tb [Sun, 16 Apr 2023 19:16:32 +0000 (19:16 +0000)]
Garbage collect the now unused obfuscating macro string_stack_free()
tb [Sun, 16 Apr 2023 19:15:31 +0000 (19:15 +0000)]
Inline the three uses of string_stack_free()
sk_OPENSSL_STRING_pop_free() is much more explicit and isn't that much
more complicated. x509_util.c can also use it directly...
No binary change
tb [Sun, 16 Apr 2023 18:50:28 +0000 (18:50 +0000)]
Remove the now unused vpm_int.h
tb [Sun, 16 Apr 2023 18:48:58 +0000 (18:48 +0000)]
x509_vfy.c and x509_vpm.c don't need vpm_int.h anymore
tb [Sun, 16 Apr 2023 18:42:30 +0000 (18:42 +0000)]
Move X509_VERIFY_PARAM_st from vpm_int.h to x509_local.h
kettenis [Sun, 16 Apr 2023 17:26:14 +0000 (17:26 +0000)]
Fix (and simplify) link speed reporting.
ok jsg@
jsing [Sun, 16 Apr 2023 17:06:19 +0000 (17:06 +0000)]
Provide EVP methods for SHA3 224/256/384/512.
ok tb@
jsing [Sun, 16 Apr 2023 16:42:06 +0000 (16:42 +0000)]
Provide EVP methods for SHA512/224 and SHA512/256.
ok tb@
jsing [Sun, 16 Apr 2023 15:32:16 +0000 (15:32 +0000)]
Bounds check mdlen that is passed to sha3_init().
While here, use KECCAK_BYTE_WIDTH instead of hardcoding the value.
kettenis [Sun, 16 Apr 2023 13:35:58 +0000 (13:35 +0000)]
Add PT_GNU_PROPERTY define.
ok deraadt@
dv [Sun, 16 Apr 2023 12:52:54 +0000 (12:52 +0000)]
vmd(8): correct comment in vioraw, cleanup formatting.
Comment incorrectly mentioned returning sectors when this function
returns bytes; the logic in virtio.c computes the number of 512
byte sectors after calling virtio_raw_init.
While here, adjust the formatting of return's to match the rest of vmd.
No functional change.
dv [Sun, 16 Apr 2023 12:47:26 +0000 (12:47 +0000)]
vmd(8): clean up fd closing in vmm process.
Some mild tidying of fd closing in the vmm process in prep for
landing parts of my fork+exec diff.
With input from guenther@ on the nuances of if/when EINTR may happen
in a call to close(2).
ok mlarkin@
kettenis [Sun, 16 Apr 2023 12:09:01 +0000 (12:09 +0000)]
Add support for the PCIe controller found on M2 Pro/Max SoCs. While the
bindings are still preliminary I don't exepect any substantial changes
that would affect the driver. Hopefully the bindings will end up
officially approved before OpenBSD 7.4 gets released.
ok patrick@
tb [Sun, 16 Apr 2023 12:08:03 +0000 (12:08 +0000)]
Shuffle ext_cmp() and ext_list_free() up a bit
tb [Sun, 16 Apr 2023 12:05:31 +0000 (12:05 +0000)]
Remove unnecessary prototypes in the middle of the code
In addition, ext_cmp() was already prototyped earlier...
tb [Sun, 16 Apr 2023 12:01:15 +0000 (12:01 +0000)]
Use more usual version of inlined nitems(). No binary change.
tb [Sun, 16 Apr 2023 11:59:50 +0000 (11:59 +0000)]
Fix comment formatting and grammar, drop usless and outdated comment
tb [Sun, 16 Apr 2023 11:53:40 +0000 (11:53 +0000)]
Remove now empty/unused ext_dat.h
tb [Sun, 16 Apr 2023 11:52:52 +0000 (11:52 +0000)]
Merge ext_dat.h back into x509_lib.c
There is no point in having this in a separate internal header.
discussed with jsing
kettenis [Sun, 16 Apr 2023 11:38:42 +0000 (11:38 +0000)]
Too many ACPI implementations advertise serial ports that aren't actually
implemented. This leads to hangs when we run "ttyflags -a" in /etc/rc.
Add the same probe that we have in the ISA version of the driver to make
sure the port is actually there.
ok patrick@
kettenis [Sun, 16 Apr 2023 11:34:32 +0000 (11:34 +0000)]
Add no-op implementations of the WSDISPLAYIO_GVIDEO and WSDISPLAYIO_SVIDEO
ioctls. Everything we need from them is handled by wsdisplay(4) already,
but we need to handle them here to signal that we actually implement
burner support.
ok tb@, tobhe@
kettenis [Sun, 16 Apr 2023 11:14:26 +0000 (11:14 +0000)]
Make enabling the BTI feature a per-pmap thing by storing the ATTR_GP bit
in a new pm_guarded member of struct pmap and using this member to add
the bits to the PTEs
ok deraadt@
kettenis [Sun, 16 Apr 2023 10:14:59 +0000 (10:14 +0000)]
Clear BTYPE bits when setting up a signal handler and when handling a
PT_CONTINUE ptrace(2) request. Otherwise we would trap if userland was
interrupted at a point where it is doing an indirect branch that has set
the bits but before it has executed the BTI instruction at the branch
target.
The PT_SETREGS request may need similar treatment, at least when the
PC is changed. But Linux doesn't do this and debuggers might want full
control over the BTYPE bits. So leave this alone for now.
ok guenther@
tb [Sun, 16 Apr 2023 09:13:46 +0000 (09:13 +0000)]
Mark X9.31 BN API for removal
This supports a mostly forgotten, seemingly unused and long retired
standard. No need for this in our public API Dyson sphere.
ok jsing
tb [Sun, 16 Apr 2023 09:11:06 +0000 (09:11 +0000)]
The BN reciprocal API will also become internal-only
This is unused outside of the library and could do with some reworking.
That's easier without having to care about outside consumers.
ok jsing
tb [Sun, 16 Apr 2023 09:08:20 +0000 (09:08 +0000)]
Various BN*init() will be removed from the public API
With the corresponding structs now being opaque, the only thing they are
good for outside the library are memory leaks. They will be removed
completely or become internal only.
ok jsing
tb [Sun, 16 Apr 2023 08:55:44 +0000 (08:55 +0000)]
Mark public bn_nist and ec_nist API for removal
The faster nist code is rife with problematic C. While this is generally
considered to be a pleonasm nowadays, here it specifically refers to
aliasing issues and other flavors of undefined behavior. With compilers
and standardization committees becoming seemingly more determined about
making C even more unusable than it already is, this code has resulted
in miscompilations and generally is a target rich environment for fuzzers
to feast on. We're better off without it. Go look while it's still there.
It's some of the very worst we have to offer.
ok jsing
tb [Sun, 16 Apr 2023 08:36:13 +0000 (08:36 +0000)]
Mark EC_KEY_{get,insert}_method_data() for removal
This is unused and in the way of some house keeping. Thus it will be
relocated to the attic.
ok jsing
tb [Sun, 16 Apr 2023 08:31:54 +0000 (08:31 +0000)]
Mark TS_VERIFY_CTX_init() for removal
With opaque TS_VERIFY_CTX the init function dangerous and useless.
It will be dropped.
ok jsing
tb [Sun, 16 Apr 2023 08:30:21 +0000 (08:30 +0000)]
Prepare addition of X509_STORE_CTX_get1_{certs,crls}(3)
X509_STORE_get1_{certs,crls}(3) was added to the OpenSSL 1.1 API with the
usual care. At some point later it was noticed that they didn't deal with
an X509_STORE at all, but rather with an X509_STORE_CTX, so were misnamed.
The fact that X509_STORE_CTX and X509_STORE have their roles reversed when
compared to other FOO vs FOO_CTX in this API may or may not be related.
Anyway, the X509_STORE versions will be demoted to compat defines and the
X509_STORE_CTX will be added to match OpenSSL 1.1 API more closely. This
was pointed out by schwarze a long time ago and missed in a few bumps.
Hopefully we'll manage to do it this time around.
ok jsing
tb [Sun, 16 Apr 2023 08:21:12 +0000 (08:21 +0000)]
Mark remaining policy tree public API for removal
ok jsing
tb [Sun, 16 Apr 2023 08:18:10 +0000 (08:18 +0000)]
Annotate policy tree STACK_OF() goo for removal from public API
ok jsing
tb [Sun, 16 Apr 2023 08:17:04 +0000 (08:17 +0000)]
The policy tree types become internal ony. Annotate them.
ok jsing
tb [Sun, 16 Apr 2023 08:14:34 +0000 (08:14 +0000)]
Cipher text stealing will go away. Mark it for removal.
ok jsing
tb [Sun, 16 Apr 2023 08:11:38 +0000 (08:11 +0000)]
Mark proxy policy API for removal in upcoming bump
ok jsing
tb [Sun, 16 Apr 2023 08:08:34 +0000 (08:08 +0000)]
Remove the now unused ex_pcpathlen from the X509 struct
ok jsing
tb [Sun, 16 Apr 2023 08:06:42 +0000 (08:06 +0000)]
More ProxyCertInfo tentacles go to the attic
This removes ProxyCertInfo from extension caching, issuer checking
and it also drops the special path validation for proxy certs from
the legacy verifier.
ok jsing
kettenis [Sun, 16 Apr 2023 08:02:45 +0000 (08:02 +0000)]
The lowest performance level state for the E-cores on the M2 Pro/Max is
2 instead of 1. Handle this by taking the lowest state from the opp tables
instead of hardcoding it. Fixes cpuperf on the M2 Pro/Max.
ok patrick@
tb [Sun, 16 Apr 2023 07:59:57 +0000 (07:59 +0000)]
Remove some dead code from the new verifier
The new verifier API is currently unused as we still operate the verifier
in legacy mode. Therefore ctx->xsc is always set and the EXFLAG_PROXY will
soon be dropped from the library, so this error on encountering proxy certs
is effectively doubly dead code.
ok jsing
tb [Sun, 16 Apr 2023 07:49:36 +0000 (07:49 +0000)]
Drop support for the ProxyCertInfo extension
This removes the ProxyCertInfo extension from RFC 3820 from the list of
supported extensions. Since it is a critical extension, this means that
certificates containing it will no longer be considered valid by default.
ok jsing
tb [Sun, 16 Apr 2023 07:36:43 +0000 (07:36 +0000)]
Make pcy_int.h pull in x509_local.h it will need it soon
ok jsing
ajacoutot [Sun, 16 Apr 2023 07:16:58 +0000 (07:16 +0000)]
Add /etc/mixerctl.conf to changelist(5).
ok deraadt@ kn@ semarie@
jsg [Sun, 16 Apr 2023 06:43:49 +0000 (06:43 +0000)]
call default db_ktrap() with tf_err, not 0 for exception error code
ok guenther@
guenther [Sun, 16 Apr 2023 06:38:50 +0000 (06:38 +0000)]
Handle T_CP traps from userland by generating SIGILL, with
code ILL_ILLOPC or ILL_BADSTK depending on the error from hardware
lack of handling noted by deraadt@
ok jsg@
guenther [Sun, 16 Apr 2023 05:40:25 +0000 (05:40 +0000)]
Trap 17 (T_ALIGNFLT) supplies an error code in hardware; use TRAP()
instead of ZTRAP(). T_ALIGNFLT fixed in NetBSD on 2003-12-12
ok deraadt@ jsg@
guenther [Sun, 16 Apr 2023 05:39:33 +0000 (05:39 +0000)]
Both trap 21 (T_CP) and trap 17 (T_ALIGNFLT) supply an error code
in hardware; use TRAP() instead of ZTRAP(). T_ALIGNFLT fixed in
NetBSD on 2012-4-21
ok deraadt@ jsg@
dv [Sun, 16 Apr 2023 01:50:12 +0000 (01:50 +0000)]
vmm(4): save and restore Intel CET state on vm entry/exit.
tb [Sat, 15 Apr 2023 21:53:38 +0000 (21:53 +0000)]
ec_point_conversion: do not rely on ec.h pulling in bn.h
jsing [Sat, 15 Apr 2023 20:00:24 +0000 (20:00 +0000)]
Use size_t rather than int.
Also buy a vowel for rsiz.
jsing [Sat, 15 Apr 2023 19:44:36 +0000 (19:44 +0000)]
Add SHA3 digest length define that was previously missed.
jsing [Sat, 15 Apr 2023 19:30:31 +0000 (19:30 +0000)]
Remove sha3() function, which will not be used or exposed.
jsing [Sat, 15 Apr 2023 19:29:20 +0000 (19:29 +0000)]
Mark sha3_keccakf() as static and remove prototype from header.
jsing [Sat, 15 Apr 2023 19:27:54 +0000 (19:27 +0000)]
Use memset() to zero the context, instead of zeroing manually.
jsing [Sat, 15 Apr 2023 19:22:34 +0000 (19:22 +0000)]
Provide SHA3 length related defines.
These will make EVP integration easier, as well as being used in the SHA3
implementation itself.
jsing [Sat, 15 Apr 2023 19:15:53 +0000 (19:15 +0000)]
Use the same byte order tests as we do elsewhere in libcrypto.
tb [Sat, 15 Apr 2023 18:59:49 +0000 (18:59 +0000)]
Adjust documentation of X9.31 padding mode
tb [Sat, 15 Apr 2023 18:48:52 +0000 (18:48 +0000)]
Stop supporting the long-retired X9.31 standard
This isolates the three API functions from the library so they can be
easily removed and any attempt to use RSA_X931_PADDING mode will now
result in an error.
ok jsing
tb [Sat, 15 Apr 2023 18:44:17 +0000 (18:44 +0000)]
Prepare rsa.h for X9.31 support removal
This wraps the three public functions in the usual #if stanza.
RSA_X931_PADDING is unfortunately exposed by rust-openssl and erlang.
Therefore it will remain visible to avoid breaking the build of
lang/rust. Its use in the library will be neutered shortly.
ok jsing
tb [Sat, 15 Apr 2023 18:37:36 +0000 (18:37 +0000)]
Remove now unused GF2m perlasm generators
jsing [Sat, 15 Apr 2023 18:32:55 +0000 (18:32 +0000)]
Rename SHA3 context struct field from 'st' to 'state'.
jsing [Sat, 15 Apr 2023 18:30:27 +0000 (18:30 +0000)]
Rename SHA3 context to align with existing code.
jsing [Sat, 15 Apr 2023 18:29:26 +0000 (18:29 +0000)]
Move some defines out of the sha3_internal.h header.
tb [Sat, 15 Apr 2023 18:23:54 +0000 (18:23 +0000)]
Stop building GF2m assembly
GF2m support will be removed shortly. In the interim drop some of this
unused code already and let it fall back to the C implementation.
ok jsing
jsing [Sat, 15 Apr 2023 18:22:53 +0000 (18:22 +0000)]
Revise header guards.
jsing [Sat, 15 Apr 2023 18:19:06 +0000 (18:19 +0000)]
Pull constant tables out of sha3_keccakf().
jsing [Sat, 15 Apr 2023 18:14:21 +0000 (18:14 +0000)]
Strip and reformat comments.
Remove various comments that are unhelpful or obvious. Reformat remaining
comments per style(9).
jsing [Sat, 15 Apr 2023 18:07:44 +0000 (18:07 +0000)]
Apply style(9) (first pass).
jsing [Sat, 15 Apr 2023 18:00:57 +0000 (18:00 +0000)]
Import sha3_internal.h.
jsing [Sat, 15 Apr 2023 17:59:50 +0000 (17:59 +0000)]
Add license to sha3 files.
jsing [Sat, 15 Apr 2023 17:56:35 +0000 (17:56 +0000)]
Import tiny_sha3
This is a minimal and readable SHA3 implementation.
ok tb@
tb [Sat, 15 Apr 2023 16:50:05 +0000 (16:50 +0000)]
ssltest: Drop more policy go from this test.
Hopefully that is all. What an absolutely horrid mess.
tb [Sat, 15 Apr 2023 16:17:57 +0000 (16:17 +0000)]
ssltest: initial pass of dropping proxy cert goo
tb [Sat, 15 Apr 2023 14:10:09 +0000 (14:10 +0000)]
symbols test: drop LIBRESSL_INTERNAL
This tests the external API, so it should not have visibility to the
inside. Silences two warnings since EC_{GROUP,POINT}_clear_free() are
now wrapped in #ifndef LIBRESSL_INTERNAL.
kn [Sat, 15 Apr 2023 13:24:47 +0000 (13:24 +0000)]
Unlock in_ioctl_get(), push kernel lock into in_ioctl_{set,change}_ifaddr()
Just like in6_ioctl_get(), read ioctls are safe with the shared net lock to
protect interface addresses and flags.
OK mvs
kn [Sat, 15 Apr 2023 13:18:28 +0000 (13:18 +0000)]
return directly to drop needless error variable; OK mvs
claudio [Sat, 15 Apr 2023 10:36:59 +0000 (10:36 +0000)]
Introduce an ANYTOKEN token which can be used instead of NOTOKEN to allow
to fall back to another table if no other element in the current table
matched. ANYTOKEN needs to be the last element in a table.
With this 'bgpctl show rib 192.0.2.1 detail' works.
OK tb@
dlg [Sat, 15 Apr 2023 03:19:43 +0000 (03:19 +0000)]
fixed regulators might rely on other regulators specified by "vin-supply"
when turning a fixed regulator on, turn on the regulator specified
in vin-supply too.
kettenis agrees we should do this.
jsg [Sat, 15 Apr 2023 01:42:20 +0000 (01:42 +0000)]
change trap16 from IDTVEC_NOALIGN to IDTVEC as it is now the first
in the reserved block
ok deraadt@
jsg [Sat, 15 Apr 2023 01:22:50 +0000 (01:22 +0000)]
add endbr defines and control protection trap
ok deraadt@
job [Sat, 15 Apr 2023 00:39:08 +0000 (00:39 +0000)]
Disallow issuer and subject unique identifiers
In 1992, the ITU-T - through X.509 version 2 - introduced subject and
issuer unique identifier fields to handle the possibility of reuse
of subject and/or issuer names over time. However, the standing
recommendation is that names not be reused for different entities and
that Internet certificates not make use of unique identifiers.
Conforming RPKI CAs will never issue certificates with unique identifiers.
OK tb@ claudio@
dv [Fri, 14 Apr 2023 23:56:57 +0000 (23:56 +0000)]
vmm: NENTRY -> ENTRY
Originally used NENTRY macros in the asm, but the plan is for endbr64
to appear in the ENTRY macros.
cluestick from deraadt@
mbuhl [Fri, 14 Apr 2023 22:41:28 +0000 (22:41 +0000)]
Use designated initializer for ffs_vtbl.
OK kn
dv [Fri, 14 Apr 2023 20:27:47 +0000 (20:27 +0000)]
vmm(4): add NENTRY/END macros around asm functions.
Part of prep for endbr64 on amd64 hosts.
ok mlarkin@
dv [Fri, 14 Apr 2023 18:27:31 +0000 (18:27 +0000)]
add VMX/VMCS defines for amd64 endbr64 features
"these are fine," mlarkin@
tb [Fri, 14 Apr 2023 15:35:12 +0000 (15:35 +0000)]
openssl11/Makefile: make spacing consistent
tb [Fri, 14 Apr 2023 15:34:08 +0000 (15:34 +0000)]
Add a missing void
tb [Fri, 14 Apr 2023 15:31:17 +0000 (15:31 +0000)]
Add two missing void to appease clang 15
There is another thing clang 15 is whining about - this will be resolved
in upcoming work by dv.
ok dv
tb [Fri, 14 Apr 2023 15:27:13 +0000 (15:27 +0000)]
Drop policy printing from openssl
Nothing really uses the policy tree. It's desgined with built-in DoS
capabilities directly from the RFC. It will be removed from the attack
surface and replaced with something equivalent that doesn't grow
exponentially with the depth.
This removes the only reason the policy tree itself ever leaked out of
the library.
ok jsing
robert [Fri, 14 Apr 2023 15:00:40 +0000 (15:00 +0000)]
check if there is actually anything to extract from the firmware tarball
on apple silicon so that we don't fill up the ramdisk by extracting the
whole tarball
while here, change the code so that the machdep.compatible sysctl gets
read once and then that value is used in the script instead of calling
sysctl several times
from input and ok kn@, kettenis@
tb [Fri, 14 Apr 2023 14:36:13 +0000 (14:36 +0000)]
cttest: plug leak due to missing SCT_LIST_free()
tb [Fri, 14 Apr 2023 14:23:05 +0000 (14:23 +0000)]
Plug a memleak caused by an extra bump of a refcount
SSL_set_session() should really be called SSL_set1_session()...
tb [Fri, 14 Apr 2023 14:14:39 +0000 (14:14 +0000)]
Cast the uint64_t SCT timestamps to (unsigned long long) for printing.
What a wonderful choice between this and that PRI ugliness...
stsp [Fri, 14 Apr 2023 12:45:10 +0000 (12:45 +0000)]
Wire up the iwm_updatechan and iwx_updatechan callbacks.
These callbacks were not reachable by mistake. This change is a first step
towards preventing iwx SYSASSERT 0x20101A28 as seen by beck@ and Mikhail
when an 11ac AP switches channel width. The callbacks may still not trigger
after this change. Possibly because APs use channel switch announcements (CSA)
which we currently ignore. We only check the 11n HTOP IE for channel info.
We may eventually need to add CSA support in order to detect channel
width changes in 11ac mode.
No regressions seen by jmc@ on iwx, nor by florian@, millert@ on iwm
tb [Fri, 14 Apr 2023 12:41:26 +0000 (12:41 +0000)]
Make the signertest work better with the portable test framework
tb [Fri, 14 Apr 2023 12:38:30 +0000 (12:38 +0000)]
Make the apitest work better with the portable tets framework
tb [Fri, 14 Apr 2023 12:37:20 +0000 (12:37 +0000)]
Make cttest work better with the portable test harness
tb [Fri, 14 Apr 2023 11:18:40 +0000 (11:18 +0000)]
Fix cttest to use public header
jsing [Fri, 14 Apr 2023 11:10:11 +0000 (11:10 +0000)]
Rename the largely misnamed bn_print.c to bn_convert.c
This file primarily contains the various BN_bn2*() and BN_*2bn() functions
(along with BN_print() and BN_options()). More function shuffling will
follow.
Discussed with tb@
jsing [Fri, 14 Apr 2023 11:04:24 +0000 (11:04 +0000)]
Provide and use bn_copy_words() in BN_copy().
This is simpler than the current code, while still being well optimised by
compilers, across a range of architectures. In many cases we even get a
performance gain for the BN sizes that we primarily care about.
Joint work with tb@
jsing [Fri, 14 Apr 2023 10:45:15 +0000 (10:45 +0000)]
Add support for truncated SHA512 variants.
This adds support for SHA512/224 and SHA512/256, as specified in FIPS
FIPS 180-4. These are truncated versions of the SHA512 hash.
ok tb@