openbsd
22 months agoSwitch to struct timespec for collecting stats. This allows to use
claudio [Wed, 14 Dec 2022 10:34:49 +0000 (10:34 +0000)]
Switch to struct timespec for collecting stats. This allows to use
clock_gettime(CLOCK_MONOTONIC) for runtime calculation.
OK tb@

22 months agoPrint expiry moment in human-readable filemode in a consistent fashion across all...
job [Wed, 14 Dec 2022 08:46:58 +0000 (08:46 +0000)]
Print expiry moment in human-readable filemode in a consistent fashion across all object types

OK claudio@ tb@

22 months agoPrint issuer & serial in filemode
job [Wed, 14 Dec 2022 02:34:32 +0000 (02:34 +0000)]
Print issuer & serial in filemode

OK tb@

22 months agoIn tcp_now() switch from getnsecuptime() to getnsecruntime()
claudio [Tue, 13 Dec 2022 18:10:55 +0000 (18:10 +0000)]
In tcp_now() switch from getnsecuptime() to getnsecruntime()

The tcp timer is not supposed to run during suspend but getnsecuptime() does
and because of this sessions with TCP_KEEPALIVE on reset after a few hours
of sleep.

Problem noticed by mlarkin@, investigation by yasuoka@ additional testing jca@
OK yasuoka@ jca@ cheloha@

22 months agotimecounting: add getbinruntime(), getnsecruntime()
cheloha [Tue, 13 Dec 2022 17:30:36 +0000 (17:30 +0000)]
timecounting: add getbinruntime(), getnsecruntime()

The networking people want a fast, monotonic clock that only advances
while the system is not suspended.  The runtime clock satisfies most
of these requirements, so introduce getnsecruntime() to provide a fast
means for reading it.

Based on patches from jca@ and claudio@.

ok yasuoka@

22 months agosync
deraadt [Tue, 13 Dec 2022 17:19:02 +0000 (17:19 +0000)]
sync

22 months agoremove advent entry 11/SunLast and leave 12/SunFirst, to avoid getting
jmc [Tue, 13 Dec 2022 07:08:17 +0000 (07:08 +0000)]
remove advent entry 11/SunLast and leave 12/SunFirst, to avoid getting
two "First Sunday of Advent" entries;

22 months agoadd tipd(4);
jmc [Tue, 13 Dec 2022 06:58:03 +0000 (06:58 +0000)]
add tipd(4);

22 months agoconsistently put the Xr in "made obsolete by" in symbolic,
jmc [Tue, 13 Dec 2022 06:56:06 +0000 (06:56 +0000)]
consistently put the Xr in "made obsolete by" in symbolic,
as sigvec already does; remove the one inconsistent colon
from creat(3) in this same text

original diff from josiah frentsos

22 months agoThe C compiler -rdynamic argument is not specific to gcc, so just say 'cc'
guenther [Tue, 13 Dec 2022 02:50:01 +0000 (02:50 +0000)]
The C compiler -rdynamic argument is not specific to gcc, so just say 'cc'

queried by and ok jcw@

22 months agoClarify the default is to require message authentication.
yasuoka [Tue, 13 Dec 2022 00:59:53 +0000 (00:59 +0000)]
Clarify the default is to require message authentication.

22 months agoEnable tipd(4) on RAMDISK kernels as well.
kettenis [Mon, 12 Dec 2022 22:06:40 +0000 (22:06 +0000)]
Enable tipd(4) on RAMDISK kernels as well.

ok deraadt@

22 months agoFix typo.
kettenis [Mon, 12 Dec 2022 20:44:00 +0000 (20:44 +0000)]
Fix typo.

22 months agotipd(4)
kettenis [Mon, 12 Dec 2022 19:25:49 +0000 (19:25 +0000)]
tipd(4)

22 months agoFix USB hotplug on type-C connectors of Apple Silicon hardware. The USB
kettenis [Mon, 12 Dec 2022 19:18:25 +0000 (19:18 +0000)]
Fix USB hotplug on type-C connectors of Apple Silicon hardware.  The USB
controller on these machines does not see connection events.  Instead we
need to rely on the USB PD controllers to notify us of a new connection
and reset the USB controller.  This diff implements this by adding a new
tipd(4) driver and infrastructure to notify xhci(4) of new connections.

ok patrick@

22 months agoImprove range check to protect against overflow.
kettenis [Mon, 12 Dec 2022 18:45:01 +0000 (18:45 +0000)]
Improve range check to protect against overflow.

ok patrick@

22 months agoBump to LibreSSL 3.7.1
tb [Mon, 12 Dec 2022 14:16:58 +0000 (14:16 +0000)]
Bump to LibreSSL 3.7.1

22 months agoSince bgpctl uses clock_gettime() and struct timespec switch ometric code
claudio [Mon, 12 Dec 2022 09:51:04 +0000 (09:51 +0000)]
Since bgpctl uses clock_gettime() and struct timespec switch ometric code
over to handle struct timespec instead of struct timeval. This way no
extra conversion is needed.
OK tb@

22 months agoRevert sb_state changes to unbreak tree.
tb [Mon, 12 Dec 2022 08:30:22 +0000 (08:30 +0000)]
Revert sb_state changes to unbreak tree.

22 months agoRemove extra : in parameter substitution
afresh1 [Mon, 12 Dec 2022 02:30:51 +0000 (02:30 +0000)]
Remove extra : in parameter substitution

From Rob Whitlock <rwhitlock22 () gmail ! com>

22 months agoThis time, socket's buffer lock requires solock() to be held. As a part of
mvs [Sun, 11 Dec 2022 21:19:08 +0000 (21:19 +0000)]
This time, socket's buffer lock requires solock() to be held. As a part of
socket buffers standalone locking work, move socket state bits which
represent its buffers state to per buffer state. Introduce `sb_state' and
turn SS_CANTSENDMORE to SBS_CANTSENDMORE. This bit will be processed on
`so_snd' buffer only.

Move SS_CANTRCVMORE and SS_RCVATMARK bits with separate diff to make
review easier and exclude possible so_rcv/so_snd mistypes.

Also, don't adjust the remaining SS_* bits right now.

ok millert@

22 months agoAdd a small blurb on @SECLEVEL=n
tb [Sun, 11 Dec 2022 20:53:27 +0000 (20:53 +0000)]
Add a small blurb on @SECLEVEL=n

22 months agoBalance a getifaddrs() with a freeifaddrs(); plugs a leak seen by
otto [Sun, 11 Dec 2022 10:47:37 +0000 (10:47 +0000)]
Balance a getifaddrs() with a freeifaddrs(); plugs a leak seen by
florian@ and myself.  ok florian@

22 months agoUse evcount_percpu() with platform interrupt counters on octeon.
visa [Sun, 11 Dec 2022 05:31:05 +0000 (05:31 +0000)]
Use evcount_percpu() with platform interrupt counters on octeon.

22 months agoCut two cycles from k_tlb_inv() on octeon.
visa [Sun, 11 Dec 2022 05:07:25 +0000 (05:07 +0000)]
Cut two cycles from k_tlb_inv() on octeon.

"If it works, go for it!" miod@

22 months agoRemove unused experimental ICMP6 redirect low water bits
kn [Sat, 10 Dec 2022 23:45:51 +0000 (23:45 +0000)]
Remove unused experimental ICMP6 redirect low water bits

Dead since introduction in 2001 with icmp6.c r1.31:
    implement upper limit to icmp6 redirects (experimental, turned off)
    negative value to {mtudisc,redirect}_{hi,lo}wat will turn off the limitation.
    sync with kame.

icmp6_redirect_lowat was always -1 and never hit the empty conditional.

icmp6_redirect_hiwat never existed.

icmp6_mtudisc_{hi,lo}wat are exposed as net.inet6.icmp6.mtudisc_{hi,lo}wat
sysctl(2)s, so don't touch those for now.

OK mvs

22 months agoReuse off variable from previous line; no object change
kn [Sat, 10 Dec 2022 22:40:58 +0000 (22:40 +0000)]
Reuse off variable from previous line;  no object change

22 months agozap 68 trailing spaces from a single line
kn [Sat, 10 Dec 2022 22:16:24 +0000 (22:16 +0000)]
zap 68 trailing spaces from a single line

22 months ago`dp' was just allocated with M_ZERO flag, so the following bzero(3) is not
mvs [Sat, 10 Dec 2022 21:29:10 +0000 (21:29 +0000)]
`dp' was just allocated with M_ZERO flag, so the following bzero(3) is not
required.

ok kn@

22 months agoMerge nd6_option_init() into nd6_options()
kn [Sat, 10 Dec 2022 21:26:21 +0000 (21:26 +0000)]
Merge nd6_option_init() into nd6_options()

All call-sites call nd6_options() directly after nd6_option_init().
Fold them to simplify the logic and do less pointing around.

Feedback OK bluhm florian

22 months agoIncrease transfer completion timeout to 100ms. This is what Linux has
kettenis [Sat, 10 Dec 2022 18:43:48 +0000 (18:43 +0000)]
Increase transfer completion timeout to 100ms.  This is what Linux has
and we need a longer timeout for the USB Type-C PD chips.

ok tobhe@

22 months agoex_range: fix handling of escaped backslashes.
millert [Sat, 10 Dec 2022 16:06:18 +0000 (16:06 +0000)]
ex_range: fix handling of escaped backslashes.
If there are two consecutive backslashes, skip past both so the
second is not mistakenly treated as an escape character.
This is consistent with how escaped backslashes are treated
in ex_substitute() and global().  From Bosco G. G.

22 months agoalpha: switch to clockintr
cheloha [Sat, 10 Dec 2022 15:02:29 +0000 (15:02 +0000)]
alpha: switch to clockintr

- Add missing tick_nsec initialization to cpu_initclocks().
- Set stathz = hz, profhz = stathz; we don't have any control over the
  interrupt clock on alpha so everything has the same frequency.
- Set schedhz = 16 to imitate current schedclock() dispatch frequency.

Bringup help from claudio@.  Tested by miod@ (2-CPU DS25).

Link: https://marc.info/?l=openbsd-tech&m=166776333303245&w=2
ok mlarkin@

22 months agoMake the accepted log grep pattern more strict in order to not pick up any log
anton [Sat, 10 Dec 2022 12:17:46 +0000 (12:17 +0000)]
Make the accepted log grep pattern more strict in order to not pick up any log
entries from sshd causing intermittent failures.

Discussed with bluhm@ back in August this year.

22 months agobio chain test: compress some error printing
tb [Sat, 10 Dec 2022 10:56:16 +0000 (10:56 +0000)]
bio chain test: compress some error printing

22 months agobio chain test: deduplicate chain walking code
tb [Sat, 10 Dec 2022 10:45:39 +0000 (10:45 +0000)]
bio chain test: deduplicate chain walking code

22 months agobio chain test: handle walking of empty chains
tb [Sat, 10 Dec 2022 10:42:13 +0000 (10:42 +0000)]
bio chain test: handle walking of empty chains

Rework the loops walking the chains to be correct for empty chains as well.
This simplifies the checking at the cost of slightly more initialization
and will allow further refactoring in a subsequent check.

22 months agoMitigate Spectre-BHB by using core-specific trampoline vectors. On some cores
patrick [Sat, 10 Dec 2022 10:13:58 +0000 (10:13 +0000)]
Mitigate Spectre-BHB by using core-specific trampoline vectors.  On some cores
Spectre-BHB can be mitigated by using a loop that branches a number of times.
For cores where this does not suffice, or where Spectre-V2 needs to be handled
as well, try and call into a new PSCI function that mitigates both Spectre-V2
and Spectre-BHB.  Some newer machines, which might not be in anyone's hands
yet, have an instruction (CLRBHB) that clears the BHB.  If ECBHB is set, the
BHB isn't vulnerable.  If we have CSV2_3/HCXT, it's not vulnerable at all.

No visible performance dropoff on a MacchiatoBin (4xA72) or Lenovo x13s (4xA78C+
4xX1C), but around 2-3% on a LX2K (16xA72) and RK3399 (4xA53+2xA72).

ok kettenis@

22 months agoFix comments, no binary change.
aoyama [Sat, 10 Dec 2022 02:41:56 +0000 (02:41 +0000)]
Fix comments, no binary change.

22 months agoSimplify early kernel bootstrap a bit more. Just map the entire 64MB memory
kettenis [Fri, 9 Dec 2022 22:31:31 +0000 (22:31 +0000)]
Simplify early kernel bootstrap a bit more.  Just map the entire 64MB memory
block that the bootloader allocates for us (minus the first 2MB).  This means
we can get rid of a bunch of code in pmap_bootstrap().  It also makes sure
that we don't accidentally enter mappings that cover secure memory just
beyond where the kernel was loaded.

ok patrick@

22 months agoAdd detection for Spectre-BHB related CLRBHB, ECBHB and CSV2_3/HCXT
patrick [Fri, 9 Dec 2022 21:23:24 +0000 (21:23 +0000)]
Add detection for Spectre-BHB related CLRBHB, ECBHB and CSV2_3/HCXT
feature bits.

ok kettenis@

22 months agofix double word and Ar -> Dv;
jmc [Fri, 9 Dec 2022 21:19:53 +0000 (21:19 +0000)]
fix double word and Ar -> Dv;

22 months agoFix typo: SCTX -> SCXT
patrick [Fri, 9 Dec 2022 20:37:39 +0000 (20:37 +0000)]
Fix typo: SCTX -> SCXT

ok kettenis@

22 months agoresolvd: fix leaks of line and fp
tb [Fri, 9 Dec 2022 18:22:35 +0000 (18:22 +0000)]
resolvd: fix leaks of line and fp

In case asprintf() fails or the iov overflows, the file and the line read
would be leaked.

also noted by otto
ok deraadt millert

22 months agoiovcnt can be zero, writev does not like that and O_CREATE is
otto [Fri, 9 Dec 2022 18:11:24 +0000 (18:11 +0000)]
iovcnt can be zero, writev does not like that and O_CREATE is
not needed, we just renamed sucessfully to that file.
ok deraadt@ florian@

22 months agoSwitch nd_opts from a union to just a struct.
claudio [Fri, 9 Dec 2022 17:32:53 +0000 (17:32 +0000)]
Switch nd_opts from a union to just a struct.
The ND6 option handling in the kernel got a lot simpler since only
the tgt and src lladdr option are inspected by the kernel. The magic
of assigning options via one side of the union and accessing them
via the other is total overkill and actually quite error prone.
OK florian@

22 months agobio chain test: add a consistency check for chain lengths
tb [Fri, 9 Dec 2022 17:23:05 +0000 (17:23 +0000)]
bio chain test: add a consistency check for chain lengths

22 months agodocument changes to uvm_map_protect() for setting the UVM_ET_STACK in
deraadt [Fri, 9 Dec 2022 17:16:36 +0000 (17:16 +0000)]
document changes to uvm_map_protect() for setting the UVM_ET_STACK in
some cases (setrlimit, atomically, only kernel reachable, ...)

22 months agobn/Makefile: tidy up and simplify
tb [Fri, 9 Dec 2022 09:56:41 +0000 (09:56 +0000)]
bn/Makefile: tidy up and simplify

22 months agoAllow overriding default run-regress-* targets
tb [Fri, 9 Dec 2022 09:30:54 +0000 (09:30 +0000)]
Allow overriding default run-regress-* targets

Overriding a default run-regress-* target with custom commands is already
possible and done by many tests. The fact that it currently works depends
on behavior in the BUGs section of make.1, however. The fix is not to add
commands if the target is already defined with commands.

tested by anton
correct fix from espie, ok anton

22 months agobio chain test: make two errors noisy
tb [Fri, 9 Dec 2022 07:53:06 +0000 (07:53 +0000)]
bio chain test: make two errors noisy

22 months agobio chain test: ensure the length of empty chains is 0
tb [Fri, 9 Dec 2022 07:47:59 +0000 (07:47 +0000)]
bio chain test: ensure the length of empty chains is 0

22 months agobio chain test: various minor readability tweaks
tb [Fri, 9 Dec 2022 07:46:54 +0000 (07:46 +0000)]
bio chain test: various minor readability tweaks

Align initialization in walk_backward() with walk_forward(), fix grammar
in a comment and move initialization of oldhead_len in a place consistent
with the other length initializations in that function

22 months agoSome TCP timer units have changed from slowhz to msec and their
bluhm [Fri, 9 Dec 2022 00:24:44 +0000 (00:24 +0000)]
Some TCP timer units have changed from slowhz to msec and their
type from short to int.  Also switch local variables holding temporary
timer values from short to int.
OK yasuoka

22 months agoWarn if no host keys for hostbased auth can be loaded. From bz#3507, ok djm@
dtucker [Fri, 9 Dec 2022 00:22:29 +0000 (00:22 +0000)]
Warn if no host keys for hostbased auth can be loaded.  From bz#3507, ok djm@

22 months agoAdd some server debugging for hostbased auth.
dtucker [Fri, 9 Dec 2022 00:17:40 +0000 (00:17 +0000)]
Add some server debugging for hostbased auth.

auth_debug_add queues messages about the auth process which is sent to
the client after successful authentication.  This also sends those to
the server debug log to aid in debugging.  From bz#3507, ok djm@

22 months agoCall vget(9) in uvn_put() to make sure we hold a reference if we're called
kettenis [Thu, 8 Dec 2022 21:32:48 +0000 (21:32 +0000)]
Call vget(9) in uvn_put() to make sure we hold a reference if we're called
by the pagedaemon for a persisting vnode.  This prevents a panic in
uvm_vnp_unache() since a persisting vnode has a reference count of zero.
This should also prevent the vnode from being recycled from under our
feet while we're doing I/O to it.

This fixes the "macppc panic: vref used where vget required" issue.

tested by bluhm@, tb@
ok mpi@

22 months agobio chain test: fix inconsequential off-by-one
tb [Thu, 8 Dec 2022 18:34:00 +0000 (18:34 +0000)]
bio chain test: fix inconsequential off-by-one

22 months agobio chain test: minor readability tweaks
tb [Thu, 8 Dec 2022 18:33:20 +0000 (18:33 +0000)]
bio chain test: minor readability tweaks

22 months agobio chain test: rename a few variables for consistency
tb [Thu, 8 Dec 2022 18:16:28 +0000 (18:16 +0000)]
bio chain test: rename a few variables for consistency

22 months agobio chain test: decouple lengths of test chains
tb [Thu, 8 Dec 2022 18:15:36 +0000 (18:15 +0000)]
bio chain test: decouple lengths of test chains

Add helpers to create and destroy a linear chain of BIOs. Provide two
defines for the two lengths of the test chains and make them distinct
to rule out coincidences. As a bonus, the code becomes simpler.

22 months agobio chain test: refactor link_chains_at()
tb [Thu, 8 Dec 2022 18:12:39 +0000 (18:12 +0000)]
bio chain test: refactor link_chains_at()

Add helper that validate the chains. This deduplicates a lot of code and
makes the heart of the test much easier to read.

22 months agobio chain test: lose some do_{,bio_} prefixes
tb [Thu, 8 Dec 2022 18:10:52 +0000 (18:10 +0000)]
bio chain test: lose some do_{,bio_} prefixes

22 months agoSplit biotest into its three logical parts
tb [Thu, 8 Dec 2022 17:49:02 +0000 (17:49 +0000)]
Split biotest into its three logical parts

Some parts of this test rely on unportable behavior, so cannot run in
portable. This way we can run more tests for portable which is helpful
for analysis tools, better coverage, etc.

22 months agobgpctl(8): ometric: measure elapsed time with monotonic clock
cheloha [Thu, 8 Dec 2022 17:24:39 +0000 (17:24 +0000)]
bgpctl(8): ometric: measure elapsed time with monotonic clock

Prefer CLOCK_MONOTONIC to gettimeofday(2) when measuring elapsed time,
as the UTC clock can jump around.

ok claudio@

22 months agoChange ld.bfd to default to --enable-new-dtags so that it generates
guenther [Thu, 8 Dec 2022 17:15:52 +0000 (17:15 +0000)]
Change ld.bfd to default to --enable-new-dtags so that it generates
DT_RUNPATH tags by default, so that it is consistent with ld.lld.

ok millert@ miod@ kettenis@ kmos@

22 months agoFix DT_MIPS_RLD_MAP_REL
visa [Thu, 8 Dec 2022 13:41:06 +0000 (13:41 +0000)]
Fix DT_MIPS_RLD_MAP_REL

Use proper tag-relative values for DT_MIPS_RLD_MAP_REL tags.

This causes an ABI break on mips64. Your system must have latest ld.so
before applying this commit.

OK deraadt@ kettenis@

22 months agobiotest: Tweak long comment a bit
tb [Thu, 8 Dec 2022 12:27:03 +0000 (12:27 +0000)]
biotest: Tweak long comment a bit

22 months agoPrint skipped on non applicable architectures.
anton [Thu, 8 Dec 2022 12:14:11 +0000 (12:14 +0000)]
Print skipped on non applicable architectures.

22 months agoStop overriding the regress target and use REGRESS_TARGETS instead.
anton [Thu, 8 Dec 2022 12:01:04 +0000 (12:01 +0000)]
Stop overriding the regress target and use REGRESS_TARGETS instead.

22 months agoFix copy-paste error that left a paragraph ending in a comma
tb [Thu, 8 Dec 2022 11:33:58 +0000 (11:33 +0000)]
Fix copy-paste error that left a paragraph ending in a comma

22 months agoAdd BIO_push() and BIO_set_next() regress coverage
tb [Thu, 8 Dec 2022 11:32:27 +0000 (11:32 +0000)]
Add BIO_push() and BIO_set_next() regress coverage

This tests for the behavior changes in bio_lib.c r1.40 and r1.41 and
makes sure that BIO_push() and BIO_set_next() act on two chains in the
expected and now documented way.

22 months agobn_mod_exp test: drop extra parentheses for readability
tb [Thu, 8 Dec 2022 07:18:47 +0000 (07:18 +0000)]
bn_mod_exp test: drop extra parentheses for readability

22 months agoConvert tcptv_keep_init in milliseconds before comparing other values
yasuoka [Thu, 8 Dec 2022 05:59:39 +0000 (05:59 +0000)]
Convert tcptv_keep_init in milliseconds before comparing other values
of tcp time.  This fixes the retransmit timer of syn_cache which was
broken.  reported by naddy, input dlg, test jca

ok jca

22 months agoFix pvbus to specify M_ZERO properly.
yasuoka [Thu, 8 Dec 2022 05:45:36 +0000 (05:45 +0000)]
Fix pvbus to specify M_ZERO properly.

ok kn mvs mlarkin asou deraadt

22 months ago_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
guenther [Thu, 8 Dec 2022 02:11:27 +0000 (02:11 +0000)]
_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
is ELF" world.  Eliminate use of them in landisk code.

ok deraadt@

22 months ago_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
guenther [Thu, 8 Dec 2022 01:25:43 +0000 (01:25 +0000)]
_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
is ELF" world.  Eliminate use of them in amd64, arm64, armv7, i386,
macppc, mips64, and sparc64 code.

ok deraadt@ jca@ krw@

22 months agoForcibly set console output to the framebuffer on the Lenovo x13s.
patrick [Thu, 8 Dec 2022 00:29:06 +0000 (00:29 +0000)]
Forcibly set console output to the framebuffer on the Lenovo x13s.
We should actually do something like checking that both stdout-path
and serial0 don't exist to realize we have to switch, but this hack
gets us going for now.

ok kettenis@

23 months ago_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
guenther [Wed, 7 Dec 2022 23:25:59 +0000 (23:25 +0000)]
_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
is ELF" world.  Eliminate use of them in powerpc64 code.

ok gkoehler@

23 months agoImprove the implementation of BIO_push(3) such that it changes nothing
schwarze [Wed, 7 Dec 2022 23:08:47 +0000 (23:08 +0000)]
Improve the implementation of BIO_push(3) such that it changes nothing
and reports failure if a call would result in a cycle.
The algorithm used was originally suggested by jsing@.
Feedback and OK tb@.

23 months agoThe ACPI tables on the Lenovo x13s are incomplete and unusable. For
patrick [Wed, 7 Dec 2022 23:04:26 +0000 (23:04 +0000)]
The ACPI tables on the Lenovo x13s are incomplete and unusable.  For
that reason, identify that we're running on that machine by looking at
the SMBIOS tables and load alternate device tree binaries from disk.

ok kettenis@

23 months agoAdd references to the BIO_{push,pop}(3) example
tb [Wed, 7 Dec 2022 22:30:15 +0000 (22:30 +0000)]
Add references to the BIO_{push,pop}(3) example

The reader may not know what digest BIOs, Base64 BIOs and file BIOs are
and the relevant function names are non-obvious, hence it's not entirely
trivial to find the manuals where they are explained. With these references
a reader should be able to turn the example into actual code.

ok schwarze

23 months agoDocument 'uidinfo' structure locks.
mvs [Wed, 7 Dec 2022 20:08:28 +0000 (20:08 +0000)]
Document 'uidinfo' structure locks.

Inputs and ok bluhm@

23 months agoAdd END()s to match ENTRY()s.
guenther [Wed, 7 Dec 2022 19:26:39 +0000 (19:26 +0000)]
Add END()s to match ENTRY()s.
ok deraadt@

23 months agoPrefer numeric labels over L<digit> labels, as the latter clutter
guenther [Wed, 7 Dec 2022 19:26:02 +0000 (19:26 +0000)]
Prefer numeric labels over L<digit> labels, as the latter clutter
the final kernel symbol table.
Add END()s to match ENTRY()s.

ok deraadt@

23 months agoPrefer STRONG_ALIAS() over multiple overlapping _ENTRY/_NENTRY
guenther [Wed, 7 Dec 2022 19:21:54 +0000 (19:21 +0000)]
Prefer STRONG_ALIAS() over multiple overlapping _ENTRY/_NENTRY
uses, as the latter requires manual handling of _PROF_PROLOGUE.
Add END()s to match ENTRY()s.

ok deraadt@

23 months agoApply changes from commitid FWrfGfO9Ojnsh1mq to libkern.
guenther [Wed, 7 Dec 2022 18:25:32 +0000 (18:25 +0000)]
Apply changes from commitid FWrfGfO9Ojnsh1mq to libkern.
From original commit message: To mitigate against spectre attacks,
AMD processors without the IBRS feature need an lfence instruction
after every near ret.  See software techniques for managing speculation
on AMD processors revision 9.17.20 mitigation G-5.

ok deraadt@

23 months agoDo not store unused ICMPv6 Option PREFIX_INFORMATION
kn [Wed, 7 Dec 2022 17:34:20 +0000 (17:34 +0000)]
Do not store unused ICMPv6 Option PREFIX_INFORMATION

Dead since 2017 sys/netinet6/nd6_rtr.c r1.163
    Remove sending of router solicitations and processing of router
    advertisements from the kernel. It's handled by slaacd(8) these days.

sysctl(2) net.inet6.icmp6.nd6_debug does not warn about it like it does
for, e.g., duplicate MTU options, so don't do anything with this option.

Remove access macros for other unused options while here.
Eventually, union nd_opts should be removed completely.
All under _KERNEL.

tcpdump(8)/rad(8)/slaacd(8) keep showing/sending/receiving this option when
running this diff on both router and client.

OK claudio

23 months agoFix example string
tb [Wed, 7 Dec 2022 17:17:29 +0000 (17:17 +0000)]
Fix example string

If you want to Base64-encode "Hello World\n" using a BIO, you had better
pass "Hello World\n" into it, not something slightly different... While
we're touching this, we might as well write it the way K&R did...

23 months agoFix comment by splitting sentance in two. From kn@
claudio [Wed, 7 Dec 2022 14:38:29 +0000 (14:38 +0000)]
Fix comment by splitting sentance in two. From kn@

23 months agoFix comment typo.
dtucker [Wed, 7 Dec 2022 11:45:43 +0000 (11:45 +0000)]
Fix comment typo.

23 months agoProcess escape sequences in show-buffer, GitHub issue 3401.
nicm [Wed, 7 Dec 2022 09:44:44 +0000 (09:44 +0000)]
Process escape sequences in show-buffer, GitHub issue 3401.

23 months agoIf the called of ypconnect(2) is root, the socket should acquire a
deraadt [Wed, 7 Dec 2022 01:02:28 +0000 (01:02 +0000)]
If the called of ypconnect(2) is root, the socket should acquire a
reserved port to received secure-maps from the ypserver.
issue found by niklas, using a simpler diff i proposed
ok miod

23 months agoAdd support for additional RTKit endpoint advertised by NVMe firmware that
kettenis [Tue, 6 Dec 2022 23:18:54 +0000 (23:18 +0000)]
Add support for additional RTKit endpoint advertised by NVMe firmware that
comes with newer macOS releases.

ok patrick@

23 months agoZap extra space
tb [Tue, 6 Dec 2022 22:22:42 +0000 (22:22 +0000)]
Zap extra space

23 months agoAdd missing kernel lock around (*if_ioctl)() call within
mvs [Tue, 6 Dec 2022 22:19:39 +0000 (22:19 +0000)]
Add missing kernel lock around (*if_ioctl)() call within
in{,6}_addmulti(). Since kernel lock is no more taken while following
setsockopt() path, it should be taken in this place. Corresponding
in{,6}_delmulti() already acquire kernel lock around (*if_ioctl)().

Problem reported and diff tested by weerd@

ok kn@ bluhm@

23 months agoMajor rewrite for accuracy and clarity, and document BIO_set_next(3).
schwarze [Tue, 6 Dec 2022 21:13:01 +0000 (21:13 +0000)]
Major rewrite for accuracy and clarity, and document BIO_set_next(3).
Feedback and OK tb@.

23 months ago_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
guenther [Tue, 6 Dec 2022 18:50:59 +0000 (18:50 +0000)]
_C_LABEL() and _ASM_LABEL() are no longer useful in the "everything
is ELF" world.  Eliminate use of them in m88k code.

ok aoyama@

23 months agoAdd a few missing headers and drop a few unused ones
tb [Tue, 6 Dec 2022 18:23:29 +0000 (18:23 +0000)]
Add a few missing headers and drop a few unused ones

In bn_test.c include bn_local.h instead of using copy-pasted prototypes.

23 months agoMake sure BIO_push(3) always preserves all invariants of the prev_bio
schwarze [Tue, 6 Dec 2022 17:59:21 +0000 (17:59 +0000)]
Make sure BIO_push(3) always preserves all invariants of the prev_bio
and next_bio fields of all BIO objects in all affected chains, no
matter what the arguments are.
In particular, if the second argument (the one to be appended) is
not at the beginning of its chain, properly detach the beginning
of its chain before appending.

We have weak indications that this bug might affect real-world code.
For example, in FreeRDP, file libfreerdp/crypto/tls.c, function
bio_rdp_tls_ctrl(), case BIO_C_SET_SSL, BIO_push(3) is definitely
called with a second argument that is *not* at the beginning of its
chain.  Admittedly, that code is hard to fathom, but it does appear
to result in a bogus prev_bio pointer without this patch.
The practical impact of this bug in this and other software remains
unknown; the consequences might possibly escalate up to use-after-free
issues if BIO_pop(3) is afterwards called on corrupted BIO objects.

OK tb@