openbsd
10 years agoHave rgephy(4) always use RL_GMEDIASTAT to retrieve the link/media status
brad [Mon, 30 Dec 2013 22:25:25 +0000 (22:25 +0000)]
Have rgephy(4) always use RL_GMEDIASTAT to retrieve the link/media status
when attached to re(4), as was done before rev 1.25 which was intended to
fix rgephy(4) with external PHY with MACs other than re(4). This is to
fix operation with some integrated PHY on re(4) where the PHY Specific
Status register does not work properly and the link cannot be established.

From FreeBSD and matches what the Linux driver does.

Tested on a number of newer re(4) with PHYs rev 2, 4 and 5 and
newer integrated PHY with the 8168G controllers.

10 years agoDo not leak symtab fd (if at fd limit might even prevent correct operation)
deraadt [Mon, 30 Dec 2013 22:01:23 +0000 (22:01 +0000)]
Do not leak symtab fd (if at fd limit might even prevent correct operation)
from Loganaden Velvindron

10 years agoWhen a function does not obviously terminate itself, it is good practice
deraadt [Mon, 30 Dec 2013 21:58:07 +0000 (21:58 +0000)]
When a function does not obviously terminate itself, it is good practice
to clean up a bit.

10 years agomemory leak, Coverity CID 1748, Loganaden Velvindron
deraadt [Mon, 30 Dec 2013 21:52:21 +0000 (21:52 +0000)]
memory leak, Coverity CID 1748, Loganaden Velvindron

10 years agolast entry in SEE ALSO should not end with a comma;
jmc [Mon, 30 Dec 2013 19:22:08 +0000 (19:22 +0000)]
last entry in SEE ALSO should not end with a comma;

10 years ago- the hint to symlink to upgrade.conf belongs to the install.conf example
rpe [Mon, 30 Dec 2013 19:04:56 +0000 (19:04 +0000)]
- the hint to symlink to upgrade.conf belongs to the install.conf example
- zap reference to pxeboot(8), diskless(8) has all the info

ok jmc@ halex@

10 years agoExpand the MSI support to cover most of the remaining bge(4) chipsets with the
brad [Mon, 30 Dec 2013 18:47:45 +0000 (18:47 +0000)]
Expand the MSI support to cover most of the remaining bge(4) chipsets with the
exception being the BCM5714 family for now.

Tested on a variety of newer chipsets.

ok sthen@

10 years agoOops, missed one:
schwarze [Mon, 30 Dec 2013 18:42:55 +0000 (18:42 +0000)]
Oops, missed one:
Remove duplicate const specifier from a call to mandoc_escape().
Found by Thomas Klausner <wiz at NetBSD dot org> using clang.
No functional change.

10 years agoRemove duplicate const specifiers from the declaration of mandoc_escape().
schwarze [Mon, 30 Dec 2013 18:27:15 +0000 (18:27 +0000)]
Remove duplicate const specifiers from the declaration of mandoc_escape().
Found by Thomas Klausner <wiz at NetBSD dot org> using clang.
No functional change.

10 years agoDocument SIGNING_PARAMETERS
espie [Mon, 30 Dec 2013 12:43:17 +0000 (12:43 +0000)]
Document SIGNING_PARAMETERS

10 years agoEnable snooping on Lynx Point-LP HD Audio.
jsg [Mon, 30 Dec 2013 10:53:30 +0000 (10:53 +0000)]
Enable snooping on Lynx Point-LP HD Audio.
Fixes audio problems on an Acer Aspire E1 572G
reported by Mark Rowland.

10 years agoRecognize PT_OPENBSD_RANDOMIZE in linker scripts.
kettenis [Mon, 30 Dec 2013 10:30:00 +0000 (10:30 +0000)]
Recognize PT_OPENBSD_RANDOMIZE in linker scripts.

ok miod@, matthew@

10 years agoSupport .St -p1003.1-2013, "IEEE Std 1003.1-2008/Cor 1-2013".
schwarze [Mon, 30 Dec 2013 09:47:43 +0000 (09:47 +0000)]
Support .St -p1003.1-2013, "IEEE Std 1003.1-2008/Cor 1-2013".

Note that the POSIX-2008 standard remains in force, so please refrain
from wholesale 2008 -> 2013 replacements.  Make sure to only use the
new -p1003.1-2013 argument for cases where "IEEE Std 1003.1(TM)-2008/
Cor 1-2013, IEEE Standard for Information Technology--Portable
Operating System Interface (POSIX(R)), Technical Corrigendum 1"
actually changes something in the standard with respect to the
specific function documented in the manual you touch.  Otherwise,
please continue using .St -p1003.1-2008.

Triggered by a similar, but slightly incorrect patch from jmc@;
ok guenther@.

10 years ago@vendor annotation
espie [Mon, 30 Dec 2013 09:14:49 +0000 (09:14 +0000)]
@vendor annotation

10 years agouse replacing method (and not var)
espie [Mon, 30 Dec 2013 09:02:37 +0000 (09:02 +0000)]
use replacing method (and not var)

10 years agoexplicitly fix the PATH to something sensible
espie [Mon, 30 Dec 2013 09:01:30 +0000 (09:01 +0000)]
explicitly fix the PATH to something sensible
move "replacing" to a method, so that it can be more specific later.

10 years agoCorrect initialization of Bt458, used in LUNA's 8bpp frame buffer.
aoyama [Mon, 30 Dec 2013 07:33:40 +0000 (07:33 +0000)]
Correct initialization of Bt458, used in LUNA's 8bpp frame buffer.

According to the manual, the address register does not automatically
increment when we access to the control registers.  Also we disable
overlay planes, because we do not use them.

This diff should be one of preliminaries for upcoming colored wscons on
luna88k.

ok miod@

10 years agoFix IOC4DEV_xxx numbers, so that devices besides the first two serial ports
miod [Mon, 30 Dec 2013 05:27:01 +0000 (05:27 +0000)]
Fix IOC4DEV_xxx numbers, so that devices besides the first two serial ports
actually handle their own interrupts. How could this get unnoticed so far?

10 years agoReplace yet another hand-rolled list with a TAILQ. reject_list this
krw [Mon, 30 Dec 2013 03:36:17 +0000 (03:36 +0000)]
Replace yet another hand-rolled list with a TAILQ. reject_list this
time.

10 years agoAdd Broadcom BCM57764, BCM57767 and BCM57787 PCI ids.
brad [Mon, 30 Dec 2013 02:10:58 +0000 (02:10 +0000)]
Add Broadcom BCM57764, BCM57767 and BCM57787 PCI ids.

10 years agoTest mdoc_macro.c rev. 1.83.
schwarze [Mon, 30 Dec 2013 00:56:40 +0000 (00:56 +0000)]
Test mdoc_macro.c rev. 1.83.

10 years agoSimplify: Remove an unused argument from the mandoc_eos() function.
schwarze [Mon, 30 Dec 2013 00:52:18 +0000 (00:52 +0000)]
Simplify: Remove an unused argument from the mandoc_eos() function.
No functional change.

10 years agoDo not trigger end-of-sentence spacing by trailing punctuation
schwarze [Mon, 30 Dec 2013 00:20:18 +0000 (00:20 +0000)]
Do not trigger end-of-sentence spacing by trailing punctuation
at the end of partial implicit macros.  Prodded by jmc@.

Actually, this is a revert of rev. 1.39 Sat May 15 09:20:01 2010 UTC,
which in turn is mdocml.bsd.lv rev. 1.64 Fri May 14 14:09:13 2010 UTC
by kristaps@, with this original commit message:
"Block-implicit macros now up-propogate end-of-sentence spacing.
NOTE: GROFF IS NOT SMART ENOUGH TO DO THIS."
Please speak after me: Then why the hell should we?

We already weakened this in rev. 1.55 Fri Jul 16 00:34:33 2010 UTC,
but that weakening was insufficient.  Let's take it out completely.

Admittedly, there are two places in base where what Kristaps did
made the output nicer, in calloc(3) and in fish(6).  But both are
atypical.  There are 18 other places where this revert makes the
output nicer, the typical case being:
"Mail status is shown as ``No Mail.''  if there is no mail."
You do *not* want the EOS spacing after ``No Mail.'' in that sentence.

10 years ago+.Sh EXIT STATUS
jmc [Sun, 29 Dec 2013 21:38:29 +0000 (21:38 +0000)]
+.Sh EXIT STATUS

10 years agoupdate sha256(1) to better reflect that it documents sha512 now too.
jmc [Sun, 29 Dec 2013 21:19:11 +0000 (21:19 +0000)]
update sha256(1) to better reflect that it documents sha512 now too.
that led me to whack some unneccessary mark up and quoting (and phrasing),
and the changes to the other pages are really just to unify the newer
text layout;

tedu provided feedback and answers (thanks);

10 years agoIn tlbdsmiss, do not trash the tlb pointer by mistake. From NetBSD (PR #39257)
miod [Sun, 29 Dec 2013 21:06:37 +0000 (21:06 +0000)]
In tlbdsmiss, do not trash the tlb pointer by mistake. From NetBSD (PR #39257)

10 years agoRemove excessive parentheses.
brad [Sun, 29 Dec 2013 19:09:21 +0000 (19:09 +0000)]
Remove excessive parentheses.

pmap.c:1061:13: error: equality comparison with extraneous parentheses [-Werror,-Wparentheses-equality]

ok mpi@

10 years agogrammar fix previous;
jmc [Sun, 29 Dec 2013 18:46:09 +0000 (18:46 +0000)]
grammar fix previous;

10 years agopuccini entry already appears in calendar.music;
jmc [Sun, 29 Dec 2013 18:44:43 +0000 (18:44 +0000)]
puccini entry already appears in calendar.music;
From: frantisek holop

10 years agoForce clock clamping after one byte received instead of three. There are still
miod [Sun, 29 Dec 2013 18:31:50 +0000 (18:31 +0000)]
Force clock clamping after one byte received instead of three. There are still
circumstances where the pckbc code gets confused otherwise, on *some*
controllers.

10 years agoFix fd leaks when fd < 0 or flock() fails. Original diff from
krw [Sun, 29 Dec 2013 14:26:22 +0000 (14:26 +0000)]
Fix fd leaks when fd < 0 or flock() fails. Original diff from
NetBSD via Loganaden Velvindron out of cppcheck.

10 years agofix sign-while-creating mode
espie [Sun, 29 Dec 2013 13:40:54 +0000 (13:40 +0000)]
fix sign-while-creating mode

10 years agowhen showing other hostkeys, don't forget Ed25519 keys
djm [Sun, 29 Dec 2013 05:57:02 +0000 (05:57 +0000)]
when showing other hostkeys, don't forget Ed25519 keys

10 years ago- Verify that the FPU exception flags weren't clobbered as required by C99.
martynas [Sun, 29 Dec 2013 05:46:43 +0000 (05:46 +0000)]
- Verify that the FPU exception flags weren't clobbered as required by C99.
- Additionally, test _setjmp and sigsetjmp as implementations are different.

10 years agodon't forget to load Ed25519 certs too
djm [Sun, 29 Dec 2013 05:42:16 +0000 (05:42 +0000)]
don't forget to load Ed25519 certs too

10 years agodon't refuse to load Ed25519 certificates
djm [Sun, 29 Dec 2013 04:35:50 +0000 (04:35 +0000)]
don't refuse to load Ed25519 certificates

10 years agoallow deletion of ed25519 keys from the agent
djm [Sun, 29 Dec 2013 04:29:25 +0000 (04:29 +0000)]
allow deletion of ed25519 keys from the agent

10 years agoto make sure we don't omit any key types as valid CA keys again,
djm [Sun, 29 Dec 2013 04:20:04 +0000 (04:20 +0000)]
to make sure we don't omit any key types as valid CA keys again,
factor the valid key type check into a key_type_is_valid_ca()
function

10 years agoAdd MLINK for db_vprintf(9)
guenther [Sun, 29 Dec 2013 03:16:42 +0000 (03:16 +0000)]
Add MLINK for db_vprintf(9)

10 years agoAdd db_vprintf() and indicate that db_v?printf() are in <ddb/db_output.h>
guenther [Sun, 29 Dec 2013 03:15:03 +0000 (03:15 +0000)]
Add db_vprintf() and indicate that db_v?printf() are in <ddb/db_output.h>

10 years agocorrect comment for key_drop_cert()
djm [Sun, 29 Dec 2013 02:49:52 +0000 (02:49 +0000)]
correct comment for key_drop_cert()

10 years agocorrect comment for key_to_certified()
djm [Sun, 29 Dec 2013 02:37:04 +0000 (02:37 +0000)]
correct comment for key_to_certified()

10 years agoallow ed25519 keys to appear as certificate authorities
djm [Sun, 29 Dec 2013 02:28:10 +0000 (02:28 +0000)]
allow ed25519 keys to appear as certificate authorities

10 years agoAdd a regression test to verify that the FPU control word state is
martynas [Sun, 29 Dec 2013 01:39:44 +0000 (01:39 +0000)]
Add a regression test to verify that the FPU control word state is
preserved by setjmp.  Currently under REGRESS_FULL as this fails
on certain archs.

10 years agoregen
miod [Sun, 29 Dec 2013 00:55:11 +0000 (00:55 +0000)]
regen

10 years agoIntel NM70
miod [Sun, 29 Dec 2013 00:55:06 +0000 (00:55 +0000)]
Intel NM70

10 years agoThe mips partition table in the volume header uses 512-byte logical units,
miod [Sat, 28 Dec 2013 23:37:00 +0000 (23:37 +0000)]
The mips partition table in the volume header uses 512-byte logical units,
not sectors; don't multiply by the sector size to get the proper disk offsets.

This will let install.iso be built with the OpenBSD label at the expected
location, instead of within the ffs filesystem; we had been lucky enough the
area being overwritten was not in use so far.

10 years agoRemove unused variable 'token'. Spotted by deraadt@
krw [Sat, 28 Dec 2013 21:48:04 +0000 (21:48 +0000)]
Remove unused variable 'token'. Spotted by deraadt@

10 years agoTry to load entropy data from disk:/etc/random.seed. Then, insert this into
kettenis [Sat, 28 Dec 2013 21:00:21 +0000 (21:00 +0000)]
Try to load entropy data from disk:/etc/random.seed.  Then, insert this into
the ELF openbsd.randomdata of the kernel, so that it has entropy right from
the start.

10 years agooops, the fallback stack protector code must handle 64-bit guards
deraadt [Sat, 28 Dec 2013 20:52:48 +0000 (20:52 +0000)]
oops, the fallback stack protector code must handle 64-bit guards
spotted by kettenis

10 years agoAlways call PHY_RESET upon attaching eephy(4) so as to do PHY initialization,
brad [Sat, 28 Dec 2013 20:32:16 +0000 (20:32 +0000)]
Always call PHY_RESET upon attaching eephy(4) so as to do PHY initialization,
to match behavior before rev 1.52.

ok deraadt@

10 years agoMake sure the PT_OPENBSD_RANDOMIZE program header actually covers the data
kettenis [Sat, 28 Dec 2013 19:27:35 +0000 (19:27 +0000)]
Make sure the PT_OPENBSD_RANDOMIZE program header actually covers the data
we want to initialize with randomness.  It covered exactly nothing before!

10 years agosync
deraadt [Sat, 28 Dec 2013 19:04:35 +0000 (19:04 +0000)]
sync

10 years agoDo not need __guard[] anymore since we are now relying on __guard_local
deraadt [Sat, 28 Dec 2013 18:42:42 +0000 (18:42 +0000)]
Do not need __guard[] anymore since we are now relying on __guard_local
for a while already
ok miod kettenis

10 years agoDo not need __guard anymore
deraadt [Sat, 28 Dec 2013 18:41:48 +0000 (18:41 +0000)]
Do not need __guard anymore
Discussion with miod
ok kettenis

10 years agoMove atexit(3) into crtbegin.c and certbeginS.c such that we can pass the
kettenis [Sat, 28 Dec 2013 18:38:42 +0000 (18:38 +0000)]
Move atexit(3) into crtbegin.c and certbeginS.c such that we can pass the
right __dso_handle and have dlopen'ed shared objects run their atexit handlers
when they get unloaded.  This is what Linux does, and several ports depend on
this behaviour (and will crash upon exit without this chang).

Based on an earlier diff from matthew@
Tested by ajacoutot@
ok deraadt@

10 years agoBack out the previous commit; rodata gets merged with text by the linker.
kettenis [Sat, 28 Dec 2013 18:20:51 +0000 (18:20 +0000)]
Back out the previous commit; rodata gets merged with text by the linker.
Having a seperate rodata segment won't work anyway without significant pmap
changes.

10 years agocreate rodata PHDR; ok kettenis
deraadt [Sat, 28 Dec 2013 17:57:51 +0000 (17:57 +0000)]
create rodata PHDR; ok kettenis

10 years agoRequire an explicit PT_OPENBSD_RANDOMIZE program header in the kernel linker
miod [Sat, 28 Dec 2013 17:57:14 +0000 (17:57 +0000)]
Require an explicit PT_OPENBSD_RANDOMIZE program header in the kernel linker
script (note that the amd64 linker script is currently not used).
Discussed with deraadt@

10 years agoi386 changes to PIE. See faq/current.html or use the snapshots to cross
deraadt [Sat, 28 Dec 2013 17:08:48 +0000 (17:08 +0000)]
i386 changes to PIE.  See faq/current.html or use the snapshots to cross
this.

10 years agoFurther clean up and unification of the amd64 and i386 boot(8) makefiles.
jsing [Sat, 28 Dec 2013 15:16:28 +0000 (15:16 +0000)]
Further clean up and unification of the amd64 and i386 boot(8) makefiles.

10 years agoActually load the second-stage boot loader so that softraid can store it in
jsing [Sat, 28 Dec 2013 15:05:34 +0000 (15:05 +0000)]
Actually load the second-stage boot loader so that softraid can store it in
the softraid boot area.

10 years agosparc64 uses /ofwboot as the second stage, not /boot.
jsing [Sat, 28 Dec 2013 15:03:47 +0000 (15:03 +0000)]
sparc64 uses /ofwboot as the second stage, not /boot.

10 years agoAdd installboot support for sparc64.
jsing [Sat, 28 Dec 2013 14:45:57 +0000 (14:45 +0000)]
Add installboot support for sparc64.

10 years agoAdd installboot support for the remaining `disklabel -B' architectures
jsing [Sat, 28 Dec 2013 13:58:15 +0000 (13:58 +0000)]
Add installboot support for the remaining `disklabel -B' architectures
(hp300, hppa64 and landisk). hp300 and landisk are untested, however they
should "just work" - hopefully someone with access to this hardware can
confirm.

10 years agoAdd installboot support for vax.
jsing [Sat, 28 Dec 2013 12:03:57 +0000 (12:03 +0000)]
Add installboot support for vax.

10 years agoRound the size of the bootstrap up to a multiple of the disk sector size.
jsing [Sat, 28 Dec 2013 12:01:33 +0000 (12:01 +0000)]
Round the size of the bootstrap up to a multiple of the disk sector size.
Some bootstraps are already built this way, however others are not.

10 years agoVarious code clean ups - add a missing header, add a missing prototype,
jsing [Sat, 28 Dec 2013 11:26:57 +0000 (11:26 +0000)]
Various code clean ups - add a missing header, add a missing prototype,
add some casts, tweak some types and variable names.

10 years agoTweak makefiles so that we pull in source files based on defines.
jsing [Sat, 28 Dec 2013 11:00:33 +0000 (11:00 +0000)]
Tweak makefiles so that we pull in source files based on defines.

10 years agoAttempt to approximate what should happen on a suspend/resume cycle.
deraadt [Sat, 28 Dec 2013 03:39:16 +0000 (03:39 +0000)]
Attempt to approximate what should happen on a suspend/resume cycle.
If the driver was doing some IO, we remove the timeouts, and force the
fdc state machine into IOTIMEDOUT state with the final timeout count
before a clean retry.  In theory upon resume it should freak out quietly,
and try the operation again.
Noone has stepped forward to test this yet.

10 years agoSync activate code sequnces to if_msk.c as much as possible, in case
deraadt [Sat, 28 Dec 2013 03:36:25 +0000 (03:36 +0000)]
Sync activate code sequnces to if_msk.c as much as possible, in case
one of these is ever found in a suspend/hibernate system.

10 years agoThe few network drivers that called their children's (ie. mii PHY
deraadt [Sat, 28 Dec 2013 03:35:42 +0000 (03:35 +0000)]
The few network drivers that called their children's (ie. mii PHY
drivers) activate functions at DVACT_RESUME time do not need to do
so, since their PHYs are repaired by IFF_UP.
NOTE: if_msk is the one that previously relied on mii/eephy.c doing
a crazy dance.

10 years agoThe few network drivers that called their children's (ie. mii PHY
deraadt [Sat, 28 Dec 2013 03:34:53 +0000 (03:34 +0000)]
The few network drivers that called their children's (ie. mii PHY
drivers) activate functions at DVACT_RESUME time do not need to do
so, since their PHYs are repaired by IFF_UP.

10 years agomii drivers no longer need activate functions. Repair of the PHY
deraadt [Sat, 28 Dec 2013 03:30:40 +0000 (03:30 +0000)]
mii drivers no longer need activate functions.  Repair of the PHY
configuration setting is done at resume time because all networks
drivers which were previously up, do an IFF_UP operation which
hits PHY_RESET.
This was in snapshots for about 2 weeks.

10 years agoMove the fairly heavy eephy_init sequence [which was only done at
deraadt [Sat, 28 Dec 2013 03:28:45 +0000 (03:28 +0000)]
Move the fairly heavy eephy_init sequence [which was only done at
attach() and activate() time] into the eephy_reset() routine.  This
means that a bit more work gets done at PHY_RESET time, but it means
also means it gets done in all scenarios.  Why?  For the next commit...
This was in snapshots for about 2 weeks.

10 years agochange the stack protector guard into a long word (removing the old legacy
deraadt [Sat, 28 Dec 2013 03:22:52 +0000 (03:22 +0000)]
change the stack protector guard into a long word (removing the old legacy
compat pointed out by miod), and place it inside the ELF .openbsd.randomdata
segment.  Inside main(), only re-initialize the guard if the bootblocks
failed to initialize it for us.

10 years ago- adjust getcwd-1.c.exp.gcc{3,4} after the getwd linker warning got added
martynas [Sat, 28 Dec 2013 03:19:02 +0000 (03:19 +0000)]
- adjust getcwd-1.c.exp.gcc{3,4} after the getwd linker warning got added
- adjust gcc-builtins to use the same approach as gcc-bounds
- enable gcc-bounds and gcc-builtins in the default regression suite
now that everything passes

10 years agoWe can initialize the srandom/random system earlier from arc4random,
deraadt [Sat, 28 Dec 2013 03:12:56 +0000 (03:12 +0000)]
We can initialize the srandom/random system earlier from arc4random,
and do not need microtime.

10 years agoWe can random_start() earlier (not that it does too much) and call
deraadt [Sat, 28 Dec 2013 03:04:20 +0000 (03:04 +0000)]
We can random_start() earlier (not that it does too much) and call
arc4random() much earlier.  Leading to random pids for anything
besides 0 and 1.

10 years agoPut the entropy_pool[] into the ELF .openbsd.randomdata segment.
deraadt [Sat, 28 Dec 2013 02:58:17 +0000 (02:58 +0000)]
Put the entropy_pool[] into the ELF .openbsd.randomdata segment.
Also allow random_init() to be called later, by moving a few
entropy control initializions into the lower-level _rs_seed() layer.
tested by jsing, phessler and a few others

10 years agocrank the version
deraadt [Sat, 28 Dec 2013 02:53:03 +0000 (02:53 +0000)]
crank the version

10 years agoTry to load entropy data from disk:/etc/random.seed, and additionally
deraadt [Sat, 28 Dec 2013 02:51:06 +0000 (02:51 +0000)]
Try to load entropy data from disk:/etc/random.seed, and additionally
use a MD-supplied random function.  Then, insert this into the ELF
openbsd.randomdata of the kernel, so that it has entropy right from
the start.  Some help from jsing for the softraid aspects.
Also tested by phessler

10 years agoIf we fail to decrypt the softraid keys, return EPERM rather than falling
jsing [Sat, 28 Dec 2013 02:40:41 +0000 (02:40 +0000)]
If we fail to decrypt the softraid keys, return EPERM rather than falling
through and failing when we attempt to read and validate the disklabel.
Also return ENOTSUP rather than EPERM if an attempt is made to write to a
softraid volume.

10 years agoUse preprocessor symbols where possible.
deraadt [Sat, 28 Dec 2013 02:33:15 +0000 (02:33 +0000)]
Use preprocessor symbols where possible.

10 years agoPrevent GCC from inlining these unsafe builtins: sprintf, vsprintf,
martynas [Sat, 28 Dec 2013 02:27:08 +0000 (02:27 +0000)]
Prevent GCC from inlining these unsafe builtins: sprintf, vsprintf,
stpcpy, strcat, strcpy.  Also don't simplify some safe builtins
into unsafe ones, otherwise we'll hit the linker with the bogus
warning.  OK miod@, millert@.

10 years agoAdd initial implementations of early MD random, for use in the boot code.
jsing [Sat, 28 Dec 2013 02:25:26 +0000 (02:25 +0000)]
Add initial implementations of early MD random, for use in the boot code.
This makes use of rdrand if the CPU supports it, otherwise we fall back to
using rdtsc. Further development will happen in the tree.

Tested by phessler@

ok deraadt@

10 years agoAdd regression tests to check whether GCC folds unsafe builtins and
martynas [Sat, 28 Dec 2013 02:14:32 +0000 (02:14 +0000)]
Add regression tests to check whether GCC folds unsafe builtins and
actually shows the security warning.  Also add some other cases
where GCC used to yield the warning but shouldn't (e.g. strncat
simplified into strcat).

10 years agoAnnotate a few more bounded functions: realpath(3) needs a buffer
martynas [Sat, 28 Dec 2013 01:51:53 +0000 (01:51 +0000)]
Annotate a few more bounded functions: realpath(3) needs a buffer
of size at least PATH_MAX.  pread(2), pwrite(2) and readlinkat(2)
also take the buffer and the bound.  OK theo.

10 years agodocument a hack we want fixed later
deraadt [Sat, 28 Dec 2013 01:00:18 +0000 (01:00 +0000)]
document a hack we want fixed later

10 years ago- add chmod of seedfile in /etc
rpe [Fri, 27 Dec 2013 23:43:39 +0000 (23:43 +0000)]
- add chmod of seedfile in /etc
- use its return code for single/multiuser detection

ok deraadt

10 years agore-use random_seed in shutdown section
rpe [Fri, 27 Dec 2013 23:40:29 +0000 (23:40 +0000)]
re-use random_seed in shutdown section

ok deraadt

10 years agocorrect comment
djm [Fri, 27 Dec 2013 22:37:18 +0000 (22:37 +0000)]
correct comment

10 years agocreate a seed file for the bootloader in /etc/random.seed
deraadt [Fri, 27 Dec 2013 22:34:40 +0000 (22:34 +0000)]
create a seed file for the bootloader in /etc/random.seed

10 years agonest random_seed() contents into a single redirection
deraadt [Fri, 27 Dec 2013 22:33:27 +0000 (22:33 +0000)]
nest random_seed() contents into a single redirection
idea from rpe

10 years agomake the original RSA and DSA signing/verification code look more like
djm [Fri, 27 Dec 2013 22:30:17 +0000 (22:30 +0000)]
make the original RSA and DSA signing/verification code look more like
the ECDSA/Ed25519 ones: use key_type_plain() when checking the key type
rather than tediously listing all variants, use __func__ for debug/
error messages

10 years agore-do shutdown operations. Run the scripts if we may; take down carp
deraadt [Fri, 27 Dec 2013 22:15:40 +0000 (22:15 +0000)]
re-do shutdown operations.  Run the scripts if we may; take down carp
unconditionally, and then do the optional powerdown
discussed at length with rpe

10 years agoremove lots from the Makefile, since this never depended on libsa.
deraadt [Fri, 27 Dec 2013 22:08:37 +0000 (22:08 +0000)]
remove lots from the Makefile, since this never depended on libsa.

10 years agosync
deraadt [Fri, 27 Dec 2013 21:43:47 +0000 (21:43 +0000)]
sync

10 years agooops, correct wording
deraadt [Fri, 27 Dec 2013 21:40:57 +0000 (21:40 +0000)]
oops, correct wording

10 years agocorrect comment about why first 16 pages are skipped: SMI corruption
deraadt [Fri, 27 Dec 2013 21:40:16 +0000 (21:40 +0000)]
correct comment about why first 16 pages are skipped: SMI corruption
is the real cause
discussed with mlarkin