jmc [Thu, 10 Nov 2022 19:07:21 +0000 (19:07 +0000)]
tweak the "once" text; ok sashan
mbuhl [Thu, 10 Nov 2022 18:58:02 +0000 (18:58 +0000)]
Initialize data before passing it to get_input_data. Strictly
speaking this is not necessary as all used bits of the uint32_t are
zeroed.
ok mlarkin
tb [Thu, 10 Nov 2022 18:15:36 +0000 (18:15 +0000)]
Bump LibreSSL version to 3.7
jsing [Thu, 10 Nov 2022 18:06:37 +0000 (18:06 +0000)]
Use tls_buffer for alert and handshake fragments in the legacy stack.
This avoids a bunch of pointer munging and a handrolled memmove.
ok tb@
joshua [Thu, 10 Nov 2022 17:53:45 +0000 (17:53 +0000)]
Finish migrating to one source file per line.
ok jsing@ tb@
schwarze [Thu, 10 Nov 2022 17:44:05 +0000 (17:44 +0000)]
In asn1.h rev. 1.65, beck@ provided ASN1_TIME_set_string_X509(3),
ASN1_TIME_normalize(3), ASN1_TIME_to_tm(3), ASN1_TIME_cmp_time_t(3),
and ASN1_TIME_compare(3).
Merge documentation from the OpenSSL 1.1.1 branch, which is still
under a free license, with tweaks by me in several respects to match
our implementation, and also using some feedback from beck@.
OK beck@.
dlg [Thu, 10 Nov 2022 17:17:47 +0000 (17:17 +0000)]
bring back r1.673: replace SRP with SMR in the if_idxmap.
when i first wrote if_idxmap i didn't realise (and no one thought
to tell me) that index 0 was special and means "no interface", so
while here use the 0th slot in the interface map to store the length
of the map instead of prepending the map with a length field.
if_get() now special cases index 0 and returns NULL directly. this
also means the size of the map is now always a power of 2, which
is a nicer fit with what the kernel malloc aprovides.
the problem with r1.673 that hrvoje popovski found was that attaching
a lot of interfaces during autoconf would lock up when growing the
map called smr_barrier. the fix in this diff is to (ab)use the
usedidx bitmap to store an smr_entry and defer the freeing of the
interface pointer map with it.
tested by hrvoje popovski
tweaks and ok visa@
beck [Thu, 10 Nov 2022 16:52:19 +0000 (16:52 +0000)]
Allow explicit cert trusts or distrusts for EKU any
This matches the current OpenSSL behaviour introduced
in their commit:
commit
0daccd4dc1f1ac62181738a91714f35472e50f3c
Date: Thu Jan 28 03:01:45 2016 -0500
ok jsing@ tb@
jsing [Thu, 10 Nov 2022 16:38:57 +0000 (16:38 +0000)]
Add regress coverage for
Ed25519 and X25519 EVP interfaces.
jsing [Thu, 10 Nov 2022 16:37:51 +0000 (16:37 +0000)]
Implement EVP interfaces for
Ed25519 and X25519.
ok beck@ tb@
schwarze [Thu, 10 Nov 2022 16:34:23 +0000 (16:34 +0000)]
Remove obsolete function, struct, and macro names
that tb@ removed from asn1.h on January 14:
rev. 1.58: ASN1_CTX ASN1_const_CTX
rev. 1.60: ASN1_OBJECT_FLAG_CRITICAL ASN1_OBJECT_FLAG_DYNAMIC
rev. 1.60: ASN1_OBJECT_FLAG_DYNAMIC_DATA ASN1_OBJECT_FLAG_DYNAMIC_STRINGS
rev. 1.61: NETSCAPE_X509 NETSCAPE_X509_free NETSCAPE_X509_new
rev. 1.61: d2i_NETSCAPE_X509 i2d_NETSCAPE_X509
sashan [Thu, 10 Nov 2022 16:29:20 +0000 (16:29 +0000)]
revert pf_state mtx commit, because it breaks tree.
pfctl does not build
OK dlg@
patrick [Thu, 10 Nov 2022 16:20:54 +0000 (16:20 +0000)]
Apparently we receive interrupts for both powerkey press and release, which
isn't quite helpful when it's used to come back from suspend and then the
second interrupt initiates powerdown. Ignore press, but handle release.
ok kettenis@
kettenis [Thu, 10 Nov 2022 16:14:50 +0000 (16:14 +0000)]
Since the introduction of automatic immutable from the kernel, the munmap()
of ld.so boot.text region is now (silently) failing because the region is
contained within the text LOAD, which is immutable. So create a new btext
LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place all boot.text objects
in there. This LOAD must also be page-aligned so it doesn't skip unmapping
some of the object region, previously it was hilariously unaligned.
ok kettenis and guenther seemed to like it also
This one is for powerpc64 and a modified version of the diff deraadt@ mailed
out to make sure the LOADs are in increasing address order.
krw [Thu, 10 Nov 2022 16:12:05 +0000 (16:12 +0000)]
Add mbr_get_fstype() and use it to translate MBR dp_typ fields
into FS_* values. Similar to what gpt_get_fstype() does. Code is
clearer and better positioned for planned enhancements to
spoofing.
No intentional functional change.
jsing [Thu, 10 Nov 2022 16:04:31 +0000 (16:04 +0000)]
Map objects for
ED25519 to
Ed25519.
OpenSSL used
ED25519, even though the RFCs use
Ed25519 - as such, we get to
provide both.
ok tb@
joshua [Thu, 10 Nov 2022 16:00:34 +0000 (16:00 +0000)]
Continue migrating to one source file per line.
ok jsing@ tb@
kn [Thu, 10 Nov 2022 16:00:17 +0000 (16:00 +0000)]
Use local variable for consistency
OK claudio
krw [Thu, 10 Nov 2022 15:26:38 +0000 (15:26 +0000)]
HP-300's hd is now gone. svnd transmorgified into vnd in 2011. No
need to keep checking for these device names.
jsing [Thu, 10 Nov 2022 15:17:30 +0000 (15:17 +0000)]
Provide digestsign/digestverify hooks for EVP_PKEY_METHOD.
These are needed for EVP implementations of
Ed25519 and X25519.
ok beck@ tb@
joshua [Thu, 10 Nov 2022 15:13:52 +0000 (15:13 +0000)]
Continue migrating to one source file per line.
ok jsing@ tb@
kn [Thu, 10 Nov 2022 14:51:01 +0000 (14:51 +0000)]
Downgrade test to C++98 to fix build on GCC archs
Spotted on sparc64, diff from miod, tb and bluhm agree.
jsing [Thu, 10 Nov 2022 14:46:44 +0000 (14:46 +0000)]
Port EVP raw key API from OpenSSL.
This will be needed to deal with Curve25519 based keys.
ok beck@ tb@
sashan [Thu, 10 Nov 2022 14:22:43 +0000 (14:22 +0000)]
Add a mutex to pf_state structure. Mutex retain a consistency
of structure members without using a global state lock.
The first member which uses protection by mutex is key[] array.
more will follow.
OK dlg@
kettenis [Thu, 10 Nov 2022 14:15:15 +0000 (14:15 +0000)]
Add suspend/resume support to control the power domain.
ok patrick@
job [Thu, 10 Nov 2022 13:22:55 +0000 (13:22 +0000)]
Indicate compliance with work-in-progress spec for ROA objects
jsing [Thu, 10 Nov 2022 13:09:34 +0000 (13:09 +0000)]
Port ASN1_buf_print() from OpenSSL 1.1.
This is needed to print byte array based keys, such as
Ed25519 and X25519.
ok beck@ tb@
patrick [Thu, 10 Nov 2022 13:08:57 +0000 (13:08 +0000)]
qcpon(4), qcpwm(4), qcrtc(4)
patrick [Thu, 10 Nov 2022 12:59:26 +0000 (12:59 +0000)]
update for consistency
patrick [Thu, 10 Nov 2022 12:57:08 +0000 (12:57 +0000)]
qcpmic(4), qcpmicgpio(4), qcspmi(4)
joshua [Thu, 10 Nov 2022 12:55:49 +0000 (12:55 +0000)]
Continue migrating to one source file per line.
ok jsing@ tb@
kn [Thu, 10 Nov 2022 12:46:19 +0000 (12:46 +0000)]
typofix; ok dlg
anton [Thu, 10 Nov 2022 12:40:29 +0000 (12:40 +0000)]
cope with recent route output changes
patrick [Thu, 10 Nov 2022 12:40:07 +0000 (12:40 +0000)]
qcpdc(4)
anton [Thu, 10 Nov 2022 12:38:57 +0000 (12:38 +0000)]
Use /tmp as opposed of /var/tmp as the default directory for temporary
files.
tobhe [Thu, 10 Nov 2022 12:37:00 +0000 (12:37 +0000)]
Fix a few more leaks in *_print() functions.
ok jsing@
patrick [Thu, 10 Nov 2022 12:36:38 +0000 (12:36 +0000)]
Move manpages for Qualcomm devices over to the MI directory. kettenis@ put
them into the arm64-specific one mostly because they were for ACPI and that
will definitely be arm64-specific. I have committed most of the FDT ones
to the MI fdt directory. dlg@ would be happier with those manpages in the
MI one. There are more manpages to come as well.
patrick [Thu, 10 Nov 2022 12:16:06 +0000 (12:16 +0000)]
Remove hack that uses a timeout to fake interrupts now that qcpdc(4) allows
us to properly establish interrupts.
The fixed IPL_BIO should probably be replaced by the highest IPL requested
by our children.
ok kettenis@
kettenis [Thu, 10 Nov 2022 12:14:05 +0000 (12:14 +0000)]
We need to turn a few more things on in the resume path. This makes it
possible to ifconfig down the interface suspend/resume and ifconfig up the
interface again afterwards in most cases. Suspend/resume with the interface
up is still busted.
ok patrick@, stsp@
patrick [Thu, 10 Nov 2022 12:13:22 +0000 (12:13 +0000)]
Enable qcpdc(4)
ok kettenis@
patrick [Thu, 10 Nov 2022 12:12:53 +0000 (12:12 +0000)]
Add qcpdc(4), a driver for the Qualcomm Power Domain controller found on
Qualcomm SoCs. This is mostly a shim torwards agintc(4).
ok kettenis@
matthieu [Thu, 10 Nov 2022 12:10:54 +0000 (12:10 +0000)]
Move the code handling brightness keys into a task, since with
inteldrm(4) it requires a process context. ok kettenis@
dv [Thu, 10 Nov 2022 11:46:39 +0000 (11:46 +0000)]
vmd(8): import mmio decode and emulation, disabled for now.
The initial mmio support for vmd adds support for only specific MOV
and MOVZX instructions. Plan is to begin iterating in-tree on other
missing pieces. All functionality is gated behind an #if for now.
Only change to vmm(4) is reordering register #define's in vmmvar.h.
ok mlarkin@
kettenis [Thu, 10 Nov 2022 11:45:29 +0000 (11:45 +0000)]
Make the power button function as a wakeup button during suspend.
ok phessler@, patrick@, tobhe@
kettenis [Thu, 10 Nov 2022 11:44:06 +0000 (11:44 +0000)]
iWe must be careful to only disable power domains that are no longer in
use by a device. So maintainer a counter and only disable the power
domain if it drops to zero.
ok deraadt@, tobhe@
kettenis [Thu, 10 Nov 2022 11:23:21 +0000 (11:23 +0000)]
arm64 can suspend without PSCI support now
ok deraadt@, phessler@
krw [Thu, 10 Nov 2022 11:02:26 +0000 (11:02 +0000)]
Regen
mbuhl [Thu, 10 Nov 2022 10:47:30 +0000 (10:47 +0000)]
A theoretical path exists where ext.data1 is not initialized by
parseextcommunity but used afterwards.
Found by codechecker.
OK claudio
kettenis [Thu, 10 Nov 2022 10:37:40 +0000 (10:37 +0000)]
Put CPUs in the lowest P-state just before the final suspend step. The
firmware probably does this for us on ACPI systems with proper S3 support,
but this doesn't happen on systems where we park CPUs in a low-power idle
state ourselves.
ok deraadt@
tb [Thu, 10 Nov 2022 10:24:50 +0000 (10:24 +0000)]
Move bn_prime.h to the public domain.
It's entirely trivial.
ok beck
krw [Thu, 10 Nov 2022 09:50:00 +0000 (09:50 +0000)]
Nuke Vax (ra,rx) and HP-300 (hd) devices.
Noticed by kn@
ok millert@
jmatthew [Thu, 10 Nov 2022 08:26:54 +0000 (08:26 +0000)]
Convert amd64 clock and ipi event counters to per-cpu
ok kettenis@ jca@ cheloha@
deraadt [Thu, 10 Nov 2022 08:17:53 +0000 (08:17 +0000)]
change default output to -a format; ok tb
jmatthew [Thu, 10 Nov 2022 07:08:01 +0000 (07:08 +0000)]
Convert sparc64 clock event counter to per-cpu and increment using
evcount_inc() rather than atomic operations.
ok kettenis@ jca@ cheloha@
jmatthew [Thu, 10 Nov 2022 07:05:41 +0000 (07:05 +0000)]
Add support for per-cpu event counters, to be used for clock and IPI
counters where the event being counted occurs across all CPUs in the
system. Counter instances can be made per-cpu by calling evcount_percpu()
after the counter is attached, and this can occur before or after all system
CPUs are attached. Per-cpu counter instances should be incremented using
evcount_inc().
ok kettenis@ jca@ cheloha@
asou [Thu, 10 Nov 2022 02:47:52 +0000 (02:47 +0000)]
Return error number instead of call panic().
ok mpi@
mbuhl [Thu, 10 Nov 2022 00:44:12 +0000 (00:44 +0000)]
In case RSA_meth_new fails, errstr would be passed to fatalx without
initialization.
OK tb
jsg [Thu, 10 Nov 2022 00:14:11 +0000 (00:14 +0000)]
fix build after 1.298
mbuhl [Thu, 10 Nov 2022 00:00:11 +0000 (00:00 +0000)]
always call va_end.
ok tb
joshua [Wed, 9 Nov 2022 23:33:08 +0000 (23:33 +0000)]
Start migrating to one source file per line.
ok jsing@ tb@
tb [Wed, 9 Nov 2022 23:28:08 +0000 (23:28 +0000)]
Remove prime_t remnant and link bn_primes test statically
jsing [Wed, 9 Nov 2022 23:14:51 +0000 (23:14 +0000)]
Sync CBS_strdup() documentation update from libcrypto.
sashan [Wed, 9 Nov 2022 23:00:00 +0000 (23:00 +0000)]
simplify expiration of 'once' rules.
let packet to mark 'once' rule as expired. The rule
will be removed by pfctl(8) when rules are updated.
OK kn@
tobhe [Wed, 9 Nov 2022 22:56:44 +0000 (22:56 +0000)]
Hook up gpiobl(4) to the screen burner instead of wsdisplay(4) brightness
control. This enables automatic screen blanking with X and wscons(4) once
wsfb(4) is fixed.
"this is fine for now" kettenis@
tb [Wed, 9 Nov 2022 22:52:51 +0000 (22:52 +0000)]
Move table in bn_primes.h to a .c file and get rid of prime_t
This way we deduplicate two inclusions of the same big table and eliminate
lots of stupid casts.
input and ok many
claudio [Wed, 9 Nov 2022 22:25:36 +0000 (22:25 +0000)]
Remove kernel lock here since msleep() with PCATCH no longer requires it.
OK mpi@
krw [Wed, 9 Nov 2022 22:25:27 +0000 (22:25 +0000)]
No more xd/xy devs.
deraadt [Wed, 9 Nov 2022 22:25:08 +0000 (22:25 +0000)]
Some limited setsockopt/getsockopt are allowed in pledge "stdio".
Also allow IPPROTO_TCP:TCP_NODELAY
It is very small kernel code, and will allow some software to drop "inet"
requested by djm
krw [Wed, 9 Nov 2022 22:18:53 +0000 (22:18 +0000)]
Regen
dlg [Wed, 9 Nov 2022 22:15:50 +0000 (22:15 +0000)]
revert r1.673: replace SRP with SMR in the if_idxmap.
if the map has to be reallocated during boot, there's an smr_barrier
waiting for the old map to become unused. that barrier ends up
waiting for cpus that aren't running yet because we haven't finished
booting yet, so boot gets stuck.
found by hrvoje popovski
kn [Wed, 9 Nov 2022 22:12:40 +0000 (22:12 +0000)]
Constify simplefb_formats[]; OK patrick
patrick [Wed, 9 Nov 2022 20:00:05 +0000 (20:00 +0000)]
Enable qcpwm(4)
ok kettenis@ mlarkin@
patrick [Wed, 9 Nov 2022 19:59:38 +0000 (19:59 +0000)]
Add qcpwm(4), a driver for the PWM found on Qualcomm PMICs. This is used
on the Lenovo x13s to control the display backlight brightness.
ok kettenis@ mlarkin@
deraadt [Wed, 9 Nov 2022 19:50:25 +0000 (19:50 +0000)]
Now that dlopen() sets object->nodelete for RTLD_NODELETE, _dl_load_dep_libs()
can consider this same as the "booting" case, and instruct lower layers to
do immutability. With this change in place, the not-yet-commited
library-immutable diff leaves 1 page of libc (malloc related) and 6
non-RTLD_NODELETE libraries mutable in chrome.
Everything else is immutable, except for the program's transient memory
allocations & file mappings. This is an unexpected result.
krw [Wed, 9 Nov 2022 19:35:23 +0000 (19:35 +0000)]
Remove xy/xd. SMD left with sparc.
ok kn@ deraadt@
patrick [Wed, 9 Nov 2022 19:25:50 +0000 (19:25 +0000)]
Move input/output configuration into the correct function.
kettenis [Wed, 9 Nov 2022 19:18:11 +0000 (19:18 +0000)]
Implement wakeup interrupt support. For now this is only implemented for
aplintc(4); other arm64 interrupt controllers will follow.
ok patrick@
jsing [Wed, 9 Nov 2022 19:18:08 +0000 (19:18 +0000)]
Fix up indentation for EVP_PKEY_* defines.
mbuhl [Wed, 9 Nov 2022 19:11:14 +0000 (19:11 +0000)]
nreq could leak a http get request in case a redirect without
location header was received.
OK deraadt
jsing [Wed, 9 Nov 2022 19:05:42 +0000 (19:05 +0000)]
Revise CBS_strdup() documentation.
CBS_strdup() now internally checks if the data contains NUL, failing if it
does.
Prompted by beck@
mbuhl [Wed, 9 Nov 2022 18:48:11 +0000 (18:48 +0000)]
In do_zzz a garbage stack value could be accessed in case a read
or write in send_command failed.
Found by codechecker.
OK deraadt
krw [Wed, 9 Nov 2022 18:46:04 +0000 (18:46 +0000)]
Remove xy/xd. SMD left with sparc.
ok kn@ deraadt@
deraadt [Wed, 9 Nov 2022 18:44:11 +0000 (18:44 +0000)]
dlopen() with RTLD_NODELETE should also set the object nodelete flag,
so the mapping layer will know it can use mimmutable()
deraadt [Wed, 9 Nov 2022 18:39:35 +0000 (18:39 +0000)]
Since the introduction of automatic immutable from the kernel, the munmap()
of ld.so boot.text region is now (silently) failing because the region is
contained within the text LOAD, which is immutable. So create a new btext
LOAD with flags PF_X|PF_R|PF_OPENBSD_MUTABLE, and place all boot.text objects
in there. This LOAD must also be page-aligned so it doesn't skip unmapping
some of the object region, previously it was hilariously unaligned.
ok kettenis and guenther seemed to like it also
This one is for 32-bit arm, tested by phessler
jsing [Wed, 9 Nov 2022 18:25:36 +0000 (18:25 +0000)]
Clean up EVP_PKEY_METHOD related tables and code.
This is effectively the same as done for EVP_PKEY_ASN1_METHOD, although
this table only has nine entries.
ok tb@
job [Wed, 9 Nov 2022 18:17:23 +0000 (18:17 +0000)]
Error out if a ROA payload contains too many ipAddrBlocks
The ASN.1 profile in draft-ietf-sidrops-rfc6482bis section 4 specifies
that there must not be more than 2 ipAddrBlocks (one for IPv4, and one
for IPv6). Compatible with all published ROAs.
OK tb@
jsing [Wed, 9 Nov 2022 18:17:16 +0000 (18:17 +0000)]
Clean up EVP_PKEY_ASN1_METHOD related tables and code.
Rather than messing around with an OBJ_bsearch() for a table that contains
16 entries (and a stack find for any application added methods), simply do
a reverse linear scan. This maintains the application method first
behaviour, while removing a chunk of code.
While here rename some variables and do some style clean up.
ok tb@
kettenis [Wed, 9 Nov 2022 18:17:00 +0000 (18:17 +0000)]
Add suspend/resume support to aplns(4).
ok dlg@, patrick@
claudio [Wed, 9 Nov 2022 18:12:47 +0000 (18:12 +0000)]
Simplify the overly complex VXLOCK handling in spec_close.
The code only needs to know if the vnode is exclusive locked and this
can be done on entry of the function.
OK mpi@
beck [Wed, 9 Nov 2022 18:11:45 +0000 (18:11 +0000)]
Add tests for boundary conditions of struct tm.
Struct tm is limited by it's year being an int.
kn [Wed, 9 Nov 2022 18:00:02 +0000 (18:00 +0000)]
ndp, route, netstat: adjust ipv6 address width
It has been annoying me for too long that fully specififed GUAs
(2001:0db8:3333:4444:5555:6666:7777:8888) mess up alignment.
systat(1)'s netstat is the only view that has a big enough limit and thus
never misaligns.
Unify ndp(8), route(8) and netstat(1) views to always align nicely.
Feedback OK claudio
dv [Wed, 9 Nov 2022 17:53:12 +0000 (17:53 +0000)]
vmm(4): treat vcpu lists as immutable, reducing complexity.
Since vmm doesn't support hot-plug vcpus we can reduce complexity
by treating the vcpu list per vm as immutable after creation.
As a consequence, we can use the vm reference count to protect the
lifetime of the vcpus, removing the need for reference counting
individual vcpu objects. With an immutable list, we no longer need
a rwlock protecting it either.
Original diff from dlg@ that I reworked and tested.
ok dlg@, mlarkin@
jsing [Wed, 9 Nov 2022 17:49:54 +0000 (17:49 +0000)]
Revise
ED25519 regress following API changes.
jsing [Wed, 9 Nov 2022 17:45:55 +0000 (17:45 +0000)]
Make X25519_public_from_private() internally reachable.
claudio [Wed, 9 Nov 2022 17:41:05 +0000 (17:41 +0000)]
Before printing the redirect URI pass it through stravis since it is
untrusted input.
OK tb@ kn@ millert@
jsing [Wed, 9 Nov 2022 17:40:51 +0000 (17:40 +0000)]
Rename public_value to public_key for consistency.
ok tb@
jsing [Wed, 9 Nov 2022 17:39:29 +0000 (17:39 +0000)]
Rework
ED25519 API.
BoringSSL implemented a compound private key, which includes a copy of the
public key as a performance optimisation for signing. However, this does
not readily match with how EVP works, makes the
ED25519 API inconsistent
with the X25519 API, diverges from th RFC and does not align with the
OpenSSL API. Instead, the caller can readily compute the public key and
pass this in to the signing process.
ok tb@
jsing [Wed, 9 Nov 2022 17:15:59 +0000 (17:15 +0000)]
Add some regress coverage for EVP_PKEY_METHOD.
cheloha [Wed, 9 Nov 2022 17:12:50 +0000 (17:12 +0000)]
timeout(9): remove TIMEOUT_KCLOCK flag
I never should have added the TIMEOUT_KCLOCK flag. It is redundant
and only serves to complicate the timeout(9) logic. In every place
where we check for the flag we can just use timeout.to_kclock.
So, remove the flag from <sys/timeout.h> and rewrite all affected
logic to use the value of timeout.to_kclock instead.
ok kn@
jsing [Wed, 9 Nov 2022 17:03:53 +0000 (17:03 +0000)]
Sort EVP_PKEY_METHOD externs.