OpenBSD src changes summary for 2017-04-09 to 2017-04-16 inclusive ==================================================================
Makefile distrib/miniroot distrib/sets etc/Makefile etc/examples/httpd.conf etc/mtree/4.4BSD.dist etc/weekly games/adventure games/tetris gnu gnu/usr.bin/binutils gnu/usr.bin/binutils-2.17 gnu/usr.bin/clang gnu/usr.bin/cvs include/stdlib.h lib/libc lib/libcompiler_rt lib/libcrypto lib/libedit lib/libssl lib/libtls lib/libutil regress/lib regress/sbin regress/sys regress/usr.bin sbin/dhclient sbin/fsck_ffs sbin/iked sbin/ipsecctl sbin/ldattach sbin/pfctl share/man sys/arch/alpha/include sys/arch/amd64/amd64 sys/arch/amd64/include sys/arch/arm/include sys/arch/arm64/arm64 sys/arch/arm64/dev sys/arch/arm64/include sys/arch/armv7/dev sys/arch/hppa/include sys/arch/i386/i386 sys/arch/i386/include sys/arch/m88k/include sys/arch/mips64/include sys/arch/mips64/mips64 sys/arch/octeon/dev sys/arch/octeon/octeon sys/arch/powerpc/include sys/arch/sh/include sys/arch/sparc64/conf sys/arch/sparc64/include sys/crypto sys/dev sys/dev/acpi sys/dev/ic sys/dev/pci sys/dev/usb sys/dev/wscons sys/kern sys/net sys/net80211 sys/netinet sys/ntfs sys/sys sys/uvm usr.bin/htpasswd usr.bin/lex usr.bin/mandoc usr.bin/nc usr.bin/pctr usr.bin/script usr.bin/systat usr.bin/tmux usr.sbin/arp usr.sbin/dhcpd usr.sbin/dhcrelay6 usr.sbin/httpd usr.sbin/identd usr.sbin/ldapd usr.sbin/makefs usr.sbin/mksuncd usr.sbin/ndp usr.sbin/nsd usr.sbin/rebound usr.sbin/sasyncd usr.sbin/slaacctl usr.sbin/slaacd usr.sbin/slaacdctl usr.sbin/tftp-proxy usr.sbin/tftpd usr.sbin/vmctl == Makefile ========================================================== 01/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/Makefile Makefile > mark newish phony targets as phony. > okay tb@ (espie@) == distrib =========================================================== 02/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/distrib miniroot ~ install.sub > Ensure that the version part of $_url_base is correctly removed by > using $VNAME (x.y) instead of $VERSION (xy). This fixes the problem > that the version part ended up in installurl which is wrong anyway > and also confuses pkg_add. > Thanks to florian@ and trondd at kagu-tsuchi dot com for reporting > this. > OK tb@ (rpe@) sets ~ lists/base/mi > sync (deraadt@) ~ lists/comp/md.arm64 > sync (jsg@) ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) ~ lists/comp/mi > sync (deraadt@) ~ lists/base/mi > sync (deraadt@) == etc =============================================================== 03/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/etc Makefile ~ Makefile > mark newish phony targets as phony. > okay tb@ (espie@) examples/httpd.conf ~ examples/httpd.conf > Remove /etc/ssl/acme/. We don't need it now that we have a default > acme-conf(5) > that direclty uses /etc/ssl/{,private} by default. Adapt the httpd.conf > example > accordingly. > ok florian@ benno@ millert@ (ajacoutot@) mtree/4.4BSD.dist ~ mtree/4.4BSD.dist > Remove /etc/ssl/acme/. We don't need it now that we have a default > acme-conf(5) > that direclty uses /etc/ssl/{,private} by default. Adapt the httpd.conf > example > accordingly. > ok florian@ benno@ millert@ (ajacoutot@) weekly ~ weekly > Build full mandoc.db(5) databases by default using makewhatis(8) > without -Q during the build and in weekly(8). According to tests > by many developers, makewhatis(8) takes a few minutes at most even > on slower hardware like octeon, loongson, ALIX, RPI3, Soekris, > cubox, softiron etc., and security(8) is often worse than makewhatis(8). > In case this causes excessive weekly(8) run times on even slower > (~50 MHz-class) CPUs, consider adding "MAKEWHATISARGS=-Q" to > /etc/weekly.local on machines that feel unhappy. > OK sthen@ kettenis@ millert@ deraadt@ (schwarze@) == games ============================================================= 04/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/games adventure ~ hdr.h > Clean up disabled declaration in the text struct. > OK deraadt@ (fcambus@) tetris ~ screen.c > According to termcap(3), char PC, *BC, *UP need to be extern. Fixes an > ld(1) error found by mestre a while ago. > fix suggested and ok naddy (tb@) == gnu =============================================================== 05/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/gnu gnu ~ llvm/tools/lld/ELF/DriverUtils.cpp > Disable colored diagnostics in LLVM's lld. > Requested by deraadt@ (patrick@) usr.bin/binutils ~ gdb/amd64obsd-tdep.c ~ gdb/i386obsd-tdep.c > Sync symbol lists for trap/interrupt frame detection with what ddb(4) uses > ok deraadt@ (guenther@) usr.bin/binutils-2.17 ~ bfd/elfxx-sparc.c > Handle R_SPARC_WPLT30 relocations against a local symbol. Fixes building > the > audio/openal port with clang. > ok guenther@ (kettenis@) usr.bin/clang ~ include/clang/intrin/Makefile > Generate and install arm_neon.h on arm and arm64. > ok jsg@ (kettenis@) ~ include/clang/intrin/Makefile > Invoke install -d for each directory in the /usr/lib/clang hierarchy > as they aren't in mtree. Problem with wrong ownership and permission > of directories reported by sthen@. > ok deraadt@ sthen@ tb@ (jsg@) ~ include/clang/intrin/Makefile > explicitly set the ownership on installed include files as well (jsg@) usr.bin/cvs ~ src/server.c > once cvs's flow-control mechanism has kicked in, stop reading from > its local reader until memory usage goes back down below its > watermark. > during a checkout of a tree with big files (like www) from a fast > reader (disk) and a slow writer (net), the amount of data being > buffered can back up enough that cvs tries to allocate too many > buffers and hits its resource limit, causing death. > cvs's flow-control mechanism properly detects this early on, but the > message sent to the reader process to stop sending data takes too > long to process. > take more aggressive action and just stop reading from the reader > until the writer has ejected enough data that it can start re-using > its already-allocated buffers instead of allocating new ones. > ok deraadt (jcs@) == include =========================================================== 06/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/include stdlib.h ~ stdlib.h > Introducing freezero(3) a version of free that guarantees the process > no longer has access to the content of a memmory object. It does > this by either clearing (if the object memory remains cached) or > by calling munmap(2). ok millert@, deraadt@, guenther@ (otto@) == lib =============================================================== 07/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/lib libc ~ shlib_version > monir bump for freezero (otto@) ~ Symbols.list ~ hidden/stdlib.h ~ stdlib/malloc.3 ~ stdlib/malloc.c > Introducing freezero(3) a version of free that guarantees the process > no longer has access to the content of a memmory object. It does > this by either clearing (if the object memory remains cached) or > by calling munmap(2). ok millert@, deraadt@, guenther@ (otto@) ~ stdlib/malloc.3 > tweak previous; (jmc@) ~ sys/recv.2 > Fix tabs in example code. (jca@) ~ string/strstr.c > New strstr() implementation from musl libc by Rich Felker. This > version uses the two-way string matching algorithm and is faster > than the old implementation. With this change, ports that check > for strstr having linear complexity time strstr will no longer > replace the libc strstr with a private version. > OK deraadt@ espie@ (millert@) ~ hash/siphash.c > SipHash_Final() was assuming the digest was 64-bit aligned, resulting in > misaligned memory accesses with armv7 ramdisk -Os bsd.rd ping > ok florian millert (deraadt@) ~ stdlib/malloc.3 ~ stdlib/malloc.c > allow clearing less than allocated and document freezero(3) better (otto@) ~ stdio/getdelim.c > Use recallocarray in getdelim/getline to clear memory on buffer resizes, > inspired by a similar change to fgetln. > ok deraadt millert (brynet@) ~ sys/execve.2 > Xr sigprocmask(2) not the obsolete sigsetmask(3) (millert@) ~ gen/sysctl.3 > correct path; from Klemens Nanni (deraadt@) ~ gen/ttyname.c > whitespace (deraadt@) ~ sys/reboot.2 > Document RB_TIMEBAD; delete RB_* that are obsolete/unimplemented > ok visa@ deraadt@ (guenther@) ~ arch/aarch64/gen/_setjmp.S > Always return nonzero from _longjmp too. > ok jsg@ (kettenis@) libcompiler_rt ~ Makefile > Add a few missing quad-precision support functions on arm64 and reorder the > list to match what's in CMakeLists.txt. > ok sthen@ (kettenis@) libcrypto ~ buffer/buf_str.c > Explicitly test for NULL. > ok beck@ (jsing@) ~ buffer/buffer.c > With recallocarray() BUF_MEM_grow() is essentially the same as > BUF_MEM_grow_clean() (the only difference is clearing on internal down > sizing), so make it a wrapper. > ok beck@ deraadt@ (jsing@) ~ buffer/buffer.c > Simplify/clean up BUF_MEM_grow_clean(). > ok beck@ (jsing@) ~ man/X509_cmp_time.3 > document three additional functions; > from Emilia Kasper <emilia at openssl dot org>, OpenSSL commit 4ac139b4 > (schwarze@) ~ man/EVP_PKEY_CTX_new.3 ~ man/EVP_PKEY_derive.3 ~ man/EVP_PKEY_keygen.3 ~ man/Makefile + man/X25519.3 > new X25519(3) manual page; > from Dr. Stephen Henson <st...@openssl.org>, OpenSSL commit d218f3c3 > (schwarze@) libedit ~ chared.c ~ el.c ~ hist.c ~ terminal.c > Use calloc(3) and recallocarray(3) instead of *alloc* + memset(0). > ok deraadt (tb@) libssl ~ man/SSL_CTX_sess_number.3 > typo fix; from <Jon dot Spillett at oracle dot com> > via OpenSSL commit 7bd27895 (schwarze@) ~ man/SSL_CTX_use_certificate.3 > pasto; from <Jon dot Spillett at oracle dot com> via OpenSSL commit > 3aaa1bd0 (schwarze@) ~ ssl_clnt.c > Convert various client key exchange functions to freezero(3). The memory > contents needs to be made inaccessible - this is simpler and less error > prone than the current "if not NULL, explicit_bzero(); free()" dance. > (jsing@) ~ man/Makefile + man/SSL_CTX_set_tlsext_servername_callback.3 > new manual page SSL_CTX_set_tlsext_servername_callback(3) for SNI; > from <Jon dot Spillett at oracle dot com> > via OpenSSL commit 8c55c461 (schwarze@) ~ man/SSL_CTX_add_extra_chain_cert.3 ~ man/SSL_CTX_ctrl.3 ~ man/SSL_CTX_sess_number.3 ~ man/SSL_CTX_sess_set_cache_size.3 ~ man/SSL_CTX_set_max_cert_list.3 ~ man/SSL_CTX_set_mode.3 ~ man/SSL_CTX_set_options.3 ~ man/SSL_CTX_set_session_cache_mode.3 ~ man/SSL_CTX_set_tlsext_status_cb.3 ~ man/SSL_CTX_set_tlsext_ticket_key_cb.3 ~ man/SSL_num_renegotiations.3 ~ man/SSL_session_reused.3 ~ man/SSL_set_max_send_fragment.3 ~ man/ssl.3 > for pure *_ctrl() wrapper macros, move the reference from ssl(3) > to SSL_CTX_ctrl(3) to make ssl(3) slightly more palatable (schwarze@) ~ man/Makefile ~ man/SSL_CTX_set_session_id_context.3 ~ man/SSL_SESSION_get_time.3 ~ man/SSL_SESSION_new.3 ~ man/SSL_copy_session_id.3 ~ man/SSL_get_session.3 ~ man/ssl.3 + man/SSL_SESSION_get0_peer.3 + man/SSL_SESSION_get_compress_id.3 + man/SSL_SESSION_get_id.3 + man/SSL_SESSION_set1_id_context.3 > Additional SSL_SESSION documentation > from Matt Caswell <matt at openssl dot org>, OpenSSL commit b31db505. > Improve crosslinking while here. (schwarze@) ~ man/Makefile ~ man/SSL_CTX_ctrl.3 + man/SSL_get_server_tmp_key.3 > new manual page SSL_get_server_tmp_key(3) > from Matt Caswell <m...@openssl.org>, OpenSSL commit 508fafd8 (schwarze@) ~ man/BIO_f_ssl.3 ~ man/SSL_CTX_set_cert_store.3 ~ man/d2i_SSL_SESSION.3 > fix some .Xr errors that jmc@ found with mdoclint(1) (schwarze@) ~ ssl_asn1.c > Use freezero() for i2d_SSL_SESSION() - one line of code instead of three. > In this case the memory allocated can also be significant, in which case > freezero() will have less overhead than explicit_bzero() (munmap instead > of touching all of the memory to write zeros). (jsing@) ~ t1_enc.c > freezero() the key block; simpler code and less of it. (jsing@) ~ s3_lib.c > Use freezero() for X25519 keys - same result with more readable code. > (jsing@) ~ d1_lib.c ~ s3_lib.c ~ ssl_sess.c > Use freezero() for the internal opaque structures, instead of the current > explicit_bzero()/free(). Less code and potentially less overhead. (jsing@) ~ ssl_asn1.c > Revert ssl_asn1.c r1.50 - CBB and freezero(3) do not play nicely together. > Back this out while we investigate and implement a solution. > Found the hard way by sthen@ (jsing@) ~ ssl_srvr.c > Use freezero(3) when cleaning up session tickets - not only does it require > less code, but there is also a potential performance gain since they can be > larger allocations. (jsing@) ~ ssl_srvr.c > Use freezero(3) to clean up the X25519 keys - simpler, cleaner code. > (jsing@) ~ ssl_asn1.c > Switch i2d_SSL_SESSION() back to freezero(3) now that the size constraints > have been relaxed. (jsing@) ~ ssl_srvr.c > Clean up server key exchange EC point handling. Encode the point directly > into the CBB memory, rather than mallocing and memcpying, which also makes > makes the code more consistent with the client. Add a missing check for the > first EC_POINT_point2oct() call. > ok beck@ (jsing@) ~ bs_cbb.c > Use freezero(3) in the CBB clean up path, since this could hold sensitive > information (such as master keys). (jsing@) ~ ssl_asn1.c > backout previous, data_len is not always initialized (otto@) libtls ~ tls_client.c ~ tls_internal.h ~ tls_peer.c ~ tls_server.c ~ tls_verify.c > Rework name verification code so that a match is indicated via an argument, > rather than return codes. More strictly follow RFC 6125, in particular only > check the CN if there are no SAN identifiers present in the certificate > (per section 6.4.4). > Previous behaviour questioned by Daniel Stenberg <daniel at haxx dot se>. > ok beck@ jca@ (jsing@) libutil ~ imsg-buffer.c ~ imsg.c > Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3). > In our privsep model, imsg is often used to transport sensitive > information between processes. But a process might free an imsg, and > reuse the memory for a different thing. iked uses some > explicit_bzero() to clean imsg-buffer but doing it in the library with > the freezero() is less error-prone and also benefits other daemons. > OK deraadt@ jsing@ claudio@ (reyk@) == regress =========================================================== 08/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/regress lib ~ libtls/gotls/tls.go > Improve unknown protocol version handling. (jsing@) ~ libtls/verify/verifytest.c > Rework and significantly extend TLS name verification tests to match > changes in libtls. (jsing@) ~ libcrypto/rsa/rsa_test.c > Remove unused rnd_seed variable. Upstream made the same change 4 days ago. > Fixes compiling this test using clang on arm64. (kettenis@) ~ libc/regex/Makefile > Define DEF_WEAK like we do for ld.so to fix building this with clang. > ok millert@, deraadt@ (kettenis@) ~ libc/db/dbtest.c > Use INT_MAX instead of SIZE_MAX as the maximum file size we can handle. > Fixes this test on 64-bit architectures. > ok visa@ (kettenis@) sbin ~ ipsecctl/Makefile ~ ipsecctl/sa25.in ~ ipsecctl/sa26.in + ipsecctl/sa27.in + ipsecctl/sa27.ok > Add tests with the ipsec.conf SA bundle keyword. (bluhm@) sys ~ kern/pledge/sockopt/Makefile > Add comment how the test works. (bluhm@) - kern/pledge/sigkill/Makefile - kern/pledge/sigkill/sigkill.c - kern/pledge/sigkill/sigkill.out ~ kern/pledge/Makefile > The pledge sigkill test is an outdated copy of sigabrt. Remove the > former and activate the latter. > OK semarie@ (bluhm@) ~ kern/mount/Makefile > Add comment what the test does. (bluhm@) ~ netinet/ipsec/Makefile ~ netinet/ipsec/ipsec.conf > Add test for IP payload compression. It is sending small and big > ping packets as only the latter get actually compressed. (bluhm@) ~ netinet/ipsec/Makefile ~ netinet/pmtu/Makefile > Make sure these tests print "SKIPPED" if the necessary variables aren't > set. > The current code doesn't work since the magic .BEGIN target runs before > the regress target that prints "SKIPPED" and the .BEGIN target fails when > the variables aren't set. > ok bluhm@ (kettenis@) usr.bin ~ openssl/options/optionstest.c > Use %zu to print a size_t. (kettenis@) == sbin ============================================================== 09/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sbin dhclient ~ Makefile ~ conflex.c ~ dhclient.c ~ kroute.c ~ options.c ~ parse.c > Seven casts, a couple of tweaks and CFLAGS+=-Wsign-compare for the > win. > No intentional functional change. (krw@) ~ dhclient.c ~ privsep.c ~ privsep.h > Rework -L logic to use the idiom used in handling the leases file. > i.e. open FILE during program set up and use the FILE created for > the rest of the program lifetime after dropping privilege and > pledge()'ing. No need for passing messages to the priv process. > Tweak lease file handling a bit in passing. > Monitoring the -L file with external programs like sysutils/entr > still works. > Looks good to sthen@. (krw@) ~ dhclient.c ~ dhcpd.h ~ kroute.c > Fold priv_write_file() into its only remaining user > priv_write_resolv_conf() and move the latter into kroute.c > with all its priv_ friends. > No intentional functional change. (krw@) ~ dhclient.c ~ kroute.c ~ privsep.h > Shuffle route/interface changing functions together into kroute.c. Try to > group related functions in kroute.c together and comment them a bit. > No intentional functional change. (krw@) ~ kroute.c > Shuffle another function. (krw@) ~ dhclient.c > RTM_PROTO3 messages should not trigger a resolv.conf check. (krw@) fsck_ffs ~ pass1.c > Remove always false comparison: inosused type is ino_t, which is > unsigned. > While there, fix a whitespace issue. > OK deraadt@ (fcambus@) ~ pass1.c > Prevent inosused from wrapping when soft updates is enabled while > scanning the used inode map. The code as written assumes inosused > is signed but this is no longer the case. OK deraadt@ (millert@) ~ pass4.c > fix wrongly indented lines (jsg@) iked ~ config.c ~ iked.h ~ ikev2.c ~ ikev2_pld.c > Add a NAT-T keepalive timer in case we are behind a NAT gateway. > See RFC 5996, section 2.23, NAT Traversal: > In the case of a mismatching NAT_DETECTION_DESTINATION_IP hash, it > means that the system receiving the NAT_DETECTION_DESTINATION_IP > payload is behind a NAT and that system SHOULD start sending > keepalive packets as defined in [UDPENCAPS]. > With markus@, ok reyk@ (patrick@) ipsecctl ~ pfkdump.c > Found another len += snprintf... > ok mikeb (deraadt@) ~ ipsec.conf.5 ~ ipsecctl.h ~ parse.y > Up to now ipsecctl(8) grouped SAs with identical src and dst to the > flow which the first SA matched by the flow type. This behaviour > was mostly undocumented and unexpected. Make SA bundles explicit > in ipsec.conf(5). Only group SAs that have the same src and dst > and also the same bundle identifier. > OK hshoexer@ (bluhm@) ldattach ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) pfctl ~ pfctl_table.c > fix wrongly indented lines (jsg@) == share ============================================================= 10/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/share man ~ man5/port-modules.5 > document more thoroughly the special status of modules gnu, imake, perl5 > (for historical reasons) > okay aja@ (espie@) ~ man3/sysexits.3 > shorten introductory sentence and make deprecation clearer; > disgussed with deraadt@ (schwarze@) ~ man5/bsd.port.mk.5 > - Mention LIBCXX, prompted by espie@. > - Make it clear that CLANG_ARCHS, GCC3_ARCHS, GCC4_ARCHS refer to the base > compiler. > Change "Clang 3.9.1" to just "Clang". (sthen@) ~ man5/bsd.port.arch.mk.5 > - Mention LIBCXX, prompted by espie@. (sthen@) ~ man4/inet6.4 > more streamlining, with help from bluhm; (jmc@) ~ Makefile ~ man8/daily.8 > Build full mandoc.db(5) databases by default using makewhatis(8) > without -Q during the build and in weekly(8). According to tests > by many developers, makewhatis(8) takes a few minutes at most even > on slower hardware like octeon, loongson, ALIX, RPI3, Soekris, > cubox, softiron etc., and security(8) is often worse than makewhatis(8). > In case this causes excessive weekly(8) run times on even slower > (~50 MHz-class) CPUs, consider adding "MAKEWHATISARGS=-Q" to > /etc/weekly.local on machines that feel unhappy. > OK sthen@ kettenis@ millert@ deraadt@ (schwarze@) ~ man4/ure.4 > from brad: document rgephy (jmc@) == sys =============================================================== 11/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/sys arch/alpha/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/amd64/amd64 ~ identcpu.c > SVM: calculate max ASID value and save for later use. This will be used in > an upcoming diff to handle ASID/VPID reuse/rollover. (mlarkin@) ~ lock_machdep.c > Replace fetch_and_add() with atomic_inc_int_nv() from <sys/atomic.h> > to make the code more similar to sparc64's. > OK mpi@, guenther@, kettenis@ (visa@) arch/amd64/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) ~ cpu.h > SVM: calculate max ASID value and save for later use. This will be used in > an upcoming diff to handle ASID/VPID reuse/rollover. (mlarkin@) arch/arm/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/arm64/arm64 ~ machdep.c ~ process_machdep.c > Revise 'struct fpreg' and dump floating-point register in core dumps. Also > reset the floating-point register state upon exec. > ok guenther@ (kettenis@) ~ pmap.c > Use the non-interrupt-safe pool allocator for the vp pool to avoid runninng > out of kva in the kmem_map. Avoids a hang when spawning a lot of > processes. (kettenis@) ~ pmap.c > The tlb flushes in pmap_set_{l1,l2,l3} use ranges that don't fully make > sense. > But those tlb flushes shouldn't be necessary anyway, so simply remove them. > Simplify the tlb flushing code now that we no longer flush ranges, and > revive the branch that doesn't flush a specific ASID for the kernel pmap > since its mappings are global. > ok patrick@, visa@ (kettenis@) arch/arm64/dev ~ pluart.c > Recognize break conditions and enter ddb if ddb.console is set. > ok visa@, deraadt@ (kettenis@) arch/arm64/include ~ reg.h > Revise 'struct fpreg' and dump floating-point register in core dumps. Also > reset the floating-point register state upon exec. > ok guenther@ (kettenis@) ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) ~ pte.h > A little bit more trivial cleanup. (kettenis@) ~ ieee.h > Define EXT_IMPLICIT_NBIT like we do on sparc64 and mips64. Makes vaious > long double math stuff (including printf) actually work. > While there remove 'struct ieee_ldouble', which isn't defined on other > architectures. > ok deraadt@ (kettenis@) arch/armv7/dev ~ pluart.c > Recognize break conditions and enter ddb if ddb.console is set. > ok visa@, deraadt@ (kettenis@) arch/hppa/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/i386/i386 ~ vmm.c > Correct a format string > Problem noted by Michael W. Bombardieri (mb(at)ii.net) > ok mlarkin@ deraadt@ (guenther@) ~ lock_machdep.c > Replace fetch_and_add() with atomic_inc_int_nv() from <sys/atomic.h> > to make the code more similar to sparc64's. > OK mpi@, guenther@, kettenis@ (visa@) arch/i386/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/m88k/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/mips64/include ~ signal.h > Use __ASSEMBLER__ instead of __LANGUAGE_ASSEMBLY. > The latter is not defined by clang. > OK guenther@, kettenis@ (visa@) ~ proc.h ~ tcb.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/mips64/mips64 ~ vm_machdep.c > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/octeon/dev ~ octeon_iobus.c > No GMX on CN73xx. (visa@) arch/octeon/octeon ~ bus_dma.c > Sync bus_dmamap_load_raw() with amd64 for better constraint checking. > Needed by xhci(4). (visa@) arch/powerpc/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/sh/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) arch/sparc64/conf ~ Makefile.sparc64 > Build sparc64 kernels with -ffreestanding. (kettenis@) arch/sparc64/include ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) ~ ieee.h > Remove some defines marked #ifdef notyet, which really is #ifdef notever. > Reduces the diffs with other architectures. (kettenis@) crypto ~ siphash.c > The kernel has to slightly different version of SipHash_Final but with > the same bug as just fixed in userland: > ---------- > SipHash_Final() was assuming the digest was 64-bit aligned, resulting in > misaligned memory accesses with armv7 ramdisk -Os bsd.rd ping > ok florian millert > ---------- > OK deraadt@ (florian@) dev ~ softraid.c > Avoid some false positives with cppcheck. No binary change. > OK jsg@ (bluhm@) dev/acpi ~ dsdt.c > Fix format string in ACPI_MEMDEBUG block > From Anton Lindqvist (anton.lindqvist(at)gmail.com) (guenther@) dev/ic ~ aac.c ~ adw.c ~ ath.c > Convert some malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) ~ aac.c ~ adw.c ~ ath.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) dev/pci ~ azalia.c ~ if_dc_pci.c ~ if_nep.c > Convert some malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) ~ if_nep.c > malloc -> mallocarray; a typo (deraadt@) ~ if_msk.c > Attempt to map msk(4) interrupt via MSI. > The device tree that ships with the overdrive 1000 has an interrupt-map > property that is known to be wrong. Using MSI on msk makes the builtin > Ethernet on the overdrive 1000 work. > Tested on arm64 with > "Marvell Yukon 88E8059" rev 0x00, Yukon-2 Optima (0x1) > and i386 with > "Marvell Yukon 88E8072" rev 0x10, Yukon-2 Extreme rev. B0 (0x2) > Committing this early in the release cycle to try find cases where using > MSI doesn't work. > Based on part of an earlier patch from jmatthew@ > ok jmatthew@ kettenis@ (jsg@) ~ azalia.c ~ if_dc_pci.c ~ if_nep.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) ~ drm/drm_linux.h > Always evaluate expression in BUG_ON() macro to avoid unused variable > warnings. Makes non diagnostic kernel compile. > OK kettenis@ (bluhm@) dev/usb ~ dwc2/dwc2_hcd.c ~ dwc2/dwc2_hcdddma.c > Convert some malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) ~ dwc2/dwc2_hcd.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) dev/wscons ~ wsemul_vt100.c ~ wsevent.c > Convert some malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) ~ wsemul_vt100.c ~ wsevent.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) kern ~ kern_sensors.c > Correct wakeup() dance in sensor_task_work() > Problem noticed by krw (deraadt@) ~ kern_pledge.c > Add SIOCATMARK to allow pledge("inet") programs to call sockatmark(3). > from Matthias Pitzl; OK deraadt@ (bluhm@) ~ kern_exec.c ~ kern_fork.c ~ kern_prot.c ~ kern_sig.c > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) ~ kern_prot.c ~ kern_pledge.c ~ syscalls.master > Delete the getlogin59 syscall, which was last used one year, two releases, > and four libc major versions ago > ok sthen@ jsing@ deraadt@ jca@ (guenther@) ~ init_sysent.c ~ syscalls.c > regen (guenther@) ~ kern_sig.c > Avoid some false positives with cppcheck. No binary change. > OK jsg@ (bluhm@) ~ vfs_syscalls.c > After forced unmount of a file system that has other mount points > in it, dangling mounts could remain. When unmounting check the > hierarcy and unmount recursively. Also prevent that a new mount > appears during the scan. > Joint work with natano@; testing and OK krw@ (bluhm@) ~ vfs_bio.c ~ vfs_biomem.c > Flip previously warm pages in the buffer cache to memory above the DMA > region if uvm tells us it is available. > nits from deraadt@ > ok krw@ guenther@ kettenis@ (beck@) net ~ if_pfsync.c ~ if_vxlan.c > Use mallocarray to allocate multicast group memberships. > ok deraadt@ (dhill@) ~ if_pfsync.c ~ if_vxlan.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) ~ if.c ~ if_spppsubr.c > Avoid some false positives with cppcheck. No binary change. > OK jsg@ (bluhm@) net80211 ~ ieee80211_input.c > Convert a malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) ~ ieee80211_input.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) netinet ~ ip_carp.c ~ ip_output.c > Use mallocarray to allocate multicast group memberships. > ok deraadt@ (dhill@) ~ ip_carp.c ~ ip_output.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) ntfs ~ ntfs_subr.c > Convert a malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) ~ ntfs_subr.c > Partially revert previous mallocarray conversions that contain > constants. > The consensus is that if both operands are constant, we don't need > mallocarray. Reminded by tedu@ > ok deraadt@ (dhill@) sys ~ proc.h > Provide mips64 with kernel-facing TCB_{GET,SET} macros that store it > in struct mdproc. With that, all archs have those and the __HAVE_MD_TCB > macro can be unifdef'ed as always defined. > ok kettenis@ visa@ jsing@ (guenther@) ~ syscall.h ~ syscallargs.h > regen (guenther@) ~ cdefs.h > Define __dead and __pure even if __STRICT_ANSI__ for compilers that > support GCC's __attribute__ syntax. Fixes several warnings when compiling > code with clang with -std=c++11 or some other strict ISO standard. > ok millert@, guenther@ (kettenis@) ~ mount.h > After forced unmount of a file system that has other mount points > in it, dangling mounts could remain. When unmounting check the > hierarcy and unmount recursively. Also prevent that a new mount > appears during the scan. > Joint work with natano@; testing and OK krw@ (bluhm@) ~ mount.h > Statistics for high memory flips in the buffer cache > nits from deraadt@ > ok krw@ guenther@ kettenis@ (beck@) ~ buf.h > Flip previously warm pages in the buffer cache to memory above the DMA > region if uvm tells us it is available. > nits from deraadt@ > ok krw@ guenther@ kettenis@ (beck@) uvm ~ uvm_swap.c > Convert a malloc(9) to mallocarray(9) > ok deraadt@ (dhill@) == usr.bin =========================================================== 12/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.bin htpasswd ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) ~ Makefile > remove -g from CFLAGS at florian's request (jsg@) lex ~ parse.y > isblank() is ANSI C since C99, no need to provide a replacement. > OK deraadt@ (millert@) mandoc ~ mdoc_term.c > Show long .Lk URIs in like an indented display, similar to groff. > Suggested by bentley@. (schwarze@) ~ mdoc_man.c > Do not make the colon after the .Lk link text italic. > I just pushed the same change to GNU troff. (schwarze@) ~ mdoc_term.c > Do not make the colon after the .Lk link text italic. > I just pushed the same change to GNU troff. (schwarze@) nc ~ netcat.c > Move comments into a block and uses {} to unconfuse reading. (deraadt@) pctr ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) script ~ script.c > bluhm discovered "script < /dev/null" attempts tty operations in violation > of pledge. We can wrap isatty() around those codepaths. > ok bluhm beck (deraadt@) systat ~ iostat.c > Statistics for high memory flips in the buffer cache > nits from deraadt@ > ok krw@ guenther@ kettenis@ (beck@) tmux ~ tty.c > Use EL1 to clear lines when redrawing the leftmost pane, rather than > spaces. (nicm@) ~ tmux.c > Memory leak, from David CARLIER. (nicm@) == usr.sbin ========================================================== 13/13 == http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin arp ~ arp.c > Name global variable for routing socket rtsock like in ndp(8). > OK florian@ (bluhm@) dhcpd ~ conflex.c ~ confpars.c > Add missing function prototypes. Mark kw_cmp() as static like all > its friends. (krw@) ~ dispatch.c > One 'foo' per function is enough. Rename one to eliminate shadowing. (krw@) ~ Makefile > Inspired by recent dhcrelay changes, bring in stricter CFLAGS! (krw@) ~ dhcpd.h > Remove a bunch of obsolete, unused and irrelevant DHCP client types, > fields, > and enums. (krw@) dhcrelay6 ~ Makefile > Remove -Werror to make dhcrelay6 on gcc3 architecture successfully. > ok reyk (aoyama@) httpd ~ httpd.conf.5 > image/svg+xml is a default inbuilt media type. > Pointed out by Anton Lindqvist (anton.lindqvist AT gmail), thanks! > (florian@) identd ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) ldapd ~ syntax.c > multi-statement CHECK_RANGE() macro isn't safe for all placements, and > needs to use "do {} while 0" idiom; all callers need repair also. > Discovered by jsg (deraadt@) makefs ~ cd9660.h > Remove unused #define's and struct. (natano@) mksuncd ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) ndp ~ ndp.8 ~ ndp.c > Let ndp(8) use the process's current routing table by default. > from Pierre Emeriaud; OK jca@ claudio@ > Sync code and man page with arp(8). OK florian@ (bluhm@) ~ ndp.c > Take implementation for getsocket() from arp(8). This brings > routing table filter and pledge(2) to ndp(8) modes -s and -d. > OK florian@ (bluhm@) nsd ~ configlexer.lex ~ configparser.y ~ configure.ac ~ difffile.c ~ nsd-checkconf.c ~ nsd.conf.5.in ~ nsd.conf.sample.in ~ options.c ~ options.h ~ packet.c ~ packet.h ~ query.c ~ rdata.c ~ server.c ~ udb.c ~ xfrd.c ~ zonec.c > update to 4.1.16rc1 > tests & OK sthen > (if there are more changes coming for 4.1.16 release we will just > commit them on top) (florian@) ~ configure > regen (florian@) rebound ~ rebound.c > moving some code into a switch meant that break no longer stopped the loop. > try harder with a goto. diagnosis and original fix by tb. (tedu@) sasyncd ~ conf.y > Fix multiple cases of reading past the end of a buffer in the sasyncd(8) > config parser found with afl. > feedback and ok millert@ ok deraadt@ (jsg@) ~ sasyncd.c > Check early if the mandatory carp "interface" was configured. > This allows the new -n config check to work correctly. > OK jsg@ deraadt@ (reyk@) slaacctl + Makefile + parser.c + parser.h + slaacctl.8 + slaacctl.c > The canonical name for ctl programs is without 'd'. > Pointed out by Brad. > OK deraadt@ (florian@) ~ slaacctl.8 > slaacdctl -> slaacctl; (jmc@) slaacd ~ slaacd.8 > slaacdctl -> slaacctl; (jmc@) slaacdctl - Makefile - parser.c - parser.h - slaacdctl.8 - slaacdctl.c > The canonical name for ctl programs is without 'd'. > Pointed out by Brad. > OK deraadt@ (florian@) tftp-proxy ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) tftpd ~ Makefile > Different compilers and versions of compilers have different warnings. > Remove -Werror to give code a greater chance of building. > ok deraadt@ florian@ (jsg@) vmctl ~ vmctl.8 > Update a man page example to reflect recent changes. > Spotted by Ilya Kaliman, thanks. (mlarkin@) =============================================================================== _______________________________________________ owc mailing list owc@squish.net http://www.squish.net/mailman/listinfo/owc