openbsd
3 weeks agoSwitch field_bits to be an int
tb [Thu, 3 Oct 2024 04:17:05 +0000 (04:17 +0000)]
Switch field_bits to be an int

ok jsing

3 weeks agoFix BN_to_ASN1_INTEGER() misuse
tb [Thu, 3 Oct 2024 04:15:52 +0000 (04:15 +0000)]
Fix BN_to_ASN1_INTEGER() misuse

You can either let this API reuse an existing ASN1_INTEGER or you can let
it allocate a new one. If you try to do both at the same time, you'll leak.

ok jsing

3 weeks agoProvide OPENSSL_INIT_NO_ATEXIT noop
tb [Thu, 3 Oct 2024 03:47:40 +0000 (03:47 +0000)]
Provide OPENSSL_INIT_NO_ATEXIT noop

The brilliant idea of installing a fragile non-idempotent cleanup atexit
handler as a library has bitten many people over time. This gets particularly
exciting when you can't control who dlopens the lib first (don't we all love
Python bindings) or if you are in a threaded context. Fake OpenSSL clones
chose not to do this but now get to carry a noop flag since people start
opting out of this madness (there's a good old tradition at work here).

ok beck joshua jsing millert miod

3 weeks agoX509V3_EXT_get_nid.3: indicate what nid means
tb [Thu, 3 Oct 2024 03:31:47 +0000 (03:31 +0000)]
X509V3_EXT_get_nid.3: indicate what nid means

3 weeks agoImprove the heuristic for detecting i2c devices. On the x1e some of the
kettenis [Wed, 2 Oct 2024 21:21:32 +0000 (21:21 +0000)]
Improve the heuristic for detecting i2c devices.  On the x1e some of the
USB controllers have an I2cSerialBusV2() (possibly defining a connection
to some sort of eUSB2 to USB2 redriver chip) but are not i2c devices
themselves.  So check if a device has MMIO resources and assume it isn't
a proper i2c device if it has those.  Makes the Type-A ports on my
vivobook work in acpi mode.

ok patrick@, mlarkin@

3 weeks agoamd64: implement a pmap_shootept() for non-MP kernels.
dv [Wed, 2 Oct 2024 18:18:27 +0000 (18:18 +0000)]
amd64: implement a pmap_shootept() for non-MP kernels.

Simplifies some of the recent INVEPT changes and mirrors the design
of other pmap tlb shootdown functions that provide simplified non-MP
implementations.

ok mlarkin@

3 weeks agoUpdate to 2024bgtz from https://github.com/JodaOrg/global-tz
millert [Wed, 2 Oct 2024 17:08:47 +0000 (17:08 +0000)]
Update to 2024bgtz from https://github.com/JodaOrg/global-tz
 o Improve historical data for Mexico, Mongolia, and Portugal.
 o System V names are now obsolescent.
 o The main data form now uses %z.

3 weeks agoMove some PCI MMIO defines from vmm(4) kernel headers to userland.
dv [Wed, 2 Oct 2024 17:05:56 +0000 (17:05 +0000)]
Move some PCI MMIO defines from vmm(4) kernel headers to userland.

vmm(4) doesn't need this information anymore. vmd(8) is the only
consumer of this information.

ok mlarkin@

3 weeks agoReorder functions.
jsing [Wed, 2 Oct 2024 15:21:39 +0000 (15:21 +0000)]
Reorder functions.

Reorder functions so that things are somewhat more logical, moving internal
functions towards the top (and removing now unnecessary prototypes).

3 weeks agoRemove err_fns and associated machinery.
jsing [Wed, 2 Oct 2024 14:54:26 +0000 (14:54 +0000)]
Remove err_fns and associated machinery.

Like all good OpenSSL code, errors was built to be completely extensible.
Thankfully, the ERR_{get,set}_implementation() functions were removed in
r1.127 of err.c, which means that the extensibility can no longer be used.

Take the first of many steps to clean up this code - remove err_fns and
associated machinery, calling functions directly. Rename so that we have
an 'err_' prefix rather than 'int_' (or nothing).

ok joshua@ tb@

3 weeks agoHook up the err regress.
jsing [Wed, 2 Oct 2024 14:50:58 +0000 (14:50 +0000)]
Hook up the err regress.

3 weeks agoAdd initial regress for the error stack and ERR_* APIs.
jsing [Wed, 2 Oct 2024 14:41:46 +0000 (14:41 +0000)]
Add initial regress for the error stack and ERR_* APIs.

3 weeks agoEnable additional CRYPTO_get_ex_new_index() tests.
jsing [Wed, 2 Oct 2024 14:12:21 +0000 (14:12 +0000)]
Enable additional CRYPTO_get_ex_new_index() tests.

It was previously possible to call CRYPTO_get_ex_new_index() with either
a negative index or a positive index that equaled or exceeded
CRYPTO_EX_INDEX__COUNT. The reimplementation of exdata treats these as
error cases.

3 weeks agoOn i386 long double is 80bit expanded to 96bits or 12 bytes. This is the
claudio [Wed, 2 Oct 2024 12:31:33 +0000 (12:31 +0000)]
On i386 long double is 80bit expanded to 96bits or 12 bytes. This is the
size that the ctftools ctfconvert uses and I think we should do as well.
Fixes regress/usr.bin/ctfdump on i386.
OK miod@

3 weeks agoAdd MSYSTEM to default update-environment.
nicm [Wed, 2 Oct 2024 11:51:15 +0000 (11:51 +0000)]
Add MSYSTEM to default update-environment.

3 weeks agoAdd a define for the socket permissions check so it can be overridden
nicm [Wed, 2 Oct 2024 11:48:16 +0000 (11:48 +0000)]
Add a define for the socket permissions check so it can be overridden
more easily (for Cgywin).

4 weeks agoModify uvmpd_scan_inactive() to access `uvmexp.pdfreed' only once.
mpi [Wed, 2 Oct 2024 10:36:33 +0000 (10:36 +0000)]
Modify uvmpd_scan_inactive() to access `uvmexp.pdfreed' only once.

ok kettenis@

4 weeks agoImprove responsiveness in OOM situations & make free target checks coherent.
mpi [Wed, 2 Oct 2024 10:24:11 +0000 (10:24 +0000)]
Improve responsiveness in OOM situations & make free target checks coherent.

Remove a change introduced in NetBSD to pageout 4 times as many pages as
required to meet the low water mark of free pages.   With todays' Gbs of
RAMs, it makes the pagedaemon hog the CPU for too long when the amount of
free pages is close to none.

ok sthen@, kettenis@

4 weeks agoReturn number of freed pages in uvm_pmr_cache_drain().
mpi [Wed, 2 Oct 2024 10:17:28 +0000 (10:17 +0000)]
Return number of freed pages in uvm_pmr_cache_drain().

ok kettenis@

4 weeks agoSwitch PV pool allocator to use km_alloc(9) instead of uvm_km_kmemalloc(9).
mpi [Wed, 2 Oct 2024 10:12:52 +0000 (10:12 +0000)]
Switch PV pool allocator to use km_alloc(9) instead of uvm_km_kmemalloc(9).

Reduce differences between pmaps & allow us to remove another deprecated
allocator.

ok phessler@, miod@

4 weeks agoNo need to check as->established before calling pfkey_remove().
claudio [Wed, 2 Oct 2024 09:45:29 +0000 (09:45 +0000)]
No need to check as->established before calling pfkey_remove().

Remove the extra checks in the caller and simplify some code because of that.
OK tb@

4 weeks agoAdding pkg_add from stdin hasn't worked in ages. It was something
tb [Wed, 2 Oct 2024 09:14:08 +0000 (09:14 +0000)]
Adding pkg_add from stdin hasn't worked in ages. It was something
we inherited from the initial implemention on FreeBSD which has
made no sense in years.

prompted by a diff by Johannes Thyssen Tishman
from espie

4 weeks agoReport shifted keys like S-A as A not as S-A in mode 1 extended keys,
nicm [Wed, 2 Oct 2024 08:06:45 +0000 (08:06 +0000)]
Report shifted keys like S-A as A not as S-A in mode 1 extended keys,
from Stanislav Kljuhhin.

4 weeks agoExtend Log->system to support the same features as BaseState->system
tb [Tue, 1 Oct 2024 18:48:29 +0000 (18:48 +0000)]
Extend Log->system to support the same features as BaseState->system

In order to support privsep in tags, we need to be able to pass some
code values in child/parent.

from espie, tested by sthen, ok giovanni

4 weeks agoUse auth_conf.method instead of auth_state.method. The latter is always 0.
claudio [Tue, 1 Oct 2024 18:33:16 +0000 (18:33 +0000)]
Use auth_conf.method instead of auth_state.method. The latter is always 0.

4 weeks agoExplicitly set peer.auth_conf.method, the auth_state value is never
claudio [Tue, 1 Oct 2024 18:31:10 +0000 (18:31 +0000)]
Explicitly set peer.auth_conf.method, the auth_state value is never
initialized in the SE so bgpctl did always see 0, auth_conf.method
is on the other hand properly shared.
OK tb@

4 weeks agoIn merge_peers also copy over the auth_conf from the new peer to the old
claudio [Tue, 1 Oct 2024 18:29:34 +0000 (18:29 +0000)]
In merge_peers also copy over the auth_conf from the new peer to the old
since that one is kept.
OK tb@

4 weeks agoFix typo in comment
claudio [Tue, 1 Oct 2024 18:28:17 +0000 (18:28 +0000)]
Fix typo in comment
OK tb@

4 weeks agoAdjust to the pfkey changes in bgpd.
claudio [Tue, 1 Oct 2024 11:50:15 +0000 (11:50 +0000)]
Adjust to the pfkey changes in bgpd.
OK tb@

4 weeks agoRework the pfkey and tcp md5 API to not depend on struct peer.
claudio [Tue, 1 Oct 2024 11:49:24 +0000 (11:49 +0000)]
Rework the pfkey and tcp md5 API to not depend on struct peer.

Instead use struct auth_config and struct auth_state in the pfkey calls
and those tcp_md5 calls where it matters.

This is preparation work to allow RTR to use TCP MD5 as well.
OK tb@

4 weeks agoAdd a way to make the preview larger in tree mode, GitHub issue 4124.
nicm [Tue, 1 Oct 2024 10:10:29 +0000 (10:10 +0000)]
Add a way to make the preview larger in tree mode, GitHub issue 4124.

4 weeks agoMake it more obvious which ruadd argument is the source and which one is
claudio [Tue, 1 Oct 2024 09:22:25 +0000 (09:22 +0000)]
Make it more obvious which ruadd argument is the source and which one is
the destination by adding const to the source pointer.

OK tb@

4 weeks agoAdjust ptrace interface to properly suport single threaded continue.
claudio [Tue, 1 Oct 2024 08:28:34 +0000 (08:28 +0000)]
Adjust ptrace interface to properly suport single threaded continue.

Introduce P_TRACESINGLE flag to instruct the trapped thread to not
wakeup the other threads (via single_thread_clear). This must be done
like this since ptrace must wake just the single thread to ensure it
runs first and gets the ps_xsig value from ptrace.

Modern gdb depends on this for multi-threaded processes, when a breakpoint
is hit gdb fixes up the trapping instruction and then single steps over
it with only that thread. After that single step gdb continues with all
threads. If all threads are run like now it is possible that one of the
other threads hits a breakpoint before the single step is done which results
in an assertion in gdb (because that is not expected).
OK mpi@

4 weeks agoUse global cursor style and colour options for modes instead of default,
nicm [Tue, 1 Oct 2024 08:01:19 +0000 (08:01 +0000)]
Use global cursor style and colour options for modes instead of default,
GitHub issue 4117.

4 weeks agoremove unused variable
jsg [Tue, 1 Oct 2024 06:46:19 +0000 (06:46 +0000)]
remove unused variable

4 weeks agodrm: Expand max DRM device number to full MINORBITS
jsg [Tue, 1 Oct 2024 06:41:22 +0000 (06:41 +0000)]
drm: Expand max DRM device number to full MINORBITS

From Michal Winiarski
e615cd84dcf834e83b333bfb690fc2032b3fdb85 in linux-6.6.y/6.6.53
071d583e01c88272f6ff216d4f867f8f35e94d7d in mainline linux

4 weeks agoaccel: Use XArray instead of IDR for minors
jsg [Tue, 1 Oct 2024 06:36:45 +0000 (06:36 +0000)]
accel: Use XArray instead of IDR for minors

From Michal Winiarski
f6b589e361538285fdad8cf62143e3cf3b2c8b2a in linux-6.6.y/6.6.53
45c4d994b82b08f0ce5eb50f8da29379c92a391e in mainline linux

4 weeks agodrm: Use XArray instead of IDR for minors
jsg [Tue, 1 Oct 2024 06:30:40 +0000 (06:30 +0000)]
drm: Use XArray instead of IDR for minors

From Michal Winiarski
d2e3d344e20e605378556610811549249298d0aa in linux-6.6.y/6.6.53
5fbca8b48b3050ae7fb611a8b09af60012ed6de1 in mainline linux

4 weeks agoadd DEFINE_XARRAY_ALLOC for 6.6.53 drm
jsg [Tue, 1 Oct 2024 06:19:39 +0000 (06:19 +0000)]
add DEFINE_XARRAY_ALLOC for 6.6.53 drm

4 weeks agoadd MINORBITS for 6.6.53 drm
jsg [Tue, 1 Oct 2024 06:18:20 +0000 (06:18 +0000)]
add MINORBITS for 6.6.53 drm

4 weeks agoadd ACCEL_MAX_MINORS for 6.6.53 drm
jsg [Tue, 1 Oct 2024 06:17:46 +0000 (06:17 +0000)]
add ACCEL_MAX_MINORS for 6.6.53 drm

4 weeks agoChange pasting to bypass the output key processing entirely and write
nicm [Tue, 1 Oct 2024 06:15:47 +0000 (06:15 +0000)]
Change pasting to bypass the output key processing entirely and write
what was originally received. Fixes problems with pasted text being
interpreted as extended keys reported by Mark Kelly.

4 weeks agochange release date
deraadt [Mon, 30 Sep 2024 14:31:56 +0000 (14:31 +0000)]
change release date

4 weeks agoImprove some currently impossible error path in log_ext_subtype().
claudio [Mon, 30 Sep 2024 12:54:12 +0000 (12:54 +0000)]
Improve some currently impossible error path in log_ext_subtype().
Mainly handle unknown ext-communities better and handle the special
case of type == -1.
OK tb@

4 weeks agoUse ps_ppid instead of ps_pptr->ps_pid in all places.
claudio [Mon, 30 Sep 2024 12:32:26 +0000 (12:32 +0000)]
Use ps_ppid instead of ps_pptr->ps_pid in all places.
OK mpi@

4 weeks agohandle non xa_limit_32b ranges in xarray
jsg [Mon, 30 Sep 2024 12:21:17 +0000 (12:21 +0000)]
handle non xa_limit_32b ranges in xarray

4 weeks agostore xarray flags for XA_FLAGS_ALLOC1 test in alloc
jsg [Mon, 30 Sep 2024 12:09:04 +0000 (12:09 +0000)]
store xarray flags for XA_FLAGS_ALLOC1 test in alloc

4 weeks agoRemove code after exit1() and NOTREACHED comment. Nothing will ever get there.
claudio [Mon, 30 Sep 2024 11:49:44 +0000 (11:49 +0000)]
Remove code after exit1() and NOTREACHED comment. Nothing will ever get there.
OK mpi@

4 weeks agoIn bgpd_rtr_connect() do the setsockopt dance for IP_TOS and TCP_NODELAY
claudio [Mon, 30 Sep 2024 09:42:24 +0000 (09:42 +0000)]
In bgpd_rtr_connect() do the setsockopt dance for IP_TOS and TCP_NODELAY
before calling connect(). This way it happens for sure and on top the TOS
is already set on the initial SYN.
OK tb@

4 weeks agoOn some Windows terminals, if TIOCWINSZ does not return xpixel and
nicm [Mon, 30 Sep 2024 08:10:20 +0000 (08:10 +0000)]
On some Windows terminals, if TIOCWINSZ does not return xpixel and
ypixel (they are zero), if this is the case then try the query escape
sequences. From Dmitry Galchinsky in GitHub issue 4099.

4 weeks agoReturn the number of freed pages and handle SHRINK_STOP in drmbackoff().
mpi [Mon, 30 Sep 2024 08:09:39 +0000 (08:09 +0000)]
Return the number of freed pages and handle SHRINK_STOP in drmbackoff().

ok jsg@

4 weeks agoOnly use default-shell for popups, return to /bin/sh for run-shell,
nicm [Mon, 30 Sep 2024 07:54:51 +0000 (07:54 +0000)]
Only use default-shell for popups, return to /bin/sh for run-shell,
if-shell and #() - these have been documented as using /bin/sh for a
long time and scripts rely on it. Pointed out by Gregory Pakosz.

4 weeks agoinit xarray pool in drm_linux_init(), needed for static initialisation
jsg [Mon, 30 Sep 2024 03:55:46 +0000 (03:55 +0000)]
init xarray pool in drm_linux_init(), needed for static initialisation

4 weeks agoremove WSDISPLAYIO_OGINFO compat ioctl, planned for after 7.3
jsg [Mon, 30 Sep 2024 01:41:49 +0000 (01:41 +0000)]
remove WSDISPLAYIO_OGINFO compat ioctl, planned for after 7.3
ok miod@

4 weeks agoFix grey colour, from Magnus Gross.
nicm [Sun, 29 Sep 2024 20:05:42 +0000 (20:05 +0000)]
Fix grey colour, from Magnus Gross.

4 weeks agoadd some commas, to aid readability;
jmc [Sun, 29 Sep 2024 18:00:38 +0000 (18:00 +0000)]
add some commas, to aid readability;
from thorsten blum

4 weeks agosync synopsis and usage, sort commands, fix their spacing
kn [Sun, 29 Sep 2024 14:36:13 +0000 (14:36 +0000)]
sync synopsis and usage, sort commands, fix their spacing

OK input lucas

4 weeks agoremove unused cruft; ok kettenis@
jsg [Sun, 29 Sep 2024 12:22:57 +0000 (12:22 +0000)]
remove unused cruft; ok kettenis@

4 weeks agofix HWCAP_ASIMDHP test; ok kettenis@
jsg [Sun, 29 Sep 2024 11:22:39 +0000 (11:22 +0000)]
fix HWCAP_ASIMDHP test; ok kettenis@

4 weeks agocorrect a prototype
jsg [Sun, 29 Sep 2024 09:25:37 +0000 (09:25 +0000)]
correct a prototype

4 weeks agocatch up with the u-boot-aarch64 package split in install docs. changing
sthen [Sat, 28 Sep 2024 17:09:52 +0000 (17:09 +0000)]
catch up with the u-boot-aarch64 package split in install docs. changing
the dtb isn't normally needed (and can cause problems) so don't suggest that.
add some info for rk3588. partly from jsg.

4 weeks agorsync: make blkhash_free() callable with NULL.
tb [Fri, 27 Sep 2024 13:13:14 +0000 (13:13 +0000)]
rsync: make blkhash_free() callable with NULL.

It is in principle possible that blkhash_free() (which obviously frees
a struct blktab, sigh) is called with NULL. This would lead to a crash.

ok claudio

4 weeks agorsync: avoid reallocarray() with a nmemb of 0.
tb [Fri, 27 Sep 2024 13:10:39 +0000 (13:10 +0000)]
rsync: avoid reallocarray() with a nmemb of 0.

bset->blksz can be 0 here and how reallocarray() behaves is implementation
defined.

4 weeks agorsync: fix reallocarray() usage in blkhash_set()
tb [Fri, 27 Sep 2024 13:06:21 +0000 (13:06 +0000)]
rsync: fix reallocarray() usage in blkhash_set()

The well-named ERR() macro doesn't error out. Therefore an incorrect use
of reallocarray() is actually a leak that is easily overlooked. Do it the
right way by assigning to a temporary variable and preserve behavior by
freeing and NULL-ing.

ok claudio

4 weeks agorpki-client: free deltas in rrdp_session_parse() as in rrdp_repo_free()
tb [Fri, 27 Sep 2024 12:55:03 +0000 (12:55 +0000)]
rpki-client: free deltas in rrdp_session_parse() as in rrdp_repo_free()

ok claudio

4 weeks agorpki-client: check for getline error when reading the skiplist file
tb [Fri, 27 Sep 2024 12:52:58 +0000 (12:52 +0000)]
rpki-client: check for getline error when reading the skiplist file

ok claudio

4 weeks agotest some more Match syntax, including criteria=arg and negations
djm [Fri, 27 Sep 2024 01:05:54 +0000 (01:05 +0000)]
test some more Match syntax, including criteria=arg and negations

4 weeks agoPrevious pipex.c,v 1.155 was broken if the client was not behind a NAT.
yasuoka [Fri, 27 Sep 2024 00:38:49 +0000 (00:38 +0000)]
Previous pipex.c,v 1.155 was broken if the client was not behind a NAT.

ok mvs

4 weeks agofix previous change to ssh_config Match, which broken on negated
djm [Thu, 26 Sep 2024 23:55:08 +0000 (23:55 +0000)]
fix previous change to ssh_config Match, which broken on negated
Matches; spotted by phessler@ ok deraadt@

4 weeks agoFix amd64/GENERIC not linking due to missing pmap_shootept symbol.
dv [Thu, 26 Sep 2024 21:55:42 +0000 (21:55 +0000)]
Fix amd64/GENERIC not linking due to missing pmap_shootept symbol.

My recent commit to add an INVEPT ipi missed an ifdef related to
MP machines.

ok krw@

4 weeks agoAdd an ipi for executing INVEPT to flush EPT on remote cpus.
dv [Thu, 26 Sep 2024 13:18:25 +0000 (13:18 +0000)]
Add an ipi for executing INVEPT to flush EPT on remote cpus.

Similar to how the fast ipi for tlb flush is implemented, this adds
one for calling INVEPT to invalidate EPT caches on the cpu. This
is the first step to allowing guest memory to not be wired by UVM
and decreases the behavioral differences between Intel and AMD's
nested paging in vmm(4) and pmap(9).

This change does not hook EPT ptes into the PV list, so the ipi is
only used during address space teardown and pte removal. (With the
removal of the "mprotect" ioctl, vmm(4) no longer modifies EPT ptes
other than inserting them and removing them.)

ok mlarkin@

4 weeks agoremove unneeded psl.h include
jsg [Thu, 26 Sep 2024 10:12:02 +0000 (10:12 +0000)]
remove unneeded psl.h include

4 weeks agoRemove debug leftover. There is no need to run tcpdump anymore.
claudio [Thu, 26 Sep 2024 08:12:30 +0000 (08:12 +0000)]
Remove debug leftover. There is no need to run tcpdump anymore.

4 weeks agodocument that there are nvme sensors available and nudge the reader to sysctl;
jmc [Thu, 26 Sep 2024 06:10:34 +0000 (06:10 +0000)]
document that there are nvme sensors available and nudge the reader to sysctl;
ok bmercer

4 weeks agoremove unneeded includes; ok dv@ mlarkin@
jsg [Thu, 26 Sep 2024 01:45:13 +0000 (01:45 +0000)]
remove unneeded includes; ok dv@ mlarkin@

4 weeks agoremove some unused defines; ok djm@
jsg [Wed, 25 Sep 2024 23:01:39 +0000 (23:01 +0000)]
remove some unused defines; ok djm@

4 weeks agoCorrect an indexing error that may leave stale data in the mousecfg buffer.
bru [Wed, 25 Sep 2024 19:56:33 +0000 (19:56 +0000)]
Correct an indexing error that may leave stale data in the mousecfg buffer.

ok mpi@

4 weeks agoDo not crash in witness code if interrupt fires early.
bluhm [Wed, 25 Sep 2024 18:24:13 +0000 (18:24 +0000)]
Do not crash in witness code if interrupt fires early.

It can happen that an interrupt handler is called immediately on a
secondary CPU when it is spun up during boot.  At that moment no
process is schduled yet, so curproc is NULL.  To prevent a crash
when p->p_sleeplocks is dereferenced, skip witness check in this
case.

OK visa@

4 weeks agoImprove description of -f.
florian [Wed, 25 Sep 2024 16:26:37 +0000 (16:26 +0000)]
Improve description of -f.

ok sthen, florian

Committing on behalf of jmc as requested.

4 weeks agoExtend maxattr test to also include IPv6 and with that test for the
claudio [Wed, 25 Sep 2024 15:38:39 +0000 (15:38 +0000)]
Extend maxattr test to also include IPv6 and with that test for the
up_generate_mp_reach() failure.

4 weeks agocorrect macro for -R entry;
jmc [Wed, 25 Sep 2024 15:08:42 +0000 (15:08 +0000)]
correct macro for -R entry;

4 weeks agoWhen generating UPDATE handle the message size limit better.
claudio [Wed, 25 Sep 2024 14:46:51 +0000 (14:46 +0000)]
When generating UPDATE handle the message size limit better.

First of all warn that a prefix was dropped. In the generate an update
code handle possible overflows of attributes and NLRI and withdraw the
affected prefix. This way the peer will not have stale data.
OK tb@

4 weeks agoAdd a maxattr regress test that causes the rdomain1 bgpd instance to trip
claudio [Wed, 25 Sep 2024 14:42:39 +0000 (14:42 +0000)]
Add a maxattr regress test that causes the rdomain1 bgpd instance to trip
over 4096 bytes for a BGP UPDATE message. Check on the 3rd system that the
affected prefixes are properly withdrawn.

4 weeks agosysupgrade: add -R #.# to try to use a specific release version rather
sthen [Wed, 25 Sep 2024 13:55:23 +0000 (13:55 +0000)]
sysupgrade: add -R #.# to try to use a specific release version rather
than the immediate +0.1. print an https://ftp.openbsd.org/... URL where
the new signify pubkey can be found if not present.

no guarantees: we only test +0.1, but jumping further does work quite
often (and if tight on disk, can work better than multiple steps) -
this avoids editing the script if you're going to do it anyway.

"Only upgrades from one version to the next are tested. Skipping
versions may work. Downgrading is unlikely to work."

discussed with deraadt chris florian, ok deraadt

5 weeks agoremove some unneeded Xo/Xc calls; from evan silberman
jmc [Wed, 25 Sep 2024 06:13:01 +0000 (06:13 +0000)]
remove some unneeded Xo/Xc calls; from evan silberman
the original diff had a couple of errors, which i've fixed

5 weeks agodocument why sys/param.h is used
deraadt [Wed, 25 Sep 2024 04:19:36 +0000 (04:19 +0000)]
document why sys/param.h is used

5 weeks agofix regression introduced when I switched the "Match" criteria tokeniser
djm [Wed, 25 Sep 2024 01:24:04 +0000 (01:24 +0000)]
fix regression introduced when I switched the "Match" criteria tokeniser
to a more shell-like one. Apparently the old tokeniser (accidentally?)
allowed "Match criteria=argument" as well as the "Match criteria argument"
syntax that we tested for.

People were using this syntax so this adds back support for
"Match criteria=argument"

bz3739 ok dtucker

5 weeks ago- VM(s) -> VMs
jmc [Tue, 24 Sep 2024 20:02:39 +0000 (20:02 +0000)]
- VM(s) -> VMs
- simpler tense
- fix the -width parameter
- add -nosplit to AUTHORS

5 weeks agovmd(8) manpage change for shutdown behaviour
mlarkin [Tue, 24 Sep 2024 19:34:01 +0000 (19:34 +0000)]
vmd(8) manpage change for shutdown behaviour

Document the shutdown behaviour for vmd(8). Suggested via bugs@
via eric at mulh.net.

ok jmc@, bluhm@

5 weeks agobackout scanner.l strtonum commits; they restrict numbers to INT_MAX,
sthen [Tue, 24 Sep 2024 14:20:31 +0000 (14:20 +0000)]
backout scanner.l strtonum commits; they restrict numbers to INT_MAX,
breaking filter expressions like "ether[14:4]=0xaaaa0300". ok op@ deraadt@

-/--------------------------
revision 1.32
date: 2024/08/29 07:33:50;  author: anton;  state: Exp;  lines: +2 -2;  commitid: ZYtBn8qrrNNh87on;
Fix regression introduced in previous migration to strtol() by
correcting the error condition, making it on par with the example in the
manual.

ok op@
-/--------------------------
revision 1.31
date: 2024/08/28 11:40:33;  author: op;  state: Exp;  lines: +13 -31;  commitid: RirJPBPfGo9NeSE6;
libpcap: replace hand-rolled number parser with strtol

can't use strtonum here since it needs to handle octal and hex
notations as well.  Part of a larger diff that's ok beck@
-/--------------------------

5 weeks agoFix sleeping race during malloc in sysctl hw.disknames.
bluhm [Tue, 24 Sep 2024 12:37:11 +0000 (12:37 +0000)]
Fix sleeping race during malloc in sysctl hw.disknames.

When mallocarray(9) sleeps, disk_count can change, and diskstatslen
gets inconsistent.  This caused free(9) to panic.

Reported-by: syzbot+36e1f3b306f721f90c72@syzkaller.appspotmail.com
OK deraadt@ mpi@

5 weeks agoRemove -r toggle and generally be less smart.
florian [Tue, 24 Sep 2024 07:33:35 +0000 (07:33 +0000)]
Remove -r toggle and generally be less smart.

The default is to install the next release. Snapshots are only
installed when invoked with -s.

The logic on what to do per default got out of hand and it was very
difficult to reason about what sysupgrade(8) actually did. deraadt@
then suggested that we should dumb it all down, sysupgrade(8) is there
to upgrade from one release to the next. More advance usage needs to
be requested by the user.

With all this simplification we can now be a bit more smart to work
out what the next release is. With that, snapshots right before a
release can be sysupgrade(8)'ed to the official release.

OK sthen on a previous version that was much more complicated but
allowed shortly-before-release -> release upgrade

testing sthen on this version

Guidance, prodding & OK deraadt

5 weeks agosome extra paranoia, reminded by jsg@
djm [Tue, 24 Sep 2024 02:28:17 +0000 (02:28 +0000)]
some extra paranoia, reminded by jsg@

5 weeks ago___linux__ -> __linux__
jsg [Tue, 24 Sep 2024 02:25:20 +0000 (02:25 +0000)]
___linux__ -> __linux__

5 weeks agofor sysctl on arm64, handle CPU_ID_AA64ISAR1 same as CPU_ID_AA64ISAR0
deraadt [Tue, 24 Sep 2024 02:22:42 +0000 (02:22 +0000)]
for sysctl on arm64, handle CPU_ID_AA64ISAR1 same as CPU_ID_AA64ISAR0
ok sthen

5 weeks agoIf during parsing lines in the script, ksh finds a NUL byte on the
deraadt [Mon, 23 Sep 2024 21:18:33 +0000 (21:18 +0000)]
If during parsing lines in the script, ksh finds a NUL byte on the
line, it should abort ("syntax error: NUL byte unexpected").  There
appears to be one piece of software which is misinterpreting guidance
of this, and trying to depend upon embedded NUL.  During research,
every shell we tested has one or more cases where a NUL byte in the
input or inside variable contents will create divergent behaviour from
other shells.  (ie. gets converted to a space, is silently skipped, or
aborts script parsing or later execution).  All the shells are written
in C, and majority of them use C strings for everything, which means
they cannot embed a NUL, so this is not surprising.  It is quite
unbelievable there are people trying to rewrite history on a lark, and
expecting the world to follow alone.

If there is ONE THING the Unix world needs, it is for bash/ksh/sh to
stop diverging further by permitting STUPID INPUT that cannot
plausibly work in all other shells.  We are in a post-Postel world.

It remains possible to put arbitrary bytes *AFTER* the parts of the
shell script that get parsed & executed (like some Solaris patch files
do).  But you can't put arbirary bytes in the middle, ahead of shell
script parsed lines, because shells can't jump to arbitrary offsets
inside the input file, they go THROUGH all the 'valid shell script
text lines' to get there.

This was in snapshots for more than 2 months, and only spotted one
other program depending on the behaviour (and that test program did
not observe that it was therefore depending in incorrect behaviour!!)

ok ingo.  Softer ok's from various others.

5 weeks agonow hacking on 7.6-current
deraadt [Mon, 23 Sep 2024 21:05:28 +0000 (21:05 +0000)]
now hacking on 7.6-current
(corrected)

5 weeks agoReplace `&&' with `if' for proper $? handling; OK lucas
kn [Mon, 23 Sep 2024 20:54:01 +0000 (20:54 +0000)]
Replace `&&' with `if' for proper $? handling;  OK lucas

iked and isakmpd guard against themselves with "return 0" as rc.subr(8)
checks rc_pre()'s return code and aborts daemo start iff non-zero, but
that isn't needed if we use ksh properly.

5 weeks agonow hacking on 7.6-current
deraadt [Mon, 23 Sep 2024 20:50:47 +0000 (20:50 +0000)]
now hacking on 7.6-current

5 weeks agozap redundant "|| return 1"; OK lucas
kn [Mon, 23 Sep 2024 20:44:24 +0000 (20:44 +0000)]
zap redundant "|| return 1";  OK lucas

unbound-checkconf(8) itself exits 1 on error already.