CVS: cvs.openbsd.org: src

2019-08-07 Thread Ricardo Mestre 
CVSROOT:/cvs
Module name:src
Changes by: mes...@cvs.openbsd.org  2019/08/08 00:59:44

Modified files:
usr.sbin/dhcpd : pfutils.c 

Log message:
One missing piece when I added pledge(2) to dhcpd(8) was in the code path when
it's invoked with either -A/-C/-L, which at the time I left alone due to some
forbidden ioctls by pledge(2).

Now we have unveil(2) and this path can be further restricted by using it
instead of chroot(2) since this "sandbox" (not sure why people call sandbox to
about everything these days) can be escaped with *at(2) calls.

Since no filesystem access is needed here then we can disable its access by
calling unveil("/", "") unveil(NULL, NULL).

added /* no filesystem visibility */ as per suggestion by and OK deraadt@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Scott Soule Cheloha 
CVSROOT:/cvs
Module name:src
Changes by: chel...@cvs.openbsd.org 2019/08/07 20:19:55

Modified files:
sys/dev: softraid.c softraid_raid5.c 

Log message:
softraid(4): tsleep(9) -> tsleep_nsec(9); ok kn@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Scott Soule Cheloha 
CVSROOT:/cvs
Module name:src
Changes by: chel...@cvs.openbsd.org 2019/08/07 20:19:18

Modified files:
sys/dev/wscons : wsevent.c wskbd.c wsmouse.c 

Log message:
wskbd, wsmouse(4): tsleep(9) -> tsleep_nsec(9); ok mpi@ kn@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Scott Soule Cheloha 
CVSROOT:/cvs
Module name:src
Changes by: chel...@cvs.openbsd.org 2019/08/07 20:17:51

Modified files:
bin/date   : date.c date.1 

Log message:
date(1): remove -d dst and -t minutes_west

Part of the kernel timezone removal effort.

With input from deraadt@ and tedu@.

"burn it!" mpi@, ok tedu@ deraadt@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Jonathan Matthew 
CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2019/08/07 16:34:25

Modified files:
sys/dev/pci: if_iavf.c 

Log message:
Handle VF resets.  When the PF changes VF settings, the VF will be reset,
which means the driver has to set everything up again from scratch.
When we detect a reset (identified by an interrupt with ICR 0xdeadbeef),
schedule a task that sets up the admin queue, establishes communication
with the PF, and configures the rx/tx queues again.  The interface is
taken down during the reset process.

CVS: cvs.openbsd.org: src

2019-08-07 Thread Jonathan Matthew 
CVSROOT:/cvs
Module name:src
Changes by: jmatt...@cvs.openbsd.org2019/08/07 16:03:46

Modified files:
sys/dev/pci: if_iavf.c 

Log message:
Process admin queue responses in the interrupt handler, rather than
deferring to a task, so we can run sequences of admin commands using
tasks.  The only part of this that can't be done in interrupt context
is allocating new admin response buffers, so make that the responsibility
of the admin command issuer.

CVS: cvs.openbsd.org: src

2019-08-07 Thread joshua stein 
CVSROOT:/cvs
Module name:src
Changes by: j...@cvs.openbsd.org2019/08/07 16:03:43

Modified files:
sys/dev/pci: azalia_codec.c 

Log message:
recognize the Realtek ALC285

CVS: cvs.openbsd.org: src

2019-08-07 Thread Philip Guenther 
CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2019/08/07 15:31:03

Modified files:
lib: check_sym 

Log message:
Report changes in the size of data symbols, which require a major bump

CVS: cvs.openbsd.org: src

2019-08-07 Thread Alexander Bluhm 
CVSROOT:/cvs
Module name:src
Changes by: bl...@cvs.openbsd.org   2019/08/07 14:30:30

Modified files:
sys/kern   : vfs_syscalls.c 

Log message:
The pathname in unveil(2) allocated 1024 bytes on the stack during
the system call.  Better use namei pool like sys___realpath() does.
OK semarie@ deraadt@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Philip Guenther 
CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2019/08/07 12:53:12

Modified files:
sys/arch/amd64/include: codepatch.h 
sys/arch/amd64/amd64: codepatch.c 

Log message:
Add codepatch_jmp(), like codepath_call() but inserting a jmp instead of a call.

tweaked based on feedback from kettenis@
ok deraadt@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Philip Guenther 
CVSROOT:/cvs
Module name:src
Changes by: guent...@cvs.openbsd.org2019/08/07 12:53:28

Modified files:
sys/arch/amd64/amd64: cpu.c locore.S vector.S 
sys/arch/amd64/include: codepatch.h frameasm.h 

Log message:
Mitigate CVE-2019-1125: block speculation past conditional jump to mis-skip
or mis-take swapgs in interrupt path and in trap/fault/exception path.  The
latter is improved to have no conditionals around this when Meltdown mitigation
is in effect.  Codepatch out the fences based on the description of CPU bugs
in the (well written) Linux commit message.

feedback from kettenis@
ok deraadt@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2019/08/07 10:20:22

Modified files:
regress/usr.sbin/bgpd/integrationtests: exabgp.as0.test2_3.in 

Log message:
Actually make the hand coded ASPATH a AS_SEQUENCE and not an AS_SET.

CVS: cvs.openbsd.org: src

2019-08-07 Thread Theo de Raadt 
CVSROOT:/cvs
Module name:src
Changes by: dera...@cvs.openbsd.org 2019/08/07 08:14:01

Modified files:
sys/kern   : kern_sig.c 

Log message:
avoid large MAXPATHLEN object on the stack in coredump(), by allocating
it from the pool.
ok bluhm visa

CVS: cvs.openbsd.org: src

2019-08-07 Thread Patrick Wildt 
CVSROOT:/cvs
Module name:src
Changes by: patr...@cvs.openbsd.org 2019/08/07 05:16:02

Modified files:
sys/dev/usb: uvideo.c 

Log message:
Add support for integrated USB cameras with two functions, as
seen on a Lenovo X395 which combines normal webcam functionality
with another IR camera, by parsing the USB interface association
descriptors.  This fixes the symptom of uvideo(4) complaining
about too many headers and not providing any functionality at all.

ok jan@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Patrick Wildt 
CVSROOT:/cvs
Module name:src
Changes by: patr...@cvs.openbsd.org 2019/08/07 05:14:16

Modified files:
sys/dev/usb: uvideo.c uvideo.h 

Log message:
Add support for the KSMedia 8-bit IR format, a greyscale format,
as seen on the IR camera of my Lenovo X395.

ok jan@

CVS: cvs.openbsd.org: www

2019-08-07 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:www
Changes by: clau...@cvs.openbsd.org 2019/08/07 04:34:25

Modified files:
faq: current.html 

Log message:
The config keyword route-collector is deprecated and will cause bgpd(8)
to fail parsing the config.  Instead disable the route evaluation process
on the Loc-RIB with rde rib Loc-RIB no evaluate.

CVS: cvs.openbsd.org: src

2019-08-07 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2019/08/07 04:26:41

Modified files:
usr.sbin/bgpd  : bgpd.conf.5 bgpd.h parse.y printconf.c rde.c 
 rde.h rde_decide.c rde_rib.c 

Log message:
Improve RIB reload behaviour. Especially when the rtable changes or the
route evaluation is modified. In both cases the softreconfig code will
now walk the RIB and ensure that everything is in proper sync.
Additionally remove 'route-collector yes|no' from the bgpd config, instead
use 'rde rib Loc-RIB no evaluate' with the benefit that you can alter
the setting now during runtime.
Tested and OK benno@

CVS: cvs.openbsd.org: src

2019-08-07 Thread Claudio Jeker 
CVSROOT:/cvs
Module name:src
Changes by: clau...@cvs.openbsd.org 2019/08/07 01:57:49

Modified files:
regress/usr.sbin/bgpd/integrationtests: Makefile 

Log message:
The as0 regress can be enabled now. Needs exabgp to run else it is skipped.