openbsd
2 years agoregen
kn [Sun, 24 Jul 2022 17:23:23 +0000 (17:23 +0000)]
regen

2 years agoUpdate Atheros AR928X pcidev string
kn [Sun, 24 Jul 2022 17:22:12 +0000 (17:22 +0000)]
Update Atheros AR928X pcidev string

The AR9280 half Mini Card (HB92) supports 5GHz as confirmed by athn(4)'s
"The AR9220, AR9223 and AR9280 (codenamed Merlin) ..." paragraph.

pcidevs however wrongly identifies this device as
    athn0 at pci2 dev 0 function 0 "Atheros AR9281" rev 0x01: apic 2 int 17
    athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:30:37:de

athn(4) says AR9281 is 2GHz only, so the first line (pcidevs string) does
not match the real information on the second line (from real hardware).

Looking around, the PCI Vendor ID: 168c, Product ID: 002a are described as

* https://pcilookup.com/?ven=168c&dev=002a&action=submit
  "AR928X Wireless Network Adapter (PCI-Express)"
* https://pci-ids.ucw.cz/read/PC/168c/002a calls this
  "AR928X Wireless Network Adapter (PCI-Express)"
* https://github.com/torvalds/linux/blob/fc02cb2b37fe2cbf1d3334b9f0f0eab9431766c4/Documentation/devicetree/bindings/net/wireless/qca%2Cath9k.yaml#L27
says
        - pci168c,002a  # AR9280 and AR9283
* https://pcisig.com/membership/member-companies?combine=168c
  (empty, no result)
* NetBSD pcidevs is like ours
  product ATHEROS AR9281              0x002a AR9281

Im summary, "AR928X" seems more appropiate and matches both AR9280 and
AR9281 chipsets, so use that to avoid contradicting dmesg lines:
    athn0 at pci2 dev 0 function 0 "Atheros AR928X" rev 0x01: apic 2 int 17
    athn0: AR9280 rev 2 (2T2R), ROM rev 22, address 04:f0:21:30:37:de

stsp confirms how "Atheros naming is very convoluted."

Feedback sthen
OK stsp

2 years agoMove cipher_id bsearch functions back to the bottom of the file.
jsing [Sun, 24 Jul 2022 15:05:16 +0000 (15:05 +0000)]
Move cipher_id bsearch functions back to the bottom of the file.

2 years agoSet NULL BIOs for QUIC.
jsing [Sun, 24 Jul 2022 14:31:37 +0000 (14:31 +0000)]
Set NULL BIOs for QUIC.

When used with QUIC, the SSL BIOs are effectively unused, however we still
currently expect them to exist for status (such as SSL_ERROR_WANT_READ and
SSL_ERROR_WANT_WRITE). Set up NULL BIOs if QUIC is in use.

ok tb@

2 years agoProvide record layer callbacks for QUIC.
jsing [Sun, 24 Jul 2022 14:28:16 +0000 (14:28 +0000)]
Provide record layer callbacks for QUIC.

QUIC uses TLS to complete the handshake, however unlike normal TLS it does
not use the TLS record layer, rather it provides its own transport. This
means that we need to intercept all communication between the TLS handshake
and the record layer. This allows TLS handshake message writes to be
directed to QUIC, likewise for TLS handshake message reads. Alerts also
need to be sent via QUIC, plus it needs to be provided with the traffic
keys that are derived by TLS.

ok tb@

2 years agoMove tls13_phh_done_cb() after tl13_phh_received_cb().
jsing [Sun, 24 Jul 2022 14:19:45 +0000 (14:19 +0000)]
Move tls13_phh_done_cb() after tl13_phh_received_cb().

This is the order that they're called/run in.

2 years agoProvide QUIC encryption levels.
jsing [Sun, 24 Jul 2022 14:16:29 +0000 (14:16 +0000)]
Provide QUIC encryption levels.

QUIC wants to know what "encryption level" handshake messages should be
sent at. Provide an ssl_encryption_level_t enum (via BoringSSL) that
defines these (of course quictls decided to make this an
OSSL_ENCRYPTION_LEVEL typedef, so provide that as well).

Wire these through to tls13_record_layer_set_{read,write}_traffic_key() so
that they can be used in upcoming commits.

ok tb@

2 years agodocument limit-item "anchors"; from martin vahlensieck
jmc [Sun, 24 Jul 2022 12:22:12 +0000 (12:22 +0000)]
document limit-item "anchors"; from martin vahlensieck

while here, rework the "set limit" section:

- use a simple list
- add some missing defaults and limit-item

mbuhl helped fill in some of the blanks
ok kn

2 years agoRevert simplification of the aiodone daemon it breaks swap on arm64.
mpi [Sun, 24 Jul 2022 11:00:22 +0000 (11:00 +0000)]
Revert simplification of the aiodone daemon it breaks swap on arm64.

Found the hard way by mlarkin@ and deraadt@.

2 years agoRely on tlsext_parse() to set a decode_error alert
tb [Sun, 24 Jul 2022 10:52:51 +0000 (10:52 +0000)]
Rely on tlsext_parse() to set a decode_error alert

Instead of setting the alert manually in various parse handlers, we can
make use of the fact that tlsext_parse() sets the alert to decode_error
by default. This simplifies the code quite a bit.

ok jsing

2 years agoStart making ts opaque
tb [Sun, 24 Jul 2022 08:16:47 +0000 (08:16 +0000)]
Start making ts opaque

Move the not yet exposed EssCertIDv2 struct internals to ts_local.h and move
the ASN.1 function prototypes that we don't want to expose with them.

Include ts_local.h where necessary or where it will be needed soon.

ok jsing

2 years agomacppc, powerpc: retrigger deferred DEC interrupts from splx(9)
cheloha [Sun, 24 Jul 2022 00:28:09 +0000 (00:28 +0000)]
macppc, powerpc: retrigger deferred DEC interrupts from splx(9)

On PowerPC, by design, you cannot mask decrementer (DEC) interrupts
without also masking other interrupts that we want to leave unmasked
at or above IPL_CLOCK.  So, currently, the DEC is left unmasked, even
when we're working at IPL_CLOCK or IPL_HIGH.  If a DEC interrupt
arrives while we're at those priority levels, the current solution is
to postpone any clock interrupt work until the next hardclock(9) or
statclock tick.

This is a problem for a machine-independent clock interrupt subsystem
because the MD code, e.g. decr_intr(), ideally shouldn't need to know
anything about when the next event is scheduled to occur.

The most obvious solution to this problem that I can think of is to
instead postpone clock interrupt work until the next time our priority
level drops below IPL_CLOCK.  This is something we can do from the MD
code without any knowledge of when the next clock interrupt event is
scheduled to occur.

So:

- Add a new boolean, ci_dec_deferred, to the PowerPC cpu_info struct.

- If we reach decr_intr() when the CPU's priority level is too high,
  set ci_dec_deferred, clear the DEC exception, and return.

- If we reach decr_intr() and the CPU's priority level is low enough,
  clear ci_dec_deferred and do any needed clock interrupt work.

- In splx(9) (there are three different versions we need to update),
  check ci_dec_deferred.  If it's set and our priority level is
  dropping below IPL_CLOCK, raise a DEC exception.

Tested by me on PowerMac7,3 (openpic).  Tested by miod@ on PowerMac1,1
(macintr) (`make build` completes).  Tested by gkoehler@ on an unknown
PowerMac (probably openpic).

With lots of help from kettenis@.

ok gkoehler@ miod@

2 years agotimecounting: use full 96-bit product when computing elapsed time
cheloha [Sat, 23 Jul 2022 22:58:51 +0000 (22:58 +0000)]
timecounting: use full 96-bit product when computing elapsed time

The timecounting subsystem computes elapsed time by scaling (64 bits)
the difference between two counter values (32 bits at most) up into a
struct bintime (128 bits).

Under normal circumstances it is sufficient to do this with 64-bit
multiplication, like this:

struct bintime bt;

bt.sec = 0;
bt.frac = th->tc_scale * tc_delta(th);

However, if tc_delta() exceeds 1 second's worth of counter ticks, that
multiplication overflows.  The result is that the monotonic clock appears
to jump backwards.

When can this happen?  In practice, I have seen it when trying to
compile LLVM on an EdgeRouter Lite when using an SD card as the
backing disk.  The box gets stuck in swap, the hardclock(9) is
delayed, and we appear to "lose time".

To avoid this overflow we need to compute the full 96-bit product of
the delta and the scale.

This commit adds TIMECOUNT_TO_BINTIME(), a function for computing that
full product, to sys/time.h.  The patch puts the new function to use
in lib/libc/sys/microtime.c and sys/kern/kern_tc.c.

(The commit also reorganizes some of our high resolution bintime code
so that we always read the timecounter first.)

Doing the full 96-bit multiplication is between 0% and 15% slower than
doing the cheaper 64-bit multiplication on amd64.  Measuring a precise
difference is extremely difficult because the computation is already
quite fast.

I would guess that the cost is slightly higher than that on 32-bit
platforms.  Nobody ever volunteered to test, so this remains a guess.

Thread: https://marc.info/?l=openbsd-tech&m=163424607918042&w=2
6 month bump: https://marc.info/?l=openbsd-tech&m=165124251401342&w=2

Committed after 9 months without review.

2 years agokernel: remove global "randompid" toggle
cheloha [Sat, 23 Jul 2022 22:10:58 +0000 (22:10 +0000)]
kernel: remove global "randompid" toggle

Apparently, we used to created several kthreads before the kernel
random number generator was up and running.  A toggle, "randompid",
was needed to tell allocpid() whether it made sense to attempt to
allocate random PIDs.

However, these days we get e.g. arc4random(9) into a working state
before any kthreads are spawned, so the toggle is no longer needed.

Thread: https://marc.info/?l=openbsd-tech&m=165541052614453&w=2

Very nice historical context provided by miod@.

probably ok miod@ deraadt@

2 years agoDelete autoconf or temporary address if flag is removed.
florian [Sat, 23 Jul 2022 16:16:25 +0000 (16:16 +0000)]
Delete autoconf or temporary address if flag is removed.
OK kn

2 years agoRefactor and rename bgpd_filternexthop() to bgpd_oknexthop()
claudio [Sat, 23 Jul 2022 10:24:00 +0000 (10:24 +0000)]
Refactor and rename bgpd_filternexthop() to bgpd_oknexthop()

Simplify the logic and adjust kroute_match() which makes the code
easier to understand.
OK tb@

2 years agoLet the kernel delete the (default) route when we deconfigure the
florian [Sat, 23 Jul 2022 09:33:18 +0000 (09:33 +0000)]
Let the kernel delete the (default) route when we deconfigure the
interface.

This works around a problem where the kernel always deletes
the first default route if there are multiple present
with the same gateway.

This only fixes the problem when running ifconfig inet -autoconf.

There are other cases where we call configure_rotures(RTM_DELETE), for
example when setting ignore routes in dhcpleased.conf and issuing a
reload. To fix that we either need help from the kernel to distinguish
routes by IFP or track priorities and hope they are unique.

Problem reported by mbuhl.
OK claudio

2 years agoSend an IFP to distinguish (default) routes over different interfaces
florian [Sat, 23 Jul 2022 09:29:20 +0000 (09:29 +0000)]
Send an IFP to distinguish (default) routes over different interfaces
to the same gateway.

Unfortunately this doesn't help with deleting the correct route when
issuing ifconfig inet -autoconf, the kernel always deletes the first
route. This is the one with the lowest priority if the routes have
different priorities.

What does work is identifying routes by priority but dhcpleased(8)
doesn't set the priority so that the kernel choses the right one
when adding a route and it doesn't yet track the priority the
kernel set.

Another issue is that we might end up with routes having the same
gateway and same priority pointing out of different interfaces. For
example when two ethernet interfaces are set to autoconf and they are
connected to the layer 2 network. This seems like a bad idea but it is
something that could be configured.

Problem reported by mbuhl, claudio suggested to try to send an IFP.

Even though it doesn't work, it seems worthwhile to send the IFP for
when the kernel gains the ability to distinguish routes by IFP.

2 years agoDelete addresses when interface is no longer autoconf.
florian [Sat, 23 Jul 2022 09:00:10 +0000 (09:00 +0000)]
Delete addresses when interface is no longer autoconf.

This brings it in line with dhcpleased(8) as well as what we do for
the default route and DNS proposals.

I missed this when I rewrote the state machine to match
dhcpleased(8).

2 years agoThere is no need to set kf.flags to F_KERNEL here.
claudio [Sat, 23 Jul 2022 08:44:06 +0000 (08:44 +0000)]
There is no need to set kf.flags to F_KERNEL here.
From a previous diff that was reverted because of a different issue.
was OK tb@

2 years agoFix file names in comments.
tb [Sat, 23 Jul 2022 07:13:03 +0000 (07:13 +0000)]
Fix file names in comments.

2 years agoDiscard relative movement packets outside of [-127, 127] range to
sdk [Sat, 23 Jul 2022 05:55:16 +0000 (05:55 +0000)]
Discard relative movement packets outside of [-127, 127] range to
prevent cursor jumps when using the trackpoint on some lenovo laptops.

Known affected models:
- Lenovo Thinkpad X13 Gen1
- Lenovo Thinkpad T14(s)
- Lenovo Thinkpad E15 Gen3
- Lenovo A475

With help from stsp@

OK stsp@ miod@ deraadt@ bru@

2 years agoIn tcpdump(8), fix use of wrong index into 802.11 PMKID data when multiple
stsp [Fri, 22 Jul 2022 20:37:56 +0000 (20:37 +0000)]
In tcpdump(8), fix use of wrong index into 802.11 PMKID data when multiple
PMKIDs are present. Same error as found by Mikhail for ciphers and AKMs.

2 years agoIn tcpdump(8), fix printing of multiple 802.11 RSN ciphers and AKMs.
stsp [Fri, 22 Jul 2022 20:31:45 +0000 (20:31 +0000)]
In tcpdump(8), fix printing of multiple 802.11 RSN ciphers and AKMs.

Also, pretty-print SAE (used by WPA3) if found in AKMs.

Errors introduced by me in CVS commit hgtOdzeJfB27Yyq0 / r1.40.
Patch by Mikhail

2 years agoadd missing full stop;
jmc [Fri, 22 Jul 2022 20:31:39 +0000 (20:31 +0000)]
add missing full stop;

2 years agoZap nd6_recalc_reachtm_interval indirection
kn [Fri, 22 Jul 2022 20:29:27 +0000 (20:29 +0000)]
Zap nd6_recalc_reachtm_interval indirection

Only used once, so use the macro directly like ND6_SLOWTIMER_INTERVAL
is used in many places.

OK florian

2 years agoConvert TLS transcript from BUF_MEM to tls_buffer.
jsing [Fri, 22 Jul 2022 19:54:46 +0000 (19:54 +0000)]
Convert TLS transcript from BUF_MEM to tls_buffer.

ok beck@ tb@

2 years agoExtend TLS buffer regress to cover read/write usage.
jsing [Fri, 22 Jul 2022 19:34:55 +0000 (19:34 +0000)]
Extend TLS buffer regress to cover read/write usage.

2 years agoAdd read and write support to tls_buffer.
jsing [Fri, 22 Jul 2022 19:33:53 +0000 (19:33 +0000)]
Add read and write support to tls_buffer.

tls_buffer was original created for a specific use case, namely reading in
length prefixed messages. This adds read and write support, along with a
capacity limit, allowing it to be used in additional use cases.

ok beck@ tb@

2 years agoRevert previous commit. The RTP_MINE checks on struct kroute_full are
claudio [Fri, 22 Jul 2022 17:26:58 +0000 (17:26 +0000)]
Revert previous commit. The RTP_MINE checks on struct kroute_full are
not correct because kr_tofull() replaces RTP_MINE with the real priority.
Noticed because of incorrect nexthop selection.

2 years agoInclude an OpenIKED Vendor ID payload in the initial handshake. This will
tobhe [Fri, 22 Jul 2022 15:53:33 +0000 (15:53 +0000)]
Include an OpenIKED Vendor ID payload in the initial handshake.  This will
make it easier to handle interoperability problems with older versions in
the future.  The ID is constructed from the string "OpenIKED-" followed by
the version number.
Sending of the vendor ID payload can be disabled by specifying
"set novendorid" in iked.conf(5).

ok markus@ bluhm@

2 years agoLeftovers from florian's RS/NA purge from the kernel in 2017.
kn [Fri, 22 Jul 2022 15:34:46 +0000 (15:34 +0000)]
Leftovers from florian's RS/NA purge from the kernel in 2017.

OK bluhm

2 years agoFix potential leak of reply in error case.
tobhe [Fri, 22 Jul 2022 15:33:53 +0000 (15:33 +0000)]
Fix potential leak of reply in error case.

From markus@
ok bluhm@

2 years agoSimplify tls13_server_encrypted_extensions_recv
tb [Fri, 22 Jul 2022 14:53:07 +0000 (14:53 +0000)]
Simplify tls13_server_encrypted_extensions_recv

We can rely on tlsext_client_parse() to set the alert, so no need to
do this in the error path.

ok jsing

2 years agoZap dead store nd6_allocated
kn [Fri, 22 Jul 2022 13:27:17 +0000 (13:27 +0000)]
Zap dead store nd6_allocated

There since KAME IPv6 import in 1999.

OK "Pool statistics has this info already." bluhm

2 years agoCall nd6_timer() without argument
kn [Fri, 22 Jul 2022 13:26:00 +0000 (13:26 +0000)]
Call nd6_timer() without argument

nd6_timer_to is a global struct and nd6_timer() accesses it as such,
thereby ignoring its function argument.

Make that clear when setting the timeout, which now goes like the other
two timeouts.

OK bluhem

2 years agoRemove redundant length checks in parse functions
tb [Fri, 22 Jul 2022 13:10:31 +0000 (13:10 +0000)]
Remove redundant length checks in parse functions

The main parsing function already checks that the entire extension data
was consumed, so the length checks inside some of the parse handlers are
redundant. They were also not done everywhere, so this makes the parse
handlers more consistent.

Similar diff was sent by jsing a long while back

ok jsing

2 years agoRetire the F_KERNEL flag, it got superseded by route priority and RTP_MINE.
claudio [Fri, 22 Jul 2022 11:17:48 +0000 (11:17 +0000)]
Retire the F_KERNEL flag, it got superseded by route priority and RTP_MINE.

Only problem is when route(8) is used to modify/delete a bgpd owned route.
Exact behaviour for that is still a bit unclear but F_KERNEL does not help
in this case either. In the kr_fib_delete/change remove F_BGPD_INSERTED
in that case as a first step.
OK tb@

2 years agofix use after free in debug path
jsg [Fri, 22 Jul 2022 09:04:44 +0000 (09:04 +0000)]
fix use after free in debug path
ok jan@ miod@

2 years agoClear marks when the search string changes. From Anindya Mukherjee,
nicm [Fri, 22 Jul 2022 07:14:07 +0000 (07:14 +0000)]
Clear marks when the search string changes. From Anindya Mukherjee,
GitHub issue 3255.

2 years agodrm/aperture: Run fbdev removal before internal helpers
jsg [Fri, 22 Jul 2022 06:21:51 +0000 (06:21 +0000)]
drm/aperture: Run fbdev removal before internal helpers

From Thomas Zimmermann
31f351eb534e889d11cd149de547d99eb5a15c64 in linux 5.15.y/5.15.56
bf43e4521ff3223a613f3a496991a22a4d78e04b in mainline linux

2 years agodrm/amd/pm: Prevent divide by zero
jsg [Fri, 22 Jul 2022 06:19:59 +0000 (06:19 +0000)]
drm/amd/pm: Prevent divide by zero

From Yefim Barashkin
8c37e7a2000d795aaad7256950f43c25f2aac67f in linux 5.15.y/5.15.56
0638c98c17aa12fe914459c82cd178247e21fb2b in mainline linux

2 years agodrm/amd/display: Only use depth 36 bpp linebuffers on DCN display engines.
jsg [Fri, 22 Jul 2022 06:18:21 +0000 (06:18 +0000)]
drm/amd/display: Only use depth 36 bpp linebuffers on DCN display engines.

From Mario Kleiner
cded1186f7e930045fb4ee17dbfa6bae41f3882c in linux 5.15.y/5.15.56
add61d3c31de6a4b5e11a2ab96aaf4c873481568 in mainline linux

2 years agodrm/i915: Require the vm mutex for i915_vma_bind()
jsg [Fri, 22 Jul 2022 06:16:07 +0000 (06:16 +0000)]
drm/i915: Require the vm mutex for i915_vma_bind()

From Thomas Hellstrom
a6cecaf058c48c6def2548473d814a2d54cb3667 in linux 5.15.y/5.15.56
c2ea703dcafccf18d7d77d8b68fb08c2d9842b7a in mainline linux

2 years agodrm/i915/uc: correctly track uc_fw init failure
jsg [Fri, 22 Jul 2022 06:13:09 +0000 (06:13 +0000)]
drm/i915/uc: correctly track uc_fw init failure

From Daniele Ceraolo Spurio
60d1bb301ea5a4be3e1071d3d0c179140b270ef8 in linux 5.15.y/5.15.56
35d4efec103e1afde968cfc9305f00f9aceb19cc in mainline linux

2 years agodrm/i915/gt: Serialize TLB invalidates with GT resets
jsg [Fri, 22 Jul 2022 06:10:27 +0000 (06:10 +0000)]
drm/i915/gt: Serialize TLB invalidates with GT resets

From Chris Wilson
86062ca5edf1c2acc4de26452a34ba001e9b6a68 in linux 5.15.y/5.15.56
a1c5a7bf79c1faa5633b918b5c0666545e84c4d1 in mainline linux

2 years agodrm/i915/gt: Serialize GRDOM access between multiple engine resets
jsg [Fri, 22 Jul 2022 06:08:40 +0000 (06:08 +0000)]
drm/i915/gt: Serialize GRDOM access between multiple engine resets

From Chris Wilson
0ee5874dad61d2b154a9e3db196fc33e8208ce1b in linux 5.15.y/5.15.56
b24dcf1dc507f69ed3b5c66c2b6a0209ae80d4d4 in mainline linux

2 years agodrm/i915/dg2: Add Wa_22011100796
jsg [Fri, 22 Jul 2022 06:06:27 +0000 (06:06 +0000)]
drm/i915/dg2: Add Wa_22011100796

From Bruce Chang
f8ba02531476196f44a486df178b4f1fec178234 in linux 5.15.y/5.15.56
154cfae6158141b18d65abb0db679bb51a8294e7 in mainline linux

2 years agodrm/i915/selftests: fix a couple IS_ERR() vs NULL tests
jsg [Fri, 22 Jul 2022 06:04:44 +0000 (06:04 +0000)]
drm/i915/selftests: fix a couple IS_ERR() vs NULL tests

From Dan Carpenter
40c12fc520234b0145bb776f38642507180dfad8 in linux 5.15.y/5.15.56
896dcabd1f8f613c533d948df17408c41f8929f5 in mainline linux

2 years agodrm/i915/gvt: IS_ERR() vs NULL bug in intel_gvt_update_reg_whitelist()
jsg [Fri, 22 Jul 2022 06:02:46 +0000 (06:02 +0000)]
drm/i915/gvt: IS_ERR() vs NULL bug in intel_gvt_update_reg_whitelist()

From Dan Carpenter
f6e3ced9c60f3cab517cfb748572c26576573715 in linux 5.15.y/5.15.56
e87197fbd137c888fd6c871c72fe7e89445dd015 in mainline linux

2 years agodrm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()
jsg [Fri, 22 Jul 2022 06:00:45 +0000 (06:00 +0000)]
drm/i915: fix a possible refcount leak in intel_dp_add_mst_connector()

From Hangyu Hua
505114dda5bbfd07f4ce9a2df5b7d8ef5f2a1218 in linux 5.15.y/5.15.56
85144df9ff4652816448369de76897c57cbb1b93 in mainline linux

2 years agoavoid use after free
jsg [Fri, 22 Jul 2022 05:55:05 +0000 (05:55 +0000)]
avoid use after free
ok deraadt@

2 years agorepair error section; Martin Vahlensieck
deraadt [Thu, 21 Jul 2022 22:45:06 +0000 (22:45 +0000)]
repair error section; Martin Vahlensieck

2 years agosync
deraadt [Thu, 21 Jul 2022 21:42:49 +0000 (21:42 +0000)]
sync

2 years agoAdd support for the new DART variant found on the Apple M2 SoC. Untested,
kettenis [Thu, 21 Jul 2022 18:24:24 +0000 (18:24 +0000)]
Add support for the new DART variant found on the Apple M2 SoC.  Untested,
but hopefully this will encourage someone with the hardware to test a snap.

ok jsg@

2 years agofix dow
deraadt [Thu, 21 Jul 2022 16:51:51 +0000 (16:51 +0000)]
fix dow

2 years ago7.3 packages key
naddy [Thu, 21 Jul 2022 13:47:00 +0000 (13:47 +0000)]
7.3 packages key

2 years agoRelax the config of add-path send and rde evaluate all
claudio [Thu, 21 Jul 2022 12:34:19 +0000 (12:34 +0000)]
Relax the config of add-path send and rde evaluate all

add-path send is kind of like rde evaluate all (at least if plus is used)
and so it kind of implies 'rde evaluate all' in that case. Removing the
check in neighbor_consistent() allows to setup sessions so that 'either or'
are used. This makes sense since peers may opt out of add-path by disabling
the capability on their side.
Based on report from Pier Carlo Chiodi
OK tb@
cvs: ----------------------------------------------------------------------

2 years agoadd 7.3 firmware key
sthen [Thu, 21 Jul 2022 12:31:07 +0000 (12:31 +0000)]
add 7.3 firmware key

2 years agoZap unused global keypair_counter
kn [Thu, 21 Jul 2022 11:26:50 +0000 (11:26 +0000)]
Zap unused global keypair_counter

There since import.

OK sthen

2 years agoMake kr_redistribute() and kroute_insert() AID independent and use
claudio [Thu, 21 Jul 2022 10:22:43 +0000 (10:22 +0000)]
Make kr_redistribute() and kroute_insert() AID independent and use
struct kroute_full. This removes some of the duplicated code.
OK tb@

2 years agoMention veb(4) next to bridge(4)
kn [Thu, 21 Jul 2022 08:00:31 +0000 (08:00 +0000)]
Mention veb(4) next to bridge(4)

OK jmc

2 years agoSet the default pool size for the new anchors pool otherwise it's set to 0.
mbuhl [Thu, 21 Jul 2022 05:26:10 +0000 (05:26 +0000)]
Set the default pool size for the new anchors pool otherwise it's set to 0.

2 years agoMake test table based, extend it a little
tb [Thu, 21 Jul 2022 03:59:04 +0000 (03:59 +0000)]
Make test table based, extend it a little

2 years agosync
deraadt [Thu, 21 Jul 2022 03:29:05 +0000 (03:29 +0000)]
sync

2 years agosync
deraadt [Thu, 21 Jul 2022 03:12:36 +0000 (03:12 +0000)]
sync

2 years ago7.3 base key
deraadt [Thu, 21 Jul 2022 03:07:53 +0000 (03:07 +0000)]
7.3 base key

2 years agoAdd size to free(9) call
kn [Wed, 20 Jul 2022 21:03:10 +0000 (21:03 +0000)]
Add size to free(9) call

Without any later realloactions, size is taken from vnet_dring_alloc().

OK kettenis

2 years agobe a bit more forceful explaining that 'make update' is best effort
espie [Wed, 20 Jul 2022 16:37:49 +0000 (16:37 +0000)]
be a bit more forceful explaining that 'make update' is best effort
and not guaranteed to work (yet useful for porters!)

okay jca@

2 years agoSimplify tlsext_supported_groups_server_parse
tb [Wed, 20 Jul 2022 15:16:06 +0000 (15:16 +0000)]
Simplify tlsext_supported_groups_server_parse

Add an early return in the s->internal->hit case so that we can unindent
a lot of this code. In the HRR case, we do not need to check that the list
of supported groups is unmodified from the first CH. The CH extension
hashing already does that for us.

ok jsing

2 years agomove to 7.2-beta. this gets done very early, to avoid finding out
deraadt [Wed, 20 Jul 2022 15:13:44 +0000 (15:13 +0000)]
move to 7.2-beta.  this gets done very early, to avoid finding out
version number issues close to release

2 years agomove to 7.2-beta. this gets done very early, to avoid finding out
deraadt [Wed, 20 Jul 2022 15:12:38 +0000 (15:12 +0000)]
move to 7.2-beta.  this gets done very early, to avoid finding out
version number issues close to release

2 years agolink ssl_set_alpn_protos to regress
tb [Wed, 20 Jul 2022 14:50:31 +0000 (14:50 +0000)]
link ssl_set_alpn_protos to regress

2 years agoAdd a quick and dirty regress for SSL{_CTX,}_set_alpn_protos()
tb [Wed, 20 Jul 2022 14:50:03 +0000 (14:50 +0000)]
Add a quick and dirty regress for SSL{_CTX,}_set_alpn_protos()

2 years agoThis no longer needs the inet pledge. sysconf(3) was modified to report
claudio [Wed, 20 Jul 2022 14:23:13 +0000 (14:23 +0000)]
This no longer needs the inet pledge. sysconf(3) was modified to report
_POSIX_IPV6 without opening a socket using a method that is allowed by
the vminfo plegde.
OK sthen@ deraadt@

2 years agoDrop some unnecessary parentheses.
tb [Wed, 20 Jul 2022 14:15:50 +0000 (14:15 +0000)]
Drop some unnecessary parentheses.

ok jsing

2 years agoCopy alpn_selected using CBS
tb [Wed, 20 Jul 2022 14:14:34 +0000 (14:14 +0000)]
Copy alpn_selected using CBS

ok jsing

2 years agoCopy alpn_client_proto_list using CBS in SSL_new()
tb [Wed, 20 Jul 2022 14:13:13 +0000 (14:13 +0000)]
Copy alpn_client_proto_list using CBS in SSL_new()

This makes the code both shorter and safer since freeing, allocation,
and copying are handled by CBS_stow() internally.

ok jsing

2 years agoValidate protocols in SSL{_CTX,}_set_alpn_protos()
tb [Wed, 20 Jul 2022 14:08:49 +0000 (14:08 +0000)]
Validate protocols in SSL{_CTX,}_set_alpn_protos()

This wonderful API requires users to pass the protocol list in wire
format. This list is then sent as part of the ClientHello. Validate
it to be of the correct form. This reuses tlsext_alpn_check_format()
that was split out of tlsext_alpn_server_parse().

Similar checks were introduced in OpenSSL 86a90dc7

ok jsing

2 years agoRewrite SSL{_CTX,}_set_alpn_protos() using CBS
tb [Wed, 20 Jul 2022 13:57:49 +0000 (13:57 +0000)]
Rewrite SSL{_CTX,}_set_alpn_protos() using CBS

This simplifies the freeing, assigning and copying of the passed
protocols by replacing all that code with a pair of CBS_init() and
CBS_stow(). In addition, this aligns the behavior with OpenSSL,
which no longer errors on NULL proto or 0 proto_len since 86a90dc7.

ok jsing

2 years agoChange various ALPN related internal struct members
tb [Wed, 20 Jul 2022 13:43:33 +0000 (13:43 +0000)]
Change various ALPN related internal struct members

Change alpn_client_proto_list and alpn_selected from unsigned char *
to uint8_t and change alpn_client_proto_list_len to be a size_t instead
of an unsigned int.

ok jsing

2 years agoFactor out ALPN extension format check
tb [Wed, 20 Jul 2022 13:35:05 +0000 (13:35 +0000)]
Factor out ALPN extension format check

The ALPN extension must contain a non-empty list of protocol names.
Split a check of this out of tlsext_alpn_server_parse() so that it
can be reused elsewhere in the library.

ok jsing

2 years agoCleanup and fix the network code.
claudio [Wed, 20 Jul 2022 12:43:27 +0000 (12:43 +0000)]
Cleanup and fix the network code.

- introduce network_free() to properly free a network struct including
  the possible rtlabel reference.
- change expand_networks() and the reload code to not only expand the
  main network config but also the network configs inside L3VPN sections.
- adjust reload logic to properly match any kind of network struct.
  Up until now rtlabel and priority network statememnts were not correctly
  reloaded.
OK tb@

2 years agosync
tb [Wed, 20 Jul 2022 11:36:53 +0000 (11:36 +0000)]
sync

2 years agobump major due to struct size change on ILP32 architectures
tb [Wed, 20 Jul 2022 11:36:15 +0000 (11:36 +0000)]
bump major due to struct size change on ILP32 architectures

2 years agoRevert zlib.h r1.7
tb [Wed, 20 Jul 2022 11:35:36 +0000 (11:35 +0000)]
Revert zlib.h r1.7

The change from uLong to z_off_t was made due to a bug in gzip(1) which
was fixed by gkoehler in gzopen.c r1.35. The trouble with the z_off_t
change is that it is an ABI break and that it does not play well with
various ffi interfaces. For example, Perl and Rust break on ILP32 arches
with the system zlib.

Run through an i386 bulk by sthen and an i386 regress by bluhm, thanks.

ok bluhm

2 years agoAdd a pool for the allocation of the pf_anchor struct.
mbuhl [Wed, 20 Jul 2022 09:33:11 +0000 (09:33 +0000)]
Add a pool for the allocation of the pf_anchor struct.
It was possible to exhaust kernel memory by repeatedly calling
pfioctl DIOCXBEGIN with different anchor names.
OK bluhm@
Reported-by: syzbot+9dd98cbce69e26f0fc11@syzkaller.appspotmail.com
2 years agoRemove tls_buffer_set_data() and remove/revise callers.
jsing [Wed, 20 Jul 2022 06:32:24 +0000 (06:32 +0000)]
Remove tls_buffer_set_data() and remove/revise callers.

There is no way that tls_buffer_set_data() can currently work in
conjunction with tls_buffer_expand(). This fact is currently hidden by the
way that PHH works, which reads the same data from the record layer (which
it needs to do anyway, since we may not have all of the handshake message
in a single record).

Since this is broken, mop it up and change the PHH callback to not provide
the record data.

ok beck@ tb@

2 years agoCorrect server-side handling of TLSv1.3 key updates.
jsing [Wed, 20 Jul 2022 06:20:44 +0000 (06:20 +0000)]
Correct server-side handling of TLSv1.3 key updates.

The existing code updates the correct secret, however then sets it for the
wrong direction. Fix this, while untangling the code and consistenly using
'read' and 'write' rather than 'local' and 'peer'.

ok beck@ tb@

2 years agothe _pad_ system calls from 2021/12/23 can go away
deraadt [Wed, 20 Jul 2022 05:56:34 +0000 (05:56 +0000)]
the _pad_ system calls from 2021/12/23 can go away
ok guenther

2 years agosync
deraadt [Wed, 20 Jul 2022 05:55:38 +0000 (05:55 +0000)]
sync

2 years agothe _pad_ system calls from 2021/12/23 can go away
deraadt [Wed, 20 Jul 2022 05:55:08 +0000 (05:55 +0000)]
the _pad_ system calls from 2021/12/23 can go away
ok guenther

2 years agossh-keygen: fix touch prompt, pin retries;
djm [Wed, 20 Jul 2022 03:33:22 +0000 (03:33 +0000)]
ssh-keygen: fix touch prompt, pin retries;

part of GHPR329 from Pedro Martelletto

2 years agosk-usbhid: preserve error code returned by key_lookup()
djm [Wed, 20 Jul 2022 03:31:42 +0000 (03:31 +0000)]
sk-usbhid: preserve error code returned by key_lookup()
it conveys useful information, such as the supplied pin being wrong.

Part of GHPR329 from Pedro Martelletto

2 years agocrank SSH_SK_VERSION_MAJOR to match
djm [Wed, 20 Jul 2022 03:29:43 +0000 (03:29 +0000)]
crank SSH_SK_VERSION_MAJOR to match

2 years agowhen enrolling a resident key on a security token, check if a
djm [Wed, 20 Jul 2022 03:29:14 +0000 (03:29 +0000)]
when enrolling a resident key on a security token, check if a
credential with matching application and user ID strings already
exists. if so, prompt the user for confirmation before overwriting
the credential.

patch from Pedro Martelletto via GHPR329

NB. cranks SSH_SK_VERSION_MAJOR, so any third-party FIDO middleware
implementations will need to adjust

2 years agopull passphrase reading and confirmation into a separate function
djm [Wed, 20 Jul 2022 03:13:04 +0000 (03:13 +0000)]
pull passphrase reading and confirmation into a separate function
so it can be used for FIDO2 PINs; no functional change

2 years agoFix up tx ring slot calculations so we store the mbuf and dma map with
jmatthew [Tue, 19 Jul 2022 21:49:22 +0000 (21:49 +0000)]
Fix up tx ring slot calculations so we store the mbuf and dma map with
the last slot of the packet rather than the first slot of the next.

ok dlg@

2 years agozap trailing spaces
tb [Tue, 19 Jul 2022 20:16:50 +0000 (20:16 +0000)]
zap trailing spaces

2 years agofix indent
tb [Tue, 19 Jul 2022 20:15:19 +0000 (20:15 +0000)]
fix indent