openbsd
2 years agoonly tweak ifp if_flags while holding NET_LOCK.
dlg [Tue, 15 Feb 2022 04:19:52 +0000 (04:19 +0000)]
only tweak ifp if_flags while holding NET_LOCK.

tun_dev_open and tun_dev_close were being optmistic.

2 years agomake tun_link_state take the ifnet pointer instead of tun_softc.
dlg [Tue, 15 Feb 2022 04:16:10 +0000 (04:16 +0000)]
make tun_link_state take the ifnet pointer instead of tun_softc.

it only works on struct ifnet data, so passing ifp makes it clearer
what's actually being manipulated. also fix tun_dev_open so
tun_link_state is called before if_put instead of immediately after.

2 years agounifdef TIOCHPCL, 4.3BSD compat ioctl
jsg [Tue, 15 Feb 2022 03:53:58 +0000 (03:53 +0000)]
unifdef TIOCHPCL, 4.3BSD compat ioctl
ok deraadt@ guenther@

2 years agoremove unused and uneeded bits in a byte define
jsg [Tue, 15 Feb 2022 03:31:17 +0000 (03:31 +0000)]
remove unused and uneeded bits in a byte define
posix requires a byte to be 8 bits

2 years agoMI disable_lid_wakeups() is not needed, x86 systems can do this
deraadt [Tue, 15 Feb 2022 02:38:16 +0000 (02:38 +0000)]
MI disable_lid_wakeups() is not needed, x86 systems can do this
in sleep_resume(), which seems sensible for other future systems also

2 years agoThe DVACT_POWERDOWN step was accidentally moved in relation to some MD
deraadt [Tue, 15 Feb 2022 02:29:23 +0000 (02:29 +0000)]
The DVACT_POWERDOWN step was accidentally moved in relation to some MD
steps, so shuffle the MD steps to reinforce the order.

2 years agofix mask in hppa inst_trap_return()
jsg [Tue, 15 Feb 2022 00:27:11 +0000 (00:27 +0000)]
fix mask in hppa inst_trap_return()

inst_trap_return() was checking for rfir by masking with 0xfc001fc0
which made it impossible to match rfir (0xca0)

rfi: return from interruption
00 rv rv rv 60 0
 6  5  5  3  8 5

rfir: return from interruption and restore
00 rv rv rv 65 0
 6  5  5  3  8 5

from "PA-RISC 1.1 Architecture and Instruction Set Reference Manual"
where rv indicates reserved bits

change the mask to only mask out reserved bits and check for rfi
in addition to rfir

ok miod@

2 years agoMake sure we call acpi_resume_cpu() with the right ACPI state. This was
kettenis [Mon, 14 Feb 2022 23:42:37 +0000 (23:42 +0000)]
Make sure we call acpi_resume_cpu() with the right ACPI state.  This was
accidentally broken with the reorganization of the suspend/resume code that
was committed a few days ago.

ok deraadt@

2 years agodon't deref pointer before test it is safe
jsg [Mon, 14 Feb 2022 23:20:46 +0000 (23:20 +0000)]
don't deref pointer before test it is safe
ok miod@

2 years agofix cmalo_media_change() test
jsg [Mon, 14 Feb 2022 23:02:15 +0000 (23:02 +0000)]
fix cmalo_media_change() test
ok claudio@ deraadt@

2 years agoUse fdisk -b to create the desired 1MB MSDOS boot partition
krw [Mon, 14 Feb 2022 22:38:24 +0000 (22:38 +0000)]
Use fdisk -b to create the desired 1MB MSDOS boot partition
rather than relying on /usr/mdec/mbr.

Tested by tobhe@

2 years agoUnwire with map lock held
kn [Mon, 14 Feb 2022 21:11:02 +0000 (21:11 +0000)]
Unwire with map lock held

This is an updated version of uvm_map.c r1.283 "Unwire with map lock held".

The previous version introduced a use-after-free by not unlocking vm_map
locks in uvm_map_teardown(), resulting in dangling references on the
reaper's lock list (thanks visa!).

Lock and unlock the map in around uvm_map_teardown() instead.
This code path holds the last reference, hence the lock isn't strictly
needed except for satisfying upcoming locking assertions.

Tested on amd64, arm64, i386, macppc, octeon, sparc64.
This time also with WITNESS enabled (except on sparc64 which builds but does
not boot with WITNESS;  this is a known issue).

OK mpi visa

2 years agoacpi_indicator() can take the softc*, instead of void*
deraadt [Mon, 14 Feb 2022 19:25:03 +0000 (19:25 +0000)]
acpi_indicator() can take the softc*, instead of void*

2 years agoRevert change to ps for displaying chrooted process.
rob [Mon, 14 Feb 2022 18:09:08 +0000 (18:09 +0000)]
Revert change to ps for displaying chrooted process.
Ok deraadt

2 years agoWhitespace nit.
krw [Mon, 14 Feb 2022 16:10:45 +0000 (16:10 +0000)]
Whitespace nit.

2 years agoUse iic_is_compatible(9) and use the more generic compatible string to
kettenis [Mon, 14 Feb 2022 14:57:00 +0000 (14:57 +0000)]
Use iic_is_compatible(9) and use the more generic compatible string to
match the device.

ok visa@

2 years agoPass the entire compatible property for devices attaching to the iic(4) bus.
kettenis [Mon, 14 Feb 2022 14:55:53 +0000 (14:55 +0000)]
Pass the entire compatible property for devices attaching to the iic(4) bus.

ok visa@

2 years agoDraw a bit more attention to transport switches between RRDP, RSYNC, and cache
job [Mon, 14 Feb 2022 14:47:49 +0000 (14:47 +0000)]
Draw a bit more attention to transport switches between RRDP, RSYNC, and cache

OK claudio@ tb@

2 years agoName the maximum number of deltas permitted in a RRDP Notification file
job [Mon, 14 Feb 2022 14:46:16 +0000 (14:46 +0000)]
Name the maximum number of deltas permitted in a RRDP Notification file

OK claudio@ tb@

2 years agoDelete incomplete implementation of bus_space_{alloc,free} in bus.h.
aoyama [Mon, 14 Feb 2022 13:03:52 +0000 (13:03 +0000)]
Delete incomplete implementation of bus_space_{alloc,free} in bus.h.

This prevents errors on luna88k in src/usr.sbin/fw_update/pattern.c
which includes dev/pci/pcivar.h, which includes machine/bus.h.

Suggested by miod@

2 years agoOF_getproplen() returns -1 on error, so don't store result in size_t
jsg [Mon, 14 Feb 2022 12:54:43 +0000 (12:54 +0000)]
OF_getproplen() returns -1 on error, so don't store result in size_t
spotted by and ok tb@, ok tobhe@

2 years agoIntroduce a signal context that is used to pass signal related information
claudio [Mon, 14 Feb 2022 11:26:05 +0000 (11:26 +0000)]
Introduce a signal context that is used to pass signal related information
from cursig() to postsig() or the caller itself. This will simplify locking.
Also alter sigactsfree() a bit and move it into process_zap() so ps_sigacts
is always a valid pointer.
OK semarie@

2 years agomake db locking self-contained
espie [Mon, 14 Feb 2022 10:34:36 +0000 (10:34 +0000)]
make db locking self-contained

2 years agoDo not return error with -q, GitHub issue 3065.
nicm [Mon, 14 Feb 2022 09:10:48 +0000 (09:10 +0000)]
Do not return error with -q, GitHub issue 3065.

2 years agoAdd the EM_RISCV value to match <sys/exec_elf.h>
kevlo [Mon, 14 Feb 2022 08:14:19 +0000 (08:14 +0000)]
Add the EM_RISCV value to match <sys/exec_elf.h>

ok miod@

2 years agopty test is not expected to fail any longer.
visa [Mon, 14 Feb 2022 06:39:19 +0000 (06:39 +0000)]
pty test is not expected to fail any longer.

2 years agoreprint device name in attach error paths if needed
jsg [Mon, 14 Feb 2022 05:30:53 +0000 (05:30 +0000)]
reprint device name in attach error paths if needed

2 years agocheck return value of drm_attach_pci()
jsg [Mon, 14 Feb 2022 05:20:03 +0000 (05:20 +0000)]
check return value of drm_attach_pci()
adapted from a diff by Ted Bullock

2 years agoremove unused code
jsg [Mon, 14 Feb 2022 04:55:55 +0000 (04:55 +0000)]
remove unused code

2 years agono need for ifndef __sparc64__
jsg [Mon, 14 Feb 2022 04:41:13 +0000 (04:41 +0000)]
no need for ifndef __sparc64__
from Ted Bullock who tested on sparc64 with xvr-100

2 years agoupdate sbchecklowmem() to better detect actual mbuf memory usage.
dlg [Mon, 14 Feb 2022 04:33:18 +0000 (04:33 +0000)]
update sbchecklowmem() to better detect actual mbuf memory usage.

previously sbchecklowmem() (and sonewconn()) would look at the mbuf
and mbuf cluster pools to see if they were approaching their hard
limits. based on how many mbufs/clusters were allocated against the
limits, socket operations would start to fail with ENOBUFS until
utilisation went down.

mbufs and clusters have changed a lot since then though. there are
now many mbuf cluster pools, not just one for 2k clusters. because
of this the mbuf layer now limits the amount of memory all the mbuf
pools can allocate backend pages from rather than limit the individual
pools. this means sbchecklowmem() ends up looking at the default
pool hard limit, which is UINT_MAX, which in turn means means
sbchecklowmem() probably never applies backpressure. this is made
worse on multiprocessor systems where per cpu caches of mbuf and
cluster pool items are enabled because the number of in use pool
items is distorted by the cpu caches.

this switches sbchecklowmem to looking at the page allocations made
by all the pools instead. the big benefit of this is that the page
allocations are much more representative of the overall mbuf memory
usage in the system. the downside is is that the backend page
allocation accounting does not see idle memory held by pools. pools
cannot release partially free pages to the page backend (obviously),
and pools cache idle items to avoid thrashing on the backend page
allocator. this means the page allocation level is higher than the
memory used by actual in-flight mbufs.

however, this can also be a benefit. the backend page allocation is a
kind of smoothed out "trend" line. mbuf utilisation over short periods
can be extremely bursty because of things like rx ring dequeue and fill
cycles, or large socket sends. if you're trying to grow socket
buffers while these things are happening, luck becomes an important
factor in whether it will work or not. because pools cache idle items,
the backend page utilisation better represents the overall trend
of activity in the system and will give more consistent behaviour here.

this diff is deliberately simple. we're basically going from "no
limits" to "some sort of limit" for sockets again, so keeping the
code simple means it should be easy to understand and tweak in the
future.

ok djm@ visa@ claudio@

2 years agochange a NULL pa_memex test after use to an earlier KASSERT
jsg [Mon, 14 Feb 2022 03:51:42 +0000 (03:51 +0000)]
change a NULL pa_memex test after use to an earlier KASSERT
from Ted Bullock

2 years agoMark all the rpc 'ops' vectors, for auth, client, service, and xdr,
guenther [Mon, 14 Feb 2022 03:38:59 +0000 (03:38 +0000)]
Mark all the rpc 'ops' vectors, for auth, client, service, and xdr,
as const, moving them from .data to .data.rel.ro.  The other BSDs
did this a long time ago; NetBSD did a chunk in 1998, which is long
enough I didn't bother to get exact dates for others.

ok deraadt@ millert@

2 years agotest the correct pointer for acpi_intr_establish() result
jsg [Mon, 14 Feb 2022 02:57:21 +0000 (02:57 +0000)]
test the correct pointer for acpi_intr_establish() result
ok deraadt@ gnezdo@

2 years agoOF_getproplen() returns -1 on error, so don't store result in size_t
jsg [Mon, 14 Feb 2022 00:53:40 +0000 (00:53 +0000)]
OF_getproplen() returns -1 on error, so don't store result in size_t
ok kettenis@

2 years agoThe length value in bpf_movein() is casted to from size_t to u_int
bluhm [Sun, 13 Feb 2022 23:11:10 +0000 (23:11 +0000)]
The length value in bpf_movein() is casted to from size_t to u_int
and then rounded before checking.  Put the same check before the
calculations to avoid overflow.
Reported-by: syzbot+6f29d23eca959c5a9705@syzkaller.appspotmail.com
OK claudio@

2 years ago- for -a, get the brackets right
jmc [Sun, 13 Feb 2022 21:27:51 +0000 (21:27 +0000)]
- for -a, get the brackets right
- for -l and -m remove the brackets
- note that -m whilst charging now displays estimated recharge time
- A/C -> AC

from jan stary;
tweaked a little by myself

2 years agoHandle the case in freechunks where not a single allocation has happened.
otto [Sun, 13 Feb 2022 20:02:30 +0000 (20:02 +0000)]
Handle the case in freechunks where not a single allocation has happened.
ok deraadt@

2 years agosync
sthen [Sun, 13 Feb 2022 19:37:41 +0000 (19:37 +0000)]
sync

2 years agoremove stray tab whitespace. no code change.
mlarkin [Sun, 13 Feb 2022 19:15:09 +0000 (19:15 +0000)]
remove stray tab whitespace. no code change.

2 years agoFix return value check of OF_getproplen(). If "reset-gpios" is not found
tobhe [Sun, 13 Feb 2022 16:44:50 +0000 (16:44 +0000)]
Fix return value check of OF_getproplen(). If "reset-gpios" is not found
in the device tree -1 is returned, causing a panic in the following malloc
call.

ok kn@ patrick@ kettenis@

2 years agoMove some MI pieces out of suspend_mp/resume_mp
deraadt [Sun, 13 Feb 2022 15:56:55 +0000 (15:56 +0000)]
Move some MI pieces out of suspend_mp/resume_mp
ok kettenis

2 years agoThe Apple M1 SoC has two mechanism for doing IPIs. The first method uses
kettenis [Sun, 13 Feb 2022 15:54:07 +0000 (15:54 +0000)]
The Apple M1 SoC has two mechanism for doing IPIs.  The first method uses
the interrupt controller, the second method used implementation-specific
CPU registers.  The M1 Pro/Max SoCs use a modified interrupt controller
that no longer provides the first method.  So switch to the second method
in preparation for adding M1 Pro/Max support to OpenBSD.  As a bonus this
mechanism seems to be faster (which may be why Apple calls these "fast"
IPIs).

ok patrick@

2 years agoUse knote_modify() and knote_process() in obvious places.
visa [Sun, 13 Feb 2022 13:05:51 +0000 (13:05 +0000)]
Use knote_modify() and knote_process() in obvious places.

2 years agoAdd helper functions for f_modify and f_process to condense code
visa [Sun, 13 Feb 2022 13:03:02 +0000 (13:03 +0000)]
Add helper functions for f_modify and f_process to condense code

These new functions, knote_modify() and knote_process(), implement
the logic that is common to most f_modify and f_process instances.

The code is inlined so as to not add yet another call frame on the
already towering stack of kqueue functions. Also, the _fn versions
allow direct calling of an event function when there is only one
filter type to handle.

2 years agoRename knote_modify() to knote_assign()
visa [Sun, 13 Feb 2022 12:58:46 +0000 (12:58 +0000)]
Rename knote_modify() to knote_assign()

This avoids verb overlap with f_modify.

2 years agoSKEEYSEED -> SKEYSEED
mbuhl [Sun, 13 Feb 2022 12:26:54 +0000 (12:26 +0000)]
SKEEYSEED -> SKEYSEED

2 years agoSome PCIe devices on the M1 and M1 Pro/Max need to be explicitly powered on
kettenis [Sun, 13 Feb 2022 12:02:21 +0000 (12:02 +0000)]
Some PCIe devices on the M1 and M1 Pro/Max need to be explicitly powered on
(most notably the WiFi chip).  This is done through a GPIO controlled by
the SMC.  Add support for this and make sure we wait for the 100ms required
by the PCIe standard when we use that GPIO to turn on power.  This makes sure
these devices are available even if U-Boot doesn't turn them on for us.

ok patrick@

2 years agoAdd basic GPIO support.
kettenis [Sun, 13 Feb 2022 11:58:53 +0000 (11:58 +0000)]
Add basic GPIO support.

ok patrick@

2 years agoAdd /usr/local/share/examples/login.conf.d to the default hierarchy.
ajacoutot [Sun, 13 Feb 2022 00:02:16 +0000 (00:02 +0000)]
Add /usr/local/share/examples/login.conf.d to the default hierarchy.

ok sthen@ espie@ deraadt@

2 years agouse new libtls signer api
eric [Sat, 12 Feb 2022 18:22:04 +0000 (18:22 +0000)]
use new libtls signer api

ok tb@

2 years agowsdisplay checks are no longer needed here
deraadt [Sat, 12 Feb 2022 16:26:57 +0000 (16:26 +0000)]
wsdisplay checks are no longer needed here

2 years agowsdisplay checks are no longer needed here
deraadt [Sat, 12 Feb 2022 16:25:42 +0000 (16:25 +0000)]
wsdisplay checks are no longer needed here

2 years agoadd MP stubs
deraadt [Sat, 12 Feb 2022 16:22:40 +0000 (16:22 +0000)]
add MP stubs

2 years agofor non-SUSPEND kernel, put the ioctl pieces entirely inside #ifdef
deraadt [Sat, 12 Feb 2022 16:22:03 +0000 (16:22 +0000)]
for non-SUSPEND kernel, put the ioctl pieces entirely inside #ifdef

2 years agoReduce code duplication in pipe event filters
visa [Sat, 12 Feb 2022 14:07:26 +0000 (14:07 +0000)]
Reduce code duplication in pipe event filters

Use the f_event callback for checking event state within the pipe
event filters. This enables the same f_modify and f_process functions
to handle the different filter types.

OK anton@

2 years agoAdd test coverage for OBJ_txt2obj()/OBJ_obj2txt() with no_name == 0.
jsing [Sat, 12 Feb 2022 12:42:19 +0000 (12:42 +0000)]
Add test coverage for OBJ_txt2obj()/OBJ_obj2txt() with no_name == 0.

2 years agoswitch to using the common code in BaseState
espie [Sat, 12 Feb 2022 09:46:19 +0000 (09:46 +0000)]
switch to using the common code in BaseState

(BaseState is a "light weight" base class for State, that does the
common stuff like printing out stuff pkg-style, or exec'ing commands
and reporting exit/signal status, but without needing to create an
object--necessarily--or without the extra option handling code.

2 years agoAvoid potential single byte overread in asn1_parse2().
jsing [Sat, 12 Feb 2022 03:07:24 +0000 (03:07 +0000)]
Avoid potential single byte overread in asn1_parse2().

A fix for this was previously commited in r1.32, however while this added
a bounds check the logic means we still fall through and perform the
overread. Fix the logic such that we only log the error if the bounds check
fails. While here, flip the test around such that we check for validity then
print (which is more readable and matches earlier code).

ok inoguchi@ tb@

2 years agoRevise for OBJ_obj2txt() OID arc limits.
jsing [Sat, 12 Feb 2022 03:02:47 +0000 (03:02 +0000)]
Revise for OBJ_obj2txt() OID arc limits.

2 years agoLimit OID text conversion to 64 bits per arc.
jsing [Sat, 12 Feb 2022 03:01:59 +0000 (03:01 +0000)]
Limit OID text conversion to 64 bits per arc.

The current implementation uses an unsigned long, then switches to BN once
the arc exceeds its size. However, the complexity of BN_bn2dec() is
quadratic in the length of number being converted. This means that OIDs
with excessively large arcs take a lot of computation to convert to text.

While the X.660 specification states that arcs are unbounded, in reality
they are not overly large numbers - 640K^W64 bits ought to be enough for
any arc. Remove BN entirely, switch from unsigned long to uin64_t and fail
if an arc exceeds this size.

Identified via oss-fuzz timeouts - should fix #41028 and #44372.

ok tb@

2 years agoFix length check of IP addresses for name constraints
tb [Fri, 11 Feb 2022 17:41:55 +0000 (17:41 +0000)]
Fix length check of IP addresses for name constraints

An IP address in a name constraint is actually an IP address concatenated
with a netmask, so it is twice as long as usual.

This fixes a third bug introduced in r1.3 and reported by Volker Schlecht

ok jsing

2 years agoAdd missing error check for a2i_GENERAL_NAME()
tb [Fri, 11 Feb 2022 17:39:36 +0000 (17:39 +0000)]
Add missing error check for a2i_GENERAL_NAME()

Fixes a segfault reported by Volker Schlecht.

ok jsing

2 years agoFix a double free in v2i_NAME_CONSTRAINTS()
tb [Fri, 11 Feb 2022 17:37:54 +0000 (17:37 +0000)]
Fix a double free in v2i_NAME_CONSTRAINTS()

a2i_GENERAL_NAME() modifies and returns the out argument that was
passed in unless out == NULL, in which case it returns something
freshly allocated. Thus, in v2i_GENERAL_NAME_ex() we must only free
ret if out == NULL so v2i_NAME_CONSTRAINTS() can free correctly.

Issue reported by Volker Schlecht

ok jsing

2 years agoadjust bsd.port.mk(5) manual for change to login.conf.d file handling
sthen [Fri, 11 Feb 2022 17:19:59 +0000 (17:19 +0000)]
adjust bsd.port.mk(5) manual for change to login.conf.d file handling

2 years agospace needed between arg and punctuation;
jmc [Fri, 11 Feb 2022 17:09:39 +0000 (17:09 +0000)]
space needed between arg and punctuation;

2 years agoTest OBJ_obj2nid() with an undefined (NID_undef) object.
jsing [Fri, 11 Feb 2022 16:39:50 +0000 (16:39 +0000)]
Test OBJ_obj2nid() with an undefined (NID_undef) object.

2 years agoMake OBJ_obj2nid() work correctly with NID_undef.
jsing [Fri, 11 Feb 2022 16:39:16 +0000 (16:39 +0000)]
Make OBJ_obj2nid() work correctly with NID_undef.

Currently OBJ_obj2nid() with NID_undef returns NID_ccitt - this is due to
doing a lookup on an empty value and having NID_undef conflict with an
uninitialised NID value.

Somewhat based on OpenSSL 0fb99904809.

ok tb@

2 years agoAdd initial regress for objects.
jsing [Fri, 11 Feb 2022 16:34:23 +0000 (16:34 +0000)]
Add initial regress for objects.

2 years agotr(1): rename lookup tables
cheloha [Fri, 11 Feb 2022 16:09:21 +0000 (16:09 +0000)]
tr(1): rename lookup tables

The lookup tables in tr(1) are called "string1" and "string2".  This is
misleading:

- They aren't C strings, they are lookup tables.

- The names "string1" and "string2" don't hint at what their contents
  actually mean.  The meaning of a given table changes with tr(1)'s
  operating mode.  There are five different modes.

It would be considerably easier to see what is happening at a glance
if the tables were named for their corresponding byte transformation.

So instead of two tables named "string1" and "string2" we'll have
three tables named "delete", "squeeze", and "translate".  In addition,
the "string" passed to the setup() function will be called a "table".

With this patch the code in main() is way easier to understand.
Hopefully this makes subsequent patches easier to review.

Thread: https://marc.info/?l=openbsd-tech&m=164355980600901&w=2

No complaints on tech@ after over a week.

2 years agobe more consistent in packing-list usage
espie [Fri, 11 Feb 2022 15:49:25 +0000 (15:49 +0000)]
be more consistent in packing-list usage

remove a bunch of stuff that's redundant with update-plist(1) in the
update-plist target description, but instead also points at SUBST_VARS
for the default handling of substituted variables by update-plist.

2 years agouse packing-list consistently
espie [Fri, 11 Feb 2022 15:36:40 +0000 (15:36 +0000)]
use packing-list consistently

2 years agoFix typo in comment for f_favail.
millert [Fri, 11 Feb 2022 15:11:35 +0000 (15:11 +0000)]
Fix typo in comment for f_favail.
From Alf Schlichting

2 years agoIt's fw_update's job to say what went wrong.
florian [Fri, 11 Feb 2022 12:58:18 +0000 (12:58 +0000)]
It's fw_update's job to say what went wrong.
input jca
OK kmos sthen deraadt kn

2 years agodescribe LOGIN_CONF, help from espie
sthen [Fri, 11 Feb 2022 12:42:24 +0000 (12:42 +0000)]
describe LOGIN_CONF, help from espie

2 years agoBackout previous "Unwire with map lock held" (commitid: eQBvWUwShD91dN9Z)
kn [Fri, 11 Feb 2022 12:06:48 +0000 (12:06 +0000)]
Backout previous "Unwire with map lock held" (commitid: eQBvWUwShD91dN9Z)

WITNESS builds broke^W^Wkernels panic on boot as reported by anton and bluhm.
Booting bsd.mp in single-user mode inside VMM shows:

root on sd0a (5f9e458ed30b39ab.a) swap on sd0b dump on sd0b
Enter pathname of shell or RETURN for sh:
witness: lock order reversal:
 1st 0xfffffd801f8ce468 vmmaplk (&map->lock)
 2nd 0xfffffd801b8162c0 inode (&ip->i_lock)
lock order "&ip->i_lock"(rrwlock) -> "&map->lock"(rwlock) first seen at:
#0  rw_enter_read+0x38
#1  uvmfault_lookup+0x8a
#2  uvm_fault_check+0x32
#3  uvm_fault+0xfb
#4  kpageflttrap+0x12c
#5  kerntrap+0x91
#6  alltraps_kern_meltdown+0x7b
#7  copyout+0x53
#8  ffs_read+0x1f6
#9  VOP_READ+0x41
#10 vn_rdwr+0xa1
#11 vmcmd_map_readvn+0xa0
#12 exec_process_vmcmds+0x88
#13 sys_execve+0x732
#14 start_init+0x26f
#15 proc_trampoline+0x1c
lock order data w1 -> w2 missing
# exit
kernel: protection fault trap, code=0
Stopped at      witness_checkorder+0x312:       movl    0x10(%r14),%ecx

gkoehler reported faults on poisened addresses on macppc dual G5.

2 years agoBackout previous "Assert vm map locks" (commitid: sRNBfzX2dJrxFDmb)
kn [Fri, 11 Feb 2022 09:25:04 +0000 (09:25 +0000)]
Backout previous "Assert vm map locks" (commitid: sRNBfzX2dJrxFDmb)

WITNESS builds broke as reported by anton and bluhm:

root on sd0a (5ec49b3ad23eb2d4.a) swap on sd0b dump on sd0b
kernel: protection fault trap, code=0
Stopped at      witness_checkorder+0x4ec:       movl    0x10(%r12),%ecx

https://syzkaller.appspot.com/bug?id=be02b290a93c648986c35370a271aad4135a5044
https://syzkaller.appspot.com/text?tag=CrashLog&x=136e9aa4700000

2 years agoReplace manual !klist_empty()+knote() with KNOTE().
visa [Fri, 11 Feb 2022 07:28:29 +0000 (07:28 +0000)]
Replace manual !klist_empty()+knote() with KNOTE().

OK mpi@

2 years agoCheck klist emptiness instead of NULL pointer in KNOTE()
visa [Fri, 11 Feb 2022 07:27:07 +0000 (07:27 +0000)]
Check klist emptiness instead of NULL pointer in KNOTE()

All callers of KNOTE() supply a non-NULL klist argument. Replace the
NULL pointer check with klist emptiness check as a small optimization.

OK mpi@

2 years agoInline klist_empty() for more economic machine code.
visa [Fri, 11 Feb 2022 07:25:50 +0000 (07:25 +0000)]
Inline klist_empty() for more economic machine code.

OK mpi@

2 years agothe sleep_clocks() hook is not needed because the architectures which
deraadt [Fri, 11 Feb 2022 01:55:12 +0000 (01:55 +0000)]
the sleep_clocks() hook is not needed because the architectures which
need to do this can do it a few moments later in a different hook

2 years agoLock the pkg db while running
afresh1 [Fri, 11 Feb 2022 00:46:58 +0000 (00:46 +0000)]
Lock the pkg db while running

At least when not running in the installer.

Suggestions from espie@
Works for me sthen@
fine deraadt@

2 years agoAlways initialize delim before passing to hpdelim2 which might not set it.
dtucker [Fri, 11 Feb 2022 00:43:56 +0000 (00:43 +0000)]
Always initialize delim before passing to hpdelim2 which might not set it.
Found by the Valgrind tests on github, ok deraadt@

2 years agosleep_cpu/resume_cpu are part of an earlier MI split attempt
deraadt [Fri, 11 Feb 2022 00:43:27 +0000 (00:43 +0000)]
sleep_cpu/resume_cpu are part of an earlier MI split attempt
noticed by kettenis

2 years agoCasting a char pointer to struct ctf_header causes bus error on
bluhm [Thu, 10 Feb 2022 23:40:09 +0000 (23:40 +0000)]
Casting a char pointer to struct ctf_header causes bus error on
sparc64.  Use memcpy() to align the data.
found by regress/usr.bin/ctfdump; OK mpi@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Thu, 10 Feb 2022 20:07:47 +0000 (20:07 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by bluhm@

ok bluhm@

2 years agoFix regress after crl_print() addition so anton doesn't have to complain
tb [Thu, 10 Feb 2022 19:16:44 +0000 (19:16 +0000)]
Fix regress after crl_print() addition so anton doesn't have to complain
tomorrow morning

2 years agoImprove free inodes check from fs.f_favail > 0 to fs.f_free > 0.
tb [Thu, 10 Feb 2022 18:58:46 +0000 (18:58 +0000)]
Improve free inodes check from fs.f_favail > 0 to fs.f_free > 0.

suggested by millert

2 years agosync
deraadt [Thu, 10 Feb 2022 17:58:31 +0000 (17:58 +0000)]
sync

2 years agoFix serial number printing in crl_print() for large serials.
claudio [Thu, 10 Feb 2022 17:33:28 +0000 (17:33 +0000)]
Fix serial number printing in crl_print() for large serials.
Create a common x509_convert_seqnum() function to convert the various
ASN1_INTEGERs into hexnumbers and use this for mft and crl handling.
With and OK tb@, also OK job@

2 years agolook for the login class in both login.conf and login.conf.d/${class}
robert [Thu, 10 Feb 2022 16:57:33 +0000 (16:57 +0000)]
look for the login class in both login.conf and login.conf.d/${class}

ok aja@

2 years agoDuplicate "park disk" code, so that the SUSPEND case can be MI, it is only
deraadt [Thu, 10 Feb 2022 16:41:51 +0000 (16:41 +0000)]
Duplicate "park disk" code, so that the SUSPEND case can be MI, it is only
HIBERNATE that needs to be in MD code.
ok gkoehler

2 years agoEnable receive checksum offloading on ixl(4) network interfaces.
bluhm [Thu, 10 Feb 2022 16:22:00 +0000 (16:22 +0000)]
Enable receive checksum offloading on ixl(4) network interfaces.
from jan@; test and OK dlg@

2 years agoImplement some code to print crls with -f.
claudio [Thu, 10 Feb 2022 15:33:47 +0000 (15:33 +0000)]
Implement some code to print crls with -f.
For this introduce x509_get_time() that converts a ASN1_TIME to time_t.
Also move time2str() to print.c where it makes more sense.
This needs more work but that will happen in tree.
OK tb@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Thu, 10 Feb 2022 15:12:57 +0000 (15:12 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by bluhm@

ok bluhm@

2 years agoDo not verify the cert or CA for a relay using opportunistic TLS.
millert [Thu, 10 Feb 2022 14:59:35 +0000 (14:59 +0000)]
Do not verify the cert or CA for a relay using opportunistic TLS.
If a relay is not explicitly configured to use TLS but the remote
side supports STARTTLS, we will try to use it.  However, in this
case we should not verify the cert or CA (which may be self-signed).
This restores the relay behavior before the switch to libtls was made.
There is no change if the relay is explicitly configured to use TLS.
OK eric@

2 years agolook(1): use a stricter pledge(2) in lieu of unveil(2)
cheloha [Thu, 10 Feb 2022 14:55:43 +0000 (14:55 +0000)]
look(1): use a stricter pledge(2) in lieu of unveil(2)

We're only reading one file here, so unveil(2) is overkill.  We can
achieve the same effect with just pledge(2):

- Start with an initial pledge(2) of "stdio rpath" at the top of main().
  We know we need to read a file at this point but don't yet know which
  one.

- Drop the pledge(2) down to "stdio" after we open(2) and fstat(2) the
  chosen file.

- Dropping "rpath" obviates unveil(2).

Thread: https://marc.info/?l=openbsd-tech&m=164437072017248&w=2

ok millert@

2 years agoUpdate Devel::PPPort in base from version 3.57 to 3.64. Our clang
bluhm [Thu, 10 Feb 2022 14:37:42 +0000 (14:37 +0000)]
Update Devel::PPPort in base from version 3.57 to 3.64.  Our clang
13.0.0 produces thousands of -Wcompound-token-split-by-macro warnings
wir older ppport.h header files.  They are especially frequent in
the ports tree.  After this update we can use perl -MDevel::PPPort
-e'Devel::PPPort::WriteFile' to regenerate the ppport.h files.  Then
we have a version that is recent enough to build all ports and does
not spit out tons of warnings.
discussed with espie@ sthen@; OK afresh1@

2 years agounveil _PATH_LOGIN_CONF_D
robert [Thu, 10 Feb 2022 13:06:46 +0000 (13:06 +0000)]
unveil _PATH_LOGIN_CONF_D

2 years agointroduce support for storing capability databases in /etc/login.conf.d;
robert [Thu, 10 Feb 2022 13:06:07 +0000 (13:06 +0000)]
introduce support for storing capability databases in /etc/login.conf.d;

anytime a class is looked up, the /etc/login.conf.d/${class} file will be
checked first for a matching class definition; this will allow us to easily
add custom login classes from packages

ok millert@