openbsd
2 years agoCopy the FDT into a larger buffer such that we have space to add additional
kettenis [Tue, 22 Mar 2022 10:33:50 +0000 (10:33 +0000)]
Copy the FDT into a larger buffer such that we have space to add additional
nodes and properties to it like we do on arm64 and armv7.

ok patrick@

2 years agoAfter copying the FDT into a new larger buffer, adjust the FDT size to
kettenis [Tue, 22 Mar 2022 10:32:10 +0000 (10:32 +0000)]
After copying the FDT into a new larger buffer, adjust the FDT size to
reflect the size of the new buffer like we do on arm64.

ok patrick@

2 years agoMake sure kernel longjmp always returns 1 rather than what turns out to be
miod [Tue, 22 Mar 2022 06:51:12 +0000 (06:51 +0000)]
Make sure kernel longjmp always returns 1 rather than what turns out to be
in a register at call-time.
with & ok jsg@

2 years agoFix wrong comment in sendsig(), and remove unused dumpframe()
miod [Tue, 22 Mar 2022 06:49:25 +0000 (06:49 +0000)]
Fix wrong comment in sendsig(), and remove unused dumpframe()
ok jsg@

2 years agoDo not bother initializing a0 with a special value in setregs, that's a
miod [Tue, 22 Mar 2022 06:48:36 +0000 (06:48 +0000)]
Do not bother initializing a0 with a special value in setregs, that's a
FreeBSDism we have no need for.
ok jsg@

2 years agoChange VM_MIN_ADDRESS to PAGE_SIZE to forbid mapping anything at virtual
miod [Tue, 22 Mar 2022 06:47:38 +0000 (06:47 +0000)]
Change VM_MIN_ADDRESS to PAGE_SIZE to forbid mapping anything at virtual
address zero, as done on all other platforms.
ok deraadt@ kettenis@

2 years agoDo not pretend there exist MD code for byte swapping yet provide copies
miod [Tue, 22 Mar 2022 06:46:45 +0000 (06:46 +0000)]
Do not pretend there exist MD code for byte swapping yet provide copies
of the MI fallback code; ok deraadt@ jsg@

2 years agoFor multicast and broadcast packets udp_input() traverses the loop
bluhm [Mon, 21 Mar 2022 23:37:09 +0000 (23:37 +0000)]
For multicast and broadcast packets udp_input() traverses the loop
of all UDP PCBs.  From there it calls udp_sbappend() while holding
the UDP table mutex.  This ends in sorwakeup() where we finally
grab the kernel lock while holding a mutex.  Witness detects this
misuse.
Use the same solution as for PCB notify.  Collect the affected PCBs
in a temporary list.  The list is protected by exclusive net lock.
Reported-by: syzbot+7596cb96fb9f3c9d6f4f@syzkaller.appspotmail.com
OK sashan@

2 years agoReduce dmesg spam by nor printing the "Apple" firmware name.
kettenis [Mon, 21 Mar 2022 19:46:56 +0000 (19:46 +0000)]
Reduce dmesg spam by nor printing the "Apple" firmware name.

ok patrick@

2 years agoFix whitespace. Wrap long lines. Adjust outdated comment.
bluhm [Mon, 21 Mar 2022 19:39:56 +0000 (19:39 +0000)]
Fix whitespace.  Wrap long lines.  Adjust outdated comment.

2 years agoConstify struct {audio,midi,radio,video}_hw_if. No functional change.
miod [Mon, 21 Mar 2022 19:22:39 +0000 (19:22 +0000)]
Constify struct {audio,midi,radio,video}_hw_if. No functional change.

ok mpi@ ratchov@ "More const is good" deraadt@

2 years agoRemove the active prefix cache in struct rib_entry. I need the space
claudio [Mon, 21 Mar 2022 17:35:56 +0000 (17:35 +0000)]
Remove the active prefix cache in struct rib_entry. I need the space
and it also makes less sense to track this with ECMP or add-path.
Replace the re->active access with prefix_best(re) which does the
check on the spot.
Feedback and OK tb@

2 years agoPrevent crash of unprivileged engine process (pledged stdio).
florian [Mon, 21 Mar 2022 16:25:47 +0000 (16:25 +0000)]
Prevent crash of unprivileged engine process (pledged stdio).

The length field of a DNS label in the DNS search list option is an 8
bit unsigned value. parse_dnssl() treats the search list option as an
array of char, which are signed on most archs. When we read this value
into an int variable it gets sign extended, allowing it to bypass
sanity checks and eventually we pass it as the length to memcpy which
treats it as a huge unsigned value leading to a heap overflow.

An easy fix would be change the signature of parse_dnssl to
parse_dnssl(uint8_t* data, int datalen).

However, the DNS search list option is unused and the function fails
to check if the parsed value is a valid domain name. The function is
also getting in the way of future work so it's best to just delete it.

The problem was found and reported by qualys, thanks!

OK bluhm

2 years agoDisplay the supported media list in a similar way to the other drivers,
miod [Mon, 21 Mar 2022 14:56:16 +0000 (14:56 +0000)]
Display the supported media list in a similar way to the other drivers,
without angle brackets.

ok jmc@

2 years agoUpdate hw.power whenever we refresh the AC state. This makes sure the state
kettenis [Mon, 21 Mar 2022 13:38:34 +0000 (13:38 +0000)]
Update hw.power whenever we refresh the AC state.  This makes sure the state
doesn't get out of sync with what apm(8) reports if power is plugged or
unplugged when a machine is suspended.  Which in turn makes sure the machine
properly goes into a low CPU P-state when requested.

ok deraadt@, florian@

2 years agoAdjust how RIB are reloaded when their flags (esp. no evaluate) changes.
claudio [Mon, 21 Mar 2022 13:33:20 +0000 (13:33 +0000)]
Adjust how RIB are reloaded when their flags (esp. no evaluate) changes.
First flush all affected Adj-RIB-Out and then in a second step re-evaluate
the RIB itself. The no evaluate case becomes simpler. Fix the way
prefixes are re-evaluated, the list remove needs to be explict and not
part of prefix_evaluate() as in most other cases since this list is not
part of the rib_entry.
OK tb@

2 years agoWhitespace tweaks.
krw [Mon, 21 Mar 2022 12:57:46 +0000 (12:57 +0000)]
Whitespace tweaks.

2 years agoAdd support for XBox One gamecontroller, including report descriptor.
thfr [Mon, 21 Mar 2022 12:18:52 +0000 (12:18 +0000)]
Add support for XBox One gamecontroller, including report descriptor.
Based on previous XBox 360 controller code and NetBSD's implementation.

Tested by me and solene@.
Input by solene@ and stsp@.
ok stsp@ phessler@
ok solene@ for an earlier version.

2 years agoMake sure that the string generated by pretty_key_id() is always properly
claudio [Mon, 21 Mar 2022 10:39:51 +0000 (10:39 +0000)]
Make sure that the string generated by pretty_key_id() is always properly
NUL terminated.
Diff by Martin Vahlensieck <openbsd () academicsolutions ! ch>
OK tb@

2 years agoAdjust to renaming of F_CTL_ACTIVE/F_PREF_ACTIVE to F_CTL_ACTIVE/F_PREF_BEST
claudio [Mon, 21 Mar 2022 10:16:23 +0000 (10:16 +0000)]
Adjust to renaming of F_CTL_ACTIVE/F_PREF_ACTIVE to F_CTL_ACTIVE/F_PREF_BEST
OK tb@

2 years agoRename F_CTL_ACTIVE and F_PREF_ACTIVE to the more correct
claudio [Mon, 21 Mar 2022 10:15:34 +0000 (10:15 +0000)]
Rename F_CTL_ACTIVE and F_PREF_ACTIVE to the more correct
F_CTL_BEST and F_PREF_BEST. This is used to mark the one
best path in bgpctl. When ECMP support is added then more
then one path can be active.
OK tb@

2 years agoHeader netinet/in_pcb.h includes sys/mutex.h now. Recommit mutex
bluhm [Mon, 21 Mar 2022 09:12:34 +0000 (09:12 +0000)]
Header netinet/in_pcb.h includes sys/mutex.h now.  Recommit mutex
for PCB tables.  It does not break userland build anymore.

pf_socket_lookup() calls in_pcbhashlookup() in the PCB layer.  To
run pf in parallel, make parts of the stack MP safe.  Protect the
list and hashes in the PCB tables with a mutex.
Note that the protocol notify functions may call pf via tcp_output().
As the pf lock is a sleeping rw_lock, we must not hold a mutex.  To
solve this for now, collect these PCBs in inp_notify list and protect
it with exclusive netlock.
OK sashan@

2 years agoRemove unused files which serve no purpose in OpenBSD; with and ok jsg@
miod [Mon, 21 Mar 2022 06:48:00 +0000 (06:48 +0000)]
Remove unused files which serve no purpose in OpenBSD; with and ok jsg@

(works better with `cvs rm' prior to commit...)

2 years agoRemove unused files which serve no purpose in OpenBSD; with and ok jsg@
miod [Mon, 21 Mar 2022 06:45:50 +0000 (06:45 +0000)]
Remove unused files which serve no purpose in OpenBSD; with and ok jsg@

2 years agoRemove data dependency barrier from atomic_load_* functions
visa [Mon, 21 Mar 2022 05:45:52 +0000 (05:45 +0000)]
Remove data dependency barrier from atomic_load_* functions

This makes the atomic_load_* functions relaxed in terms of memory
ordering. Now it should be acceptable to use these functions in
assertions.

The need of the data dependency barrier is conditioned to usage.
The barrier is unnecessary for the control decisions that cond_wait()
and refcnt_finalize() make. READ_ONCE() and SMR_PTR_GET() use the
barrier so that loaded pointers would work as excepted in lock-free
contexts (some Alpha CPUs have a data cache design that can cause
unusual load-load reordering if not synchronized properly).

OK bluhm@

2 years agodefault the conffile variable to the default file name instead of NULL.
dlg [Mon, 21 Mar 2022 04:35:41 +0000 (04:35 +0000)]
default the conffile variable to the default file name instead of NULL.

this avoids having to test for NULL and swap the right name in place
in a bunch of places. it also avoids having NULL passed to format
strings in the parser.

the only place where it actually matters if we're using the default
or not is when we're parsing the config. if you don't specify a
config, and the default file doesnt exist, that's ok.

ok florian@

2 years agocall in_pcbselsrc from rip_output so route sourceaddr can take effect.
dlg [Mon, 21 Mar 2022 04:00:56 +0000 (04:00 +0000)]
call in_pcbselsrc from rip_output so route sourceaddr can take effect.

previously things that used sendto or similar with raw sockets would
ignore any configured sourceaddr. this made it inconsistent with
other traffic, which in turn makes things confusing to debug if
you're using ping or traceroute (which use raw sockets) to figure
out what's happening to other packets.

the ipv6 equiv already does this too.

ok sthen@ claudio@

2 years agotreat 255.255.255.255 like an mcast address in in_pcbselsrc.
dlg [Mon, 21 Mar 2022 03:51:09 +0000 (03:51 +0000)]
treat 255.255.255.255 like an mcast address in in_pcbselsrc.

this allows the IP_MULTICAST_IF sockopt to specify which address
you want to send a limited broadcast (255.255.255.255) packet out
of.

requested by and ok claudio@

2 years agoNo point in calling scsi_link_shutdown() if link->pool is NULL.
krw [Mon, 21 Mar 2022 00:20:40 +0000 (00:20 +0000)]
No point in calling scsi_link_shutdown() if link->pool is NULL.

Ditto config_detach() if link->device_softc is NULL.

Currently just some extra paranoia, but will allow simplification
of exit logic in scsi_probe_link() and other future uses of
scsi_detach_link() on partially configured links.

No intentional functional change.

2 years agosetusercontext: only call setrtable(2) if "rtable" set explicitly.
millert [Sun, 20 Mar 2022 23:24:03 +0000 (23:24 +0000)]
setusercontext: only call setrtable(2) if "rtable" set explicitly.
When LOGIN_SETRTABLE is set in flags, only call setrtable(2) if
there is an "rtable" entry in login.conf.  Previously, a default
value of 0 was used if the capability was missing.  That had the
effect of resetting the rtable for every program that uses
setusercontext(3), even if a different rtable was chosen by, e.g.,
"route -T exec command".  OK deraadt@ matthieu@

2 years agoInclude sys/mutex.h from netinet/in_pcb.h. Struct mutex will be
bluhm [Sun, 20 Mar 2022 19:16:29 +0000 (19:16 +0000)]
Include sys/mutex.h from netinet/in_pcb.h.  Struct mutex will be
needed to make inpcb in kernel MP safe.  To build sysctl and libkvm
based programs, we have to export it to userland.
OK claudio@

2 years agoMove/group i2d_ASN1_OBJECT() and d2i_ASN1_OBJECT().
jsing [Sun, 20 Mar 2022 13:27:23 +0000 (13:27 +0000)]
Move/group i2d_ASN1_OBJECT() and d2i_ASN1_OBJECT().

2 years agoAlways check if softraid0 is NULL before dereferencing it.
krw [Sun, 20 Mar 2022 13:14:02 +0000 (13:14 +0000)]
Always check if softraid0 is NULL before dereferencing it.

Avoids panic on reboot when softraid has been disabled.

Discovered by, diagnosed, first diff from & fix tested by Scott
Nicholas.

ok bluhm@

2 years agoIntroduce an alternative mechanism for wifi drivers to communicate
stsp [Sun, 20 Mar 2022 12:01:58 +0000 (12:01 +0000)]
Introduce an alternative mechanism for wifi drivers to communicate
the channel on which a frame was received.

ieee80211_inputm() was expecting that ic->ic_bss->ni_chan would correspond
to the channel which is currently being scanned. This dates back to older
devices which are manually tuned to the next channel by the driver during
SCAN->SCAN state transitions.

However, this approach is very awkward for drivers which scan across a
whole range of channels in firmware. Such drivers had an ugly workaround
in place which tweaked ni_chan for each received frame.

Introduce a channel number field in the Rx info struct which drivers
can use to indicate the channel on which a frame was received.
If this field is set, net80211 will use it instead of using the current
channel of ic_bss. Use this new mechanism in all affected drivers.

Tested by jmc@, sthen@, and myself on iwm(4) and iwx(4).
Changes to iwn(4) and bwfm(4) are the same mechanical changes to get rid
of the ni_chan tweak, and are therefore expected to work.

ok sthen@ dlg@

2 years agoDon't announce VHT caps on 2GHz channels during iwm(4) and iwx(4) scans.
stsp [Sun, 20 Mar 2022 11:59:39 +0000 (11:59 +0000)]
Don't announce VHT caps on 2GHz channels during iwm(4) and iwx(4) scans.

VHT capabilities were written into the "common" secion of the firmware
probe request frame template. This section is used on 2GHz and 5GHz bands.
Announcing VHT capabilities on 2GHz makes no sense.
Move them into the 5GHz-only section.

ok sthen@

2 years agosync
sthen [Sun, 20 Mar 2022 10:54:43 +0000 (10:54 +0000)]
sync

2 years agodon't leak argument list; bz3404, reported by Balu Gajjala
djm [Sun, 20 Mar 2022 08:52:17 +0000 (08:52 +0000)]
don't leak argument list; bz3404, reported by Balu Gajjala
ok dtucker@

2 years agomake addargs() and replacearg() a little more robust and improve error
djm [Sun, 20 Mar 2022 08:51:21 +0000 (08:51 +0000)]
make addargs() and replacearg() a little more robust and improve error
reporting

make freeargs(NULL) a noop like the other free functions

ok dtucker as part of bz3403

2 years agoMake background scans pick up APs on 2GHz channels while in 11ac mode.
stsp [Sun, 20 Mar 2022 07:50:32 +0000 (07:50 +0000)]
Make background scans pick up APs on 2GHz channels while in 11ac mode.

found by landry@

2 years agoEnable interrupt moderation, targeting around 20k interrupts per second.
jmatthew [Sun, 20 Mar 2022 00:01:33 +0000 (00:01 +0000)]
Enable interrupt moderation, targeting around 20k interrupts per second.
There are separate timers for rx and tx interrupts, so we can use longer
timeouts for tx since that doesn't affect packet processing latency.

ok dlg@

2 years agoRemove three useless tests files
tb [Sat, 19 Mar 2022 18:19:24 +0000 (18:19 +0000)]
Remove three useless tests files

The asn1test depends on asn1_mac.h which had a date with the bitbucket a
few years back (and the test "isn't meant to run particularly, it's just
to test type checking"). methtest.c tests an API that was never present
in OpenSSL's git history. r160test.c is nothing but a licence.

"nuke away" jsing

2 years agoProvide t2i_ASN1_OBJECT_internal() and use it for OBJ_txt2obj()
jsing [Sat, 19 Mar 2022 17:49:32 +0000 (17:49 +0000)]
Provide t2i_ASN1_OBJECT_internal() and use it for OBJ_txt2obj()

The current OBJ_txt2obj() implementation converts the text to ASN.1
object content octets, builds a full DER encoding from it, then feeds
the entire thing back through the DER to ASN.1 object conversion. Rather
than doing this crazy dance, provide an t2i_ASN1_OBJECT_internal() function
that converts the text to ASN.1 object content octets, then creates a new
ASN1_OBJECT and attaches the content octets to it.

ok inoguchi@ tb@

2 years agoRevise regress for ascii/text to ASN.1 object conversion rewrite.
jsing [Sat, 19 Mar 2022 17:37:10 +0000 (17:37 +0000)]
Revise regress for ascii/text to ASN.1 object conversion rewrite.

2 years agoRewrite ascii/text to ASN.1 object conversion.
jsing [Sat, 19 Mar 2022 17:35:52 +0000 (17:35 +0000)]
Rewrite ascii/text to ASN.1 object conversion.

Rewrite the ascii/text to ASN.1 object conversion code using CBB/CBS,
while also addressing some of the bizarre behaviour (such as allowing
mixed separators and treating '..' as a zero value).

ok inoguchi@ tb@

2 years agoremove unused Pp;
jmc [Sat, 19 Mar 2022 17:12:31 +0000 (17:12 +0000)]
remove unused Pp;

2 years agoAdd another invalid separator test case.
jsing [Sat, 19 Mar 2022 16:23:17 +0000 (16:23 +0000)]
Add another invalid separator test case.

2 years agoFix wrongly implemented check for 5GHz access point RSSI threshold.
stsp [Sat, 19 Mar 2022 15:21:13 +0000 (15:21 +0000)]
Fix wrongly implemented check for 5GHz access point RSSI threshold.

This check was wrong for drivers which report RSSI as a percentage,
such as iwm(4) and iwx(4). Such drivers will now prefer 5GHz with
50% or greater RSSI, as was intended.

ok phessler@

2 years agoGive 11n and 11ac networks a higher score during SSID selection.
stsp [Sat, 19 Mar 2022 15:20:32 +0000 (15:20 +0000)]
Give 11n and 11ac networks a higher score during SSID selection.

ok phessler@

2 years agoFix wrong logic in a check in iwm_vht_single_rate_control() to match
stsp [Sat, 19 Mar 2022 15:19:51 +0000 (15:19 +0000)]
Fix wrong logic in a check in iwm_vht_single_rate_control() to match
what was intended.

ok phessler@

2 years agoFix attach of multiple iwm(4) or iwx(4) interfaces in the same machine.
stsp [Sat, 19 Mar 2022 14:50:01 +0000 (14:50 +0000)]
Fix attach of multiple iwm(4) or iwx(4) interfaces in the same machine.

ok kettenis@, jca@

2 years agoRemove the paragraph about 802.11ac from CAVEATS in the iwm(4) man page.
stsp [Sat, 19 Mar 2022 10:43:01 +0000 (10:43 +0000)]
Remove the paragraph about 802.11ac from CAVEATS in the iwm(4) man page.

2 years agoDo not define RA_DEBUG; pointed out by miod@
stsp [Sat, 19 Mar 2022 10:28:44 +0000 (10:28 +0000)]
Do not define RA_DEBUG; pointed out by miod@

2 years agobackout r1.86 "login class routing table should be honored when doing
sthen [Sat, 19 Mar 2022 10:28:38 +0000 (10:28 +0000)]
backout r1.86 "login class routing table should be honored when doing
a full login with su -l", it breaks rc.d(8) daemon_rtable

2 years agoAdd initial 802.11ac support to the iwm(4) driver.
stsp [Sat, 19 Mar 2022 10:26:52 +0000 (10:26 +0000)]
Add initial 802.11ac support to the iwm(4) driver.

VHT MCS and 80MHz channels can now be used.
Other 11ac features such as larger aggregates are left for later work.

Tested:
3160: stsp
7260: florian, jmatthew
7265: rfreeman, mlarkin, landry, Peter J. Philip
8260: bket
8265: jturner, Marcus MERIGHI, stsp
9260: florian, matthieu, stsp
9650: kmos, sthen

ok sthen@

2 years agoAdd 11ac/VHT Tx rate adaptation support to net80211.
stsp [Sat, 19 Mar 2022 10:25:09 +0000 (10:25 +0000)]
Add 11ac/VHT Tx rate adaptation support to net80211.

Based on our existing RA module for 11n.
The main difference is in dealing with 11ac-specific ratesets.
Tx rate selection heuristics remain identical.

Only supports 80MHz channels, for now. 160MHz is left for future work.

ok sthen@

2 years agomark injection fault test as okay to fail, since this case no longer
espie [Sat, 19 Mar 2022 07:01:00 +0000 (07:01 +0000)]
mark injection fault test as okay to fail, since this case no longer
creates temp files with the current optimization.

2 years agoadd list of apple machines from arm64.html
jsg [Fri, 18 Mar 2022 22:28:06 +0000 (22:28 +0000)]
add list of apple machines from arm64.html
apple specific install instructions still needed

2 years agoSimplify SSL_do_handshake().
jsing [Fri, 18 Mar 2022 18:01:17 +0000 (18:01 +0000)]
Simplify SSL_do_handshake().

ok inoguchi@ tb@

2 years agoRewrite legacy DTLS unexpected handshake message handling.
jsing [Fri, 18 Mar 2022 18:00:54 +0000 (18:00 +0000)]
Rewrite legacy DTLS unexpected handshake message handling.

Rewrite the code that handles unexpected handshake messages in the legacy
DTLS stack. Parse the DTLS message header up front, then process it based
on the message type. Overall the code should be more strict and we should
reject various invalid messages that would have previously been accepted.

ok inoguchi@ tb@

2 years agoCleanup reference counting. Remove #ifdef DIAGNOSTIC to keep the
bluhm [Fri, 18 Mar 2022 15:32:06 +0000 (15:32 +0000)]
Cleanup reference counting.  Remove #ifdef DIAGNOSTIC to keep the
code similar in non DIAGNOSTIC case.  Rename refcnt variable to
refs for consistency with r_refs.  Add KASSERT() in refcnt_finalize().
OK visa@

2 years agoUse the refcnt API with struct plimit.
visa [Fri, 18 Mar 2022 14:45:39 +0000 (14:45 +0000)]
Use the refcnt API with struct plimit.

OK bluhm@ dlg@

2 years agoregen
miod [Fri, 18 Mar 2022 11:09:55 +0000 (11:09 +0000)]
regen

2 years agoAdd bwfm chips to sdmmcdevs in order to get symbolic constants for them.
miod [Fri, 18 Mar 2022 11:09:39 +0000 (11:09 +0000)]
Add bwfm chips to sdmmcdevs in order to get symbolic constants for them.

ok jsg

2 years agoDon't bother generating (unused) CIS overrides.
miod [Fri, 18 Mar 2022 11:08:34 +0000 (11:08 +0000)]
Don't bother generating (unused) CIS overrides.

ok jsg

2 years agoadd crossrefs to the other port module documentation to port-modules(5)
sthen [Fri, 18 Mar 2022 09:04:05 +0000 (09:04 +0000)]
add crossrefs to the other port module documentation to port-modules(5)
(cabal/cargo/gnome/go/python/qmake-module; ruby-module is already listed)

2 years agodon't try to resolve ListenAddress directives in the sshd re-exec
djm [Fri, 18 Mar 2022 04:04:11 +0000 (04:04 +0000)]
don't try to resolve ListenAddress directives in the sshd re-exec
path - we're never going to use the result and if the operation fails
then it can prevent connections from being accepted. Reported by
Aaron Poffenberger; with / ok dtucker@

2 years agoremove blank line
djm [Fri, 18 Mar 2022 02:50:21 +0000 (02:50 +0000)]
remove blank line

2 years agohelpful comment
djm [Fri, 18 Mar 2022 02:32:22 +0000 (02:32 +0000)]
helpful comment

2 years agossh-keygen -Y check-novalidate requires namespace or SEGV will ensue.
djm [Fri, 18 Mar 2022 02:31:25 +0000 (02:31 +0000)]
ssh-keygen -Y check-novalidate requires namespace or SEGV will ensue.
Patch from Mateusz Adamowski via GHPR#307

2 years agospelling
jsg [Fri, 18 Mar 2022 01:49:47 +0000 (01:49 +0000)]
spelling

2 years agoadd some extra logic to prevent moving files around when this is possible.
espie [Thu, 17 Mar 2022 21:45:51 +0000 (21:45 +0000)]
add some extra logic to prevent moving files around when this is possible.
Specifically, we created pkg.XXXX temp files for updates to work.

When I added tied files, I generalized this to installs as well, because
it was becoming too complex.

Forward a few years:
- we have tags and define-tag, so we can deem a lot of UpdateSets "safe"
(because they don't run command during the deletion/installation, but at
the end, so they won't see unwanted files)
- the tied logic is well-proven

With this diff:
- installs will again extract files directly in-place, so that install
is (mostly) chown + utimes.

- updates will extract files with new names directly in-place

- tied files that didn't change names will have zero churn (instead
of link to pkg.XXXX, rm orig file, mv pkg.XXXX back to orig file)

After lots of tests involving somewhat broken things.

Okay sthen@

(if it breaks it's easy to revert, but the speed-up for stuff like
texlive minor updates is significant)

2 years agoDrop two variable names from function prototypes.
tb [Thu, 17 Mar 2022 18:51:56 +0000 (18:51 +0000)]
Drop two variable names from function prototypes.

From Martin Vahlensieck

2 years agoAvoid legacy CSS2 syntax for the "display" property and use the CSS3
schwarze [Thu, 17 Mar 2022 18:45:43 +0000 (18:45 +0000)]
Avoid legacy CSS2 syntax for the "display" property and use the CSS3
two-value syntax "display: inline flow;" instead.  In particular, there
is no need to establish a new block formatting context with "flow-root",
and in fact that's detrimental because it appears to introduce spurious
soft-wrap opportunities.

jmc@ reported a bogus line break between the opening angle bracket
generated by .Aq Mt and the following email address.

2 years agofix typos; Martin Vahlensieck
sthen [Thu, 17 Mar 2022 18:27:55 +0000 (18:27 +0000)]
fix typos; Martin Vahlensieck

2 years agoRewrite legacy TLS unexpected handshake message handling.
jsing [Thu, 17 Mar 2022 17:28:08 +0000 (17:28 +0000)]
Rewrite legacy TLS unexpected handshake message handling.

Rewrite the code that handles unexpected handshake messages in the legacy
TLS stack. Parse the TLS message header up front, then process it based on
the message type. Overall the code should be more strict and we should
reject various invalid messages that would have previously been accepted.

I also reviewed steve's experimental code and fixed the bug that it
contained.

ok inoguchi@ tb@

2 years agoClean up and simplify ssl3_renegotiate{,_check}()
jsing [Thu, 17 Mar 2022 17:24:37 +0000 (17:24 +0000)]
Clean up and simplify ssl3_renegotiate{,_check}()

ok inoguchi@ tb@

2 years agoRemove const from tls1_transcript_hash_value()
jsing [Thu, 17 Mar 2022 17:22:16 +0000 (17:22 +0000)]
Remove const from tls1_transcript_hash_value()

This function populates the passed *out argument, hence it should not be
marked const.

ok tb@

2 years agoRework ASN1_STRING_set()
jsing [Thu, 17 Mar 2022 17:17:58 +0000 (17:17 +0000)]
Rework ASN1_STRING_set()

Rework ASN1_STRING_set() so that we always clear and free an existing
allocation, prior to storing the new data. This fixes a number of issues,
including a failure to zero data if the existing allocation was too small.
This also fixes other bugs such as leaving the allocation uninitialised
if NULL is passed for data. Require -1 where strlen() is expected and
improve length and overflow checks.

ok inoguchi@ tb@

2 years agoDeclare dtps_static array const to move it into read-only section.
bluhm [Thu, 17 Mar 2022 14:53:59 +0000 (14:53 +0000)]
Declare dtps_static array const to move it into read-only section.
OK mpi@

2 years agoUpdate to tzdata2022a from www.iana.org. Major changes:
millert [Thu, 17 Mar 2022 14:37:26 +0000 (14:37 +0000)]
Update to tzdata2022a from iana.org.  Major changes:
 o Palestine will spring forward on 2022-03-27, not -03-26.

2 years agoUse the refcnt API with struct ucred.
visa [Thu, 17 Mar 2022 14:23:34 +0000 (14:23 +0000)]
Use the refcnt API with struct ucred.

OK bluhm@

2 years agoUse the refcnt API in bpf.
visa [Thu, 17 Mar 2022 14:22:03 +0000 (14:22 +0000)]
Use the refcnt API in bpf.

OK sashan@ bluhm@

2 years agoMake tcpdump(8) show 802.11ac VHT capability and operation IEs in -v mode.
stsp [Thu, 17 Mar 2022 14:00:53 +0000 (14:00 +0000)]
Make tcpdump(8) show 802.11ac VHT capability and operation IEs in -v mode.

ok sthen@

2 years agoCheck scroll-on-clear for ED also.
nicm [Thu, 17 Mar 2022 13:39:13 +0000 (13:39 +0000)]
Check scroll-on-clear for ED also.

2 years agoAdd an option (scroll-on-clear) to control if tmux scrolls into history
nicm [Thu, 17 Mar 2022 11:35:37 +0000 (11:35 +0000)]
Add an option (scroll-on-clear) to control if tmux scrolls into history
on clear, from Robert Lange in GitHub issue 3121.

2 years agoIn swap_io() allocate the buffer before doing encryption.
mpi [Thu, 17 Mar 2022 10:15:13 +0000 (10:15 +0000)]
In swap_io() allocate the buffer before doing encryption.

If the allocation fails due to memory pressure no time is wasted doing
encryption.  This also simplify the error path.

Tested by sthen@.

ok kn@, miod@, kettenis@, tb@

2 years agoFix previous commit; the FDT header is big-endian so we need to do the
kettenis [Thu, 17 Mar 2022 00:28:29 +0000 (00:28 +0000)]
Fix previous commit; the FDT header is big-endian so we need to do the
appropriate byte swapping.

2 years agoJust say that the databases are intended for use by apropos(1), whatis(1),
schwarze [Wed, 16 Mar 2022 23:23:24 +0000 (23:23 +0000)]
Just say that the databases are intended for use by apropos(1), whatis(1),
and man(1), without restricting that statement to "man -k".
Suggested by and patch OK'ed by jmc@.

While only apropos(1) and whatis(1) strictly require the database
and while our man(1) implementation can find many manual pages even
when no database is available or when the database is incomplete or
corrupt, it does use the database even without -k whenever possible.
Consequently, this change makes the manual page less confusing.

2 years agoWhen we allocate space a buffer with some extra space for the FDT, adjust
kettenis [Wed, 16 Mar 2022 22:32:50 +0000 (22:32 +0000)]
When we allocate space a buffer with some extra space for the FDT, adjust
the size of the FDT to reflect the size of that buffer.  This prevents
an FDT overflow if the original FDT doesn't have enough space for the
additional properties that we add to it in our bootloader.

Fixes boot on the mcbin.
tested by bluhm@, ok patrick@

2 years agoMake sure contents of vroute messages are aligned properly.
tobhe [Wed, 16 Mar 2022 18:17:20 +0000 (18:17 +0000)]
Make sure contents of vroute messages are aligned properly.
Fixes address autoconfiguration on octeon.

Found by and ok mbuhl@

2 years agoThe 'status' parameter to uuid_* functions is uint32_t, not int.
krw [Wed, 16 Mar 2022 17:03:13 +0000 (17:03 +0000)]
The 'status' parameter to uuid_* functions is uint32_t, not int.

No intentional functional change.

2 years agoAdd an option to set the character used for unused areas of the
nicm [Wed, 16 Mar 2022 17:00:17 +0000 (17:00 +0000)]
Add an option to set the character used for unused areas of the
terminal, GitHub issue 3110.

2 years agoRemove an unneeded include.
visa [Wed, 16 Mar 2022 16:17:46 +0000 (16:17 +0000)]
Remove an unneeded include.

2 years agoUse the refcnt API in kqueue.
visa [Wed, 16 Mar 2022 14:38:43 +0000 (14:38 +0000)]
Use the refcnt API in kqueue.

OK dlg@ bluhm@

2 years agoAdd refcnt_shared() and refcnt_read()
visa [Wed, 16 Mar 2022 14:13:01 +0000 (14:13 +0000)]
Add refcnt_shared() and refcnt_read()

refcnt_shared() checks whether the object has multiple references.
When refcnt_shared() returns zero, the caller is the only reference
holder.

refcnt_read() returns a snapshot of the counter value.

refcnt_shared() suggested by dlg@.

OK dlg@ mvs@

2 years agoFix dependency to build bn_mod_sqrt.
bluhm [Wed, 16 Mar 2022 12:37:44 +0000 (12:37 +0000)]
Fix dependency to build bn_mod_sqrt.

2 years agoMake gcc 4 happier about x509_addr.c
tb [Wed, 16 Mar 2022 11:44:36 +0000 (11:44 +0000)]
Make gcc 4 happier about x509_addr.c

gcc 4 on sparc64 issues a few 'warning: value computed is not used'.
There are two cases: sk_set_cmp_function() returns the old comparison
function of the stack which we don't care about. The one warning about
an sk_delete() is about a return value that we know already and which
we will free a few lines down.

ok inoguchi miod

2 years agoUpdate to nsd 4.4.0
florian [Wed, 16 Mar 2022 10:14:50 +0000 (10:14 +0000)]
Update to nsd 4.4.0

tested by sthen and me
OK sthen

2 years agoLibreSSL 3.5.2
bcook [Tue, 15 Mar 2022 21:15:08 +0000 (21:15 +0000)]
LibreSSL 3.5.2

2 years agoInitialise *out_name at the start of i2t_ASN1_OBJECT_name().
jsing [Tue, 15 Mar 2022 18:47:22 +0000 (18:47 +0000)]
Initialise *out_name at the start of i2t_ASN1_OBJECT_name().

ok tb@