openbsd
2 years agoCheck klist emptiness instead of NULL pointer in KNOTE()
visa [Fri, 11 Feb 2022 07:27:07 +0000 (07:27 +0000)]
Check klist emptiness instead of NULL pointer in KNOTE()

All callers of KNOTE() supply a non-NULL klist argument. Replace the
NULL pointer check with klist emptiness check as a small optimization.

OK mpi@

2 years agoInline klist_empty() for more economic machine code.
visa [Fri, 11 Feb 2022 07:25:50 +0000 (07:25 +0000)]
Inline klist_empty() for more economic machine code.

OK mpi@

2 years agothe sleep_clocks() hook is not needed because the architectures which
deraadt [Fri, 11 Feb 2022 01:55:12 +0000 (01:55 +0000)]
the sleep_clocks() hook is not needed because the architectures which
need to do this can do it a few moments later in a different hook

2 years agoLock the pkg db while running
afresh1 [Fri, 11 Feb 2022 00:46:58 +0000 (00:46 +0000)]
Lock the pkg db while running

At least when not running in the installer.

Suggestions from espie@
Works for me sthen@
fine deraadt@

2 years agoAlways initialize delim before passing to hpdelim2 which might not set it.
dtucker [Fri, 11 Feb 2022 00:43:56 +0000 (00:43 +0000)]
Always initialize delim before passing to hpdelim2 which might not set it.
Found by the Valgrind tests on github, ok deraadt@

2 years agosleep_cpu/resume_cpu are part of an earlier MI split attempt
deraadt [Fri, 11 Feb 2022 00:43:27 +0000 (00:43 +0000)]
sleep_cpu/resume_cpu are part of an earlier MI split attempt
noticed by kettenis

2 years agoCasting a char pointer to struct ctf_header causes bus error on
bluhm [Thu, 10 Feb 2022 23:40:09 +0000 (23:40 +0000)]
Casting a char pointer to struct ctf_header causes bus error on
sparc64.  Use memcpy() to align the data.
found by regress/usr.bin/ctfdump; OK mpi@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Thu, 10 Feb 2022 20:07:47 +0000 (20:07 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by bluhm@

ok bluhm@

2 years agoFix regress after crl_print() addition so anton doesn't have to complain
tb [Thu, 10 Feb 2022 19:16:44 +0000 (19:16 +0000)]
Fix regress after crl_print() addition so anton doesn't have to complain
tomorrow morning

2 years agoImprove free inodes check from fs.f_favail > 0 to fs.f_free > 0.
tb [Thu, 10 Feb 2022 18:58:46 +0000 (18:58 +0000)]
Improve free inodes check from fs.f_favail > 0 to fs.f_free > 0.

suggested by millert

2 years agosync
deraadt [Thu, 10 Feb 2022 17:58:31 +0000 (17:58 +0000)]
sync

2 years agoFix serial number printing in crl_print() for large serials.
claudio [Thu, 10 Feb 2022 17:33:28 +0000 (17:33 +0000)]
Fix serial number printing in crl_print() for large serials.
Create a common x509_convert_seqnum() function to convert the various
ASN1_INTEGERs into hexnumbers and use this for mft and crl handling.
With and OK tb@, also OK job@

2 years agolook for the login class in both login.conf and login.conf.d/${class}
robert [Thu, 10 Feb 2022 16:57:33 +0000 (16:57 +0000)]
look for the login class in both login.conf and login.conf.d/${class}

ok aja@

2 years agoDuplicate "park disk" code, so that the SUSPEND case can be MI, it is only
deraadt [Thu, 10 Feb 2022 16:41:51 +0000 (16:41 +0000)]
Duplicate "park disk" code, so that the SUSPEND case can be MI, it is only
HIBERNATE that needs to be in MD code.
ok gkoehler

2 years agoEnable receive checksum offloading on ixl(4) network interfaces.
bluhm [Thu, 10 Feb 2022 16:22:00 +0000 (16:22 +0000)]
Enable receive checksum offloading on ixl(4) network interfaces.
from jan@; test and OK dlg@

2 years agoImplement some code to print crls with -f.
claudio [Thu, 10 Feb 2022 15:33:47 +0000 (15:33 +0000)]
Implement some code to print crls with -f.
For this introduce x509_get_time() that converts a ASN1_TIME to time_t.
Also move time2str() to print.c where it makes more sense.
This needs more work but that will happen in tree.
OK tb@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Thu, 10 Feb 2022 15:12:57 +0000 (15:12 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by bluhm@

ok bluhm@

2 years agoDo not verify the cert or CA for a relay using opportunistic TLS.
millert [Thu, 10 Feb 2022 14:59:35 +0000 (14:59 +0000)]
Do not verify the cert or CA for a relay using opportunistic TLS.
If a relay is not explicitly configured to use TLS but the remote
side supports STARTTLS, we will try to use it.  However, in this
case we should not verify the cert or CA (which may be self-signed).
This restores the relay behavior before the switch to libtls was made.
There is no change if the relay is explicitly configured to use TLS.
OK eric@

2 years agolook(1): use a stricter pledge(2) in lieu of unveil(2)
cheloha [Thu, 10 Feb 2022 14:55:43 +0000 (14:55 +0000)]
look(1): use a stricter pledge(2) in lieu of unveil(2)

We're only reading one file here, so unveil(2) is overkill.  We can
achieve the same effect with just pledge(2):

- Start with an initial pledge(2) of "stdio rpath" at the top of main().
  We know we need to read a file at this point but don't yet know which
  one.

- Drop the pledge(2) down to "stdio" after we open(2) and fstat(2) the
  chosen file.

- Dropping "rpath" obviates unveil(2).

Thread: https://marc.info/?l=openbsd-tech&m=164437072017248&w=2

ok millert@

2 years agoUpdate Devel::PPPort in base from version 3.57 to 3.64. Our clang
bluhm [Thu, 10 Feb 2022 14:37:42 +0000 (14:37 +0000)]
Update Devel::PPPort in base from version 3.57 to 3.64.  Our clang
13.0.0 produces thousands of -Wcompound-token-split-by-macro warnings
wir older ppport.h header files.  They are especially frequent in
the ports tree.  After this update we can use perl -MDevel::PPPort
-e'Devel::PPPort::WriteFile' to regenerate the ppport.h files.  Then
we have a version that is recent enough to build all ports and does
not spit out tons of warnings.
discussed with espie@ sthen@; OK afresh1@

2 years agounveil _PATH_LOGIN_CONF_D
robert [Thu, 10 Feb 2022 13:06:46 +0000 (13:06 +0000)]
unveil _PATH_LOGIN_CONF_D

2 years agointroduce support for storing capability databases in /etc/login.conf.d;
robert [Thu, 10 Feb 2022 13:06:07 +0000 (13:06 +0000)]
introduce support for storing capability databases in /etc/login.conf.d;

anytime a class is looked up, the /etc/login.conf.d/${class} file will be
checked first for a matching class definition; this will allow us to easily
add custom login classes from packages

ok millert@

2 years agoOnly show the 'not enough inodes' warning if the filesystem reports more
tb [Thu, 10 Feb 2022 11:14:04 +0000 (11:14 +0000)]
Only show the 'not enough inodes' warning if the filesystem reports more
than zero free inodes. btrfs always reports zero inodes, so on linux
distros like fedora, users will always see the not enough space warning,
which it is a bit ugly.

fine with claudio

2 years agoFree s->last_mod before overwriting it with a new last_mod.
tb [Thu, 10 Feb 2022 11:11:22 +0000 (11:11 +0000)]
Free s->last_mod before overwriting it with a new last_mod.

ok claudio

2 years agoFree conn->last_modified before overwriting it with strdup().
tb [Thu, 10 Feb 2022 11:10:40 +0000 (11:10 +0000)]
Free conn->last_modified before overwriting it with strdup().
If it was set, this would leak 30 bytes.

ok claudio

2 years agoAssert vm map locks
kn [Thu, 10 Feb 2022 10:15:35 +0000 (10:15 +0000)]
Assert vm map locks

Introduce vm_map_assert_{wrlock,rdlock,anylock,unlocked}() in rwlock(9)
fashion and back up function comments about locking assumptions with proper
assertions.

Also add new comments/assertions based on code analysis and sync with
NetBSD as much as possible.

vm_map_lock() and vm_map_lock_read() are used for exclusive and shared
access respectively;  currently no code path is purely protected by
vm_map_lock_read() alone, i.e. functions called with a read lock held by the
callee are also called with a write lock elsewhere.

Thus only vm_map_assert_{wrlock,anylock}() are used as of now.

This should help with unlocking UVM related syscalls

Tested as part of a larger diff through
- amd64 package bulk build by naddy
- amd64, arm64, powerpc64 base builds and regress by bluhm
- amd64 and sparc64 base builds and regress by me

Input mpi
Feedback OK kettenis

2 years agoUnwire with map lock held
kn [Thu, 10 Feb 2022 10:14:02 +0000 (10:14 +0000)]
Unwire with map lock held

uvm_unmap_remove() effectively requires its caller to lock the vm map.

Even though uvm_map_teardown() is only called after a map's last reference
is dropped and is thus safe from other threads accessing the map, grab the
map's lock in uvm_map_teardown() to satify upcoming lock assertions in
uvm_unmap_remove().

Tested as part of a larger diff through
- amd64 package bulk builds by naddy
- amd64, arm64, powerpc64 base builds and regress by bluhm
- amd64 and sparc64 base builds and regress by me

Feedback mpi
OK kettenis

2 years agoIf running with ASAN, mark test_with{,out}_bzero() with the
tb [Thu, 10 Feb 2022 08:39:32 +0000 (08:39 +0000)]
If running with ASAN, mark test_with{,out}_bzero() with the
no_sanitize_address attribute. ASAN doesn't seem to be able
to understand these lowlevel gymnastics with sigaltstack()
and segfaults in __intercept_memem().

This allows LibreSSL and other portable projects that use this
test run tests with ASAN enabled.

Issue reported and workaround suggested by Ilya Shipitsin

Paraphrasing millert: it's a little ugly but it's only a regress.

2 years agoEmbed klist head in acpi_softc to avoid explicit malloc.
visa [Thu, 10 Feb 2022 07:39:20 +0000 (07:39 +0000)]
Embed klist head in acpi_softc to avoid explicit malloc.

OK kettenis@

2 years ago#ifdef the SUSPEND ioctl block
deraadt [Thu, 10 Feb 2022 06:52:13 +0000 (06:52 +0000)]
#ifdef the SUSPEND ioctl block

2 years agoAdd stubs for macppc suspend
gkoehler [Thu, 10 Feb 2022 05:48:02 +0000 (05:48 +0000)]
Add stubs for macppc suspend

These stubs don't work; they only pretend to suspend the machine.
SUSPEND + MULTIPROCESSOR doesn't build.  zzz(8) stops giving an error
message, even in no-SUSPEND kernels.

Add intr_enable in <powerpc/cpu.h>, adapted from powerpc64, because
subr_suspend.c calls intr_enable().

2 years agorevert for imminent OpenSSH release, which wil ship with scp in RCP mode.
djm [Thu, 10 Feb 2022 04:12:38 +0000 (04:12 +0000)]
revert for imminent OpenSSH release, which wil ship with scp in RCP mode.

> revision 1.106
> date: 2021/10/15 14:46:46;  author: deraadt;  state: Exp;  lines: +13 -9;  commitid: w5n9B2RE38tFfggl;
> openbsd 7.0 release shipped with the (hopefully last) scp that uses RCP
> protocol for copying.  Let's get back to testing the SFTP protocol.

This will be put back once the OpenSSH release is done.

2 years agobring back a local change to use DC_FP_START()/DC_FP_END() in
jsg [Thu, 10 Feb 2022 01:50:19 +0000 (01:50 +0000)]
bring back a local change to use DC_FP_START()/DC_FP_END() in
update_bw_bounding_box() lost in drm 5.15 update

should avoid 'SSE FP exception trap' infrequently seen on boot
with renoir and cezanne

problem reported by beck@ and claudio@

2 years agoDon't unregister firmware if we can't fetch the SHA256.sig
afresh1 [Thu, 10 Feb 2022 00:29:32 +0000 (00:29 +0000)]
Don't unregister firmware if we can't fetch the SHA256.sig

Also avoid trying to download it multiple times if it fails,
which makes error reporting much nicer.

Noticed by and OK semarie@

2 years agothis is now in apm.c
deraadt [Wed, 9 Feb 2022 23:55:57 +0000 (23:55 +0000)]
this is now in apm.c

2 years agonot ready for suspend
deraadt [Wed, 9 Feb 2022 23:55:33 +0000 (23:55 +0000)]
not ready for suspend

2 years ago*** empty log message ***
deraadt [Wed, 9 Feb 2022 23:54:55 +0000 (23:54 +0000)]
*** empty log message ***

2 years agoMove x86-only stubs used by kern/subr_suspend.c into dev/acpi/acpi_x86.c
deraadt [Wed, 9 Feb 2022 23:54:32 +0000 (23:54 +0000)]
Move x86-only stubs used by kern/subr_suspend.c into dev/acpi/acpi_x86.c
for sharing between i386 and amd64.
ok mlarkin kettenis

2 years agoadd Surface Go 3 hid to acpibat(4)
dv [Wed, 9 Feb 2022 16:10:05 +0000 (16:10 +0000)]
add Surface Go 3 hid to acpibat(4)

Microsoft decided to break with basic ACPI standards with the Go 3.
In this case, they don't expose the battery in a standard way, so
acpibat(4) needs to look for the special Microsoft hid.

From mlarkin@, ok kettenis@

2 years agoadd newline to acpitz(4) attach condition
dv [Wed, 9 Feb 2022 16:03:53 +0000 (16:03 +0000)]
add newline to acpitz(4) attach condition

ok miod@

2 years agoFix the -f option when passed multiple files.
millert [Wed, 9 Feb 2022 15:53:35 +0000 (15:53 +0000)]
Fix the -f option when passed multiple files.
Found by robert@

2 years agolet pfattach() to also initialize pf_default_rule_new to avoid
sashan [Wed, 9 Feb 2022 11:42:58 +0000 (11:42 +0000)]
let pfattach() to also initialize pf_default_rule_new to avoid
div-by-zero in pf_purge()

Reported-by: syzbot+e720e3bab51366d7b667@syzkaller.appspotmail.com
OK deraadt@

2 years agoenable hw vlan tag handling in the rx path too.
dlg [Wed, 9 Feb 2022 11:12:21 +0000 (11:12 +0000)]
enable hw vlan tag handling in the rx path too.

also tested on both x86 and sparc64.

2 years agoAdd iic_is_compatible() for matching I2C devices
visa [Wed, 9 Feb 2022 07:58:24 +0000 (07:58 +0000)]
Add iic_is_compatible() for matching I2C devices

When using device trees, the ia_name field of struct i2c_attach_args
points to the first string of the device node's "compatible" array.
However, in many cases it would be preferable to use the last, most
general "compatible" entry as a device matching criterion.

Enable more flexible device matching by permitting ia_name to point to
the raw "compatible" data which is a concatenation of NUL-terminated
strings. I2C bus code will supply the data and set ia_name and
ia_namelen. I2C device drivers will use iic_is_compatible() to check
matches. This method is also backwards compatible with the old, direct
use of ia_name.

Prompted by a related patch from kettenis@.

OK kettenis@

2 years agosilence "function declaration isn't a prototype" warning by changing
tb [Wed, 9 Feb 2022 07:48:15 +0000 (07:48 +0000)]
silence "function declaration isn't a prototype" warning by changing
int foo() to int foo(void)

2 years agoIncrease armv7 ramdisk size to avoid errors in installer.
visa [Wed, 9 Feb 2022 07:28:54 +0000 (07:28 +0000)]
Increase armv7 ramdisk size to avoid errors in installer.

OK deraadt@

2 years agodrm/amd: avoid suspend on dGPUs w/ s2idle support when runtime PM enabled
jsg [Wed, 9 Feb 2022 04:31:46 +0000 (04:31 +0000)]
drm/amd: avoid suspend on dGPUs w/ s2idle support when runtime PM enabled

From Mario Limonciello
8a15ac1786c92dce6ecbeb4e4c237f5f80c2c703 in linux 5.15.y/5.15.22
e55a3aea418269266d84f426b3bd70794d3389c8 in mainline linux

2 years agodrm/i915/overlay: Prevent divide by zero bugs in scaling
jsg [Wed, 9 Feb 2022 04:29:02 +0000 (04:29 +0000)]
drm/i915/overlay: Prevent divide by zero bugs in scaling

From Dan Carpenter
5cba71707f0a7fe19fa1feaf25a4c094876c2db1 in linux 5.15.y/5.15.22
90a3d22ff02b196d5884e111f39271a1d4ee8e3e in mainline linux

2 years agodrm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15" Apple Retina panels
jsg [Wed, 9 Feb 2022 04:25:22 +0000 (04:25 +0000)]
drm/amd/display: Force link_rate as LINK_RATE_RBR2 for 2018 15" Apple Retina panels

From Aun-Ali Zaidi
2093ecf557e733f995c7db6df716c91c43923972 in linux 5.15.y/5.15.22
30fbce374745a9c6af93c775a5ac49a97f822fda in mainline linux

2 years agodrm/amd/display: watermark latencies is not enough on DCN31
jsg [Wed, 9 Feb 2022 04:22:32 +0000 (04:22 +0000)]
drm/amd/display: watermark latencies is not enough on DCN31

From Paul Hsieh
7ff0ed88e4eb6bd7ccd7cf422ab855032ed0528c in linux 5.15.y/5.15.22
f5fa54f45ab41cbb1f99b1208f49554132ffb207 in mainline linux

2 years agodrm/amd/pm: correct the MGpuFanBoost support for Beige Goby
jsg [Wed, 9 Feb 2022 04:19:11 +0000 (04:19 +0000)]
drm/amd/pm: correct the MGpuFanBoost support for Beige Goby

From Evan Quan
4f4c77ad5a13ac39d38cc3f1b963e85ecf9d528f in linux 5.15.y/5.15.22
3ec5586b4699cfb75cdfa09425e11d121db40773 in mainline linux

2 years agodrm/i915/adlp: Fix TypeC PHY-ready status readout
jsg [Wed, 9 Feb 2022 04:16:26 +0000 (04:16 +0000)]
drm/i915/adlp: Fix TypeC PHY-ready status readout

From Imre Deak
39ac3945d966168bdede467446dec45cee3382bb in linux 5.15.y/5.15.22
3c6f13ad723e7206f03bb2752b01d18202b7fc9d in mainline linux

2 years agodrm/i915: Disable DSB usage for now
jsg [Wed, 9 Feb 2022 04:13:39 +0000 (04:13 +0000)]
drm/i915: Disable DSB usage for now

From Ville Syrjala
d63d077fc44645d51df7e9007df87853f5c13e4c in linux 5.15.y/5.15.22
99510e1afb4863a225207146bd988064c5fd0629 in mainline linux

2 years agoenable hardware vlan tagging.
dlg [Wed, 9 Feb 2022 03:22:50 +0000 (03:22 +0000)]
enable hardware vlan tagging.

tested on sparc64 and x86

2 years agocat(1): drop "rpath" promise in no-file case
cheloha [Wed, 9 Feb 2022 01:58:57 +0000 (01:58 +0000)]
cat(1): drop "rpath" promise in no-file case

If we're only working with the standard input we don't need "rpath".

Tweaked by mestre@.

Thread: https://marc.info/?l=openbsd-tech&m=163941848104274&w=2

No objections on tech@ after several weeks.

2 years agocat(1): refactor cook_args()/raw_args() into single function, cat_file()
cheloha [Wed, 9 Feb 2022 01:56:28 +0000 (01:56 +0000)]
cat(1): refactor cook_args()/raw_args() into single function, cat_file()

- Combine the open/close portions of cook_args()/raw_args() into a single
  function, cat_file().

- Push the flag-checking conditional in main() down into cat_file().

- Pull the argv loop in cat_file() up into main().

These changes -- especially pulling the argv look up into main() --
will allow us to drop the "rpath" promise in a single spot in a
subsequent patch.

Tweaked by mestre@.  Descriptor leak in earlier version spotted by
Matthew Martin.

Thread: https://marc.info/?l=openbsd-tech&m=163941848104274&w=2

No objections on tech@ after several weeks.

2 years agooops, a typo snuck in
deraadt [Tue, 8 Feb 2022 23:19:47 +0000 (23:19 +0000)]
oops, a typo snuck in

2 years agoPlug a long standing leak in libtls CRL handling
tb [Tue, 8 Feb 2022 19:13:50 +0000 (19:13 +0000)]
Plug a long standing leak in libtls CRL handling

X509_STORE_add_crl() does not take ownership of the CRL, it bumps its
refcount. So nulling out the CRL from the stack will leak it.

Issue reported by KS Sreeram, thanks!

ok jsing

2 years agoPlug leaks reported by Ilya Shipitsin
tb [Tue, 8 Feb 2022 19:06:56 +0000 (19:06 +0000)]
Plug leaks reported by Ilya Shipitsin

2 years agoPlug a number of leaks reported by Ilya Shipitsin
tb [Tue, 8 Feb 2022 19:00:36 +0000 (19:00 +0000)]
Plug a number of leaks reported by Ilya Shipitsin

2 years agoIn the first example, use "mandoc -a" directly rather "mandoc -l".
schwarze [Tue, 8 Feb 2022 18:23:11 +0000 (18:23 +0000)]
In the first example, use "mandoc -a" directly rather "mandoc -l".

It feels more natural to me to use -a directly when asking mandoc(1)
to use a pager.  The reason that "mandoc -l" does exactly the same
as "mandoc -a" is that "mandoc" is essentially "man -lc", so the -a
implied by -l negates the -c and the -l has no effect because it is
already the default for mandoc(1).

The more usual command for doing the same is "man -l foo.1 bar.1 ..."
but that's off-topic for the mandoc(1) manual page.

Patch on tech@ from Anders Damsgaard <anders at adamsgaard dot dk>.

2 years agoDo not /0 if timeout[PFTM_INTERVAL] manages to become zero
deraadt [Tue, 8 Feb 2022 18:08:33 +0000 (18:08 +0000)]
Do not /0 if timeout[PFTM_INTERVAL] manages to become zero
crash noticed by gnezdo, a seperate commit will fix the identified
cause, but being careful at this point is a good idea.
ok sashan

2 years agoGarbage collect the unused hash and print kp->pubkey_hash instead of NULL.
tb [Tue, 8 Feb 2022 18:05:57 +0000 (18:05 +0000)]
Garbage collect the unused hash and print kp->pubkey_hash instead of NULL.
Make sure kp is freed also on error.

ok jsing

2 years agoFix memleaks reported by Ilya Shipitsin
tb [Tue, 8 Feb 2022 17:59:39 +0000 (17:59 +0000)]
Fix memleaks reported by Ilya Shipitsin

2 years agorev(1): drop "rpath" promise in no-file branch.
cheloha [Tue, 8 Feb 2022 17:44:18 +0000 (17:44 +0000)]
rev(1): drop "rpath" promise in no-file branch.

We don't need "rpath" if we're only processing the standard input.

Thread: https://marc.info/?l=openbsd-tech&m=164433848419371&w=2

ok deraadt@ millert@

2 years agoThe suspend/resume code is a sticky mess of MI, MD, and ACPI sequencing.
deraadt [Tue, 8 Feb 2022 17:25:10 +0000 (17:25 +0000)]
The suspend/resume code is a sticky mess of MI, MD, and ACPI sequencing.
This splits out the MI sequencing, backing it with per-architecture helper
functions.  Further steps will be neccesary because ACPI and MD are too
tightly coupled, but soon we'll be able to use this code for more architectures
(which depends on figuring out the lowest-level cpu sleeping method)
ok kettenis

2 years agoChange second argument of x25519_ge_scalarmult_base() from
tb [Tue, 8 Feb 2022 16:44:23 +0000 (16:44 +0000)]
Change second argument of x25519_ge_scalarmult_base() from
a 'const uint8_t *a' to a 'const uint8_t a[32]' to match
the prototype in curve25519_internal.h and the other variant
inside OPENSSL_SMALL.

ok millert

2 years agoCheck CRLs also for manifests
tb [Tue, 8 Feb 2022 14:53:03 +0000 (14:53 +0000)]
Check CRLs also for manifests

There is a chicken-egg here since manifests reference the CRL themselves.
We may also have two CRLs available, in which case we check against the
one with the newer thisUpdate time.

The RFC situation is a bit of a mess with abundant complexity, unclear
recommendations and requirements and draft specs that also need to be
considered. This is a first version that works with future improvements
to be landed later.

Joint work with claudio, prompted by a question by job

ok claudio job

2 years agoFix a KASSERT in iwm(4) being triggered for the wrong reason.
stsp [Tue, 8 Feb 2022 14:24:36 +0000 (14:24 +0000)]
Fix a KASSERT in iwm(4) being triggered for the wrong reason.

iwm_wakeup() must initialize the task reference counter only if
resuming the device succeeds. Otherwise, the newstate task will
not be scheduled and hence the ref counter must remain at zero.

Problem observed by + ok kettenis@

2 years agoBefore loading the certificate chain for the file under inspection check
claudio [Tue, 8 Feb 2022 12:35:14 +0000 (12:35 +0000)]
Before loading the certificate chain for the file under inspection check
if the AKI cert is not already present. This fixes a problem when a top
level MFT is displayed.
Report and OK job@, OK tb@

2 years agoUsing FILL_KPROC() from sysctl.h after rev 1.223 requires a definition
jsg [Tue, 8 Feb 2022 12:10:39 +0000 (12:10 +0000)]
Using FILL_KPROC() from sysctl.h after rev 1.223 requires a definition
of struct filedesc.  Include sys/filedesc.h here to unbreak the build.

problem found by and ok tb@

2 years agobring back IPv4, TCP4/6 and UDP4/6 checksum offloading.
dlg [Tue, 8 Feb 2022 11:55:19 +0000 (11:55 +0000)]
bring back IPv4, TCP4/6 and UDP4/6 checksum offloading.

this was first introduced in r1.176 by jan@. this diff includes two
fixes to that implementation.

the most important one is to parse the ip and tcp headers before a
possible call to m_defrag. if an l4 offload is requested, it's only
requested by the stack when the payload is correctly aligned and
with each header contiguous in memory. this means you can use
m_getptr and cast the packet data to the relevant headers to read
them directly because that's what the stack does when it's working
on them. this makes it cheap to work on them too.

however, if you m_defrag, it ignores the alignment and ends up
making it unsafe to dereference the ip and tcp/udp payloads on
strict alignment architectures. if we want to look at the headers
after m_defrag, we'd likely have to copy them onto the stack first.

the other fix is to reset the offload bits between packets in the
loop in ixl_start.

another difference is that this code skips parsing the packet if
no checksum offload is requested.

tests and a tweak by bluhm@ to actually use the offloading
tested by me on sparc64 and x86 boxes

ok bluhm@ jmatthew@

2 years agoMove the guts of proc_parser_crl() into crl_parse(). This is actually
tb [Tue, 8 Feb 2022 11:51:51 +0000 (11:51 +0000)]
Move the guts of proc_parser_crl() into crl_parse(). This is actually
parsing the CRL, so it makes more sense to have it there. It will also
make an upcoming change easier. While there, rename free_crl() into
crl_free() for consistency with all other *_free() functions.

input/ok claudio

2 years agouse sizeof(long) - 1 in m_pullup to determine payload alignment.
dlg [Tue, 8 Feb 2022 11:28:19 +0000 (11:28 +0000)]
use sizeof(long) - 1 in m_pullup to determine payload alignment.

this makes it consistent with the rest of the network stack when
determining alignment.

ok bluhm@

2 years agofix off by one in bounds test
jsg [Tue, 8 Feb 2022 09:41:04 +0000 (09:41 +0000)]
fix off by one in bounds test
ok miod@ kettenis@

2 years agoSwitch hpdelim interface to accept only ":" as delimiter.
dtucker [Tue, 8 Feb 2022 08:59:12 +0000 (08:59 +0000)]
Switch hpdelim interface to accept only ":" as delimiter.

Historicallly, hpdelim accepted ":" or "/" as a port delimiter between
hosts (or addresses) and ports.  These days most of the uses for "/"
are no longer accepted, so there are several places where it checks the
delimiter to disallow it.  Make hpdelim accept only ":" and use hpdelim2
in the other cases.  ok djm@

2 years agopoll(2): Switch to kqueue backend
visa [Tue, 8 Feb 2022 08:56:41 +0000 (08:56 +0000)]
poll(2): Switch to kqueue backend

Implement the poll(2) system call on top of the kqueue subsystem.
This obsoletes the old, non-MP-safe poll backend.

On entering poll(2), the new code translates each pollfd array entry
into a set of knotes. When these knotes receive events through kqueue,
the events are translated back to pollfd format.

Entries in the pollfd array can refer to the same file descriptor with
overlapping event masks. To allow such overlap with knotes, use an extra
kn_pollid key that separates knotes of different pollfd entries.

Adapted from DragonFly BSD, initial implementation by mpi@.

Tested in snaps for three weeks.

OK mpi@

2 years agorework checksum/vlan offloading, and enable it for ipv6 too.
dlg [Tue, 8 Feb 2022 03:38:00 +0000 (03:38 +0000)]
rework checksum/vlan offloading, and enable it for ipv6 too.

this is based on work by jan@ and bluhm@. the most interesting
change on top of their work is to move the parsing of the IP packets
to figure out ip and udp/tcp offsets before a possible call to
m_defrag.

if an l4 offload is requested, it's only requested by the stack
when the payload is correctly aligned and with each header contiguous
in memory. this means you can use m_getptr and cast the packet data
to the relevant headers to read them directly because that's what
the stack does when it's working on them. this makes it cheap to
work on them too.

however, if you m_defrag, it ignores the alignment and ends up
making it unsafe to dereference the ip and tcp/udp payloads on
strict alignment architectures. if we want to look at the headers
after m_defrag, we'd likely have to copy them onto the stack first.

we got away with this before because we were lucky with the code
that's generated on strict alignment archs for looking at the ip
hl and proto fields. that luck might run out though.

while here i've also tweaked the vlan handling code, and generally
tried to make it more readable.

ok bluhm@ jmatthew@

2 years agoAllow writes to rw pages in pte_spill_v
gkoehler [Mon, 7 Feb 2022 23:20:09 +0000 (23:20 +0000)]
Allow writes to rw pages in pte_spill_v

In the powerpc pmap, hash collisions can spill page table entries.
Page faults can use pte_spill_v to reinsert a spilled pte.  If the
fault is a write (DSISR_STORE), then pte_spill_v tries to check for a
read-only page.  The existing check (pte_lo & PTE_RO_64) also matched
rw pages, because PTE_RO_64 is 3 and PTE_RW_64 is 2.  This caused
pte_spill_v to deny writes to rw pages.  Then uvm_fault might allow
the write; but uvm_fault can't handle some pages in the kernel.  Such
faults caused, "panic: uvm_fault: fault on non-pageable map", or
"panic: trap type 300".

Change it to ((pte_lo & PTE_PP_64) == PTE_RO_64).  This seems to fix
one reason why bsd.mp on a macppc dual G5 might panic.

ok kettenis@ miod@

2 years agoNew status flag: 'c' - process is chrooted.
rob [Mon, 7 Feb 2022 22:57:47 +0000 (22:57 +0000)]
New status flag: 'c' - process is chrooted.
Feedback and tweaks from deraadt@ guenther@
Ok bluhm@ deraadt@

2 years agoAllow "ddb{1}> trace" through interrupt on macppc
gkoehler [Mon, 7 Feb 2022 22:28:15 +0000 (22:28 +0000)]
Allow "ddb{1}> trace" through interrupt on macppc

If cpu0 sends PPC_IPI_DDB to cpu1, then cpu1 stops on its interrupt
stack.  Teach ININTSTK to allow traces through all interrupt stacks,
not only cpu0's.

ININTSTK now works by looping for all cpus.  It doesn't remember which
cpu owns the stack.  A macppc has at most 4 cpus.

ok kettenis@ miod@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Mon, 7 Feb 2022 20:24:30 +0000 (20:24 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by visa@

ok visa@

2 years agoAvoid a NULL dereference in BN_mod_exp2_mont()
tb [Mon, 7 Feb 2022 19:49:56 +0000 (19:49 +0000)]
Avoid a NULL dereference in BN_mod_exp2_mont()

This is a very rarely used function and the crash is hard to reach in
practice. Instead of implementing BN_is_odd() badly by hand, just call
the real thing.

Reported by Guido Vranken

ok beck jsing

2 years agoCheck for zero modulus in BN_MONT_CTX_set().
tb [Mon, 7 Feb 2022 19:44:23 +0000 (19:44 +0000)]
Check for zero modulus in BN_MONT_CTX_set().

From OpenSSL 6a009812, prompted by a report by Guido Vranken

ok beck jsing

2 years agoDelete STACKGAPLEN: this exec-time allocation at the top of the
guenther [Mon, 7 Feb 2022 19:30:48 +0000 (19:30 +0000)]
Delete STACKGAPLEN: this exec-time allocation at the top of the
original thread's stack hasn't been used since 2015.

ok miod@ deraadt@

2 years agoTweak previous.
rob [Mon, 7 Feb 2022 19:28:14 +0000 (19:28 +0000)]
Tweak previous.

2 years agohead(1): check for stdio errors
cheloha [Mon, 7 Feb 2022 17:19:57 +0000 (17:19 +0000)]
head(1): check for stdio errors

- Output errors are terminal.

- Input errors yield a warning and cause head(1) to fail
  gracefully.

Tweaked by millert@.

Thread: https://marc.info/?l=openbsd-tech&m=164419238123928&w=2

ok millert@

2 years agomark failing tests for armv7
mbuhl [Mon, 7 Feb 2022 16:42:59 +0000 (16:42 +0000)]
mark failing tests for armv7

2 years agotrig_test-2 now passes on macppc
mbuhl [Mon, 7 Feb 2022 16:28:45 +0000 (16:28 +0000)]
trig_test-2 now passes on macppc

2 years agoChecking ifaddr pointer for NULL without checking in6_ifaddr works
bluhm [Mon, 7 Feb 2022 15:23:43 +0000 (15:23 +0000)]
Checking ifaddr pointer for NULL without checking in6_ifaddr works
as ifaddr ia_ifa is the first field of in6_ifaddr.  So the pointers
are the same, and one NULL check works for both.  But in ISO C NULL
has some kind of type and this is undefined behavior.  So add a
second NULL check that the compiler can optimize away.  The resulting
assembler is the same.
found by kubsan; OK tobhe@

2 years agoUse fdisk's -b to create boot partitions instead of -e scripts.
krw [Mon, 7 Feb 2022 15:21:38 +0000 (15:21 +0000)]
Use fdisk's -b to create boot partitions instead of -e scripts.

Build, boot and install tested by visa@

ok visa@

2 years agoSync ps.1 with sys/proc.h. Tweaked by deraadt@.
rob [Mon, 7 Feb 2022 13:17:27 +0000 (13:17 +0000)]
Sync ps.1 with sys/proc.h. Tweaked by deraadt@.
Ok millert@ deraadt@

2 years agoConvert KVA allocation to km_alloc(9).
kettenis [Mon, 7 Feb 2022 13:16:42 +0000 (13:16 +0000)]
Convert KVA allocation to km_alloc(9).

ok jsg@

2 years agoIn rtredirect() change an bad assignment in an if condition to the
claudio [Mon, 7 Feb 2022 11:03:34 +0000 (11:03 +0000)]
In rtredirect() change an bad assignment in an if condition to the
correct equality check.
Found by and OK jsg@

2 years agosystematically remove setuid/setgid from files before archiving AND
espie [Mon, 7 Feb 2022 09:38:33 +0000 (09:38 +0000)]
systematically remove setuid/setgid from files before archiving AND
during extractions. Those bits belong in a museum^Win the packing-list.

thx naddy@ for checking this thru a bulk.

2 years agoSwitch to stdint.h types like rest of bgpd
claudio [Mon, 7 Feb 2022 09:31:21 +0000 (09:31 +0000)]
Switch to stdint.h types like rest of bgpd

2 years agouse libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually
djm [Mon, 7 Feb 2022 01:25:12 +0000 (01:25 +0000)]
use libfido2 1.8.0+ fido_assert_set_clientdata() instead of manually
hashing data outselves. Saves a fair bit of code and makes life easier
for some -portable platforms.

2 years agoAdd test for empty hostname with port.
dtucker [Sun, 6 Feb 2022 22:58:33 +0000 (22:58 +0000)]
Add test for empty hostname with port.

2 years agoAvoid touching "locked" DARTs. While there, print something when we place
kettenis [Sun, 6 Feb 2022 19:10:07 +0000 (19:10 +0000)]
Avoid touching "locked" DARTs.  While there, print something when we place
a DART in bypass mode.

ok patrick@

2 years agos/poll/pool
rob [Sun, 6 Feb 2022 17:24:58 +0000 (17:24 +0000)]
s/poll/pool