OpenBSD src changes summary for 2017-05-02 ==========================================
lib/libcrypto lib/libtls regress/lib regress/sys regress/usr.bin sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/arm/mainbus sys/arch/arm64/arm64 sys/arch/arm64/dev sys/arch/armv7/armv7 sys/arch/i386/i386 sys/arch/i386/include sys/arch/i386/pci sys/arch/octeon/conf sys/arch/octeon/dev sys/conf sys/crypto sys/dev/fdt sys/dev/pv sys/kern sys/net sys/net80211 sys/netinet usr.bin/lex usr.bin/ssh usr.sbin/vmd == lib =============================================================== 01/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libcrypto ~ malloc-wrapper.c ~ asn1/a_object.c ~ asn1/a_sign.c ~ asn1/a_verify.c ~ asn1/asn1_lib.c ~ bn/bn_asm.c ~ bn/bn_exp.c ~ bn/bn_lib.c ~ bn/bn_rand.c ~ buffer/buffer.c ~ dsa/dsa_asn1.c ~ ec/ec_key.c ~ ec/ec_lib.c ~ ec/ec_mult.c ~ ec/ecp_nistp224.c ~ ec/ecp_nistp256.c ~ ec/ecp_nistp521.c ~ ec/ecp_nistz256.c ~ ecdh/ech_lib.c ~ ecdsa/ecs_lib.c ~ ecdsa/ecs_vrf.c ~ evp/bio_enc.c ~ evp/digest.c ~ evp/e_aes.c ~ evp/e_chacha20poly1305.c ~ evp/p_open.c ~ gost/gostr341001_key.c ~ hmac/hm_pmeth.c ~ modes/gcm128.c ~ pem/pem_lib.c ~ pem/pem_pkey.c ~ pem/pvkfmt.c ~ pkcs12/p12_key.c ~ pkcs7/pk7_doit.c ~ rsa/rsa_eay.c ~ rsa/rsa_saos.c ~ rsa/rsa_sign.c > use freezero() instead of memset/explicit_bzero + free. Substantially > reduces conditional logic (-218, +82). > MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c > wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and > BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. > Passes regress. ok beck (deraadt@) ~ x509v3/v3_crld.c ~ x509v3/v3_ncons.c ~ x509v3/v3_pci.c > the XXXfree functions being called accept NULL, so don't check first. > ok beck (deraadt@) libtls ~ tls_config.c > use freezero() instead of memset/explicit_bzero + free. Substantially > reduces conditional logic (-218, +82). > MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c > wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and > BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. > Passes regress. ok beck (deraadt@) == regress =========================================================== 02/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib + libcrypto/free/Makefile + libcrypto/free/freenull.c > Add regress for free functions that should be safe with NULL (beck@) sys ~ crypto/aes/Makefile > Pick the right AES source file (mikeb@) ~ crypto/aesctr/Makefile ~ crypto/aesctr/aesctr.c ~ crypto/aesxts/Makefile ~ crypto/aesxts/aes_xts.c ~ crypto/gmac/Makefile ~ crypto/gmac/gmac_test.c > Sync GMAC and AES-CTR/-XTS regress tests with the new AES code > ok djm (mikeb@) ~ crypto/cmac/Makefile ~ crypto/cmac/cmac_test.c ~ crypto/key_wrap/Makefile ~ crypto/key_wrap/key_wrap_test.c > Convert CMAC and Key Wrap regress tests over to the new AES > OK stsp@ (mikeb@) usr.bin ~ mdoclint/mdoclint > bugfix: treat .Bd -unfilled like .Bd -literal; > OK jmc@ wiz@, and also committed upstream to pkgsrc (schwarze@) ~ mdoclint/mdoclint ~ mdoclint/mdoclint.1 > Remove -P (warnings about paragraph problems). > These are fully covered by mandoc -Tlint. > OK jmc@ wiz@, and also committed to pkgsrc. (schwarze@) == sys =============================================================== 03/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/amd64/amd64 ~ vmm.c > Allow setting of guest MSRs from vmd(8). This change is the first part of > a larger effort to implement vmctl send/vmctl receive (snapshot and VM > migration). > From Pratik Vyas, Siri Chandana, Harshada Mone and Ashwin Agrawal, a > group of students I am supervising. > ok kettenis (mlarkin@) ~ aesni.c ~ via.c > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) arch/amd64/include ~ vmmvar.h > Allow setting of guest MSRs from vmd(8). This change is the first part of > a larger effort to implement vmctl send/vmctl receive (snapshot and VM > migration). > From Pratik Vyas, Siri Chandana, Harshada Mone and Ashwin Agrawal, a > group of students I am supervising. > ok kettenis (mlarkin@) arch/arm/mainbus ~ mainbus.c > Remove check for compatible property. Turns out sunxi relied on the broken > check we had before rev 1.16. > Suggested by jmatthew@ (kettenis@) arch/arm64/arm64 ~ pmap.c > The pmap_vp_enter() function should only ever be called for userland > mappings > with the PMAP_CANFAIL flag set. Use PR_NOWAIT in the pool_get() calls such > that we return an error instead of deadlocking if we cannot allocate > a pool item. > ok drahn@ (who says this is needed for SMP as well) (kettenis@) ~ machdep.c > Zap silly diagnostic reboot message. > ok bmercer@, deraadt@ (kettenis@) arch/arm64/dev ~ mainbus.c > Remove check for compatible property here as well. (kettenis@) arch/armv7/armv7 ~ armv7_machdep.c > Zap silly diagnostic reboot message. > ok bmercer@, deraadt@ (kettenis@) arch/i386/i386 ~ vmm.c > Matching i386 commit to previous amd64 commit (initial support for vmctl > send/receive) (mlarkin@) ~ via.c > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) arch/i386/include ~ vmmvar.h > Matching i386 commit to previous amd64 commit (initial support for vmctl > send/receive) (mlarkin@) arch/i386/pci ~ glxsb.c > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) arch/octeon/conf ~ GENERIC ~ RAMDISK ~ files.octeon > Revise MDIO driver code so that device instances can be attached > using fdt. This lets the system utilize multiple MDIO controllers. > This patch enables all RJ45 Ethernet ports on EdgeRouter Pro. > The SFP module slots do not work yet. > OK kettenis@, jmatthew@ (visa@) arch/octeon/dev ~ cn30xxgmx.c ~ cn30xxgmxvar.h ~ cn30xxsmi.c ~ cn30xxsmireg.h ~ cn30xxsmivar.h ~ if_cnmac.c > Revise MDIO driver code so that device instances can be attached > using fdt. This lets the system utilize multiple MDIO controllers. > This patch enables all RJ45 Ethernet ports on EdgeRouter Pro. > The SFP module slots do not work yet. > OK kettenis@, jmatthew@ (visa@) conf ~ newvers.sh TAGGED OPENBSD_6_1 > 6.1-stable (jsg@) crypto ~ cryptosoft.c ~ gmac.c ~ gmac.h ~ xform.c ~ xform.h > Switch OCF and IPsec over to the new AES > ok djm (mikeb@) ~ aes.h > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) ~ cmac.c ~ cmac.h ~ key_wrap.c ~ key_wrap.h > Switch 802.11 crypto over to the new AES > OK stsp@ (mikeb@) dev/fdt ~ sxipio.c > Linux switched from a device-specific pinctrl binding to a the generic > version > for Allwinner devices. Implement support for the latter such that we can > use newer device trees. > ok patrick@ (kettenis@) dev/pv ~ vmmci.c > Resynchronize the guest RTC via vmmci(4) on host resume from zzz/ZZZ > (kernel part) > This feature is for OpenBSD guests only. > ok reyk, kettenis (mlarkin@) kern ~ kern_pledge.c > Stricter pledge for bpf. ok deraadt (natano@) net ~ hfsc.c ~ hfsc.h ~ pf_ioctl.c ~ pfvar.h > Provide pluggable queueing interface for pf > By hiding H-FSC behind pfq_ops structure similar to the ifq_ops, > we provide a possibility to plug alternative queueing interfaces > for use in pf. This reduces amount of H-FSC specific code in the > pf ioctl handler > While here, change the the order of elements in hfsc_class_stats > to provide some compatibility between queue stat structures of > different traffic conditioners. > No objections from henning@, ok sthen@ (mikeb@) net80211 ~ ieee80211_input.c > Fix a problem with associating to wifi networks with a hidden SSID. > If an AP is configured to hide its SSID it sends a non-zero length SSID > which contains only zeroes. The AP sends its actual SSID only in probe > responses after a client includes this SSID in a probe request. > If we happened to receive a beacon before the probe response we stored a > non-zero-length SSID of zeroes and never updated the SSID when the probe > response arrived. The client was then unable to find the AP. > test & ok jung@ (stsp@) ~ ieee80211_crypto.c ~ ieee80211_crypto_bip.c ~ ieee80211_crypto_ccmp.c > Switch 802.11 crypto over to the new AES > OK stsp@ (mikeb@) netinet ~ ip_esp.c > Switch OCF and IPsec over to the new AES > ok djm (mikeb@) == usr.bin =========================================================== 04/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin lex ~ flex.skl > Update yy_buf_size after yyrealloc(). The fix has been merged > upstream as well. (millert@) ssh ~ ssh-keygen.1 > tidy up -O somewhat; ok djm (jmc@) ~ scp.c ~ ssh.c > remove options -12 from usage(); (jmc@) ~ sftp.1 ~ sftp.c > remove -1 / -2 options; pointed out by jmc@ (djm@) ~ ssh-keygen.1 > more -O shuffle; ok djm (jmc@) ~ scp.1 ~ sftp.1 ~ ssh.1 > remove now obsolete protocol1 options from the -o lists; (jmc@) ~ sftp.1 > add PubKeyAcceptedKeyTypes to the -o list: scp(1) has it, so i guess > this should too; (jmc@) ~ ssh-keygen.1 ~ ssh-keyscan.1 > rsa1 is no longer valid; (jmc@) == usr.sbin ========================================================== 05/05 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin vmd ~ vm.c > Matching vmd(8) part of previous diff (first part of vmctl send/receive). > ok kettenis (mlarkin@) ~ vm.c > fix an error in i386 vmd build (mlarkin@) ~ mc146818.c ~ virtio.c ~ virtio.h > Resynchronize the guest RTC via vmmci(4) on host resume from zzz/ZZZ > (vmd part) > This feature is for OpenBSD guests only. > ok reyk, kettenis (mlarkin@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
