OpenBSD src changes summary for 2016-10-03 ==========================================
distrib/sets gnu/lib/libstdc++-v3 gnu/usr.bin/binutils-2.17 gnu/usr.bin/texinfo lib/csu lib/libssl lib/libtls regress/sys sbin/kbd share/man sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/armv7/conf sys/arch/armv7/omap sys/dev/usb sys/kern sys/net sys/netinet6 usr.bin/tmux usr.sbin/ntpd usr.sbin/pkg_add usr.sbin/smtpd usr.sbin/snmpd usr.sbin/vmd == distrib =========================================================== 01/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/base/mi > sync (deraadt@) ~ lists/man/mi > sync (deraadt@) == gnu =============================================================== 02/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu lib/libstdc++-v3 ~ Makefile > Fix ownership for install on a noperm filesystem. > joint work with tb (natano@) usr.bin/binutils-2.17 ~ Makefile.bsd-wrapper > Fix ownership for install on a noperm filesystem. > joint work with tb (natano@) usr.bin/texinfo ~ Makefile.bsd-wrapper > Fix ownership for install on a noperm filesystem. > joint work with tb (natano@) == lib =============================================================== 03/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib csu ~ arm/md_init.h > Simplify code that sets up a stack frame for running .init code to be more > AEABI-like. > ok tom@, jsg@ (kettenis@) libssl ~ src/crypto/x509/x509_vfy.c TAGGED OPENBSD_6_0 > In X509_cmp_time(), pass asn1_time_parse() the tag of the field being > parsed so that a malformed GeneralizedTime field is recognized as an error > instead of potentially being interpreted as if it was a valid UTCTime. > Reported by Theofilos Petsios (theofilos (at) cs.columbia.edu) > ok beck@ tedu@ jsing@ (bcook@) ~ src/ssl/t1_lib.c TAGGED OPENBSD_6_0 > Improve ticket validity checking when tlsext_ticket_key_cb() callback > chooses a different HMAC algorithm. > Avert memory leaks if the callback preps the HMAC in some way. > Based on openssl commit 1bbe48ab149893a78bf99c8eb8895c928900a16f > but retaining a pre-callback length check to guarantee the callback > is provided the buffer that the API claims. > ok bcook@ jsing@ > original commit by guenther@ (bcook@) ~ src/ssl/s3_srvr.c TAGGED OPENBSD_6_0 > Check for packet with truncated DTLS cookie. > Flip pointer comparison logic to avoid beyond-end-of-buffer pointers > to make it less likely a compiler will decide to screw you. > Based on parts of openssl commits > 6f35f6deb5ca7daebe289f86477e061ce3ee5f46 and > 89c2720298f875ac80777da2da88a64859775898 > ok jsing@ > original commit by @guenther (bcook@) ~ src/ssl/t1_lib.c TAGGED OPENBSD_6_0 > Detect zero-length encrypted session data early, instead of when malloc(0) > fails or the HMAC check fails. > Noted independently by jsing@ and Kurt Cancemi (kurt (at) > x64architecture.com) > ok bcook@ > original patch by guenther@ (bcook@) ~ src/ssl/t1_lib.c TAGGED OPENBSD_6_0 > Check for and handle failure of HMAC_{Update,Final} or EVP_DecryptUpdate() > based on openssl commit a5184a6c89ff954261e73d1e8691ab73b9b4b2d4 > ok bcook@ > original patch by guenther@ (bcook@) libtls ~ tls_util.c > use the same type for buf as the return type in tls_load_file > ok tedu@, noted by kinichiro (bcook@) == regress =========================================================== 04/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sys ~ kern/setuid/Makefile > The setuid tests needs an obj directory that allows to run programs > with set user id. Skip the test if the current filesystem has set > the nosuid mount option. > OK otto@ (bluhm@) == sbin ============================================================== 05/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin kbd ~ kbd_wscons.c > Those while loops look better written as for loops > ok kettenis@ (jca@) == share ============================================================= 06/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man4/man4.armv7/Makefile + man4/man4.armv7/ompinmux.4 > Add a manual page for ompinmux. (jsg@) == sys =============================================================== 07/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > disable PAT and MTRR in guest VMs (mlarkin@) arch/amd64/include ~ vmmvar.h > disable PAT and MTRR in guest VMs (mlarkin@) arch/armv7/conf ~ GENERIC ~ RAMDISK > Disable sitaracm and add a new ompinmux driver for omap pin muxing/pad > configuration that attaches with the fdt and writes values to registers > based on the pinctrl data in the fdt. Handles 16 bit values > (OMAP3/OMAP4) and 32 bit values (AM335x/AM57xx). > Feedback from and ok kettenis@ tom@ on an earlier version. (jsg@) arch/armv7/omap ~ files.omap ~ omap.c + ompinmux.c > Disable sitaracm and add a new ompinmux driver for omap pin muxing/pad > configuration that attaches with the fdt and writes values to registers > based on the pinctrl data in the fdt. Handles 16 bit values > (OMAP3/OMAP4) and 32 bit values (AM335x/AM57xx). > Feedback from and ok kettenis@ tom@ on an earlier version. (jsg@) dev/usb ~ xhci.c > Fix some bus_dmamap_sync(9) calls. > Do not fold multiple DMA synchronizations into one when chaining TRBs > as the ring might wrap. > Add missing "READ" transfer direction from the HC to host when applicable. > From Marius Strobl. (mpi@) kern ~ kern_timeout.c > avoid holding timeout_mutex while interacting with the scheduler. > as noted by haesbaert, this is necessary to avoid deadlocks because > the scheduler can call back into the timeout subsystem while its > holding its own locks. > this happened in two places. firstly, in softclock() it would take > timeout_mutex to find pending work. if that pending work needs a > process context, it would queue the work for the thread and call > wakeup, which enters the scheduler locks. if another cpu is trying > to tsleep (or msleep) with a timeout specified, the sleep code would > be holding the sched lock and call timeout_add, which takes > timeout_mutex. > this is solved by deferring the wakeup to after timeout_mutex is > left. this also has the benefit of mitigating the number of wakeups > done per softclock tick. > secondly, the timeout worker thread takes timeout_mutex and calls > msleep when there's no work to do (ie, the queue is empty). msleep > will take the sched locks. again, if another cpu does a tsleep > with a timeout, you get a deadlock. > to solve this im using sleep_setup and sleep_finish to sleep on an > empty queue, which is safe to do outside the lock as it is comparisons > of the queue head pointers, not derefs of the contents of the queue. > as long as the sleeps and wakeups are ordered correctly with the > enqueue and dequeue operations under the mutex, this all works. > you can think of the queue as a single descriptor ring, and the > wakeup as an interrupt. > the second deadlock was identified by guenther@ > ok tedu@ mpi@ (dlg@) net ~ if.c ~ if_bridge.c ~ if_bridge.h > Use detach hook to notify bridge of interface removal instead of adding > code to if.c. > ok mpi@ (rzalamena@) ~ if_bridge.c > Use detach hook to notify bridge(4) about span port removals. > ok mpi@ (rzalamena@) netinet6 ~ in6.c ~ in6.h ~ ip6_forward.c ~ ip6_id.c ~ ip6_mroute.c ~ nd6.c ~ nd6_rtr.c > Convert some of the remaining usages of time_second to time_uptime. > time_second is unix time so it can be affected by clock changes. > time_uptime is monotonic so it isnt affected by clock changes. that > in turn means route expiries wont jump with clock changes if set > against time_uptime. > the expiry is translated into unix time for export to userland though. > Should fix mismatch between route timers that were already converted > and ND default routers that were still using time_second. > Tested by matthieu@ and sthen@ > ok sthen@, dlg@ (mpi@) == usr.bin =========================================================== 08/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin tmux ~ tty.c > Remove some redundant checks and make ich/dch consistent. (nicm@) ~ tmux.1 > Document set-hook -u. (nicm@) ~ alerts.c ~ client.c ~ cmd-move-window.c ~ input-keys.c ~ input.c ~ options-table.c ~ tty-acs.c ~ window-copy.c ~ xterm-keys.c > Remove some dead code in cmd-move-window.c and make a load of local > functions static. (nicm@) == usr.sbin ========================================================== 09/09 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin ntpd ~ util.c > Fix a possible bug that will happen with dup2() when oldd == newd. In that > case the dup2() would fail silently and the descriptor would remain with > the CLOEXEC flag causing the exec*()d child process to have unexpected > behavior. > ok guenther@ (rzalamena@) pkg_add ~ OpenBSD/PkgInfo.pm > report signify2 as well (espie@) ~ OpenBSD/PkgSign.pm ~ OpenBSD/Signer.pm > throw a decent error message, signify2 can't (yet) sign non local packages > (it would need a way to get "raw" gzip data) (espie@) ~ OpenBSD/PkgSign.pm > display a decent error message (espie@) ~ pkg_sign.1 > document what signify2 does, remove remnants of signify/x509. > comment out stuff that's not supported yet, but may make a come-back later > (espie@) ~ OpenBSD/PkgCreate.pm ~ OpenBSD/PkgSign.pm ~ OpenBSD/Signer.pm > kill creating old signatures. (espie@) ~ OpenBSD/PackageLocation.pm > No need to record gzip position after CONTENTS since we don't need partial > copy for newer signatures (espie@) ~ OpenBSD/PkgAdd.pm ~ OpenBSD/State.pm > gc the old checking code in pkg_add (espie@) ~ OpenBSD/PackageLocator.pm ~ OpenBSD/PackageRepository.pm > add TRUSTED_PKG_PATH after discussing with aja@ > use case is testing binary packages among developers, -Dunsigned means > everything is unsigned, which is bad for dependencies (espie@) ~ pkg_add.1 > document (partially) new stuff (espie@) smtpd ~ smtp_session.c > fix smtp session logic bug that can lead to a server crash. (eric@) snmpd ~ snmpd.h > include sys/tree.h explicitly rather than rely on a random pf header > to do it. > ok deraadt@ (dlg@) ~ usm.c > use EVP_CipherFinal_ex instead of EVP_CipherFinal > EVP_CipherFinal_ex has well defined behaviour, where EVP_CipherFinal > can vary depending on the version of your ssl library. > ok bcook@ jsing@ (dlg@) vmd ~ virtio.c > style cleanup (mlarkin@) ~ i8253.c ~ i8253.h ~ i8259.c ~ i8259.h ~ mc146818.c ~ mc146818.h ~ ns8250.c ~ ns8250.h > add RCS tags (mlarkin@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
