openbsd
15 months agoWhen detaching devices when we suspend, we need to continue processing
kettenis [Sun, 16 Jul 2023 09:33:18 +0000 (09:33 +0000)]
When detaching devices when we suspend, we need to continue processing
command completion events.  So only return early in xhci_softintr() if
the controller is dead instead of dying.  This fixes USB suspend/resume
in Apple M1/M2.

ok mlarkin@, deraadt@

15 months agorelayd: remove ENGINE dependency
tb [Sun, 16 Jul 2023 09:23:33 +0000 (09:23 +0000)]
relayd: remove ENGINE dependency

What is achieved here through ENGINE can be done in a much simpler way
by setting the default RSA implementation. Drop a number of indirections
that only add a bit of logging. This removes a lot of boiler plate and
shows where the actual magic happens more clearly.

ok op tobhe

15 months agoecc_cdh: plug leak of peer public key
tb [Sun, 16 Jul 2023 08:25:41 +0000 (08:25 +0000)]
ecc_cdh: plug leak of peer public key

15 months agoecdhtest: Drop unnecessary constant and unneeded includes
tb [Sun, 16 Jul 2023 07:34:07 +0000 (07:34 +0000)]
ecdhtest: Drop unnecessary constant and unneeded includes

15 months agoMake remaining unstable tests fail consistently by adjusting the
anton [Sun, 16 Jul 2023 06:36:18 +0000 (06:36 +0000)]
Make remaining unstable tests fail consistently by adjusting the
modification time of the problematic file(s), causing the check_file()
routine to always hit the "file exists and is possible match" case.

While here, sync expected failures with reality.

15 months agoMake the mbstat preserve the same size which is actually used. Also
yasuoka [Sun, 16 Jul 2023 03:01:31 +0000 (03:01 +0000)]
Make the mbstat preserve the same size which is actually used.  Also
revert the previous that the mbstat is located on the stack.

ok claudio

15 months agoecdhtest: fix a couple bugs plus some cosmetic tweaks
tb [Sun, 16 Jul 2023 00:16:42 +0000 (00:16 +0000)]
ecdhtest: fix a couple bugs plus some cosmetic tweaks

15 months agofix include directive - this is make, not C
tb [Sat, 15 Jul 2023 23:40:46 +0000 (23:40 +0000)]
fix include directive - this is make, not C

15 months agoRework the ecdhtest
tb [Sat, 15 Jul 2023 23:35:02 +0000 (23:35 +0000)]
Rework the ecdhtest

Test keyshare for all built-in curves and simplify, especially printing
on failure. Incorporate known answer tests from RFC 5114 and RFC 5903.
All in all, this is a lot less code and a lot more test coverage and
hopefully a little less eyebleed.

Very loosely based on OpenSSL b438f0ed by Billy Brumley

15 months agosync with <sys/namei.h>; 'looks good' deraadt
kn [Sat, 15 Jul 2023 23:01:25 +0000 (23:01 +0000)]
sync with <sys/namei.h>;  'looks good' deraadt

Document missing struct nameidata members and fix one member's const-ness.
Add REALPATH flag from 2019.

15 months agoFix return value check for ECDH_compute_key()
tb [Sat, 15 Jul 2023 20:11:37 +0000 (20:11 +0000)]
Fix return value check for ECDH_compute_key()

ECDH_compute_key() usually returns -1 on error (but sometimes 0). This
was also the case in OpenSSL when these tests were written. This will
soon change. The check for <= 0 will still be correct.

15 months agoAdd test coverage for cofactor ECDH using NIST test vectors
tb [Sat, 15 Jul 2023 19:51:13 +0000 (19:51 +0000)]
Add test coverage for cofactor ECDH using NIST test vectors

Since all non-binary NIST curves have cofactor 1, this is in effect plain
ECDH. Current regress coverage of ECDH is quite lacking on architectures
where Go isn't available. This fixes that.

Actual cofactor ECDH support may be added soon to libcrypto, at which
point I will also add testcases with cofactor > 1.

15 months agoImplement PAC support.
kettenis [Sat, 15 Jul 2023 19:35:53 +0000 (19:35 +0000)]
Implement PAC support.

ok patrick@

15 months agoLink symbols test to build
tb [Sat, 15 Jul 2023 19:32:54 +0000 (19:32 +0000)]
Link symbols test to build

15 months agoremove accidentally imported files again
tb [Sat, 15 Jul 2023 19:31:02 +0000 (19:31 +0000)]
remove accidentally imported files again

15 months agoImport a version of libcrypto's symbols test for libssl
tb [Sat, 15 Jul 2023 19:29:44 +0000 (19:29 +0000)]
Import a version of libcrypto's symbols test for libssl

15 months agoRemove stray argument name in function prototype.
kettenis [Sat, 15 Jul 2023 19:21:47 +0000 (19:21 +0000)]
Remove stray argument name in function prototype.

15 months agovmd(8): fix use of qcow base images.
dv [Sat, 15 Jul 2023 18:32:21 +0000 (18:32 +0000)]
vmd(8): fix use of qcow base images.

The vm process was prematurely setting device fds to not close-on-exec
and then trying to close(2) them after the fork(2) of the device
process.

This caused a reuse of an fd for one of the socketpair(2)'s for
communication between vm and device. Having device processes close(2)
other device fds after fork would break the socketpair, causing the
device to fail during startup post-exec when trying to receive its
device state from the parent vm process.

Instead, mark the fds to not close on exec post-fork(2) call allowing
other device fds to be closed automatically and avoid closing by
the tracked fd.

Reported by solene@. OK tb@.

15 months agoMop up MD32_XARRAY from md5.
jsing [Sat, 15 Jul 2023 15:37:05 +0000 (15:37 +0000)]
Mop up MD32_XARRAY from md5.

MD32_XARRAY was added as a workaround for a broken HP C compiler (circa
1999). Clean it up to simplify the code.

No change in generated assembly.

15 months agoMop up MD32_XARRAY from md4.
jsing [Sat, 15 Jul 2023 15:30:43 +0000 (15:30 +0000)]
Mop up MD32_XARRAY from md4.

MD32_XARRAY was added as a workaround for a broken HP C compiler (circa
1999). Clean it up to simplify the code.

No change in generated assembly.

15 months agoAdd mute control. This makes the mute button on laptops that use
kettenis [Sat, 15 Jul 2023 13:35:17 +0000 (13:35 +0000)]
Add mute control.  This makes the mute button on laptops that use
tascodec(4) work.

ok tobhe@

15 months agoPrevent patch(1) from scribbling all over the place.
florian [Sat, 15 Jul 2023 10:42:54 +0000 (10:42 +0000)]
Prevent patch(1) from scribbling all over the place.

Arguably the only sensible use of patch(1) is changing files in the
current working directory and subdirectories.

However, patch(1) has this anti-feature, or dare I say bug, where it
will happily follow "../" upwards and outside of the current working
directory to find files to change. All it takes is a line like
+++ ../../../../home/florian/.ssh/authorized_keys
in the patchfile.

patch(1) operates on untrusted input and it already pledge(2)'ed to
not execute arbitrary programs, but of course it needs to write
files.

A simple unveil(".", "rwc") restricts patch(1) to its current working
directory.

We also need to allow /tmp and potentially the output file and reject
file if given on the command line. But those paths are safe.

input op, deraadt
OK millert, sthen

15 months agoSet extended keys flag again after reset, from Eric T Johnson.
nicm [Fri, 14 Jul 2023 19:32:59 +0000 (19:32 +0000)]
Set extended keys flag again after reset, from Eric T Johnson.

15 months agoCheck if the OWN bit of Tx descriptor instead of Rx descriptor is set
kevlo [Fri, 14 Jul 2023 14:28:47 +0000 (14:28 +0000)]
Check if the OWN bit of Tx descriptor instead of Rx descriptor is set
in rtwn_tx().

Because definitions of R92C_TXDW0_OWN and R92C_RXDW0_OWN are the same,
no functional change.

ok stsp@

15 months agoCleanup mrt message handling. Remove the DUMP_XYZ() macros and replace
claudio [Fri, 14 Jul 2023 10:30:53 +0000 (10:30 +0000)]
Cleanup mrt message handling. Remove the DUMP_XYZ() macros and replace
them with direct calls to for example ibuf_add_n16(). Further cleanup
the error handling and use goto fail in most places. Remove many of the
error messages and combine all the possible ibuf errors in one place.
For this remove most warnings from internal functions (also mark all
internal helper functions with static to make that more obvious).
There are still some cases where an error will result in to warnings but
those errors are unreachable in normal operations.
OK tb@

15 months agoInclude stdint.h for SIZE_MAX. Fixes OPENSSL=no build.
dtucker [Fri, 14 Jul 2023 07:44:21 +0000 (07:44 +0000)]
Include stdint.h for SIZE_MAX.  Fixes OPENSSL=no build.

15 months agoDo not ignore the AF_LINK entries of carp(4) interfaces.
gerhard [Fri, 14 Jul 2023 07:09:00 +0000 (07:09 +0000)]
Do not ignore the AF_LINK entries of carp(4) interfaces.

OK kn@

15 months agostruct sleep_state is no longer used, remove it.
claudio [Fri, 14 Jul 2023 07:07:08 +0000 (07:07 +0000)]
struct sleep_state is no longer used, remove it.
Also remove the priority argument to sleep_finish() the code can use
the p_flag P_SINTR flag to know if the signal check is needed or not.
OK cheloha@ kettenis@ mpi@

15 months agoadd defence-in-depth checks for some unreachable integer overflows
djm [Fri, 14 Jul 2023 05:31:44 +0000 (05:31 +0000)]
add defence-in-depth checks for some unreachable integer overflows
reported by Yair Mizrahi @ JFrog; feedback/ok millert@

15 months agoRefactor ASN1_item_sign_ctx()
tb [Thu, 13 Jul 2023 20:59:10 +0000 (20:59 +0000)]
Refactor ASN1_item_sign_ctx()

Oh, joy! The muppets had a feast: they could combine the horrors of EVP
with X.509... Return values between -1 and 3 indicating how much work
needs to be done, depending on whether methods are present or absent.
Needless to say that RSA and EdDSA had inconsistent return values until
recently.

Instead of interleaving if/else branches, split out two helper functions
that do essentially independent things, which results in something that
isn't entirely bad. Well, at least not compared to the surrounding code.

asn1_item_set_algorithm_identifiers() extracts the signature algorithm
from the digest and pkey if known, and sets it on the two X509_ALGOR that
may or may not have been passed in.

asn1_item_sign() converts data into der and signs.

Of course there were also a few leaks and missing error checks.

ok jsing

15 months agobcmp(3) tries to return length, which is a size_t, as an int.
millert [Thu, 13 Jul 2023 20:33:30 +0000 (20:33 +0000)]
bcmp(3) tries to return length, which is a size_t, as an int.
Instead, just return 1 if there is a difference, else 0.
Fixed by ray@ in 2008 but the libkern version was not synced.
OK deraadt@

15 months ago- use IS_ELF() to check the ELF magic bytes
jasper [Thu, 13 Jul 2023 19:04:50 +0000 (19:04 +0000)]
- use IS_ELF() to check the ELF magic bytes
- reject non-sensical program header values which would result in a crash
  when accessing the 0 bytes sized buffer allocated due to it

ok deraadt@ kettenis@

15 months agovmd(8): pull validation into local prefix parser.
dv [Thu, 13 Jul 2023 18:31:59 +0000 (18:31 +0000)]
vmd(8): pull validation into local prefix parser.

Validation for local prefixes, both inet and inet6, was scattered
around. To make it even more confusing, vmd was using generic address
parsing logic from prior network daemons. vmd doesn't need to parse
addresses other than when parsing the local prefix settings in
vm.conf and no runtime parsing is needed.

This change merges parsing and validation based on vmd's specific
needs for local prefixes (e.g. reserving enough bits for vm id and
network interface id encoding in an ipv4 address). In addition, it
simplifies the struct from a generic address struct to one focused
on just storing the v4 and v6 prefixes and masks. This cleans up an
unused TAILQ struct member that isn't used by vmd and was leftover
copy-pasta from those prior daemons.

The address parsing that vmd uses is also updated to using the
latest logic in bgpd(8).

ok mlarkin@

15 months agoCheck input before trying to disable a non-existing daemon to prevent parsing
ajacoutot [Thu, 13 Jul 2023 13:54:27 +0000 (13:54 +0000)]
Check input before trying to disable a non-existing daemon to prevent parsing
bogus characters and outputing hell on the console.

based on an initial submission from Anthony Coulter, thanks!

15 months agoUse the deep idle state available on Apple M1/M2 cores in the idle loop and
kettenis [Thu, 13 Jul 2023 08:33:36 +0000 (08:33 +0000)]
Use the deep idle state available on Apple M1/M2 cores in the idle loop and
for suspend.  This state makes the CPU lose some of its register state so
we need to save these registers before putting the core to sleep and
restore them when we wake up.  This deep idle state has a higher wakeup
latency than the normal WFI idle state.  Use similar logic as acpucpu(4) to
decide which idle state to pick.

If some cores of a cluster are in this deep idle state, turbo states become
available to the cores that remain active.  So stop skipping these states.
This improves single-core performance a little bit.

The main win is in power savings when running in a state with a high clock
frequency.  My M2 Pro mini goes from 14W to 6.5W when idle at the maximum
clock frequency.  But event at the lowest clock frequency there are small
but significant power savings.

ok deraadt@, tobhe@

15 months agoChange function definitions using the identifier-list form used in the
jsg [Thu, 13 Jul 2023 07:31:12 +0000 (07:31 +0000)]
Change function definitions using the identifier-list form used in the
1st edition of Kernighan and Ritchie's The C Programming Language, to
that of the parameter-type-list form described in the ANSI X3.159-1989
standard.

In ISO/IEC 9899:2023 drafts, there is only one form of function definition.
"N2432 Remove support for function definitions with identifier lists".

15 months agoUse 8 for underscore colour defaults instead of 0 which is less
nicm [Thu, 13 Jul 2023 06:03:48 +0000 (06:03 +0000)]
Use 8 for underscore colour defaults instead of 0 which is less
confusing, and fix writing tge default colour. GitHub issue 3627.

15 months agovalidate alignment of ELF program headers
jasper [Wed, 12 Jul 2023 19:49:06 +0000 (19:49 +0000)]
validate alignment of ELF program headers

15 months agoaddress incomplete validation of ELF program headers in execve(2) which could lead
jasper [Wed, 12 Jul 2023 19:34:14 +0000 (19:34 +0000)]
address incomplete validation of ELF program headers in execve(2) which could lead
to a panic in vmcmd_map_readvn() with a malformed binary/interpreter.

original crash found with Melkor, additional validation provided by
guenther@.

ok kettenis@ guenther@ deraadt@

15 months agoGPROF: sleep_state: disable _mcount() across suspend/resume
cheloha [Wed, 12 Jul 2023 18:40:06 +0000 (18:40 +0000)]
GPROF: sleep_state: disable _mcount() across suspend/resume

Something in the amd64 resume path doesn't agree with _mcount(), so
suspend/resume always fails if gmoninit is non-zero.  It would be nice
if GPROF kernels didn't crash during resume.

In sleep_state(), (1) clear gmoninit after sched_stop_secondary_cpus()
so the primary CPU isn't racing sysctl(2) on another CPU, and (2)
restore gmoninit just after resume_mp() so the secondary CPUs are out
of cpu_hatch() and away from whatever is causing the crash before
_mcount() is reenabled.

Lots of input from claudio@, deraadt@, and kettenis@.

Thread 1: https://marc.info/?l=openbsd-tech&m=168721453821801&w=2
Thread 2: https://marc.info/?l=openbsd-tech&m=168892518722935&w=2

ok kettenis@ deraadt@

15 months agoAdd test which consistently triggers the problem with test6_perms,
anton [Wed, 12 Jul 2023 18:36:06 +0000 (18:36 +0000)]
Add test which consistently triggers the problem with test6_perms,
omitting all other irrelevant files.

15 months agoReport fork errors as this test is likely to hit the default
anton [Wed, 12 Jul 2023 18:21:39 +0000 (18:21 +0000)]
Report fork errors as this test is likely to hit the default
kern.maxproc limit.

15 months agomissing word; from thib4711
jmc [Wed, 12 Jul 2023 18:14:13 +0000 (18:14 +0000)]
missing word; from thib4711

15 months agoFix solock()/sounlock() usage.
mvs [Wed, 12 Jul 2023 16:10:45 +0000 (16:10 +0000)]
Fix solock()/sounlock() usage.

This time solock() doesn't return value and sounlock() hasn't second
parameter. Bi-directional Forwarding Detection is disabled by default,
so it was forgotten when solock()/sounlock() were changed.

Build test done with BFD option.

ok phessler claudio

15 months agoDon't run off the end of path if it ends in /.
florian [Wed, 12 Jul 2023 15:45:34 +0000 (15:45 +0000)]
Don't run off the end of path if it ends in /.
OK op, sthen

15 months agobasename(3) can fail, prevent segfault in strlen(3).
florian [Wed, 12 Jul 2023 15:44:47 +0000 (15:44 +0000)]
basename(3) can fail, prevent segfault in strlen(3).
OK tb, sthen

15 months agoAdd regress test to check for bad attribute lenght for optional transitive
claudio [Wed, 12 Jul 2023 15:34:59 +0000 (15:34 +0000)]
Add regress test to check for bad attribute lenght for optional transitive
attributes.

15 months agoUpdate rde_community_test after the major change in how attributes and
claudio [Wed, 12 Jul 2023 15:27:11 +0000 (15:27 +0000)]
Update rde_community_test after the major change in how attributes and
communities are written.

15 months agoUpdate OpenBGPD to use new ibuf API.
claudio [Wed, 12 Jul 2023 14:45:42 +0000 (14:45 +0000)]
Update OpenBGPD to use new ibuf API.

This replaces the old way of using a static buffer and a len to build
UPDATEs with a pure ibuf solution. The result is much cleaner and a lot
of almost duplicate code can be removed because often a version for ibufs
and one for this static buffer was implemented (e.g. for mrt or bgpctl).
With and OK tb@

15 months agoWork around use after free in httpd(8)
tb [Wed, 12 Jul 2023 12:37:27 +0000 (12:37 +0000)]
Work around use after free in httpd(8)

A malformed HTTP request can cause httpd in fastcgi mode to crash due to a
use-after-free. This is an awful hack, but it's good enough until someone
figures out the correct way of dealing with server_close() here.

"this will do the trick for now" claudio
ok beck deraadt

15 months agoIn rde_attr_parse() if an attribute causes a parse error which results in
claudio [Wed, 12 Jul 2023 12:31:28 +0000 (12:31 +0000)]
In rde_attr_parse() if an attribute causes a parse error which results in
a treat-as-withdraw consume the full attribute by updating plen else the
parser will fail parsing a possible next element which results in a
session reset.

Initial report by Ben Cox (ben at benjojo.co.uk)
OK tb@

15 months agoUse ssize_t instead of short for line lengths
tb [Wed, 12 Jul 2023 11:26:13 +0000 (11:26 +0000)]
Use ssize_t instead of short for line lengths

sthen hit a binary patch containing a 'line' of length > 32kB. This made
the short used for storing the line length wrap and resulted in a buffer
underflow and segfault.  This uses a larger type, which doesn't actually
fix the problem, but makes it much less likely to be hit.

ok florian otto sthen

15 months agoRevert accidental addition of cofactor ECDH support
tb [Wed, 12 Jul 2023 08:54:18 +0000 (08:54 +0000)]
Revert accidental addition of cofactor ECDH support

This snuck in with ech_key.c r1.33 because I committed from a dirty tree.

15 months agoReenable clienttest and servertest
tb [Wed, 12 Jul 2023 07:03:24 +0000 (07:03 +0000)]
Reenable clienttest and servertest

15 months agoFix last bit of the clienttest, needs ssl_pkt.c r1.66
tb [Tue, 11 Jul 2023 17:03:44 +0000 (17:03 +0000)]
Fix last bit of the clienttest, needs ssl_pkt.c r1.66

15 months agoRemove old workaround for F5
tb [Tue, 11 Jul 2023 17:02:47 +0000 (17:02 +0000)]
Remove old workaround for F5

F5 is well-known for needing workaround (go read RFC 8446). In this
particular case, it required implementation sending CHs larger than
255 bytes to 0x0300 otherwise their server would hang. This is the
same hang that required the CH padding extension which broke other
implementations. The CH padding extension was removed ~6 years ago,
so hopefully this kludge will no longer needed either.

ok jsing

15 months agodrop engine support
op [Tue, 11 Jul 2023 16:40:22 +0000 (16:40 +0000)]
drop engine support

diff originally by tb@, tweaked to apply after the useless logging
methods removal.

ok tb

15 months agoremove the useless logging methods
op [Tue, 11 Jul 2023 16:39:41 +0000 (16:39 +0000)]
remove the useless logging methods

Instead of wrapping all the methods of the RSA and ECDSA ENGINE,
duplicate the default and override only the ones that are actually
needed for the privsep crypto engine.

part of a larger diff that's ok tb@

15 months agoRemove Ns and Li and change Nm to Ic, suggested by jmc.
nicm [Tue, 11 Jul 2023 16:09:09 +0000 (16:09 +0000)]
Remove Ns and Li and change Nm to Ic, suggested by jmc.

15 months agoBump version for -portable release
claudio [Tue, 11 Jul 2023 15:18:31 +0000 (15:18 +0000)]
Bump version for -portable release

15 months agoNo need to initialize the first element of st->string since it was just
claudio [Tue, 11 Jul 2023 12:14:16 +0000 (12:14 +0000)]
No need to initialize the first element of st->string since it was just
calloc(3)-ed a few lines above.
OK tb@

15 months agoKeep servertest silent and align with clienttest
tb [Tue, 11 Jul 2023 11:52:35 +0000 (11:52 +0000)]
Keep servertest silent and align with clienttest

15 months agoNeuter expected server test failures with SSLv2
tb [Tue, 11 Jul 2023 10:09:47 +0000 (10:09 +0000)]
Neuter expected server test failures with SSLv2

This test should either be extended or retired. As it is it is useless.

15 months agoFix most of the clienttest. With this only test cases 9 and 13 fail.
tb [Tue, 11 Jul 2023 08:31:34 +0000 (08:31 +0000)]
Fix most of the clienttest. With this only test cases 9 and 13 fail.

15 months agoAdd descriptions of copy mode commands, from Michael Bianco.
nicm [Tue, 11 Jul 2023 07:34:23 +0000 (07:34 +0000)]
Add descriptions of copy mode commands, from Michael Bianco.

15 months agoRework sleep_setup()/sleep_finish() to no longer hold the scheduler lock
claudio [Tue, 11 Jul 2023 07:02:43 +0000 (07:02 +0000)]
Rework sleep_setup()/sleep_finish() to no longer hold the scheduler lock
between calls.

Instead of forcing an atomic operation across multiple calls use a three
step transaction.
1. setup sleep state by calling sleep_setup()
2. recheck sleep condition to ensure that the event did not fire before
   sleep_setup() registered the proc onto the sleep queue
3. call sleep_finish() to either sleep or keep on running based on the
   step 2 outcome and any possible signal delivery

To make this work wakeup from signals, single thread api and wakeup(9) need
to be aware if a process is between step 1 and step 3 so that the process
is not enqueued back onto the runqueue while going to sleep. Introduce
the p_flag P_WSLEEP to detect this situation.

On top of this remove the spl dance in msleep() which is no longer required.
It is ok to process interrupts between step 1 and 3.

OK mpi@ cheloha@

15 months agoTrim leading whitespace from find(1) output, missed in previous.
anton [Tue, 11 Jul 2023 06:09:32 +0000 (06:09 +0000)]
Trim leading whitespace from find(1) output, missed in previous.

15 months agoAllow unveiled programs to dump core (in the default, classic, into . way)
deraadt [Mon, 10 Jul 2023 22:54:40 +0000 (22:54 +0000)]
Allow unveiled programs to dump core (in the default, classic, into . way)
by passing BYPASSUNVEIL just for this vnode.  The coredump() code is quite
careful, so this will be fine.
ok kn kettenis semarie

15 months agoAdd test case for negative number with highest bit of top octet set
tb [Mon, 10 Jul 2023 20:21:37 +0000 (20:21 +0000)]
Add test case for negative number with highest bit of top octet set

This currently adds an incorrect 00: padding, consistent with OpenSSL's
behavior.

15 months agoix(4): allocate less memory for tx buffers
jan [Mon, 10 Jul 2023 19:36:54 +0000 (19:36 +0000)]
ix(4): allocate less memory for tx buffers

TSO packets are limited to MAXMCLBYTES (64k).  Thus, we don't need to
allocate IXGBE_TSO_SIZE (256k) per packet for the transmit buffers.

tested by bluhm

ok bluhm@

15 months agoRename EC_KEY from r to key like in the rest of the file
tb [Mon, 10 Jul 2023 19:10:51 +0000 (19:10 +0000)]
Rename EC_KEY from r to key like in the rest of the file

15 months agoThe rsync tests are unstable since the directory listing includes the
anton [Mon, 10 Jul 2023 17:46:29 +0000 (17:46 +0000)]
The rsync tests are unstable since the directory listing includes the
last modification timestamp. One directory represents the one rsync is
operating on and the other is our reference to compare against. If the
current time managed to tick up to the next minute between creation of
the two directories, the timestamps will differ.

Improving the normalization in the findme helper makes the tests stable.

ok bluhm@ claudio@

15 months agoInfer the timeout from the environment, with sane defaults. Should
anton [Mon, 10 Jul 2023 17:46:03 +0000 (17:46 +0000)]
Infer the timeout from the environment, with sane defaults. Should
hopefully make these tests more stable on my slow^W regress machines.

ok sashan@

15 months agoImprove err/warn messages:
anton [Mon, 10 Jul 2023 17:45:17 +0000 (17:45 +0000)]
Improve err/warn messages:

* The colon space separator is already appended by err/warn.
* Favor err(1, NULL) for malloc errors.

15 months agoDon't open files that will be skipped
jeremy [Mon, 10 Jul 2023 16:28:33 +0000 (16:28 +0000)]
Don't open files that will be skipped

Previously, when creating an archive file with pax(1), pax will attempt
to open a file even if the file will be skipped due to an -s replacement
with the empty string. With this change, pax will not attempt to open
files that it knows will be skipped.

When doing direct copies to a directory (-rw), pax already skips
the file before attempting to open it. So this makes the behavior
more consistent.

This can measurably speed up pax when skipping a large number of files.

OK tb@

15 months agoThe changes to the register layout affect the interrupt status/ack registers
patrick [Mon, 10 Jul 2023 13:48:02 +0000 (13:48 +0000)]
The changes to the register layout affect the interrupt status/ack registers
as well.  Make use of these, otherwise it might lead to an interrupt flood.

ok kettenis@

15 months agoUpdate outdated comment
job [Mon, 10 Jul 2023 12:02:37 +0000 (12:02 +0000)]
Update outdated comment

15 months agoIt should no longer be necessary to ignore SIGCHLD because it is now
nicm [Mon, 10 Jul 2023 12:00:08 +0000 (12:00 +0000)]
It should no longer be necessary to ignore SIGCHLD because it is now
blocked around daemon(), and doing so causes trouble with newer libevent
(it cannot restore the original handler). Reported by Azat Khuzhin in
GitHub issue 3626.

15 months agoLoop around waitpid in client, from Azat Khuzhin.
nicm [Mon, 10 Jul 2023 09:35:46 +0000 (09:35 +0000)]
Loop around waitpid in client, from Azat Khuzhin.

15 months agofinish v5.36, UList was a bit more work
espie [Mon, 10 Jul 2023 09:29:48 +0000 (09:29 +0000)]
finish v5.36, UList was a bit more work

15 months agoUse a stack for last panes line windows, from Thomas Bertschinger in
nicm [Mon, 10 Jul 2023 09:24:53 +0000 (09:24 +0000)]
Use a stack for last panes line windows, from Thomas Bertschinger in
GitHub issue 3588.

15 months agomisplaced debug message
djm [Mon, 10 Jul 2023 04:51:26 +0000 (04:51 +0000)]
misplaced debug message

15 months agoEnable Indirect Branch Tracking for amd64 userland, using XSAVES/XRSTORS
guenther [Mon, 10 Jul 2023 03:32:10 +0000 (03:32 +0000)]
Enable Indirect Branch Tracking for amd64 userland, using XSAVES/XRSTORS
to save/restore the state and enabling it at exec-time (and for
signal handling) if the PS_NOBTCFI flag isn't set.

Note: this changes the format of the sc_fpstate data in the signal
context to possibly be in compressed format: starting now we just
guarantee that that state is in a format understood by the XRSTOR
instruction of the system that is being executed on.

At this time, passing sigreturn a corrupt sc_fpstate now results
in the process exiting with no attempt to fix it up or send a
T_PROTFLT trap.  That may change.

prodding by deraadt@
issues with my original signal handling design identified by kettenis@

lots of base and ports preparation for this by deraadt@ and the
libressl and ports teams

ok deraadt@ kettenis@

15 months agoAdd PS_NOBTCFI, a per-process flag indicating that Branch Target
guenther [Mon, 10 Jul 2023 03:31:57 +0000 (03:31 +0000)]
Add PS_NOBTCFI, a per-process flag indicating that Branch Target
Control Flow Integrity has been disabled for the process.  At
exec-time, set that flag iff EXEC_NOBTCFI is passed from the ELF
exec bits (which set it based on presence of a PT_OPENBSD_NOBTCFI
segment).  This will be used by the amd64 code.

kern_exec.c part by kettenis@
ok guenther@ deraadt@

15 months agoPull BIGNUM constants out of get_* function bodies
tb [Mon, 10 Jul 2023 03:26:30 +0000 (03:26 +0000)]
Pull BIGNUM constants out of get_* function bodies

The get_rfc*_prime_* functions will be removed. The constants will remain
for the BN_get_rfc*_prime_* functions. Make the latter call BN_bin2bn()
directly on these constants rather than going through get_*. This avoids
some overlong lines. Also KNF for some comments.

Reduces the diff I currently carry by quite a bit.

15 months agoBIO_indent: use %*s rather than puts in a loop
tb [Mon, 10 Jul 2023 02:33:33 +0000 (02:33 +0000)]
BIO_indent: use %*s rather than puts in a loop

ok beck jsing millert

15 months agobn_print: string.h is no longer needed
tb [Mon, 10 Jul 2023 02:29:28 +0000 (02:29 +0000)]
bn_print: string.h is no longer needed

15 months agosync
deraadt [Mon, 10 Jul 2023 00:31:03 +0000 (00:31 +0000)]
sync

15 months agoCall closefrom after removing signals because newer libevent doesn't
nicm [Sun, 9 Jul 2023 22:54:52 +0000 (22:54 +0000)]
Call closefrom after removing signals because newer libevent doesn't
like its signal fd being closed Azat Khuzhin.

15 months agoFix ndef_{prefix,suffix}()
tb [Sun, 9 Jul 2023 19:22:43 +0000 (19:22 +0000)]
Fix ndef_{prefix,suffix}()

These functions inline a poor version of asn1_item_flags_i2d() without
error checks. This can be replaced with a single correct call to
ASN1_item_ndef_i2d(). Mechanically adding malloc checks and checks for
negative did not really improve things all that much in a related project.

ok beck jsing

15 months agoIt turns out that there are seperate pins for the PCIe Gen 2 and 3, which
patrick [Sun, 9 Jul 2023 19:11:30 +0000 (19:11 +0000)]
It turns out that there are seperate pins for the PCIe Gen 2 and 3, which
means that the x4 PCIe controller can get all PCIe Gen 3 lines, while the
others then only get PCIe Gen 2 lines.  Therefore the decision on how to
configure the mux needs to be adjusted so that the PCIe Gen 3 lines are
only routed to other PCIe controllers when they are explicitly configured
for them.  While there, fix an obvious typo.

ok kettenis@

15 months agoFix route entry leak.
bluhm [Sun, 9 Jul 2023 19:06:48 +0000 (19:06 +0000)]
Fix route entry leak.

In in6_ifdetach() two struct rtentry were leaked.  This was triggered
by regress/sbin/route and detected with btrace(8) refcnt.  The
reference returned by rtalloc() must be freed with rtfree() in all
cases.

OK phessler@ mvs@

15 months agoReimplement BN_print() and BN_print_fp()
tb [Sun, 9 Jul 2023 18:37:58 +0000 (18:37 +0000)]
Reimplement BN_print() and BN_print_fp()

These can now use the internal version of BN_bn2hex() and be direct
wrappers of BIO_printf() and fprintf() as they should have been all
along.

ok jsing

15 months agoSimplify bn_print()
tb [Sun, 9 Jul 2023 18:35:52 +0000 (18:35 +0000)]
Simplify bn_print()

We no longer need to do weird things as taking the length of the hex
string and jumping over a sign we didn't need.

ok jsing

15 months agoRefactor BN_bn2hex()
tb [Sun, 9 Jul 2023 18:27:22 +0000 (18:27 +0000)]
Refactor BN_bn2hex()

Various outputting functions are variants of BN_bn2hex(). They do not
want a sign or they display the BIGNUM at nibble granularity instead
of byte granularity. So add this functionality to an internal variant
of BN_bn2hex().

with/ok jsing

15 months agoAdd some more RK3588 PCIe clocks and resets.
patrick [Sun, 9 Jul 2023 16:33:49 +0000 (16:33 +0000)]
Add some more RK3588 PCIe clocks and resets.

ok kettenis@

15 months agoSome Perl tests set owner, permissions, access time, and modification
bluhm [Sun, 9 Jul 2023 13:30:03 +0000 (13:30 +0000)]
Some Perl tests set owner, permissions, access time, and modification
time on files in the Perl source distribution.  Replace the symlink
in obj directory with a copy, so that they do not modify OpenBSD
src tree.

15 months agoAdd mute control. This makes the mute button on laptops that use sncodec(4)
kettenis [Sun, 9 Jul 2023 12:32:22 +0000 (12:32 +0000)]
Add mute control.  This makes the mute button on laptops that use sncodec(4)
work.

ok tobhe@

15 months agoProvide optimised bn_subw() for riscv64.
jsing [Sun, 9 Jul 2023 10:37:32 +0000 (10:37 +0000)]
Provide optimised bn_subw() for riscv64.

15 months agoProvide optimised bn_addw() for riscv64.
jsing [Sun, 9 Jul 2023 10:36:53 +0000 (10:36 +0000)]
Provide optimised bn_addw() for riscv64.