openbsd
4 months agoAdd missing "module standard". It is needed before use it.
yasuoka [Wed, 3 Jul 2024 06:09:13 +0000 (06:09 +0000)]
Add missing "module standard".  It is needed before use it.

4 months agoremove __mp_release_all_but_one(), unused since sched_bsd.c rev 1.92
jsg [Wed, 3 Jul 2024 01:36:50 +0000 (01:36 +0000)]
remove __mp_release_all_but_one(), unused since sched_bsd.c rev 1.92
ok claudio@

4 months agoregen
kettenis [Tue, 2 Jul 2024 22:28:29 +0000 (22:28 +0000)]
regen

4 months agoAdd Qualcomm X1E80100
kettenis [Tue, 2 Jul 2024 22:28:02 +0000 (22:28 +0000)]
Add Qualcomm X1E80100

4 months agoFix unintended comparison between signed and unsigned integer.
kettenis [Tue, 2 Jul 2024 19:59:54 +0000 (19:59 +0000)]
Fix unintended comparison between signed and unsigned integer.
C type conversion rules are hard, let's go shopping.

ok patrick@

4 months agoSupport the Qualcomm Snapdragon X Elite (X1E80100) PCIe controller. We do
patrick [Tue, 2 Jul 2024 19:44:37 +0000 (19:44 +0000)]
Support the Qualcomm Snapdragon X Elite (X1E80100) PCIe controller.  We do
not do anything fancy for the SC8280XP either, so treat it equally.

ok kettenis@

4 months agoFrom what we currently use, the Qualcomm Snapdragon X Elite (X1E80100)
patrick [Tue, 2 Jul 2024 19:43:52 +0000 (19:43 +0000)]
From what we currently use, the Qualcomm Snapdragon X Elite (X1E80100)
GPIO controller is to be treated equally as the SC8280XP, apart from
the new one having a few more pins.

ok kettenis@

4 months agoGive the Qualcomm Snapdragon X Elite (X1E80100) the same treatment as its
patrick [Tue, 2 Jul 2024 19:41:52 +0000 (19:41 +0000)]
Give the Qualcomm Snapdragon X Elite (X1E80100) the same treatment as its
predecessors and don't touch the SMMUv2.

ok kettenis@

4 months agoRead IPsec forwarding information once.
bluhm [Tue, 2 Jul 2024 18:33:47 +0000 (18:33 +0000)]
Read IPsec forwarding information once.

Fix MP race between reading ip_forwarding in ip_input() and checking
ip_forwarding == 2 in ip_output().  In theory ip_forwarding could
be 2 during ip_input() and later 0 in ip_output().  Then a packet
would be forwarded that was never allowed.  Currently exclusive
netlock in sysctl(2) prevents all races.

Introduce IP_FORWARDING_IPSEC and pass it with the flags parameter
that was introduced for IP_FORWARDING.

Instead of calling m_tag_find(), traversing the list, and comparing
with NULL, just check the PACKET_TAG_IPSEC_IN_DONE bit.  Reading
ipsec_in_use in ip_output() is a performance hack that is not
necessary.  New code only checks tree bits.

OK mvs@

4 months agoUse correct idiom to get mac addresses from ethernet-like interfaces.
florian [Tue, 2 Jul 2024 17:41:27 +0000 (17:41 +0000)]
Use correct idiom to get mac addresses from ethernet-like interfaces.

This unbreaks rad(8) on top of carp(4).

OK deraadt, bluhm

4 months agosync
deraadt [Tue, 2 Jul 2024 16:18:45 +0000 (16:18 +0000)]
sync

4 months agominor cleanups, especially DPADD
deraadt [Tue, 2 Jul 2024 16:18:11 +0000 (16:18 +0000)]
minor cleanups, especially DPADD

4 months agoThe traditional LL/SC atomics perform poorly on modern arm64 systems with
kettenis [Tue, 2 Jul 2024 10:25:16 +0000 (10:25 +0000)]
The traditional LL/SC atomics perform poorly on modern arm64 systems with
many CPU cores.  With the recent conversion of the sched lock to a mutex
some systems appear to hang if the sched lock is contended.  ARMv8.1
introduced an LSE feature that provides atomic instructions such as CAS
that perform much better.  Unfortunately these can't be used on older
ARMv8.0 systems.  Use -moutline-atomics to make the compiler generate
function calls for atomic operations and provide an implementation for
the functions we use in the kernel that use LSE when available and fall
back on LL/SC.

Fixes regressions seen on Ampere Altra and Apple M2 Pro/Max/Ultra since
the conversion of the sched lock to a mutex.

tested by claudio@, phessler@, mpi@
ok patrick@

4 months agoDo not attach acpitz(4) if the _STA method indicates that a thermal zone
kettenis [Tue, 2 Jul 2024 08:27:04 +0000 (08:27 +0000)]
Do not attach acpitz(4) if the _STA method indicates that a thermal zone
isn't present.  While it isn't clear whether _STA applies to thermal zones
according to the ACPI standard, this prevents issues on the Asus Vivobook S15.

ok miod@, patrick@, deraadt@

4 months agospelling, grammar, macro fixes for previous;
jmc [Tue, 2 Jul 2024 06:01:22 +0000 (06:01 +0000)]
spelling, grammar, macro fixes for previous;

4 months agoSupport numpad on newer macppc Apple PowerBooks
gkoehler [Tue, 2 Jul 2024 05:50:02 +0000 (05:50 +0000)]
Support numpad on newer macppc Apple PowerBooks

This is for newer PowerBooks with ukbd(4), and doesn't affect older
models with akbd(4).  The Fn key now makes a numpad,

     7  8  9  0  -          7  8  9  /  =
      U  I  O  P      =>     4  5  6  *
       J  K  L  ;             1  2  3  -
           M  .  /                0  .  +

Also, Fn+F6 is Num Lock.  This acts like Num Lock on other USB
keyboards, and unlike Num Lock on akbd(4).

From jon (at) elytron (dot) openbsd (dot) amsterdam

4 months agoremove oga's copyright notice, none of those changes remain
jsg [Tue, 2 Jul 2024 04:42:43 +0000 (04:42 +0000)]
remove oga's copyright notice, none of those changes remain

4 months agoremove unused agp_flush_cache_range()
jsg [Tue, 2 Jul 2024 04:29:01 +0000 (04:29 +0000)]
remove unused agp_flush_cache_range()

4 months agoremove unused agp_map functions
jsg [Tue, 2 Jul 2024 04:10:25 +0000 (04:10 +0000)]
remove unused agp_map functions
last use (in inteldrm) was removed in March

4 months agoFix previous. The place of "accounting" was wrong.
yasuoka [Tue, 2 Jul 2024 00:35:56 +0000 (00:35 +0000)]
Fix previous.  The place of "accounting" was wrong.

4 months agoAdd support for RADIUS accounting.
yasuoka [Tue, 2 Jul 2024 00:33:51 +0000 (00:33 +0000)]
Add support for RADIUS accounting.

4 months agoChange the syntax for "module" and "authenticate". "module" can have
yasuoka [Tue, 2 Jul 2024 00:00:12 +0000 (00:00 +0000)]
Change the syntax for "module" and "authenticate".  "module" can have
a {} block now.  On the other hand, "authentication" can be without a
{} block.  The previous syntax is still accepted.  Also make
specifying the path of "module" be optional.

4 months agoStop scheduling an I/O event by the timer when the imsg_buf has the data
yasuoka [Mon, 1 Jul 2024 23:53:30 +0000 (23:53 +0000)]
Stop scheduling an I/O event by the timer when the imsg_buf has the data
larger than the imsg header. It prevented the receiver from receiving the
following parts of the message.

4 months agosignal handler must use the save_errno dance, and massage a variable
deraadt [Mon, 1 Jul 2024 18:52:22 +0000 (18:52 +0000)]
signal handler must use the save_errno dance, and massage a variable
of type 'volatile sig_atomic_t'
ok tb

4 months agomissing save_errno dance inside non-terminal signal handler
deraadt [Mon, 1 Jul 2024 18:43:50 +0000 (18:43 +0000)]
missing save_errno dance inside non-terminal signal handler

4 months agotidy up the text in previous; ok yasuoka
jmc [Mon, 1 Jul 2024 14:56:19 +0000 (14:56 +0000)]
tidy up the text in previous; ok yasuoka

4 months agoEnclose IPv6 address in a square bracket if the address is used with
yasuoka [Mon, 1 Jul 2024 14:15:15 +0000 (14:15 +0000)]
Enclose IPv6 address in a square bracket if the address is used with
the port number.

ok florian tobhe

4 months agoDon't crash if we can't read the temperature for a zone while polling it.
kettenis [Mon, 1 Jul 2024 14:13:43 +0000 (14:13 +0000)]
Don't crash if we can't read the temperature for a zone while polling it.

ok dv@

4 months agoExplicit TLS handshake with syslog client.
bluhm [Mon, 1 Jul 2024 12:06:45 +0000 (12:06 +0000)]
Explicit TLS handshake with syslog client.

Add a new TLS handshake callback for incoming connections.  This
will allow to inspect the client certificate later.  For now only
print a debug message and check it in regress.

with and OK henning@

4 months agoModify IPCP to use {D,NB}NS servers from RADIUS. Also move the
yasuoka [Mon, 1 Jul 2024 07:09:07 +0000 (07:09 +0000)]
Modify IPCP to use {D,NB}NS servers from RADIUS.  Also move the
radius related functions from ppp.c to npppd_radius.c.

4 months agoExit with an error code when error or module die.
yasuoka [Mon, 1 Jul 2024 05:20:01 +0000 (05:20 +0000)]
Exit with an error code when error or module die.
CVS ----------------------------------------------------------------------

4 months agoSet SO_REUSEADDR for the listening socket. This makes radiusd(8)
yasuoka [Mon, 1 Jul 2024 05:18:16 +0000 (05:18 +0000)]
Set SO_REUSEADDR for the listening socket.  This makes radiusd(8)
can bind both on an interface address and a wildcard address.

4 months agoopenssh-9.8
djm [Mon, 1 Jul 2024 04:31:59 +0000 (04:31 +0000)]
openssh-9.8

4 months agowhen sending ObscureKeystrokeTiming chaff packets, we can't
djm [Mon, 1 Jul 2024 04:31:17 +0000 (04:31 +0000)]
when sending ObscureKeystrokeTiming chaff packets, we can't
rely on channel_did_enqueue to tell that there is data to send.
This flag indicates that the channels code enqueued a packet
on _this_ ppoll() iteration, not that data was enqueued in _any_
ppoll() iteration in the timeslice. ok markus@

4 months agoCall daemon(3) before parse_config() since parse_config() of radiusd(8)
yasuoka [Mon, 1 Jul 2024 03:48:57 +0000 (03:48 +0000)]
Call daemon(3) before parse_config() since parse_config() of radiusd(8)
starts some sub processes and parent-child relationship with them must
be kept.  But we want to show config error on stderr, so keep stdio
files open and close them after parse_config().

4 months agoRemove unused secret field from struct radiusd_authentication
yasuoka [Mon, 1 Jul 2024 03:32:09 +0000 (03:32 +0000)]
Remove unused secret field from struct radiusd_authentication

4 months agoDon't receive decoration when not requested.
yasuoka [Mon, 1 Jul 2024 03:31:29 +0000 (03:31 +0000)]
Don't receive decoration when not requested.

4 months agoShow config error when -n
yasuoka [Mon, 1 Jul 2024 03:29:21 +0000 (03:29 +0000)]
Show config error when -n

4 months agoAdd missing size check.
yasuoka [Mon, 1 Jul 2024 03:27:31 +0000 (03:27 +0000)]
Add missing size check.

4 months ago"secret" without quote can be used for key or value since it is treated
yasuoka [Mon, 1 Jul 2024 03:22:06 +0000 (03:22 +0000)]
"secret" without quote can be used for key or value since it is treated
specially now.

4 months agoTweak a white space.
yasuoka [Mon, 1 Jul 2024 03:17:00 +0000 (03:17 +0000)]
Tweak a white space.

4 months agoDelete a garbage empty definition.
yasuoka [Mon, 1 Jul 2024 03:13:42 +0000 (03:13 +0000)]
Delete a garbage empty definition.

4 months agouse "lcd" to change directory before "lls" rather then "cd", since
djm [Mon, 1 Jul 2024 03:10:19 +0000 (03:10 +0000)]
use "lcd" to change directory before "lls" rather then "cd", since
the directory we're trying to list is local. Spotted by Corinna
Vinschen

4 months agoRemove history of the tms struct. It is tied to the function,
jsg [Mon, 1 Jul 2024 00:05:43 +0000 (00:05 +0000)]
Remove history of the tms struct.  It is tied to the function,
and the manual incorrectly claimed it first appeared in 4BSD.
ok deraadt@

4 months agocorrect history; first mention of /etc/rc in init manual pages was v4
jsg [Sun, 30 Jun 2024 23:57:31 +0000 (23:57 +0000)]
correct history; first mention of /etc/rc in init manual pages was v4
ok deraadt@

4 months agocorrect history; dmesg appeared (without a manual page) in v7
jsg [Sun, 30 Jun 2024 23:44:49 +0000 (23:44 +0000)]
correct history; dmesg appeared (without a manual page) in v7
ok deraadt@

4 months agowe don't need the NOBYFOUR space-savings option anymore, that codepath
deraadt [Sun, 30 Jun 2024 18:17:07 +0000 (18:17 +0000)]
we don't need the NOBYFOUR space-savings option anymore, that codepath
was replaced a while ago.
ok tb

4 months agodelete dhclient(8). ipv4 dhcp leases have been acquired by the
deraadt [Sun, 30 Jun 2024 17:30:52 +0000 (17:30 +0000)]
delete dhclient(8).  ipv4 dhcp leases have been acquired by the
always-running-in-background dhcpleased(8) for a while, which is
activated per-interface with "ifconfig $if autoconf', or
"ifconfig $if inet autoconf", or with "inet autoconf" in /etc/hostname.$if
dhclient(8) has done execve(3) of ifconfig(8) to handle this for a while,
so everyone has moved to the dhcpleased(8) method
ok florian

4 months agoClearify "force" and "preference" interaction.
florian [Sun, 30 Jun 2024 16:10:26 +0000 (16:10 +0000)]
Clearify "force" and "preference" interaction.

Problem reported by  Kirill A. Korinsky
OK kn

4 months agoRemove lhash statistics.
jsing [Sun, 30 Jun 2024 14:13:08 +0000 (14:13 +0000)]
Remove lhash statistics.

These are not exactly useful and we previously stopped exposing them.

ok tb@

4 months agoUse howmany() to calculate how many prpl entries are needed to describe a
krw [Sun, 30 Jun 2024 12:03:17 +0000 (12:03 +0000)]
Use howmany() to calculate how many prpl entries are needed to describe a
hibernate i/o.

Use of howmany() suggested by jmatthew@, ok jmatthew@

4 months agoAdd support for the Realtek RTL8126 chip to the rge(4) driver.
kevlo [Sun, 30 Jun 2024 08:13:02 +0000 (08:13 +0000)]
Add support for the Realtek RTL8126 chip to the rge(4) driver.
The RTL8126 is a PCIe to 5Gb Ethernet controller.

4 months agoregen
kevlo [Sun, 30 Jun 2024 08:12:06 +0000 (08:12 +0000)]
regen

4 months agoAdd Realtek RTL8126.
kevlo [Sun, 30 Jun 2024 08:11:36 +0000 (08:11 +0000)]
Add Realtek RTL8126.

4 months agosync with base
tb [Sun, 30 Jun 2024 05:18:14 +0000 (05:18 +0000)]
sync with base

4 months agocast string literals with z_const char *
tb [Sun, 30 Jun 2024 05:16:17 +0000 (05:16 +0000)]
cast string literals with z_const char *

from upstream 2ba25b2ddab9aa939c321d087fcfca573a9cca55

4 months agoZ_HUFFMAN -> Z_HUFFMAN_ONLY + linewrapping churn in a comment
tb [Sun, 30 Jun 2024 05:13:38 +0000 (05:13 +0000)]
Z_HUFFMAN -> Z_HUFFMAN_ONLY + linewrapping churn in a comment

from upstream 0f3b7b9595cc7d85c3b13282e71fcecef7f18f9c

4 months agoremove struct acpi_parsestate, unused since dsdt.c rev 1.16
jsg [Sun, 30 Jun 2024 00:29:36 +0000 (00:29 +0000)]
remove struct acpi_parsestate, unused since dsdt.c rev 1.16

4 months agoremove defines for acpi ioctls, unused since acpi.c rev 1.59
jsg [Sat, 29 Jun 2024 23:56:07 +0000 (23:56 +0000)]
remove defines for acpi ioctls, unused since acpi.c rev 1.59

4 months agoremove struct acpi_dev_rank, unused since acpi.c rev 1.144
jsg [Sat, 29 Jun 2024 23:37:50 +0000 (23:37 +0000)]
remove struct acpi_dev_rank, unused since acpi.c rev 1.144

4 months agoDisable the shared cache between resolvers for now.
florian [Sat, 29 Jun 2024 17:25:56 +0000 (17:25 +0000)]
Disable the shared cache between resolvers for now.

Since the latest libunbound update the frontend process would segfault
about once a day on one of my MX servers with what looks like a
use-after-free deep inside of libunbound.

Maybe we are poking too much at internals and the shared cache is too
much of a hack. #ifdef for now to ease investigation, but it is
possible that this code just has to go.

4 months agoZ_HUFFMAN -> Z_HUFFMAN_ONLY
tb [Sat, 29 Jun 2024 16:10:08 +0000 (16:10 +0000)]
Z_HUFFMAN -> Z_HUFFMAN_ONLY

from upstream 0f3b7b9595cc7d85c3b13282e71fcecef7f18f9c

4 months agoremove unused vars
jsg [Sat, 29 Jun 2024 12:09:51 +0000 (12:09 +0000)]
remove unused vars

4 months agoFix typos in previous.
yasuoka [Sat, 29 Jun 2024 11:50:31 +0000 (11:50 +0000)]
Fix typos in previous.

4 months agoremove unused vars
jsg [Sat, 29 Jun 2024 11:32:35 +0000 (11:32 +0000)]
remove unused vars

4 months agoremove unused var
jsg [Sat, 29 Jun 2024 11:29:55 +0000 (11:29 +0000)]
remove unused var

4 months agofix typo
tb [Sat, 29 Jun 2024 07:34:12 +0000 (07:34 +0000)]
fix typo

4 months agoAdd variables for RFC 5176 Error Cause.
yasuoka [Sat, 29 Jun 2024 07:19:18 +0000 (07:19 +0000)]
Add variables for RFC 5176 Error Cause.

4 months agoAdd variables for DAE for RADIUS (RFC 5176).
yasuoka [Sat, 29 Jun 2024 00:53:56 +0000 (00:53 +0000)]
Add variables for DAE for RADIUS (RFC 5176).

4 months agoLink regress unp-write-closed to build.
bluhm [Fri, 28 Jun 2024 21:36:05 +0000 (21:36 +0000)]
Link regress unp-write-closed to build.

4 months agoRestore original EPIPE and ENOTCONN errors priority in the uipc_send()
mvs [Fri, 28 Jun 2024 21:30:24 +0000 (21:30 +0000)]
Restore original EPIPE and ENOTCONN errors priority in the uipc_send()
path changed in rev 1.206. At least acme-client(1) is not happy with
this change.

Reported by claudio. Tests and ok by bluhm.

4 months agoTest writing to socket pair closed by the other side. This must
bluhm [Fri, 28 Jun 2024 21:07:27 +0000 (21:07 +0000)]
Test writing to socket pair closed by the other side.  This must
trigger EPIPE error.

with and OK mvs@

4 months agoAdd more regress coverage for SSL_select_next_proto()
tb [Fri, 28 Jun 2024 14:50:37 +0000 (14:50 +0000)]
Add more regress coverage for SSL_select_next_proto()

4 months agoThe ALPN callback should really ignore the out parameter if there's
tb [Fri, 28 Jun 2024 14:48:43 +0000 (14:48 +0000)]
The ALPN callback should really ignore the out parameter if there's
no overlap. Document that explicitly. Also make it more explicit that
that the caller must work with a copy of out.

ok jsing

4 months agoCleanup control queue checks in vio(4).
jan [Fri, 28 Jun 2024 14:46:31 +0000 (14:46 +0000)]
Cleanup control queue checks in vio(4).

Add missing newlines in prints while here.

ok sf@

4 months agoFix SSL_select_next_proto()
tb [Fri, 28 Jun 2024 14:46:19 +0000 (14:46 +0000)]
Fix SSL_select_next_proto()

SSL_select_next_proto() is already quite broken by its design: const in,
non-const out, with the intention of pointing somewhere inside of the two
input pointers. A length returned in an unsigned char (because, you know,
the individual protocols are encoded in Pascal strings). Can't signal
uailure either. It also has an unreachable public return code.

Also, due to originally catering to NPN, this function opportunistically
selects a protocol from the second input (client) parameters, which makes
little sense for ALPN since that means the server falls back to a protocol
it doesn't (want to) support. If there's no overlap, it's the callback's
job to signal error to its caller for ALPN.

As if that wasn't enough misdesign and bugs, the one we're concerned with
here wasn't reported to us twice in ten years is that if you pass this API
a zero-length (or a sufficiently malformed client protocol list), it would
return a pointer pointing somewhere into the heap instead into one of the
two input pointers. This pointer could then be interpreted as a Pascal
string, resulting in an information disclosure of up to 255 bytes from the
heap to the peer, or a crash.

This can only happen for NPN (where it does happen in old python and node).

A long time ago jsing removed NPN support from LibreSSL, because it had
an utter garbage implementation and because it was practically unused.
First it was already replaced by the somewhat less bad ALPN, and the only
users were the always same language bindings that tend to use every feature
they shouldn't use. There were a lot of complaints due to failing test
cases in there, but in the end the decision turned out to be the right
one: the consequence is that LibreSSL isn't vulnerable to CVE-2024-5535.

Still, there is a bug here to fix. It is completely straightforward to
do so. Rewrite this mess using CBS, preserving the current behavior.
Also, we do not follow BoringSSL's renaming of the variables. It would
result in confusing code in almost all alpn callbacks I've seen in the
wild. The only exception is the accidental example of Qt.

ok jsing

4 months agoRemove handling of SSLv2 client hello messages.
jsing [Fri, 28 Jun 2024 13:37:49 +0000 (13:37 +0000)]
Remove handling of SSLv2 client hello messages.

This code was only previously enabled if the minimum enabled version was
TLSv1.0 and a non-version locked method is in use. Since TLSv1.0 and
TLSv1.1 were disabled nearly a year ago, this code is no longer ever
being used.

ok tb@

4 months agodrm/amdgpu: fix UBSAN warning in kv_dpm.c
jsg [Fri, 28 Jun 2024 03:37:58 +0000 (03:37 +0000)]
drm/amdgpu: fix UBSAN warning in kv_dpm.c

From Alex Deucher
b065d79ed06a0bb4377bc6dcc2ff0cb1f55a798f in linux-6.6.y/6.6.36
f0d576f840153392d04b2d52cf3adab8f62e8cb6 in mainline linux

4 months agodrm/radeon: fix UBSAN warning in kv_dpm.c
jsg [Fri, 28 Jun 2024 03:35:06 +0000 (03:35 +0000)]
drm/radeon: fix UBSAN warning in kv_dpm.c

From Alex Deucher
9e57611182a817824a17b1c3dd300ee74a174b42 in linux-6.6.y/6.6.36
a498df5421fd737d11bfd152428ba6b1c8538321 in mainline linux

4 months agodrm/i915/mso: using joiner is not possible with eDP MSO
jsg [Fri, 28 Jun 2024 03:33:00 +0000 (03:33 +0000)]
drm/i915/mso: using joiner is not possible with eDP MSO

From Jani Nikula
e7bda1f8ba8436266f7e49778009bf9995d1c801 in linux-6.6.y/6.6.36
49cc17967be95d64606d5684416ee51eec35e84a in mainline linux

4 months agodelete obsolete comment
djm [Thu, 27 Jun 2024 23:01:15 +0000 (23:01 +0000)]
delete obsolete comment

4 months agoretire unused API
djm [Thu, 27 Jun 2024 22:36:44 +0000 (22:36 +0000)]
retire unused API

4 months agoClear interrupt before we process the request as specified in the
mglocker [Thu, 27 Jun 2024 21:35:34 +0000 (21:35 +0000)]
Clear interrupt before we process the request as specified in the
documentation.

4 months agossl(8) no longer contains a HISTORY section;
jmc [Thu, 27 Jun 2024 21:02:16 +0000 (21:02 +0000)]
ssl(8) no longer contains a HISTORY section;

4 months agospace before punctuation in macro;
jmc [Thu, 27 Jun 2024 20:15:50 +0000 (20:15 +0000)]
space before punctuation in macro;

4 months agoRemove outdated references to dhclient, it's finally going away.
florian [Thu, 27 Jun 2024 16:39:31 +0000 (16:39 +0000)]
Remove outdated references to dhclient, it's finally going away.

Input & OK jmc

4 months agodhclient hasn't prodded us in a long time to renew a lease.
florian [Thu, 27 Jun 2024 14:53:06 +0000 (14:53 +0000)]
dhclient hasn't prodded us in a long time to renew a lease.

OK deraadt

4 months agoImplement ts_set_limit() for rk3588. This makes thermal zones on rk3588
kettenis [Thu, 27 Jun 2024 09:40:15 +0000 (09:40 +0000)]
Implement ts_set_limit() for rk3588.  This makes thermal zones on rk3588
boards work.  This should make DVFS safe on those boards.  Note that the
device trees shipped with the current u-boot-rk3588 package do not
include the necessary support for DVFS and thermal zones yet.

ok dlg@

4 months agoImplement an optional callback function for thermal sensors to set a trip
kettenis [Thu, 27 Jun 2024 09:37:07 +0000 (09:37 +0000)]
Implement an optional callback function for thermal sensors to set a trip
limit to support thermal zones that don't do polling.  Thermal sensor
drivers should implement this callback if they can generate an interrupt
when the trop limit is reached and should call thermal_senser_update()
when that happens.

ok dlg@

4 months agomove child process waitpid() loop out of SIGCHLD handler;
djm [Wed, 26 Jun 2024 23:47:46 +0000 (23:47 +0000)]
move child process waitpid() loop out of SIGCHLD handler;
ok deraadt

4 months agoInstead of using possibly complex ssh_signal(), write all the parts
deraadt [Wed, 26 Jun 2024 23:16:52 +0000 (23:16 +0000)]
Instead of using possibly complex ssh_signal(), write all the parts
of the grace_alarm_handler() using the exact things allowed by the
signal-safe rules.  This is a good rule of thumb: Handlers should
be written to either set a global volatile sig_atomic_t inspected
from outside, and/or directly perform only safe operations listed
in our sigaction(2) manual page.
ok djm markus

4 months agosave_errno wrappers inside two small signal handlers that perform
deraadt [Wed, 26 Jun 2024 23:14:14 +0000 (23:14 +0000)]
save_errno wrappers inside two small signal handlers that perform
system calls, for systems with libc that do perform libc sigtramps.
ok djm markus

4 months agoRemove unnecessary structure declaration.
asou [Wed, 26 Jun 2024 21:41:30 +0000 (21:41 +0000)]
Remove unnecessary structure declaration.

ok jsg@

4 months agoPush socket re-lock to the vnode(9) release path within unp_detach().
mvs [Wed, 26 Jun 2024 12:23:36 +0000 (12:23 +0000)]
Push socket re-lock to the vnode(9) release path within unp_detach().
The only reason to re-lock dying `so' is the lock order with vnode(9)
lock, thus `unp_gc_lock' rwlock(9) could be taken after solock().

ok bluhm

4 months agoBump version
claudio [Wed, 26 Jun 2024 08:28:45 +0000 (08:28 +0000)]
Bump version

4 months agoremove psk_idx from tlsext_randomize_build_order()
tb [Wed, 26 Jun 2024 03:41:10 +0000 (03:41 +0000)]
remove psk_idx from tlsext_randomize_build_order()

ok jsing

4 months agotls_extension_find(): make output index optional
tb [Wed, 26 Jun 2024 03:39:49 +0000 (03:39 +0000)]
tls_extension_find(): make output index optional

suggested by jsing

4 months agoreturn type on a dedicated line when declaring functions
jsg [Wed, 26 Jun 2024 01:40:49 +0000 (01:40 +0000)]
return type on a dedicated line when declaring functions
ok mglocker@

4 months agoImplement RSA key exchange in constant time.
jsing [Tue, 25 Jun 2024 14:10:45 +0000 (14:10 +0000)]
Implement RSA key exchange in constant time.

RSA key exchange is known to have multiple security weaknesses,
including being potentially susceptible to padding oracle and timing
attacks.

The RSA key exchange code that we inherited from OpenSSL was riddled
with timing leaks, many of which we fixed (or minimised) early on.
However, a number of issues still remained, particularly those
related to libcrypto's RSA decryption and padding checks.

Rework the RSA key exchange code such that we decrypt with
RSA_NO_PADDING and then check the padding ourselves in constant
time. In this case, the pre-master secret is of a known length,
hence the padding is also a known length based on the size of the
RSA key. This makes it easy to implement a check that is much safer
than having RSA_private_decrypt() depad for us.

Regardless, we still strongly recommend disabling RSA key exchange
and using other key exchange methods that provide perfect forward
secrecy and do not depend on client generated keys.

Thanks to Marcel Maehren, Nurullah Erinola, Robert Merget, Juraj
Somorovsky, Joerg Schwenk and Hubert Kario for raising these issues
with us at various points in time.

ok tb@

4 months agoWhen filling prefixes with pt_writebuf() keep 2 bytes reserved in the
claudio [Tue, 25 Jun 2024 13:21:18 +0000 (13:21 +0000)]
When filling prefixes with pt_writebuf() keep 2 bytes reserved in the
withdraw case. Those bytes are needed for the attribute length field.
Without this withdraw messages can become overfull and are dropped
without notice.

Problem found and fix tested by denis@
OK denis@ tb@