jsg [Thu, 14 Dec 2023 05:14:10 +0000 (05:14 +0000)]
drm/amdgpu: correct chunk_ptr to a pointer to chunk.
From YuanShang
9046665befd6e9b9b97df458dc4c41cfe63e21d3 in linux-6.1.y/6.1.68
50d51374b498457c4dea26779d32ccfed12ddaff in mainline linux
tb [Wed, 13 Dec 2023 23:34:45 +0000 (23:34 +0000)]
Simplify OBJ_ln2nid()
This is s/sn/ln/g of the previous commit and eliminates another
OBJ_bsearch_() user, the last one in this file. The bsearch() uses
in this file are possibly the only ones that actually make sense
since we're searching tables of roughly 1000 entries.
ok jsing
tb [Wed, 13 Dec 2023 23:31:25 +0000 (23:31 +0000)]
Simplify OBJ_sn2nid()
Another OBJ_bsearch_() elimination.
OBJ_sn2nid() is very similar to OBJ_obj2nid(). First it tries to retrieve
an object identifier with matching "short name" from the global hash of
added objects and then searches the table of built-in objects.
ok jsing
tb [Wed, 13 Dec 2023 23:28:47 +0000 (23:28 +0000)]
Simplify OBJ_obj2nid()
Continue with OBJ_bsearch_() elimination.
OBJ_obj2nid() first checks if the object identifier passed in has a nid
and if so, it returns that. Otherwise, it looks into the global hash of
added objects (of course without locking) for a match and then returns
the nid thereof. As a last attempt, it searches the table of built-in
object identifiers.
The last two steps can be cleaned up and simplified quite a bit by using
C99 initializers, bsearch() and an appropriate comparison function. Then
it becomes obvious that bsearch() already returns a pointer to the nid
we're looking for, so there is no point in converting that into its
corresponding obj and returning the nid thereof.
ok jsing
jca [Wed, 13 Dec 2023 18:26:41 +0000 (18:26 +0000)]
Implement per-CPU caching for the page table page (vp) pool and the PTE
descriptor (pted) pool in the [riscv64] pmap implementation. This
significantly reduces the side-effects of lock contention on the kernel
map lock that is (incorrectly) translated into excessive page daemon
wakeups. This is not a perfect solution but it does lead to significant
speedups [on the Hifive Unmatched]
Improvement and commit message adapted from kettenis' rev 1.110 commit
to arm64/pmap.c. ok phessler@ kettenis@
ajacoutot [Wed, 13 Dec 2023 17:50:23 +0000 (17:50 +0000)]
Match what reorder_kernel is doing and use kern.osversion to find out whether
we are running an MP kernel or not.
based on a reworked submission from kris at devtty dot one via deraadt@
input and ok robert@
deraadt [Wed, 13 Dec 2023 16:58:32 +0000 (16:58 +0000)]
sync
miod [Wed, 13 Dec 2023 15:57:22 +0000 (15:57 +0000)]
Fix syscall number bounds check computations.
claudio [Wed, 13 Dec 2023 15:34:43 +0000 (15:34 +0000)]
Use imsg_get_fd() to access the control fd.
OK tb@
claudio [Wed, 13 Dec 2023 15:34:27 +0000 (15:34 +0000)]
Use imsg_get_fd() to access the control fd.
OK tb@
miod [Wed, 13 Dec 2023 12:41:31 +0000 (12:41 +0000)]
Unbreak; looks like a not up-to-date diff was commited )-:
kn [Wed, 13 Dec 2023 12:14:10 +0000 (12:14 +0000)]
remove -o cases; reminded by anton
job [Wed, 13 Dec 2023 11:34:56 +0000 (11:34 +0000)]
Impose constraints on RPKI Trust Anchors
See https://datatracker.ietf.org/doc/html/draft-snijders-constraining-rpki-trust-anchors
for more information.
Tested for a few months.
OK tb@ claudio@
miod [Wed, 13 Dec 2023 11:20:18 +0000 (11:20 +0000)]
Put back variable initialization mistakenly lost in 1.162
miod [Wed, 13 Dec 2023 09:01:25 +0000 (09:01 +0000)]
Move a large part of SYS.h defines to DEFS.h to match where other platforms
put their macros, and also turn a few "EXIT" into "END" for consistency with
other platforms. NFCI
ok kettenis@ deraadt@
deraadt [Wed, 13 Dec 2023 08:10:22 +0000 (08:10 +0000)]
OSF/1 placed alpha binaries above 4G. This affects our nopie binaries,
of which there is only one -- instbin, on the install media. But
that is incompatible with the 32-bit offsets in openbsd.syscalls.
Move the start of openbsd nopie binaries much lower.
ok kettenis
tb [Wed, 13 Dec 2023 07:19:37 +0000 (07:19 +0000)]
rfc3779: remove redundant const.
This is already included in the typedef (yuck) and makes some Windows
compilers unhappy.
jmc [Wed, 13 Dec 2023 06:39:10 +0000 (06:39 +0000)]
no more syscall.2;
tb [Wed, 13 Dec 2023 06:00:28 +0000 (06:00 +0000)]
tlsexttest: \178 isn't a valid octal escape sequence
tb [Wed, 13 Dec 2023 05:59:50 +0000 (05:59 +0000)]
constraints: \178 isn't a valid octal escape sequence
tb [Wed, 13 Dec 2023 05:57:37 +0000 (05:57 +0000)]
x509_asn1: avoid lookup table that makes some compilers whine
djm [Wed, 13 Dec 2023 03:28:19 +0000 (03:28 +0000)]
when invoking KnownHostsCommand to determine the order of host key
algorithms to request, ensure that the hostname passed to the command
is decorated with the port number for ports other than 22.
This matches the behaviour of KnownHostsCommand when invoked to look
up the actual host key.
bz3643, ok dtucker@
deraadt [Wed, 13 Dec 2023 02:42:36 +0000 (02:42 +0000)]
actually remove it, pointed out by jsg
deraadt [Wed, 13 Dec 2023 02:31:15 +0000 (02:31 +0000)]
another syscall(2) removal chunk got lost
jsg [Wed, 13 Dec 2023 00:37:42 +0000 (00:37 +0000)]
filedescriptor -> file descriptor
deraadt [Tue, 12 Dec 2023 23:43:35 +0000 (23:43 +0000)]
two syscall(2) removal chunks got lost
kn [Tue, 12 Dec 2023 22:00:43 +0000 (22:00 +0000)]
Make -o less special, drop -o '' support, always use last value
ftp(1) says -o is about a single file/URL, but option handling takes the
empty string as "reset previous -o value", which makes little sense, is
undocumented and counter-intuitively works as if no -o was specified.
OK millert
martijn [Tue, 12 Dec 2023 20:18:39 +0000 (20:18 +0000)]
The OID inside snmpTrapOID is of type NOTIFICATION-TYPE, which does not
have a zero appended.
OK tb@
martijn [Tue, 12 Dec 2023 20:15:49 +0000 (20:15 +0000)]
Do a bitter cleanup after the config defined objects on shutdown.
OK tb@
deraadt [Tue, 12 Dec 2023 17:43:10 +0000 (17:43 +0000)]
put pinsyscalls(2) into the "always" group
deraadt [Tue, 12 Dec 2023 17:39:14 +0000 (17:39 +0000)]
repair type for 2nd arg of read(2)
claudio [Tue, 12 Dec 2023 15:54:18 +0000 (15:54 +0000)]
io_read_buf() abused the ibuf internal rpos which is no longer allowed.
This is now just a simple wrapper around ibuf_get().
OK tb@
claudio [Tue, 12 Dec 2023 15:52:58 +0000 (15:52 +0000)]
ibuf_getdata() abuses the rpos from the ibuf. This is no longer allowed
and breaks because ibuf_seek() now uses rpos itself. Now this is just
ibuf_get_ibuf() with an extra allocation done.
OK tobhe@ tb@
claudio [Tue, 12 Dec 2023 15:50:39 +0000 (15:50 +0000)]
Sync
claudio [Tue, 12 Dec 2023 15:49:21 +0000 (15:49 +0000)]
Move ibuf API from imsg_init.3 to ibuf_add.3
Document all new functions added and adjust examples in imsg_init.3
to follow the new way of handling messages.
OK tb@
claudio [Tue, 12 Dec 2023 15:47:40 +0000 (15:47 +0000)]
Extend imsg and ibuf API with useful getter methods
For ibufs:
- various getters for ibufs (ibuf_get* and ibuf_skip)
- additional ibuf set/add functions that don't alter byte order
- ibuf_truncate and ibuf_rewind
- ibuf_from_buffer and ibuf_from_ibuf to populate a reader ibuf
- a getter for the msgbuf queuelen
For imsg:
- various getters for imsg (especially imsg_get_data() which can be used
in most cases as a simple one call api with all error checks).
All the imsg.hdr fields can also be accessed by getters.
- The imsg data is now actually an ibuf but the old imsg.data pointer is
kept for now to not break every imsg application.
- Introduce imsg_forward to simply forward a message from one channel to
an other (used in the control socket code).
Since this requires a major bump take the oportunity to also cleanup some
function signatures to use size_t for length fields. Also internal data
structures are removed from the public header.
With and OK tb@
deraadt [Tue, 12 Dec 2023 15:44:00 +0000 (15:44 +0000)]
To avoid kbind(2) becoming a powerful gadget, it is called inline to a
function. Therefore we cannot create a precise pinsyscall label. Instead
create a duplicate entry (using inline asm) to force the kernel's pinsyscall
code to skip validation, rather than labelling it illegal. kbind(2) remains
safe because it self-protects by checking its calling address.
ok kettenis
deraadt [Tue, 12 Dec 2023 15:41:47 +0000 (15:41 +0000)]
sync
deraadt [Tue, 12 Dec 2023 15:41:24 +0000 (15:41 +0000)]
crank libc major because syscall(2) was removed
deraadt [Tue, 12 Dec 2023 15:38:15 +0000 (15:38 +0000)]
sync
deraadt [Tue, 12 Dec 2023 15:32:58 +0000 (15:32 +0000)]
sync
deraadt [Tue, 12 Dec 2023 15:30:55 +0000 (15:30 +0000)]
remove support for syscall(2) -- the "indirection system call" because
it is a dangerous alternative entry point for all system calls, and thus
incompatible with the precision system call entry point scheme we are
heading towards. This has been a 3-year mission:
First perl needed a code-generated wrapper to fake syscall(2) as a giant
switch table, then all the ports were cleaned with relatively minor fixes,
except for "go". "go" required two fixes -- 1) a framework issue with
old library versions, and 2) like perl, a fake syscall(2) wrapper to
handle ioctl(2) and sysctl(2) because "syscall(SYS_ioctl" occurs all over
the place in the "go" ecosystem because the "go developers" are plan9-loving
unix-hating folk who tried to build an ecosystem without allowing "ioctl".
ok kettenis, jsing, afresh1, sthen
mvs [Tue, 12 Dec 2023 12:38:52 +0000 (12:38 +0000)]
slyle(9) fix. No functional changes.
deraadt [Tue, 12 Dec 2023 07:37:20 +0000 (07:37 +0000)]
The sigtramp was calling sigreturn(2), and upon failure exit(2), which
doesn't make sense anymore. It is better to just issue an illegal
instruction.
ok kettenis, with some misgivings about inconsistant approaches between
architectures.
In the future we could change sigreturn(2) to never return an exit code,
but always just terminate the process. We stopped this system call
from being callable ages ago with msyscall(2), and there is no stub for
it in libc.. maybe that's the next step to take?
deraadt [Tue, 12 Dec 2023 01:45:27 +0000 (01:45 +0000)]
sync
mvs [Tue, 12 Dec 2023 00:03:31 +0000 (00:03 +0000)]
Turn `pflowstats' statistics counters into per-CPU counters to make them
mpsafe.
The weird interactions around `pflow_flows' and `sc_gcounter' replaced
by simple `pflow_flows' increment. Since the flow sequence is the 32
bits integer, the `sc_gcounter' type replaced by the type of uint32_t.
ok bluhm sashan
deraadt [Mon, 11 Dec 2023 22:29:23 +0000 (22:29 +0000)]
Make sure the syscall table entries are aligned on a 4-byte boundary.
Required for strict-alignment architectures and a good idea on others.
same as kettenis commit to libc
kettenis [Mon, 11 Dec 2023 22:24:15 +0000 (22:24 +0000)]
Make sure the syscall table entries are aligned on a 4-byte boundary.
Required for strict-alignment architectures and a good idea on others.
ok deraadt@
kettenis [Mon, 11 Dec 2023 22:12:52 +0000 (22:12 +0000)]
Implement per-CPU caching for the page table page (vp) pool and the PTE
descriptor (pted) pool in the arm64 pmap implementation. This
significantly reduces the side-effects of lock contention on the kernel
map lock that is (incorrectly) translated into excessive page daemon
wakeups. This is not a perfect solution but it does lead to significant
speedups on machines with many CPU cores.
This requires adding a new pmap_init_percpu() function that gets called
at the point where kernel is ready to set up the per-CPU pool caches.
Dummy implementations of this function are added for all non-arm64
architectures. Some other architectures can probably benefit from
providing an actual implementation that sets up per-CPU caches for
pmap pools as well.
ok phessler@, claudio@, miod@, patrick@
kettenis [Mon, 11 Dec 2023 19:52:40 +0000 (19:52 +0000)]
Synchronize datasize-cur limit for staff with the default class.
ok deraadt@, millert@, phessler@
job [Mon, 11 Dec 2023 19:05:20 +0000 (19:05 +0000)]
Warn when the same manifestNumber is recycled across multiple issuances of that manifest
OK tb@
job [Mon, 11 Dec 2023 15:50:23 +0000 (15:50 +0000)]
Log a warning when a manifest replay is detected
OK tb@ claudio@
jmc [Mon, 11 Dec 2023 15:21:14 +0000 (15:21 +0000)]
ampchwm:
- lowercase Nd
- add arch to Dt
acpi.4:
- add entry for ampchwm
ok claudio
krw [Mon, 11 Dec 2023 14:27:09 +0000 (14:27 +0000)]
Fix the shift of status bits 2:0 to 11:9 from <<8 to <<9.
Fix the mask of shifted 8 bit field from 0x7f to 0xff.
Allows proper decoding of status fields SCT and SC.
From mlelstv@netbsd via NetBSD.
ok miod@
mvs [Mon, 11 Dec 2023 14:25:09 +0000 (14:25 +0000)]
Turn `pflow_softc' list into SMR list.
Since the revision 1.1182 of net/pf.c netlock is not taken while
export_pflow() called from pf_purge_states(). Current locks order
requires netlock to be taken before PF_LOCK(), so there is no reason
to turn it back into this path only for optional export_pflow() call.
The `pflowif_list' foreach loop has no context switch within, so SMR
list is better than mutex(9).
Tested by Hrvoje Popovski.
ok sashan bluhm
claudio [Mon, 11 Dec 2023 11:17:34 +0000 (11:17 +0000)]
Manpage for ampchwm(4) - Ampere Altra Fine-Grained Power Telemetry
claudio [Mon, 11 Dec 2023 11:15:44 +0000 (11:15 +0000)]
Add ampchwm(4) a driver to access the Ampere Altra Fine-Grained Power Telemetry
This adds per core energy sensors (in Joules) and one per SoC temparature
sensor.
OK kettenis@ deraadt@
jan [Mon, 11 Dec 2023 09:40:42 +0000 (09:40 +0000)]
vio(4): simplify mbuf parsing with ether_extract_headers()
ok sf@
jsg [Mon, 11 Dec 2023 05:29:02 +0000 (05:29 +0000)]
drm/amd/display: Fix MPCC 1DLUT programming
From Ilya Bakoulin
10ce6301009fa46ba264ed75b822115ec3ca6e67 in linux-6.1.y/6.1.66
6f395cebdd8927fbffdc3a55a14fcacf93634359 in mainline linux
jsg [Mon, 11 Dec 2023 05:27:19 +0000 (05:27 +0000)]
drm/amd/display: Fix the delta clamping for shaper LUT
From Harry Wentland
8332cb6c63394f32117a6f46a8cf7bedb8eec0b1 in linux-6.1.y/6.1.66
27fc10d1095f7a7de7c917638d7134033a190dd8 in mainline linux
jsg [Mon, 11 Dec 2023 05:25:29 +0000 (05:25 +0000)]
drm/amd/display: clean code-style issues in dcn30_set_mpc_shaper_3dlut
From Melissa Wen
442a4d4d01579d5d7066d0653898ffbb4091e3be in linux-6.1.y/6.1.66
94369589e4ec13c762fe10a1fdc4463bdfee5d5f in mainline linux
jsg [Mon, 11 Dec 2023 05:23:45 +0000 (05:23 +0000)]
drm/amd/display: Expand kernel doc for DC
From Rodrigo Siqueira
6cd736272165d7a6a7d62fb0a40536ed3741ed02 in linux-6.1.y/6.1.66
1682bd1a6b5fb094e914d9b73b711821fd84dcbd in mainline linux
jsg [Mon, 11 Dec 2023 05:21:50 +0000 (05:21 +0000)]
drm/amd/pm: fix a memleak in aldebaran_tables_init
From Dinghao Liu
0e0a95166882e594af4ab4f8c6f7894c2c32f6a9 in linux-6.1.y/6.1.66
7a88f23e768491bae653b444a96091d2aaeb0818 in mainline linux
jsg [Mon, 11 Dec 2023 05:20:29 +0000 (05:20 +0000)]
drm/amd/display: Guard against invalid RPTR/WPTR being set
From Nicholas Kazlauskas
195514bda626b16fb6ef9ff4172dc0433a3c105b in linux-6.1.y/6.1.66
1ffa8602e39b89469dc703ebab7a7e44c33da0f7 in mainline linux
jsg [Mon, 11 Dec 2023 05:18:43 +0000 (05:18 +0000)]
drm/amd/display: Restore rptr/wptr for DMCUB as workaround
From JinZe Xu
395a63ca1ad2e0534176cac91f5715961e744529 in linux-6.1.y/6.1.66
8f3589bb6fcea397775398cba4fbcc46829a60ed in mainline linux
jsg [Mon, 11 Dec 2023 05:15:39 +0000 (05:15 +0000)]
dma-buf: fix check in dma_resv_add_fence
From Christian Koenig
fc98ea2699c090e0377d16d733dca7a0b7508237 in linux-6.1.y/6.1.66
95ba893c9f4feb836ddce627efd0bb6af6667031 in mainline linux
jsg [Mon, 11 Dec 2023 05:12:54 +0000 (05:12 +0000)]
drm/amd/display: fix ABM disablement
From Hamza Mahfooz
7cfc3884a8bb3b77efd035885c758fb33587f1b3 in linux-6.1.y/6.1.66
b9f46f0b98784e40288ee393f863f553fde062fa in mainline linux
jsg [Mon, 11 Dec 2023 05:11:15 +0000 (05:11 +0000)]
drm/amd/display: Update min Z8 residency time to 2100 for DCN314
From Nicholas Kazlauskas
859a3a9f1e6b4055fd96695d11defca050ecf5cf in linux-6.1.y/6.1.66
4636a211980052ca0df90265c8a3ed2d46099091 in mainline linux
jsg [Mon, 11 Dec 2023 05:09:01 +0000 (05:09 +0000)]
drm/amd/display: Use DRAM speed from validation for dummy p-state
From Alvin Lee
6ef7f13c72df6bc95d39eb1614306768141377db in linux-6.1.y/6.1.66
9be601135ba8ac69880c01606c82140f2dde105e in mainline linux
jsg [Mon, 11 Dec 2023 05:07:03 +0000 (05:07 +0000)]
drm/amd/display: Remove min_dst_y_next_start check for Z8
From Nicholas Kazlauskas
a67c18704706e0a9ccac9b7002e678d325aea123 in linux-6.1.y/6.1.66
08448812acb2ab701cd5ff7e1a1dc97f7f10260c in mainline linux
jsg [Mon, 11 Dec 2023 05:04:45 +0000 (05:04 +0000)]
drm/amd/display: Include udelay when waiting for INBOX0 ACK
From Alvin Lee
33ed892f0cdeb1350648cd3bfe8140aa9f792076 in linux-6.1.y/6.1.66
3c9ea68cb61bd7e5bd312c06a12adada74ff5805 in mainline linux
jsg [Mon, 11 Dec 2023 05:02:38 +0000 (05:02 +0000)]
drm/amdgpu: Force order between a read and write to the same address
From Alex Sierra
c5cf436c8969516c92aaceb87582ff19bd187756 in linux-6.1.y/6.1.66
4b27a33c3b173bef1d19ba89e0b9b812b4fddd25 in mainline linux
jsg [Mon, 11 Dec 2023 05:00:24 +0000 (05:00 +0000)]
drm/amd: Enable PCIe PME from D3
From Mario Limonciello
c6088429630048661e480ed28590e69a48c102d6 in linux-6.1.y/6.1.66
6967741d26c87300a51b5e50d4acd104bc1a9759 in mainline linux
jsg [Mon, 11 Dec 2023 04:56:54 +0000 (04:56 +0000)]
add dma_fence_is_later_or_same() for 6.1.66 drm
deraadt [Mon, 11 Dec 2023 03:05:15 +0000 (03:05 +0000)]
arm just had to be different and change the syntax for .pushsection
arguments, so we have to cope.
deraadt [Mon, 11 Dec 2023 02:30:36 +0000 (02:30 +0000)]
Oops, wrong argument to macro
deraadt [Mon, 11 Dec 2023 00:40:31 +0000 (00:40 +0000)]
Report system call pinning violations.
deraadt [Mon, 11 Dec 2023 00:39:43 +0000 (00:39 +0000)]
Add an accounting flag for syscall pinning violations.
deraadt [Mon, 11 Dec 2023 00:35:06 +0000 (00:35 +0000)]
sync
deraadt [Mon, 11 Dec 2023 00:34:24 +0000 (00:34 +0000)]
document upcoming pinsyscalls(2) system call
ok kettenis, some tweaks from jmc
dv [Sun, 10 Dec 2023 21:25:14 +0000 (21:25 +0000)]
vmm(4): flush EPTs after enabling VMX mode.
The Intel SDM states the vmxon/vmxoff instructions don't invalidate
any EPT states on the cpu and recommend invalidating the global
context. vmm(4) opportunistically disables and enables VMX mode as
vms are created or terminated, so this adds a recommended
housekeeping step per the SDM.
While here, tidy up the CR4 toggling by moving it to after the MSR
feature check.
ok mlarkin@
tb [Sun, 10 Dec 2023 19:20:06 +0000 (19:20 +0000)]
evp_test: zap extra empty line
miod [Sun, 10 Dec 2023 19:03:37 +0000 (19:03 +0000)]
The new cinematic to get sensor information as soon as possible sometimes
runs too fast for the device and causes it to stutter its identification
string. Check if the second string chunk matches the first one, and ignore
it in this case, the correct data will come later.
deraadt [Sun, 10 Dec 2023 16:59:51 +0000 (16:59 +0000)]
sync
deraadt [Sun, 10 Dec 2023 16:59:09 +0000 (16:59 +0000)]
pinsyscalls(2) 2nd argument can be "uint *" instead of "void *
ok kettenis
deraadt [Sun, 10 Dec 2023 16:56:01 +0000 (16:56 +0000)]
Add a new label "sigcodecall" inside every sigtramp definition, directly
in front of the syscall instruction. This is used to calculate the start
of the syscall for SYS_sigreturn and pinned system calls.
ok kettenis
deraadt [Sun, 10 Dec 2023 16:45:50 +0000 (16:45 +0000)]
Populate the non-LOAD openbsd.syscalls section (and PT_OPENBSD_SYSCALL)
with {uint offset, uint syscall#} entries in libc & ld.so.
In libc a few syscall# entries (break, sigprocmask, _tfork, _threxit)
are duplicated because additional or inline uses occur (that situation
is handled elsewhere)
ok kettenis
job [Sun, 10 Dec 2023 14:18:23 +0000 (14:18 +0000)]
Since errno isn't used here, use warnx() instead of warn()
OK tb@
ratchov [Sun, 10 Dec 2023 06:32:14 +0000 (06:32 +0000)]
Skip interfaces already claimed by other uaudio(4) instances.
Fixes support of devices that attach multiple uaudio(4) drivers.
Every uaudio(4) instance parses the full set of device descriptors
because there are multiple interfaces per driver instance. If there is
a second uaudio(4) instance (i.e. a second control & stream interfaces
combo), the latter must skip the interfaces already used by the first
one (if it didn't, multiple uaudio(4) would try to use the same
interface and neither would work).
Help from and ok armani@.
jca [Sat, 9 Dec 2023 23:00:11 +0000 (23:00 +0000)]
Add basic write support for 'pax' format archives
Keep writing archives in ustar format by default. People can test the
posix 'pax' format using pax(1) -w -x pax ... or cpio -o -H pax ...;
tar(1) can't exercise this code yet. Only long names file and link
names are supported for now.
With input and tests from caspar@, ok millert@
ratchov [Sat, 9 Dec 2023 22:12:03 +0000 (22:12 +0000)]
Fix wrong call to slot->ops->exit() causing server to abort.
ok kn@
jan [Sat, 9 Dec 2023 10:36:05 +0000 (10:36 +0000)]
vio(4) add recv TCP/UDP checksum offloading
tested on Linux/KVM
tested on proxmox and vultr by florian
ok florian
job [Sat, 9 Dec 2023 00:44:18 +0000 (00:44 +0000)]
Following a failed fetch, use a previously cached and valid Manifest
RPKI Manifests enable Relying Parties (RPs) to detect replay attacks,
unauthorized in-flight modification, or deletion of signed objects. RPs
can accomplish these security functions by comparing (what is expected
to be) a monotonically increasing counter (the 'manifestNumber') - to
determine what the latest Manifest is; a list of filenames - in order to
establish whether the complete set of files was fetched; and a list of
SHA256 message digests to ascertain whether the content's of said files
are exactly the same as the CA intended them to be.
Over time, two schools of thought arose. One philosophy is that the
highest numbered cryptographically valid Manifest represents the express
intent of the CA, so if manifest-listed files are missing, someone
upstream messed up and gets to enjoy the broken pieces. After all, RFC
9286 section 5.2 puts the onus firmly on the repository operator to
publish in a consistent manner. Here, "consistent" means that newly
issued manifests - in the same RRDP delta - are bundled together with
all new or changed ROAs, and that remote RSYNC repositories are
atomically updated (for example, using symlink pivots).
To overcome various types of inconsistent, transient, or intermediate
states of the remote publication point - previous versions of rpki-client
did construct the full CARepository state using a mix of objects from both
its local validated cache and the RRDP/RSYNC staging directories
(which contain purported new versions of the objects).
However, another take on RFC 9286 section 6.6's "use cached versions of
the objects" is that 'the objects' not only refers to the listed
subordinate products (such as ROAs/Certificates/ASPAs), but also to
Manifests themselves. The philosophy being that lower numbered
cryptographically valid Manifests with a complete & untampered set of
files are to be preferred over a higher numbered cryptographically valid
Manifests accompanied by incomplete sets of files. Consequently -
potentially - producing more stable VRP outputs, at the expense of being
magnanimous towards sloppy CAs and repository operators.
Going forward, rpki-client logs errors when inconsistent publications
are encountered, but also proceeds to use older cryptographically valid
Manifests (from previous successful fetches) in order to construct
the tree.
With and OK tb@, and also thanks to Ties de Kock from RIPE NCC.
mvs [Fri, 8 Dec 2023 23:15:44 +0000 (23:15 +0000)]
Add spaces around '='. style(9) fix, no functional changes.
mvs [Fri, 8 Dec 2023 23:13:40 +0000 (23:13 +0000)]
Introduce `sc_mtx' mutex(9) to protect the most of pflow_softc
structure. Protect the `send_nam', `sc_flowsrc' and `sc_flowdst'
pflow_softc members by existing `sc_lock' rwlock(9).
This partially fixes locking inconsistency of pflow_softc. The following
work will be done with separate diffs.
Also, pass `sc' instead of NULL to pflow_get_mbuf() while calling from
pflow_sendout_ipfix_tmpl(). This fixes the NULL dereference.
ok bluhm@
miod [Fri, 8 Dec 2023 19:14:36 +0000 (19:14 +0000)]
Make sure TIB_INIT correctly initializes tib_thread_flags; regression
introduced in 1.3, causing sporadic pthread_main_np() erroneous results
(and possibly more subtle problems).
With and ok kurt@
deraadt [Fri, 8 Dec 2023 13:58:41 +0000 (13:58 +0000)]
PT_OPENBSD_SYSCALLS is an extension that points to non-LOAD section
which contains {offset,syscall#} structures.
ok kettenis
deraadt [Fri, 8 Dec 2023 12:58:27 +0000 (12:58 +0000)]
locally us MAXIMUM() rather than MAX()
ok tb gnezdo
markus [Fri, 8 Dec 2023 09:18:39 +0000 (09:18 +0000)]
prevent leak in sshsig_match_principals; ok djm@
tb [Fri, 8 Dec 2023 08:30:04 +0000 (08:30 +0000)]
Add regress coverage for OBJ_NAME_do_all*()
While this may seem a bit out of place since is an objects API by name,
it really is about EVP. Plus, we want to leverage some things we already
needed for the EVP_*do_all() API (which currently wraps OBJ_NAME_do_all*
but that will change soon).