jsg [Sun, 3 Dec 2023 00:19:25 +0000 (00:19 +0000)]
match Lunar Lake, Raptor Lake and Arrow Lake
jsg [Sun, 3 Dec 2023 00:15:35 +0000 (00:15 +0000)]
regen
jsg [Sun, 3 Dec 2023 00:14:53 +0000 (00:14 +0000)]
add Intel Ethernet ids: Lunar Lake, Raptor Lake and Arrow Lake
tb [Sat, 2 Dec 2023 19:07:10 +0000 (19:07 +0000)]
Fix some NULL misspellings
tb [Sat, 2 Dec 2023 19:06:22 +0000 (19:06 +0000)]
Revert a hunk of r1.23 that makes no sense
The commit was about checking EVP_CIPHER_CTX_iv_length(), but the function
called here is EVP_CIPHER_CTX_key_length(). The result of the computation
is still correct, the check and local variable simply make no sense.
sf [Sat, 2 Dec 2023 10:01:35 +0000 (10:01 +0000)]
virtio: Fix handling of feature bits >= 32
Fix handling of feature bits >= 32. This does not yet affect any driver
as no high feature bit besides VERSION_1 is used, and that one has
special handling.
Also, with VIRTIO_DEBUG, simply walk through all transport and device
feature names, so that we don't need to adjust the if clause whenever
the standard introduces new transport features.
ok jan@ bluhm@
mvs [Fri, 1 Dec 2023 20:30:22 +0000 (20:30 +0000)]
pipex(4) layer is completely mp-safe, move the pipex_timer() timeout(9)
handler out of kernel lock.
ok bluhm
millert [Fri, 1 Dec 2023 16:49:16 +0000 (16:49 +0000)]
Add tests to exercise the recent bug fixes.
millert [Fri, 1 Dec 2023 16:48:40 +0000 (16:48 +0000)]
relay_read_http: strip out Content-Length if we strip the body too
We should not forward Content-Length if the body is not also forwarded.
miod [Fri, 1 Dec 2023 16:23:03 +0000 (16:23 +0000)]
Make sure we read a complete struct fsinfo even if the filesystem sectors
are smaller.
bug report and ok kn@
bluhm [Fri, 1 Dec 2023 15:30:46 +0000 (15:30 +0000)]
Set inp address, port and rtable together with inpcb hash.
The inpcb hash table is protected by table->inpt_mtx. The hash is
based on addresses, ports, and routing table. These fields were
not sychronized with the hash. Put writes and hash update into the
same critical section.
Move the updates from ip_ctloutput(), ip6_ctloutput(), syn_cache_get(),
tcp_connect(), udp_disconnect() to dedicated inpcb set functions.
There they use the same table mutex as in_pcbrehash().
in_pcbbind(), in_pcbconnect(), and in6_pcbconnect() need more work
and are not included yet.
OK sashan@ mvs@
bluhm [Fri, 1 Dec 2023 14:37:22 +0000 (14:37 +0000)]
Cast mtx to void in dummy MUTEX_ASSERT_LOCKED().
To avoid unsued variable in ramdisk kernel, use the argument of
MUTEX_ASSERT_LOCKED() also in non DIAGNOSTIC builds.
OK sashan@ mvs@
bluhm [Fri, 1 Dec 2023 14:08:03 +0000 (14:08 +0000)]
Make internet PCB connect more consistent.
The public interface is in_pcbconnect(). It dispatches to
in6_pcbconnect() if necessary. Call the former from tcp_connect()
and udp_connect().
In in6_pcbconnect() initialization in6a = NULL is not necessary.
in6_pcbselsrc() sets the pointer, but does not read the value.
Pass a constant in6_addr pointer to in6_pcbselsrc() and in6_selectsrc().
It returns a reference to the address of some internal data structure.
We want to be sure that in6_addr is not modified this way. IPv4
in_pcbselsrc() solves this by passing a copy of the address.
OK kn@ sashan@ mvs@
schwarze [Fri, 1 Dec 2023 13:43:37 +0000 (13:43 +0000)]
Some cleanup:
Remove some lies and some irrelevant historical information
about the non_ex variants and waste fewer words deprecating them.
Telling people to type longer function names and to pass an
ignored NULL argument doesn't really help anything.
Also talk less about those ignored ENGINE arguments.
OK tb@
tb [Fri, 1 Dec 2023 10:46:54 +0000 (10:46 +0000)]
sync
schwarze [Fri, 1 Dec 2023 10:40:21 +0000 (10:40 +0000)]
EVP_EncryptInit(3) is among the most important "how to drive" manuals,
but it is still excessively long and complicated. To reduce the amount
of distractions a bit, split out three deprecated functions into a new
manual page EVP_CIPHER_CTX_init(3). No text change.
In part suggested by tb@, who agrees with the direction.
sashan [Fri, 1 Dec 2023 10:28:32 +0000 (10:28 +0000)]
Prevent race between pf_test() and pf_purge_expired_states().
Packets (callers to pf_test()) must alter pf_state::timeout
under protection of pf_state::mtx. We also have to make sure
the packet does not update pf_state::timeout when ::timeout
reaches PFTM_UNLINKED.
The first report came from Johan Huldtgren, but he is not
the single user who has noticed "st->timeout == PFTM_UNLINKED"
assert violation.
OK bluhm@
op [Fri, 1 Dec 2023 09:25:49 +0000 (09:25 +0000)]
allow tables and filter over multiple lines
This augments the grammar for tables and filter listing so that a
newline is allowed after a comma. i.e. these now works as expected:
table foo {
"one",
"two"
}
listen on socket filter {
"foo",
"bar"
}
based on a diff from tim@
ok millert@, tim@
tb [Fri, 1 Dec 2023 06:53:18 +0000 (06:53 +0000)]
Unify various EVP_*{Update,Final}*() wrappers
The correct way of wrapping foo() is 'int ret; ret = foo(); return ret;'
because 'return foo();' would be too simple... Also unify branching from
EVP_Cipher* into EVP_Encrypt* EVP_Decrypt*.
jsg [Fri, 1 Dec 2023 05:49:06 +0000 (05:49 +0000)]
regen
jsg [Fri, 1 Dec 2023 05:48:39 +0000 (05:48 +0000)]
add AMD Phoenix (Family 19h Model 74h) ids
based on submissions to dmesg@
miod [Thu, 30 Nov 2023 20:08:23 +0000 (20:08 +0000)]
Overhaul device identification logic in order to make matching on
device-provided information easier.
Add support for a few more devices.
Trigger state machine updates quickly so as not to have to wait 6 seconds to
get the device identified, then 6 more seconds to get the first sensor data.
Tested on:
TEMPerX_V3.3 by landry@
TEMPerF1.4M by sthen@
TEMPerHUM_V4.0, TEMPer2_V4.1, TEMPer1F_V4.1 and TEMPerGold_V3.4 by yours truly
beck [Thu, 30 Nov 2023 17:01:04 +0000 (17:01 +0000)]
Clean up and de-spaghettize by_file_callback
I had to read this for other purposes and it exceeded my muppetry
tolerance.
ok tb@
kn [Thu, 30 Nov 2023 14:52:00 +0000 (14:52 +0000)]
Single file to stdout without "fattr"
Regardless of SMALL and other command flags, 'ftp -o - URL [file|URL ...]'
only processes the first URL and exists.
Only standard output is written to and modifying 'struct stat' properties
as per pledge(2) "fattr" don't apply.
OK millert
kn [Thu, 30 Nov 2023 14:51:32 +0000 (14:51 +0000)]
Fold identical pledge cases, '#ifndef SMALL \n if (!resume)' equals 'else'
OK millert
miod [Thu, 30 Nov 2023 12:50:41 +0000 (12:50 +0000)]
Make sure we don't process garbage data as keypresses if the device sends a
truncated report.
bluhm [Thu, 30 Nov 2023 10:21:56 +0000 (10:21 +0000)]
Pass inp_seclevel to ip6_output() in TCP syn cache.
TCP syn_cache_respond() uses inp_seclevel from listening socket as
ip_output() parameter. This was missing for ip6_output().
OK mvs@
jsg [Thu, 30 Nov 2023 03:07:48 +0000 (03:07 +0000)]
drm/amd/display: Change the DMCUB mailbox memory location from FB to inbox
From Lewis Huang
4c55be0855344187d0970874b6e1215b21a68b61 in linux-6.1.y/6.1.64
5911d02cac70d7fb52009fbd37423e63f8f6f9bc in mainline linux
jsg [Thu, 30 Nov 2023 03:04:27 +0000 (03:04 +0000)]
drm/amd/display: Enable fast plane updates on DCN3.2 and above
From Tianci Yin
68d774eb10e261ac6d176da2379f97a62878ef22 in linux-6.1.y/6.1.64
435f5b369657cffee4b04db1f5805b48599f4dbe in mainline linux
jsg [Thu, 30 Nov 2023 02:57:53 +0000 (02:57 +0000)]
drm/amd/display: fix a NULL pointer dereference in amdgpu_dm_i2c_xfer()
From Mario Limonciello
fb5c134ca589fe670430acc9e7ebf2691ca2476d in linux-6.1.y/6.1.64
b71f4ade1b8900d30c661d6c27f87c35214c398c in mainline linux
jsg [Thu, 30 Nov 2023 02:56:04 +0000 (02:56 +0000)]
drm/amdgpu: lower CS errors to debug severity
From Christian Koenig
51ffa1a3792e3570ae2eb84d003c329b3d71da6c in linux-6.1.y/6.1.64
17daf01ab4e3e5a5929747aa05cc15eb2bad5438 in mainline linux
jsg [Thu, 30 Nov 2023 02:54:25 +0000 (02:54 +0000)]
drm/amdgpu: fix error handling in amdgpu_bo_list_get()
From Christian Koenig
c52aac5884bc58e304d4c9cb8441baf8443ea189 in linux-6.1.y/6.1.64
12f76050d8d4d10dab96333656b821bd4620d103 in mainline linux
jsg [Thu, 30 Nov 2023 02:52:49 +0000 (02:52 +0000)]
drm/amdgpu: don't use ATRM for external devices
From Alex Deucher
2ab6c1237bd4a961b8d5032671510a028fb9f0f6 in linux-6.1.y/6.1.64
432e664e7c98c243fab4c3c95bd463bea3aeed28 in mainline linux
jsg [Thu, 30 Nov 2023 02:51:49 +0000 (02:51 +0000)]
drm/amdgpu: don't use pci_is_thunderbolt_attached()
From Alex Deucher
965dce07a4fc5b15c07c73124f5016240a7250ef in linux-6.1.y/6.1.64
7b1c6263eaf4fd64ffe1cafdc504a42ee4bfbb33 in mainline linux
jsg [Thu, 30 Nov 2023 02:50:22 +0000 (02:50 +0000)]
drm/amdgpu/smu13: drop compute workload workaround
From Alex Deucher
8e54a91d3e66b9730861f10345238ff5ef979d3d in linux-6.1.y/6.1.64
23170863ea0a0965d224342c0eb2ad8303b1f267 in mainline linux
jsg [Thu, 30 Nov 2023 02:49:07 +0000 (02:49 +0000)]
drm/amd/pm: Fix error of MACO flag setting code
From Ma Jun
454d0cdd7c127bb0ad06b53c52e94ca2c9a83b20 in linux-6.1.y/6.1.64
7f3e6b840fa8b0889d776639310a5dc672c1e9e1 in mainline linux
jsg [Thu, 30 Nov 2023 02:47:39 +0000 (02:47 +0000)]
drm/i915: Fix potential spectre vulnerability
From Kunwu Chan
07e94f204f38b0d36eb377b3cda088b4a8b6f9a2 in linux-6.1.y/6.1.64
1a8e9bad6ef563c28ab0f8619628d5511be55431 in mainline linux
jsg [Thu, 30 Nov 2023 02:46:29 +0000 (02:46 +0000)]
drm/i915: Bump GLK CDCLK frequency when driving multiple pipes
From Ville Syrjala
9457636a49265bdec14f3b747a4911ea9b7d468c in linux-6.1.y/6.1.64
0cb89cd42fd22bbdec0b046c48f35775f5b88bdb in mainline linux
jsg [Thu, 30 Nov 2023 02:44:33 +0000 (02:44 +0000)]
drm/amd/pm: Handle non-terminated overdrive commands.
From Bas Nieuwenhuizen
e973f40de16125f3f85a07db68a2ad4a0aeb42c2 in linux-6.1.y/6.1.64
08e9ebc75b5bcfec9d226f9e16bab2ab7b25a39a in mainline linux
jsg [Thu, 30 Nov 2023 02:43:08 +0000 (02:43 +0000)]
drm/amd/display: enable dsc_clk even if dsc_pg disabled
From Muhammad Ahmed
3b70d45c7ea8e6c4584f497b1bad1dba1c3b9557 in linux-6.1.y/6.1.64
40255df370e94d44f0f0a924400d68db0ee31bec in mainline linux
jsg [Thu, 30 Nov 2023 02:41:35 +0000 (02:41 +0000)]
i915/perf: Fix NULL deref bugs with drm_dbg() calls
From Harshit Mogalapalli
55db76caa782baa4a1bf02296e2773c38a524a3e in linux-6.1.y/6.1.64
471aa951bf1206d3c10d0daa67005b8e4db4ff83 in mainline linux
jsg [Thu, 30 Nov 2023 02:39:56 +0000 (02:39 +0000)]
drm/amdgpu: fix software pci_unplug on some chips
From Vitaly Prosyak
6586b5f8e456de7bddbed2446f5f558f9035c7ad in linux-6.1.y/6.1.64
4638e0c29a3f2294d5de0d052a4b8c9f33ccb957 in mainline linux
jsg [Thu, 30 Nov 2023 02:38:28 +0000 (02:38 +0000)]
drm/amd/display: Avoid NULL dereference of timing generator
From Wayne Lin
8a06894666e0b462c9316b26ab615cefdd0d676c in linux-6.1.y/6.1.64
b1904ed480cee3f9f4036ea0e36d139cb5fee2d6 in mainline linux
jsg [Thu, 30 Nov 2023 02:37:03 +0000 (02:37 +0000)]
drm/amdgpu: Fix a null pointer access when the smc_rreg pointer is NULL
From Qu Huang
6c1b3d89a2dda79881726bb6e37af19c0936d736 in linux-6.1.y/6.1.64
5104fdf50d326db2c1a994f8b35dcd46e63ae4ad in mainline linux
jsg [Thu, 30 Nov 2023 02:35:24 +0000 (02:35 +0000)]
drm/amdkfd: Fix shift out-of-bounds issue
From Jesse Zhang
2806f880379232e789957c2078d612669eb7a69c in linux-6.1.y/6.1.64
282c1d793076c2edac6c3db51b7e8ed2b41d60a5 in mainline linux
jsg [Thu, 30 Nov 2023 02:33:55 +0000 (02:33 +0000)]
drm/radeon: fix a possible null pointer dereference
From Ma Ke
16fa59e273f8eb20ececeb570ab41c9d3d791429 in linux-6.1.y/6.1.64
2c1fe3c480f9e1deefd50d4b18be4a046011ee1f in mainline linux
jsg [Thu, 30 Nov 2023 02:32:22 +0000 (02:32 +0000)]
drm/amdgpu: Fix potential null pointer derefernce
From Stanley Yang
9b70fc7d70e8ef7c4a65034c9487f58609e708a1 in linux-6.1.y/6.1.64
80285ae1ec8717b597b20de38866c29d84d321a1 in mainline linux
jsg [Thu, 30 Nov 2023 02:30:10 +0000 (02:30 +0000)]
drm/amd: Fix UBSAN array-index-out-of-bounds for Polaris and Tonga
From Mario Limonciello
d0725232da777840703f5f1e22f2e3081d712aa4 in linux-6.1.y/6.1.64
0f0e59075b5c22f1e871fbd508d6e4f495048356 in mainline linux
jsg [Thu, 30 Nov 2023 02:28:39 +0000 (02:28 +0000)]
drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7
From Mario Limonciello
fc9ac0e8e0bcb3740c6eaad3a1a50c20016d422b in linux-6.1.y/6.1.64
760efbca74a405dc439a013a5efaa9fadc95a8c3 in mainline linux
jsg [Thu, 30 Nov 2023 02:26:44 +0000 (02:26 +0000)]
drm/amd/display: use full update for clip size increase of large plane source
From Wenjing Liu
24faa2740b3f15e747b563a6c22fb05ba13a76b7 in linux-6.1.y/6.1.64
05b78277ef0efc1deebc8a22384fffec29a3676e in mainline linux
jsg [Thu, 30 Nov 2023 02:24:02 +0000 (02:24 +0000)]
drm/amd: Update `update_pcie_parameters` functions to use uint8_t arguments
From Mario Limonciello
09d4f579d30024eda51b61ec94618011a0fabd66 in linux-6.1.y/6.1.64
7752ccf85b929a22e658ec145283e8f31232f4bb in mainline linux
jsg [Thu, 30 Nov 2023 02:20:12 +0000 (02:20 +0000)]
drm/amdkfd: Fix a race condition of vram buffer unref in svm code
From Xiaogang Chen
50f35a907c4f9ed431fd3dbb8b871ef1cbb0718e in linux-6.1.y/6.1.64
709c348261618da7ed89d6c303e2ceb9e453ba74 in mainline linux
jsg [Thu, 30 Nov 2023 02:18:37 +0000 (02:18 +0000)]
drm/amdgpu: not to save bo in the case of RAS err_event_athub
From David (Ming Qiang) Wu
5b978a8ce49719625c796f80ef6929312743badd in linux-6.1.y/6.1.64
fa1f1cc09d588a90c8ce3f507c47df257461d148 in mainline linux
jsg [Thu, 30 Nov 2023 02:14:01 +0000 (02:14 +0000)]
add dev_is_removable() for 6.1.64 drm
kettenis [Wed, 29 Nov 2023 23:32:16 +0000 (23:32 +0000)]
Fix unwanted sign-extension of ID register masks. Sign-extension of the
GPI feature mask caused misdetection of the GPI feature when some other
feature was present that was advertised in the upper 32 bits of the same
ID register. Resulting in a crash as soon as the pmap code tried to set
the PAC keys.
Fix suggested by Marc Zyngier who found and debugged the problem.
ok jsg@, deraadt@
tb [Wed, 29 Nov 2023 21:35:57 +0000 (21:35 +0000)]
Ignore ENGINE at the API boundary
This removes the remaining ENGINE members from various internal structs
and functions. Any ENGINE passed into a public API is now completely
ignored functions returning an ENGINE always return NULL.
ok jsing
bluhm [Wed, 29 Nov 2023 20:46:23 +0000 (20:46 +0000)]
regen syscalls
bluhm [Wed, 29 Nov 2023 20:40:06 +0000 (20:40 +0000)]
Unlock bind(2) syscall.
For internet sockets sobind() runs with exclusive net lock due to
solock(). For unix domain sockets uipc_bind() grabs the kernel
lock itself. So sys_bind() is MP safe. Add NOLOCK flag to avoid
kernel lock.
OK mvs@
bluhm [Wed, 29 Nov 2023 19:19:25 +0000 (19:19 +0000)]
Run TCP syn cache timer without kernel lock.
As syn_cache_timer() uses syn cache mutex and exclusive net lock,
it does not need kernel lock.
OK mvs@
denis [Wed, 29 Nov 2023 18:46:37 +0000 (18:46 +0000)]
remove unused VXLANMTU definition
OK claudio, miod
bluhm [Wed, 29 Nov 2023 18:30:48 +0000 (18:30 +0000)]
Document inp_socket as immutable and remove NULL checks.
Struct inpcb field inp_socket is initialized in in_pcballoc(). It
is not NULL and never changed.
OK mvs@
tb [Wed, 29 Nov 2023 18:11:10 +0000 (18:11 +0000)]
Clean up CMAC implementation a little
Add explanatory comments that refer to the spec so that all the weird
dances make a little more sense. It turns out that this implmeentation
only supports block ciphers with block sizes of 64 and 128 bits, so
enforce this with a check.
Simplify make_kn() to make a little more sense and make it constant
time. Some stylistic fixes like checking pointers explicitly against
NULL and shuffle things into an order that makes a bit more sense.
Includes a fix for a warning reported by Viktor Szakats in
https://github.com/libressl/portable/issues/926
ok jsing
millert [Wed, 29 Nov 2023 15:35:07 +0000 (15:35 +0000)]
relay_read_http: defer header parsing until after line continuation
Wait until we have a complete line before parsing the Content-Length,
Transfer-Encoding and Host headers. This prevents potential request
smuggling attacks. Filtering already happens after header line
continuation has been performed. Reported by Ben Kallus.
OK claudio@
espie [Wed, 29 Nov 2023 14:32:01 +0000 (14:32 +0000)]
aliases package.5 as packing-list and plist, since this is the entry
point for people looking for packing-list details.
small tweak by tb@ for readability
okay tb@, jca@
tb [Wed, 29 Nov 2023 13:39:34 +0000 (13:39 +0000)]
Convert ssl3_cipher_by_id() to bsearch()
This was previously the only user of OBJ_bsearch_ssl_cipher_id(), which
in turn is the one remaining user of OBJ_bsearch_() outside of libcrypto.
OBJ_bsearch_() is OpenSSL's idiosyncratic reimplementation of ANSI C89's
bsearch(). Since this used to be hidden behind macro insanity, the result
was three inscrutable layers of comparison functions.
It is much simpler and cleaner to use the standard API. Move all the code
to s3_lib.c, since it's ony used there.
In a few further diffs, OBJ_bsearch_() will be removed from libcrypto.
Unfortunately, we'll need to keep OBJ_bsearch_ex(), because it is
exposed via sk_find_ex(), which is exposed by M2Crypto...
ok jsing
tb [Wed, 29 Nov 2023 13:29:34 +0000 (13:29 +0000)]
Use a long for id in ssl3_get_cipher_by_id()
While the cipher id is effectively a 32-bit value, someone decided that
it should be represented by a long in various internal structs, whose
mameber is passed as id. So use a long because of this and also to make
an upcoming diff simpler.
ok jsing
claudio [Wed, 29 Nov 2023 11:47:15 +0000 (11:47 +0000)]
Cleanup kmeminit_nkmempages().
NKMEMPAGES_MIN was removed long time ago in all archs so there is no
need to keep it.
Also initalize nkmempages_max at compile time since sparc (with variable
page size) is long gone as well.
No objection from miod@
jmatthew [Wed, 29 Nov 2023 06:59:23 +0000 (06:59 +0000)]
update supported hardware lists
jmatthew [Wed, 29 Nov 2023 06:54:09 +0000 (06:54 +0000)]
Add support for new SAS HBAs (codenamed Aero and Sea, sold as Broadcom HBA
9500, Dell HBA350/5, Lenovo ThinkSystem 440 HBA, Supermicro AOC-S3808/16)
These apparently have a hardware problem that results in reads of some
registers returning all zeros under some transient conditions, which can
apparently be worked around by retrying reads that return 0 up to 3 times.
ok dlg@
jmatthew [Wed, 29 Nov 2023 06:46:58 +0000 (06:46 +0000)]
regen
jmatthew [Wed, 29 Nov 2023 06:46:29 +0000 (06:46 +0000)]
add some new Broadcom SAS HBA ids
jsg [Wed, 29 Nov 2023 03:41:31 +0000 (03:41 +0000)]
increase the number of address ranges in acpi attach args from 4 to 8
On Intel Alder Lake-S and Raptor Lake-S platforms GPIO has 5 address
ranges. One for each GPIO community.
Fixes suspend/resume on Laurence Tratt's Raptor Lake-S machine
which broke when Alder Lake-S support was added to pchgpio(4).
ok kettenis@
millert [Tue, 28 Nov 2023 20:54:38 +0000 (20:54 +0000)]
Update awk to the Nov 27, 2023 version.
millert [Tue, 28 Nov 2023 18:36:55 +0000 (18:36 +0000)]
relay_read_http: tighten up header parsing
1) reject headers with embedded NULs
2) reject headers with invalid characters in the name
3) reject Transfer-Encoding with values other than "chunked"
4) reject chunk values containing non-hex characters
5) reject Content-Length values of "+0" or "-0"
6) reject requests without a ' ' and headers without a ':'
Reported by Ben Kallus, OK bluhm@
bluhm [Tue, 28 Nov 2023 13:23:20 +0000 (13:23 +0000)]
Remove struct inpcb from in6_embedscope() parameters.
rip6_output() did modify inp_outputopts6 temporarily to provide
different ip6_pktopts to in6_embedscope(). Better pass inp_outputopts6
and inp_moptions6 as separate arguments to in6_embedscope().
Simplify the code that deals with these options in in6_embedscope().
Doucument inp_moptions and inp_moptions6 as protected by net lock.
OK kn@
tb [Tue, 28 Nov 2023 13:19:04 +0000 (13:19 +0000)]
Switch to legacy method late in tls13_use_legacy_stack()
If memory allocation of s->init_buf fails in ssl3_setup_init_buffer()
during downgrade to the legacy stack, the legacy state machine would
resume with an incorrectly set up SSL, resulting in a NULL dereference.
The fix is to switch to the legacy method only after the SSL is fully
set up. There is a second part to this fix, which will be committed
once we manage to agree on the color of the bikeshed.
Detailed analysis and patch from Masaru Masuda, many thanks!
https://github.com/libressl/openbsd/issues/146
ok jsing
jsg [Tue, 28 Nov 2023 09:29:20 +0000 (09:29 +0000)]
correct spelling of FALLTHROUGH
jsg [Tue, 28 Nov 2023 09:10:18 +0000 (09:10 +0000)]
remove more unused defines
ok kettenis@
dv [Tue, 28 Nov 2023 00:17:48 +0000 (00:17 +0000)]
Adapt inv{vpid,ept} to return success or failure.
ok mlarkin@
tb [Mon, 27 Nov 2023 22:39:26 +0000 (22:39 +0000)]
EVP test: fix includes
tb [Mon, 27 Nov 2023 22:29:51 +0000 (22:29 +0000)]
EVP test: add regress coverage for the do_all() API
tb [Mon, 27 Nov 2023 21:44:21 +0000 (21:44 +0000)]
Regen cert.pem
ok sthen
New Roots for existing CA:
/CN=Atos TrustedRoot Root CA ECC TLS 2021/O=Atos/C=DE
/CN=Atos TrustedRoot Root CA RSA TLS 2021/O=Atos/C=DE
New CA:
BEIJING CERTIFICATE AUTHORITY
/C=CN/O=BEIJING CERTIFICATE AUTHORITY/CN=BJCA Global Root CA1
/C=CN/O=BEIJING CERTIFICATE AUTHORITY/CN=BJCA Global Root CA2
Two E-Tugra roots were removed due to a breach:
/C=TR/L=Ankara/O=E-Tugra EBG A.S./OU=E-Tugra Trust Center/CN=E-Tugra Global Root CA ECC v3
/C=TR/L=Ankara/O=E-Tugra EBG A.S./OU=E-Tugra Trust Center/CN=E-Tugra Global Root CA RSA v3
https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A
Removed expired root:
/C=HK/O=Hongkong Post/CN=Hongkong Post Root CA 1
Removed expired CA:
SECOM Trust.net
/C=JP/O=SECOM Trust.net/OU=Security Communication RootCA1
New CA:
Sectigo Limited
/C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root E46
/C=GB/O=Sectigo Limited/CN=Sectigo Public Server Authentication Root R46
New roots for existing CA:
/C=US/O=SSL Corporation/CN=SSL.com TLS ECC Root CA 2022
/C=US/O=SSL Corporation/CN=SSL.com TLS RSA Root CA 2022
bluhm [Mon, 27 Nov 2023 20:37:15 +0000 (20:37 +0000)]
Add NULL check before dereferencing inp_seclevel.
In some cases inp may be NULL, so check that before passing
inp->inp_seclevel to ipsp_spd_lookup() or ip_output().
Missed in previous commit.
miod [Mon, 27 Nov 2023 20:04:07 +0000 (20:04 +0000)]
Regen
miod [Mon, 27 Nov 2023 20:03:50 +0000 (20:03 +0000)]
New devices, support for which is coming soon.
tb [Mon, 27 Nov 2023 19:27:21 +0000 (19:27 +0000)]
Remove some trailing whitespace
x509_prn.c r1.6 changed the output of 'openssl -in foo.pem -noout -text'
by removing trailing whitespace from non-critical certificate extensions.
Committing the difference now to reduces noise in an upcoming diff.
There's some trailing whitespace remaining. That's because we try to print
a BMPString in an User Notice's Explicit Text with "%*s". That doesn't work
so well with an encoding full of NULs...
tb [Mon, 27 Nov 2023 18:37:53 +0000 (18:37 +0000)]
Add missing error check for yp_get_default_domain()
Avoids a crash when no default domain is set.
from hshoexer
ok deraadt who had the same diff
jsg [Mon, 27 Nov 2023 13:42:19 +0000 (13:42 +0000)]
additonal -> additional
tb [Mon, 27 Nov 2023 11:52:32 +0000 (11:52 +0000)]
Remove silly parentheses
claudio [Mon, 27 Nov 2023 11:32:34 +0000 (11:32 +0000)]
Document -J, --omit-link-times and remove a confusing sentence from
the -O, --omit-dir-times description.
OK tb@
claudio [Mon, 27 Nov 2023 11:30:49 +0000 (11:30 +0000)]
Implement --omit-link-times / -J based on the --omit-dir-times work
done by job@.
OK tb@
claudio [Mon, 27 Nov 2023 11:28:39 +0000 (11:28 +0000)]
The uploader tail shortcut to skip dir postprocessing should also check
if ignore_dir_times is set. In that case preserve_times loses its meaning.
OK tb@
claudio [Mon, 27 Nov 2023 10:14:19 +0000 (10:14 +0000)]
Add --no-O and --no-omit-dir-times options. For some reason the real
rsync has these options and so should ours. These strange --no-XYZ
options are undocumented and are there just for compatibility.
OK tb@ job@
kn [Mon, 27 Nov 2023 09:29:48 +0000 (09:29 +0000)]
interfacename -> interface to match usage and other manuals; OK florian
tb [Mon, 27 Nov 2023 00:51:12 +0000 (00:51 +0000)]
Move the callers X509_STORE_CTX_purpose_inherit() down a bit
jsg [Mon, 27 Nov 2023 00:39:42 +0000 (00:39 +0000)]
support Alder Lake-N and Alder Lake-S
Alder Lake-N tested by sthen@
Alder Lake-S tested by Laurence Tratt (on Raptor Lake-S)
feedback and ok kettenis@
tobhe [Sun, 26 Nov 2023 22:18:45 +0000 (22:18 +0000)]
Add arm64 bti pads for range extension thunks.
Large arm64 binaries like chromium use range extension thunks
for accessing plt entries. Add bti landing pads for the
additional indirection.
upstream commit:
60827df765156cee6cca3dc5049388dde9dac1c0
ok kettenis@
bluhm [Sun, 26 Nov 2023 22:08:10 +0000 (22:08 +0000)]
Remove inp parameter from ip_output().
ip_output() received inp as parameter. This is only used to lookup
the IPsec level of the socket. Reasoning about MP locking is much
easier if only relevant data is passed around. Convert ip_output()
to receive constant inp_seclevel as argument and mark it as protected
by net lock.
OK mvs@
afresh1 [Sun, 26 Nov 2023 16:52:12 +0000 (16:52 +0000)]
Fix read/write past buffer end
From upstream commit:
From
7047915eef37fccd93e7cd985c29fe6be54650b6 Mon Sep 17 00:00:00 2001
From: Karl Williamson <khw@cpan.org>
Date: Sat, 9 Sep 2023 11:59:09 -0600
Subject: [PATCH] Fix read/write past buffer end: perl-security#140
A package name may be specified in a \p{...} regular expression
construct. If unspecified, "utf8::" is assumed, which is the package
all official Unicode properties are in. By specifying a different
package, one can create a user-defined property with the same
unqualified name as a Unicode one. Such a property is defined by a sub
whose name begins with "Is" or "In", and if the sub wishes to refer to
an official Unicode property, it must explicitly specify the "utf8::".
S_parse_uniprop_string() is used to parse the interior of both \p{} and
the user-defined sub lines.
In S_parse_uniprop_string(), it parses the input "name" parameter,
creating a modified copy, "lookup_name", malloc'ed with the same size as
"name". The modifications are essentially to create a canonicalized
version of the input, with such things as extraneous white-space
stripped off. I found it convenient to strip off the package specifier
"utf8::". To to so, the code simply pretends "lookup_name" begins just
after the "utf8::", and adjusts various other values to compensate.
However, it missed the adjustment of one required one.
This is only a problem when the property name begins with "perl" and
isn't "perlspace" nor "perlword". All such ones are undocumented
internal properties.
What happens in this case is that the input is reparsed with slightly
different rules in effect as to what is legal versus illegal. The
problem is that "lookup_name" no longer is pointing to its initial
value, but "name" is. Thus the space allocated for filling "lookup_name"
is now shorter than "name", and as this shortened "lookup_name" is
filled by copying suitable portions of "name", the write can be to
unallocated space.
The solution is to skip the "utf8::" when reparsing "name". Then both
"lookup_name" and "name" are effectively shortened by the same amount,
and there is no going off the end.
This commit also does white-space adjustment so that things align
vertically for readability.
espie [Sun, 26 Nov 2023 16:04:17 +0000 (16:04 +0000)]
mark functions as static when they're unused elsewhere, makes the
code slightly easier to understand.
okay and tweak kn@