OpenBSD src changes summary for 2015-08-23 to 2015-08-30 inclusive ==================================================================
Makefile bin/mv distrib/alpha distrib/miniroot distrib/notes distrib/sets etc/Makefile etc/etc.alpha/Makefile.inc etc/etc.alpha/disktab etc/mtree/4.4BSD.dist etc/mtree/BSD.x11.dist etc/rc games/fortune games/robots games/worm gnu/usr.bin/binutils gnu/usr.bin/binutils-2.17 gnu/usr.bin/cc gnu/usr.bin/cxxfilt include/db.h include/unistd.h lib/libc lib/libcrypto lib/libexpat lib/libfuse lib/libkvm lib/libssl lib/libtls lib/libutil libexec/getty libexec/ld.so regress/lib regress/sys regress/usr.bin regress/usr.sbin sbin/fdisk sbin/iked sbin/ping6 sbin/restore share/man share/misc sys/arch/alpha/include sys/arch/amd64/amd64 sys/arch/amd64/conf sys/arch/amd64/include sys/arch/amd64/pci sys/arch/arm/include sys/arch/armv7/omap sys/arch/hppa/hppa sys/arch/hppa/include sys/arch/hppa64/include sys/arch/i386/conf sys/arch/i386/i386 sys/arch/i386/include sys/arch/landisk/landisk sys/arch/m88k/include sys/arch/macppc/conf sys/arch/macppc/dev sys/arch/macppc/pci sys/arch/mips64/include sys/arch/mips64/mips64 sys/arch/powerpc/include sys/arch/sh/include sys/arch/sparc/include sys/arch/sparc64/include sys/arch/sparc64/sparc64 sys/arch/vax/include sys/crypto sys/ddb sys/dev sys/dev/acpi sys/dev/ata sys/dev/cardbus sys/dev/gpio sys/dev/ic sys/dev/onewire sys/dev/pci sys/dev/pckbc sys/dev/pv sys/dev/usb sys/dev/wscons sys/kern sys/net sys/netinet sys/netinet6 sys/netmpls sys/nfs sys/scsi sys/sys sys/uvm usr.bin/aucat usr.bin/compress usr.bin/doas usr.bin/file usr.bin/grep usr.bin/mandoc usr.bin/netstat usr.bin/sndiod usr.bin/ssh usr.bin/tmux usr.bin/tput usr.sbin/apmd usr.sbin/bgpd usr.sbin/cron usr.sbin/ndp usr.sbin/ntpd usr.sbin/pstat usr.sbin/pwd_mkdb usr.sbin/radiusctl usr.sbin/radiusd usr.sbin/syslogd usr.sbin/sysmerge usr.sbin/traceroute == Makefile ========================================================== 01/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/Makefile Makefile > must make obj in etc as well; the etc.*/Makefile stubs depend upon it. > (deraadt@) == bin =============================================================== 02/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/bin mv ~ mv.c > In fastcopy(), do the required malloc() before opening input or output > file. > problem noted by Martijn van Duren (martijn987 (at) gmail.com) (guenther@) == distrib =========================================================== 03/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib alpha ~ Makefile + miniroot/Makefile > create an alpha miniroot > (miod must fix the installboot in it next) (deraadt@) ~ miniroot/Makefile > use correct installboot command; from miod. > And use $DESTDIR to find the bootxx (deraadt@) miniroot ~ install.sub > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) notes ~ m4.common > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) ~ octeon/install > Tell user to Put quotes around ${bootcmd} when saving it. Avoids > stopping at the first ';' (command separator). ok miod@ (matthieu@) sets ~ lists/base/mi ~ lists/etc/mi > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) ~ lists/comp/mi > sync (deraadt@) ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armish ~ lists/base/md.armv7 ~ lists/base/md.aviion ~ lists/base/md.hppa ~ lists/base/md.hppa64 ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc ~ lists/base/md.sparc64 ~ lists/base/md.zaurus > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) ~ lists/base/md.alpha ~ lists/base/md.amd64 ~ lists/base/md.armish ~ lists/base/md.armv7 ~ lists/base/md.aviion ~ lists/base/md.hppa ~ lists/base/md.hppa64 ~ lists/base/md.i386 ~ lists/base/md.landisk ~ lists/base/md.loongson ~ lists/base/md.luna88k ~ lists/base/md.macppc ~ lists/base/md.octeon ~ lists/base/md.sgi ~ lists/base/md.socppc ~ lists/base/md.sparc ~ lists/base/md.sparc64 ~ lists/base/md.zaurus > sync (deraadt@) ~ lists/base/md.amd64 ~ lists/comp/md.amd64 > sync (deraadt@) == etc =============================================================== 04/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc Makefile ~ Makefile > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) etc.alpha/Makefile.inc ~ etc.alpha/Makefile.inc > handle miniroot (deraadt@) etc.alpha/disktab ~ etc.alpha/disktab > fakeramdisk entry for miniroot (deraadt@) mtree/4.4BSD.dist ~ mtree/4.4BSD.dist > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) mtree/BSD.x11.dist ~ mtree/BSD.x11.dist > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) ~ mtree/BSD.x11.dist > Update: add include/libdrm, sort include/EGL, add share/util-macros > (matthieu@) rc ~ rc > Changes for start_daemon(): > - use more descriptive variable name > Changes for make_keys(): > - use variables for file paths > - key -> keys in message > - take into account the return codes of isakmpd private *and* public > key generation > OK krw@ halex@ (rpe@) == games ============================================================= 05/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games fortune ~ fortune/fortune.c > remove #ifdef OK_TO_WRITE_DISK which isn't used by default. > and few disambiguisations suggested by cc(1) > - parentheses around && within || > - explicit braces to avoid ambiguous 'else' > ok doug@ (semarie@) robots ~ extern.c ~ main.c ~ move.c ~ robots.h > Improve robots(6) by using timespec*() functions, replacing gettimeofday() > with clock_gettime(MONOTONIC) to avoid clock changes and replacing poll() > with ppoll() to deal better with timespec. > ok guenther@. (rzalamena@) worm ~ worm.c > Fix cheating bug by using unused time variables and replace poll() with > ppoll() to better use the timespec struct. > ok deraadt@. (rzalamena@) ~ worm.c > Replace clock_gettime UPTIME with MONOTONIC to improve worm portability. > ok deraadt@, guenther@. (rzalamena@) == gnu =============================================================== 06/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu usr.bin/binutils ~ gdb/mips-tdep.c > Make gdb work again on mips64 PIE binaries by making sure that we select > a reasonable 64-bit ABI for 64-bit ELF files instead of a 32-bit ABI. > (kettenis@) usr.bin/binutils-2.17 ~ ld/emulparams/elf32ppc_obsd.sh > Enable missing code to fully enable the Secure-PLT ABI and clean up the > remaining commented out variable settings. We'll continue to use the > same layout for both BSS-PLT and Secure-PLT since supporting the more > relro friendly layout that Linux uses isn't compatible with our way of > making the PLT and GOT read-only. (kettenis@) ~ bfd/elf-bfd.h ~ bfd/elf32-i386.c ~ bfd/elf64-x86-64.c ~ bfd/elflink.c ~ bfd/elfxx-ia64.c ~ include/bfdlink.h ~ ld/Makefile.am ~ ld/Makefile.in ~ ld/ld.texinfo ~ ld/ldgram.y ~ ld/ldlang.c ~ ld/ldlang.h ~ ld/ldlex.h ~ ld/ldlex.l ~ ld/ldmain.c ~ ld/lexsup.c > Introduce -Bsymbolic-functions and related flags. Taken from two > post-binutils 2.17 but pre-GPLv3 commits. > miod@ says now is the time to get this in. (bcallah@) ~ bfd/elf-bfd.h ~ bfd/elf32-i386.c ~ bfd/elf64-x86-64.c ~ bfd/elflink.c ~ bfd/elfxx-ia64.c ~ include/bfdlink.h ~ ld/Makefile.am ~ ld/Makefile.in ~ ld/ld.texinfo ~ ld/ldgram.y ~ ld/ldlang.c ~ ld/ldlang.h ~ ld/ldlex.h ~ ld/ldlex.l ~ ld/ldmain.c ~ ld/lexsup.c > Unbreak binutils on sparc64, hppa (and probably some others). > Jumbo merges are NOT WELCOME. They have to be seperated out and tested. > (deraadt@) ~ bfd/elfxx-mips.c > Do proper GOT slot accounting for symbols that were forced to be local. > This fix first appeared in FSF binutils after the switch to GPLv3. > However Daniel Jacobowitz, who wrote the fix, confirms he worked for > CodeSourcery at the time (as suggested by the ChangeLog entry), and > CodeSourcery included this fix in the 4.1-176 version of their > toolchain that was distributed under GPLv2. > ok guenther@, ok deraadt@ (kettenis@) ~ binutils/readelf.c > Add support for Irix-style "64-bit" archives. > ok visa@, deraadt@ (kettenis@) usr.bin/cc ~ cc_tools/auto-host.h > Define HAVE_AS_REL16, as binutils 2.17 supports the R_PPC_REL16 reloc. > This makes the -msecure-plt option work, which is necessary to generate > Secure-PLT ABI code. (kettenis@) usr.bin/cxxfilt ~ cxxfilt.c > add missing includes for free, exit, errx and strchr (jsg@) == include =========================================================== 07/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/include db.h ~ db.h > Use static and __{BEGIN,ENV}_HIDDEN_DECLS to hide a bunch of internal > symbols that are not longer exported. (This improves the generated code.) > ok deraadt@ (guenther@) unistd.h ~ unistd.h > Hide many (194!) symbols that nothing should be using. > Delete exect(2); it wasn't portable across archs and nothing used it. > ports test build by naddy@ > ok deraadt@ kettenis@ (guenther@) == lib =============================================================== 08/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ locale/setrunelocale.c > restore codeset checking: we shouldn't silency fallback to ASCII codeset. > there is a test for "only UTF-8" after, that will return ENOTSUP. So the > caller > will known the wanted codeset isn't supported. > problem spotted by guenther@ > OK stsp@ guenther@ (semarie@) ~ arch/powerpc/gen/setjmp.S > Set up r30 with the _GLOBAL_OFFSET_TABLE_ pointer as required by the > Secure-PLT ABI. (kettenis@) ~ arch/powerpc/sys/brk.S ~ arch/powerpc/sys/sbrk.S > Fetch the _GLOBAL_OFFSET_TABLE_ pointer in a way that's compatible with the > Secure-PLT ABI. (kettenis@) ~ arch/powerpc/SYS.h ~ arch/powerpc/sys/cerror.S ~ arch/powerpc/sys/sigprocmask.S ~ arch/powerpc/sys/tfork_thread.S > Make __cerror() use the per-thread errno location if r2 isn't zero. This > way > libpthread no longer has to override it which means that we can use a local > call and can avoid setting up r30 as a _GLOBAL_OFFSET_TABLE_ pointer, which > is hard the way the powerpc ABI works. > For now we continue to provide __cerror as a weak symbol, but ___cerror is > now protected and internal calls within libc now use ___cerror instead of > __cerror. > discussed with guenther@ (kettenis@) + arch/m88k/Symbols.list > catch up (miod@) ~ sys/Makefile.inc + sys/kbind.2 > Document kbind(2) (guenther@) ~ sys/kbind.2 > Fix latter vs later. From jmc@ (guenther@) - arch/alpha/sys/exect.S - arch/amd64/sys/exect.S - arch/arm/sys/exect.S - arch/hppa/sys/exect.S - arch/hppa64/sys/exect.S - arch/i386/sys/exect.S - arch/m88k/sys/exect.S - arch/mips64/sys/exect.S - arch/powerpc/sys/exect.S - arch/sh/sys/exect.S - arch/sparc/sys/exect.S - arch/sparc64/sys/exect.S - arch/vax/sys/exect.S ~ Symbols.list ~ arch/alpha/Symbols.list ~ arch/alpha/sys/brk.S ~ arch/alpha/sys/sbrk.S ~ arch/amd64/SYS.h ~ arch/amd64/Symbols.list ~ arch/amd64/sys/brk.S ~ arch/amd64/sys/sbrk.S ~ arch/arm/SYS.h ~ arch/arm/Symbols.list ~ arch/arm/sys/brk.S ~ arch/arm/sys/sbrk.S ~ arch/hppa/Symbols.list ~ arch/hppa/sys/brk.S ~ arch/hppa/sys/sbrk.S ~ arch/hppa64/sys/brk.S ~ arch/hppa64/sys/sbrk.S ~ arch/i386/SYS.h ~ arch/i386/Symbols.list ~ arch/i386/sys/brk.S ~ arch/i386/sys/sbrk.S ~ arch/m88k/sys/brk.S ~ arch/m88k/sys/sbrk.S ~ arch/mips64/Symbols.list ~ arch/mips64/sys/brk.S ~ arch/mips64/sys/sbrk.S ~ arch/powerpc/Symbols.list ~ arch/powerpc/sys/brk.S ~ arch/powerpc/sys/sbrk.S ~ arch/sh/Symbols.list ~ arch/sh/sys/brk.S ~ arch/sh/sys/sbrk.S ~ arch/sparc/Symbols.list ~ arch/sparc/sys/brk.S ~ arch/sparc/sys/sbrk.S ~ arch/sparc64/Symbols.list ~ arch/sparc64/sys/brk.S ~ arch/sparc64/sys/sbrk.S ~ arch/vax/sys/brk.S ~ arch/vax/sys/sbrk.S ~ gdtoa/gdtoaimp.h ~ gdtoa/gethex.c ~ gdtoa/hd_init.c ~ gdtoa/hexnan.c ~ gdtoa/misc.c ~ gen/devname.c ~ gen/nlist.c ~ sys/Makefile.inc ~ sys/execve.2 > Hide many (194!) symbols that nothing should be using. > Delete exect(2); it wasn't portable across archs and nothing used it. > ports test build by naddy@ > ok deraadt@ kettenis@ (guenther@) ~ shlib_version > Oh yeah, crank the major. You talk about something and then your mind > wanders... (guenther@) ~ arch/m88k/Symbols.list > Sync with other per-arch Symbols.list files (guenther@) ~ sys/tame.2 > Convert paths argument of tame(2) to const char **. > The path will not be modified and this reduces casts. Discussed with many. > ok deraadt@ (doug@) ~ sys/tame.2 > Add TIOCGETA to the tame list for TAME_IOCTL. > This is used by readpassphrase() and curses. > ok deraadt@ (doug@) ~ sys/tame.2 > use ENAMETOOLONG instead of EINVAL for errno when string overflow occurs. > document tame.2 according. > ok deraadt@ (semarie@) ~ sys/tame.2 > tweak previous; (jmc@) ~ stdlib/rand48.h ~ stdlib/drand48.c ~ stdlib/lcong48.c ~ stdlib/lrand48.c ~ stdlib/mrand48.c ~ stdlib/seed48.c ~ stdlib/srand48.c > Move the __rand48_* declarations into rand48.h, and then hide both them > and __dorand48() and __rand48_deterministic > ok deraadt@ (guenther@) ~ citrus/citrus_ctype.c ~ citrus/citrus_ctype.h ~ citrus/citrus_none.h ~ citrus/citrus_utf8.h ~ db/btree/extern.h ~ db/hash/extern.h ~ db/recno/extern.h ~ gen/telldir.h ~ include/atfork.h ~ include/ctype_private.h ~ stdio/findfp.c ~ stdio/fvwrite.h ~ stdio/glue.h ~ stdio/local.h > Use static and __{BEGIN,ENV}_HIDDEN_DECLS to hide a bunch of internal > symbols that are not longer exported. (This improves the generated code.) > ok deraadt@ (guenther@) ~ gen/nlist.c > ELF uberalles: remove #ifdef _NLIST_DO_ELF tests (guenther@) ~ arch/powerpc/sys/tfork_thread.S > fix comment (guenther@) ~ gen/authenticate.c > use explicit_bzero to clear some memory that had creds in it instead of > memset. > ok deraadt@ millert@ (dlg@) ~ Makefile > Add Symbols.map to CLEANFILES (deraadt@) ~ net/rcmd.c > Use nanosleep instead of sleep to avoid the extra layer and simplify later > symbol hiding > ok w/tweak deraadt@ (guenther@) libcrypto ~ crypto/getentropy_freebsd.c > KNF (deraadt@) ~ crypto/getentropy_aix.c ~ crypto/getentropy_hpux.c ~ crypto/getentropy_linux.c ~ crypto/getentropy_solaris.c > unify versions, so they are easier to diff. (deraadt@) libexpat ~ lib/xmlparse.c > Put back local changes (revisions 1.2 to 1.4), which unfortunately got lost > in > the last upgrade. > ok deraadt@ (miod@) ~ lib/xmlparse.c > More overflow checks in XML_GetBuffer(), adapted from FreeBSD security > advisory FreeBSD-SA-15:20. Most of them were already fixed by niallo@'s > work, > which unfortunately got removed in r1.10 /-: > With help from doug@ (miod@) libfuse ~ fuse_opt.c > When an option is not recognized call the processing function with > FUSE_OPT_KEY_OPT, while here fix the last argument of a call in > fuse_opt_parse(). > Diff from Thiébaud Weksteen <thiebaud AT weksteen DOT fr>, thanks! > ok syl@, ajacoutot@ (mpi@) libkvm ~ kvm_file2.c > Rework the UNIX domain socket garbage collector, including ideas from > {Free,Net}BSD > - when a socket is closed with fds in its input, defer closing them to > a task to avoid recursing. This eliminates the complicated extra > reference taking which had a 37 line(!) comment explanation > - move flags, counts, and links only needed for this from struct file to > struct unpcb > - document the flow of the mark/sweep collector > much help from claudio@ who made me explain the GC to him until we trusted > it > ok claudio@ mpi@ deraadt@ (guenther@) libssl ~ src/crypto/opensslfeatures.h ~ src/ssl/s23_clnt.c ~ src/ssl/s23_meth.c ~ src/ssl/s23_srvr.c ~ src/ssl/s3_clnt.c ~ src/ssl/s3_lib.c ~ src/ssl/s3_meth.c ~ src/ssl/s3_srvr.c ~ src/ssl/ssl.h ~ src/ssl/ssl_lib.c ~ src/ssl/ssl_sess.c > Remove SSLv3 support from LibreSSL. > This is the first wave of SSLv3 removal which removes the main SSLv3 > functions. Future commits will remove the rest of the SSLv3 support. > Discussed the plan at c2k15. Input from jsing@, beck@, miod@, bcook@, > sthen@, naddy@, and deraadt@. > ok jsing@, beck@ (doug@) ~ ssl/shlib_version > Crank major version for libssl and libtls due to SSLv3 removal. (doug@) ~ src/ssl/t1_enc.c > Change AEAD out_len argument to size_t instead of ssize_t - while here, > rename it to out_len so that its purpose is more obvious. Also, drop two > checks that are no longer possible (and have not been for a long time). > Spotted by and ok doug@ (jsing@) ~ src/crypto/engine/eng_openssl.c > Kill coverity 128475 > ok doug@ (beck@) ~ src/ssl/t1_lib.c TAGGED OPENBSD_5_8 > MFC: Correctly handle a ClientHello that contains no TLS extensions, rather > than treating it as invalid and aborting the handshake. (jsing@) ~ src/crypto/opensslv.h TAGGED OPENBSD_5_8 > Bump LibreSSL version number to 2.2.3 in 5.8 release branch. > Requested by bcook@ for libressl portable. (jsing@) ~ src/ssl/s3_clnt.c ~ src/ssl/s3_srvr.c ~ ssl/Makefile TAGGED OPENBSD_5_8 > Remove SSLv3 method data structs and unlink s3_meth.c from the build. > ok jsing@ (doug@) - src/ssl/s3_meth.c TAGGED OPENBSD_5_8 > Delete s3_meth.c since it was only for SSLv3 support. > ok jsing@ (doug@) ~ src/ssl/s23_clnt.c ~ src/ssl/s23_meth.c ~ src/ssl/s23_srvr.c ~ src/ssl/ssl_locl.h TAGGED OPENBSD_5_8 > Now that SSLv3 is going away, TLS_* and SSLv23 are equivalent. > Remove the TLS method data and tls_any_* functions. Point to SSLv23. > ok jsing@ (doug@) libtls ~ shlib_version > Crank major version for libssl and libtls due to SSLv3 removal. (doug@) ~ tls_verify.c > Make functions that are internal to tls verify static. > Spotted by Marko Kreen. > Rides libtls major bump. (jsing@) ~ tls.c ~ tls_client.c ~ tls_internal.h > Split the persistent/configuration flags from temporary state flags and > ensure that the temporary state flags get cleared in tls_reset(). Fixes a > bug spotted by Marko Kreen whereby TLS_CONNECTING could remain on reset. > While here, also move the TLS_STATE_CONNECTING check to after the > TLS_CLIENT check - if TLS_STATE_CONNECTING was ever set on any other > context type it would allow a bypass. > ok bluhm@ (jsing@) ~ tls.c ~ tls_client.c ~ tls_internal.h ~ tls_server.c ~ tls_verify.c > Improve libtls error messages. > The tls_set_error() function previously stored the errno but did nothing > with it. Change tls_set_error() to append the strerror(3) of the stored > errno so that we include useful information regarding failures. > Provide a tls_set_errorx() function that does not store the errno or > include strerror(3) in the error message. Call this function instead of > tls_set_error() for errors where the errno value has no useful meaning. > With feedback from and ok doug@ (jsing@) libutil ~ openpty.3 > Remove lies about openpty(4) searching for a free pseudo-tty by iterating > through all existing pseudo-tty devices in /dev. (kettenis@) == libexec =========================================================== 09/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/libexec getty ~ subr.c > remove excess tab at end of line (how did they afford the extra bytes in > the dark ages?) (deraadt@) ld.so ~ ldconfig/prebind_path.c > huge amount of spaces (deraadt@) ~ ldd/ldd.c > spaces (deraadt@) ~ powerpc/rtld_machine.c > Add support for the Secure-PLT ABI variant. This will give us better W^X > support on powerpc as it uses a non-executable GOT and PLT. > "start slamming stuff in" deraadt@ (kettenis@) ~ amd64/rtld_machine.c ~ sparc64/rtld_machine.c > Use kbind for lazy binding GOT/PLT updates on amd64 and sparc64; others > to follow. While here add some gcc __predict hints. > Much discussion with and assistance from miod and deraadt > ok deraadt@ (guenther@) ~ Makefile + Symbols.map > Apply a symbol export list to ld.so with just the expected dl*() and the > two symbols needed by gdb. Remember: ld.so exports override those in > shared libs. > ok deraadt@ (guenther@) ~ i386/rtld_machine.c ~ powerpc/rtld_machine.c > Use kbind for lazy binding GOT/PLT updates on i386 and powerpc; still > others > to follow. While here add some gcc __predict hints. > Much discussion with and assistance from miod and deraadt > ok deraadt@ (guenther@) ~ alpha/rtld_machine.c ~ mips64/rtld_machine.c > Kbind 3: The Legend Continues! > Use kbind for lazy binding GOT/PLT updates on alpha and mips64. > While here add some gcc __predict hints. > Much discussion with and assistance from miod and deraadt > ok deraadt@ (guenther@) ~ hppa/rtld_machine.c > Use kbind for lazy binding GOT/PLT updates on hppa. > Much discussion with and assistance from miod and deraadt > ok deraadt@ (guenther@) ~ hppa/rtld_machine.c > If we take the address of a function pointer, we might get a pointer to > a plabel instead of the entry-point address. In that case, get the > entry-point address from the plabel. Makes ld.so work on hppa when > _dl_bind_start gets hidden by the version script. > ok miod@ (kettenis@) ~ Makefile > Use ELF_LDFLAGS to pass the --version-script argument such that we actually > hide symbols on all our architectures; hppa, hppa64 and sh override LDADD. > LDADD isn't really the proper variable for passing linker flags anyway. > ok guenther@, deraadt@ (kettenis@) ~ sh/rtld_machine.c > Use kbind for lazy binding GOT/PLT updates on sh (i.e. landisk) > Much discussion with and assistance from miod and deraadt > ok deraadt@ (guenther@) == regress =========================================================== 10/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libc/locale/setlocale/setlocale.c > ISO8859-1 support has been removed > ok semarie@ (guenther@) ~ libssl/ciphers/cipherstest.c ~ libssl/ssl/ssltest.c ~ libssl/ssl/testssl > Remove SSLv3 support from LibreSSL regression tests. (doug@) sys ~ kern/tame/sigkill/sigkill.c ~ kern/tame/sigabrt/sigabrt.c > convert to new tame(2) ABI/API (semarie@) - kern/tame/sys_exit/Makefile - kern/tame/sys_exit/sys_exit.c > remove tame/sys_exit in favor of more generic approch (soon) (semarie@) + kern/tame/generic/Makefile + kern/tame/generic/actions.c + kern/tame/generic/actions.h + kern/tame/generic/main.c + kern/tame/generic/manager.c + kern/tame/generic/parse_tame.c + kern/tame/generic/tests.out > add new (extensible) testsuite for tame(2) (semarie@) ~ kern/tame/generic/actions.c > add a missing header (semarie@) ~ net/pf_fragment/Makefile ~ net/pf_fragment/ping6_mtu_1300.py > Enable path MTU test with ping for IPv6. Scapy srp1() does not > accept inner IPv6 packets in ICMP6 with bad checksum created by pf. > Use same workaround as in pf_forward tests and fork a process for > sniffing. (bluhm@) ~ net/pf_fragment/Makefile ~ net/pf_fragment/pf.conf ~ net/pf_fragment/ping6_mtu_1300.py ~ net/pf_fragment/ping_cksum.py ~ net/pf_fragment/ping_mtu_1300.py ~ net/pf_fragment/udp_cksum.py ~ net/pf_forward/Makefile ~ net/pf_forward/pf.conf ~ net/pf_forward/ping6_mtu.py ~ net/pf_forward/ping_mtu.py > Extend the pf forward and fragment tests with a second challenge > for path MTU discovery. The router behind the pf machine has MTU > 1300. The ICMP packet generated by the router matches the pf state > and is NATed correctly. Additionally the pf machine itself has an > interface MTU 1400. So when pf is sending a packet is has to > generate a correct "fragmentation needed" or "packet too big" ICMP > response. This is done with pf route-to and reply-to. (bluhm@) ~ kern/mquery/mquery.c > Add obviously missing #includes (guenther@) usr.bin ~ mandoc/roff/nr/predef.in ~ mandoc/roff/nr/predef.out_ascii > add regression test for \n(.$ and \\$* (schwarze@) ~ tsort/Makefile + tsort/hints1 + tsort/hints2 + tsort/pairs7 + tsort/t7.canonical > simple check of -h option. More deviously, check that option/parameter > handling actually works correctly. (espie@) usr.sbin ~ syslogd/Syslogd.pm > Do not inherit the event environment, delete and set explicitly > after sudo. (bluhm@) == sbin ============================================================== 11/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin fdisk ~ disk.c ~ mbr.c ~ misc.c > Nuke some trailing whitespace that keeps coming back. (krw@) iked ~ pfkey.c > use 0xffff not 0xfffff for a 16 bit port constant > ok mikeb@ (jsg@) ping6 ~ ping6.c > Remove RH0 support, it was deprecated in RFC 5095 some time ago and > you couldn't send packets anyway since our stack drops them > unconditionally. > reasoning is sound to deraadt@, OK mpi@ (florian@) ~ ping6.c > Clean up getaddrinfo(3) calls to make them look like the canonical > example from the man page. While there was nothing wrong this pattern > makes it easier to figure that out. > While here be more paranoid how much we memcpy(3). > Looks clean to deraadt@ (florian@) restore ~ dirs.c ~ tape.c > Switch from utimes() to utimensat() to $estore full nanosecond granularity > ok millert@ deraadt@ (guenther@) == share ============================================================= 12/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man4/urtwn.4 > add supported Netgears WNA1000M and WNA1000Mv2 > ok stsp jmc (jung@) ~ man4/urtwn.4 > Add some additional urtwn ids found in the linux rtl8192cu driver. > ok stsp@ (jsg@) ~ man7/hier.7 > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) ~ man7/hier.7 > adjust list width for previous; (jmc@) ~ man7/ports.7 > Mark up command arguments properly using Cm. > From Michael Reed. (bentley@) ~ man9/malloc.9 > Rename M_RTABLE bucket into "rtable" to match the code and kill unused > M_BWMETER. > ok mikeb@ (mpi@) ~ man4/cd.4 > document CDIOREADTOCENTRIES, rather than the misspelled (but equivalent) > CDIOREADTOCENTRYS; > from martijn van duren (jmc@) ~ man4/ddb.4 > sparc64 supports the normal cpuinfo/ddbcpu/startcpu/stopcpu now (guenther@) ~ man7/roff.7 > Implement the escape sequence \\$*, expanding to all arguments > of the current user-defined macro. > This is another missing feature required for ocserv(8). > Problem reported by Kurt Jaeger <pi at FreeBSD>. (schwarze@) ~ man7/roff.7 > Parse and ignore the escape sequences \, and \/ (italic corrections). > Actually using these is very stupid because they are groff extensions > and other roff(7) implementations typically print unintended characters > at the places where they are used. > Nevertheless, some manuals contain them, for example ocserv(8). > Problem reported by Kurt Jaeger <pi at FreeBSD>. (schwarze@) misc ~ airport > SHO moved (deraadt@) == sys =============================================================== 13/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) arch/amd64/amd64 ~ disksubr.c > MBR must have priority over GPT. > Found, fix tested & thus ok ajacoutot@ (krw@) ~ aesni.c ~ est.c ~ intr.c ~ mem.c ~ softintr.c ~ via.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ aesni.c ~ intr.c > a few more free sizes. ok deraadt (tedu@) ~ aesni.c > fix an unprobable leak. ok deraadt mikeb (tedu@) ~ mem.c > use correct size for free(9), problem reported by Theo Buehler, ok kettenis > (sthen@) ~ acpi_machdep.c ~ bios.c ~ machdep.c ~ mainbus.c ~ wscons_machdep.c + efifb.c > Modify kernel to prepare boot from UEFI. > - Add new boot arg "bios_efi_info_t" to pass the paramters from UEFI > - Make bios(4) and acpi(4) be able to probe with the parameters from > UEFI > - Add efifb(8). It uses the framebuffer from UEFI and it will work as > a backend of wsdisplay(4) and wsfb (X11 video driver). Disabled by > the kernel config for this moment > input and ok kettenis (yasuoka@) ~ mainbus.c > Don't try to attach efifb(4) on non-UEFI boots. > ok miod@, deraadt@ (kettenis@) arch/amd64/conf ~ GENERIC > Re-enabling GPT on amd64 and i386. Discussed with and OK krw@ (bmercer@) ~ GENERIC ~ files.amd64 > Modify kernel to prepare boot from UEFI. > - Add new boot arg "bios_efi_info_t" to pass the paramters from UEFI > - Make bios(4) and acpi(4) be able to probe with the parameters from > UEFI > - Add efifb(8). It uses the framebuffer from UEFI and it will work as > a backend of wsdisplay(4) and wsfb (X11 video driver). Disabled by > the kernel config for this moment > input and ok kettenis (yasuoka@) arch/amd64/include ~ exec.h ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ biosvar.h + efifbvar.h > Modify kernel to prepare boot from UEFI. > - Add new boot arg "bios_efi_info_t" to pass the paramters from UEFI > - Make bios(4) and acpi(4) be able to probe with the parameters from > UEFI > - Add efifb(8). It uses the framebuffer from UEFI and it will work as > a backend of wsdisplay(4) and wsfb (X11 video driver). Disabled by > the kernel config for this moment > input and ok kettenis (yasuoka@) arch/amd64/pci ~ vga_post.c > fairly simple sizes for free(); ok tedu (deraadt@) arch/arm/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ asm.h > Provide remaining arch with END() macro for setting calculated size on > symbols in ASM > ok deraadt@ mpi@ (guenther@) arch/armv7/omap ~ if_cpsw.c > Put the device name into the timeout message. OK jsg@ (bmercer@) arch/hppa/hppa ~ pmap.c > The pmap_pmap_pool pool will never be used in interrupt context, so pass > the > PR_WAITOK flag to pmap_init and pass NULL as the pool allocator. > (kettenis@) arch/hppa/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) arch/hppa64/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) arch/i386/conf ~ GENERIC > Re-enabling GPT on amd64 and i386. Discussed with and OK krw@ (bmercer@) arch/i386/i386 ~ locore.s ~ pmap.c ~ pmapae.c > Enforce kernel w^x policy by properly setting NX (as needed) for > kernel text, PTEs, .rodata, data, bss and the symbol regions. This has > been in snaps for a while with no reported fallout. > The APTE space and MP/ACPI trampolines will be fixed next. > ok deraadt@ (mlarkin@) ~ pmapae.c > typo in comment (mlarkin@) ~ disksubr.c > MBR must have priority over GPT. > Found, fix tested & thus ok ajacoutot@ (krw@) ~ pmapae.c > The PDE covering the APTE space should not confer exec permissions. > ok deraadt (mlarkin@) arch/i386/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ asm.h > Provide remaining arch with END() macro for setting calculated size on > symbols in ASM > ok deraadt@ mpi@ (guenther@) arch/landisk/landisk ~ intr.c > correct size for free() (deraadt@) arch/m88k/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) arch/macppc/conf ~ GENERIC ~ RAMDISK > Enable xhci(4) now that it attaches correctly on my G5. (mpi@) arch/macppc/dev ~ if_bm.c > Workaround for slow bm(4) from NetBSD PR 33667 via Donovan Watteau on > bugs@. (mpi@) arch/macppc/pci ~ ht.c > Map the whole config1 space based on the size read from the > device-tree. > With this change, supplementary PCIe cards are now properly > detected. > This should prevents the kernel from faulting when reading > unmapped PCI addresses as reported by Donovan Watteau on ppc@. > ok kettenis@ (mpi@) arch/mips64/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) arch/mips64/mips64 ~ fp_emulate.c > Access the image of the floating point registers via p_md.md_regs, instead > of > directly on the frame, or any updates will get lost. This went unnoticed > for > so long because FPU emulation traps usually use the first frame of the U > area, > so values kind of stick. > This fixes a rare occurrence of wrong floating-point values with MP kernels > on Octeon. > ok visa@ (miod@) arch/powerpc/include ~ exec.h > Add support for the Secure-PLT ABI variant. This will give us better W^X > support on powerpc as it uses a non-executable GOT and PLT. > "start slamming stuff in" deraadt@ (kettenis@) ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ asm.h > Provide remaining arch with END() macro for setting calculated size on > symbols in ASM > ok deraadt@ mpi@ (guenther@) arch/sh/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) arch/sparc/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ asm.h > Provide remaining arch with END() macro for setting calculated size on > symbols in ASM > ok deraadt@ mpi@ (guenther@) arch/sparc64/include ~ cpu.h ~ db_machdep.h > Add support for switching CPUs in ddb on sparc64. (kettenis@) ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ asm.h > Provide remaining arch with END() macro for setting calculated size on > symbols in ASM > ok deraadt@ mpi@ (guenther@) arch/sparc64/sparc64 ~ db_interface.c > Kill code that tries to handle 32-bit code that we're never going to use. > (kettenis@) ~ db_interface.c > These days, we have two 4MB pages of read-only kernel memory. (kettenis@) ~ db_interface.c ~ locore.s > Add support for switching CPUs in ddb on sparc64. (kettenis@) ~ pmap.c > The pmap_pool pool will never be used in interrupt context, so pass the > PR_WAITOK flag to pmap_init and pass NULL as the pool allocator. > (kettenis@) arch/vax/include ~ exec.h > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ asm.h > Provide remaining arch with END() macro for setting calculated size on > symbols in ASM > ok deraadt@ mpi@ (guenther@) crypto ~ crypto.c > fairly simple sizes for free(); ok tedu (deraadt@) ddb ~ db_trap.c > Automatically perform traces upon panic. Shrink message about > reporting bugs to pointing at http://www.openbsd.org/ddb.html, > because vertical space becomes more precious. > ok beck krw kettenis (deraadt@) dev ~ vnd.c > obvious sizes for free() (deraadt@) ~ rd.c > trivial size argument for free() (deraadt@) ~ bio.c > trivial size to free() (deraadt@) ~ firmload.c > two simple sizes to free() (deraadt@) ~ vnd.c > Simple size for free(). These are a pleasure to convert when the > allocation is clearly spelled out as ptr = malloc(sizeof(*ptr), ...) > (deraadt@) ~ systrace.c > simple sizes for free() (deraadt@) ~ vscsi.c > fairly simple size for free() (deraadt@) ~ ksyms.c > _NLIST_DO_ELF is no longer needed: it's the only option > ok deraadt@ (guenther@) ~ video.c ~ videovar.h > video sub-drivers will not return EINVAL in size variable. (Well, > a broken USB driver could, then what happens?) 0 is the right error. > Also, keep track the size for free() (deraadt@) ~ diskmap.c > size for free(); ok krw (deraadt@) dev/acpi ~ acpimadt.c ~ atk0110.c > sizes for simple free() calls (deraadt@) ~ acpi.c > fairly simple sizes for free(); ok tedu (deraadt@) dev/ata ~ wd.c > trivial size to free() (deraadt@) ~ atascsi.c > fairly simple sizes for free(); ok tedu (deraadt@) dev/cardbus ~ cardbus.c ~ cardbus_exrom.c > fairly simple sizes for free(); ok tedu (deraadt@) dev/gpio ~ gpio.c > simple sizes for free() (deraadt@) dev/ic ~ ahci.c > sizes for free() (deraadt@) ~ ac97.c ~ qla.c ~ qlw.c ~ wdc.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ bwi.c ~ fxp.c ~ rt2661.c ~ rt2860.c > firmware sizes are known; use them for free() (deraadt@) ~ dc.c ~ dcreg.h > Track rom size, for free() (deraadt@) dev/onewire ~ owctr.c > simple size for free() (deraadt@) dev/pci ~ pucdata.c > Make Atom S1200 UART work; Atanas Vladimirov has one. (deraadt@) ~ azalia.h ~ azalia_codec.c > Audio on the T400/T410/T510/T420/T520/X220/X220t docks needs a quirk > for the pin configuration as well. > From Dmitry Alenichev. ok mlarkin@ (jsg@) ~ if_em.c ~ if_em.h > Get rid if em_align. This approach used to make sense, but now that the > hardware rx mtu always gets set to the maximum supported value we will hit > it for every received packet. Instead, use a larger mbuf cluster size on > strict alignment architectures such that we can always m_adj to make sure > the > packets are properly aligned. This wastes some memory but simplifies > things > considerably. Hopefully we can reduce the spillage in the near future by > taking advantage of recent improvements in the pool code. > ok mpi@, mikeb@, dlg@ (kettenis@) ~ if_rtwn.c ~ if_tht.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ envy.c > Fix support of M-Audio Delta 44 cards that use different GPIO pins, > than other Delta cards. (ratchov@) ~ envy.c ~ envyvar.h > Disable interrupts while the midi uart is not in use. Avoids generating > unused interrupts when a chatty peripheral is connected but is not > used. (ratchov@) ~ envy.c > remove forgotten debug printf in envy_midi_close (ratchov@) ~ envy.c > Set the midi_isopen flag to zero before the chip is reset, as the flag > is used to determine the interrupt mask. Currently this doesn't matter, > but once suspend/resume works, this will matter. (ratchov@) ~ if_ix.c > Set the rx mbuf size to MCLBYTES + ETHER_ALIGN for strict alignment > architectures to communicate better what size is needed to mclgeti. > Makes ix(4) consistent with em(4). > ok mikeb@, dlg@ (kettenis@) ~ envy.c ~ envyvar.h > Add the number of midi ports to the card description, and use it to > prevent cards with no midi connectors from attaching midi(4) devices. > (ratchov@) dev/pckbc ~ pms.c > fairly trivial sizes for free() (deraadt@) dev/pv ~ vmt.c > size for free() (deraadt@) dev/usb ~ usbdevs > Add some additional urtwn ids found in the linux rtl8192cu driver. > ok stsp@ (jsg@) ~ usbdevs.h ~ usbdevs_data.h > regen (jsg@) ~ if_urtwn.c > Add some additional urtwn ids found in the linux rtl8192cu driver. > ok stsp@ (jsg@) ~ if_run.c > Fix compiling a kernel without NBPFILTER > 0. > OK mikeb@ (reyk@) dev/wscons ~ wsemul_dumb.c ~ wsemul_sun.c ~ wsemul_vt100.c ~ wsmux.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ wsconsio.h > Modify kernel to prepare boot from UEFI. > - Add new boot arg "bios_efi_info_t" to pass the paramters from UEFI > - Make bios(4) and acpi(4) be able to probe with the parameters from > UEFI > - Add efifb(8). It uses the framebuffer from UEFI and it will work as > a backend of wsdisplay(4) and wsfb (X11 video driver). Disabled by > the kernel config for this moment > input and ok kettenis (yasuoka@) kern ~ kern_tame.c > recompute len when the path is absolute as canonpath could have shrink it > OK deraadt@ (semarie@) ~ kern_tame.c > check correct offset for terminator; with semarie (deraadt@) ~ kern_tame.c > Canonicalize non-rooted paths after cwd prepend. > with semarie (deraadt@) ~ kern_tame.c > Perform maximum one cwd lookup in tame(), also make namei version look the > same. > Idea from semarie (deraadt@) ~ kern_tame.c > fix /tmp handling of unlink(); from Caspar Schutijser (deraadt@) ~ kern_tame.c > Initialize cwdpath so free() is properly handled. > ok deraadt@ (doug@) ~ kern_tame.c > corrects two potential double-free on `cwdpath'. The variable will be > free'ed > outside the for-loop. > OK deraadt@ (semarie@) ~ uipc_socket.c > Items from pool sosplice_pool are get in process context and put > in soft interrupt. So the pool needs an IPL_SOFTNET protection. > This fixes a panic: mtx_enter: locking against myself. > While there, call pool_setipl() also for socket_pool. Although > this pool uses explicit spl protection around pool_get() and > pool_put(), it is better to specify the IPL it is operating on. > OK mpi@ mikeb@ (bluhm@) ~ subr_disk.c > Fix GPT code to work with non-DEV_BSIZE disks. > Part of GPT refactoring that was backed out at c2k15. > ok deraadt@ (krw@) ~ kern_tame.c > remove duplicate SYS_utimes entry > ok deraadt@ (jsg@) ~ kern_tame.c ~ syscalls.master > Convert paths argument of tame(2) to const char **. > The path will not be modified and this reduces casts. Discussed with many. > ok deraadt@ (doug@) ~ init_sysent.c ~ syscalls.c > regen (doug@) ~ kern_tame.c > Add TIOCGETA to the tame list for TAME_IOCTL. > This is used by readpassphrase() and curses. > ok deraadt@ (doug@) ~ kern_tame.c > After a report from jsg about a memory leak (or was it a double free?), > refactor the code around getcwd and canonpath, with some help from semarie > ok semarie (deraadt@) ~ kern_tame.c > use ENAMETOOLONG instead of EINVAL for errno when string overflow occurs. > document tame.2 according. > ok deraadt@ (semarie@) ~ subr_disk.c > Enhance setdisklabel() to ensure that the disk size and 'C' > partition information of the in-memory disklabel remains correct. > ok deraadt@ (krw@) ~ tty.c > two simple free() sizes (deraadt@) ~ kern_bufq.c ~ kern_exit.c ~ subr_extent.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ tty.c > Modify ttystats_init() to tell us about the buffer size, so that we > can pass the size to free() (deraadt@) ~ kern_sysctl.c ~ uipc_usrreq.c > Rework the UNIX domain socket garbage collector, including ideas from > {Free,Net}BSD > - when a socket is closed with fds in its input, defer closing them to > a task to avoid recursing. This eliminates the complicated extra > reference taking which had a 37 line(!) comment explanation > - move flags, counts, and links only needed for this from struct file to > struct unpcb > - document the flow of the mark/sweep collector > much help from claudio@ who made me explain the GC to him until we trusted > it > ok claudio@ mpi@ deraadt@ (guenther@) ~ subr_disk.c > Rename 'part_blkno' to 'sector' as it has not held DEV_BSIZE values in > some time. > ok deraadt@ (krw@) ~ subr_disk.c > Move label 'offset' calculation out of the buf setup logic and > closer to where it is used. It isn't part of the setup and we want > to abstract the setup. > ok deraadt@ (krw@) ~ exec_subr.c > size for free() (deraadt@) ~ subr_disk.c > In readgptlabel() the block offsets of the GPT header and GPT partition > entries within a disk sector are always 0. i.e. both must start on a > sector boundary. So stop calculating the offset value and adding it to > b_data when pulling data out of the buf. > Part of larger refactoring, eyed by jsing@, tested by bmercer@ as > part of that larger diff. (krw@) ~ uipc_usrreq.c > sizes for free(); ok guenther (deraadt@) ~ vfs_syscalls.c > For *chmod, allow S_ISTXT in tame mode. I am evaluating what to > do about S_ISUID and SISGID... maybe we should mask them and allow > the operation to happen? (deraadt@) ~ init_main.c ~ uipc_domain.c > Use a global table for domains instead of building a list at run time. > As a side effect there's no need to run if_attachdomain() after the > list of domains has been built. > ok claudio@, reyk@ (mpi@) ~ subr_disk.c > Eliminate a couple of extraneous DL_SECTOBLK() calls. > The disklabel is either 0 bytes into a 512-byte disk sector, or 512 > bytes into a larger disk sector. The address of the disk sector > read is irrelevant. > Pointed out by jsing@ I think. ok deraadt@ (krw@) ~ subr_disk.c > In readgptlabel() avoid pointless conversions from sector counts > to daddr_t counts and back again. And rename 'part_blkno' to > 'sector' to mirror readdoslabel() changes and make code clearer. > Reads ok to jsing@ and kettenis@. Tested by bmercer@ as part of > larger diff. (krw@) net ~ if.c > bpf+srp is blowing up, so its being backed out. bpf will need the big lock. > (dlg@) ~ bpf.c ~ bpfdesc.h > back out bpf+srp. its blowing up in a bridge setup. > ill debug this out of the tree. (dlg@) ~ pipex.c > In kernel initialize struct sockaddr_in and sockaddr_in6 to zero > everywhere to avoid passing around pointers to uninitialized stack > memory. While there, fix the call to in6_recoverscope() in > fill_drlist(). > OK deraadt@ mpi@ (bluhm@) ~ if_spppsubr.c > Rework the code to decide when to perform DAD to no longer rely on the > IN6_IFF_NODAD pseudo-flag not being set. > This was just a flag for spaghetti code that should not exist in the > first place. > Tested by sebastia@, ok sthen@ (mpi@) ~ if_bridge.c ~ if_bridge.h > The bridge list is a relict, delete the remaining LIST_REMOVE. > This fixes a crash during ifconfig bridge0 destroy. > OK mpi@ (bluhm@) ~ route.c ~ rtsock.c > Always increment the reference counter of the returned route entry in > rtrequest1(9). > This simplifies rtfree(9) dances and will prevent another CPU to free > the entry before we're done with it as soon as routing functions can > be executed in parallel. > ok bluhm@, mikeb@ (mpi@) ~ if_pflog.c > #if INET && INET6 -> #ifdef INET6, the kernel no longer defines INET > since July. The code involved deals with af-to handling. (jsg@) ~ if_bridge.c > Use the specialized m_copym2() preserving the alignment of the payload > in bridge_localbroadcast() too. > This should fix another alignment issue kettenis@ is seeing. > ok dlg@ (mpi@) ~ if_tun.c > Fix compiling a kernel without NBPFILTER > 0. > OK mikeb@ (reyk@) ~ if.c ~ if.h ~ pfkey.c ~ radix.c ~ route.c > Use a global table for domains instead of building a list at run time. > As a side effect there's no need to run if_attachdomain() after the > list of domains has been built. > ok claudio@, reyk@ (mpi@) netinet ~ in.c ~ ip_mroute.c > In kernel initialize struct sockaddr_in and sockaddr_in6 to zero > everywhere to avoid passing around pointers to uninitialized stack > memory. While there, fix the call to in6_recoverscope() in > fill_drlist(). > OK deraadt@ mpi@ (bluhm@) ~ tcp_input.c ~ tcp_subr.c ~ tcp_var.h > Rename the syn cache counter into tcp_syn_cache_count to have the > same prefix for all variables. Convert the counter type to int, > the limit is also int. Before searching the cache, check that it > is not empty. Do not access the counter outside of the syn cache > from tcp_ctlinput(), let the syn_cache_lookup() function handle it. > OK dlg@ (bluhm@) ~ ip_ipip.c > Check for a RTF_LOCAL entry instead of iterating on the global list > of interfaces. > ok bluhm@ (mpi@) ~ tcp_input.c > Set the required IPL at the syn-cache pool instead of doing a > splsoftnet() explicitly. The function syn_cache_lookup() is always > called at IPL_SOFTNET so a splsoftassert() is better than a needless > splsoftnet(). > OK markus@ dlg@ (bluhm@) ~ ip_ipsp.h > correct #if/#endif guard comment (deraadt@) ~ tcp_usrreq.c > When the dynamic TCP update is reducing so->so_snd.sb_hiwat the > sbspace() in the socket buffer shrinks. So a writable socket > reported by poll(2) could become unwritable before calling write(2). > Ensure that a writable or readable socket can still be written to > or read from after changing the buffer size. > Discussed with and OK millert@ deraadt@ claudio@ (bluhm@) ~ tcp_input.c ~ tcp_subr.c ~ tcp_var.h > The syn cache is completely implemented in tcp_input.c. So all its > global variables should also live there. > OK markus@ (bluhm@) ~ igmp.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ in_proto.c > Use a global table for domains instead of building a list at run time. > As a side effect there's no need to run if_attachdomain() after the > list of domains has been built. > ok claudio@, reyk@ (mpi@) netinet6 ~ nd6.c > Use simple byte pointer arithmetic and memcpy from/to aligned stack > variables to handle the "packed" binary format passed out to userland > when querying the prefix/router list. From NetBSD (Martin Husemann). > ok mpi@ (naddy@) ~ in6.c ~ ip6_mroute.c ~ nd6.c > In kernel initialize struct sockaddr_in and sockaddr_in6 to zero > everywhere to avoid passing around pointers to uninitialized stack > memory. While there, fix the call to in6_recoverscope() in > fill_drlist(). > OK deraadt@ mpi@ (bluhm@) ~ in6.c ~ in6_ifattach.c ~ in6_var.h ~ nd6.h ~ nd6_nbr.c ~ nd6_rtr.c > Rework the code to decide when to perform DAD to no longer rely on the > IN6_IFF_NODAD pseudo-flag not being set. > This was just a flag for spaghetti code that should not exist in the > first place. > Tested by sebastia@, ok sthen@ (mpi@) ~ nd6_rtr.c > Always increment the reference counter of the returned route entry in > rtrequest1(9). > This simplifies rtfree(9) dances and will prevent another CPU to free > the entry before we're done with it as soon as routing functions can > be executed in parallel. > ok bluhm@, mikeb@ (mpi@) ~ in6.c ~ in6_ifattach.c ~ nd6.c ~ nd6.h ~ nd6_rtr.c > Start moving away from the global prefix list by limiting its usage to > AUTOCONF'd addresses. > This prevent the kernel from removing connected (/64) routes as soon as > it configures an AUTOCONF'd address based on a RA. > Tested by sebastia@, ok sthen@ (mpi@) ~ nd6.h ~ nd6_rtr.c > nd6_prefix_add() is no longer used and die. (mpi@) ~ in6_proto.c > Use a global table for domains instead of building a list at run time. > As a side effect there's no need to run if_attachdomain() after the > list of domains has been built. > ok claudio@, reyk@ (mpi@) netmpls ~ mpls_proto.c > Use a global table for domains instead of building a list at run time. > As a side effect there's no need to run if_attachdomain() after the > list of domains has been built. > ok claudio@, reyk@ (mpi@) nfs ~ krpc_subr.c ~ nfs_socket.c > In kernel initialize struct sockaddr_in and sockaddr_in6 to zero > everywhere to avoid passing around pointers to uninitialized stack > memory. While there, fix the call to in6_recoverscope() in > fill_drlist(). > OK deraadt@ mpi@ (bluhm@) ~ nfs_aiod.c ~ nfs_srvcache.c > fairly simple sizes for free(); ok tedu (deraadt@) ~ nfsm_subs.h > fix ugly indents; no harmful macros harmed (deraadt@) ~ nfs_serv.c > Keep track of a length for free() in error paths. Be careful, > because the nfsm_strsiz() macro sneakily modifies a parameter! > ok beck (deraadt@) scsi ~ ch.c ~ mpath.c ~ safte.c ~ scsiconf.c ~ ses.c > add some sizes to free. looked over by deraadt (tedu@) sys ~ malloc.h > Rename M_RTABLE bucket into "rtable" to match the code and kill unused > M_BWMETER. > ok mikeb@ (mpi@) ~ unpcb.h > Remove obsolete fields in struct unpcb. In the past they were used > for flow control with unix domain sockets, this is now done by > filling the send buffer with fake data counters. > OK naddy@; no fallout in a bulk build (bluhm@) ~ exec_elf.h > Typos; ok kettenis@ (jca@) ~ syscallargs.h ~ tame.h > Convert paths argument of tame(2) to const char **. > The path will not be modified and this reduces casts. Discussed with many. > ok deraadt@ (doug@) ~ syscall.h ~ syscallargs.h > regen (doug@) ~ file.h ~ unpcb.h > Rework the UNIX domain socket garbage collector, including ideas from > {Free,Net}BSD > - when a socket is closed with fds in its input, defer closing them to > a task to avoid recursing. This eliminates the complicated extra > reference taking which had a 37 line(!) comment explanation > - move flags, counts, and links only needed for this from struct file to > struct unpcb > - document the flow of the mark/sweep collector > much help from claudio@ who made me explain the GC to him until we trusted > it > ok claudio@ mpi@ deraadt@ (guenther@) ~ domain.h > Use a global table for domains instead of building a list at run time. > As a side effect there's no need to run if_attachdomain() after the > list of domains has been built. > ok claudio@, reyk@ (mpi@) uvm ~ uvm_swap.c > "XXXMRG: consider making it an inline or macro" > no way. (deraadt@) ~ uvm_mmap.c > In sys_kbind(), pages from uvm_map_extract() must be written to with > kcopy() > ok kettenis@ (guenther@) ~ uvm_vnode.c > delete a comment about gcc -Wuninitialized (deraadt@) ~ uvm_map.c > After more than a decade it seems safe to conclude that amap_clean works. > ok mpi@, visa@ (kettenis@) ~ uvm_device.c > fairly simple sizes for free(); ok tedu (deraadt@) == usr.bin =========================================================== 14/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin aucat ~ aucat.c > fix typos in comments and error messages (ratchov@) ~ afile.c > Allow sparse blocks to be used as silence if samples are encoded > as signed integers. (ratchov@) compress ~ main.c > Ignore setuid/setgid settings from a compress/gzip file; original CSRG > code. Found by trondd exercising coverage of tame in gzip. > ok guenther millert kettenis (deraadt@) doas ~ doas.c > add a type of "auth-doas" to the perm check to allow login.conf fiddling > originally proposed by halex (tedu@) ~ doas.conf.5 > Document an example that lets root run unrestricted doas commands as > root ("permit nopass keepenv root as root"), matching the old > behaviour from OpenBSD's sudoers file ("root ALL=(ALL) SETENV: ALL"). > OK sthen@ (reyk@) file ~ sandbox.c > Need to permit kbind in this sandbox too (guenther@) grep ~ grep.c > use strtonum to parse the number of lines of context. > this provides better error messages. > ok deraadt@ guenther@ (dlg@) mandoc ~ tag.c > Portability: including <ohash.h> requires including <stdint.h> before. > Noticed by Svyatoslav Mishyn <juef and openmailbox dot org>, Crux Linux. > (schwarze@) ~ roff.c > Minimal implementation of the read-only number register \n(.$ > which returns the number of arguments of the current macro. > This is one of the missing features required for ocserv(8). > Problem reported by Kurt Jaeger <pi at FreeBSD>. (schwarze@) ~ roff.c > Implement the escape sequence \\$*, expanding to all arguments > of the current user-defined macro. > This is another missing feature required for ocserv(8). > Problem reported by Kurt Jaeger <pi at FreeBSD>. (schwarze@) ~ mandoc.c > Parse and ignore the escape sequences \, and \/ (italic corrections). > Actually using these is very stupid because they are groff extensions > and other roff(7) implementations typically print unintended characters > at the places where they are used. > Nevertheless, some manuals contain them, for example ocserv(8). > Problem reported by Kurt Jaeger <pi at FreeBSD>. (schwarze@) ~ roff.c > If we have to reparse the text line because we spring an input line trap, > we must not escape breakable hyphens yet, or mparse_buf_r() in read.c > will complain and replace the escaped hyphens with question marks. > Bug found in ocserv(8) following a report from Kurt Jaeger <pi at FreeBSD>. > (schwarze@) ~ mdoc_html.c > If an .Fo macro lacks its mandatory argument, don't die on an assertion. > Bug found by jsg@ with afl. (schwarze@) ~ term.c > Drop leading, internal, and trailing blank characters in \o (overstrike) > escape sequences; that's cleaner for all output modes, and it's required > to prevent the PostScript/PDF formatter from dying on assertions. > Bug found by jsg@ with afl. (schwarze@) netstat ~ unix.c > Remove obsolete fields in struct unpcb. In the past they were used > for flow control with unix domain sockets, this is now done by > filling the send buffer with fake data counters. > OK naddy@; no fallout in a bulk build (bluhm@) sndiod ~ file.c > backout previous for now, as it causes me portability problems (ratchov@) ssh ~ auth.c TAGGED OPENBSD_5_8 > MFC, original commit by djm@ > "fix inverted logic that broke PermitRootLogin; > reported by Mantas Mikulenas; ok markus@" (jasper@) tmux ~ grid.c > In grid_duplicate_lines, if the line is empty (cellsize == 0) then clear > the destination celldata pointer rather than leaving a stale copy of the > source pointer (which may later be freed). Fixes a crash found by > Kuang-che Wu. (nicm@) ~ input.c > When searching for tabs, start from screen width, fixes out-of-bounds > read found by Kuang-che Wu. (nicm@) ~ input.c ~ names.c ~ tmux.h ~ window.c > Only do the automatic-rename dance if the pane has changed (seen output, > or new active pane). (nicm@) ~ server-window.c ~ window.c > Error messages should not have a trailing period. (nicm@) ~ format.c > Allow environment variables in #{}. (nicm@) ~ format.c ~ server.c ~ tmux.h > Move format job cleanup onto its own timer. (nicm@) ~ log.c > Log time with message. (nicm@) ~ cmd-attach-session.c ~ cmd-new-session.c ~ cmd-set-option.c ~ cmd-switch-client.c ~ format.c ~ server-client.c ~ server-fn.c ~ server.c ~ status.c ~ tmux.h > Run status update on a per-client timer at status-interval. (nicm@) ~ server.c ~ tmux.h ~ window-choose.c ~ window-clock.c ~ window-copy.c > Give clock mode its own timer. (nicm@) ~ options-table.c ~ server.c ~ tmux.1 > Remove the lock-server option which is a bit redundant, it isn't that > different without it. (nicm@) ~ cmd-attach-session.c ~ cmd-new-session.c ~ cmd-switch-client.c ~ server-client.c ~ server-fn.c ~ session.c ~ tmux.h > Make session_update_activity more useful and use it in more places. (nicm@) ~ cmd-set-option.c ~ server.c ~ session.c ~ tmux.h > Per-session timers for locking, and remove the global one-second timer. > (nicm@) ~ session.c > Don't leak name when freeing session, from Kuang-che Wu. (nicm@) ~ server.c > Remove unused prototypes. (nicm@) ~ names.c > Check changed flag after restarting timer. (nicm@) ~ cmd-set-option.c ~ names.c ~ server-window.c ~ tmux.h ~ window.c > We now only checking for name changes when the active pane has changed, > but that can only happen when we have already been woken up by a read > event, so there is no need for a timer, we can just check the changed > flag on the end of that read event (we already loop over the windows to > check for bells etc anyway). (nicm@) ~ cmd-set-option.c ~ names.c ~ server-window.c ~ tmux.h ~ window.c > Revert previous; we do need a timer, until I have a better idea. We > can't do the name check every loop, because that is too expensive, and > we can't make sure it only happens infrequently because we have no idea > when the next change will happen. (nicm@) ~ format.c > Allow formats to be specified as functions (in the code) so they are > only evaluated on demand rather than each time a format tree is > constructed. Use this for expensive formats like pane_current_command. > (nicm@) ~ format.c > Make a few more expensive (ish) formats functions instead of inline. > (nicm@) ~ screen.c ~ window.c > Only set default title to hostname on screens that are being used for a > window pane, no point in calling gethostname() for temporary screens. > (nicm@) ~ log.c > Microseconds in log time. (nicm@) ~ cmd-set-option.c ~ names.c ~ server-window.c ~ tmux.h ~ window.c > Better take on reducing the name timer. Again check for name changes in > the main loop after events that may have changed the pane, but do so at > most once every 500 millis. If the pane changed too soon, use a timer to > ensure that a check happens later. (nicm@) ~ window.c > Treat entering or leaving a mode as pane changed. (nicm@) - server-window.c ~ Makefile ~ cmd-set-option.c ~ input.c ~ server.c ~ session.c ~ tmux.h ~ window.c + alerts.c > Move alerts onto events rather than checking every loop. (nicm@) ~ server-client.c ~ server.c > We already loop over the windows in server_client_loop, so don't do it > again in server_loop just to check names. (nicm@) ~ cmd-choose-buffer.c ~ cmd-paste-buffer.c ~ cmd-save-buffer.c ~ cmd-set-buffer.c ~ format.c ~ paste.c ~ status.c ~ tmux.h ~ window-copy.c > Move struct paste_buffer out of tmux.h. (nicm@) ~ cmd-paste-buffer.c ~ cmd-save-buffer.c ~ paste.c ~ tmux.h > paste_send_pane can be merged into cmd-paste-buffer.c now. (nicm@) ~ arguments.c ~ tmux.h > struct args_entry can go into arguments.c. (nicm@) ~ layout-set.c ~ tmux.h ~ window.c > Remove some old prototypes and unused functions. (nicm@) ~ cmd-show-environment.c ~ cmd-swap-pane.c ~ server-client.c ~ tmux.c ~ xterm-keys.c > Some style nits and dead assignments. (nicm@) ~ client.c ~ server.c ~ tmux.c ~ tmux.h > Event base does not need to be global. (nicm@) ~ client.c ~ tmux.c ~ tmux.h > Login shell can be a client flag, and move the exec code into client.c. > (nicm@) ~ tmux.c ~ tmux.h > Path from $TMUX does not need to be global anymore. (nicm@) tput ~ tput.1 > Document clear(1) a bit more prominently. > Patch from Theo Buehler, suggestion to use DESCRIPTION from FreeBSD from > jmc@, ok jmc@ (jca@) == usr.sbin ========================================================== 15/15 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin apmd ~ apmd.c > log battery changes every 10%, not every 21. > ok deraadt jung phessler (tedu@) bgpd ~ rde.c ~ rde_attr.c > rename a variable "err" to "error" (deraadt@) cron ~ atrun.c ~ cron.c ~ funcs.h > Use ppoll(2) instead of poll(2). This has two benefits. Firstly, > we can use struct timespec throughout and avoid any conversion > issues which might cause jobs to fire prematurely. Secondly, it > eliminates a race condition that could delay us taking action on > SIGCHLD and SIGHUP. OK deraadt@ okan@ ratchov@ (millert@) ndp ~ ndp.c > Use simple byte pointer arithmetic and memcpy from/to aligned stack > variables to handle the "packed" binary format passed out to userland > when querying the prefix/router list. From NetBSD (Martin Husemann). > ok mpi@ (naddy@) ntpd ~ ntpd.conf.5 > Xr ntpctl; from Rob Pierce (deraadt@) pstat ~ pstat.8 ~ pstat.c > Rework the UNIX domain socket garbage collector, including ideas from > {Free,Net}BSD > - when a socket is closed with fds in its input, defer closing them to > a task to avoid recursing. This eliminates the complicated extra > reference taking which had a 37 line(!) comment explanation > - move flags, counts, and links only needed for this from struct file to > struct unpcb > - document the flow of the mark/sweep collector > much help from claudio@ who made me explain the GC to him until we trusted > it > ok claudio@ mpi@ deraadt@ (guenther@) pwd_mkdb ~ pwd_mkdb.c > missing va_end(); OK deraadt (gsoares@) radiusctl ~ radiusctl.8 ~ radiusctl.c > Remove references to the -h command line option which was removed. > Also use `return' instead of exit(3) in main(). > Patch from Michael Reed > ok jmc (yasuoka@) radiusd ~ radiusd.8 ~ radiusd.c > Remove -h command line option from radiusd(8) to make it better style. > Patch from Michael Reed (yasuoka@) ~ parse.y > fix a use after free in an error path found with afl > ok yasuoka@ (jsg@) ~ util.c ~ util.h > Add a boundary check for safety and use snprintf() to construct the IP > address strings instead of strl{cpy,cat}(). Also make the function > return a valid string even in failure case. > input deraadt > ok deraadt (yasuoka@) syslogd ~ syslogd.c > strlcpy() accesses the source string until it finds NUL, even if > it is behind the size limit. As msg is not NUL-terminated in this > case, it depended on memory content wether syslogd will crash. So > using memcpy() and setting the NUL explicitly is the correct way. > OK deraadt@ (bluhm@) ~ syslogd.c > When syslogd is reloading a modified config, it does a reexec on > itself. For this it uses the original arguments of main(). The > function loghost_parse() modifies the optarg memory it is operating > on. To prevent that the exec arguments have been tampered, pass a > copy of optarg to loghost_parse(). > OK deraadt@ (bluhm@) sysmerge ~ sysmerge.8 ~ sysmerge.sh > /usr/share/sysmerge -> /var/sysmerge > requested by several > discussed with deraadt@ (ajacoutot@) ~ sysmerge.8 ~ sysmerge.sh > Make backup directory of replaced files persistent: /var/sysmerge/backups. > 3 rotations so that we have history of modified files. > In batch mode, when a file cannot be handled automatically, remove it from > the checksum file so that the next interactive sysmerge(8) run will ask > to merge the changes. > ok rpe@ (ajacoutot@) ~ sysmerge.sh > cp -> mv > Put /usr/share/sysmerge under XXX. (ajacoutot@) traceroute ~ traceroute.c > warnx(3) has an implicit \n at the end. > pointed out by deraadt@ (florian@) ===============================================================================
_______________________________________________ owc mailing list [email protected] http://www.squish.net/mailman/listinfo/owc
