openbsd
14 months agoMake hrSWRunPath use argv[0], instead of p_comm. hrSWRunName is supposed
martijn [Tue, 24 Oct 2023 18:27:26 +0000 (18:27 +0000)]
Make hrSWRunPath use argv[0], instead of p_comm. hrSWRunName is supposed
to be a descriptive name, where hrSWRunPath should give the full path to
the binary. While argv[0] can contain any of a simple binary name, the
full path, or a custom name given by the application itself, it gives us
the option to retrieve both pieces of information. This is also the
same distinction made by netsnmp.

This also keeps the default command column from top(1) and snmptop in
sync, and now allows for identical output in the column between `top -C`
and `snmptop -Cpa`

OK tb@

14 months agoAdd support for HOST-RESOURCES-MIB:hrSWRunPerfTable by adding
martijn [Tue, 24 Oct 2023 18:16:05 +0000 (18:16 +0000)]
Add support for HOST-RESOURCES-MIB:hrSWRunPerfTable by adding
hrSWRunPerfCPU and hrSWRunPerfMem. This allows snmptop to work with
snmpd(8). Math copied from top(1).

OK tb@

14 months agoadd fallback IPv6 address for ftplist1.openbsd.org; ok phessler@
naddy [Tue, 24 Oct 2023 18:03:53 +0000 (18:03 +0000)]
add fallback IPv6 address for ftplist1.openbsd.org; ok phessler@

14 months agoAdd a new regression framework for snmpd.
martijn [Tue, 24 Oct 2023 14:34:40 +0000 (14:34 +0000)]
Add a new regression framework for snmpd.

There are still many test cases left to write, so leave snmpd.sh in place
to test for cases not yet implemented by the new code.

14 months agoFC3416 section 4.2.1 (and others) tells us that if an error occurs the
martijn [Tue, 24 Oct 2023 14:21:58 +0000 (14:21 +0000)]
FC3416 section 4.2.1 (and others) tells us that if an error occurs the
varbindlist in the response must be identical to the original request.

OK tb@

14 months agoCertain error codes are only intended for certain request-types. Add an
martijn [Tue, 24 Oct 2023 14:19:44 +0000 (14:19 +0000)]
Certain error codes are only intended for certain request-types. Add an
appl_error_valid() function to test for this.

OK tb@

14 months agoIf a backend registers as an instance it must never return OIDs below
martijn [Tue, 24 Oct 2023 14:17:20 +0000 (14:17 +0000)]
If a backend registers as an instance it must never return OIDs below
their registration. Add a test for this in appl_varbind_valid().

OK and minor nit tb@

14 months agoset ab_range explicitly to 1 for appl_agentx_session instead of relying
martijn [Tue, 24 Oct 2023 14:11:14 +0000 (14:11 +0000)]
set ab_range explicitly to 1 for appl_agentx_session instead of relying
on malloc random garbage.

OK tb@

14 months agoWhen returning an endOfMibView we must always set it on the requested OID.
martijn [Tue, 24 Oct 2023 14:06:00 +0000 (14:06 +0000)]
When returning an endOfMibView we must always set it on the requested OID.

OK tb@

14 months agoRequire callers to use ibuf_fd_get() to extract the passed fd from an ibuf.
claudio [Tue, 24 Oct 2023 14:05:23 +0000 (14:05 +0000)]
Require callers to use ibuf_fd_get() to extract the passed fd from an ibuf.

In imsg_free() close any fd that was not claimed automatically to prevent
filedescriptor leaks. In ibuf_dequeue() remvoe code which is now part of
imsg_free().
OK tb@

14 months agoWhen opening 2 sessions on an agentx connection and registering 2
martijn [Tue, 24 Oct 2023 14:02:52 +0000 (14:02 +0000)]
When opening 2 sessions on an agentx connection and registering 2
overlapping regions on the different sessions, e.g. by differing in
priority and we close the underlying connection with an outstanding
request to the dominant region we will call appl_agentx_free(), which
sequentially closes all sessions. If the session with the outstanding
request is closed before the second session the request is retried
before said session is cleaned up and it will try to send it over a
conn_ax which at that point has been set to NULL, resulting in a
SIGSEGV.

Simply return early and let this second request be cancelled by the
cleanup of the second session.

OK tb@

14 months agoRemove bold8x16 font.
fcambus [Tue, 24 Oct 2023 13:52:49 +0000 (13:52 +0000)]
Remove bold8x16 font.

Since we have imported the IBM encoded version of "Spleen 8x16" as a
replacement, there is no reason to keep it anymore.

OK miod@

14 months agoFix appl_unregister() when called with range_subid set to !0.
martijn [Tue, 24 Oct 2023 13:50:47 +0000 (13:50 +0000)]
Fix appl_unregister() when called with range_subid set to !0.

OK tb@

14 months agoFix appl_register() when called with range_subid set to !0.
martijn [Tue, 24 Oct 2023 13:46:11 +0000 (13:46 +0000)]
Fix appl_register() when called with range_subid set to !0.

OK tb@

14 months agoRFC2741 section 6.2.2 says that reasonByManager can only be used by the
martijn [Tue, 24 Oct 2023 13:41:16 +0000 (13:41 +0000)]
RFC2741 section 6.2.2 says that reasonByManager can only be used by the
agentx master. Treat this reason as a parseerror.

OK tb@

14 months agoappl_agentx_free() closes any open sessions before freeing everything up.
martijn [Tue, 24 Oct 2023 13:37:02 +0000 (13:37 +0000)]
appl_agentx_free() closes any open sessions before freeing everything up.
Up until now all sessions were closed with reasonShutdown, which is not
accurate for every situation. Give it an additional reason argument that
propagates to appl_agentx_forceclose().

OK tb@

14 months agorevert Subst.pm r1.24 again, it breaks package creation
naddy [Tue, 24 Oct 2023 13:28:43 +0000 (13:28 +0000)]
revert Subst.pm r1.24 again, it breaks package creation

'+' is a widely used character in LIBxxx_VERSION, e.g. LIBFLAC++_VERSION.
Making it illegal breaks numerous packages.

14 months agoAlways check if the context is available inside appl_agentx_recv().
martijn [Tue, 24 Oct 2023 13:28:11 +0000 (13:28 +0000)]
Always check if the context is available inside appl_agentx_recv().
Not every PDU goes through application.c.

OK tb@

14 months agoNormally context switches happen in mi_switch() but there are 3 cases
claudio [Tue, 24 Oct 2023 13:20:09 +0000 (13:20 +0000)]
Normally context switches happen in mi_switch() but there are 3 cases
where a switch happens outside. Cleanup these code paths and make the
machine independent.

- when a process forks (fork, tfork, kthread), the new proc needs to
  somehow be scheduled for the first time. This is done by proc_trampoline.
  Since proc_trampoline is machine dependent assembler code change
  the MP specific proc_trampoline_mp() to proc_trampoline_mi() and make
  sure it is now always called.
- cpu_hatch: when booting APs the code needs to jump to the first proc
  running on that CPU. This should be the idle thread for that CPU.
- sched_exit: when a proc exits it needs to switch away from itself and
  then instruct the reaper to clean up the rest. This is done by switching
  to the idle loop.

Since the last two cases require a context switch to the idle proc factor
out the common code to sched_toidle() and use it in those places.

Tested by many on all archs.
OK miod@ mpi@ cheloha@

14 months agoAdd chacha aliases for OpenSSL compatibility
tb [Tue, 24 Oct 2023 13:09:54 +0000 (13:09 +0000)]
Add chacha aliases for OpenSSL compatibility

OpenSSL has the 20 in the long and short names, so add aliases to the
existing names to make things work. In particular, EVP_get_cipherbyname()
will now return EVP_chacha20() for both 'ChaCha20' and 'chacha20'.

Found by Facundo Tuesca when trying to add LibreSSL support for ChaCha20 in
https://github.com/pyca/cryptography/pull/9209

ok jsing

14 months agoVerify if supplied AgentX PDU header flags are valid for given PDU type
martijn [Tue, 24 Oct 2023 12:57:40 +0000 (12:57 +0000)]
Verify if supplied AgentX PDU header flags are valid for given PDU type
inside appl_agentx_recv().
While here clean up the logging a bit.

OK tb@

14 months agocall vttidy() in the exit path for the batch mode
op [Tue, 24 Oct 2023 10:26:02 +0000 (10:26 +0000)]
call vttidy() in the exit path for the batch mode

Diff by Mark Willson (mark [at] hydrus.org.uk), thank you!

14 months agorevert rev 1.19 'drm/radeon: Fix eDP for single-display iMac11,2'
jsg [Tue, 24 Oct 2023 10:12:09 +0000 (10:12 +0000)]
revert rev 1.19 'drm/radeon: Fix eDP for single-display iMac11,2'

mglocker@ reports this caused the screen to stay black on iMac11,2 when
radeondrm takes over

14 months agoMerge two equivalent if blocks.
mpi [Tue, 24 Oct 2023 10:00:22 +0000 (10:00 +0000)]
Merge two equivalent if blocks.

No functional change, ok tb@

14 months agoDelete any existing v4 address before setting a new one. This allows us
jmatthew [Tue, 24 Oct 2023 09:13:22 +0000 (09:13 +0000)]
Delete any existing v4 address before setting a new one.  This allows us
to keep a working default route when the address changes.

ok dlg@ kn@

14 months agoRFC2741 section 7.1.1 tells us that if a pdu can't be parsed we must
martijn [Tue, 24 Oct 2023 09:00:53 +0000 (09:00 +0000)]
RFC2741 section 7.1.1 tells us that if a pdu can't be parsed we must
return a parseerror. Make sure we can differentiate between parseerror and
openfailed.

OK tb@

14 months agoAccording to RFC2741 section 6.1.1 an agentx-response-pdu shouldn't have
martijn [Tue, 24 Oct 2023 08:54:52 +0000 (08:54 +0000)]
According to RFC2741 section 6.1.1 an agentx-response-pdu shouldn't have
the NON_DEFAULT_CONTEXT set. Remove the argument from ax_response().

OK tb@

14 months agoMake sure that unpacking of an AgentX OID doesn't contain more than 128
martijn [Tue, 24 Oct 2023 08:48:41 +0000 (08:48 +0000)]
Make sure that unpacking of an AgentX OID doesn't contain more than 128
elements.

OK tb@

14 months agoRemove filter-pf-addresses. This feature has been deprecated since 7.2 in
martijn [Tue, 24 Oct 2023 08:41:20 +0000 (08:41 +0000)]
Remove filter-pf-addresses. This feature has been deprecated since 7.2 in
favour of 'blocklist pfTblAddrTable'.

OK tb@

14 months agoRemove the statement that .TQ was "rarely used even in GNU manual pages".
schwarze [Mon, 23 Oct 2023 22:57:51 +0000 (22:57 +0000)]
Remove the statement that .TQ was "rarely used even in GNU manual pages".

It appears the Linux Manual Pages project started to quite aggressively
use .TQ ever for cases where it not only provides no value, but makes
formatting worse even when it formats as intended.  It's also a bad idea
to use it that aggressively because .TQ has particularly catastrophic
formatting behaviour on formatters (other than groff and mandoc) that do
not support it: It essentially has the effect of omitting the topic of
the discussion from the formatted version of the manual page, but in
such a way that it does not become apparent to the reader that anything
is missing.

But whether this is wise or stupid is their problem and none of our
business.  Either way, we should not call a thing "rarely used"
after that is no longer true.

Thanks to Alejandro Colomar <alx at kernel org org>
for making me aware that the statement is no longer true.

14 months agoDo not print "retrieving revision 1.13" while doing cvs diff.
bluhm [Mon, 23 Oct 2023 21:59:00 +0000 (21:59 +0000)]
Do not print "retrieving revision 1.13" while doing cvs diff.

Provide shorter diffs without unnecessary debugging output.
Note that this affects cvs installed on the server side.

OK deraadt@

14 months agosorry, somehow I did redo this line badly and didn't retest
espie [Mon, 23 Oct 2023 21:53:54 +0000 (21:53 +0000)]
sorry, somehow I did redo this line badly and didn't retest

14 months agocreate __OpenBSD__ versions that use futex() with the correct number
deraadt [Mon, 23 Oct 2023 20:40:24 +0000 (20:40 +0000)]
create __OpenBSD__ versions that use futex() with the correct number
of arguments and without using syscall().  the glibc people should be
ashamed of the mess they created.
ok miod

14 months agoonce again, i forgot to update the date in the footer
schwarze [Mon, 23 Oct 2023 20:15:36 +0000 (20:15 +0000)]
once again, i forgot to update the date in the footer

14 months agoSupport some escape sequences, in particular character escape sequences,
schwarze [Mon, 23 Oct 2023 20:07:18 +0000 (20:07 +0000)]
Support some escape sequences, in particular character escape sequences,
inside \w arguments, and skip most other escape sequences when measuring
the output length in this way because most escape sequences contribute
little or nothing to text width: for example, consider font escapes in
terminal output.

This implementation is very rudimentary.  In particular, it assumes that
every character has the same width.  No attempt is made to detect
double-width or zero-width Unicode characters or to take dependencies on
output devices or fonts into account.  These limitations are hard to
avoid because mandoc has to interpolate \w at the parsing stage when the
output device is not yet known.  I really do not want the content of the
syntax tree to depend on the output device.

Feature requested by Paul <Eggert at cs dot ucla dot edu>, who also
submitted a patch, but i chose to commit this very different patch
with almost the same functionality.
His input was still very valuable because complete support for \w is
out of the question, and consequently, the main task is identifying
subsets of the feature that are needed for real-world manual pages
and can be supported without uprooting the whole forest.

14 months agoRevert Subst.pm r1.22. It broke ordinary pkg_add usage
tb [Mon, 23 Oct 2023 19:45:28 +0000 (19:45 +0000)]
Revert Subst.pm r1.22. It broke ordinary pkg_add usage

14 months agoUse xoff instead of *olen in the shift_right() call. xoff is the right
claudio [Mon, 23 Oct 2023 13:07:44 +0000 (13:07 +0000)]
Use xoff instead of *olen in the shift_right() call. xoff is the right
value here since *olen is (conditionally) set a few lines later to the
same value as xoff.

Should fix the CodeQL warnings because *olen is dereferenced without
proper NULL check.

OK tb@

14 months agoUse private key that is allowed by sshd defaults in conch interop tests.
anton [Mon, 23 Oct 2023 11:30:49 +0000 (11:30 +0000)]
Use private key that is allowed by sshd defaults in conch interop tests.

ok dtucker@

14 months agoPrevent wg(4) stuck on peer destruction.
mvs [Mon, 23 Oct 2023 10:22:05 +0000 (10:22 +0000)]
Prevent wg(4) stuck on peer destruction.

While interface going down and output stopped, packets could rest in
`if_snd' queue. So the (!ifq_empty(&sc->sc_if.if_snd)) condition will
always be true and wg_peer_destroy() will sleep until interface became
up and stuck packets transmitted.

Check IFF_RUNNING flag within (!ifq_empty(&sc->sc_if.if_snd)) loop in
wg_peer_destroy(). If the flag is not set that means interface is down,
so drain the `if_snd' queue manually to prevent wg_peer_destroy() stuck.

Problem reported and fix tested by Kirill Miazine.

ok bluhm@

14 months agouse more natural (and new) += with REGRESSION_TESTING
espie [Mon, 23 Oct 2023 08:38:58 +0000 (08:38 +0000)]
use more natural (and new) += with REGRESSION_TESTING

14 months agosplit on spaces as well, to take advantage of +=
espie [Mon, 23 Oct 2023 08:38:14 +0000 (08:38 +0000)]
split on spaces as well, to take advantage of +=

14 months agoadd some limited capability to -DVAR+=value
espie [Mon, 23 Oct 2023 08:37:45 +0000 (08:37 +0000)]
add some limited capability to -DVAR+=value
to be used with REGRESSION_TESTING, where it's somewhat inconvenient to
know the full list in advance.

14 months agoUnzoom window at start of destroy so it doesn't happen later (when
nicm [Mon, 23 Oct 2023 08:12:00 +0000 (08:12 +0000)]
Unzoom window at start of destroy so it doesn't happen later (when
destroying panes) after the layout has been freed, GitHub issue 3717.

14 months agoFix radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password
yasuoka [Mon, 23 Oct 2023 00:58:32 +0000 (00:58 +0000)]
Fix radiusd(8) to fixup MPPE-{Send,Recv}-Key and Tunnel-Password
attributes of the response properly.

14 months agobt(5), btrace(8): execute END probe and print non-empty maps upon exit()
cheloha [Sun, 22 Oct 2023 19:30:35 +0000 (19:30 +0000)]
bt(5), btrace(8): execute END probe and print non-empty maps upon exit()

BPFTrace's exit() statement executes the END probe (if any) and prints
the contents of all non-empty maps before terminating the interpreter.

Implement this in btrace(8) with a halting check after each statement.
If a statement causes the program to halt, the condition bubbles up to
the top-level evaluation loop and causes rules_teardown() to run
immediately.

btrace(8) still performs a full rules_setup() if exit() is called
during the BEGIN probe, though the top-level evaluation loop is never
run.

One edge-like case: an exit() from the END probe is treated as an
early return; END is not executed multiple times.

Thread: https://marc.info/?l=openbsd-tech&m=169765169420751&w=2

ok mpi@

14 months agonew regression test for roff.c rev. 1.270:
schwarze [Sun, 22 Oct 2023 16:54:19 +0000 (16:54 +0000)]
new regression test for roff.c rev. 1.270:
infinite recursion in macro argument expansion

14 months agoWhile doing delayed expansion of escape sequences in macro arguments,
schwarze [Sun, 22 Oct 2023 16:01:58 +0000 (16:01 +0000)]
While doing delayed expansion of escape sequences in macro arguments,
correctly check for failure of the in-place expansion function.
If an argument not only does recursive delayed expansion
but infinitely recursive delayed expansion, this bug could
result in an ESCAPE_EXPAND assertion failure.

Thanks to Eric van Gyzen <vangyzen at FreeBSD> for finding this bug
by inspecting FreeBSD source code.

14 months agocorrect Va in previous;
jmc [Sun, 22 Oct 2023 14:04:52 +0000 (14:04 +0000)]
correct Va in previous;

14 months agoA few more tests
otto [Sun, 22 Oct 2023 12:20:07 +0000 (12:20 +0000)]
A few more tests

14 months agoWhen option D is active, store callers for all chunks; this avoids
otto [Sun, 22 Oct 2023 12:19:26 +0000 (12:19 +0000)]
When option D is active, store callers for all chunks; this avoids
the 0x0 call sites for leak reports. Also display more info on
detected write of free chunks: print the info about where the chunk
was allocated, and for the preceding chunk as well.
ok asou@

14 months agofix 40 MHz channel validation checks for the 2.4 GHz channel range
stsp [Sun, 22 Oct 2023 12:01:36 +0000 (12:01 +0000)]
fix 40 MHz channel validation checks for the 2.4 GHz channel range

Just like the 5 GHz channels, 2.4 GHz channels are spaced 5 MHz apart.
40 MHz wide channels hence span channels [N, N + 4] not [N, N + 1].
Adjust our secondary channel range checks accordingly.

14 months agoregression test for roff.c rev. 1.269:
schwarze [Sat, 21 Oct 2023 17:28:01 +0000 (17:28 +0000)]
regression test for roff.c rev. 1.269:
recursive delayed expansion of escape sequences in macro arguments

14 months agoWhen parsing a macro argument results in delayed escape sequence
schwarze [Sat, 21 Oct 2023 17:10:12 +0000 (17:10 +0000)]
When parsing a macro argument results in delayed escape sequence
expansion, re-check for all contained escape sequences whether they
need delayed expansion, not just for the particular escape sequences
that triggered delayed expansion in the first place.  This is needed
because delayed expansion can result in strings containing nested
escape sequences recursively needing delayed expansion, too.

This fixes an assertion failure in krb5_openlog(3), see:
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=266882

Thanks to Wolfram Schneider <wosch at FreeBSD> for reporting the bug
and to Baptiste Daroussin <bapt at FreeBSD> for forwarding the report.

14 months agodelete whitespaces that end up in output files
deraadt [Sat, 21 Oct 2023 14:09:15 +0000 (14:09 +0000)]
delete whitespaces that end up in output files

14 months agoRemove mention of alg_section. This never worked in LibreSSL.
tb [Sat, 21 Oct 2023 14:05:49 +0000 (14:05 +0000)]
Remove mention of alg_section. This never worked in LibreSSL.

14 months agostyle tweak: avoid double conjunction to make it read better
schwarze [Sat, 21 Oct 2023 13:53:43 +0000 (13:53 +0000)]
style tweak: avoid double conjunction to make it read better
OK tb@

14 months agoignore wide channel configs that do not appear in the 802.11ac spec
stsp [Sat, 21 Oct 2023 06:47:23 +0000 (06:47 +0000)]
ignore wide channel configs that do not appear in the 802.11ac spec

Wide channel configurations not listed in operating class tables of
the 802.11ac spec can trigger regulatory assertion failures in iwm(4)
firmware, and potentially other device firmware.
Ignore non-standard channels configs such that we downgrade to 40MHz
or even 20MHz to make such APs usable, albeit at lower speed.

Found by dlg@ with a mikrotik AP advertising channel configs that do
not appear as such in the spec:
  80 MHz: |104|108|112|116|
  40 MHz: |primary: 112|secondary above: 116|
Either of these triggered iwm0: 0x000014FD | ADVANCED_SYSASSERT

Fix tested by myself on iwx(4) AX200 and dlg@ on iwm(4) 7260.
Johannes Berg helped with deciphering the error code, thanks!

14 months agoensure that iwm(4) uses the 80Mhz primary channel index announced in beacons
stsp [Sat, 21 Oct 2023 06:41:26 +0000 (06:41 +0000)]
ensure that iwm(4) uses the 80Mhz primary channel index announced in beacons

same fix was applied to iwx(4) some time ago

14 months agoAdopt MI re-upgrade prevention
kn [Fri, 20 Oct 2023 19:58:16 +0000 (19:58 +0000)]
Adopt MI re-upgrade prevention

In comparison to MI boot which only cares about /bsd.upgrade's x bit,
powerpc64 rdboot just wants a regular file.

Require and strip u+x before execution to prevent sysupgrade(8) loops.

OK kettenis

14 months agoAdopt MI re-upgrade prevention
kn [Fri, 20 Oct 2023 19:55:49 +0000 (19:55 +0000)]
Adopt MI re-upgrade prevention

In comparison to MI boot which only cares about /bsd.upgrade's x bit,
octeon rdboot just wants a regular file.

Require and strip u+x before execution to prevent sysupgrade(8) loops.

OK kettenis

14 months agoAvoid forcible mounting a dirty filessystem. Mount such filesystems
kettenis [Fri, 20 Oct 2023 18:53:12 +0000 (18:53 +0000)]
Avoid forcible mounting a dirty filessystem.  Mount such filesystems
read-only instead.  This means that writing to the filesystem will fail.
As a consequence chmod'ing of files in the bootloader will fail, but that
will fix itself on the next clean boot.

Same change as I committed to powerpc64 a few days ago.

ok kn@, deraadt@

14 months agoImprove markup in some cases where .Li was abused.
schwarze [Fri, 20 Oct 2023 18:51:09 +0000 (18:51 +0000)]
Improve markup in some cases where .Li was abused.
Triggered by a smaller diff from jan@.
OK jmc@ jan@

14 months agoAvoid assertion failure when splitting mbuf cluster.
bluhm [Fri, 20 Oct 2023 16:25:15 +0000 (16:25 +0000)]
Avoid assertion failure when splitting mbuf cluster.

m_split() calls m_align() to initialize the data pointer of newly
allocated mbuf.  If the new mbuf will be converted to a cluster,
this is not necessary.  If additionally the new mbuf is larger than
MLEN, this can lead to a panic.
Only call m_align() when a valid m_data is needed.  This is the
case if we do not refecence the existing cluster, but memcpy() the
data into the new mbuf.

Reported-by: syzbot+0e6817f5877926f0e96a@syzkaller.appspotmail.com
OK claudio@ deraadt@

14 months agoAdd missing tcps_outpkttso counter to ixl(4) TSO setup.
jan [Fri, 20 Oct 2023 13:21:15 +0000 (13:21 +0000)]
Add missing tcps_outpkttso counter to ixl(4) TSO setup.

ok bluhm@

14 months agoAllow overriding the locations of the Dropbear binaries similar to what
dtucker [Fri, 20 Oct 2023 07:37:07 +0000 (07:37 +0000)]
Allow overriding the locations of the Dropbear binaries similar to what
we do for the PuTTY ones.

14 months agoImprove bad comment.
jan [Fri, 20 Oct 2023 07:31:12 +0000 (07:31 +0000)]
Improve bad comment.

pointed out by kn@

ok kn@

14 months agoAdd interop test with Dropbear. Right now this is only dbclient not the
dtucker [Fri, 20 Oct 2023 06:56:45 +0000 (06:56 +0000)]
Add interop test with Dropbear.  Right now this is only dbclient not the
Dropbear server since it won't currently run as a ProxyCommand.

14 months agodma-buf: add dma_fence_timestamp helper
jsg [Fri, 20 Oct 2023 03:49:31 +0000 (03:49 +0000)]
dma-buf: add dma_fence_timestamp helper

From Christian Koenig
d67b5a2b97b6e8959117ff71fc2daa30e66c8290 in linux-6.1.y/6.1.59
b83ce9cb4a465b8f9a3fa45561b721a9551f60e3 in mainline linux

14 months agodrm/amd/display: Don't set dpms_off for seamless boot
jsg [Fri, 20 Oct 2023 03:46:56 +0000 (03:46 +0000)]
drm/amd/display: Don't set dpms_off for seamless boot

From Daniel Miess
f0410917561cb56f93ac8c502eb0ec94f25cafe9 in linux-6.1.y/6.1.59
23645bca98304a2772f0de96f97370dd567d0ae6 in mainline linux

14 months agodrm/amdgpu: add missing NULL check
jsg [Fri, 20 Oct 2023 03:45:42 +0000 (03:45 +0000)]
drm/amdgpu: add missing NULL check

From Christian Koenig
a61d905a86879427e330a5a66cba8b2330dac4d1 in linux-6.1.y/6.1.59
ff89f064dca38e2203790bf876cc7756b8ab2961 in mainline linux

14 months agodrm/atomic-helper: relax unregistered connector check
jsg [Fri, 20 Oct 2023 03:43:33 +0000 (03:43 +0000)]
drm/atomic-helper: relax unregistered connector check

From Simon Ser
0fb82afee55fc6e12f3581e87d47fd1beae36a98 in linux-6.1.y/6.1.59
2b7947bd32e243c52870d54141d3b4ea6775e63d in mainline linux

14 months agodrm/i915: Don't set PIPE_CONTROL_FLUSH_L3 for aux inval
jsg [Fri, 20 Oct 2023 03:41:56 +0000 (03:41 +0000)]
drm/i915: Don't set PIPE_CONTROL_FLUSH_L3 for aux inval

From Nirmoy Das
f175665385fe9fdd996080806aa67e666475d3d8 in linux-6.1.y/6.1.59
128c20eda73bd3e78505c574fb17adb46195c98b in mainline linux

14 months agoadd dma_fence_timestamp() for 6.1.59 drm
jsg [Fri, 20 Oct 2023 03:38:58 +0000 (03:38 +0000)]
add dma_fence_timestamp() for 6.1.59 drm

14 months agoAdd test for dropped messages to UDP loghost.
bluhm [Thu, 19 Oct 2023 22:19:16 +0000 (22:19 +0000)]
Add test for dropped messages to UDP loghost.

14 months agosyslogd(8) counts dropped UDP packets.
bluhm [Thu, 19 Oct 2023 22:16:10 +0000 (22:16 +0000)]
syslogd(8) counts dropped UDP packets.

Now that syslogd handles delayed DNS lookups, also count dropped
packets to UDP loghosts.  Although not every outgoing UDP packet
dropped along the path can be detected, the message makes the admin
aware that there is a local blind spot during startup.
Improve debug and log messages, especially if UDP logging is shut
down permanently.  Also do not print 'last message repeated' if the
message was dropped.

OK deraadt@

14 months agoRename the modulus from n into m
tb [Thu, 19 Oct 2023 19:17:46 +0000 (19:17 +0000)]
Rename the modulus from n into m

This matches what other pages use. Also rewrite the definition of the
modular inverse to be less ugly.

14 months agoroot disk can be enrypted with a key disk now
kn [Thu, 19 Oct 2023 18:39:46 +0000 (18:39 +0000)]
root disk can be enrypted with a key disk now

14 months agoAdd missing removal of network interfaces in regress cleanup targets.
anton [Thu, 19 Oct 2023 18:36:40 +0000 (18:36 +0000)]
Add missing removal of network interfaces in regress cleanup targets.
Reducing the risk tests conflicting with each other.

ok bluhm@

14 months agosync
deraadt [Thu, 19 Oct 2023 18:04:44 +0000 (18:04 +0000)]
sync

14 months agoAdd experimental support for secp256r1 aka P-256 aka prime256v1
job [Thu, 19 Oct 2023 17:05:54 +0000 (17:05 +0000)]
Add experimental support for secp256r1 aka P-256 aka prime256v1

ECDSA signatures are much smaller than RSA signatures while offering
similar security. Adding support for P-256 now allows CA developers
to test their implementations, and paving the way for signers in the
production environment in the future to take advantage of ECDSA.

OK tb@

14 months agoEnable TCP Segmentation Offloading for ixl(4)
jan [Thu, 19 Oct 2023 16:28:02 +0000 (16:28 +0000)]
Enable TCP Segmentation Offloading for ixl(4)

Tested on amd64 and sparc64.
Also tested by bluhm@.

ok bluhm@

14 months agoAdd a few more test cases for mod_exp aliasing
tb [Thu, 19 Oct 2023 13:38:12 +0000 (13:38 +0000)]
Add a few more test cases for mod_exp aliasing

14 months agoWhile the ibuf_add calls should not fail the way they are used it
claudio [Thu, 19 Oct 2023 13:14:19 +0000 (13:14 +0000)]
While the ibuf_add calls should not fail the way they are used it
is still better to check for error.
OK tb@

14 months agoConvert rtr_proto.c to use new ibuf API.
claudio [Thu, 19 Oct 2023 11:12:10 +0000 (11:12 +0000)]
Convert rtr_proto.c to use new ibuf API.
More yak shaving required which will follow.
OK tb@

14 months agoGarbage collect weird /* 1 */ and /* 2 */ comments
tb [Thu, 19 Oct 2023 10:27:27 +0000 (10:27 +0000)]
Garbage collect weird /* 1 */ and /* 2 */ comments

If they ever had any meaning, that's long been lost.

Requested by jsing

14 months agoThe bn_mod_exp test is no longer an expected failure
tb [Thu, 19 Oct 2023 10:23:38 +0000 (10:23 +0000)]
The bn_mod_exp test is no longer an expected failure

14 months agoFix aliasing of result and exponent in the internal BN_mod_exp_recp()
tb [Thu, 19 Oct 2023 10:23:00 +0000 (10:23 +0000)]
Fix aliasing of result and exponent in the internal BN_mod_exp_recp()

This is basically the same fix as the one applied in BN_mod_exp_simple().

14 months agoFix aliasing of result with exponent or modulus in BN_mod_exp_simple()
tb [Thu, 19 Oct 2023 10:17:52 +0000 (10:17 +0000)]
Fix aliasing of result with exponent or modulus in BN_mod_exp_simple()

Reported and reminded by Guido Vranken in OpenSSL issue #21110

ok jsing

14 months agoAdd test case checking aliasing of the result with other arguments
tb [Thu, 19 Oct 2023 10:17:24 +0000 (10:17 +0000)]
Add test case checking aliasing of the result with other arguments

These are expected failures for BN_mod_exp_simple() and the internal
BN_mod_exp_recp(), which will be fixed shortly.

14 months agoConvert the session engine to use the new ibuf API.
claudio [Thu, 19 Oct 2023 07:02:45 +0000 (07:02 +0000)]
Convert the session engine to use the new ibuf API.
OK tb@

14 months agoAdd IBM encoded version of "Spleen 8x16".
fcambus [Thu, 19 Oct 2023 06:47:36 +0000 (06:47 +0000)]
Add IBM encoded version of "Spleen 8x16".

The font is 2-Clause BSD licensed and is my original creation.

OK miod@

14 months agoReduce unpractical package URL to usual package name; OK deraadt
kn [Thu, 19 Oct 2023 02:43:58 +0000 (02:43 +0000)]
Reduce unpractical package URL to usual package name; OK deraadt

This section about ports/packages really wants a revamp, though...

14 months agoSupport encrypting the root disk with a key disk
kn [Thu, 19 Oct 2023 02:39:06 +0000 (02:39 +0000)]
Support encrypting the root disk with a key disk

Extend the yes/no question to no/passphrase/keydisk and have users pick an
existing, preformated RAID partition;  no support (yet) for creating one.

OK tb afresh1

14 months agoAvoid forcible mounting a dirty filessystem. Mount such filesystems
kettenis [Wed, 18 Oct 2023 22:44:42 +0000 (22:44 +0000)]
Avoid forcible mounting a dirty filessystem.  Mount such filesystems
read-only instead.  This means that writing to the filesystem will fail.
As a consequence chmod'ing of files in the bootloader will fail, but that
will fix itself on the next clean boot.

ok kn@

14 months agoMake libssl interop server/client tests less flaky by ensuring the
anton [Wed, 18 Oct 2023 19:14:32 +0000 (19:14 +0000)]
Make libssl interop server/client tests less flaky by ensuring the
server has terminated before examining the outcome.

14 months agoadjust sgr0 escape sequence after ncurses update; ok nicm@
anton [Wed, 18 Oct 2023 18:01:10 +0000 (18:01 +0000)]
adjust sgr0 escape sequence after ncurses update; ok nicm@

14 months agoRemove EVP_add_alg_module() prototype
tb [Wed, 18 Oct 2023 17:26:06 +0000 (17:26 +0000)]
Remove EVP_add_alg_module() prototype

This function was the unfortunate protagonist in a series of tragic merge
errors resulting in only a short stint of a year and nine months between
OpenSSL 0.9.8j and 1.0.0a actually present in OpenBSD. Then it said good
bye for good, but somehow a prototype came back with 1.0.1g, a famous
version released when there were slightly more pressing things to be
taken care of than a function supporting a config knob whose only purpose
was to turn off fips mode or to error.

from schwarze

PS: The mechanism that it was supposed to provide is still documented in
openssl.cnf(5). I am going remove the relevant bit at some point, but not
today.

14 months agoSupport the GNU-specific syntax ".IP \\[bu]" for bullet lists in man(7)
schwarze [Wed, 18 Oct 2023 16:11:29 +0000 (16:11 +0000)]
Support the GNU-specific syntax ".IP \\[bu]" for bullet lists in man(7)
pages that Alejandro Colomar recommends in the "Lists" subsection of
https://man7.org/linux/man-pages/man7/man-pages.7.html#STYLE_GUIDE .

For example, this will improve HTML formatting of the first list in
the subsection "Feature test macros understood by glibc" on the page
https://manpages.debian.org/bookworm/manpages/ftm.7.en.html .

Issue reported by Alejandro Colomar <alx at kernel dot org>.

14 months agoBetter document the purpose and features of the file mandoc.css
schwarze [Wed, 18 Oct 2023 14:47:22 +0000 (14:47 +0000)]
Better document the purpose and features of the file mandoc.css
and the purpose and limitations of the embedded stylesheet.

Triggered by a conversation with Alejandro Colomar <alx at kernel dot org>.

14 months agoAvoid segments greater than maxsegsz during map merging
jan [Wed, 18 Oct 2023 14:24:29 +0000 (14:24 +0000)]
Avoid segments greater than maxsegsz during map merging

Found with hints from kettenis@

Tested on Sun-Fire-V215.
Also tested on U2 and UltraBook IIe by miod@

ok miod@