openbsd
3 years agoDocument MODOCAML_RUNDEP
jca [Mon, 1 Feb 2021 21:48:36 +0000 (21:48 +0000)]
Document MODOCAML_RUNDEP

ok bket@ sthen@ (who initially suggested the if-not-native value under
a similar name)

3 years agoin case we're not a tty, don't do anything else
espie [Mon, 1 Feb 2021 20:15:01 +0000 (20:15 +0000)]
in case we're not a tty, don't do anything else

this does fix the grep case

3 years agoESP path MTU discovery over IPv6 tunnel has been fixed. Add test.
bluhm [Mon, 1 Feb 2021 18:11:46 +0000 (18:11 +0000)]
ESP path MTU discovery over IPv6 tunnel has been fixed.  Add test.

3 years agochange "demote counter" / "demote count" to "demotion counter", ok deraadt
sthen [Mon, 1 Feb 2021 16:39:50 +0000 (16:39 +0000)]
change "demote counter" / "demote count" to "demotion counter", ok deraadt

3 years agodescribe pfsync(4)'s use of carpdemote, ok/tweak kn deraadt
sthen [Mon, 1 Feb 2021 16:39:19 +0000 (16:39 +0000)]
describe pfsync(4)'s use of carpdemote, ok/tweak kn deraadt

3 years agoTake flows into consideration for policy lookup as initiator.
tobhe [Mon, 1 Feb 2021 16:37:48 +0000 (16:37 +0000)]
Take flows into consideration for policy lookup as initiator.
Fixes a bug where policies that only differ in their flow
configuration lead to a handshake error.

Found by claudio@
ok patrick@

3 years agodhclient(8): default_route_index(): poll(2) -> ppoll(2)
cheloha [Mon, 1 Feb 2021 16:29:22 +0000 (16:29 +0000)]
dhclient(8): default_route_index(): poll(2) -> ppoll(2)

Use ppoll(2) instead of poll(2) in default_route_index().  Using
ppoll(2) here forces us to use clock_gettime(2) to measure the
timeout, which is less error-prone than using time(3).

Part of a larger campaign in dhclient(8) to make "time stuff" more
accurate and robust.

Prompted by krw@.  Based on a diff from krw@.

ok krw@

3 years agoThe code in mdstore.c should stand on its own, so rename the global
kettenis [Mon, 1 Feb 2021 16:27:06 +0000 (16:27 +0000)]
The code in mdstore.c should stand on its own, so rename the global
variables used here instead of using the ones from config.c.

ok deraadt@, kn@

3 years agoRemove obsolete vnode operation vector declarations.
visa [Mon, 1 Feb 2021 15:55:07 +0000 (15:55 +0000)]
Remove obsolete vnode operation vector declarations.

OK bluhm@, claudio@, mpi@, semarie@

3 years agoUse "EC/RSA key setup failure" to align error with others
tb [Mon, 1 Feb 2021 15:35:41 +0000 (15:35 +0000)]
Use "EC/RSA key setup failure" to align error with others

ok eric jsing

3 years agoWhitespace
tobhe [Mon, 1 Feb 2021 15:13:15 +0000 (15:13 +0000)]
Whitespace

3 years agohandle #pinctrl-cells 2
jsg [Mon, 1 Feb 2021 14:30:01 +0000 (14:30 +0000)]
handle #pinctrl-cells 2

needed for >= linux 5.9 dtbs on bbb
ok kettenis@

3 years agoFix path MTU discovery for ESP tunneled in IPv6. We always want
bluhm [Mon, 1 Feb 2021 13:25:04 +0000 (13:25 +0000)]
Fix path MTU discovery for ESP tunneled in IPv6.  We always want
short TCP segments or fragments encapsulated in ESP instead of
fragmented ESP packets.  Pass the don't fragment flag down along
the stack so that dynamic routes with MTU are created eventually.
with and OK markus@; OK tobhe@

3 years agoSyntax of pf(4) route-to has changed. Adapt tests.
bluhm [Mon, 1 Feb 2021 12:52:07 +0000 (12:52 +0000)]
Syntax of pf(4) route-to has changed.  Adapt tests.

3 years agoFix white spaces and wrap long lines.
bluhm [Mon, 1 Feb 2021 12:08:50 +0000 (12:08 +0000)]
Fix white spaces and wrap long lines.

3 years agoStart implementing conditionals for filters.
mpi [Mon, 1 Feb 2021 11:26:28 +0000 (11:26 +0000)]
Start implementing conditionals for filters.

Allows to check the existence of a variable in predicates, making it
possible to trace syscall latency, as follow:

syscall:select:entry
{
  @start[pid] = nsecs;
}

syscall:select:return
/@start[pid]/
{
  @usecs = hist((nsecs - @start[pid]) / 1000);
  delete(@start[pid]);
}

3 years agoAlign the mixed naming for the variables used to reference to
mglocker [Mon, 1 Feb 2021 09:21:51 +0000 (09:21 +0000)]
Align the mixed naming for the variables used to reference to
bInterfaceNumber and bAlternateSetting as following:

        ifaceidx -> ifaceno
        altidx -> altno

Suggested and ok mpi@

3 years agoAdd a no-detached choice to detach-on-destroy which detaches only if
nicm [Mon, 1 Feb 2021 08:01:14 +0000 (08:01 +0000)]
Add a no-detached choice to detach-on-destroy which detaches only if
there are no other detached sessions to switch to, from Sencer Selcuk in
GitHub issue 2553.

3 years agoNetlock should be grabbed before pppx_if_find() call in pppxwrite().
mvs [Mon, 1 Feb 2021 07:46:55 +0000 (07:46 +0000)]
Netlock should be grabbed before pppx_if_find() call in pppxwrite().
Otherwise this `pxi' can be killed by concurrent thread after context
switch caused by following netlock.

ok yasuoka@

3 years agoRemove dummy TUNSIFMODE ioctl(2) call from pppac(4) and npppd(8). Since
mvs [Mon, 1 Feb 2021 07:44:58 +0000 (07:44 +0000)]
Remove dummy TUNSIFMODE ioctl(2) call from pppac(4) and npppd(8). Since
OpenBSD 6.7 npppd(8) can't work over tun(4).

ok yasuoka@

3 years agoifunit() was fully replaced by if_unit(9) and should go away.
mvs [Mon, 1 Feb 2021 07:43:33 +0000 (07:43 +0000)]
ifunit() was fully replaced by if_unit(9) and should go away.

ok bluhm@ dlg@

3 years agoupdate the pathname for the control socket path; from daniel jakots
jmc [Mon, 1 Feb 2021 07:39:59 +0000 (07:39 +0000)]
update the pathname for the control socket path; from daniel jakots
clean up FILES while here

ok claudio for the former

3 years agoupdate currency exchange rates;
jmc [Mon, 1 Feb 2021 07:33:19 +0000 (07:33 +0000)]
update currency exchange rates;

3 years agosome article fixes; from eddie youseph and grep
jmc [Mon, 1 Feb 2021 07:09:37 +0000 (07:09 +0000)]
some article fixes; from eddie youseph and grep

3 years agoa regular function decl collides with an inline, due to C99 inline rules.
deraadt [Mon, 1 Feb 2021 05:49:48 +0000 (05:49 +0000)]
a regular function decl collides with an inline, due to C99 inline rules.
We are never updating this sub-tree.  Knock out the collision in the simplest
way.  diff from mortimer.
This is the last change required for -fno-common on all architectures,
thanks to mortimer for starting the effort and encouraging others.

3 years agosync
deraadt [Mon, 1 Feb 2021 05:45:02 +0000 (05:45 +0000)]
sync

3 years agoSwitch dispatch loop to ppoll() and protocol timeouts to struct timespec.
krw [Mon, 1 Feb 2021 01:42:20 +0000 (01:42 +0000)]
Switch dispatch loop to ppoll() and protocol timeouts to struct timespec.

Reduces spurious packet transmissions in situations with short timings.

Suggestions millert@, further suggestions & ok cheloha@

3 years agochange route-to so it sends packets to IPs instead of interfaces.
dlg [Mon, 1 Feb 2021 00:31:04 +0000 (00:31 +0000)]
change route-to so it sends packets to IPs instead of interfaces.

this is a significant (and breaking) reworking of the policy based
routing that pf can do. the intention is to make it as easy as
nat/rdr to use, and more robust when it's operating.

the main reasons for this change are:

- route-to, reply-to, and dup-to do not work with pfsync

 this is because the information about where to route-to is stored in
 rules, and it is hard to have a ruleset synced between firewalls,
 and impossible to have them synced 100% of the time.

- i can make my boxes panic in certain situations using route-to

 yeah...

- the configuration and syntax for route-to rules are confusing.

 the argument to route-to and co is an interace name with an optional
 ip address. there are several problems with this. one is that people
 tend to think about routing as sending packets to peers by their
 address, not by the interface they're reachable on. another is that
 we currently have no way to synchronise interface topology information
 between firewalls, so using an interface to say where packets go
 means we can't do failover of these states with pfsync. another
 is that a change in routing topology means a host may become
 reachable over a different interface. tying routing policy to
 interfaces gets in the way of failover and load balancing.

this change does the following:

- stores the route info in the state instead of the pf rule

 this allows route-to to keep working when the ruleset changes, and
 allows route-to info to be sent over pfsync. there's enough spare bits
 in pfsync messages that the protocol doesnt break.

 the caveat is that route-to becomes tied to pass rules that create
 state, like rdr-to and nat-to.

- the argument to route-to etc is a destination ip address

 it's not limited to a next-hop address (thought a next-hop can be a
 destination address). this allows for the failover and load balancing
 referred to above.

- deprecates the address@interface host syntax in pfctl

 because routing is done entirely by IPs, the interface is derived from
 the route lookup, not pf. any attempt to use the @interface syntax
 will fail now in all contexts.

there's enthusiasm from proctor@ jmatthew@ and others
ok sashan@ bluhm@

3 years agomore strictly enforce KEX state-machine by banning packet types
djm [Sun, 31 Jan 2021 22:55:29 +0000 (22:55 +0000)]
more strictly enforce KEX state-machine by banning packet types
once they are received. Fixes memleak caused by duplicate
SSH2_MSG_KEX_DH_GEX_REQUEST (spotted by portable OpenSSH kex_fuzz
via oss-fuzz #30078).

ok markus@

3 years agoSpacing.
mglocker [Sun, 31 Jan 2021 19:32:01 +0000 (19:32 +0000)]
Spacing.

3 years agoIgnore addresses that are not 0/32 (dynamic) in ikev2_cp_fixaddr()
tobhe [Sun, 31 Jan 2021 17:23:45 +0000 (17:23 +0000)]
Ignore addresses that are not 0/32 (dynamic) in ikev2_cp_fixaddr()
instead of throwing an error.  Fixes a bug where flows without
'dynamic' were skipped when 'config/request address' is used.

ok patrick@

3 years agoDon't leak flows if ikev2_cp_fixflow() fails.
tobhe [Sun, 31 Jan 2021 17:15:38 +0000 (17:15 +0000)]
Don't leak flows if ikev2_cp_fixflow() fails.

ok patrick@

3 years agoMake progress when stepping through rdns proposals even when skipping
florian [Sun, 31 Jan 2021 16:07:27 +0000 (16:07 +0000)]
Make progress when stepping through rdns proposals even when skipping
localhost.

3 years agoturns out STDOUT may have been redirected, in which case tcgetpgrp will
espie [Sun, 31 Jan 2021 15:22:55 +0000 (15:22 +0000)]
turns out STDOUT may have been redirected, in which case tcgetpgrp will
return -1, in which case we never need to suppress output.

noticed by Mark Patruck

3 years agoreplace fgetln(3) with getline(3) in fdisk
naddy [Sun, 31 Jan 2021 14:24:47 +0000 (14:24 +0000)]
replace fgetln(3) with getline(3) in fdisk

ok millert@

3 years agoreplace fgetln(3) with getline(3) in sed
naddy [Sun, 31 Jan 2021 14:23:05 +0000 (14:23 +0000)]
replace fgetln(3) with getline(3) in sed

Partly from Johann Oskarsson for Illumos/FreeBSD.
ok millert@

3 years agofix mistaken operator precedence in a pointer dereference in disklabel
naddy [Sun, 31 Jan 2021 14:18:44 +0000 (14:18 +0000)]
fix mistaken operator precedence in a pointer dereference in disklabel

ok millert@

3 years agoAdd basic support for BCM4378 as found on the Apple M1 SoCs. There's a
patrick [Sun, 31 Jan 2021 11:07:51 +0000 (11:07 +0000)]
Add basic support for BCM4378 as found on the Apple M1 SoCs.  There's a
little bit more to do though before it can be enabled.

3 years agoregen
patrick [Sun, 31 Jan 2021 10:52:36 +0000 (10:52 +0000)]
regen

3 years agoAdd Broadcom BCM4378.
patrick [Sun, 31 Jan 2021 10:51:53 +0000 (10:51 +0000)]
Add Broadcom BCM4378.

3 years agoSet linesize returned by getline to zero when freeing and NULLing the
dtucker [Sun, 31 Jan 2021 10:50:10 +0000 (10:50 +0000)]
Set linesize returned by getline to zero when freeing and NULLing the
returned string.  OpenBSD's getline handles this just fine, but some
implementations used by -portable do not.  ok djm@

3 years agolast pieces of satisfying -fno-common
deraadt [Sun, 31 Jan 2021 05:14:24 +0000 (05:14 +0000)]
last pieces of satisfying -fno-common

3 years agoDon't print an empty line at the end of `route sourceaddr`
danj [Sat, 30 Jan 2021 22:00:06 +0000 (22:00 +0000)]
Don't print an empty line at the end of `route sourceaddr`

ok denis

3 years agosatisfy -fno-common
deraadt [Sat, 30 Jan 2021 21:06:45 +0000 (21:06 +0000)]
satisfy -fno-common

3 years agoRemove duplicate hvmd decleration
kn [Sat, 30 Jan 2021 19:34:13 +0000 (19:34 +0000)]
Remove duplicate hvmd decleration

Already declared "extern" in ldomctl.h;  required for "-fno-common".
OK kettenis

3 years agoMove global domain declaration to parse.y
kn [Sat, 30 Jan 2021 19:32:44 +0000 (19:32 +0000)]
Move global domain declaration to parse.y

This is the only object that uses it;  required for "-fno-common".
OK kettenis

3 years agoAdd dhclient.conf back to list of "installed network configuration
krw [Sat, 30 Jan 2021 18:21:06 +0000 (18:21 +0000)]
Add dhclient.conf back to list of "installed network configuration
files during upgrade".

Mistakenly removed during dhclient.conf cleanup of r1.1050.

3 years agoMake editing GPT easier/safer by defaulting offet to beginning of largest
krw [Sat, 30 Jan 2021 18:16:36 +0000 (18:16 +0000)]
Make editing GPT easier/safer by defaulting offet to beginning of largest
free space and preventing the creation of overlapping partitions.

Prompted & tested by landry@

3 years agoAdd AMAP flag description.
rob [Sat, 30 Jan 2021 16:48:31 +0000 (16:48 +0000)]
Add AMAP flag description.

OK deraadt@

3 years agoRemove ACOMPAT.
rob [Sat, 30 Jan 2021 16:43:22 +0000 (16:43 +0000)]
Remove ACOMPAT.

OK deraadt@

3 years agodocument that sizes in fdisk can be input and printed in terabytes
naddy [Sat, 30 Jan 2021 15:15:20 +0000 (15:15 +0000)]
document that sizes in fdisk can be input and printed in terabytes

3 years agoAbstract octeon board handling a little
visa [Sat, 30 Jan 2021 14:59:13 +0000 (14:59 +0000)]
Abstract octeon board handling a little

Detect octeon board model in one place, and replace firmware-supplied
board_type with an abstract model identifier in driver code. This makes
it easier to manage with different products, and board flavours, that
happen to use the same model information, such as board_type.

3 years agosatisfy -fno-common
deraadt [Sat, 30 Jan 2021 14:37:01 +0000 (14:37 +0000)]
satisfy -fno-common

3 years agodo not print to STDOUT if we're in background, as requested by Theo
espie [Sat, 30 Jan 2021 11:19:01 +0000 (11:19 +0000)]
do not print to STDOUT if we're in background, as requested by Theo
who pointed at ssh code for process group handling. Thanks

3 years agoI'm such a doofus, of course I have to call base method as well
espie [Sat, 30 Jan 2021 11:16:58 +0000 (11:16 +0000)]
I'm such a doofus, of course I have to call base method as well

3 years agomissing word in comment
tb [Sat, 30 Jan 2021 10:48:15 +0000 (10:48 +0000)]
missing word in comment

3 years agoswitch ProgressMeter to clearer API
espie [Sat, 30 Jan 2021 10:43:43 +0000 (10:43 +0000)]
switch ProgressMeter to clearer API

3 years agorework API slightly, so that handle_continue is an explicit method
espie [Sat, 30 Jan 2021 10:37:22 +0000 (10:37 +0000)]
rework API slightly, so that handle_continue is an explicit method
(to be overrideen by subclasses when needed)

3 years agoRe-try to open DNSSEC trust anchor file if /var is not mounted yet.
florian [Sat, 30 Jan 2021 10:31:51 +0000 (10:31 +0000)]
Re-try to open DNSSEC trust anchor file if /var is not mounted yet.
This is a step towards starting unwind earlier, before the network is
up and partitions are mounted.
OK kn

3 years agofor now, do not try to install quirks in case we're running "not"
espie [Sat, 30 Jan 2021 10:24:19 +0000 (10:24 +0000)]
for now, do not try to install quirks in case we're running "not"
the better thing to do would be to pseudo-install it under /tmp so we
can run it, but it requires way more changes

3 years agoFix delay parsing by stealing from strtonum and returning a proper error to
martijn [Sat, 30 Jan 2021 08:44:42 +0000 (08:44 +0000)]
Fix delay parsing by stealing from strtonum and returning a proper error to
the user when an invalid value is entered instead of silently falling back
to the default 5s.

While here I also capped the upper limit to UINT32_MAX / 1000000 to prevent
useconds_t overflow. This hard limits us to 4294s, instead of the current
soft limit which just make systat go berserk if you go over it.

Reported and original diff by Nick Gasson nick <at> nickg <dot> me <dot> uk

OK cheloha@
Tweaks and OK bluhm@

3 years agoadd a SK_DUMMY_INTEGRATE define that allows the dummy security key
djm [Sat, 30 Jan 2021 00:56:38 +0000 (00:56 +0000)]
add a SK_DUMMY_INTEGRATE define that allows the dummy security key
middleware to be directly linked; useful for writing fuzzers, etc.

3 years agoAdd proper padding for pfkey messages. Use ROUNDUP() for auth and
tobhe [Fri, 29 Jan 2021 21:26:06 +0000 (21:26 +0000)]
Add proper padding for pfkey messages. Use ROUNDUP() for auth and
enc keys.

ok patrick@

3 years agoSome libunbound configuration changes can change the quality of a
florian [Fri, 29 Jan 2021 17:48:58 +0000 (17:48 +0000)]
Some libunbound configuration changes can change the quality of a
resolver so we have to schedule a re-check.
OK kn

3 years agoDon't filter by address family on the route socket.
florian [Fri, 29 Jan 2021 17:46:04 +0000 (17:46 +0000)]
Don't filter by address family on the route socket.
While here also set SOCK_NONBLOCK on the frontend routesock.

3 years agoupdate remaining usb.org URLs
sthen [Fri, 29 Jan 2021 17:12:19 +0000 (17:12 +0000)]
update remaining usb.org URLs

3 years agoupdate usb.org URLs
sthen [Fri, 29 Jan 2021 17:06:19 +0000 (17:06 +0000)]
update usb.org URLs

3 years agoupdate some usb.org URLs following reorganisation, add a new one for upd
sthen [Fri, 29 Jan 2021 16:59:41 +0000 (16:59 +0000)]
update some usb.org URLs following reorganisation, add a new one for upd
partly from Alessandro Ricci

3 years agoAdjust for disabling gcc on macppc.
kettenis [Fri, 29 Jan 2021 16:40:07 +0000 (16:40 +0000)]
Adjust for disabling gcc on macppc.

3 years agoStop building gcc on macppc.
kettenis [Fri, 29 Jan 2021 16:38:20 +0000 (16:38 +0000)]
Stop building gcc on macppc.

ok cwen@, deraadt@

3 years agorepair declerations to satisfy -fno-common
deraadt [Fri, 29 Jan 2021 16:22:34 +0000 (16:22 +0000)]
repair declerations to satisfy -fno-common
ok kettenis

3 years agobe more forceful about FULLPKGPATH
espie [Fri, 29 Jan 2021 15:58:56 +0000 (15:58 +0000)]
be more forceful about FULLPKGPATH

3 years agoDon't rely on USB interfaces being at compliant indices.
edd [Fri, 29 Jan 2021 11:44:06 +0000 (11:44 +0000)]
Don't rely on USB interfaces being at compliant indices.

When obtaining an interface handle, we currently rely on the device being
properly USB compliant, and thus the interface being at the correct index in
the interfaces array.

However, some devices present their indices incorrectly. For example, the
following audio device exposes interfaces 0, 1 and 3, in that order (skipping
interface 2 entirely):

uaudio2 at uhub4 port 4 configuration 1 interface 3 "E+ Corp. DAC Audio" rev 1.10/0.01 addr 2
uaudio2: class v1, full-speed, async, channels: 2 play, 0 rec, 3 ctls

This means that that the audio stream interface (number 3) is not found at the
expected index of 2, and this causes looking up the handle to fail.

This change makes usbd_device2interface_handle() search for the right
interface, instead of assuming it will be at the right index. Although this is
a little slower, note that this routine not very frequently called and there
are typically not hundreds of interfaces on a typical USB device.

This fixes the above E+ Corp device, and one other uaudio device reported
broken by a user.

With input from, tested by, and OK ratchov@, mglocker@ and kettenis@.

Many thanks!

3 years agoMake audio clients use struct opt to reach the device
ratchov [Fri, 29 Jan 2021 11:38:23 +0000 (11:38 +0000)]
Make audio clients use struct opt to reach the device

No behavior change. This decreases the number of explicit references
to the dev structure

3 years agoMake control clients use struct opt to reach the device
ratchov [Fri, 29 Jan 2021 11:36:44 +0000 (11:36 +0000)]
Make control clients use struct opt to reach the device

No behavior change. This decreases the number of explicit references
to the dev structure.

3 years agoRename ctlslot->mask to ctlslot->self to match the rest of the code
ratchov [Fri, 29 Jan 2021 11:31:28 +0000 (11:31 +0000)]
Rename ctlslot->mask to ctlslot->self to match the rest of the code

No binary change.

3 years agoOrder opt_list in opt_new() call order, limit items to OPT_NMAX
ratchov [Fri, 29 Jan 2021 11:25:05 +0000 (11:25 +0000)]
Order opt_list in opt_new() call order, limit items to OPT_NMAX

No behavior change, except for improved debug printfs.

3 years agoMove the options list out of the device structure
ratchov [Fri, 29 Jan 2021 11:21:00 +0000 (11:21 +0000)]
Move the options list out of the device structure

No behavior change. Later this will ease applying the configuration of
one device to another by "just" swapping pointers.

3 years agoMove the control client state out of the device structure
ratchov [Fri, 29 Jan 2021 10:55:19 +0000 (10:55 +0000)]
Move the control client state out of the device structure

No behavior change. Later this will ease changing the controlled
device by "just" swapping pointers.

3 years agoMove the audio clients state out of the device structure
ratchov [Fri, 29 Jan 2021 10:51:24 +0000 (10:51 +0000)]
Move the audio clients state out of the device structure

No behavior change. Later this will ease moving clients from one
device to another by "just" swapping pointers.

3 years agoUse NULL instead of 0 to clear v_socket pointer (which actually clears all
claudio [Fri, 29 Jan 2021 10:47:24 +0000 (10:47 +0000)]
Use NULL instead of 0 to clear v_socket pointer (which actually clears all
of the v_un pointers).
OK jsg@ mvs@

3 years agoAdjust regress test, the hash argument to the parse functions was removed.
claudio [Fri, 29 Jan 2021 10:15:42 +0000 (10:15 +0000)]
Adjust regress test, the hash argument to the parse functions was removed.

3 years agoA while ago rpki-client was changed to validate the sha256 hashes of
claudio [Fri, 29 Jan 2021 10:13:16 +0000 (10:13 +0000)]
A while ago rpki-client was changed to validate the sha256 hashes of
files referenced in MFT files during the validation of the MFT file.
An MFT is only valid if all files are present and their hashes are valid.
Because of this there is no longer the need to check the hash when
these files are parsed later on. Remove these checks for CRT, ROA and CRL
files. Use the presence of the pkey when parsing cert files to decide
if it is a root cert or not.
OK tb@

3 years agoTrim output overwritten by later text or clears completely rather than
nicm [Fri, 29 Jan 2021 09:48:43 +0000 (09:48 +0000)]
Trim output overwritten by later text or clears completely rather than
only in a few cases. This means we can better track when a line should
wrap. GitHub issue 2537.

3 years agorecognise Cortex-A78C
jsg [Fri, 29 Jan 2021 08:48:19 +0000 (08:48 +0000)]
recognise Cortex-A78C

3 years agofix the values of enum sock_type
djm [Fri, 29 Jan 2021 06:29:46 +0000 (06:29 +0000)]
fix the values of enum sock_type

3 years agogive typedef'd struct a struct name; makes the fuzzer I'm writing a bit
djm [Fri, 29 Jan 2021 06:28:10 +0000 (06:28 +0000)]
give typedef'd struct a struct name; makes the fuzzer I'm writing a bit
easier

3 years agoWhitespace.
rob [Fri, 29 Jan 2021 00:31:41 +0000 (00:31 +0000)]
Whitespace.

3 years agoRemove print_{debug,verbose} since they're currently unused and I see no
martijn [Thu, 28 Jan 2021 20:45:14 +0000 (20:45 +0000)]
Remove print_{debug,verbose} since they're currently unused and I see no
reason to start using them in the future.

OK tb@

3 years agobridge(4): convert ifunit() to if_unit(9)
mvs [Thu, 28 Jan 2021 20:06:38 +0000 (20:06 +0000)]
bridge(4): convert ifunit() to if_unit(9)

ok bluhm@ sashan@

3 years agotrunk(4): convert ifunit to if_unit(9)
mvs [Thu, 28 Jan 2021 20:04:44 +0000 (20:04 +0000)]
trunk(4): convert ifunit to if_unit(9)

ok bluhm@

3 years agoAdd '$' to ober_scanf_elements().
martijn [Thu, 28 Jan 2021 19:56:33 +0000 (19:56 +0000)]
Add '$' to ober_scanf_elements().
This allows us to enforce end of sequence/set without having to manually
check be_next for NULL.

No lib bump needed according to millert@
OK millert@ rob@

3 years agobios_memmap[] should not be a common
deraadt [Thu, 28 Jan 2021 18:54:50 +0000 (18:54 +0000)]
bios_memmap[] should not be a common
ok kettenis

3 years agoRemove direct assignment of aead_ctx.
jsing [Thu, 28 Jan 2021 18:32:46 +0000 (18:32 +0000)]
Remove direct assignment of aead_ctx.

Now that AEAD is handled internally, we should no longer be assigning
aead_ctx directly, as this will result in a leak. Missed during the
previous change.

3 years agoAdd ldap(1) to the SEE ALSO section. OK deraadt@
millert [Thu, 28 Jan 2021 18:09:15 +0000 (18:09 +0000)]
Add ldap(1) to the SEE ALSO section.  OK deraadt@

3 years agoAgain allow COPTS= to come from the environment again, and don't lose the
deraadt [Thu, 28 Jan 2021 17:39:01 +0000 (17:39 +0000)]
Again allow COPTS= to come from the environment again, and don't lose the
SMALL_KERNEL specific variations.
ok espie jsg

3 years agotpm(4): fix delay units
cheloha [Thu, 28 Jan 2021 17:19:40 +0000 (17:19 +0000)]
tpm(4): fix delay units

tpm(4) has timeout constants in milliseconds, e.g.

#define TPM_ACCESS_TMO 2000 /* 2sec */

This is fine.

The odd thing is that tpm(4) first converts these timeouts to counts
of ticks via tpm_tmotohz() before using DELAY() to busy-wait.  DELAY()
takes a count of microseconds, which are not equivalent to ticks, so
the units are all screwed up.

Let's correct this:

- Remove tpm_tmotohz().  We're not working with ticks so we don't it.

- Multiply the timeouts to match the delay interval.  tpm_request_locality()
  and tpm_getburst() use intervals of 10 microseconds, so multiply the
  millisecond timeouts by 100.  In tpm_waitfor() the delay interval is 1
  microsecond, so multiply the millisecond timeout by 1000.

- Update the parameter name in tpm_waitfor() to note that we expect a
  count of milliseconds, not "tries".

Discussion: https://marc.info/?l=openbsd-tech&m=160995671326406&w=2

Prompted by kettenis@.

Suspend/resume tested by florian@ on an X1 Gen 2.  For the record, it
looks like this:

tpm0 at acpi0 TPM_ addr 0xfed40000/0x5000, device 0x0000104a rev 0x4e

Earlier versions of this patch were reviewed by kn@, but the patch
became more ambitious when kettenis@ got involved so those reviews
are no longer applicable.

jcs@ notes (https://marc.info/?l=openbsd-tech&m=160834427630142&w=2)
in a related discussion that this driver "sucks" and should be
replaced with NetBSD's rewrite.  This would get us a cleaner driver
with TPM 2.0 support.  So there is future work to do here.

ok kettenis@

3 years agoMove AEAD handling into the new TLSv1.2 record layer.
jsing [Thu, 28 Jan 2021 17:00:38 +0000 (17:00 +0000)]
Move AEAD handling into the new TLSv1.2 record layer.

ok tb@

3 years agoShow when witness(4) has run out of lock order data entries.
visa [Thu, 28 Jan 2021 15:13:27 +0000 (15:13 +0000)]
Show when witness(4) has run out of lock order data entries.

This makes it clearer why lock order traces are sometimes not displayed.

Prompted by a question from, and OK anton@

3 years agoDrop tcp_trace() from SMALL_KERNEL builds to make room on amd64 floppy
visa [Thu, 28 Jan 2021 14:53:20 +0000 (14:53 +0000)]
Drop tcp_trace() from SMALL_KERNEL builds to make room on amd64 floppy

OK deraadt@