CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: guent...@cvs.openbsd.org2024/03/16 23:49:41 Modified files: sys/arch/amd64/amd64: cpu.c identcpu.c locore.S vmm_support.S sys/arch/amd64/include: specialreg.h Log message: Use VERW to mitigate the RFDS (Register File Data Sampling) vulnerability present in Intel Atom CPUs, reordering some ASM in return-to-userspace and start/resume-vmx-guest to reduce the number of kernel values still live in registers when VERW is used. This mitigation requires updated firmware which has affected CPUs report RFDS_CLEAR in dmesg. Firmware packaging by jsg@ and sthen@ Logic for interpreting intel's flags by jsg@ after lots of discussion between him, deraadt@, and I ok deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/03/16 19:44:59 Modified files: usr.sbin/rpki-client: extern.h Log message: Remove unused enum rsc_resourceblock_tag This was used in rsc.c prior to the switch to ASN.1 templates. ok job
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: patr...@cvs.openbsd.org 2024/03/16 18:06:43 Modified files: sys/dev/mii: eephy.c Log message: Some PHYs need board-specific initializations, e.g. to correctly configure LED settings, which might be stored in the marvell,reg-init property. With these applied, the LEDs on the SolidRun ClearFog CN9130 Base work correctly. ok kettenis@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/03/16 15:42:20 Modified files: lib/libcrypto : cversion.c Log message: Remove ugly parens and thereby fix KNF
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: kette...@cvs.openbsd.org2024/03/16 14:46:28 Modified files: sys/arch/arm64/arm64: locore.S sys/arch/arm64/include: hypervisor.h Log message: Set the HCR_API and HCR_APK bits in the HCR_EL2 when CPUs boot in EL2. Otherwise using PAC instructions in EL1 will trigger a trap into EL2 that we don't handle. ok jsg@, deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2024/03/16 14:42:33 Modified files: lib/libcrypto/bn: bn_rand.c Log message: Fix signed integer overflow in bnrand() If more bits than INT_MAX - 7 are requested, the calculation of number of bytes required to store the bignum triggers undefined behavior due to signed integer overflow. This will typically result in bytes becoming negative which will then make malloc() fail. If the ulimit should be high enough to make malloc() succeed, there is a bad out of bounds write in case bottom is set (an odd number was requested). On jsing's request this does not deal with another bug which we could catch with a similar check due to BN_bn2bin() failing later on as the number of words in a BIGNUM is some fraction of INT_MAX. ok jsing
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: chel...@cvs.openbsd.org 2024/03/16 11:42:37 Modified files: usr.sbin/btrace: ksyms.c Log message: btrace(8): cache ELF symbols in sorted array Currently, every kelf_snprintsym() call performs a linear search through the .symtab for a symbol matching the given PC. The search is expensive and seems to be a major source of dropped profiling events. Storing all STT_FUNC .symtab entries and their names in a sorted array cuts search time from O(n) to O(lg n). In practice, the faster lookups seem to dramatically reduce the profiling drop rate. With tweaks from mpi@. Thread: https://marc.info/?l=openbsd-tech=170830125132105=2 ok mpi@
Re: CVS: cvs.openbsd.org: src
Should it be removed from changelist too? On 2024/03/15 23:18, Job Snijders wrote: > CVSROOT: /cvs > Module name: src > Changes by: j...@cvs.openbsd.org2024/03/15 23:18:01 > > Modified files: > distrib/sets/lists/base: mi > distrib/sets/lists/etc: mi > > Log message: > Move RPKI Trust Anchor constraints from etc set to base > > The cadence of updates being applied to the RPKI Trust Anchor constraints > seems sufficiently low, while the required understanding of context to make > educated decisions quite high, so centralized coordination of updates through > t...@openbsd.org is more appropriate. > > requested by & OK deraadt@, OK tb@ >
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/03/16 03:15:04 Modified files: sys/arch/arm64/arm64: cpu.c Log message: recognise Cortex-A520AE (Hayes AE), Cortex-A720AE (Hunter AE)
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: j...@cvs.openbsd.org2024/03/16 00:29:36 Modified files: usr.bin/whois : whois.c Log message: add -S to usage();