openbsd
2 years agoSwitch the rde_peer hashtable and peer list to a single RB tree.
claudio [Thu, 1 Sep 2022 13:23:24 +0000 (13:23 +0000)]
Switch the rde_peer hashtable and peer list to a single RB tree.
Only the RDE used a hashtable for lookups while the session engine
switched from a list to RB tree some time ago.
Use peer_foreach() in the mrt code instead of passing the peer list
as an argument.
OK benno@ tb@

2 years agoThis code no longer needs siphash.h and also cleanup some leftover
claudio [Thu, 1 Sep 2022 13:19:11 +0000 (13:19 +0000)]
This code no longer needs siphash.h and also cleanup some leftover
prototypes and members that were not removed in the previous RB tree
conversions.
OK benno@ tb@

2 years agothe VNDIOCSET ioctl path handling bypassed the unveil, so root (or .operator)
deraadt [Thu, 1 Sep 2022 12:28:53 +0000 (12:28 +0000)]
the VNDIOCSET ioctl path handling bypassed the unveil, so root (or .operator)
could read a file outside the space.
ok semarie benno tb

2 years agoFix logic bug
kn [Thu, 1 Sep 2022 08:52:30 +0000 (08:52 +0000)]
Fix logic bug

USE_SOFTRAID=Yes means the softraid volume itself *does* need to be
formatted.

2 years agoDelete force CHS remnants here too.
krw [Thu, 1 Sep 2022 08:18:20 +0000 (08:18 +0000)]
Delete force CHS remnants here too.

Makes file identical to amd64 version again.

ok mlarkin@

2 years agoremove exec_makecmds() and exec_runcmds() prototypes
jsg [Thu, 1 Sep 2022 07:26:56 +0000 (07:26 +0000)]
remove exec_makecmds() and exec_runcmds() prototypes
removed from kern_exec.c between NetBSD 0.9 and NetBSD 1.0

2 years agoAdd a new action: "configtest", to check configuration syntax of the daemon.
ajacoutot [Thu, 1 Sep 2022 07:25:32 +0000 (07:25 +0000)]
Add a new action: "configtest", to check configuration syntax of the daemon.
A few adjustments will be done in the next days (like disabling this action if
there's no specific rc_configtest function defined).

e.g.
/etc/rc.d/sshd configtest
rcctl configtest sshd

idea from naddy@

2 years agoDo not embed ident(1) strings in object code.
miod [Thu, 1 Sep 2022 05:49:04 +0000 (05:49 +0000)]
Do not embed ident(1) strings in object code.
ok daniel@ deraadt@ jca@

2 years agoremove ppath_destroy() prototype; function was never committed
jsg [Thu, 1 Sep 2022 05:40:46 +0000 (05:40 +0000)]
remove ppath_destroy() prototype; function was never committed

2 years agoremove sb_lock() prototype; removed in uipc_socket2.c 1.64
jsg [Thu, 1 Sep 2022 05:31:49 +0000 (05:31 +0000)]
remove sb_lock() prototype; removed in uipc_socket2.c 1.64

2 years agoremove unused prototypes from buf.h
jsg [Thu, 1 Sep 2022 05:24:51 +0000 (05:24 +0000)]
remove unused prototypes from buf.h

bufcache_getanycleanbuf() removed in vfs_bio.c 1.181
buf_acquire_unmapped() removed in vfs_biomem.c 1.22
buf_print() removed in vfs_bio.c 1.47
cluster_write() removed along with vfs_cluster.c in 2016

2 years agoDon't print device name on failure
kn [Thu, 1 Sep 2022 01:52:08 +0000 (01:52 +0000)]
Don't print device name on failure

Noticed by mistake (wanted `-l'):
# vnconfig l
vnd0
vnconfig: VNDIOCSET: No such file or directory

Same happens if you try to load a bogus file:
# vnconfig ./empty
vnd0
vnconfig: VNDIOCSET: Input/output error

In both cases, the info on stdout is useless as vnd0 is not used.
Defer printing the device until after the file is set up:
# ./obj/vnconfig l
vnconfig: VNDIOCSET: No such file or directory
# ./obj/vnconfig ./empty
vnconfig: VNDIOCSET: Input/output error

OK deraadt

2 years agoMinor internal target names and spacing tweaks, add dry-toofew test
kn [Thu, 1 Sep 2022 01:09:19 +0000 (01:09 +0000)]
Minor internal target names and spacing tweaks, add dry-toofew test

2 years agoAdd macppc bits, hook up installboot(8) tests on macppc
kn [Thu, 1 Sep 2022 00:43:14 +0000 (00:43 +0000)]
Add macppc bits, hook up installboot(8) tests on macppc

Default tests (USE_SOFTRAID=No, NDISKS=1) pass except for 'vnd0 ./ofwboot'
as reported on tech@ (fix pending).

2 years agots(1): parse user format string only once
cheloha [Thu, 1 Sep 2022 00:14:36 +0000 (00:14 +0000)]
ts(1): parse user format string only once

Currently, ts(1) reparses the user format string every time it prints
a timestamp.  This is wasteful.

If we isolate the parsing loop in fmtfmt() and move the rest of the
work into a new function, fmtprint(), we can cut some overhead out
of the hot loop.

We still need to update any microsecond substrings in the parsed
format string every time we print a timestamp.  So during parsing in
fmtfmt() we build a list of pointers to locations in the parsed buffer
where the microsecond substring needs to be copied during fmtprint().

With input from deraadt@.

Link1: https://marc.info/?l=openbsd-tech&m=165769139318084&w=2
Link2: https://marc.info/?l=openbsd-tech&m=165910022501353&w=2

OK job@

2 years agoHook up installboot(8) tests on sparc64
kn [Thu, 1 Sep 2022 00:13:35 +0000 (00:13 +0000)]
Hook up installboot(8) tests on sparc64

Default tests (USE_SOFTRAID=Yes, NDISKS='1 2') pass except for '-r mnt',
as mentioned (fix pending).

USE_SOFTRAID=no and/or NDISKS=1 make '-r mnt' work.

2 years agoIntroduce USE_SOFTRAID to allow testing on vnd(4) directly
kn [Wed, 31 Aug 2022 23:53:22 +0000 (23:53 +0000)]
Introduce USE_SOFTRAID to allow testing on vnd(4) directly

This is mostly for architectures which don't have softraid(4) support
in installboot(8), but should also be useful in general to test different
setups and thus increase coverage.

Default to root on softraid on vnd on all architectures that support it:
amd64, arm64, i386 and sparc64;  use root on vnd on others (yet to come).

2 years agoCompare equality of looked up node using pointers instead of
patrick [Wed, 31 Aug 2022 23:31:35 +0000 (23:31 +0000)]
Compare equality of looked up node using pointers instead of
strings, as the component name provided in the IORT might be
specified in a different way than our ACPI stack would do.

ok kettenis@

2 years agoSilence cleanup, rename internal setup targets for clarity
kn [Wed, 31 Aug 2022 23:10:01 +0000 (23:10 +0000)]
Silence cleanup, rename internal setup targets for clarity

2 years agoAlways run prepare
kn [Wed, 31 Aug 2022 22:54:41 +0000 (22:54 +0000)]
Always run prepare

Not all architectures require/implement -p, but installboot(8) provides stubs,
so leave it to the program to (not) do something.

2 years agouse the posix phrasing to improve the description of "shift";
jmc [Wed, 31 Aug 2022 22:27:14 +0000 (22:27 +0000)]
use the posix phrasing to improve the description of "shift";
nudge from luka krmpotic

2 years agoAdd an empty line for consistency.
tb [Wed, 31 Aug 2022 21:34:14 +0000 (21:34 +0000)]
Add an empty line for consistency.

2 years agoMove PRU_SENDOOB request to (*pru_sendoob)().
mvs [Wed, 31 Aug 2022 21:23:02 +0000 (21:23 +0000)]
Move PRU_SENDOOB request to (*pru_sendoob)().

PRU_SENDOOB request always consumes passed `top' and `control' mbufs. To
avoid dummy m_freem(9) handlers for all protocols release passed mbufs
in the pru_sendoob() EOPNOTSUPP error path.

Also fix `control' mbuf(9) leak in the tcp(4) PRU_SENDOOB error path.

ok bluhm@

2 years agoReplace "newfs_msdos" and "fsck_msdos" with "newfs -t msdos" and "fsck -t
krw [Wed, 31 Aug 2022 20:52:15 +0000 (20:52 +0000)]
Replace "newfs_msdos" and "fsck_msdos" with "newfs -t msdos" and "fsck -t
msdos".

Add some missing spaces after "=".

Constify the static strings.

Prodded a while ago by deraadt@, tweaks from kn@, ok kn@

2 years agoRecommit -r1.45 but without error checking EVP_PKEY_copy_parameters()
tb [Wed, 31 Aug 2022 20:49:37 +0000 (20:49 +0000)]
Recommit -r1.45 but without error checking EVP_PKEY_copy_parameters()

EVP_PKEY_copy_parameters() will unconditionally fail if the pkey's ameth
has no copy_params(). Obviously this is indistinguishable from actual
failure...

ok jsing

2 years agoSupport SMMUv3 IORT nodes as well in the midlayers. This allows IOMMU
patrick [Wed, 31 Aug 2022 20:49:12 +0000 (20:49 +0000)]
Support SMMUv3 IORT nodes as well in the midlayers.  This allows IOMMU
mappings to reach a future SMMUv3 implementation.

ok kettenis@, mlarkin@

2 years agoRename helper vars/files under obj/
kn [Wed, 31 Aug 2022 20:48:55 +0000 (20:48 +0000)]
Rename helper vars/files under obj/

Up-front cleanup for a future diff to run directly on vnd(4) without softraid(4).
No functional change.

2 years agoPut MD fdisk usage into new FORMAT_DISK, also softraid volume after chunks
kn [Wed, 31 Aug 2022 20:23:57 +0000 (20:23 +0000)]
Put MD fdisk usage into new FORMAT_DISK, also softraid volume after chunks

2 years agoRevert r1.46. Causes fireworks in regress.
tb [Wed, 31 Aug 2022 20:20:53 +0000 (20:20 +0000)]
Revert r1.46. Causes fireworks in regress.

2 years agoMSIs on the x13s are routed through both a "normal" SMMU and a "v3" SMMU.
kettenis [Wed, 31 Aug 2022 20:16:02 +0000 (20:16 +0000)]
MSIs on the x13s are routed through both a "normal" SMMU and a "v3" SMMU.
So handle this case in acpipci(4) and kill the hack to disable MSIs.

ok patrick@, mlarkin@, deraadt@

2 years agoLog copy of /ofwboot
kn [Wed, 31 Aug 2022 19:40:37 +0000 (19:40 +0000)]
Log copy of /ofwboot

Another step towards more consistent behaviour across platforms.

This leaves only hppa and landisk **not** logging such copies,
but I can't test on those.

OK miod

2 years agoDenote possible answers in the usual manner
kn [Wed, 31 Aug 2022 19:38:42 +0000 (19:38 +0000)]
Denote possible answers in the usual manner

OK miod

2 years agoMake installboot on landisk aware of a possible MBR on the disk, and in this
miod [Wed, 31 Aug 2022 18:46:06 +0000 (18:46 +0000)]
Make installboot on landisk aware of a possible MBR on the disk, and in this
case install the first level bootstrap at the beginning of the of the wd0a
filesystem, rather than at the beginning of the disk.

Both locations work but the previous behaviour overwriting an existing MBR
is a violation of POLA.

tweaks & ok krw@

2 years agorelayd(8): change agentx_getsock to return void
dv [Wed, 31 Aug 2022 16:17:18 +0000 (16:17 +0000)]
relayd(8): change agentx_getsock to return void

Only has one return value and it's never checked.

ok martijn@, tb@

2 years agoAdd qcgpio(4) and qciic(4), drivers for the Qualcomm GPIO and I2C controllers
kettenis [Wed, 31 Aug 2022 16:10:59 +0000 (16:10 +0000)]
Add qcgpio(4) and qciic(4), drivers for the Qualcomm GPIO and I2C controllers
found on the SC8280XP SoC.  Together these drivers make the keyboard,
trackpoint and touchpad work on the x13s.

ok deraadt@

2 years agoRemove IMSG_CTL_SHOW_RIB_HASH and struct rde_hashstats which are no
claudio [Wed, 31 Aug 2022 15:51:44 +0000 (15:51 +0000)]
Remove IMSG_CTL_SHOW_RIB_HASH and struct rde_hashstats which are no
longer used. Also cleanup some hash sizes which are also no longer used.
OK tb@

2 years agoIntroduce iic_intr_disestablish() and use it in ihidev(4).
kettenis [Wed, 31 Aug 2022 15:14:01 +0000 (15:14 +0000)]
Introduce iic_intr_disestablish() and use it in ihidev(4).

ok jcs@

2 years agoRemove the hash statistics print code. The RDE no longer sends these
claudio [Wed, 31 Aug 2022 15:00:53 +0000 (15:00 +0000)]
Remove the hash statistics print code. The RDE no longer sends these
imsgs.
OK tb@

2 years agoAdd apldc(4), apldchidev(4), apldckdb(4) and aplrtkit(4). Together these
kettenis [Wed, 31 Aug 2022 14:47:22 +0000 (14:47 +0000)]
Add apldc(4), apldchidev(4), apldckdb(4) and aplrtkit(4).  Together these
drivers implement support for the Dockchannel-base keyboard found on
Apple M2 laptops.

ok mlarkin@, patrick@

2 years agoSwitch the generic attribute cache to an RB tree.
claudio [Wed, 31 Aug 2022 14:29:36 +0000 (14:29 +0000)]
Switch the generic attribute cache to an RB tree.
OK benno@ tb@

2 years agoRemove most mentions of contexts on the stack.
tb [Wed, 31 Aug 2022 14:27:34 +0000 (14:27 +0000)]
Remove most mentions of contexts on the stack.

2 years agonasty whitespace
tb [Wed, 31 Aug 2022 13:28:39 +0000 (13:28 +0000)]
nasty whitespace

2 years agoRework DSA_size() and ECDSA_size()
tb [Wed, 31 Aug 2022 13:01:01 +0000 (13:01 +0000)]
Rework DSA_size() and ECDSA_size()

DSA_size() and ECDSA_size() have a very special hack. They fudge up an
ASN1_INTEGER with a size which is typically > 100 bytes, backed by a
buffer of size 4. This was "fine", however, since they set buf[0] = 0xff,
where the craziness that was i2c_ASN1_INTEGER() only looks at the first
octet (one may then ask why a buffer of size 4 was necessary...).

This changed with the rewrite of i2c_ASN1_INTEGER(), which doesn't
respect this particular hack and rightly assumes that it is fed an
actual ASN1_INTEGER...

Instead, create an appropriate signature and use i2d to determine its
size.

Fixes an out-of-bounds read flagged by ASAN and oss-fuzz.

ok jsing

2 years agoAvoid division by zero if no connection was made.
tb [Wed, 31 Aug 2022 12:29:08 +0000 (12:29 +0000)]
Avoid division by zero if no connection was made.

CID 184043

2 years agoAdd missing OpenBSD id comment
claudio [Wed, 31 Aug 2022 12:13:59 +0000 (12:13 +0000)]
Add missing OpenBSD id comment

2 years agomake kernel build without INET6 again
benno [Wed, 31 Aug 2022 11:29:12 +0000 (11:29 +0000)]
make kernel build without INET6 again
ok sashan@

2 years agoMake sure that only one roa softreconfig runner is run at any time.
claudio [Wed, 31 Aug 2022 11:25:36 +0000 (11:25 +0000)]
Make sure that only one roa softreconfig runner is run at any time.
If a run takes to long drop the current update and wait for the next update.
OK benno@

2 years agoRemove now unused and unreferenced disktab.h.
krw [Wed, 31 Aug 2022 11:04:41 +0000 (11:04 +0000)]
Remove now unused and unreferenced disktab.h.

2 years agoWhitespace fixes.
krw [Wed, 31 Aug 2022 10:46:33 +0000 (10:46 +0000)]
Whitespace fixes.

2 years agoSome missing return checks
tb [Wed, 31 Aug 2022 09:39:59 +0000 (09:39 +0000)]
Some missing return checks

2 years agoAvoid some buffer overflows in ecdsatest
tb [Wed, 31 Aug 2022 09:38:00 +0000 (09:38 +0000)]
Avoid some buffer overflows in ecdsatest

The ASN.1 encoding of the modified ECDSA signature can grow in size due to
padding of the ASN.1 integers. Instead of reusing the same signature buffer
freshly allocate it. Avoids some buffer overflows caught by ASAN.

2 years agoRevert previous. Committed the wrong version of the diff.
tb [Wed, 31 Aug 2022 09:36:46 +0000 (09:36 +0000)]
Revert previous. Committed the wrong version of the diff.

2 years agoAvoid some buffer overflows in ecdsatest
tb [Wed, 31 Aug 2022 09:33:39 +0000 (09:33 +0000)]
Avoid some buffer overflows in ecdsatest

The ASN.1 encoding of the modified ECDSA signature can grow in size due to
padding of the ASN.1 integers. Instead of reusing the same signature buffer
freshly allocate it. Avoids some buffer overflows caught by ASAN.

2 years agoIntroduce a function to trylock a page instead of duplicating the logic.
mpi [Wed, 31 Aug 2022 09:26:04 +0000 (09:26 +0000)]
Introduce a function to trylock a page instead of duplicating the logic.

Stolen from NetBSD.

ok jsg@

2 years agoRemove "force CHS" remnants. LBA uber alles.
krw [Wed, 31 Aug 2022 09:20:57 +0000 (09:20 +0000)]
Remove "force CHS" remnants. LBA uber alles.

Mildly sad noises from Nick.

ok miod@ mlarkin@

2 years agoRewrite the searchrange end calculation routine.
martijn [Wed, 31 Aug 2022 09:19:22 +0000 (09:19 +0000)]
Rewrite the searchrange end calculation routine.
The old one had a bug which allowed it to move backwards on overlapping
regions and also didn't always returned the optimal end position.

OK tb@

2 years agoLock vmobjlock then check u_flags & UVM_VNODE_VALID in uvn_attach
gnezdo [Wed, 31 Aug 2022 09:07:35 +0000 (09:07 +0000)]
Lock vmobjlock then check u_flags & UVM_VNODE_VALID in uvn_attach

This is a continuation of this commit:
"Always acquire the `vmobjlock' before incrementing an object's reference."

Unfortuantely this created a race found by syzkaller manifesting as:

panic: kernel diagnostic assertion "uvn->u_obj.uo_refs == 0" failed:
file "sys/uvm/uvm_vnode.c", line 234

ok mpi@

Reported-by: syzbot+dd2d2684ad2818c927da@syzkaller.appspotmail.com
2 years agoIf a partition both starts and ends beyond the end of the unit
krw [Wed, 31 Aug 2022 08:35:07 +0000 (08:35 +0000)]
If a partition both starts and ends beyond the end of the unit
only warn about the start.

ok millert@

2 years agoFix window size report, from Vincent Bernat.
nicm [Wed, 31 Aug 2022 08:07:05 +0000 (08:07 +0000)]
Fix window size report, from Vincent Bernat.

2 years agoSync the supported hardware list with armv7.html.
fcambus [Wed, 31 Aug 2022 07:25:45 +0000 (07:25 +0000)]
Sync the supported hardware list with armv7.html.

OK jsg@

2 years agoSwitch loop bounds from size_t to int in check_hosts()
tb [Wed, 31 Aug 2022 07:15:31 +0000 (07:15 +0000)]
Switch loop bounds from size_t to int in check_hosts()

sk_num() can return a negative value, in which case the upper bound is
SIZE_MAX, which results in a very long for loop.

CID 153997

ok jsing

2 years agoCheck return values in ssl_print_tmp_key()
tb [Wed, 31 Aug 2022 07:12:30 +0000 (07:12 +0000)]
Check return values in ssl_print_tmp_key()

Use EVP_PKEY_get0_EC_KEY() instead of the get1 version to avoid an
EVP_PKEY_free(). Check return values: if either EVP_PKEY_get0_EC_KEY()
or EC_KEY_get0_group() fail, a NULL dereference occurs.

CID 43289

ok jsing

2 years agoAvoid potential NULL dereference in ssl_set_pkey()
tb [Wed, 31 Aug 2022 06:51:36 +0000 (06:51 +0000)]
Avoid potential NULL dereference in ssl_set_pkey()

Switch from X509_get_pubkey() to X509_get0_pubkey() to avoid an unnecessary
EVP_PKEY_free(). Check the return values of X509_get0_pubkey() and
EVP_PKEY_copy_parameters(). If the former returns NULL, the latter will
dereference NULL.

CID 25020

ok jsing

2 years agobackport Xr fix
jsg [Wed, 31 Aug 2022 06:23:06 +0000 (06:23 +0000)]
backport Xr fix
ok djm@

2 years agowhitespace
djm [Wed, 31 Aug 2022 02:56:40 +0000 (02:56 +0000)]
whitespace

2 years agoRefine the change in rev 1.125: the UVM mitigation for CoW faulting
guenther [Wed, 31 Aug 2022 01:27:04 +0000 (01:27 +0000)]
Refine the change in rev 1.125: the UVM mitigation for CoW faulting
when multiple CPUs are running threads in the process is only needed
when there can be multiple CPUs, so save a fault on SP builds.

ok miod@ mpi@

2 years agostray tab
tb [Tue, 30 Aug 2022 23:41:53 +0000 (23:41 +0000)]
stray tab

2 years agowhitespace
tb [Tue, 30 Aug 2022 23:40:37 +0000 (23:40 +0000)]
whitespace

2 years agoAdd ASPA regress bits
job [Tue, 30 Aug 2022 22:48:16 +0000 (22:48 +0000)]
Add ASPA regress bits

2 years agoAvoid dead assignment
tb [Tue, 30 Aug 2022 22:42:32 +0000 (22:42 +0000)]
Avoid dead assignment

2 years agoCheck HMAC() return value to avoid a later use of uninitialized
tb [Tue, 30 Aug 2022 20:40:14 +0000 (20:40 +0000)]
Check HMAC() return value to avoid a later use of uninitialized

CID 25421

2 years agoRemove a commented-out sk_push that has been hanging around for > 20 years
tb [Tue, 30 Aug 2022 20:20:02 +0000 (20:20 +0000)]
Remove a commented-out sk_push that has been hanging around for > 20 years

2 years agoremove an unused argument of ixgbe_rx_checksum()
benno [Tue, 30 Aug 2022 19:52:58 +0000 (19:52 +0000)]
remove an unused argument of ixgbe_rx_checksum()
ok mbuhl@

2 years agoSyzkaller found a missing input validation in pipex mppe keylenbits.
bluhm [Tue, 30 Aug 2022 19:42:29 +0000 (19:42 +0000)]
Syzkaller found a missing input validation in pipex mppe keylenbits.
Reported-by: syzbot+2eca95b271d07ab91b43@syzkaller.appspotmail.com
tested yasuoka@; OK mvs@ yasuoka@

2 years agochacha20_poly1305_cleanup() should return 1
tb [Tue, 30 Aug 2022 19:33:26 +0000 (19:33 +0000)]
chacha20_poly1305_cleanup() should return 1

Otherwise EVP_CIPHER_CTX_cleanup() leaks, as spotted by the ASAN CI.

ok jsing

2 years agoAdd support for ASPA objects (draft-ietf-sidrops-aspa-profile-10)
job [Tue, 30 Aug 2022 18:56:49 +0000 (18:56 +0000)]
Add support for ASPA objects (draft-ietf-sidrops-aspa-profile-10)

ASPA objects are published in the RPKI and can be used to detect and
mitigate BGP route leaks. Validated ASPA Payloads are visible through
filemode (-f) and the JSON output format (-j).

With feedback from tb@

OK claudio@ tb@

2 years agoSwitch nexthop hash to a RB tree.
claudio [Tue, 30 Aug 2022 18:50:21 +0000 (18:50 +0000)]
Switch nexthop hash to a RB tree.
OK benno@

2 years agoNuke disktab.h references in preparation for nuking disktab.h.
krw [Tue, 30 Aug 2022 18:50:06 +0000 (18:50 +0000)]
Nuke disktab.h references in preparation for nuking disktab.h.

disktab.h has not been used or useful for a looooong time.

Detailed historical research by jsg@.

ok jsg@ deraadt@

2 years agoRemove struct ifnet's unused if_switchport member
kn [Tue, 30 Aug 2022 18:23:58 +0000 (18:23 +0000)]
Remove struct ifnet's unused if_switchport member

This is a switch(4) left-over.

Even though it is defined under _KERNEL, a few ports do define it and
include <net/if_var.h>, so this removal warrants a REVISION bump for all
potential ports consumers (once ports bulk machines run on a snapshot
containing this commit).

OK mvs

2 years agoPlug leak of BIO in tls13_quic_init()
tb [Tue, 30 Aug 2022 18:23:40 +0000 (18:23 +0000)]
Plug leak of BIO in tls13_quic_init()

If rbio and wbio are the same, SSL_free() only frees one BIO, so the
BIO_up_ref() before SSL_set_bio() leads to a leak.

ok jsing

2 years agoRemove now unused search variable. Missed in previous.
martijn [Tue, 30 Aug 2022 17:37:03 +0000 (17:37 +0000)]
Remove now unused search variable. Missed in previous.

OK tb@

2 years agoRemove the downwards check for overlapping regions when the subtree flag is
martijn [Tue, 30 Aug 2022 17:33:20 +0000 (17:33 +0000)]
Remove the downwards check for overlapping regions when the subtree flag is
set.

There's a bit of inverted logic in there and this feature will probably get
in the way of the blocklist feature (and maybe others)

OK tb@

2 years agoInitial support for mmio assist for vmm(4)
dv [Tue, 30 Aug 2022 17:09:21 +0000 (17:09 +0000)]
Initial support for mmio assist for vmm(4)

Provide the basic information required for a userland assist in
emulating instructions touching mmio regions, sending as much
information as is provided by the host hardware.

No decode or assist provided at the moment by vmd(8).

ok mlarkin@

2 years agoRemove long unused WARN_REFERENCES macro; idea guenther@, ok jsg@ jca@
miod [Tue, 30 Aug 2022 16:26:29 +0000 (16:26 +0000)]
Remove long unused WARN_REFERENCES macro; idea guenther@, ok jsg@ jca@

2 years agoFix uninitialized variable after the switch to (*pru_send); found the hard
miod [Tue, 30 Aug 2022 16:24:16 +0000 (16:24 +0000)]
Fix uninitialized variable after the switch to (*pru_send); found the hard
way on alpha.
ok bluhm@ mvs@

2 years agoUse BUFSIZ instead of PATH_MAX. Since it doesn't anything with a file
yasuoka [Tue, 30 Aug 2022 16:06:09 +0000 (16:06 +0000)]
Use BUFSIZ instead of PATH_MAX.  Since it doesn't anything with a file
system path.  input from claudio

ok tb claudio

2 years agoAdd missing #include <sys/queue.h>
claudio [Tue, 30 Aug 2022 16:00:21 +0000 (16:00 +0000)]
Add missing #include <sys/queue.h>

2 years agoGive a string which length is multiple of 4 to b64_pton() since the
yasuoka [Tue, 30 Aug 2022 15:57:19 +0000 (15:57 +0000)]
Give a string which length is multiple of 4 to b64_pton() since the
function assumes that the input ends at end of 24-bit group.

ok tb claudio

2 years agocopy over av_oid_end.bo_n instead of av_oid.bo_n bytes when copying over
martijn [Tue, 30 Aug 2022 14:54:18 +0000 (14:54 +0000)]
copy over av_oid_end.bo_n instead of av_oid.bo_n bytes when copying over
the searchrange end oid.

OK tb@

2 years agoAvoid leak in proxy_parse_uri()
tb [Tue, 30 Aug 2022 14:33:26 +0000 (14:33 +0000)]
Avoid leak in proxy_parse_uri()

with/ok claudio

2 years agoReshuffle and cleanup the includes a little bit.
claudio [Tue, 30 Aug 2022 12:49:13 +0000 (12:49 +0000)]
Reshuffle and cleanup the includes a little bit.

2 years agoIn RRDP mode it is possible that a file in the validated cache dir is
claudio [Tue, 30 Aug 2022 12:45:13 +0000 (12:45 +0000)]
In RRDP mode it is possible that a file in the validated cache dir is
no longer valid while the newer file in the .rrdp directory is not (yet)
valid. In this case do not copy the old file over the newer file.
RRDP has no method to identiy inconsistent repos (unlike rsync) so if
the wrong file is put in .rrdp it is not noticed appart from the
verification process failing for that file.
OK tb@ job@

2 years agoRefactor internet PCB lookup function. Rename in_pcbhashlookup()
bluhm [Tue, 30 Aug 2022 11:53:03 +0000 (11:53 +0000)]
Refactor internet PCB lookup function.  Rename in_pcbhashlookup()
so the public API is in_pcblookup() and in_pcblookup_listen().  For
internal use introduce in_pcbhash_insert() and in_pcbhash_lookup()
to avoid code duplication.  Routing domain is unsigned, change the
type to u_int.
OK mvs@

2 years agoProtect the receive socket buffer in UDP input with per PCB mutex.
bluhm [Tue, 30 Aug 2022 09:35:24 +0000 (09:35 +0000)]
Protect the receive socket buffer in UDP input with per PCB mutex.
OK claudio@ mvs@

2 years agoPlug memory leak in X509_REQ_print_ex()
tb [Tue, 30 Aug 2022 08:45:06 +0000 (08:45 +0000)]
Plug memory leak in X509_REQ_print_ex()

CID 356353

ok jsing

2 years agoMove duplicated code to free swap resources into its own function.
mpi [Tue, 30 Aug 2022 08:30:58 +0000 (08:30 +0000)]
Move duplicated code to free swap resources into its own function.

ok mlarkin@

2 years agosync to libunbound 1.16.2; heavy lifting by sthen
florian [Tue, 30 Aug 2022 05:46:50 +0000 (05:46 +0000)]
sync to libunbound 1.16.2; heavy lifting by sthen

2 years agooverriden -> overridden;
jmc [Tue, 30 Aug 2022 05:40:28 +0000 (05:40 +0000)]
overriden -> overridden;

2 years agoFix growth check in compress(1)/gzip(1)
tb [Mon, 29 Aug 2022 19:42:01 +0000 (19:42 +0000)]
Fix growth check in compress(1)/gzip(1)

If a compressed file is larger than its expanded version, compress(1) and
gzip(1) don't compress unless -f is given. As found by gkoehler, the check
is not quite correct for very small files or files with sufficiently random
data. Fix the check so that slight growth still triggers the check.

ok millert

2 years agoPrint warning when a GPT partition start or end is outside the
krw [Mon, 29 Aug 2022 19:39:10 +0000 (19:39 +0000)]
Print warning when a GPT partition start or end is outside the
usable LBA area of the device the GPT is currently inhabiting.

Makes GPT display as informative as MBR display.

In passing, eliminate possible underflow in partition size
calculation.

ok deraadt@