openbsd
2 years agoConvert KVA allocation to km_alloc(9).
kettenis [Mon, 7 Feb 2022 13:16:42 +0000 (13:16 +0000)]
Convert KVA allocation to km_alloc(9).

ok jsg@

2 years agoIn rtredirect() change an bad assignment in an if condition to the
claudio [Mon, 7 Feb 2022 11:03:34 +0000 (11:03 +0000)]
In rtredirect() change an bad assignment in an if condition to the
correct equality check.
Found by and OK jsg@

2 years agosystematically remove setuid/setgid from files before archiving AND
espie [Mon, 7 Feb 2022 09:38:33 +0000 (09:38 +0000)]
systematically remove setuid/setgid from files before archiving AND
during extractions. Those bits belong in a museum^Win the packing-list.

thx naddy@ for checking this thru a bulk.

2 years agoSwitch to stdint.h types like rest of bgpd
claudio [Mon, 7 Feb 2022 09:31:21 +0000 (09:31 +0000)]
Switch to stdint.h types like rest of bgpd

2 years agouse libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually
djm [Mon, 7 Feb 2022 01:25:12 +0000 (01:25 +0000)]
use libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually
hashing data outselves. Saves a fair bit of code and makes life easier
for some -portable platforms.

2 years agoAdd test for empty hostname with port.
dtucker [Sun, 6 Feb 2022 22:58:33 +0000 (22:58 +0000)]
Add test for empty hostname with port.

2 years agoAvoid touching "locked" DARTs. While there, print something when we place
kettenis [Sun, 6 Feb 2022 19:10:07 +0000 (19:10 +0000)]
Avoid touching "locked" DARTs.  While there, print something when we place
a DART in bypass mode.

ok patrick@

2 years agos/poll/pool
rob [Sun, 6 Feb 2022 17:24:58 +0000 (17:24 +0000)]
s/poll/pool

2 years agoRemove i <= 0 checks from SSL_get_error()
jsing [Sun, 6 Feb 2022 16:11:58 +0000 (16:11 +0000)]
Remove i <= 0 checks from SSL_get_error()

In order for SSL_get_error() to work with SSL_read_ex() and SSL_write_ex()
the error handling needs to be performed without checking i <= 0. This is
effectively part of OpenSSL 8051ab2b6f8 and should bring the behaviour of
SSL_get_error() largely inline with OpenSSL 1.1.

Issue reported by Johannes Nixdorf.

ok inoguchi@ tb@

2 years agoHandle zero byte reads/writes that trigger handshakes in the TLSv1.3 stack.
jsing [Sun, 6 Feb 2022 16:08:14 +0000 (16:08 +0000)]
Handle zero byte reads/writes that trigger handshakes in the TLSv1.3 stack.

With the legaacy stack, it is possible to do a zero byte SSL_read() or
SSL_write() that triggers the handshake, but then returns zero without
SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE being flagged. This currently
works in the TLSv1.3 stack by returning TLS_IO_WANT_POLLIN or
TLS_IO_WANT_POLLOUT, which is then hidden by SSL_get_error().

However, due to upcoming changes to SSL_get_error() this will no longer be
the case. In order to maintain the existing legacy behaviour, explicitly
handle zero byte reads and writes in the TLSv1.3 stack, following
completion of a handshake.

ok inoguchi@ tb@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Sun, 6 Feb 2022 15:52:23 +0000 (15:52 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by visa@

ok visa@

2 years agofix jobs and -j description: dpb uses hw.ncpuonline since
op [Sun, 6 Feb 2022 13:56:14 +0000 (13:56 +0000)]
fix jobs and -j description: dpb uses hw.ncpuonline since
ports/infrastructure/lib/DPB/Core/Init.pm revision 1.32

OK espie

2 years agoAllow installation on a disk with a GPT.
visa [Sun, 6 Feb 2022 11:29:18 +0000 (11:29 +0000)]
Allow installation on a disk with a GPT.

OK krw@

2 years agoSimplify cursig() a bit and make sure that signals are always sent to
claudio [Sun, 6 Feb 2022 09:57:59 +0000 (09:57 +0000)]
Simplify cursig() a bit and make sure that signals are always sent to
the parent of ptraced processes. Especially ignore the signal mask set
by sigprocmask(2) in that case. In userret() alter the testcase for
when to call cursig() which is only there to avoid taking the
KERNEL_LOCK when returning from a MP safe syscall. This can be revisited
once cursig() is MP safe.
Problem with debugging signal handlers found by kurt@
Tested and OK kurt@, OK mpi@

2 years agoSwitch from u_intX_t types to stdint.h uintX_t like it was done in bgpd.
claudio [Sun, 6 Feb 2022 09:52:32 +0000 (09:52 +0000)]
Switch from u_intX_t types to stdint.h uintX_t like it was done in bgpd.
OK florian@ tb@

2 years agoSwitch from u_intX_t types to stdint.h uintX_t. Mostly mechanical with
claudio [Sun, 6 Feb 2022 09:51:19 +0000 (09:51 +0000)]
Switch from u_intX_t types to stdint.h uintX_t. Mostly mechanical with
a few reindents.
OK florian@ tb@

2 years agocope with recent S3I removal; ok tb@
anton [Sun, 6 Feb 2022 09:19:46 +0000 (09:19 +0000)]
cope with recent S3I removal; ok tb@

2 years agonow that APM_BATT_CHARGING is also set in acpi and on some m1 devices
robert [Sun, 6 Feb 2022 09:07:42 +0000 (09:07 +0000)]
now that APM_BATT_CHARGING is also set in acpi and on some m1 devices
enable support for displaying an estimate recharge time in apm(d)

e.g:
Battery state: charging, 95% remaining, 11 minutes recharge time estimate
Battery state: charging, 97% remaining, 8 minutes recharge time estimate
Battery state: charging, 98% remaining, 6 minutes recharge time estimate
Battery state: charging, 99% remaining, 3 minutes recharge time estimate
Battery state: charging, 99% remaining, 1 minutes recharge time estimate
Battery state: charging, 99% remaining, 0 minutes recharge time estimate

ok jca@

2 years agoremove please from manual pages
jsg [Sun, 6 Feb 2022 00:29:02 +0000 (00:29 +0000)]
remove please from manual pages
ok jmc@ sthen@ millert@

2 years agoFix UB "shift-out-of-bounds" in battlestar
gnezdo [Sat, 5 Feb 2022 23:00:20 +0000 (23:00 +0000)]
Fix UB "shift-out-of-bounds" in battlestar

OK millert@

2 years agoypldap: fix -Wunused-but-set-variable warnings
naddy [Sat, 5 Feb 2022 22:59:58 +0000 (22:59 +0000)]
ypldap: fix -Wunused-but-set-variable warnings

* wrlen has been write-only since the code was imported
* removing "dns_pid" mirrors ntpd/ntp.c 1.122
* ifdef out unfinished code in yp_check()

ok millert@ deraadt@

2 years agogrow the dmesg buffer on i386 from 4 to 8 pages
daniel [Sat, 5 Feb 2022 20:31:26 +0000 (20:31 +0000)]
grow the dmesg buffer on i386 from 4 to 8 pages

I have a machine where the dmesg is too big for 4 pages.

ok deraadt@

2 years agoAdapt appstest.sh for the new TLS_ names.
tb [Sat, 5 Feb 2022 18:36:08 +0000 (18:36 +0000)]
Adapt appstest.sh for the new TLS_ names.

2 years agoAdd a workaround due to OpenSSL's limitation of SSL_CTX_set_cipher_list
tb [Sat, 5 Feb 2022 18:34:06 +0000 (18:34 +0000)]
Add a workaround due to OpenSSL's limitation of SSL_CTX_set_cipher_list

SSL_CTX_set_cipher_list() in OpenSSL 1.1 does not accept TLSv1.3 ciphers.
This wasn't a problem until now since the AEAD- ciphers were counted as
distinct from TLS_ ciphers by the regress test, so they were never used
in the {run,check}-cipher-${cipher}-client-${clib}-server-${slib} tests

With the renaming, the TLSv1.3 ciphers are now considered as common
ciphers, so they're tested. With openssl11 this results in

0:error:1410D0B9:SSL routines:SSL_CTX_set_cipher_list:no cipher match:ssl/ssl_lib.c:2573:

The design of these tests doesn't allow easily adding a call to
SSL_CTX_set_ciphersuites (since they also need to work with openssl 1.0.2)
so skip the TLS_* ciphers for the time being.

2 years agoMechanically adjust from AEAD- to TLS_ to adjust to the new cipher names.
tb [Sat, 5 Feb 2022 18:21:09 +0000 (18:21 +0000)]
Mechanically adjust from AEAD- to TLS_ to adjust to the new cipher names.

2 years agoAdjust the ssl_get_shared_ciphers to the new names.
tb [Sat, 5 Feb 2022 18:19:39 +0000 (18:19 +0000)]
Adjust the ssl_get_shared_ciphers to the new names.

2 years agoSwitch TLSv1.3 cipher names from AEAD- to OpenSSL's TLS_
tb [Sat, 5 Feb 2022 18:18:18 +0000 (18:18 +0000)]
Switch TLSv1.3 cipher names from AEAD- to OpenSSL's TLS_

OpenSSL chose to break the previous naming convention for ciphers and
to adopt TLS_* "RFC" names instead. Unfortunately, these names are
exposed in several APIs and some language bindings test for these
non-standard names instead of cipher values, which is ... unfortunate
(others would say "plain crazy").

We currently have to maintain patches in regress and ports (p5-Net-SSLeay,
openssl-ruby-tests - which means that Ruby will pick this up at some point)
to work around this difference and that's just not worth the effort.

The old AEAD- names will become aliases and continue to work, but in
openssl ciphers and netcat output the TLS_* names will now be displayed.

"I would be very happy if this gets committed" bluhm
ok beck inoguchi, begrudgingly ok jsing

2 years agoProvide logbl(3) when long double is double
gkoehler [Sat, 5 Feb 2022 17:11:56 +0000 (17:11 +0000)]
Provide logbl(3) when long double is double

bcallah@ had same diff
ok guenther@

2 years agoRevise for S3I removal.
jsing [Sat, 5 Feb 2022 14:54:40 +0000 (14:54 +0000)]
Revise for S3I removal.

2 years agoBye bye S3I.
jsing [Sat, 5 Feb 2022 14:54:10 +0000 (14:54 +0000)]
Bye bye S3I.

S3I has served us well, however now that libssl is fully opaque it is time
to say goodbye. Aside from removing the calloc/free/memset, the rest is
mechanical sed.

ok inoguchi@ tb@

2 years agoSwitch vmapbuf() and vunmapbuf() over to km_alloc(9) and km_free(9) like
kettenis [Sat, 5 Feb 2022 09:37:06 +0000 (09:37 +0000)]
Switch vmapbuf() and vunmapbuf() over to km_alloc(9) and km_free(9) like
we did for arm64 and powerpc64 some time ago.

ok guenther@

2 years agoOnly install the sensors once as multiple devices can be paired with the
anton [Sat, 5 Feb 2022 07:31:40 +0000 (07:31 +0000)]
Only install the sensors once as multiple devices can be paired with the
same receiver. Prevents a newly added assertion from triggering.

Problem reported by Joel Carnat <joel at carnat dot net> on bugs@

2 years agomake bpf_movein align the packet payload.
dlg [Sat, 5 Feb 2022 04:08:27 +0000 (04:08 +0000)]
make bpf_movein align the packet payload.

bluhm@ hit a problem while running a regress test where a packet
generated and injected via bpf ends up being consumed by the network
stack. the stack assumes that packets are aligned properly, but bpf
was lazy and put whatever was written to it at the start of an mbuf.
ethernet has a 14 byte header, so if you put that at the start the
payload will be misaligned by 2 bytes.

bpf already has handling for different link header types, so this
handling is extended a bit to align the payload after the link
header.

while here we're fixing up a few error codes. short packets produce
EINVAL instead of EPERM, and packets larger than the biggest mbuf
the kernel supports generates EMSGSIZE.

with tweaks and ok bluhm@

2 years agoremove an extra set of brackets. no functional change.
dlg [Sat, 5 Feb 2022 03:56:16 +0000 (03:56 +0000)]
remove an extra set of brackets. no functional change.

2 years agoWrap some annoyingly long lines.
krw [Fri, 4 Feb 2022 23:32:17 +0000 (23:32 +0000)]
Wrap some annoyingly long lines.

2 years agoAdd prototype for clock_set_frequency_idx().
kettenis [Fri, 4 Feb 2022 22:24:09 +0000 (22:24 +0000)]
Add prototype for clock_set_frequency_idx().

2 years ago%llu should be enough for anybody, no need to use %lld/(long long) for
krw [Fri, 4 Feb 2022 18:21:33 +0000 (18:21 +0000)]
%llu should be enough for anybody, no need to use %lld/(long long) for
uint64_t values.

2 years agoDefine __HAVE_PMAP_MPSAFE_ENTER_COW; the ARMv8 architecture requires
kettenis [Fri, 4 Feb 2022 18:15:40 +0000 (18:15 +0000)]
Define __HAVE_PMAP_MPSAFE_ENTER_COW; the ARMv8 architecture requires
that we implement proper "break-before-make" semantics and I've stared
at the code for long enough that I've convinced myself that we do indeed
implement this correctly several times.

ok guenther@

2 years agoUse the '-b' to create boot partitions instead of '-e' scripts.
krw [Fri, 4 Feb 2022 18:12:47 +0000 (18:12 +0000)]
Use the '-b' to create boot partitions instead of '-e' scripts.

Media creation & subsequent installation tests by visa@

ok visa@

2 years agowhitelist resolv.conf for stat. go dns library does this.
tedu [Fri, 4 Feb 2022 17:50:28 +0000 (17:50 +0000)]
whitelist resolv.conf for stat. go dns library does this.
ok deraadt

2 years agoMore consistency in the return code docs.
tb [Fri, 4 Feb 2022 16:50:49 +0000 (16:50 +0000)]
More consistency in the return code docs.

2 years agoDocument certificate_policies() in a comment.
tb [Fri, 4 Feb 2022 16:50:01 +0000 (16:50 +0000)]
Document certificate_policies() in a comment.

2 years agoBump libressl's version in pkgconfig to 2.0.0
tb [Fri, 4 Feb 2022 16:42:15 +0000 (16:42 +0000)]
Bump libressl's version in pkgconfig to 2.0.0

LibreSSL's pc files effectively hardcode the version to 1.0.0 since
LibreSSL exists. That probably never made much sense. This causes
some pain for ports that "need 'openssl' ['>= +1.1.0'] found '1.0.0'"
or similar while they would build perfectly fine with LibreSSL.
This only affects OpenBSD. We do not put the actual LibreSSL version
in there since it may cause trouble

Discussed with sthen, millert, inoguchi, beck over the past year.

Diff from/ok sthen

2 years agoRemove a strange inheritance check from addr_validate_path_internal()
tb [Fri, 4 Feb 2022 16:34:15 +0000 (16:34 +0000)]
Remove a strange inheritance check from addr_validate_path_internal()

The trust anchor can't inherit, but the code says that it can inherit
just not if the leaf tries to inherit from that. This makes no sense
and doesn't match what is done on the asid side.

ok jsing

2 years agowhitespace
tb [Fri, 4 Feb 2022 16:29:43 +0000 (16:29 +0000)]
whitespace

2 years agoEnsure that certificate policies follow RFC 7318
tb [Fri, 4 Feb 2022 16:28:20 +0000 (16:28 +0000)]
Ensure that certificate policies follow RFC 7318

RFC 7318 makes requirements on the certificate policy extension imposed
by RFC 6487 a bit stricter. It requires that exactly one policy OID is
present and that it be id-cp-ipAddr-asNumber and if there is a policy
qualifier it must be id-qt-cps. These are requirements that the X.509
verifier's policy code can't enforce, so unpack the certificate policy
extension by hand and check that it matches expectations.

ok claudio

2 years agoEnforce Certificate Policy for RPKI
tb [Fri, 4 Feb 2022 16:21:11 +0000 (16:21 +0000)]
Enforce Certificate Policy for RPKI

RFCs 6384 defines a certificate policy for RPKI. Ensure that the verifier
builds a certification path that follows this OID: set up a policy on the
X509_STORE_CTX's verify parameters and set initial-explicit-policy and
initial-policy-mapping-inhibit.

Pointed out by Ties de Kock

ok claudio

2 years agoAdd id-cp-ipAddr-asNumber OID to x509_init_oid()
tb [Fri, 4 Feb 2022 16:08:53 +0000 (16:08 +0000)]
Add id-cp-ipAddr-asNumber OID to x509_init_oid()

Unfortunately, NID_ipAddr_asNumber is not available in LibreSSL < 3.3
and OpenSSL, so load its OID by hand to help -portable. This will be
used for certificate policy checks.

ok claudio

2 years agoNow that installboot(8) creates the startup.nsh file, remove the shell
kettenis [Fri, 4 Feb 2022 16:08:39 +0000 (16:08 +0000)]
Now that installboot(8) creates the startup.nsh file, remove the shell
scripting doing the same thing from here.

ok deraadt@, visa@

2 years agoRemove CHS information from internal representation of MBR partitions. Generate
krw [Fri, 4 Feb 2022 14:07:56 +0000 (14:07 +0000)]
Remove CHS information from internal representation of MBR  partitions. Generate
CHS information as required when writing MBR to disk, editing a partition in CHS
mode or printing MBR.

No intentional functional change.

2 years agoFix outdated comment
job [Fri, 4 Feb 2022 13:50:32 +0000 (13:50 +0000)]
Fix outdated comment

Nowadays SKI/AKI validation happens in proc_parser_roa()

2 years agoTest that a non conforming xmlns attribute results in a failure.
claudio [Fri, 4 Feb 2022 13:11:14 +0000 (13:11 +0000)]
Test that a non conforming xmlns attribute results in a failure.

2 years agoFix xmlns URI, I guess I search and replaced too much in this file.
claudio [Fri, 4 Feb 2022 13:05:47 +0000 (13:05 +0000)]
Fix xmlns URI, I guess I search and replaced too much in this file.
Update hash in the Makefile.inc since it changed as well.
Noticed by anton@

2 years agoRename sockaddr_un sun to sa_un since sun is defined on illumos systems.
claudio [Fri, 4 Feb 2022 12:01:33 +0000 (12:01 +0000)]
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems.
OK dlg@

2 years agoRename sockaddr_un sun to sa_un since sun is defined on illumos systems.
claudio [Fri, 4 Feb 2022 12:01:12 +0000 (12:01 +0000)]
Rename sockaddr_un sun to sa_un since sun is defined on illumos systems.
OK dlg@

2 years agoUse ACS for pane border indicators so they work with different line
nicm [Fri, 4 Feb 2022 11:57:22 +0000 (11:57 +0000)]
Use ACS for pane border indicators so they work with different line
types, from Thomas Adam.

2 years agoset the APM_BATT_CHARGING state if the battery is being charged and try
robert [Fri, 4 Feb 2022 08:06:48 +0000 (08:06 +0000)]
set the APM_BATT_CHARGING state if the battery is being charged and try
to calculate the remaining time to be fully charged

ok jca@

2 years agoFix another instance of incorrect capitalization of ChaCha20.
tb [Fri, 4 Feb 2022 07:59:54 +0000 (07:59 +0000)]
Fix another instance of incorrect capitalization of ChaCha20.

pointed out by jmc

2 years agoAdd unit tests for hpdelim.
dtucker [Fri, 4 Feb 2022 07:53:44 +0000 (07:53 +0000)]
Add unit tests for hpdelim.

2 years agoSince they are deprecated, move DSA to the end of the default list of
dtucker [Fri, 4 Feb 2022 02:49:17 +0000 (02:49 +0000)]
Since they are deprecated, move DSA to the end of the default list of
public keys so that they will be tried last.  From github PR#295 from
"ProBackup-nl", ok djm@

2 years agoFix capitalization of ChaCha20
tb [Fri, 4 Feb 2022 00:55:52 +0000 (00:55 +0000)]
Fix capitalization of ChaCha20

2 years agostore root bridge data in softc before calling intel_init_stolen_res()
jsg [Thu, 3 Feb 2022 22:24:09 +0000 (22:24 +0000)]
store root bridge data in softc before calling intel_init_stolen_res()
should fix panic on boot on x41 reported by Fred Crowson

2 years agoThe sparc64 pmap at least requires the fault access_type to be a
guenther [Thu, 3 Feb 2022 19:57:11 +0000 (19:57 +0000)]
The sparc64 pmap at least requires the fault access_type to be a
subset of the request permissions, so when forcing an initial RO
fault for CoW also clamp the access_type.

problem reported by bluhm@
based on a suggestion from miod@
ok kettenis@

2 years agoUnindent and unwrap lines. Pull up a NULL check. No functional change.
tb [Thu, 3 Feb 2022 18:40:34 +0000 (18:40 +0000)]
Unindent and unwrap lines. Pull up a NULL check. No functional change.

2 years agoRemove commented variable declarations
tb [Thu, 3 Feb 2022 18:35:24 +0000 (18:35 +0000)]
Remove commented variable declarations

2 years agoEnforce the RRDP XMLNS to "http://www.ripe.net/rpki/rrdp"
claudio [Thu, 3 Feb 2022 18:19:32 +0000 (18:19 +0000)]
Enforce the RRDP XMLNS to "www.ripe.net/rpki/rrdp"
Missing check reported by Ties de Kock
OK tb@ benno@

2 years agoFix copy-paste error: X509_V_ERR_CRL_SIGNATURE_FAILURE means that the
tb [Thu, 3 Feb 2022 18:05:31 +0000 (18:05 +0000)]
Fix copy-paste error: X509_V_ERR_CRL_SIGNATURE_FAILURE means that the
CRL's signature is invalid, not the certificate's.

2 years agoUse X509_*get0_pubkey() wherever possible to simplify and clean up
tb [Thu, 3 Feb 2022 17:44:04 +0000 (17:44 +0000)]
Use X509_*get0_pubkey() wherever possible to simplify and clean up
the code. Also add error checking where possible.

ok jsing

2 years agoRemove some stale comments.
tb [Thu, 3 Feb 2022 17:42:54 +0000 (17:42 +0000)]
Remove some stale comments.

ok jsing

2 years agoTime for rpki-client 7.6
claudio [Thu, 3 Feb 2022 17:26:17 +0000 (17:26 +0000)]
Time for rpki-client 7.6
OK benno@

2 years agoOn i386 run-regress-ungc fails with EINVAL. It passes uninitialized
bluhm [Thu, 3 Feb 2022 17:22:01 +0000 (17:22 +0000)]
On i386 run-regress-ungc fails with EINVAL.  It passes uninitialized
data from struct msghdr to system call sendmsg(2).  Fix the controllen
and make error messages unique.
OK mvs@

2 years agoDelete unused/obsolete M_* type values.
guenther [Thu, 3 Feb 2022 17:18:22 +0000 (17:18 +0000)]
Delete unused/obsolete M_* type values.

ok miod@ mpi@

2 years agoUse UVM_KMF_TRYLOCK for consistency
kn [Thu, 3 Feb 2022 17:06:09 +0000 (17:06 +0000)]
Use UVM_KMF_TRYLOCK for consistency

No object change.
OK millert

2 years agoCleanup/simplify ssl_cert_type()
jsing [Thu, 3 Feb 2022 16:33:12 +0000 (16:33 +0000)]
Cleanup/simplify ssl_cert_type()

Remove the X509 argument as it is unused - this was passed so that
ssl_cert_type() can get the public key from the X509 object if the
EVP_PKEY argument is NULL, however this is never the case.

ok tb@

2 years agofdisk(8): Make -A preserve BIOS boot partition
visa [Thu, 3 Feb 2022 13:24:04 +0000 (13:24 +0000)]
fdisk(8): Make -A preserve BIOS boot partition

On PolarFire SoC, the HSS firmware loads HSS payload from BIOS boot
partition. Typically the payload carries second-stage low-level boot
code, such as U-Boot. If the payload is missing, the SoC is not able
to boot normally. Hence automatic disk formatting should not delete
the partition.

OK krw@

2 years agoAdjust size given to resize-pane for pane status line, GitHub issue
nicm [Thu, 3 Feb 2022 11:06:11 +0000 (11:06 +0000)]
Adjust size given to resize-pane for pane status line, GitHub issue
3050.

2 years agoUse installboot(8) in install.md of riscv64.
visa [Thu, 3 Feb 2022 10:27:33 +0000 (10:27 +0000)]
Use installboot(8) in install.md of riscv64.

OK kettenis@ deraadt@

2 years agoinstallboot(8): Adjustments for EFI platforms
visa [Thu, 3 Feb 2022 10:25:14 +0000 (10:25 +0000)]
installboot(8): Adjustments for EFI platforms

Reduce #ifdef'ing within the control logic to make it clearer that there
are no essential differences in behaviour between the platforms.

Make installboot(8) write startup.nsh to enable simpler and more consistent
code in install.md.

Input and OK kettenis@ deraadt@

2 years agoRename armv7_installboot.c to efi_installboot.c.
visa [Thu, 3 Feb 2022 10:21:13 +0000 (10:21 +0000)]
Rename armv7_installboot.c to efi_installboot.c.

The code is common to EFI platforms, not specific to armv7.

Suggested by kettenis@

2 years agoUse format_draw for command prompt prefix to allow styles, GitHub issue
nicm [Thu, 3 Feb 2022 10:07:11 +0000 (10:07 +0000)]
Use format_draw for command prompt prefix to allow styles, GitHub issue
3054.

2 years agoUpdate focus when active pane changes after pane destroyed.
nicm [Thu, 3 Feb 2022 07:38:17 +0000 (07:38 +0000)]
Update focus when active pane changes after pane destroyed.

2 years agoAdd a key in copy mode to toggle position indicator.
nicm [Thu, 3 Feb 2022 07:26:43 +0000 (07:26 +0000)]
Add a key in copy mode to toggle position indicator.

2 years agointeldrm now requires ttm
jsg [Thu, 3 Feb 2022 04:45:01 +0000 (04:45 +0000)]
inteldrm now requires ttm

2 years agosync list of amdgpu files built with -msse -msse2 with linux 5.15.y
jsg [Thu, 3 Feb 2022 02:39:45 +0000 (02:39 +0000)]
sync list of amdgpu files built with -msse -msse2 with linux 5.15.y

2 years agoAdd apldma(4), a driver for the DMA controller found on Apple SoCs.
kettenis [Wed, 2 Feb 2022 22:55:57 +0000 (22:55 +0000)]
Add apldma(4), a driver for the DMA controller found on Apple SoCs.
This driver implements an interface for using DMA for audio output.

ok ratchov@

2 years agoGet the pci bus number from the bus-range property when available, rather
miod [Wed, 2 Feb 2022 17:11:36 +0000 (17:11 +0000)]
Get the pci bus number from the bus-range property when available, rather
than assuming it will always be zero.

ok kettenis@

2 years agoWhen a RRDP fetch failed not only clear the filesystem but also flush
claudio [Wed, 2 Feb 2022 15:13:00 +0000 (15:13 +0000)]
When a RRDP fetch failed not only clear the filesystem but also flush
the to delete list stored this RRDP node.
Noticed by Job on console.rpki-client.org with the help of idnic.net
OK tb@

2 years agoAdd missing mode argument to open(2) with O_CREAT.
visa [Wed, 2 Feb 2022 13:22:10 +0000 (13:22 +0000)]
Add missing mode argument to open(2) with O_CREAT.

2 years agotypo
tb [Wed, 2 Feb 2022 12:10:40 +0000 (12:10 +0000)]
typo

2 years agoacpi_addtask() calls malloc() w/ M_NOWAIT (because some calls come from
deraadt [Wed, 2 Feb 2022 04:05:16 +0000 (04:05 +0000)]
acpi_addtask() calls malloc() w/ M_NOWAIT (because some calls come from
interrupt context), this however means occasional resource shortage will
result in callbacks registration failing, and unknown consequences for
the task-submitting caller.
Changing this to use pools with a low water mark, decreases the odds
of that problem occuring.
ok kettenis

2 years agounifdef __OpenBSD__
jsg [Wed, 2 Feb 2022 03:55:29 +0000 (03:55 +0000)]
unifdef __OpenBSD__

2 years agounifdef __NetBSD_Version__
jsg [Wed, 2 Feb 2022 03:48:48 +0000 (03:48 +0000)]
unifdef __NetBSD_Version__

2 years agodrm/amd/display: Fix FP start/end for dcn30_internal_validate_bw.
jsg [Wed, 2 Feb 2022 02:56:36 +0000 (02:56 +0000)]
drm/amd/display: Fix FP start/end for dcn30_internal_validate_bw.

From Bas Nieuwenhuizen
548f20b39ec91fdd97194a84a0d9b2f68715762a in linux 5.15.y/5.15.19
72a8d87b87270bff0c0b2fed4d59c48d0dd840d7 in mainline linux

2 years agodrm/atomic: Add the crtc to affected crtc only if uapi.enable = true
jsg [Wed, 2 Feb 2022 02:51:53 +0000 (02:51 +0000)]
drm/atomic: Add the crtc to affected crtc only if uapi.enable = true

From Manasi Navare
73740f948252e424a01465155d8737bceae23653 in linux 5.15.y/5.15.19
5ec1cebd59300ddd26dbaa96c17c508764eef911 in mainline linux

2 years agotest 'ssh-keygen -Y find-principals' with wildcard principals;
djm [Tue, 1 Feb 2022 23:37:15 +0000 (23:37 +0000)]
test 'ssh-keygen -Y find-principals' with wildcard principals;
from Fabian Stelzer

2 years agoallow 'ssh-keygen -Y find-principals' to match wildcard principals
djm [Tue, 1 Feb 2022 23:34:47 +0000 (23:34 +0000)]
allow 'ssh-keygen -Y find-principals' to match wildcard principals
in allowed_signers files; from Fabian Stelzer

2 years agomark const string array contents const too, i.e.
djm [Tue, 1 Feb 2022 23:32:51 +0000 (23:32 +0000)]
mark const string array contents const too, i.e.
static const char *array => static const char * const array
from Mike Frysinger

2 years agocall intel_init_stolen_res() lost in drm 5.7 update
jsg [Tue, 1 Feb 2022 23:29:07 +0000 (23:29 +0000)]
call intel_init_stolen_res() lost in drm 5.7 update

2 years agoget stolen memory base and size for gen 12
jsg [Tue, 1 Feb 2022 23:26:27 +0000 (23:26 +0000)]
get stolen memory base and size for gen 12

2 years agobetter match legacy scp behaviour: show un-expanded paths in error
djm [Tue, 1 Feb 2022 23:11:11 +0000 (23:11 +0000)]
better match legacy scp behaviour: show un-expanded paths in error
messages. Spotted by and ok tb@