openbsd
8 months agoFix a potential NULL-deref in EVP_PKEY_keygen()
tb [Fri, 12 Apr 2024 02:56:15 +0000 (02:56 +0000)]
Fix a potential NULL-deref in EVP_PKEY_keygen()

After a EVP_PKEY_new() failure, a NULL pointer would be passed to the
keygen pmeth, which could result in tears.

ok beck jsing

8 months agognu/cvs: avoid a harmless configure warning
tb [Fri, 12 Apr 2024 02:51:52 +0000 (02:51 +0000)]
gnu/cvs: avoid a harmless configure warning

Ever since the prehistoric zlib was removed last fall, the configure script
would complain because of a missing file:
sed: 0: /usr/src/gnu/usr.bin/cvs/zlib/Makefile.in: No such file or directory

noticed by deraadt
ok bluhm

8 months agofix non-auto setting of extended media type bits
jsg [Fri, 12 Apr 2024 01:54:21 +0000 (01:54 +0000)]
fix non-auto setting of extended media type bits
found by smatch warning about uninitialised var use
ok jmatthew@

8 months agoRegen
kevlo [Fri, 12 Apr 2024 00:44:07 +0000 (00:44 +0000)]
Regen

8 months agoAdd support for CH343 uart.
kevlo [Fri, 12 Apr 2024 00:43:32 +0000 (00:43 +0000)]
Add support for CH343 uart.
The CH343 devices support any baud rate up to 6 Mbps.

ok miod@

8 months agocorrect value of XFEATURE_AMX
jsg [Thu, 11 Apr 2024 23:00:13 +0000 (23:00 +0000)]
correct value of XFEATURE_AMX
ok miod@ guenther@

8 months agoStop making <machine/pmap.h> include <machine/pte.h>, and fix the very few
miod [Thu, 11 Apr 2024 18:58:44 +0000 (18:58 +0000)]
Stop making <machine/pmap.h> include <machine/pte.h>, and fix the very few
files which really need <machine/pte.h> guts.

8 months agoRemove repeated type declaration that makes bison unhappy
tb [Thu, 11 Apr 2024 18:07:55 +0000 (18:07 +0000)]
Remove repeated type declaration that makes bison unhappy

Fixes: https://github.com/openbgpd-portable/openbgpd-portable/issues/77

ok claudio

8 months agoFix previous: it should not have removed the "max_softdeps" entry
otto [Thu, 11 Apr 2024 16:31:30 +0000 (16:31 +0000)]
Fix previous: it should not have removed the "max_softdeps" entry
to keep the indexes consistent. ok deraadt@

8 months agoPrevent changing interface loopback flag from userland.
bluhm [Thu, 11 Apr 2024 15:08:18 +0000 (15:08 +0000)]
Prevent changing interface loopback flag from userland.

IFF_LOOPBACK is telling userland the behaviour of a specific driver,
it is supposed to be static and permanent.  Clearing the loopback
flag on lo0 could lead to a kernel crash due to inconsistent multicast
igmp group.

Reported-by: syzbot+2f24ed6c8ddb2d6bb22c@syzkaller.appspotmail.com
OK claudio@ deraadt@

8 months agoDon't take solock() in soreceive() for SOCK_RAW inet sockets.
mvs [Thu, 11 Apr 2024 13:32:51 +0000 (13:32 +0000)]
Don't take solock() in soreceive() for SOCK_RAW inet sockets.

For inet sockets solock() is the netlock wrapper, so soreceive() could
be performed simultaneous with exclusively locked code paths.

These sockets are not connection oriented, they don't call pru_rcvd(),
they can't be spliced, they don't set `so_error'. Nothing to protect
with solock() in soreceive() path.

`so_rcv' buffer protected by `sb_mtx' mutex(9), but since it released,
sblock() required to serialize concurrent soreceive() and sorflush()
threads. Current sblock() is some kind of rwlock(9) implementation, so
introduce `sb_lock' rwlock(9) and use it directly for that purpose.

The sorflush() and callers were refactored to avoid solock() for raw
inet sockets. This was done to avoid packet processing stop.

Tested and ok bluhm.

8 months agoTake solock_shared() in soo_stat().
mvs [Thu, 11 Apr 2024 08:33:37 +0000 (08:33 +0000)]
Take solock_shared() in soo_stat().

Only unix(4) and tcp(4) sockets set (*pru_sence)() handler. The rest of
soo_stat() is the read only access.

ok bluhm

8 months agoUse != NULL for pointer check. No binary change.
claudio [Thu, 11 Apr 2024 08:33:15 +0000 (08:33 +0000)]
Use != NULL for pointer check. No binary change.

8 months agoRemove parentheses after return
tb [Thu, 11 Apr 2024 06:49:19 +0000 (06:49 +0000)]
Remove parentheses after return

This file was very undecided what style to choose and often changed its
mind in the middle of a function. No change in the generated assembly.

8 months agoMatch on ConnectX-6 virtual functions too, since they don't seem to be
jmatthew [Thu, 11 Apr 2024 06:42:12 +0000 (06:42 +0000)]
Match on ConnectX-6 virtual functions too, since they don't seem to be
any different to earlier revisions.

from Brad

8 months agoRework internal tm_to_*() converters
tb [Thu, 11 Apr 2024 06:42:09 +0000 (06:42 +0000)]
Rework internal tm_to_*() converters

Make them static. Don't make them allocate if passed a NULL ASN1_TIME to
avoid leaks. This currently means that we accept a NULL and succeed. That's
very ugly but better than what we have now.

Simplify ASN1_TIME_set_string_internal() accordingly and allocate an
ASN1_TIME at the API boundary of ASN1_TIME_adj_internal() and of
ASN1_TIME_to_generalized_time().

ok beck (after a lot of squealing and distress)

8 months agoAdd support for media types from the extended ethernet capabilities fields.
jmatthew [Thu, 11 Apr 2024 05:30:55 +0000 (05:30 +0000)]
Add support for media types from the extended ethernet capabilities fields.
If none of the regular ethernet capabilities are present, check the extended
capabilities.  Since we only report that the link is active if there's a
detected media type, this isn't just a cosmetic change.

Joerg Streckfuss reported that a gigabit SFP didn't work in a ConnectX-6 Lx,
and tested that this change makes it work.

ok dlg@

8 months agodrm/i915/gt: Enable only one CCS for compute workload
jsg [Thu, 11 Apr 2024 03:40:05 +0000 (03:40 +0000)]
drm/i915/gt: Enable only one CCS for compute workload

From Andi Shyti
a7ff84a6fe5ae8889a5f1c97008358836bd7f947 in linux-6.6.y/6.6.26
6db31251bb265813994bfb104eb4b4d0f44d64fb in mainline linux

8 months agodrm/i915/gt: Do not generate the command streamer for all the CCS
jsg [Thu, 11 Apr 2024 03:35:18 +0000 (03:35 +0000)]
drm/i915/gt: Do not generate the command streamer for all the CCS

From Andi Shyti
726ff623869ddc3de887d99296cac3c849061b21 in linux-6.6.y/6.6.26
ea315f98e5d6d3191b74beb0c3e5fc16081d517c in mainline linux

8 months agodrm/i915/gt: Disable HW load balancing for CCS
jsg [Thu, 11 Apr 2024 03:33:42 +0000 (03:33 +0000)]
drm/i915/gt: Disable HW load balancing for CCS

From Andi Shyti
c1f7ce2a11a945044d9d5556e638efdca70fb321 in linux-6.6.y/6.6.26
bc9a1ec01289e6e7259dc5030b413a9c6654a99a in mainline linux

8 months agodrm/prime: Unbreak virtgpu dma-buf export
jsg [Thu, 11 Apr 2024 03:31:39 +0000 (03:31 +0000)]
drm/prime: Unbreak virtgpu dma-buf export

From Rob Clark
cc4d9f0597ee1f1f94323611ae5d7473ddf2a99a in linux-6.6.y/6.6.26
a4ec240f6b7c21cf846d10017c3ce423a0eae92c in mainline linux

8 months agodrm/amd: Flush GFXOFF requests in prepare stage
jsg [Thu, 11 Apr 2024 03:29:26 +0000 (03:29 +0000)]
drm/amd: Flush GFXOFF requests in prepare stage

From Mario Limonciello
3da10e91ecd24c49dd80e73f5ca86166f90dcfe1 in linux-6.6.y/6.6.26
ca299b4512d4b4f516732a48ce9aa19d91f4473e in mainline linux

8 months agodrm/amd: Add concept of running prepare_suspend() sequence for IP blocks
jsg [Thu, 11 Apr 2024 03:27:39 +0000 (03:27 +0000)]
drm/amd: Add concept of running prepare_suspend() sequence for IP blocks

From Mario Limonciello
da67a1139f054fc59c9c18f135729bc16aef93d4 in linux-6.6.y/6.6.26
cb11ca3233aa3303dc11dca25977d2e7f24be00f in mainline linux

8 months agodrm/amd: Evict resources during PM ops prepare() callback
jsg [Thu, 11 Apr 2024 03:24:40 +0000 (03:24 +0000)]
drm/amd: Evict resources during PM ops prepare() callback

From Mario Limonciello
8b5f720486ca87e102ee722a73ae0894c12f1e7a in linux-6.6.y/6.6.26
5095d5418193eb2748c7d8553c7150b8f1c44696 in mainline linux

8 months agodrm/amd/display: Prevent crash when disable stream
jsg [Thu, 11 Apr 2024 03:20:22 +0000 (03:20 +0000)]
drm/amd/display: Prevent crash when disable stream

From Chris Park
4356a2c3f296503c8b420ae8adece053960a9f06 in linux-6.6.y/6.6.26
72d72e8fddbcd6c98e1b02d32cf6f2b04e10bd1c in mainline linux

8 months agodrm/amd/display: Fix DPSTREAM CLK on and off sequence
jsg [Thu, 11 Apr 2024 03:18:45 +0000 (03:18 +0000)]
drm/amd/display: Fix DPSTREAM CLK on and off sequence

From Dmytro Laktyushkin
8dc9a27589a9bf5f0a7eb517543411adc185e957 in linux-6.6.y/6.6.26
e8d131285c98927554cd007f47cedc4694bfedde in mainline linux

8 months agodrm/i915/mtl: Update workaround 14018575942
jsg [Thu, 11 Apr 2024 03:16:35 +0000 (03:16 +0000)]
drm/i915/mtl: Update workaround 14018575942

From Tejas Upadhyay
2564623ee0da92ed7f8a87aa3758cbf2c46257bb in linux-6.6.y/6.6.26
186bce682772e7346bf7ced5325b5f4ff050ccfb in mainline linux

8 months agodrm/i915/xelpg: Extend some workarounds/tuning to gfx version 12.74
jsg [Thu, 11 Apr 2024 03:15:02 +0000 (03:15 +0000)]
drm/i915/xelpg: Extend some workarounds/tuning to gfx version 12.74

From Matt Roper
798781b43194c6d2bdea0c4ded660f3135c484d3 in linux-6.6.y/6.6.26
c44d4ef47fdad0a33966de89f9064e19736bb52f in mainline linux

8 months agodrm/i915/mtl: Update workaround 14016712196
jsg [Thu, 11 Apr 2024 03:13:06 +0000 (03:13 +0000)]
drm/i915/mtl: Update workaround 14016712196

From Tejas Upadhyay
338db8193cb2dd93544ac445a7b4b4a7f77094ad in linux-6.6.y/6.6.26
7467e1da906468bcbd311023b30708193103ecf9 in mainline linux

8 months agodrm/i915: Replace several IS_METEORLAKE with proper IP version checks
jsg [Thu, 11 Apr 2024 03:11:25 +0000 (03:11 +0000)]
drm/i915: Replace several IS_METEORLAKE with proper IP version checks

From Matt Roper
ec84b2a44b057b2c51ed9f670b92690904e1106c in linux-6.6.y/6.6.26
14128d64090fa88445376cb8ccf91c50c08bd410 in mainline linux

8 months agodrm/i915: Eliminate IS_MTL_GRAPHICS_STEP
jsg [Thu, 11 Apr 2024 03:09:31 +0000 (03:09 +0000)]
drm/i915: Eliminate IS_MTL_GRAPHICS_STEP

From Matt Roper
b3749611a5e51188d17b4898eed8ecea571bc539 in linux-6.6.y/6.6.26
5a213086a025349361b5cf75c8fd4591d96a7a99 in mainline linux

8 months agodrm/i915/xelpg: Call Xe_LPG workaround functions based on IP version
jsg [Thu, 11 Apr 2024 03:06:59 +0000 (03:06 +0000)]
drm/i915/xelpg: Call Xe_LPG workaround functions based on IP version

From Matt Roper
18e77951e14a73f75d269e54b90c648b1e18b66e in linux-6.6.y/6.6.26
f7696ded7c9e358670dae1801660f442f059c7db in mainline linux

8 months agodrm/i915: Consolidate condition for Wa_22011802037
jsg [Thu, 11 Apr 2024 03:04:44 +0000 (03:04 +0000)]
drm/i915: Consolidate condition for Wa_22011802037

From Matt Roper
67f7fba8a08608cfd42ab354b79df56e9fee8856 in linux-6.6.y/6.6.26
28c46feec7f8760683ef08f12746630a3598173e in mainline linux

8 months agodrm/i915: Tidy workaround definitions
jsg [Thu, 11 Apr 2024 03:02:42 +0000 (03:02 +0000)]
drm/i915: Tidy workaround definitions

From Matt Roper
6b25099eea4b65ba3b750ce49fa1a9a13d158046 in linux-6.6.y/6.6.26
f1c805716516f9e648e13f0108cea8096e0c7023 in mainline linux

8 months agodrm/i915/dg2: Drop pre-production GT workarounds
jsg [Thu, 11 Apr 2024 03:01:04 +0000 (03:01 +0000)]
drm/i915/dg2: Drop pre-production GT workarounds

From Matt Roper
0a9901fdb7bb785ec4975aeeebc1428e3abae172 in linux-6.6.y/6.6.26
eaeb4b3614529bfa8a7edfdd7ecf6977b27f18b2 in mainline linux

8 months agodrm/i915: Pre-populate the cursor physical dma address
jsg [Thu, 11 Apr 2024 02:58:50 +0000 (02:58 +0000)]
drm/i915: Pre-populate the cursor physical dma address

From Ville Syrjala
cc696ce93089e3e1bc28d749aee321a37cabe4bd in linux-6.6.y/6.6.26
582dc04b0658ef3b90aeb49cbdd9747c2f1eccc3 in mainline linux

8 months agodrm/i915/display: Use i915_gem_object_get_dma_address to get dma address
jsg [Thu, 11 Apr 2024 02:56:48 +0000 (02:56 +0000)]
drm/i915/display: Use i915_gem_object_get_dma_address to get dma address

From Maarten Lankhorst
2c07e2437a3e98027c049ca560e4b6e39a975089 in linux-6.6.y/6.6.26
7054b551de18e9875fbdf8d4f3baade428353545 in mainline linux

8 months agoMake TCP debug code MP safe.
bluhm [Wed, 10 Apr 2024 22:24:07 +0000 (22:24 +0000)]
Make TCP debug code MP safe.

Protect the global variables in TCP debug code with global mutex.
Add a missing include and also fix the -Wunused-but-set-variable
warning.

OK mvs@

8 months agoMove global variables for TCP debug onto the tcp_input() stack.
bluhm [Wed, 10 Apr 2024 22:10:03 +0000 (22:10 +0000)]
Move global variables for TCP debug onto the tcp_input() stack.

OK mvs@

8 months agoImplement TCP Segmentation Offload for vio(4)
jan [Wed, 10 Apr 2024 19:55:50 +0000 (19:55 +0000)]
Implement TCP Segmentation Offload for vio(4)

Tested by Brian Conway and bluhm
With tweaks from bluhm

ok bluhm

8 months agoWhen rewriting an ELF header (i.e. in strip and objcopy), keep the
miod [Wed, 10 Apr 2024 19:43:16 +0000 (19:43 +0000)]
When rewriting an ELF header (i.e. in strip and objcopy), keep the
.openbsd.syscalls section with the PT_OPENBSD_SYSCALLS phdr, even though is
does not have the ALLOC flag; otherwise the phdr gets rewritten with a size
of zero, which prevents the binary from working.

ok kettenis@

8 months agosymbols test: Remove a few things that are long gone
tb [Wed, 10 Apr 2024 16:12:10 +0000 (16:12 +0000)]
symbols test: Remove a few things that are long gone

8 months agoUse km_alloc(9) to allocate USPACE instead of uvm_pglistalloc(9).
mpi [Wed, 10 Apr 2024 15:38:11 +0000 (15:38 +0000)]
Use km_alloc(9) to allocate USPACE instead of uvm_pglistalloc(9).

ok miod@

8 months agoUse uvmpd_dropswap() in the case of swap shortage.
mpi [Wed, 10 Apr 2024 15:26:18 +0000 (15:26 +0000)]
Use uvmpd_dropswap() in the case of swap shortage.

ok kn@, kettenis@, miod@

8 months agoCall uao_dropswap() instead of rerolling it.
mpi [Wed, 10 Apr 2024 15:25:14 +0000 (15:25 +0000)]
Call uao_dropswap() instead of rerolling it.

ok kn@, kettenis@, miod@

8 months agoRe-guard the crypto_malloc macros.
beck [Wed, 10 Apr 2024 15:13:23 +0000 (15:13 +0000)]
Re-guard the crypto_malloc macros.

accidentally not included in crypto.h commit

requested and ok tb@

8 months agoRemove the prototype of BN_gcd_nonct()
tb [Wed, 10 Apr 2024 15:09:03 +0000 (15:09 +0000)]
Remove the prototype of BN_gcd_nonct()

8 months agoHide deprecated functions in ec.h
beck [Wed, 10 Apr 2024 15:01:31 +0000 (15:01 +0000)]
Hide deprecated functions in ec.h

use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard

ok tb@

8 months agoHide deprecated functions in evp.h
beck [Wed, 10 Apr 2024 15:00:38 +0000 (15:00 +0000)]
Hide deprecated functions in evp.h

use LCRYPTO_UNUSED and remove the LIBRESSL_INTERNAL guard around them.

ok tb@

8 months agoAdd HMAC_init and HMAC_CTX_reset to Symbols.namespace.
beck [Wed, 10 Apr 2024 14:59:39 +0000 (14:59 +0000)]
Add HMAC_init and HMAC_CTX_reset to Symbols.namespace.

ok tb@

8 months agoHide symbols in bn.h
beck [Wed, 10 Apr 2024 14:58:06 +0000 (14:58 +0000)]
Hide symbols in bn.h

Mark them LCRYPTO_UNUSED appropriately and remove the LIBRESSL_INTERNAL
guards around them

ok tb@

8 months agoHide a couple of LCRYPTO_UNUSED in asn1.h
beck [Wed, 10 Apr 2024 14:55:12 +0000 (14:55 +0000)]
Hide a couple of LCRYPTO_UNUSED in asn1.h

and remove the LIBRESSL_INTERNAL guards around them

ok tb@

8 months agoAdd RC2 symbols to Symbols.namespace.
beck [Wed, 10 Apr 2024 14:54:13 +0000 (14:54 +0000)]
Add RC2 symbols to Symbols.namespace.

These got missed when they were hidden

ok tb@

8 months agoFinish hiding symbols in rand.h
beck [Wed, 10 Apr 2024 14:53:01 +0000 (14:53 +0000)]
Finish hiding symbols in rand.h

This removes the LIBRESSL_INTERNAL guards and marks
the functions within as LCRYPTO_UNUSED

8 months agoFinish Hiding symbols in crypto.h
beck [Wed, 10 Apr 2024 14:51:02 +0000 (14:51 +0000)]
Finish Hiding symbols in crypto.h

crypto.h already had the symbols not hidden behind LIBRESSL_INTERNAL
hidden - This now picks up the reset of them marking them as
LCRYPTO_UNUSED, and removes the LIBRESSL_INTERNAL guard.

These symbols will now be hidden, but if we use them inside
the library in a namespaced build we will get a deprecation
warning. use outside the library will be as with any other hidden
symbol, so fine.

ok tb@

8 months agoremove unused hton[ls] functions from libkern
naddy [Wed, 10 Apr 2024 13:59:05 +0000 (13:59 +0000)]
remove unused hton[ls] functions from libkern

These have been superseded by inlines from endian.h.

ok miod@ mpi@

8 months agovmctl: fix incorrect scaling when converting disk images.
dv [Wed, 10 Apr 2024 13:03:41 +0000 (13:03 +0000)]
vmctl: fix incorrect scaling when converting disk images.

ctl_convert still had old logic assuming disk sizes were in MiB and
not bytes, causing an attempt to create a new disk using the '-i'
argument to generate impossibly large output disk images (e.g. 1 MiB
ends up 1 TiB).

Reported by and diff from Jesper Wallin.

8 months agoRemove `head' socket re-locking in sonewconn().
mvs [Wed, 10 Apr 2024 12:04:41 +0000 (12:04 +0000)]
Remove `head' socket re-locking in sonewconn().

uipc_attach() releases solock() because it should be taken after
`unp_gc_lock' rwlock(9) which protects the `unp_link' list. For this
reason, the listening `head' socket should be unlocked too while
sonewconn() calls uipc_attach(). This could be reworked because now
`so_rcv' sockbuf relies on `sb_mtx' mutex(9).

The last one `unp_link' foreach loop within unp_gc() discards sockets
previously marked as UNP_GCDEAD. These sockets are not accessed from the
userland. The only exception is the sosend() threads of connected
sending peers, but they only sbappend*() mbuf(9) to `so_rcv'. So it's
enough to unlink mbuf(9) chain with `sb_mtx' held and discard lockless.

Please note, the existing SS_NEWCONN_WAIT logic was never used because
the listening unix(4) socket protected from concurrent unp_detach() by
vnode(9) lock, however `head' re-locked all times.

ok bluhm

8 months agoRemove obsolete headers.
mglocker [Wed, 10 Apr 2024 10:40:27 +0000 (10:40 +0000)]
Remove obsolete headers.

Spotted by jsg@

8 months agoUnlock dosigsuspend() and with that some aspects of ppoll and pselect
claudio [Wed, 10 Apr 2024 10:05:26 +0000 (10:05 +0000)]
Unlock dosigsuspend() and with that some aspects of ppoll and pselect

Change p_sigmask from atomic back to non-atomic updates. All changes to
p_sigmask are only allowed by curproc (the owner). There is no need for
atomic instructions here.

p_sigmask is mostly accessed by curproc with the exception of ptsignal().
In ptsignal() p_sigmask is now only read once unless a SSLEEP proc gets
the signal. In that case recheck the p_sigmask before wakeup to ensure
that no unnecessary wakeup happens.

Add some KASSERT(p == curproc) to ensure this precondition.
sigabort() is special since it is also called by ddb but apart from that
only works for curproc.

With and OK mvs@ OK mpi@

8 months agoRework the logic to not send double notifications in session_notification().
claudio [Wed, 10 Apr 2024 09:05:32 +0000 (09:05 +0000)]
Rework the logic to not send double notifications in session_notification().

last_sent_errcode is now cleared late (when state changes to ESTABLISHED)
and so notifications sent in the OPEN phase would be dropped after the
first incident. Using the session state to know if sending a message is
possible seems more robust and is what session_stop() uses as well.
For now log the notification which are not sent as 'dropping' to see how
often this happens.

OK tb@

8 months agoAdd an option allow-set-title to forbid applications from changing the
nicm [Wed, 10 Apr 2024 07:36:25 +0000 (07:36 +0000)]
Add an option allow-set-title to forbid applications from changing the
pane title, from someone in GitHub issue 3930.

8 months agoCorrect handling of mouse up events (don't ignore all but the last
nicm [Wed, 10 Apr 2024 07:29:15 +0000 (07:29 +0000)]
Correct handling of mouse up events (don't ignore all but the last
released button), and always process down event for double click. From
Rudy Dellomas III in GitHub issue 3919.

8 months agoDo not get muddled and crash if focusing a pane that is exiting,
nicm [Wed, 10 Apr 2024 07:15:21 +0000 (07:15 +0000)]
Do not get muddled and crash if focusing a pane that is exiting,
reported by Saul Nogueras in GitHub issue 3776.

8 months agovmm/vmd: add exception injection and refactor inject api.
dv [Tue, 9 Apr 2024 21:55:16 +0000 (21:55 +0000)]
vmm/vmd: add exception injection and refactor inject api.

In order to continue work on mmio and other instruction emulation,
vmd(8) needs the ability to inject exceptions (like page faults)
from userland.

Refactor the way events are injected from userland, cleaning up how
hardware (external) interrupts are injected in the process.

ok mlarkin@

8 months agoAdd ufshci(4) to pci(4). While there, add ahci(4) to acpi(4).
mglocker [Tue, 9 Apr 2024 20:18:37 +0000 (20:18 +0000)]
Add ufshci(4) to pci(4).  While there, add ahci(4) to acpi(4).

Suggested and ok jmc@

8 months agowhirlpool_test: avoid calling arc4random_uniform(0)
tb [Tue, 9 Apr 2024 18:12:11 +0000 (18:12 +0000)]
whirlpool_test: avoid calling arc4random_uniform(0)

This causes a SIGFPE on solaris
Fixes https://github.com/libressl/portable/issues/1042

8 months agowhirlpool_test: zap lots of trailing whitespace
tb [Tue, 9 Apr 2024 18:08:43 +0000 (18:08 +0000)]
whirlpool_test: zap lots of trailing whitespace

8 months agobn_convert: plug leak spotted by ASAN
tb [Tue, 9 Apr 2024 16:06:01 +0000 (16:06 +0000)]
bn_convert: plug leak spotted by ASAN

8 months agoSync removal of setsid(), setpgid() and a few dup2() from relayd. They are
tobhe [Tue, 9 Apr 2024 15:48:01 +0000 (15:48 +0000)]
Sync removal of setsid(), setpgid() and a few dup2() from relayd. They are
redundant since we call daemon() earlier.

ok bluhm@

8 months agomake(1): inline set_times() into Job_Touch()
cheloha [Tue, 9 Apr 2024 15:08:21 +0000 (15:08 +0000)]
make(1): inline set_times() into Job_Touch()

set_times() has one caller: Job_Touch().  set_times() is a thin
utimes(2) wrapper.  Using utimes(2) to reset a file's atime/mtime
to the current time is not cumbersome.

So, remove set_times() and just call utimes(2) directly.

Thread: https://marc.info/?l=openbsd-tech&m=171262211713835&w=2

ok kn@

8 months agoAdd a comment on abuse of EXFLAG_INVALID
tb [Tue, 9 Apr 2024 15:00:44 +0000 (15:00 +0000)]
Add a comment on abuse of EXFLAG_INVALID

We added things we probably shouldn't have, and so did BoringSSL and
OpenSSL. Terrible API is terrible.

discussed with jsing

8 months agoAdd initial regress for BN_set_bit(), BN_clear_bit() and BN_mask_bits().
jsing [Tue, 9 Apr 2024 14:59:57 +0000 (14:59 +0000)]
Add initial regress for BN_set_bit(), BN_clear_bit() and BN_mask_bits().

8 months agoAdd PCI support for ufshci(4). Tested on the Microsoft Surface Go 4.
mglocker [Tue, 9 Apr 2024 14:58:41 +0000 (14:58 +0000)]
Add PCI support for ufshci(4).  Tested on the Microsoft Surface Go 4.

CAVEATS:
The ufshci(4) openings need to be limited to 1 currently, otherwise
file system corruptions have been identified using PCI.  I hope this
can be fixed soon.

Help and ok jsg@, kettenis@

8 months agoAdd hidden conf.h, missed in an earlier commit
tb [Tue, 9 Apr 2024 14:57:28 +0000 (14:57 +0000)]
Add hidden conf.h, missed in an earlier commit

8 months agoAdd regress coverage for BN_bn2mpi()/BN_mpi2bn().
jsing [Tue, 9 Apr 2024 14:56:21 +0000 (14:56 +0000)]
Add regress coverage for BN_bn2mpi()/BN_mpi2bn().

8 months agoHide symbols in conf.h
beck [Tue, 9 Apr 2024 13:56:29 +0000 (13:56 +0000)]
Hide symbols in conf.h

This guentherizes the public symbols from conf.h

ok tb@

8 months agoPlug leaks in ASN1_TIME_set_string_internal()
tb [Tue, 9 Apr 2024 13:56:00 +0000 (13:56 +0000)]
Plug leaks in ASN1_TIME_set_string_internal()

This API can be called with s == NULL, in which case the tm_to_*()
functions helpfully allocate a new s and then leak. This is a rather
ugly fix to make portable ASAN regress happy again, the better fix
will be to rewrite the tm_to_*() functions and adjust their callers.
That is more intrusive and will be done in a later pass.

ok bcook jsing

8 months agoHide public symbols in x509.h
beck [Tue, 9 Apr 2024 13:55:02 +0000 (13:55 +0000)]
Hide public symbols in x509.h

This picks up most of the remaining public symbols in
x509.h

ok tb@

8 months agoHide public symbols in evp.h
beck [Tue, 9 Apr 2024 13:52:41 +0000 (13:52 +0000)]
Hide public symbols in evp.h

largely mechanically done by the guentherizer 9000

ok tb@

8 months agoRename EVP_aes_XXX_cfb to EVP_aes_XXX_cfb128.
beck [Tue, 9 Apr 2024 13:48:51 +0000 (13:48 +0000)]
Rename EVP_aes_XXX_cfb to EVP_aes_XXX_cfb128.

For consitency with everything else.

ok tb@

8 months agoDon't include net/art.h in net/rtable.h instead let the two users
claudio [Tue, 9 Apr 2024 12:53:08 +0000 (12:53 +0000)]
Don't include net/art.h in net/rtable.h instead let the two users
include the file themselves.
OK bluhm@ mpi@

8 months agoLimit the number of provider ASnumbers to MAX_ASPA_SPAS_COUNT (10'000)
claudio [Tue, 9 Apr 2024 12:40:01 +0000 (12:40 +0000)]
Limit the number of provider ASnumbers to MAX_ASPA_SPAS_COUNT (10'000)
in the parser as well.

OK tb@

8 months agoIncrease RTR PDU limit to 48k and limit number of SPAS to 10'000.
claudio [Tue, 9 Apr 2024 12:09:19 +0000 (12:09 +0000)]
Increase RTR PDU limit to 48k and limit number of SPAS to 10'000.

PDU larger then 48k will result in a session reset while ASPA records
with more than 10'000 entries will be implicitly withdrawn.

Also truncate RTR error PDUs to only include 256 bytes of the faulty PDU.
It makes no sense to include more to identify the issue.
OK tb@

8 months agoCheck that the ASPA tas array fits in an IMSG before sending the ASPA
claudio [Tue, 9 Apr 2024 12:05:07 +0000 (12:05 +0000)]
Check that the ASPA tas array fits in an IMSG before sending the ASPA
record over to RTR or the RDE.

The long term goal is to increase the IMSG size considerably but that
requires some additional API changes to the imsg API.
OK tb@

8 months agoreduce diff to linux
jsg [Tue, 9 Apr 2024 11:20:10 +0000 (11:20 +0000)]
reduce diff to linux

8 months agoRemove the "cubie" miniroot. There are far more popular armv7 boards
kettenis [Tue, 9 Apr 2024 11:13:51 +0000 (11:13 +0000)]
Remove the "cubie" miniroot.  There are far more popular armv7 boards
with Allwinner SoCs and the presence of this particular miniroot is making
it hard to update U-Boot.

ok jsg@

8 months agoPlug route leak in IP output.
bluhm [Tue, 9 Apr 2024 11:05:05 +0000 (11:05 +0000)]
Plug route leak in IP output.

If no struct route is passed to ip_output() or ip6_output(), it
uses its own iproute on the stack.  In that case any route entry
in the local route cache has to be freed.  After pf decides to
reroute, struct route is reset to NULL.  Then the route reference
counter has to be released.  Call rtfree() without needless NULL
check.

OK mvs@

8 months agoAdd a capability enforcement integration test.
claudio [Tue, 9 Apr 2024 09:35:57 +0000 (09:35 +0000)]
Add a capability enforcement integration test.

This should ensure that no / yes and enforce work the way we want.

8 months agoAdd capability announce enforcement test and fixup some other result files
claudio [Tue, 9 Apr 2024 09:33:46 +0000 (09:33 +0000)]
Add capability announce enforcement test and fixup some other result files
since the role capability is now shown in more cases.

8 months agoAllow operators to enforce the presence of certain capabilities on sessions.
claudio [Tue, 9 Apr 2024 09:03:18 +0000 (09:03 +0000)]
Allow operators to enforce the presence of certain capabilities on sessions.

For simple capabilities this just adds enforce to the yes/no option of the
announce statement. For multi-protocol capabilities and add-path there is
an extra keyword. On top of this for add-path the enforcement requires the
neighbor to send a matching capability, e.g
'announce add-path recv enforce' requires the other side to send any
'announce add-path send XYZ' capability.

This is mainly to enforce as-4byte and extra multi-protocol capabilities.

OK denis@ tb@

8 months agoClean up Symbols.namespace
beck [Tue, 9 Apr 2024 01:39:27 +0000 (01:39 +0000)]
Clean up Symbols.namespace

These did not get removed from here when they got removed
from Symbols.list after a major bump.

ok tb@

8 months agoregen
jsg [Tue, 9 Apr 2024 01:23:58 +0000 (01:23 +0000)]
regen

8 months agomore Intel DG2 graphics ids
jsg [Tue, 9 Apr 2024 01:22:19 +0000 (01:22 +0000)]
more Intel DG2 graphics ids

from ark.intel.com and github.com/intel/compute-runtime

8 months agodrm/i915: ATS-M device ID update
jsg [Tue, 9 Apr 2024 01:14:35 +0000 (01:14 +0000)]
drm/i915: ATS-M device ID update

From Haridhar Kalvala
5032c607e886e0c40749a05d37b835c1757d38ff in mainline linux

8 months agodrm/i915: Add new PCI IDs to DG2 platform in driver
jsg [Tue, 9 Apr 2024 00:56:48 +0000 (00:56 +0000)]
drm/i915: Add new PCI IDs to DG2 platform in driver

From Ravi Kumar Vodapalli
in drm-intel-next

8 months agodrm/i915: Add new DG2 PCI IDs
jsg [Tue, 9 Apr 2024 00:52:10 +0000 (00:52 +0000)]
drm/i915: Add new DG2 PCI IDs

From Shekhar Chauhan
d0c908d2978e0ef3c1ac1357c1c58224a153f8d4 in mainline linux

8 months agoRemove notBefore and notAfter cacheing.
beck [Mon, 8 Apr 2024 23:46:21 +0000 (23:46 +0000)]
Remove notBefore and notAfter cacheing.

This cache was added because our time conversion used timegm()
and gmtime() which aren't very cheap. These calls were noticably
expensive when profiling things like rpki-client which do many
X.509 validations.

Now that we convert times using julien seconds from the unix
epoch, BoringSSL style, instead of a julien days from a
Byzantine date, we no longer use timegm() and gmtime().

Since the julien seconds calculaitons are cheap for conversion,
we don't need to bother caching this, it doesn't have a noticable
performance impact.

While we are at this correct a bug where
x509_verify_asn1_time_to_time_t was not NULL safe.

Tested for performance regressions by tb@ and job@

ok tb@ job@

8 months agoRemove spaces before tabs
tb [Mon, 8 Apr 2024 20:47:32 +0000 (20:47 +0000)]
Remove spaces before tabs

8 months agoStop redeclaring ENTRY, the <machine/asm.h> flavour is as good as we need it.
miod [Mon, 8 Apr 2024 20:09:18 +0000 (20:09 +0000)]
Stop redeclaring ENTRY, the <machine/asm.h> flavour is as good as we need it.
While there, replace inlined NENTRY by actual use of that macro.

ok kettenis@