CVS: cvs.openbsd.org: src

2017-09-11 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2017/09/12 00:35:32

Modified files:
usr.bin/ssh: channels.c channels.h clientloop.c mux.c 
 nchan.c serverloop.c 

Log message:
Make remote channel ID a u_int

Previously we tracked the remote channel IDs in an int, but this is
strictly incorrect: the wire protocol uses uint32 and there is nothing
in-principle stopping a SSH implementation from sending, say, 0x.

In practice everyone numbers their channels sequentially, so this has
never been a problem.

ok markus@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Damien Miller 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2017/09/12 00:32:08

Modified files:
usr.bin/ssh: auth-options.c auth.c channels.c channels.h 
 clientloop.c clientloop.h monitor.c 
 monitor_wrap.c mux.c nchan.c packet.c packet.h 
 servconf.c servconf.h serverloop.c serverloop.h 
 session.c session.h ssh.c sshbuf.h sshconnect.c 
 sshconnect.h sshd.c ssherr.c ssherr.h 

Log message:
refactor channels.c

Move static state to a "struct ssh_channels" that is allocated at
runtime and tracked as a member of struct ssh.

Explicitly pass "struct ssh" to all channels functions.

Replace use of the legacy packet APIs in channels.c.

Rework sshd_config PermitOpen handling: previously the configuration
parser would call directly into the channels layer. After the refactor
this is not possible, as the channels structures are allocated at
connection time and aren't available when the configuration is parsed.
The server config parser now tracks PermitOpen itself and explicitly
configures the channels code later.

ok markus@

CVS: cvs.openbsd.org: src

2017-09-11 Thread David Gwynne 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2017/09/11 20:58:08

Modified files:
sys/arch/amd64/amd64: vm_machdep.c 

Log message:
rename setredzone to setguardpage.

a redzone means something else on amd64, so im renaming this to
avoid confusion.

CVS: cvs.openbsd.org: src

2017-09-11 Thread David Gwynne 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2017/09/11 20:56:54

Modified files:
sys/arch/amd64/amd64: vm_machdep.c 

Log message:
add a guard page on the end of each threads kernel stack.

this protects the process control block. it also makes the kernel
fault hard when the guard page gets hit by the stack, allowing
debugging of the problem set of function calls at the time the
problem occurs. without this, a big stack can overwrite the pcb,
which makes the thread generate a fault when it is switched back
onto a cpu, which is way too late.

discussed with guenther@
ok deraadt@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Ingo Schwarze 
CVSROOT:/cvs
Module name:src
Changes by: schwa...@cvs.openbsd.org2017/09/11 20:22:16

Modified files:
lib/libc/gen   : sysctl.3 
share/man/man7 : securelevel.7 
share/man/man4/man4.alpha: mem.4 
share/man/man4/man4.amd64: mem.4 
share/man/man4/man4.hppa: mem.4 
share/man/man4/man4.i386: mem.4 
share/man/man4/man4.landisk: mem.4 
share/man/man4/man4.loongson: mem.4 
share/man/man4/man4.luna88k: mem.4 
share/man/man4/man4.macppc: mem.4 
share/man/man4/man4.socppc: mem.4 
share/man/man4/man4.sparc64: mem.4 

Log message:
Update the documentation regarding /dev/mem and /dev/kmem;
Theo already clamped down on these devices last year.
Triggered by a question from Nan Xiao .
OK deraadt@

CVS: cvs.openbsd.org: src

2017-09-11 Thread David Gwynne 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2017/09/11 17:32:34

Modified files:
usr.sbin/vmd   : vm.c vmd.h 

Log message:
add functions to provide direct access to guest memory as vmd addresses

iovec_mem() populates an iovec array based on guest physical
addresses. this allows the use of things like readv and writev for
moving data between the guest and a disk image file without having
to bounce the memory.

vaddr_mem() provides a vmd usable pointer based on a guests physical
address. this makes it possible to directly reference things like
virtio rings without having to bounce that memory either. however,
it assumes that a contiguous range of guest physical memory will
sit in a single vm memory range. mlarkin@ says this is right.

ok mlarkin@

CVS: cvs.openbsd.org: src

2017-09-11 Thread David Gwynne 
CVSROOT:/cvs
Module name:src
Changes by: d...@cvs.openbsd.org2017/09/11 17:25:05

Modified files:
usr.sbin/vmd   : vmd.h 

Log message:
bring SET, CLR, and ISSET macros in

they make bit fiddling easier to read in later diffs.

ok mlarkin@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Nicholas Marriott 
CVSROOT:/cvs
Module name:src
Changes by: n...@cvs.openbsd.org2017/09/11 14:11:45

Modified files:
usr.bin/tmux   : alerts.c 

Log message:
Check event is initialized before delete; fixes crash reported by
Michael Nickerson in GitHub issue 1068.

CVS: cvs.openbsd.org: src

2017-09-11 Thread Otto Moerbeek 
CVSROOT:/cvs
Module name:src
Changes by: o...@cvs.openbsd.org2017/09/11 12:32:31

Modified files:
lib/libc/stdlib: malloc.c 

Log message:
check double free before canary for chunks; ok millert@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Alexander Bluhm 
CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2017/09/11 12:21:08

Modified files:
regress/usr.sbin/syslogd: ttylog.c 

Log message:
Use signed ssize_t to make read(2) error check actually work.
found by clang warning

CVS: cvs.openbsd.org: www

2017-09-11 Thread Jasper Lievisse Adriaanse 
CVSROOT:/cvs
Module name:www
Changes by: jas...@cvs.openbsd.org  2017/09/11 12:20:18

Modified files:
.  : want.html 

Log message:
abieber@ and i could hardware to test and develop urng(4)

CVS: cvs.openbsd.org: src

2017-09-11 Thread Eric Faurot 
CVSROOT:/cvs
Module name:src
Changes by: e...@cvs.openbsd.org2017/09/11 11:09:09

Modified files:
usr.sbin/smtpd : mta.c 

Log message:
remove dead code.

ok gilles@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Todd C . Miller 
CVSROOT:/cvs
Module name:src
Changes by: mill...@cvs.openbsd.org 2017/09/11 10:35:38

Modified files:
bin/md5: md5.c 

Log message:
Use getrusage(2) for the built-in time trial instead of getttimeofday(2).
This makes it possible to measure just the ellapsed user time, which
is what we really care about when benchmarking an algorithm.
OK deraadt@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Alexander Bluhm 
CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2017/09/11 05:15:52

Modified files:
sys/kern   : uipc_socket.c 

Log message:
Coverty complains that the return value of sblock() is not checked
in sorflush(), but in other places it is.  See CID 1453099.  The
flags SB_NOINTR and M_WAITOK should avoid failure.  Put an assert
there to be sure.
OK visa@ mpi@

CVS: cvs.openbsd.org: src

2017-09-11 Thread Marc Espie 
CVSROOT:/cvs
Module name:src
Changes by: es...@cvs.openbsd.org   2017/09/11 04:18:38

Modified files:
gnu/usr.bin/binutils-2.17/bfd: Makefile.in 

Log message:
missing parts for arm64, dependencies needed.
spotted by deraadt@, fix turns out to be identical to more recent binutils.

CVS: cvs.openbsd.org: src

2017-09-11 Thread Martin Pieuchot 
CVSROOT:/cvs
Module name:src
Changes by: m...@cvs.openbsd.org2017/09/11 03:52:15

Modified files:
sys/arch/alpha/alpha: mutex.c 
sys/arch/mips64/mips64: mutex.c 
sys/arch/powerpc/powerpc: mutex.c 

Log message:
Sync alpha/mips64/powerpc mutex implementations.

No functionnal change.

ok visa@