OpenBSD src changes summary for 2017-06-03 ==========================================
distrib/alpha distrib/amd64 distrib/hppa distrib/i386 distrib/miniroot distrib/ramdisk distrib/sets distrib/sparc64 etc/Makefile etc/rc etc/rc.d/slaacd regress/usr.bin sbin sbin/slaacd share/misc sys/arch/alpha/conf sys/arch/amd64/conf sys/arch/arm64/conf sys/arch/armv7/conf sys/arch/hppa/conf sys/arch/i386/conf sys/arch/landisk/conf sys/arch/loongson/conf sys/arch/luna88k/conf sys/arch/macppc/conf sys/arch/octeon/conf sys/arch/sgi/conf sys/arch/socppc/conf sys/arch/sparc64/conf sys/conf sys/dev/pv sys/kern sys/net sys/net80211 usr.bin/mandoc usr.bin/tmux usr.sbin usr.sbin/config usr.sbin/slaacctl usr.sbin/slaacd == distrib =========================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib alpha ~ bsd.rd/Makefile > kernels in compile dirs are readonly, and the bsd.rd we created has > tracked that permission. Make the copy in $RELEASEDIR a+r (deraadt@) amd64 ~ ramdiskA/Makefile.inc ~ ramdisk_cd/Makefile.inc > kernels in compile dirs are readonly, and the bsd.rd we created has > tracked that permission. Make the copy in $RELEASEDIR a+r (deraadt@) hppa ~ ramdisk/Makefile > kernels in compile dirs are readonly, and the bsd.rd we created has > tracked that permission. Make the copy in $RELEASEDIR a+r (deraadt@) i386 ~ common/Makefile.inc > kernels in compile dirs are readonly, and the bsd.rd we created has > tracked that permission. Make the copy in $RELEASEDIR a+r (deraadt@) miniroot ~ install.sub > After installing, chmod og-rwx {/bsd bsd.mp bsd.sp bsd.rd } > (Should we make them kmem readable? Let's ignore that for now and see > if any issues surface). > ok tb rpe (deraadt@) ramdisk ~ Makefile > kernels in compile dirs are readonly, and the bsd.rd we created has > tracked that permission. Make the copy in $RELEASEDIR a+r (deraadt@) sets ~ lists/base/mi > sync (florian@) sparc64 ~ bsd.rd/Makefile ~ common/Makefile.inc > kernels in compile dirs are readonly, and the bsd.rd we created has > tracked that permission. Make the copy in $RELEASEDIR a+r (deraadt@) == etc =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc Makefile ~ Makefile > kernels in compile dirs are og-rwx, so need to make them readable in > $RELEASEDIR > ok tb rpe (deraadt@) rc ~ rc > Immediately after mounting / read-write, chmod og-rwx the kernel. Remote > prying eyes were already been hindered at determining kernel addresses, now > local prying eyes are also hindered. > ok tb rpe (deraadt@) ~ rc > We have been running a small awk program before installing the relinked > libc. > Perform the same kind of test for relinked libcrypto, using an openssl > sequence (proposed by sthen) (deraadt@) rc.d/slaacd ~ rc.d/slaacd > Move slaacd to /sbin > jca points out that all the other interface configuration tools live > there (like ifconfig or dhclient). Furthermore it starts so early in > the boot process that /usr might not be mounted yet if it's a nfs > filesystem. > sthen and deraadt agree (florian@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress usr.bin ~ mdoclint/mdoclint ~ mdoclint/mdoclint.1 > delete -n option, now covered by mandoc; OK jmc@ (schwarze@) ~ mandoc/man/B/Makefile ~ mandoc/man/SH/Makefile ~ mandoc/man/SH/noarg.in ~ mandoc/man/SH/noarg.out_ascii ~ mandoc/man/SH/noarg.out_lint ~ mandoc/man/SS/Makefile ~ mandoc/man/SS/noarg.in ~ mandoc/man/SS/noarg.out_ascii ~ mandoc/man/SS/noarg.out_lint ~ mandoc/man/TP/Makefile ~ mandoc/man/TP/broken.in ~ mandoc/man/TP/broken.out_ascii ~ mandoc/man/TP/broken.out_lint + mandoc/man/B/blank.in + mandoc/man/B/blank.out_ascii + mandoc/man/B/blank.out_lint > ignore blank lines in man(7) next line scope; > strange groff edge case behaviour found in multimedia/mjpegtools > (schwarze@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin sbin ~ Makefile > Move slaacd to /sbin > jca points out that all the other interface configuration tools live > there (like ifconfig or dhclient). Furthermore it starts so early in > the boot process that /usr might not be mounted yet if it's a nfs > filesystem. > sthen and deraadt agree (florian@) slaacd + Makefile + control.c + control.h + engine.c + engine.h + frontend.c + frontend.h + log.c + log.h + slaacd.8 + slaacd.c + slaacd.h > Move slaacd to /sbin > jca points out that all the other interface configuration tools live > there (like ifconfig or dhclient). Furthermore it starts so early in > the boot process that /usr might not be mounted yet if it's a nfs > filesystem. > sthen and deraadt agree (florian@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share misc ~ inter.phone > fix spelling in a handful of the Swedish entries (halex@) ~ airport > use proper name for LPI (halex@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/conf ~ Makefile.alpha > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/amd64/conf ~ Makefile.amd64 > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/arm64/conf ~ Makefile.arm64 > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/armv7/conf ~ Makefile.armv7 > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/hppa/conf ~ Makefile.hppa > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/i386/conf ~ Makefile.i386 > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/landisk/conf ~ Makefile.landisk > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/loongson/conf ~ Makefile.loongson > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/luna88k/conf ~ Makefile.luna88k > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/macppc/conf ~ Makefile.macppc > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/octeon/conf ~ Makefile.octeon > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/sgi/conf ~ Makefile.sgi > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/socppc/conf ~ Makefile.socppc > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) arch/sparc64/conf ~ Makefile.sparc64 > Create gap.S and gap.o with umask 077. Create lorder and bsd* with umask > 007. > Prying eyes cannot look at the kernels in the compile directory. > ok tb rpe, kernel developers seem unimpacted (deraadt@) conf ~ makegap.sh > use .balign instead of .align, it is portable to more architectures > discussed with patrick (deraadt@) ~ makegap.sh > ".section .bss" is portable to more platforms than plain ".bss" (deraadt@) dev/pv ~ vioblk.c ~ virtiovar.h > vioblk/virtio: Re-arrange some struct members > This reduces holes/padding and makes the structs smaller. (sf@) kern ~ kern_pledge.c > Avoid printing garbage when aborting a program that tries to use a > prohibited sysctl. > ok deraadt (tb@) net ~ if_tun.c > Add missing NET_LOCK(). > Found by jmc@ (mpi@) net80211 ~ ieee80211_crypto_tkip.c ~ ieee80211_crypto_wep.c > Explicitly zero out the wepseed for TKIP and WEP. > ok stsp (tb@) ~ ieee80211_input.c ~ ieee80211_node.c ~ ieee80211_proto.c > Add a few sizes to free(). > Input, help & ok stsp (tb@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin mandoc ~ main.c ~ mandoc.1 > enable -Wstyle by default in -Tlint; OK jmc@ (schwarze@) ~ man.c ~ mandoc.h ~ read.c > ignore blank lines in man(7) next line scope; > strange groff edge case behaviour found in multimedia/mjpegtools > (schwarze@) tmux ~ tty.c > Foreground colours with the bright attribute set need to use the bright > entries in the palette. GitHub issue 954. (nicm@) ~ input.c ~ options-table.c ~ tmux.1 ~ window-copy.c > Make set-clipboard a three-state option so tmux itself can ignore the > sequencess. (nicm@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin usr.sbin ~ Makefile > Move slaacd to /sbin > jca points out that all the other interface configuration tools live > there (like ifconfig or dhclient). Furthermore it starts so early in > the boot process that /usr might not be mounted yet if it's a nfs > filesystem. > sthen and deraadt agree (florian@) config ~ exec_elf.c > config -e mode should match our other policies which ensure og-rwx /bsd. > pointed out by brynet (deraadt@) slaacctl ~ Makefile > Move slaacd to /sbin > jca points out that all the other interface configuration tools live > there (like ifconfig or dhclient). Furthermore it starts so early in > the boot process that /usr might not be mounted yet if it's a nfs > filesystem. > sthen and deraadt agree (florian@) slaacd - Makefile - control.c - control.h - engine.c - engine.h - frontend.c - frontend.h - log.c - log.h - slaacd.8 - slaacd.c - slaacd.h > Move slaacd to /sbin > jca points out that all the other interface configuration tools live > there (like ifconfig or dhclient). Furthermore it starts so early in > the boot process that /usr might not be mounted yet if it's a nfs > filesystem. > sthen and deraadt agree (florian@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
