kn [Fri, 26 Feb 2021 18:29:16 +0000 (18:29 +0000)]
Ship resolvd service, enable it by default
Starting right after unwind.
OK deraadt
kn [Fri, 26 Feb 2021 18:28:07 +0000 (18:28 +0000)]
Ignore SIGHUP
It should always run and there is no reload semantic.
OK deraadt
florian [Fri, 26 Feb 2021 17:20:07 +0000 (17:20 +0000)]
sync; OK deraadt
florian [Fri, 26 Feb 2021 17:19:21 +0000 (17:19 +0000)]
Create /var/db/dhcpleased for lease files.
OK deraadt@
florian [Fri, 26 Feb 2021 17:18:41 +0000 (17:18 +0000)]
rc(8) bits for dhcpleased(8).
OK deraadt
florian [Fri, 26 Feb 2021 17:17:03 +0000 (17:17 +0000)]
Hook up dhcpleased to the build.
OK deraadt
tb [Fri, 26 Feb 2021 17:14:25 +0000 (17:14 +0000)]
Sort SEE ALSO and fix its punctuation.
florian [Fri, 26 Feb 2021 16:16:37 +0000 (16:16 +0000)]
Import dhcpleased(8) - a dhcp daemon to acquire IPv4 address leases
from servers.
dhcpleased(8) follows the well known three process design of all our
privsep daemons. It uses pledge(2) and unveil(2) to restrict access
further. In particular the "engine" process, responsible for parsing
of untrusted data, is pledge'd "stdio". It cannot access the outside
world nor the filesystem at all.
Like slaacd(8) for IPv6 it will be always running and acquire addresses
for all interface with the autoconf4 flag set.
The flag can be set by "ifconfig $if inet autoconf" or by adding
"inet autoconf" to /etc/hostname.if. An existing "dhcp" line should
be removed.
Various iterations tested by deraadt@
The hardest part, finding a name, was handled by jmatthew@ & otto@
"get to it :)" deraadt@
tb [Fri, 26 Feb 2021 15:19:41 +0000 (15:19 +0000)]
Set is_trusted in x509_verify_ctx_add_chain()
If we're about to add a chain we have a trust path, so we have at least
one trusted certificate. This fixes a thinko from r1.31 and fixes the
openssl(1) cms verify test.
ok jsing (who had the same diff)
tb [Fri, 26 Feb 2021 15:15:40 +0000 (15:15 +0000)]
zap spades of trailing whitespace
patrick [Fri, 26 Feb 2021 12:33:59 +0000 (12:33 +0000)]
Read and parse OTP on the BCM4378. There are quite a few firmware and
nvram files used for the different Apple devices. The device tree and
the OTP hold the information which of those we will have to use. For
now this information will simply be printed, but depending on how we
choose to do the firmare distribution we could use it for loadfirmware().
patrick [Fri, 26 Feb 2021 12:29:36 +0000 (12:29 +0000)]
Attach to BCM4378.
patrick [Fri, 26 Feb 2021 12:28:45 +0000 (12:28 +0000)]
Add support for BCM4378 as implemented on the Apple M1. This chip seems
to use a different set of PCIE2REG registers. Accessing the "old" ones
even leads to faults. There are two surprises though. One is that it
seems that the interrupt status register always returns 0, and the other
one is that we receive the interrupts way too early, but both can be
worked around for now.
jan [Fri, 26 Feb 2021 11:41:02 +0000 (11:41 +0000)]
touch pcidevs again to generated new rcs ids in headers
advince from sthen@
kettenis [Fri, 26 Feb 2021 11:28:13 +0000 (11:28 +0000)]
Only support #iommu-cells = <1> for now to make sure the correct stream ID
is passed to the IOMMU device driver.
ok patrick@
patrick [Fri, 26 Feb 2021 11:22:10 +0000 (11:22 +0000)]
Increase the amount of RX buffers given to the bwfm(4) chip. We haave seen
this already on previous chips, which only started giving us packets when
handing over at least 128 of them. Apparently some now require 256, which
seems to get the Apple M1's WiFi going.
kettenis [Fri, 26 Feb 2021 11:09:23 +0000 (11:09 +0000)]
Add aplcpie(4), a (minimal) driver for the PCIe host bridge on Apple M1 SoCs.
ok patrick@
jan [Fri, 26 Feb 2021 10:36:45 +0000 (10:36 +0000)]
Add missing PCI product IDs for x710 10GBase-T into ixl(4)
OK phessler
dlg [Fri, 26 Feb 2021 08:31:23 +0000 (08:31 +0000)]
only store the current time on address table entries if it changes.
this avoids unecessary writes to memory. it helps a little bit with
a single nettq, but we get a lot more of a boost in pps when running
concurrently.
thanks to hrvoje for testing.
nicm [Fri, 26 Feb 2021 07:53:26 +0000 (07:53 +0000)]
Add a couple of format variables for active and last window index.
lum [Fri, 26 Feb 2021 07:21:23 +0000 (07:21 +0000)]
Some more improvements from Joachim Wiberg's version of mg.
check before using variable in list
remove unnecessary variable declaration
check value of adjustname()
add a '< 0' return value of snprintf
deraadt [Fri, 26 Feb 2021 04:25:44 +0000 (04:25 +0000)]
sync
djm [Fri, 26 Feb 2021 04:18:42 +0000 (04:18 +0000)]
remove this KEX fuzzer; it's awkward to use and doesn't play nice
with popular fuzzing drivers like libfuzzer. AFAIK nobody has used
it but me.
jsg [Fri, 26 Feb 2021 02:28:50 +0000 (02:28 +0000)]
remove some unused functions in slaacd
ok florian@
dlg [Fri, 26 Feb 2021 02:09:45 +0000 (02:09 +0000)]
tpmr can use the eth64 bits too.
dlg [Fri, 26 Feb 2021 01:57:20 +0000 (01:57 +0000)]
try do a better job of filtering 802.1 reserved group addresses.
if the bridge is supposed to carry vlan packets, assuming it's an
s-vlan component and should allow certain group addresses to cross
between "customer" bridges.
i should probably let some of these groups fall back through to the
calling ether_input rather than drop them.
danj [Fri, 26 Feb 2021 01:46:52 +0000 (01:46 +0000)]
Fix Typo, ok jca
dlg [Fri, 26 Feb 2021 01:42:47 +0000 (01:42 +0000)]
use uint64_ts for ethernet addresses in the src/dst bits of rules.
dlg [Fri, 26 Feb 2021 01:28:51 +0000 (01:28 +0000)]
use a uint64_t for the ethernet address in the etherbridge table.
testing has shown up to a 30% improvement in the veb forwarding
rate with this change.
an earlier diff was tested by hrvoje popovski
tested on amd64 and sparc64
lum [Fri, 26 Feb 2021 01:17:21 +0000 (01:17 +0000)]
Some improvements from Joachim Wiberg's version of mg.
check value of adjustname()
use int for return value of snprintf
dlg [Fri, 26 Feb 2021 01:12:37 +0000 (01:12 +0000)]
add some helpers for working with ethernet addresses as uint64_t
the main bits are ether_addr_to_e64 and ether_e64_to addr for loading
an ethernet address into a uin64_t and visa versa. there's also
some macros for testing if an address in a uint64_t is multicast,
broadcast, anyaddr, or if it's an 802.1q reserved multicast group
address.
the reason for this functionality is once you have an ethernet
address as a uint64_t, operations like compares, bit tests, and
so on are fast and easy.
tested on amd64 and sparc64
danj [Fri, 26 Feb 2021 00:44:42 +0000 (00:44 +0000)]
Add my copyright since I added most of the content
patrick [Fri, 26 Feb 2021 00:19:41 +0000 (00:19 +0000)]
Increase the buffer size for the ioctl response buffers to the same as
used in the wifi firmware to ensure responses can be received.
djm [Fri, 26 Feb 2021 00:16:58 +0000 (00:16 +0000)]
a bit more debugging behind #ifdef DEBUG_SK
deraadt [Fri, 26 Feb 2021 00:16:41 +0000 (00:16 +0000)]
gcc is more strict about union decls
ok dlg
patrick [Fri, 26 Feb 2021 00:14:28 +0000 (00:14 +0000)]
Indicate hostready signal to inform the firmware that the rings have been
initialized.
patrick [Fri, 26 Feb 2021 00:07:41 +0000 (00:07 +0000)]
Refactor bwfm(4) firmware loading. The PCIe backend will need to be able
to load the CLM blob like the SDIO backend already does. Additionally it
is also helpful for the PCIe backend to try a file named after the device
tree compatible. Thus refactor the SDIO code and make it available for
both SDIO and PCIe.
patrick [Fri, 26 Feb 2021 00:02:07 +0000 (00:02 +0000)]
Fix prio2fifo mapping table.
patrick [Thu, 25 Feb 2021 23:59:54 +0000 (23:59 +0000)]
The firmware replaces the last 32-bit on RAM with a shared DRAM address.
While the for-loop checks that thie value has changed since we wrote to
it, the timeout-condition checked for non-zero, which is wrong. This
means that we didn't realize the firmware wasn't started. While there,
make sure the shared DRAM address is inside the chip's address space.
patrick [Thu, 25 Feb 2021 23:55:41 +0000 (23:55 +0000)]
Some newer chips have two D11/802.11 cores, and we need to reset both at
the same time.
patrick [Thu, 25 Feb 2021 23:26:05 +0000 (23:26 +0000)]
Support for version 7 of the bwfm(4) PCIe interface. The size of the items
on the rx/tx complete rings has increased slightly to accomodate possible
new features.
patrick [Thu, 25 Feb 2021 23:07:48 +0000 (23:07 +0000)]
Add some infrastructure in the PCI chipset tag for pci_probe_device_hook()
so that we can provide IOMMU-hooked bus DMA tags for each PCI device.
ok kettenis@
sthen [Thu, 25 Feb 2021 23:06:52 +0000 (23:06 +0000)]
mention that FIX_CRLF_FILES is rooted in WRKDIST, pointed out by espie@.
mention that shell wildcards may be used.
espie [Thu, 25 Feb 2021 22:58:27 +0000 (22:58 +0000)]
wrong annotation
espie [Thu, 25 Feb 2021 22:41:51 +0000 (22:41 +0000)]
make the timing of FIX_CRLF_FILES explicit
kettenis [Thu, 25 Feb 2021 22:14:54 +0000 (22:14 +0000)]
Add a framework for IOMMUs.
ok patrick@
sthen [Thu, 25 Feb 2021 21:46:25 +0000 (21:46 +0000)]
document FIX_CRLF_FILES.
naddy [Thu, 25 Feb 2021 20:51:55 +0000 (20:51 +0000)]
ftp: prevent double free() in error path
Reported by bentley@; ok bentley@ jca@
tobhe [Thu, 25 Feb 2021 20:13:24 +0000 (20:13 +0000)]
Constify cipher API.
ok markus@
kn [Thu, 25 Feb 2021 20:04:38 +0000 (20:04 +0000)]
Typofix
tb [Thu, 25 Feb 2021 17:29:22 +0000 (17:29 +0000)]
Fix two bugs in the legacy verifier
To integrate the new X.509 verifier, X509_verify_cert() was refactored.
The code building chains in the legacy verifier was split into a
separate function. The first bug is that its return value was treated
as a Boolean although it wasn't. Second, the return alone is not enough
to decide whether to carry on the validation or not.
Slightly rearrange things to restore the behavior of the legacy verifier
prior to this refactoring.
Issue found and test case provided by Anton Borowka and jan.
ok jan jsing
jsing [Thu, 25 Feb 2021 17:07:52 +0000 (17:07 +0000)]
Update regress to match TLS versions change.
jsing [Thu, 25 Feb 2021 17:06:05 +0000 (17:06 +0000)]
Only use TLS versions internally (rather than both TLS and DTLS versions).
DTLS protocol version numbers are the 1's compliment of human readable TLS
version numbers, which means that newer versions decrease in value and
there is no direct mapping between TLS protocol version numbers and DTLS
protocol version numbers.
Rather than having to deal with this internally, only use TLS versions
internally and map between DTLS and TLS protocol versions when necessary.
Rename functions and variables to use 'tls_version' when they contain a
TLS version (and never a DTLS version).
ok tb@
jsing [Thu, 25 Feb 2021 16:58:59 +0000 (16:58 +0000)]
Rename depth to num_untrusted so it identifies what it actually represents.
ok tb@
jsing [Thu, 25 Feb 2021 16:57:10 +0000 (16:57 +0000)]
Avoid passing last and depth to x509_verify_cert_error() on ENOMEM.
In x509_verify_ctx_set_xsc_chain(), an ENOMEM case is currently passing
the last certificate and depth (which is no longer actually depth) to
x509_verify_cert_error(). Given we've hit an ENOMEM situation, neither
of these are useful so remove both.
ok tb@
otto [Thu, 25 Feb 2021 15:20:18 +0000 (15:20 +0000)]
- Make use of the fact that we know how the chunks are aligned, and
write 8 bytes at the time by using a uint64_t pointer. For an
allocation a max of 4 such uint64_t's are written spread over the
allocation. For pages sized and larger, the first page is junked in
such a way.
- Delayed free of a small chunk checks the corresponiding way.
- Pages ending up in the cache are validated upon unmapping or re-use.
In snaps for a while
espie [Thu, 25 Feb 2021 09:13:18 +0000 (09:13 +0000)]
split off the large module documentations, so that port-modules is less of
a monster.
okay sthen@
jan [Thu, 25 Feb 2021 07:30:36 +0000 (07:30 +0000)]
Prevent zero size devices from attaching
This also fixes two NULL ptr derefs in later code path.
OK patick@, krw@
djm [Thu, 25 Feb 2021 03:27:34 +0000 (03:27 +0000)]
s/PubkeyAcceptedKeyTypes/PubkeyAcceptedAlgorithms/
dlg [Thu, 25 Feb 2021 02:48:19 +0000 (02:48 +0000)]
we don't have to cast to caddr_t when calling m_copydata anymore.
the first cut of this diff was made with coccinelle using this spatch:
@rule@
type caddr_t;
expression m, off, len, cp;
@@
-m_copydata(m, off, len, (caddr_t)cp)
+m_copydata(m, off, len, cp)
i had fix it's opinionated idea of formatting by hand though, so
i'm not sure it was worth it.
ok deraadt@ bluhm@
dlg [Thu, 25 Feb 2021 02:43:31 +0000 (02:43 +0000)]
let m_copydata use a void * instead of caddr_t
i'm not a fan of having to cast to caddr_t when we have modern
inventions like void *s we can take advantage of.
ok claudio@ mvs@ bluhm@
dlg [Thu, 25 Feb 2021 01:19:35 +0000 (01:19 +0000)]
enable veb(4), it's time for wider testing.
apart from the semantic differences between bridge(4) and veb(4),
the only missing bits in veb(4) is the transparent ipsec interception
support, and spanning tree.
kn [Thu, 25 Feb 2021 00:38:59 +0000 (00:38 +0000)]
Fix SMALL build
OK deraadt
dlg [Wed, 24 Feb 2021 23:44:04 +0000 (23:44 +0000)]
add support for hashing 64 and 32 bit numbers in host byte order.
deraadt [Wed, 24 Feb 2021 23:33:44 +0000 (23:33 +0000)]
sync
dtucker [Wed, 24 Feb 2021 23:12:35 +0000 (23:12 +0000)]
Rename pubkeyacceptedkeytypes to pubkeyacceptedalgorithms in test to
match change to config-dump output.
tobhe [Wed, 24 Feb 2021 22:17:48 +0000 (22:17 +0000)]
Use ASN1_STRING_get0_data() instead of the deprecated ASN1_STRING_data().
From Moritz Schmitt
ok patrick@
deraadt [Wed, 24 Feb 2021 19:21:41 +0000 (19:21 +0000)]
build resolvd
deraadt [Wed, 24 Feb 2021 19:00:38 +0000 (19:00 +0000)]
More accurately describe the DNS proposal sources and reaction by resolvd.
with jmc
deraadt [Wed, 24 Feb 2021 19:00:08 +0000 (19:00 +0000)]
fairly significant rewrite, including:
replace poll+kevent with kevent only.
lockfile to block starting of 2nd instance.
remove state file, and recognize '# resolvd: ' lines as state
handle DNS proposal withdraws better
Still a work in progress.
tested and looked at by semarie, benno, florian, dlg
florian [Wed, 24 Feb 2021 18:34:14 +0000 (18:34 +0000)]
We need to track the pid of the connecting control connection to be
able to send answers back to the correct client in case two are
connecting at the same time. We also need to pass the pid around to
the resolver process so that it can hand it back to us.
Debugged by deraadt and dlg who noticed that answers would always
arrive on the first control connection.
deraadt@ points out that tracking the pid is not the best choice in
case one process wants to hold open two connections but at least this
brings us in line with all the other privsep daemons with control
tools. If we change this we should change it in all daemons.
florian [Wed, 24 Feb 2021 18:10:41 +0000 (18:10 +0000)]
Import resold(8), a daemon to rewrite resolv.conf.
prodding deraadt
tb [Wed, 24 Feb 2021 18:01:31 +0000 (18:01 +0000)]
Fix comment explaining last_untrusted. This should really be called
num_untrusted, but unfortunately it's public...
ok jsing tobhe
tb [Wed, 24 Feb 2021 17:59:05 +0000 (17:59 +0000)]
Make the new validator check for EXFLAG_CRITICAL
As should be obvious from the name and the comment in x509_vfy.h
int last_untrusted; /* index of last untrusted cert */
last_untrusted actually counts the number of untrusted certs at the
bottom of the chain.
Unfortunately, an earlier fix introducing x509_verify_set_xsc_chain()
assumed that last_untrusted actually meant the index of the last
untrusted cert in the chain, resulting in an off-by-one, which in turn
led to x509_vfy_check_chain_extension() skipping the check for the
EXFLAG_CRITICAL flag.
A second bug in x509_verify_set_xsc_chain() assumed that it is always
called with a trusted root, which is not necessarily the case anymore.
Address this with a temporary fix which will have to be revisited once
we will allow chains with more than one trusted cert.
Reported with a test case by tobhe.
ok jsing tobhe
krw [Wed, 24 Feb 2021 16:53:18 +0000 (16:53 +0000)]
Complete deleting ifi->active before calling write_lease_db().
No functional change but a bit more obvious and shrinks upcoming diff.
krw [Wed, 24 Feb 2021 16:36:47 +0000 (16:36 +0000)]
No need to get time() twice. Just use the already
obtained cur_time to initialize a missing lease->epoch.
krw [Wed, 24 Feb 2021 16:27:05 +0000 (16:27 +0000)]
No need to check ifi->active for NULL when looking for duplicate/obsolete
leases. It can't be NULL, and is unconditionally dereferenced a few lines
later anyway.
krw [Wed, 24 Feb 2021 16:21:33 +0000 (16:21 +0000)]
Fix annoying typo in a comment.
krw [Wed, 24 Feb 2021 16:18:59 +0000 (16:18 +0000)]
Remove incomplete/incorrect connection with autoconf, clearing ground
for future attempts at making it more IPv6-like.
ok florian@
deraadt [Wed, 24 Feb 2021 16:12:42 +0000 (16:12 +0000)]
show AF for DNS proposal messages; ok claudio bluhm
visa [Wed, 24 Feb 2021 14:59:52 +0000 (14:59 +0000)]
kqueue: Revise filterops interface
Extend kqueue's filterops interface with new callbacks so that it
becomes easier to use with fine-grained locking. The new interface
delegates the serialization of kn_event access to event sources. Now
kqueue uses filterops callbacks to read or write kn_event. This hides
event sources' locking patterns from kqueue, and allows clean
implementation of atomic read-and-clear for EV_CLEAR, for instance.
There are so many existing filterops instances that converting all of
them in one go is tricky. This patch adds a wrapper mechanism that
kqueue uses when the new callbacks are missing.
The new filterops interface has been influenced by XNU's kqueue.
OK mpi@ semarie@
lum [Wed, 24 Feb 2021 14:17:18 +0000 (14:17 +0000)]
Various fixes from emails Joachim Nilsson sent to tech@ many moons
ago. Sorry for the delay.
- Make sure we don't deref NULL ptr in skipwhite()
- Only deref vendp if not NULL
- Strings must be at least 2 chars for terminating NUL character
lum [Wed, 24 Feb 2021 13:58:46 +0000 (13:58 +0000)]
snprintf() does indeed return an int. From an email Joachim Nilsson
sent to tech@ many moons ago. Sorry for the delay.
jmc [Wed, 24 Feb 2021 13:36:19 +0000 (13:36 +0000)]
spelling fix;
bluhm [Wed, 24 Feb 2021 13:19:48 +0000 (13:19 +0000)]
In sorflush() use m_purge() instead of handrolling it.
no objections mvs@
dlg [Wed, 24 Feb 2021 12:33:50 +0000 (12:33 +0000)]
white space tweak, no functional change
dlg [Wed, 24 Feb 2021 12:33:22 +0000 (12:33 +0000)]
fix stoeplitz_n16 and stoeplitz_h16
patrick [Wed, 24 Feb 2021 10:13:08 +0000 (10:13 +0000)]
Enumerate GCI core, which seems to contain the OTP on the Apple M1.
nicm [Wed, 24 Feb 2021 09:22:15 +0000 (09:22 +0000)]
Correct client_prefix so it returns 1 if in prefix, not 0.
dlg [Wed, 24 Feb 2021 08:23:04 +0000 (08:23 +0000)]
whitespace tweaks, no functional change.
dlg [Wed, 24 Feb 2021 06:44:54 +0000 (06:44 +0000)]
fix the length check on arp packets when handling arp filter rules.
another bridge feature i'm not convinced people actually use.
ok jmatthew@ claudio@
deraadt [Wed, 24 Feb 2021 06:17:08 +0000 (06:17 +0000)]
sync
jsg [Wed, 24 Feb 2021 04:06:45 +0000 (04:06 +0000)]
remove unused usbd_get_device_string()
ok mpi@
jsg [Wed, 24 Feb 2021 03:54:05 +0000 (03:54 +0000)]
remove unused usbdi functions
ok mpi@
dlg [Wed, 24 Feb 2021 03:20:48 +0000 (03:20 +0000)]
add support for adding and deleting mac addr entries on nvgre.
the guts of this are in the etherbridge code which i added for
veb and used in bpe. there's a bit of boilerplate to make sure that
the addresses used for the endpoints will work with the tunnel
addresses that have been configured, but it's not too bad.
again, this is hard to use because ifconfig doesnt (yet) know how
to put ethernet addresses into the "add address" ioctl.
these ioctls could be used for things like evpn via bgpd though.
not sure if that's interesting to anyone though. it would probably
be more useful on vxlan interfaces.
jsg [Wed, 24 Feb 2021 03:08:47 +0000 (03:08 +0000)]
remove unused xhci_cmd_evaluate_ctx()
ok mpi@
deraadt [Wed, 24 Feb 2021 02:43:29 +0000 (02:43 +0000)]
sync
dlg [Wed, 24 Feb 2021 02:04:03 +0000 (02:04 +0000)]
add support for adding and deleting address table entries.
the guts of this are in the etherbridge code which i just added for
veb, so this code is very minimal. it's hard to use though cos
ifconfig doesnt (yet) know how to put ethernet addresses into the
"add address" ioctl.
dlg [Wed, 24 Feb 2021 01:20:03 +0000 (01:20 +0000)]
add support for adding and deleting address table entries.
dtucker [Wed, 24 Feb 2021 01:18:08 +0000 (01:18 +0000)]
Put obsolete aliases for hostbasedalgorithms and pubkeyacceptedalgorithms
after their current names so that the config-dump mode finds and uses
the current names. Spotted by Phil Pennock.