deraadt [Fri, 3 Aug 2018 14:39:55 +0000 (14:39 +0000)]
unveil _PATH_DEVDB for devname(). All other filenames are opened
before unveil/pledge.
claudio [Fri, 3 Aug 2018 14:10:39 +0000 (14:10 +0000)]
Reshuffle the way bgpd does the softreload after filter changes.
Walk each rib at most once and push it from there to all RIBs or peers
that need the update. Makes the logic more streight and so easier to run
in background.
Tested by and OK phessler@
kevlo [Fri, 3 Aug 2018 13:37:08 +0000 (13:37 +0000)]
Enable mue(4).
Tested on Orange Pi Plus 2E (armv7) and Orange Pi PC 2 (arm64).
ok jsg@
florian [Fri, 3 Aug 2018 13:14:46 +0000 (13:14 +0000)]
Move dns settings to global options so that they don't need to be
repeated in every interface block - they can still be overwritten
on a per interface basis.
Pointed out by, tweaks & OK sthen
halex [Fri, 3 Aug 2018 11:21:27 +0000 (11:21 +0000)]
document that wpakey needs a preceeding nwid OR join specification
ok phessler@
phessler [Fri, 3 Aug 2018 10:52:45 +0000 (10:52 +0000)]
revert 1.133 and part of 1.131
the stack doesn't always fill in the paramaters correctly
reported by many
florian [Fri, 3 Aug 2018 09:11:56 +0000 (09:11 +0000)]
Account when the next nd6_timer_to is scheduled in nd6_timer()
otherwise nd6_llinfo_settimer() might wrongly assume that a timeout is
already scheduled earlier and not schedule one itself. This in turn
lead to the neighbor cache no longer updating because neighbor
solicitations were not send.
Observed by many.
OK kn
deraadt [Fri, 3 Aug 2018 06:57:34 +0000 (06:57 +0000)]
pledge() a little later, after getopt operation, when we know tty name.
We can then unveil the tty file, and pledge() as before. No other files
are accessed after that point in time.
deraadt [Fri, 3 Aug 2018 06:55:41 +0000 (06:55 +0000)]
unveil of _PATH_DEVDB "/var/run/dev.db" can be done before pledge for
use by ttyname, no other files are accessed after that.
espie [Fri, 3 Aug 2018 06:49:26 +0000 (06:49 +0000)]
actually heed localbase when looking for groff
espie [Fri, 3 Aug 2018 06:39:12 +0000 (06:39 +0000)]
reorg groff runner so that failures are handled better
do the logic for manpage formatting better, so that we can't miss things
simplify filenames, fullname always has a slash
espie [Fri, 3 Aug 2018 06:37:08 +0000 (06:37 +0000)]
- exit in case of exec error. Prevents code from continuing badly
- display error message on STDERR... better
- don't extract the code twice
kevlo [Fri, 3 Aug 2018 06:19:15 +0000 (06:19 +0000)]
- use memset() for for clearing hashtbl
- the switch case for IFM_100_TX was the same code as for IFM_1000_T so it
can be rolled into one.
From Michael W. Bombardieri
jmc [Fri, 3 Aug 2018 06:13:14 +0000 (06:13 +0000)]
tweak previous;
deraadt [Fri, 3 Aug 2018 04:47:56 +0000 (04:47 +0000)]
The first unveil userland commit!
unveil _PATH_LOGIN_CONF (/etc/login.conf) which is used by
login_getclass(3) and family before doing password encode. This
is the only filename used by the program during runtime, everything
else happens on stdin/stdout.
deraadt [Fri, 3 Aug 2018 04:19:34 +0000 (04:19 +0000)]
This does not need pledge "wpath"
beck [Fri, 3 Aug 2018 02:36:11 +0000 (02:36 +0000)]
ni_pledge flags are a uint64_t not an int - don't initialize with an int.
rob [Fri, 3 Aug 2018 01:51:28 +0000 (01:51 +0000)]
Place a limit on the number of elements in a ber sequence/set. This prevents
possible stack overflow due to recursion in ber_free_elements().
ok claudio@
kevlo [Fri, 3 Aug 2018 01:50:14 +0000 (01:50 +0000)]
Add mue(4), a driver for Microchip LAN75xx/LAN78xx 10/100/1000 USB Ethernet
adapters.
"go ahead commit it" deraadt@
nicm [Thu, 2 Aug 2018 18:35:21 +0000 (18:35 +0000)]
Log command arguments.
schwarze [Thu, 2 Aug 2018 17:10:26 +0000 (17:10 +0000)]
replace excessively wordy and fuzzy introduction
with a real HISTORY section;
OK jmc@ rob@
krw [Thu, 2 Aug 2018 16:30:01 +0000 (16:30 +0000)]
errno is never checked after a call to getuint64(). So there is no
point to getuint64() setting it to EINVAL when the user enters an
invalid value or aborts input with a ^D.
rob [Thu, 2 Aug 2018 15:34:07 +0000 (15:34 +0000)]
Grammar fix in comment.
ok deraadt@
rob [Thu, 2 Aug 2018 15:22:11 +0000 (15:22 +0000)]
Some wordsmithing. Comments and tweaks from deraadt, jmc, benno, and tb.
ok deraadt@
claudio [Thu, 2 Aug 2018 14:41:42 +0000 (14:41 +0000)]
Split out the rule skipping logic into own function and by doing so ensure
that both filter lists are treated the same way. This fixes an inconsistency
with ibgp and ebgp filters as used in the example config.
OK benno@ sthen@
benno [Thu, 2 Aug 2018 14:40:38 +0000 (14:40 +0000)]
According to code (and testing), each is optional but at least
one must be present.
From Ross L Richardson, thanks
ok sthen@
benno [Thu, 2 Aug 2018 14:39:26 +0000 (14:39 +0000)]
It's an "X.509 certificate" rather than a "TLS certificate".
As pointed out by sthen@, TLS isn't the only possible use.
From Ross L Richardson
ok shten@
benno [Thu, 2 Aug 2018 14:37:32 +0000 (14:37 +0000)]
its a X.509 certificate, consistency with acme-client.conf.5
From Ross L Richardson
ok sthen@
patrick [Thu, 2 Aug 2018 14:13:44 +0000 (14:13 +0000)]
Enable ssdfb(4) at I2C.
patrick [Thu, 2 Aug 2018 14:09:32 +0000 (14:09 +0000)]
Add I2C attachment code to ssdfb(4). The difference between the I2C
and SPI bus is simply how to let the chip know it's a command or data
transfer. Otherwise we push the very same bits.
mestre [Thu, 2 Aug 2018 13:05:34 +0000 (13:05 +0000)]
ntpd(8) has logic in place to delete its control socket on shutdown, but it
currently doesn't call the function control_cleanup to do so. The solution is
to simply call that function just before the program quits.
"sure" henning@
claudio [Thu, 2 Aug 2018 12:49:00 +0000 (12:49 +0000)]
Make a few more rde specific functions static.
claudio [Thu, 2 Aug 2018 12:46:02 +0000 (12:46 +0000)]
Make free_prefixsets() accept a NULL pointer. Makes it behave more like
all other free functions bgpd has.
nicm [Thu, 2 Aug 2018 11:56:12 +0000 (11:56 +0000)]
session_groups can be static also.
nicm [Thu, 2 Aug 2018 11:44:07 +0000 (11:44 +0000)]
Make key trees and some other bits static.
nicm [Thu, 2 Aug 2018 11:18:34 +0000 (11:18 +0000)]
Minor tidying.
claudio [Thu, 2 Aug 2018 09:46:35 +0000 (09:46 +0000)]
This brings the network code more in line with what regular update
processing does. It adds the prefix to Adj-RIB-In and if "log update" is
set it will also log the addition and removal of a prefix.
OK benno@
kettenis [Thu, 2 Aug 2018 09:45:17 +0000 (09:45 +0000)]
Add delay when increasing the voltage of a regulator that has a
"regulator-ramp-delay" property to guerantee that the target voltage has
been reached when regulator_set_voltage(9) returns.
ok patrick@
nicm [Thu, 2 Aug 2018 07:55:16 +0000 (07:55 +0000)]
Make display-panes block the client until a pane is chosen or it times out.
mestre [Thu, 2 Aug 2018 06:43:31 +0000 (06:43 +0000)]
Actually order the promises in their canonical form, missed that in my
previous commit.
heads up and OK tb@
mestre [Thu, 2 Aug 2018 06:28:35 +0000 (06:28 +0000)]
Currently when eigrpd(8) shuts down then its unix control socket is being
unlink(2)ed from eigrpe engine process, the problem is that this proc is
chrooted and therefore the socket will never be deleted.
In order to solve it we need to bring control_cleanup() function, which calls
unlink(2), into the main proc which is not chrooted. This is the way it's
already done for several other daemons we have in our base.
Additionally we also need to move the "cpath" pledge(2) promise from the child
process to the main process in order for the latter to be allowed to delete the
socket and while here shuffle the promises into their canonical form.
OK florian@ and benno@
beck [Thu, 2 Aug 2018 04:41:47 +0000 (04:41 +0000)]
Fix panic when we attempt to mess with "." but have a flags mismatch
so unveil_check_final returns an error - in this case we can't
just VOP_UNLOCK the parent we have to know we are dealing with "."
found by anton@ - thanks
beck [Thu, 2 Aug 2018 04:39:58 +0000 (04:39 +0000)]
Test messing with "." both when having . unveiled for an operation, and
with . veiled without the right flags for an operation, since these
come out of namei differently and . is the bane of the special
LOCKPARENT corner cases - this tests a panic found by anton@
brynet [Wed, 1 Aug 2018 20:33:53 +0000 (20:33 +0000)]
On AMD CPUs, If the LFENCE serialization MSR bit is already set, then
we don't need to uncondtionally set it.
Worksaround a suspected bug in newer Linux KVM, which may trigger a
#GP fault on writes to this MSR.
ok mlarkin@
mestre [Wed, 1 Aug 2018 17:17:42 +0000 (17:17 +0000)]
Fix segmentation fault on radiusd(8) when exiting.
If one of the configured modules doesn't have a secret setup then
module->secret == NULL which would call strlen(NULL), within freezero(3),
and that shouldn't happen, but in this case since the call is done it
segfaults and the daemon is not properly shutdown.
cluebat stick provided by semarie@, OK tb@ and deraadt@
schwarze [Wed, 1 Aug 2018 16:00:54 +0000 (16:00 +0000)]
Fix an off-by-one string read access that could happen if an empty
string argument preceded a string argument beginning with "--".
Found by Leah Neukirchen <leah at vuxu dot org> with -Wpointer-compare.
kettenis [Wed, 1 Aug 2018 15:55:50 +0000 (15:55 +0000)]
Fix various RK3399 clocks and add support for getting the clock frequency
of the clocks that we can set.
Assign clock rates (and parents) based on the "assigned-clocks" device tree
property, but only on RK3399 for now as the code for the other Rockchip SoCs
isn't quite ready yet.
Last but not least, fixup a mistake on the firmware for the Theobroma
Systems RK3399-Q7 module such that the "big" cluster uses BPLL as intended.
schwarze [Wed, 1 Aug 2018 15:39:47 +0000 (15:39 +0000)]
After rewriting the parse buffer from scratch, we also have to reset
the parse point to the beginning of the new buffer or we risk out
of bounds accesses. Bug found by Leah Neukirchen <leah at vuxu dot
org> with valgrind on Void Linux.
nicm [Wed, 1 Aug 2018 15:22:40 +0000 (15:22 +0000)]
Initialize new lineflag member.
schwarze [Wed, 1 Aug 2018 13:44:15 +0000 (13:44 +0000)]
Avoid a read access one byte beyond the end of an allocated string
which occurred in situations like ".Fl a Cm --"; found by
Leah Neukirchen <leah at vuxu dot org> with valgrind on Void Linux.
tb [Wed, 1 Aug 2018 13:35:33 +0000 (13:35 +0000)]
Use a single space after colon in another errx().
Pointed out by Kris Katterjohn
cheloha [Wed, 1 Aug 2018 13:13:53 +0000 (13:13 +0000)]
Disallow negative reps, they make no sense. While here, sscanf -> strtonum.
From Kris Katterjohn on tech@.
ok tb@
patrick [Wed, 1 Aug 2018 12:34:36 +0000 (12:34 +0000)]
Implement a partial update mechanism. Since the SPI-connected display
cannot read the framebuffer memory, we have to push the framebuffer to
the display. ssdfb(4) will now be able to update only a certain region
region of the framebuffer as soon as there is infrastructure to trigger
it.
florian [Wed, 1 Aug 2018 11:47:29 +0000 (11:47 +0000)]
Clarify that we chroot to the users home directory if -u is provided.
Pointed out by Andrew Daugherity (andrew.daugherity AT gmail), thanks!
Tweaks and OK jmc
rob [Wed, 1 Aug 2018 10:42:55 +0000 (10:42 +0000)]
Remove midsentence period.
jmc [Wed, 1 Aug 2018 07:09:15 +0000 (07:09 +0000)]
document when -exec evaluates to true; from kris katterjohn
ok tb
while here, knock out a useless Tn;
tb [Wed, 1 Aug 2018 06:39:58 +0000 (06:39 +0000)]
Update a comment to include -delete, -execdir, -ls and -print0 among
the primaries that do not imply -print. From Kris Katterjohn, thanks!
ok jmc
tb [Wed, 1 Aug 2018 06:37:33 +0000 (06:37 +0000)]
Document that -delete and -execdir prevent -print from being assumed.
From Kris Katterjohn, thanks.
ok jmc
jmc [Wed, 1 Aug 2018 05:55:25 +0000 (05:55 +0000)]
update currency exchange rates;
kn [Tue, 31 Jul 2018 22:48:04 +0000 (22:48 +0000)]
Zap v4mask and v6mask in host()
Simply defer checks whether a mask has been specified to where it's set in
host_*(); this is to reduce address family specific code.
OK sashan
rob [Tue, 31 Jul 2018 19:38:09 +0000 (19:38 +0000)]
Relocate some public functions above the internal functions comment.
ok claudio@
fcambus [Tue, 31 Jul 2018 17:25:55 +0000 (17:25 +0000)]
Display color depth alongside resolution when attaching simplefb(4).
OK kettenis@, deraadt@
claudio [Tue, 31 Jul 2018 15:30:04 +0000 (15:30 +0000)]
Reshuffle order in struct rde_peer a bit. No functional change.
nicm [Tue, 31 Jul 2018 13:06:44 +0000 (13:06 +0000)]
Do not leak path or use it after free.
patrick [Tue, 31 Jul 2018 12:41:57 +0000 (12:41 +0000)]
Stop reversing bytes read from the framebuffer. That was added since
the 8x16 font showed horizontally flipped characters, but as it turns
out the issue is that with 8-bit wide fonts we use optimized rasops
code that apparently writes out the character with reversed bitorder.
nicm [Tue, 31 Jul 2018 11:49:26 +0000 (11:49 +0000)]
Move struct screen_sel into screen.c and tidy up members that are only
used by copy mode.
rob [Tue, 31 Jul 2018 11:37:18 +0000 (11:37 +0000)]
Fix some debugging output now that ber type and encoding are unsigned int.
ok claudio@
claudio [Tue, 31 Jul 2018 11:02:01 +0000 (11:02 +0000)]
Make ber type and encoding a unsigned int instead of unsigned long.
This way the size is the same on all archs and 32bit should be good enough.
OK rob@
claudio [Tue, 31 Jul 2018 11:01:29 +0000 (11:01 +0000)]
Make ber type and encoding a unsigned int instead of unsigned long.
This way the size is the same on all archs and 32bit should be good enough.
OK rob@
claudio [Tue, 31 Jul 2018 11:01:00 +0000 (11:01 +0000)]
Make ber type and encoding a unsigned int instead of unsigned long.
This way the size is the same on all archs and 32bit should be good enough.
OK rob@
claudio [Tue, 31 Jul 2018 11:00:12 +0000 (11:00 +0000)]
Make ber type and encoding a unsigned int instead of unsigned long.
This way the size is the same on all archs and 32bit should be good enough.
OK rob@
nicm [Tue, 31 Jul 2018 10:32:19 +0000 (10:32 +0000)]
Clear history on RIS like most other terminals do.
kettenis [Tue, 31 Jul 2018 10:09:25 +0000 (10:09 +0000)]
Implement setting the voltage of the regulators.
kettenis [Tue, 31 Jul 2018 10:08:24 +0000 (10:08 +0000)]
Correctly set the dividers for the clock of the "big" cores.
kettenis [Tue, 31 Jul 2018 10:07:13 +0000 (10:07 +0000)]
Fix setting the voltage; the code was using the wrong variable as a step size.
Includes some cosmetic fixes as well.
claudio [Tue, 31 Jul 2018 08:04:49 +0000 (08:04 +0000)]
There is no longer the need to be careful in rde_softreconfig_in() when
traversing the prefix list. Since a while Adj-RIB-In is fully independent
and so updating the local RIB does not modify that list.
OK benno@
djm [Tue, 31 Jul 2018 03:10:27 +0000 (03:10 +0000)]
delay bailout for invalid authenticating user until after the packet
containing the request has been fully parsed. Reported by Dariusz Tytko
and MichaĆ Sajdak; ok deraadt
djm [Tue, 31 Jul 2018 03:07:24 +0000 (03:07 +0000)]
fix some memory leaks spotted by Coverity via Jakub Jelen in bz#2366
feedback and ok dtucker@
deraadt [Tue, 31 Jul 2018 02:55:57 +0000 (02:55 +0000)]
KNF
anton [Mon, 30 Jul 2018 20:53:42 +0000 (20:53 +0000)]
Declare then assign local variable, no binary change.
kettenis [Mon, 30 Jul 2018 19:40:53 +0000 (19:40 +0000)]
If we keep the BIOS framebuffer, stick to the desired framebuffer size
instead of using the actual framebuffer size. This fixes a problem seen
on various Apple machines where the BIOS framebuffer is bigger than the
actual display.
ok jcs@, mpi@
mpi [Mon, 30 Jul 2018 19:10:50 +0000 (19:10 +0000)]
regen
mpi [Mon, 30 Jul 2018 19:09:51 +0000 (19:09 +0000)]
Unlock sendmsg(2), sendto(2), recvfrom(2) and recvmsg(2).
ok kettenis@, sthen@, deraadt@, visa@, krw@
bluhm [Mon, 30 Jul 2018 18:05:56 +0000 (18:05 +0000)]
Replace fork with sniffer thread in Python. Clear the BPF list
before sniffing, Scapy 2.4.0 remembers old packets that confuse the
test.
anton [Mon, 30 Jul 2018 17:27:37 +0000 (17:27 +0000)]
Add regress covering the recently fixed NULL pointer deref in open().
jmc [Mon, 30 Jul 2018 17:24:24 +0000 (17:24 +0000)]
catch up with the symlink removal of /dev/{audio,mixer};
ok ratchov
anton [Mon, 30 Jul 2018 17:21:37 +0000 (17:21 +0000)]
Fix a NULL-pointer dereference when calling open() on a cloned device with write
permissions and the flags include O_TRUNC|O_SHLOCK.
ok deraadt@
schwarze [Mon, 30 Jul 2018 16:02:02 +0000 (16:02 +0000)]
improve consistency of markup for some variables, still far from perfect
jcs [Mon, 30 Jul 2018 15:57:04 +0000 (15:57 +0000)]
recognize WSMOUSE_TYPE_TOUCHPAD devices
ok bru
jcs [Mon, 30 Jul 2018 15:56:30 +0000 (15:56 +0000)]
define WSMOUSE_TYPE_TOUCHPAD so non-elantech drivers can stop
claiming to be elantech devices
deraadt [Mon, 30 Jul 2018 15:21:36 +0000 (15:21 +0000)]
Some cleanups and clarification, especially regarding locking (observed by rob)
ok beck jmc
deraadt [Mon, 30 Jul 2018 15:19:12 +0000 (15:19 +0000)]
sync
deraadt [Mon, 30 Jul 2018 15:16:27 +0000 (15:16 +0000)]
rename 2nd argument of unveil from vague "flags" to "permissions";
man page change will follow
kettenis [Mon, 30 Jul 2018 14:19:12 +0000 (14:19 +0000)]
Use the MI interrupt enable/distable API instead of the MD one on i386 and
remove the MD API.
ok deraadt@
espie [Mon, 30 Jul 2018 14:13:08 +0000 (14:13 +0000)]
Tweak history
Document that LOCALBASE changes may not work.
Be less dramatic about it, as it doesn't appear to be *that* bad.
espie [Mon, 30 Jul 2018 12:47:12 +0000 (12:47 +0000)]
byebye fake.mtree
mpi [Mon, 30 Jul 2018 12:22:14 +0000 (12:22 +0000)]
Use FNONBLOCK instead of SS_NBIO to check/indicate that the I/O mode
for sockets is non-blocking.
This allows us to G/C SS_NBIO. Having to keep the two flags in sync
in a mp-safe way is complicated.
This change introduce a behavior change in sosplice(), it can now
always block. However this should not matter much due to the socket
lock being taken beforhand.
ok bluhm@, benno@, visa@
ratchov [Mon, 30 Jul 2018 11:51:42 +0000 (11:51 +0000)]
Inline trivial uaudio_id_name(). From Michael Bombardieri, thanks.
"looks good" kn@
nicm [Mon, 30 Jul 2018 11:24:55 +0000 (11:24 +0000)]
Remove a leftover unused struct.
stsp [Mon, 30 Jul 2018 11:09:17 +0000 (11:09 +0000)]
Don't ask drivers to join a wifi network before an AP has been chosen.
Should fix a panic with bwfm(4) reported by mlarkin@
ok phessler@