OpenBSD src changes summary for 2016-06-08 ==========================================
distrib/sets gnu/usr.bin/binutils-2.17 libexec/ld.so sys/arch/alpha/alpha sys/arch/amd64/amd64 sys/arch/armish/armish sys/arch/armv7/armv7 sys/arch/armv7/exynos sys/arch/armv7/imx sys/arch/armv7/omap sys/arch/armv7/sunxi sys/arch/armv7/vexpress sys/arch/i386/i386 sys/arch/macppc/macppc sys/arch/octeon/dev sys/arch/socppc/socppc sys/arch/sparc/sparc sys/arch/sparc64/sparc64 sys/arch/zaurus/zaurus sys/dev/acpi sys/dev/ofw sys/kern sys/net sys/netinet6 sys/uvm usr.bin/aucat usr.bin/signify usr.bin/ssh usr.sbin/ldpd usr.sbin/smtpd == distrib =========================================================== 01/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/base/md.sparc > fix two typos (tobiasu@) == gnu =============================================================== 02/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/binutils-2.17 ~ bfd/elf64-sparc.c > Revert the change that made the PLT readonly. The dynamic linker now > actually uses the fact that the PLT is in a writable segment to avoid > the dependency on the __plt_start and __plt_end symbols. > ok deraadt@ (kettenis@) == libexec =========================================================== 03/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ library.c ~ loader.c > Some ELF ABIs still require a PLT that is both writable and executable. To > avoid W^X violations, initially map such segments as writable and > non-executable, and change the mapping to non-writable and executable > after initial relocation processing. As a side-benefit this means we no > longer depend on the __plt_start and __plt_end to make the PLT read-only > after relocation processing. > This will break binaries linked with ld -Z, most notably emacs, on some > of our architectures. > ok deraadt@, guenther@ (kettenis@) == sys =============================================================== 04/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/amd64/amd64 ~ cpu.c > reporting a different issue, bluhm noticed that valid is not initialized. > (tedu@) ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/armish/armish ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/armv7/armv7 ~ armv7_machdep.c ~ armv7_machdep.h ~ platform.c > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) ~ platform.c > stop requiring a matching platform to continue booting (jsg@) ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/armv7/exynos ~ exuart.c ~ exynos_machdep.c > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) arch/armv7/imx ~ imx_machdep.c ~ imxuart.c > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) arch/armv7/omap ~ omap_com.c ~ omap_machdep.c > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) arch/armv7/sunxi ~ sunxi_machdep.c ~ sxiuart.c > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) arch/armv7/vexpress ~ pl011.c ~ vexpress_machdep.c > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) arch/i386/i386 ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/macppc/macppc ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/octeon/dev - octhci.c ~ octhcireg.h > Remove octhci(4). It has been superseded by dwctwo(4). > ok mpi@ deraadt@ pirofti@ dlg@ (visa@) arch/socppc/socppc ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/sparc/sparc ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/sparc64/sparc64 ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) arch/zaurus/zaurus ~ autoconf.c > remove obsolete raid from namtoblk tables. from Artturi Alm (tedu@) dev/acpi ~ acpitoshiba.c > attach acpitoshiba(4) on more Toshiba laptops > ok pirofti@ (giovanni@) dev/ofw ~ fdt.c ~ fdt.h > Use fdt to find the console to initialise. Try to use /chosen/stdout-path > if present otherwise fallback to /aliases/serial0. > Don't require a platform match to run the various console init functions > so the init functions will run for unknown board ids. > With and ok kettenis@ on a earlier version. (jsg@) kern ~ subr_log.c > As logging to dmesg with msgbuf_putchar() can happen in any interrupt > handler, every access to msg buf counters should be protected by > splhigh(). This is already done in some places, make it consistenly > everywhere. > OK mpi@ deraadt@ (bluhm@) ~ exec_elf.c > Enforce W^X and map W|X segments without X permission initially. The > dynamic linker will make these read-only and add back X permission after > elocation processing. Static executables with W|X segments will probably > crash. > ok deraadt@, guenther@ (kettenis@) net ~ if_ethersubr.c > Move ND resoluton logic from nd6_output() to nd6_storelladdr() and > rename it to nd6_resolve(). > This allows us to get rid of non-Ethernet hacks by moving Ethernet > specific logic in the appropriate layer. > ok sthen@ (mpi@) ~ route.c > Revert previous, it breaks regression tests. (mpi@) netinet6 ~ nd6.c ~ nd6.h > Move ND resoluton logic from nd6_output() to nd6_storelladdr() and > rename it to nd6_resolve(). > This allows us to get rid of non-Ethernet hacks by moving Ethernet > specific logic in the appropriate layer. > ok sthen@ (mpi@) uvm ~ uvm_mmap.c > hppa & mips64 now can do the full W^X check. (Make sure you have > a new kernel before this change, and ld.so updated) (deraadt@) ~ uvm_mmap.c > Dereference p_p once rather than 4 times. (deraadt@) == usr.bin =========================================================== 05/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin aucat ~ dsp.c ~ dsp.h > removed unused fields of resamp structure (ratchov@) signify ~ signify.c > use getprogname (tedu@) ssh ~ kexgexs.c > Back out rev 1.28 "Check min and max sizes sent by the client" change. > It caused "key_verify failed for server_host_key" in clients that send a > DH-GEX min value less that DH_GRP_MIN, eg old OpenSSH and PuTTY. ok djm@ > (dtucker@) == usr.sbin ========================================================== 06/06 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin ldpd ~ init.c > Add one more safety check for Initialization messages. > RFC 5036 says the following about the "Receiver LDP Identifier" field: > "Identifies the receiver's label space. This LDP Identifier, together > with the sender's LDP Identifier in the PDU header, enables the receiver > to match the Initialization message with one of its Hello adjacencies; > If there is no matching Hello adjacency, the LSR MUST send a Session > Rejected/No Hello Notification message in response to the Initialization > message and not establish the session". > This is one more case of LDP being more complex than what it should have > been. Since LDP support MPLS label spaces (for ATM and FR), just the > sender's LSR-ID in the PDU header is not enough for identifying an Hello > adjacency. We also need the receiver's label space, and that's what this > field gives us. In fact, this field contains the full receiver's LSR-ID, > but the IP part doesn't really matter. > Since we don't support label spaces (and never will), we were happily > ignoring this field. This patch changes this to fix some errors with ANVL. > Fixes the following ANVL LDP tests: 6.5, 6.6 and 6.11. (renato@) ~ notification.c > Change what we consider a NACK for our Initialization messages. > RFC 5036 says the following: > "It is possible for a pair of incompatibly configured LSRs that > disagree on session parameters to engage in an endless sequence of > messages as each NAKs the other's Initialization messages with Error > Notification messages. > An LSR MUST throttle its session setup retry attempts with an > exponential backoff in situations where Initialization messages are > being NAK'd". > The problem here is that the RFC is not very explicit of what can be > a NACK. We were considering only the following notification messages > as NACKs: > * Session Rejected/No Hello; > * Session Rejected/Parameters Advertisement Mode; > * Session Rejected/Parameters Max PDU Length; > * Session Rejected/Parameters Label Range; > * Session Rejected/Bad KeepAlive Time. > It turns out that some implementations can NACK with a Shutdown > notification. And there's the possibility of other implementations using > different notifications as well. > To fix this, consider any fatal notification as a NACK when the neighbor > is in the OPENSENT state (i.e. we sent an Initialization and we're > waiting for a response). > Fixes the following ANVL LDP tests: 6.19, 6.21 and 6.22 (renato@) ~ hello.c > Discard Hello packet if advertised transport address is of different AF. > IxANVL LDP test 5.13 was failing for ldpd(8) because we were not > discarding IPv4 Hello messages with an IPv6 transport address (and > vice-versa). > Once again, the RFC is not very explicit about what to do in this > case. Since the IPv4 and IPv6 Transport Address TLVs are optional, > what we were doing is to just ignore them in this case and use source > address of the packet as the implicit transport address. > But the IxANVL team had a different interpretation on this. They think > that discarding the Hello message is the right thing to do in this case. > Let's follow their interpretation because that's probably what most > implementations are doing. > NOTE1: with this patch we still keep ignoring additional Transport Address > TLVs as specified in RFC 7552; > NOTE2: in order to check if a Transport Address TLV was already received > or not, use the F_HELLO_TLV_RCVD_ADDR flag instead of comparing if the > address is zero or not (easier to read). > Fixes IxANVL LDP test 5.13. (renato@) ~ ldpd.c ~ ldpe.c > Fix quick reconnect when the transport address is changed. > When the transport address is changed, we can't try to reconnect to the > neighbors inside merge_af() because the ldpe process still didn't receive > the new network sockets from the parent at this point. To resolve this, > try to reconnect just after we receive these sockets. (renato@) smtpd ~ smtp_session.c > quote space-containing values in smtpd logs or they become hard to parse > diff by Pavel Korovin <[email protected]>, ok giovanni@ (gilles@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
