OpenBSD src changes summary for 2017-04-30 to 2017-05-07 inclusive ==================================================================
bin/ksh distrib/arm64 distrib/miniroot distrib/sets etc/changelist etc/mtree/special etc/netstart etc/rc lib/libc lib/libcrypto lib/libssl lib/libtls lib/libutil regress/lib regress/sys regress/usr.bin sbin/init sbin/sysctl share/man sys/arch/alpha/alpha sys/arch/alpha/dev sys/arch/alpha/tc sys/arch/amd64/amd64 sys/arch/amd64/conf sys/arch/amd64/include sys/arch/arm/arm sys/arch/arm/conf sys/arch/arm/cortex sys/arch/arm/mainbus sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/arm64/dev sys/arch/arm64/include sys/arch/arm64/stand/efiboot sys/arch/armv7/armv7 sys/arch/armv7/broadcom sys/arch/armv7/dev sys/arch/armv7/exynos sys/arch/armv7/imx sys/arch/armv7/include sys/arch/armv7/omap sys/arch/armv7/stand/efiboot sys/arch/armv7/sunxi sys/arch/hppa/hppa sys/arch/i386/conf sys/arch/i386/i386 sys/arch/i386/include sys/arch/i386/pci sys/arch/landisk/dev sys/arch/landisk/landisk sys/arch/loongson/dev sys/arch/loongson/loongson sys/arch/luna88k/dev sys/arch/luna88k/luna88k sys/arch/m88k/m88k sys/arch/macppc/dev sys/arch/macppc/macppc sys/arch/mips64/mips64 sys/arch/octeon/conf sys/arch/octeon/dev sys/arch/octeon/octeon sys/arch/powerpc/ddb sys/arch/powerpc/powerpc sys/arch/sgi/hpc sys/arch/sgi/sgi sys/arch/sh/dev sys/arch/sh/sh sys/arch/socppc/socppc sys/arch/sparc64/dev sys/arch/sparc64/sparc64 sys/conf sys/crypto sys/ddb sys/dev sys/dev/ata sys/dev/fdt sys/dev/ic sys/dev/isa sys/dev/ofw sys/dev/pci sys/dev/pv sys/dev/sdmmc sys/dev/usb sys/dev/wscons sys/kern sys/net sys/net80211 sys/netinet sys/netinet6 sys/scsi sys/sys sys/uvm usr.bin/encrypt usr.bin/less usr.bin/lex usr.bin/lock usr.bin/mandoc usr.bin/netstat usr.bin/openssl usr.bin/skey usr.bin/ssh usr.bin/systat usr.bin/tmux usr.bin/units usr.bin/x99token usr.sbin/config usr.sbin/dhcpd usr.sbin/installboot usr.sbin/ocspcheck usr.sbin/relayd usr.sbin/smtpd usr.sbin/syspatch usr.sbin/tokeninit usr.sbin/vmctl usr.sbin/vmd == bin =============================================================== 01/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin ksh ~ eval.c > Quiet an "implicit conversion from 'int' to 'char' changes value" > warning from clang. (millert@) == distrib =========================================================== 02/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib arm64 ~ miniroot/Makefile ~ ramdisk/install.md > Increase the offset from the start of the disk to the FAT filesystem > from sector 2048/1MB to sector 8192/4MB. > This gives enough space for a combined U-Boot and ATF FIT image for the > Firefly-RK3399. > Requested by and ok kettenis@ (jsg@) miniroot ~ install.sub > Remove last remnants of rtsol. IPv6 autoconfiguration of interfaces > is now done in ifstart(). Replace rtsolif with a boolean variable > V6_AUTOCONF. Replace dhcpif with a boolean variable V4_DHCPCONF. > Both are later used to decide whether or not to configre defaultroutes > from /etc/mygate. > OK krw@ (rpe@) ~ install.sub > Apply same change of defaultroute handling as in r1.179 of netstart. > Now that routes are automatically G/C with the address they are > attached to there's no reason to duplicate the kernel's job. (rpe@) ~ install.sub > Add build to the list of usernames that are rejected during > installation. > Noted by crd _at_ crdavies.eu > OK tb@ (rpe@) sets ~ lists/base/mi ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi ~ lists/man/mi > sync (deraadt@) ~ lists/comp/gcc.alpha ~ lists/comp/gcc.amd64 ~ lists/comp/gcc.armv7 ~ lists/comp/gcc.hppa ~ lists/comp/gcc.i386 ~ lists/comp/gcc.landisk ~ lists/comp/gcc.loongson ~ lists/comp/gcc.luna88k ~ lists/comp/gcc.macppc ~ lists/comp/gcc.octeon ~ lists/comp/gcc.sgi ~ lists/comp/gcc.socppc ~ lists/comp/gcc.sparc64 ~ lists/comp/md.alpha ~ lists/comp/md.amd64 ~ lists/comp/md.armv7 ~ lists/comp/md.hppa ~ lists/comp/md.i386 ~ lists/comp/md.landisk ~ lists/comp/md.loongson ~ lists/comp/md.luna88k ~ lists/comp/md.macppc ~ lists/comp/md.octeon ~ lists/comp/md.sgi ~ lists/comp/md.socppc ~ lists/comp/md.sparc64 ~ lists/comp/mi > move more gcc files to gcc sets > ok deraadt@ (jsg@) ~ lists/comp/gcc.alpha ~ lists/comp/gcc.amd64 ~ lists/comp/gcc.armv7 ~ lists/comp/gcc.hppa ~ lists/comp/gcc.i386 ~ lists/comp/gcc.landisk ~ lists/comp/gcc.loongson ~ lists/comp/gcc.luna88k ~ lists/comp/gcc.macppc ~ lists/comp/gcc.octeon ~ lists/comp/gcc.sgi ~ lists/comp/gcc.socppc ~ lists/comp/gcc.sparc64 ~ lists/comp/md.alpha ~ lists/comp/md.amd64 ~ lists/comp/md.armv7 ~ lists/comp/md.hppa ~ lists/comp/md.i386 ~ lists/comp/md.landisk ~ lists/comp/md.loongson ~ lists/comp/md.luna88k ~ lists/comp/md.macppc ~ lists/comp/md.octeon ~ lists/comp/md.sgi ~ lists/comp/md.socppc ~ lists/comp/md.sparc64 > move some binutils files from gcc sets back to md sets > ok deraadt@ (jsg@) ~ lists/comp/mi > sync (jsg@) ~ lists/base/mi > sync (tb@) ~ lists/comp/mi > sync (jsg@) == etc =============================================================== 03/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc changelist ~ changelist > add vm.conf to changelist and mtree/special > OK reyk mlarkin (gsoares@) mtree/special ~ mtree/special > add vm.conf to changelist and mtree/special > OK reyk mlarkin (gsoares@) netstart ~ netstart > Do not try to delete a default route before adding it. > Now that route are automatically G/C with the address they are attached > to there's no reason to duplicate the kernel's job. > Fix a regression introduced with multipath default routes. > ok deraadt@ (mpi@) ~ netstart > Remove last remnants of rtsol. IPv6 autoconfiguration of interfaces is now > done in ifstart(). Remove ipv6autoconf() and replace rtsolif with a boolean > variable V6_AUTOCONF. Replace dhcpif with a boolean variable V4_DHCPCONF. > Both are later used in defaultroute() to decide whether or not to configre > defaultroutes from /etc/mygate. > OK krw@ (rpe@) ~ netstart > Revert r1.170 and remove the id==0 check. > The id binary is not available in nfs diskless setups at this point. > reported by Andreas Kusalananda, thanks. > discussed with deraadt@ (rpe@) ~ netstart > Replace hardcoded script name with ${0##*/} > OK tb@ halex@ (rpe@) ~ netstart > Change test from [] to [[]] and simplify pattern. > OK tb@, krw@ (for [[]]) > Feedback and OK halex@ (rpe@) rc ~ rc > Comments and spacing. (rpe@) == lib =============================================================== 04/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ Symbols.list ~ shlib_version ~ sys/Makefile.inc > Add futex(2) shim, bump minor. > Inputs from guenther@, ok kettenis@, visa@ (mpi@) ~ sys/wait.2 > Document that wait3/waitpid can receive SIGCHILD when wpid does > not exist or is not a child of the calling process. > Document what happens when SIGCHLD is ignored or SA_NOCLDWAIT is > set in sa_flags (this part from FreeBSD). > OK guenther@ (millert@) ~ net/gai_strerror.3 > make the description strings match the code (deraadt@) ~ gen/sysctl.3 > Merge headers defining identifiers from sysctl.8 into sysctl.3. Shorten and > update their descriptions. In sysctl.8 refer to /etc/sysctl.conf in FILES. > discussed with and ok jmc (tb@) ~ sys/sigprocmask.2 > Mention that the signal mask does not affect what signals are > discarded by the kernel. Document that at least one pending signal > will be delivered before sigprocmask() returns. (millert@) ~ sys/kill.2 > Document what happens when sending a signal to the calling process. > OK jmc@ (millert@) ~ sys/kill.2 > Move info about group handling via a negative pid into the list > with the other pid-specific details. (millert@) ~ compat-43/killpg.c > Don't allow a negative process group ID, it would turn into a > process ID when negated. (millert@) ~ compat-43/killpg.3 > killpg() is covered by XSI so add a STANDARDS section to that effect > and document that handling of process group 0 is not specified by > the standard. (millert@) libcrypto ~ bio/b_sock.c > Microsoft Windows hates BIO_get_accept_socket in portable. Fix it to > not be awful or have any claims on supporting ipv6 when it does so > very badly > ok jsing@ (beck@) ~ Makefile > Only enable -Werror on libcrypto/libssl/libtls if we are building with > gcc4. This should avoid failed builds while transitioning compilers. > While here also make the CFLAGS blocks consistent across makefiles. > Discussed with deraadt@, ok beck@ (jsing@) ~ bio/b_sock.c > Rework BIO_accept to be more like modern code. > ok jsing@ (beck@) ~ bio/b_sock.c > Make BIO_get_host_ip just yet another getaddrinfo wrapper (beck@) ~ bio/b_sock.c > No original OpenSSL code remains in this file. Relicense (beck@) ~ malloc-wrapper.c ~ asn1/a_object.c ~ asn1/a_sign.c ~ asn1/a_verify.c ~ asn1/asn1_lib.c ~ bn/bn_asm.c ~ bn/bn_exp.c ~ bn/bn_lib.c ~ bn/bn_rand.c ~ buffer/buffer.c ~ dsa/dsa_asn1.c ~ ec/ec_key.c ~ ec/ec_lib.c ~ ec/ec_mult.c ~ ec/ecp_nistp224.c ~ ec/ecp_nistp256.c ~ ec/ecp_nistp521.c ~ ec/ecp_nistz256.c ~ ecdh/ech_lib.c ~ ecdsa/ecs_lib.c ~ ecdsa/ecs_vrf.c ~ evp/bio_enc.c ~ evp/digest.c ~ evp/e_aes.c ~ evp/e_chacha20poly1305.c ~ evp/p_open.c ~ gost/gostr341001_key.c ~ hmac/hm_pmeth.c ~ modes/gcm128.c ~ pem/pem_lib.c ~ pem/pem_pkey.c ~ pem/pvkfmt.c ~ pkcs12/p12_key.c ~ pkcs7/pk7_doit.c ~ rsa/rsa_eay.c ~ rsa/rsa_saos.c ~ rsa/rsa_sign.c > use freezero() instead of memset/explicit_bzero + free. Substantially > reduces conditional logic (-218, +82). > MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c > wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and > BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. > Passes regress. ok beck (deraadt@) ~ x509v3/v3_crld.c ~ x509v3/v3_ncons.c ~ x509v3/v3_pci.c > the XXXfree functions being called accept NULL, so don't check first. > ok beck (deraadt@) ~ asn1/a_time_tm.c ~ asn1/asn1.h ~ man/ASN1_time_parse.3 > Add ASN1_TIME_set_tm to set an asn1 from a struct tm * > ok jsing@ (beck@) ~ Symbols.list > Add ASN1_TIME_set_to to exported symbols > ok jsing@ (beck@) ~ shlib_version > Bump minors for symbol addition in libcrypto > ok jsing@ (beck@) ~ man/ASN1_time_parse.3 > space needed between macro arg and punctuation; (jmc@) ~ Makefile + hkdf/hkdf.c + hkdf/hkdf.h > Bring in HKDF, from BoringSSL, with regress tests modified to be > in C. Ride previous minor bump > ok tom@ inoguchi@ jsing@ (beck@) libssl ~ src/ssl/s3_srvr.c TAGGED OPENBSD_6_0 > MFC. > Fix a bug caused by the return value being set early to signal successful > DTLS cookie validation. This can mask a later failure and result in a > positive return value being returned from ssl3_get_client_hello(), when > it should return a negative value to propagate the error. > ok beck@ (jsing@) ~ ssl_asn1.c TAGGED OPENBSD_6_0 > Switch back to freezero() and explicitly initialise data_len to zero. The > previous code was safe since data would always be NULL if data_len was > uninitialised, however compilers cannot know this. (jsing@) ~ Makefile TAGGED OPENBSD_6_0 > Only enable -Werror on libcrypto/libssl/libtls if we are building with > gcc4. This should avoid failed builds while transitioning compilers. > While here also make the CFLAGS blocks consistent across makefiles. > Discussed with deraadt@, ok beck@ (jsing@) ~ ssl_asn1.c ~ ssl_packet.c ~ ssl_versions.c ~ t1_hash.c TAGGED OPENBSD_6_0 > Add missing $OpenBSD$ tags. (jsing@) ~ shlib_version TAGGED OPENBSD_6_0 > Bump minors for symbol addition in libcrypto > ok jsing@ (beck@) ~ Symbols.list ~ s3_lib.c ~ ssl.h ~ ssl_lib.c ~ ssl_locl.h ~ ssl_versions.c TAGGED OPENBSD_6_0 > Provide SSL{,_CTX}_set_{min,max}_proto_version() functions. > Rides minor bump. > ok beck@ (jsing@) ~ d1_clnt.c ~ d1_srvr.c ~ s3_lib.c ~ ssl_both.c ~ ssl_clnt.c ~ ssl_lib.c ~ ssl_locl.h ~ ssl_pkt.c ~ ssl_srvr.c ~ t1_enc.c ~ t1_lib.c TAGGED OPENBSD_6_0 > Bring in an SSL_HANDSHAKE structure and commence the great shovelling > ok jsing@, gcc@, regress@ (beck@) ~ d1_both.c ~ d1_clnt.c ~ d1_pkt.c ~ d1_srvr.c ~ s3_lib.c ~ ssl.h ~ ssl_both.c ~ ssl_clnt.c ~ ssl_err.c ~ ssl_lib.c ~ ssl_locl.h ~ ssl_pkt.c ~ ssl_srvr.c ~ ssl_stat.c ~ t1_lib.c TAGGED OPENBSD_6_0 > Move state from ssl->internal to the handshake structure. > while we are at it, convert SSLerror to use a function > internally, so that we may later allocate the handshake > structure and check for it > ok jsing@ (beck@) ~ bs_cbb.c TAGGED OPENBSD_6_0 > Instead of starting a 'zero-sized' CBB at the size of the first addition > to the CBB, then doubling, start with an initial size of 64 bytes. Almost > all uses will exceed this size and we avoid multiple small recallocarray() > calls during the initial usage. > ok beck@ (jsing@) ~ s3_lib.c TAGGED OPENBSD_6_0 > Drop cipher suites with DSS authentication - there is no good reason to > keep these around. > ok beck@ (jsing@) libtls ~ tls_config.c > Add a tls_keypair_clear_key() function that uses freezero() to make key > material inaccessible, then call it from the appropriate places. > ok beck@ (jsing@) ~ Makefile > Only enable -Werror on libcrypto/libssl/libtls if we are building with > gcc4. This should avoid failed builds while transitioning compilers. > While here also make the CFLAGS blocks consistent across makefiles. > Discussed with deraadt@, ok beck@ (jsing@) ~ tls_config.c > use freezero() instead of memset/explicit_bzero + free. Substantially > reduces conditional logic (-218, +82). > MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c > wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and > BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. > Passes regress. ok beck (deraadt@) ~ tls_internal.h > Move tls_config_skip_private_key_check() out from under HIDDEN_DECLS. > Even though this is not a real public interface we need the symbol in > the shared library so that relayd can use it (needed for TLS key privsep) > OK beck@ (claudio@) ~ shlib_version > Bump minors for symbol addition in libcrypto > ok jsing@ (beck@) ~ Symbols.list ~ tls.h ~ tls_util.c > Provide a tls_unload_file() function, that frees the memory returned from > a tls_load_file() call, ensuring that it the contents become inaccessible. > This is specifically needed on platforms where the library allocators may > be different from the application allocator. > ok beck@ (jsing@) ~ tls.c ~ tls_config.c ~ tls_internal.h ~ tls_server.c > Perform reference counting for tls_config. This allows tls_config_free() to > be called as soon as it has been passed to the final tls_configure() call, > simplifying lifetime tracking for the application. > Requested some time ago by tedu@. > ok beck@ (jsing@) ~ man/tls_load_file.3 > Document tls_unload_file(). (jsing@) ~ man/tls_init.3 > Be explicit about when it is safe to call tls_config_free(). > Discussed with beck@ (jsing@) ~ tls_util.c > BIO_free_all() and EVP_PKEY_free() can be called with NULL. (jsing@) ~ tls_util.c > Use freezero() for the tls_load_file() failure case, since we're > potentially dealing with key material. Also switch a calloc to malloc, > since we immediately copy the same amount of data to the newly allocated > buffer. (jsing@) ~ tls.c > Return an error if tls_handshake() is called on a TLS context that has > already completed a TLS handshake. (jsing@) ~ tls_client.c ~ tls_internal.h > Ensure that a client context has been connected before attempting to > complete a TLS handshake. (jsing@) libutil ~ imsg_init.3 > spacing (in EXAMPLES code) (reyk@) == regress =========================================================== 05/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libtls/verify/verifytest.c > Add missing tls_init() and tls_free() calls. (jsing@) ~ libcrypto/bio/biotest.c > whitespace (beck@) + libcrypto/free/Makefile + libcrypto/free/freenull.c > Add regress for free functions that should be safe with NULL (beck@) ~ libssl/unit/ssl_versions.c > Add regress coverage for SSL{,_CTX}_set_{min,max}_proto_version(). (jsing@) ~ libcrypto/Makefile + libcrypto/hkdf/Makefile + libcrypto/hkdf/hkdf_test.c > Bring in HKDF, from BoringSSL, with regress tests modified to be > in C. Ride previous minor bump > ok tom@ inoguchi@ jsing@ (beck@) ~ libcrypto/free/freenull.c > Not much point using a failed variable here. (jsing@) ~ libcrypto/free/freenull.c > Sort/group functions. (jsing@) ~ libcrypto/free/freenull.c > Add more functions. (jsing@) ~ libtls/tls/tlstest.c > Free tls_configs earlier now that we have refcounting. (jsing@) ~ libtls/tls/Makefile ~ libtls/tls/tlstest.c > Move TLS test code into a function that is called from main, making it > easier for new tests to be added. (jsing@) ~ libssl/unit/tls_prf.c > Bring in an SSL_HANDSHAKE structure and commence the great shovelling > ok jsing@, gcc@, regress@ (beck@) ~ libtls/tls/tlstest.c > Split TLS client/server handshake and close code into separate functions > so that it can be reused. (jsing@) ~ libtls/tls/tlstest.c > An an initial sequencing/ordering test for libtls. (jsing@) ~ libtls/tls/tlstest.c > Add a test that calls tls_handshake() on a connection that has already > completed a TLS handshake. This should return a failure, but currently > succeeds (hence the regress currently fails). (jsing@) ~ libtls/tls/tlstest.c > Also test calling tls_handshake() on a server connection context that has > already completed a TLS handshake. (jsing@) ~ libtls/tls/tlstest.c > Add a (currently failing) call to tls_handshake() on a client context that > has not yet been connected. We expect this to fail, but it should fail > gracefully. (jsing@) ~ libssl/client/clienttest.c > Revise cipher suites in regress to match DSS cipher suite removal. (jsing@) sys ~ kern/Makefile + kern/futex/Makefile + kern/futex/futex.c + kern/futex/futex.h > Regression tests for futex(2). (mpi@) ~ kern/futex/futex.c > Check that unsupported operation returns ENOSYS. (mpi@) ~ crypto/aes/aestest.c > Switch AES testcase to the new implementation > OK djm@ (mikeb@) ~ crypto/aes/Makefile > Pick the right AES source file (mikeb@) ~ crypto/aesctr/Makefile ~ crypto/aesctr/aesctr.c ~ crypto/aesxts/Makefile ~ crypto/aesxts/aes_xts.c ~ crypto/gmac/Makefile ~ crypto/gmac/gmac_test.c > Sync GMAC and AES-CTR/-XTS regress tests with the new AES code > ok djm (mikeb@) ~ crypto/cmac/Makefile ~ crypto/cmac/cmac_test.c ~ crypto/key_wrap/Makefile ~ crypto/key_wrap/key_wrap_test.c > Convert CMAC and Key Wrap regress tests over to the new AES > OK stsp@ (mikeb@) ~ netinet/ipsec/Makefile ~ netinet/ipsec/ipsec.conf > Add IPsec test for manually configured SA bundles. That does ipcomp, > and esp, and ah with one flow and three SAs in one step. Test > transport mode, locally terminated tunnel and forwarding packets > from and to tunnel. (bluhm@) usr.bin ~ ssh/unittests/Makefile.inc ~ ssh/unittests/hostkeys/mktestdata.sh ~ ssh/unittests/hostkeys/test_iterate.c ~ ssh/unittests/hostkeys/testdata/known_hosts ~ ssh/unittests/sshkey/mktestdata.sh ~ ssh/unittests/sshkey/test_file.c ~ ssh/unittests/sshkey/test_fuzz.c ~ ssh/unittests/sshkey/test_sshkey.c > remove SSHv1 support from unit tests (djm@) ~ ssh/agent-pkcs11.sh ~ ssh/agent.sh ~ ssh/banner.sh ~ ssh/broken-pipe.sh ~ ssh/brokenkeys.sh ~ ssh/cert-file.sh ~ ssh/cert-hostkey.sh ~ ssh/cert-userkey.sh ~ ssh/cfgmatch.sh ~ ssh/cipher-speed.sh ~ ssh/connect-privsep.sh ~ ssh/connect.sh ~ ssh/dynamic-forward.sh ~ ssh/exit-status.sh ~ ssh/forcecommand.sh ~ ssh/forward-control.sh ~ ssh/forwarding.sh ~ ssh/host-expand.sh ~ ssh/hostkey-agent.sh ~ ssh/integrity.sh ~ ssh/key-options.sh ~ ssh/keygen-change.sh ~ ssh/keyscan.sh ~ ssh/localcommand.sh ~ ssh/multiplex.sh ~ ssh/principals-command.sh ~ ssh/proto-mismatch.sh ~ ssh/proto-version.sh ~ ssh/proxy-connect.sh ~ ssh/putty-transfer.sh ~ ssh/reconfigure.sh ~ ssh/reexec.sh ~ ssh/stderr-after-eof.sh ~ ssh/stderr-data.sh ~ ssh/test-exec.sh ~ ssh/transfer.sh ~ ssh/try-ciphers.sh ~ ssh/yes-head.sh ~ ssh/misc/kexfuzz/kexfuzz.c > eliminate explicit specification of protocol in tests and loops over > protocol. We only support SSHv2 now. (djm@) ~ mandoc/tbl/mod/Makefile + mandoc/tbl/mod/expand-toowide.in + mandoc/tbl/mod/expand-toowide.out_ascii > When trying to expand some columns in a table where the sum of the > widths of the remaining columns is already wider than the line > length, underflowing size_t and dying from ENOMEM is the wrong plan. > Instead, simply refrain from expanding anything in such a situation, > avoiding a crash that tb@ found with afl. (schwarze@) ~ mdoclint/mdoclint > bugfix: treat .Bd -unfilled like .Bd -literal; > OK jmc@ wiz@, and also committed upstream to pkgsrc (schwarze@) ~ mdoclint/mdoclint ~ mdoclint/mdoclint.1 > Remove -P (warnings about paragraph problems). > These are fully covered by mandoc -Tlint. > OK jmc@ wiz@, and also committed to pkgsrc. (schwarze@) ~ mandoc/eqn/define/infinite.out_lint ~ mandoc/eqn/define/invalid.out_lint ~ mandoc/eqn/over/noarg.out_lint ~ mandoc/mdoc/Pp/arg.out_lint ~ mandoc/roff/cond/close.out_lint ~ mandoc/roff/cond/if.out_lint ~ mandoc/roff/de/escname.out_lint ~ mandoc/roff/de/indir.out_lint ~ mandoc/roff/ig/basic.out_lint ~ mandoc/roff/it/badarg.out_lint ~ mandoc/roff/tr/args.out_lint ~ mandoc/tbl/data/block_unclosed.out_lint ~ mandoc/tbl/data/empty.out_lint > Parser reorg: > Generate the first node on the roff level: .br > Fix some column numbers in diagnostic messages while here. (schwarze@) ~ mandoc/roff/ft/Makefile + mandoc/roff/ft/badargs-mdoc.in + mandoc/roff/ft/badargs-mdoc.out_ascii + mandoc/roff/ft/badargs-mdoc.out_lint > Move handling of the roff(7) .ft request from the man(7) > modules to the new roff(7) modules. As a side effect, > mdoc(7) now handles .ft, too. Of course, do not use that. (schwarze@) ~ mandoc/man/blank/line.out_lint ~ mandoc/mdoc/Pp/arg.out_lint ~ mandoc/roff/cond/close.out_lint > Move .sp to the roff modules. Enough infrastructure is in place > now that this actually saves code: -70 LOC. (schwarze@) ~ mandoc/roff/Makefile + mandoc/roff/ta/Makefile + mandoc/roff/ta/basic-man.in + mandoc/roff/ta/basic-man.out_ascii + mandoc/roff/ta/basic-mdoc.in + mandoc/roff/ta/basic-mdoc.out_ascii > Basic implementation of the roff(7) .ta (define tab stops) request. > This is the first feature made possible by the parser reorganization. > Improves the formatting of the SYNOPSIS in many Xenocara GL manuals. > Also important for ports, as reported by many, including naddy@. > (schwarze@) == sbin ============================================================== 06/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin init ~ init.c > Use the safe idiom of cleaning sensitive data from memory with > explicit_bzero, > instead of relying on other methods, after readpassphrase. Some programs on > this diff won't benefit that much since it happens near the terminal path, > but > someone might copy the unsafe idiom to another program and place it where > it > may leak sensitive data. > Discussed aeons ago with tb@, OK deraadt@ and beck@ (mestre@) sysctl ~ sysctl.8 > Merge headers defining identifiers from sysctl.8 into sysctl.3. Shorten and > update their descriptions. In sysctl.8 refer to /etc/sysctl.conf in FILES. > discussed with and ok jmc (tb@) == share ============================================================= 07/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man7/mandoc_char.7 > Mention that escaping "^" as "\(ha" in source code samples improves > portability, in particular when rendering to formats such as PDF > with real typesetters such as groff. > While here, make it even more explicit that the rendering of raw > ASCII accents ( ` ' ~ ^ ) found in the input is kind of a mess and > varies among implementations, software versions, macro sets, and > output devices. > Issue noticed when reading the groff_char(7) manual, and confirmed > by testing with current groff. > OK bentley@, "certainly no objection" jmc@ > N.B.: Nobody will get scolded for ignoring this subtlety. (schwarze@) - man7/kgdb.7 ~ man4/options.4 ~ man7/Makefile ~ man9/uvm.9 > Remove KGDB references. (mpi@) ~ man4/ddb.4 ~ man7/intro.7 > Fewer kgdb(7) references and fix previous. > Pointed by jmc@ (mpi@) ~ man7/man.7 ~ man7/mdoc.7 ~ man7/roff.7 > Clean up docs after today's .br and .ft code cleanup; simpler. (schwarze@) ~ man7/man.7 ~ man7/mdoc.7 ~ man7/roff.7 > Shorten the description of .sp and move it to roff(7). > If is not a macro but a low-level roff request > and not recommended for use in manual pages. (schwarze@) ~ man7/man.7 > implement .DT in terms of .ta; needed for print/ghostview, for example > (schwarze@) == sys =============================================================== 08/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ machdep.c ~ dec_kn300.c ~ dec_1000a.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ db_interface.c ~ lock_machdep.c ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/alpha/dev ~ sgmap_typedep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/alpha/tc ~ scc.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/amd64/amd64 - kgdb_machdep.c ~ trap.c ~ machdep.c ~ db_memrw.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ cpu.c ~ db_interface.c ~ lock_machdep.c ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ vmm.c > Allow setting of guest MSRs from vmd(8). This change is the first part of > a larger effort to implement vmctl send/vmctl receive (snapshot and VM > migration). > From Pratik Vyas, Siri Chandana, Harshada Mone and Ashwin Agrawal, a > group of students I am supervising. > ok kettenis (mlarkin@) ~ aesni.c ~ via.c > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) ~ fpu.c ~ vmm.c ~ vmm_support.S TAGGED OPENBSD_6_1 > OpenBSD 6.1 errata 002, May 2, 2017 > vmm(4) mismanaged floating point contexts. (jsg@) ~ vmm.c TAGGED OPENBSD_6_1 > Allow setting guest %xcr0 from vmd(8). > Tested on linux and amd64 OpenBSD guests. > Posted to tech by Pratik Vyas. (mlarkin@) ~ vmm.c TAGGED OPENBSD_6_1 > further improvement to vmm fpu handling (support avx and avx2, block > avx512 and various xsave* instructions) > tested by many (mlarkin@) arch/amd64/conf ~ files.amd64 > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ GENERIC > Remove some KGDB leftovers. > From Amit Kulkarni. (mpi@) arch/amd64/include ~ db_machdep.h ~ cpufunc.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ vmmvar.h > Allow setting of guest MSRs from vmd(8). This change is the first part of > a larger effort to implement vmctl send/vmctl receive (snapshot and VM > migration). > From Pratik Vyas, Siri Chandana, Harshada Mone and Ashwin Agrawal, a > group of students I am supervising. > ok kettenis (mlarkin@) ~ cpufunc.h ~ fpu.h ~ vmmvar.h TAGGED OPENBSD_6_1 > OpenBSD 6.1 errata 002, May 2, 2017 > vmm(4) mismanaged floating point contexts. (jsg@) ~ vmmvar.h TAGGED OPENBSD_6_1 > Allow setting guest %xcr0 from vmd(8). > Tested on linux and amd64 OpenBSD guests. > Posted to tech by Pratik Vyas. (mlarkin@) arch/arm/arm ~ undefined.c ~ fault.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ db_interface.c ~ undefined.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ bus_dma.c > Remove /* FALLTHROUGH */ that isn't (and shouldn't). (kettenis@) arch/arm/conf ~ files.arm > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) arch/arm/cortex ~ ampintc.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/arm/mainbus ~ mainbus.c > Make early attrbute work here as well. Remove unreachable panic while > there. > ok visa@, patrick@, drahn@ (kettenis@) ~ mainbus.c > Remove check for compatible property. Turns out sunxi relied on the broken > check we had before rev 1.16. > Suggested by jmatthew@ (kettenis@) arch/arm64/arm64 ~ arm64_mutex.c ~ db_interface.c ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ pmap.c > The pmap_vp_enter() function should only ever be called for userland > mappings > with the PMAP_CANFAIL flag set. Use PR_NOWAIT in the pool_get() calls such > that we return an error instead of deadlocking if we cannot allocate > a pool item. > ok drahn@ (who says this is needed for SMP as well) (kettenis@) ~ machdep.c > Zap silly diagnostic reboot message. > ok bmercer@, deraadt@ (kettenis@) ~ machdep.c > Bring boot() in line with our other architectures. > ok mpi@, deraadt@ (kettenis@) ~ cpu.c > Recognize various Cavium ThunderX cores. > ok patrick@ (kettenis@) ~ bus_dma.c > Add the missing cache flush operations for non-coherent mappings. > ok jsg@, patrick@ (kettenis@) ~ cpu.c > Now that we have a table of Cavium part numbers add the part number for > Broadcom's Vulcan design with a Cavium implementer code > (ThunderX2 T99/CN99xx). Suggested by kettenis@ (jsg@) ~ cpu.c > Print full MIDR for CPUs that can't be identified. > ok jsg@ (kettenis@) arch/arm64/conf ~ GENERIC ~ RAMDISK ~ files.arm64 > Add rkgrf(4), a driver that makes the "generic register file" of the > Rockchip > RK3399 available to other drivers through the regmap interface. (kettenis@) ~ GENERIC ~ RAMDISK > Add xhci@fdt, and move ehci(4) from the sunxi block to the generic block. > (kettenis@) ~ GENERIC ~ RAMDISK > Add rkclock(4), a driver for the Rockchip RK3399 clocks. (kettenis@) ~ GENERIC ~ RAMDISK > Add glue to attach SDHC compliant controllers using the FDT. This makes > the eMMC controller on the Rockchip RK3399 work. (kettenis@) ~ GENERIC ~ RAMDISK > Add rkpinctrl(4), a driver to configure pins on Rockchip SoCs. For now, > only the RK3399 is supported. (kettenis@) ~ GENERIC ~ RAMDISK > Add rkgpio(4), a driver to handle GPIOs on Rockchip SoCs. (kettenis@) arch/arm64/dev ~ pluart.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ mainbus.c > Make early attrbute work here as well. Remove unreachable panic while > there. > ok visa@ (kettenis@) ~ ampintc.c ~ pluart.c ~ bcm2836_intr.c ~ agintc.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ agintc.c > Fix priority handling. The interrupt priority registers expose the full > range > of priorities available in secure mode (minimally 32). For non-secure > interrupts we need to make sure the top bit is set and shift our interrupt > priority level into the remaining bits. The priority mask register on the > other hand only exposes the priority levels available to the mode from > which > it is accessed. So when accessed from non-secure mode, we need to shift > our > interrupt priority level by a different amount. > Also set the binary point register to zero to make sure the maximum number > of > available bits are used for the priority group and priority masking > actually > works as expected. > This makes the FireFly-RK3399 boot multi-user with the root filesystem on > USB. > ok drahn@ (kettenis@) ~ mainbus.c > Remove check for compatible property here as well. (kettenis@) arch/arm64/include ~ machine_reg.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) arch/arm64/stand/efiboot ~ conf.c ~ efiboot.c ~ fdt.c ~ fdt.h > Pass the address of the EFI system table and the EFI memory map through > properties in the /chosen node of the FDT. The properties match the ones > used by Linux (see Documentation/arm/uefi.txt in the Linux kernel source > tree) but with the "linux," prefix replaced by "openbsd,". > ok jmatthew@, tom@ (kettenis@) arch/armv7/armv7 ~ armv7_machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ armv7_machdep.c > Zap silly diagnostic reboot message. > ok bmercer@, deraadt@ (kettenis@) arch/armv7/broadcom ~ bcm2836_intr.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/armv7/dev ~ pluart.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ pluart.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/armv7/exynos ~ exuart.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) arch/armv7/imx ~ imxuart.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) arch/armv7/include ~ machine_reg.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) arch/armv7/omap ~ if_cpsw.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/armv7/stand/efiboot ~ fdt.c ~ fdt.h > Sync FDT code with arm64. (kettenis@) arch/armv7/sunxi - if_dwge_fdt.c ~ files.sunxi > Move dwge(4) glue into dev/fdt. (kettenis@) arch/hppa/hppa ~ db_interface.c ~ lock_machdep.c ~ locore.S ~ pmap.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/i386/conf ~ files.i386 > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ GENERIC > Remove some KGDB leftovers. > From Amit Kulkarni. (mpi@) arch/i386/i386 - kgdb_machdep.c ~ trap.c ~ machdep.c ~ db_memrw.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ cpu.c ~ db_interface.c ~ db_mp.c ~ lock_machdep.c ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ vmm.c > Matching i386 commit to previous amd64 commit (initial support for vmctl > send/receive) (mlarkin@) ~ via.c > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) arch/i386/include ~ db_machdep.h ~ cpufunc.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ vmmvar.h > Matching i386 commit to previous amd64 commit (initial support for vmctl > send/receive) (mlarkin@) arch/i386/pci ~ glxsb.c > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) arch/landisk/dev ~ power.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/landisk/landisk ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/loongson/dev ~ bonito.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/loongson/loongson ~ generic2e_machdep.c ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/luna88k/dev ~ mb89352.c ~ mb89352var.h ~ siotty.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/luna88k/luna88k ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/m88k/m88k ~ db_interface.c ~ mplock.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/macppc/dev ~ macintr.c ~ openpic.c ~ pgs.c ~ sysbutton.c ~ zs.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/macppc/macppc ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/mips64/mips64 ~ ipifuncs.c ~ lcore_ddb.S ~ lock_machdep.c ~ mutex.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/octeon/conf ~ GENERIC ~ RAMDISK ~ files.octeon > Revise MDIO driver code so that device instances can be attached > using fdt. This lets the system utilize multiple MDIO controllers. > This patch enables all RJ45 Ethernet ports on EdgeRouter Pro. > The SFP module slots do not work yet. > OK kettenis@, jmatthew@ (visa@) ~ RAMDISK ~ GENERIC > enable brgphy, which appears in the edgerouter pro (jmatthew@) arch/octeon/dev ~ cn30xxpow.c ~ cn30xxpowvar.h > Remove unused POW status functions. Makes clang happier. (visa@) ~ cn30xxgmx.c ~ cn30xxgmxvar.h ~ cn30xxsmi.c ~ cn30xxsmireg.h ~ cn30xxsmivar.h ~ if_cnmac.c > Revise MDIO driver code so that device instances can be attached > using fdt. This lets the system utilize multiple MDIO controllers. > This patch enables all RJ45 Ethernet ports on EdgeRouter Pro. > The SFP module slots do not work yet. > OK kettenis@, jmatthew@ (visa@) ~ amdcf.c ~ octcf.c > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) arch/octeon/octeon ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/powerpc/ddb ~ db_interface.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/powerpc/powerpc ~ lock_machdep.c ~ mutex.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/sgi/hpc ~ zs.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ zs.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/sgi/sgi ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/sh/dev ~ scif.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/sh/sh ~ db_interface.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/socppc/socppc ~ machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) arch/sparc64/dev ~ zs.c ~ cons.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ consinit.c ~ fd.c ~ iommu.c ~ pcons.c ~ sab.c ~ sbbc.c ~ vcons.c ~ viommu.c ~ zs.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ fd.c > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) arch/sparc64/sparc64 ~ autoconf.c ~ clock.c ~ db_interface.c ~ intr.c ~ lock_machdep.c ~ locore.s ~ pmap.c ~ vm_machdep.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ pmap.c > explicitly initialise the mutex in the kernel map. > previously it was zeroed memory from a global, which kind of looks > like a valid mutex, but we shouldnt rely on that. > ok kettenis@ (dlg@) conf ~ files > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ files > Constant time AES implementation > This introduces a 32-bit constant time AES implementation from > Thomas Pornin originally for BearSSL and then adjusted by Thomas > and myself to fit OpenBSD kernel. One of the additional features > is an API for encryption and decryption subkey expansion in the > format specified by NIST in FIPS 197. > Tested by myself and naddy@, ok djm@ (mikeb@) ~ newvers.sh TAGGED OPENBSD_6_1 > 6.1-stable (jsg@) crypto + aes.c + aes.h > Constant time AES implementation > This introduces a 32-bit constant time AES implementation from > Thomas Pornin originally for BearSSL and then adjusted by Thomas > and myself to fit OpenBSD kernel. One of the additional features > is an API for encryption and decryption subkey expansion in the > format specified by NIST in FIPS 197. > Tested by myself and naddy@, ok djm@ (mikeb@) ~ cryptosoft.c ~ gmac.c ~ gmac.h ~ xform.c ~ xform.h > Switch OCF and IPsec over to the new AES > ok djm (mikeb@) ~ aes.h > Switch glxsb(4), VIA padlock and AES-NI drivers over to the new AES > (mikeb@) ~ cmac.c ~ cmac.h ~ key_wrap.c ~ key_wrap.h > Switch 802.11 crypto over to the new AES > OK stsp@ (mikeb@) ddb ~ db_run.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ db_usrreq.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) dev ~ softraid_concat.c TAGGED OPENBSD_6_1 > OpenBSD 6.1 errata 004, May 2, 2017 > softraid(4) was unable to create usable concat volumes because > it always set the size of the volume to zero sectors. (jsg@) ~ softraid_concat.c TAGGED OPENBSD_6_0 > OpenBSD 6.0 errata 21, May 1, 2017 > softraid(4) was unable to create usable concat volumes because > it always set the size of the volume to zero sectors. (jsg@) ~ audio.c TAGGED OPENBSD_6_0 > style improvement from Michael W. Bombardieri <mb at ii.net> (ratchov@) ~ flash.c TAGGED OPENBSD_6_0 > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) dev/ata ~ wd.c > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) dev/fdt ~ files.fdt + rkgrf.c > Add rkgrf(4), a driver that makes the "generic register file" of the > Rockchip > RK3399 available to other drivers through the regmap interface. (kettenis@) ~ files.fdt + rkclock.c + rkclock_clocks.h > Add rkclock(4), a driver for the Rockchip RK3399 clocks. (kettenis@) ~ sxipio.c > Linux switched from a device-specific pinctrl binding to a the generic > version > for Allwinner devices. Implement support for the latter such that we can > use newer device trees. > ok patrick@ (kettenis@) ~ rkclock.c ~ rkclock_clocks.h > Add eMMC-related clocks. (kettenis@) ~ files.fdt + sdhc_fdt.c > Add glue to attach SDHC compliant controllers using the FDT. This makes > the eMMC controller on the Rockchip RK3399 work. (kettenis@) ~ files.fdt + rkpinctrl.c > Add rkpinctrl(4), a driver to configure pins on Rockchip SoCs. For now, > only the RK3399 is supported. (kettenis@) ~ files.fdt + if_dwge_fdt.c > Move dwge(4) glue into dev/fdt. (kettenis@) ~ sdhc_fdt.c > Configure pins and deassert resets, just in case some other board needs it. > (kettenis@) ~ rkclock.c ~ rkclock_clocks.h > Add a few GMAC related clocks and implement reset logic. (kettenis@) ~ rkclock.c > Remove unused local variable such that this actually compiles. (kettenis@) ~ files.fdt ~ rkpinctrl.c + rkgpio.c > Add rkgpio(4), a driver to handle GPIOs on Rockchip SoCs. (kettenis@) ~ if_dwge_fdt.c > Refactor this code to support the GMAC found on the Rockchip RK3399 > alongside > the GMAC found on the Allwinner A20/A31. > With this diff I can receive packets on the Firefly-RK3399. Unfortunately > sending packets doesn't seem to work yet. (kettenis@) dev/ic ~ z8530tty.c ~ z8530sc.h ~ comvar.h ~ com.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ aic6250.c ~ aic6250var.h ~ aic6360var.h ~ aic6360.c ~ com.c ~ ncr5380sbc.c ~ wd33c93.c ~ osiop.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ dwc_gmac.c > Program hardware address in dwc_gmac_init() instead of dwc_gmac_attach() > such that "ifconfig dwge0 lladdr 00:11:22:33:44:55" actually works. > (kettenis@) dev/isa ~ com_isapnp.c ~ com_isa.c ~ com_commulti.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ gus.c > Remove side effects from assignment. Fixes warning with cppcheck. > No binary change. > OK ratchov@ (bluhm@) ~ fd.c > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) dev/ofw ~ ofw_misc.c > Include <dev/ofw/ofw_misc.h> instead of <dev/ofw/ofw_pinctrl.h>. > (kettenis@) dev/pci ~ if_ix.c TAGGED OPENBSD_6_1 > MFC > Since rev 1.1 ix has attempted to require a 64 bit BAR, the test for > this was wrong and was corrected at the end of last year in rev 1.140. > Before then a 64 bit BAR was not enforced as the test was wrong. > It turns out there exist 82598 parts which have a 32 bit BAR so change > the test to only require a memory BAR and not a 64 bit memory BAR. > Problem reported by Robert Blacquiere. ok mikeb@ (jsg@) ~ if_iwmreg.h TAGGED OPENBSD_6_1 > Fix a regression in iwm(4) which made 3165 devices unusable. > When MIMO support was added several entries in the rate table index enum > got a wrong value. On most devices the firmware ended up using a Tx rate > different from the rate net80211 asked for (which is bad, but not fatal). > But on 3165 devices which do not support MIMO the firmware rightly raised > a fatal error whenever the driver mistakenly asked for a MIMO Tx rate. > Reported by Georgios Pediaditis, Steve Throckmorton, and Kai Wirt on misc@ > Thanks to benno@ for providing 3165 hardware I could use to debug this. > (stsp@) ~ if_iwm.c TAGGED OPENBSD_6_1 > If iwm_nic_lock() cannot access the device then print "acquiring device > failed" > instead of "device timeout". The latter is printed by the Tx watchdog > already. (stsp@) ~ pcidevs TAGGED OPENBSD_6_1 > add Moxa CP-104EL (jmatthew@) ~ pcidevs.h TAGGED OPENBSD_6_1 > regen (jmatthew@) ~ pucdata.c TAGGED OPENBSD_6_1 > add Moxa CP-104EL > ok kettenis@ (jmatthew@) dev/pv ~ vmmci.c > Resynchronize the guest RTC via vmmci(4) on host resume from zzz/ZZZ > (kernel part) > This feature is for OpenBSD guests only. > ok reyk, kettenis (mlarkin@) dev/sdmmc ~ sdhc.c ~ sdhcvar.h > Implement two quirks to support the Arasan eMMC 5.1 controller found on > the Rockchip RK3399. > - Make it possible to override sdhc_signal_voltage(). > - Make it possible to disable double-data rate modes. > ok patrick@ (kettenis@) dev/usb ~ dwc2/dwc2.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ uaudio.c > Remove unused (and wrong) uaudio_drain() call. From Michael W. > Bombardieri" <[email protected]>. (ratchov@) ~ if_umb.c > Byte order of IP addresses was broken on big endian machines. > MBIM already uses network byte order for IP addresses, so just > use them as they are. > ok stsp@, deraadt@ (gerhard@) ~ usbdi.c > Remove a DIAGNOSTIC test for a NULL pipe value inside a transfer, > mpi says a transfer can't exist without a pipe. ok mpi@ (jsg@) dev/wscons ~ wskbd.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) kern ~ sys_futex.c > Return ENOSYS for unsupported operation. (mpi@) - kgdb_stub.c ~ subr_prf.c > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ subr_prf.c ~ subr_userconf.c ~ subr_witness.c > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ kern_pledge.c > Stricter pledge for bpf. ok deraadt (natano@) ~ subr_disk.c > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) ~ kern_sysctl.c > Do not export the protocol PCB pointer from kernel to non-root users > also in the IPv6 case. This fixes "netstat -An -f inet6 -p tcp" > and shows 0x0. > report and OK dhill@ (bluhm@) net ~ hfsc.c ~ hfsc.h ~ pf_ioctl.c ~ pfvar.h > Provide pluggable queueing interface for pf > By hiding H-FSC behind pfq_ops structure similar to the ifq_ops, > we provide a possibility to plug alternative queueing interfaces > for use in pf. This reduces amount of H-FSC specific code in the > pf ioctl handler > While here, change the the order of elements in hfsc_class_stats > to provide some compatibility between queue stat structures of > different traffic conditioners. > No objections from henning@, ok sthen@ (mikeb@) ~ ifq.c ~ ifq.h > add ifq_mfreem() so ifq backends can free packets during dequeue. > a goal of the ifq api is to avoid freeing an mbuf while holding a > lock. to acheive this it allowed the backend enqueue operation to > return a single mbuf to be freed. however, mikeb@ is working on a > backend that wants to free packets during dequeue. to support this, > ifq_mfreem queues a packet during dequeue for freeing at the end > of the ifq serialiser. > there's some doco in ifq.h about it. > requested by mikeb@ (dlg@) ~ ifq.h > update the stack doco to match reality. > i hadnt documented that api changes made to support multiple ifqueues > on a single ifnet. > a glaring omission is doco for if_attach_queues, but that should > go into a manpage for driver writers to read, not internal doco on > the stack. (dlg@) ~ ifq.c ~ ifq.h > Provide a function to dispose of a list of mbufs on dequeue > ifq_mfreeml() is similar to the ifq_mfreem(), but takes an mbuf list > as an argument. This also lets these functions subtract the number > of packets to be disposed of from the ifq length. > OK dlg (mikeb@) ~ bpf.c ~ bridgectl.c ~ if.c ~ if_dl.h ~ if_gif.c ~ if_mpe.c ~ if_mpw.c ~ if_pppx.c ~ if_vxlan.c ~ pf.c ~ pipex.c ~ pipex_local.h > Introduce sstosa() for converting sockaddr_storage with a type safe > inline function instead of casting it to sockaddr. While there, > use inline instead of __inline for all these conversions. Some > struct sockaddr casts can be avoided completely. > OK dhill@ mpi@ (bluhm@) + fq_codel.c + fq_codel.h > Implementation of the Flow Queue - Controlled Delay (FQ-CoDel) > The purpose of FQ-CoDel is to provide fair sharing of bandwidth > between simultaneous connections and reduce latency differences > among them. > OK mpi, sthen, visa (mikeb@) ~ if_etherip.c > If m is not a continuous mbuf cluster, m_pullup() in pr_input may > change the pointer. Then *mp keeps the invalid pointer and it might > be used. Fix the potential use after free and also reset *mp in > other places to have less dangling pointers to freed mbufs. > OK mpi@ mikeb@ (bluhm@) ~ pfkeyv2.c ~ pfkeyv2_convert.c > Expand SA_LEN(), there is no benefit for using the macro in the > kernel. It was only used in IPsec sources. No binary change > OK deraadt@ (bluhm@) ~ pf.c > Put back the call to pf_remove_src_node lost in the netlock backout > Reported by Remi Barbier, thanks! OK mpi@ (mikeb@) ~ pf.c TAGGED OPENBSD_6_1 > Put back the call to pf_remove_src_node lost in the netlock backout > Reported by Remi Barbier, thanks! OK mpi@ (mikeb@) ~ fq_codel.c TAGGED OPENBSD_6_1 > Fix stage transition from the initial one to DROPPING > When the initial state is set to DROPPING, the code immediately > jumps to a CONTROL state bypassing DROPPING. To fix this we start > with an explicit INITIAL state so that we do an INITIAL->DROPPING > transition right off the bat in the beginning of the loop and > then perform a DROPPING->CONTROL and either CONTROL->DROPPING and > restart the loop or CONTROL->RECOVERY/ACCEPTING and terminate. (mikeb@) net80211 ~ ieee80211_input.c > Fix a problem with associating to wifi networks with a hidden SSID. > If an AP is configured to hide its SSID it sends a non-zero length SSID > which contains only zeroes. The AP sends its actual SSID only in probe > responses after a client includes this SSID in a probe request. > If we happened to receive a beacon before the probe response we stored a > non-zero-length SSID of zeroes and never updated the SSID when the probe > response arrived. The client was then unable to find the AP. > test & ok jung@ (stsp@) ~ ieee80211_crypto.c ~ ieee80211_crypto_bip.c ~ ieee80211_crypto_ccmp.c > Switch 802.11 crypto over to the new AES > OK stsp@ (mikeb@) netinet ~ ip_esp.c > Switch OCF and IPsec over to the new AES > ok djm (mikeb@) ~ tcp_input.c > Back out rev 1.185 (which made the code match the comment) and > adjust the comment to match reality (or at least rfc7323) instead. > This brings us back in line with the behavior of Net and Free. > From Lauri Tirkkonen. OK bluhm@ (millert@) ~ in.c ~ in.h ~ ip_ipip.c ~ tcp_subr.c > Introduce sstosa() for converting sockaddr_storage with a type safe > inline function instead of casting it to sockaddr. While there, > use inline instead of __inline for all these conversions. Some > struct sockaddr casts can be avoided completely. > OK dhill@ mpi@ (bluhm@) ~ igmp.c ~ ip_carp.c ~ ip_gre.c ~ ip_icmp.c ~ ip_ipip.c ~ tcp_input.c ~ udp_usrreq.c > If m is not a continuous mbuf cluster, m_pullup() in pr_input may > change the pointer. Then *mp keeps the invalid pointer and it might > be used. Fix the potential use after free and also reset *mp in > other places to have less dangling pointers to freed mbufs. > OK mpi@ mikeb@ (bluhm@) ~ ip_ipsp.c ~ ipsec_input.c > Expand SA_LEN(), there is no benefit for using the macro in the > kernel. It was only used in IPsec sources. No binary change > OK deraadt@ (bluhm@) ~ ip_ipip.c ~ ip_ipsp.c ~ ip_ipsp.h > Convert the xformsw definition to C99 style initializer. Also fix > the function declaration of ipe4_input() and avoid a wrong cast. > OK mikeb@ dhill@ (bluhm@) ~ tcp_input.c ~ udp_usrreq.c > Checking for IPv4 mapped addreses and dropping the packet is done > in ip6_input(). Do not check that again in the protocol input > functions. > OK mpi@ (bluhm@) netinet6 ~ ip6_output.c > Change the ip6_setmoptions() function to receive the rdomain as a new > parameter. This makes the ip6_setmoptions() function look more like the > ipv4 version and fixes a problem with IPV6_JOIN_GROUP when no interface > is specified. > ok bluhm@ (rzalamena@) ~ mld6.c > Reset the MLD default ip6_opts by using ip6_initpktopts(). This fixes a > problem with MLD packets being sent with hlim set to zero. > with suggestion from and ok bluhm@ (rzalamena@) ~ in6.c ~ in6.h > Introduce sstosa() for converting sockaddr_storage with a type safe > inline function instead of casting it to sockaddr. While there, > use inline instead of __inline for all these conversions. Some > struct sockaddr casts can be avoided completely. > OK dhill@ mpi@ (bluhm@) ~ icmp6.c > If m is not a continuous mbuf cluster, m_pullup() in pr_input may > change the pointer. Then *mp keeps the invalid pointer and it might > be used. Fix the potential use after free and also reset *mp in > other places to have less dangling pointers to freed mbufs. > OK mpi@ mikeb@ (bluhm@) ~ raw_ip6.c > Checking for IPv4 mapped addreses and dropping the packet is done > in ip6_input(). Do not check that again in the protocol input > functions. > OK mpi@ (bluhm@) scsi ~ cd.c ~ sd.c > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) sys - kgdb.h ~ systm.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ systm.h > Rename Debugger() into db_enter(). > Using a name with the 'db_' prefix makes it invisible from the dynamic > profiler. > ok deraadt@, kettenis@, visa@ (mpi@) ~ mbuf.h > Provide a signed 64 bit integer timestamp in the mbuf packet header > The precision of the timestamp is not fixed yet, but there's a strong > argument to measure it in nanoseconds. > With suggestions from kettenis, dlg, miod and deraadt. > OK deraadt@, sthen@ (mikeb@) ~ socket.h > Introduce sstosa() for converting sockaddr_storage with a type safe > inline function instead of casting it to sockaddr. While there, > use inline instead of __inline for all these conversions. Some > struct sockaddr casts can be avoided completely. > OK dhill@ mpi@ (bluhm@) ~ disk.h > Also pass the blk offset to disk_unbusy(), so that it can pass it to > the random subsystem as entropy. This value is pretty much unknown, > and anyways our entropy input ring does not saturate from knowns. > ok mikeb djm (deraadt@) ~ mbuf.h > Backout previous as it's causing problems on architectures that align > 64 bit integers on an 8 byte boundary such as armv7. MHLEN calculation > doesn't account for padding bytes inserted by the compiler after m_hdr. > Found the hard way by kettenis@. (mikeb@) uvm ~ uvm_glue.c ~ uvm_extern.h > Unifdef KGDB. > It doesn't compile und hasn't been working during the last decade. > ok kettenis@, deraadt@ (mpi@) ~ uvm_vnode.c > Mark uvm_sync_lock as vnode'ish for witness purposes, as it is taken > between mount locks and inode locks, which may been recorded in either > order > ok visa@ (guenther@) == usr.bin =========================================================== 09/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin encrypt ~ encrypt.c > Use the safe idiom of cleaning sensitive data from memory with > explicit_bzero, > instead of relying on other methods, after readpassphrase. Some programs on > this diff won't benefit that much since it happens near the terminal path, > but > someone might copy the unsafe idiom to another program and place it where > it > may leak sensitive data. > Discussed aeons ago with tb@, OK deraadt@ and beck@ (mestre@) less ~ tags.c > While freeing tag entries, make sure to free the copied strings. > From Anton Lindqvist. OK tobias@ nicm@ (millert@) lex ~ Makefile > Move FlexLexer.h from /usr/include/g++ to /usr/include. It is not > a g++-specific header and this matches most other systems. Needed > to use flex++ with clang. OK espie@ kettenis@ (millert@) ~ flex.skl > Update yy_buf_size after yyrealloc(). The fix has been merged > upstream as well. (millert@) lock ~ lock.c > Use the safe idiom of cleaning sensitive data from memory with > explicit_bzero, > instead of relying on other methods, after readpassphrase. Some programs on > this diff won't benefit that much since it happens near the terminal path, > but > someone might copy the unsafe idiom to another program and place it where > it > may leak sensitive data. > Discussed aeons ago with tb@, OK deraadt@ and beck@ (mestre@) mandoc ~ out.c > When trying to expand some columns in a table where the sum of the > widths of the remaining columns is already wider than the line > length, underflowing size_t and dying from ENOMEM is the wrong plan. > Instead, simply refrain from expanding anything in such a situation, > avoiding a crash that tb@ found with afl. (schwarze@) ~ man.c > A few days ago, a patch from <G dot Branden dot Robinson at gmail dot com> > got committed to groff which changed .TP from using .it to using .itc, > such that groff now supports more than one man(7) macro line in the .TP > head if all but the last line in the head end with \c. > Of course, relying on that behaviour is utterly non-portable, but if > authors are reckless enough to use that idiom, let's do what they want. > (schwarze@) ~ man_html.c ~ man_macro.c ~ man_term.c ~ man_validate.c ~ mandocdb.c ~ mdoc_argv.c ~ mdoc_html.c ~ mdoc_macro.c ~ mdoc_man.c ~ mdoc_markdown.c ~ mdoc_state.c ~ mdoc_term.c ~ mdoc_validate.c ~ roff.c ~ roff.h > Parser reorg: > Generate the first node on the roff level: .br > Fix some column numbers in diagnostic messages while here. (schwarze@) ~ Makefile ~ html.h ~ man_html.c ~ man_term.c ~ mdoc_html.c ~ mdoc_term.c ~ term.h + roff_html.c + roff_term.c > Start roff formatter modules for HTML and termininal output, > used by both the mdoc and man formatters, with the ultimate > goal of reducing code duplication between the two macro formatters. > Made possible by the parser unification. > Add the first formatting function (for the .br request). (schwarze@) ~ Makefile ~ man_html.c ~ man_macro.c ~ man_term.c ~ man_validate.c ~ mdoc_html.c ~ mdoc_man.c ~ mdoc_markdown.c ~ mdoc_term.c ~ mdoc_validate.c ~ roff.c ~ roff.h ~ roff_html.c ~ roff_term.c + roff_validate.c > Move handling of the roff(7) .ft request from the man(7) > modules to the new roff(7) modules. As a side effect, > mdoc(7) now handles .ft, too. Of course, do not use that. (schwarze@) ~ man_html.c ~ man_macro.c ~ man_term.c ~ man_validate.c ~ mandocdb.c ~ mdoc_argv.c ~ mdoc_html.c ~ mdoc_macro.c ~ mdoc_man.c ~ mdoc_markdown.c ~ mdoc_state.c ~ mdoc_term.c ~ mdoc_validate.c ~ roff.c ~ roff.h ~ roff_term.c ~ roff_validate.c > move .ll to the roff modules (schwarze@) ~ man.c ~ man_html.c ~ man_macro.c ~ man_term.c ~ man_validate.c ~ mandocdb.c ~ mdoc.c ~ mdoc_argv.c ~ mdoc_html.c ~ mdoc_macro.c ~ mdoc_man.c ~ mdoc_markdown.c ~ mdoc_state.c ~ mdoc_term.c ~ mdoc_validate.c ~ roff.c ~ roff.h ~ roff_html.c ~ roff_term.c ~ roff_validate.c > Move .sp to the roff modules. Enough infrastructure is in place > now that this actually saves code: -70 LOC. (schwarze@) ~ Makefile ~ man_term.c ~ mdoc_man.c ~ mdoc_term.c ~ roff.c ~ roff.h ~ roff_html.c ~ roff_term.c ~ roff_validate.c ~ term.c ~ term.h ~ term_ascii.c + term_tab.c > Basic implementation of the roff(7) .ta (define tab stops) request. > This is the first feature made possible by the parser reorganization. > Improves the formatting of the SYNOPSIS in many Xenocara GL manuals. > Also important for ports, as reported by many, including naddy@. > (schwarze@) ~ man_term.c > implement .DT in terms of .ta; needed for print/ghostview, for example > (schwarze@) netstat ~ inet.c > For TCP sockets netstat -A must print the address of the TCP protocol > control block. This is documented in fstat(1) and makes it possible > to compare the values from both tools. > OK sthen@ (bluhm@) openssl ~ ca.c > Fix the ca command so that certs it generates have RFC5280 conformant time. > Problem noticed by Harald Dunkel <[email protected]> (beck@) ~ Makefile > Limit -Werror to gcc4 as was done in libcrypto/libssl/libtls to avoid > failed builds with different compilers. > ok jsing@ (jsg@) skey ~ skey.c > Use the safe idiom of cleaning sensitive data from memory with > explicit_bzero, > instead of relying on other methods, after readpassphrase. Some programs on > this diff won't benefit that much since it happens near the terminal path, > but > someone might copy the unsafe idiom to another program and place it where > it > may leak sensitive data. > Discussed aeons ago with tb@, OK deraadt@ and beck@ (mestre@) ssh ~ Makefile.inc ~ authfd.c ~ authfile.c ~ cipher.c ~ compat.c ~ hostfile.c ~ kex.c ~ opacket.c ~ packet.c ~ readconf.c ~ ssh-add.c ~ ssh-agent.c ~ ssh-keygen.c ~ ssh-keyscan.c ~ ssh.c ~ sshconnect.c ~ sshkey.c > unifdef WITH_SSH1 > ok markus@ (djm@) ~ compat.c ~ readconf.c ~ readconf.h ~ ssh.c ~ sshconnect.c > remove options.protocol and client Protocol configuration knob > ok markus@ (djm@) ~ channels.c ~ channels.h ~ clientloop.c ~ compat.c ~ compat.h ~ dispatch.c ~ nchan.c ~ packet.c ~ packet.h ~ ssh-keyscan.c ~ ssh.c ~ ssh_api.c ~ sshconnect.c ~ sshd.c ~ ttymodes.c > remove compat20/compat13/compat15 variables > ok markus@ (djm@) - cipher-3des1.c - cipher-bf1.c ~ cipher.c ~ cipher.h ~ readconf.c ~ readconf.h ~ ssh.c ~ sshkey.c > remove SSHv1 ciphers; ok markus@ (djm@) ~ Makefile.inc ~ lib/Makefile ~ ssh/Makefile > remove SSH1 make flag and associated files > ok markus@ (djm@) ~ readconf.c ~ readconf.h ~ ssh.1 ~ ssh_config ~ ssh_config.5 > remove SSHv1 configuration options and man pages bits > ok markus@ (djm@) ~ clientloop.c ~ hostfile.c ~ ssh-agent.c ~ ssh-keygen.1 ~ ssh-keygen.c ~ ssh-keyscan.1 ~ ssh-keyscan.c ~ ssh.c ~ ssh.h ~ sshconnect.c ~ sshconnect2.c ~ sshd.c ~ sshkey.c ~ sshkey.h > remove KEY_RSA1 > ok markus@ (djm@) ~ clientloop.c > remove SSHv1-related buffers from client code (djm@) ~ bufbn.c ~ buffer.h ~ packet.c ~ packet.h > remove SSHv1 support from packet and buffer APIs > ok markus@ (djm@) ~ Makefile.inc > undo some local debugging stuff that I committed by accident (djm@) ~ LICENCE ~ deattack.c ~ deattack.h ~ packet.c ~ lib/Makefile > remove the (in)famous SSHv1 CRC compensation attack detector. > Despite your cameo in The Matrix movies, you will not be missed. > ok markus (djm@) ~ ttymodes.c ~ ttymodes.h > purge the last traces of SSHv1 from the TTY modes handling code > ok markus (djm@) ~ scp.1 ~ scp.c ~ ssh.h > exterminate the -1 flag from scp > ok markus@ (djm@) ~ channels.c ~ channels.h ~ clientloop.c ~ dispatch.c ~ nchan.c ~ packet.c ~ ssh-keyscan.c ~ ssh.c ~ ssh1.h > obliterate ssh1.h and some dead code that used it > ok markus@ (djm@) ~ ssh-agent.c > flense SSHv1 support from ssh-agent, considerably simplifying it > ok markus (djm@) ~ cipher.c > fixup setting ciphercontext->plaintext (lost in SSHv1 purge), though > it isn't really used for much anymore. (djm@) ~ sshconnect.c > remove unused variable (djm@) - deattack.c - deattack.h - ssh1.h > don't know why cvs didn't exterminate these the first time around, > I use rm -f and everuthing... > pointed out by sobrado@ (djm@) - sshconnect1.c > this one I did forget to "cvs rm" (djm@) ~ bitmap.c > when freeing a bitmap, zero all it bytes; spotted by Ilya Kaliman (djm@) ~ ssh-keygen.1 > tidy up -O somewhat; ok djm (jmc@) ~ scp.c ~ ssh.c > remove options -12 from usage(); (jmc@) ~ sftp.1 ~ sftp.c > remove -1 / -2 options; pointed out by jmc@ (djm@) ~ ssh-keygen.1 > more -O shuffle; ok djm (jmc@) ~ scp.1 ~ sftp.1 ~ ssh.1 > remove now obsolete protocol1 options from the -o lists; (jmc@) ~ sftp.1 > add PubKeyAcceptedKeyTypes to the -o list: scp(1) has it, so i guess > this should too; (jmc@) ~ ssh-keygen.1 ~ ssh-keyscan.1 > rsa1 is no longer valid; (jmc@) ~ sftp.1 ~ ssh-add.1 ~ ssh-keygen.1 ~ ssh.1 > more protocol 1 stuff to go; ok djm (jmc@) ~ ssh_config > more protocol 1 bits removed; ok djm (jmc@) ~ clientloop.c ~ kex.h ~ opacket.h ~ packet.c ~ packet.h ~ pathnames.h ~ ssh.h ~ ssh_config.5 ~ sshkey.h > remove miscellaneous SSH1 leftovers; ok markus@ (naddy@) ~ scp.1 ~ sftp.1 ~ ssh.1 ~ ssh_config.5 > restore mistakenly deleted description of the ConnectionAttempts option > ok markus@ (naddy@) ~ cipher.c ~ cipher.h > another tentacle: cipher_set_key_string() was only ever used for SSHv1 > (djm@) ~ authfd.c ~ ssh-add.c > since a couple of people have asked, leave a comment explaining why we > retain SSH v.1 support in the "delete all keys from agent" path. (djm@) ~ ssh-add.1 ~ ssh-keygen.1 ~ ssh.1 > remove superfluous protocol 2 mentions; ok jmc@ (naddy@) ~ authfd.c ~ authfd.h ~ pathnames.h ~ ssh-add.c ~ sshconnect2.c > more simplification and removal of SSHv1-related code; ok djm@ (naddy@) ~ sshd_config.5 ~ sshd.8 ~ ssh_config.5 ~ ssh_config ~ packet.c ~ cipher.c ~ cipher.h > As promised in last release announcement: remove support for > Blowfish, RC4 and CAST ciphers. ok markus@ deraadt@ (djm@) ~ myproposal.h > Don't offer CBC ciphers by default in the client. ok markus@ (djm@) ~ ssh-keygen.c ~ ssh-rsa.c ~ ssh.h ~ ssherr.c ~ ssherr.h ~ sshkey.c ~ sshkey.h > Refuse RSA keys <1024 bits in length. Improve reporting for keys that > do not meet this requirement. ok markus@ (djm@) systat ~ pftop.c > Remove unused PRIO column from the queueing display; ok sthen@ (mikeb@) tmux ~ cfg.c ~ cmd-display-message.c ~ cmd-list-buffers.c ~ cmd-list-clients.c ~ cmd-list-keys.c ~ cmd-list-panes.c ~ cmd-list-sessions.c ~ cmd-list-windows.c ~ cmd-pipe-pane.c ~ cmd-queue.c ~ format.c ~ names.c ~ screen-redraw.c ~ server-client.c ~ status.c ~ tmux.h ~ window-choose.c > In order that people can use formats like #D in #() in the status line > and not have to wait for an update when they change pane, we allow > commands to run more than once a second if the expanded form > changes. Unfortunately this can mean them being run far too often > (pretty much continually) when multiple clients exist, because some > formats (including #D) will always differ between clients. > To avoid this, give each client its own tree of jobs which means that > the same command will be different instances for each client - similar > to how we have the tag to separate commands for different panes. > GitHub issue 889; test case reported by Paul Johnson. (nicm@) ~ format.c ~ status.c ~ tmux.1 ~ tmux.h ~ window-copy.c > Add a format for the last search string in copy mode and fix the prompt > so it can work when in -I, suggested by Suraj N Kurapati. (nicm@) ~ cmd-switch-client.c ~ control-notify.c ~ notify.c ~ session.c ~ tmux.1 ~ tmux.h ~ window.c > Some new notifications, mainly for active pane and current window and > session: > pane-mode-changed > window-pane-changed > client-session-changed > session-window-changed > From Joshua Brot. (nicm@) ~ format.c ~ tmux.1 > Add some formats to look at the session window stack, suggested by Scott > ROCHFORD. (nicm@) ~ input-keys.c ~ key-bindings.c ~ server-client.c ~ tmux.h ~ tty-keys.c ~ xterm-keys.c > Up to now, tmux sees \033\033[OA as M-Up and since we turned on > xterm-keys by default, generates \033[1;3A instead of > \033\033[OA. Unfortunately this confuses vi, which doesn't understand > xterm keys and now sees Escape+Up pressed within escape-time as Escape > followed by A. > The issue doesn't happen in xterm itself because it gets the keys from X > and can distinguish between a genuine M-Up and Escape+Up. > Because xterm can, tmux can too: xterm will give us \033[1;3A (that is, > kUP3) for a real M-Up and \033\033OA for Escape+Up - in fact, we can be > sure any \033 preceding an xterm key is a real Escape key press because > Meta would be part of the xterm key instead of a separate \033. > So change tmux to recognise both sequences as M-Up for its own purposes, > but generate the xterm version of M-Up only if it originally received > the xterm version from the terminal. > This means we will return to sending \033\033OA instead of the xterm key > for terminals that do not support xterm keys themselves, but there is no > practical way around this because they do not allow us to distinguish > between Escape+Up and M-Up. xterm style escape sequences are now the de > facto standard for these keys in any case. > Problem reported by jsing@ and subsequently by Cecile Tonglet in GitHub > issue 907. (nicm@) ~ format.c ~ tmux.1 ~ tmux.h ~ window-choose.c ~ window-clock.c ~ window-copy.c > Add a format for the name of the pane's mode, lets it be used as a > conditional for key bindings. (nicm@) units ~ units.lib > update currency exchange rates; (jmc@) x99token ~ x99token.c > Use the safe idiom of cleaning sensitive data from memory with > explicit_bzero, > instead of relying on other methods, after readpassphrase. Some programs on > this diff won't benefit that much since it happens near the terminal path, > but > someone might copy the unsafe idiom to another program and place it where > it > may leak sensitive data. > Discussed aeons ago with tb@, OK deraadt@ and beck@ (mestre@) == usr.sbin ========================================================== 10/10 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin config ~ config.8 > Remove KGDB references. (mpi@) ~ config.8 > Fewer kgdb(7) references and fix previous. > Pointed by jmc@ (mpi@) ~ config.8 > Document that -u wants to read from /dev/mem, so it needs kern.allowkmem=1. > Problem reported by jdd () cs ! toronto ! edu on bugs. > ok brynet deraadt jmc (tb@) dhcpd ~ conflex.c ~ confpars.c ~ dhcp.c ~ dhcpd.conf.5 ~ dhcpd.h ~ dhctoken.h TAGGED OPENBSD_6_1 > OpenBSD 6.1 errata 001, May 2, 2017 > dhcpd(8) unconditionally echoed client identifier. Add parameter > "echo-client-id" to allow this behaviour to be turned off. (jsg@) installboot ~ Makefile ~ armv7_installboot.c > Add arm64 support. > ok tom@ (kettenis@) ocspcheck ~ Makefile > Limit -Werror to gcc4 as was done in libcrypto/libssl/libtls to avoid > failed builds with different compilers. > ok jsing@ (jsg@) relayd ~ relayd.c > Convert explicit_bzero() + free() to freezero(). > OK reyk@, deraadt@ (previous version) (fcambus@) smtpd ~ table.c > in function used for tracing, display unknown lookup types as "???" > diff from Wolf480pl (gilles@) syspatch ~ syspatch.sh > Tweak error message when running on an unsupported release. (ajacoutot@) ~ syspatch.sh > - Don't make an empty syspatch/ repo an error; having no available patch > is perfectly legit. > - Abort immediately if we cannot reach our mirror server listed in > installurl. > - Return a proper error code when running without arguments and we cannot > list the available patches. (ajacoutot@) ~ syspatch.sh > Output explicit error messages for: > - trying to install files mounted on a remote FS (diskless clients etc.) > - read-only FS > - not enough space on FS > These were all properly catched before (syspatch would refuse to do > anything) > but the error message was a bit cryptic. (ajacoutot@) ~ syspatch.sh > Expand comment and bump copyright while here. (ajacoutot@) ~ syspatch.8 ~ syspatch.sh > Add a `-R' switch that reverts all patches. > prodded by deraadt@ > knobs sorting input jmc@ > ok sthen@ (ajacoutot@) tokeninit ~ tokeninit.c > Use the safe idiom of cleaning sensitive data from memory with > explicit_bzero, > instead of relying on other methods, after readpassphrase. Some programs on > this diff won't benefit that much since it happens near the terminal path, > but > someone might copy the unsafe idiom to another program and place it where > it > may leak sensitive data. > Discussed aeons ago with tb@, OK deraadt@ and beck@ (mestre@) vmctl ~ main.c > Report error for vmctl commands that need root privileges. > specifically: vmctl (load|reload|reset|log) > Reported by Christian Barthel (reyk@) ~ main.c > Report command failure back to vmctl reload, reset, load, log verbose. > OK mlarkin@ (reyk@) vmd ~ vm.c > Matching vmd(8) part of previous diff (first part of vmctl send/receive). > ok kettenis (mlarkin@) ~ vm.c > fix an error in i386 vmd build (mlarkin@) ~ mc146818.c ~ virtio.c ~ virtio.h > Resynchronize the guest RTC via vmmci(4) on host resume from zzz/ZZZ > (vmd part) > This feature is for OpenBSD guests only. > ok reyk, kettenis (mlarkin@) ~ parse.y > Sort parser tokens, no functional change (reyk@) ~ config.c ~ parse.y ~ priv.c ~ vm.conf.5 ~ vmd.c ~ vmd.h > Add support for rdomains. > This allows to configure VM interfaces and switches in individual rdomains. > OK mlarkin@ (reyk@) ~ control.c > Report error for vmctl commands that need root privileges. > specifically: vmctl (load|reload|reset|log) > Reported by Christian Barthel (reyk@) ~ control.c ~ vmd.c ~ vmd.h > Report command failure back to vmctl reload, reset, load, log verbose. > OK mlarkin@ (reyk@) ~ vm.c > Allow vmd(8) to set guest %xcr0 > Usermode part of previous vmm(4) diff. > Posted to tech by Pratik Vyas (mlarkin@) ~ vm.c > VMs cannot use proc_compose() to PROC_VMM, they have to use > imsg_compose() on the "vmm_pipe" directly. This fixes the > communication channel from VMs back to vmm. (reyk@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
