openbsd
2 years agodrm/amd/display: Reduce dmesg error to a debug print
jsg [Thu, 7 Apr 2022 07:56:04 +0000 (07:56 +0000)]
drm/amd/display: Reduce dmesg error to a debug print

From Leo (Hanghong) Ma
dab06be16184b087228a55efec878546ffeda491 in linux 5.15.y/5.15.27
1d925758ba1a5d2716a847903e2fd04efcbd9862 in mainline linux

2 years agodrm/i915: s/JSP2/ICP2/ PCH
jsg [Thu, 7 Apr 2022 07:53:31 +0000 (07:53 +0000)]
drm/i915: s/JSP2/ICP2/ PCH

From Ville Syrjala
7508ac360d1e0e6a2b9578226eaffc384b4eb036 in linux 5.15.y/5.15.27
08783aa7693f55619859f4f63f384abf17cb58c5 in mainline linux

2 years agodrm/amd/display: Fix stream->link_enc unassigned during stream removal
jsg [Thu, 7 Apr 2022 07:50:31 +0000 (07:50 +0000)]
drm/amd/display: Fix stream->link_enc unassigned during stream removal

From Nicholas Kazlauskas
10dd26349edf901539d066b866490676cbfad73c in linux 5.15.y/5.15.27
3743e7f6fcb938b7d8b7967e6a9442805e269b3d in mainline linux

2 years agodrm/i915: Disable DRRS on IVB/HSW port != A
jsg [Thu, 7 Apr 2022 07:48:23 +0000 (07:48 +0000)]
drm/i915: Disable DRRS on IVB/HSW port != A

From Ville Syrjala
5c66161cceaabc68912950893394e04c164ef7ad in linux 5.15.y/5.15.27
ee59792c97176f12c1da31f29fc4c2aab187f06e in mainline linux

2 years agodrm/i915/display: Move DRRS code its own file
jsg [Thu, 7 Apr 2022 07:46:04 +0000 (07:46 +0000)]
drm/i915/display: Move DRRS code its own file

From Jose Roberto de Souza
e2b3d1bf6ec3bc4d3687f77731eef349cef54495 in linux 5.15.y/5.15.27
a1b63119ee839c8ff622407aab25c9723943638a in mainline linux

2 years agodrm/i915/display: split out dpt out of intel_display.c
jsg [Thu, 7 Apr 2022 07:39:54 +0000 (07:39 +0000)]
drm/i915/display: split out dpt out of intel_display.c

From Jani Nikula
23eb29281f1e1bc3e33f75186b16c961e62effe6 in linux 5.15.y/5.15.27
dc6d6158a6e8b11a11544a541583296d9323050f in mainline linux

2 years agodrm/amd/display: Update watermark values for DCN301
jsg [Thu, 7 Apr 2022 07:34:02 +0000 (07:34 +0000)]
drm/amd/display: Update watermark values for DCN301

From Agustin Gutierrez
ed4488d8307f282bdf30c333fc028d80d404ff05 in linux 5.15.y/5.15.27
2d8ae25d233767171942a9fba5fd8f4a620996be in mainline linux

2 years agodrm/amd/display: move FPU associated DSC code to DML folder
jsg [Thu, 7 Apr 2022 07:30:54 +0000 (07:30 +0000)]
drm/amd/display: move FPU associated DSC code to DML folder

From Qingqing Zhuo
27e01f10d183cd444eb4a0919934391de4db4ff5 in linux 5.15.y/5.15.27
d738db6883df3e3c513f9e777c842262693f951b in mainline linux

2 years agodrm/amd/display: Use adjusted DCN301 watermarks
jsg [Thu, 7 Apr 2022 07:15:07 +0000 (07:15 +0000)]
drm/amd/display: Use adjusted DCN301 watermarks

From Nikola Cornij
691c0030be65dffc5005bbcdece29f6d65e1eb75 in linux 5.15.y/5.15.27
808643ea56a2f96a42873d5e11c399957d6493aa in mainline linux

2 years agodrm/amdgpu: filter out radeon secondary ids as well
jsg [Thu, 7 Apr 2022 07:13:07 +0000 (07:13 +0000)]
drm/amdgpu: filter out radeon secondary ids as well

From Alex Deucher
2157e509e5b2b21176a9fd33b6035996ef1a2895 in linux 5.15.y/5.15.27
9e5a14bce2402e84251a10269df0235cd7ce9234 in mainline linux

2 years agodrm/amdgpu: filter out radeon PCI device IDs
jsg [Thu, 7 Apr 2022 07:11:21 +0000 (07:11 +0000)]
drm/amdgpu: filter out radeon PCI device IDs

From Alex Deucher
f724a438d986701536d68d29ad2b5248385e35ab in linux 5.15.y/5.15.27
bdbeb0dde4258586bb2f481b12da1e83aa4766f3 in mainline linux

2 years agodrm/amd/display: For vblank_disable_immediate, check PSR is really used
jsg [Thu, 7 Apr 2022 07:08:48 +0000 (07:08 +0000)]
drm/amd/display: For vblank_disable_immediate, check PSR is really used

From Michel Daenzer
35afd8ae1184c5201ccc4d32b80d17dcd87f5bda in linux 5.15.y/5.15.27
4d22336f903930eb94588b939c310743a3640276 in mainline linux

2 years agodrm/amdgpu/display: Only set vblank_disable_immediate when PSR is not enabled
jsg [Thu, 7 Apr 2022 07:08:07 +0000 (07:08 +0000)]
drm/amdgpu/display: Only set vblank_disable_immediate when PSR is not enabled

From Nicholas Kazlauskas
48cf33ee6b04ccd1a188ac692a6f260b3682fe9f in linux 5.15.y/5.15.27
70897848730470cc477d5d89e6222c0f6a9ac173 in mainline linux

2 years agodrm/amdkfd: Check for null pointer after calling kmemdup
jsg [Thu, 7 Apr 2022 06:51:19 +0000 (06:51 +0000)]
drm/amdkfd: Check for null pointer after calling kmemdup

From Jiasheng Jiang
5609b7803947eea1711516dd8659c7ed39f5a868 in linux 5.15.y/5.15.27
abfaf0eee97925905e742aa3b0b72e04a918fa9e in mainline linux

2 years agodrm/atomic: Check new_crtc_state->active to determine if CRTC needs disable in self...
jsg [Thu, 7 Apr 2022 06:49:11 +0000 (06:49 +0000)]
drm/atomic: Check new_crtc_state->active to determine if CRTC needs disable in self refresh mode

From Liu Ying
cd07b19fbf37b96a9885fd6e8545c355dba59ac3 in linux 5.15.y/5.15.27
69e630016ef4e4a1745310c446f204dc6243e907 in mainline linux

2 years agodrm/i915: don't call free_mmap_offset when purging
jsg [Thu, 7 Apr 2022 06:46:27 +0000 (06:46 +0000)]
drm/i915: don't call free_mmap_offset when purging

From Matthew Auld
d3f67ceaeb3f7ddabad1d6e8da29e44fd2634f65 in linux 5.15.y/5.15.27
4c2602ba8d74c35d550ed3d518809c697de08d88 in mainline linux

2 years agodrm/amdgpu: check vm ready by amdgpu_vm->evicting flag
jsg [Thu, 7 Apr 2022 06:44:25 +0000 (06:44 +0000)]
drm/amdgpu: check vm ready by amdgpu_vm->evicting flag

From Qiang Yu
a9c6e02d223e327fa928fab3263aa47b9ba20253 in linux 5.15.y/5.15.27
c1a66c3bc425ff93774fb2f6eefa67b83170dd7e in mainline linux

2 years agodrm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby
jsg [Thu, 7 Apr 2022 06:42:01 +0000 (06:42 +0000)]
drm/amd/pm: correct UMD pstate clocks for Dimgrey Cavefish and Beige Goby

From Evan Quan
4543426cd7b855cde2c3623ede652652b905635c in linux 5.15.y/5.15.27
0136f5844b006e2286f873457c3fcba8c45a3735 in mainline linux

2 years agoMention Allwinner H6
kevlo [Thu, 7 Apr 2022 02:44:51 +0000 (02:44 +0000)]
Mention Allwinner H6

ok jsg@

2 years agoAdd instructions on how to prepare Apple arm64 machines for installing
kettenis [Wed, 6 Apr 2022 23:01:05 +0000 (23:01 +0000)]
Add instructions on how to prepare Apple arm64 machines for installing
OpenBSD.

2 years agoSupport switching from glass console to serial console on systems that
kettenis [Wed, 6 Apr 2022 21:27:03 +0000 (21:27 +0000)]
Support switching from glass console to serial console on systems that
default to glass console.

ok miod@, patrick@

2 years agoconstify struct cfattach
naddy [Wed, 6 Apr 2022 18:59:26 +0000 (18:59 +0000)]
constify struct cfattach

2 years agoAvoid traversing SLIST twice to remove a link.
krw [Wed, 6 Apr 2022 17:39:13 +0000 (17:39 +0000)]
Avoid traversing SLIST twice to remove a link.

From millert@

2 years ago- document where dependency tree is built
espie [Wed, 6 Apr 2022 14:15:27 +0000 (14:15 +0000)]
- document where dependency tree is built
- remove future code that was never used.
- reformat

2 years agoRecognize LUN 0 device if SID_QUAL_LU_OFFLINE and T_NODEVICE are
krw [Wed, 6 Apr 2022 13:23:58 +0000 (13:23 +0000)]
Recognize LUN 0 device if SID_QUAL_LU_OFFLINE and T_NODEVICE are
true. This enables the discovery and probing of other LUNs the
target has to offer.

Add uk* to amd64 RAMDISK_CD so such devices are configured.

Allows bsd.rd as well as bsd[.mp] to boot on Oracle Cloud amd64
instances.

Issue reported by Ryan Kavanagh and Scott Nicholas via bugs@.

Original diff and much subsequent testing by Scott. Thanks!

ok dlg@ jmatthew@

2 years agore-enable POOL_DEBUG
naddy [Tue, 5 Apr 2022 18:38:07 +0000 (18:38 +0000)]
re-enable POOL_DEBUG

2 years agoZap emacs version in the pkg_add example
jca [Tue, 5 Apr 2022 18:07:46 +0000 (18:07 +0000)]
Zap emacs version in the pkg_add example

Instead of updating/forgetting the emacs version at each release cycle.
ok tb@ deraadt@

2 years agobump emacs version so the pkg_add example works
tb [Tue, 5 Apr 2022 16:28:59 +0000 (16:28 +0000)]
bump emacs version so the pkg_add example works

ok deraadt

2 years agoback to working on 7.1-current
deraadt [Tue, 5 Apr 2022 16:25:30 +0000 (16:25 +0000)]
back to working on 7.1-current

2 years agodisable pool debug for release
deraadt [Tue, 5 Apr 2022 15:14:59 +0000 (15:14 +0000)]
disable pool debug for release

2 years agosync
deraadt [Tue, 5 Apr 2022 15:08:00 +0000 (15:08 +0000)]
sync

2 years agoadd 7.2 firmware public key, ok deraadt
sthen [Tue, 5 Apr 2022 09:48:52 +0000 (09:48 +0000)]
add 7.2 firmware public key, ok deraadt

2 years agoadd 7.2 syspatch public key
robert [Tue, 5 Apr 2022 06:20:47 +0000 (06:20 +0000)]
add 7.2 syspatch public key

2 years agoFix two missing checks in the SIA extension
tb [Tue, 5 Apr 2022 03:56:20 +0000 (03:56 +0000)]
Fix two missing checks in the SIA extension

Make sure that the caRepository and rpkiManifest are present before
calling strstr on them. Also check that the extension is not critical.

ok claudio deraadt

2 years agoNew day is a Thursday
tb [Tue, 5 Apr 2022 03:49:27 +0000 (03:49 +0000)]
New day is a Thursday

please fix deraadt

2 years agoopenssh-9.0
djm [Mon, 4 Apr 2022 22:45:25 +0000 (22:45 +0000)]
openssh-9.0

2 years agomove release date a little
deraadt [Mon, 4 Apr 2022 21:16:47 +0000 (21:16 +0000)]
move release date a little

2 years agowscons: const-ify font encoding mappings
naddy [Mon, 4 Apr 2022 19:53:15 +0000 (19:53 +0000)]
wscons: const-ify font encoding mappings

ok miod@

2 years agoAdjust cache cleanup to the deficits of RRDP. Unlike rysnc, RRDP has no
claudio [Mon, 4 Apr 2022 16:02:54 +0000 (16:02 +0000)]
Adjust cache cleanup to the deficits of RRDP. Unlike rysnc, RRDP has no
method to sync the cache. It just depends on all deltas to work but has
no method to check if the result is consistent with the source.
Because of this do not unlink files which were fetched via RRDP. Instead
move them back to their .rrdp directory and hope the will be cleaned up.
This should help to keep the cache coherent in some edge cases.
OK tb@

2 years agoAs a hack, use CD_SKIPHIBERNATE. For 2.0, our TPM lifecycle management
deraadt [Mon, 4 Apr 2022 15:46:45 +0000 (15:46 +0000)]
As a hack, use CD_SKIPHIBERNATE.  For 2.0, our TPM lifecycle management
is improper, and some chips are more sensitive to this than others.  In an
unhibernate situation, /bsd.booted will 'suspend' the TPM, then jump directly
into unhib /bsd, which 'resumes' it.  This is wrong because the lifecycle is
supposed to be more like suspend->BIOS->resume.  This is a hack until we figure
out how to fix the lifecycle.
from claudio, ok dv

2 years agoChange from a dynamic allocation for the process list to a static
claudio [Mon, 4 Apr 2022 13:47:58 +0000 (13:47 +0000)]
Change from a dynamic allocation for the process list to a static
array because the maximum size. The number of processes was already
limited by stopping to poll for new commands but this enforces it
even more. With this remove the FIXME comment since it is no longer
true.
OK tb@

2 years agoRemove outdated XXX comment. This got fixed in January.
claudio [Mon, 4 Apr 2022 13:45:02 +0000 (13:45 +0000)]
Remove outdated XXX comment. This got fixed in January.

2 years agoRemove two more FIXMEs: to get there, we rely on the OID already.
tb [Mon, 4 Apr 2022 13:15:11 +0000 (13:15 +0000)]
Remove two more FIXMEs: to get there, we rely on the OID already.

ok claudio

2 years agopf_validate_range() must not assume rdr ports are in network order.
sashan [Mon, 4 Apr 2022 12:57:36 +0000 (12:57 +0000)]
pf_validate_range() must not assume rdr ports are in network order.
bug found and reported by Kurt (kmos@).

OK bluhm@

2 years agorpki-client: remove a stale FIXME
tb [Mon, 4 Apr 2022 12:11:54 +0000 (12:11 +0000)]
rpki-client: remove a stale FIXME

We fixed this back in January when we added rtype_from_mftfile().

ok claudio

2 years agoInclude license rather than referring to it. Text from
tb [Mon, 4 Apr 2022 11:42:12 +0000 (11:42 +0000)]
Include license rather than referring to it. Text from
https://chromium.googlesource.com/chromium/src/+/refs/heads/main/LICENSE

2 years agoReplace KASSERT in uvm_fault_unwire_locked() with code that handles the
kettenis [Mon, 4 Apr 2022 09:27:05 +0000 (09:27 +0000)]
Replace KASSERT in uvm_fault_unwire_locked() with code that handles the
case where not all pages are wired.  The KASSERT can be triggered in
multi-threaded applications when a thread calling munmap(2) races another
thread that invokes sysctl(2).  Properly written code shouldn't do this,
but making the kernel crash in this case is a bit harsh.

ok gezdo@, deraadt@

Fixes:
Reported-by: syzbot+e8310909e2910c9cca08@syzkaller.appspotmail.com
2 years agoPrepare for next release.
claudio [Mon, 4 Apr 2022 08:37:35 +0000 (08:37 +0000)]
Prepare for next release.

2 years agoPrepare for new release.
claudio [Mon, 4 Apr 2022 08:36:51 +0000 (08:36 +0000)]
Prepare for new release.

2 years agoAdd support for the CP115 block found on Marvell CN9K SoCs.
patrick [Sun, 3 Apr 2022 20:23:45 +0000 (20:23 +0000)]
Add support for the CP115 block found on Marvell CN9K SoCs.

ok kettenis@

2 years agoAdd support for the AP807 block found on Marvell CN9K SoCs. The fixed
patrick [Sun, 3 Apr 2022 20:23:14 +0000 (20:23 +0000)]
Add support for the AP807 block found on Marvell CN9K SoCs.  The fixed
clocks are the same as AP806, so we can use the same code.

ok kettenis@

2 years agoInitialize the mutex before making us of it from many threads. Prevents
anton [Sun, 3 Apr 2022 16:52:50 +0000 (16:52 +0000)]
Initialize the mutex before making us of it from many threads. Prevents
a race in which one thread is currently initializing the mutex which is
not an atomic operation whereas another thread tries to use it too
early.

With and ok schwarze@

2 years agoUpdate an old comment
mlarkin [Sat, 2 Apr 2022 22:45:18 +0000 (22:45 +0000)]
Update an old comment

The old comment only mentioned that tty_nmea was used for time, but
subsequently position data was added to this line discipline.

2 years agowhitespace fix
mlarkin [Sat, 2 Apr 2022 22:43:01 +0000 (22:43 +0000)]
whitespace fix

2 years agoAdd a paranoia/future proofing check for link->pool == NULL to
krw [Sat, 2 Apr 2022 17:25:10 +0000 (17:25 +0000)]
Add a paranoia/future proofing check for link->pool == NULL to
the SDEV_OWN_IOPL flag check.

Ambiguous/inconsistant code pointed out by Coverity #1515557.

2 years agoDon't byte swap URE_TXPKT_VLAN_TAG when setting up the packet to transmit.
sthen [Sat, 2 Apr 2022 15:35:06 +0000 (15:35 +0000)]
Don't byte swap URE_TXPKT_VLAN_TAG when setting up the packet to transmit.
Fixes vlan transmission with hw tagging (problem seen on RTL8153B but there's
no reason this wouldn't apply to others) and matches what the Linux driver
is doing.  looks correct kettenis@ ok kevlo@

2 years agoBring back r1.247, using scsi_detach_link() to release
krw [Sat, 2 Apr 2022 13:57:39 +0000 (13:57 +0000)]
Bring back r1.247, using scsi_detach_link() to release
a partially configured struct scsi_link.

Problematic code path found by jungle Boogie was plugged
by r1.249.

2 years agoAdjust test code after addition of cert_parse_pre and change to cert_parse
claudio [Sat, 2 Apr 2022 12:23:20 +0000 (12:23 +0000)]
Adjust test code after addition of cert_parse_pre and change to cert_parse
and ta_parse.
Reminder from tb@

2 years agoAdd preliminary support for RTL8156B and bug fixes for RTL8153/RTL8156.
kevlo [Sat, 2 Apr 2022 12:22:56 +0000 (12:22 +0000)]
Add preliminary support for RTL8156B and bug fixes for RTL8153/RTL8156.

ok stsp@

Tested:
RTL8152  (0x4c10): jmatthew, Marcus Merighi
RTL8153  (0x5c10): Yifei Zhan
RTL8153  (0x5c20): James Jerkins, Paul de Weerd, stsp
RTL8153  (0x5c30): gerhard, sthen
RTL8153B (0x6010): Paul de Weerd

2 years agoSplit certificate parsing in two steps. cert_parse_pre() which does
claudio [Sat, 2 Apr 2022 12:17:53 +0000 (12:17 +0000)]
Split certificate parsing in two steps. cert_parse_pre() which does
the parse and some checks and cert_parse() or ta_parse() to do the
additional checks for regular certs or TAs.
With this adjust the cert parser in -f mode to identify TAs (by checking
if it is self signed) and adjust the validation in that case. Now -f
should be able to parse and show all object correctly.
With and OK tb@

2 years agoAdd dmamap syncs for rings and mbufs, fixing occasional errors seen
jmatthew [Sat, 2 Apr 2022 09:00:45 +0000 (09:00 +0000)]
Add dmamap syncs for rings and mbufs, fixing occasional errors seen
on a rockpro64, where dma is less coherent than on typical amd64 systems.

with and ok dlg@

2 years agomatch on Intel 300 Series audio (0xa348)
jsg [Fri, 1 Apr 2022 22:37:21 +0000 (22:37 +0000)]
match on Intel 300 Series audio (0xa348)

on a Dell G3 3590 the audio device is subclass audio not hd audio
so azalia does not match

should fix azalia not attaching reported by Adriano Barbosa

2 years agoChange x509_get_aki(), x509_get_ski(), x509_get_aia(), and x509_get_crl()
claudio [Fri, 1 Apr 2022 17:22:07 +0000 (17:22 +0000)]
Change x509_get_aki(), x509_get_ski(), x509_get_aia(), and x509_get_crl()
to work more like x509_get_expire(). They will return an error if the
extension extraction failed but not if it was not present. The callers
must now do that check but most did already.
With this cert_parse_inner() no longer cares about TA vs non-TA certs.
Feedback and OK tb@

2 years agoMove the TA specific checks from cert_parse_inner() to ta_parse() and
claudio [Fri, 1 Apr 2022 13:27:38 +0000 (13:27 +0000)]
Move the TA specific checks from cert_parse_inner() to ta_parse() and
the regular cert checks from cert_parse_inner() to cert_parse().
OK tb@

2 years agoDon't print "You may wish to update your font path" at pkg_add time
sthen [Fri, 1 Apr 2022 10:14:17 +0000 (10:14 +0000)]
Don't print "You may wish to update your font path" at pkg_add time
for paths which are under /usr/local/share/fonts.

In most cases only fontconfig is relevant and this automatically
searches subdirectories, so user changes are not often needed any more.

The case where they might be needed is for server-side bit-map fonts
(managed via 'xset fp' or 'fontpath' in /etc/X11/xorg.conf) but this is
not common any more (most fonts in ports are not bit-map anyway) and
this gets rid of some cases of pkg_add messages which the user does
not need to act upon.

ok landry@ matthieu@ and I think there were some others

2 years agoAdd missing command in description.
ajacoutot [Fri, 1 Apr 2022 10:13:35 +0000 (10:13 +0000)]
Add missing command in description.

from Matthew Martin

2 years agoPreserve CRLF flag when respawning.
nicm [Fri, 1 Apr 2022 10:11:59 +0000 (10:11 +0000)]
Preserve CRLF flag when respawning.

2 years agoFix error message from d2i_X509_bio() to d2i_X509()
tb [Fri, 1 Apr 2022 10:00:41 +0000 (10:00 +0000)]
Fix error message from d2i_X509_bio() to d2i_X509()

ok claudio

2 years agomissing full stop;
jmc [Thu, 31 Mar 2022 21:43:38 +0000 (21:43 +0000)]
missing full stop;

2 years agoIf we've created multiple queues, set up an RSS key and indirection table
jmatthew [Thu, 31 Mar 2022 21:41:17 +0000 (21:41 +0000)]
If we've created multiple queues, set up an RSS key and indirection table
to distribute received packets across the queues.

ok dlg@

2 years agoImplement support for multiple dies. This should make OpenBSD work on the
kettenis [Thu, 31 Mar 2022 18:47:04 +0000 (18:47 +0000)]
Implement support for multiple dies.  This should make OpenBSD work on the
M1 Ultra.

ok patrick@

2 years agossh: document sntrup761x25519-sha512@openssh.com as default KEX
naddy [Thu, 31 Mar 2022 17:58:44 +0000 (17:58 +0000)]
ssh: document sntrup761x25519-sha512@openssh.com as default KEX

2 years agoman pages: fix some typos found while looking for other issues
naddy [Thu, 31 Mar 2022 17:30:05 +0000 (17:30 +0000)]
man pages: fix some typos found while looking for other issues

2 years agoman pages: add missing commas between subordinate and main clauses
naddy [Thu, 31 Mar 2022 17:27:13 +0000 (17:27 +0000)]
man pages: add missing commas between subordinate and main clauses

jmc@ dislikes a comma before "then" in a conditional, so leave those
untouched.

ok jmc@

2 years agoon-ramdisk firmware extraction can overflow the install-media directory
deraadt [Thu, 31 Mar 2022 16:16:09 +0000 (16:16 +0000)]
on-ramdisk firmware extraction can overflow the install-media directory
because of the the tar+mv combination.  Purge both path variations
better, so that an interrupted install can be restarted.
ok miod abieber kettenis

2 years agoRemove duplicate scsi devices.
krw [Thu, 31 Mar 2022 14:44:49 +0000 (14:44 +0000)]
Remove duplicate scsi devices.

ok miod@ deraadt@

2 years agoFix leak in ASN1_TIME_adj_internal()
tb [Thu, 31 Mar 2022 13:04:47 +0000 (13:04 +0000)]
Fix leak in ASN1_TIME_adj_internal()

p is allocated by asprintf() in one of the *_from_tm() functions, so
it needs to be freed as in the other error path below.

CID 346194

ok jsing

2 years agoSimplify priv_key handling in d2i_ECPrivateKey()
tb [Thu, 31 Mar 2022 13:00:58 +0000 (13:00 +0000)]
Simplify priv_key handling in d2i_ECPrivateKey()

d2i_EC_PRIVATEKEY() can handle the allocation of priv_key internally,
no need to do this up front and reach it through the dangerous reuse
mechanism. There's also no point in freeing a variable we know to be
NULL.

ok jsing

2 years agoSync & permit ASPA objects to appear on Manifests
job [Thu, 31 Mar 2022 12:00:00 +0000 (12:00 +0000)]
Sync & permit ASPA objects to appear on Manifests

OK tb@ claudio@

2 years agoCheck EVPDigest* return values.
tb [Thu, 31 Mar 2022 09:36:09 +0000 (09:36 +0000)]
Check EVPDigest* return values.

CID 351293

2 years ago'e' is no longer an optional element for ober_scanf_elements.
martijn [Thu, 31 Mar 2022 09:06:55 +0000 (09:06 +0000)]
'e' is no longer an optional element for ober_scanf_elements.
This caused the last attribute to be dropped.

Reported by Allan Streib (astreib <at> fastmail <dot> fm)
Reminded by Raf Czlonka (rczlonka <at> gmail <dot> com)
OK tb@ claudio@

2 years ago'e' is no longer an optional element for ober_scanf_elements.
martijn [Thu, 31 Mar 2022 09:05:15 +0000 (09:05 +0000)]
'e' is no longer an optional element for ober_scanf_elements.
This caused the last attribute to be dropped.

Reported by Allan Streib (astreib <at> fastmail <dot> fm)
Reminded by Raf Czlonka (rczlonka <at> gmail <dot> com)
OK tb@ claudio@

2 years ago'e' is no longer an optional element for ober_scanf_elements.
martijn [Thu, 31 Mar 2022 09:03:48 +0000 (09:03 +0000)]
'e' is no longer an optional element for ober_scanf_elements.
This caused the last attribute to be dropped.

Reported by Allan Streib (astreib <at> fastmail <dot> fm)
Reminded by Raf Czlonka (rczlonka <at> gmail <dot> com)
OK tb@ claudio@

2 years agoregression test for sftp cp command
djm [Thu, 31 Mar 2022 03:07:33 +0000 (03:07 +0000)]
regression test for sftp cp command

2 years agoadd a sftp client "cp" command that supports server-side copying
djm [Thu, 31 Mar 2022 03:07:03 +0000 (03:07 +0000)]
add a sftp client "cp" command that supports server-side copying
of files. Useful for this task and for testing the copy-data
extension. Patch from Mike Frysinger; ok dtucker@

2 years agoadd support for the "corp-data" protocol extension to allow
djm [Thu, 31 Mar 2022 03:05:49 +0000 (03:05 +0000)]
add support for the "corp-data" protocol extension to allow
server-side copies to be performed without having to go via
the client. Patch by Mike Frysinger, ok dtucker@

2 years agoMove knote_processexit() call from exit1() to the reaper().
millert [Thu, 31 Mar 2022 01:41:22 +0000 (01:41 +0000)]
Move knote_processexit() call from exit1() to the reaper().
This fixes a problem where NOTE_EXIT could be received before
the process was officially a zombie and thus not immediately
waitable.  OK deraadt@ visa@

2 years agoselect post-quantum KEX sntrup761x25519-sha512@openssh.com as the
djm [Wed, 30 Mar 2022 21:13:23 +0000 (21:13 +0000)]
select post-quantum KEX sntrup761x25519-sha512@openssh.com as the
default; ok markus@

2 years agofix poll() spin when a channel's output fd closes without data in the
djm [Wed, 30 Mar 2022 21:10:25 +0000 (21:10 +0000)]
fix poll() spin when a channel's output fd closes without data in the
channel buffer. Introduce more exact packing of channel fds into the
pollfd array. fixes bz3405 and bz3411; ok deraadt@ markus@

2 years agoMention constification of *_hw_if (files forgotten during constification
miod [Wed, 30 Mar 2022 19:03:20 +0000 (19:03 +0000)]
Mention constification of *_hw_if (files forgotten during constification
commit)

2 years agoSimplify up_generate_updates()
tb [Wed, 30 Mar 2022 16:06:32 +0000 (16:06 +0000)]
Simplify up_generate_updates()

Instead of using new == NULL or new != NULL in combination with an again
label to steer the control flow of this function, switch to using a while
loop and break/continue/return. Simplified version of a diff by claudio.

ok claudio

2 years agoAdd a simple test to ensure that pmeth->cleanup() can cope with NULL
tb [Wed, 30 Mar 2022 08:57:26 +0000 (08:57 +0000)]
Add a simple test to ensure that pmeth->cleanup() can cope with NULL
pkey_ctx->data.

2 years agoAvoid segfaults in EVP_PKEY_CTX_free()
tb [Wed, 30 Mar 2022 07:17:48 +0000 (07:17 +0000)]
Avoid segfaults in EVP_PKEY_CTX_free()

It is possible to call pmeth->cleanup() with an EVP_PKEY_CTX whose data
is NULL. If pmeth->init() in int_ctx_new() fails, EVP_PKEY_CTX_free() is
called with such a context. This in turn calls pmeth->cleanup(), and thus
these cleanup functions must be careful not to use NULL data.  Most of
them are, but one of GOST's functions and HMAC's aren't.

Reported for HMAC by Masaru Masada
https://github.com/libressl-portable/openbsd/issues/129

ok bcook jsing

2 years agopkey_hmac_init(): use calloc()
tb [Wed, 30 Mar 2022 07:12:30 +0000 (07:12 +0000)]
pkey_hmac_init(): use calloc()

Instead of using malloc() and setting most struct members to 0,
simply use calloc().

ok bcook jsing

2 years agoCapture up to used size not available size for each line.
nicm [Wed, 30 Mar 2022 07:05:26 +0000 (07:05 +0000)]
Capture up to used size not available size for each line.

2 years agoRemove double slash in path to test program.
anton [Wed, 30 Mar 2022 05:22:31 +0000 (05:22 +0000)]
Remove double slash in path to test program.

2 years agoFlag the kq-tun regress test as skipped as opposed of only mentioning it
anton [Wed, 30 Mar 2022 05:11:52 +0000 (05:11 +0000)]
Flag the kq-tun regress test as skipped as opposed of only mentioning it
in a comment. Allows my own regress runner (and bluhm's) to highlight
kqueue as having skipped tests.

While here, get rid of redundant usage of phony.

2 years agossh is almost out of getopt() characters; note the remaining
djm [Wed, 30 Mar 2022 04:33:09 +0000 (04:33 +0000)]
ssh is almost out of getopt() characters; note the remaining
remaining available ones in a comment

2 years agoavoid NULL deref via ssh-keygen -Y find-principals. bz3409, reported
djm [Wed, 30 Mar 2022 04:27:51 +0000 (04:27 +0000)]
avoid NULL deref via ssh-keygen -Y find-principals. bz3409, reported
by Mateusz Adamowski

2 years agoIf enough MSI-X vectors are available, set up multiple tx and rx queues.
jmatthew [Wed, 30 Mar 2022 00:25:27 +0000 (00:25 +0000)]
If enough MSI-X vectors are available, set up multiple tx and rx queues.
In multi-vector mode, the MSI-X vector number is the same as the irq number
on the nic, so use vector/irq 0 for link interrupts, then assign one to
each pair of rx and tx queues.  We don't configure RSS yet, so packets
will only be received on the first queue, but they can be transmitted on
any queue.

ok dlg@