openbsd
3 years agoregen
mvs [Tue, 11 May 2021 11:19:39 +0000 (11:19 +0000)]
regen

3 years agoUnlock connect(2).
mvs [Tue, 11 May 2021 11:19:10 +0000 (11:19 +0000)]
Unlock connect(2).

ok mpi@

3 years agoregen
mvs [Tue, 11 May 2021 11:18:15 +0000 (11:18 +0000)]
regen

3 years agoUnlock bind(2).
mvs [Tue, 11 May 2021 11:17:32 +0000 (11:17 +0000)]
Unlock bind(2).

ok mpi@

3 years agoSince ld.lld doesn't properly support R_RISCV_RELAX relocations, switch the
kettenis [Tue, 11 May 2021 09:36:41 +0000 (09:36 +0000)]
Since ld.lld doesn't properly support R_RISCV_RELAX relocations, switch the
default to -no-relax.

ok drahn@

3 years agoDuring a "key unset for sw crypto" panic, display more meta-data
stsp [Tue, 11 May 2021 08:46:31 +0000 (08:46 +0000)]
During a "key unset for sw crypto" panic, display more meta-data
about the offending key. This will hopefully help with debugging.

3 years agoIn hostap mode don't send data frames to nodes which aren't in state ASSOC.
stsp [Tue, 11 May 2021 08:39:32 +0000 (08:39 +0000)]
In hostap mode don't send data frames to nodes which aren't in state ASSOC.

Sending data frames to nodes in other states is wrong since the node's
data structure might not be set up properly in such states.
This could explain occasional "key unset for sw crypto" panics observed
with athn(4) hostap interfaces.

Problem reported and fix tested by Mikolaj Kucharski.

3 years agoUse non-blocking connect() to setup the RTR socket. connect() can hang for
claudio [Tue, 11 May 2021 07:57:24 +0000 (07:57 +0000)]
Use non-blocking connect() to setup the RTR socket. connect() can hang for
a long time if the IP is not reachable and would block the main process
while doing so.
Problem noticed by Pier Carlo Chiodi
OK benno@

3 years agozap stray comma
tb [Tue, 11 May 2021 04:22:32 +0000 (04:22 +0000)]
zap stray comma

3 years agoReplace unnecessary calls to EC_GROUP_get_curve_GF{p,2m}() with
tb [Mon, 10 May 2021 20:58:32 +0000 (20:58 +0000)]
Replace unnecessary calls to EC_GROUP_get_curve_GF{p,2m}() with
EC_GROUP_get_curve() and remove no longer needed prototypes.

3 years agoIt's no longer necessary to link ecdhtest statically.
tb [Mon, 10 May 2021 20:41:44 +0000 (20:41 +0000)]
It's no longer necessary to link ecdhtest statically.

3 years agoMerge documentation for EC_GROUP_{set,get}_curve(3) from OpenSSL 1.1.1.
tb [Mon, 10 May 2021 20:20:49 +0000 (20:20 +0000)]
Merge documentation for EC_GROUP_{set,get}_curve(3) from OpenSSL 1.1.1.

3 years agoMerge documentation for EC_POINT_{get,set}_coordinates and
tb [Mon, 10 May 2021 20:00:58 +0000 (20:00 +0000)]
Merge documentation for EC_POINT_{get,set}_coordinates and
for EC_POINT_set_compressed_coordinates from OpenSSL 1.1.1.

3 years agoRevert previous, it introduced a regression with breakpoints in gdb.
mpi [Mon, 10 May 2021 18:01:24 +0000 (18:01 +0000)]
Revert previous, it introduced a regression with breakpoints in gdb.

3 years agolibexpat major bump to 13.0
bluhm [Mon, 10 May 2021 17:46:56 +0000 (17:46 +0000)]
libexpat major bump to 13.0

3 years agoUpdate libexpat to 2.3.0. Relevant for OpenBSD are only bug fix
bluhm [Mon, 10 May 2021 17:36:48 +0000 (17:36 +0000)]
Update libexpat to 2.3.0.  Relevant for OpenBSD are only bug fix
#438 and other change #443.  A new error constant has been added
to a public header file.  According to guenther@ this is an ABI
break that requires a major bump.
OK tb@; tested by matthieu@

3 years agoAdd ld.script for macppc kernel, ofwboot
gkoehler [Mon, 10 May 2021 17:29:41 +0000 (17:29 +0000)]
Add ld.script for macppc kernel, ofwboot

These are copies of powerpc64/conf/ld.script with some changes for
macppc.  They work with both ld.bfd and ld.lld.

The ld.script fixes ld.lld.  Without ld.script, lld would set the
symbol "etext" to a wrong value like 0x10000034, then ofwboot would
freeze and fail to boot the kernel.  With ld.script, we PROVIDE a
correct etext.

ok kettenis@

3 years agoReplace some magic numbers with #define's. Rename GPT_get_gpt() to
krw [Mon, 10 May 2021 17:16:01 +0000 (17:16 +0000)]
Replace some magic numbers with #define's. Rename GPT_get_gpt() to
GPT_read() to match MBR_read().

No intentional functional change.

3 years agosync
tb [Mon, 10 May 2021 17:15:11 +0000 (17:15 +0000)]
sync

3 years agogive libtls the same bump as libssl
tb [Mon, 10 May 2021 17:13:51 +0000 (17:13 +0000)]
give libtls the same bump as libssl

3 years agobump libssl major after struct visibility changes and symbol addition
tb [Mon, 10 May 2021 17:13:08 +0000 (17:13 +0000)]
bump libssl major after struct visibility changes and symbol addition

3 years agobump libcrypto minor after symbol addition
tb [Mon, 10 May 2021 17:12:05 +0000 (17:12 +0000)]
bump libcrypto minor after symbol addition

3 years agoMake SSL_CIPHER, SSL_CTX, SSL_SESSION, {DTLS1,SSL3}_STATE
tb [Mon, 10 May 2021 17:10:57 +0000 (17:10 +0000)]
Make SSL_CIPHER, SSL_CTX, SSL_SESSION, {DTLS1,SSL3}_STATE
and a few other structs in libssl opaque.

from/ok jsing

3 years agoProvide SSL_SESSION_get0_cipher(3)
tb [Mon, 10 May 2021 17:07:23 +0000 (17:07 +0000)]
Provide SSL_SESSION_get0_cipher(3)

ok jsing

3 years agoProvide SSL_CTX_get_ssl_method(3)
tb [Mon, 10 May 2021 17:05:26 +0000 (17:05 +0000)]
Provide SSL_CTX_get_ssl_method(3)

ok jsing

3 years agoProvide SSL_CIPHER_find(3)
tb [Mon, 10 May 2021 17:03:57 +0000 (17:03 +0000)]
Provide SSL_CIPHER_find(3)

ok jsing

3 years agoExpose EVP_Digest{Sign,Verify}(3)
tb [Mon, 10 May 2021 17:00:32 +0000 (17:00 +0000)]
Expose EVP_Digest{Sign,Verify}(3)

ok jsing

3 years agoExpose EC_POINT_{get,set}_affine_coordinates(3) and
tb [Mon, 10 May 2021 16:58:18 +0000 (16:58 +0000)]
Expose EC_POINT_{get,set}_affine_coordinates(3) and
EC_POINT_set_compressed_coordinates(3)

ok jsing

3 years agoExpose EC_GROUP_{get,set}_curve(3)
tb [Mon, 10 May 2021 16:55:19 +0000 (16:55 +0000)]
Expose EC_GROUP_{get,set}_curve(3)

ok jsing

3 years agoTo add keep-alive support the read handler got changed a lot. Now when
claudio [Mon, 10 May 2021 15:12:33 +0000 (15:12 +0000)]
To add keep-alive support the read handler got changed a lot. Now when
tls_read hits the EOF (s == 0) case it is always a cause to close the
connection. All possible data was already consumed and if something is
still in the buffer then it remained in there for a reason.
Issue noticed and OK deraadt@

3 years agoremove serial number (used during development to observe file rewrites)
deraadt [Mon, 10 May 2021 15:06:34 +0000 (15:06 +0000)]
remove serial number (used during development to observe file rewrites)

3 years agosigfillsiz is int, not long; ok kettenis
deraadt [Mon, 10 May 2021 14:54:14 +0000 (14:54 +0000)]
sigfillsiz is int, not long; ok kettenis

3 years agoExtend eval_all test a little bit.
claudio [Mon, 10 May 2021 10:29:04 +0000 (10:29 +0000)]
Extend eval_all test a little bit.

3 years agoBetter way to detect the double new lines the API issues from time to time.
claudio [Mon, 10 May 2021 10:26:23 +0000 (10:26 +0000)]
Better way to detect the double new lines the API issues from time to time.
This way done lines now will have a newline.

3 years agoLet iwm(4) flush Tx queues before removing the firmware station and
stsp [Mon, 10 May 2021 08:28:00 +0000 (08:28 +0000)]
Let iwm(4) flush Tx queues before removing the firmware station and
before stopping a Tx block ack session. This aligns us more closely
with how the Linux iwlwifi driver is doing things.

Also, reset the device if an errors occurs in the block ack session task.
Fixes auto-recovery after such errors.

Prompted by firmware error reports from kettenis@ and Matthias Schmidt.
Doesn't fix the reported issues completely. I will keep investigating.

Tested:
7265: stsp
8265: Matthias Schmidt
9260: phessler, kettenis

3 years agoRefactor softraid crypto code to allow use of a discipline-specific data
stsp [Mon, 10 May 2021 08:17:07 +0000 (08:17 +0000)]
Refactor softraid crypto code to allow use of a discipline-specific data
structure for RAID1C volumes, as requested by jsing@ during review of my
initial RAID1C patch.

This should effectively be a cosmetic change. The point of this exercise
is to allow the data structure changes made here in softraidvar.h.

Tested on CRYPTO and RAID1C by Josh Grosse, Matthias Schmidt, and myself.
ok jsing@

3 years agoreduce exception.S diff to FreeBSD
jsg [Mon, 10 May 2021 05:58:19 +0000 (05:58 +0000)]
reduce exception.S diff to FreeBSD

ok mlarkin@

3 years agoPull the logic to get the "lock" for TLB shooting into
guenther [Mon, 10 May 2021 00:52:15 +0000 (00:52 +0000)]
Pull the logic to get the "lock" for TLB shooting into
pmap_start_tlb_shoot(), to get the #ifdef goo out of
pmap_tlb_shoot{page,range,tlb}()

Use a normal do{}while(0) when nooping pmap_tlb_shootwait()

tweak and ok kettenis@

3 years agofpu_valid_opcode() did not correctly handle 16 bit fp instructions
jsg [Sun, 9 May 2021 23:22:25 +0000 (23:22 +0000)]
fpu_valid_opcode() did not correctly handle 16 bit fp instructions
such as an stval of 0xaa22.  The RISC-V Instruction Set Manual states
that setting stval to a non-zero value with the instruction on illegal
instruction exception is an optional feature so instead of changing
fpu_valid_opcode() remove it entirely.

ok deraadt@ kettenis@ drahn@

3 years agoChange offsets to (N * 8) to reduce chance of register clobber and mistakes.
drahn [Sun, 9 May 2021 21:26:06 +0000 (21:26 +0000)]
Change offsets to (N * 8) to reduce chance of register clobber and mistakes.
Simplify integer loading, use 'li <dest>, <value>' instead of x0/zero register
Adjust _JB_SIGMASK to not collide with saved registers.

3 years agoAdd draft-ietf-sidrops-rpki-rsc OID
job [Sun, 9 May 2021 19:50:14 +0000 (19:50 +0000)]
Add draft-ietf-sidrops-rpki-rsc OID

Listed under 'SMI Security for S/MIME CMS Content Type
(1.2.840.113549.1.9.16.1)'
https://www.iana.org/assignments/smi-numbers/smi-numbers.xhtml#security-smime-1

OK tb@

3 years agoSome x86 machines advertise the "hardware reduced" ACPI feature, advertise
kettenis [Sun, 9 May 2021 15:51:35 +0000 (15:51 +0000)]
Some x86 machines advertise the "hardware reduced" ACPI feature, advertise
S4 and S5 support, but fail to populate the SLEEP_CONTROL_REG and
SLEEP_STATUS_REG descriptions in the FADT.  An example of such a machine
is the ASUS Zenbook 14 UM433DA.  Any attempt to powerdown the machine
will result in a kernel crash.  It turns out that using the legacy ACPI PM
registers works fine on this machien.  So fall back on those registers
if SLEEP_CONTROL_REG and/or SLEEP_STATUS_REG aren't provided.

ok deraadt@, mpi@

3 years agoAdd subtest for EPRT command in ftpd regression test
jan [Sun, 9 May 2021 14:26:45 +0000 (14:26 +0000)]
Add subtest for EPRT command in ftpd regression test

3 years agoPrepare to provide EVP_Digest{Sign,Verify}
tb [Sun, 9 May 2021 14:25:40 +0000 (14:25 +0000)]
Prepare to provide EVP_Digest{Sign,Verify}

These are one-shot versions combining EVP_Digest{Sign,Verify}{Update,Final}.
and are part of the OpenSSL 1.1.1 API. While they simplify callers in some
situations slightly, their real use is for EdDSA that by design can't be
split into Update/Final steps.

Based on OpenSSL commit 7539418981c140648a620d72edd7398564878b5c

ok inoguchi

3 years agoAdd subtest for SIZE command in ftpd regression tests
jan [Sun, 9 May 2021 14:05:42 +0000 (14:05 +0000)]
Add subtest for SIZE command in ftpd regression tests

3 years agoAdd subtest for RNFR and RNTO in ftpd regression tests
jan [Sun, 9 May 2021 13:16:33 +0000 (13:16 +0000)]
Add subtest for RNFR and RNTO in ftpd regression tests

3 years agoGarbage collect sz in mft_parse_filehash() which has been unused
tb [Sun, 9 May 2021 11:25:32 +0000 (11:25 +0000)]
Garbage collect sz in mft_parse_filehash() which has been unused
since mft.c r1.20.

3 years agotwo whitespace tweaks
tb [Sun, 9 May 2021 11:19:30 +0000 (11:19 +0000)]
two whitespace tweaks

3 years agoRemove unnecessary NULL check that breaks the build with OpenSSL 1.1.
tb [Sun, 9 May 2021 11:18:57 +0000 (11:18 +0000)]
Remove unnecessary NULL check that breaks the build with OpenSSL 1.1.

ok job

3 years agoreturn type on a different line and use (void) instead of ()
jsg [Sun, 9 May 2021 06:40:59 +0000 (06:40 +0000)]
return type on a different line and use (void) instead of ()

3 years agofix indentation
jsg [Sun, 9 May 2021 06:34:21 +0000 (06:34 +0000)]
fix indentation

3 years agoadapt ruslan@freebsd's disasm to our world, and replace the incomplete decoder.
deraadt [Sat, 8 May 2021 18:10:03 +0000 (18:10 +0000)]
adapt ruslan@freebsd's disasm to our world, and replace the incomplete decoder.
ok jsg kettenis

3 years agosimilar to ruslan@freebsd's work, use https://github.com/riscv/riscv-opcodes
deraadt [Sat, 8 May 2021 18:08:41 +0000 (18:08 +0000)]
similar to ruslan@freebsd's work, use https://github.com/riscv/riscv-opcodes
to generate instruction decoder tables

$ cat opcodes opcodes-rvc-pseudo opcodes-rvc opcodes-custom |
    ./parse-opcodes -c

with jsg

3 years agoRecognize GPT partitions of type 21686148-6449-6e6f-744e-656564454649 (a.k.a.
krw [Sat, 8 May 2021 17:44:22 +0000 (17:44 +0000)]
Recognize GPT partitions of type 21686148-6449-6e6f-744e-656564454649 (a.k.a.
"IdontNeedEFI", a.k.a. "BIOS boot"). Often used to contain the second stage boot
loader binary on disk images.

Makes it easier to recognize/overwrite/remove the contents.

Example image provided by mlarkin@

3 years agoSpoof GPT partitions of type 21686148-6449-6e6f-744e-656564454649 (a.k.a.
krw [Sat, 8 May 2021 16:41:24 +0000 (16:41 +0000)]
Spoof GPT partitions of type 21686148-6449-6e6f-744e-656564454649 (a.k.a.
"IdontNeedEFI", a.k.a. "BIOS boot") as FS_BOOT. Often used to contain the second
stage boot loader binary on disk images.

Makes it easier to recognize/overwrite/remove the contents.

Not yet supported in fdisk(8).

Example image provided by mlarkin@

3 years agoPerhaps the syntax '((' and '()' will be valid one day, but not at the
lum [Sat, 8 May 2021 12:57:41 +0000 (12:57 +0000)]
Perhaps the syntax '((' and '()' will be valid one day, but not at the
moment.  This diff works the two checks for them into the main for
parsing loop.

3 years agoRevert previous commit.
martijn [Sat, 8 May 2021 09:38:29 +0000 (09:38 +0000)]
Revert previous commit.
Someone this introduces some problems that I didn't ran into during testing

3 years agostop parsing if a digit is found as first character of an expression.
lum [Sat, 8 May 2021 09:27:35 +0000 (09:27 +0000)]
stop parsing if a digit is found as first character of an expression.

3 years agoIn the C locale make codepoints > 0x7f return EILSEQ, since these aren't
martijn [Sat, 8 May 2021 07:26:19 +0000 (07:26 +0000)]
In the C locale make codepoints > 0x7f return EILSEQ, since these aren't
part of that locale.
This matches what at least FreeBSD and glibc do.

OK millert@

3 years agoFix a race in the kqueue-read test. If the writer thread managed to fill
anton [Sat, 8 May 2021 06:53:19 +0000 (06:53 +0000)]
Fix a race in the kqueue-read test. If the writer thread managed to fill
up the pipe buffer, it will hang in write(2) waiting for the pipe to
become writeable again. While doing so, it cannot observe that the
kqueue thread as already finished implying that ctx_thread_alive() would
return false, meaning no further writes are wanted.

Therefore open the pipe in non blocking mode and just ignore EAGAIN
errors while writing.

3 years agokernel setjmp saves 14 registers, not 13. ddb continue now works.
deraadt [Sat, 8 May 2021 05:31:07 +0000 (05:31 +0000)]
kernel setjmp saves 14 registers, not 13.  ddb continue now works.
ok jsg

3 years agoReplace random mix of u_int* and uint* types with consistent uint* types.
krw [Fri, 7 May 2021 22:15:13 +0000 (22:15 +0000)]
Replace random mix of u_int* and uint* types with consistent uint* types.

3 years agoPrint Synopsys version number, use OF_getpropbool(9) where appropriate
kettenis [Fri, 7 May 2021 19:03:01 +0000 (19:03 +0000)]
Print Synopsys version number, use OF_getpropbool(9) where appropriate
and handle a few more device properties seen on the beaglev board.

ok jsg@

3 years agoDynamic socket buffers make tests unreliable, set fixed buffer size.
bluhm [Fri, 7 May 2021 19:00:34 +0000 (19:00 +0000)]
Dynamic socket buffers make tests unreliable, set fixed buffer size.

3 years agoFix the \x escape sequence to be limited to max 2 characters, instead of
martijn [Fri, 7 May 2021 14:31:27 +0000 (14:31 +0000)]
Fix the \x escape sequence to be limited to max 2 characters, instead of
consuming as long as there are isxdigit(3) characters available.

While here document it and mark it as an extension.

OK millert@

3 years agoIncrease ConnectionAttempts from 4 to 10 as the tests occasionally time
dtucker [Fri, 7 May 2021 09:23:40 +0000 (09:23 +0000)]
Increase ConnectionAttempts from 4 to 10 as the tests occasionally time
out on heavily loaded hosts.

3 years agoRealTek -> Realtek
jsg [Fri, 7 May 2021 09:13:19 +0000 (09:13 +0000)]
RealTek -> Realtek

ok jmc@ kevlo@

3 years agoGive an error if quoted string is found as first non-white char after
lum [Fri, 7 May 2021 08:29:30 +0000 (08:29 +0000)]
Give an error if quoted string is found as first non-white char after
'('.

3 years agoTake a note of expression length when it is extracted from line
lum [Fri, 7 May 2021 07:42:20 +0000 (07:42 +0000)]
Take a note of expression length when it is extracted from line
submitted to excline().

3 years agoinclude pid in LogVerbose spam
djm [Fri, 7 May 2021 04:11:51 +0000 (04:11 +0000)]
include pid in LogVerbose spam

3 years agodon't sigdie() in signal handler in privsep child process;
djm [Fri, 7 May 2021 03:09:38 +0000 (03:09 +0000)]
don't sigdie() in signal handler in privsep child process;
this can end up causing sandbox violations per bz3286; ok dtucker@

3 years agocorrect mistake in spec - the private key blobs are encoded verbatim
djm [Fri, 7 May 2021 02:29:40 +0000 (02:29 +0000)]
correct mistake in spec - the private key blobs are encoded verbatim
and not as strings (i.e. no 4-byte length header)

3 years agodump out a usable private key string too; inspired by Tyson Whitehead
djm [Fri, 7 May 2021 02:26:55 +0000 (02:26 +0000)]
dump out a usable private key string too; inspired by Tyson Whitehead

3 years agofix bounds tests gpio pin numbering starts at 0
jsg [Fri, 7 May 2021 01:54:17 +0000 (01:54 +0000)]
fix bounds tests gpio pin numbering starts at 0

ok kettenis@

3 years agoadd support for RTL8168FP/RTL8111FP/RTL8117 to re(4)
jsg [Fri, 7 May 2021 00:37:36 +0000 (00:37 +0000)]
add support for RTL8168FP/RTL8111FP/RTL8117 to re(4)

from Stephen Taylor who tested on a ThinkCenter M75n Nano IoT
with RTL8111FP-CG

3 years agoGPT_get_hdr() is actually spelled GPT_get_header().
krw [Thu, 6 May 2021 22:26:14 +0000 (22:26 +0000)]
GPT_get_hdr() is actually spelled GPT_get_header().

3 years agoFix bogus return statement.
kettenis [Thu, 6 May 2021 20:35:21 +0000 (20:35 +0000)]
Fix bogus return statement.

From miod@

3 years agoAdd OF_getpropbool(9).
kettenis [Thu, 6 May 2021 19:45:16 +0000 (19:45 +0000)]
Add OF_getpropbool(9).

ok visa@

3 years agoBring comment in sync with the code. No functional change.
claudio [Thu, 6 May 2021 17:25:45 +0000 (17:25 +0000)]
Bring comment in sync with the code. No functional change.

3 years agoAdd an 'expires' column to CSV & JSON output
job [Thu, 6 May 2021 17:03:57 +0000 (17:03 +0000)]
Add an 'expires' column to CSV & JSON output

The 'expires' value contains a reasonable earliest moment a VRP would expire,
in light of the currently available set of CAs and CRLs. The 'expires' value
can be used to avoid route selection based on stale data when generating VRP
sets, when faced with loss of communication between consumer and valdiator,
or validator and CA repository.

OK claudio@

3 years agoClarify that athn(4) USB devices don't support power saving in hostap mode.
stsp [Thu, 6 May 2021 14:40:35 +0000 (14:40 +0000)]
Clarify that athn(4) USB devices don't support power saving in hostap mode.
Prompted by a report from martingot on bugs@

3 years agoAdd the line number of an error to error messages.
lum [Thu, 6 May 2021 14:16:12 +0000 (14:16 +0000)]
Add the line number of an error to error messages.

3 years agoregen
anton [Thu, 6 May 2021 12:57:02 +0000 (12:57 +0000)]
regen

3 years agoUnlock lseek(2).
anton [Thu, 6 May 2021 12:55:20 +0000 (12:55 +0000)]
Unlock lseek(2).

In August 2019 I tried to unlock lseek which failed since the vnode lock
could not be acquired without holding the kernel lock back then.
claudio@ recently made it possible to acquire a vnode lock without
holding the kernel lock. The kernel lock is still required around
VOP_GETATTR() as the underlying file system implementations are not
MP-safe.

ok claudio@

3 years agoAdd a number to parameters for ewprintf() via beeping.
lum [Thu, 6 May 2021 12:44:21 +0000 (12:44 +0000)]
Add a number to parameters for ewprintf() via beeping.

3 years agoKill pfkeyv2_parsemessage() declaration which is absolutely useless
mvs [Thu, 6 May 2021 11:29:34 +0000 (11:29 +0000)]
Kill pfkeyv2_parsemessage() declaration which is absolutely useless
here since it's declared in net/pfkeyv2.h.

Also kill unused RETURN_EINVAL() macro.

ok mpi@

3 years agoRefactor routines to stop/unstop processes and save the corresponding signal.
mpi [Thu, 6 May 2021 09:33:22 +0000 (09:33 +0000)]
Refactor routines to stop/unstop processes and save the corresponding signal.

- Move the "hack" involving P_SINTR to avoid grabbing the SCHED_LOCK()
recursively closer to where it is necessary, in proc_stop()

- Introduce proc_unstop(), the symmetric routine to proc_stop(), which
manipulates `ps_xsig' and use it whenever a SSTOPed thread needs to be
awaken.

- Manipulate `ps_xsig' only in proc_stop/unstop()

ok kettenis@

3 years agoexport [ none | default-route ] changes are not handled by reload.
claudio [Thu, 6 May 2021 09:23:42 +0000 (09:23 +0000)]
export [ none | default-route ] changes are not handled by reload.

3 years agoIt is no longer required to reset a session when export is changed.
claudio [Thu, 6 May 2021 09:21:35 +0000 (09:21 +0000)]
It is no longer required to reset a session when export is changed.

3 years agoMake iwx(4) install CCMP keys to hardware from a task context to
stsp [Thu, 6 May 2021 09:19:28 +0000 (09:19 +0000)]
Make iwx(4) install CCMP keys to hardware from a task context to
wait for confirmation from the firmware before setting link UP.

Tested by Hrvoje, dv, and myself.

3 years agoImprove reload behaviour of RDE peer flags and export_type.
claudio [Thu, 6 May 2021 09:18:54 +0000 (09:18 +0000)]
Improve reload behaviour of RDE peer flags and export_type.

Add an extra reload barrier (IMSG_RECONF_DRAIN) to the sync of the peer
config from the session engine to the rde. Necessary to ensure that the
peer config is up to date in the RDE before hitting reconfiguration.

Store the export_type and the peer flags outside of peer->conf. Adjust all
users of these two fields so they only look at the copies in peer.
During reload check the values with the peer->conf to check for changes.

If the export_type or the rde evaluate or transparent-as flags changed
flush the Adj-RIB-Out for that peer and in a 2nd step rebuild the RIB from
scratch. This results in a lot of UPDATE churn but these configs are not
altered often.

Fix multiple issues in the rde_softreconfig_in_done handler that resulted
in multiple runs of the out stage of the softreconfig pipeline.

OK benno@

3 years agoSimplify file handling. There is no reason to use O_NONBLOCK on regular
claudio [Thu, 6 May 2021 07:35:22 +0000 (07:35 +0000)]
Simplify file handling. There is no reason to use O_NONBLOCK on regular
files since they will never "block". Remove the UPLOAD_READ_LOCAL state
and inline the meta data check into pre_file().
Plug one memory leak and cleanup code a bunch.
OK benno@

3 years agoMore code cleanup
claudio [Thu, 6 May 2021 07:29:59 +0000 (07:29 +0000)]
More code cleanup
OK florian@ benno@

3 years agoGive parse error if character found between blocks.
lum [Thu, 6 May 2021 07:16:24 +0000 (07:16 +0000)]
Give parse error if character found between blocks.

3 years agoenable dwmmc(4)
jsg [Thu, 6 May 2021 04:09:41 +0000 (04:09 +0000)]
enable dwmmc(4)

3 years agoRefactor vm_instance to return error value directly.
dv [Wed, 5 May 2021 21:33:11 +0000 (21:33 +0000)]
Refactor vm_instance to return error value directly.

vmd(8)'s vm_instance function set unsupported errno values. Change the
api to directly return an error (either errno or custom vmd error).

"go for it" -mlarkin@

3 years agoReplace DTLS w_epoch with epoch from TLSv1.2 record layer.
jsing [Wed, 5 May 2021 19:52:00 +0000 (19:52 +0000)]
Replace DTLS w_epoch with epoch from TLSv1.2 record layer.

ok inoguchi@ tb@

3 years agoThe StarFive JH7100 SoC found on the BeagleV beta boards has most of
kettenis [Wed, 5 May 2021 19:26:51 +0000 (19:26 +0000)]
The StarFive JH7100 SoC found on the BeagleV beta boards has most of
its peripherals hooked up through a bus that doesn't maintain cache
coherency.  So in order to use DMA we will need to flush the L2 caches
before/after a DMA tranfer.  Add a driver for the L2 cache controller
for these SoCs and infrastructure to do the necessary cache maintenance.
Since this particular L2 cache controller needs physical addresses, this
makes the bus_dma(4) code deviate from its arm64 counterpart.

ok drahn@

3 years agoEmit an integer instead of a string in JSON output
job [Wed, 5 May 2021 17:25:44 +0000 (17:25 +0000)]
Emit an integer instead of a string in JSON output

We added the "AS123" format because this is what the other tools did
and there was the goal to have equal output. However, many in the
community have voiced complaints about having to do string conversions.

OK deraadt@ claudio@

3 years agoClarify -n behavior
job [Wed, 5 May 2021 17:24:00 +0000 (17:24 +0000)]
Clarify -n behavior

Input from John Heasley

OK claudio@