CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2018/11/18 00:57:28 Modified files: usr.bin/mg : mg.1 Log message: small clean up of dired section ok jmc@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: dera...@cvs.openbsd.org 2018/11/17 20:28:24 Modified files: . : errata64.html Log message: fix canon name
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2018/11/17 16:48:22 Modified files: etc/root : root.mail Log message: add the missing space. in the future, should mail -f the file to ensure it is correct format
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: chel...@cvs.openbsd.org 2018/11/17 16:10:08 Modified files: lib/libc/sys : sysctl.2 sys/kern : kern_pledge.c kern_sched.c kern_sysctl.c sys/sys: sched.h sysctl.h usr.bin/systat : cpu.c vmstat.c usr.bin/top: display.c display.h machine.c machine.h top.c Log message: Add new KERN_CPUSTATS sysctl(2) so we can identify offline CPUs. Because of hw.smt we need a way to determine whether a given CPU is "online" or "offline" from userspace. KERN_CPTIME2 is an array, and so cannot be cleanly extended for this purpose, so add a new sysctl(2) KERN_CPUSTATS with an extensible struct. At the moment it's just KERN_CPTIME2 with a flags member, but it can grow as needed. KERN_CPUSTATS appears to have been defined by BSDi long ago, but there are few (if any) packages in the wild still using the symbol so breakage in ports should be near zero. No other system inherited the symbol from BSDi, either. Then, use the new sysctl(2) in systat(1) and top(1): - systat(1) draws placeholder marks ('-') instead of percentages for offline CPUs in the cpu view. - systat(1) omits offline CPU ticks when drawing the "big bar" in the vmstat view. The upshot is that the bar isn't half idle when half your logical CPUs are disabled. - top(1) does not draw lines for offline CPUs; if CPUs toggle on or offline in interactive mode we redraw the display to expand/reduce space for the new/missing CPUs. This is consistent with what some top(1) implementations do on Linux. - top(1) omits offline CPUs from the totals when CPU totals are combined into a single line (the '-1' flag). Originally prompted by deraadt@. Discussed endlessly with deraadt@, ketennis@, and sthen@. Tested by jmc@ and jca@. Earlier versions also discussed with jca@. Earlier versions tested by jmc@, tb@, and many others. docs ok jmc@, kernel bits ok ketennis@, everything ok sthen@, "Is your stuff in yet?" deraadt@
CVS: cvs.openbsd.org: www
CVSROOT:/cvs Module name:www Changes by: t...@cvs.openbsd.org2018/11/17 15:02:36 Modified files: . : errata63.html errata64.html Log message: release libcrypto and lockf errata.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: clau...@cvs.openbsd.org 2018/11/17 13:46:12 Modified files: usr.bin/kdump : ktrstruct.c Log message: Be more careful when dumping cmsghdr struct. In the SCM_RIGHTS case an extra check for a truncated cmsghdr needs to be done since the embeded lenght may be longer than the supplied buffer (MSG_CTRUNC case). OK deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: m...@cvs.openbsd.org2018/11/17 13:17:10 Modified files: sys/dev/usb: usb_subr.c usbdivar.h Log message: free(9) size for USB subdevs array. ok ratchov@, visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dan...@cvs.openbsd.org 2018/11/17 13:09:03 Modified files: share/misc : airport Log message: consistency.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2018/11/17 12:11:14 Modified files: sys/kern : Tag: OPENBSD_6_4 vfs_lockf.c sys/sys: Tag: OPENBSD_6_4 lockf.h Log message: A recent change to POSIX file locks could cause incorrect results during lock acquisition. OpenBSD 6.4 errata 004
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2018/11/17 12:03:57 Modified files: sys/kern : Tag: OPENBSD_6_3 vfs_lockf.c sys/sys: Tag: OPENBSD_6_3 lockf.h Log message: A recent change to POSIX file locks could cause incorrect results during lock acquisition. OpenBSD 6.3 errata 023
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: mill...@cvs.openbsd.org 2018/11/17 11:55:50 Modified files: sys/kern : kern_event.c Log message: Avoid leaking kernel memory in struct kevent padding. >From NetBSD (maxv). OK deraadt@ visa@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2018/11/17 11:55:42 Modified files: lib/libcrypto/ec: Tag: OPENBSD_6_4 ec2_smpl.c ec_lcl.h ec_lib.c ecp_mont.c ecp_nist.c ecp_nistp224.c ecp_nistp256.c ecp_nistp521.c ecp_nistz256.c ecp_smpl.c Log message: Implement coordinate blinding for EC_POINT as an additional mitigation for the portsmash vulnerability. OpenBSD 6.4 errata 003
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2018/11/17 11:46:43 Modified files: lib/libcrypto/dsa: Tag: OPENBSD_6_3 dsa_ossl.c lib/libcrypto/ecdsa: Tag: OPENBSD_6_3 ecs_ossl.c Log message: Use a blinding value when generating DSA and ECDSA signatures, in order to reduce the possibility of a side-channel attack leaking the private key. OpenBSD 6.3 errata 022
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2018/11/17 11:14:58 Modified files: bin/ksh: main.c Log message: Use a very regular call pattern to pledge, so that we can continue to grep and compare the use in all programs..
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: dera...@cvs.openbsd.org 2018/11/17 10:22:38 Modified files: etc/examples : bgpd.conf Log message: make the bogon set competely or-longer, rather than having to manage it or-longer at useage time. ok job benno
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: bry...@cvs.openbsd.org 2018/11/17 09:52:02 Modified files: usr.sbin/tcpdump: privsep_pcap.c privsep.c Log message: tcpdump(8) monitor process privdrop The privsep monitor process handles all privileged operations on behalf of the unprivileged "packet parser" process. Once it enters its runtime state, it only needs to: * Perform DNS and other "numbers to names" lookups, sending results back over a pipe/socketpair. * Display the final packet statistics on ^C. We can finally now drop root privileges in this process as well, as bpf BIOCGSTATS is still permitted by non-root on open descriptors after it has been permanently locked with BIOCLOCK. This provides some additional protection, to go along with the already tight unveil(2) and pledge(2) restrictions. With this change tcpdump(8) completely drops root privileges at runtime. ok mestre@, deraadt@
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: b...@cvs.openbsd.org2018/11/17 04:22:43 Modified files: lib/libssl : ssl_clnt.c ssl_lib.c Log message: Fix DTLS, because DTLS still remains a special flower, allows regress to pass
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: l...@cvs.openbsd.org2018/11/17 02:52:34 Modified files: usr.bin/mg : paragraph.c Log message: fix undo in transpose-paragraph.
CVS: cvs.openbsd.org: src
CVSROOT:/cvs Module name:src Changes by: t...@cvs.openbsd.org2018/11/17 02:34:11 Modified files: lib/libcrypto/asn1: asn1_lib.c Log message: Fix whitespace around assignment operators.