deraadt [Sun, 16 Apr 2017 15:11:01 +0000 (15:11 +0000)]
Move comments into a block and uses {} to unconfuse reading.
kettenis [Sun, 16 Apr 2017 14:40:47 +0000 (14:40 +0000)]
Use %zu to print a size_t.
visa [Sun, 16 Apr 2017 14:28:07 +0000 (14:28 +0000)]
Replace fetch_and_add() with atomic_inc_int_nv() from <sys/atomic.h>
to make the code more similar to sparc64's.
OK mpi@, guenther@, kettenis@
beck [Sun, 16 Apr 2017 14:25:42 +0000 (14:25 +0000)]
Flip previously warm pages in the buffer cache to memory above the DMA
region if uvm tells us it is available.
nits from deraadt@
ok krw@ guenther@ kettenis@
beck [Sun, 16 Apr 2017 14:24:03 +0000 (14:24 +0000)]
Statistics for high memory flips in the buffer cache
nits from deraadt@
ok krw@ guenther@ kettenis@
kettenis [Sun, 16 Apr 2017 14:20:49 +0000 (14:20 +0000)]
Remove some defines marked #ifdef notyet, which really is #ifdef notever.
Reduces the diffs with other architectures.
kettenis [Sun, 16 Apr 2017 13:35:14 +0000 (13:35 +0000)]
Always return nonzero from _longjmp too.
ok jsg@
kettenis [Sun, 16 Apr 2017 11:07:03 +0000 (11:07 +0000)]
Remove unused rnd_seed variable. Upstream made the same change 4 days ago.
Fixes compiling this test using clang on arm64.
jsg [Sun, 16 Apr 2017 10:19:54 +0000 (10:19 +0000)]
remove -g from CFLAGS at florian's request
jsg [Sun, 16 Apr 2017 10:16:35 +0000 (10:16 +0000)]
Different compilers and versions of compilers have different warnings.
Remove -Werror to give code a greater chance of building.
ok deraadt@ florian@
ajacoutot [Sun, 16 Apr 2017 08:50:49 +0000 (08:50 +0000)]
Remove /etc/ssl/acme/. We don't need it now that we have a default acme-conf(5)
that direclty uses /etc/ssl/{,private} by default. Adapt the httpd.conf example
accordingly.
ok florian@ benno@ millert@
otto [Sun, 16 Apr 2017 06:26:55 +0000 (06:26 +0000)]
backout previous, data_len is not always initialized
aoyama [Sun, 16 Apr 2017 00:52:54 +0000 (00:52 +0000)]
Remove -Werror to make dhcrelay6 on gcc3 architecture successfully.
ok reyk
kettenis [Sat, 15 Apr 2017 18:58:45 +0000 (18:58 +0000)]
Build sparc64 kernels with -ffreestanding.
guenther [Sat, 15 Apr 2017 18:55:27 +0000 (18:55 +0000)]
Document RB_TIMEBAD; delete RB_* that are obsolete/unimplemented
ok visa@ deraadt@
jmc [Sat, 15 Apr 2017 18:45:15 +0000 (18:45 +0000)]
more streamlining, with help from bluhm;
bluhm [Sat, 15 Apr 2017 13:56:43 +0000 (13:56 +0000)]
After forced unmount of a file system that has other mount points
in it, dangling mounts could remain. When unmounting check the
hierarcy and unmount recursively. Also prevent that a new mount
appears during the scan.
Joint work with natano@; testing and OK krw@
schwarze [Sat, 15 Apr 2017 13:12:08 +0000 (13:12 +0000)]
Build full mandoc.db(5) databases by default using makewhatis(8)
without -Q during the build and in weekly(8). According to tests
by many developers, makewhatis(8) takes a few minutes at most even
on slower hardware like octeon, loongson, ALIX, RPI3, Soekris,
cubox, softiron etc., and security(8) is often worse than makewhatis(8).
In case this causes excessive weekly(8) run times on even slower
(~50 MHz-class) CPUs, consider adding "MAKEWHATISARGS=-Q" to
/etc/weekly.local on machines that feel unhappy.
OK sthen@ kettenis@ millert@ deraadt@
bluhm [Sat, 15 Apr 2017 11:58:51 +0000 (11:58 +0000)]
Take implementation for getsocket() from arp(8). This brings
routing table filter and pledge(2) to ndp(8) modes -s and -d.
OK florian@
bluhm [Sat, 15 Apr 2017 11:50:24 +0000 (11:50 +0000)]
Name global variable for routing socket rtsock like in ndp(8).
OK florian@
bluhm [Sat, 15 Apr 2017 11:42:09 +0000 (11:42 +0000)]
Let ndp(8) use the process's current routing table by default.
from Pierre Emeriaud; OK jca@ claudio@
Sync code and man page with arp(8). OK florian@
kettenis [Sat, 15 Apr 2017 11:15:02 +0000 (11:15 +0000)]
The tlb flushes in pmap_set_{l1,l2,l3} use ranges that don't fully make sense.
But those tlb flushes shouldn't be necessary anyway, so simply remove them.
Simplify the tlb flushing code now that we no longer flush ranges, and
revive the branch that doesn't flush a specific ASID for the kernel pmap
since its mappings are global.
ok patrick@, visa@
kettenis [Sat, 15 Apr 2017 10:23:35 +0000 (10:23 +0000)]
Handle R_SPARC_WPLT30 relocations against a local symbol. Fixes building the
audio/openal port with clang.
ok guenther@
florian [Sat, 15 Apr 2017 09:16:05 +0000 (09:16 +0000)]
regen
florian [Sat, 15 Apr 2017 09:15:45 +0000 (09:15 +0000)]
update to 4.1.16rc1
tests & OK sthen
(if there are more changes coming for 4.1.16 release we will just
commit them on top)
guenther [Sat, 15 Apr 2017 04:54:04 +0000 (04:54 +0000)]
Fix format string in ACPI_MEMDEBUG block
From Anton Lindqvist (anton.lindqvist(at)gmail.com)
visa [Sat, 15 Apr 2017 04:38:27 +0000 (04:38 +0000)]
Sync bus_dmamap_load_raw() with amd64 for better constraint checking.
Needed by xhci(4).
visa [Sat, 15 Apr 2017 04:18:40 +0000 (04:18 +0000)]
No GMX on CN73xx.
espie [Fri, 14 Apr 2017 21:37:15 +0000 (21:37 +0000)]
mark newish phony targets as phony.
okay tb@
bluhm [Fri, 14 Apr 2017 20:50:35 +0000 (20:50 +0000)]
Remove unused define satoin6().
bluhm [Fri, 14 Apr 2017 20:46:31 +0000 (20:46 +0000)]
Pass down the address family through the pr_input calls. This
allows to simplify code used for both IPv4 and IPv6.
OK mikeb@ deraadt@
schwarze [Fri, 14 Apr 2017 19:50:54 +0000 (19:50 +0000)]
adjust .Lk tests after groff and mandoc .Lk improvements
jcs [Fri, 14 Apr 2017 19:39:59 +0000 (19:39 +0000)]
once cvs's flow-control mechanism has kicked in, stop reading from
its local reader until memory usage goes back down below its
watermark.
during a checkout of a tree with big files (like www) from a fast
reader (disk) and a slow writer (net), the amount of data being
buffered can back up enough that cvs tries to allocate too many
buffers and hits its resource limit, causing death.
cvs's flow-control mechanism properly detects this early on, but the
message sent to the reader process to stop sending data takes too
long to process.
take more aggressive action and just stop reading from the reader
until the writer has ejected enough data that it can start re-using
its already-allocated buffers instead of allocating new ones.
ok deraadt
schwarze [Fri, 14 Apr 2017 19:34:54 +0000 (19:34 +0000)]
Show long .Lk URIs in like an indented display, similar to groff.
Suggested by bentley@.
bluhm [Fri, 14 Apr 2017 19:03:50 +0000 (19:03 +0000)]
Add test for IP payload compression. It is sending small and big
ping packets as only the latter get actually compressed.
schwarze [Fri, 14 Apr 2017 18:24:15 +0000 (18:24 +0000)]
Do not make the colon after the .Lk link text italic.
I just pushed the same change to GNU troff.
schwarze [Fri, 14 Apr 2017 18:23:29 +0000 (18:23 +0000)]
Do not make the colon after the .Lk link text italic.
I just pushed the same change to GNU troff.
bluhm [Fri, 14 Apr 2017 18:14:33 +0000 (18:14 +0000)]
Add tests with the ipsec.conf SA bundle keyword.
bluhm [Fri, 14 Apr 2017 18:06:28 +0000 (18:06 +0000)]
Up to now ipsecctl(8) grouped SAs with identical src and dst to the
flow which the first SA matched by the flow type. This behaviour
was mostly undocumented and unexpected. Make SA bundles explicit
in ipsec.conf(5). Only group SAs that have the same src and dst
and also the same bundle identifier.
OK hshoexer@
jsing [Fri, 14 Apr 2017 15:32:41 +0000 (15:32 +0000)]
Use freezero(3) when cleaning up session tickets - not only does it require
less code, but there is also a potential performance gain since they can be
larger allocations.
jsing [Fri, 14 Apr 2017 15:26:53 +0000 (15:26 +0000)]
Use freezero(3) to clean up the X25519 keys - simpler, cleaner code.
jsing [Fri, 14 Apr 2017 15:20:55 +0000 (15:20 +0000)]
Use freezero(3) in the CBB clean up path, since this could hold sensitive
information (such as master keys).
jsing [Fri, 14 Apr 2017 15:20:16 +0000 (15:20 +0000)]
Switch i2d_SSL_SESSION() back to freezero(3) now that the size constraints
have been relaxed.
jsing [Fri, 14 Apr 2017 15:19:39 +0000 (15:19 +0000)]
Clean up server key exchange EC point handling. Encode the point directly
into the CBB memory, rather than mallocing and memcpying, which also makes
makes the code more consistent with the client. Add a missing check for the
first EC_POINT_point2oct() call.
ok beck@
bluhm [Fri, 14 Apr 2017 15:11:31 +0000 (15:11 +0000)]
Avoid some false positives with cppcheck. No binary change.
OK jsg@
deraadt [Fri, 14 Apr 2017 15:02:51 +0000 (15:02 +0000)]
whitespace
kettenis [Fri, 14 Apr 2017 07:22:02 +0000 (07:22 +0000)]
Define __dead and __pure even if __STRICT_ANSI__ for compilers that
support GCC's __attribute__ syntax. Fixes several warnings when compiling
code with clang with -std=c++11 or some other strict ISO standard.
ok millert@, guenther@
deraadt [Fri, 14 Apr 2017 01:23:02 +0000 (01:23 +0000)]
correct path; from Klemens Nanni
mlarkin [Fri, 14 Apr 2017 01:02:28 +0000 (01:02 +0000)]
SVM: calculate max ASID value and save for later use. This will be used in
an upcoming diff to handle ASID/VPID reuse/rollover.
mlarkin [Fri, 14 Apr 2017 00:53:28 +0000 (00:53 +0000)]
Update a man page example to reflect recent changes.
Spotted by Ilya Kaliman, thanks.
kettenis [Thu, 13 Apr 2017 23:29:02 +0000 (23:29 +0000)]
A little bit more trivial cleanup.
millert [Thu, 13 Apr 2017 21:49:11 +0000 (21:49 +0000)]
Xr sigprocmask(2) not the obsolete sigsetmask(3)
kettenis [Thu, 13 Apr 2017 20:48:29 +0000 (20:48 +0000)]
Use the non-interrupt-safe pool allocator for the vp pool to avoid runninng
out of kva in the kmem_map. Avoids a hang when spawning a lot of processes.
brynet [Thu, 13 Apr 2017 18:36:51 +0000 (18:36 +0000)]
Use recallocarray in getdelim/getline to clear memory on buffer resizes,
inspired by a similar change to fgetln.
ok deraadt millert
otto [Thu, 13 Apr 2017 18:32:55 +0000 (18:32 +0000)]
allow clearing less than allocated and document freezero(3) better
tedu [Thu, 13 Apr 2017 15:32:15 +0000 (15:32 +0000)]
moving some code into a switch meant that break no longer stopped the loop.
try harder with a goto. diagnosis and original fix by tb.
krw [Thu, 13 Apr 2017 14:59:40 +0000 (14:59 +0000)]
Remove a bunch of obsolete, unused and irrelevant DHCP client types, fields,
and enums.
deraadt [Thu, 13 Apr 2017 14:48:31 +0000 (14:48 +0000)]
multi-statement CHECK_RANGE() macro isn't safe for all placements, and
needs to use "do {} while 0" idiom; all callers need repair also.
Discovered by jsg
jsg [Thu, 13 Apr 2017 07:30:21 +0000 (07:30 +0000)]
fix wrongly indented lines
patrick [Thu, 13 Apr 2017 07:04:09 +0000 (07:04 +0000)]
Add a NAT-T keepalive timer in case we are behind a NAT gateway.
See RFC 5996, section 2.23, NAT Traversal:
In the case of a mismatching NAT_DETECTION_DESTINATION_IP hash, it
means that the system receiving the NAT_DETECTION_DESTINATION_IP
payload is behind a NAT and that system SHOULD start sending
keepalive packets as defined in [UDPENCAPS].
With markus@, ok reyk@
guenther [Thu, 13 Apr 2017 04:09:46 +0000 (04:09 +0000)]
regen
guenther [Thu, 13 Apr 2017 04:06:46 +0000 (04:06 +0000)]
Delete the getlogin59 syscall, which was last used one year, two releases,
and four libc major versions ago
ok sthen@ jsing@ deraadt@ jca@
guenther [Thu, 13 Apr 2017 03:52:25 +0000 (03:52 +0000)]
Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it
in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB
macro can be unifdef'ed as always defined.
ok kettenis@ visa@ jsing@
krw [Wed, 12 Apr 2017 19:19:11 +0000 (19:19 +0000)]
Inspired by recent dhcrelay changes, bring in stricter CFLAGS!
krw [Wed, 12 Apr 2017 19:17:30 +0000 (19:17 +0000)]
One 'foo' per function is enough. Rename one to eliminate shadowing.
krw [Wed, 12 Apr 2017 19:12:01 +0000 (19:12 +0000)]
Add missing function prototypes. Mark kw_cmp() as static like all
its friends.
florian [Wed, 12 Apr 2017 18:35:50 +0000 (18:35 +0000)]
The kernel has to slightly different version of SipHash_Final but with
the same bug as just fixed in userland:
----------
SipHash_Final() was assuming the digest was 64-bit aligned, resulting in
misaligned memory accesses with armv7 ramdisk -Os bsd.rd ping
ok florian millert
----------
OK deraadt@
tb [Wed, 12 Apr 2017 18:24:37 +0000 (18:24 +0000)]
Use calloc(3) and recallocarray(3) instead of *alloc* + memset(0).
ok deraadt
deraadt [Wed, 12 Apr 2017 17:41:49 +0000 (17:41 +0000)]
SipHash_Final() was assuming the digest was 64-bit aligned, resulting in
misaligned memory accesses with armv7 ramdisk -Os bsd.rd ping
ok florian millert
millert [Wed, 12 Apr 2017 16:06:12 +0000 (16:06 +0000)]
New strstr() implementation from musl libc by Rich Felker. This
version uses the two-way string matching algorithm and is faster
than the old implementation. With this change, ports that check
for strstr having linear complexity time strstr will no longer
replace the libc strstr with a private version.
OK deraadt@ espie@
millert [Wed, 12 Apr 2017 15:23:08 +0000 (15:23 +0000)]
Prevent inosused from wrapping when soft updates is enabled while
scanning the used inode map. The code as written assumes inosused
is signed but this is no longer the case. OK deraadt@
millert [Wed, 12 Apr 2017 14:53:27 +0000 (14:53 +0000)]
isblank() is ANSI C since C99, no need to provide a replacement.
OK deraadt@
deraadt [Wed, 12 Apr 2017 14:49:05 +0000 (14:49 +0000)]
bluhm discovered "script < /dev/null" attempts tty operations in violation
of pledge. We can wrap isatty() around those codepaths.
ok bluhm beck
bluhm [Wed, 12 Apr 2017 14:46:31 +0000 (14:46 +0000)]
Add comment what the test does.
krw [Wed, 12 Apr 2017 14:08:15 +0000 (14:08 +0000)]
RTM_PROTO3 messages should not trigger a resolv.conf check.
bluhm [Wed, 12 Apr 2017 13:14:08 +0000 (13:14 +0000)]
The pledge sigkill test is an outdated copy of sigabrt. Remove the
former and activate the latter.
OK semarie@
krw [Wed, 12 Apr 2017 12:22:25 +0000 (12:22 +0000)]
Shuffle another function.
bluhm [Wed, 12 Apr 2017 11:55:41 +0000 (11:55 +0000)]
Add comment how the test works.
jsg [Wed, 12 Apr 2017 08:02:10 +0000 (08:02 +0000)]
explicitly set the ownership on installed include files as well
jsg [Wed, 12 Apr 2017 07:57:06 +0000 (07:57 +0000)]
Invoke install -d for each directory in the /usr/lib/clang hierarchy
as they aren't in mtree. Problem with wrong ownership and permission
of directories reported by sthen@.
ok deraadt@ sthen@ tb@
guenther [Wed, 12 Apr 2017 05:46:59 +0000 (05:46 +0000)]
Correct a format string
Problem noted by Michael W. Bombardieri (mb(at)ii.net)
ok mlarkin@ deraadt@
sthen [Tue, 11 Apr 2017 20:40:43 +0000 (20:40 +0000)]
- Mention LIBCXX, prompted by espie@.
sthen [Tue, 11 Apr 2017 20:40:33 +0000 (20:40 +0000)]
- Mention LIBCXX, prompted by espie@.
- Make it clear that CLANG_ARCHS, GCC3_ARCHS, GCC4_ARCHS refer to the base compiler.
Change "Clang 3.9.1" to just "Clang".
rpe [Tue, 11 Apr 2017 19:23:10 +0000 (19:23 +0000)]
Ensure that the version part of $_url_base is correctly removed by
using $VNAME (x.y) instead of $VERSION (xy). This fixes the problem
that the version part ended up in installurl which is wrong anyway
and also confuses pkg_add.
Thanks to florian@ and trondd at kagu-tsuchi dot com for reporting
this.
OK tb@
deraadt [Tue, 11 Apr 2017 19:01:24 +0000 (19:01 +0000)]
sync
schwarze [Tue, 11 Apr 2017 17:01:11 +0000 (17:01 +0000)]
shorten introductory sentence and make deprecation clearer;
disgussed with deraadt@
bluhm [Tue, 11 Apr 2017 15:55:41 +0000 (15:55 +0000)]
Add SIOCATMARK to allow pledge("inet") programs to call sockatmark(3).
from Matthias Pitzl; OK deraadt@
kettenis [Tue, 11 Apr 2017 15:16:14 +0000 (15:16 +0000)]
Recognize break conditions and enter ddb if ddb.console is set.
ok visa@, deraadt@
dhill [Tue, 11 Apr 2017 14:43:49 +0000 (14:43 +0000)]
Partially revert previous mallocarray conversions that contain
constants.
The consensus is that if both operands are constant, we don't need
mallocarray. Reminded by tedu@
ok deraadt@
krw [Tue, 11 Apr 2017 13:59:27 +0000 (13:59 +0000)]
Shuffle route/interface changing functions together into kroute.c. Try to
group related functions in kroute.c together and comment them a bit.
No intentional functional change.
jsing [Tue, 11 Apr 2017 13:14:08 +0000 (13:14 +0000)]
Revert ssl_asn1.c r1.50 - CBB and freezero(3) do not play nicely together.
Back this out while we investigate and implement a solution.
Found the hard way by sthen@
espie [Tue, 11 Apr 2017 11:01:28 +0000 (11:01 +0000)]
document more thoroughly the special status of modules gnu, imake, perl5
(for historical reasons)
okay aja@
krw [Tue, 11 Apr 2017 10:40:14 +0000 (10:40 +0000)]
Fold priv_write_file() into its only remaining user
priv_write_resolv_conf() and move the latter into kroute.c
with all its priv_ friends.
No intentional functional change.
reyk [Tue, 11 Apr 2017 09:57:19 +0000 (09:57 +0000)]
Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3).
In our privsep model, imsg is often used to transport sensitive
information between processes. But a process might free an imsg, and
reuse the memory for a different thing. iked uses some
explicit_bzero() to clean imsg-buffer but doing it in the library with
the freezero() is less error-prone and also benefits other daemons.
OK deraadt@ jsing@ claudio@
kettenis [Tue, 11 Apr 2017 06:52:13 +0000 (06:52 +0000)]
Revise 'struct fpreg' and dump floating-point register in core dumps. Also
reset the floating-point register state upon exec.
ok guenther@
krw [Mon, 10 Apr 2017 21:47:44 +0000 (21:47 +0000)]
Rework -L logic to use the idiom used in handling the leases file.
i.e. open FILE during program set up and use the FILE created for
the rest of the program lifetime after dropping privilege and
pledge()'ing. No need for passing messages to the priv process.
Tweak lease file handling a bit in passing.
Monitoring the -L file with external programs like sysutils/entr
still works.
Looks good to sthen@.
schwarze [Mon, 10 Apr 2017 17:45:06 +0000 (17:45 +0000)]
new X25519(3) manual page;
from Dr. Stephen Henson <steve@openssl.org>, OpenSSL commit
d218f3c3
jsing [Mon, 10 Apr 2017 17:27:33 +0000 (17:27 +0000)]
Use freezero() for the internal opaque structures, instead of the current
explicit_bzero()/free(). Less code and potentially less overhead.
jsing [Mon, 10 Apr 2017 17:25:22 +0000 (17:25 +0000)]
Use freezero() for X25519 keys - same result with more readable code.
schwarze [Mon, 10 Apr 2017 17:14:44 +0000 (17:14 +0000)]
document three additional functions;
from Emilia Kasper <emilia at openssl dot org>, OpenSSL commit
4ac139b4