patrick [Sat, 23 Dec 2017 10:30:54 +0000 (10:30 +0000)]
Since ikev2_init_recv() is supposed to only handle responses to an
exchange that we initiatiated, we are not allowed to respond to such
a msg. Also we don't need the DH check in ikev2_sa_initiator_dh() as
it's only called when we initiate, so the check would not run, or when
we get a Create Child SA response, where an error should only lead to
us having another attempt at an exchange.
Found by and ok markus@
fcambus [Sat, 23 Dec 2017 10:30:25 +0000 (10:30 +0000)]
Remove dead assignment.
Now that we call rasops_putchar_rotated(), we don't need ri anymore.
OK kettenis@
kettenis [Sat, 23 Dec 2017 10:23:34 +0000 (10:23 +0000)]
Use regmap interface to tweak "SYSREG" PHY configuration registers and
remove exsysreg(4). The exsysreg(4) driver would no longer attach
as syscon(4) would match its node in the device tree. As a result the
driver corss-call would panic.
Makes te Odroid-XU4 work again.
jsg [Sat, 23 Dec 2017 01:44:24 +0000 (01:44 +0000)]
enable snooping on Intel 200 Series HDA
jsg [Sat, 23 Dec 2017 01:42:31 +0000 (01:42 +0000)]
match on intel 200 series
jsg [Sat, 23 Dec 2017 01:34:35 +0000 (01:34 +0000)]
regen
jsg [Sat, 23 Dec 2017 01:33:51 +0000 (01:33 +0000)]
add ids for intel coffee lake-s and series 200/300 pch
schwarze [Sat, 23 Dec 2017 00:52:33 +0000 (00:52 +0000)]
clarify that -i only affects the comparison of ASCII characters;
OK jmc@ tb@
nicm [Fri, 22 Dec 2017 23:16:41 +0000 (23:16 +0000)]
Fix memory leak in screen_redraw_make_pane_status.
anton [Fri, 22 Dec 2017 21:19:10 +0000 (21:19 +0000)]
Since export accepts several variables, put them on a single line; ok tb@
rpe [Fri, 22 Dec 2017 19:41:49 +0000 (19:41 +0000)]
Cope with the fact, that the DHCLIENT route label is gone which
helped to find out if the default route was configured by dhclient.
Check if the interface connected to the default route is in the
dhcp interface group which accomplishes the same functionality.
With feedback from and OK krw@
kettenis [Fri, 22 Dec 2017 15:52:36 +0000 (15:52 +0000)]
If we use the cookie-based interrupt API on sun4v, whe shouldn't put the
interrupts in the lookup table. On machines like the Oracle T7-2 this
would make the code believe that there is interrupt sharing, but since
we bypass intr_list_handler() when using the cookie-based interrupt API,
we wouldn't properly acknowledge the interrupt.
This fixes the last remaining problem with interrupts on the Oracle T7-2.
bru [Fri, 22 Dec 2017 15:21:04 +0000 (15:21 +0000)]
1. Use unfiltered deltas for scrolling. 2. (Re-)Simplify the edge area
setup.
nicm [Fri, 22 Dec 2017 10:18:51 +0000 (10:18 +0000)]
Do not try to set default value on user options (they don't have one),
from Charles Howard in GitHub issue 1161.
nicm [Fri, 22 Dec 2017 10:16:36 +0000 (10:16 +0000)]
Remove duplicate WheelUp/WheelDown entries in list, GitHub issue 1184.
bluhm [Thu, 21 Dec 2017 23:27:17 +0000 (23:27 +0000)]
Add some comments what the tests are doing.
millert [Thu, 21 Dec 2017 21:04:38 +0000 (21:04 +0000)]
Expand u_short and u_int to unsigned short and unsigned int
respectively to avoid compilation errors when one of the POSIX or
X/OPEN version macros is defined. Also sync the field descriptions
with kqueue.2. OK deraadt@
jmc [Thu, 21 Dec 2017 21:03:49 +0000 (21:03 +0000)]
typo;
rpe [Thu, 21 Dec 2017 19:22:14 +0000 (19:22 +0000)]
Adopt comments to previous change
krw [Thu, 21 Dec 2017 15:14:45 +0000 (15:14 +0000)]
Stop creating a dhclient.conf in the install script, now
that 'send host-name' is the default behaviour for
dhclient.
ok rpe@
mpi [Thu, 21 Dec 2017 12:09:38 +0000 (12:09 +0000)]
Call if_start() directly to send the EAPOL key.
Using if_enqueue() here, from interrupt context, might result in
the packet beeing enqueued, incorrectly encrypted, on the TX ring.
This race has been recently exposed by the re-introduction of the
TX mitigation. It exists because the net80211 stack sets
IEEE80211_NODE_TXPROT on the node while processing the 3rd message,
assuming the answer has already been transmitted. However a CPU
returns from if_enqueue() it cannot assume that the send queue is
empty. So call if_start() to flush this queue.
Encrypting the 4th message of the 4way handshake with the new key
breaks WPA handshake as found the hardway by anton@.
Race analysed by dlg@, a lot of net80211 inputs and suggetions from
stsp@.
ok stsp@, dlg@
tb [Thu, 21 Dec 2017 10:05:59 +0000 (10:05 +0000)]
Add an -i option for case insensitive comparison of lines.
From Claus Assmann with minor tweaks by me.
ok millert
tb [Thu, 21 Dec 2017 07:29:15 +0000 (07:29 +0000)]
Two width specifiers changed from %02 to %0 in previous. Change them back.
ok deraadt
deraadt [Thu, 21 Dec 2017 06:55:22 +0000 (06:55 +0000)]
Do not use %hx for chars, ok kettenis
djm [Thu, 21 Dec 2017 05:46:35 +0000 (05:46 +0000)]
another libssh casualty
jmatthew [Thu, 21 Dec 2017 05:09:56 +0000 (05:09 +0000)]
Close the right file descriptor and clean up the tls context in aldap_close().
ok zhuk@ deraadt@
dlg [Thu, 21 Dec 2017 03:59:32 +0000 (03:59 +0000)]
drivers might want to call ifiq_barrier.
dlg [Thu, 21 Dec 2017 03:58:27 +0000 (03:58 +0000)]
add some ifq and ifiq barriers in ixl_down.
move rxfill in ixl_up so the qtail is only written once.
djm [Thu, 21 Dec 2017 03:01:49 +0000 (03:01 +0000)]
missed one (unbreak after ssh/lib removal)
dlg [Thu, 21 Dec 2017 01:55:44 +0000 (01:55 +0000)]
now that we have multiple input queues in ifnet structs, use them.
for now we still only have one set of tx and rx rings, but sets us up to
bump that number.
dlg [Thu, 21 Dec 2017 01:11:47 +0000 (01:11 +0000)]
prototype if_attach_iqueues so drivers can configure multiple iqs.
djm [Thu, 21 Dec 2017 00:41:22 +0000 (00:41 +0000)]
unbreak unit tests after removal of src/usr.bin/ssh/lib
kettenis [Thu, 21 Dec 2017 00:32:55 +0000 (00:32 +0000)]
Implement missing bits to support lazy binding. Note that the code
deliberately does not save the floating-point argument registers
before calling _dl_bind(). Doing so would force an FPU context switch
upon every function call through the PLT. But since we compile ld.so
with -march=armv8-a+nofp+nosimd this is safe since nothing in the _dl_bind()
codepath uses he FPU registers.
ok guenther@, drahn@
djm [Thu, 21 Dec 2017 00:00:28 +0000 (00:00 +0000)]
revert stricter key type / signature type checking in userauth path;
too much software generates inconsistent messages, so we need a
better plan.
bluhm [Wed, 20 Dec 2017 23:37:56 +0000 (23:37 +0000)]
Skip this regress test if no remote test machine is specified as
environment variable.
tb [Wed, 20 Dec 2017 21:08:06 +0000 (21:08 +0000)]
Fix adding and removing files with git-style a/ b/ diffs: only skip
six letters if they actually match "--- a/" and "+++ b/" instead of
laxer checks.
ok tom, tedu, millert
krw [Wed, 20 Dec 2017 18:51:14 +0000 (18:51 +0000)]
Always 'send' host-name, rather than relying on dhclient.conf to ask
for it. Removes the need to install a dhclient.conf for a default
configuration.
Install script simplification to follow.
General enthusiasm. ok millert@ benno@ tom@ ian@
stsp [Wed, 20 Dec 2017 18:20:59 +0000 (18:20 +0000)]
Two background scan fixes for iwn(4) (4965 devices only):
1) Use only one antenna while scanning on 5GHz. Fixes very low RSSI values.
2) During a background scan while associated to a 5GHz AP, send probe
requests on 2GHz channels with an OFDM rate (6Mbps) because the buggy
firmware does not like sending with a CCK rate (1Mbps) in this state.
CCK rates are not valid for 5GHz, which could explain this firmware bug.
Taken from FreeBSD r222679.
jca@ tested and confirmed the first problem but lacks a 5GHz access point to
associate to and test the second one with.
I am going to *blindly trust* FreeBSD on the second one! It is not a big deal
if it doesn't actually apply to our firmware version as the change itself is
rather inconsequential in practice. And 4965 hardware is quite rare nowadays.
ok jca@
mpi [Wed, 20 Dec 2017 11:22:29 +0000 (11:22 +0000)]
Sync C mutex implementations.
ok kettenis@
mpi [Wed, 20 Dec 2017 11:08:44 +0000 (11:08 +0000)]
Switch x86 architectures to the common C mutex implementation.
This is a step towards MI mutexes.
ok kettenis@
krw [Wed, 20 Dec 2017 02:02:31 +0000 (02:02 +0000)]
Add a sanity check on the number of chunks being
assembled into a volume, to enure the on-disk
metadata and the in-memory metadata agree.
zhuk [Tue, 19 Dec 2017 20:44:53 +0000 (20:44 +0000)]
More NUL (not NULL) checks.
With support from guenther@ and millert@; final okay espie@
patrick [Tue, 19 Dec 2017 18:06:41 +0000 (18:06 +0000)]
Pass calibrated TSC frequency to vmm(4) guests. On machines where TSC
cannot be calculated from the CPUID register, because the CPU does not
support it, but can be calibrated from another timer, the vmm(4) guest
doesn't have a chance to read or calibrate its own TSC frequency since
it has no access to a precise enough time counter. In that case, fake
the existence of the register and supply our calibrated TSC frequency.
mlarkin@ tells me this also greatly helps Linux guests.
ok mlarkin@
martijn [Tue, 19 Dec 2017 17:46:28 +0000 (17:46 +0000)]
Remove EXAMPLES section.
The example itself was taken directly from the POSIX specification by jmc@,
who doesn't remember adding it. This example isn't very clear about what
it actually does, so just remove it.
If someone can come up with one or more examples that give a more clear
introduction to the workings of sed feel free to send them in.
Prompted by a diff by kshe59 <at> zoho <dot> eu
OK jmc@
deraadt [Tue, 19 Dec 2017 16:41:43 +0000 (16:41 +0000)]
curproc access isn't necessarily as cheap as a local variable access,
so only get it once
ok guenther
nicm [Tue, 19 Dec 2017 15:00:39 +0000 (15:00 +0000)]
Report better error from server when socket create fails, GitHub issue
1201.
espie [Tue, 19 Dec 2017 13:51:13 +0000 (13:51 +0000)]
somehow, I lost that static.
From Michal W. Bombardieri, thx
stefan [Tue, 19 Dec 2017 10:04:59 +0000 (10:04 +0000)]
Remove unused ps_stackgap from process struct
Nothing uses this field since Linux compat was removed.
ok mpi@ deraadt@ guenther@
mpi [Tue, 19 Dec 2017 09:35:56 +0000 (09:35 +0000)]
Remove a 27 year old #ifdef notdef chunk involving SB_LOCK.
ok bluhm@
mpi [Tue, 19 Dec 2017 09:32:15 +0000 (09:32 +0000)]
Inline socket buffer related defines, no functional change.
ok bluhm@
mpi [Tue, 19 Dec 2017 09:29:37 +0000 (09:29 +0000)]
Remove unnecessary unlock/lock dance when following a goto.
ok bluhm@
djm [Tue, 19 Dec 2017 00:49:30 +0000 (00:49 +0000)]
explicitly test all key types and their certificate counterparts
refactor a little
djm [Tue, 19 Dec 2017 00:24:34 +0000 (00:24 +0000)]
include signature type and CA key (if applicable) in some debug messages
djm [Mon, 18 Dec 2017 23:16:23 +0000 (23:16 +0000)]
unbreak hostkey rotation; attempting to sign with a desired signature
algorithm of kex->hostkey_alg is incorrect when the key type isn't
capable of making those signatures. ok markus@
djm [Mon, 18 Dec 2017 23:14:34 +0000 (23:14 +0000)]
log mismatched RSA signature types; ok markus@
djm [Mon, 18 Dec 2017 23:13:42 +0000 (23:13 +0000)]
pass kex->hostkey_alg and kex->hostkey_nid from pre-auth to post-auth
unpriviledged child processes; ok markus@
rpe [Mon, 18 Dec 2017 22:48:28 +0000 (22:48 +0000)]
Change the question at the end of installs and upgrades to present a choice
between exiting to the shell or to reboot the latter being the default.
(On sparc64 the second choice is to halt the system which leaves it at the
OpenBoot PROM prompt)
While there add a newline after the CONGRATULATIONS message.
OK tb@
positive feedback naddy@ deraadt@ giovanni@
nicm [Mon, 18 Dec 2017 22:13:36 +0000 (22:13 +0000)]
Do not try to put more in command message than will fit when sending
(the server will treat as a fatal error). GitHub issue 1200.
benno [Mon, 18 Dec 2017 21:45:57 +0000 (21:45 +0000)]
always initialize the hce_launch_checks event timer.
Fixes a crash when poll is run without any checks.
Found and fixed by Hiltjo Posthuma (hiltjo -AT- codemadness -DOT- org).
ok claudio@
tb [Mon, 18 Dec 2017 21:33:26 +0000 (21:33 +0000)]
Display $MODE (install/upgrade) in the prompt before we know the hostname.
suggested by deraadt
ok rpe
anton [Mon, 18 Dec 2017 20:37:58 +0000 (20:37 +0000)]
Sync cross references related to libutil; ok jmc@
anton [Mon, 18 Dec 2017 20:30:14 +0000 (20:30 +0000)]
Get rid of a todo by stop declaring variable texec as static and instead zeroing
it out prior to continuing down the recursive call chain.
Initial diff from Michael W. Bombardieri, later tweaked; ok tb@
kettenis [Mon, 18 Dec 2017 20:23:16 +0000 (20:23 +0000)]
Properly implement the rsb attribute and actually use it.
kettenis [Mon, 18 Dec 2017 20:21:06 +0000 (20:21 +0000)]
Add sensors for the AXP809.
kettenis [Mon, 18 Dec 2017 20:03:48 +0000 (20:03 +0000)]
Generate SIGBUS/BUS_ADRALN when we see a PC Alignment Exception from userland.
ok patrick@
kettenis [Mon, 18 Dec 2017 19:40:12 +0000 (19:40 +0000)]
Use axppmic as a dependency instead of axppmic_rsb.
anton [Mon, 18 Dec 2017 19:19:08 +0000 (19:19 +0000)]
Add tests for the environment related commands in csh. While here, print a
descriptive header before each test, inspired by the many others in regress.
anton [Mon, 18 Dec 2017 19:12:24 +0000 (19:12 +0000)]
No need to declare variable name as static in dounsetenv(). Also, drop a
redundant call to free() since name is always freed upon return.
From Michael W. Bombardieri, with some tweaks by myself.
anton [Mon, 18 Dec 2017 19:04:53 +0000 (19:04 +0000)]
Add another pair of home/end key bindings; from Lari Rasku.
ok jca@
patrick [Mon, 18 Dec 2017 18:42:33 +0000 (18:42 +0000)]
Read RAM size for chips with SOCRAM like the BCM4334 on one of my
Intel machines.
patrick [Mon, 18 Dec 2017 18:40:50 +0000 (18:40 +0000)]
Read RAM size for chips with SOCRAM like the BCM4334 on one of my
Intel machines.
millert [Mon, 18 Dec 2017 17:28:54 +0000 (17:28 +0000)]
Add helper function for uri handing in scp where a missing path
simply means ".". Also fix exit code and add warnings when an
invalid uri is encountered. OK otto@
bluhm [Mon, 18 Dec 2017 17:01:27 +0000 (17:01 +0000)]
When setting KTRACE in the environment, client and server write
ktrace files. This simplifies debugging as system calls can be
inspected with kdump.
patrick [Mon, 18 Dec 2017 16:44:49 +0000 (16:44 +0000)]
Pass the BSSID to the join command so that we connect to the AP that
we chose instead of any AP the firmware chooses based on the SSID.
patrick [Mon, 18 Dec 2017 16:33:37 +0000 (16:33 +0000)]
Pass scan type directly to the scan command instead of using the global
variable.
helg [Mon, 18 Dec 2017 14:20:23 +0000 (14:20 +0000)]
Add call to fuse_remove_signal_handlers(3) in fuse_teardown(3) to do the
opposite of fuse_setup(3).
ok mpi@
krw [Mon, 18 Dec 2017 14:17:58 +0000 (14:17 +0000)]
Stop inserting and paying attention to 'interface <if>;'
inside 'lease {}' declarations. We don't keep leases from
multiple interfaces in dhclient.leases.<if> files.
One less thing to parse and keep in memory. More rope for
those wanting to do unspeakable things with their lease files.
fcambus [Mon, 18 Dec 2017 12:53:33 +0000 (12:53 +0000)]
Add sizes for free() in libsa for amd64 and i386.
OK tom@, deraadt@
nicm [Mon, 18 Dec 2017 12:39:34 +0000 (12:39 +0000)]
Remove unused variable from Thomas Adam.
helg [Mon, 18 Dec 2017 11:41:41 +0000 (11:41 +0000)]
Refactor libfuse option processing to better support options in the
future. Immediate benefits are that gid, uid and umask are now
supported and max_read is now honoured for all file systems. Mounting
read_only is now possible but requires more thorough testing.
ok mpi@
kettenis [Mon, 18 Dec 2017 10:51:24 +0000 (10:51 +0000)]
Enable RSB attachment for axppmic(4).
kettenis [Mon, 18 Dec 2017 10:50:13 +0000 (10:50 +0000)]
Add i2c interface code to the new axppmic(4) code and add support for the
AXP152 and AXP209 here as well. The AXP209 is extended to support
regulators and sensors. The ACIN and VBUS indicators are now exported as
sensors. Retire the old AXP152/AXP209 support code.
kettenis [Mon, 18 Dec 2017 10:13:45 +0000 (10:13 +0000)]
Map framebuffer into userland as non-cachable (but normal) memory. We still
map the framebuffer as device memory in the kernel. Using mismatched
memory attributes like this is discouraged (and we should probably fix this
at some point) but this particular case is well-defined and the potential
side-effects should not matter for thus use-case.
ok patrick@
mpi [Mon, 18 Dec 2017 10:10:53 +0000 (10:10 +0000)]
Revert support for multiple threads to enter kqueue_scan() in parallel.
It is not clear if this change is responsible for the lockups experienced
by dhill@ and jcs@ but since we're no longer grabbing the socket lock in
kqueue(2) filters there's no need for this change.
mpi [Mon, 18 Dec 2017 10:07:55 +0000 (10:07 +0000)]
Revert grabbing the socket lock in kqueue(2) filters.
This change exposed or created a situation where a CPU started to be
irresponsive while holding the KERNEL_LOCK(). These led to lockups and
even with MP_LOCKDEBUG it was not clear what happened to this CPU.
These situations have been experience by dhill@ with dcrwallet and jcs@
with syncthing. Both applications are written in Go and do kevent(2)
& networking across multiple threads.
mpi [Mon, 18 Dec 2017 10:05:43 +0000 (10:05 +0000)]
Make rw_exit() always succeed after a panic.
Prevents a deadlock in if_downall() when rw_enter() succeed without
really grabbing the lock.
Reported by and ok phessler@
mpi [Mon, 18 Dec 2017 09:40:17 +0000 (09:40 +0000)]
Size for free(9).
From <kshe59 at zoho.eu>
kettenis [Mon, 18 Dec 2017 09:13:47 +0000 (09:13 +0000)]
Add support for enabling registered regulators. Make sure that we leave
regulators with a "regulator-always-on" property alone.
ok patrick@
job [Mon, 18 Dec 2017 09:12:49 +0000 (09:12 +0000)]
Reclaim browser screen real estate in bgplg
Removing versioning information too.
OK deraadt@
ajacoutot [Mon, 18 Dec 2017 09:09:53 +0000 (09:09 +0000)]
Tighten /usr/local and /usr/X11R6 so that 8G disks still fit in our default
partitioning scheme.
ok florian@ benno@
jmc [Mon, 18 Dec 2017 07:15:15 +0000 (07:15 +0000)]
let's not try to document the number of items in a list...
cheloha [Mon, 18 Dec 2017 05:51:53 +0000 (05:51 +0000)]
Add the CLOCK_BOOTTIME clockid for use with clock_gettime(2)
and put it to use in userspace in lieu of the kern.boottime
sysctl.
Its absolute value is the time that has elapsed since the
system booted, i.e., the system uptime.
Use in top(1), w(1), and snmpd(8) eliminates a race with
settimeofday(2), adjtime(2), etc. inherent to deriving the
system uptime via the kern.boottime sysctl.
Product of a great deal of discussion/revision with jca@, tb@,
and guenther@.
ok tb@ jca@ guenther@ dlg@ mlarkin@ tom@
djm [Mon, 18 Dec 2017 02:25:15 +0000 (02:25 +0000)]
pass negotiated signing algorithm though to sshkey_verify() and
check that the negotiated algorithm matches the type in the
signature (only matters for RSA SHA1/SHA2 sigs). ok markus@
djm [Mon, 18 Dec 2017 02:22:29 +0000 (02:22 +0000)]
sshkey_sigtype() function to return the type of a signature;
ok markus@
patrick [Mon, 18 Dec 2017 00:08:28 +0000 (00:08 +0000)]
Support setting the Cortex-A7 cores to active/passive mode and
fix up the code for the Cortex-R4 which works the same.
deraadt [Sun, 17 Dec 2017 20:14:40 +0000 (20:14 +0000)]
sync
mlarkin [Sun, 17 Dec 2017 19:16:02 +0000 (19:16 +0000)]
vmm(4): pass EFER properly from vmd(8), needed to support vmctl(8)'s "-b"
option which had been broken due to recent commits on AMD (SVM/RVI)
ok pd@
job [Sun, 17 Dec 2017 18:41:17 +0000 (18:41 +0000)]
Add community/large-community commands and retain parameter input in form
OK deraadt@
rpe [Sun, 17 Dec 2017 18:29:56 +0000 (18:29 +0000)]
Add a new question "Escape to shell before reboot? [no]" at the end of
the install and upgrade process.
"no" or [enter] reboots the system
"yes" leaves the install or upgrade at the shell prompt
On selected architectures, sparc64 being the only so far, the system
is halted instead of rebooted.
autoinstall(8) is NOT affected by this new question as it reboots the
system automatically already.
Suggested by and OK deraadt@, tb@ phessler@
Feedback on sparc64 by stsp@
Positive feedback pea@ landry@
kettenis [Sun, 17 Dec 2017 18:25:25 +0000 (18:25 +0000)]
Make axppmic(4) attach to a Reduced Serial Bus, and support the AXP806
and AXP809 PMICs. Disabled for now.