openbsd
2 years agoDon't leak cert in aspa_parse()
tb [Mon, 5 Sep 2022 12:25:32 +0000 (12:25 +0000)]
Don't leak cert in aspa_parse()

ok job

2 years agosync
sthen [Mon, 5 Sep 2022 11:21:08 +0000 (11:21 +0000)]
sync

2 years agoFix -r on multi-chunk softraid volumes
kn [Mon, 5 Sep 2022 11:12:20 +0000 (11:12 +0000)]
Fix -r on multi-chunk softraid volumes

Running installboot(8) on softraid(4) volumes means installing stages on
every softraid chunk.

The overall idea is the same, but MD implementations differ.

sparc64_softraid.c's sr_install_bootblk() reuses sparc64_installboot.c's
md_installboot() for this.

For sparc64, md_installboot() does the copy of stage 2, usually
/usr/mdec/ofwboot to /ofwboot, so when `-r root' is passed, it prefixes the
file path with "root".

For single-disk installations (plain-disk and single-chunk softraid) this is
fine, but as soon as multiple chunks are used, md_installboot() currently
prefixes the path each time, obviously resulting in invalid paths starting
with the second run.

Other architectures do reuse md_installboot() as well but either don't do
such a copy or implement the prefixing differently -- plus they must support
softraid in the firt place to be able to hit this type of bug.

With this fixed, regress/usr.sbin/installboot finally passes on sparc64 and
installboot no longer fails at the end of a fresh installation onto softraid
with multiple chunks.

"looks correct" miod

2 years agoAdd missing prototypes for route_attach() and route_detach().
mvs [Mon, 5 Sep 2022 10:31:25 +0000 (10:31 +0000)]
Add missing prototypes for route_attach() and route_detach().

2 years agoboot_*.8: reference installboot.8, rectify FFS note on sparc64
kn [Mon, 5 Sep 2022 10:29:27 +0000 (10:29 +0000)]
boot_*.8: reference installboot.8, rectify FFS note on sparc64

On sparc64, installboot(8) does not deal with any file system; its -p is a
NOOP and according to CVS history the old sys/arch/sparc64/installboot/
never prepared a file system, either.

Remove this single misleading mention alltogether and rely on the now
consistently cross-linked MI installboot(8) for details, if any.

This syncs the list of currently existing MD boot_*(8/*) pages with the list
of usr.sbin/installboot/*_installboot.c files.

boot_alpha(8/alpha) already references installboot(8) but still uses
sys/arch/alpha/stand/installboot/ instead of usr.sbin/installboot/.

boot_luna88k(8/luna88k) exists but luna88k does not use installboot at all.

installboot(8) has additional support for efi (armv7, arm64, riscv64),
landisk, loongson, octeon and powerpc64 but those architectures currently
lack their own MD boot_*(8/*) manual.

OK miod

2 years agoFix file specification, zap partition bits, rectify disk naming errors
kn [Mon, 5 Sep 2022 10:03:50 +0000 (10:03 +0000)]
Fix file specification, zap partition bits, rectify disk naming errors

In boot_macppc(8), the current format a) claims to support specific disk/MBR
partitions which ofwboot clearly does not parse as such and b) lacks markup
to make clear which optional parts can (not) be omitted in what way.

Fixing both turns
promdev:partition/filename options
into
[[promdev:]filename] [-acds]

Same goes for boot(8/macppc), which has been apparently has been copied
from boot(8/amd64) without accounting for all platform specific details.

On amd64, biosboot(8) sees disks as 'sd' which (accidentially?) matches the
kernel driver's sd(4) name;  it also supports specific disklabel(5) slices,
so amd64 can do 'sd0a:/bsd'.

On macppc, disks show up as 'ide', 'cd' or 'hd' which stems from
OpenFirmware alone, not matching the wd(4) driver's name.  Also, ofwboot
always boots off the 'a' label, so macppc can only do 'hd:/bsd'.

Found while installing OpenBSD/macppc from CD inside QEMU but failing to
boot from disk inside QEMU and consulting our manual pages for help wrt.
specifying a boot device.  Turns out QEMU's OpenBIOS simply cannot boot from
MSDOS filesystems (thanks gkoehler), so it wouldn't work no matter what
boot file specification I'd use.

tests/agreement gkoehler
Feedback OK miod
OK tobhe
OK jmc on a previous boot_macppc.8 diff

2 years agoCleanup USB methods so that they align to what we do in other HC drivers,
mglocker [Mon, 5 Sep 2022 09:00:33 +0000 (09:00 +0000)]
Cleanup USB methods so that they align to what we do in other HC drivers,
like xhci(4) and ehci(4).

ok mpi@

2 years agoAdd minimal tooling for separating tests into dedicated programs.
anton [Mon, 5 Sep 2022 05:34:25 +0000 (05:34 +0000)]
Add minimal tooling for separating tests into dedicated programs.
Used to flag the newly added test_bind_unix_socket() as expected to
fail.

2 years agoRemove dead code.
jsing [Sun, 4 Sep 2022 15:56:51 +0000 (15:56 +0000)]
Remove dead code.

No change in generated assembly.

2 years agoRemove dead code.
jsing [Sun, 4 Sep 2022 15:54:42 +0000 (15:54 +0000)]
Remove dead code.

No change in generated assembly.

2 years agoAdd bounds checks for various EVP cipher implementations.
jsing [Sun, 4 Sep 2022 15:45:25 +0000 (15:45 +0000)]
Add bounds checks for various EVP cipher implementations.

The EVP cipher API uses size_t, however a number of the underlying
implementations use long in their API. This means that an input with
size > LONG_MAX will go negative.

Found by Coverity, hiding under a large pile of macros.

ok tb@

2 years agoRemove dead code.
jsing [Sun, 4 Sep 2022 13:55:39 +0000 (13:55 +0000)]
Remove dead code.

Only change to generated assembly is due to line numbers.

2 years agoExpand the looney M_do_cipher macro.
jsing [Sun, 4 Sep 2022 13:34:13 +0000 (13:34 +0000)]
Expand the looney M_do_cipher macro.

Only change in generated assembly is due to line numbers.

2 years agoRearrange some functions.
jsing [Sun, 4 Sep 2022 13:17:18 +0000 (13:17 +0000)]
Rearrange some functions.

Pull the init_key and ctrl (if present) functions up to the top. This
improves readability and allows for the removal of function prototypes.

No functional change.

2 years agoMake unveil tests less chatty when things work as expected.
anton [Sun, 4 Sep 2022 10:10:20 +0000 (10:10 +0000)]
Make unveil tests less chatty when things work as expected.

2 years agoRemove now unused EVP_C_DATA macro.
jsing [Sun, 4 Sep 2022 09:56:30 +0000 (09:56 +0000)]
Remove now unused EVP_C_DATA macro.

2 years agoRemove now unused BLOCK_CIPHER_* macros.
jsing [Sun, 4 Sep 2022 09:52:22 +0000 (09:52 +0000)]
Remove now unused BLOCK_CIPHER_* macros.

2 years agoExpand BLOCK_CIPHER_* macros.
jsing [Sun, 4 Sep 2022 09:48:23 +0000 (09:48 +0000)]
Expand BLOCK_CIPHER_* macros.

No change in generated assembly.

2 years agoUse pru_send function to check socket splicing compatibility. Only
bluhm [Sun, 4 Sep 2022 09:04:27 +0000 (09:04 +0000)]
Use pru_send function to check socket splicing compatibility.  Only
checking socket type is not sufficient as it could splice together
unix and inet sockets resulting in crashes.  As splicing is about
sending, the same send function looks like a good criteria.
Reported-by: syzbot+fc6901d63d858d5dd00a@syzkaller.appspotmail.com
Reported-by: syzbot+0e026f1bf8b259c6395e@syzkaller.appspotmail.com
OK gnezdo@

2 years agoMechanically expand BLOCK_CIPHER_* macros.
jsing [Sun, 4 Sep 2022 08:57:32 +0000 (08:57 +0000)]
Mechanically expand BLOCK_CIPHER_* macros.

No change in generated assembly.

2 years agoMechanically expand BLOCK_CIPHER_* macros.
jsing [Sun, 4 Sep 2022 08:54:16 +0000 (08:54 +0000)]
Mechanically expand BLOCK_CIPHER_* macros.

No change in generated assembly.

2 years agoImprove periodic USB transfers (device intr, isoc) used for input
mglocker [Sun, 4 Sep 2022 08:42:39 +0000 (08:42 +0000)]
Improve periodic USB transfers (device intr, isoc) used for input
devices, audio, and video.  It's still not perfect, and will need
further improvements.

High level, the diff contains following changes:

* Sync up with the Linux code base, which did re-work the periodic
  scheduling code path.
* Run the driver in IPL_VM instead of IPL_USB to prioritize us before
  lower/equal interrupts (same what NetBSD does).
* Add two new flags to our USB stack required by the updated driver
  code:
  - 'multi' flag in the usbd_hub structure to keep track whether
    a hub has one Transaction Translator for all ports (single TT)
    or one Transaction Translator per port (multi TT).
  - 'hcpriv' pointer in the usbd_tt structure for the HC driver to
    allocate memory for the scheduling depending on single or multi TT.

"go for it" kettenis@

2 years agoUse simpler disklabel template
kn [Sun, 4 Sep 2022 08:24:09 +0000 (08:24 +0000)]
Use simpler disklabel template

2 years agoMechanically expand BLOCK_CIPHER_* ciphers.
jsing [Sun, 4 Sep 2022 08:18:07 +0000 (08:18 +0000)]
Mechanically expand BLOCK_CIPHER_* ciphers.

This includes the wonderful BLOCK_CIPHER_ecb_loop - a for loop in a macro.

No change in generated assembly.

2 years agoDocument disklabel(8) -T's new RAID template
kn [Sun, 4 Sep 2022 08:06:40 +0000 (08:06 +0000)]
Document disklabel(8) -T's new RAID template

OK jmc

2 years agoRemove now unused IMPLEMENT_CFBR macro.
jsing [Sun, 4 Sep 2022 08:06:02 +0000 (08:06 +0000)]
Remove now unused IMPLEMENT_CFBR macro.

2 years agoMake ssl_create_cipher_list() have a single exit
tb [Sun, 4 Sep 2022 07:55:32 +0000 (07:55 +0000)]
Make ssl_create_cipher_list() have a single exit

This simplifies memory management and makes it easier to see the leak
that were introduced in the previous commit. Sprinkle a few malloc
errors for consistency.

CID 278396

with/ok jsing

2 years agoMechanically expand IMPLEMENT_CFBR macros.
jsing [Sun, 4 Sep 2022 07:54:59 +0000 (07:54 +0000)]
Mechanically expand IMPLEMENT_CFBR macros.

Only change to generated assembly is due to the use of EVPerror().

2 years agoFix regression in previous commit.
ajacoutot [Sun, 4 Sep 2022 06:57:13 +0000 (06:57 +0000)]
Fix regression in previous commit.
Moving the configuration check to its own configtest function means rc_pre
exit code will now be that of the && list (sasyncd_flags).
Just do what isakmpd does and return 0.

from lucas at sexy dot is, thanks!

2 years agospelling
jsg [Sun, 4 Sep 2022 06:49:11 +0000 (06:49 +0000)]
spelling

2 years agoProvide PCKBC_AUX to fix compilation
tb [Sat, 3 Sep 2022 23:12:36 +0000 (23:12 +0000)]
Provide PCKBC_AUX to fix compilation

from mlarkin

2 years agoMove PRU_PEERADDR request to (*pru_peeraddr)().
mvs [Sat, 3 Sep 2022 22:43:38 +0000 (22:43 +0000)]
Move PRU_PEERADDR request to (*pru_peeraddr)().

Introduce in{,6}_peeraddr() and use them for inet and inet6 sockets,
except tcp(4) case.

Also remove *_usrreq() handlers.

ok bluhm@

2 years agoInitialize TCP mutex forgotten in previous commit.
bluhm [Sat, 3 Sep 2022 22:11:09 +0000 (22:11 +0000)]
Initialize TCP mutex forgotten in previous commit.
found by Hrvoje Popovski with witness; OK mvs@

2 years agoProperly free() crl & auth tree in parser process
job [Sat, 3 Sep 2022 21:24:02 +0000 (21:24 +0000)]
Properly free() crl & auth tree in parser process

OK claudio@

2 years agoregen
mbuhl [Sat, 3 Sep 2022 21:16:51 +0000 (21:16 +0000)]
regen

2 years agoKeep _fw2 in local md_consoleinfo() scope
kn [Sat, 3 Sep 2022 21:16:05 +0000 (21:16 +0000)]
Keep _fw2 in local md_consoleinfo() scope

Missed in previous
OK kettenis

2 years agoMake recvmmsg and sendmmsg look more alike. change the flag type
mbuhl [Sat, 3 Sep 2022 21:13:48 +0000 (21:13 +0000)]
Make recvmmsg and sendmmsg look more alike. change the flag type
to int like other flag parameters, NetBSD uses unsigned int, FreeBSD
and Linux do int.
OK bluhm@

2 years agoRemove now unused IMPLEMENT_BLOCK_CIPHER macro.
jsing [Sat, 3 Sep 2022 20:12:24 +0000 (20:12 +0000)]
Remove now unused IMPLEMENT_BLOCK_CIPHER macro.

Also remove various comments noting that it cannot be used for certain
block ciphers (which kinda defeats the purpose of having a generic
implementation in the first place).

2 years agoMove the daemon() call in the parent process from after forking the
benno [Sat, 3 Sep 2022 20:07:31 +0000 (20:07 +0000)]
Move the daemon() call in the parent process from after forking the
children to just before.  That way the parent disasociates from its
controling terminal and shell, but not from its children.

Remove the dup2() bits that were copied from daemon() to solve the
problem that the children still had the stdio fds open. This is now
done in the parent earlier.

Remove the setsid() and setpgid(). It is unclear what their intent
was, but they dont seem to make sense, as daemon() covers this as well
and there seems to be no reason the cildren procs need to do that.

ok claudio@ bluhm@

2 years agoMechanically expand IMPLEMENT_BLOCK_CIPHER macro.
jsing [Sat, 3 Sep 2022 20:06:43 +0000 (20:06 +0000)]
Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.

Only change to generated assembly is due to EVPerror()'s use of line
numbers.

2 years agoMechanically expand IMPLEMENT_BLOCK_CIPHER macro.
jsing [Sat, 3 Sep 2022 20:02:17 +0000 (20:02 +0000)]
Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.

No change in generated assembly.

2 years agoMechanically expand IMPLEMENT_BLOCK_CIPHER macro.
jsing [Sat, 3 Sep 2022 19:59:32 +0000 (19:59 +0000)]
Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.

Only change to generated assembly is due to EVPerror()'s use of line
numbers.
CVS ----------------------------------------------------------------------

2 years agoMechanically expand IMPLEMENT_BLOCK_CIPHER macro.
jsing [Sat, 3 Sep 2022 19:51:53 +0000 (19:51 +0000)]
Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.

No change to generated assembly.

2 years agoMechanically expand IMPLEMENT_BLOCK_CIPHER macro.
jsing [Sat, 3 Sep 2022 19:43:16 +0000 (19:43 +0000)]
Mechanically expand IMPLEMENT_BLOCK_CIPHER macro.

These macros make the ASN.1 macros seem sane - there are layers and layers
and layers here, which are hiding bugs.

No change to generated assembly.

Discussed with tb@

2 years agoUse a mutex to update tcp_maxidle, tcp_iss, and tcp_now. This
bluhm [Sat, 3 Sep 2022 19:22:19 +0000 (19:22 +0000)]
Use a mutex to update tcp_maxidle, tcp_iss, and tcp_now.  This
removes pressure from the exclusive netlock in tcp_slowtimo().
Reading is done atomically.  Ensure that the tcp_now value is read
only once per function to provide consistent time.
OK yasuoka@

2 years agoRewrap some lines, no functional change.
jsing [Sat, 3 Sep 2022 19:15:23 +0000 (19:15 +0000)]
Rewrap some lines, no functional change.

2 years agoTidy up asn1_c2i_primitive() slightly.
jsing [Sat, 3 Sep 2022 19:14:25 +0000 (19:14 +0000)]
Tidy up asn1_c2i_primitive() slightly.

Rename some variables and consistently goto error.

ok tb@

2 years agoAvoid recycling ASN1_STRINGs when decoding ASN.1.
jsing [Sat, 3 Sep 2022 19:11:45 +0000 (19:11 +0000)]
Avoid recycling ASN1_STRINGs when decoding ASN.1.

Rather than recycling an existing ASN1_STRING and changing its type, free
it and allocate a replacement. This simplifies the code and potentially
avoids bugs resulting from reuse.

ok tb@

2 years agoSet AP power state. This is needed if U-Boot didn't do this for us.
kettenis [Sat, 3 Sep 2022 19:05:52 +0000 (19:05 +0000)]
Set AP power state.  This is needed if U-Boot didn't do this for us.

2 years agoHandle syslog messages and add support for setting the AP power state.
kettenis [Sat, 3 Sep 2022 19:04:28 +0000 (19:04 +0000)]
Handle syslog messages and add support for setting the AP power state.

2 years agoRemove duplicate prototype that just snuck in.
jsing [Sat, 3 Sep 2022 18:59:09 +0000 (18:59 +0000)]
Remove duplicate prototype that just snuck in.

2 years agoEnsure a constructed ASN.1 INTEGER is considered invalid when decoding.
jsing [Sat, 3 Sep 2022 18:54:36 +0000 (18:54 +0000)]
Ensure a constructed ASN.1 INTEGER is considered invalid when decoding.

2 years agoEnsure ASN.1 types are appropriately encoded.
jsing [Sat, 3 Sep 2022 18:52:18 +0000 (18:52 +0000)]
Ensure ASN.1 types are appropriately encoded.

Per X.690, some ASN.1 types must be primitive encoded, some must be
constructed and some may be either. Add this data to our types table
and check the encoding against this information when decoding.

ok tb@

2 years agoMove PRU_SOCKADDR request to (*pru_sockaddr)()
mvs [Sat, 3 Sep 2022 18:48:49 +0000 (18:48 +0000)]
Move PRU_SOCKADDR request to (*pru_sockaddr)()

Introduce in{,6}_sockaddr() functions, and use them for all except tcp(4)
inet sockets. For tcp(4) sockets use tcp_sockaddr() to keep debug ability.

The key management and route domain sockets returns EINVAL error for
PRU_SOCKADDR request, so keep this behaviour for a while instead of make
pru_sockaddr handler optional and return EOPNOTSUPP.

ok bluhm@

2 years agoProvide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive().
jsing [Sat, 3 Sep 2022 18:45:51 +0000 (18:45 +0000)]
Provide c2i_ASN1_ENUMERATED_cbs() and call it from asn1_c2i_primitive().

This avoids asn1_c2i_primitive() from needing knowledge about the internals
of ASN1_INTEGER and ASN1_ENUMERATED.

ok tb@

2 years agowhitespace
mlarkin [Sat, 3 Sep 2022 18:17:15 +0000 (18:17 +0000)]
whitespace

2 years agoMake sure we don't suspend if we have no way to wake up the machine.
kettenis [Sat, 3 Sep 2022 18:05:10 +0000 (18:05 +0000)]
Make sure we don't suspend if we have no way to wake up the machine.
The idea is that device drivers that can wake up the machine register
themselves by calling device_register_wakeup().  To prevent regressions
on amd64, we let acpi(4) register itself as a wakeup device if the AML
for the machine defines wakeup devices.  This may be refined in the
future.

This diff will prevent people from suspending their arm64 SBCs without
having a way to wake them up.  For now the only driver that registers
itself is axppmic(4), which means that at this moment only SBCs with
an allwinner A64 or H5 SoC will actually support suspend/resume.

ok mlarkin@, deraadt@

2 years agoPrepare to provide OPENSSL_cleanup.
jsing [Sat, 3 Sep 2022 17:47:47 +0000 (17:47 +0000)]
Prepare to provide OPENSSL_cleanup.

OPENSSL_cleanup() cleans up and deallocates memory in use by the library.
There are a couple of use cases for this, primarily related to memory
leak testing. This will not be called automatically in LibreSSL, which
means that OpenSSL's OPENSSL_NO_INIT_ATEXIT is implied. If code wants to
clean up then they need to explicitly call this themselves.

ok tb@

2 years agoNew test coverage for RC4
tb [Sat, 3 Sep 2022 17:43:14 +0000 (17:43 +0000)]
New test coverage for RC4

From Joshua Sing

2 years agoStop using CBIGNUM_it internal to libcrypto.
jsing [Sat, 3 Sep 2022 16:01:23 +0000 (16:01 +0000)]
Stop using CBIGNUM_it internal to libcrypto.

CBIGNUM_it is supposed to be the "clear bignum" or "secure" bignum - that
is one which zeros its memory after use and ensures that the constant time
flags are set... in LibreSSL we always do both of these things for BIGNUMs,
so just use BIGNUM_it instead.

ok tb@

2 years ago- rework the -f text to read better; ok job
jmc [Sat, 3 Sep 2022 15:59:04 +0000 (15:59 +0000)]
- rework the -f text to read better; ok job
- while here, wrap a long line

2 years agoRemove -lncurses from LDADD. It is not used. Also add DPADD line.
claudio [Sat, 3 Sep 2022 15:58:40 +0000 (15:58 +0000)]
Remove -lncurses from LDADD. It is not used. Also add DPADD line.
OK deraadt@

2 years agoAllow ikbd(4) to become the console keyboard.
kettenis [Sat, 3 Sep 2022 15:48:16 +0000 (15:48 +0000)]
Allow ikbd(4) to become the console keyboard.

ok miod@

2 years agoFix passing explicit stage files
kn [Sat, 3 Sep 2022 15:46:20 +0000 (15:46 +0000)]
Fix passing explicit stage files

Every platform ought to set `stages', `stage1' and optionally `stage2'
in md_init(), otherwise passing explicit files results won't work as
`stages' is zero-initialised and no default path is set:

# installboot -nv wd0 ./ofwboot
usage: installboot [-nv] [-r root] disk [stage1]
installboot [-nv] -p disk

This is correct synopsis and ought to work, but macppc_installboot.c
(others, too) has an empty md_init().  Set stage bits to fix this:

# ./obj/installboot -nv wd0 ./ofwboot
Using / as root
would install bootstrap on /dev/rwd0c
using first-stage ./ofwboot
would copy ./ofwboot to /tmp/installboot.Ymmm6QU8OJ/ofwboot

Using `stage1' leads to a bit more cleanup since early MI installboot.c
handles `-r', i.e. write_filesystem() no longer has needs to do the
fileprefix() dance itself.

This makes regress/usr.sbin/installboot pass on macppc (while being lucky
or carrying miod's fix for the kernel disklabel race manifesting on vnd).

OK gkoehler

2 years agoAllow suspend with root on sdmmc(4).
kettenis [Sat, 3 Sep 2022 15:29:43 +0000 (15:29 +0000)]
Allow suspend with root on sdmmc(4).

ok deraadt@

2 years agoClarify warning
job [Sat, 3 Sep 2022 15:13:44 +0000 (15:13 +0000)]
Clarify warning

2 years agoWhen divert-reply is used, keep some pf states after pcb is dropped if
yasuoka [Sat, 3 Sep 2022 14:57:54 +0000 (14:57 +0000)]
When divert-reply is used, keep some pf states after pcb is dropped if
its local address is translated, to prevent its source port from being
reused.  regress test by blumn.

ok blumn

2 years agoDon't doublecheck whether the RSC eContent Resourceblock contains inherit elements
job [Sat, 3 Sep 2022 14:41:47 +0000 (14:41 +0000)]
Don't doublecheck whether the RSC eContent Resourceblock contains inherit elements

The RSC ASN.1 templates make it impossible to pass an RFC3779-style inherit option
because of the use of ConstrainedIPAddressFamily and ConstrainedASIdentifiers.

OK tb@

2 years agoIntroduce x509_any_inherit() for objects which may not have inherit elements
job [Sat, 3 Sep 2022 14:40:09 +0000 (14:40 +0000)]
Introduce x509_any_inherit() for objects which may not have inherit elements

Unify conformance checking of Trust Anchors, ROAs, ASPAs, RSCs - none of which
may have any 'inherit' elements in the RFC 3779 IP/AS Resources extension of
the X509 certificate.

OK tb@

2 years agoAdd a new keyword to template files, 'raid', to allow the auto
krw [Sat, 3 Sep 2022 13:59:25 +0000 (13:59 +0000)]
Add a new keyword to template files, 'raid', to allow the auto
allocation of RAID partitions.

Make both 'raid' and 'swap' keywords case insensitive.

Suggested by kn@

ok kn@ miod@

2 years agoAdd the repoid of the cert in the cert struct. This way it is possible
claudio [Sat, 3 Sep 2022 13:30:27 +0000 (13:30 +0000)]
Add the repoid of the cert in the cert struct. This way it is possible
to track the parent repository id of a publication point.
Nomenclature is confusing but not much we can do here.
OK tb@ job@

2 years agoFix socket splicing between inet and inet6 sockets broken by PRU_CONTROL
mvs [Sat, 3 Sep 2022 13:29:33 +0000 (13:29 +0000)]
Fix socket splicing between inet and inet6 sockets broken by PRU_CONTROL
request splitting to (*pru_control)().

ok bluhm@

2 years agoAllow multiple X.509 locations
tb [Sat, 3 Sep 2022 13:06:15 +0000 (13:06 +0000)]
Allow multiple X.509 locations

While currently everyone only uses a single location, the spec allows for
multiple locations ordered by preference. While rpki-client does not
support more than one location this should not be a fatal error. Instead,
pick the first location and warn if there are more than one.

ok job

2 years agoMove non-inheritance check for BGPsec certs into cert_parse_pre()
tb [Sat, 3 Sep 2022 13:01:43 +0000 (13:01 +0000)]
Move non-inheritance check for BGPsec certs into cert_parse_pre()

ok claudio job (as part of a larger diff)

2 years agoregen
mbuhl [Sat, 3 Sep 2022 12:35:29 +0000 (12:35 +0000)]
regen

2 years agoadd the sendmmsg syscall that allows sending multiple msghdrs at
mbuhl [Sat, 3 Sep 2022 12:33:44 +0000 (12:33 +0000)]
add the sendmmsg syscall that allows sending multiple msghdrs at
once. libc, man page, and regress parts to come.
With input from jca@, bluhm@.
OK bluhm@

2 years agoClarify timeout/deadline
job [Sat, 3 Sep 2022 11:01:55 +0000 (11:01 +0000)]
Clarify timeout/deadline

2 years agoMove the repo lookup into queue_from_mft()
claudio [Sat, 3 Sep 2022 09:22:25 +0000 (09:22 +0000)]
Move the repo lookup into queue_from_mft()
OK tb@

2 years agoAdd apldcms(4), a driver for the touchpad on M2 laptops. This driver
kettenis [Sat, 3 Sep 2022 08:44:56 +0000 (08:44 +0000)]
Add apldcms(4), a driver for the touchpad on M2 laptops.  This driver
needs firmware that is provided on the ESP by the Asahi installer and
copied into /etc/firmware/apple by the OpenBSD installer.

ok tobhe@

2 years agoCopy Apple touchpad firmware on machines that need it.
kettenis [Sat, 3 Sep 2022 08:37:36 +0000 (08:37 +0000)]
Copy Apple touchpad firmware on machines that need it.

ok kn@, deraadt@

2 years agoFix the failing libm/rint regress test by adding ieee754 implementations
mbuhl [Sat, 3 Sep 2022 08:26:05 +0000 (08:26 +0000)]
Fix the failing libm/rint regress test by adding ieee754 implementations
for the rounding functions.
Input from kettenis@,
OK miod@

2 years agouse past tense for history;
jmc [Sat, 3 Sep 2022 06:55:01 +0000 (06:55 +0000)]
use past tense for history;

2 years agosync with arm64.html
jsg [Sat, 3 Sep 2022 05:44:04 +0000 (05:44 +0000)]
sync with arm64.html

2 years agoMake rc_configtest behave like rc_pre and rc_post; i.e. don't define a default
ajacoutot [Fri, 2 Sep 2022 22:11:57 +0000 (22:11 +0000)]
Make rc_configtest behave like rc_pre and rc_post; i.e. don't define a default
function (each rc.d script is supposed to define its own if wanted).
This way, we can filter out the "configtest" action depending on whether the
function exists or not.
Adapt documentation.

tweak/ok kn@

2 years agoIntroduce a deadline timer that aborts all repository syncs.
claudio [Fri, 2 Sep 2022 21:56:45 +0000 (21:56 +0000)]
Introduce a deadline timer that aborts all repository syncs.
With this rpki-client has a chance to still finish and produce an output
even when a CA is excessivly slow and holds back progress.
With and OK benno@ tb@ and job@

2 years agovmd(8): compute i8254 read-back command latch from singular timestamp
cheloha [Fri, 2 Sep 2022 21:33:51 +0000 (21:33 +0000)]
vmd(8): compute i8254 read-back command latch from singular timestamp

The intent of the i8254 read-back command is (most likely) to permit
simultaneously latching two or three counters at once along with their
statuses.

To simulate this, we should compute olatch from one timestamp per
read-back command, not one timestamp per counter.

Improved with a tweak by dv@.

Link: https://marc.info/?l=openbsd-tech&m=166213670605453&w=2
ok dv@ mlarkin@

2 years agoConstify nam2blk[], chrtoblktbl[] and octeon devmap[].
miod [Fri, 2 Sep 2022 20:06:55 +0000 (20:06 +0000)]
Constify nam2blk[], chrtoblktbl[] and octeon devmap[].
ok mpi@ millert@

2 years agoFix over long lines
claudio [Fri, 2 Sep 2022 19:14:04 +0000 (19:14 +0000)]
Fix over long lines
OK tb@ job@

2 years agoUse the abort commands when a repo timeout happens. This is cleaner
claudio [Fri, 2 Sep 2022 19:10:36 +0000 (19:10 +0000)]
Use the abort commands when a repo timeout happens. This is cleaner
then just failing the repo fetch but leaving the backends running.
OK tb@

2 years agoImplement RRDP_ABORT, a message to abort a inflight RRDP request.
claudio [Fri, 2 Sep 2022 18:37:17 +0000 (18:37 +0000)]
Implement RRDP_ABORT, a message to abort a inflight RRDP request.
The abort is done in a way that waits for any inflight files or http
requests to finish before removing the rrdp state and before sending
the rrdp done message indicating failure.
OK tb@ and benno@

2 years agorrdp_new() need not return the struct
tb [Fri, 2 Sep 2022 18:08:43 +0000 (18:08 +0000)]
rrdp_new() need not return the struct

The only caller does nothing with it.

with/ok claudio

2 years agoFirst attempt at supporting audio on machines with multiple speakers.
kettenis [Fri, 2 Sep 2022 17:54:42 +0000 (17:54 +0000)]
First attempt at supporting audio on machines with multiple speakers.
Probably needs more work as the device tree bindings evolve.
Note that speakers are currently disabled in the device tree for all
Apple Silicon machines except for the Mac mini.

2 years agovmm(4): add tracepoint for in/out handler.
dv [Fri, 2 Sep 2022 17:46:37 +0000 (17:46 +0000)]
vmm(4): add tracepoint for in/out handler.

Inserts a new static dt(4) tracepoint in vmm(4) to report details
on in/out instructions (direction, port, and data).

ok mlarkin@

2 years agoextra newline
claudio [Fri, 2 Sep 2022 17:39:51 +0000 (17:39 +0000)]
extra newline

2 years agoAdd a callback for setting the TDM slot used by an audio codec.
kettenis [Fri, 2 Sep 2022 16:53:28 +0000 (16:53 +0000)]
Add a callback for setting the TDM slot used by an audio codec.
Implement this callback in tascodec(4) such that we can pick the audio
channel that it outputs.  This will override the default which is to
downmix stereo input from TDM channels 0 and 1 to mono output.

ok ratchov@

2 years agoRewrite RMD-160 tests to be table-driven.
tb [Fri, 2 Sep 2022 15:45:52 +0000 (15:45 +0000)]
Rewrite RMD-160 tests to be table-driven.

From Joshua Sing

2 years agowc(1): accelerate word counting
cheloha [Fri, 2 Sep 2022 15:21:40 +0000 (15:21 +0000)]
wc(1): accelerate word counting

wc(1) counts a word whenever a whitespace byte is followed by a
non-whitespace byte.  Because the state machine transition occurs
within the space of a single byte we don't need to use getline(3).

Counting words in a big buffer with read(2) is much faster.  The
overhead varies with the length of a line, but for files with 60-100
byte lines, word counting is about twice as fast when we avoid
getline(3).  In the pathological case where each line is a single
byte, word counting is about ten times as fast when we avoid
getline(3).

Link1: https://marc.info/?l=openbsd-tech&m=163715995626532&w=2
Link2: https://marc.info/?l=openbsd-tech&m=165956826103639&w=2

"Seems reasonable." deraadt@

2 years agoMove mkpath logic after checking for 'noop' to prevent creation of directories in...
job [Fri, 2 Sep 2022 15:09:19 +0000 (15:09 +0000)]
Move mkpath logic after checking for 'noop' to prevent creation of directories in -n mode

OK claudio@

2 years agoDon't ignore an OpenBSD GPT partition just because the GPT says
krw [Fri, 2 Sep 2022 14:18:47 +0000 (14:18 +0000)]
Don't ignore an OpenBSD GPT partition just because the GPT says
it extends beyond the edge of the disk the GPT currently
inhabits. We only care if enough of it is addressable that a
disklabel is accessible.

Brings GPT handling of 'OpenBSD partitions extending too far'
into line with the MBR handling of the same situation.

2 years agoFix TSO large receive offloading in ix(4).
jan [Fri, 2 Sep 2022 14:08:09 +0000 (14:08 +0000)]
Fix TSO large receive offloading in ix(4).

Without this diff it might happen that content of different
TCP connection get mixed up, when reading coalesced buffers
from the receive ring.

Thanks, for a lot of testing effort to mbuhl.

OK mbuhl@