OpenBSD src changes summary for 2017-06-05 ==========================================
distrib/syspatch etc/rc.d/rc.subr regress/bin sbin/ifconfig share/man share/mk sys/arch/alpha/alpha sys/arch/alpha/conf sys/arch/alpha/include sys/arch/amd64/conf sys/arch/arm64/conf sys/arch/armv7/conf sys/arch/hppa/conf sys/arch/hppa/hppa sys/arch/i386/conf sys/arch/loongson/conf sys/arch/luna88k/conf sys/arch/octeon/conf sys/arch/octeon/octeon sys/arch/sgi/conf sys/arch/sparc64/conf sys/conf sys/dev/ic sys/net usr.bin/mkdep usr.sbin/cron == distrib =========================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib syspatch ~ diff.sh > do not remove used files from the fakeroot (robert@) ~ bsd.syspatch.mk > do not add ./ to the path of the files in the tarball (robert@) ~ bsd.syspatch.mk > set BUILDUSER to build by default, this can be overwritten from the > environment (robert@) ~ bsd.syspatch.mk > a kernel errata requires a full build as well in case some headers > change so let's do a full build all the time (robert@) == etc =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc rc.d/rc.subr ~ rc.d/rc.subr > Fix logic in _rc_wait to properly cope with setproctitle(3) daemons. It was > a > regression from my recent rc.subr changes. > reported by deraadt@ and naddy@ : pflogd was marked as failed during boot > while > it was properly running (ajacoutot@) ~ rc.d/rc.subr > Temporarily disable the second call to rc_check until I figure out what > is going on. Should fix another case of false negative reported by sthen > (redis). (ajacoutot@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress bin - ksh/vi/Makefile - ksh/vi/config.h - ksh/vi/edit.h - ksh/vi/sh.h - ksh/vi/test_vi.c - ksh/vi/vi.sh ~ ksh/Makefile > Rewrite ksh edit mode regression tests. > Instead of calling x_vi() directly, run ksh in a pseudo tty. > This makes the process of adding tests for emacs mode simpler since the > code can > be shared. > With feedback and help from millert@ and schwarze@ (anton@) + ksh/edit/Makefile + ksh/edit/edit.c + ksh/edit/emacs.sh + ksh/edit/subr.sh + ksh/edit/vi.sh > Add new edit regress files. > Absent from my previous commit. (anton@) ~ ksh/edit/emacs.sh > Test insertion of non-ASCII characters, in particular making sure > that valid input does not cause writing invalid intermediate states > to the terminal, and that invalid input is not delayed waiting for > more input, but written through right away. > Currently failing, but expected to be fixed shortly. (schwarze@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin ifconfig ~ ifconfig.c > remove vlan(4) specific output handling > vlan(4) now understands the generic vnetid and ifparent ioctls, so > this is redundant. > ok henning@ (dlg@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man5/bsd.port.mk.5 > initial docs for COMPILER_WRAPPER and COMPILER_LINKS (sthen@) ~ man8/release.8 > Show usage of sysmerge and MAKEDEV instead of just mentioning them. > From Scott Cheloha, thanks. > ok jmc and positive feedback from several (tb@) mk ~ bsd.lib.mk > exclude more objects from the readelf output when building syspatches > (needed on i386) (robert@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ autoconf.c ~ locore.s + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because alpha (insecurely in my view) runs in the KSEG0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which is gone. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/alpha/conf ~ Makefile.alpha > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.alpha ~ files.alpha > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because alpha (insecurely in my view) runs in the KSEG0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which is gone. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/alpha/include ~ param.h > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because alpha (insecurely in my view) runs in the KSEG0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which is gone. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/amd64/conf ~ Makefile.amd64 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.amd64 > use same idiom as other Makefiles (deraadt@) arch/arm64/conf ~ Makefile.arm64 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.arm64 > track permissions of original file (deraadt@) arch/armv7/conf ~ Makefile.armv7 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) arch/hppa/conf ~ Makefile.hppa > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ ld.script > Increase kernel size, by pushing rodata 1MB forward, from 5MB to 6MB. > This seems to satisfy the BTLB granularity. Good enough for now. > ok kettenis (deraadt@) ~ Makefile.hppa ~ files.hppa > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > The bootstrap code will need smashing because it is mapped by BLTB, > but this is a bit involved so not done yet. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code > (which will be gone when it is smashed). > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/hppa/hppa ~ locore.S + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > The bootstrap code will need smashing because it is mapped by BLTB, > but this is a bit involved so not done yet. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code > (which will be gone when it is smashed). > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/i386/conf ~ Makefile.i386 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) arch/loongson/conf ~ Makefile.loongson > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) arch/luna88k/conf ~ Makefile.luna88k > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) arch/octeon/conf ~ Makefile.octeon > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.octeon ~ files.octeon > Randomize the link order of .o files in the kernel on octeon. > Unlike on some other architectures, it is not possible to unmap > the early boot code. Instead, the code is smashed during boot. > Input from deraadt@ (visa@) arch/octeon/octeon ~ locore.S + locore0.S > Randomize the link order of .o files in the kernel on octeon. > Unlike on some other architectures, it is not possible to unmap > the early boot code. Instead, the code is smashed during boot. > Input from deraadt@ (visa@) arch/sgi/conf ~ Makefile.sgi > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) arch/sparc64/conf ~ Makefile.sparc64 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) conf ~ makegap.sh > Avoid use of _C_LABEL, since it is not portable to all our architectures. > And anyways, everything is ELF now. (deraadt@) ~ makegap.sh > include machine/param.h before machine.asm.h because uhm alpha. (deraadt@) dev/ic ~ qla.c ~ qlareg.h ~ qlavar.h > use byte swapping loads and stores. > shrinks the code a bit on sparc64. > ok jmatthew@ (dlg@) net ~ pf.c ~ pf_ioctl.c ~ pf_norm.c ~ pfvar_priv.h > - let's add PF_LOCK() > to enable PF_LOCK(), you must add 'option WITH_PF_LOCK' to your kernel > configuration. The code does not do much currently it's just the very > small step towards MP. > O.K. henning@, mikeb@, mpi@ (sashan@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin mkdep ~ mkdep.gcc.sh > explicitly pass -w since clang -M doesn't imply it. > okay millert@ (espie@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin cron ~ cron.c > Set the group on cron's Unix domain socket _before_ making it > group-writable, not after. Pointed out by Solar Designer. (millert@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
