openbsd
3 years agoalso check contents of remaining string
djm [Fri, 21 May 2021 03:59:01 +0000 (03:59 +0000)]
also check contents of remaining string

3 years agounit test for misc.c:strdelim() that mostly servces to highlight its
djm [Fri, 21 May 2021 03:48:07 +0000 (03:48 +0000)]
unit test for misc.c:strdelim() that mostly servces to highlight its
inconsistencies

3 years agoFix __ppc_lock for page faults that recursively grab the lock.
gkoehler [Fri, 21 May 2021 00:39:35 +0000 (00:39 +0000)]
Fix __ppc_lock for page faults that recursively grab the lock.

The macppc kernel, when running on G5, may get page faults while
executing itself.  Because we reorder our kernels, these faults happen
in different places in each kernel.  I got unlucky with a bsd.mp where
the function __ppc_lock() crossed a page boundary.  The fault handler
recursively called __ppc_lock() and caused my G5 to freeze or hang
very early during boot, while trying to map the framebuffer.

Change the lock to spin while (mpl->mpl_cpu != NULL).  Acquire the
lock with a single atomic write, by setting mpl_cpu and leaving
mpl_count at 0.  Page faults that recursively call __ppc_lock() and
__ppc_unlock() should now not corrupt the lock.

In case we hold the lock but get a page fault before membar_enter() or
after membar_exit(), the recursive calls now have memory barriers.

Delete some unused functions.  In the past, __ppc_lock was __mp_lock,
but today, the only __ppc_lock is PMAP_HASH_LOCK.

ok kettenis@

3 years agoPrint cache information based on device tree properties like we do on
kettenis [Thu, 20 May 2021 18:28:15 +0000 (18:28 +0000)]
Print cache information based on device tree properties like we do on
powerpc64.

ok deraadt@

3 years agovmm(4): don't advertise cpu support for TSC_ADJUST msr
dv [Thu, 20 May 2021 17:33:44 +0000 (17:33 +0000)]
vmm(4): don't advertise cpu support for TSC_ADJUST msr

We don't emulate it, so guests that attempt to read it just get #GP
injected anyways.

OK mlarkin@

3 years agoRemoves the useless FILE* parameter of get_line().
jan [Thu, 20 May 2021 15:21:03 +0000 (15:21 +0000)]
Removes the useless FILE* parameter of get_line().
While here fix minor whitespace mistake.

"looks fine to me" chris@

3 years agoSignificant overhaul of the floating point save/restore code.
drahn [Thu, 20 May 2021 15:14:30 +0000 (15:14 +0000)]
Significant overhaul of the floating point save/restore code.
At this point the mechanism should closely resemble the powerpc64
save/restore points with one difference. (reload avoidance)
The previous 'aggressive' fpu save code that was (mostly) implemented before
and is present on arm32 and arm64.

There is one piece from that other design that remains, if
pcb->pcb_fpcpu == ci && ci->ci_fpuproc == p
after sleep, this will automatically re-activate the FPU state without
needing to reload it.
To enable this, the pointer pair is not changed on FPU context save
to indicate that the CPU still holds the valid content as long as both
of those pointers are pointing to each other.
Note that if another core steals the FPU conxtex (when we get to SMP)
the pcb->pcb_fpcpu will be another cpu, and from that it will know
to reload the FPU context. Also optimistically enabling this only makes
sense on riscv64 because there is the notion of FPU on and clean. Other
implimentations would need to 'fault on' the FPU enable, but could avoid
the FPU context load if no other processor has run this FPU context and no
other process has use FPU on this core.

ok kettenis@ deraadt@ Prior to a couple of fixes.
(this file was missing from original commit)

3 years agoFix previous.
florian [Thu, 20 May 2021 15:12:10 +0000 (15:12 +0000)]
Fix previous.
Only set Content-Length when we no the body is empty and we disable
chunked encoding. Otherwise we break the nextcloud app again :/
Pointed out by Matthias Pressfreund, thanks!

3 years agoEVP_Digest*: fix documented return values.
tb [Thu, 20 May 2021 14:41:47 +0000 (14:41 +0000)]
EVP_Digest*: fix documented return values.

EVP_DigestSign{,Init,Update,Final}() and EVP_DigestVerify{Init,Update}()
always returned 1 for success and 0 for failure. EVP_DigestVerify()
and EVP_DigestVerifyFinal() can return -1 or -2, though.

Based on OpenSSL 1.1.1 56c59ddd99da05c2f30832cccaffb873a8481555

ok inoguchi

3 years agoNuke duplicate declaration of MBR_init_GPT().
krw [Thu, 20 May 2021 14:27:14 +0000 (14:27 +0000)]
Nuke duplicate declaration of MBR_init_GPT().

3 years agoWe changed powerpc64 to allow write access to write only mappings.
bluhm [Thu, 20 May 2021 12:34:35 +0000 (12:34 +0000)]
We changed powerpc64 to allow write access to write only mappings.
Although the page table cannot prevent reads on write only pages,
the first access in trap() knows what is is.  This should be passed
to uvm_fault().  Then regress/sys/kern/fork-exit passes.  Copy the
new powerpc64 logic to powerpc.
OK tobhe@ kettenis@ deraadt@

3 years agoProperly initalize the MRT config so that mrt_reconfigure() is doing the
claudio [Thu, 20 May 2021 10:06:20 +0000 (10:06 +0000)]
Properly initalize the MRT config so that mrt_reconfigure() is doing the
right thing. This also fixes the bgpd -nv output for 'dump X {in,out}'
statements for peers.
Debugged with and tested by Paul de Weerd

3 years agoFix bgpctl show mrt argument list. Seems like peers was added in the wrong
claudio [Thu, 20 May 2021 10:03:43 +0000 (10:03 +0000)]
Fix bgpctl show mrt argument list. Seems like peers was added in the wrong
spot. Noticed and diff provided by Paul de Weerd.

3 years agoRename context to pdutype. This is in line with the naming schema from the
martijn [Thu, 20 May 2021 08:53:12 +0000 (08:53 +0000)]
Rename context to pdutype. This is in line with the naming schema from the
RFCs.

While here remove a duplicate sm_type that snuck in during traphandler
merger and use human readable names in debug log entries from packages.

OK jan@

3 years agoMake use of uao_dropswap_range() in uao_free() instead of re-rolling it.
mpi [Thu, 20 May 2021 08:03:35 +0000 (08:03 +0000)]
Make use of uao_dropswap_range() in uao_free() instead of re-rolling it.

ok kettenis@

3 years agoCall tls_accept_socket() and tls_connect_socket() immediatly instead of
eric [Thu, 20 May 2021 07:33:32 +0000 (07:33 +0000)]
Call tls_accept_socket() and tls_connect_socket() immediatly instead of
going through a deferred event. It makes the code simplier and eliminates
the need to keep the listener tls context in the io structure.

ok tb@

3 years agoSignificant overhaul of the floating point save/restore code.
drahn [Thu, 20 May 2021 04:22:33 +0000 (04:22 +0000)]
Significant overhaul of the floating point save/restore code.
At this point the mechanism should closely resemble the powerpc64
save/restore points with one difference. (reload avoidance)
The previous 'aggressive' fpu save code that was (mostly) implemented before
and is present on arm32 and arm64.

There is one piece from that other design that remains, if
pcb->pcb_fpcpu == ci && ci->ci_fpuproc == p
after sleep, this will automatically re-activate the FPU state without
needing to reload it.
To enable this, the pointer pair is not changed on FPU context save
to indicate that the CPU still holds the valid content as long as both
of those pointers are pointing to each other.
Note that if another core steals the FPU conxtex (when we get to SMP)
the pcb->pcb_fpcpu will be another cpu, and from that it will know
to reload the FPU context. Also optimistically enabling this only makes
sense on riscv64 because there is the notion of FPU on and clean. Other
implimentations would need to 'fault on' the FPU enable, but could avoid
the FPU context load if no other processor has run this FPU context and no
other process has use FPU on this core.

ok kettenis@ deraadt@ Prior to a couple of fixes.

3 years agoarm64 -> powerpc64
jsg [Thu, 20 May 2021 00:58:53 +0000 (00:58 +0000)]
arm64 -> powerpc64

3 years agomention riscv64 config lines
jsg [Thu, 20 May 2021 00:55:15 +0000 (00:55 +0000)]
mention riscv64 config lines

3 years agobuild pcidump on riscv64
jsg [Thu, 20 May 2021 00:46:34 +0000 (00:46 +0000)]
build pcidump on riscv64

3 years agoadd pci to RAMDISK as well
jsg [Wed, 19 May 2021 23:29:42 +0000 (23:29 +0000)]
add pci to RAMDISK as well

3 years agoRevert hack to build clang with -static on riscv64.
drahn [Wed, 19 May 2021 23:18:40 +0000 (23:18 +0000)]
Revert hack to build clang with -static on riscv64.

This 'requirement' was due to a bug in dtors which has been corrected.
reminded by jsg@

3 years agoCorrect the library path for native build of ramdisks.
drahn [Wed, 19 May 2021 23:15:21 +0000 (23:15 +0000)]
Correct the library path for native build of ramdisks.

3 years agoNo need to pass the location of the partition table to
krw [Wed, 19 May 2021 21:49:07 +0000 (21:49 +0000)]
No need to pass the location of the partition table to
GPT_get_partition_table() since the global 'gh' knows where it is.

Fixes a couple of missing letoh64() calls by eliminating the need for
them.

3 years agoGet rid of the do-nothing cache setup code. The RISC-V architecture has
kettenis [Wed, 19 May 2021 21:23:20 +0000 (21:23 +0000)]
Get rid of the do-nothing cache setup code.  The RISC-V architecture has
no architecturally defined caches (yet) so there is nothing to set up here.
Gets rid of some more useless XXX.

3 years agodelete useless XXX
deraadt [Wed, 19 May 2021 20:37:16 +0000 (20:37 +0000)]
delete useless XXX

3 years agodelete useless XXX
deraadt [Wed, 19 May 2021 20:35:02 +0000 (20:35 +0000)]
delete useless XXX

3 years agoOnly advertise MSI support if there is an MSI controller of some sort.
kettenis [Wed, 19 May 2021 20:10:38 +0000 (20:10 +0000)]
Only advertise MSI support if there is an MSI controller of some sort.

ok patrick@

3 years agoWhen we disable "Transfer-Encoding: chunked" in the fastcgi backend
florian [Wed, 19 May 2021 19:42:53 +0000 (19:42 +0000)]
When we disable "Transfer-Encoding: chunked" in the fastcgi backend
because we are going to send an empty body we have to provide
"Content-Length: 0" otherwise some browsers (Firefox, Safari) just
hang until httpd(8) closes the connection.
Problem reported by Matthias Pressfreund, debugged with weerd@ who
pointed out that the problem is browser dependent.
OK tracey

3 years agoAdd PCI support.
kettenis [Wed, 19 May 2021 19:32:25 +0000 (19:32 +0000)]
Add PCI support.

ok deraadt@

3 years agoDouble the maximum data size limit on powerpc64. Now it is 32 GB
bluhm [Wed, 19 May 2021 18:42:59 +0000 (18:42 +0000)]
Double the maximum data size limit on powerpc64.  Now it is 32 GB
and the same as amd64.  The machines have large amounts of memory.
discussed with kettenis@

3 years agoIn ttyinfo() check that ps_vmspace isn't NULL before calculating the
kettenis [Wed, 19 May 2021 18:10:45 +0000 (18:10 +0000)]
In ttyinfo() check that ps_vmspace isn't NULL before calculating the
resident set size.  This replicates what the sysctl code does and fixes
a kernel crash reported by robert@

ok deraadt@

3 years agoDisable global mappings when using PCID.
patrick [Wed, 19 May 2021 17:46:36 +0000 (17:46 +0000)]
Disable global mappings when using PCID.

Page table mappings are frequently created and destroyed in the kernel
address space.  Traditionally, these mappings have been marked as
"global" mappings which means that a TLB flush via %cr3 load does not
invalidate them.  This is ok as these mappings are the same for all
processes.

With the advent of MELTDOWN, global mappings were disabled for CPUs
that are affected by rogue data cache load (RDCL aka MELTDOWN).  To
compensate for this we started using PCID and the kernel got its own
process context identifier.  Thus the hardware is allowed to cache
kernel mappings again.

However, a CPU that supports PCID but is _not_ affected by MELTDOWN
(i.e. ARCH_CAPABILTIES.RDCL_NO=1) will now use both: global PTE
mappings and PCID.

This is a problem if range based TLB invalidations are used to update/
flush cached TLBs after a change to the kernel page tables.  The reason
is that the invpcid instruction (function 0) that is used to remove the
cached TLBs will not remove global mappings.  In the non-PCID case invlpg
is used instead which does remove global mappings.  In the MELTDOWN case,
global mappings are not used at all.

The solution is to not use global mappings if PCID is active, as the
latter should already by enough to let the hardware cache kernel address
translations across address space switches and the global flag is not
required.

From Christian Ehrhardt
ok bluhm@ guenther@ mlarkin@

3 years agoBring riscv64 intr.c code in sync with arm64. This brings us:
kettenis [Wed, 19 May 2021 17:39:49 +0000 (17:39 +0000)]
Bring riscv64 intr.c code in sync with arm64.  This brings us:

- MSI support
- Interfaces to route interrupts to specific CPUs
- Proper interrupt barriers
- s/riscv_intr_handler/machine_intr_handler/

ok mlarkin@

3 years agoenter new dirs
deraadt [Wed, 19 May 2021 17:25:10 +0000 (17:25 +0000)]
enter new dirs

3 years agocorrect .PATH
deraadt [Wed, 19 May 2021 17:22:57 +0000 (17:22 +0000)]
correct .PATH

3 years agoresolvd and dhcpleased if ramdisks need them
deraadt [Wed, 19 May 2021 17:16:51 +0000 (17:16 +0000)]
resolvd and dhcpleased if ramdisks need them

3 years agoPlease sir, I want some more (ramdisk miniroot space)
deraadt [Wed, 19 May 2021 16:57:02 +0000 (16:57 +0000)]
Please sir, I want some more (ramdisk miniroot space)

3 years agoAdjust libcrypto obj_xref.txt to obj_xref.h
inoguchi [Wed, 19 May 2021 10:12:55 +0000 (10:12 +0000)]
Adjust libcrypto obj_xref.txt to obj_xref.h

To generate current obj_xref.h, third item of lines
id_tc26_signwithdigest_gost3410_2012_256/512 should be id_GostR3410_2001.

obj_xref.txt r1.2 and obj_xref.h r1.3 were committed at the same time,
and these third item were coded different value each other.

This adjusts obj_xref.txt to current obj_xref.h.

ok tb@

3 years agomatch on Intel 500 Series PCH ids
jsg [Wed, 19 May 2021 05:28:09 +0000 (05:28 +0000)]
match on Intel 500 Series PCH ids

3 years agoregen
jsg [Wed, 19 May 2021 05:21:24 +0000 (05:21 +0000)]
regen

3 years agoadd Intel 500 Series PCH ids
jsg [Wed, 19 May 2021 05:20:48 +0000 (05:20 +0000)]
add Intel 500 Series PCH ids

3 years agoregen
jsg [Wed, 19 May 2021 02:14:52 +0000 (02:14 +0000)]
regen

3 years agoadd more inteldrm and amdgpu ids
jsg [Wed, 19 May 2021 02:14:11 +0000 (02:14 +0000)]
add more inteldrm and amdgpu ids

3 years agorestore blocking status on stdio fds before close
djm [Wed, 19 May 2021 01:24:05 +0000 (01:24 +0000)]
restore blocking status on stdio fds before close

ssh(1) needs to set file descriptors to non-blocking mode to operate
but it was not restoring the original state on exit. This could cause
problems with fds shared with other programs via the shell, e.g.

> $ cat > test.sh << _EOF
> #!/bin/sh
> {
>         ssh -Fnone -oLogLevel=verbose ::1 hostname
>         cat /usr/share/dict/words
> } | sleep 10
> _EOF
> $ ./test.sh
> Authenticated to ::1 ([::1]:22).
> Transferred: sent 2352, received 2928 bytes, in 0.1 seconds
> Bytes per second: sent 44338.9, received 55197.4
> cat: stdout: Resource temporarily unavailable

This restores the blocking status for fds 0,1,2 (stdio) before ssh(1)
abandons/closes them.

This was reported as bz3280 and GHPR246; ok dtucker@

3 years agoEnable umb(4).
kevlo [Tue, 18 May 2021 14:25:59 +0000 (14:25 +0000)]
Enable umb(4).

3 years agoregen
kevlo [Tue, 18 May 2021 14:23:53 +0000 (14:23 +0000)]
regen

3 years agoAdd support for Quectel EC25.
kevlo [Tue, 18 May 2021 14:23:03 +0000 (14:23 +0000)]
Add support for Quectel EC25.
To issue an AT command (AT+QCFG="usbnet",2) to change to MBIM mode.

Tested by Shawn Chiou on rpi4; "of course" deraadt@

3 years agoWhen looking for column separators on tbl(7) data lines, properly skip
schwarze [Tue, 18 May 2021 13:22:37 +0000 (13:22 +0000)]
When looking for column separators on tbl(7) data lines, properly skip
escape sequences; do not misinterpret bytes from the middle of escape
sequence names or arguments as column separators.
Bug reported and patch tested by Oliver dot Corff at email dot de.

3 years agobump rpki-client version
benno [Tue, 18 May 2021 13:20:55 +0000 (13:20 +0000)]
bump rpki-client version

3 years agopanic does not require a \n at the end. When one is provided, it looks wrong.
deraadt [Tue, 18 May 2021 12:26:31 +0000 (12:26 +0000)]
panic does not require a \n at the end.  When one is provided, it looks wrong.

3 years agouse ctfstrip instead of strip to add .SUNW_ctf
jsg [Tue, 18 May 2021 12:24:12 +0000 (12:24 +0000)]
use ctfstrip instead of strip to add .SUNW_ctf

ok deraadt@ mpi@

3 years agoMove the pciecam stanza back into files.arm64 since armv7 has its own
kettenis [Tue, 18 May 2021 11:39:37 +0000 (11:39 +0000)]
Move the pciecam stanza back into files.arm64 since armv7 has its own
pciecam(4) implementation hidden away in arch/armv7/vexpress.

Unbreaks armv7 kernel builds.

3 years agoMove potential sleeping m_getclr(9) out of `unp_lock' within unp_bind().
mvs [Tue, 18 May 2021 11:15:14 +0000 (11:15 +0000)]
Move potential sleeping m_getclr(9) out of `unp_lock' within unp_bind().

ok mpi@

3 years agovmd(8): guest virtio drivers can cause stack & buffer overflows
dv [Tue, 18 May 2021 11:06:43 +0000 (11:06 +0000)]
vmd(8): guest virtio drivers can cause stack & buffer overflows

A vmd guest can craft invalid virtio descriptor lengths resulting
in reading and writing beyond stack-allocated buffer lengths providing
an escape vector to the host.

Instead of allowing the guest to dictate read/write lengths, this
commit has vmd just use compile-time lengths based on the source
or destination object sizes. For instances where vmd's virtio
implementation can't use this method, such as reading packets from
the vionet device, cap each read with a pre-computed max chunk size.

Reported by Maxime Villard.

Tested with help from Mischa Peters, OK mlarkin@

3 years agoAdd pre-DMA-write barrier after data is stored to memory
ratchov [Tue, 18 May 2021 10:02:00 +0000 (10:02 +0000)]
Add pre-DMA-write barrier after data is stored to memory

There's already such a barrier in usbd_transfer() code-path, but this
one is called when the frames are queued to the HC ring. The audio
samples are stored in memory by userland later, *after* the frames are
scheduled (but before they are sent on the wire) so a barrier is
needed there. Without this change, the data produced by userland may
stay in the CPU caches and is not "seen" by the HC's DMA engine, in
turn the device plays noise on certain arm64 machines (RPI4, for
instance).

Fix mostly from Luca Castagnini with few tweaks from me. OK patrick@

3 years agoRemove the no-op instruction cache flush/wb/inv operations and replace them
kettenis [Tue, 18 May 2021 09:14:49 +0000 (09:14 +0000)]
Remove the no-op instruction cache flush/wb/inv operations and replace them
with a FENCE.I instruction which does exactly what we need to synchronize
the I-Cache with the D-Cache.

ok mlarkin@, jsg@

3 years agoregen
kettenis [Tue, 18 May 2021 08:16:50 +0000 (08:16 +0000)]
regen

3 years agoAdd Quectel EM120R-GL and Samsung PM9A1.
kettenis [Tue, 18 May 2021 08:16:11 +0000 (08:16 +0000)]
Add Quectel EM120R-GL and Samsung PM9A1.

ok deraadt@, jsg@

3 years agoDrop fragmented 802.11 frames.
stsp [Tue, 18 May 2021 08:10:45 +0000 (08:10 +0000)]
Drop fragmented 802.11 frames.

Fragmented frames were never of any practical use to us anyway, given that
our net80211 stack does not (yet?) re-assemble them.

Counter-measure against attacks where an arbitrary packet is injected in a
fragment with attacker-controlled content (via an AP which supports fragments).
See https://papers.mathyvanhoef.com/usenix2021.pdf
Section 6.8 "Treating fragments as full frames"

ok mpi@

3 years agoDocument new net.unix sysctls.
claudio [Tue, 18 May 2021 05:26:26 +0000 (05:26 +0000)]
Document new net.unix sysctls.
OK mvs@

3 years agoAdd support for the new net.unix sysctl nodes.
claudio [Tue, 18 May 2021 05:25:40 +0000 (05:25 +0000)]
Add support for the new net.unix sysctl nodes.
OK mvs@

3 years agovmm(4): add more specific error messages for vm-entry failures
dv [Tue, 18 May 2021 00:05:20 +0000 (00:05 +0000)]
vmm(4): add more specific error messages for vm-entry failures

To aid vmx debugging, specify if the error was related to vmresume
or vmlaunch. For vm-entry failures due to failed checks, decode the
errors per the SDM Vol. 3C 26.8.

3 years agovmm(4): fix race condition related to incorrect physical cpu tracking
dv [Mon, 17 May 2021 23:36:40 +0000 (23:36 +0000)]
vmm(4): fix race condition related to incorrect physical cpu tracking

The race condition results in vmread errors when disabling interrupt
window exiting. The vmd(8) guest gets an EINVAL response to it's
VMM_IOC_RUN ioctl and aborts, sending the guest to an abrupt end.

Similarly to the recent SVM commit, this changes the vcpu run loop
logic to check for resuming on a different cpu. If so, the VMCS is
loaded onto the new cpu.

Instead of using just a "resume" flag, the real reason (other than cpu
switch) that would require reloading the VMCS is vmm may have cleared
the VMCS before yielding to the scheduler. The "resume" flag is still
used in vmx_enter_guest to toggle between vmlaunch/vmresume calls, but
is no longer the arbiter of if vmm reloads the VMCS or not.

A more subtle race condition still exists related to clearing the VMCS
on the previous cpu, but that's for a future commit.

OK mlarkin@

3 years agofix state key reference underflow, when sk == skrev
sashan [Mon, 17 May 2021 23:01:26 +0000 (23:01 +0000)]
fix state key reference underflow, when sk == skrev

the bug has been reported by Sebastien and Olivier Cherrier.
it has turned out the pf_state_key_link_reverse() does not
grab enough references when both state keys (sk and skrev)
are identical. This makes pf to trip assert later, when
references are being dropped:

panic(ffffffff81dfbc8e) at panic+0x11d
__assert(ffffffff81e64b54,ffffffff81e0a6ee,33a,ffffffff81e03b7f)
refcnt_rele(fffffd810bf02458) at refcnt_rele+0x6f
pf_state_key_unref(fffffd810bf023f0) at pf_state_key_unref+0x21
pf_remove_state(fffffd810c0c4578) at pf_remove_state+0x1fa
pf_purge_expired_states(2) at pf_purge_expired_states+0x232
pf_purge(ffffffff82236a30) at pf_purge+0x33
taskq_thread(ffff800000032080) at taskq_thread+0x81

fixed tested by Olivier Cherrier and semarie@

OK semarie@

3 years agoMake more free inodes on luna88k bsd.rd.
aoyama [Mon, 17 May 2021 22:11:35 +0000 (22:11 +0000)]
Make more free inodes on luna88k bsd.rd.

Free inodes of luna88k bsd.rd are insufficient when we want to install
sets from another disk of the root disk.  Make more inodes by specifying
density=4096.

Spotted by Anders Gavare, the author of GXemul.  Thanks!

ok deraadt@

3 years agoMove pciecam.c to dev/fdt/.
kettenis [Mon, 17 May 2021 19:43:37 +0000 (19:43 +0000)]
Move pciecam.c to dev/fdt/.

ok deraadt@

3 years agoRevert. Last change should not have been committed.
claudio [Mon, 17 May 2021 17:58:35 +0000 (17:58 +0000)]
Revert. Last change should not have been committed.

3 years agoForgot this directory in last commit for the UNIX-domain socket buffer
claudio [Mon, 17 May 2021 17:54:31 +0000 (17:54 +0000)]
Forgot this directory in last commit for the UNIX-domain socket buffer
change.

3 years agoRename some MD structs by giving them an architecture-neutral name in
kettenis [Mon, 17 May 2021 17:25:13 +0000 (17:25 +0000)]
Rename some MD structs by giving them an architecture-neutral name in
preparation for sharing PCIe host bridge drivers between arm64 and riscv64.

ok mpi@, mlarkin@, patrick@

3 years agoIncrease the default buffer space using on PF_UNIX sockets to 8k.
claudio [Mon, 17 May 2021 17:06:51 +0000 (17:06 +0000)]
Increase the default buffer space using on PF_UNIX sockets to 8k.
Additionally make the values tuneable via sysctl.
OK deraadt@ mvs@

3 years agocopy riscv support from regress/sys/kern/stackpivot/pivot.h
deraadt [Mon, 17 May 2021 15:31:13 +0000 (15:31 +0000)]
copy riscv support from regress/sys/kern/stackpivot/pivot.h

3 years agoadd riscv support
deraadt [Mon, 17 May 2021 15:28:24 +0000 (15:28 +0000)]
add riscv support

3 years agodelete useless blank lines
deraadt [Mon, 17 May 2021 15:06:09 +0000 (15:06 +0000)]
delete useless blank lines

3 years agoLink fenv.S test program statically to avoid calling the dynamic
bluhm [Mon, 17 May 2021 13:54:42 +0000 (13:54 +0000)]
Link fenv.S test program statically to avoid calling the dynamic
linker.

3 years agoSkip sosplice loop test if Perl packages are not installed.
bluhm [Mon, 17 May 2021 13:13:27 +0000 (13:13 +0000)]
Skip sosplice loop test if Perl packages are not installed.

3 years agoReshuffle if conditions to check for error first after the fstat() calls.
claudio [Mon, 17 May 2021 12:15:48 +0000 (12:15 +0000)]
Reshuffle if conditions to check for error first after the fstat() calls.
OK benno@

3 years agoDo not leak blk.blks in error condition.
claudio [Mon, 17 May 2021 12:11:05 +0000 (12:11 +0000)]
Do not leak blk.blks in error condition.
Noticed by and OK benno@

3 years agoAdjust exit codes in the main program to follow the ones from rsync.
claudio [Mon, 17 May 2021 12:04:38 +0000 (12:04 +0000)]
Adjust exit codes in the main program to follow the ones from 
OK benno@

3 years agoError out on memory failures in fargs_cmdline() and addargs() in both
claudio [Mon, 17 May 2021 12:02:58 +0000 (12:02 +0000)]
Error out on memory failures in fargs_cmdline() and addargs() in both
cases it was impossible to start the remote rsync anyway. Also now
fargs_cmdline() can no longer fail. Add missing err(ERR_IPC, "pldege")
for the cases in socket.c
OK benno@

3 years agoFix mbuf leaks after reception error in re_rxeof().
visa [Mon, 17 May 2021 11:59:53 +0000 (11:59 +0000)]
Fix mbuf leaks after reception error in re_rxeof().

Also, increment the error counter when an unexpected fragment is seen.

OK claudio@

3 years agoIf pledge() or unveil() fails error out with ERR_IPC. Also error out in
claudio [Mon, 17 May 2021 11:59:09 +0000 (11:59 +0000)]
If pledge() or unveil() fails error out with ERR_IPC. Also error out in
the receiver when intial setup fails because of filesystem errors (unable
to open or create the base directory) or on memory failures.
OK benno@

3 years agoIntroduce some error exit codes which are in sync with the ones from
claudio [Mon, 17 May 2021 11:54:14 +0000 (11:54 +0000)]
Introduce some error exit codes which are in sync with the ones from
proper rsync. This should help to make the tool behave more like the
real thing.
OK benno@

3 years agoSync code with the original from mkdir(1).
claudio [Mon, 17 May 2021 11:52:10 +0000 (11:52 +0000)]
Sync code with the original from mkdir(1).
OK benno@

3 years agoThe openat() then fstat() pattern only works if one is sure the file being
claudio [Mon, 17 May 2021 11:49:01 +0000 (11:49 +0000)]
The openat() then fstat() pattern only works if one is sure the file being
opened is a regular file. In other cases this may block in openat() (since
the O_NONBLOCK flag removed). Switch to fstatat() and then openat() to
protect from involuntary side-effects (like opening a device node) and
possible hangs.
OK benno@

3 years agoput unused 802.11 fragmentation support code under #ifdef notyet
stsp [Mon, 17 May 2021 11:44:22 +0000 (11:44 +0000)]
put unused 802.11 fragmentation support code under #ifdef notyet

3 years agofix breakage of -W forwaring introduced in 1.554; reported by
djm [Mon, 17 May 2021 11:43:16 +0000 (11:43 +0000)]
fix breakage of -W forwaring introduced in 1.554; reported by
naddy@ and sthen@, ok sthen@

3 years agoLimit the number of concurrent RTR connects to 32.
claudio [Mon, 17 May 2021 10:47:07 +0000 (10:47 +0000)]
Limit the number of concurrent RTR connects to 32.
If the limit is hit the request will be dropped and the rtr process will
retry the connect after the retry timeout. Hopefully by then the number of
connections is down again.
OK deraadt@ benno@

3 years agoStop setting IPV6_MINMTU in ip6_send() which is used by the ICMP code.
claudio [Mon, 17 May 2021 10:09:53 +0000 (10:09 +0000)]
Stop setting IPV6_MINMTU in ip6_send() which is used by the ICMP code.
Because of this large ping packets where fragmented even if the MTU did
not indicate the need for it. This causes some trouble when system do
not expect to receive a fragmented answer from a system. One such case
is the automated link test from google routers before allowing to establish
a BGP peering session with them. In general PMTU problems should be an
issue from the past and if not it may be better to also break on ping
packets and not only for UDP and TCP. ICMP ping is normaly the first
tool in the admins toolbox to figure out network issues.
OK phessler@ florian@ bluhm@

3 years agoDo not try to chunk encode an empty http body coming from an fcgi
florian [Mon, 17 May 2021 09:26:52 +0000 (09:26 +0000)]
Do not try to chunk encode an empty http body coming from an fcgi
upstream.

Found the hard way by Chris Narkiewicz who tracked failing uploads in
the nextcloud mobile app down to httpd(8) trying to chunk encode a
"204 No Content" resonse.

Testing by Steve Williams
Testing & OK stsp

3 years agoAvoid calling ibuf_add() with NULL and zero length.
tobhe [Mon, 17 May 2021 08:14:37 +0000 (08:14 +0000)]
Avoid calling ibuf_add() with NULL and zero length.

ok patrick@

3 years agoPrevent frame injection via forged 802.11n A-MSDUs.
stsp [Mon, 17 May 2021 08:02:20 +0000 (08:02 +0000)]
Prevent frame injection via forged 802.11n A-MSDUs.

This mitigates an attack where a single 802.11 frame is interpreted as an
A-MSDU because of a forged AMSDU-present bit in the 802.11 QoS frame header.
See https://papers.mathyvanhoef.com/usenix2021.pdf section 3.2.

MAC address validation is added as an additional measure to prevent hostap
clients from sending A-MSDU subframes with a spoofed source address.

An earlier version of this patch was reviewed by Mathy Vanhoef, who spotted
a bug in my original attempt at preventing spoofed addresses.

ok mpi@

3 years agoRegenerate moduli.
dtucker [Mon, 17 May 2021 07:22:45 +0000 (07:22 +0000)]
Regenerate moduli.

3 years agodrm/radeon: fix copy of uninitialized variable back to userspace
jsg [Mon, 17 May 2021 02:18:07 +0000 (02:18 +0000)]
drm/radeon: fix copy of uninitialized variable back to userspace

From Colin Ian King
8dbc2ccac5a65c5b57e3070e36a3dc97c7970d96 in mainline linux

3 years agoreturn early if work is cancelled before being scheduled
jsg [Mon, 17 May 2021 00:17:26 +0000 (00:17 +0000)]
return early if work is cancelled before being scheduled

cheloha@ noticed that task_del(9) was being called with a NULL taskq
from inteldrm(4), which was not noticed as the function returns early
from testing a flag in the task.  This situation occurs when work is
cancelled before it is scheduled.

ok kettenis@ cheloha@

3 years agoImplement the layout specification "a" (left justify with 1em indentation)
schwarze [Sun, 16 May 2021 23:16:22 +0000 (23:16 +0000)]
Implement the layout specification "a" (left justify with 1em indentation)
in HTML output mode; before this patch, the indentation was missing.
Terminal output already supported the "a" specifier since 2010.
Issue reported and patch tested by Oliver dot Corff at email dot de.

3 years agoMake all unicode Private Use areas SWIDTH1
afresh1 [Sun, 16 May 2021 22:48:05 +0000 (22:48 +0000)]
Make all unicode Private Use areas SWIDTH1

Noticed by naddy@ due to a commit in nano.

There's no current mechanism to allow people who put codepoints in
these private use areas to specify their width, we can however guess
that people who put things there are most likely adding SWIDTH1
glyphs and making that the default will be most likely to do what
they want.  In addition, that's apparently what other systems do
already.

Much feedback and OK schwarze@

3 years agoUpdate en_US.UTF-8.src to Unicode 13.0
afresh1 [Sun, 16 May 2021 22:38:31 +0000 (22:38 +0000)]
Update en_US.UTF-8.src to Unicode 13.0

This is what ships with the perl 5.32.1

OK schwarze@

3 years agotest font modifiers in the layout; related to tbl_html.c rev. 1.29
schwarze [Sun, 16 May 2021 22:23:57 +0000 (22:23 +0000)]
test font modifiers in the layout; related to tbl_html.c rev. 1.29

3 years agoimplement the tbl(7) layout modifiers "b" (bold) and "i" (italic)
schwarze [Sun, 16 May 2021 18:08:37 +0000 (18:08 +0000)]
implement the tbl(7) layout modifiers "b" (bold) and "i" (italic)
in HTML output mode, similar to tbl_term.c, function tbl_word();
issue reported by Oliver dot Corff at email dot de