OpenBSD src changes summary for 2016-10-06 ==========================================
Makefile etc/Makefile etc/changelist etc/group etc/mail/aliases etc/master.passwd etc/rc etc/rc.conf etc/rc.d/switchd regress/usr.bin regress/usr.sbin sbin/dhclient sbin/disklabel sbin/dmesg sbin/dump sbin/ifconfig sbin/init sbin/mknod sbin/mount sbin/mount_ffs share/mk sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/armv7/stand/efiboot sys/dev sys/dev/ic sys/dev/pv sys/dev/wsfont sys/kern sys/net sys/netinet sys/ufs/ufs usr.bin/gprof usr.bin/openssl usr.bin/signify usr.sbin usr.sbin/dhcpd usr.sbin/switchd usr.sbin/syslogd usr.sbin/vmctl usr.sbin/vmd == Makefile ========================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/Makefile Makefile > Simplify the 'make includes' step in 'make build': move the privdrop > bit up into 'make includes', so the latter benefits from that idiom > as well. Sprinkle a few 'exec' while there. > ok natano (tb@) > Print the root check error message to stderr. While there add the name > of the target to the message to be more descriptive. > ok deraadt tb (natano@) == etc =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc Makefile ~ Makefile > Build kernels as root for now. Otherwise we run into permission issues > when the source tree is not owned by ${BUILDUSER}. > ok deraadt (natano@) ~ Makefile > Print the root check error message to stderr. While there add the name > of the target to the message to be more descriptive. > ok deraadt tb (natano@) ~ Makefile > Add switchd > OK deraadt@ (reyk@) changelist ~ changelist > Add switchd > OK deraadt@ (reyk@) group ~ group > Add _switchd (reyk@) mail/aliases ~ mail/aliases > Add switchd > OK deraadt@ (reyk@) master.passwd ~ master.passwd > Add switchd > OK deraadt@ (reyk@) rc ~ rc > Move vmd down as VMs might need the host's dhcpd, httpd etc. on startup. > OK mlarkin@ deraadt@ (reyk@) ~ rc > Add switchd > OK deraadt@ (reyk@) rc.conf ~ rc.conf > Add switchd > OK deraadt@ (reyk@) rc.d/switchd + rc.d/switchd > Add switchd > OK deraadt@ (reyk@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress usr.bin ~ ssh/Makefile > Move USER out of the way to unbreak the BUILDUSER mechanism. > ok tb (natano@) usr.sbin ~ syslogd/args-zulu.pl > Add millisecond precision to expected timestamp. (bluhm@) ~ syslogd/args-privsep.pl ~ syslogd/args-sighup-config.pl ~ syslogd/args-sighup-privsep.pl ~ syslogd/args-sighup-tcp.pl ~ syslogd/args-sighup-tls.pl ~ syslogd/args-sighup.pl ~ syslogd/args-sigpipe.pl ~ syslogd/args-sigterm.pl > Check that syslogd priv process does exec on itself. (bluhm@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ clparse.c ~ dhclient.c ~ dispatch.c ~ options.c > Add support for RFC 6842, which says the client MUST drop packets when > the server provides a client-identifier value and it doesn't match > the value the client sent. > So stop suppressing client-identifer info in the leases file and when > reading the leases file stop discarding leases that don't have current > client-identifier info. Don't use them, but keep them around in case > the client-identifier info changes back next time. > Also construct the default client-identifier (if needed) before reading > the leases file. (krw@) disklabel ~ editor.c > init auto-partition table to zeroes; ok tb@ (otto@) dmesg ~ dmesg.8 > fix HISTORY; > patch from Sevan Janiyan <venture37 at geeklan dot co dot uk>; > verified using Kusick's UCB CSRG archive CDs (schwarze@) dump ~ dump.8 > fix HISTORY; > patches from Sevan Janiyan <venture37 at geeklan dot co dot uk>; > verified using minnie.tuhs.org/cgi-bin/utree.pl (schwarze@) ifconfig ~ ifconfig.8 > typo (naddy@) init ~ init.8 > fix HISTORY; > patches from Sevan Janiyan <venture37 at geeklan dot co dot uk>; > verified using minnie.tuhs.org/cgi-bin/utree.pl (schwarze@) mknod ~ mknod.8 > fix HISTORY; > patches from Sevan Janiyan <venture37 at geeklan dot co dot uk>; > verified using minnie.tuhs.org/cgi-bin/utree.pl (schwarze@) mount ~ mount.8 > fix HISTORY; > patches from Sevan Janiyan <venture37 at geeklan dot co dot uk>; > verified using minnie.tuhs.org/cgi-bin/utree.pl (schwarze@) ~ mount.8 > On noperm mount points honor the permissions of the root directory, so > access can be locked down. > ok deraadt tb (natano@) mount_ffs ~ mount_ffs.8 > fix HISTORY: > NetBSD 1.0A was not a release, but it was > what would be called NetBSD 1.0-current in OpenBSD terminology, > see http://cvsweb.netbsd.org/bsdweb.cgi/src/sys/conf/newvers.sh#rev1.17 > patch from Sevan Janiyan <venture37 at geeklan dot co dot uk> (schwarze@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share mk ~ bsd.obj.mk > Use BUILDUSER as the owner of new links/directories created in 'make obj' > when started as root. > diff by millert with tweaks by me > ok tb deraadt (natano@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > add a debug function that was useful in finding the previous > broadwell/skylake bug. (mlarkin@) ~ vmm.c > turn off vmm(4) debug mode (mlarkin@) ~ vmm.c > Update the list of vmm ioctls that are allowed by pledge. > OK mlarkin@ stefan@ (reyk@) arch/amd64/include ~ specialreg.h ~ vmmvar.h > add a debug function that was useful in finding the previous > broadwell/skylake bug. (mlarkin@) arch/armv7/stand/efiboot ~ conf.c ~ efiboot.c ~ exec.c > Remove board IDs for the i.MX platform. The kernel doesn't need them > anymore. > Make sure we pass 0 as the board ID instead of random garbage if we don't > find a matching compatible string. > ok jsg@ (kettenis@) dev ~ audio.c > Fix the condition used to decide whether to automatically start the > device, and factor it into a single function. Without this fix, if the > device is open in full-duplex mode, it could start with empty play > buffer. (ratchov@) dev/ic ~ rt2560.c > Disable RTS for long frames in ral(4) for rt2560 chips. > On these chips RTS causes bad performance in hostap mode for unknown > reasons. > Convert some debug printfs to DPRINTF. > Add a comment which explains why 2 free slots are needed on the Tx queue. > ok phessler@ sthen@ (stsp@) dev/pv ~ if_hvn.c > Enable hardware VLAN tagging > Turns out that hardware VLAN tagging is required to use VLANs at all > (while QinQ VLANs are not filtered regardless...). On top of that a > PowerShell command needs to be executed to configure Trunk mode on > virtual interfaces. An example of such command is: > Set-VMNetworkAdapterVlan -VMName OpenBSD -Trunk \ > -AllowedVlanIdList 10-100 -NativeVlanId 5 > This will enable trunking mode on all hvn(4) interfaces. An option > -VMNetworkAdapterName can be passed to turn trunking on one interface, > and although by default all networking interfaces have the same name > "Network Adapter", a "Rename-VMNetworkAdapter" command can be used > to rename them one by one. (mikeb@) ~ if_xnf.c ~ xen.c ~ xenvar.h > Remove _ds_boundary abuse (again) > The logic behind this change is this: a single mbuf may reference > only a contiguous chunk of memory. When this chunk crosses a page > boundary only the first part of it has a non-zero offset while all > other chunks start at the beginning of the page. > We take advantage of this fact and calculate the offset of a first > chunk as a simple "mtod(m, vaddr_t) & PAGE_MASK". (mikeb@) ~ if_xnf.c > Fold the bus_dmamap_destroy into the loop above (mikeb@) dev/wsfont ~ wsfont.c > Remove reference to non existing font. > Include file with font data (courier11x18.h) was removed from NetBSD due > to licensing concerns before wsfont was imported into OpenBSD. > Cookie values have been renumbered for consistency. (fcambus@) kern ~ kern_pledge.c > In pledge_namei_wlpath() if resolvpath() errors out early it will not > set variables that will be later used as the size argument to > free(NULL calls. This should be harmless as free returns early if the > address is NULL without checking the size. Initialise these variables > before the call to ensure they are never passed to another function > uninitialised. > ok tedu@ millert@ deraadt@ (jsg@) ~ sys_socket.c ~ uipc_socket.c > Separate splsoftnet() from variable initialization. > From mpi@'s netlock diff; OK mikeb@ (bluhm@) ~ uipc_socket.c ~ uipc_socket2.c > Remove redundant comments that say a function must be called at > splsoftnet() if the function does a splsoftassert(IPL_SOFTNET) > anyway. (bluhm@) net ~ if_ppp.c ~ pf.c ~ route.c > Remove redundant comments that say a function must be called at > splsoftnet() if the function does a splsoftassert(IPL_SOFTNET) > anyway. (bluhm@) netinet ~ in_pcb.c > Remove redundant comments that say a function must be called at > splsoftnet() if the function does a splsoftassert(IPL_SOFTNET) > anyway. (bluhm@) ufs/ufs ~ ufs_vnops.c > On noperm mount points honor the permissions of the root directory, so > access can be locked down. > ok deraadt tb (natano@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin gprof ~ gprof.1 > remove some Xr that had no section numbers (since we don;t have the pages); > from a diff from anton lindqvist; (jmc@) openssl ~ openssl.1 > typo (naddy@) signify ~ signify.c > - better check for seckeyname/pubkeyname "equality", remove the path > (you could legitimately store secret keys on a temporary mount > - error out if seckeyname does not follow the *.sec pattern for signing, > augment the check to deal with that. > - special case: seckeyfile can come from a pipe, and then, well, there's no > way to store *.pub in the comment. > okay tedu@ (espie@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin usr.sbin ~ Makefile > Enable switchd + switchctl. It is not finished yet but we made a lot > of progress and enabling it early is a better process. > Requested by deraadt@ (reyk@) dhcpd ~ dhcp.c ~ dhcpd.h > Add support for RFC 6842. RFC 2131 said the server MUST NOT echo > the client-identifier value. RFC 6842 says the server MUST echo it. > Echoing the information disambiguates packets for relays and clients > when chaddr is 0. Similar to what dhcpv6 does. (krw@) switchd ~ types.h > Switch switchd to the _switchd user. (reyk@) syslogd ~ syslogd.c > Syslog RFC 5424 says you should add 1 to 6 digits with fractions > of a second to each syslog timestamp. As we do not measure the > time in syslog(3), use only 3 digits with millisecond precision. > OK dlg@ (bluhm@) ~ privsep.c ~ syslogd.c ~ syslogd.h > Do an exec on itself in the privileged syslogd(8) parent process > to reshuffle its memory layout. > Input rzalamena@; OK deraadt@ (bluhm@) vmctl ~ vmctl.c > The start control imsg has been switched to a new "struct > vmop_create_params" that also includes configuration that is only for > userland. I forgot to commit this chunk. > Found the hard way by mlarkin@ (reyk@) vmd ~ vm.conf.5 > tweak previous; (jmc@) ~ vmd.c ~ vmd.h ~ vmm.c > Terminate VMs on shutdown of vmd instead of leaving them running as > undead VM processes. > OK mlarkin@ (reyk@) ~ vmm.c > Enable pledge(2) in vmm and the VM processes: This way the VMs and > their monitor run in a very restricted environment. VMs only pledge > "stdio vmm" which allows them to do most basic functions and a subset > of vmm ioctls (the other part of vmm ioctls are only permitted in the > parent). > This requires the previous change in the vmm kernel part. > OK mlarkin@ (reyk@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
