claudio [Tue, 1 Aug 2023 14:15:44 +0000 (14:15 +0000)]
The swapper left the building long time ago. Now with the issue in
inteldrm fixed we should be able to remove this unneeded wakeup for good.
OK mvs@ cheloha@ deraadt@
dtucker [Tue, 1 Aug 2023 08:15:04 +0000 (08:15 +0000)]
remove unnecessary if statement. github PR#422 from eyalasulin999,
ok djm@
claudio [Tue, 1 Aug 2023 07:57:55 +0000 (07:57 +0000)]
Don't force early wrap around for jiffies.
In inteldrm the function intel_dp_wait_source_oui() can be called before
last_oui_write is set and so the code requires a positive initial jiffies
value. On linux this is the case for 64bit systems (but not for 32bit) and
because of this idiosyncracy this bug was introduced in upstream intel code.
Instead of adding another OpenBSD specific quirk to drm code alter our
jiffies initalisation.
Systems affected are at least "ALDERLAKE_P, gen 12" and "TIGERLAKE, gen 12"
Suggested fix by kettenis@
OK jsg@
claudio [Tue, 1 Aug 2023 06:40:18 +0000 (06:40 +0000)]
Implement time_after() and firends as static inline functions.
The previous macros were too optimistic about types and also did a signed
subtraction that could overflow.
OK miod@ kettenis@ deraadt@ jsg@
cheloha [Tue, 1 Aug 2023 01:17:25 +0000 (01:17 +0000)]
ualarm.3: cleanups, rewrites
Clean up the ualarm.3 page as we did with the alarm.3 page.
- Be more specific in the Name summary.
- Rewrite the Description. In particular, ualarm(3) does not block,
it schedules the signal for asynchronous delivery.
- The Return Values section is incoherent, rewrite it. Remove the
incorrect details about the upper bound.
- Add Caveats: discourage use of ualarm(3) and setitimer(2) in the
same program.
Input on v1 from schwarze@, deraadt@, millert@, and jmc@. Input on v2
from jmc@ and millert@.
v1: https://marc.info/?l=openbsd-tech&m=
162508423008134&w=2
v2: https://marc.info/?l=openbsd-tech&m=
169076642509763&w=2
ok jmc@ millert@
bluhm [Mon, 31 Jul 2023 17:10:31 +0000 (17:10 +0000)]
Mark code parameter of codepatch_replace() constant also on i386.
OK guenther@
kettenis [Mon, 31 Jul 2023 12:23:35 +0000 (12:23 +0000)]
Add AXP15060 support.
ok uaa@
tobhe [Mon, 31 Jul 2023 12:00:07 +0000 (12:00 +0000)]
Implement audio input source selection.
from jon at elytron dot openbsd dot amsterdam
feedback and ok miod@
dlg [Mon, 31 Jul 2023 11:13:09 +0000 (11:13 +0000)]
don't let pfsync send an insert message for a state pfsync just inserted
sthen@ upgraded and ended up with a lot of pfsync traffic which was
mostly made up of the two firewalls telling each other to insert
the same state over and over again.
this has each of the paths that insert states (actual pf, ioctls,
and pfsync) identify themselves so pfsync can enter them into its
own state machine in the right place. when pfsync inserts a state
into pf, it knows it should just swallow the state silently without
sending out another insert for it.
ok sthen@ sashan@
kettenis [Mon, 31 Jul 2023 09:00:43 +0000 (09:00 +0000)]
Make the RSB interface optional such that we can use this driver in kernels
without the sxirsb(4) driver.
ok uaa@
tb [Mon, 31 Jul 2023 05:04:06 +0000 (05:04 +0000)]
Remove more *_options() stuff
The public symbols were removed. Some prototypes and in the case of DES
even the implementation remained.
ok jsing
guenther [Mon, 31 Jul 2023 04:01:07 +0000 (04:01 +0000)]
On CPUs with eIBRS ("enhanced Indirect Branch Restricted Speculation")
or IBT enabled the kernel, the hardware should the attacks which
retpolines were created to prevent. In those cases, retpolines
should be a net negative for security as they are an indirect branch
gadget. They're also slower.
* use -mretpoline-external-thunk to give us control of the code
used for indirect branches
* default to using a retpoline as before, but marks it and the
other ASM kernel retpolines for code patching
* if the CPU has eIBRS, then enable it
* if the CPU has eIBRS *or* IBT, then codepatch the three different
retpolines to just indirect jumps
make clean && make config required after this
ok kettenis@
guenther [Mon, 31 Jul 2023 01:33:57 +0000 (01:33 +0000)]
The replacement code passed to codepatch_replace() can usefully be
const.
suggested by bluhm@
kettenis [Sun, 30 Jul 2023 17:28:19 +0000 (17:28 +0000)]
Add JH7110 I2C clocks.
ok jsing@
tb [Sun, 30 Jul 2023 16:43:53 +0000 (16:43 +0000)]
sync with userland's zlib.h
tb [Sun, 30 Jul 2023 16:43:28 +0000 (16:43 +0000)]
sync compress.3 with zlib.h
ok jmc
tb [Sun, 30 Jul 2023 16:42:57 +0000 (16:42 +0000)]
Merge some doc comment updates from upstream
tb [Sun, 30 Jul 2023 16:42:01 +0000 (16:42 +0000)]
Pull in two #undef from upstream's develop branch
ok guenther
krw [Sun, 30 Jul 2023 12:52:03 +0000 (12:52 +0000)]
Check for NULL before de-referencing a pointer, not after.
More complete solution after tb@ pointed out what Coverity missed.
ok tb@
jsg [Sun, 30 Jul 2023 12:16:20 +0000 (12:16 +0000)]
change __GFP_KSWAPD_RECLAIM from 0 to M_NOWAIT
aja@ reported a panic where __i915_gpu_coredump() used a combination of
gfp flags which resulted in neither M_WAITOK or M_NOWAIT.
yasuoka [Sun, 30 Jul 2023 08:46:03 +0000 (08:46 +0000)]
Attach "Intel 700 Series HD Audio" (0x51ca). The audio device on vaio
VJPK23, azalia doesn't match because its subclass is audio not hd audio.
ok jsg
dlg [Sun, 30 Jul 2023 05:39:52 +0000 (05:39 +0000)]
count the number of times a ring was marked as oactive.
this is interesting as an indicator of how busy or overloaded a
transmit queue is before the next indicator which is the number of
qdrops.
dlg [Sun, 30 Jul 2023 04:27:01 +0000 (04:27 +0000)]
move rx head register writes out of rx completions and into rxfill
rxfill is always called after rx completions are done anyway, and
it makes more sense to give the hypervisor an update about new mbufs
on the ring after we put them there.
dlg [Sun, 30 Jul 2023 04:10:58 +0000 (04:10 +0000)]
fix generation handling on rx ring wraparound.
dlg [Sun, 30 Jul 2023 03:40:08 +0000 (03:40 +0000)]
white space fixes, no functional change
dlg [Sun, 30 Jul 2023 03:35:50 +0000 (03:35 +0000)]
add bus_dmamap_sync() ops around the rx handling.
dlg [Sun, 30 Jul 2023 02:10:00 +0000 (02:10 +0000)]
clear oactive on each txq, not just txq 0 when the iface goes up or down
if the driver did get into a situation where the tx rings were out
of sync (which should be fixed now) and were stuck oactive, taking
the interface down and up didnt clear that on anything except ring
0.
dlg [Sun, 30 Jul 2023 01:59:23 +0000 (01:59 +0000)]
add bus_dmamap_syncs around tx ring handling.
this copies the dmamem wrapper from ixl (which has been copied
around lots of other places too) so it makes the bus_dma ops around
them more consistent with other drivers. before this vmx would use
the bus dma api to allocate physical memory, but then free the
dmamap so it wasnt available for use with bus_dmamap_sync().
dlg [Sun, 30 Jul 2023 01:41:05 +0000 (01:41 +0000)]
tighten up the tx start/completion handling of the producer and consumer.
the hypervisor obvious snoops the descriptor rings like crazy, and
it can run and complete transmit of packets as soon as the ownership
bit is set on the descriptor and before the txh register is updated
with the producer index. txintr would only process tx completions
if the producer and consumer indexes the driver maintains were
different, but would then go and pop every packet the hardware said
was done off the ring.
this changes txintr so it will only iterate over packets between
the driver consumer and producer indexes. also, have the start code
update the producer before flipping the ownership bit in the ring.
this keeps the start and intr code in sync.
dlg [Sun, 30 Jul 2023 01:15:42 +0000 (01:15 +0000)]
post tx ring producer updates to each rings own txh register.
before this change all the different ring producer updates were
posted to ring 0.
tb [Sat, 29 Jul 2023 17:15:45 +0000 (17:15 +0000)]
Drop unused conf, pem, and x509 headers, add unistd for pledge
krw [Sat, 29 Jul 2023 15:59:27 +0000 (15:59 +0000)]
Check for NULL before de-referencing a pointer, not after.
Coverity CID #
1566406
ok phessler@
anton [Sat, 29 Jul 2023 06:52:50 +0000 (06:52 +0000)]
Read curcpu once in kcov code hot paths.
anton [Sat, 29 Jul 2023 06:52:08 +0000 (06:52 +0000)]
Avoid accessing curproc early during boot when kcov is enabled as it
might be unassigned until all secondary processors are up and running.
tb [Sat, 29 Jul 2023 06:46:20 +0000 (06:46 +0000)]
Move HAVE_FUNOPEN out of !NOPIC
Due to some historic accident, HAVE_FUNOPEN was grouped with DSO_DLFCN
and HAVE_DLFCN_H inside !defined(NOPIC). While the two DLFCN bits belong
there, HAVE_FUNOPEN doesn't.
ok jsing, millert agrees
tb [Sat, 29 Jul 2023 06:17:56 +0000 (06:17 +0000)]
Garbage collect rodata only used by RC4_options()
build tested by miod
tb [Sat, 29 Jul 2023 03:18:05 +0000 (03:18 +0000)]
Add _libre_CMS_{,SignerInfo}_get_version
tb [Sat, 29 Jul 2023 03:13:38 +0000 (03:13 +0000)]
Remove {BN,idea}_options() leftovers
Some *_options() prototypes were left behind in headers. I will remove
them after my amd64 ports bulk completes.
tb [Sat, 29 Jul 2023 03:05:35 +0000 (03:05 +0000)]
Remove BF_options() documentation
tb [Sat, 29 Jul 2023 02:32:00 +0000 (02:32 +0000)]
reinstate KNF for comment
benno [Fri, 28 Jul 2023 20:28:11 +0000 (20:28 +0000)]
bump version
bluhm [Fri, 28 Jul 2023 20:25:08 +0000 (20:25 +0000)]
Simplify logic for LRO packet tracking in ix(4). Protect against
integer overflow although it should not happen.
test and OK jan@
tb [Fri, 28 Jul 2023 18:29:26 +0000 (18:29 +0000)]
Some of these functions no longer exist or are no longer public
bluhm [Fri, 28 Jul 2023 17:25:32 +0000 (17:25 +0000)]
Some open rsync tests fail when run as regular user. If running
as root, switch to build user to cover that case with new test13b_perms.
Fix the original test6_perms and test13_perms to pass as root and
regular user. Note that ports rsync does not have this problem.
tb [Fri, 28 Jul 2023 17:13:56 +0000 (17:13 +0000)]
DSO has left the building
dv [Fri, 28 Jul 2023 16:54:48 +0000 (16:54 +0000)]
Initialize handlers with NULL, not 0.
tb [Fri, 28 Jul 2023 16:02:34 +0000 (16:02 +0000)]
Also remove ecdh.h use from libssl
tb [Fri, 28 Jul 2023 15:50:33 +0000 (15:50 +0000)]
Stop including ecdsa.h and ecdh.h internally
These headers are now reduced to #include <openssl/ec.h> and are provided
for compatiblity only. There's no point in using them. At the same time
garbage collect the last uses of OPENSSL_NO_{ECDSA,ECDH} in our tree.
ok jsing
tb [Fri, 28 Jul 2023 14:34:54 +0000 (14:34 +0000)]
The CRYPTO_EX_DATA type is not opaque
By API misdesign, it cannot be opaque. The incorrect documentation was
added as a part of a huge commit with a lot of churn. CRYPTO_EX_DATA
typically lives as an embedded struct of an opaque struct, but it can
also be used by applications, for example to initialize libssl.
documentation error pointed out by jsing
jsg [Fri, 28 Jul 2023 13:30:07 +0000 (13:30 +0000)]
remove X509_ATTRIBUTE_SET_it
public symbol removed in April
ok tb@
tb [Fri, 28 Jul 2023 13:05:59 +0000 (13:05 +0000)]
dhtest: simplify printing and make the output slightly less ugly
CID 463174
claudio [Fri, 28 Jul 2023 11:23:03 +0000 (11:23 +0000)]
Implement print_hexbuf() to hexdump the contents of an ibuf.
OK tb@
jsing [Fri, 28 Jul 2023 11:08:01 +0000 (11:08 +0000)]
Combine ripemd into a single C file.
jsing [Fri, 28 Jul 2023 11:06:28 +0000 (11:06 +0000)]
Combine md5 into a single C file.
jsing [Fri, 28 Jul 2023 11:04:41 +0000 (11:04 +0000)]
Combine md4 into a single C file.
tb [Fri, 28 Jul 2023 10:42:01 +0000 (10:42 +0000)]
sync
tb [Fri, 28 Jul 2023 10:41:24 +0000 (10:41 +0000)]
bump libcrypto, libssl, libtls majors
tb [Fri, 28 Jul 2023 10:38:51 +0000 (10:38 +0000)]
Two files did not want to go away. Go!
tb [Fri, 28 Jul 2023 10:35:14 +0000 (10:35 +0000)]
Remove various ${thing}_options
Various, ancient ciphers exposed some of their innards via an _options()
API. Apart from openssl version/speed, only some lua thingie in nmap ever
looked at these. Go figure.
hppa testing by miod, i386 testing by sthen. Thanks!
ok jsing
tb [Fri, 28 Jul 2023 10:33:13 +0000 (10:33 +0000)]
Remove more ASN1_BIT_STRING API
This removes ASN1_BIT_STRING_name_print(), ASN1_BIT_STRING_{num,set}_asc().
Before trust was properly handled using OIDs, there was a period where it
used bit strings. The actual interfaces used in openssl x509 were removed,
but the functions they wrapped remained unused for the next 24 years.
ok jsing
tb [Fri, 28 Jul 2023 10:30:16 +0000 (10:30 +0000)]
Remove ASN1_BIT_STRING_check
This was added with the TS code for no discernible reason. I could not
find a single consumer. In the unlikely event that you need this, it is
easy enough to write a better version of it yourself.
ok jsing
tb [Fri, 28 Jul 2023 10:28:02 +0000 (10:28 +0000)]
Provide CMS{,_SignerInfo}_get_version
Add accessors for the syntax versions of ContentInfo and SignerInfo.
These will be used soon in rpki-client for some more compliance checks.
ok job jsing
tb [Fri, 28 Jul 2023 10:26:33 +0000 (10:26 +0000)]
Remove sk_nid_triple_*()
The nid_triple stack is no more. Its type never was part of the public API.
Why its stack macros were will remain a mystery.
ok jsing
tb [Fri, 28 Jul 2023 10:25:05 +0000 (10:25 +0000)]
Remove OBJ_add_sigid() and OBJ_sigid_free()
Another bit of unused extensibility that was responsible for a lot
of complexity until recently. This removes the remaining stubs from
the public API.
ok jsing
tb [Fri, 28 Jul 2023 10:23:19 +0000 (10:23 +0000)]
Remove more ERR cruft
Ever wondered how many entries populate the various err hashes?
Me neither. Remove this garbage.
ok jsing
tb [Fri, 28 Jul 2023 10:21:01 +0000 (10:21 +0000)]
Remove ERR_{get,set}_implementation()
Much like ex_data, applications can make the library use their own error
stack implementation. Well, except as of right now they no longer can.
ok jsing
tb [Fri, 28 Jul 2023 10:19:20 +0000 (10:19 +0000)]
Make ex_data implementations internal
To state the obvious: library suffers from way too much extensibility. In
theory, applications can implement their own ex_data implementation. In
practice, none did. A glance at ex_data.c might give an idea as to why.
Make this internal so this particular turd can be replaced with something
slightly saner.
Also sync up the CRYPTO_EX_INDEX_* defines with OpenSSL - at least
the parts we support.
ok jsing
tb [Fri, 28 Jul 2023 10:17:21 +0000 (10:17 +0000)]
Remove BUF_[a-z]* API
This are a bunch of strange string handlers with NULL checks that make
no real sense except to some devs who like to sprinkle them everywhere.
Fortunately, nothing uses these anymore, so they can go.
ok jsing
tb [Fri, 28 Jul 2023 10:13:50 +0000 (10:13 +0000)]
Drop BIO_n{read,write}{,0}()
This is one of those strange things that should never have made it into
a security-oriented libraries. From BIO_s_bio.3:
.\" The following non-copying I/O functions are intentionally undocumented
.\" because they seem fragile and unused by anything:
It was used in a single place: the gorgeous ssltest. I'm not smart enough
to follow. Also:
/* WARNING: The non-copying interface is largely untested as of yet
* and may contain bugs. */
Oh, really? Into the great bitbucket in the sky you go.
ok jsing
tb [Fri, 28 Jul 2023 10:07:30 +0000 (10:07 +0000)]
Remove the get_rfc*_prime_*() API
Inconsistently named with the rest of the API, so OpenSSL 1.1 introduced
the same functions with a BN_ prefix. We'll keep the latter.
ok jsing
tb [Fri, 28 Jul 2023 10:05:16 +0000 (10:05 +0000)]
Make BN_BLINDING internal
RSA is pretty bad. In my most optimistic moments I dream of a world that
stopped using it. That won't happen during my lifetime, unfortunately.
Blinding is one way of making it a little less leaky. Unfortunately this
side-channel leak mitigation leaked out of the library for no good reason.
Let's at least fix that aspect of it.
ok jsing
tb [Fri, 28 Jul 2023 10:02:11 +0000 (10:02 +0000)]
Remove ASN1_bn_print() and ASN1_buf_print()
ASN1_bn_print() is a hilariously bad API that was replaced with a saner
interface internally. ASN1_buf_print() isn't terrible, but it is too
specialized to be of real use. It was only exposed because ASN1_bn_print()
was already there. Its only use had been in the EdDSA printing code before
it was replaced with an internal helper.
ok jsing
tb [Fri, 28 Jul 2023 10:00:10 +0000 (10:00 +0000)]
Make ASN1_{primitive,template}_* internal
These were long removed from the public OpenSSL API, so we can do the
same. Remove ASN1_template_{d2i,i2d}() - those are unused internally.
ok jsing
tb [Fri, 28 Jul 2023 09:58:30 +0000 (09:58 +0000)]
Make ASN.1 BIO internal
With every bump we can remove a bit more of the ASN.1 BIO and the
streaming interface. At some point enough will be internal so that
we can rewrite it and bring it in a shape where mere mortals can
follow all the twists and turns. This is the next step: BIO_f_asn1(3)
goes away and takes BIO_asn1_{get,set}_{prefix,suffix}() with it,
a bunch of functions helping along in a write-after-free recently.
The getters go away, the setters stay for now.
ok jsing
tb [Fri, 28 Jul 2023 09:53:55 +0000 (09:53 +0000)]
Set OPENSSL_NO_ENGINE, remove engine code
ENGINE was special. It's horrible code even by the low standards of this
library. Some ports may now try to use the stubs which will fail, but
the fallout from this should be minimal. Of course there are various
language bindings that expose the ENGINE API. OpenSSL 3 disabling ENGINE
by default will likely help fixing this at some point.
ok jsing
tb [Fri, 28 Jul 2023 09:47:16 +0000 (09:47 +0000)]
sync
tb [Fri, 28 Jul 2023 09:46:36 +0000 (09:46 +0000)]
Drop DSO and define OPENSSL_NO_DSO
DSO and in particular dlopen() was used for dynamic engines, which we
removed a long time ago and for dynamic conf modules, which we removed
only very recently. Now remove this dangerous interface.
ok jsing
claudio [Fri, 28 Jul 2023 09:46:13 +0000 (09:46 +0000)]
Properly emulate wait_event_interruptible_locked().
This function is called with the wait_queue_head locked, so the code
can not use prepare_to_wait()/finish_wait() since these assume the
wqh is unlocked. Also the lock needs to be held right up to the
schedule()/sleep_finish() call.
OK kettenis@ jsg@
tb [Fri, 28 Jul 2023 09:42:44 +0000 (09:42 +0000)]
Drop the comp module
opensslfeatures.h has long defined OPENSSL_NO_COMP and the build with
ZLIB was broken in openssl(1) since 2015 and in libcrypto since 2022.
ZLIB was unifdefed a while ago, now we can retire the public API.
The comp.h header stays devoid of code because a number of ports use it
for historic reasons.
ok jsing
claudio [Fri, 28 Jul 2023 09:41:43 +0000 (09:41 +0000)]
Remove local hack in intel_atomic_commit_fence_wait().
This functions registers the proc on two wait_queues so either one
can wakeup the proc. Until lately this was not possible because a
mutex was held when setting up the wait state. Since the rework of
the sleep API and the cleanup of the linux wait.h implementation this
is no longer the case.
Tested by various people with different inteldrm versions.
OK kettenis@ jsg@
mvs [Fri, 28 Jul 2023 09:33:16 +0000 (09:33 +0000)]
Compare m_pullup(9) return value against NULL instead of 0.
tb [Fri, 28 Jul 2023 09:31:21 +0000 (09:31 +0000)]
Remove some unneeded includes from ecdh.c
tb [Fri, 28 Jul 2023 09:30:22 +0000 (09:30 +0000)]
Pull up zeroing of out; drop unnecessary check
Move the zeroing of the output buffer a few lines up and remove an
unnecessary check.
requested/ok jsing
tb [Fri, 28 Jul 2023 09:29:24 +0000 (09:29 +0000)]
Rename buflen to buf_len, use calloc/freezero
Some cosmetic tweaks in ecdh_compute_key(). Rename buflen to buf_len
to match out_len, use calloc() and freezero().
ok jsing
tb [Fri, 28 Jul 2023 09:28:37 +0000 (09:28 +0000)]
Move KDF handling to ECDH_compute_key()
In OpenSSL
e2285d87, the KDF handling was moved from the compute_key()
method into the public API. A consequence of this change is that the
ECDH_compute_key() API no longer returns -1 for some errors. Existing
checks for <= 0 are safe as are those checking for the exact length as
return value, which is all what the ecosystem seems to be doing.
ok jsing
tb [Fri, 28 Jul 2023 09:25:12 +0000 (09:25 +0000)]
Merge ecdh.h into ec.h
The remaining two ECDH interfaces are relocated into ec.h. ecdh.h
remains. It does nothing but include ec.h.
ok jsing
tb [Fri, 28 Jul 2023 09:22:26 +0000 (09:22 +0000)]
Excise ECDH_METHOD
Unlike ECDSA_METHOD, this has been unused forever but kind of needed to
stay for symmetry with ECDSA_METHOD. Now we can finally take it behind
the barn and remove its tendrils into ENGINE.
ok jsing
tb [Fri, 28 Jul 2023 09:19:58 +0000 (09:19 +0000)]
Remove ECDH errors
Much like the ECDSA errors, the ECDH errors have been unused for a
while. Garbage collect them.
ok jsing
tb [Fri, 28 Jul 2023 09:18:10 +0000 (09:18 +0000)]
Remove some unneeded includes from ecdsa.h
tb [Fri, 28 Jul 2023 09:16:17 +0000 (09:16 +0000)]
Merge ecdsa.h into ec.h
Move the remaining ECDSA API into ec.h to match OpenSSL 1.1's interface
better. In particular, the EC_KEY sign and verify method accessors are
moved to the right header. Whether the rest of the ECDSA stuff belongs
there is debatable, but that was upstream's choice.
ok jsing
tb [Fri, 28 Jul 2023 09:08:31 +0000 (09:08 +0000)]
Remove ECDSA_METHOD
After smtpd (in base) and libtls finally switched from ECDSA_METHOD to
EC_KEY_METHOD, much of the ECDSA_METHOD code was neutered. Remove the
remaining public API as well as numerous tentacles into ENGINE.
ok jsing
tb [Fri, 28 Jul 2023 09:01:25 +0000 (09:01 +0000)]
Remove ecs_err.c
These error codes have been unused for a while, so the public API loading
them is pointless.
ok jsing
tb [Fri, 28 Jul 2023 08:57:46 +0000 (08:57 +0000)]
Place public ECDSA API next to the internal methods
It is hard to remember that ECDSA_do_{sign,verify}() call ecdsa_sign_sig().
Especially since the distinction to ECDSA_{sign,verify}() isn't clear from
the names. To add to the confusion, the public API is ordered differently
than the methods they call. So in this case it seems tidier to place the
public API next to the methods.
ok jsing
tb [Fri, 28 Jul 2023 08:54:41 +0000 (08:54 +0000)]
Remove ECDSA_{do_,}sign_ex()
There is no reason to keep these. It is cleaner to keep ECDSA_sign_setup()
but remove the logic for passed-in kinv and r.
Refuse to cooperate as far as possible. Someone could still implement
their own versions of ECDSA_{do_,}_sign_ex() and ECDSA_sign_setup() by
leveraging EC_KEY_METHOD_get_sign() and building their own wrappers.
We can't make such an implementation of ECDSA_sign_setup() fail, but we
make the actual signing fail since we no longer "do the right thing".
ok jsing
tb [Fri, 28 Jul 2023 08:49:43 +0000 (08:49 +0000)]
Make extended ECDSA signing routines internal
ECDSA_sign_setup() permits precomputing the values of the inverse of the
random k and the corresponding r. These can then be fed into the signing
routines ECDSA_{do_,}sign_ex() multiple times if needed. This is not a
great idea and the interface adds a lot of unwanted complexity.
Not to mention that nothing ever used this correctly - if s works out to
0, a special error code is thrown requesting that the caller provide new
kinv and r values. Unsurprisingly, nobody ever checked for that special
error code.
ok jsing
This commit marks the start of a libcrypto major bump. Do not build the
tree until I bumped the shlib_version and synced file sets (in about 35
commits).
claudio [Fri, 28 Jul 2023 07:31:38 +0000 (07:31 +0000)]
Use ibuf_data() instead of accessing the ibuf buf pointer directly.
Also convert some ibuf_add(() calls to ibuf_add_buf() where appropriate.
OK tobhe@ tb@
jsg [Fri, 28 Jul 2023 07:10:26 +0000 (07:10 +0000)]
Revert "drm/amd/display: edp do not add non-edid timings"
From Hersen Wu
1d4607f2a50c749e47a4b80030733cbf77c5570a in linux-6.1.y/6.1.42
d6149086b45e150c170beaa4546495fd1880724c in mainline linux
jsg [Fri, 28 Jul 2023 07:08:10 +0000 (07:08 +0000)]
drm/amd/display: Add polling method to handle MST reply packet
From Wayne Lin
2f2ba3c16230e1de649a877e5819673c849ca0f2 in linux-6.1.y/6.1.42
4f6d9e38c4d244ad106eb9ebd8c0e1215e866f35 in mainline linux
jsg [Fri, 28 Jul 2023 07:05:07 +0000 (07:05 +0000)]
drm/amd/display: fix linux dp link lost handled only one time
From Hersen Wu
78ea2ed76ce94f090d2a9c36b1b58f79ce3b93b8 in linux-6.1.y/6.1.42
e322843e5e33e72ff218d661f3d15ff9c9f2f1b5 in mainline linux
jsg [Fri, 28 Jul 2023 07:02:47 +0000 (07:02 +0000)]
drm/amd/display: Clean up errors & warnings in amdgpu_dm.c
From Srinivasan Shanmugam
b31143b0fbbd7bae05905f838bb7f8c07eb86662 in linux-6.1.y/6.1.42
87279fdf5ee0ad1360765ef70389d1c4d0f81bb6 in mainline linux