OpenBSD src changes summary for 2017-06-07 ==========================================
bin/chmod lib/libc regress/sys regress/usr.bin sbin/ifconfig share/man share/mk sys/dev/pv sys/kern sys/net sys/netinet sys/netinet6 sys/sys usr.bin/at usr.bin/htpasswd usr.bin/lastcomm usr.bin/mandoc usr.bin/tmux usr.sbin/cron usr.sbin/smtpd usr.sbin/vmctl usr.sbin/vmd == bin =============================================================== 01/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin chmod ~ chmod.1 > X is not restricted to just the + operator; > diff from klemens nanni > confirmed by otto (jmc@) == lib =============================================================== 02/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ sys/pledge.2 > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) == regress =========================================================== 03/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress sys ~ net/pf_fragment/pf.conf > To test IPv6 fragements with extension header, the pf pass rules > need an allow-opts. Otherwise pf blocks packets with option header. > (bluhm@) usr.bin ~ ssh/proto-version.sh > unbreak after sshv1 purge (djm@) ~ mdoclint/mdoclint ~ mdoclint/mdoclint.1 > Remove "new sentence, new line" detection, covered by mandoc. > OK jmc@ wiz@ (schwarze@) == sbin ============================================================== 04/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin ifconfig ~ ifconfig.8 > update the VLAN doco. > the parameters are parent and vnetid, not vlandev and vlan. svlan(4) is > also a thing. > ok jmc@ (dlg@) ~ brconfig.c > Fix clang warning about tautological compare: an unsigned long can't > be negative. ok deraadt@ (naddy@) ~ ifconfig.8 > use the same formatting for vlan as the rest of the page; ok dlg (jmc@) == share ============================================================= 05/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man7/roff.7 > Implement the roff(7) .rn (rename macro or string) request. > Renaming a user-defined macro is very simple: just copy > the definition to the new name and delete the old name. > Renaming high-level macros is a bit tricky: use a dedicated > key-value-table, with non-standard names as keys and standard > names as values. When a macro is found that is not user-defined, > look it up in the "renamed" table and translate it back to the > standard name before passing it on to the high-level parsers. (schwarze@) mk ~ bsd.lib.mk > make sure there are no duplicate object files linked when building > syspatches (robert@) == sys =============================================================== 06/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys dev/pv ~ xbf.c > Acquire submit queue mutex only once per xbf_complete_cmd invocation > and remove some leftover assertions. (mikeb@) kern ~ kern_malloc.c > Assert that the calling CPU is holding the KERNEL_LOCK() in malloc(9) > and free(9). > The exception is at early boot when only one CPU is running since we > grab the KERNL_LOCK() relatively late in main(). > ok kettenis@ (mpi@) ~ uipc_socket2.c > Assert that the KERNEL_LOCK() is held when messing with routing, > pfkey and unix sockets. > ok claudio@ (mpi@) ~ kern_pledge.c > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) net ~ route.c > Grab the KERNEL_LOCK() around rtm*() functions. Routing sockets globals > aren't protected by the NET_LOCK(). > While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK() > is enough. > Tested by Hrvoje Popovski. > ok jmatthew@, claudio@ (mpi@) netinet ~ in_pcb.c > Grab the KERNEL_LOCK() around rtm*() functions. Routing sockets globals > aren't protected by the NET_LOCK(). > While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK() > is enough. > Tested by Hrvoje Popovski. > ok jmatthew@, claudio@ (mpi@) netinet6 ~ nd6_rtr.c > Grab the KERNEL_LOCK() around rtm*() functions. Routing sockets globals > aren't protected by the NET_LOCK(). > While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK() > is enough. > Tested by Hrvoje Popovski. > ok jmatthew@, claudio@ (mpi@) sys ~ acct.h > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) == usr.bin =========================================================== 07/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin at ~ at.c > In cron(8), require that crontab and at files in the spool be owned > by group crontab. The at(1) command now creates files owned by > group crontab, the crontab(1) command already does this. > Files in the crontab spool with parse errors are now ignored; > crontab(1) will not install a crontab file with parse errors. > The system crontab file (/etc/crontab) is not affected by this. > The required permissions on crontab files have been tightened. > Files in the cron spool must be mode 0600 (as created by crontab(1)). > The system crontab file may be readable/writable by the owner, > readable by group and readable by other. The system crontab must > be readable by the owner. (millert@) htpasswd ~ htpasswd.c > htpasswd: use crypt_newhash instead of the bcrypt API > man bcrypt states: > These functions are deprecated in favor of crypt_checkpass(3) and > crypt_newhash(3). > hence with this change we move htpasswd to the new API, while here > also change the rounds from a hardcoded 8 to automatic selection based > on system performance. > OK florian@ (awolk@) lastcomm ~ lastcomm.1 ~ lastcomm.c > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) mandoc ~ roff.c ~ roff.h > Implement the roff(7) .rn (rename macro or string) request. > Renaming a user-defined macro is very simple: just copy > the definition to the new name and delete the old name. > Renaming high-level macros is a bit tricky: use a dedicated > key-value-table, with non-standard names as keys and standard > names as values. When a macro is found that is not user-defined, > look it up in the "renamed" table and translate it back to the > standard name before passing it on to the high-level parsers. (schwarze@) ~ term.c ~ term.h > The \h escape sequence provides another method for moving backwards, > and after that, previously written output gets overwritten, but > overwriting with blanks does *not* erase previously written content. > Yes, manual pages exist that are crazy enough to rely on that... > (schwarze@) ~ man_term.c ~ mdoc_term.c ~ roff_term.c ~ tbl_term.c ~ term.c ~ term.h ~ term_ascii.c ~ term_ps.c > Prepare the terminal driver for filling multiple columns in parallel, > first step: split column data out of the terminal state struct into > a new column state struct and use an array of such column state > structs. No functional change. (schwarze@) ~ term.c ~ term.h > Prepare the terminal driver for filling multiple columns in parallel, > second step: make the per-column byte pointer persistent across > term_flushln() calls, such that a subsequent call can continue at > the point where the previous call left. If more than one column > is in use, return from term_flushln() when the column is full, > rather than breaking the output line. > No functional change, because nothing sets up multiple columns yet. > (schwarze@) ~ mdoc.c > Make "new sentence, new line" detection stricter: > Also catch cases where the new sentence starts with a one-letter word > and the input line is broken right after that word. > Suggested by Thomas Klausner <wiz @ NetBSD>. > It's merely a three-bit diff, changing one byte from 0x34 to 0x33, > so what can possibly go wrong... (schwarze@) ~ mdoc.c > Also catch "new sentence, new line" if there are three blanks > between the sentences. Thomas Klausner says he has seen some > of these, and i don't see any false positives. (schwarze@) ~ mandoc.1 ~ mandoc.h ~ mdoc_validate.c ~ read.c ~ roff.h > style checks related to .Er; inspired by mdoclint(1) (schwarze@) tmux ~ mode-tree.c ~ tmux.1 ~ tmux.h ~ window-buffer.c ~ window-client.c ~ window-tree.c > Add simple searching (C-s and n) to the various choose modes: by name > for client and tree, and by name and content for buffer. (nicm@) ~ mode-tree.c ~ proc.c ~ tmux.h ~ window-buffer.c > Return 1 if name matches not 0, also fix some spaces. (nicm@) == usr.sbin ========================================================== 08/08 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin cron ~ atrun.c > When running at jobs, open the at spool and use the directory fd > with openat(), fstatat() and unlinkat(). This is similar to how > we run cron jobs and eliminates the need for run_job() to find the > basename of the at file. OK deraadt@ (millert@) ~ atrun.c ~ cron.c ~ database.c ~ env.c ~ globals.h ~ user.c > In cron(8), require that crontab and at files in the spool be owned > by group crontab. The at(1) command now creates files owned by > group crontab, the crontab(1) command already does this. > Files in the crontab spool with parse errors are now ignored; > crontab(1) will not install a crontab file with parse errors. > The system crontab file (/etc/crontab) is not affected by this. > The required permissions on crontab files have been tightened. > Files in the cron spool must be mode 0600 (as created by crontab(1)). > The system crontab file may be readable/writable by the owner, > readable by group and readable by other. The system crontab must > be readable by the owner. (millert@) smtpd ~ smtpd.conf.5 > reword "listen on socket" somewhat; ok gilles (jmc@) vmctl ~ main.c > vmctl: change default "vmctl console" (cu) baud rate to 115200. Not > strictly needed but matches the previous baudrate diff committed earlier > to vmd. > ok deraadt, phessler (mlarkin@) vmd ~ loadfile.h > vmd: properly advertise 640k base memory, not 636k. That was a holdover > from before we had seabios support (to fake a hole where the EBDA would > be), and seabios always assumes 640k low memory is available. Fixes a > problem where FreeDOS guests whose seabios placed the virtio ring too > close to 640k would crash vmd. tested on a variety of guest OS, with > and without seabios. no regressions seen. (mlarkin@) ~ ns8250.c ~ ns8250.h ~ vm.c ~ vmm.h > vmd: Implement simulated baudrate support in the ns8250 module. The > previous version was allowing an output rate that is "too fast", and linux > guests would give up after 512 characters TXed ("too much work for irq4"). > This diff calculates the approximate rate we can sustain at the current > programmed baud rate and limits the output to that rate by inserting a > HZ delay after a specified number of characters have been transmitted. > This fixes the linux guest console issue. > Note that the console now outputs at more or less the selected baud rate, > instead of nearly instantaneously as before - if you selected 9600 in > your guest VMs before, you might want to change that to 115200 now for a > better console experience. > krw@ "seems like a good idea to me" (mlarkin@) =============================================================================== _______________________________________________ odc mailing list [email protected] http://www.squish.net/mailman/listinfo/odc
