openbsd
3 years agoNo longer patch away other entropy sources from libexpat. Upstream
bluhm [Thu, 27 May 2021 12:57:22 +0000 (12:57 +0000)]
No longer patch away other entropy sources from libexpat.  Upstream
expat uses arc4random_buf(3) as first option if available.  Drop
our local patch.  Behavior stays the same.  Updates will be easier.
Environment variable EXPAT_ENTROPY_DEBUG can be used to check that
arc4random_buf() is really used.
OK sthen@

3 years agoFix more warnings
job [Thu, 27 May 2021 09:41:02 +0000 (09:41 +0000)]
Fix more warnings

OK tb@

3 years agoUse negotiated capabilities to decide if a ROUTE-REFRESH message can be
claudio [Thu, 27 May 2021 09:15:51 +0000 (09:15 +0000)]
Use negotiated capabilities to decide if a ROUTE-REFRESH message can be
sent (and also for which AFI/SAFI). Use a slightly better way to write
return if neither route-refresh nor enhanced route-refresh are on.

3 years agoUse correct RFC number in comment
claudio [Thu, 27 May 2021 09:10:03 +0000 (09:10 +0000)]
Use correct RFC number in comment

3 years agoFix warning
job [Thu, 27 May 2021 09:01:08 +0000 (09:01 +0000)]
Fix warning

OK tb@

3 years agoWhen generating updates for a peer that has 'rde evaluate all' set the
claudio [Thu, 27 May 2021 08:45:24 +0000 (08:45 +0000)]
When generating updates for a peer that has 'rde evaluate all' set the
old prefix pointer is most probably NULL. If a secondary route is removed
the withdraw would not happen because old == NULL which skips the withdraw.

Access to old is only needed to extract the prefix. So instead extract the
prefix early and use it for both cases. So if 'rde evaluate all' is used
the code tries all prefixes and if none is allowed a withdraw is issued.

Problem noticed and fix tested by Pier Carlo Chiodi

3 years agoFix how the rde_eval_all flag is tracked. Make sure it is correctly set
claudio [Thu, 27 May 2021 08:38:42 +0000 (08:38 +0000)]
Fix how the rde_eval_all flag is tracked. Make sure it is correctly set
when a new peer shows up or during a reload. Tracking this during runtime
just does not work reliably (especially  for reloads).
Problem noticed and fix tested by Pier Carlo Chiodi

3 years agoAdd the bits needed in bgpctl to show the new ADD-PATH and enhanced
claudio [Thu, 27 May 2021 08:29:06 +0000 (08:29 +0000)]
Add the bits needed in bgpctl to show the new ADD-PATH and enhanced
route refresh capabilities in the neighbor output.

3 years agobgpd(8) will soon support ADD-PATH (RFC7911) and enhanced route refresh
claudio [Thu, 27 May 2021 08:27:48 +0000 (08:27 +0000)]
bgpd(8) will soon support ADD-PATH (RFC7911) and enhanced route refresh
(RFC7313). This is the frist step toward this.

It adds the capability parsers for the two no capabilities, extends the
capability struct and adds the capability negotiation bits.
The route refresh message parser and generator are extended to support
the BoRR and EoRR message. Also add the new NOTIFICATION type and subtype
for the route refresh message.

3 years agoFix bad logic in last commit. If graceful restart is on and the forwarding
claudio [Thu, 27 May 2021 08:20:39 +0000 (08:20 +0000)]
Fix bad logic in last commit. If graceful restart is on and the forwarding
state is preserved do the graceful restart dance. If graceful restart is off
or the forwarding state was not preserved flush the table.

3 years agoUse todr_attach(). Prompted by cheloha@
kettenis [Thu, 27 May 2021 08:10:12 +0000 (08:10 +0000)]
Use todr_attach().  Prompted by cheloha@

3 years agoImprove graceful restart capability handling.
claudio [Thu, 27 May 2021 07:52:54 +0000 (07:52 +0000)]
Improve graceful restart capability handling.

Announce only the graceful restart capability header but do not include any
AFI / SAFI pairs. bgpd does not preserve its forwarding state over restarts
and only implements the "Procedures for the Receiving Speaker".

When calculating the negotiated capabilities do not override the peer
capabilities (AFI / SAFI bits), just make sure the negotiated bits are
cleared. With this the peer capabilities are properly shown in bgpctl.

3 years agosync
deraadt [Thu, 27 May 2021 05:51:50 +0000 (05:51 +0000)]
sync

3 years agoajacoutot says i missed copying some bits from bridge for divert-to.
dlg [Thu, 27 May 2021 03:46:15 +0000 (03:46 +0000)]
ajacoutot says i missed copying some bits from bridge for divert-to.

3 years agoajacouto says i missed copying some bits from bridge for divert-to.
dlg [Thu, 27 May 2021 03:43:23 +0000 (03:43 +0000)]
ajacouto says i missed copying some bits from bridge for divert-to.

3 years agoAdd aplspmi(4), a driver for the Apple SPMI controller, and aplpmu(4)
kettenis [Wed, 26 May 2021 20:52:21 +0000 (20:52 +0000)]
Add aplspmi(4), a driver for the Apple SPMI controller, and aplpmu(4)
a driver for the Apple "sera" SPMI power management unit that contains
the RTC on Apple M1 systems.

ok patrick@

3 years agoUpdate libexpat to 2.4.1. This fixes CVE-2013-0340. Relevant for
bluhm [Wed, 26 May 2021 19:14:32 +0000 (19:14 +0000)]
Update libexpat to 2.4.1.  This fixes CVE-2013-0340.  Relevant for
OpenBSD are security fixes #34 #466 #484 and other changes #467
#473 #483.  A new error number in a public header requires a major
library bump.  Two functions have been added to API.
OK tb@

3 years agoFix the return value for the FUTEX_WAIT/FUTEX_WAIT_PRIVATE futex(2)
kettenis [Wed, 26 May 2021 18:11:59 +0000 (18:11 +0000)]
Fix the return value for the FUTEX_WAIT/FUTEX_WAIT_PRIVATE futex(2)
operation.  System calls should return -1 and set errno when they fail.
They should not return an errno value directly.  This matches how
the Linux version of futex(2) behaves and what Mesa expects.  This fixes
a bug in Mesa where a timeout wouldn't be reported properly.

Technically this is an ABI break.  But libc and libpthread were changed
to be compatible with both the old and new ABI, and code outside of base
almost certainly expects Linux compatible behaviour.  If you have not
rebuilt libc and the last few days, upgrade using a snap.

Mesa issue discovered by jsg@
ok mpi@, deraadt@

3 years agoreplaces calls to err(3)/errx(3) with fatal()/fatalx() from log.c
eric [Wed, 26 May 2021 18:08:55 +0000 (18:08 +0000)]
replaces calls to err(3)/errx(3) with fatal()/fatalx() from log.c
for code that runs in the daemon.

ok florian@ millert@

3 years agoUse `so_lock' to protect key management (PF_KEY) sockets. This can be
mvs [Wed, 26 May 2021 08:28:34 +0000 (08:28 +0000)]
Use `so_lock' to protect key management (PF_KEY) sockets. This can be
done because we have no cases where one thread should lock two sockets
simultaneously.

tested by yasuoka@

ok bluhm@ markus@

3 years agoremove unused code
eric [Wed, 26 May 2021 07:05:50 +0000 (07:05 +0000)]
remove unused code

ok millert@

3 years agoadd support for pf divert-to on tpmr, like what was done for veb(4).
dlg [Wed, 26 May 2021 06:44:28 +0000 (06:44 +0000)]
add support for pf divert-to on tpmr, like what was done for veb(4).

when a divert-to rule applies to a packet, pf doesnt take the packet
away and shove it in the socket directly. pf marks the packet, and
then ip (or ipv6) input processing looks at the mark and picks the
local socket to queue it on. because tpmr operates at layer 2, ip
input has no chance to look at the packet and let the divert socket
steal it.

bridge(4) and now veb(4) handle this by checking if the packet has
the pf divert to mark set on it and calls ip input if it's set.
this copies the semantic to tpmr.

3 years agosupport divert-to when pf applies it to a packet.
dlg [Wed, 26 May 2021 02:38:01 +0000 (02:38 +0000)]
support divert-to when pf applies it to a packet.

when a divert-to rule applies to a packet, pf doesnt take the packet
away and shove it in the socket directly. pf marks the packet, and
then ip (or ipv6) input processing looks at the mark and picks the
local socket to queue it on. because veb operates at layer 2, ip
input processing only occurred if the packet was destined to go
into a vport interface.

bridge(4) handles this by checking if the packet has the pf divert
to mark set on it and calls ip input if it's set. this copies the
semantic to veb.

this allows divert-to to steal (take?) packets going over a veb and
process them on a local socket.

reported by ajacatot@

3 years agofix SEGV in UpdateHostkeys debug() message, triggered when the update
djm [Wed, 26 May 2021 01:47:24 +0000 (01:47 +0000)]
fix SEGV in UpdateHostkeys debug() message, triggered when the update
removed more host keys than remain present. Fix tested by reporter
James Cook, via bugs@

3 years agoAs network features are not added dynamically, the domain structures
bluhm [Tue, 25 May 2021 22:45:09 +0000 (22:45 +0000)]
As network features are not added dynamically, the domain structures
are constant.  Having more const makes MP review easier.  More
pointers are mapped read-only in the kernel image.
OK deraadt@ mvs@

3 years agoremove obsolete files
eric [Tue, 25 May 2021 19:39:22 +0000 (19:39 +0000)]
remove obsolete files

3 years agoinstruct git to ignore all **/obj entries created by "make obj"
jcs [Tue, 25 May 2021 19:06:13 +0000 (19:06 +0000)]
instruct git to ignore all **/obj entries created by "make obj"

ok deraadt, stsp

3 years agoclang's assembler now supports 64-suffixed versions of the
guenther [Tue, 25 May 2021 17:07:55 +0000 (17:07 +0000)]
clang's assembler now supports 64-suffixed versions of the
fxsave/xsave/fxrstor/xrstor family of instructions.  Use them
directly instead of inserting the 0x48 prefix manually.

ok kettenis@ deraadt@

3 years agoprogram headers: do not rely on DYNAMIC coming before GNU_RELRO
kn [Tue, 25 May 2021 17:01:36 +0000 (17:01 +0000)]
program headers: do not rely on DYNAMIC coming before GNU_RELRO

Except for some specific cases (thanks guenther) ELF mandates nothing
but the file header be at a fixed location, hence ld.so(1) must not
assume any specific order for headers, segments, etc.

Looping over the program header table to parse segment headers,
_dl_boot() creates the executable object upon DYNAMIC and expects it to
be set upon GNU_RELRO, resulting in a NULL dereference iff that order is
reversed.

Store relocation bits in temporary variables and update the executable
object once all segment headers are parsed to lift this dependency.

Under __mips__ _dl_boot() later on uses the same temporary variable, so
move nothing but the declaration out of MI code so as to not alter the
MD code's logic/behaviour.

Found while porting patchelf(1) from NixOS.

OK guenther

3 years agoInstead of the old way of prefix withdraw on a bad AS4_PATH treat it with
claudio [Tue, 25 May 2021 14:18:44 +0000 (14:18 +0000)]
Instead of the old way of prefix withdraw on a bad AS4_PATH treat it with
prefix withdraw as required by RFC6793. Also update the documentation to
reference RFC6793 instead of the older 4893.
OK sthen@

3 years agoThe arrays sadb_exts_allowed_out and sadb_exts_required_out are
bluhm [Tue, 25 May 2021 09:55:22 +0000 (09:55 +0000)]
The arrays sadb_exts_allowed_out and sadb_exts_required_out are
constant.  Put global variable declarations into header file.
OK mvs@ mpi@

3 years agoDrop assembly for 24-bit fixed-point operations
ratchov [Tue, 25 May 2021 08:06:12 +0000 (08:06 +0000)]
Drop assembly for 24-bit fixed-point operations

Now i386 compiler is smart enough to generate a single imul
instruction per fixed-point multiplication. This change also allows
24-bit precision to be used on all archs (if -DADATA_BITS=24 is used).

Tested on arm64 by Doug Moss <dougmoss710 at yahoo.com>, thanks

Suggested and ok naddy@

3 years agosync
deraadt [Tue, 25 May 2021 00:35:28 +0000 (00:35 +0000)]
sync

3 years agocreate audio devices for armv7
phessler [Mon, 24 May 2021 21:06:52 +0000 (21:06 +0000)]
create audio devices for armv7
tested with an mp3 on a Tinkerboard

OK sthen@ kettenis@

3 years agoAdd apldwusb(4), a glue driver for the Synpsys DesignWare USB 3 controllers
kettenis [Mon, 24 May 2021 18:40:19 +0000 (18:40 +0000)]
Add apldwusb(4), a glue driver for the Synpsys DesignWare USB 3 controllers
found on the Apple M1 SoC.

3 years agoAdd support for a DART with two sets of registers. We need this to support
kettenis [Mon, 24 May 2021 18:38:29 +0000 (18:38 +0000)]
Add support for a DART with two sets of registers.  We need this to support
the Synopsys DesignWare USB 3 controller.

3 years agoMention support for vmd(8) emulated virtio networking. OK mlarkin@
dv [Mon, 24 May 2021 17:29:56 +0000 (17:29 +0000)]
Mention support for vmd(8) emulated virtio networking. OK mlarkin@

3 years agoFind openssl binary via environment variable. This allows overriding
dtucker [Mon, 24 May 2021 10:25:18 +0000 (10:25 +0000)]
Find openssl binary via environment variable.  This allows overriding
if necessary (eg in -portable where we're testing against a specific
version of OpenSSL).

3 years agovmd(8): skip inspecting non-udp packets on local interfaces
dv [Sun, 23 May 2021 22:43:36 +0000 (22:43 +0000)]
vmd(8): skip inspecting non-udp packets on local interfaces

reyk@ imported packet.c from (I think) dhclient(8). In dhclient,
the packets are already filtered down to just udp. This change has
vmd skip a non-udp ip packet sooner when it's trying to determine
if it is a dhcp/bootp packet that needs processing.

The counters (seen, bad checksums, etc) for ip and udp packets are
also removed as they aren't used by vmd.

This only affects "local" network interfaces for vmd.

OK mlarkin@

3 years agoSome machines (e.g. some Intel Macs) have a EFI memory map with more than
kettenis [Sun, 23 May 2021 20:30:42 +0000 (20:30 +0000)]
Some machines (e.g. some Intel Macs) have a EFI memory map with more than
64 entries.  Instead of writing beyond the array that we use to construct
a BIOS compatible memory map, check that we don't overflow the array and
print a message if we do.  Bump the size of the array from 64 to 128
entries.

Issue reported and debugged by David N. Arnold.
Further input from yasuoka@

ok deraadt@ (earlier version) and yasuaka@

3 years agossh: The client configuration keyword is "hostbasedacceptedalgorithms"
naddy [Sun, 23 May 2021 18:22:57 +0000 (18:22 +0000)]
ssh: The client configuration keyword is "hostbasedacceptedalgorithms"

This fixes a mistake that slipped in when "HostbasedKeyTypes" was
renamed to "HostbasedAcceptedAlgorithms".

Bug report by zack@philomathiclife.com

3 years agoConstify function parameters.
jan [Sun, 23 May 2021 17:01:21 +0000 (17:01 +0000)]
Constify function parameters.

OK martijn@

3 years agoadd missing entry for cafile
eric [Sun, 23 May 2021 16:12:56 +0000 (16:12 +0000)]
add missing entry for cafile

3 years agoadd more TLS options to smtp(1):
eric [Sun, 23 May 2021 15:57:32 +0000 (15:57 +0000)]
add more TLS options to smtp(1):

- cafile=<path>:  override the default root certificates
- nosni:  disable SNI completely
- noverify:  do not verify sevrer certificate (replaces -C)
- servername=<name>:  set server name for SNI

ok tb@

3 years agoadd semantic markup as suggested by schwarze@ and jmc@
eric [Sat, 22 May 2021 22:30:57 +0000 (22:30 +0000)]
add semantic markup as suggested by schwarze@ and jmc@

3 years agoIn dt(4) add an offset of 100000 to the thread ID. This also happens
bluhm [Sat, 22 May 2021 21:25:38 +0000 (21:25 +0000)]
In dt(4) add an offset of 100000 to the thread ID.  This also happens
in other places where the TID is copied from kernel to userland.
So in btrace(8) the filter and action tid variable has the same
value as ps(1) output.
OK anton@ mpi@

3 years agoTest more corner cases of IPv4 fragment reassembly.
bluhm [Sat, 22 May 2021 18:38:40 +0000 (18:38 +0000)]
Test more corner cases of IPv4 fragment reassembly.

3 years agoCast line_size to address width before using for alignment.
drahn [Sat, 22 May 2021 17:07:28 +0000 (17:07 +0000)]
Cast line_size to address width before using for alignment.
ok kettenis@

3 years agoOn powerpc64 calling a function needs 64 bytes of stack overhead
bluhm [Sat, 22 May 2021 15:49:36 +0000 (15:49 +0000)]
On powerpc64 calling a function needs 64 bytes of stack overhead
per recursion.  On amd64 it is only 32.  Allocate more stack per
thread and the stack tests pass everywhere

3 years agoRemove useless fflush(3) calls. lreply() already called fflush(3).
jan [Sat, 22 May 2021 14:30:46 +0000 (14:30 +0000)]
Remove useless fflush(3) calls.  lreply() already called fflush(3).

OK martijn@

3 years agoRemove useless islower(2) before toupper(3).
jan [Sat, 22 May 2021 14:25:30 +0000 (14:25 +0000)]
Remove useless islower(2) before toupper(3).

OK martijn@

3 years agoFix aml_rwgsb(). My interpretation of the ACPI standard turned out to be
kettenis [Sat, 22 May 2021 13:13:14 +0000 (13:13 +0000)]
Fix aml_rwgsb().  My interpretation of the ACPI standard turned out to be
wrong and the buffer size is implied by the field attribute instead of the
field length like for normal OpRegion fields.  Fixes various laptops
where reading multiple bytes from AML over an i2c bus would overflow
the buffer.  Still fixes the Dell Precision 3640.

ok tb@

3 years agoreorder entries
eric [Sat, 22 May 2021 12:16:06 +0000 (12:16 +0000)]
reorder entries

3 years agoallow to specify TLS ciphers and protocols in smtp(1)
eric [Sat, 22 May 2021 09:09:07 +0000 (09:09 +0000)]
allow to specify TLS ciphers and protocols in smtp(1)

improvements from jmc@ schwarze@ tb@

ok tb@

3 years agoUse atomic operations for reference counting VM maps.
mpi [Sat, 22 May 2021 08:38:29 +0000 (08:38 +0000)]
Use atomic operations for reference counting VM maps.

This is necessary to do this accounting without the KERNEL_LOCK().

ok mvs@, kettenis@

3 years agoRemove ipsec_utils.c, its headers, and the code block which use it
yasuoka [Sat, 22 May 2021 08:29:57 +0000 (08:29 +0000)]
Remove ipsec_utils.c, its headers, and the code block which use it
from npppd(8).  They had been disabled for long time.

3 years agoIn revision 1.95 of cgi.c, a meta viewport element was added to the HTML output.
anton [Sat, 22 May 2021 05:49:32 +0000 (05:49 +0000)]
In revision 1.95 of cgi.c, a meta viewport element was added to the HTML output.
Let `mandoc -Thtml' behave the same, makes the generated HTML a bit more
pleasant to view on a mobile device.

ok schwarze@

3 years agoIgnore return value of execve(2) in ktrace output. It is meaningless.
bluhm [Fri, 21 May 2021 23:00:02 +0000 (23:00 +0000)]
Ignore return value of execve(2) in ktrace output.  It is meaningless.
This fixes syslogd regress on powerpc64.
discussed with kettenis@

3 years agoFix the calculation of the maximum stack size in the command line
bluhm [Fri, 21 May 2021 20:42:21 +0000 (20:42 +0000)]
Fix the calculation of the maximum stack size in the command line
option -s.

3 years agoSet the stack size attribute of the pthreads large enough to allocate
bluhm [Fri, 21 May 2021 20:21:10 +0000 (20:21 +0000)]
Set the stack size attribute of the pthreads large enough to allocate
the specified amount of stack memory.  On 32 bit architectures
regress fork-exit failed as the default stack size for pthreads is
smaller.  With the limit set to the expected size we can test even
larger thread stacks.

3 years agoThe protective MBR for GPT partitioning must be at
krw [Fri, 21 May 2021 19:09:46 +0000 (19:09 +0000)]
The protective MBR for GPT partitioning must be at
sector 0. No EBR qualifies.

3 years agoAvoid spinning on the kernel lock with interrupts disabled.
kettenis [Fri, 21 May 2021 18:53:12 +0000 (18:53 +0000)]
Avoid spinning on the kernel lock with interrupts disabled.

ok patrick@

3 years agoThe implementation of the FUTEX_WAIT option in futex(2) is subtly broken.
kettenis [Fri, 21 May 2021 16:52:42 +0000 (16:52 +0000)]
The implementation of the FUTEX_WAIT option in futex(2) is subtly broken.
Unfortunately libc and libpthread rely on the broken behaviour.  Adjust
the code in those libraries such that it works with both the old and the
proposed new behaviour.  The kernel changes that fix the issue will be
committed in a week or so to give those who do their own builds a chance
to update these libraries before we make the change.

ok mpi@, deraadt@

3 years agoreduce diff relative to other arch (arm64 seems most relevant here)
deraadt [Fri, 21 May 2021 16:50:48 +0000 (16:50 +0000)]
reduce diff relative to other arch (arm64 seems most relevant here)

3 years agodelete useless comment
deraadt [Fri, 21 May 2021 16:49:57 +0000 (16:49 +0000)]
delete useless comment

3 years agodelete useless comment
deraadt [Fri, 21 May 2021 16:49:35 +0000 (16:49 +0000)]
delete useless comment

3 years agoAdd an additional pin configuration.
kettenis [Fri, 21 May 2021 15:37:54 +0000 (15:37 +0000)]
Add an additional pin configuration.

3 years agoFix some comments and use pmap_pte_insert() to update PTEs instead of
kettenis [Fri, 21 May 2021 14:41:57 +0000 (14:41 +0000)]
Fix some comments and use pmap_pte_insert() to update PTEs instead of
manipulating them directly in pmap_clear_modify().

ok deraadt@

3 years agoFix style(9) in prototypes definition.
mvs [Fri, 21 May 2021 10:59:02 +0000 (10:59 +0000)]
Fix style(9) in prototypes definition.

ok ratchov@

3 years agofix memleak in test
djm [Fri, 21 May 2021 04:03:47 +0000 (04:03 +0000)]
fix memleak in test

3 years agoalso check contents of remaining string
djm [Fri, 21 May 2021 03:59:01 +0000 (03:59 +0000)]
also check contents of remaining string

3 years agounit test for misc.c:strdelim() that mostly servces to highlight its
djm [Fri, 21 May 2021 03:48:07 +0000 (03:48 +0000)]
unit test for misc.c:strdelim() that mostly servces to highlight its
inconsistencies

3 years agoFix __ppc_lock for page faults that recursively grab the lock.
gkoehler [Fri, 21 May 2021 00:39:35 +0000 (00:39 +0000)]
Fix __ppc_lock for page faults that recursively grab the lock.

The macppc kernel, when running on G5, may get page faults while
executing itself.  Because we reorder our kernels, these faults happen
in different places in each kernel.  I got unlucky with a bsd.mp where
the function __ppc_lock() crossed a page boundary.  The fault handler
recursively called __ppc_lock() and caused my G5 to freeze or hang
very early during boot, while trying to map the framebuffer.

Change the lock to spin while (mpl->mpl_cpu != NULL).  Acquire the
lock with a single atomic write, by setting mpl_cpu and leaving
mpl_count at 0.  Page faults that recursively call __ppc_lock() and
__ppc_unlock() should now not corrupt the lock.

In case we hold the lock but get a page fault before membar_enter() or
after membar_exit(), the recursive calls now have memory barriers.

Delete some unused functions.  In the past, __ppc_lock was __mp_lock,
but today, the only __ppc_lock is PMAP_HASH_LOCK.

ok kettenis@

3 years agoPrint cache information based on device tree properties like we do on
kettenis [Thu, 20 May 2021 18:28:15 +0000 (18:28 +0000)]
Print cache information based on device tree properties like we do on
powerpc64.

ok deraadt@

3 years agovmm(4): don't advertise cpu support for TSC_ADJUST msr
dv [Thu, 20 May 2021 17:33:44 +0000 (17:33 +0000)]
vmm(4): don't advertise cpu support for TSC_ADJUST msr

We don't emulate it, so guests that attempt to read it just get #GP
injected anyways.

OK mlarkin@

3 years agoRemoves the useless FILE* parameter of get_line().
jan [Thu, 20 May 2021 15:21:03 +0000 (15:21 +0000)]
Removes the useless FILE* parameter of get_line().
While here fix minor whitespace mistake.

"looks fine to me" chris@

3 years agoSignificant overhaul of the floating point save/restore code.
drahn [Thu, 20 May 2021 15:14:30 +0000 (15:14 +0000)]
Significant overhaul of the floating point save/restore code.
At this point the mechanism should closely resemble the powerpc64
save/restore points with one difference. (reload avoidance)
The previous 'aggressive' fpu save code that was (mostly) implemented before
and is present on arm32 and arm64.

There is one piece from that other design that remains, if
pcb->pcb_fpcpu == ci && ci->ci_fpuproc == p
after sleep, this will automatically re-activate the FPU state without
needing to reload it.
To enable this, the pointer pair is not changed on FPU context save
to indicate that the CPU still holds the valid content as long as both
of those pointers are pointing to each other.
Note that if another core steals the FPU conxtex (when we get to SMP)
the pcb->pcb_fpcpu will be another cpu, and from that it will know
to reload the FPU context. Also optimistically enabling this only makes
sense on riscv64 because there is the notion of FPU on and clean. Other
implimentations would need to 'fault on' the FPU enable, but could avoid
the FPU context load if no other processor has run this FPU context and no
other process has use FPU on this core.

ok kettenis@ deraadt@ Prior to a couple of fixes.
(this file was missing from original commit)

3 years agoFix previous.
florian [Thu, 20 May 2021 15:12:10 +0000 (15:12 +0000)]
Fix previous.
Only set Content-Length when we no the body is empty and we disable
chunked encoding. Otherwise we break the nextcloud app again :/
Pointed out by Matthias Pressfreund, thanks!

3 years agoEVP_Digest*: fix documented return values.
tb [Thu, 20 May 2021 14:41:47 +0000 (14:41 +0000)]
EVP_Digest*: fix documented return values.

EVP_DigestSign{,Init,Update,Final}() and EVP_DigestVerify{Init,Update}()
always returned 1 for success and 0 for failure. EVP_DigestVerify()
and EVP_DigestVerifyFinal() can return -1 or -2, though.

Based on OpenSSL 1.1.1 56c59ddd99da05c2f30832cccaffb873a8481555

ok inoguchi

3 years agoNuke duplicate declaration of MBR_init_GPT().
krw [Thu, 20 May 2021 14:27:14 +0000 (14:27 +0000)]
Nuke duplicate declaration of MBR_init_GPT().

3 years agoWe changed powerpc64 to allow write access to write only mappings.
bluhm [Thu, 20 May 2021 12:34:35 +0000 (12:34 +0000)]
We changed powerpc64 to allow write access to write only mappings.
Although the page table cannot prevent reads on write only pages,
the first access in trap() knows what is is.  This should be passed
to uvm_fault().  Then regress/sys/kern/fork-exit passes.  Copy the
new powerpc64 logic to powerpc.
OK tobhe@ kettenis@ deraadt@

3 years agoProperly initalize the MRT config so that mrt_reconfigure() is doing the
claudio [Thu, 20 May 2021 10:06:20 +0000 (10:06 +0000)]
Properly initalize the MRT config so that mrt_reconfigure() is doing the
right thing. This also fixes the bgpd -nv output for 'dump X {in,out}'
statements for peers.
Debugged with and tested by Paul de Weerd

3 years agoFix bgpctl show mrt argument list. Seems like peers was added in the wrong
claudio [Thu, 20 May 2021 10:03:43 +0000 (10:03 +0000)]
Fix bgpctl show mrt argument list. Seems like peers was added in the wrong
spot. Noticed and diff provided by Paul de Weerd.

3 years agoRename context to pdutype. This is in line with the naming schema from the
martijn [Thu, 20 May 2021 08:53:12 +0000 (08:53 +0000)]
Rename context to pdutype. This is in line with the naming schema from the
RFCs.

While here remove a duplicate sm_type that snuck in during traphandler
merger and use human readable names in debug log entries from packages.

OK jan@

3 years agoMake use of uao_dropswap_range() in uao_free() instead of re-rolling it.
mpi [Thu, 20 May 2021 08:03:35 +0000 (08:03 +0000)]
Make use of uao_dropswap_range() in uao_free() instead of re-rolling it.

ok kettenis@

3 years agoCall tls_accept_socket() and tls_connect_socket() immediatly instead of
eric [Thu, 20 May 2021 07:33:32 +0000 (07:33 +0000)]
Call tls_accept_socket() and tls_connect_socket() immediatly instead of
going through a deferred event. It makes the code simplier and eliminates
the need to keep the listener tls context in the io structure.

ok tb@

3 years agoSignificant overhaul of the floating point save/restore code.
drahn [Thu, 20 May 2021 04:22:33 +0000 (04:22 +0000)]
Significant overhaul of the floating point save/restore code.
At this point the mechanism should closely resemble the powerpc64
save/restore points with one difference. (reload avoidance)
The previous 'aggressive' fpu save code that was (mostly) implemented before
and is present on arm32 and arm64.

There is one piece from that other design that remains, if
pcb->pcb_fpcpu == ci && ci->ci_fpuproc == p
after sleep, this will automatically re-activate the FPU state without
needing to reload it.
To enable this, the pointer pair is not changed on FPU context save
to indicate that the CPU still holds the valid content as long as both
of those pointers are pointing to each other.
Note that if another core steals the FPU conxtex (when we get to SMP)
the pcb->pcb_fpcpu will be another cpu, and from that it will know
to reload the FPU context. Also optimistically enabling this only makes
sense on riscv64 because there is the notion of FPU on and clean. Other
implimentations would need to 'fault on' the FPU enable, but could avoid
the FPU context load if no other processor has run this FPU context and no
other process has use FPU on this core.

ok kettenis@ deraadt@ Prior to a couple of fixes.

3 years agoarm64 -> powerpc64
jsg [Thu, 20 May 2021 00:58:53 +0000 (00:58 +0000)]
arm64 -> powerpc64

3 years agomention riscv64 config lines
jsg [Thu, 20 May 2021 00:55:15 +0000 (00:55 +0000)]
mention riscv64 config lines

3 years agobuild pcidump on riscv64
jsg [Thu, 20 May 2021 00:46:34 +0000 (00:46 +0000)]
build pcidump on riscv64

3 years agoadd pci to RAMDISK as well
jsg [Wed, 19 May 2021 23:29:42 +0000 (23:29 +0000)]
add pci to RAMDISK as well

3 years agoRevert hack to build clang with -static on riscv64.
drahn [Wed, 19 May 2021 23:18:40 +0000 (23:18 +0000)]
Revert hack to build clang with -static on riscv64.

This 'requirement' was due to a bug in dtors which has been corrected.
reminded by jsg@

3 years agoCorrect the library path for native build of ramdisks.
drahn [Wed, 19 May 2021 23:15:21 +0000 (23:15 +0000)]
Correct the library path for native build of ramdisks.

3 years agoNo need to pass the location of the partition table to
krw [Wed, 19 May 2021 21:49:07 +0000 (21:49 +0000)]
No need to pass the location of the partition table to
GPT_get_partition_table() since the global 'gh' knows where it is.

Fixes a couple of missing letoh64() calls by eliminating the need for
them.

3 years agoGet rid of the do-nothing cache setup code. The RISC-V architecture has
kettenis [Wed, 19 May 2021 21:23:20 +0000 (21:23 +0000)]
Get rid of the do-nothing cache setup code.  The RISC-V architecture has
no architecturally defined caches (yet) so there is nothing to set up here.
Gets rid of some more useless XXX.

3 years agodelete useless XXX
deraadt [Wed, 19 May 2021 20:37:16 +0000 (20:37 +0000)]
delete useless XXX

3 years agodelete useless XXX
deraadt [Wed, 19 May 2021 20:35:02 +0000 (20:35 +0000)]
delete useless XXX

3 years agoOnly advertise MSI support if there is an MSI controller of some sort.
kettenis [Wed, 19 May 2021 20:10:38 +0000 (20:10 +0000)]
Only advertise MSI support if there is an MSI controller of some sort.

ok patrick@

3 years agoWhen we disable "Transfer-Encoding: chunked" in the fastcgi backend
florian [Wed, 19 May 2021 19:42:53 +0000 (19:42 +0000)]
When we disable "Transfer-Encoding: chunked" in the fastcgi backend
because we are going to send an empty body we have to provide
"Content-Length: 0" otherwise some browsers (Firefox, Safari) just
hang until httpd(8) closes the connection.
Problem reported by Matthias Pressfreund, debugged with weerd@ who
pointed out that the problem is browser dependent.
OK tracey

3 years agoAdd PCI support.
kettenis [Wed, 19 May 2021 19:32:25 +0000 (19:32 +0000)]
Add PCI support.

ok deraadt@