OpenBSD src changes summary for 2015-12-03 ==========================================
distrib/sets lib/libc lib/libcurses lib/libssl regress/sys sbin/dhclient sbin/ifconfig sbin/route share/man share/termtypes sys/arch/sgi/sgi sys/arch/sgi/xbow sys/conf sys/dev/ic sys/dev/pci sys/kern sys/net sys/netinet sys/netinet6 sys/netmpls sys/sys usr.bin/cap_mkdb usr.bin/doas usr.bin/netstat usr.bin/rs usr.bin/ssh usr.bin/tset usr.bin/vi usr.sbin usr.sbin/bgpd usr.sbin/httpd usr.sbin/ospf6ctl usr.sbin/ospfctl usr.sbin/ospfd usr.sbin/rebound usr.sbin/relayd usr.sbin/smtpd usr.sbin/vmctl usr.sbin/vmd usr.sbin/vmmctl == distrib =========================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armish ~ lists/base/md.armv7 ~ lists/base/md.hppa ~ lists/base/md.hppa64 ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc ~ lists/base/md.sparc64 ~ lists/base/md.vax ~ lists/base/md.zaurus ~ lists/base/mi ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi ~ lists/man/mi > sync (deraadt@) ~ lists/base/md.amd64 ~ lists/man/mi > sync (deraadt@) == lib =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ sys/pledge.2 > Remove the /usr/share/nls/ exception from pledge(2). The libc > native language support was deleted a month ago at u2k15. > OK semarie@ deraadt@ (bluhm@) libcurses - tinfo/read_bsd_terminfo.c ~ Makefile ~ curses.3tbl ~ term.5tbl ~ term.7 ~ terminfo.5tbl ~ tinfo/read_entry.c > Instead of using our own custom BDB terminfo databases, use the ncurses > files in /usr/share/terminfo/*. This removes a large difference from > upstream ncurses and other systems. > ok millert (nicm@) libssl ~ src/crypto/rsa/rsa_ameth.c > Fix for OpenSSL CVE-2015-3194 > ok krw@ (beck@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sys ~ net/rtable/inet6-fullfeed.txt ~ net/rtable/kern_compat.h ~ net/rtable/util.c ~ net/rtable/delete/main.c ~ net/rtable/fullfeed/main.c + net/rtable/srp_compat.h > Sync to recent changes including SRP protection of rtable_get(), use > of a SRPL for the multipath list and rtable_delete() API change. (mpi@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dispatch.c > No need to continuously check the current rdomain of the interface > using the SIOCGIFRDOMAIN ioctl. If the rdomain is changed an > RTM_IFINFO message is generated on the old rdomain indicating the > interface is down. This will cause dhclient to exit, just like our > manual check did but even faster! > Should make pledging easier. > Behaviour confirmed by phessler@ (krw@) ifconfig ~ ifconfig.8 > Document etherip(4) as another tunnel interface. (sthen@) route ~ route.c > Print the interface index which is part of the route msg header. > mpi@ and benno@ agree (claudio@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man8/man8.amd64/MAKEDEV.8 ~ man8/man8.i386/MAKEDEV.8 > Sync after addition of vmm(4) (claudio@) ~ man7/hier.7 > Change /usr/share/misc/terminfo.db to /usr/share/terminfo. > ok millert (nicm@) + man4/etherip.4 > Implement etherip(4) driver > This commit is not removing the existing EtherIP part of gif(4) and > it keeps EtherIP of gif(4) working. > ok jbg@ sthen@ mpi@ reyk@ yasuoka@ (goda@) ~ man4/etherip.4 > new sentence -> new line (sthen@) ~ man4/etherip.4 > accross->across, and tweak wording about interface creation (sthen@) ~ man9/Makefile ~ man9/srpl_rc_init.9 > Use SRPL_HEAD() and SRPL_ENTRY() to be consistent with and allow to > fallback to a SLIST. > ok dlg@, jasper@ (mpi@) ~ man7/hier.7 > tweak previous; (jmc@) ~ man4/etherip.4 > various tweaks; (jmc@) termtypes ~ Makefile > Do not build termcap.db and terminfo.db, they are no longer needed. > ok millert (nicm@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/sgi/sgi ~ sginode.c > Let the IP27 kernel build with DEBUG. (visa@) arch/sgi/xbow ~ xbridge.c > Let the IP27 kernel build with DEBUG. (visa@) conf ~ GENERIC ~ files > Implement etherip(4) driver > This commit is not removing the existing EtherIP part of gif(4) and > it keeps EtherIP of gif(4) working. > ok jbg@ sthen@ mpi@ reyk@ yasuoka@ (goda@) dev/ic ~ fxp.c > Rewrite the tx handler to just use ifq_dequeue and drop packets that > could not be sent either because the dma mapping failed or because > m_defrag failed. Those errors are accounted as oerrors. dlg@ agrees. > (claudio@) ~ athn.c > ieee80211com's ic_sup_mcs array is smaller than it used to be because part > of > it has been split out into new struct fields. The athn(4) driver was still > assuming the old size and wrote beyond the ic_sup_mcs array. Make the > driver > write to the new ic_tx_mcs_set field instead. > found by daniel@ with gcc 4.9 > ok sthen@ kettenis@ (stsp@) dev/pci ~ if_cas.c > Rework cas_start to check for space on the ring before dequeueing and drop > the packet if encap fails, use m_defrag if the mbuf is too fragmented, > adjust sc_tx_cnt using atomic operations, hold the kernel lock while > calling > cas_init and cas_start from the interrupt handler, use an interrupt barrier > in cas_stop, and finally mark the interupt handler mpsafe. > encouragement from dlg@ and kettenis@ (jmatthew@) ~ if_myx.c > tell the stack myx_start is mpsafe. > as per the stack commit, the driver changes are: > 1. setting ifp->if_xflags = IFXF_MPSAFE > 2. only calling if_start() instead of its own start routine > 3. clearing IFF_RUNNING before calling if_start_barrier() on its way down > 4. only using IFQ_DEQUEUE (not ifq_deq_begin/commit/rollback) (dlg@) kern ~ kern_pledge.c > pledge(pf) needs to allow DIOCKILLSRCNODES, used in relayd. > ok deaadt@ (benno@) ~ kern_pledge.c > Remove the /usr/share/nls/ exception from pledge(2). The libc > native language support was deleted a month ago at u2k15. > OK semarie@ deraadt@ (bluhm@) ~ tty_tty.c > remove code that's been #ifdef'ed out for 20 years > ok deraadt@ (blambert@) net ~ if_pfsync.c ~ pf.c ~ pf_ioctl.c ~ pfvar.h > Rename pf_unlink_state() to pf_remove_state() so the name does not > collide with the statekey to inp unlinking. > OK sashan@ mpi@ (bluhm@) ~ pf_ioctl.c > allocate PF tags as M_RTABLE vice M_TEMP > ok henning@ claudio@ (blambert@) ~ if.c ~ if.h ~ if_var.h ~ netisr.c > rework if_start to allow nics to provide an mpsafe start routine. > existing start routines will still be called under the kernel lock > and at IPL_NET. > mpsafe start routines will be serialised so only one instance of > each interfaces function will be running in the kernel at any point > in time. this guarantees packets will be dequeued in order, and the > start routines dont have to lock against themselves because if_start > does it for them. > the code to do that is based on the scsi runqueue code. > this also provides an if_start_barrier() function that should wait > until any currently running instances of if_start have finished. > a driver can opt in to the mpsafe if_start call by doing the following: > 1. setting ifp->if_xflags = IFXF_MPSAFE > 2. only calling if_start() instead of its own start routine > 3. clearing IFF_RUNNING before calling if_start_barrier() on its way down > 4. only using IFQ_DEQUEUE (not ifq_deq_begin/commit/rollback) > to simplify the implementation the tx mitigation code has been removed. > tested by several > ok mpi@ jmatthew@ (dlg@) ~ netisr.h > remove nettxintr prototype (dlg@) + if_etherip.c + if_etherip.h > Implement etherip(4) driver > This commit is not removing the existing EtherIP part of gif(4) and > it keeps EtherIP of gif(4) working. > ok jbg@ sthen@ mpi@ reyk@ yasuoka@ (goda@) ~ pf_ioctl.c > Add sizes to most free calls. OK sashan@ tedu@ (claudio@) ~ pf.c ~ pfvar.h > To avoid that the stack manipules the pf statekeys directly, introduce > pf_inp_...() lookup, link and unlink functions as an interface. > Locking can be added to them later. Remove the first linking at > the beginning of tcp_input() and udp_input() as it is not necessary. > It will be done later anyway. That code was a relict, from the > time before I had added the second linking. > Input from mikeb@ and sashan@; OK sashan@ (bluhm@) ~ route.c ~ route.h ~ rtsock.c > Store an interface index instead of a pointer in the "struct rtentry". > These indexes are unique and should be used with if_get() to get a > pointer to the corresponding ``ifp''. Such pointer is guaranteed to > be valid in a MP environment until if_put() is called. > ok claudio@, sthen@ (mpi@) ~ route.c ~ route.h > Remove unused ``rt_tableid'' field from "struct rtentry". > This reduces the size of the structure by 8 bytes on amd64 now that > we are using an index instead of a pointer for reaching interfaces. (mpi@) ~ slcompress.c > ANSIfy function definitions > no change in .o file checksum > ok claudio@ (blambert@) ~ if.c ~ route.c > Remove broadcast matching from ifa_ifwithaddr(), use in_broadcast() where > required. > ok bluhm@ mpi@. (vgross@) ~ art.h ~ bpfdesc.h ~ if.c ~ if_var.h ~ if_vlan.c ~ if_vlan_var.h ~ route.h > Use SRPL_HEAD() and SRPL_ENTRY() to be consistent with and allow to > fallback to a SLIST. > ok dlg@, jasper@ (mpi@) ~ if_pppx.c > When enqueuing a mbuf chain, take the top instead of the last > element. Otherwise the kernel paniced with "ipintr no HDR" if the > data passed to pppxwrite() had a certain length. > Bug reported and fix tested by Sevan / Venture37. > Debugged with and OK mikeb@ (bluhm@) ~ if_var.h ~ pf.c > ip_send()/ip6_send() allow PF to send response packet in ipsoftnet task. > this avoids current recursion to pf_test() function. the change also > switches icmp_error()/icmp6_error() to use ip_send()/ip6_send() so > they are safe for PF. > The idea comes from Markus Friedl. bluhm, mikeb and mpi helped me > a lot to get it into shape. > OK bluhm@, mpi@ (sashan@) ~ route.c ~ route.h ~ rtable.c ~ rtable.h ~ rtsock.c > Get rid of rt_mask() and stop allocating a "struct sockaddr" for every > route entry in ART. > rt_plen() now represents the prefix length of a route entry and should > be used instead. > For now use a "struct sockaddr_in6" to represent the mask when needed, > this should be then replaced by the prefix length and RTA_NETMASK only > used for compatibility with userland. > ok claudio@ (mpi@) netinet ~ in_pcb.c > Rename pf_unlink_state() to pf_remove_state() so the name does not > collide with the statekey to inp unlinking. > OK sashan@ mpi@ (bluhm@) ~ in_pcb.h > rm unused kernel only IPV6_RECVRTHDRDSTOPTS sockopt. ok deraadt sthen > (tedu@) ~ in_proto.c > Implement etherip(4) driver > This commit is not removing the existing EtherIP part of gif(4) and > it keeps EtherIP of gif(4) working. > ok jbg@ sthen@ mpi@ reyk@ yasuoka@ (goda@) ~ ip_ipsp.h > remove some unused defines. ok mikeb (tedu@) ~ in_pcb.c ~ tcp_input.c ~ udp_usrreq.c > To avoid that the stack manipules the pf statekeys directly, introduce > pf_inp_...() lookup, link and unlink functions as an interface. > Locking can be added to them later. Remove the first linking at > the beginning of tcp_input() and udp_input() as it is not necessary. > It will be done later anyway. That code was a relict, from the > time before I had added the second linking. > Input from mikeb@ and sashan@; OK sashan@ (bluhm@) ~ in_pcb.c ~ ip_output.c ~ raw_ip.c > Remove broadcast matching from ifa_ifwithaddr(), use in_broadcast() where > required. > ok bluhm@ mpi@. (vgross@) ~ ip_input.c > factor out ip_input_ipsec_{fwd,ours}_check(); ok mpi@ (markus@) ~ ip_output.c > add ifdef IPSEC for protoypes; requested by mpi@ (markus@) ~ ip_carp.c > Use SRPL_HEAD() and SRPL_ENTRY() to be consistent with and allow to > fallback to a SLIST. > ok dlg@, jasper@ (mpi@) ~ ip_icmp.c ~ ip_input.c ~ ip_var.h > ip_send()/ip6_send() allow PF to send response packet in ipsoftnet task. > this avoids current recursion to pf_test() function. the change also > switches icmp_error()/icmp6_error() to use ip_send()/ip6_send() so > they are safe for PF. > The idea comes from Markus Friedl. bluhm, mikeb and mpi helped me > a lot to get it into shape. > OK bluhm@, mpi@ (sashan@) ~ ip_output.c > deleting ip_insertoptions() prototype, which is no longer needed > (follow up on my earlier commit) > OK bluhm@ (sashan@) ~ in.c ~ in_pcb.c ~ in_proto.c ~ in_var.h > Get rid of rt_mask() and stop allocating a "struct sockaddr" for every > route entry in ART. > rt_plen() now represents the prefix length of a route entry and should > be used instead. > For now use a "struct sockaddr_in6" to represent the mask when needed, > this should be then replaced by the prefix length and RTA_NETMASK only > used for compatibility with userland. > ok claudio@ (mpi@) netinet6 ~ in6.h ~ ip6_output.c > rm unused kernel only IPV6_RECVRTHDRDSTOPTS sockopt. ok deraadt sthen > (tedu@) ~ in6_proto.c > Implement etherip(4) driver > This commit is not removing the existing EtherIP part of gif(4) and > it keeps EtherIP of gif(4) working. > ok jbg@ sthen@ mpi@ reyk@ yasuoka@ (goda@) ~ frag6.c > rewrite if to be more clear. ok bluhm stsp (tedu@) ~ in6.c ~ ip6_mroute.c > add sizes to some free() calls. ok claudio (tedu@) ~ icmp6.c ~ ip6_input.c ~ ip6_var.h > ip_send()/ip6_send() allow PF to send response packet in ipsoftnet task. > this avoids current recursion to pf_test() function. the change also > switches icmp_error()/icmp6_error() to use ip_send()/ip6_send() so > they are safe for PF. > The idea comes from Markus Friedl. bluhm, mikeb and mpi helped me > a lot to get it into shape. > OK bluhm@, mpi@ (sashan@) ~ in6_proto.c ~ nd6.c ~ nd6_rtr.c > Get rid of rt_mask() and stop allocating a "struct sockaddr" for every > route entry in ART. > rt_plen() now represents the prefix length of a route entry and should > be used instead. > For now use a "struct sockaddr_in6" to represent the mask when needed, > this should be then replaced by the prefix length and RTA_NETMASK only > used for compatibility with userland. > ok claudio@ (mpi@) netmpls ~ mpls_proto.c > Get rid of rt_mask() and stop allocating a "struct sockaddr" for every > route entry in ART. > rt_plen() now represents the prefix length of a route entry and should > be used instead. > For now use a "struct sockaddr_in6" to represent the mask when needed, > this should be then replaced by the prefix length and RTA_NETMASK only > used for compatibility with userland. > ok claudio@ (mpi@) sys ~ srp.h > Use SRPL_HEAD() and SRPL_ENTRY() to be consistent with and allow to > fallback to a SLIST. > ok dlg@, jasper@ (mpi@) ~ domain.h > mpi@ forgot to commit this. That should unbreak the tree. (claudio@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin cap_mkdb ~ cap_mkdb.1 > Change /usr/share/misc/terminfo.db to /usr/share/terminfo. > ok millert (nicm@) doas ~ doas.c > use the more direct auth interfaces so we can provide a custom password > prompt to the user (including username and host) so it's always clear what > program is asking. request from henning with a hint from millert. > ok deraadt jung zhuk (tedu@) netstat ~ route.c > Print the interface index, we no longer have a pointer to the interface. > Found the hardway by deraadt@ (mpi@) rs ~ Makefile ~ rs.c + utf8.c > UTF-8 support: In a UTF-8 locale, properly align columns in the > presence of zero-width and double-width characters and replace > non-printable codepoints and invalid bytes with ASCII question > marks. No change in the C/POSIX locale. > As a side effect, get rid of all pointer to pointer variables > and simplify some of the code. > Partially based on ideas from tedu@. > Feedback and OK czarkoff@, OK tedu@. (schwarze@) ssh ~ clientloop.c ~ mux.c > pledges ssh client: > - mux client: which is used when ControlMaster is in use. > will end with "stdio proc tty" (proc is to permit sending SIGWINCH to mux > master on window resize) > - client loop: several levels of pledging depending of your used options > ok deraadt@ (semarie@) tset ~ tset.1 > Change /usr/share/misc/terminfo.db to /usr/share/terminfo. > ok millert (nicm@) vi ~ vi/v_txt.c ~ vi/vi.h > After inserting a backslash, don't treat ^H ^? or ^U as special cases. > These days, ^V to escape is a universal feature and needing two > keystrokes to delete backslashes is really annoying. > ok tb@ claudio@ schwarze@ (bentley@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin usr.sbin ~ Makefile > enter new dir (deraadt@) bgpd ~ rde.c > claudio questioned the need for pledge(unix) in the rde, and i think > he is right. > ok claudio@ (benno@) httpd ~ httpd.c > the grammar can prompt DNS lookups, so pledge "dns" also. > from Gregor Best, discussed with florian (deraadt@) ~ httpd.c ~ server_http.c > Remove unnecessary NULL checks before free(). > From Jan Schreiber (reyk@) ospf6ctl ~ ospf6ctl.c > if_indextoname() was fixed a while back, do not need to pledge "route" > ok claudio (deraadt@) ospfctl ~ ospfctl.c > Another imsg_read EAGAIN check. OK benno@ (claudio@) ospfd ~ control.c ~ ospfd.c ~ ospfe.c ~ rde.c > imsg_read will return EAGAIN in some cases so prep code for it. > This is in the way for ospfd pledge so in it goes. OK benno@ (claudio@) rebound ~ rebound.c > when running on a machine without net, rebound will still receive queries > from localhost, but then fail to forward them. this causes the resolver > to stall waiting for timeouts in situations where it would otherwise fail > quickly. we don't know this happens until it's too late, but we can push > the resolver forward by sending back empty replies. > ok deraadt (tedu@) relayd ~ pfe.c > quick removal of all host-related entries in the related relayd anchor > if the host fails the SLA check. patch from Brian S. Vangsgaard. > ok reyk@ (benno@) smtpd ~ parse.y ~ smtp_session.c ~ smtpd.conf.5 ~ smtpd.h > introduce limit session keyword replacing fixed values > original diff from Renaud Allard > ok gilles (jung@) ~ smtpd.conf.5 > remove trailing whitespace (jung@) ~ smtpd.conf.5 > new sentence, new line; (jmc@) vmctl + Makefile + main.c + vmctl.8 + vmctl.c + vmctl.h > Replace vmmctl with vmctl. Also remove parse.y from the "new" vmctl. > As discussed with mlarkin@ and deraadt@ (reyk@) ~ main.c ~ vmctl.8 ~ vmctl.h > Re-add the "load" and "reload" commands to vmctl: Instead of parsing > the configuration in vmctl directly, it now sends a (re)load request > to vmd. The reload also resets the existing configuration status - > this doesn't do much difference yet but a future change will compare > if a specified VM is already running. "load" will allow to add > configuration, while "reload" resets the state before loading. (reyk@) vmd ~ loadfile_elf.c ~ pci.c ~ proc.h ~ virtio.c ~ virtio.h ~ vmd.h ~ vmm.c > spacing (reyk@) ~ control.c ~ proc.h > Use PEERCRED to obtain the user id of the vmmctl user. This is used to > restrict write operations (start/stop/terminate/load) to root for now, > but allow others to obtain the status. A more sophisticated model will > follow later, but this change prevents non-root users, even if in the wheel > group, to start vms and thus to open any files read-writable as disks. > (reyk@) ~ config.c ~ vmd.c ~ vmd.h ~ vmm.c > prepare config_getvm() for parse.y (reyk@) ~ Makefile ~ config.c ~ vmd.c ~ vmd.h + parse.y + vm.conf.5 > Add support for an optional vm.conf(5) file in vmd. This will replace > vmm.conf(5) in vmmctl. For a short time, both vmd and vmmctl will > support a configuration file, but vmmctl will be changed to send > "load" requests to vmd instead of loading and parsing the file > directly. (reyk@) ~ vmd.c > mlarkin's code has been moved to vmm.c, so it is ok to claim the copyright. > (reyk@) ~ vmd.8 ~ vmd.c > Add and document -D and -f flags to vmd. (reyk@) ~ vm.conf.5 ~ vmd.8 > Replace vmmctl with vmctl. Also remove parse.y from the "new" vmctl. > As discussed with mlarkin@ and deraadt@ (reyk@) ~ vm.conf.5 > sort SEE ALSO; (jmc@) ~ config.c ~ control.c ~ vmd.c ~ vmd.h ~ vmm.c > Re-add the "load" and "reload" commands to vmctl: Instead of parsing > the configuration in vmctl directly, it now sends a (re)load request > to vmd. The reload also resets the existing configuration status - > this doesn't do much difference yet but a future change will compare > if a specified VM is already running. "load" will allow to add > configuration, while "reload" resets the state before loading. (reyk@) vmmctl ~ parse.y ~ vmmctl.c > spacing (reyk@) ~ main.c > Use PEERCRED to obtain the user id of the vmmctl user. This is used to > restrict write operations (start/stop/terminate/load) to root for now, > but allow others to obtain the status. A more sophisticated model will > follow later, but this change prevents non-root users, even if in the wheel > group, to start vms and thus to open any files read-writable as disks. > (reyk@) - Makefile - main.c - parse.y - parser.h - vmm.conf.5 - vmmctl.8 - vmmctl.c > Replace vmmctl with vmctl. Also remove parse.y from the "new" vmctl. > As discussed with mlarkin@ and deraadt@ (reyk@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
