openbsd
3 years agosync
deraadt [Thu, 2 Sep 2021 20:33:03 +0000 (20:33 +0000)]
sync

3 years agoMove the error put functions from X509V3err() to X509V3error()
job [Thu, 2 Sep 2021 20:25:40 +0000 (20:25 +0000)]
Move the error put functions from X509V3err() to X509V3error()

OK tb@

3 years agoUnroll ASN1_SEQUENCE() ASN1_CHOICE() ASN1_ITEM_TEMPLATE()
job [Thu, 2 Sep 2021 20:11:07 +0000 (20:11 +0000)]
Unroll ASN1_SEQUENCE() ASN1_CHOICE() ASN1_ITEM_TEMPLATE()

OK jsing@

3 years agoAdd -f to usage
tb [Thu, 2 Sep 2021 19:46:44 +0000 (19:46 +0000)]
Add -f to usage

3 years agofollow-up on previous commit and rename the _sys union to _args
jasper [Thu, 2 Sep 2021 19:41:48 +0000 (19:41 +0000)]
follow-up on previous commit and rename the _sys union to _args

3 years agoDo not create loopback interfaces lo1, lo2, ... upfront. They are
bluhm [Thu, 2 Sep 2021 19:38:20 +0000 (19:38 +0000)]
Do not create loopback interfaces lo1, lo2, ...  upfront.  They are
automatically set up by the kernel when a routing domain is created.
An existing lo1 in rdomain 0 would prevent to add any interfaces
in rdomain 1.
OK kn@

3 years agostyle
tobhe [Thu, 2 Sep 2021 19:28:35 +0000 (19:28 +0000)]
style

3 years agoInitialize the uvm object when we actually need it such that we can
kettenis [Thu, 2 Sep 2021 19:12:29 +0000 (19:12 +0000)]
Initialize the uvm object when we actually need it such that we can
use uvm_obj_init() to initialize the pager ops and initial reference count.
This will help future uvm unlocking diffs.

ok mpi@, jsg@

3 years agoSplit part_type into separate types 'mbr_type' and 'gpt_type',
krw [Thu, 2 Sep 2021 18:07:45 +0000 (18:07 +0000)]
Split part_type into separate types 'mbr_type' and 'gpt_type',
shrinking static data demands. Split PRT_printall() into
PRT_print_mbrtypes() and PRT_print_gpttypes() to eliminate
pointless 'pseudo' MBR partition types and pointless display of
MBR partition types with no associated GPT GUIDs.

Eases future MBR and GPT partition type editing improvements.

ok kettenis@

3 years agorename struct dt_evt fields to make it clear this isn't only used for tracing syscalls
jasper [Thu, 2 Sep 2021 17:21:39 +0000 (17:21 +0000)]
rename struct dt_evt fields to make it clear this isn't only used for tracing syscalls
and adjust btrace(8) accordingly.
extracted from a larger diff by Tom Rollet.

ok mpi@

3 years agoOPENSSL_assert() is not appropriate in this context
job [Thu, 2 Sep 2021 15:59:05 +0000 (15:59 +0000)]
OPENSSL_assert() is not appropriate in this context

Feedback from tb@

OK tb@

3 years agoReplace ossl_assert()/assert() with OPENSSL_assert()
job [Thu, 2 Sep 2021 15:54:40 +0000 (15:54 +0000)]
Replace ossl_assert()/assert() with OPENSSL_assert()

OK tb@

3 years agoEnable vfork syscall test. Disable SIGSTOP test as it is masked until
mbuhl [Thu, 2 Sep 2021 15:28:41 +0000 (15:28 +0000)]
Enable vfork syscall test. Disable SIGSTOP test as it is masked until
exec/exit with vfork.
OK bluhm@

3 years agoExplain in a comment why two wscons_keydesc structures are needed.
anton [Thu, 2 Sep 2021 15:15:12 +0000 (15:15 +0000)]
Explain in a comment why two wscons_keydesc structures are needed.

3 years agoUpdate for change of default Ruby version to 3.0.
jeremy [Thu, 2 Sep 2021 15:00:55 +0000 (15:00 +0000)]
Update for change of default Ruby version to 3.0.

3 years agoWe need to allow for either a CERTIFICATE or CERTIFICATE_STATUS message
beck [Thu, 2 Sep 2021 14:41:03 +0000 (14:41 +0000)]
We need to allow for either a CERTIFICATE or CERTIFICATE_STATUS message
here or we break the handshake with BAD_MESSAGE

ok tb@

3 years agoReplace OPENSSL_free() with free()
job [Thu, 2 Sep 2021 14:14:44 +0000 (14:14 +0000)]
Replace OPENSSL_free() with free()

OK tb@

3 years agolist -v with -d in SYNOPSIS, instead of seperately,
jmc [Thu, 2 Sep 2021 14:14:44 +0000 (14:14 +0000)]
list -v with -d in SYNOPSIS, instead of seperately,
and add -v to usage();

3 years agoUnroll IMPLEMENT_ASN1_FUNCTIONS()
job [Thu, 2 Sep 2021 14:11:20 +0000 (14:11 +0000)]
Unroll IMPLEMENT_ASN1_FUNCTIONS()

OK jsing@

3 years agoUnroll DECLARE_ASN1_FUNCTIONS()
job [Thu, 2 Sep 2021 13:48:39 +0000 (13:48 +0000)]
Unroll DECLARE_ASN1_FUNCTIONS()

OK jsing@

3 years agoFix our iwx(4) xtal latency values to match the values used by Linux iwlwifi.
stsp [Thu, 2 Sep 2021 13:44:10 +0000 (13:44 +0000)]
Fix our iwx(4) xtal latency values to match the values used by Linux iwlwifi.
with a fix from + ok kevlo@

3 years agoThe PCI_PRODUCT_INTEL_WL_22500_1 device is part of the 22000
kevlo [Thu, 2 Sep 2021 13:39:34 +0000 (13:39 +0000)]
The PCI_PRODUCT_INTEL_WL_22500_1 device is part of the 22000
family (discrete) not integrated.

ok stsp@

3 years agoRename DEFINE_STACK_OF() to DECLARE_STACK_OF()
job [Thu, 2 Sep 2021 13:26:51 +0000 (13:26 +0000)]
Rename DEFINE_STACK_OF() to DECLARE_STACK_OF()

OK tb@ jsing@

3 years agoStop sending debug logging to syslog (which would then drop it on the
florian [Thu, 2 Sep 2021 13:18:04 +0000 (13:18 +0000)]
Stop sending debug logging to syslog (which would then drop it on the
floor) all the time. Instead debug logging must be requested with the
new -v flag.
Problem reported and fix provided by weerd@

3 years agoLay groundwork to support X.509 v3 extensions for IP Addresses and AS Identifiers
job [Thu, 2 Sep 2021 12:41:44 +0000 (12:41 +0000)]
Lay groundwork to support X.509 v3 extensions for IP Addresses and AS Identifiers

These extensions are defined in RFC 3779 and used in the RPKI (RFC 6482, RFC 8360).
Imported from OpenSSL 1.1.1j (aaf2fcb575cdf6491b98ab4829abf78a3dec8402b8b81efc8f23c00d443981bf)
This changeset is a no-op, as there are 10+ issues and at least 2 security issues.
Work will continue in-tree.

OK tb@, discussed with beck@

3 years agoImport more NetBSD system call regression tests.
mbuhl [Thu, 2 Sep 2021 12:40:44 +0000 (12:40 +0000)]
Import more NetBSD system call regression tests.
OK bluhm@

3 years agoRefactor how unveil generates EACCES errors. Instead of tracking the
claudio [Thu, 2 Sep 2021 12:35:23 +0000 (12:35 +0000)]
Refactor how unveil generates EACCES errors. Instead of tracking the
possible violation during the traversal of the path do the check at the
end. Make the code a bit easier to grok.
OK beck@ semarie@

3 years agotrailing whitespace
jasper [Thu, 2 Sep 2021 12:32:22 +0000 (12:32 +0000)]
trailing whitespace

3 years agoFix comment spelling.
patrick [Thu, 2 Sep 2021 12:09:26 +0000 (12:09 +0000)]
Fix comment spelling.

3 years agoCall the ocsp callback if present and we get no response, instead of
beck [Thu, 2 Sep 2021 11:58:30 +0000 (11:58 +0000)]
Call the ocsp callback if present and we get no response, instead of
succeeding unconditionally.  Makes muststaple work with tls1.3 in nc

ok tb@

3 years agoUse defined constants
inoguchi [Thu, 2 Sep 2021 11:37:44 +0000 (11:37 +0000)]
Use defined constants

3 years agoatactl(8): few printf("%s", NULL) cleanup
semarie [Thu, 2 Sep 2021 11:36:47 +0000 (11:36 +0000)]
atactl(8): few printf("%s", NULL) cleanup

ok deraadt@

3 years agoAdd DB_TYPE_SUSP
inoguchi [Thu, 2 Sep 2021 11:30:15 +0000 (11:30 +0000)]
Add DB_TYPE_SUSP

3 years agotimeout(1): execvp(2) does not return except on error
semarie [Thu, 2 Sep 2021 11:26:54 +0000 (11:26 +0000)]
timeout(1): execvp(2) does not return except on error

there is no need to check if the return value is -1. just
unconditionally call err(3).

ok deraadt@ schwarze@

3 years agoMake all signal handler functions async-signal-safe
schwarze [Thu, 2 Sep 2021 11:19:02 +0000 (11:19 +0000)]
Make all signal handler functions async-signal-safe
by deleting the redundant "killersig" struct member
and using the existing sig_atomic_t cl_sigterm variable instead.
While here, garbage collect the h_hup() signal handler
which is essentially identical to h_term().
This also gets rid of the last #define & #undef in cl_main.c.

OK martijn@, and also tested by Tim <trondd at kagu hyphen tsuchi dot com>.

3 years agoCorrect the is_server flag in the call to the debug callback to be correct.
beck [Thu, 2 Sep 2021 11:10:43 +0000 (11:10 +0000)]
Correct the is_server flag in the call to the debug callback to be correct.
ok tb@

3 years agoMove subject check process after the subject edit process
inoguchi [Thu, 2 Sep 2021 11:07:56 +0000 (11:07 +0000)]
Move subject check process after the subject edit process

Referred to OpenSSL commit 2cedf794 and arranged for our codebase.

ok tb@

3 years agoAh, I was fooled by a left over man page
deraadt [Thu, 2 Sep 2021 10:59:13 +0000 (10:59 +0000)]
Ah, I was fooled by a left over man page

3 years agoadd aq(4) to amd64 RAMDISK_CD and riscv64 RAMDISK
mlarkin [Thu, 2 Sep 2021 10:49:26 +0000 (10:49 +0000)]
add aq(4) to amd64 RAMDISK_CD and riscv64 RAMDISK

3 years agoFix the TCR_TG0_xxx definitions and add TCR_TG0_4K to the initial setting
kettenis [Thu, 2 Sep 2021 10:48:52 +0000 (10:48 +0000)]
Fix the TCR_TG0_xxx definitions and add TCR_TG0_4K to the initial setting
of TCR_EL1 in locore to make clear we use 4K pages for both userland and
the kernel.

ok patrick@

3 years agonameserver alias on domain (53) collided with true nameserver (42)
deraadt [Thu, 2 Sep 2021 10:46:22 +0000 (10:46 +0000)]
nameserver alias on domain (53) collided with true nameserver (42)
which would be parsed earlier in any case.  what a weird piece of
history.
from Raf Czlonka

3 years agodelete reference to X11 README file which is no longer installed.
deraadt [Thu, 2 Sep 2021 10:39:32 +0000 (10:39 +0000)]
delete reference to X11 README file which is no longer installed.
from Raf Czlonka

3 years agoTypo in previous commit
mlarkin [Thu, 2 Sep 2021 10:18:27 +0000 (10:18 +0000)]
Typo in previous commit

3 years ago.Xr for aq(4) in pci(4) manpage
mlarkin [Thu, 2 Sep 2021 10:17:46 +0000 (10:17 +0000)]
.Xr for aq(4) in pci(4) manpage

3 years agoForgot the man page Makefile in the previous commit
mlarkin [Thu, 2 Sep 2021 10:12:20 +0000 (10:12 +0000)]
Forgot the man page Makefile in the previous commit

3 years agoaq(4) driver for Aquantia 1/2.5/5/10Gb/s PCIe ethernet adapters
mlarkin [Thu, 2 Sep 2021 10:11:21 +0000 (10:11 +0000)]
aq(4) driver for Aquantia 1/2.5/5/10Gb/s PCIe ethernet adapters

Adds support for Aquantia AQC1xx family of PCIe ethernet adapters. This
driver supports 1Gbps through 10Gbps modes of operation based on the
hardware and media/switch capabilities.

The initial code was ported from NetBSD, with jmatthew@ finishing up
the Tx/Rx ring support and interrupt handler routine.

The driver only supports devices using firmware V2.

This diff enables aq(4) on riscv64 and amd64, the only platforms where
I have tested the driver, but it likely works on other architectures
as well.

3 years agoDocument new %n syslog+abort behaviour, text mostly copied from printf.3
deraadt [Thu, 2 Sep 2021 09:50:38 +0000 (09:50 +0000)]
Document new %n syslog+abort behaviour, text mostly copied from printf.3

3 years agodelete %n using test cases, which now intentionally fault
deraadt [Thu, 2 Sep 2021 09:46:21 +0000 (09:46 +0000)]
delete %n using test cases, which now intentionally fault
spotted by anton

3 years agomove comment into correct place
deraadt [Thu, 2 Sep 2021 09:35:17 +0000 (09:35 +0000)]
move comment into correct place

3 years agobunch of err() should be errx()
deraadt [Thu, 2 Sep 2021 09:08:08 +0000 (09:08 +0000)]
bunch of err() should be errx()

3 years agoNo need to list foreign source code repository tags
job [Thu, 2 Sep 2021 08:52:10 +0000 (08:52 +0000)]
No need to list foreign source code repository tags

Feedback from deraadt@

3 years agoRFC 6066 section 8 allows the server MAY choose not send the CertificateStatus
beck [Thu, 2 Sep 2021 08:51:56 +0000 (08:51 +0000)]
RFC 6066 section 8 allows the server MAY choose not send the CertificateStatus
message, even if it has received a "status_request" extension in the client
hello message and has sent a "status_request" extention in the server hello
message.  Genua found a site that is this broken. This makes it work.

ok jsing@

3 years agoInitialize mutex to IPL_NONE.
mpi [Thu, 2 Sep 2021 08:48:22 +0000 (08:48 +0000)]
Initialize mutex to IPL_NONE.

ok kettenis@

3 years agorename rw locks to avoid ambiguity and verboseness
dv [Thu, 2 Sep 2021 07:19:53 +0000 (07:19 +0000)]
rename rw locks to avoid ambiguity and verboseness

Syzbot might complain about "new" panics, but to help debug a recent
report it helps to have unique rw lock names.

"sounds good to me" @mlarkin

3 years agoregress tests shouldn't set or modify MALLOC_OPTIONS unless they're actually very...
jasper [Thu, 2 Sep 2021 07:14:15 +0000 (07:14 +0000)]
regress tests shouldn't set or modify MALLOC_OPTIONS unless they're actually very specific behaviour

document this accordingly in the guidelines section of the manpage

ok bluhm@

3 years agoChange copying arguments to that flags without arguments are inserted
nicm [Thu, 2 Sep 2021 07:11:03 +0000 (07:11 +0000)]
Change copying arguments to that flags without arguments are inserted
correctly and empty arguments lists do not crash. Fixes crash reported
by & ok mpi@.

3 years agothis is not a section 3 man page anymore
deraadt [Thu, 2 Sep 2021 06:46:32 +0000 (06:46 +0000)]
this is not a section 3 man page anymore

3 years agosome functionality requires pledge "proc"
deraadt [Thu, 2 Sep 2021 06:23:32 +0000 (06:23 +0000)]
some functionality requires pledge "proc"

3 years agoAllow snmpd(8) to send SNMPv3 traps.
martijn [Thu, 2 Sep 2021 05:41:02 +0000 (05:41 +0000)]
Allow snmpd(8) to send SNMPv3 traps.

OK jmatthew@

3 years agoAdd the NetBSD source code repository tag back to help future historians
job [Wed, 1 Sep 2021 21:45:10 +0000 (21:45 +0000)]
Add the NetBSD source code repository tag back to help future historians

3 years agoFix overflow / underflow check by moving it up before the return
job [Wed, 1 Sep 2021 21:43:51 +0000 (21:43 +0000)]
Fix overflow / underflow check by moving it up before the return

Also rename 'end' to 'suffix' for readability.

OK beck@

3 years agoUpdate project tag line, shorten some err() calls
job [Wed, 1 Sep 2021 20:18:54 +0000 (20:18 +0000)]
Update project tag line, shorten some err() calls

3 years agoImprove editing GPT partition type GUID's by rejecting partition
krw [Wed, 1 Sep 2021 20:08:32 +0000 (20:08 +0000)]
Improve editing GPT partition type GUID's by rejecting partition
id's that have no associated GUID, rather than disabling the
partition.

If the current partition type is a GUID with no corresponding
partition id, display and use that GUID as the default value.

Less surprising behaviour all round.

3 years agosmall unused/initialization improvements
deraadt [Wed, 1 Sep 2021 20:03:43 +0000 (20:03 +0000)]
small unused/initialization improvements

3 years agorepair strtonum idiom and improve error messaging
deraadt [Wed, 1 Sep 2021 20:01:14 +0000 (20:01 +0000)]
repair strtonum idiom and improve error messaging
ok job

3 years agoEnable making timeout(1)
job [Wed, 1 Sep 2021 19:55:53 +0000 (19:55 +0000)]
Enable making timeout(1)

OK deraadt@

3 years agoStyle nits
job [Wed, 1 Sep 2021 19:54:34 +0000 (19:54 +0000)]
Style nits

Contribution from Anton Lindqvist

3 years agoconsider two files sharing the same inode identical
halex [Wed, 1 Sep 2021 18:16:52 +0000 (18:16 +0000)]
consider two files sharing the same inode identical

This gives a substantial speedup when comparing directory
structures with many hardlinked files, e.g. when using
rsnapshot for incremental backup.

ok stsp@ millert@

3 years agoremove unused macro;
jmc [Wed, 1 Sep 2021 17:47:33 +0000 (17:47 +0000)]
remove unused macro;

3 years agoCase h is pointless
job [Wed, 1 Sep 2021 16:12:38 +0000 (16:12 +0000)]
Case h is pointless

Feedback from deraadt@

3 years agoFix indenting
job [Wed, 1 Sep 2021 16:11:30 +0000 (16:11 +0000)]
Fix indenting

Feedback from deraadt@

3 years agoUse ttopen in tty drivers open functions as ttysleep string, as the others do.
jan [Wed, 1 Sep 2021 16:10:39 +0000 (16:10 +0000)]
Use ttopen in tty drivers open functions as ttysleep string, as the others do.

ok patrick@

3 years agoSimplify code by replacing strtol() with strtonum()
job [Wed, 1 Sep 2021 16:09:54 +0000 (16:09 +0000)]
Simplify code by replacing strtol() with strtonum()

Feedback from deraadt@

3 years agopledge() timeout
job [Wed, 1 Sep 2021 16:04:40 +0000 (16:04 +0000)]
pledge() timeout

Feedback from deraadt@

3 years agoRemove sysexits.h reference and improve usage string.
job [Wed, 1 Sep 2021 16:00:48 +0000 (16:00 +0000)]
Remove sysexits.h reference and improve usage string.

Feedback from deraadt@

3 years agoinet_ntop(3) needs sys/socket.h for AF_INET / AF_INET6 so add the header
claudio [Wed, 1 Sep 2021 15:59:22 +0000 (15:59 +0000)]
inet_ntop(3) needs sys/socket.h for AF_INET / AF_INET6 so add the header
to the list. While here remove some of the headers from inet_net_ntop(3)
for balance.

3 years agoA couple commands don't need sys/param.h, but they do need sys/signal.h
deraadt [Wed, 1 Sep 2021 15:54:40 +0000 (15:54 +0000)]
A couple commands don't need sys/param.h, but they do need sys/signal.h

3 years agoneither ktrace(2) or utrace(2) require a caller to pull sys/param.h
deraadt [Wed, 1 Sep 2021 15:51:45 +0000 (15:51 +0000)]
neither ktrace(2) or utrace(2) require a caller to pull sys/param.h

3 years agoImport timeout(1) from NetBSD
job [Wed, 1 Sep 2021 15:50:33 +0000 (15:50 +0000)]
Import timeout(1) from NetBSD

The timeout(1) utility can be used to run commands with a time limit.

OK deraadt@ beck@

3 years agoAdd client side support for DNS configuration. Use RTM_PROPOSAL_STATIC
tobhe [Wed, 1 Sep 2021 15:30:06 +0000 (15:30 +0000)]
Add client side support for DNS configuration. Use RTM_PROPOSAL_STATIC
route messages to propose the name server to resolvd(8).
For now, iked will only propose a single name server from the first
established connection.

Automatic name server configuration is enabled by default for policies using
the 'iface' option.

discussed with deraadt@
ok for the DNS parts florian@
ok for the rest patrick@

3 years agoLet rpki-client(8) inform bgpd(8) when RPKI VRPs will expire.
job [Wed, 1 Sep 2021 15:21:10 +0000 (15:21 +0000)]
Let rpki-client(8) inform bgpd(8) when RPKI VRPs will expire.

This will help prevent machines loading outdated roa-sets.

OK claudio@

3 years agoremove sys/param.h use (few small repairs)
deraadt [Wed, 1 Sep 2021 15:19:00 +0000 (15:19 +0000)]
remove sys/param.h use (few small repairs)

3 years agoClarify maxlen is optional in roa-set
job [Wed, 1 Sep 2021 15:06:47 +0000 (15:06 +0000)]
Clarify maxlen is optional in roa-set

OK claudio@

3 years agoAs a first step towards safe signal handling, improve the h_int()
schwarze [Wed, 1 Sep 2021 14:28:15 +0000 (14:28 +0000)]
As a first step towards safe signal handling, improve the h_int()
and h_winch() signal handlers to make one single store to a
sig_atomic_t variable.  Note that the h_hup() and h_term() signal
handlers are still unsafe after this commit because they also set
the "killersig" (how fitting!) field in a global struct.

Despite storing information in static global variables rather than
in structs passed around as arguments, this patch does not cause a
change in behaviour because there is always exactly one GS object,
initialized using gs_init() called from the top of main(), and
screen_init() stores a pointer to this one and only GS object in
the .gp member of each and every SCR object.  Talk about useless
abstraction...

Problem pointed out by deraadt@.
Patch from Tim <trondd at kagu hyphen tsuchi dot com> on tech@.
OK deraadt@.

3 years agoPrevent lock ordering issue by raising ipl level of vcpu_pool to IPL_MPFLOOR.
mpi [Wed, 1 Sep 2021 14:03:24 +0000 (14:03 +0000)]
Prevent lock ordering issue by raising ipl level of vcpu_pool to IPL_MPFLOOR.

Reported-by: syzbot+c8905496cd61610f77e2@syzkaller.appspotmail.com
ok mlarkin@

3 years agocomment out the detailed description of SSL_get_servername(3),
schwarze [Wed, 1 Sep 2021 13:56:03 +0000 (13:56 +0000)]
comment out the detailed description of SSL_get_servername(3),
leaving only the basic description in the RETURN VALUES section;
tb@ pointed out LibreSSL does not currently provide all those guarantees,
and he also OK'ed this diff

3 years agoAdd lfence after ret in retpoline thunk.
mortimer [Wed, 1 Sep 2021 13:37:14 +0000 (13:37 +0000)]
Add lfence after ret in retpoline thunk.

Recommended by AMD white paper Software Techniques for Managing
Speculation on AMD Processors (9.17.20) mitigation V2-1.

Pointed out by bluhm@. ok bluhm@ kettenis@

3 years agoRergression for printing a @map after calling clear().
mpi [Wed, 1 Sep 2021 13:22:36 +0000 (13:22 +0000)]
Rergression for printing a @map after calling clear().

Adapted from a test case generated by AFL++.

ok jasper@

3 years agoHandle the case where map/hist can be read after calling clear().
mpi [Wed, 1 Sep 2021 13:21:24 +0000 (13:21 +0000)]
Handle the case where map/hist can be read after calling clear().

Fix a NULL-derference found by jasper@ with AFL++ (port coming soon!).

ok jasper@

3 years agoImplement roa-set data expiry. Every prefix in a roa-set can specify an
claudio [Wed, 1 Sep 2021 12:39:52 +0000 (12:39 +0000)]
Implement roa-set data expiry. Every prefix in a roa-set can specify an
optional expires timestamp. The rtr process is walking the roa-set every
5min and removes every prefix that is expired.
With this stale RPKI data will slowly disapear and not linger around.
OK job@

3 years agoRPKI only cares about *.{cer,crl,gbr,mft,roa} files. Use rsync --include
claudio [Wed, 1 Sep 2021 12:26:26 +0000 (12:26 +0000)]
RPKI only cares about *.{cer,crl,gbr,mft,roa} files. Use rsync --include
and --exclude to only fetch those files from the CA repositories.
OK job@

3 years agoremove unused functions and cleanup vmd.h
dv [Wed, 1 Sep 2021 11:08:21 +0000 (11:08 +0000)]
remove unused functions and cleanup vmd.h

Discussed with mlarkin@. These functions were implemented but never
used. While in vmd.h, fix the order to match current vmd(8) reality.

3 years agoAdd support for the more rare volume usage which differs compared to the
anton [Wed, 1 Sep 2021 10:41:39 +0000 (10:41 +0000)]
Add support for the more rare volume usage which differs compared to the
more common volume increment/decrement usages in which each volume
change direction is represented using a distinct usage. The volume usage
instead uses bits of the interrupt buffer to represent the wanted
volume. The same bits should be within the bounds given by the logical
min/max associated with the HID item. However, the volume is not
interpreted as an absolute value but rather just looking at the sign bit
in order to determine the volume change direction.

I couldn't find any documentation of this usage and the implementation is
therefore solely based on analysing actual data from Richard Toohey's
<richardjtoohey at gmail dot com> Dell keyboard.

3 years agoRename ucc_bits_to_usage() to ucc_bits_to_int() as it's about to be used
anton [Wed, 1 Sep 2021 10:40:19 +0000 (10:40 +0000)]
Rename ucc_bits_to_usage() to ucc_bits_to_int() as it's about to be used
in more than one context.

3 years agoOlder AMD CPUs that do not support IBRS need an lfence after ret
bluhm [Wed, 1 Sep 2021 09:50:21 +0000 (09:50 +0000)]
Older AMD CPUs that do not support IBRS need an lfence after ret
to stop speculation.  This seems to be necessary when the branch
predictor hits the ret for the first time.  In their white paper
to mitigate speculation attacks, AMD's retpoline example has an
explicit lfence.  Adjust our retpoline assembly macro in the kernel.
OK guenther@ mortimer@ deraadt@

3 years agoRemove from0 support. openrsync will not implement all bad ideas that
claudio [Wed, 1 Sep 2021 09:48:08 +0000 (09:48 +0000)]
Remove from0 support. openrsync will not implement all bad ideas that
were added to rsync. from0 is one of those and really not needed.
OK job@

3 years agoRemove assignment of value that is never read.
beck [Wed, 1 Sep 2021 09:42:28 +0000 (09:42 +0000)]
Remove assignment of value that is never read.

ok tb@

3 years agoFix bad logic I introduced before commit.
claudio [Wed, 1 Sep 2021 09:39:14 +0000 (09:39 +0000)]
Fix bad logic I introduced before commit.
Found by job@

3 years agollvm: Use Component in OpenBSD::getCompilerRT to find libraries
gnezdo [Wed, 1 Sep 2021 09:34:53 +0000 (09:34 +0000)]
llvm: Use Component in OpenBSD::getCompilerRT to find libraries

Clang uses runtime libraries for some advanced features like
sanitizers. Different systems have different preferences about file
placement. OpenBSD with this change would use this name for ASan:
/usr/lib/clang/11.1.0/lib/libclang_rt.asan.a

So far, no libraries are shipped, only their eventual location is chosen.

Discussed with deraadt@ and kettenis@, OK mortimer@

3 years agoRemove dead poweroff functions, as they not appear in other
jan [Wed, 1 Sep 2021 09:29:31 +0000 (09:29 +0000)]
Remove dead poweroff functions, as they not appear in other
serial drivers.

ok patrick@