openbsd
2 years agoBackout "Only return file descriptors to block or character devices"
kn [Fri, 26 Aug 2022 21:47:16 +0000 (21:47 +0000)]
Backout "Only return file descriptors to block or character devices"

mount_mfs(8) no monger mounts "/build" with the following fstab(5) entry:
/dev/sd0b /build mfs rw,noperm,nodev,nosuid,-s=2064348,noauto

as found out by bluhm the hard way.

2 years agoRemove stale comment about nonexistent ifnetaddr
kn [Fri, 26 Aug 2022 18:37:44 +0000 (18:37 +0000)]
Remove stale comment about nonexistent ifnetaddr

Obsolete since if.c r1.56 (2008)
"Make if.c kvm free by fetching the interface stats via sysctl [...]".

2 years agoMove PRU_RCVD request to (*pru_rcvd)().
mvs [Fri, 26 Aug 2022 16:17:38 +0000 (16:17 +0000)]
Move PRU_RCVD request to (*pru_rcvd)().

ok bluhm@

2 years agoHandle IMSG_SESSION_* messages immediatly when received and do not put
claudio [Fri, 26 Aug 2022 14:10:52 +0000 (14:10 +0000)]
Handle IMSG_SESSION_* messages immediatly when received and do not put
them on the per peer imsg queue. This is mainly for IMSG_SESSION_DOWN.
Delaying the session down can race against IMSG_SESSION_ADD which is
handled immediatly and as a result an establised connection may be
removed in the RDE because of it.
The various graceful restart imsgs need similar treatment for similar
reasons. In the end when a session is reset/closed the RDE needs to
stop all work and flush the per peer imsg queue.
With this only update and route refresh messages are handled via the
imsg queue.
OK tb@

2 years agoDo not rm a directory
kn [Fri, 26 Aug 2022 11:06:47 +0000 (11:06 +0000)]
Do not rm a directory

2 years agoTweaks in load_skiplist()
tb [Fri, 26 Aug 2022 11:04:13 +0000 (11:04 +0000)]
Tweaks in load_skiplist()

If there's an issue opening the default skip list file other than its
absence (most likely bad permissions), we should not silently ignore
that. Also, use err() instead of errx() to display the error.

Second, linelen, the return value of getline(), is not currently used.
Repurpose it to save the result of strcspn() which calculates the length
of the string we're interested in and use that instead of strlen().

ok claudio

2 years agoSync usage with manual
kn [Fri, 26 Aug 2022 09:14:00 +0000 (09:14 +0000)]
Sync usage with manual

-l takes chunks not specials;  while here, simplify markup for optional parts.

Feedback OK jmc

2 years agowhitespace
djm [Fri, 26 Aug 2022 08:16:27 +0000 (08:16 +0000)]
whitespace

2 years agowhitespace
djm [Fri, 26 Aug 2022 08:12:56 +0000 (08:12 +0000)]
whitespace

2 years agoAdjust PEM_write_X509() error message and unwrap line.
tb [Fri, 26 Aug 2022 06:32:03 +0000 (06:32 +0000)]
Adjust PEM_write_X509() error message and unwrap line.

2 years agoRemove unnecessary BIO dances and use stdout directly.
tb [Fri, 26 Aug 2022 06:28:41 +0000 (06:28 +0000)]
Remove unnecessary BIO dances and use stdout directly.

2 years agoMove (unused) variables under !VERIFYONLY
kn [Fri, 26 Aug 2022 00:24:56 +0000 (00:24 +0000)]
Move (unused) variables under !VERIFYONLY

install media does not use any of -cns, so move their handling out under
!VERIFYONLY to silence -Wunused-but-set-variable warnings in
distrib/special/signify.

OK deraadt

2 years agoMove (unused) functions under !SMALL
kn [Fri, 26 Aug 2022 00:02:08 +0000 (00:02 +0000)]
Move (unused) functions under !SMALL

if_state_name() and proposal_state_name() are only uesd in log_debug()
calls which are NOOPs in SMALL builds.

Seen with -Wunused-function warnings in distrib/special/slaacd.

OK deraadt

2 years agodrm/amd/display: Check correct bounds for stream encoder instances for DCN303
jsg [Thu, 25 Aug 2022 23:52:56 +0000 (23:52 +0000)]
drm/amd/display: Check correct bounds for stream encoder instances for DCN303

From Aurabindo Pillai
82a27c1855445d48aacc67b0c0640f3dadebe52f in linux 5.15.y/5.15.63
89b008222c2bf21e50219725caed31590edfd9d1 in mainline linux

2 years agodrm/ttm: Fix dummy res NULL ptr deref bug
jsg [Thu, 25 Aug 2022 23:49:31 +0000 (23:49 +0000)]
drm/ttm: Fix dummy res NULL ptr deref bug

From Arunpravin Paneer Selvam
76672cd326c146ded2c2712ff257b8908dcf23d8 in linux 5.15.y/5.15.63
cf4b7387c0a842d64bdd7c353e6d3298174a7740 in mainline linux

2 years agoamd64/lapic.c: remove unused extern prototype for tsc_delay()
cheloha [Thu, 25 Aug 2022 20:43:17 +0000 (20:43 +0000)]
amd64/lapic.c: remove unused extern prototype for tsc_delay()

2 years agoThe "Avalanche" performance cores on Apple's M2 SoC have more than 16
kettenis [Thu, 25 Aug 2022 19:16:29 +0000 (19:16 +0000)]
The "Avalanche" performance cores on Apple's M2 SoC have more than 16
P-states.  As a result the layout of the "state" register changed.
Make the driver handle that.

Also make sure we use the correct lowest state in case the lowest
frequency of the performance cores is different from the lowest
frequency of the efficiency cores.

ok tobhe@

2 years agoMake PEM printing available through increased verbosity (-vvf)
job [Thu, 25 Aug 2022 18:12:05 +0000 (18:12 +0000)]
Make PEM printing available through increased verbosity (-vvf)

Suggestion from claudio@

OK tb@

2 years agoacpihpet(4): don't truncate HPET frequency to 32-bit value
cheloha [Thu, 25 Aug 2022 18:01:54 +0000 (18:01 +0000)]
acpihpet(4): don't truncate HPET frequency to 32-bit value

timecounter.tc_frequency is a 64-bit value: this cast is unnecessary.

Split off from the acpihpet_delay() commit at jsg@'s suggestion.

Link1: https://marc.info/?l=openbsd-tech&m=166053729104923&w=2
Link2: https://marc.info/?l=openbsd-tech&m=166132727120528&w=2

probably ok jsg@

2 years agoacpihpet(4): add acpihpet_delay(), another delay(9) implementation
cheloha [Thu, 25 Aug 2022 17:54:33 +0000 (17:54 +0000)]
acpihpet(4): add acpihpet_delay(), another delay(9) implementation

When lapic_delay() is removed from the tree in the near future, older
machines without a constant/invariant TSC will need a delay(9)
implementation better than i8254_delay().

This patch adds acpihpet_delay(), a delay(9) implementation based on
the ACPI HPET timer.  It is preferable to i8254_delay() (0) and
acpitimer_delay() (1000), so set its quality to 2000.

On newer machines, the HPET is slower to read than the PMT on newer
machines for reasons unknown, so _technically_ this quality hierarchy
is not always accurate.  However, we expect these newer machines to
have a constant/invariant TSC available, so the inaccuracy is harmless
because tsc_delay() will be available, which is better than both the
PMT and the HPET.

In general, on real hardware that predates wide availability of the
constant/invariant TSC, the HPET is preferable to the PMT.

With input from jsg@.

Link: https://marc.info/?l=openbsd-tech&m=166053729104923&w=2
ok mlarkin@ jsg@

2 years agoacpitimer(4): add acpitimer_delay(), another delay(9) implementation
cheloha [Thu, 25 Aug 2022 17:43:34 +0000 (17:43 +0000)]
acpitimer(4): add acpitimer_delay(), another delay(9) implementation

When lapic_delay() is removed from the tree in the near future, older
machines without a constant/invariant TSC will need a delay(9)
implementation better than i8254_delay().

This patch adds acpitimer_delay(), a delay(9) implementation based on
the ACPI PM timer.  It is only preferable to i8254_delay(), so set its
quality to 1000.

With input from jsg@.

Link: https://marc.info/?l=openbsd-tech&m=166053729104923&w=2
ok mlarkin@ jsg@

2 years agoamd64, i386: use delay_init() instead of writing delay_func by hand
cheloha [Thu, 25 Aug 2022 17:38:16 +0000 (17:38 +0000)]
amd64, i386: use delay_init() instead of writing delay_func by hand

Now that we have delay_init(), use it in all the places where we
currently set delay_func by hand.

lapic_delay() is great: 3000.  hv_delay() is needed before we set up
lapic_delay() on Hyper-V guests: 4000.  tsc_delay() is better than
lapic_delay() and (probably?) hv_delay(): 5000.

We may bump hv_delay's quality value up over that of tsc_delay() in a
future patch.  It's a little ambiguous whether hv_delay() causes a VM
exit.

Idea and patch from jsg@.  With tons of input, research and advice
from jsg@.

Link: https://marc.info/?l=openbsd-tech&m=166053729104923&w=2
ok mlarkin@ jsg@

2 years agoIn verbose filemode print details about encapsulated certificates.
job [Thu, 25 Aug 2022 17:31:26 +0000 (17:31 +0000)]
In verbose filemode print details about encapsulated certificates.
Add command line flag to print the certificate in PEM format.

OK tb@

2 years agoamd64, i386: add delay_init(): basic delay(9) implementation management
cheloha [Thu, 25 Aug 2022 17:25:25 +0000 (17:25 +0000)]
amd64, i386: add delay_init(): basic delay(9) implementation management

Because the clock situation on x86 and amd64 is a terminal
clusterfuck, there are many different ways to delay(9).  We need a
rudimentary mechanism for gracefully switching to progressively better
delay(9) implementations as they become available during boot without
riddling the code with ifdefs and function pointer comparisons.

This patch adds delay_init() to both amd64 and i386.  If the quality
value passed to delay_init() exceeds the quality value of the current
delay_func, delay_init() changes delay_func to the given function
pointer and updates the quality value.  Both platforms start with
delay_func set to i8254_delay() and a quality value of zero: all other
delay(9) implementations are preferable.

Idea and patch provided by jsg@.  With tons of input, research, and
advice from jsg@.

Link: https://marc.info/?l=openbsd-tech&m=166053729104923&w=2
ok mlarkin@ jsg@

2 years agoFix newline in JSON filemode
job [Thu, 25 Aug 2022 17:11:34 +0000 (17:11 +0000)]
Fix newline in JSON filemode

OK tb@

2 years agoOnly return file descriptors to block or character devices
kn [Thu, 25 Aug 2022 17:09:54 +0000 (17:09 +0000)]
Only return file descriptors to block or character devices

If the requested path contained a slash, opendev(3) blindly opened the file
and returned a file descriptor to it.

Check for block or character devices (according to OPENDEV_BLCK) and fail
for other types.

Spotted through installboot(8) which happily opened a stage file as device
when forgetting the device argument:
# installboot -v ./biosboot
Using / as root
installing bootstrap on ./biosboot
using first-stage /usr/mdec/biosboot, second-stage /usr/mdec/boot
installboot: disklabel: ./biosboot: Inappropriate ioctl for device

This makes it fail earlier, as expected:
# installboot -v ./biosboot
installboot: open: ./biosboot: Block device required

The case where opendev(3) is passed a string not containing a slash, i.e.
a supposed DUID, is fine, as diskmap(4) will ensure that only valid device
paths are returned, if the DUID is valid.

Feedback OK millert

2 years agoUse memset() and memcpy() instead of bzero() or bcopy().
claudio [Thu, 25 Aug 2022 16:49:18 +0000 (16:49 +0000)]
Use memset() and memcpy() instead of bzero() or bcopy().
In one case use memmove() since the operation is done on the same memory
buffer and may overlap.
OK tb@

2 years agoNo need for wsmux in this kernel configuration; ok visa@
miod [Thu, 25 Aug 2022 16:10:15 +0000 (16:10 +0000)]
No need for wsmux in this kernel configuration; ok visa@

2 years agoNo need to include float.h anymore.
millert [Thu, 25 Aug 2022 13:32:13 +0000 (13:32 +0000)]
No need to include float.h anymore.

2 years agoPlug memory leak in filemode
job [Thu, 25 Aug 2022 11:07:28 +0000 (11:07 +0000)]
Plug memory leak in filemode

OK tb@ claudio@

2 years agoConnected routes use the BGP exit nexthop while other routes need to use
claudio [Thu, 25 Aug 2022 08:10:25 +0000 (08:10 +0000)]
Connected routes use the BGP exit nexthop while other routes need to use
the nexthop from the covering route. Move this logic from RDE to the
kroute code so it is all in one place.
OK tb@

2 years agoAdd DIT CPU feature.
kettenis [Wed, 24 Aug 2022 22:01:16 +0000 (22:01 +0000)]
Add DIT CPU feature.

ok beck@

2 years agoForgotten to commit as part of
kn [Wed, 24 Aug 2022 21:08:51 +0000 (21:08 +0000)]
Forgotten to commit as part of

----------------------------
/usr/src/usr.sbin/installboot/Makefile revision 1.25
date: 2022/08/15 17:06:43;  author: kn;  state: Exp;  lines: +5 -1;  commitid: 36Ayh2RViNOotnQJ;
Add initial piece for softraid(4) support on arm64

arm64 is the only currently supported OpenBSD platform which both
a) supports booting off root on softraid(4) (kernel and bootloader) and
b) is an EFI platform (as far as installboot(8) is concerned).

Currently, installboot treats softraid root volumes as regular devices,
ignoring ignores chunk devices completely.

Teach installboot the first bits of softraid support for EFI:
installing the single-stage boot loader on chunks rather than the volume.

Copy over sparc64's softraid stage-1 code as-is and make its stage-2 a NOOP:

# ./obj/installboot -v sd4
Using / as root
installing bootstrap on /dev/rsd4c
using first-stage /usr/mdec/BOOTAA64.EFI
sd4: softraid volume with 1 disk(s)
sd0a: installing boot blocks on /dev/rsd0c
copying /usr/mdec/BOOTAA64.EFI to /tmp/installboot.KuBD4zkfpM/efi/boot/bootaa64.efi
writing /tmp/installboot.KuBD4zkfpM/efi/boot/startup.nsh

arm64 miniroot fits and boots with this.

OK stsp

As of now, EFI partitions must still be created manually as installboot's
'-p' does not support softraid at all (next missing piece for root on
softraid on arm64 installations to work out-of-the-box).
----------------------------

Reminded by miod, thanks

2 years agorun -p on all chunk devices for now to make progress
kn [Wed, 24 Aug 2022 20:38:03 +0000 (20:38 +0000)]
run -p on all chunk devices for now to make progress

These tests run on amd64, arm64 and sparc64, of which only arm64 implements
filesystem preparation;  always run to test NOOPs on the other two as well
and be reminded about via XXX in the output.

Best to fix explicit stage files on arm64 (all EFI platforms) first,
polish these tests for arm64 a bit further and then revert these prepare
per chunk bits again -- easier than keeping a local diff while committing.

2 years agocrank chunk size to make fdisk work on arm64
kn [Wed, 24 Aug 2022 20:31:06 +0000 (20:31 +0000)]
crank chunk size to make fdisk work on arm64

2 years agoAdd missing licence, from nonaka@netbsd.org
miod [Wed, 24 Aug 2022 19:36:55 +0000 (19:36 +0000)]
Add missing licence, from nonaka@netbsd.org

2 years agoBuild libsa with NO_NET as we don't need any of the network-related code in it.
miod [Wed, 24 Aug 2022 19:36:05 +0000 (19:36 +0000)]
Build libsa with NO_NET as we don't need any of the network-related code in it.

2 years agoForce compilation to fail in case of implicit function declaration.
miod [Wed, 24 Aug 2022 17:36:19 +0000 (17:36 +0000)]
Force compilation to fail in case of implicit function declaration.

2 years agoAdd prototype declarations for a bunch of functions.
miod [Wed, 24 Aug 2022 17:35:15 +0000 (17:35 +0000)]
Add prototype declarations for a bunch of functions.

2 years agoPut the 'connection from non-peer' log message behind a verbose logging check.
claudio [Wed, 24 Aug 2022 17:14:02 +0000 (17:14 +0000)]
Put the 'connection from non-peer' log message behind a verbose logging check.
In many cases the message is just flooding the logs. In some cases it may
help to identify a missing neighbor for those cases log verbose can be used.
OK deraadt@ denis@

2 years agoSilence newfs, put mountpoint under obj, simplify stagefile handling
kn [Wed, 24 Aug 2022 15:58:06 +0000 (15:58 +0000)]
Silence newfs, put mountpoint under obj, simplify stagefile handling

2 years agoUse MOUNTPOINT correctly/consistently
kn [Wed, 24 Aug 2022 15:04:18 +0000 (15:04 +0000)]
Use MOUNTPOINT correctly/consistently

2 years agoHook up installboot on amd64
kn [Wed, 24 Aug 2022 15:01:32 +0000 (15:01 +0000)]
Hook up installboot on amd64

2 years agoAdd missing root-explicit-stages test, omit -v by default
kn [Wed, 24 Aug 2022 14:57:52 +0000 (14:57 +0000)]
Add missing root-explicit-stages test, omit -v by default

2 years agomatch on Intel 400 Series LP HD Audio (0x02c8)
jsg [Wed, 24 Aug 2022 11:21:12 +0000 (11:21 +0000)]
match on Intel 400 Series LP HD Audio (0x02c8)

on a Dell Latitude 3410 the audio device is subclass audio not hd audio
so azalia does not match

reported by Kirill Filatov

2 years agoCheck for NULL returns from bufferevent_new.
nicm [Wed, 24 Aug 2022 07:22:30 +0000 (07:22 +0000)]
Check for NULL returns from bufferevent_new.

2 years agoif the socket is connected, we can use recv() instead of recvfrom()
deraadt [Wed, 24 Aug 2022 01:32:21 +0000 (01:32 +0000)]
if the socket is connected, we can use recv() instead of recvfrom()
ok jmatthew

2 years agomsdosfs: don't pass NULL proc pointer to detrunc()
cheloha [Tue, 23 Aug 2022 20:37:16 +0000 (20:37 +0000)]
msdosfs: don't pass NULL proc pointer to detrunc()

detrunc()'s proc pointer argument may be passed to vinvalbuf(9), which
under certain conditions will pass the given proc pointer to
VOP_FSYNC(9), which always asserts that the given proc pointer is
equal to curproc.

msdosfs_write(), msdosfs_inactive(), createde(), and deextend() all
pass NULL for detrunc()'s proc pointer argument.  I have no idea why.
If these detrunc() calls ever reach VOP_FSYNC(9) the kernel will
panic.

So, for example, any user with write access to an msdosfs partition
can panic the kernel by writing to the partition until they cause
ENOSPC.  That particular panic looks like this:

panic: kernel diagnostic assertion "p == curproc" failed: file "/usr/src/sys/kern/vfs_vops.c", line 305
Stopped at      db_enter+0xa:   popq    %rbp
    TID    PID    UID     PRFLAGS     PFLAGS  CPU  COMMAND
*500294   8955      0    0x100003          0    1K ksh
db_enter() at db_enter+0xa
panic(ffffffff81f1b0cf) at panic+0xc4
__assert(ffffffff81fa361c,ffffffff81ee8329,131,ffffffff81f7229b) at assert+0x3b
VOP_FSYNC(fffffd8449a78b30,ffffffffffffffff,1,0) at VOP_FSYNC+Oxd6
vinvalbuf(fffffd8449a78b30,3,ffffffffffffffff,0,0,ffffffffffffffff) at vinvalbuf+0xd5
detrunc(ffff80000186f900,1fe,0,ffffffffffffffff,0) at detrunc+0x239
msdosfs_write(ffff800055774b98) at msdosf_write+0x4a4
VOP_WRITE(fffffd8449a78b30,ffff800055774d10,3,fffffd8370e8d5d0) at VOP_WRITE+0x59
vn_write(fffffd83c723b860,ffff800055774d10,0) at vn_write+0xc0
dofilewritev(ffff8000556ecfc0,1,ffff800055774d10,0.ffff800055774dc0) at dofilewritev+0x14d
sys_write(ffff8000556ecfc0,ffff800055774dd0,ffff800055774dc0) at sys_write+0x6a
syscall(ffff800055774e70) at syscall+0x39b
Xsyscall() at Xsyscall+0x128
end of kernel
end trace frame: 0x7f7ffffd8bf0, count: 2

This patch tweaks all the detrunc() calls in the aforementioned
msdosfs functions to pass curproc instead of a NULL pointer to
detrunc().  We don't appear to have curproc stashed anywhere in
msdosfs_write() or deextend(), so for those calls we explicitly pass
curproc.

This might have unforseen consequences I can't anticipate.  However,
with this patch I can no longer panic the kernel by filling an msdosfs
partition, which seems like an improvement.

With advice from gnezdo@.

ok gnezdo@

2 years agosync (/var/agentx)
sthen [Tue, 23 Aug 2022 18:09:50 +0000 (18:09 +0000)]
sync (/var/agentx)

2 years agoRemove unused partition type patterns from disk_has() helper
kn [Tue, 23 Aug 2022 16:08:09 +0000 (16:08 +0000)]
Remove unused partition type patterns from disk_has() helper

softraid(4) patterns were never used since import in 2015
and only one out of APFS patterns are used.

Feedback on APFS krw
OK krw

2 years agoRemove assertions as they have been disabled since the code was imported
anton [Tue, 23 Aug 2022 15:58:57 +0000 (15:58 +0000)]
Remove assertions as they have been disabled since the code was imported
from NetBSD back in 2000.

ok krw@

2 years agoAdded NFS client support to RAMDISK kernel as the same as other platforms.
aoyama [Tue, 23 Aug 2022 13:18:59 +0000 (13:18 +0000)]
Added NFS client support to RAMDISK kernel as the same as other platforms.

Tested by me.

2 years agoRecognize the cores on Apple's M2 SoC.
kettenis [Tue, 23 Aug 2022 11:39:34 +0000 (11:39 +0000)]
Recognize the cores on Apple's M2 SoC.

ok jsg@, tobhe@, deraadt@

2 years ago(Re)add support for agentx in snmpd
martijn [Tue, 23 Aug 2022 08:56:20 +0000 (08:56 +0000)]
(Re)add support for agentx in snmpd
Current omissions in protocol support are notifications,
index (de)allocation, and agent capabilities.

Help testing sthen@
Feedback/tweaks/OK jmatthew@

2 years agoAdd scroll-middle copy mode command to make cursor line in the middle,
nicm [Tue, 23 Aug 2022 08:14:19 +0000 (08:14 +0000)]
Add scroll-middle copy mode command to make cursor line in the middle,
from Varun Kumar E in GitHub issue 3307.

2 years agomatch on SIMCom SIM5320 (same id used by Option iCON 210)
jsg [Tue, 23 Aug 2022 08:12:30 +0000 (08:12 +0000)]
match on SIMCom SIM5320 (same id used by Option iCON 210)
from and tested by jon@elytron.openbsd.amsterdam

2 years agoregen
jsg [Tue, 23 Aug 2022 08:11:01 +0000 (08:11 +0000)]
regen

2 years agoadd SIMCom SIM5320 (same id used by Option iCON 210)
jsg [Tue, 23 Aug 2022 08:10:35 +0000 (08:10 +0000)]
add SIMCom SIM5320 (same id used by Option iCON 210)
from jon@elytron.openbsd.amsterdam

2 years agoRework random(6)
tb [Tue, 23 Aug 2022 06:35:53 +0000 (06:35 +0000)]
Rework random(6)

Fix putchar(3) handling and a number of other issues in the random(6)
code. In -e mode, avoid bias due to truncation of the return code to
8 bits. In default mode, actually treat the denominator as a floating
point number and print the line with a probability of 1 / denominator.
This allows e.g. printing 2/3 of stdin with 'random 1.5'.

Includes code for uniform random floats by Taylor R. Campbell from
https://mumble.net/~campbell/2014/04/28/uniform-random-float
and clz64() by me.

From lucic71 () bronze ! ctrl-c ! club, thanks.

ok deraadt

2 years agolog a warning if we can't resolve the ldap server hostname
jmatthew [Tue, 23 Aug 2022 02:57:27 +0000 (02:57 +0000)]
log a warning if we can't resolve the ldap server hostname

2 years agoMove PRU_SHUTDOWN request to (*pru_shutdown)().
mvs [Mon, 22 Aug 2022 21:18:48 +0000 (21:18 +0000)]
Move PRU_SHUTDOWN request to (*pru_shutdown)().

ok bluhm@

2 years agoDocument that igmp_timers_are_running and mld6_timers_are_running
bluhm [Mon, 22 Aug 2022 21:02:44 +0000 (21:02 +0000)]
Document that igmp_timers_are_running and mld6_timers_are_running
are protected by netlock.  They are only used as shortcut in fast
timer.
Common prefix in mld6.c is mld6.
OK mvs@

2 years agoProtect pf_reassemble() with pf fragment lock. When the pool limit
bluhm [Mon, 22 Aug 2022 20:35:39 +0000 (20:35 +0000)]
Protect pf_reassemble() with pf fragment lock.  When the pool limit
for fragment entries was reached, pf_create_fragment() called
pf_flush_fragments() without lock.  This could result in a crash.
Let PF_FRAG_LOCK() cover the whole pf_reassemble() function as
pf_nfrents++ was also missing the lock.
crash found and fix tested by Hrvoje Popovski;  OK sashan@

2 years agoMove PRU_DISCONNECT request to (*pru_disconnect).
mvs [Mon, 22 Aug 2022 13:23:06 +0000 (13:23 +0000)]
Move PRU_DISCONNECT request to (*pru_disconnect).

ok bluhm@

2 years agoGet number of interrupt cells from device tree instead of guessing based
tobhe [Mon, 22 Aug 2022 12:34:55 +0000 (12:34 +0000)]
Get number of interrupt cells from device tree instead of guessing based
on version.  Fixes M2 Macbook Air 2022 which reports version 2 but only
uses 3 cells.

ok kettenis@

2 years agoSimplify locking by using an intermediate lock variable.
mpi [Mon, 22 Aug 2022 12:03:32 +0000 (12:03 +0000)]
Simplify locking by using an intermediate lock variable.

While here get rid of the unused returned value of uvmpd_scan_inactive().

ok jsg@, kn@

2 years agoUse rwlock per inpcb table to protect notify list. The notify
bluhm [Mon, 22 Aug 2022 10:37:27 +0000 (10:37 +0000)]
Use rwlock per inpcb table to protect notify list.  The notify
function may sleep, so holding a mutex is not possible.  The same
list entry and rwlock is used for UDP multicast and raw IP delivery.
By adding a write lock, exclusive netlock is no longer necessary
for PCB notify and UDP and raw IP input.
OK mvs@

2 years agoAn RSC's EE cert mustn't have a SIA extension
tb [Mon, 22 Aug 2022 10:25:58 +0000 (10:25 +0000)]
An RSC's EE cert mustn't have a SIA extension

Explicitly forbidden in sections 2 and 5 of draft-ietf-sidrops-rpki-rsc-10.

looks good to claudio

2 years agolog connect, TLS and bind errors more prominently
jmatthew [Mon, 22 Aug 2022 10:10:59 +0000 (10:10 +0000)]
log connect, TLS and bind errors more prominently

2 years agoremove locore.s bzero and use libkern bzero on i386
jsg [Mon, 22 Aug 2022 09:33:40 +0000 (09:33 +0000)]
remove locore.s bzero and use libkern bzero on i386
libkern bzero doesn't have the 486 path but is otherwise the same
ok mlarkin@ deraadt@

2 years agoremove extern for cpu var removed in 2015
jsg [Mon, 22 Aug 2022 08:57:54 +0000 (08:57 +0000)]
remove extern for cpu var removed in 2015
ok daniel@

2 years agoremove cpu var from i386; removed from amd64 in 2015
jsg [Mon, 22 Aug 2022 08:53:55 +0000 (08:53 +0000)]
remove cpu var from i386; removed from amd64 in 2015
ok daniel@

2 years agoMove PRU_ACCEPT request to (*pru_accept)().
mvs [Mon, 22 Aug 2022 08:08:46 +0000 (08:08 +0000)]
Move PRU_ACCEPT request to (*pru_accept)().

ok bluhm@

2 years agoremove extra newlines from log messages
jmatthew [Mon, 22 Aug 2022 08:02:02 +0000 (08:02 +0000)]
remove extra newlines from log messages

2 years agouse Ic for all config options, and Xr ypldap 8 instead of Nm when talking
jmatthew [Mon, 22 Aug 2022 07:07:45 +0000 (07:07 +0000)]
use Ic for all config options, and Xr ypldap 8 instead of Nm when talking
about operations the daemon performs.

2 years agomips64, octeon, loonson: trigger deferred clock interrupts from splx(9)
cheloha [Mon, 22 Aug 2022 00:35:06 +0000 (00:35 +0000)]
mips64, octeon, loonson: trigger deferred clock interrupts from splx(9)

As with powerpc, powerpc64, and riscv64, on mips64 platforms we need
to isolate the clock interrupt schedule from the MD clock interrupt
code.  To do this, we need to stop deferring clock interrupt work
until the next tick and instead defer the work until we logically
unmask the clock interrupt from splx(9).

Add a boolean (ci_clock_deferred) to the cpu_info struct to note
whether we need to trigger the clock interrupt by hand, and then
do so from splx(9) by calling md_triggerclock().

Currently md_triggerclock is only ever set to cp0_trigger_int5().  The
routine takes great care to ensure that INT5 has fired or will fire
before returning.

There are some loongson machines that use glxclk instead of CP0.  They
can be switched to use CP0 later.

With input and advice from visa@ and miod@.

Compiled and extensively tested by visa@ and miod@ on various octeon
and loongson machines.  No issues seen on octeon machines.  miod@ saw
some odd things on loongsoon, but suggests that all issues are
probably unrelated to this patch.

Link: https://marc.info/?l=openbsd-tech&m=165929192702632&w=2
ok visa@, miod@

2 years agoOnly grab netlock in igmp and mdl6 fast timer when necessary. There
bluhm [Sun, 21 Aug 2022 23:04:45 +0000 (23:04 +0000)]
Only grab netlock in igmp and mdl6 fast timer when necessary.  There
are status variables that can be used to avoid locking if timers
are not running.  This should reduce contention on exclusive netlock.
OK kn@ mvs@

2 years agoMove PRU_CONNECT request to (*pru_connect)() handler.
mvs [Sun, 21 Aug 2022 22:45:55 +0000 (22:45 +0000)]
Move PRU_CONNECT request to (*pru_connect)() handler.

ok bluhm@

2 years agoRevise regress now that SSL_QUIC_METHOD exists.
jsing [Sun, 21 Aug 2022 19:46:19 +0000 (19:46 +0000)]
Revise regress now that SSL_QUIC_METHOD exists.

2 years agoProvide the remaining QUIC API.
jsing [Sun, 21 Aug 2022 19:42:15 +0000 (19:42 +0000)]
Provide the remaining QUIC API.

While more work is still required, this is sufficient to get ngtcp2 to
compile with QUIC and for curl to be able to make HTTP/3 requests.

ok tb@

2 years agoWire up SSL_QUIC_METHOD callbacks to the record layer callbacks for QUIC.
jsing [Sun, 21 Aug 2022 19:39:44 +0000 (19:39 +0000)]
Wire up SSL_QUIC_METHOD callbacks to the record layer callbacks for QUIC.

ok tb@

2 years agoProvide SSL_QUIC_METHOD.
jsing [Sun, 21 Aug 2022 19:32:38 +0000 (19:32 +0000)]
Provide SSL_QUIC_METHOD.

This provides SSL_QUIC_METHOD (aka ssl_quic_method_st), which allows for
QUIC callback hooks to be passed to an SSL_CTX or SSL. This is largely
ported/adapted from BoringSSL.

It is worth noting that this struct is not opaque and the original
interface exposed by BoringSSL differs to the one they now use. The
original interface was copied by quictls and it appears that this API
will not be updated to match BoringSSL.

To make things even more challenging, at least one consumer does not use
named initialisers, making code completely dependent on the order in
which the function pointers are defined as struct members. In order to
try to support both variants, the set_read_secret/set_write_secret
functions are included, however they have to go at the end.

ok tb@

2 years agoProvide and use QUIC specific error reasons.
jsing [Sun, 21 Aug 2022 19:18:57 +0000 (19:18 +0000)]
Provide and use QUIC specific error reasons.

ok tb@

2 years agoEnsure that SSL_{peek,read,write}() are not called if QUIC is in use.
jsing [Sun, 21 Aug 2022 18:17:11 +0000 (18:17 +0000)]
Ensure that SSL_{peek,read,write}() are not called if QUIC is in use.

ok tb@

2 years agoPrepare to provide SSL_ERROR_WANT_{ASYNC,ASYNC_JOB,CLIENT_HELLO_CB}
jsing [Sun, 21 Aug 2022 17:54:38 +0000 (17:54 +0000)]
Prepare to provide SSL_ERROR_WANT_{ASYNC,ASYNC_JOB,CLIENT_HELLO_CB}

LibreSSL will not return these values, however software is starting to
check for these as return values from SSL_get_error().

ok tb@

2 years agoMove PRU_LISTEN request to (*pru_listen)() handler.
mvs [Sun, 21 Aug 2022 17:30:21 +0000 (17:30 +0000)]
Move PRU_LISTEN request to (*pru_listen)() handler.

ok bluhm@

2 years agoAdd initial installboot(8) tests
kn [Sun, 21 Aug 2022 17:03:18 +0000 (17:03 +0000)]
Add initial installboot(8) tests

For now they all run on softraid(4) on vnd(4) and do not require any
setup up-front, making it easy to spot bugs in MD code.

amd64 passes, sparc64 passes with the exception of "-r/mnt" usage,
as is done by the installer, when the softraid volume contains
more than one chunk.  arm64 needs more love, still.

Will be hooked up per-arch soon.

OK anton

2 years agoChange soabort() return value to void. We never interesting on it.
mvs [Sun, 21 Aug 2022 16:22:17 +0000 (16:22 +0000)]
Change soabort() return value to void. We never interesting on it.

ok bluhm@

2 years agoRemove ip_local() and ip6_local(). After moving the IPv4 fragment
bluhm [Sun, 21 Aug 2022 14:15:55 +0000 (14:15 +0000)]
Remove ip_local() and ip6_local().  After moving the IPv4 fragment
reassembly and IPv6 hob-by-hob header chain processing out of
ip_local() and ip6_local(), they are almost empty stubs.  The check
for local deliver loop in ip_ours() and ip6_ours() is sufficient.
Recover mbuf offset and next protocol directly in ipintr() and
ip6intr().
OK mvs@

2 years agoprevent buffer overflow in OF_getpropint64array()
jasper [Sun, 21 Aug 2022 12:52:10 +0000 (12:52 +0000)]
prevent buffer overflow in OF_getpropint64array()
just like -r1.28 did for OF_getpropintarray()

ok kettenis@

2 years agoIntroduce a mutex per inpcb to serialize access to socket receive
bluhm [Sun, 21 Aug 2022 11:44:53 +0000 (11:44 +0000)]
Introduce a mutex per inpcb to serialize access to socket receive
buffer.  Later it may be used to protect more of the PCB or socket.
In divert input replace the kernel lock with this mutex.
OK mvs@

2 years agofix indent and zap trailing whitespace
tb [Sun, 21 Aug 2022 10:47:09 +0000 (10:47 +0000)]
fix indent and zap trailing whitespace

2 years agoA couple of minor changes for rtl8192eu:
kevlo [Sun, 21 Aug 2022 07:56:31 +0000 (07:56 +0000)]
A couple of minor changes for rtl8192eu:

- enable Tx/Rx aggregations of individual 802.11 frames on the USB bus
- in urtwn_fw_loadpage(), the maximum block size is 254 bytes rather than
  196 bytes
- clear the interrupt status register
- no need to disable BAR for USB devices and set NAV limit

ok stsp@, jmatthew@

2 years agoregen
daniel [Sun, 21 Aug 2022 04:04:53 +0000 (04:04 +0000)]
regen

2 years agoimprove some Transmeta pci device names
daniel [Sun, 21 Aug 2022 04:03:47 +0000 (04:03 +0000)]
improve some Transmeta pci device names

Mem1 -> SDRAM
Mem2 -> BIOS

These show up in pcidump as "Class: 05 Memory, Subclass: 00 RAM" which is
probably the reason for the Mem1/Mem2 names.

From NetBSD with tweaks from jsg@; also confirmed in the Transmeta BIOS
Programmer's Guide.

ok jsg@

2 years agoupdate a few German airports; from Thomas Wager
daniel [Sun, 21 Aug 2022 03:08:52 +0000 (03:08 +0000)]
update a few German airports; from Thomas Wager

2 years agoMove PRU_BIND request to (*pru_bind)() handler.
mvs [Sat, 20 Aug 2022 23:48:57 +0000 (23:48 +0000)]
Move PRU_BIND request to (*pru_bind)() handler.

For the protocols which don't support request, leave handler NULL. Do the
NULL check within corresponding pru_() wrapper and return EOPNOTSUPP in
such case. This will be done for all upcoming user request handlers.

ok bluhm@ guenther@

2 years agodrop detection code for Cyrix CPUs older than the Cyrix M2
daniel [Sat, 20 Aug 2022 23:33:53 +0000 (23:33 +0000)]
drop detection code for Cyrix CPUs older than the Cyrix M2

The 486DLC is a 486-class CPU which we no longer support on i386.

The 6x86 (also known as the M1) did not support CPUID by default[*]
so extra support code is needed to differentiate between these early
Cyrix processors in order to apply some errata that the M1 needs.
However the 6x86 doesn't implement the RDTSC instruction so we can
remove support code for this CPU at this point.

Cyrix implemented RDTSC in the 6x86MX (also known as the M2). So
this is likely the earliest Cyrix CPU that we can support on i386.

We keep the support code in "cyrix6x86_cpu_setup" because early
6x86MX CPUs would continue to benefit from this fixup code.

[*]: CPUID can be enabled on the Cyrix 6x86 by setting bit 7 of
CCR4

ok mlarkin@, jsg@

2 years agozap a tab
tb [Sat, 20 Aug 2022 21:48:25 +0000 (21:48 +0000)]
zap a tab

2 years agoremove Cyrix 486DLC register defines from amd64
daniel [Sat, 20 Aug 2022 19:26:00 +0000 (19:26 +0000)]
remove Cyrix 486DLC register defines from amd64

Cyrix CPUs don't support amd64. These defines were probably carried
over from i386 accidentally when the amd64 code was first imported.

ok mlarkin@, jsg@