openbsd
14 months agocomplete documentation for ALL_DISTFILES/ALL_PATCHFILES and the
espie [Mon, 4 Sep 2023 12:40:44 +0000 (12:40 +0000)]
complete documentation for ALL_DISTFILES/ALL_PATCHFILES and the
new warning message

14 months agoDon't surround by "" at much as possible.
yasuoka [Mon, 4 Sep 2023 12:28:18 +0000 (12:28 +0000)]
Don't surround by "" at much as possible.

14 months agoGC old code that was originally implemented to facilitate adoption by
espie [Mon, 4 Sep 2023 11:35:11 +0000 (11:35 +0000)]
GC old code that was originally implemented to facilitate adoption by
other BSDs, which never happened, so make things simpler for further
development.

Ditches config.h entirely since it gets reduced to 2 defines.

okay tb@

14 months agoSpecify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).
yasuoka [Mon, 4 Sep 2023 10:50:52 +0000 (10:50 +0000)]
Specify SOCK_NONBLOCK for socketpair(2) instead of fcntl(2).

14 months agoDon't return an extra OK message. Also call module_destroy() when
yasuoka [Mon, 4 Sep 2023 10:49:20 +0000 (10:49 +0000)]
Don't return an extra OK message.  Also call module_destroy() when
exit(3).

14 months agoGenerate Ed25519 keys when invoked without arguments
job [Mon, 4 Sep 2023 10:29:58 +0000 (10:29 +0000)]
Generate Ed25519 keys when invoked without arguments

Ed25519 public keys are very convenient due to their small size.
OpenSSH has supported Ed25519 since version 6.5 (January 2014).

OK djm@ markus@ sthen@ deraadt@

14 months agoMake wp_local.h and cmll_local.h self-standing
tb [Mon, 4 Sep 2023 08:43:41 +0000 (08:43 +0000)]
Make wp_local.h and cmll_local.h self-standing

14 months agounbreak build with llvm-16 by including sys/types.h for __BEGIN_HIDDEN_DECLS
robert [Mon, 4 Sep 2023 08:36:48 +0000 (08:36 +0000)]
unbreak build with llvm-16 by including sys/types.h for __BEGIN_HIDDEN_DECLS

/usr/src/lib/libcrypto/whrlpool/wp_local.h:5:1: error: unknown type name '__BEGIN_HIDDEN_DECLS'

ok tb@

14 months agoSkip wrapped lines in top level search loop because they will be
nicm [Mon, 4 Sep 2023 08:01:43 +0000 (08:01 +0000)]
Skip wrapped lines in top level search loop because they will be
combined in the inner loop (in window_copy_search_rl_regex and the
others), avoids searching the same text multiple times. Also add a line
length limit for regex searches. GitHub issue 3675.

14 months agotrigger keystroke timing obfucation only if the channels layer enqueud
djm [Mon, 4 Sep 2023 00:08:14 +0000 (00:08 +0000)]
trigger keystroke timing obfucation only if the channels layer enqueud
some data in the last poll() cycle; this avoids triggering the
obfuscatior for non-channels data like ClientAlive probes and also
fixes a related problem were the obfucations would be triggered on
fully quiescent connections.

Based on / tested by naddy@

14 months agoavoid bogus "obfuscate_keystroke_timing: stopping ..." debug
djm [Mon, 4 Sep 2023 00:04:02 +0000 (00:04 +0000)]
avoid bogus "obfuscate_keystroke_timing: stopping ..." debug
messages when keystroke timing obfuscation was never started;
spotted by naddy@

14 months agomake channel_output_poll() return a flag indicating whether channel
djm [Mon, 4 Sep 2023 00:01:46 +0000 (00:01 +0000)]
make channel_output_poll() return a flag indicating whether channel
data was enqueued. Will be used to improve keystroke timing
obfuscation. Problem spotted by / tested by naddy@

14 months agoset interactive mode for ControlPersist sessions if they originally
djm [Sun, 3 Sep 2023 23:59:32 +0000 (23:59 +0000)]
set interactive mode for ControlPersist sessions if they originally
requested a tty; enables keystroke timing obfuscation for most
ControlPersist sessions. Spotted by naddy@

14 months agoAllow UDP for built-in inetd(8) services on 127.0.0.1.
bluhm [Sun, 3 Sep 2023 22:01:00 +0000 (22:01 +0000)]
Allow UDP for built-in inetd(8) services on 127.0.0.1.

This restriction was added in year 2000 due to IPv6 compatible and
mapped addresses.  Nowadays our kernel does not support these IPv6
features and blocks localhost addresses on non-loopback interfaces.
Make IPv4 127.0.0.1/8 and IPv6 ::1 behave identically and provide
local services if configured.

OK mvs@ deraadt@

14 months agosync perl syscall emulator header
bluhm [Sun, 3 Sep 2023 21:46:52 +0000 (21:46 +0000)]
sync perl syscall emulator header

14 months agoAvoid a useless increment and decrement of the tcp syn cache refcount
bluhm [Sun, 3 Sep 2023 21:37:17 +0000 (21:37 +0000)]
Avoid a useless increment and decrement of the tcp syn cache refcount
by unexpanding the SYN_CACHE_TIMER_ARM() macro in the timer callback.
OK mvs@

14 months agoDocument rdomain-related behaviour of dhcpd(8).
stsp [Sun, 3 Sep 2023 20:19:13 +0000 (20:19 +0000)]
Document rdomain-related behaviour of dhcpd(8).

ok jmc

14 months agoif UNLOCK_CMD is a user settings, so is LOCK_CMD !
espie [Sun, 3 Sep 2023 12:24:16 +0000 (12:24 +0000)]
if UNLOCK_CMD is a user settings, so is LOCK_CMD !

14 months agogc ancient stuff
espie [Sun, 3 Sep 2023 12:22:21 +0000 (12:22 +0000)]
gc ancient stuff
point people to pkg_create wrt FULLPKGNAME

14 months agoShuffle the order in which Manifest entries are processed
job [Sun, 3 Sep 2023 10:48:50 +0000 (10:48 +0000)]
Shuffle the order in which Manifest entries are processed

Previously work items were enqueued in the order the CA intended them
to appear on a Manifest. However, there is no obvious benefit to letting
third parties decide the order in which things are processed.

Instead, randomize: ordering has no meaning anyway, and the number of
concurrent repository synchronization operations is limited & timeboxed.
As they say, a fox is not taken twice in the same snare

OK tb@

14 months agoLet builtin process names be stored in maps as string.
mpi [Sun, 3 Sep 2023 10:26:35 +0000 (10:26 +0000)]
Let builtin process names be stored in maps as string.

ok dv@

14 months agoUse EVBUFFER_DATA instead of reaching into struct evbuffer. ok tb
nicm [Sun, 3 Sep 2023 10:22:03 +0000 (10:22 +0000)]
Use EVBUFFER_DATA instead of reaching into struct evbuffer. ok tb

14 months agoUse EVBUFFER_DATA instead of reaching into struct evbuffer. ok tb
nicm [Sun, 3 Sep 2023 10:18:18 +0000 (10:18 +0000)]
Use EVBUFFER_DATA instead of reaching into struct evbuffer. ok tb

14 months agovmm(4): Suppress AMD HwPstate visibility to guests
mlarkin [Sun, 3 Sep 2023 09:30:43 +0000 (09:30 +0000)]
vmm(4): Suppress AMD HwPstate visibility to guests

On newer Ryzen/EPYC, we need to hide the HwPstate CPUID 80000007:EDX
field for HwPstate, or guests will try to access the MSRs associated
with those, and that will fail with #GP.

ok deraadt

14 months agoReplace perl's use of syscall(2) with a dispatcher to libc
afresh1 [Sun, 3 Sep 2023 01:43:09 +0000 (01:43 +0000)]
Replace perl's use of syscall(2) with a dispatcher to libc

This removes the ability to do direct syscalls from perl, instead calling
the appropriate libc functions.

Currently we generate the dispatcher via a perl script duing build.

requested by deraadt@

nits from espie@
education from miod@
infrastructure fixes from sthen@
many improvements and ok gkoehler@
Please commit soon.  OK bluhm@

14 months agoZero initialize Perl AV elements after unshift and resize.
bluhm [Sun, 3 Sep 2023 00:48:54 +0000 (00:48 +0000)]
Zero initialize Perl AV elements after unshift and resize.

https://github.com/Perl/perl5/issues/21235
https://github.com/Perl/perl5/pull/21265
https://github.com/Perl/perl5/commit/9e298ab597b2c6fc0741749d7e29119e2d6cd628

Bug reported by Anton Borowka.  Fix from upstream Perl.  OK afresh1@

14 months agoAdapt tlb flush calls following arm64/pmap.c
jca [Sun, 3 Sep 2023 00:23:25 +0000 (00:23 +0000)]
Adapt tlb flush calls following arm64/pmap.c

1. in pmap_enter() no need to call tlb_flush_page() if we don't actually
insert a pted
2. all callers of pmap_pte_remove() already call tlb_flush_page()

This seems to result in some performance improvement (18mn -> 17mn15)
while building libc on a Hifive Unmatched).  Also zap whitespace and
useless comments to further reduce the diff with arm64/pmap.c

ok kettenis@

14 months agoInline PTED_* functions and actually use PTED_WIRED()
jca [Sun, 3 Sep 2023 00:15:46 +0000 (00:15 +0000)]
Inline PTED_* functions and actually use PTED_WIRED()

As noted by drahn@ the compiler did inline said functions, but it also
provided them as unused symbols.

ok miod@ mlarkin@ kettenis@

14 months agopmap_page_protect() should not unmap pages after making them readonly.
jca [Sun, 3 Sep 2023 00:03:30 +0000 (00:03 +0000)]
pmap_page_protect() should not unmap pages after making them readonly.

This brings riscv64/pmap.c in line with arm64/pmap.c, original fix by
drahn@

ok miod@ kettenis@ mlarkin@

14 months agoRequest terminal colours again on SIGWINCH but at most once every 30
nicm [Sat, 2 Sep 2023 20:03:10 +0000 (20:03 +0000)]
Request terminal colours again on SIGWINCH but at most once every 30
seconds, GitHub issue 3582.

14 months agobtrace(8): allow empty statements in probes.
dv [Sat, 2 Sep 2023 19:28:46 +0000 (19:28 +0000)]
btrace(8): allow empty statements in probes.

Allows for probes like `BEGIN {}`, in parity with bpftrace.

Also fixes an incorrect syntax error parsing argN builtins in
subsequent probes after an empty BEGIN block.

ok mpi@

14 months agoMake sure cert_type is not 0 to prevent leak of certid->id_buf.
tobhe [Sat, 2 Sep 2023 18:36:30 +0000 (18:36 +0000)]
Make sure cert_type is not 0 to prevent leak of certid->id_buf.

Found by David Linder
ok patrick@

14 months agoRemove unneccessary id == NULL check after dereferencing it. id can never
tobhe [Sat, 2 Sep 2023 18:16:02 +0000 (18:16 +0000)]
Remove unneccessary id == NULL check after dereferencing it. id can never
be NULL here.

Found by tb@

14 months agodocument ALL_DISTFILES and ALL_PATCHFILES
espie [Sat, 2 Sep 2023 17:19:57 +0000 (17:19 +0000)]
document ALL_DISTFILES and ALL_PATCHFILES

14 months agobtrace(8): fix probe builtin in BEGIN/END.
dv [Sat, 2 Sep 2023 15:16:12 +0000 (15:16 +0000)]
btrace(8): fix probe builtin in BEGIN/END.

Resolves segfaults when using probe within BEGIN or END.

ok mpi@

14 months agoFix comment about skipped interfaces
kn [Sat, 2 Sep 2023 10:18:45 +0000 (10:18 +0000)]
Fix comment about skipped interfaces

After r1.44 "Start on DOWN interfaces" this sentence makes no sense
and just repeats the obvious conditions, so zap it.

With/OK stsp

14 months agoSetulc only does RGB colour so add Setulc1 to do non-RGB colours, GitHub
nicm [Sat, 2 Sep 2023 09:17:23 +0000 (09:17 +0000)]
Setulc only does RGB colour so add Setulc1 to do non-RGB colours, GitHub
issue 3627.

14 months agoUse a hardware based number of KDF rounds by default for passphrases
kn [Sat, 2 Sep 2023 09:14:47 +0000 (09:14 +0000)]
Use a hardware based number of KDF rounds by default for passphrases

When creating new crypto volumes with a passphrase or updating one, pick a
number of rounds that aims to take around 1s instead of just 16 (on X230 and
T14 machines, 16 rounds unlock pretty much instantly).

New default [-r auto] never decreases rounds, only explicit '-r N' can.
16 is the absolute minimum.

Motivation is to provide a saner and more modern default, especially for
fresh installations utilizing new disk encryption question.

Prodding for new default from and OK jsing on early "-r auto" installer diff
idea to to pick MAX(auto, old-rounds) from Lucas[AT sexy DOT is]
"seems acceptable to me" deraadt
Feedback kettenis sthen
OK op

14 months agoAvoid trying to remove keys if the station is not active in iwm firmware.
stsp [Sat, 2 Sep 2023 09:02:18 +0000 (09:02 +0000)]
Avoid trying to remove keys if the station is not active in iwm firmware.

Same fix as applied to iwx(4) in March. Since iwm(4) does not use a task
for key installation and removal the same race might not manifest here.
However, trying to delete a key while the station is not in firmware
is wrong in any case. And this code might get moved into a task later.

14 months agoMake iwm(4) not crash when aircrack-ng attempts to inject frames via
stsp [Sat, 2 Sep 2023 08:57:46 +0000 (08:57 +0000)]
Make iwm(4) not crash when aircrack-ng attempts to inject frames via
bpf in monitor mode.

Crash reported by brad and sthen.
I reproduced the issue to verify my fix but I did not check whether
aircrack-ng actually works with this.

14 months agoSet visited flag on last windows when linking session.
nicm [Sat, 2 Sep 2023 08:38:37 +0000 (08:38 +0000)]
Set visited flag on last windows when linking session.

14 months agoZap anon pages mappings in uvm_anon_release() instead of in the fault handler.
mpi [Sat, 2 Sep 2023 08:24:40 +0000 (08:24 +0000)]
Zap anon pages mappings in uvm_anon_release() instead of in the fault handler.

This makes all code paths deactivating or freeing anons consistent.

No objection from the usual suspects.

14 months agowhitespace
tb [Sat, 2 Sep 2023 04:55:18 +0000 (04:55 +0000)]
whitespace

14 months agoAlign EVP_PKEY_get1_RSA() with EVP_PKEY_get0_RSA()
tb [Sat, 2 Sep 2023 04:15:39 +0000 (04:15 +0000)]
Align EVP_PKEY_get1_RSA() with EVP_PKEY_get0_RSA()

14 months agoImplement drive strength tweaking for the YT8531. Needed on the v1.3b
kettenis [Fri, 1 Sep 2023 20:35:31 +0000 (20:35 +0000)]
Implement drive strength tweaking for the YT8531.  Needed on the v1.3b
variant of the visionfive2 board.

ok jsing@

14 months agoCall rtm_send() with netlock held to protect dereference of sockaddr
mvs [Fri, 1 Sep 2023 20:24:29 +0000 (20:24 +0000)]
Call rtm_send() with netlock held to protect dereference of sockaddr
structure data returned by rtable_getsource(). Netlock can't be pushed
within rtm_send() because we have paths where caller already holds it.

tested by jca

ok bluhm jca

14 months agovmd(8): ignore masks on asserts, use synchronous deasserts.
dv [Fri, 1 Sep 2023 19:42:26 +0000 (19:42 +0000)]
vmd(8): ignore masks on asserts, use synchronous deasserts.

The i8259 was considering the state of the mask register when a
device requested raising the bit in the interrupt request register.
This caused a race condition where if the virtio device asserted
the irq while it was masked in the i8259 by the vm, we'd miss the
interrupt request. The device and the pic would become out of sync
and users reported virtio block device stalls as the vioblk(4)
driver would starve, waiting for an interrupt that will never arrive.

The mask is now considered only at ack time, when finding possible
interrupts to inject. This bug was never a problem previously as
virtio devices were emulated synchronously.

Deasserts related to the vcpu reading the virtio isr register are
also made now in response to the read request instead of issued
asynchronously. This removes a subsequent race condition.

Testing from mbuhl@, stsp@, and Florian Riehm.

ok mlarkin@

14 months agoOnly compare the actual size of the UTF-8 character, not all of it.
nicm [Fri, 1 Sep 2023 18:43:54 +0000 (18:43 +0000)]
Only compare the actual size of the UTF-8 character, not all of it.

14 months agoMany improvements, almost amounting to a partial rewrite:
schwarze [Fri, 1 Sep 2023 17:28:21 +0000 (17:28 +0000)]
Many improvements, almost amounting to a partial rewrite:
* more precision what the CIPHER_CTX functions do
* more precision what an NID is
* avoid talking about RC2, use AES-256 for an example instead
* clarify that block sizes are measured in bytes
* mention additional restrictions regarding valid block sizes
* add the missing description of the *_flags(3) functions
* mention the public mask constant EVP_CIPH_MODE
* add three missing modes that can occur as return values
* add the missing entries for *_flags(3) and *_mode(3) below RETURN VALUES
* tweak various wordings for precision and conciseness

14 months agoFix EVP_PKEY_get0_RSA() for RSA-PSS
tb [Fri, 1 Sep 2023 17:12:19 +0000 (17:12 +0000)]
Fix EVP_PKEY_get0_RSA() for RSA-PSS

It currently returns NULL. This is OpenSSL 4088b926 + De Morgan.

ok jsing

14 months agoAdd missing -T to getopt string.
nicm [Fri, 1 Sep 2023 16:40:38 +0000 (16:40 +0000)]
Add missing -T to getopt string.

14 months agoUpdate with pin definitions from Linux 6.4.
kettenis [Fri, 1 Sep 2023 16:13:56 +0000 (16:13 +0000)]
Update with pin definitions from Linux 6.4.

ok patrick@

14 months agoClear combine flag when a non-UTF-8 set of characters is encountered.
nicm [Fri, 1 Sep 2023 16:01:54 +0000 (16:01 +0000)]
Clear combine flag when a non-UTF-8 set of characters is encountered.

14 months agoRewrite combined character handling to be more consistent and to support
nicm [Fri, 1 Sep 2023 14:29:11 +0000 (14:29 +0000)]
Rewrite combined character handling to be more consistent and to support
newer Unicode combined characters (which we have to "know" are combined
since they are not width zero). GitHub issue 3600.

14 months agoExpand name before looking for window with -S, GitHub issue 3670.
nicm [Fri, 1 Sep 2023 14:24:46 +0000 (14:24 +0000)]
Expand name before looking for window with -S, GitHub issue 3670.

14 months agoAdd detach-on-destroy previous and next, mostly from Alexis Hildebrandt.
nicm [Fri, 1 Sep 2023 13:48:54 +0000 (13:48 +0000)]
Add detach-on-destroy previous and next, mostly from Alexis Hildebrandt.

14 months agofix an obvious typo in the OBJ_NAME_add(3) prototype
schwarze [Fri, 1 Sep 2023 12:13:13 +0000 (12:13 +0000)]
fix an obvious typo in the OBJ_NAME_add(3) prototype

14 months agoAdd spaces for failure status
afresh1 [Thu, 31 Aug 2023 21:29:53 +0000 (21:29 +0000)]
Add spaces for failure status

14 months agosched_cpu_init: remove unnecessary NULL-checks for clockintr pointers
cheloha [Thu, 31 Aug 2023 19:29:51 +0000 (19:29 +0000)]
sched_cpu_init: remove unnecessary NULL-checks for clockintr pointers

sched_cpu_init() is only run once per cpu_info struct, so we don't
need these NULL-checks.

The NULL-checks are a vestige of clockintr_cpu_init(), which runs more
than once per CPU and uses the checks to avoid leaking clockintr handles.

Thread: https://marc.info/?l=openbsd-tech&m=169349579804340&w=2

ok claudio@

14 months agoExit fw_update(8) lock_db subprocess when parent exits
afresh1 [Thu, 31 Aug 2023 19:00:00 +0000 (19:00 +0000)]
Exit fw_update(8) lock_db subprocess when parent exits

If fw_update exits unexpectedly the package database would never unlock.

select solution from millert@

14 months agoImprove feedback from fw_update(8)
afresh1 [Thu, 31 Aug 2023 18:19:21 +0000 (18:19 +0000)]
Improve feedback from fw_update(8)

Show status as we go with spinner rather than printing only at the end.

Suggestions from deraadt@

Most of this has been in snapshots for a while

14 months agosync
tb [Thu, 31 Aug 2023 17:46:31 +0000 (17:46 +0000)]
sync

14 months agoSplit three new manual pages EVP_CIPHER_nid(3), EVP_CIPHER_CTX_ctrl(3),
schwarze [Thu, 31 Aug 2023 17:27:41 +0000 (17:27 +0000)]
Split three new manual pages EVP_CIPHER_nid(3), EVP_CIPHER_CTX_ctrl(3),
and EVP_CIPHER_CTX_set_flags(3) out of the excessively large and
unwieldy EVP_EncryptInit(3).  This causes a number of inaccuracies
and gaps to stand out, but i'm not mixing text changes or content
additions into this split.

Using very useful feedback from tb@ regarding what belongs together
and how important the various functions are.  I refrained from bothering
him with the complete patch, but he likes the general direction.

14 months agoreuse the code to exec command for VAR != cmd *and* normal target processing
espie [Thu, 31 Aug 2023 06:53:28 +0000 (06:53 +0000)]
reuse the code to exec command for VAR != cmd *and* normal target processing

okay tb@

14 months agodrm/display/dp: Fix the DP DSC Receiver cap size
jsg [Thu, 31 Aug 2023 04:43:23 +0000 (04:43 +0000)]
drm/display/dp: Fix the DP DSC Receiver cap size

From Ankit Nautiyal
3bc9b0364a8c64d1bb1757b620ea3b9104e8054b in linux-6.1.y/6.1.50
5ad1ab30ac0809d2963ddcf39ac34317a24a2f17 in mainline linux

14 months agodrm/i915/dgfx: Enable d3cold at s2idle
jsg [Thu, 31 Aug 2023 04:40:08 +0000 (04:40 +0000)]
drm/i915/dgfx: Enable d3cold at s2idle

From Anshuman Gupta
3abffee6091c5a2716963c229e192a36a9590a88 in linux-6.1.y/6.1.50
2872144aec04baa7e43ecd2a60f7f0be3aa843fd in mainline linux

14 months agodrm/i915/gt: Support aux invalidation on all engines
jsg [Thu, 31 Aug 2023 04:38:15 +0000 (04:38 +0000)]
drm/i915/gt: Support aux invalidation on all engines

From Andi Shyti
7e862cce34916458bf6af954d198cce103c1e13f in linux-6.1.y/6.1.50
6a35f22d222528e1b157c6978c9424d2f8cbe0a1 in mainline linux

14 months agodrm/i915/gt: Poll aux invalidation register bit on invalidation
jsg [Thu, 31 Aug 2023 04:36:37 +0000 (04:36 +0000)]
drm/i915/gt: Poll aux invalidation register bit on invalidation

From Jonathan Cavitt
8e3f138b96f64fde58d74f886acbfd4baca907fc in linux-6.1.y/6.1.50
0fde2f23516a00fd90dfb980b66b4665fcbfa659 in mainline linux

14 months agodrm/i915/gt: Ensure memory quiesced before invalidation
jsg [Thu, 31 Aug 2023 04:33:59 +0000 (04:33 +0000)]
drm/i915/gt: Ensure memory quiesced before invalidation

From Jonathan Cavitt
017d4404312ab94a61be218c0221cd0048a37896 in linux-6.1.y/6.1.50
78a6ccd65fa3a7cc697810db079cc4b84dff03d5 in mainline linux

14 months agodrm/i915: Add the gen12_needs_ccs_aux_inv helper
jsg [Thu, 31 Aug 2023 04:32:12 +0000 (04:32 +0000)]
drm/i915: Add the gen12_needs_ccs_aux_inv helper

From Andi Shyti
c23126f2c76a17b97520d306542cee32bb26fad8 in linux-6.1.y/6.1.50
b2f59e9026038a5bbcbc0019fa58f963138211ee in mainline linux

14 months agodrm/aperture: Remove primary argument
jsg [Thu, 31 Aug 2023 04:28:38 +0000 (04:28 +0000)]
drm/aperture: Remove primary argument

From Daniel Vetter
437e99f2a1e933348c4cedb2c7ce6f0ad81b935e in linux-6.1.y/6.1.50
62aeaeaa1b267c5149abee6b45967a5df3feed58 in mainline linux

14 months agoOn JH7110, configure the tx clock according to the selected speed if
kettenis [Wed, 30 Aug 2023 19:08:48 +0000 (19:08 +0000)]
On JH7110, configure the tx clock according to the selected speed if
necessary.

ok jsing@

14 months agoImplement a few more clocks related to the GMAC.
kettenis [Wed, 30 Aug 2023 19:07:23 +0000 (19:07 +0000)]
Implement a few more clocks related to the GMAC.

ok jsing@

14 months agocover failure on insecure passfiles
kn [Wed, 30 Aug 2023 17:40:08 +0000 (17:40 +0000)]
cover failure on insecure passfiles

14 months agoexercise [-p passfile] (this is not a keydisk)
kn [Wed, 30 Aug 2023 17:21:40 +0000 (17:21 +0000)]
exercise [-p passfile]  (this is not a keydisk)

14 months agoverify that the number of rounds does not decrease
kn [Wed, 30 Aug 2023 16:45:57 +0000 (16:45 +0000)]
verify that the number of rounds does not decrease

14 months agofix signal reporting
espie [Wed, 30 Aug 2023 12:04:09 +0000 (12:04 +0000)]
fix signal reporting

14 months agoEnsure no memory is leaked after passing NULL to ASN1_TIME_normalize()
job [Wed, 30 Aug 2023 10:13:12 +0000 (10:13 +0000)]
Ensure no memory is leaked after passing NULL to ASN1_TIME_normalize()

OK tb@

14 months agoConstify argument to entity_write_repo()
job [Wed, 30 Aug 2023 10:02:28 +0000 (10:02 +0000)]
Constify argument to entity_write_repo()

OK tb@

14 months agoFix comments
job [Wed, 30 Aug 2023 10:01:52 +0000 (10:01 +0000)]
Fix comments

OK tb@

14 months agoPreempt a running proc even if there is no other process/thread queued
claudio [Wed, 30 Aug 2023 09:02:38 +0000 (09:02 +0000)]
Preempt a running proc even if there is no other process/thread queued
on that CPU's runqueue. This way mi_switch() is invoked which is necessary
to a) signal srm that the cpu changed context b) runtime stats are updated
c) requests to stop the CPU are checked.
This should fix the issue reported by Eric Wong (e at 80x24 org) that
RLIMIT_CPU is unreliable on idle systems.
OK kettenis@ cheloha@

14 months agoAdd support for the upstream Linux device tree bindings. Support for the
kettenis [Wed, 30 Aug 2023 09:01:51 +0000 (09:01 +0000)]
Add support for the upstream Linux device tree bindings.  Support for the
preliminary bindings will be removed in a couple of weeks.

ok kevlo@, jsing@, jmatthew@

14 months agoIntroduce CTL_RES_OPNOTSUPP as possible error response for bgpctl which
claudio [Wed, 30 Aug 2023 08:16:28 +0000 (08:16 +0000)]
Introduce CTL_RES_OPNOTSUPP as possible error response for bgpctl which
can be used in -portable for features that are not available in the build.
OK tb@

14 months agoregen
kevlo [Wed, 30 Aug 2023 07:12:25 +0000 (07:12 +0000)]
regen

14 months agoAdd Phison PS5021 device id
kevlo [Wed, 30 Aug 2023 07:11:48 +0000 (07:11 +0000)]
Add Phison PS5021 device id

ok miod@, jsg@

14 months agosync
tb [Wed, 30 Aug 2023 01:00:28 +0000 (01:00 +0000)]
sync

14 months agoDocument EVP_{CIPHER,MD}_do_all{,_sorted}(3)
tb [Wed, 30 Aug 2023 00:58:57 +0000 (00:58 +0000)]
Document EVP_{CIPHER,MD}_do_all{,_sorted}(3)

The function prototypes in the SYNOPSIS don't look great, but schwarze
assures me that this is how it is supposed to be. It is rather strange
that OpenSSL chose to sprinkle OPENSSL_init_crypto() calls into these
four functions rather than two inside OBJ_NAME_do_all{,_sorted}(3).
Surely there was a good reason for that.

With input and fixes from schwarze

14 months agoFix leaks in copy_issuer()
tb [Wed, 30 Aug 2023 00:49:32 +0000 (00:49 +0000)]
Fix leaks in copy_issuer()

The stack of subject alternative names from the issuer is parsed using
X509V3_EXT_d2i(), so it must be freed with sk_GENERAL_NAME_pop_free().
It's not worth doing complicated ownership handling when the individual
alternative names can be copied with GENERAL_NAME_dup().

Previously, ialt and its remaining members would be leaked when the call
to sk_GENERAL_NAME_push() failed halfway through.

This is only reachable via the issuer:copy x509v3.cnf(5) directive.

ok jsing

14 months agofix handling of unknown error rate in mbim signal state info
dlg [Tue, 29 Aug 2023 23:28:38 +0000 (23:28 +0000)]
fix handling of unknown error rate in mbim signal state info

from gerhard@:

> According to MBIM spec, table 10-58 (MBIM_SIGNAL_STATE_INFO) a value
> of 99 means the error rate is "Unknown or undetectable".

the code was using -99 before, but properly reports unknown/null now.

14 months agoexport mbim signal stats
dlg [Tue, 29 Aug 2023 23:26:40 +0000 (23:26 +0000)]
export mbim signal stats

tested by mbuhl@ gerhard@

14 months agoRemove p_rtime from struct proc and replace it by passing the timespec
claudio [Tue, 29 Aug 2023 16:19:34 +0000 (16:19 +0000)]
Remove p_rtime from struct proc and replace it by passing the timespec
as argument to the tuagg_locked function.

- Remove incorrect use of p_rtime in other parts of the tree. p_rtime was
almost always 0 so including it in any sum did not alter the result.
- In main() the update of time can be further simplified since at that time
only the primary cpu is running.
- Add missing nanouptime() call in cpu_hatch() for hppa
- Rename tuagg_unlocked to tuagg_locked like it is done in the rest of
  the tree.

OK cheloha@ dlg@

14 months agoEnable dwiic(4) and axppmic(4).
kettenis [Tue, 29 Aug 2023 16:04:21 +0000 (16:04 +0000)]
Enable dwiic(4) and axppmic(4).

14 months agoacme-client: drop ecdsa.h, fix spacing and a typo in error message
op [Tue, 29 Aug 2023 14:44:53 +0000 (14:44 +0000)]
acme-client: drop ecdsa.h, fix spacing and a typo in error message

While here drop EC_KEY_set_asn1_flag(OPENSSL_EC_NAMED_CURVE).
EC_KEY_new_by_curve_name() ends up calling EC_GROUP_new() which already
sets the OPENSSL_EC_NAMED_CURVE flag on the group.  (suggested by tb@)

ok tb@

14 months agoAlso support FDT now.
kettenis [Tue, 29 Aug 2023 12:11:08 +0000 (12:11 +0000)]
Also support FDT now.

14 months agoAdd FDT support for dwiic(4)
kettenis [Tue, 29 Aug 2023 12:09:40 +0000 (12:09 +0000)]
Add FDT support for dwiic(4)

14 months agoReplace last ecdh.h and ecdsa.h occurrences with ec.h
tb [Tue, 29 Aug 2023 10:07:42 +0000 (10:07 +0000)]
Replace last ecdh.h and ecdsa.h occurrences with ec.h

Except if backward compatibility with older LibreSSL and OpenSSL versions
is explicitly needed, ecdsa.h and ecdh.h should no longer be used. They
are now trivial wrappers of ec.h.

14 months agoHave #include <cstdio> when using fprintf(). This is needed if
yasuoka [Tue, 29 Aug 2023 07:54:01 +0000 (07:54 +0000)]
Have #include <cstdio> when using fprintf().  This is needed if
wchar.h stops including stdio.h.  from asou

ok tb

14 months agomake PerSourceMaxStartups first-match-wins; ok dtucker@
djm [Tue, 29 Aug 2023 02:50:10 +0000 (02:50 +0000)]
make PerSourceMaxStartups first-match-wins; ok dtucker@

14 months agobtrace(8): prohibit use of argN builtins in BEGIN/END.
dv [Mon, 28 Aug 2023 21:23:46 +0000 (21:23 +0000)]
btrace(8): prohibit use of argN builtins in BEGIN/END.

The argN builtins are undefined for BEGIN and END special probes.
Similar to bpftrace, produce an error from the parser.

Adds a regress test, as well.

ok mpi@

14 months agoIntroduce reference counting for TCP syn cache entries.
bluhm [Mon, 28 Aug 2023 14:50:01 +0000 (14:50 +0000)]
Introduce reference counting for TCP syn cache entries.

The syn_cache_reaper() is a hack to serialize timeouts.  Unfortunately
it has a race and panics sometimes with pool_do_get: syncache free
list modified.  Add a reference counter for timeout and list of syn
cache entries.  Currently list refcout is not strictly necessary
due to exclusive netlock, but will be needed when we continue
unlocking.

Checking timeout_initialized() is not MP friendly, better do proper
initialization during object allocation.  Refcount in btrace helps
to find leaks.

bug reported and fix tested by Peter J. Philipp
OK claudio@