OpenBSD src changes summary for 2017-05-21 to 2017-05-28 inclusive ==================================================================
Makefile.cross bin/chmod bin/ksh bin/md5 distrib/miniroot distrib/sets distrib/special etc/etc.loongson/MAKEDEV etc/etc.loongson/MAKEDEV.md etc/netstart etc/rc.d/rc.subr etc/rc.d/ypbind games/robots games/trek lib/libc lib/libcrypto lib/librthread libexec/getty libexec/rpc.rstatd libexec/rpc.rwalld libexec/talkd regress/bin regress/lib regress/sys regress/usr.bin sbin/dhclient sbin/iked sbin/pfctl sbin/wsconsctl share/man share/misc sys/arch/alpha/alpha sys/arch/amd64/amd64 sys/arch/amd64/conf sys/arch/amd64/include sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/arm64/include sys/arch/armv7/conf sys/arch/armv7/exynos sys/arch/i386/conf sys/arch/i386/i386 sys/arch/i386/include sys/arch/loongson/conf sys/arch/loongson/include sys/arch/loongson/loongson sys/arch/mips64/conf sys/arch/mips64/include sys/arch/mips64/mips64 sys/arch/sparc64/conf sys/arch/sparc64/dev sys/arch/sparc64/include sys/arch/sparc64/sparc64 sys/conf sys/ddb sys/dev/acpi sys/dev/fdt sys/dev/ic sys/dev/pci sys/dev/pv sys/dev/usb sys/dev/wscons sys/kern sys/lib/libkern sys/lib/libsa sys/net sys/netinet sys/netinet6 sys/sys sys/uvm usr.bin/banner usr.bin/cvs usr.bin/doas usr.bin/encrypt usr.bin/libtool usr.bin/nc usr.bin/patch usr.bin/signify usr.bin/ssh usr.bin/systat usr.bin/talk usr.bin/tmux usr.bin/yacc usr.sbin/acme-client usr.sbin/bgpd usr.sbin/httpd usr.sbin/identd usr.sbin/ikectl usr.sbin/ldapd usr.sbin/radiusd usr.sbin/relayd usr.sbin/sasyncd usr.sbin/slaacctl usr.sbin/slaacd usr.sbin/slowcgi usr.sbin/smtpd usr.sbin/syspatch usr.sbin/tcpdump usr.sbin/tftp-proxy usr.sbin/tftpd usr.sbin/traceroute usr.sbin/user usr.sbin/vmd == Makefile.cross ==================================================== 01/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/Makefile.cross Makefile.cross > Adjust cross-toolchain environment to the changes in the clang build > fabric. Since we now also build and use LLVM's lld we can copy lld to > the proper directory akin to what we do with clang. Build compiler-rt > early as it is needed for building libc. > "go for it" mpi@ (patrick@) == bin =============================================================== 02/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin chmod ~ Makefile ~ chmod.c ~ chown.8 > chown: Remove SUPPORT_DOT ifdef - it's on by default for 22 years > The old syntax was deprecated 25 years ago when the utility was > first standardised in IEEE Std 1003.2-1992 ("POSIX.2"). There was > no POSIX version of chown with the dot separator. > Let's stop pretending that it will ever go away. > OK jung@, deraadt@, jmc@ (awolk@) ksh ~ sh.1 > document behaviour when CDPATH unset; > requested by a mail on misc, via otto; > ok otto (jmc@) ~ vi.c > Fix cursor position while removing characters from the command line. > While here, remove a condition that becomes redundant. > ok schwarze@ tb@ (anton@) md5 ~ md5.c > obvious use for freezero() (deraadt@) == distrib =========================================================== 03/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Ensure a clean initial state (e.g. in case of an installer restart) > by moving setting ulimit, unmounting all filesystems and cleaning up > the dhcp state upwards to before sourcing install.md. > OK tb@ > While here, 1>/dev/null -> >/dev/null. (rpe@) ~ install.sub > No need to trim a trailling blank, bsort (in scan_dmesg) does not > emit one anymore. (rpe@) ~ install.sub > The DISPLAY variable is actually not a global variable as it's used > only once in questions(). Use scan_dmesg() output directly to test > for wsdisplay* in dmesg.boot instead. > Change comment, now that it only refers to setting CONSOLE. > no objection tb@ (rpe@) ~ install.sub > Replace various echo "..."; exit 1 with a new err_exit() function. > diskussed with tb@ and halex@ > OK krw@ on a similar diff (rpe@) ~ install.sub > Move the code that runs the installer script in non-interactive > mode into a dedicated do_autoinstall() function. > OK halex@, krw@ (rpe@) ~ install.sub > De-duplicate sets selection instructions, and give a short example. > Still one lines shorter. > Input and okay from tedu@ and deraadt@; also a "weak" okay from sthen@. > (zhuk@) ~ install.sub > Remove _mode variable and use AI_MODE directly instead. Use the > exit code of ftp consistently to determine success of fetching the > response file. > discussed with and OK tb@ (rpe@) sets ~ lists/comp/mi > sync (jsg@) special ~ signify/Makefile > when copying curvy files from ssh, an extra one snuck in. > signify doesn't do any kex stuff and doesn't need scalarmult. (tedu@) == etc =============================================================== 04/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc etc.loongson/MAKEDEV ~ etc.loongson/MAKEDEV > regen (visa@) etc.loongson/MAKEDEV.md ~ etc.loongson/MAKEDEV.md > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) netstart ~ netstart > etc/netstart: use colon separator instead of dot with chown > OK jung@, deraadt@, jmc@ (awolk@) rc.d/rc.subr ~ rc.d/rc.subr > Add an ALRM timer to cope with 2 annoying issues in rc.d(8): > - prevent a daemon from hanging the boot > (typo in your flagsm e.g. httpd_flags=-d) > - make sure we can get the status of a backgrounded daemon instead of > always > returning success > Side effect of this is that we can kill a knob! rip rc_bg :-) > Ports will need love, and a second commit is coming for that. > The diff is small yet not trivial so I am committing early in the release > process in one shot so it can easily be reverted if needed. I started > working on > this during g2k16 in Cambridge then finished it in Brisbane for a2k17 where > robert@, beck@ and sthen@ agreed it was the correct way to go and I should > move > ahead with it post 6.1. > If you see any regression, please talk to me! (ajacoutot@) ~ rc.d/rc.subr > Ok turns out we still want to keep the rc_bg variable around but we need > to know which daemon cannot background themselves (actually we want to > know the opposite, but there are much more). However, it's only needed in > _rc_wait and rc.subr still does its magic without the need to add `&'. > (ajacoutot@) ~ rc.d/rc.subr > Drop useless lines continuation; no functional change. (ajacoutot@) ~ rc.d/rc.subr > When a daemon reaches its timeout when starting, display "timeout" instead > of "ok" so the user is warned and has a chance to fix it (most of the time > due to bogus flags). Daemons reaching the timeout without being able to > start are still marked as "failed" (which should also give a clue to the > user that some investigation is needed). > prodded by beck@ a while ago > discussed with and ok sthen@ (ajacoutot@) ~ rc.d/rc.subr > Indent and rename var; no functional change. (ajacoutot@) ~ rc.d/rc.subr > Move check later to mitigate a possible race. (ajacoutot@) rc.d/ypbind ~ rc.d/ypbind > Add an ALRM timer to cope with 2 annoying issues in rc.d(8): > - prevent a daemon from hanging the boot > (typo in your flagsm e.g. httpd_flags=-d) > - make sure we can get the status of a backgrounded daemon instead of > always > returning success > Side effect of this is that we can kill a knob! rip rc_bg :-) > Ports will need love, and a second commit is coming for that. > The diff is small yet not trivial so I am committing early in the release > process in one shot so it can easily be reverted if needed. I started > working on > this during g2k16 in Cambridge then finished it in Brisbane for a2k17 where > robert@, beck@ and sthen@ agreed it was the correct way to go and I should > move > ahead with it post 6.1. > If you see any regression, please talk to me! (ajacoutot@) ~ rc.d/ypbind > Ok turns out we still want to keep the rc_bg variable around but we need > to know which daemon cannot background themselves (actually we want to > know the opposite, but there are much more). However, it's only needed in > _rc_wait and rc.subr still does its magic without the need to add `&'. > (ajacoutot@) == games ============================================================= 05/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games robots ~ score.c > high scores printed too far to the right, move it left a little (tedu@) ~ main.c > if your dying scream would escape the death field, realign to stay within > (tedu@) ~ robots.6 > there are no bugs; i fixed them (tedu@) ~ rnd_pos.c > remove unused macro (tedu@) ~ robots.6 > remove some escapes that are unnecessary/harmful. ok jmc schwarze (tedu@) trek - dumpgame.c ~ Makefile ~ play.c ~ setup.c ~ trek.h > save and restore hasn't worked for some time, not since -fPIE, since it > uses a pointer equality check for save game validity. remove it. > discovered by the ever inquisitive mlarkin (tedu@) - DOC/read_me.nr - DOC/things ~ trek.6 ~ USD.doc/trek.me > forgot to remove mention of deleted dump/restart. > also delete ancient todo file: > Frankly, > I am getting pretty sick of playing this game. > Hence, > the version which you get may have several bugs (tedu@) == lib =============================================================== 06/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ stdlib/qsort.c > Support swapping 32-bit aligned elements on 64-bit platforms. > Previously they would be swapped a byte at a time when sizeof(int) > != sizeof(long). Idea from FreeBSD. (millert@) ~ hash/sha2.c > move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@ > (naddy@) libcrypto ~ objects/obj_mac.num ~ objects/objects.txt > Add definitions for three OIDs used in EV certificates. > From Kyle J. McKay <mackyle at gmail dot com> (jsing@) ~ ec/ec_asn1.c > Avoid a potential NULL pointer dereference in d2i_ECPrivateKey(). > Reported by Robert Swiecki, who found the issue using honggfuzz. > ok bcook@ (jsing@) librthread ~ rthread.h ~ rthread_libc.c + synch.h + rthread_cond.c + rthread_mutex.c > New mutex and condvar implementations based on futex(2). > Not enabled yet, it needs some SPINLOCK_SPIN_HOOK love and > some bumps. > Tested by many including sthen@ in a bulk. > ok visa@, sthen@, kettenis@, tedu@ (mpi@) ~ rthread_mutex.c > Use membar_enter_after_atomic() and membar_exit_before_atomic(). (mpi@) == libexec =========================================================== 07/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec getty ~ subr.c > unifdef XXX_DELAY which is older than i am (tedu@) ~ main.c > remove the getname() code trying to handle baud < 1200 terminals. > leave the special down under code until somebody unearths why it exists. > (tedu@) ~ gettytab.5 ~ main.c > Stop supporting primordial # (erase) and @ (kill) sequences. > ok tedu (deraadt@) ~ main.c > Stop echoing ANSI sequences back to the console, by expanding ESC character > to literal ^[. This makes getty interaction appear more like login, and > stops a mid-ANSI sequence parsing problem that messed up login, making it > freeze the session until timeout. > ok tedu fcambus (deraadt@) ~ main.c > Do a better job of not printing sequences we cannot reverse in DELETE or > KILL. Therefore we can do a better job cleaning up. > testing by benno (deraadt@) rpc.rstatd ~ rstat_proc.c > bzero -> memset (tedu@) rpc.rwalld ~ rwalld.c > remove support for OSF (tedu@) talkd ~ talkd.8 > Xr inetd as a hint about what flavor of crazy you're dealing with (tedu@) == regress =========================================================== 08/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress bin ~ ksh/vi/vi.sh > Fix cursor position while removing characters from the command line. > While here, remove a condition that becomes redundant. > ok schwarze@ tb@ (anton@) lib ~ libc/qsort/qsort_test.c > correct a return value test > ok millert@ (jsg@) ~ libc/qsort/Makefile ~ libc/qsort/qsort_test.c + libc/qsort/antiqsort.c > Instead of embedding pre-generated tables from McIlroy's "A Killer > Adversary for Quicksort", just include the code to generate them. > Also allow the number of elements to be specified on the command line. > (millert@) ~ libc/qsort/qsort_test.c > Add timing and test name options. (millert@) ~ libcrypto/chacha/chachatest.c > Synchronise chacha test cases with the referenced draft - this adds a > missing test case, reassigns two of the labels and removes a test case > that was from an earlier draft. > Inconsistency noted by Steven Roberts <fenderq at gmail dot com>, some time > ago... (jsing@) ~ libpthread/sigwait/sigwait.c > Go to sleep to let our contending thread win a race. > Because we cannot assume that the contending thread will grab it > between our unlock/lock. > ok kettenis@ (mpi@) ~ libpthread/restart/connect/connect.c > Do not connect to cvs.openbsd.org in regress. Run on loopback to > make the test pass without internet access. > OK mpi@ (bluhm@) ~ libc/qsort/qsort_test.c > Also test arrays of double and long long. (millert@) sys ~ netinet/ipsec/Makefile > Do not use reject routes as they prevent path MTU discovery. > Drop possible old TCP connections from previous test runs. > Adapt regex that checks tcpdump pflog0, output has been fixed. (bluhm@) ~ netinet/ipsec/Makefile > Now that pf looks behind IPv4 authentication headers, disable the > transport mode tests that fail because of floating states. At least > IPv4 and IPv6 are in sync now. (bluhm@) usr.bin ~ patch/Makefile + patch/t19.diff + patch/t19.in + patch/t19.out > add a test for the git diffs, suggested by tom (tedu@) == sbin ============================================================== 09/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ dhclient.c > Move the two loops through the leases file > looking for a valid recorded lease into a separate > function and thus make them consistent. > No intentional functional change. (krw@) ~ dhclient.c > Whitespace rectification of a couple of mis-indentations. (krw@) ~ dhclient.c > Move logic to set default client-identifier into a > separate function so it can be used in multiple > places. (krw@) ~ dispatch.c > Elegant and reliable link status checking courtesy of mpi@. > Less of unreliable ioctl(SIOCGIFMEDIA), more getifaddrs(). > ok mpi@ (krw@) iked ~ dh.c > A few more freezero() uses > ok yasuoka mikeb (deraadt@) pfctl ~ pfctl_osfp.c > Move includes. > This reduces the diff with usr.sbin/tcpdump/pfctl_osfp.c. The change > from tcpdump is newer, so change pfctl. No binary change. > OK deraadt@ (akfaew@) ~ pfctl_osfp.c > print_ioctl() is unused if not debugging. Found with clang, after > marking the function "static". Use OSFP_DEBUG, in a similar > fashion to OPT_DEBUG (pfctl_optimize.c). > OK bluhm@ (akfaew@) ~ parse.y > Don't check np->port for NULL - it's an array, it's never NULL. > OK bluhm@ (akfaew@) wsconsctl ~ wsconsctl.8 > Mention the display.font variable in EXAMPLES. > As mentioned by miod@ here [1], wsconsctl(8) has a currently > undocumented 'display.font' variable allowing to change the > current font on framebuffer consoles. > [1] http://undeadly.org/cgi?action=article&sid=20131023125815 > OK deraadt@ (fcambus@) == share ============================================================= 10/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man8/man8.loongson/MAKEDEV.8 > regen (visa@) ~ man4/route.4 > Fix copy/paste in comment. (jca@) ~ man5/pf.conf.5 > some tweaks to the QUEUEING section; > from mikeb and myself (jmc@) ~ man8/rc.d.8 > Four, not three variables can be overriden. But the number is not important > so just drop it. > reported by thelocals_job_applicant at protonmail (ajacoutot@) ~ man4/options.4 > option KEY got tedued. (claudio@) ~ man8/rc.d.8 ~ man8/rc.subr.8 > Add an ALRM timer to cope with 2 annoying issues in rc.d(8): > - prevent a daemon from hanging the boot > (typo in your flagsm e.g. httpd_flags=-d) > - make sure we can get the status of a backgrounded daemon instead of > always > returning success > Side effect of this is that we can kill a knob! rip rc_bg :-) > Ports will need love, and a second commit is coming for that. > The diff is small yet not trivial so I am committing early in the release > process in one shot so it can easily be reverted if needed. I started > working on > this during g2k16 in Cambridge then finished it in Brisbane for a2k17 where > robert@, beck@ and sthen@ agreed it was the correct way to go and I should > move > ahead with it post 6.1. > If you see any regression, please talk to me! (ajacoutot@) ~ man8/rc.subr.8 > Ok turns out we still want to keep the rc_bg variable around but we need > to know which daemon cannot background themselves (actually we want to > know the opposite, but there are much more). However, it's only needed in > _rc_wait and rc.subr still does its magic without the need to add `&'. > (ajacoutot@) ~ man5/port-modules.5 > remove devel/waf gone 2 years ago, may not come back but still gives > nightmares > ok ajacoutot (jung@) + man7/airport.7 > document /usr/share/misc/airport contents and rules, after lengthy > hackroom discussion about train stations. > ok mlarkin, feedback deraadt (benno@) ~ man7/Makefile > install new manpage, noted by tb@ (benno@) misc ~ inter.phone > convert to UTF-8 (tedu@) ~ airport > add HWD - Hayward Executive Airport. After extensive discussion, the > decision was made that a missed approach at the DH counts as "being at > the airport" > ok phessler, deraadt (mlarkin@) ~ airport > The High Council of Deciders has determined that railway stations, even > those with IATA codes, are not airports and therefore do not qualify for > inclusion in this file. (tedu@) ~ airport > typo (mlarkin@) - operator ~ Makefile > please read operator(7) for this information. (benno@) ~ airport > Add ZIA, even given that I didn't visit it after it actually became ZIA > instead of Ramenskoe Airfield. > approved by deraadt@ (zhuk@) ~ airport > Add BND, I've been there many times. (ajacoutot@) == sys =============================================================== 11/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ locore.s > Implement copyin32(9) for alpha. (kettenis@) arch/amd64/amd64 ~ lapic.c > Replace the only usage of x86_pause() with SPINLOCK_SPIN_HOOK. > OK dlg@ (visa@) ~ vmm.c > add missing prototype (mlarkin@) ~ cpu.c > manually inline tlbflushg. it's short and there's only one caller. > ok deraadt (tedu@) ~ lock_machdep.c > Use intr_disable()/intr_restore() to reduce differences with sparc64 > mp_lock. > ok kettenis@, visa@ (mpi@) ~ db_trace.c > If a function is not found in the CTF data, do not assume it takes no > argument. (mpi@) ~ vmm.c > typo in comment (mlarkin@) arch/amd64/conf ~ RAMDISK_CD > Enable chvgpio(4) in RAMDISK_CD on amd64. > Makes the King Jim portabook's keyboard work in bsd.rd. > ok deraadt mlarkin (stsp@) arch/amd64/include ~ lock.h > Drop trailing semicolon from a macro. > OK dlg@ (visa@) ~ cpufunc.h > Replace the only usage of x86_pause() with SPINLOCK_SPIN_HOOK. > OK dlg@ (visa@) ~ cpufunc.h > there shouldn't be any need to check for PGE on amd64. ok deraadt mlarkin > (tedu@) ~ cpufunc.h > manually inline tlbflushg. it's short and there's only one caller. > ok deraadt (tedu@) ~ atomic.h > On i386 and amd64, atomic instructions include an implicit memory barrier. > ok mikeb@, visa@, mpi@ (kettenis@) ~ vmmvar.h > rename some fields (mlarkin@) arch/arm64/arm64 ~ pmap.c > Give the vp pool its own allocator. Avoiding the logic that creates large > pool pages that fit at least 8 pool items reduces the kva pressure. > Unfortunately this doesn't completely eliminate the problems sthen@ is > seeing. > ok drahn@ (kettenis@) ~ machdep.c > Use EFI memory map to discover available physical memory. > Fall back on improved code that parses the FDT /memory node. > However, on machines with "real" UEFI firmware, /memory may include > reserved memory that we shouldn't use (it does on the Overdrive 1000). > On those machines, make sure that you use BOOTAA64 0.3 or later such that > the EFI memory map gets used. > For now, print out the EFI memory map to help debug any issues. > ok patrick@ (kettenis@) arch/arm64/conf ~ GENERIC ~ RAMDISK > Add dwmmc(4), a driver for the Synopsis Designware SD/MMC controller as > found > on various Rockchip SoCs. > This is still WIP. Next steps will be to get rid of various busy-wait > loops > and add DMA support. (kettenis@) arch/arm64/include ~ vmparam.h > Use EFI memory map to discover available physical memory. > Fall back on improved code that parses the FDT /memory node. > However, on machines with "real" UEFI firmware, /memory may include > reserved memory that we shouldn't use (it does on the Overdrive 1000). > On those machines, make sure that you use BOOTAA64 0.3 or later such that > the EFI memory map gets used. > For now, print out the EFI memory map to help debug any issues. > ok patrick@ (kettenis@) arch/armv7/conf ~ GENERIC ~ RAMDISK > Add support for the SD/MMC controller found on Samsuung Exynos5. > (kettenis@) arch/armv7/exynos - exesdhc.c ~ files.exynos > Remove exesdhc(4). This driver was never finished and has been replaced > by dwmmc(4). (kettenis@) ~ exclock.c > Add clocks for SD/MCC controller on Exynos 5420/5800. (kettenis@) arch/i386/conf ~ Makefile.i386 > Build i386 kernels with -ffreestanding, matching amd64 and various > other platforms. > ok visa@ kettenis@ (jsg@) arch/i386/i386 ~ cpu.c > manually inline tlbflushg. it's short and there's only one caller. > ok deraadt (tedu@) ~ lock_machdep.c > Use intr_disable()/intr_restore() to reduce differences with sparc64 > mp_lock. > ok kettenis@, visa@ (mpi@) ~ db_trace.c > If a function is not found in the CTF data, do not assume it takes no > argument. (mpi@) arch/i386/include ~ cpufunc.h > manually inline tlbflushg. it's short and there's only one caller. > ok deraadt (tedu@) ~ atomic.h > On i386 and amd64, atomic instructions include an implicit memory barrier. > ok mikeb@, visa@, mpi@ (kettenis@) ~ atomic.h > remove bogus atomic_swap_64 code from i386 > xchg can't handle 64 bit values on i386. gcc errors if the code > is called, clang errors if it is included. > ok mlarkin@ kettenis@ (jsg@) arch/loongson/conf ~ GENERIC > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) arch/loongson/include ~ autoconf.h ~ pmon.h ~ vmparam.h > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) arch/loongson/loongson ~ conf.c ~ generic3a_machdep.c ~ machdep.c ~ pmon.c > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) ~ pmon.c > Tweak style. (visa@) ~ yeeloong_machdep.c > Rate limit messages about spurious ISA interrupts on yeeloong systems. > On suspend, the USB driver is put to polling mode and it no longer > claims interrupt requests. If the USB controller keeps raising new > requests faster than spurious interrupt messages can be printed, > interrupt processing hogs all CPU time and the suspend code gets > stuck. The rate limiting should prevent this from happening. > Suspend issue with USB Wi-Fi reported by fcambus@ > Fix tested by and OK fcambus@ (visa@) arch/mips64/conf ~ files.mips64 > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) arch/mips64/include ~ cpu.h > Add an idle cycle implementation for R4600/R5000/RM7000 CPUs and their > derivatives. This lets the kernel utilize the CPUs' Standby Mode to > reduce the power consumption of an idle system. > Suggested by and input from miod@. > He also tested this patch on an RM7000 O2. (visa@) arch/mips64/mips64 ~ context.S ~ cpu.c > Add an idle cycle implementation for R4600/R5000/RM7000 CPUs and their > derivatives. This lets the kernel utilize the CPUs' Standby Mode to > reduce the power consumption of an idle system. > Suggested by and input from miod@. > He also tested this patch on an RM7000 O2. (visa@) ~ pmap.c > Check cache_valias_mask earlier in the expression. The value is zero > on most systems, so this tweak should save an iota of CPU time. (visa@) ~ ipifuncs.c > mips64_multicast_ipi() excludes current CPU. > The caller does not have to do that. (visa@) ~ ipifuncs.c > Use fast path if remote call is not needed. > Note that rendezvous calls are no longer necessarily > serialized systemwide. (visa@) ~ ipifuncs.c > Do not allow NULL callback at rendezvous and clear callback > pointer at the end to catch errors faster. (visa@) arch/sparc64/conf ~ ld.script > Make room for another 4GB of .text. (kettenis@) arch/sparc64/dev ~ iommu.c ~ psycho.c ~ pyro.c ~ schizo.c ~ vdsk.c ~ viommu.c > tweak sparc64 membars as a step toward making them usable in userland. > specifically, dont rely on magic in ctlreg to implement membars. moving > that to atomic.h would add a lot of pollution to the namespace, so > move to passing the membar options to a single __membar macro. > this tweaks everything that was using the ctlreg backend to either use > an appropriate membar_foo(), or to use __membar() in the MD code. > ok kettenis@ (dlg@) arch/sparc64/include ~ atomic.h ~ bus.h ~ ctlreg.h ~ psl.h > tweak sparc64 membars as a step toward making them usable in userland. > specifically, dont rely on magic in ctlreg to implement membars. moving > that to atomic.h would add a lot of pollution to the namespace, so > move to passing the membar options to a single __membar macro. > this tweaks everything that was using the ctlreg backend to either use > an appropriate membar_foo(), or to use __membar() in the MD code. > ok kettenis@ (dlg@) ~ lock.h > Move SPINLOCK_SPIN_HOOK to the header used by other archs in order to > prepare the terrain for MI locks. > ok kettenis@ (mpi@) arch/sparc64/sparc64 ~ cpu.c ~ ipifuncs.c ~ lock_machdep.c ~ machdep.c ~ vm_machdep.c > tweak sparc64 membars as a step toward making them usable in userland. > specifically, dont rely on magic in ctlreg to implement membars. moving > that to atomic.h would add a lot of pollution to the namespace, so > move to passing the membar options to a single __membar macro. > this tweaks everything that was using the ctlreg backend to either use > an appropriate membar_foo(), or to use __membar() in the MD code. > ok kettenis@ (dlg@) ~ pmap.c > Claim physical memory allocated during early bootstrap from the PROM. > (kettenis@) ~ lock_machdep.c > Move SPINLOCK_SPIN_HOOK to the header used by other archs in order to > prepare the terrain for MI locks. > ok kettenis@ (mpi@) conf ~ GENERIC > Kill option KEY, it is a useless knob, nobody uses pfkeyv2 without IPSEC or > tcp md5. OK mpi@ (claudio@) ddb ~ db_ctf.c > Spring cleanup: > - Cache the string table pointer > - Unify return statements > - Use the end of the symbol table rather than counting symbols (mpi@) ~ db_sym.c > Make ddb print again filename and linenumber if a bsd.gdb was loaded. > mpi@ agrees that this is correct. (claudio@) ~ db_ctf.c ~ db_elf.c ~ db_elf.h > Merge two functions to lookup ELF sections by name. > ok claudio@, jasper@ (mpi@) ~ db_ctf.c > If a function is not found in the CTF data, do not assume it takes no > argument. (mpi@) dev/acpi + efi.h > Add a header with EFI/UEFI-related definitions for use by the kernel. For > now this only contains definitions for parsing the EFI memory map. > I anticipate adding limited support for the EFI system table and some of > the EFI runtime services, but not much more. > ok mlarkin@, patrick@, tom@ (kettenis@) ~ dsdt.c > Remove a redundant assignment introduced in revision 1.219 but favor the > assignment outside of the conditional. > ok stsp@ (anton@) dev/fdt ~ files.fdt + dwmmc.c > Add dwmmc(4), a driver for the Synopsis Designware SD/MMC controller as > found > on various Rockchip SoCs. > This is still WIP. Next steps will be to get rid of various busy-wait > loops > and add DMA support. (kettenis@) ~ if_dwge_fdt.c > Rockchip SoCs needs some additional register twiddling when the link speed > changes to set the appropriate clock. Add a sc_statchg callback in the > core softc that gets called when the link status changes. (kettenis@) ~ dwmmc.c > Actually wait on auto command done (ACD) as was the intention. (kettenis@) ~ dwmmc.c > Add support for the SD/MMC controller found on Samsuung Exynos5. > (kettenis@) dev/ic ~ dwc_gmac.c ~ dwc_gmac_var.h > Rockchip SoCs needs some additional register twiddling when the link speed > changes to set the appropriate clock. Add a sc_statchg callback in the > core softc that gets called when the link status changes. (kettenis@) ~ nvme.c ~ nvmevar.h > nvme: Add suspend/resume code > Based on an initial patch by ehrhardt@ . Thanks to claudio@ for testing > and deraadt@ for advice. > "go ahead" deraadt@ (sf@) ~ nvme.c > nvme: Don't set prp1 for DEL_IOCQ > NVM_ADMIN_DEL_IOCQ does not need prp1 (just as NVM_ADMIN_DEL_IOSQ). > Remove what is likely a cut'n'paste error from the *_ADD_* code. > tested by claudio@ > ok jmatthew@ (sf@) dev/pci ~ drm/radeon/radeon_bios.c > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) ~ drm/drmP.h > tweak sparc64 membars as a step toward making them usable in userland. > specifically, dont rely on magic in ctlreg to implement membars. moving > that to atomic.h would add a lot of pollution to the namespace, so > move to passing the membar options to a single __membar macro. > this tweaks everything that was using the ctlreg backend to either use > an appropriate membar_foo(), or to use __membar() in the MD code. > ok kettenis@ (dlg@) ~ drm/drm_linux.h > The Linux code really isn't up to the same standard as our other code, and > clang complains about it a lot. Since we don't want to fix the code, > suppress certain warnings using #pragma clang diagnostic. > ok jsg@ (kettenis@) ~ if_iwm.c > Get rid of the DELAY() hack in the firmware loader for 8000 family > iwm(4) devices. I don't see any problems without this hack. > I suppose the underlying problem was fixed in if_iwm.c r1.146. > Add some additional error checking while here. > Tested by me on 8260 and by claudio@ on 8265. > ok claudio@ (stsp@) ~ ahci_pci.c > remove #ifdef HIBERNATE section that declares stuff that lives in ahci.c > (jmatthew@) ~ if_iwm.c ~ if_iwmvar.h > Remove unused flag IWM_FLAG_STOPPED. > ok tedu@ of course (stsp@) ~ if_iwm.c > Fix some spurious fatal firmware errors in iwm(4). > If we are not in SCAN state anymore by the time hardware signals completion > of a scan command, exit the scan completion handler immediately instead of > calling ieee80211_end_scan(). > Tested by tb@ and myself. > ok mpi@ tb@ zhuk@ (stsp@) dev/pv ~ vioblk.c ~ vioscsi.c ~ virtio.c ~ virtiovar.h > Move vioblk and vioscsi more fully into the world of iopool and > 'modern' scsi. Eliminates use of XS_NO_CCB. > Resource optimization to follow. > ok sf@, "makes sense" dlg@ earlier version (krw@) ~ vioblk.c > vioblk: set VIOBLK_DONE from vioblk_vq_done1 > If the device needs to be reset due to a poll timeout, we need accurate > information which requests are already completed. Otherwise, there will > be a panic "scsi_done called twice on xs", as found out by mpi@ (sf@) ~ virtio.c > virtio: minor tweak > use qe_desc_base instead of calculating the address again (sf@) ~ vioscsi.c > Move error path to end of function where god intended it > to be. goto'ing upwards into an 'if' statement block > is weird. > ok sf@ (krw@) ~ virtio.c > virtio: Remove MINSEG_INDIRECT > Remove MINSEG_INDIRECT as a tweakable define. Always use indirect > descriptors if we have more than 1 segment. Add a comment to document > the way if_vio.c uses maxnsegs in virtio_alloc_vq() to disable > indirect descriptors for a queue. > Based on a diff from krw@ (sf@) ~ virtiovar.h ~ virtio.c > virtio: remove unused vq_maxsegsize (sf@) dev/usb ~ ohci.c ~ ohcivar.h > Prepare ohci_intr1() for IPL_MPSAFE. > Stop manipulating the done list and root hub port status in the interrupt > handler. > Some parts lifted from NetBSD's r1.157 but with functionnal polling and > without leaving WDH interrupts masked after exiting ddb(4). > Fix an splassert() by no longer calling usb_transfer_complete() in the > interrupt handler. > Issue reported by claudio@, brynet@ and Jacqueline Jolicoeur. (mpi@) dev/wscons ~ ascii.h > Add missing comments for CAN and SUB, for consistency. > OK tb@ (fcambus@) kern ~ kern_pledge.c > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) ~ subr_witness.c > Drop kernel trace points. The trace facility does not exist on OpenBSD. > (visa@) ~ uipc_domain.c > Kill option KEY, it is a useless knob, nobody uses pfkeyv2 without IPSEC or > tcp md5. OK mpi@ (claudio@) ~ uipc_mbuf.c > Refactor m_makespace() using MCLGETI to simplify the logic of this > function. > Still quite complicated but more legible in the end and it will do less > M_GET calls for huge packets. > OK bluhm@ (claudio@) ~ uipc_mbuf.c > Put an assert that M_PKTHDR is set before accessing m_pkthdr in the > mbuf functions. > OK claudio@ (bluhm@) ~ sys_futex.c > Use copyin32(9) to atomically copy the futex from user space. > On !MULTIPROCESSOR kernels we still fall back on copyin(9), but that is > fine. This will break m88k MULTIPROCESSOR kernels. > ok deraadt@, mpi@, visa@ (kettenis@) ~ uipc_socket.c ~ uipc_socket2.c > Push the NET_LOCK down into PF_KEY so that it can be treated like PF_ROUTE. > Only pfkeyv2_send() needs the NET_LOCK() so grab it at the start and > release > at the end. This should allow to push the locks down in other places. > OK mpi@, bluhm@ (claudio@) lib/libkern + arch/mips64/sync.S > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) lib/libsa ~ sha2.c > move sha224_initial_hash_value[] under !SHA2_SMALL; ok deraadt@ millert@ > (naddy@) net ~ route.h > Fix copy/paste in comment. (jca@) ~ if_ethersubr.c > white space fix. no functional change. (dlg@) ~ pf.c > Move the common length check in pf_pull_hdr() after the address > family switch. This makes the specific calculation more obvious. > OK claudio@ (bluhm@) ~ bpf.c > When using "tcpdump proto 128" the filter never matched. A sign > expansion bug in bpf prevented protocols above 127. m_data is > signed, bpf_mbuf_ldb() returns unsigned. > bug report Matthias Pitzl; OK deraadt@ millert@ (bluhm@) ~ fq_codel.c > Fail with EINVAL when asked to create a non-root queue instead of panicking > Prompted by a bug report from semarie@, thanks! (mikeb@) ~ pfkey.c ~ pfkeyv2.c ~ pfkeyv2.h > There is only one version of pfkey in OpenBSD and this will not change any > time soon so remove all the code to support multiple pfkey versions. > OK mpi@ (claudio@) ~ if_tun.c > Remove superflyous splnet()/splx() dances. > ok bluhm@ (mpi@) ~ route.c > In ifa_ifwithroute() the rtalloc() needs to be done against the rdomain > so use rtable_l2() to get the right id. Fixes adding routes to rtables. > OK mpi@ phessler@ (claudio@) ~ pipex.c > Remove obsolete comment talking about splnet(). (mpi@) ~ pipex.c > Use rn_inithead() instead of rn_inithead0(). Since rn_inithead0() > doesn't trigger rn_initmask() and first session had caused panics. > Reported by VOblezov at mtsbank.ru. (yasuoka@) ~ if_pfsync.c > Remove useless splnet()/splx() dances. > pfsyncioctl() is executed with the NET_LOCK() held which is enough. > ok sashan@ (mpi@) ~ if_pppoe.c > Protect the global list of softc with the NET_LOCK(). > While here remove superfluous splnet()/splx() in the ioctl routine. > ok sashan@ (mpi@) ~ if_ppp.c > Protect the global list of softc with the NET_LOCK(). > ok sashan@ (mpi@) ~ pfkeyv2.c > Push the NET_LOCK down into PF_KEY so that it can be treated like PF_ROUTE. > Only pfkeyv2_send() needs the NET_LOCK() so grab it at the start and > release > at the end. This should allow to push the locks down in other places. > OK mpi@, bluhm@ (claudio@) ~ if_pflow.c ~ if_pflow.h > move sending of pflow packet into a task, seperated from the data > collection by a mbuf queue. with help from mpi@ > ok florian@ (benno@) ~ if_pflow.c > fix previous as noted by mpi, thx florian (benno@) ~ if_enc.c > Protect the global array of interfaces with the NET_LOCK(). > ok sashan@ (mpi@) ~ if_trunk.c > Remove useless splnet()/splx() dances. > Data structures modified in the ioctl path are protected by the NET_LOCK(). > ok sashan@ (mpi@) ~ if.c > Leaving IP multicast group requires the NET_LOCK(). > Grab the lock before calling carpdetach(). > ok bluhm@ (mpi@) ~ if.c ~ if_ethersubr.c ~ if_pppx.c ~ netisr.h ~ pipex.c ~ pipex_local.h > Remove all splnet/splx from pipex(4) and pppx(4) and replace some of > them by NET_LOCK/NET_UNLOCK. Also make the timeout for pipex_timer > run with a thread context and replace pipex softintr by NETISR_PIPEX. > ok mpi (yasuoka@) ~ if_trunk.c > trunk_port_destroy() needs the NET_LOCK(). > It brings the interface down and restore the original lladdr. > Found by Hrvoje Popovski (mpi@) ~ pf.c > Pf was handling IPv4 and IPv6 differently regarding AH extension > headers. pf_walk_header6() steps over it and detects the real > protocol. So to implement a minimal header walking function > pf_walk_header() for IPv4. It does the header checks and jumps > over AH. Then pf does not understand AH as a protocol, it is just > an extension that authenticates the packet. Move some header and > option checks to pf_walk_header() for consistency with IPv6. This > also improves the header check for IPv4 packets in ICMP payload. > OK henning@ (bluhm@) ~ if_trunk.c > Add missing NET_UNLOCK() in error path. > Spotted by sashan@ (mpi@) ~ pf.c ~ pfvar.h > Fix bad white spaces, wrap long lines, kill some empty lines. (bluhm@) ~ pf.c > Limit the nested header chain for IPv6 extensions headers and for > authentication headers in the IPv4 case. This prevents spending > excessive cpu time on crafted packets. > OK henning@ (bluhm@) ~ pipex.c > Use interface index instead of ifnet pointer. (yasuoka@) ~ if_pppx.c ~ pipex_local.h > Use interface index and if_{put,get} instead of ifnet pointer. (yasuoka@) ~ pipex.c > Check also whether the interfaces is matched when pipex check PPPoE > packets. This fixes the problem when pipex connects with pppoe(4) > through pair(4). (yasuoka@) ~ pipex.c > Process packets immediately without queuing since pipex is believed MP safe > already, for PPPoE case as first step. > ok mpi (yasuoka@) ~ pipex_local.h > fix broken include on previous pipex commit > ok deraadt (mlarkin@) netinet ~ ip_icmp.c > Fix a mbuf leak when reflecting an ICMP packet with IP options. > Free the options in icmp_input_if() after a successful call to > icmp_reflect(). > bug report and analysis by Hendrik Gerlach > OK krw@ claudio@ phessler@ (bluhm@) ~ ip_icmp.c TAGGED OPENBSD_6_1 > Fix a mbuf leak when reflecting an ICMP packet with IP options. > Free the options in icmp_input_if() after a successful call to > icmp_reflect(). > bug report and analysis by Hendrik Gerlach > OK krw@ claudio@ phessler@ millert@ (bluhm@) ~ ip_icmp.c TAGGED OPENBSD_6_0 > Fix a mbuf leak when reflecting an ICMP packet with IP options. > Free the options in icmp_input_if() after a successful call to > icmp_reflect(). > bug report and analysis by Hendrik Gerlach > OK krw@ claudio@ phessler@ millert@ (bluhm@) ~ ip_input.c ~ ip_var.h TAGGED OPENBSD_6_0 > Use the IPsec policy check from IPv4 also when doing local delivery > in ip6_local() to our IPv6 stack. > OK mikeb@ (bluhm@) ~ ip_input.c ~ ip_ipsp.h ~ ip_var.h ~ ipsec_input.c TAGGED OPENBSD_6_0 > Move IPsec forward and local policy check functions to ipsec_input.c > and give them better names. > input and OK mikeb@ (bluhm@) ~ ip_ipip.c TAGGED OPENBSD_6_0 > Instead of looking at the IP version of the header, use the outer > address family passed to ipip_input(). > OK mpi@ (bluhm@) ~ ip_ipip.c TAGGED OPENBSD_6_0 > In IPIP input rename the variable ipo to ip as it is used for inner > and outer header. Reset values depending on the the mbuf when the > mbuf is adjusted. Check the length of the inner IP header with the > correct size in case of IPv6. Check the IPv4 header size including > IP options. For the IPIP statistics the inner header length has > to be subtracted from the packet size as the outer header has already > been stripped off. > OK mpi@ (bluhm@) ~ ip_carp.c TAGGED OPENBSD_6_0 > Fix the carp mode 'balancing ip-stealth'. Set the link state UP > if at least one vhid is in state MASTER. > from Florian Riehm; OK florian@ (bluhm@) ~ ip_input.c ~ ip_var.h ~ ipsec_input.c TAGGED OPENBSD_6_0 > Rename ip_local() to ip_deliver() and give it the same parameters > as the pr_input functions. Add an assert that IPv4 delivery ends > in IP proto done to assure that IPv4 protocol functions work like > IPv6. > OK mpi@ (bluhm@) ~ ip_input.c TAGGED OPENBSD_6_0 > clang warns on unused labels. Place a recently introduced label under > ifdef IPSEC to fix the clang build when IPSEC is not defined. > ok deraadt@ bluhm@ (jsg@) ~ ip_carp.c TAGGED OPENBSD_6_0 > Leaving IP multicast group requires the NET_LOCK(). > Grab the lock before calling carpdetach(). > ok bluhm@ (mpi@) ~ ip_ipip.c TAGGED OPENBSD_6_0 > Call bpf_mtap_af() a bit earlier in ipip_input(). This prepares > upcoming diffs, no functional change. > OK mpi@ (bluhm@) netinet6 ~ ip6_input.c > Use the IPsec policy check from IPv4 also when doing local delivery > in ip6_local() to our IPv6 stack. > OK mikeb@ (bluhm@) ~ ip6_input.c > Move IPsec forward and local policy check functions to ipsec_input.c > and give them better names. > input and OK mikeb@ (bluhm@) ~ ip6_input.c > Bump the right counters. One of these was caught by clang because of a > mismatched enum. > ok bluhm@ (kettenis@) ~ ip6_input.c ~ ip6_var.h > Rename ip_local() to ip_deliver() and give it the same parameters > as the pr_input functions. Add an assert that IPv4 delivery ends > in IP proto done to assure that IPv4 protocol functions work like > IPv6. > OK mpi@ (bluhm@) sys ~ atomic.h > Add membar_enter_after_atomic(9) and membar_exit_before_atomic(9) APIs to > allow important optimizations on architectures where atomic instructions > include and implied memory barrier. > ok mikeb@, visa@, mpi@ (kettenis@) uvm ~ uvm_device.c > Enable radeondrm(4) on loongson to get accelerated graphics > with the RS780E chipset. > OK kettenis@, jsg@ (visa@) == usr.bin =========================================================== 12/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin banner ~ Makefile ~ banner.c ~ banner.h ~ chset.c > trim some unused compile options for alternative character forms. (tedu@) cvs ~ logmsg.c > Bring the opencvs log message template inline with other cvs > implementations. > ok stsp@ (joris@) ~ status.c > Teach opencvs status to display the sticky tag according to what it really > represents if it is a branch or a revision. > ok stsp@ (joris@) ~ commit.c > Don't allow opencvs to commit towards tags that are not branches. > Gets rid of the old logic that wasn't working and replaced it with > a simplified version. > ok stsp@ (joris@) ~ cvs.h ~ file.c ~ import.c > Let opencvs show ignored files on import, not showing them is just > confusing. > ok stsp@ (joris@) doas ~ doas.c > for password failure, print Authorization failed instead of EPERM. > will make things less confusing with commands rejected by config file. > (tedu@) encrypt ~ encrypt.c > Use freezero instead of explicit_bzero+free > OK tb@ (mestre@) libtool ~ LT/Getopt.pm > Make libtool handle --tag=... inside command line. > Unbreaks (and changes PLIST) multimedia/lives under Clang, and maybe > others. > okay espie@ (zhuk@) nc ~ netcat.c > Fix gcc warnings triggered by WARNINGS=yes. > OK florian@ (bluhm@) patch ~ pch.c > sometimes patches coming from other places have extra a/ and b/ directories > prepended to filenames. detect this condition and attempt to correct it. > ok openbsd (tedu@) signify - smult_curve25519_ref.c ~ Makefile > when copying curvy files from ssh, an extra one snuck in. > signify doesn't do any kex stuff and doesn't need scalarmult. (tedu@) ssh ~ PROTOCOL > fix references to obsolete v00 cert format; spotted by Jakub Jelen (djm@) ~ channels.c ~ channels.h > remove channel_input_close_confirmation (ssh1 only); ok djm@ (markus@) ~ channels.c ~ channels.h > remove SSH_CHANNEL_XXX_DRAINING (ssh1 only); ok djm@ (markus@) ~ sshbuf.c > sshbuf_consume: reset empty buffer; ok djm@ (markus@) systat ~ pftop.c > Support for displaying flow queues alongside H-FSC > This (ab)uses the fact that node->qstats.data.period field in > hfsc_class_stats structure is at the same offset as the 'flows' > field in fqcodel_stats. > While here make use of a presently empty field "SCH" to display > the queue management policy (flow or fifo) which is not strictly > a scheduler, but it will hopefully become descriptive and useful > later. This distinguishes flow queues from the regular HFSC ones. > OK sthen, visa (mikeb@) talk ~ talk.1 > incompatibilities with 4.2 are no longer interesting (tedu@) tmux ~ cmd-refresh-client.c > Also recalculate session sizes when refreh-client -C is used. GitHub > issue 947. (nicm@) ~ cmd-new-session.c > Change so that sessions created detached (-d or no client) are always > 80x24 and the status line is not applied until they attach. Also make -x > and -y work for control clients whether the session is detached or not. > (nicm@) ~ input.c > Support OSC 10 and 11 to set foreground and background colours, from > "bertnp" in GitHub issue 942. (nicm@) yacc ~ closure.c ~ lalr.c ~ main.c ~ mkpar.c ~ reader.c ~ verbose.c > fix a variety of warnings. from Brian Callahan (tedu@) == usr.sbin ========================================================== 13/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin acme-client ~ main.c > Use basename(3) instead of hand rolling it. > Gets rid of double slashes, pointed out by Raf Czlonka (rczlonka at > gmail), thanks! > OK benno (florian@) bgpd ~ parse.y > Allow nested {} in prefix lists. > Diff from Denis Fondras, many thanks! > OK claudio@ phessler@ (phessler@) ~ parse.y > Expand RIB names in groups > Diff from Denis Fondras, many thanks! > OK claudio@ phessler@ (phessler@) ~ bgpd.8 ~ parse.y ~ rde_attr.c ~ session.c > AS 0 is special and should be considered an error. > Drop the session if it shows during OPEN or CAPA, or mark as invalid if > it is part of an Update. > required by RFC 7607 > man page OK jmc@ > OK florian@ benno@ claudio@ (phessler@) ~ bgpd.h > fix the reference to draft-ymbk-grow-blackholing, to RFC 7999 (phessler@) ~ bgpd.conf.5 ~ bgpd.h ~ parse.y ~ printconf.c ~ rde_filter.c > allow us to use 'local-as' in the filter language > "match in from any set community local-as:neighbor-as" > OK claudio@ (phessler@) ~ bgpd.conf.5 ~ parse.y ~ printconf.c ~ rde.c ~ rde_filter.c ~ rde_update.c ~ session.c > Allow OpenBGPD to selectively choose which local ASN to use per-peer. > This is intended to be used for ASN migrations, not for permanent use. > You MUST use filters to protect yourself from receiving your own routes. > There be dragons and grues. > OK claudio@ benno@ (phessler@) ~ mrt.c > this expects 2byte ASN, so use that, instead of an asn that may or may not > fit > noticed by and OK claudio@ (phessler@) ~ bgpd.h > bump the size of ctl rib flags > OK claudio@ (phessler@) ~ parse.y > allow only one network <prefix> statement per for the same prefix. > ok florian@ phessler@ (benno@) ~ bgpd.conf.5 ~ bgpd.h ~ parse.y ~ printconf.c ~ rde.c > Allow an administrator to disable the bgp loop detection algorithm, > which is useful in very limited situations. > Angry dragons and grues will hunt for you, if you use it. > OK claudio@ sthen@ benno@ (phessler@) ~ bgpd.h ~ control.c ~ rde.c ~ rde.h ~ rde_rib.c ~ session.c ~ session.h > Implement an XON/XOFF protocol between the RDE and the SE to throttle > per control session and peer the generation of imsg in the RDE. This > reduces the memory pressure in the SE substantially and also a bit in > the RDE. Makes the RDE more responsive for bgpctl commands. > Tested by me with 100 peers * 2000 prefixes and by phessler@ on an AMS-IX > border router with 200+ session. Convergance time got quite a bit better. > OK phessler@ (claudio@) ~ bgpd.c ~ bgpd.h ~ config.c ~ kroute.c ~ parse.y > so far, bgpd was hardcoded to use rtable 0 for nexthop verification. > instead, use the rtable bgpd was started in (route -T <n> exec / rc.d > daemon_rtable) for nexthop verification and as default Adj-RIB-In and > Loc-RIB. This allows multiple bgpds in different rdomains on the same > machine - bgp router virtualization if you like buzzwords. > initial version written under contract more than a year ago, it took us > a while to wrap our brains around the bgpd <-> rdomain interactions - > 1) RIBs, 2) nexthop verification and 3) tcp sockets. > ok & input phessler claudio benno (henning@) ~ bgpd.conf.5 > we're not hardcoded to table 0 any more (henning@) ~ bgpd.conf.5 > tweak previous; (jmc@) ~ rde.c ~ session.c > Close imsg pipes later in the process. The shutdown code still tires to > send imsgs and so the SE and RDE crashed because of this late in shutdown. > OK benno@ phessler@ (claudio@) ~ bgpd.h ~ logmsg.c > Introduce log_peer_info() and make log_peer_warn() log at LOG_ERR instead > of LOG_CRIT (which should only be used for fatal). > OK benno@ (claudio@) ~ rde.c > Print when we send or recv an EOR marker. > Req by and OK benno@ (claudio@) httpd ~ config.c ~ httpd.c ~ httpd.h ~ proc.c > use __func__ in log messages. > From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! > ok florian, claudio (benno@) identd ~ identd.c > Sync the severity of the syslog_* functions shared between identd, slowcgi, > tftp-proxy and tftpd to the severity used in log.c style loggers. > This also fixes an issue where syslog_err and syslog_errx logged with > different severities. > Sure deraadt@ (florian@) ikectl ~ ikeca.c > A few more freezero() uses > ok yasuoka mikeb (deraadt@) ~ ikeca.c > Set REQ_EXT in req section so ikectl ca certificate revoke will work again. > (jsg@) ldapd ~ btree.c > Don't overflow uint16 when the filesystem block size is >32K. > Reported and initial diagnosis from Allan Streib, help/ok millert deraadt > (sthen@) ~ syntax.c > Fix checks for seconds and timezones in generalized times. > Fixing the CHECK_RANGE macro in r1.4 revealed that the seconds check > accidentally relied on the macro being broken. While looking into this I > noticed that the timezone check was also wrong, treating the timezone as > optional for generalized times. > investigation and diff mostly by Seiya Kawashima. (jmatthew@) radiusd ~ radiusd.c > A few more freezero() uses > ok yasuoka mikeb (deraadt@) relayd ~ Makefile ~ ca.c ~ check_tcp.c ~ config.c ~ hce.c ~ parse.y ~ relay.c ~ relay_http.c ~ relayd.c ~ relayd.h ~ ssl.c + boguskeys.h + check_tls.c > Migrate relayd to use libtls for TLS. Still does the TLS privsep via the > engine but at least we can use a sane API for new features. > Going in now so it is possible to work with this in tree. > General agreement at d2k17. (claudio@) ~ agentx.c ~ ca.c ~ check_icmp.c ~ check_script.c ~ check_tcp.c ~ hce.c ~ pfe.c ~ pfe_filter.c ~ pfe_route.c ~ proc.c ~ relay.c ~ relay_http.c ~ relay_udp.c ~ relayd.c ~ snmp.c ~ ssl.c > use __func__ in log messages. fix some whitespace while here. > From Hiltjo Posthuma hiltjo -AT codemadness -DOT- org, thanks! > ok florian, claudio (benno@) sasyncd ~ monitor.c > A few more freezero() uses > ok yasuoka mikeb (deraadt@) slaacctl ~ slaacctl.c > no longer carry addresses in struct radv_prefix (florian@) ~ slaacctl.c > show address proposals in slaacdctl show interface output (florian@) ~ slaacctl.c > do not use %hhu (florian@) ~ slaacctl.c > print router preference (florian@) ~ slaacctl.c > propose and configure default gateway (florian@) slaacd ~ slaacd.c > bluhm pointed out that the prefix itself can be scoped, too. So we > need to pass around sockaddr_in6s for that, too. While here add some > more validation of what we get handed in as proposal from engine. > (florian@) ~ slaacd.c > send route label (florian@) ~ engine.c > move towards $thing proposals and attach them to iface (florian@) ~ engine.c > we need to loop over all proposals (florian@) ~ engine.c ~ slaacd.h > no longer carry addresses in struct radv_prefix (florian@) ~ engine.c > proposal state (florian@) ~ engine.c ~ engine.h ~ slaacd.c > use new address_proposal struct to generate proposals (florian@) ~ engine.c ~ engine.h ~ frontend.c ~ slaacd.c ~ slaacd.h > handle proposal ack (florian@) ~ slaacd.c > remove unused vars (florian@) ~ engine.c ~ engine.h ~ frontend.c ~ slaacd.c ~ slaacd.h > configure address on interface (florian@) ~ frontend.c > sync route socket processing to netcfgd > - handle multiple messages > - switch to get_rtaddrs() to get an array of addresses transported in > the message (florian@) ~ engine.c ~ frontend.c ~ slaacd.c ~ slaacd.h > delete proposal if address gets deleted (florian@) ~ engine.c ~ frontend.c ~ slaacd.c ~ slaacd.h > show address proposals in slaacdctl show interface output (florian@) ~ engine.c > do not use %hhu (florian@) ~ engine.c > there is no need to construct and send a proposal if we reached the > limit and just remove the list element directly afterwards (florian@) ~ engine.c > handle expiration / renewal of non-privacy addresses (florian@) ~ slaacd.c > SOCK_CLOEXEC | SOCK_NONBLOCK (florian@) ~ slaacd.c > remove unused vars (florian@) ~ Makefile ~ engine.c ~ frontend.c ~ slaacd.c ~ slaacd.h > Generate a fake ack (or is it an alternative ack?) internally. > This allows slaacd to configure addresses in the absence of > netcfgd and might be a less scary step forward to move > stateless address autoconfiguration out of the kernel. > This intentionally a compile time option and will go away > once we figure out how to do proposals. (florian@) ~ engine.c ~ slaacd.h > print router preference (florian@) ~ slaacd.h > use sizeof("constant string") to avoid magic number (florian@) ~ engine.c ~ engine.h ~ frontend.c ~ slaacd.c ~ slaacd.h > propose and configure default gateway (florian@) ~ engine.c > No need to constantly re-add the default route. It will not expire > like the prefixes. We might want to check if someone deleted the > route by hand though. (florian@) ~ engine.c > get a new privacy address before the old one expires (florian@) ~ engine.c > pasto, typos, spelling; ok florian@ (naddy@) ~ engine.c ~ engine.h ~ slaacd.c > set autoconfprivacy flag; prodding naddy (florian@) ~ engine.c ~ slaacd.c > removed if 0'ed code; it gets in the way of grepping for things (florian@) ~ slaacd.c > only mark privacy addresses as such instead of all configured addresses > ok florian@ (naddy@) slowcgi ~ slowcgi.c > Sync the severity of the syslog_* functions shared between identd, slowcgi, > tftp-proxy and tftpd to the severity used in log.c style loggers. > This also fixes an issue where syslog_err and syslog_errx logged with > different severities. > Sure deraadt@ (florian@) smtpd + smtpf_session.c > stub for the smtp filter protocol, currently always returns -1 (gilles@) ~ parse.y ~ smtp.c ~ smtpd.h ~ smtpd/Makefile > - filters are currently broken, do not allow using them until we're done > (gilles@) ~ smtpctl.8 > "update table" is for tables of type file only; ok gilles (jmc@) ~ smtpd.conf.5 > document that "for local" is the default; while here, > paste in the "table <aliases>" text; > ok gilles (jmc@) ~ mta_session.c > Fix a possible fatal() when smtpd is configured to *force* relaying over > SMTPS, that the connection succeeds, but that something causes a failure > in the TLS code path afterwards. Session gets downgraded so it can use a > plaintext connector but since it's not allowed to do so, it fatal()-s. > This didn't impact STARTTLS, only SMTPS. > Issue experienced a few times by stsp@ triggered by a suspend. > ok eric@ (gilles@) ~ lka_session.c ~ smtpd.h ~ smtpd/Makefile + mda_variables.c > move variables expansion out of lka_session into their own file, this is a > mechanical diff to simplify a bit the lka code and prepare for moving > variables outside of the lookup process into the chrooted mda process. > no functional change for now. > ok eric@ (gilles@) ~ smtpd.conf.5 > split the two "listen on" directives into two separate items; > the markup that we were using wouldn;t have worked with groff anyway > but, more worringly, it didn;t work with mandoc either; (jmc@) ~ smtpd.conf.5 > mark up "masquerade"; (jmc@) ~ smtpd.conf.5 > reinstate the description of "mask-source" to "listen on socket": my > changes > two revisions previous inadvertently removed it; > ok gilles (jmc@) syspatch ~ syspatch.sh > Shorten varname. (ajacoutot@) ~ syspatch.sh > Only install /bsd.mp on SP machines if it's already there (a default > installation will not have it). (ajacoutot@) ~ syspatch.sh > Hide sh(1) error message when /etc/installurl does not exist; we already > error out with a message in this case since _MIRROR is empty. > reported by tedu@ (ajacoutot@) ~ syspatch.sh > Also trap INT when reverting a patch. (ajacoutot@) ~ syspatch.sh > Don't fill up /tmp when installing or reverting multiple patches at once. > (ajacoutot@) ~ syspatch.sh > Preserve the modification time when install(1)ing. (ajacoutot@) ~ syspatch.sh > Fix logic. (ajacoutot@) ~ syspatch.sh > Don't try to revert the same patch in a loop if it returns an error. > (ajacoutot@) ~ syspatch.sh > When running from cron, the ftp(1) progress bar is not shown; that's all > fine > and dandy except that if there's fetch/verify error, we may not know which > syspatch caused this. So if we're not associated with a terminal, just echo > what ftp -VD would (without the progress bar). (ajacoutot@) tcpdump ~ print-pflog.c > Sync NO_PID value from kernel header to tcpdump source. It is > #ifdef _KERNEL, so it does not work automatically. This prevents > some bogus uid and pid print when dumping from pflog interface. > from Matthias Pitzl; OK deraadt@ (bluhm@) ~ pfctl_osfp.c > Catch up with pfctl/pfctl_osfp.c, no binary change. > OK deraadt@ (akfaew@) ~ pfctl_osfp.c > Reduce differences between the two pfctl_osfp.c files. > Apply three commits from pfctl/pfctl_osfp.c > OK bluhm@ (akfaew@) tftp-proxy ~ tftp-proxy.c > Sync the severity of the syslog_* functions shared between identd, slowcgi, > tftp-proxy and tftpd to the severity used in log.c style loggers. > This also fixes an issue where syslog_err and syslog_errx logged with > different severities. > Sure deraadt@ (florian@) tftpd ~ tftpd.c > Sync the severity of the syslog_* functions shared between identd, slowcgi, > tftp-proxy and tftpd to the severity used in log.c style loggers. > This also fixes an issue where syslog_err and syslog_errx logged with > different severities. > Sure deraadt@ (florian@) traceroute ~ traceroute.c > move as many globals as possible into the main function - thats the > only place where they are used. > Only exception: v6flags - make it an argument to usage() > ok florian@ (benno@) ~ traceroute.c ~ traceroute.h ~ worker.c > introduce struct tr_conf to keep all of the configuration. > Functions needing access to any of those vars get it passed as a parameter. > result: even less global vars. > ok florian@ (benno@) ~ traceroute.c ~ traceroute.h ~ worker.c > check_tos() gets a parameter so i can remove another global var. > ok florian@ (benno@) ~ traceroute.c ~ traceroute.h > style(9) some variable declarations > ok florian@ (benno@) user ~ user.c > Remove 2 unused parameters from copydotfiles function > While here sort headers and add missing prototypes > OK tb@ (mestre@) vmd ~ virtio.c > use pread and pwrite to save code and syscalls. ok mlarkin (tedu@) ~ vm.c > SVM: add some exit types > Also, fix a comment that wasn't applicable anymore, and change a format > from decimal to hex (mlarkin@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
