schwarze [Wed, 13 Sep 2023 13:55:50 +0000 (13:55 +0000)]
document the EVP_PKEY_ASN1_METHOD flags
ASN1_PKEY_ALIAS, ASN1_PKEY_DYNAMIC, and ASN1_PKEY_SIGPARAM_NULL
mpi [Wed, 13 Sep 2023 13:47:58 +0000 (13:47 +0000)]
Properly evaluate variables when inserting them into a map.
Somehow missed in previous, regression reported by anton@.
schwarze [Wed, 13 Sep 2023 13:46:52 +0000 (13:46 +0000)]
minor markup fixes: add one missing .Dv and one missing .Vt macro
schwarze [Wed, 13 Sep 2023 13:32:01 +0000 (13:32 +0000)]
document the EVP_PKEY_CTRL_MD and EVP_PKEY_CTRL_GET_MD command constants
jsg [Wed, 13 Sep 2023 13:07:29 +0000 (13:07 +0000)]
drm/amd/display: Add smu write msg id fail retry process
From Fudong Wang
b23c96589ff7f25ad2232524f6c74e0067be2369 in linux-6.1.y/6.1.53
72105dcfa3d12b5af49311f857e3490baa225135 in mainline linux
jsg [Wed, 13 Sep 2023 13:04:19 +0000 (13:04 +0000)]
drm/amd/display: register edp_backlight_control() for DCN301
From Hamza Mahfooz
9a9b8596c3dce99a0bac3951ed257e87f30d0445 in linux-6.1.y/6.1.53
1611917f39bee1abfc01501238db8ac19649042d in mainline linux
jsg [Wed, 13 Sep 2023 13:01:54 +0000 (13:01 +0000)]
drm/radeon: Use RMW accessors for changing LNKCTL
From Ilpo Jarvinen
433330fb1296119d74cc5c8f1e05b5829ddc52f9 in linux-6.1.y/6.1.53
7189576e8a829130192b33c5b64e8a475369c776 in mainline linux
jsg [Wed, 13 Sep 2023 12:59:27 +0000 (12:59 +0000)]
drm/amdgpu: Use RMW accessors for changing LNKCTL
From Ilpo Jarvinen
a0f0daf60bc1d3d78afded5931a56a015f2a17e8 in linux-6.1.y/6.1.53
ce7d88110b9ed5f33fe79ea6d4ed049fb0e57bce in mainline linux
jsg [Wed, 13 Sep 2023 12:55:18 +0000 (12:55 +0000)]
drm/amd/pm: fix variable dereferenced issue in amdgpu_device_attr_create()
From Yang Wang
f27dff881f0b8f1a5bc64d48a19802dd520bc482 in linux-6.1.y/6.1.53
25e6373a5b8efc623443f2699d2b929bf3067d76 in mainline linux
jsg [Wed, 13 Sep 2023 12:53:38 +0000 (12:53 +0000)]
drm/amdgpu: Update min() to min_t() in 'amdgpu_info_ioctl'
From Srinivasan Shanmugam
8dcc23191a6d2181855422741d73a96d91526c87 in linux-6.1.y/6.1.53
a0cc8e1512ad72c9f97cdcb76d42715730adaf62 in mainline linux
jsg [Wed, 13 Sep 2023 12:51:49 +0000 (12:51 +0000)]
drm/amdgpu: avoid integer overflow warning in amdgpu_device_resize_fb_bar()
From Arnd Bergmann
fd28ce30b525bccba4504499de625085a6def1c6 in linux-6.1.y/6.1.53
822130b5e8834ab30ad410cf19a582e5014b9a85 in mainline linux
jsg [Wed, 13 Sep 2023 12:50:04 +0000 (12:50 +0000)]
drm/amd/display: ensure async flips are only accepted for fast updates
From Hamza Mahfooz
7ac1467f9472af5e7bee1ce923569677fc84fe5b in linux-6.1.y/6.1.53
a7c0cad0dc060bb77e9c9d235d68441b0fc69507 in mainline linux
jsg [Wed, 13 Sep 2023 12:48:02 +0000 (12:48 +0000)]
drm/amdgpu: Match against exact bootloader status
From Lijo Lazar
5251c835324bee81894fdad1a844d15a79e54883 in linux-6.1.y/6.1.53
d3de41ee5febe5c2d9989fe9810bce2bb54a3a8e in mainline linux
jsg [Wed, 13 Sep 2023 12:46:32 +0000 (12:46 +0000)]
drm/amd/display: Exit idle optimizations before attempt to access PHY
From Leo Chen
ae1cb9656ef4c7aa366d1201d366866bc0989df7 in linux-6.1.y/6.1.53
de612738e9771bd66aeb20044486c457c512f684 in mainline linux
jsg [Wed, 13 Sep 2023 12:44:35 +0000 (12:44 +0000)]
drm/amd/display: Guard DCN31 PHYD32CLK logic against chip family
From George Shen
faa77cf5f28f4bbfbbb00f7e0caa2c8561f7dfe0 in linux-6.1.y/6.1.53
25b054c3c89cb6a7106a7982f0f70e83d0797dab in mainline linux
jsg [Wed, 13 Sep 2023 12:42:17 +0000 (12:42 +0000)]
drm/amd/smu: use AverageGfxclkFrequency* to replace previous GFX Curr Clock
From Jane Jian
d7b1aa3e209841834965541988154c296196a808 in linux-6.1.y/6.1.53
4a37c55b859a69f429bfa7fab4fc43ee470b60ed in mainline linux
jsg [Wed, 13 Sep 2023 12:40:30 +0000 (12:40 +0000)]
Revert "Revert drm/amd/display: Enable Freesync Video Mode by default"
From Aurabindo Pillai
7f483ce4699ac4158879833d08a86b57697b05b3 in linux-6.1.y/6.1.53
11b92df8a2f7f4605ccc764ce6ae4a72760674df in mainline linux
jsg [Wed, 13 Sep 2023 12:38:25 +0000 (12:38 +0000)]
Partially revert "drm/amd/display: Fix possible underflow for displays with large vblank"
From Daniel Miess
9fc3adc6d0fe96e79e21990faebc252814ee18a4 in linux-6.1.y/6.1.53
a99a4ff6ef205d125002fc7e0857074e4e6597b6 in mainline linux
jsg [Wed, 13 Sep 2023 12:31:49 +0000 (12:31 +0000)]
add pcie_capability_set_word() pcie_capability_clear_and_set_word()
needed for 6.1.53 drm
jsg [Wed, 13 Sep 2023 02:22:44 +0000 (02:22 +0000)]
use the eMac PowerMac4,4 connector table on eMac PowerMac6,4
avoids black screen on boot
patch from Alex Deucher in
https://gitlab.freedesktop.org/drm/amd/-/issues/2844
reported and tested by Nuno Vasconcellos
schwarze [Tue, 12 Sep 2023 17:21:05 +0000 (17:21 +0000)]
minor mandoc -T lint fixes, no content change
schwarze [Tue, 12 Sep 2023 16:26:30 +0000 (16:26 +0000)]
fix typo
schwarze [Tue, 12 Sep 2023 16:15:23 +0000 (16:15 +0000)]
document the four EVP_PKEY_OP_TYPE_* mask constants
tb [Tue, 12 Sep 2023 15:38:32 +0000 (15:38 +0000)]
Revert accidentally committed debugging code
confirmed by florian
schwarze [Tue, 12 Sep 2023 15:29:03 +0000 (15:29 +0000)]
document sizes for
ED25519 and X25519,
including the constants ED25519_KEYLEN and X25519_KEYLEN
schwarze [Tue, 12 Sep 2023 13:58:06 +0000 (13:58 +0000)]
document the constant EVP_CHACHAPOLY_TLS_TAG_LEN
schwarze [Tue, 12 Sep 2023 13:29:38 +0000 (13:29 +0000)]
Document EVP_AEAD_DEFAULT_TAG_LENGTH and EVP_AEAD_MAX_TAG_LENGTH,
making some adjacent wordings slightly more precise.
schwarze [Tue, 12 Sep 2023 12:11:05 +0000 (12:11 +0000)]
fix the vague and misleading description of the EVP_MD_FLAG_* constants
job [Tue, 12 Sep 2023 09:33:30 +0000 (09:33 +0000)]
Ensure the X.509 Subject only contains commonName and optionally serialNumber
OK tb@
jsg [Tue, 12 Sep 2023 09:01:04 +0000 (09:01 +0000)]
is is -> is
jsg [Tue, 12 Sep 2023 08:54:04 +0000 (08:54 +0000)]
is is -> it is
jsg [Tue, 12 Sep 2023 08:33:37 +0000 (08:33 +0000)]
since since -> since
jmatthew [Tue, 12 Sep 2023 08:32:58 +0000 (08:32 +0000)]
Use IORT ITS nodes to find the right ITS instance to use when establishing
interrupts. This makes MSI/MSI-X work on platforms like the Ampere Altra
which have an ITS instance for each PCI domain.
also tested by cheloha@
ok kettenis@ patrick@
jmatthew [Tue, 12 Sep 2023 08:29:28 +0000 (08:29 +0000)]
Store ITS ID in struct interrupt_controller so it can be used to look up
the right ITS to use when establishing interrupts.
ok kettenis@ patrick@
jmatthew [Tue, 12 Sep 2023 08:22:07 +0000 (08:22 +0000)]
Add an "openbsd,gic-its-id" property to gic-its nodes containing the ITS ID.
ok kettenis@ patrick@
jeremy [Mon, 11 Sep 2023 20:02:38 +0000 (20:02 +0000)]
Update to reflect changes in ruby.port.mk
This now documents all variables in ruby.port.mk except the internal
ones prefixed with an underscore, and reflects the removal of support
for building JRuby ports. Documenting the purpose of each variable
will come in a future update.
mpi [Mon, 11 Sep 2023 19:03:53 +0000 (19:03 +0000)]
Regressions for tuples and evaluating variables.
mpi [Mon, 11 Sep 2023 19:01:26 +0000 (19:01 +0000)]
Implement tuples, needed to export per-CPU scheduling data.
It is now possible to save and print immutable arrays as below:
..$t = (1, 42, "something");
..printf("%d %s\n", $t.1, $t.2);
Also add support for evaluating builtin in order to save them in variables
(required by tuples)
mvs [Mon, 11 Sep 2023 12:10:47 +0000 (12:10 +0000)]
Remove unnecessary <sys/selinfo.h> includes.
ok jsg
tb [Mon, 11 Sep 2023 09:29:30 +0000 (09:29 +0000)]
Small cleanups in cms_sd_asn1_ctrl():
Compare explicitly against NULL and use ret instead of i.
tb [Mon, 11 Sep 2023 09:24:14 +0000 (09:24 +0000)]
Rewrite CMS_SignerInfo_{sign,verify}()
Convert to using one-shot signing and verification. This is simpler than
doing Init/Update/Final and necessary for
Ed25519 support (RFC 8419). Use
a single exit idiom, don't reuse the same buffer for decoding and signing
and simplify a few other things.
ok jsing
mvs [Mon, 11 Sep 2023 08:41:26 +0000 (08:41 +0000)]
Remove unnecessary <sys/selinfo.h> includes.
ok jsg
mvs [Mon, 11 Sep 2023 08:40:25 +0000 (08:40 +0000)]
Kill unused `aac_select'. Build test performed with uncommented aac(4)
in GENERIC.
ok jsg
yasuoka [Mon, 11 Sep 2023 07:33:07 +0000 (07:33 +0000)]
Check if the avp->length is not broken. Also make sure that
avp_enum() checks if avp->length is valid.
ok mvp
florian [Mon, 11 Sep 2023 06:00:23 +0000 (06:00 +0000)]
Improve handling of ENOBUFS by not running in a tight loop forever.
This cherry-picks upstream git commit
0ee44ef384593ed0382d1ce6048d5a9c9440b45c.
Issue reported by landry@, which could be traced back to a buggy WiFi
driver that would constantly return ENOBUFS. This in turn lead
unwind(8) enter a tight loop through poll / sendto without making any
progress and burning 100% cpu.
OK sthen
jsg [Mon, 11 Sep 2023 05:07:34 +0000 (05:07 +0000)]
Neomagic -> NeoMagic
jsg [Mon, 11 Sep 2023 04:56:31 +0000 (04:56 +0000)]
StarLan -> StarLAN
jsg [Mon, 11 Sep 2023 04:51:24 +0000 (04:51 +0000)]
remove unused rkdrm_ports tailq
ok kettenis@
jsg [Mon, 11 Sep 2023 04:21:30 +0000 (04:21 +0000)]
NVME -> NVMe
jsg [Mon, 11 Sep 2023 04:00:40 +0000 (04:00 +0000)]
spelling
job [Mon, 11 Sep 2023 00:50:47 +0000 (00:50 +0000)]
Back out superfluous initialization
requested by jsing@
djm [Sun, 10 Sep 2023 23:12:32 +0000 (23:12 +0000)]
rename remote_glob() -> sftp_glob() to match other API
tb [Sun, 10 Sep 2023 17:32:17 +0000 (17:32 +0000)]
Make EVP_PKEY_get1_$TYPE a wrapper of EVP_PKEY_get0_$TYPE
Avoids a bit of code duplication and reduces the probability of a fix being
applied to only one of get0 and get1 (which happend in p_lib.c r1.35).
ok jsing
tb [Sun, 10 Sep 2023 16:53:56 +0000 (16:53 +0000)]
EVP_CipherInit(): use EVP_CIPHER_CTX_cleanup()
Before EVP_CIPHER_CTX was opaque, callers could pass an uninitialized
ctx into EVP_CipherInit() and calling EVP_CIPHER_CTX_cleanup() on such
a ctx would end in tears.
The only way to initialize a ctx is by way of EVP_CIPHER_CTX_new(), on
which we can call EVP_CIPHER_CTX_cleanup() and avoid silly leaks on ctx
reuse. This also allows some simplifications in the documentation.
There are more changes of this kind that should be done all over libcrypto.
They will be tackled in subsequent commits.
"makes a lot of sense" schwarze
ok jsing
schwarze [Sun, 10 Sep 2023 16:04:15 +0000 (16:04 +0000)]
Mention EVP_PKEY_encrypt_old(3) and EVP_PKEY_decrypt_old(3) because
some software still calls them. Put them here because despite the
function and header names, they are really specific to RSA. Besides,
this avoids a distraction in the more important EVP_PKEY_encrypt(3)
and EVP_PKEY_decrypt(3) manual pages.
millert [Sun, 10 Sep 2023 14:59:00 +0000 (14:59 +0000)]
Update awk to Sep 6, 2023 version.
schwarze [Sun, 10 Sep 2023 14:39:58 +0000 (14:39 +0000)]
Briefly mention SSLeay_add_all_algorithms(3) because
surprisingly large numbers of software packages still call it.
Mark the unused aliases OPENSSL_add_all_algorithms_conf(3),
OPENSSL_add_all_algorithms_noconf(3), SSLeay_add_all_ciphers(3),
and SSLeay_add_all_digests(3) as intentionally undicumented.
schwarze [Sun, 10 Sep 2023 13:58:46 +0000 (13:58 +0000)]
Document the deprecated functions EVP_set_pw_prompt(3) and
EVP_get_pw_prompt(3) because some software out there still uses them.
While here, also improve the description of EVP_read_pw_string(3).
Delete documentation for des_read_pw(3) and des_read_pw_string(3).
They couldn't be used in LibreSSL since at least 2016 because they
were never in Symbols.list, and in 2022, jsing@ also removed them
from <openssl/ui_compat.h>.
Delete the misleading AUTHORS section. Richard Levitte did not
write the original implementation of these functions, and the
compatibility wrapper around the UI_process(3) API that he did
write is not notable enough to be mentioned so prominently.
schwarze [Sun, 10 Sep 2023 11:20:52 +0000 (11:20 +0000)]
Mark EVP_ENCODE_LENGTH() and EVP_DECODE_LENGTH() as intentionally
undocumented because they do not describe properties of the Base64
encoding but add arbitrary constant lengths, hence being implementation
details of BIO_f_base64(3). Besides, they are practically unused
outside evp/bio_b64.c.
jsg [Sun, 10 Sep 2023 09:32:31 +0000 (09:32 +0000)]
load amd patch into a malloc'd region to make it page aligned
avoids a General-Protection Exception on patch loader wrmsr with
A10-5700, TN-A1
00610f01 15-10-01
the alignment requirement is not present on at least
Ryzen 5 2600X, PiR-B2
00800f82 17-08-02
problem reported and fix tested by espie@
jsg [Sun, 10 Sep 2023 06:25:09 +0000 (06:25 +0000)]
don't error on WSDISPLAYIO_SVIDEO/WSDISPLAYIO_GVIDEO in drm drivers
it is handled by wsdisplay(4)
ok dlg@
jsg [Sun, 10 Sep 2023 05:22:46 +0000 (05:22 +0000)]
fix Xr punctuation
jsg [Sun, 10 Sep 2023 04:05:26 +0000 (04:05 +0000)]
spelling
djm [Sun, 10 Sep 2023 03:51:55 +0000 (03:51 +0000)]
typo in comment
djm [Sun, 10 Sep 2023 03:25:53 +0000 (03:25 +0000)]
randomise keystroke obfuscation intervals and average interval rate.
ok dtucker@
cheloha [Sun, 10 Sep 2023 03:08:05 +0000 (03:08 +0000)]
clockintr: support an arbitrary callback function argument
Callers can now provide an argument pointer to clockintr_establish().
The pointer is kept in a new struct clockintr member, cl_arg. The
pointer is passed as the third parameter to clockintr.cl_func when it
is executed during clockintr_dispatch(). Like the callback function,
the callback argument is immutable after the clockintr is established.
At present, nothing uses this. All current clockintr_establish()
callers pass a NULL arg pointer. However, I am confident that dt(4)'s
profile provider will need this in the near future.
Requested by dlg@ back in March.
cheloha [Sun, 10 Sep 2023 01:41:16 +0000 (01:41 +0000)]
clockintr_dispatch: add intermediate pointer for clockintr_queue.cq_shadow
Adding an intermediate pointer lets me shortens "cq->cq_shadow" to
just "shadow". I think it makes the dispatch loop logic a little
easier to read.
While here, add a clarifying comment.
millert [Sat, 9 Sep 2023 18:59:43 +0000 (18:59 +0000)]
Update awk to Dec 15, 2022 version.
Force hex escapes in strings to be no more than two characters, as
they already are in regular expressions. This brings internal
consistency, as well as consistency with gawk.
tb [Sat, 9 Sep 2023 18:34:53 +0000 (18:34 +0000)]
sync
cheloha [Sat, 9 Sep 2023 18:19:03 +0000 (18:19 +0000)]
kernel: remove schedhz
Now that alpha no longer sets schedhz, schedhz is a dead variable.
Remove it.
For now, leave the schedclock() call in place in statclock(). It
still runs at its default rate of (stathz / 4).
Part of mpi@'s WIP scheduler patch. Suggested by mpi@.
Thread: https://marc.info/?l=openbsd-tech&m=
169419781317781&w=2
ok mpi@
cheloha [Sat, 9 Sep 2023 17:07:59 +0000 (17:07 +0000)]
clockintr_advance: tweak logic to eliminate early-return
With the switch to clockintr_schedule_locked(), clockintr_advance() is
now much shorter and the early-return from the non-mutex path doesn't
make the function any easier to read. Move the mutex path into the else
branch and always return 'count' at the end of the function.
cheloha [Sat, 9 Sep 2023 16:59:01 +0000 (16:59 +0000)]
clockintr_schedule: tweak logic to eliminate early return
With the introduction of clockintr_schedule_locked(), clockintr_schedule()
is short enough that the early-return from the non-mutex path doesn't make
the function easier to read. Move the mutex path into the else branch.
cheloha [Sat, 9 Sep 2023 16:34:39 +0000 (16:34 +0000)]
clockintr_advance: delete duplicate code, call clockintr_schedule_locked()
Replace a bunch of code in clockintr_advance() with just one call to
clockintr_schedule_locked() -- everyone's favorite hot new subroutine.
cheloha [Sat, 9 Sep 2023 16:20:48 +0000 (16:20 +0000)]
clockintr_schedule: refactor reusable code into clockintr_schedule_locked()
Move the code common to clockintr_advance() and clockintr_schedule()
from clockintr_schedule() into a new function, clockintr_schedule_locked().
In a subsequent commit we will replace that code in clockintr_advance()
with a call to clockintr_schedule_locked().
claudio [Sat, 9 Sep 2023 14:50:09 +0000 (14:50 +0000)]
Fix SCHED_LOCK() leak in single_thread_set()
In the (q->p_flag & P_WEXIT) branch is a continue that did not release
the SCHED_LOCK. Refactor the code a bit to simplify the places SCHED_LOCK
is grabbed and released.
Reported-by: syzbot+ea26d351acfad3bb3f15@syzkaller.appspotmail.com
OK kettenis@
schwarze [Sat, 9 Sep 2023 14:39:09 +0000 (14:39 +0000)]
new manual page EVP_PKEY_CTX_get_operation(3),
also documenting EVP_PKEY_CTX_get0_pkey(3)
schwarze [Sat, 9 Sep 2023 14:35:23 +0000 (14:35 +0000)]
document EVP_PKEY_CTX_get_data(3) and EVP_PKEY_CTX_set_data(3)
schwarze [Sat, 9 Sep 2023 14:31:38 +0000 (14:31 +0000)]
Document EVP_PKEY_CTX_set0_keygen_info(3).
While here, also add the missing RETURN VALUES entries
for EVP_PKEY_gen_cb(3), EVP_PKEY_CTX_get_cb(3),
and EVP_PKEY_CTX_get_keygen_info(3).
schwarze [Sat, 9 Sep 2023 14:26:35 +0000 (14:26 +0000)]
Document EVP_PKEY_CTX_get0_peerkey(3).
While here, also make the descriptions of the other functions more precise.
kevlo [Sat, 9 Sep 2023 14:24:06 +0000 (14:24 +0000)]
Regen
kevlo [Sat, 9 Sep 2023 14:23:37 +0000 (14:23 +0000)]
Correct TP-LINK bluetooth ID.
Reported on bugs@ by Douglas Silva <dougsilva.0@outlook.com>.
ok jsg@
bentley [Sat, 9 Sep 2023 14:15:42 +0000 (14:15 +0000)]
an PT_OPENBSD_* -> a PT_OPENBSD_*
ok jmc@
espie [Sat, 9 Sep 2023 10:56:22 +0000 (10:56 +0000)]
gc WRKDIR_LINK_NAME
espie [Sat, 9 Sep 2023 10:06:59 +0000 (10:06 +0000)]
remove PATCH_DEBUG documentation, since it has been always on since 2016
tb [Sat, 9 Sep 2023 09:12:01 +0000 (09:12 +0000)]
sync
asou [Sat, 9 Sep 2023 06:52:40 +0000 (06:52 +0000)]
Print waring message when not allocated memory in putleakinfo().
ok otto.
cheloha [Sat, 9 Sep 2023 03:03:45 +0000 (03:03 +0000)]
clockintr_dispatch: copy cl_func to cq_shadow.cl_func before calling it
When we add support for disestablishing clockintrs in the near future,
the current call to cl->cl_func will be in a race with free(9) on
another CPU. Copying cl_func to cq_shadow.cl_func before leaving the
mutex and then calling the copy eliminates the race.
Correcting the race has a negligible performance impact and simplifies
the forthcoming clockintr_disestablish() patch.
Requested by dlg@ back in March.
bentley [Sat, 9 Sep 2023 00:10:20 +0000 (00:10 +0000)]
Mark up paths with Pa.
cheloha [Fri, 8 Sep 2023 22:23:30 +0000 (22:23 +0000)]
clockintr: rename "clockintr_schedule_locked" to "clockqueue_pend_insert"
The function clockintr_schedule_locked() is poorly named. "Schedule" is
a broad word that connotes too much and "clockintr" implies that we are
mainly operating on the clockintr itself, which is untrue.
clockqueue_pend_insert() is a better name: it is clearer that we are
inserting an element into cq_pend.
cheloha [Fri, 8 Sep 2023 22:14:57 +0000 (22:14 +0000)]
clockintr: rename "clockintr_cancel_locked" to "clockqueue_pend_delete"
The function clockintr_cancel_locked() is poorly named. "Cancel" is a
broad word that connotes too much. "clockintr" implies that we are
mainly operating on the clockintr itself, which is untrue: cq_pend,
the particular data structure, is important.
clockqueue_pend_delete() is a much better name: it specifies the data
structure we're operating on ("cq_pend") and the fundamental operation
at work ("delete").
lraab [Fri, 8 Sep 2023 21:57:09 +0000 (21:57 +0000)]
man5/bsd.port.mk: document USE_NOBTCFI
feedback from and ok bentley@ and tb@ thanks!
bluhm [Fri, 8 Sep 2023 21:16:55 +0000 (21:16 +0000)]
Print a message when test has finished successfully.
bluhm [Fri, 8 Sep 2023 21:15:02 +0000 (21:15 +0000)]
Test pf and stack with double atomic IPv6 fragments.
That means the IPv6 header chain contains two fragment header that
spawn the whole packet. Such packets are illegal and pf drops them.
Otherwise they could bypass pf rules as described in CVE-2023-4809.
OpenBSD is not affected as pf_walk_header6() drops them with "IPv6
multiple fragment" log message. This check exists since 2013 when
special support for atomic fragments was added to pf.
If pf is disabled, the IPv6 stack accepts such packets. I do not
consider this a security issue.
kn [Fri, 8 Sep 2023 20:47:22 +0000 (20:47 +0000)]
Clean up old console bootargs
7.3 is long gone, you must have new bootloaders and new kernels.
Zaps both condition and else block, unindent and merge lines where fit.
Feedback OK kettenis
Tests OK denis
mvs [Fri, 8 Sep 2023 20:00:27 +0000 (20:00 +0000)]
Remove the remnants of the leftover selinfo from vnode(9) layer. Just
mechanical 'selinfo' to 'klist' replacement in 'vnode' structure because
knote(9) API is already used.
<sys/selinfo.h> headers added where is was required.
ok bluhm
naddy [Fri, 8 Sep 2023 13:40:52 +0000 (13:40 +0000)]
revert previous
The change broke IPv6 neighbor discovery, and anton@ reports several
regression test failures.
ok bluhm@
schwarze [Fri, 8 Sep 2023 11:37:58 +0000 (11:37 +0000)]
Mark EVP_PKEY_save_parameters() as intentionally undocumented
because nothing uses it according to codesearch.debian.net
and it only affects X509_PUBKEY_set(3) for DSA and GOST2001 keys,
resulting in incomplete output without the public key parameters.
claudio [Fri, 8 Sep 2023 09:06:31 +0000 (09:06 +0000)]
Change how ps_threads and p_thr_link are locked away from using SCHED_LOCK.
The per process thread list can be traversed (read) by holding either
the KERNEL_LOCK or the per process ps_mtx (instead of SCHED_LOCK).
Abusing the SCHED_LOCK for this makes it impossible to split up the
scheduler lock into something more fine grained.
Tested by phessler@, ok mpi@
nicm [Fri, 8 Sep 2023 07:05:06 +0000 (07:05 +0000)]
On second thoughts, do check DA2 for DECFRA and DECSLRM since that will
catch terminals that say they are VT520 even if we can't use DA1
(because of VTE).
nicm [Fri, 8 Sep 2023 06:52:31 +0000 (06:52 +0000)]
Use DECSLRM and DECFRA only at level 4 rather than checking the terminal
id.