openbsd
2 years agoRun IP input and forwarding with shared netlock. Also distribute
bluhm [Sat, 30 Apr 2022 21:13:57 +0000 (21:13 +0000)]
Run IP input and forwarding with shared netlock.  Also distribute
packets from the interface receive rings into multiple net task
queues.
Note that we still have only one softnet task.  So there will be
no concurrency yet, but we can notice wrong exclusive lock assertions.
Soon the final step will be to increase the NET_TASKQ define.
lots of testing Hrvoje Popovski; OK sashan@

2 years agoProvide a new function roff_req_or_macro() to parse and handle a request
schwarze [Sat, 30 Apr 2022 18:46:16 +0000 (18:46 +0000)]
Provide a new function roff_req_or_macro() to parse and handle a request
or macro, including context-dependent error handling inside tbl(7) code
and inside .ce/.rj blocks.  Use it both in the top level roff(7) parser
and inside conditional blocks.

This fixes an assertion failure triggered by ".if 1 .ce" inside tbl(7)
code, found by tb@ using afl(1).

As a side benefit for readability, only one place remains in the
code that calls the main handler functions for the various roff(7)
requests.  This patch also improves column numbers in some error
messages and various comments.

2 years agoRecheck PG_BUSY after locking the page.
mpi [Sat, 30 Apr 2022 17:58:43 +0000 (17:58 +0000)]
Recheck PG_BUSY after locking the page.

Another thread can set the bit if we sleep during rw_enter(9) in which case
the page shouldn't be touched.

ok semarie@

2 years agoAdd comments to some of the enum roff_tok values;
schwarze [Sat, 30 Apr 2022 15:08:56 +0000 (15:08 +0000)]
Add comments to some of the enum roff_tok values;
particularly useful for values that have non-obvious semantics
like ROFF_MAX, ROFF_cblock, ROFF_RENAMED, and TOKEN_NONE;
no code change.

2 years agoEnforce proper memory ordering in refcnt_rele() and refcnt_finalize()
visa [Sat, 30 Apr 2022 14:44:04 +0000 (14:44 +0000)]
Enforce proper memory ordering in refcnt_rele() and refcnt_finalize()

Make refcnt_rele() and refcnt_finalize() order memory operations so that
preceding loads and stores happen before 1->0 transition. Also ensure
that loads and stores that depend on the transition really begin only
after the transition has occurred. Otherwise the object destructor might
not see the object's latest state.

OK bluhm@

2 years agoWhen performing ipsp_ids_free(), grab `ipsec_flows_mtx' mutex(9) before do
mvs [Sat, 30 Apr 2022 13:28:53 +0000 (13:28 +0000)]
When performing ipsp_ids_free(), grab `ipsec_flows_mtx' mutex(9) before do
`id_refcount' decrement. This should be consistent with `ipsp_ids_gc_list'
list modifications, otherwise concurrent ipsp_ids_insert() could remove
this dying `ids' from the list before if was placed there by
ipsp_ids_free(). This makes atomic operations with `id_refcount' useless.
Also prevent ipsp_ids_lookup() to return dying `ids'.

ok bluhm@

2 years agoRefactor the handler function roff_block_sub() for clarity and simplicity.
schwarze [Sat, 30 Apr 2022 11:32:39 +0000 (11:32 +0000)]
Refactor the handler function roff_block_sub() for clarity and simplicity.

1. Do not needlessly access the function pointer table roffs[].
Instead, simply call the block closing function directly.

2. Sort code: handle both cases of block closing at the beginning
of the function rather than one at the beginning and one at the end.

3. Trim excessive, partially repetitive and obvious comments, also
making the comments considerably more precise.

No functional change.

2 years agoTweak to clarify sio_stop(3) and sio_flush() description, from jmc@
ratchov [Sat, 30 Apr 2022 08:47:18 +0000 (08:47 +0000)]
Tweak to clarify sio_stop(3) and sio_flush() description, from jmc@

2 years agoConvert the 2nd rttimer callback from struct rttimer to u_int rtableid.
claudio [Sat, 30 Apr 2022 07:20:35 +0000 (07:20 +0000)]
Convert the 2nd rttimer callback from struct rttimer to u_int rtableid.
The callback only needs to know the rtableid all the other info from
struct rtableid is not needed.
Also change the default rttimer callback to only delete routes that are
RTF_HOST and RTF_DYNAMIC. This way 2 of the ICMP handlers can use NULL
as the callback.
OK bluhm@

2 years agoadd support for printing some extra large numbers to histograms
tedu [Sat, 30 Apr 2022 01:29:05 +0000 (01:29 +0000)]
add support for printing some extra large numbers to histograms
ok mpi

2 years agoSend IP options with maximum length to check for overflow.
bluhm [Fri, 29 Apr 2022 18:58:33 +0000 (18:58 +0000)]
Send IP options with maximum length to check for overflow.

2 years agoCleanup makefile so that tests are similar. Link pair to build.
bluhm [Fri, 29 Apr 2022 17:27:37 +0000 (17:27 +0000)]
Cleanup makefile so that tests are similar.  Link pair to build.

2 years agoLink pf_opts to the tree.
bluhm [Fri, 29 Apr 2022 11:59:10 +0000 (11:59 +0000)]
Link pf_opts to the tree.

2 years agosync
jsg [Fri, 29 Apr 2022 11:29:47 +0000 (11:29 +0000)]
sync

2 years agofinally, turn on caching by default
espie [Fri, 29 Apr 2022 10:44:05 +0000 (10:44 +0000)]
finally, turn on caching by default

change the defines:
TEST_CACHING -> !NO_CACHING
TEST_CACHING_VERBOSE -> CACHING_VERBOSE
TEST_CACHING_RECHECK -> CACHING_RECHECK

okay with sthen@

2 years agoRelease PF und NET lock before calling copyout for DIOCIGETIFACES.
mbuhl [Fri, 29 Apr 2022 09:55:43 +0000 (09:55 +0000)]
Release PF und NET lock before calling copyout for DIOCIGETIFACES.
OK sashan@
Reported-by: syzbot+b6afd166e314799e3809@syzkaller.appspotmail.com
2 years agoCheck that IGMP and ICMP6 MLD packets with router alert option pass.
bluhm [Fri, 29 Apr 2022 09:45:05 +0000 (09:45 +0000)]
Check that IGMP and ICMP6 MLD packets with router alert option pass.
Other combinations with IP options are still blocked.

2 years agoWait until the buffer is drained before closing the device
ratchov [Fri, 29 Apr 2022 09:12:57 +0000 (09:12 +0000)]
Wait until the buffer is drained before closing the device

Fixes last few samples not being played when very large buffers
are used.

2 years agoIGMP and ICMP6 MLD packets always have the router alert option set.
bluhm [Fri, 29 Apr 2022 08:58:49 +0000 (08:58 +0000)]
IGMP and ICMP6 MLD packets always have the router alert option set.
pf blocked IPv4 options and IPv6 option header by default.  This
forced users to set allow-opts in pf rules.
Better let multicast work by default.  Detect router alerts by
parsing IP options and hop by hop headers.  If the packet has only
this option and is a multicast control packet, do not block it due
to bad options.
tested by otto@; OK sashan@

2 years agoAdd sio_flush(3) function to stop playback immediately
ratchov [Fri, 29 Apr 2022 08:30:48 +0000 (08:30 +0000)]
Add sio_flush(3) function to stop playback immediately

The new sio_flush(3) functions works the same way as sio_stop(3),
except that it doesn't wait for play buffer to be drained. Instead,
it discards its contents and returns immediately.

2 years agobe stricter in which characters will be accepted in specifying a mask
djm [Fri, 29 Apr 2022 04:55:07 +0000 (04:55 +0000)]
be stricter in which characters will be accepted in specifying a mask
length; allow only 0-9. From khaleesicodes via GHPR#278; ok dtucker@

2 years agomention that the helpers are used by ssh(1), ssh-agent(1) and
djm [Fri, 29 Apr 2022 03:24:30 +0000 (03:24 +0000)]
mention that the helpers are used by ssh(1), ssh-agent(1) and
ssh-keygen(1). Previously only ssh(1) was mentioned.
From Pedro Martelletto

2 years agoDon't leak SK device. Patch from Pedro Martelletto via github PR#316.
dtucker [Fri, 29 Apr 2022 03:16:48 +0000 (03:16 +0000)]
Don't leak SK device.  Patch from Pedro Martelletto via github PR#316.
ok djm@

2 years agofix memleak on session-bind path; from Pedro Martelletto, ok dtucker@
djm [Fri, 29 Apr 2022 03:13:32 +0000 (03:13 +0000)]
fix memleak on session-bind path; from Pedro Martelletto, ok dtucker@

2 years agoUse $(( )) arithmetic expansion instead of `expr something`
jca [Thu, 28 Apr 2022 22:11:59 +0000 (22:11 +0000)]
Use $(( )) arithmetic expansion instead of `expr something`

No need to use an external tool when the shell can handle this basic task.

2 years agobtrace(8): fix lexer to allow whitespace after filters.
dv [Thu, 28 Apr 2022 21:04:24 +0000 (21:04 +0000)]
btrace(8): fix lexer to allow whitespace after filters.

Whitespace is allowed after the closing slash of a filter and before
the opening brace of an action. This makes the lexer scan ahead and
collect any whitespace and newlines into the end of filter token.

ok mpi@

2 years agoAdd tests that decode sequences into ASN.1 strings.
jsing [Thu, 28 Apr 2022 18:36:38 +0000 (18:36 +0000)]
Add tests that decode sequences into ASN.1 strings.

Test decoding of sequences with length and indefinite length into an ASN.1
string - in this case the ASN.1 is not decoded, rather the octets are
stored directly as the content of the string.

This exercises a specific path through the ASN.1 decoder.

(you know asn1complex is living up to its name when you have to import
openssl/asn1t.h directly...)

2 years agoRewrite asn1_check_tlen() using CBS.
jsing [Thu, 28 Apr 2022 18:30:57 +0000 (18:30 +0000)]
Rewrite asn1_check_tlen() using CBS.

Rather than calling asn1_get_object_cbs(), call asn1_get_identifier_cbs(),
then immediately proceed with the tag number and tag class check. Only if
that succeeds (or it is not required) do we call asn1_get_length_cbs().
This avoids incurring the overhead of decoding the length in the case where
the tag number and tag class do not match.

While here rename asn1_check_tlen() to asn1_check_tag() - while we decode
the length, what we are normally checking is the tag number and tag class.
Also rename the arguments for readability. For now the argument types
and encoding remain unchanged.

ok inoguchi@ tb@

2 years agoAlways acquire the `vmobjlock' before incrementing an object's reference.
mpi [Thu, 28 Apr 2022 18:12:33 +0000 (18:12 +0000)]
Always acquire the `vmobjlock' before incrementing an object's reference.

2 years agoRoute timers were not MP safe. Protect the global lists with a
bluhm [Thu, 28 Apr 2022 17:47:41 +0000 (17:47 +0000)]
Route timers were not MP safe.  Protect the global lists with a
mutex and move the rttimer entries into a temporary list.  Then the
callback and pool put can be called later without holding the mutex.
tested by Hrvoje Popovski; OK claudio@

2 years agoRefactor ASN1_TIME_adj_internal()
tb [Thu, 28 Apr 2022 17:31:29 +0000 (17:31 +0000)]
Refactor ASN1_TIME_adj_internal()

ASN1_TIME_adj_internal() does some strange dances with remembering
allocations in a boolean and using strlen(p) to deduce what happened
inside *_string_from_tm(). It also (mis)translates a NULL p to an
illegal time value error.

This can be streamlined by converting directly from a struct tm into an
ASN1_TIME and setting the errors when they occur instead of trying to
deduce them from a NULL return. This is made a bit uglier than necessary
due to the reuse-or-allocate semantics of the public API.

At the cost of a little code duplication, ASN1_TIME_adj_internal()
becomes very easy and ASN1_TIME_to_generalizedtime() is also simplified
somewhat.

ok inoguchi jsing

2 years agoIn the multicast router code don't allocate a rt timer queue for each
claudio [Thu, 28 Apr 2022 17:27:14 +0000 (17:27 +0000)]
In the multicast router code don't allocate a rt timer queue for each
rdomain. The rttimer API is rtable/rdomain aware and so there is no need
to have so many queues.
Also init the two queues (one for IPv4 and one for IPv6) early on. This
will allow the rttable code to become simpler.
OK bluhm@

2 years agoDecouple IP input and forwarding from protocol input. This allows
bluhm [Thu, 28 Apr 2022 16:56:39 +0000 (16:56 +0000)]
Decouple IP input and forwarding from protocol input.  This allows
to have parallel IP processing while the upper layers are still not
MP safe.  Introduce ip_ours() that enqueues the packets and ipintr()
that dequeues and processes them with an exclusive netlock.
Note that we still have only one softnet task.  Running IP processing
on multiple CPU will be the next step.
lots of testing Hrvoje Popovski; OK sashan@

2 years agoThe syntax of the roff(7) .mc request is quite special
schwarze [Thu, 28 Apr 2022 16:16:46 +0000 (16:16 +0000)]
The syntax of the roff(7) .mc request is quite special
and the roff_onearg() parsing function is too generic,
so provide a dedicated parsing function instead.

This fixes an assertion failure when an \o escape sequence is
passed as the argument; the bug was found by tb@ using afl(1).
It also makes mandoc output more similar to groff in various cases.

2 years agoFix comparison in openssl(1) pkcs12
inoguchi [Thu, 28 Apr 2022 15:42:10 +0000 (15:42 +0000)]
Fix comparison in openssl(1) pkcs12

comment from tb@

2 years agoEnvironment variables must be passed through env(1) while using sudo.
anton [Thu, 28 Apr 2022 15:37:01 +0000 (15:37 +0000)]
Environment variables must be passed through env(1) while using sudo.

ok bluhm@

2 years agoCompare pointer value with NULL in openssl(1) pkcs12
inoguchi [Thu, 28 Apr 2022 15:29:10 +0000 (15:29 +0000)]
Compare pointer value with NULL in openssl(1) pkcs12

ok tb@

2 years agoConvert the internal GPT partition entries into host-endian form
krw [Thu, 28 Apr 2022 13:22:19 +0000 (13:22 +0000)]
Convert the internal GPT partition entries into host-endian form
on input/initialization and back to little-endian when writing to
disk.

Easier to read the code when letoh*() and uuid_[enc|dec]_*
invocations are minimized.

No intentional functional change.

ok jmatthew@

2 years agooops, fix wrong .TH name
schwarze [Thu, 28 Apr 2022 10:23:31 +0000 (10:23 +0000)]
oops, fix wrong .TH name

2 years agoElement next-line scopes may nest, so man_breakscope() may have to
schwarze [Thu, 28 Apr 2022 10:17:37 +0000 (10:17 +0000)]
Element next-line scopes may nest, so man_breakscope() may have to
break multiple element next-line scopes at the same time, similar to
what man_descope() already does for unconditional rewinding.

This fixes an assertion failure that tb@ found with afl(1), caused
by .SH .I .I .BI and similar sequences of macros without arguments.

2 years agoCall uvm_pageactivate() from uvm_pageunwire() instead of rerolling it.
mpi [Thu, 28 Apr 2022 09:59:28 +0000 (09:59 +0000)]
Call uvm_pageactivate() from uvm_pageunwire() instead of rerolling it.

Having fewer places manipulating the global list of active/inactive pages
will help future LRU improvements.

ok kettenis@, kn@

2 years agoUpdate uvmexp.swpgonly only once in uvm_swap_get().
mpi [Thu, 28 Apr 2022 09:58:11 +0000 (09:58 +0000)]
Update uvmexp.swpgonly only once in uvm_swap_get().

Prevent a small window where a check could be incorrect in case an error
occurs in uvm_swap_io().

ok kettenis@, kn@

2 years agoglue for 7.2
espie [Thu, 28 Apr 2022 08:39:18 +0000 (08:39 +0000)]
glue for 7.2

2 years agoGet rid of set but not used compiler warning.
anton [Thu, 28 Apr 2022 05:28:57 +0000 (05:28 +0000)]
Get rid of set but not used compiler warning.

2 years agodrm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in intel_psr2_confi...
jsg [Thu, 28 Apr 2022 05:11:48 +0000 (05:11 +0000)]
drm/i915/display/psr: Unset enable_psr2_sel_fetch if other checks in intel_psr2_config_valid() fails

From Jose Roberto de Souza
79957134ca1d82fad69dba79f56d36a78512ef12 in linux 5.15.y/5.15.36
bb02330408a7bde33b5f46aa14fd5d7bfe6093b7 in mainline linux

2 years agoadd Sabrent NT-SS5G, sort the device list alphabetically
jmatthew [Thu, 28 Apr 2022 04:17:57 +0000 (04:17 +0000)]
add Sabrent NT-SS5G, sort the device list alphabetically

from Brad

2 years agoavoid printing hash algorithm twice; from lucas AT sexy.is
djm [Thu, 28 Apr 2022 02:53:31 +0000 (02:53 +0000)]
avoid printing hash algorithm twice; from lucas AT sexy.is

2 years agoThe timeout in ospf6d regress seems to be too short. Increase it
bluhm [Wed, 27 Apr 2022 23:34:46 +0000 (23:34 +0000)]
The timeout in ospf6d regress seems to be too short.  Increase it
to make the test more stable.
debugged by Anton Borowka

2 years agoSend packets with IPv4 option or IPv6 extension header over loopback
bluhm [Wed, 27 Apr 2022 18:28:40 +0000 (18:28 +0000)]
Send packets with IPv4 option or IPv6 extension header over loopback
interface and check which of the packets are dropped by pf.  The
bad packets appear in pflog0 tcpdump.  This regress is testing rules
with and without allow-opts.

2 years agoAdd test case capable of triggering the recently fixed use after free,
anton [Wed, 27 Apr 2022 18:02:05 +0000 (18:02 +0000)]
Add test case capable of triggering the recently fixed use after free,
based on the syzkaller reproducer.

2 years agoRemove the lock if an identical overlapping one is already present.
anton [Wed, 27 Apr 2022 18:01:23 +0000 (18:01 +0000)]
Remove the lock if an identical overlapping one is already present.
Preventing a use after free discovered by syzkaller.

ok visa@

Reported-by: syzbot+a2649c1d77e9d2463f33@syzkaller.appspotmail.com
Reported-by: syzbot+182df9087f5f182daa44@syzkaller.appspotmail.com
Reported-by: syzbot+46d03139d7ed5e81ed2f@syzkaller.appspotmail.com
Reported-by: syzbot+892e886a6113db341da1@syzkaller.appspotmail.com
2 years agoDecode via c2i_ASN1_INTEGER_cbs() from asn1_ex_c2i().
jsing [Wed, 27 Apr 2022 17:56:13 +0000 (17:56 +0000)]
Decode via c2i_ASN1_INTEGER_cbs() from asn1_ex_c2i().

2 years agoEnsure we clear the error stack before running tests that print errors.
jsing [Wed, 27 Apr 2022 17:43:41 +0000 (17:43 +0000)]
Ensure we clear the error stack before running tests that print errors.

2 years agoEnable ASN.1 INTEGER tests with invalid lengths/encodings.
jsing [Wed, 27 Apr 2022 17:43:06 +0000 (17:43 +0000)]
Enable ASN.1 INTEGER tests with invalid lengths/encodings.

2 years agoRewrite c2i_ASN1_INTEGER() using CBS.
jsing [Wed, 27 Apr 2022 17:42:08 +0000 (17:42 +0000)]
Rewrite c2i_ASN1_INTEGER() using CBS.

This also makes validation stricter and inline with X.690 - we now reject
zero length inputs (rather than treating them as zero values) and enforce
minimal encoding.

ok tb@

2 years agoRemove the ASN.1 decoder tag/length cache (TLC).
jsing [Wed, 27 Apr 2022 17:28:34 +0000 (17:28 +0000)]
Remove the ASN.1 decoder tag/length cache (TLC).

Currently, every time an ASN.1 identifier and length is decoded it is
stored in a tag/length cache for potential reuse. However, the only time
this is actually of benefit is when decoding CHOICE or SEQUENCE with
OPTIONAL fields (or MSTRING and ANY due to less than ideal
implementation). For CHOICE and SEQUENCE with OPTIONAL fields the
current code attempts to decode the first option and if that fails, it
moves onto the next option and attempts to decode it, repeating until
it succeeds (or runs out of options).

There are a number of problems with the cache. Firstly, it adds complexity
to the ASN.1 decoder since it has to be passed up and down through the
various layers. Secondly, there is nothing that keeps the cached data in
synchronisation with the input stream. This makes it fragile and a
potential security risk. Thirdly, the type is in the public headers and
API, meaning that we cannot readily change the types or fields to improve
the code.

Testing also suggests that in typical decoding cases we actually get a
small performance increase by removing the cache. There are also several
other options that would improve decoding performance, which we can visit
once we have simpler and more robust code.

ok beck@ inoguchi@ tb@

2 years agoThe .AT, .DT, and .UC macros are allowed inside next-line scope
schwarze [Wed, 27 Apr 2022 17:04:15 +0000 (17:04 +0000)]
The .AT, .DT, and .UC macros are allowed inside next-line scope
and never produce output at the place of their invocation.

Minibugs found while investigating unrelated afl(1) reports from tb@.

2 years agohave use_old_libs say something if it's the reason a package gets updated
espie [Wed, 27 Apr 2022 15:27:45 +0000 (15:27 +0000)]
have use_old_libs say something if it's the reason a package gets updated

2 years agosplit the code in figure_out_kept:
espie [Wed, 27 Apr 2022 15:19:03 +0000 (15:19 +0000)]
split the code in figure_out_kept:
we need a somewhat complete updateset so we can proceed with handling
dependencies.

The case where the signature is equal is not an issue, but the case
where we need to keep the package because it still contains oldlibs is!

So we do that AFTER dependencies so that dependencies have been updated
and we possibly depend on old libs (which may happen even if the signature
didn't change)

2 years agoadd a test case for the Imath update, along with notes about what's
espie [Wed, 27 Apr 2022 15:15:45 +0000 (15:15 +0000)]
add a test case for the Imath update, along with notes about what's
exactly going on, if one day we trust wantlib enough to be accurate
(hello libsets)

2 years ago"pretty print" verbose messages: more context, and indent them to make
espie [Wed, 27 Apr 2022 15:04:11 +0000 (15:04 +0000)]
"pretty print" verbose messages: more context, and indent them to make
clearer those message are grouped together

2 years agogive a bit more context in verbose message
espie [Wed, 27 Apr 2022 14:55:08 +0000 (14:55 +0000)]
give a bit more context in verbose message

2 years agovgone() is vgonel() with curproc as 2nd argument. Use vgonel() like the
claudio [Wed, 27 Apr 2022 14:52:25 +0000 (14:52 +0000)]
vgone() is vgonel() with curproc as 2nd argument. Use vgonel() like the
other call in vop_generic_revoke().
OK semarie@

2 years agovmm(4): dt(4) tracepoints for vm exit reporting previous exit.
dv [Wed, 27 Apr 2022 14:23:37 +0000 (14:23 +0000)]
vmm(4): dt(4) tracepoints for vm exit reporting previous exit.

On Intel/VMX, the tracepoint for vm exits was before extracting the
vm exit reason meaning we either reported stack garbage (on first
exit) or the prior exit reason. Move the tracepoint to after
extraction and refactor the logic to collect all exit info processing
in one place. (We were extracting the guest RFLAGS register state
before checking the exit info extraction success.)

On AMD/SVM, the tracepoint was always triggered even on unsuccessful
vm entry leading to garbage data. Tuck the tracepoint into the If
block and merge them.

ok mlarkin@

2 years agonote to myself for 7.2
espie [Wed, 27 Apr 2022 14:11:27 +0000 (14:11 +0000)]
note to myself for 7.2

2 years agoFix three bugs regarding the interaction of \z and \h:
schwarze [Wed, 27 Apr 2022 13:30:19 +0000 (13:30 +0000)]
Fix three bugs regarding the interaction of \z and \h:

1. The combination \z\h is a no-op whatever the argument may be.
In the past, the \z only affected the first space character generated
by the \h, which was wrong.

2. For the conbination \zX\h with a positive argument, the first
space resulting from the \h is not printed but consumed by the \z.

3. For the combination \zX\h with a negative argument, application
of the \z needs to be completed before the \h can be started.
In the past, if this combination occurred at the beginning of an
output line, the \h backed up to the beginning of the line and
after that, the \z attempted to back up even further, triggering
an assertion.

Bugs found during an audit of assignments to termp->col that i
started after the bugfix tbl_term.c rev. 1.65.  The assertion
triggered by bug 3 was *not* yet found by afl(1).

2 years agotypo: exceded -> exceed
tb [Wed, 27 Apr 2022 11:46:19 +0000 (11:46 +0000)]
typo: exceded -> exceed

2 years agoAdd authfd path to debug output. ok markus@
dtucker [Wed, 27 Apr 2022 11:08:55 +0000 (11:08 +0000)]
Add authfd path to debug output.  ok markus@

2 years agoASN1_{,const_}check_infinite_end(3) were removed in the last major bump,
tb [Wed, 27 Apr 2022 08:06:37 +0000 (08:06 +0000)]
ASN1_{,const_}check_infinite_end(3) were removed in the last major bump,
so there's no longer a need to document that they are undocumented.

2 years agoDecode via c2i_ASN1_BIT_STRING_cbs() from asn1_ex_c2i().
jsing [Tue, 26 Apr 2022 20:00:18 +0000 (20:00 +0000)]
Decode via c2i_ASN1_BIT_STRING_cbs() from asn1_ex_c2i().

ok inoguchi@ tb@

2 years agoBump __mp_lock_spinout to INT_MAX.
dv [Tue, 26 Apr 2022 15:31:14 +0000 (15:31 +0000)]
Bump __mp_lock_spinout to INT_MAX.

The previous value set years ago was causing amd64 kernels to spin
out when run with MP_LOCKDEBUG during boot.

ok kettenis@

2 years agotypo in example text: unsused -> unused; noticed by tb@
schwarze [Tue, 26 Apr 2022 15:04:46 +0000 (15:04 +0000)]
typo in example text: unsused -> unused; noticed by tb@

2 years agoDo not send a hostname option when we don't have a hostname.
florian [Tue, 26 Apr 2022 14:50:04 +0000 (14:50 +0000)]
Do not send a hostname option when we don't have a hostname.

The minimum length of a hostname is 1 according to RFC 2132.
Found the hard way by Ibrahim Khalifa (ibo AT trukonsult.se) with DHCP
Relay on a Cisco ASA in the installer where we don't have a hostname
yet.
Ibrahim also provided a diff which I simplified a bit.
OK tb

2 years agoAt the end of every tbl(7) cell, clear the \z state.
schwarze [Tue, 26 Apr 2022 14:46:30 +0000 (14:46 +0000)]
At the end of every tbl(7) cell, clear the \z state.
This is needed because the TERMP_MULTICOL mode is designed such
that term_tbl() buffers all the cells of the table row before the
normal reset logic near the end of term_flushln() can be reached.

This fixes an assertion failure triggered by \z near the end
of a table cell, found by tb@ using afl(1).

2 years agoIf a node is tagged explicitly, skip implicit tagging for that node.
schwarze [Tue, 26 Apr 2022 11:28:35 +0000 (11:28 +0000)]
If a node is tagged explicitly, skip implicit tagging for that node.
Apart from making sense in the first place, this fixes an assertion
failure that happened when the calculated implicit tag did not match
the string value of the first child of the node,

Bug found by tb@ using afl(1).

2 years agoNo need for line wrap here.
claudio [Tue, 26 Apr 2022 10:48:20 +0000 (10:48 +0000)]
No need for line wrap here.

2 years agoOn CPUs that have MPERF/APERF support use that information to install a
claudio [Tue, 26 Apr 2022 08:35:30 +0000 (08:35 +0000)]
On CPUs that have MPERF/APERF support use that information to install a
cpu frequency sensor for each core. This works on many "modern" Intel and
AMD cpus (probably anything that has some kind of turbo mode).
OK kettenis@

2 years agoCheck sshauthopt_new() for NULL. bz#3425, from tessgauthier at
dtucker [Tue, 26 Apr 2022 07:41:44 +0000 (07:41 +0000)]
Check sshauthopt_new() for NULL.  bz#3425, from tessgauthier at
microsoft.com.  ok djm@

2 years agoReimplement the page allocation code using bus_dma(9) APIs to make sure
kettenis [Mon, 25 Apr 2022 21:53:09 +0000 (21:53 +0000)]
Reimplement the page allocation code using bus_dma(9) APIs to make sure
that on architectures with an IOMMU, DMA addresses are translated
properly.

Fixes radeondrm(4) and amdgpu(4) on powerpc64, sparc64 and arm64 machines
with smmu(4).

ok jsg@

2 years agoPush DISK_[read|write]sectors() down to disk.c local functions
krw [Mon, 25 Apr 2022 17:10:09 +0000 (17:10 +0000)]
Push DISK_[read|write]sectors() down to disk.c local functions
and expose new DISK_[read|write]bytes() functions.

Eliminates many bytes <-> sector i/o dances and makes the code
much easier to understand.

Be a bit more careful to consistently write only bytes that
checksums are calculated over.

No intentional functional change.

2 years agoExtend ksmn(4) driver to also show CCD tempratures if available.
claudio [Mon, 25 Apr 2022 16:17:19 +0000 (16:17 +0000)]
Extend ksmn(4) driver to also show CCD tempratures if available.
Based information from the linux k10temp driver.
OK brynet@

2 years agogh_csum an gh_part_csum are not used between initializing
krw [Mon, 25 Apr 2022 13:07:53 +0000 (13:07 +0000)]
gh_csum an gh_part_csum are not used between initializing
the GPT and calculating them when writing the GPT to disk.

No need to update them in add_partition().

Pointed out by jmatthew@

2 years agoFix spelling error in warnx()
job [Mon, 25 Apr 2022 10:52:09 +0000 (10:52 +0000)]
Fix spelling error in warnx()

Thanks Marco D'Itri

2 years agozap extra blank line
tb [Sun, 24 Apr 2022 22:26:44 +0000 (22:26 +0000)]
zap extra blank line

2 years agoWrap two overlong lines
tb [Sun, 24 Apr 2022 18:20:12 +0000 (18:20 +0000)]
Wrap two overlong lines

2 years agotrailing whitespace
tb [Sun, 24 Apr 2022 18:19:52 +0000 (18:19 +0000)]
trailing whitespace

2 years agoWhen we open a new .while loop, let's not attempt to close out
schwarze [Sun, 24 Apr 2022 17:39:31 +0000 (17:39 +0000)]
When we open a new .while loop, let's not attempt to close out
another enclosing .while loop at the same time.
Instead, postpone the closing until the next iteration of ROFF_RERUN.

This prevents one-line constructions like ".while 0 .while 0 something"
and ".while rx .while rx .rr x" (which admittedly aren't particularly
useful) from dying of abort(3), which was a bug tb@ found with afl(1).

2 years agoIf a .shift request has a negative argument, do not use a negative array
schwarze [Sun, 24 Apr 2022 13:34:53 +0000 (13:34 +0000)]
If a .shift request has a negative argument, do not use a negative array
index but use 0 instead of the argument, just like groff.
Warn about the invalid argument.
While here, fix the column number in another warning message.

Segfault reported by tb@, found with afl(1).

2 years agoIn filemode emit the hash which uniquely identifies a given Signed Object
job [Sun, 24 Apr 2022 12:25:25 +0000 (12:25 +0000)]
In filemode emit the hash which uniquely identifies a given Signed Object

RPKI Signed Objects are not malleable; this means the SHA256 digest
of an input file containing a signed object is a very stable identifier
to associate with the decoded (validated) output shown in filemode.

The SHA256 in hash_id is base64 encoded (just like hashes on manifest listings).

OK tb@

2 years agoUse warnx() if errno is not relevant. close() after errno of
krw [Sun, 24 Apr 2022 12:13:37 +0000 (12:13 +0000)]
Use warnx() if errno is not relevant. close() after errno of
interest is checked, not before.

Less confusing error messages.

2 years agoIncrease rx buffer size to 62kB (same as linux). It turns out the device
jmatthew [Sun, 24 Apr 2022 00:04:10 +0000 (00:04 +0000)]
Increase rx buffer size to 62kB (same as linux).  It turns out the device
doesn't fit packets into the host's rx buffer until it's full, it keeps
going as long as it has space in its own receive buffer, and then
truncates to fit the usb transfer.  The packet descriptors are at the end,
so this means losing all the packets in the buffer.  At 32kB, it's fairly
easy to overrun, but 62kB seems fine.

tested by and ok mlarkin@

2 years agoRewrite c2i_ASN1_BIT_STRING() using CBS.
jsing [Sat, 23 Apr 2022 18:56:54 +0000 (18:56 +0000)]
Rewrite c2i_ASN1_BIT_STRING() using CBS.

Also switch to freeing and allocating, rather than attempting to recycle.
While here, factor out the flags ASN1_STRING_FLAG_BITS_LEFT bit bashing
and use the name "unused bits" rather than "bits left", to be more inline
with X.690 wording.

ok inoguchi@ tb@

2 years agoConvert asn1_ex_c2i() to CBS.
jsing [Sat, 23 Apr 2022 18:47:08 +0000 (18:47 +0000)]
Convert asn1_ex_c2i() to CBS.

This allows us to make direct use of c2i_ASN1_OBJECT_cbs().

ok inoguchi@ tb@

2 years agotweak previous: update .Bl -column line
schwarze [Sat, 23 Apr 2022 18:41:13 +0000 (18:41 +0000)]
tweak previous: update .Bl -column line

2 years agoAdd ASN1_INTEGER test coverage.
jsing [Sat, 23 Apr 2022 18:23:48 +0000 (18:23 +0000)]
Add ASN1_INTEGER test coverage.

2 years agoShow which bwfm(4) chipsets are 11n and which are 11ac. ok miod@
sthen [Sat, 23 Apr 2022 18:15:02 +0000 (18:15 +0000)]
Show which bwfm(4) chipsets are 11n and which are 11ac. ok miod@

2 years agoFix compilation on octeon, arm64, and riscv64.
mbuhl [Sat, 23 Apr 2022 16:04:05 +0000 (16:04 +0000)]
Fix compilation on octeon, arm64, and riscv64.

2 years agoAdd missing uuid_dec_le() to init_gp() so -A works on
krw [Sat, 23 Apr 2022 14:39:16 +0000 (14:39 +0000)]
Add missing uuid_dec_le() to init_gp() so -A works on
big-endian architectures too.

2 years agoIf the last data row of a tbl(7) contains nothing but a horizontal line,
schwarze [Sat, 23 Apr 2022 13:58:09 +0000 (13:58 +0000)]
If the last data row of a tbl(7) contains nothing but a horizontal line,
do not skip closing the table and cleaning up memory at the end of the
table in the HTML output module.

This bug resulted in skipping the tblcalc() function and reusing
the existing roffcol array for the next tbl(7) processed.  If the
next table had more columns than the one ending with a horizontal
line in the last data row, uninitialized memory was read, potentially
resulting in near-infinite output.

The bug was introduced in rev. 1.24 (2018/11/26) but only fully exposed
by rev. 1.33 (2021/09/09).  Until rev. 1.32, it could only cause
misformatting and invalid HTML output syntax but not huge output
because up to that point, the function did not use the roffcol array.

Nasty bug found the hard way by Michael Stapelberg on the production
server manpages.debian.org.  Michael also supplied example files
and excellent instructions how to reproduce the bug, which was very
difficult because no real-world manual page is known that triggers
the bug by itself, so to reproduce the bug, mandoc(1) had to be
invoked with at least two file name arguments.

2 years agoVerify sizes before arithmetic operations
tobias [Sat, 23 Apr 2022 08:57:52 +0000 (08:57 +0000)]
Verify sizes before arithmetic operations

Unsigned overflows are not a bug in C but we have to make sure that
requested buffer sizes will be actually available.

If not, set errno to ERANGE and return an error value.

ok deraadt, millert