports other than 22.
This matches the behaviour of KnownHostsCommand when invoked to look
up the actual host key.
bz3643, ok dtucker@
deraadt [Wed, 13 Dec 2023 02:42:36 +0000 (02:42 +0000)]
actually remove it, pointed out by jsg
deraadt [Wed, 13 Dec 2023 02:31:15 +0000 (02:31 +0000)]
another syscall(2) removal chunk got lost
jsg [Wed, 13 Dec 2023 00:37:42 +0000 (00:37 +0000)]
filedescriptor -> file descriptor
deraadt [Tue, 12 Dec 2023 23:43:35 +0000 (23:43 +0000)]
two syscall(2) removal chunks got lost
kn [Tue, 12 Dec 2023 22:00:43 +0000 (22:00 +0000)]
Make -o less special, drop -o '' support, always use last value
ftp(1) says -o is about a single file/URL, but option handling takes the
empty string as "reset previous -o value", which makes little sense, is
undocumented and counter-intuitively works as if no -o was specified.
OK millert
martijn [Tue, 12 Dec 2023 20:18:39 +0000 (20:18 +0000)]
The OID inside snmpTrapOID is of type NOTIFICATION-TYPE, which does not
have a zero appended.
OK tb@
martijn [Tue, 12 Dec 2023 20:15:49 +0000 (20:15 +0000)]
Do a bitter cleanup after the config defined objects on shutdown.
OK tb@
deraadt [Tue, 12 Dec 2023 17:43:10 +0000 (17:43 +0000)]
put pinsyscalls(2) into the "always" group
deraadt [Tue, 12 Dec 2023 17:39:14 +0000 (17:39 +0000)]
repair type for 2nd arg of read(2)
claudio [Tue, 12 Dec 2023 15:54:18 +0000 (15:54 +0000)]
io_read_buf() abused the ibuf internal rpos which is no longer allowed.
This is now just a simple wrapper around ibuf_get().
OK tb@
claudio [Tue, 12 Dec 2023 15:52:58 +0000 (15:52 +0000)]
ibuf_getdata() abuses the rpos from the ibuf. This is no longer allowed
and breaks because ibuf_seek() now uses rpos itself. Now this is just
ibuf_get_ibuf() with an extra allocation done.
OK tobhe@ tb@
claudio [Tue, 12 Dec 2023 15:50:39 +0000 (15:50 +0000)]
Sync
claudio [Tue, 12 Dec 2023 15:49:21 +0000 (15:49 +0000)]
Move ibuf API from imsg_init.3 to ibuf_add.3
Document all new functions added and adjust examples in imsg_init.3
to follow the new way of handling messages.
OK tb@
claudio [Tue, 12 Dec 2023 15:47:40 +0000 (15:47 +0000)]
Extend imsg and ibuf API with useful getter methods
For ibufs:
- various getters for ibufs (ibuf_get* and ibuf_skip)
- additional ibuf set/add functions that don't alter byte order
- ibuf_truncate and ibuf_rewind
- ibuf_from_buffer and ibuf_from_ibuf to populate a reader ibuf
- a getter for the msgbuf queuelen
For imsg:
- various getters for imsg (especially imsg_get_data() which can be used
in most cases as a simple one call api with all error checks).
All the imsg.hdr fields can also be accessed by getters.
- The imsg data is now actually an ibuf but the old imsg.data pointer is
kept for now to not break every imsg application.
- Introduce imsg_forward to simply forward a message from one channel to
an other (used in the control socket code).
Since this requires a major bump take the oportunity to also cleanup some
function signatures to use size_t for length fields. Also internal data
structures are removed from the public header.
With and OK tb@
deraadt [Tue, 12 Dec 2023 15:44:00 +0000 (15:44 +0000)]
To avoid kbind(2) becoming a powerful gadget, it is called inline to a
function. Therefore we cannot create a precise pinsyscall label. Instead
create a duplicate entry (using inline asm) to force the kernel's pinsyscall
code to skip validation, rather than labelling it illegal. kbind(2) remains
safe because it self-protects by checking its calling address.
ok kettenis
deraadt [Tue, 12 Dec 2023 15:41:47 +0000 (15:41 +0000)]
sync
deraadt [Tue, 12 Dec 2023 15:41:24 +0000 (15:41 +0000)]
crank libc major because syscall(2) was removed
deraadt [Tue, 12 Dec 2023 15:38:15 +0000 (15:38 +0000)]
sync
deraadt [Tue, 12 Dec 2023 15:32:58 +0000 (15:32 +0000)]
sync
deraadt [Tue, 12 Dec 2023 15:30:55 +0000 (15:30 +0000)]
remove support for syscall(2) -- the "indirection system call" because
it is a dangerous alternative entry point for all system calls, and thus
incompatible with the precision system call entry point scheme we are
heading towards. This has been a 3-year mission:
First perl needed a code-generated wrapper to fake syscall(2) as a giant
switch table, then all the ports were cleaned with relatively minor fixes,
except for "go". "go" required two fixes -- 1) a framework issue with
old library versions, and 2) like perl, a fake syscall(2) wrapper to
handle ioctl(2) and sysctl(2) because "syscall(SYS_ioctl" occurs all over
the place in the "go" ecosystem because the "go developers" are plan9-loving
unix-hating folk who tried to build an ecosystem without allowing "ioctl".
ok kettenis, jsing, afresh1, sthen
mvs [Tue, 12 Dec 2023 12:38:52 +0000 (12:38 +0000)]
slyle(9) fix. No functional changes.
deraadt [Tue, 12 Dec 2023 07:37:20 +0000 (07:37 +0000)]
The sigtramp was calling sigreturn(2), and upon failure exit(2), which
doesn't make sense anymore. It is better to just issue an illegal
instruction.
ok kettenis, with some misgivings about inconsistant approaches between
architectures.
In the future we could change sigreturn(2) to never return an exit code,
but always just terminate the process. We stopped this system call
from being callable ages ago with msyscall(2), and there is no stub for
it in libc.. maybe that's the next step to take?
deraadt [Tue, 12 Dec 2023 01:45:27 +0000 (01:45 +0000)]
sync
mvs [Tue, 12 Dec 2023 00:03:31 +0000 (00:03 +0000)]
Turn `pflowstats' statistics counters into per-CPU counters to make them
mpsafe.
The weird interactions around `pflow_flows' and `sc_gcounter' replaced
by simple `pflow_flows' increment. Since the flow sequence is the 32
bits integer, the `sc_gcounter' type replaced by the type of uint32_t.
ok bluhm sashan
deraadt [Mon, 11 Dec 2023 22:29:23 +0000 (22:29 +0000)]
Make sure the syscall table entries are aligned on a 4-byte boundary.
Required for strict-alignment architectures and a good idea on others.
same as kettenis commit to libc
kettenis [Mon, 11 Dec 2023 22:24:15 +0000 (22:24 +0000)]
Make sure the syscall table entries are aligned on a 4-byte boundary.
Required for strict-alignment architectures and a good idea on others.
ok deraadt@
kettenis [Mon, 11 Dec 2023 22:12:52 +0000 (22:12 +0000)]
Implement per-CPU caching for the page table page (vp) pool and the PTE
descriptor (pted) pool in the arm64 pmap implementation. This
significantly reduces the side-effects of lock contention on the kernel
map lock that is (incorrectly) translated into excessive page daemon
wakeups. This is not a perfect solution but it does lead to significant
speedups on machines with many CPU cores.
This requires adding a new pmap_init_percpu() function that gets called
at the point where kernel is ready to set up the per-CPU pool caches.
Dummy implementations of this function are added for all non-arm64
architectures. Some other architectures can probably benefit from
providing an actual implementation that sets up per-CPU caches for
pmap pools as well.
ok phessler@, claudio@, miod@, patrick@
kettenis [Mon, 11 Dec 2023 19:52:40 +0000 (19:52 +0000)]
Synchronize datasize-cur limit for staff with the default class.
ok deraadt@, millert@, phessler@
job [Mon, 11 Dec 2023 19:05:20 +0000 (19:05 +0000)]
Warn when the same manifestNumber is recycled across multiple issuances of that manifest
OK tb@
job [Mon, 11 Dec 2023 15:50:23 +0000 (15:50 +0000)]
Log a warning when a manifest replay is detected
OK tb@ claudio@
jmc [Mon, 11 Dec 2023 15:21:14 +0000 (15:21 +0000)]
ampchwm:
- lowercase Nd
- add arch to Dt
acpi.4:
- add entry for ampchwm
ok claudio
krw [Mon, 11 Dec 2023 14:27:09 +0000 (14:27 +0000)]
Fix the shift of status bits 2:0 to 11:9 from <<8 to <<9.
Fix the mask of shifted 8 bit field from 0x7f to 0xff.
Allows proper decoding of status fields SCT and SC.
From mlelstv@netbsd via NetBSD.
ok miod@
mvs [Mon, 11 Dec 2023 14:25:09 +0000 (14:25 +0000)]
Turn `pflow_softc' list into SMR list.
Since the revision 1.1182 of net/pf.c netlock is not taken while
export_pflow() called from pf_purge_states(). Current locks order
requires netlock to be taken before PF_LOCK(), so there is no reason
to turn it back into this path only for optional export_pflow() call.
The `pflowif_list' foreach loop has no context switch within, so SMR
list is better than mutex(9).
Tested by Hrvoje Popovski.
ok sashan bluhm
claudio [Mon, 11 Dec 2023 11:17:34 +0000 (11:17 +0000)]
Manpage for ampchwm(4) - Ampere Altra Fine-Grained Power Telemetry
claudio [Mon, 11 Dec 2023 11:15:44 +0000 (11:15 +0000)]
Add ampchwm(4) a driver to access the Ampere Altra Fine-Grained Power Telemetry
This adds per core energy sensors (in Joules) and one per SoC temparature
sensor.
OK kettenis@ deraadt@
jan [Mon, 11 Dec 2023 09:40:42 +0000 (09:40 +0000)]
vio(4): simplify mbuf parsing with ether_extract_headers()
ok sf@
jsg [Mon, 11 Dec 2023 05:29:02 +0000 (05:29 +0000)]
drm/amd/display: Fix MPCC 1DLUT programming
From Ilya Bakoulin
10ce6301009fa46ba264ed75b822115ec3ca6e67 in linux-6.1.y/6.1.66
6f395cebdd8927fbffdc3a55a14fcacf93634359 in mainline linux
jsg [Mon, 11 Dec 2023 05:27:19 +0000 (05:27 +0000)]
drm/amd/display: Fix the delta clamping for shaper LUT
From Harry Wentland
8332cb6c63394f32117a6f46a8cf7bedb8eec0b1 in linux-6.1.y/6.1.66
27fc10d1095f7a7de7c917638d7134033a190dd8 in mainline linux
jsg [Mon, 11 Dec 2023 05:25:29 +0000 (05:25 +0000)]
drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut
From Melissa Wen
442a4d4d01579d5d7066d0653898ffbb4091e3be in linux-6.1.y/6.1.66
94369589e4ec13c762fe10a1fdc4463bdfee5d5f in mainline linux
jsg [Mon, 11 Dec 2023 05:23:45 +0000 (05:23 +0000)]
drm/amd/display: Expand kernel doc for DC
From Rodrigo Siqueira
6cd736272165d7a6a7d62fb0a40536ed3741ed02 in linux-6.1.y/6.1.66
1682bd1a6b5fb094e914d9b73b711821fd84dcbd in mainline linux
jsg [Mon, 11 Dec 2023 05:21:50 +0000 (05:21 +0000)]
drm/amd/pm: fix a memleak in aldebaran_tables_init
From Dinghao Liu
0e0a95166882e594af4ab4f8c6f7894c2c32f6a9 in linux-6.1.y/6.1.66
7a88f23e768491bae653b444a96091d2aaeb0818 in mainline linux
jsg [Mon, 11 Dec 2023 05:20:29 +0000 (05:20 +0000)]
drm/amd/display: Guard against invalid RPTR/WPTR being set
From Nicholas Kazlauskas
195514bda626b16fb6ef9ff4172dc0433a3c105b in linux-6.1.y/6.1.66
1ffa8602e39b89469dc703ebab7a7e44c33da0f7 in mainline linux
jsg [Mon, 11 Dec 2023 05:18:43 +0000 (05:18 +0000)]
drm/amd/display: Restore rptr/wptr for DMCUB as workaround
From JinZe Xu
395a63ca1ad2e0534176cac91f5715961e744529 in linux-6.1.y/6.1.66
8f3589bb6fcea397775398cba4fbcc46829a60ed in mainline linux
jsg [Mon, 11 Dec 2023 05:15:39 +0000 (05:15 +0000)]
dma-buf: fix check in dma_resv_add_fence
From Christian Koenig
fc98ea2699c090e0377d16d733dca7a0b7508237 in linux-6.1.y/6.1.66
95ba893c9f4feb836ddce627efd0bb6af6667031 in mainline linux
jsg [Mon, 11 Dec 2023 05:12:54 +0000 (05:12 +0000)]
drm/amd/display: fix ABM disablement
From Hamza Mahfooz
7cfc3884a8bb3b77efd035885c758fb33587f1b3 in linux-6.1.y/6.1.66
b9f46f0b98784e40288ee393f863f553fde062fa in mainline linux
jsg [Mon, 11 Dec 2023 05:11:15 +0000 (05:11 +0000)]
drm/amd/display: Update min Z8 residency time to 2100 for DCN314
From Nicholas Kazlauskas
859a3a9f1e6b4055fd96695d11defca050ecf5cf in linux-6.1.y/6.1.66
4636a211980052ca0df90265c8a3ed2d46099091 in mainline linux
jsg [Mon, 11 Dec 2023 05:09:01 +0000 (05:09 +0000)]
drm/amd/display: Use DRAM speed from validation for dummy p-state
From Alvin Lee
6ef7f13c72df6bc95d39eb1614306768141377db in linux-6.1.y/6.1.66
9be601135ba8ac69880c01606c82140f2dde105e in mainline linux
jsg [Mon, 11 Dec 2023 05:07:03 +0000 (05:07 +0000)]
drm/amd/display: Remove min_dst_y_next_start check for Z8
From Nicholas Kazlauskas
a67c18704706e0a9ccac9b7002e678d325aea123 in linux-6.1.y/6.1.66
08448812acb2ab701cd5ff7e1a1dc97f7f10260c in mainline linux
jsg [Mon, 11 Dec 2023 05:04:45 +0000 (05:04 +0000)]
drm/amd/display: Include udelay when waiting for INBOX0 ACK
From Alvin Lee
33ed892f0cdeb1350648cd3bfe8140aa9f792076 in linux-6.1.y/6.1.66
3c9ea68cb61bd7e5bd312c06a12adada74ff5805 in mainline linux
jsg [Mon, 11 Dec 2023 05:02:38 +0000 (05:02 +0000)]
drm/amdgpu: Force order between a read and write to the same address
From Alex Sierra
c5cf436c8969516c92aaceb87582ff19bd187756 in linux-6.1.y/6.1.66
4b27a33c3b173bef1d19ba89e0b9b812b4fddd25 in mainline linux
jsg [Mon, 11 Dec 2023 05:00:24 +0000 (05:00 +0000)]
drm/amd: Enable PCIe PME from D3
From Mario Limonciello
c6088429630048661e480ed28590e69a48c102d6 in linux-6.1.y/6.1.66
6967741d26c87300a51b5e50d4acd104bc1a9759 in mainline linux
jsg [Mon, 11 Dec 2023 04:56:54 +0000 (04:56 +0000)]
add dma_fence_is_later_or_same() for 6.1.66 drm
deraadt [Mon, 11 Dec 2023 03:05:15 +0000 (03:05 +0000)]
arm just had to be different and change the syntax for .pushsection
arguments, so we have to cope.
deraadt [Mon, 11 Dec 2023 02:30:36 +0000 (02:30 +0000)]
Oops, wrong argument to macro
deraadt [Mon, 11 Dec 2023 00:40:31 +0000 (00:40 +0000)]
Report system call pinning violations.
deraadt [Mon, 11 Dec 2023 00:39:43 +0000 (00:39 +0000)]
Add an accounting flag for syscall pinning violations.
deraadt [Mon, 11 Dec 2023 00:35:06 +0000 (00:35 +0000)]
sync
deraadt [Mon, 11 Dec 2023 00:34:24 +0000 (00:34 +0000)]
document upcoming pinsyscalls(2) system call
ok kettenis, some tweaks from jmc
dv [Sun, 10 Dec 2023 21:25:14 +0000 (21:25 +0000)]
vmm(4): flush EPTs after enabling VMX mode.
The Intel SDM states the vmxon/vmxoff instructions don't invalidate
any EPT states on the cpu and recommend invalidating the global
context. vmm(4) opportunistically disables and enables VMX mode as
vms are created or terminated, so this adds a recommended
housekeeping step per the SDM.
While here, tidy up the CR4 toggling by moving it to after the MSR
feature check.
ok mlarkin@
tb [Sun, 10 Dec 2023 19:20:06 +0000 (19:20 +0000)]
evp_test: zap extra empty line
miod [Sun, 10 Dec 2023 19:03:37 +0000 (19:03 +0000)]
The new cinematic to get sensor information as soon as possible sometimes
runs too fast for the device and causes it to stutter its identification
string. Check if the second string chunk matches the first one, and ignore
it in this case, the correct data will come later.
deraadt [Sun, 10 Dec 2023 16:59:51 +0000 (16:59 +0000)]
sync
deraadt [Sun, 10 Dec 2023 16:59:09 +0000 (16:59 +0000)]
pinsyscalls(2) 2nd argument can be "uint *" instead of "void *
ok kettenis
deraadt [Sun, 10 Dec 2023 16:56:01 +0000 (16:56 +0000)]
Add a new label "sigcodecall" inside every sigtramp definition, directly
in front of the syscall instruction. This is used to calculate the start
of the syscall for SYS_sigreturn and pinned system calls.
ok kettenis
deraadt [Sun, 10 Dec 2023 16:45:50 +0000 (16:45 +0000)]
Populate the non-LOAD openbsd.syscalls section (and PT_OPENBSD_SYSCALL)
with {uint offset, uint syscall#} entries in libc & ld.so.
In libc a few syscall# entries (break, sigprocmask, _tfork, _threxit)
are duplicated because additional or inline uses occur (that situation
is handled elsewhere)
ok kettenis
job [Sun, 10 Dec 2023 14:18:23 +0000 (14:18 +0000)]
Since errno isn't used here, use warnx() instead of warn()
OK tb@
ratchov [Sun, 10 Dec 2023 06:32:14 +0000 (06:32 +0000)]
Skip interfaces already claimed by other uaudio(4) instances.
Fixes support of devices that attach multiple uaudio(4) drivers.
Every uaudio(4) instance parses the full set of device descriptors
because there are multiple interfaces per driver instance. If there is
a second uaudio(4) instance (i.e. a second control & stream interfaces
combo), the latter must skip the interfaces already used by the first
one (if it didn't, multiple uaudio(4) would try to use the same
interface and neither would work).
Help from and ok armani@.
jca [Sat, 9 Dec 2023 23:00:11 +0000 (23:00 +0000)]
Add basic write support for 'pax' format archives
Keep writing archives in ustar format by default. People can test the
posix 'pax' format using pax(1) -w -x pax ... or cpio -o -H pax ...;
tar(1) can't exercise this code yet. Only long names file and link
names are supported for now.
With input and tests from caspar@, ok millert@
ratchov [Sat, 9 Dec 2023 22:12:03 +0000 (22:12 +0000)]
Fix wrong call to slot->ops->exit() causing server to abort.
ok kn@
jan [Sat, 9 Dec 2023 10:36:05 +0000 (10:36 +0000)]
vio(4) add recv TCP/UDP checksum offloading
tested on Linux/KVM
tested on proxmox and vultr by florian
ok florian
job [Sat, 9 Dec 2023 00:44:18 +0000 (00:44 +0000)]
Following a failed fetch, use a previously cached and valid Manifest
RPKI Manifests enable Relying Parties (RPs) to detect replay attacks,
unauthorized in-flight modification, or deletion of signed objects. RPs
can accomplish these security functions by comparing (what is expected
to be) a monotonically increasing counter (the 'manifestNumber') - to
determine what the latest Manifest is; a list of filenames - in order to
establish whether the complete set of files was fetched; and a list of
SHA256 message digests to ascertain whether the content's of said files
are exactly the same as the CA intended them to be.
Over time, two schools of thought arose. One philosophy is that the
highest numbered cryptographically valid Manifest represents the express
intent of the CA, so if manifest-listed files are missing, someone
upstream messed up and gets to enjoy the broken pieces. After all, RFC
9286 section 5.2 puts the onus firmly on the repository operator to
publish in a consistent manner. Here, "consistent" means that newly
issued manifests - in the same RRDP delta - are bundled together with
all new or changed ROAs, and that remote RSYNC repositories are
atomically updated (for example, using symlink pivots).
To overcome various types of inconsistent, transient, or intermediate
states of the remote publication point - previous versions of rpki-client
did construct the full CARepository state using a mix of objects from both
its local validated cache and the RRDP/RSYNC staging directories
(which contain purported new versions of the objects).
However, another take on RFC 9286 section 6.6's "use cached versions of
the objects" is that 'the objects' not only refers to the listed
subordinate products (such as ROAs/Certificates/ASPAs), but also to
Manifests themselves. The philosophy being that lower numbered
cryptographically valid Manifests with a complete & untampered set of
files are to be preferred over a higher numbered cryptographically valid
Manifests accompanied by incomplete sets of files. Consequently -
potentially - producing more stable VRP outputs, at the expense of being
magnanimous towards sloppy CAs and repository operators.
Going forward, rpki-client logs errors when inconsistent publications
are encountered, but also proceeds to use older cryptographically valid
Manifests (from previous successful fetches) in order to construct
the tree.
With and OK tb@, and also thanks to Ties de Kock from RIPE NCC.
mvs [Fri, 8 Dec 2023 23:15:44 +0000 (23:15 +0000)]
Add spaces around '='. style(9) fix, no functional changes.
mvs [Fri, 8 Dec 2023 23:13:40 +0000 (23:13 +0000)]
Introduce `sc_mtx' mutex(9) to protect the most of pflow_softc
structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst'
pflow_softc members by existing `sc_lock' rwlock(9).
This partially fixes locking inconsistency of pflow_softc. The following
work will be done with separate diffs.
Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from
pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference.
ok bluhm@
miod [Fri, 8 Dec 2023 19:14:36 +0000 (19:14 +0000)]
Make sure TIB_INIT correctly initializes tib_thread_flags; regression
introduced in 1.3, causing sporadic pthread_main_np() erroneous results
(and possibly more subtle problems).
With and ok kurt@
deraadt [Fri, 8 Dec 2023 13:58:41 +0000 (13:58 +0000)]
PT_OPENBSD_SYSCALLS is an extension that points to non-LOAD section
which contains {offset,syscall#} structures.
ok kettenis
deraadt [Fri, 8 Dec 2023 12:58:27 +0000 (12:58 +0000)]
locally us MAXIMUM() rather than MAX()
ok tb gnezdo
markus [Fri, 8 Dec 2023 09:18:39 +0000 (09:18 +0000)]
prevent leak in sshsig_match_principals; ok djm@
tb [Fri, 8 Dec 2023 08:30:04 +0000 (08:30 +0000)]
Add regress coverage for OBJ_NAME_do_all*()
While this may seem a bit out of place since is an objects API by name,
it really is about EVP. Plus, we want to leverage some things we already
needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all*
but that will change soon).
miod [Fri, 8 Dec 2023 06:33:48 +0000 (06:33 +0000)]
New TEMPerHUM sensor; reported by Mikolaj Kucharski on bugs@
bluhm [Thu, 7 Dec 2023 23:47:48 +0000 (23:47 +0000)]
Run bind(2) and connect(2) stress test also with IPv6.
kettenis [Thu, 7 Dec 2023 21:57:34 +0000 (21:57 +0000)]
Collect .openbsd.syscalls sections into a new PT_OPENBSD_SYSCALLS segment.
This will be used soon to pin system calls to designated call sites.
ok deraadt@
bluhm [Thu, 7 Dec 2023 16:08:30 +0000 (16:08 +0000)]
Inpcb table mutex protects addr and port during bind(2) and connect(2).
in_pcbbind(), in_pcbconnect(), and in6_pcbconnect() have to set
addresses and ports within the same critical section as the inpcb
hash table calculation. Also lookup and address selection have to
be protected to avoid bindings and connections that are not unique.
For that in_pcbpickport() and in_pcbbind_locked() expect that the
table mutex is already taken. The functions in_pcblookup_lock(),
in_pcblookup_local_lock(), and in_pcbaddrisavail_lock() grab the
mutex iff the lock parameter is IN_PCBLOCK_GRAB. Otherwise the
parameter is IN_PCBLOCK_HOLD has the lock has to be taken already.
Note that in_pcblookup_lock() and in_pcblookup_local() return an
inp with increased reference iff they take and release the lock.
Otherwise the caller protects the life time of the inp.
This gives enough flexibility that in_pcbbind() and in_pcbconnect()
can hold the table mutex when they need it. The public inpcb API
does not change.
OK sashan@ mvs@
sthen [Thu, 7 Dec 2023 14:53:31 +0000 (14:53 +0000)]
add services entries for Matter, a protocol for discovery and comms
with "smart home"/IoT devices, which runs over TCP or UDP over v6 over
various physical/network layers (Ethernet, Wifi, or low power lossy
radio-based networks like Thread). req by Jordan Williams ok deraadt
https://csa-iot.org/wp-content/uploads/2022/11/22-27349-001_Matter-1.0-Core-Specification.pdf
deraadt [Thu, 7 Dec 2023 14:00:15 +0000 (14:00 +0000)]
sync
deraadt [Thu, 7 Dec 2023 13:59:04 +0000 (13:59 +0000)]
Add a stub pinsyscalls() system call that simply returns 0 for now,
before future work where ld.so(1) will need this new system call.
Putting this in the kernel ahead of time will save some grief.
ok kettenis
uwe [Thu, 7 Dec 2023 09:46:58 +0000 (09:46 +0000)]
avoid bad register access in eephy_reset for Marvell Alaska
88E1512
The register write before this change had no visible run-time effect
on
88E1512 under normal conditions but it tried to update a reserved
bit and might prevent the standard behaviour of breaking the link on
insufficient Inter-Packet Gaps.
Cross-checked with datasheets for supported variants. Extended special
control register 20 exists only in E1111 but not in E151x, E1545x, or
E3016. It seems that the register was dropped in E15xx and subsequent
designs.
Originally from stsp@
ok claudio@ stsp@
bluhm [Wed, 6 Dec 2023 22:57:14 +0000 (22:57 +0000)]
Add tests that create and delete cloned routes during connect(2).
djm [Wed, 6 Dec 2023 21:06:48 +0000 (21:06 +0000)]
short circuit debug log processing early if we're not going to
log anything. From Kobe Housen
otto [Wed, 6 Dec 2023 15:51:53 +0000 (15:51 +0000)]
Periodically reset constraint DNS info for constraints that failed
to reply; ok florian@
bluhm [Wed, 6 Dec 2023 14:41:52 +0000 (14:41 +0000)]
Stress test bind(2) and connect(2) system calls in OpenBSD regress.
bluhm [Wed, 6 Dec 2023 09:27:17 +0000 (09:27 +0000)]
Protect socket receive buffer in IP multicast routing.
Since soreceive() runs in parallel for raw sockets, sbappendaddr()
has to be protected by inpcb mutex. This was missing in multicast
forwarding which is running with a combination of shared net lock
and kernel lock. soreceive() uses shared net lock and mutex per
inpcb. Grab mutex before sbappendaddr() in socket_send() and
socket6_send().
panic receive 1 reported by Jo Geraerts
OK mvs@ claudio@
miod [Wed, 6 Dec 2023 06:15:33 +0000 (06:15 +0000)]
Move CALLSYS_NOERROR macro from <machine/asm.h> to libc, and expand it for
non-libc users. This is a two-liner macro anyway, and this will make
deraadt@'s future changes in this area easier to make. NFC
miod [Tue, 5 Dec 2023 20:49:31 +0000 (20:49 +0000)]
Add more devices which may attach ukbd (and thus wskbd) but should never be
considered as console keyboards.
claudio [Tue, 5 Dec 2023 15:50:45 +0000 (15:50 +0000)]
Cast uvmexp.swpages to long before multiplying by 99 to avoid integer
overflows on systems with big swap partitions.
OK kettenis@ miod@
kevlo [Tue, 5 Dec 2023 13:43:39 +0000 (13:43 +0000)]
timeout_del() the timer while stopping an interface so that no timeout
is fired afterwards.
ok claudio@
op [Tue, 5 Dec 2023 13:38:25 +0000 (13:38 +0000)]
reject headers that start with a space or tab
If the first header starts with a space but still contains a colon
character, it is added to the body mail effectively appending it to the
Received header due to the folding rules.
Issue reported by Crystal Kolipe
ok millert@, giovanni@
uwe [Tue, 5 Dec 2023 11:06:05 +0000 (11:06 +0000)]
Remove "disable auto-negotiation" workaround for Marvell Alaska PHYs
This avoids an intermediate link state (10baseT) before the interface
is configured via ifconfig(8), and is consistent with other MII
drivers and OSes.
The original reason for this workaround is mainly thought be related
to either reducing the time required for auto-negotiation to complete
or indeed incorrect advertisement of link capabilities.
Tested on Intel Elkhart Lake with dwqe(4) and
88E1512 PHY.
Originally from stsp@ with feedback from kettenis@.
ok kettenis@ claudio@
jsg [Tue, 5 Dec 2023 05:27:26 +0000 (05:27 +0000)]
boot_file was removed in arm64 machdep.c rev 1.55