OpenBSD src changes summary for 2017-06-04 to 2017-06-11 inclusive ==================================================================
Makefile.cross bin/chmod bin/csh distrib/sets distrib/syspatch etc/MAKEDEV.man etc/daily etc/rc etc/rc.d/rc.subr games/fortune games/monop gnu gnu/usr.bin/binutils-2.17 gnu/usr.bin/perl lib/libc lib/libcrypto lib/libkeynote lib/libssl lib/libz libexec/ld.so regress/bin regress/sys regress/usr.bin regress/usr.sbin sbin/dhclient sbin/fsdb sbin/ifconfig sbin/slaacd share/man share/mk sys/arch/alpha/alpha sys/arch/alpha/conf sys/arch/alpha/include sys/arch/amd64/conf sys/arch/amd64/include sys/arch/arm64/arm64 sys/arch/arm64/conf sys/arch/armv7/conf sys/arch/armv7/stand/efiboot sys/arch/hppa/conf sys/arch/hppa/hppa sys/arch/i386/conf sys/arch/i386/i386 sys/arch/landisk/conf sys/arch/landisk/landisk sys/arch/loongson/conf sys/arch/loongson/include sys/arch/loongson/loongson sys/arch/luna88k/conf sys/arch/luna88k/dev sys/arch/macppc/conf sys/arch/mips64/include sys/arch/mips64/mips64 sys/arch/octeon/conf sys/arch/octeon/include sys/arch/octeon/octeon sys/arch/sgi/conf sys/arch/sgi/include sys/arch/sgi/sgi sys/arch/socppc/conf sys/arch/sparc64/conf sys/conf sys/dev sys/dev/ic sys/dev/isa sys/dev/pci sys/dev/pckbc sys/dev/pv sys/dev/usb sys/dev/wscons sys/kern sys/net sys/net80211 sys/netinet sys/netinet6 sys/sys usr.bin/at usr.bin/htpasswd usr.bin/ktrace usr.bin/lastcomm usr.bin/mandoc usr.bin/mkdep usr.bin/nc usr.bin/sort usr.bin/ssh usr.bin/tmux usr.sbin/adduser usr.sbin/cron usr.sbin/crunchgen usr.sbin/httpd usr.sbin/ikectl usr.sbin/installboot usr.sbin/rtadvd usr.sbin/smtpd usr.sbin/syspatch usr.sbin/tcpdump usr.sbin/vmctl usr.sbin/vmd == Makefile.cross ==================================================== 01/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/Makefile.cross Makefile.cross > Pass CC and CXX to make depend as well. As soon as we support > dependencies in the clang makefiles we need to make sure to use > a compiler that supports C++11. (patrick@) == bin =============================================================== 02/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin chmod ~ chmod.1 > X is not restricted to just the + operator; > diff from klemens nanni > confirmed by otto (jmc@) csh ~ csh.1 > missing blank before full stop, found with mandoc -Tlint (schwarze@) == distrib =========================================================== 03/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib sets ~ lists/comp/md.luna88k > Add a missing header file. > ok deraadt@ (aoyama@) syspatch ~ diff.sh > do not remove used files from the fakeroot (robert@) ~ bsd.syspatch.mk > do not add ./ to the path of the files in the tarball (robert@) ~ bsd.syspatch.mk > set BUILDUSER to build by default, this can be overwritten from the > environment (robert@) ~ bsd.syspatch.mk > a kernel errata requires a full build as well in case some headers > change so let's do a full build all the time (robert@) ~ bsd.syspatch.mk > Don't patch(1) as the 'build' user; it has no right over the src tree. > That bug was hidden because patch(1) returns '0' on that particular case. > To be fixed... > ok robert@ (ajacoutot@) == etc =============================================================== 04/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc MAKEDEV.man ~ MAKEDEV.man > Mention that the special files are created in the current working > directory. Suggested by Scott Cheloha. > discussed with jmc (tb@) daily ~ daily > Report processes that were killed due to pledge or memory access > violations in the daily mail. > OK millert@ jmc@ (bluhm@) rc ~ rc > start slaacd as early as possible, right after pf and sysctl.conf are > setup. > Input & OK deraadt@ (florian@) rc.d/rc.subr ~ rc.d/rc.subr > Fix logic in _rc_wait to properly cope with setproctitle(3) daemons. It was > a > regression from my recent rc.subr changes. > reported by deraadt@ and naddy@ : pflogd was marked as failed during boot > while > it was properly running (ajacoutot@) ~ rc.d/rc.subr > Temporarily disable the second call to rc_check until I figure out what > is going on. Should fix another case of false negative reported by sthen > (redis). (ajacoutot@) == games ============================================================= 05/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games fortune ~ fortune/fortune.c ~ strfile/strfile.c > Use proper bool types in fortune(6). > OK tb@, phessler@ (previous version) (fcambus@) monop ~ monop.6 > Correct number of players, the program enforces a range from 2 to 9. > OK tb@, jmc@ (fcambus@) == gnu =============================================================== 06/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu gnu ~ llvm/tools/clang/lib/Driver/Tools.cpp > Enable -fwrapv by default with clang to treat signed integer overflows > as defined. This is done to prevent dangerous optimisations which could > remove security critical overflow checks. > Base gcc has -fno-strict-overflow by default, with clang this is > identical to -fwrapv. > Prompted by naddy@ discovering a hang with a clang compiled i386 kernel > that was resolved with -fwrapv. > ok kettenis@ pascal@ (jsg@) usr.bin/binutils-2.17 ~ gas/config/tc-i386.c > Replace ((2 << 31) - 1) with 0xffffffff, which is equivalent but doesn't > cause a shift overflow on a 32-bit arch (i386). ok kettenis@ (naddy@) usr.bin/perl ~ cpan/File-Path/lib/File/Path.pm ~ cpan/File-Path/t/FilePathTest.pm ~ cpan/File-Path/t/Path.t ~ cpan/File-Path/t/Path_root.t ~ cpan/File-Path/t/Path_win32.t > Update to perl File::Path 2.13 for security fixes > Reccomended by upstream - jkeenan AT pobox.com > OK sthen@ (afresh1@) ~ cpan/File-Path/lib/File/Path.pm TAGGED OPENBSD_6_0 > Use fchmod to avoid a race condition in File::Path > See errata 026_perl > Commit it deraadt@ (afresh1@) ~ cpan/File-Path/lib/File/Path.pm TAGGED OPENBSD_6_1 > Use fchmod to avoid a race condition in File::Path > See errata 010_perl > Commit it deraadt@ (afresh1@) == lib =============================================================== 07/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ sys/pledge.2 > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) ~ rpc/xdr.3 > fix a sentence that used unusual terminology, the wrong macro, > and broken delimiter syntax; found with mandoc -Tlint (schwarze@) ~ gen/glob.3 > Fix broken markup of function pointer invocations; found > with mandoc -Tlint. While here, delete .Tn macros. (schwarze@) ~ sys/pledge.2 > request -> promises; from scott cheloha (jmc@) libcrypto ~ man/DH_generate_parameters.3 > repair broken markup of callback argument; found with mandoc -Tlint > (schwarze@) libkeynote ~ keynote.3 > fix imprecise .Fa markup; found with mandoc -Tlint (schwarze@) ~ keynote.4 > remove lots of bogus escaping, some of which even broke the output; > found with mandoc -Tlint (schwarze@) libssl ~ man/SSL_CTX_set_alpn_select_cb.3 ~ man/SSL_CTX_set_generate_session_id.3 > fix broken markup of callback arguments; found with mandoc -Tlint > (schwarze@) libz ~ compress.3 > Add missing .Fn markup to in() and out(); found with mandoc -Tlint. > Delete useless \*(Gt and \*(Lt while here. (schwarze@) == libexec =========================================================== 08/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec ld.so ~ i386/rtld_machine.c > For the memory operand, clang passes in an address relative to the > stack pointer. We cannot use this twice while pushing values on > the stack. Instead load the operand address into a register and > use this as base address. Use %edx since it is already marked as > clobbered. Also fixes a syntax problem for clang. > ok mlarkin@ (naddy@) ~ aarch64/ldasm.S > Remove the sigprocmask stub that has long been made unused since > the use of kbind. The code was #if 0'd anyway. > Reminded by miod@ (patrick@) == regress =========================================================== 09/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress bin - ksh/vi/Makefile - ksh/vi/config.h - ksh/vi/edit.h - ksh/vi/sh.h - ksh/vi/test_vi.c - ksh/vi/vi.sh ~ ksh/Makefile > Rewrite ksh edit mode regression tests. > Instead of calling x_vi() directly, run ksh in a pseudo tty. > This makes the process of adding tests for emacs mode simpler since the > code can > be shared. > With feedback and help from millert@ and schwarze@ (anton@) + ksh/edit/Makefile + ksh/edit/edit.c + ksh/edit/emacs.sh + ksh/edit/subr.sh + ksh/edit/vi.sh > Add new edit regress files. > Absent from my previous commit. (anton@) ~ ksh/edit/emacs.sh > Test insertion of non-ASCII characters, in particular making sure > that valid input does not cause writing invalid intermediate states > to the terminal, and that invalid input is not delayed waiting for > more input, but written through right away. > Currently failing, but expected to be fixed shortly. (schwarze@) ~ ksh/edit/emacs.sh > Test insertion of unmatched meta sequence. (anton@) sys ~ net/rtable/kern_compat.h > Update stubs to work with radix tree. (mpi@) ~ net/pf_fragment/pf.conf > To test IPv6 fragements with extension header, the pf pass rules > need an allow-opts. Otherwise pf blocks packets with option header. > (bluhm@) usr.bin ~ ssh/proto-version.sh > unbreak after sshv1 purge (djm@) ~ mdoclint/mdoclint ~ mdoclint/mdoclint.1 > Remove "new sentence, new line" detection, covered by mandoc. > OK jmc@ wiz@ (schwarze@) + lastcomm/Makefile + lastcomm/crash.c + lastcomm/LICENSE > New import: > Start with a clean /var/account/acct accounting file and turn on ~ Makefile > Link lastcomm regress to build. (bluhm@) ~ mandoc/tbl/mod/Makefile + mandoc/tbl/mod/width.in + mandoc/tbl/mod/width.out_ascii > Implement w layout specifier (minimum column width). > Improve width calculation of text blocks. > Reduces the groff/mandoc diff in Base+Xenocara by about 800 lines. > (schwarze@) ~ mdoclint/mdoclint ~ mdoclint/mdoclint.1 > delete -e and -l, now covered by mandoc; OK jmc@ wiz@ (schwarze@) ~ mandoc/mdoc/Ad/noarg.in ~ mandoc/mdoc/Ad/noarg.out_ascii ~ mandoc/mdoc/Ad/noarg.out_lint ~ mandoc/mdoc/Ad/noarg.out_markdown ~ mandoc/mdoc/An/break.in ~ mandoc/mdoc/An/break.out_lint ~ mandoc/mdoc/Aq/Makefile ~ mandoc/mdoc/Aq/empty.in ~ mandoc/mdoc/Aq/empty.out_ascii ~ mandoc/mdoc/Aq/empty.out_markdown ~ mandoc/mdoc/Aq/empty.out_utf8 ~ mandoc/mdoc/Ar/Makefile ~ mandoc/mdoc/Ar/punct.in ~ mandoc/mdoc/Ar/punct.out_ascii ~ mandoc/mdoc/Ar/punct.out_markdown ~ mandoc/mdoc/Bl/breakingIt.in ~ mandoc/mdoc/Bl/breakingIt.out_ascii ~ mandoc/mdoc/Bl/breakingIt.out_markdown ~ mandoc/mdoc/Bl/noIt.in ~ mandoc/mdoc/Bl/noIt.out_ascii ~ mandoc/mdoc/Bl/noIt.out_markdown ~ mandoc/mdoc/Brq/Makefile ~ mandoc/mdoc/Brq/empty.in ~ mandoc/mdoc/Brq/empty.out_ascii ~ mandoc/mdoc/Brq/empty.out_markdown ~ mandoc/mdoc/Bx/Makefile ~ mandoc/mdoc/Bx/args.in ~ mandoc/mdoc/Bx/args.out_ascii ~ mandoc/mdoc/Bx/args.out_markdown ~ mandoc/mdoc/Cm/noarg.in ~ mandoc/mdoc/Cm/noarg.out_ascii ~ mandoc/mdoc/Cm/noarg.out_lint ~ mandoc/mdoc/Cm/noarg.out_markdown ~ mandoc/mdoc/Dq/Makefile ~ mandoc/mdoc/Dq/empty.in ~ mandoc/mdoc/Dq/empty.out_ascii ~ mandoc/mdoc/Dq/empty.out_markdown ~ mandoc/mdoc/Dv/noarg.in ~ mandoc/mdoc/Dv/noarg.out_ascii ~ mandoc/mdoc/Dv/noarg.out_lint ~ mandoc/mdoc/Dv/noarg.out_markdown ~ mandoc/mdoc/Em/punct.in ~ mandoc/mdoc/Em/punct.out_ascii ~ mandoc/mdoc/Em/punct.out_lint ~ mandoc/mdoc/Em/punct.out_markdown ~ mandoc/mdoc/Er/noarg.in ~ mandoc/mdoc/Er/noarg.out_ascii ~ mandoc/mdoc/Er/noarg.out_lint ~ mandoc/mdoc/Er/noarg.out_markdown ~ mandoc/mdoc/Ev/noarg.in ~ mandoc/mdoc/Ev/noarg.out_ascii ~ mandoc/mdoc/Ev/noarg.out_lint ~ mandoc/mdoc/Ev/noarg.out_markdown ~ mandoc/mdoc/Fl/Makefile ~ mandoc/mdoc/Fl/punct.in ~ mandoc/mdoc/Fl/punct.out_ascii ~ mandoc/mdoc/Fl/punct.out_markdown ~ mandoc/mdoc/Fo/Makefile ~ mandoc/mdoc/Fo/punct.in ~ mandoc/mdoc/Fo/punct.out_ascii ~ mandoc/mdoc/Fo/punct.out_markdown ~ mandoc/mdoc/Ic/noarg.in ~ mandoc/mdoc/Ic/noarg.out_ascii ~ mandoc/mdoc/Ic/noarg.out_lint ~ mandoc/mdoc/Ic/noarg.out_markdown ~ mandoc/mdoc/In/noarg.in ~ mandoc/mdoc/In/noarg.out_ascii ~ mandoc/mdoc/In/noarg.out_lint ~ mandoc/mdoc/In/noarg.out_markdown ~ mandoc/mdoc/Lb/badargs.in ~ mandoc/mdoc/Lb/badargs.out_ascii ~ mandoc/mdoc/Lb/badargs.out_lint ~ mandoc/mdoc/Lb/badargs.out_markdown ~ mandoc/mdoc/Li/punct.in ~ mandoc/mdoc/Li/punct.out_ascii ~ mandoc/mdoc/Li/punct.out_lint ~ mandoc/mdoc/Li/punct.out_markdown ~ mandoc/mdoc/Lk/noarg.in ~ mandoc/mdoc/Lk/noarg.out_ascii ~ mandoc/mdoc/Lk/noarg.out_lint ~ mandoc/mdoc/Lk/noarg.out_markdown ~ mandoc/mdoc/Ms/noarg.in ~ mandoc/mdoc/Ms/noarg.out_ascii ~ mandoc/mdoc/Ms/noarg.out_lint ~ mandoc/mdoc/Ms/noarg.out_markdown ~ mandoc/mdoc/Mt/Makefile ~ mandoc/mdoc/Mt/simple.in ~ mandoc/mdoc/Mt/simple.out_ascii ~ mandoc/mdoc/Mt/simple.out_markdown ~ mandoc/mdoc/Nm/Makefile ~ mandoc/mdoc/Nm/punct.in ~ mandoc/mdoc/Nm/punct.out_ascii ~ mandoc/mdoc/Nm/punct.out_markdown ~ mandoc/mdoc/No/punct.in ~ mandoc/mdoc/No/punct.out_ascii ~ mandoc/mdoc/No/punct.out_lint ~ mandoc/mdoc/No/punct.out_markdown ~ mandoc/mdoc/Oo/Makefile ~ mandoc/mdoc/Oo/punct.in ~ mandoc/mdoc/Oo/punct.out_ascii ~ mandoc/mdoc/Oo/punct.out_markdown ~ mandoc/mdoc/Op/Makefile ~ mandoc/mdoc/Op/punct.in ~ mandoc/mdoc/Op/punct.out_ascii ~ mandoc/mdoc/Op/punct.out_markdown ~ mandoc/mdoc/Pa/Makefile ~ mandoc/mdoc/Pa/punct.in ~ mandoc/mdoc/Pa/punct.out_ascii ~ mandoc/mdoc/Pa/punct.out_markdown ~ mandoc/mdoc/Qq/Makefile ~ mandoc/mdoc/Qq/empty.in ~ mandoc/mdoc/Qq/empty.out_ascii ~ mandoc/mdoc/Qq/empty.out_markdown ~ mandoc/mdoc/Sq/Makefile ~ mandoc/mdoc/Sq/empty.in ~ mandoc/mdoc/Sq/empty.out_ascii ~ mandoc/mdoc/Sq/empty.out_markdown ~ mandoc/mdoc/Sy/punct.in ~ mandoc/mdoc/Sy/punct.out_ascii ~ mandoc/mdoc/Sy/punct.out_lint ~ mandoc/mdoc/Sy/punct.out_markdown ~ mandoc/mdoc/Ux/Makefile ~ mandoc/mdoc/Va/noarg.in ~ mandoc/mdoc/Va/noarg.out_ascii ~ mandoc/mdoc/Va/noarg.out_lint ~ mandoc/mdoc/Va/noarg.out_markdown ~ mandoc/mdoc/Vt/noarg.in ~ mandoc/mdoc/Vt/noarg.out_ascii ~ mandoc/mdoc/Vt/noarg.out_lint ~ mandoc/mdoc/Vt/noarg.out_markdown ~ mandoc/mdoc/Xr/args.in ~ mandoc/mdoc/Xr/args.out_ascii ~ mandoc/mdoc/Xr/args.out_lint ~ mandoc/mdoc/Xr/args.out_markdown + mandoc/mdoc/Aq/empty.out_lint + mandoc/mdoc/Ar/punct.out_lint + mandoc/mdoc/Brq/empty.out_lint + mandoc/mdoc/Bx/args.out_lint + mandoc/mdoc/Dq/empty.out_lint + mandoc/mdoc/Fl/punct.out_lint + mandoc/mdoc/Fo/punct.out_lint + mandoc/mdoc/Mt/simple.out_lint + mandoc/mdoc/Nm/punct.out_lint + mandoc/mdoc/Oo/punct.out_lint + mandoc/mdoc/Op/punct.out_lint + mandoc/mdoc/Pa/punct.out_lint + mandoc/mdoc/Qq/empty.out_lint + mandoc/mdoc/Sq/empty.out_lint + mandoc/mdoc/Ux/punct.in + mandoc/mdoc/Ux/punct.out_ascii + mandoc/mdoc/Ux/punct.out_lint + mandoc/mdoc/Ux/punct.out_markdown > style message about missing blank before trailing delimiter; > inspired by mdoclint(1), and jmc@ considers it useful (schwarze@) ~ mandoc/mdoc/No/punct.out_lint > Do not issue the message "no blank before trailing delimiter" for .No. > In practice, that message only matters inside .Bf, and even there, it > can occasionally be a false positive. In all other cases, it usually > is a false positive, so it is better to drop it outright. > Suggested by jmc@. (schwarze@) ~ lastcomm/Makefile > Fix a test race, wait after kill in case writing the core dump takes > a while. Adjust wrong comments. Mention regress- in program name > to make clear where violations seen in process accounting happend. (bluhm@) ~ mandoc/char/space/esct-mdoc.out_lint ~ mandoc/char/space/tab.out_lint ~ mandoc/char/space/trailing-mdoc.out_lint ~ mandoc/char/unicode/invalid.out_lint ~ mandoc/eqn/define/infinite.out_lint ~ mandoc/eqn/define/invalid.out_lint ~ mandoc/eqn/over/noarg.out_lint ~ mandoc/mdoc/Ad/noarg.out_lint ~ mandoc/mdoc/An/break.out_lint ~ mandoc/mdoc/Aq/empty.out_lint ~ mandoc/mdoc/Ar/punct.out_lint ~ mandoc/mdoc/At/invalid.out_lint ~ mandoc/mdoc/Bd/badargs.out_lint ~ mandoc/mdoc/Bd/beforeNAME.out_lint ~ mandoc/mdoc/Bd/blank.out_lint ~ mandoc/mdoc/Bd/break.out_lint ~ mandoc/mdoc/Bd/broken.out_lint ~ mandoc/mdoc/Bd/nested.out_lint ~ mandoc/mdoc/Bd/unclosed.out_lint ~ mandoc/mdoc/Bf/badargs.out_lint ~ mandoc/mdoc/Bf/break.out_lint ~ mandoc/mdoc/Bf/broken.out_lint ~ mandoc/mdoc/Bf/multiargs.out_lint ~ mandoc/mdoc/Bk/badarg.out_lint ~ mandoc/mdoc/Bk/broken.out_lint ~ mandoc/mdoc/Bl/badargs.out_lint ~ mandoc/mdoc/Bl/bareIt.out_lint ~ mandoc/mdoc/Bl/bareTa.out_lint ~ mandoc/mdoc/Bl/break.out_lint ~ mandoc/mdoc/Bl/breakingIt.out_lint ~ mandoc/mdoc/Bl/broken.out_lint ~ mandoc/mdoc/Bl/column.out_lint ~ mandoc/mdoc/Bl/empty.out_lint ~ mandoc/mdoc/Bl/emptyhead.out_lint ~ mandoc/mdoc/Bl/emptyitem.out_lint ~ mandoc/mdoc/Bl/emptytag.out_lint ~ mandoc/mdoc/Bl/noIt.out_lint ~ mandoc/mdoc/Bl/notype.out_lint ~ mandoc/mdoc/Bl/tag.out_lint ~ mandoc/mdoc/Brq/empty.out_lint ~ mandoc/mdoc/Bx/args.out_lint ~ mandoc/mdoc/Cd/noarg.out_lint ~ mandoc/mdoc/Cm/noarg.out_lint ~ mandoc/mdoc/D1/spacing.out_lint ~ mandoc/mdoc/Db/args.out_lint ~ mandoc/mdoc/Dd/badarg.out_lint ~ mandoc/mdoc/Dd/dupe.out_lint ~ mandoc/mdoc/Dd/long.out_lint ~ mandoc/mdoc/Dd/manarg.out_lint ~ mandoc/mdoc/Dd/order.out_lint ~ mandoc/mdoc/Dl/spacing.out_lint ~ mandoc/mdoc/Dq/empty.out_lint ~ mandoc/mdoc/Dt/badsec.out_lint ~ mandoc/mdoc/Dt/case.out_lint ~ mandoc/mdoc/Dt/dupe.out_lint ~ mandoc/mdoc/Dt/fourargs.out_lint ~ mandoc/mdoc/Dt/late.out_lint ~ mandoc/mdoc/Dt/missing.out_lint ~ mandoc/mdoc/Dt/noarg.out_lint ~ mandoc/mdoc/Dt/nobody.out_lint ~ mandoc/mdoc/Dt/nosec.out_lint ~ mandoc/mdoc/Dt/order.out_lint ~ mandoc/mdoc/Dv/noarg.out_lint ~ mandoc/mdoc/Em/noarg.out_lint ~ mandoc/mdoc/Em/punct.out_lint ~ mandoc/mdoc/Eo/break.out_lint ~ mandoc/mdoc/Eo/obsolete.out_lint ~ mandoc/mdoc/Eo/unclosed.out_lint ~ mandoc/mdoc/Er/noarg.out_lint ~ mandoc/mdoc/Ev/noarg.out_lint ~ mandoc/mdoc/Ex/noname.out_lint ~ mandoc/mdoc/Ex/nostd.out_lint ~ mandoc/mdoc/Fd/empty.out_lint ~ mandoc/mdoc/Fl/punct.out_lint ~ mandoc/mdoc/Fo/noarg.out_lint ~ mandoc/mdoc/Fo/nohead.out_lint ~ mandoc/mdoc/Fo/obsolete.out_lint ~ mandoc/mdoc/Fo/punct.out_lint ~ mandoc/mdoc/Fo/warn.out_lint ~ mandoc/mdoc/Ic/noarg.out_lint ~ mandoc/mdoc/In/noarg.out_lint ~ mandoc/mdoc/Lb/badargs.out_lint ~ mandoc/mdoc/Li/punct.out_lint ~ mandoc/mdoc/Lk/noarg.out_lint ~ mandoc/mdoc/Ms/noarg.out_lint ~ mandoc/mdoc/Mt/simple.out_lint ~ mandoc/mdoc/Nd/broken.out_lint ~ mandoc/mdoc/Nd/noarg.out_lint ~ mandoc/mdoc/Nm/badNAME.out_lint ~ mandoc/mdoc/Nm/badNAMEuse.out_lint ~ mandoc/mdoc/Nm/break.out_lint ~ mandoc/mdoc/Nm/broken.out_lint ~ mandoc/mdoc/Nm/punct.out_lint ~ mandoc/mdoc/No/punct.out_lint ~ mandoc/mdoc/Ns/position.out_lint ~ mandoc/mdoc/Oo/punct.out_lint ~ mandoc/mdoc/Op/break.out_lint ~ mandoc/mdoc/Op/broken.out_lint ~ mandoc/mdoc/Op/punct.out_lint ~ mandoc/mdoc/Pa/punct.out_lint ~ mandoc/mdoc/Pf/spacing.out_lint ~ mandoc/mdoc/Pp/arg.out_lint ~ mandoc/mdoc/Qq/empty.out_lint ~ mandoc/mdoc/Rs/allch.out_lint ~ mandoc/mdoc/Rs/args.out_lint ~ mandoc/mdoc/Rs/empty.out_lint ~ mandoc/mdoc/Rv/noname.out_lint ~ mandoc/mdoc/Rv/nostd.out_lint ~ mandoc/mdoc/Sh/badNAME.out_lint ~ mandoc/mdoc/Sh/before.out_lint ~ mandoc/mdoc/Sh/empty.out_lint ~ mandoc/mdoc/Sh/emptyNAME.out_lint ~ mandoc/mdoc/Sh/first.out_lint ~ mandoc/mdoc/Sh/nohead.out_lint ~ mandoc/mdoc/Sh/order.out_lint ~ mandoc/mdoc/Sh/orderNAME.out_lint ~ mandoc/mdoc/Sh/parbefore.out_lint ~ mandoc/mdoc/Sh/parborder.out_lint ~ mandoc/mdoc/Sh/punctNAME.out_lint ~ mandoc/mdoc/Sh/subbefore.out_lint ~ mandoc/mdoc/Sm/badarg.out_lint ~ mandoc/mdoc/Sm/twoarg.out_lint ~ mandoc/mdoc/Sq/empty.out_lint ~ mandoc/mdoc/St/badargs.out_lint ~ mandoc/mdoc/St/call.out_lint ~ mandoc/mdoc/Sx/noarg.out_lint ~ mandoc/mdoc/Sy/noarg.out_lint ~ mandoc/mdoc/Sy/punct.out_lint ~ mandoc/mdoc/Tn/noarg.out_lint ~ mandoc/mdoc/Ud/arg.out_lint ~ mandoc/mdoc/Ux/punct.out_lint ~ mandoc/mdoc/Va/noarg.out_lint ~ mandoc/mdoc/Vt/noarg.out_lint ~ mandoc/mdoc/Xr/args.out_lint ~ mandoc/mdoc/blank/comment.out_lint ~ mandoc/mdoc/blank/line.out_lint ~ mandoc/mdoc/blank/list.out_lint ~ mandoc/mdoc/break/brokenbreaker.out_lint ~ mandoc/mdoc/break/notopen.out_lint ~ mandoc/mdoc/break/tail.out_lint ~ mandoc/mdoc/break/twice.out_lint ~ mandoc/mdoc/break/two.out_lint ~ mandoc/roff/args/mdoc.out_lint ~ mandoc/roff/de/escname.out_lint ~ mandoc/roff/de/indir.out_lint ~ mandoc/roff/de/infinite.out_lint ~ mandoc/roff/esc/B.out_lint ~ mandoc/roff/esc/h.out_lint ~ mandoc/roff/esc/ignore.out_lint ~ mandoc/roff/esc/w.out_lint ~ mandoc/roff/ft/badargs-mdoc.out_lint ~ mandoc/roff/ig/basic.out_lint ~ mandoc/roff/it/badarg.out_lint ~ mandoc/roff/string/name.out_lint > churn caused by the new Mdocdate messages, no easy way to avoid this :( > (schwarze@) usr.sbin ~ syslogd/args-client-multilisten.pl > Start syslogd with -rr. With different timing the order of messages > changed. Then a "last message repeated" confused the test. (bluhm@) == sbin ============================================================== 10/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ conflex.c ~ dhcpd.h ~ parse.c > Nuke unused global warnings_occurred. (krw@) ~ clparse.c ~ dhcpd.h > Nuke unused field bootp_policy and associated enum{}. (krw@) fsdb ~ fsdb.8 > missing space before trailing punctuation; found with mandoc -Tlint > (schwarze@) ifconfig ~ ifconfig.c > remove vlan(4) specific output handling > vlan(4) now understands the generic vnetid and ifparent ioctls, so > this is redundant. > ok henning@ (dlg@) ~ ifconfig.c > make vnetid and parent commands available in SMALL ifconfigs. > the code behind the commands has been built on SMALL forever, this just > moves it available in the cmd table. the binary doesnt change size. (dlg@) ~ ifconfig.8 > update the VLAN doco. > the parameters are parent and vnetid, not vlandev and vlan. svlan(4) is > also a thing. > ok jmc@ (dlg@) ~ brconfig.c > Fix clang warning about tautological compare: an unsigned long can't > be negative. ok deraadt@ (naddy@) ~ ifconfig.8 > use the same formatting for vlan as the rest of the page; ok dlg (jmc@) ~ ifconfig.8 > consistently use lowercase suffixes for 802.1 things. > eg, 802.1x, 802.1q, and 802.1ad (dlg@) ~ ifconfig.8 ~ ifconfig.c > remove the timeslot code, it was only for now deleted T1 devices. > ok sthen (tedu@) ~ ifconfig.8 > turns out the case of 802.1 suffixes is significant. fix up 802.1X and Q. > pointed out by jsg@ (dlg@) slaacd ~ slaacd.h > We are going to start slaacd(8) much earlier, before /var is even > mounted. Move control socket to /dev for now. > Input & OK deraadt@ (florian@) == share ============================================================= 11/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man7/roff.7 > Pure preprocessor implementation of the roff(7) .ec and .eo requests > (escape character control), touching nothing after the preprocessing > stage and keeping even the state variable local to the preprocessor. > Since the escape character is also used for line continuation, this > requires pulling the implementation of line continuation from the > input reader to the preprocessor, which also considerably shortens > the code required for that. > When the escape character is changed, simply let the preprocessor > replace bare by escaped backslashes and instances of the non-standard > escape character with bare backslashes - that's all we need. > Oh, and if anybody dares to use these requests in OpenBSD manuals, > sending a medium-sized pack of axe-murderes after them might be a > worthwhile part of the punishment, but probably insuffient on its own. > (schwarze@) ~ man7/roff.7 > Implement the roff(7) .mc (right margin character) request. > The Tcl/Tk manual pages use this extensively. > Delete the TERM_MAXMARGIN hack, it breaks .mc inside .nf; > instead, implement a proper TERMP_BRNEVER flag. (schwarze@) ~ man5/bsd.port.mk.5 > initial docs for COMPILER_WRAPPER and COMPILER_LINKS (sthen@) ~ man8/release.8 > Show usage of sysmerge and MAKEDEV instead of just mentioning them. > From Scott Cheloha, thanks. > ok jmc and positive feedback from several (tb@) ~ man8/man8.alpha/MAKEDEV.8 ~ man8/man8.amd64/MAKEDEV.8 ~ man8/man8.arm64/MAKEDEV.8 ~ man8/man8.armv7/MAKEDEV.8 ~ man8/man8.hppa/MAKEDEV.8 ~ man8/man8.i386/MAKEDEV.8 ~ man8/man8.landisk/MAKEDEV.8 ~ man8/man8.loongson/MAKEDEV.8 ~ man8/man8.luna88k/MAKEDEV.8 ~ man8/man8.macppc/MAKEDEV.8 ~ man8/man8.octeon/MAKEDEV.8 ~ man8/man8.sgi/MAKEDEV.8 ~ man8/man8.socppc/MAKEDEV.8 ~ man8/man8.sparc64/MAKEDEV.8 > regen (tb@) ~ man1/clang-local.1 > mention -fwrapv being on by default (jsg@) ~ man7/roff.7 > Minimal implementation of the roff(7) .ce request (center a number > of input lines without filling). > Contrary to groff, high-level macros abort .ce mode for now. (schwarze@) ~ man7/roff.7 > Implement the roff(7) .rn (rename macro or string) request. > Renaming a user-defined macro is very simple: just copy > the definition to the new name and delete the old name. > Renaming high-level macros is a bit tricky: use a dedicated > key-value-table, with non-standard names as keys and standard > names as values. When a macro is found that is not user-defined, > look it up in the "renamed" table and translate it back to the > standard name before passing it on to the high-level parsers. (schwarze@) ~ man4/vlan.4 > consistently use lowercase for the 802.1 suffixes. (dlg@) ~ man9/RBT_INIT.9 > add RBT_SET_LEFT, RBT_SET_RIGHT, and RBT_SET_PARENT > this are provided so an RBT and it's topology can be copied without > having to reinsert the copied nodes into a new tree. > there are two reasons RBT_LEFT/RIGHT/PARENT macros cant be used like > RB_LEFT/RIGHT/PARENT for this. firstly, RBT_LEFT and co are functions that > return a pointer value, they dont provide access to the pointer > itself for use as an lvalue that you can assign to. secondly, RBT > entries dont store pointers to other nodes, they point to the > RBT_ENTRY structures inside other nodes. this means that RBT_SET_LEFT > and co have to get an offset from the node to the RBT_ENTRY and > store that. (dlg@) ~ man4/gre.4 > wrec.org is dead. Use working links instead. > patch from jj, found by "Norrland" on icb. Thanks! (tb@) ~ man5/pf.conf.5 > clarify set prio: the second prio given applies to > 1) TCP ACKs > 2) packets with ToS=lowdelay > and not TCP ACKs that have ToS=lowdelay > confusion discovered during bsdcan pf tutorial (henning@) ~ man5/acct.5 > ASLR, W^X, and guard pages trigger processor traps that result in > SIGILL, SIGBUS, SIGSEGV signals. Make such memory violations visible > in lastcomm(1). This also works if a programm tries to hide them > with a signal handler. Manual kill -SEGV does not generate false > positives. > OK deraadt@ (bluhm@) ~ man7/tbl.7 > Implement w layout specifier (minimum column width). > Improve width calculation of text blocks. > Reduces the groff/mandoc diff in Base+Xenocara by about 800 lines. > (schwarze@) ~ man4/vlan.4 > turns out the case on 802.1 suffixes is significant. fix 802.1Q > pointed out by jsg@ (dlg@) ~ man5/bsd.port.mk.5 > use mandoc annotations for flags and such (espie@) ~ man5/bsd.port.mk.5 > perl(1)'s ... (espie@) ~ man8/daily.8 > Report processes that were killed due to pledge or memory access > violations in the daily mail. > OK millert@ jmc@ (bluhm@) ~ man1/gcc-local.1 > improve semantic markup for __attribute__ (schwarze@) ~ man7/mdoc.7 ~ man7/roff.7 > minor markup simplifications (schwarze@) ~ man8/diskless.8 > make two macros more semantic (schwarze@) ~ man9/fork1.9 > missing .Fn macros; found with mandoc -Tlint (schwarze@) mk ~ bsd.dep.mk > pass better arguments to mkdep. > - some std= parameters are actually critical, -std=c++11 makes a huge > difference for clang. > - explicitly ask mkdep to run the C++ compiler for C++ code, as again, > some compilers will see the difference. > (this should allow us to repair make depend under src/gnu/usr.bin/clang) > okay kettenis@ (espie@) ~ bsd.lib.mk > exclude more objects from the readelf output when building syspatches > (needed on i386) (robert@) ~ bsd.lib.mk > make sure there are no duplicate object files linked when building > syspatches (robert@) == sys =============================================================== 12/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/alpha ~ autoconf.c ~ locore.s + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because alpha (insecurely in my view) runs in the KSEG0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which is gone. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/alpha/conf ~ Makefile.alpha > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.alpha ~ files.alpha > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because alpha (insecurely in my view) runs in the KSEG0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which is gone. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) ~ Makefile.alpha > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.alpha > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/alpha/include ~ param.h > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because alpha (insecurely in my view) runs in the KSEG0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which is gone. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/amd64/conf ~ Makefile.amd64 > Create gap.* with umask 007 instead of 077 to make kernel builds after > make release work without prior cleanup. > discussed with deraadt (tb@) ~ Makefile.amd64 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.amd64 > use same idiom as other Makefiles (deraadt@) ~ Makefile.amd64 > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.amd64 > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/amd64/include ~ bus.h > Re-arrange struct bus_dmamap members > This reduces holes/padding and makes the struct smaller by 8 bytes. > ok kettenis@ (sf@) arch/arm64/arm64 ~ autoconf.c ~ locore.S + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, unmap the early startup code. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which has been unmapped. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. > With guidance and ok deraadt@ (patrick@) ~ locore.S > Remove comment that no longer is true. esym is not written by our > bootloader anymore, so it doesn't matter where it is stored. While > there do some whitespace cleanup. (patrick@) arch/arm64/conf ~ Makefile.arm64 ~ files.arm64 > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, unmap the early startup code. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code, > which has been unmapped. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. > With guidance and ok deraadt@ (patrick@) ~ Makefile.arm64 > Create gap.* with umask 007 instead of 077 to make kernel builds after > make release work without prior cleanup. > discussed with deraadt (tb@) ~ Makefile.arm64 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.arm64 > track permissions of original file (deraadt@) ~ Makefile.arm64 > correct the depend list of a target introduced in rev 1.9 > from deraadt@ (jsg@) ~ Makefile.arm64 > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.arm64 > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/armv7/conf ~ Makefile.armv7 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.armv7 > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.armv7 > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/armv7/stand/efiboot ~ exec.c > Remove esym (.data) patching. Thanks to Mark we stopped requiring this > and with the random-order kernel we shouldn't be doing that anyway. > ok kettenis@ (patrick@) arch/hppa/conf ~ Makefile.hppa > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ ld.script > Increase kernel size, by pushing rodata 1MB forward, from 5MB to 6MB. > This seems to satisfy the BTLB granularity. Good enough for now. > ok kettenis (deraadt@) ~ Makefile.hppa ~ files.hppa > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > The bootstrap code will need smashing because it is mapped by BLTB, > but this is a bit involved so not done yet. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code > (which will be gone when it is smashed). > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) ~ Makefile.hppa > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.hppa > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/hppa/hppa ~ locore.S + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > The bootstrap code will need smashing because it is mapped by BLTB, > but this is a bit involved so not done yet. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. The only known offsets are in the startup code > (which will be gone when it is smashed). > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (deraadt@) arch/i386/conf ~ Makefile.i386 > Create gap.* with umask 007 instead of 077 to make kernel builds after > make release work without prior cleanup. > discussed with deraadt (tb@) ~ Makefile.i386 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.i386 > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.i386 > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/i386/i386 ~ acpi_wakecode.S ~ mptramp.s > Catch up with changes made on amd64 (kettenis@): > Generating mixed 16-bit/32-bit/64-bit code with clang's integrated > assembler is a bit tricky. It supports the .code16, .code32 and > .code64 directives. But it doesn't know about the data16/data32 and > addr16/addr32 instruction prefixes. Instead it tries to determine > those from the instruction opcode. It mostly succeeds, but there are > a couple of corner cases where clang will generate the "addr32" form > where gas generates the "addr16" form in .code16 segments. That > should be no problem (and just waste a couple of bytes), but it makes > comparing the generated code a bit difficult. > Allow the trampoline code to be compiled with both. For clang #define > away the addr32 prefix and avoid using the data32 prefix by using a > mnemonic that explicitly encodes the size of the operand. Add a few > addr32 prefixes in .code16 blocks to reduce the differences between > code generated by clang and gas. > ok deraadt@ (naddy@) arch/landisk/conf ~ Makefile.landisk ~ files.landisk > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > I haven't worked on the unmap/smashing of the startup code yet. (deraadt@) ~ Makefile.landisk > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.landisk > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/landisk/landisk ~ locore.S + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > I haven't worked on the unmap/smashing of the startup code yet. (deraadt@) arch/loongson/conf ~ Makefile.loongson > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.loongson ~ files.loongson > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because loongson runs in the kseg0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (visa@) ~ Makefile.loongson > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.loongson > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/loongson/include ~ intr.h > Define register_splx_handler() in one place. (visa@) arch/loongson/loongson ~ autoconf.c ~ locore.S + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because loongson runs in the kseg0 space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (visa@) ~ autoconf.c > Move loongson/octeon/sgi unmap_startup() under arch/mips64. (visa@) arch/luna88k/conf ~ Makefile.luna88k > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.luna88k > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.luna88k > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/luna88k/dev ~ lunaws.c ~ sio.c ~ siotty.c ~ siovar.h > Sync with current NetBSD/luna68k code. (aoyama@) ~ lunaws.c ~ siotty.c > Use software interrupt to process TX/RX data between sio and tty(4) > layer. > This is a straightforwad port of current NetBSD/luna68k implementation > by Izumi Tsutsui. Tested on both LUNA-88K and LUNA-88K2. (aoyama@) arch/macppc/conf ~ Makefile.macppc > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.macppc > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/mips64/include ~ autoconf.h > Move loongson/octeon/sgi unmap_startup() under arch/mips64. (visa@) ~ cpu.h ~ mips_cpu.h > Fix TLB size computation on OCTEON II and III. The CPUs have utilized > the whole TLB space even before this. However, TLB initialization on > boot and TLB flush on ASID wraparound have been incomplete. These have > caused crashes of processes. (visa@) arch/mips64/mips64 ~ mips64_machdep.c > Move loongson/octeon/sgi unmap_startup() under arch/mips64. (visa@) ~ mips64r2.S > Fix TLB size computation on OCTEON II and III. The CPUs have utilized > the whole TLB space even before this. However, TLB initialization on > boot and TLB flush on ASID wraparound have been incomplete. These have > caused crashes of processes. (visa@) ~ interrupt.c > Define register_splx_handler() in one place. (visa@) arch/octeon/conf ~ Makefile.octeon > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.octeon ~ files.octeon > Randomize the link order of .o files in the kernel on octeon. > Unlike on some other architectures, it is not possible to unmap > the early boot code. Instead, the code is smashed during boot. > Input from deraadt@ (visa@) ~ Makefile.octeon > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.octeon > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/octeon/include ~ intr.h > Define register_splx_handler() in one place. (visa@) arch/octeon/octeon ~ locore.S + locore0.S > Randomize the link order of .o files in the kernel on octeon. > Unlike on some other architectures, it is not possible to unmap > the early boot code. Instead, the code is smashed during boot. > Input from deraadt@ (visa@) ~ autoconf.c ~ locore.S > Implement startup smashing in C. The code should be moved > under arch/mips64 once loongson and sgi have gap.o. > Discussed with deraadt@ (visa@) ~ locore.S > Remove code that is not needed right now. (visa@) ~ autoconf.c > Move loongson/octeon/sgi unmap_startup() under arch/mips64. (visa@) ~ locore.S ~ locore0.S > Wrap startup code with .ent and .end for proper disassembly. (visa@) ~ machdep.c > Add a memory barrier to ensure that stores become visible > in a proper order. (visa@) ~ machdep.c > Fix TLB size computation on OCTEON II and III. The CPUs have utilized > the whole TLB space even before this. However, TLB initialization on > boot and TLB flush on ASID wraparound have been incomplete. These have > caused crashes of processes. (visa@) arch/sgi/conf ~ Makefile.sgi > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.sgi ~ files.sgi > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because sgi runs in the kseg0 or xkphys space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (visa@) ~ Makefile.sgi > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.sgi > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/sgi/include ~ intr.h > Define register_splx_handler() in one place. (visa@) arch/sgi/sgi ~ autoconf.c ~ locore.S + locore0.S > Split early startup code out of locore.S into locore0.S. Adjust link > run so that this locore0.o is always at the start of the executable. > But randomize the link order of all other .o files in the kernel, so > that their exec/rodata/data/bss segments land all over the place. > Late during kernel boot, smash the startup code with traps so that > it does not point to the other randomly placed code. It has be smashed, > because sgi runs in the kseg0 or xkphys space. > As a result, the internal layout of every newly build bsd kernel is > different from past kernels. Internal relative offsets are not known > to an outside attacker. > Ramdisk kernels cannot be compiled like this, because they are gzip'd. > When the internal pointer references change, the compression dictionary > bloats and results in poorer compression. (visa@) ~ autoconf.c > Move loongson/octeon/sgi unmap_startup() under arch/mips64. (visa@) arch/socppc/conf ~ Makefile.socppc > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.socppc > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) arch/sparc64/conf ~ Makefile.sparc64 > The arm* architectures edit the ld.script, creating a copy in the compile > directories. Copy it in the same way on other architectures, for the same > effect. Something upcoming will want that file there anyways. (deraadt@) ~ Makefile.sparc64 > Use umask 077 instead of cp -p when installing the kernel as root. > Otherwise owner of /bsd could be the build user with permissions > inherited from the compile directory. > OK deraadt@ tb@ (bluhm@) ~ Makefile.sparc64 > make vers.o not depend on gap.o using a trick, because it is piece of > fiction participating only in the linkphase. > tricks from rpe and espie (deraadt@) conf ~ makegap.sh > Don't need to provide a padbyte value for .bss, it will always be 0 > pointed out by kettenis (deraadt@) ~ makegap.sh > Avoid use of _C_LABEL, since it is not portable to all our architectures. > And anyways, everything is ELF now. (deraadt@) ~ makegap.sh > include machine/param.h before machine.asm.h because uhm alpha. (deraadt@) dev ~ softraid.c > Provide sufficient info in error messages to identify > softraid volume and backing disk when i/o errors occur. > Original issue reported by Paul de Weerd. > Suggestions from jsing@. > ok deraadt@ mikeb@ (krw@) dev/ic ~ qla.c ~ qlareg.h ~ qlavar.h > use byte swapping loads and stores. > shrinks the code a bit on sparc64. > ok jmatthew@ (dlg@) ~ gem.c > make the gem tx path MPSAFE. > this mostly follows the pattern in ifq.h > ok jmatthew@ (dlg@) ~ sti.c > integer overflow for two range checks > fix from C Turt, ok miod (deraadt@) dev/isa ~ if_eg.c > Remove unused function, as pointed out by clang. ok deraadt@ kettenis@ > (naddy@) ~ if_ex.c > fix a bungled logical/bitwise expression pointed out by clang; ok deraadt@ > (naddy@) dev/pci ~ if_sk.c > use htolem32 and lemtoh32 instead of htole32 and letoh32. > saves about half a k on sparc64. (dlg@) ~ drm/ttm/ttm_bo.c ~ drm/ttm/ttm_bo_api.h ~ drm/ttm/ttm_bo_driver.h ~ drm/ttm/ttm_bo_manager.c ~ drm/ttm/ttm_bo_util.c ~ drm/ttm/ttm_bo_vm.c > Switch the TTM code over to the generic DRM VMA manager. > ok jsg@ (kettenis@) ~ drm/radeon/radeon_object.h > Switch the radeondrm(4) driver over to TTM using the new DRM VMA manager. > ok jsg@ (kettenis@) ~ if_iwm.c > Fix the resume code path in iwm(4) to no longer call iwm_stop() before > initializing the hardware. Prevents "acquiring device failed" messages > during resume. Also, start the hardware up in DVACT_RESUME already and > verify that it has started by the time we reach DVACT_WAKEUP, before > scheduling the iwm_init_task which loads firmware etc. > With help from deraadt@ > test & ok tb@ (stsp@) ~ if_iwm.c > Introduce iwm_nic_assert_locked() to verify that the driver has correctly > requested MAC access before accessing certain registers, as required > by the hardware. > Use it to assert that hardware is still in an accessible state before > reading or writing such a register. For now, panic if that check fails. > The long term goal is to make this a non-fatal error and handle it properly > in all code paths that end up reading or writing such a register. > Fix a missing NIC lock on 8000 hardware, found by this new assertion. > Also, grab the NIC lock early during hardware init and keep it until init > is done. The previous code relinquished and reacquired the NIC lock several > times during the init sequence. It seems this is what was causing some > random > errors when the interface was brought up, such as "could not enable Tx > queue", > "could not add aux station", and "could not add phy context". > For some reason, bsd.rd kernels were suffering particularly hard from such > problems, to the point where some machines could not be upgraded over > iwm(4). > This change does not eliminate such problems entirely but is a step > forward. > Prodded by deraadt@ > This change has already been in snaps for a while. (stsp@) ~ if_xge.c > Convert to ifq_dequeue and perform m_defrag if the mbuf doesn't fit > With suggestions from and OK dlg (mikeb@) dev/pckbc ~ pms.c > Set the weak variant of hysteresis as default. (bru@) dev/pv ~ vmt.c > update link to Ken Kato's vmware backdoor protocol documentation > from Seth Jackson (jmatthew@) ~ xbf.c > Call xbf_intr for polled transfers that can't sleep (mikeb@) ~ xbf.c > Rewrite the driver to handle 64kb transfers > Although several codepaths in the kernel such as coredump > and buffercache read-ahead feature assume that underlying > hardware is capable of handling 64kb transfers without any > issues, xbf was setup to rely on a single descriptor per > transfer which limited the maximum size of an individual > transfer to 11 4k segments amounting to 44k bytes. > To avoid overbooking, a metadata object is allocated for > each transfer to keep track of associated descriptors > limiting the maximum amount of outstanding transfers to > half the ring size. > The issue was reported by Dan Cross <crossd at gmail.com>, > thanks! (mikeb@) ~ xbf.c > Acquire submit queue mutex only once per xbf_complete_cmd invocation > and remove some leftover assertions. (mikeb@) ~ if_xnf.c > Remove a WAITOK that has sneaked in (mikeb@) ~ if_xnf.c > Fill RX ring during init and bail early on send if OACTIVE is set > or IFF_RUNNING is not. (mikeb@) dev/usb ~ usbdevs > Sort DLINK section and add USB device ID of D-Link DWA-131 rev E1. > ok stsp@ (kevlo@) ~ ukbdmap.c ~ usbdevs.h ~ usbdevs_data.h > Regen. (kevlo@) ~ ubcmtp.c > Set the weak variant of hysteresis as default. (bru@) ~ if_urndis.c > Pass M_CANFAIL to malloc(9) calls which use M_WAITOK but are tested > for failure. > ok armani@ (kevlo@) dev/wscons ~ wsconsio.h ~ wstpad.c > Add support for tap gestures. (bru@) ~ wsmouseinput.h > Set the weak variant of hysteresis as default. (bru@) kern ~ kern_malloc.c > Assert that the calling CPU is holding the KERNEL_LOCK() in malloc(9) > and free(9). > The exception is at early boot when only one CPU is running since we > grab the KERNL_LOCK() relatively late in main(). > ok kettenis@ (mpi@) ~ uipc_socket2.c > Assert that the KERNEL_LOCK() is held when messing with routing, > pfkey and unix sockets. > ok claudio@ (mpi@) ~ kern_pledge.c > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) ~ subr_tree.c > add RBT_SET_LEFT, RBT_SET_RIGHT, and RBT_SET_PARENT > this are provided so an RBT and it's topology can be copied without > having to reinsert the copied nodes into a new tree. > there are two reasons RBT_LEFT/RIGHT/PARENT macros cant be used like > RB_LEFT/RIGHT/PARENT for this. firstly, RBT_LEFT and co are functions that > return a pointer value, they dont provide access to the pointer > itself for use as an lvalue that you can assign to. secondly, RBT > entries dont store pointers to other nodes, they point to the > RBT_ENTRY structures inside other nodes. this means that RBT_SET_LEFT > and co have to get an offset from the node to the RBT_ENTRY and > store that. (dlg@) ~ subr_tree.c > use unsigned long instead of caddr_t to move between nodes and entries. > this removes the need for sys/param.h. this code can be built with > only sys/tree.h, which in turn only needs sys/_null.h. (dlg@) ~ subr_tree.c > make rb_n2e return a struct rb_entry *, not void * > maybe this will help prevent misassignment in the future. (dlg@) ~ kern_sig.c > ASLR, W^X, and guard pages trigger processor traps that result in > SIGILL, SIGBUS, SIGSEGV signals. Make such memory violations visible > in lastcomm(1). This also works if a programm tries to hide them > with a signal handler. Manual kill -SEGV does not generate false > positives. > OK deraadt@ (bluhm@) net ~ pf.c ~ pf_ioctl.c ~ pf_norm.c ~ pfvar_priv.h > - let's add PF_LOCK() > to enable PF_LOCK(), you must add 'option WITH_PF_LOCK' to your kernel > configuration. The code does not do much currently it's just the very > small step towards MP. > O.K. henning@, mikeb@, mpi@ (sashan@) ~ pfkeyv2_convert.c > Fix build without PF. (mpi@) ~ if_etherip.c > Do not rely on <net/rtable.h> beeing included by other headers. > Fix build without PF, PIPEX nor IPSEC. (mpi@) ~ pipex.c > Update panic strings, pipex no longer use rn_inithead0(). (mpi@) ~ route.c > Grab the KERNEL_LOCK() around rtm*() functions. Routing sockets globals > aren't protected by the NET_LOCK(). > While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK() > is enough. > Tested by Hrvoje Popovski. > ok jmatthew@, claudio@ (mpi@) ~ route.c ~ route.h ~ rtsock.c > Replace rtrequest(RTM_DELETE...) rtrequest_delete() and do not even > try to remove a route from the table if it is and invalid cache. > This is a step towards decoupling code dealing with userland and kernel > inserted routes. > ok bluhm@ (mpi@) ~ if_pfsync.c > - pfsync_input() must grab PF_LOCK > reported and patch tested by Hrvoje Popovski > O.K. bluhm@ (sashan@) net80211 ~ ieee80211_input.c ~ ieee80211_node.c > Add sizes for free for the RSN IEs. Rewrite ieee80211_save_ie() slightly > to make it more readable. > help, many explanations and ok stsp (tb@) netinet ~ in_pcb.c > Grab the KERNEL_LOCK() around rtm*() functions. Routing sockets globals > aren't protected by the NET_LOCK(). > While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK() > is enough. > Tested by Hrvoje Popovski. > ok jmatthew@, claudio@ (mpi@) ~ in_pcb.c > Replace rtrequest(RTM_DELETE...) rtrequest_delete() and do not even > try to remove a route from the table if it is and invalid cache. > This is a step towards decoupling code dealing with userland and kernel > inserted routes. > ok bluhm@ (mpi@) ~ ip_ipip.c > Use a common 'goto bad' style and set mp to NULL after freeing it > in ipip_input_gif(). This prevents a use-after-free if there is a > bug in the IP input functions. > OK mpi@ (bluhm@) netinet6 ~ nd6_rtr.c > Grab the KERNEL_LOCK() around rtm*() functions. Routing sockets globals > aren't protected by the NET_LOCK(). > While here change lock assertions in rt_{set,put}gwroute(), the NET_LOCK() > is enough. > Tested by Hrvoje Popovski. > ok jmatthew@, claudio@ (mpi@) ~ nd6_nbr.c > Notify userland when a new ND is reachable. > The same notification is already present in ARP. > From Jan Klemkow, ok bluhm@ (mpi@) ~ nd6_rtr.c > Replace rtrequest(RTM_DELETE...) rtrequest_delete() and do not even > try to remove a route from the table if it is and invalid cache. > This is a step towards decoupling code dealing with userland and kernel > inserted routes. > ok bluhm@ (mpi@) sys ~ acct.h > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) ~ tree.h > add RBT_SET_LEFT, RBT_SET_RIGHT, and RBT_SET_PARENT > this are provided so an RBT and it's topology can be copied without > having to reinsert the copied nodes into a new tree. > there are two reasons RBT_LEFT/RIGHT/PARENT macros cant be used like > RB_LEFT/RIGHT/PARENT for this. firstly, RBT_LEFT and co are functions that > return a pointer value, they dont provide access to the pointer > itself for use as an lvalue that you can assign to. secondly, RBT > entries dont store pointers to other nodes, they point to the > RBT_ENTRY structures inside other nodes. this means that RBT_SET_LEFT > and co have to get an offset from the node to the RBT_ENTRY and > store that. (dlg@) ~ tree.h > remove the _rb_color prototype in RBT, it's unused/unimplimented (dlg@) ~ acct.h > ASLR, W^X, and guard pages trigger processor traps that result in > SIGILL, SIGBUS, SIGSEGV signals. Make such memory violations visible > in lastcomm(1). This also works if a programm tries to hide them > with a signal handler. Manual kill -SEGV does not generate false > positives. > OK deraadt@ (bluhm@) == usr.bin =========================================================== 13/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin at ~ at.c > In cron(8), require that crontab and at files in the spool be owned > by group crontab. The at(1) command now creates files owned by > group crontab, the crontab(1) command already does this. > Files in the crontab spool with parse errors are now ignored; > crontab(1) will not install a crontab file with parse errors. > The system crontab file (/etc/crontab) is not affected by this. > The required permissions on crontab files have been tightened. > Files in the cron spool must be mode 0600 (as created by crontab(1)). > The system crontab file may be readable/writable by the owner, > readable by group and readable by other. The system crontab must > be readable by the owner. (millert@) htpasswd ~ htpasswd.c > htpasswd: use crypt_newhash instead of the bcrypt API > man bcrypt states: > These functions are deprecated in favor of crypt_checkpass(3) and > crypt_newhash(3). > hence with this change we move htpasswd to the new API, while here > also change the rounds from a hardcoded 8 to automatic selection based > on system performance. > OK florian@ (awolk@) ktrace ~ ktrace.c > usr/bin/ktrace: replace snprintf(3)/write(2) with dprintf(3) > Brought to attention by BlackFrog on #openbsd-daily > OK deraadt@ (awolk@) lastcomm ~ lastcomm.1 ~ lastcomm.c > Add an acct(5) flag for pledge violations. Then lastcomm(1) shows > when something went wrong. This allows to monitor whether the > system is under attack and that the attack has been prevented by > OpenBSD pledge(2). > OK deraadt@ millert@ jmc@ (bluhm@) ~ lastcomm.1 ~ lastcomm.c > ASLR, W^X, and guard pages trigger processor traps that result in > SIGILL, SIGBUS, SIGSEGV signals. Make such memory violations visible > in lastcomm(1). This also works if a programm tries to hide them > with a signal handler. Manual kill -SEGV does not generate false > positives. > OK deraadt@ (bluhm@) mandoc ~ read.c ~ roff.c > Pure preprocessor implementation of the roff(7) .ec and .eo requests > (escape character control), touching nothing after the preprocessing > stage and keeping even the state variable local to the preprocessor. > Since the escape character is also used for line continuation, this > requires pulling the implementation of line continuation from the > input reader to the preprocessor, which also considerably shortens > the code required for that. > When the escape character is changed, simply let the preprocessor > replace bare by escaped backslashes and instances of the non-standard > escape character with bare backslashes - that's all we need. > Oh, and if anybody dares to use these requests in OpenBSD manuals, > sending a medium-sized pack of axe-murderes after them might be a > worthwhile part of the punishment, but probably insuffient on its own. > (schwarze@) ~ man_term.c ~ mdoc_term.c ~ term.c ~ term.h > Make term_flushln() simpler and more robust: > Eliminate the "overstep" state variable. > The information is already contained in "viscol". > Minus 60 lines of code, no functional change intended. (schwarze@) ~ man_term.c ~ mdoc_man.c ~ mdoc_term.c ~ roff.c ~ roff.h ~ roff_html.c ~ roff_term.c ~ roff_validate.c ~ tbl_term.c ~ term.c ~ term.h > Implement the roff(7) .mc (right margin character) request. > The Tcl/Tk manual pages use this extensively. > Delete the TERM_MAXMARGIN hack, it breaks .mc inside .nf; > instead, implement a proper TERMP_BRNEVER flag. (schwarze@) ~ mandoc.1 ~ mandoc.h ~ mdoc_man.c ~ read.c ~ roff.c ~ roff.h ~ roff_html.c ~ roff_term.c ~ roff_validate.c > Minimal implementation of the roff(7) .ce request (center a number > of input lines without filling). > Contrary to groff, high-level macros abort .ce mode for now. (schwarze@) ~ roff.c ~ roff.h > Implement the roff(7) .rn (rename macro or string) request. > Renaming a user-defined macro is very simple: just copy > the definition to the new name and delete the old name. > Renaming high-level macros is a bit tricky: use a dedicated > key-value-table, with non-standard names as keys and standard > names as values. When a macro is found that is not user-defined, > look it up in the "renamed" table and translate it back to the > standard name before passing it on to the high-level parsers. (schwarze@) ~ term.c ~ term.h > The \h escape sequence provides another method for moving backwards, > and after that, previously written output gets overwritten, but > overwriting with blanks does *not* erase previously written content. > Yes, manual pages exist that are crazy enough to rely on that... > (schwarze@) ~ man_term.c ~ mdoc_term.c ~ roff_term.c ~ tbl_term.c ~ term.c ~ term.h ~ term_ascii.c ~ term_ps.c > Prepare the terminal driver for filling multiple columns in parallel, > first step: split column data out of the terminal state struct into > a new column state struct and use an array of such column state > structs. No functional change. (schwarze@) ~ term.c ~ term.h > Prepare the terminal driver for filling multiple columns in parallel, > second step: make the per-column byte pointer persistent across > term_flushln() calls, such that a subsequent call can continue at > the point where the previous call left. If more than one column > is in use, return from term_flushln() when the column is full, > rather than breaking the output line. > No functional change, because nothing sets up multiple columns yet. > (schwarze@) ~ mdoc.c > Make "new sentence, new line" detection stricter: > Also catch cases where the new sentence starts with a one-letter word > and the input line is broken right after that word. > Suggested by Thomas Klausner <wiz @ NetBSD>. > It's merely a three-bit diff, changing one byte from 0x34 to 0x33, > so what can possibly go wrong... (schwarze@) ~ mdoc.c > Also catch "new sentence, new line" if there are three blanks > between the sentences. Thomas Klausner says he has seen some > of these, and i don't see any false positives. (schwarze@) ~ mandoc.1 ~ mandoc.h ~ mdoc_validate.c ~ read.c ~ roff.h > style checks related to .Er; inspired by mdoclint(1) (schwarze@) ~ mandoc.1 ~ mandoc.h ~ read.c > Portable mandoc just got a warning about unknown .Lb names > which we don't want in OpenBSD, but let's keep the message table > and the manual page in sync. (schwarze@) ~ html.c ~ man_html.c ~ man_term.c ~ mdoc_man.c ~ mdoc_term.c ~ out.c ~ out.h ~ roff_html.c ~ roff_term.c ~ term.c ~ term_tab.c > make the internal a2roffsu() interface more powerful by returning > a pointer to the end of the parsed data, making it easier to > parse subsequent bytes (schwarze@) ~ mandoc.h ~ out.c ~ out.h ~ tbl.c ~ tbl_data.c ~ tbl_html.c ~ tbl_layout.c ~ tbl_term.c > Implement w layout specifier (minimum column width). > Improve width calculation of text blocks. > Reduces the groff/mandoc diff in Base+Xenocara by about 800 lines. > (schwarze@) ~ roff.c > Properly reinitialize roffce_node between parses, > or this may crash with use-after-free in makewhatis(8); > reported by jmc@, thanks! (schwarze@) ~ mdoc_man.c > do not break the line between Bsx/Bx/Fx/Nx/Ox/Dx and its arguments > (schwarze@) ~ mandoc.1 ~ mandoc.h ~ mdoc_validate.c ~ read.c > style message about missing blank before trailing delimiter; > inspired by mdoclint(1), and jmc@ considers it useful (schwarze@) ~ mdoc_validate.c > Reduce false positives for the "no blank before trailing delimiter" > message. > This brings us down to one false positive for about every 18 pages. > (schwarze@) ~ mdoc_validate.c > Do not issue the message "no blank before trailing delimiter" for .No. > In practice, that message only matters inside .Bf, and even there, it > can occasionally be a false positive. In all other cases, it usually > is a false positive, so it is better to drop it outright. > Suggested by jmc@. (schwarze@) ~ mandoc.1 ~ mandoc.h ~ mdoc_validate.c ~ read.c > style message about missing .Fn markup; inspired by mdoclint (schwarze@) ~ libmandoc.h ~ man_validate.c ~ mandoc.c ~ mandoc.h ~ mdoc_validate.c ~ read.c > Style message about legacy man(7) date format in mdoc(7) documents > and operating system dependent messages about missing or unexpected > Mdocdate; inspired by mdoclint(1). (schwarze@) ~ mdoc_validate.c > ooops, fix a glitch in the previous commit... (schwarze@) mkdep ~ mkdep.gcc.sh > explicitly pass -w since clang -M doesn't imply it. > okay millert@ (espie@) nc ~ netcat.c > If -P and -c were given, a second pledge call tried to add "rpath" to the > first pledge promises, so nc exited with EPERM. To fix this, merge the > pledge of the Pflag && usetls case into the first pledge block. This > allows us to get rid of the second pledge block and thus to simplify the > logic a bit. While there, add a missing blank to an error string. > Joint effort by the #openbsd-daily code reading group, problem found and > initial patch by <rain1 openmailbox org>. > ok awolk (tb@) ~ netcat.c > Simple style(9) fixes from Juuso Lapinlampi, mostly whitespace and > omitting parentheses in return statements. Binary change because of > return instead of exit(3) from main and because help() is now __dead. > ok awolk (tb@) ~ netcat.c > Continue the flattening of the pledge logic started in r1.184 and place > a blank space somewhere else. > suggested by and ok jsing (tb@) sort ~ sort.1 > add missing blanks before several delimiters; found with mandoc -Tlint > (schwarze@) ssh ~ packet.c > Fix compression output stats broken in rev 1.201. Patch originally by > Russell Coker via Debian bug #797964 and Christoph Biedl. ok djm@ > (dtucker@) ~ packet.c > Add comments referring to the relevant RFC sections for rekeying > behaviour. (dtucker@) ~ sshkey.c > better translate libcrypto errors by looking deeper in the accursed > error stack for codes that indicate the wrong passphrase was supplied > for a PEM key. bz#2699 ok dtucker@ (djm@) ~ ssh.1 > in description of public key authentication, mention that the server > will send debug messages to the client for some error conditions > after authentication has completed. bz#2709 ok dtucker (djm@) ~ mux.c > return failure rather than fatal() for more cases during mux > negotiations. Causes the session to fall back to a non-mux connection > if they occur. bz#2707 ok dtucker@ (djm@) ~ sftp.c > implement sorting for globbed ls; bz#2649 ok dtucker@ (djm@) ~ sftp-common.c > print '?' instead of incorrect link count (that the protocol doesn't > provide) for remote listings. bz#2710 ok dtucker@ (djm@) tmux ~ screen-write.c ~ tmux.1 ~ tty.c > Typo/style; plus man page escaping from jmc. (nicm@) ~ log.c ~ proc.c ~ server.c ~ signal.c ~ tmux.1 ~ tmux.h > Support SIGUSR2 to stop and start logging for an existing server. Also > we currently only have two log levels so just use -v and -vv rather than > -v and -vvvv, and clarify the man page entry for -v. (nicm@) ~ input.c ~ screen.c ~ tmux.h ~ utf8.c ~ window.c > Be more strict about escape sequences that rename windows or set titles: > ignore any that not valid UTF-8 outright, and for good measure pass the > result through our UTF-8-aware vis(3). (nicm@) ~ utf8.c > Remove unused variable. (nicm@) ~ input.c > Add a timeout to prevent the sequences which wait for a specific > terminator (OSC, APC and DCS) waiting forever, which helps to avoid > garbage (cat /dev/random) locking up panes completely. This (and the > last commit) prompted by a discussion with theo. (nicm@) ~ mode-tree.c > Do not leak command, from David CARLIER. (nicm@) ~ tty.c > Delete input event when evbuffer_read() fails to avoid just spinning > around a dead file descriptor. Seems to fix a problem reported by Greg > Hurrell in GitHub issue 941. (nicm@) ~ window-tree.c > Do not pass a state into commands when fired on individual items in tree > mode, rely on the %% target substitution in the command for the chosen > pane and leave the default target as the current pane (where the mode > is). Otherwise, joinp and similar end up with -t and -s the > same. Reported by Jacob Niehus in GitHub issue 960. (nicm@) ~ server-client.c > Continue and pass keys through if they are repeated keys, so that the > first key after a repeated key doesn't get lost. (nicm@) ~ mode-tree.c ~ tmux.1 ~ tmux.h ~ window-buffer.c ~ window-client.c ~ window-tree.c > Add simple searching (C-s and n) to the various choose modes: by name > for client and tree, and by name and content for buffer. (nicm@) ~ mode-tree.c ~ proc.c ~ tmux.h ~ window-buffer.c > Return 1 if name matches not 0, also fix some spaces. (nicm@) ~ window-client.c > Add size to client descriptions in list, suggested by Greg Hurrell. (nicm@) ~ input.c ~ tmux.1 ~ window-copy.c > Add a hook when the clipboard is set. (nicm@) ~ key-bindings.c > Use brackets around prompts which looks better and matches the other modes. > (nicm@) ~ window-buffer.c > Default sort for buffer mode should be time not name. (nicm@) ~ cmd-choose-tree.c ~ mode-tree.c ~ tmux.1 ~ tmux.h ~ window-buffer.c ~ window-client.c ~ window-tree.c > Add -O option to choose-* to set initial sort order. (nicm@) ~ cmd-choose-tree.c ~ mode-tree.c ~ tmux.1 ~ tmux.h ~ window-buffer.c ~ window-client.c ~ window-tree.c > Extend filters (f key) to buffer and client mode and add -f flag to > specify to command. (nicm@) == usr.sbin ========================================================== 14/14 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin adduser ~ adduser.8 > mention that the config file is created at first run, since it doesn't > exist on a default install (thus making it impossible to read and study) > (tedu@) cron ~ cron.c > Set the group on cron's Unix domain socket _before_ making it > group-writable, not after. Pointed out by Solar Designer. (millert@) ~ atrun.c > When running at jobs, open the at spool and use the directory fd > with openat(), fstatat() and unlinkat(). This is similar to how > we run cron jobs and eliminates the need for run_job() to find the > basename of the at file. OK deraadt@ (millert@) ~ atrun.c ~ cron.c ~ database.c ~ env.c ~ globals.h ~ user.c > In cron(8), require that crontab and at files in the spool be owned > by group crontab. The at(1) command now creates files owned by > group crontab, the crontab(1) command already does this. > Files in the crontab spool with parse errors are now ignored; > crontab(1) will not install a crontab file with parse errors. > The system crontab file (/etc/crontab) is not affected by this. > The required permissions on crontab files have been tightened. > Files in the cron spool must be mode 0600 (as created by crontab(1)). > The system crontab file may be readable/writable by the owner, > readable by group and readable by other. The system crontab must > be readable by the owner. (millert@) ~ atrun.c > Add logging for when we find a non-file in the at spool that was > a file when we scanned the at spool earlier. (millert@) ~ cron.8 > update permissions info to match recent changes (millert@) crunchgen ~ crunchgen.8 > missing .Fn markup for main(); found with mandoc -Tlint (schwarze@) httpd ~ patterns.7 > Fix broken escaping: "\." is almost never what you want; found with > mandoc -Tlint. While here, make macro usage more consistent. (schwarze@) ikectl ~ ikeca.c > Invoke openssl with -passin file rather than -key in ca_revoke(). > From Andrei-Marius Radu via sthen@ (jsg@) installboot ~ i386_installboot.c > Malloc the superblock buffer to make sure that it is properly aligned. > On i386, clang puts the char array at an odd address in .bss. > ok deraadt@ (naddy@) rtadvd ~ rtadvd.c > If we receive a router solicitation with a source link-layer address > option respond with a unicast advertisement. This improves air time on > wireless networks and reduces energy consumption on battery powered > devices. For details see RFC 7772 "Reducing Energy Consumption of > Router Advertisements" aka BCP 202. > Input & OK bluhm@ (florian@) smtpd ~ smtpd.conf.5 > reword "listen on socket" somewhat; ok gilles (jmc@) syspatch ~ syspatch.sh > /etc/mtree/BSD.x11.dist is part of base, not X; so check for > /var/sysmerge/xetc.tgz to detect whether we have the x sets installed. > (ajacoutot@) ~ syspatch.sh > Drop uneeded return from rollback_patch(). (ajacoutot@) tcpdump ~ tcpdump.8 > Don't describe AppleTalk's output format and bugs. > OK claudio@ > jmc@ doesn't object (akfaew@) vmctl ~ main.c > vmctl: change default "vmctl console" (cu) baud rate to 115200. Not > strictly needed but matches the previous baudrate diff committed earlier > to vmd. > ok deraadt, phessler (mlarkin@) vmd ~ loadfile.h > vmd: properly advertise 640k base memory, not 636k. That was a holdover > from before we had seabios support (to fake a hole where the EBDA would > be), and seabios always assumes 640k low memory is available. Fixes a > problem where FreeDOS guests whose seabios placed the virtio ring too > close to 640k would crash vmd. tested on a variety of guest OS, with > and without seabios. no regressions seen. (mlarkin@) ~ ns8250.c ~ ns8250.h ~ vm.c ~ vmm.h > vmd: Implement simulated baudrate support in the ns8250 module. The > previous version was allowing an output rate that is "too fast", and linux > guests would give up after 512 characters TXed ("too much work for irq4"). > This diff calculates the approximate rate we can sustain at the current > programmed baud rate and limits the output to that rate by inserting a > HZ delay after a specified number of characters have been transmitted. > This fixes the linux guest console issue. > Note that the console now outputs at more or less the selected baud rate, > instead of nearly instantaneously as before - if you selected 9600 in > your guest VMs before, you might want to change that to 115200 now for a > better console experience. > krw@ "seems like a good idea to me" (mlarkin@) =============================================================================== _______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
