openbsd
2 years agoConsider pmemrange regions when trying to free pages from the inactive list.
mpi [Tue, 28 Jun 2022 19:31:30 +0000 (19:31 +0000)]
Consider pmemrange regions when trying to free pages from the inactive list.

Instead of starting with the first page on the inactive list pick the first
one that fits in the range of a given pmemrange region.

Fix an issue where the page daemon would be hogging a CPU without freeing any
page because the global limits are satisfied.

The algorithm could certainly be revisited, the LRU is not really working and
there is a huge delay before recovering when the first pages need to be swapped and the system is in OOM situation but at least there is no starvation and the
system now recovers.

ok beck@, kettenis@

2 years agoUse new & shiny define for the maximum number of pages of a swap cluster.
mpi [Tue, 28 Jun 2022 19:23:08 +0000 (19:23 +0000)]
Use new & shiny define for the maximum number of pages of a swap cluster.

ok beck@, kettenis@

2 years agoPre-allocate pages in DMA-reachable region to ensure progress in the swapper.
mpi [Tue, 28 Jun 2022 19:19:34 +0000 (19:19 +0000)]
Pre-allocate pages in DMA-reachable region to ensure progress in the swapper.

Currently swap encryption is not done in place and some architectures need to
bounce pages into a DMA-reachable region for I/Os, for that uvm_swap_io() needs
to allocate at most 64K to write a swap cluster to disk.  Pre-allocate such
amount of memory to be sure the page daemon can make progress in OOM situation.

Also introduce a sleeping point to wait for the previous asynchronous I/O
holding the pre-allocated pages, there's no point in building clusters if no
progress can be made.

ok beck@, kettenis@

2 years agoReserve a second segment for the page daemon.
mpi [Tue, 28 Jun 2022 19:07:40 +0000 (19:07 +0000)]
Reserve a second segment for the page daemon.

This ensures uvm_swap_io() can succeeds even in OOM situations because two
uvm_pagermapin() allocations, requiring a segment each, are needed to bounce
or encrypt a swap cluster.

ok beck@, kettenis@

2 years agoHook up bgplgd into the build
claudio [Tue, 28 Jun 2022 18:47:54 +0000 (18:47 +0000)]
Hook up bgplgd into the build

2 years agoHook up bgplgd. Uses _bgplgd user with id 71:71 add a rc.d script and
claudio [Tue, 28 Jun 2022 18:46:00 +0000 (18:46 +0000)]
Hook up bgplgd. Uses _bgplgd user with id 71:71 add a rc.d script and
all the other rc plumbing.
OK deraadt@

2 years agoFix manpage from jmc@ but also fix the privdrop user to _bgplgd
claudio [Tue, 28 Jun 2022 16:56:29 +0000 (16:56 +0000)]
Fix manpage from jmc@ but also fix the privdrop user to _bgplgd

2 years agoA com_acpi_softc pointer is used as the interrupt callback cookie which
anton [Tue, 28 Jun 2022 16:29:56 +0000 (16:29 +0000)]
A com_acpi_softc pointer is used as the interrupt callback cookie which
is later on interpreted as a com_softc pointer. This is not a problem in
practice as a com_softc structure is the first member of the
com_acpi_softc structure.

Using the actual types consistently yields a better symmetry in my
opinion between registering the interrupt and the corresponding
interrupt handler.

ok deraadt@ kettenis@

2 years agoNo need to pass a copy of the bcmdmac_channel structure to predicate
anton [Tue, 28 Jun 2022 16:29:03 +0000 (16:29 +0000)]
No need to pass a copy of the bcmdmac_channel structure to predicate
routines.

ok deraadt@ kettenis@

2 years agoRemove commented out variables and excessive blank lines in
anton [Tue, 28 Jun 2022 16:28:08 +0000 (16:28 +0000)]
Remove commented out variables and excessive blank lines in
pluart_param().

2 years agoAdd bgplgd a fastcgi daemon that provide a REST JSON api to bgpctl.
claudio [Tue, 28 Jun 2022 16:11:30 +0000 (16:11 +0000)]
Add bgplgd a fastcgi daemon that provide a REST JSON api to bgpctl.
Most code stolen from slowcgi, it just exec bgpctl with -j.
Put it in tb@ deraadt@

2 years agoDon't call pipex_rele_session() when `session' is NULL.
mvs [Tue, 28 Jun 2022 16:10:43 +0000 (16:10 +0000)]
Don't call pipex_rele_session() when `session' is NULL.

Reported by Hrvoje Popovski. ok bluhm@

2 years agoTake away bogus error assignment before callback call.
beck [Tue, 28 Jun 2022 16:05:42 +0000 (16:05 +0000)]
Take away bogus error assignment before callback call.

Keep the depth which was needed.

This went an error too far, and broke openssl-ruby's callback
and error code sensitivity in it's tests.

With this removed, both my newly committed regress to verify
the same error codes and depths in the callback, and
openssl-ruby's tests pass again.

ok tb@

2 years agoBotan 2.19.2 has removed support for the OpenSSL crypto provider.
bluhm [Tue, 28 Jun 2022 15:46:07 +0000 (15:46 +0000)]
Botan 2.19.2 has removed support for the OpenSSL crypto provider.
It was incompatible with OpenSSL 3.0.  Remove the regression test
to check that LibreSSL crypto works with Botan tests.  This is
better than to keep an outdated Botan in ports.
discussed with tb@ beck@

2 years agoMove debug-only variable 'i' to be with the other debug-only
krw [Tue, 28 Jun 2022 15:35:24 +0000 (15:35 +0000)]
Move debug-only variable 'i' to be with the other debug-only
variables inside the #ifdef DEBUG block using them.

2 years agoAdapt netstat kvm code to ref count change in struct rtentry.
bluhm [Tue, 28 Jun 2022 15:17:23 +0000 (15:17 +0000)]
Adapt netstat kvm code to ref count change in struct rtentry.
found by otto@ the hard way

2 years agoFree ciphers before assigning to them
tb [Tue, 28 Jun 2022 14:51:37 +0000 (14:51 +0000)]
Free ciphers before assigning to them

While this is not a leak currently, it definitely looks like one.
Pointed out by jsing on review of a diff that touched the vicinity
a while ago.

ok jsing

2 years agoRemove unused field d_poll from struct cdevsw.
visa [Tue, 28 Jun 2022 14:43:50 +0000 (14:43 +0000)]
Remove unused field d_poll from struct cdevsw.

OK miod@ mpi@

2 years agofix syncookies in conjunction with tcp fast port reuse.
henning [Tue, 28 Jun 2022 13:48:06 +0000 (13:48 +0000)]
fix syncookies in conjunction with tcp fast port reuse.
This really pointed out that the place syncookies were hooked in was almost,
but not completely right. The way it was the special case for tcp fast port
reuse in pf_test_state wasn't hit, because the first packet
hitting that was the ACK from the peer finishing the 3WHS, and the
reconstructed SYN came after. We're now doing pf_find_state (and *only* that)
first, then syncookies, then going on so that the old state is thrown away
properly and we get a new one with the sequence number modulator set up
correctly
Bonus: -11 lines of code
tracked down (that took a while) + fixed under contract with Hush
Communications Canada; special thanks to Lyndon
ok sashan

2 years agounbreak build; found the hard way by stsp
florian [Tue, 28 Jun 2022 13:35:42 +0000 (13:35 +0000)]
unbreak build; found the hard way by stsp

2 years agosync
deraadt [Tue, 28 Jun 2022 13:06:21 +0000 (13:06 +0000)]
sync

2 years agoa start at qualcomm products
deraadt [Tue, 28 Jun 2022 13:05:42 +0000 (13:05 +0000)]
a start at qualcomm products

2 years agorewrite amd64 printing of cache details
jsg [Tue, 28 Jun 2022 12:11:41 +0000 (12:11 +0000)]
rewrite amd64 printing of cache details

Previously we looked at cpuid 0x80000005 for L1/TLB details
which Intel documents as reserved.
And cpuid 0x80000006 for L2 details.

Intel also encode cache details in cpuid 4.
AMD have mostly the same encoding with cpuid 0x8000001d
0x80000005/0x80000006 is used as a fallback.

Prompted by Intel Tiger Lake and Alder Lake machines
returning an associativity value of 7 from cpuid 0x80000006.
The previous code would print "disabled L2 cache", 7 is
documented by Intel as "See CPUID leaf 04H, sub-leaf 2".

tested by Hrvoje Popovski on EPYC 7413, and myself on various machines
ok mlarkin@

2 years agoMove the guts of uvm_aio_aiodone() into a separate function.
mpi [Tue, 28 Jun 2022 12:10:37 +0000 (12:10 +0000)]
Move the guts of uvm_aio_aiodone() into a separate function.

This will help dealing with error cases.

No functionnal changes.

2 years agoDon't ask the vlan question unless another network interface exists. ok deraadt
sthen [Tue, 28 Jun 2022 12:10:08 +0000 (12:10 +0000)]
Don't ask the vlan question unless another network interface exists. ok deraadt

Avoids a confusing question when no supported network devices is found, i.e.

"Available network interfaces are: vlan0.
Which network interface do you wish to configure? (or 'done') [vlan0]"

2 years agoCleanup the sleep loop in single_thread_check_locked(). The deep checks
claudio [Tue, 28 Jun 2022 12:08:17 +0000 (12:08 +0000)]
Cleanup the sleep loop in single_thread_check_locked(). The deep checks
only matter on entry and the pr->ps_single check is done in the while body.
With and OK mpi@

2 years agoTry to document 'announce policy' and add RFC 9234 to the list in bgpd.8
claudio [Tue, 28 Jun 2022 11:52:24 +0000 (11:52 +0000)]
Try to document 'announce policy' and add RFC 9234 to the list in bgpd.8
How RFC 9234 support will work in the long run may still change but
for now at least tell people how to use it.

2 years agoThe default state of enhanced refresh is no. So flip logic.
claudio [Tue, 28 Jun 2022 11:46:05 +0000 (11:46 +0000)]
The default state of enhanced refresh is no. So flip logic.
Fixes config regress. Found by anton@, discussed with tb@

2 years agoCheck for entries in the suberror names arrays that are NULL. Handle them
claudio [Tue, 28 Jun 2022 11:42:41 +0000 (11:42 +0000)]
Check for entries in the suberror names arrays that are NULL. Handle them
like other unknown ones. Also KNF the code a bit.
Was OK tb@ some time ago

2 years agoDo not clean PG_BUSY before calling uvm_anon_release().
mpi [Tue, 28 Jun 2022 10:45:55 +0000 (10:45 +0000)]
Do not clean PG_BUSY before calling uvm_anon_release().

Fix an assertion reported by gkoehler@.

ok kettenis@

2 years agoDo not consider adjacent pages when doing a CoW.
mpi [Tue, 28 Jun 2022 10:38:55 +0000 (10:38 +0000)]
Do not consider adjacent pages when doing a CoW.

Those pages should already be entered, this speeds up CoW faults.

Stolen from NetBSD.

ok miod@, kettenis@

2 years agoUse refcnt API for struct rtentry instead of hand-crafted atomic
bluhm [Tue, 28 Jun 2022 10:01:13 +0000 (10:01 +0000)]
Use refcnt API for struct rtentry instead of hand-crafted atomic
operations.
OK mvs@

2 years agoifconfig(8) return "Not supported" if you try to configure tso on a non-tso
jan [Tue, 28 Jun 2022 09:41:24 +0000 (09:41 +0000)]
ifconfig(8) return "Not supported" if you try to configure tso on a non-tso
supported interface.

pointed out by bluhm@

OK bluhm@

2 years agoUse btrace(8) to debug reference counting. dt(4) provides a static
bluhm [Tue, 28 Jun 2022 09:32:27 +0000 (09:32 +0000)]
Use btrace(8) to debug reference counting.  dt(4) provides a static
tracepoint for each type of refcnt we have.  As a start, add inpcb
and tdb refcnt.  When the counter changes, btrace may print the
actual object, the current counter, the change value and optionally
the stack trace.
discussed with visa@; OK mpi@

2 years agogc timeout_count, it's unused and I don't remember what I wanted to
florian [Tue, 28 Jun 2022 09:21:58 +0000 (09:21 +0000)]
gc timeout_count, it's unused and I don't remember what I wanted to
use it for.

2 years agoUse smi_string2oid instead of ober_string2oid in parse.y's oid definition.
martijn [Tue, 28 Jun 2022 09:11:33 +0000 (09:11 +0000)]
Use smi_string2oid instead of ober_string2oid in parse.y's oid definition.
This allows admins to configure oids as pretty symbolic names, next to the
current numeric names.

OK sthen@

2 years agoif we can't open the user db, don't try to read from a closed fh
espie [Tue, 28 Jun 2022 09:01:45 +0000 (09:01 +0000)]
if we can't open the user db, don't try to read from a closed fh

2 years agosome old signing code was still around
espie [Tue, 28 Jun 2022 08:47:10 +0000 (08:47 +0000)]
some old signing code was still around

2 years agoOnly asn1time needs to be static for now.
tb [Tue, 28 Jun 2022 08:44:26 +0000 (08:44 +0000)]
Only asn1time needs to be static for now.

2 years agoMake this regress test link staticly and use internal symbols
beck [Tue, 28 Jun 2022 08:41:17 +0000 (08:41 +0000)]
Make this regress test link staticly and use internal symbols
so that it works and compiles during the tb@ pre-bump shuffle(tm).

2 years agoThe ip6_hbhchcheck() function never reads the nxtp parameter, it
bluhm [Tue, 28 Jun 2022 08:24:29 +0000 (08:24 +0000)]
The ip6_hbhchcheck() function never reads the nxtp parameter, it
only sets its value.  It is more obvious to return the next protocol
or IPPROTO_DONE to signal error.  All IP protocol functions do that.
OK sashan@ florian@

2 years agoparse pkgpath further, so that we know the subpackage component, if any,
espie [Tue, 28 Jun 2022 08:15:43 +0000 (08:15 +0000)]
parse pkgpath further, so that we know the subpackage component, if any,
and flag multiple subpackages as an error

2 years agoAdd hardware ID for EHCI-compliant USB controller with standard debug.
kettenis [Tue, 28 Jun 2022 08:15:04 +0000 (08:15 +0000)]
Add hardware ID for EHCI-compliant USB controller with standard debug.

ok jsg@

2 years agoAdd hardware ID for XHCI-compliant USB controller without standard debug.
kettenis [Tue, 28 Jun 2022 08:14:03 +0000 (08:14 +0000)]
Add hardware ID for XHCI-compliant USB controller without standard debug.

ok jsg@

2 years agoIntroduce `pipexoutq' mbuf(9) queue, and put outgoing pipex(4) related
mvs [Tue, 28 Jun 2022 08:01:40 +0000 (08:01 +0000)]
Introduce `pipexoutq' mbuf(9) queue, and put outgoing pipex(4) related
PPPOE packets within. Do (*if_output)() calls within netisr handler with
netlock held.

We can't predict netlock state when pipex(4) related (*if_qstart)()
handlers called. This means we can't use netlock within pppac_qstart()
and pppx_if_qstart() handlers.

ok bluhm@

2 years agoFix the legacy verifier callback behaviour for untrusted certs.
beck [Tue, 28 Jun 2022 07:56:34 +0000 (07:56 +0000)]
Fix the legacy verifier callback behaviour for untrusted certs.

The verifier callback is used by mutt to do a form of certificate
pinning where the callback gets fired and depending on a
cert saved to a file will decide to accept an untrusted cert.

This corrects two problems that affected this. The callback was not
getting the correct depth and chain for the error where mutt would
save the certificate in the first place, and then the callback was not
getting fired to allow it to override the failing certificate
validation.

thanks to Avon Robertson <avon.r@xtra.co.nz> for the report and
sthen@ for analysis.

"The callback is not an API, it's a gordian knot - tb@"
ok jsing@

2 years agotparm %l should push strlen(pop) onto the stack not insert it into the
nicm [Tue, 28 Jun 2022 07:36:52 +0000 (07:36 +0000)]
tparm %l should push strlen(pop) onto the stack not insert it into the
result, from ncurses 5.9 patch 20130126:

    + change %l behavior in tparm to push the string length onto the
      stack rather than saving the formatted length into the output
      buffer (report by Roy Marples, cf: 980620).

ok millert

2 years agoreflect the update to -D arg name in usage();
jmc [Tue, 28 Jun 2022 06:09:14 +0000 (06:09 +0000)]
reflect the update to -D arg name in usage();

2 years agoUnbreak tree: add log_policy() implementation missing from previous commit.
tb [Tue, 28 Jun 2022 05:49:05 +0000 (05:49 +0000)]
Unbreak tree: add log_policy() implementation missing from previous commit.

2 years agospelling
jsg [Tue, 28 Jun 2022 04:36:29 +0000 (04:36 +0000)]
spelling

2 years agoRemove superfluous 'any'
job [Tue, 28 Jun 2022 01:40:29 +0000 (01:40 +0000)]
Remove superfluous 'any'

2 years agotransistion -> transition
jsg [Tue, 28 Jun 2022 01:12:44 +0000 (01:12 +0000)]
transistion -> transition

2 years agoEntensions -> Extensions
jsg [Tue, 28 Jun 2022 00:26:21 +0000 (00:26 +0000)]
Entensions -> Extensions

2 years agoallow arguments to sftp -D option, e.g.
djm [Mon, 27 Jun 2022 21:41:55 +0000 (21:41 +0000)]
allow arguments to sftp -D option, e.g.
sftp -D "/usr/libexec/sftp-server -el debug3"

ok markus@

2 years agoRework the rttimer code. Instead of a global queue and a global timeout
claudio [Mon, 27 Jun 2022 21:26:46 +0000 (21:26 +0000)]
Rework the rttimer code. Instead of a global queue and a global timeout
use a per rttimer struct timeout. On enqueue the struct rttimer belongs
to the timeout, in case the route is removed before the timer fires
cleanup based on the timeout_del() return value. If the timeout currently
running then just clear the rtt_rt pointer and let the timeout handle the
cleanup. This should hopefully fix the icmp_pmtu_timeout crashes reported
by some people.
OK bluhm@

2 years agoPush the kernel lock down into arpresolve(). We still need it to
bluhm [Mon, 27 Jun 2022 20:47:10 +0000 (20:47 +0000)]
Push the kernel lock down into arpresolve().  We still need it to
prevent concurrent access to rt_llinfo from rtrequest_delete().
But the common case, when the MAC address is already known, works
without lock.
tested by Hrvoje Popovski; OK mvs@

2 years agoRevert 1.44; that slow getsecs() workaround had been added for the sake of
miod [Mon, 27 Jun 2022 20:22:26 +0000 (20:22 +0000)]
Revert 1.44; that slow getsecs() workaround had been added for the sake of
an i386 system noone remembers details about and which is unlikely to be
relevant those days, and has been found to misbehave on some modern systems,
such as the OnLogic Helix 500, or RPi4 with glass console.

2 years agoFix comment.
miod [Mon, 27 Jun 2022 20:14:51 +0000 (20:14 +0000)]
Fix comment.

2 years agoFix white space and wrap long lines.
bluhm [Mon, 27 Jun 2022 17:15:35 +0000 (17:15 +0000)]
Fix white space and wrap long lines.

2 years agozap extraneous .Pp
jmc [Mon, 27 Jun 2022 16:39:34 +0000 (16:39 +0000)]
zap extraneous .Pp

2 years agotweak the tso text a little;
jmc [Mon, 27 Jun 2022 16:27:03 +0000 (16:27 +0000)]
tweak the tso text a little;

2 years agoDelete the ancient "hold Shift key to force CHS" code. Noone has needed
deraadt [Mon, 27 Jun 2022 16:10:07 +0000 (16:10 +0000)]
Delete the ancient "hold Shift key to force CHS" code.  Noone has needed
this in decades.
ok sthen krw

2 years agovmm: move ept pointer configuration to vcpu_init_vmx
dv [Mon, 27 Jun 2022 15:12:14 +0000 (15:12 +0000)]
vmm: move ept pointer configuration to vcpu_init_vmx

No need to be twiddling eptp in vcpu_reset_regs.

ok mlarkin@

2 years agoIntroduce Large Receive Offloading of TCP segment offloading for ix(4). It is
jan [Mon, 27 Jun 2022 15:11:23 +0000 (15:11 +0000)]
Introduce Large Receive Offloading of TCP segment offloading for ix(4).  It is
disabled by default.  Also add a tso option to ifconfig(8) to enable and
disable this feature.

ok deraadt

2 years agovmm: zero virtual addresses of vcpu state pages after freeing
dv [Mon, 27 Jun 2022 15:05:34 +0000 (15:05 +0000)]
vmm: zero virtual addresses of vcpu state pages after freeing

Consolidate the km_free calls while at it.

ok mlarkin@

2 years agoCorrect misleading comment for URI parsing
beck [Mon, 27 Jun 2022 15:03:11 +0000 (15:03 +0000)]
Correct misleading comment for URI parsing

ok jsing@

2 years agokbind(2): unlock syscall, push kernel lock down to binding loop
cheloha [Mon, 27 Jun 2022 14:26:05 +0000 (14:26 +0000)]
kbind(2): unlock syscall, push kernel lock down to binding loop

- Rearrange the security check code in sys_kbind() so that we only
  need to take the kernel lock once if we need to raise SIGILL.

- Protect process.ps_kbind_addr and process.ps_kbind_cookie with
  process.ps_mtx.  This is easier to do after the aforementioned
  rearrangement.  Under normal circumstances this isn't necessary:
  the process is single-threaded when we initialize kbind(2).
  But in stranger situations this brief mutex ensures that the
  first thread to reach sys_kbind() initializes both variables.

- Wrap the binding loop with the kernel lock.  We need to carefully
  confirm that uvm_unmap_remove(), uvm_map_extract(), and
  uvm_unmap_detach() are MP-safe in a subsequent patch before
  completely removing the kernel lock from sys_kbind().

- Remove the kernel lock from kbind(2) in syscalls.master.

Prompted by mpi@, dlg@, and deraadt@.  Current patch workshopped with
deraadt@.  Based on a patch from dlg@.

With input from dlg@, bluhm@, mpi@, kettenis@, deraadt@, and
guenther@.

Thread: https://marc.info/?l=openbsd-tech&m=165274831829349&w=2

ok deraadt@ kettenis@ mpi@

2 years agoAdd function to free all of the issuer cache.
beck [Mon, 27 Jun 2022 14:23:40 +0000 (14:23 +0000)]
Add function to free all of the issuer cache.

ok jsing@

2 years agoRemove switch(4) leftovers.
visa [Mon, 27 Jun 2022 14:11:44 +0000 (14:11 +0000)]
Remove switch(4) leftovers.

OK deraadt@ mpi@ claudio@ miod@

2 years agoAllow security_level to mestastasize into the verifier
tb [Mon, 27 Jun 2022 14:10:22 +0000 (14:10 +0000)]
Allow security_level to mestastasize into the verifier

The tentacles are everywhere.  This checks that all certs in a chain
have keys and signature algorithms matching the requirements of the
security_level configured in the verify parameters.

ok beck jsing

2 years agoPrepare to provide X509_VERIFY_PARAM_set_auth_level()
tb [Mon, 27 Jun 2022 14:00:09 +0000 (14:00 +0000)]
Prepare to provide X509_VERIFY_PARAM_set_auth_level()

For some unknown reason this needed a different name than security_level,
both internally and in the public API. Obviously it is exactly the same
garbage.

ok beck jsing

2 years agoAdd new time manipulation funcitons that OpenSSL has exposed that
beck [Mon, 27 Jun 2022 13:54:57 +0000 (13:54 +0000)]
Add new time manipulation funcitons that OpenSSL has exposed that
the world seems to be using.

Symbols.list changes and exposure to wait for minor bump

ok jsing@ jca@

2 years agoinstall script no longer creates a dhclient.conf under any circumstances,
deraadt [Mon, 27 Jun 2022 13:48:38 +0000 (13:48 +0000)]
install script no longer creates a dhclient.conf under any circumstances,
so we do not need to copy it to the new system.

2 years agoFix lock order reversal in nfs_inactive()
visa [Mon, 27 Jun 2022 13:39:58 +0000 (13:39 +0000)]
Fix lock order reversal in nfs_inactive()

Make the silly file removal happen after the vnode has been unlocked.
This avoids a file-directory reversal in the vnode locking order.

OK jca@

2 years agokqueue: Clear task when closing kqueue
visa [Mon, 27 Jun 2022 13:35:21 +0000 (13:35 +0000)]
kqueue: Clear task when closing kqueue

When closing a kqueue, block until any pending wakeup task has finished.
Otherwise, if a pending task progressed slowly, the kqueue could stay
alive longer than the associated file descriptor table, causing
a use-after-free in KQRELE().

This also fixes a failed assertion "p->p_kq->kq_refcnt.r_refs == 1" in
kqpoll_exit().

The use-after-free bug had existed since the introduction of
kqueue_task() (the bug could occur if fdplock() blocked in KQRELE()).
However, the issue became worse when the task was allowed to run without
the kernel lock in sys/kern/kern_event.c r1.187.

Prompted by a report from Mikhail on bugs@.

OK mpi@

Reported-by: syzbot+fca7e4fa773c90886819@syzkaller.appspotmail.com
2 years agoRegress test for the open policy role capability. Make sure it properly
claudio [Mon, 27 Jun 2022 13:29:40 +0000 (13:29 +0000)]
Regress test for the open policy role capability. Make sure it properly
fails when enforced or there is a missmatch and that the session is accepeted
if the roles match.

2 years agobgpctl bits for RFC 9234 support.
claudio [Mon, 27 Jun 2022 13:27:38 +0000 (13:27 +0000)]
bgpctl bits for RFC 9234 support.
OK tb@

2 years agoAdd support for RFC 9234 - Route Leak Prevention and Detection Using Roles
claudio [Mon, 27 Jun 2022 13:26:51 +0000 (13:26 +0000)]
Add support for RFC 9234 - Route Leak Prevention and Detection Using Roles

With this it is possible to send a role in the OPEN message and if that
was successful the RDE will add the new OTC attribute if necessary.
OK tb@

2 years agoRemember the error of ucomreadcb() for the next ucomread() call and returns an
jan [Mon, 27 Jun 2022 13:14:49 +0000 (13:14 +0000)]
Remember the error of ucomreadcb() for the next ucomread() call and returns an
EIO.  Thus the userland notices the error and closes the device.  We forget the
error on reopen and the device works again.

Ok mbuhl

2 years agoAllow the pluart(4) baud rate to be changed.
anton [Mon, 27 Jun 2022 13:03:32 +0000 (13:03 +0000)]
Allow the pluart(4) baud rate to be changed.

It's most likely that users have the wrong baud rate in /etc/ttys as
this was corrected in revision 1.11 of sys/dev/ic/pluart.c. Make sure to
change the console baud rate from 38400 to 115200 in /etc/ttys before
upgrading.

ok visa@

2 years agoInstead of calling getuptime() all the time in ARP code, do it only
bluhm [Mon, 27 Jun 2022 12:47:07 +0000 (12:47 +0000)]
Instead of calling getuptime() all the time in ARP code, do it only
once per function.  This gives a more consistent time value.
OK claudio@ miod@ mvs@

2 years agoPrepare to provide EVP_PKEY_security_bits()
tb [Mon, 27 Jun 2022 12:36:05 +0000 (12:36 +0000)]
Prepare to provide EVP_PKEY_security_bits()

This also provides a pkey_security_bits member to the PKEY ASN.1 methods
and a corresponding setter EVP_PKEY_asn1_set_security_bits().

ok beck jsing

2 years agoPrepare to provide DH_security_bits()
tb [Mon, 27 Jun 2022 12:31:38 +0000 (12:31 +0000)]
Prepare to provide DH_security_bits()

ok beck jsing

2 years agoPrepare to provide RSA_security_bits()
tb [Mon, 27 Jun 2022 12:30:28 +0000 (12:30 +0000)]
Prepare to provide RSA_security_bits()

ok beck jsing

2 years agoPrepare to provide DSA_security_bits()
tb [Mon, 27 Jun 2022 12:28:46 +0000 (12:28 +0000)]
Prepare to provide DSA_security_bits()

ok beck jsing

2 years agoPrepare to provide BN_security_bits()
tb [Mon, 27 Jun 2022 12:25:49 +0000 (12:25 +0000)]
Prepare to provide BN_security_bits()

ok beck jsing

2 years agoMove rc.firsttime additions before some slower jobs run from install.sub.
sthen [Mon, 27 Jun 2022 11:01:41 +0000 (11:01 +0000)]
Move rc.firsttime additions before some slower jobs run from install.sub.
Reduces the risk of post-upgrade steps (sysmerge -b etc) being missed if
there was some issue with those jobs e.g. fw_update or reorder_kernel
triggering watchdog or an impatient admin to reboot the system. ok florian@

2 years agoMostly rewrite appl_request_upstream_reply.
martijn [Mon, 27 Jun 2022 10:31:17 +0000 (10:31 +0000)]
Mostly rewrite appl_request_upstream_reply.
The old code had a potential off by one underflow, which is unlikely to be
hit with the current builtin backend, and didn't show the returned
varbindlist correct.

OK sthen@

2 years agoInitialize oidbuf and regionbuf when registering a region in appl_region.
martijn [Mon, 27 Jun 2022 10:25:32 +0000 (10:25 +0000)]
Initialize oidbuf and regionbuf when registering a region in appl_region.
This prevents us from spewing garbage on error.

regionbuf case pointed out by tb@

OK deraadt@ tb@

2 years agoAdd skiplist option to steer clear of skiplisted hosts
job [Mon, 27 Jun 2022 10:18:27 +0000 (10:18 +0000)]
Add skiplist option to steer clear of skiplisted hosts

Blocking outbound connections towards RPKI publication servers based
on IP or IPv6 address in external instrumentation like HTTP proxies
or pf(4) rules is somewhat unwieldy. It might be easier for operators
if we offer a mechanism that cuts at the CA cert SIA parsing step.

OK claudio@ tb@

2 years agoDo not run receive and transmit interrupt handlers when the bnxt(4)
bluhm [Mon, 27 Jun 2022 10:02:20 +0000 (10:02 +0000)]
Do not run receive and transmit interrupt handlers when the bnxt(4)
interface is not running.  Prevents a panic triggered by ifconfig
bnxt0 down.
found by Hrvoje Popovski; OK jmatthew@

2 years agoFix bwfm(4) ifconfig media display on devices with sta_info command version 3.
stsp [Mon, 27 Jun 2022 09:16:56 +0000 (09:16 +0000)]
Fix bwfm(4) ifconfig media display on devices with sta_info command version 3.

ok jsg@

2 years agoTweak previous - find end of style correctly.
nicm [Mon, 27 Jun 2022 09:16:54 +0000 (09:16 +0000)]
Tweak previous - find end of style correctly.

2 years agoDo not expand single character format aliases inside #[] since they
nicm [Mon, 27 Jun 2022 09:14:49 +0000 (09:14 +0000)]
Do not expand single character format aliases inside #[] since they
interfere with colours. GitHub issue 3239 from Magnus Gross.

2 years agoDon't copy more than sa_len from the sockaddr to the sysctl / rt msg buffer.
claudio [Mon, 27 Jun 2022 08:15:38 +0000 (08:15 +0000)]
Don't copy more than sa_len from the sockaddr to the sysctl / rt msg buffer.
In the rt msg buffer the size of the full buffer is calculated first then
filled out after allocating the mbuf. In the sysctl code this is not needed
since the buffer is already provided.
OK mvs@

2 years agoWhitespace/KNF
mlarkin [Mon, 27 Jun 2022 08:00:31 +0000 (08:00 +0000)]
Whitespace/KNF

2 years agoamdgpio(4): restore pin configuration on resume
mlarkin [Mon, 27 Jun 2022 07:55:28 +0000 (07:55 +0000)]
amdgpio(4): restore pin configuration on resume

Save/restore the pin configuration on suspend/resume for amdgpio(4).
This fixes missing interrupts after resume for trackpads on some
machines, including the ROG Zephyrus 14 and the HP DevOne (and probably
others).

Code based on pchgpio(4).

ok deraadt, kettenis

2 years agoMark `pipex_enable' as atomic. We never check `pipex_enable' within
mvs [Sun, 26 Jun 2022 22:51:58 +0000 (22:51 +0000)]
Mark `pipex_enable' as atomic. We never check `pipex_enable' within
(*if_qstart)() and we don't worry it's not serialized with the rest of
output path. Also we will process already enqueued pipex(4) packets
regardless on `pipex_enable' state.

Use the local copy of `pipex_enable' within pppx_if_output(), otherwise we
loose consistency.

pointed and ok by bluhm@

2 years agoDon't reset `idle_time' timeout on closed pipex(4) sessions in packet
mvs [Sun, 26 Jun 2022 21:29:34 +0000 (21:29 +0000)]
Don't reset `idle_time' timeout on closed pipex(4) sessions in packet
processing path. Such sessions already reached time to live timeout, and
the garbage collector waits a little to before kill them. Otherwise we
could make session's life time more then PIPEX_CLOSE_TIMEOUT.

ok bluhm@

2 years agoDon't take kernel lock on pipex(4) pppoe input. This extra serialization
mvs [Sun, 26 Jun 2022 21:19:53 +0000 (21:19 +0000)]
Don't take kernel lock on pipex(4) pppoe input. This extra serialization
is not required. In packet processing path we have shared netlock held,
but we do read-only access on per session `flags' and `ifindex'. We always
modify them from ioctl(2) path with exclusive netlock held. The rest of
pipex(4) session is immutable or uses per-session locks.

ok bluhm@