openbsd
11 months agosync (libLLVM bump)
jca [Sun, 12 Nov 2023 17:09:40 +0000 (17:09 +0000)]
sync (libLLVM bump)

11 months agoBump MAXDSIZ to 2G on armv7. Needed for llvm-16.
kettenis [Sun, 12 Nov 2023 16:37:28 +0000 (16:37 +0000)]
Bump MAXDSIZ to 2G on armv7.  Needed for llvm-16.

ok deraadt@

11 months agoFix parsing of branch target protection options on arm64 to enable
kettenis [Sun, 12 Nov 2023 16:33:23 +0000 (16:33 +0000)]
Fix parsing of branch target protection options on arm64 to enable
BTI and PAC again by default on OpenBSD.

ok robert@

11 months agoDo not modify route info sockaddr in rtm_xaddrs().
bluhm [Sun, 12 Nov 2023 16:10:46 +0000 (16:10 +0000)]
Do not modify route info sockaddr in rtm_xaddrs().

The rti_info array is used to describe routes that should be found
by lookup.  Modifying the addreses in it is not a good idea.  There
were places where rtm_xaddrs() tried to fix the address family
instead of validating it.  Replace the modification with a check
and error out with EAFNOSUPPORT on failure.  Route labels always
have AF_UNSPEC and the other types are not used anyway.

OK kn@

11 months agoNow that the last consumer of mps.c is gone, remove it and its
martijn [Sun, 12 Nov 2023 16:07:34 +0000 (16:07 +0000)]
Now that the last consumer of mps.c is gone, remove it and its
application_legacy.c companion.

OK tb@

11 months agoMove snmpd.conf's oid keyword into application_internal.c. These objects
martijn [Sun, 12 Nov 2023 16:03:41 +0000 (16:03 +0000)]
Move snmpd.conf's oid keyword into application_internal.c. These objects
get registered under their own backend name, so that they can't overlap
with the internal regions. This removes the last consumer of mps.c

OK tb@

11 months agort_gateway and rt_gwroute use X protections now.
dlg [Sun, 12 Nov 2023 15:42:54 +0000 (15:42 +0000)]
rt_gateway and rt_gwroute use X protections now.

pointed out by bluhm@

11 months agort_setgate performs a series of tweaks to an rtable and the routes in
dlg [Sun, 12 Nov 2023 15:42:05 +0000 (15:42 +0000)]
rt_setgate performs a series of tweaks to an rtable and the routes in
the rtable which should be serialised to ensure they're consistent.
unfortunately, rt_setgate is called from the network stack while it's
only holding shared NET_LOCK.

this uses the [X] protections as described in route.h to serialise the
changes, and reworks the code to try and keep enough stuff linked up
properly during the changes that it will still work if another cpu is
still using the rtentry structs while they still have shared net lock.

tested by and ok bluhm@

11 months agofix the signal numbers passed to siginterrupt.
dlg [Sun, 12 Nov 2023 15:18:04 +0000 (15:18 +0000)]
fix the signal numbers passed to siginterrupt.

from dhill@

11 months agobump datasize to 1536M for the default login class to allow the build
robert [Sun, 12 Nov 2023 14:41:41 +0000 (14:41 +0000)]
bump datasize to 1536M for the default login class to allow the build
user to generate the AMDGPU includes in llvm-16

discussed with deraadt@

11 months agoTargetMCAs.def is required to be installed in the llvm include dir
robert [Sun, 12 Nov 2023 14:25:40 +0000 (14:25 +0000)]
TargetMCAs.def is required to be installed in the llvm include dir
so instead of shipping the file internally, let's generate it and
install it with the rest of the headers; unbreaks xenocara build

11 months agoAdd support for the Rockchip RK8602 and RK8603 voltage regulators.
patrick [Sun, 12 Nov 2023 12:41:43 +0000 (12:41 +0000)]
Add support for the Rockchip RK8602 and RK8603 voltage regulators.

ok dlg@

11 months agoflip the ignoreFunctionAddressEquality flag; lost in merging changes from llvm-13
robert [Sun, 12 Nov 2023 11:43:04 +0000 (11:43 +0000)]
flip the ignoreFunctionAddressEquality flag; lost in merging changes from llvm-13

11 months agosplit the Symbols.list up so that arch specific symbols do not end up everywhere
robert [Sun, 12 Nov 2023 10:49:27 +0000 (10:49 +0000)]
split the Symbols.list up so that arch specific symbols do not end up everywhere

ok tb@

11 months agothe ws in wscons is short for workstation
dlg [Sun, 12 Nov 2023 09:21:36 +0000 (09:21 +0000)]
the ws in wscons is short for workstation

11 months agoFix variable name in comment
jca [Sat, 11 Nov 2023 18:47:02 +0000 (18:47 +0000)]
Fix variable name in comment

Mostly a dummy commit so that the last llvm commit ends up in the git export.
(No idea whether it's actually/still needed but it can't hurt.)

11 months agoupdate build infrastructure for llvm-16.0.6
robert [Sat, 11 Nov 2023 18:35:35 +0000 (18:35 +0000)]
update build infrastructure for llvm-16.0.6

11 months agomerge lldb-16.0.6
robert [Sat, 11 Nov 2023 18:24:39 +0000 (18:24 +0000)]
merge lldb-16.0.6

11 months agoimport lldb from LLVM-16.0.6
robert [Sat, 11 Nov 2023 18:22:53 +0000 (18:22 +0000)]
import lldb from LLVM-16.0.6

11 months agomerge lld-16.0.6
robert [Sat, 11 Nov 2023 18:22:09 +0000 (18:22 +0000)]
merge lld-16.0.6

11 months agoimport of lld from LLVM-16.0.6
robert [Sat, 11 Nov 2023 18:21:06 +0000 (18:21 +0000)]
import of lld from LLVM-16.0.6

11 months agomerge clang-16.0.6
robert [Sat, 11 Nov 2023 18:20:20 +0000 (18:20 +0000)]
merge clang-16.0.6

11 months agoimport of clang from LLVM-16.0.6
robert [Sat, 11 Nov 2023 18:16:10 +0000 (18:16 +0000)]
import of clang from LLVM-16.0.6

11 months agomerge llvm-16.0.6
robert [Sat, 11 Nov 2023 18:14:26 +0000 (18:14 +0000)]
merge llvm-16.0.6

11 months agoRandomly linked riscv64 kernels built with clang/lld-16 hang too often
jca [Sat, 11 Nov 2023 18:00:36 +0000 (18:00 +0000)]
Randomly linked riscv64 kernels built with clang/lld-16 hang too often

Use cat instead of sort -R to disable random relinking for now, until we
find the culprit.  For whoever interested, using cat or sort avoids the
problem but using sort -r makes it 100% reproducible in my tests.

Suggested by deraadt@

11 months agoimport of llvm from LLVM 16.0.6
robert [Sat, 11 Nov 2023 17:58:32 +0000 (17:58 +0000)]
import of llvm from LLVM 16.0.6

11 months agoEnable CD9660 in RAMDISK so we can mount CD-ROMs.
patrick [Sat, 11 Nov 2023 17:20:21 +0000 (17:20 +0000)]
Enable CD9660 in RAMDISK so we can mount CD-ROMs.

ok jsg@

11 months agoAttach dwqe(4) to Intel Elkhart Lake PSE SGMII devices.
stsp [Sat, 11 Nov 2023 16:50:25 +0000 (16:50 +0000)]
Attach dwqe(4) to Intel Elkhart Lake PSE SGMII devices.

Patch by msaitoh@netbsd, who tested both PSE SGMII ports on a Helix 330.

11 months agoCorrect wrong register offset macros for dwqe(4) DMA burst length.
stsp [Sat, 11 Nov 2023 16:32:56 +0000 (16:32 +0000)]
Correct wrong register offset macros for dwqe(4) DMA burst length.

Intel Elkhart Lake Ethernet now reaches 934 Mbps Tx/Rx in my testing.

Patch by msaitoh@netbsd, thanks!
Tested by myself on Elkhart Lake, dlg@ on arm64, and jca@ on riscv.
ok dlg@ patrick@

11 months agoPass constant struct sockaddr to interface lookup functions.
bluhm [Sat, 11 Nov 2023 14:24:03 +0000 (14:24 +0000)]
Pass constant struct sockaddr to interface lookup functions.

OK mvs@

11 months agoWe do not define VERSION anymore.
ajacoutot [Sat, 11 Nov 2023 13:27:24 +0000 (13:27 +0000)]
We do not define VERSION anymore.

11 months agostart documenting the protections or locks needed for struct rtentry fields.
dlg [Sat, 11 Nov 2023 12:52:20 +0000 (12:52 +0000)]
start documenting the protections or locks needed for struct rtentry fields.

this is the result of a bunch of discussion at h2k23.

ok claudio@ mvs@ bluhm@

11 months agoAdd DIST_TUPLE support documentation.
ajacoutot [Sat, 11 Nov 2023 12:32:34 +0000 (12:32 +0000)]
Add DIST_TUPLE support documentation.

11 months agoMention that this module also supports meson(1).
ajacoutot [Sat, 11 Nov 2023 12:27:00 +0000 (12:27 +0000)]
Mention that this module also supports meson(1).

11 months agoRemove unused parameter dst from art_get().
bluhm [Sat, 11 Nov 2023 12:17:50 +0000 (12:17 +0000)]
Remove unused parameter dst from art_get().

OK mvs@

11 months agoDumb my latin down to vernacular english
espie [Sat, 11 Nov 2023 10:46:37 +0000 (10:46 +0000)]
Dumb my latin down to vernacular english

11 months agodocument UNLINKED/BUILD_UNLINKED
espie [Sat, 11 Nov 2023 10:12:08 +0000 (10:12 +0000)]
document UNLINKED/BUILD_UNLINKED

11 months agoFix a few bugs in X509v3_asid_add*()
tb [Sat, 11 Nov 2023 09:35:21 +0000 (09:35 +0000)]
Fix a few bugs in X509v3_asid_add*()

These 'builder' functions, usually used together, can result in corrupt
ASIdentifiers on failure. In general, no caller should ever try to recover
from OpenSSL API failure. There are simply too many traps. We can still
make an effort to leave the objects in unmodified state on failure. This
is tricky because ownership transfer happens. Unfortunately a really
clean version of this seems impossible, maybe a future iteration will
bring improvements...

The nasty bit here is that the caller of X509v3_asid_add_id_or_range()
can't know from the return value whether ownership of min and max was
transferred or not. An inspection of (*choice)->u.range is required.
If a caller frees min and max after sk_ASIdOrRange_push() failed, there
is a double free.

All these complications could have been avoided if the API interface
had simply used uint32_t instead of ASN1_INTEGERs. The entire RFC 3779
API was clearly written without proper review. I don't know if there
ever was an actual consumer before rpki-client. If it existed, nobody
with the requisite skill set looked at it in depth.

ok beck for the general direction
with a lot of input and ok jsing

11 months agoCope with recent rt_hash() const changes.
anton [Sat, 11 Nov 2023 07:34:54 +0000 (07:34 +0000)]
Cope with recent rt_hash() const changes.

11 months agoIgnore -N in "gzip -dN <in.gz" and "zcat -N in.gz"
gkoehler [Sat, 11 Nov 2023 02:52:55 +0000 (02:52 +0000)]
Ignore -N in "gzip -dN <in.gz" and "zcat -N in.gz"

Have -c override -N, like other gzip implementations.  Before, our -N
(decompress to stored name) overrode -c (cat to stdout) and crashed
with a pledge violation, because the pledge for -c excludes wpath.

Guilherme Janczak reported the pledge violation in July 2022 and
provided a diff to prevent it, along with a regress test.  I rewrote
the diff and expanded the regress.

ok kn@ millert@

11 months agoDelete the useless .\" ----- comments before .Sh.
schwarze [Sat, 11 Nov 2023 01:38:23 +0000 (01:38 +0000)]
Delete the useless .\" ----- comments before .Sh.
Wo don't have them anywhere else, so we don't need them here.
No text change.

11 months agomore details about error recovery
schwarze [Sat, 11 Nov 2023 01:28:41 +0000 (01:28 +0000)]
more details about error recovery
OK millert@ jmc@
triggered by a question from cheloha@

11 months agortable_match() takes constant destination.
bluhm [Fri, 10 Nov 2023 20:05:22 +0000 (20:05 +0000)]
rtable_match() takes constant destination.

For implementing MP safe route lookup, it helps to know which
function parameters are constant.  Add some const declarations, so
that the compiler guarantees that sockaddr dst parameter of
rtable_match() does not change.

OK dlg@

11 months agoMention gnome in DIST_TUPLE.
ajacoutot [Fri, 10 Nov 2023 19:46:52 +0000 (19:46 +0000)]
Mention gnome in DIST_TUPLE.

11 months agozap some unused includes
jasper [Fri, 10 Nov 2023 18:56:21 +0000 (18:56 +0000)]
zap some unused includes

11 months agoscsi_xs_get() sets xs->flags via scsi_xs_io(). There is no need
krw [Fri, 10 Nov 2023 17:43:39 +0000 (17:43 +0000)]
scsi_xs_get() sets xs->flags via scsi_xs_io(). There is no need
to separately add another flag via SET(). Just pass the correct
combo to scsi_xs_get().

ok dlg@

11 months agoAlso mention COMPILER_LANGS for CFLAGS_${CHOSEN_COMPILER}
jca [Fri, 10 Nov 2023 17:37:20 +0000 (17:37 +0000)]
Also mention COMPILER_LANGS for CFLAGS_${CHOSEN_COMPILER}

Suggested by espie@

While here, sprinkle more .Ev.

11 months agoAdd doc for CFLAGS_${CHOSEN_COMPILER} and CXXFLAGS_${CHOSEN_COMPILER}
jca [Fri, 10 Nov 2023 16:51:01 +0000 (16:51 +0000)]
Add doc for CFLAGS_${CHOSEN_COMPILER} and CXXFLAGS_${CHOSEN_COMPILER}

ok tb@

11 months agoGPT partitions have many attributes. Don't stomp on them all when
krw [Fri, 10 Nov 2023 16:20:52 +0000 (16:20 +0000)]
GPT partitions have many attributes. Don't stomp on them all when
using 'flag <part #>' to make a partition the only bootable partition.
Just turn off the bootable bit in the other partitions.

ok dlg@

11 months agosync with NetBSD -r1.38:
jasper [Fri, 10 Nov 2023 16:02:47 +0000 (16:02 +0000)]
sync with NetBSD -r1.38:
remove unused NULL pointer that was passed to printf %s.

11 months agoMake ifq and ifiq interface MP safe.
bluhm [Fri, 10 Nov 2023 15:51:19 +0000 (15:51 +0000)]
Make ifq and ifiq interface MP safe.

Rename ifq_set_maxlen() to ifq_init_maxlen().  This function neither
uses WRITE_ONCE() nor a mutex and is called before the ifq mutex
is initialized.  The new name expresses that it should be used only
during interface attach when there is no concurrency.

Protect ifq_len(), ifq_empty(), ifiq_len(), and ifiq_empty() with
READ_ONCE().  They can be used without lock as they only read a
single integer.

OK dlg@

11 months agoEnhance 'flag' to accept hex values in addition to the current 0
krw [Fri, 10 Nov 2023 15:41:11 +0000 (15:41 +0000)]
Enhance 'flag' to accept hex values in addition to the current 0
.. INT64_MAX decimal values..

Easier to specify the 64 bits of GPT partition attributes and
0x8000000000000000 (a.k.a.  MS_NOAUTOMOUNT, a.k.a. 1 << 63)
becomes accessable.

Prompted by bug report and testing by Philippe Meunier. Thanks!

ok dlg@

11 months agoremove unused liblldbPluginOperatingSystem
robert [Fri, 10 Nov 2023 15:18:05 +0000 (15:18 +0000)]
remove unused liblldbPluginOperatingSystem

11 months agobsd.port.mk.5: document variables related to sccache, such as USE_SCCACHE
caspar [Fri, 10 Nov 2023 12:35:54 +0000 (12:35 +0000)]
bsd.port.mk.5: document variables related to sccache, such as USE_SCCACHE

Tweak from kn@
OK landry@ kn@

11 months agoAdd an initial SNMPv3 regression test.
martijn [Fri, 10 Nov 2023 12:16:53 +0000 (12:16 +0000)]
Add an initial SNMPv3 regression test.

11 months agoregen
jsg [Fri, 10 Nov 2023 12:14:33 +0000 (12:14 +0000)]
regen

11 months agoadd "Phoenix 2" APU device id
jsg [Fri, 10 Nov 2023 12:14:04 +0000 (12:14 +0000)]
add "Phoenix 2" APU device id

Phoenix 2 parts include both Zen4 and Zen4c cores
used by Ryzen Z1, Ryzen 5 7545U, Ryzen 3 7440U with cpuid 19-78-00

11 months agoGive ober_printf_elements() a ber_element array, similar to
martijn [Fri, 10 Nov 2023 12:12:02 +0000 (12:12 +0000)]
Give ober_printf_elements() a ber_element array, similar to
ober_scanf_elements(). This allows us to move down and back up multiple
levels in with nested sequences and sets.

While here, on failure, make sure we free (and unlink if needed) all
elements we created.

OK claudio@, tb@

11 months agoaccept numerical user IDs
kn [Fri, 10 Nov 2023 09:17:02 +0000 (09:17 +0000)]
accept numerical user IDs

Turn [-U username] into [-U user] to match top(1)/pgrep(1)/fstat(1) -U/-u
taking both "root" and "0".

Feedback OK millert

11 months agoAlways prefer group from initial KE payload as responder if supported.
tobhe [Fri, 10 Nov 2023 08:03:02 +0000 (08:03 +0000)]
Always prefer group from initial KE payload as responder if supported.

from markus@

11 months agoMake further use of netcat server close barrier in regress to reduce
anton [Fri, 10 Nov 2023 06:15:50 +0000 (06:15 +0000)]
Make further use of netcat server close barrier in regress to reduce
flakiness.

11 months agoMNT_SOFTDEP and mount -o softdep no longer have any effect
schwarze [Fri, 10 Nov 2023 00:25:59 +0000 (00:25 +0000)]
MNT_SOFTDEP  and  mount -o softdep  no longer have any effect
OK kn@ jmc@

11 months agoRun arp timeout without kernel lock.
bluhm [Thu, 9 Nov 2023 21:45:18 +0000 (21:45 +0000)]
Run arp timeout without kernel lock.

Since cheloha@ has implemented timeout processes that do not grab
the kernel lock, start using TIMEOUT_MPSAFE for arptimer().

OK kn@ mvs@

11 months agoForgot to fix the RFC number in the new comment
tb [Thu, 9 Nov 2023 19:08:07 +0000 (19:08 +0000)]
Forgot to fix the RFC number in the new comment

11 months agoConvert PKCS7_SIGNER_INFO_set() to X509_ALGOR_set0_by_nid()
tb [Thu, 9 Nov 2023 19:00:53 +0000 (19:00 +0000)]
Convert PKCS7_SIGNER_INFO_set() to X509_ALGOR_set0_by_nid()

This is a straightforward conversion because I'm not going to start a
cleanup here. Explain why this is not using X509_ALGOR_set_md(). See
below.

ok jca

Let me include a beautiful note from RFC 5754 in its entirety:

   NOTE: There are two possible encodings for the AlgorithmIdentifier
   parameters field associated with these object identifiers.  The two
   alternatives arise from the loss of the OPTIONAL associated with the
   algorithm identifier parameters when the 1988 syntax for
   AlgorithmIdentifier was translated into the 1997 syntax.  Later, the
   OPTIONAL was recovered via a defect report, but by then many people
   thought that algorithm parameters were mandatory.  Because of this
   history, some implementations encode parameters as a NULL element
   while others omit them entirely.  The correct encoding is to omit the
   parameters field; however, when some uses of these algorithms were
   defined, it was done using the NULL parameters rather than absent
   parameters.  For example, PKCS#1 [RFC3447] requires that the padding
   used for RSA signatures (EMSA-PKCS1-v1_5) MUST use SHA2
   AlgorithmIdentifiers with NULL parameters (to clarify, the
   requirement "MUST generate SHA2 AlgorithmIdentifiers with absent
   parameters" in the previous paragraph does not apply to this
   padding).

11 months agoTighten pledge in List and Append mode:
kn [Thu, 9 Nov 2023 18:54:15 +0000 (18:54 +0000)]
Tighten pledge in List and Append mode:

Drop "wpath cpath fattr dpath" in read-only:
-  cpio -i -t < test.tar
-  pax < test.tar
-  tar -t -f test.tar

Drop "cpath fattr dpath" in read-write:
-  echo foo | cpio -o -A -H ustar -O test.tar
-  tar -r -f test.tar foo
-  pax -w -a -f test.tar foo

Other modes remain unchanged and thus can create or modify files.

Feedback OK millert

11 months agoavoid restartable syscalls with siginterrupt() against all our handlers.
dlg [Thu, 9 Nov 2023 18:36:19 +0000 (18:36 +0000)]
avoid restartable syscalls with siginterrupt() against all our handlers.

pflogd uses blocking bpf reads, but installs a bunch of signal
handlers to handle cleanly closing and (re)opening the log file.
signal() by default sets the handlers up so they're restartable.
this has the effect that when pflogd receives a signal while waiting
in bpfread, the signal handler runs and sets a flag saying the file
should be rotated or closed or whatever, but then the kernel restarts
the read.

when pflogd used a bpf read timeout, pflogd would run it's "event"
loop every time the read timeout expired. this meant even though
the bpf read was restarted, by having the read timeout expire every
500ms the flag the signal handlers set would be processed in a
relatively short period of time.

after moving bpf to a wait timeout, pflogd basically has to wait
for a packet to be captured before the bpf read will return. if
you're trying to kill pflogd on an idle firewall then you're basically
stuck.

making the signal handlers not restartable allows bpfread to fail
with EINTR so pflogd can go around it's even loop and exit as
expected.

reported by Mikhail on bugs@
ok claudio@

pflogd needs a rewrite though.

11 months ago-C/resume without "proc exec"
kn [Thu, 9 Nov 2023 18:18:59 +0000 (18:18 +0000)]
-C/resume without "proc exec"

ftp(1) has "proc exec" to run sh(1) on interactive ! commands and filenames
starting with "|";  this is orthogonal to continuing transfers using the
existing file size as offsets.

There seems to be no case where a) the argument is an URL, i.e. we pledge,
and b) a shell is spawned somehow, so avoid these promises when resuming.

bsd.port.mk(5) FETCH_CMD uses -C by default.

OK millert

11 months agoAdd [-P progam] to filter dumps by basename
kn [Thu, 9 Nov 2023 15:43:28 +0000 (15:43 +0000)]
Add [-P progam] to filter dumps by basename

[-p pid] requires knowing the PIDs beforehand, sieving through big
dumps by argv[0] strings is more ergonomic.

OK deraadt

11 months agoFinish clean up of old 6.7 softraid migration code
kn [Thu, 9 Nov 2023 14:26:34 +0000 (14:26 +0000)]
Finish clean up of old 6.7 softraid migration code

All combos of no/CRYPTO softraid, old/new ofwboot, old/new kernel do boot.

OK stsp

11 months agoget rid of the ioctl whitelist that bio will tunnel for other devs.
dlg [Thu, 9 Nov 2023 14:07:18 +0000 (14:07 +0000)]
get rid of the ioctl whitelist that bio will tunnel for other devs.

this will allow bio(4) to be used with other (non raid) related
devices.

ok krw@ kn@

11 months agosort .xr after previous; from jmc
kn [Thu, 9 Nov 2023 13:47:27 +0000 (13:47 +0000)]
sort .xr after previous;  from jmc

11 months agolink to showmount(8); OK deraadt
kn [Thu, 9 Nov 2023 12:47:05 +0000 (12:47 +0000)]
link to showmount(8);  OK deraadt

11 months agovmctl(8): avoid abort when given an invalid "kernel" file.
dv [Thu, 9 Nov 2023 12:26:08 +0000 (12:26 +0000)]
vmctl(8): avoid abort when given an invalid "kernel" file.

The vmctl `start` command allows the user to pass an optional
"kernel" file (either a ramdisk kernel or a SeaBIOS image). This
file is opened by vmctl and the descriptor passed via imsg.

If the file provided isn't a regular file, the attempt to send the
start message to vmd(8)'s control socket will fail and results in
a the vmctl process aborting.

Check the file type after open and fail gracefully if not a regular
file.

reported by and ok gnezdo@

11 months agoConvert ecx_item_sign() to X509_ALGOR_set0_by_nid()
tb [Thu, 9 Nov 2023 11:39:13 +0000 (11:39 +0000)]
Convert ecx_item_sign() to X509_ALGOR_set0_by_nid()

ok jca

11 months agoConvert asn1_item_sign() to X509_ALGOR_set0_by_nid()
tb [Thu, 9 Nov 2023 11:36:39 +0000 (11:36 +0000)]
Convert asn1_item_sign() to X509_ALGOR_set0_by_nid()

ok jca

11 months agomissing full stop
jasper [Thu, 9 Nov 2023 09:13:32 +0000 (09:13 +0000)]
missing full stop

11 months agoRemove delayed timeout(9) initialization. timeout_set*() only assign
mvs [Thu, 9 Nov 2023 08:53:20 +0000 (08:53 +0000)]
Remove delayed timeout(9) initialization. timeout_set*() only assign
members of passed timeout structure, this delayed initialization
provides nothing but makes code weird.

ok kn

11 months agoFix X509_ALGOR_set0() usage in rsa_alg_set_oaep_padding()
tb [Thu, 9 Nov 2023 08:29:53 +0000 (08:29 +0000)]
Fix X509_ALGOR_set0() usage in rsa_alg_set_oaep_padding()

Replace X509_ALGOR_set0() with X509_ALGOR_set0_by_nid(). This way there
is no missing error checking for OBJ_nid2obj() and no nested functions.
Slightly more importantly, this plugs two long standing potential leaks
in this function (or previously rsa_cms_encrypt()) due to missing error
checking: in the unlikely event that X509_ALGOR_set0() failed, astr/ostr
would leak.

ok jsing

11 months agoUse X509_ALGOR_set0_by_nid() in rsa_mgf1md_to_maskGenAlgorithm()
tb [Thu, 9 Nov 2023 08:20:10 +0000 (08:20 +0000)]
Use X509_ALGOR_set0_by_nid() in rsa_mgf1md_to_maskGenAlgorithm()

ok jsing

11 months agodrm/amdgpu: Reserve fences for VM update
jsg [Thu, 9 Nov 2023 08:16:47 +0000 (08:16 +0000)]
drm/amdgpu: Reserve fences for VM update

From Felix Kuehling
ff86d69b2e5004ec256a9301990acdaa282a777c in linux-6.1.y/6.1.62
316baf09d355aec1179981b6dfe28eba50c5ee5b in mainline linux

11 months agogpu/drm: Eliminate DRM_SCHED_PRIORITY_UNSET
jsg [Thu, 9 Nov 2023 08:14:14 +0000 (08:14 +0000)]
gpu/drm: Eliminate DRM_SCHED_PRIORITY_UNSET

From Luben Tuikov
9f9b2ec53aca630783493a2ccc3bab0794052133 in linux-6.1.y/6.1.62
fa8391ad68c16716e2c06ada397e99ceed2fb647 in mainline linux

11 months agodrm/amdgpu: Unset context priority is now invalid
jsg [Thu, 9 Nov 2023 08:10:19 +0000 (08:10 +0000)]
drm/amdgpu: Unset context priority is now invalid

From Luben Tuikov
cafa191b27dd3c6199529f36a6dfddb707c240c0 in linux-6.1.y/6.1.62
eab0261967aeab528db4d0a51806df8209aec179 in mainline linux

11 months agodrm/ttm: Reorder sys manager cleanup step
jsg [Thu, 9 Nov 2023 08:08:17 +0000 (08:08 +0000)]
drm/ttm: Reorder sys manager cleanup step

From Karolina Stolarek
6a87b333ba4784ba23c1e74693f5c1b0268ac137 in linux-6.1.y/6.1.62
3b401e30c249849d803de6c332dad2a595a58658 in mainline linux

11 months agoDon't do the time window check if we're noAuthNoPriv. It's only needed
martijn [Wed, 8 Nov 2023 20:09:18 +0000 (20:09 +0000)]
Don't do the time window check if we're noAuthNoPriv. It's only needed
if we're authenticating according to RFC3414 section 2.3.

OK tb@

11 months agoLet usm_make_report() utilize appl_report(). usm_make_report utilized
martijn [Wed, 8 Nov 2023 20:07:14 +0000 (20:07 +0000)]
Let usm_make_report() utilize appl_report(). usm_make_report utilized
mps_getstr(), which after moving the SNMPv2-SMI::snmpV2 into
application_internal returned a noSuchObject. This doesn't seem to have
broken any tools that I'm aware of, but this returns the correct result.

OK tb@

11 months agoLet appl_report() collect its own metrics. This simplifies the interface
martijn [Wed, 8 Nov 2023 20:02:52 +0000 (20:02 +0000)]
Let appl_report() collect its own metrics. This simplifies the interface
and gives us a free report-pdu log line in debug mode.

OK tb@

11 months agoDon't rely on aru_pdu to rebuild the original varbindlist on error.
martijn [Wed, 8 Nov 2023 19:59:46 +0000 (19:59 +0000)]
Don't rely on aru_pdu to rebuild the original varbindlist on error.
Now that we have avi_origid it's not needed anymore and aru_pdu needs
to go.

OK tb@

11 months agoDon't use aru_pdu for determining the requesttype. It's owned by
martijn [Wed, 8 Nov 2023 19:54:52 +0000 (19:54 +0000)]
Don't use aru_pdu for determining the requesttype. It's owned by
snmp_message and getting rid of it is also needed for appl_report() to
gather its own information.

OK tb@

11 months agoOn second thought let's not overwrite sm_pdutype with a hardcoded value
martijn [Wed, 8 Nov 2023 19:50:24 +0000 (19:50 +0000)]
On second thought let's not overwrite sm_pdutype with a hardcoded value
after just setting it, it's a silly idea.

OK tb@

11 months agoexport SNMP-TARGET-MIB::{snmpUnavailableContexts,snmpUnknownContexts}
martijn [Wed, 8 Nov 2023 19:46:28 +0000 (19:46 +0000)]
export SNMP-TARGET-MIB::{snmpUnavailableContexts,snmpUnknownContexts}
via application_internal.

OK tb@

11 months agoHook up snmpTargetMIB to MIB_TREE.
martijn [Wed, 8 Nov 2023 19:43:29 +0000 (19:43 +0000)]
Hook up snmpTargetMIB to MIB_TREE.

OK tb@

11 months agoMore minor cleanup in rsa_alg_set_oaep_padding()
tb [Wed, 8 Nov 2023 19:30:38 +0000 (19:30 +0000)]
More minor cleanup in rsa_alg_set_oaep_padding()

Test and assign one more instance replace a useless comment by an empty
line.

11 months agoAvoid a NULL dereference when handling a malformed fastcgi request.
millert [Wed, 8 Nov 2023 19:19:10 +0000 (19:19 +0000)]
Avoid a NULL dereference when handling a malformed fastcgi request.

Rework the hack to avoid a use-after-free in the fastcgi code.
Since server_fcgi() can be called by server_read_httpcontent() we
can't set clt_fcgi_error to NULL.  Instead, we implement a simple
reference count to track when a fastcgi session is in progress to
avoid closing the http session prematurely on fastcgi error.
Based on a diff from and OK by tb@.  Reported by Ben Kallus.

11 months agoPrepare further fixes of X509_ALGOR_set0() misuse
tb [Wed, 8 Nov 2023 19:14:43 +0000 (19:14 +0000)]
Prepare further fixes of X509_ALGOR_set0() misuse

In rsa_alg_set_oaep_padding() rename los to ostr for consistency with
astr, make it have function scope, free ostr in the error path and assume
X509_ALGOR_set0() success.

ok jca

11 months agoIncrease NKMEMPAGES_MAX_DEFAULT to same value as on amd64.
mglocker [Wed, 8 Nov 2023 18:59:01 +0000 (18:59 +0000)]
Increase NKMEMPAGES_MAX_DEFAULT to same value as on amd64.

OK deraadt@

11 months agozap a stray space
tb [Wed, 8 Nov 2023 17:07:07 +0000 (17:07 +0000)]
zap a stray space

11 months agoRename os into astr in rsa_alg_set_oaep_padding()
tb [Wed, 8 Nov 2023 16:42:18 +0000 (16:42 +0000)]
Rename os into astr in rsa_alg_set_oaep_padding()

11 months agoRename pkctx to pkey_ctx in rsa_alg_set_oaep_padding() and rsa_cms_encrypt()
tb [Wed, 8 Nov 2023 16:07:59 +0000 (16:07 +0000)]
Rename pkctx to pkey_ctx in rsa_alg_set_oaep_padding() and rsa_cms_encrypt()

11 months agoSome simple cosmetics in rsa_alg_set_oaep_padding()
tb [Wed, 8 Nov 2023 16:05:18 +0000 (16:05 +0000)]
Some simple cosmetics in rsa_alg_set_oaep_padding()

Rename rv into ret and split it on its own line, move labellen a bit down
add some empty lines. To match style elsewhere.

Most of this was requested by jsing